From 239c2b168411c110b1f884f6ef0df172cb913b4b Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Tue, 7 Jan 2014 15:50:16 +0100 Subject: reviewed cookies api --- includes/model/AngelType_model.php | 4 +- includes/model/Message_model.php | 94 +++++++++++++++++++------------------- includes/model/Room_model.php | 8 ++-- includes/model/Shifts_model.php | 5 +- includes/model/User_model.php | 10 ++-- 5 files changed, 57 insertions(+), 64 deletions(-) (limited to 'includes/model') diff --git a/includes/model/AngelType_model.php b/includes/model/AngelType_model.php index 22baa4a4..bc07ace7 100644 --- a/includes/model/AngelType_model.php +++ b/includes/model/AngelType_model.php @@ -80,7 +80,7 @@ function AngelTypes_with_user($user) { /** * Returns AngelType id array */ -function mAngelTypeList() { +function AngelType_ids() { $angelType_source = sql_select("SELECT `id` FROM `AngelTypes`"); if ($angelType_source === false) return false; @@ -95,7 +95,7 @@ function mAngelTypeList() { * @param $id angelType * ID */ -function mAngelType($id) { +function AngelType($id) { $angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); if ($angelType_source === false) return false; diff --git a/includes/model/Message_model.php b/includes/model/Message_model.php index d42dca5f..1e1923e8 100644 --- a/includes/model/Message_model.php +++ b/includes/model/Message_model.php @@ -1,51 +1,49 @@ - 0) - return $message_source; - return null; -} - -/** - * Returns message by id. - * - * @param $id message ID - */ -function mMessage($id) { - $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); - if ($message_source === false) - return false; - if (count($message_source) > 0) - return $message_source[0]; - return null; -} - - -/** - * send message - * - * @param $id User ID of Reciever - * @param $text Text of Message - */ -function mMessage_Send($id, $text) { - global $user; - - $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text)); - $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags( $id)); - - if (($text != "" && is_numeric($to)) && - (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) ) { - sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'"); - return true; - } else { - return false; - } - } - + */ +function Message_ids() { + return sql_select("SELECT `id` FROM `Messages`"); +} + +/** + * Returns message by id. + * + * @param $id message + * ID + */ +function Message($id) { + $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + if ($message_source === false) + return false; + if (count($message_source) > 0) + return $message_source[0]; + return null; +} + +/** + * TODO: use validation functions, return new message id + * TODO: global $user con not be used in model! + * send message + * + * @param $id User + * ID of Reciever + * @param $text Text + * of Message + */ +function Message_send($id, $text) { + global $user; + + $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text)); + $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($id)); + + if (($text != "" && is_numeric($to)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0)) { + sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'"); + return true; + } else { + return false; + } +} + ?> \ No newline at end of file diff --git a/includes/model/Room_model.php b/includes/model/Room_model.php index 5b9c7a2a..c48abc78 100644 --- a/includes/model/Room_model.php +++ b/includes/model/Room_model.php @@ -3,7 +3,7 @@ /** * Returns room id array */ -function mRoomList() { +function Room_ids() { $room_source = sql_select("SELECT `RID` FROM `Room` WHERE `show` = 'Y'"); if ($room_source === false) return false; @@ -12,13 +12,12 @@ function mRoomList() { return null; } - /** * Returns room by id. * - * @param $id RID + * @param $id RID */ -function mRoom($id) { +function Room($id) { $room_source = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($id) . " AND `show` = 'Y' LIMIT 1"); if ($room_source === false) return false; @@ -27,5 +26,4 @@ function mRoom($id) { return null; } - ?> diff --git a/includes/model/Shifts_model.php b/includes/model/Shifts_model.php index df47b967..8cd4b3c2 100644 --- a/includes/model/Shifts_model.php +++ b/includes/model/Shifts_model.php @@ -1,9 +1,10 @@ 0) - return $user_source; - return null; +function User_ids() { + return sql_select("SELECT `UID` FROM `User`"); } /** @@ -49,6 +44,7 @@ function User($id) { } /** + * TODO: Merge into normal user function * Returns user by id (limit informations. * * @param $id UID -- cgit v1.2.3-54-g00ecf