<?php // Check if the user is logged in if (!isset($_SESSION['user_id'])) { echo "You need to log in first!"; header("refresh:3;url=login.php"); } else { // Check who is logged in $user_id = $_SESSION['user_id']; // Get the message id that the user wishes to open $message_id = $_GET['message_id']; try { // Establishing a connection to the database $conn = new DBCommunication(); // Query to get a message $query = "SELECT * FROM whwp_Message WHERE :user_id = message_recipient "; $conn->prepQuery($query); $conn->bind('user_id', $user_id); $message = $conn->single(); //$sender_id = $message -> receiver_id; // Check if the specified message belongs to the logged in user //if($user_id == $sender_id) //{ $sender_id = $message->message_sender; // Query to get the sender's username. $query = "SELECT user_firstname FROM whwp_User WHERE user_id = :user"; $conn->prepQuery($query); $conn->bind('user', $sender_id); $resultset = $conn->single(); // Get and output all the details. $sender = $resultset->user_firstname; $title = $message->message_subject;
// } // else // { // echo "<a href='register.php'>Sign Up</a> "; // echo "<a href='login.php'>Log In</a>"; // } // if (isset($_REQUEST['username']) && isset($_REQUEST['password']) && isset($_REQUEST['email'])) { try { $database = new DBCommunication(); $username = $_REQUEST['username']; $password = $_REQUEST['password']; $email = $_REQUEST['email']; // Check if such username does not exist. $query = "SELECT * FROM whwp_User WHERE user_firstname = :username"; $database->prepQuery($query); $database->bind('username', $username); $database->execute(); if ($database->rowCount() > 0) { echo "Email already in use."; } else { $hashed_password = password_hash($password, PASSWORD_DEFAULT); // Insert these values into a database. $query = "INSERT INTO whwp_User (user_firstname, user_email, user_password, user_ismoderator) VALUES (:username,:email, :hashed_password, 0)"; $database->prepQuery($query); $database->bindArrayValue(array('username' => $username, 'hashed_password' => $hashed_password, 'email' => $email)); $database->execute(); if ($database->rowCount() > 0) { echo "Congratulations! You have registered on our website!"; } }