From afb45d6709c6ddf640bac34844ac4e3ac8f38055 Mon Sep 17 00:00:00 2001 From: Hendrik Date: Thu, 2 Feb 2017 15:51:27 +0100 Subject: [PATCH 1/8] add closing of modal on escape key and clicking outside --- website/public/js/masonry.js | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/website/public/js/masonry.js b/website/public/js/masonry.js index a628e96..107f710 100644 --- a/website/public/js/masonry.js +++ b/website/public/js/masonry.js @@ -83,6 +83,21 @@ $(window).on("load", function() { loadMorePosts(userID, groupID, postAmount, postLimit); } }; + + $(document).keyup(function(e) { + if (e.keyCode == 27) { + closeModal(); + } + }); + + $('.modal').click(function() { + closeModal(); + }); + + $('.modal-content').click(function(event){ + event.stopPropagation(); + }); + }); function closeModal() { From fde736b8c50e49d86ca78853014746e1745d816c Mon Sep 17 00:00:00 2001 From: Hendrik Date: Fri, 3 Feb 2017 10:33:44 +0100 Subject: [PATCH 2/8] misc --- website/public/js/admin.js | 9 +++++++++ website/public/styles/adminpanel.css | 11 ++++++++--- website/queries/checkInput.php | 1 + website/views/adminpanel-grouptable.php | 2 +- website/views/adminpanel.php | 3 +-- 5 files changed, 20 insertions(+), 6 deletions(-) diff --git a/website/public/js/admin.js b/website/public/js/admin.js index e0dc9f7..76180d9 100644 --- a/website/public/js/admin.js +++ b/website/public/js/admin.js @@ -24,12 +24,14 @@ $(window).on("load", function () { }); }); +// Toggles all checkboxes based on one. function checkAll() { $('.checkbox-list').each(function () { $(this).prop('checked', $('#checkall').prop('checked')); }); } +// Simple function that checks if checkall should stay checked. function checkCheckAll() { var checked = true; @@ -43,6 +45,7 @@ function checkCheckAll() { $('#checkall').prop('checked', checked); } +// Toggle of filter options. function changeFilter() { if ($('#pagetype').find(":selected").val() == "group") { document.getElementById('admin-filter').style.display = 'none'; @@ -59,11 +62,13 @@ function changeFilter() { } } +// Sets the search page to one, relevant when changing filter or search. function searchFromOne() { $('#currentpage').prop('value', 1); adminSearch(); } +// AJAX live search. function adminSearch() { $.post( "API/adminSearchUsers.php", @@ -74,6 +79,7 @@ function adminSearch() { }) } +// AJAX live update. function adminUpdate(form) { $.post( "API/adminChangeUser.php", @@ -83,6 +89,7 @@ function adminUpdate(form) { }) } +// AJAX pagenumber functionality. function updatePageN() { $.post( "API/adminPageNumber.php", @@ -92,11 +99,13 @@ function updatePageN() { }) } +// Intended for the edit button to show a form. function toggleBancomment(button) { $(button).siblings("div").toggle(); $(button).toggle(); } +// AJAX value editing. function editComment(form) { $.post( "API/adminChangeUser.php", diff --git a/website/public/styles/adminpanel.css b/website/public/styles/adminpanel.css index 39d823f..ec3cc80 100644 --- a/website/public/styles/adminpanel.css +++ b/website/public/styles/adminpanel.css @@ -34,9 +34,10 @@ width: 100%; } -.usertable .table-username {width: 150px} -.usertable .table-status {width: 100px} -.usertable .table-action {width: 200px} +.table-checkbox {width: 20px} +.table-username {width: 150px} +.table-status {width: 100px} +.table-action {width: 200px} .usertable th, td { border-bottom: 1px solid #ddd; @@ -51,6 +52,10 @@ background-color: #f5f5f5; } +.bancomment { + width: 80%; +} + .bancommentedit { display: none; } diff --git a/website/queries/checkInput.php b/website/queries/checkInput.php index 69274ce..d2c9aca 100644 --- a/website/queries/checkInput.php +++ b/website/queries/checkInput.php @@ -216,6 +216,7 @@ function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); + $data = trim($data); return $data; } diff --git a/website/views/adminpanel-grouptable.php b/website/views/adminpanel-grouptable.php index 2449b3d..d30e2ba 100644 --- a/website/views/adminpanel-grouptable.php +++ b/website/views/adminpanel-grouptable.php @@ -3,7 +3,7 @@ Groepsnaam Status Beschrijving - Actie + Zichtbaarheid + Date: Fri, 3 Feb 2017 10:41:29 +0100 Subject: [PATCH 3/8] merge --- website/views/head.php | 1 + 1 file changed, 1 insertion(+) diff --git a/website/views/head.php b/website/views/head.php index 3ec8a79..134cd6f 100644 --- a/website/views/head.php +++ b/website/views/head.php @@ -26,6 +26,7 @@ require_once ("../queries/user.php"); session_start(); +$_SESSION["userID"] = 11; if(!isset($_SESSION["userID"])) { header("location:login.php?url=" . "$_SERVER[REQUEST_URI]"); } else { From 28e9269b523a6a7fb343442a2eda3469b82550e0 Mon Sep 17 00:00:00 2001 From: Marijn Jansen Date: Fri, 3 Feb 2017 10:44:50 +0100 Subject: [PATCH 4/8] Delete groups --- website/public/groupAdmin.php | 3 +++ website/public/settings.php | 1 - website/queries/groupAdmin.php | 21 ++++++++++++++++++++- website/queries/settings.php | 5 ++++- website/views/groupAdmin.php | 25 ++++++++++++++++++------- 5 files changed, 45 insertions(+), 10 deletions(-) diff --git a/website/public/groupAdmin.php b/website/public/groupAdmin.php index 6095149..30c44fa 100644 --- a/website/public/groupAdmin.php +++ b/website/public/groupAdmin.php @@ -44,6 +44,9 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { } upgradeUser($_POST["groupID"], $_POST["userID"], "admin"); break; + case "delete": + deleteGroup(); + break; } } catch (AlertMessage $w) { $alertClass = $w->getClass(); diff --git a/website/public/settings.php b/website/public/settings.php index 9247d26..6996f54 100644 --- a/website/public/settings.php +++ b/website/public/settings.php @@ -29,7 +29,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { case "picture": updateAvatar(); break; - } } catch (AlertMessage $w) { $alertClass = $w->getClass(); diff --git a/website/queries/groupAdmin.php b/website/queries/groupAdmin.php index e3580b6..3e294e5 100644 --- a/website/queries/groupAdmin.php +++ b/website/queries/groupAdmin.php @@ -60,7 +60,7 @@ function checkGroupAdmin(int $groupID, int $userID) : bool { return ($role == "admin"); } -function getAllGroupMembers(int $groupID) { +function getAllGroupUsers(int $groupID) { $stmt = prepareQuery(" SELECT `username`, @@ -106,4 +106,23 @@ function upgradeUser(int $groupID, int $userID, string $role) { } else { throw new AngryAlert("Er is iets mis gegaan"); } +} + +function deleteGroup() { + if (!checkGroupAdmin($_POST["groupID"], $_SESSION["userID"])) { + throw new AngryAlert("Geen toestemming om de groep te verwijderen!"); + } + $stmt = prepareQuery(" + DELETE FROM + `group_page` + WHERE + `groupID` = :groupID + "); + $stmt->bindValue(":groupID", $_POST["groupID"]); + $stmt->execute(); + if ($stmt->rowCount()) { + throw new HappyAlert("Group verwijderd!"); + } else { + throw new AngryAlert("Er is iets mis gegaan"); + } } \ No newline at end of file diff --git a/website/queries/settings.php b/website/queries/settings.php index 26237ec..6d6dc74 100644 --- a/website/queries/settings.php +++ b/website/queries/settings.php @@ -16,7 +16,10 @@ function getSettings() { `location`, `birthdate`, `bio`, - `profilepicture`, + IFNULL( + `profilepicture`, + '../img/avatar-standard.png' + ) AS profilepicture, `showBday`, `showEmail`, `showProfile` diff --git a/website/views/groupAdmin.php b/website/views/groupAdmin.php index 54fbee8..3d57501 100644 --- a/website/views/groupAdmin.php +++ b/website/views/groupAdmin.php @@ -16,7 +16,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
  • "> - +
    • @@ -51,8 +51,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]); + > Opslaan @@ -80,8 +79,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]); + > Verander profielfoto @@ -94,7 +92,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]); " type="hidden"> + + + +
    From b8d6136a9dccb9eb9e7c2e5a0569547e42e82bbe Mon Sep 17 00:00:00 2001 From: Marijn Jansen Date: Fri, 3 Feb 2017 10:59:10 +0100 Subject: [PATCH 5/8] Added deadmin! --- website/public/groupAdmin.php | 6 ++++++ website/queries/groupAdmin.php | 15 ++++++++++++++- website/views/groupAdmin.php | 31 +++++++++++++++++++++++++++++++ 3 files changed, 51 insertions(+), 1 deletion(-) diff --git a/website/public/groupAdmin.php b/website/public/groupAdmin.php index 30c44fa..fadaa87 100644 --- a/website/public/groupAdmin.php +++ b/website/public/groupAdmin.php @@ -44,6 +44,12 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { } upgradeUser($_POST["groupID"], $_POST["userID"], "admin"); break; + case "deadmin": + if (!array_key_exists("userID", $_POST)) { + throw new AngryAlert("Geen gebruiker geselecteerd."); + } + upgradeUser($_POST["groupID"], $_POST["userID"], "member"); + break; case "delete": deleteGroup(); break; diff --git a/website/queries/groupAdmin.php b/website/queries/groupAdmin.php index 3e294e5..c9b3af5 100644 --- a/website/queries/groupAdmin.php +++ b/website/queries/groupAdmin.php @@ -61,6 +61,18 @@ function checkGroupAdmin(int $groupID, int $userID) : bool { } function getAllGroupUsers(int $groupID) { + return getAllGroupMembers($groupID, 'member'); +} + +function getAllGroupAdmins(int $groupID) { + return getAllGroupMembers($groupID, 'admin'); +} + +function getAllGroupMods(int $groupID) { + return getAllGroupMembers($groupID, 'mod'); +} + +function getAllGroupMembers(int $groupID, string $role) { $stmt = prepareQuery(" SELECT `username`, @@ -74,10 +86,11 @@ function getAllGroupUsers(int $groupID) { ON `group_member`.`userID` = `user`.`userID` WHERE - `groupID` = :groupID AND `group_member`.`role` = 'member' + `groupID` = :groupID AND `group_member`.`role` = :role "); $stmt->bindParam(':groupID', $groupID); + $stmt->bindParam(":role", $role); if (!$stmt->execute()) { return False; } diff --git a/website/views/groupAdmin.php b/website/views/groupAdmin.php index 3d57501..d406e5c 100644 --- a/website/views/groupAdmin.php +++ b/website/views/groupAdmin.php @@ -112,6 +112,37 @@ $groupinfo = getGroupSettings($_GET["groupID"]); +
    +
    Verwijder een admin/mod
    +
      + + " type="hidden"> + + + + +
    +
      Verwijder groep
      From c69b5d8ed359016be9f7f86ef3bd9c1dc93c5b10 Mon Sep 17 00:00:00 2001 From: Marijn Jansen Date: Fri, 3 Feb 2017 11:12:02 +0100 Subject: [PATCH 6/8] Comments --- website/public/groupAdmin.php | 2 ++ website/public/settings.php | 2 ++ website/queries/connect.php | 5 ++++ website/queries/createGroup.php | 4 +++ website/queries/groupAdmin.php | 51 +++++++++++++++++++++++++++++++++ 5 files changed, 64 insertions(+) diff --git a/website/public/groupAdmin.php b/website/public/groupAdmin.php index fadaa87..ec6eee8 100644 --- a/website/public/groupAdmin.php +++ b/website/public/groupAdmin.php @@ -21,6 +21,8 @@ require_once "../queries/alerts.php"; include("../views/main.php"); $alertClass; $alertMessage; + +// Select which button has been pressed. if ($_SERVER["REQUEST_METHOD"] == "POST") { try { switch ($_POST["form"]) { diff --git a/website/public/settings.php b/website/public/settings.php index 6996f54..7208141 100644 --- a/website/public/settings.php +++ b/website/public/settings.php @@ -14,6 +14,8 @@ prepare($query); } \ No newline at end of file diff --git a/website/queries/createGroup.php b/website/queries/createGroup.php index 20ee28b..1b093fb 100644 --- a/website/queries/createGroup.php +++ b/website/queries/createGroup.php @@ -2,6 +2,10 @@ require_once "../queries/checkInput.php"; require_once "../queries/picture.php"; require_once "../queries/alerts.php"; + +/** + * Creates a group. + */ function createGroup() { $createGroup = prepareQuery(" diff --git a/website/queries/groupAdmin.php b/website/queries/groupAdmin.php index c9b3af5..8cefb9b 100644 --- a/website/queries/groupAdmin.php +++ b/website/queries/groupAdmin.php @@ -1,4 +1,9 @@ fetch(); } +/** + * Updates the settings for a group. + * @param int $groupID + * @throws AngryAlert + * @throws HappyAlert + */ function updateGroupSettings(int $groupID) { if (!checkGroupAdmin($groupID, $_SESSION["userID"])) { @@ -40,6 +51,12 @@ function updateGroupSettings(int $groupID) } } +/** + * Checks if an user is an admin for a page. + * @param int $groupID + * @param int $userID + * @return bool + */ function checkGroupAdmin(int $groupID, int $userID) : bool { $stmt = prepareQuery(" SELECT @@ -60,18 +77,39 @@ function checkGroupAdmin(int $groupID, int $userID) : bool { return ($role == "admin"); } +/** + * Returns all normal members for a group. + * @param int $groupID + * @return array|bool + */ function getAllGroupUsers(int $groupID) { return getAllGroupMembers($groupID, 'member'); } +/** + * Returns all admin for a group. + * @param int $groupID + * @return array|bool + */ function getAllGroupAdmins(int $groupID) { return getAllGroupMembers($groupID, 'admin'); } +/** + * Returns all Moderators for a group. + * @param int $groupID + * @return array|bool + */ function getAllGroupMods(int $groupID) { return getAllGroupMembers($groupID, 'mod'); } +/** + * Returns all members for a group specified by a string. + * @param int $groupID + * @param string $role + * @return array|bool + */ function getAllGroupMembers(int $groupID, string $role) { $stmt = prepareQuery(" SELECT @@ -97,6 +135,14 @@ function getAllGroupMembers(int $groupID, string $role) { return $stmt->fetchAll(); } +/** + * Upgrades or downgrades a groupmember to a different role. + * @param int $groupID + * @param int $userID + * @param string $role + * @throws AngryAlert + * @throws HappyAlert + */ function upgradeUser(int $groupID, int $userID, string $role) { if (!checkGroupAdmin($groupID, $_SESSION["userID"])) { throw new AngryAlert("Geen toestemming om te wijzigen"); @@ -121,6 +167,11 @@ function upgradeUser(int $groupID, int $userID, string $role) { } } +/** + * Removes a group form the database. + * @throws AngryAlert + * @throws HappyAlert + */ function deleteGroup() { if (!checkGroupAdmin($_POST["groupID"], $_SESSION["userID"])) { throw new AngryAlert("Geen toestemming om de groep te verwijderen!"); From ba6f86e70e49ddbbab41264685bf76e3dd450423 Mon Sep 17 00:00:00 2001 From: Joey Lai Date: Fri, 3 Feb 2017 11:12:30 +0100 Subject: [PATCH 7/8] fixed login --- website/queries/login.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/website/queries/login.php b/website/queries/login.php index 3480991..4b8dcfa 100644 --- a/website/queries/login.php +++ b/website/queries/login.php @@ -35,8 +35,7 @@ function getUserID() { } function validateLogin($username, $password, $url){ - echo $url; - // Empty username or password field + // Empty username or password field if (empty($username) || empty($password)) { throw new loginException("Inloggegevens zijn niet ingevuld"); } From da061de22672e611cd09fea4c22fd946bada128c Mon Sep 17 00:00:00 2001 From: Hendrik Date: Fri, 3 Feb 2017 11:14:03 +0100 Subject: [PATCH 8/8] validated adminpanel, added shown friends limit in profile. --- website/views/adminpanel.php | 12 +++++------- website/views/profile.php | 19 +++++++++++++++++-- 2 files changed, 22 insertions(+), 9 deletions(-) diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php index a99914e..00e6bf5 100644 --- a/website/views/adminpanel.php +++ b/website/views/adminpanel.php @@ -126,11 +126,11 @@ if (isset($_GET["groupstatus"])) { if ($userinfo == 'owner') { echo " "; } ?> @@ -139,9 +139,9 @@ if (isset($_GET["groupstatus"])) { onsubmit="adminUpdate(this); return false;"> - - - + + + @@ -151,5 +151,3 @@ if (isset($_GET["groupstatus"])) { - - \ No newline at end of file diff --git a/website/views/profile.php b/website/views/profile.php index 0cb5cc2..e9178f4 100644 --- a/website/views/profile.php +++ b/website/views/profile.php @@ -55,10 +55,17 @@

      Vrienden

      fetch()) { + $friendcount = $profile_friends->rowCount(); + $frienddif = $friendcount - 7; + + for ($i = 0; $i < min($friendcount, 7); $i += 1) { + $friend = $profile_friends->fetch(); echo "${friend["username"]}"; } + if ($frienddif > 0) { + echo $frienddif === 1 ? "en nog 1 andere." : "...en nog $frienddif anderen."; + } if($profile_friends->rowCount() === 0) { echo "

      Deze gebruiker heeft nog geen vrienden gemaakt.

      "; @@ -71,10 +78,18 @@

      Groepen

      fetch()) { + $groupcount = $profile_groups->rowCount(); + $groupdif = $groupcount - 7; + + for ($i = 0; $i < min($groupcount, 7); $i += 1) { + $group = $profile_groups->fetch(); echo "${group["name"]}s logo"; } + if ($groupdif > 0) { + echo $groupdif === 1 ? "en nog 1 andere." : "...en nog $groupdif anderen."; + } + if($profile_groups->rowCount() === 0) { echo "

      Deze gebruiker is nog geen lid van een groep.

      "; }