diff options
Diffstat (limited to 'user.php')
| -rw-r--r-- | user.php | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/user.php b/user.php new file mode 100644 index 0000000..d424c59 --- /dev/null +++ b/user.php @@ -0,0 +1,42 @@ +<?php +include_once 'header.php'; +include_once 'includes/db_inc.php'; +?> + +<?php +function nobody_is_here() { + echo 'Nobody\'s here! <a href=index.php>Go home.</a>'; +} + +if (!isset($_GET['id'])) { + nobody_is_here(); +} else { + // If this is the user's own page, show the 'options' bar + if ($_SESSION['user_id'] == $_GET['id']) { + echo '<nav><a href=change_passw.php>Change Password</a>'; + echo '</nav>'; + } + echo '<section>'; + + $sql = 'SELECT user_id, user_name, user_date FROM users WHERE user_id=?'; + $stmt = mysqli_stmt_init($dbc); + + if (!mysqli_stmt_prepare($stmt, $sql)) { + die('Could not create thread due to internal error: ' . mysqli_error($dbc)); + } + mysqli_stmt_bind_param($stmt, 'i', $_GET['id']); + mysqli_stmt_execute($stmt); + $res = mysqli_stmt_get_result($stmt); + $user = mysqli_fetch_assoc($res); + + if (!$user) { + nobody_is_here(); + } else { + echo '<div><h1 style="font-weight:normal">User: <b>'. $user['user_name'] .'</b><sub style="font-size: small;">ID#'. $user['user_id'] .'</sub></h1></div>'; + echo 'Registered since '. date('M d, Y', strtotime($user['user_date'])); + } +} +?> +</section> + +<?php include_once 'footer.php'; ?> |