diff options
| author | ilotterytea <iltsu@alright.party> | 2025-12-09 16:50:07 +0500 |
|---|---|---|
| committer | ilotterytea <iltsu@alright.party> | 2025-12-09 16:50:07 +0500 |
| commit | 8925a9526a1d3eac914030b3069713f56c37e55a (patch) | |
| tree | 2811f088ab13168658d8ac8ba9f15d01ffb49249 /emotesets/addeditor.php | |
| parent | 77c7d534f46392f62b56305ec8b71eecff3b9221 (diff) | |
feat: emoteset editors
Diffstat (limited to 'emotesets/addeditor.php')
| -rw-r--r-- | emotesets/addeditor.php | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/emotesets/addeditor.php b/emotesets/addeditor.php new file mode 100644 index 0000000..08d1e41 --- /dev/null +++ b/emotesets/addeditor.php @@ -0,0 +1,54 @@ +<?php +include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/config.php"; +include "{$_SERVER['DOCUMENT_ROOT']}/lib/accounts.php"; +include "{$_SERVER['DOCUMENT_ROOT']}/lib/alert.php"; +include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/utils.php"; + +if (!authorize_user(true)) { + return; +} + +if (isset($_SESSION["user_role"]) && !$_SESSION["user_role"]["permission_emoteset_own"]) { + generate_alert("/404.php", "Not enough permissions", 403); + exit; +} + +if (!isset($_POST["id"], $_POST["username"])) { + generate_alert("/emotesets/", "Not enough POST fields"); + exit; +} + +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); + +// checking emoteset +$emote_set_id = $_POST["id"]; +$stmt = $db->prepare("SELECT id FROM emote_sets WHERE id = ? AND owner_id = ?"); +$stmt->execute([$emote_set_id, $_SESSION['user_id']]); +if ($stmt->rowCount() == 0) { + generate_alert("/emotes", "Emoteset not found", 404); + exit; +} +$emote_set = $stmt->fetch(PDO::FETCH_ASSOC); + +// get user by username +$user_name = $_POST['username']; +$stmt = $db->prepare("SELECT id FROM users WHERE username = ?"); +$stmt->execute([$user_name]); +if ($stmt->rowCount() == 0) { + generate_alert("/404.php", "Username $user_name does not exist", 403); + exit; +} +$user_id = $stmt->fetch(PDO::FETCH_ASSOC)['id']; + +// checking if user has already acquired emote set +$stmt = $db->prepare("SELECT id FROM acquired_emote_sets WHERE user_id = ? AND emote_set_id = ?"); +$stmt->execute([$user_id, $emote_set_id]); +if ($stmt->rowCount() > 0) { + generate_alert("/404.php", "User $user_name has acquired this emoteset.", 409); + exit; +} + +$db->prepare('INSERT INTO acquired_emote_sets(user_id, emote_set_id) VALUES (?, ?)') + ->execute([$user_id, $emote_set_id]); + +generate_alert("/emotesets/?id=$emote_set_id", "This emoteset has been acquired by $user_name.", 200);
\ No newline at end of file |