28 lines
804 B
PHP
28 lines
804 B
PHP
|
<?php
|
||
|
session_start();
|
||
|
|
||
|
$db = new SQLite3('../ask.db');
|
||
|
|
||
|
$p_user = $db->query("SELECT * FROM users WHERE id = '" . $_POST["uid"] . "';")->fetchArray(SQLITE3_ASSOC);
|
||
|
if(!$p_user || !$p_user["id"]){
|
||
|
echo "user not found";
|
||
|
die();
|
||
|
}
|
||
|
|
||
|
$errorMsg = "";
|
||
|
if(isset($_POST["post-submit"])){
|
||
|
if($_POST["post-text"] == "") $errorMsg = "The question can't be blank.";
|
||
|
else if(strlen($_POST["post-text"]) > 400) $errorMsg = "The question can't bee longer than 400 characters";
|
||
|
else{
|
||
|
$u = $p_user["id"];
|
||
|
$by = 0;
|
||
|
$question = htmlspecialchars($_POST["post-text"]);
|
||
|
|
||
|
// Insert user into DB
|
||
|
$db->exec("INSERT INTO questions(user,by,question,answered,date) VALUES ('$u','$by','$question',0,". strtotime('now') .");");
|
||
|
unset($_POST["post-text"]);
|
||
|
header("Location: /user/" . $p_user["username"]);
|
||
|
}
|
||
|
}
|
||
|
?>
|