123 lines
4 KiB
PHP
123 lines
4 KiB
PHP
|
<?php
|
||
|
require("../libs/page.php");
|
||
|
require("../libs/form.php");
|
||
|
page_header();
|
||
|
|
||
|
// this is a mess
|
||
|
function get_handler() {
|
||
|
global $db;
|
||
|
global $username;
|
||
|
global $user;
|
||
|
global $bio;
|
||
|
global $followers;
|
||
|
global $following;
|
||
|
|
||
|
// there is 100% a better way to do this but i need to test
|
||
|
if (!array_key_exists('id',$_GET)) {
|
||
|
die();
|
||
|
}
|
||
|
|
||
|
$user = $_GET['id'];
|
||
|
|
||
|
$type = $_GET['type'];
|
||
|
|
||
|
if (array_key_exists('type',$_GET)) {
|
||
|
if ($type == 'follow') {
|
||
|
follow();
|
||
|
} else if ($type == 'settings') {
|
||
|
settings();
|
||
|
}
|
||
|
}
|
||
|
|
||
|
$stmt = $db->prepare("SELECT * FROM main.user WHERE UPPER(username) LIKE UPPER(?)"); //weirdly, this requires a schema name
|
||
|
$stmt->execute([$user]);
|
||
|
|
||
|
$result = $stmt->fetch(PDO::FETCH_ASSOC);
|
||
|
|
||
|
if (!$result && $user != $username) {
|
||
|
die();
|
||
|
}
|
||
|
|
||
|
$bio = isset($result) ? $result['bio'] : 'This user has not set a bio.';
|
||
|
|
||
|
$stmt = $db->prepare("SELECT * FROM follow WHERE target = ?");
|
||
|
$stmt->execute([$user]);
|
||
|
|
||
|
$following = $stmt->fetchAll(PDO::FETCH_DEFAULT);
|
||
|
|
||
|
$stmt = $db->prepare("SELECT * FROM follow WHERE username = ?");
|
||
|
$stmt->execute([$user]);
|
||
|
|
||
|
$followers = $stmt->fetchAll(PDO::FETCH_DEFAULT);
|
||
|
|
||
|
}
|
||
|
|
||
|
function follow() {
|
||
|
global $db;
|
||
|
global $username;
|
||
|
global $user;
|
||
|
|
||
|
$stmt = $db->prepare("SELECT * FROM main.follow WHERE username = ? AND target = ?");
|
||
|
$stmt->execute([$user,$username]);
|
||
|
|
||
|
$result = $stmt->fetch(PDO::FETCH_ASSOC);
|
||
|
|
||
|
if (is_null($username)) return;
|
||
|
|
||
|
if ($result) {
|
||
|
$stmt = $db->prepare("DELETE FROM main.follow WHERE username = ? AND target = ?");
|
||
|
$stmt->execute([$user,$username]);
|
||
|
} else {
|
||
|
$stmt = $db->prepare("INSERT INTO main.follow (username,target) VALUES (?,?)");
|
||
|
$stmt->execute([$user,$username]);
|
||
|
}
|
||
|
}
|
||
|
function settings() {
|
||
|
global $db;
|
||
|
global $username;
|
||
|
global $user;
|
||
|
|
||
|
if (is_null($username)) return;
|
||
|
|
||
|
$stmt = $db->prepare("DELETE FROM main.user WHERE username = ?");
|
||
|
$stmt->execute([$username]);
|
||
|
|
||
|
$stmt = $db->prepare("INSERT INTO main.user (username,bio) VALUES (?,?)");
|
||
|
$stmt->execute([$username,$_POST['desc']]);
|
||
|
|
||
|
move_uploaded_file($_FILES['avatar']['tmp_name'], $_SERVER["DOCUMENT_ROOT"] . '/../docs/pfp/' . $username . '.png');
|
||
|
}
|
||
|
|
||
|
get_handler();
|
||
|
?>
|
||
|
<form class="banner" enctype="multipart/form-data" method="POST" action="/user.php?id=<?php echo $user ?>&type=follow">
|
||
|
<img class="banner-background" src="/pfp/<?php echo $username ?>.png">
|
||
|
<div class="banner-content">
|
||
|
<div class="form-message"></div>
|
||
|
<div class="avatar">
|
||
|
<img src="/pfp/<?php echo $username ?>.png" class="avatar-img">
|
||
|
<b>@<?php echo $username ?></b>
|
||
|
<input class="form-button" type="submit" value="Follow">
|
||
|
</div>
|
||
|
|
||
|
<div class="avatar">
|
||
|
<div></div>
|
||
|
<b><?php echo count($followers) ?> followers</b>
|
||
|
<b><?php echo count($following) ?> following</b>
|
||
|
<div></div>
|
||
|
</div>
|
||
|
<input name="target" hidden="" value="<?php echo $username ?>">
|
||
|
|
||
|
<pre><?php echo htmlspecialchars($bio) ?></pre>
|
||
|
</div>
|
||
|
</form>
|
||
|
<?php
|
||
|
if ($user == $username) {
|
||
|
form("Your Settings", $form_message, array(
|
||
|
array('key' => 'Bio', 'type' => 'textarea', 'name' => 'desc', 'default' => $bio),
|
||
|
array('key' => 'Avatar', 'type' => 'file', 'name' => 'avatar', 'default' => '')
|
||
|
),'/user.php?id=' . $user . '&type=settings');
|
||
|
}
|
||
|
|
||
|
page_footer();
|
||
|
?>
|