giveError("Email already exists. Returning to registration page");
} else {
if ($name_rows != 0) {
//name already in database
redirectIn(3, "register.html");
giveError("Username already exists. Returning to registration page");
} else {
//otherwise, register user
//hash password using bcrpyt
//bcrypt needs a cost. default to 11
$options = array('cost' => 11);
$hash = password_hash($password, PASSWORD_BCRYPT, $options);
$register_query = "INSERT INTO members(username, email, password) VALUES ('{$name}', '{$email}', '{$hash}')";
$conn->query($register_query) or die("Fatal Error. Please try to register again: " . mysql_error());
redirectIn(3, "index.php");
giveError("Registered successfully. Returning to main page");
}
}
$name_result->free();
$email_results->free();
$conn->free();
}
} else {
if (!isset($_SERVER['HTTPS'])) {
redirect("https://eeatc.com/register.php");
} else {
include_once "index_header.php";
echo "<form class='pure-form' method='post' action='register.php' style='margin-top: 200px'>";
echo "<fieldset class='pure-group'>";
echo "<input type='text' class='pure-input-1-4' name='name' placeholder='Username' required>";
echo "<input type='password' class='pure-input-1-4' name='password' placeholder='Password' required>";
$subject = $_POST['subject'];
$current_time = date('Y-m-d H:i:s');
$topic_creator_id = $_SESSION['id'];
createTopic($current_time, $topic_creator_id, $subject);
// post message
$topic_id = $conn->insert_id;
// gets id of last inserted topic
$post_content = $_POST['message'];
postMsg($topic_id, $current_time, $topic_creator_id, $post_content);
$conn->close();
redirect("showmsg.php?topic_id={$topic_id}");
}
} else {
//referred by topic id. no topic creation required
if (!is_numeric($_REQUEST['topic_id'])) {
giveError("Invalid Topic");
} else {
if (!isset($_POST['message'])) {
//user hasn't submitted form.
include_once "board_header.php";
echo "<form class= 'pure-form pure-form-stacked' method='post' action='postmsg.php'>";
echo "<fieldset>";
echo "<textarea name='message' placeholder='Message'></textarea>";
echo "<input type='hidden' name='topic_id' value='" . $_REQUEST['topic_id'] . "'>";
echo "<br>";
echo "<button class='pure-button pure-button-primary'>Post Message</button>";
echo "</fieldset>";
echo "</form>";
include_once "footer.php";
} else {
//user submitted form. process it.
if (!isset($_GET['topic_id'])) {
redirect('topiclist.php');
} else {
if (!is_numeric($_REQUEST['topic_id'])) {
giveError("Invalid Topic");
} else {
$topic_id = $_GET['topic_id'];
include_once "dbconnect.php";
//grab all topics, but sort them by descending order based on "last post"
$post_query = "SELECT * FROM posts WHERE topic_id = '{$topic_id}' ORDER BY id ASC";
$post_result = $conn->query($post_query);
$responses = $post_result->num_rows;
if ($responses == 0) {
//not a valid topic
$post_result->free();
giveError("Invalid Post");
} else {
if (isset($_GET['u'])) {
if (is_numeric($_GET['u'])) {
$filtered_user = $_GET['u'];
}
}
$user_array = generateUserArray();
//board_functions
include_once "board_header.php";
//board_functions
while ($post = $post_result->fetch_assoc()) {
//check to see if post has been edited
if ($post['edited'] > 0) {
$edited = array('exist' => true, 'times' => $post['edited'], 'id' => $post['id']);
} else {
}
}
$conn->close();
//redirect("https://eeatc.com/topiclist.php");
redirect("topiclist.php");
} else {
$conn->close();
$result->free();
// wrong password
redirectIn(3, "index.php");
giveError("Incorrect username or password");
}
} else {
// wrong username
$conn->close();
$result->free();
redirectIn(3, "index.php");
giveError("Incorrect username or password");
}
} else {
$conn->close();
$result->free();
redirectIn(3, "index.php");
giveError("Please enter a username or password");
}
} else {
redirect("index.php");
}
?>
} else {
//post exists. check if the user that made this post has permission to delete this post (can only be done by same user)
while ($post = $user_result->fetch_assoc()) {
//grab the info
$pcid = $post['post_creator_id'];
$deleted = $post['deleted'];
$topic_id = $post['topic_id'];
//for redirect
}
if ($_SESSION['id'] == $pcid) {
//make the check
if (!$deleted == true) {
// check to see if post has been previously deleted
// f*****g finally. we can delete the post
$deleted_text = "[This post has been willingly deleted by its creator]";
$delete_query = "UPDATE posts SET post_content='{$deleted_text}' WHERE id='" . $_REQUEST['id'] . "'";
$update_deleted = "UPDATE posts SET deleted='true' WHERE id='" . $_REQUEST['id'] . "'";
$conn->query($delete_query);
$conn->query($update_deleted);
redirect("showmsg.php?topic_id={$topic_id}");
} else {
giveError("This post has already been deleted");
}
} else {
giveError("You aren't able to delete this post.");
}
}
$conn->close();
$user_result->free();
}
}
//user not logged in
redirect('index.php');
} else {
// user is logged in
if (!isset($_GET['id'])) {
giveError("Invalid User");
}
if (!is_numeric($_GET['id'])) {
giveError("Invalid User");
}
include_once "dbconnect.php";
$user_query = "SELECT * FROM members WHERE id='" . $_GET['id'] . "'";
$user_result = $conn->query($user_query);
$user_num_results = $user_result->num_rows;
if ($user_num_results == 0) {
giveError("Invalid User");
} else {
while ($user = $user_result->fetch_assoc()) {
$user_id = $user['id'];
$username = $user['username'];
$email = $user['email'];
}
include_once "board_header.php";
echo "<table class='pure-table pure-table-bordered' width=80%>";
echo "<tr>";
echo "<td colspan='2' style='text-align: center;'>Current Information for {$username}</td>";
echo "</tr>";
echo "<tr>";
echo "<td>Username</td>";
echo "<td>{$username}</td>";
echo "<tr>";
function idPrefix()
{
global $table;
$query = "SELECT prefix FROM stats WHERE cyberpets='{$table}'";
$result = mysql_query($query);
if (!$result) {
giveError();
exit;
}
$row = mysql_fetch_array($result);
$pre = $row["prefix"];
return $pre;
}
