function createUser()
{
if (isset($_POST['register'])) {
$username = filter_var($_POST['username'], FILTER_SANITIZE_SPECIAL_CHARS);
$f_name = filter_var($_POST['f_name'], FILTER_SANITIZE_SPECIAL_CHARS);
$l_name = filter_var($_POST['l_name'], FILTER_SANITIZE_SPECIAL_CHARS);
$email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
$re_email = filter_var($_POST['re_email'], FILTER_VALIDATE_EMAIL);
$pass = filter_var($_POST['pass'], FILTER_SANITIZE_SPECIAL_CHARS);
$pass = md5($pass);
/* OBS att jag är medveten om att bara md5 inte är bra... */
$re_pass = filter_var($_POST['re_pass'], FILTER_SANITIZE_SPECIAL_CHARS);
$count = dbRow("SELECT COUNT(*) AS count FROM litter_users\n\t\t\tWHERE username = '******'");
if ($username == "" || $f_name == "" || $l_name == "" || $pass == "") {
print "<h4>You didn't complete the form!</h4>";
} elseif ($count['count'] > 0) {
print "<h4>This username is allreday taken!</h4>";
} elseif ($email !== $re_email) {
print "<h4>The two e-mails didn't match!</h4>";
} elseif ($email === false || $re_email === false) {
print "<h4>This is not a valid e-mail</h4>";
} elseif ($pass !== md5($re_pass)) {
print "<h4>The two passwords didn't match!</h4>";
} else {
dbAdd("INSERT INTO litter_users \n\t\t(username, f_name, l_name, email, pass)\n\t\tVALUES('@{$username}', '{$f_name}', '{$l_name}', '{$email}', '{$pass}')");
$new_id = dbRow("SELECT user_id FROM litter_users\n\t\t\t\tWHERE username = '******'");
mkdir('userIMG/' . $new_id['user_id']);
session_start();
$_SESSION['error'] = 'Your account has been created! Lets go:';
header('Location: form.php');
}
} else {
print "<h4>Something went wrong... Please try again later!</h4>";
}
}
function recycle()
{
$user_id = $_SESSION['user_id'];
if (isset($_POST['recycle'])) {
$post_id = (int) $_POST['post_id'];
dbAdd("INSERT INTO litter_posts (user_id, recycle)\n\t\tVALUES ('{$user_id}', '{$post_id}')");
return "Recycling is good for our planet, good on you!";
}
}
function follow()
{
$sess_user = $_SESSION['user_id'];
$id = (int) $_POST['id'];
$username = dbRow("SELECT username FROM litter_users\n\t\tWHERE user_id = '{$id}'");
if (isset($_POST['follow'])) {
dbAdd("INSERT INTO litter_following (user_id, following)\n\t\t\tVALUES ('{$sess_user}', '{$id}')");
return "You're now following " . $username['username'];
}
if (isset($_POST['unfollow'])) {
dbAdd("DELETE FROM litter_following\n\t\tWHERE following = '{$id}' AND user_id = '{$sess_user}'");
return "You just stopped following " . $username['username'];
}
}
function delete($table, $col_id, $col_name)
{
if (isset($_POST['delete'])) {
$id = $_POST['id'];
$name = $_POST['name'];
dbAdd("DELETE FROM {$table}\n\t\t\tWHERE {$col_id} = '{$id}' AND {$col_name} = '{$name}'");
print 'Du har tagit bort "' . $name . '"';
}
}