Fix
This commit is contained in:
parent
c261e28427
commit
688a68042c
13
lib/meme.php
13
lib/meme.php
@ -18,16 +18,14 @@ function addMeme(string $title, string $memeText, int $imageID): array
|
|||||||
return $output;
|
return $output;
|
||||||
}
|
}
|
||||||
|
|
||||||
function renderMeme(int $id, string $title, string $textContent, string $createdAt, string $filePath, string $userNickname): string
|
function renderMeme(int $id, int $authorId, string $title, string $textContent, string $createdAt, string $filePath, string $userNickname, string $meme_template): string
|
||||||
{
|
{
|
||||||
global $routerConfig;
|
|
||||||
$meme_template = file_get_contents($routerConfig['template_dir'] . "meme.html");
|
|
||||||
|
|
||||||
$meme_out = str_replace('__TEMPLATE_MEME_TITLE__', htmlspecialchars($title), $meme_template);
|
$meme_out = str_replace('__TEMPLATE_MEME_TITLE__', htmlspecialchars($title), $meme_template);
|
||||||
$meme_out = str_replace('__TEMPLATE_MEME_AUTHOR__', htmlspecialchars($userNickname), $meme_out);
|
$meme_out = str_replace('__TEMPLATE_MEME_AUTHOR__', htmlspecialchars($userNickname), $meme_out);
|
||||||
$meme_out = str_replace('__TEMPLATE_MEME_DATE__', htmlspecialchars($createdAt), $meme_out);
|
$meme_out = str_replace('__TEMPLATE_MEME_DATE__', htmlspecialchars($createdAt), $meme_out);
|
||||||
$meme_out = str_replace('__TEMPLATE_MEME_IMAGE__', '/' . htmlspecialchars($filePath), $meme_out);
|
$meme_out = str_replace('__TEMPLATE_MEME_IMAGE__', '/' . htmlspecialchars($filePath), $meme_out);
|
||||||
$meme_out = str_replace('__TEMPLATE_MEME_DELETE_BUTTON__', isModerator() ? "<button onclick=\"deleteMeme($id);\"><i class='ri-delete-bin-line'></i></button>" : '', $meme_out);
|
$meme_out = str_replace('__TEMPLATE_MEME_DELETE_BUTTON__', (isModerator() || $_SESSION['ID'] == $authorId) ? "<button onclick=\"deleteMeme($id);\"><i class='ri-delete-bin-line'></i></button>" : '', $meme_out);
|
||||||
|
|
||||||
|
|
||||||
return str_replace('__TEMPLATE_MEME_TEXT__', htmlspecialchars($textContent), $meme_out);
|
return str_replace('__TEMPLATE_MEME_TEXT__', htmlspecialchars($textContent), $meme_out);
|
||||||
@ -37,10 +35,11 @@ function renderMemeGallery(): string
|
|||||||
{
|
{
|
||||||
global $mysqli;
|
global $mysqli;
|
||||||
global $routerConfig;
|
global $routerConfig;
|
||||||
$stmtlist = $mysqli->prepare('SELECT Memes.ID, Memes.Title, Memes.TextContent, Memes.CreatedAt, Files.Path, Files.Type, Users.Nickname FROM Memes INNER JOIN Users ON Memes.AuthorID = Users.ID INNER JOIN Files ON Memes.FileID = Files.ID');
|
$stmtlist = $mysqli->prepare('SELECT Memes.ID, Memes.Title, Memes.TextContent, Memes.CreatedAt, Memes.AuthorID, Files.Path, Files.Type, Users.Nickname FROM Memes INNER JOIN Users ON Memes.AuthorID = Users.ID INNER JOIN Files ON Memes.FileID = Files.ID');
|
||||||
|
|
||||||
// Execute the prepared statement
|
// Execute the prepared statement
|
||||||
$memeID = 0;
|
$memeID = 0;
|
||||||
|
$authorID = 0;
|
||||||
$title = "";
|
$title = "";
|
||||||
$textContent = "";
|
$textContent = "";
|
||||||
$filePath = "";
|
$filePath = "";
|
||||||
@ -48,7 +47,7 @@ function renderMemeGallery(): string
|
|||||||
$userNickname = "";
|
$userNickname = "";
|
||||||
$createdAt = "";
|
$createdAt = "";
|
||||||
// Bind the result variables
|
// Bind the result variables
|
||||||
$stmtlist->bind_result($memeID, $title, $textContent, $createdAt, $filePath, $fileType, $userNickname);
|
$stmtlist->bind_result($memeID, $title, $textContent, $createdAt, $authorID, $filePath, $fileType, $userNickname);
|
||||||
$stmtlist->execute();
|
$stmtlist->execute();
|
||||||
|
|
||||||
$meme_gallery_template = file_get_contents($routerConfig['template_dir'] . 'meme_gallery.html');
|
$meme_gallery_template = file_get_contents($routerConfig['template_dir'] . 'meme_gallery.html');
|
||||||
@ -57,7 +56,7 @@ function renderMemeGallery(): string
|
|||||||
$memes_out = '';
|
$memes_out = '';
|
||||||
while ($stmtlist->fetch()) {
|
while ($stmtlist->fetch()) {
|
||||||
if (str_starts_with($fileType, 'image')) {
|
if (str_starts_with($fileType, 'image')) {
|
||||||
$memes_out .= renderMeme($memeID, $title, $textContent, $createdAt, $filePath, $userNickname);
|
$memes_out .= renderMeme($memeID, $authorID, $title, $textContent, $createdAt, $filePath, $userNickname, file_get_contents($routerConfig['template_dir'] . "meme.html"));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$meme_gallery_out = str_replace('__TEMPLATE_MEMES_HERE__', $memes_out, $meme_gallery_template);
|
$meme_gallery_out = str_replace('__TEMPLATE_MEMES_HERE__', $memes_out, $meme_gallery_template);
|
||||||
|
@ -78,8 +78,11 @@ function listFiles($onlyMine = true): array
|
|||||||
{
|
{
|
||||||
$output = ["Status" => "Fail"];
|
$output = ["Status" => "Fail"];
|
||||||
require_once "lib/account.php";
|
require_once "lib/account.php";
|
||||||
if (($onlyMine && isLoggedIn()) || (!$onlyMine && isModerator())) {
|
if (isLoggedIn()) {
|
||||||
global $mysqli;
|
global $mysqli;
|
||||||
|
if (!$onlyMine && !isModerator()) {
|
||||||
|
$onlyMine = true;
|
||||||
|
}
|
||||||
$query = "SELECT ID, Path, Type, UploadedAt, UploadedBy FROM Files";
|
$query = "SELECT ID, Path, Type, UploadedAt, UploadedBy FROM Files";
|
||||||
|
|
||||||
if ($onlyMine) {
|
if ($onlyMine) {
|
||||||
@ -173,7 +176,7 @@ function getUploadPath($type = "unknown", $filename = "hehe"): string
|
|||||||
|
|
||||||
function fileExists(int $fileId, bool $onlyMine = true): bool|string
|
function fileExists(int $fileId, bool $onlyMine = true): bool|string
|
||||||
{
|
{
|
||||||
if(!$fileId) {
|
if (!$fileId) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
global $mysqli;
|
global $mysqli;
|
||||||
@ -192,10 +195,9 @@ function fileExists(int $fileId, bool $onlyMine = true): bool|string
|
|||||||
$stmtfileexists->bind_result($id, $filePath);
|
$stmtfileexists->bind_result($id, $filePath);
|
||||||
$stmtfileexists->execute();
|
$stmtfileexists->execute();
|
||||||
$stmtfileexists->fetch();
|
$stmtfileexists->fetch();
|
||||||
if ($id != -1){
|
if ($id != -1) {
|
||||||
return $filePath;
|
return $filePath;
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -223,7 +225,7 @@ function addToGroup(int $groupId, int $fileId): array
|
|||||||
return $output;
|
return $output;
|
||||||
}
|
}
|
||||||
|
|
||||||
function getImageURL(int $imageFileID) :string
|
function getImageURL(int $imageFileID): string
|
||||||
{
|
{
|
||||||
global $mysqli;
|
global $mysqli;
|
||||||
$path = "";
|
$path = "";
|
||||||
@ -236,11 +238,11 @@ function getImageURL(int $imageFileID) :string
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function deleteFile(int $fileID) :string
|
function deleteFile(int $fileID): string
|
||||||
{
|
{
|
||||||
global $mysqli;
|
global $mysqli;
|
||||||
$out = ["Status" => "Fail"];
|
$out = ["Status" => "Fail"];
|
||||||
if(isLoggedIn()) {
|
if (isLoggedIn()) {
|
||||||
$file_location = fileExists($fileID, !isAdmin());
|
$file_location = fileExists($fileID, !isAdmin());
|
||||||
$query = !isAdmin() ? 'DELETE FROM Files WHERE ID = ? AND UploadedBy = ?' : 'DELETE FROM Files WHERE ID = ?';
|
$query = !isAdmin() ? 'DELETE FROM Files WHERE ID = ? AND UploadedBy = ?' : 'DELETE FROM Files WHERE ID = ?';
|
||||||
$stmtDelete = $mysqli->prepare($query);
|
$stmtDelete = $mysqli->prepare($query);
|
||||||
|
Loading…
Reference in New Issue
Block a user