OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
cream
/
groupchat
/
backup
/
dump
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
05/19/2025 10:07:13 AM
rwxrwxr-x
📄
create_group.php
1006 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
📄
db_connect.php
580 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
📄
function.php
7.99 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
group.php
4.6 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
index.php
20.74 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
memberSearch.php
1.32 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
register.php
5.08 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
sendreview.php
626 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
📄
signin.php
5.52 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
signout.php
295 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
📄
test.php
2 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
validate.logged.php
580 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
Editing: function.php
Close
<?php include 'db_connect.php'; function display_messages($conn, $group_id) { $message = ''; $posted_on = ''; $user_name = ''; try { // SQL query with placeholders $sql = "SELECT m.message, m.posted_on, u.full_name FROM messages m JOIN user u ON m.user_id = u.id WHERE m.group_id = ? ;"; // $sql = "SELECT m.message, m.posted_on, mb.user_name FROM messages m JOIN members mb WHERE m.group_id = ? ;"; $stmt = $conn->prepare($sql); $stmt->bind_param('i', $group_id); // 'i' indicates the type of the parameter (integer) // Execute query $stmt->execute(); // Bind result variables $stmt->bind_result($message, $posted_on, $user_name); $chat = []; while ($stmt->fetch()) { $chat[] = [ 'message' => $message, 'time' => $posted_on, 'user_name' => $user_name ]; } // print_r("<pre>" . $chat . "</pre>"); // Close statement $stmt->close(); return $chat; } catch (mysqli_sql_exception $e) { echo "Error: " . $e->getMessage(); } } function display_groups($conn, $user_id) { $group_id = ''; $group_name = ''; try { // Prepare SQL query // $sql = "SELECT g.group_id, g.group_name FROM groups g INNER JOIN members mb ON g.group_id = mb.group_id WHERE mb.user_id = ?"; $sql = "SELECT g.group_id, g.group_name FROM groups g INNER JOIN group_members gm ON g.group_id = gm.group_id WHERE gm.user_id = ?"; $stmt = $conn->prepare($sql); $stmt -> bind_param('i',$user_id); // Execute query $stmt->execute(); // Bind result variables $stmt->bind_result($group_id, $group_name); // Fetch results into an associative array while ($stmt->fetch()) { $groups[] = [ 'group_id' => $group_id, 'group_name' => $group_name ]; } // Close statement $stmt->close(); return $groups; } catch (mysqli_sql_exception $e) { echo "Error: " . $e->getMessage(); } } function display_group_name($conn, $group_id) { $group_name = ''; try { // Prepare SQL query $sql = "SELECT group_name FROM groups WHERE group_id = ?"; $stmt = $conn->prepare($sql); if (!$stmt) { throw new Exception("Prepare failed: (" . $conn->errno . ") " . $conn->error); } // Bind parameters $stmt->bind_param('i', $group_id); // Execute query $stmt->execute(); // Bind result variables $stmt->bind_result($group_name); // Fetch value $stmt->fetch(); // Close statement $stmt->close(); // Return the group name return $group_name; } catch (Exception $e) { // Handle errors echo "Error: " . $e->getMessage(); return null; // or handle error as needed } } function create_group($conn, $group_name, $group_description, $owner_id, $group_membersId, $group_image) { $created_at = date('Y-m-d H:i:s'); try { // Prepare SQL statement with placeholders $sql = "INSERT INTO groups (group_name, group_description, created_at, owner_id, group_image) VALUES (?, ?, ?, ?, ?)"; $stmt = $conn->prepare($sql); // Bind parameters to statement $stmt->bind_param("sssis", $group_name, $group_description, $created_at, $owner_id, $group_image); // Execute statement $stmt->execute(); // Get the last inserted ID (group_id in this case) $group_id = strval($stmt->insert_id); // Close statement $stmt->close(); // echo $group_id . "<br>"; foreach ($group_membersId as $user_id) { add_members_to_the_group($conn, $user_id, $group_id); } // echo "Group created successfully. Group Name: " . htmlspecialchars($group_name); } catch (mysqli_sql_exception $e) { echo "Error: " . $e->getMessage(); } } function add_members_to_the_group($conn, $user_id, $group_id) { try { $joined_on = date('Y-m-d H:i:s'); // Prepare SQL statement with placeholders $sql = "INSERT INTO group_members (user_id, group_id, joined_on) VALUES (?, ?, ?)"; $stmt = $conn->prepare($sql); // Bind parameters to statement $stmt->bind_param("sss", $user_id, $group_id, $joined_on); // Execute statement $stmt->execute(); } catch (mysqli_sql_exception $e) { echo "Error: " . $e->getMessage(); } } // function displayTestMessage($conn) // { // $sql = "SELECT g.group_name, m.message_id, m.message, mb.user_id FROM messages m INNER JOIN groups g ON m.group_id = g.group_id INNER JOIN members mb ON m.group_id = mb.group_id ORDER BY g.group_name, m.posted_on; "; // $result = $conn->query($sql); // if ($result === false) { // echo "Error: " . $conn->error; // } else { // // Check if any rows were returned // if ($result->num_rows > 0) { // // Fetch associative array of results // $messages = []; // while ($row = $result->fetch_assoc()) { // $messages[] = $row; // } // // Output the messages (for demonstration) // echo "<pre>"; // print_r($messages); // echo "<?pre>"; // } // // else { // // echo "No messages found for group_id = 1"; // // } // } // } function find_user($conn, $user_id) { $user_name = ''; try { // Prepare SQL query $sql = "SELECT full_name FROM user WHERE id = ?"; $stmt = $conn->prepare($sql); // Bind parameters $stmt->bind_param("i", $user_id); // Assuming user_id is an integer (change "i" if it's a different type) // Execute query $stmt->execute(); // Bind result variables $stmt->bind_result($user_name); // Fetch the user_name $stmt->fetch(); // Close statement $stmt->close(); // Return the user_name return $user_name; } catch (mysqli_sql_exception $e) { // Handle any exceptions or errors echo "Error: " . $e->getMessage(); // You may choose to log the error or handle it in another way return ''; // Return empty string or handle as appropriate in your application } } function convertStringToArray($input) { // Trim any leading/trailing whitespace $input = trim($input); // Check if the input contains a comma if (strpos($input, ',') !== false) { // If it contains a comma, split the string into an array $array = explode(',', $input); // Trim whitespace from each element in the array $array = array_map('trim', $array); } else { // If there is no comma, treat the input as a single number $array = [$input]; } return $array; } function display_all_members($conn) { $user_id = ''; $user_name = ''; $email = ''; try { $sql = "SELECT id, full_name, email FROM user"; $stmt = $conn->prepare($sql); // Execute query $stmt->execute(); // Bind result variables $stmt->bind_result($user_id, $user_name, $email); // Fetch results into an associative array while ($stmt->fetch()) { $data[] = [ 'user_id' => $user_id, 'user_name' => $user_name, 'user_email' => $email ]; } // Close statement $stmt->close(); // print_r($data); return $data; } catch (mysqli_sql_exception $e) { echo "Error: " . $e->getMessage(); } }