2025-02-24 22:02:51 +01:00
|
|
|
<?php
|
|
|
|
|
global $pdo;
|
2025-02-12 20:13:29 +01:00
|
|
|
session_start();
|
|
|
|
|
$page = isset($_GET['page']) ? $_GET['page'] : 'posts';
|
2025-02-24 22:02:51 +01:00
|
|
|
$user_page = isset($_GET['user']) ? $_GET['user'] : 'posts';
|
|
|
|
|
|
|
|
|
|
if(!isset($_SESSION['user_id'])) {
|
|
|
|
|
header("Location: login/login-page.html");
|
2025-02-12 20:13:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
include 'db_connect.php';
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
$userId = $_SESSION['user_id'];
|
2025-02-24 22:02:51 +01:00
|
|
|
|
2025-02-12 20:13:29 +01:00
|
|
|
$stmt1 = $pdo->prepare("SELECT username, email, created_at FROM users WHERE id = :id");
|
|
|
|
|
$stmt1->execute([':id' => $userId]);
|
|
|
|
|
$user = $stmt1->fetch(PDO::FETCH_ASSOC);
|
|
|
|
|
|
|
|
|
|
$stmt2 = $pdo->prepare("SELECT file_path FROM profile_pictures WHERE user_id = :user_id");
|
|
|
|
|
$stmt2->execute([':user_id' => $userId]);
|
|
|
|
|
$profile_pic = $stmt2->fetch(PDO::FETCH_ASSOC);
|
|
|
|
|
|
|
|
|
|
$stmt3 = $pdo->prepare("
|
|
|
|
|
SELECT users.username, profile_pictures.file_path
|
|
|
|
|
FROM users
|
|
|
|
|
LEFT JOIN profile_pictures ON users.id = profile_pictures.user_id
|
|
|
|
|
ORDER BY profile_pictures.uploaded_at DESC
|
|
|
|
|
");
|
|
|
|
|
$stmt3->execute();
|
|
|
|
|
$users = $stmt3->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if ($profile_pic) {
|
|
|
|
|
$profile_image = $profile_pic['file_path'];
|
|
|
|
|
} else {
|
|
|
|
|
$profile_image = 'profile-pics/default.jpeg';
|
|
|
|
|
}
|
|
|
|
|
if(!$user){
|
|
|
|
|
die("Benutzer nicht gefunden!");
|
|
|
|
|
}
|
|
|
|
|
}catch (PDOException $e){
|
|
|
|
|
die("Fehler: " . $e->getMessage());
|
|
|
|
|
}
|
|
|
|
|
?>
|
|
|
|
|
<!DOCTYPE html>
|
|
|
|
|
<html lang="de">
|
|
|
|
|
<head>
|
|
|
|
|
<meta charset="UTF-8">
|
|
|
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
|
|
|
<?php echo '<link rel="stylesheet" href="style.css?v='.time().'">'; ?>
|
|
|
|
|
<title>Profile</title>
|
|
|
|
|
</head>
|
|
|
|
|
<body>
|
|
|
|
|
|
|
|
|
|
<div class="container">
|
|
|
|
|
<div class="col-3">
|
2025-02-24 22:02:51 +01:00
|
|
|
|
2025-02-12 20:13:29 +01:00
|
|
|
<div class="navigation-body">
|
|
|
|
|
<h1>
|
|
|
|
|
<?php echo "<img class = 'profile-pictures' src='$profile_image' alt='pv' width='50'>";?>
|
|
|
|
|
<a href=""><?php echo htmlspecialchars($user['username']); ?></a>
|
|
|
|
|
</h1>
|
|
|
|
|
<ul>
|
|
|
|
|
<li><a href="">Home</a></li>
|
|
|
|
|
<li><a href="">Profil</a></li>
|
|
|
|
|
<li><a href="">Nachrichten</a></li>
|
|
|
|
|
<li><a href="">Benachrichtiungen</a></li>
|
2025-02-24 22:02:51 +01:00
|
|
|
|
2025-02-12 20:13:29 +01:00
|
|
|
</ul>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="navigation-body">
|
|
|
|
|
<ul>
|
|
|
|
|
<?php foreach ($users as $benutzer): ?>
|
|
|
|
|
<li>
|
2025-02-24 22:02:51 +01:00
|
|
|
<form action="profile.php" method="post">
|
|
|
|
|
<img src="<?= htmlspecialchars($benutzer['file_path']) ?: 'profile-pics/default.jpeg' ?>" alt="Profilbild">
|
|
|
|
|
<a href="profile.php?user=<?= urlencode($benutzer['username']) ?>"><?= htmlspecialchars($benutzer['username']) ?></a>
|
|
|
|
|
</form>
|
2025-02-12 20:13:29 +01:00
|
|
|
</li>
|
|
|
|
|
<?php endforeach; ?>
|
|
|
|
|
</ul>
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div class="profile-body col-9">
|
|
|
|
|
<div class="profile-header">
|
|
|
|
|
<h1>Willkommen, <?php echo htmlspecialchars($user['username']); ?>!</h1>
|
|
|
|
|
<p>Email: <?php echo htmlspecialchars($user['email']); ?>!</p>
|
|
|
|
|
<p>Regestriert seit:, <?php echo htmlspecialchars($user['created_at']); ?>!</p>
|
|
|
|
|
<a href="logout.php">Abmelden</a>
|
|
|
|
|
<a href="?page=posts">Posts</a>
|
|
|
|
|
<a href="?page=about">Über mich</a>
|
|
|
|
|
<a href="?page=settings">Einstellungen</a>
|
2025-02-24 22:02:51 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
if($user_page == $user['username']) {
|
|
|
|
|
echo htmlspecialchars($user['username']);
|
|
|
|
|
}
|
|
|
|
|
?>
|
|
|
|
|
|
2025-02-12 20:13:29 +01:00
|
|
|
</div>
|
|
|
|
|
<div class="posts-body">
|
|
|
|
|
<?php
|
|
|
|
|
if($page == 'posts'){
|
|
|
|
|
echo "<h1>Posts</h1>
|
|
|
|
|
<button>Post</button>
|
|
|
|
|
";
|
|
|
|
|
}elseif($page == 'about'){
|
|
|
|
|
echo "<h1>Über mich</h1>";
|
|
|
|
|
}elseif($page == 'settings'){
|
|
|
|
|
echo "
|
|
|
|
|
<h1>Einstellungen</h1>
|
|
|
|
|
<h3>Profilbild änderen</h3>
|
|
|
|
|
<form action='upload-profile/upload.php' method='post' enctype='multipart/form-data'>
|
|
|
|
|
<input type='file' name='profile_picture' accept='image/*' required>
|
|
|
|
|
<br>
|
|
|
|
|
<button type='submit'>Profilbild hochladen</button>
|
|
|
|
|
</form>
|
|
|
|
|
<h3>Profilbild löschen</h3>
|
|
|
|
|
<form action='upload-profile/delete-pb.php'>
|
|
|
|
|
<button type='submit'>Profilbild löschen</button>
|
2025-02-24 22:02:51 +01:00
|
|
|
</form>
|
|
|
|
|
|
|
|
|
|
<h3>Profilbild änderm</h3>
|
|
|
|
|
<form action='change-username.php' method='post'>
|
|
|
|
|
<input type='text' required placeholder='Benutzername' name='username'>
|
|
|
|
|
<button type='submit'>Ändern</button>
|
|
|
|
|
</form>
|
|
|
|
|
|
|
|
|
|
<h3>Profilbild änderm</h3>
|
|
|
|
|
<form action='delete-user.php' method='post'>
|
|
|
|
|
<button type='submit'>Profil löschen</button>
|
|
|
|
|
</form>
|
|
|
|
|
|
|
|
|
|
";
|
2025-02-12 20:13:29 +01:00
|
|
|
echo $profile_image;
|
|
|
|
|
}
|
|
|
|
|
?>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="post-formular-body">
|
|
|
|
|
<?php
|
|
|
|
|
if($page == 'posts'){
|
2025-02-24 22:02:51 +01:00
|
|
|
echo "
|
2025-02-12 20:13:29 +01:00
|
|
|
<form action='upload-post/upload-post.php' method='post' enctype='multipart/form-data'>
|
|
|
|
|
<textarea name='text_content' required placeholder='Schreibe etwas...'></textarea>
|
|
|
|
|
<input type='file' name='image'>
|
|
|
|
|
<button type='submit'>Posten</button>
|
|
|
|
|
</form>
|
|
|
|
|
";
|
|
|
|
|
$stmt45 = $pdo->prepare("
|
|
|
|
|
SELECT posts.*, profile_pictures.file_path AS profile_picture, users.username
|
|
|
|
|
FROM posts
|
|
|
|
|
LEFT JOIN profile_pictures ON posts.user_id = profile_pictures.user_id
|
|
|
|
|
LEFT JOIN users ON posts.user_id = users.id
|
|
|
|
|
ORDER BY posts.created_at DESC
|
|
|
|
|
");
|
2025-02-24 22:02:51 +01:00
|
|
|
$stmt45->execute();
|
2025-02-12 20:13:29 +01:00
|
|
|
$posts = $stmt45->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
|
}
|
|
|
|
|
?>
|
|
|
|
|
</div>
|
|
|
|
|
<?php foreach ($posts as $post): ?>
|
|
|
|
|
<div class="post">
|
|
|
|
|
<img src="<?= htmlspecialchars($post['profile_picture']) ?: 'profile-pics/default.jpeg'; ?>" width="50px" alt="">
|
2025-02-24 22:02:51 +01:00
|
|
|
<p><strong><?php echo $post['username']; ?></strong></p>
|
2025-02-12 20:13:29 +01:00
|
|
|
<p><?php echo nl2br(htmlspecialchars($post['text_content'])); ?></p>
|
|
|
|
|
|
|
|
|
|
<?php if (!empty($post['image_path'])): ?>
|
|
|
|
|
<img class="post-pics" src="<?php echo htmlspecialchars($post['image_path']); ?>" alt="Bild zum Post">
|
|
|
|
|
<?php endif; ?>
|
|
|
|
|
|
|
|
|
|
<p><small>Erstellt am: <?php echo $post['created_at']; ?></small></p>
|
2025-02-24 22:15:30 +01:00
|
|
|
|
|
|
|
|
<?php if ($userId == $post['user_id']): ?>
|
2025-02-12 20:13:29 +01:00
|
|
|
<form action="upload-post/delete-post.php" method="post">
|
2025-02-24 22:15:30 +01:00
|
|
|
<input type="hidden" name="post_id" value="<?= htmlspecialchars($post['id']) ?>">
|
|
|
|
|
<button type="submit">Löschen</button>
|
2025-02-12 20:13:29 +01:00
|
|
|
</form>
|
2025-02-24 22:15:30 +01:00
|
|
|
<?php endif; ?>
|
2025-02-12 20:13:29 +01:00
|
|
|
|
|
|
|
|
</div>
|
|
|
|
|
<?php endforeach; ?>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
</body>
|
|
|
|
|
</html>
|
