M activate.php +5 -5
@@ 1,27 1,27 @@
<?php
require 'includes/app.php';
-is_admin($user) or redirect("login.php");
+is_admin($User) or redirect("login.php");
$errors = [];
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$id = filter_input(INPUT_POST, 'id', FILTER_VALIDATE_INT) or page_not_found();
- $selected = $GLOBALS['app']->getUser()->get($id);
+ $selected = $GLOBALS['App']->getUser()->get($id);
if (!$selected) {
$errors[] = "Can't find user";
} else {
- if ($GLOBALS['app']->getUser()->setRole($id, 2)) {
+ if ($GLOBALS['App']->getUser()->setRole($id, 2)) {
$subject = "piclog - Welcome!";
$message = "Hello $selected[name]! Your account has been activated. You can now post messages on " . URL . ".\n\nTalk to you soon!";
- $GLOBALS['app']->getEmail()->send($selected['email'], $subject, $message);
+ $GLOBALS['App']->getEmail()->send($selected['email'], $subject, $message);
}
}
}
-$users = $GLOBALS['app']->getUser()->getAllInactive();
+$users = $GLOBALS['App']->getUser()->getAllInactive();
?>
<?php include 'includes/header.php'; ?>
M activity.php +2 -2
@@ 1,6 1,6 @@
<?php
require 'includes/app.php';
-$pages = $app->getPage()->getActivity();
+$pages = $App->getPage()->getActivity();
?>
<?php include 'includes/header.php'; ?>
@@ 11,7 11,7 @@ require 'includes/app.php';
<ul>
<?php foreach ($pages as $page): ?>
<li>
- <?=home_link($page['user_id'], $page['name'])?> <?=timeAgo($page['updated_at'])?> ago <?=get_link($page['user_id'], $page['slug'])?>
+ <?=site_link($page['name'])?> <?=timeAgo($page['updated_at'])?> ago <?=site_link($page['name'], $page['slug'])?>
</li>
<?php endforeach; ?>
</ul>
M admin.php +1 -1
@@ 1,7 1,7 @@
<?php
require 'includes/app.php';
-is_admin($user) or redirect("login.php");
+is_admin($User) or redirect("login.php");
?>
<?php include 'includes/header.php'; ?>
M changelog.php +5 -4
@@ 1,8 1,9 @@
<?php
require 'includes/app.php';
-$id = get_id();
-$pages = $app->getPage()->getChangelog($id);
-$site_user = $GLOBALS['app']->getUser()->get($id) or page_not_found();
+
+$u = get_param("u");
+$pages = $App->getPage()->getChangelog($u);
+$site_user = $App->getUser()->getFromUsername($u) or page_not_found();
?>
<?php include 'includes/site_header.php'; ?>
@@ 12,7 13,7 @@ require 'includes/app.php';
<ul>
<?php foreach ($pages as $page): ?>
- <li><time><?=to_date($page['updated_at'])?></time> <?= get_link($id, $page['slug']) ?></li>
+ <li><time><?=to_date($page['updated_at'])?></time> <?=site_link($page['name'], $page['slug'])?></li>
<?php endforeach; ?>
</ul>
M classes/Page.php +5 -4
@@ 29,14 29,15 @@ class Page
LIMIT 100";
return $this->db->runSQL($sql)->fetchAll();
}
- public function getChangelog($id)
+ public function getChangelog($name)
{
$sql = "SELECT
- slug, content, updated_at
+ slug, content, updated_at, name
FROM pages
- WHERE user_id=?
+ LEFT JOIN users on pages.user_id = users.id
+ WHERE name=?
ORDER BY updated_at desc";
- return $this->db->runSQL($sql, [$id])->fetchAll();
+ return $this->db->runSQL($sql, [$name])->fetchAll();
}
public function get($id, $slug)
R delete.php => +0 -36
@@ 1,36 0,0 @@
-<?php
-require 'includes/app.php';
-
-is_member($user) or redirect("login.php");
-
-$errors = [];
-$form = $App->getImage()->get(get_id()) or page_not_found();
-
-if ($_SERVER['REQUEST_METHOD'] === 'POST') {
- if ($form['user_id'] === $user['id'] || is_admin($user)) {
- if ($App->getImage()->delete($form['id'], $form['user_id'])) {
- $App->getSession()->setFlash("Image deleted");
- redirect("index.php");
- } else {
- $errors[]="Can't delete image";
- }
- } else {
- page_not_found();
- }
-}
-?>
-
-<?php include 'includes/header.php'; ?>
-
-<h1>Delete image</h1>
-
-<?php form_errors($errors) ?>
-
-<p>Are you sure you want to delete "<?=htmlspecialchars($form['filename'])?>"?</p>
-
-<form action="<?= $_SERVER['REQUEST_URI'] ?>" method="post" class="editor">
- <?php include 'includes/csrf.php' ?>
- <p><input type="submit" value="Confirm"/></p>
-</form>
-
-<?php include 'includes/footer.php'; ?>
R home.php => +0 -25
@@ 1,25 0,0 @@
-<?php
-require 'includes/app.php';
-
-$site_user = $app->getUser()->getFromUsername(get_user()) or page_not_found();
-$content = content_to_html2($site_user['home'], $site_user);
-?>
-
-<?php include 'includes/site_header.php'; ?>
-
-<main>
-<?php if ($content): ?>
- <?= $content ?>
-<?php else: ?>
- <h1><?= $site_user['name'] ?>'s site</h1>
- <p>Welcome to your site! Use the edit button to edit this page.</p>
-<?php endif; ?>
-</main>
-
-<?php if (is_site_admin($site_user)): ?>
- <nav class="page-admin">
- <a href="home_update.php">Edit</a>
- </nav>
-<?php endif; ?>
-
-<?php include 'includes/site_footer.php'; ?>
No newline at end of file
M home_update.php +7 -7
@@ 1,28 1,28 @@
<?php
require 'includes/app.php';
-is_member($GLOBALS['user']) or redirect("login.php");
-$site_user = $GLOBALS['user'];
-$pages = $GLOBALS['app']->getPage()->getAll($GLOBALS['user']['id']);
+is_member($GLOBALS['User']) or redirect("login.php");
+$site_user = $GLOBALS['User'];
+$pages = $GLOBALS['App']->getPage()->getAll($GLOBALS['User']['id']);
$errors = [];
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
- $GLOBALS['user']['home'] = $_POST['home'];
+ $GLOBALS['User']['home'] = $_POST['home'];
// todo validation
- $GLOBALS['app']->getUser()->update($GLOBALS['user'], $errors);
+ $GLOBALS['App']->getUser()->update($GLOBALS['User'], $errors);
}
?>
<?php include 'includes/site_header.php'; ?>
<main>
- <h1>Editing <a href="<?=get_url($site_user['name'])?>">home</a></h1>
+ <h1>Editing <?=site_link($site_user['name'], null, "home")?></h1>
<?php form_errors($errors) ?>
<form action="<?= $_SERVER['REQUEST_URI'] ?>" method="post" enctype="multipart/form-data">
<?php include 'includes/csrf.php' ?>
- <textarea id="home" name="home" class="form-control" required><?= $GLOBALS['user']['home'] ?></textarea>
+ <textarea id="home" name="home" class="form-control" required><?= $GLOBALS['User']['home'] ?></textarea>
<input type="submit" value="Submit"/>
</form>
R image.php => +0 -33
@@ 1,33 0,0 @@
-<?php
-require 'includes/app.php';
-
-function is_author($user, $image)
-{
- return is_member($user) && $user['id'] == $image['user_id'];
-}
-
-$id = get_id();
-$image = $App->getImage()->get($id);
-?>
-
-<?php include 'includes/header.php'; ?>
-<header>
- <h1 class="title"><?= $image["filename"] ?></h1>
- <div class="meta">
- <a href="profile.php?id=<?= $image['user_id'] ?>"><?= $image['name'] ?></a>
- <time><?= timeAgo($image["published_at"]) ?></time>
- </div>
-</header>
-
-<img src="<?= file_path($image["user_id"], $image["filename"]) ?>"/>
-
-<p class="description"><?= $image["description"] ?></p>
-
-<?php if (is_author($user, $image) || is_admin($user)): ?>
- <nav>
- <a href="update.php?id=<?= $image["id"] ?>">edit</a> <a href="delete.php?id=<?= $image["id"] ?>">delete</a>
- </nav>
-<?php endif; ?>
-
-<?php include 'includes/footer.php'; ?>
-
M includes/app.php +20 -77
@@ 6,12 6,12 @@ spl_autoload_register(function ($class)
require "classes/$class.php";
});
-$GLOBALS['app'] = new App();
-$sess_id = $GLOBALS['app']->getSession()->id;
-$GLOBALS['user'] = $sess_id ? $GLOBALS['app']->getUser()->get($sess_id) : null;
+$App = new App();
+$sess_id = $App->getSession()->id;
+$User = $sess_id ? $App->getUser()->get($sess_id) : null;
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
- $GLOBALS['app']->getSession()->verifyCSRF($_POST['csrf']) or page_not_found();
+ $App->getSession()->verifyCSRF($_POST['csrf']) or page_not_found();
}
function is_visitor($user)
@@ 31,7 31,7 @@ function is_admin($user)
function is_site_admin($admin)
{
- return is_member($GLOBALS['user']) && $admin['id'] === $GLOBALS['user']['id'];
+ return is_member($GLOBALS['User']) && $admin['id'] === $GLOBALS['User']['id'];
}
function redirect($page)
@@ 76,31 76,13 @@ function get_id()
return $id;
}
-function get_slug()
+function get_param($param)
{
- if (!($slug = filter_input(INPUT_GET, 'slug', FILTER_SANITIZE_SPECIAL_CHARS))) {
+ if (!($rv = filter_input(INPUT_GET, $param, FILTER_SANITIZE_SPECIAL_CHARS))) {
page_not_found();
}
- return $slug;
-}
-
-function get_user()
-{
- if (!($slug = filter_input(INPUT_GET, 'u', FILTER_SANITIZE_SPECIAL_CHARS))) {
- page_not_found();
- }
-
- return $slug;
-}
-
-function get_page()
-{
- if (!($page = filter_input(INPUT_GET, 'p', FILTER_VALIDATE_INT))) {
- return 1;
- }
-
- return $page;
+ return $rv;
}
function timeAgo($dateString)
@@ 126,42 108,22 @@ function timeAgo($dateString)
return $output;
}
-function get_link($user_id, $slug)
+function site_link($name, $page = null, $value = null)
{
- return "<a href=\"page.php?id=$user_id&slug=$slug\">$slug</a>";
-}
-
-function get_link2($username, $slug = null)
-{
- if (isset($slug)) {
- return "<a href=\"site.php?u=$username&p=$slug\">$slug</a>";
- } else {
- return "<a href=\"site.php?u=$username\">$username</a>";
- }
+ $qs = "u=$name";
+ $page && $qs .= "&p=$page";
+ $label = $value ?: ($page ?: $name);
+ return "<a href=\"site.php?$qs\">$label</a>";
}
-function get_url($username, $page = null)
+function edit_link($page)
{
- if (isset($page)) {
- return "site.php?u=$username&p=$page";
- } else {
- return "site.php?u=$username";
- }
+ return "<a href=\"page_update.php?p=$page\">Edit</a>";
}
-function home_link($user_id, $name)
-{
- return "<a href=\"home.php?u=$name\">$name</a>";
-}
-
-function edit_link($slug)
+function delete_link($page)
{
- return "<a href=\"page_update.php?&slug=$slug\">Edit</a>";
-}
-
-function delete_link($slug)
-{
- return "<a href=\"page_delete.php?&slug=$slug\">Delete</a>";
+ return "<a href=\"page_delete.php?p=$page\">Delete</a>";
}
function gmi($text)
@@ 224,30 186,11 @@ function gmi($text)
}
define('LINK_REGEXP', '/\[\[([a-z0-9_-]+)\]\]/');
-function content_to_html($content, $user_id)
-{
- return preg_replace_callback(LINK_REGEXP, function ($match) use ($user_id) {
- $slug = $match[1];
- return get_link($user_id, $slug);
- }, gmi($content));
-}
-function content_to_html2($content, $user)
+
+function content_to_html($content, $user)
{
return preg_replace_callback(LINK_REGEXP, function ($match) use ($user) {
$slug = $match[1];
- return get_link2($user['name'], $slug);
+ return site_link($user['name'], $slug);
}, gmi($content));
}
-
-function nav_admin()
-{
- return join(" ", [
- "<footer>",
- "<nav>",
- "<a href=\"page_create.php\">Add page</a>",
- "<a href=\"settings.php\">Settings</a>",
- "<a href=\"logout.php\">Logout</a>",
- "</nav>",
- "</footer>",
- ]);
-}
No newline at end of file
M includes/csrf.php +1 -1
@@ 1,1 1,1 @@
-<input type="hidden" name="csrf" value="<?= $GLOBALS['app']->getSession()->getCSRF() ?>" >
+<input type="hidden" name="csrf" value="<?= $GLOBALS['App']->getSession()->getCSRF() ?>" >
M includes/page.php +1 -1
@@ 22,7 22,7 @@
<nav class="related">
<span>Related:</span>
<?php foreach ($related as $r): ?>
- <?= get_link2($site_user['name'], $r['slug']) ?>
+ <?= site_link($site_user['name'], $r['slug']) ?>
<?php endforeach; ?>
</nav>
<?php endif; ?>
M +2 -2
@@ 14,9 14,9 @@
<header>
<nav>
<a href="<?=get_url($site_user['name'])?>">Home</a>
<?=site_link($site_user['name'], null, "Home")?>
<a href="pages_index.php?id=<?=$site_user['id']?>">Pages</a>
<a href="changelog.php?id=<?=$site_user['id']?>">Changelog</a>
<a href="changelog.php?u=<?=$site_user['name']?>">Changelog</a>
</nav>
</header>
M index.php +3 -3
@@ 1,8 1,8 @@
<?php
require 'includes/app.php';
-if (is_member($user)) {
- redirect("site.php?u=$user[name]");
+if (is_member($User)) {
+ redirect("site.php?u=$User[name]");
}
?>
@@ 10,7 10,7 @@ if (is_member($user)) {
<h1>tomoni</h1>
-<?php if (is_visitor($GLOBALS['user'])): ?>
+<?php if (is_visitor($GLOBALS['User'])): ?>
<p class="is-visitor">You account is pending activation. You will be notified by email when activated.</p>
<?php endif ?>
R latest.php => +0 -17
@@ 1,17 0,0 @@
-<?php
-include 'includes/app.php';
-
-$id = get_id();
-$images = $App->getImage()->getFromUser($id, 1);
-if (!count($images)) {
- http_response_code(404);
- exit;
-}
-$filename = file_path($id, $images['rows'][0]['filename']);
-
-header("Content-Type: image/jpeg");
-header("Content-Length: " . filesize($filename));
-
-$fp = fopen($filename, 'rb');
-
-fpassthru($fp);
M login.php +2 -2
@@ 12,8 12,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
Validate::isPassword($password) or $errors[] = "Wrong password";
if (!count($errors)) {
- if ($member = $GLOBALS['app']->getUser()->login($email, $password, $errors)) {
- $GLOBALS['app']->getSession()->login($member['id']);
+ if ($member = $GLOBALS['App']->getUser()->login($email, $password, $errors)) {
+ $GLOBALS['App']->getSession()->login($member['id']);
redirect('index.php');
}
}
M logout.php +1 -1
@@ 2,5 2,5 @@
require 'includes/app.php';
-$GLOBALS['app']->getSession()->logout();
+$GLOBALS['App']->getSession()->logout();
header('Location: .');
R page.php => +0 -49
@@ 1,49 0,0 @@
-<?php
-require 'includes/app.php';
-
-$slug = get_slug();
-$site_user = $app->getUser()->getFromUsername(get_user()) or page_not_found();
-$page = $GLOBALS['app']->getPage()->get($site_user['id'], $slug);
-$related = $GLOBALS['app']->getPage()->related($site_user['id'], $slug);
-?>
-
-<?php include 'includes/site_header.php'; ?>
-
-<main>
- <?php if ($page): ?>
- <?= content_to_html2($page['content'], $site_user) ?>
- <?php else: ?>
- <h1>Not found</h1>
- <?php if (is_site_admin($site_user)): ?>
- <p>Create page for <?= $slug ?>?</p>
- <form action="page_create.php" method="post" enctype="multipart/form-data">
- <?php include 'includes/csrf.php' ?>
-
- <input id="title" type="hidden" name="name" autocomplete="off" value="<?= $slug ?>"
- class="form-control"/>
-
- <input type="submit" value="Create"/>
- </form>
- <?php endif; ?>
- <?php endif; ?>
-</main>
-
-<?php if (count($related)): ?>
- <section class="related">
- <nav>
- <span>Related:</span>
- <?php foreach ($related as $r): ?>
- <?= get_link2($site_user['name'], $r['slug']) ?>
- <?php endforeach; ?>
- </nav>
- </section>
-<?php endif; ?>
-
-<?php if ($page && is_site_admin($site_user)): ?>
- <nav class="page-admin">
- <?= edit_link($slug) ?>
- <?= delete_link($slug) ?>
- </nav>
-<?php endif; ?>
-
-<?php include 'includes/site_footer.php'; ?>
M page_create.php +4 -4
@@ 1,8 1,8 @@
<?php
require 'includes/app.php';
-is_member($GLOBALS['user']) or redirect("login.php");
-$site_user = $user;
+is_member($GLOBALS['User']) or redirect("login.php");
+$site_user = $User;
$errors = [];
$form = [
"name" => '',
@@ 18,8 18,8 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST'
Validate::isPage($name) or $errors[] = "Slug can only contain a-z0-9_-";
if (!count($errors)) {
- $id = $GLOBALS['app']->getPage()->create($GLOBALS['user']['id'], $name, '');
- redirect("page_update.php?slug=$name");
+ $id = $App->getPage()->create($User['id'], $name, '');
+ redirect("page_update.php?p=$name");
}
}
?>
M page_delete.php +6 -6
@@ 1,15 1,15 @@
<?php
require 'includes/app.php';
-is_member($GLOBALS['user']) or redirect("login.php");
-$slug = get_slug();
-$site_user = $user;
+is_member($User) or redirect("login.php");
+$p = get_param("p");
+$site_user = $User;
$errors = [];
-$form = $GLOBALS['app']->getPage()->get($GLOBALS['user']['id'], $slug) or page_not_found();
+$form = $App->getPage()->get($User['id'], $p) or page_not_found();
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
- $GLOBALS['app']->getPage()->delete($GLOBALS['user']['id'], $slug);
- $GLOBALS['app']->getSession()->setFlash("Page deleted");
+ $App->getPage()->delete($User['id'], $p);
+ $App->getSession()->setFlash("Page deleted");
redirect("index.php");
}
?>
M page_update.php +8 -7
@@ 1,11 1,11 @@
<?php
require 'includes/app.php';
-is_member($GLOBALS['user']) or redirect("login.php");
-$slug = get_slug();
+is_member($User) or redirect("login.php");
+$p = get_param("p");
$errors = [];
-$site_user = $GLOBALS['user'];
-$form = $app->getPage()->get($GLOBALS['user']['id'], $slug) or page_not_found();
+$site_user = $User;
+$form = $App->getPage()->get($User['id'], $p) or page_not_found();
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$form['content'] = $_POST['content'];
@@ 13,14 13,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
// todo validation
if (!count($errors)) {
- $GLOBALS['app']->getPage()->update($GLOBALS['user']['id'], $slug, $form['content']);
+ $App->getPage()->update($User['id'], $p, $form['content']);
}
}
?>
+
<?php include 'includes/site_header.php'; ?>
<main>
- <h1>Editing <?= get_link2($site_user['name'], $form['slug']) ?></h1>
+ <h1>Editing <?= site_link($site_user['name'], $form['slug']) ?></h1>
<?php form_errors($errors) ?>
@@ 34,7 35,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
</main>
<nav class="page-admin">
- <?= delete_link($slug) ?>
+ <?= delete_link($p) ?>
</nav>
<?php include 'includes/site_footer.php'; ?>
R pages.php => +0 -26
@@ 1,26 0,0 @@
-<?php
-require 'includes/app.php';
-
-is_member($GLOBALS['user']) or redirect("login.php");
-$pages = $GLOBALS['app']->getPage()->getAll($user['id']);
-?>
-
-<?php include 'includes/header.php'; ?>
-
-<h1>Pages</h1>
-<p><a href="page_create.php">create page</a></p>
-<table>
- <tr>
- <td><a href="home.php?id=<?=$user['id']?>">home</a></td>
- <td><a href="home_update.php">edit</a></td>
- <td></td>
- </tr>
- <?php foreach ($pages as $page): ?>
- <tr>
- <td><?= get_link($user['id'], $page['slug']) ?></td>
- <td><?= "<a href=\"page_update.php?slug=$page[slug]\">edit</a>" ?></td>
- <td><?= "<a href=\"page_delete.php?slug=$page[slug]\">delete</a>" ?></td>
- </tr>
- <?php endforeach ?>
-</table>
-<?php include 'includes/footer.php'; ?>
M pages_index.php +4 -3
@@ 1,8 1,9 @@
<?php
require 'includes/app.php';
+
$id = get_id();
-$pages = $GLOBALS['app']->getPage()->getAll($id);
-$site_user = $GLOBALS['app']->getUser()->get($id) or page_not_found();
+$pages = $App->getPage()->getAll($id);
+$site_user = $App->getUser()->get($id) or page_not_found();
?>
<?php include 'includes/site_header.php'; ?>
@@ 12,7 13,7 @@ require 'includes/app.php';
<ul>
<?php foreach ($pages as $page): ?>
- <li><?= get_link2($site_user['name'], $page['slug']) ?></li>
+ <li><?= site_link($site_user['name'], $page['slug']) ?></li>
<?php endforeach; ?>
</ul>
M password-update.php +2 -2
@@ 1,7 1,7 @@
<?php
require 'includes/app.php';
-is_member($user) or redirect("login.php");
+is_member($User) or redirect("login.php");
$errors = [];
@@ 16,7 16,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
}
if (!count($errors)) {
- $App->getUser()->updatePassword($user['id'], $password);
+ $App->getUser()->updatePassword($User['id'], $password);
$App->getSession()->setFlash("Password updated");
}
}
R profile.php => +0 -43
@@ 1,43 0,0 @@
-<?php
-require 'includes/app.php';
-
-$id = get_id();
-$page = get_page();
-$profile = $App->getUser()->get($id) or page_not_found();
-$res = $App->getImage()->getFromUser($id, $page);
-$images = $res['rows'];
-$next_page = $res['next_page'];
-?>
-
-<?php include 'includes/header.php'; ?>
-<h1><?= $profile['name'] ?></h1>
-
-<p class="about"><?= $profile['cover'] ?></p>
-<p class="rss"><a href="user-feed.php?id=<?= $profile['id'] ?>">Subscribe via RSS</a></p>
-
-<?php foreach ($images as $image): ?>
- <article>
- <header>
- <h2 class="title"><a href="<?= image_path($image["id"]) ?>"><?= $image["filename"] ?></a></h2>
- <div class="meta">
- <time><?= timeAgo($image["published_at"]) ?></time>
- </div>
- </header>
-
- <img src="<?= file_path($image["user_id"], $image["filename"]) ?>"/>
- <p class=" description"><?= $image["description"] ?></p>
- </article>
-<?php endforeach; ?>
-
-<div class="pagination">
- <?php if ($next_page): ?>
- <a href="profile.php?id=<?= $id ?>&p=<?= $page + 1 ?>">Next page</a>
- <?php endif; ?>
-
- <?php if ($page > 1): ?>
- <a href="profile.php?id=<?= $id ?>&p=<?= $page - 1 ?>">Previous page</a>
- <?php endif; ?>
-</div>
-
-<?php include 'includes/footer.php'; ?>
-
M register.php +3 -3
@@ 25,15 25,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
}
if (!count($errors)) {
- $id = $GLOBALS['app']->getUser()->create([
+ $id = $GLOBALS['App']->getUser()->create([
"name" => $form['name'],
"email" => $form['email'],
"cover" => $form['cover'],
"password" => $password,
], $errors);
if ($id !== false) {
- $GLOBALS['app']->getSession()->login($id);
- $GLOBALS['app']->getSession()->setFlash("Thanks for registering! You will be able to start posting as soon as your account gets activated!");
+ $GLOBALS['App']->getSession()->login($id);
+ $GLOBALS['App']->getSession()->setFlash("Thanks for registering! You will be able to start posting as soon as your account gets activated!");
redirect("index.php");
}
}
M role.php +3 -3
@@ 1,7 1,7 @@
<?php
require 'includes/app.php';
-is_admin($user) or redirect("login.php");
+is_admin($User) or redirect("login.php");
$errors = [];
@@ 9,7 9,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
$id = filter_input(INPUT_POST, 'id', FILTER_VALIDATE_INT) or page_not_found();
$role = filter_input(INPUT_POST, 'role', FILTER_VALIDATE_INT);
- $selected = $GLOBALS['app']->getUser()->get($id);
+ $selected = $GLOBALS['App']->getUser()->get($id);
if (!$selected) {
$errors[] = "Can't find user";
@@ 18,7 18,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
}
}
-$users = $GLOBALS['app']->getUser()->getAll();
+$users = $GLOBALS['App']->getUser()->getAll();
?>
<?php include 'includes/header.php'; ?>
M settings.php +5 -5
@@ 1,10 1,10 @@
<?php
require 'includes/app.php';
-$user or redirect("login.php");
-$site_user = $user;
+$User or redirect("login.php");
+$site_user = $User;
$errors = [];
-$form = $user;
+$form = $User;
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$form['name'] = $_POST['name'];
@@ 17,8 17,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
!empty($form['cover']) or $errors[] = "Tell us a few words about you";
if (!count($errors)) {
- if ($app->getUser()->update($form, $errors)) {
- $app->getSession()->setFlash("Settings updated");
+ if ($App->getUser()->update($form, $errors)) {
+ $App->getSession()->setFlash("Settings updated");
$site_user['style'] = $form['style'];
}
}
M site.php +6 -6
@@ 1,19 1,19 @@
<?php
require 'includes/app.php';
-$u = get_user();
+$u = get_param("u");
$p = filter_input(INPUT_GET, 'p', FILTER_SANITIZE_SPECIAL_CHARS);
-$site_user = $app->getUser()->getFromUsername($u) or page_not_found();
+$site_user = $App->getUser()->getFromUsername($u) or page_not_found();
$is_admin = is_site_admin($site_user);
if ($p) {
- $page = $app->getPage()->get($site_user['id'], $p);
- $related = $app->getPage()->related($site_user['id'], $p);
+ $page = $App->getPage()->get($site_user['id'], $p);
+ $related = $App->getPage()->related($site_user['id'], $p);
if ($page) {
- $content = content_to_html2($page['content'], $site_user);
+ $content = content_to_html($page['content'], $site_user);
}
include 'includes/page.php';
} else {
- $content = content_to_html2($site_user['home'], $site_user);
+ $content = content_to_html($site_user['home'], $site_user);
include 'includes/home.php';
}
No newline at end of file
R update.php => +0 -44
@@ 1,44 0,0 @@
-<?php
-require 'includes/app.php';
-
-is_member($user) or redirect("login.php");
-
-$errors = [];
-$form = $App->getImage()->get(get_id()) or page_not_found();
-
-if ($_SERVER['REQUEST_METHOD'] === 'POST') {
- if ($form['user_id'] === $user['id'] || is_admin($user)) {
- $form['description'] = $_POST['description'];
- Validate::isFilename($_POST['filename']) or $errors [] = 'Wrong file name';
- if ($form['filename'] !== $_POST['filename']) {
- Validate::isAvailableFilename($user['id'], $_POST['filename']) or $errors [] = 'File already exists';
- }
- Validate::isAcceptableHTML($form['description']) or $errors [] = "Description has a forbidden HTML tag";
-
- if (!count($errors)) {
- $App->getImage()->update($form['id'], $form['user_id'], $form['filename'], $_POST['filename'], $form['description']);
- $App->getSession()->setFlash("Image updated");
- redirect("index.php");
- }
- }
-}
-?>
-
-<?php include 'includes/header.php'; ?>
-
- <h1>Update image</h1>
-<?= form_errors($errors) ?>
- <form action="<?= $_SERVER['REQUEST_URI'] ?>" method="post" enctype="multipart/form-data">
- <?php include 'includes/csrf.php' ?>
- <label for="name">Filename:</label>
- <input type="text" id="filename" name="filename" autocomplete="off" value="<?= $form['filename'] ?>"
- class="form-control" required/>
-
- <label for="description">Description:</label>
- <textarea name="description" id="description" class="form-control"
- required"><?= $form['description'] ?></textarea>
-
- <input type="submit" value="Submit"/>
- </form>
-
-<?php include 'includes/footer.php'; ?>
No newline at end of file
M upload.php +4 -4
@@ 1,7 1,7 @@
<?php
require 'includes/app.php';
-is_member($user) or redirect("login.php");
+is_member($User) or redirect("login.php");
function resize_image_gd($orig_path, $new_path, $max_width, $max_height)
{
@@ 60,11 60,11 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST'
// check form
$_FILES['image']['size'] <= $max_size or $errors [] = ' File too big (512kB max)';
Validate::isFilename($_FILES['image']['name']) or $errors [] = 'Wrong file name';
- Validate::isAvailableFilename($user['id'], $_FILES['image']['name']) or $errors [] = 'File already exists';
+ Validate::isAvailableFilename($User['id'], $_FILES['image']['name']) or $errors [] = 'File already exists';
if (!count($errors)) {
$temp = $_FILES['image']['tmp_name'];
- $path = file_path($user['id'], $_FILES['image']['name']);
+ $path = file_path($User['id'], $_FILES['image']['name']);
$resized = resize_image_gd($temp, $path, 400, 400);
}
}
@@ 75,7 75,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST'
$id = $App->getImage()->create([
"filename" => $_FILES['image']['name'],
"description" => $_POST['description'],
- "user_id" => $user['id']
+ "user_id" => $User['id']
]);
redirect('image.php?id=' . $id);
}
R user-feed.php => +0 -24
@@ 1,24 0,0 @@
-<?php
-require 'includes/app.php';
-
-header('Content-Type: application/xml');
-$id = get_id();
-$profile = $App->getUser()->get($id) or page_not_found();
-$images = $App->getImage()->getFromUser($id, 1);
-?>
- <rss version="2.0">
- <channel>
- <title><?= $profile['name'] ?></title>
- <description>piclog feed</description>
- <link><?= URL . '/profile.php?id=' . $profile['id'] ?></link>
- <?php foreach ($images as $image): ?>
- <item>
- <title><?= $image['filename'] ?></title>
- <pubDate><?= date(DATE_RSS, strtotime($image['published_at'])) ?></pubDate>
- <guid><?= URL . '/image.php?id=' . $image['id'] ?></guid>
- <link><?= URL . '/image.php?id=' . $image['id'] ?></link>
- </item>
- <?php endforeach; ?>
- </channel>
- </rss>
-<?php
M widget.php +2 -2
@@ 6,8 6,8 @@ require 'includes/app.php';
<h1>Widget</h1>
<p>Add the following snippet to your site to show your latest picture. Feel free to customize how it looks like!</p>
<textarea
- style="width: 100%;"><a href="<?= URL ?>/profile.php?id=<?= $user['id']; ?>"><img src="<?= URL ?>/latest.php?id=<?= $user['id']; ?>"></a></textarea>
-<p><a href="<?= URL ?>/profile.php?id=<?= $user['id']; ?>"><img src="<?= URL ?>/latest.php?id=<?= $user['id']; ?>"></a>
+ style="width: 100%;"><a href="<?= URL ?>/profile.php?id=<?= $User['id']; ?>"><img src="<?= URL ?>/latest.php?id=<?= $User['id']; ?>"></a></textarea>
+<p><a href="<?= URL ?>/profile.php?id=<?= $User['id']; ?>"><img src="<?= URL ?>/latest.php?id=<?= $User['id']; ?>"></a>
</p>
<?php include 'includes/footer.php'; ?>