From e0224f867bfab5ac8d2b9ed30f78d9b7c9083875 Mon Sep 17 00:00:00 2001
From: nilsding <nilsding@nilsding.org>
Date: Mon, 18 Aug 2014 15:55:54 +0200
Subject: [PATCH] added basic functionality

---
 index.php         | 44 ++++++++++++++++++++++++++++++++++++++++++++
 views/index.html  | 33 ++++++++++++++++++---------------
 views/navbar.html |  2 +-
 3 files changed, 63 insertions(+), 16 deletions(-)

diff --git a/index.php b/index.php
index c59255c..8083457 100644
--- a/index.php
+++ b/index.php
@@ -20,4 +20,48 @@
 
 include_once 'config.php';
 
+function check_word($word) {
+  if (!isset($_POST[$word])) {
+    return false;
+  }
+  $final = trim($_POST[$word]);
+  if (strlen($final) == 0) {
+    return false;
+  }
+  if (strpos($final, ' ') === false) {
+    return htmlspecialchars($final);
+  } else {
+    return false;
+  }
+}
+
+if (isset($_POST['words'])) {
+  // generic check whether all words were entered
+  $word1 = check_word("word1");
+  $word2 = check_word("word2");
+  $word3 = check_word("word3");
+  if ($word1 === false || $word2 === false || $word3 === false) {
+    $_SESSION['flash'] = "Not all words entered are valid.";
+    header("Location: index.php");
+    exit();
+  }
+  
+  $author = htmlspecialchars(trim($_POST['author']));
+  if (strlen($author) == 0) {
+    $author = "Anonymous";
+  }
+  
+  $sql_str = "INSERT INTO `words` (`word1`, `word2`, `word3`, `author`, `new`) VALUES ('" . $sql->real_escape_string($word1) . "', '" . $sql->real_escape_string($word2) . "', '" . $sql->real_escape_string($word3) . "', '" . $sql->real_escape_string($author) . "', 1);";
+  
+  if (!$sql->query($sql_str)) {
+    $_SESSION['flash'] = "An error occurred: " . $sql->error;
+    header("Location: index.php");
+    exit();
+  }
+  
+  $_SESSION['flash'] = "Thank you!";
+  header("Location: index.php");
+  exit();
+}
+
 $tpl->draw("index");
\ No newline at end of file
diff --git a/views/index.html b/views/index.html
index acca937..8c0af35 100644
--- a/views/index.html
+++ b/views/index.html
@@ -5,22 +5,25 @@
 <div class="alert alert-info">{$message}</div>
 {/if}
 <h1 class="text-center">{$site_name}!</h1>
-<p class="text-center">Want to tell them who you are? <input id="author" type="text" class="input-xs" placeholder="Anonymous"></p>
-<div class="row">
-  <div class="col-md-4 rowm">
-    <input id="word1" type="text" class="form-control" placeholder="First Word">
+<form method="POST">
+  <p class="text-center">Want to tell them who you are? <input name="author" type="text" class="input-xs" placeholder="Anonymous"></p>
+  <div class="row">
+    <div class="col-md-4 rowm">
+      <input name="word1" type="text" class="form-control" placeholder="First Word">
+    </div>
+    <div class="col-md-4 rowm">
+      <input name="word2" type="text" class="form-control" placeholder="Second Word">
+    </div>
+    <div class="col-md-4 rowm">
+      <input name="word3" type="text" class="form-control" placeholder="Third Word">
+    </div>
   </div>
-  <div class="col-md-4 rowm">
-    <input id="word2" type="text" class="form-control" placeholder="Second Word">
+  <div class="row">
+    <div class="col-md-4 col-md-offset-4">
+      <button type="submit" class="btn btn-primary btn-block btn-lg">Submit</button>
+    </div>
   </div>
-  <div class="col-md-4 rowm">
-    <input id="word3" type="text" class="form-control" placeholder="Third Word">
-  </div>
-</div>
-<div class="row">
-  <div class="col-md-4 col-md-offset-4">
-    <button type="submit" class="btn btn-primary btn-block btn-lg">Submit</button>
-  </div>
-</div>
+  <input type="hidden" name="words">
+</form>
 </div>
 {include="footer"}
\ No newline at end of file
diff --git a/views/navbar.html b/views/navbar.html
index 1d630e5..d3f234a 100644
--- a/views/navbar.html
+++ b/views/navbar.html
@@ -18,7 +18,7 @@
           <li class="dropdown">
           <a href="#" class="dropdown-toggle" data-toggle="dropdown">{$user_name}<b class="caret"></b></a>
           <ul class="dropdown-menu">
-          <li><a href="ucp.php">Inbox{if="$new_words_count > 0"} ({$new_words_count}){/if}</a></li>
+          <li><a href="ucp.php">Inbox{if="$inbox_count > 0"} ({$inbox_count}){/if}</a></li>
           <li><a href="ucp.php?page=settings">Settings</a></li>
           <li class="divider"></li>
           <li><a href="ucp.php?page=logout">Logout</a></li>