forked from natyz/cs4640project
-
Notifications
You must be signed in to change notification settings - Fork 0
/
addnote.php
155 lines (136 loc) · 5.17 KB
/
addnote.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
<!-- AUTHORS: WAN LI AND NATALIE ZHANG -->
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="author" content="Wan & Natalie">
<meta http-equiv="X-UA-Compatible" content="IE=edge"> <!-- required to handle IE -->
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
<!-- ICON -->
<link rel="shortcut icon" href="https://media2.giphy.com/media/n9wqJ8gTR9lQnXTvf3/giphy_s.gif" type="image/ico" />
<!-- EXTERNAL CSS -->
<link rel="stylesheet" href="./styles/addnote.css">
</head>
<?php session_start(); // make sessions available
?>
<?php include "./navbar.php"; ?>
<?php
if (isset($_SESSION['user'])) {
?>
<body>
<!--NOTE WHERE USER CAN CREATE PERSONALIZED NOTE-->
<div class="note">
<h1>New Note...</h1>
<section id="bignote">
<form action="<?php $_SERVER['PHP_SELF'] ?>" method="get">
<h3>From: <?php echo $_COOKIE['user'] ?> <br /></h3><br />
<h3>Friend's account email: <br /></h3>
<input type="text" id="receiver" name="receiver">
<br /><br />
<!-- WILL AUTOMATICALLY ADD THE DATE WITH THE ANONYMOUS FUNCTION -->
<h3>Date: </h3>
<input type="text" id="date" name="date">
<br /><br />
<h3>URL image for the note: </h3>
<input type="text" id="pic" name="pic">
<br /><br />
<!-- ALLOWS THE USER TO WRITE THE NOTE -->
<h3>Description </h3> <br />
<textarea id="note" name="message" rows="10" cols="50" class="form-control" placeholder="Hi! How are you doing?"></textarea>
<!--ROW OF BUTTONS THAT FORMAT TEXT IN TEXTAREA -->
<div class="row-fluid">
<div class="span4 text-left">
<button class="notebtn" onclick="boldText()"><b>B</b></button>
<button class="notebtn" onclick="italicText()"><i>I</i></button>
<button class="notebtn" onclick="underlineText()"><u>U</u></button>
</div>
<!-- ALLOWS THE USER TO SAVE OR DELETE THE NOTE -->
<div class="span4 text-right">
<input type="submit" name="btnaction" value="SAVE">
<button onclick="deleteNote()">DELETE</button>
</div>
</div>
<br /><br />
</form>
</section>
</div>
</body>
<?php
} else {
header('Location: login.php');
// Force login. If the user has not logged in, redirect to login page
}
?>
<!-- INCLUDE THE JAVASCRIPT FOR FORMATING THE TEXT IN THE TEXTAREA -->
<script src="note.js"></script>
<script>
// ANONYMOUS FUNCTIONS
// AUTOMATICALLY GETS THE CURRENT DATE
(function() {
n = new Date();
y = n.getFullYear();
m = n.getMonth() + 1;
d = n.getDate();
document.getElementById("date").innerHTML = y + "-" + m + "-" + d;
})();
// ALERTS THE USER THAT THE NOTE HAS BEEN DELETED AND REDIRECTS
let deleteNote = function() {
alert("Deleted");
location.href("mynotes.html");
}
// ALERTS THE USER THAT THE NOTE HAS BEEN SAVED AND REDIRECTS
let saveNote = function() {
alert("Saved");
location.href("mynotes.html");
}
</script>
<?php
require_once('./connect-db.php');
$con = new mysqli($hostname, $username, $password, $dbname);
// Check connection
if (mysqli_connect_errno()) {
echo ("Can't connect to MySQL Server. Error code: " .
mysqli_connect_error());
return null;
} ?>
<?php
if (isset($_GET['btnaction'])) {
try {
insertData();
} catch (Exception $e) // handle any type of exception
{
$error_message = $e->getMessage();
echo "<p>Error message: $error_message </p>";
}
}
?>
<?php
function insertData()
{
global $db;
if (isset($_GET['btnaction'])) {
$sender = $_COOKIE['user'];
$receiver = $_GET['receiver'];
$date = $_GET['date'];
$message = $_GET['message'];
$pic = $_GET['pic'];
$query = "INSERT INTO notes VALUES (:sender, :receiver, :dates, :messages, :pic)"; // prevents injection attacks
$statement = $db->prepare($query);
$statement->bindValue(':sender', $sender);
$statement->bindValue(':receiver', $receiver);
$statement->bindValue(':dates', $date);
$statement->bindValue(':messages', $message);
$statement->bindValue(':pic', $pic);
$statement->execute();
$statement->closeCursor();
echo "<script type='text/javascript'>";
echo "alert('Message Sent!'); window.location='sentmail.php'";
echo "</script>";
}
}
?>
</html>