Testing tag adding system

edit.php

@@ -1,80 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-  <meta charset="utf-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1.0">
-  <title>Gallery</title>
-  <link rel="stylesheet" href="css/master.css">
-  <link href="https://fonts.googleapis.com/css2?family=Rubik" rel="stylesheet">
-  <link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Lexend+Deca:wght@600&amp;display=swap">
-  <link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Fira+Code:wght@500&amp;display=swap">
-</head>
-<body>
-  <?php
-  include("ui/header.php");
-  include("ui/conn.php");
-
-  // Check if user is logged in
-  if (isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true) {
-    // Get post ID from button
-    if (isset($_POST['id'])) {
-      // Getting all image info from table
-      $get_image = "SELECT * FROM swag_table WHERE id = ".$_POST['id'];
-      $image_results = mysqli_query($conn, $get_image);
-      $image = mysqli_fetch_assoc($image_results);
-
-      // Updating alt
-      if (isset($_SESSION['id']) && $image['author'] == $_SESSION['id'] || $_SESSION['id'] == 1) {
-        // If no errors
-        if (isset($_POST['alt']) || $_POST['alt'] != "") {
-          // getting ready forSQL asky asky
-          $sql = "UPDATE swag_table SET alt=? WHERE id=?";
-
-          // Checking if databse is doing ok
-          if ($stmt = mysqli_prepare($conn, $sql)) {
-            mysqli_stmt_bind_param($stmt, "si", $param_alt, $param_id);
-
-            // Setting parameters
-            $param_alt = $_POST['alt'];
-            $param_id = $_POST['id'];
-
-            // Attempt to execute the prepared statement
-            if (mysqli_stmt_execute($stmt)) {
-              header("Location:https://superdupersecteteuploadtest.fluffybean.gay/image.php?id=".$_POST['id']."&update=success");
-            } else {
-              $error = "Something went fuckywucky, please try later";
-            }
-          }
-        } else {
-          header("Location:https://superdupersecteteuploadtest.fluffybean.gay/image.php?id=".$_POST['id']."&update=skip");
-        }
-      } else {
-        $error = "You do not have edit rights";
-      }
-    }
-  } else {
-    $error = "You must be logged in to edit images";
-    //header("Location: https://superdupersecteteuploadtest.fluffybean.gay");
-  }
-  ?>
-
-  <div class="edit-root default-window">
-    <h2>Modify Information</h2>
-    <p class="space-below">This is a dangerous place to step foot into... tread carefully.</p>
-    <form class="flex-down between" method="POST" action="edit.php" enctype="multipart/form-data">
-      <input class="btn alert-default space-bottom-large" type="text" name="alt" placeholder="Description/Alt for image">
-      <?php echo "<button class='btn alert-default' type='submit' name='id' value=".$_GET["id"]."><img class='svg' src='assets/icons/edit.svg'>Update information</button>"; ?>
-    </form>
-    <?php
-    if (isset($error)) {
-      echo "<p class='alert alert-low space-top'>".$error."</p>";
-    }
-    ?>
-  </div>
-
-  <?php
-  include("ui/top.html");
-  include("ui/footer.php");
-  ?>
-</body>
-</html>

image.php

@@ -50,6 +50,7 @@ if (isset($image['author'])) {
 }
 ?>
 
+
 <!DOCTYPE html>
 <html>
 <head>
@@ -189,6 +190,61 @@ if (isset($image['author'])) {
     }
   }
 
+  /*
+    Adding tags
+  */
+  if (isset($_POST['tags_flyout']) && $privilaged) {
+    $header = "Tags";
+    $content = "Add image tags here! This is still being tested so your tags may be removed later on. Tags ONLY accept, letters, numbers and underscores. Hyphens will be stitched to underscores and spaces will seperate the different tags from eachother.";
+    $action = "<form class='flex-down between' method='POST' enctype='multipart/form-data'>
+      <input class='btn alert-default space-bottom' type='text' name='add_tags' placeholder='Tags are seperated by spaces'>
+      <button class='btn alert-low' type='submit' name='tags_confirm' value='".$image["id"]."'><img class='svg' src='assets/icons/edit.svg'>Add tags</button>
+    </form>";
+
+    flyout($header, $content, $action);
+  }
+  /*
+    Tags Confirm
+  */
+  if (isset($_POST['tags_confirm']) && $privilaged) {
+    // Unset all the variables, needed by flyout
+    unset($header, $content, $action);
+
+    // Clean tags before adding
+    function clean($string) {
+      // Change to lowercase
+      $tags_string = strtolower($tags_string);
+      // Replace hyphens
+      $string = str_replace('-', '_', $string);
+      // Regex
+      $string = preg_replace('/[^A-Za-z0-9\_ ]/', '', $string);
+      // Return string
+      return preg_replace('/ +/', ' ', $string);
+    }
+
+    // Clean input
+    $tags_string = clean(trim($_POST['add_tags']));
+
+    // getting ready forSQL asky asky
+    $sql = "UPDATE swag_table SET tags=? WHERE id=?";
+
+    // Checking if databse is doing ok
+    if ($stmt = mysqli_prepare($conn, $sql)) {
+      mysqli_stmt_bind_param($stmt, "si", $param_tags, $param_id);
+
+      // Setting parameters
+      $param_tags = $tags_string;
+      $param_id = $image["id"];
+
+      // Attempt to execute the prepared statement
+      if (mysqli_stmt_execute($stmt)) {
+        header("Location:https://superdupersecteteuploadtest.fluffybean.gay/image.php?id=".$image["id"]."&update=success");
+      } else {
+        header("Location:https://superdupersecteteuploadtest.fluffybean.gay/image.php?id=".$image["id"]."&update=error");
+      }
+    }
+  }
+
   /*
     Description athor
   */
@@ -290,25 +346,27 @@ if (isset($image['author'])) {
     <h2>Tags</h2>
     <div class="tags flex-left">
       <?php
-      function clean($string) {
-        $string = str_replace('-', '_', $string);
-        $string = preg_replace('/[^A-Za-z0-9\_ ]/', '', $string);
-        return preg_replace('/ +/', ' ', $string);
+      // Get image tags
+      if (isset($image['tags']) && !empty($image['tags'])) {
+        $image_tags_array = explode(" ", $image['tags']);
+        foreach ($image_tags_array as $tag) {
+          echo "<p class='tag alert-high'>".$tag."</p>";
+        }
+      } else {
+        echo "<p>No tags present</p>";
       }
-      $tags_string = "This is a test of ta.gs and their s//ystem_of_ignoring ran!!dom characters BUT THIS DOES$$$$$$.NT WORK YET!!!!";
-      $tags_string = strtolower($tags_string);
-      $tags_string = clean($tags_string);
-      $image_tags_array = explode(" ", $tags_string);
 
-      foreach ($image_tags_array as $tag) {
-        echo "<p class='tag alert-high'>".$tag."</p>";
-      }
       ?>
     </div>
   </div>
 
   <?php
-  // Check if user is admin or the owner of image, if yes, display the edit and delete div
+  /*
+    Check if user is privilaged,
+    If yes, grant them access to the Danger zone, or "the place that can fuck things up"
+
+    Checking is done prior to here
+  */
   if ($privilaged) {
     // Danger zone
     echo "<div class='danger-zone flex-down default-window'>
@@ -324,11 +382,18 @@ if (isset($image['author'])) {
       <button class='btn alert-low space-top-small flyout-display' type='submit' name='description_flyout'><img class='svg' src='assets/icons/edit.svg'>Edit description</button>
     </form>";
 
-    // Edit authro
+    // Edit tags
     echo "<form method='POST'>
-      <button class='btn alert-low space-top-small flyout-display' type='submit' name='author_flyout'><img class='svg' src='assets/icons/edit.svg'>Edit author</button>
+      <button class='btn alert-low space-top-small flyout-display' type='submit' name='tags_flyout'><img class='svg' src='assets/icons/edit.svg'>Add image tags</button>
     </form>";
 
+    // Edit authro
+    if ($_SESSION['id'] == 1) {
+      echo "<form method='POST'>
+        <button class='btn alert-low space-top-small flyout-display' type='submit' name='author_flyout'><img class='svg' src='assets/icons/edit.svg'>Edit author</button>
+      </form>";
+    }
+
     echo "</div>";
   }
   ?>