MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into joey-testing

Browse Source
This commit is contained in:
Joey Lai
2017-01-20 10:48:19 +01:00
parent 7df182676a 56b17675fa
commit 0389d05e51
26 changed files with 429 additions and 219 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
website/queries/friendship.php
View File

@@ -1,26 +1,31 @@
<?php
function selectAllFriends($db, $userID) {
return $db->query("
SELECT
`user`.`userID`,
`user`.`username`,
`user`.`profilepicture`,
`user`.`onlinestatus`,
`user`.`role`
FROM
`user`
INNER JOIN
`friendship`
WHERE
`friendship`.`user1ID` = $userID AND
`friendship`.`user2ID` = `user`.`userID` OR
`friendship`.`user2ID` = $userID AND
`friendship`.`user1ID` = `user`.`userID` AND
`user`.`role` != 3
function selectAllFriends($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`userID`,
`username`,
IFNULL(
`profilepicture`,
'../img/notbad.jpg'
) AS profilepicture,
`onlinestatus`,
`role`
FROM
`user`
INNER JOIN
`friendship`
WHERE
(`friendship`.`user1ID` = :userID AND
`friendship`.`user2ID` = `user`.`userID` OR
`friendship`.`user2ID` = :userID AND
`friendship`.`user1ID` = `user`.`userID`) AND
`role` != 5 AND
`status` = 1
");
}
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->execute();
?>
return $stmt;
}

8
website/queries/group_member.php
View File

@@ -1,7 +1,7 @@
<?php
function selectAllGroupsFromUser($db, $userID) {
return $db->query("
function selectAllGroupsFromUser($userID) {
return $GLOBALS["db"]->query("
SELECT
`group_page`.`name`,
`group_page`.`picture`
@@ -15,7 +15,3 @@ function selectAllGroupsFromUser($db, $userID) {
`group_page`.`status` != 0
");
}
?>

25
website/queries/group_page.php
View File

@@ -1,7 +1,7 @@
<?php
function selectGroupById($db, $groupID) {
return $db->query("
function selectGroupById($groupID) {
return $GLOBALS["db"]->query("
SELECT
`group_page`.`name`,
`group_page`.`picture`,
@@ -15,8 +15,8 @@ function selectGroupById($db, $groupID) {
");
}
function select20GroupsFromN($db, $n) {
return $db->query("
function select20GroupsFromN($n) {
return $GLOBALS["db"]->query("
SELECT
`group_page`.`groupID`,
`group_page`.`name`,
@@ -33,8 +33,8 @@ function select20GroupsFromN($db, $n) {
");
}
function select20GroupsByStatusFromN($db, $n, $status) {
return $db->query("
function select20GroupsByStatusFromN($n, $status) {
return $GLOBALS["db"]->query("
SELECT
`group_page`.`groupID`,
`group_page`.`name`,
@@ -53,8 +53,8 @@ function select20GroupsByStatusFromN($db, $n, $status) {
");
}
function search20GroupsFromNByStatus($db, $n, $keyword, $status) {
$q = $db->prepare("
function search20GroupsFromNByStatus($n, $keyword, $status) {
$q = $GLOBALS["db"]->prepare("
SELECT
`groupID`,
`name`,
@@ -80,8 +80,8 @@ function search20GroupsFromNByStatus($db, $n, $keyword, $status) {
return $q;
}
function changeGroupStatusByID($db, $id, $status) {
$q = $db->query("
function changeGroupStatusByID($id, $status) {
$q = $GLOBALS["db"]->query("
UPDATE
`group_page`
SET
@@ -92,8 +92,3 @@ function changeGroupStatusByID($db, $id, $status) {
return $q;
}
?>

21
website/queries/header.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
function getHeaderInfo() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`fname`,
`lname`,
IFNULL(
`profilepicture`,
'img/notbad.jpg'
) AS profilepicture
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->fetch();
}

2
website/queries/login.php
View File

@@ -15,5 +15,3 @@ function getUser() {
$stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC);
}
?>

19
website/queries/private_message.php
View File

@@ -1,14 +1,9 @@
<?php
include_once("connect.php");
session_start();
function getOldChatMessages($user2ID) {
$db = $GLOBALS["db"];
$user1ID = $_SESSION["userID"];
$stmt = $db->prepare("
$stmt = $GLOBALS["db"]->prepare("
SELECT
*
FROM
@@ -31,8 +26,7 @@ function getOldChatMessages($user2ID) {
}
function sendMessage($destination, $content) {
$db = $GLOBALS["db"];
$stmt = $db->prepare("
$stmt = $GLOBALS["db"]->prepare("
INSERT INTO
`private_message`
(
@@ -56,10 +50,7 @@ function sendMessage($destination, $content) {
}
function getNewChatMessages($lastID, $destination) {
$db = $GLOBALS["db"];
$origin = $_SESSION["userID"];
$stmt = $db->prepare("
$stmt = $GLOBALS["db"]->prepare("
SELECT
*
FROM
@@ -75,11 +66,11 @@ function getNewChatMessages($lastID, $destination) {
`messageID` ASC
");
$stmt->bindParam(':user1', $origin);
$stmt->bindParam(':user1', $_SESSION["userID"]);
$stmt->bindParam(':user2', $destination);
$stmt->bindParam(':lastID', $lastID);
$stmt->execute();
return json_encode($stmt->fetchAll());
}
}

122
website/queries/settings.php
View File

@@ -1,5 +1,42 @@
<?php
class settingsMessage {
private $class;
private $message;
/**
* settingsMessage constructor.
* @param string $type Happy or angry
* @param string $message The message to display
*/
public function __construct($type, $message) {
$this->message = $message;
switch ($type) {
case "happy":
$this->class = "settings-message-happy";
break;
case "angry":
$this->class = "settings-message-angry";
break;
default:
$this->class = "settings-message";
break;
}
}
public function getClass() {
return $this->class;
}
public function getMessage() {
return $this->message;
}
}
/**
* Gets the settings form the database.
* @return mixed Setting as an array.
*/
function getSettings() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
@@ -59,40 +96,28 @@ function updateSettings() {
$stmt->execute();
return array (
"type" => "settings-message-happy",
"message" => "Instellingen zijn opgeslagen."
);
return new settingsMessage("happy", "Instellingen zijn opgeslagen.");
}
function updatePassword() {
$user = getPasswordHash();
if (password_verify($_POST["password-old"].strtolower($user["username"]), $user["password"])) {
if (password_verify($_POST["password-old"], $user["password"])) {
if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
if (changePassword($user)) {
return array ("type" => "settings-message-happy",
"message" => "Wachtwoord gewijzigd.");
if (changePassword()) {
return new settingsMessage("happy", "Wachtwoord gewijzigd.");
} else {
return array (
"type" => "settings-message-angry",
"message" => "Er is iets mis gegaan.");
return new settingsMessage("angry", "Er is iets mis gegaan.");
}
} else {
return array (
"type" => "settings-message-angry",
"message" => "Wachtwoorden komen niet oveeen."
);
return new settingsMessage("angry", "Wachtwoorden komen niet oveen.");
}
} else {
return array(
"type" => "settings-message-angry",
"message" => "Oud wachtwoord niet correct."
);
return new settingsMessage("angry", "Oud wachtwoord niet correct.");
}
}
function changePassword($user) {
$stmt =$GLOBALS["db"]->prepare("
function changePassword() {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
@@ -101,9 +126,62 @@ function changePassword($user) {
`userID` = :userID
");
$hashed_password = password_hash($_POST["password-new"].strtolower($user["username"]), PASSWORD_DEFAULT);
$hashed_password = password_hash($_POST["password-new"], PASSWORD_DEFAULT);
$stmt->bindParam(":new_password", $hashed_password);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->rowCount();
}
function changeEmail() {
if ($_POST["email"] == $_POST["email-confirm"]) {
$email = strtolower($_POST["email"]);
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
//check if email exists
if (emailIsAvailableInDatabase($email)) {
if (doChangeEmail($email)) {
return new settingsMessage("happy", "Emailadres is veranderd.");
} else {
return new settingsMessage("angry", "Er is iets mis gegaan.");
}
} else {
return new settingsMessage("angry", "Emailadres bestaat al.");
}
} else {
return new settingsMessage("angry", "Geef een geldig emailadres.");
}
} else {
return new settingsMessage("angry", "Emailadressen komen niet overeen.");
}
}
function emailIsAvailableInDatabase($email) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`email`
FROM
`user`
WHERE
`email` = :email
");
$stmt->bindParam(":email", $email);
$stmt->execute();
return !$stmt->rowCount();
}
function doChangeEmail($email) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`email` = :email
WHERE
`userID` = :userID
");
$stmt->bindParam(":email", $email);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->rowCount();
}

102
website/queries/user.php
View File

@@ -1,7 +1,93 @@
<?php
require("connect.php");
function select20UsersFromN($db, $n) {
return $db->query("
function getUserID($username) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`userID`
FROM
`user`
WHERE
LOWER(`username`) = LOWER(:username)
");
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->execute();
return $stmt->fetch()["userID"];
}
function selectUser($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`,
IFNULL(
`profilepicture`,
'../img/notbad.jpg'
) AS profilepicture,
`bio`,
`role`,
`onlinestatus`,
`loggedin`,
`fname`,
`lname`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->execute();
return $stmt->fetch();
}
function selectAllUserGroups($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`group_page`.`groupID`,
`name`,
`picture`,
`userID`
FROM
`group_page`
INNER JOIN
`group_member`
ON
`group_page`.`groupID` = `group_member`.`groupID`
WHERE
`userID` = :userID AND
`role` = 1
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->execute();
return $stmt;
}
function selectAllUserPosts($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`postID`,
`author`,
`title`,
`content`,
`creationdate`
FROM
`post`
WHERE
`author` = :userID AND
`groupID` IS NULL
ORDER BY
`creationdate` DESC
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->execute();
return $stmt;
}
function select20UsersFromN($n) {
return $GLOBALS["db"]->query("
SELECT
`userID`,
`username`,
@@ -17,8 +103,8 @@ function select20UsersFromN($db, $n) {
");
}
function search20UsersFromN($db, $n, $keyword) {
$q = $db->prepare("
function search20UsersFromN($n, $keyword) {
$q = $GLOBALS["db"]->prepare("
SELECT
`userID`,
`username`,
@@ -41,8 +127,8 @@ function search20UsersFromN($db, $n, $keyword) {
return $q;
}
function search20UsersFromNByStatus($db, $n, $keyword, $status) {
$q = $db->prepare("
function search20UsersFromNByStatus($n, $keyword, $status) {
$q = $GLOBALS["db"]->prepare("
SELECT
`userID`,
`username`,
@@ -69,8 +155,8 @@ function search20UsersFromNByStatus($db, $n, $keyword, $status) {
return $q;
}
function changeUserStatusByID($db, $id, $status) {
$q = $db->query("
function changeUserStatusByID($id, $status) {
$q = $GLOBALS["db"]->query("
UPDATE
`user`
SET