diff options
author | msquare <msquare@notrademark.de> | 2017-11-28 15:43:51 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-11-28 15:43:51 +0100 |
commit | 599f2fd264bfc7b1b6826fe206442806e317340f (patch) | |
tree | 50cf84d7d07d11bd65b45c2c17f37632f6cd8eff /includes/pages/user_questions.php | |
parent | a5fc5bd0979e8de1fce8a8addd351a6e7bd6aeb8 (diff) | |
parent | eda7f7788ea8012bd8be46405c56a666c11f3fa5 (diff) |
Merge pull request #365 from engelsystem/feature-igel-rewrite
Feature igel rewrite
Diffstat (limited to 'includes/pages/user_questions.php')
-rw-r--r-- | includes/pages/user_questions.php | 129 |
1 files changed, 80 insertions, 49 deletions
diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php index 4abceb92..41fbe64d 100644 --- a/includes/pages/user_questions.php +++ b/includes/pages/user_questions.php @@ -1,57 +1,88 @@ <?php -function questions_title() { - return _("Ask the Heaven"); +use Engelsystem\Database\DB; + +/** + * @return string + */ +function questions_title() +{ + return _('Ask the Heaven'); } -function user_questions() { - global $user; - - if (! isset($_REQUEST['action'])) { - $open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'"); - - $answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'"); - foreach ($answered_questions as &$question) { - $answer_user_source = User($question['AID']); - $question['answer_user'] = User_Nick_render($answer_user_source); - } - - return Questions_view($open_questions, $answered_questions, page_link_to("user_questions") . '&action=ask'); - } else { - switch ($_REQUEST['action']) { - case 'ask': - $question = strip_request_item_nl('question'); - if ($question != "") { - $result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'"); - if ($result === false) { - engelsystem_error(_("Unable to save question.")); - } - success(_("You question was saved.")); - redirect(page_link_to("user_questions")); - } else { - return page_with_title(questions_title(), [ - error(_("Please enter a question!"), true) - ]); - } - break; - case 'delete': - if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $question_id = $_REQUEST['id']; - } else { - return error(_("Incomplete call, missing Question ID."), true); +/** + * @return string + */ +function user_questions() +{ + global $user; + $request = request(); + + if (!$request->has('action')) { + $open_questions = DB::select( + 'SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`=?', + [$user['UID']] + ); + + $answered_questions = DB::select( + 'SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`=?', + [$user['UID']] + ); + foreach ($answered_questions as &$question) { + $answer_user_source = User($question['AID']); + $question['answer_user'] = User_Nick_render($answer_user_source); } - - $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); - if (count($question) > 0 && $question[0]['UID'] == $user['UID']) { - sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); - redirect(page_link_to("user_questions")); - } else { - return page_with_title(questions_title(), [ - error(_("No question found."), true) - ]); + + return Questions_view( + $open_questions, + $answered_questions, + page_link_to('user_questions', ['action' => 'ask']) + ); + } else { + switch ($request->input('action')) { + case 'ask': + $question = strip_request_item_nl('question'); + if ($question != '') { + DB::insert(' + INSERT INTO `Questions` (`UID`, `Question`) + VALUES (?, ?) + ', + [$user['UID'], $question] + ); + + success(_('You question was saved.')); + redirect(page_link_to('user_questions')); + } else { + return page_with_title(questions_title(), [ + error(_('Please enter a question!'), true) + ]); + } + break; + case 'delete': + if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) { + $question_id = $request->input('id'); + } else { + return error(_('Incomplete call, missing Question ID.'), true); + } + + $question = DB::selectOne( + 'SELECT `UID` FROM `Questions` WHERE `QID`=? LIMIT 1', + [$question_id] + ); + if (!empty($question) && $question['UID'] == $user['UID']) { + DB::delete( + 'DELETE FROM `Questions` WHERE `QID`=? LIMIT 1', + [$question_id] + ); + redirect(page_link_to('user_questions')); + } else { + return page_with_title(questions_title(), [ + error(_('No question found.'), true) + ]); + } + break; } - break; } - } + + return ''; } -?>
\ No newline at end of file |