archive/bigly-chat
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

minor fixes

Browse source
This commit is contained in:
biglyderv 2025-02-05 01:27:45 -05:00
parent daace699a6
commit 2ce4424db7
20 changed files with 674 additions and 621 deletions
Download patch file Download diff file Expand all files Collapse all files

144
docs/api/comment.php
View file

@ -1,88 +1,92 @@
<?php
require(__DIR__ . "/../../libs/page.php");
$ref = 1732684297;
function getOut($typer, $idr) {
if ($typer == 'user' || $typer == 'comment') {
header("Location: " . '/' . $typer . '.php?id=' . htmlspecialchars($idr));
die();
}
require(__DIR__ . "/../../libs/page.php");
header("Location: /");
$ref = 1732684297;
function getOut($typer, $idr)
{
if ($typer == 'user' || $typer == 'comment') {
header("Location: " . '/' . $typer . '.php?id=' . htmlspecialchars($idr));
die();
}
}
function post_handler() {
global $ref;
global $username;
global $db;
if (!$username || !array_key_exists('post',$_POST)) return;
$postie = $_POST['post'];
$postType = (array_key_exists('type',$_POST)) ? $_POST['type'] : 'root';
$postId = (array_key_exists('id',$_POST)) ? $_POST['id'] : 'root';
header("Location: /");
die();
}
if (strlen($postie) < 1 || strlen($postie) > 1024) {
getOut($postType,$postId);
}
if (is_uploaded_file($_FILES['file']['tmp_name'])) {
$fid = bin2hex(random_bytes(16));
function post_handler()
{
global $ref;
global $username;
global $db;
if (!$username || !array_key_exists('post', $_POST)) {
return;
}
$type = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
$type = strtolower($type);
$postie = $_POST['post'];
$postType = (array_key_exists('type', $_POST)) ? $_POST['type'] : 'root';
$postId = (array_key_exists('id', $_POST)) ? $_POST['id'] : 'root';
$mime = mime_content_type('test' . $type);
if (strlen($postie) < 1 || strlen($postie) > 1024) {
getOut($postType, $postId);
}
if (is_uploaded_file($_FILES['file']['tmp_name'])) {
$fid = bin2hex(random_bytes(16));
$legal = ['png','gif','jpeg','jpg','mp4','webm','mp3','wav'];
$type = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
if (in_array($type, $legal)) {
move_uploaded_file($_FILES['file']['tmp_name'], $_SERVER["DOCUMENT_ROOT"] . '/../docs/pic/' . $fid . '.' . $type);
$postie .= "\nhttps://" . $_SERVER['HTTP_HOST'] . '/pic/' . $fid . '.' . $type;
}
}
$type = strtolower($type);
$poid = bin2hex(random_bytes(16));
$stmt = $db->prepare("SELECT * FROM comment WHERE username = ? ORDER BY date DESC");
$stmt->execute([
$username
]);
$userposts = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$mime = mime_content_type('test' . $type);
if ($userposts[0]['date'] - (microtime(true) - $ref) > -3) {
echo "You have been rate limited.";
return;
}
$legal = ['png','gif','jpeg','jpg','mp4','webm','mp3','wav'];
if (in_array($type, $legal)) {
move_uploaded_file($_FILES['file']['tmp_name'], $_SERVER["DOCUMENT_ROOT"] . '/../docs/pic/' . $fid . '.' . $type);
$postie .= "\nhttps://" . $_SERVER['HTTP_HOST'] . '/pic/' . $fid . '.' . $type;
}
}
$poid = bin2hex(random_bytes(16));
$stmt = $db->prepare("SELECT * FROM comment WHERE username = ? ORDER BY date DESC");
$stmt->execute([
$username
]);
$userposts = $stmt->fetchAll(PDO::FETCH_DEFAULT);
if ($userposts[0]['date'] - (microtime(true) - $ref) > -3) {
echo "You have been rate limited.";
return;
}
$stmt = $db->prepare("INSERT INTO main.comment (username, targetType, targetId, date, content, id) VALUES (?,?,?,?,?,?)");
$stmt->execute([$username,$postType,$postId,microtime(true) - $ref,$postie,$poid]);
$postieP = "https://nbg.dervland.net/comment.php?id=" . $poid;
$user10 = ':system';
if ($postType == 'user') {
$postie = "A user commented on your wall: " . $postieP;
$stmt = $db->prepare("INSERT INTO main.comment (username, targetType, targetId, date, content, id) VALUES (?,?,?,?,?,?)");
$stmt->execute([$username,$postType,$postId,microtime(true) - $ref,$postie,$poid]);
$stmt->execute([$user10,'notification',$postId,microtime(true) - $ref,$postie,bin2hex(random_bytes(16))]);
} elseif ($postType == 'comment') {
$stmt = $db->prepare("SELECT * FROM comment WHERE id = ? ORDER BY date DESC");
$stmt->execute([
$postId
]);
$posts1 = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$postieP = "https://nbg.dervland.net/comment.php?id=" . $poid;
$posts2 = $posts1[0]['username'];
$postie = "A user replied to your post: " . $postieP;
$stmt = $db->prepare("INSERT INTO main.comment (username, targetType, targetId, date, content, id) VALUES (?,?,?,?,?,?)");
$stmt->execute([$user10,'notification',$posts2,microtime(true) - $ref,$postie,bin2hex(random_bytes(16))]);
}
$user10 = ':system';
if ($postType == 'user') {
$postie = "A user commented on your wall: " . $postieP;
$stmt = $db->prepare("INSERT INTO main.comment (username, targetType, targetId, date, content, id) VALUES (?,?,?,?,?,?)");
$stmt->execute([$user10,'notification',$postId,microtime(true) - $ref,$postie,bin2hex(random_bytes(16))]);
} else if ($postType == 'comment') {
$stmt = $db->prepare("SELECT * FROM comment WHERE id = ? ORDER BY date DESC");
$stmt->execute([
$postId
]);
$posts1 = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$posts2 = $posts1[0]['username'];
getOut($postType, $postId);
}
$postie = "A user replied to your post: " . $postieP;
$stmt = $db->prepare("INSERT INTO main.comment (username, targetType, targetId, date, content, id) VALUES (?,?,?,?,?,?)");
$stmt->execute([$user10,'notification',$posts2,microtime(true) - $ref,$postie,bin2hex(random_bytes(16))]);
}
getOut($postType,$postId);
}
post_handler();
?>
post_handler();

25
docs/api/followjson.php
View file

@ -1,16 +1,17 @@
<?php
require(__DIR__ . "/../../libs/page.php");
function get_handler() {
global $db;
$stmt = $db->prepare("SELECT * FROM main.follow");
$stmt->execute([]);
$result = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$result = array_reverse($result,true);
require(__DIR__ . "/../../libs/page.php");
echo json_encode($result);
}
function get_handler()
{
global $db;
get_handler();
?>
$stmt = $db->prepare("SELECT * FROM main.follow");
$stmt->execute([]);
$result = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$result = array_reverse($result, true);
echo json_encode($result);
}
get_handler();

6
docs/auth.php
View file

@ -1,5 +1,5 @@
<?php
require(__DIR__ . "/../libs/auth.php");
global $username;
echo $username;
require(__DIR__ . "/../libs/auth.php");
global $username;
echo $username;
?>

18
docs/comment.php
View file

@ -1,11 +1,11 @@
<?php
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
$ref = 1732684297;
page_header();
comments("comment",$_GET['id']);
page_footer();
?>
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
$ref = 1732684297;
page_header();
comments("comment", $_GET['id']);
page_footer();

9
docs/css/main.css
View file

@ -134,7 +134,8 @@ pre {
padding: 10px;
margin-bottom: 10px;
align-items: center;
width: var(--elem-width);
flex-wrap: wrap;
width: var(--elem-width);
border-radius: var(--border-radius);
}
@ -186,12 +187,16 @@ iframe {
border: none;
}
.header a {
width: 60px;
}
.header a, .clickie {
text-decoration: none;
color: inherit;
font-weight: bold;
margin: 5px;
display: flex;
display: flex;
flex-direction: column;
align-items: center;
justify-content: center;

30
docs/index.php
View file

@ -1,13 +1,13 @@
<?php
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
page_header();
if (!is_null($username)) {
//comments("root","root");
}
if (!($_GET['page'] > 0)) { ?>
page_header();
if (!is_null($username)) {
//comments("root","root");
}
if (!($_GET['page'] > 0)) { ?>
<div class="banner"><img class="banner-background" src="/img/newlogo.svg">
<div class="banner-content">
<h1>BiglyChat</h1>
@ -17,15 +17,13 @@
<h2>Community</h2>
<a class="form-button" href="/tou.php">Terms of Use</a>
<a class="form-button" href="/stats.php?ref=<?php echo $username ?>">Suggested Users</a>
<a class="form-button" href="/stats.php">Top Users</a>
<a class="form-button" href="https://dervland.net/">More Projects</a>
</div>
</div>
<?php
}
//if (is_null($username)) {
comments("root","root");
//}
page_footer();
<?php
}
//if (is_null($username)) {
comments("root", "root");
//}
page_footer();
?>

103
docs/login.php
View file

@ -1,55 +1,60 @@
<?php
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
function post_handler() {
global $db;
// there is 100% a better way to do this but i need to test
if (!array_key_exists('pass',$_POST) || !array_key_exists('user',$_POST)) {
return '';
}
$user = $_POST['user'];
$pass = $_POST['pass'];
$stmt = $db->prepare("SELECT * FROM main.auth WHERE UPPER(username) LIKE UPPER(?)");
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$result) return 'Username does not exist.';
$verified = password_verify($pass,$result['password']);
if (!$verified) return 'Password is wrong.';
$token = bin2hex(random_bytes(32));
$stmt = $db->prepare("INSERT INTO main.token (username, token) VALUES (?, ?)");
$stmt->execute([$user,$token]);
setcookie("token", $token, time()+3600*24);
if (isset($_GET['next'])) {
$gett = htmlspecialchars($_GET['next'] . '?token=' . $token);
echo "<script>window.location.href = '$gett'</script>";
page_footer();
die();
}
header("Location: /");
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
function post_handler()
{
global $db;
// there is 100% a better way to do this but i need to test
if (!array_key_exists('pass', $_POST) || !array_key_exists('user', $_POST)) {
return '';
}
$user = $_POST['user'];
$pass = $_POST['pass'];
$stmt = $db->prepare("SELECT * FROM main.auth WHERE UPPER(username) LIKE UPPER(?)");
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$result) {
return 'Username does not exist.';
}
$verified = password_verify($pass, $result['password']);
if (!$verified) {
return 'Password is wrong.';
}
$token = bin2hex(random_bytes(32));
$stmt = $db->prepare("INSERT INTO main.token (username, token) VALUES (?, ?)");
$stmt->execute([$user,$token]);
setcookie("token", $token, time() + 3600 * 24);
if (isset($_GET['next'])) {
$gett = htmlspecialchars($_GET['next'] . '?token=' . $token);
echo "<script>window.location.href = '$gett'</script>";
page_footer();
die();
}
page_header();
$form_message = post_handler();
form("Log in (<a class='link' target='_blank' href='/register.php'>Register?</a>)", $form_message, array(
array('key' => 'Username', 'type' => 'text', 'name' => 'user', 'default' => ''),
array('key' => 'Password', 'type' => 'password', 'name' => 'pass', 'default' => '')
));
header("Location: /");
die();
}
page_footer();
?>
page_header();
$form_message = post_handler();
form("Log in (<a class='link' target='_blank' href='/register.php'>Register?</a>)", $form_message, array(
array('key' => 'Username', 'type' => 'text', 'name' => 'user', 'default' => ''),
array('key' => 'Password', 'type' => 'password', 'name' => 'pass', 'default' => '')
));
page_footer();

21
docs/logout.php
View file

@ -1,13 +1,12 @@
<?php
require(__DIR__ . "/../libs/page.php");
page_header();
if (isset($_COOKIE)) {
foreach ( $_COOKIE as $key => $value )
{
setcookie( $key, FALSE );
}
header("Location: /");
die();
require(__DIR__ . "/../libs/page.php");
page_header();
if (isset($_COOKIE)) {
foreach ($_COOKIE as $key => $value) {
setcookie($key, false);
}
page_footer();
?>
header("Location: /");
die();
}
page_footer();

123
docs/meta.php
View file

@ -1,61 +1,63 @@
<?php
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
$roles = array();
page_header();
// this is a mess
function get_handler() {
global $db;
global $username;
global $user;
global $bio;
global $followers;
global $following;
global $roles;
// there is 100% a better way to do this but i need to test
if (!array_key_exists('id',$_GET)) {
die();
}
$user = $_GET['id'];
if (array_key_exists('type',$_GET)) {
$type = $_GET['type'];
if ($type == 'follow') {
follow();
} else if ($type == 'settings') {
settings();
}
}
$stmt = $db->prepare("SELECT * FROM main.user WHERE UPPER(username) LIKE UPPER(?)"); //weirdly, this requires a schema name
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$stmt = $db->prepare("SELECT * FROM main.follow WHERE target = ?");
$stmt->execute([$user]);
$following = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$stmt = $db->prepare("SELECT * FROM main.follow WHERE username = ?");
$stmt->execute([$user]);
$followers = $stmt->fetchAll(PDO::FETCH_DEFAULT);
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
$roles = array();
page_header();
// this is a mess
function get_handler()
{
global $db;
global $username;
global $user;
global $bio;
global $followers;
global $following;
global $roles;
// there is 100% a better way to do this but i need to test
if (!array_key_exists('id', $_GET)) {
die();
}
get_handler();
//todo: rewrite
$user = $_GET['id'];
if (array_key_exists('type', $_GET)) {
$type = $_GET['type'];
if ($type == 'follow') {
follow();
} elseif ($type == 'settings') {
settings();
}
}
$stmt = $db->prepare("SELECT * FROM main.user WHERE UPPER(username) LIKE UPPER(?)"); //weirdly, this requires a schema name
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$stmt = $db->prepare("SELECT * FROM main.follow WHERE target = ?");
$stmt->execute([$user]);
$following = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$stmt = $db->prepare("SELECT * FROM main.follow WHERE username = ?");
$stmt->execute([$user]);
$followers = $stmt->fetchAll(PDO::FETCH_DEFAULT);
}
get_handler();
//todo: rewrite
?>
<h2>Following</h2>
<?php
foreach ($following as $user) { $usern = $user['username']; ?>
<?php
foreach ($following as $user) {
$usern = $user['username']; ?>
<div class='comment'>
<div class="avatar">
<img src="/pfp/<?php echo $usern ?>.png" class="avatar-img">
@ -69,14 +71,15 @@
</div>
</div>
</div>
<?php
}
<?php
}
?>
<h2>Followers</h2>
<?php
foreach ($followers as $user) { $usern = $user['target']; ?>
<?php
foreach ($followers as $user) {
$usern = $user['target']; ?>
<div class='comment'>
<div class="avatar">
<img src="/pfp/<?php echo $usern ?>.png" class="avatar-img">
@ -90,9 +93,9 @@
</div>
</div>
</div>
<?php
}
<?php
}
?>
<?php
page_footer();
<?php
page_footer();
?>

18
docs/notif.php
View file

@ -1,11 +1,11 @@
<?php
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
$ref = 1732684297;
page_header();
comments("notification",$username,true);
page_footer();
?>
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
$ref = 1732684297;
page_header();
comments("notification", $username, true);
page_footer();

113
docs/register.php
View file

@ -1,58 +1,61 @@
<?php
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
function post_handler() {
global $db;
// there is 100% a better way to do this but i need to test
if (!array_key_exists('pass',$_POST) || !array_key_exists('user',$_POST) || !array_key_exists('pass2',$_POST)) {
return '';
}
$user = $_POST['user'];
$pass = $_POST['pass'];
$pass2 = $_POST['pass2'];
preg_match("/[^A-Za-z0-9\-\_]/",$user,$matches);
if ($pass != $pass2) {
return 'Passwords are not the same.';
}
if (isset($matches) && count($matches) > 0) {
return 'Username contains invalid characters.';
}
if (strlen($user) < 1 || strlen($user) > 32) {
return 'Username is too long or short.';
}
$stmt = $db->prepare("SELECT username FROM main.auth WHERE UPPER(username) LIKE UPPER(?)");
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result) return 'Username is taken.';
$hashed = password_hash($pass, PASSWORD_DEFAULT);
$stmt = $db->prepare("INSERT INTO main.auth (username, password) VALUES (?, ?)");
$stmt->execute([$user,$hashed]);
header("Location: /");
die();
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
function post_handler()
{
global $db;
// there is 100% a better way to do this but i need to test
if (!array_key_exists('pass', $_POST) || !array_key_exists('user', $_POST) || !array_key_exists('pass2', $_POST)) {
return '';
}
page_header();
$form_message = post_handler();
form("Join", $form_message, array(
array('key' => 'Username', 'type' => 'text', 'name' => 'user', 'default' => ''),
array('key' => 'Password', 'type' => 'password', 'name' => 'pass', 'default' => ''),
array('key' => 'Password (again)', 'type' => 'password', 'name' => 'pass2', 'default' => '')
));
page_footer();
?>
$user = $_POST['user'];
$pass = $_POST['pass'];
$pass2 = $_POST['pass2'];
preg_match("/[^A-Za-z0-9\-\_]/", $user, $matches);
if ($pass != $pass2) {
return 'Passwords are not the same.';
}
if (isset($matches) && count($matches) > 0) {
return 'Username contains invalid characters.';
}
if (strlen($user) < 1 || strlen($user) > 32) {
return 'Username is too long or short.';
}
$stmt = $db->prepare("SELECT username FROM main.auth WHERE UPPER(username) LIKE UPPER(?)");
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result) {
return 'Username is taken.';
}
$hashed = password_hash($pass, PASSWORD_DEFAULT);
$stmt = $db->prepare("INSERT INTO main.auth (username, password) VALUES (?, ?)");
$stmt->execute([$user,$hashed]);
header("Location: /");
die();
}
page_header();
$form_message = post_handler();
form("Join", $form_message, array(
array('key' => 'Username', 'type' => 'text', 'name' => 'user', 'default' => ''),
array('key' => 'Password', 'type' => 'password', 'name' => 'pass', 'default' => ''),
array('key' => 'Password (again)', 'type' => 'password', 'name' => 'pass2', 'default' => '')
));
page_footer();

76
docs/stats.php
View file

@ -1,42 +1,52 @@
<?php
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
function cmp($a, $b) {
if ($a == $b) {
return 0;
}
return ($a > $b) ? -1 : 1;
}
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
page_header();
function cmp($a, $b)
{
if ($a == $b) {
return 0;
}
return ($a > $b) ? -1 : 1;
}
function get_handler() {
$api = file_get_contents("https://nbg.dervland.net/node/top?ref=" . $_GET['ref']);
$pr = json_decode($api);
foreach ($pr as $usern => $rr) { ?>
<div class='comment'>
<div class="avatar">
<img src="/pfp/<?php echo $usern ?>.png" class="avatar-img">
<div>
<div><b>
page_header();
?>
<div>
<a class="form-button" href="?username=<?php echo $username ?>">Local</a>
<a class="form-button" href="?">Global</a>
</div>
<?php
function get_handler()
{
$api = file_get_contents("https://nbg.dervland.net/node/top?ref=" . $_GET['ref']);
$pr = json_decode($api);
foreach ($pr as $usern => $rr) { ?>
<div class='comment'>
<div class="avatar">
<img src="/pfp/<?php echo $usern ?>.png" class="avatar-img">
<div>
<div><b>
<a class="link" href="/user.php?id=<?php echo $usern ?>">
<?php echo $usern ?>
<?php echo $usern ?>
</a>
</b>
</div>
</div>
</div>
<div><b>Power</b>: <?php echo $rr ?></div>
</div>
<?php }
}
</b>
</div>
</div>
</div>
<div><b>Power</b>: <?php echo $rr ?></div>
</div>
<?php }
}
get_handler();
get_handler();
?>
<?php
page_footer();
page_footer();
?>

4
docs/tou.php
View file

@ -1,6 +1,6 @@
<?php
require(__DIR__ . "/../libs/page.php");
page_header();
require(__DIR__ . "/../libs/page.php");
page_header();
?>
<div class="comment">

193
docs/user.php
View file

@ -1,98 +1,105 @@
<?php
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
$roles = array();
page_header();
// this is a mess
function get_handler() {
global $db;
global $username;
global $user;
global $bio;
global $followers;
global $following;
global $roles;
// there is 100% a better way to do this but i need to test
if (!array_key_exists('id',$_GET)) {
die();
}
$user = $_GET['id'];
if (array_key_exists('type',$_GET)) {
$type = $_GET['type'];
if ($type == 'follow') {
follow();
} else if ($type == 'settings') {
settings();
}
}
$stmt = $db->prepare("SELECT * FROM main.user WHERE UPPER(username) LIKE UPPER(?)"); //weirdly, this requires a schema name
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$bio = isset($result) ? $result['bio'] : 'This user has not set a bio.';
$stmt = $db->prepare("SELECT * FROM main.follow WHERE target = ?");
$stmt->execute([$user]);
$following = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$stmt = $db->prepare("SELECT * FROM main.follow WHERE username = ?");
$stmt->execute([$user]);
$followers = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$stmt = $db->prepare("SELECT * FROM main.role WHERE username = ?");
$stmt->execute([$user]);
$roles = $stmt->fetchAll(PDO::FETCH_DEFAULT);
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
$roles = array();
page_header();
// this is a mess
function get_handler()
{
global $db;
global $username;
global $user;
global $bio;
global $followers;
global $following;
global $roles;
// there is 100% a better way to do this but i need to test
if (!array_key_exists('id', $_GET)) {
die();
}
function follow() {
global $db;
global $username;
global $user;
$stmt = $db->prepare("SELECT * FROM main.follow WHERE username = ? AND target = ?");
$user = $_GET['id'];
if (array_key_exists('type', $_GET)) {
$type = $_GET['type'];
if ($type == 'follow') {
follow();
} elseif ($type == 'settings') {
settings();
}
}
$stmt = $db->prepare("SELECT * FROM main.user WHERE UPPER(username) LIKE UPPER(?)"); //weirdly, this requires a schema name
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$bio = isset($result) ? $result['bio'] : 'This user has not set a bio.';
$stmt = $db->prepare("SELECT * FROM main.follow WHERE target = ?");
$stmt->execute([$user]);
$following = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$stmt = $db->prepare("SELECT * FROM main.follow WHERE username = ?");
$stmt->execute([$user]);
$followers = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$stmt = $db->prepare("SELECT * FROM main.role WHERE username = ?");
$stmt->execute([$user]);
$roles = $stmt->fetchAll(PDO::FETCH_DEFAULT);
}
function follow()
{
global $db;
global $username;
global $user;
$stmt = $db->prepare("SELECT * FROM main.follow WHERE username = ? AND target = ?");
$stmt->execute([$user,$username]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if (is_null($username)) {
return;
}
if ($result) {
$stmt = $db->prepare("DELETE FROM main.follow WHERE username = ? AND target = ?");
$stmt->execute([$user,$username]);
} else {
$stmt = $db->prepare("INSERT INTO main.follow (username,target) VALUES (?,?)");
$stmt->execute([$user,$username]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if (is_null($username)) return;
if ($result) {
$stmt = $db->prepare("DELETE FROM main.follow WHERE username = ? AND target = ?");
$stmt->execute([$user,$username]);
} else {
$stmt = $db->prepare("INSERT INTO main.follow (username,target) VALUES (?,?)");
$stmt->execute([$user,$username]);
}
}
function settings() {
global $db;
global $username;
global $user;
if (is_null($username)) return;
$stmt = $db->prepare("DELETE FROM main.user WHERE username = ?");
$stmt->execute([$username]);
$stmt = $db->prepare("INSERT INTO main.user (username,bio) VALUES (?,?)");
$stmt->execute([$username,$_POST['desc']]);
move_uploaded_file($_FILES['avatar']['tmp_name'], $_SERVER["DOCUMENT_ROOT"] . '/../docs/pfp/' . $username . '.png');
}
function settings()
{
global $db;
global $username;
global $user;
if (is_null($username)) {
return;
}
get_handler();
$stmt = $db->prepare("DELETE FROM main.user WHERE username = ?");
$stmt->execute([$username]);
$stmt = $db->prepare("INSERT INTO main.user (username,bio) VALUES (?,?)");
$stmt->execute([$username,$_POST['desc']]);
move_uploaded_file($_FILES['avatar']['tmp_name'], $_SERVER["DOCUMENT_ROOT"] . '/../docs/pfp/' . $username . '.png');
}
get_handler();
?>
<form class="banner" enctype="multipart/form-data" method="POST" action="/user.php?id=<?php echo $user ?>&type=follow">
<img class="banner-background" src="/pfp/<?php echo $user ?>.png">
@ -124,10 +131,10 @@
form("Your Settings", $form_message, array(
array('key' => 'Bio', 'type' => 'textarea', 'name' => 'desc', 'default' => $bio),
array('key' => 'Avatar', 'type' => 'file', 'name' => 'avatar', 'default' => '')
),'/user.php?id=' . $user . '&type=settings');
), '/user.php?id=' . $user . '&type=settings');
}
comments('user',$user);
comments('user', $user);
page_footer();
page_footer();
?>