58 lines
1.5 KiB
PHP
58 lines
1.5 KiB
PHP
<?php
|
|
session_start();
|
|
include("../include/settings.php");
|
|
|
|
if(!isset($_GET["q"])){
|
|
echo("Question not specified.");
|
|
die();
|
|
}
|
|
else if(!isset($_SESSION["uid"])){
|
|
echo("You need to log in to perform that task.");
|
|
}
|
|
else if(isset($_POST["answered"])){
|
|
if($_POST["answer_body"] == ""){
|
|
echo("Answer cannot be blank.");
|
|
}
|
|
else{
|
|
$db = new sqlite3('../ask.db');
|
|
|
|
$question = $db->query("SELECT * FROM questions WHERE id = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);
|
|
if(!$question || !$question["id"]){
|
|
echo("Question not found.");
|
|
}
|
|
else if($question["user"] != $_SESSION["uid"]){
|
|
echo("You're not allowed to perform that task.");
|
|
}
|
|
else{
|
|
$db->exec("UPDATE questions SET answer = '" . htmlspecialchars($_POST["answer_body"], ENT_QUOTES) . "', a_date = " . strtotime("now") . " WHERE id = " . $_GET["q"] . ";");
|
|
if($pretty_urls){
|
|
header("Location: /user/" . $db->querySingle("SELECT username FROM users WHERE id = " . $question["user"] . ";"));
|
|
die();
|
|
}
|
|
else{
|
|
header("Location: /user.php?q=" . $db->querySingle("SELECT username FROM users WHERE id = " . $question["user"] . ";"));
|
|
die();
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
$db = new SQLite3('../ask.db');
|
|
|
|
$question = $db->query("SELECT * FROM questions WHERE id = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);
|
|
|
|
?>
|
|
|
|
<html>
|
|
<head>
|
|
</head>
|
|
<body>
|
|
<h3><?= $question["question"] ?></h3>
|
|
<form action="" method="post">
|
|
<textarea cols=100 rows=10 name="answer_body" placeholder="Write your answer."></textarea><br/>
|
|
<input type="submit" name="answered"/>
|
|
</form>
|
|
</body>
|
|
</html>
|