Delete functionality

action/delete-question.php

@@ -0,0 +1,32 @@
+<?php 
+session_start();
+include("../include/settings.php");
+
+if(!isset($_GET["q"])){
+	echo("Question not specified.");
+}
+else if(!isset($_SESSION["uid"])){
+       	echo("You need to log in to perform that task.");
+}
+else{
+	$db = new SQLite3('../ask.db');
+	
+	$question = $db->query("SELECT * FROM questions WHERE id = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);
+	if(!$question || !$question["id"]){
+		echo("Question not found.");
+	}
+	else if($question["user"] != $_SESSION["uid"]){
+		echo("You're not allowed to perform that task.");
+	}
+	else{
+		$db->exec("DELETE FROM questions WHERE id = " . $question["id"] . ";");
+		if($pretty_urls){
+			header("Location: /user/" . $db->querySingle("SELECT username FROM users WHERE id = " . $question["user"] . ";"));
+			die();
+		}
+		else{
+			header("Location: /user.php?q=" . $db->querySingle("SELECT username FROM users WHERE id = " . $question["user"] . ";"));
+			die();
+		}
+	}
+}

user.php

@@ -27,9 +27,9 @@ if(isset($_SESSION["uid"])){
 	<?php
 		if($is_current_user){
 			if($fancy_urls)
-				echo("<a href='/config'>config</a>");
+				echo("<a href='/config/profile'>config</a>");
 			else
-				echo("<a href='/config.php'>config</a>");
+				echo("<a href='/config.php?q=profile'>config</a>");
 		}
 	?>
 
@@ -52,12 +52,18 @@ if(isset($_SESSION["uid"])){
 			$u_prep->bindValue(":id", $current["by"], SQLITE3_INTEGER);
 			$q_user = $u_prep->execute()->fetchArray(SQLITE3_ASSOC);
 
-			echo("<h3>". $current["id"] ." - " . $q_user["name"] ."</h3>");
-
+			echo("<h3>" . $q_user["name"] ."</h3>\n");
+			echo("\t<p>". $current["question"] ."<p>\n");
+			
+			if($is_current_user){
+				echo("\t<a href='/action/delete-question.php?q=".$current["id"]."'>delete</a> ");
+				echo("fav ignore ");
+			}
+			
 			// Time
 			$time->setTimestamp($current["date"]);
 			echo($time->format("Y-m-d H:i:s"));
-			echo("<p>". $current["question"] ."<p>");
+			echo("\n\n");
 		}
 	?>
 </body>