Merge branch 'master' into kevin-prototype
This commit is contained in:
K. Nobel
@@ -10,8 +10,9 @@ function selectLimitedFriends($userID, $limit) {
|
||||
$stmt = prepareQuery("
|
||||
SELECT
|
||||
`userID`,
|
||||
LEFT(`username`, 12) as `usernameshort`,
|
||||
`username`,
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `fullname`,
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 12) as `fullname`,
|
||||
IFNULL(
|
||||
`profilepicture`,
|
||||
'../img/avatar-standard.png'
|
||||
@@ -50,8 +51,9 @@ function selectAllFriends($userID) {
|
||||
$stmt = prepareQuery("
|
||||
SELECT
|
||||
`userID`,
|
||||
LEFT(`username`, 12) as `usernameshort`,
|
||||
`username`,
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `fullname`,
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 12) as `fullname`,
|
||||
IFNULL(
|
||||
`profilepicture`,
|
||||
'../img/avatar-standard.png'
|
||||
@@ -85,8 +87,9 @@ function selectAllFriendRequests() {
|
||||
$stmt = prepareQuery("
|
||||
SELECT
|
||||
`userID`,
|
||||
LEFT(`username`, 12) as `usernameshort`,
|
||||
`username`,
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `fullname`,
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 12) as `fullname`,
|
||||
IFNULL(
|
||||
`profilepicture`,
|
||||
'../img/avatar-standard.png'
|
||||
@@ -235,8 +238,9 @@ function searchSomeFriends($n, $m, $search) {
|
||||
$stmt = prepareQuery("
|
||||
SELECT
|
||||
`userID`,
|
||||
LEFT(`username`, 12) as `usernameshort`,
|
||||
`username`,
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `fullname`,
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 12) as `fullname`,
|
||||
IFNULL(
|
||||
`profilepicture`,
|
||||
'../img/avatar-standard.png'
|
||||
@@ -275,4 +279,35 @@ function searchSomeFriends($n, $m, $search) {
|
||||
$stmt->bindParam(':m', $m, PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
return json_encode($stmt->fetchAll());
|
||||
}
|
||||
|
||||
function countSomeFriends($search) {
|
||||
$stmt = prepareQuery("
|
||||
SELECT
|
||||
COUNT(*)
|
||||
FROM
|
||||
`user`
|
||||
INNER JOIN
|
||||
`friendship`
|
||||
WHERE
|
||||
((`friendship`.`user1ID` = :userID AND
|
||||
`friendship`.`user2ID` = `user`.`userID` OR
|
||||
`friendship`.`user2ID` = :userID AND
|
||||
`friendship`.`user1ID` = `user`.`userID`) AND
|
||||
`user`.`role` != 'banned' AND
|
||||
`friendship`.`status` = 'confirmed') AND
|
||||
(`username` LIKE :keyword OR
|
||||
`fname` LIKE :keyword OR
|
||||
`lname` LIKE :keyword)
|
||||
ORDER BY
|
||||
`fname`,
|
||||
`lname`,
|
||||
`username`
|
||||
");
|
||||
|
||||
$search = "%$search%";
|
||||
$stmt->bindParam(':keyword', $search);
|
||||
$stmt->bindParam(':userID', $_SESSION["userID"], PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
return $stmt->fetchColumn();
|
||||
}
|
||||
@@ -55,6 +55,29 @@ function searchSomeOwnGroups($n, $m, $search) {
|
||||
return json_encode($stmt->fetchAll());
|
||||
}
|
||||
|
||||
function countSomeOwnGroups($search) {
|
||||
$stmt = prepareQuery("
|
||||
SELECT
|
||||
COUNT(*)
|
||||
FROM
|
||||
`group_page`
|
||||
INNER JOIN
|
||||
`group_member`
|
||||
WHERE
|
||||
`group_member`.`userID` = :userID AND
|
||||
`group_member`.`groupID` = `group_page`.`groupID` AND
|
||||
`group_page`.`status` != 'hidden' AND
|
||||
`name` LIKE :keyword
|
||||
");
|
||||
|
||||
$search = "%$search%";
|
||||
$stmt->bindParam(':keyword', $search);
|
||||
$stmt->bindParam(':userID', $_SESSION["userID"], PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
|
||||
return $stmt->fetchColumn();
|
||||
}
|
||||
|
||||
function addMember($groupID, $userID, $role) {
|
||||
$stmt = prepareQuery("
|
||||
INSERT INTO
|
||||
|
||||
@@ -196,7 +196,9 @@ function search20GroupsFromNByStatus($n, $keyword, $status) {
|
||||
return $q;
|
||||
}
|
||||
|
||||
function searchSomeGroupsByStatus($n, $m, $keyword, $status) {
|
||||
function searchSomeGroupsByStatus($n, $m, $search, $status) {
|
||||
// parentheses not needed in where clause, for clarity as
|
||||
// role search should override status filter.
|
||||
$q = prepareQuery("
|
||||
SELECT
|
||||
`groupID`,
|
||||
@@ -206,16 +208,18 @@ function searchSomeGroupsByStatus($n, $m, $keyword, $status) {
|
||||
FROM
|
||||
`group_page`
|
||||
WHERE
|
||||
`name` LIKE :keyword AND
|
||||
FIND_IN_SET (`status`, :statuses)
|
||||
(`name` LIKE :keyword AND
|
||||
FIND_IN_SET (`status`, :statuses)) OR
|
||||
`status` = :search
|
||||
ORDER BY
|
||||
`name`
|
||||
LIMIT
|
||||
:n, :m
|
||||
");
|
||||
|
||||
$keyword = "%$keyword%";
|
||||
$keyword = "%$search%";
|
||||
$q->bindParam(':keyword', $keyword);
|
||||
$q->bindParam(':search', $search);
|
||||
$q->bindParam(':n', $n, PDO::PARAM_INT);
|
||||
$q->bindParam(':m', $m, PDO::PARAM_INT);
|
||||
$statuses = implode(',', $status);
|
||||
@@ -224,21 +228,23 @@ function searchSomeGroupsByStatus($n, $m, $keyword, $status) {
|
||||
return $q;
|
||||
}
|
||||
|
||||
function countSomeGroupsByStatus($keyword, $status) {
|
||||
function countSomeGroupsByStatus($search, $status) {
|
||||
$q = prepareQuery("
|
||||
SELECT
|
||||
COUNT(*)
|
||||
FROM
|
||||
`group_page`
|
||||
WHERE
|
||||
`name` LIKE :keyword AND
|
||||
FIND_IN_SET (`status`, :statuses)
|
||||
(`name` LIKE :keyword AND
|
||||
FIND_IN_SET (`status`, :statuses)) OR
|
||||
`status` = :search
|
||||
ORDER BY
|
||||
`name`
|
||||
");
|
||||
|
||||
$keyword = "%$keyword%";
|
||||
$keyword = "%$search%";
|
||||
$q->bindParam(':keyword', $keyword);
|
||||
$q->bindParam(':search', $search);
|
||||
$statuses = implode(',', $status);
|
||||
$q->bindParam(':statuses', $statuses);
|
||||
$q->execute();
|
||||
|
||||
@@ -243,3 +243,56 @@ function deleteNietSlecht(int $postID, int $userID) {
|
||||
$stmt->execute();
|
||||
return $stmt->rowCount();
|
||||
}
|
||||
|
||||
function deletePost(int $postID, int $userID) {
|
||||
if (checkPermissionOnPost($postID, $userID)) {
|
||||
$stmt = prepareQuery("
|
||||
DELETE FROM
|
||||
`post`
|
||||
WHERE
|
||||
`postID` = :postID
|
||||
");
|
||||
$stmt->bindParam(":postID", $postID);
|
||||
$stmt->execute();
|
||||
}
|
||||
}
|
||||
|
||||
function checkPermissionOnPost(int $postID, int $userID) : bool {
|
||||
$getGroupID = prepareQuery("
|
||||
SELECT
|
||||
`author`,
|
||||
`groupID`
|
||||
FROM
|
||||
`post`
|
||||
WHERE
|
||||
`postID` = :postID
|
||||
");
|
||||
$getGroupID->bindParam(":postID", $postID);
|
||||
$getGroupID->execute();
|
||||
$postinfo = $getGroupID->fetch();
|
||||
|
||||
if ($postinfo["groupID"] == null) {
|
||||
// User post
|
||||
return ($userID == $postinfo["author"]);
|
||||
} else {
|
||||
// Group post
|
||||
$roleInGroup = getRoleInGroup($userID, $postinfo["groupID"]);
|
||||
return ($roleInGroup == "mod" or $roleInGroup == "admin");
|
||||
}
|
||||
}
|
||||
|
||||
function getRoleInGroup(int $userID, int $groupID) {
|
||||
$stmt = prepareQuery("
|
||||
SELECT
|
||||
`role`
|
||||
FROM
|
||||
`group_member`
|
||||
WHERE
|
||||
`userID` = :userID AND
|
||||
`groupID` = :groupID
|
||||
");
|
||||
$stmt->bindParam(":userID", $userID);
|
||||
$stmt->bindParam(":groupID", $groupID);
|
||||
$stmt->execute();
|
||||
return $stmt->fetch()["role"];
|
||||
}
|
||||
|
||||
@@ -95,7 +95,7 @@ function getNewChatMessages($lastID, $destination) {
|
||||
function selectAllUnreadChat() {
|
||||
$stmt = prepareQuery("
|
||||
SELECT
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) AS `fullname`,
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 12) as `fullname`,
|
||||
`user`.`userID`,
|
||||
IFNULL(
|
||||
`profilepicture`,
|
||||
|
||||
@@ -18,7 +18,8 @@ function getSettings() {
|
||||
`bio`,
|
||||
`profilepicture`,
|
||||
`showBday`,
|
||||
`showEmail`
|
||||
`showEmail`,
|
||||
`showProfile`
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
@@ -64,7 +65,8 @@ function updateSettings() {
|
||||
`birthdate` = :bday,
|
||||
`bio` = :bio,
|
||||
`showEmail` = :showEmail,
|
||||
`showBday` = :showBday
|
||||
`showBday` = :showBday,
|
||||
`showProfile` = :showProfile
|
||||
WHERE
|
||||
`userID` = :userID
|
||||
");
|
||||
@@ -79,6 +81,7 @@ function updateSettings() {
|
||||
$stmt->bindValue(":bio", test_input($_POST["bio"]));
|
||||
$stmt->bindValue(":showEmail", (array_key_exists("showEmail", $_POST) ? "1" : "0"));
|
||||
$stmt->bindValue(":showBday", (array_key_exists("showBday", $_POST) ? "1" : "0"));
|
||||
$stmt->bindValue(":showProfile", (array_key_exists("showProfile", $_POST) ? "1" : "0"));
|
||||
|
||||
$stmt->bindValue(":userID", $_SESSION["userID"]);
|
||||
$stmt->execute();
|
||||
|
||||
@@ -52,6 +52,10 @@ function selectUser($me, $other) {
|
||||
`username`,
|
||||
`birthdate`,
|
||||
`location`,
|
||||
`showBday`,
|
||||
`showEmail`,
|
||||
`showProfile`,
|
||||
`email`,
|
||||
IFNULL(
|
||||
`profilepicture`,
|
||||
'../img/avatar-standard.png'
|
||||
@@ -209,7 +213,9 @@ function search20UsersFromNByStatus($n, $keyword, $status) {
|
||||
return $q;
|
||||
}
|
||||
|
||||
function searchSomeUsersByStatus($n, $m, $keyword, $status) {
|
||||
function searchSomeUsersByStatus($n, $m, $search, $status) {
|
||||
// parentheses not needed in where clause, for clarity as
|
||||
// role search should override status filter.
|
||||
$q = prepareQuery("
|
||||
SELECT
|
||||
`userID`,
|
||||
@@ -223,8 +229,9 @@ function searchSomeUsersByStatus($n, $m, $keyword, $status) {
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
`username` LIKE :keyword AND
|
||||
FIND_IN_SET (`role`, :statuses)
|
||||
(`username` LIKE :keyword AND
|
||||
FIND_IN_SET (`role`, :statuses)) OR
|
||||
`role` = :search
|
||||
ORDER BY
|
||||
`role`,
|
||||
`username`
|
||||
@@ -232,8 +239,9 @@ function searchSomeUsersByStatus($n, $m, $keyword, $status) {
|
||||
:n, :m
|
||||
");
|
||||
|
||||
$keyword = "%$keyword%";
|
||||
$keyword = "%$search%";
|
||||
$q->bindParam(':keyword', $keyword);
|
||||
$q->bindParam(':search', $search);
|
||||
$q->bindParam(':n', $n, PDO::PARAM_INT);
|
||||
$q->bindParam(':m', $m, PDO::PARAM_INT);
|
||||
$statuses = implode(',', $status);
|
||||
@@ -242,22 +250,24 @@ function searchSomeUsersByStatus($n, $m, $keyword, $status) {
|
||||
return $q;
|
||||
}
|
||||
|
||||
function countSomeUsersByStatus($keyword, $status) {
|
||||
function countSomeUsersByStatus($search, $status) {
|
||||
$q = prepareQuery("
|
||||
SELECT
|
||||
COUNT(*)
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
`username` LIKE :keyword AND
|
||||
FIND_IN_SET (`role`, :statuses)
|
||||
(`username` LIKE :keyword AND
|
||||
FIND_IN_SET (`role`, :statuses)) OR
|
||||
`role` = :search
|
||||
ORDER BY
|
||||
`role`,
|
||||
`username`
|
||||
");
|
||||
|
||||
$keyword = "%$keyword%";
|
||||
$keyword = "%$search%";
|
||||
$q->bindParam(':keyword', $keyword);
|
||||
$q->bindParam(':search', $search);
|
||||
$statuses = implode(',', $status);
|
||||
$q->bindParam(':statuses', $statuses);
|
||||
$q->execute();
|
||||
@@ -349,12 +359,13 @@ function searchSomeUsers($n, $m, $search) {
|
||||
$stmt = prepareQuery("
|
||||
SELECT
|
||||
`userID`,
|
||||
LEFT(`username`, 12) as `usernameshort`,
|
||||
`username`,
|
||||
IFNULL(
|
||||
`profilepicture`,
|
||||
'../img/avatar-standard.png'
|
||||
) AS profilepicture,
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `fullname`,
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 12) as `fullname`,
|
||||
CASE `lastactivity` >= DATE_SUB(NOW(),INTERVAL 15 MINUTE)
|
||||
WHEN TRUE THEN 'online'
|
||||
WHEN FALSE THEN 'offline'
|
||||
|
||||
Reference in New Issue
Block a user