directory cleanup

backend/add.php

@@ -0,0 +1,56 @@
+<?php
+session_start();
+
+if (!isset($_SESSION["username"])) {
+  header("Location: /"); // Redirect to the login page if not logged in
+  exit;
+}
+
+$username = $_SESSION["username"];
+
+$env = parse_ini_file("../config/.env");
+
+// Connect to db
+$conn = new mysqli($env["HOST"], $env["DBUSER"], $env["DBPASS"], $env["TABLE"]);
+
+if ($conn->connect_error) {
+  die("Connection failed: " . $conn->connect_error);
+}
+
+$user_id = $conn->query("SELECT * FROM users WHERE username = '$username'")->fetch_assoc()["id"];
+
+require_once '../vendor/autoload.php';
+
+// start http client
+$client = new GuzzleHttp\Client();
+
+$query = urlencode($_POST["title"]);
+
+$response = $client->request('GET', 'https://api.themoviedb.org/3/search/multi?query=' . $query . '&include_adult=true&language=en-US', [
+  'headers' => [
+    'Authorization' => 'Bearer ' . $env["ACCESS_TOKEN"],
+    'accept' => 'application/json',
+  ],
+]);
+$json = json_decode($response->getBody(), true)["results"][0];
+
+
+$season = $_POST["season"];
+$episode = $_POST["episode"];
+$name = $_POST["title"];
+$overview = $json["overview"];
+$poster = $json["poster_path"];
+
+$table_name = "user" . $user_id;
+
+$result = $conn->query("INSERT INTO $table_name (name, season, episode, overview, poster) VALUES ('$name', $season, $episode, '$overview', '$poster') ON DUPLICATE KEY UPDATE season = VALUES(season), episode = VALUES(episode), overview = VALUES(overview), poster = VALUES(poster);");
+
+if($result) {
+  $conn->close();
+  header("Location: /dashboard.php");
+  exit;
+} else {
+  $conn->close();
+  die("Error inserting value into database");
+}
+?>

backend/login.php

@@ -0,0 +1,38 @@
+<?php
+session_start();
+
+$env = parse_ini_file("../config/.env");
+
+// Connect to db
+$conn = new mysqli($env["HOST"], $env["DBUSER"], $env["DBPASS"], $env["TABLE"]);
+
+if ($conn->connect_error) {
+  die("Connection failed: " . $conn->connect_error);
+}
+
+if ($_SERVER["REQUEST_METHOD"] == "POST") { // When user posts data
+  $username = $_POST["username"];
+  $password = $_POST["password"];
+
+  $result = $conn->query("SELECT * FROM users WHERE username = '$username'");
+
+  if ($result->num_rows == 1) {
+    $row = $result->fetch_assoc();
+    $dbPassword = $row["password"];
+
+    if ($password == $dbPassword) {
+      $_SESSION["username"] = $username;
+      header("Location: /dashboard.php");
+    } else {
+      header("Location: /?wrongpass");
+      die;
+    }
+  } else {
+    header("Location: /?notfound");
+    die;
+  }
+}
+
+$conn->close();
+?>
+

backend/logout.php

@@ -0,0 +1,7 @@
+<?php
+session_start();
+session_destroy();
+header("Location: /");
+exit;
+?>
+

backend/useradd.php

@@ -0,0 +1,53 @@
+<?php
+session_start();
+
+$env = parse_ini_file("../config/.env");
+
+// Connect to db
+$conn = new mysqli($env["HOST"], $env["DBUSER"], $env["DBPASS"], $env["TABLE"]);
+
+if ($conn->connect_error) {
+  die("Connection failed: " . $conn->connect_error);
+}
+
+if ($_SERVER["REQUEST_METHOD"] == "POST") { // When user posts data
+  $username = $_POST["username"];
+  $password = $_POST["password"];
+
+  $result = $conn->query("SELECT * FROM users WHERE username = '$username'");
+
+  if ($result->num_rows > 0) {
+    header("Location: /register.php?userfound");
+    exit;
+  }
+
+  $result = $conn->query("INSERT INTO users (username, password) VALUES ('$username', '$password');");
+
+  if(!$result) {
+    echo "Error adding user " . $username;
+    exit;
+  }
+
+  $user_id = $conn->query("SELECT * FROM users WHERE username = '$username'")->fetch_assoc()["id"];
+
+  $result = $conn->query("CREATE TABLE user$user_id (name VARCHAR(255), season INT, episode INT, overview VARCHAR(2048), poster VARCHAR(255));");
+
+  if(!$result) {
+    echo "Error creating table for " . $username;
+    exit;
+  }
+
+  $result = $conn->query("ALTER TABLE user$user_id ADD UNIQUE KEY unique_name (name);");
+
+  if(!$result) {
+    echo "Error adding unique key to table";
+    exit;
+  }
+
+  $_SESSION["username"] = $username;
+  header("Location: /dashboard.php");
+  $conn->close();
+  exit;
+}
+?>
+