dendy
/
librecat
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'master' of https://git.posweg.es/posweg/librecat

This commit is contained in:
Pòsweg 2020-08-16 07:42:46 +02:00
parent 1dc754692a 264b6f3500
commit 3826f92b8a
1 changed files with 15 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
action/reply.php
View File

@ -9,19 +9,22 @@ if(!isset($_GET["q"])){
else if(!isset($_SESSION["uid"])){ else if(!isset($_SESSION["uid"])){
echo("You need to log in to perform that task."); echo("You need to log in to perform that task.");
} }
else if(isset($_POST["answered"])){
if($_POST["answer_body"] == ""){
echo("Answer cannot be blank.");
}
else{ else{
$db = new sqlite3('../ask.db'); $db = new sqlite3('../ask.db');
$question = $db->query("SELECT * FROM questions WHERE id = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC); $question = $db->query("SELECT * FROM questions WHERE id = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);
if(!$question || !$question["id"]){ if(!$question || !$question["id"]){
echo("Question not found."); echo("Question not found.");
die();
} }
else if($question["user"] != $_SESSION["uid"]){ else if($question["user"] != $_SESSION["uid"]){
echo("You're not allowed to perform that task."); echo("You have no permission to answer this question.");
die();
}
if(isset($_POST["answered"])){
if($_POST["answer_body"] == ""){
echo("Answer cannot be blank.");
} }
else{ else{
$db->exec("UPDATE questions SET answer = '" . htmlspecialchars($_POST["answer_body"], ENT_QUOTES) . "', a_date = " . strtotime("now") . " WHERE id = " . $_GET["q"] . ";"); $db->exec("UPDATE questions SET answer = '" . htmlspecialchars($_POST["answer_body"], ENT_QUOTES) . "', a_date = " . strtotime("now") . " WHERE id = " . $_GET["q"] . ";");
@ -37,11 +40,6 @@ else if(isset($_POST["answered"])){
} }
} }
$db = new SQLite3('../ask.db');
$question = $db->query("SELECT * FROM questions WHERE id = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);
?> ?>
<!DOCTYPE html> <!DOCTYPE html>