From c4d78e54bc719f42c4f1e25329bb288bf9524cf1 Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Thu, 19 Jan 2017 11:08:45 +0100
Subject: [PATCH 01/24] fixed form with get, fix accompanying css

---
 website/public/styles/adminpanel.css |  8 +++---
 website/views/adminpanel.php         | 42 +++++++++++++---------------
 2 files changed, 23 insertions(+), 27 deletions(-)

diff --git a/website/public/styles/adminpanel.css b/website/public/styles/adminpanel.css
index d5b740e..e684714 100644
--- a/website/public/styles/adminpanel.css
+++ b/website/public/styles/adminpanel.css
@@ -22,6 +22,10 @@
     box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
 }
 
+.admin-searchform {
+    display: inline-block;
+}
+
 .admin-searchbar {
     display: inline-block;
     margin: 10px;
@@ -44,10 +48,6 @@
     width: 120px;
 }
 
-.admin-groupfilter {
-    display: none;
-}
-
 .admin-users {
     margin: 10px;
 }
diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php
index 5a3ba97..ea9cea6 100644
--- a/website/views/adminpanel.php
+++ b/website/views/adminpanel.php
@@ -43,23 +43,24 @@ $listnr = 0; // TODO: add page functionality
 $status = $groupstatus = array();
 $pagetype = "user";
 
+if (!empty($_GET["search"])) {
+    $search = test_input($_GET["search"]);
+}
+
+if (!empty($_GET["pagetype"])) {
+    $pagetype = test_input($_GET["pagetype"]);
+}
+
+if (!empty($_GET["status"])) {
+    $status = $_GET["status"];
+}
+
+if (!empty($_GET["groupstatus"])) {
+    $groupstatus = $_GET["groupstatus"];
+}
+
+
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
-    if (!empty($_POST["search"])) {
-        $search = test_input($_POST["search"]);
-    }
-
-    if (!empty($_POST["pagetype"])) {
-        $pagetype = test_input($_POST["pagetype"]);
-    }
-
-    if (!empty($_POST["status"])) {
-        $status = $_POST["status"];
-    }
-
-    if (!empty($_POST["groupstatus"])) {
-        $groupstatus = $_POST["groupstatus"];
-    }
-
     if (!empty($_POST["actions"]) && !empty($_POST["userID"])) {
         changeUserStatusByID($db, $_POST["userID"], $_POST["actions"]);
     } elseif (!empty($_POST["actions"]) && !empty($_POST["groupID"])) {
@@ -81,13 +82,10 @@ function test_input($data) {
         <div class="admin-title">
             <h1>User Management Panel</h1>
         </div> <br>
-        <form class="admin-actionform"
-              action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
-              method="post">
         <div class="admin-options">
             <form class="admin-searchform"
                   action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
-                  method="post">
+                  method="get">
                 <div class="admin-searchbar">
                     <h2>Search</h2>
                     <input type="text"
@@ -190,7 +188,7 @@ function test_input($data) {
                             $username = $user['username'];
                             $role = $user['role'];
                             $bancomment = $user['bancomment'];
-                            $thispage = htmlspecialchars($_SERVER['PHP_SELF']);
+                            $thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
 
                             echo("
                             <tr>
@@ -256,9 +254,7 @@ function test_input($data) {
                     ?>
                 </table>
             </div>
-        </form>
         <pre>
-            <?php print_r($_POST); ?>
         </pre>
     </div>
 </div>

From 4c9223cba2b2f7bb835d64e3b1dd5078d22267a8 Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Thu, 19 Jan 2017 12:57:10 +0100
Subject: [PATCH 02/24] add user and group batch change

---
 website/public/styles/adminpanel.css |  2 +-
 website/queries/group_page.php       | 16 ++++++
 website/queries/user.php             | 16 ++++++
 website/views/adminpanel.php         | 80 +++++++++++++++++++++-------
 4 files changed, 94 insertions(+), 20 deletions(-)

diff --git a/website/public/styles/adminpanel.css b/website/public/styles/adminpanel.css
index e684714..85921b7 100644
--- a/website/public/styles/adminpanel.css
+++ b/website/public/styles/adminpanel.css
@@ -13,7 +13,7 @@
     height: auto;
 }
 
-.admin-actions {
+.admin-batchactions, .admin-groupbatchactions {
     display: inline-block;
     padding: 8px;
     vertical-align: top;
diff --git a/website/queries/group_page.php b/website/queries/group_page.php
index c6db01b..e0c8f17 100644
--- a/website/queries/group_page.php
+++ b/website/queries/group_page.php
@@ -94,6 +94,22 @@ function changeGroupStatusByID($db, $id, $status) {
 }
 
 
+function changeMultipleGroupStatusByID($db, $ids, $status) {
+    $q = $db->prepare("
+    UPDATE
+        `group_page`
+    SET
+        `status` = :status
+    WHERE
+        FIND_IN_SET (`groupID`, :ids)
+    ");
+
+    $ids = implode(',', $ids);
+    $q->bindParam(':ids', $ids);
+    $q->bindParam(':status', $status);
+    $q->execute();
+    return $q;
+}
 
 
 ?>
diff --git a/website/queries/user.php b/website/queries/user.php
index bfd9579..d0d81bd 100644
--- a/website/queries/user.php
+++ b/website/queries/user.php
@@ -82,5 +82,21 @@ function changeUserStatusByID($db, $id, $status) {
     return $q;
 }
 
+function changeMultipleUserStatusByID($db, $ids, $status) {
+    $q = $db->prepare("
+    UPDATE
+        `user`
+    SET
+        `role` = :status
+    WHERE
+        FIND_IN_SET (`userID`, :ids)
+    ");
+
+    $ids = implode(',', $ids);
+    $q->bindParam(':ids', $ids);
+    $q->bindParam(':status', $status);
+    $q->execute();
+    return $q;
+}
 
 ?>
diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php
index ea9cea6..8b0990c 100644
--- a/website/views/adminpanel.php
+++ b/website/views/adminpanel.php
@@ -9,7 +9,7 @@
     };
 
     function checkAll(allbox) {
-        var checkboxes = document.getElementsByName('checkbox-user[]');
+        var checkboxes = document.getElementsByClassName('checkbox-list');
 
         for (var i = 0; i < checkboxes.length; i++) {
             if (checkboxes[i].type == 'checkbox') {
@@ -22,9 +22,15 @@
         if (document.getElementById('group').checked) {
             document.getElementById('admin-filter').style.display = 'none';
             document.getElementById('admin-groupfilter').style.display = 'inline-block';
+
+            document.getElementById('admin-batchactions').style.display = 'none';
+            document.getElementById('admin-groupbatchactions').style.display = 'inline-block';
         } else {
             document.getElementById('admin-filter').style.display = 'inline-block';
             document.getElementById('admin-groupfilter').style.display = 'none';
+
+            document.getElementById('admin-batchactions').style.display = 'inline-block';
+            document.getElementById('admin-groupbatchactions').style.display = 'none';
         }
     }
 
@@ -43,30 +49,40 @@ $listnr = 0; // TODO: add page functionality
 $status = $groupstatus = array();
 $pagetype = "user";
 
-if (!empty($_GET["search"])) {
+if (isset($_GET["search"])) {
     $search = test_input($_GET["search"]);
 }
 
-if (!empty($_GET["pagetype"])) {
+if (isset($_GET["pagetype"])) {
     $pagetype = test_input($_GET["pagetype"]);
 }
 
-if (!empty($_GET["status"])) {
+if (isset($_GET["status"])) {
     $status = $_GET["status"];
 }
 
-if (!empty($_GET["groupstatus"])) {
+if (isset($_GET["groupstatus"])) {
     $groupstatus = $_GET["groupstatus"];
 }
 
 
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
-    if (!empty($_POST["actions"]) && !empty($_POST["userID"])) {
+    if (isset($_POST["actions"]) && isset($_POST["userID"])) {
         changeUserStatusByID($db, $_POST["userID"], $_POST["actions"]);
-    } elseif (!empty($_POST["actions"]) && !empty($_POST["groupID"])) {
+    }
+
+    if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
         changeGroupStatusByID($db, $_POST["groupID"], $_POST["actions"]);
     }
 
+    if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
+        changeMultipleUserStatusByID($db, $_POST["checkbox-user"], $_POST["batchactions"]);
+    }
+
+    if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
+        changeMultipleGroupStatusByID($db, $_POST["checkbox-group"], $_POST["groupbatchactions"]);
+    }
+
 }
 
 function test_input($data) {
@@ -145,15 +161,36 @@ function test_input($data) {
                 </div>
             </form>
 
-                <div class="admin-actions">
+                <div class="admin-batchactions" id="admin-batchactions">
                     <h2>Batch Actions: </h2>
-                    <input type="radio" name="actions" id="freeze" value="freeze">
-                    <label for="freeze">Freeze</label><br>
-                    <input type="radio" name="actions" id="ban" value="ban">
-                    <label for="ban">Ban</label><br>
-                    <input type="radio" name="actions" id="restore" value="restore">
-                    <label for="restore">Restore</label><br><br>
-                    <input type="submit" value="Confirm">
+                    <form class="admin-batchform"
+                          id="admin-batchform"
+                          action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
+                          method="post">
+                        <input type="radio" name="batchactions" id="freeze" value="2">
+                        <label for="freeze">Freeze</label><br>
+                        <input type="radio" name="batchactions" id="ban" value="3">
+                        <label for="ban">Ban</label><br>
+                        <input type="radio" name="batchactions" id="restore" value="1">
+                        <label for="restore">Restore</label><br><br>
+                        <input type="submit" value="Confirm">
+                    </form>
+                </div>
+
+                <div class="admin-groupbatchactions" id="admin-groupbatchactions">
+                    <h2>Batch Actions: </h2>
+                    <form class="admin-groupbatchform"
+                          id="admin-groupbatchform"
+                          action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
+                          method="post">
+                        <input type="radio" name="groupbatchactions" id="hide" value="0">
+                        <label for="hide">Hide</label><br>
+                        <input type="radio" name="groupbatchactions" id="public" value="1">
+                        <label for="public">Public</label><br>
+                        <input type="radio" name="groupbatchactions" id="membersonly" value="2">
+                        <label for="membersonly">Member</label><br><br>
+                        <input type="submit" value="Confirm">
+                    </form>
                 </div>
             </div>
             <br>
@@ -194,7 +231,9 @@ function test_input($data) {
                             <tr>
                             <td><input type='checkbox'
                             name='checkbox-user[]'
-                            value='$userID'>
+                            class='checkbox-list'
+                            value='$userID'
+                            form='admin-batchform'>
                             </td>
                             <td>$username</td>
                             <td>$role</td>
@@ -223,13 +262,15 @@ function test_input($data) {
                             $name = $group['name'];
                             $role = $group['status'];
                             $description = $group['description'];
-                            $thispage = htmlspecialchars($_SERVER['PHP_SELF']);
+                            $thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
 
                             echo("
                             <tr>
                             <td><input type='checkbox'
                             name='checkbox-group[]'
-                            value='$groupID'>
+                            class='checkbox-list'
+                            value='$groupID'
+                            form='admin-groupbatchform'>
                             </td>
                             <td>$name</td>
                             <td>$role</td>
@@ -241,7 +282,7 @@ function test_input($data) {
                             <select class='action' name='actions'>
                             <option value='0'>Hide</option>
                             <option value='1'>Public</option>
-                            <option value='2'>Members-only</option>
+                            <option value='2'>Members</option>
                             </select>
                             <input type='hidden' name='groupID' value='$groupID'>
                             <input type='submit' value='Confirm'>
@@ -255,6 +296,7 @@ function test_input($data) {
                 </table>
             </div>
         <pre>
+            <?php print_r($_POST); ?>
         </pre>
     </div>
 </div>

From 1640d38baac03a31d8272461a96b287ba17655ca Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Thu, 19 Jan 2017 16:29:38 +0100
Subject: [PATCH 03/24] add user page functionality

---
 website/queries/user.php     | 51 ++++++++++++++++++++++++++++
 website/views/adminpanel.php | 65 +++++++++++++++++++++++++++++++-----
 2 files changed, 107 insertions(+), 9 deletions(-)

diff --git a/website/queries/user.php b/website/queries/user.php
index d0d81bd..9b05511 100644
--- a/website/queries/user.php
+++ b/website/queries/user.php
@@ -69,6 +69,57 @@ function search20UsersFromNByStatus($db, $n, $keyword, $status) {
     return $q;
 }
 
+function searchSomeUsersByStatus($db, $n, $m, $keyword, $status) {
+    $q = $db->prepare("
+    SELECT
+        `userID`,
+        `username`,
+        `role`,
+        `bancomment`
+    FROM
+        `user`
+    WHERE
+        `username` LIKE :keyword AND
+        FIND_IN_SET (`role`, :statuses)
+    ORDER BY
+        `role`,
+        `username`
+    LIMIT
+        :n, :m
+    ");
+
+    $keyword = "%$keyword%";
+    $q->bindParam(':keyword', $keyword);
+    $q->bindParam(':n', $n, PDO::PARAM_INT);
+    $q->bindParam(':m', $m, PDO::PARAM_INT);
+    $statuses = implode(',', $status);
+    $q->bindParam(':statuses', $statuses);
+    $q->execute();
+    return $q;
+}
+
+function countSomeUsersByStatus($db, $keyword, $status) {
+    $q = $db->prepare("
+    SELECT
+        COUNT(*)
+    FROM
+        `user`
+    WHERE
+        `username` LIKE :keyword AND
+        FIND_IN_SET (`role`, :statuses)
+    ORDER BY
+        `role`,
+        `username`
+    ");
+
+    $keyword = "%$keyword%";
+    $q->bindParam(':keyword', $keyword);
+    $statuses = implode(',', $status);
+    $q->bindParam(':statuses', $statuses);
+    $q->execute();
+    return $q;
+}
+
 function changeUserStatusByID($db, $id, $status) {
     $q = $db->query("
     UPDATE
diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php
index 8b0990c..637bf56 100644
--- a/website/views/adminpanel.php
+++ b/website/views/adminpanel.php
@@ -18,6 +18,23 @@
         }
     }
 
+    function checkCheckAll(allbox) {
+        var checkboxes = document.getElementsByClassName('checkbox-list');
+        var checked = true;
+
+        for (var i = 0; i < checkboxes.length; i++) {
+            if (checkboxes[i].type == 'checkbox') {
+                if (checkboxes[i].checked == false) {
+                    checked = false;
+                    break;
+                }
+            }
+        }
+
+        document.write(checked);
+        allbox.checked = checked;
+    }
+
     function changeFilter() {
         if (document.getElementById('group').checked) {
             document.getElementById('admin-filter').style.display = 'none';
@@ -45,7 +62,10 @@
 <!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
 <?php
 $search = "";
-$listnr = 0; // TODO: add page functionality
+$listn = 0; // TODO: add page functionality
+$listm = 20;
+$currentpage = 1;
+$perpage = 20;
 $status = $groupstatus = array();
 $pagetype = "user";
 
@@ -83,6 +103,10 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
         changeMultipleGroupStatusByID($db, $_POST["checkbox-group"], $_POST["groupbatchactions"]);
     }
 
+    if (isset($_POST["pageselect"])) {
+        $currentpage = $_POST["pageselect"];
+    }
+
 }
 
 function test_input($data) {
@@ -199,15 +223,37 @@ function test_input($data) {
                 <h2 class="usertitle">Users:</h2>
 
                 <div class="admin-userpage">
+                    <p class="pagenumber">Showing results
+                    <?php $pages = countSomeUsersByStatus($db, $search, $status);
+                    $countresults = $pages->fetchColumn();
+                    $mincount = min($listm, $countresults);
+                    echo "$listn to $mincount out of $countresults"; ?></p><br>
                     <input type="submit" name="prev" value="prev">
-                    1 / 1
+                    <form class="admin-pageselector"
+                          action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
+                          method="post">
+                          <select class="admin-pageselect"
+                                  name="pageselect"
+                                  onchange="this.form.submit()"
+                                  value="">
+                              <?php
+                              for ($i=1; $i <= $countresults / $perpage + 1; $i++) {
+                                  if ($currentpage == $i) {
+                                      echo "<option value='$i' selected>$i</option>";
+                                  } else {
+                                      echo "<option value='$i'>$i</option>";
+                                  }
+                              }
+                              ?>
+                          </select>
+                    </form>
                     <input type="submit" name="next" value="next">
                 </div> <br>
 
                 <table class="usertable">
                     <tr>
                         <th class="table-checkbox">
-                            <input type="checkbox" name="checkall" onchange="checkAll(this)">
+                            <input type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)">
                         </th>
                         <th class="table-username">User</th>
                         <th class="table-status">Status</th>
@@ -217,8 +263,11 @@ function test_input($data) {
 
                     <!-- Table construction via php PDO. -->
                     <?php
+                    $listn = ($currentpage-1) * 20;
+                    $listm = $currentpage * 20;
+
                     if ($pagetype == 'user') {
-                        $q = search20UsersFromNByStatus($db, $listnr, $search, $status);
+                        $q = searchSomeUsersByStatus($db, $listn, $listm, $search, $status);
 
                         while($user = $q->fetch(PDO::FETCH_ASSOC)) {
                             $userID = $user['userID'];
@@ -233,7 +282,8 @@ function test_input($data) {
                             name='checkbox-user[]'
                             class='checkbox-list'
                             value='$userID'
-                            form='admin-batchform'>
+                            form='admin-batchform'
+                            onchange='checkCheckAll(document.getElementById('checkall'))'>
                             </td>
                             <td>$username</td>
                             <td>$role</td>
@@ -255,7 +305,7 @@ function test_input($data) {
                             ");
                         }
                     } else {
-                        $q = search20GroupsFromNByStatus($db, $listnr, $search, $groupstatus);
+                        $q = search20GroupsFromNByStatus($db, $listn, $search, $groupstatus);
 
                         while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
                             $groupID = $group['groupID'];
@@ -295,9 +345,6 @@ function test_input($data) {
                     ?>
                 </table>
             </div>
-        <pre>
-            <?php print_r($_POST); ?>
-        </pre>
     </div>
 </div>
 </body>

From e0d02d283de79c8238bed1951af6eeb2a563a2ad Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Thu, 19 Jan 2017 16:42:45 +0100
Subject: [PATCH 04/24] add page functionality for groups

---
 website/queries/group_page.php | 49 ++++++++++++++++++++++++++++++++++
 website/views/adminpanel.php   | 20 +++++++++-----
 2 files changed, 62 insertions(+), 7 deletions(-)

diff --git a/website/queries/group_page.php b/website/queries/group_page.php
index e0c8f17..64a048a 100644
--- a/website/queries/group_page.php
+++ b/website/queries/group_page.php
@@ -80,6 +80,55 @@ function search20GroupsFromNByStatus($db, $n, $keyword, $status) {
     return $q;
 }
 
+function searchSomeGroupsByStatus($db, $n, $m, $keyword, $status) {
+    $q = $db->prepare("
+    SELECT
+        `groupID`,
+        `name`,
+        `status`,
+        `description`
+    FROM
+        `group_page`
+    WHERE
+        `name` LIKE :keyword AND
+        FIND_IN_SET (`status`, :statuses)
+    ORDER BY
+        `name`
+    LIMIT
+        :n, :m
+    ");
+
+    $keyword = "%$keyword%";
+    $q->bindParam(':keyword', $keyword);
+    $q->bindParam(':n', $n, PDO::PARAM_INT);
+    $q->bindParam(':m', $m, PDO::PARAM_INT);
+    $statuses = implode(',', $status);
+    $q->bindParam(':statuses', $statuses);
+    $q->execute();
+    return $q;
+}
+
+function countSomeGroupsByStatus($db, $keyword, $status) {
+    $q = $db->prepare("
+    SELECT
+        COUNT(*)
+    FROM
+        `group_page`
+    WHERE
+        `name` LIKE :keyword AND
+        FIND_IN_SET (`status`, :statuses)
+    ORDER BY
+        `name`
+    ");
+
+    $keyword = "%$keyword%";
+    $q->bindParam(':keyword', $keyword);
+    $statuses = implode(',', $status);
+    $q->bindParam(':statuses', $statuses);
+    $q->execute();
+    return $q;
+}
+
 function changeGroupStatusByID($db, $id, $status) {
     $q = $db->query("
     UPDATE
diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php
index 637bf56..925a681 100644
--- a/website/views/adminpanel.php
+++ b/website/views/adminpanel.php
@@ -62,8 +62,6 @@
 <!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
 <?php
 $search = "";
-$listn = 0; // TODO: add page functionality
-$listm = 20;
 $currentpage = 1;
 $perpage = 20;
 $status = $groupstatus = array();
@@ -109,6 +107,9 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 
 }
 
+$listn = ($currentpage-1) * $perpage;
+$listm = $currentpage * $perpage;
+
 function test_input($data) {
   $data = trim($data);
   $data = stripslashes($data);
@@ -224,7 +225,12 @@ function test_input($data) {
 
                 <div class="admin-userpage">
                     <p class="pagenumber">Showing results
-                    <?php $pages = countSomeUsersByStatus($db, $search, $status);
+                    <?php
+                    if ($pagetype == "user") {
+                        $pages = countSomeUsersByStatus($db, $search, $status);
+                    } else {
+                        $pages = countSomeGroupsByStatus($db, $search, $status);
+                    }
                     $countresults = $pages->fetchColumn();
                     $mincount = min($listm, $countresults);
                     echo "$listn to $mincount out of $countresults"; ?></p><br>
@@ -237,7 +243,7 @@ function test_input($data) {
                                   onchange="this.form.submit()"
                                   value="">
                               <?php
-                              for ($i=1; $i <= $countresults / $perpage + 1; $i++) {
+                              for ($i=1; $i <= ceil($countresults / $perpage); $i++) {
                                   if ($currentpage == $i) {
                                       echo "<option value='$i' selected>$i</option>";
                                   } else {
@@ -263,8 +269,8 @@ function test_input($data) {
 
                     <!-- Table construction via php PDO. -->
                     <?php
-                    $listn = ($currentpage-1) * 20;
-                    $listm = $currentpage * 20;
+                    $listn = ($currentpage-1) * $perpage;
+                    $listm = $currentpage * $perpage;
 
                     if ($pagetype == 'user') {
                         $q = searchSomeUsersByStatus($db, $listn, $listm, $search, $status);
@@ -305,7 +311,7 @@ function test_input($data) {
                             ");
                         }
                     } else {
-                        $q = search20GroupsFromNByStatus($db, $listn, $search, $groupstatus);
+                        $q = searchSomeGroupsByStatus($db, $listn, $listm, $search, $groupstatus);
 
                         while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
                             $groupID = $group['groupID'];

From 3152839dae104cc90a56642de543173bb49d8cc9 Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Fri, 20 Jan 2017 12:06:23 +0100
Subject: [PATCH 05/24] add javascript for userlist tablehead checkall box, fix
 pageselector css

---
 website/public/styles/adminpanel.css | 12 +++--
 website/views/adminpanel.php         | 79 +++++++++++++++-------------
 2 files changed, 52 insertions(+), 39 deletions(-)

diff --git a/website/public/styles/adminpanel.css b/website/public/styles/adminpanel.css
index 85921b7..b226cd3 100644
--- a/website/public/styles/adminpanel.css
+++ b/website/public/styles/adminpanel.css
@@ -52,10 +52,16 @@
     margin: 10px;
 }
 
-.admin-userpage {
-    width: 170px;
-    margin-bottom: 20px;
+.admin-userheading {
+    width: auto;
+    float: left;
+}
+
+.admin-pageui {
+    text-align: right;
     float: right;
+    width: auto;
+    margin-bottom: 20px;
 }
 
 .usertitle {
diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php
index 925a681..52681a4 100644
--- a/website/views/adminpanel.php
+++ b/website/views/adminpanel.php
@@ -30,8 +30,6 @@
                 }
             }
         }
-
-        document.write(checked);
         allbox.checked = checked;
     }
 
@@ -221,39 +219,45 @@ function test_input($data) {
             <br>
 
             <div class="admin-users">
-                <h2 class="usertitle">Users:</h2>
-
-                <div class="admin-userpage">
-                    <p class="pagenumber">Showing results
-                    <?php
-                    if ($pagetype == "user") {
-                        $pages = countSomeUsersByStatus($db, $search, $status);
-                    } else {
-                        $pages = countSomeGroupsByStatus($db, $search, $status);
-                    }
-                    $countresults = $pages->fetchColumn();
-                    $mincount = min($listm, $countresults);
-                    echo "$listn to $mincount out of $countresults"; ?></p><br>
-                    <input type="submit" name="prev" value="prev">
-                    <form class="admin-pageselector"
-                          action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
-                          method="post">
-                          <select class="admin-pageselect"
-                                  name="pageselect"
-                                  onchange="this.form.submit()"
-                                  value="">
-                              <?php
-                              for ($i=1; $i <= ceil($countresults / $perpage); $i++) {
-                                  if ($currentpage == $i) {
-                                      echo "<option value='$i' selected>$i</option>";
-                                  } else {
-                                      echo "<option value='$i'>$i</option>";
+                <div class="admin-usertitle">
+                    <div class="admin-userheading">
+                        <h2>Users:</h2>
+                    </div>
+                    <div class="admin-pageui">
+                        <?php
+                        if ($pagetype == "user") {
+                            $pages = countSomeUsersByStatus($db, $search, $status);
+                        } else {
+                            $pages = countSomeGroupsByStatus($db, $search, $status);
+                        }
+                        $countresults = $pages->fetchColumn();
+                        $mincount = min($listm, $countresults);
+                        $minlist = min($listn + 1, $countresults);
+                        ?>
+                        <p class="pagenumber">Current page:</p>
+                        <form class="admin-pageselector"
+                              action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
+                              method="post">
+                              <select class="admin-pageselect"
+                                      name="pageselect"
+                                      onchange="this.form.submit()"
+                                      value="">
+                                  <?php
+                                  for ($i=1; $i <= ceil($countresults / $perpage); $i++) {
+                                      if ($currentpage == $i) {
+                                          echo "<option value='$i' selected>$i</option>";
+                                      } else {
+                                          echo "<option value='$i'>$i</option>";
+                                      }
                                   }
-                              }
-                              ?>
-                          </select>
-                    </form>
-                    <input type="submit" name="next" value="next">
+                                  ?>
+                              </select>
+                        </form>
+                        <p class="entriesshown">
+                        <?php
+                        echo "Showing results $minlist to $mincount out of $countresults";
+                        ?>
+                    </div>
                 </div> <br>
 
                 <table class="usertable">
@@ -281,6 +285,7 @@ function test_input($data) {
                             $role = $user['role'];
                             $bancomment = $user['bancomment'];
                             $thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
+                            $function = "checkCheckAll(document.getElementById('checkall'))";
 
                             echo("
                             <tr>
@@ -289,7 +294,7 @@ function test_input($data) {
                             class='checkbox-list'
                             value='$userID'
                             form='admin-batchform'
-                            onchange='checkCheckAll(document.getElementById('checkall'))'>
+                            onchange=" . "$function" . ">
                             </td>
                             <td>$username</td>
                             <td>$role</td>
@@ -319,6 +324,7 @@ function test_input($data) {
                             $role = $group['status'];
                             $description = $group['description'];
                             $thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
+                            $function = "checkCheckAll(document.getElementById('checkall'))";
 
                             echo("
                             <tr>
@@ -326,7 +332,8 @@ function test_input($data) {
                             name='checkbox-group[]'
                             class='checkbox-list'
                             value='$groupID'
-                            form='admin-groupbatchform'>
+                            form='admin-groupbatchform'
+                            onchange=" . "$function" . ">
                             </td>
                             <td>$name</td>
                             <td>$role</td>

From daff2f41faf4b0f8b7def9edc294aace9976f068 Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Fri, 20 Jan 2017 12:29:34 +0100
Subject: [PATCH 06/24] minor fix

---
 website/views/adminpanel.php | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php
index 86c674a..52681a4 100644
--- a/website/views/adminpanel.php
+++ b/website/views/adminpanel.php
@@ -99,15 +99,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
         changeMultipleGroupStatusByID($db, $_POST["checkbox-group"], $_POST["groupbatchactions"]);
     }
 
-<<<<<<< HEAD
     if (isset($_POST["pageselect"])) {
         $currentpage = $_POST["pageselect"];
-=======
-    if (!empty($_POST["actions"]) && !empty($_POST["userID"])) {
-        changeUserStatusByID($_POST["userID"], $_POST["actions"]);
-    } elseif (!empty($_POST["actions"]) && !empty($_POST["groupID"])) {
-        changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
->>>>>>> master
     }
 
 }

From eb1fc154015d8477041aee70a05c2561f8983196 Mon Sep 17 00:00:00 2001
From: Joey Lai <joeylai96@hotmail.com>
Date: Fri, 20 Jan 2017 12:32:39 +0100
Subject: [PATCH 07/24] script on right lines

---
 website/public/login.php | 25 ++++++++++++-------------
 1 file changed, 12 insertions(+), 13 deletions(-)

diff --git a/website/public/login.php b/website/public/login.php
index 65babdf..3d37da7 100644
--- a/website/public/login.php
+++ b/website/public/login.php
@@ -7,6 +7,18 @@
     include_once("../queries/checkInput.php")
 ?>
 <body>
+<script>
+function checkLoggedIn() {
+    if (confirm("You are already logged in!\Do you want to logout?\Press ok to logout.") == true) {
+        unset($_SESSION["userID"]);
+        header("Location: login.php");
+    } else {
+        header("location: profile.php");
+    }
+    document.getElementById("demo").innerHTML = x;
+}
+</script>
+
 <?php
     session_start();
 
@@ -48,18 +60,5 @@
 /* This view adds login view */
 include("../views/login-view.php");
 ?>
-
-<script>
-function checkLoggedIn() {
-    if (confirm("You are already logged in!\Do you want to logout?\Press ok to logout.") == true) {
-        unset($_SESSION["userID"]);
-        header("Location: login.php");
-    } else {
-        header("location: profile.php");
-    }
-    document.getElementById("demo").innerHTML = x;
-}
-</script>
-
 </body>
 </html>

From 0f02859124c64c4e0c917a7d2a969718d527baaa Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Fri, 20 Jan 2017 12:58:34 +0100
Subject: [PATCH 08/24] fix queries for global and prepared

---
 website/queries/group_page.php | 43 ++++++++++++++++++++--------------
 website/queries/user.php       | 29 ++++++++++++++---------
 website/views/adminpanel.php   | 16 ++++++-------
 3 files changed, 52 insertions(+), 36 deletions(-)

diff --git a/website/queries/group_page.php b/website/queries/group_page.php
index 44d346c..ef7af07 100644
--- a/website/queries/group_page.php
+++ b/website/queries/group_page.php
@@ -1,7 +1,7 @@
 <?php
 
 function selectGroupById($groupID) {
-    return $GLOBALS["db"]->query("
+    $q = $GLOBALS["db"]->prepare("
     SELECT
         `group_page`.`name`,
         `group_page`.`picture`,
@@ -11,12 +11,16 @@ function selectGroupById($groupID) {
     FROM
         `group_page`
     WHERE
-        `group_page`.`groupID` = $groupID
+        `group_page`.`groupID` = :groupID
     ");
+
+    $q->bindParam(':groupID', $groupID);
+    $q->execute();
+    return $q;
 }
 
 function select20GroupsFromN($n) {
-    return $GLOBALS["db"]->query("
+    $q = $GLOBALS["db"]->prepare("
     SELECT
         `group_page`.`groupID`,
         `group_page`.`name`,
@@ -29,12 +33,16 @@ function select20GroupsFromN($n) {
     ORDER BY
         `group_page`.`name` ASC
     LIMIT
-        $n, 20
+        :n, 20
     ");
+
+    $q->bindParam(':n', $n);
+    $q->execute();
+    return $q;
 }
 
 function select20GroupsByStatusFromN($n, $status) {
-    return $GLOBALS["db"]->query("
+    $q = $GLOBALS["db"]->prepare("
     SELECT
         `group_page`.`groupID`,
         `group_page`.`name`,
@@ -45,12 +53,17 @@ function select20GroupsByStatusFromN($n, $status) {
     FROM
         `group_page`
     WHERE
-    	`group_page`.`status` = $status
+    	`group_page`.`status` = :status
     ORDER BY
         `group_page`.`name` ASC
     LIMIT
-        $n, 20
+        :n, 20
     ");
+
+    $q->bindParam(':status', $status);
+    $q->bindParam(':n', $n);
+    $q->execute();
+    return $q;
 }
 
 function search20GroupsFromNByStatus($n, $keyword, $status) {
@@ -80,8 +93,8 @@ function search20GroupsFromNByStatus($n, $keyword, $status) {
     return $q;
 }
 
-function searchSomeGroupsByStatus($db, $n, $m, $keyword, $status) {
-    $q = $db->prepare("
+function searchSomeGroupsByStatus($n, $m, $keyword, $status) {
+    $q = $GLOBALS['db']->prepare("
     SELECT
         `groupID`,
         `name`,
@@ -108,8 +121,8 @@ function searchSomeGroupsByStatus($db, $n, $m, $keyword, $status) {
     return $q;
 }
 
-function countSomeGroupsByStatus($db, $keyword, $status) {
-    $q = $db->prepare("
+function countSomeGroupsByStatus($keyword, $status) {
+    $q = $GLOBALS['db']->prepare("
     SELECT
         COUNT(*)
     FROM
@@ -141,11 +154,9 @@ function changeGroupStatusByID($id, $status) {
 
     return $q;
 }
-<<<<<<< HEAD
 
-
-function changeMultipleGroupStatusByID($db, $ids, $status) {
-    $q = $db->prepare("
+function changeMultipleGroupStatusByID($ids, $status) {
+    $q = $GLOBALS['db']->prepare("
     UPDATE
         `group_page`
     SET
@@ -163,5 +174,3 @@ function changeMultipleGroupStatusByID($db, $ids, $status) {
 
 
 ?>
-=======
->>>>>>> master
diff --git a/website/queries/user.php b/website/queries/user.php
index 71cef11..719a40f 100644
--- a/website/queries/user.php
+++ b/website/queries/user.php
@@ -87,7 +87,7 @@ function selectAllUserPosts($userID) {
 }
 
 function select20UsersFromN($n) {
-    return $GLOBALS["db"]->query("
+    $q = $GLOBALS["db"]->prepare("
     SELECT
         `userID`,
         `username`,
@@ -99,8 +99,12 @@ function select20UsersFromN($n) {
         `role`,
         `username`
     LIMIT
-        $n, 20
+        :n, 20
     ");
+
+    $q->bindParam(':n', $n);
+    $q->execute();
+    return $q;
 }
 
 function search20UsersFromN($n, $keyword) {
@@ -155,8 +159,8 @@ function search20UsersFromNByStatus($n, $keyword, $status) {
     return $q;
 }
 
-function searchSomeUsersByStatus($db, $n, $m, $keyword, $status) {
-    $q = $db->prepare("
+function searchSomeUsersByStatus($n, $m, $keyword, $status) {
+    $q = $GLOBALS["db"]->prepare("
     SELECT
         `userID`,
         `username`,
@@ -184,8 +188,8 @@ function searchSomeUsersByStatus($db, $n, $m, $keyword, $status) {
     return $q;
 }
 
-function countSomeUsersByStatus($db, $keyword, $status) {
-    $q = $db->prepare("
+function countSomeUsersByStatus($keyword, $status) {
+    $q = $GLOBALS["db"]->prepare("
     SELECT
         COUNT(*)
     FROM
@@ -208,20 +212,23 @@ function countSomeUsersByStatus($db, $keyword, $status) {
 
 
 function changeUserStatusByID($id, $status) {
-    $q = $GLOBALS["db"]->query("
+    $q = $GLOBALS["db"]->prepare("
     UPDATE
         `user`
     SET
-        `role` = $status
+        `role` = :status
     WHERE
-        `userID` = $id
+        `userID` = :id
     ");
 
+    $q->bindParam(':status', $status);
+    $q->bindParam(':id', $id);
+    $q->execute();
     return $q;
 }
 
-function changeMultipleUserStatusByID($db, $ids, $status) {
-    $q = $db->prepare("
+function changeMultipleUserStatusByID($ids, $status) {
+    $q = $GLOBALS["db"]->prepare("
     UPDATE
         `user`
     SET
diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php
index 52681a4..af23dae 100644
--- a/website/views/adminpanel.php
+++ b/website/views/adminpanel.php
@@ -84,19 +84,19 @@ if (isset($_GET["groupstatus"])) {
 
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
     if (isset($_POST["actions"]) && isset($_POST["userID"])) {
-        changeUserStatusByID($db, $_POST["userID"], $_POST["actions"]);
+        changeUserStatusByID($_POST["userID"], $_POST["actions"]);
     }
 
     if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
-        changeGroupStatusByID($db, $_POST["groupID"], $_POST["actions"]);
+        changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
     }
 
     if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
-        changeMultipleUserStatusByID($db, $_POST["checkbox-user"], $_POST["batchactions"]);
+        changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
     }
 
     if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
-        changeMultipleGroupStatusByID($db, $_POST["checkbox-group"], $_POST["groupbatchactions"]);
+        changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
     }
 
     if (isset($_POST["pageselect"])) {
@@ -226,9 +226,9 @@ function test_input($data) {
                     <div class="admin-pageui">
                         <?php
                         if ($pagetype == "user") {
-                            $pages = countSomeUsersByStatus($db, $search, $status);
+                            $pages = countSomeUsersByStatus($search, $status);
                         } else {
-                            $pages = countSomeGroupsByStatus($db, $search, $status);
+                            $pages = countSomeGroupsByStatus($search, $status);
                         }
                         $countresults = $pages->fetchColumn();
                         $mincount = min($listm, $countresults);
@@ -277,7 +277,7 @@ function test_input($data) {
                     $listm = $currentpage * $perpage;
 
                     if ($pagetype == 'user') {
-                        $q = searchSomeUsersByStatus($db, $listn, $listm, $search, $status);
+                        $q = searchSomeUsersByStatus($listn, $listm, $search, $status);
 
                         while($user = $q->fetch(PDO::FETCH_ASSOC)) {
                             $userID = $user['userID'];
@@ -316,7 +316,7 @@ function test_input($data) {
                             ");
                         }
                     } else {
-                        $q = searchSomeGroupsByStatus($db, $listn, $listm, $search, $groupstatus);
+                        $q = searchSomeGroupsByStatus($listn, $listm, $search, $groupstatus);
 
                         while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
                             $groupID = $group['groupID'];

From bfdf9e989b2a724f505975d9ab79ccef106e937d Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Fri, 20 Jan 2017 13:07:47 +0100
Subject: [PATCH 09/24] Fixed profile page, now shows current user when no
 username is given in get variable.

---
 website/public/profile.php   | 61 ++++++------------------------------
 website/queries/nicetime.php | 39 +++++++++++++++++++++++
 2 files changed, 49 insertions(+), 51 deletions(-)
 create mode 100644 website/queries/nicetime.php

diff --git a/website/public/profile.php b/website/public/profile.php
index f3f499b..0fe2feb 100644
--- a/website/public/profile.php
+++ b/website/public/profile.php
@@ -1,45 +1,16 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <?php include("../views/head.php"); ?>
+    <style>
+        @import url("styles/profile.css");
+    </style>
+</head>
+<body>
 <?php
 include("../queries/user.php");
 include("../queries/friendship.php");
-
-function nicetime($date) {
-    if(empty($date)) {
-        return "No date provided";
-    }
-
-    $single_periods = array("seconde", "minuut", "uur", "dag", "week", "maand", "jaar", "decennium");
-    $multiple_periods = array("seconden", "minuten", "uur", "dagen", "weken", "maanden", "jaar", "decennia");
-    $lengths = array("60", "60", "24", "7", "4.35", "12", "10", "0");
-
-    $now = time();
-    $unix_date = strtotime($date);
-
-    if(empty($unix_date)) {
-        return "Bad date";
-    }
-
-    if($now > $unix_date) {
-        $difference = $now - $unix_date;
-        $tense = "geleden";
-    } else {
-        $difference = $unix_date - $now;
-        $tense = "vanaf nu";
-    }
-
-    for($i = 0; $difference >= $lengths[$i] && $i < count($lengths) - 1; $i++) {
-        $difference /= $lengths[$i];
-    }
-
-    $difference = round($difference);
-
-    if($difference != 1) {
-        $period = $multiple_periods[$i];
-    } else {
-        $period = $single_periods[$i];
-    }
-
-    return "$difference $period $tense";
-}
+include("../queries/nicetime.php");
 
 if(empty($_GET["username"])) {
     $userID = $_SESSION["userID"];
@@ -52,18 +23,6 @@ $profile_friends = selectAllFriends($userID);
 $profile_groups = selectAllUserGroups($userID);
 $posts = selectAllUserPosts($userID);
 
-?>
-
-<!DOCTYPE html>
-<html>
-<head>
-    <?php include("../views/head.php"); ?>
-    <style>
-        @import url("styles/profile.css");
-    </style>
-</head>
-<body>
-<?php
 /*
  * This view adds the main layout over the screen.
  * Header, menu, footer.
diff --git a/website/queries/nicetime.php b/website/queries/nicetime.php
new file mode 100644
index 0000000..4db6cbd
--- /dev/null
+++ b/website/queries/nicetime.php
@@ -0,0 +1,39 @@
+<?php
+function nicetime($date) {
+if(empty($date)) {
+return "No date provided";
+}
+
+$single_periods = array("seconde", "minuut", "uur", "dag", "week", "maand", "jaar", "decennium");
+$multiple_periods = array("seconden", "minuten", "uur", "dagen", "weken", "maanden", "jaar", "decennia");
+$lengths = array("60", "60", "24", "7", "4.35", "12", "10", "0");
+
+$now = time();
+$unix_date = strtotime($date);
+
+if(empty($unix_date)) {
+return "Bad date";
+}
+
+if($now > $unix_date) {
+$difference = $now - $unix_date;
+$tense = "geleden";
+} else {
+$difference = $unix_date - $now;
+$tense = "vanaf nu";
+}
+
+for($i = 0; $difference >= $lengths[$i] && $i < count($lengths) - 1; $i++) {
+$difference /= $lengths[$i];
+}
+
+$difference = round($difference);
+
+if($difference != 1) {
+$period = $multiple_periods[$i];
+} else {
+$period = $single_periods[$i];
+}
+
+return "$difference $period $tense";
+}
\ No newline at end of file

From 6418b2b679fdaee5f70da8dddf6321989ea5ea5d Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Fri, 20 Jan 2017 13:14:28 +0100
Subject: [PATCH 10/24] move js to /js

---
 website/public/js/admin.js   | 44 +++++++++++++++++++++++++++++++
 website/views/adminpanel.php | 50 ++----------------------------------
 2 files changed, 46 insertions(+), 48 deletions(-)
 create mode 100644 website/public/js/admin.js

diff --git a/website/public/js/admin.js b/website/public/js/admin.js
new file mode 100644
index 0000000..2055123
--- /dev/null
+++ b/website/public/js/admin.js
@@ -0,0 +1,44 @@
+window.onload = function() {
+    changeFilter();
+};
+
+function checkAll(allbox) {
+    var checkboxes = document.getElementsByClassName('checkbox-list');
+
+    for (var i = 0; i < checkboxes.length; i++) {
+        if (checkboxes[i].type == 'checkbox') {
+            checkboxes[i].checked = allbox.checked;
+        }
+    }
+}
+
+function checkCheckAll(allbox) {
+    var checkboxes = document.getElementsByClassName('checkbox-list');
+    var checked = true;
+
+    for (var i = 0; i < checkboxes.length; i++) {
+        if (checkboxes[i].type == 'checkbox') {
+            if (checkboxes[i].checked == false) {
+                checked = false;
+                break;
+            }
+        }
+    }
+    allbox.checked = checked;
+}
+
+function changeFilter() {
+    if (document.getElementById('group').checked) {
+        document.getElementById('admin-filter').style.display = 'none';
+        document.getElementById('admin-groupfilter').style.display = 'inline-block';
+
+        document.getElementById('admin-batchactions').style.display = 'none';
+        document.getElementById('admin-groupbatchactions').style.display = 'inline-block';
+    } else {
+        document.getElementById('admin-filter').style.display = 'inline-block';
+        document.getElementById('admin-groupfilter').style.display = 'none';
+
+        document.getElementById('admin-batchactions').style.display = 'inline-block';
+        document.getElementById('admin-groupbatchactions').style.display = 'none';
+    }
+}
diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php
index af23dae..fde8237 100644
--- a/website/views/adminpanel.php
+++ b/website/views/adminpanel.php
@@ -3,53 +3,7 @@
 <head>
     <meta charset="utf-8">
     <title>Admin Panel</title>
-    <script type="text/javascript">
-    window.onload = function() {
-        changeFilter();
-    };
-
-    function checkAll(allbox) {
-        var checkboxes = document.getElementsByClassName('checkbox-list');
-
-        for (var i = 0; i < checkboxes.length; i++) {
-            if (checkboxes[i].type == 'checkbox') {
-                checkboxes[i].checked = allbox.checked;
-            }
-        }
-    }
-
-    function checkCheckAll(allbox) {
-        var checkboxes = document.getElementsByClassName('checkbox-list');
-        var checked = true;
-
-        for (var i = 0; i < checkboxes.length; i++) {
-            if (checkboxes[i].type == 'checkbox') {
-                if (checkboxes[i].checked == false) {
-                    checked = false;
-                    break;
-                }
-            }
-        }
-        allbox.checked = checked;
-    }
-
-    function changeFilter() {
-        if (document.getElementById('group').checked) {
-            document.getElementById('admin-filter').style.display = 'none';
-            document.getElementById('admin-groupfilter').style.display = 'inline-block';
-
-            document.getElementById('admin-batchactions').style.display = 'none';
-            document.getElementById('admin-groupbatchactions').style.display = 'inline-block';
-        } else {
-            document.getElementById('admin-filter').style.display = 'inline-block';
-            document.getElementById('admin-groupfilter').style.display = 'none';
-
-            document.getElementById('admin-batchactions').style.display = 'inline-block';
-            document.getElementById('admin-groupbatchactions').style.display = 'none';
-        }
-    }
-
-    </script>
+    <script src="../public/js/admin.js" charset="utf-8"></script>
     <?php
         include_once("../queries/user.php");
         include_once("../queries/group_page.php");
@@ -228,7 +182,7 @@ function test_input($data) {
                         if ($pagetype == "user") {
                             $pages = countSomeUsersByStatus($search, $status);
                         } else {
-                            $pages = countSomeGroupsByStatus($search, $status);
+                            $pages = countSomeGroupsByStatus($search, $groupstatus);
                         }
                         $countresults = $pages->fetchColumn();
                         $mincount = min($listm, $countresults);

From b7620fe4dbe3cdaf595eb71087b485e4bbeaf81e Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Fri, 20 Jan 2017 14:05:20 +0100
Subject: [PATCH 11/24] Moved .htaccess

---
 website/.htaccess        | 14 --------------
 website/public/.htaccess | 14 ++++++++++++++
 2 files changed, 14 insertions(+), 14 deletions(-)
 delete mode 100644 website/.htaccess
 create mode 100644 website/public/.htaccess

diff --git a/website/.htaccess b/website/.htaccess
deleted file mode 100644
index 5c0147b..0000000
--- a/website/.htaccess
+++ /dev/null
@@ -1,14 +0,0 @@
-Options +FollowSymLinks
-RewriteEngine On
-
-ErrorDocument 404 /error404.jpg
-
-RewriteCond %{SCRIPT_FILENAME} !-d
-RewriteCond %{SCRIPT_FILENAME} !-f
-
-# Resolve .php file for extensionless php urls
-RewriteRule ^([^/.]+)$ $1.php [L]
-
-RewriteRule ^([^/.]+)\/$ $1.php [L]
-
-RewriteRule ^profile/([A-z0-9]+)\/?$ profile.php?username=$1 [NC]
\ No newline at end of file
diff --git a/website/public/.htaccess b/website/public/.htaccess
new file mode 100644
index 0000000..69fda24
--- /dev/null
+++ b/website/public/.htaccess
@@ -0,0 +1,14 @@
+#Options +FollowSymLinks
+#RewriteEngine On
+#
+#ErrorDocument 404 /error404.jpg
+#
+#RewriteCond %{SCRIPT_FILENAME} !-d
+#RewriteCond %{SCRIPT_FILENAME} !-f
+#
+## Resolve .php file for extensionless php urls
+#RewriteRule ^([^/.]+)$ $1.php [L]
+#
+#RewriteRule ^([^/.]+)\/$ $1.php [L]
+#
+#RewriteRule ^profile/([A-z0-9]+)\/?$ profile.php?username=$1 [NC]
\ No newline at end of file

From f9c55323ad54047ab80381499fef430b3f49fd8b Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Fri, 20 Jan 2017 14:09:04 +0100
Subject: [PATCH 12/24] Made friends and groups clickable.

---
 website/views/profile.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/website/views/profile.php b/website/views/profile.php
index 6c273a6..47b880d 100644
--- a/website/views/profile.php
+++ b/website/views/profile.php
@@ -13,7 +13,7 @@
         <p>
             <?php
                 while($friend = $profile_friends->fetch()) {
-                    echo "<a href='#' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>";
+                    echo "<a href='profile/${friend["username"]}/' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>";
                 }
 
 
@@ -29,7 +29,7 @@
         <p>
             <?php
                 while($group = $profile_groups->fetch()) {
-                    echo "<a href='#' data-title='${group["name"]}'><img class='group-picture' src='${group["picture"]}' alt='${group["name"]}s logo'></a>";
+                    echo "<a href='group/${group["name"]}/' data-title='${group["name"]}'><img class='group-picture' src='${group["picture"]}' alt='${group["name"]}s logo'></a>";
                 }
 
                 if($groups->rowCount() === 0) {

From 0e5f7dc9fb4e7581bef3d1f85ef1231ad9ad71c0 Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Fri, 20 Jan 2017 14:10:32 +0100
Subject: [PATCH 13/24] Fixed no friends text and no groups text.

---
 website/views/profile.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/website/views/profile.php b/website/views/profile.php
index 47b880d..83ac799 100644
--- a/website/views/profile.php
+++ b/website/views/profile.php
@@ -17,7 +17,7 @@
                 }
 
 
-                if($friends->rowCount() === 0) {
+                if($profile_friends->rowCount() === 0) {
                     echo "<p>Deze gebruiker heeft nog geen vrienden gemaakt.</p>";
                 }
             ?>
@@ -32,7 +32,7 @@
                     echo "<a href='group/${group["name"]}/' data-title='${group["name"]}'><img class='group-picture' src='${group["picture"]}' alt='${group["name"]}s logo'></a>";
                 }
 
-                if($groups->rowCount() === 0) {
+                if($profile_groups->rowCount() === 0) {
                     echo "<p>Deze gebruiker is nog geen lid van een groep.</p>";
                 }
             ?>

From adb7f2f37db78f7099b3fedbcfe48d783c9c91a7 Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Fri, 20 Jan 2017 14:31:49 +0100
Subject: [PATCH 14/24] Fixed .htaccess

---
 website/public/.htaccess | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/website/public/.htaccess b/website/public/.htaccess
index 69fda24..5c0147b 100644
--- a/website/public/.htaccess
+++ b/website/public/.htaccess
@@ -1,14 +1,14 @@
-#Options +FollowSymLinks
-#RewriteEngine On
-#
-#ErrorDocument 404 /error404.jpg
-#
-#RewriteCond %{SCRIPT_FILENAME} !-d
-#RewriteCond %{SCRIPT_FILENAME} !-f
-#
-## Resolve .php file for extensionless php urls
-#RewriteRule ^([^/.]+)$ $1.php [L]
-#
-#RewriteRule ^([^/.]+)\/$ $1.php [L]
-#
-#RewriteRule ^profile/([A-z0-9]+)\/?$ profile.php?username=$1 [NC]
\ No newline at end of file
+Options +FollowSymLinks
+RewriteEngine On
+
+ErrorDocument 404 /error404.jpg
+
+RewriteCond %{SCRIPT_FILENAME} !-d
+RewriteCond %{SCRIPT_FILENAME} !-f
+
+# Resolve .php file for extensionless php urls
+RewriteRule ^([^/.]+)$ $1.php [L]
+
+RewriteRule ^([^/.]+)\/$ $1.php [L]
+
+RewriteRule ^profile/([A-z0-9]+)\/?$ profile.php?username=$1 [NC]
\ No newline at end of file

From 6478ce920f56a1fe1b004b99ef253cdc6fe10a1e Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Fri, 20 Jan 2017 14:40:21 +0100
Subject: [PATCH 15/24] Fixed .htaccess

---
 website/public/.htaccess | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/website/public/.htaccess b/website/public/.htaccess
index 5c0147b..f08898a 100644
--- a/website/public/.htaccess
+++ b/website/public/.htaccess
@@ -9,6 +9,4 @@ RewriteCond %{SCRIPT_FILENAME} !-f
 # Resolve .php file for extensionless php urls
 RewriteRule ^([^/.]+)$ $1.php [L]
 
-RewriteRule ^([^/.]+)\/$ $1.php [L]
-
-RewriteRule ^profile/([A-z0-9]+)\/?$ profile.php?username=$1 [NC]
\ No newline at end of file
+RewriteRule ^profile/([A-z0-9]+)$ profile.php?username=$1 [NC]
\ No newline at end of file

From 42188609363a214a33a7df8a5bbd8c91a3e6334a Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Fri, 20 Jan 2017 14:43:04 +0100
Subject: [PATCH 16/24] remove testinput

---
 website/views/adminpanel.php | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php
index fde8237..116512c 100644
--- a/website/views/adminpanel.php
+++ b/website/views/adminpanel.php
@@ -62,12 +62,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 $listn = ($currentpage-1) * $perpage;
 $listm = $currentpage * $perpage;
 
-function test_input($data) {
-  $data = trim($data);
-  $data = stripslashes($data);
-  $data = htmlspecialchars($data);
-  return $data;
-}
 ?>
 
 <div class="content">

From ca28724274047a90649944303022a2d503cd45f7 Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Fri, 20 Jan 2017 14:48:00 +0100
Subject: [PATCH 17/24] Fixed script tags and @import. Has to be absolute path
 in order to work with the .htaccess file.

---
 website/public/profile.php |  3 ++-
 website/views/head.php     | 17 ++++++++---------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/website/public/profile.php b/website/public/profile.php
index 0fe2feb..6ede201 100644
--- a/website/public/profile.php
+++ b/website/public/profile.php
@@ -2,8 +2,9 @@
 <html>
 <head>
     <?php include("../views/head.php"); ?>
+    <script src="/js/masonry.js"></script>
     <style>
-        @import url("styles/profile.css");
+        @import url("/styles/profile.css");
     </style>
 </head>
 <body>
diff --git a/website/views/head.php b/website/views/head.php
index bb6eec4..4347650 100644
--- a/website/views/head.php
+++ b/website/views/head.php
@@ -1,17 +1,16 @@
 <meta charset="utf-8">
 <title>MyHyvesbook+</title>
 <!-- Add your javascript files here. -->
-<script src="js/jquery.js"></script>
-<script src="js/header.js"></script>
-<script src="js/menu.js"></script>
-<script src="js/masonry.js"></script>
+<script src="/js/jquery.js"></script>
+<script src="/js/header.js"></script>
+<script src="/js/menu.js"></script>
 <style>
     /* Add your css files here. */
-    @import url("styles/main.css");
-    @import url("styles/font-awesome.css");
-    @import url("styles/header.css");
-    @import url("styles/menu.css");
-    @import url("styles/footer.css");
+    @import url("/styles/main.css");
+    @import url("/styles/font-awesome.css");
+    @import url("/styles/header.css");
+    @import url("/styles/menu.css");
+    @import url("/styles/footer.css");
 </style>
 <?php
 

From 59d4740ad5843650f5b5fa7a5eb316e36d309f61 Mon Sep 17 00:00:00 2001
From: Marijn Jansen <marijn@jansen.onl>
Date: Fri, 20 Jan 2017 14:55:47 +0100
Subject: [PATCH 18/24] Alpha 0.0.1 profile picture upload shizzle!

---
 website/public/settings.php     |  3 ++-
 website/queries/settings.php    | 28 +++++++++++++++++++++++++---
 website/views/settings-view.php |  3 ++-
 3 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/website/public/settings.php b/website/public/settings.php
index 45e50d8..d52608b 100644
--- a/website/public/settings.php
+++ b/website/public/settings.php
@@ -22,12 +22,13 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
             $result = updateSettings();
             break;
         case "password":
-            $result = updatePassword();
+            $result = changePassword();
             break;
         case "email":
             $result = changeEmail();
             break;
         case "picture":
+            updateProfilePicture();
             $result = $notImplemented;
             break;
     }
diff --git a/website/queries/settings.php b/website/queries/settings.php
index 7c92583..b85cae8 100644
--- a/website/queries/settings.php
+++ b/website/queries/settings.php
@@ -99,11 +99,11 @@ function updateSettings() {
     return new settingsMessage("happy", "Instellingen zijn opgeslagen.");
 }
 
-function updatePassword() {
+function changePassword() {
     $user = getPasswordHash();
     if (password_verify($_POST["password-old"], $user["password"])) {
         if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
-            if (changePassword()) {
+            if (doChangePassword()) {
                 return new settingsMessage("happy", "Wachtwoord gewijzigd.");
             } else {
                 return new settingsMessage("angry", "Er is iets mis gegaan.");
@@ -116,7 +116,7 @@ function updatePassword() {
     }
 }
 
-function changePassword() {
+function doChangePassword() {
     $stmt = $GLOBALS["db"]->prepare("
     UPDATE
       `user`
@@ -184,4 +184,26 @@ function doChangeEmail($email) {
     $stmt->bindParam(":userID", $_SESSION["userID"]);
     $stmt->execute();
     return $stmt->rowCount();
+}
+
+function updateProfilePicture() {
+    $profilePictureDir = "/var/www/html/public/";
+    $relativePath = "uploads/" . $_SESSION["userID"] . "_" . basename($_FILES["pp"]["name"]);
+    move_uploaded_file($_FILES['pp']['tmp_name'], $profilePictureDir . $relativePath);
+    setProfilePictureToDatabase("../" . $relativePath);
+}
+
+function setProfilePictureToDatabase($url) {
+    $stmt = $GLOBALS["db"]->prepare("
+    UPDATE
+        `user`
+    SET
+        `profilepicture` = :profilepicture
+    WHERE
+        `userID` = :userID
+    ");
+
+    $stmt->bindParam(":profilepicture", $url);
+    $stmt->bindParam(":userID", $_SESSION["userID"]);
+    $stmt->execute();
 }
\ No newline at end of file
diff --git a/website/views/settings-view.php b/website/views/settings-view.php
index 6d9d660..f6c4e07 100644
--- a/website/views/settings-view.php
+++ b/website/views/settings-view.php
@@ -1,5 +1,6 @@
 <?php
 $settings = getSettings();
+//phpinfo();
 ?>
 
 <div class="content">
@@ -68,7 +69,7 @@ $settings = getSettings();
                 </li>
             </ul>
         </form>
-        <form class="settings-profilepictue platform" method="post">
+        <form class="settings-profilepictue platform" method="post" enctype="multipart/form-data">
             <h5>Verander profielfoto</h5>
             <ul>
                 <li>

From e547712b2a6020aaee8cb59ee4795287f82dfa74 Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Fri, 20 Jan 2017 15:02:05 +0100
Subject: [PATCH 19/24] Changed links to absolute path.

---
 website/views/adminpanel.php    |  2 +-
 website/views/header.php        | 12 ++++++------
 website/views/login-view.php    |  4 ++--
 website/views/login_head.php    |  6 +++---
 website/views/menu.php          |  2 +-
 website/views/profile.php       |  2 +-
 website/views/register-view.php |  2 +-
 7 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php
index fde8237..e8efe6f 100644
--- a/website/views/adminpanel.php
+++ b/website/views/adminpanel.php
@@ -3,7 +3,7 @@
 <head>
     <meta charset="utf-8">
     <title>Admin Panel</title>
-    <script src="../public/js/admin.js" charset="utf-8"></script>
+    <script src="/js/admin.js" charset="utf-8"></script>
     <?php
         include_once("../queries/user.php");
         include_once("../queries/group_page.php");
diff --git a/website/views/header.php b/website/views/header.php
index a58e5f0..2a1f580 100644
--- a/website/views/header.php
+++ b/website/views/header.php
@@ -5,10 +5,10 @@ $userinfo = getHeaderInfo();
 ?>
 <header>
     <div id="header-logo">
-        <a href="profile.php"><img src="img/top-logo.png" alt="MyHyvesbook+" /></a>
+        <a href="profile.php"><img src="/img/top-logo.png" alt="MyHyvesbook+" /></a>
     </div>
     <div id="header-search">
-        <form action="search.php" method="get">
+        <form action="/search" method="get">
             <input name="search"
                    type="text"
                    placeholder="Zoek naar wat je wil"
@@ -20,9 +20,9 @@ $userinfo = getHeaderInfo();
     </div>
     <div class="right profile-menu">
         <div id="profile-menu-popup">
-            <a href="logout.php"><span style="color: red;" class="fa fa-sign-out" data-title="Uitloggen"></span></a> |
-            <a href="settings.php"><span style="color: blue;" class="fa fa-cog" data-title="Instellingen"></span></a> |
-            <a href="profile.php"><span style="color: green;" class="fa fa-user" data-title="Profiel"></span></a>
+            <a href="/logout"><span style="color: red;" class="fa fa-sign-out" data-title="Uitloggen"></span></a> |
+            <a href="/settings"><span style="color: blue;" class="fa fa-cog" data-title="Instellingen"></span></a> |
+            <a href="/profile"><span style="color: green;" class="fa fa-user" data-title="Profiel"></span></a>
         </div>
         <div id="profile-hello-popup">
             <div id="hello-loop">
@@ -32,5 +32,5 @@ $userinfo = getHeaderInfo();
         </div>
         <img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/>
     </div>
-    <a href="chat.php"><div class="right fa fa-comments-o" id="open-chat" data-title="Prive chats"></div></a>
+    <a href="/chat"><div class="right fa fa-comments-o" id="open-chat" data-title="Prive chats"></div></a>
 </header>
diff --git a/website/views/login-view.php b/website/views/login-view.php
index 33fa7e9..7a023f0 100644
--- a/website/views/login-view.php
+++ b/website/views/login-view.php
@@ -1,6 +1,6 @@
 <div>
     <img style="width:50%;margin-left:25%"
-         src="img/top-logo.png"
+         src="/img/top-logo.png"
          alt="MyHyvesbook+">
 </div>
 <div class="platform">
@@ -46,6 +46,6 @@
     </form>
     <!-- Button for going to the register screen -->
     <div class="login_containerlogin">
-      <a href="https://myhyvesbookplus.nl/register.php" class="button">Registreer een account</a>
+      <a href="https://myhyvesbookplus.nl/register" class="button">Registreer een account</a>
     </div>
 </div>
diff --git a/website/views/login_head.php b/website/views/login_head.php
index a41e87e..645f919 100644
--- a/website/views/login_head.php
+++ b/website/views/login_head.php
@@ -3,9 +3,9 @@
     <title>MyHyvesbook+</title>
     <link rel="stylesheet"
           type="text/css"
-          href="styles/main.css">
+          href="/styles/main.css">
     <link rel="stylesheet"
           type="text/css"
-          href="styles/index.css">
-    <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
+          href="/styles/index.css">
+    <script src="/js/jquery.js"></script>
 </head>
diff --git a/website/views/menu.php b/website/views/menu.php
index 88ae076..c6b030a 100644
--- a/website/views/menu.php
+++ b/website/views/menu.php
@@ -51,7 +51,7 @@
 
             echo "
                 <li class='friend-item'>
-                    <form action='profile.php' method='get'>
+                    <form action='/profile' method='get'>
                         <button type='submit'
                                 name='username'
                                 value='$randomUser'>
diff --git a/website/views/profile.php b/website/views/profile.php
index 83ac799..f8cdadd 100644
--- a/website/views/profile.php
+++ b/website/views/profile.php
@@ -2,7 +2,7 @@
     <div class="profile-box platform">
         <img class="left profile-picture" src="<?php echo $user["profilepicture"] ?>">
         <div class="profile-button">
-            <p><img src="img/add-friend.png"> Als vriend toevoegen</p>
+            <p><img src="/img/add-friend.png"> Als vriend toevoegen</p>
         </div>
         <h1 class="profile-username"><?= $user["fname"]?> <?=$user["lname"]?> (<?=$user["username"]?>)</h1>
         <p><?=$user["bio"]?></p>
diff --git a/website/views/register-view.php b/website/views/register-view.php
index b95dd81..4ccf868 100644
--- a/website/views/register-view.php
+++ b/website/views/register-view.php
@@ -1,6 +1,6 @@
 <div>
     <img style="width:50%;margin-left:25%"
-         src="img/top-logo.png"
+         src="/img/top-logo.png"
          alt="MyHyvesbook+">
 </div>
 

From 15a3640eea1db743e5d8ab0d962cdc9f56e27b19 Mon Sep 17 00:00:00 2001
From: Joey Lai <joeylai96@hotmail.com>
Date: Fri, 20 Jan 2017 15:25:37 +0100
Subject: [PATCH 20/24] Added arrow button for going to login.php

---
 website/public/login.php        | 11 ++++-----
 website/public/styles/index.css | 44 ++++++++++++++++++++++++++-------
 website/views/register-view.php |  7 +++---
 3 files changed, 43 insertions(+), 19 deletions(-)

diff --git a/website/public/login.php b/website/public/login.php
index 3d37da7..b3da203 100644
--- a/website/public/login.php
+++ b/website/public/login.php
@@ -9,12 +9,11 @@
 <body>
 <script>
 function checkLoggedIn() {
-    if (confirm("You are already logged in!\Do you want to logout?\Press ok to logout.") == true) {
-        unset($_SESSION["userID"]);
-        header("Location: login.php");
-    } else {
-        header("location: profile.php");
-    }
+    if (confirm("You are already logged in!\nDo you want to logout?\nPress ok to logout.") == true) {
+        window.location.href = "logout.php";
+        } else {
+        window.history.back();
+}
     document.getElementById("demo").innerHTML = x;
 }
 </script>
diff --git a/website/public/styles/index.css b/website/public/styles/index.css
index c551fd1..4b55904 100644
--- a/website/public/styles/index.css
+++ b/website/public/styles/index.css
@@ -1,7 +1,7 @@
 a.button {
-    background-color: #405550;
+    background-color: #C8CABD;
     border-radius: 10px;
-    color: white;
+    color: black;
     cursor: pointer;
     height: 50%;
     margin: 8px 0;
@@ -46,8 +46,8 @@ body {
 form {
     /*background-color: #a87a87;*/
     border-radius: 12px;
-    height: 75%;
-    margin: 10px auto;
+    height: 80%;
+    margin: auto;
     width: 70%;
     overflow-y:auto;
 }
@@ -66,14 +66,15 @@ h2 {
     font-size: 2.0em;
 }
 
+
 input[type=text], input[type=password], input[type=email], input[type="date"] {
     box-sizing: border-box;
     border-color: #C8CABD;
     display: inline-block;
-    height: 50%;
+    height: 60%;
     padding: 8px 20px;
     margin: 4px 0;
-    width: 50%;
+    width: 70%;
 }
 /*
 input[type=text], input[type=password], input[type=email], input[type="date"] {
@@ -101,6 +102,31 @@ label {
     display: block;
 }
 
+.left-arrow {
+    display: inline-block;
+    position: relative;
+    background-color: #C8CABD;
+    height: 30px;
+    width: 90px;
+    padding: 3px 3px 3px 0px;
+    text-align: center;
+    border-radius: 0px 10px 10px 0px;
+    font-size: 24px;
+
+}
+.left-arrow:after {
+    content: '';
+    display: block;
+    position: absolute;
+    right: 100%;
+    top: 0;
+    bottom: 0;
+    border-top: 15px solid transparent;
+    border-right: 20px solid #C8CABD;
+    border-bottom: 15px solid transparent;
+    border-left: 0px solid transparent;
+}
+
 /* padding voor registreer container */
 .login_containerregister {
     padding: 16px;
@@ -109,7 +135,7 @@ label {
 
 /* padding voor login_containers */
 .login_containerlogin {
-    padding: 16px;
+    padding:25px;
     text-align: center;
 }
 
@@ -133,11 +159,11 @@ label {
     background-repeat: repeat-x;
     background-attachment: fixed;*/
     box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
-    height: 53%;
+    height: 550px;
     margin: 34px auto;
     overflow-y: auto;
     padding: 20px;
-    width: 35%;
+    width: 50%;
 }
 
 /*.platform {
diff --git a/website/views/register-view.php b/website/views/register-view.php
index b95dd81..b69bc8e 100644
--- a/website/views/register-view.php
+++ b/website/views/register-view.php
@@ -123,13 +123,12 @@
                    value="Registreer uw account"
                    name="Submit"
                    id="frm1_submit">
-            Registreer uw account
+            Registreer
             </button>
         </div>
     </form>
-
-    <!-- Button for going back to login screen -->
     <div class="login_containerlogin">
-        <a href="https://myhyvesbookplus.nl/login.php" class="button">Login met een account</a>
+    <!-- Button for going back to login screen -->
+        <a href="https://myhyvesbookplus.nl/login.php" class="left-arrow">Login</a>
     </div>
 </div>

From e7d63c2f572a79d6a2250e2f3ae23a57f6e370fc Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Fri, 20 Jan 2017 15:34:01 +0100
Subject: [PATCH 21/24] Changed how name is displayed on profile page.

---
 website/public/styles/profile.css | 23 ++++-------------------
 website/views/profile.php         |  7 ++++---
 2 files changed, 8 insertions(+), 22 deletions(-)

diff --git a/website/public/styles/profile.css b/website/public/styles/profile.css
index af1ed58..7437e4c 100644
--- a/website/public/styles/profile.css
+++ b/website/public/styles/profile.css
@@ -10,9 +10,12 @@
     margin: 0 20px 20px 0;
 }
 
-.profile-box .profile-username {
+.profile-box h1.profile-username {
     padding-top: 50px;
 }
+.profile-box h5.profile-username {
+    padding-top: 0;
+}
 
 div.posts {
     padding-top: 20px;
@@ -37,24 +40,6 @@ div.posts .post p.subscript {
     font-size: 8pt;
 }
 
-/*.posts {*/
-    /*z-index: -1;*/
-    /*margin-right: 0;*/
-    /*width: calc(100% + 15px);*/
-/*}*/
-
-/*.post-box {*/
-    /*display: inline-flex;*/
-    /*margin: 20px 15px 0 0;*/
-    /*padding: 25px;*/
-    /*background-color: #FFFFFF;*/
-/*}*/
-
-/*!* fullscreen *!*/
-/*.post-box {*/
-    /*width: calc(25% - 69px);*/
-/*}*/
-
 @media only screen and (max-width: 1500px) {
     .post-box {
         width: calc(50% - 68px);
diff --git a/website/views/profile.php b/website/views/profile.php
index f8cdadd..1457dee 100644
--- a/website/views/profile.php
+++ b/website/views/profile.php
@@ -4,7 +4,8 @@
         <div class="profile-button">
             <p><img src="/img/add-friend.png"> Als vriend toevoegen</p>
         </div>
-        <h1 class="profile-username"><?= $user["fname"]?> <?=$user["lname"]?> (<?=$user["username"]?>)</h1>
+        <h1 class="profile-username"><?=$user["username"]?></h1>
+        <h5 class="profile-username"><?= $user["fname"]?> <?=$user["lname"]?></h5>
         <p><?=$user["bio"]?></p>
     </div>
 
@@ -13,7 +14,7 @@
         <p>
             <?php
                 while($friend = $profile_friends->fetch()) {
-                    echo "<a href='profile/${friend["username"]}/' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>";
+                    echo "<a href='/profile/${friend["username"]}/' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>";
                 }
 
 
@@ -29,7 +30,7 @@
         <p>
             <?php
                 while($group = $profile_groups->fetch()) {
-                    echo "<a href='group/${group["name"]}/' data-title='${group["name"]}'><img class='group-picture' src='${group["picture"]}' alt='${group["name"]}s logo'></a>";
+                    echo "<a href='/group/${group["name"]}/' data-title='${group["name"]}'><img class='group-picture' src='${group["picture"]}' alt='${group["name"]}s logo'></a>";
                 }
 
                 if($profile_groups->rowCount() === 0) {

From 587d0e6ac351787fe1d944b06c6a05b42e1952f1 Mon Sep 17 00:00:00 2001
From: Marijn Jansen <marijn@jansen.onl>
Date: Fri, 20 Jan 2017 15:41:13 +0100
Subject: [PATCH 22/24] fixed crosssitescripting on settings pagw

---
 website/queries/settings.php    | 8 ++++----
 website/views/settings-view.php | 1 -
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/website/queries/settings.php b/website/queries/settings.php
index b85cae8..7d3bf9c 100644
--- a/website/queries/settings.php
+++ b/website/queries/settings.php
@@ -87,11 +87,11 @@ function updateSettings() {
       `userID` = :userID
     ");
 
-    $stmt->bindParam(":fname", $_POST["fname"]);
-    $stmt->bindParam(":lname", $_POST["lname"]);
-    $stmt->bindParam(":location", $_POST["location"]);
+    $stmt->bindParam(":fname", test_input($_POST["fname"]));
+    $stmt->bindParam(":lname", test_input($_POST["lname"]));
+    $stmt->bindParam(":location", test_input($_POST["location"]));
     $stmt->bindParam(":bday", $_POST["bday"]);
-    $stmt->bindParam(":bio", $_POST["bio"]);
+    $stmt->bindParam(":bio", test_input($_POST["bio"]));
     $stmt->bindParam(":userID", $_SESSION["userID"]);
 
     $stmt->execute();
diff --git a/website/views/settings-view.php b/website/views/settings-view.php
index f6c4e07..1fa5278 100644
--- a/website/views/settings-view.php
+++ b/website/views/settings-view.php
@@ -1,6 +1,5 @@
 <?php
 $settings = getSettings();
-//phpinfo();
 ?>
 
 <div class="content">

From 9152ae4f75b17fd7903ba10624f54560f337a637 Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Fri, 20 Jan 2017 16:18:09 +0100
Subject: [PATCH 23/24] add searching users, searching groups, remembering
 search options

---
 website/public/search.php        |   6 +-
 website/public/styles/search.css |   5 ++
 website/queries/group_page.php   |  23 +++++-
 website/queries/user.php         |  35 ++++++++-
 website/views/search-view.php    | 120 +++++++++++++++++++------------
 5 files changed, 137 insertions(+), 52 deletions(-)

diff --git a/website/public/search.php b/website/public/search.php
index c314791..6cfadd8 100644
--- a/website/public/search.php
+++ b/website/public/search.php
@@ -1,7 +1,11 @@
 <!DOCTYPE html>
 <html>
 <head>
-    <?php include("../views/head.php"); ?>
+    <?php
+    include_once("../queries/user.php");
+    include_once("../queries/group_page.php");
+    include("../views/head.php");
+    ?>
     <style>
         @import url("styles/search.css");
     </style>
diff --git a/website/public/styles/search.css b/website/public/styles/search.css
index 4b2281c..b54723d 100644
--- a/website/public/styles/search.css
+++ b/website/public/styles/search.css
@@ -9,4 +9,9 @@
 
 #search-friends-output {
     margin-right: 10px;
+}
+
+.searchleft, .searchright {
+    display: inline-block;
+    vertical-align: top;
 }
\ No newline at end of file
diff --git a/website/queries/group_page.php b/website/queries/group_page.php
index ef7af07..d704e8c 100644
--- a/website/queries/group_page.php
+++ b/website/queries/group_page.php
@@ -172,5 +172,26 @@ function changeMultipleGroupStatusByID($ids, $status) {
     return $q;
 }
 
+function searchSomeGroups($n, $m, $search) {
+    $stmt = $GLOBALS["db"]->prepare("
+    SELECT
+        `name`,
+        `picture`
+    FROM
+        `group_page`
+    WHERE
+        `name` LIKE :keyword
+    ORDER BY 
+        `name`
+    LIMIT 
+        :n, :m
+    ");
 
-?>
+    $search = "%$search%";
+    $stmt->bindParam(':keyword', $search);
+    $stmt->bindParam(':n', $n, PDO::PARAM_INT);
+    $stmt->bindParam(':m', $m, PDO::PARAM_INT);
+    $stmt->execute();
+    return $stmt;
+}
+?>
\ No newline at end of file
diff --git a/website/queries/user.php b/website/queries/user.php
index 398e2e4..114d673 100644
--- a/website/queries/user.php
+++ b/website/queries/user.php
@@ -252,12 +252,12 @@ function selectRandomNotFriendUser($userID) {
     FROM
         `user`
     WHERE
-        `userID` NOT IN (SELECT 
+        `userID` NOT IN (SELECT
                             `user1ID`
                          FROM
                             `friendship`
                          WHERE `user1ID` = :userID) OR
-        `userID` NOT IN (SELECT 
+        `userID` NOT IN (SELECT
                             `user2ID`
                          FROM
                             `friendship`
@@ -271,4 +271,33 @@ function selectRandomNotFriendUser($userID) {
     $stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
     $stmt->execute();
     return $stmt->fetch();
-}
\ No newline at end of file
+}
+
+function searchSomeUsers($n, $m, $search) {
+    $stmt = $GLOBALS["db"]->prepare("
+    SELECT
+        `username`,
+        `profilepicture`,
+        `fname`,
+        `lname`
+    FROM
+      `user`
+    WHERE
+        `username` LIKE :keyword OR 
+        `fname` LIKE :keyword OR 
+        `lname` LIKE :keyword
+    ORDER BY 
+        `fname`, 
+        `lname`, 
+        `username`
+    LIMIT 
+        :n, :m
+    ");
+
+    $search = "%$search%";
+    $stmt->bindParam(':keyword', $search);
+    $stmt->bindParam(':n', $n, PDO::PARAM_INT);
+    $stmt->bindParam(':m', $m, PDO::PARAM_INT);
+    $stmt->execute();
+    return $stmt;
+}
diff --git a/website/views/search-view.php b/website/views/search-view.php
index b1418d1..0d650d4 100644
--- a/website/views/search-view.php
+++ b/website/views/search-view.php
@@ -1,3 +1,16 @@
+<?php
+$search = "";
+$filter = "all";
+
+if (isset($_GET['search'])) {
+    $search = test_input($_GET['search']);
+}
+
+if (isset($_GET['filter'])) {
+    $filter = $_GET['filter'];
+}
+?>
+
 <div class="content">
     <div class="platform">
         <form class="search-form" action="search.php" method="get">
@@ -7,72 +20,85 @@
             <input type="text"
                    name="search"
                    placeholder="zoek"
-                   value="Rudolf"
                    required
-            />
+                   value=<?php echo "$search";?>
+            >
             <label for="filter">
                 Filter:
             </label>
             <select name="filter">
-                <option value="friends">Alles</option>
-                <option value="users">Gebruikers</option>
-                <option value="groups">Groepen</option>x
-                <option value="friends">Vrienden</option>
+                <option value="all"
+                    <?php if ($filter == "all") echo "selected";?>>
+                    Alles</option>
+                <option value="users"
+                    <?php if ($filter == "users") echo "selected";?>>
+                    Gebruikers</option>
+                <option value="groups"
+                    <?php if ($filter == "groups") echo "selected";?>>
+                    Groepen</option>
+                <option value="friends"
+                    <?php if ($filter == "friends") echo "selected";?>>
+                    Vrienden</option>
             </select>
             <input type="submit"
                    value="Zoek"
             />
         </form>
     </div>
-    <div class="platform item-box left" id="search-friends-output">
+    <div class="platform item-box searchleft" id="search-friends-output">
         <h4>Gebruikers</h4>
-        <ul class="nav-list">
-            <a href="#">
-                <li class="search-item">
-                    <div class="friend">
-                        <img class="profile-picture" src="https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTDnuRSeeyPve7KwDvJJ6OBzj3gyghwLcE2z9kZeYBOyZavh3mw">
-                        Rudolf Leslo
-                    </div>
-                </li>
-            </a>
-            <a href="#">
-                <li class="search-item">
-                    <div class="friend">
-                        <img class="profile-picture" src="http://www.kpop-map.com/wp-content/uploads/2016/01/sm-rookies-kun-profile.jpg">
-                        Henk de Boer
-                    </div>
-                </li>
-            </a>
+        <ul class='nav-list'>
+
+        <?php
+        $q = searchSomeUsers(0, 20, $search);
+
+        while ($user = $q->fetch(PDO::FETCH_ASSOC)) {
+            $username = $user['username'];
+            $profilepic = $user['profilepicture'];
+            $fname = $user['fname'];
+            $lname = $user['lname'];
+
+            echo("
+                <a href='https://myhyvesbookplus.nl/profile/$username/'>
+                    <li class='search-item'>
+                        <div class='friend'>
+                            <img class='profile-picture' 
+                                 src='$profilepic'>
+                            $fname $lname ($username)
+                        </div>
+                    </li>
+                </a>
+            ");
+        }
+        ?>
+
         </ul>
     </div>
 
-    <div class="platform item-box right" id="search-group-output">
+    <div class="platform item-box searchright" id="search-group-output">
         <h4>Groepen</h4>
         <ul class="nav-list">
-            <a href="#">
-                <li class="search-item">
-                    <div class="group">
-                        <img class="group-picture" src="https://4.bp.blogspot.com/-H3G7SSOLe7M/V08Ey2YyC3I/AAAAAAAABYs/QnXOEfjIhugFG8mKGHhxN5gkkJdCEwcugCLcB/s1600/mysace-hacked.png">
-                        Myspace
-                    </div>
-                </li>
-            </a>
-            <a href="#">
-                <li class="search-item">
-                    <div class="group">
-                        <img class="group-picture" src="data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAkGBxANDQ0NDQ8NDQ0NDQ0NDQ0NDQ8NDQ4NFREWFhURFRUYHSggGBolGxUVITEhJSkrLi4uFx8zODMsNygtLisBCgoKDg0OGBAQFy0dHR0rLi0tLSstLS0rLS0tLS0tLSstLS0tKy0rLS0tLS0tLS0tLS0tKy0tLS0rLS0tLS0tLf/AABEIAOsA1wMBEQACEQEDEQH/xAAbAAACAwEBAQAAAAAAAAAAAAAAAQIFBgMEB//EAEEQAAIBAgEFCQ8EAgIDAAAAAAABAgMRBAUSITFSBjNRU2FxkaGxFBUWMjRBYnJzgZKistHhEyIjwUNjJEKCg/D/xAAaAQEAAgMBAAAAAAAAAAAAAAAAAQUCBAYD/8QALBEBAAEDAQcDBAMBAQAAAAAAAAECAxEEBRITMTNRcSEyUhRBgZEiI2FCof/aAAwDAQACEQMRAD8A+4gAABynXjHXKK955zcpp5yyiiqeUId109pdZjx7fdlwq+w7rp7S6xx7fc4VfYd109pdY49vucKvsO66e0usce33ODX2HddPaXWOPb7nBr7DuuntLrHHt9zg19i7rp7S6xx7fc4NfYd2U9tdY+ot/I4NfYd2U9tdY+ot9zg19h3ZT211j6i33ODX2HdlPbXWPqLfc4NfYd209tdY49vucGvsO7ae2usfUW+5wa+w7tp7a6x9Rb+Rwa+w7tp7a6x9Rb7p4NfYd20ttdY+ot/I4NfYu7aW2usfUW/kcGvsO7qW2usfUW/kcG52Hd1LbXWPqLfyODc7OlPEQl4sovkTVzKm5TVylhNFUc4dT0YmAAAHOrVUE5SdkjCuuKIzKaaZqnEKnEY2U9C/bHgWt85WXdVVVy9Ib1uxFPN5rmtvPfAG8YA3jBXI3jAuN4FxvJwVxvGBcbwVxvAuN4wVxvJFyN4wVxvJwVxvGBcjeMFcbycFcjeMFcbycFcjeMC43k4FyYrmJyiYifR7sHlOULKd5R5fGRt2dbNPpV6w1bumifWn0leU6iklKLunqZbU1RVGYV8xMTiUzJAApMoYnPm0vFjoXPwlNq7+9XiOULCxbxGXkuae82BcbxgXG8YFxvAuN4K5G8YFxvAzhvJwVxvGCuN4wLkbycFcbxgXG8nBNkbxgrjeMFcbxgrkbyRnEbxhFsbycFcbycC43jAuN4wLkbxhZZGxebP9N+LLVySLHQamYq3J5S0tVZzG9C+LpXOWJqZtOcuCLtznndq3aJllRGaohnGzm5nM5W+BcjKcFcZBcZBcZMAGBcgFxkwVxlOCuMmBcjKSbALjIVyMhNjKcFcZCuQn0K5EhXCRcjKUbkZMC4ynAuMmBcZMHCbTTWtNNc5lRVNNUTDGqnMTDY0pZ0Yy4Un1HWUTmmJUMxiZh58o7zPmXajy1PSqZ2ffCgOcWwAAAJIAuAABAVwEEggJgASRAWvR5+AmImfSDMR6vVSydVn/ANc1cMtH5NqjRXa/th4Vam3H3eynkPaqe6Mf7NunZfyqa863tD0QyLSWtzlzyt2HvTs21Hd5zrLkpPI9HZfPnyM52fYn7MfqrvdTZTwX6Ekk24S0xb1rhRUazS8Gr05SsNPe4sevOHiNNsghIAAAQieTX4LeqXqR7DrbXsp8KG57p8ueUt5n7u1GGq6NSbPUpZ85xbAJAAwEEgAIygLTq0kxTM8oJmI5usMJUlqhL3q3aetOmu1cqZec3rcc5Krhpw0zhJLh1rpRFdi5RzpTTeoq5S43PF6EEgJSpQzpRjqzpJX52ZW6d6qKe7Gud2mZaTC4OFJftWnzyemTOjs6ei1GKYU9y7VcnMvRY93mAGAgK/LlNSoSk9cLTXY+pmlr6Irsz/jY0tUxdj/WZObXQuQC4BcARMIlsMDvVL2cew62z06fChue6fLnlLeZ+7tRhqujUmz1KWeObW4AAkgJ0aUpvNgm3/8Aaz0t26rk4pjLCuumiMysaOR29M5W5Iq/WWFGzZn3VfpqVaz4w9dLJdKPmcvWf9G3RobVP2y8KtTcn7vVTpRj4sYx5kkbNNumnlDxmqZ5ynYzQGiJjPMUOWMIqbjOKtGbtbzKXIUmv08UTv08pWOluzVmmVcVzdABGVmmtaaa5yaat2qJ7IqpzGGmwWNjWX7X+5L90XrX4Ok0+opuxmOanu2qrc4l6bmw8gAwPBlTKUcOkrZ9Sd82F7e9vzI09Vq6bEd5lsWNPN2e0QzmKxVSu/5Jft81OOiC+5RX9Vdve6fTstbVmi37Y/Liaz1ASAC4AIRLYYLeqXs4dh11n2U+FBc98+UMpbzPmXajz1XRqTY6lLOnOLgXICJAQLvIlv0nbxs5539F3s7HD/1W6vO/6rJFg1TJAAgFKaSu2klrbdkYzVERmUxEzOIUOWMfCrmU6bz82edKS8VWTVr+fWU+v1NFyIop9fVYaWxVTM1VeivKtvEArkBKTTum01qadmjKmuaZzEommJjEvVRynWi1eo5RTV1KMXdc+s27WuvRMRM5h4V6W3MTiMS1EWdDE5VBkjL5f8pfJThbmuzntpTPG/C30XS/KvK5uEwYIhIAAGTCJbHA71S9nDsR11n2U+HP3PfPlDKe8z5l2o89V0avDKx1KWcuc2txchIuAXBh1w2JlSlnR96epo97F+qzVmHldtU1x6rWllqm/HUqb9VyXSi2o2jamP5ejRq0dyOXqsKFaNSKlBqUXqaN2iumuM0zmGvVTNM4mHQzYoVHZN8CbMapxTKY5shOpKraVWUpt6bN/tXMtRy9y7Xcn+U5XlFFNHpTGAjzZC4CISAIsBNgbSnqXMuw62j2woJ5pGSGY3QeUvlpQ7ZHP7T9L0T/AIt9D0vyrbla3UWyAAAAAIEtngd6pezh2I6+z06fDnrnvnyhlPeKnMu1HnqujV4ZWOpSzdzmlwLgK4SLgIAIThf5Bf8AFLkqPsRe7Nn+qfKr1kf2fhZFi1EKmp8z7DCv2ymOcMbT8WPMjlJX6QCZAAkrhBMhJMDZ0XeMX6Mew623OaYc/Vzl0M0MzukX/Ijy0o/VIodqx/ZHha6D2T5VRVN8gkAFwAATCJbTA71S9nDsR19np0+HPXPfPlzypvFTmXajz1XRq8MrHUpZq5zK5wLgwCUggIAAvNz7/jmvT/pF3szpz5Vmt98LVFm0ynqfMY1cpTHNi6b/AGx5kcnPNfmQAJFwFcgK4Si2QNlgX/FT9nDsR1lic26fCgue+fLuerBm90+/UuWnLql+Si2tH86fC12f7KlOVKwJkBAAAAJkkttgN5pezh2HX2enT4c7c98+XPKu8VOZdqPPVdGrwysdSlmDmF0dwEAAK5KQBebnn+2p60ewudlz/GryrddH8oW6LVokyJ5DE03oXMcjPOXQJBJEAbCSuEk2QE2QlsMmO9Cj7OPYdVpZzZp8KC91KvL1Gw8mc3Ur+Sg/QqdsSk2vHrQtNncqvwpGymWRNkAuEi4BcAuTCJbfAbzS9nDsOvs9Onw5y5758ueVd4qcy7UYaro1eGVjqUstc5hdi4BcAuABJAXW5x76vUfaXGyp90K3XR60rtFu0AyJ5DER/t9pyVful0P2g7mKSuElcgwVwmIK5CQk3oSbfAldmUUVTyhjNURzlscm03ChSjLQ1BXT83IdTpqZptUxPZQ3qoquVTD1Hu8md3V+Nh3yVV9JTbWj2LPZ3/X4UVyjWiLYSLgFwC4BcmES3GA3ml7OHYdhZ6dPhzdz3z5c8rbxU5l9SPPVdGrwz0/UpZU5fK7FxlIuMguMgALgW+5yX8lRcME+h/ktdlT/ACqhX6+PSJX6LtWhkDE1Y5s5x2Zzj0SZyl2MXKo/10Fuc0xP+HSozn4kJS5otrpIos11e2nJVcop5y91HItaWtRgvSenoRuUbNu1c/RrVa23HL1eylufX/epJ8kY262bVGyqf+qmvVr6v+aXrp5GoR/6uXrSbNmnZ9in7ZeNWruz93ohgKUdVOC/8Uz3p09qnlTDym9XPOp2jBLUkuZWPWKKY5QwmZlJGSDAz+6zVQfpTXy/gp9r+ynystm+6pnSiW4BgrhIALgCYRLd4DeaXs4diOxs9Onw5m576vLllfyerzLtR56vo1eGen6lLKHLL0AFwC4CbALgws9z0v52uGnLtRY7MnF3HeGlro/rjy0qOgVJgcXhabk5ZkM565Zquec2qJnM0wy36sYy6W4DOIiOTFIkIAALgFwABgUO63e6L/2tfIyp2tH9dPlY7N99XhmmygXKNyABIAAGiYRLeYDeaXs4fSjsLPTp8OYue+ry5ZX8nq8y7Ueer6NXhnp+rSyNzl8r6BcgFwC5ILkBBL35ClbE0+VSXys3tn1Yvw1NbH9UtYjpFKYCuAXGR48VlWhS0TqwT2U86XQjWu6uzb91T3t6a7c9tKuqbpqa8SnVnzpQXWzTr2raj2xMtmnZtyecxDx1d0dZ+JTpQ5ZNzfVY1bm1bk+2mIbFGzqI91Uz4eOplbEy11nHkhGMTWq19+r/AKe9Ojs0/wDOfLlLHVn/AJ63x2POdVen/uWcWLXwhrsjzcsPSlJuTcdLk7ttNrSdHpKpqs0zKj1FMU3aoh7TZeKi3Wr+Cm+CtH6ZIq9q9GPKw2d1Z8Msc6uyYSLgFwYFwYCYhEt/k/eaPsofSjsbPTp8OXu++fLjljyerzLtR56vo1eGen6tLIXOVX8QBkwVwnAuSC5ALjI9eR5f8mj639M2tDP99LX1cf1S2SOpUJgUuWctOhP9KnFTqZqk3J2hBPVzsrdZruDO7TGZb2l0fFjeqnEM9icZWrb7Vk1sReZDoRS3dVdue6r8LS3YtW/bT+fu4KKWpJcxrvbmCAXAVwkmwnDZbn5XwtLkzl8zOo2fOdPS57WR/dUsjdayk3W+TLkq0/7RW7V6H5b+zp/u/DJXObXpNkGCCQAANEwiX0DJ+8UfZQ+lHY2enT4cvd98+XLLPk1X1V2o89X0KvDLTdWnyx1zlHQwLgK4BcGBnDJgXBh6MmztXov/AGR63Y2NLVi9TP8Arx1EZtVeG3R1jnjAxeXtGLrf+v6UcztHrz+F9oujH5eC5oNvAbAVwkXAi2ArhOGv3LVL4a2zUmunT/Z0my6s2IjsodfTi95XBYtJTbq/JJPgqUn86X9lftOM6eW7s+f74/LG3OYy6ANhJXITgXBgXBgJkwiYfQ8nbxR9lD6UdlZ6dPhyl331eXHLXk1X1V9SPPV9Crw9NN1afLGXOTdDgXALkguQFcAuBOjPNnB8EovoZnbnFdM9pY3IzRMf436Oyjk5kwMZuj8sqcsKb6jmtp9efEL7Z/R/Mq25XtwXIyItjKQMmCBh0o0J1NFOEp+rFtHpbs3LntpmWFd2ij3VYa3c3g50aMlUWbKU87NunZWS8x0WzrFdq3iqMZUeuvU3LmaeULcsGm5YihGpFwmlKMtaZjXRTXG7VHoypqmmd6nmrqu5/DuLioZreqSlLOT97NKrZ1iacRThs0669FWd5kMo4SWHqulPWtKa1Si9TOd1FiqzXNEr7T34vUb0PLc13sLkguA0xCJfRcnbxR9lD6UdnZ6dPhyt331eXHLfk1b1V2o8tZ0KvDPTdWnyxRyboxcgK5OQXGQDILjITYyYb/BVM+lTntQi+lHY2at63TP+OYuU7tcx/ruerBmt0OS6tSsqtKOenCMGk1dNN6dPP1FLtHR3LlcV0RlaaHVW6KJoqnCkxGCq0lnVKc4rha0dKKq5prtuM104WNvUWq5xTV6vPc13uTYSTYHqyXThPEUoVPElKz4G/Mumxs6Smiu9TFfJr6qqqm1M0829pQUUoxSikrJJWSOsppimMRGHNzMzOZSMkGAgEQMZuuxMJ4inGDUpU6clUcXdJt6Fz6+k53a1ymqumKfWYX2y7VVNuZmMZ5KO5UrMXALgNMmES+j5O3ij7KH0o7Oz06fDk7vvq8uOW/Ja3qrtR5azoVeGel61Plh7nJOkFyAXAVwC4MJU4SnJRinKUnZJa2zKmmqqYimMzKKqoojenkv8FuabSdeeb6ELN+9lzZ2Tn1uT+FXd2l9qI/LR4ekqcIwjojBKK5kXVuiKKYpjlCrqqmqZmfu6GbEgFOCkmmk01Zp6U0RMRMYlMTicwxGX8FHD182GiE458Vs6bNHL7R09Nm5/HlPq6DQ3pu2/5c4nCtuV7dwTZOQriJmDGWmyPujioqniXZrQqutNelwPlL7R7TpmIou+k91Nqtn1RO9b9Y7Lt5ToWv8Ar0bcP6kfuWn1FvGd6FfwLucbs/p5K+6XCQ/yqb4KcZTfVoPCvaGnp/6z4e9Gg1FX/OPKrxW7DWqFGT9Ks1FfCtJo3dsRyop/bct7Jnncqx4UeNypiMRvtWWa/wDHT/jh1aX7ysv629d51Yj/ABY2tJZte2n1/wB9XiSS0LQamWz6ydyAXJBcATEIl9KybvFH2VP6UdpZ6dPhyV3qVeXDLvktb1V2o8tb0K/DPS9anywtzkMumgXBgXBgZwBcJe/IWLjRxEJTtmtODk/+t/Obuz71Nq9E1cpaettVXLUxS3MXdJ9h1cTlzvJIkACbImRU5R3QUMPdZ36tTi6VpP3vUjS1GvtWvTOZ7Q27Ghu3ftiO8sfjsbPE1ZValk2lGEFpUILzX870nOanU1X696pf2LFNmjcp9e7hc13sVwFcAuQIOK4F0IllmTuRlCNwkXCSbCSuAXALgCYhEvpmTfJ6Hsqf0o7Wz06fDkLvvq8uOXfJa3qrtR5a3oV+Gel61PlhDj3TkAAIAAALHAZbr4dKMXGcFqhUu7czWlG/p9o3bMY5w072htXZzyl7Km6uu1+2lRi+FznLqsjaq2xX9qYeFOyrf3ql4q2X8XP/ACxguCnTS63c169p6ir748NinZ+np+2fMvDWxFWpvtWrUXBKpLN6FoNSvUXa/dVMtimzbo9tMQ5RiloSS5jxe2TuEEABKIAAmElcBBJBJNgK4SLgFwGmIRL6bk3yej7Kn9KO1s9Onw4+71KvIyjS/UoVYLXKnK3PbQL1G/RVT3Rbq3a4l89Zxc07s4nm6qmcxEwLkJIAAAkAIACQAARYAAgAJRYAEkwEEkEkEkwFcAuAXAnSg5SUVpcmkudmdqia64pj7vO5XFFE1T9n1HD08yEI7MYx6FY7WmMREOPqnMzLqZIYfdBgHQrNpfx1G5QfmT88fd2HNbT0k0V79MekrzQamKqdyecKoqlmLgAAwEABJAAAAgEEgBNhJAAEQkAIJgglFhIAAAhDQ7kcmupV/Xkv46TuvSqeZe7X0F5srSTvcWr8KbaepiI4dP5bcv1GYHnxuEhXpunUV09XmafCuUwroiuJpqjMMqappnNPNjMp5Gq4dt2dSn5qkVfR6S83Yc/qtl1U/wArfrH/AKudPtCmqMV+kqxcmnmKqq3VT6TCyiumfWJBiyAAEiwCaAQAAAyQBYJJgIJIGSYTkgZJoJgmmE5JoGRYAt7uczpt1VelMZY1XKaY9ZXeRtztWu1KonSpa3KStOS4Ir+2W+l2XVM7130jsqdVtOnG7b5924w2HjShGnTSjCKski+ppimMRyUc1TVOZdjJAAAEwPFiMk4eq7zo03J65ZubLpRhNFNXOMsoqqjlOHDwewvFfPP7mPAt/GP0y41z5SPB7C8V88/uRwLfxj9HGufKT8HsLxXzz+44Fr4x+jjXPlJeD2F4r55/ccC38Y/RxrnykeD2F4r55/ccC38Y/RxrnykeD2F4r55/cngWvjH6ONc+UjwewvFfPP7kcC38Y/RxrnykeD2F4pfHP7jgW/jH6ONc+UjwewvEr45/ccC38Y/SeNc+UjwewvEr45/cngW/jH6ONc+UjwdwvEr45/ccC38Y/SONc+Ul4O4XiV8c/uOBb+MfpPGufKR4O4TiV8c/uOBb+Mfo41z5SPB3CcSvjn9yOBb+MfpHGufKR4O4TiV8c/uOBb+MfpPGufKR4OYTiV8c/uOBb+Mfo49z5T+x4O4TiV8c/uOBb+Mfo49z5T+x4O4TiV8c/uTwLfxj9HHufKf2PB3CcSvin9yOBb+Mfo41z5T+3qw2S6FJ3p0acHtKKcul6T0popp5RhhNVU85esyYmAARclwgJ1VwgQeIjwgReLiBB46HKBF5SgvMwIPKsOBgReV47L6QI9+FsPpAXfj0H8QC78eh834AO/H+v5vwAu/L4tfF+ADvw+LXxfgA78vi18X4AO/D4tfF+AH34/1/N+ADvx6HzfgB9+FsP4gGssLYfSgJLK8dl9IEllWHAwJrKUOBgSWOhygTWLi+ECSxEeECaqrhAbguACLpLgAi8PECLwkeUCDwEeUCLybF+dgQeSo8LAg8kR2mBF5HW2+gBd5/T6gF3ne2ugA7zvbXQwF3nltx6GAd55bcehgHeeW3HoYB3nltx6GAd53troYDWR3troAfef0+oCSyOtt9ADWSI7T6AJLJUeFgTWTY8LAmsDFcIE1hI8oElh4gSVJcAHQAAAEAwAAAAAAAAAAAQDAAEAAMBAMAAAAAAAAD/9k=">
-                        Hyves
-                    </div>
-                </li>
-            </a>
-            <a href="#">
-                <li class="group-item">
-                    <div class="group">
-                        <img class="group-picture" src="data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAkGBxANDQ0NDQ8NDQ0NDQ0NDQ0NDQ8NDQ4NFREWFhURFRUYHSggGBolGxUVITEhJSkrLi4uFx8zODMsNygtLisBCgoKDg0OGBAQFy0dHR0rLi0tLSstLS0rLS0tLS0tLSstLS0tKy0rLS0tLS0tLS0tLS0tKy0tLS0rLS0tLS0tLf/AABEIAOsA1wMBEQACEQEDEQH/xAAbAAACAwEBAQAAAAAAAAAAAAAAAQIFBgMEB//EAEEQAAIBAgEFCQ8EAgIDAAAAAAABAgMRBAUSITFSBjNRU2FxkaGxFBUWMjRBYnJzgZKistHhEyIjwUNjJEKCg/D/xAAaAQEAAgMBAAAAAAAAAAAAAAAAAQUCBAYD/8QALBEBAAEDAQcDBAMBAQAAAAAAAAECAxEEBRITMTNRcSEyUhRBgZEiI2FCof/aAAwDAQACEQMRAD8A+4gAABynXjHXKK955zcpp5yyiiqeUId109pdZjx7fdlwq+w7rp7S6xx7fc4VfYd109pdY49vucKvsO66e0usce33ODX2HddPaXWOPb7nBr7DuuntLrHHt9zg19i7rp7S6xx7fc4NfYd2U9tdY+ot/I4NfYd2U9tdY+ot9zg19h3ZT211j6i33ODX2HdlPbXWPqLfc4NfYd209tdY49vucGvsO7ae2usfUW+5wa+w7tp7a6x9Rb+Rwa+w7tp7a6x9Rb7p4NfYd20ttdY+ot/I4NfYu7aW2usfUW/kcGvsO7qW2usfUW/kcG52Hd1LbXWPqLfyODc7OlPEQl4sovkTVzKm5TVylhNFUc4dT0YmAAAHOrVUE5SdkjCuuKIzKaaZqnEKnEY2U9C/bHgWt85WXdVVVy9Ib1uxFPN5rmtvPfAG8YA3jBXI3jAuN4FxvJwVxvGBcbwVxvAuN4wVxvJFyN4wVxvJwVxvGBcjeMFcbycFcjeMFcbycFcjeMC43k4FyYrmJyiYifR7sHlOULKd5R5fGRt2dbNPpV6w1bumifWn0leU6iklKLunqZbU1RVGYV8xMTiUzJAApMoYnPm0vFjoXPwlNq7+9XiOULCxbxGXkuae82BcbxgXG8YFxvAuN4K5G8YFxvAzhvJwVxvGCuN4wLkbycFcbxgXG8nBNkbxgrjeMFcbxgrkbyRnEbxhFsbycFcbycC43jAuN4wLkbxhZZGxebP9N+LLVySLHQamYq3J5S0tVZzG9C+LpXOWJqZtOcuCLtznndq3aJllRGaohnGzm5nM5W+BcjKcFcZBcZBcZMAGBcgFxkwVxlOCuMmBcjKSbALjIVyMhNjKcFcZCuQn0K5EhXCRcjKUbkZMC4ynAuMmBcZMHCbTTWtNNc5lRVNNUTDGqnMTDY0pZ0Yy4Un1HWUTmmJUMxiZh58o7zPmXajy1PSqZ2ffCgOcWwAAAJIAuAABAVwEEggJgASRAWvR5+AmImfSDMR6vVSydVn/ANc1cMtH5NqjRXa/th4Vam3H3eynkPaqe6Mf7NunZfyqa863tD0QyLSWtzlzyt2HvTs21Hd5zrLkpPI9HZfPnyM52fYn7MfqrvdTZTwX6Ekk24S0xb1rhRUazS8Gr05SsNPe4sevOHiNNsghIAAAQieTX4LeqXqR7DrbXsp8KG57p8ueUt5n7u1GGq6NSbPUpZ85xbAJAAwEEgAIygLTq0kxTM8oJmI5usMJUlqhL3q3aetOmu1cqZec3rcc5Krhpw0zhJLh1rpRFdi5RzpTTeoq5S43PF6EEgJSpQzpRjqzpJX52ZW6d6qKe7Gud2mZaTC4OFJftWnzyemTOjs6ei1GKYU9y7VcnMvRY93mAGAgK/LlNSoSk9cLTXY+pmlr6Irsz/jY0tUxdj/WZObXQuQC4BcARMIlsMDvVL2cew62z06fChue6fLnlLeZ+7tRhqujUmz1KWeObW4AAkgJ0aUpvNgm3/8Aaz0t26rk4pjLCuumiMysaOR29M5W5Iq/WWFGzZn3VfpqVaz4w9dLJdKPmcvWf9G3RobVP2y8KtTcn7vVTpRj4sYx5kkbNNumnlDxmqZ5ynYzQGiJjPMUOWMIqbjOKtGbtbzKXIUmv08UTv08pWOluzVmmVcVzdABGVmmtaaa5yaat2qJ7IqpzGGmwWNjWX7X+5L90XrX4Ok0+opuxmOanu2qrc4l6bmw8gAwPBlTKUcOkrZ9Sd82F7e9vzI09Vq6bEd5lsWNPN2e0QzmKxVSu/5Jft81OOiC+5RX9Vdve6fTstbVmi37Y/Liaz1ASAC4AIRLYYLeqXs4dh11n2U+FBc98+UMpbzPmXajz1XRqTY6lLOnOLgXICJAQLvIlv0nbxs5539F3s7HD/1W6vO/6rJFg1TJAAgFKaSu2klrbdkYzVERmUxEzOIUOWMfCrmU6bz82edKS8VWTVr+fWU+v1NFyIop9fVYaWxVTM1VeivKtvEArkBKTTum01qadmjKmuaZzEommJjEvVRynWi1eo5RTV1KMXdc+s27WuvRMRM5h4V6W3MTiMS1EWdDE5VBkjL5f8pfJThbmuzntpTPG/C30XS/KvK5uEwYIhIAAGTCJbHA71S9nDsR11n2U+HP3PfPlDKe8z5l2o89V0avDKx1KWcuc2txchIuAXBh1w2JlSlnR96epo97F+qzVmHldtU1x6rWllqm/HUqb9VyXSi2o2jamP5ejRq0dyOXqsKFaNSKlBqUXqaN2iumuM0zmGvVTNM4mHQzYoVHZN8CbMapxTKY5shOpKraVWUpt6bN/tXMtRy9y7Xcn+U5XlFFNHpTGAjzZC4CISAIsBNgbSnqXMuw62j2woJ5pGSGY3QeUvlpQ7ZHP7T9L0T/AIt9D0vyrbla3UWyAAAAAIEtngd6pezh2I6+z06fDnrnvnyhlPeKnMu1HnqujV4ZWOpSzdzmlwLgK4SLgIAIThf5Bf8AFLkqPsRe7Nn+qfKr1kf2fhZFi1EKmp8z7DCv2ymOcMbT8WPMjlJX6QCZAAkrhBMhJMDZ0XeMX6Mew623OaYc/Vzl0M0MzukX/Ijy0o/VIodqx/ZHha6D2T5VRVN8gkAFwAATCJbTA71S9nDsR19np0+HPXPfPlzypvFTmXajz1XRq8MrHUpZq5zK5wLgwCUggIAAvNz7/jmvT/pF3szpz5Vmt98LVFm0ynqfMY1cpTHNi6b/AGx5kcnPNfmQAJFwFcgK4Si2QNlgX/FT9nDsR1lic26fCgue+fLuerBm90+/UuWnLql+Si2tH86fC12f7KlOVKwJkBAAAAJkkttgN5pezh2HX2enT4c7c98+XPKu8VOZdqPPVdGrwysdSlmDmF0dwEAAK5KQBebnn+2p60ewudlz/GryrddH8oW6LVokyJ5DE03oXMcjPOXQJBJEAbCSuEk2QE2QlsMmO9Cj7OPYdVpZzZp8KC91KvL1Gw8mc3Ur+Sg/QqdsSk2vHrQtNncqvwpGymWRNkAuEi4BcAuTCJbfAbzS9nDsOvs9Onw5y5758ueVd4qcy7UYaro1eGVjqUstc5hdi4BcAuABJAXW5x76vUfaXGyp90K3XR60rtFu0AyJ5DER/t9pyVful0P2g7mKSuElcgwVwmIK5CQk3oSbfAldmUUVTyhjNURzlscm03ChSjLQ1BXT83IdTpqZptUxPZQ3qoquVTD1Hu8md3V+Nh3yVV9JTbWj2LPZ3/X4UVyjWiLYSLgFwC4BcmES3GA3ml7OHYdhZ6dPhzdz3z5c8rbxU5l9SPPVdGrwz0/UpZU5fK7FxlIuMguMgALgW+5yX8lRcME+h/ktdlT/ACqhX6+PSJX6LtWhkDE1Y5s5x2Zzj0SZyl2MXKo/10Fuc0xP+HSozn4kJS5otrpIos11e2nJVcop5y91HItaWtRgvSenoRuUbNu1c/RrVa23HL1eylufX/epJ8kY262bVGyqf+qmvVr6v+aXrp5GoR/6uXrSbNmnZ9in7ZeNWruz93ohgKUdVOC/8Uz3p09qnlTDym9XPOp2jBLUkuZWPWKKY5QwmZlJGSDAz+6zVQfpTXy/gp9r+ynystm+6pnSiW4BgrhIALgCYRLd4DeaXs4diOxs9Onw5m576vLllfyerzLtR56vo1eGen6lLKHLL0AFwC4CbALgws9z0v52uGnLtRY7MnF3HeGlro/rjy0qOgVJgcXhabk5ZkM565Zquec2qJnM0wy36sYy6W4DOIiOTFIkIAALgFwABgUO63e6L/2tfIyp2tH9dPlY7N99XhmmygXKNyABIAAGiYRLeYDeaXs4fSjsLPTp8OYue+ry5ZX8nq8y7Ueer6NXhnp+rSyNzl8r6BcgFwC5ILkBBL35ClbE0+VSXys3tn1Yvw1NbH9UtYjpFKYCuAXGR48VlWhS0TqwT2U86XQjWu6uzb91T3t6a7c9tKuqbpqa8SnVnzpQXWzTr2raj2xMtmnZtyecxDx1d0dZ+JTpQ5ZNzfVY1bm1bk+2mIbFGzqI91Uz4eOplbEy11nHkhGMTWq19+r/AKe9Ojs0/wDOfLlLHVn/AJ63x2POdVen/uWcWLXwhrsjzcsPSlJuTcdLk7ttNrSdHpKpqs0zKj1FMU3aoh7TZeKi3Wr+Cm+CtH6ZIq9q9GPKw2d1Z8Msc6uyYSLgFwYFwYCYhEt/k/eaPsofSjsbPTp8OXu++fLjljyerzLtR56vo1eGen6tLIXOVX8QBkwVwnAuSC5ALjI9eR5f8mj639M2tDP99LX1cf1S2SOpUJgUuWctOhP9KnFTqZqk3J2hBPVzsrdZruDO7TGZb2l0fFjeqnEM9icZWrb7Vk1sReZDoRS3dVdue6r8LS3YtW/bT+fu4KKWpJcxrvbmCAXAVwkmwnDZbn5XwtLkzl8zOo2fOdPS57WR/dUsjdayk3W+TLkq0/7RW7V6H5b+zp/u/DJXObXpNkGCCQAANEwiX0DJ+8UfZQ+lHY2enT4cvd98+XLLPk1X1V2o89X0KvDLTdWnyx1zlHQwLgK4BcGBnDJgXBh6MmztXov/AGR63Y2NLVi9TP8Arx1EZtVeG3R1jnjAxeXtGLrf+v6UcztHrz+F9oujH5eC5oNvAbAVwkXAi2ArhOGv3LVL4a2zUmunT/Z0my6s2IjsodfTi95XBYtJTbq/JJPgqUn86X9lftOM6eW7s+f74/LG3OYy6ANhJXITgXBgXBgJkwiYfQ8nbxR9lD6UdlZ6dPhyl331eXHLXk1X1V9SPPV9Crw9NN1afLGXOTdDgXALkguQFcAuBOjPNnB8EovoZnbnFdM9pY3IzRMf436Oyjk5kwMZuj8sqcsKb6jmtp9efEL7Z/R/Mq25XtwXIyItjKQMmCBh0o0J1NFOEp+rFtHpbs3LntpmWFd2ij3VYa3c3g50aMlUWbKU87NunZWS8x0WzrFdq3iqMZUeuvU3LmaeULcsGm5YihGpFwmlKMtaZjXRTXG7VHoypqmmd6nmrqu5/DuLioZreqSlLOT97NKrZ1iacRThs0669FWd5kMo4SWHqulPWtKa1Si9TOd1FiqzXNEr7T34vUb0PLc13sLkguA0xCJfRcnbxR9lD6UdnZ6dPhyt331eXHLfk1b1V2o8tZ0KvDPTdWnyxRyboxcgK5OQXGQDILjITYyYb/BVM+lTntQi+lHY2at63TP+OYuU7tcx/ruerBmt0OS6tSsqtKOenCMGk1dNN6dPP1FLtHR3LlcV0RlaaHVW6KJoqnCkxGCq0lnVKc4rha0dKKq5prtuM104WNvUWq5xTV6vPc13uTYSTYHqyXThPEUoVPElKz4G/Mumxs6Smiu9TFfJr6qqqm1M0829pQUUoxSikrJJWSOsppimMRGHNzMzOZSMkGAgEQMZuuxMJ4inGDUpU6clUcXdJt6Fz6+k53a1ymqumKfWYX2y7VVNuZmMZ5KO5UrMXALgNMmES+j5O3ij7KH0o7Oz06fDk7vvq8uOW/Ja3qrtR5azoVeGel61Plh7nJOkFyAXAVwC4MJU4SnJRinKUnZJa2zKmmqqYimMzKKqoojenkv8FuabSdeeb6ELN+9lzZ2Tn1uT+FXd2l9qI/LR4ekqcIwjojBKK5kXVuiKKYpjlCrqqmqZmfu6GbEgFOCkmmk01Zp6U0RMRMYlMTicwxGX8FHD182GiE458Vs6bNHL7R09Nm5/HlPq6DQ3pu2/5c4nCtuV7dwTZOQriJmDGWmyPujioqniXZrQqutNelwPlL7R7TpmIou+k91Nqtn1RO9b9Y7Lt5ToWv8Ar0bcP6kfuWn1FvGd6FfwLucbs/p5K+6XCQ/yqb4KcZTfVoPCvaGnp/6z4e9Gg1FX/OPKrxW7DWqFGT9Ks1FfCtJo3dsRyop/bct7Jnncqx4UeNypiMRvtWWa/wDHT/jh1aX7ysv629d51Yj/ABY2tJZte2n1/wB9XiSS0LQamWz6ydyAXJBcATEIl9KybvFH2VP6UdpZ6dPhyV3qVeXDLvktb1V2o8tb0K/DPS9anywtzkMumgXBgXBgZwBcJe/IWLjRxEJTtmtODk/+t/Obuz71Nq9E1cpaettVXLUxS3MXdJ9h1cTlzvJIkACbImRU5R3QUMPdZ36tTi6VpP3vUjS1GvtWvTOZ7Q27Ghu3ftiO8sfjsbPE1ZValk2lGEFpUILzX870nOanU1X696pf2LFNmjcp9e7hc13sVwFcAuQIOK4F0IllmTuRlCNwkXCSbCSuAXALgCYhEvpmTfJ6Hsqf0o7Wz06fDkLvvq8uOXfJa3qrtR5a3oV+Gel61PlhDj3TkAAIAAALHAZbr4dKMXGcFqhUu7czWlG/p9o3bMY5w072htXZzyl7Km6uu1+2lRi+FznLqsjaq2xX9qYeFOyrf3ql4q2X8XP/ACxguCnTS63c169p6ir748NinZ+np+2fMvDWxFWpvtWrUXBKpLN6FoNSvUXa/dVMtimzbo9tMQ5RiloSS5jxe2TuEEABKIAAmElcBBJBJNgK4SLgFwGmIRL6bk3yej7Kn9KO1s9Onw4+71KvIyjS/UoVYLXKnK3PbQL1G/RVT3Rbq3a4l89Zxc07s4nm6qmcxEwLkJIAAAkAIACQAARYAAgAJRYAEkwEEkEkEkwFcAuAXAnSg5SUVpcmkudmdqia64pj7vO5XFFE1T9n1HD08yEI7MYx6FY7WmMREOPqnMzLqZIYfdBgHQrNpfx1G5QfmT88fd2HNbT0k0V79MekrzQamKqdyecKoqlmLgAAwEABJAAAAgEEgBNhJAAEQkAIJgglFhIAAAhDQ7kcmupV/Xkv46TuvSqeZe7X0F5srSTvcWr8KbaepiI4dP5bcv1GYHnxuEhXpunUV09XmafCuUwroiuJpqjMMqappnNPNjMp5Gq4dt2dSn5qkVfR6S83Yc/qtl1U/wArfrH/AKudPtCmqMV+kqxcmnmKqq3VT6TCyiumfWJBiyAAEiwCaAQAAAyQBYJJgIJIGSYTkgZJoJgmmE5JoGRYAt7uczpt1VelMZY1XKaY9ZXeRtztWu1KonSpa3KStOS4Ir+2W+l2XVM7130jsqdVtOnG7b5924w2HjShGnTSjCKski+ppimMRyUc1TVOZdjJAAAEwPFiMk4eq7zo03J65ZubLpRhNFNXOMsoqqjlOHDwewvFfPP7mPAt/GP0y41z5SPB7C8V88/uRwLfxj9HGufKT8HsLxXzz+44Fr4x+jjXPlJeD2F4r55/ccC38Y/RxrnykeD2F4r55/ccC38Y/RxrnykeD2F4r55/cngWvjH6ONc+UjwewvFfPP7kcC38Y/RxrnykeD2F4pfHP7jgW/jH6ONc+UjwewvEr45/ccC38Y/SeNc+UjwewvEr45/cngW/jH6ONc+UjwdwvEr45/ccC38Y/SONc+Ul4O4XiV8c/uOBb+MfpPGufKR4O4TiV8c/uOBb+Mfo41z5SPB3CcSvjn9yOBb+MfpHGufKR4O4TiV8c/uOBb+MfpPGufKR4OYTiV8c/uOBb+Mfo49z5T+x4O4TiV8c/uOBb+Mfo49z5T+x4O4TiV8c/uTwLfxj9HHufKf2PB3CcSvin9yOBb+Mfo41z5T+3qw2S6FJ3p0acHtKKcul6T0popp5RhhNVU85esyYmAARclwgJ1VwgQeIjwgReLiBB46HKBF5SgvMwIPKsOBgReV47L6QI9+FsPpAXfj0H8QC78eh834AO/H+v5vwAu/L4tfF+ADvw+LXxfgA78vi18X4AO/D4tfF+AH34/1/N+ADvx6HzfgB9+FsP4gGssLYfSgJLK8dl9IEllWHAwJrKUOBgSWOhygTWLi+ECSxEeECaqrhAbguACLpLgAi8PECLwkeUCDwEeUCLybF+dgQeSo8LAg8kR2mBF5HW2+gBd5/T6gF3ne2ugA7zvbXQwF3nltx6GAd55bcehgHeeW3HoYB3nltx6GAd53troYDWR3troAfef0+oCSyOtt9ADWSI7T6AJLJUeFgTWTY8LAmsDFcIE1hI8oElh4gSVJcAHQAAAEAwAAAAAAAAAAAQDAAEAAMBAMAAAAAAAAD/9k=">
-                        Hyves
+
+        <?php
+        $q = searchSomeGroups(0, 20, $search);
+
+        while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
+            $groupname = $group['name'];
+            $grouppic = $group['picture'];
+
+            echo("
+            <a href='https://myhyvesbookplus.nl/group/$groupname/'>
+                <li class='search-item'>
+                    <div class='group'>
+                        <img class='group-picture' 
+                             src='$grouppic'>
+                        $groupname
                     </div>
                 </li>
             </a>
+            ");
+        }
+        ?>
         </ul>
     </div>
-</div>
\ No newline at end of file
+</div>

From 18185020c3b4a389d623042050a8edafe622dc6a Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Fri, 20 Jan 2017 16:18:12 +0100
Subject: [PATCH 24/24] Added improvements to profile page.

---
 website/public/styles/profile.css | 21 +++++++++++++--------
 website/views/profile.php         | 12 ++++++++++++
 2 files changed, 25 insertions(+), 8 deletions(-)

diff --git a/website/public/styles/profile.css b/website/public/styles/profile.css
index 7437e4c..9c07242 100644
--- a/website/public/styles/profile.css
+++ b/website/public/styles/profile.css
@@ -40,6 +40,19 @@ div.posts .post p.subscript {
     font-size: 8pt;
 }
 
+div.posts .post form input, div.posts .post form textarea {
+    width: calc(100% - 15px);
+}
+
+div.posts .post form input[type="submit"] {
+    width: 100%;
+}
+
+div.posts .post form textarea.newpost {
+    margin: 15px 0 15px 0;
+    height: 100px;
+}
+
 @media only screen and (max-width: 1500px) {
     .post-box {
         width: calc(50% - 68px);
@@ -53,14 +66,6 @@ div.posts .post p.subscript {
     }
 }
 
-.post {
-    width: 100%;
-}
-
-.post img {
-    width: 100%;
-}
-
 .post .post-date {
     float: right;
     color: #aaaaaa;
diff --git a/website/views/profile.php b/website/views/profile.php
index 1457dee..19bd908 100644
--- a/website/views/profile.php
+++ b/website/views/profile.php
@@ -42,6 +42,18 @@
 
     <div class="posts">
         <?php
+            if ($_SESSION["userID"] === $userID) {
+         ?>
+                <div class="post platform">
+                    <form>
+                        <input type="text" class="newpost" placeholder="Titel">
+                        <textarea class="newpost">Schrijf een berichtje...</textarea>
+                        <input type="submit" value="Plaats!">
+                    </form>
+                </div>
+        <?php
+            }
+
             while($post = $posts->fetch()) {
                 $nicetime = nicetime($post["creationdate"]);
                 echo "