<?php
global $pdo;
session_start();
$page = isset($_GET['page']) ? $_GET['page'] : 'posts';
$user_page = isset($_GET['user']) ? $_GET['user'] : 'posts';
if(!isset($_SESSION['user_id'])) {
header("Location: login/login-page.html");
}
include 'db_connect.php';
try {
$userId = $_SESSION['user_id'];
$stmt1 = $pdo->prepare("SELECT username, email, created_at FROM users WHERE id = :id");
$stmt1->execute([':id' => $userId]);
$user = $stmt1->fetch(PDO::FETCH_ASSOC);
$stmt2 = $pdo->prepare("SELECT file_path FROM profile_pictures WHERE user_id = :user_id");
$stmt2->execute([':user_id' => $userId]);
$profile_pic = $stmt2->fetch(PDO::FETCH_ASSOC);
$stmt3 = $pdo->prepare("
SELECT users.username, profile_pictures.file_path
FROM users
LEFT JOIN profile_pictures ON users.id = profile_pictures.user_id
ORDER BY profile_pictures.uploaded_at DESC
");
$stmt3->execute();
$users = $stmt3->fetchAll(PDO::FETCH_ASSOC);
if ($profile_pic) {
$profile_image = $profile_pic['file_path'];
} else {
$profile_image = 'profile-pics/default.jpeg';
}
if(!$user){
die("Benutzer nicht gefunden!");
}
}catch (PDOException $e){
die("Fehler: " . $e->getMessage());
}
?>
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<?php echo '<link rel="stylesheet" href="style.css?v='.time().'">'; ?>
<title>Profile</title>
</head>
<body>
<div class="container">
<div class="col-3">
<div class="navigation-body">
<h1>
<?php echo "<img class = 'profile-pictures' src='$profile_image' alt='pv' width='50'>";?>
<a href=""><?php echo htmlspecialchars($user['username']); ?></a>
</h1>
<ul>
<li><a href="">Home</a></li>
<li><a href="">Profil</a></li>
<li><a href="">Nachrichten</a></li>
<li><a href="">Benachrichtiungen</a></li>
</ul>
</div>
<div class="navigation-body">
<ul>
<?php foreach ($users as $benutzer): ?>
<li>
<form action="profile.php" method="post">
<img src="<?= htmlspecialchars($benutzer['file_path']) ?: 'profile-pics/default.jpeg' ?>" alt="Profilbild">
<a href="profile.php?user=<?= urlencode($benutzer['username']) ?>"><?= htmlspecialchars($benutzer['username']) ?></a>
</form>
</li>
<?php endforeach; ?>
</ul>
</div>
</div>
<div class="profile-body col-9">
<div class="profile-header">
<h1>Willkommen, <?php echo htmlspecialchars($user['username']); ?>!</h1>
<p>Email: <?php echo htmlspecialchars($user['email']); ?>!</p>
<p>Regestriert seit:, <?php echo htmlspecialchars($user['created_at']); ?>!</p>
<a href="logout.php">Abmelden</a>
<a href="?page=posts">Posts</a>
<a href="?page=about">Über mich</a>
<a href="?page=settings">Einstellungen</a>
<?php
if($user_page == $user['username']) {
echo htmlspecialchars($user['username']);
}
?>
</div>
<div class="posts-body">
<?php
if($page == 'posts'){
echo "<h1>Posts</h1>
<button>Post</button>
";
}elseif($page == 'about'){
echo "<h1>Über mich</h1>";
}elseif($page == 'settings'){
echo "
<h1>Einstellungen</h1>
<h3>Profilbild änderen</h3>
<form action='upload-profile/upload.php' method='post' enctype='multipart/form-data'>
<input type='file' name='profile_picture' accept='image/*' required>
<br>
<button type='submit'>Profilbild hochladen</button>
</form>
<h3>Profilbild löschen</h3>
<form action='upload-profile/delete-pb.php'>
<button type='submit'>Profilbild löschen</button>
</form>
<h3>Profilbild änderm</h3>
<form action='change-username.php' method='post'>
<input type='text' required placeholder='Benutzername' name='username'>
<button type='submit'>Ändern</button>
</form>
<h3>Profilbild änderm</h3>
<form action='delete-user.php' method='post'>
<button type='submit'>Profil löschen</button>
</form>
";
echo $profile_image;
}
?>
</div>
<div class="post-formular-body">
<?php
if($page == 'posts'){
echo "
<form action='upload-post/upload-post.php' method='post' enctype='multipart/form-data'>
<textarea name='text_content' required placeholder='Schreibe etwas...'></textarea>
<input type='file' name='image'>
<button type='submit'>Posten</button>
</form>
";
$stmt45 = $pdo->prepare("
SELECT posts.*, profile_pictures.file_path AS profile_picture, users.username
FROM posts
LEFT JOIN profile_pictures ON posts.user_id = profile_pictures.user_id
LEFT JOIN users ON posts.user_id = users.id
ORDER BY posts.created_at DESC
");
$stmt45->execute();
$posts = $stmt45->fetchAll(PDO::FETCH_ASSOC);
}
?>
</div>
<?php foreach ($posts as $post): ?>
<div class="post">
<img src="<?= htmlspecialchars($post['profile_picture']) ?: 'profile-pics/default.jpeg'; ?>" width="50px" alt="">
<p><strong><?php echo $post['username']; ?></strong></p>
<p><?php echo nl2br(htmlspecialchars($post['text_content'])); ?></p>
<?php if (!empty($post['image_path'])): ?>
<img class="post-pics" src="<?php echo htmlspecialchars($post['image_path']); ?>" alt="Bild zum Post">
<?php endif; ?>
<p><small>Erstellt am: <?php echo $post['created_at']; ?></small></p>
<?php if ($userId == $post['user_id']): ?>
<form action="upload-post/delete-post.php" method="post">
<input type="hidden" name="post_id" value="<?= htmlspecialchars($post['id']) ?>">
<button type="submit">Löschen</button>
</form>
<?php endif; ?>
</div>
<?php endforeach; ?>
</div>
</div>
</body>
</html>