Файл: wboard/source/system/classes/model.php
Строк: 275
<?php
/**
* Wboard
* Model
* @author Screamer
* @copyright 2013
*/
class Model
{
/**
* @var (MySQLi) MySQLi object
*/
protected $db;
/**
* @var (Language) Languages handler
*/
protected $lng;
/**
* @var (string) Path to root directory of script
*/
protected $path;
/**
* Constructor
* @param (MySQLi) MySQLi object
* @param (Language) Languages handler
* @param (string) Path to root directory of script
* @return (void)
*/
public function __construct(mysqli $db, Language $lng, $path)
{
$this->db =& $db;
$this->lng =& $lng;
$this->path = $path;
}
/**
* Add ip addresses to ban-list
* @param (array) $addresses List of addresses
* @param (string) $comment Comment
* @return (void)
*/
public function ban_ip(array $addresses, $comment = '')
{
$addresses = array_map('intval', $addresses);
$comment = $this->db->real_escape_string($comment);
$list = '';
foreach ($addresses as $item) {
$list .= "('" . $item . "', '" . time() . "', '" . $comment . "'),";
}
$this->db->query("INSERT INTO `ban_ip` (`ip`, `time`, `comment`) VALUES " . rtrim($list, ","));
}
/**
* Increment counter of posts in the board
* @param (string) $board Name of board
* @return (void)
*/
public function board_post_count($board)
{
$this->db->query("UPDATE `board` SET `posts` = `posts` + 1 WHERE `name` = '" . $this->db->real_escape_string($board) . "'");
}
/**
* Bump thread
* Update time of last post
* @param (string) $board Name of board
* @param (int) $thread ID of thread
* @param (string) $post Text of last post
* @return (void)
*/
public function bump_thread($board, $thread, $post)
{
$this->db->query(
"UPDATE `thread` SET "
. "`last` = '" . time() . "', "
. "`lastpost` = '" . $this->db->real_escape_string($post) . "' "
. "WHERE `id` = '" . intval($thread) . "' AND `board` = '" . $this->db->real_escape_string($board) . "'"
);
}
/**
* Check IP-address(es) for ban
* @param (array|int) Address(es)
* @return (int) Deal of banned addresses
*/
public function check_ban_ip($ip)
{
$ip = is_array($ip) ? array_map('intval', $ip) : intval($ip);
return $this->db->result(
"SELECT COUNT(*) FROM `ban_ip` WHERE `ip` "
. (is_array($ip) ? "IN('" . implode("', '", $ip) . "')" : " = '" . $ip . "'")
);
}
/**
* Clear list of banned IP addresses
* @return (void)
*/
public function clear_ban_ip()
{
$this->db->query("TRUNCATE TABLE `ban_ip`");
}
/**
* Create a new thread
* @param (int) $pid ID of post/thread
* @param (string) $board Name of board
* @param (string) $theme Name of thread (theme of post)
* @param (int) $time Date of create
* @param (string) $name Name of creator
* @param (string) $text Text of post
* @param (int) Hide thread from in hidden board (from last posts list) (1 - yes; 0 - no)
*/
public function create_thread($pid, $board, $theme, $time, $name, $text, $hidden)
{
$this->db->query(
"INSERT INTO `thread` SET "
. "`id` = '" . intval($pid) . "', "
. "`board` = '" . $this->db->real_escape_string($board) . "', "
. "`theme` = '" . $this->db->real_escape_string($theme) . "', "
. "`time` = '" . intval($time) . "', "
. "`name` = '" . $this->db->real_escape_string($name) . "', "
. "`text` = '" . $this->db->real_escape_string($text) . "', "
. "`hidden` = '" . ($hidden != 0 ? '1' : '0') . "'"
);
}
/**
* Get list of banned IP-addresses
* @return (array)
*/
public function get_ban_ip_list()
{
$get = $this->db->query("SELECT * FROM `ban_ip` ORDER BY `time` DESC");
$list = array();
while ($item = $get->fetch_assoc()) {
$list[] = $item;
}
$get->free();
return $list;
}
/**
* Get board's data
* @param (string) $name Name of board
* @return (array)
*/
public function get_board($name)
{
$get_board = $this->db->query("SELECT * FROM `board` WHERE `name` = '" . $this->db->real_escape_string($name) . "'");
$data = $get_board->fetch_assoc();
$get_board->free();
return $data;
}
/**
* Get boards list
* @return (array)
*/
public function get_boards()
{
$list = array();
$get_list = $this->db->query("SELECT `name`, `description`, `hidden` FROM `board` ORDER BY `name`");
while ($item = $get_list->fetch_assoc()) {
$list[] = $item;
}
$get_list->free();
return $list;
}
/**
* Get thread's data
* @param (string) $board Name of board
* @param (int) $id ID of thread
* @return (array)
*/
public function get_thread($board, $id)
{
$get_thread = $this->db->query(
"SELECT * FROM `thread` WHERE `id` = '" . intval($id) . "' AND `board` = '" . $this->db->real_escape_string($board) . "'"
);
$data = $get_thread->fetch_assoc();
$get_thread->free();
return $data;
}
/**
* Get list of threads in the board
* @param (string) $board Name of board
* @param (string) $limit Deal of threads
* @param (boolean) $show_hidden Show threads from hidden boards?
* @return (array)
*/
public function get_threads($board = '', $limit = 0, $show_hidden = TRUE)
{
$get_list = $this->db->query(
"SELECT * FROM `thread` "
. (!empty($board) ? "WHERE `board` = '" . $this->db->real_escape_string($board) . "' " : "")
. ($show_hidden === FALSE ? (!empty($board) ? " AND " : " WHERE ") . "`hidden` = '0'" : "")
. "ORDER BY `last` DESC "
. ($limit != 0 ? " LIMIT 0, " . intval($limit) : "")
);
$list = array();
while ($item = $get_list->fetch_assoc()) {
$list[] = $item;
}
$get_list->free();
return $list;
}
/**
* Get logins history by user ID
* @param (int) $id ID of user
* @return (array)
*/
public function login_history()
{
$get_list = $this->db->query("SELECT * FROM `login_history` ORDER BY `time` DESC");
$list = array();
while ($item = $get_list->fetch_assoc()) {
$list[] = $item;
}
$get_list->free();
return $list;
}
/**
* Counter of visitors (last users for 5 minutes)
* @return (int)
*/
public function online_counter()
{
return $this->db->result("SELECT COUNT(*) FROM `online` WHERE `time` > '" . (time() - 300) . "'");
}
/**
* List of visitors (last 24 hours)
* @return (array)
*/
public function online_list()
{
$list = array();
$get_list = $this->db->query("SELECT * FROM `online` ORDER BY `time` DESC");
while ($item = $get_list->fetch_assoc()) {
$list[] = $item;
}
$get_list->free();
return $list;
}
/**
* Save system settings
* @param (array) $data Settings
* @return (void)
*/
public function panel_save_settings($data)
{
foreach ($data as $key => $value) {
$this->db->query("INSERT INTO `settings` SET `key` = '" . $key . "', `val` = '" . $value . "' ON DUPLICATE KEY UPDATE `val` = '" . $value . "'");
}
}
/**
* Remove IP address from list of banned IP addresses
* @param (int) $ip IP address
* @return (void)
*/
public function remove_ban_ip($ip)
{
$this->db->query("DELETE FROM `ban_ip` WHERE `ip` = '" . intval($ip) . "'");
}
/**
* Remove board from database
* @param (string) $name Name of board
* @return (void)
*/
public function remove_board($name)
{
$this->db->query("DELETE FROM `board` WHERE `name` = '" . $this->db->real_escape_string($name) . "'");
$this->db->query("DELETE FROM `thread` WHERE `board` = '" . $this->db->real_escape_string($name) . "'");
}
/**
* Remove post from db
* @param (string) $board Name of board
* @param (int) $tid ID of thread
* @param (string) $time time of post
* @return (void)
*/
public function remove_bump($board, $tid, $time)
{
$tid = intval($tid);
$thread = $this->get_thread($board, $tid);
if (is_array($thread) && ($thread['last'] == $time)) {
$this->db->query(
"UPDATE `thread` SET `lastpost` = '"
. $this->db->real_escape_string($this->lng->message_deleted)
. "' WHERE `id` = '" . $tid . "' AND `board` = '" . $this->db->real_escape_string($board) . "'"
);
}
}
/**
* Remove old threads in the board
* @param (string) $board Name of board
* @param (int) $max_threads Maximum deal of threads in board
* @return (void)
*/
public function remove_old_threads($board, $max_threads)
{
$board = $this->db->real_escape_string($board);
$max_threads = intval($max_threads);
$total = $this->db->result("SELECT COUNT(*) FROM `thread` WHERE `board` = '" . $board . "'");
$path = $this->path . 'files' . DIRECTORY_SEPARATOR . 'boards' . DIRECTORY_SEPARATOR . $board . DIRECTORY_SEPARATOR;
if ($total > $max_threads) {
$get_list = $this->db->query("SELECT `id` FROM `thread` WHERE `board` = '" . $board . "' ORDER BY `last` ASC LIMIT " . ($total - $max_threads));
while ($item = $get_list->fetch_assoc()) {
$ids[] = $item['id'];
$thread_file = $path . 'res' . DIRECTORY_SEPARATOR . $item['id'] . '.json';
if (is_file($thread_file)) {
$data = json_decode(file_get_contents($thread_file), TRUE);
foreach ($data as $post) {
if (!empty($post['img'])) {
unlink($path . $post['img']['file']);
unlink($path . $post['img']['preview']);
}
}
unlink($thread_file);
}
}
$get_list->free();
$this->remove_thread($board, $ids);
}
}
/**
* Remove thread from database
* @param (string) $board Name of board
* @param (int) $id ID of thread
* @return (void)
*/
public function remove_thread($board, $id)
{
$id = is_array($id) ? array_map('intval', $id) : intval($id);
$id = is_array($id) ? " IN('" . implode("', '", $id) . "')" : " = '" . $id . "'";
$this->db->query("DELETE FROM `thread` WHERE `id` " . $id . " AND `board` = '" . $this->db->real_escape_string($board) . "'");
}
/**
* Update data of board
* @param (array) $data Data of board
* @param (string) $name Name of board (for edit)
* @return (void)
*/
public function save_board($data, $name = '')
{
$this->db->query(
(!empty($name) ? "UPDATE " : "INSERT INTO ") . "`board` SET "
. (empty($name) ? "`name` = '" . $this->db->real_escape_string($data['name']) . "', " : "")
. "`description` = '" . $this->db->real_escape_string($data['description']) . "', "
. "`rules` = '" . $this->db->real_escape_string($data['rules']) . "', "
. "`bump_limit` = '" . intval($data['bump_limit']) . "', "
. "`max_threads` = '" . intval($data['max_threads']) . "', "
. "`thread_ph` = '" . intval($data['thread_ph']) . "', "
. "`hidden` = '" . ($data['hidden'] ? 1 : 0) . "' "
. (empty($name) ? "" : " WHERE `name` = '" . $this->db->real_escape_string($name) . "'")
);
}
/**
* Check limit of threads per hour
* @param (string) $board Name of board
* @param (int) $limit Limit of threads
* @return (boolean)
*/
public function wipe_protect($board, $limit)
{
$total = $this->db->result(
"SELECT COUNT(*) FROM `thread` "
. "WHERE `board` = '" . $this->db->real_escape_string($board) . "' "
. "AND `time` > '" . (time() - 3600) . "'"
);
return $total >= $limit ? FALSE : TRUE;
}
}