MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into kevin-prototype

Browse Source
This commit is contained in:
K. Nobel
2017-01-19 16:07:14 +01:00
parent 880db2d325 56b17675fa
commit 2f1bbd0a8e
36 changed files with 597 additions and 571 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
website/queries/checkInput.php Normal file
View File

@@ -0,0 +1,95 @@
<?php
function checkInputChoice($variable, $option){
if (empty($_POST[$variable])) {
$GLOBALS[$variable . "Err"] = "Verplicht!";
$GLOBALS["correct"] = false;
} else {
$GLOBALS[$variable] = test_input($_POST[$variable]);
switch ($option) {
case "lettersAndSpace":
checkonly($variable);
break;
case "username";
username($variable);
break;
case "longerEigth";
longerEigth($variable);
break;
case "email";
validateEmail($variable);
break;
default:
break;
}
}
}
function checkOnly($variable){
if (!preg_match("/^[a-zA-Z ]*$/",$GLOBALS[$variable])) {
$GLOBALS[$variable . "Err"] = "Alleen letters en spaties zijn toegestaan!";
$correct = false;
}
}
function username($variable){
if (strlen($GLOBALS[$variable]) < 6) {
$GLOBALS[$variable . "Err"] = "Gebruikersnaam moet minstens 6 karakters bevatten";
$correct = false;
} else if (getExistingUsername() == 1) {
$GLOBALS[$variable . "Err"] = "Gebruikersnaam bestaat al";
$correct = false;
}
}
function longerEigth($variable){
if (strlen($GLOBALS[$variable]) < 8) {
$GLOBALS[$variable . "Err"] = "Moet minstens 8 karakters bevatten";
$correct = false;
}
}
function validateEmail($variable){
if (!filter_var($GLOBALS[$variable], FILTER_VALIDATE_EMAIL)) {
$GLOBALS[$variable . "Err"] = "Geldige email invullen!";
$correct = false;
} else if (getExistingEmail() == 1){
$GLOBALS[$variable . "Err"] = "Email bestaat al";
$correct = false;
}
}
function matchPassword(){
if ($_POST["password"] != $_POST["confirmpassword"]) {
$GLOBALS["confirmpasswordErr"] = "Wachtwoorden matchen niet";
$GLOBALS["correct"] = false;
}
}
// Checks if everything is filled in correctly
function registerCheck(){
if ($GLOBALS["correct"] == false){
$GLOBALS["genericErr"] = "Bepaalde velden zijn verkeerd of niet ingevuld!";
} else {
registerAccount();
header("location: login.php");
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>

11
website/queries/friendship.php
View File

@@ -1,13 +1,13 @@
<?php
require("connect.php");
function selectAllFriends($db, $userID) {
$stmt = $db->prepare("
function selectAllFriends($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`userID`,
`username`,
IFNULL(
`profilepicture`,
'img/notbad.png'
'../img/notbad.jpg'
) AS profilepicture,
`onlinestatus`,
`role`
@@ -26,5 +26,6 @@ function selectAllFriends($db, $userID) {
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->execute();
return $stmt;
}
}

8
website/queries/group_member.php
View File

@@ -1,7 +1,7 @@
<?php
function selectAllGroupsFromUser($db, $userID) {
return $db->query("
function selectAllGroupsFromUser($userID) {
return $GLOBALS["db"]->query("
SELECT
`group_page`.`name`,
`group_page`.`picture`
@@ -15,7 +15,3 @@ function selectAllGroupsFromUser($db, $userID) {
`group_page`.`status` != 0
");
}
?>

25
website/queries/group_page.php
View File

@@ -1,7 +1,7 @@
<?php
function selectGroupById($db, $groupID) {
return $db->query("
function selectGroupById($groupID) {
return $GLOBALS["db"]->query("
SELECT
`group_page`.`name`,
`group_page`.`picture`,
@@ -15,8 +15,8 @@ function selectGroupById($db, $groupID) {
");
}
function select20GroupsFromN($db, $n) {
return $db->query("
function select20GroupsFromN($n) {
return $GLOBALS["db"]->query("
SELECT
`group_page`.`groupID`,
`group_page`.`name`,
@@ -33,8 +33,8 @@ function select20GroupsFromN($db, $n) {
");
}
function select20GroupsByStatusFromN($db, $n, $status) {
return $db->query("
function select20GroupsByStatusFromN($n, $status) {
return $GLOBALS["db"]->query("
SELECT
`group_page`.`groupID`,
`group_page`.`name`,
@@ -53,8 +53,8 @@ function select20GroupsByStatusFromN($db, $n, $status) {
");
}
function search20GroupsFromNByStatus($db, $n, $keyword, $status) {
$q = $db->prepare("
function search20GroupsFromNByStatus($n, $keyword, $status) {
$q = $GLOBALS["db"]->prepare("
SELECT
`groupID`,
`name`,
@@ -80,8 +80,8 @@ function search20GroupsFromNByStatus($db, $n, $keyword, $status) {
return $q;
}
function changeGroupStatusByID($db, $id, $status) {
$q = $db->query("
function changeGroupStatusByID($id, $status) {
$q = $GLOBALS["db"]->query("
UPDATE
`group_page`
SET
@@ -92,8 +92,3 @@ function changeGroupStatusByID($db, $id, $status) {
return $q;
}
?>

21
website/queries/header.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
function getHeaderInfo() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`fname`,
`lname`,
IFNULL(
`profilepicture`,
'img/notbad.jpg'
) AS profilepicture
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->fetch();
}

4
website/queries/login.php
View File

@@ -1,6 +1,6 @@
<?php
function hashPassword() {
function getUser() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`password`,
@@ -15,5 +15,3 @@ function hashPassword() {
$stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC);
}
?>

19
website/queries/private_message.php
View File

@@ -1,14 +1,9 @@
<?php
include_once("connect.php");
session_start();
function getOldChatMessages($user2ID) {
$db = $GLOBALS["db"];
$user1ID = $_SESSION["userID"];
$stmt = $db->prepare("
$stmt = $GLOBALS["db"]->prepare("
SELECT
*
FROM
@@ -31,8 +26,7 @@ function getOldChatMessages($user2ID) {
}
function sendMessage($destination, $content) {
$db = $GLOBALS["db"];
$stmt = $db->prepare("
$stmt = $GLOBALS["db"]->prepare("
INSERT INTO
`private_message`
(
@@ -56,10 +50,7 @@ function sendMessage($destination, $content) {
}
function getNewChatMessages($lastID, $destination) {
$db = $GLOBALS["db"];
$origin = $_SESSION["userID"];
$stmt = $db->prepare("
$stmt = $GLOBALS["db"]->prepare("
SELECT
*
FROM
@@ -75,11 +66,11 @@ function getNewChatMessages($lastID, $destination) {
`messageID` ASC
");
$stmt->bindParam(':user1', $origin);
$stmt->bindParam(':user1', $_SESSION["userID"]);
$stmt->bindParam(':user2', $destination);
$stmt->bindParam(':lastID', $lastID);
$stmt->execute();
return json_encode($stmt->fetchAll());
}
}

2
website/queries/register.php
View File

@@ -52,7 +52,7 @@ function registerAccount() {
:email
)");
$hash=password_hash($_POST["password"].(strtolower($_POST["username"])), PASSWORD_DEFAULT);
$hash=password_hash($_POST["password"], PASSWORD_DEFAULT);
$stmt->bindParam(":fname", $_POST["name"]);
$stmt->bindParam(":lname", $_POST["surname"]);

122
website/queries/settings.php
View File

@@ -1,5 +1,42 @@
<?php
class settingsMessage {
private $class;
private $message;
/**
* settingsMessage constructor.
* @param string $type Happy or angry
* @param string $message The message to display
*/
public function __construct($type, $message) {
$this->message = $message;
switch ($type) {
case "happy":
$this->class = "settings-message-happy";
break;
case "angry":
$this->class = "settings-message-angry";
break;
default:
$this->class = "settings-message";
break;
}
}
public function getClass() {
return $this->class;
}
public function getMessage() {
return $this->message;
}
}
/**
* Gets the settings form the database.
* @return mixed Setting as an array.
*/
function getSettings() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
@@ -59,40 +96,28 @@ function updateSettings() {
$stmt->execute();
return array (
"type" => "settings-message-happy",
"message" => "Instellingen zijn opgeslagen."
);
return new settingsMessage("happy", "Instellingen zijn opgeslagen.");
}
function updatePassword() {
$user = getPasswordHash();
if (password_verify($_POST["password-old"].strtolower($user["username"]), $user["password"])) {
if (password_verify($_POST["password-old"], $user["password"])) {
if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
if (changePassword($user)) {
return array ("type" => "settings-message-happy",
"message" => "Wachtwoord gewijzigd.");
if (changePassword()) {
return new settingsMessage("happy", "Wachtwoord gewijzigd.");
} else {
return array (
"type" => "settings-message-angry",
"message" => "Er is iets mis gegaan.");
return new settingsMessage("angry", "Er is iets mis gegaan.");
}
} else {
return array (
"type" => "settings-message-angry",
"message" => "Wachtwoorden komen niet oveeen."
);
return new settingsMessage("angry", "Wachtwoorden komen niet oveen.");
}
} else {
return array(
"type" => "settings-message-angry",
"message" => "Oud wachtwoord niet correct."
);
return new settingsMessage("angry", "Oud wachtwoord niet correct.");
}
}
function changePassword($user) {
$stmt =$GLOBALS["db"]->prepare("
function changePassword() {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
@@ -101,9 +126,62 @@ function changePassword($user) {
`userID` = :userID
");
$hashed_password = password_hash($_POST["password-new"].strtolower($user["username"]), PASSWORD_DEFAULT);
$hashed_password = password_hash($_POST["password-new"], PASSWORD_DEFAULT);
$stmt->bindParam(":new_password", $hashed_password);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->rowCount();
}
function changeEmail() {
if ($_POST["email"] == $_POST["email-confirm"]) {
$email = strtolower($_POST["email"]);
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
//check if email exists
if (emailIsAvailableInDatabase($email)) {
if (doChangeEmail($email)) {
return new settingsMessage("happy", "Emailadres is veranderd.");
} else {
return new settingsMessage("angry", "Er is iets mis gegaan.");
}
} else {
return new settingsMessage("angry", "Emailadres bestaat al.");
}
} else {
return new settingsMessage("angry", "Geef een geldig emailadres.");
}
} else {
return new settingsMessage("angry", "Emailadressen komen niet overeen.");
}
}
function emailIsAvailableInDatabase($email) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`email`
FROM
`user`
WHERE
`email` = :email
");
$stmt->bindParam(":email", $email);
$stmt->execute();
return !$stmt->rowCount();
}
function doChangeEmail($email) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`email` = :email
WHERE
`userID` = :userID
");
$stmt->bindParam(":email", $email);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->rowCount();
}

34
website/queries/user.php
View File

@@ -2,8 +2,8 @@
require("connect.php");
function getUserID($db, $username) {
$stmt = $db->prepare("
function getUserID($username) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`userID`
FROM
@@ -17,13 +17,13 @@ function getUserID($db, $username) {
return $stmt->fetch()["userID"];
}
function selectUser($db, $userID) {
$stmt = $db->prepare("
function selectUser($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`,
IFNULL(
`profilepicture`,
'img/notbad.png'
'../img/notbad.jpg'
) AS profilepicture,
`bio`,
`role`,
@@ -42,8 +42,8 @@ function selectUser($db, $userID) {
return $stmt->fetch();
}
function selectAllUserGroups($db, $userID) {
$stmt = $db->prepare("
function selectAllUserGroups($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`group_page`.`groupID`,
`name`,
@@ -65,8 +65,8 @@ function selectAllUserGroups($db, $userID) {
return $stmt;
}
function selectAllUserPosts($db, $userID) {
$stmt = $db->prepare("
function selectAllUserPosts($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`postID`,
`author`,
@@ -87,8 +87,8 @@ function selectAllUserPosts($db, $userID) {
return $stmt;
}
function select20UsersFromN($db, $n) {
return $db->query("
function select20UsersFromN($n) {
return $GLOBALS["db"]->query("
SELECT
`userID`,
`username`,
@@ -104,8 +104,8 @@ function select20UsersFromN($db, $n) {
");
}
function search20UsersFromN($db, $n, $keyword) {
$q = $db->prepare("
function search20UsersFromN($n, $keyword) {
$q = $GLOBALS["db"]->prepare("
SELECT
`userID`,
`username`,
@@ -128,8 +128,8 @@ function search20UsersFromN($db, $n, $keyword) {
return $q;
}
function search20UsersFromNByStatus($db, $n, $keyword, $status) {
$q = $db->prepare("
function search20UsersFromNByStatus($n, $keyword, $status) {
$q = $GLOBALS["db"]->prepare("
SELECT
`userID`,
`username`,
@@ -156,8 +156,8 @@ function search20UsersFromNByStatus($db, $n, $keyword, $status) {
return $q;
}
function changeUserStatusByID($db, $id, $status) {
$q = $db->query("
function changeUserStatusByID($id, $status) {
$q = $GLOBALS["db"]->query("
UPDATE
`user`
SET