From b134b8d8aaa193c6097f034e08fe8d54e51eabab Mon Sep 17 00:00:00 2001
From: h5p9sl <21267024+h5p9sl@users.noreply.github.com>
Date: Sun, 24 Jan 2021 10:52:26 -0700
Subject: Add basic user page

---
 header.php |  4 ++--
 thread.php |  6 +++---
 user.php   | 42 ++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 47 insertions(+), 5 deletions(-)
 create mode 100644 user.php
diff --git a/header.php b/header.php
index 6e13d14..675476b 100644
--- a/header.php
+++ b/header.php
@@ -19,10 +19,10 @@ session_start();
 		<div id="user">
 			<?php
 			if (isset($_SESSION['signed_in'])) {
-				echo 'Signed in as <b>' . $_SESSION['user_name'] . '</b>. <a href="includes/signout_inc.php">Log out</a>';
+				echo 'Signed in as <a href="user.php?id='. $_SESSION['user_id'] .'">' . $_SESSION['user_name'] . '</a> <a href="includes/signout_inc.php">Log out</a>';
 			} else {
 				echo '<a href="signin.php">Sign in</a> or <a href="register.php">Register an account</a>';
 			}
 			?>
 		</div>
-	</nav>
\ No newline at end of file
+	</nav>
diff --git a/thread.php b/thread.php
index 52ad8b3..ce39d2f 100644
--- a/thread.php
+++ b/thread.php
@@ -15,7 +15,7 @@ if (mysqli_num_rows($result) == 0) {
 } else {
 	while ($row = mysqli_fetch_assoc($result)) {
 		echo '<section><h1>' . $row['thread_subject'] . '</h1>';
-		echo 'Created by <b>' . $row['user_name'] . '</b> on ' . date('M d, Y', strtotime($row['thread_date'])) . '</section>';
+		echo 'Created by <a href="user.php?id='. $row['user_id'] .'">' . $row['user_name'] . '</a> on ' . date('M d, Y', strtotime($row['thread_date'])) . '</section>';
 		$thread_id = $row['thread_id'];
 	}
 }
@@ -36,7 +36,7 @@ if (mysqli_num_rows($result) == 0) {
 } else {
 	echo '<table>';
 	while ($row = mysqli_fetch_assoc($result)) {
-		echo '<tr class="post"><td class="right">Posted by <b>' . $row['user_name'] . '</b><br><small>' . date('m/d/Y g:ia', strtotime($row['post_date'])) . '</small></td>';
+		echo '<tr class="post"><td class="right">Posted by <a href="user.php?id='. $row['user_id'] .'">' . $row['user_name'] . '</a><br><small>' . date('m/d/Y g:ia', strtotime($row['post_date'])) . '</small></td>';
 		echo '<td class="left">' . $row['post_content'] . '</td></tr>';
 	}
 	echo '</table>';
@@ -64,4 +64,4 @@ if (isset($_SESSION['signed_in'])) {
 }
 
 include_once 'footer.php';
-?>
\ No newline at end of file
+?>
diff --git a/user.php b/user.php
new file mode 100644
index 0000000..d424c59
--- /dev/null
+++ b/user.php
@@ -0,0 +1,42 @@
+<?php
+include_once 'header.php';
+include_once 'includes/db_inc.php';
+?>
+
+<?php
+function nobody_is_here() {
+	echo 'Nobody\'s here! <a href=index.php>Go home.</a>';
+}
+
+if (!isset($_GET['id'])) {
+	nobody_is_here();
+} else {
+	// If this is the user's own page, show the 'options' bar
+	if ($_SESSION['user_id'] == $_GET['id']) {
+		echo '<nav><a href=change_passw.php>Change Password</a>';
+		echo '</nav>';
+	}
+	echo '<section>';
+
+	$sql = 'SELECT user_id, user_name, user_date FROM users WHERE user_id=?';
+	$stmt = mysqli_stmt_init($dbc);
+
+	if (!mysqli_stmt_prepare($stmt, $sql)) {
+		die('Could not create thread due to internal error: ' . mysqli_error($dbc));
+	}
+	mysqli_stmt_bind_param($stmt, 'i', $_GET['id']);
+	mysqli_stmt_execute($stmt);
+	$res = mysqli_stmt_get_result($stmt);
+	$user = mysqli_fetch_assoc($res);
+
+	if (!$user) {
+		nobody_is_here();
+	} else {
+		echo '<div><h1 style="font-weight:normal">User: <b>'. $user['user_name'] .'</b><sub style="font-size: small;">ID#'. $user['user_id'] .'</sub></h1></div>';
+		echo 'Registered since '. date('M d, Y', strtotime($user['user_date']));
+	}
+}
+?>
+</section>
+
+<?php include_once 'footer.php'; ?>
-- 
cgit v1.2.3


Posted by ' . $row['user_name'] . ' ' . date('m/d/Y g:ia', strtotime($row['post_date'])) . '
Posted by ' . $row['user_name'] . ' ' . date('m/d/Y g:ia', strtotime($row['post_date'])) . '	' . $row['post_content'] . '