engelsystem/includes/pages/user_questions.php

<?php

function questions_title() {
  return _("Ask the Heaven");
}

function user_questions() {
  global $user;
  
  if (! isset($_REQUEST['action'])) {
    $open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
    
    $answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
    foreach ($answered_questions as &$question) {
      $answer_user_source = User($question['AID']);
      $question['answer_user'] = User_Nick_render($answer_user_source);
    }
    
    return Questions_view($open_questions, $answered_questions, page_link_to("user_questions") . '&action=ask');
  } else {
    switch ($_REQUEST['action']) {
      case 'ask':
        $question = strip_request_item_nl('question');
        if ($question != "") {
          $result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'");
          if ($result === false) {
            engelsystem_error(_("Unable to save question."));
          }
          success(_("You question was saved."));
          redirect(page_link_to("user_questions"));
        } else {
          return page_with_title(questions_title(), [
              error(_("Please enter a question!"), true) 
          ]);
        }
        break;
      case 'delete':
        if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
          $question_id = $_REQUEST['id'];
        } else {
          return error(_("Incomplete call, missing Question ID."), true);
        }
        
        $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
        if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
          sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
          redirect(page_link_to("user_questions"));
        } else {
          return page_with_title(questions_title(), [
              error(_("No question found."), true) 
          ]);
        }
        break;
    }
  }
}
?>
user questions 14 years ago			`<?php`
prohibit inline control structures on pages 8 years ago
basic gettext integration 11 years ago			`function questions_title() {`
Change ask an Arch Angel, to Ask the Heaven because the Arch Angel only role is deprecated 8 years ago			`return _("Ask the Heaven");`
basic gettext integration 11 years ago			`}`

user questions 14 years ago			`function user_questions() {`
#48 keep symbols in text messages 13 years ago			`global $user;`
angel views in english complete 11 years ago
			`if (! isset($_REQUEST['action'])) {`
harden the sql queries 10 years ago			$open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
angel views in english complete 11 years ago
harden the sql queries 10 years ago			$answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
angel views in english complete 11 years ago			`foreach ($answered_questions as &$question) {`
mysql to mysqli and a lot of cleanup and mvc 11 years ago			`$answer_user_source = User($question['AID']);`
angel views in english complete 11 years ago			`$question['answer_user'] = User_Nick_render($answer_user_source);`
#48 keep symbols in text messages 13 years ago			`}`
angel views in english complete 11 years ago
			`return Questions_view($open_questions, $answered_questions, page_link_to("user_questions") . '&action=ask');`
#48 keep symbols in text messages 13 years ago			`} else {`
			`switch ($_REQUEST['action']) {`
angel views in english complete 11 years ago			`case 'ask':`
#48 keep symbols in text messages 13 years ago			`$question = strip_request_item_nl('question');`
			`if ($question != "") {`
harden the sql queries 10 years ago			$result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'");
prohibit inline control structures on pages 8 years ago			`if ($result === false) {`
add basic bootstrap theme 10 years ago			`engelsystem_error(_("Unable to save question."));`
prohibit inline control structures on pages 8 years ago			`}`
add basic bootstrap theme 10 years ago			`success(_("You question was saved."));`
replaced header with redirect function 12 years ago			`redirect(page_link_to("user_questions"));`
prohibit inline control structures on pages 8 years ago			`} else {`
			`return page_with_title(questions_title(), [`
add basic bootstrap theme 10 years ago			`error(_("Please enter a question!"), true)`
prohibit inline control structures on pages 8 years ago			`]);`
			`}`
#48 keep symbols in text messages 13 years ago			`break;`
angel views in english complete 11 years ago			`case 'delete':`
prohibit inline control structures on pages 8 years ago			`if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {`
make short variable names longer 8 years ago			`$question_id = $_REQUEST['id'];`
prohibit inline control structures on pages 8 years ago			`} else {`
angel views in english complete 11 years ago			`return error(_("Incomplete call, missing Question ID."), true);`
prohibit inline control structures on pages 8 years ago			`}`
angel views in english complete 11 years ago
make short variable names longer 8 years ago			$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
#48 keep symbols in text messages 13 years ago			`if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {`
make short variable names longer 8 years ago			sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
replaced header with redirect function 12 years ago			`redirect(page_link_to("user_questions"));`
prohibit inline control structures on pages 8 years ago			`} else {`
			`return page_with_title(questions_title(), [`
add basic bootstrap theme 10 years ago			`error(_("No question found."), true)`
prohibit inline control structures on pages 8 years ago			`]);`
			`}`
#48 keep symbols in text messages 13 years ago			`break;`
			`}`
			`}`
user questions 14 years ago			`}`
			`?>`