<?php // configuration require "../includes/config.php"; if (isset($_GET["token"])) { // query database for user $rows = Lib::query("SELECT * FROM users WHERE token = ?", $_GET["token"]); // if we found user, check password if (count($rows) >= 1) { Lib::query("UPDATE users SET active = 1, token = NULL WHERE token = ?", $_GET["token"]); alert("Congratulations, your account is complete. You can now login", "success"); } } alert("Link is no longer valid.", "info");
<?php // configuration require "../includes/config.php"; $limit = 25; $followed = Lib::query("SELECT * FROM followers WHERE user_id = ?", $_SESSION["id"]); $followed = array_column($followed, "topic_id"); $followed[] = -1; // So it is not empty $followed = implode(", ", $followed); $counts = Lib::query("SELECT COUNT(*) AS count FROM posts WHERE topic_id IN (" . $followed . ")"); $count = (int) $counts[0]["count"]; $info = pageInfo($limit, $count); $rows = Lib::query("SELECT * FROM posts WHERE topic_id IN (" . $followed . ") ORDER BY id DESC LIMIT " . $info["start"] . ", " . $limit); $posts = formPosts($rows); render("home.php", ["title" => "Home", "posts" => $posts, "page" => $info["page"], "last" => $info["last"]]);
$counts = Lib::query("SELECT COUNT(*) AS count FROM topics"); $count = (int) $counts[0]["count"]; $info = pageInfo($limit, $count); $topics = Lib::query("SELECT * FROM topics ORDER BY num_followers DESC LIMIT " . $info["start"] . ", " . $limit); render("topics.php", ["title" => "Topics", "topics" => $topics, "page" => $info["page"], "last" => $info["last"]]); } } else { if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["name"])) { alert("Please name your new topic.", "danger"); exit; } if (empty($_POST["description"])) { alert("Please describe your new topic", "danger"); exit; } $shortname = shortname($_POST["name"]); $rows = Lib::query("SELECT * FROM topics WHERE (name = ? OR shortname = ?)", $_POST["name"], $shortname); if (count($rows) != 0) { alert("This topic already exists.", "warning"); exit; } $result = Lib::query("INSERT IGNORE INTO topics (name, shortname, description) VALUES(?, ?, ?)", $_POST["name"], $shortname, $_POST["description"]); if ($result == 0) { alert("Something went wrong. Please try again later.", "danger"); exit; } // TODO: redirect to "/topics.php?shortname=" + $shortname redirect("/topics.php?shortname=" . $shortname); } }
<?php // configuration require "../includes/config.php"; if (isset($_GET["query"])) { $query = $_GET["query"] . '%'; $rows = Lib::query("SELECT name FROM topics WHERE name LIKE ?", $query); $results = []; foreach ($rows as $row) { $results[] = $row["name"]; } header("Content-type: application/json"); print json_encode($results); }
} else { $rows = Lib::query("SELECT * FROM users WHERE username = ?", $_POST["username"]); if (count($rows) != 0) { echo "Username already exits."; exit; } $rows = Lib::query("SELECT * FROM users WHERE email = ?", $_POST["email"]); if (count($rows) != 0) { echo "An account already exists with this email."; exit; } $token = md5(uniqid(rand(), true)); $message = '<html><head><title>Email Verification</title></head><body>'; $message .= '<p>Welcome to The Network. <a href="http://' . $_SERVER["HTTP_HOST"] . '/activate.php?token=' . $token . '">Click here to activate your account</a>.</p>'; $message .= '<p><i>If you do not know what this email is for just ignore it.</i></p>'; $message .= "</body></html>"; $sent = lib::sendEmail($_POST["email"], "The Network Verification", $message); if ($sent === true) { //registration complete Lib::query("INSERT IGNORE INTO users (username, hash, email, token) VALUES(?, ?, ?, ?)", $_POST["username"], password_hash($_POST["password"], PASSWORD_DEFAULT), $_POST["email"], $token); echo "OK"; } else { echo "Verification email could not be sent. Please double check your email and try again."; } } } } } } } }
<?php // configuration require "../includes/config.php"; if (isset($_POST["id"])) { $rows = Lib::query("SELECT * FROM followers WHERE user_id = ? AND topic_id = ?", $_SESSION["id"], $_POST["id"]); //if already followed, unfollow if (count($rows) > 0) { $result = Lib::query("DELETE FROM followers WHERE user_id = ? AND topic_id = ?", $_SESSION["id"], $_POST["id"]); $result = Lib::query("UPDATE topics SET num_followers = num_followers - 1 WHERE id = ?", $_POST["id"]); } else { $result = Lib::query("INSERT IGNORE INTO followers (user_id, topic_id) VALUES (?, ?)", $_SESSION["id"], $_POST["id"]); $result = Lib::query("UPDATE topics SET num_followers = num_followers + 1 WHERE id = ?", $_POST["id"]); } }
<?php // configuration require "../includes/config.php"; if (isset($_POST["id"])) { $rows = Lib::query("SELECT * FROM votes WHERE user_id = ? AND post_id = ?", $_SESSION["id"], $_POST["id"]); //if already liked, unlike if (count($rows) > 0) { $result = Lib::query("DELETE FROM votes WHERE user_id = ? AND post_id = ?", $_SESSION["id"], $_POST["id"]); } else { $result = Lib::query("INSERT IGNORE INTO votes (user_id, post_id) VALUES (?, ?)", $_SESSION["id"], $_POST["id"]); } }
<?php // configuration require "../includes/config.php"; if (isset($_POST["text"]) && !(trim($_POST["text"]) == "") && !empty($_POST["topic"])) { $result = Lib::query("INSERT INTO posts (text, user_id, topic_id) VALUES(?, ?, ?)", $_POST["text"], $_SESSION["id"], $_POST["topic"]); if ($result == 0) { alert("Post failed", "danger"); exit; } $topics = Lib::query("SELECT * FROM topics WHERE id = ?", $_POST["topic"]); $topic = $topics[0]; redirect("/topics.php?shortname=" . $topic["shortname"]); } else { alert("Please put content in your post.", "danger"); }
/** * Creates an array of posts in a format to print on the page given a mysql * reponse of posts. */ function formPosts($rows) { $posts = []; foreach ($rows as $row) { $users = Lib::query("SELECT * FROM users WHERE id = ?", $row["user_id"]); $user = $users[0]; //first and only user $votes = Lib::query("SELECT * FROM votes WHERE post_id = ?", $row["id"]); $numberLikes = count($votes); $userVotes = Lib::query("SELECT * FROM votes WHERE post_id = ? AND user_id = ?", $row["id"], $_SESSION["id"]); $liked = false; if (count($userVotes) == 1) { $liked = true; } $topics = Lib::query("SELECT * FROM topics WHERE id = ?", $row["topic_id"]); $topic = $topics[0]; $posts[] = ["id" => $row["id"], "user" => $user, "date" => timeAgo(strtotime($row["date"])), "text" => $row["text"], "likes" => $numberLikes, "liked" => $liked, "topic" => $topic]; } return $posts; }
<?php // configuration require "../includes/config.php"; if (isset($_GET["username"])) { // query database for user $rows = Lib::query("SELECT * FROM users WHERE username = ? AND active = 0", $_GET["username"]); // if we found user, check password if (count($rows) == 1) { $token = md5(uniqid(rand(), true)); $message = '<html><head><title>Email Verification</title></head><body>'; $message .= '<p>Welcome to The Network. <a href="http://' . $_SERVER["HTTP_HOST"] . '/activate.php?token=' . $token . '">Click here to activate your account</a>.</p>'; $message .= '<p><i>If you do not know what this email is for just ignore it.</i></p>'; $message .= "</body></html>"; $sent = lib::sendEmail($rows[0]["email"], "The Network Verification", $message); if ($sent) { Lib::query("UPDATE users SET token = ? WHERE username = ?", $token, $_GET["username"]); alert("Email sent. Please check your email and click the link to activate", "success"); } } }
<?php // configuration require "../includes/config.php"; $users = []; // look for user via id if (isset($_GET["id"])) { $users = Lib::query("SELECT * FROM users WHERE id = ?", $_GET["id"]); } else { if (isset($_GET["name"])) { $users = Lib::query("SELECT * FROM users WHERE username = ?", $_GET["name"]); } } if (count($users) == 0) { alert("User not found", "danger"); exit; } $user = $users[0]; //first and only user $limit = 15; $counts = Lib::query("SELECT COUNT(*) AS count FROM posts WHERE user_id = ?", $user["id"]); $count = (int) $counts[0]["count"]; $info = pageInfo($limit, $count); $rows = Lib::query("SELECT * FROM posts WHERE user_id = ? ORDER BY id DESC LIMIT " . $info["start"] . ", " . $limit, $user["id"]); $posts = formPosts($rows); render("user.php", ["title" => $user["username"], "username" => $user["username"], "posts" => $posts, "page" => $info["page"], "last" => $info["last"]]);
// else render form render("login_form.php", ["title" => "Log In"]); } } else { if ($_SERVER["REQUEST_METHOD"] == "POST") { // validate submission if (empty($_POST["username"])) { echo "Please enter a username."; exit; } if (empty($_POST["password"])) { echo "Please enter a password."; exit; } // query database for user $rows = Lib::query("SELECT * FROM users WHERE username = ?", $_POST["username"]); // if we found user, check password if (count($rows) == 1) { // first (and only) row $row = $rows[0]; if ($row["active"] == 0) { echo "Please verify your email first. Didn't get an email? <a class='alert-link' href='/resend.php?username="******"username"] . "'> Resend it!</a"; } elseif (password_verify($_POST["password"], $row["hash"])) { // remember that user's now logged in by storing user's ID in session $_SESSION["id"] = $row["id"]; // redirect to home echo "OK"; } else { echo "Incorrect username or password."; } } else {