librecat/user.php

<?php 
$db = new SQLite3('ask.db');

$user = $db->query("SELECT * FROM users WHERE username = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);
if(!$user || !$user["id"]){
	include("404.php");
	die();
}

$db->exec("CREATE TABLE IF NOT EXISTS questions(
	id INTEGER PRIMARY KEY,
	user INTEGER,
	by INTEGER,
	question TEXT
	);");

if(!$db->querySingle("SELECT EXISTS(SELECT * FROM users where id = 0);")){
	echo "NOTICE: anonymous user created.";	
	$db->exec("INSERT INTO users(id, username, name) VALUES('0','anonymous','Anonymous');");
}

if($validUser){
	header("Location: /"); die();
}

$errorMsg = "";
if(isset($_POST["post-submit"])){
	if($_POST["post-text"] == "") $errorMsg = "The question can't be blank.";
	else if(strlen($_POST["post-text"]) > 400) $errorMsg = "The question can't bee longer than 400 characters";
	else{
		$u = $user["id"];
		$by = 0;
		$question = htmlspecialchars($_POST["post-text"]);

		// Insert user into DB
		$db->exec("INSERT INTO questions(user,by,question) VALUES ('$u','$by','$question');");
		unset($_POST["post-text"]);
	}
}
?>

<html>
<head>
	<title><?= $user["username"] ?> | LibreCat</title>
</head>
<body>
	<h2><?= $user["username"] ?></h2>
	<p><?= $user["bio"] ?></p>

	<form name="input" action="" method="post">
		<p>Ask me anything</p>
		<textarea id="post-text" name="post-text"></textarea>
		<br/>
		<?php if(isset($errorMsg)) echo "<p>$errorMsg</p>\n"; ?>
		<input type="submit" name="post-submit"/>
	</form>

	<?php
		$u_prep = $db->prepare("SELECT * FROM users WHERE id = :id");
		$qs = $db->query("SELECT * FROM questions WHERE user = '" . $user["id"] . "' LIMIT 0, 10;");
		while($current = $qs->fetchArray(SQLITE3_ASSOC)){
			$u_prep->bindValue(":id", $current["by"], SQLITE3_INTEGER);
			$q_user = $u_prep->execute()->fetchArray(SQLITE3_ASSOC);
			echo("<h3>". $q_user["name"] ."</h3>");
			echo("<p>". $current["question"] ."<p>");
		}
	?>
</body>
</html>
initial commit 2020-05-17 00:02:20 +00:00			`<?php`
Login improvements and URL rewrites 2020-05-17 20:06:22 +00:00			`$db = new SQLite3('ask.db');`
initial commit 2020-05-17 00:02:20 +00:00
Login and user profile 2020-05-20 16:08:25 +00:00			`$user = $db->query("SELECT * FROM users WHERE username = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);`
Add anon and 404 page 2020-05-21 08:07:28 +00:00			`if(!$user \|\| !$user["id"]){`
			`include("404.php");`
			`die();`
			`}`
initial commit 2020-05-17 00:02:20 +00:00
Login and user profile 2020-05-20 16:08:25 +00:00			`$db->exec("CREATE TABLE IF NOT EXISTS questions(`
			`id INTEGER PRIMARY KEY,`
			`user INTEGER,`
			`by INTEGER,`
			`question TEXT`
			`);");`
Login improvements and URL rewrites 2020-05-17 20:06:22 +00:00
Add anon and 404 page 2020-05-21 08:07:28 +00:00			`if(!$db->querySingle("SELECT EXISTS(SELECT * FROM users where id = 0);")){`
			`echo "NOTICE: anonymous user created.";`
			`$db->exec("INSERT INTO users(id, username, name) VALUES('0','anonymous','Anonymous');");`
			`}`
Login and user profile 2020-05-20 16:08:25 +00:00
			`if($validUser){`
			`header("Location: /"); die();`
			`}`

			`$errorMsg = "";`
			`if(isset($_POST["post-submit"])){`
			`if($_POST["post-text"] == "") $errorMsg = "The question can't be blank.";`
			`else if(strlen($_POST["post-text"]) > 400) $errorMsg = "The question can't bee longer than 400 characters";`
			`else{`
			`$u = $user["id"];`
			`$by = 0;`
			`$question = htmlspecialchars($_POST["post-text"]);`

			`// Insert user into DB`
			`$db->exec("INSERT INTO questions(user,by,question) VALUES ('$u','$by','$question');");`
			`unset($_POST["post-text"]);`
			`}`
			`}`
			`?>`

			`<html>`
			`<head>`
			`<title><?= $user["username"] ?> \| LibreCat</title>`
			`</head>`
			`<body>`
			`<h2><?= $user["username"] ?></h2>`
			`<p><?= $user["bio"] ?></p>`

			`<form name="input" action="" method="post">`
			`<p>Ask me anything</p>`
			`<textarea id="post-text" name="post-text"></textarea>`
			`<br/>`
			`<?php if(isset($errorMsg)) echo "<p>$errorMsg</p>\n"; ?>`
			`<input type="submit" name="post-submit"/>`
			`</form>`

			`<?php`
Name of user in question 2020-05-21 09:04:09 +00:00			`$u_prep = $db->prepare("SELECT * FROM users WHERE id = :id");`
Login and user profile 2020-05-20 16:08:25 +00:00			`$qs = $db->query("SELECT * FROM questions WHERE user = '" . $user["id"] . "' LIMIT 0, 10;");`
			`while($current = $qs->fetchArray(SQLITE3_ASSOC)){`
Name of user in question 2020-05-21 09:04:09 +00:00			`$u_prep->bindValue(":id", $current["by"], SQLITE3_INTEGER);`
			`$q_user = $u_prep->execute()->fetchArray(SQLITE3_ASSOC);`
			`echo("<h3>". $q_user["name"] ."</h3>");`
Login and user profile 2020-05-20 16:08:25 +00:00			`echo("<p>". $current["question"] ."<p>");`
			`}`
			`?>`
			`</body>`
			`</html>`