chiro-canto/public/discussion/messages/index.php

122 lines
3.8 KiB
PHP
Raw Normal View History

2021-04-17 12:20:38 +02:00
<?php
session_reset();
session_start();
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
$root = realpath($_SERVER["DOCUMENT_ROOT"]);
2021-04-20 17:05:13 +02:00
require("$root/lang/gettext.php");
2021-04-17 12:20:38 +02:00
require "$root/database/credentials.php";
// Connect the database
try {
$db = new PDO("mysql:host=$host;dbname=$database;charset=utf8",
$user,
$password,
array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
));
} catch (Exception $e) {
die("Error : ".$e->getMessage());
}
if (isset($_SESSION['username'])) {
$req = $db->prepare('SELECT id FROM `authors` WHERE username=:username');
$req->execute(array(
"username"=>$_SESSION['username']
));
if ($data = $req->fetch()) {
2021-04-18 16:59:01 +02:00
$sender_id = $data['id'];
2021-04-17 12:20:38 +02:00
}
} else {
2021-04-20 17:05:13 +02:00
$_SESSION['error_msg'] = _('You must be logged in to receive or send messages.');
2021-04-17 12:20:38 +02:00
header('Location: /auth/login');
}
if (isset($_GET['author'])) {
2021-04-18 16:59:01 +02:00
if (!is_numeric($_GET['author'])) {
$req = $db->prepare('SELECT id FROM `authors` WHERE username=:username');
$req->execute(array(
"username"=>$_GET['author']
));
if ($data = $req->fetch()) {
$user_id = $data['id'];
} else {
$user_id = $_GET['author'];
}
$req = $db->prepare('SELECT username FROM `authors` WHERE id=:id');
$req->execute(array(
"id"=>$sender_id
));
if ($data = $req->fetch()) {
$addressee = $data['username'];
}
}
$req = $db->prepare('SELECT * FROM `messages` WHERE message_by=:sender_id AND message_to=:user_id OR message_by=:sender_id AND message_to=:user_id ORDER BY message_datetime ASC');
2021-04-17 12:20:38 +02:00
$req->execute(array(
2021-04-18 16:59:01 +02:00
"sender_id"=>$sender_id,
"user_id"=>$user_id
2021-04-17 12:20:38 +02:00
));
$result = $req->fetchAll();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Explore | Chiro - Canto</title>
<link rel="stylesheet" type="text/css" href="/styles/style.css">
</head>
<?php
include("$root/analytics/owa.php");
include("$root/analytics/matomo.php");
?>
<body>
<?php include("$root/menu.php");?>
<?php include("$root/header.php");?>
<section>
2021-04-20 17:05:13 +02:00
<h2><?=_('Discussion')?></h2>
2021-04-17 12:20:38 +02:00
<div class="messages">
<div class="author">
2021-04-18 16:59:01 +02:00
<?=$addressee?>
2021-04-17 12:20:38 +02:00
</div>
<?php
foreach($result as $message) {
2021-04-18 16:59:01 +02:00
$message_id = $message['id'];
$req = $db->prepare('UPDATE `messages` SET message_read=1 WHERE id=:id');
$req->execute(array(
"id"=>$message_id
));
2021-04-17 12:20:38 +02:00
if ($message['message_by'] == $_SESSION['username']) {
$class = "right";
} else {
$class = "left";
}
?>
<div class="message <?=$class?>">
<div class="datetime">
<?=$message['message_datetime']?>
</div>
<div class="content">
<?=$message['message_content']?>
</div>
</div>
<?php
}
?>
</div>
<?php
if (isset($user_id) and isset($_GET['author'])) {
?>
<form action="sendmessage.php" method="post">
<input type="hidden" name="message_by" value="<?=$user_id?>">
<input type="hidden" name="message_to" value="<?=$_GET['author']?>">
2021-04-20 17:05:13 +02:00
<input type="text" name="message_content" id="message_content" placeholder="<?=_('Enter your message..')?>">
<input type="submit" name="submit" value="<?=_('Send')?>">
2021-04-17 12:20:38 +02:00
</form>
<?php
}
?>
</section>
<?php include("$root/footer.php");?>
</body>
<script src="/scripts/script.js"></script>
</html>