|
1
|
|
|
<?php require($_SERVER['DOCUMENT_ROOT'] . "/static/config.inc.php"); ?> |
|
2
|
|
|
<?php require($_SERVER['DOCUMENT_ROOT'] . "/static/conn.php"); ?> |
|
3
|
|
|
<?php require($_SERVER['DOCUMENT_ROOT'] . "/lib/profile.php"); ?> |
|
4
|
|
|
<!DOCTYPE html> |
|
5
|
|
|
<html> |
|
6
|
|
|
<head> |
|
7
|
|
|
<link href="/static/css/required.css" rel="stylesheet"> |
|
8
|
|
|
<title>Witter: What are you doing?</title> |
|
9
|
|
|
<script src='https://www.google.com/recaptcha/api.js' async defer></script> |
|
10
|
|
|
<script>function onLogin(token){ document.getElementById('submitform').submit(); }</script> |
|
11
|
|
|
<?php $weet = getWeetFromRID($_GET['rid'], $conn); ?> |
|
12
|
|
|
<?php $user = getUserFromName($weet['author'], $conn); ?> |
|
13
|
|
|
<meta property="og:title" content="@<?php echo $user['username']; ?>" /> |
|
14
|
|
|
<meta property="og:description" |
|
15
|
|
|
content="<?php echo $weet['contents']; ?>" /> |
|
16
|
|
|
<meta property="og:image" content="https://witter.spacemy.xyz/dynamic/pfp/<?php echo $user['pfp']; ?>" /> |
|
17
|
|
|
</head> |
|
18
|
|
|
<body id="front" <?php if($user['bg'] != "") { echo "style='background-repeat: repeat; background-image: url(" . str_replace('"', '\"', $user['bg']) . ");'"; }?>> |
|
19
|
|
|
<div id="container"> |
|
20
|
|
|
<?php require($_SERVER['DOCUMENT_ROOT'] . "/static/header.php"); |
|
21
|
|
|
if($_SERVER['REQUEST_METHOD'] == 'POST') { |
|
22
|
|
|
if(!isset($_SESSION['siteusername'])){ $error = "you are not logged in"; goto skipcomment; } |
|
23
|
|
|
if(!$_POST['comment']){ $error = "your comment cannot be blank"; goto skipcomment; } |
|
24
|
|
|
if(strlen($_POST['comment']) > 500){ $error = "your comment must be shorter than 500 characters"; goto skipcomment; } |
|
25
|
|
|
if(!isset($_POST['g-recaptcha-response'])){ $error = "captcha validation failed"; goto skipcomment; } |
|
26
|
|
|
if(!validateCaptcha($config['recaptcha_secret'], $_POST['g-recaptcha-response'])) { $error = "captcha validation failed"; goto skipcomment; } |
|
27
|
|
|
|
|
28
|
|
|
$stmt = $conn->prepare("INSERT INTO `replies` (author, contents, toc) VALUES (?, ?, ?)"); |
|
29
|
|
|
$stmt->bind_param("sss", $_SESSION['siteusername'], $text, $_GET['rid']); |
|
30
|
|
|
$uniqid = time() . uniqid(); |
|
31
|
|
|
$text = htmlspecialchars($_POST['comment']); |
|
32
|
|
|
$stmt->execute(); |
|
33
|
|
|
$stmt->close(); |
|
34
|
|
|
skipcomment: |
|
35
|
|
|
} |
|
36
|
|
|
?> |
|
37
|
|
|
<div id="content"> |
|
38
|
|
|
<div class="wrapper"> |
|
39
|
|
|
<div class="customtopRight"> |
|
40
|
|
|
Name: <b><big><?php echo $_SESSION['siteusername']; ?></big></b><br> |
|
41
|
|
|
<table id="cols"> |
|
42
|
|
|
<tr> |
|
43
|
|
|
<th style="width: 33%;"> </th> |
|
44
|
|
|
<th style="width: 33%;"> </th> |
|
45
|
|
|
<th style="width: 33%;"> </th> |
|
46
|
|
|
</tr> |
|
47
|
|
|
<tr> |
|
48
|
|
|
<td><big><big><big><b><?php echo getFollowing($_SESSION['siteusername'], $conn); ?></b></big></big></big><br><span id="blue">following</span></td> |
|
49
|
|
|
<td><big><big><big><b><?php echo getFollowers($_SESSION['siteusername'], $conn); ?></b></big></big></big><br><span id="blue">followers</span></td> |
|
50
|
|
|
<td> </td> |
|
51
|
|
|
</tr> |
|
52
|
|
|
</table><br> |
|
53
|
|
|
</div> |
|
54
|
|
|
<div class="customtopLeft"> |
|
55
|
|
|
<table id="feed"> |
|
56
|
|
|
<tr> |
|
57
|
|
|
<th style="width: 48px;"> </th> |
|
58
|
|
|
<th> </th> |
|
59
|
|
|
</tr> |
|
60
|
|
|
<?php |
|
61
|
|
|
$stmt = $conn->prepare("SELECT * FROM weets WHERE realid = ?"); |
|
62
|
|
|
$stmt->bind_param("s", $_GET['rid']); |
|
63
|
|
|
$stmt->execute(); |
|
64
|
|
|
$result = $stmt->get_result(); |
|
65
|
|
|
if($result->num_rows === 0) echo('There are no weets.'); |
|
66
|
|
|
while($row = $result->fetch_assoc()) { |
|
67
|
|
|
?> |
|
68
|
|
|
<tr> |
|
69
|
|
|
<big><big><big> |
|
70
|
|
|
<td> |
|
71
|
|
|
<img id="pfp" src="/dynamic/pfp/<?php echo getPFPFromUser($row['author'], $conn); ?>"> |
|
72
|
|
|
</td> |
|
73
|
|
|
<td><a id="tag" href="/u.php?n=<?php echo handleTag($row['author']); ?>"><?php echo($row['author']); ?></a> |
|
74
|
|
|
<?php if(returnVerifiedFromUsername($row['author'], $conn) != "") { ?> <span style="border-radius: 10px; background-color: deepskyblue; color: white; padding: 3px;"><?php echo(returnVerifiedFromUsername($row['author'], $conn)); ?></span> <?php } ?> |
|
75
|
|
|
<div id="floatRight" class="dropdown"> |
|
76
|
|
|
<span><img style="vertical-align: middle;" src="/static/witter-dotdotdot.png"></span> |
|
77
|
|
|
<div class="dropdown-content"> |
|
78
|
|
|
<a href="#<?php //echo report.php?r=$row['realid']; ?>"><img style="vertical-align: middle;" src="/static/witter-report.png"></a><br> |
|
79
|
|
|
<?php if(isset($_SESSION['siteusername']) && $row['author'] == $_SESSION['siteusername']) { ?> |
|
80
|
|
|
<a href="/delete.php?rid=<?php echo $row['realid']; ?>"><img style="vertical-align: middle;" src="/static/witter-trash.png"></a><br> |
|
81
|
|
|
<a href="/edit.php?rid=<?php echo $row['realid']; ?>"><img style="vertical-align: middle;" src="/static/witter-edit.png"></a><br> |
|
82
|
|
|
<?php } ?> |
|
83
|
|
|
</div> |
|
84
|
|
|
</div> |
|
85
|
|
|
<span id="floatRight"> |
|
86
|
|
|
<?php if(ifLiked($_SESSION['siteusername'], $row['id'], $conn) == true) { ?> |
|
|
|
|
|
|
87
|
|
|
<a href="/unlike.php?id=<?php echo $row['id']; ?>"><img style="vertical-align: middle;" src="/static/witter-like.png"></a> |
|
88
|
|
|
<?php } else { ?> |
|
89
|
|
|
<a href="/like.php?id=<?php echo $row['id']; ?>"><img style="vertical-align: middle;" src="/static/witter-liked.png"></a> |
|
90
|
|
|
<?php } ?> |
|
91
|
|
|
</span> |
|
92
|
|
|
<div id="feedtext"><?php echo parseText($row['contents']); ?> </div> |
|
93
|
|
|
<small id="grey">about <?php echo time_elapsed_string($row['date']); ?> from web |
|
94
|
|
|
<span id="floatRight"> |
|
95
|
|
|
<?php echo getComments($row['realid'], $conn); ?><img style="vertical-align: middle;" src="/static/witter-replies.png"> • <a href="/v.php?rid=<?php echo $row['realid']; ?>">Reply</a> • <a href="/home.php?text=https://witter.spacemy.xyz/embed/?i=<?php echo $row['realid']; ?>">Reweet</a> |
|
96
|
|
|
</span> |
|
97
|
|
|
</small><br> |
|
98
|
|
|
<?php |
|
99
|
|
|
$likes = getLikesReal($row['id'], $conn); |
|
100
|
|
|
while($row = $likes->fetch_assoc()) { |
|
101
|
|
|
?> |
|
102
|
|
|
<a href="/u.php?n=<?php echo handleTag($row['fromu']); ?>"><img style="width: 30px; height: 30px; margin-left: 2px;" id="pfp" src="/dynamic/pfp/<?php echo getPFPFromUser($row['fromu'], $conn); ?>"></a> |
|
103
|
|
|
<?php } ?> |
|
104
|
|
|
</td> |
|
105
|
|
|
</big></big></big> |
|
106
|
|
|
</tr> |
|
107
|
|
|
<?php |
|
108
|
|
|
} |
|
109
|
|
|
$stmt->close(); |
|
110
|
|
|
?> |
|
111
|
|
|
</table> |
|
112
|
|
|
<?php if(isset($error)) { echo "<small style='color: red;'>" . $error . "</small>"; } ?> <span id="textlimit">0/500</span> |
|
113
|
|
|
<form method="post" enctype="multipart/form-data" id="submitform"> |
|
114
|
|
|
<textarea cols="32" style="width: 534px;" id="upltx" name="comment"></textarea><br> |
|
115
|
|
|
<script src="/js/commd.js"></script> |
|
116
|
|
|
<input style="float: right; font-size: 1.2em; margin-top: 5px; margin-right: -6px;" type="submit" value="reply" class="g-recaptcha" data-sitekey="<?php echo $config['recaptcha_sitekey']; ?>" data-callback="onLogin"> |
|
117
|
|
|
</form> |
|
118
|
|
|
<script src='/js/limit.js'></script><br> |
|
119
|
|
|
<table id="feed"> |
|
120
|
|
|
<tr> |
|
121
|
|
|
<th style="width: 48px;"> </th> |
|
122
|
|
|
<th> </th> |
|
123
|
|
|
</tr> |
|
124
|
|
|
<?php |
|
125
|
|
|
$stmt = $conn->prepare("SELECT * FROM replies WHERE toc = ? ORDER BY id DESC"); |
|
126
|
|
|
$stmt->bind_param("s", $_GET['rid']); |
|
127
|
|
|
$stmt->execute(); |
|
128
|
|
|
$result = $stmt->get_result(); |
|
129
|
|
|
if($result->num_rows === 0) echo('There are no reply weets.'); |
|
130
|
|
|
while($row = $result->fetch_assoc()) { |
|
131
|
|
|
?> |
|
132
|
|
|
<tr> |
|
133
|
|
|
<big><big><big> |
|
134
|
|
|
<td> |
|
135
|
|
|
<img id="pfp" src="/dynamic/pfp/<?php echo getPFPFromUser($row['author'], $conn); ?>"> |
|
136
|
|
|
</td> |
|
137
|
|
|
<td><a href="/u.php?n=<?php echo handleTag($row['author']); ?>"><?php echo $row['author']; ?></a><div id="feedtext"><?php echo parseText($row['contents']); ?> </div> |
|
138
|
|
|
<small><?php echo time_elapsed_string($row['date']); ?> from <a href="">web</a> |
|
139
|
|
|
|
|
140
|
|
|
</small> |
|
141
|
|
|
</td> |
|
142
|
|
|
</big></big></big> |
|
143
|
|
|
</tr> |
|
144
|
|
|
<?php |
|
145
|
|
|
} |
|
146
|
|
|
$stmt->close(); |
|
147
|
|
|
?> |
|
148
|
|
|
</table> |
|
149
|
|
|
</div> |
|
150
|
|
|
<?php require($_SERVER['DOCUMENT_ROOT'] . "/static/footer.php"); ?> |
|
151
|
|
|
</div> |
|
152
|
|
|
</div> |
|
153
|
|
|
</div> |
|
154
|
|
|
</body> |
|
155
|
|
|
</html> |
the-real-sumsome /
witter
typicalname
When comparing two booleans, it is generally considered safer to use the strict comparison operator.