<?php

include("../../global.php");
session_start();

if (!isset($_SESSION["username"])) goto fail;

$out = $database -> query("SELECT username, admin FROM user WHERE BINARY username=\"" . $_SESSION["username"] . "\" AND admin=\"1\"");

if (!isset($_GET["username"])) return;

if ($out -> num_rows != 1 && $_GET["username"] != $_SESSION["username"])
{
    fail:
    echo "nope";
    header("Location: ../../../index.php");
    return;
}

$safe_username = mysqli_real_escape_string($database, $_GET["username"]);

$out = $database -> query("SELECT user.username, user.admin, user_info.bio, user_info.nickname, user_info.sex FROM user INNER JOIN user_info ON user.user_info=user_info.id AND username=\"" . $safe_username . "\"");

$output = array();
$res = $out -> fetch_assoc();

foreach ($res as $key => $value)
{
    $output[$key] = $value;
}

header('Content-type: application/json');
echo json_encode($output);