librecat/user.php

<?php 
session_start();

$db = new SQLite3('ask.db');

$p_user = $db->query("SELECT * FROM users WHERE username = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);
if(!$p_user || !$p_user["id"]){
	include("404.php");
	die();
}

if(isset($_SESSION["uid"])){
	if($_SESSION["uid"] == $p_user["id"]){
		$is_current_user = true;
	}
}

if($validUser){
	header("Location: /"); die();
}

$errorMsg = "";
if(isset($_POST["post-submit"])){
	if($_POST["post-text"] == "") $errorMsg = "The question can't be blank.";
	else if(strlen($_POST["post-text"]) > 400) $errorMsg = "The question can't bee longer than 400 characters";
	else{
		$u = $p_user["id"];
		$by = 0;
		$question = htmlspecialchars($_POST["post-text"]);

		// Insert user into DB
		$db->exec("INSERT INTO questions(user,by,question,answered,date) VALUES ('$u','$by','$question',0,". strtotime('now') .");");
		unset($_POST["post-text"]);
	}
}
?>

<html>
<head>
	<title><?= $p_user["username"] ?> | LibreCat</title>
</head>
<body> 
	<?php include("include/header.php"); ?>
	<h2><?= $p_user["username"] ?></h2>
	<p><?= $p_user["bio"] ?></p>
	<?php if($is_current_user) echo("<a href='/config'>config</a>"); ?>

	<form name="input" action="" method="post">
		<p>Ask me anything</p>
		<textarea id="post-text" name="post-text"></textarea>
		<br/>
		<?php if(isset($errorMsg)) echo "<p>$errorMsg</p>\n"; ?>
		<input type="submit" name="post-submit"/>
	</form>

	<?php
		$u_prep = $db->prepare("SELECT * FROM users WHERE id = :id");
		$qs = $db->query("SELECT * FROM questions WHERE user = '" . $p_user["id"] . "' LIMIT 0, 10;");

		$time = new DateTime("@0");
		while($current = $qs->fetchArray(SQLITE3_ASSOC)){
			// Execute prepared statement
			$u_prep->bindValue(":id", $current["by"], SQLITE3_INTEGER);
			$q_user = $u_prep->execute()->fetchArray(SQLITE3_ASSOC);

			echo("<h3>". $current["id"] ." - " . $q_user["name"] ."</h3>");

			// Time
			$time->setTimestamp($current["date"]);
			echo($time->format("Y-m-d H:i:s"));
			echo("<p>". $current["question"] ."<p>");
		}
	?>
</body>
</html>
initial commit 2020-05-17 00:02:20 +00:00			`<?php`
Universal header and config link 2020-05-21 15:57:59 +00:00			`session_start();`

Login improvements and URL rewrites 2020-05-17 20:06:22 +00:00			`$db = new SQLite3('ask.db');`
initial commit 2020-05-17 00:02:20 +00:00
Universal header and config link 2020-05-21 15:57:59 +00:00			`$p_user = $db->query("SELECT * FROM users WHERE username = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);`
			`if(!$p_user \|\| !$p_user["id"]){`
Add anon and 404 page 2020-05-21 08:07:28 +00:00			`include("404.php");`
			`die();`
			`}`
initial commit 2020-05-17 00:02:20 +00:00
Universal header and config link 2020-05-21 15:57:59 +00:00			`if(isset($_SESSION["uid"])){`
			`if($_SESSION["uid"] == $p_user["id"]){`
			`$is_current_user = true;`
			`}`
			`}`

Login and user profile 2020-05-20 16:08:25 +00:00			`if($validUser){`
			`header("Location: /"); die();`
			`}`

			`$errorMsg = "";`
			`if(isset($_POST["post-submit"])){`
			`if($_POST["post-text"] == "") $errorMsg = "The question can't be blank.";`
			`else if(strlen($_POST["post-text"]) > 400) $errorMsg = "The question can't bee longer than 400 characters";`
			`else{`
Universal header and config link 2020-05-21 15:57:59 +00:00			`$u = $p_user["id"];`
Login and user profile 2020-05-20 16:08:25 +00:00			`$by = 0;`
			`$question = htmlspecialchars($_POST["post-text"]);`

			`// Insert user into DB`
Add question timestamp and centralized initialization 2020-05-21 11:57:27 +00:00			`$db->exec("INSERT INTO questions(user,by,question,answered,date) VALUES ('$u','$by','$question',0,". strtotime('now') .");");`
Login and user profile 2020-05-20 16:08:25 +00:00			`unset($_POST["post-text"]);`
			`}`
			`}`
			`?>`

			`<html>`
			`<head>`
Universal header and config link 2020-05-21 15:57:59 +00:00			`<title><?= $p_user["username"] ?> \| LibreCat</title>`
Login and user profile 2020-05-20 16:08:25 +00:00			`</head>`
Universal header and config link 2020-05-21 15:57:59 +00:00			`<body>`
			`<?php include("include/header.php"); ?>`
			`<h2><?= $p_user["username"] ?></h2>`
			`<p><?= $p_user["bio"] ?></p>`
			`<?php if($is_current_user) echo("<a href='/config'>config</a>"); ?>`
Login and user profile 2020-05-20 16:08:25 +00:00
			`<form name="input" action="" method="post">`
			`<p>Ask me anything</p>`
			`<textarea id="post-text" name="post-text"></textarea>`
			`<br/>`
			`<?php if(isset($errorMsg)) echo "<p>$errorMsg</p>\n"; ?>`
			`<input type="submit" name="post-submit"/>`
			`</form>`

			`<?php`
Name of user in question 2020-05-21 09:04:09 +00:00			`$u_prep = $db->prepare("SELECT * FROM users WHERE id = :id");`
Universal header and config link 2020-05-21 15:57:59 +00:00			`$qs = $db->query("SELECT * FROM questions WHERE user = '" . $p_user["id"] . "' LIMIT 0, 10;");`
Add question timestamp and centralized initialization 2020-05-21 11:57:27 +00:00
			`$time = new DateTime("@0");`
Login and user profile 2020-05-20 16:08:25 +00:00			`while($current = $qs->fetchArray(SQLITE3_ASSOC)){`
Add question timestamp and centralized initialization 2020-05-21 11:57:27 +00:00			`// Execute prepared statement`
Name of user in question 2020-05-21 09:04:09 +00:00			`$u_prep->bindValue(":id", $current["by"], SQLITE3_INTEGER);`
			`$q_user = $u_prep->execute()->fetchArray(SQLITE3_ASSOC);`
Add question timestamp and centralized initialization 2020-05-21 11:57:27 +00:00
Universal header and config link 2020-05-21 15:57:59 +00:00			`echo("<h3>". $current["id"] ." - " . $q_user["name"] ."</h3>");`
Add question timestamp and centralized initialization 2020-05-21 11:57:27 +00:00
			`// Time`
			`$time->setTimestamp($current["date"]);`
			`echo($time->format("Y-m-d H:i:s"));`
Login and user profile 2020-05-20 16:08:25 +00:00			`echo("<p>". $current["question"] ."<p>");`
			`}`
			`?>`
			`</body>`
			`</html>`