121 lines
3.7 KiB
PHP
121 lines
3.7 KiB
PHP
<?php
|
|
session_reset();
|
|
session_start();
|
|
ini_set('display_errors', 1);
|
|
ini_set('display_startup_errors', 1);
|
|
error_reporting(E_ALL);
|
|
$root = realpath($_SERVER["DOCUMENT_ROOT"]);
|
|
require "$root/database/credentials.php";
|
|
// Connect the database
|
|
try {
|
|
$db = new PDO("mysql:host=$host;dbname=$database;charset=utf8",
|
|
$user,
|
|
$password,
|
|
array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
|
|
));
|
|
} catch (Exception $e) {
|
|
die("Error : ".$e->getMessage());
|
|
}
|
|
if (isset($_SESSION['username'])) {
|
|
$req = $db->prepare('SELECT id FROM `authors` WHERE username=:username');
|
|
$req->execute(array(
|
|
"username"=>$_SESSION['username']
|
|
));
|
|
if ($data = $req->fetch()) {
|
|
$sender_id = $data['id'];
|
|
}
|
|
} else {
|
|
$_SESSION['error_msg'] = "You must be logged in to receive an send message.";
|
|
header('Location: /auth/login');
|
|
}
|
|
if (isset($_GET['author'])) {
|
|
if (!is_numeric($_GET['author'])) {
|
|
$req = $db->prepare('SELECT id FROM `authors` WHERE username=:username');
|
|
$req->execute(array(
|
|
"username"=>$_GET['author']
|
|
));
|
|
if ($data = $req->fetch()) {
|
|
$user_id = $data['id'];
|
|
} else {
|
|
$user_id = $_GET['author'];
|
|
}
|
|
$req = $db->prepare('SELECT username FROM `authors` WHERE id=:id');
|
|
$req->execute(array(
|
|
"id"=>$sender_id
|
|
));
|
|
if ($data = $req->fetch()) {
|
|
$addressee = $data['username'];
|
|
}
|
|
}
|
|
$req = $db->prepare('SELECT * FROM `messages` WHERE message_by=:sender_id AND message_to=:user_id OR message_by=:sender_id AND message_to=:user_id ORDER BY message_datetime ASC');
|
|
$req->execute(array(
|
|
"sender_id"=>$sender_id,
|
|
"user_id"=>$user_id
|
|
));
|
|
$result = $req->fetchAll();
|
|
}
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Explore | Chiro - Canto</title>
|
|
<link rel="stylesheet" type="text/css" href="/styles/style.css">
|
|
</head>
|
|
<?php
|
|
include("$root/analytics/owa.php");
|
|
include("$root/analytics/matomo.php");
|
|
?>
|
|
<body>
|
|
<?php include("$root/menu.php");?>
|
|
<?php include("$root/header.php");?>
|
|
<section>
|
|
<h2>Discussion</h2>
|
|
<div class="messages">
|
|
<div class="author">
|
|
<?=$addressee?>
|
|
</div>
|
|
<?php
|
|
foreach($result as $message) {
|
|
$message_id = $message['id'];
|
|
$req = $db->prepare('UPDATE `messages` SET message_read=1 WHERE id=:id');
|
|
$req->execute(array(
|
|
"id"=>$message_id
|
|
));
|
|
if ($message['message_by'] == $_SESSION['username']) {
|
|
$class = "right";
|
|
} else {
|
|
$class = "left";
|
|
}
|
|
?>
|
|
<div class="message <?=$class?>">
|
|
<div class="datetime">
|
|
<?=$message['message_datetime']?>
|
|
</div>
|
|
<div class="content">
|
|
<?=$message['message_content']?>
|
|
</div>
|
|
</div>
|
|
<?php
|
|
}
|
|
?>
|
|
</div>
|
|
<?php
|
|
if (isset($user_id) and isset($_GET['author'])) {
|
|
?>
|
|
<form action="sendmessage.php" method="post">
|
|
<input type="hidden" name="message_by" value="<?=$user_id?>">
|
|
<input type="hidden" name="message_to" value="<?=$_GET['author']?>">
|
|
<input type="text" name="message_content" id="message_content" placeholder="Enter your message..">
|
|
<input type="submit" name="submit" value="Send">
|
|
</form>
|
|
<?php
|
|
}
|
|
?>
|
|
</section>
|
|
<?php include("$root/footer.php");?>
|
|
</body>
|
|
<script src="/scripts/script.js"></script>
|
|
</html>
|