Merge branch 'lars' into 'master'

Lars See merge request !180
2017-02-02 12:46:42 +01:00
parent cc9866d3dd 1dfc14e6f0
commit 487e0a0523
22 changed files with 116 additions and 50 deletions
--- a/website/public/API/loadChatNotifications.php
+++ b/website/public/API/loadChatNotifications.php
@@ -6,6 +6,7 @@ require_once ("../../queries/connect.php");
 require_once ("../../queries/private_message.php");
 require_once("../../queries/user.php");

+// Check if the user is allowed to load them.
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
    echo selectAllUnreadChat();
--- a/website/public/API/loadFriendRequest.php
+++ b/website/public/API/loadFriendRequest.php
@@ -6,6 +6,7 @@ require_once ("../../queries/connect.php");
 require_once ("../../queries/friendship.php");
 require_once ("../../queries/user.php");

+// Check if the user is allowed to load them.
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'frozen' &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
--- a/website/public/API/loadFriends.php
+++ b/website/public/API/loadFriends.php
@@ -7,9 +7,11 @@ require_once ("../../queries/checkInput.php");
 require_once ("../../queries/friendship.php");
 require_once("../../queries/user.php");

+// Check if the user is allowed to load them.
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
    if (isset($_SESSION["userID"])) {
+        // Echo the limited or unlimited users.
        if (isset($_POST["limit"])) {
            echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_POST["limit"]));
        } else if (isset($_GET["limit"])) {
--- a/website/public/API/loadGroups.php
+++ b/website/public/API/loadGroups.php
@@ -8,8 +8,10 @@ require_once ("../../queries/group_member.php");

 require_once("../../queries/user.php");

+// Check if the user is allowed to load them.
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
+    // Echo the limited or unlimited groups.
    if (isset($_POST["limit"])) {
        echo selectLimitedGroupsFromUser($_SESSION["userID"], (int)test_input($_POST["limit"]));
    } else {
--- a/website/public/API/loadMessages.php
+++ b/website/public/API/loadMessages.php
@@ -8,8 +8,10 @@ require_once("../../queries/checkInput.php");
 require_once("../../queries/friendship.php");
 require_once("../../queries/user.php");

+// Check if the user is allowed to get the messages.
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
+    // Check if the users wants new messages or old ones, and give the right one back.
    if (isset($_POST["lastID"]) && $_POST["lastID"] != "") {
        setLastVisited(test_input($_POST["destination"]));
        echo getNewChatMessages(test_input($_POST["lastID"]), test_input($_POST["destination"]));
--- a/website/public/API/sendMessage.php
+++ b/website/public/API/sendMessage.php
@@ -6,12 +6,15 @@ require_once("../../queries/private_message.php");
 require_once("../../queries/checkInput.php");
 require_once("../../queries/user.php");

+// Check if the user is allowed to send a message.
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'frozen' &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
    if (!empty(test_input($_POST["destination"])) &&
        !empty(test_input($_POST["content"]))
    ) {
+        // Send the message.
+        // Returns false when it didn't succeed sending the message.
        if (sendMessage(test_input($_POST["destination"]), test_input($_POST["content"]))) {
            echo 1;
        } else {