Galleries/PHPGallery
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/image-gallery.git synced 2025-06-03 00:43:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

World shittest gallery implementation 😳

Browse source
This commit is contained in:
Michał Gdula 2022-09-23 23:02:59 +00:00
parent 6d3012a4f7
commit e19bab45cd
7 changed files with 273 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

80
app/image/group.php
View file

@ -25,9 +25,9 @@ if (isset($_POST['group_submit'])) {
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "i", $param_user_id);
$param_user_id = $_POST['group_id'];
$stmt->execute();
$query = $stmt->get_result();
@ -47,7 +47,9 @@ if (isset($_POST['group_submit'])) {
?>
<script>
sniffleAdd('Success!!!', 'Updates the image group! Redirecting.... soon', 'var(--green)', 'assets/icons/check.svg');
setTimeout(function(){window.location.href = "group.php?id=<?php echo $_POST['group_id']; ?>";}, 2000);
setTimeout(function() {
window.location.href = "group.php?id=<?php echo $_POST['group_id']; ?>";
}, 2000);
</script>
<?php
} else {
@ -67,3 +69,75 @@ if (isset($_POST['group_submit'])) {
}
}
}
/*
|-------------------------------------------------------------
| Edit Description
|-------------------------------------------------------------
| This script took probably over 24hours to write, mostly
| because of my stupidity. But it (mostly) works now which is
| good. Reason for all the includes and session_start is due
| to the need of checking if the person owns the image. If this
| check is not done, someone could come by and just edit the
| Jquery code on the front-end and change the image ID. Which
| isnt too great :p
|-------------------------------------------------------------
*/
if (isset($_POST['title_submit'])) {
$sql = "SELECT author FROM groups WHERE id= ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "i", $param_user_id);
$param_user_id = $_POST['group_id'];
$stmt->execute();
$query = $stmt->get_result();
if ($_SESSION['id'] == $query || $user_info->is_admin($conn, $_SESSION['id'])) {
// getting ready forSQL asky asky
$sql = "UPDATE groups SET group_name = ? WHERE id = ?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_title, $param_id);
// Setting parameters
$param_title = $_POST['group_title'];
$param_id = $_POST['group_id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'The title has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
}