<?php
session_start();
%SET_LOGIN_VARIABLE%
%PLEAZE_NO_CACHE%
%NO_CHEAP_SESSION_STEALING%
%REQUIRE_LOGIN%

$pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
$error = false;
$error_message = "";
if (!$error) {
  $statement = $pdo->prepare("SELECT name FROM users WHERE id=:uid"); // to be replaced with optional user name off the user data table
  $statement->execute(array("uid"=>$_SESSION[user_id]));
  $dbentry = $statement->fetch();
  $username = $dbentry[name];
}
if (!$result) {
  $error_message = "Error: SQL error.\n" . $statement->queryString . "\n" . $statement->errorInfo()[2];
}


$navbar = "profile";
?>

<html>
  <head>
    <title>ThreadR - Profile</title>
    %STYLESHEET%
    <link rel="icon" type="image/png" href="%CONTENT_DIR%/img/favicon-32x32.png" sizes="32x32" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
  </head>
  <body>
    %NAVBAR%
    <div class="container">
      <div class="item-1">
        <center><h1>ThreadR</h1></center>
      </div>
      <div class="item-2">
        <?php
        if(isset($_GET['action'])) {
          if($_GET['action']=='edit') {
            include("./edit.php");
          }
        } else {
          include("./default.php");
        }
        ?>
      </div>
    </div>
    %BANNER_COOKIES%
  </body>
</html>