87 lines
3.5 KiB
PHP
87 lines
3.5 KiB
PHP
<?php
|
|
|
|
require_once "lib/upload.php";
|
|
require_once "lib/account.php";
|
|
|
|
function addMeme(string $title, string $memeText, int $imageID): array
|
|
{
|
|
global $mysqli;
|
|
$output = ["Status" => "Fail"];
|
|
if (isLoggedIn() && fileExists($imageID, false) && !empty($title) && !empty($memeText) && !empty($imageID) && $imageID > 0) {
|
|
$stmtMemeAdd = $mysqli->prepare('INSERT INTO Memes (AuthorID, Title, TextContent, FileID) VALUES (?, ?, ?, ?)');
|
|
$stmtMemeAdd->bind_param('issi', $_SESSION['ID'], htmlspecialchars($title), htmlspecialchars($memeText), $imageID);
|
|
if ($stmtMemeAdd->execute() && $stmtMemeAdd->affected_rows > 0) {
|
|
$output["Status"] = "Success";
|
|
$output["Meme"] = "Funny";
|
|
}
|
|
}
|
|
return $output;
|
|
}
|
|
|
|
function renderMeme(int $id, int $authorId, string $title, string $textContent, string $createdAt, string $filePath, string $userNickname, string $meme_template): string
|
|
{
|
|
|
|
$meme_out = str_replace('__TEMPLATE_MEME_TITLE__', htmlspecialchars($title), $meme_template);
|
|
$meme_out = str_replace('__TEMPLATE_MEME_AUTHOR__', htmlspecialchars($userNickname), $meme_out);
|
|
$meme_out = str_replace('__TEMPLATE_MEME_DATE__', htmlspecialchars($createdAt), $meme_out);
|
|
$meme_out = str_replace('__TEMPLATE_MEME_IMAGE__', '/' . htmlspecialchars($filePath), $meme_out);
|
|
$meme_out = str_replace('__TEMPLATE_MEME_DELETE_BUTTON__', (isModerator() || $_SESSION['ID'] == $authorId) ? "<button onclick=\"deleteMeme($id);\"><i class='ri-delete-bin-line'></i></button>" : '', $meme_out);
|
|
|
|
|
|
return str_replace('__TEMPLATE_MEME_TEXT__', htmlspecialchars($textContent), $meme_out);
|
|
}
|
|
|
|
function renderMemeGallery(): string
|
|
{
|
|
global $mysqli;
|
|
global $routerConfig;
|
|
$stmtlist = $mysqli->prepare('SELECT Memes.ID, Memes.Title, Memes.TextContent, Memes.CreatedAt, Memes.AuthorID, Files.Path, Files.Type, Users.Nickname FROM Memes INNER JOIN Users ON Memes.AuthorID = Users.ID INNER JOIN Files ON Memes.FileID = Files.ID');
|
|
|
|
// Execute the prepared statement
|
|
$memeID = 0;
|
|
$authorID = 0;
|
|
$title = "";
|
|
$textContent = "";
|
|
$filePath = "";
|
|
$fileType = "";
|
|
$userNickname = "";
|
|
$createdAt = "";
|
|
// Bind the result variables
|
|
$stmtlist->bind_result($memeID, $title, $textContent, $createdAt, $authorID, $filePath, $fileType, $userNickname);
|
|
$stmtlist->execute();
|
|
|
|
$meme_gallery_template = file_get_contents($routerConfig['template_dir'] . 'meme_gallery.html');
|
|
|
|
// Fetch the results
|
|
$memes_out = '';
|
|
while ($stmtlist->fetch()) {
|
|
if (str_starts_with($fileType, 'image')) {
|
|
$memes_out .= renderMeme($memeID, $authorID, $title, $textContent, $createdAt, $filePath, $userNickname, file_get_contents($routerConfig['template_dir'] . "meme.html"));
|
|
}
|
|
}
|
|
$meme_gallery_out = str_replace('__TEMPLATE_MEMES_HERE__', $memes_out, $meme_gallery_template);
|
|
|
|
// Close the statement
|
|
$stmtlist->close();
|
|
return $meme_gallery_out;
|
|
}
|
|
|
|
function deleteMeme(int $memeId): array
|
|
{
|
|
global $mysqli;
|
|
$out = ["Status" => "Fail"];
|
|
if (isLoggedIn()) {
|
|
$query = !isAdmin() ? 'DELETE FROM Memes WHERE ID = ? AND AuthorID = ?' : 'DELETE FROM Memes WHERE ID = ?';
|
|
$stmtDelete = $mysqli->prepare($query);
|
|
if (!isAdmin()) {
|
|
$stmtDelete->bind_param('ii', $memeId, $_SESSION['id']);
|
|
} else {
|
|
$stmtDelete->bind_param('i', $memeId);
|
|
}
|
|
$stmtDelete->execute();
|
|
if ($stmtDelete->affected_rows > 0) {
|
|
$out['Status'] = 'Success';
|
|
}
|
|
}
|
|
return $out;
|
|
} |