giveError("Email already exists. Returning to registration page"); } else { if ($name_rows != 0) { //name already in database redirectIn(3, "register.html"); giveError("Username already exists. Returning to registration page"); } else { //otherwise, register user //hash password using bcrpyt //bcrypt needs a cost. default to 11 $options = array('cost' => 11); $hash = password_hash($password, PASSWORD_BCRYPT, $options); $register_query = "INSERT INTO members(username, email, password) VALUES ('{$name}', '{$email}', '{$hash}')"; $conn->query($register_query) or die("Fatal Error. Please try to register again: " . mysql_error()); redirectIn(3, "index.php"); giveError("Registered successfully. Returning to main page"); } } $name_result->free(); $email_results->free(); $conn->free(); } } else { if (!isset($_SERVER['HTTPS'])) { redirect("https://eeatc.com/register.php"); } else { include_once "index_header.php"; echo "<form class='pure-form' method='post' action='register.php' style='margin-top: 200px'>"; echo "<fieldset class='pure-group'>"; echo "<input type='text' class='pure-input-1-4' name='name' placeholder='Username' required>"; echo "<input type='password' class='pure-input-1-4' name='password' placeholder='Password' required>";
$subject = $_POST['subject']; $current_time = date('Y-m-d H:i:s'); $topic_creator_id = $_SESSION['id']; createTopic($current_time, $topic_creator_id, $subject); // post message $topic_id = $conn->insert_id; // gets id of last inserted topic $post_content = $_POST['message']; postMsg($topic_id, $current_time, $topic_creator_id, $post_content); $conn->close(); redirect("showmsg.php?topic_id={$topic_id}"); } } else { //referred by topic id. no topic creation required if (!is_numeric($_REQUEST['topic_id'])) { giveError("Invalid Topic"); } else { if (!isset($_POST['message'])) { //user hasn't submitted form. include_once "board_header.php"; echo "<form class= 'pure-form pure-form-stacked' method='post' action='postmsg.php'>"; echo "<fieldset>"; echo "<textarea name='message' placeholder='Message'></textarea>"; echo "<input type='hidden' name='topic_id' value='" . $_REQUEST['topic_id'] . "'>"; echo "<br>"; echo "<button class='pure-button pure-button-primary'>Post Message</button>"; echo "</fieldset>"; echo "</form>"; include_once "footer.php"; } else { //user submitted form. process it.
if (!isset($_GET['topic_id'])) { redirect('topiclist.php'); } else { if (!is_numeric($_REQUEST['topic_id'])) { giveError("Invalid Topic"); } else { $topic_id = $_GET['topic_id']; include_once "dbconnect.php"; //grab all topics, but sort them by descending order based on "last post" $post_query = "SELECT * FROM posts WHERE topic_id = '{$topic_id}' ORDER BY id ASC"; $post_result = $conn->query($post_query); $responses = $post_result->num_rows; if ($responses == 0) { //not a valid topic $post_result->free(); giveError("Invalid Post"); } else { if (isset($_GET['u'])) { if (is_numeric($_GET['u'])) { $filtered_user = $_GET['u']; } } $user_array = generateUserArray(); //board_functions include_once "board_header.php"; //board_functions while ($post = $post_result->fetch_assoc()) { //check to see if post has been edited if ($post['edited'] > 0) { $edited = array('exist' => true, 'times' => $post['edited'], 'id' => $post['id']); } else {
} } $conn->close(); //redirect("https://eeatc.com/topiclist.php"); redirect("topiclist.php"); } else { $conn->close(); $result->free(); // wrong password redirectIn(3, "index.php"); giveError("Incorrect username or password"); } } else { // wrong username $conn->close(); $result->free(); redirectIn(3, "index.php"); giveError("Incorrect username or password"); } } else { $conn->close(); $result->free(); redirectIn(3, "index.php"); giveError("Please enter a username or password"); } } else { redirect("index.php"); } ?>
} else { //post exists. check if the user that made this post has permission to delete this post (can only be done by same user) while ($post = $user_result->fetch_assoc()) { //grab the info $pcid = $post['post_creator_id']; $deleted = $post['deleted']; $topic_id = $post['topic_id']; //for redirect } if ($_SESSION['id'] == $pcid) { //make the check if (!$deleted == true) { // check to see if post has been previously deleted // f*****g finally. we can delete the post $deleted_text = "[This post has been willingly deleted by its creator]"; $delete_query = "UPDATE posts SET post_content='{$deleted_text}' WHERE id='" . $_REQUEST['id'] . "'"; $update_deleted = "UPDATE posts SET deleted='true' WHERE id='" . $_REQUEST['id'] . "'"; $conn->query($delete_query); $conn->query($update_deleted); redirect("showmsg.php?topic_id={$topic_id}"); } else { giveError("This post has already been deleted"); } } else { giveError("You aren't able to delete this post."); } } $conn->close(); $user_result->free(); } }
//user not logged in redirect('index.php'); } else { // user is logged in if (!isset($_GET['id'])) { giveError("Invalid User"); } if (!is_numeric($_GET['id'])) { giveError("Invalid User"); } include_once "dbconnect.php"; $user_query = "SELECT * FROM members WHERE id='" . $_GET['id'] . "'"; $user_result = $conn->query($user_query); $user_num_results = $user_result->num_rows; if ($user_num_results == 0) { giveError("Invalid User"); } else { while ($user = $user_result->fetch_assoc()) { $user_id = $user['id']; $username = $user['username']; $email = $user['email']; } include_once "board_header.php"; echo "<table class='pure-table pure-table-bordered' width=80%>"; echo "<tr>"; echo "<td colspan='2' style='text-align: center;'>Current Information for {$username}</td>"; echo "</tr>"; echo "<tr>"; echo "<td>Username</td>"; echo "<td>{$username}</td>"; echo "<tr>";
function idPrefix() { global $table; $query = "SELECT prefix FROM stats WHERE cyberpets='{$table}'"; $result = mysql_query($query); if (!$result) { giveError(); exit; } $row = mysql_fetch_array($result); $pre = $row["prefix"]; return $pre; }