feat: change emotesets

author: ilotterytea <iltsu@alright.party> 2025-05-15 17:34:19 +0500
committer: ilotterytea <iltsu@alright.party> 2025-05-15 17:34:19 +0500
commit: a241d3983d1cb79d455053a1f41cae0366fcaa71 (patch)
tree: bf93fe0826f66dea6be9240873430f83a7ced6d6 /public/account
parent: 84e052a64a5ac8172095b993e2d0855e2ce69897 (diff)
1 files changed, 36 insertions, 0 deletions
diff --git a/public/account/change_emoteset.php b/public/account/change_emoteset.php
new file mode 100644
index 0000000..c2fc209
--- /dev/null
+++ b/public/account/change_emoteset.php
@@ -0,0 +1,36 @@
+<?php
+include_once "../../src/config.php";
+include_once "../../src/alert.php";
+include_once "../../src/accounts.php";
+
+if (!authorize_user(true)) {
+    generate_alert("/404.php", "Unauthorized", 401);
+    exit;
+}
+
+if ($_SERVER["REQUEST_METHOD"] != "POST") {
+    generate_alert("/404.php", "Method not allowed", 405);
+    exit;
+}
+
+if (!isset($_POST["id"])) {
+    generate_alert("/404.php", "Emote set ID is not provided");
+    exit;
+}
+
+$emote_set_id = $_POST["id"];
+$user_id = $_SESSION["user_id"];
+
+$db = new PDO(DB_URL, DB_USER, DB_PASS);
+
+$stmt = $db->prepare("SELECT id FROM acquired_emote_sets WHERE emote_set_id = ? AND user_id = ?");
+$stmt->execute([$emote_set_id, $user_id]);
+
+if ($stmt->rowCount() == 0) {
+    generate_alert("/404.php", "You don't own emote set ID $emote_set_id", 403);
+    exit;
+}
+
+$_SESSION["user_active_emote_set_id"] = $emote_set_id;
+
+header("Location: " . $_POST["redirect"] ?? "/");
+\ No newline at end of file
author	ilotterytea <iltsu@alright.party>	2025-05-15 17:34:19 +0500
committer	ilotterytea <iltsu@alright.party>	2025-05-15 17:34:19 +0500
commit	a241d3983d1cb79d455053a1f41cae0366fcaa71 (patch)
tree	bf93fe0826f66dea6be9240873430f83a7ced6d6 /public/account
parent	84e052a64a5ac8172095b993e2d0855e2ce69897 (diff)