This commit is contained in:
Bruno Rybársky 2024-04-26 09:46:10 +02:00
parent c261e28427
commit 688a68042c
2 changed files with 16 additions and 15 deletions

@ -18,16 +18,14 @@ function addMeme(string $title, string $memeText, int $imageID): array
return $output; return $output;
} }
function renderMeme(int $id, string $title, string $textContent, string $createdAt, string $filePath, string $userNickname): string function renderMeme(int $id, int $authorId, string $title, string $textContent, string $createdAt, string $filePath, string $userNickname, string $meme_template): string
{ {
global $routerConfig;
$meme_template = file_get_contents($routerConfig['template_dir'] . "meme.html");
$meme_out = str_replace('__TEMPLATE_MEME_TITLE__', htmlspecialchars($title), $meme_template); $meme_out = str_replace('__TEMPLATE_MEME_TITLE__', htmlspecialchars($title), $meme_template);
$meme_out = str_replace('__TEMPLATE_MEME_AUTHOR__', htmlspecialchars($userNickname), $meme_out); $meme_out = str_replace('__TEMPLATE_MEME_AUTHOR__', htmlspecialchars($userNickname), $meme_out);
$meme_out = str_replace('__TEMPLATE_MEME_DATE__', htmlspecialchars($createdAt), $meme_out); $meme_out = str_replace('__TEMPLATE_MEME_DATE__', htmlspecialchars($createdAt), $meme_out);
$meme_out = str_replace('__TEMPLATE_MEME_IMAGE__', '/' . htmlspecialchars($filePath), $meme_out); $meme_out = str_replace('__TEMPLATE_MEME_IMAGE__', '/' . htmlspecialchars($filePath), $meme_out);
$meme_out = str_replace('__TEMPLATE_MEME_DELETE_BUTTON__', isModerator() ? "<button onclick=\"deleteMeme($id);\"><i class='ri-delete-bin-line'></i></button>" : '', $meme_out); $meme_out = str_replace('__TEMPLATE_MEME_DELETE_BUTTON__', (isModerator() || $_SESSION['ID'] == $authorId) ? "<button onclick=\"deleteMeme($id);\"><i class='ri-delete-bin-line'></i></button>" : '', $meme_out);
return str_replace('__TEMPLATE_MEME_TEXT__', htmlspecialchars($textContent), $meme_out); return str_replace('__TEMPLATE_MEME_TEXT__', htmlspecialchars($textContent), $meme_out);
@ -37,10 +35,11 @@ function renderMemeGallery(): string
{ {
global $mysqli; global $mysqli;
global $routerConfig; global $routerConfig;
$stmtlist = $mysqli->prepare('SELECT Memes.ID, Memes.Title, Memes.TextContent, Memes.CreatedAt, Files.Path, Files.Type, Users.Nickname FROM Memes INNER JOIN Users ON Memes.AuthorID = Users.ID INNER JOIN Files ON Memes.FileID = Files.ID'); $stmtlist = $mysqli->prepare('SELECT Memes.ID, Memes.Title, Memes.TextContent, Memes.CreatedAt, Memes.AuthorID, Files.Path, Files.Type, Users.Nickname FROM Memes INNER JOIN Users ON Memes.AuthorID = Users.ID INNER JOIN Files ON Memes.FileID = Files.ID');
// Execute the prepared statement // Execute the prepared statement
$memeID = 0; $memeID = 0;
$authorID = 0;
$title = ""; $title = "";
$textContent = ""; $textContent = "";
$filePath = ""; $filePath = "";
@ -48,7 +47,7 @@ function renderMemeGallery(): string
$userNickname = ""; $userNickname = "";
$createdAt = ""; $createdAt = "";
// Bind the result variables // Bind the result variables
$stmtlist->bind_result($memeID, $title, $textContent, $createdAt, $filePath, $fileType, $userNickname); $stmtlist->bind_result($memeID, $title, $textContent, $createdAt, $authorID, $filePath, $fileType, $userNickname);
$stmtlist->execute(); $stmtlist->execute();
$meme_gallery_template = file_get_contents($routerConfig['template_dir'] . 'meme_gallery.html'); $meme_gallery_template = file_get_contents($routerConfig['template_dir'] . 'meme_gallery.html');
@ -57,7 +56,7 @@ function renderMemeGallery(): string
$memes_out = ''; $memes_out = '';
while ($stmtlist->fetch()) { while ($stmtlist->fetch()) {
if (str_starts_with($fileType, 'image')) { if (str_starts_with($fileType, 'image')) {
$memes_out .= renderMeme($memeID, $title, $textContent, $createdAt, $filePath, $userNickname); $memes_out .= renderMeme($memeID, $authorID, $title, $textContent, $createdAt, $filePath, $userNickname, file_get_contents($routerConfig['template_dir'] . "meme.html"));
} }
} }
$meme_gallery_out = str_replace('__TEMPLATE_MEMES_HERE__', $memes_out, $meme_gallery_template); $meme_gallery_out = str_replace('__TEMPLATE_MEMES_HERE__', $memes_out, $meme_gallery_template);

@ -78,8 +78,11 @@ function listFiles($onlyMine = true): array
{ {
$output = ["Status" => "Fail"]; $output = ["Status" => "Fail"];
require_once "lib/account.php"; require_once "lib/account.php";
if (($onlyMine && isLoggedIn()) || (!$onlyMine && isModerator())) { if (isLoggedIn()) {
global $mysqli; global $mysqli;
if (!$onlyMine && !isModerator()) {
$onlyMine = true;
}
$query = "SELECT ID, Path, Type, UploadedAt, UploadedBy FROM Files"; $query = "SELECT ID, Path, Type, UploadedAt, UploadedBy FROM Files";
if ($onlyMine) { if ($onlyMine) {
@ -173,7 +176,7 @@ function getUploadPath($type = "unknown", $filename = "hehe"): string
function fileExists(int $fileId, bool $onlyMine = true): bool|string function fileExists(int $fileId, bool $onlyMine = true): bool|string
{ {
if(!$fileId) { if (!$fileId) {
return false; return false;
} }
global $mysqli; global $mysqli;
@ -192,10 +195,9 @@ function fileExists(int $fileId, bool $onlyMine = true): bool|string
$stmtfileexists->bind_result($id, $filePath); $stmtfileexists->bind_result($id, $filePath);
$stmtfileexists->execute(); $stmtfileexists->execute();
$stmtfileexists->fetch(); $stmtfileexists->fetch();
if ($id != -1){ if ($id != -1) {
return $filePath; return $filePath;
} } else {
else {
return false; return false;
} }
} }
@ -223,7 +225,7 @@ function addToGroup(int $groupId, int $fileId): array
return $output; return $output;
} }
function getImageURL(int $imageFileID) :string function getImageURL(int $imageFileID): string
{ {
global $mysqli; global $mysqli;
$path = ""; $path = "";
@ -236,11 +238,11 @@ function getImageURL(int $imageFileID) :string
} }
function deleteFile(int $fileID) :string function deleteFile(int $fileID): string
{ {
global $mysqli; global $mysqli;
$out = ["Status" => "Fail"]; $out = ["Status" => "Fail"];
if(isLoggedIn()) { if (isLoggedIn()) {
$file_location = fileExists($fileID, !isAdmin()); $file_location = fileExists($fileID, !isAdmin());
$query = !isAdmin() ? 'DELETE FROM Files WHERE ID = ? AND UploadedBy = ?' : 'DELETE FROM Files WHERE ID = ?'; $query = !isAdmin() ? 'DELETE FROM Files WHERE ID = ? AND UploadedBy = ?' : 'DELETE FROM Files WHERE ID = ?';
$stmtDelete = $mysqli->prepare($query); $stmtDelete = $mysqli->prepare($query);