OXIESEC PANEL

Name	Size	Modified	Perms
📁 ..	-	11/28/2024 11:03:35 AM	rwxrwxr-x
📄 b_functions.php	5.23 KB	07/08/2024 07:45:48 AM	rw-r--r--
📄 functions.php	5.95 KB	07/10/2024 09:10:23 AM	rw-r--r--
📄 save_conversations.php	600 bytes	07/08/2024 07:45:49 AM	rw-r--r--

Editing: functions.php

<?php

function sendMessage($conn, $article_id, $user_id, $message, $posted_on)
{

$sql = "INSERT INTO comments(article_id, user_id , comment, posted_on) VALUES ('$article_id', '$user_id', '$message', '$posted_on')";
    if ($conn->query($sql) === TRUE) {
        echo "Review given successfully";
    } else {
        echo "Error: " . $sql . "<br>" . $conn->error;
    }
}

function noOfComments($conn, $article_id)
{
    $count='';
    $sql = "SELECT COUNT(*) AS count FROM comments WHERE article_id = ?";
    $stmt = $conn->prepare($sql);

if ($stmt === false) {
        throw new Exception("Failed to prepare statement: " . $conn->error);
    }

// Bind parameters (integer type for article_id)
    $stmt->bind_param('i', $article_id);

// Execute query
    $stmt->execute();

// Bind result variables
    $stmt->bind_result($count);

// Fetch result
    $stmt->fetch();

// Close statement
    $stmt->close();

return $count;
}

// Fetch article content from the database based on the article ID passed through GET parameter
function fetchArticle($db)
{
    $articleId = isset($_GET['article_id']) ? $_GET['article_id'] : null;
    if ($articleId) {
        $sql = "SELECT * FROM user_collection WHERE id = $articleId";
        $result = mysqli_query($db, $sql);
        if ($result && mysqli_num_rows($result) > 0) {
            $article = mysqli_fetch_assoc($result);
        } else {
            // Handle article not found
        }
    } else {
        // Handle missing article ID
    }

return $article;
}

function display_comments($chat)
{
    if (empty($chat)) {
?>
<div>
    Be the first one to comment..
</div><br>
        <?
    } else {
        // Sample messages array (could be fetched from database or API)                    
        foreach ($chat as $message) {
            $messageText = htmlspecialchars($message['message']);
            $time = htmlspecialchars($message['posted_on']);
            $user = htmlspecialchars($message['user_name']);

?>
            <div class='comment'>
                
                <div class='text'>
                    <? echo $messageText ?>
                </div>
                <div class='author' style="display: flex; gap:5px">
                    <div class="sendername">
                        <? echo $user ?>
                    </div>
                    <span class="datewithtime">
                        <? echo $time ?>
                    </span>
                </div>
            </div>
            
<?
        }
    }
}

function fetch_messages($conn, $articleId)
{
    $chat = [];
    $message_id = '';
    $article_id = '';
    $user_id = '';
    $user_name = '';
    $message = '';
    $posted_on = '';
    $edited_on = '';
    $deleted_on = '';

try {
        // SQL query with placeholders
        $sql = "SELECT c.comment_id, c.article_id, c.user_id, u.full_name, c.comment, c.posted_on, c.edited_on, c.deleted_on 
                FROM comments c JOIN user u ON c.user_id = u.id
                WHERE c.article_id = ?";

$stmt = $conn->prepare($sql);

if ($stmt === false) {
            throw new Exception("Failed to prepare statement: " . $conn->error);
        }

$stmt->bind_param('i', $articleId); // 'i' indicates the type of the parameter (integer)

// Execute query
        $stmt->execute();

// Bind result variables
        $stmt->bind_result($message_id, $article_id, $user_id, $user_name, $message, $posted_on, $edited_on, $deleted_on);

// Fetch data
        while ($stmt->fetch()) {
            $chat[] = [
                'message_id' => $message_id,
                'article_id' => $article_id,
                'user_id' => $user_id,
                'user_name' => $user_name,
                'message' => $message,
                'posted_on' => $posted_on,
                'edited_on' => $edited_on,
                'deleted_on' => $deleted_on
            ];
        }

// Close statement
        $stmt->close();
    } catch (mysqli_sql_exception $e) {
        echo "Error: " . $e->getMessage();
    } catch (Exception $e) {
        echo "Error: " . $e->getMessage();
    }

return $chat;
}

// function fetch_messages($conn, $articleId)
// {
//     $chat = [];
//     $message_id = '';
//     $article_id = '';
//     $user_name = '';
//     $message = '';
//     $posted_on = '';
//     $edited_on = '';
//     $deleted_on = '';

//     try {
//         // SQL query with placeholders
//         $sql = "SELECT message_id, article_id, user_name, message, posted_on, edited_on, deleted_on 
//                 FROM conversations 
//                 WHERE article_id = ?";

//         $stmt = $conn->prepare($sql);

//         if ($stmt === false) {
//             throw new Exception("Failed to prepare statement: " . $conn->error);
//         }

//         $stmt->bind_param('i', $articleId); // 'i' indicates the type of the parameter (integer)

//         // Execute query
//         $stmt->execute();

//         // Bind result variables
//         $stmt->bind_result($message_id, $article_id, $user_name, $message, $posted_on, $edited_on, $deleted_on);

//         // Fetch data
//         while ($stmt->fetch()) {
//             $chat[] = [
//                 'message_id' => $message_id,
//                 'article_id' => $article_id,
//                 'user_name' => $user_name,
//                 'message' => $message,
//                 'posted_on' => $posted_on,
//                 'edited_on' => $edited_on,
//                 'deleted_on' => $deleted_on
//             ];
//         }

//         // Close statement
//         $stmt->close();
//     } catch (mysqli_sql_exception $e) {
//         echo "Error: " . $e->getMessage();
//     } catch (Exception $e) {
//         echo "Error: " . $e->getMessage();
//     }

//     return $chat;
// }