flash/sakura
flash/sakura
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

rip dbwrapper v2

Browse source 
i honestly won't miss you even though you looked great on paper
This commit is contained in:
flash 2016-03-13 21:35:51 +01:00
parent 8bf68062b2
commit 472bf049f6
19 changed files with 497 additions and 732 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
config/config.example.ini
View file

@ -1,27 +1,25 @@
; Example Sakura configuration
; Rename this file to config.ini after you're done editing.
; Database configuration
; Database configuration according to https://laravel.com/docs/5.2/database#introduction
[database]
; SQL Driver that should be used.
; This has to relate to a PHP file in the libraries/DBWrapper folder
; but must EXCLUDE the .php file extension. (I recommend sticking with the bundled mysql library)
driver = mysql
; Username used to authenticate with the SQL server
host = localhost
port = 3306
username = sakura
; Password for the same purpose
password = "password"
; Table prefix used.
prefix = sakura_
database = sakura-development
[dsn]
host=localhost
port=3306
dbname=sakura
charset = utf8
collation = utf8_unicode_ci
; Data files relative to the root directory

113
libraries/Comments.php
View file

@ -47,11 +47,11 @@ class Comments
$this->category = $category;
// Get the comments and assign them to $comments
$comments = DBv2::prepare('SELECT * FROM `{prefix}comments` WHERE `comment_category` = :category AND `comment_reply_to` = 0 ORDER BY `comment_id` DESC');
$comments->execute([
'category' => $this->category,
]);
$comments = $comments->fetchAll(\PDO::FETCH_ASSOC);
$comments = DB::table('comments')
->where('comment_category', $this->category)
->where('comment_reply_to', 0)
->orderBy('comment_id', 'desc')
->get();
// Feed them into the sorter
$this->comments = $this->sortComments($comments);
@ -71,6 +71,9 @@ class Comments
// Sort comments
foreach ($comments as $comment) {
// Temporary hackjob to get rid of the old database layer, will reimplement later
$comment = get_object_vars($comment);
// Attach the poster
$comment['comment_poster'] = User::construct($comment['comment_poster']);
$comment['comment_text'] = BBcode::parseEmoticons(Utils::cleanString($comment['comment_text']));
@ -82,6 +85,7 @@ class Comments
// Store amount in their respective variables
foreach ($votes as $vote) {
$vote = get_object_vars($vote);
if ($vote['vote_state']) {
$comment['comment_likes'] += 1;
} else {
@ -96,12 +100,11 @@ class Comments
$this->count += 1;
// Attempt to get replies from the database
$replies = DBv2::prepare('SELECT * FROM `{prefix}comments` WHERE `comment_category` = :category AND `comment_reply_to` = :thread');
$replies->execute([
'category' => $this->category,
'thread' => $comment['comment_id'],
]);
$replies = $replies->fetchAll(\PDO::FETCH_ASSOC);
$replies = DB::table('comments')
->where('comment_category', $this->category)
->where('comment_reply_to', $comment['comment_id'])
->orderBy('comment_id', 'desc')
->get();
// Check if this was a reply to something
if ($replies) {
@ -123,11 +126,11 @@ class Comments
public function getComment($cid)
{
// Get from database
$comment = DBv2::prepare('SELECT * FROM `{prefix}comments` WHERE `comment_id` = :id');
$comment->execute([
'id' => $cid,
]);
return $comment->fetch(\PDO::FETCH_ASSOC);
$comment = DB::table('comments')
->where('comment_id', $cid)
->get();
return $comment ? get_object_vars($comment[0]) : [];
}
/**
@ -140,11 +143,11 @@ class Comments
public function getVotes($cid)
{
// Get from database
$comment = DBv2::prepare('SELECT * FROM `{prefix}comment_votes` WHERE `vote_comment` = :id');
$comment->execute([
'id' => $cid,
]);
return $comment->fetchAll(\PDO::FETCH_ASSOC);
$comment = DB::table('comment_votes')
->where('vote_comment', $cid)
->get();
return $comment;
}
/**
@ -169,14 +172,14 @@ class Comments
}
// Insert into database
DBv2::prepare('INSERT INTO `{prefix}comments` (`comment_category`, `comment_timestamp`, `comment_poster`, `comment_reply_to`, `comment_text`) VALUES (:cat, :time, :user, :thread, :text)')
->execute([
'cat' => $this->category,
'time' => time(),
'user' => $uid,
'thread' => (int) $reply,
'text' => $content,
]);
DB::table('comments')
->insert([
'comment_category' => $this->category,
'comment_timestamp' => time(),
'comment_poster' => (int) $uid,
'comment_reply_to' => (int) $reply,
'comment_text' => $content,
]);
// Return success
return [1, 'SUCCESS'];
@ -194,40 +197,37 @@ class Comments
public function makeVote($uid, $cid, $mode)
{
// Attempt to get previous vote
$vote = DBv2::prepare('SELECT * FROM `{prefix}comment_votes` WHERE `vote_user` = :user AND `vote_comment` = :comment');
$vote->execute([
'user' => $uid,
'comment' => $cid,
]);
$vote = $vote->fetch(\PDO::FETCH_ASSOC);
$vote = DB::table('comment_votes')
->where('vote_user', $uid)
->where('vote_comment', $cid)
->get();
// Check if anything was returned
if ($vote) {
// Check if the vote that's being casted is the same
if ($vote['vote_state'] == $mode) {
if ($vote[0]->vote_state == $mode) {
// Delete the vote
DBv2::prepare('DELETE FROM `{prefix}comment_votes` WHERE `vote_user` = :user AND `vote_comment` = :comment')
->execute([
'user' => $uid,
'comment' => $cid,
]);
DB::table('comment_votes')
->where('vote_user', $uid)
->where('vote_comment', $cid)
->delete();
} else {
// Otherwise update the vote
DBv2::prepare('UPDATE `{prefix}comment_votes` SET `vote_state` = :state WHERE `vote_user` = :user AND `vote_comment` = :comment')
->execute([
'state' => $mode,
'user' => $uid,
'comment' => $cid,
]);
DB::table('comment_votes')
->where('vote_user', $uid)
->where('vote_comment', $cid)
->update([
'vote_state' => $mode,
]);
}
} else {
// Create a vote
DBv2::prepare('INSERT INTO `{prefix}comment_votes` (`vote_user`, `vote_comment`, `vote_state`) VALUES (:user, :comment, :state)')
->execute([
'user' => $uid,
'comment' => $cid,
'state' => $mode,
]);
DB::table('comment_votes')
->insert([
'vote_user' => $uid,
'vote_comment' => $cid,
'vote_state' => $mode,
]);
}
return true;
@ -241,9 +241,8 @@ class Comments
public function removeComment($cid)
{
// Remove from database
DBv2::prepare('DELETE FROM `{prefix}comments` WHERE `comment_id` = :id')
->execute([
'id' => $cid,
]);
DB::table('comments')
->where('comment_id', $cid)
->delete();
}
}

2
libraries/Controllers/ForumController.php
View file

@ -276,7 +276,7 @@ class ForumController extends Controller
$thread->update();
// Add page variable stuff
$message = $thread->type ? 'Changed the thread to anto an announcement!' : 'Reverted the thread back to normal!';
$message = $thread->type ? 'Changed the thread to into an announcement!' : 'Reverted the thread back to normal!';
break;
case 'lock':

7
libraries/Controllers/UserController.php
View file

@ -10,6 +10,7 @@ namespace Sakura\Controllers;
use Sakura\Config;
use Sakura\DB;
use Sakura\Rank;
use Sakura\Router;
use Sakura\Template;
use Sakura\User;
use Sakura\Utils;
@ -49,7 +50,7 @@ class UserController extends Controller
Template::vars([
'page' => [
'message' => 'The user this profile belongs to changed their username, you are being redirected.',
'redirect' => (new \Sakura\Urls)->format('USER_PROFILE', [$check[0]->user_id]),
'redirect' => Router::route('user.profile', $check[0]->user_id),
],
]);
@ -74,7 +75,7 @@ class UserController extends Controller
Template::vars([
'page' => [
'message' => 'Toggled the restricted status of the user.',
'redirect' => (new \Sakura\Urls)->format('USER_PROFILE', [$profile->id]),
'redirect' => Router::route('user.profile', $profile->id),
],
]);
@ -108,7 +109,7 @@ class UserController extends Controller
}
// Get all ranks
// Execute query
$getRanks = DB::table('ranks')
->get(['rank_id']);

112
libraries/DBv2.php
View file

@ -1,112 +0,0 @@
<?php
/**
* Holds the database wrapper (v2).
*
* @package Sakura
*/
namespace Sakura;
use PDO;
use PDOException;
use PDOStatement;
/**
* A wrapper to make the database communication experience smoother.
*
* @package Sakura
* @author Julian van de Groep <me@flash.moe>
*/
class DBv2
{
/**
* The container for the PDO object.
*
* @var PDO
*/
public static $db = null;
/**
* The table prefix
*
* @var string
*/
public static $prefix = '';
/**
* Open the SQL connection and creates a PDO object.
*
* @param string $server A PDO driver.
* @param array $dsnParts An array consisting out of DSN string parts.
* @param string $username The username used to authenticate with the SQL server.
* @param string $password The password for the same purpose.
* @param array $options Additional PDO options.
*/
public static function open($server, $dsnParts, $username = null, $password = null, $prefix = '', $options = [])
{
// Check if the selected driver is available
if (!in_array($server, PDO::getAvailableDrivers())) {
trigger_error('A driver for the selected SQL server wasn\'t found!', E_USER_ERROR);
return;
}
// Set the table prefix
self::$prefix = $prefix;
// Create start of the DSN
$dsn = "{$server}:";
// Append the parts
foreach ($dsnParts as $name => $value) {
$dsn .= "{$name}={$value};";
}
try {
// Connect to SQL server using PDO
self::$db = new PDO($dsn, $username, $password, $options);
} catch (PDOException $e) {
// Catch connection errors
trigger_error($e->getMessage(), E_USER_ERROR);
}
self::$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
self::$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
self::$db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_OBJ);
}
/**
* Closes the PDO object.
*/
public static function close()
{
self::$db = null;
}
/**
* Get the id of the item that was last inserted into the database.
*
* @param string $name Sequence of which the last id should be returned.
*
* @return string The last inserted id.
*/
public static function lastID($name = null)
{
return self::$db->lastInsertID($name);
}
/**
* Prepares a statement for execution and returns a statement object.
*
* @param string $stmt The statement to prepare.
* @param array $opts Statement specific driver options.
*
* @return PDOStatement
*/
public static function prepare($stmt, $opts = [])
{
// Replace the table prefix
$stmt = str_replace('{prefix}', self::$prefix, $stmt);
return self::$db->prepare($stmt, $opts);
}
}

12
libraries/News.php
View file

@ -31,14 +31,16 @@ class News
{
// Get the news posts and assign them to $posts
$posts = DBv2::prepare('SELECT * FROM `{prefix}news` WHERE `news_category` = :cat ORDER BY `news_id` DESC');
$posts->execute([
'cat' => $category,
]);
$posts = $posts->fetchAll(\PDO::FETCH_ASSOC);
$posts = DB::table('news')
->where('news_category', $category)
->orderBy('news_id', 'desc')
->get();
// Attach poster data
foreach ($posts as $post) {
// See Comments.php
$post = get_object_vars($post);
// Attach the poster
$post['news_poster'] = User::construct($post['user_id']);

72
libraries/Perms.php
View file

@ -24,7 +24,7 @@ class Perms
* MANAGE permission mode, used for site management actions.
*/
const MANAGE = 'permissions\permissions_manage';
/**
* FORUM permission mode, used per forum.
*/
@ -43,7 +43,7 @@ class Perms
* @var string
*/
protected $column = '';
/**
* Constructor.
*
@ -94,34 +94,26 @@ class Perms
public function rank($rid, $conditions = [], $perm = 0)
{
// Build statement
$stmt = "SELECT * FROM `{prefix}{$this->table}` WHERE `rank_id` = :rank AND `user_id` = 0";
$get = DB::table($this->table)
->where('rank_id', $rid)
->where('user_id', 0);
// Append additional conditionals (DBWrapper v1 format, except OR is ignored)
foreach ($conditions as $column => $value) {
$stmt .= " AND `{$column}` {$value[1]} :_retarded_{$column}";
$get->where($column, $value[1], $value[0]);
}
// Prepare the statement
$get = DBv2::prepare($stmt);
// Bind rank
$get->bindParam('rank', $rid);
// Bind additionals
foreach ($conditions as $column => $value) {
$get->bindParam("_retarded_{$column}", $value[0]);
}
// Execute!
$get->execute();
// Fetch from the db
$get = $get->fetch(\PDO::FETCH_ASSOC);
$get = $get->get();
// Check if anything was returned
if ($get && array_key_exists($this->column, $get) && $get['rank_id']) {
// Perform a bitwise OR
$perm = $perm | bindec((string) $get[$this->column]);
if ($get) {
$get = get_object_vars($get[0]);
if (array_key_exists($this->column, $get) && $get['rank_id']) {
// Perform a bitwise OR
$perm = $perm | bindec((string) $get[$this->column]);
}
}
// Return the value
@ -146,36 +138,28 @@ class Perms
foreach (array_keys($user->ranks) as $rank) {
$perm = $perm | $this->rank($rank, $conditions, $perm);
}
// Build statement
$stmt = "SELECT * FROM `{prefix}{$this->table}` WHERE `rank_id` = 0 AND `user_id` = :user";
$get = DB::table($this->table)
->where('rank_id', 0)
->where('user_id', $uid);
// Append additional conditionals (DBWrapper v1 format, except OR is ignored)
foreach ($conditions as $column => $value) {
$stmt .= " AND `{$column}` {$value[1]} :_retarded_{$column}";
$get->where($column, $value[1], $value[0]);
}
// Prepare the statement
$get = DBv2::prepare($stmt);
// Bind rank
$get->bindParam('user', $uid);
// Bind additionals
foreach ($conditions as $column => $value) {
$get->bindParam("_retarded_{$column}", $value[0]);
}
// Execute!
$get->execute();
// Fetch from the db
$get = $get->fetch(\PDO::FETCH_ASSOC);
$get = $get->get();
// Check if anything was returned
if ($get && array_key_exists($this->column, $get) && $get['user_id']) {
// Perform a bitwise OR
$perm = $perm | bindec((string) $get[$this->column]);
if ($get) {
$get = get_object_vars($get[0]);
if (array_key_exists($this->column, $get) && $get['user_id']) {
// Perform a bitwise OR
$perm = $perm | bindec((string) $get[$this->column]);
}
}
// Return the value

11
libraries/Rank.php
View file

@ -188,11 +188,12 @@ class Rank
public function users($justIds = false)
{
// Fetch all users part of this rank
$fetch = DBv2::prepare('SELECT `user_id` FROM `{prefix}user_ranks` WHERE `rank_id` = :id');
$fetch->execute([
'id' => $this->id,
]);
$userIds = array_column($fetch->fetchAll(\PDO::FETCH_ASSOC), 'user_id');
$get = DB::table('user_ranks')
->where('rank_id', $this->id)
->get(['user_id']);
// Filter the user ids into one array
$userIds = array_column($get, 'user_id');
// Just return that if we were asked for just the ids
if ($justIds) {

317
libraries/User.php
View file

@ -461,9 +461,9 @@ class User
array_merge(
array_keys($this->ranks),
$ranks)
),
array_keys($this->ranks)
);
),
array_keys($this->ranks)
);
// Save to the database
foreach ($ranks as $rank) {
@ -592,21 +592,18 @@ class User
return [0, 'USER_NOT_EXIST'];
}
// Prepare the statement
$rem = DBv2::prepare('DELETE FROM `{prefix}friends` WHERE `user_id` = :user AND `friend_id` = :friend');
// Remove friend
$rem->execute([
'user' => $this->id,
'friend' => $uid,
]);
DB::table('friends')
->where('user_id', $this->id)
->where('friend_id', $uid)
->delete();
// Attempt to remove the request
if ($deleteRequest) {
$rem->execute([
'user' => $uid,
'friend' => $this->id,
]);
DB::table('friends')
->where('user_id', $uid)
->where('friend_id', $this->id)
->delete();
}
// Return true because yay
@ -623,19 +620,16 @@ class User
public function isFriends($with)
{
// Accepted from this user
$get = DBv2::prepare('SELECT * FROM `{prefix}friends` WHERE `user_id` = :user AND `friend_id` = :friend');
$get->execute([
'user' => $this->id,
'friend' => $with,
]);
$user = $get->rowCount();
$user = DB::table('friends')
->where('user_id', $this->id)
->where('friend_id', $with)
->count();
// And the other user
$get->execute([
'user' => $with,
'friend' => $this->id,
]);
$friend = $get->rowCount();
$user = DB::table('friends')
->where('user_id', $with)
->where('friend_id', $this->id)
->count();
if ($user && $friend) {
return 2; // Mutual friends
@ -665,18 +659,16 @@ class User
// Mutual
case 2:
// Get all the current user's friends
$self = DBv2::prepare('SELECT `friend_id` FROM `{prefix}friends` WHERE `user_id` = :user');
$self->execute([
'user' => $this->id,
]);
$self = array_column($self->fetchAll(\PDO::FETCH_ASSOC), 'friend_id');
$self = DB::table('friends')
->where('user_id', $this->id)
->get(['friend_id']);
$self = array_column($self, 'friend_id');
// Get all the people that added this user as a friend
$others = DBv2::prepare('SELECT `user_id` FROM `{prefix}friends` WHERE `friend_id` = :user');
$others->execute([
'user' => $this->id,
]);
$others = array_column($others->fetchAll(\PDO::FETCH_ASSOC), 'user_id');
$others = DB::table('friends')
->where('friend_id', $this->id)
->get(['user_id']);
$others = array_column($others, 'user_id');
// Create a difference map
$users = array_intersect($self, $others);
@ -684,29 +676,26 @@ class User
// Non-mutual (from user perspective)
case 1:
$users = DBv2::prepare('SELECT `friend_id` FROM `{prefix}friends` WHERE `user_id` = :user');
$users->execute([
'user' => $this->id,
]);
$users = array_column($users->fetchAll(\PDO::FETCH_ASSOC), 'friend_id');
$users = DB::table('friends')
->where('user_id', $this->id)
->get(['friend_id']);
$users = array_column($users, 'friend_id');
break;
// All friend cases
case 0:
default:
// Get all the current user's friends
$self = DBv2::prepare('SELECT `friend_id` FROM `{prefix}friends` WHERE `user_id` = :user');
$self->execute([
'user' => $this->id,
]);
$self = array_column($self->fetchAll(\PDO::FETCH_ASSOC), 'friend_id');
$self = DB::table('friends')
->where('user_id', $this->id)
->get(['friend_id']);
$self = array_column($self, 'friend_id');
// Get all the people that added this user as a friend
$others = DBv2::prepare('SELECT `user_id` FROM `{prefix}friends` WHERE `friend_id` = :user');
$others->execute([
'user' => $this->id,
]);
$others = array_column($others->fetchAll(\PDO::FETCH_ASSOC), 'user_id');
$others = DB::table('friends')
->where('friend_id', $this->id)
->get(['user_id']);
$others = array_column($others, 'user_id');
// Create a difference map
$users = array_merge($others, $self);
@ -715,18 +704,16 @@ class User
// Open requests
case -1:
// Get all the current user's friends
$self = DBv2::prepare('SELECT `friend_id` FROM `{prefix}friends` WHERE `user_id` = :user');
$self->execute([
'user' => $this->id,
]);
$self = array_column($self->fetchAll(\PDO::FETCH_ASSOC), 'friend_id');
$self = DB::table('friends')
->where('user_id', $this->id)
->get(['friend_id']);
$self = array_column($self, 'friend_id');
// Get all the people that added this user as a friend
$others = DBv2::prepare('SELECT `user_id` FROM `{prefix}friends` WHERE `friend_id` = :user');
$others->execute([
'user' => $this->id,
]);
$others = array_column($others->fetchAll(\PDO::FETCH_ASSOC), 'user_id');
$others = DB::table('friends')
->where('friend_id', $this->id)
->get(['user_id']);
$others = array_column($others, 'user_id');
// Create a difference map
$users = array_diff($others, $self);
@ -808,23 +795,14 @@ class User
// Create array and get values
$profile = [];
$profileFields = DBv2::prepare('SELECT * FROM `{prefix}profilefields`');
$profileFields->execute();
$profileFields = $profileFields->fetchAll(\PDO::FETCH_ASSOC);
$profileFields = DB::table('profilefields')
->get();
$profileValuesRaw = DBv2::prepare('SELECT * FROM `{prefix}user_profilefields` WHERE `user_id` = :user');
$profileValuesRaw->execute([
'user' => $this->id,
]);
$profileValuesRaw = $profileValuesRaw->fetchAll(\PDO::FETCH_ASSOC);
$profileValuesRaw = DB::table('user_profilefields')
->where('user_id', $this->id)
->get();
$profileValueKeys = array_map(function ($a) {
return $a['field_name'];
}, $profileValuesRaw);
$profileValueVals = array_map(function ($a) {
return $a['field_value'];
}, $profileValuesRaw);
$profileValues = array_combine($profileValueKeys, $profileValueVals);
$profileValues = array_column($profileValuesRaw, 'field_value', 'field_name');
// Check if anything was returned
if (!$profileFields || !$profileValues) {
@ -834,7 +812,7 @@ class User
// Check if profile fields aren't fake
foreach ($profileFields as $field) {
// Completely strip all special characters from the field name
$fieldName = Utils::cleanString($field['field_name'], true, true);
$fieldName = Utils::cleanString($field->field_name, true, true);
// Check if the user has the current field set otherwise continue
if (!array_key_exists($fieldName, $profileValues)) {
@ -843,23 +821,23 @@ class User
// Assign field to output with value
$profile[$fieldName] = [];
$profile[$fieldName]['name'] = $field['field_name'];
$profile[$fieldName]['name'] = $field->field_name;
$profile[$fieldName]['value'] = $profileValues[$fieldName];
$profile[$fieldName]['islink'] = $field['field_link'];
$profile[$fieldName]['islink'] = $field->field_link;
// If the field is set to be a link add a value for that as well
if ($field['field_link']) {
if ($field->field_link) {
$profile[$fieldName]['link'] = str_replace(
'{{ VAL }}',
$profileValues[$fieldName],
$field['field_linkformat']
$field->field_linkformat
);
}
// Check if we have additional options as well
if ($field['field_additional'] != null) {
if ($field->field_additional != null) {
// Decode the json of the additional stuff
$additional = json_decode($field['field_additional'], true);
$additional = json_decode($field->field_additional, true);
// Go over all additional forms
foreach ($additional as $subName => $subField) {
@ -896,23 +874,14 @@ class User
// Create array and get values
$options = [];
$optionFields = DBv2::prepare('SELECT * FROM `{prefix}optionfields`');
$optionFields->execute();
$optionFields = $optionFields->fetchAll(\PDO::FETCH_ASSOC);
$optionFields = DB::table('optionfields')
->get();
$optionValuesRaw = DBv2::prepare('SELECT * FROM `{prefix}user_optionfields` WHERE `user_id` = :user');
$optionValuesRaw->execute([
'user' => $this->id,
]);
$optionValuesRaw = $optionValuesRaw->fetchAll(\PDO::FETCH_ASSOC);
$optionValuesRaw = DB::table('user_optionfields')
->where('user_id', $this->id)
->get();
$optionValueKeys = array_map(function ($a) {
return $a['field_name'];
}, $optionValuesRaw);
$optionValueVals = array_map(function ($a) {
return $a['field_value'];
}, $optionValuesRaw);
$optionValues = array_combine($optionValueKeys, $optionValueVals);
$optionValues = array_column($optionValuesRaw, 'field_value', 'field_name');
// Check if anything was returned
if (!$optionFields || !$optionValues) {
@ -922,17 +891,17 @@ class User
// Check if option fields aren't fake
foreach ($optionFields as $field) {
// Check if the user has the current field set otherwise continue
if (!array_key_exists($field['option_id'], $optionValues)) {
if (!array_key_exists($field->option_id, $optionValues)) {
continue;
}
// Make sure the user has the proper permissions to use this option
if (!$this->permission(constant('Sakura\Perms\Site::' . $field['option_permission']))) {
if (!$this->permission(constant('Sakura\Perms\Site::' . $field->option_permission))) {
continue;
}
// Assign field to output with value
$options[$field['option_id']] = $optionValues[$field['option_id']];
$options[$field->option_id] = $optionValues[$field->option_id];
}
// Assign cache
@ -956,17 +925,17 @@ class User
}
// Attempt to retrieve the premium record from the database
$getRecord = DBv2::prepare('SELECT * FROM `{prefix}premium` WHERE `user_id` = :user');
$getRecord->execute([
'user' => $this->id,
]);
$getRecord = $getRecord->fetch();
$getRecord = DB::table('premium')
->where('user_id', $this->id)
->get();
// If nothing was returned just return false
if (empty($getRecord)) {
return [0];
}
$getRecord[0] = $getRecord;
// Check if the Tenshi hasn't expired
if ($getRecord->premium_expire < time()) {
return [0, $getRecord->premium_start, $getRecord->premium_expire];
@ -984,11 +953,9 @@ class User
public function getWarnings()
{
// Do the database query
$getWarnings = DBv2::prepare('SELECT * FROM `{prefix}warnings` WHERE `user_id` = :user');
$getWarnings->execute([
'user' => $this->id,
]);
$getWarnings = $getWarnings->fetchAll(\PDO::FETCH_ASSOC);
$getWarnings = DB::table('warnings')
->where('user_id', $this->id)
->get();
// Storage array
$warnings = [];
@ -996,39 +963,38 @@ class User
// Add special stuff
foreach ($getWarnings as $warning) {
// Check if it hasn't expired
if ($warning['warning_expires'] < time()) {
DBv2::prepare('DELETE FROM `{prefix}warnings` WHERE `warning_id` = :warn')
->execute([
'warn' => $warning['warning_id'],
]);
if ($warning->warning_expires < time()) {
DB::table('warnings')
->where('warning_id', $warning['warning_id'])
->delete();
continue;
}
// Text action
switch ($warning['warning_action']) {
switch ($warning->warning_action) {
default:
case '0':
$warning['warning_action_text'] = 'Warning';
$warning->warning_action_text = 'Warning';
break;
case '1':
$warning['warning_action_text'] = 'Silence';
$warning->warning_action_text = 'Silence';
break;
case '2':
$warning['warning_action_text'] = 'Restriction';
$warning->warning_action_text = 'Restriction';
break;
case '3':
$warning['warning_action_text'] = 'Ban';
$warning->warning_action_text = 'Ban';
break;
case '4':
$warning['warning_action_text'] = 'Abyss';
$warning->warning_action_text = 'Abyss';
break;
}
// Text expiration
$warning['warning_length'] = round(($warning['warning_expires'] - $warning['warning_issued']) / 60);
$warning->warning_length = round(($warning->warning_expires - $warning->warning_issued) / 60);
// Add to array
$warnings[$warning['warning_id']] = $warning;
$warnings[$warning->warning_id] = $warning;
}
// Return all the warnings
@ -1062,14 +1028,10 @@ class User
*/
public function getUsernameHistory()
{
// Do the database query
$changes = DBv2::prepare('SELECT * FROM `{prefix}username_history` WHERE `user_id` = :user ORDER BY `change_id` DESC');
$changes->execute([
'user' => $this->id,
]);
// Return all the changes
return $changes->fetchAll(\PDO::FETCH_ASSOC);
return DB::table('username_history')
->where('user_id', $this->id)
->orderBy('change_id', 'desc')
->get();
}
/**
@ -1095,48 +1057,45 @@ class User
}
// Check if this username hasn't been used in the last amount of days set in the config
$getOld = DBv2::prepare('SELECT * FROM `{prefix}username_history` WHERE `username_old_clean` = :clean AND `change_time` > :time ORDER BY `change_id` DESC');
$getOld->execute([
'clean' => $username_clean,
'time' => (Config::get('old_username_reserve') * 24 * 60 * 60),
]);
$getOld = $getOld->fetch();
$getOld = DB::table('username_history')
->where('username_old_clean', $username_clean)
->where('change_time', '>', (Config::get('old_username_reserve') * 24 * 60 * 60))
->orderBy('change_id', 'desc')
->get();
// Check if anything was returned
if ($getOld && $getOld->user_id != $this->id) {
return [0, 'TOO_RECENT', $getOld['change_time']];
if ($getOld && $getOld[0]->user_id != $this->id) {
return [0, 'TOO_RECENT', $getOld[0]['change_time']];
}
// Check if the username is already in use
$getInUse = DBv2::prepare('SELECT * FROM `{prefix}users` WHERE `username_clean` = :clean');
$getInUse->execute([
'clean' => $username_clean,
]);
$getInUse = $getInUse->fetch();
$getInUse = DB::table('users')
->where('username_clean', $username_clean)
->get();
// Check if anything was returned
if ($getInUse) {
return [0, 'IN_USE', $getInUse->user_id];
return [0, 'IN_USE', $getInUse[0]->user_id];
}
// Insert into username_history table
DBv2::prepare('INSERT INTO `{prefix}username_history` (`change_time`, `user_id`, `username_new`, `username_new_clean`, `username_old`, `username_old_clean`) VALUES (:time, :user, :new, :new_clean, :old, :old_clean)')
->execute([
'time' => time(),
'user' => $this->id,
'new' => $username,
'new_clean' => $username_clean,
'old' => $this->username,
'old_clean' => $this->usernameClean,
]);
DB::table('username_history')
->insert([
'change_time' => time(),
'user_id' => $this->id,
'username_new_clean' => $username,
'new_clean' => $username_clean,
'username_old' => $this->username,
'username_old_clean' => $this->usernameClean,
]);
// Update userrow
DBv2::prepare('UPDATE `{prefix}users` SET `username` = :username, `username_clean` = :clean WHERE `user_id` = :id')
->execute([
'username' => $username,
'clean' => $username_clean,
'id' => $this->id,
]);
DB::table('users')
->where('user_id', $this->id)
->update([
'username' => $username,
'username_clean' => $username_clean,
]);
// Return success
return [1, 'SUCCESS', $username];
@ -1157,23 +1116,21 @@ class User
}
// Check if the username is already in use
$getInUse = DBv2::prepare('SELECT * FROM `{prefix}users` WHERE `email` = :email');
$getInUse->execute([
'email' => $email,
]);
$getInUse = $getInUse->fetch();
$getInUse = DB::table('users')
->where('email', $email)
->get();
// Check if anything was returned
if ($getInUse) {
return [0, 'IN_USE', $getInUse->user_id];
return [0, 'IN_USE', $getInUse[0]->user_id];
}
// Update userrow
DBv2::prepare('UPDATE `{prefix}users` SET `email` = :email WHERE `user_id` = :id')
->execute([
'email' => $email,
'id' => $this->id,
]);
DB::table('users')
->where('user_id', $this->id)
->update([
'email' => $email,
]);
// Return success
return [1, 'SUCCESS', $email];
@ -1223,15 +1180,15 @@ class User
$password = Hashing::createHash($new);
// Update userrow
DBv2::prepare('UPDATE `{prefix}users` SET `password_hash` = :hash, `password_salt` = :salt, `password_algo` = :algo, `password_iter` = :iter, `password_chan` = :chan WHERE `user_id` = :id')
->execute([
'hash' => $password[3],
'salt' => $password[2],
'algo' => $password[0],
'iter' => $password[1],
'chan' => time(),
'id' => $this->id,
]);
DB::table('users')
->where('user_id', $this->id)
->update([
'password_hash' => $password[3],
'password_salt' => $password[2],
'password_algo' => $password[0],
'password_iter' => $password[1],
'password_chan' => time(),
]);
// Return success
return [1, 'SUCCESS'];

179
libraries/Users.php
View file

@ -85,11 +85,11 @@ class Users
}
// Update last online
DBv2::prepare('UPDATE `{prefix}users` SET `user_last_online` = :lo WHERE `user_id` = :id')
->execute([
'lo' => time(),
'id' => $uid,
]);
DB::table('users')
->where('user_id', $uid)
->update([
'user_last_online' => time(),
]);
// Update the premium meta
self::updatePremiumMeta($uid);
@ -118,20 +118,17 @@ class Users
$emailClean = Utils::cleanString($email, true);
// Do database request
$user = DBv2::prepare('SELECT * FROM `{prefix}users` WHERE `username_clean` = :clean AND `email` = :email');
$user->execute([
'clean' => $usernameClean,
'email' => $emailClean,
]);
$user = $user->fetch(\PDO::FETCH_ASSOC);
$user = DB::table('users')
->where('username_clean', $usernameClean)
->where(':email', $emailClean)
->get(['user_id']);
// Check if user exists
if (count($user) < 2) {
if (count($user) < 1) {
return [0, 'USER_NOT_EXIST'];
}
// Create user object
$userObj = User::construct($user['user_id']);
$userObj = User::construct($user[0]->user_id);
// Check if the user has the required privs to log in
if ($userObj->permission(Site::DEACTIVATED)) {
@ -201,15 +198,15 @@ class Users
$password = Hashing::createHash($newpass);
// Update the user
DBv2::prepare('UPDATE `{prefix}users` SET `password_hash` = :hash, `password_salt` = :salt, `password_algo` = :algo, `password_iter` = :iter, `password_chan` = :chan WHERE `user_id` = :id')
->execute([
'hash' => $password[3],
'salt' => $password[2],
'algo' => $password[0],
'iter' => $password[1],
'chan' => time(),
'id' => $uid,
]);
DB::table('users')
->where('user_id', $uid)
->update([
'password_hash' => $password[3],
'password_salt' => $password[2],
'password_algo' => $password[0],
'password_iter' => $password[1],
'password_chan' => time(),
]);
// Return success
return [1, 'SUCCESS'];
@ -235,19 +232,17 @@ class Users
$emailClean = Utils::cleanString($email, true);
// Do database request
$user = DBv2::prepare('SELECT * FROM `{prefix}users` WHERE `username_clean` = :clean AND `email` = :email');
$user->execute([
'clean' => $usernameClean,
'email' => $emailClean,
]);
$user = $user->fetch(\PDO::FETCH_ASSOC);
$user = DB::table('users')
->where('username_clean', $usernameClean)
->where(':email', $emailClean)
->get(['user_id']);
// Check if user exists
if (count($user) < 2) {
if (count($user) < 1) {
return [0, 'USER_NOT_EXIST'];
}
$userObj = User::construct($user['user_id']);
$userObj = User::construct($user[0]->user_id);
// Check if a user is activated
if (!$userObj->permission(Site::DEACTIVATED)) {
@ -255,7 +250,7 @@ class Users
}
// Send activation e-mail
self::sendActivationMail($user['user_id']);
self::sendActivationMail($userObj->id);
// Return success
return [1, 'SUCCESS'];
@ -365,9 +360,8 @@ class Users
public static function getProfileFields()
{
// Get profile fields
$profileFields = DBv2::prepare('SELECT * FROM `{prefix}profilefields`');
$profileFields->execute();
$profileFields = $profileFields->fetchAll(\PDO::FETCH_ASSOC);
$profileFields = DB::table('profilefields')
->get();
// If there's nothing just return null
if (!count($profileFields)) {
@ -379,6 +373,7 @@ class Users
// Iterate over the fields and clean them up
foreach ($profileFields as $field) {
$field = get_object_vars($field);
$fields[$field['field_id']] = $field;
$fields[$field['field_id']]['field_identity'] = Utils::cleanString($field['field_name'], true, true);
$fields[$field['field_id']]['field_additional'] = json_decode($field['field_additional'], true);
@ -396,9 +391,8 @@ class Users
public static function getOptionFields()
{
// Get option fields
$optionFields = DBv2::prepare('SELECT * FROM `{prefix}optionfields`');
$optionFields->execute();
$optionFields = $optionFields->fetchAll(\PDO::FETCH_ASSOC);
$optionFields = DB::table('optionfields')
->get();
// If there's nothing just return null
if (!count($optionFields)) {
@ -412,6 +406,8 @@ class Users
// Iterate over the fields and clean them up
foreach ($optionFields as $field) {
$field = get_object_vars($field);
if (!$user->permission(constant('Sakura\Perms\Site::' . $field['option_permission']))) {
continue;
}
@ -436,11 +432,9 @@ class Users
$return = [];
// Get all online users in the past 5 minutes
$getAll = DBv2::prepare('SELECT * FROM `{prefix}users` WHERE `user_last_online` > :lo');
$getAll->execute([
'lo' => $time,
]);
$getAll = $getAll->fetchAll();
$getAll = DB::table('users')
->where('user_last_online', '>', $time)
->get();
foreach ($getAll as $user) {
$return[] = User::construct($user->user_id);
@ -461,11 +455,9 @@ class Users
public static function addUserPremium($id, $seconds)
{
// Check if there's already a record of premium for this user in the database
$getUser = DBv2::prepare('SELECT * FROM `{prefix}premium` WHERE `user_id` = :user');
$getUser->execute([
'user' => $id,
]);
$getUser = $getUser->fetch(\PDO::FETCH_ASSOC);
$getUser = DB::table('premium')
->where('user_id', $id)
->count();
// Calculate the (new) start and expiration timestamp
$start = isset($getUser['premium_start']) ? $getUser['premium_start'] : time();
@ -473,18 +465,16 @@ class Users
// If the user already exists do an update call, otherwise an insert call
if (empty($getUser)) {
DBv2::prepare('INSERT INTO `{prefix}premium` (`user_id`, `premium_start`, `premium_expire`) VALUES (:user, :start, :expire)')
->execute([
'user' => $id,
'start' => $start,
'expire' => $expire,
]);
DB::table('premium')
->insert([
'user_id' => $id,
'premium_start' => $start,
'premium_expire' => $expire,
]);
} else {
DBv2::prepare('UPDATE `{prefix}premium` SET `premium_expire` = :expire WHERE `user_id` = :id')
->execute([
'expire' => $expire,
'user_id' => $id,
]);
DB::table('premium')
->where('user_id', $id)
->update('premium_expire', $expire);
}
// Return the expiration timestamp
@ -519,10 +509,9 @@ class Users
}
} elseif (!$check[0]) {
// Remove the expired entry
DBv2::prepare('DELETE FROM `{prefix}premium` WHERE `user_id` = :user')
->execute([
'user' => $user->id,
]);
DB::table('premium')
->where('user_id', $user->id)
->delete();
// Else remove the rank from them
$user->removeRanks([$premiumRank]);
@ -547,25 +536,23 @@ class Users
$read = $excludeRead ? '0' : '%';
// Get notifications for the database
$notifications = DBv2::prepare('SELECT * FROM `{prefix}notifications` WHERE `user_id` = :user AND `alert_timestamp` > :time AND `alert_read` = :read');
$notifications->execute([
'user' => $uid,
'time' => $time,
'read' => $read,
]);
$notifications = $notifications->fetchAll(\PDO::FETCH_ASSOC);
$alerts = DB::table('notifications')
->where('user_id', $uid)
->where('alert_timestamp', '>', $time)
->where('alert_read', $read)
->get();
// Mark the notifications as read
if ($markRead) {
// Iterate over all entries
foreach ($notifications as $notification) {
foreach ($alerts as $alert) {
// If the notifcation is already read skip
if ($notification['alert_read']) {
if ($alert->alert_read) {
continue;
}
// Mark them as read
self::markNotificationRead($notification['alert_id']);
self::markNotificationRead($notification->alert_id);
}
}
@ -582,11 +569,11 @@ class Users
public static function markNotificationRead($id, $mode = true)
{
// Execute an update statement
DBv2::prepare('UPDATE `{prefix}notifications` SET `alert_read` = :read WHERE `alert_id` = :id')
->execute([
'read' => ($mode ? 1 : 0),
'id' => $id,
]);
DB::table('notifications')
->where('alert_id', $id)
->update([
'alert_read' => ($mode ? 1 : 0),
]);
}
/**
@ -603,18 +590,18 @@ class Users
public static function createNotification($user, $title, $text, $timeout = 60000, $img = 'FONT:fa-info-circle', $link = '', $sound = 0)
{
// Insert it into the database
DBv2::prepare('INSERT INTO `{prefix}notifications` (`user_id`, `alert_timestamp`, `alert_read`, `alert_sound`, `alert_title`, `alert_text`, `alert_link`, `alert_img`, `alert_timeout`) VALUES (:user, :time, :read, :sound, :title, :text, :link, :img, :timeout)')
->execute([
'user' => $user,
'time' => time(),
'read' => 0,
'sound' => ($sound ? 1 : 0),
'title' => $title,
'text' => $text,
'link' => $link,
'img' => $img,
'timeout' => $timeout,
]);
DB::table('notifications')
->insert([
'user_id' => $user,
'alert_timestamp' => time(),
'alert_read' => 0,
'alert_sound' => ($sound ? 1 : 0),
'alert_title' => $title,
'alert_text' => $text,
'alert_link' => $link,
'alert_img' => $img,
'alert_timeout' => $timeout,
]);
}
/**
@ -624,12 +611,12 @@ class Users
*/
public static function getNewestUserId()
{
$get = DBv2::prepare('SELECT `user_id` FROM `{prefix}users` WHERE `rank_main` != :restricted ORDER BY `user_id` DESC LIMIT 1');
$get->execute([
'restricted' => Config::get('restricted_rank_id'),
]);
$get = $get->fetch();
$get = DB::table('users')
->where('rank_main', '!=', Config::get('restricted_rank_id'))
->orderBy('user_id', 'desc')
->limit(1)
->get(['user_id']);
return $get ? $get->user_id : 0;
return $get ? $get[0]->user_id : 0;
}
}

34
libraries/Utils.php
View file

@ -49,7 +49,7 @@ class Utils
default:
$error = '<b>Unknown error type</b> [' . $errno . ']: ' . $errstr . ' on line ' . $errline
. ' in ' . $errfile;
. ' in ' . $errfile;
}
// Truncate all previous outputs
@ -361,9 +361,9 @@ class Utils
$data = [];
// Get database stuff
$table = DBv2::prepare('SELECT * FROM `{prefix}premium_log` ORDER BY `transaction_id` DESC');
$table->execute();
$table = $table->fetchAll(\PDO::FETCH_ASSOC);
$table = DB::table('premium_log')
->orderBy('transaction_id', 'desc')
->get();
// Add raw table data to data array
$data['table'] = $table;
@ -371,17 +371,17 @@ class Utils
// Create balance entry
$data['balance'] = 0.0;
// Create users entry
// users
$data['users'] = [];
// Calculate the thing
foreach ($table as $row) {
// Calculate balance
$data['balance'] = $data['balance'] + $row['transaction_amount'];
$data['balance'] = $data['balance'] + $row->transaction_amount;
// Add userdata to table
if (!array_key_exists($row['user_id'], $data['users'])) {
$data['users'][$row['user_id']] = User::construct($row['user_id']);
if (!array_key_exists($row->user_id, $data['users'])) {
$data['users'][$row->user_id] = User::construct($row->user_id);
}
}
@ -398,13 +398,13 @@ class Utils
*/
public static function updatePremiumTracker($id, $amount, $comment)
{
DBv2::prepare('INSERT INTO `{prefix}premium_log` (`user_id`, `transaction_amount`, `transaction_date`, `transaction_comment`) VALUES (:user, :amount, :date, :comment)')
->execute([
'user' => $id,
'amount' => $amount,
'date' => time(),
'comment' => $comment,
]);
DB::table('premium_log')
->insert([
'user_id' => $id,
'transaction_amount' => $amount,
'transaction_date' => time(),
'transaction_comment' => $comment,
]);
}
/**
@ -427,7 +427,7 @@ class Utils
$code = str_replace('<br/>', '', $code);
$code = str_replace('<br>', '', $code);
$code = str_replace('<', '&lt;', $code);
$newStr .= '<code>'.$code.'</code>';
$newStr .= '<code>' . $code . '</code>';
$newStr .= $parts2[1];
} else {
$newStr .= $p;
@ -436,7 +436,7 @@ class Utils
} else {
$newStr = $text;
}
return $newStr;
}
}

20
public/posting.php
View file

@ -67,12 +67,12 @@ if (!isset($thread) && !$forum->permission(ForumPerms::CREATE_THREADS, $currentU
$mode = isset($_GET['f']) ? 'f' : (isset($_GET['t']) ? 't' : (isset($_GET['p']) ? 'p' : null));
$emotes = DBv2::prepare('SELECT * FROM `{prefix}emoticons`');
$emotes->execute();
$emotes = DB::table('emoticons')
->get();
// Include emotes and bbcodes
$posting = [
'emoticons' => $emotes->fetchAll(),
'emoticons' => $emotes,
];
// Check if we're in reply mode
@ -201,20 +201,18 @@ if ($mode != 'f') {
// Post deletion code
if (isset($_POST['yes'])) {
// Delete the post
DBv2::prepare('DELETE FROM `{prefix}posts` WHERE `post_id` = :post')
->execute([
'post' => $_POST['post_id'],
]);
DB::table('posts')
->where('post_id', $_POST['post_id'])
->delete();
// Reload the topic
$thread = new Forum\Thread($topicId);
// If there's no more posts left in the topic delete it as well
if (!$thread->replyCount()) {
DBv2::prepare('DELETE FROM `{prefix}topics` WHERE `topic_id` = :thread')
->execute([
'thread' => $thread->id,
]);
DB::table('topics')
->where('topic_id', $thread->id)
->delete();
}
// Add page specific things

226
public/settings.php
View file

@ -451,14 +451,14 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
// Assign the correct column and title to a variable
switch ($mode) {
case 'background':
$stmt = 'UPDATE `{prefix}users` SET `user_background` = :img WHERE `user_id` = :user';
$column = 'user_background';
$msgTitle = 'Background';
$current = $currentUser->background;
$permission = $currentUser->permission(Site::CHANGE_BACKGROUND);
break;
case 'header':
$stmt = 'UPDATE `{prefix}users` SET `user_header` = :img WHERE `user_id` = :user';
$column = 'user_header';
$msgTitle = 'Header';
$current = $currentUser->header;
$permission = $currentUser->permission(Site::CHANGE_HEADER);
@ -466,7 +466,7 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
case 'avatar':
default:
$stmt = 'UPDATE `{prefix}users` SET `user_avatar` = :img WHERE `user_id` = :user';
$column = 'user_avatar';
$msgTitle = 'Avatar';
$current = $currentUser->avatar;
$permission = $currentUser->permission(Site::CHANGE_AVATAR);
@ -617,11 +617,11 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
}
// Update table
DBv2::prepare($stmt)
->execute([
'img' => $fileId,
'user' => $currentUser->id,
]);
DB::table('users')
->where('user_id', $currentUser->id)
->update([
$column => $fileId,
]);
// Set render data
$renderData['page'] = [
@ -636,21 +636,21 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
// Get profile fields and create storage var
$fields = Users::getProfileFields();
// Delete all profile fields
DB::table('user_profilefields')
->where('user_id', $currentUser->id)
->delete();
// Go over each field
foreach ($fields as $field) {
// Add to the store array
if (isset($_POST['profile_' . $field['field_identity']]) && !empty($_POST['profile_' . $field['field_identity']])) {
DBv2::prepare('DELETE FROM `{prefix}user_profilefields` WHERE `user_id` = :user AND `field_name` = :id')
->execute([
'user' => $currentUser->id,
'id' => $field['field_identity'],
]);
DBv2::prepare('INSERT INTO `{prefix}user_profilefields` (`user_id`, `field_name`, `field_value`) VALUES (:user, :name, :value)')
->execute([
'user' => $currentUser->id,
'name' => $field['field_identity'],
'value' => $_POST['profile_' . $field['field_identity']],
]);
DB::table('user_profilefields')
->insert([
'user_id' => $currentUser->id,
'field_name' => $field['field_identity'],
'field_value' => $_POST['profile_' . $field['field_identity']],
]);
}
// Check if there's additional values we should keep in mind
@ -659,17 +659,12 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
foreach ($field['field_additional'] as $addKey => $addVal) {
// Add to the array
$store = (isset($_POST['profile_additional_' . $addKey]) || !empty($_POST['profile_additional_' . $addKey])) ? $_POST['profile_additional_' . $addKey] : false;
DBv2::prepare('DELETE FROM `{prefix}user_profilefields` WHERE `user_id` = :user AND `field_name` = :id')
->execute([
'user' => $currentUser->id,
'id' => $addKey,
]);
DBv2::prepare('INSERT INTO `{prefix}user_profilefields` (`user_id`, `field_name`, `field_value`) VALUES (:user, :name, :value)')
->execute([
'user' => $currentUser->id,
'name' => $addKey,
'value' => $store,
]);
DB::table('user_profilefields')
->insert([
'user_id' => $currentUser->id,
'field_name' => $addKey,
'field_value' => $store,
]);
}
}
}
@ -731,11 +726,11 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
[$_POST['birthday_year'], $_POST['birthday_month'], $_POST['birthday_day']]
);
DBv2::prepare('UPDATE `{prefix}users` SET `user_birthday` = :bd WHERE `user_id` = :id')
->execute([
'bd' => $birthdate,
'id' => $currentUser->id,
]);
DB::table('users')
->where('user_id', $currentUser->id)
->update([
'user_birthday' => $birthdate,
]);
}
break;
@ -744,27 +739,26 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
// Get profile fields and create storage var
$fields = Users::getOptionFields();
// Delete all option fields for this user
DB::table('user_optionfields')
->where('user_id', $currentUser->id)
->delete();
// Go over each field
foreach ($fields as $field) {
DBv2::prepare('DELETE FROM `{prefix}user_optionfields` WHERE `user_id` = :user AND `field_name` = :id')
->execute([
'user' => $currentUser->id,
'id' => $field['option_id'],
]);
// Make sure the user has sufficient permissions to complete this action
if (!$currentUser->permission(constant('Sakura\Perms\Site::' . $field['option_permission']))) {
continue;
}
if (isset($_POST['option_' . $field['option_id']])
&& !empty($_POST['option_' . $field['option_id']])) {
DBv2::prepare('INSERT INTO `{prefix}user_optionfields` (`user_id`, `field_name`, `field_value`) VALUES (:user, :name, :value)')
->execute([
'user' => $currentUser->id,
'name' => $field['option_id'],
'value' => $_POST['option_' . $field['option_id']],
]);
&& !empty($_POST['option_' . $field['option_id']])) {
DB::table('user_optionfields')
->insert([
'user_id' => $currentUser->id,
'field_name' => $field['option_id'],
'field_value' => $_POST['option_' . $field['option_id']],
]);
}
}
@ -801,11 +795,11 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
}
// Update database
DBv2::prepare('UPDATE `{prefix}users` SET `user_title` = :title WHERE `user_id` = :id')
->execute([
'title' => (isset($_POST['usertitle']) ? $_POST['usertitle'] : null),
'id' => $currentUser->id,
]);
DB::table('users')
->where('user_id', $currentUser->id)
->update([
'user_title' => (isset($_POST['usertitle']) ? $_POST['usertitle'] : null),
]);
// Set render data
$renderData['page'] = [
@ -938,11 +932,11 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
}
// Update database
DBv2::prepare('UPDATE `{prefix}users` SET `user_page` = :up WHERE `user_id` = :id')
->execute([
'up' => $_POST['userpage'],
'id' => $currentUser->id,
]);
DB::table('users')
->where('user_id', $currentUser->id)
->update([
'user_page' => $_POST['userpage'],
]);
// Set render data
$renderData['page'] = [
@ -964,11 +958,11 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
}
// Update database
DBv2::prepare('UPDATE `{prefix}users` SET `user_signature` = :us WHERE `user_id` = :id')
->execute([
'us' => $_POST['signature'],
'id' => $currentUser->id,
]);
DB::table('users')
->where('user_id', $currentUser->id)
->update([
'user_signature' => $_POST['signature'],
]);
// Set render data
$renderData['page'] = [
@ -1049,10 +1043,9 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
// Check if sessionid is set to all
if ($_POST['sessionid'] === 'all') {
// Delete all sessions assigned to the current user
DBv2::prepare('DELETE FROM `{prefix}sessions` WHERE `user_id` = :user')
->execute([
'user' => $currentUser->id,
]);
DB::table('sessions')
->where('user_id', $currentUser->id)
->delete();
// Set render data
$renderData['page'] = [
@ -1064,12 +1057,11 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
}
// Check if the session is owned by the current user
$us = DBv2::prepare('SELECT * FROM `{prefix}sessions` WHERE `user_id` = :user AND `session_id` = :key');
$us->execute([
'user' => $currentUser->id,
'key' => $_POST['sessionid'],
]);
if (!$us->rowCount()) {
$us = DB::table('sessions')
->where('user_id', $currentUser->id)
->where('session_id', $_POST['sessionid'])
->count();
if (!$us) {
$renderData['page'] = [
'redirect' => $redirect,
'message' => 'The session you tried to kill doesn\'t exist.',
@ -1079,11 +1071,10 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
}
// Delete the session
DBv2::prepare('DELETE FROM `{prefix}sessions` WHERE `user_id` = :user AND `session_id` = :session')
->execute([
'user' => $currentUser->id,
'session' => $_POST['sessionid'],
]);
DB::table('sessions')
->where('user_id', $currentUser->id)
->where('session_id', $_POST['sessionid'])
->delete();
// Set render data
$renderData['page'] = [
@ -1235,41 +1226,41 @@ if (Users::checkLogin()) {
],
]/*,
'messages' => [
'title' => 'Messages',
'modes' => [
'inbox' => [
'title' => 'Inbox',
'description' => [
'The list of messages you\'ve received.',
],
'access' => $currentUser->permission(Site::USE_MESSAGES),
'menu' => true,
],
'sent' => [
'title' => 'Sent',
'description' => [
'The list of messages you\'ve sent to other users.',
],
'access' => $currentUser->permission(Site::USE_MESSAGES),
'menu' => true,
],
'compose' => [
'title' => 'Compose',
'description' => [
'Write a new message.',
],
'access' => $currentUser->permission(Site::SEND_MESSAGES),
'menu' => true,
],
'read' => [
'title' => 'Read',
'description' => [
'Read a message.',
],
'access' => $currentUser->permission(Site::USE_MESSAGES),
'menu' => false,
],
],
'title' => 'Messages',
'modes' => [
'inbox' => [
'title' => 'Inbox',
'description' => [
'The list of messages you\'ve received.',
],
'access' => $currentUser->permission(Site::USE_MESSAGES),
'menu' => true,
],
'sent' => [
'title' => 'Sent',
'description' => [
'The list of messages you\'ve sent to other users.',
],
'access' => $currentUser->permission(Site::USE_MESSAGES),
'menu' => true,
],
'compose' => [
'title' => 'Compose',
'description' => [
'Write a new message.',
],
'access' => $currentUser->permission(Site::SEND_MESSAGES),
'menu' => true,
],
'read' => [
'title' => 'Read',
'description' => [
'Read a message.',
],
'access' => $currentUser->permission(Site::USE_MESSAGES),
'menu' => false,
],
],
]*/,
'notifications' => [
'title' => 'Notifications',
@ -1519,12 +1510,11 @@ if (Users::checkLogin()) {
// Sessions
case 'advanced.sessions':
$sessions = DBv2::prepare('SELECT * FROM `{prefix}sessions` WHERE `user_id` = :user');
$sessions->execute([
'user' => $currentUser->id,
]);
$sessions = DB::table('sessions')
->where('user_id', $currentUser->id)
->get();
$renderData['sessions'] = $sessions->fetchAll();
$renderData['sessions'] = $sessions;
break;
}

10
routes.php
View file

@ -35,20 +35,20 @@ Router::group(['prefix' => 'news'], function () {
Router::group(['prefix' => 'forum'], function () {
// Thread
Router::group(['prefix' => 'thread'], function () {
Router::get('/{id}', 'ForumController@thread', 'forums.thread');
Router::post('/{id}/mod', 'ForumController@threadModerate', 'forums.thread.mod');
Router::get('/{id:i}', 'ForumController@thread', 'forums.thread');
Router::post('/{id:i}/mod', 'ForumController@threadModerate', 'forums.thread.mod');
});
// Forum
Router::get('/', 'ForumController@index', 'forums.index');
Router::get('/{id}', 'ForumController@forum', 'forums.forum');
Router::get('/{id}/mark', 'ForumController@markForumRead', 'forums.mark');
Router::get('/{id:i}', 'ForumController@forum', 'forums.forum');
Router::get('/{id:i}/mark', 'ForumController@markForumRead', 'forums.mark');
});
// Members
Router::group(['prefix' => 'members'], function () {
Router::get('/', 'UserController@members', 'members.index');
Router::get('/{rank}', 'UserController@members', 'members.rank');
Router::get('/{rank:i}', 'UserController@members', 'members.rank');
});
// User

15
sakura.php
View file

@ -8,7 +8,7 @@
namespace Sakura;
// Define Sakura version
define('SAKURA_VERSION', '20160311');
define('SAKURA_VERSION', '20160313');
// Define Sakura Path
define('ROOT', __DIR__ . '/');
@ -65,15 +65,6 @@ Config::init(ROOT . 'config/config.ini');
// Change error reporting according to the dev configuration
error_reporting(Config::local('dev', 'show_errors') ? -1 : 0);
// Make the database connection
DBv2::open(
Config::local('database', 'driver'),
Config::local('dsn'),
Config::local('database', 'username'),
Config::local('database', 'password'),
Config::local('database', 'prefix')
);
// Create a new database capsule
$capsule = new \Illuminate\Database\Capsule\Manager;
@ -209,7 +200,9 @@ if (!defined('SAKURA_NO_TPL')) {
}
// Ban checking
if ($authCheck && !in_array($_SERVER['PHP_SELF'], [$urls->format('AUTH_ACTION', [], false)]) && $ban = Bans::checkBan($currentUser->id)) {
if ($authCheck
&& !in_array($_SERVER['PHP_SELF'], [$urls->format('AUTH_ACTION', [], false)])
&& $ban = Bans::checkBan($currentUser->id)) {
// Additional render data
Template::vars([
'ban' => [

26
templates/yuuno/forum/forumMod.twig
View file

@ -1,26 +1,18 @@
<form method="post" action="{{ route('forums.thread.mod', thread.id) }}" style="display: inline-block;">
<input type="hidden" name="session" value="{{ php.sessionid }}" />
{% if forumSticky %}
<button class="forumbtn" title="Sticky" name="action" value="sticky"><span class="fa fa-thumb-tack"></span></button>
{% elseif forumUnsticky %}
<button class="forumbtn" title="Unsticky" name="action" value="sticky"><span class="fa fa-remove"></span></button>
{% if forumSticky is defined %}
<button class="forumbtn" title="{{ forumSticky ? 'Unsticky' : 'Sticky' }}" name="action" value="sticky"><span class="fa fa-{{ forumSticky ? 'remove' : 'thumb-tack' }}"></span></button>
{% endif %}
{% if forumAnnounce %}
<button class="forumbtn" title="Announce" name="action" value="announce"><span class="fa fa-bullhorn"></span></button>
{% elseif forumUnannounce %}
<button class="forumbtn" title="Unannounce" name="action" value="announce"><span class="fa fa-remove"></span></button>
{% if forumAnnounce is defined %}
<button class="forumbtn" title="{{ forumAnnounce ? 'Unannounce' : 'Announce' }}" name="action" value="announce"><span class="fa fa-{{ forumAnnounce ? 'remove' : 'bullhorn' }}"></span></button>
{% endif %}
{% if forumLock %}
<button class="forumbtn" title="Lock" name="action" value="lock"><span class="fa fa-lock"></span></button>
{% elseif forumUnlock %}
<button class="forumbtn" title="Unlock" name="action" value="lock"><span class="fa fa-unlock"></span></button>
{% if forumLock is defined %}
<button class="forumbtn" title="{{ forumLock ? 'Unlock' : 'Lock' }}" name="action" value="lock"><span class="fa fa-{{ forumLock ? 'unlock' : 'lock' }}"></span></button>
{% endif %}
{% if forumRestore %}
{% if forumRestore is defined %}
<button class="forumbtn" title="Restore" name="action" value="restore"><span class="fa fa-history"></span></button>
{% endif %}
{% if forumTrash %}
<button class="forumbtn" title="Trash" name="action" value="delete"><span class="fa fa-trash"></span></button>
{% elseif forumPrune %}
<button class="forumbtn" title="Prune" name="action" value="delete"><span class="fa fa-bomb"></span></button>
{% if forumTrash is defined or forumPrune is defined %}
<button class="forumbtn" title="{{ forumPrune ? 'Prune' : 'Trash' }}" name="action" value="delete"><span class="fa fa-{{ forumPrune ? 'bomb' : 'trash' }}"></span></button>
{% endif %}
</form>

41
templates/yuuno/forum/viewtopic.twig
View file

@ -15,60 +15,35 @@
{% endif %}
{% if forum.permission(constant('Sakura\\Perms\\Forum::STICKY'), user.id) %}
{% if thread.type == 1 %}
{% set forumUnsticky %}{{ urls.format('FORUM_STICKY', [thread.id, php.sessionid]) }}{% endset %}
{% else %}
{% set forumSticky %}{{ urls.format('FORUM_STICKY', [thread.id, php.sessionid]) }}{% endset %}
{% endif %}
{% set forumSticky = thread.type == 1 ? true : false %}
{% endif %}
{% if forum.permission(constant('Sakura\\Perms\\Forum::ANNOUNCEMENT'), user.id) %}
{% if thread.type == 2 %}
{% set forumUnannounce %}{{ urls.format('FORUM_ANNOUNCE', [thread.id, php.sessionid]) }}{% endset %}
{% else %}
{% set forumAnnounce %}{{ urls.format('FORUM_ANNOUNCE', [thread.id, php.sessionid]) }}{% endset %}
{% endif %}
{% set forumAnnounce = thread.type == 2 ? true : false %}
{% endif %}
{% if forum.permission(constant('Sakura\\Perms\\Forum::LOCK'), user.id) %}
{% if thread.status == 1 %}
{% set forumUnlock %}{{ urls.format('FORUM_LOCK', [thread.id, php.sessionid]) }}{% endset %}
{% else %}
{% set forumLock %}{{ urls.format('FORUM_LOCK', [thread.id, php.sessionid]) }}{% endset %}
{% endif %}
{% set forumLock = thread.status == 1 ? true : false %}
{% endif %}
{% if forum.permission(constant('Sakura\\Perms\\Forum::MOVE'), user.id) %}
{% if thread.oldForum %}
{% set forumRestore %}{{ urls.format('FORUM_RESTORE', [thread.id, php.sessionid]) }}{% endset %}
{% set forumRestore = true %}
{% endif %}
{% if thread.forum != sakura.trashForumId %}
{% set forumTrash %}{{ urls.format('FORUM_TRASH', [thread.id, php.sessionid]) }}{% endset %}
{% set forumTrash = true %}
{% endif %}
{% endif %}
{% if forum.permission(constant('Sakura\\Perms\\Forum::DELETE_ANY'), user.id) %}
{% if thread.forum == sakura.trashForumId %}
{% set forumPrune %}{{ urls.format('FORUM_PRUNE', [thread.id, php.sessionid]) }}{% endset %}
{% set forumPrune = true %}
{% endif %}
{% endif %}
{% set posts = thread.posts|batch(10) %}
{% if get.p and not get.page %}
{% set num = 0 %}
{% for k,v in thread.posts %}
{% if k < get.p %}
{% set num = num + 1 %}
{% endif %}
{% endfor %}
{% set num = (num / 10)|round(0, 'floor') + 1 %}
{% set get = get|merge({'page': num}) %}
{% endif %}
{% set paginationPages = posts %}
{% set paginationUrl %}{{ route('forums.thread', thread.id) }}{% endset %}
@ -126,7 +101,7 @@
<a href="#p{{ post.id }}" class="clean">{{ post.subject|slice(0, 50) }}{% if post.subject|length > 50 %}...{% endif %}</a>
</div>
<div class="date">
<a href="{{ urls.format('FORUM_POST', [post.id]) }}#p{{ post.id }}" class="clean">#{{ post.id }} - <time>{{ post.time|date(sakura.dateFormat) }}</time></a>
#{{ post.id }} - <time>{{ post.time|date(sakura.dateFormat) }}</time>
</div>
<div class="clear"></div>
</div>

10
templates/yuuno/global/master.twig
View file

@ -51,7 +51,7 @@
"minUserLen": {{ sakura.minUsernameLength }},
"maxUserLen": {{ sakura.maxUsernameLength }},
"minPwdEntropy": {{ sakura.minPwdEntropy }},
"checkLogin": {% if session.checkLogin %}true{% else %}false{% endif %}
"checkLogin": {{ session.checkLogin ? 'true' : 'false' }}
};
// Set cookie prefix and path
@ -101,7 +101,7 @@
{% if sakura.lockAuth %}
<div class="menu-item fa-lock" style="padding-left: 10px; padding-right: 10px;" title="Authentication is locked"></div>
{% else %}
<a class="menu-item fa-magic" href="{{ route('auth.register') }}" title="Login"></a>
<a class="menu-item fa-magic" href="{{ route('auth.register') }}" title="Register"></a>
<a class="menu-item fa-sign-in" href="{{ route('auth.login') }}" title="Login"></a>
{% endif %}
{% endif %}
@ -110,8 +110,8 @@
</div>
<div id="contentwrapper">
<div id="notifications"></div>
{% if php.self == '/profile.php' ? profile.background : (user.permission(constant('Sakura\\Perms\\Site::CHANGE_BACKGROUND')) and user.optionFields.profileBackgroundSiteWide and user.background) %}
<div id="userBackground" style="background-image: url('{{ urls.format('IMAGE_BACKGROUND', [(php.self == '/profile.php' ? profile : user).id]) }}');"></div>
{% if profile is defined ? profile.background : (user.permission(constant('Sakura\\Perms\\Site::CHANGE_BACKGROUND')) and user.optionFields.profileBackgroundSiteWide and user.background) %}
<div id="userBackground" style="background-image: url('{{ route('file.background', (profile is defined ? profile : user).id) }}');"></div>
{% endif %}
{% if not session.checkLogin and sakura.currentPage != route('auth.login') %}
<div class="headerLoginContainer">
@ -144,7 +144,7 @@
{% if user.permission(constant('Sakura\\Perms\\Site::RESTRICTED')) %}
<div class="headerNotify" style="background: repeating-linear-gradient(-45deg, #B33, #B33 10px, #B00 10px, #B00 20px); color: #FFF; border: 1px solid #C00; box-shadow: 0 0 3px #C00;">
<h1>Your account is currently in <span style="font-weight: 700 !important;">restricted mode</span>!</h1>
<div>A staff member has set your account to restricted mode most likely due to violation of the rules. While restricted you won't be able to use most public features of the site. If you think this is a mistake please <a href="{{ urls.format('INFO_PAGE', ['contact']) }}" style="color: inherit;">get in touch with one of our staff members</a>.</div>
<div>A staff member has set your account to restricted mode most likely due to violation of the rules. While restricted you won't be able to use most public features of the site. If you think this is a mistake please <a href="{{ route('main.infopage', 'contact') }}" style="color: inherit;">get in touch with one of our staff members</a>.</div>
</div>
{% endif %}

2
templates/yuuno/main/profile.twig
View file

@ -80,7 +80,7 @@
<div class="new-profile-info">
<div class="default-avatar-setting new-profile-avatar" style="background-image: url({{ route('file.avatar', profile.id) }}); box-shadow: 0 0 5px #{% if profile.isOnline %}484{% else %}844{% endif %};"></div>
<div class="new-profile-username">
<h1 style="color: {{ profile.colour }}; text-shadow: 0 0 7px {% if profile.colour != 'inherit' %}{{ profile.colour }}{% else %}#222{% endif %}; padding: 0 0 2px;" {% if profile.getUsernameHistory %} title="Known as {{ profile.getUsernameHistory[0]['username_old'] }} before {{ profile.getUsernameHistory[0]['change_time']|date(sakura.dateFormat) }}." {% endif %}>{{ profile.username }}</h1>
<h1 style="color: {{ profile.colour }}; text-shadow: 0 0 7px {% if profile.colour != 'inherit' %}{{ profile.colour }}{% else %}#222{% endif %}; padding: 0 0 2px;" {% if profile.getUsernameHistory %} title="Known as {{ profile.getUsernameHistory[0].username_old }} before {{ profile.getUsernameHistory[0].change_time|date(sakura.dateFormat) }}." {% endif %}>{{ profile.username }}</h1>
{% if profile.isPremium[0] %}<img src="{{ sakura.contentPath }}/images/tenshi.png" alt="Tenshi" style="vertical-align: middle;" /> {% endif %}<img src="{{ sakura.contentPath }}/images/flags/{{ profile.country|lower }}.png" alt="{{ profile.country }}" style="vertical-align: middle;" title="{{ profile.country(true) }}" /> <span style="font-size: .8em;">{{ profile.title }}</span>
</div>
<div class="new-profile-dates">