upd: moved all /public/ files to the root folder

author: ilotterytea <iltsu@alright.party> 2025-12-08 21:53:36 +0500
committer: ilotterytea <iltsu@alright.party> 2025-12-08 21:53:36 +0500
commit: 57472eab3c7b035392c6a5aa240593ecaa7d1ccf (patch)
tree: 9da30829290f225be2dab3d383549cbfda82ed19 /account/change_emoteset.php
parent: 6541d0f3888862ab049055fd418b700f73eed367 (diff)
1 files changed, 36 insertions, 0 deletions
diff --git a/account/change_emoteset.php b/account/change_emoteset.php
new file mode 100644
index 0000000..c2fc209
--- /dev/null
+++ b/account/change_emoteset.php
@@ -0,0 +1,36 @@
+<?php
+include_once "../../src/config.php";
+include_once "../../src/alert.php";
+include_once "../../src/accounts.php";
+
+if (!authorize_user(true)) {
+    generate_alert("/404.php", "Unauthorized", 401);
+    exit;
+}
+
+if ($_SERVER["REQUEST_METHOD"] != "POST") {
+    generate_alert("/404.php", "Method not allowed", 405);
+    exit;
+}
+
+if (!isset($_POST["id"])) {
+    generate_alert("/404.php", "Emote set ID is not provided");
+    exit;
+}
+
+$emote_set_id = $_POST["id"];
+$user_id = $_SESSION["user_id"];
+
+$db = new PDO(DB_URL, DB_USER, DB_PASS);
+
+$stmt = $db->prepare("SELECT id FROM acquired_emote_sets WHERE emote_set_id = ? AND user_id = ?");
+$stmt->execute([$emote_set_id, $user_id]);
+
+if ($stmt->rowCount() == 0) {
+    generate_alert("/404.php", "You don't own emote set ID $emote_set_id", 403);
+    exit;
+}
+
+$_SESSION["user_active_emote_set_id"] = $emote_set_id;
+
+header("Location: " . $_POST["redirect"] ?? "/");
+\ No newline at end of file
author	ilotterytea <iltsu@alright.party>	2025-12-08 21:53:36 +0500
committer	ilotterytea <iltsu@alright.party>	2025-12-08 21:53:36 +0500
commit	57472eab3c7b035392c6a5aa240593ecaa7d1ccf (patch)
tree	9da30829290f225be2dab3d383549cbfda82ed19 /account/change_emoteset.php
parent	6541d0f3888862ab049055fd418b700f73eed367 (diff)