diff --git a/libraries/Comment.php b/libraries/Comment.php
index 0a8ad3d..ba78797 100644
--- a/libraries/Comment.php
+++ b/libraries/Comment.php
@@ -89,8 +89,11 @@ class Comment
->where('vote_comment', $this->id)
->get();
+ $this->upvotes = 0;
+ $this->downvotes = 0;
+
foreach ($votes as $vote) {
- if ($vote->vote_state) {
+ if (intval($vote->vote_state) !== 0) {
$this->upvotes += 1;
} else {
$this->downvotes += 1;
@@ -129,8 +132,44 @@ class Comment
return User::construct($this->user);
}
- public function vote()
+ public function vote($user, $vote)
{
- // can't be fucked to implement this right now
+ $vote = $vote ? '1' : '0';
+
+ // Attempt to get previous vote
+ $previous = DB::table('comment_votes')
+ ->where('vote_user', $user)
+ ->where('vote_comment', $this->id)
+ ->get();
+
+ // Check if anything was returned
+ if ($previous) {
+ // Check if the vote that's being casted is the same
+ if ($previous[0]->vote_state == $vote) {
+ // Delete the vote
+ DB::table('comment_votes')
+ ->where('vote_user', $user)
+ ->where('vote_comment', $this->id)
+ ->delete();
+ } else {
+ // Otherwise update the vote
+ DB::table('comment_votes')
+ ->where('vote_user', $user)
+ ->where('vote_comment', $this->id)
+ ->update([
+ 'vote_state' => $vote,
+ ]);
+ }
+ } else {
+ // Create a vote
+ DB::table('comment_votes')
+ ->insert([
+ 'vote_user' => $user,
+ 'vote_comment' => $this->id,
+ 'vote_state' => $vote,
+ ]);
+ }
+
+ $this->getVotes();
}
}
diff --git a/libraries/Comments.php b/libraries/Comments.php
deleted file mode 100644
index a68f055..0000000
--- a/libraries/Comments.php
+++ /dev/null
@@ -1,248 +0,0 @@
-
- */
-class Comments
-{
- /**
- * The array containing the comments.
- *
- * @var array
- */
- public $comments = [];
-
- /**
- * The comment category.
- *
- * @var string
- */
- public $category;
-
- /**
- * The amount of comments.
- * @var int
- */
- public $count = 0;
-
- /**
- * Constructor.
- *
- * @param mixed $category The category that comments should be fetched from.
- */
- public function __construct($category)
- {
- // Set category
- $this->category = $category;
-
- // Get the comments and assign them to $comments
- $comments = DB::table('comments')
- ->where('comment_category', $this->category)
- ->where('comment_reply_to', 0)
- ->orderBy('comment_id', 'desc')
- ->get();
-
- // Feed them into the sorter
- $this->comments = $this->sortComments($comments);
- }
-
- /**
- * Sort the comments.
- *
- * @param array $comments Array containing comments.
- *
- * @return array Array containing the sorted comments.
- */
- public function sortComments($comments)
- {
- // Create storage array
- $layer = [];
-
- // Sort comments
- foreach ($comments as $comment) {
- // Temporary hackjob to get rid of the old database layer, will reimplement later
- $comment = get_object_vars($comment);
-
- // Attach the poster
- $comment['comment_poster'] = User::construct($comment['comment_poster']);
- $comment['comment_text'] = BBcode::parseEmoticons(Utils::cleanString($comment['comment_text']));
-
- // Get likes and dislikes
- $votes = $this->getVotes($comment['comment_id']);
- $comment['comment_likes'] = 0;
- $comment['comment_dislikes'] = 0;
-
- // Store amount in their respective variables
- foreach ($votes as $vote) {
- $vote = get_object_vars($vote);
- if ($vote['vote_state']) {
- $comment['comment_likes'] += 1;
- } else {
- $comment['comment_dislikes'] += 1;
- }
- }
-
- // Add post to posts array
- $layer[$comment['comment_id']] = $comment;
-
- // Up the comment count
- $this->count += 1;
-
- // Attempt to get replies from the database
- $replies = DB::table('comments')
- ->where('comment_category', $this->category)
- ->where('comment_reply_to', $comment['comment_id'])
- ->orderBy('comment_id', 'desc')
- ->get();
-
- // Check if this was a reply to something
- if ($replies) {
- // Save the replies
- $layer[$comment['comment_id']]['comment_replies'] = $this->sortComments($replies);
- }
- }
-
- return $layer;
- }
-
- /**
- * Get a single comment.
- *
- * @param int $cid ID of the comment.
- *
- * @return array The comment.
- */
- public function getComment($cid)
- {
- // Get from database
- $comment = DB::table('comments')
- ->where('comment_id', $cid)
- ->get();
-
- return $comment ? get_object_vars($comment[0]) : [];
- }
-
- /**
- * Get the votes for a comment.
- *
- * @param int $cid ID of the comment.
- *
- * @return array The votes.
- */
- public function getVotes($cid)
- {
- // Get from database
- $comment = DB::table('comment_votes')
- ->where('vote_comment', $cid)
- ->get();
-
- return $comment;
- }
-
- /**
- * Creating a new comment.
- *
- * @param int $uid ID of the user creating the comment.
- * @param int $reply ID of the comment that is being replied to.
- * @param string $content Contents of the comment.
- *
- * @return array Response identifier.
- */
- public function makeComment($uid, $reply, $content)
- {
- // Check if the comment is long enough
- if (strlen($content) < Config::get('comment_min_length')) {
- return [0, 'TOO_SHORT'];
- }
-
- // Check if the comment isn't too long
- if (strlen($content) > Config::get('comment_max_length')) {
- return [0, 'TOO_LONG'];
- }
-
- // Insert into database
- DB::table('comments')
- ->insert([
- 'comment_category' => $this->category,
- 'comment_timestamp' => time(),
- 'comment_poster' => (int) $uid,
- 'comment_reply_to' => (int) $reply,
- 'comment_text' => $content,
- ]);
-
- // Return success
- return [1, 'SUCCESS'];
- }
-
- /**
- * Making a vote.
- *
- * @param int $uid User making this vote.
- * @param int $cid ID of the comment that is being voted on.
- * @param int $mode Positive or negative vote.
- *
- * @return bool Always returns true.
- */
- public function makeVote($uid, $cid, $mode)
- {
- // Attempt to get previous vote
- $vote = DB::table('comment_votes')
- ->where('vote_user', $uid)
- ->where('vote_comment', $cid)
- ->get();
-
- // Check if anything was returned
- if ($vote) {
- // Check if the vote that's being casted is the same
- if ($vote[0]->vote_state == $mode) {
- // Delete the vote
- DB::table('comment_votes')
- ->where('vote_user', $uid)
- ->where('vote_comment', $cid)
- ->delete();
- } else {
- // Otherwise update the vote
- DB::table('comment_votes')
- ->where('vote_user', $uid)
- ->where('vote_comment', $cid)
- ->update([
- 'vote_state' => $mode,
- ]);
- }
- } else {
- // Create a vote
- DB::table('comment_votes')
- ->insert([
- 'vote_user' => $uid,
- 'vote_comment' => $cid,
- 'vote_state' => $mode,
- ]);
- }
-
- return true;
- }
-
- /**
- * Remove a comment
- *
- * @param int $cid ID of the comment to remove.
- */
- public function removeComment($cid)
- {
- // Remove from database
- DB::table('comments')
- ->where('comment_id', $cid)
- ->delete();
- }
-}
diff --git a/libraries/Controllers/CommentsController.php b/libraries/Controllers/CommentsController.php
index 5b53e3b..e1efc57 100644
--- a/libraries/Controllers/CommentsController.php
+++ b/libraries/Controllers/CommentsController.php
@@ -8,7 +8,8 @@
namespace Sakura\Controllers;
use Sakura\Comment;
-use Sakura\Template;
+use Sakura\Config;
+use Sakura\Perms\Site;
/**
* Handles comment stuff.
@@ -21,9 +22,14 @@ class CommentsController extends Controller
public function post($category = '', $reply = 0)
{
global $currentUser;
-
- // Set json content type
- header('Content-Type: application/json; charset=utf-8');
+
+ $session = $_POST['session'] ?? '';
+
+ // Check if the user can comment
+ if ($session !== session_id()) {
+ $error = "Your session expired, refresh the page!";
+ return $this->json(compact('error'));
+ }
// Check if the user can comment
if (!$currentUser->permission(Site::CREATE_COMMENTS)) {
@@ -32,25 +38,26 @@ class CommentsController extends Controller
}
// Checks
- $length = strlen($content);
+ $text = $_POST['text'] ?? '';
+ $length = strlen($text);
$tooShort = $length < Config::get('comment_min_length');
$tooLong = $length > Config::get('comment_max_length');
if ($tooShort || $tooLong) {
$fill = $tooShort ? "short" : "long";
$error = "Your comment is too {$fill}!";
-
+
return $this->json(compact('error'));
}
- $text = isset($_POST['text']) ? $_POST['text'] : '';
+ $text = $_POST['text'] ?? '';
$comment = new Comment;
$comment->category = $category;
$comment->time = time();
$comment->reply = (int) $reply;
- $comment->user = $currentUser->id;
+ $comment->user = (int) $currentUser->id;
$comment->text = $text;
$comment->save();
@@ -58,18 +65,60 @@ class CommentsController extends Controller
return $this->json($comment);
}
- public function edit($id = 0)
- {
- //
- }
-
public function delete($id = 0)
{
- //
+ global $currentUser;
+
+ // Check if the user can delete comments
+ if (!$currentUser->permission(Site::DELETE_COMMENTS)) {
+ $error = "You aren't allowed to delete comments!";
+ return $this->json(compact('error'));
+ }
+
+ $comment = new Comment($id);
+
+ if (!$comment->id) {
+ $error = "This comment doesn't exist!";
+ return $this->json(compact('error'));
+ }
+
+ if ($currentUser->id !== $comment->user) {
+ $error = "You aren't allowed to delete the comments of other people!";
+ return $this->json(compact('error'));
+ }
+
+ $deleted = $comment->id;
+
+ $comment->delete();
+
+ return $this->json(compact('deleted'));
}
public function vote($id = 0)
{
- //
+ global $currentUser;
+
+ $vote = $_REQUEST['vote'] ?? 0;
+ $vote = $vote != 0;
+
+ // Check if the user can delete comments
+ if (!$currentUser->permission(Site::VOTE_COMMENTS)) {
+ $error = "You aren't allowed to vote on comments!";
+ return $this->json(compact('error'));
+ }
+
+ $comment = new Comment($id);
+
+ if (!$comment->id) {
+ $error = "This comment doesn't exist!";
+ return $this->json(compact('error'));
+ }
+
+ $comment->vote($currentUser->id, $vote);
+
+ $upvotes = $comment->upvotes;
+ $downvotes = $comment->downvotes;
+
+ return $this->json(compact('upvotes', 'downvotes'));
}
}
diff --git a/libraries/Controllers/Controller.php b/libraries/Controllers/Controller.php
index a07c5fc..a0d9df0 100644
--- a/libraries/Controllers/Controller.php
+++ b/libraries/Controllers/Controller.php
@@ -15,8 +15,10 @@ namespace Sakura\Controllers;
*/
class Controller
{
- private function json($object)
+ public function json($object)
{
+ header('Content-Type: application/json; charset=utf-8');
+
return json_encode(
$object,
JSON_FORCE_OBJECT | JSON_NUMERIC_CHECK | JSON_BIGINT_AS_STRING
diff --git a/libraries/Controllers/FriendsController.php b/libraries/Controllers/FriendsController.php
new file mode 100644
index 0000000..3ce7a87
--- /dev/null
+++ b/libraries/Controllers/FriendsController.php
@@ -0,0 +1,139 @@
+
+ */
+class FriendsController extends Controller
+{
+ private function addNotification($friend, $user, $title, $text = "")
+ {
+ $alert = new Notification;
+
+ $alert->user = $friend->id;
+ $alert->time = time();
+ $alert->title = $title;
+ $alert->text = $text;
+ $alert->image = Router::route('file.avatar', $user->id);
+ $alert->timeout = 60000;
+ $alert->link = Router::route('user.profile', $user->id);
+
+ $alert->save();
+ }
+
+ public function add($id = 0)
+ {
+ global $currentUser;
+
+ $session = $_POST['session'] ?? '';
+
+ // Check if the user can comment
+ if ($session !== session_id()) {
+ $error = "Your session expired, refresh the page!";
+ return $this->json(compact('error'));
+ }
+
+ $friend = User::construct($id);
+
+ if ($friend->permission(Site::DEACTIVATED)
+ || $currentUser->permission(Site::DEACTIVATED)) {
+ $error = "The user you tried to add does not exist!";
+ return $this->json(compact('error'));
+ }
+
+ if ($friend->id === $currentUser->id) {
+ $error = "You can't be friends with yourself, stop trying to bend reality!";
+ return $this->json(compact('error'));
+ }
+
+ if ($currentUser->isFriends($friend->id)) {
+ $error = "You are already friends with this person!";
+ return $this->json(compact('error'));
+ }
+
+ // Add friend
+ $currentUser->addFriend($friend->id);
+
+ $level = $currentUser->isFriends($friend->id);
+
+ $mutual = $level === 2;
+
+ $alertTitle = $mutual
+ ? "{$currentUser->username} accepted your friend request!"
+ : "{$currentUser->username} added you as a friend!";
+
+ $alertText = $mutual
+ ? ""
+ : "Click here to add them as well.";
+
+ $this->addNotification(
+ $friend,
+ $currentUser,
+ $alertTitle,
+ $alertText
+ );
+
+ $message = $mutual
+ ? "You are now mutual friends with {$friend->username}!"
+ : "A friend request has been sent to {$friend->username}!";
+
+ return $this->json(compact('message', 'level'));
+ }
+
+ public function remove($id = 0)
+ {
+ global $currentUser;
+
+ $session = $_POST['session'] ?? '';
+
+ // Check if the user can comment
+ if ($session !== session_id()) {
+ $error = "Your session expired, refresh the page!";
+ return $this->json(compact('error'));
+ }
+
+ $friend = User::construct($id);
+
+ if ($friend->permission(Site::DEACTIVATED)
+ || $currentUser->permission(Site::DEACTIVATED)) {
+ $error = "The user you tried to remove does not exist!";
+ return $this->json(compact('error'));
+ }
+
+ if (!$currentUser->isFriends($friend->id)) {
+ $error = "You aren't even friends with that person!";
+ return $this->json(compact('error'));
+ }
+
+ // Add friend
+ $currentUser->removeFriend($friend->id);
+
+ $level = $currentUser->isFriends($friend->id);
+
+ $alertTitle = "{$currentUser->username} removed you from their friends!";
+
+ $this->addNotification(
+ $friend,
+ $currentUser,
+ $alertTitle
+ );
+
+ $message = "Removed {$friend->username} from your friends!";
+
+ return $this->json(compact('message', 'level'));
+ }
+}
diff --git a/libraries/Controllers/NotificationsController.php b/libraries/Controllers/NotificationsController.php
index 9da7c12..b018d8c 100644
--- a/libraries/Controllers/NotificationsController.php
+++ b/libraries/Controllers/NotificationsController.php
@@ -29,9 +29,6 @@ class NotificationsController extends Controller
// TODO: add friend on/offline messages
global $currentUser;
- // Set json content type
- header('Content-Type: application/json; charset=utf-8');
-
return $this->json($currentUser->notifications());
}
diff --git a/libraries/User.php b/libraries/User.php
index 773b5cd..4776982 100644
--- a/libraries/User.php
+++ b/libraries/User.php
@@ -546,24 +546,12 @@ class User
* Add a new friend.
*
* @param int $uid The ID of the friend.
- *
- * @return array Status indicator.
*/
public function addFriend($uid)
{
// Create the foreign object
$user = User::construct($uid);
- // Validate that the user exists
- if ($user->permission(Site::DEACTIVATED)) {
- return [0, 'USER_NOT_EXIST'];
- }
-
- // Check if the user already has this user a friend
- if ($this->isFriends($uid)) {
- return [0, 'ALREADY_FRIENDS'];
- }
-
// Add friend
DB::table('friends')
->insert([
@@ -571,9 +559,6 @@ class User
'friend_id' => $uid,
'friend_timestamp' => time(),
]);
-
- // Return true because yay
- return [1, $user->isFriends($this->id) ? 'FRIENDS' : 'NOT_MUTUAL'];
}
/**
@@ -581,19 +566,12 @@ class User
*
* @param int $uid The friend Id
* @param bool $deleteRequest Delete the open request as well (remove you from their friends list).
- *
- * @return array Status indicator.
*/
public function removeFriend($uid, $deleteRequest = false)
{
// Create the foreign object
$user = User::construct($uid);
- // Validate that the user exists
- if ($user->permission(Site::DEACTIVATED)) {
- return [0, 'USER_NOT_EXIST'];
- }
-
// Remove friend
DB::table('friends')
->where('user_id', $this->id)
@@ -607,9 +585,6 @@ class User
->where('friend_id', $this->id)
->delete();
}
-
- // Return true because yay
- return [1, 'REMOVED'];
}
/**
diff --git a/public/content/data/yuuno/js/yuuno.js b/public/content/data/yuuno/js/yuuno.js
index 9a65a2c..01e5228 100644
--- a/public/content/data/yuuno/js/yuuno.js
+++ b/public/content/data/yuuno/js/yuuno.js
@@ -367,91 +367,6 @@ function replaceTag(tag) {
function safeTagsReplace(str) {
return str.replace(/[&<>]/g, replaceTag);
}
-// Open a comment reply field
-function commentReply(id, session, category, action, avatar) {
- // Find subject post
- var replyingTo = document.getElementById('comment-' + id);
- // Check if it actually exists
- if ((typeof replyingTo).toLowerCase() === 'undefined') {
- return;
- }
- // Attempt to get previously created box
- var replyBox = document.getElementById('comment-reply-container-' + id);
- // Remove it if it already exists
- if (replyBox) {
- Sakura.removeById('comment-reply-container-' + id);
- return;
- }
- // Container
- var replyContainer = document.createElement('li');
- replyContainer.id = 'comment-reply-container-' + id;
- // Form
- var replyForm = document.createElement('form');
- replyForm.id = 'comment-reply-' + id;
- replyForm.action = action;
- replyForm.method = 'post';
- // Session
- var replyInput = document.createElement('input');
- replyInput.type = 'hidden';
- replyInput.name = 'session';
- replyInput.value = session;
- replyForm.appendChild(replyInput);
- // Category
- var replyInput = document.createElement('input');
- replyInput.type = 'hidden';
- replyInput.name = 'category';
- replyInput.value = category;
- replyForm.appendChild(replyInput);
- // Reply ID
- var replyInput = document.createElement('input');
- replyInput.type = 'hidden';
- replyInput.name = 'replyto';
- replyInput.value = id.toString();
- replyForm.appendChild(replyInput);
- // Mode
- var replyInput = document.createElement('input');
- replyInput.type = 'hidden';
- replyInput.name = 'mode';
- replyInput.value = 'comment';
- replyForm.appendChild(replyInput);
- // Comment container
- var replyDiv = document.createElement('div');
- replyDiv.className = 'comment';
- // Avatar
- var replyAvatar = document.createElement('div');
- replyAvatar.className = 'comment-avatar';
- replyAvatar.style.backgroundImage = 'url(' + avatar + ')';
- replyDiv.appendChild(replyAvatar);
- // Pointer
- var replyPoint = document.createElement('div');
- replyPoint.className = 'comment-pointer';
- replyDiv.appendChild(replyPoint);
- // Textarea
- var replyText = document.createElement('textarea');
- replyText.className = 'comment-content';
- replyText.name = 'comment';
- replyDiv.appendChild(replyText);
- // Submit
- var replySubmit = document.createElement('input');
- replySubmit.className = 'comment-submit';
- replySubmit.type = 'submit';
- replySubmit.name = 'submit';
- replySubmit.value = "\uf1d8";
- replyDiv.appendChild(replySubmit);
- // Append to form
- replyForm.appendChild(replyDiv);
- // Append form to container
- replyContainer.appendChild(replyForm);
- // Insert the HTML
- if (replyingTo.children[1].children.length > 0) {
- replyingTo.children[1].insertBefore(replyContainer, replyingTo.children[1].firstChild);
- }
- else {
- replyingTo.children[1].appendChild(replyContainer);
- }
- // Prepare AJAX submission
- prepareAjaxForm(replyForm.id, 'Replying...');
-}
// Inserting text into text box
// Borrowed from http://stackoverflow.com/questions/1064089/inserting-a-text-where-cursor-is-using-javascript-jquery (therefore not in Typescript format, fix this later)
function insertText(areaId, text) {
diff --git a/public/content/data/yuuno/js/yuuno.ts b/public/content/data/yuuno/js/yuuno.ts
index 9db6f31..1bc786f 100644
--- a/public/content/data/yuuno/js/yuuno.ts
+++ b/public/content/data/yuuno/js/yuuno.ts
@@ -451,109 +451,6 @@ function safeTagsReplace(str: string): string {
return str.replace(/[&<>]/g, replaceTag);
}
-// Open a comment reply field
-function commentReply(id: number, session: string, category: string, action: string, avatar: string): void {
- // Find subject post
- var replyingTo: HTMLElement = document.getElementById('comment-' + id);
-
- // Check if it actually exists
- if ((typeof replyingTo).toLowerCase() === 'undefined') {
- return;
- }
-
- // Attempt to get previously created box
- var replyBox: HTMLElement = document.getElementById('comment-reply-container-' + id);
-
- // Remove it if it already exists
- if (replyBox) {
- Sakura.removeById('comment-reply-container-' + id);
- return;
- }
-
- // Container
- var replyContainer: HTMLLIElement = document.createElement('li');
- replyContainer.id = 'comment-reply-container-' + id;
-
- // Form
- var replyForm: HTMLFormElement = document.createElement('form');
- replyForm.id = 'comment-reply-' + id;
- replyForm.action = action;
- replyForm.method = 'post';
-
- // Session
- var replyInput: HTMLInputElement = document.createElement('input');
- replyInput.type = 'hidden';
- replyInput.name = 'session';
- replyInput.value = session;
- replyForm.appendChild(replyInput);
-
- // Category
- var replyInput: HTMLInputElement = document.createElement('input');
- replyInput.type = 'hidden';
- replyInput.name = 'category';
- replyInput.value = category;
- replyForm.appendChild(replyInput);
-
- // Reply ID
- var replyInput: HTMLInputElement = document.createElement('input');
- replyInput.type = 'hidden';
- replyInput.name = 'replyto';
- replyInput.value = id.toString();
- replyForm.appendChild(replyInput);
-
- // Mode
- var replyInput: HTMLInputElement = document.createElement('input');
- replyInput.type = 'hidden';
- replyInput.name = 'mode';
- replyInput.value = 'comment';
- replyForm.appendChild(replyInput);
-
- // Comment container
- var replyDiv: HTMLDivElement = document.createElement('div');
- replyDiv.className = 'comment';
-
- // Avatar
- var replyAvatar: HTMLDivElement = document.createElement('div');
- replyAvatar.className = 'comment-avatar';
- replyAvatar.style.backgroundImage = 'url(' + avatar + ')';
- replyDiv.appendChild(replyAvatar);
-
- // Pointer
- var replyPoint: HTMLDivElement = document.createElement('div');
- replyPoint.className = 'comment-pointer';
- replyDiv.appendChild(replyPoint);
-
- // Textarea
- var replyText: HTMLTextAreaElement = document.createElement('textarea');
- replyText.className = 'comment-content';
- replyText.name = 'comment';
- replyDiv.appendChild(replyText);
-
- // Submit
- var replySubmit: HTMLInputElement = document.createElement('input');
- replySubmit.className = 'comment-submit';
- replySubmit.type = 'submit';
- replySubmit.name = 'submit';
- replySubmit.value = "\uf1d8";
- replyDiv.appendChild(replySubmit);
-
- // Append to form
- replyForm.appendChild(replyDiv);
-
- // Append form to container
- replyContainer.appendChild(replyForm);
-
- // Insert the HTML
- if (replyingTo.children[1].children.length > 0) {
- replyingTo.children[1].insertBefore(replyContainer, replyingTo.children[1].firstChild);
- } else {
- replyingTo.children[1].appendChild(replyContainer);
- }
-
- // Prepare AJAX submission
- prepareAjaxForm(replyForm.id, 'Replying...');
-}
-
// Inserting text into text box
// Borrowed from http://stackoverflow.com/questions/1064089/inserting-a-text-where-cursor-is-using-javascript-jquery (therefore not in Typescript format, fix this later)
function insertText(areaId, text) {
diff --git a/public/settings.php b/public/settings.php
index afc8cb6..a632d9f 100644
--- a/public/settings.php
+++ b/public/settings.php
@@ -7,413 +7,14 @@
namespace Sakura;
use Sakura\Perms\Site;
-use Sakura\Router;
// Legacy support!!!!!!!!!
$renderData = [];
-// If this we're requesting notifications this page won't require templating
-if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications']) {
- define('SAKURA_NO_TPL', true);
-}
-
// Include components
require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . 'sakura.php';
-// Notifications (decommissioned)
-if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications']) {
- // Create the notification container array
- $notifications = [];
-
- // Check if the user is logged in
- if (Users::checkLogin()
- && isset($_REQUEST['time'])
- && $_REQUEST['time'] > (time() - 1000)
- && isset($_REQUEST['session']) && $_REQUEST['session'] == session_id()) {
- // Get the user's notifications from the past forever but exclude read notifications
- $alerts = $currentUser->notifications();
-
- // Add the proper values to the array
- foreach ($alerts as $alert) {
- // Add the notification to the display array
- $notifications[$alert->id] = [
- 'read' => $alert->read,
- 'title' => $alert->title,
- 'text' => $alert->text,
- 'link' => $alert->link,
- 'img' => $alert->image,
- 'timeout' => $alert->timeout,
- 'sound' => $alert->sound,
- ];
-
- $alert->toggleRead();
- $alert->save();
- }
- }
-
- // Check if friendOnline is set (so it doesn't tell you all your friends all online on first visit)
- $onlineFriends = isset($_SESSION['friendsOnline']) ? $_SESSION['friendsOnline'] : [];
- $onlineNotify = isset($_SESSION['friendsOnline']);
-
- // Set friendsOnline
- if (!$onlineNotify) {
- $_SESSION['friendsOnline'] = [];
- }
-
- // Populate the array
- foreach ($currentUser->friends(1) as $friend) {
- // Online status
- $online = $friend->isOnline();
-
- // If true check if they're already in the array
- if ($online && !in_array($friend->id, $onlineFriends)) {
- // Add user to the online array
- $_SESSION['friendsOnline'][$friend->id] = $friend->id;
-
- // Add the notification to the display array
- if ($onlineNotify) {
- $notifications[] = [
- 'read' => 0,
- 'title' => $friend->username . ' is online.',
- 'text' => '',
- 'link' => '',
- 'img' => Router::route('file.avatar', $friend->id),
- 'timeout' => 2000,
- 'sound' => false,
- ];
- }
- } elseif (!$online && in_array($friend->id, $onlineFriends)) {
- // Remove the person from the array
- unset($_SESSION['friendsOnline'][$friend->id]);
-
- // Add the notification to the display array
- if ($onlineNotify) {
- $notifications[] = [
- 'read' => 0,
- 'title' => $friend->username . ' is offline.',
- 'text' => '',
- 'link' => '',
- 'img' => Router::route('file.avatar', $friend->id),
- 'timeout' => 2000,
- 'sound' => false,
- ];
- }
- }
- }
-
- // Set header, convert the array to json, print it and exit
- echo json_encode($notifications, JSON_NUMERIC_CHECK);
- exit;
-} elseif (isset($_REQUEST['comment-action']) && $_REQUEST['comment-action']) {
- // Referrer
- $redirect = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : Router::route('main.index'));
-
- // Continue
- $continue = true;
-
- // Match session ids for the same reason
- if (!Users::checkLogin()) {
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => 'You must be logged in to do that!',
- 'success' => 0,
- ];
-
- // Prevent
- $continue = false;
- }
-
- // Match session ids for the same reason
- if (!isset($_REQUEST['session']) || $_REQUEST['session'] != session_id()) {
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => 'Invalid session, please try again.',
- 'success' => 0,
- ];
-
- // Prevent
- $continue = false;
- }
-
- // Match session ids for the same reason
- if (!isset($_REQUEST['category'])) {
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => 'No category was set.',
- 'success' => 0,
- ];
-
- // Prevent
- $continue = false;
- }
-
- // Select the right action
- if ($continue) {
- $comments = new Comments($_REQUEST['category']);
-
- switch (isset($_REQUEST['mode']) ? $_REQUEST['mode'] : false) {
- case 'vote':
- $comment = $comments->getComment(isset($_REQUEST['id']) ? $_REQUEST['id'] : 0);
-
- // Check if the comment was actually made by the current user
- if (!$comment) {
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => 'The requested comment does not exist.',
- 'success' => 0,
- ];
- break;
- }
-
- // Check if the user can delete comments
- if (!$currentUser->permission(Site::VOTE_COMMENTS)) {
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => 'You aren\'t allowed to vote on comments.',
- 'success' => 0,
- ];
- break;
- }
-
- $comments->makeVote(
- $currentUser->id,
- isset($_REQUEST['id']) ? $_REQUEST['id'] : 0,
- isset($_REQUEST['state']) && $_REQUEST['state'] ? '1' : '0'
- );
-
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => 'Your vote has been cast!',
- 'success' => 1,
- ];
- break;
-
- case 'delete':
- $comment = $comments->getComment(isset($_REQUEST['id']) ? $_REQUEST['id'] : 0);
-
- // Check if the comment was actually made by the current user
- if (!$comment) {
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => 'The requested comment does not exist.',
- 'success' => 0,
- ];
- break;
- }
-
- // Check if the user can delete comments
- if (!$currentUser->permission(Site::DELETE_COMMENTS)) {
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => 'You aren\'t allowed to delete comments.',
- 'success' => 0,
- ];
- break;
- }
-
- // Check if the comment was actually made by the current user
- if ($comment['comment_poster'] !== $currentUser->id) {
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => 'You can\'t delete the comments of others.',
- 'success' => 0,
- ];
- break;
- }
-
- $comments->removeComment(isset($_REQUEST['id']) ? $_REQUEST['id'] : 0);
-
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => 'The comment has been deleted!',
- 'success' => 1,
- ];
- break;
-
- case 'comment':
- // Check if the user can delete comments
- if (!$currentUser->permission(Site::CREATE_COMMENTS)) {
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => 'You aren\'t allowed to comment.',
- 'success' => 0,
- ];
- break;
- }
-
- // Attempt to make a new comment
- $comment = $comments->makeComment($currentUser->id, $_POST['replyto'], $_POST['comment']);
-
- // Messages
- $messages = [
- 'TOO_SHORT' => 'The comment you\'re trying to make is too short!',
- 'TOO_LONG' => 'The comment you\'re trying to make is too long!',
- 'SUCCESS' => 'Posted!',
- ];
-
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => $messages[$comment[1]],
- 'success' => $comment[0],
- ];
- break;
-
- default:
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => 'Unknown action.',
- 'success' => 0,
- ];
- }
- }
-
- // Print page contents or if the AJAX request is set only display the render data
- if (isset($_REQUEST['ajax'])) {
- echo $renderData['page']['message'] . '|' .
- $renderData['page']['success'] . '|' .
- $renderData['page']['redirect'];
- } else {
- // If not allowed print the restricted page
- Template::vars($renderData);
-
- // Print page contents
- echo Template::render('global/information');
- }
- exit;
-} elseif (isset($_REQUEST['friend-action']) && $_REQUEST['friend-action'] && Users::checkLogin()) {
- // Continue
- $continue = true;
-
- // Referrer
- $redirect = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : Router::route('main.index'));
-
- // Compare time and session so we know the link isn't forged
- if (!isset($_REQUEST['add']) && !isset($_REQUEST['remove'])) {
- if (!isset($_REQUEST['ajax'])) {
- header('Location: ' . $redirect);
- exit;
- }
-
- $renderData['page'] = [
-
- 'redirect' => $redirect,
- 'message' => 'One of the required operators isn\'t set.',
- 'success' => 0,
-
- ];
-
- // Prevent
- $continue = false;
- }
-
- // Compare time and session so we know the link isn't forged
- if ($continue && $_REQUEST[(isset($_REQUEST['add']) ? 'add' : 'remove')] == $currentUser->id) {
- $renderData['page'] = [
-
- 'redirect' => $redirect,
- 'message' => 'You can\'t be friends with yourself, stop trying to bend reality.',
- 'success' => 0,
-
- ];
-
- // Prevent
- $continue = false;
- }
-
- // Compare time and session so we know the link isn't forged
- if (!isset($_REQUEST['time']) || $_REQUEST['time'] < time() - 1000) {
- $renderData['page'] = [
-
- 'redirect' => $redirect,
- 'message' => 'Timestamps differ too much, refresh the page and try again.',
- 'success' => 0,
-
- ];
-
- // Prevent
- $continue = false;
- }
-
- // Match session ids for the same reason
- if (!isset($_REQUEST['session']) || $_REQUEST['session'] != session_id()) {
- $renderData['page'] = [
-
- 'redirect' => $redirect,
- 'message' => 'Invalid session, please try again.',
- 'success' => 0,
-
- ];
-
- // Prevent
- $continue = false;
- }
-
- // Continue if nothing fucked up
- if ($continue) {
- // Execute the action
- $action = (isset($_REQUEST['add']) ?
- $currentUser->addFriend($_REQUEST['add']) :
- $currentUser->removeFriend($_REQUEST['remove'], true));
-
- // Set the messages
- $messages = [
- 'USER_NOT_EXIST' => 'The user you tried to add doesn\'t exist.',
- 'ALREADY_FRIENDS' => 'You are already friends with this person!',
- 'FRIENDS' => 'You are now mutual friends!',
- 'NOT_MUTUAL' => 'A friend request has been sent to this person.',
- 'ALREADY_REMOVED' => 'You aren\'t friends with this person.',
- 'REMOVED' => 'Removed this person from your friends list.',
- ];
-
- // Notification strings
- $notifStrings = [
- 'FRIENDS' => ['%s accepted your friend request!', 'You can now do mutual friend things!'],
- 'NOT_MUTUAL' => ['%s added you as a friend!', 'Click here to add them as well.'],
- 'REMOVED' => ['%s removed you from their friends.', 'You can no longer do friend things now ;_;'],
- ];
-
- // Add page specific things
- $renderData['page'] = [
- 'redirect' => $redirect,
- 'message' => $messages[$action[1]],
- 'success' => $action[0],
- ];
-
- // Create a notification
- if (array_key_exists($action[1], $notifStrings)) {
- // Get the current user's profile data
- $user = User::construct($currentUser->id);
- $friend = User::construct($_REQUEST[(isset($_REQUEST['add']) ? 'add' : 'remove')]);
-
- $alert = new Notification;
-
- $alert->user = $friend->id;
- $alert->time = time();
- $alert->sound = true;
- $alert->title = sprintf($notifStrings[$action[1]][0], $user->username);
- $alert->text = $notifStrings[$action[1]][1];
- $alert->image = Router::route('file.avatar', $user->id);
- $alert->timeout = 60000;
- $alert->link = Router::route('user.profile', $user->id);
-
- $alert->save();
- }
- }
-
- // Print page contents or if the AJAX request is set only display the render data
- if (isset($_REQUEST['ajax'])) {
- echo $renderData['page']['message'] . '|' .
- $renderData['page']['success'] . '|' .
- $renderData['page']['redirect'];
- } else {
- // If not allowed print the restricted page
- Template::vars($renderData);
-
- // Print page contents
- echo Template::render('global/information');
- }
- exit;
-} elseif (isset($_POST['submit']) && isset($_POST['submit'])) {
+if (isset($_POST['submit']) && isset($_POST['submit'])) {
$continue = true;
// Set redirector
diff --git a/routes.php b/routes.php
index e60955b..346cd47 100644
--- a/routes.php
+++ b/routes.php
@@ -108,7 +108,15 @@ Router::group(['prefix' => 'notifications'], function () {
// Comments
Router::group(['prefix' => 'comments', 'before' => 'loginCheck'], function () {
- Router::post('/{category:c}/post/{reply:i}?', 'CommentsController@post', 'comments.post');
+ Router::post('/{category:c}/post/{reply:i}?', 'CommentsController@post', 'comments.category.post');
+ Router::post('/{id:i}/delete', 'CommentsController@delete', 'comments.comment.delete');
+ Router::post('/{id:i}/vote', 'CommentsController@vote', 'comments.comment.vote');
+});
+
+// Comments
+Router::group(['prefix' => 'friends', 'before' => 'loginCheck'], function () {
+ Router::post('/{id:i}/add', 'FriendsController@add', 'friends.add');
+ Router::post('/{id:i}/remove', 'FriendsController@remove', 'friends.remove');
});
// Files
@@ -136,7 +144,7 @@ Router::group(['prefix' => 'settings', 'before' => 'loginCheck'], function () {
Router::get('/', function () {
$route = Router::route('settings.general.home');
return header("Location: {$route}");
- });
+ }, 'settings.index');
// General section
Router::group(['prefix' => 'general'], function () {
@@ -203,7 +211,7 @@ Router::group(['prefix' => 'settings', 'before' => 'loginCheck'], function () {
return header("Location: {$route}");
});
- Router::get('/email', 'Settings.AccountController@avatar', 'settings.account.email');
+ Router::get('/email', 'Settings.AccountController@email', 'settings.account.email');
Router::get('/username', 'Settings.AccountController@username', 'settings.account.username');
Router::get('/title', 'Settings.AccountController@title', 'settings.account.title');
Router::get('/password', 'Settings.AccountController@password', 'settings.account.password');
diff --git a/sakura.php b/sakura.php
index 4b794fd..600144d 100644
--- a/sakura.php
+++ b/sakura.php
@@ -8,7 +8,7 @@
namespace Sakura;
// Define Sakura version
-define('SAKURA_VERSION', 20160328);
+define('SAKURA_VERSION', 20160330);
// Define Sakura Path
define('ROOT', __DIR__ . '/');
diff --git a/templates/yuuno/elements/comment.twig b/templates/yuuno/elements/comment.twig
index 8b12986..b51c606 100644
--- a/templates/yuuno/elements/comment.twig
+++ b/templates/yuuno/elements/comment.twig
@@ -6,13 +6,13 @@
@@ -21,7 +21,7 @@
-
{% if comment.userData.id == user.id %} -- {{ comment.upvotes }}
- - {{ comment.downvotes }}
+ - {{ comment.upvotes }}
+ - {{ comment.downvotes }}