} } } else { if (isset($_POST['file-url']) && !empty($_POST['file-url']) && !!filter_var($_POST['file-url'], FILTER_VALIDATE_URL)) { $url = $_POST['file-url']; $fullname = basename($url); list($filename, $extension) = explode(".", $fullname); $uploadfile = $uploadDir . $fullname; $f = fopen($url, 'rb'); if ($f) { $content = ""; while ($data = fread($f, 1024)) { $content .= $data; } fclose($f); file_put_contents($uploadfile, $content); try { updateUserImage($_SESSION['id'], $filename, $path, $extension); } catch (Exception $e) { ecvdphp\addFlashMessage('error', $e->getMessage()); header('Location:profile.php', true, 301); exit; } } else { ecvdphp\addFlashMessage('error', 'The URL couldn\'t not be found'); } } else { ecvdphp\addFlashMessage('error', 'The uploaded file couldn\'t be found'); } } ecvdphp\redirect("profile.php");
} } else { if (isset($_POST['file-url']) && !empty($_POST['file-url']) && !!filter_var($_POST['file-url'], FILTER_VALIDATE_URL)) { $fileUrl = $_POST['file-url']; list($filename, $extension) = ecvdphp\downloadImageFromUrl($fileUrl); $imageData = array('filename' => $filename, 'path' => $path, 'extension' => $extension); } else { ecvdphp\addFlashMessage('error', 'The uploaded file couldn\'t be found'); } } try { $postId = ecvdphp\DB\Post\insertNewPost($_SESSION['id'], $title, $body, $imageData); ecvdphp\addFlashMessage('success', 'You\'ve successfully created a new post'); ecvdphp\redirect('show.php?id=' . $postId); } catch (Exception $e) { ecvdphp\addFlashMessage('error', $e->getMessage()); } } include '../header.php'; ?> <div> <form enctype="multipart/form-data" method="post" action=""> <fieldset> <legend>New post</legend> <p> <label for="title">Title :</label> <input name="title" type="text" id="title" value=""/> <br /> <label for="body">Content :</label> <textarea name="body" id="body" ></textarea> <br />
<?php require_once 'session.php'; require_once 'functions.php'; require_once 'connect.php'; session_destroy(); $stmt = $conn->prepare("DELETE FROM users WHERE id=:id"); $stmt->bindParam(':id', $_SESSION['id']); if (!$stmt->execute()) { ecvdphp\addFlashMessage('error', 'Could not delete the user'); } else { ecvdphp\addFlashMessage('success', 'Your account has been deleted'); } ecvdphp\redirect('index.php');
ecvdphp\addFlashMessage('error', 'Something went wrong. You must fill all the fields'); } else { $username = trim($_POST['username']); // To improve the ux of the user, you can trim the input $password = trim($_POST['password']); $stmt = $conn->prepare("SELECT * FROM users WHERE username = ?"); if ($stmt->execute(array($username))) { $result = $stmt->fetchAll(); if (count($result) === 1 && password_verify($password, $result[0]['password'])) { $_SESSION['id'] = $result[0]["id"]; $_SESSION['username'] = $result[0]["username"]; ecvdphp\addFlashMessage('success', 'You\'ve successfully logged in'); ecvdphp\redirect($_SERVER['PHP_SELF']); } } ecvdphp\addFlashMessage('error', 'Something went wrong. You must fill all the fields'); } } } ?> <div> <form method="post" action=""> <fieldset> <legend>Connexion</legend> <p> <label for="username">Pseudo :</label> <input name="username" type="text" id="username" /><br /> <label for="password">Mot de Passe :</label> <input type="password" name="password" id="password" />