Username/password is incorrect."; } } } // A function to register a new user function register () { if (isset($_REQUEST['username'])) { global $con; // removes backslashes $username = stripslashes($_REQUEST['username']); //escapes special characters in a string $username = mysqli_real_escape_string($con,$username); $email = stripslashes($_REQUEST['email']); $email = mysqli_real_escape_string($con,$email); $password = stripslashes($_REQUEST['password']); $password = mysqli_real_escape_string($con,$password); $query = "INSERT into users (userLogin, userPass, userEmail) VALUES ('$username', '$password', '$email')"; $result = mysqli_query($con,$query); // checks if the username or email addresse is already taken if ($result) { echo "

You are registered successfully.

Click here to Login

"; } elseif (mysqli_errno($con) == 1062) { echo "

Username or Email already taken.

"; } } } //A function to read out the userId of the current user function get_userid ($con) { global $con; session_start(); $username = $_SESSION['username']; $sql = "select userId from users where userLogin = '$username'"; $userId = mysqli_query($con, $sql) or die(mysqli_error($con)); $row = $userId->fetch_object(); return $row->userId; } // A function to post a demand function post_demand ($con) { if (isset($_POST['submit'])) { global $con; $userId = get_userid($con); $piecesMax = $_POST['piecesMax']; $piecesMin = $_POST['piecesMin']; $qualityId = $_POST['quality']; $title = $_POST['title']; $text = $_POST['text']; // Inserts Data into Database $sql = "INSERT INTO demands (piecesMax, piecesMin, demandText, demandTitle, userId, qualityId) VALUES ('$piecesMax', '$piecesMin', '$text', '$title', '$userId', '$qualityId')"; $result = mysqli_query($con, $sql) or die(mysqli_error($con)); } } // A function to insert the own posts from the database into the website function get_demand_titles ($con) { global $con; $sql = "SELECT * FROM demands"; $result = mysqli_query($con, $sql); while ($row = $result->fetch_assoc()) { echo "

"; echo "" . $row['demandTitle'] . "" . "
"; echo $row['date'] . "
"; echo "

"; } } // A function to edit a demand function edit_demand ($con) { if (isset($_POST['edit'])) { global $con; $demandId = $_POST['demandId']; $piecesMax = $_POST['piecesMax']; $piecesMin = $_POST['piecesMin']; $title = $_POST['title']; $text = $_POST['text']; // Inserts Updates Database $sql = "UPDATE demands SET piecesMax='$piecesMax', piecesMin='$piecesMin', demandTitle='$title', demandText='$text' WHERE demandId='$demandId'"; $result = mysqli_query($con, $sql) or die(mysqli_error($con)); header("Location: board.php"); } } // A function to delete a post function delete_demand($con) { if (isset($_POST['deletepost'])) { global $con; $demandId = $_POST['demandId']; // Delete Post from Database $sql = "DELETE FROM demands WHERE demandId='$demandId'"; $result = mysqli_query($con, $sql) or die(mysqli_error($con)); header('Location: board.php'); } } ?>