setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // Tabulky $db->exec("CREATE TABLE IF NOT EXISTS users ( id INTEGER PRIMARY KEY AUTOINCREMENT, username TEXT UNIQUE, password TEXT, role TEXT DEFAULT 'user', created_at DATETIME DEFAULT CURRENT_TIMESTAMP )"); $db->exec("CREATE TABLE IF NOT EXISTS messages ( id INTEGER PRIMARY KEY AUTOINCREMENT, user_id INTEGER, username TEXT, message TEXT, created_at DATETIME DEFAULT CURRENT_TIMESTAMP )"); $db->exec("CREATE TABLE IF NOT EXISTS settings ( id INTEGER PRIMARY KEY, allow_registration INTEGER DEFAULT 1 )"); $set = $db->query("SELECT allow_registration FROM settings WHERE id=1")->fetch(); $allowRegistration = $set ? (bool)$set['allow_registration'] : true; // Akce $action = $_POST['action'] ?? null; if ($action === 'register' && $allowRegistration) { $u = trim($_POST['username']); $p = $_POST['password']; if ($u && $p) { $stmt=$db->prepare("INSERT INTO users(username,password) VALUES(:u,:p)"); try { $stmt->execute([':u'=>$u,':p'=>password_hash($p,PASSWORD_BCRYPT)]); $_SESSION['uid']=$db->lastInsertId(); } catch(Exception $e){ $err="Uživatel existuje"; } } } if ($action === 'login') { $u=trim($_POST['username']); $p=$_POST['password']; $stmt=$db->prepare("SELECT * FROM users WHERE username=:u"); $stmt->execute([':u'=>$u]); $row=$stmt->fetch(PDO::FETCH_ASSOC); if($row && password_verify($p,$row['password'])){ $_SESSION['uid']=$row['id']; } else $err="Špatné jméno nebo heslo"; } if(isset($_GET['logout'])){ session_destroy(); header("Location: ./"); exit; } $user=null; if(isset($_SESSION['uid'])){ $stmt=$db->prepare("SELECT * FROM users WHERE id=:id"); $stmt->execute([':id'=>$_SESSION['uid']]); $user=$stmt->fetch(PDO::FETCH_ASSOC); } // Chat if($action==='send' && $user){ $msg=trim($_POST['message']); if($msg){ $stmt=$db->prepare("INSERT INTO messages(user_id,username,message) VALUES(:uid,:un,:m)"); $stmt->execute([':uid'=>$user['id'],':un'=>$user['username'],':m'=>$msg]); } exit; } if(isset($_GET['action']) && $_GET['action']==='fetch_messages' && $user){ $stmt=$db->query("SELECT * FROM messages ORDER BY id DESC LIMIT 30"); echo json_encode(array_reverse($stmt->fetchAll(PDO::FETCH_ASSOC))); exit; } // Admin akce if($action==='toggle_registration' && $user && $user['role']==='admin'){ $allowRegistration=!$allowRegistration; $db->exec('INSERT OR REPLACE INTO settings (id,allow_registration) VALUES (1,'.($allowRegistration?1:0).')'); header("Location: ./"); exit; } if(isset($_GET['action']) && $_GET['action']==='fetch_users' && $user['role']==='admin'){ $stmt=$db->query("SELECT id,username,role FROM users"); echo json_encode($stmt->fetchAll(PDO::FETCH_ASSOC)); exit; } if($action==='change_role' && $user['role']==='admin'){ $uid=intval($_POST['user_id']); $stmt=$db->prepare("SELECT role FROM users WHERE id=:id"); $stmt->execute([':id'=>$uid]); $row=$stmt->fetch(PDO::FETCH_ASSOC); if($row){ $new=$row['role']==='admin'?'user':'admin'; $stmt2=$db->prepare("UPDATE users SET role=:r WHERE id=:id"); $stmt2->execute([':r'=>$new,':id'=>$uid]); } exit; } if($action==='clear_messages' && $user['role']==='admin'){ $db->exec("DELETE FROM messages"); header("Location: ./"); exit; } $defaultDarkMode=true; ?> Chat App

Přihlášení

'.htmlspecialchars($err).'

'; ?>


Chat —

Odhlásit

Soubory

Admin Panel

Správa uživatelů

Správa obsahu