1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
<?php
include_once "../../src/config.php";
include "../../src/accounts.php";
include "../../src/alert.php";
if (!authorize_user(true)) {
return;
}
$db = new PDO(DB_URL, DB_USER, DB_PASS);
// checking emote
$emote_id = $_POST["id"];
$stmt = $db->prepare("SELECT id FROM emotes WHERE id = ?");
$stmt->execute([$emote_id]);
if ($stmt->rowCount() == 0) {
generate_alert("/emotes/$emote_id", "Emote not found", 404);
exit;
}
$user_id = $_SESSION["user_id"];
// obtaining or creating a emote set
$stmt = $db->prepare("SELECT emote_set_id FROM acquired_emote_sets WHERE user_id = ? AND is_default = true");
$stmt->execute([$user_id]);
$emote_set_id = null;
if ($row = $stmt->fetch()) {
$emote_set_id = $row["emote_set_id"];
// checking ownership
$stmt = $db->prepare("SELECT id FROM emote_sets WHERE id = ? AND owner_id = ?");
$stmt->execute([$emote_set_id, $user_id]);
if ($stmt->rowCount() == 0) {
$_SESSION["user_emote_set_id"] = "";
generate_alert("/emotes/$emote_id", "Bad ownership permissions on active emoteset", 403);
exit;
}
}
if ($emote_set_id == null) {
$stmt = $db->prepare("INSERT INTO emote_sets(owner_id, name) VALUES (?, ?)");
$stmt->execute([$user_id, $_SESSION["user_name"] . "'s emoteset"]);
$emote_set_id = $db->lastInsertId();
$stmt = $db->prepare("INSERT INTO acquired_emote_sets(user_id, emote_set_id, is_default) VALUES (?, ?, true)");
$stmt->execute([$user_id, $emote_set_id]);
}
$_SESSION["user_emote_set_id"] = $emote_set_id;
// inserting emote
$stmt = $db->prepare("SELECT id FROM emote_set_contents WHERE emote_set_id = ? AND emote_id = ?");
$stmt->execute([$emote_set_id, $emote_id]);
if ($stmt->rowCount() != 0) {
generate_alert("/emotes/$emote_id", "This emote has been already added!");
exit;
}
$stmt = $db->prepare("INSERT INTO emote_set_contents(emote_set_id, emote_id, added_by) VALUES (?, ?, ?)");
$stmt->execute([$emote_set_id, $emote_id, $user_id]);
$db = null;
generate_alert("/emotes/$emote_id", "Successfully added a new emote!", 200);
|
