diff --git a/config/config.example.ini b/config/config.example.ini index 0b24ba2..2205c0d 100644 --- a/config/config.example.ini +++ b/config/config.example.ini @@ -1,27 +1,25 @@ ; Example Sakura configuration ; Rename this file to config.ini after you're done editing. -; Database configuration +; Database configuration according to https://laravel.com/docs/5.2/database#introduction [database] -; SQL Driver that should be used. -; This has to relate to a PHP file in the libraries/DBWrapper folder -; but must EXCLUDE the .php file extension. (I recommend sticking with the bundled mysql library) driver = mysql -; Username used to authenticate with the SQL server +host = localhost + +port = 3306 + username = sakura -; Password for the same purpose password = "password" -; Table prefix used. prefix = sakura_ +database = sakura-development -[dsn] -host=localhost -port=3306 -dbname=sakura +charset = utf8 + +collation = utf8_unicode_ci ; Data files relative to the root directory diff --git a/libraries/Comments.php b/libraries/Comments.php index 0d6546b..a68f055 100644 --- a/libraries/Comments.php +++ b/libraries/Comments.php @@ -47,11 +47,11 @@ class Comments $this->category = $category; // Get the comments and assign them to $comments - $comments = DBv2::prepare('SELECT * FROM `{prefix}comments` WHERE `comment_category` = :category AND `comment_reply_to` = 0 ORDER BY `comment_id` DESC'); - $comments->execute([ - 'category' => $this->category, - ]); - $comments = $comments->fetchAll(\PDO::FETCH_ASSOC); + $comments = DB::table('comments') + ->where('comment_category', $this->category) + ->where('comment_reply_to', 0) + ->orderBy('comment_id', 'desc') + ->get(); // Feed them into the sorter $this->comments = $this->sortComments($comments); @@ -71,6 +71,9 @@ class Comments // Sort comments foreach ($comments as $comment) { + // Temporary hackjob to get rid of the old database layer, will reimplement later + $comment = get_object_vars($comment); + // Attach the poster $comment['comment_poster'] = User::construct($comment['comment_poster']); $comment['comment_text'] = BBcode::parseEmoticons(Utils::cleanString($comment['comment_text'])); @@ -82,6 +85,7 @@ class Comments // Store amount in their respective variables foreach ($votes as $vote) { + $vote = get_object_vars($vote); if ($vote['vote_state']) { $comment['comment_likes'] += 1; } else { @@ -96,12 +100,11 @@ class Comments $this->count += 1; // Attempt to get replies from the database - $replies = DBv2::prepare('SELECT * FROM `{prefix}comments` WHERE `comment_category` = :category AND `comment_reply_to` = :thread'); - $replies->execute([ - 'category' => $this->category, - 'thread' => $comment['comment_id'], - ]); - $replies = $replies->fetchAll(\PDO::FETCH_ASSOC); + $replies = DB::table('comments') + ->where('comment_category', $this->category) + ->where('comment_reply_to', $comment['comment_id']) + ->orderBy('comment_id', 'desc') + ->get(); // Check if this was a reply to something if ($replies) { @@ -123,11 +126,11 @@ class Comments public function getComment($cid) { // Get from database - $comment = DBv2::prepare('SELECT * FROM `{prefix}comments` WHERE `comment_id` = :id'); - $comment->execute([ - 'id' => $cid, - ]); - return $comment->fetch(\PDO::FETCH_ASSOC); + $comment = DB::table('comments') + ->where('comment_id', $cid) + ->get(); + + return $comment ? get_object_vars($comment[0]) : []; } /** @@ -140,11 +143,11 @@ class Comments public function getVotes($cid) { // Get from database - $comment = DBv2::prepare('SELECT * FROM `{prefix}comment_votes` WHERE `vote_comment` = :id'); - $comment->execute([ - 'id' => $cid, - ]); - return $comment->fetchAll(\PDO::FETCH_ASSOC); + $comment = DB::table('comment_votes') + ->where('vote_comment', $cid) + ->get(); + + return $comment; } /** @@ -169,14 +172,14 @@ class Comments } // Insert into database - DBv2::prepare('INSERT INTO `{prefix}comments` (`comment_category`, `comment_timestamp`, `comment_poster`, `comment_reply_to`, `comment_text`) VALUES (:cat, :time, :user, :thread, :text)') - ->execute([ - 'cat' => $this->category, - 'time' => time(), - 'user' => $uid, - 'thread' => (int) $reply, - 'text' => $content, - ]); + DB::table('comments') + ->insert([ + 'comment_category' => $this->category, + 'comment_timestamp' => time(), + 'comment_poster' => (int) $uid, + 'comment_reply_to' => (int) $reply, + 'comment_text' => $content, + ]); // Return success return [1, 'SUCCESS']; @@ -194,40 +197,37 @@ class Comments public function makeVote($uid, $cid, $mode) { // Attempt to get previous vote - $vote = DBv2::prepare('SELECT * FROM `{prefix}comment_votes` WHERE `vote_user` = :user AND `vote_comment` = :comment'); - $vote->execute([ - 'user' => $uid, - 'comment' => $cid, - ]); - $vote = $vote->fetch(\PDO::FETCH_ASSOC); + $vote = DB::table('comment_votes') + ->where('vote_user', $uid) + ->where('vote_comment', $cid) + ->get(); // Check if anything was returned if ($vote) { // Check if the vote that's being casted is the same - if ($vote['vote_state'] == $mode) { + if ($vote[0]->vote_state == $mode) { // Delete the vote - DBv2::prepare('DELETE FROM `{prefix}comment_votes` WHERE `vote_user` = :user AND `vote_comment` = :comment') - ->execute([ - 'user' => $uid, - 'comment' => $cid, - ]); + DB::table('comment_votes') + ->where('vote_user', $uid) + ->where('vote_comment', $cid) + ->delete(); } else { // Otherwise update the vote - DBv2::prepare('UPDATE `{prefix}comment_votes` SET `vote_state` = :state WHERE `vote_user` = :user AND `vote_comment` = :comment') - ->execute([ - 'state' => $mode, - 'user' => $uid, - 'comment' => $cid, - ]); + DB::table('comment_votes') + ->where('vote_user', $uid) + ->where('vote_comment', $cid) + ->update([ + 'vote_state' => $mode, + ]); } } else { // Create a vote - DBv2::prepare('INSERT INTO `{prefix}comment_votes` (`vote_user`, `vote_comment`, `vote_state`) VALUES (:user, :comment, :state)') - ->execute([ - 'user' => $uid, - 'comment' => $cid, - 'state' => $mode, - ]); + DB::table('comment_votes') + ->insert([ + 'vote_user' => $uid, + 'vote_comment' => $cid, + 'vote_state' => $mode, + ]); } return true; @@ -241,9 +241,8 @@ class Comments public function removeComment($cid) { // Remove from database - DBv2::prepare('DELETE FROM `{prefix}comments` WHERE `comment_id` = :id') - ->execute([ - 'id' => $cid, - ]); + DB::table('comments') + ->where('comment_id', $cid) + ->delete(); } } diff --git a/libraries/Controllers/ForumController.php b/libraries/Controllers/ForumController.php index 83c5ba7..286f100 100644 --- a/libraries/Controllers/ForumController.php +++ b/libraries/Controllers/ForumController.php @@ -276,7 +276,7 @@ class ForumController extends Controller $thread->update(); // Add page variable stuff - $message = $thread->type ? 'Changed the thread to anto an announcement!' : 'Reverted the thread back to normal!'; + $message = $thread->type ? 'Changed the thread to into an announcement!' : 'Reverted the thread back to normal!'; break; case 'lock': diff --git a/libraries/Controllers/UserController.php b/libraries/Controllers/UserController.php index a79461a..ed36e76 100644 --- a/libraries/Controllers/UserController.php +++ b/libraries/Controllers/UserController.php @@ -10,6 +10,7 @@ namespace Sakura\Controllers; use Sakura\Config; use Sakura\DB; use Sakura\Rank; +use Sakura\Router; use Sakura\Template; use Sakura\User; use Sakura\Utils; @@ -49,7 +50,7 @@ class UserController extends Controller Template::vars([ 'page' => [ 'message' => 'The user this profile belongs to changed their username, you are being redirected.', - 'redirect' => (new \Sakura\Urls)->format('USER_PROFILE', [$check[0]->user_id]), + 'redirect' => Router::route('user.profile', $check[0]->user_id), ], ]); @@ -74,7 +75,7 @@ class UserController extends Controller Template::vars([ 'page' => [ 'message' => 'Toggled the restricted status of the user.', - 'redirect' => (new \Sakura\Urls)->format('USER_PROFILE', [$profile->id]), + 'redirect' => Router::route('user.profile', $profile->id), ], ]); @@ -108,7 +109,7 @@ class UserController extends Controller } // Get all ranks - + // Execute query $getRanks = DB::table('ranks') ->get(['rank_id']); diff --git a/libraries/DBv2.php b/libraries/DBv2.php deleted file mode 100644 index f04b990..0000000 --- a/libraries/DBv2.php +++ /dev/null @@ -1,112 +0,0 @@ - - */ -class DBv2 -{ - /** - * The container for the PDO object. - * - * @var PDO - */ - public static $db = null; - - /** - * The table prefix - * - * @var string - */ - public static $prefix = ''; - - /** - * Open the SQL connection and creates a PDO object. - * - * @param string $server A PDO driver. - * @param array $dsnParts An array consisting out of DSN string parts. - * @param string $username The username used to authenticate with the SQL server. - * @param string $password The password for the same purpose. - * @param array $options Additional PDO options. - */ - public static function open($server, $dsnParts, $username = null, $password = null, $prefix = '', $options = []) - { - // Check if the selected driver is available - if (!in_array($server, PDO::getAvailableDrivers())) { - trigger_error('A driver for the selected SQL server wasn\'t found!', E_USER_ERROR); - return; - } - - // Set the table prefix - self::$prefix = $prefix; - - // Create start of the DSN - $dsn = "{$server}:"; - - // Append the parts - foreach ($dsnParts as $name => $value) { - $dsn .= "{$name}={$value};"; - } - - try { - // Connect to SQL server using PDO - self::$db = new PDO($dsn, $username, $password, $options); - } catch (PDOException $e) { - // Catch connection errors - trigger_error($e->getMessage(), E_USER_ERROR); - } - - self::$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); - self::$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); - self::$db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_OBJ); - } - - /** - * Closes the PDO object. - */ - public static function close() - { - self::$db = null; - } - - /** - * Get the id of the item that was last inserted into the database. - * - * @param string $name Sequence of which the last id should be returned. - * - * @return string The last inserted id. - */ - public static function lastID($name = null) - { - return self::$db->lastInsertID($name); - } - - /** - * Prepares a statement for execution and returns a statement object. - * - * @param string $stmt The statement to prepare. - * @param array $opts Statement specific driver options. - * - * @return PDOStatement - */ - public static function prepare($stmt, $opts = []) - { - // Replace the table prefix - $stmt = str_replace('{prefix}', self::$prefix, $stmt); - - return self::$db->prepare($stmt, $opts); - } -} diff --git a/libraries/News.php b/libraries/News.php index f35d69f..ce5d601 100644 --- a/libraries/News.php +++ b/libraries/News.php @@ -31,14 +31,16 @@ class News { // Get the news posts and assign them to $posts - $posts = DBv2::prepare('SELECT * FROM `{prefix}news` WHERE `news_category` = :cat ORDER BY `news_id` DESC'); - $posts->execute([ - 'cat' => $category, - ]); - $posts = $posts->fetchAll(\PDO::FETCH_ASSOC); + $posts = DB::table('news') + ->where('news_category', $category) + ->orderBy('news_id', 'desc') + ->get(); // Attach poster data foreach ($posts as $post) { + // See Comments.php + $post = get_object_vars($post); + // Attach the poster $post['news_poster'] = User::construct($post['user_id']); diff --git a/libraries/Perms.php b/libraries/Perms.php index 3d1d558..bff6a76 100644 --- a/libraries/Perms.php +++ b/libraries/Perms.php @@ -24,7 +24,7 @@ class Perms * MANAGE permission mode, used for site management actions. */ const MANAGE = 'permissions\permissions_manage'; - + /** * FORUM permission mode, used per forum. */ @@ -43,7 +43,7 @@ class Perms * @var string */ protected $column = ''; - + /** * Constructor. * @@ -94,34 +94,26 @@ class Perms public function rank($rid, $conditions = [], $perm = 0) { // Build statement - $stmt = "SELECT * FROM `{prefix}{$this->table}` WHERE `rank_id` = :rank AND `user_id` = 0"; + $get = DB::table($this->table) + ->where('rank_id', $rid) + ->where('user_id', 0); // Append additional conditionals (DBWrapper v1 format, except OR is ignored) foreach ($conditions as $column => $value) { - $stmt .= " AND `{$column}` {$value[1]} :_retarded_{$column}"; + $get->where($column, $value[1], $value[0]); } - // Prepare the statement - $get = DBv2::prepare($stmt); - - // Bind rank - $get->bindParam('rank', $rid); - - // Bind additionals - foreach ($conditions as $column => $value) { - $get->bindParam("_retarded_{$column}", $value[0]); - } - - // Execute! - $get->execute(); - // Fetch from the db - $get = $get->fetch(\PDO::FETCH_ASSOC); + $get = $get->get(); // Check if anything was returned - if ($get && array_key_exists($this->column, $get) && $get['rank_id']) { - // Perform a bitwise OR - $perm = $perm | bindec((string) $get[$this->column]); + if ($get) { + $get = get_object_vars($get[0]); + + if (array_key_exists($this->column, $get) && $get['rank_id']) { + // Perform a bitwise OR + $perm = $perm | bindec((string) $get[$this->column]); + } } // Return the value @@ -146,36 +138,28 @@ class Perms foreach (array_keys($user->ranks) as $rank) { $perm = $perm | $this->rank($rank, $conditions, $perm); } - + // Build statement - $stmt = "SELECT * FROM `{prefix}{$this->table}` WHERE `rank_id` = 0 AND `user_id` = :user"; + $get = DB::table($this->table) + ->where('rank_id', 0) + ->where('user_id', $uid); // Append additional conditionals (DBWrapper v1 format, except OR is ignored) foreach ($conditions as $column => $value) { - $stmt .= " AND `{$column}` {$value[1]} :_retarded_{$column}"; + $get->where($column, $value[1], $value[0]); } - // Prepare the statement - $get = DBv2::prepare($stmt); - - // Bind rank - $get->bindParam('user', $uid); - - // Bind additionals - foreach ($conditions as $column => $value) { - $get->bindParam("_retarded_{$column}", $value[0]); - } - - // Execute! - $get->execute(); - // Fetch from the db - $get = $get->fetch(\PDO::FETCH_ASSOC); - + $get = $get->get(); + // Check if anything was returned - if ($get && array_key_exists($this->column, $get) && $get['user_id']) { - // Perform a bitwise OR - $perm = $perm | bindec((string) $get[$this->column]); + if ($get) { + $get = get_object_vars($get[0]); + + if (array_key_exists($this->column, $get) && $get['user_id']) { + // Perform a bitwise OR + $perm = $perm | bindec((string) $get[$this->column]); + } } // Return the value diff --git a/libraries/Rank.php b/libraries/Rank.php index 03c3bc2..b5e21c3 100644 --- a/libraries/Rank.php +++ b/libraries/Rank.php @@ -188,11 +188,12 @@ class Rank public function users($justIds = false) { // Fetch all users part of this rank - $fetch = DBv2::prepare('SELECT `user_id` FROM `{prefix}user_ranks` WHERE `rank_id` = :id'); - $fetch->execute([ - 'id' => $this->id, - ]); - $userIds = array_column($fetch->fetchAll(\PDO::FETCH_ASSOC), 'user_id'); + $get = DB::table('user_ranks') + ->where('rank_id', $this->id) + ->get(['user_id']); + + // Filter the user ids into one array + $userIds = array_column($get, 'user_id'); // Just return that if we were asked for just the ids if ($justIds) { diff --git a/libraries/User.php b/libraries/User.php index 4114df1..8c45431 100644 --- a/libraries/User.php +++ b/libraries/User.php @@ -461,9 +461,9 @@ class User array_merge( array_keys($this->ranks), $ranks) - ), - array_keys($this->ranks) - ); + ), + array_keys($this->ranks) + ); // Save to the database foreach ($ranks as $rank) { @@ -592,21 +592,18 @@ class User return [0, 'USER_NOT_EXIST']; } - // Prepare the statement - $rem = DBv2::prepare('DELETE FROM `{prefix}friends` WHERE `user_id` = :user AND `friend_id` = :friend'); - // Remove friend - $rem->execute([ - 'user' => $this->id, - 'friend' => $uid, - ]); + DB::table('friends') + ->where('user_id', $this->id) + ->where('friend_id', $uid) + ->delete(); // Attempt to remove the request if ($deleteRequest) { - $rem->execute([ - 'user' => $uid, - 'friend' => $this->id, - ]); + DB::table('friends') + ->where('user_id', $uid) + ->where('friend_id', $this->id) + ->delete(); } // Return true because yay @@ -623,19 +620,16 @@ class User public function isFriends($with) { // Accepted from this user - $get = DBv2::prepare('SELECT * FROM `{prefix}friends` WHERE `user_id` = :user AND `friend_id` = :friend'); - $get->execute([ - 'user' => $this->id, - 'friend' => $with, - ]); - $user = $get->rowCount(); + $user = DB::table('friends') + ->where('user_id', $this->id) + ->where('friend_id', $with) + ->count(); // And the other user - $get->execute([ - 'user' => $with, - 'friend' => $this->id, - ]); - $friend = $get->rowCount(); + $user = DB::table('friends') + ->where('user_id', $with) + ->where('friend_id', $this->id) + ->count(); if ($user && $friend) { return 2; // Mutual friends @@ -665,18 +659,16 @@ class User // Mutual case 2: // Get all the current user's friends - $self = DBv2::prepare('SELECT `friend_id` FROM `{prefix}friends` WHERE `user_id` = :user'); - $self->execute([ - 'user' => $this->id, - ]); - $self = array_column($self->fetchAll(\PDO::FETCH_ASSOC), 'friend_id'); + $self = DB::table('friends') + ->where('user_id', $this->id) + ->get(['friend_id']); + $self = array_column($self, 'friend_id'); // Get all the people that added this user as a friend - $others = DBv2::prepare('SELECT `user_id` FROM `{prefix}friends` WHERE `friend_id` = :user'); - $others->execute([ - 'user' => $this->id, - ]); - $others = array_column($others->fetchAll(\PDO::FETCH_ASSOC), 'user_id'); + $others = DB::table('friends') + ->where('friend_id', $this->id) + ->get(['user_id']); + $others = array_column($others, 'user_id'); // Create a difference map $users = array_intersect($self, $others); @@ -684,29 +676,26 @@ class User // Non-mutual (from user perspective) case 1: - $users = DBv2::prepare('SELECT `friend_id` FROM `{prefix}friends` WHERE `user_id` = :user'); - $users->execute([ - 'user' => $this->id, - ]); - $users = array_column($users->fetchAll(\PDO::FETCH_ASSOC), 'friend_id'); + $users = DB::table('friends') + ->where('user_id', $this->id) + ->get(['friend_id']); + $users = array_column($users, 'friend_id'); break; // All friend cases case 0: default: // Get all the current user's friends - $self = DBv2::prepare('SELECT `friend_id` FROM `{prefix}friends` WHERE `user_id` = :user'); - $self->execute([ - 'user' => $this->id, - ]); - $self = array_column($self->fetchAll(\PDO::FETCH_ASSOC), 'friend_id'); + $self = DB::table('friends') + ->where('user_id', $this->id) + ->get(['friend_id']); + $self = array_column($self, 'friend_id'); // Get all the people that added this user as a friend - $others = DBv2::prepare('SELECT `user_id` FROM `{prefix}friends` WHERE `friend_id` = :user'); - $others->execute([ - 'user' => $this->id, - ]); - $others = array_column($others->fetchAll(\PDO::FETCH_ASSOC), 'user_id'); + $others = DB::table('friends') + ->where('friend_id', $this->id) + ->get(['user_id']); + $others = array_column($others, 'user_id'); // Create a difference map $users = array_merge($others, $self); @@ -715,18 +704,16 @@ class User // Open requests case -1: // Get all the current user's friends - $self = DBv2::prepare('SELECT `friend_id` FROM `{prefix}friends` WHERE `user_id` = :user'); - $self->execute([ - 'user' => $this->id, - ]); - $self = array_column($self->fetchAll(\PDO::FETCH_ASSOC), 'friend_id'); + $self = DB::table('friends') + ->where('user_id', $this->id) + ->get(['friend_id']); + $self = array_column($self, 'friend_id'); // Get all the people that added this user as a friend - $others = DBv2::prepare('SELECT `user_id` FROM `{prefix}friends` WHERE `friend_id` = :user'); - $others->execute([ - 'user' => $this->id, - ]); - $others = array_column($others->fetchAll(\PDO::FETCH_ASSOC), 'user_id'); + $others = DB::table('friends') + ->where('friend_id', $this->id) + ->get(['user_id']); + $others = array_column($others, 'user_id'); // Create a difference map $users = array_diff($others, $self); @@ -808,23 +795,14 @@ class User // Create array and get values $profile = []; - $profileFields = DBv2::prepare('SELECT * FROM `{prefix}profilefields`'); - $profileFields->execute(); - $profileFields = $profileFields->fetchAll(\PDO::FETCH_ASSOC); + $profileFields = DB::table('profilefields') + ->get(); - $profileValuesRaw = DBv2::prepare('SELECT * FROM `{prefix}user_profilefields` WHERE `user_id` = :user'); - $profileValuesRaw->execute([ - 'user' => $this->id, - ]); - $profileValuesRaw = $profileValuesRaw->fetchAll(\PDO::FETCH_ASSOC); + $profileValuesRaw = DB::table('user_profilefields') + ->where('user_id', $this->id) + ->get(); - $profileValueKeys = array_map(function ($a) { - return $a['field_name']; - }, $profileValuesRaw); - $profileValueVals = array_map(function ($a) { - return $a['field_value']; - }, $profileValuesRaw); - $profileValues = array_combine($profileValueKeys, $profileValueVals); + $profileValues = array_column($profileValuesRaw, 'field_value', 'field_name'); // Check if anything was returned if (!$profileFields || !$profileValues) { @@ -834,7 +812,7 @@ class User // Check if profile fields aren't fake foreach ($profileFields as $field) { // Completely strip all special characters from the field name - $fieldName = Utils::cleanString($field['field_name'], true, true); + $fieldName = Utils::cleanString($field->field_name, true, true); // Check if the user has the current field set otherwise continue if (!array_key_exists($fieldName, $profileValues)) { @@ -843,23 +821,23 @@ class User // Assign field to output with value $profile[$fieldName] = []; - $profile[$fieldName]['name'] = $field['field_name']; + $profile[$fieldName]['name'] = $field->field_name; $profile[$fieldName]['value'] = $profileValues[$fieldName]; - $profile[$fieldName]['islink'] = $field['field_link']; + $profile[$fieldName]['islink'] = $field->field_link; // If the field is set to be a link add a value for that as well - if ($field['field_link']) { + if ($field->field_link) { $profile[$fieldName]['link'] = str_replace( '{{ VAL }}', $profileValues[$fieldName], - $field['field_linkformat'] + $field->field_linkformat ); } // Check if we have additional options as well - if ($field['field_additional'] != null) { + if ($field->field_additional != null) { // Decode the json of the additional stuff - $additional = json_decode($field['field_additional'], true); + $additional = json_decode($field->field_additional, true); // Go over all additional forms foreach ($additional as $subName => $subField) { @@ -896,23 +874,14 @@ class User // Create array and get values $options = []; - $optionFields = DBv2::prepare('SELECT * FROM `{prefix}optionfields`'); - $optionFields->execute(); - $optionFields = $optionFields->fetchAll(\PDO::FETCH_ASSOC); + $optionFields = DB::table('optionfields') + ->get(); - $optionValuesRaw = DBv2::prepare('SELECT * FROM `{prefix}user_optionfields` WHERE `user_id` = :user'); - $optionValuesRaw->execute([ - 'user' => $this->id, - ]); - $optionValuesRaw = $optionValuesRaw->fetchAll(\PDO::FETCH_ASSOC); + $optionValuesRaw = DB::table('user_optionfields') + ->where('user_id', $this->id) + ->get(); - $optionValueKeys = array_map(function ($a) { - return $a['field_name']; - }, $optionValuesRaw); - $optionValueVals = array_map(function ($a) { - return $a['field_value']; - }, $optionValuesRaw); - $optionValues = array_combine($optionValueKeys, $optionValueVals); + $optionValues = array_column($optionValuesRaw, 'field_value', 'field_name'); // Check if anything was returned if (!$optionFields || !$optionValues) { @@ -922,17 +891,17 @@ class User // Check if option fields aren't fake foreach ($optionFields as $field) { // Check if the user has the current field set otherwise continue - if (!array_key_exists($field['option_id'], $optionValues)) { + if (!array_key_exists($field->option_id, $optionValues)) { continue; } // Make sure the user has the proper permissions to use this option - if (!$this->permission(constant('Sakura\Perms\Site::' . $field['option_permission']))) { + if (!$this->permission(constant('Sakura\Perms\Site::' . $field->option_permission))) { continue; } // Assign field to output with value - $options[$field['option_id']] = $optionValues[$field['option_id']]; + $options[$field->option_id] = $optionValues[$field->option_id]; } // Assign cache @@ -956,17 +925,17 @@ class User } // Attempt to retrieve the premium record from the database - $getRecord = DBv2::prepare('SELECT * FROM `{prefix}premium` WHERE `user_id` = :user'); - $getRecord->execute([ - 'user' => $this->id, - ]); - $getRecord = $getRecord->fetch(); + $getRecord = DB::table('premium') + ->where('user_id', $this->id) + ->get(); // If nothing was returned just return false if (empty($getRecord)) { return [0]; } + $getRecord[0] = $getRecord; + // Check if the Tenshi hasn't expired if ($getRecord->premium_expire < time()) { return [0, $getRecord->premium_start, $getRecord->premium_expire]; @@ -984,11 +953,9 @@ class User public function getWarnings() { // Do the database query - $getWarnings = DBv2::prepare('SELECT * FROM `{prefix}warnings` WHERE `user_id` = :user'); - $getWarnings->execute([ - 'user' => $this->id, - ]); - $getWarnings = $getWarnings->fetchAll(\PDO::FETCH_ASSOC); + $getWarnings = DB::table('warnings') + ->where('user_id', $this->id) + ->get(); // Storage array $warnings = []; @@ -996,39 +963,38 @@ class User // Add special stuff foreach ($getWarnings as $warning) { // Check if it hasn't expired - if ($warning['warning_expires'] < time()) { - DBv2::prepare('DELETE FROM `{prefix}warnings` WHERE `warning_id` = :warn') - ->execute([ - 'warn' => $warning['warning_id'], - ]); + if ($warning->warning_expires < time()) { + DB::table('warnings') + ->where('warning_id', $warning['warning_id']) + ->delete(); continue; } // Text action - switch ($warning['warning_action']) { + switch ($warning->warning_action) { default: case '0': - $warning['warning_action_text'] = 'Warning'; + $warning->warning_action_text = 'Warning'; break; case '1': - $warning['warning_action_text'] = 'Silence'; + $warning->warning_action_text = 'Silence'; break; case '2': - $warning['warning_action_text'] = 'Restriction'; + $warning->warning_action_text = 'Restriction'; break; case '3': - $warning['warning_action_text'] = 'Ban'; + $warning->warning_action_text = 'Ban'; break; case '4': - $warning['warning_action_text'] = 'Abyss'; + $warning->warning_action_text = 'Abyss'; break; } // Text expiration - $warning['warning_length'] = round(($warning['warning_expires'] - $warning['warning_issued']) / 60); + $warning->warning_length = round(($warning->warning_expires - $warning->warning_issued) / 60); // Add to array - $warnings[$warning['warning_id']] = $warning; + $warnings[$warning->warning_id] = $warning; } // Return all the warnings @@ -1062,14 +1028,10 @@ class User */ public function getUsernameHistory() { - // Do the database query - $changes = DBv2::prepare('SELECT * FROM `{prefix}username_history` WHERE `user_id` = :user ORDER BY `change_id` DESC'); - $changes->execute([ - 'user' => $this->id, - ]); - - // Return all the changes - return $changes->fetchAll(\PDO::FETCH_ASSOC); + return DB::table('username_history') + ->where('user_id', $this->id) + ->orderBy('change_id', 'desc') + ->get(); } /** @@ -1095,48 +1057,45 @@ class User } // Check if this username hasn't been used in the last amount of days set in the config - $getOld = DBv2::prepare('SELECT * FROM `{prefix}username_history` WHERE `username_old_clean` = :clean AND `change_time` > :time ORDER BY `change_id` DESC'); - $getOld->execute([ - 'clean' => $username_clean, - 'time' => (Config::get('old_username_reserve') * 24 * 60 * 60), - ]); - $getOld = $getOld->fetch(); + $getOld = DB::table('username_history') + ->where('username_old_clean', $username_clean) + ->where('change_time', '>', (Config::get('old_username_reserve') * 24 * 60 * 60)) + ->orderBy('change_id', 'desc') + ->get(); // Check if anything was returned - if ($getOld && $getOld->user_id != $this->id) { - return [0, 'TOO_RECENT', $getOld['change_time']]; + if ($getOld && $getOld[0]->user_id != $this->id) { + return [0, 'TOO_RECENT', $getOld[0]['change_time']]; } // Check if the username is already in use - $getInUse = DBv2::prepare('SELECT * FROM `{prefix}users` WHERE `username_clean` = :clean'); - $getInUse->execute([ - 'clean' => $username_clean, - ]); - $getInUse = $getInUse->fetch(); + $getInUse = DB::table('users') + ->where('username_clean', $username_clean) + ->get(); // Check if anything was returned if ($getInUse) { - return [0, 'IN_USE', $getInUse->user_id]; + return [0, 'IN_USE', $getInUse[0]->user_id]; } // Insert into username_history table - DBv2::prepare('INSERT INTO `{prefix}username_history` (`change_time`, `user_id`, `username_new`, `username_new_clean`, `username_old`, `username_old_clean`) VALUES (:time, :user, :new, :new_clean, :old, :old_clean)') - ->execute([ - 'time' => time(), - 'user' => $this->id, - 'new' => $username, - 'new_clean' => $username_clean, - 'old' => $this->username, - 'old_clean' => $this->usernameClean, - ]); + DB::table('username_history') + ->insert([ + 'change_time' => time(), + 'user_id' => $this->id, + 'username_new_clean' => $username, + 'new_clean' => $username_clean, + 'username_old' => $this->username, + 'username_old_clean' => $this->usernameClean, + ]); // Update userrow - DBv2::prepare('UPDATE `{prefix}users` SET `username` = :username, `username_clean` = :clean WHERE `user_id` = :id') - ->execute([ - 'username' => $username, - 'clean' => $username_clean, - 'id' => $this->id, - ]); + DB::table('users') + ->where('user_id', $this->id) + ->update([ + 'username' => $username, + 'username_clean' => $username_clean, + ]); // Return success return [1, 'SUCCESS', $username]; @@ -1157,23 +1116,21 @@ class User } // Check if the username is already in use - $getInUse = DBv2::prepare('SELECT * FROM `{prefix}users` WHERE `email` = :email'); - $getInUse->execute([ - 'email' => $email, - ]); - $getInUse = $getInUse->fetch(); + $getInUse = DB::table('users') + ->where('email', $email) + ->get(); // Check if anything was returned if ($getInUse) { - return [0, 'IN_USE', $getInUse->user_id]; + return [0, 'IN_USE', $getInUse[0]->user_id]; } // Update userrow - DBv2::prepare('UPDATE `{prefix}users` SET `email` = :email WHERE `user_id` = :id') - ->execute([ - 'email' => $email, - 'id' => $this->id, - ]); + DB::table('users') + ->where('user_id', $this->id) + ->update([ + 'email' => $email, + ]); // Return success return [1, 'SUCCESS', $email]; @@ -1223,15 +1180,15 @@ class User $password = Hashing::createHash($new); // Update userrow - DBv2::prepare('UPDATE `{prefix}users` SET `password_hash` = :hash, `password_salt` = :salt, `password_algo` = :algo, `password_iter` = :iter, `password_chan` = :chan WHERE `user_id` = :id') - ->execute([ - 'hash' => $password[3], - 'salt' => $password[2], - 'algo' => $password[0], - 'iter' => $password[1], - 'chan' => time(), - 'id' => $this->id, - ]); + DB::table('users') + ->where('user_id', $this->id) + ->update([ + 'password_hash' => $password[3], + 'password_salt' => $password[2], + 'password_algo' => $password[0], + 'password_iter' => $password[1], + 'password_chan' => time(), + ]); // Return success return [1, 'SUCCESS']; diff --git a/libraries/Users.php b/libraries/Users.php index e5027c6..7366da3 100644 --- a/libraries/Users.php +++ b/libraries/Users.php @@ -85,11 +85,11 @@ class Users } // Update last online - DBv2::prepare('UPDATE `{prefix}users` SET `user_last_online` = :lo WHERE `user_id` = :id') - ->execute([ - 'lo' => time(), - 'id' => $uid, - ]); + DB::table('users') + ->where('user_id', $uid) + ->update([ + 'user_last_online' => time(), + ]); // Update the premium meta self::updatePremiumMeta($uid); @@ -118,20 +118,17 @@ class Users $emailClean = Utils::cleanString($email, true); // Do database request - $user = DBv2::prepare('SELECT * FROM `{prefix}users` WHERE `username_clean` = :clean AND `email` = :email'); - $user->execute([ - 'clean' => $usernameClean, - 'email' => $emailClean, - ]); - $user = $user->fetch(\PDO::FETCH_ASSOC); + $user = DB::table('users') + ->where('username_clean', $usernameClean) + ->where(':email', $emailClean) + ->get(['user_id']); // Check if user exists - if (count($user) < 2) { + if (count($user) < 1) { return [0, 'USER_NOT_EXIST']; } - // Create user object - $userObj = User::construct($user['user_id']); + $userObj = User::construct($user[0]->user_id); // Check if the user has the required privs to log in if ($userObj->permission(Site::DEACTIVATED)) { @@ -201,15 +198,15 @@ class Users $password = Hashing::createHash($newpass); // Update the user - DBv2::prepare('UPDATE `{prefix}users` SET `password_hash` = :hash, `password_salt` = :salt, `password_algo` = :algo, `password_iter` = :iter, `password_chan` = :chan WHERE `user_id` = :id') - ->execute([ - 'hash' => $password[3], - 'salt' => $password[2], - 'algo' => $password[0], - 'iter' => $password[1], - 'chan' => time(), - 'id' => $uid, - ]); + DB::table('users') + ->where('user_id', $uid) + ->update([ + 'password_hash' => $password[3], + 'password_salt' => $password[2], + 'password_algo' => $password[0], + 'password_iter' => $password[1], + 'password_chan' => time(), + ]); // Return success return [1, 'SUCCESS']; @@ -235,19 +232,17 @@ class Users $emailClean = Utils::cleanString($email, true); // Do database request - $user = DBv2::prepare('SELECT * FROM `{prefix}users` WHERE `username_clean` = :clean AND `email` = :email'); - $user->execute([ - 'clean' => $usernameClean, - 'email' => $emailClean, - ]); - $user = $user->fetch(\PDO::FETCH_ASSOC); + $user = DB::table('users') + ->where('username_clean', $usernameClean) + ->where(':email', $emailClean) + ->get(['user_id']); // Check if user exists - if (count($user) < 2) { + if (count($user) < 1) { return [0, 'USER_NOT_EXIST']; } - $userObj = User::construct($user['user_id']); + $userObj = User::construct($user[0]->user_id); // Check if a user is activated if (!$userObj->permission(Site::DEACTIVATED)) { @@ -255,7 +250,7 @@ class Users } // Send activation e-mail - self::sendActivationMail($user['user_id']); + self::sendActivationMail($userObj->id); // Return success return [1, 'SUCCESS']; @@ -365,9 +360,8 @@ class Users public static function getProfileFields() { // Get profile fields - $profileFields = DBv2::prepare('SELECT * FROM `{prefix}profilefields`'); - $profileFields->execute(); - $profileFields = $profileFields->fetchAll(\PDO::FETCH_ASSOC); + $profileFields = DB::table('profilefields') + ->get(); // If there's nothing just return null if (!count($profileFields)) { @@ -379,6 +373,7 @@ class Users // Iterate over the fields and clean them up foreach ($profileFields as $field) { + $field = get_object_vars($field); $fields[$field['field_id']] = $field; $fields[$field['field_id']]['field_identity'] = Utils::cleanString($field['field_name'], true, true); $fields[$field['field_id']]['field_additional'] = json_decode($field['field_additional'], true); @@ -396,9 +391,8 @@ class Users public static function getOptionFields() { // Get option fields - $optionFields = DBv2::prepare('SELECT * FROM `{prefix}optionfields`'); - $optionFields->execute(); - $optionFields = $optionFields->fetchAll(\PDO::FETCH_ASSOC); + $optionFields = DB::table('optionfields') + ->get(); // If there's nothing just return null if (!count($optionFields)) { @@ -412,6 +406,8 @@ class Users // Iterate over the fields and clean them up foreach ($optionFields as $field) { + $field = get_object_vars($field); + if (!$user->permission(constant('Sakura\Perms\Site::' . $field['option_permission']))) { continue; } @@ -436,11 +432,9 @@ class Users $return = []; // Get all online users in the past 5 minutes - $getAll = DBv2::prepare('SELECT * FROM `{prefix}users` WHERE `user_last_online` > :lo'); - $getAll->execute([ - 'lo' => $time, - ]); - $getAll = $getAll->fetchAll(); + $getAll = DB::table('users') + ->where('user_last_online', '>', $time) + ->get(); foreach ($getAll as $user) { $return[] = User::construct($user->user_id); @@ -461,11 +455,9 @@ class Users public static function addUserPremium($id, $seconds) { // Check if there's already a record of premium for this user in the database - $getUser = DBv2::prepare('SELECT * FROM `{prefix}premium` WHERE `user_id` = :user'); - $getUser->execute([ - 'user' => $id, - ]); - $getUser = $getUser->fetch(\PDO::FETCH_ASSOC); + $getUser = DB::table('premium') + ->where('user_id', $id) + ->count(); // Calculate the (new) start and expiration timestamp $start = isset($getUser['premium_start']) ? $getUser['premium_start'] : time(); @@ -473,18 +465,16 @@ class Users // If the user already exists do an update call, otherwise an insert call if (empty($getUser)) { - DBv2::prepare('INSERT INTO `{prefix}premium` (`user_id`, `premium_start`, `premium_expire`) VALUES (:user, :start, :expire)') - ->execute([ - 'user' => $id, - 'start' => $start, - 'expire' => $expire, - ]); + DB::table('premium') + ->insert([ + 'user_id' => $id, + 'premium_start' => $start, + 'premium_expire' => $expire, + ]); } else { - DBv2::prepare('UPDATE `{prefix}premium` SET `premium_expire` = :expire WHERE `user_id` = :id') - ->execute([ - 'expire' => $expire, - 'user_id' => $id, - ]); + DB::table('premium') + ->where('user_id', $id) + ->update('premium_expire', $expire); } // Return the expiration timestamp @@ -519,10 +509,9 @@ class Users } } elseif (!$check[0]) { // Remove the expired entry - DBv2::prepare('DELETE FROM `{prefix}premium` WHERE `user_id` = :user') - ->execute([ - 'user' => $user->id, - ]); + DB::table('premium') + ->where('user_id', $user->id) + ->delete(); // Else remove the rank from them $user->removeRanks([$premiumRank]); @@ -547,25 +536,23 @@ class Users $read = $excludeRead ? '0' : '%'; // Get notifications for the database - $notifications = DBv2::prepare('SELECT * FROM `{prefix}notifications` WHERE `user_id` = :user AND `alert_timestamp` > :time AND `alert_read` = :read'); - $notifications->execute([ - 'user' => $uid, - 'time' => $time, - 'read' => $read, - ]); - $notifications = $notifications->fetchAll(\PDO::FETCH_ASSOC); + $alerts = DB::table('notifications') + ->where('user_id', $uid) + ->where('alert_timestamp', '>', $time) + ->where('alert_read', $read) + ->get(); // Mark the notifications as read if ($markRead) { // Iterate over all entries - foreach ($notifications as $notification) { + foreach ($alerts as $alert) { // If the notifcation is already read skip - if ($notification['alert_read']) { + if ($alert->alert_read) { continue; } // Mark them as read - self::markNotificationRead($notification['alert_id']); + self::markNotificationRead($notification->alert_id); } } @@ -582,11 +569,11 @@ class Users public static function markNotificationRead($id, $mode = true) { // Execute an update statement - DBv2::prepare('UPDATE `{prefix}notifications` SET `alert_read` = :read WHERE `alert_id` = :id') - ->execute([ - 'read' => ($mode ? 1 : 0), - 'id' => $id, - ]); + DB::table('notifications') + ->where('alert_id', $id) + ->update([ + 'alert_read' => ($mode ? 1 : 0), + ]); } /** @@ -603,18 +590,18 @@ class Users public static function createNotification($user, $title, $text, $timeout = 60000, $img = 'FONT:fa-info-circle', $link = '', $sound = 0) { // Insert it into the database - DBv2::prepare('INSERT INTO `{prefix}notifications` (`user_id`, `alert_timestamp`, `alert_read`, `alert_sound`, `alert_title`, `alert_text`, `alert_link`, `alert_img`, `alert_timeout`) VALUES (:user, :time, :read, :sound, :title, :text, :link, :img, :timeout)') - ->execute([ - 'user' => $user, - 'time' => time(), - 'read' => 0, - 'sound' => ($sound ? 1 : 0), - 'title' => $title, - 'text' => $text, - 'link' => $link, - 'img' => $img, - 'timeout' => $timeout, - ]); + DB::table('notifications') + ->insert([ + 'user_id' => $user, + 'alert_timestamp' => time(), + 'alert_read' => 0, + 'alert_sound' => ($sound ? 1 : 0), + 'alert_title' => $title, + 'alert_text' => $text, + 'alert_link' => $link, + 'alert_img' => $img, + 'alert_timeout' => $timeout, + ]); } /** @@ -624,12 +611,12 @@ class Users */ public static function getNewestUserId() { - $get = DBv2::prepare('SELECT `user_id` FROM `{prefix}users` WHERE `rank_main` != :restricted ORDER BY `user_id` DESC LIMIT 1'); - $get->execute([ - 'restricted' => Config::get('restricted_rank_id'), - ]); - $get = $get->fetch(); + $get = DB::table('users') + ->where('rank_main', '!=', Config::get('restricted_rank_id')) + ->orderBy('user_id', 'desc') + ->limit(1) + ->get(['user_id']); - return $get ? $get->user_id : 0; + return $get ? $get[0]->user_id : 0; } } diff --git a/libraries/Utils.php b/libraries/Utils.php index 1ddd287..e8a74e2 100644 --- a/libraries/Utils.php +++ b/libraries/Utils.php @@ -49,7 +49,7 @@ class Utils default: $error = 'Unknown error type [' . $errno . ']: ' . $errstr . ' on line ' . $errline - . ' in ' . $errfile; + . ' in ' . $errfile; } // Truncate all previous outputs @@ -361,9 +361,9 @@ class Utils $data = []; // Get database stuff - $table = DBv2::prepare('SELECT * FROM `{prefix}premium_log` ORDER BY `transaction_id` DESC'); - $table->execute(); - $table = $table->fetchAll(\PDO::FETCH_ASSOC); + $table = DB::table('premium_log') + ->orderBy('transaction_id', 'desc') + ->get(); // Add raw table data to data array $data['table'] = $table; @@ -371,17 +371,17 @@ class Utils // Create balance entry $data['balance'] = 0.0; - // Create users entry + // users $data['users'] = []; // Calculate the thing foreach ($table as $row) { // Calculate balance - $data['balance'] = $data['balance'] + $row['transaction_amount']; + $data['balance'] = $data['balance'] + $row->transaction_amount; // Add userdata to table - if (!array_key_exists($row['user_id'], $data['users'])) { - $data['users'][$row['user_id']] = User::construct($row['user_id']); + if (!array_key_exists($row->user_id, $data['users'])) { + $data['users'][$row->user_id] = User::construct($row->user_id); } } @@ -398,13 +398,13 @@ class Utils */ public static function updatePremiumTracker($id, $amount, $comment) { - DBv2::prepare('INSERT INTO `{prefix}premium_log` (`user_id`, `transaction_amount`, `transaction_date`, `transaction_comment`) VALUES (:user, :amount, :date, :comment)') - ->execute([ - 'user' => $id, - 'amount' => $amount, - 'date' => time(), - 'comment' => $comment, - ]); + DB::table('premium_log') + ->insert([ + 'user_id' => $id, + 'transaction_amount' => $amount, + 'transaction_date' => time(), + 'transaction_comment' => $comment, + ]); } /** @@ -427,7 +427,7 @@ class Utils $code = str_replace('
', '', $code); $code = str_replace('
', '', $code); $code = str_replace('<', '<', $code); - $newStr .= ''.$code.''; + $newStr .= '' . $code . ''; $newStr .= $parts2[1]; } else { $newStr .= $p; @@ -436,7 +436,7 @@ class Utils } else { $newStr = $text; } - + return $newStr; } } diff --git a/public/posting.php b/public/posting.php index 934e1b3..b89032b 100644 --- a/public/posting.php +++ b/public/posting.php @@ -67,12 +67,12 @@ if (!isset($thread) && !$forum->permission(ForumPerms::CREATE_THREADS, $currentU $mode = isset($_GET['f']) ? 'f' : (isset($_GET['t']) ? 't' : (isset($_GET['p']) ? 'p' : null)); -$emotes = DBv2::prepare('SELECT * FROM `{prefix}emoticons`'); -$emotes->execute(); +$emotes = DB::table('emoticons') + ->get(); // Include emotes and bbcodes $posting = [ - 'emoticons' => $emotes->fetchAll(), + 'emoticons' => $emotes, ]; // Check if we're in reply mode @@ -201,20 +201,18 @@ if ($mode != 'f') { // Post deletion code if (isset($_POST['yes'])) { // Delete the post - DBv2::prepare('DELETE FROM `{prefix}posts` WHERE `post_id` = :post') - ->execute([ - 'post' => $_POST['post_id'], - ]); + DB::table('posts') + ->where('post_id', $_POST['post_id']) + ->delete(); // Reload the topic $thread = new Forum\Thread($topicId); // If there's no more posts left in the topic delete it as well if (!$thread->replyCount()) { - DBv2::prepare('DELETE FROM `{prefix}topics` WHERE `topic_id` = :thread') - ->execute([ - 'thread' => $thread->id, - ]); + DB::table('topics') + ->where('topic_id', $thread->id) + ->delete(); } // Add page specific things diff --git a/public/settings.php b/public/settings.php index 87211aa..dceed1f 100644 --- a/public/settings.php +++ b/public/settings.php @@ -451,14 +451,14 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification // Assign the correct column and title to a variable switch ($mode) { case 'background': - $stmt = 'UPDATE `{prefix}users` SET `user_background` = :img WHERE `user_id` = :user'; + $column = 'user_background'; $msgTitle = 'Background'; $current = $currentUser->background; $permission = $currentUser->permission(Site::CHANGE_BACKGROUND); break; case 'header': - $stmt = 'UPDATE `{prefix}users` SET `user_header` = :img WHERE `user_id` = :user'; + $column = 'user_header'; $msgTitle = 'Header'; $current = $currentUser->header; $permission = $currentUser->permission(Site::CHANGE_HEADER); @@ -466,7 +466,7 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification case 'avatar': default: - $stmt = 'UPDATE `{prefix}users` SET `user_avatar` = :img WHERE `user_id` = :user'; + $column = 'user_avatar'; $msgTitle = 'Avatar'; $current = $currentUser->avatar; $permission = $currentUser->permission(Site::CHANGE_AVATAR); @@ -617,11 +617,11 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification } // Update table - DBv2::prepare($stmt) - ->execute([ - 'img' => $fileId, - 'user' => $currentUser->id, - ]); + DB::table('users') + ->where('user_id', $currentUser->id) + ->update([ + $column => $fileId, + ]); // Set render data $renderData['page'] = [ @@ -636,21 +636,21 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification // Get profile fields and create storage var $fields = Users::getProfileFields(); + // Delete all profile fields + DB::table('user_profilefields') + ->where('user_id', $currentUser->id) + ->delete(); + // Go over each field foreach ($fields as $field) { // Add to the store array if (isset($_POST['profile_' . $field['field_identity']]) && !empty($_POST['profile_' . $field['field_identity']])) { - DBv2::prepare('DELETE FROM `{prefix}user_profilefields` WHERE `user_id` = :user AND `field_name` = :id') - ->execute([ - 'user' => $currentUser->id, - 'id' => $field['field_identity'], - ]); - DBv2::prepare('INSERT INTO `{prefix}user_profilefields` (`user_id`, `field_name`, `field_value`) VALUES (:user, :name, :value)') - ->execute([ - 'user' => $currentUser->id, - 'name' => $field['field_identity'], - 'value' => $_POST['profile_' . $field['field_identity']], - ]); + DB::table('user_profilefields') + ->insert([ + 'user_id' => $currentUser->id, + 'field_name' => $field['field_identity'], + 'field_value' => $_POST['profile_' . $field['field_identity']], + ]); } // Check if there's additional values we should keep in mind @@ -659,17 +659,12 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification foreach ($field['field_additional'] as $addKey => $addVal) { // Add to the array $store = (isset($_POST['profile_additional_' . $addKey]) || !empty($_POST['profile_additional_' . $addKey])) ? $_POST['profile_additional_' . $addKey] : false; - DBv2::prepare('DELETE FROM `{prefix}user_profilefields` WHERE `user_id` = :user AND `field_name` = :id') - ->execute([ - 'user' => $currentUser->id, - 'id' => $addKey, - ]); - DBv2::prepare('INSERT INTO `{prefix}user_profilefields` (`user_id`, `field_name`, `field_value`) VALUES (:user, :name, :value)') - ->execute([ - 'user' => $currentUser->id, - 'name' => $addKey, - 'value' => $store, - ]); + DB::table('user_profilefields') + ->insert([ + 'user_id' => $currentUser->id, + 'field_name' => $addKey, + 'field_value' => $store, + ]); } } } @@ -731,11 +726,11 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification [$_POST['birthday_year'], $_POST['birthday_month'], $_POST['birthday_day']] ); - DBv2::prepare('UPDATE `{prefix}users` SET `user_birthday` = :bd WHERE `user_id` = :id') - ->execute([ - 'bd' => $birthdate, - 'id' => $currentUser->id, - ]); + DB::table('users') + ->where('user_id', $currentUser->id) + ->update([ + 'user_birthday' => $birthdate, + ]); } break; @@ -744,27 +739,26 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification // Get profile fields and create storage var $fields = Users::getOptionFields(); + // Delete all option fields for this user + DB::table('user_optionfields') + ->where('user_id', $currentUser->id) + ->delete(); + // Go over each field foreach ($fields as $field) { - DBv2::prepare('DELETE FROM `{prefix}user_optionfields` WHERE `user_id` = :user AND `field_name` = :id') - ->execute([ - 'user' => $currentUser->id, - 'id' => $field['option_id'], - ]); - // Make sure the user has sufficient permissions to complete this action if (!$currentUser->permission(constant('Sakura\Perms\Site::' . $field['option_permission']))) { continue; } if (isset($_POST['option_' . $field['option_id']]) - && !empty($_POST['option_' . $field['option_id']])) { - DBv2::prepare('INSERT INTO `{prefix}user_optionfields` (`user_id`, `field_name`, `field_value`) VALUES (:user, :name, :value)') - ->execute([ - 'user' => $currentUser->id, - 'name' => $field['option_id'], - 'value' => $_POST['option_' . $field['option_id']], - ]); + && !empty($_POST['option_' . $field['option_id']])) { + DB::table('user_optionfields') + ->insert([ + 'user_id' => $currentUser->id, + 'field_name' => $field['option_id'], + 'field_value' => $_POST['option_' . $field['option_id']], + ]); } } @@ -801,11 +795,11 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification } // Update database - DBv2::prepare('UPDATE `{prefix}users` SET `user_title` = :title WHERE `user_id` = :id') - ->execute([ - 'title' => (isset($_POST['usertitle']) ? $_POST['usertitle'] : null), - 'id' => $currentUser->id, - ]); + DB::table('users') + ->where('user_id', $currentUser->id) + ->update([ + 'user_title' => (isset($_POST['usertitle']) ? $_POST['usertitle'] : null), + ]); // Set render data $renderData['page'] = [ @@ -938,11 +932,11 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification } // Update database - DBv2::prepare('UPDATE `{prefix}users` SET `user_page` = :up WHERE `user_id` = :id') - ->execute([ - 'up' => $_POST['userpage'], - 'id' => $currentUser->id, - ]); + DB::table('users') + ->where('user_id', $currentUser->id) + ->update([ + 'user_page' => $_POST['userpage'], + ]); // Set render data $renderData['page'] = [ @@ -964,11 +958,11 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification } // Update database - DBv2::prepare('UPDATE `{prefix}users` SET `user_signature` = :us WHERE `user_id` = :id') - ->execute([ - 'us' => $_POST['signature'], - 'id' => $currentUser->id, - ]); + DB::table('users') + ->where('user_id', $currentUser->id) + ->update([ + 'user_signature' => $_POST['signature'], + ]); // Set render data $renderData['page'] = [ @@ -1049,10 +1043,9 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification // Check if sessionid is set to all if ($_POST['sessionid'] === 'all') { // Delete all sessions assigned to the current user - DBv2::prepare('DELETE FROM `{prefix}sessions` WHERE `user_id` = :user') - ->execute([ - 'user' => $currentUser->id, - ]); + DB::table('sessions') + ->where('user_id', $currentUser->id) + ->delete(); // Set render data $renderData['page'] = [ @@ -1064,12 +1057,11 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification } // Check if the session is owned by the current user - $us = DBv2::prepare('SELECT * FROM `{prefix}sessions` WHERE `user_id` = :user AND `session_id` = :key'); - $us->execute([ - 'user' => $currentUser->id, - 'key' => $_POST['sessionid'], - ]); - if (!$us->rowCount()) { + $us = DB::table('sessions') + ->where('user_id', $currentUser->id) + ->where('session_id', $_POST['sessionid']) + ->count(); + if (!$us) { $renderData['page'] = [ 'redirect' => $redirect, 'message' => 'The session you tried to kill doesn\'t exist.', @@ -1079,11 +1071,10 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification } // Delete the session - DBv2::prepare('DELETE FROM `{prefix}sessions` WHERE `user_id` = :user AND `session_id` = :session') - ->execute([ - 'user' => $currentUser->id, - 'session' => $_POST['sessionid'], - ]); + DB::table('sessions') + ->where('user_id', $currentUser->id) + ->where('session_id', $_POST['sessionid']) + ->delete(); // Set render data $renderData['page'] = [ @@ -1235,41 +1226,41 @@ if (Users::checkLogin()) { ], ]/*, 'messages' => [ - 'title' => 'Messages', - 'modes' => [ - 'inbox' => [ - 'title' => 'Inbox', - 'description' => [ - 'The list of messages you\'ve received.', - ], - 'access' => $currentUser->permission(Site::USE_MESSAGES), - 'menu' => true, - ], - 'sent' => [ - 'title' => 'Sent', - 'description' => [ - 'The list of messages you\'ve sent to other users.', - ], - 'access' => $currentUser->permission(Site::USE_MESSAGES), - 'menu' => true, - ], - 'compose' => [ - 'title' => 'Compose', - 'description' => [ - 'Write a new message.', - ], - 'access' => $currentUser->permission(Site::SEND_MESSAGES), - 'menu' => true, - ], - 'read' => [ - 'title' => 'Read', - 'description' => [ - 'Read a message.', - ], - 'access' => $currentUser->permission(Site::USE_MESSAGES), - 'menu' => false, - ], - ], + 'title' => 'Messages', + 'modes' => [ + 'inbox' => [ + 'title' => 'Inbox', + 'description' => [ + 'The list of messages you\'ve received.', + ], + 'access' => $currentUser->permission(Site::USE_MESSAGES), + 'menu' => true, + ], + 'sent' => [ + 'title' => 'Sent', + 'description' => [ + 'The list of messages you\'ve sent to other users.', + ], + 'access' => $currentUser->permission(Site::USE_MESSAGES), + 'menu' => true, + ], + 'compose' => [ + 'title' => 'Compose', + 'description' => [ + 'Write a new message.', + ], + 'access' => $currentUser->permission(Site::SEND_MESSAGES), + 'menu' => true, + ], + 'read' => [ + 'title' => 'Read', + 'description' => [ + 'Read a message.', + ], + 'access' => $currentUser->permission(Site::USE_MESSAGES), + 'menu' => false, + ], + ], ]*/, 'notifications' => [ 'title' => 'Notifications', @@ -1519,12 +1510,11 @@ if (Users::checkLogin()) { // Sessions case 'advanced.sessions': - $sessions = DBv2::prepare('SELECT * FROM `{prefix}sessions` WHERE `user_id` = :user'); - $sessions->execute([ - 'user' => $currentUser->id, - ]); + $sessions = DB::table('sessions') + ->where('user_id', $currentUser->id) + ->get(); - $renderData['sessions'] = $sessions->fetchAll(); + $renderData['sessions'] = $sessions; break; } diff --git a/routes.php b/routes.php index 2aa89c9..78182db 100644 --- a/routes.php +++ b/routes.php @@ -35,20 +35,20 @@ Router::group(['prefix' => 'news'], function () { Router::group(['prefix' => 'forum'], function () { // Thread Router::group(['prefix' => 'thread'], function () { - Router::get('/{id}', 'ForumController@thread', 'forums.thread'); - Router::post('/{id}/mod', 'ForumController@threadModerate', 'forums.thread.mod'); + Router::get('/{id:i}', 'ForumController@thread', 'forums.thread'); + Router::post('/{id:i}/mod', 'ForumController@threadModerate', 'forums.thread.mod'); }); // Forum Router::get('/', 'ForumController@index', 'forums.index'); - Router::get('/{id}', 'ForumController@forum', 'forums.forum'); - Router::get('/{id}/mark', 'ForumController@markForumRead', 'forums.mark'); + Router::get('/{id:i}', 'ForumController@forum', 'forums.forum'); + Router::get('/{id:i}/mark', 'ForumController@markForumRead', 'forums.mark'); }); // Members Router::group(['prefix' => 'members'], function () { Router::get('/', 'UserController@members', 'members.index'); - Router::get('/{rank}', 'UserController@members', 'members.rank'); + Router::get('/{rank:i}', 'UserController@members', 'members.rank'); }); // User diff --git a/sakura.php b/sakura.php index f113cd5..782649b 100644 --- a/sakura.php +++ b/sakura.php @@ -8,7 +8,7 @@ namespace Sakura; // Define Sakura version -define('SAKURA_VERSION', '20160311'); +define('SAKURA_VERSION', '20160313'); // Define Sakura Path define('ROOT', __DIR__ . '/'); @@ -65,15 +65,6 @@ Config::init(ROOT . 'config/config.ini'); // Change error reporting according to the dev configuration error_reporting(Config::local('dev', 'show_errors') ? -1 : 0); -// Make the database connection -DBv2::open( - Config::local('database', 'driver'), - Config::local('dsn'), - Config::local('database', 'username'), - Config::local('database', 'password'), - Config::local('database', 'prefix') -); - // Create a new database capsule $capsule = new \Illuminate\Database\Capsule\Manager; @@ -209,7 +200,9 @@ if (!defined('SAKURA_NO_TPL')) { } // Ban checking - if ($authCheck && !in_array($_SERVER['PHP_SELF'], [$urls->format('AUTH_ACTION', [], false)]) && $ban = Bans::checkBan($currentUser->id)) { + if ($authCheck + && !in_array($_SERVER['PHP_SELF'], [$urls->format('AUTH_ACTION', [], false)]) + && $ban = Bans::checkBan($currentUser->id)) { // Additional render data Template::vars([ 'ban' => [ diff --git a/templates/yuuno/forum/forumMod.twig b/templates/yuuno/forum/forumMod.twig index cdf074c..f5e0f2c 100644 --- a/templates/yuuno/forum/forumMod.twig +++ b/templates/yuuno/forum/forumMod.twig @@ -1,26 +1,18 @@
- {% if forumSticky %} - - {% elseif forumUnsticky %} - + {% if forumSticky is defined %} + {% endif %} - {% if forumAnnounce %} - - {% elseif forumUnannounce %} - + {% if forumAnnounce is defined %} + {% endif %} - {% if forumLock %} - - {% elseif forumUnlock %} - + {% if forumLock is defined %} + {% endif %} - {% if forumRestore %} + {% if forumRestore is defined %} {% endif %} - {% if forumTrash %} - - {% elseif forumPrune %} - + {% if forumTrash is defined or forumPrune is defined %} + {% endif %}
diff --git a/templates/yuuno/forum/viewtopic.twig b/templates/yuuno/forum/viewtopic.twig index 59b936a..f4b41dc 100644 --- a/templates/yuuno/forum/viewtopic.twig +++ b/templates/yuuno/forum/viewtopic.twig @@ -15,60 +15,35 @@ {% endif %} {% if forum.permission(constant('Sakura\\Perms\\Forum::STICKY'), user.id) %} - {% if thread.type == 1 %} - {% set forumUnsticky %}{{ urls.format('FORUM_STICKY', [thread.id, php.sessionid]) }}{% endset %} - {% else %} - {% set forumSticky %}{{ urls.format('FORUM_STICKY', [thread.id, php.sessionid]) }}{% endset %} - {% endif %} + {% set forumSticky = thread.type == 1 ? true : false %} {% endif %} {% if forum.permission(constant('Sakura\\Perms\\Forum::ANNOUNCEMENT'), user.id) %} - {% if thread.type == 2 %} - {% set forumUnannounce %}{{ urls.format('FORUM_ANNOUNCE', [thread.id, php.sessionid]) }}{% endset %} - {% else %} - {% set forumAnnounce %}{{ urls.format('FORUM_ANNOUNCE', [thread.id, php.sessionid]) }}{% endset %} - {% endif %} + {% set forumAnnounce = thread.type == 2 ? true : false %} {% endif %} {% if forum.permission(constant('Sakura\\Perms\\Forum::LOCK'), user.id) %} - {% if thread.status == 1 %} - {% set forumUnlock %}{{ urls.format('FORUM_LOCK', [thread.id, php.sessionid]) }}{% endset %} - {% else %} - {% set forumLock %}{{ urls.format('FORUM_LOCK', [thread.id, php.sessionid]) }}{% endset %} - {% endif %} + {% set forumLock = thread.status == 1 ? true : false %} {% endif %} {% if forum.permission(constant('Sakura\\Perms\\Forum::MOVE'), user.id) %} {% if thread.oldForum %} - {% set forumRestore %}{{ urls.format('FORUM_RESTORE', [thread.id, php.sessionid]) }}{% endset %} + {% set forumRestore = true %} {% endif %} + {% if thread.forum != sakura.trashForumId %} - {% set forumTrash %}{{ urls.format('FORUM_TRASH', [thread.id, php.sessionid]) }}{% endset %} + {% set forumTrash = true %} {% endif %} {% endif %} {% if forum.permission(constant('Sakura\\Perms\\Forum::DELETE_ANY'), user.id) %} {% if thread.forum == sakura.trashForumId %} - {% set forumPrune %}{{ urls.format('FORUM_PRUNE', [thread.id, php.sessionid]) }}{% endset %} + {% set forumPrune = true %} {% endif %} {% endif %} {% set posts = thread.posts|batch(10) %} -{% if get.p and not get.page %} - {% set num = 0 %} - - {% for k,v in thread.posts %} - {% if k < get.p %} - {% set num = num + 1 %} - {% endif %} - {% endfor %} - - {% set num = (num / 10)|round(0, 'floor') + 1 %} - - {% set get = get|merge({'page': num}) %} -{% endif %} - {% set paginationPages = posts %} {% set paginationUrl %}{{ route('forums.thread', thread.id) }}{% endset %} @@ -126,7 +101,7 @@ {{ post.subject|slice(0, 50) }}{% if post.subject|length > 50 %}...{% endif %}
- #{{ post.id }} - + #{{ post.id }} -
diff --git a/templates/yuuno/global/master.twig b/templates/yuuno/global/master.twig index 1b41497..29cb96f 100644 --- a/templates/yuuno/global/master.twig +++ b/templates/yuuno/global/master.twig @@ -51,7 +51,7 @@ "minUserLen": {{ sakura.minUsernameLength }}, "maxUserLen": {{ sakura.maxUsernameLength }}, "minPwdEntropy": {{ sakura.minPwdEntropy }}, - "checkLogin": {% if session.checkLogin %}true{% else %}false{% endif %} + "checkLogin": {{ session.checkLogin ? 'true' : 'false' }} }; // Set cookie prefix and path @@ -101,7 +101,7 @@ {% if sakura.lockAuth %}
{% else %} - + {% endif %} {% endif %} @@ -110,8 +110,8 @@
- {% if php.self == '/profile.php' ? profile.background : (user.permission(constant('Sakura\\Perms\\Site::CHANGE_BACKGROUND')) and user.optionFields.profileBackgroundSiteWide and user.background) %} -
+ {% if profile is defined ? profile.background : (user.permission(constant('Sakura\\Perms\\Site::CHANGE_BACKGROUND')) and user.optionFields.profileBackgroundSiteWide and user.background) %} +
{% endif %} {% if not session.checkLogin and sakura.currentPage != route('auth.login') %}
@@ -144,7 +144,7 @@ {% if user.permission(constant('Sakura\\Perms\\Site::RESTRICTED')) %}

Your account is currently in restricted mode!

-
A staff member has set your account to restricted mode most likely due to violation of the rules. While restricted you won't be able to use most public features of the site. If you think this is a mistake please get in touch with one of our staff members.
+
A staff member has set your account to restricted mode most likely due to violation of the rules. While restricted you won't be able to use most public features of the site. If you think this is a mistake please get in touch with one of our staff members.
{% endif %} diff --git a/templates/yuuno/main/profile.twig b/templates/yuuno/main/profile.twig index 7e102ae..15fd1e0 100644 --- a/templates/yuuno/main/profile.twig +++ b/templates/yuuno/main/profile.twig @@ -80,7 +80,7 @@
-

{{ profile.username }}

+

{{ profile.username }}

{% if profile.isPremium[0] %}Tenshi {% endif %}{{ profile.country }} {{ profile.title }}