From ebe454e8057131374a14493c951eb02e91ad5245 Mon Sep 17 00:00:00 2001
From: NikolaiDerDeutsche
 <152747946+NikolaiDerDeutsche@users.noreply.github.com>
Date: Sun, 3 Dec 2023 00:06:49 +0100
Subject: [PATCH] Add files via upload

---
 auth.php         | 50 +++++++++++++++++++++++++++++++++++++++++++++
 checkUser.php    | 12 +++++++++++
 connectionDB.php | 12 +++++++++++
 exit.php         |  5 +++++
 index.php        | 53 ++++++++++++++++++++++++++++++++++++++++++++++++
 profile.php      | 51 ++++++++++++++++++++++++++++++++++++++++++++++
 6 files changed, 183 insertions(+)
 create mode 100644 auth.php
 create mode 100644 checkUser.php
 create mode 100644 connectionDB.php
 create mode 100644 exit.php
 create mode 100644 index.php
 create mode 100644 profile.php

diff --git a/auth.php b/auth.php
new file mode 100644
index 0000000..ba640ee
--- /dev/null
+++ b/auth.php
@@ -0,0 +1,50 @@
+<?php
+include "connectionDB.php";
+
+$message="";
+if($_SERVER["REQUEST_METHOD"] === "POST") {
+    if(isset($_POST["username"]) && $_POST["password"]) {
+        try {
+                $get_user->execute(array($_POST["username"], $_POST["password"]));
+                $result = $get_user->fetch();
+            if($result) {
+                setcookie("user",crypt($_POST["password"],$_POST["username"]));
+                setcookie("userID",$result["id"]);
+                header("Location: /index.php");
+            }
+            else {
+                $add_user->execute(array($_POST["username"], $_POST["password"]));
+            }
+        } catch(Exception $e) {
+            
+            if($e->getCode() == 23505) {
+                $message = "User alredy exists";
+            }
+        }
+    }
+    else {
+        $message = "Something missing!";
+    }
+}
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>TinyTalkHub</title>
+    <link rel="stylesheet" href="css/global.css">
+</head>
+<body>
+    <form action="/auth.php" method="POST" class="form-auth-wrap">
+        <label>User login: </label>
+        <input name="username" placeholder="Type here..." /> <br/>
+        <label>User Password: </label>
+        <input name="password"placeholder="Type here..." /> </br>
+        <button>Submit</button>
+
+        <p> <?php echo $message; ?></p>
+    </form>
+</body>
+</html>
\ No newline at end of file
diff --git a/checkUser.php b/checkUser.php
new file mode 100644
index 0000000..83d44b7
--- /dev/null
+++ b/checkUser.php
@@ -0,0 +1,12 @@
+<?php
+    if(isset($_COOKIE["userID"]) && isset($_COOKIE["user"])) {
+        $get_user_password->execute([$_COOKIE["userID"]]);
+        $userCheck = $get_user_password->fetch();
+        if(crypt($userCheck["password"],$userCheck["username"]) !== $_COOKIE["user"]) {
+            header("Location: /exit.php");
+        }
+    }
+    else {
+        header("Location: /exit.php");
+    }
+?>
\ No newline at end of file
diff --git a/connectionDB.php b/connectionDB.php
new file mode 100644
index 0000000..350c001
--- /dev/null
+++ b/connectionDB.php
@@ -0,0 +1,12 @@
+<?php
+ $pdo = new PDO("pgsql:host=localhost;dbname=tinytalkhub;user=postgres;password=tygarin2005");
+ $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+ $get_user = $pdo->prepare("SELECT * FROM users WHERE username = ? AND password = ?; ");
+ $get_user_password = $pdo->prepare("SELECT * FROM users WHERE id = ?");
+ $get_user_id = $pdo->prepare("SELECT username FROM users WHERE id = ?;");
+ $get_user_posts = $pdo->prepare("SELECT content,date::date FROM posts WHERE autor_id = ? ORDER BY id DESC");
+ $get_posts_count = $pdo->prepare("SELECT COUNT(*) FROM posts WHERE autor_id = ?");
+ $add_user = $pdo->prepare("INSERT INTO users (username,password) VAlUES(?,?);");
+ $add_post = $pdo->prepare("INSERT INTO posts (content, autor_id, date) VALUES(?, ?, NOW());");
+ $get_posts_query = "SELECT posts.id, content, username, date::date,autor_id FROM posts JOIN users ON posts.autor_id = users.id ORDER BY posts.id DESC";
+?>
\ No newline at end of file
diff --git a/exit.php b/exit.php
new file mode 100644
index 0000000..3026552
--- /dev/null
+++ b/exit.php
@@ -0,0 +1,5 @@
+<?php
+setcookie("user", "", time()-3600);
+setcookie("userID", "", time()-3600);
+header("Location: /index.php");
+?>
\ No newline at end of file
diff --git a/index.php b/index.php
new file mode 100644
index 0000000..b53e766
--- /dev/null
+++ b/index.php
@@ -0,0 +1,53 @@
+<?php
+ include "connectionDB.php";
+ include "checkUser.php"; 
+ if($_SERVER["REQUEST_METHOD"] === "POST") {
+    if($_POST["content"] !== "" && strlen($_POST["content"]) < 451) {
+        $add_post->execute(array($_POST["content"], $_COOKIE["userID"]));
+    }
+ }
+ if(!isset($_COOKIE["user"])) {
+    header("Location: /auth.php");
+ }
+
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>TinyTalkHub</title>
+    <link rel="stylesheet" href="css/global.css">
+</head>
+<body>
+    <h1><a href="/index.php">TinyTalkHub</a></h1>
+   <div class="form-wrap-post">
+        <form action="/" method="POST" >
+            <textarea maxlength="450" name="content" placeholder="Your message"></textarea>
+            <input name="autor_id" value="<?php echo $_COOKIE["userID"] ?>" type="hidden"></input>
+            <button>Submit</button>
+        </form>
+
+        <a href="/exit.php">Logout from site</a>
+   </div>
+   <div>
+        <?php 
+            $posts = $pdo->query($get_posts_query);    
+        ?>
+        <?php foreach($posts->fetchAll() as $row) { ?>
+            <div class="wrap-posts">
+                <div class="wrap-post-info">
+                    <a href="/profile.php?id=<?php echo $row["autor_id"] ?>">
+                        Created by <?php echo $row["username"] ?>
+                    </a>
+                    <p> <?php echo $row["date"] ?>
+                </p>
+                </div>
+                <div class="wrap-post-content">
+                    <p> <?php echo $row["content"] ?></p>
+                </div>
+            </div>
+        <?php }?>
+   </div>
+</body>
+</html>
\ No newline at end of file
diff --git a/profile.php b/profile.php
new file mode 100644
index 0000000..afeaf4d
--- /dev/null
+++ b/profile.php
@@ -0,0 +1,51 @@
+<?php
+    include "connectionDB.php"; 
+    include "checkUser.php";
+    if(!isset($_GET["id"])) {
+        header("Location: /index.php");
+    }
+    else {
+        $id = $_GET["id"];
+        $get_user_id->execute([$id]);
+        $get_posts_count->execute([$id]);
+        $user = $get_user_id->fetch();
+        $count = $get_posts_count->fetch();
+    }
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <link rel="stylesheet" href="css/global.css">
+    <title>TinyTalkHub</title>
+</head>
+<body>
+    <h1><a href="/index.php">TinyTalkHub</a></h1>
+
+    <div class="info-user-wrap">
+        <h3>Short info about user</h3>
+        <p>Username: <?php echo $user["username"] ?></p>
+        <p>Number of posts: <?php echo $count[0] ?></p>
+    </div>
+    <div>
+        <?php 
+            $get_user_posts->execute([$id]);    
+        ?>
+        <?php foreach($get_user_posts->fetchAll() as $row) { ?>
+            <div class="wrap-posts">
+                <div class="wrap-post-info">
+                    <p>
+                        Created by <?php  echo $user["username"] ?>
+                    </p>
+                    <p> <?php echo $row["date"] ?>
+                </p>
+                </div>
+                <div class="wrap-post-content">
+                    <p> <?php echo $row["content"] ?></p>
+                </div>
+            </div>
+        <?php }?>
+   </div>
+</body>
+</html>
\ No newline at end of file