Andreu Huguet | 0d5d731 | 2020-09-15 21:12:43 +0200 | [diff] [blame] | 1 | <head> |
| 2 | <link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" /> |
| 3 | <link rel="stylesheet" href="./css/basic.css" /> |
| 4 | <link rel="stylesheet" href="./css/main.css" /> |
| 5 | |
| 6 | <?php |
| 7 | require './credentials.php'; |
| 8 | require './php/utils.php'; |
| 9 | |
| 10 | $credentials = new Credentials(); |
| 11 | $usersdb = $credentials->usersdb; |
| 12 | $mortsdb = $credentials->mortsdb; |
| 13 | |
Adrià Vilanova Martínez | d3394e1 | 2022-11-19 15:45:58 +0100 | [diff] [blame^] | 14 | date_default_timezone_set("Europe/Madrid"); |
Andreu Huguet | 0d5d731 | 2020-09-15 21:12:43 +0200 | [diff] [blame] | 15 | |
| 16 | $user = $_COOKIE['user']; // (int)$_POST['user']; |
| 17 | $password = $_COOKIE['password']; // isset($_POST['password']) ? md5($_POST['password']) : ''; |
| 18 | |
| 19 | if (!isset($_COOKIE['user']) or $_COOKIE['user'] == '') { |
| 20 | die("<script>window.location.href = './'</script>"); |
| 21 | } else if (isset($_COOKIE['password'])) { |
| 22 | $query_password = "SELECT password FROM $usersdb WHERE id=$user"; |
| 23 | if (query($query_password)->fetch_row()[0] != $password) { |
| 24 | // Unset variables |
| 25 | setcookie('user', '', -1, "/"); |
| 26 | setcookie('password', '', -1, "/"); |
| 27 | |
| 28 | die("<script>window.location.href = './?passwordchanged=1'</script>"); |
| 29 | } |
| 30 | } |
| 31 | ?> |
| 32 | |
| 33 | |
| 34 | <?php |
| 35 | $user = get_users($user); |
| 36 | $victim = get_users($user->quimata); |
| 37 | if ($user->mort) die("<script>window.location.href = './dead.php'</script>"); |
| 38 | ?> |
| 39 | |
| 40 | |
| 41 | <meta charset="UTF-8"> |
| 42 | <title>PastanagAPP</title> |
| 43 | |
| 44 | <meta name="viewport" content="width=device-width, initial-scale=1"> |
| 45 | <link rel="manifest" href="https://api.myjson.com/bins/u6r41"> |
| 46 | |
| 47 | <!-- Apple web app --> |
| 48 | <link rel="apple-touch-icon" href="./bin/images/icons/icon-72x72.png"> |
| 49 | <meta name="apple-mobile-web-app-title" content="PastanagAPP"> |
| 50 | <meta name="apple-mobile-web-app-capable" content="yes"> |
| 51 | <meta name="apple-mobile-web-app-status-bar-style" content="green"> |
| 52 | </head> |
| 53 | <body> |
| 54 | <div id="outter-container"> |
| 55 | <div id="inner-container"> |
| 56 | <div><a href="./main.php">Tornar a la pàgina principal</a></div> |
| 57 | |
| 58 | <div id="message-board"> |
| 59 | <div id="victim-messages"> |
| 60 | <div class="messages-sent"> |
| 61 | <?php |
| 62 | // Create connection |
| 63 | $credentials = new Credentials(); |
| 64 | $conn = new mysqli($credentials->servername, $credentials->username, $credentials->password, $credentials->dbname); |
| 65 | if ($conn->connect_error) die("Connection failed: " . $conn->connect_error); |
| 66 | $conn->set_charset("utf8"); |
| 67 | |
| 68 | // Execute query and save result |
| 69 | $query_msgs = "SELECT * FROM `missatges` WHERE (`sender_id` = ".$user->id." AND `receiver_id` = ".$user->quimata . |
| 70 | ") OR (`sender_id` = ".$user->quimata." AND `receiver_id` = ".$user->id . ")"; |
| 71 | $result = $conn->query($query_msgs); |
| 72 | |
| 73 | while($res = $result->fetch_row()) { |
| 74 | if ($res[1] == $user->id) { |
| 75 | echo "<div class='from-me'><div class='msg-content'>$res[4]</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Enviat' : 'Vist')."</span></div></div>"; |
| 76 | } else { |
| 77 | echo "<div class='to-me'><div class='msg-content'>$res[4]</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Nou!' : '')."</span></div></div>"; |
| 78 | } |
| 79 | } |
| 80 | |
| 81 | // Update 'seen' messages |
| 82 | $query_seen = "UPDATE missatges SET `seen` = 1 WHERE `receiver_id` = " . $user->id . " AND `sender_id` = " . $user->quimata; |
| 83 | $conn->query($query_seen); |
| 84 | |
| 85 | // Close the connection |
| 86 | $conn->close(); |
| 87 | ?> |
| 88 | </div> |
| 89 | <form action="./php/send_thread.php" method="POST"> |
| 90 | <input type="text" name="msg-content" placeholder="Que es cagui de por" /> |
| 91 | <input type="hidden" name="killer-id" value="<?=(int)$user->id?>"> |
| 92 | <input type="hidden" name="victim-id" value="<?=(int)$user->quimata?>"> |
| 93 | <input type="hidden" name="origin" value="victim"> |
| 94 | <input type="submit" value="Enviar amenaça" /> |
| 95 | </form> |
| 96 | </div> |
| 97 | |
| 98 | </div> |
| 99 | |
| 100 | </div> |
| 101 | </div> |
Adrià Vilanova Martínez | d3394e1 | 2022-11-19 15:45:58 +0100 | [diff] [blame^] | 102 | </body> |