Separate publish into action folder

This commit is contained in:
posweg 2020-05-21 18:06:16 +00:00
parent c8123de470
commit 30570cc0ff
3 changed files with 30 additions and 21 deletions

View File

@ -0,0 +1,27 @@
<?php
session_start();
$db = new SQLite3('../ask.db');
$p_user = $db->query("SELECT * FROM users WHERE id = '" . $_POST["uid"] . "';")->fetchArray(SQLITE3_ASSOC);
if(!$p_user || !$p_user["id"]){
echo "user not found";
die();
}
$errorMsg = "";
if(isset($_POST["post-submit"])){
if($_POST["post-text"] == "") $errorMsg = "The question can't be blank.";
else if(strlen($_POST["post-text"]) > 400) $errorMsg = "The question can't bee longer than 400 characters";
else{
$u = $p_user["id"];
$by = 0;
$question = htmlspecialchars($_POST["post-text"]);
// Insert user into DB
$db->exec("INSERT INTO questions(user,by,question,answered,date) VALUES ('$u','$by','$question',0,". strtotime('now') .");");
unset($_POST["post-text"]);
header("Location: /user/" . $p_user["username"]);
}
}
?>

View File

@ -4,6 +4,6 @@
// service is perfectly functional // service is perfectly functional
// with this as false // with this as false
$fancy_urls = false; $fancy_urls = true;
?> ?>

View File

@ -14,25 +14,6 @@ if(isset($_SESSION["uid"])){
$is_current_user = true; $is_current_user = true;
} }
} }
if($validUser){
header("Location: /"); die();
}
$errorMsg = "";
if(isset($_POST["post-submit"])){
if($_POST["post-text"] == "") $errorMsg = "The question can't be blank.";
else if(strlen($_POST["post-text"]) > 400) $errorMsg = "The question can't bee longer than 400 characters";
else{
$u = $p_user["id"];
$by = 0;
$question = htmlspecialchars($_POST["post-text"]);
// Insert user into DB
$db->exec("INSERT INTO questions(user,by,question,answered,date) VALUES ('$u','$by','$question',0,". strtotime('now') .");");
unset($_POST["post-text"]);
}
}
?> ?>
<html> <html>
@ -52,11 +33,12 @@ if(isset($_POST["post-submit"])){
} }
?> ?>
<form name="input" action="" method="post"> <form name="input" action="/action/publish-question.php" method="post">
<p>Ask me anything</p> <p>Ask me anything</p>
<textarea id="post-text" name="post-text"></textarea> <textarea id="post-text" name="post-text"></textarea>
<br/> <br/>
<?php if(isset($errorMsg)) echo "<p>$errorMsg</p>\n"; ?> <?php if(isset($errorMsg)) echo "<p>$errorMsg</p>\n"; ?>
<input type="hidden" name="uid" value="<?= $p_user["id"] ?>"/>
<input type="submit" name="post-submit"/> <input type="submit" name="post-submit"/>
</form> </form>