<?php
// configuration
require "../includes/config.php";
if (isset($_GET["token"])) {
// query database for user
$rows = Lib::query("SELECT * FROM users WHERE token = ?", $_GET["token"]);
// if we found user, check password
if (count($rows) >= 1) {
Lib::query("UPDATE users SET active = 1, token = NULL WHERE token = ?", $_GET["token"]);
alert("Congratulations, your account is complete. You can now login", "success");
}
}
alert("Link is no longer valid.", "info");
<?php
// configuration
require "../includes/config.php";
$limit = 25;
$followed = Lib::query("SELECT * FROM followers WHERE user_id = ?", $_SESSION["id"]);
$followed = array_column($followed, "topic_id");
$followed[] = -1;
// So it is not empty
$followed = implode(", ", $followed);
$counts = Lib::query("SELECT COUNT(*) AS count FROM posts WHERE topic_id IN (" . $followed . ")");
$count = (int) $counts[0]["count"];
$info = pageInfo($limit, $count);
$rows = Lib::query("SELECT * FROM posts WHERE topic_id IN (" . $followed . ") ORDER BY id DESC LIMIT " . $info["start"] . ", " . $limit);
$posts = formPosts($rows);
render("home.php", ["title" => "Home", "posts" => $posts, "page" => $info["page"], "last" => $info["last"]]);
$counts = Lib::query("SELECT COUNT(*) AS count FROM topics");
$count = (int) $counts[0]["count"];
$info = pageInfo($limit, $count);
$topics = Lib::query("SELECT * FROM topics ORDER BY num_followers DESC LIMIT " . $info["start"] . ", " . $limit);
render("topics.php", ["title" => "Topics", "topics" => $topics, "page" => $info["page"], "last" => $info["last"]]);
}
} else {
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["name"])) {
alert("Please name your new topic.", "danger");
exit;
}
if (empty($_POST["description"])) {
alert("Please describe your new topic", "danger");
exit;
}
$shortname = shortname($_POST["name"]);
$rows = Lib::query("SELECT * FROM topics WHERE (name = ? OR shortname = ?)", $_POST["name"], $shortname);
if (count($rows) != 0) {
alert("This topic already exists.", "warning");
exit;
}
$result = Lib::query("INSERT IGNORE INTO topics (name, shortname, description) VALUES(?, ?, ?)", $_POST["name"], $shortname, $_POST["description"]);
if ($result == 0) {
alert("Something went wrong. Please try again later.", "danger");
exit;
}
// TODO: redirect to "/topics.php?shortname=" + $shortname
redirect("/topics.php?shortname=" . $shortname);
}
}
<?php
// configuration
require "../includes/config.php";
if (isset($_GET["query"])) {
$query = $_GET["query"] . '%';
$rows = Lib::query("SELECT name FROM topics WHERE name LIKE ?", $query);
$results = [];
foreach ($rows as $row) {
$results[] = $row["name"];
}
header("Content-type: application/json");
print json_encode($results);
}
} else {
$rows = Lib::query("SELECT * FROM users WHERE username = ?", $_POST["username"]);
if (count($rows) != 0) {
echo "Username already exits.";
exit;
}
$rows = Lib::query("SELECT * FROM users WHERE email = ?", $_POST["email"]);
if (count($rows) != 0) {
echo "An account already exists with this email.";
exit;
}
$token = md5(uniqid(rand(), true));
$message = '<html><head><title>Email Verification</title></head><body>';
$message .= '<p>Welcome to The Network. <a href="http://' . $_SERVER["HTTP_HOST"] . '/activate.php?token=' . $token . '">Click here to activate your account</a>.</p>';
$message .= '<p><i>If you do not know what this email is for just ignore it.</i></p>';
$message .= "</body></html>";
$sent = lib::sendEmail($_POST["email"], "The Network Verification", $message);
if ($sent === true) {
//registration complete
Lib::query("INSERT IGNORE INTO users (username, hash, email, token) VALUES(?, ?, ?, ?)", $_POST["username"], password_hash($_POST["password"], PASSWORD_DEFAULT), $_POST["email"], $token);
echo "OK";
} else {
echo "Verification email could not be sent. Please double check your email and try again.";
}
}
}
}
}
}
}
}
<?php
// configuration
require "../includes/config.php";
if (isset($_POST["id"])) {
$rows = Lib::query("SELECT * FROM followers WHERE user_id = ? AND topic_id = ?", $_SESSION["id"], $_POST["id"]);
//if already followed, unfollow
if (count($rows) > 0) {
$result = Lib::query("DELETE FROM followers WHERE user_id = ? AND topic_id = ?", $_SESSION["id"], $_POST["id"]);
$result = Lib::query("UPDATE topics SET num_followers = num_followers - 1 WHERE id = ?", $_POST["id"]);
} else {
$result = Lib::query("INSERT IGNORE INTO followers (user_id, topic_id) VALUES (?, ?)", $_SESSION["id"], $_POST["id"]);
$result = Lib::query("UPDATE topics SET num_followers = num_followers + 1 WHERE id = ?", $_POST["id"]);
}
}
<?php
// configuration
require "../includes/config.php";
if (isset($_POST["id"])) {
$rows = Lib::query("SELECT * FROM votes WHERE user_id = ? AND post_id = ?", $_SESSION["id"], $_POST["id"]);
//if already liked, unlike
if (count($rows) > 0) {
$result = Lib::query("DELETE FROM votes WHERE user_id = ? AND post_id = ?", $_SESSION["id"], $_POST["id"]);
} else {
$result = Lib::query("INSERT IGNORE INTO votes (user_id, post_id) VALUES (?, ?)", $_SESSION["id"], $_POST["id"]);
}
}
<?php
// configuration
require "../includes/config.php";
if (isset($_POST["text"]) && !(trim($_POST["text"]) == "") && !empty($_POST["topic"])) {
$result = Lib::query("INSERT INTO posts (text, user_id, topic_id) VALUES(?, ?, ?)", $_POST["text"], $_SESSION["id"], $_POST["topic"]);
if ($result == 0) {
alert("Post failed", "danger");
exit;
}
$topics = Lib::query("SELECT * FROM topics WHERE id = ?", $_POST["topic"]);
$topic = $topics[0];
redirect("/topics.php?shortname=" . $topic["shortname"]);
} else {
alert("Please put content in your post.", "danger");
}
/**
* Creates an array of posts in a format to print on the page given a mysql
* reponse of posts.
*/
function formPosts($rows)
{
$posts = [];
foreach ($rows as $row) {
$users = Lib::query("SELECT * FROM users WHERE id = ?", $row["user_id"]);
$user = $users[0];
//first and only user
$votes = Lib::query("SELECT * FROM votes WHERE post_id = ?", $row["id"]);
$numberLikes = count($votes);
$userVotes = Lib::query("SELECT * FROM votes WHERE post_id = ? AND user_id = ?", $row["id"], $_SESSION["id"]);
$liked = false;
if (count($userVotes) == 1) {
$liked = true;
}
$topics = Lib::query("SELECT * FROM topics WHERE id = ?", $row["topic_id"]);
$topic = $topics[0];
$posts[] = ["id" => $row["id"], "user" => $user, "date" => timeAgo(strtotime($row["date"])), "text" => $row["text"], "likes" => $numberLikes, "liked" => $liked, "topic" => $topic];
}
return $posts;
}
<?php
// configuration
require "../includes/config.php";
if (isset($_GET["username"])) {
// query database for user
$rows = Lib::query("SELECT * FROM users WHERE username = ? AND active = 0", $_GET["username"]);
// if we found user, check password
if (count($rows) == 1) {
$token = md5(uniqid(rand(), true));
$message = '<html><head><title>Email Verification</title></head><body>';
$message .= '<p>Welcome to The Network. <a href="http://' . $_SERVER["HTTP_HOST"] . '/activate.php?token=' . $token . '">Click here to activate your account</a>.</p>';
$message .= '<p><i>If you do not know what this email is for just ignore it.</i></p>';
$message .= "</body></html>";
$sent = lib::sendEmail($rows[0]["email"], "The Network Verification", $message);
if ($sent) {
Lib::query("UPDATE users SET token = ? WHERE username = ?", $token, $_GET["username"]);
alert("Email sent. Please check your email and click the link to activate", "success");
}
}
}
<?php
// configuration
require "../includes/config.php";
$users = [];
// look for user via id
if (isset($_GET["id"])) {
$users = Lib::query("SELECT * FROM users WHERE id = ?", $_GET["id"]);
} else {
if (isset($_GET["name"])) {
$users = Lib::query("SELECT * FROM users WHERE username = ?", $_GET["name"]);
}
}
if (count($users) == 0) {
alert("User not found", "danger");
exit;
}
$user = $users[0];
//first and only user
$limit = 15;
$counts = Lib::query("SELECT COUNT(*) AS count FROM posts WHERE user_id = ?", $user["id"]);
$count = (int) $counts[0]["count"];
$info = pageInfo($limit, $count);
$rows = Lib::query("SELECT * FROM posts WHERE user_id = ? ORDER BY id DESC LIMIT " . $info["start"] . ", " . $limit, $user["id"]);
$posts = formPosts($rows);
render("user.php", ["title" => $user["username"], "username" => $user["username"], "posts" => $posts, "page" => $info["page"], "last" => $info["last"]]);
// else render form
render("login_form.php", ["title" => "Log In"]);
}
} else {
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// validate submission
if (empty($_POST["username"])) {
echo "Please enter a username.";
exit;
}
if (empty($_POST["password"])) {
echo "Please enter a password.";
exit;
}
// query database for user
$rows = Lib::query("SELECT * FROM users WHERE username = ?", $_POST["username"]);
// if we found user, check password
if (count($rows) == 1) {
// first (and only) row
$row = $rows[0];
if ($row["active"] == 0) {
echo "Please verify your email first. Didn't get an email? <a class='alert-link' href='/resend.php?username="******"username"] . "'> Resend it!</a";
} elseif (password_verify($_POST["password"], $row["hash"])) {
// remember that user's now logged in by storing user's ID in session
$_SESSION["id"] = $row["id"];
// redirect to home
echo "OK";
} else {
echo "Incorrect username or password.";
}
} else {
