Fixes for MySQL driver

Version upgrade (0.6.0)
Fixed changing access rank
2025-07-17 08:26:24 +00:00 · 2013-12-18 17:49:22 +01:00 · 2013-12-18 17:38:22 +01:00 · 2013-12-18 16:11:20 +01:00 · 2013-12-18 15:17:49 +01:00 · 2013-12-16 23:38:31 +01:00
137 changed files with 6639 additions and 2541 deletions
--- a/.gitmodules
+++ b/.gitmodules
@ -4,6 +4,3 @@
 [submodule "php-markdown"]
 	path = lib/php-markdown
 	url = https://github.com/michelf/php-markdown.git
-[submodule "redbean"]
-	path = lib/redbean
-	url = https://github.com/gabordemooij/redbean.git
--- a/data/.gitignore
+++ b/data/.gitignore
--- a/data/config.ini
+++ b/data/config.ini
@ -1,16 +1,31 @@
 [chibi]
-userCodeDir=./src/
 prettyPrint=1

 [main]
-dbPath=./db.sqlite
-filesPath=./files/
-thumbsPath=./thumbs/
-mediaPath=./public_html/media/
-title=szurubooru
+dbDriver   = "sqlite"
+dbLocation = "./data/db.sqlite"
+dbUser     = "test"
+dbPass     = "test"
+filesPath  = "./data/files/"
+thumbsPath = "./data/thumbs/"
+logsPath   = "./data/logs/"
+mediaPath  = "./public_html/media/"
+title      = "szurubooru"
+salt       = "1A2/$_4xVa"
+
+[misc]
 featuredPostMaxDays=7
 debugQueries=0
-salt = "1A2/$_4xVa"
+logAnonymousUploads=1
+
+[help]
+title=Help
+subTitles[help]=General help
+subTitles[rules]=Rules
+subTitles[privacy]=Privacy policy
+paths[help]=./data/help.md
+paths[rules]=./data/rules.md
+paths[privacy]=./data/privacy.md

 [browsing]
 usersPerPage=8
@ -19,7 +34,10 @@ thumbWidth=150
 thumbHeight=150
 thumbStyle=outside
 endlessScrollingDefault=1
+showPostTagTitlesDefault=0
+showDislikedPostsDefault=1
 maxSearchTokens=4
+maxRelatedPosts=50

 [comments]
 minLength = 5
@ -38,15 +56,14 @@ needEmailForRegistering = 1
 needEmailForCommenting = 0
 needEmailForUploading = 1
 confirmationEmailEnabled = 1
-confirmationEmailSenderName = "{host} registration engine"
+confirmationEmailSenderName = "{host} mailing system"
 confirmationEmailSenderEmail = "noreply@{host}"
-confirmationEmailSubject = "{host} activation"
-confirmationEmailBody = "Hello,
-
-You received this e-mail because someone registered a user with this address at {host}. If it's you, visit {link} to finish registration process, otherwise you may ignore and delete this e-mail.
-
-Kind regards,
-{host} registration engine"
+confirmationEmailSubject = "{host} - account activation"
+confirmationEmailBody = "Hello,{nl}{nl}You received this e-mail because someone registered a user with this e-mail address at {host}. If it's you, visit {link} to finish registration process, otherwise you may ignore and delete this e-mail.{nl}{nl}Kind regards,{nl}{host} mailing system"
+passwordResetEmailSenderName = "{host} mailing system"
+passwordResetEmailSenderEmail = "noreply@{host}"
+passwordResetEmailSubject = "{host} - password reset"
+passwordResetEmailBody = "Hello,{nl}{nl}You received this e-mail because someone requested a password reset for user with this e-mail address at {host}. If it's you, visit {link} to finish password reset process, otherwise you may ignore and delete this e-mail.{nl}{nl}Kind regards,{nl}{host} mailing system"

 [privileges]
 uploadPost=registered
@ -65,11 +82,17 @@ editPostSafety.all=moderator
 editPostTags=registered
 editPostThumb=moderator
 editPostSource=moderator
+editPostRelations.own=registered
+editPostRelations.all=moderator
+editPostFile.all=moderator
+editPostFile.own=moderator
 hidePost.own=moderator
 hidePost.all=moderator
 deletePost.own=moderator
 deletePost.all=moderator
 featurePost=moderator
+scorePost=registered
+flagPost=registered

 listUsers=registered
 viewUser=registered
@ -88,6 +111,7 @@ banUser.own=nobody
 banUser.all=admin
 deleteUser.own=registered
 deleteUser.all=nobody
+flagUser=registered

 listComments=anonymous
 addComment=registered
@ -97,3 +121,7 @@ deleteComment.all=moderator
 listTags=anonymous
 mergeTags=moderator
 renameTags=moderator
+massTag=moderator
+
+listLogs=moderator
+viewLog=moderator
--- a/data/files/.gitignore
+++ b/data/files/.gitignore
--- a/data/help.md
+++ b/data/help.md
@ -0,0 +1,64 @@
+# Browsing
+
+Clicking the Browse button at the top will take you to the list of recent posts. Use the search box in the top right corner to find posts you want to see.
+
+If you&rsquo;re not a registered user, you will only see public (Safe) posts. Logging in to your account will enable you to filter content by its rating: Safe, Sketchy, and NSFW.
+
+You can use your keyboard to navigate around the site. There are a few shortcuts:
+
+- focus search field: `[Q]`
+- scroll up/down: `[W]` and `[S]`
+- go to newer/older post or page: `[A]` and `[D]`
+- edit post: `[E]`
+- focus first post in post list: `[P]`
+
+# Search syntax
+
+- contatining tag "Haruhi": [search]Haruhi[/search]
+- **not** contatining tag "Kyon": [search]-Kyon[/search]
+- uploaded by David: [search]submit:David[/search] (note no spaces)
+- favorited by David: [search]fav:David[/search]
+- favorited by at least four users: [search]favmin:4[/search]
+- commented by David: [search]comment:David[/search]
+- having at least three comments: [search]commentmin:3[/search]
+- having minimum score of 4: [search]scoremin:4[/search]
+- tagged with at least seven tags: [search]tagmin:7[/search]
+- exactly from the specified date: [search]date:2001[/search], [search]date:2012-09-29[/search] (yyyy-mm-dd format)
+- from the specified date onwards: [search]datemin:2001-01-01[/search]
+- up to the specified date: [search]datemax:2004-07[/search]
+- having specific ID: [search]id:1,2,3,8[/search]
+- having ID no less than specified value: [search]idmin:28[/search]
+- by content type: [search]type:img[/search], [search]type:swf[/search], [search]type:yt[/search] (images, flash files and YouTube videos, respectively)
+- scored up/down by currently logged in user: [search]special:likes[/search] and [search]special:dislikes[/search]
+
+You can combine tags and negate any of them for interesting results. [search]sea -favmin:8 type:swf submit:Pirate[/search] will show you **flash files** tagged as **sea**, that were **liked by seven people** at most, uploaded by user **Pirate**.
+
+All of the above can be sorted using additional sorting tags:
+
+- as random as it can get: [search]order:random[/search]
+- newest to oldest: [search]order:date[/search] (pretty much default browse view)
+- oldest to newest: [search]-order:date[/search]
+- most commented first: [search]order:comments[/search]
+- loved by most: [search]order:favs[/search]
+- highest scored: [search]order:score[/search]
+- with most tags: [search]order:tags[/search]
+
+As shown with [search]-order:date[/search], any of them can be reversed in the same way as negating other tags: by placing a dash before the tag. If there is a "min" tag, there&rsquo;s also its "max" counterpart, e.g. [search]favmax:7[/search].
+
+# Registration
+
+The e-mail you enter during account creation is only used to retrieve your [Gravatar](http://gravatar.com) and activate your account. Only you can see it (well, except the database staff&hellip; we won&rsquo;t spam your mailbox anyway).
+
+Oh, and you can delete your account at any time. Posts you uploaded will stay, unless some angry admin removes them.
+
+# Comments
+
+Registered users can post comments. Comments support [Markdown syntax](http://daringfireball.net/projects/markdown/syntax), extended by some handy tags:
+
+- permalink to post number 426: @426
+- link to tag "Dragon_Ball": #Dragon_Ball
+- mark text as spoiler and hide it: [spoiler]&#91;spoiler]There is no spoon.&#91;/spoiler][/spoiler]
+
+# Uploads
+
+After registering and activating your account, you gain the power to upload files to the service for everyone else to see.
--- a/data/logs/.gitignore
+++ b/data/logs/.gitignore
--- a/data/privacy.md
+++ b/data/privacy.md
@ -0,0 +1,11 @@
+# Stored information
+
+Posts, comments, favorites and ratings linked to your account will be stored in the site&rsquo;s database and publicly available.
+
+The "Upload anonymously" option allows you to post content without linking it to your account - meaning your nickname will not be stored in the database nor shown in the "Uploader" field.
+
+Your actions related to posts (uploading, tagging, etc.) are logged, along with your nickname and IP.
+
+# Cookies
+
+Cookies are used to store your session data and browsing preferences, such as endless scrolling or visibility of NSFW posts.
--- a/data/rules.md
+++ b/data/rules.md
@ -0,0 +1,8 @@
+# Site rules
+
+- Don&rsquo;t spam, [troll](http://www.urbandictionary.com/define.php?term=troll) or offend anyone. Be nice.
+- You are not allowed to post any form of [cp](http://www.urbandictionary.com/define.php?term=cp). If you possess it, we ask you to leave immediately and never come back.
+- Don&rsquo;t use the site to host your personal images (e.g. forum avatars).
+  - This kind of content is not welcome and will be removed.
+  - If you notice such content, please flag it for moderation.
+- Owners of the site are not responsible for content uploaded by users.
--- a/data/thumbs/.gitignore
+++ b/data/thumbs/.gitignore
@ -0,0 +1,2 @@
+*
+!.gitignore
--- a/init.php
+++ b/init.php
@ -1,8 +1,8 @@
 <?php
 require_once 'src/core.php';
-$config = configFactory();
-$fontsPath = $config->main->mediaPath . DS . 'fonts' . DS;
-$libPath = $config->main->mediaPath . DS . 'lib' . DS;
+$config = \Chibi\Registry::getConfig();
+$fontsPath = TextHelper::absolutePath($config->main->mediaPath . DS . 'fonts');
+$libPath = TextHelper::absolutePath($config->main->mediaPath . DS . 'lib');



@ -29,10 +29,11 @@ function download($source, $destination = null)


 //jQuery
-download('http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js', $libPath . 'jquery' . DS . 'jquery.min.js');
+download('http://code.jquery.com/jquery-2.0.3.min.js', $libPath . DS . 'jquery' . DS . 'jquery.min.js');
+download('http://code.jquery.com/jquery-2.0.3.min.map', $libPath . DS . 'jquery' . DS . 'jquery.min.map');

 //jQuery UI
-download('http://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js', $libPath . 'jquery-ui' . DS . 'jquery-ui.min.js');
+download('http://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js', $libPath . DS . 'jquery-ui' . DS . 'jquery-ui.min.js');
 $manifest = download('http://ajax.googleapis.com/ajax/libs/jqueryui/1/MANIFEST');
 $lines = explode("\n", str_replace("\r", '', $manifest));
 foreach ($lines as $line)
@ -40,21 +41,21 @@ foreach ($lines as $line)
 	if (preg_match('/themes\/flick\/(.*?) /', $line, $matches))
 	{
 		$srcUrl = 'http://ajax.googleapis.com/ajax/libs/jqueryui/1/' . $matches[0];
-		$dstUrl = $libPath . 'jquery-ui' . DS . $matches[1];
+		$dstUrl = $libPath . DS . 'jquery-ui' . DS . $matches[1];
 		download($srcUrl, $dstUrl);
 	}
 }

 //jQuery Tag-it!
-download('http://raw.github.com/aehlke/tag-it/master/css/jquery.tagit.css', $libPath . 'tagit' . DS . 'jquery.tagit.css');
-download('http://raw.github.com/aehlke/tag-it/master/js/tag-it.min.js', $libPath . 'tagit' . DS . 'jquery.tagit.js');
+download('http://raw.github.com/aehlke/tag-it/master/css/jquery.tagit.css', $libPath . DS . 'tagit' . DS . 'jquery.tagit.css');
+download('http://raw.github.com/aehlke/tag-it/master/js/tag-it.min.js', $libPath . DS . 'tagit' . DS . 'jquery.tagit.js');

 //Mousetrap
-download('https://raw.github.com/ccampbell/mousetrap/master/mousetrap.min.js', $libPath . 'mousetrap' . DS . 'mousetrap.min.js');
+download('http://raw.github.com/ccampbell/mousetrap/master/mousetrap.min.js', $libPath . DS . 'mousetrap' . DS . 'mousetrap.min.js');

 //fonts
-download('http://googlefontdirectory.googlecode.com/hg/apache/droidsans/DroidSans.ttf', $fontsPath . 'DroidSans.ttf');
-download('http://googlefontdirectory.googlecode.com/hg/apache/droidsans/DroidSans-Bold.ttf', $fontsPath . 'DroidSans-Bold.ttf');
+download('http://googlefontdirectory.googlecode.com/hg/apache/droidsans/DroidSans.ttf', $fontsPath . DS . 'DroidSans.ttf');
+download('http://googlefontdirectory.googlecode.com/hg/apache/droidsans/DroidSans-Bold.ttf', $fontsPath . DS . 'DroidSans-Bold.ttf');



--- a/lib/chibi-core
+++ b/lib/chibi-core
--- a/lib/redbean
+++ b/lib/redbean
--- a/public_html/.htaccess
+++ b/public_html/.htaccess
@ -10,3 +10,40 @@ RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteRule ^.*$ /dispatch.php
 RewriteRule ^/?$ /dispatch.php
+
+<IfModule mod_deflate.c>
+AddOutputFilterByType DEFLATE text/javascript
+AddOutputFilterByType DEFLATE text/plain
+AddOutputFilterByType DEFLATE text/html
+AddOutputFilterByType DEFLATE text/xml
+AddOutputFilterByType DEFLATE text/css
+AddOutputFilterByType DEFLATE application/xml
+AddOutputFilterByType DEFLATE application/xhtml+xml
+AddOutputFilterByType DEFLATE application/rss+xml
+AddOutputFilterByType DEFLATE application/javascript
+AddOutputFilterByType DEFLATE application/x-javascript
+</IfModule>
+
+<IfModule mod_mime.c>
+AddType text/plain .map
+</IfModule>
+
+<IfModule mod_expires.c>
+ExpiresActive on
+ExpiresByType image/jpg "access plus 2 years"
+ExpiresByType image/gif "access plus 2 years"
+ExpiresByType image/jpg "access plus 2 years"
+ExpiresByType image/jpeg "access plus 2 years"
+ExpiresByType image/png "access plus 2 years"
+
+ExpiresByType image/x-icon "access plus 2 years"
+ExpiresByType image/icon "access plus 2 years"
+ExpiresByType application/x-ico "access plus 2 years"
+ExpiresByType application/ico "access plus 2 years"
+
+ExpiresByType text/plain "access plus 1 year"
+ExpiresByType text/css "access plus 1 year"
+ExpiresByType text/javascript "access plus 1 year"
+ExpiresByType application/javascript "access plus 1 year"
+ExpiresByType application/x-javascript "access plus 1 year"
+</IfModule>
--- a/public_html/dispatch.php
+++ b/public_html/dispatch.php
@ -1,7 +1,5 @@
 <?php
-chdir('..');
-require_once 'src/core.php';
-require_once 'src/Bootstrap.php';
+require_once '../src/core.php';

 $query = $_SERVER['REQUEST_URI'];
-\Chibi\Facade::run($query, configFactory(), new Bootstrap());
+\Chibi\Facade::run($query, new Bootstrap());
--- a/public_html/media/css/auth.css
+++ b/public_html/media/css/auth.css
@ -11,3 +11,20 @@ form.auth p {
 	text-align: center;
 	margin: 10px 0;
 }
+
+form.auth .help {
+	opacity: .5;
+	margin-top: 1em;
+	font-size: small;
+}
+form.auth .help p {
+	margin: 0;
+	text-align: left;
+}
+form.auth .help label+div {
+	float: left;
+}
+form.auth .help ul {
+	margin: 0;
+	padding: 0;
+}
--- a/public_html/media/css/core.css
+++ b/public_html/media/css/core.css
@ -38,6 +38,9 @@ body {



+#top-nav .clear {
+	background: white;
+}
 #top-nav ul.main-nav {
 	margin: 0 0 0 -0.75em;
 	padding: 0;
@ -45,6 +48,12 @@ body {
 }
 #top-nav li.main-nav-item {
 	display: inline-block;
+	float: left;
+}
+#top-nav li.main-nav-item.active a {
+	border-bottom: 3px solid #f7f7f7;
+	margin-bottom: 0;
+	background: #f7f7f7;
 }

 #top-nav li input,
@ -67,6 +76,7 @@ body {
 }

 #top-nav li.search {
+	display: inline-block;
 	float: right;
 	background: white;
 	margin: 5px 0;
@ -83,6 +93,7 @@ body {
 }

 #top-nav li.safety {
+	display: inline-block;
 	float: right;
 	margin-left: 5px;
 }
@ -108,6 +119,7 @@ body {
 #top-nav li.safety span {
 	display: none;
 }
+#top-nav li.safety a:focus,
 #top-nav li.safety a:hover { opacity: .7; }
 #top-nav li.safety a.inactive { opacity: 1; }
 #top-nav li.safety .safety-safe .enabled     { background: #cfe6c2; background: linear-gradient(to bottom, #CFE6C2 0%, #80C670 100%); }
@ -321,13 +333,46 @@ button:hover {



+.tabs ul {
+	list-style-type: none;
+	margin: -4px 0 1em 0;
+	padding: 0;
+	border-bottom: 1px solid #ccc;
+}
+.tabs li {
+	display: inline-block;
+}
+
+.tabs li a {
+	display: inline-block;
+	padding: 0.5em 1em;
+	margin: 5px 0 -1px 0;
+	vertical-align: middle;
+	border: 1px none;
+	border-bottom: 1px solid #ccc;
+	color: silver;
+}
+.tabs li.selected a {
+	border: 1px solid #ccc;
+	border-bottom: none;
+	color: inherit;
+	background: white;
+}
+
+.tabs li a:hover,
+.tabs li a:focus {
+	color: firebrick;
+}
+
+
+
 .alert {
 	text-align: center;
 	padding: 10px;
 	border-style: solid;
 	border-width: 1px;
 	max-width: 500px;
-	margin: 0 auto;
+	margin: 2em auto !important;
 }

 .alert-success {
@ -351,11 +396,17 @@ button:hover {
 .clear {
 	display: block;
 	clear: both;
+	height: 1px; /* ghost top margin in firefox */
+	width: 100%;
+	margin: 0 0 -1px 0;
 }

 pre.debug {
+	margin-left: 1em;
 	text-align: left;
 	color: black;
+	white-space: normal;
+	text-indent: -1em;
 }

 .spoiler:before,
@ -379,3 +430,16 @@ pre.debug {
 img {
 	border: 0;
 }
+
+blockquote {
+	margin-left: 0;
+	border-left: 3px solid #eee;
+	background: ghostwhite;
+	padding: 0.5em;
+}
+blockquote>*:first-child {
+	margin-top: 0;
+}
+blockquote>*:last-child {
+	margin-bottom: 0;
+}
--- a/public_html/media/css/index-help.css
+++ b/public_html/media/css/index-help.css
@ -1,9 +1,3 @@
 code {
 	margin: 0 0.5em;
 }
-span.comma {
-	margin-left: -0.5em;
-}
-h1 {
-	margin-top: 2em;
-}
--- a/public_html/media/css/index-index.css
+++ b/public_html/media/css/index-index.css
@ -28,26 +28,9 @@
 	max-width: 500px;
 }

-#content .header .tags:before {
-	margin: 0 0.5em;
-	content: '\2013';
-}
-#content .header ul {
-	list-style-type: none;
-	display: inline;
-	margin: 0;
-	padding: 0;
-}
-#content .header li {
-	display: inline;
-}
-#content .header li:not(:last-child) a:after {
-	content: ', ';
-}
-
 #content .body {
 	background: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAYAAAAGCAYAAADgzO9IAAAAJElEQVQImWNgYGBgePfu3X8YZoABFA6SIqwS+HXgtANZF7IEAJnGPJE70lLLAAAAAElFTkSuQmCC');
-	margin: 1em 0;
+	margin-top: 1em;
 	text-align: center;
 }
 #content .body img {
@ -59,11 +42,26 @@
 	display: block;
 }

-#content .header .favs-comments {
-	margin-left: 0.5em;
+#content .footer {
+	font-size: small;
+	color: dimgray;
+	margin: 0.5em 0 3em 0;
+}
+#content .footer .left {
+	float: left;
+}
+#content .footer .right {
 	float: right;
 }
-
-#content .footer {
-	text-align: right;
+#content .footer ul {
+	list-style-type: none;
+	display: inline;
+	margin: 0;
+	padding: 0;
+}
+#content .footer li {
+	display: inline;
+}
+#content .footer li:not(:last-child) a:after {
+	content: ', ';
 }
--- a/public_html/media/css/logs.css
+++ b/public_html/media/css/logs.css
@ -0,0 +1,13 @@
+#content input {
+	margin: 0 1em;
+	height: 25px;
+	vertical-align: middle;
+}
+
+pre {
+	font-size: 11pt;
+}
+
+pre strong {
+	background: #fee;
+}
--- a/public_html/media/css/paginator.css
+++ b/public_html/media/css/paginator.css
@ -10,12 +10,12 @@

 .paginator li {
 	display: inline-block;
+	margin-right: 0.5em;
 }

 .paginator li a {
 	display: inline-block;
 	padding: 0.2em 0.5em;
-	margin-right: 0.5em;
 	background: #eee;
 	border: 1px solid silver;
 	color: black;
@ -31,3 +31,9 @@
 .paginator li.disabled a {
 	color: gray;
 }
+
+.paginator li a:focus,
+.paginator li a:hover {
+	border: 1px solid firebrick;
+	background: pink;
+}
--- a/public_html/media/css/post-list.css
+++ b/public_html/media/css/post-list.css
@ -7,3 +7,25 @@
 .posts {
 	margin: 0 auto;
 }
+
+.form-wrapper {
+	text-align: center;
+}
+.small-screen .form-wrapper {
+	width: 100%;
+}
+form.aligned {
+	margin: 0 auto;
+	width: 24em;
+	text-align: left;
+}
+form.aligned label.left {
+	width: 7em;
+}
+form h1 {
+	display: none;
+}
+
+li.mass-tag {
+	float: right;
+}
--- a/public_html/media/css/post-small.css
+++ b/public_html/media/css/post-small.css
@ -1,15 +1,19 @@
 .post {
-	border: 1px solid #ddd;
-	box-shadow: 0.25em 0.25em #eee;
 	padding: 0;
 	position: relative;
 	display: inline-block;
 }
+.post .link {
+	border: 1px solid #ddd;
+	box-shadow: 0.25em 0.25em #eee;
+	color: black;
+}
+
 .post-type-youtube:after,
 .post-type-flash:after {
 	position: absolute;
-	right: 0;
-	top: 0;
+	right: 1px; /* border */
+	top: 1px; /* border */
 	width: 150px;
 	height: 150px;
 	content: ' ';
@ -29,13 +33,41 @@
 }


-.post:focus,
-.post:hover {
+.post .toggle-tag {
+	position: absolute;
+	z-index: 2;
+	width: 100px;
+	height: 30px;
+	background: whitesmoke;
+	opacity: .5;
+	border: 1px solid black;
+	margin: 60px 25px;
+	line-height: 30px;
+}
+.post .toggle-tag:focus,
+.post .toggle-tag:hover {
+	opacity: 1;
+}
+.post.taggable.tagged .toggle-tag {
+	background-color: #0f0;
+	color: black;
+}
+.post.taggable:not(.tagged) .toggle-tag {
+	background-color: #f00;
+	color: white;
+}
+.post .link {
+	z-index: 1;
+}
+
+
+.post .link:focus,
+.post .link:hover {
 	border: 1px solid firebrick;
 	box-shadow: 0.25em 0.25em pink;
 }
-.post:focus img.thumb,
-.post:hover img.thumb {
+.post .link:focus img.thumb,
+.post .link:hover img.thumb {
 	opacity: .9;
 }

@ -50,37 +82,51 @@
 	vertical-align: top;
 }

+.post .info-bar:before {
+	border-top: 1px solid firebrick;
+	margin-bottom: -1px;
+	content: '';
+	display: block;
+}
 .post .info-bar {
 	display: none;
-	height: 20px;
-	width: 100%;
-	border-top: 1px solid firebrick;
 	background: rgba(255, 128, 128, 0.75);
 	position: absolute;
-	bottom: 0;
+	z-index: 3;
+	left: 1px; /* border */
+	right: 1px; /* border */
+	bottom: 1px; /* border */
+	text-align: center;
 }
-.post:hover .info-bar {
+.post .link:focus .info-bar,
+.post .link:hover .info-bar {
 	display: block;
 }

+.post .icon-score {
+	background-position: -85px -1px;
+}
 .post .icon-comments {
-	margin-left: 3px;
 	background-position: -64px -1px;
 }
 .post .icon-favs {
 	background-position: -43px -1px;
 }
-.post [class^='icon-'] {
+.post .link [class^='icon-'] {
 	opacity: .75;
+	background-color: transparent;
 	width: 20px;
 	height: 20px;
 	line-height: 20px;
 	vertical-align: top;
 }
-.post span {
+.post .link span {
 	vertical-align: top;
 	font-size: small;
 	line-height: 20px;
 	margin-right: 0.5em;
 	display: inline-block;
 }
+.post .link span.inactive {
+	display: none;
+}
--- a/public_html/media/css/post-view.css
+++ b/public_html/media/css/post-view.css
@ -1,5 +1,5 @@
 #sidebar {
-	width: 200px;
+	width: 224px;
 	line-height: 1.33em;
 	font-size: 90%;
 }
@ -12,10 +12,12 @@ embed {
 .post-type-image img {
 	/*background: url('../img/bk-image.png') lemonchiffon;*/
 }
-.post-type-flash embed {
-	background: url('../img/bk-swf.png') lemonchiffon;
+.post-type-flash iframe {
+	border: 0;
+	/*background: url('../img/bk-swf.png') lemonchiffon;*/
 }

+#sidebar .relations ul,
 #sidebar .tags ul {
 	list-style-type: none;
 	margin: 0;
@ -30,27 +32,52 @@ embed {
 	color: silver;
 }

-#sidebar nav {
+#around {
 	margin-bottom: 2em;
 }
-#sidebar nav .left {
+#around .text {
+	font-size: 90%;
+	overflow: hidden;
+	text-overflow: ellipsis;
+	text-align: center;
+	margin-top: 0.75em;
+}
+#around .left {
 	float: left;
 }
-#sidebar nav .right {
+#around .right {
 	float: right;
 }
-#sidebar nav a.disabled {
+#around a.disabled {
 	color: silver;
 }
-#sidebar nav a.disabled i[class*='icon-'] {
+#around a.disabled i[class*='icon-'] {
 	background-color: silver;
 }

 #sidebar .uploader img {
 	vertical-align: middle;
 	margin: 0 0.5em 0 0;
+	width: 16px;
+	height: 16px;
+	background-image: url('http://www.gravatar.com/avatar/0?f=y&d=mm&s=16');
 }

+#sidebar .safety-safe {
+	color: #43aa43;
+}
+#sidebar .safety-sketchy {
+	color: #d4a627;
+}
+#sidebar .safety-unsafe {
+	color: #df4b0d;
+}
+
+#sidebar .score .selected {
+	font-weight: bold;
+}
+
+
 i.icon-prev {
 	background-position: -12px -1px;
 }
--- a/public_html/media/css/tabs.css
+++ b/public_html/media/css/tabs.css
@ -1,26 +0,0 @@
-.tabs ul {
-	list-style-type: none;
-	margin: 0 0 1em 0;
-	padding: 0;
-	border-bottom: 1px solid #ccc;
-}
-.tabs li {
-	display: inline-block;
-}
-
-.tabs li a {
-	display: inline-block;
-	padding: 0.5em 1em;
-	margin-bottom: -1px;
-}
-
-.tabs li a {
-	border: 1px solid white;
-	border-bottom: 1px solid #ccc;
-	color: silver;
-}
-.tabs li.selected a {
-	border: 1px solid #ccc;
-	border-bottom: 1px solid white;
-	color: inherit;
-}
--- a/public_html/media/css/tag-list.css
+++ b/public_html/media/css/tag-list.css
@ -6,9 +6,6 @@
 	-moz-column-width: 14em;
 	-webkit-column-width: 14em;
 }
-.tags li a:hover {
-	opacity: 1 !important;
-}
 .tags li {
 	margin: 0.2em 0.5em;
 	text-align: top;
@ -21,6 +18,7 @@

 .form-wrapper {
 	width: 50%;
+	max-width: 24em;
 	display: inline-block;
 	text-align: center;
 }
@ -29,14 +27,39 @@
 }
 form.aligned {
 	text-align: left;
-	margin: 2em auto;
+	margin: 0 auto;
 }
 form.aligned label.left {
 	width: 7em;
 }
-form.aligned input {
-	width: 24em;
-}
 form h1 {
-	text-align: center;
+	display: none;
+}
+
+.frequency0 { color: #ecc8c8; }
+.frequency1 { color: #e6b7b7; }
+.frequency2 { color: #e0a7a7; }
+.frequency3 { color: #db9696; }
+.frequency4 { color: #d58686; }
+.frequency5 { color: #cf7575; }
+.frequency6 { color: #c96464; }
+.frequency7 { color: #c35454; }
+.frequency8 { color: #be4343; }
+.frequency9 { color: #b83333; }
+.frequency10 { color: #b22222; }
+
+nav.sort-styles ul {
+	list-style-type: none;
+	margin: 0 0 2.5em 0;
+	text-align: center;
+	padding: 0;
+}
+nav.sort-styles li {
+	display: inline-block;
+	font-size: 105%;
+	margin: 0 1em;
+	padding-bottom: 0.2em;
+}
+nav.sort-styles li.active {
+	border-bottom: 3px solid firebrick;
 }
--- a/public_html/media/css/upload.css
+++ b/public_html/media/css/upload.css
@ -40,11 +40,11 @@
 }

 .post .thumbnail {
-	width: 100px;
-	height: 100px;
-	line-height: 100px;
-	background-image: url('../img/thumb.png');
-	background-size: 100px 100px;
+	width: 150px;
+	height: 150px;
+	line-height: 150px;
+	background-image: url('../img/thumb.jpg');
+	background-size: 150px 150px;
 	border: 1px solid black;
 	vertical-align: middle;
 	text-align: center;
@ -126,18 +126,19 @@
 	overflow: hidden;
 	text-overflow: ellipsis;
 	max-width: 50%;
+	white-space: pre;
 	display: inline-block;
 	vertical-align: middle;
 	line-height: 33px;
 }

-.safety-sfw {
-	color: #63ca63;
+.safety-safe {
+	color: #43aa43;
 }
 .safety-sketchy {
-	color: #f4c657;
+	color: #d4a627;
 }
-.safety-nsfw {
+.safety-unsafe {
 	color: #df4b0d;
 }

--- a/public_html/media/css/user-list.css
+++ b/public_html/media/css/user-list.css
@ -24,7 +24,7 @@

 nav.sort-styles ul {
 	list-style-type: none;
-	margin: 0 0 1em 0;
+	margin: 0 0 2.5em 0;
 	text-align: center;
 	padding: 0;
 }
--- a/public_html/media/img/icons.png
+++ b/public_html/media/img/icons.png
--- a/public_html/media/img/thumb.jpg
+++ b/public_html/media/img/thumb.jpg
--- a/public_html/media/js/core.js
+++ b/public_html/media/js/core.js
@ -1,25 +1,46 @@
+function setCookie(name, value, exdays)
+{
+	var exdate = new Date();
+	exdate.setDate(exdate.getDate() + exdays);
+	value = escape(value) + '; path=/' + ((exdays == null) ? '' : '; expires=' + exdate.toUTCString());
+	document.cookie = name + '=' + value;
+}
+
+function getCookie(name)
+{
+	console.log(document.cookie);
+	var value = document.cookie;
+	var start = value.indexOf(' ' + name + '=');
+
+	if (start == -1)
+		start = value.indexOf(name + '=');
+
+	if (start == -1)
+		return null;
+
+	start = value.indexOf('=', start) + 1;
+	var end = value.indexOf(';', start);
+	if (end == -1)
+		end = value.length;
+
+	return unescape(value.substring(start, end));
+}
+
+function rememberLastSearchQuery()
+{
+	//lastSearchQuery variable is obtained from layout
+	setCookie('last-search-query', lastSearchQuery);
+}
+
+//core functionalities, prototypes
 $.fn.hasAttr = function(name)
 {
 	return this.attr(name) !== undefined;
 };

-if ($.when.all === undefined)
-{
-	$.when.all = function(deferreds)
-	{
-		var deferred = new $.Deferred();
-		$.when.apply($, deferreds).then(function()
-		{
-			deferred.resolve(Array.prototype.slice.call(arguments, 0));
-		}, function()
-		{
-			deferred.fail(Array.prototype.slice.call(arguments, 0));
-		});

-		return deferred;
-	}
-}

+//safety trigger
 $(function()
 {
 	$('.safety a').click(function(e)
@ -32,84 +53,101 @@ $(function()
 		aDom.addClass('inactive');

 		var url = $(this).attr('href') + '?json';
-		$.get(url, function(data)
+		$.get(url).always(function(data)
 		{
 			if (data['success'])
-			{
 				window.location.reload();
-			}
 			else
 			{
-				alert(data['errorMessage']);
-			}
-		});
-	});
-
-	function confirmEvent(e)
-	{
-		if (!confirm($(this).attr('data-confirm-text')))
-		{
-			e.preventDefault();
-			e.stopPropagation();
-		}
-	}
-
-	$('form[data-confirm-text]').submit(confirmEvent);
-	$('a[data-confirm-text]').click(confirmEvent);
-
-	$('a.simple-action').click(function(e)
-	{
-		if(e.isPropagationStopped())
-			return;
-
-		e.preventDefault();
-
-		var aDom = $(this);
-		if (aDom.hasClass('inactive'))
-			return;
-		aDom.addClass('inactive');
-
-		var url = $(this).attr('href') + '?json';
-		$.get(url, {submit: 1}, function(data)
-		{
-			if (data['success'])
-			{
-				if (aDom.hasAttr('data-redirect-url'))
-					window.location.href = aDom.attr('data-redirect-url');
-				else
-					window.location.reload();
-			}
-			else
-			{
-				alert(data['errorMessage']);
+				alert(data['message'] ? data['message'] : 'Fatal error');
 				aDom.removeClass('inactive');
 			}
 		});
 	});
-
-
-	//attach data from submit buttons to forms before .submit() gets called
-	$(':submit').each(function()
-	{
-		$(this).click(function()
-		{
-			var form = $(this).closest('form');
-			form.find('.faux-submit').remove();
-			var input = $('<input class="faux-submit" type="hidden"/>').attr({
-				name: $(this).attr('name'),
-				value: $(this).val()
-			});
-			form.append(input);
-		});
-	});
 });


-//modify DOM on small viewports
-$(window).resize(function()
+
+//basic event listeners
+$(function()
+{
+	$('body').bind('dom-update', function()
+	{
+		//event confirmations
+		function confirmEvent(e)
+		{
+			if (!confirm($(this).attr('data-confirm-text')))
+			{
+				e.preventDefault();
+				e.stopPropagation();
+			}
+		}
+
+		$('form.confirmable').submit(confirmEvent);
+		$('a.confirmable').click(confirmEvent);
+
+
+		//simple action buttons
+		$('a.simple-action').click(function(e)
+		{
+			if(e.isPropagationStopped())
+				return;
+
+			e.preventDefault();
+			rememberLastSearchQuery();
+
+			var aDom = $(this);
+			if (aDom.hasClass('inactive'))
+				return;
+			aDom.addClass('inactive');
+
+			var url = $(this).attr('href') + '?json';
+			$.get(url, {submit: 1}).always(function(data)
+			{
+				if (data['success'])
+				{
+					if (aDom.hasAttr('data-redirect-url'))
+						window.location.href = aDom.attr('data-redirect-url');
+					else if (aDom.data('callback'))
+						aDom.data('callback')();
+					else
+						window.location.reload();
+				}
+				else
+				{
+					alert(data['message'] ? data['message'] : 'Fatal error');
+					aDom.removeClass('inactive');
+				}
+			});
+		});
+
+
+		//attach data from submit buttons to forms before .submit() gets called
+		$('.submit').each(function()
+		{
+			$(this).click(function()
+			{
+				var form = $(this).closest('form');
+				form.find('.faux-submit').remove();
+				var input = $('<input class="faux-submit" type="hidden"/>').attr({
+					name: $(this).attr('name'),
+					value: $(this).val()
+				});
+				form.append(input);
+			});
+		});
+	});
+
+
+	//try to remember last search query
+	window.onbeforeunload = rememberLastSearchQuery;
+});
+
+
+
+//modify DOM on small viewports
+function processSidebar()
 {
-	if ($('body').width() == $('body').data('last-width'))
-		return;
 	$('#inner-content .unit').addClass('bottom-unit');
 	if ($('body').width() < 600)
 	{
@ -123,14 +161,21 @@ $(window).resize(function()
 		$('#sidebar').insertBefore($('#inner-content'));
 		$('#sidebar .unit').removeClass('bottom-unit').addClass('left-unit');
 	}
-	$('body').data('last-width', $('body').width());
-});
+}
 $(function()
 {
-	$(window).resize();
+	$(window).resize(function()
+	{
+		if ($('body').width() == $('body').data('last-width'))
+			return;
+		$('body').data('last-width', $('body').width());
+		$('body').trigger('dom-update');
+	});
+	$('body').bind('dom-update', processSidebar);
 });


+
 //autocomplete
 function split(val)
 {
@ -144,40 +189,54 @@ function extractLast(term)

 $(function()
 {
-	var searchInput = $('#top-nav .search input');
-	searchInput
-		// don't navigate away from the field on tab when selecting an item
-		.bind("keydown", function(event)
+	$('.autocomplete').each(function()
+	{
+		var options =
 		{
-			if (event.keyCode === $.ui.keyCode.TAB && $(this).data("autocomplete").menu.active)
-			{
-				event.preventDefault();
-			}
-		}).autocomplete({
 			minLength: 1,
 			source: function(request, response)
 			{
 				var term = extractLast(request.term);
-				$.get(searchInput.attr('data-autocomplete-url') + '?json', {filter: term}, function(data)
-				{
-					response($.map(data.tags, function(tag) { return { label: tag, value: tag }; }));
-				});
+				if (term != '')
+					$.get(searchInput.attr('data-autocomplete-url') + '?json', {filter: term + ' order:popularity,desc'}, function(data)
+					{
+						response($.map(data.tags, function(tag) { return { label: tag.name + ' (' + tag.count + ')', value: tag.name }; }));
+					});
 			},
-			focus: function()
+			focus: function(e)
 			{
 				// prevent value inserted on focus
-				return false;
+				e.preventDefault();
 			},
-			select: function(event, ui)
+			select: function(e, ui)
 			{
+				e.preventDefault();
 				var terms = split(this.value);
 				terms.pop();
 				terms.push(ui.item.value);
 				terms.push('');
 				this.value = terms.join(' ');
-				return false;
 			}
-		});
+		};
+
+		if ($(this).parents('#top-nav').length != 0)
+		{
+			options['position'] =
+			{
+				my: 'right top',
+				at: 'right bottom'
+			};
+		}
+
+		var searchInput = $(this);
+		searchInput
+		// don't navigate away from the field on tab when selecting an item
+		.bind('keydown', function(e)
+		{
+			if (e.keyCode === $.ui.keyCode.TAB && $(this).data('autocomplete').menu.active)
+				e.preventDefault();
+		}).autocomplete(options);
+	});
 });

 function getTagItOptions()
@ -190,13 +249,18 @@ function getTagItOptions()
 				function(request, response)
 				{
 					var term = request.term.toLowerCase();
-					var results = $.grep(this.options.availableTags, function(a)
+					var tags = $.map(this.options.availableTags, function(a)
+					{
+						return a.name;
+					});
+					var results = $.grep(tags, function(a)
 					{
 						if (term.length < 3)
 							return a.toLowerCase().indexOf(term) == 0;
 						else
 							return a.toLowerCase().indexOf(term) != -1;
 					});
+					results = results.slice(0, 15);
 					if (!this.options.allowDuplicates)
 						results = this._subtractArray(results, this.assignedTags());
 					response(results);
@ -205,11 +269,15 @@ function getTagItOptions()
 	};
 }

+
+
+//hotkeys
 $(function()
 {
-	Mousetrap.bind('q', function() { $('#top-nav input').focus(); return false; });
+	Mousetrap.bind('q', function() { $('#top-nav input').focus(); return false; }, 'keyup');
 	Mousetrap.bind('w', function() { $('body,html').animate({scrollTop: '-=150px'}, 200); });
 	Mousetrap.bind('s', function() { $('body,html').animate({scrollTop: '+=150px'}, 200); });
-	Mousetrap.bind('a', function() { var url = $('.paginator .prev:not(.disabled) a').attr('href'); if (typeof url !== 'undefined') window.location.href = url; });
-	Mousetrap.bind('d', function() { var url = $('.paginator .next:not(.disabled) a').attr('href'); if (typeof url !== 'undefined') window.location.href = url; });
+	Mousetrap.bind('a', function() { var url = $('.paginator:visible .prev:not(.disabled) a').attr('href'); if (typeof url !== 'undefined') window.location.href = url; }, 'keyup');
+	Mousetrap.bind('d', function() { var url = $('.paginator:visible .next:not(.disabled) a').attr('href'); if (typeof url !== 'undefined') window.location.href = url; }, 'keyup');
+	Mousetrap.bind('p', function() { $('.post a').eq(0).focus(); return false; }, 'keyup');
 });
--- a/public_html/media/js/logs.js
+++ b/public_html/media/js/logs.js
@ -0,0 +1,4 @@
+$(function()
+{
+	$('#content form input').eq(0).focus().select();
+});
--- a/public_html/media/js/paginator-endless.js
+++ b/public_html/media/js/paginator-endless.js
@ -18,6 +18,7 @@ function scrolled()
 				var nextPage = dom.find('.paginator .next:not(.disabled) a').attr('href');
 				$(document).data('page-next', nextPage);
 				$('.paginator-content').append($(response).find('.paginator-content').children().css({opacity: 0}).animate({opacity: 1}, 'slow'));
+				$('body').trigger('dom-update');
 				scrolled();
 			});
 		}
--- a/public_html/media/js/post-list.js
+++ b/public_html/media/js/post-list.js
@ -0,0 +1,41 @@
+$(function()
+{
+	$('body').bind('dom-update', function()
+	{
+		$('.post a.toggle-tag').click(function(e)
+		{
+			if(e.isPropagationStopped())
+				return;
+
+			e.preventDefault();
+			e.stopPropagation();
+
+			var aDom = $(this);
+			if (aDom.hasClass('inactive'))
+				return;
+			aDom.addClass('inactive');
+
+			var enable = !aDom.parents('.post').hasClass('tagged');
+			var url = $(this).attr('href') + '?json';
+			url = url.replace('_enable_', enable ? '1' : '0');
+			$.get(url, {submit: 1}).always(function(data)
+			{
+				if (data['success'])
+				{
+					aDom.removeClass('inactive');
+					aDom.parents('.post').removeClass('tagged');
+					if (enable)
+						aDom.parents('.post').addClass('tagged');
+					aDom.text(enable
+						? aDom.attr('data-text-tagged')
+						: aDom.attr('data-text-untagged'));
+				}
+				else
+				{
+					alert(data['message'] ? data['message'] : 'Fatal error');
+					aDom.removeClass('inactive');
+				}
+			});
+		});
+	});
+});
--- a/public_html/media/js/post-view.js
+++ b/public_html/media/js/post-view.js
@ -1,4 +1,4 @@
-$(function()
+function onDomUpdate()
 {
 	$('li.edit a').click(function(e)
 	{
@ -10,26 +10,53 @@ $(function()
 		aDom.addClass('inactive');

 		var tags = [];
-		$.getJSON('/tags?json', function(data)
+		$.getJSON('/tags?json', {filter: 'order:popularity,desc'}, function(data)
 		{
+			aDom.removeClass('inactive');
+			var formDom = $('form.edit-post');
 			tags = data['tags'];

-			var tagItOptions = getTagItOptions();
-			tagItOptions.availableTags = tags;
-			tagItOptions.placeholderText = $('.tags input').attr('placeholder');
-			$('.tags input').tagit(tagItOptions);
-
-			e.preventDefault();
-			var formDom = $('form.edit-post');
-			formDom.show().css('height', formDom.height()).hide().slideDown();
+			if (!$(formDom).is(':visible'))
+			{
+				var tagItOptions = getTagItOptions();
+				tagItOptions.availableTags = tags;
+				tagItOptions.placeholderText = $('.tags input').attr('placeholder');
+				$('.tags input').tagit(tagItOptions);
+				formDom.show().css('height', formDom.height()).hide().slideDown();
+			}

+			formDom.find('input[type=text]:visible:eq(0)').focus();
 			$('html, body').animate({ scrollTop: $(formDom).offset().top + 'px' }, 'fast');
 		});
 	});

+	$('.comments.unit a.simple-action').data('callback', function()
+	{
+		$.get(window.location.href, function(data)
+		{
+			$('.comments-wrapper').replaceWith($(data).find('.comments-wrapper'));
+			$('body').trigger('dom-update');
+		});
+	});
+
+	$('#sidebar a.simple-action').data('callback', function()
+	{
+		$.get(window.location.href, function(data)
+		{
+			$('#sidebar').replaceWith($(data).find('#sidebar'));
+			$('body').trigger('dom-update');
+		});
+	});
+}
+
+$(function()
+{
+	$('body').bind('dom-update', onDomUpdate);
+
 	$('form.edit-post').submit(function(e)
 	{
 		e.preventDefault();
+		rememberLastSearchQuery();

 		var formDom = $(this);
 		if (formDom.hasClass('inactive'))
@ -56,10 +83,16 @@ $(function()
 				}
 				else
 				{
-					alert(data['errorMessage']);
+					alert(data['message']);
 					formDom.find(':input').attr('readonly', false);
 					formDom.removeClass('inactive');
 				}
+			},
+			error: function()
+			{
+				alert('Fatal error');
+				formDom.find(':input').attr('readonly', false);
+				formDom.removeClass('inactive');
 			}
 		};

@ -69,6 +102,7 @@ $(function()
 	$('form.add-comment').submit(function(e)
 	{
 		e.preventDefault();
+		rememberLastSearchQuery();

 		var formDom = $(this);
 		if (formDom.hasClass('inactive'))
@ -101,27 +135,39 @@ $(function()
 					if (preview)
 					{
 						formDom.find('.preview').html(data['textPreview']).show();
-						formDom.find(':input').attr('readonly', false);
-						formDom.removeClass('inactive');
 					}
 					else
 					{
-						window.location.reload();
+						formDom.find('.preview').hide();
+						$.get(window.location.href, function(data)
+						{
+							$('.comments-wrapper').replaceWith($(data).find('.comments-wrapper'));
+							$('body').trigger('dom-update');
+						});
+						formDom.find('textarea').val('');
 					}
-				}
-				else
-				{
-					alert(data['errorMessage']);
 					formDom.find(':input').attr('readonly', false);
 					formDom.removeClass('inactive');
 				}
+				else
+				{
+					alert(data['message']);
+					formDom.find(':input').attr('readonly', false);
+					formDom.removeClass('inactive');
+				}
+			},
+			error: function()
+			{
+				alert('Fatal error');
+				formDom.find(':input').attr('readonly', false);
+				formDom.removeClass('inactive');
 			}
 		};

 		$.ajax(ajaxData);
 	});

-	Mousetrap.bind('a', function() { var url = $('#sidebar .left a').attr('href'); if (typeof url !== 'undefined') window.location.href = url; });
-	Mousetrap.bind('d', function() { var url = $('#sidebar .right a').attr('href'); if (typeof url !== 'undefined') window.location.href = url; });
-	Mousetrap.bind('e', function() { $('li.edit a').trigger('click'); return false; });
+	Mousetrap.bind('a', function() { var a = $('#sidebar .left a'); var url = a.attr('href'); if (typeof url !== 'undefined') { a.click(); window.location.href = url; } }, 'keyup');
+	Mousetrap.bind('d', function() { var a = $('#sidebar .right a'); var url = a.attr('href'); if (typeof url !== 'undefined') { a.click(); window.location.href = url; } }, 'keyup');
+	Mousetrap.bind('e', function() { $('li.edit a').trigger('click'); return false; }, 'keyup');
 });
--- a/public_html/media/js/upload.js
+++ b/public_html/media/js/upload.js
@ -1,17 +1,17 @@
 $(function()
 {
-	$('.tabs nav a').click(function(e)
+	$('.tabs a').click(function(e)
 	{
 		e.preventDefault();
 		var className = $(this).parents('li').attr('class').replace('selected', '').replace(/^\s+|\s+$/, '');
-		$('.tabs nav li').removeClass('selected');
+		$('.tabs li').removeClass('selected');
 		$(this).parents('li').addClass('selected');
 		$('.tab').hide();
 		$('.tab.' + className).show();
 	});

 	var tags = [];
-	$.getJSON('/tags?json', function(data)
+	$.getJSON('/tags?json', {filter: 'order:popularity,desc'}, function(data)
 	{
 		tags = data['tags'];
 	});
@ -60,6 +60,8 @@ $(function()

 	$('.post .move-down-trigger, .post .move-up-trigger').on('click', function()
 	{
+		if ($('#the-submit').hasClass('inactive'))
+			return;
 		var dir = $(this).hasClass('move-down-trigger') ? 'd' : 'u';
 		var post = $(this).parents('.post');
 			if (dir == 'u')
@ -69,6 +71,8 @@ $(function()
 	});
 	$('.post .remove-trigger').on('click', function()
 	{
+		if ($('#the-submit').hasClass('inactive'))
+			return;
 		$(this).parents('.post').slideUp(function()
 		{
 			$(this).remove();
@ -89,18 +93,12 @@ $(function()

 		var postDom = posts.first();
 		var url = postDom.find('form').attr('action') + '?json';
-		var sourceFile = postDom.data('file');
-		var sourceUrl = postDom.data('url');
-		var tags = postDom.find('[name=tags]').val();
-		var safety = postDom.find('[name=safety]:checked').val();
-		var source = postDom.find('[name=source]').val();
-		var fd = new FormData();
-		fd.append('file', sourceFile);
-		fd.append('url', sourceUrl);
-		fd.append('tags', tags);
-		fd.append('safety', safety);
-		fd.append('source', source);
-		fd.append('submit', 1);
+		console.log(postDom.find('form').get(0));
+		var fd = new FormData(postDom.find('form').get(0));
+
+		fd.append('file', postDom.data('file'));
+		fd.append('url', postDom.data('url'));
+

 		var ajaxData =
 		{
@ -122,9 +120,14 @@ $(function()
 				}
 				else
 				{
-					postDom.find('.alert').html(data['errorHtml']).slideDown();
+					postDom.find('.alert').html(data['messageHtml']).slideDown();
 					enableUpload();
 				}
+			},
+			error: function(data)
+			{
+				postDom.find('.alert').html('Fatal error').slideDown();
+				enableUpload();
 			}
 		};

@ -158,6 +161,8 @@ $(function()
 	{
 		e.preventDefault();
 		var theSubmit = $(this);
+		if (theSubmit.hasClass('inactive'))
+			return;
 		disableUpload();
 		sendNextPost();
 	});
--- a/scripts/find-posts.php
+++ b/scripts/find-posts.php
@ -0,0 +1,26 @@
+<?php
+require_once __DIR__ . '/../src/core.php';
+
+function usage()
+{
+	echo 'Usage: ' . basename(__FILE__);
+	echo ' QUERY' . PHP_EOL;
+	return true;
+}
+
+array_shift($argv);
+if (empty($argv))
+	usage() and die;
+
+$query = array_shift($argv);
+$posts = Model_Post::getEntities($query, null, null);
+foreach ($posts as $post)
+{
+	echo implode("\t",
+	[
+		$post->id,
+		$post->name,
+		Model_Post::getFullPath($post->name),
+		$post->mimeType,
+	]). PHP_EOL;
+}
--- a/scripts/process-detached-files.php
+++ b/scripts/process-detached-files.php
@ -33,21 +33,18 @@ switch ($action)
 		$func = function($name) use ($dir)
 		{
 			echo $name . PHP_EOL;
-			static $filesPath = null;
-			if ($filesPath == null)
-				$filesPath = configFactory()->main->filesPath;
-			rename($filesPath . DS . $name, $dir . DS . $name);
+			$srcPath = Model_Post::getFullPath($name);
+			$dstPath = $dir . DS . $name;
+			rename($srcPath, $dstPath);
 		};
 		break;

 	case '-purge':
-		$func = function($name) use ($dir)
+		$func = function($name)
 		{
 			echo $name . PHP_EOL;
-			static $filesPath = null;
-			if ($filesPath == null)
-				$filesPath = configFactory()->main->filesPath;
-			unlink($filesPath . DS . $name);
+			$srcPath = Model_Post::getFullPath($name);
+			unlink($srcPath);
 		};
 		break;

@ -62,9 +59,8 @@ foreach (R::findAll('post') as $post)
 }
 $names = array_flip($names);

-$config = configFactory();
-$filesPath = $config->main->filesPath;
-foreach (glob($filesPath . DS . '*') as $name)
+$config = \Chibi\Registry::getConfig();
+foreach (glob(TextHelper::absolutePath($config->main->filesPath) . DS . '*') as $name)
 {
 	$name = basename($name);
 	if (!isset($names[$name]))
--- a/scripts/process-old-users.php
+++ b/scripts/process-old-users.php
@ -32,7 +32,7 @@ switch ($action)
 		$func = function($user)
 		{
 			printUser($user);
-			R::trash($user);
+			Model_User::remove($user);
 		};
 		break;

--- a/scripts/remove-letterbox.sh
+++ b/scripts/remove-letterbox.sh
@ -0,0 +1,14 @@
+#!/bin/sh
+
+process () {
+	x="$1";
+	echo "$x";
+	convert "$x" -fuzz 7% -trim +repage tmp && mv tmp "$x"
+}
+
+while read x; do
+	process "$x";
+done
+for x in $@; do
+	process "$x";
+done
--- a/src/Bootstrap.php
+++ b/src/Bootstrap.php
@ -1,41 +1,6 @@
 <?php
 class Bootstrap
 {
-	public function attachUser()
-	{
-		$this->context->loggedIn = false;
-		if (isset($_SESSION['user-id']))
-		{
-			if (!isset($_SESSION['user']))
-			{
-				$dbUser = R::findOne('user', 'id = ?', [$_SESSION['user-id']]);
-				$_SESSION['user'] = serialize($dbUser);
-			}
-			$this->context->user = unserialize($_SESSION['user']);
-			if (!empty($this->context->user))
-			{
-				$this->context->loggedIn = true;
-			}
-		}
-		if (!$this->context->loggedIn)
-		{
-			try
-			{
-				AuthController::tryAutoLogin();
-			}
-			catch (Exception $e)
-			{
-			}
-		}
-		if (empty($this->context->user))
-		{
-			$dummy = R::dispense('user');
-			$dummy->name = 'Anonymous';
-			$dummy->access_rank = AccessRank::Anonymous;
-			$this->context->user = $dummy;
-		}
-	}
-
 	public function workWrapper($workCallback)
 	{
 		$this->config->chibi->baseUrl = 'http://' . rtrim($_SERVER['HTTP_HOST'], '/') . '/';
@ -56,13 +21,14 @@ class Bootstrap
 			'core.js',
 		];

-		$this->context->layoutName = isset($_GET['json'])
+		$this->context->json = isset($_GET['json']);
+		$this->context->layoutName = $this->context->json
 			? 'layout-json'
 			: 'layout-normal';
 		$this->context->transport = new StdClass;
-		$this->context->transport->success = null;
+		StatusHelper::init();

-		$this->attachUser();
+		AuthController::doLogIn();

 		if (empty($this->context->route))
 		{
@ -75,24 +41,28 @@ class Bootstrap
 		{
 			$workCallback();
 		}
+		catch (\Chibi\MissingViewFileException $e)
+		{
+			$this->context->json = true;
+			$this->context->layoutName = 'layout-json';
+			(new \Chibi\View())->renderFile($this->context->layoutName);
+		}
 		catch (SimpleException $e)
 		{
-			$this->context->transport->errorMessage = rtrim($e->getMessage(), '.') . '.';
-			$this->context->transport->errorHtml = TextHelper::parseMarkdown($this->context->transport->errorMessage, true);
-			$this->context->transport->exception = $e;
-			$this->context->transport->success = false;
+			StatusHelper::failure(rtrim($e->getMessage(), '.') . '.');
 			if (!$this->context->handleExceptions)
-				$this->context->viewName = 'error-simple';
+				$this->context->viewName = 'message';
 			(new \Chibi\View())->renderFile($this->context->layoutName);
 		}
 		catch (Exception $e)
 		{
-			$this->context->transport->errorMessage = rtrim($e->getMessage(), '.') . '.';
-			$this->context->transport->errorHtml = TextHelper::parseMarkdown($this->context->transport->errorMessage, true);
+			StatusHelper::failure(rtrim($e->getMessage(), '.') . '.');
 			$this->context->transport->exception = $e;
-			$this->context->transport->success = false;
+			$this->context->transport->queries = Database::getLogs();
 			$this->context->viewName = 'error-exception';
 			(new \Chibi\View())->renderFile($this->context->layoutName);
 		}
+
+		AuthController::observeWorkFinish();
 	}
 }
--- a/src/Controllers/AuthController.php
+++ b/src/Controllers/AuthController.php
@ -1,19 +1,31 @@
 <?php
 class AuthController
 {
+	private static function redirectAfterLog()
+	{
+		if (isset($_SESSION['login-redirect-url']))
+		{
+			\Chibi\UrlHelper::forward($_SESSION['login-redirect-url']);
+			unset($_SESSION['login-redirect-url']);
+			return;
+		}
+		\Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('index', 'index'));
+	}
+
 	public static function tryLogin($name, $password)
 	{
 		$config = \Chibi\Registry::getConfig();
+		$context = \Chibi\Registry::getContext();

-		$dbUser = R::findOne('user', 'name = ?', [$name]);
+		$dbUser = UserModel::findByNameOrEmail($name, false);
 		if ($dbUser === null)
 			throw new SimpleException('Invalid username');

-		$passwordHash = Model_User::hashPassword($password, $dbUser->pass_salt);
-		if ($passwordHash != $dbUser->pass_hash)
+		$passwordHash = UserModel::hashPassword($password, $dbUser->passSalt);
+		if ($passwordHash != $dbUser->passHash)
 			throw new SimpleException('Invalid password');

-		if (!$dbUser->staff_confirmed and $config->registration->staffActivation)
+		if (!$dbUser->staffConfirmed and $config->registration->staffActivation)
 			throw new SimpleException('Staff hasn\'t confirmed your registration yet');

 		if ($dbUser->banned)
@ -22,9 +34,8 @@ class AuthController
 		if ($config->registration->needEmailForRegistering)
 			PrivilegesHelper::confirmEmail($dbUser);

-		$_SESSION['user-id'] = $dbUser->id;
-		$_SESSION['user'] = serialize($dbUser);
-		\Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('index', 'index'));
+		$context->user = $dbUser;
+		self::doReLog();
 		return $dbUser;
 	}

@ -50,7 +61,7 @@ class AuthController
 		//check if already logged in
 		if ($this->context->loggedIn)
 		{
-			\Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('index', 'index'));
+			self::redirectAfterLog();
 			return;
 		}

@ -65,7 +76,8 @@ class AuthController
 				$token = implode('|', [base64_encode($suppliedName), base64_encode($suppliedPassword)]);
 				setcookie('auth', TextHelper::encrypt($token), time() + 365 * 24 * 3600, '/');
 			}
-			$this->context->transport->success = true;
+			StatusHelper::success();
+			self::redirectAfterLog();
 		}
 	}

@ -75,9 +87,65 @@ class AuthController
 	public function logoutAction()
 	{
 		$this->context->viewName = null;
-		$this->context->viewName = null;
-		unset($_SESSION['user-id']);
+		$this->context->layoutName = null;
+		self::doLogOut();
 		setcookie('auth', false, 0, '/');
 		\Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('index', 'index'));
 	}
+
+	public static function doLogOut()
+	{
+		unset($_SESSION['user']);
+	}
+
+	public static function doLogIn()
+	{
+		$context = \Chibi\Registry::getContext();
+		if (!isset($_SESSION['user']))
+		{
+			if (!empty($context->user) and $context->user->id)
+			{
+				$dbUser = UserModel::findById($context->user->id);
+				$_SESSION['user'] = serialize($dbUser);
+			}
+			else
+			{
+				$dummy = UserModel::spawn();
+				$dummy->name = UserModel::getAnonymousName();
+				$dummy->accessRank = AccessRank::Anonymous;
+				$_SESSION['user'] = serialize($dummy);
+			}
+		}
+
+		$context->user = unserialize($_SESSION['user']);
+		$context->loggedIn = $context->user->accessRank != AccessRank::Anonymous;
+		if (!$context->loggedIn)
+		{
+			try
+			{
+				self::tryAutoLogin();
+			}
+			catch (Exception $e)
+			{
+			}
+		}
+	}
+
+	public static function doReLog()
+	{
+		$context = \Chibi\Registry::getContext();
+		if ($context->user !== null)
+			self::doLogOut();
+		self::doLogIn();
+	}
+
+	public static function observeWorkFinish()
+	{
+		if (strpos(\Chibi\HeadersHelper::get('Content-Type'), 'text/html') === false)
+			return;
+		$context = \Chibi\Registry::getContext();
+		if ($context->route->simpleControllerName == 'auth')
+			return;
+		$_SESSION['login-redirect-url'] = $context->query;
+	}
 }
--- a/src/Controllers/CommentController.php
+++ b/src/Controllers/CommentController.php
@ -12,36 +12,23 @@ class CommentController
 		$this->context->stylesheets []= 'comment-list.css';
 		$this->context->stylesheets []= 'comment-small.css';
 		$this->context->stylesheets []= 'paginator.css';
-		$this->context->subTitle = 'comments';
 		if ($this->context->user->hasEnabledEndlessScrolling())
 			$this->context->scripts []= 'paginator-endless.js';

 		$page = intval($page);
 		$commentsPerPage = intval($this->config->comments->commentsPerPage);
+		$this->context->subTitle = 'comments';
 		PrivilegesHelper::confirmWithException(Privilege::ListComments);

-		$buildDbQuery = function($dbQuery)
-		{
-			$dbQuery->from('comment');
-			$dbQuery->orderBy('comment_date')->desc();
-		};
-
-		$countDbQuery = R::$f->begin();
-		$countDbQuery->select('COUNT(1)')->as('count');
-		$buildDbQuery($countDbQuery);
-		$commentCount = intval($countDbQuery->get('row')['count']);
+		$page = max(1, $page);
+		$comments = CommentSearchService::getEntities(null, $commentsPerPage, $page);
+		$commentCount = CommentSearchService::getEntityCount(null, $commentsPerPage, $page);
 		$pageCount = ceil($commentCount / $commentsPerPage);
-		$page = max(1, min($pageCount, $page));
+		CommentModel::preloadCommenters($comments);
+		CommentModel::preloadPosts($comments);
+		$posts = array_map(function($comment) { return $comment->getPost(); }, $comments);
+		PostModel::preloadTags($posts);

-		$searchDbQuery = R::$f->begin();
-		$searchDbQuery->select('comment.*');
-		$buildDbQuery($searchDbQuery);
-		$searchDbQuery->limit('?')->put($commentsPerPage);
-		$searchDbQuery->offset('?')->put(($page - 1) * $commentsPerPage);
-
-		$comments = $searchDbQuery->get();
-		$comments = R::convertToBeans('comment', $comments);
-		R::preload($comments, ['commenter' => 'user', 'post', 'post.uploader' => 'user']);
 		$this->context->postGroups = true;
 		$this->context->transport->paginator = new StdClass;
 		$this->context->transport->paginator->page = $page;
@ -64,21 +51,28 @@ class CommentController
 		if ($this->config->registration->needEmailForCommenting)
 			PrivilegesHelper::confirmEmail($this->context->user);

-		$post = Model_Post::locate($postId);
+		$post = PostModel::findById($postId);

-		$text = InputHelper::get('text');
-		if (!empty($text))
+		if (InputHelper::get('submit'))
 		{
-			$text = Model_Comment::validateText($text);
-			$comment = R::dispense('comment');
-			$comment->post = $post;
-			$comment->commenter = $this->context->user;
-			$comment->comment_date = time();
+			$text = InputHelper::get('text');
+			$text = CommentModel::validateText($text);
+
+			$comment = CommentModel::spawn();
+			$comment->setPost($post);
+			if ($this->context->loggedIn)
+				$comment->setCommenter($this->context->user);
+			else
+				$comment->setCommenter(null);
+			$comment->commentDate = time();
 			$comment->text = $text;
 			if (InputHelper::get('sender') != 'preview')
-				R::store($comment);
+			{
+				CommentModel::save($comment);
+				LogHelper::log('{user} commented on {post}', ['post' => TextHelper::reprPost($post->id)]);
+			}
 			$this->context->transport->textPreview = $comment->getText();
-			$this->context->transport->success = true;
+			StatusHelper::success();
 		}
 	}

@ -90,10 +84,12 @@ class CommentController
 	*/
 	public function deleteAction($id)
 	{
-		$comment = Model_Comment::locate($id);
-		R::preload($comment, ['commenter' => 'user']);
-		PrivilegesHelper::confirmWithException(Privilege::DeleteComment, PrivilegesHelper::getIdentitySubPrivilege($comment->commenter));
-		R::trash($comment);
-		$this->context->transport->success = true;
+		$comment = CommentModel::findById($id);
+
+		PrivilegesHelper::confirmWithException(Privilege::DeleteComment, PrivilegesHelper::getIdentitySubPrivilege($comment->getCommenter()));
+		CommentModel::remove($comment);
+
+		LogHelper::log('{user} removed comment from {post}', ['post' => TextHelper::reprPost($comment->getPost())]);
+		StatusHelper::success();
 	}
 }
--- a/src/Controllers/IndexController.php
+++ b/src/Controllers/IndexController.php
@ -9,47 +9,70 @@ class IndexController
 	{
 		$this->context->subTitle = 'home';
 		$this->context->stylesheets []= 'index-index.css';
-		$this->context->transport->postCount = R::$f->begin()->select('count(1)')->as('count')->from('post')->get('row')['count'];
+		$this->context->transport->postCount = PostModel::getCount();

-		$featuredPostRotationTime = $this->config->main->featuredPostMaxDays * 24 * 3600;
-
-		$featuredPostId = Model_Property::get(Model_Property::FeaturedPostId);
-		$featuredPostUserId = Model_Property::get(Model_Property::FeaturedPostUserId);
-		$featuredPostDate = Model_Property::get(Model_Property::FeaturedPostDate);
-		if (!$featuredPostId or $featuredPostDate + $featuredPostRotationTime < time())
+		$featuredPost = $this->getFeaturedPost();
+		if ($featuredPost)
 		{
-			$featuredPostId = R::$f->begin()
-				->select('id')
-				->from('post')
-				->where('type = ?')->put(PostType::Image)
-				->and('safety = ?')->put(PostSafety::Safe)
-				->orderBy('random()')
-				->desc()
-				->get('row')['id'];
-			$featuredPostUserId = null;
-			$featuredPostDate = time();
-			Model_Property::set(Model_Property::FeaturedPostId, $featuredPostId);
-			Model_Property::set(Model_Property::FeaturedPostUserId, $featuredPostUserId);
-			Model_Property::set(Model_Property::FeaturedPostDate, $featuredPostDate);
-		}
-
-		if ($featuredPostId !== null)
-		{
-			$featuredPost = Model_Post::locate($featuredPostId);
-			R::preload($featuredPost, ['user', 'comment', 'favoritee']);
-			$featuredPostUser = R::findOne('user', 'id = ?', [$featuredPostUserId]);
 			$this->context->featuredPost = $featuredPost;
-			$this->context->featuredPostUser = $featuredPostUser;
-			$this->context->featuredPostDate = $featuredPostDate;
+			$this->context->featuredPostDate = PropertyModel::get(PropertyModel::FeaturedPostDate);
+			$this->context->featuredPostUser = UserModel::findByNameOrEmail(PropertyModel::get(PropertyModel::FeaturedPostUserName), false);
+			$this->context->pageThumb = \Chibi\UrlHelper::route('post', 'thumb', ['name' => $featuredPost->name]);
 		}
 	}

 	/**
 	* @route /help
+	* @route /help/{tab}
 	*/
-	public function helpAction()
+	public function helpAction($tab = null)
 	{
+		if (empty($this->config->help->paths) or empty($this->config->help->title))
+			throw new SimpleException('Help is disabled');
+		$tab = $tab ?: array_keys($this->config->help->subTitles)[0];
+		if (!isset($this->config->help->paths[$tab]))
+			throw new SimpleException('Invalid tab');
+		$this->context->path = TextHelper::absolutePath($this->config->help->paths[$tab]);
 		$this->context->stylesheets []= 'index-help.css';
 		$this->context->subTitle = 'help';
+		$this->context->tab = $tab;
+	}
+
+	private function getFeaturedPost()
+	{
+		$featuredPostRotationTime = $this->config->misc->featuredPostMaxDays * 24 * 3600;
+
+		$featuredPostId = PropertyModel::get(PropertyModel::FeaturedPostId);
+		$featuredPostDate = PropertyModel::get(PropertyModel::FeaturedPostDate);
+
+		//check if too old
+		if (!$featuredPostId or $featuredPostDate + $featuredPostRotationTime < time())
+			return $this->featureNewPost();
+
+		//check if post was deleted
+		$featuredPost = PostModel::findById($featuredPostId, false);
+		if (!$featuredPost)
+			return $this->featureNewPost();
+
+		return $featuredPost;
+	}
+
+	private function featureNewPost()
+	{
+		$query = (new SqlQuery)
+			->select('id')
+			->from('post')
+			->where('type = ?')->put(PostType::Image)
+			->and('safety = ?')->put(PostSafety::Safe)
+			->orderBy($this->config->main->dbDriver == 'sqlite' ? 'random()' : 'rand()')
+			->desc();
+		$featuredPostId = Database::fetchOne($query)['id'];
+		if (!$featuredPostId)
+			return null;
+
+		PropertyModel::set(PropertyModel::FeaturedPostId, $featuredPostId);
+		PropertyModel::set(PropertyModel::FeaturedPostDate, time());
+		PropertyModel::set(PropertyModel::FeaturedPostUserName, null);
+		return PostModel::findById($featuredPostId);
 	}
 }
--- a/src/Controllers/LogController.php
+++ b/src/Controllers/LogController.php
@ -0,0 +1,65 @@
+<?php
+class LogController
+{
+	/**
+	* @route /logs
+	*/
+	public function listAction()
+	{
+		$this->context->subTitle = 'latest logs';
+		PrivilegesHelper::confirmWithException(Privilege::ListLogs);
+
+		$path = TextHelper::absolutePath($this->config->main->logsPath);
+
+		$logs = [];
+		foreach (glob($path . DS . '*.log') as $log)
+			$logs []= basename($log);
+
+		usort($logs, function($a, $b)
+		{
+			return strnatcasecmp($b, $a); //reverse natcasesort
+		});
+
+		$this->context->transport->logs = $logs;
+	}
+
+	/**
+	* @route /log/{name}
+	* @validate name [0-9a-zA-Z._-]+
+	*/
+	public function viewAction($name)
+	{
+		$this->context->subTitle = 'logs (' . $name . ')';
+		$this->context->stylesheets []= 'logs.css';
+		$this->context->scripts []= 'logs.js';
+		PrivilegesHelper::confirmWithException(Privilege::ViewLog);
+
+		$name = str_replace(['/', '\\'], '', $name); //paranoia mode
+		$path = TextHelper::absolutePath($this->config->main->logsPath . DS . $name);
+		if (!file_exists($path))
+			throw new SimpleException('Specified log doesn\'t exist');
+
+		$filter = InputHelper::get('filter');
+
+		$lines = file_get_contents($path);
+		$lines = explode(PHP_EOL, str_replace(["\r", "\n"], PHP_EOL, $lines));
+		$lines = array_reverse($lines);
+
+		if (!empty($filter))
+			$lines = array_filter($lines, function($line) use ($filter) { return stripos($line, $filter) !== false; });
+
+		//stylize important lines
+		foreach ($lines as &$line)
+			if (strpos($line, 'flag') !== false)
+				$line = '**' . $line . '**';
+		unset($line);
+
+		$lines = join(PHP_EOL, $lines);
+		$lines = TextHelper::parseMarkdown($lines, true);
+		$lines = trim($lines);
+
+		$this->context->transport->filter = $filter;
+		$this->context->transport->name = $name;
+		$this->context->transport->log = $lines;
+	}
+}
--- a/src/Controllers/PostController.php
+++ b/src/Controllers/PostController.php
--- a/src/Controllers/TagController.php
+++ b/src/Controllers/TagController.php
@ -3,93 +3,105 @@ class TagController
 {
 	/**
 	* @route /tags
+	* @route /tags/{filter}
+	* @validate filter [a-zA-Z\32:,_-]+
 	*/
-	public function listAction()
+	public function listAction($filter = null)
 	{
 		$this->context->stylesheets []= 'tag-list.css';
 		$this->context->subTitle = 'tags';
+		$this->context->viewName = 'tag-list-wrapper';

 		PrivilegesHelper::confirmWithException(Privilege::ListTags);
-		$suppliedFilter = InputHelper::get('filter');
-
-		$dbQuery = R::$f->begin();
-		$dbQuery->select('tag.*, COUNT(1) AS count');
-		$dbQuery->from('tag');
-		$dbQuery->innerJoin('post_tag');
-		$dbQuery->on('tag.id = post_tag.tag_id');
-		if ($suppliedFilter)
-		{
-			if (strlen($suppliedFilter) >= 3)
-				$suppliedFilter = '%' . $suppliedFilter;
-			$suppliedFilter .= '%';
-			$dbQuery->where('LOWER(tag.name) LIKE LOWER(?)')->put($suppliedFilter);
-		}
-		$dbQuery->groupBy('tag.id');
-		$dbQuery->orderBy('LOWER(tag.name)')->asc();
-		if ($suppliedFilter)
-			$dbQuery->limit(15);
-		$rows = $dbQuery->get();
-		$tags = R::convertToBeans('tag', $rows);
-
-		$tags = [];
-		$tagDistribution = [];
-		foreach ($rows as $row)
-		{
-			$tags []= strval($row['name']);
-			$tagDistribution[$row['name']] = intval($row['count']);
-		}
+		$suppliedFilter = $filter ?: InputHelper::get('filter') ?: 'order:alpha,asc';

+		$tags = TagSearchService::getEntitiesRows($suppliedFilter, null, null);
+		$this->context->filter = $suppliedFilter;
 		$this->context->transport->tags = $tags;
-		$this->context->transport->tagDistribution = $tagDistribution;
+
+		if ($this->context->json)
+		{
+			$this->context->transport->tags = array_values(array_map(function($tag) {
+				return ['name' => $tag['name'], 'count' => $tag['post_count']];
+			}, $this->context->transport->tags));
+		}
 	}

 	/**
-	* @route /tags/merge
+	* @route /tag/merge
 	*/
 	public function mergeAction()
 	{
+		$this->context->stylesheets []= 'tag-list.css';
+		$this->context->subTitle = 'tags';
+		$this->context->viewName = 'tag-list-wrapper';
+
 		PrivilegesHelper::confirmWithException(Privilege::MergeTags);
 		if (InputHelper::get('submit'))
 		{
-			$sourceTag = Model_Tag::locate(InputHelper::get('source-tag'));
-			$targetTag = Model_Tag::locate(InputHelper::get('target-tag'));
+			TagModel::removeUnused();

-			R::preload($sourceTag, 'post');
+			$suppliedSourceTag = InputHelper::get('source-tag');
+			$suppliedSourceTag = TagModel::validateTag($suppliedSourceTag);
+
+			$suppliedTargetTag = InputHelper::get('target-tag');
+			$suppliedTargetTag = TagModel::validateTag($suppliedTargetTag);
+
+			TagModel::merge($suppliedSourceTag, $suppliedTargetTag);

-			foreach ($sourceTag->sharedPost as $post)
-			{
-				foreach ($post->sharedTag as $key => $postTag)
-					if ($postTag->id == $sourceTag->id)
-						unset($post->sharedTag[$key]);
-				$post->sharedTag []= $targetTag;
-				R::store($post);
-			}
-			R::trash($sourceTag);
 			\Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('tag', 'list'));
-			$this->view->context->success = true;
+			LogHelper::log('{user} merged {source} with {target}', ['source' => TextHelper::reprTag($suppliedSourceTag), 'target' => TextHelper::reprTag($suppliedTargetTag)]);
+			StatusHelper::success();
 		}
 	}

 	/**
-	* @route /tags/rename
+	* @route /tag/rename
 	*/
 	public function renameAction()
 	{
+		$this->context->stylesheets []= 'tag-list.css';
+		$this->context->subTitle = 'tags';
+		$this->context->viewName = 'tag-list-wrapper';
+
 		PrivilegesHelper::confirmWithException(Privilege::MergeTags);
 		if (InputHelper::get('submit'))
 		{
+			TagModel::removeUnused();
+
 			$suppliedSourceTag = InputHelper::get('source-tag');
-			$suppliedSourceTag = Model_Tag::validateTag($suppliedSourceTag);
+			$suppliedSourceTag = TagModel::validateTag($suppliedSourceTag);

 			$suppliedTargetTag = InputHelper::get('target-tag');
-			$suppliedTargetTag = Model_Tag::validateTag($suppliedTargetTag);
+			$suppliedTargetTag = TagModel::validateTag($suppliedTargetTag);

-			$sourceTag = Model_Tag::locate($suppliedSourceTag);
-			$sourceTag->name = $suppliedTargetTag;
-			R::store($sourceTag);
+			TagModel::rename($suppliedSourceTag, $suppliedTargetTag);

 			\Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('tag', 'list'));
-			$this->context->transport->success = true;
+			LogHelper::log('{user} renamed {source} to {target}', ['source' => TextHelper::reprTag($suppliedSourceTag), 'target' => TextHelper::reprTag($suppliedTargetTag)]);
+			StatusHelper::success();
+		}
+	}
+
+	/**
+	* @route /mass-tag-redirect
+	*/
+	public function massTagRedirectAction()
+	{
+		$this->context->stylesheets []= 'tag-list.css';
+		$this->context->subTitle = 'tags';
+		$this->context->viewName = 'tag-list-wrapper';
+
+		PrivilegesHelper::confirmWithException(Privilege::MassTag);
+		if (InputHelper::get('submit'))
+		{
+			$suppliedQuery = InputHelper::get('query');
+			if (!$suppliedQuery)
+				$suppliedQuery = ' ';
+			$suppliedTag = InputHelper::get('tag');
+			if (!empty($suppliedTag))
+				$suppliedTag = TagModel::validateTag($suppliedTag);
+			\Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('post', 'list', ['source' => 'mass-tag', 'query' => $suppliedQuery, 'additionalInfo' => $suppliedTag]));
 		}
 	}
 }
--- a/src/Controllers/UserController.php
+++ b/src/Controllers/UserController.php
@ -1,27 +1,49 @@
 <?php
 class UserController
 {
-	private static function sendEmailConfirmation(&$user)
+	private function loadUserView($user)
 	{
-		$regConfig = \Chibi\Registry::getConfig()->registration;
+		$flagged = in_array(TextHelper::reprUser($user), SessionHelper::get('flagged', []));
+		$this->context->flagged = $flagged;
+		$this->context->transport->user = $user;
+		$this->context->handleExceptions = true;
+		$this->context->viewName = 'user-view';
+		$this->context->stylesheets []= 'user-view.css';
+		$this->context->subTitle = $user->name;
+	}

-		if (!$regConfig->confirmationEmailEnabled)
-		{
-			$user->email_confirmed = $user->email_unconfirmed;
-			$user->email_unconfirmed = null;
-			return;
-		}
+	private static function sendTokenizedEmail(
+		$user,
+		$body,
+		$subject,
+		$senderName,
+		$senderEmail,
+		$recipientEmail,
+		$linkActionName)
+	{
+		//prepare unique user token
+		$token = TokenModel::spawn();
+		$token->setUser($user);
+		$token->token = TokenModel::forgeUnusedToken();
+		$token->used = false;
+		$token->expires = null;
+		TokenModel::save($token);

 		\Chibi\Registry::getContext()->mailSent = true;
 		$tokens = [];
 		$tokens['host'] = $_SERVER['HTTP_HOST'];
-		$tokens['link'] = \Chibi\UrlHelper::route('user', 'activation', ['token' => $user->email_token]);
+		$tokens['token'] = $token->token; //gosh this code looks so silly
+		$tokens['nl'] = PHP_EOL;
+		if ($linkActionName !== null)
+			$tokens['link'] = \Chibi\UrlHelper::route('user', $linkActionName, ['token' => $token->token]);

-		$body = wordwrap(TextHelper::replaceTokens($regConfig->confirmationEmailBody, $tokens), 70);
-		$subject = TextHelper::replaceTokens($regConfig->confirmationEmailSubject, $tokens);
-		$senderName = TextHelper::replaceTokens($regConfig->confirmationEmailSenderName, $tokens);
-		$senderEmail = TextHelper::replaceTokens($regConfig->confirmationEmailSenderEmail, $tokens);
-		$recipientEmail = $user->email_unconfirmed;
+		$body = wordwrap(TextHelper::replaceTokens($body, $tokens), 70);
+		$subject = TextHelper::replaceTokens($subject, $tokens);
+		$senderName = TextHelper::replaceTokens($senderName, $tokens);
+		$senderEmail = TextHelper::replaceTokens($senderEmail, $tokens);
+
+		if (empty($recipientEmail))
+			throw new SimpleException('Destination e-mail address was not found');

 		$headers = [];
 		$headers []= sprintf('MIME-Version: 1.0');
@ -35,8 +57,44 @@ class UserController
 		$headers []= sprintf('Content-Type: text/plain; charset=utf-8', $subject);
 		$headers []= sprintf('X-Mailer: PHP/%s', phpversion());
 		$headers []= sprintf('X-Originating-IP: %s', $_SERVER['SERVER_ADDR']);
-		$subject = '=?UTF-8?B?' . base64_encode($subject) . '?=';
-		mail($recipientEmail, $subject, $body, implode("\r\n", $headers), '-f' . $senderEmail);
+		$encodedSubject = '=?UTF-8?B?' . base64_encode($subject) . '?=';
+		mail($recipientEmail, $encodedSubject, $body, implode("\r\n", $headers), '-f' . $senderEmail);
+
+		LogHelper::log('Sending e-mail with subject "{subject}" to {mail}', ['subject' => $subject, 'mail' => $recipientEmail]);
+	}
+
+	private static function sendEmailChangeConfirmation($user)
+	{
+		$regConfig = \Chibi\Registry::getConfig()->registration;
+		if (!$regConfig->confirmationEmailEnabled)
+		{
+			$user->emailConfirmed = $user->emailUnconfirmed;
+			$user->emailUnconfirmed = null;
+			return;
+		}
+
+		return self::sendTokenizedEmail(
+			$user,
+			$regConfig->confirmationEmailBody,
+			$regConfig->confirmationEmailSubject,
+			$regConfig->confirmationEmailSenderName,
+			$regConfig->confirmationEmailSenderEmail,
+			$user->emailUnconfirmed,
+			'activation');
+	}
+
+	private static function sendPasswordResetConfirmation($user)
+	{
+		$regConfig = \Chibi\Registry::getConfig()->registration;
+
+		return self::sendTokenizedEmail(
+			$user,
+			$regConfig->passwordResetEmailBody,
+			$regConfig->passwordResetEmailSubject,
+			$regConfig->passwordResetEmailSenderName,
+			$regConfig->passwordResetEmailSenderEmail,
+			$user->emailConfirmed,
+			'password-reset');
 	}


@ -56,58 +114,21 @@ class UserController
 		if ($this->context->user->hasEnabledEndlessScrolling())
 			$this->context->scripts []= 'paginator-endless.js';

-		$page = intval($page);
-		$usersPerPage = intval($this->config->browsing->usersPerPage);
-		$this->context->subTitle = 'users';
-		PrivilegesHelper::confirmWithException(Privilege::ListUsers);
-
 		if ($sortStyle == '' or $sortStyle == 'alpha')
 			$sortStyle = 'alpha,asc';
 		if ($sortStyle == 'date')
 			$sortStyle = 'date,asc';

-		$buildDbQuery = function($dbQuery, $sortStyle)
-		{
-			$dbQuery->from('user');
+		$page = intval($page);
+		$usersPerPage = intval($this->config->browsing->usersPerPage);
+		$this->context->subTitle = 'users';
+		PrivilegesHelper::confirmWithException(Privilege::ListUsers);

-			switch ($sortStyle)
-			{
-				case 'alpha,asc':
-					$dbQuery->orderBy('name')->asc();
-					break;
-				case 'alpha,desc':
-					$dbQuery->orderBy('name')->desc();
-					break;
-				case 'date,asc':
-					$dbQuery->orderBy('join_date')->asc();
-					break;
-				case 'date,desc':
-					$dbQuery->orderBy('join_date')->desc();
-					break;
-				case 'pending':
-					$dbQuery->where('staff_confirmed IS NULL');
-					$dbQuery->or('staff_confirmed = 0');
-					break;
-				default:
-					throw new SimpleException('Unknown sort style');
-			}
-		};
-
-		$countDbQuery = R::$f->begin();
-		$countDbQuery->select('COUNT(1)')->as('count');
-		$buildDbQuery($countDbQuery, $sortStyle);
-		$userCount = intval($countDbQuery->get('row')['count']);
+		$page = max(1, $page);
+		$users = UserSearchService::getEntities($sortStyle, $usersPerPage, $page);
+		$userCount = UserSearchService::getEntityCount($sortStyle, $usersPerPage, $page);
 		$pageCount = ceil($userCount / $usersPerPage);
-		$page = max(1, min($pageCount, $page));

-		$searchDbQuery = R::$f->begin();
-		$searchDbQuery->select('user.*');
-		$buildDbQuery($searchDbQuery, $sortStyle);
-		$searchDbQuery->limit('?')->put($usersPerPage);
-		$searchDbQuery->offset('?')->put(($page - 1) * $usersPerPage);
-
-		$users = $searchDbQuery->get();
-		$users = R::convertToBeans('user', $users);
 		$this->context->sortStyle = $sortStyle;
 		$this->context->transport->paginator = new StdClass;
 		$this->context->transport->paginator->page = $page;
@ -120,51 +141,88 @@ class UserController



+	/**
+	* @route /user/{name}/flag
+	* @validate name [^\/]+
+	*/
+	public function flagAction($name)
+	{
+		$user = UserModel::findByNameOrEmail($name);
+		PrivilegesHelper::confirmWithException(Privilege::FlagUser);
+
+		if (InputHelper::get('submit'))
+		{
+			$key = TextHelper::reprUser($user);
+
+			$flagged = SessionHelper::get('flagged', []);
+			if (in_array($key, $flagged))
+				throw new SimpleException('You already flagged this user');
+			$flagged []= $key;
+			SessionHelper::set('flagged', $flagged);
+
+			LogHelper::log('{user} flagged {subject} for moderator attention', ['subject' => TextHelper::reprUser($user)]);
+			StatusHelper::success();
+		}
+	}
+
+
+
 	/**
 	* @route /user/{name}/ban
 	* @validate name [^\/]+
 	*/
 	public function banAction($name)
 	{
-		$user = Model_User::locate($name);
+		$user = UserModel::findByNameOrEmail($name);
 		PrivilegesHelper::confirmWithException(Privilege::BanUser, PrivilegesHelper::getIdentitySubPrivilege($user));
+
 		if (InputHelper::get('submit'))
 		{
 			$user->banned = true;
-			R::store($user);
-			$this->context->transport->success = true;
+			UserModel::save($user);
+
+			LogHelper::log('{user} banned {subject}', ['subject' => TextHelper::reprUser($user)]);
+			StatusHelper::success();
 		}
 	}

+
+
 	/**
 	* @route /post/{name}/unban
 	* @validate name [^\/]+
 	*/
 	public function unbanAction($name)
 	{
-		$user = Model_User::locate($name);
+		$user = UserModel::findByNameOrEmail($name);
 		PrivilegesHelper::confirmWithException(Privilege::BanUser, PrivilegesHelper::getIdentitySubPrivilege($user));
+
 		if (InputHelper::get('submit'))
 		{
 			$user->banned = false;
-			R::store($user);
-			$this->context->transport->success = true;
+			UserModel::save($user);
+
+			LogHelper::log('{user} unbanned {subject}', ['subject' => TextHelper::reprUser($user)]);
+			StatusHelper::success();
 		}
 	}

+
+
 	/**
 	* @route /post/{name}/accept-registration
 	* @validate name [^\/]+
 	*/
 	public function acceptRegistrationAction($name)
 	{
-		$user = Model_User::locate($name);
+		$user = UserModel::findByNameOrEmail($name);
 		PrivilegesHelper::confirmWithException(Privilege::AcceptUserRegistration);
 		if (InputHelper::get('submit'))
 		{
-			$user->staff_confirmed = true;
-			R::store($user);
-			$this->context->transport->success = true;
+			$user->staffConfirmed = true;
+			UserModel::save($user);
+			LogHelper::log('{user} confirmed {subject}\'s account', ['subject' => TextHelper::reprUser($user)]);
+			StatusHelper::success();
 		}
 	}

@ -176,43 +234,33 @@ class UserController
 	*/
 	public function deleteAction($name)
 	{
-		$user = Model_User::locate($name);
+		$user = UserModel::findByNameOrEmail($name);
 		PrivilegesHelper::confirmWithException(Privilege::ViewUser, PrivilegesHelper::getIdentitySubPrivilege($user));
 		PrivilegesHelper::confirmWithException(Privilege::DeleteUser, PrivilegesHelper::getIdentitySubPrivilege($user));

-		$this->context->handleExceptions = true;
-		$this->context->transport->user = $user;
+		$this->loadUserView($user);
 		$this->context->transport->tab = 'delete';
-		$this->context->viewName = 'user-view';
-		$this->context->stylesheets []= 'tabs.css';
-		$this->context->stylesheets []= 'user-view.css';
-		$this->context->subTitle = $name;

 		$this->context->suppliedCurrentPassword = $suppliedCurrentPassword = InputHelper::get('current-password');

 		if (InputHelper::get('submit'))
 		{
+			$name = $user->name;
 			if ($this->context->user->id == $user->id)
 			{
-				$suppliedPasswordHash = Model_User::hashPassword($suppliedCurrentPassword, $user->pass_salt);
-				if ($suppliedPasswordHash != $user->pass_hash)
+				$suppliedPasswordHash = UserModel::hashPassword($suppliedCurrentPassword, $user->passSalt);
+				if ($suppliedPasswordHash != $user->passHash)
 					throw new SimpleException('Must supply valid password');
 			}
-			foreach ($user->alias('commenter')->ownComment as $comment)
-			{
-				$comment->commenter = null;
-				R::store($comment);
-			}
-			foreach ($user->alias('uploader')->ownPost as $post)
-			{
-				$post->uploader = null;
-				R::store($post);
-			}
-			$user->ownFavoritee = [];
-			R::store($user);
-			R::trash($user);
+
+			$oldId = $user->id;
+			UserModel::remove($user);
+			if ($oldId == $this->context->user->id)
+				AuthController::doLogOut();
+
 			\Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('index', 'index'));
-			$this->context->transport->success = true;
+			LogHelper::log('{user} removed {subject}\'s account', ['subject' => TextHelper::reprUser($name)]);
+			StatusHelper::success();
 		}
 	}

@ -224,17 +272,12 @@ class UserController
 	*/
 	public function settingsAction($name)
 	{
-		$user = Model_User::locate($name);
+		$user = UserModel::findByNameOrEmail($name);
 		PrivilegesHelper::confirmWithException(Privilege::ViewUser, PrivilegesHelper::getIdentitySubPrivilege($user));
 		PrivilegesHelper::confirmWithException(Privilege::ChangeUserSettings, PrivilegesHelper::getIdentitySubPrivilege($user));

-		$this->context->handleExceptions = true;
-		$this->context->transport->user = $user;
+		$this->loadUserView($user);
 		$this->context->transport->tab = 'settings';
-		$this->context->viewName = 'user-view';
-		$this->context->stylesheets []= 'tabs.css';
-		$this->context->stylesheets []= 'user-view.css';
-		$this->context->subTitle = $name;

 		if (InputHelper::get('submit'))
 		{
@ -245,10 +288,15 @@ class UserController
 				$user->enableSafety($safety, in_array($safety, $suppliedSafety));

 			$user->enableEndlessScrolling(InputHelper::get('endless-scrolling'));
+			$user->enablePostTagTitles(InputHelper::get('post-tag-titles'));
+			$user->enableHidingDislikedPosts(InputHelper::get('hide-disliked-posts'));

-			R::store($user);
-			$this->context->transport->user = $user;
-			$this->context->transport->success = true;
+			if ($user->accessRank != AccessRank::Anonymous)
+				UserModel::save($user);
+			if ($user->id == $this->context->user->id)
+				$this->context->user = $user;
+			AuthController::doReLog();
+			StatusHelper::success('Browsing settings updated!');
 		}
 	}

@ -262,16 +310,11 @@ class UserController
 	{
 		try
 		{
-			$user = Model_User::locate($name);
+			$user = UserModel::findByNameOrEmail($name);
 			PrivilegesHelper::confirmWithException(Privilege::ViewUser, PrivilegesHelper::getIdentitySubPrivilege($user));

-			$this->context->handleExceptions = true;
-			$this->context->transport->user = $user;
+			$this->loadUserView($user);
 			$this->context->transport->tab = 'edit';
-			$this->context->viewName = 'user-view';
-			$this->context->stylesheets []= 'tabs.css';
-			$this->context->stylesheets []= 'user-view.css';
-			$this->context->subTitle = $name;

 			$this->context->suppliedCurrentPassword = $suppliedCurrentPassword = InputHelper::get('current-password');
 			$this->context->suppliedName = $suppliedName = InputHelper::get('name');
@ -279,15 +322,20 @@ class UserController
 			$this->context->suppliedPassword2 = $suppliedPassword2 = InputHelper::get('password2');
 			$this->context->suppliedEmail = $suppliedEmail = InputHelper::get('email');
 			$this->context->suppliedAccessRank = $suppliedAccessRank = InputHelper::get('access-rank');
-			$currentPasswordHash = $user->pass_hash;
+			$currentPasswordHash = $user->passHash;

 			if (InputHelper::get('submit'))
 			{
+				$confirmMail = false;
+				LogHelper::bufferChanges();
+
 				if ($suppliedName != '' and $suppliedName != $user->name)
 				{
 					PrivilegesHelper::confirmWithException(Privilege::ChangeUserName, PrivilegesHelper::getIdentitySubPrivilege($user));
-					$suppliedName = Model_User::validateUserName($suppliedName);
+					$suppliedName = UserModel::validateUserName($suppliedName);
+					$oldName = $user->name;
 					$user->name = $suppliedName;
+					LogHelper::log('{user} renamed {old} to {new}', ['old' => TextHelper::reprUser($oldName), 'new' => TextHelper::reprUser($suppliedName)]);
 				}

 				if ($suppliedPassword1 != '')
@ -295,46 +343,61 @@ class UserController
 					PrivilegesHelper::confirmWithException(Privilege::ChangeUserPassword, PrivilegesHelper::getIdentitySubPrivilege($user));
 					if ($suppliedPassword1 != $suppliedPassword2)
 						throw new SimpleException('Specified passwords must be the same');
-					$suppliedPassword = Model_User::validatePassword($suppliedPassword1);
-					$user->pass_hash = Model_User::hashPassword($suppliedPassword, $user->pass_salt);
+					$suppliedPassword = UserModel::validatePassword($suppliedPassword1);
+					$user->passHash = UserModel::hashPassword($suppliedPassword, $user->passSalt);
+					LogHelper::log('{user} changed {subject}\'s password', ['subject' => TextHelper::reprUser($user)]);
 				}

-				if ($suppliedEmail != '' and $suppliedEmail != $user->email_confirmed)
+				if ($suppliedEmail != '' and $suppliedEmail != $user->emailConfirmed)
 				{
 					PrivilegesHelper::confirmWithException(Privilege::ChangeUserEmail, PrivilegesHelper::getIdentitySubPrivilege($user));
-					$suppliedEmail = Model_User::validateEmail($suppliedEmail);
+					$suppliedEmail = UserModel::validateEmail($suppliedEmail);
 					if ($this->context->user->id == $user->id)
 					{
-						$user->email_unconfirmed = $suppliedEmail;
-						if (!empty($user->email_unconfirmed))
-							self::sendEmailConfirmation($user);
+						$user->emailUnconfirmed = $suppliedEmail;
+						if (!empty($user->emailUnconfirmed))
+							$confirmMail = true;
+						LogHelper::log('{user} changed e-mail to {mail}', ['mail' => $suppliedEmail]);
 					}
 					else
 					{
-						$user->email_confirmed = $suppliedEmail;
+						$user->emailUnconfirmed = null;
+						$user->emailConfirmed = $suppliedEmail;
+						LogHelper::log('{user} changed {subject}\'s e-mail to {mail}', ['subject' => TextHelper::reprUser($user), 'mail' => $suppliedEmail]);
 					}
 				}

-				if ($suppliedAccessRank != '' and $suppliedAccessRank != $user->access_rank)
+				if ($suppliedAccessRank != '' and $suppliedAccessRank != $user->accessRank)
 				{
 					PrivilegesHelper::confirmWithException(Privilege::ChangeUserAccessRank, PrivilegesHelper::getIdentitySubPrivilege($user));
-					$suppliedAccessRank = Model_User::validateAccessRank($suppliedAccessRank);
-					$user->access_rank = $suppliedAccessRank;
+					$suppliedAccessRank = UserModel::validateAccessRank($suppliedAccessRank);
+					$user->accessRank = $suppliedAccessRank;
+					LogHelper::log('{user} changed {subject}\'s access rank to {rank}', ['subject' => TextHelper::reprUser($user), 'rank' => AccessRank::toString($suppliedAccessRank)]);
 				}

 				if ($this->context->user->id == $user->id)
 				{
-					$suppliedPasswordHash = Model_User::hashPassword($suppliedCurrentPassword, $user->pass_salt);
+					$suppliedPasswordHash = UserModel::hashPassword($suppliedCurrentPassword, $user->passSalt);
 					if ($suppliedPasswordHash != $currentPasswordHash)
 						throw new SimpleException('Must supply valid current password');
 				}
-				R::store($user);
-				$this->context->transport->success = true;
+				UserModel::save($user);
+				if ($this->context->user->id == $user->id)
+					AuthController::doReLog();
+
+				if ($confirmMail)
+					self::sendEmailChangeConfirmation($user);
+
+				LogHelper::flush();
+				$message = 'Account settings updated!';
+				if ($confirmMail)
+					$message .= ' You will be sent an e-mail address confirmation message soon.';
+				StatusHelper::success($message);
 			}
 		}
 		catch (Exception $e)
 		{
-			$this->context->transport->user = Model_User::locate($name);
+			$this->context->transport->user = UserModel::findByNameOrEmail($name);
 			throw $e;
 		}
 	}
@ -342,94 +405,46 @@ class UserController


 	/**
-	* @route /user/{name}
+	* @route /user/{name}/{tab}
 	* @route /user/{name}/{tab}/{page}
 	* @validate name [^\/]+
 	* @validate tab favs|uploads
 	* @validate page \d*
 	*/
-	public function viewAction($name, $tab, $page)
+	public function viewAction($name, $tab = 'favs', $page)
 	{
 		$postsPerPage = intval($this->config->browsing->postsPerPage);
-		$user = Model_User::locate($name);
+		$user = UserModel::findByNameOrEmail($name);
 		if ($tab === null)
 			$tab = 'favs';
 		if ($page === null)
 			$page = 1;

 		PrivilegesHelper::confirmWithException(Privilege::ViewUser, PrivilegesHelper::getIdentitySubPrivilege($user));
-		$this->context->stylesheets []= 'tabs.css';
-		$this->context->stylesheets []= 'user-view.css';
+		$this->loadUserView($user);
 		$this->context->stylesheets []= 'post-list.css';
 		$this->context->stylesheets []= 'post-small.css';
 		$this->context->stylesheets []= 'paginator.css';
+		$this->context->scripts []= 'post-list.js';
 		if ($this->context->user->hasEnabledEndlessScrolling())
 			$this->context->scripts []= 'paginator-endless.js';
-		$this->context->subTitle = $name;

-		$buildDbQuery = function($dbQuery, $user, $tab)
-		{
-			$dbQuery->from('post');
+		$query = '';
+		if ($tab == 'uploads')
+			$query = 'submit:' . $user->name;
+		elseif ($tab == 'favs')
+			$query = 'fav:' . $user->name;
+		else
+			throw new SimpleException('Wrong tab');

-
-			/* safety */
-			$allowedSafety = array_filter(PostSafety::getAll(), function($safety)
-			{
-				return PrivilegesHelper::confirm(Privilege::ListPosts, PostSafety::toString($safety)) and
-					$this->context->user->hasEnabledSafety($safety);
-			});
-			$dbQuery->where('safety IN (' . R::genSlots($allowedSafety) . ')');
-			foreach ($allowedSafety as $s)
-				$dbQuery->put($s);
-
-
-			/* hidden */
-			if (!PrivilegesHelper::confirm(Privilege::ListPosts, 'hidden'))
-				$dbQuery->andNot('hidden');
-
-
-			/* tab */
-			switch ($tab)
-			{
-				case 'uploads':
-					$dbQuery
-						->and('uploader_id = ?')
-						->put($user->id);
-					break;
-				case 'favs':
-					$dbQuery
-						->and()
-						->exists()
-						->open()
-						->select('1')
-						->from('favoritee')
-						->where('post_id = post.id')
-						->and('favoritee.user_id = ?')
-						->put($user->id)
-						->close();
-					break;
-			}
-		};
-
-		$countDbQuery = R::$f->begin()->select('COUNT(*)')->as('count');
-		$buildDbQuery($countDbQuery, $user, $tab);
-		$postCount = intval($countDbQuery->get('row')['count']);
+		$page = max(1, $page);
+		$posts = PostSearchService::getEntities($query, $postsPerPage, $page);
+		$postCount = PostSearchService::getEntityCount($query, $postsPerPage, $page);
 		$pageCount = ceil($postCount / $postsPerPage);
-		$page = max(1, min($pageCount, $page));
+		PostModel::preloadTags($posts);

-		$searchDbQuery = R::$f->begin()->select('*');
-		$buildDbQuery($searchDbQuery, $user, $tab);
-		$searchDbQuery->orderBy('id DESC')
-			->limit('?')
-			->put($postsPerPage)
-			->offset('?')
-			->put(($page - 1) * $postsPerPage);
-
-		$posts = $searchDbQuery->get();
-		$posts = R::convertToBeans('post', $posts);
-		R::preload($posts, ['uploader' => 'user']);
-		$this->context->transport->user = $user;
 		$this->context->transport->tab = $tab;
+		$this->context->transport->lastSearchQuery = $query;
 		$this->context->transport->paginator = new StdClass;
 		$this->context->transport->paginator->page = $page;
 		$this->context->transport->paginator->pageCount = $pageCount;
@ -453,9 +468,11 @@ class UserController
 		$this->context->user->enableSafety($safety,
 			!$this->context->user->hasEnabledSafety($safety));

-		R::store($this->context->user);
+		if ($this->context->user->accessRank != AccessRank::Anonymous)
+			UserModel::save($this->context->user);
+		AuthController::doReLog();

-		$this->context->transport->success = true;
+		StatusHelper::success();
 	}


@ -487,56 +504,61 @@ class UserController

 		if (InputHelper::get('submit'))
 		{
-			$suppliedName = Model_User::validateUserName($suppliedName);
+			$suppliedName = UserModel::validateUserName($suppliedName);

 			if ($suppliedPassword1 != $suppliedPassword2)
 				throw new SimpleException('Specified passwords must be the same');
-			$suppliedPassword = Model_User::validatePassword($suppliedPassword1);
+			$suppliedPassword = UserModel::validatePassword($suppliedPassword1);

-			$suppliedEmail = Model_User::validateEmail($suppliedEmail);
+			$suppliedEmail = UserModel::validateEmail($suppliedEmail);
 			if (empty($suppliedEmail) and $this->config->registration->needEmailForRegistering)
 				throw new SimpleException('E-mail address is required - you will be sent confirmation e-mail.');

 			//register the user
-			$dbUser = R::dispense('user');
+			$dbUser = UserModel::spawn();
 			$dbUser->name = $suppliedName;
-			$dbUser->pass_salt = md5(mt_rand() . uniqid());
-			$dbUser->pass_hash = Model_User::hashPassword($suppliedPassword, $dbUser->pass_salt);
-			$dbUser->email_unconfirmed = $suppliedEmail;
+			$dbUser->passHash = UserModel::hashPassword($suppliedPassword, $dbUser->passSalt);
+			$dbUser->emailUnconfirmed = $suppliedEmail;

-			//prepare unique registration token
-			do
+			$dbUser->joinDate = time();
+			if (UserModel::getCount() == 0)
 			{
-				$emailToken =  md5(mt_rand() . uniqid());
-			}
-			while (R::findOne('user', 'email_token = ?', [$emailToken]) !== null);
-			$dbUser->email_token = $emailToken;
-
-			$dbUser->join_date = time();
-			if (R::findOne('user') === null)
-			{
-				$dbUser->access_rank = AccessRank::Admin;
-				$dbUser->staff_confirmed = true;
-				$dbUser->email_unconfirmed = null;
-				$dbUser->email_confirmed = $suppliedEmail;
+				//very first user
+				$dbUser->accessRank = AccessRank::Admin;
+				$dbUser->staffConfirmed = true;
+				$dbUser->emailUnconfirmed = null;
+				$dbUser->emailConfirmed = $suppliedEmail;
 			}
 			else
 			{
-				$dbUser->access_rank = AccessRank::Registered;
-				$dbUser->staff_confirmed = false;
-				$dbUser->staff_confirmed = null;
-				if (!empty($dbUser->email_unconfirmed))
-					self::sendEmailConfirmation($dbUser);
+				$dbUser->accessRank = AccessRank::Registered;
+				$dbUser->staffConfirmed = false;
+				$dbUser->staffConfirmed = null;
 			}

 			//save the user to db if everything went okay
-			R::store($dbUser);
-			$this->context->transport->success = true;
+			UserModel::save($dbUser);
+
+			if (!empty($dbUser->emailUnconfirmed))
+				self::sendEmailChangeConfirmation($dbUser);
+
+			$message = 'Congratulations, your account was created.';
+			if (!empty($this->context->mailSent))
+			{
+				$message .= ' Please wait for activation e-mail.';
+				if ($this->config->registration->staffActivation)
+					$message .= ' After this, your registration must be confirmed by staff.';
+			}
+			elseif ($this->config->registration->staffActivation)
+				$message .= ' Your registration must be now confirmed by staff.';
+
+			LogHelper::log('{subject} just signed up', ['subject' => TextHelper::reprUser($dbUser)]);
+			StatusHelper::success($message);

 			if (!$this->config->registration->needEmailForRegistering and !$this->config->registration->staffActivation)
 			{
-				$_SESSION['user-id'] = $dbUser->id;
-				\Chibi\Registry::getBootstrap()->attachUser();
+				$this->context->user = $dbUser;
+				AuthController::doReLog();
 			}
 		}
 	}
@ -549,26 +571,110 @@ class UserController
 	public function activationAction($token)
 	{
 		$this->context->subTitle = 'account activation';
+		$this->context->viewName = 'message';

-		if (empty($token))
-			throw new SimpleException('Invalid activation token');
+		$dbToken = TokenModel::findByToken($token);
+		TokenModel::checkValidity($dbToken);

-		$dbUser = R::findOne('user', 'email_token = ?', [$token]);
-		if ($dbUser === null)
-			throw new SimpleException('No user with such activation token');
+		$dbUser = $dbToken->getUser();
+		$dbUser->emailConfirmed = $dbUser->emailUnconfirmed;
+		$dbUser->emailUnconfirmed = null;
+		$dbToken->used = true;
+		TokenModel::save($dbToken);
+		UserModel::save($dbUser);

-		if (!$dbUser->email_unconfirmed)
-			throw new SimpleException('This user was already activated');
-
-		$dbUser->email_confirmed = $dbUser->email_unconfirmed;
-		$dbUser->email_unconfirmed = null;
-		R::store($dbUser);
-		$this->context->transport->success = true;
+		LogHelper::log('{subject} just activated account', ['subject' => TextHelper::reprUser($dbUser)]);
+		$message = 'Activation completed successfully.';
+		if ($this->config->registration->staffActivation)
+			$message .= ' However, your account still must be confirmed by staff.';
+		StatusHelper::success($message);

 		if (!$this->config->registration->staffActivation)
 		{
-			$_SESSION['user-id'] = $dbUser->id;
-			\Chibi\Registry::getBootstrap()->attachUser();
+			$this->context->user = $dbUser;
+			AuthController::doReLog();
+		}
+	}
+
+
+
+	/**
+	* @route /password-reset/{token}
+	*/
+	public function passwordResetAction($token)
+	{
+		$this->context->subTitle = 'password reset';
+		$this->context->viewName = 'message';
+
+		$dbToken = TokenModel::findByToken($token);
+		TokenModel::checkValidity($dbToken);
+
+		$alphabet = array_merge(range('A', 'Z'), range('a', 'z'), range('0', '9'));
+		$randomPassword = join('', array_map(function($x) use ($alphabet)
+		{
+			return $alphabet[$x];
+		}, array_rand($alphabet, 8)));
+
+		$dbUser = $dbToken->getUser();
+		$dbUser->passHash = UserModel::hashPassword($randomPassword, $dbUser->passSalt);
+		$dbToken->used = true;
+		TokenModel::save($dbToken);
+		UserModel::save($dbUser);
+
+		LogHelper::log('{subject} just reset password', ['subject' => TextHelper::reprUser($dbUser)]);
+		$message = 'Password reset successful. Your new password is **' . $randomPassword . '**.';
+		StatusHelper::success($message);
+
+		$this->context->user = $dbUser;
+		AuthController::doReLog();
+	}
+
+
+
+
+	/**
+	* @route /password-reset-proxy
+	*/
+	public function passwordResetProxyAction()
+	{
+		$this->context->subTtile = 'password reset';
+		$this->context->viewName = 'user-select';
+		$this->context->stylesheets []= 'auth.css';
+
+		if (InputHelper::get('submit'))
+		{
+			$name = InputHelper::get('name');
+			$user = UserModel::findByNameOrEmail($name);
+			if (empty($user->emailConfirmed))
+				throw new SimpleException('This user has no e-mail confirmed; password reset cannot proceed');
+
+			self::sendPasswordResetConfirmation($user);
+			StatusHelper::success('E-mail sent. Follow instructions to reset password.');
+		}
+	}
+
+	/**
+	* @route /activation-proxy
+	*/
+	public function activationProxyAction()
+	{
+		$this->context->subTitle = 'account activation';
+		$this->context->viewName = 'user-select';
+		$this->context->stylesheets []= 'auth.css';
+
+		if (InputHelper::get('submit'))
+		{
+			$name = InputHelper::get('name');
+			$user = UserModel::findByNameOrEmail($name);
+			if (empty($user->emailUnconfirmed))
+			{
+				if (!empty($user->emailConfirmed))
+					throw new SimpleException('E-mail was already confirmed; activation skipped');
+				else
+					throw new SimpleException('This user has no e-mail specified; activation cannot proceed');
+			}
+			self::sendEmailChangeConfirmation($user);
+			StatusHelper::success('Activation e-mail resent.');
 		}
 	}
 }
--- a/src/CustomMarkdown.php
+++ b/src/CustomMarkdown.php
@ -1,42 +1,148 @@
 <?php
 class CustomMarkdown extends \Michelf\Markdown
 {
-	public function __construct()
+	protected $simple = false;
+
+	public function __construct($simple = false)
 	{
+		$this->simple = $simple;
 		$this->no_markup = true;
-		$this->span_gamut += ['doSpoilers' => 71];
+		$this->block_gamut += ['doSpoilers' => 71];
+		$this->span_gamut += ['doSearchPermalinks' => 72];
+		$this->span_gamut += ['doStrike' => 6];
+		$this->span_gamut += ['doUsers' => 7];
 		$this->span_gamut += ['doPosts' => 8];
 		$this->span_gamut += ['doTags' => 9];
+		$this->span_gamut += ['doAutoLinks2' => 29];
+
+		//fix italics/bold in the middle of sentence
+		$prop = ['em_relist', 'strong_relist', 'em_strong_relist'];
+		for ($i = 0; $i < 3; $i ++)
+		{
+			$this->{$prop[$i]}[''] = '(?:(?<!\*)' . str_repeat('\*', $i + 1) . '(?!\*)|(?<![a-zA-Z0-9_])' . str_repeat('_', $i + 1) . '(?!_))(?=\S|$)(?![\.,:;]\s)';
+			$this->{$prop[$i]}[str_repeat('*', $i + 1)] = '(?<=\S|^)(?<!\*)' . str_repeat('\*', $i + 1) . '(?!\*)';
+			$this->{$prop[$i]}[str_repeat('_', $i + 1)] = '(?<=\S|^)(?<!_)' . str_repeat('_', $i + 1) . '(?![a-zA-Z0-9_])';
+		}
+
 		parent::__construct();
 	}

+	protected function formParagraphs($text)
+	{
+		if ($this->simple)
+		{
+			$text = preg_replace('/\A\n+|\n+\z/', '', $text);
+			$grafs = preg_split('/\n{2,}/', $text, -1, PREG_SPLIT_NO_EMPTY);
+			foreach ($grafs as $key => $value)
+			{
+				if (!preg_match('/^B\x1A[0-9]+B$/', $value))
+				{
+					$value = $this->runSpanGamut($value);
+					$grafs[$key] = $this->unhash($value);
+				}
+				else
+				{
+					$grafs[$key] = $this->html_hashes[$value];
+				}
+			}
+			return implode("\n\n", $grafs);
+		}
+		return parent::formParagraphs($text);
+	}
+
+	public static function simpleTransform($text)
+	{
+		$parser = new self(true);
+		return $parser->transform($text);
+	}
+
+	protected function doAutoLinks2($text)
+	{
+		$text = preg_replace_callback('{(?<!<)((https?|ftp):[^\'"><\s(){}]+)}i', [&$this, '_doAutoLinks_url_callback'], $text);
+		$text = preg_replace_callback('{(?<![^\s\(\)\[\]])(www\.[^\'"><\s(){}]+)}i', [&$this, '_doAutoLinks_url_callback'], $text);
+		return $text;
+	}
+
+	protected function _doAnchors_inline_callback($matches)
+	{
+		if ($matches[3] == '')
+			$url = &$matches[4];
+		else
+			$url = &$matches[3];
+		if (!preg_match('/^((https?|ftp):|)\/\//', $url))
+			$url = 'http://' . $url;
+		return parent::_doAnchors_inline_callback($matches);
+	}
+
+	protected function _doCodeBlocks_callback($matches) {
+		$codeblock = $matches[1];
+
+		$codeblock = $this->outdent($codeblock);
+		$codeblock = htmlspecialchars($codeblock, ENT_NOQUOTES);
+
+		$codeblock = preg_replace('/\A\n+|\n+\z/', '', $codeblock);
+		$codeblock = preg_replace('/\n/', '<br/>', $codeblock);
+		$codeblock = preg_replace('/\t/', '&tab;', $codeblock);
+		$codeblock = preg_replace('/ /', '&nbsp;', $codeblock);
+
+		$codeblock = "<pre><code>$codeblock\n</code></pre>";
+		return "\n\n".$this->hashBlock($codeblock)."\n\n";
+	}
+
+
 	protected function doHardBreaks($text)
 	{
-		return preg_replace_callback('/\n/', array(&$this, '_doHardBreaks_callback'), $text);
+		return preg_replace_callback('/\n(?=[\[\]\(\)\w])/', [&$this, '_doHardBreaks_callback'], $text);
+	}
+
+	protected function doStrike($text)
+	{
+		return preg_replace_callback('{(~~|---)([^~]+)\1}', function($x)
+		{
+			return $this->hashPart('<del>' . $x[2] . '</del>');
+		}, $text);
 	}

 	protected function doSpoilers($text)
 	{
 		if (is_array($text))
-		{
-			$text = $this->hashPart('<span class="spoiler">') . $text[1] . $this->hashPart('</span>');
-		}
+			$text = $this->hashBlock('<span class="spoiler">') . $this->runSpanGamut($text[1]) . $this->hashBlock('</span>');
 		return preg_replace_callback('{\[spoiler\]((?:[^\[]|\[(?!\/?spoiler\])|(?R))+)\[\/spoiler\]}is', [__CLASS__, 'doSpoilers'], $text);
 	}

 	protected function doPosts($text)
 	{
-		return preg_replace_callback('/@(\d+)/', function($x)
+		$link = \Chibi\UrlHelper::route('post', 'view', ['id' => '_post_']);
+		return preg_replace_callback('/(?:(?<![^\s\(\)\[\]]))@(\d+)/', function($x) use ($link)
 		{
-			return $this->hashPart('<a href="' . \Chibi\UrlHelper::route('post', 'view', ['id' => $x[1]]) . '">') . $x[0] . $this->hashPart('</a>');
+			return $this->hashPart('<a href="' . str_replace('_post_', $x[1], $link) . '">' . $x[0] . '</a>');
 		}, $text);
 	}

 	protected function doTags($text)
 	{
-		return preg_replace_callback('/#([a-zA-Z0-9_-]+)/', function($x)
+		$link = \Chibi\UrlHelper::route('post', 'list', ['query' => '_query_']);
+		return preg_replace_callback('/(?:(?<![^\s\(\)\[\]]))#([a-zA-Z0-9_-]+)/', function($x) use ($link)
 		{
-			return $this->hashPart('<a href="' . \Chibi\UrlHelper::route('post', 'list', ['query' => $x[1]]) . '">') . $x[0] . $this->hashPart('</a>');
+			return $this->hashPart('<a href="' . str_replace('_query_', $x[1], $link) . '">' . $x[0] . '</a>');
+		}, $text);
+	}
+
+	protected function doUsers($text)
+	{
+		$link = \Chibi\UrlHelper::route('user', 'view', ['name' => '_name_']);
+		return preg_replace_callback('/(?:(?<![^\s\(\)\[\]]))\+([a-zA-Z0-9_-]+)/', function($x) use ($link)
+		{
+			return $this->hashPart('<a href="' . str_replace('_name_', $x[1], $link) . '">' . $x[0] . '</a>');
+		}, $text);
+	}
+
+	protected function doSearchPermalinks($text)
+	{
+		$link = \Chibi\UrlHelper::route('post', 'list', ['query' => '_query_']);
+		return preg_replace_callback('{\[search\]((?:[^\[]|\[(?!\/?search\]))+)\[\/search\]}is', function($x) use ($link)
+		{
+			return $this->hashPart('<a href="' . str_replace('_query_', urlencode($x[1]), $link) . '">' . $x[1] . '</a>');
 		}, $text);
 	}
 }
--- a/src/Database.php
+++ b/src/Database.php
@ -0,0 +1,118 @@
+<?php
+class Database
+{
+	protected static $pdo = null;
+	protected static $queries = [];
+
+	public static function connect($driver, $location, $user, $pass)
+	{
+		if (self::connected())
+			throw new Exception('Database is already connected');
+
+		$dsn = $driver . ':' . $location;
+		try
+		{
+			self::$pdo = new PDO($dsn, $user, $pass);
+			self::$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+			self::$pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
+			self::$pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
+		}
+		catch (Exception $e)
+		{
+			self::$pdo = null;
+			throw $e;
+		}
+	}
+
+	public static function makeStatement(SqlQuery $sqlQuery)
+	{
+		try
+		{
+			$stmt = self::$pdo->prepare($sqlQuery->getSql());
+		}
+		catch (Exception $e)
+		{
+			throw new Exception('Problem with ' . $sqlQuery->getSql() . ' (' . $e->getMessage() . ')');
+		}
+		foreach ($sqlQuery->getBindings() as $key => $value)
+			$stmt->bindValue(is_numeric($key) ? $key + 1 : $key, $value);
+		return $stmt;
+	}
+
+	public static function disconnect()
+	{
+		self::$pdo = null;
+	}
+
+	public static function connected()
+	{
+		return self::$pdo !== null;
+	}
+
+	public static function query(SqlQuery $sqlQuery)
+	{
+		if (!self::connected())
+			throw new Exception('Database is not connected');
+		$statement = self::makeStatement($sqlQuery);
+		try
+		{
+			$statement->execute();
+		}
+		catch (Exception $e)
+		{
+			throw new Exception('Problem with ' . $sqlQuery->getSql() . ' (' . $e->getMessage() . ')');
+		}
+		self::$queries []= $sqlQuery;
+		return $statement;
+	}
+
+	public static function fetchOne(SqlQuery $sqlQuery)
+	{
+		$statement = self::query($sqlQuery);
+		return $statement->fetch();
+	}
+
+	public static function fetchAll(SqlQuery $sqlQuery)
+	{
+		$statement = self::query($sqlQuery);
+		return $statement->fetchAll();
+	}
+
+	public static function getLogs()
+	{
+		return self::$queries;
+	}
+
+	public static function inTransaction()
+	{
+		return self::$pdo->inTransaction();
+	}
+
+	public static function lastInsertId()
+	{
+		return self::$pdo->lastInsertId();
+	}
+
+	public static function transaction($func)
+	{
+		if (self::inTransaction())
+		{
+			return $func();
+		}
+		else
+		{
+			try
+			{
+				self::$pdo->beginTransaction();
+				$ret = $func();
+				self::$pdo->commit();
+				return $ret;
+			}
+			catch (Exception $e)
+			{
+				self::$pdo->rollBack();
+				throw $e;
+			}
+		}
+	}
+}
--- a/src/Helpers/BenchmarkHelper.php
+++ b/src/Helpers/BenchmarkHelper.php
@ -0,0 +1,20 @@
+<?php
+class BenchmarkHelper
+{
+	protected static $lastTime;
+
+	public static function init()
+	{
+		self::$lastTime = microtime(true);
+	}
+
+	public static function tick()
+	{
+		$t = microtime(true);
+		$lt = self::$lastTime;
+		self::$lastTime = $t;
+		return $t - $lt;
+	}
+}
+
+BenchmarkHelper::init();
--- a/src/Helpers/LogHelper.php
+++ b/src/Helpers/LogHelper.php
@ -0,0 +1,99 @@
+<?php
+class LogHelper
+{
+	static $context;
+	static $config;
+	static $autoFlush;
+	static $buffer;
+
+	public static function init()
+	{
+		self::$autoFlush = true;
+		self::$buffer = [];
+	}
+
+	public static function bufferChanges()
+	{
+		self::$autoFlush = false;
+	}
+
+	public static function flush()
+	{
+		$fh = fopen(self::getLogPath(), 'ab');
+		if (!$fh)
+			throw new SimpleException('Cannot write to log files');
+		if (flock($fh, LOCK_EX))
+		{
+			foreach (self::$buffer as $logEvent)
+				fwrite($fh, $logEvent->getFullText() . PHP_EOL);
+			fflush($fh);
+			flock($fh, LOCK_UN);
+			fclose($fh);
+		}
+		self::$buffer = [];
+		self::$autoFlush = true;
+	}
+
+	public static function getLogPath()
+	{
+		return TextHelper::absolutePath(
+			\Chibi\Registry::getConfig()->main->logsPath . DS . date('Y-m') . '.log');
+	}
+
+	public static function log($text, array $tokens = [])
+	{
+		self::$buffer []= new LogEvent($text, $tokens);
+		if (self::$autoFlush)
+			self::flush();
+	}
+
+	//methods for manipulating buffered logs
+	public static function getBuffer()
+	{
+		return self::$buffer;
+	}
+
+	public static function setBuffer(array $buffer)
+	{
+		self::$buffer = $buffer;
+	}
+}
+
+class LogEvent
+{
+	public $timestamp;
+	public $text;
+	public $ip;
+	public $tokens;
+
+	public function __construct($text, array $tokens = [])
+	{
+		$this->timestamp = time();
+		$this->text = $text;
+		$this->ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '0.0.0.0';
+
+		$context = \Chibi\Registry::getContext();
+		$tokens['anon'] = UserModel::getAnonymousName();
+		if ($context->loggedIn and isset($context->user))
+			$tokens['user'] = TextHelper::reprUser($context->user->name);
+		else
+			$tokens['user'] = $tokens['anon'];
+		$this->tokens = $tokens;
+	}
+
+	public function getText()
+	{
+		return TextHelper::replaceTokens($this->text, $this->tokens);
+	}
+
+	public function getFullText()
+	{
+		$date = date('Y-m-d H:i:s', $this->timestamp);
+		$ip = $this->ip;
+		$text = $this->getText();
+		$line = sprintf('[%s] %s: %s', $date, $ip, $text);
+		return $line;
+	}
+}
+
+LogHelper::init();
--- a/src/Helpers/PrivilegesHelper.php
+++ b/src/Helpers/PrivilegesHelper.php
@ -22,6 +22,9 @@ class PrivilegesHelper

 	public static function confirm($privilege, $subPrivilege = null)
 	{
+		if (php_sapi_name() == 'cli')
+			return true;
+
 		$user = \Chibi\Registry::getContext()->user;
 		$minAccessRank = AccessRank::Admin;

@ -39,7 +42,7 @@ class PrivilegesHelper
 			}
 		}

-		return intval($user->access_rank) >= $minAccessRank;
+		return intval($user->accessRank) >= $minAccessRank;
 	}

 	public static function confirmWithException($privilege, $subPrivilege = null)
@ -53,16 +56,29 @@ class PrivilegesHelper
 	public static function getIdentitySubPrivilege($user)
 	{
 		if (!$user)
-			return false;
+			return 'all';
 		$userFromContext = \Chibi\Registry::getContext()->user;
 		return $user->id == $userFromContext->id ? 'own' : 'all';
 	}

 	public static function confirmEmail($user)
 	{
-		if (!$user->email_confirmed)
+		if (!$user->emailConfirmed)
 			throw new SimpleException('Need e-mail address confirmation to continue');
 	}
+
+	public static function getAllowedSafety()
+	{
+		if (php_sapi_name() == 'cli')
+			return PostSafety::getAll();
+
+		$context = \Chibi\Registry::getContext();
+		return array_filter(PostSafety::getAll(), function($safety) use ($context)
+		{
+			return PrivilegesHelper::confirm(Privilege::ListPosts, PostSafety::toString($safety)) and
+				$context->user->hasEnabledSafety($safety);
+		});
+	}
 }

 PrivilegesHelper::init();
--- a/src/Helpers/SessionHelper.php
+++ b/src/Helpers/SessionHelper.php
@ -0,0 +1,15 @@
+<?php
+class SessionHelper
+{
+	public static function get($key, $default = null)
+	{
+		if (!isset($_SESSION[$key]))
+			return $default;
+		return $_SESSION[$key];
+	}
+
+	public static function set($key, $value)
+	{
+		$_SESSION[$key] = $value;
+	}
+}
--- a/src/Helpers/StatusHelper.php
+++ b/src/Helpers/StatusHelper.php
@ -0,0 +1,30 @@
+<?php
+class StatusHelper
+{
+	private static function flag($success, $message = null)
+	{
+		$context = \Chibi\Registry::getContext();
+		if (!empty($message))
+		{
+			$context->transport->message = $message;
+			$context->transport->messageHtml = TextHelper::parseMarkdown($message, true);
+		}
+		$context->transport->success = $success;
+	}
+
+	public static function init()
+	{
+		$context = \Chibi\Registry::getContext();
+		$context->transport->success = null;
+	}
+
+	public static function success($message = null)
+	{
+		self::flag(true, $message);
+	}
+
+	public static function failure($message = null)
+	{
+		self::flag(false, $message);
+	}
+}
--- a/src/Helpers/TextHelper.php
+++ b/src/Helpers/TextHelper.php
@ -17,6 +17,18 @@ class TextHelper
 		return $text;
 	}

+	//todo: convert to enum and make one method
+	public static function snakeCaseToCamelCase($string, $lower = false)
+	{
+		$string = preg_split('/_/', $string);
+		$string = array_map('trim', $string);
+		$string = array_map('ucfirst', $string);
+		$string = join('', $string);
+		if ($lower)
+			$string = lcfirst($string);
+		return $string;
+	}
+
 	public static function kebabCaseToCamelCase($string)
 	{
 		$string = preg_split('/-/', $string);
@ -48,6 +60,14 @@ class TextHelper
 		return $string;
 	}

+	public static function humanCaseToKebabCase($string)
+	{
+		$string = trim($string);
+		$string = str_replace(' ', '-', $string);
+		$string = strtolower($string);
+		return $string;
+	}
+
 	public static function resolveConstant($constantName, $className = null)
 	{
 		$constantName = self::kebabCaseToCamelCase($constantName);
@ -138,38 +158,60 @@ class TextHelper
 	public static function jsonEncode($obj, $illegalKeysRegex = '')
 	{
 		if (is_array($obj))
+			$set = function($key, $val) use ($obj) { $obj[$key] = $val; };
+		else
+			$set = function($key, $val) use ($obj) { $obj->$key = $val; };
+
+		foreach ($obj as $key => $val)
 		{
-			foreach ($obj as $key => $val)
+			if ($val instanceof Exception)
 			{
-				if ($val instanceof RedBean_OODBBean)
-				{
-					$obj[$key] = R::exportAll($val);
-				}
-			}
-		}
-		elseif (is_object($obj))
-		{
-			foreach ($obj as $key => $val)
-			{
-				if ($val instanceof RedBean_OODBBean)
-				{
-					$obj->$key = R::exportAll($val);
-				}
+				$set($key, ['message' => $val->getMessage(), 'trace' => explode("\n", $val->getTraceAsString())]);
 			}
 		}

 		if (!empty($illegalKeysRegex))
 			self::removeUnsafeKeys($obj, $illegalKeysRegex);

-		return json_encode($obj);
+		return json_encode($obj, JSON_UNESCAPED_UNICODE);
 	}

-	public static function parseMarkdown($text, $inline = false)
+	public static function parseMarkdown($text, $simple = false)
 	{
-		$output = CustomMarkdown::defaultTransform($text);
-		if ($inline)
-			$output = preg_replace('{</?p>}', '', $output);
-		return $output;
+		if ($simple)
+			return CustomMarkdown::simpleTransform($text);
+		else
+			return CustomMarkdown::defaultTransform($text);
+	}
+
+	public static function reprPost($post)
+	{
+		if (!is_object($post))
+			return '@' . $post;
+		return '@' . $post->id;
+	}
+
+	public static function reprUser($user)
+	{
+		if (!is_object($user))
+			return '+' . $user;
+		return '+' . $user->name;
+	}
+
+	public static function reprTag($tag)
+	{
+		if (!is_object($tag))
+			return '#' . $tag;
+		return '#' . $tag->name;
+	}
+
+	public static function reprTags($tags)
+	{
+		$x = [];
+		foreach ($tags as $tag)
+			$x []= self::reprTag($tag);
+		natcasesort($x);
+		return join(', ', $x);
 	}

 	public static function encrypt($text)
@ -189,4 +231,50 @@ class TextHelper
 		$iv = mcrypt_create_iv(mcrypt_get_iv_size($alg, $mode), MCRYPT_RAND);
 		return trim(mcrypt_decrypt($alg, $salt, base64_decode($text), $mode, $iv));
 	}
+
+	public static function cleanPath($path)
+	{
+		$path = str_replace(['/', '\\'], DS, $path);
+		$path = preg_replace('{[^' . DS . ']+' . DS . '\.\.(' . DS . '|$)}', '', $path);
+		$path = preg_replace('{(' . DS . '|^)\.' . DS . '}', '\1', $path);
+		$path = preg_replace('{' . DS . '{2,}}', DS, $path);
+		$path = rtrim($path, DS);
+		return $path;
+	}
+
+	public static function absolutePath($path)
+	{
+		if ($path{0} != DS)
+			$path = \Chibi\Registry::getContext()->rootDir . DS . $path;
+
+		$path = self::cleanPath($path);
+		return $path;
+	}
+
+	const HTML_OPEN = 1;
+	const HTML_CLOSE = 2;
+	const HTML_LEAF = 3;
+
+	public static function htmlTag($tagName, $tagStyle, array $attributes = [])
+	{
+		$html = '<';
+		if ($tagStyle == self::HTML_CLOSE)
+			$html .= '/';
+
+		$html .= $tagName;
+
+		if ($tagStyle == self::HTML_OPEN or $tagStyle == self::HTML_LEAF)
+		{
+			foreach ($attributes as $key => $value)
+			{
+				$html .= ' ' . $key . '="' . $value . '"';
+			}
+		}
+
+		if ($tagStyle == self::HTML_LEAF)
+			$html .= '/';
+		$html .= '>';
+
+		return $html;
+	}
 }
--- a/src/Models/AbstractCrudModel.php
+++ b/src/Models/AbstractCrudModel.php
@ -0,0 +1,136 @@
+<?php
+abstract class AbstractCrudModel implements IModel
+{
+	public static function spawn()
+	{
+		$entityClassName = static::getEntityClassName();
+		return new $entityClassName();
+	}
+
+	public static function remove($entities)
+	{
+		throw new NotImplementedException();
+	}
+
+	public static function save($entity)
+	{
+		throw new NotImplementedException();
+	}
+
+
+
+	public static function findById($key, $throw = true)
+	{
+		$query = (new SqlQuery)
+			->select('*')
+			->from(static::getTableName())
+			->where('id = ?')->put($key);
+
+		$row = Database::fetchOne($query);
+		if ($row)
+			return self::convertRow($row);
+
+		if ($throw)
+			throw new SimpleException('Invalid ' . static::getTableName() . ' ID "' . $key . '"');
+		return null;
+	}
+
+	public static function findByIds(array $ids)
+	{
+		$query = (new SqlQuery)
+			->select('*')
+			->from(static::getTableName())
+			->where('id')->in()->genSlots($ids)->put($ids);
+
+		$rows = Database::fetchAll($query);
+		if ($rows)
+			return self::convertRows($rows);
+
+		return [];
+	}
+
+	public static function getCount()
+	{
+		$query = new SqlQuery();
+		$query->select('count(1)')->as('count')->from(static::getTableName());
+		return Database::fetchOne($query)['count'];
+	}
+
+
+
+
+	public static function getEntityClassName()
+	{
+		$modelClassName = get_called_class();
+		$entityClassName = str_replace('Model', 'Entity', $modelClassName);
+		return $entityClassName;
+	}
+
+	public static function convertRow($row)
+	{
+		$entity = self::spawn();
+		foreach ($row as $key => $val)
+		{
+			$key = TextHelper::snakeCaseToCamelCase($key, true);
+			$entity->$key = $val;
+		}
+		return $entity;
+	}
+
+	public static function convertRows(array $rows)
+	{
+		foreach ($rows as $i => $row)
+			$rows[$i] = self::convertRow($row);
+		return $rows;
+	}
+
+
+
+	public static function forgeId($entity)
+	{
+		$table = static::getTableName();
+		if (!Database::inTransaction())
+			throw new Exception('Can be run only within transaction');
+		if (!$entity->id)
+		{
+			$config = \Chibi\Registry::getConfig();
+			$query = (new SqlQuery);
+			if ($config->main->dbDriver == 'sqlite')
+				$query->insertInto($table)->defaultValues();
+			else
+				$query->insertInto($table)->values()->open()->close();
+			Database::query($query);
+			$entity->id = Database::lastInsertId();
+		}
+	}
+
+	public static function preloadOneToMany($entities,
+		$foreignEntityLocalSelector,
+		$foreignEntityForeignSelector,
+		$foreignEntityProcessor,
+		$foreignEntitySetter)
+	{
+		if (empty($entities))
+			return;
+
+		$foreignIds = [];
+		$entityMap = [];
+		foreach ($entities as $entity)
+		{
+			$foreignId = $foreignEntityLocalSelector($entity);
+			if (!isset($entityMap[$foreignId]))
+				$entityMap[$foreignId] = [];
+			$entityMap[$foreignId] []= $entity;
+			$foreignIds []= $foreignId;
+		}
+
+		$foreignEntities = $foreignEntityProcessor($foreignIds);
+
+		foreach ($foreignEntities as $foreignEntity)
+		{
+			$key = $foreignEntityForeignSelector($foreignEntity);
+			foreach ($entityMap[$key] as $entity)
+				$foreignEntitySetter($entity, $foreignEntity);
+		}
+	}
+}
--- a/src/Models/CommentModel.php
+++ b/src/Models/CommentModel.php
@ -0,0 +1,101 @@
+<?php
+class CommentModel extends AbstractCrudModel
+{
+	public static function getTableName()
+	{
+		return 'comment';
+	}
+
+	public static function spawn()
+	{
+		$comment = new CommentEntity;
+		$comment->commentDate = time();
+		return $comment;
+	}
+
+	public static function save($comment)
+	{
+		Database::transaction(function() use ($comment)
+		{
+			self::forgeId($comment);
+
+			$bindings = [
+				'text' => $comment->text,
+				'post_id' => $comment->postId,
+				'comment_date' => $comment->commentDate,
+				'commenter_id' => $comment->commenterId];
+
+			$query = (new SqlQuery)
+				->update('comment')
+				->set(join(', ', array_map(function($key) { return $key . ' = ?'; }, array_keys($bindings))))
+				->put(array_values($bindings))
+				->where('id = ?')->put($comment->id);
+
+			Database::query($query);
+		});
+	}
+
+	public static function remove($comment)
+	{
+		Database::transaction(function() use ($comment)
+		{
+			$query = (new SqlQuery)
+				->deleteFrom('comment')
+				->where('id = ?')->put($comment->id);
+			Database::query($query);
+		});
+	}
+
+
+
+	public static function findAllByPostId($key)
+	{
+		$query = new SqlQuery();
+		$query
+			->select('comment.*')
+			->from('comment')
+			->where('post_id = ?')
+			->put($key);
+
+		$rows = Database::fetchAll($query);
+		if ($rows)
+			return self::convertRows($rows);
+		return [];
+	}
+
+
+
+	public static function preloadCommenters($comments)
+	{
+		self::preloadOneToMany($comments,
+			function($comment) { return $comment->commenterId; },
+			function($user) { return $user->id; },
+			function($userIds) { return UserModel::findByIds($userIds); },
+			function($comment, $user) { return $comment->setCache('commenter', $user); });
+	}
+
+	public static function preloadPosts($comments)
+	{
+		self::preloadOneToMany($comments,
+			function($comment) { return $comment->postId; },
+			function($post) { return $post->id; },
+			function($postIds) { return PostModel::findByIds($postIds); },
+			function($comment, $post) { $comment->setCache('post', $post); });
+	}
+
+
+
+	public static function validateText($text)
+	{
+		$text = trim($text);
+		$config = \Chibi\Registry::getConfig();
+
+		if (strlen($text) < $config->comments->minLength)
+			throw new SimpleException(sprintf('Comment must have at least %d characters', $config->comments->minLength));
+
+		if (strlen($text) > $config->comments->maxLength)
+			throw new SimpleException(sprintf('Comment must have at most %d characters', $config->comments->maxLength));
+
+		return $text;
+	}
+}
--- a/src/Models/Entities/AbstractEntity.php
+++ b/src/Models/Entities/AbstractEntity.php
@ -0,0 +1,23 @@
+<?php
+class AbstractEntity
+{
+	public $id;
+	protected $__cache;
+
+	public function setCache($key, $value)
+	{
+		$this->__cache[$key] = $value;
+	}
+
+	public function getCache($key)
+	{
+		return isset($this->__cache[$key])
+			? $this->__cache[$key]
+			: null;
+	}
+
+	public function hasCache($key)
+	{
+		return isset($this->__cache[$key]);
+	}
+}
--- a/src/Models/Entities/CommentEntity.php
+++ b/src/Models/Entities/CommentEntity.php
@ -0,0 +1,43 @@
+<?php
+class CommentEntity extends AbstractEntity
+{
+	public $text;
+	public $postId;
+	public $commentDate;
+	public $commenterId;
+
+	public function getText()
+	{
+		return TextHelper::parseMarkdown($this->text);
+	}
+
+	public function setPost($post)
+	{
+		$this->setCache('post', $post);
+		$this->postId = $post->id;
+	}
+
+	public function setCommenter($user)
+	{
+		$this->setCache('commenter', $user);
+		$this->commenterId = $user ? $user->id : null;
+	}
+
+	public function getPost()
+	{
+		if ($this->hasCache('post'))
+			return $this->getCache('post');
+		$post = PostModel::findById($this->postId);
+		$this->setCache('post', $post);
+		return $post;
+	}
+
+	public function getCommenter()
+	{
+		if ($this->hasCache('commenter'))
+			return $this->getCache('commenter');
+		$user = UserModel::findById($this->commenterId, false);
+		$this->setCache('commenter', $user);
+		return $user;
+	}
+}
--- a/src/Models/Entities/PostEntity.php
+++ b/src/Models/Entities/PostEntity.php
@ -0,0 +1,422 @@
+<?php
+class PostEntity extends AbstractEntity
+{
+	public $type;
+	public $name;
+	public $origName;
+	public $fileHash;
+	public $fileSize;
+	public $mimeType;
+	public $safety;
+	public $hidden;
+	public $uploadDate;
+	public $imageWidth;
+	public $imageHeight;
+	public $uploaderId;
+	public $source;
+
+	public function getUploader()
+	{
+		if ($this->hasCache('uploader'))
+			return $this->getCache('uploader');
+		$uploader = UserModel::findById($this->uploaderId, false);
+		$this->setCache('uploader', $uploader);
+		return $uploader;
+	}
+
+	public function setUploader($user)
+	{
+		$this->uploaderId = $user->id;
+		$this->setCache('uploader', $user);
+	}
+
+
+
+	public function getComments()
+	{
+		if ($this->hasCache('comments'))
+			return $this->getCache('comments');
+		$comments = CommentModel::findAllByPostId($this->id);
+		$this->setCache('comments', $comments);
+		return $comments;
+	}
+
+
+
+
+	public function getFavorites()
+	{
+		if ($this->hasCache('favoritee'))
+			return $this->getCache('favoritee');
+		$query = (new SqlQuery)
+			->select('user.*')
+			->from('user')
+			->innerJoin('favoritee')->on('favoritee.user_id = user.id')
+			->where('favoritee.post_id = ?')->put($this->id);
+		$rows = Database::fetchAll($query);
+		$favorites = UserModel::convertRows($rows);
+		$this->setCache('favoritee', $favorites);
+		return $favorites;
+	}
+
+
+
+	public function getRelations()
+	{
+		if ($this->hasCache('relations'))
+			return $this->getCache('relations');
+
+		$query = (new SqlQuery)
+			->select('post.*')
+			->from('post')
+			->innerJoin('crossref')
+				->on()->open()->raw('post.id = crossref.post2_id')->and('crossref.post_id = ?')->close()->put($this->id)
+				->or()->open()->raw('post.id = crossref.post_id')->and('crossref.post2_id = ?')->close()->put($this->id);
+		$rows = Database::fetchAll($query);
+		$posts = PostModel::convertRows($rows);
+		$this->setCache('relations', $posts);
+		return $posts;
+	}
+
+	public function setRelations(array $relations)
+	{
+		foreach ($relations as $relatedPost)
+			if (!$relatedPost->id)
+				throw new Exception('All related posts must be saved');
+		$uniqueRelations = [];
+		foreach ($relations as $relatedPost)
+			$uniqueRelations[$relatedPost->id] = $relatedPost;
+		$relations = array_values($uniqueRelations);
+		$this->setCache('relations', $relations);
+	}
+
+	public function setRelationsFromText($relationsText)
+	{
+		$config = \Chibi\Registry::getConfig();
+		$relatedIds = array_filter(preg_split('/\D/', $relationsText));
+
+		$relatedPosts = [];
+		foreach ($relatedIds as $relatedId)
+		{
+			if ($relatedId == $this->id)
+				continue;
+
+			if (count($relatedPosts) > $config->browsing->maxRelatedPosts)
+				throw new SimpleException('Too many related posts (maximum: ' . $config->browsing->maxRelatedPosts . ')');
+
+			$relatedPosts []= PostModel::findById($relatedId);
+		}
+
+		$this->setRelations($relatedPosts);
+	}
+
+
+
+	public function getTags()
+	{
+		if ($this->hasCache('tags'))
+			return $this->getCache('tags');
+		$tags = TagModel::findAllByPostId($this->id);
+		$this->setCache('tags', $tags);
+		return $tags;
+	}
+
+	public function setTags(array $tags)
+	{
+		foreach ($tags as $tag)
+			if (!$tag->id)
+				throw new Exception('All tags must be saved');
+		$uniqueTags = [];
+		foreach ($tags as $tag)
+			$uniqueTags[$tag->id] = $tag;
+		$tags = array_values($uniqueTags);
+		$this->setCache('tags', $tags);
+	}
+
+	public function setTagsFromText($tagsText)
+	{
+		$tagNames = TagModel::validateTags($tagsText);
+		$tags = [];
+		foreach ($tagNames as $tagName)
+		{
+			$tag = TagModel::findByName($tagName, false);
+			if (!$tag)
+			{
+				$tag = TagModel::spawn();
+				$tag->name = $tagName;
+				TagModel::save($tag);
+			}
+			$tags []= $tag;
+		}
+		$this->setTags($tags);
+	}
+
+	public function isTaggedWith($tagName)
+	{
+		$tagName = trim(strtolower($tagName));
+		foreach ($this->getTags() as $tag)
+			if (trim(strtolower($tag->name)) == $tagName)
+				return true;
+		return false;
+	}
+
+
+
+
+	public function setHidden($hidden)
+	{
+		$this->hidden = boolval($hidden);
+	}
+
+	public function setSafety($safety)
+	{
+		$this->safety = PostModel::validateSafety($safety);
+	}
+
+	public function setSource($source)
+	{
+		$this->source = PostModel::validateSource($source);
+	}
+
+
+	public function getThumbCustomPath($width = null, $height = null)
+	{
+		return PostModel::getThumbCustomPath($this->name, $width, $height);
+	}
+
+	public function getThumbDefaultPath($width = null, $height = null)
+	{
+		return PostModel::getThumbDefaultPath($this->name, $width, $height);
+	}
+
+	public function getFullPath()
+	{
+		return PostModel::getFullPath($this->name);
+	}
+
+	public function hasCustomThumb($width = null, $height = null)
+	{
+		$thumbPath = $this->getThumbCustomPath($width, $height);
+		return file_exists($thumbPath);
+	}
+
+	public function setCustomThumbnailFromPath($srcPath)
+	{
+		$config = \Chibi\Registry::getConfig();
+
+		$mimeType = mime_content_type($srcPath);
+		if (!in_array($mimeType, ['image/gif', 'image/png', 'image/jpeg']))
+			throw new SimpleException('Invalid thumbnail type "' . $mimeType . '"');
+
+		list ($imageWidth, $imageHeight) = getimagesize($srcPath);
+		if ($imageWidth != $config->browsing->thumbWidth)
+			throw new SimpleException('Invalid thumbnail width (should be ' . $config->browsing->thumbWidth . ')');
+		if ($imageHeight != $config->browsing->thumbHeight)
+			throw new SimpleException('Invalid thumbnail height (should be ' . $config->browsing->thumbHeight . ')');
+
+		$dstPath = $this->getThumbCustomPath();
+
+		if (is_uploaded_file($srcPath))
+			move_uploaded_file($srcPath, $dstPath);
+		else
+			rename($srcPath, $dstPath);
+	}
+
+	public function makeThumb($width = null, $height = null)
+	{
+		list ($width, $height) = PostModel::validateThumbSize($width, $height);
+		$dstPath = $this->getThumbDefaultPath($width, $height);
+		$srcPath = $this->getFullPath();
+
+		if ($this->type == PostType::Youtube)
+		{
+			$tmpPath = tempnam(sys_get_temp_dir(), 'thumb') . '.jpg';
+			$contents = file_get_contents('http://img.youtube.com/vi/' . $this->origName . '/mqdefault.jpg');
+			file_put_contents($tmpPath, $contents);
+			if (file_exists($tmpPath))
+				$srcImage = imagecreatefromjpeg($tmpPath);
+		}
+		else switch ($this->mimeType)
+		{
+			case 'image/jpeg':
+				$srcImage = imagecreatefromjpeg($srcPath);
+				break;
+			case 'image/png':
+				$srcImage = imagecreatefrompng($srcPath);
+				break;
+			case 'image/gif':
+				$srcImage = imagecreatefromgif($srcPath);
+				break;
+			case 'application/x-shockwave-flash':
+				$srcImage = null;
+				exec('which dump-gnash', $tmp, $exitCode);
+				if ($exitCode == 0)
+				{
+					$tmpPath = tempnam(sys_get_temp_dir(), 'thumb') . '.png';
+					exec('dump-gnash --screenshot last --screenshot-file ' . $tmpPath . ' -1 -r1 --max-advances 15 ' . $srcPath);
+					if (file_exists($tmpPath))
+						$srcImage = imagecreatefrompng($tmpPath);
+				}
+				if (!$srcImage)
+				{
+					exec('which swfrender', $tmp, $exitCode);
+					if ($exitCode == 0)
+					{
+						$tmpPath = tempnam(sys_get_temp_dir(), 'thumb') . '.png';
+						exec('swfrender ' . $srcPath . ' -o ' . $tmpPath);
+						if (file_exists($tmpPath))
+							$srcImage = imagecreatefrompng($tmpPath);
+					}
+				}
+				break;
+			default:
+				break;
+		}
+
+		if (isset($tmpPath))
+			unlink($tmpPath);
+
+		if (!isset($srcImage))
+			return false;
+
+		$config = \Chibi\Registry::getConfig();
+		switch ($config->browsing->thumbStyle)
+		{
+			case 'outside':
+				$dstImage = ThumbnailHelper::cropOutside($srcImage, $width, $height);
+				break;
+			case 'inside':
+				$dstImage = ThumbnailHelper::cropInside($srcImage, $width, $height);
+				break;
+			default:
+				throw new SimpleException('Unknown thumbnail crop style');
+		}
+
+		imagejpeg($dstImage, $dstPath);
+		imagedestroy($srcImage);
+		imagedestroy($dstImage);
+
+		return true;
+	}
+
+
+
+	public function setContentFromPath($srcPath)
+	{
+		$this->fileSize = filesize($srcPath);
+		$this->fileHash = md5_file($srcPath);
+
+		if ($this->fileSize == 0)
+			throw new SimpleException('Specified file is empty');
+
+		$this->mimeType = mime_content_type($srcPath);
+		switch ($this->mimeType)
+		{
+			case 'image/gif':
+			case 'image/png':
+			case 'image/jpeg':
+				list ($imageWidth, $imageHeight) = getimagesize($srcPath);
+				$this->type = PostType::Image;
+				$this->imageWidth = $imageWidth;
+				$this->imageHeight = $imageHeight;
+				break;
+			case 'application/x-shockwave-flash':
+				list ($imageWidth, $imageHeight) = getimagesize($srcPath);
+				$this->type = PostType::Flash;
+				$this->imageWidth = $imageWidth;
+				$this->imageHeight = $imageHeight;
+				break;
+			default:
+				throw new SimpleException('Invalid file type "' . $this->mimeType . '"');
+		}
+
+		$this->origName = basename($srcPath);
+		$duplicatedPost = PostModel::findByHash($this->fileHash, false);
+		if ($duplicatedPost !== null and (!$this->id or $this->id != $duplicatedPost->id))
+			throw new SimpleException('Duplicate upload: @' . $duplicatedPost->id);
+
+		$dstPath = $this->getFullPath();
+
+		if (is_uploaded_file($srcPath))
+			move_uploaded_file($srcPath, $dstPath);
+		else
+			rename($srcPath, $dstPath);
+
+		$thumbPath = $this->getThumbDefaultPath();
+		if (file_exists($thumbPath))
+			unlink($thumbPath);
+	}
+
+	public function setContentFromUrl($srcUrl)
+	{
+		$this->origName = $srcUrl;
+
+		if (!preg_match('/^https?:\/\//', $srcUrl))
+			throw new SimpleException('Invalid URL "' . $srcUrl . '"');
+
+		if (preg_match('/youtube.com\/watch.*?=([a-zA-Z0-9_-]+)/', $srcUrl, $matches))
+		{
+			$origName = $matches[1];
+			$this->origName = $origName;
+			$this->type = PostType::Youtube;
+			$this->mimeType = null;
+			$this->fileSize = null;
+			$this->fileHash = $origName;
+			$this->imageWidth = null;
+			$this->imageHeight = null;
+
+			$thumbPath = $this->getThumbDefaultPath();
+			if (file_exists($thumbPath))
+				unlink($thumbPath);
+
+			$duplicatedPost = PostModel::findByHash($origName, false);
+			if ($duplicatedPost !== null and (!$this->id or $this->id != $duplicatedPost->id))
+				throw new SimpleException('Duplicate upload: @' . $duplicatedPost->id);
+			return;
+		}
+
+		$srcPath = tempnam(sys_get_temp_dir(), 'upload') . '.dat';
+
+		//warning: low level sh*t ahead
+		//download the URL $srcUrl into $srcPath
+		$maxBytes = TextHelper::stripBytesUnits(ini_get('upload_max_filesize'));
+		set_time_limit(0);
+		$urlFP = fopen($srcUrl, 'rb');
+		if (!$urlFP)
+			throw new SimpleException('Cannot open URL for reading');
+		$srcFP = fopen($srcPath, 'w+b');
+		if (!$srcFP)
+		{
+			fclose($urlFP);
+			throw new SimpleException('Cannot open file for writing');
+		}
+
+		try
+		{
+			while (!feof($urlFP))
+			{
+				$buffer = fread($urlFP, 4 * 1024);
+				if (fwrite($srcFP, $buffer) === false)
+					throw new SimpleException('Cannot write into file');
+				fflush($srcFP);
+				if (ftell($srcFP) > $maxBytes)
+					throw new SimpleException('File is too big (maximum allowed size: ' . TextHelper::useBytesUnits($maxBytes) . ')');
+			}
+		}
+		finally
+		{
+			fclose($urlFP);
+			fclose($srcFP);
+		}
+
+		try
+		{
+			$this->setContentFromPath($srcPath);
+		}
+		finally
+		{
+			if (file_exists($srcPath))
+				unlink($srcPath);
+		}
+	}
+}
--- a/src/Models/Entities/TagEntity.php
+++ b/src/Models/Entities/TagEntity.php
@ -0,0 +1,14 @@
+<?php
+class TagEntity extends AbstractEntity
+{
+	public $name;
+
+	public function getPostCount()
+	{
+		$query = (new SqlQuery)
+			->select('count(*)')->as('count')
+			->from('post_tag')
+			->where('tag_id = ?')->put($this->id);
+		return Database::fetchOne($query)['count'];
+	}
+}
--- a/src/Models/Entities/TokenEntity.php
+++ b/src/Models/Entities/TokenEntity.php
@ -0,0 +1,18 @@
+<?php
+class TokenEntity extends AbstractEntity
+{
+	public $userId;
+	public $token;
+	public $used;
+	public $expires;
+
+	public function getUser()
+	{
+		return UserModel::findById($this->userId);
+	}
+
+	public function setUser($user)
+	{
+		$this->userId = $user ? $user->id : null;
+	}
+}
--- a/src/Models/Entities/UserEntity.php
+++ b/src/Models/Entities/UserEntity.php
@ -0,0 +1,151 @@
+<?php
+class UserEntity extends AbstractEntity
+{
+	public $name;
+	public $passSalt;
+	public $passHash;
+	public $staffConfirmed;
+	public $emailUnconfirmed;
+	public $emailConfirmed;
+	public $joinDate;
+	public $accessRank;
+	public $settings;
+	public $banned;
+
+	public function getAvatarUrl($size = 32)
+	{
+		$subject = !empty($this->emailConfirmed)
+			? $this->emailConfirmed
+			: $this->passSalt . $this->name;
+		$hash = md5(strtolower(trim($subject)));
+		$url = 'http://www.gravatar.com/avatar/' . $hash . '?s=' . $size . '&d=retro';
+		return $url;
+	}
+
+	public function getSetting($key)
+	{
+		$settings = json_decode($this->settings, true);
+		return isset($settings[$key])
+			? $settings[$key]
+			: null;
+	}
+
+	public function setSetting($key, $value)
+	{
+		$settings = json_decode($this->settings, true);
+		$settings[$key] = $value;
+		$settings = json_encode($settings);
+		if (strlen($settings) > 200)
+			throw new SimpleException('Too much data');
+		$this->settings = $settings;
+	}
+
+	public function hasEnabledSafety($safety)
+	{
+		$all = $this->getSetting(UserModel::SETTING_SAFETY);
+		if (!$all)
+			return $safety == PostSafety::Safe;
+		return $all & PostSafety::toFlag($safety);
+	}
+
+	public function enableSafety($safety, $enabled)
+	{
+		$all = $this->getSetting(UserModel::SETTING_SAFETY);
+		if (!$all)
+			$all = PostSafety::toFlag(PostSafety::Safe);
+
+		$new = $all;
+		if (!$enabled)
+		{
+			$new &= ~PostSafety::toFlag($safety);
+			if (!$new)
+				$new = PostSafety::toFlag(PostSafety::Safe);
+		}
+		else
+		{
+			$new |= PostSafety::toFlag($safety);
+		}
+
+		$this->setSetting(UserModel::SETTING_SAFETY, $new);
+	}
+
+	public function hasEnabledHidingDislikedPosts()
+	{
+		$ret = $this->getSetting(UserModel::SETTING_HIDE_DISLIKED_POSTS);
+		if ($ret === null)
+			$ret = !\Chibi\Registry::getConfig()->browsing->showDislikedPostsDefault;
+		return $ret;
+	}
+
+	public function enableHidingDislikedPosts($enabled)
+	{
+		$this->setSetting(UserModel::SETTING_HIDE_DISLIKED_POSTS, $enabled ? 1 : 0);
+	}
+
+	public function hasEnabledPostTagTitles()
+	{
+		$ret = $this->getSetting(UserModel::SETTING_POST_TAG_TITLES);
+		if ($ret === null)
+			$ret = \Chibi\Registry::getConfig()->browsing->showPostTagTitlesDefault;
+		return $ret;
+	}
+
+	public function enablePostTagTitles($enabled)
+	{
+		$this->setSetting(UserModel::SETTING_POST_TAG_TITLES, $enabled ? 1 : 0);
+	}
+
+	public function hasEnabledEndlessScrolling()
+	{
+		$ret = $this->getSetting(UserModel::SETTING_ENDLESS_SCROLLING);
+		if ($ret === null)
+			$ret = \Chibi\Registry::getConfig()->browsing->endlessScrollingDefault;
+		return $ret;
+	}
+
+	public function enableEndlessScrolling($enabled)
+	{
+		$this->setSetting(UserModel::SETTING_ENDLESS_SCROLLING, $enabled ? 1 : 0);
+	}
+
+	public function hasFavorited($post)
+	{
+		$query = (new SqlQuery)
+			->select('count(1)')->as('count')
+			->from('favoritee')
+			->where('user_id = ?')->put($this->id)
+			->and('post_id = ?')->put($post->id);
+		return Database::fetchOne($query)['count'] == 1;
+	}
+
+	public function getScore($post)
+	{
+		$query = (new SqlQuery)
+			->select('score')
+			->from('post_score')
+			->where('user_id = ?')->put($this->id)
+			->and('post_id = ?')->put($post->id);
+		$row = Database::fetchOne($query);
+		if ($row)
+			return intval($row['score']);
+		return null;
+	}
+
+	public function getFavoriteCount()
+	{
+		$sqlQuery = (new SqlQuery)
+			->select('count(1)')->as('count')
+			->from('favoritee')
+			->where('user_id = ?')->put($this->id);
+		return Database::fetchOne($sqlQuery)['count'];
+	}
+
+	public function getCommentCount()
+	{
+		$sqlQuery = (new SqlQuery)
+			->select('count(1)')->as('count')
+			->from('comment')
+			->where('commenter_id = ?')->put($this->id);
+		return Database::fetchOne($sqlQuery)['count'];
+	}
+}
--- a/src/Models/Enums/AccessRank.php
+++ b/src/Models/Enums/AccessRank.php
--- a/src/Models/Enums/PostSafety.php
+++ b/src/Models/Enums/PostSafety.php
--- a/src/Models/Enums/PostType.php
+++ b/src/Models/Enums/PostType.php
--- a/src/Models/Enums/Privilege.php
+++ b/src/Models/Enums/Privilege.php
@ -10,9 +10,13 @@ class Privilege extends Enum
 	const EditPostTags = 7;
 	const EditPostThumb = 8;
 	const EditPostSource = 26;
+	const EditPostRelations = 30;
+	const EditPostFile = 36;
 	const HidePost = 9;
 	const DeletePost = 10;
 	const FeaturePost = 25;
+	const ScorePost = 31;
+	const FlagPost = 34;

 	const ListUsers = 11;
 	const ViewUser = 12;
@ -25,6 +29,7 @@ class Privilege extends Enum
 	const ChangeUserName = 18;
 	const ChangeUserSettings = 28;
 	const DeleteUser = 19;
+	const FlagUser = 35;

 	const ListComments = 20;
 	const AddComment = 23;
@ -33,4 +38,8 @@ class Privilege extends Enum
 	const ListTags = 21;
 	const MergeTags = 27;
 	const RenameTags = 27;
+	const MassTag = 29;
+
+	const ListLogs = 32;
+	const ViewLog = 33;
 }
--- a/src/Models/IModel.php
+++ b/src/Models/IModel.php
@ -0,0 +1,5 @@
+<?php
+interface IModel
+{
+	static function getTableName();
+}
--- a/src/Models/Model_Comment.php
+++ b/src/Models/Model_Comment.php
@ -1,34 +0,0 @@
-<?php
-class Model_Comment extends RedBean_SimpleModel
-{
-	public static function locate($key, $throw = true)
-	{
-		$comment = R::findOne('comment', 'id = ?', [$key]);
-		if (!$comment)
-		{
-			if ($throw)
-				throw new SimpleException('Invalid comment ID "' . $key . '"');
-			return null;
-		}
-		return $comment;
-	}
-
-	public static function validateText($text)
-	{
-		$text = trim($text);
-		$config = \Chibi\Registry::getConfig();
-
-		if (strlen($text) < $config->comments->minLength)
-			throw new SimpleException(sprintf('Comment must have at least %d characters', $config->comments->minLength));
-
-		if (strlen($text) > $config->comments->maxLength)
-			throw new SimpleException(sprintf('Comment must have at most %d characters', $config->comments->maxLength));
-
-		return $text;
-	}
-
-	public function getText()
-	{
-		return TextHelper::parseMarkdown($this->text);
-	}
-}
--- a/src/Models/Model_Post.php
+++ b/src/Models/Model_Post.php
@ -1,49 +0,0 @@
-<?php
-class Model_Post extends RedBean_SimpleModel
-{
-	public static function locate($key, $disallowNumeric = false, $throw = true)
-	{
-		if (is_numeric($key) and !$disallowNumeric)
-		{
-			$post = R::findOne('post', 'id = ?', [$key]);
-			if (!$post)
-			{
-				if ($throw)
-					throw new SimpleException('Invalid post ID "' . $key . '"');
-				return null;
-			}
-		}
-		else
-		{
-			$post = R::findOne('post', 'name = ?', [$key]);
-			if (!$post)
-			{
-				if ($throw)
-					throw new SimpleException('Invalid post name "' . $key . '"');
-				return null;
-			}
-		}
-		return $post;
-	}
-
-	public static function validateSafety($safety)
-	{
-		$safety = intval($safety);
-
-		if (!in_array($safety, PostSafety::getAll()))
-			throw new SimpleException('Invalid safety type "' . $safety . '"');
-
-		return $safety;
-	}
-
-	public static function validateSource($source)
-	{
-		$source = trim($source);
-
-		$maxLength = 100;
-		if (strlen($source) > $maxLength)
-			throw new SimpleException('Source must have at most ' . $maxLength . ' characters');
-
-		return $source;
-	}
-}
--- a/src/Models/Model_Property.php
+++ b/src/Models/Model_Property.php
@ -1,37 +0,0 @@
-<?php
-class Model_Property extends RedBean_SimpleModel
-{
-	const FeaturedPostId = 0;
-	const FeaturedPostUserId = 1;
-	const FeaturedPostDate = 2;
-
-	static $allProperties = null;
-
-	public static function get($propertyId)
-	{
-		if (self::$allProperties === null)
-		{
-			self::$allProperties = [];
-			foreach (R::find('property') as $prop)
-			{
-				self::$allProperties[$prop->prop_id] = $prop->value;
-			}
-		}
-		return isset(self::$allProperties[$propertyId])
-			? self::$allProperties[$propertyId]
-			: null;
-	}
-
-	public static function set($propertyId, $value)
-	{
-		$row = R::findOne('property', 'prop_id = ?', [$propertyId]);
-		if (!$row)
-		{
-			$row = R::dispense('property');
-			$row->prop_id = $propertyId;
-		}
-		$row->value = $value;
-		self::$allProperties[$propertyId] = $value;
-		R::store($row);
-	}
-}
--- a/src/Models/Model_Tag.php
+++ b/src/Models/Model_Tag.php
@ -1,68 +0,0 @@
-<?php
-class Model_Tag extends RedBean_SimpleModel
-{
-	public static function locate($key, $throw = true)
-	{
-		$tag = R::findOne('tag', 'LOWER(name) = LOWER(?)', [$key]);
-		if (!$tag)
-		{
-			if ($throw)
-				throw new SimpleException('Invalid tag name "' . $key . '"');
-			return null;
-		}
-		return $tag;
-	}
-
-	public static function insertOrUpdate($tags)
-	{
-		$dbTags = [];
-		foreach ($tags as $tag)
-		{
-			$dbTag = self::locate($tag, false);
-			if (!$dbTag)
-			{
-				$dbTag = R::dispense('tag');
-				$dbTag->name = $tag;
-				R::store($dbTag);
-			}
-			$dbTags []= $dbTag;
-		}
-		return $dbTags;
-	}
-
-	public static function validateTag($tag)
-	{
-		$tag = trim($tag);
-
-		$minLength = 1;
-		$maxLength = 64;
-		if (strlen($tag) < $minLength)
-			throw new SimpleException('Tag must have at least ' . $minLength . ' characters');
-		if (strlen($tag) > $maxLength)
-			throw new SimpleException('Tag must have at most ' . $maxLength . ' characters');
-
-		if (!preg_match('/^[a-zA-Z0-9_.-]+$/i', $tag))
-			throw new SimpleException('Invalid tag "' . $tag . '"');
-
-		if (preg_match('/^\.\.?$/', $tag))
-			throw new SimpleException('Invalid tag "' . $tag . '"');
-
-		return $tag;
-	}
-
-	public static function validateTags($tags)
-	{
-		$tags = trim($tags);
-		$tags = preg_split('/[,;\s]+/', $tags);
-		$tags = array_filter($tags, function($x) { return $x != ''; });
-		$tags = array_unique($tags);
-
-		foreach ($tags as $key => $tag)
-			$tags[$key] = self::validateTag($tag);
-
-		if (empty($tags))
-			throw new SimpleException('No tags set');
-
-		return $tags;
-	}
-}
--- a/src/Models/Model_User.php
+++ b/src/Models/Model_User.php
@ -1,173 +0,0 @@
-<?php
-class Model_User extends RedBean_SimpleModel
-{
-	public static function locate($key, $throw = true)
-	{
-		$user = R::findOne('user', 'name = ?', [$key]);
-		if (!$user)
-		{
-			if ($throw)
-				throw new SimpleException('Invalid user name "' . $key . '"');
-			return null;
-		}
-		return $user;
-	}
-
-	public function getAvatarUrl($size = 32)
-	{
-		$subject = !empty($this->email_confirmed)
-			? $this->email_confirmed
-			: $this->pass_salt . $this->name;
-		$hash = md5(strtolower(trim($subject)));
-		$url = 'http://www.gravatar.com/avatar/' . $hash . '?s=' . $size . '&d=retro';
-		return $url;
-	}
-
-	public function getSetting($key)
-	{
-		$settings = json_decode($this->settings, true);
-		return isset($settings[$key])
-			? $settings[$key]
-			: null;
-	}
-
-	public function setSetting($key, $value)
-	{
-		$settings = json_decode($this->settings, true);
-		$settings[$key] = $value;
-		$settings = json_encode($settings);
-		if (strlen($settings) > 200)
-			throw new SimpleException('Too much data');
-		$this->settings = $settings;
-	}
-
-	public function update()
-	{
-		$context = \Chibi\Registry::getContext();
-		if ($context->user->id == $this->id)
-		{
-			$context->user = $this;
-			unset($_SESSION['user']);
-		}
-	}
-
-
-
-	const SETTING_SAFETY = 1;
-	const SETTING_ENDLESS_SCROLLING = 2;
-
-	public function hasEnabledSafety($safety)
-	{
-		$all = $this->getSetting(self::SETTING_SAFETY);
-		if (!$all)
-			return true;
-		return $all & PostSafety::toFlag($safety);
-	}
-
-	public function enableSafety($safety, $enabled)
-	{
-		$new = $this->getSetting(self::SETTING_SAFETY);
-		if (!$enabled)
-		{
-			$new &= ~PostSafety::toFlag($safety);
-			if (!$new)
-				$new = PostSafety::toFlag(PostSafety::Safe);
-		}
-		else
-		{
-			$new |= PostSafety::toFlag($safety);
-		}
-		$this->setSetting(self::SETTING_SAFETY, $new);
-	}
-
-	public function hasEnabledEndlessScrolling()
-	{
-		$ret = $this->getSetting(self::SETTING_ENDLESS_SCROLLING);
-		if ($ret === null)
-			$ret = \Chibi\Registry::getConfig()->browsing->endlessScrollingDefault;
-		return $ret;
-	}
-
-	public function enableEndlessScrolling($enabled)
-	{
-		$this->setSetting(self::SETTING_ENDLESS_SCROLLING, $enabled ? 1 : 0);
-	}
-
-
-
-	public static function validateUserName($userName)
-	{
-		$userName = trim($userName);
-
-		$dbUser = R::findOne('user', 'name = ?', [$userName]);
-		if ($dbUser !== null)
-		{
-			if (!$dbUser->email_confirmed and \Chibi\Registry::getConfig()->registration->needEmailForRegistering)
-				throw new SimpleException('User with this name is already registered and awaits e-mail confirmation');
-
-			if (!$dbUser->staff_confirmed and \Chibi\Registry::getConfig()->registration->staffActivation)
-				throw new SimpleException('User with this name is already registered and awaits staff confirmation');
-
-			throw new SimpleException('User with this name is already registered');
-		}
-
-		$userNameMinLength = intval(\Chibi\Registry::getConfig()->registration->userNameMinLength);
-		$userNameMaxLength = intval(\Chibi\Registry::getConfig()->registration->userNameMaxLength);
-		$userNameRegex = \Chibi\Registry::getConfig()->registration->userNameRegex;
-
-		if (strlen($userName) < $userNameMinLength)
-			throw new SimpleException(sprintf('User name must have at least %d characters', $userNameMinLength));
-
-		if (strlen($userName) > $userNameMaxLength)
-			throw new SimpleException(sprintf('User name must have at most %d characters', $userNameMaxLength));
-
-		if (!preg_match($userNameRegex, $userName))
-			throw new SimpleException('User name contains invalid characters');
-
-		return $userName;
-	}
-
-	public static function validatePassword($password)
-	{
-		$passMinLength = intval(\Chibi\Registry::getConfig()->registration->passMinLength);
-		$passRegex = \Chibi\Registry::getConfig()->registration->passRegex;
-
-		if (strlen($password) < $passMinLength)
-			throw new SimpleException(sprintf('Password must have at least %d characters', $passMinLength));
-
-		if (!preg_match($passRegex, $password))
-			throw new SimpleException('Password contains invalid characters');
-
-		return $password;
-	}
-
-	public static function validateEmail($email)
-	{
-		$email = trim($email);
-
-		if (!empty($email) and !TextHelper::isValidEmail($email))
-			throw new SimpleException('E-mail address appears to be invalid');
-
-		return $email;
-	}
-
-	public static function validateAccessRank($accessRank)
-	{
-		$accessRank = intval($accessRank);
-
-		if (!in_array($accessRank, AccessRank::getAll()))
-			throw new SimpleException('Invalid access rank type "' . $accessRank . '"');
-
-		if ($accessRank == AccessRank::Nobody)
-			throw new SimpleException('Cannot set special accesss rank "' . $accessRank . '"');
-
-		return $accessRank;
-	}
-
-	public static function hashPassword($pass, $salt2)
-	{
-		$salt1 = \Chibi\Registry::getConfig()->main->salt;
-		return sha1($salt1 . $salt2 . $pass);
-	}
-
-}
--- a/src/Models/PostModel.php
+++ b/src/Models/PostModel.php
@ -0,0 +1,281 @@
+<?php
+class PostModel extends AbstractCrudModel
+{
+	protected static $config;
+
+	public static function getTableName()
+	{
+		return 'post';
+	}
+
+	public static function init()
+	{
+		self::$config = \Chibi\Registry::getConfig();
+	}
+
+	public static function spawn()
+	{
+		$post = new PostEntity;
+		$post->hidden = false;
+		$post->uploadDate = time();
+		do
+		{
+			$post->name = md5(mt_rand() . uniqid());
+		}
+		while (file_exists($post->getFullPath()));
+		return $post;
+	}
+
+	public static function save($post)
+	{
+		Database::transaction(function() use ($post)
+		{
+			self::forgeId($post);
+
+			$bindings = [
+				'type' => $post->type,
+				'name' => $post->name,
+				'orig_name' => $post->origName,
+				'file_hash' => $post->fileHash,
+				'file_size' => $post->fileSize,
+				'mime_type' => $post->mimeType,
+				'safety' => $post->safety,
+				'hidden' => $post->hidden,
+				'upload_date' => $post->uploadDate,
+				'image_width' => $post->imageWidth,
+				'image_height' => $post->imageHeight,
+				'uploader_id' => $post->uploaderId,
+				'source' => $post->source,
+				];
+
+			$query = (new SqlQuery)
+				->update('post')
+				->set(join(', ', array_map(function($key) { return $key . ' = ?'; }, array_keys($bindings))))
+				->put(array_values($bindings))
+				->where('id = ?')->put($post->id);
+			Database::query($query);
+
+			//tags
+			$tags = $post->getTags();
+
+			$query = (new SqlQuery)
+				->deleteFrom('post_tag')
+				->where('post_id = ?')->put($post->id);
+			Database::query($query);
+
+			foreach ($tags as $postTag)
+			{
+				$query = (new SqlQuery)
+					->insertInto('post_tag')
+					->surround('post_id, tag_id')
+					->values()->surround('?, ?')
+					->put([$post->id, $postTag->id]);
+				Database::query($query);
+			}
+
+			//relations
+			$relations = $post->getRelations();
+
+			$query = (new SqlQuery)
+				->deleteFrom('crossref')
+				->where('post_id = ?')->put($post->id)
+				->or('post2_id = ?')->put($post->id);
+			Database::query($query);
+
+			foreach ($relations as $relatedPost)
+			{
+				$query = (new SqlQuery)
+					->insertInto('crossref')
+					->surround('post_id, post2_id')
+					->values()->surround('?, ?')
+					->put([$post->id, $relatedPost->id]);
+				Database::query($query);
+			}
+		});
+	}
+
+	public static function remove($post)
+	{
+		Database::transaction(function() use ($post)
+		{
+			$queries = [];
+
+			$queries []= (new SqlQuery)
+				->deleteFrom('post_score')
+				->where('post_id = ?')->put($post->id);
+
+			$queries []= (new SqlQuery)
+				->deleteFrom('post_tag')
+				->where('post_id = ?')->put($post->id);
+
+			$queries []= (new SqlQuery)
+				->deleteFrom('crossref')
+				->where('post_id = ?')->put($post->id)
+				->or('post2_id = ?')->put($post->id);
+
+			$queries []= (new SqlQuery)
+				->deleteFrom('favoritee')
+				->where('post_id = ?')->put($post->id);
+
+			$queries []= (new SqlQuery)
+				->update('comment')
+				->set('post_id = NULL')
+				->where('post_id = ?')->put($post->id);
+
+			$queries []= (new SqlQuery)
+				->deleteFrom('post')
+				->where('id = ?')->put($post->id);
+
+			foreach ($queries as $query)
+				Database::query($query);
+		});
+	}
+
+
+
+
+	public static function findByName($key, $throw = true)
+	{
+		$query = (new SqlQuery)
+			->select('*')
+			->from('post')
+			->where('name = ?')->put($key);
+
+		$row = Database::fetchOne($query);
+		if ($row)
+			return self::convertRow($row);
+
+		if ($throw)
+			throw new SimpleException('Invalid post name "' . $key . '"');
+		return null;
+	}
+
+	public static function findByIdOrName($key, $throw = true)
+	{
+		if (is_numeric($key))
+			$post = self::findById($key, $throw);
+		else
+			$post = self::findByName($key, $throw);
+		return $post;
+	}
+
+	public static function findByHash($key, $throw = true)
+	{
+		$query = (new SqlQuery)
+			->select('*')
+			->from('post')
+			->where('file_hash = ?')->put($key);
+
+		$row = Database::fetchOne($query);
+		if ($row)
+			return self::convertRow($row);
+
+		if ($throw)
+			throw new SimpleException('Invalid post hash "' . $hash . '"');
+		return null;
+	}
+
+
+
+	public static function preloadTags($posts)
+	{
+		if (empty($posts))
+			return;
+
+		$postMap = [];
+		$tagsMap = [];
+		foreach ($posts as $post)
+		{
+			$postId = $post->id;
+			$postMap[$postId] = $post;
+			$tagsMap[$postId] = [];
+		}
+		$postIds = array_keys($postMap);
+
+		$sqlQuery = (new SqlQuery)
+			->select('tag.*, post_id')
+			->from('tag')
+			->innerJoin('post_tag')->on('post_tag.tag_id = tag.id')
+			->where('post_id')->in()->genSlots($postIds)->put($postIds);
+		$rows = Database::fetchAll($sqlQuery);
+
+		foreach ($rows as $row)
+		{
+			if (isset($tags[$row['id']]))
+				continue;
+			unset($row['post_id']);
+			$tag = TagModel::convertRow($row);
+			$tags[$row['id']] = $tag;
+		}
+
+		foreach ($rows as $row)
+		{
+			$postId = $row['post_id'];
+			$tagsMap[$postId] []= $tags[$row['id']];
+		}
+
+		foreach ($tagsMap as $postId => $tags)
+		{
+			$postMap[$postId]->setCache('tags', $tags);
+		}
+	}
+
+
+
+	public static function validateSafety($safety)
+	{
+		$safety = intval($safety);
+
+		if (!in_array($safety, PostSafety::getAll()))
+			throw new SimpleException('Invalid safety type "' . $safety . '"');
+
+		return $safety;
+	}
+
+	public static function validateSource($source)
+	{
+		$source = trim($source);
+
+		$maxLength = 200;
+		if (strlen($source) > $maxLength)
+			throw new SimpleException('Source must have at most ' . $maxLength . ' characters');
+
+		return $source;
+	}
+
+	public static function validateThumbSize($width, $height)
+	{
+		$width = $width === null ? self::$config->browsing->thumbWidth : $width;
+		$height = $height === null ? self::$config->browsing->thumbHeight : $height;
+		$width = min(1000, max(1, $width));
+		$height = min(1000, max(1, $height));
+		return [$width, $height];
+	}
+
+	private static function getThumbPathTokenized($text, $name, $width = null, $height = null)
+	{
+		list ($width, $height) = self::validateThumbSize($width, $height);
+
+		return TextHelper::absolutePath(TextHelper::replaceTokens($text, [
+			'fullpath' => self::$config->main->thumbsPath . DS . $name,
+			'width' => $width,
+			'height' => $height]));
+	}
+
+	public static function getThumbCustomPath($name, $width = null, $height = null)
+	{
+		return self::getThumbPathTokenized('{fullpath}.custom', $name, $width, $height);
+	}
+
+	public static function getThumbDefaultPath($name, $width = null, $height = null)
+	{
+		return self::getThumbPathTokenized('{fullpath}-{width}x{height}.default', $name, $width, $height);
+	}
+
+	public static function getFullPath($name)
+	{
+		return TextHelper::absolutePath(self::$config->main->filesPath . DS . $name);
+	}
+}
+
+PostModel::init();
--- a/src/Models/PropertyModel.php
+++ b/src/Models/PropertyModel.php
@ -0,0 +1,73 @@
+<?php
+class PropertyModel implements IModel
+{
+	const FeaturedPostId = 0;
+	const FeaturedPostUserName = 1;
+	const FeaturedPostDate = 2;
+	const DbVersion = 3;
+
+	static $allProperties = null;
+	static $loaded = false;
+
+	public static function getTableName()
+	{
+		return 'property';
+	}
+
+	public static function loadIfNecessary()
+	{
+		if (!self::$loaded)
+		{
+			self::$loaded = true;
+			self::$allProperties = [];
+			$query = (new SqlQuery())->select('*')->from('property');
+			foreach (Database::fetchAll($query) as $row)
+				self::$allProperties[$row['prop_id']] = $row['value'];
+		}
+	}
+
+	public static function get($propertyId)
+	{
+		self::loadIfNecessary();
+		return isset(self::$allProperties[$propertyId])
+			? self::$allProperties[$propertyId]
+			: null;
+	}
+
+	public static function set($propertyId, $value)
+	{
+		self::loadIfNecessary();
+		Database::transaction(function() use ($propertyId, $value)
+		{
+			$row = Database::query((new SqlQuery)
+				->select('id')
+				->from('property')
+				->where('prop_id = ?')
+				->put($propertyId));
+
+			$query = (new SqlQuery);
+
+			if ($row)
+			{
+				$query
+					->update('property')
+					->set('value = ?')
+					->put($value)
+					->where('prop_id = ?')
+					->put($propertyId);
+			}
+			else
+			{
+				$query
+					->insertInto('property')
+					->open()->raw('prop_id, value_id')->close()
+					->open()->raw('?, ?')->close()
+					->put([$propertyId, $value]);
+			}
+
+			Database::query($query);
+
+			self::$allProperties[$propertyId] = $value;
+		});
+	}
+}
--- a/src/Models/SearchServices/AbstractQueryBuilder.php
+++ b/src/Models/SearchServices/AbstractQueryBuilder.php
@ -0,0 +1,56 @@
+<?php
+abstract class AbstractSearchService
+{
+	protected static function getModelClassName()
+	{
+		$searchServiceClassName = get_called_class();
+		$modelClassName = str_replace('SearchService', 'Model', $searchServiceClassName);
+		return $modelClassName;
+	}
+
+	protected static function decorate(SqlQuery $sqlQuery, $searchQuery)
+	{
+		throw new NotImplementedException();
+	}
+
+	protected static function decoratePager(SqlQuery $sqlQuery, $perPage, $page)
+	{
+		if ($perPage === null)
+			return;
+		$sqlQuery->limit('?')->put($perPage);
+		$sqlQuery->offset('?')->put(($page - 1) * $perPage);
+	}
+
+	static function getEntitiesRows($searchQuery, $perPage = null, $page = 1)
+	{
+		$modelClassName = self::getModelClassName();
+		$table = $modelClassName::getTableName();
+
+		$sqlQuery = new SqlQuery();
+		$sqlQuery->select($table . '.*');
+		static::decorate($sqlQuery, $searchQuery);
+		self::decoratePager($sqlQuery, $perPage, $page);
+
+		$rows = Database::fetchAll($sqlQuery);
+		return $rows;
+	}
+
+	static function getEntities($searchQuery, $perPage = null, $page = 1)
+	{
+		$modelClassName = self::getModelClassName();
+		$rows = static::getEntitiesRows($searchQuery, $perPage, $page);
+		return $modelClassName::convertRows($rows);
+	}
+
+	static function getEntityCount($searchQuery)
+	{
+		$modelClassName = self::getModelClassName();
+		$table = $modelClassName::getTableName();
+
+		$sqlQuery = new SqlQuery();
+		$sqlQuery->select('count(1)')->as('count');
+		static::decorate($sqlQuery, $searchQuery);
+
+		return Database::fetchOne($sqlQuery)['count'];
+	}
+}
--- a/src/Models/SearchServices/CommentSearchService.php
+++ b/src/Models/SearchServices/CommentSearchService.php
@ -0,0 +1,13 @@
+<?php
+class CommentSearchService extends AbstractSearchService
+{
+	public static function decorate(SqlQuery $sqlQuery, $searchQuery)
+	{
+		$sqlQuery
+			->from('comment')
+			->where('post_id')
+			->is()->not('NULL')
+			->orderBy('id')
+			->desc();
+	}
+}
--- a/src/Models/SearchServices/PostSearchService.php
+++ b/src/Models/SearchServices/PostSearchService.php
@ -0,0 +1,487 @@
+<?php
+class PostSearchService extends AbstractSearchService
+{
+	private static $enableTokenLimit = true;
+
+	public static function enableTokenLimit($enable)
+	{
+		self::$enableTokenLimit = $enable;
+	}
+
+	protected static function filterUserSafety(SqlQuery $sqlQuery)
+	{
+		$allowedSafety = PrivilegesHelper::getAllowedSafety();
+		$sqlQuery->raw('safety')->in()->genSlots($allowedSafety);
+		foreach ($allowedSafety as $s)
+			$sqlQuery->put($s);
+	}
+
+	protected static function filterUserHidden(SqlQuery $sqlQuery)
+	{
+		if (!PrivilegesHelper::confirm(Privilege::ListPosts, 'hidden'))
+			$sqlQuery->not('hidden');
+		else
+			$sqlQuery->raw('1');
+	}
+
+	protected static function filterChain(SqlQuery $sqlQuery)
+	{
+		if (isset($sqlQuery->__chained))
+			$sqlQuery->and();
+		else
+			$sqlQuery->where();
+		$sqlQuery->__chained = true;
+	}
+
+	protected static function filterNegate(SqlQuery $sqlQuery)
+	{
+		$sqlQuery->not();
+	}
+
+	protected static function filterTag($sqlQuery, $val)
+	{
+		$tag = TagModel::findByName($val);
+		$sqlQuery
+			->exists()
+			->open()
+			->select('1')
+			->from('post_tag')
+			->where('post_id = post.id')
+			->and('post_tag.tag_id = ?')->put($tag->id)
+			->close();
+	}
+
+	protected static function filterTokenId($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$ids = preg_split('/[;,]/', $val);
+		$ids = array_map('intval', $ids);
+		$sqlQuery->raw('id')->in()->genSlots($ids)->put($ids);
+	}
+
+	protected static function filterTokenIdMin($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$sqlQuery->raw('id >= ?')->put(intval($val));
+	}
+
+	protected static function filterTokenIdMax($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$sqlQuery->raw('id <= ?')->put(intval($val));
+	}
+
+	protected static function filterTokenScoreMin($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$sqlQuery->raw('score >= ?')->put(intval($val));
+	}
+
+	protected static function filterTokenScoreMax($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$sqlQuery->raw('score <= ?')->put(intval($val));
+	}
+
+	protected static function filterTokenTagMin($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$sqlQuery->raw('tag_count >= ?')->put(intval($val));
+	}
+
+	protected static function filterTokenTagMax($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$sqlQuery->raw('tag_count <= ?')->put(intval($val));
+	}
+
+	protected static function filterTokenFavMin($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$sqlQuery->raw('fav_count >= ?')->put(intval($val));
+	}
+
+	protected static function filterTokenFavMax($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$sqlQuery->raw('fav_count <= ?')->put(intval($val));
+	}
+
+	protected static function filterTokenCommentMin($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$sqlQuery->raw('comment_count >= ?')->put(intval($val));
+	}
+
+	protected static function filterTokenCommentMax($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$sqlQuery->raw('comment_count <= ?')->put(intval($val));
+	}
+
+	protected static function filterTokenSpecial($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$context = \Chibi\Registry::getContext();
+
+		switch (strtolower($val))
+		{
+			case 'liked':
+			case 'likes':
+				$sqlQuery
+					->exists()
+					->open()
+					->select('1')
+					->from('post_score')
+					->where('post_id = post.id')
+					->and('score > 0')
+					->and('user_id = ?')->put($context->user->id)
+					->close();
+				break;
+
+			case 'disliked':
+			case 'dislikes':
+				$sqlQuery
+					->exists()
+					->open()
+					->select('1')
+					->from('post_score')
+					->where('post_id = post.id')
+					->and('score < 0')
+					->and('user_id = ?')->put($context->user->id)
+					->close();
+				break;
+
+			default:
+				throw new SimpleException('Unknown special "' . $val . '"');
+		}
+	}
+
+	protected static function filterTokenType($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		switch (strtolower($val))
+		{
+			case 'swf':
+				$type = PostType::Flash;
+				break;
+			case 'img':
+				$type = PostType::Image;
+				break;
+			case 'yt':
+			case 'youtube':
+				$type = PostType::Youtube;
+				break;
+			default:
+				throw new SimpleException('Unknown type "' . $val . '"');
+		}
+		$sqlQuery->raw('type = ?')->put($type);
+	}
+
+	protected static function __filterTokenDateParser($val)
+	{
+		list ($year, $month, $day) = explode('-', $val . '-0-0');
+		$yearMin = $yearMax = intval($year);
+		$monthMin = $monthMax = intval($month);
+		$monthMin = $monthMin ?: 1;
+		$monthMax = $monthMax ?: 12;
+		$dayMin = $dayMax = intval($day);
+		$dayMin = $dayMin ?: 1;
+		$dayMax = $dayMax ?: intval(date('t', mktime(0, 0, 0, $monthMax, 1, $year)));
+		$timeMin = mktime(0, 0, 0, $monthMin, $dayMin, $yearMin);
+		$timeMax = mktime(0, 0, -1, $monthMax, $dayMax+1, $yearMax);
+		return [$timeMin, $timeMax];
+	}
+
+	protected static function filterTokenDate($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		list ($timeMin, $timeMax) = self::__filterTokenDateParser($val);
+		$sqlQuery
+			->raw('upload_date >= ?')->put($timeMin)
+			->and('upload_date <= ?')->put($timeMax);
+	}
+
+	protected static function filterTokenDateMin($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		list ($timeMin, $timeMax) = self::__filterTokenDateParser($val);
+		$sqlQuery->raw('upload_date >= ?')->put($timeMin);
+	}
+
+	protected static function filterTokenDateMax($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		list ($timeMin, $timeMax) = self::__filterTokenDateParser($val);
+		$sqlQuery->raw('upload_date <= ?')->put($timeMax);
+	}
+
+	protected static function filterTokenFav($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$user = UserModel::findByNameOrEmail($val);
+		$sqlQuery
+			->exists()
+			->open()
+			->select('1')
+			->from('favoritee')
+			->where('post_id = post.id')
+			->and('favoritee.user_id = ?')->put($user->id)
+			->close();
+	}
+
+	protected static function filterTokenFavs($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		return self::filterTokenFav($searchContext, $sqlQuery, $val);
+	}
+
+	protected static function filterTokenComment($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$user = UserModel::findByNameOrEmail($val);
+		$sqlQuery
+			->exists()
+			->open()
+			->select('1')
+			->from('comment')
+			->where('post_id = post.id')
+			->and('commenter_id = ?')->put($user->id)
+			->close();
+	}
+
+	protected static function filterTokenCommenter($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		return self::filterTokenComment($searchContext, $sqlQuery, $val);
+	}
+
+	protected static function filterTokenSubmit($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$user = UserModel::findByNameOrEmail($val);
+		$sqlQuery->raw('uploader_id = ?')->put($user->id);
+	}
+
+	protected static function filterTokenUploader($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		return self::filterTokenSubmit($searchContext, $sqlQuery, $val);
+	}
+
+	protected static function filterTokenUpload($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		return self::filterTokenSubmit($searchContext, $sqlQuery, $val);
+	}
+
+	protected static function filterTokenUploaded($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		return self::filterTokenSubmit($searchContext, $sqlQuery, $val);
+	}
+
+	protected static function filterTokenPrev($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		self::__filterTokenPrevNext($searchContext, $sqlQuery, $val);
+	}
+
+	protected static function filterTokenNext($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$searchContext->orderDir *= -1;
+		self::__filterTokenPrevNext($searchContext, $sqlQuery, $val);
+	}
+
+	protected static function __filterTokenPrevNext($searchContext, SqlQuery $sqlQuery, $val)
+	{
+		$op1 = $searchContext->orderDir == 1 ? '<' : '>';
+		$op2 = $searchContext->orderDir != 1 ? '<' : '>';
+		$sqlQuery
+			->open()
+				->open()
+					->raw($searchContext->orderColumn . ' ' . $op1 . ' ')
+					->open()
+						->select($searchContext->orderColumn)
+						->from('post p2')
+						->where('p2.id = ?')->put(intval($val))
+					->close()
+					->and('id != ?')->put($val)
+				->close()
+				->or()
+				->open()
+					->raw($searchContext->orderColumn . ' = ')
+					->open()
+						->select($searchContext->orderColumn)
+						->from('post p2')
+						->where('p2.id = ?')->put(intval($val))
+					->close()
+					->and('id ' . $op1 . ' ?')->put(intval($val))
+				->close()
+			->close();
+	}
+
+
+	protected static function parseOrderToken($searchContext, $val)
+	{
+		$randomReset = true;
+
+		$orderDir = 1;
+		if (substr($val, -4) == 'desc')
+		{
+			$orderDir = 1;
+			$val = rtrim(substr($val, 0, -4), ',');
+		}
+		elseif (substr($val, -3) == 'asc')
+		{
+			$orderDir = -1;
+			$val = rtrim(substr($val, 0, -3), ',');
+		}
+		if ($val{0} == '-')
+		{
+			$orderDir *= -1;
+			$val = substr($val, 1);
+		}
+
+		switch ($val)
+		{
+			case 'id':
+				$orderColumn = 'id';
+				break;
+			case 'date':
+				$orderColumn = 'upload_date';
+				break;
+			case 'comment':
+			case 'comments':
+			case 'commentcount':
+				$orderColumn = 'comment_count';
+				break;
+			case 'fav':
+			case 'favs':
+			case 'favcount':
+				$orderColumn = 'fav_count';
+				break;
+			case 'score':
+				$orderColumn = 'score';
+				break;
+			case 'tag':
+			case 'tags':
+			case 'tagcount':
+				$orderColumn = 'tag_count';
+				break;
+			case 'random':
+				//seeding works like this: if you visit anything
+				//that triggers order other than random, the seed
+				//is going to reset. however, it stays the same as
+				//long as you keep visiting pages with order:random
+				//specified.
+				$randomReset = false;
+				if (!isset($_SESSION['browsing-seed']))
+					$_SESSION['browsing-seed'] = mt_rand();
+				$seed = $_SESSION['browsing-seed'];
+				$orderColumn = 'SUBSTR(id * ' . $seed .', LENGTH(id) + 2)';
+				break;
+			default:
+				throw new SimpleException('Unknown key "' . $val . '"');
+		}
+
+		if ($randomReset and isset($_SESSION['browsing-seed']))
+			unset($_SESSION['browsing-seed']);
+
+		$searchContext->orderColumn = $orderColumn;
+		$searchContext->orderDir = $orderDir;
+	}
+
+
+
+	protected static function iterateTokens($tokens, $callback)
+	{
+		$unparsedTokens = [];
+
+		foreach ($tokens as $origToken)
+		{
+			$token = $origToken;
+			$neg = false;
+			if ($token{0} == '-')
+			{
+				$token = substr($token, 1);
+				$neg = true;
+			}
+
+			$pos = strpos($token, ':');
+			if ($pos === false)
+			{
+				$key = null;
+				$val = $token;
+			}
+			else
+			{
+				$key = strtolower(substr($token, 0, $pos));
+				$val = substr($token, $pos + 1);
+			}
+
+			$parsed = $callback($neg, $key, $val);
+
+			if (!$parsed)
+				$unparsedTokens []= $origToken;
+		}
+		return $unparsedTokens;
+	}
+
+	public static function decorate(SqlQuery $sqlQuery, $searchQuery)
+	{
+		$config = \Chibi\Registry::getConfig();
+
+		$sqlQuery->from('post');
+
+		self::filterChain($sqlQuery);
+		self::filterUserSafety($sqlQuery);
+		self::filterChain($sqlQuery);
+		self::filterUserHidden($sqlQuery);
+
+		/* query tokens */
+		$tokens = array_filter(array_unique(explode(' ', $searchQuery)), function($x) { return $x != ''; });
+		if (self::$enableTokenLimit and count($tokens) > $config->browsing->maxSearchTokens)
+			throw new SimpleException('Too many search tokens (maximum: ' . $config->browsing->maxSearchTokens . ')');
+
+		if (\Chibi\Registry::getContext()->user->hasEnabledHidingDislikedPosts())
+			$tokens []= '-special:disliked';
+
+		$searchContext = new StdClass;
+		$searchContext->orderColumn = 'id';
+		$searchContext->orderDir = 1;
+
+		$tokens = self::iterateTokens($tokens, function($neg, $key, $val) use ($searchContext, $sqlQuery, &$orderToken)
+		{
+			if ($key != 'order')
+				return false;
+
+			if ($neg)
+				$orderToken = '-' . $val;
+			else
+				$orderToken = $val;
+			self::parseOrderToken($searchContext, $orderToken);
+
+			return true;
+		});
+
+
+		$tokens = self::iterateTokens($tokens, function($neg, $key, $val) use ($searchContext, $sqlQuery)
+		{
+			if ($key !== null)
+				return false;
+
+			self::filterChain($sqlQuery);
+			if ($neg)
+				self::filterNegate($sqlQuery);
+			self::filterTag($sqlQuery, $val);
+			return true;
+		});
+
+		$tokens = self::iterateTokens($tokens, function($neg, $key, $val) use ($searchContext, $sqlQuery)
+		{
+			$methodName = 'filterToken' . TextHelper::kebabCaseToCamelCase($key);
+			if (!method_exists(__CLASS__, $methodName))
+				return false;
+
+			self::filterChain($sqlQuery);
+			if ($neg)
+				self::filterNegate($sqlQuery);
+			self::$methodName($searchContext, $sqlQuery, $val);
+			return true;
+		});
+
+		if (!empty($tokens))
+			throw new SimpleException('Unknown search token "' . array_shift($tokens) . '"');
+
+		$sqlQuery->orderBy($searchContext->orderColumn);
+		if ($searchContext->orderDir == 1)
+			$sqlQuery->desc();
+		else
+			$sqlQuery->asc();
+
+		if ($searchContext->orderColumn != 'id')
+		{
+			$sqlQuery->raw(', id');
+			if ($searchContext->orderDir == 1)
+				$sqlQuery->desc();
+			else
+				$sqlQuery->asc();
+		}
+	}
+}
--- a/src/Models/SearchServices/TagSearchService.php
+++ b/src/Models/SearchServices/TagSearchService.php
@ -0,0 +1,87 @@
+<?php
+class TagSearchService extends AbstractSearchService
+{
+	public static function decorate(SqlQuery $sqlQuery, $searchQuery)
+	{
+		$allowedSafety = PrivilegesHelper::getAllowedSafety();
+		$limitQuery = false;
+		$sqlQuery
+			->raw(', COUNT(post_tag.post_id)')
+			->as('post_count')
+			->from('tag')
+			->innerJoin('post_tag')
+			->on('tag.id = post_tag.tag_id')
+			->innerJoin('post')
+			->on('post.id = post_tag.post_id')
+			->where('safety')->in()->genSlots($allowedSafety);
+		foreach ($allowedSafety as $s)
+			$sqlQuery->put($s);
+
+		$orderToken = null;
+
+		if ($searchQuery !== null)
+		{
+			$tokens = preg_split('/\s+/', $searchQuery);
+			foreach ($tokens as $token)
+			{
+				if (strpos($token, ':') !== false)
+				{
+					list ($key, $value) = explode(':', $token);
+
+					if ($key == 'order')
+						$orderToken = $value;
+					else
+						throw new SimpleException('Unknown key: ' . $key);
+				}
+				else
+				{
+					$limitQuery = true;
+					if (strlen($token) >= 3)
+						$token = '%' . $token;
+					$token .= '%';
+					$sqlQuery
+						->and('LOWER(tag.name)')
+						->like('LOWER(?)')
+						->put($token);
+				}
+			}
+		}
+
+		$sqlQuery->groupBy('tag.id');
+		if ($orderToken)
+			self::order($sqlQuery,$orderToken);
+
+
+		if ($limitQuery)
+			$sqlQuery->limit(15);
+	}
+
+	private static function order(SqlQuery $sqlQuery, $value)
+	{
+		if (strpos($value, ',') !== false)
+		{
+			list ($orderColumn, $orderDir) = explode(',', $value);
+		}
+		else
+		{
+			$orderColumn = $value;
+			$orderDir = 'asc';
+		}
+
+		switch ($orderColumn)
+		{
+			case 'popularity':
+				$sqlQuery->orderBy('post_count');
+				break;
+
+			case 'alpha':
+				$sqlQuery->orderBy('name');
+				break;
+		}
+
+		if ($orderDir == 'asc')
+			$sqlQuery->asc();
+		else
+			$sqlQuery->desc();
+	}
+}
--- a/src/Models/SearchServices/UserSearchService.php
+++ b/src/Models/SearchServices/UserSearchService.php
@ -0,0 +1,31 @@
+<?php
+class UserSearchService extends AbstractSearchService
+{
+	protected static function decorate(SQLQuery $sqlQuery, $searchQuery)
+	{
+		$sqlQuery->from('user');
+
+		$sortStyle = $searchQuery;
+		switch ($sortStyle)
+		{
+			case 'alpha,asc':
+				$sqlQuery->orderBy('name')->asc();
+				break;
+			case 'alpha,desc':
+				$sqlQuery->orderBy('name')->desc();
+				break;
+			case 'date,asc':
+				$sqlQuery->orderBy('join_date')->asc();
+				break;
+			case 'date,desc':
+				$sqlQuery->orderBy('join_date')->desc();
+				break;
+			case 'pending':
+				$sqlQuery->where('staff_confirmed IS NULL');
+				$sqlQuery->or('staff_confirmed = 0');
+				break;
+			default:
+				throw new SimpleException('Unknown sort style "' . $sortStyle . '"');
+		}
+	}
+}
--- a/src/Models/TagModel.php
+++ b/src/Models/TagModel.php
@ -0,0 +1,186 @@
+<?php
+class TagModel extends AbstractCrudModel
+{
+	public static function getTableName()
+	{
+		return 'tag';
+	}
+
+	public static function save($tag)
+	{
+		Database::transaction(function() use ($tag)
+		{
+			self::forgeId($tag, 'tag');
+
+			$query = (new SqlQuery)
+				->update('tag')
+				->set('name = ?')->put($tag->name)
+				->where('id = ?')->put($tag->id);
+
+			Database::query($query);
+		});
+		return $tag->id;
+	}
+
+	public static function remove($tag)
+	{
+		$query = (new SqlQuery)
+			->deleteFrom('post_tag')
+			->where('tag_id = ?')->put($tag->id);
+		Database::query($query);
+
+		$query = (new SqlQuery)
+			->deleteFrom('tag')
+			->where('id = ?')->put($tag->id);
+		Database::query($query);
+	}
+
+	public static function rename($sourceName, $targetName)
+	{
+		Database::transaction(function() use ($sourceName, $targetName)
+		{
+			$sourceTag = TagModel::findByName($sourceName);
+			$targetTag = TagModel::findByName($targetName, false);
+
+			if ($targetTag and $targetTag->id != $sourceTag->id)
+				throw new SimpleException('Target tag already exists');
+
+			$sourceTag->name = $targetName;
+			self::save($sourceTag);
+		});
+	}
+
+	public static function merge($sourceName, $targetName)
+	{
+		Database::transaction(function() use ($sourceName, $targetName)
+		{
+			$sourceTag = TagModel::findByName($sourceName);
+			$targetTag = TagModel::findByName($targetName);
+
+			if ($sourceTag->id == $targetTag->id)
+				throw new SimpleException('Source and target tag are the same');
+
+			$query = (new SqlQuery)
+				->select('post.id')
+				->from('post')
+				->where()
+					->exists()
+					->open()
+						->select('1')
+						->from('post_tag')
+						->where('post_tag.post_id = post.id')
+						->and('post_tag.tag_id = ?')->put($sourceTag->id)
+					->close()
+				->and()
+					->not()->exists()
+					->open()
+						->select('1')
+						->from('post_tag')
+						->where('post_tag.post_id = post.id')
+						->and('post_tag.tag_id = ?')->put($targetTag->id)
+					->close();
+			$rows = Database::fetchAll($query);
+			$postIds = array_map(function($row) { return $row['id']; }, $rows);
+
+			self::remove($sourceTag);
+
+			foreach ($postIds as $postId)
+			{
+				$query = (new SqlQuery)
+					->insertInto('post_tag')
+					->surround('post_id, tag_id')
+					->values()->surround('?, ?')
+					->put([$postId, $targetTag->id]);
+				Database::query($query);
+			}
+		});
+	}
+
+
+	public static function findAllByPostId($key)
+	{
+		$query = new SqlQuery();
+		$query
+			->select('tag.*')
+			->from('tag')
+			->innerJoin('post_tag')
+			->on('post_tag.tag_id = tag.id')
+			->where('post_tag.post_id = ?')
+			->put($key);
+
+		$rows = Database::fetchAll($query);
+		if ($rows)
+			return self::convertRows($rows);
+		return [];
+	}
+
+	public static function findByName($key, $throw = true)
+	{
+		$query = (new SqlQuery)
+			->select('*')
+			->from('tag')
+			->where('LOWER(name) = LOWER(?)')->put($key);
+
+		$row = Database::fetchOne($query);
+		if ($row)
+			return self::convertRow($row);
+
+		if ($throw)
+			throw new SimpleException('Invalid tag name "' . $key . '"');
+		return null;
+	}
+
+
+
+	public static function removeUnused()
+	{
+		$query = (new SqlQuery)
+			->deleteFrom('tag')
+			->where()
+			->not()->exists()
+			->open()
+				->select('1')
+				->from('post_tag')
+				->where('post_tag.tag_id = tag.id')
+			->close();
+		Database::query($query);
+	}
+
+
+
+	public static function validateTag($tag)
+	{
+		$tag = trim($tag);
+
+		$minLength = 1;
+		$maxLength = 64;
+		if (strlen($tag) < $minLength)
+			throw new SimpleException('Tag must have at least ' . $minLength . ' characters');
+		if (strlen($tag) > $maxLength)
+			throw new SimpleException('Tag must have at most ' . $maxLength . ' characters');
+
+		if (!preg_match('/^[()\[\]a-zA-Z0-9_.-]+$/i', $tag))
+			throw new SimpleException('Invalid tag "' . $tag . '"');
+
+		if (preg_match('/^\.\.?$/', $tag))
+			throw new SimpleException('Invalid tag "' . $tag . '"');
+
+		return $tag;
+	}
+
+	public static function validateTags($tags)
+	{
+		$tags = trim($tags);
+		$tags = preg_split('/[,;\s]+/', $tags);
+		$tags = array_filter($tags, function($x) { return $x != ''; });
+		$tags = array_unique($tags);
+
+		foreach ($tags as $key => $tag)
+			$tags[$key] = self::validateTag($tag);
+
+		if (empty($tags))
+			throw new SimpleException('No tags set');
+
+		return $tags;
+	}
+}
--- a/src/Models/TokenModel.php
+++ b/src/Models/TokenModel.php
@ -0,0 +1,81 @@
+<?php
+class TokenModel extends AbstractCrudModel
+implements IModel
+{
+	public static function getTableName()
+	{
+		return 'user_token';
+	}
+
+	public static function save($token)
+	{
+		Database::transaction(function() use ($token)
+		{
+			self::forgeId($token);
+
+			$bindings = [
+				'user_id' => $token->userId,
+				'token' => $token->token,
+				'used' => $token->used,
+				'expires' => $token->expires,
+				];
+
+			$query = (new SqlQuery)
+				->update('user_token')
+				->set(join(', ', array_map(function($key) { return $key . ' = ?'; }, array_keys($bindings))))
+				->put(array_values($bindings))
+				->where('id = ?')->put($token->id);
+			Database::query($query);
+
+		});
+	}
+
+
+
+	public static function findByToken($key, $throw = true)
+	{
+		if (empty($key))
+			throw new SimpleException('Invalid security token');
+
+		$query = (new SqlQuery)
+			->select('*')
+			->from('user_token')
+			->where('token = ?')->put($key);
+
+		$row = Database::fetchOne($query);
+		if ($row)
+			return self::convertRow($row);
+
+		if ($throw)
+			throw new SimpleException('No user with such security token');
+		return null;
+	}
+
+
+
+	public static function checkValidity($token)
+	{
+		if (empty($token))
+			throw new SimpleException('Invalid security token');
+
+		if ($token->used)
+			throw new SimpleException('This token was already used');
+
+		if ($token->expires !== null and time() > $token->expires)
+			throw new SimpleException('This token has expired');
+	}
+
+
+
+	public static function forgeUnusedToken()
+	{
+		$tokenText = '';
+		while (true)
+		{
+			$tokenText =  md5(mt_rand() . uniqid());
+			$token = self::findByToken($tokenText, false);
+			if (!$token)
+				return $tokenText;
+		}
+	}
+}
--- a/src/Models/UserModel.php
+++ b/src/Models/UserModel.php
@ -0,0 +1,252 @@
+<?php
+class UserModel extends AbstractCrudModel
+{
+	const SETTING_SAFETY = 1;
+	const SETTING_ENDLESS_SCROLLING = 2;
+	const SETTING_POST_TAG_TITLES = 3;
+	const SETTING_HIDE_DISLIKED_POSTS = 4;
+
+	public static function getTableName()
+	{
+		return 'user';
+	}
+
+	public static function spawn()
+	{
+		$user = new UserEntity();
+		$user->passSalt = md5(mt_rand() . uniqid());
+		return $user;
+	}
+
+	public static function save($user)
+	{
+		if ($user->accessRank == AccessRank::Anonymous)
+			throw new Exception('Trying to save anonymous user into database');
+		Database::transaction(function() use ($user)
+		{
+			self::forgeId($user);
+
+			$bindings = [
+				'name' => $user->name,
+				'pass_salt' => $user->passSalt,
+				'pass_hash' => $user->passHash,
+				'staff_confirmed' => $user->staffConfirmed,
+				'email_unconfirmed' => $user->emailUnconfirmed,
+				'email_confirmed' => $user->emailConfirmed,
+				'join_date' => $user->joinDate,
+				'access_rank' => $user->accessRank,
+				'settings' => $user->settings,
+				'banned' => $user->banned
+				];
+
+			$query = (new SqlQuery)
+				->update('user')
+				->set(join(', ', array_map(function($key) { return $key . ' = ?'; }, array_keys($bindings))))
+				->put(array_values($bindings))
+				->where('id = ?')->put($user->id);
+			Database::query($query);
+		});
+	}
+
+	public static function remove($user)
+	{
+		Database::transaction(function() use ($user)
+		{
+			$queries = [];
+
+			$queries []= (new SqlQuery)
+				->deleteFrom('post_score')
+				->where('user_id = ?')->put($user->id);
+
+			$queries []= (new SqlQuery)
+				->update('comment')
+				->set('commenter_id = NULL')
+				->where('commenter_id = ?')->put($user->id);
+
+			$queries []= (new SqlQuery)
+				->update('post')
+				->set('uploader_id = NULL')
+				->where('uploader_id = ?')->put($user->id);
+
+			$queries []= (new SqlQuery)
+				->deleteFrom('favoritee')
+				->where('user_id = ?')->put($user->id);
+
+			$queries []= (new SqlQuery)
+				->deleteFrom('user')
+				->where('id = ?')->put($user->id);
+
+			foreach ($queries as $query)
+				Database::query($query);
+		});
+	}
+
+
+
+	public static function findByName($key, $throw = true)
+	{
+		$query = (new SqlQuery)
+			->select('*')
+			->from('user')
+			->where('LOWER(name) = LOWER(?)')->put(trim($key));
+
+		$row = Database::fetchOne($query);
+		if ($row)
+			return self::convertRow($row);
+
+		if ($throw)
+			throw new SimpleException('Invalid user name "' . $key . '"');
+		return null;
+	}
+
+	public static function findByNameOrEmail($key, $throw = true)
+	{
+		$query = new SqlQuery();
+		$query->select('*')
+			->from('user')
+			->where('LOWER(name) = LOWER(?)')->put(trim($key))
+			->or('LOWER(email_confirmed) = LOWER(?)')->put(trim($key));
+
+		$row = Database::fetchOne($query);
+		if ($row)
+			return self::convertRow($row);
+
+		if ($throw)
+			throw new SimpleException('Invalid user name "' . $key . '"');
+		return null;
+	}
+
+
+
+	public static function updateUserScore($user, $post, $score)
+	{
+		Database::transaction(function() use ($user, $post, $score)
+		{
+			$query = (new SqlQuery)
+				->deleteFrom('post_score')
+				->where('post_id = ?')->put($post->id)
+				->and('user_id = ?')->put($user->id);
+			Database::query($query);
+			$score = intval($score);
+			if ($score != 0)
+			{
+				$query = (new SqlQuery);
+				$query->insertInto('post_score')
+					->surround('post_id, user_id, score')
+					->values()->surround('?, ?, ?')
+					->put([$post->id, $user->id, $score]);
+				Database::query($query);
+			}
+		});
+	}
+
+	public static function addToUserFavorites($user, $post)
+	{
+		Database::transaction(function() use ($user, $post)
+		{
+			self::removeFromUserFavorites($user, $post);
+			$query = (new SqlQuery);
+			$query->insertInto('favoritee')
+				->surround('post_id, user_id')
+				->values()->surround('?, ?')
+				->put([$post->id, $user->id]);
+			Database::query($query);
+		});
+	}
+
+	public static function removeFromUserFavorites($user, $post)
+	{
+		Database::transaction(function() use ($user, $post)
+		{
+			$query = (new SqlQuery)
+				->deleteFrom('favoritee')
+				->where('post_id = ?')->put($post->id)
+				->and('user_id = ?')->put($user->id);
+			Database::query($query);
+		});
+	}
+
+
+
+	public static function validateUserName($userName)
+	{
+		$userName = trim($userName);
+
+		$dbUser = self::findByName($userName, false);
+		if ($dbUser !== null)
+		{
+			if (!$dbUser->emailConfirmed and \Chibi\Registry::getConfig()->registration->needEmailForRegistering)
+				throw new SimpleException('User with this name is already registered and awaits e-mail confirmation');
+
+			if (!$dbUser->staffConfirmed and \Chibi\Registry::getConfig()->registration->staffActivation)
+				throw new SimpleException('User with this name is already registered and awaits staff confirmation');
+
+			throw new SimpleException('User with this name is already registered');
+		}
+
+		$userNameMinLength = intval(\Chibi\Registry::getConfig()->registration->userNameMinLength);
+		$userNameMaxLength = intval(\Chibi\Registry::getConfig()->registration->userNameMaxLength);
+		$userNameRegex = \Chibi\Registry::getConfig()->registration->userNameRegex;
+
+		if (strlen($userName) < $userNameMinLength)
+			throw new SimpleException(sprintf('User name must have at least %d characters', $userNameMinLength));
+
+		if (strlen($userName) > $userNameMaxLength)
+			throw new SimpleException(sprintf('User name must have at most %d characters', $userNameMaxLength));
+
+		if (!preg_match($userNameRegex, $userName))
+			throw new SimpleException('User name contains invalid characters');
+
+		return $userName;
+	}
+
+	public static function validatePassword($password)
+	{
+		$passMinLength = intval(\Chibi\Registry::getConfig()->registration->passMinLength);
+		$passRegex = \Chibi\Registry::getConfig()->registration->passRegex;
+
+		if (strlen($password) < $passMinLength)
+			throw new SimpleException(sprintf('Password must have at least %d characters', $passMinLength));
+
+		if (!preg_match($passRegex, $password))
+			throw new SimpleException('Password contains invalid characters');
+
+		return $password;
+	}
+
+	public static function validateEmail($email)
+	{
+		$email = trim($email);
+
+		if (!empty($email) and !TextHelper::isValidEmail($email))
+			throw new SimpleException('E-mail address appears to be invalid');
+
+		return $email;
+	}
+
+	public static function validateAccessRank($accessRank)
+	{
+		$accessRank = intval($accessRank);
+
+		if (!in_array($accessRank, AccessRank::getAll()))
+			throw new SimpleException('Invalid access rank type "' . $accessRank . '"');
+
+		if ($accessRank == AccessRank::Nobody)
+			throw new SimpleException('Cannot set special accesss rank "' . $accessRank . '"');
+
+		return $accessRank;
+	}
+
+
+
+	public static function getAnonymousName()
+	{
+		return '[Anonymous user]';
+	}
+
+	public static function hashPassword($pass, $salt2)
+	{
+		$salt1 = \Chibi\Registry::getConfig()->main->salt;
+		return sha1($salt1 . $salt2 . $pass);
+	}
+}
--- a/src/SqlQuery.php
+++ b/src/SqlQuery.php
@ -0,0 +1,99 @@
+<?php
+class SqlQuery
+{
+	protected $sql;
+	protected $bindings;
+
+	public function __construct()
+	{
+		$this->sql = '';
+		$this->bindings = [];
+	}
+
+	public function __call($name, array $arguments)
+	{
+		$name = TextHelper::camelCaseToKebabCase($name);
+		$name = str_replace('-', ' ', $name);
+		$this->sql .= $name . ' ';
+
+		if (!empty($arguments))
+		{
+			$arg = array_shift($arguments);
+			assert(empty($arguments));
+
+			if (is_object($arg))
+			{
+				throw new Exception('Not implemented');
+			}
+			else
+			{
+				$this->sql .= $arg . ' ';
+			}
+		}
+
+		return $this;
+	}
+
+	public function put($arg)
+	{
+		if (is_array($arg))
+		{
+			foreach ($arg as $key => $val)
+			{
+				if (is_numeric($key))
+					$this->bindings []= $val;
+				else
+					$this->bindings[$key] = $val;
+			}
+		}
+		else
+		{
+			$this->bindings []= $arg;
+		}
+		return $this;
+	}
+
+	public function raw($raw)
+	{
+		$this->sql .= $raw . ' ';
+		return $this;
+	}
+
+	public function open()
+	{
+		$this->sql .= '(';
+		return $this;
+	}
+
+	public function close()
+	{
+		$this->sql .= ') ';
+		return $this;
+	}
+
+	public function surround($raw)
+	{
+		$this->sql .= '(' . $raw . ') ';
+		return $this;
+	}
+
+	public function genSlots($bindings)
+	{
+		if (empty($bindings))
+			return $this;
+		$this->sql .= '(';
+		$this->sql .= join(',', array_fill(0, count($bindings), '?'));
+		$this->sql .= ') ';
+		return $this;
+	}
+
+	public function getBindings()
+	{
+		return $this->bindings;
+	}
+
+	public function getSql()
+	{
+		return trim($this->sql);
+	}
+}
--- a/src/Upgrades/mysql/Upgrade1.sql
+++ b/src/Upgrades/mysql/Upgrade1.sql
@ -0,0 +1,84 @@
+CREATE TABLE property
+(
+	id INTEGER PRIMARY KEY AUTO_INCREMENT,
+	prop_id INTEGER,
+	value TEXT
+);
+
+CREATE TABLE user
+(
+	id INTEGER PRIMARY KEY AUTO_INCREMENT,
+	name TEXT,
+	pass_salt TEXT,
+	pass_hash TEXT,
+	staff_confirmed INTEGER,
+	email_unconfirmed TEXT,
+	email_confirmed TEXT,
+	email_token TEXT,
+	join_date INTEGER,
+	access_rank INTEGER,
+	settings TEXT
+);
+
+CREATE TABLE post
+(
+	id INTEGER PRIMARY KEY AUTO_INCREMENT,
+	type INTEGER,
+	name TEXT,
+	orig_name TEXT,
+	file_hash TEXT,
+	file_size INTEGER,
+	mime_type TEXT,
+	safety INTEGER,
+	hidden INTEGER,
+	upload_date INTEGER,
+	image_width INTEGER,
+	image_height INTEGER,
+	uploader_id INTEGER,
+	source TEXT,
+	FOREIGN KEY(uploader_id) REFERENCES user(id) ON DELETE SET NULL ON UPDATE SET NULL
+);
+CREATE INDEX idx_fk_post_uploader_id ON post(uploader_id);
+
+CREATE TABLE tag
+(
+	id INTEGER PRIMARY KEY AUTO_INCREMENT,
+	name TEXT
+);
+
+CREATE TABLE post_tag
+(
+	id INTEGER PRIMARY KEY AUTO_INCREMENT,
+	tag_id INTEGER,
+	post_id INTEGER,
+	FOREIGN KEY(tag_id) REFERENCES tag(id) ON DELETE CASCADE ON UPDATE SET NULL,
+	FOREIGN KEY(post_id) REFERENCES post(id) ON DELETE CASCADE ON UPDATE SET NULL
+);
+CREATE INDEX idx_fk_post_tag_post_id ON post_tag(post_id);
+CREATE INDEX idx_fk_post_tag_tag_id ON post_tag(tag_id);
+CREATE UNIQUE INDEX idx_uq_post_tag_tag_id_post_id ON post_tag(tag_id, post_id);
+
+CREATE TABLE favoritee
+(
+	id INTEGER PRIMARY KEY AUTO_INCREMENT,
+	post_id INTEGER,
+	user_id INTEGER,
+	FOREIGN KEY(user_id) REFERENCES user(id) ON DELETE CASCADE ON UPDATE SET NULL,
+	FOREIGN KEY(post_id) REFERENCES post(id) ON DELETE CASCADE ON UPDATE SET NULL
+);
+CREATE INDEX idx_fk_favoritee_post_id ON favoritee(post_id);
+CREATE INDEX idx_fk_favoritee_user_id ON favoritee(user_id);
+CREATE UNIQUE INDEX idx_uq_favoritee_post_id_user_id ON favoritee(post_id, user_id);
+
+CREATE TABLE comment
+(
+	id INTEGER PRIMARY KEY AUTO_INCREMENT,
+	post_id INTEGER,
+	commenter_id INTEGER,
+	comment_date INTEGER,
+	text TEXT,
+	FOREIGN KEY(post_id) REFERENCES post(id) ON DELETE CASCADE ON UPDATE SET NULL,
+	FOREIGN KEY(commenter_id) REFERENCES user(id) ON DELETE SET NULL ON UPDATE SET NULL
+);
+CREATE INDEX idx_fk_comment_commenter_id ON comment(commenter_id);
+CREATE INDEX idx_fk_comment_post_id ON comment(post_id);
--- a/src/Upgrades/mysql/Upgrade2.sql
+++ b/src/Upgrades/mysql/Upgrade2.sql
@ -0,0 +1 @@
+ALTER TABLE user ADD COLUMN banned INTEGER;
--- a/src/Upgrades/mysql/Upgrade3.sql
+++ b/src/Upgrades/mysql/Upgrade3.sql
@ -0,0 +1,10 @@
+CREATE TABLE crossref
+(
+	id INTEGER PRIMARY KEY AUTO_INCREMENT,
+	post_id INTEGER,
+	post2_id INTEGER,
+	FOREIGN KEY(post_id) REFERENCES post(id) ON DELETE CASCADE ON UPDATE SET NULL,
+	FOREIGN KEY(post2_id) REFERENCES post(id) ON DELETE CASCADE ON UPDATE SET NULL
+);
+CREATE INDEX idx_fk_crossref_post_id ON crossref(post_id);
+CREATE INDEX idx_fk_crossref_post2_id ON crossref(post2_id);
--- a/src/Upgrades/mysql/Upgrade4.sql
+++ b/src/Upgrades/mysql/Upgrade4.sql
@ -0,0 +1,30 @@
+ALTER TABLE post ADD COLUMN score INTEGER NOT NULL DEFAULT 0;
+
+UPDATE post SET score = 0;
+
+CREATE TABLE post_score
+(
+	id INTEGER PRIMARY KEY AUTO_INCREMENT,
+	post_id INTEGER,
+	user_id INTEGER,
+	score INTEGER,
+	FOREIGN KEY(post_id) REFERENCES post(id) ON DELETE CASCADE ON UPDATE SET NULL,
+	FOREIGN KEY(user_id) REFERENCES user(id) ON DELETE CASCADE ON UPDATE SET NULL
+);
+CREATE INDEX idx_fk_post_score_post_id ON post_score(post_id);
+CREATE INDEX idx_fk_post_score_user_id ON post_score(user_id);
+
+CREATE TRIGGER post_score_update AFTER UPDATE ON post_score FOR EACH ROW
+BEGIN
+	UPDATE post SET score = post.score - old.score + new.score WHERE post.id = new.post_id;
+END;
+
+CREATE TRIGGER post_score_insert AFTER INSERT ON post_score FOR EACH ROW
+BEGIN
+	UPDATE post SET score = post.score + new.score WHERE post.id = new.post_id;
+END;
+
+CREATE TRIGGER post_score_delete BEFORE DELETE ON post_score FOR EACH ROW
+BEGIN
+	UPDATE post SET score = post.score - old.score WHERE post.id = old.post_id;
+END;
--- a/src/Upgrades/mysql/Upgrade5.sql
+++ b/src/Upgrades/mysql/Upgrade5.sql
@ -0,0 +1 @@
+ALTER TABLE post_score RENAME TO postscore;
--- a/src/Upgrades/mysql/Upgrade6.sql
+++ b/src/Upgrades/mysql/Upgrade6.sql
@ -0,0 +1,11 @@
+ALTER TABLE user DROP COLUMN email_token;
+
+CREATE TABLE usertoken
+(
+	id INTEGER PRIMARY KEY AUTO_INCREMENT,
+	user_id INTEGER,
+	token VARCHAR(32),
+	used BOOLEAN,
+	expires INTEGER --TIMESTAMP
+);
+CREATE INDEX idx_fk_usertoken_user_id ON usertoken(user_id);
--- a/src/Upgrades/mysql/Upgrade7.sql
+++ b/src/Upgrades/mysql/Upgrade7.sql
@ -0,0 +1,3 @@
+CREATE UNIQUE INDEX idx_uq_postscore_post_id_user_id ON postscore(post_id, user_id);
+CREATE UNIQUE INDEX idx_uq_crossref_post_id_post2_id ON crossref(post_id, post2_id);
+
--- a/src/Upgrades/mysql/Upgrade8.sql
+++ b/src/Upgrades/mysql/Upgrade8.sql
@ -0,0 +1,37 @@
+ALTER TABLE post ADD COLUMN tag_count INTEGER NOT NULL DEFAULT 0;
+ALTER TABLE post ADD COLUMN fav_count INTEGER NOT NULL DEFAULT 0;
+ALTER TABLE post ADD COLUMN comment_count INTEGER NOT NULL DEFAULT 0;
+
+UPDATE post SET tag_count = (SELECT COUNT(*) FROM post_tag WHERE post_id = post.id);
+UPDATE post SET fav_count = (SELECT COUNT(*) FROM favoritee WHERE post_id = post.id);
+UPDATE post SET comment_count = (SELECT COUNT(*) FROM comment WHERE post_id = post.id);
+
+CREATE TRIGGER post_tag_insert AFTER INSERT ON post_tag FOR EACH ROW
+BEGIN
+	UPDATE post SET tag_count = tag_count + 1 WHERE post.id = new.post_id;
+END;
+
+CREATE TRIGGER post_tag_delete BEFORE DELETE ON post_tag FOR EACH ROW
+BEGIN
+	UPDATE post SET tag_count = tag_count - 1 WHERE post.id = old.post_id;
+END;
+
+CREATE TRIGGER favoritee_insert AFTER INSERT ON favoritee FOR EACH ROW
+BEGIN
+	UPDATE post SET fav_count = fav_count + 1 WHERE post.id = new.post_id;
+END;
+
+CREATE TRIGGER favoritee_delete BEFORE DELETE ON favoritee FOR EACH ROW
+BEGIN
+	UPDATE post SET fav_count = fav_count - 1 WHERE post.id = old.post_id;
+END;
+
+CREATE TRIGGER comment_insert AFTER INSERT ON comment FOR EACH ROW
+BEGIN
+	UPDATE post SET comment_count = comment_count + 1 WHERE post.id = new.post_id;
+END;
+
+CREATE TRIGGER comment_delete BEFORE DELETE ON comment FOR EACH ROW
+BEGIN
+	UPDATE post SET comment_count = comment_count - 1 WHERE post.id = old.post_id;
+END;
--- a/src/Upgrades/mysql/Upgrade9.sql
+++ b/src/Upgrades/mysql/Upgrade9.sql
@ -0,0 +1,31 @@
+UPDATE post SET file_hash = orig_name WHERE type = 3;
+
+CREATE TRIGGER post_tag_update AFTER UPDATE ON post_tag FOR EACH ROW
+BEGIN
+	UPDATE post SET tag_count = tag_count + 1 WHERE post.id = new.post_id;
+	UPDATE post SET tag_count = tag_count - 1 WHERE post.id = old.post_id;
+END;
+
+CREATE TRIGGER favoritee_update AFTER UPDATE ON favoritee FOR EACH ROW
+BEGIN
+	UPDATE post SET fav_count = fav_count + 1 WHERE post.id = new.post_id;
+	UPDATE post SET fav_count = fav_count - 1 WHERE post.id = old.post_id;
+END;
+
+CREATE TRIGGER comment_update AFTER UPDATE ON comment FOR EACH ROW
+BEGIN
+	UPDATE post SET comment_count = comment_count + 1 WHERE post.id = new.post_id;
+	UPDATE post SET comment_count = comment_count - 1 WHERE post.id = old.post_id;
+END;
+
+ALTER TABLE usertoken RENAME TO user_token;
+
+DROP TRIGGER post_score_update;
+ALTER TABLE postscore RENAME TO post_score;
+
+CREATE TRIGGER post_score_update AFTER UPDATE ON post_score FOR EACH ROW
+BEGIN
+	UPDATE post SET score = post.score + new.score WHERE post.id = new.post_id;
+	UPDATE post SET score = post.score - old.score WHERE post.id = old.post_id;
+END;
+
--- a/src/Upgrades/sqlite/Upgrade1.sql
+++ b/src/Upgrades/sqlite/Upgrade1.sql
@ -1,3 +1,10 @@
+CREATE TABLE property
+(
+	id INTEGER PRIMARY KEY AUTOINCREMENT,
+	prop_id INTEGER,
+	value TEXT
+);
+
 CREATE TABLE user
 (
 	id INTEGER PRIMARY KEY AUTOINCREMENT,
@ -13,6 +20,26 @@ CREATE TABLE user
 	settings TEXT
 );

+CREATE TABLE post
+(
+	id INTEGER PRIMARY KEY AUTOINCREMENT,
+	type INTEGER,
+	name TEXT,
+	orig_name TEXT,
+	file_hash TEXT,
+	file_size INTEGER,
+	mime_type TEXT,
+	safety INTEGER,
+	hidden INTEGER,
+	upload_date INTEGER,
+	image_width INTEGER,
+	image_height INTEGER,
+	uploader_id INTEGER,
+	source TEXT,
+	FOREIGN KEY(uploader_id) REFERENCES user(id) ON DELETE SET NULL ON UPDATE SET NULL
+);
+CREATE INDEX idx_fk_post_uploader_id ON post(uploader_id);
+
 CREATE TABLE tag
 (
 	id INTEGER PRIMARY KEY AUTOINCREMENT,
@ -55,30 +82,3 @@ CREATE TABLE comment
 );
 CREATE INDEX idx_fk_comment_commenter_id ON comment(commenter_id);
 CREATE INDEX idx_fk_comment_post_id ON comment(post_id);
-
-CREATE TABLE post
-(
-	id INTEGER PRIMARY KEY AUTOINCREMENT,
-	type INTEGER,
-	name TEXT,
-	orig_name TEXT,
-	file_hash TEXT,
-	file_size INTEGER,
-	mime_type TEXT,
-	safety INTEGER,
-	hidden INTEGER,
-	upload_date INTEGER,
-	image_width INTEGER,
-	image_height INTEGER,
-	uploader_id INTEGER,
-	source TEXT,
-	FOREIGN KEY(uploader_id) REFERENCES user(id) ON DELETE SET NULL ON UPDATE SET NULL
-);
-CREATE INDEX idx_fk_post_uploader_id ON post(uploader_id);
-
-CREATE TABLE property
-(
-	id INTEGER PRIMARY KEY AUTOINCREMENT,
-	prop_id INTEGER,
-	value TEXT
-);
--- a/src/Upgrades/sqlite/Upgrade2.sql
+++ b/src/Upgrades/sqlite/Upgrade2.sql
@ -0,0 +1 @@
+ALTER TABLE user ADD COLUMN banned INTEGER;
--- a/src/Upgrades/sqlite/Upgrade3.sql
+++ b/src/Upgrades/sqlite/Upgrade3.sql
@ -0,0 +1,10 @@
+CREATE TABLE crossref
+(
+	id INTEGER PRIMARY KEY AUTOINCREMENT,
+	post_id INTEGER,
+	post2_id INTEGER,
+	FOREIGN KEY(post_id) REFERENCES post(id) ON DELETE CASCADE ON UPDATE SET NULL,
+	FOREIGN KEY(post2_id) REFERENCES post(id) ON DELETE CASCADE ON UPDATE SET NULL
+);
+CREATE INDEX idx_fk_crossref_post_id ON crossref(post_id);
+CREATE INDEX idx_fk_crossref_post2_id ON crossref(post2_id);
--- a/src/Upgrades/sqlite/Upgrade4.sql
+++ b/src/Upgrades/sqlite/Upgrade4.sql
@ -0,0 +1,30 @@
+ALTER TABLE post ADD COLUMN score INTEGER NOT NULL DEFAULT 0;
+
+UPDATE post SET score = 0;
+
+CREATE TABLE post_score
+(
+	id INTEGER PRIMARY KEY AUTOINCREMENT,
+	post_id INTEGER,
+	user_id INTEGER,
+	score INTEGER,
+	FOREIGN KEY(post_id) REFERENCES post(id) ON DELETE CASCADE ON UPDATE SET NULL,
+	FOREIGN KEY(user_id) REFERENCES user(id) ON DELETE CASCADE ON UPDATE SET NULL
+);
+CREATE INDEX idx_fk_post_score_post_id ON post_score(post_id);
+CREATE INDEX idx_fk_post_score_user_id ON post_score(user_id);
+
+CREATE TRIGGER post_score_update AFTER UPDATE ON post_score FOR EACH ROW
+BEGIN
+	UPDATE post SET score = post.score - old.score + new.score WHERE post.id = new.post_id;
+END;
+
+CREATE TRIGGER post_score_insert AFTER INSERT ON post_score FOR EACH ROW
+BEGIN
+	UPDATE post SET score = post.score + new.score WHERE post.id = new.post_id;
+END;
+
+CREATE TRIGGER post_score_delete BEFORE DELETE ON post_score FOR EACH ROW
+BEGIN
+	UPDATE post SET score = post.score - old.score WHERE post.id = old.post_id;
+END;
--- a/src/Upgrades/sqlite/Upgrade5.sql
+++ b/src/Upgrades/sqlite/Upgrade5.sql
@ -0,0 +1 @@
+ALTER TABLE post_score RENAME TO postscore
--- a/src/Upgrades/sqlite/Upgrade6.sql
+++ b/src/Upgrades/sqlite/Upgrade6.sql
@ -0,0 +1,53 @@
+CREATE TABLE user2
+(
+	id INTEGER PRIMARY KEY AUTOINCREMENT,
+	name TEXT,
+	pass_salt TEXT,
+	pass_hash TEXT,
+	staff_confirmed INTEGER,
+	email_unconfirmed TEXT,
+	email_confirmed TEXT,
+	join_date INTEGER,
+	access_rank INTEGER,
+	settings TEXT,
+	banned INTEGER
+);
+
+INSERT INTO user2
+	(id,
+	name,
+	pass_salt,
+	pass_hash,
+	staff_confirmed,
+	email_unconfirmed,
+	email_confirmed,
+	join_date,
+	access_rank,
+	settings,
+	banned)
+SELECT
+	id,
+	name,
+	pass_salt,
+	pass_hash,
+	staff_confirmed,
+	email_unconfirmed,
+	email_confirmed,
+	join_date,
+	access_rank,
+	settings,
+	banned
+FROM user;
+
+DROP TABLE user;
+ALTER TABLE user2 RENAME TO user;
+
+CREATE TABLE usertoken
+(
+	id INTEGER PRIMARY KEY AUTOINCREMENT,
+	user_id INTEGER,
+	token VARCHAR(32),
+	used BOOLEAN,
+	expires INTEGER --TIMESTAMP
+);
+CREATE INDEX idx_fk_usertoken_user_id ON usertoken(user_id);
--- a/src/Upgrades/sqlite/Upgrade7.sql
+++ b/src/Upgrades/sqlite/Upgrade7.sql
@ -0,0 +1,3 @@
+CREATE UNIQUE INDEX idx_uq_postscore_post_id_user_id ON postscore(post_id, user_id);
+CREATE UNIQUE INDEX idx_uq_crossref_post_id_post2_id ON crossref(post_id, post2_id);
+
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Marcin Kurczewski	8cfc2aeb2a	Fixes for MySQL driver	2013-12-18 17:49:22 +01:00
Marcin Kurczewski	9a9220ab24	Version upgrade (0.6.0)	2013-12-18 17:38:22 +01:00
Marcin Kurczewski	6905ad047d	Fixed changing access rank	2013-12-18 16:11:20 +01:00
Marcin Kurczewski	5607cfc353	Models rewrite; removed RedBeanPHP; misc changes Pages load 1.5-2x faster Exception trace in JSON is now represented as an array Fixed pagination of default favorites page in user pages Fixed thumbnail size validation for non-square thumbnails	2013-12-18 15:17:49 +01:00
Marcin Kurczewski	8c0c5269c4	Fixed 404 pages	2013-12-16 23:38:31 +01:00
Marcin Kurczewski	95961fe7d5	Added tag sorting here and there - Title attribute in post thumbnail - Page title in post view - Footer in featured post	2013-12-14 16:55:07 +01:00
Marcin Kurczewski	1c6b10f966	Fixed 1px bug	2013-12-14 16:49:43 +01:00
Marcin Kurczewski	5b25250209	Optimalizations	2013-12-14 14:50:30 +01:00
Marcin Kurczewski	c7c5cde2b6	Fixed removing from favorites	2013-12-14 12:51:11 +01:00
Marcin Kurczewski	5d45d6da2c	Support for MySQL	2013-12-14 12:51:08 +01:00
Marcin Kurczewski	31bc799518	Markdown: fixes related to <pre> blocks	2013-12-08 12:12:45 +01:00
Marcin Kurczewski	7e8521022c	Added CSS for quotes	2013-12-07 15:04:11 +01:00
Marcin Kurczewski	9dcfd068df	Improved general help tab title "help" text was used twice in two navigation menus: once in top navigation and once in tab bar (along with "prrivacy policy" and "rules"). The "help" in tab bar was changed to "general help" to avoid potential confusion.	2013-12-05 23:57:35 +01:00
Marcin Kurczewski	8f906d83bf	Added active section indicator	2013-12-05 23:57:33 +01:00
Marcin Kurczewski	b8e37a234a	Better looking query debug	2013-12-05 22:22:11 +01:00
Marcin Kurczewski	40e70c4305	User settings: new option to hide disliked posts	2013-12-05 22:21:15 +01:00
Marcin Kurczewski	0d3bb32e9c	Refactor to HTML structure - <script> moved outside <ul> - Youtube posts pass W3C validation	2013-12-01 15:16:10 +01:00
Marcin Kurczewski	7046553a45	Fixed CSS problems with Chrome and Firefox	2013-12-01 15:15:01 +01:00
Marcin Kurczewski	4c1bb44e59	Fixed rare bug in prev/next post If tag/user/whatever from last search was deleted after viewing a post, refreshing the page with that post would yield "Invalid tag/user/whatever" error. I changed it so that when retrieving previous/next post for latest search query throws any errors, saved search query gets resetted to empty one.	2013-12-01 14:47:35 +01:00
Marcin Kurczewski	0001d38699	Further tweaks to model - Fixed broken negative searches - Faster search by tag / comment / submit / favorites (useless nested joins replaced to entity prefetch). Side effect: searching for nonexistent tags, users etc yields informative errors instead of "no posts to show") - Fixed duplicated column in order clause ("ORDER BY id DESC, id DESC")	2013-11-30 19:07:39 +01:00
Marcin Kurczewski	992b9ba5ac	Restored previous entity retrieval Using temporary tables turned out to be more expensive on bigger databases. Restoring two queries version.	2013-11-30 18:13:46 +01:00
Marcin Kurczewski	e93c3588f9	Fix to tabs in upload	2013-11-30 16:42:47 +01:00
Marcin Kurczewski	4285aff671	Fixes to preloading	2013-11-30 16:19:48 +01:00
Marcin Kurczewski	31ccb9a281	Optimalization: changed entity retrieval	2013-11-30 14:23:53 +01:00
Marcin Kurczewski	01c54d4d83	Optimalization: simplified selectors Squash	2013-11-30 14:23:46 +01:00
Marcin Kurczewski	dd8ab7c001	Optimalization: tweaks to .htaccess	2013-11-30 14:20:17 +01:00
Marcin Kurczewski	d7cb024f24	Refactored pagination queries	2013-11-30 13:59:29 +01:00
Marcin Kurczewski	28dbb85b46	Newest chibi-core	2013-11-30 01:10:58 +01:00
Marcin Kurczewski	c9a8f99f6a	Optimization: preloading moved back to controllers - Nearly twice faster page load - Query count greatly dropped	2013-11-30 01:10:58 +01:00
Marcin Kurczewski	5a231b19c3	Bugfix to JS (unknown variable error)	2013-11-30 01:10:58 +01:00
Marcin Kurczewski	3dd3ca5d99	Optimalization: moved <script> from HEAD to footer	2013-11-30 01:10:58 +01:00
Marcin Kurczewski	1e954bb815	Optimalization: faster but dirty row retrieval	2013-11-30 01:10:55 +01:00
Marcin Kurczewski	518311ff61	Optimalization: some JS tweaks - Removed redundant function - Using .preventDefault instead of return calls in some places	2013-11-30 01:10:48 +01:00
Marcin Kurczewski	d570bc1790	Optimalization: sidebar options structure - options rendering moved to separate file - simplified template code - removed redundant JS	2013-11-30 00:55:28 +01:00
Marcin Kurczewski	5e58488f3e	Optimalization: simplified tabs structure	2013-11-30 00:05:03 +01:00
Marcin Kurczewski	e4b4c5d273	Optimalization: added stuff to .htaccess	2013-11-29 23:58:06 +01:00
Marcin Kurczewski	83fa19ee22	Updated jQuery to 2.0.3; added jQuery map file	2013-11-29 23:58:06 +01:00
Marcin Kurczewski	2a625db683	Added support for backets in tag names	2013-11-29 10:42:56 +01:00
Marcin Kurczewski	4648b6afca	Tag autocomplete aligned to right only in top nav	2013-11-27 17:44:52 +01:00
Marcin Kurczewski	ef70c1523f	HTML validation	2013-11-27 17:42:26 +01:00
Marcin Kurczewski	89a1b1acf7	Version upgrade (0.5.0)	2013-11-26 18:18:54 +01:00
Marcin Kurczewski	7820417188	Layout: fixed autocomplete box position	2013-11-25 22:23:48 +01:00
Marcin Kurczewski	f226c3eb0c	Fixed hotkeys conflicting with Flash on Chrome	2013-11-25 22:23:48 +01:00
Marcin Kurczewski	c683fa3b0f	User settings: added opt-in tags in post thumbs	2013-11-25 22:23:48 +01:00
Marcin Kurczewski	505fe1bac3	Mass tag: fixed concurrent tag toggling	2013-11-25 22:23:48 +01:00
Marcin Kurczewski	9819416f35	Markdown: fixed matching ( ) and { } in links	2013-11-25 22:23:48 +01:00
Marcin Kurczewski	aa37ee66ff	Various JS optimizations	2013-11-25 22:23:48 +01:00
Marcin Kurczewski	20022ea4ab	Next/prev links are bound to latest search query	2013-11-25 22:23:45 +01:00
Marcin Kurczewski	d461a88001	Refactor to query builder; added triggers Instead of recomputing comment/fav/tag count from scratch on every request, store it in DB as *_count columns that get updated with proper triggers.	2013-11-24 21:41:38 +01:00
Marcin Kurczewski	0ef5f1b46d	Absolute paths used where necessary - No random chdir() calls - No more exceptions when executing scripts from dirs other than root - find-posts.php prints absolute paths making piping more useful	2013-11-23 20:52:41 +01:00
Marcin Kurczewski	75775cdc15	Increased letterbox threshold	2013-11-23 20:38:44 +01:00
Marcin Kurczewski	0b22f2621e	Markdown tweaks - Faster log rendering - New transform kind: simpleTransform()	2013-11-23 20:00:02 +01:00
Marcin Kurczewski	c5292580ce	Post edit: added custom thumbnail indicator	2013-11-23 17:29:08 +01:00
Marcin Kurczewski	f8e19779a0	Cosmetic change to property model	2013-11-23 17:29:01 +01:00
Marcin Kurczewski	3b532532d1	Post edit: post content can now be replaced	2013-11-23 17:27:56 +01:00
Marcin Kurczewski	ee224b84db	Tag list: added info when there are no tags	2013-11-23 16:03:43 +01:00
Marcin Kurczewski	d274f1c044	Fixed featured post quirks - fixes for empty database - when post was deleted, new one is selected automatically	2013-11-23 16:03:40 +01:00
Marcin Kurczewski	7e56fce470	Sending comment hides preview	2013-11-23 15:39:19 +01:00
Marcin Kurczewski	fdd49d783a	Compressed logs from uploads	2013-11-23 15:39:19 +01:00
Marcin Kurczewski	18f7fff21f	Uploading: empty files yield better error message	2013-11-23 15:39:19 +01:00
Marcin Kurczewski	81017e18cb	Logging: improved grammar a little	2013-11-23 15:39:19 +01:00
Marcin Kurczewski	7fccbd5e02	JS: more robust error handling Also, the upload form cannot be resent during processing	2013-11-23 15:39:19 +01:00
Marcin Kurczewski	618f9e3d77	Any post type can be featured now Automatic generator still searches only for images though.	2013-11-23 15:39:19 +01:00
Marcin Kurczewski	676c3a41e2	Logging: removed logEvent() and log prefixes This looked ugly.	2013-11-23 15:39:19 +01:00
Marcin Kurczewski	db602f08d3	Better handling of anonymous user names	2013-11-23 15:39:19 +01:00
Marcin Kurczewski	ecc72e52e6	Added margin for alerts	2013-11-23 15:39:19 +01:00
Marcin Kurczewski	d8997edc57	Refactor of controllers and models - Most of model-related code moved from controllers to model classes, much fewer calls to R::whatever() in controllers - Post editing and uploading shares the same code, thus making implementing stuff easier in the future - Added support for default bean wiring, no more calls to R::preload() all over the place - More robust concurrent post editing detection	2013-11-23 15:39:13 +01:00
Marcin Kurczewski	0a5169a7d6	JSON serializer: added exception info	2013-11-23 15:39:13 +01:00
Marcin Kurczewski	c1e763316a	Fav and comments are shown only if there are any	2013-11-23 15:39:13 +01:00
Marcin Kurczewski	95b2eec461	Search queries: added search by likes/dislikes	2013-11-23 15:39:08 +01:00
Marcin Kurczewski	6e9a18c0ae	Paginator: introducing "..." pseudo-pages If delta between pages in paginator is greater than 2, it adds "..." inbetween. If delta is equal to 2, it adds missing page link instead. Examples: 1,4,5 gets converted to 1,...,4,5 1,3,4 gets converted to 1,2,3,4	2013-11-23 13:54:13 +01:00
Marcin Kurczewski	467f0c6b93	Slightly better tabs	2013-11-23 13:54:13 +01:00
Marcin Kurczewski	0bbeb4604f	Introducing tag list sort styles Also, increased margin in /users	2013-11-23 13:54:13 +01:00
Marcin Kurczewski	007e797d3a	Faster tag list	2013-11-23 13:54:09 +01:00
Marcin Kurczewski	d636fe1c0a	Fixed hover 1px border bug	2013-11-22 00:26:05 +01:00
Marcin Kurczewski	6e62a46110	Search queries: fixed broken order	2013-11-22 00:26:05 +01:00
Marcin Kurczewski	9c0ed1e930	Markdown: fixed some [spoiler] bugs	2013-11-22 00:26:05 +01:00
Marcin Kurczewski	909026ae0f	User names: removed case sensitivity	2013-11-22 00:26:05 +01:00
Marcin Kurczewski	c8fb9c20c6	Search queries: removed case sensitivity	2013-11-22 00:26:05 +01:00
Marcin Kurczewski	6549237dda	Mass tag: fixed tag case sensitiveness bug	2013-11-22 00:25:59 +01:00
Marcin Kurczewski	601bdab8e1	Mass tag: don't show buttons if no tag specified	2013-11-21 22:44:28 +01:00
Marcin Kurczewski	1f2ce725ff	Mass tag redirection from /tags accepts empty tag User was already able to enter masstag mode without specifying what they want to tag with, through "mass tag" tab.	2013-11-21 22:44:28 +01:00
Marcin Kurczewski	cab63895c2	Fixed "tag already exists" when only changing case	2013-11-21 22:44:28 +01:00
Marcin Kurczewski	a98c61ebf3	Closed #67	2013-11-21 22:44:28 +01:00
Marcin Kurczewski	fb5e851a13	Closed #66	2013-11-21 22:44:28 +01:00
Marcin Kurczewski	77c0ea7f57	Markdown: better <br/> placement	2013-11-21 22:44:28 +01:00
Marcin Kurczewski	6e229bf53c	Markdown: fixed mini-issue mentioned in #66	2013-11-21 22:44:23 +01:00
Marcin Kurczewski	5780917e82	Moved stuff to /data/ "Stuff" means: - Config - Local config - SQLite db file - Files - Thumbnails - Logs	2013-11-21 22:32:58 +01:00
Marcin Kurczewski	a892410f5d	Search queries: added new feature - "comment:x"	2013-11-21 22:32:49 +01:00
Marcin Kurczewski	b2fdbb914e	Fixed appearance on mobile	2013-11-19 20:20:16 +01:00
Marcin Kurczewski	e336d04347	Logging minifix	2013-11-18 23:23:56 +01:00
Marcin Kurczewski	aff68e88cf	Version upgrade (0.4.1)	2013-11-18 18:26:51 +01:00
Marcin Kurczewski	bf0e40683c	Removed TextHelper hacks	2013-11-18 15:41:16 +01:00
Marcin Kurczewski	17bd7a7572	Added support for OpenGraph - Linking to index and individual posts produces thumbs on sites like Facebook - Thumbnails theoretically support custom sizes	2013-11-18 14:33:43 +01:00
Marcin Kurczewski	a5d0a3f9ef	HTML validation	2013-11-18 14:00:54 +01:00
Marcin Kurczewski	5eb5e18b77	Fixes to Markdown parsing introduced in `7605177`	2013-11-18 11:22:29 +01:00
Marcin Kurczewski	19a8b90ca2	Added unique indexes	2013-11-18 10:31:04 +01:00
Marcin Kurczewski	e7ec8ea49f	Fixed user view tabs	2013-11-18 10:30:43 +01:00
Marcin Kurczewski	0286e11c30	Fixed dangling postscore and crossref rows	2013-11-18 10:26:29 +01:00
Marcin Kurczewski	7605177a6b	Added strike through support to Markdown	2013-11-18 00:38:33 +01:00
Marcin Kurczewski	52ceb8d962	Fixes to CLI scripts	2013-11-18 00:16:47 +01:00
Marcin Kurczewski	cc30829c63	Version upgrade (0.4.0)	2013-11-18 00:01:47 +01:00
Marcin Kurczewski	9ab961985d	Refactor to logging - Centralized use of TextHelper::repr..() instead of hardcoded markdown - Centralized processing of highlighting instead of hardcoded markdown - Highlighted items are marked with color, not just bold	2013-11-17 23:46:31 +01:00
Marcin Kurczewski	fdee23af99	Small changes - Changed: rating posts - [up \| down] --> [vote up, down] - Fixed: logging of e-mail subject - Improved: flagging posts/users provides visual feedback ("flagged") - Improved: grammar in login screen - Fixed: typo in password reset message - Added: SessionHelper for handy management of user session data	2013-11-17 20:32:35 +01:00
Marcin Kurczewski	3c41940142	Closed #57	2013-11-17 14:53:21 +01:00
Marcin Kurczewski	da63c0fd19	Closed #61	2013-11-17 14:53:17 +01:00
Marcin Kurczewski	4fd25b10c6	Fixed logging of post previews	2013-11-17 14:25:13 +01:00
Marcin Kurczewski	210342a5bf	Fixes to Markdown - aa_bb cc_dd doesn't produce italics anymore - asd@5.com doesn't produce link to post 5 - asd.com#anchor doesn't produce link to tag "anchor"	2013-11-17 14:25:05 +01:00
Marcin Kurczewski	69a993c5af	Fixed sending empty comments	2013-11-17 14:24:39 +01:00
Marcin Kurczewski	7b473ba06f	Low-level refactor to core.php	2013-11-17 14:24:39 +01:00
Marcin Kurczewski	4166200dbc	Post view actions don't reload the page anymore	2013-11-17 14:24:35 +01:00
Marcin Kurczewski	4e64431a96	Changes to infobar in post thumbnails	2013-11-16 22:40:19 +01:00
Marcin Kurczewski	6582b395d2	Added [P] hotkey for selecting first post on page	2013-11-16 22:02:18 +01:00
Marcin Kurczewski	04e9bad79e	Added logging engine for #61	2013-11-16 21:21:43 +01:00
Marcin Kurczewski	45e9d32f58	Fixes to bugs introduced in `76a60ed`	2013-11-16 21:14:27 +01:00
Marcin Kurczewski	bb01ae7fca	Closed #62	2013-11-16 19:24:50 +01:00
Marcin Kurczewski	039d56c260	Further work on #62 Added ability to resend activation mail	2013-11-16 18:57:08 +01:00
Marcin Kurczewski	76a60ed5d7	Refactoring of error/success messages	2013-11-16 18:44:40 +01:00
Marcin Kurczewski	fb02feeed3	Preparation for #62	2013-11-16 17:32:43 +01:00
Marcin Kurczewski	9ec269330c	Dependancy extensions safety checks	2013-11-13 23:36:58 +01:00
Marcin Kurczewski	8cd457848c	Removed need for strict typing	2013-11-13 22:14:32 +01:00
Marcin Kurczewski	70a4b46cf1	Foreign key fix	2013-11-13 19:54:36 +01:00
Marcin Kurczewski	202c820a9a	Closed #59	2013-11-13 19:44:36 +01:00
Marcin Kurczewski	5e30253789	Closed #58	2013-11-13 19:42:22 +01:00
Marcin Kurczewski	6fadc612fd	Changed feature image style	2013-11-10 12:23:59 +01:00
Marcin Kurczewski	7faf46beb9	Changed .ini a bit	2013-11-10 11:18:00 +01:00
Marcin Kurczewski	7b014f036b	Fixes to mass-tag	2013-11-06 00:51:16 +01:00
Marcin Kurczewski	51dbc65754	Version upgrade (0.3.0)	2013-11-05 14:42:46 +01:00
Marcin Kurczewski	b8fedc1297	Tags are sorted alphabetically	2013-11-05 13:56:20 +01:00
Marcin Kurczewski	bb0e844e4e	In case of misisng view file, render in JSON	2013-11-05 09:27:34 +01:00
Marcin Kurczewski	09b5a38c95	Fixed issue with masstag in endless scrolling mode	2013-11-05 09:17:44 +01:00
Marcin Kurczewski	b093a090eb	Closed #56	2013-11-03 09:30:38 +01:00
Marcin Kurczewski	e1c8139373	Unused tags are removed on post edit	2013-11-01 20:51:19 +01:00
Marcin Kurczewski	101864459d	Added safety check for tag renaming	2013-11-01 20:44:01 +01:00
Marcin Kurczewski	f7a0b7b440	Focused tab is marked with different color	2013-11-01 15:41:56 +01:00
Marcin Kurczewski	b3f15dc049	Header becomes less bloated in favor of tabs	2013-11-01 12:58:54 +01:00
Marcin Kurczewski	be919603e3	Tag list gets tabbed interface	2013-11-01 12:58:48 +01:00
Marcin Kurczewski	ac506e8c95	Added mass tag to header	2013-11-01 12:05:06 +01:00
Marcin Kurczewski	8d5b82287a	Fixed empty search queries in mass tag	2013-11-01 12:02:42 +01:00
Marcin Kurczewski	f32c045349	Upload: increased thumbnail size to 150x150px	2013-11-01 10:38:32 +01:00
Marcin Kurczewski	579df65c21	Increased source length limit to 200 chars	2013-11-01 10:37:35 +01:00
Marcin Kurczewski	c4faa3bf85	Added benchmark helper	2013-11-01 10:08:43 +01:00
Marcin Kurczewski	c3b2c68add	Faster tag list	2013-11-01 10:08:35 +01:00
Marcin Kurczewski	fe99f97287	Tag merging: fixed validation	2013-11-01 09:42:13 +01:00
Marcin Kurczewski	bd05123cfc	Post view: safety marked with color	2013-10-31 14:02:22 +01:00
Marcin Kurczewski	9110a27167	Another safety switcher glitch fix	2013-10-30 23:33:18 +01:00
Marcin Kurczewski	fd99821bd7	Logging in remembers original URL	2013-10-30 23:24:27 +01:00
Marcin Kurczewski	ad8f2a8038	Changed thumb privilege (for weird configurations)	2013-10-30 23:04:50 +01:00
Marcin Kurczewski	86c811b0e7	Added script for removing letterbox borders	2013-10-30 23:02:18 +01:00
Marcin Kurczewski	ea4c7fac6e	Added script for CLI post search Other updates include removing unnecessary context retrieval and making post query builder CLI friendly.	2013-10-30 22:47:33 +01:00
Marcin Kurczewski	1714e9e665	Added support for post relations	2013-10-30 20:20:01 +01:00
Marcin Kurczewski	157572d9ca	Fixed post deletion When post was deleted foreign keys in corresponding comments weren't NULLified.	2013-10-30 17:06:35 +01:00
Marcin Kurczewski	19eea1e5b6	Login form: checkbox works when clicking text	2013-10-30 16:53:25 +01:00
Marcin Kurczewski	b7084d61ae	Closed #51 - anonymous uploads; simplified JS	2013-10-30 16:51:22 +01:00
Marcin Kurczewski	36caef3831	Tag list respects safety settings	2013-10-30 16:22:46 +01:00
Marcin Kurczewski	e0c4c28e70	Micro optimizations for tag list	2013-10-29 23:21:41 +01:00
Marcin Kurczewski	96d994eeea	CSS enhancements for focused elements	2013-10-29 23:01:02 +01:00
Marcin Kurczewski	bc43883339	Closed #54 - added mass tag - Moved tag forms to separate files - Tag forms got tag autocompletion	2013-10-29 23:00:21 +01:00
Marcin Kurczewski	cf1b5837a7	Reduced thumbnail size (PNG->JPG)	2013-10-29 09:27:02 +01:00
Marcin Kurczewski	f119ab724a	Paginator: A/D hotkeys disabled in endless mode	2013-10-28 13:01:49 +01:00
Marcin Kurczewski	3130a66ad3	Fixed browsing settings	2013-10-28 12:58:18 +01:00
Marcin Kurczewski	e2e9d9bf13	Fixed default safety	2013-10-28 11:26:45 +01:00
Marcin Kurczewski	9e6716021a	Models: enhanced entities filtering	2013-10-28 11:24:11 +01:00
Marcin Kurczewski	49b91b7f55	Fixed (un)banning users (missing column in DB)	2013-10-27 23:23:48 +01:00
Marcin Kurczewski	2aaafcd0de	Updated help	2013-10-27 23:22:37 +01:00
Marcin Kurczewski	24f5024db3	Fixed tag autocompletion It yielded too many results in some cases.	2013-10-27 23:14:48 +01:00
Marcin Kurczewski	e346a8e57c	Added new search keywords - tagmin, tagmax - commentmin, commentmax	2013-10-27 23:02:15 +01:00
Marcin Kurczewski	558f8f42c8	Closed #55	2013-10-27 22:55:14 +01:00
Marcin Kurczewski	2f8d43cb4b	Post edit link: focus the form on click	2013-10-27 22:47:20 +01:00
Marcin Kurczewski	c4d5263422	Next/prev post navigation respects safety settings Before change this setting was either ignored or errors were shown if users was unable to view given post.	2013-10-27 20:51:03 +01:00
Marcin Kurczewski	3f3024d6ac	Added avatars for unknown users	2013-10-27 20:46:10 +01:00
Marcin Kurczewski	b55a8f1dce	Closed #52 - fixes for anonymous accounts - Anonymous account is no longer created when commenting/uploading - Anonymous users can now switch safety, if it's available - Anonymous users can delete their own posts - Refurbished session and logging in/out mechanism - Possible fixes for registration/activation/account deletion issues	2013-10-27 20:39:32 +01:00
Marcin Kurczewski	f726690ea3	Closed #53	2013-10-27 19:32:48 +01:00
Marcin Kurczewski	0d360d525e	SWF thumbnails: support for gnash Swfrender produced mostly black squares. Gnash handles SWF files much, much better than swfrender.	2013-10-27 19:27:25 +01:00
Marcin Kurczewski	bddf04ea78	Hotkeys should no longer get in the way	2013-10-26 12:39:15 +02:00
Marcin Kurczewski	d92d49d60d	Posts: clickable source links; "unknown" if empty	2013-10-26 12:30:17 +02:00
Marcin Kurczewski	35146e9587	Markdown: refurbished link parsing - Added parsing of plain links in Markdown - Linking with []() syntax should no longer produce relative links	2013-10-26 12:26:22 +02:00