~skye/poker/act/admin.php
view raw
<?php
require '../com.php';
require '../src/db.php';
try {
form_has_get([
"id" => [1, 64]
]);
} catch (Exception $e) {
exit(page_err(
"invalid form parameters: " . $e->getMessage()
));
}
$id = (integer)$_GET["id"];
$db = new Database("../run/poker.db");
$me = whoami($db);
$u = null;
try {
$u = $db->get_user_by_id($id);
} catch (Exception $e) {
exit(page_err(
"error getting user: " . $e->getMessage()
));
}
if (!!$me && $me->id == $u->id) {
$i = null;
try {
$i = $db->get_info($u->id);
} catch (Exception $e) {
exit(page_err(
"error getting info" . $e->getMessage()
));
}
$a = htmlspecialchars($i->about);
echo page(
"admin panel :: {$u->name}",
<<<HTML
<h1>
admin panel for
<a href="/act/user.php?u={$u->name}">
{$u->name}
</a>
</h1>
<hr>
<h3>about you</h3>
<form action="/act/about.php" method="post">
<table>
<tr>
<td>about</td>
<td><textarea
name="about"
>$a</textarea></td>
</tr>
</table>
<input type="submit" value="submit">
</form>
HTML
);
} else {
exit(page_err(
"permission denied."
));
}
?>