From 8e49ffded8d02f55321945d56b11ddbd4c25ecf8 Mon Sep 17 00:00:00 2001
From: Foltik <jack@foltz.tech>
Date: Sun, 14 Aug 2016 21:39:18 -0400
Subject: [PATCH] Fix register process and add api key to panel

---
 includes/api.php           |  2 +-
 includes/core.php          | 13 ++++++++-----
 templates/panel/index.swig |  9 +++++++++
 3 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/includes/api.php b/includes/api.php
index 3a97d48..878e485 100644
--- a/includes/api.php
+++ b/includes/api.php
@@ -34,7 +34,7 @@ if (isset($_GET['do'])) {
             break;
 
         case "panel":
-            header('Location: ../panel');
+            header('Location: ../panel/index.php');
             break;
 
         case "delete":
diff --git a/includes/core.php b/includes/core.php
index a4604ef..af137ce 100644
--- a/includes/core.php
+++ b/includes/core.php
@@ -13,7 +13,7 @@ function register($user, $pass, $code)
     // Check if code is used
     if ($result['used'] == '0') {
         // Check to see if the username is in use
-        $q->prepare("SELECT user FROM accounts WHERE user = (:user)");
+        $q = $db->prepare("SELECT user FROM accounts WHERE user = (:user)");
         $q->bindParam(':user', $user);
         $q->execute();
         if ($q->fetchColumn() == 0) {
@@ -38,10 +38,13 @@ function register($user, $pass, $code)
             $_SESSION['id'] = $result['id'];
             $_SESSION['user'] = $user;
             $_SESSION['level'] = $result['level'];
-            header('Location: api.php?do=panel');
+            header('Location: http://www.shimapan.rocks/includes/api.php?do=panel');
+        } else {
+            header('Location: ../register/index.html#fail');
         }
+    } else {
+        header('Location: ../register/index.html#fail');
     }
-    header('Location: ../register/index.html#fail');
 }
 
 function generate($level)
@@ -208,8 +211,8 @@ function report($file, $reason)
                 $q->execute();
                 $result = $q->fetch();
                 
-                if ($q->fetchColumn() != '0') {
-                    $q = $db->prepare("INSERT INTO reports (hash, date, file, fileid, reporter, reason) VALUES (:hash, :date, :file, :fileid, :reporter, :reason)");
+                if ($q->rowCount() != '0') {
+                    $q = $db->prepare("    header('Location: ../register/index.html#fail');INSERT INTO reports (hash, date, file, fileid, reporter, reason) VALUES (:hash, :date, :file, :fileid, :reporter, :reason)");
                     $q->bindValue(':file', strip_tags($file));
                     $q->bindValue(':date', date('Y-m-d'));
                     $q->bindValue(':reporter', $_SESSION['user']);
diff --git a/templates/panel/index.swig b/templates/panel/index.swig
index ca27eea..7b61f5f 100644
--- a/templates/panel/index.swig
+++ b/templates/panel/index.swig
@@ -1,4 +1,13 @@
 {% include "../../includes/locked.swig" %}
 {% include "../../includes/header.swig" %}
 <p>Welcome, <?php echo $_SESSION['user']; ?></p>
+<?php
+    require_once '../includes/database.inc.php';
+    global $db;
+    $q = $db->prepare("SELECT apikey FROM accounts WHERE user = (:user)");
+    $q->bindValue(':user', $_SESSION['user']);
+    $q->execute();
+    $result = $q->fetch();
+    echo 'Your API key is '.$result['apikey'];
+?>
 {% include "../../includes/footer.swig" %}