Implement Answers

TODO.md

@@ -1,6 +1,7 @@
 - Functionality:
 	- ~~Non-anonymous questions~~
-	- Answers
+	- ~~Answers~~
+		- Add edit button instead of reply
 	- Follows and followers (timeline)
 	- Actions redirections
 	- Actions notify
@@ -19,5 +20,6 @@
 
 - Bugs:
 	- ~~Login redirection is broken~~
+	- Users should only be able to ask themselves in anon mode
 	- Check that the user exists before keeping being logged like it
 	- Registration should ask for password two times

action/publish-question.php

@@ -22,7 +22,7 @@ if(isset($_POST["post-submit"])){
 		if(isset($_SESSION["uid"]) && !$_POST["anon"]) $by = $_SESSION["uid"];
 
 		// Insert user into DB
-		$db->exec("INSERT INTO questions(user,by,question,answered,date) VALUES ('$u','$by','$question',0,". strtotime('now') .");");
+		$db->exec("INSERT INTO questions(user,by,question,q_date) VALUES ('$u','$by','$question',". strtotime('now') .");");
 		unset($_POST["post-text"]);
 		if($fancy_urls) header("Location: /user/" . $p_user["username"]);
 		else header("Location: /user.php?q=" . $p_user["username"]);

action/reply.php

@@ -0,0 +1,57 @@
+<?php 
+session_start();
+include("../include/settings.php");
+
+if(!isset($_GET["q"])){
+	echo("Question not specified.");
+	die();
+}
+else if(!isset($_SESSION["uid"])){
+       	echo("You need to log in to perform that task.");
+}
+else if(isset($_POST["answered"])){
+	if($_POST["answer_body"] == ""){
+		echo("Answer cannot be blank.");
+	}
+	else{
+		$db = new sqlite3('../ask.db');
+		
+		$question = $db->query("SELECT * FROM questions WHERE id = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);
+		if(!$question || !$question["id"]){
+			echo("Question not found.");
+		}
+		else if($question["user"] != $_SESSION["uid"]){
+			echo("You're not allowed to perform that task.");
+		}
+		else{
+			$db->exec("UPDATE questions SET answer = '" . htmlspecialchars($_POST["answer_body"], ENT_QUOTES) . "', a_date = " . strtotime("now") . " WHERE id = " . $_GET["q"] . ";");
+			if($pretty_urls){
+				header("Location: /user/" . $db->querySingle("SELECT username FROM users WHERE id = " . $question["user"] . ";"));
+				die();
+			}
+			else{
+				header("Location: /user.php?q=" . $db->querySingle("SELECT username FROM users WHERE id = " . $question["user"] . ";"));
+				die();
+			}
+		}
+	}
+}
+
+
+$db = new SQLite3('../ask.db');
+		
+$question = $db->query("SELECT * FROM questions WHERE id = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);
+
+?>
+
+<html>
+<head>
+</head>
+<body>
+	<h3><?= $question["question"] ?></h3>
+	<form action="" method="post">
+		<textarea cols=100 rows=10 name="answer_body" placeholder="Write your answer."></textarea><br/>
+		<input type="submit" name="answered"/>
+	</form>
+</body>
+</html>

include/header.php

@@ -17,7 +17,9 @@ $db->exec("CREATE TABLE IF NOT EXISTS questions(
 	user INTEGER,
 	by INTEGER,
 	question TEXT,
-	date INTEGER,
+	q_date INTEGER,
+	answer TEXT,
+	a_date INTEGER,
 	status INTEGER
 	);");
 

user.php

@@ -58,13 +58,20 @@ if(isset($_SESSION["uid"])){
 			echo("\t<p>". $current["question"] ."<p>\n");
 			
 			if($is_current_user){
+				echo("\t<a href='/action/reply.php?q=".$current["id"]."'>reply</a> ");
 				echo("\t<a href='/action/delete-question.php?q=".$current["id"]."'>delete</a> ");
 				echo("fav ignore ");
 			}
 			
 			// Time
-			$time->setTimestamp($current["date"]);
+			$time->settimestamp($current["q_date"]);
-			echo($time->format("Y-m-d H:i:s"));
+			echo($time->format("y-m-d h:i:s"));
+	
+			if($current["answer"]){
+				echo("<p>" . $current["answer"] . "</p>");
+				$time->settimestamp($current["a_date"]);
+				echo($time->format("y-m-d h:i:s"));
+			}
 			echo("\n\n");
 		}
 	?>