p8/Bloggr
1
0
Fork 0
mirror of https://github.com/p08dev/Bloggr.git synced 2026-06-17 04:33:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added Posts

Browse Source
This commit is contained in:
Furentes
2019-05-10 11:13:38 +02:00
parent 135b0bb9c2
commit df4ba337d8
9 changed files with 472 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

207
lib/Bloggr/auth.php
View File

@ -129,11 +129,218 @@ class Auth
public function isLoggedIn() {
return isset($_SESSION['id']);
}
public function getId() {
if (!$this->isLoggedIn()) return false;
return $_SESSION['id'];
}
public function logout() {
$_SESSION['id'] = '';
unset($_SESSION['id']);
session_unset();
return true;
}
public function getUsernameById($id) {
if (empty($id) || !\is_numeric($id)) {
return false;
}
try {
$s = $this->pdo->prepare("SELECT username FROM users WHERE id = :id LIMIT 1;");
$s->execute(array(
':id' => $id,
));
if ($s->rowCount() <= 0) {
return false;
}
while ($row = $s->fetch()) {
return $row['username'];
}
return false;
} catch (\PDOException $e) {
return false;
}
}
public function hasRole($role) {
if (empty($role) || !\is_numeric($role) && !\is_array($role)) {
return false;
}
if (empty($_SESSION['id'])) return false;
try {
$s = $this->pdo->prepare("SELECT roles_mask FROM users WHERE id = :id LIMIT 1;");
$s->execute(array(
':id' => $_SESSION['id']
));
if ($s->rowCount() <= 0) {
return false;
}
while ($row = $s->fetch()) {
$mask = $row['roles_mask'];
}
if (\is_array($role)) {
foreach ($role as $key => $value) {
if (($mask & $value) === $value) {
return true;
}
}
}
return ($mask & $role) === $role;
} catch (\PDOException $e) {
return false;
}
}
public function newPost($title, $text) {
if (!$this->isLoggedIn()) return false;
$errors = array();
$title = htmlspecialchars(trim(filter_var($title, FILTER_SANITIZE_STRING)));
$text = htmlspecialchars(trim($text, FILTER_SANITIZE_STRING));
$created_at = time();
$id = [ 'Something went wrong!' ];
if (strlen($title) < 3) {
array_push($errors, 'Title is too short! Min. 3');
}
if (strlen($title) > 64) {
array_push($errors, 'Title is too long! Max. 64');
}
if (strlen($text) < 8) {
array_push($errors, 'Text is too short! Min. 8');
}
if (strlen($text) > 12000000) {
array_push($errors, 'Text is too long! MAx. 10M');
}
if (count($errors) > 0) {
return $errors;
}
try {
$s = $this->pdo->prepare("INSERT INTO posts (user, title, text, created_at) VALUES(:user, :title, :text, :created_at);");
$r = $s->execute(array(
':user' => $this->getId(),
':title' => $title,
':text' => $text,
':created_at' => $created_at,
));
$id = $this->pdo->lastInsertId();
if(!$r) {
array_push($errors, 'Something went wrong!');
}
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
}
if (count($errors) > 0) {
return $errors;
}
return $id;
}
public function editPost($id, $title, $text) {
if (!$this->isLoggedIn()) return false;
$errors = array();
$title = htmlspecialchars(trim(filter_var($title, FILTER_SANITIZE_STRING)));
$text = htmlspecialchars(trim($text, FILTER_SANITIZE_STRING));
$updated_at = time();
try {
$s = $this->pdo->prepare("SELECT posts.* FROM posts INNER JOIN users ON posts.user = users.id WHERE posts.user = :user AND posts.id = :post LIMIT 1;");
$s->execute(array(
':user' => $this->getId(),
':post' => $id,
));
if ($s->rowCount() <= 0) {
return false;
}
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
}
if (strlen($title) < 3) {
array_push($errors, 'Title is too short! Min. 3');
}
if (strlen($title) > 64) {
array_push($errors, 'Title is too long! Max. 64');
}
if (strlen($text) < 8) {
array_push($errors, 'Text is too short! Min. 8');
}
if (strlen($text) > 12000000) {
array_push($errors, 'Text is too long! MAx. 10M');
}
if (count($errors) > 0) {
return $errors;
}
try {
$s = $this->pdo->prepare("UPDATE posts SET title = :title, text = :text, updated_at = :updated_at WHERE id = :id LIMIT 1;");
$r = $s->execute(array(
':title' => $title,
':text' => $text,
':updated_at' => $updated_at,
':id' => $id,
));
if(!$r) {
array_push($errors, 'Something went wrong!');
}
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
}
if (count($errors) > 0) {
return $errors;
}
return true;
}
public function getPost($id) {
if (empty($id) || !\is_numeric($id)) {
return false;
}
try {
$s = $this->pdo->prepare("SELECT * FROM posts WHERE id = :id LIMIT 1;");
$s->execute(array(
':id' => $id,
));
if ($s->rowCount() <= 0) {
return false;
}
while ($row = $s->fetch()) {
$row['user'] = $this->getUsernameById($row['user']);
return $row;
}
return false;
} catch (\PDOException $e) {
return false;
}
}
public function getAllPosts() {
try {
$posts = [];
$sql = "SELECT * FROM posts ORDER BY id ASC";
$result = $this->pdo->query($sql);
if (!$result) {
return false;
}
foreach ($result as $row) {
$row['user'] = $this->getUsernameById($row['user']);
array_push($posts, $row);
}
return $posts;
} catch (\PDOException $e) {
return $posts;
}
}
}
?>

6
lib/autoload.php
View File

@ -24,6 +24,6 @@ if(!($request_uri == "/setup")) {
$auth = new \Bloggr\Auth($pdo);
}
echo '<pre>';
print_r($_SESSION);
echo '</pre>';
if ($auth->isLoggedIn()) {
echo 'Eingeloggt als <b>'.$auth->getUsernameById($auth->getId()).'</b>';
}

15
lib/sql/db.sql
View File

@ -10,4 +10,17 @@ CREATE TABLE IF NOT EXISTS `users` (
PRIMARY KEY (`id`),
UNIQUE KEY `email` (`email`),
UNIQUE KEY `username` (`username`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
--
-- Table structure for table `posts`
--
CREATE TABLE `posts` (
`id` int(11) UNSIGNED NOT NULL,
`user` int(11) UNSIGNED NOT NULL,
`title` varchar(128) CHARACTER SET utf8mb4 NOT NULL,
`text` longtext CHARACTER SET utf8mb4 NOT NULL,
`created_at` int(10) UNSIGNED NOT NULL,
`updated_at` int(10) UNSIGNED DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

73
lib/sql/posts.sql Normal file
View File

@ -0,0 +1,73 @@
-- phpMyAdmin SQL Dump
-- version 4.8.5
-- https://www.phpmyadmin.net/
--
-- Host: 127.0.0.1
-- Generation Time: May 10, 2019 at 10:50 AM
-- Server version: 10.1.38-MariaDB
-- PHP Version: 7.3.3
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET AUTOCOMMIT = 0;
START TRANSACTION;
SET time_zone = "+00:00";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8mb4 */;
--
-- Database: `bloggr`
--
-- --------------------------------------------------------
--
-- Table structure for table `posts`
--
CREATE TABLE `posts` (
`id` int(11) UNSIGNED NOT NULL,
`user` int(11) UNSIGNED NOT NULL,
`title` varchar(128) CHARACTER SET utf8mb4 NOT NULL,
`text` longtext CHARACTER SET utf8mb4 NOT NULL,
`created_at` int(10) UNSIGNED NOT NULL,
`updated_at` int(10) UNSIGNED DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
--
-- Dumping data for table `posts`
--
INSERT INTO `posts` (`id`, `user`, `title`, `text`, `created_at`, `updated_at`) VALUES
(1, 1, 'test', 'test title', 1557473772, NULL),
(2, 1, 'test', 'test title', 1557473835, 1557476392),
(3, 1, 'Title of doom', 'Lorem ipsum', 1557473940, 1557476222),
(4, 1, 'awdswetf', ' wteawstrsw tws4e sw t 4aeswtg w4s ', 1557474085, NULL);
--
-- Indexes for dumped tables
--
--
-- Indexes for table `posts`
--
ALTER TABLE `posts`
ADD PRIMARY KEY (`id`);
--
-- AUTO_INCREMENT for dumped tables
--
--
-- AUTO_INCREMENT for table `posts`
--
ALTER TABLE `posts`
MODIFY `id` int(11) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=5;
COMMIT;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;