-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmember.php
83 lines (66 loc) · 2.89 KB
/
member.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
<?php
require_once("php/_conn.php");
$q = array();
parse_str($_SERVER['QUERY_STRING'], $q);
if(!isset($q['user'])){
echo "<p>Error: no user selected.</p>";
goto end;
}
$stmt = $pdo->prepare("SELECT userid, username, priviledge, email, jdate, tag FROM users WHERE username = :user;");
$stmt->bindValue(":user", $q['user']);
$stmt->execute();
if($stmt->rowCount() > 0){
$row = $stmt->fetch(PDO::FETCH_ASSOC);
//get post count
$stmt = $pdo->prepare("SELECT COUNT(*) FROM posts WHERE authorid = ?;");
$stmt->bindValue(1, $row['userid']);
$stmt->execute();
$posts = $stmt->fetchColumn();
//get thread count
$stmt = $pdo->prepare("SELECT COUNT(*) FROM threads WHERE authorid = ?;");
$stmt->bindValue(1, $row['userid']);
$stmt->execute();
$threads = $stmt->fetchColumn();
echo '<h1>'.$row['username'].'<span class="f1">';
//check if user is banned
$stmt = $pdo->prepare("SELECT lift FROM bans WHERE userid = ?;");
$stmt->bindValue(1, $row['userid']);
$stmt->execute();
$unban = $stmt->fetchColumn();
if((time() < strtotime($unban) + 14400) && isset($unban)){
$banned = true;
echo ' [BANNED]';
}
echo '</span></h1><hr>';
if(isset($row['tag'])) echo '<p>- “'.htmlspecialchars($row['tag']).'”</p>';
if(isset($_SESSION['loggedin'])){
//BUTTON: SEND MSG
echo '<br><a class="nsyn" href="index.php?page=convo&id='.$row['userid'].'"><button style="display:block;">Send Message</button></a><br>';
//BUTTON: BLOCK USER
//get if blocked or not
$stmt = $pdo->prepare("SELECT blocked FROM blocks WHERE userid = :userid AND blockid = :blockid;");
$stmt->bindValue(":userid", $_SESSION['userid']);
$stmt->bindValue(":blockid", $row['userid']);
$stmt->execute();
$blocked = $stmt->fetchColumn();
if($blocked === false){
echo '<a class="nsyn" href="index.php?page=block&user='.$q['user'].'&b=1"><button style="display:block;">Block user</button></a><br>';
}
else {
echo '<a class="nsyn" href="index.php?page=block&user='.$q['user'].'&b=0"><button style="display:block;">Unblock user</button></a><br>';
}
}
echo '<nav><ul><li>Join date: '.date_format(date_create($row['jdate']), 'F d Y').
'</li><li>Threads started: '.$threads.'</li><li>Posts: '.$posts.
'</li><li>Priviledge: '.$row['priviledge'];
// 0: guest, 1: member, 2: mod, 3: admin
if($row['priviledge'] === 0) echo " (guest)";
else if($row['priviledge'] === 1) echo " (member)";
else if($row['priviledge'] === 2) echo " (moderator)";
else if($row['priviledge'] === 3) echo " (admin)";
echo '</li></ul></nav>';
} else echo "<p>No member with the username: ".htmlspecialchars($q['user'])." exists.</p>";
end:
$pdo = null;
$stmt = null;
?>