$conn->prepQuery($query); $conn->bindArrayValue(array('advert' => $advert_id, 'image' => $image_id)); $conn->execute(); } // Count how many tags were stored. $numberOfTags = count($tags); $tagsToAdd = array(); $tagIdsStored = array(); // Query to check if such tag exists. $query = "SELECT tag_id FROM whwp_Tag WHERE tag_description = :tag"; $conn->prepQuery($query); for ($i = 0; $i < $numberOfTags; $i++) { $tag = $tags[$i]; $conn->bind('tag', $tag); $t = $conn->single(); if ($conn->rowCount() == 0) { array_push($tagsToAdd, $tag); } else { $tagId = $t->tag_id; array_push($tagIdsStored, $tagId); } } // How many tags should be added $numberOfTagsToAdd = count($tagsToAdd); $query = "INSERT INTO whwp_Tag (tag_description) VALUES (:tag)"; $conn->prepQuery($query); for ($i = 0; $i < $numberOfTagsToAdd; $i++) { $conn->bind('tag', $tagsToAdd[0]); $conn->execute(); array_shift($tagsToAdd); array_push($tagIdsStored, $conn->lastInsertId());
// echo "<a href='register.php'>Sign Up</a> "; // echo "<a href='login.php'>Log In</a>"; // } // if (isset($_REQUEST['username']) && isset($_REQUEST['password']) && isset($_REQUEST['email'])) { try { $database = new DBCommunication(); $username = $_REQUEST['username']; $password = $_REQUEST['password']; $email = $_REQUEST['email']; // Check if such username does not exist. $query = "SELECT * FROM whwp_User WHERE user_firstname = :username"; $database->prepQuery($query); $database->bind('username', $username); $database->execute(); if ($database->rowCount() > 0) { echo "Email already in use."; } else { $hashed_password = password_hash($password, PASSWORD_DEFAULT); // Insert these values into a database. $query = "INSERT INTO whwp_User (user_firstname, user_email, user_password, user_ismoderator) VALUES (:username,:email, :hashed_password, 0)"; $database->prepQuery($query); $database->bindArrayValue(array('username' => $username, 'hashed_password' => $hashed_password, 'email' => $email)); $database->execute(); if ($database->rowCount() > 0) { echo "Congratulations! You have registered on our website!"; } } } catch (PDOException $e) { echo "Something went wrong..."; }
require 'crypting.php'; header('Content-type: application/json'); $response_array = array('success' => false, 'error_code' => array(), 'message' => ''); if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['email'])) { // Get typed in values and add needed signs. try { $database = new DBCommunication(); $username = $_POST['username']; $password = $_POST['password']; $email = $_POST['email']; // Check if such username does not exist. $query = "SELECT * FROM whwp_User WHERE user_username = :username"; $database->prepQuery($query); $database->bind('username', $username); $database->execute(); $usernameuse = $database->rowCount(); if ($usernameuse > 0) { array_push($response_array['error_code'], 1); } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { array_push($response_array['error_code'], 5); } if (strlen($password) < 6) { array_push($response_array['error_code'], 6); } if (strlen($password)) { if (empty($response_array['error_code'])) { $email = encrypt($email); $hashed_password = password_hash($password, PASSWORD_DEFAULT); // Insert these values into a database. $query = "INSERT INTO whwp_User (user_username, user_email, user_password, user_ismoderator) VALUES (:username,:email, :hashed_password, 0)";
echo "You need to log in first!"; header("refresh:3;url=login.php"); } else { // Check which user is logged in $user_id = $_SESSION['user_id']; // Getting messages from the database /*$query = "SELECT * FROM message, message_text WHERE :user_id = receiver_id " . "AND message.message_id = message_text.message_id";*/ try { // Establishing a connection to the database $conn = new DBCommunication(); $query = "SELECT * FROM whwp_Message WHERE :user_id = message_recipient ORDER BY message_date,message_time DESC"; $conn->prepQuery($query); $conn->bind('user_id', $user_id); $message = $conn->resultset(); $countMessages = $conn->rowCount(); if ($countMessages == 0) { echo "You have no messages in your inbox!"; } else { echo "<table class='table'>"; echo "<tr><th>Sender</th><th>Title</th>" . "<th>Time Sent</th></tr>"; foreach ($message as $element) { $message_id = $element->message_id; $sender_id = $element->message_sender; $query = "SELECT user_firstname FROM whwp_User WHERE user_id = :user"; $conn->prepQuery($query); $conn->bind('user', $sender_id); $resultset = $conn->single(); $sender = $resultset->user_firstname; $title = $element->message_subject; $date = $element->message_time;
$conn->bind('user_id', $user_id); $user = $conn->single(); $username = $user->user_firstname; echo "The page of " . $username; // Set the target as a private message receiver $_SESSION['target_id'] = $user_id; // If the user is not in his own page - displaay the link to PM if (isset($_SESSION['user_id']) && $_SESSION['user_id'] !== $user_id) { echo "<a href='send_message.php'><img src='images/pm.png' id='pm' alt='Private Message' title='Private Message'/></a>"; } // Query to get all the ads from the user, whose page is accessed. $query = "SELECT * FROM whwp_Advert WHERE advert_owner = :user_id"; $conn->prepQuery($query); $conn->bind('user_id', $user_id); $ad = $conn->resultset(); $countAds = $conn->rowCount(); if ($countAds == 0) { echo "<br/>No adverts uplaoded by this user!"; } else { echo "<h2>Ads uploaded by: " . $username . ":</h2>"; foreach ($ad as $element) { $advert_id = $element->advert_id; $price = $element->advert_price; $title = $element->advert_bookname; echo "<p><a href ='showAdvert.php?advert_id={$advert_id}'>" . $title . " " . $price . "</a></p>"; } } } catch (PDOException $e) { echo "Something went wrong."; } } else {