inkletblot/inkletblot-com-v1
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cleaned up files, deleted old php stuff.

Browse Source
This commit is contained in:
Solomon Laing 2019-12-02 12:20:43 +10:30
parent c05005dc16
commit 62b1cc8e0a
26 changed files with 0 additions and 1497 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
php forum/forum_bld.sql → forum_bld.sql
View File

86
php forum/category.php
View File

@ -1,86 +0,0 @@
<?php
//category.php
include 'connect.php';
include 'header.php';
//first select the category based on $_GET['cat_id']
$sql = "SELECT catNo, catName, catDescr
FROM categories
WHERE catNo = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('i', $_GET['id']);
$stmt->execute();
$result = $stmt->get_result();
if(!$result)
{
echo 'The category could not be displayed, please try again later.';
}
else
{
if($result->num_rows == 0)
{
echo 'This category does not exist.';
}
else
{
//display category data
while($row = $result->fetch_assoc())
{
echo '<h2>Topics in &prime;' . htmlentities($row['catName'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '&prime; category</h2><br />';
}
//do a query for the topics
$sql = "SELECT topicNo, topicSubject, topicDate, topicCat
FROM topics
WHERE topicCat = ?
ORDER BY topicDate";
$stmt = $conn->prepare($sql);
$stmt->bind_param('i', $_GET['id']);
$stmt->execute();
$result = $stmt->get_result();
if(!$result)
{
echo 'The topics could not be displayed, please try again later.';
}
else
{
if($result->num_rows == 0)
{
echo 'There are no topics in this category yet.';
}
else
{
//prepare the table
echo '<table border="1">
<tr>
<th>Topic</th>
<th>Created at</th>
</tr>';
while($row = $result->fetch_assoc())
{
echo '<tr>';
echo '<td class="leftpart">';
echo '<h3><a href="topic.php?id=' . htmlentities($row['topicNo'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '">' . htmlentities($row['topicSubject'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '</a><br /><h3>';
echo '</td>';
echo '<td class="rightpart">';
echo date_format(date_create($row['topicDate']), 'd/m/Y H:i:s');
echo '</td>';
echo '</tr>';
}
//Close the table up
echo '</table>';
}
}
}
}
include 'footer.php';
?>

15
php forum/connect.php
View File

@ -1,15 +0,0 @@
<?php
session_start();
//connect.php
$server = 'localhost';
$username = 'root';
$password = 'Solomon123';
$db = 'forum';
// Create connection
$conn = new mysqli($server, $username, $password, $db);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
?>

48
php forum/create_cat.php
View File

@ -1,48 +0,0 @@
<?php
//create_cat.php
include 'connect.php';
include 'header.php';
echo '<h2>Create a category</h2>';
if($_SESSION['signedIn'] == false | $_SESSION['userLevel'] != 1 )
{
//the user is not an admin
echo 'Sorry, you do not have sufficient rights to access this page.';
}
else
{
//the user has admin rights
if($_SERVER['REQUEST_METHOD'] != 'POST')
{
//the form hasn't been posted yet, display it
echo '<form method="post" action="">
<label for="catName">Name: </label></br>
<input type="text" name="catName" /><br /></br>
<label for="catDescr">Description: </label><br />
<textarea name="catDescr" /></textarea><br /><br />
<input type="submit" value="Add category" />
</form>';
}
else
{
//the form has been posted, so save it
$sql = "INSERT INTO categories(catName, catDescr)
VALUES(?, ?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param('ss', $_POST['catName'], $_POST['catDescr']);
if(!$stmt->execute())
{
//something went wrong, display the error
echo 'Error' . $conn->error;
}
else
{
echo 'New category succesfully added. Go <a href"index.php">Home</a>.';
}
}
}
include 'footer.php';
?>

127
php forum/create_topic.php
View File

@ -1,127 +0,0 @@
<?php
//create_topic.php
include 'connect.php';
include 'header.php';
echo '<h2>Create a topic</h2>';
if($_SESSION['signedIn'] == false)
{
//the user is not signed in
echo 'Sorry, you have to be <a href="/forum/signin.php">signed in</a> to create a topic.';
}
else
{
//the user is signed in
if($_SERVER['REQUEST_METHOD'] != 'POST')
{
//the form hasn't been posted yet, display it
//retrieve the categories from the database for use in the dropdown
$sql = "SELECT catNo, catName, catDescr
FROM categories";
$result = $conn->query($sql);
if(!$result)
{
//the query failed, uh-oh :-(
echo 'Error while selecting from database. Please try again later.';
}
else
{
if($result->num_rows == 0)
{
//there are no categories, so a topic can't be posted
if($_SESSION['userLevel'] == 1)
{
echo 'You have not created categories yet.';
}
else
{
echo 'Before you can post a topic, you must wait for an admin to create some categories.';
}
}
else
{
echo '<form method="post" action="">
<label for="topicSubject">Subject: </label></br>
<input type="text" name="topicSubject" /><br /><br />
<label for="topicCat">Category: </label></br>';
echo ' <select name="topicCat">';
while($row = $result->fetch_assoc())
{
echo '<option value="' . htmlentities($row['catNo'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '">' . htmlentities($row['catName'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '</option>';
}
echo ' </select><br /><br />';
echo ' <label for="postContent">Message: </label></br>
<textarea name="postContent" /></textarea><br /><br />
<input type="submit" value="Create topic" />
</form>';
}
}
}
else
{
//start the transaction
$query = "BEGIN WORK;";
if(!$conn->query($query))
{
//Damn! the query failed, quit
echo 'An error occured while creating your topic. Please try again later.';
}
else
{
//the form has been posted, so save it
//insert the topic into the topics table first, then we'll save the post into the posts table
$sql = "INSERT INTO topics(topicSubject, topicDate, topicCat, topicBy)
VALUES(?, NOW(), ?, ?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param('sii', $_POST['topicSubject'], $_POST['topicCat'], $_SESSION['userNo']);
if(!$stmt->execute())
{
//something went wrong, display the error
echo 'An error occured while inserting your data. Please try again later.<br /><br />' . $conn->error;
$sql = "ROLLBACK;";
$conn->query($sql);
}
else
{
//the first query worked, now start the second, posts query
//retrieve the id of the freshly created topic for usage in the posts query
$topicid = $conn->insert_id;
$sql = "INSERT INTO posts(postContent, postDate, postTopic, postBy)
VALUES (?, NOW(), ?, ?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param('sii', $_POST['postContent'], $topicid, $_SESSION['userNo']);
if(!$stmt->execute())
{
//something went wrong, display the error
echo 'An error occured while inserting your post. Please try again later.<br /><br />' . $conn->error;
$sql = "ROLLBACK;";
$conn->query($sql);
}
else
{
$sql = "COMMIT;";
$conn->query($sql);
//after a lot of work, the query succeeded!
echo 'You have succesfully created <a href="topic.php?id='. $topicid . '">your new topic</a>.';
}
}
}
}
}
include 'footer.php';
?>

92
php forum/delete_post.php
View File

@ -1,92 +0,0 @@
<?php
//delete_post.php
include 'connect.php';
include 'header.php';
$content = '[removed]';
//fetch the post from the database
$post_sql = "SELECT postBy
FROM posts
WHERE postNo = ?";
$stmt = $conn->prepare($post_sql);
$stmt->bind_param('i', $_GET['post']);
$stmt->execute();
$post_result = $stmt->get_result();
if(!$post_result)
{
echo 'The post could not be retrieved, please try again later.';
}
else
{
if($_SERVER['REQUEST_METHOD'] != 'POST')
{
if(!$_SESSION['signedIn'])
{
echo 'You must be <a href="signin.php">signed in</a> to delete a post. You can also <a href="signup.php">sign up</a> for an account.';
}
else if ($_SESSION['userNo'] != $post_result->fetch_assoc()['postBy'])
{
echo 'You cannot edit this post. You are not OP!';
}
else
{
echo '<p>Are you sure you want to remove this post?</p>';
//show edit form
echo '<br />
<form method="post" action="">
<input type="hidden" name="postContent" value="' . htmlentities($content, ENT_QUOTES | ENT_HTML5, 'UTF-8') . '" />
<input type="submit" value="Yes" />
</form>
<form method="post" action="topic.php?id='. htmlentities($_GET['topic'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '">
<input type="Submit" value="No" />
</form>';
}
}
else
{
//the form has been posted, now it's time to process.
//start the transaction
$query = "BEGIN WORK;";
if(!$conn->query($query))
{
//Damn! the query failed, quit
echo 'An error occured while editing your post. Please try again later.';
}
else
{
//the form has been posted, so save it
//update the post in the posts table then save it
$update_sql = " UPDATE posts
SET postContent = ?
WHERE postNo = ?";
$update_stmt = $conn->prepare($update_sql);
$update_stmt->bind_param('si', $content, $_GET['post']);
if(!$update_stmt->execute())
{
//something went wrong, display the error
echo 'An error occured while inserting your data. Please try again later.<br /><br />' . $conn->error;
$sql = "ROLLBACK;";
$conn->query($sql);
}
else
{
$sql = "COMMIT;";
$conn->query($sql);
//after a lot of work, the query succeeded!
echo 'You have succesfully removed <a href="topic.php?id='. htmlentities($_GET['topic'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '">your post</a>.';
}
}
}
}
include 'footer.php';
?>

89
php forum/edit_post.php
View File

@ -1,89 +0,0 @@
<?php
//edit_post.php
include 'connect.php';
include 'header.php';
//fetch the post from the database
$post_sql = "SELECT postContent, postBy
FROM posts
WHERE postNo = ?";
$stmt = $conn->prepare($post_sql);
$stmt->bind_param('i', $_GET['post']);
$stmt->execute();
$post_result = $stmt->get_result();
if(!$post_result)
{
echo 'The post could not be retrieved, please try again later.';
}
else
{
if($_SERVER['REQUEST_METHOD'] != 'POST')
{
$post_result = $post_result->fetch_assoc();
if(!$_SESSION['signedIn'])
{
echo 'You must be <a href="signin.php">signed in</a> to edit a post. You can also <a href="signup.php">sign up</a> for an account.';
}
else if ($_SESSION['userNo'] != $post_result['postBy'])
{
echo 'You cannot edit this post. You are not OP!';
}
else
{
$content = htmlentities(stripslashes($post_result['postContent']));
//show edit form
echo ' <br />
<form method="post" action="">
<label for="postContent">Post: </label><br />
<textarea name="postContent">' . htmlentities($content, ENT_QUOTES | ENT_HTML5, 'UTF-8') . '</textarea><br /><br />
<input type="submit" value="Submit edit" />
</form>';
}
}
else
{
//the form has been posted, now it's time to process.
//start the transaction
$query = "BEGIN WORK;";
if(!$conn->query($query))
{
//Damn! the query failed, quit
echo 'An error occured while editing your post. Please try again later.';
}
else
{
//the form has been posted, so save it
//update the post in the posts table then save it
$update_sql = " UPDATE posts
SET postContent = ?
WHERE postNo = ?";
$update_stmt = $conn->prepare($update_sql);
$update_stmt->bind_param('si', $_POST['postContent'], $_GET['post']);
if(!$update_stmt->execute())
{
//something went wrong, display the error
echo 'An error occured while inserting your data. Please try again later.<br /><br />' . $conn->error;
$sql = "ROLLBACK;";
$conn->query($sql);
}
else
{
$sql = "COMMIT;";
$conn->query($sql);
//after a lot of work, the query succeeded!
echo 'You have succesfully edited <a href="topic.php?id='. htmlentities($_GET['topic'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '">your post</a>.';
}
}
}
}
include 'footer.php';
?>

7
php forum/footer.php
View File

@ -1,7 +0,0 @@
</div><!-- content -->
<div id="footer">
<p>Created by Solomon Laing based on work by Evert Padje.</p>
</div>
</div><!-- wrapper -->
</body>
</html>

35
php forum/header.php
View File

@ -1,35 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Ink's Forum</title>
<link rel="stylesheet" href="../styles/site-wide.css" type="text/css">
</head>
<body>
<div id="wrapper">
<div id="header">
<h1>Talking Space;</h1>
<h4>Ink's Talking Space<h4>
</div>
<div id="menu">
<a class="item" href="index.php">Home</a>
<a class="item" href="create_topic.php">Create a topic</a>
<a class="item" href="create_cat.php">Create a category</a>
<a class="item" href="../">Ink's Things</a>
<div id="userbar">
<?php
if($_SESSION['signedIn'])
{
echo '<span id="userBarMsg">Hello <b>' . htmlentities($_SESSION['userName']) . '</b>. Not you?</span> <a class="item" href="signout.php">Sign out</a>';
}
else
{
echo '<a class="item" href="signin.php">Sign in</a><a class="item" href="signup.php">Create an Account</a>';
}
?>
</div>
</div>
<div id="content">

73
php forum/index.php
View File

@ -1,73 +0,0 @@
<?php
//index.php
include 'connect.php';
include 'header.php';
$sql = "SELECT categories.catNo, categories.catName, categories.catDescr, COUNT(topics.topicNo) AS topics
FROM categories LEFT JOIN
topics ON topics.topicNo = categories.catNo
GROUP BY categories.catName, categories.catDescr, categories.catNo";
if(!$result = $conn->query($sql))
{
echo 'The categories could not be displayed, please try again later.';
}
else
{
if($result->num_rows == 0)
{
echo 'No categories defined yet.';
}
else
{
//prepare the table
echo '<table border="1">
<tr>
<th>Category</th>
<th>Last topic</th>
</tr>';
while($row = $result->fetch_assoc())
{
echo '<tr>';
echo '<td class="leftpart">';
echo '<h3><a href="category.php?id=' . htmlentities($row['catNo'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '">' . htmlentities($row['catName'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '</a></h3>' . htmlentities($row['catDescr'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
echo '</td>';
echo '<td class="rightpart">';
//fetch last topic for each cat
$topicsql = "SELECT topicNo, topicSubject, topicDate, topicCat
FROM topics
WHERE topicCat = ?
ORDER BY topicDate DESC
LIMIT 1";
$stmt = $conn->prepare($topicsql);
$stmt->bind_param('i', $row['catNo']);
$stmt->execute();
if(!$topicsresult = $stmt->get_result())
{
echo 'Last topic could not be displayed.';
}
else
{
if($topicsresult->num_rows == 0)
{
echo 'no topics';
}
else
{
while($topicrow = $topicsresult->fetch_assoc())
echo '<a href="topic.php?id=' . htmlentities($topicrow['topicNo'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '">' . htmlentities($topicrow['topicSubject'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '</a> on ' . htmlentities(date('d-m-Y', strtotime($topicrow['topicDate'])), ENT_QUOTES | ENT_HTML5, 'UTF-8');
}
}
echo '</td>';
echo '</tr>';
}
echo '</table>';
}
}
include 'footer.php';
?>

39
php forum/reply.php
View File

@ -1,39 +0,0 @@
<?php
//reply.php
include 'connect.php';
include 'header.php';
if($_SERVER['REQUEST_METHOD'] != 'POST')
{
//someone is calling the file directly, which we don't want
echo 'This file cannot be called directly.';
}
else
{
//check for sign in status
if(!$_SESSION['signedIn'])
{
echo 'You must be signed in to post a reply.';
}
else
{
//a real user posted a real reply
$sql = "INSERT INTO posts(postContent, postDate, postTopic, postBy)
VALUES (?, NOW(), ?, ?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param('sii', $_POST['replyContent'], $_GET['id'], $_SESSION['userNo']);
if(!$stmt->execute())
{
echo 'Your reply has not been saved, please try again later.';
}
else
{
echo 'Your reply has been saved, check out <a href="topic.php?id=' . htmlentities($_GET['id']) . '">the topic</a>.';
}
}
}
include 'footer.php';
?>

103
php forum/signin.php
View File

@ -1,103 +0,0 @@
<?php
//signin.php
include 'connect.php';
include 'header.php';
echo '<h3>Sign in</h3><br />';
//first, check if the user is already signed in. If that is the case, there is no need to display this page
if(isset($_SESSION['signedIn']) && $_SESSION['signedIn'] == true)
{
echo 'You are already signed in, you can <a href="signout.php">sign out</a> if you want.';
}
else
{
if($_SERVER['REQUEST_METHOD'] != 'POST')
{
/*the form hasn't been posted yet, display it
note that the action="" will cause the form to post to the same page it is on */
echo '<form method="post" action="">
Username: <input type="text" name="userName" /><br />
Password: <input type="password" name="userPass"><br />
<input type="submit" value="Sign in" />
</form>';
}
else
{
/* so, the form has been posted, we'll process the data in three steps:
1. Check the data
2. Let the user refill the wrong fields (if necessary)
3. Varify if the data is correct and return the correct response
*/
$errors = array(); /* declare the array for later use */
if(!isset($_POST['userName']))
{
$errors[] = 'The username field must not be empty.';
}
if(!isset($_POST['userPass']))
{
$errors[] = 'The password field must not be empty.';
}
if(!empty($errors)) /*check for an empty array, if there are errors, they're in this array (note the ! operator)*/
{
echo 'Uh-oh.. a couple of fields are not filled in correctly..<br /><br />';
echo '<ul>';
foreach($errors as $key => $value) /* walk through the array so all the errors get displayed */
{
echo '<li>' . $value . '</li>'; /* this generates a nice error list */
}
echo '</ul>';
}
else
{
//the form has been posted without errors, so save it
//notice the use of mysql_real_escape_string, keep everything safe!
//also notice the sha1 function which hashes the password
$sql = "SELECT userNo, userName, userLevel
FROM users
WHERE userName = ? AND userPass = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('ss', $_POST['userName'], sha1($_POST['userPass']));
$stmt->execute();
if(!$result = $stmt->get_result())
{
//something went wrong, display the error
echo 'Something went wrong while signing in. Please try again later.';
//echo $conn->error; //debugging purposes, uncomment when needed
}
else
{
//the query was successfully executed, there are 2 possibilities
//1. the query returned data, the user can be signed in
//2. the query returned an empty result set, the credentials were wrong
if($result->num_rows == 0)
{
echo 'You have supplied a wrong user/password combination. Please try again.';
}
else
{
//set the $_SESSION['signed_in'] variable to TRUE
$_SESSION['signedIn'] = true;
//we also put the user_id and user_name values in the $_SESSION, so we can use it at various pages
while($row = $result->fetch_assoc())
{
$_SESSION['userNo'] = $row['userNo'];
$_SESSION['userName'] = $row['userName'];
$_SESSION['userLevel'] = $row['userLevel'];
}
echo 'Welcome, ' . htmlentities($_SESSION['userName'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '. <br /><a href="index.php">Proceed to the forum overview</a>.';
}
}
}
}
}
include 'footer.php';
?>

25
php forum/signout.php
View File

@ -1,25 +0,0 @@
<?php
//signout.php
include 'connect.php';
include 'header.php';
echo '<h2>Sign out</h2>';
//check if user if signed in
if($_SESSION['signedIn'] == true)
{
//unset all variables
$_SESSION['signedIn'] = NULL;
$_SESSION['userName'] = NULL;
$_SESSION['userNo'] = NULL;
echo 'Succesfully signed out, thank you for visiting ';
echo "<a href='../index.html'>Ink's Things</a>.";
}
else
{
echo 'You are not signed in. Would you <a href="signin.php">like to</a>?';
}
include 'footer.php';
?>

95
php forum/signup.php
View File

@ -1,95 +0,0 @@
<?php
//signup.php
include 'connect.php';
include 'header.php';
echo '<h3>Sign up</h3><br />';
if($_SERVER['REQUEST_METHOD'] != 'POST')
{
/*the form hasn't been posted yet, display it
note that the action="" will cause the form to post to the same page it is on */
echo '<form method="post" action="">
Username: <input type="text" name="userName" /><br />
Password: <input type="password" name="userPass"><br />
Password again: <input type="password" name="userPassCheck"><br />
E-mail: <input type="email" name="userEmail"><br />
<input type="submit" value="Sign up" />
</form>';
}
else
{
/* so, the form has been posted, we'll process the data in three steps:
1. Check the data
2. Let the user refill the wrong fields (if necessary)
3. Save the data
*/
$errors = array(); /* declare the array for later use */
if(isset($_POST['userName']))
{
//the user name exists
if(!ctype_alnum($_POST['userName']))
{
$errors[] = 'The username can only contain letters and digits.';
}
if(strlen($_POST['userName']) > 30)
{
$errors[] = 'The username cannot be longer than 30 characters.';
}
}
else
{
$errors[] = 'The username field must not be empty.';
}
if(isset($_POST['userPass']))
{
if($_POST['userPass'] != $_POST['userPassCheck'])
{
$errors[] = 'The two passwords did not match.';
}
}
else
{
$errors[] = 'The password field cannot be empty.';
}
if(!empty($errors)) /*check for an empty array, if there are errors, they're in this array (note the ! operator)*/
{
echo 'Uh-oh.. a couple of fields are not filled in correctly..<br /><br />';
echo '<ul>';
foreach($errors as $key => $value) /* walk through the array so all the errors get displayed */
{
echo '<li>' . $value . '</li>'; /* this generates a nice error list */
}
echo '</ul>';
echo '<a href="signup.php">Click here to try again.</a>';
}
else
{
//the form has been posted without, so save it
//notice the use of mysql_real_escape_string, keep everything safe!
//also notice the sha1 function which hashes the password
$sql = "INSERT INTO users (userName, userPass, userEmail, userDate, userLevel) VALUES (?, ?, ?, NOW(), 0)";
$stmt = $conn->prepare($sql);
$stmt->bind_param('sss', $_POST['userName'], sha1($_POST['userPass']), $_POST['userEmail']);
if(!$stmt->execute())
{
//something went wrong, display the error
echo 'Something went wrong while registering. Please try again later.';
//echo $conn->error; //debugging purposes, uncomment when needed
//echo var_dump($stmt) . "|" . $uname . "|" . $upass . "|" . $uemail;
}
else
{
echo 'Succesfully registered. You can now <a href="signin.php">sign in</a> and start posting! :-)';
}
}
}
include 'footer.php';
?>

135
php forum/style.css.bak
View File

@ -1,135 +0,0 @@
/* BEGIN BASIC FORUM STYLES */
body {
background-color: #0F0F0F;
text-align: center; /* make sure IE centers the page too */
font-family: sans-serif;
color: #4B0082;
}
#wrapper {
position: relative;
width: 80%;
margin: 0 auto; /* center the page */
}
#header {
text-align: left;
padding-left: 8%;
}
#content {
border: 5px dashed pink;
border-top: none; /* don't want a line across the middle so removed this */
float: left;
padding: 20px 30px;
text-align: left;
width: 100%; /* fill up the entire div */
margin-top: 5px;
}
#menu {
margin-top: 5%;
float: left;
border: 5px dashed pink;
border-bottom: none; /* avoid a double border */
clear: both; /* clear:both makes sure the content div doesn't float next to this one but stays under it */
width:100%;
height:50px;
padding: 0 30px;
text-align: left;
font-size: 85%;
}
#menu a:hover {
background-color: #009FC1;
}
#userbar {;
float: right;
width: 300px;
height: 50px;
}
#userBarMsg {
color: #FAFAFA;
}
#footer {
clear: both;
}
/* begin table styles */
table {
border-collapse: collapse;
width: 100%;
}
table, td, th {
border: 1px solid pink;
}
table a:hover {
color: pink;
text-decoration: none;
}
th {
background-color: #2E2E2E;
color: #FAFAFA;
padding: 5px;
}
td {
padding: 5px;
}
/* Begin font styles */
h1 {
font-size: 50pt;
margin-bottom: -25px;
}
#footer {
color: #FAFAFA;
}
h3 {
margin: 0;
padding: 0;
}
a {
text-decoration: none;
color: purple;
}
/* Menu styles */
.item {
background-color: #2E2E2E;
border: 3px dashed pink;
padding: 10px;
text-decoration: none;
color: #FAFAFA;
margin-right: 10px;
}
.leftpart {
width: 70%;
}
.rightpart {
width: 30%;
}
.small {
font-size: 75%;
}
#footer {
font-size: 9pt;
padding: 3px 0 0 0;
}
textarea {
width: 500px;
height: 200px;
}

103
php forum/topic.php
View File

@ -1,103 +0,0 @@
<?php
//topic.php
include 'connect.php';
include 'header.php';
$topic = $_GET['id'];
$sql = "SELECT topicNo, topicSubject
FROM topics
WHERE topics.topicNo = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('i', $topic);
$stmt->execute();
if(!$result = $stmt->get_result())
{
echo 'The topic could not be displayed, please try again later.';
}
else
{
if($result->num_rows == 0)
{
echo 'This topic doesn&prime;t exist.';
}
else
{
while($row = $result->fetch_assoc())
{
//display post data
echo '<table class="topic" border="1">
<tr>
<th colspan="2">' . htmlentities($row['topicSubject'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '</th>
</tr>';
//fetch the posts from the database
$posts_sql = "SELECT posts.postNo, posts.postTopic, posts.postContent, posts.postDate, posts.postBy, users.userNo, users.userName
FROM posts LEFT JOIN users
ON posts.postBy = users.userNo
WHERE posts.postTopic = ?
ORDER BY posts.postDate";
$stmt = $conn->prepare($posts_sql);
$stmt->bind_param('i', $topic);
$stmt->execute();
$posts_result = $stmt->get_result();
if(!$posts_result)
{
echo '<tr><td>The posts could not be displayed, please try again later.</tr></td></table>';
}
else
{
while($posts_row = $posts_result->fetch_assoc())
{
$name = htmlentities($posts_row['userName'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
$date = htmlentities(date_format(date_create($posts_row['postDate']), 'd/m/Y H:i:s'), ENT_QUOTES | ENT_HTML5, 'UTF-8');
$content = htmlentities(stripslashes($posts_row['postContent']), ENT_QUOTES | ENT_HTML5, 'UTF-8');
$poster = htmlentities($posts_row['postBy'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
$post = htmlentities($posts_row['postNo'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
echo '<tr class="topic-post">';
if($_SESSION['userNo'] != $poster)
{
echo '<td class="leftpart">' . $content . '</td>';
}
else
{
echo '<td class="leftpart">' . $content .
'<span style="float:right;"><a href="edit_post.php?post=' . $post . '&topic=' . $topic . '">[edit]</a> ' .
'<a href="delete_post.php?post=' . $post . '&topic=' . $topic . '">[delete]</a></span></td>';
}
echo '<td class="rightpart">' . $name . '<br/>' . $date . '</td>';
echo '</tr>';
}
}
if(!$_SESSION['signedIn'])
{
echo '<tr><td colspan=2>You must be <a href="signin.php">signed in</a> to reply. You can also <a href="signup.php">sign up</a> for an account.';
//finish the table
echo '</table>';
}
else
{
//finish the table
echo '</table>';
//show reply box
echo ' <br />
<form method="post" action="reply.php?id=' . htmlentities($row['topicNo'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '">
<label for="replyContent">Reply: </label><br />
<textarea name="replyContent"></textarea><br /><br />
<input type="submit" value="Submit reply" />
</form>';
}
}
}
}
include 'footer.php';
?>

43
php gallery/clear.php
View File

@ -1,43 +0,0 @@
<?php
include 'connect.php';
$files = glob('uploaded/*'); // get all file names
foreach($files as $file){ // iterate files
if(is_file($file))
unlink($file); // delete file
}
$commentsdrop="DROP TABLE comments";
$conn->query($commentsdrop);
$uploadsdrop="DROP TABLE uploads";
$conn->query($uploadsdrop);
$uploadscreate="
CREATE TABLE uploads (
uploadNo INT(8) NOT NULL AUTO_INCREMENT,
uploadDir VARCHAR(255),
uploadName VARCHAR(255),
PRIMARY KEY (uploadNo)
)";
$conn->query($uploadscreate);
$commentscreate="
CREATE TABLE comments (
commentNo INT(8) NOT NULL AUTO_INCREMENT,
commentName VARCHAR(255),
commentText VARCHAR(255),
uploadNo INT(8) NOT NULL,
PRIMARY KEY (commentNo),
FOREIGN KEY (uploadNo) REFERENCES uploads(uploadNo)
)";
$conn->query($commentscreate);
$addstart="INSERT INTO uploads (uploadDir,uploadName) VALUES (1,1)";
$conn->query($addstart);
echo "<script>window.history.back();</script>";
?>

27
php gallery/comment_send.php
View File

@ -1,27 +0,0 @@
<?php
include 'connect.php';
$id=intval($_POST['id']);
$name=$_POST['name'];
$comment=$_POST['comment'];
$sql="INSERT INTO comments (commentName, commentText, uploadNo) VALUES (?, ?, ?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param('ssi', $name, $comment, $id);
if ($result = $stmt->execute())
{
echo '1 record added.' . '</br>';
echo 'id: ' . htmlentities($id, ENT_QUOTES | ENT_HTML5, 'UTF-8') . ' comment: ' . htmlentities($comment, ENT_QUOTES | ENT_HTML5, 'UTF-8') . ' name: ' . htmlentities($name, ENT_QUOTES | ENT_HTML5, 'UTF-8');
}
else{
echo 'update failed.' . $conn->error . '</br>';
}
echo "<script>window.history.back();</script>";
?>

15
php gallery/connect.php
View File

@ -1,15 +0,0 @@
<?php
session_start();
//connect.php
$server = 'localhost';
$username = 'root';
$password = 'Solomon123';
$db = 'gallery';
// Create connection
$conn = new mysqli($server, $username, $password, $db);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
?>

7
php gallery/foot.php
View File

@ -1,7 +0,0 @@
</div><!-- content -->
<div id="footer">
<p>Copyright (c) inkletblot.com 2018.</p>
</div>
</div><!-- wrapper -->
</body>
</html>

18
php gallery/gallery-bld.sql
View File

@ -1,18 +0,0 @@
DROP TABLE comments;
DROP TABLE uploads;
CREATE TABLE uploads (
uploadNo INT(8) NOT NULL AUTO_INCREMENT,
uploadDir VARCHAR(255),
uploadName VARCHAR(255),
PRIMARY KEY (uploadNo)
);
CREATE TABLE comments (
commentNo INT(8) NOT NULL AUTO_INCREMENT,
commentName VARCHAR(255),
commentText VARCHAR(255),
uploadNo INT(8) NOT NULL,
PRIMARY KEY (commentNo),
FOREIGN KEY (uploadNo) REFERENCES uploads(uploadNo)
);

25
php gallery/head.php
View File

@ -1,25 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="description" content="My attempt at a simple image gallery." />
<meta name="keywords" content="simple, gallery, attempt, project" />
<title>Gallery</title>
<link rel="stylesheet" href="../styles/site-wide.css" type="text/css">
</head>
<body>
<div id="wrapper">
<div id="header">
<h1>Gallery;</h1>
<h4>Ink's gallery.<h4>
</div>
<div id="menu">
<a class="item" href="index.php">Gallery</a>
<a class="item" href="upload.php">Upload</a>
<a class="item" href="clear.php">Clear All</a>
<a class="item" href="#" onClick="window.location.reload( true );">Refresh</a>
<a class="item" href="../">Ink's Things</a>
</div>
<div id="content">

82
php gallery/index.php
View File

@ -1,82 +0,0 @@
<?php
include 'connect.php';
include 'head.php';
$result=$conn->query("SELECT MAX(uploadNo) AS 'max' FROM uploads");
$maxid=intval($result->fetch_assoc()['max']);
$x= 1;
if($maxid == 1) {
echo '<p id="placeholder">Be the first to submit an image!</p>';
}
else {
while($x < $maxid) {
$x++;
$uploadNo=$x;
$sql="SELECT uploadDir, uploadName FROM uploads WHERE uploadNo = ?";
$stmt=$conn->prepare($sql);
$stmt->bind_param('i', $x);
$stmt->execute();
$post = $stmt->get_result()->fetch_assoc();
echo '<div id="apost">
<h2>' . htmlentities($post["uploadName"], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '</h2>
<img src="' . $post["uploadDir"] . '"><br>
<form action="comment_send.php" method="post" enctype="multipart/form-data">
<input type="text" value="comment" name="comment" id="comment">
<input type="text" value="name" name="name" id="name">
<input type="hidden" name="id" value="' . htmlentities($uploadNo, ENT_QUOTES | ENT_HTML5, 'UTF-8') . '" id="id">
<input type="submit" name="submit" value="Submit">
</form>';
echo "<div id'acomment'>";
$sql = "SELECT * FROM comments WHERE uploadNo = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('i', $uploadNo);
$stmt->execute();
$comments = $stmt->get_result();
while($comment = $comments->fetch_assoc()) {
echo '<p id="acomment">' . htmlentities($comment['commentText'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . ' - <i>' . htmlentities($comment['commentName'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '</i></p>';
}
echo "</div>";
echo '</div>';
}
}
include 'foot.php';
?>

97
php gallery/style.css.bak
View File

@ -1,97 +0,0 @@
/* BEGIN BASIC FORUM STYLES */
body {
background-color: #0F0F0F;
text-align: center; /* make sure IE centers the page too */
font-family: sans-serif;
color: #4B0082;
}
#wrapper {
left:20%;
right:20%;
width:75%;
margin: 0 auto; /* center the page */
}
#header {
text-align: left;
padding-left: 8%;
}
#content {
border: 5px dashed pink;
border-top: none;
float: left;
padding: 20px 30px;
text-align: left;
width: 95%; /* fill up the entire div */
margin-top: 5px;
}
#placeholder {
color:pink;
text-align: center;
font-size: 90pt;
}
img {
height:auto;
width:auto;
max-width:800px;
max-height:600px;
}
p.comment{
}
#footer {
clear: both;
}
/* Begin font styles */
h1 {
font-size: 50pt;
margin-bottom: -25px;
}
#footer {
color: #FAFAFA;
}
h3 {
margin: 0;
padding: 0;
}
/* Menu styles */
#menu {
margin-top: 5%;
float: left;
border: 5px dashed pink;
border-bottom: none; /* avoid a double border */
clear: both; /* clear:both makes sure the content div doesn't float next to this one but stays under it */
width:95%;
height:50px;
padding: 0 30px;
text-align: left;
font-size: 90%;
}
#menu a:hover {
background-color: #009FC1;
}
.item {
background-color: #2E2E2E;
border: 3px dashed pink;
color: #FAFAFA;
padding: 10px;
text-decoration: none;
margin-right: 10px;;
}
#footer {
font-size: 65%;
padding: 3px 0 0 0;
}

22
php gallery/upload.php
View File

@ -1,22 +0,0 @@
<?php
include 'head.php';
echo '
<h2>Upload a Picture!</h2>
<form action="upload_file.php" method="post" enctype="multipart/form-data" target="_blank">
<label for="file">Picture: (pick something perculiar)</label>
<input type="file" name="file" id="file"><br /><br />
<label for="name">Name your pic!: <em>(leave clear for no name)</em></label>
<input type="text" value="name" name="name" id="name"><br /><br />
<input type="submit" name="submit" value="Submit">
</form>';
include 'foot.php';
?>

89
php gallery/upload_file.php
View File

@ -1,89 +0,0 @@
<?php
include 'connect.php';
$dir="uploaded/" . $_FILES['file']['name'];
$dir2=$_FILES['file']['name'];
$name=htmlentities($_POST['name'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
$allowedExts = array("gif", "jpeg", "jpg", "png", "JPG", "PNG");
$temp = explode(".", $_FILES['file']['name']);
$extension = end($temp);
if ((($_FILES['file']['type'] == "image/gif")
|| ($_FILES['file']['type'] == "image/jpeg")
|| ($_FILES['file']['type'] == "image/jpg")
|| ($_FILES['file']['type'] == "image/JPG")
|| ($_FILES['file']['type'] == "image/pjpeg")
|| ($_FILES['file']['type'] == "image/x-png")
|| ($_FILES['file']['type'] == "image/png")
|| ($_FILES['file']['type'] == "image/PNG"))
&& ($_FILES['file']['size'] < 2000000)
&& in_array($extension, $allowedExts))
{
if ($_FILES['file']['error'] > 0)
{
echo "Return Code: " . $_FILES['file']['error'] . "<br>";
}
else
{
echo "Upload: " . $_FILES['file']['name'] . "<br>";
echo "Type: " . $_FILES['file']['type'] . "<br>";
echo "Size: " . ($_FILES['file']['size'] / 1024) . " kB<br>";
echo "Temp file: " . $_FILES['file']['tmp_name'] . "<br>";
if (file_exists("uploaded/" . $_FILES["file"]["name"]))
{
echo $_FILES['file']['name'] . " already exists. ";
}
else
{
move_uploaded_file($_FILES['file']['tmp_name'],
"uploaded/" . $_FILES['file']['name']);
//suppressed to reduce loadtime.
//echo "Stored in: " . "uploaded/" . $_FILES['file']['name'] . "<br>";
$sql="INSERT INTO uploads (uploadDir, uploadName) VALUES (?, ?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param('ss', $dir, $name);
if ($stmt->execute())
{
//suppressed to reduce loadtime.
//echo "New record created successfully";
}
else
{
echo "Error: " . $sql . "<br>" . $conn->error;
}
}
}
}
else
{
echo "Invalid file";
echo '<pre>';
print_r($_FILES);
echo '</pre>';
}
echo "<script>window.location = 'https://www.inkletblot.com/gallery/index.php'</script>";
?>