$conn->prepQuery($query);
$conn->bindArrayValue(array('advert' => $advert_id, 'image' => $image_id));
$conn->execute();
}
// Count how many tags were stored.
$numberOfTags = count($tags);
$tagsToAdd = array();
$tagIdsStored = array();
// Query to check if such tag exists.
$query = "SELECT tag_id FROM whwp_Tag WHERE tag_description = :tag";
$conn->prepQuery($query);
for ($i = 0; $i < $numberOfTags; $i++) {
$tag = $tags[$i];
$conn->bind('tag', $tag);
$t = $conn->single();
if ($conn->rowCount() == 0) {
array_push($tagsToAdd, $tag);
} else {
$tagId = $t->tag_id;
array_push($tagIdsStored, $tagId);
}
}
// How many tags should be added
$numberOfTagsToAdd = count($tagsToAdd);
$query = "INSERT INTO whwp_Tag (tag_description) VALUES (:tag)";
$conn->prepQuery($query);
for ($i = 0; $i < $numberOfTagsToAdd; $i++) {
$conn->bind('tag', $tagsToAdd[0]);
$conn->execute();
array_shift($tagsToAdd);
array_push($tagIdsStored, $conn->lastInsertId());
// echo "<a href='register.php'>Sign Up</a> ";
// echo "<a href='login.php'>Log In</a>";
// }
//
if (isset($_REQUEST['username']) && isset($_REQUEST['password']) && isset($_REQUEST['email'])) {
try {
$database = new DBCommunication();
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$email = $_REQUEST['email'];
// Check if such username does not exist.
$query = "SELECT * FROM whwp_User WHERE user_firstname = :username";
$database->prepQuery($query);
$database->bind('username', $username);
$database->execute();
if ($database->rowCount() > 0) {
echo "Email already in use.";
} else {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
// Insert these values into a database.
$query = "INSERT INTO whwp_User (user_firstname, user_email, user_password, user_ismoderator) VALUES (:username,:email, :hashed_password, 0)";
$database->prepQuery($query);
$database->bindArrayValue(array('username' => $username, 'hashed_password' => $hashed_password, 'email' => $email));
$database->execute();
if ($database->rowCount() > 0) {
echo "Congratulations! You have registered on our website!";
}
}
} catch (PDOException $e) {
echo "Something went wrong...";
}
require 'crypting.php';
header('Content-type: application/json');
$response_array = array('success' => false, 'error_code' => array(), 'message' => '');
if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['email'])) {
// Get typed in values and add needed signs.
try {
$database = new DBCommunication();
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
// Check if such username does not exist.
$query = "SELECT * FROM whwp_User WHERE user_username = :username";
$database->prepQuery($query);
$database->bind('username', $username);
$database->execute();
$usernameuse = $database->rowCount();
if ($usernameuse > 0) {
array_push($response_array['error_code'], 1);
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
array_push($response_array['error_code'], 5);
}
if (strlen($password) < 6) {
array_push($response_array['error_code'], 6);
}
if (strlen($password)) {
if (empty($response_array['error_code'])) {
$email = encrypt($email);
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
// Insert these values into a database.
$query = "INSERT INTO whwp_User (user_username, user_email, user_password, user_ismoderator) VALUES (:username,:email, :hashed_password, 0)";
echo "You need to log in first!";
header("refresh:3;url=login.php");
} else {
// Check which user is logged in
$user_id = $_SESSION['user_id'];
// Getting messages from the database
/*$query = "SELECT * FROM message, message_text WHERE :user_id = receiver_id "
. "AND message.message_id = message_text.message_id";*/
try {
// Establishing a connection to the database
$conn = new DBCommunication();
$query = "SELECT * FROM whwp_Message WHERE :user_id = message_recipient ORDER BY message_date,message_time DESC";
$conn->prepQuery($query);
$conn->bind('user_id', $user_id);
$message = $conn->resultset();
$countMessages = $conn->rowCount();
if ($countMessages == 0) {
echo "You have no messages in your inbox!";
} else {
echo "<table class='table'>";
echo "<tr><th>Sender</th><th>Title</th>" . "<th>Time Sent</th></tr>";
foreach ($message as $element) {
$message_id = $element->message_id;
$sender_id = $element->message_sender;
$query = "SELECT user_firstname FROM whwp_User WHERE user_id = :user";
$conn->prepQuery($query);
$conn->bind('user', $sender_id);
$resultset = $conn->single();
$sender = $resultset->user_firstname;
$title = $element->message_subject;
$date = $element->message_time;
$conn->bind('user_id', $user_id);
$user = $conn->single();
$username = $user->user_firstname;
echo "The page of " . $username;
// Set the target as a private message receiver
$_SESSION['target_id'] = $user_id;
// If the user is not in his own page - displaay the link to PM
if (isset($_SESSION['user_id']) && $_SESSION['user_id'] !== $user_id) {
echo "<a href='send_message.php'><img src='images/pm.png' id='pm' alt='Private Message' title='Private Message'/></a>";
}
// Query to get all the ads from the user, whose page is accessed.
$query = "SELECT * FROM whwp_Advert WHERE advert_owner = :user_id";
$conn->prepQuery($query);
$conn->bind('user_id', $user_id);
$ad = $conn->resultset();
$countAds = $conn->rowCount();
if ($countAds == 0) {
echo "<br/>No adverts uplaoded by this user!";
} else {
echo "<h2>Ads uploaded by: " . $username . ":</h2>";
foreach ($ad as $element) {
$advert_id = $element->advert_id;
$price = $element->advert_price;
$title = $element->advert_bookname;
echo "<p><a href ='showAdvert.php?advert_id={$advert_id}'>" . $title . " " . $price . "</a></p>";
}
}
} catch (PDOException $e) {
echo "Something went wrong.";
}
} else {
