From 53ac4f62c5aaf74e740e0aceeba3a244a1bd20f0 Mon Sep 17 00:00:00 2001
From: nolanwhy <thebackytb@gmail.com>
Date: Sun, 5 Feb 2023 14:08:52 +0100
Subject: [PATCH] a

---
 games.php |  4 ++--
 item.php  |  3 ++-
 place.php | 41 +++++++++++++++++++++++++++++++++++++++++
 user.php  |  3 ++-
 4 files changed, 47 insertions(+), 4 deletions(-)
 create mode 100644 place.php

diff --git a/games.php b/games.php
index c3a89a6..465f4e7 100644
--- a/games.php
+++ b/games.php
@@ -47,7 +47,7 @@ Signing off, qzip.
         $x = 8;
         for ($i = 1; $i <= $x; $i++) { ?>
             <div class="card bg-dark border-start rounded shadow-sm" style="max-width: 170px;  margin-right: 9px;">
-              <a href="game?id=<?php echo (int)htmlspecialchars($game["id"]); ?>" style="text-decoration: none; text-align: left; margin-bottom: 9px;">
+              <a href="place?id=<?php echo (int)htmlspecialchars($game["id"]); ?>" style="text-decoration: none; text-align: left; margin-bottom: 9px;">
                 <img src="<?php if (!empty($game["thumbnail"])) {echo htmlspecialchars($game["thumbnail"]);} else {echo "assets/placeholder.png";} ?>" class="card-img-top rounded-top" alt="<?php echo htmlspecialchars($game["name"]); ?>">
                 <div class="card-body">
                   <small class="card-title text-white" style="font-size: 1rem;"><?php echo htmlspecialchars($game["name"]); ?></small>
@@ -101,7 +101,7 @@ Signing off, qzip.
         $x = 8;
         for ($i = 1; $i <= $x; $i++) { ?>
             <div class="card bg-dark border-start rounded shadow-sm" style="max-width: 170px;  margin-right: 9px;">
-              <a href="game?id=<?php echo (int)htmlspecialchars($game["id"]); ?>" style="text-decoration: none; text-align: left; margin-bottom: 9px;">
+              <a href="place?id=<?php echo (int)htmlspecialchars($game["id"]); ?>" style="text-decoration: none; text-align: left; margin-bottom: 9px;">
                 <img src="<?php if (!empty($game["thumbnail"])) {echo htmlspecialchars($game["thumbnail"]);} else {echo "https://media.discordapp.net/attachments/1051588176805892156/1071555366887891064/placeholder.png";} ?>" class="card-img-top rounded-top<?php if(empty($game["thumbnail"])){echo " placeholder";} ?>" alt="<?php echo htmlspecialchars($game["name"]); ?>">
                 <div class="card-body">
                   <small class="card-title text-white" style="font-size: 1rem;"><?php echo htmlspecialchars($game["name"]); ?></small>
diff --git a/item.php b/item.php
index 6cca993..9fbbb38 100644
--- a/item.php
+++ b/item.php
@@ -19,7 +19,8 @@ $q->bindParam(':id',$id,PDO::PARAM_INT);
 $q->execute();
 $item = $q->fetch();
 if(!$item) {
-  die("go fuck yourself (can't find item)"); // todo: redirect to 404
+  header('location: /error?err=404');
+  exit;
 }
 ?>
 <!DOCTYPE html>
diff --git a/place.php b/place.php
new file mode 100644
index 0000000..ec150ed
--- /dev/null
+++ b/place.php
@@ -0,0 +1,41 @@
+<?php
+session_start();
+
+require_once 'core/classes.php';
+require_once 'core/classes/user.php';
+$user = new User($con, $_SESSION['user']);
+if(!$user->isLoggedIn()) {
+  header('location: /login');
+  exit;
+}
+
+if(!isset($_GET["id"])) {
+  header("Location: ?id=".$_SESSION['user']);
+} else {
+  $id = (int)$_GET["id"];
+}
+$q = $con->prepare("SELECT * FROM games WHERE id = :id");
+$q->bindParam(':id',$id,PDO::PARAM_INT);
+$q->execute();
+$game = $q->fetch();
+if(!$game) {
+  header('location: /error?err=404');
+  exit;
+}
+?>
+<!DOCTYPE html>
+<html data-bs-theme="dark">
+<head>
+<?php
+$getitstarted = new PartyStarter;
+$getitstarted->header();
+?>
+</head>
+<title><?php echo htmlspecialchars($game["name"]); ?> | <?php echo $sitename; ?></title>
+<body>
+<h1>yes i am FUCKING AGAIN still not hired to make html</h1>
+<h1>this game is called <?php echo htmlspecialchars($game["name"]); ?></h1>
+<h1>with id <?php echo (int)htmlspecialchars($game["id"]); ?></h1>
+<p>thats all i have to say</p>
+</body>
+</html>
diff --git a/user.php b/user.php
index 62abdda..f11e627 100644
--- a/user.php
+++ b/user.php
@@ -19,7 +19,8 @@ $q->bindParam(':id',$id,PDO::PARAM_INT);
 $q->execute();
 $requestUser = $q->fetch();
 if(!$requestUser) {
-  die("go fuck yourself (can't find user)"); // todo: redirect to 404
+  header('location: /error?err=404');
+  exit;
 }
 ?>
 <!DOCTYPE html>