<?php
require $_SERVER['DOCUMENT_ROOT'] . "/include.php";
require $_SERVER['DOCUMENT_ROOT'] . "/Common/ImageManager/charavatar.php";
require $_SERVER['DOCUMENT_ROOT'] . "/Common/ImageManager/thumbnail.php";
$post_array = ['firstname', 'lastname', 'haircolor', 'eyecolor', 'height', 'weight', 'bustsize', 'hipsize', 'waistsize', 'bodytype', 'personality', 'description'];
$avatar_img = !empty($_FILES) ? $_FILES['files']['tmp_name'] : null;
if (isset($_POST) && !array_diff($post_array, array_keys($_POST)) && !empty($_FILES) && $_FILES["files"]["error"] == UPLOAD_ERR_OK) {
if (in_array("", array_values($_POST))) {
$RENDENGINE->render(new Text("Sorry. One of more of the fields were not filled out!"));
exit;
}
$SANTIZER = new InputSanitizer($_POST);
//Will think of better sanitize flags. Will add validation steps as well. Remember to santize avatar as well.
$SANTIZER->addFilter("firstname", FILTER_SANITIZE_STRING);
$SANTIZER->addFilter("lastname", FILTER_SANITIZE_STRING);
$SANTIZER->addFilter("haircolor", FILTER_SANITIZE_STRING);
$SANTIZER->addFilter("eyecolor", FILTER_SANITIZE_STRING);
$SANTIZER->addFilter("height", FILTER_SANITIZE_NUMBER_INT);
$SANTIZER->addFilter("weight", FILTER_SANITIZE_NUMBER_INT);
$SANTIZER->addFilter("bustsize", FILTER_SANITIZE_NUMBER_INT);
$SANTIZER->addFilter("hipsize", FILTER_SANITIZE_NUMBER_INT);
$SANTIZER->addFilter("waistsize", FILTER_SANITIZE_NUMBER_INT);
$SANTIZER->addFilter("bodytype", FILTER_SANITIZE_STRING);
$SANTIZER->addFilter("personality", FILTER_SANITIZE_STRING);
$SANTIZER->addFilter("description", FILTER_SANITIZE_STRING);
$sant_array = $SANTIZER->filter();
$connection = $DB->connect();
/*Error handling?*/
$char_ava = new CharacterAvatar($avatar_img);
$thumb = new ThumbNail($avatar_img);
$rendlist->addRenderable(new Text('<img src="' . Config::USER_IMAGE_ROOT . $user_fields["avatarpath"] . '">'));
$rendlist->addRenderable(new Text('</div>'));
$RENDENGINE->render($rendlist);
?>
<input name="files" type="file" accept="image/*">
<div class="form-group">
<button type="submit" class="btn" value="Submit">Submit</button>
</div>
</form>
<?php
if (isset($_POST) && !array_diff($post_array, array_keys($_POST))) {
$SANTIZER = new InputSanitizer($_POST);
$SANTIZER->addFilter("about", FILTER_SANITIZE_STRING);
$sant_arr = $SANTIZER->filter();
/*
We will not worry about deleting the old image for now. Should be implemented later, however.
*/
$connection2 = $DB->connect();
if ($avatar_img != null) {
require $_SERVER['DOCUMENT_ROOT'] . "/Common/ImageManager/useravatar.php";
$img_mang = new UserAvatar($avatar_img);
$ava_path = $img_mang->createImage($USERSESS->getUserID());
(new sqlDBExecute($connection2, "UPDATE USERINFO SET About = \$1,AvatarPath = \$2 WHERE UserID = \$3", array($sant_arr[0], $ava_path, $USERSESS->getUserID())))->execute();
} else {
/*Redundent for now*/
(new sqlDBExecute($connection2, "UPDATE USERINFO SET About = \$1 WHERE UserID = \$2", array($sant_arr[0], $USERSESS->getUserID())))->execute();
}
}
<?php
include $_SERVER['DOCUMENT_ROOT'] . "/include.php";
if (isset($_POST['username']) && $_POST['password']) {
if ($USERSESS->isLoggedIn()) {
echo 'You are already logged in';
exit;
//A dirty fix to try to fix the attempt relogging. Will have to put the login html at the top of the page at some point.
}
$SANTIZER = new InputSanitizer($_POST);
$SANTIZER->addFilter("username", FILTER_SANITIZE_STRING);
$sant_array = $SANTIZER->filter();
$username = $sant_array[0];
$password = md5($_POST['password']);
$connection = $DB->connect();
$login_query = new sqlDBQueryResult($connection, "SELECT UserID FROM USERINFO WHERE USERNAME = \$1", $params = array($username));
$login_query->query();
$login_result = $login_query->getRow();
if ($login_result == null) {
echo 'No such username was found';
} else {
$userid = $login_result["userid"];
$USERSESS->logIn();
$USERSESS->setUserFields($username, $userid);
$REDIRECTOR->redirectFromRoot('index');
}
}
<?php
include $_SERVER['DOCUMENT_ROOT'] . "/include.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config.php";
$post_array = array("firstname", "lastname");
if (isset($_POST) && !array_diff($post_array, array_keys($_POST))) {
$SANTIZER = new InputSanitizer($_POST);
$SANTIZER->addFilter("firstname", FILTER_SANITIZE_STRING);
$SANTIZER->addFilter("lastname", FILTER_SANITIZE_STRING);
$sant_array = $SANTIZER->filter();
$conn = $DB->connect();
$char_query = new sqlDBQueryResult($conn, "SELECT CharacterID, FirstName, LastName, AvatarThumbPath FROM Character WHERE FirstName=\$1 or LastName=\$2;", array($sant_array[0], $sant_array[1]));
$char_query->query();
$result_list = new RenderList();
$media_head = '<div class="media">';
$result_list->addRenderable(new Text($media_head));
//Turn this into a file. More convenient.
while ($row = $char_query->getRow()) {
$media_rend = new RenderList(new Text('<a class="media-left" href="/Public/Waifu/waifu.php?characterid=' . $row["characterid"] . '">'), new Text('<img class="media-object" src="' . Config::THUMB_IMAGE_ROOT . $row["avatarthumbpath"] . '">'), new Text('<div class="media-body">' . $row["firstname"] . $row["lastname"]));
$result_list->addRenderable($media_rend);
}
$result_list->addRenderable(new Text("</a></div></div>"));
//Add this encapsulation functionality in render list class? or different object?
$RENDENGINE->render($result_list);
}
<?php
require $_SERVER['DOCUMENT_ROOT'] . '/include.php';
if (isset($_GET['characterid'])) {
$SANTIZER = new InputSanitizer($_GET);
$SANTIZER->addFilter("characterid", FILTER_SANITIZE_NUMBER_INT);
//Add Validation
$sant_arr = $SANTIZER->filter();
$connection = $DB->connect();
$character_query = new sqlDBQueryResult($connection, "SELECT * FROM CHARACTER WHERE characterid = \$1 LIMIT 1", $params = $sant_arr);
$character_query->query();
$char_stat_arr = $character_query->getRow();
if ($char_stat_arr == null) {
$RENDENGINE->render(new Text("NO WAIFU DESU!!!! Nonexistent Character!"));
} else {
$rendList = new RenderList();
$rendList->addRenderable(new Text('<div id="waifu">
<div class="waifuinfo">
<table>
<tr> <th> Field </th>
<th> Value </th></tr>'));
$key_arr = ["CharacterID" => "pub", "First Name" => "pub", "Last Name" => "pub", "Hair Color" => "pub", "Eye Color" => "pub", "Height" => "pub", "Weight" => "pub", "Bust" => "pub", "Waist" => "pub", "Hips" => "pub", "Body Type" => "pub", "Personality" => "pub", "Description" => "protect", "AvatarPath" => "protect", "AvatarThumbPath" => "protect"];
$val_arr = array_combine(array_keys($key_arr), array_values($char_stat_arr));
foreach ($val_arr as $key => $value) {
if ($key_arr[$key] == "pub") {
$rendList->addRenderable(new Text("<tr> <td> {$key} </td> <td> {$value} </td> </tr>"));
}
}
$rendList->addRenderable(new Text("</table>"));
$rendList->addRenderable(new Text('<h3> Description </h3> <div class="waifudescrip">' . $val_arr["Description"] . '</div> <a href="#"> Edit this page </a> </div>'));
$rendList->addRenderable(new Text('<img src="' . Config::IMAGE_ROOT . $val_arr["AvatarPath"] . '"style=float: right; margin-left: auto;>'));
