}
}
} else {
if (isset($_POST['file-url']) && !empty($_POST['file-url']) && !!filter_var($_POST['file-url'], FILTER_VALIDATE_URL)) {
$url = $_POST['file-url'];
$fullname = basename($url);
list($filename, $extension) = explode(".", $fullname);
$uploadfile = $uploadDir . $fullname;
$f = fopen($url, 'rb');
if ($f) {
$content = "";
while ($data = fread($f, 1024)) {
$content .= $data;
}
fclose($f);
file_put_contents($uploadfile, $content);
try {
updateUserImage($_SESSION['id'], $filename, $path, $extension);
} catch (Exception $e) {
ecvdphp\addFlashMessage('error', $e->getMessage());
header('Location:profile.php', true, 301);
exit;
}
} else {
ecvdphp\addFlashMessage('error', 'The URL couldn\'t not be found');
}
} else {
ecvdphp\addFlashMessage('error', 'The uploaded file couldn\'t be found');
}
}
ecvdphp\redirect("profile.php");
}
} else {
if (isset($_POST['file-url']) && !empty($_POST['file-url']) && !!filter_var($_POST['file-url'], FILTER_VALIDATE_URL)) {
$fileUrl = $_POST['file-url'];
list($filename, $extension) = ecvdphp\downloadImageFromUrl($fileUrl);
$imageData = array('filename' => $filename, 'path' => $path, 'extension' => $extension);
} else {
ecvdphp\addFlashMessage('error', 'The uploaded file couldn\'t be found');
}
}
try {
$postId = ecvdphp\DB\Post\insertNewPost($_SESSION['id'], $title, $body, $imageData);
ecvdphp\addFlashMessage('success', 'You\'ve successfully created a new post');
ecvdphp\redirect('show.php?id=' . $postId);
} catch (Exception $e) {
ecvdphp\addFlashMessage('error', $e->getMessage());
}
}
include '../header.php';
?>
<div>
<form enctype="multipart/form-data" method="post" action="">
<fieldset>
<legend>New post</legend>
<p>
<label for="title">Title :</label>
<input name="title" type="text" id="title" value=""/>
<br />
<label for="body">Content :</label>
<textarea name="body" id="body" ></textarea>
<br />
<?php
require_once 'session.php';
require_once 'functions.php';
require_once 'connect.php';
session_destroy();
$stmt = $conn->prepare("DELETE FROM users WHERE id=:id");
$stmt->bindParam(':id', $_SESSION['id']);
if (!$stmt->execute()) {
ecvdphp\addFlashMessage('error', 'Could not delete the user');
} else {
ecvdphp\addFlashMessage('success', 'Your account has been deleted');
}
ecvdphp\redirect('index.php');
ecvdphp\addFlashMessage('error', 'Something went wrong. You must fill all the fields');
} else {
$username = trim($_POST['username']);
// To improve the ux of the user, you can trim the input
$password = trim($_POST['password']);
$stmt = $conn->prepare("SELECT * FROM users WHERE username = ?");
if ($stmt->execute(array($username))) {
$result = $stmt->fetchAll();
if (count($result) === 1 && password_verify($password, $result[0]['password'])) {
$_SESSION['id'] = $result[0]["id"];
$_SESSION['username'] = $result[0]["username"];
ecvdphp\addFlashMessage('success', 'You\'ve successfully logged in');
ecvdphp\redirect($_SERVER['PHP_SELF']);
}
}
ecvdphp\addFlashMessage('error', 'Something went wrong. You must fill all the fields');
}
}
}
?>
<div>
<form method="post" action="">
<fieldset>
<legend>Connexion</legend>
<p>
<label for="username">Pseudo :</label>
<input name="username" type="text" id="username" /><br />
<label for="password">Mot de Passe :</label>
<input type="password" name="password" id="password" />
