threadr.lostcave.ddnss.de/threadr/profile/index.php

51 lines
1.4 KiB
PHP
Raw Normal View History

<?php
session_start();
%SET_LOGIN_VARIABLE%
2020-03-02 14:14:54 +01:00
%PLEAZE_NO_CACHE%
%NO_CHEAP_SESSION_STEALING%
2020-03-08 16:19:27 +01:00
%REQUIRE_LOGIN%
$pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
$statement = $pdo->prepare('SELECT name FROM users WHERE id = :user_id;'); // to be replaced with optional user name off the user data table
$result = $statement->execute(array('user_id' => $_SESSION['user_id']));
$dbentry = $statement->fetch();
$username = $dbentry['name'];
$navbar = "profile";
?>
<html>
<head>
<title>ThreadR - Profile</title>
2020-03-05 04:56:06 +01:00
%STYLESHEET%
<link rel="icon" type="image/png" href="%CONTENT_DIR%/img/favicon-32x32.png" sizes="32x32" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
%NAVBAR%
<div class="container">
<div class="item-1">
<center><h1>ThreadR</h1></center>
</div>
2020-03-08 04:10:58 +01:00
<div class="item-2">
<?php
if(isset($_GET['action'])) {
if($_GET['action']=='edit') {
include("./edit.php");
}
} else {
include("./default.php");
}
?>
2020-03-08 04:10:58 +01:00
<section>
<center><h1><?php echo " $username "; ?> </h1></center>
<form action="%CONTENT_DIR%/profile/" method="post">
</form>
<a href="%CONTENT_DIR%/profile/edit.php">
<button>Edit Profile</button>
</a>
</section>
</div>
</div>
</html>