Move admin pages to Controller system

2076b209 · Scott · 0924669a · 2076b209 · 2076b209 · 2076b209
Commit 2076b209 authored Jul 31, 2020 by Scott
11 changed files
--- a/qa-include/app/routing.php
+++ b/qa-include/app/routing.php
@@ -46,9 +46,31 @@ function qa_controller_routing(Router $router)
 	$router->addRoute('GET', 'ip/{str}', "$ns\User\Ip", 'address', ['template' => 'ip']);
 	$router->addRoute('POST', 'ip/{str}', "$ns\User\Ip", 'address', ['template' => 'ip']);
-	$router->addRoute('GET', 'admin/stats', "$ns\Admin\Stats", 'index', ['template' => 'admin']);
+	$router->addRoute('GET', 'admin/userfields', "$ns\Admin\UserFields", 'index', ['template' => 'admin']);
+	$router->addRoute('POST', 'admin/userfields', "$ns\Admin\UserFields", 'index', ['template' => 'admin']);
+	$router->addRoute('GET', 'admin/usertitles', "$ns\Admin\UserTitles", 'index', ['template' => 'admin']);
+	$router->addRoute('POST', 'admin/usertitles', "$ns\Admin\UserTitles", 'index', ['template' => 'admin']);
+	$router->addRoute('GET', 'admin/layoutwidgets', "$ns\Admin\Widgets", 'index', ['template' => 'admin']);
+	$router->addRoute('POST', 'admin/layoutwidgets', "$ns\Admin\Widgets", 'index', ['template' => 'admin']);
+	$router->addRoute('GET', 'admin/categories', "$ns\Admin\Categories", 'index', ['template' => 'admin']);
+	$router->addRoute('POST', 'admin/categories', "$ns\Admin\Categories", 'index', ['template' => 'admin']);
+	$router->addRoute('GET', 'admin/pages', "$ns\Admin\Pages", 'index', ['template' => 'admin']);
+	$router->addRoute('POST', 'admin/pages', "$ns\Admin\Pages", 'index', ['template' => 'admin']);
 	$router->addRoute('GET', 'admin/points', "$ns\Admin\Points", 'index', ['template' => 'admin']);
 	$router->addRoute('POST', 'admin/points', "$ns\Admin\Points", 'index', ['template' => 'admin']);
+	$router->addRoute('GET', 'admin/stats', "$ns\Admin\Stats", 'index', ['template' => 'admin']);
+	$router->addRoute('GET', 'admin/plugins', "$ns\Admin\Plugins", 'index', ['template' => 'admin']);
+	$router->addRoute('POST', 'admin/plugins', "$ns\Admin\Plugins", 'index', ['template' => 'admin']);
+	$router->addRoute('GET', 'admin/moderate', "$ns\Admin\Moderate", 'index', ['template' => 'admin']);
+	$router->addRoute('POST', 'admin/moderate', "$ns\Admin\Moderate", 'index', ['template' => 'admin']);
+	$router->addRoute('GET', 'admin/flagged', "$ns\Admin\Flagged", 'index', ['template' => 'admin']);
+	$router->addRoute('POST', 'admin/flagged', "$ns\Admin\Flagged", 'index', ['template' => 'admin']);
+	$router->addRoute('GET', 'admin/hidden', "$ns\Admin\Hidden", 'index', ['template' => 'admin']);
+	$router->addRoute('POST', 'admin/hidden', "$ns\Admin\Hidden", 'index', ['template' => 'admin']);
+	$router->addRoute('GET', 'admin/approve', "$ns\Admin\Approve", 'index', ['template' => 'admin']);
+	$router->addRoute('POST', 'admin/approve', "$ns\Admin\Approve", 'index', ['template' => 'admin']);
 }
 /**
@@ -63,17 +85,7 @@ function qa_page_routing()
 		'account' => 'pages/account.php',
 		'activity/' => 'pages/activity.php',
 		'admin/' => 'pages/admin/admin-default.php',
-		'admin/approve' => 'pages/admin/admin-approve.php',
-		'admin/categories' => 'pages/admin/admin-categories.php',
-		'admin/flagged' => 'pages/admin/admin-flagged.php',
-		'admin/hidden' => 'pages/admin/admin-hidden.php',
-		'admin/layoutwidgets' => 'pages/admin/admin-widgets.php',
-		'admin/moderate' => 'pages/admin/admin-moderate.php',
-		'admin/pages' => 'pages/admin/admin-pages.php',
-		'admin/plugins' => 'pages/admin/admin-plugins.php',
 		'admin/recalc' => 'pages/admin/admin-recalc.php',
-		'admin/userfields' => 'pages/admin/admin-userfields.php',
-		'admin/usertitles' => 'pages/admin/admin-usertitles.php',
 		'answers/' => 'pages/answers.php',
 		'ask' => 'pages/ask.php',
 		'categories/' => 'pages/categories.php',

--- a/qa-include/pages/admin/admin-approve.php
+++ b/qa-include/pages/admin/admin-approve.php
@@ -3,9 +3,6 @@
 	Question2Answer by Gideon Greenspan and contributors
 	http://www.question2answer.org/
-	Description: Controller for admin page showing new users waiting for approval
 	This program is free software; you can redistribute it and/or
 	modify it under the terms of the GNU General Public License
 	as published by the Free Software Foundation; either version 2
@@ -19,51 +16,63 @@
 	More about this license: http://www.question2answer.org/license.php
 */
-if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
+namespace Q2A\Controllers\Admin;
-	header('Location: ../../../');
-	exit;
-}
-require_once QA_INCLUDE_DIR . 'app/admin.php';
+use Q2A\Controllers\BaseController;
-require_once QA_INCLUDE_DIR . 'db/admin.php';
+use Q2A\Database\DbConnection;
+use Q2A\Middleware\Auth\MinimumUserLevel;
+/**
+ * Controller for admin page showing new users waiting for approval.
+ */
+class Approve extends BaseController
+{
+	public function __construct(DbConnection $db)
+	{
+		require_once QA_INCLUDE_DIR . 'app/admin.php';
+		require_once QA_INCLUDE_DIR . 'db/admin.php';
-// Check we're not using single-sign on integration
+		parent::__construct($db);
-if (QA_FINAL_EXTERNAL_USERS)
+		// Check we're not using single-sign on integration
-	qa_fatal_error('User accounts are handled by external code');
+		if (QA_FINAL_EXTERNAL_USERS) {
+			qa_fatal_error('User accounts are handled by external code');
+		}
+	}
-// Find most flagged questions, answers, comments
+	public function index()
+	{
+		// Find most flagged questions, answers, comments
-$userid = qa_get_logged_in_userid();
+		$userid = qa_get_logged_in_userid();
-$users = qa_db_get_unapproved_users(qa_opt('page_size_users'));
+		$users = qa_db_get_unapproved_users(qa_opt('page_size_users'));
-$userfields = qa_db_select_with_pending(qa_db_userfields_selectspec());
+		$userfields = qa_db_select_with_pending(qa_db_userfields_selectspec());
-// Check admin privileges (do late to allow one DB query)
+		// Check admin privileges (do late to allow one DB query)
-if (qa_get_logged_in_level() < QA_USER_LEVEL_MODERATOR) {
+		if (qa_get_logged_in_level() < QA_USER_LEVEL_MODERATOR) {
 			$qa_content = qa_content_prepare();
 			$qa_content['error'] = qa_lang_html('users/no_permission');
 			return $qa_content;
-}
+		}
-// Check to see if any were approved or blocked here
+		// Check to see if any were approved or blocked here
-$pageerror = qa_admin_check_clicks();
+		$pageerror = qa_admin_check_clicks();
-// Prepare content for theme
+		// Prepare content for theme
-$qa_content = qa_content_prepare();
+		$qa_content = qa_content_prepare();
-$qa_content['title'] = qa_lang_html('admin/recent_users_title');
+		$qa_content['title'] = qa_lang_html('admin/recent_users_title');
-$qa_content['error'] = isset($pageerror) ? $pageerror : qa_admin_page_error();
+		$qa_content['error'] = isset($pageerror) ? $pageerror : qa_admin_page_error();
-$qa_content['message_list'] = array(
+		$qa_content['message_list'] = array(
 			'form' => array(
 				'tags' => 'method="post" action="' . qa_self_html() . '"',
@@ -73,10 +82,10 @@ $qa_content['message_list'] = array(
 			),
 			'messages' => array(),
-);
+		);
-if (count($users)) {
+		if (count($users)) {
 			foreach ($users as $user) {
 				$message = array();
@@ -125,12 +134,14 @@ if (count($users)) {
 				$qa_content['message_list']['messages'][] = $message;
 			}
-} else
+		} else
 			$qa_content['title'] = qa_lang_html('admin/no_unapproved_found');
-$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
+		$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
-$qa_content['script_rel'][] = 'qa-content/qa-admin.js?' . QA_VERSION;
+		$qa_content['script_rel'][] = 'qa-content/qa-admin.js?' . QA_VERSION;
-return $qa_content;
+		return $qa_content;
+	}
+}
--- a/qa-include/pages/admin/admin-categories.php
+++ b/qa-include/pages/admin/admin-categories.php
@@ -3,9 +3,6 @@
 	Question2Answer by Gideon Greenspan and contributors
 	http://www.question2answer.org/
-	Description: Controller for admin page for editing categories
 	This program is free software; you can redistribute it and/or
 	modify it under the terms of the GNU General Public License
 	as published by the Free Software Foundation; either version 2
@@ -19,44 +16,58 @@
 	More about this license: http://www.question2answer.org/license.php
 */
-if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
+namespace Q2A\Controllers\Admin;
-	header('Location: ../../../');
-	exit;
-}
-require_once QA_INCLUDE_DIR . 'app/admin.php';
+use Q2A\Controllers\BaseController;
-require_once QA_INCLUDE_DIR . 'db/selects.php';
+use Q2A\Database\DbConnection;
-require_once QA_INCLUDE_DIR . 'db/admin.php';
+use Q2A\Middleware\Auth\MinimumUserLevel;
-require_once QA_INCLUDE_DIR . 'app/format.php';
+/**
+ * Controller for admin page for editing categories.
+ */
+class Categories extends BaseController
+{
+	public function __construct(DbConnection $db)
+	{
+		require_once QA_INCLUDE_DIR . 'app/admin.php';
+		require_once QA_INCLUDE_DIR . 'db/selects.php';
+		require_once QA_INCLUDE_DIR . 'db/admin.php';
+		require_once QA_INCLUDE_DIR . 'app/format.php';
+		parent::__construct($db);
+		$this->addMiddleware(new MinimumUserLevel(QA_USER_LEVEL_ADMIN));
+	}
-// Get relevant list of categories
+	public function index()
+	{
+		// Get relevant list of categories
-$editcategoryid = qa_post_text('edit');
+		$editcategoryid = qa_post_text('edit');
-if (!isset($editcategoryid))
+		if (!isset($editcategoryid))
 			$editcategoryid = qa_get('edit');
-if (!isset($editcategoryid))
+		if (!isset($editcategoryid))
 			$editcategoryid = qa_get('addsub');
-$categories = qa_db_select_with_pending(qa_db_category_nav_selectspec($editcategoryid, true, false, true));
+		$categories = qa_db_select_with_pending(qa_db_category_nav_selectspec($editcategoryid, true, false, true));
-// Check admin privileges (do late to allow one DB query)
+		// Check admin privileges (do late to allow one DB query)
-if (!qa_admin_check_privileges($qa_content))
+		if (!qa_admin_check_privileges($qa_content))
 			return $qa_content;
-// Work out the appropriate state for the page
+		// Work out the appropriate state for the page
-$editcategory = @$categories[$editcategoryid];
+		$editcategory = @$categories[$editcategoryid];
-if (isset($editcategory)) {
+		if (isset($editcategory)) {
 			$parentid = qa_get('addsub');
 			if (isset($parentid))
 				$editcategory = array('parentid' => $parentid);
-} else {
+		} else {
 			if (qa_clicked('doaddcategory'))
 				$editcategory = array();
@@ -64,25 +75,25 @@ if (isset($editcategory)) {
 				$parentid = qa_post_text('parent');
 				$editcategory = array('parentid' => strlen($parentid) ? $parentid : null);
 			}
-}
+		}
-$setmissing = qa_post_text('missing') || qa_get('missing');
+		$setmissing = qa_post_text('missing') || qa_get('missing');
-$setparent = !$setmissing && (qa_post_text('setparent') || qa_get('setparent')) && isset($editcategory['categoryid']);
+		$setparent = !$setmissing && (qa_post_text('setparent') || qa_get('setparent')) && isset($editcategory['categoryid']);
-$hassubcategory = false;
+		$hassubcategory = false;
-foreach ($categories as $category) {
+		foreach ($categories as $category) {
 			if (!strcmp($category['parentid'], $editcategoryid))
 				$hassubcategory = true;
-}
+		}
-// Process saving options
+		// Process saving options
-$savedoptions = false;
+		$savedoptions = false;
-$securityexpired = false;
+		$securityexpired = false;
-if (qa_clicked('dosaveoptions')) {
+		if (qa_clicked('dosaveoptions')) {
 			if (!qa_check_form_security_code('admin/categories', qa_post_text('code')))
 				$securityexpired = true;
@@ -91,12 +102,12 @@ if (qa_clicked('dosaveoptions')) {
 				qa_set_option('allow_no_sub_category', (int)qa_post_text('option_allow_no_sub_category'));
 				$savedoptions = true;
 			}
-}
+		}
-// Process saving an old or new category
+		// Process saving an old or new category
-if (qa_clicked('docancel')) {
+		if (qa_clicked('docancel')) {
 			if ($setmissing || $setparent)
 				qa_redirect(qa_request(), array('edit' => $editcategory['categoryid']));
 			elseif (isset($editcategory['categoryid']))
@@ -104,7 +115,7 @@ if (qa_clicked('docancel')) {
 			else
 				qa_redirect(qa_request(), array('edit' => @$editcategory['parentid']));
-} elseif (qa_clicked('dosetmissing')) {
+		} elseif (qa_clicked('dosetmissing')) {
 			if (!qa_check_form_security_code('admin/categories', qa_post_text('code')))
 				$securityexpired = true;
@@ -114,7 +125,7 @@ if (qa_clicked('docancel')) {
 				qa_redirect(qa_request(), array('recalc' => 1, 'edit' => $editcategory['categoryid']));
 			}
-} elseif (qa_clicked('dosavecategory')) {
+		} elseif (qa_clicked('dosavecategory')) {
 			if (!qa_check_form_security_code('admin/categories', qa_post_text('code')))
 				$securityexpired = true;
@@ -251,17 +262,17 @@ if (qa_clicked('docancel')) {
 					}
 				}
 			}
-}
+		}
-// Prepare content for theme
+		// Prepare content for theme
-$qa_content = qa_content_prepare();
+		$qa_content = qa_content_prepare();
-$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/categories_title');
+		$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/categories_title');
-$qa_content['error'] = $securityexpired ? qa_lang_html('admin/form_security_expired') : qa_admin_page_error();
+		$qa_content['error'] = $securityexpired ? qa_lang_html('admin/form_security_expired') : qa_admin_page_error();
-if ($setmissing) {
+		if ($setmissing) {
 			$qa_content['form'] = array(
 				'tags' => 'method="post" action="' . qa_path_html(qa_request()) . '"',
@@ -300,7 +311,7 @@ if ($setmissing) {
 				$categories, @$editcategory['categoryid'], qa_opt('allow_no_category'), qa_opt('allow_no_sub_category'));
-} elseif (isset($editcategory)) {
+		} elseif (isset($editcategory)) {
 			$qa_content['form'] = array(
 				'tags' => 'method="post" action="' . qa_path_html(qa_request()) . '"',
@@ -544,7 +555,7 @@ if ($setmissing) {
 				}
 			}
-} else {
+		} else {
 			$qa_content['form'] = array(
 				'tags' => 'method="post" action="' . qa_path_html(qa_request()) . '"',
@@ -629,9 +640,9 @@ if ($setmissing) {
 			} else
 				unset($qa_content['form']['buttons']['save']);
-}
+		}
-if (qa_get('recalc')) {
+		if (qa_get('recalc')) {
 			$qa_content['form']['ok'] = '<span id="recalc_ok">' . qa_lang_html('admin/recalc_categories') . '</span>';
 			$qa_content['form']['hidden']['code_recalc'] = qa_get_form_security_code('admin/recalc');
@@ -641,9 +652,11 @@ if (qa_get('recalc')) {
 			$qa_content['script_onloads'][] = array(
 				"qa_recalc_click('dorecalccategories', document.getElementById('dosaveoptions'), null, 'recalc_ok');"
 			);
-}
+		}
-$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
+		$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
-return $qa_content;
+		return $qa_content;
+	}
+}
--- a/qa-include/pages/admin/admin-flagged.php
+++ b/qa-include/pages/admin/admin-flagged.php
@@ -3,9 +3,6 @@
 	Question2Answer by Gideon Greenspan and contributors
 	http://www.question2answer.org/
-	Description: Controller for admin page showing posts with the most flags
 	This program is free software; you can redistribute it and/or
 	modify it under the terms of the GNU General Public License
 	as published by the Free Software Foundation; either version 2
@@ -19,63 +16,75 @@
 	More about this license: http://www.question2answer.org/license.php
 */
-if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
+namespace Q2A\Controllers\Admin;
-	header('Location: ../../../');
-	exit;
+use Q2A\Controllers\BaseController;
-}
+use Q2A\Database\DbConnection;
+use Q2A\Middleware\Auth\MinimumUserLevel;
-require_once QA_INCLUDE_DIR . 'app/admin.php';
+/**
-require_once QA_INCLUDE_DIR . 'db/selects.php';
+ * Controller for admin page showing posts with the most flags.
-require_once QA_INCLUDE_DIR . 'app/format.php';
+ */
+class Flagged extends BaseController
+{
+	public function __construct(DbConnection $db)
+	{
+		require_once QA_INCLUDE_DIR . 'app/admin.php';
+		require_once QA_INCLUDE_DIR . 'db/selects.php';
+		require_once QA_INCLUDE_DIR . 'app/format.php';
+		parent::__construct($db);
+	}
-// Find most flagged questions, answers, comments
+	public function index()
+	{
+		// Find most flagged questions, answers, comments
-$userid = qa_get_logged_in_userid();
+		$userid = qa_get_logged_in_userid();
-$questions = qa_db_select_with_pending(
+		$questions = qa_db_select_with_pending(
 			qa_db_flagged_post_qs_selectspec($userid, 0, true)
-);
+		);
-// Check admin privileges (do late to allow one DB query)
+		// Check admin privileges (do late to allow one DB query)
-if (qa_user_maximum_permit_error('permit_hide_show')) {
+		if (qa_user_maximum_permit_error('permit_hide_show')) {
 			$qa_content = qa_content_prepare();
 			$qa_content['error'] = qa_lang_html('users/no_permission');
 			return $qa_content;
-}
+		}
-// Check to see if any were cleared or hidden here
+		// Check to see if any were cleared or hidden here
-$pageerror = qa_admin_check_clicks();
+		$pageerror = qa_admin_check_clicks();
-// Remove questions the user has no permission to hide/show
+		// Remove questions the user has no permission to hide/show
-if (qa_user_permit_error('permit_hide_show')) { // if user not allowed to show/hide all posts
+		if (qa_user_permit_error('permit_hide_show')) { // if user not allowed to show/hide all posts
 			foreach ($questions as $index => $question) {
 				if (qa_user_post_permit_error('permit_hide_show', $question)) {
 					unset($questions[$index]);
 				}
 			}
-}
+		}
-// Get information for users
+		// Get information for users
-$usershtml = qa_userids_handles_html(qa_any_get_userids_handles($questions));
+		$usershtml = qa_userids_handles_html(qa_any_get_userids_handles($questions));
-// Prepare content for theme
+		// Prepare content for theme
-$qa_content = qa_content_prepare();
+		$qa_content = qa_content_prepare();
-$qa_content['title'] = qa_lang_html('admin/most_flagged_title');
+		$qa_content['title'] = qa_lang_html('admin/most_flagged_title');
-$qa_content['error'] = isset($pageerror) ? $pageerror : qa_admin_page_error();
+		$qa_content['error'] = isset($pageerror) ? $pageerror : qa_admin_page_error();
-$qa_content['q_list'] = array(
+		$qa_content['q_list'] = array(
 			'form' => array(
 				'tags' => 'method="post" action="' . qa_self_html() . '"',
@@ -85,10 +94,10 @@ $qa_content['q_list'] = array(
 			),
 			'qs' => array(),
-);
+		);
-if (count($questions)) {
+		if (count($questions)) {
 			foreach ($questions as $question) {
 				$postid = qa_html(isset($question['opostid']) ? $question['opostid'] : $question['postid']);
 				$elementid = 'p' . $postid;
@@ -126,12 +135,14 @@ if (count($questions)) {
 				$qa_content['q_list']['qs'][] = $htmlfields;
 			}
-} else
+		} else
 			$qa_content['title'] = qa_lang_html('admin/no_flagged_found');
-$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
+		$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
-$qa_content['script_rel'][] = 'qa-content/qa-admin.js?' . QA_VERSION;
+		$qa_content['script_rel'][] = 'qa-content/qa-admin.js?' . QA_VERSION;
-return $qa_content;
+		return $qa_content;
+	}
+}
--- a/qa-include/pages/admin/admin-hidden.php
+++ b/qa-include/pages/admin/admin-hidden.php
@@ -3,9 +3,6 @@
 	Question2Answer by Gideon Greenspan and contributors
 	http://www.question2answer.org/
-	Description: Controller for admin page showing hidden questions, answers and comments
 	This program is free software; you can redistribute it and/or
 	modify it under the terms of the GNU General Public License
 	as published by the Free Software Foundation; either version 2
@@ -19,77 +16,89 @@
 	More about this license: http://www.question2answer.org/license.php
 */
-if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
+namespace Q2A\Controllers\Admin;
-	header('Location: ../../../');
-	exit;
+use Q2A\Controllers\BaseController;
-}
+use Q2A\Database\DbConnection;
+use Q2A\Middleware\Auth\MinimumUserLevel;
-require_once QA_INCLUDE_DIR . 'app/admin.php';
-require_once QA_INCLUDE_DIR . 'db/admin.php';
+/**
-require_once QA_INCLUDE_DIR . 'db/selects.php';
+ * Controller for admin page showing hidden questions, answers and comments.
-require_once QA_INCLUDE_DIR . 'app/format.php';
+ */
+class Hidden extends BaseController
+{
+	public function __construct(DbConnection $db)
+	{
+		require_once QA_INCLUDE_DIR . 'app/admin.php';
+		require_once QA_INCLUDE_DIR . 'db/admin.php';
+		require_once QA_INCLUDE_DIR . 'db/selects.php';
+		require_once QA_INCLUDE_DIR . 'app/format.php';
+		parent::__construct($db);
+	}
-// Find recently hidden questions, answers, comments
+	public function index()
+	{
+		// Find recently hidden questions, answers, comments
-$userid = qa_get_logged_in_userid();
+		$userid = qa_get_logged_in_userid();
-list($hiddenquestions, $hiddenanswers, $hiddencomments) = qa_db_select_with_pending(
+		list($hiddenquestions, $hiddenanswers, $hiddencomments) = qa_db_select_with_pending(
 			qa_db_qs_selectspec($userid, 'created', 0, null, null, 'Q_HIDDEN', true),
 			qa_db_recent_a_qs_selectspec($userid, 0, null, null, 'A_HIDDEN', true),
 			qa_db_recent_c_qs_selectspec($userid, 0, null, null, 'C_HIDDEN', true)
-);
+		);
-// Check admin privileges (do late to allow one DB query)
+		// Check admin privileges (do late to allow one DB query)
-if (qa_user_maximum_permit_error('permit_hide_show') && qa_user_maximum_permit_error('permit_delete_hidden')) {
+		if (qa_user_maximum_permit_error('permit_hide_show') && qa_user_maximum_permit_error('permit_delete_hidden')) {
 			$qa_content = qa_content_prepare();
 			$qa_content['error'] = qa_lang_html('users/no_permission');
 			return $qa_content;
-}
+		}
-// Check to see if any have been reshown or deleted
+		// Check to see if any have been reshown or deleted
-$pageerror = qa_admin_check_clicks();
+		$pageerror = qa_admin_check_clicks();
-// Combine sets of questions and remove those this user has no permissions for
+		// Combine sets of questions and remove those this user has no permissions for
-$questions = qa_any_sort_by_date(array_merge($hiddenquestions, $hiddenanswers, $hiddencomments));
+		$questions = qa_any_sort_by_date(array_merge($hiddenquestions, $hiddenanswers, $hiddencomments));
-if (qa_user_permit_error('permit_hide_show') && qa_user_permit_error('permit_delete_hidden')) { // not allowed to see all hidden posts
+		if (qa_user_permit_error('permit_hide_show') && qa_user_permit_error('permit_delete_hidden')) { // not allowed to see all hidden posts
 			foreach ($questions as $index => $question) {
 				if (qa_user_post_permit_error('permit_hide_show', $question) && qa_user_post_permit_error('permit_delete_hidden', $question)) {
 					unset($questions[$index]);
 				}
 			}
-}
+		}
-// Get information for users
+		// Get information for users
-$usershtml = qa_userids_handles_html(qa_any_get_userids_handles($questions));
+		$usershtml = qa_userids_handles_html(qa_any_get_userids_handles($questions));
-// Create list of actual hidden postids and see which ones have dependents
+		// Create list of actual hidden postids and see which ones have dependents
-$qhiddenpostid = array();
+		$qhiddenpostid = array();
-foreach ($questions as $key => $question)
+		foreach ($questions as $key => $question)
 			$qhiddenpostid[$key] = isset($question['opostid']) ? $question['opostid'] : $question['postid'];
-$dependcounts = qa_db_postids_count_dependents($qhiddenpostid);
+		$dependcounts = qa_db_postids_count_dependents($qhiddenpostid);
-// Prepare content for theme
+		// Prepare content for theme
-$qa_content = qa_content_prepare();
+		$qa_content = qa_content_prepare();
-$qa_content['title'] = qa_lang_html('admin/recent_hidden_title');
+		$qa_content['title'] = qa_lang_html('admin/recent_hidden_title');
-$qa_content['error'] = isset($pageerror) ? $pageerror : qa_admin_page_error();
+		$qa_content['error'] = isset($pageerror) ? $pageerror : qa_admin_page_error();
-$qa_content['q_list'] = array(
+		$qa_content['q_list'] = array(
 			'form' => array(
 				'tags' => 'method="post" action="' . qa_self_html() . '"',
@@ -99,9 +108,9 @@ $qa_content['q_list'] = array(
 			),
 			'qs' => array(),
-);
+		);
-if (count($questions)) {
+		if (count($questions)) {
 			foreach ($questions as $key => $question) {
 				$elementid = 'p' . $qhiddenpostid[$key];
@@ -160,12 +169,14 @@ if (count($questions)) {
 				$qa_content['q_list']['qs'][] = $htmlfields;
 			}
-} else
+		} else
 			$qa_content['title'] = qa_lang_html('admin/no_hidden_found');
-$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
+		$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
-$qa_content['script_rel'][] = 'qa-content/qa-admin.js?' . QA_VERSION;
+		$qa_content['script_rel'][] = 'qa-content/qa-admin.js?' . QA_VERSION;
-return $qa_content;
+		return $qa_content;
+	}
+}
--- a/qa-include/pages/admin/admin-moderate.php
+++ b/qa-include/pages/admin/admin-moderate.php
@@ -3,9 +3,6 @@
 	Question2Answer by Gideon Greenspan and contributors
 	http://www.question2answer.org/
-	Description: Controller for admin page showing questions, answers and comments waiting for approval
 	This program is free software; you can redistribute it and/or
 	modify it under the terms of the GNU General Public License
 	as published by the Free Software Foundation; either version 2
@@ -19,66 +16,78 @@
 	More about this license: http://www.question2answer.org/license.php
 */
-if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
+namespace Q2A\Controllers\Admin;
-	header('Location: ../../../');
-	exit;
+use Q2A\Controllers\BaseController;
-}
+use Q2A\Database\DbConnection;
+use Q2A\Middleware\Auth\MinimumUserLevel;
-require_once QA_INCLUDE_DIR . 'app/admin.php';
+/**
-require_once QA_INCLUDE_DIR . 'db/selects.php';
+ * Controller for admin page showing questions, answers and comments waiting for approval.
-require_once QA_INCLUDE_DIR . 'app/format.php';
+ */
+class Moderate extends BaseController
+{
+	public function __construct(DbConnection $db)
+	{
+		require_once QA_INCLUDE_DIR . 'app/admin.php';
+		require_once QA_INCLUDE_DIR . 'db/selects.php';
+		require_once QA_INCLUDE_DIR . 'app/format.php';
+		parent::__construct($db);
+	}
-// Find queued questions, answers, comments
+	public function index()
+	{
+		// Find queued questions, answers, comments
-$userid = qa_get_logged_in_userid();
+		$userid = qa_get_logged_in_userid();
-list($queuedquestions, $queuedanswers, $queuedcomments) = qa_db_select_with_pending(
+		list($queuedquestions, $queuedanswers, $queuedcomments) = qa_db_select_with_pending(
 			qa_db_qs_selectspec($userid, 'created', 0, null, null, 'Q_QUEUED', true),
 			qa_db_recent_a_qs_selectspec($userid, 0, null, null, 'A_QUEUED', true),
 			qa_db_recent_c_qs_selectspec($userid, 0, null, null, 'C_QUEUED', true)
-);
+		);
-// Check admin privileges (do late to allow one DB query)
+		// Check admin privileges (do late to allow one DB query)
-if (qa_user_maximum_permit_error('permit_moderate')) {
+		if (qa_user_maximum_permit_error('permit_moderate')) {
 			$qa_content = qa_content_prepare();
 			$qa_content['error'] = qa_lang_html('users/no_permission');
 			return $qa_content;
-}
+		}
-// Check to see if any were approved/rejected here
+		// Check to see if any were approved/rejected here
-$pageerror = qa_admin_check_clicks();
+		$pageerror = qa_admin_check_clicks();
-// Combine sets of questions and remove those this user has no permission to moderate
+		// Combine sets of questions and remove those this user has no permission to moderate
-$questions = qa_any_sort_by_date(array_merge($queuedquestions, $queuedanswers, $queuedcomments));
+		$questions = qa_any_sort_by_date(array_merge($queuedquestions, $queuedanswers, $queuedcomments));
-if (qa_user_permit_error('permit_moderate')) { // if user not allowed to moderate all posts
+		if (qa_user_permit_error('permit_moderate')) { // if user not allowed to moderate all posts
 			foreach ($questions as $index => $question) {
 				if (qa_user_post_permit_error('permit_moderate', $question))
 					unset($questions[$index]);
 			}
-}
+		}
-// Get information for users
+		// Get information for users
-$usershtml = qa_userids_handles_html(qa_any_get_userids_handles($questions));
+		$usershtml = qa_userids_handles_html(qa_any_get_userids_handles($questions));
-// Prepare content for theme
+		// Prepare content for theme
-$qa_content = qa_content_prepare();
+		$qa_content = qa_content_prepare();
-$qa_content['title'] = qa_lang_html('admin/recent_approve_title');
+		$qa_content['title'] = qa_lang_html('admin/recent_approve_title');
-$qa_content['error'] = isset($pageerror) ? $pageerror : qa_admin_page_error();
+		$qa_content['error'] = isset($pageerror) ? $pageerror : qa_admin_page_error();
-$qa_content['q_list'] = array(
+		$qa_content['q_list'] = array(
 			'form' => array(
 				'tags' => 'method="post" action="' . qa_self_html() . '"',
@@ -88,9 +97,9 @@ $qa_content['q_list'] = array(
 			),
 			'qs' => array(),
-);
+		);
-if (count($questions)) {
+		if (count($questions)) {
 			foreach ($questions as $question) {
 				$postid = qa_html(isset($question['opostid']) ? $question['opostid'] : $question['postid']);
 				$elementid = 'p' . $postid;
@@ -148,12 +157,14 @@ if (count($questions)) {
 				$qa_content['q_list']['qs'][] = $htmlfields;
 			}
-} else
+		} else
 			$qa_content['title'] = qa_lang_html('admin/no_approve_found');
-$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
+		$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
-$qa_content['script_rel'][] = 'qa-content/qa-admin.js?' . QA_VERSION;
+		$qa_content['script_rel'][] = 'qa-content/qa-admin.js?' . QA_VERSION;
-return $qa_content;
+		return $qa_content;
+	}
+}
--- a/qa-include/pages/admin/admin-pages.php
+++ b/qa-include/pages/admin/admin-pages.php
@@ -3,9 +3,6 @@
 	Question2Answer by Gideon Greenspan and contributors
 	http://www.question2answer.org/
-	Description: Controller for admin page for editing custom pages and external links
 	This program is free software; you can redistribute it and/or
 	modify it under the terms of the GNU General Public License
 	as published by the Free Software Foundation; either version 2
@@ -19,46 +16,60 @@
 	More about this license: http://www.question2answer.org/license.php
 */
-if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
+namespace Q2A\Controllers\Admin;
-	header('Location: ../../../');
-	exit;
-}
-require_once QA_INCLUDE_DIR . 'app/admin.php';
+use Q2A\Controllers\BaseController;
-require_once QA_INCLUDE_DIR . 'app/format.php';
+use Q2A\Database\DbConnection;
-require_once QA_INCLUDE_DIR . 'db/selects.php';
+use Q2A\Middleware\Auth\MinimumUserLevel;
+/**
+ * Controller for admin page for editing custom pages and external links.
+ */
+class Pages extends BaseController
+{
+	public function __construct(DbConnection $db)
+	{
+		require_once QA_INCLUDE_DIR . 'app/admin.php';
+		require_once QA_INCLUDE_DIR . 'app/format.php';
+		require_once QA_INCLUDE_DIR . 'db/selects.php';
-// Get current list of pages and determine the state of this admin page
+		parent::__construct($db);
+		$this->addMiddleware(new MinimumUserLevel(QA_USER_LEVEL_ADMIN));
+	}
-$pageid = qa_post_text('edit');
+	public function index()
-if (!isset($pageid))
+	{
+		// Get current list of pages and determine the state of this admin page
+		$pageid = qa_post_text('edit');
+		if (!isset($pageid))
 			$pageid = qa_get('edit');
-list($pages, $editpage) = qa_db_select_with_pending(
+		list($pages, $editpage) = qa_db_select_with_pending(
 			qa_db_pages_selectspec(),
 			isset($pageid) ? qa_db_page_full_selectspec($pageid, true) : null
-);
+		);
-if ((qa_clicked('doaddpage') || qa_clicked('doaddlink') || qa_get('doaddlink') || qa_clicked('dosavepage')) && !isset($editpage)) {
+		if ((qa_clicked('doaddpage') || qa_clicked('doaddlink') || qa_get('doaddlink') || qa_clicked('dosavepage')) && !isset($editpage)) {
 			$editpage = array('title' => qa_get('text'), 'tags' => qa_get('url'), 'nav' => qa_get('nav'), 'position' => 1);
 			$isexternal = qa_clicked('doaddlink') || qa_get('doaddlink') || qa_post_text('external');
-} elseif (isset($editpage))
+		} elseif (isset($editpage))
 			$isexternal = $editpage['flags'] & QA_PAGE_FLAGS_EXTERNAL;
-// Check admin privileges (do late to allow one DB query)
+		// Check admin privileges (do late to allow one DB query)
-if (!qa_admin_check_privileges($qa_content))
+		if (!qa_admin_check_privileges($qa_content))
 			return $qa_content;
-// Define an array of navigation settings we can change, option name => language key
+		// Define an array of navigation settings we can change, option name => language key
-$hascustomhome = qa_has_custom_home();
+		$hascustomhome = qa_has_custom_home();
-$navoptions = array(
+		$navoptions = array(
 			'nav_home' => 'main/nav_home',
 			'nav_activity' => 'main/nav_activity',
 			$hascustomhome ? 'nav_qa_not_home' : 'nav_qa_is_home' => $hascustomhome ? 'main/nav_qa' : 'admin/nav_qa_is_home',
@@ -69,9 +80,9 @@ $navoptions = array(
 			'nav_categories' => 'main/nav_categories',
 			'nav_users' => 'main/nav_users',
 			'nav_ask' => 'main/nav_ask',
-);
+		);
-$navpaths = array(
+		$navpaths = array(
 			'nav_home' => '',
 			'nav_activity' => 'activity',
 			'nav_qa_not_home' => 'qa',
@@ -83,32 +94,32 @@ $navpaths = array(
 			'nav_categories' => 'categories',
 			'nav_users' => 'users',
 			'nav_ask' => 'ask',
-);
+		);
-if (!qa_opt('show_custom_home'))
+		if (!qa_opt('show_custom_home'))
 			unset($navoptions['nav_home']);
-if (!qa_using_categories())
+		if (!qa_using_categories())
 			unset($navoptions['nav_categories']);
-if (!qa_using_tags())
+		if (!qa_using_tags())
 			unset($navoptions['nav_tags']);
-// Process saving an old or new page
+		// Process saving an old or new page
-$securityexpired = false;
+		$securityexpired = false;
-if (qa_clicked('docancel'))
+		if (qa_clicked('docancel'))
 			$editpage = null;
-elseif (qa_clicked('dosaveoptions') || qa_clicked('doaddpage') || qa_clicked('doaddlink')) {
+		elseif (qa_clicked('dosaveoptions') || qa_clicked('doaddpage') || qa_clicked('doaddlink')) {
 			if (!qa_check_form_security_code('admin/pages', qa_post_text('code')))
 				$securityexpired = true;
 			else foreach ($navoptions as $optionname => $langkey)
 				qa_set_option($optionname, (int)qa_post_text('option_' . $optionname));
-} elseif (qa_clicked('dosavepage')) {
+		} elseif (qa_clicked('dosavepage')) {
 			require_once QA_INCLUDE_DIR . 'db/admin.php';
 			require_once QA_INCLUDE_DIR . 'util/string.php';
@@ -273,17 +284,17 @@ elseif (qa_clicked('dosaveoptions') || qa_clicked('doaddpage') || qa_clicked('do
 					$pages = qa_db_select_with_pending(qa_db_pages_selectspec());
 				}
 			}
-}
+		}
-// Prepare content for theme
+		// Prepare content for theme
-$qa_content = qa_content_prepare();
+		$qa_content = qa_content_prepare();
-$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/pages_title');
+		$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/pages_title');
-$qa_content['error'] = $securityexpired ? qa_lang_html('admin/form_security_expired') : qa_admin_page_error();
+		$qa_content['error'] = $securityexpired ? qa_lang_html('admin/form_security_expired') : qa_admin_page_error();
-if (isset($editpage)) {
+		if (isset($editpage)) {
 			$positionoptions = array();
 			if (!$isexternal)
@@ -462,7 +473,7 @@ if (isset($editpage)) {
 			$qa_content['focusid'] = 'name';
-} else {
+		} else {
 			// List of standard navigation links
 			$qa_content['form'] = array(
 				'tags' => 'method="post" action="' . qa_self_html() . '"',
@@ -566,9 +577,11 @@ if (isset($editpage)) {
 				'type' => 'custom',
 				'html' => strlen($listhtml) ? '<ul style="margin-bottom:0;">' . $listhtml . '</ul>' : null,
 			);
-}
+		}
-$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
+		$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
-return $qa_content;
+		return $qa_content;
+	}
+}
--- a/qa-include/pages/admin/admin-plugins.php
+++ b/qa-include/pages/admin/admin-plugins.php
@@ -3,9 +3,6 @@
 	Question2Answer by Gideon Greenspan and contributors
 	http://www.question2answer.org/
-	Description: Controller for admin page listing plugins and showing their options
 	This program is free software; you can redistribute it and/or
 	modify it under the terms of the GNU General Public License
 	as published by the Free Software Foundation; either version 2
@@ -19,40 +16,49 @@
 	More about this license: http://www.question2answer.org/license.php
 */
-if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
+namespace Q2A\Controllers\Admin;
-	header('Location: ../../../');
-	exit;
-}
-require_once QA_INCLUDE_DIR . 'app/admin.php';
+use Q2A\Controllers\BaseController;
+use Q2A\Database\DbConnection;
+use Q2A\Middleware\Auth\MinimumUserLevel;
+/**
+ * Controller for admin page listing plugins and showing their options.
+ */
+class Plugins extends BaseController
+{
+	public function __construct(DbConnection $db)
+	{
+		require_once QA_INCLUDE_DIR . 'app/admin.php';
-// Check admin privileges
+		parent::__construct($db);
-if (!qa_admin_check_privileges($qa_content))
+		$this->addMiddleware(new MinimumUserLevel(QA_USER_LEVEL_ADMIN));
-	return $qa_content;
+	}
-// Prepare content for theme
+	public function index()
+	{
+		// Prepare content for theme
-$qa_content = qa_content_prepare();
+		$qa_content = qa_content_prepare();
-$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/plugins_title');
+		$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/plugins_title');
-$qa_content['error'] = qa_admin_page_error();
+		$qa_content['error'] = qa_admin_page_error();
-$qa_content['script_rel'][] = 'qa-content/qa-admin.js?' . QA_VERSION;
+		$qa_content['script_rel'][] = 'qa-content/qa-admin.js?' . QA_VERSION;
-$pluginManager = new \Q2A\Plugin\PluginManager();
+		$pluginManager = new \Q2A\Plugin\PluginManager();
-$pluginManager->cleanRemovedPlugins();
+		$pluginManager->cleanRemovedPlugins();
-$enabledPlugins = $pluginManager->getEnabledPlugins();
+		$enabledPlugins = $pluginManager->getEnabledPlugins();
-$fileSystemPlugins = $pluginManager->getFilesystemPlugins();
+		$fileSystemPlugins = $pluginManager->getFilesystemPlugins();
-$pluginHashes = $pluginManager->getHashesForPlugins($fileSystemPlugins);
+		$pluginHashes = $pluginManager->getHashesForPlugins($fileSystemPlugins);
-$showpluginforms = true;
+		$showpluginforms = true;
-if (qa_is_http_post()) {
+		if (qa_is_http_post()) {
 			if (!qa_check_form_security_code('admin/plugins', qa_post_text('qa_form_security_code'))) {
 				$qa_content['error'] = qa_lang_html('misc/form_security_reload');
 				$showpluginforms = false;
@@ -66,16 +72,16 @@ if (qa_is_http_post()) {
 					qa_redirect('admin/plugins');
 				}
 			}
-}
+		}
-// Map modules with options to their containing plugins
+		// Map modules with options to their containing plugins
-$pluginoptionmodules = array();
+		$pluginoptionmodules = array();
-$tables = qa_db_list_tables();
+		$tables = qa_db_list_tables();
-$moduletypes = qa_list_module_types();
+		$moduletypes = qa_list_module_types();
-foreach ($moduletypes as $type) {
+		foreach ($moduletypes as $type) {
 			$modules = qa_list_modules($type);
 			foreach ($modules as $name) {
@@ -90,9 +96,9 @@ foreach ($moduletypes as $type) {
 					);
 				}
 			}
-}
+		}
-foreach ($moduletypes as $type) {
+		foreach ($moduletypes as $type) {
 			$modules = qa_load_modules_with($type, 'init_queries');
 			foreach ($modules as $name => $module) {
@@ -112,10 +118,10 @@ foreach ($moduletypes as $type) {
 					}
 				}
 			}
-}
+		}
-if (!empty($fileSystemPlugins)) {
+		if (!empty($fileSystemPlugins)) {
 			$metadataUtil = new \Q2A\Util\Metadata();
 			$sortedPluginFiles = array();
@@ -246,11 +252,11 @@ if (!empty($fileSystemPlugins)) {
 					}
 				}
 			}
-}
+		}
-$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
+		$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
-$qa_content['form'] = array(
+		$qa_content['form'] = array(
 			'tags' => 'method="post" action="' . qa_self_html() . '" name="plugins_form" onsubmit="qa_get_enabled_plugins_hashes(); return true;"',
 			'style' => 'wide',
@@ -266,7 +272,9 @@ $qa_content['form'] = array(
 				'qa_form_security_code' => qa_get_form_security_code('admin/plugins'),
 				'enabled_plugins_hashes' => '',
 			),
-);
+		);
-return $qa_content;
+		return $qa_content;
+	}
+}
--- a/qa-include/pages/admin/admin-userfields.php
+++ b/qa-include/pages/admin/admin-userfields.php
@@ -3,9 +3,6 @@
 	Question2Answer by Gideon Greenspan and contributors
 	http://www.question2answer.org/
-	Description: Controller for admin page for editing custom user fields
 	This program is free software; you can redistribute it and/or
 	modify it under the terms of the GNU General Public License
 	as published by the Free Software Foundation; either version 2
@@ -19,44 +16,58 @@
 	More about this license: http://www.question2answer.org/license.php
 */
-if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
+namespace Q2A\Controllers\Admin;
-	header('Location: ../../../');
-	exit;
-}
-require_once QA_INCLUDE_DIR . 'app/admin.php';
+use Q2A\Controllers\BaseController;
-require_once QA_INCLUDE_DIR . 'db/selects.php';
+use Q2A\Database\DbConnection;
+use Q2A\Middleware\Auth\MinimumUserLevel;
+/**
+ * Controller for admin page for editing custom user fields.
+ */
+class UserFields extends BaseController
+{
+	public function __construct(DbConnection $db)
+	{
+		require_once QA_INCLUDE_DIR . 'app/admin.php';
+		require_once QA_INCLUDE_DIR . 'db/selects.php';
+		parent::__construct($db);
+		$this->addMiddleware(new MinimumUserLevel(QA_USER_LEVEL_ADMIN));
+	}
-// Get current list of user fields and determine the state of this admin page
+	public function index()
+	{
+		// Get current list of user fields and determine the state of this admin page
-$fieldid = qa_post_text('edit');
+		$fieldid = qa_post_text('edit');
-if (!isset($fieldid))
+		if (!isset($fieldid))
 			$fieldid = qa_get('edit');
-$userfields = qa_db_select_with_pending(qa_db_userfields_selectspec());
+		$userfields = qa_db_select_with_pending(qa_db_userfields_selectspec());
-$editfield = null;
+		$editfield = null;
-foreach ($userfields as $userfield) {
+		foreach ($userfields as $userfield) {
 			if ($userfield['fieldid'] == $fieldid)
 				$editfield = $userfield;
-}
+		}
-// Check admin privileges (do late to allow one DB query)
+		// Check admin privileges (do late to allow one DB query)
-if (!qa_admin_check_privileges($qa_content))
+		if (!qa_admin_check_privileges($qa_content))
 			return $qa_content;
-// Process saving an old or new user field
+		// Process saving an old or new user field
-$securityexpired = false;
+		$securityexpired = false;
-if (qa_clicked('docancel'))
+		if (qa_clicked('docancel'))
 			qa_redirect('admin/users');
-elseif (qa_clicked('dosavefield')) {
+		elseif (qa_clicked('dosavefield')) {
 			require_once QA_INCLUDE_DIR . 'db/admin.php';
 			require_once QA_INCLUDE_DIR . 'util/string.php';
@@ -121,21 +132,21 @@ elseif (qa_clicked('dosavefield')) {
 					}
 				}
 			}
-}
+		}
-// Prepare content for theme
+		// Prepare content for theme
-$qa_content = qa_content_prepare();
+		$qa_content = qa_content_prepare();
-$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/users_title');
+		$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/users_title');
-$qa_content['error'] = $securityexpired ? qa_lang_html('admin/form_security_expired') : qa_admin_page_error();
+		$qa_content['error'] = $securityexpired ? qa_lang_html('admin/form_security_expired') : qa_admin_page_error();
-$positionoptions = array();
+		$positionoptions = array();
-$previous = null;
+		$previous = null;
-$passedself = false;
+		$passedself = false;
-foreach ($userfields as $userfield) {
+		foreach ($userfields as $userfield) {
 			if (isset($previous))
 				$positionhtml = qa_lang_html_sub('admin/after_x', qa_html(qa_user_userfield_label($passedself ? $userfield : $previous)));
 			else
@@ -147,25 +158,25 @@ foreach ($userfields as $userfield) {
 				$passedself = true;
 			$previous = $userfield;
-}
+		}
-if (isset($editfield['position']))
+		if (isset($editfield['position']))
 			$positionvalue = $positionoptions[$editfield['position']];
-else {
+		else {
 			$positionvalue = isset($previous) ? qa_lang_html_sub('admin/after_x', qa_html(qa_user_userfield_label($previous))) : qa_lang_html('admin/first');
 			$positionoptions[1 + @max(array_keys($positionoptions))] = $positionvalue;
-}
+		}
-$typeoptions = array(
+		$typeoptions = array(
 			0 => qa_lang_html('admin/field_single_line'),
 			QA_FIELD_FLAGS_MULTI_LINE => qa_lang_html('admin/field_multi_line'),
 			QA_FIELD_FLAGS_LINK_URL => qa_lang_html('admin/field_link_url'),
-);
+		);
-$permitoptions = qa_admin_permit_options(QA_PERMIT_ALL, QA_PERMIT_ADMINS, false, false);
+		$permitoptions = qa_admin_permit_options(QA_PERMIT_ALL, QA_PERMIT_ADMINS, false, false);
-$permitvalue = @$permitoptions[isset($inpermit) ? $inpermit : $editfield['permit']];
+		$permitvalue = @$permitoptions[isset($inpermit) ? $inpermit : $editfield['permit']];
-$qa_content['form'] = array(
+		$qa_content['form'] = array(
 			'tags' => 'method="post" action="' . qa_path_html(qa_request()) . '"',
 			'style' => 'tall',
@@ -237,22 +248,24 @@ $qa_content['form'] = array(
 				'edit' => @$editfield['fieldid'],
 				'code' => qa_get_form_security_code('admin/userfields'),
 			),
-);
+		);
-if (isset($editfield['fieldid'])) {
+		if (isset($editfield['fieldid'])) {
 			qa_set_display_rules($qa_content, array(
 				'type_display' => '!dodelete',
 				'position_display' => '!dodelete',
 				'register_display' => '!dodelete',
 				'permit_display' => '!dodelete',
 			));
-} else {
+		} else {
 			unset($qa_content['form']['fields']['delete']);
-}
+		}
-$qa_content['focusid'] = 'name';
+		$qa_content['focusid'] = 'name';
-$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
+		$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
-return $qa_content;
+		return $qa_content;
+	}
+}
--- a/qa-include/pages/admin/admin-usertitles.php
+++ b/qa-include/pages/admin/admin-usertitles.php
@@ -3,9 +3,6 @@
 	Question2Answer by Gideon Greenspan and contributors
 	http://www.question2answer.org/
-	Description: Controller for admin page for editing custom user titles
 	This program is free software; you can redistribute it and/or
 	modify it under the terms of the GNU General Public License
 	as published by the Free Software Foundation; either version 2
@@ -19,38 +16,52 @@
 	More about this license: http://www.question2answer.org/license.php
 */
-if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
+namespace Q2A\Controllers\Admin;
-	header('Location: ../../../');
-	exit;
-}
-require_once QA_INCLUDE_DIR . 'app/admin.php';
+use Q2A\Controllers\BaseController;
-require_once QA_INCLUDE_DIR . 'db/selects.php';
+use Q2A\Database\DbConnection;
+use Q2A\Middleware\Auth\MinimumUserLevel;
+/**
+ * Controller for admin page for editing custom user titles.
+ */
+class UserTitles extends BaseController
+{
+	public function __construct(DbConnection $db)
+	{
+		require_once QA_INCLUDE_DIR . 'app/admin.php';
+		require_once QA_INCLUDE_DIR . 'db/selects.php';
-// Get current list of user titles and determine the state of this admin page
+		parent::__construct($db);
-$oldpoints = qa_post_text('edit');
+		$this->addMiddleware(new MinimumUserLevel(QA_USER_LEVEL_ADMIN));
-if (!isset($oldpoints))
+	}
+	public function index()
+	{
+		// Get current list of user titles and determine the state of this admin page
+		$oldpoints = qa_post_text('edit');
+		if (!isset($oldpoints))
 			$oldpoints = qa_get('edit');
-$pointstitle = qa_get_points_to_titles();
+		$pointstitle = qa_get_points_to_titles();
-// Check admin privileges (do late to allow one DB query)
+		// Check admin privileges (do late to allow one DB query)
-if (!qa_admin_check_privileges($qa_content))
+		if (!qa_admin_check_privileges($qa_content))
 			return $qa_content;
-// Process saving an old or new user title
+		// Process saving an old or new user title
-$securityexpired = false;
+		$securityexpired = false;
-if (qa_clicked('docancel'))
+		if (qa_clicked('docancel'))
 			qa_redirect('admin/users');
-elseif (qa_clicked('dosavetitle')) {
+		elseif (qa_clicked('dosavetitle')) {
 			require_once QA_INCLUDE_DIR . 'util/string.php';
 			if (!qa_check_form_security_code('admin/usertitles', qa_post_text('code')))
@@ -106,17 +117,17 @@ elseif (qa_clicked('dosavetitle')) {
 				if (empty($errors))
 					qa_redirect('admin/users');
 			}
-}
+		}
-// Prepare content for theme
+		// Prepare content for theme
-$qa_content = qa_content_prepare();
+		$qa_content = qa_content_prepare();
-$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/users_title');
+		$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/users_title');
-$qa_content['error'] = $securityexpired ? qa_lang_html('admin/form_security_expired') : qa_admin_page_error();
+		$qa_content['error'] = $securityexpired ? qa_lang_html('admin/form_security_expired') : qa_admin_page_error();
-$qa_content['form'] = array(
+		$qa_content['form'] = array(
 			'tags' => 'method="post" action="' . qa_path_html(qa_request()) . '"',
 			'style' => 'tall',
@@ -162,19 +173,21 @@ $qa_content['form'] = array(
 				'edit' => @$oldpoints,
 				'code' => qa_get_form_security_code('admin/usertitles'),
 			),
-);
+		);
-if (isset($pointstitle[$oldpoints])) {
+		if (isset($pointstitle[$oldpoints])) {
 			qa_set_display_rules($qa_content, array(
 				'points_display' => '!dodelete',
 			));
-} else {
+		} else {
 			unset($qa_content['form']['fields']['delete']);
-}
+		}
-$qa_content['focusid'] = 'title';
+		$qa_content['focusid'] = 'title';
-$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
+		$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
-return $qa_content;
+		return $qa_content;
+	}
+}
--- a/qa-include/pages/admin/admin-widgets.php
+++ b/qa-include/pages/admin/admin-widgets.php
@@ -3,9 +3,6 @@
 	Question2Answer by Gideon Greenspan and contributors
 	http://www.question2answer.org/
-	Description: Controller for admin page for editing widgets
 	This program is free software; you can redistribute it and/or
 	modify it under the terms of the GNU General Public License
 	as published by the Free Software Foundation; either version 2
@@ -19,53 +16,67 @@
 	More about this license: http://www.question2answer.org/license.php
 */
-if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
+namespace Q2A\Controllers\Admin;
-	header('Location: ../../../');
-	exit;
-}
-require_once QA_INCLUDE_DIR . 'app/admin.php';
+use Q2A\Controllers\BaseController;
-require_once QA_INCLUDE_DIR . 'db/selects.php';
+use Q2A\Database\DbConnection;
+use Q2A\Middleware\Auth\MinimumUserLevel;
+/**
+ * Controller for admin page for editing widgets.
+ */
+class Widgets extends BaseController
+{
+	public function __construct(DbConnection $db)
+	{
+		require_once QA_INCLUDE_DIR . 'app/admin.php';
+		require_once QA_INCLUDE_DIR . 'db/selects.php';
-// Get current list of widgets and determine the state of this admin page
+		parent::__construct($db);
-$widgetid = qa_post_text('edit');
+		$this->addMiddleware(new MinimumUserLevel(QA_USER_LEVEL_ADMIN));
-if (!strlen($widgetid))
+	}
+	public function index()
+	{
+		// Get current list of widgets and determine the state of this admin page
+		$widgetid = qa_post_text('edit');
+		if (!strlen($widgetid))
 			$widgetid = qa_get('edit');
-list($widgets, $pages) = qa_db_select_with_pending(
+		list($widgets, $pages) = qa_db_select_with_pending(
 			qa_db_widgets_selectspec(),
 			qa_db_pages_selectspec()
-);
+		);
-if (isset($widgetid)) {
+		if (isset($widgetid)) {
 			$editwidget = null;
 			foreach ($widgets as $widget) {
 				if ($widget['widgetid'] == $widgetid)
 					$editwidget = $widget;
 			}
-} else {
+		} else {
 			$editwidget = array('title' => qa_post_text('title'));
 			if (!isset($editwidget['title']))
 				$editwidget['title'] = qa_get('title');
-}
+		}
-$module = qa_load_module('widget', @$editwidget['title']);
+		$module = qa_load_module('widget', @$editwidget['title']);
-$widgetfound = isset($module);
+		$widgetfound = isset($module);
-// Check admin privileges (do late to allow one DB query)
+		// Check admin privileges (do late to allow one DB query)
-if (!qa_admin_check_privileges($qa_content))
+		if (!qa_admin_check_privileges($qa_content))
 			return $qa_content;
-// Define an array of relevant templates we can use
+		// Define an array of relevant templates we can use
-$templatelangkeys = array(
+		$templatelangkeys = array(
 			'question' => 'admin/question_pages',
 			'qa' => 'main/recent_qs_as_title',
@@ -94,11 +105,11 @@ $templatelangkeys = array(
 			'ip' => 'admin/ip_address_pages',
 			'admin' => 'admin/admin_title',
-);
+		);
-$templateoptions = array();
+		$templateoptions = array();
-if (isset($module) && method_exists($module, 'allow_template')) {
+		if (isset($module) && method_exists($module, 'allow_template')) {
 			foreach ($templatelangkeys as $template => $langkey) {
 				if ($module->allow_template($template))
 					$templateoptions[$template] = qa_lang_html($langkey);
@@ -120,17 +131,17 @@ if (isset($module) && method_exists($module, 'allow_template')) {
 				}
 			}
-}
+		}
-// Process saving an old or new widget
+		// Process saving an old or new widget
-$securityexpired = false;
+		$securityexpired = false;
-if (qa_clicked('docancel'))
+		if (qa_clicked('docancel'))
 			qa_redirect('admin/layout');
-elseif (qa_clicked('dosavewidget')) {
+		elseif (qa_clicked('dosavewidget')) {
 			require_once QA_INCLUDE_DIR . 'db/admin.php';
 			if (!qa_check_form_security_code('admin/widgets', qa_post_text('code')))
@@ -172,27 +183,27 @@ elseif (qa_clicked('dosavewidget')) {
 					qa_redirect('admin/layout');
 				}
 			}
-}
+		}
-// Prepare content for theme
+		// Prepare content for theme
-$qa_content = qa_content_prepare();
+		$qa_content = qa_content_prepare();
-$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/layout_title');
+		$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/layout_title');
-$qa_content['error'] = $securityexpired ? qa_lang_html('admin/form_security_expired') : qa_admin_page_error();
+		$qa_content['error'] = $securityexpired ? qa_lang_html('admin/form_security_expired') : qa_admin_page_error();
-$positionoptions = array();
+		$positionoptions = array();
-$placeoptionhtml = qa_admin_place_options();
+		$placeoptionhtml = qa_admin_place_options();
-$regioncodes = array(
+		$regioncodes = array(
 			'F' => 'full',
 			'M' => 'main',
 			'S' => 'side',
-);
+		);
-foreach ($placeoptionhtml as $place => $optionhtml) {
+		foreach ($placeoptionhtml as $place => $optionhtml) {
 			$region = $regioncodes[substr($place, 0, 1)];
 			$widgetallowed = method_exists($module, 'allow_region') && $module->allow_region($region);
@@ -235,11 +246,11 @@ foreach ($placeoptionhtml as $place => $optionhtml) {
 					$positionoptions[$place . (isset($previous) ? (1 + $maxposition) : 1)] = $positionhtml;
 				}
 			}
-}
+		}
-$positionvalue = @$positionoptions[$editwidget['place'] . $editwidget['position']];
+		$positionvalue = @$positionoptions[$editwidget['place'] . $editwidget['position']];
-$qa_content['form'] = array(
+		$qa_content['form'] = array(
 			'tags' => 'method="post" action="' . qa_path_html(qa_request()) . '"',
 			'style' => 'tall',
@@ -300,29 +311,29 @@ $qa_content['form'] = array(
 				'title' => @$editwidget['title'],
 				'code' => qa_get_form_security_code('admin/widgets'),
 			),
-);
+		);
-foreach ($templateoptions as $template => $optionhtml) {
+		foreach ($templateoptions as $template => $optionhtml) {
 			$qa_content['form']['fields']['templates']['html'] .=
 				'<input type="checkbox" name="template_' . qa_html($template) . '"' .
 				(is_numeric(strpos(',' . @$editwidget['tags'] . ',', ',' . $template . ',')) ? ' checked' : '') .
 				'/> ' . $optionhtml . '<br/>';
-}
+		}
-if (isset($editwidget['widgetid'])) {
+		if (isset($editwidget['widgetid'])) {
 			qa_set_display_rules($qa_content, array(
 				'templates_display' => '!(dodelete||template_all)',
 				'all_display' => '!dodelete',
 			));
-} else {
+		} else {
 			unset($qa_content['form']['fields']['delete']);
 			qa_set_display_rules($qa_content, array(
 				'templates_display' => '!template_all',
 			));
-}
+		}
-if (!$widgetfound) {
+		if (!$widgetfound) {
 			unset($qa_content['form']['fields']['title']['tight']);
 			$qa_content['form']['fields']['title']['error'] = qa_lang_html('admin/widget_not_available');
 			unset($qa_content['form']['fields']['position']);
@@ -331,16 +342,18 @@ if (!$widgetfound) {
 			if (!isset($editwidget['widgetid']))
 				unset($qa_content['form']['buttons']['save']);
-} elseif (!count($positionoptions)) {
+		} elseif (!count($positionoptions)) {
 			unset($qa_content['form']['fields']['title']['tight']);
 			$qa_content['form']['fields']['title']['error'] = qa_lang_html('admin/widget_no_positions');
 			unset($qa_content['form']['fields']['position']);
 			unset($qa_content['form']['fields']['all']);
 			unset($qa_content['form']['fields']['templates']);
 			unset($qa_content['form']['buttons']['save']);
-}
+		}
-$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
+		$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
-return $qa_content;
+		return $qa_content;
+	}
+}