<?php
session_start();

$db_servername = 'localhost';

$db_login = '';
$db_password = '';
$db_name = '';

$db_login_tasks = '';
$db_password_tasks = '';
$db_name_tasks = '';

mysql_connect("$db_servername", "$db_login", "$db_password");
mysql_select_db("$db_name");

$db = mysqli_connect("$db_servername", "$db_login_tasks", "$db_password_tasks", "$db_name_tasks");

if (isset($_POST["submit"]) && $_SESSION['zalogowany'] = true) {
	$task = $_POST["task"];
	$login = $_SESSION['login'];
	mysqli_query($db, "INSERT INTO `tasks_$login` (task) VALUES ('$task')");
	header('location: index.php');
}

?>

<link rel="stylesheet" type="text/css" href="style.css">

<?php

function filter($variable)
{
    if(get_magic_quotes_gpc())
        $variable = stripslashes($variable);

    return mysql_real_escape_string(htmlspecialchars(trim($variable))); 
}

if (isset($_GET['wyloguj'])==1) 
{
	$_SESSION['zalogowany'] = false;
	session_destroy();
}

if (isset($_POST['loguj'])) 
{
	$login = filter($_POST['login']);
	$password = filter($_POST['password']);
	if (mysql_num_rows(mysql_query("SELECT * FROM `users` WHERE `user_login`='$login' && `user_pass`='$password' && `aktywne`='1'")) > 0) 
	{
		$_SESSION['zalogowany'] = true;
		$_SESSION['login'] = strtolower($login);
	}
	else { echo "Wpisano zle dane lub konto nieaktywne."; }
}

if ($_SESSION['zalogowany']==true)
{
	echo "Zalogowano jako <b>".$_SESSION['login']."</b>"; echo '<a href="?wyloguj=1"> [Wyloguj]</a>';
	?>
	
	<form method="POST" action="index.php">
		<input type="text" name="task" class="task_input">
		<input type="submit" value="Dodaj zadanie" name="submit">
	</form>
	<?php
		$login = $_SESSION['login'];
		$zapytanie =  "SELECT * FROM `tasks_$login` ";
		$tasks = mysqli_query($db, $zapytanie);
	?>
	<table>
		<thead>
			<tr>
				<td>Numer</td>
				<td>Zadanie</td>
				<td>Akcja</td>
			</tr>
		</thead>
		<tbody>
			<?php while ($row = mysqli_fetch_array($tasks)) { ?>
			
			<tr>
				<td><?php echo $row['ID']; ?></td>
				<td class="task"><?php echo $row['task']; ?></td>
				<td class="delete">
				<a href=#>USUN</a>
				</td>
			</tr>
			
			<?php } ?>
			
		</tbody>
	</table>
	
<?php
}

if ($_SESSION['zalogowany']==false): ?>

<form method="POST" action="index.php">
<b>Login:</b> <input type="text" name="login"><br>
<b>Hasło:</b> <input type="password" name="password"><br>
<input type="submit" value="Zaloguj" name="loguj">
</form>

---------------------------------------------------

<form method="POST" action="rejestracja/index.php">
<input type="submit" value="Rejestracja nowego konta">
</form>

<?php 
endif;
mysql_close(); 
?>