<?php
/* $Id$ */
namespace MCMS\_\Modx\MCMS\BBoard;

(defined('MCMS') && (basename(__FILE__) != basename($_SERVER['PHP_SELF']))) or die('ACCESS DENIED');

use Mammut\IO\FileNotFoundException;
use Mammut\Template\CTemplate;

use MCMS\Request;
use MCMS\Response;
use MCMS\System;
use MCMS\_\Com\MCMS\HTML\Lists\SimplePageList;

use MCMS\_\Modx\MCMS\BBoard\_\Model\Category;
use MCMS\_\Modx\MCMS\BBoard\_\Model\Board;
use MCMS\_\Modx\MCMS\BBoard\_\Model\Topic;
use MCMS\_\Modx\MCMS\BBoard\_\Model\TopicPoll;
use MCMS\_\Modx\MCMS\BBoard\_\Model\TopicPollOption;
use MCMS\_\Modx\MCMS\BBoard\_\Model\Post;
use MCMS\_\Modx\MCMS\BBoard\_\Model\PostMedia;
use MCMS\_\Modx\MCMS\BBoard\_\Service\DataSvc;
use MCMS\_\Modx\MCMS\BBoard\_\Service\SettingSvc;

/**
 * Bulletin board module
 *
 * @author Stefan Daurer <s.daurer@qdevzone.net>
 * @since 1.0
 * @package MammutCMS
 * @subpackage Module
 */
class BBoard extends BBoardBase {

	protected function getMyId() {
		return 'mcms.bboard';
	}

	private function getEffectivePrivs() {
		switch($action) {
			case 'index':
			case 'newcategory':
			case 'newboard':
			case 'catedit':
			case 'boardedit':
			case 'error':
			case 'help':
			case 'allsmilies':
				$allow['read'] = true;
				$allow['write'] = true;
				$allow['admin'] = ($users->get_admin_level($mod) >= 2);
			break;
			case 'board':
			case 'topic':
			case 'topicedit':
			case 'new':
			case 'topic':
			case 'postedit':
			case 'privedit':
				switch($board['secure']) {
					case 0: // free access
						$allow['read'] = true;
						$allow['write'] = true;
						$allow['admin'] = ($users->get_admin_level($mod) >= 1) || ($extrapriv >= 1);
					break;
					case 1:
						$allow['read'] = true;
						$allow['write'] = ($users->user['id'] > 0);
						$allow['admin'] = ($users->get_admin_level($mod) >= 1) || ($extrapriv >= 1);
					break;
					case 2: // user only access
						$allow['read'] = ($users->user['id'] > 0);
						$allow['write'] = ($users->user['id'] > 0);
						$allow['admin'] = ($users->get_admin_level($mod) >= 1) || ($extrapriv >= 1);
					break;
					case 3: // dummy lvl, not used till now...
						$allowed = false;
					break;
					case 4: // password access (obsolete)
						$allow['read'] = $_COOKIE["baccess{$_REQUEST['bid']}"] == sha1($board['passwd']);
						$allow['write'] = $allow['read'];
						$allow['admin'] = ($users->get_admin_level($mod) >= 1) || ($extrapriv >= 1);
					break;
					case 5: // id list access
						$allow['read'] = ($users->get_admin_level($mod) >= 1) || ($extrapriv >= 0);
						$allow['write'] = $allow['read'];
						$allow['admin'] = ($users->get_admin_level($mod) >= 1) || ($extrapriv >= 1);
					break;
					case 6: // admin access only
						$allow['read'] = ($users->get_admin_level($mod) >= 2);
						$allow['write'] = ($users->get_admin_level($mod) >= 2);
						$allow['admin'] = ($users->get_admin_level($mod) >= 2);
					break;
				}
			break;
			default:
				$allow['read'] = false;
				$allow['write'] = false;
				$allow['admin'] = false;
			break;
		}
	}

	private function common() {
		// split the status cookie into it's containing values
		list($stat['lastview'], $stat['laststat'], $stat['ttime'], $stat['ppp_board'], $stat['ppp_topic']) = explode("-", $_COOKIE['stat_board']);
		
		if(!empty($_REQUEST['ttime'])) {
			$stat['ttime'] = $_REQUEST['ttime'];
		}
		if(!empty($_REQUEST['ppp_board'])) {
			$stat['ppp_board'] = $_REQUEST['ppp_board'];
		}
		if(!empty($_REQUEST['ppp_topic'])) {
			$stat['ppp_topic'] = $_REQUEST['ppp_topic'];
		}
		
		// if the status informations are empty, set them to some resonable defaults
		if(empty($stat['lastview'])) {
			$stat['lastview'] = time();
		}
		if(empty($stat['ttime'])) {
			$stat['ttime'] = 30 * 24 * 3600;
		}
		if(empty($stat['ppp_board'])) {
			$stat['ppp_board'] = 50;
		}
		if(empty($stat['ppp_topic'])) {
			$stat['ppp_topic'] = 25;
		}
		
		// check if the 'laststat'-value should be setup cause of inactivity of the user
		if($stat['lastview'] < time() - (15 * 60))
			$stat['laststat'] = $stat['lastview'];
		elseif(empty($stat['laststat']))
			$stat['laststat'] = time();
		
		setcookie("stat_board", time() . "-$stat[laststat]-$stat[ttime]-$stat[ppp_board]-$stat[ppp_topic]", time() + (30 * 24 * 3600));
		
		$ids['b'] = 0; // board, 0 = none
		$ids['t'] = 0; // topic, 0 = none
		$ids['p'] = 0; // posting, 0 = none
		

		if($_REQUEST['pid'] = (int) $_REQUEST['pid'])
			if($post = $db->get_array("SELECT * FROM `{$mod}_post` WHERE `id`='{$_REQUEST['pid']}'"))
				$_REQUEST['tid'] = $post['tid'];
		
		if($_REQUEST['tid'] = (int) $_REQUEST['tid'])
			if($topic = $db->get_array("SELECT * FROM `{$mod}_topic` WHERE `id`='{$_REQUEST['tid']}'"))
				$_REQUEST['bid'] = $topic['bid'];
		
		if($_REQUEST['bid'] = (int) $_REQUEST['bid'])
			if($board = $db->get_array("SELECT * FROM `{$mod}_board` WHERE `id`='{$_REQUEST['bid']}'"))
				$_REQUEST['cid'] = $board['cid'];
		
		if($_REQUEST['cid'] = (int) $_REQUEST['cid'])
			$cat = $db->get_array("SELECT * FROM `{$mod}_category` WHERE `id`='{$_REQUEST['cid']}'");
		
		$extrapriv = -1;
		if($users->user['id'] > 0 && $_REQUEST['bid'] > 0)
			if($row = $db->get_array("SELECT * FROM `{$mod}_priv` WHERE `bid`='{$_REQUEST['bid']}' AND `uid`='{$users->user['id']}'"))
				$extrapriv = $row['level'];
		
		if($system['dorender'] && !$allow['read']) {
			header("Location: " . $_SERVER['PHP_SELF'] . "?module=$mod&action=error&errno=403");
			$system['dorender'] = false;
		}
	}
	
	// pagetype is group, board, topic, post. action is read, write, edit, delete
	private function isAllowedTo($pageType, $action) {
		switch($pageType) {
			case 'board':
				if($users->user['id'] > 0)
					if($row = $db->get_array("SELECT * FROM `{$mod}_priv` WHERE `uid`='{$users->user['id']}' AND `bid`='{$_REQUEST['bid']}'"))
						if($row['level'] > $user['admin']) {
							$user['admin'] = $row['level'];
						}
			break;
			
			case 'topic':
				setcookie("bcount-lock[{$_REQUEST['tid']}]", time());
				$topic = $db->get_array("SELECT * FROM `{$mod}_topic` WHERE `id`='{$_REQUEST['tid']}'");
				if($users->user['id'] >= 0)
					if($row = $db->get_array("SELECT * FROM `{$mod}_priv` WHERE `uid`='{$users->user['id']}' AND `bid`='$topic[bid]'"))
						if($row['level'] > $user['admin'])
							$user['admin'] = $row['level'];
			break;
		}
	}

	/**
	 * Start page
	 */
	public function runIndex(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$db = $system->getDB();
		$param = $system->getRequest()->getParam();
		$usrSvc = $system->getUserSvc();
		$usr = $usrSvc->getUser();
		
		$locale = $system->getActiveLocale();
		$strings = $this->loadLocaleStrings($locale, __DIR__);
		
		try {
			$layout = $this->findLayout($system->getSiteId(), $activeInstance);
			$template = $this->loadTemplate('mcms.bboard', $system->getTarget('action'), $layout, true);
			$fragments = self::buildLayoutBaseUrl($layout, true);
			$template->setRelativePathReplacer($fragments[0].'/mcms/bboard/_layout_/'.$fragments[1]);
				
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale));
			$template->setParam('self', _SELF_);
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('board_admin', function($ctx) use ($system, $activeInstance, $usrSvc, $usr) {
				if (empty($usr))
					return false;
				return $usrSvc->userHasPriv($usr, $system->getSiteId(), $activeInstance, 'manage');
			});
			$template->setParam('board_topics', function($ctx) {
				$c = -1;
				if (isset($ctx['board']) && isset($ctx['board']->id))
					$c = DataSvc::getBoardTopicCount($ctx['board']->id);
				return $c;
			});
					
			
			$boardCount = 0;
			$categories = DataSvc::getAllCategories($system->getSiteId(), $activeInstance);
			foreach($categories as $cat) {
				$boards = DataSvc::getBoardsForCategory($system->getSiteId(), $activeInstance, $cat->getId());
				$cat->boards = $boards;
				$boardCount += count($boards);
			}
			$template->setParam('categories', $categories);
			
			$template->setParam('stat_boardcount', $boardCount);
			$template->setParam('stat_topiccount', $tc = $db->getObject('SELECT COUNT(*) AS c FROM "m_mcms#bboard_topics"')->c);
			$template->setParam('stat_postcount', $db->getObject('SELECT COUNT(*) AS c FROM "m_mcms#bboard_posts"')->c - $tc);
			
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$template->setParam('admin', !is_null($usr) && $usrSvc->userHasPriv($usr));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runOrganize(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$param = $system->getRequest()->getParam();
		
		$locale = $system->getActiveLocale();
		$strings = $this->loadLocaleStrings($locale, __DIR__);
		
		try {
			$layout = $this->findLayout($system->getSiteId(), $activeInstance);
			$template = $this->loadTemplate('mcms.bboard', $system->getTarget('action'), $layout, true);
			
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale));
			$template->setParam('self', _SELF_);
			$template->setParam('instance', $activeInstance);
			
			$boardCount = 0;
			$categories = DataSvc::getAllCategories($system->getSiteId(), $activeInstance);
			foreach($categories as $cat) {
				$boards = DataSvc::getBoardsForCategory($system->getSiteId(), $activeInstance, $cat->getId());
				$cat->boards = $boards;
				$boardCount += count($boards);
			}
			$template->setParam('categories', $categories);
			
			$template->setParam('stat_boardcount', $boardCount);
			$template->setParam('stat_topiccount', $tc = $system->getDB()->getObject('SELECT COUNT(*) AS c FROM "m_mcms#bboard_topics"')->c);
			$template->setParam('stat_postcount', $system->getDB()->getObject('SELECT COUNT(*) AS c FROM "m_mcms#bboard_posts"')->c - $tc);
			
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runResetReaded(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$svc = $system->getUserSvc();
		
		$stat['lastview'] = $stat['laststat'] = time();
		header("Location: " . $_SERVER['PHP_SELF'] . "?module=" . $mod);
		
		$response->setRedirect($activeInstance, 'index', $redirectParam);
		$response->setRedirect($activeInstance, 'index'); // redirect the request
	}

	public function runPrivileges(Request $request, Response $response, $activeInstance) {
		$this->_boardEditCheckPerm0($activeInstance);
		
		$system = System::getInstance();
		
		$tplfile = __DIR__ . '/_layout_/_default_/' . 'tpl.' . $system->getTarget('action') . '.php'; // define the template file
		

		try {
			$template = new CTemplate();
			$template->loadTemplate($tplfile);
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale).' - Privs');
			$template->setParam('self', $_SERVER['PHP_SELF']);
			$template->setParam('logoutLink', $_SERVER['PHP_SELF'] . '?mod=' . $activeInstance . '&amp;view=logout');
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runPrivUpdate(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$svc = $system->getUserSvc();
		
		$err = '';
		if($users->get_admin_level($mod) >= 1) {
			$bid = (int) $_REQUEST['bid'];
			if(isset($_REQUEST['priv']) && is_array($_REQUEST['priv']))
				foreach($_REQUEST['priv'] as $uid=>$lvl) {
					if($lvl == '-1')
						$db->delete("{$mod}_priv", array("`uid`='$uid'","`bid`='$bid'"), 'AND');
					else
						$db->update("{$mod}_priv", array('level' => "'$lvl'"), array(
								"`uid`='$uid'","`bid`='$bid'"), 'AND');
					$err .= mysql_error();
				}
			$lvl = (int) $_REQUEST['new']['priv'];
			if(($newid = (int) $_REQUEST['new']['id']) != 0) {
				$new['uid'] = "'$newid'";
				$new['bid'] = "'$bid'";
				$new['level'] = "'$lvl'";
				$db->insert("{$mod}_priv", $new);
			}
		}
		if($db->lasterror() == '')
			header("Location: " . $_SERVER['PHP_SELF'] . "?module=" . $mod . "&action=privedit&bid=" . $_REQUEST['bid']);
		elseif(defined('DEBUG'))
			echo $db->lasterror();
		else
			echo $locate['error']['public_db_error_msg'];
		
		$response->setRedirect($activeInstance, 'index', $redirectParam);
		$response->setRedirect($activeInstance, 'index'); // redirect the request
	}

	public function runCatNew(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		
		$tplfile = __DIR__ . '/_layout_/_default_/' . 'tpl.' . $system->getTarget('action') . '.php'; // define the template file
		

		try {
			$template = new CTemplate();
			$template->loadTemplate($tplfile);
			$template->setParam('title', 'User');
			$template->setParam('self', $_SERVER['PHP_SELF']);
			$template->setParam('logoutLink', $_SERVER['PHP_SELF'] . '?mod=' . $activeInstance . '&amp;view=logout');
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runCatAdd(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		
		if($users->get_admin_level($mod) > 1) {
			$db->insert("{$mod}_category", array(
					'name' => "'" . $db->escape_string($_REQUEST['name']) . "'",
					'pid' => "'" . $system['page']['id'] . "'",
					'priority' => "'" . ((int) $_REQUEST['priority']) . "'"));
		}
		if($db->lasterror() == '')
			header("Location: " . $_SERVER['PHP_SELF'] . "?module=" . $mod);
		elseif(defined('DEBUG'))
			echo $db->lasterror();
		else
			echo $locate['error']['public_db_error_msg'];
		
		$response->setRedirect($activeInstance, 'index', $redirectParam);
		$response->setRedirect($activeInstance, 'index'); // redirect the request
	}

	public function runCatEdit(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		
		$tplfile = __DIR__ . '/_layout_/_default_/' . 'tpl.' . $system->getTarget('action') . '.php'; // define the template file
		

		try {
			$template = new CTemplate();
			$template->loadTemplate($tplfile);
			$template->setParam('title', 'User');
			$template->setParam('self', $_SERVER['PHP_SELF']);
			$template->setParam('logoutLink', $_SERVER['PHP_SELF'] . '?mod=' . $activeInstance . '&amp;view=logout');
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runCatUpdate(Request $request, Response $response, $activeInstance) {
		$login = $_POST['login'];
		$passwd = $_POST['passwd'];
		
		$system = System::getInstance();
		$svc = $system->getUserSvc();
		
		$usr = $svc->loginUser($login, $passwd);
		$redirectParam = array();
		if(!is_object($usr))
			$redirectParam['errno'] = (int) $usr;
		$response->setRedirect($activeInstance, 'index', $redirectParam);
		$response->setRedirect($activeInstance, 'index'); // redirect the request
	}

	public function runCatDelAsk(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		
		$tplfile = __DIR__ . '/_layout_/_default_/' . 'tpl.' . $system->getTarget('action') . '.php'; // define the template file
		

		try {
			$template = new MFCTemplate();
			$template->loadTemplate($tplfile);
			$template->setParam('title', 'User');
			$template->setParam('self', $_SERVER['PHP_SELF']);
			$template->setParam('logoutLink', $_SERVER['PHP_SELF'] . '?mod=' . $activeInstance . '&amp;view=logout');
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runCatRemove(Request $request, Response $response, $activeInstance) {
		$login = $_POST['login'];
		$passwd = $_POST['passwd'];
		
		$system = System::getInstance();
		$svc = $system->getUserSvc();
		
		$usr = $svc->loginUser($login, $passwd);
		$redirectParam = array();
		if(!is_object($usr))
			$redirectParam['errno'] = (int) $usr;
		$response->setRedirect($activeInstance, 'index', $redirectParam);
		$response->setRedirect($activeInstance, 'index'); // redirect the request
	}

	/**
	 * Board screen with its topics
	 */
	public function runBoard(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$param = $system->getRequest()->getParam();
		$usrSvc = $system->getUserSvc();
		$usr = $usrSvc->getUser();
		
		$locale = $system->getActiveLocale();
		$strings = $this->loadLocaleStrings($locale, __DIR__);

		$bid = (int) $system->getRequest()->getParam('bid');
		$board = DataSvc::getBoard($system->getSiteId(),$activeInstance,$bid);
		
		$maxppp = $system->getSiteParam($system->getSiteId(), $activeInstance, 'tpp', 25);
		if (isset($param['page']))
			$page = (int) $param['page'];
		else
			$page = 0;
		if ($page == 0) $page = 1;
		$from = ($page-1) * $maxppp;	
		
		try {
			$layout = $this->findLayout($system->getSiteId(), $activeInstance);
			$template = $this->loadTemplate('mcms.bboard', $system->getTarget('action'), $layout, true);
			$fragments = self::buildLayoutBaseUrl($layout, true);
			$template->setRelativePathReplacer($fragments[0].'/mcms/bboard/_layout_/'.$fragments[1]);
			
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale));
			$template->setParam('self', _SELF_);
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('board', $board);
			$template->setParam('topics', DataSvc::getBoardTopics($board->id, $from, $maxppp));
			$template->setParam('topic_moved', function($ctx) use ($system, $activeInstance) {
				return false;
			});
			
			$template->setParam('topic_admin', function($ctx) use ($system, $activeInstance, $usrSvc, $usr) {
				if (empty($usr))
					return false;
				return $usrSvc->userHasPriv($usr, $system->getSiteId(), $activeInstance, 'manage');
			});
			
			$template->setParam('topic_poll', function($ctx) use ($system, $activeInstance, $usrSvc, $usr) {
				return false;
			});
						
			$template->setParam('topic_answers', function($ctx) use ($system, $activeInstance) {
				return DataSvc::getTopicPostCount($ctx['topic']->id) - 1;
			});

			$template->setParam('topic_staticon', function($ctx) use ($system, $activeInstance) {
				return 'layout/_system_/images/actions/16x16/folder.png';
			});
						
			$template->setParam('topic_status', function($ctx) use ($system, $activeInstance) {
				return 'old';
			});
						
			$template->setParam('topic_icon', function($ctx) use ($system, $activeInstance) {
				return 'layout/_system_/images/actions/16x16/folder.png';
			});
			
			$template->setParam('topic_iconfile', function($ctx) use ($system, $activeInstance) {
				return 'default';
			});
			
			$template->setParam('topic_lastdate', function($ctx) use ($system, $activeInstance) {
				$date = DataSvc::getTopicLastPostDate($ctx['topic']->id);
				return $date ? $date->format('d.m.Y H:i') : 'N/A';
			});
			
			$template->setParam('isUser', !is_null($usr));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);

			$template->setParam('admin', !is_null($usr) && $usrSvc->userHasPriv($usr));
				
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $ex->getContext());
		}
	}

	public function runBoardNew(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		
		$tplfile = __DIR__ . '/_layout_/_default_/' . 'tpl.' . $system->getTarget('action') . '.php'; // define the template file
		

		try {
			$template = new MFCTemplate();
			$template->loadTemplate($tplfile);
			$template->setParam('title', 'User');
			$template->setParam('self', $_SERVER['PHP_SELF']);
			$template->setParam('logoutLink', $_SERVER['PHP_SELF'] . '?mod=' . $activeInstance . '&amp;view=logout');
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runBoardAdd(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$svc = $system->getUserSvc();
		
		if($users->get_admin_level($mod) >= 1) {
			$cid = (int) $_REQUEST['cid'];
			$newboard['cid'] = $cid;
			$newboard['priority'] = (int) $_REQUEST['priority'];
			$newboard['name'] = "'" . $db->escape_string(trim($_REQUEST['name'])) . "'";
			$newboard['desc'] = "'" . $db->escape_string(trim($_REQUEST['desc'])) . "'";
			$newboard['html'] = "'" . (($_REQUEST['html'] == 'y') ? $db->true() : $db->false()) . "'";
			$newboard['code'] = "'" . (($_REQUEST['code'] == 'y') ? $db->true() : $db->false()) . "'";
			$newboard['imagelimit'] = ($_REQUEST['imagelimit'] == 'NULL' ? 'NULL' : (int) $_REQUEST['imagelimit']);
			$newboard['secure'] = (int) $_REQUEST['security'];
			$newboard['ro'] = "'" . (($_REQUEST['ro'] == 'y') ? $db->true() : $db->false()) . "'";
			$newboard['hidden'] = "'" . (($_REQUEST['hidden'] == 'y') ? $db->true() : $db->false()) . "'";
			$newboard['passwd'] = "'" . $db->escape_string(trim($_REQUEST['password'])) . "'";
			if($cat = $db->get_array("SELECT * FROM `{$mod}_category` WHERE `id`='$cid'"))
				$db->insert("{$mod}_board", $newboard);
			unset($newboard);
		}
		if($db->lasterror() == '')
			header("Location: " . $_SERVER['PHP_SELF'] . "?module=" . $mod);
		elseif(defined('DEBUG'))
			echo $db->lasterror();
		else
			echo $locate['error']['public_db_error_msg'];
		
		$response->setRedirect($activeInstance, 'index', $redirectParam);
		$response->setRedirect($activeInstance, 'index'); // redirect the request
	}

	public function runBoardEdit(Request $request, Response $response, $activeInstance) {
		$this->_boardEditCheckPerm0($activeInstance);
		
		$system = System::getInstance();
		$param = $system->getRequest()->getParam();
		$usrSvc = $system->getUserSvc();
		$usr = $usrSvc->getUser();		
		
		$locale = $system->getActiveLocale();
		$strings = $this->loadLocaleStrings($locale, __DIR__);

		$bid = (int) $system->getRequest()->getParam('bid');
		$board = DataSvc::getBoard($system->getSiteId(),$activeInstance,$bid);
		
		$form = $system->createFormBuilder($board);
		$form->setTargetLink(_SELF_SERVICE_);
		$form->setTargetParams([
				'mod' => $activeInstance,
				'view' => 'boardUpdate',
				'id' => $board->id,
		]);
		
		try {
			$layout = $this->findLayout($system->getSiteId(), $activeInstance);
			$template = $this->loadTemplate('mcms.bboard', $system->getTarget('action'), $layout, true);
			$fragments = self::buildLayoutBaseUrl($layout, true);
			$template->setRelativePathReplacer($fragments[0].'/mcms/bboard/_layout_/'.$fragments[1]);
						
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale));
			$template->setParam('self', _SELF_);
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('formstart', $form->genStart());
			$this->_boardEditFillForm0($template, $form);
			$template->setParam('submit', $form->genSubmit('Update'));
			$template->setParam('formend', $form->genEnd());
				
			$template->setParam('admin', !is_null($usr) && $usrSvc->userHasPriv($usr));
				
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runBoardUpdate(Request $request, Response $response, $activeInstance) {
		$this->_boardEditCheckPerm0($activeInstance);

		$system = System::getInstance();
		$db = $system->getDB();
		$param = $system->getRequest()->getParam();
		$usrSvc = $system->getUserSvc();
		$usr = $usrSvc->getUser();
		
		$fetcher = $system->createFormFetcher(Board::clazz());
		$formData = $fetcher->fetch();
		
		$board = DataSvc::getBoard($system->getSiteId(), $activeInstance, $param['id']);
		if (empty($board))
			throw new \InvalidArgumentException("Board not found");
		
		$board->name = $formData->name;
		$board->desc = $formData->desc;
		$board->acc_public = $formData->acc_public;
		$board->acc_user = $formData->acc_user;
		
		DataSvc::updateBoard($board);
		
		$response->setRedirect($activeInstance, 'index');
	}
	
	public function runBoardACL(Request $request, Response $response, $activeInstance) {
		$this->_boardEditCheckPerm0($activeInstance);
		
		$system = System::getInstance();
		$param = $system->getRequest()->getParam();
		$usrSvc = $system->getUserSvc();
		$usr = $usrSvc->getUser();		
		
		$locale = $system->getActiveLocale();
		$strings = $this->loadLocaleStrings($locale, __DIR__);

		$bid = (int) $system->getRequest()->getParam('bid');
		$board = DataSvc::getBoard($system->getSiteId(),$activeInstance,$bid);
		
		try {
			$layout = $this->findLayout($system->getSiteId(), $activeInstance);
			$template = $this->loadTemplate('mcms.bboard', $system->getTarget('action'), $layout, true);
			$fragments = self::buildLayoutBaseUrl($layout, true);
			$template->setRelativePathReplacer($fragments[0].'/mcms/bboard/_layout_/'.$fragments[1]);
						
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale));
			$template->setParam('self', _SELF_);
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('board', $board);
			$template->setParam('admin', !is_null($usr) && $usrSvc->userHasPriv($usr));
				
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runBoardAskDel(Request $request, Response $response, $activeInstance) {
		$this->_boardEditCheckPerm0($activeInstance);
		
		$system = System::getInstance();
		$param = $system->getRequest()->getParam();
		$usrSvc = $system->getUserSvc();
		$usr = $usrSvc->getUser();		
		
		$locale = $system->getActiveLocale();
		$strings = $this->loadLocaleStrings($locale, __DIR__);

		$bid = (int) $system->getRequest()->getParam('bid');
		$board = DataSvc::getBoard($system->getSiteId(),$activeInstance,$bid);
		
		try {
			$layout = $this->findLayout($system->getSiteId(), $activeInstance);
			$template = $this->loadTemplate('mcms.bboard', $system->getTarget('action'), $layout, true);
			$fragments = self::buildLayoutBaseUrl($layout, true);
			$template->setRelativePathReplacer($fragments[0].'/mcms/bboard/_layout_/'.$fragments[1]);
						
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale));
			$template->setParam('self', _SELF_);
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('board', $board);
			$template->setParam('admin', !is_null($usr) && $usrSvc->userHasPriv($usr));
				
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runBoardRemove(Request $request, Response $response, $activeInstance) {

	}

	public function runTopic(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$db = $system->getDB();
		$param = $system->getRequest()->getParam();
		
		$locale = $system->getActiveLocale();
		$strings = $this->loadLocaleStrings($locale, __DIR__);
		
		$topic = DataSvc::getTopic((int) $param['tid']);
		$board = DataSvc::getBoard($system->getSiteId(), $activeInstance, $topic->board_id);
		
		// TODO: prevent on each view, only once per session
		DataSvc::incTopicReadCount($topic->id);
		
		try {
			$layout = $this->findLayout($system->getSiteId(), $activeInstance);
			$template = $this->loadTemplate('mcms.bboard', $system->getTarget('action'), $layout, true);
			
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale));
			$template->setParam('self', _SELF_);
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('board', $board);
			$template->setParam('topic', $topic);
			
			$template->setParam('topic_posts', function($values = false) use ($db) {
				$c = -1;
				if (isset($values->topic) && isset($values->topic->id))
					$c = $db->getObjectP('SELECT COUNT(*) AS c FROM "m_mcms#bboard_posts" WHERE "topic_id"=?',[$values->topic->id])->c;
				return $c;
			});
					
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
			
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runTopicNew(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$param = $system->getRequest()->getParam();
		
		$locale = $system->getActiveLocale();
		$strings = $this->loadLocaleStrings($locale, __DIR__);
		
		try {
			$layout = $this->findLayout($system->getSiteId(), $activeInstance);
			// $template = $this->loadTemplate('mcms.bboard', $system->getTarget('action'), $layout, true);
			$template = $this->loadTemplate('mcms.bboard', 'topicedit', $layout, true);
			
			
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale));
			$template->setParam('self', _SELF_);
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}
	
	protected function createTopic($bid, array $request, $andPoll = false) {
		$system = System::getInstance();
		$db = $system->getDB();
		$db->isTransactionSupported() && $db->startTransaction();
		$fetcher = $system->createFormFetcher(Topic::clazz());
		$topic = $fetcher->fetch($request);
		$topic->board_id = $bid;
		$topic->state = 'open';
		$topic->created_by_name = '';
		$topic->created_at = new \DateTime();
		$topic->created_by_id = $system->getUserSvc()->getUser()->getId();
		$topic->update_count = 0;
		$topic->last_updated_by_id = 0;
		$topic->readcount = 0;
		$db->table('m_mcms#bboard_topics')->insert($topic, ['answers']);
		$tid = $db->getInsertId();
		if ($andPoll)
			self::createPollAddon($tid, $request);
		self::createPost($tid, $request);
		$db->isTransactionSupported() && $db->commit();
		return $tid;
	}
	
	protected function createPollAddon($tid, array $request) {
		$system = System::getInstance();
		$fetcher = $system->createFormFetcher(TopicPoll::clazz());
		$poll = $fetcher->fetch($request);
		$poll->_id = $tid;
	}
	
	protected function createPost($tid, array $request) {
		$system = System::getInstance();
		$db = $system->getDB();
		$fetcher = $system->createFormFetcher(Post::clazz());
		$post = $fetcher->fetch($request);
		$post->topic_id = $tid;
		$post->created_by_name = '';
		$post->created_at = new \DateTime();
		$post->created_by_id = $system->getUserSvc()->getUser()->getId();
		$post->update_count = 0;
		$post->last_updated_by_id = 0;
		$db->table('m_mcms#bboard_posts')->insert($post);
		return $db->getInsertId();
	}
	
	public function runTopicAdd(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$bid = $system->getRequest()->getParam('bid');
		$tid = self::createTopic($bid, $system->getRequest()->getParam());
		
		$response->setRedirect($activeInstance, 'topic', [
			'tid' => $tid,
		]);
	}

	public function runTopicEdit(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$param = $system->getRequest()->getParam();
		
		$locale = $system->getActiveLocale();
		$strings = $this->loadLocaleStrings($locale, __DIR__);
		
		try {
			$layout = $this->findLayout($system->getSiteId(), $activeInstance);
			// $template = $this->loadTemplate('mcms.bboard', $system->getTarget('action'), $layout, true);
			$template = $this->loadTemplate('mcms.bboard', 'topicedit', $layout, true);
			
			
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale));
			$template->setParam('self', _SELF_);
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runTopicUpdate(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$svc = $system->getUserSvc();
		
		if($_REQUEST['pid']) {
			$post = $db->get_array("SELECT * FROM `{$mod}_post` WHERE `id`='{$_REQUEST['pid']}'");
			if($user['admin'] >= 2 || ($users->user['id'] > 0 && $users->user['id'] == $post['from_id'])) {
				$_REQUEST['text'] = format_sql_data($_REQUEST['text']);
				$db->query("UPDATE `{$mod}_post` SET `message`='{$_REQUEST['text']}',`icon`='{$_REQUEST['icon']}',`code`='{$_REQUEST['code']}',`html`='{$_REQUEST['html']}',`mod_date`=UNIX_TIMESTAMP() WHERE `id`='{$_REQUEST['pid']}'");
			}
			header("Location: " . $_SERVER['PHP_SELF'] . "?module=$mod&action=topic&tid=" . $post['tid']);
		}
		elseif($_REQUEST['tid']) {
			$_REQUEST['tid'] = (int) $_REQUEST['tid'];
			$topic = $db->get_array("SELECT * FROM `{$mod}_topic` WHERE `id`='{$_REQUEST['tid']}'");
			if($users->get_admin_level($mod) >= 2 || (($users->user['id'] > 0) && ($users->user['id'] == $topic['from_id']))) {
				$update['name'] = "'" . $db->escape_string($_REQUEST['name']) . "'";
				$update['desc'] = "'" . $db->escape_string($_REQUEST['desc']) . "'";
				if($users->get_admin_level($mod) != 0) {
					if($_REQUEST['closed'])
						$update['is_closed'] = "'" . $db->true() . "'";
					else
						$update['is_closed'] = "'" . $db->false() . "'";
					
					if($users->get_admin_level($mod) > 1) {
						$update['bid'] = (int) $_REQUEST['bid'];
						$topic['bid'] = (int) $_REQUEST['bid'];
					}
				}
				if($_REQUEST['delete1'] == 'y' && $_REQUEST['delete2'] == 'y') {
					$db->delete("{$mod}_topic", array("`id`='{$_REQUEST['tid']}'"));
					$db->delete("{$mod}_post", array("`tid`='{$_REQUEST['tid']}'"));
					$db->delete("{$mod}_poll-vote", array("`tid`='{$_REQUEST['tid']}'"));
					$db->delete("{$mod}_poll-option", array("`tid`='{$_REQUEST['tid']}'"));
				}
				else
					$db->update("{$mod}_topic", $update, array("`id`='{$_REQUEST['tid']}'"));
			}
			header("Location: " . $_SERVER['PHP_SELF'] . "?module=$mod&action=board&bid=$topic[bid]");
		}
		elseif($_REQUEST['bid']) {
			if($users->get_admin_level($mod) >= 1) {
				$bid = (int) $_REQUEST['bid'];
				$setup['cid'] = (int) $_REQUEST['cid'];
				$setup['priority'] = (int) $_REQUEST['priority'];
				$setup['name'] = "'" . $db->escape_string(trim($_REQUEST['name'])) . "'";
				$setup['desc'] = "'" . $db->escape_string(trim($_REQUEST['desc'])) . "'";
				$setup['html'] = "'" . (($_REQUEST['html'] == 'y') ? $db->true() : $db->false()) . "'";
				$setup['code'] = "'" . (($_REQUEST['code'] == 'y') ? $db->true() : $db->false()) . "'";
				$setup['imagelimit'] = ($_REQUEST['imagelimit'] == 'NULL' ? 'NULL' : (int) $_REQUEST['imagelimit']);
				$setup['secure'] = (int) $_REQUEST['security'];
				$setup['ro'] = "'" . (($_REQUEST['ro'] == 'y') ? $db->true() : $db->false()) . "'";
				$setup['hidden'] = "'" . (($_REQUEST['hidden'] == 'y') ? $db->true() : $db->false()) . "'";
				$setup['passwd'] = "'" . $db->escape_string(trim($_REQUEST['password'])) . "'";
				
				if($_REQUEST['delete1'] == 'y' && $_REQUEST['delete2'] == 'y') {
					$tresult = $db->query("SELECT * FROM `{$mod}_topic` WHERE `bid`='$bid'");
					while($topic = $db->fetch_array($tresult)) {
						$db->delete("{$mod}_topic", array("`id`='{$topic['id']}'"));
						$db->delete("{$mod}_post", array("`tid`='{$topic['id']}'"));
						$db->delete("{$mod}_poll-vote", array("`tid`='{$topic['id']}'"));
						$db->delete("{$mod}_poll-option", array("`tid`='{$topic['id']}'"));
					}
					$db->delete("{$mod}_board", array("`id`='{$bid}'"));
				}
				else
					$db->update("{$mod}_board", $setup, array("`id`='$bid'"));
				
				unset($setup);
			}
			if($db->lasterror() == '')
				header("Location: " . $_SERVER['PHP_SELF'] . "?module=" . $mod);
			elseif(defined('DEBUG'))
				echo $db->lasterror();
			else
				echo $locate['error']['public_db_error_msg'];
		}
		elseif($_REQUEST['cid']) {
			$_REQUEST['cid'] = (int) $_REQUEST['cid'];
			if($users->get_admin_level($mod) >= 2) {
				if($_REQUEST['delete1'] == 'y' && $_REQUEST['delete2'] == 'y') {
					if($db->get_count("SELECT `id` FROM `{$mod}_board` WHERE `cid`='{$_REQUEST['cid']}'") == 0)
						$db->query("DELETE FROM `{$mod}_category` WHERE `id`='{$_REQUEST['cid']}'");
				}
				else {
					$update['name'] = "'" . $db->escape_string($_REQUEST['name']) . "'";
					$update['priority'] = "'" . ((int) $_REQUEST['priority']) . "'";
					$db->update("{$mod}_category", $update, array("`id`='{$_REQUEST['cid']}'"));
				}
			}
			header("Location: " . $_SERVER['PHP_SELF'] . "?module=$mod");
		}
		else
			header("Location: " . $_SERVER['PHP_SELF'] . "?module=$mod&action=error&errno=65535");
		
		$response->setRedirect($activeInstance, 'index', $redirectParam);
		$response->setRedirect($activeInstance, 'index'); // redirect the request
	}

	public function runTopicDelAsk(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$param = $system->getRequest()->getParam();
		
		$locale = $system->getActiveLocale();
		$strings = $this->loadLocaleStrings($locale, __DIR__);
		
		try {
			$layout = $this->findLayout($system->getSiteId(), $activeInstance);
			$template = $this->loadTemplate('mcms.bboard', $activeInstance, $layout, true);
			
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale));
			$template->setParam('self', _SELF_);
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runTopicRemove(Request $request, Response $response, $activeInstance) {
		$login = $_POST['login'];
		$passwd = $_POST['passwd'];
		
		$system = System::getInstance();
		$svc = $system->getUserSvc();
		
		$usr = $svc->loginUser($login, $passwd);
		$redirectParam = array();
		if(!is_object($usr))
			$redirectParam['errno'] = (int) $usr;
		$response->setRedirect($activeInstance, 'index', $redirectParam);
		$response->setRedirect($activeInstance, 'index'); // redirect the request
	}

	public function runPostNew(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$param = $system->getRequest()->getParam();
		
		$locale = $system->getActiveLocale();
		$strings = $this->loadLocaleStrings($locale, __DIR__);
		
		try {
			$layout = $this->findLayout($system->getSiteId(), $activeInstance);
// 			$template = $this->loadTemplate('mcms.bboard', $system->getTarget('action'), $layout, true);
			$template = $this->loadTemplate('mcms.bboard', 'topicedit', $layout, true);
						
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale));
			$template->setParam('self', _SELF_);
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runPostAdd(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$svc = $system->getUserSvc();
		
		$tid = $_REQUEST['tid'];
		self::createPost($tid, $system->getRequest()->getParam());
		
		$response->setRedirect($activeInstance, 'topic', [
			'tid' => $tid,
		]);
	}

	public function runPostEdit(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$param = $system->getRequest()->getParam();
		
		$locale = $system->getActiveLocale();
		$strings = $this->loadLocaleStrings($locale, __DIR__);
		
		try {
			$layout = $this->findLayout($system->getSiteId(), $activeInstance);
			$template = $this->loadTemplate('mcms.bboard', 'topicedit', $layout, true);
			
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale));
			$template->setParam('self', _SELF_);
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runPostUpdate(Request $request, Response $response, $activeInstance) {
		$login = $_POST['login'];
		$passwd = $_POST['passwd'];
		
		$system = System::getInstance();
		$svc = $system->getUserSvc();
		
		$usr = $svc->loginUser($login, $passwd);
		$redirectParam = array();
		if(!is_object($usr))
			$redirectParam['errno'] = (int) $usr;
		$response->setRedirect($activeInstance, 'index', $redirectParam);
		$response->setRedirect($activeInstance, 'index'); // redirect the request
	}

	public function runPostDelAsk(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$param = $system->getRequest()->getParam();
		
		$locale = $system->getActiveLocale();
		$strings = $this->loadLocaleStrings($locale, __DIR__);
		
		try {
			$layout = $this->findLayout($system->getSiteId(), $activeInstance);
			$template = $this->loadTemplate('mcms.bboard', $system->getTarget('action'), $layout, true);
			
			$template->setParam('title', SettingSvc::getForumName($system->getSiteId(), $activeInstance, $locale));
			$template->setParam('self', _SELF_);
			$template->setParam('instance', $activeInstance);
			
			$template->setParam('isUser', !is_null($system->getUserSvc()->getUser()));
			$errors = array(-1 => 'Invalid login',-2 => 'Invalid password');
			$template->setParam('error', !empty($_REQUEST['errno']) ? $errors[$_REQUEST['errno']] : false);
			
			$response->setFragment('CONTENT', $template->getDocument());
		}
		catch(FileNotFoundException $ex) {
			$response->setFragment('CONTENT', "file is missing: " . $tplfile);
		}
	}

	public function runPostRemove(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$svc = $system->getUserSvc();
		
		if($_REQUEST['pid']) {
			$pid = (int) $_REQUEST['pid'];
			$post = $db->get_array("SELECT * FROM `{$mod}_post` WHERE `id`='{$_REQUEST['pid']}'");
			if($user['admin'] >= 2 || ($user && $user['id'] == $post['from_id'])) {
				$db->query("DELETE FROM `{$mod}_post` WHERE `id`='{$_REQUEST['pid']}'");
				$db->query("UPDATE `{$mod}_topic` SET `updated`='0' WHERE `id`='{$post['tid']}'");
			}
			header("Location: " . $_SERVER['PHP_SELF'] . "?module=$mod&action=topic&tid=" . $post['tid']);
		}
		else
			header("Location: " . $_SERVER['PHP_SELF'] . "?module=$mod&action=error&errno=65535");
		$system['dorender'] = false;
		
		$response->setRedirect($activeInstance, 'index', $redirectParam);
		$response->setRedirect($activeInstance, 'index'); // redirect the request
	}

	public function runDoVote(Request $request, Response $response, $activeInstance) {
		$system = System::getInstance();
		$svc = $system->getUserSvc();
		
		$tid = $_REQUEST['tid'];
		$topic = $db->get_array("SELECT * FROM `{$mod}_topic` WHERE `id`='$tid'");
		if(($db->get_count("SELECT * FROM `{$mod}_poll-vote` WHERE `uid`='{$users->user['id']}' AND `tid`='$tid'") == 0) && ($users->user['id'] > 0)) {
			if(count($_REQUEST['vote']) <= $topic['poll_num_votes'] && count($_REQUEST['vote']) != 0) {
				$db->query("INSERT INTO `{$mod}_poll-vote` VALUES ('{$users->user['id']}','$tid')");
				foreach($_REQUEST['vote'] as $num) {
					$opt = $db->get_array("SELECT * FROM `{$mod}_poll-option` WHERE `id`='$num'");
					$v = $opt['votes'];
					$v++;
					$db->query("UPDATE `{$mod}_poll-option` SET `votes`='$v' WHERE `id`='$num'");
					echo mysql_error();
				}
			}
			else {
			}
			header("Location: " . $_SERVER['PHP_SELF'] . "?module=$mod&action=topic&tid=$tid");
		}
		else
			header("Location: " . $_SERVER['PHP_SELF'] . "?module=$mod&action=error&errno=60030");
		
		$response->setRedirect($activeInstance, 'index', $redirectParam);
		$response->setRedirect($activeInstance, 'index'); // redirect the request
	}

}