From 1402a3ea07e6310d680172e16650f3624cc50454 Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Wed, 25 Jan 2017 11:19:24 +0100 Subject: [PATCH 01/15] Fixed query for image tags --- website/queries/user.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/queries/user.php b/website/queries/user.php index ddd972d..9904eee 100644 --- a/website/queries/user.php +++ b/website/queries/user.php @@ -108,7 +108,7 @@ function selectAllUserPosts($userID) { `postID`, `author`, `title`, - CASE LENGTH(`content`) >= 150 + CASE LENGTH(`content`) >= 150 AND `content` NOT LIKE ' Date: Wed, 25 Jan 2017 15:06:37 +0100 Subject: [PATCH 02/15] Changed friendship buttons. We now use AJAX, changed button style and added FA icons. --- website/public/API/editFriendship.php | 28 ++++++++++++++ website/public/API/getFriendshipStatus.php | 18 +++++++++ website/public/profile.php | 45 ++++++++++++++++++++++ website/public/styles/main.css | 9 +++++ website/public/styles/profile.css | 7 ++-- website/queries/friendship.php | 23 ++++++++--- website/views/profile.php | 18 ++------- 7 files changed, 124 insertions(+), 24 deletions(-) create mode 100644 website/public/API/editFriendship.php create mode 100644 website/public/API/getFriendshipStatus.php diff --git a/website/public/API/editFriendship.php b/website/public/API/editFriendship.php new file mode 100644 index 0000000..721bf90 --- /dev/null +++ b/website/public/API/editFriendship.php @@ -0,0 +1,28 @@ + + + + diff --git a/website/public/styles/main.css b/website/public/styles/main.css index 8c50b19..b8f39ee 100644 --- a/website/public/styles/main.css +++ b/website/public/styles/main.css @@ -175,6 +175,15 @@ textarea:focus, input:focus, select:focus { } /* All buttons */ +button.red { + background-color: firebrick; +} + +button.green { + background-color: forestgreen; +} + + button, input[type="submit"], input[type="reset"] { diff --git a/website/public/styles/profile.css b/website/public/styles/profile.css index fbd8775..85b2db5 100644 --- a/website/public/styles/profile.css +++ b/website/public/styles/profile.css @@ -78,17 +78,16 @@ div.posts .post form textarea.newpost { font-size: 0.8em; } -input.profile-button { +button.friend-button { float: right; height: auto; padding: 10px; + margin-left: 10px; border-radius: 5px; - background-color: #4CAF50; - color: #FFFFFF; transition-duration: 250ms; cursor: pointer; } -.profile-button:hover { +button.friend-button:hover { box-shadow: 0 10px 20px rgba(0,0,0,0.19), 0 6px 6px rgba(0,0,0,0.23); } \ No newline at end of file diff --git a/website/queries/friendship.php b/website/queries/friendship.php index d0279c9..f69522e 100644 --- a/website/queries/friendship.php +++ b/website/queries/friendship.php @@ -67,6 +67,16 @@ function selectAllFriendRequests() { } function getFriendshipStatus($userID) { + # -2: Query failed. + # -1: user1 and 2 are the same user + # 0 : no record found + # 1 : confirmed + # 2 : user1 sent request (you) + # 3 : user2 sent request (other) + if($_SESSION["userID"] == $userID) { + return -1; + } + $stmt = $GLOBALS["db"]->prepare(" SELECT CASE `status` IS NULL @@ -93,8 +103,10 @@ function getFriendshipStatus($userID) { $stmt->bindParam(':me', $_SESSION["userID"], PDO::PARAM_INT); $stmt->bindParam(':other', $userID, PDO::PARAM_INT); - $stmt->execute(); - return $stmt->fetch()["friend_state"]; + if(!$stmt->execute()) { + return -2; + } + return intval($stmt->fetch()["friend_state"]); } function requestFriendship($userID) { @@ -105,7 +117,7 @@ function requestFriendship($userID) { $stmt->bindParam(':user1', $_SESSION["userID"], PDO::PARAM_INT); $stmt->bindParam(':user2', $userID, PDO::PARAM_INT); - $stmt->execute(); + return $stmt->execute(); } function removeFriendship($userID) { @@ -116,11 +128,12 @@ function removeFriendship($userID) { `user2ID` = :user2 OR `user1ID` = :user2 AND `user2ID` = :user1 + LIMIT 1 "); $stmt->bindParam(':user1', $_SESSION["userID"], PDO::PARAM_INT); $stmt->bindParam(':user2', $userID, PDO::PARAM_INT); - $stmt->execute(); + return $stmt->execute(); } function acceptFriendship($userID) { @@ -135,7 +148,7 @@ function acceptFriendship($userID) { $stmt->bindParam(':user1', $userID, PDO::PARAM_INT); $stmt->bindParam(':user2', $_SESSION["userID"], PDO::PARAM_INT); - $stmt->execute(); + return $stmt->execute(); } function setLastVisited($friend) { diff --git a/website/views/profile.php b/website/views/profile.php index 0b2f4f2..d74f999 100644 --- a/website/views/profile.php +++ b/website/views/profile.php @@ -2,21 +2,9 @@
"> -
- - "; - } else if($user["friend_status"] == 1) { - echo ""; - } else if($user["friend_status"] == 2) { - echo ""; - echo ""; - } else if($user["friend_status"] == 3) { - echo ""; - } - ?> -
+
+ +

From 6a43402c661cc53d33607981291f8bf3282368f2 Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Wed, 25 Jan 2017 15:14:00 +0100 Subject: [PATCH 03/15] Added comment in getFriendshipStatus for Lars. --- website/public/API/getFriendshipStatus.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/website/public/API/getFriendshipStatus.php b/website/public/API/getFriendshipStatus.php index 5c2f36c..a893331 100644 --- a/website/public/API/getFriendshipStatus.php +++ b/website/public/API/getFriendshipStatus.php @@ -1,5 +1,12 @@ Date: Wed, 25 Jan 2017 15:42:28 +0100 Subject: [PATCH 04/15] Made small improvements to friendship buttons and corresponding API files. --- website/public/API/editFriendship.php | 1 - website/public/API/getFriendshipStatus.php | 1 - website/public/js/friendButtons.js | 27 ++++++++++++++++++ website/public/profile.php | 32 +--------------------- 4 files changed, 28 insertions(+), 33 deletions(-) create mode 100644 website/public/js/friendButtons.js diff --git a/website/public/API/editFriendship.php b/website/public/API/editFriendship.php index 721bf90..0518733 100644 --- a/website/public/API/editFriendship.php +++ b/website/public/API/editFriendship.php @@ -2,7 +2,6 @@ session_start(); -require_once ("../../queries/connect.php"); require_once ("../../queries/friendship.php"); if(empty($_POST["usr"]) OR empty($_POST["action"]) OR !in_array($_POST["action"], array("request", "accept", "delete"))) { diff --git a/website/public/API/getFriendshipStatus.php b/website/public/API/getFriendshipStatus.php index a893331..01bd6c4 100644 --- a/website/public/API/getFriendshipStatus.php +++ b/website/public/API/getFriendshipStatus.php @@ -9,7 +9,6 @@ session_start(); -require_once ("../../queries/connect.php"); require_once ("../../queries/friendship.php"); if(empty($_POST["usr"])) { diff --git a/website/public/js/friendButtons.js b/website/public/js/friendButtons.js new file mode 100644 index 0000000..94d6093 --- /dev/null +++ b/website/public/js/friendButtons.js @@ -0,0 +1,27 @@ +function placeFriendButtons() { + $.post("API/getFriendshipStatus.php", { usr: userID }) + .done(function(data) { + friendshipStatus = data; + $buttonContainer = $("div.friend-button-container"); + $buttonContainer.children().remove(); + if (friendshipStatus == -1) { + return; + } else if(friendshipStatus == 0) { + $buttonContainer.append($("")); + } else if(friendshipStatus == 1) { + $buttonContainer.append($("")); + } else if(friendshipStatus == 2) { + $buttonContainer.append($("")); + } else if(friendshipStatus == 3) { + $buttonContainer.append($("")); + $buttonContainer.append($("")); + } + + $buttonContainer.children().click(function() { + $.post("API/editFriendship.php", { usr: userID, action: this.value }) + .done(function() { + placeFriendButtons(); + }); + }); + }); +} \ No newline at end of file diff --git a/website/public/profile.php b/website/public/profile.php index aeea68b..6e188c4 100644 --- a/website/public/profile.php +++ b/website/public/profile.php @@ -44,42 +44,12 @@ include("../views/profile.php"); include("../views/footer.php"); ?> - + From 1b2a1a518033c09373fca11422870479942044e2 Mon Sep 17 00:00:00 2001 From: Marijn Jansen Date: Wed, 25 Jan 2017 15:46:20 +0100 Subject: [PATCH 05/15] Almost request password --- website/public/resetpassword.php | 49 ++++++++++++++++++++++ website/public/styles/resetpassword.css | 17 ++++++++ website/queries/requestpassword.php | 55 +++++++++++++++++++++++++ website/views/resetpassword.php | 47 +++++++++++++++++++++ 4 files changed, 168 insertions(+) create mode 100644 website/public/resetpassword.php create mode 100644 website/public/styles/resetpassword.css create mode 100644 website/queries/requestpassword.php create mode 100644 website/views/resetpassword.php diff --git a/website/public/resetpassword.php b/website/public/resetpassword.php new file mode 100644 index 0000000..c2f9221 --- /dev/null +++ b/website/public/resetpassword.php @@ -0,0 +1,49 @@ +prepare(" + UPDATE + `user` + SET + `password` = :password + WHERE + `userID` = :userID + "); + $stmt->bindParam(":password", $_POST["password"]); + $stmt->bindParam(":userID", $_POST["u"]); + $stmt->execute(); +} + +function verifyLink(int $userID, string $hash) { + $stmt = $GLOBALS["db"]->prepare(" + SELECT + `password` + FROM + `user` + WHERE + `userID` = :userID + "); + $stmt->bindParam(":userID", $userID); + $password = $stmt->fetch()["password"]; + return password_verify($password, $hash); +} \ No newline at end of file diff --git a/website/public/styles/resetpassword.css b/website/public/styles/resetpassword.css new file mode 100644 index 0000000..a3d7942 --- /dev/null +++ b/website/public/styles/resetpassword.css @@ -0,0 +1,17 @@ +.password-change { + height: 100%; + background-color: #FBC02D; + margin: auto; +} + +.top-logo { + text-align: center; +} + +.item-box { + margin: 30px auto auto; + display: block; +} +.password-change img { + width: 50%; +} diff --git a/website/queries/requestpassword.php b/website/queries/requestpassword.php new file mode 100644 index 0000000..4044058 --- /dev/null +++ b/website/queries/requestpassword.php @@ -0,0 +1,55 @@ +prepare(" + SELECT + `userID`, + `username` + FROM + `user` + WHERE + `email` = :email + "); + $stmt->bindParm("email", $email); + $stmt->execute(); + if (!$stmt->rowCount()) { + // TODO: Just stop. + return; + } + $result = $stmt->fetch(); + $userID = $result["userID"]; + $username = $result["username"]; + $hash = md5(random_int(0, 1000000)); + $hashedHash = password_hash($hash, PASSWORD_DEFAULT); + setHashToDatabase($userID, $hash); + doSendPasswordRecovery($userID, $email, $username, $hashedHash); + + + } else { + // TODO: Be angry! + } +} + +function doSendPasswordRecovery(int $userID, string $email, string $username, string $hash) { + $resetLink = "https://myhyvesbookplus.nl/resetpassword.php?u=$userID&h=$hash"; + + $subject = "Reset uw wachtwoord"; + $body = "Hallo $username,\r\n\r\nKlik op de onderstaande link om uw wachtwoord te resetten.\r\n\r\n$resetLink\r\n\r\nGroeten MyHyvesbook+"; + $header = "From: MyHyvesbook+ "; + mail($email, $subject, $body, $header); +} + +function setHashToDatabase(int $userID, string $hash) { + $stmt = $GLOBALS["db"]->prepare(" + UPDATE + `user` + SET + `password` = $hash + WHERE + `userID` = $userID + "); + $stmt->execute(); + return $stmt->rowCount(); +} \ No newline at end of file diff --git a/website/views/resetpassword.php b/website/views/resetpassword.php new file mode 100644 index 0000000..24d3aaf --- /dev/null +++ b/website/views/resetpassword.php @@ -0,0 +1,47 @@ + + + + + + +
+ + +
+
Voer een nieuw wachtwoord in
+ " + > + " + > +
    +
  • + + +
    • +
  • + + +
    • +
  • + + +
    • +
+
+
+ + \ No newline at end of file From cc08ebec3c7ac35be7c670d953ecfcf431911c2d Mon Sep 17 00:00:00 2001 From: Joey Lai Date: Wed, 25 Jan 2017 15:47:31 +0100 Subject: [PATCH 06/15] Modal added for resetting password --- website/public/js/registerAndLogin.js | 2 +- website/public/login.php | 39 ++++++-- website/public/styles/index.css | 135 ++++++++++++++++++-------- website/views/login-view.php | 81 ++++++++++++++-- website/views/login_head.php | 2 +- website/views/register-view.php | 2 +- 6 files changed, 200 insertions(+), 61 deletions(-) diff --git a/website/public/js/registerAndLogin.js b/website/public/js/registerAndLogin.js index ef49e83..b2fda05 100644 --- a/website/public/js/registerAndLogin.js +++ b/website/public/js/registerAndLogin.js @@ -12,4 +12,4 @@ function bannedAlert(){ function emailNotConfirmed(){ alert("Your account has not been verified yet!\nAnother email has been sent to you") -} \ No newline at end of file +} diff --git a/website/public/login.php b/website/public/login.php index de4ecab..ed2bd79 100644 --- a/website/public/login.php +++ b/website/public/login.php @@ -19,17 +19,42 @@ // Define variables and set to empty values $uname = $psw =""; - $loginErr =""; + $loginErr = $resetErr =""; - // Trying to login if ($_SERVER["REQUEST_METHOD"] == "POST") { - try{ - $uname = ($_POST["uname"]); - validateLogin($_POST["uname"], $_POST["psw"]); - } catch(loginException $e) { - $loginErr = $e->getMessage(); + switch ($_POST["submit"]) { + case "login": + try { + $uname = ($_POST["uname"]); + validateLogin($_POST["uname"], $_POST["psw"]); + } catch(loginException $e) { + $loginErr = $e->getMessage(); + } + break; + case "reset": + try { + validateEmail($_POST["forgotEmail"]); + } catch (emailException $e){ + $resetErr = $e->getMessage(); + echo ""; + } + break; + } } +// // Trying to login +// if ($_SERVER["REQUEST_METHOD"] == "POST") { +// try{ +// $uname = ($_POST["uname"]); +// validateLogin($_POST["uname"], $_POST["psw"]); +// } catch(loginException $e) { +// $loginErr = $e->getMessage(); +// } +// } /* This view adds login view */ include("../views/login-view.php"); diff --git a/website/public/styles/index.css b/website/public/styles/index.css index fc9d3d6..97d6f63 100644 --- a/website/public/styles/index.css +++ b/website/public/styles/index.css @@ -3,11 +3,11 @@ a.button { border-radius: 5px; color: black; cursor: pointer; - height: 50%; padding: 8px 20px; - width: 50%; font-family: Arial; - font-size: 20px; + font-size: 22px; + box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); + } /* Body */ @@ -28,12 +28,13 @@ body { form { /*background-color: #a87a87;*/ border-radius: 12px; - height: 75%; + height: 85%; margin: auto; width: 80%; overflow-y:auto; } + /* inlog titel */ h1 { padding: 8px; @@ -48,6 +49,11 @@ h2 { font-size: 2.0em; } +h3 { + padding: 16px; + text-align: center; + font-size: 1.5em; +} input[type=text], input[type=password], input[type=email], input[type="date"] { box-sizing: border-box; @@ -60,14 +66,22 @@ input[type=text], input[type=password], input[type=email], input[type="date"] { width: 55%; } -button[type=submit] { +.center{ + text-align: center; +} + +button { background-color: #C8CABD; + border-radius: 5px; color: black; cursor: pointer; + height: 50%; + padding: 8px 20px; + margin: 10px; font-family: Arial; font-size: 22px; - height: 30px; - width: 120px; + box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); + } .error { @@ -80,31 +94,6 @@ label { display: block; } -.left-arrow { - display: inline-block; - position: relative; - background-color: #C8CABD; - height: 25px; - width: 120px; - padding: 3px 3px 3px 3px; - text-align: center; - border-radius: 0px 5px 5px 0px; - font-size: 22px; - -} -.left-arrow:after { - content: ''; - display: block; - position: absolute; - right: 100%; - top: 0; - bottom: 0; - border-top: 12px solid transparent; - border-right: 20px solid #C8CABD; - border-bottom: 12px solid transparent; - border-left: 0px solid transparent; -} - /* padding voor registreer container */ .login_containerregister { padding: 16px; @@ -137,24 +126,84 @@ label { background-repeat: repeat-x; background-attachment: fixed;*/ box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); - height: 500px; + height: 400px; margin: 34px auto; overflow-y: auto; padding: 20px; width: 45%; } -/*.platform { - width: 40%; - margin: 34px auto; -}*/ - -@-webkit-keyframes animatezoom { - from {-webkit-transform: scale(0)} - to {-webkit-transform: scale(1)} -} - ul { font-family: Arial; font-size: 16px; } + +/* The Modal (background) */ +.modal { + display: none; /* Hidden by default */ + position: fixed; /* Stay in place */ + z-index: 1; /* Sit on top */ + padding-top: 100px; /* Location of the box */ + left: 0; + top: 0; + width: 100%; /* Full width */ + height: 100%; /* Full height */ + overflow: auto; /* Enable scroll if needed */ + background-color: rgb(0,0,0); /* Fallback color */ + background-color: rgba(0,0,0,0.4); /* Black w/ opacity */ +} + +/* Modal Content */ +.modal-content { + position: relative; + background-color: #FFFFFF; + margin: auto; + padding: 0; + border: 1px solid #888; + width: 500px; + box-shadow: 0 4px 8px 0 rgba(0,0,0,0.2),0 6px 20px 0 rgba(0,0,0,0.19); + -webkit-animation-name: animatetop; + -webkit-animation-duration: 0.4s; + animation-name: animatetop; + animation-duration: 0.4s +} + +/* Add Animation */ +@-webkit-keyframes animatetop { + from {top:-300px; opacity:0} + to {top:0; opacity:1} +} + +@keyframes animatetop { + from {top:-300px; opacity:0} + to {top:0; opacity:1} +} + +/* The Close Button */ +.close { + color: white; + float: right; + font-size: 28px; + font-weight: bold; +} + +.close:hover, +.close:focus { + color: #000; + text-decoration: none; + cursor: pointer; +} + +.modal-header { + padding: 2px 16px; + background-color: #FBC02D; + color: black; +} + +.modal-body {padding: 2px 16px;} + +.modal-footer { + padding: 2px 16px; + background-color: #FBC02D; + color: black; +} \ No newline at end of file diff --git a/website/views/login-view.php b/website/views/login-view.php index 7a023f0..de4c48b 100644 --- a/website/views/login-view.php +++ b/website/views/login-view.php @@ -7,8 +7,9 @@

Welkom bij MyHyvesbook+

" - return= $correct - method="post"> + return=$correct + method="post" + name="login">
+ -
+ diff --git a/website/views/login_head.php b/website/views/login_head.php index e831cd2..e319a9d 100644 --- a/website/views/login_head.php +++ b/website/views/login_head.php @@ -7,7 +7,7 @@ - + diff --git a/website/views/register-view.php b/website/views/register-view.php index f970a6f..5f39472 100644 --- a/website/views/register-view.php +++ b/website/views/register-view.php @@ -126,7 +126,7 @@