Jump to content

Recommended Posts

I'm creating a little forum program, I'm just wondering how I'm going about things. I'm not going to post ALL the code, I'm just going to post parts of the code for one of the files (the "show topic" file) and add a few comments to tell you what's going on. I'm not going to show any of the HTML either, to try and keep it small... so it'll just be the PHP (well most of it, some of it was mixed with the HTML).

 

I'm just looking for input, whether I could achieve the things I'm doing any easier, whether you think it's efficient... etc.

 

<?php
session_start();
define( IN_EQUINOX, 1 );
define( IN_FORUM, 1 );

require( 'config.php' );
require( 'init.php' );

if( !is_numeric( $_GET['id'] ) ) header( 'Location: index.php' );

// Most of the stuff I'm grabbing from this query is for the pagination... some of it is for later on though.
$query = "SELECT `topic_author_id`, `topic_title`, `topic_pinned`, `topic_open`, `forum_name`, `forum_id`, `forum_moderators`, `forum_parent_id`, `cat_name`, `cat_id`, `forum_moderators`
       FROM `forums`
	   INNER JOIN `topics`
	   ON `topics` . `topic_parent_id` = `forums` . `forum_id`
	   JOIN `categories`
	   ON `categories` . `cat_id` = `forums` . `forum_parent_id`
	   WHERE `topic_id` = '{$_GET['id']}'";
$result = mysql_query( $query );

// Pagination and what-not...
if( mysql_num_rows( $result ) > 0)
{
$assocA = mysql_fetch_assoc( $result );
$page_trail = '<a href="index.php">Forum</a> » <a href="category.php?id=' . $assocA['cat_id'] . '">' . $assocA['cat_name'] . '</a> » <a href="forum.rev?id=' . $assocA['forum_id'] . '">' . $assocA['forum_name'] . '</a>';
$mem_location = 'viewing the Topic: <a href="topic.php?id=' . $_GET['id'] . '">' . $assocA['topic_title'] . '</a>';
}
else
{
$page_trail = '<a href="index.php">Forum</a> » <a href="#" title="">Error</a>';
$noTopic = 1;
}
$page_title = 'Forum - ' . $assocA['cat_name'] . ' - ' . $assocA['forum_name'];

unset( $query ); unset( $result );

if( $member->is_logged_in() )
{
// Let's see what permissions our Member has...
$query = "SELECT `show_topics`, `reply_topics`, `create_topics`
		   FROM `forums`
		   WHERE `forum_id` = '{$assocA['forum_id']}'";
$result = mysql_query( $query );
$assocB = mysql_fetch_assoc( $result );

$canViewTopics = explode( ',', $assocB['show_topics'] );
$canViewTopics = ( in_array( $_SESSION['mem_group'], $canViewTopics ) ) ? 1 : 0;
$canReplyTopics = explode( ',', $assocB['reply_topics'] );
$canReplyTopics = ( in_array( $_SESSION['mem_group'], $canReplyTopics ) ) ? 1 : 0;
$canCreateTopics = explode( ',', $assocB['create_topics'] );
$canCreateTopics = ( in_array( $_SESSION['mem_group'], $canCreateTopics ) ) ? 1 : 0;
$canCreatePolls = explode( ',', $assocB['create_polls'] );
$canCreatePolls = ( in_array( $_SESSION['mem_group'], $canCreatePolls ) ) ? 1 : 0;

// ...and the Moderation permissions...

$forumMods = explode( ',', $assocA['forum_mods'] );
$done = 0;

if( $member->is_super_moderator() || $member->is_administrator() )
{
	// If our Member is a Super Moderator or an Administrator then we're done, just give 'em them permission to do everything then carry on.
	$canModerate = $canEditTopics = $canDeleteTopics = $canOpenTopics = $canCloseTopics = $canMoveTopics = $canPinTopics = $canUnpinTopics = 1;
	$done = 1;
}
elseif( in_array( $_SESSION['mem_id'], $forumMods ) && $done !== 1 )
{
	// If the Member isn't a Super Moderator or Administrator, then let's see if their Group is allowed to moderate Topics within this Forum.
	$query = "SELECT *
			  FROM `forum_moderators`
			  WHERE `forum_id` = '{$_GET['id']}'
			  AND `group_id` = '{$_SESSION['mem_group']}
			  AND `mem_id` = 'NONE'";
	$result = mysql_query( $query );

	if( mysql_num_rows( $result ) > 0)
	{
		$assocC = mysql_fetch_assoc( $result );

		$canModerate = 1;
		$canEditTopics = $assocC['edit_topics'];
		$canDeleteTopics = $assocC['delete_topics'];
		$canOpenTopics = $assocC['open_topics'];
		$canCloseTopics = $assocC['close_topics'];
		$canMoveTopics = $assocC['move_topics'];
		$canPinTopics = $assocC['pin_topics'];
		$canUnpinTopics = $assocC['unpin_topics'];
		$done = 1;
	}
	else
	{
		// The Member's Group isn't allowed to moderate Topics within this Forum, maybe the Member is?
		unset( $query ); unset( $result );
		$query = "SELECT *
			  	  FROM `forum_moderators`
				  WHERE `forum_id` = '{$_GET['id']}'
				  AND `mem_id` = '{$_SESSION['mem_id']}
				  AND `group_id` = 'NONE'";
		$result = mysql_query( $query );
		if( mysql_num_rows( $result ) > 0)
		{
			$assocC = mysql_fetch_assoc( $result );
			$canModerate = 1;
			$canEditTopics = $assocC['edit_topics'];
			$canDeleteTopics = $assocC['delete_topics'];
			$canOpenTopics = $assocC['open_topics'];
			$canCloseTopics = $assocC['close_topics'];
			$canMoveTopics = $assocC['move_topics'];
			$canPinTopics = $assocC['pin_topics'];
			$canUnpinTopics = $assocC['unpin_topics'];
			$done = 1;
		}
		else
		{
			// This Member ain't doin' no moderatin'...
			$canModerate = $canEditTopics = $canDeleteTopics = $canOpenTopics = $canCloseTopics = $canMoveTopics = $canPinTopics = $canUnpinTopics = 0;
		}
		unset( $query ); unset( $result );
	}
}
elseif( $_SESSION['mem_id'] == $assocA['topic_author_id'] && $done !== 1 )
{
	// If the Member is the author of the Topic, then let's give 'em a few moderation priveleges.
	$canModerate = $canEditTopics = 1;
	$canDeleteTopics = $canOpenTopics = $canCloseTopics = $canMoveTopics = $canPinTopics = $canUnpinTopics = 0;
}
else
{
	// This Member ain't doin' no moderatin'...
	$canModerate = $canEditTopics = $canDeleteTopics = $canOpenTopics = $canCloseTopics = $canMoveTopics = $canPinTopics = $canUnpinTopics = 0;
}
}
else
{
// Let's see what permissions our Guest has...
$query = "SELECT `show_topics_g`, `reply_topics_g`, `create_topics_g`
		   FROM `forums`
		   WHERE `forum_id` = '{$assocA['forum_id']}'";
$result = mysql_query( $query );
$assocB = mysql_fetch_assoc( $result );

$canViewTopics = $assocB['show_topics_g'];
	$canReplyTopics = $assocB['reply_topics_g'];
$canCreateTopics = $assocB['create_topics_g'];

// This Guest ain't doin' no moderatin'...
$canModerate = $canEditTopics = $canDeleteTopics = $canOpenTopics = $canCloseTopics = $canMoveTopics = $canPinTopics = $canUnpinTopics = 0;
}
unset( $query ); unset( $result );

include( 'header.php' );

// Let's see if the Topic exists...
$query = "SELECT *
	  FROM `topics`
	  INNER JOIN `members`
	  ON `members` . `mem_id` = `topics` . `topic_author_id`
	  WHERE `topic_id` = '{$_GET['id']}'";
$result = mysql_query( $query );

if( mysql_num_rows( $result ) == 0 )
{
$do_not_pass_go = 1;
// The Topic doesn't even exist so I show the user an error and make sure the script doesn't carry on when it doesn't need to.
}

if( $canViewTopics == 0 && $do_not_pass_go == 0 )
{
	// The User does not have permission to view the Topic so I show them an error saying so.
}
elseif( $canViewTopics == 1 && $do_not_pass_go == 0 )
{
// The User DOES have permission to view the Topic, let's carry on.

while( $rowA = mysql_fetch_assoc( $result ) )
{
	$t_id = $rowA['topic_id'];
	$t_author_id = $rowA['topic_author_id'];
	$t_title = $rowA['topic_title'];
	$t_desc = $rowA['topic_description'];
	$t_replies = $rowA['topic_replies'];
	$t_views = $rowA['topic_views'];
	$t_content = $rowA['topic_content'];
	$t_parent_id = $rowA['topic_parent_id'];

	$t_timestamp = $member->timezone( $rowA['timestamp'] );
	$t_time = date('l  jS M Y, g:i a', $member->output);

	$m_author_name = $rowA['mem_dname'];
	$member->format_name_apos( $rowA['mem_dname'] );
	$m_author_name_apos = $member->output;

	$m_author_group = $rowA['mem_group'];
	$m_author_online = $rowA['mem_online'];
	$m_author_title = $rowA['mem_title'];
	$m_author_avatar = $rowA['mem_avatar'];
	$m_author_topics = $rowA['mem_topics'];
	$m_author_replies = $rowA['mem_replies'];
	$m_author_posts = $m_author_topics + $m_author_replies;
	$m_banned = $rowA['mem_banned'];
}

unset( $query ); unset( $result );

$t_replies = ( $t_repliess == 1 ) ? '1 Reply' : $t_replies . ' Replies';
$t_views = ( $t_views == 1 ) ? '1 View' : $t_views . ' Views';

unset( $query ); unset( $result );

$query = "SELECT `group_color`
		  FROM `groups`
		  WHERE `group_id` = '{$m_author_group}'";
$result = mysql_query( $query );
$group_color = mysql_fetch_row( $result );

unset( $query ); unset( $result );

/** Here I show the Topic... */

$query = "SELECT *
		  FROM `replies`
		  INNER JOIN `members`
		  ON `members` . `mem_id` = `replies` . `reply_author_id`
		  WHERE `reply_parent_id` = '{$t_id}'
		  ORDER BY `reply_id` ASC";
$result = mysql_query( $query ) or die( mysql_error() );

$row_count = 0;

if( mysql_num_rows( $result ) > 0 )
{
	while( $rowD = mysql_fetch_assoc( $result ) )
	{
		$r_id = $rowD['reply_id'];
		$r_author_id = $rowD['reply_author_id'];
		$r_title = $rowD['reply_title'];
		$r_content = $rowD['reply_content'];

		$r_author_group = $rowD['mem_group'];
		$r_author_online = $rowD['mem_online'];
		$r_author_title = $rowD['mem_title'];
		$r_author_avatar = $rowD['mem_avatar'];
		$r_author_topics = $rowD['mem_topics'];
		$r_author_replies = $rowD['mem_replies'];
		$r_author_posts = $r_author_topics + $r_author_replies;
		$r_author_banned = $rowD['mem_banned'];

		$r_author_name = $rowD['mem_dname'];
		$r_author_name_apos = $member->format_name_apos( $rowD['mem_dname'] );
		$r_author_name_apos = $member->output;

		$r_timestamp = $member->timezone( $rowD['reply_timestamp'] );
		$r_time = date('l  jS M Y, g:i a', $member->output);

		$row_color = ($row_count % 2) ? '0' : '1';

		/** Here I show the Reply... */

		$row_count++;
	}
}
}
include( 'footer.php' );
?>

 

I took out a lot of the code, such as the code that decides whether or not to show moderation options and... well quite a bit, but this is the main part of the script which I'm looking for input on.

Link to comment
https://forums.phpfreaks.com/topic/89225-how-am-i-going-about-things/
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.