<?php 
session_start();
include("../include/settings.php");
include("../include/functions.php");

$db = new SQLite3('../ask.db');

$p_user = $db->query("SELECT * FROM users WHERE id = '" . $_POST["uid"] . "';")->fetchArray(SQLITE3_ASSOC);
if(!$p_user || !$p_user["id"]){
	echo "user not found";
	die();
}

$errorMsg = "";
if(isset($_POST["post-submit"])){
	if($_POST["post-text"] == "") $errorMsg = "The question can't be blank.";
	else if(strlen($_POST["post-text"]) > 400) $errorMsg = "The question can't bee longer than 400 characters";
	else{
		$u = $p_user["id"];
		$by = 0;
		$question = htmlspecialchars($_POST["post-text"], ENT_QUOTES);
		$priv = 0;
		$time = strtotime('now');

		if(isset($_SESSION["uid"]) && !$_POST["anon"]) $by = $_SESSION["uid"];
		if($_POST["priv"]) $priv = 1;

		// Insert user into DB
		$db->exec("INSERT INTO questions(user,by,question,q_date,private) VALUES ('$u','$by','$question',". $time .",$priv);");
		unset($_POST["post-text"]);

		$q_new = $db->query("SELECT * FROM questions WHERE q_date = '" . $time . "';")->fetchArray(SQLITE3_ASSOC);

		$new_get["q"] =  $p_user["username"];
		if($priv){
			$new_get["p"] = $q_new["id"];
			$new_get["key"] = md5($question);
		}

		header("Location: " . redirect("user", $new_get));
	}
}
?>