<?php@session_start(); Class PostsController extends AppController

1. <?php
2.  
3. @session_start();
4.  
5. Class PostsController extends AppController
6. {
7.  
8. public function vote()
9. {
10. $post_id = $_GET['post_id'];
11. $table = "vote_" . $_GET['vote'];
12. if ($_GET && $_GET['post_id'] && $_GET['vote'] && ($_GET['vote'] == "true" || $_GET['vote'] == "false"))
13. {
14. if (!isset($_SESSION['posts_votes'][date("Y-m-d")][$post_id]) && !isset($_COOKIE[date("Ymd").$post_id]))
15. {
16. $this->SQL->query("UPDATE posts SET $table=$table+1 WHERE id='$post_id'");
17. $salida = $this->SQL->query("SELECT $table FROM posts WHERE id='$post_id'");
18. $_SESSION['posts_votes'][date("Y-m-d")][$post_id] = "1";
19. setcookie(date("Ymd").$post_id, "cookie", time() + 86400);
20. echo "Gracias (".$salida['0'][$table].")";
21. }else{
22. $salida = $this->SQL->query("SELECT $table FROM posts WHERE id='$post_id'");
23. echo "Ya has votado (".$salida['0'][$table].")";
24. }
25. }
26. exit;
27. }
28.  
29. public function report_comment()
30. {
31. if ($_GET && $_SESSION['login'] == "1")
32. {
33. if (!isset($_SESSION['report_comments'][date("Y-m-d")][$comment_id]) && !isset($_COOKIE[date("Ymd")."-c-".$comment_id]))
34. {
35. $comment_id = $_GET['comment_id'];
36. $this->SQL->query("UPDATE comments SET report=1 WHERE id='$comment_id'");
37. $_SESSION['report_comments'][date("Y-m-d")][$comment_id] = "1";
38. setcookie(date("Ymd")."-c-".$comment_id, "cookie", time() + 86400);
39. }
40. echo "Gracias. En breve revisaremos este comentario";
41. }else if ($_SESSION['login'] != "1"){
42. echo "Debes estar registrado para denunciar";
43. }
44. exit;
45. }
46.  
47. public function index($params)
48. {
49. global $mysql_username;
50. global $mysql_password;
51. global $mysql_database;
52.  
53. if ($mysql_username == "" || $mysql_password == "" || $mysql_database == "")
54. {
55. header("Location: /install/step1");
56. }
57.  
58. $config = $this->SQL->query("SELECT * FROM config");
59. $tmp=array();
60. foreach ($config as $c)
61. {
62. $tmp[$c['entry']]=$c['value'];
63. }
64.  
65. $baned = $this->SQL->query("SELECT word FROM baned_words");
66. $_SESSION['site_config']=$tmp;
67. $_SESSION['site_config']['baned_words']=$baned;
68.  
69. $pagina = $params['page'];
70. $registrosAMostrar = "12";
71.  
72. if ($pagina != "")
73. {
74. $registrosAEmpezar = ($pagina - 1) * $registrosAMostrar;
75. $PagAct = $pagina;
76. } else
77. {
78. $registrosAEmpezar = "0";
79. $PagAct = 1;
80. }
81.  
82. $posts = $this->SQL->query("
83. SELECT
84. Post.id as post_id,
85. Post.date as post_date,
86. Post.*,
87. User.*,
88. Cat.name as category_name
89. FROM
90. categories Cat,
91. posts Post,
92. users User
93. WHERE
94. Post.category_id = Cat.id AND
95. Post.user_id = User.id
96. ORDER BY Post.id DESC LIMIT $registrosAEmpezar,$registrosAMostrar
97. ");
98.  
99. $tmp = $this->SQL->query("
100. SELECT
101. COUNT(*) as num
102. FROM
103. categories Cat,
104. posts Post,
105. users User
106. WHERE
107. Post.category_id = Cat.id AND
108. Post.user_id = User.id");
109.  
110. $NroRegistros = $tmp[0]['num'];
111.  
112. $PagUlt = $NroRegistros / $registrosAMostrar;
113. $Res = $NroRegistros % $registrosAMostrar;
114. if ($Res > 0)
115. $PagUlt = floor($PagUlt) + 1;
116. if ($PagUlt == 0)
117. {
118. $PagUlt = 1;
119. }
120. $this->set('totalPages',$PagUlt);
121.  
122. $Posts = array();
123.  
124. foreach ($posts as $post)
125. {
126. $comments = $this->SQL->count_records("comments","post_id",$post['post_id']);
127. $post['comments'] = $comments;
128. $Posts[] = $post;
129. }
130.  
131. $this->set('Posts',$Posts);
132. $this->set('PageTitle',$_SESSION['site_config']['site_name']);
133. $this->set('MetaDescription',$_SESSION['site_config']['site_description']);
134. $this->set('MetaKeywords',$_SESSION['site_config']['meta_tags']);
135. }
136.  
137. public function filter($params)
138. {
139. $pagina = $params['page'];
140. $registrosAMostrar = "12";
141.  
142. if ($pagina != "")
143. {
144. $registrosAEmpezar = ($pagina - 1) * $registrosAMostrar;
145. $PagAct = $pagina;
146. } else
147. {
148. $registrosAEmpezar = "0";
149. $PagAct = 1;
150. }
151.  
152. if (!$_POST)
153. {
154. if ($params[0] == "" && $_SERVER['REQUEST_URI'] != "/suerte")
155. {
156. header("Location: /");
157. }
158. if ($_SERVER['REQUEST_URI'] == "/suerte")
159. {
160. $extra = "";
161. $order = "RAND()";
162. }else{
163. $extra = "Cat.uri='{$params[0]}' AND ";
164. $order = "Post.id DESC";
165. }
166.  
167. $posts = $this->SQL->query("
168. SELECT
169. Post.id as post_id,
170. Post.date as post_date,
171. Post.*,
172. User.*,
173. Cat.name as category_name
174. FROM
175. categories Cat,
176. posts Post,
177. users User
178. WHERE ".$extra."Post.category_id = Cat.id AND
179. Post.user_id = User.id
180. ORDER BY $order LIMIT $registrosAEmpezar,$registrosAMostrar");
181.  
182. $tmp = $this->SQL->query("
183. SELECT
184. COUNT(*) as num
185. FROM
186. categories Cat,
187. posts Post,
188. users User
189. WHERE ".$extra."Post.category_id = Cat.id AND
190. Post.user_id = User.id");
191. }else{
192. if ($_POST['text'] == "" || strlen($_POST['text']) < 3)
193. {
194. header("Location: /");
195. }
196. $posts = $this->SQL->query("
197. SELECT
198. Post.id as post_id,
199. Post.date as post_date,
200. Post.*,
201. User.*,
202. Cat.name as category_name
203. FROM
204. categories Cat,
205. posts Post,
206. users User
207. WHERE
208. Post.post LIKE '%".$_POST['text']."%' AND
209. Post.category_id = Cat.id AND
210. Post.user_id = User.id
211. ORDER BY Post.id DESC LIMIT $registrosAEmpezar,$registrosAMostrar");
212.  
213. $tmp = $this->SQL->query("
214. SELECT
215. COUNT(*) as num
216. FROM
217. categories Cat,
218. posts Post,
219. users User
220. WHERE
221. Post.post LIKE '%".$_POST['text']."%' AND
222. Post.category_id = Cat.id AND
223. Post.user_id = User.id");
224. }
225.  
226. $NroRegistros = $tmp[0]['num'];
227. $PagUlt = $NroRegistros / $registrosAMostrar;
228. $Res = $NroRegistros % $registrosAMostrar;
229. if ($Res > 0)
230. $PagUlt = floor($PagUlt) + 1;
231. if ($PagUlt == 0)
232. {
233. $PagUlt = 1;
234. }
235. $this->set('totalPages',$PagUlt);
236.  
237.  
238. $Posts = array();
239.  
240. foreach ($posts as $post)
241. {
242. $comments = $this->SQL->count_records("comments","post_id",$post['post_id']);
243. $post['comments'] = $comments;
244. $Posts[] = $post;
245. }
246.  
247. if (!$_POST)
248. {
249. if (count($Posts) > 0)
250. {
251. $Title = $Posts['0']['category_name'];
252. }else{
253. $pt = $this->SQL->query("
254. SELECT
255. name
256. FROM
257. categories
258. WHERE
259. uri='{$params[0]}'");
260. $Title = $pt['0']['name'];
261.  
262. }
263. }else{
264. $Title = $_POST['text'];
265. }
266. $this->set('PageTitle',"{$Title}");
267.  
268. $this->set('Posts',$Posts);
269. }
270.  
271. public function details($params)
272. {
273. if ($params['action'] == "comment")
274. {
275. $this->checkAuth("?URI=/entrada/" . $params[0]);
276. $this->set('leave_a_comment',"true");
277. }else{
278. $this->set('leave_a_comment',"false");
279. }
280.  
281. if ($_POST)
282. {
283. $comment_id = $this->SQL->insert("comments",$_POST['data']);
284. $this->SQL->query("UPDATE users SET comments=comments + 1 WHERE id='".$_SESSION['user']['id']."'");
285. unset($_POST);
286. }
287.  
288. $posts = $this->SQL->query("
289. SELECT
290. Post.id as post_id,
291. Post.date as post_date,
292. Post.*,
293. User.*,
294. Cat.name as category_name
295. FROM
296. categories Cat,
297. posts Post,
298. users User
299. WHERE
300. Post.category_id = Cat.id AND
301. Post.user_id = User.id AND
302. Post.id = '{$params[0]}'
303. ");
304.  
305. $Posts = array();
306.  
307. foreach ($posts as $post)
308. {
309. $comments = $this->SQL->query("
310. SELECT
311. Comment.date as comment_date,
312. Comment.comments as comment,
313. Comment.id as comment_id,
314. Comment.*,
315. User.*
316. FROM
317. comments Comment,
318. users User
319. WHERE
320. Comment.post_id = '".$post['post_id']."' AND
321. Comment.user_id = User.id
322. ");
323.  
324. $post['comments'] = $comments;
325. $Posts = $post;
326. }
327.  
328. $this->set('PageTitle',$Posts['title']);
329. $this->set('Post',$Posts);
330. }
331.  
332. public function add($params)
333. {
334. $publickey = "6LeQ6sYSAAAAAKBut3vVXJNHmioTtZ-ZxEtC3THs";
335. $privatekey = "6LeQ6sYSAAAAALCdjb9hQ0ZH_E9JZIN8ZJG7IbtC";
336. $resp = null;
337.  
338. $this->checkAuth("?URI=/publicar");
339. if ($_POST){
340. if ($_POST['captcha']) {
341. if(md5($_POST['captcha']) != $_SESSION['key']){
342. die('Codigo incorrecto.');
343. } else {
344.  
345. $post_id = $this->SQL->insert("posts",$_POST['data']);
346. $cat_id = $_POST['data']['category_id'];
347. $cat = $this->SQL->query("SELECT uri FROM categories WHERE id='$cat_id'");
348. $this->SQL->query("UPDATE users SET posts=posts + 1 WHERE id='".$_SESSION['user']['id']."'");
349. header("Location: /categoria/" . $cat[0]['uri']);
350. }
351. } else {
352. die('Codigo incorrecto.');
353. }
354.  
355.  
356. }else{
357. $categorias = $this->SQL->query("SELECT * FROM categories");
358. $this->set('categories',$categorias);
359. }
360. $this->set('PageTitle',"Publicar");
361. }
362. }
363.  
364. ?>