From 3140242b4fa4a9c9116c25504f21c30ecea861fa Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Mon, 30 Jan 2017 16:24:07 +0100
Subject: [PATCH 01/16] Removed old query for posts.

---
 website/queries/user.php | 42 ----------------------------------------
 1 file changed, 42 deletions(-)

diff --git a/website/queries/user.php b/website/queries/user.php
index e3bf758..afd92b5 100644
--- a/website/queries/user.php
+++ b/website/queries/user.php
@@ -103,48 +103,6 @@ function selectAllUserGroups($userID) {
     return $stmt;
 }
 
-//function selectAllUserPosts($userID) {
-//    $stmt = prepareQuery("
-//        SELECT
-//          `post`.`postID`,
-//          `post`.`author`,
-//          `title`,
-//          CASE LENGTH(`post`.`content`) >= 150 AND `post`.`content` NOT LIKE '<img%'
-//          WHEN TRUE THEN
-//            CONCAT(LEFT(`post`.`content`, 150), '...')
-//          WHEN FALSE THEN
-//            `post`.`content`
-//          END
-//            AS `content`,
-//          `post`.`creationdate`,
-//          COUNT(`commentID`) AS `comments`,
-//          COUNT(`niet_slecht`.`postID`) AS `niet_slechts`
-//        FROM
-//          `post`
-//        LEFT JOIN
-//        `niet_slecht`
-//          ON
-//            `post`.`postID` = `niet_slecht`.`postID`
-//        LEFT JOIN
-//          `comment`
-//        ON
-//          `post`.`postID` = `comment`.`postID`
-//        WHERE
-//          `post`.`author` = :userID AND
-//          `groupID` IS NULL
-//        GROUP BY
-//          `post`.`postID`
-//        ORDER BY
-//          `post`.`creationdate` DESC
-//    ");
-//
-//    $stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
-//    if(!$stmt->execute()) {
-//        return False;
-//    }
-//    return $stmt;
-//}
-
 function select20UsersFromN($n) {
     $q = prepareQuery("
     SELECT

From dee483e94667a77295f6b5ad8210b513dbf397ad Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Tue, 31 Jan 2017 10:54:15 +0100
Subject: [PATCH 02/16] Masonry will now only refresh when the width of the
 screen changes.

---
 website/public/js/masonry.js | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/website/public/js/masonry.js b/website/public/js/masonry.js
index 8d2080b..cb82089 100644
--- a/website/public/js/masonry.js
+++ b/website/public/js/masonry.js
@@ -33,11 +33,15 @@ $(window).on("load", function() {
 });
 
 var masonryMode = 0;
+var windowWidth = $(window).width();
 
 $(window).resize(function() {
     clearTimeout(window.resizedFinished);
     window.resizeFinished = setTimeout(function() {
-        masonry(masonryMode);
+        if ($(window).width() != windowWidth) {
+            windowWidth = $(window).width();
+            masonry(masonryMode);
+        }
     }, 250);
 });
 

From f26097f55fab9a19fa2fc59b087aa4c813f84b5f Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Tue, 31 Jan 2017 12:25:28 +0100
Subject: [PATCH 03/16] Fixed online status

---
 website/public/bits/friend-item.php |  2 +-
 website/public/group.php            |  2 +-
 website/public/profile.php          |  8 ++++----
 website/public/styles/main.css      | 10 +++++++++-
 website/public/styles/profile.css   |  2 +-
 website/queries/friendship.php      | 11 ++++++-----
 website/queries/user.php            | 13 +++++++++++++
 website/views/head.php              |  5 ++++-
 website/views/profile.php           |  4 ++--
 9 files changed, 41 insertions(+), 16 deletions(-)

diff --git a/website/public/bits/friend-item.php b/website/public/bits/friend-item.php
index a69d12a..40bc8a8 100644
--- a/website/public/bits/friend-item.php
+++ b/website/public/bits/friend-item.php
@@ -33,7 +33,7 @@ foreach($friends as $i => $friend) {
                     }
                     ?>'>
                 <div class='friend'>
-                    <img alt='PF' class='profile-picture' src='<?= $friend->profilepicture ?>'/>
+                    <img alt='PF' class='profile-picture <?= $friend->onlinestatus ?>' src='<?= $friend->profilepicture ?>'/>
                     <div class='friend-name'>
                         <?= $friend->fullname ?><br/>
                         <span style='color: #666'><?php
diff --git a/website/public/group.php b/website/public/group.php
index 2ef3493..cd1560d 100644
--- a/website/public/group.php
+++ b/website/public/group.php
@@ -11,7 +11,7 @@
 <body>
 <?php
 
-include("../queries/group_page.php");
+include_once("../queries/group_page.php");
 
 $group = selectGroupByName($_GET["groupname"]);
 $members = selectGroupMembers(2);
diff --git a/website/public/profile.php b/website/public/profile.php
index 83b9d10..c67b60d 100644
--- a/website/public/profile.php
+++ b/website/public/profile.php
@@ -13,10 +13,10 @@
 </head>
 <body>
 <?php
-include("../queries/user.php");
-include("../queries/friendship.php");
-include("../queries/nicetime.php");
-include("../queries/post.php");
+include_once("../queries/user.php");
+include_once("../queries/friendship.php");
+include_once("../queries/nicetime.php");
+include_once("../queries/post.php");
 
 if(empty($_GET["username"])) {
     $userID = $_SESSION["userID"];
diff --git a/website/public/styles/main.css b/website/public/styles/main.css
index baff345..7909687 100644
--- a/website/public/styles/main.css
+++ b/website/public/styles/main.css
@@ -92,6 +92,14 @@ p {
     border-radius: 50%;
 }
 
+.online {
+    border: #4CAF50 solid 3px;
+}
+
+.offline {
+    border: #666666 solid 3px;
+}
+
 .group-picture {
     border-radius: 5px;
 }
@@ -184,7 +192,7 @@ button.green {
 }
 
 button.gray{
-    background-color: #FFF;
+    background-color: inherit;
     color: #333;
 }
 
diff --git a/website/public/styles/profile.css b/website/public/styles/profile.css
index 37aaaa1..61f3615 100644
--- a/website/public/styles/profile.css
+++ b/website/public/styles/profile.css
@@ -45,7 +45,7 @@
 
 .main-picture {
     position: relative;
-    border: #4CAF50 solid 5px;
+    border-width: 5px;
 
     display: inline-block;
     width: 150px;
diff --git a/website/queries/friendship.php b/website/queries/friendship.php
index 450fd20..a16d859 100644
--- a/website/queries/friendship.php
+++ b/website/queries/friendship.php
@@ -16,6 +16,10 @@ function selectLimitedFriends($userID, $limit) {
                 `profilepicture`,
                 '../img/avatar-standard.png'
             ) AS profilepicture,
+            CASE `lastactivity` >= DATE_SUB(NOW(),INTERVAL 15 MINUTE)
+              WHEN TRUE THEN 'online'
+              WHEN FALSE THEN 'offline'
+            END AS `onlinestatus`,
             `role`
         FROM
             `user`
@@ -28,11 +32,8 @@ function selectLimitedFriends($userID, $limit) {
             `friendship`.`user1ID` = `user`.`userID`) AND
             `user`.`role` != 'banned' AND
             `friendship`.`status` = 'confirmed'
-        ORDER BY 
-            CASE
-            WHEN `friendship`.`user2ID` = `user`.`userID` THEN `friendship`.`chatLastVisted1`
-            WHEN `friendship`.`user1ID` = `user`.`userID` THEN `friendship`.`chatLastVisted2`
-            END
+        ORDER BY
+            `user`.`lastactivity`
             DESC
         LIMIT :limitCount
     ");
diff --git a/website/queries/user.php b/website/queries/user.php
index 0900d9f..b1bb93c 100644
--- a/website/queries/user.php
+++ b/website/queries/user.php
@@ -2,6 +2,19 @@
 
 require_once ("connect.php");
 
+function updateLastActivity() {
+    $stmt = prepareQuery("
+      UPDATE
+        `user`
+      SET
+        `lastactivity` = NOW()
+      WHERE
+      `userID` = :userID
+    ");
+    $stmt->bindParam(":userID", $_SESSION["userID"]);
+    return $stmt->execute();
+}
+
 function getUserID($username) {
     $stmt = prepareQuery("
         SELECT
diff --git a/website/views/head.php b/website/views/head.php
index 6e8ca0a..284abb4 100644
--- a/website/views/head.php
+++ b/website/views/head.php
@@ -19,9 +19,12 @@
 
 require_once ("../queries/checkInput.php");
 require_once ("../queries/connect.php");
+require_once ("../queries/user.php");
 
 session_start();
 
 if(!isset($_SESSION["userID"])){
     header("location:login.php");
-}
\ No newline at end of file
+} else {
+    updateLastActivity();
+}
diff --git a/website/views/profile.php b/website/views/profile.php
index 90a368d..8cf555f 100644
--- a/website/views/profile.php
+++ b/website/views/profile.php
@@ -1,10 +1,10 @@
 <div class="content">
     <div class="user-box">
-        <img class="profile-picture main-picture" src="<?= $user["profilepicture"] ?>"><br />
+        <img class="profile-picture main-picture <?= $user["online"] ?>" src="<?= $user["profilepicture"] ?>"><br />
         <div class="platform">
             <div class="status-buttons-container">
                 <button disabled class="gray">
-                    <?= $user["onlinestatus"]  ?>
+                    <?= $user["onlinestatus"] ?>
                 </button>
                 <button disabled class="gray"><?= $user["role"] ?></button>
             </div>

From f67dd019c46c67ca604423d00ac04b7c956a8ac7 Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Tue, 31 Jan 2017 12:47:24 +0100
Subject: [PATCH 04/16] Inputs are now mobile friendly

---
 website/public/styles/main.css | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/website/public/styles/main.css b/website/public/styles/main.css
index 7909687..f2d7535 100644
--- a/website/public/styles/main.css
+++ b/website/public/styles/main.css
@@ -192,7 +192,7 @@ button.green {
 }
 
 button.gray{
-    background-color: inherit;
+    background-color: #FFF;
     color: #333;
 }
 
@@ -307,8 +307,9 @@ div[data-title]:hover:after {
     body {
         font-size: 28px!important;
     }
-    button {
+    button, input {
         font-size: 28px;
+        height: 42px;
     }
 
 }
\ No newline at end of file

From c14a2770bd092b41a343a2a99f0606c444c75b3d Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Tue, 31 Jan 2017 12:52:50 +0100
Subject: [PATCH 05/16] Fixed posting functions for groups.

---
 website/public/API/postPost.php | 57 +++++++++++++++++++++++++++------
 website/queries/group_page.php  | 31 +++++++++++++++++-
 2 files changed, 77 insertions(+), 11 deletions(-)

diff --git a/website/public/API/postPost.php b/website/public/API/postPost.php
index b52e96b..40c18e1 100644
--- a/website/public/API/postPost.php
+++ b/website/public/API/postPost.php
@@ -2,16 +2,53 @@
 
 session_start();
 
-require("../../queries/post.php");
-require("../../queries/connect.php");
-require("../../queries/checkInput.php");
+require_once("../../queries/post.php");
+require_once("../../queries/group_page.php");
+require_once("../../queries/connect.php");
+require_once("../../queries/checkInput.php");
 
-if (empty($_POST['newpost-title'])) {
-} else {
-    makePost($_SESSION['userID'],
-             null,
-             test_input($_POST['newpost-title']),
-             test_input($_POST['newpost-content']));
+if (empty($_POST["title"]) or
+    empty($_POST["content"]) or
+    empty($_SESSION["userID"])) {
+    header('HTTP/1.1 500 Non enough arguments');
 }
 
-header("Location: ../profile.php");
\ No newline at end of file
+if (empty($_POST["group"])) {
+    // User Post
+    makePost(
+        $_SESSION["userID"],
+        null,
+        test_input($_POST["title"]),
+        test_input($_POST["content"])
+        );
+} else {
+    // Group Post
+
+    // Check if the user is an admin or mod of the group.
+    if(!in_array(selectGroupRole($_POST["group"]), array('mod', 'admin'))) {
+        header('HTTP/1.1 500 Non enough rights');
+        return;
+    }
+    
+    makePost(
+        $_SESSION["userID"],
+        $_POST["group"],
+        test_input($_POST["title"]),
+        test_input($_POST["content"])
+    );
+}
+
+
+
+
+
+
+//if (empty($_POST['newpost-title'])) {
+//} else {
+//    makePost($_SESSION['userID'],
+//             null,
+//             test_input($_POST['newpost-title']),
+//             test_input($_POST['newpost-content']));
+//}
+//
+//header("Location: ../profile.php");
\ No newline at end of file
diff --git a/website/queries/group_page.php b/website/queries/group_page.php
index b3e454c..83911f8 100644
--- a/website/queries/group_page.php
+++ b/website/queries/group_page.php
@@ -11,6 +11,12 @@ function selectGroupByName($name) {
           `description`,
           `picture`,
           `status`,
+          (
+            SELECT `role`
+            FROM `group_member`
+            WHERE `group_member`.`groupID` = `group_page`.`groupID` AND 
+                  `userID` = :userID
+          ) AS `role`,
           COUNT(`group_member`.`groupID`) as `members`
         FROM
           `group_page`
@@ -22,13 +28,36 @@ function selectGroupByName($name) {
           name LIKE :name
     ");
 
-    $stmt->bindParam(':name', $name);
+    $stmt->bindParam(':name', $name, PDO::PARAM_STR);
+    $stmt->bindParam(':userID', $_SESSION["userID"], PDO::PARAM_INT);
     if (!$stmt->execute()) {
         return False;
     }
     return $stmt->fetch();
 }
 
+function selectGroupRole(int $groupID) {
+    $stmt = prepareQuery("
+        SELECT
+          `role`
+        FROM
+          `group_member`
+        WHERE
+          `groupID` = :groupID AND
+          `userID` = :userID
+    ");
+
+    $stmt->bindParam(':groupID', $groupID, PDO::PARAM_INT);
+    $stmt->bindParam(':userID', $_SESSION["userID"], PDO::PARAM_INT);
+    if(!$stmt->execute()) {
+        return False;
+    }
+    if($stmt->rowCount() == 0) {
+        return "none";
+    }
+    return $stmt->fetch()["role"];
+}
+
 function selectGroupMembers(int $groupID) {
     $stmt = prepareQuery("
         SELECT

From 6b13db9c4fbfeb99ce903b8072c36ad2e60f7cc9 Mon Sep 17 00:00:00 2001
From: "K. Nobel" <kevlebon@gmailcom>
Date: Tue, 31 Jan 2017 12:53:45 +0100
Subject: [PATCH 06/16] Fixed posting on group pages.

---
 website/public/API/postPost.php |  2 +-
 website/public/group.php        |  3 +++
 website/public/js/masonry.js    | 34 +++++++++++++++++++++++++++++----
 website/views/group.php         |  2 +-
 4 files changed, 35 insertions(+), 6 deletions(-)

diff --git a/website/public/API/postPost.php b/website/public/API/postPost.php
index 40c18e1..7a33857 100644
--- a/website/public/API/postPost.php
+++ b/website/public/API/postPost.php
@@ -29,7 +29,7 @@ if (empty($_POST["group"])) {
         header('HTTP/1.1 500 Non enough rights');
         return;
     }
-    
+
     makePost(
         $_SESSION["userID"],
         $_POST["group"],
diff --git a/website/public/group.php b/website/public/group.php
index 2ef3493..5d9459e 100644
--- a/website/public/group.php
+++ b/website/public/group.php
@@ -34,6 +34,9 @@ include("../views/group.php");
 include("../views/footer.php");
 
 $masonry_mode = 0;
+if ($group["role"] == "mod" OR $group["role"] == "admin") {
+    $masonry_mode = 2;
+}
 ?>
 
 <script src="js/masonry.js"></script>
diff --git a/website/public/js/masonry.js b/website/public/js/masonry.js
index cb82089..d73c33c 100644
--- a/website/public/js/masonry.js
+++ b/website/public/js/masonry.js
@@ -23,6 +23,28 @@ function requestPost(postID) {
     });
 }
 
+function postPost() {
+    title = $("input.newpost[name='title']").val();
+    content = $("textarea.newpost[name='content']").val();
+
+    if (masonryMode == 2) {
+        $.post("API/postPost.php", { title: title,
+                                     content : content,
+                                     group : groupID })
+            .done(function() {
+                masonry(masonryMode);
+            });
+    } else {
+        $.post("API/postPost.php", { title: title,
+                                     content : content })
+            .done(function() {
+                masonry(masonryMode);
+            });
+    }
+
+
+}
+
 $(window).on("load", function() {
     $(".modal-close").click(function () {
         $(".modal").hide();
@@ -64,13 +86,17 @@ function masonry(mode) {
         columns[i] = [0, $column];
     }
 
-    if(mode == 1) {
+    if(mode > 0) {
         $postInput = $("<div class=\"post platform\">");
-        $form = $("<form action=\"API/postPost.php\" method=\"post\">");
+        $form = $("<form class=\"newpost\" action=\"API/postPost.php\" method=\"post\" onsubmit=\"postPost(); return false;\">");
         $postInput.append($form);
 
-        $form.append($("<input class=\"newpost\" name=\"newpost-title\" placeholder=\"Titel\" type=\"text\">"));
-        $form.append($("<textarea class=\"newpost\" name=\"newpost-content\" placeholder=\"Schrijf een berichtje...\">"));
+        if(mode == 2) {
+            $form.append($("<input class=\"newpost\" type=\"hidden\" name=\"group\" value=\"" + groupID + "\">"));
+        }
+
+        $form.append($("<input class=\"newpost\" name=\"title\" placeholder=\"Titel\" type=\"text\">"));
+        $form.append($("<textarea class=\"newpost\" name=\"content\" placeholder=\"Schrijf een berichtje...\">"));
         $form.append($("<input value=\"Plaats!\" type=\"submit\">"));
         columns[0][1].append($postInput);
 
diff --git a/website/views/group.php b/website/views/group.php
index 24cf9d5..f2f797d 100644
--- a/website/views/group.php
+++ b/website/views/group.php
@@ -1,6 +1,6 @@
 <div class="content">
     <div class="profile-box platform">
-        <img class="left group-picture" src="<?= $group['picture'] ?>">
+        <img class="left main-picture" src="<?= $group['picture'] ?>">
         <div class="profile-button">
             <p><img src="img/leave-group.png"> Groep verlaten</p>
         </div>

From 1c9c88e030012ce6c2818d602313a0c1949316bc Mon Sep 17 00:00:00 2001
From: Marijn Jansen <marijn@jansen.onl>
Date: Tue, 31 Jan 2017 13:36:32 +0100
Subject: [PATCH 07/16] Fixed and spilt Avatar upload and Alerts

---
 website/queries/alerts.php   |  44 +++++++++++
 website/queries/picture.php  | 138 +++++++++++++++++++++++++++++++++++
 website/queries/settings.php | 116 +----------------------------
 3 files changed, 184 insertions(+), 114 deletions(-)
 create mode 100644 website/queries/alerts.php
 create mode 100644 website/queries/picture.php

diff --git a/website/queries/alerts.php b/website/queries/alerts.php
new file mode 100644
index 0000000..f311098
--- /dev/null
+++ b/website/queries/alerts.php
@@ -0,0 +1,44 @@
+<?php
+/**
+ * Class AlertMessage
+ * abstract class for alertMessages used in
+ */
+abstract class AlertMessage extends Exception {
+    public function __construct($message = "", $code = 0, Exception $previous = null)
+    {
+        parent::__construct($message, $code, $previous);
+    }
+
+    abstract public function getClass();
+}
+
+/**
+ * Class HappyAlert
+ * class for a happy alert as an exception.
+ */
+class HappyAlert extends AlertMessage {
+
+    public function __construct($message = "Gelukt!", $code = 0, Exception $previous = null)
+    {
+        parent::__construct($message, $code, $previous);
+    }
+
+    public function getClass() {
+        return "settings-message-happy";
+    }
+}
+
+/**
+ * Class AngryAlert
+ * class for an angry alert as as exception.
+ */
+class AngryAlert extends AlertMessage {
+    public function __construct($message = "Er is iets fout gegaan.", $code = 0, Exception $previous = null)
+    {
+        parent::__construct($message, $code, $previous);
+    }
+
+    public function getClass() {
+        return "settings-message-angry";
+    }
+}
\ No newline at end of file
diff --git a/website/queries/picture.php b/website/queries/picture.php
new file mode 100644
index 0000000..8e99d9a
--- /dev/null
+++ b/website/queries/picture.php
@@ -0,0 +1,138 @@
+<?php
+
+/**
+ * Uploads Avatar, checks it, and removes the old one.
+ * @param bool $group
+ * @throws AngryAlert
+ * @throws HappyAlert
+ */
+function updateAvatar(bool $group = false) {
+    $publicDir = "/var/www/html/public/";
+    $tmpImg = $_FILES["pp"]["tmp_name"];
+    $avatarDir = $group ? "uploads/groupavatar/" : "uploads/profilepictures/";
+    checkAvatarSize($tmpImg);
+    
+    if (getimagesize($tmpImg)["mime"] == "image/gif") {
+        if ($_FILES["pp"]["size"] > 4000000) {
+            throw new AngryAlert("Bestand is te groot, maximaal 4MB toegestaan.");
+        }
+        $relativePath = $avatarDir . $_SESSION["userID"] . "_avatar.gif";
+        $group ? removeOldGroupAvatar($_POST["groupID"]) : removeOldUserAvatar();
+        move_uploaded_file($tmpImg, $publicDir . $relativePath);
+    } else {
+        $relativePath = $avatarDir . $_SESSION["userID"] . "_avatar.png";
+        $scaledImg = scaleAvatar($tmpImg);
+        $group ? removeOldGroupAvatar($_POST["groupID"]) : removeOldUserAvatar();
+        imagepng($scaledImg, $publicDir . $relativePath);
+    }
+
+    $group ? setGroupAvatarToDatabase("../" . $relativePath, $_POST["groupID"]) : setUserAvatarToDatabase("../" . $relativePath);
+    throw new HappyAlert("Profielfoto veranderd.");
+}
+
+/**
+ * Removes the old avatar from the uploads folder, for a user.
+ */
+function removeOldUserAvatar() {
+    $stmt = prepareQuery("
+    SELECT
+        `profilepicture`
+    FROM 
+        `user`
+    WHERE 
+        `userID` = :userID
+    ");
+    $stmt->bindParam(":userID", $_SESSION["userID"]);
+    $stmt->execute();
+    $old_avatar = $stmt->fetch()["profilepicture"];
+    if ($old_avatar != NULL) {
+        unlink("/var/www/html/public/uploads/" . $old_avatar);
+    }
+}
+/**
+ * Removes the old avatar from the uploads folder, for a group.
+ * @param int $groupID
+ */
+function removeOldGroupAvatar(int $groupID) {
+    $stmt = prepareQuery("
+    SELECT
+        `picture`
+    FROM
+        `group_page`
+    WHERE 
+        groupID = :groupID
+    ");
+    $stmt->bindParam(":groupID", $groupID);
+    $stmt->execute();
+    $old_avatar = $stmt->fetch()["picture"];
+    if ($old_avatar != NULL) {
+        unlink("/var/www/html/public/uploads/" . $old_avatar);
+    }
+}
+
+/**
+ * Inserts the the path to the avatar into the database, for Users.
+ * @param string $url path to the avatar
+ */
+function setUserAvatarToDatabase(string $url) {
+    $stmt = prepareQuery("
+    UPDATE
+        `user`
+    SET
+        `profilepicture` = :avatar
+    WHERE
+        `userID` = :userID
+    ");
+
+    $stmt->bindParam(":avatar", $url);
+    $stmt->bindParam(":userID", $_SESSION["userID"]);
+    $stmt->execute();
+}
+
+/**
+ * Inserts the the path to the avatar into the database, for Groups.
+ * @param string $url path to the avatar
+ * @param int $groupID
+ */
+function setGroupAvatarToDatabase(string $url, int $groupID) {
+    $stmt = prepareQuery("
+    UPDATE
+        `group_page`
+    SET
+        `picture` = :avatar
+    WHERE
+        `groupID` = :groupID
+    ");
+    $stmt->bindParam(":avatar", $url);
+    $stmt->bindParam(":groupID", $groupID);
+    $stmt->execute();
+}
+
+/**
+ * Checks the resoluton of a picture.
+ * @param string $img
+ * @throws AngryAlert
+ */
+function checkAvatarSize(string $img) {
+    $minResolution = 200;
+    $imgSize = getimagesize($img);
+    if ($imgSize[0] < $minResolution or $imgSize[1] < $minResolution) {
+        throw new AngryAlert("Afbeelding te klein, minimaal 200x200 pixels.");
+    }
+}
+
+/**
+ * Scales a picture, standard width is 600px.
+ * @param string $imgLink Path to a image file
+ * @param int $newWidth Custom image width.
+ * @return bool|resource Returns the image as an Resource.
+ * @throws AngryAlert
+ */
+function scaleAvatar(string $imgLink, int $newWidth = 600) {
+    $img = imagecreatefromstring(file_get_contents($imgLink));
+    if ($img) {
+        return imagescale($img, $newWidth);
+    } else {
+        throw new AngryAlert("Afbeelding wordt niet ondersteund.");
+    }
+}
\ No newline at end of file
diff --git a/website/queries/settings.php b/website/queries/settings.php
index bdc9d38..03f794f 100644
--- a/website/queries/settings.php
+++ b/website/queries/settings.php
@@ -1,49 +1,7 @@
 <?php
 include_once "../queries/emailconfirm.php";
-
-/**
- * Class AlertMessage
- * abstract class for alertMessages used in
- */
-abstract class AlertMessage extends Exception {
-    public function __construct($message = "", $code = 0, Exception $previous = null)
-    {
-        parent::__construct($message, $code, $previous);
-    }
-
-    abstract public function getClass();
-}
-
-/**
- * Class HappyAlert
- * class for a happy alert as an exception.
- */
-class HappyAlert extends AlertMessage {
-
-    public function __construct($message = "Gelukt!", $code = 0, Exception $previous = null)
-    {
-        parent::__construct($message, $code, $previous);
-    }
-
-    public function getClass() {
-        return "settings-message-happy";
-    }
-}
-
-/**
- * Class AngryAlert
- * class for an angry alert as as exception.
- */
-class AngryAlert extends AlertMessage {
-    public function __construct($message = "Er is iets fout gegaan.", $code = 0, Exception $previous = null)
-    {
-        parent::__construct($message, $code, $previous);
-    }
-
-    public function getClass() {
-        return "settings-message-angry";
-    }
-}
+include_once "../queries/picture.php";
+include_once "../queries/alerts.php";
 
 /**
  * Gets the settings form the database.
@@ -232,74 +190,4 @@ function doChangeEmail($email) {
     } else {
         throw new AngryAlert();
     }
-}
-
-function updateAvatar() {
-    $profilePictureDir = "/var/www/html/public/";
-    $tmpImg = $_FILES["pp"]["tmp_name"];
-
-    checkAvatarSize($tmpImg);
-    if (getimagesize($tmpImg)["mime"] == "image/gif") {
-        if ($_FILES["pp"]["size"] > 4000000) {
-            throw new AngryAlert("Bestand is te groot, maximaal 4MB toegestaan.");
-        }
-        $relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_avatar.gif";
-        move_uploaded_file($tmpImg, $profilePictureDir . $relativePath);
-    } else {
-        $relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_avatar.png";
-        $scaledImg = scaleAvatar($tmpImg);
-        imagepng($scaledImg, $profilePictureDir . $relativePath);
-    }
-    removeOldAvatar();
-    setAvatarToDatabase("../" . $relativePath);
-    throw new HappyAlert("Profielfoto veranderd.");
-}
-
-function removeOldAvatar() {
-    $stmt = prepareQuery("
-    SELECT
-        `profilepicture`
-     FROM 
-        `user`
-    WHERE 
-        `userID` = :userID
-    ");
-    $stmt->bindParam(":userID", $_SESSION["userID"]);
-    $stmt->execute();
-    $old_avatar = $stmt->fetch()["profilepicture"];
-    if ($old_avatar != NULL) {
-        unlink("/var/www/html/public/uploads/" . $old_avatar);
-    }
-}
-
-function setAvatarToDatabase(string $url) {
-    $stmt = prepareQuery("
-    UPDATE
-        `user`
-    SET
-        `profilepicture` = :avatar
-    WHERE
-        `userID` = :userID
-    ");
-
-    $stmt->bindParam(":avatar", $url);
-    $stmt->bindParam(":userID", $_SESSION["userID"]);
-    $stmt->execute();
-}
-
-function checkAvatarSize(string $img) {
-    $minResolution = 200;
-    $imgSize = getimagesize($img);
-    if ($imgSize[0] < $minResolution or $imgSize[1] < $minResolution) {
-        throw new AngryAlert("Afbeelding te klein, minimaal 200x200 pixels.");
-    }
-}
-
-function scaleAvatar(string $imgLink, int $newWidth = 600) {
-    $img = imagecreatefromstring(file_get_contents($imgLink));
-    if ($img) {
-        return imagescale($img, $newWidth);
-    } else {
-        throw new AngryAlert("Afbeelding wordt niet ondersteund.");
-    }
 }
\ No newline at end of file

From 794b5ab294b47d5343c630e288544df8dd5ea41e Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Tue, 31 Jan 2017 13:54:31 +0100
Subject: [PATCH 08/16] Added fancy text to posts and comments

---
 website/public/API/postComment.php   | 6 +++---
 website/public/API/postPost.php      | 6 +++---
 website/public/js/main.js            | 2 +-
 website/public/js/masonry.js         | 6 +++---
 website/public/styles/adminpanel.css | 2 +-
 website/public/styles/main.css       | 9 ++++++++-
 website/queries/private_message.php  | 2 ++
 7 files changed, 21 insertions(+), 12 deletions(-)

diff --git a/website/public/API/postComment.php b/website/public/API/postComment.php
index e1d7617..3bb3c3f 100644
--- a/website/public/API/postComment.php
+++ b/website/public/API/postComment.php
@@ -2,10 +2,10 @@
 
 session_start();
 
-require("../../queries/post.php");
+require_once("../../queries/post.php");
 require_once("../../queries/connect.php");
-require("../../queries/checkInput.php");
-print_r($_POST);
+require_once("../../queries/checkInput.php");
+
 if ($_POST['button'] == 'reaction') {
     if (empty($_POST['newcomment-content'])) {
         echo 0;
diff --git a/website/public/API/postPost.php b/website/public/API/postPost.php
index b52e96b..fdb86bc 100644
--- a/website/public/API/postPost.php
+++ b/website/public/API/postPost.php
@@ -2,9 +2,9 @@
 
 session_start();
 
-require("../../queries/post.php");
-require("../../queries/connect.php");
-require("../../queries/checkInput.php");
+require_once("../../queries/post.php");
+require_once("../../queries/connect.php");
+require_once("../../queries/checkInput.php");
 
 if (empty($_POST['newpost-title'])) {
 } else {
diff --git a/website/public/js/main.js b/website/public/js/main.js
index d23bbbf..7d37d05 100644
--- a/website/public/js/main.js
+++ b/website/public/js/main.js
@@ -3,7 +3,7 @@ var months = ["januari", "februari", "maart", "april", "mei", "juni", "juli", "a
 
 function fancyText(text) {
     // Add links, images, gifs and (youtube) video's.
-    var regex = /(https?:\/\/.[^ ]*)/ig;
+    var regex = /(https?:\/\/.[^ <>"]*)/ig;
     text = text.replace(regex, function(link) {
         // Add images
         if (link.match(/(https?:\/\/.[^ ]*\.(?:png|jpg|jpeg|gif))/ig)) {
diff --git a/website/public/js/masonry.js b/website/public/js/masonry.js
index 8d2080b..b07e3bc 100644
--- a/website/public/js/masonry.js
+++ b/website/public/js/masonry.js
@@ -19,7 +19,7 @@ function requestPost(postID) {
         var scrollBarWidth = window.innerWidth - document.body.offsetWidth;
         scrollbarMargin(scrollBarWidth, 'hidden');
         $('#modal-response').show();
-        $('#modal-response').html(data);
+        $('#modal-response').html(fancyText(data));
     });
 }
 
@@ -52,7 +52,7 @@ function masonry(mode) {
      * Initialise columns.
      */
     var columns = new Array(columnCount);
-    var $columns = new Array(columnCount);
+
     for (i = 0; i < columnCount; i++) {
         $column = $("<div class=\"column\">");
         $column.width(100/columnCount + "%");
@@ -100,7 +100,7 @@ function masonry(mode) {
                $.each(posts, function() {
                    $post = $("<div class=\"post platform\" onclick=\"requestPost(\'"+this['postID']+"\')\">");
                    $post.append($("<h2>").html(this["title"]));
-                   $post.append($("<p>").html(this["content"]));
+                   $post.append($("<p>").html(fancyText(this["content"])));
                    $post.append($("<p class=\"subscript\">").text(this["nicetime"]));
                    $post.append($("<p class=\"subscript\">").text("comments: " + this["comments"] + ", niet slechts: " + this["niet_slechts"]));
 
diff --git a/website/public/styles/adminpanel.css b/website/public/styles/adminpanel.css
index f9410e1..1dc2eb6 100644
--- a/website/public/styles/adminpanel.css
+++ b/website/public/styles/adminpanel.css
@@ -4,7 +4,7 @@
 
 .admin-panel input[type="radio"], input[type="checkbox"] {
     vertical-align: middle;
-    height: auto;
+    height: 28px;
     margin: 2px;
 }
 
diff --git a/website/public/styles/main.css b/website/public/styles/main.css
index f2d7535..7fc03e1 100644
--- a/website/public/styles/main.css
+++ b/website/public/styles/main.css
@@ -307,9 +307,16 @@ div[data-title]:hover:after {
     body {
         font-size: 28px!important;
     }
-    button, input {
+    button, input, select {
         font-size: 28px;
         height: 42px;
     }
+    textarea {
+        font-size: 28px;
+    }
+    input[type="checkbox"], input[type="radio"] {
+        width: 28px;
+        height: 28px;
+    }
 
 }
\ No newline at end of file
diff --git a/website/queries/private_message.php b/website/queries/private_message.php
index 430fddb..4ac04a7 100644
--- a/website/queries/private_message.php
+++ b/website/queries/private_message.php
@@ -16,6 +16,8 @@ function getOldChatMessages($user2ID) {
             `destination` = :user1
         ORDER BY
             `creationdate` ASC
+        LIMIT
+          100
         ");
 
         $stmt->bindParam(":user1", $user1ID);

From 2dd7dd8140d6e96cdbb044c080f5f279dd8aa2ae Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Tue, 31 Jan 2017 13:56:34 +0100
Subject: [PATCH 09/16] Reload comments bug fix

---
 website/public/js/post.js | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/website/public/js/post.js b/website/public/js/post.js
index 4a8ebc7..e88d3eb 100644
--- a/website/public/js/post.js
+++ b/website/public/js/post.js
@@ -4,9 +4,7 @@ function postComment(buttonValue) {
     $.post(
         "API/postComment.php",
         formData
-    ).done(function(data) {
-        console.log(data);
-    });
+    );
 
     $("#newcomment").val("");
 
@@ -15,6 +13,6 @@ function postComment(buttonValue) {
         "API/loadPost.php",
         $("#newcommentform").serialize()
     ).done(function (data) {
-        $('#modal-response').html(data);
+        $('#modal-response').html(fancyText(data));
     });
 }
\ No newline at end of file

From 164eb2dde6983b239287175c69ff39913bbabd08 Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Tue, 31 Jan 2017 14:26:34 +0100
Subject: [PATCH 10/16] Frozen users cant chat with other people

---
 website/public/API/loadFriendRequest.php |  9 ++++++++-
 website/public/API/loadFriends.php       | 14 +++++++++-----
 website/public/API/sendMessage.php       | 16 ++++++++++++----
 website/public/admin.php                 |  4 ++--
 website/public/js/chat.js                |  6 +++++-
 website/queries/user.php                 |  4 ++--
 website/views/notification-center.php    |  4 ++--
 7 files changed, 40 insertions(+), 17 deletions(-)

diff --git a/website/public/API/loadFriendRequest.php b/website/public/API/loadFriendRequest.php
index b99d2c3..02dedb3 100644
--- a/website/public/API/loadFriendRequest.php
+++ b/website/public/API/loadFriendRequest.php
@@ -4,5 +4,12 @@ session_start();
 
 require_once ("../../queries/connect.php");
 require_once ("../../queries/friendship.php");
+require_once ("../../queries/user.php");
 
-echo selectAllFriendRequests();
\ No newline at end of file
+if (isset($_SESSION["userID"]) &&
+    getRoleByID($_SESSION["userID"]) != 'frozen' &&
+    getRoleByID($_SESSION["userID"]) != 'banned') {
+    echo selectAllFriendRequests();
+} else {
+    echo "[]";
+}
diff --git a/website/public/API/loadFriends.php b/website/public/API/loadFriends.php
index 38158c9..c5c8797 100644
--- a/website/public/API/loadFriends.php
+++ b/website/public/API/loadFriends.php
@@ -6,11 +6,15 @@ require_once ("../../queries/connect.php");
 require_once ("../../queries/checkInput.php");
 require_once ("../../queries/friendship.php");
 
-if (isset($_POST["limit"])) {
-    echo selectLimitedFriends($_SESSION["userID"], (int) test_input($_POST["limit"]));
-} else if (isset($_GET["limit"])) {
-    echo selectLimitedFriends($_SESSION["userID"], (int) test_input($_GET["limit"]));
+if (isset($_SESSION["userID"])) {
+    if (isset($_POST["limit"])) {
+        echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_POST["limit"]));
+    } else if (isset($_GET["limit"])) {
+        echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_GET["limit"]));
+    } else {
+        echo selectFriends($_SESSION["userID"]);
+    }
 } else {
-    echo selectFriends($_SESSION["userID"]);
+    echo "[]";
 }
 
diff --git a/website/public/API/sendMessage.php b/website/public/API/sendMessage.php
index c5d47d1..9864403 100644
--- a/website/public/API/sendMessage.php
+++ b/website/public/API/sendMessage.php
@@ -4,11 +4,19 @@ session_start();
 require_once("../../queries/connect.php");
 require_once("../../queries/private_message.php");
 require_once("../../queries/checkInput.php");
+require_once("../../queries/user.php");
 
-if (!empty(test_input($_POST["destination"])) &&
-    !empty(test_input($_POST["content"]))) {
-    if (sendMessage(test_input($_POST["destination"]), test_input($_POST["content"]))) {
-        echo 1;
+if (isset($_SESSION["userID"]) &&
+    getRoleByID($_SESSION["userID"]) != 'frozen' &&
+    getRoleByID($_SESSION["userID"]) != 'banned') {
+    if (!empty(test_input($_POST["destination"])) &&
+        !empty(test_input($_POST["content"]))
+    ) {
+        if (sendMessage(test_input($_POST["destination"]), test_input($_POST["content"]))) {
+            echo 1;
+        } else {
+            echo 0;
+        }
     } else {
         echo 0;
     }
diff --git a/website/public/admin.php b/website/public/admin.php
index 2785606..b264c25 100644
--- a/website/public/admin.php
+++ b/website/public/admin.php
@@ -19,9 +19,9 @@
 include_once ("../queries/user.php");
 
 // auth
-$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
+$role = getRoleByID($_SESSION['userID']);
 
-if ($userinfo['role'] != 'admin' AND $userinfo['role'] != 'owner') {
+if ($role != 'admin' AND $role != 'owner') {
     header("location:profile.php");
 }
 
diff --git a/website/public/js/chat.js b/website/public/js/chat.js
index e35f85c..0b63d65 100644
--- a/website/public/js/chat.js
+++ b/website/public/js/chat.js
@@ -33,7 +33,11 @@ function sendMessage() {
     $.post(
         "API/sendMessage.php",
         $("#sendMessageForm").serialize()
-    );
+    ).done(function(data) {
+        if (data == "0") {
+            alert("Je account is bevroren, dus je kan niet chat berichten versturen. Contacteer een admin als je denk dat dit onjuist is.");
+        }
+    });
 
     $("#newContent").val("");
     loadMessages();
diff --git a/website/queries/user.php b/website/queries/user.php
index b1bb93c..3c48e41 100644
--- a/website/queries/user.php
+++ b/website/queries/user.php
@@ -9,7 +9,7 @@ function updateLastActivity() {
       SET
         `lastactivity` = NOW()
       WHERE
-      `userID` = :userID
+        `userID` = :userID
     ");
     $stmt->bindParam(":userID", $_SESSION["userID"]);
     return $stmt->execute();
@@ -417,5 +417,5 @@ function getRoleByID($userID) {
 
     $stmt->bindParam(':userID', $userID);
     $stmt->execute();
-    return $stmt;
+    return $stmt->fetch()["role"];
 }
\ No newline at end of file
diff --git a/website/views/notification-center.php b/website/views/notification-center.php
index 7630b75..7bd03ea 100644
--- a/website/views/notification-center.php
+++ b/website/views/notification-center.php
@@ -7,9 +7,9 @@
         include_once ("../queries/user.php");
 
         // auth
-        $userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
+        $role = getRoleByID($_SESSION['userID']);
 
-        if ($userinfo['role'] == 'admin' OR $userinfo['role'] == 'owner') {
+        if ($role == 'admin' OR $role == 'owner') {
             echo "<a href=\"admin.php\" data-title=\"Admin\"><i class=\"fa fa-lock\"></i></a>";
             echo "<style>@import url('styles/adminbutton.css'); </style>";
         }

From 44408ee429913c087a105d16a5a0a529e87b1583 Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Tue, 31 Jan 2017 14:34:51 +0100
Subject: [PATCH 11/16] Frozen user cant comment or niet slecht on postst

---
 website/public/API/postComment.php | 32 +++++++++++++++++++-----------
 website/public/API/sendMessage.php |  2 +-
 website/public/js/chat.js          |  6 +++---
 website/public/js/post.js          |  6 +++++-
 website/views/profile.php          |  2 +-
 5 files changed, 30 insertions(+), 18 deletions(-)

diff --git a/website/public/API/postComment.php b/website/public/API/postComment.php
index 3bb3c3f..3864cc8 100644
--- a/website/public/API/postComment.php
+++ b/website/public/API/postComment.php
@@ -5,25 +5,33 @@ session_start();
 require_once("../../queries/post.php");
 require_once("../../queries/connect.php");
 require_once("../../queries/checkInput.php");
+require_once("../../queries/user.php");
 
-if ($_POST['button'] == 'reaction') {
-    if (empty($_POST['newcomment-content'])) {
-        echo 0;
-    } else {
-        if (makeComment($_POST['postID'],
-            $_SESSION['userID'],
-            test_input($_POST['newcomment-content']))) {
+
+if (isset($_SESSION["userID"]) &&
+    getRoleByID($_SESSION["userID"]) != 'frozen' &&
+    getRoleByID($_SESSION["userID"]) != 'banned') {
+    if ($_POST['button'] == 'reaction') {
+        if (empty($_POST['newcomment-content'])) {
+            echo 0;
+        } else {
+            if (makeComment($_POST['postID'],
+                $_SESSION['userID'],
+                test_input($_POST['newcomment-content']))) {
+                echo 1;
+            } else {
+                echo 0;
+            }
+        }
+    } else if ($_POST['button'] == 'nietslecht') {
+        if (makeNietSlecht($_POST["postID"], $_SESSION["userID"])) {
             echo 1;
         } else {
             echo 0;
         }
-    }
-} else if ($_POST['button'] == 'nietslecht') {
-    if (makeNietSlecht($_POST["postID"], $_SESSION["userID"])) {
-        echo 1;
     } else {
         echo 0;
     }
 } else {
-    echo 0;
+    echo "frozen";
 }
\ No newline at end of file
diff --git a/website/public/API/sendMessage.php b/website/public/API/sendMessage.php
index 9864403..2d0b092 100644
--- a/website/public/API/sendMessage.php
+++ b/website/public/API/sendMessage.php
@@ -21,5 +21,5 @@ if (isset($_SESSION["userID"]) &&
         echo 0;
     }
 } else {
-    echo 0;
+    echo "frozen";
 }
\ No newline at end of file
diff --git a/website/public/js/chat.js b/website/public/js/chat.js
index 0b63d65..1d70834 100644
--- a/website/public/js/chat.js
+++ b/website/public/js/chat.js
@@ -33,9 +33,9 @@ function sendMessage() {
     $.post(
         "API/sendMessage.php",
         $("#sendMessageForm").serialize()
-    ).done(function(data) {
-        if (data == "0") {
-            alert("Je account is bevroren, dus je kan niet chat berichten versturen. Contacteer een admin als je denk dat dit onjuist is.");
+    ).done(function(response) {
+        if (response == "frozen") {
+            alert("Je account is bevroren, dus je kan niet chat berichten versturen. Contacteer een admin als je denkt dat dit onjuist is.");
         }
     });
 
diff --git a/website/public/js/post.js b/website/public/js/post.js
index e88d3eb..27bc34e 100644
--- a/website/public/js/post.js
+++ b/website/public/js/post.js
@@ -4,7 +4,11 @@ function postComment(buttonValue) {
     $.post(
         "API/postComment.php",
         formData
-    );
+    ).done(function (response) {
+        if (response == "frozen") {
+            alert("Je account is bevroren, dus je kan geen comments plaatsen of \"niet slechten\". Contacteer een admin als je denkt dat dit onjuist is.");
+        }
+    });
 
     $("#newcomment").val("");
 
diff --git a/website/views/profile.php b/website/views/profile.php
index 8cf555f..4db1a1e 100644
--- a/website/views/profile.php
+++ b/website/views/profile.php
@@ -1,6 +1,6 @@
 <div class="content">
     <div class="user-box">
-        <img class="profile-picture main-picture <?= $user["online"] ?>" src="<?= $user["profilepicture"] ?>"><br />
+        <img class="profile-picture main-picture <?= $user["onlinestatus"] ?>" src="<?= $user["profilepicture"] ?>"><br />
         <div class="platform">
             <div class="status-buttons-container">
                 <button disabled class="gray">

From 646e6dde48c88a346ffcce428865ef2f5569106a Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Tue, 31 Jan 2017 15:16:40 +0100
Subject: [PATCH 12/16] Added max value in text area

---
 website/public/js/main.js       | 12 +++++++++++-
 website/public/js/masonry.js    |  2 +-
 website/views/post-view.php     |  2 +-
 website/views/settings-view.php |  3 ++-
 4 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/website/public/js/main.js b/website/public/js/main.js
index 7d37d05..2983fdb 100644
--- a/website/public/js/main.js
+++ b/website/public/js/main.js
@@ -93,4 +93,14 @@ function showGroups(groups, list) {
     } else {
         return false;
     }
-}
\ No newline at end of file
+}
+
+$(document).ready(function() {
+    $("body").delegate("textarea[maxlength]", "keydown", function() {
+        if ($(this).val().length / .9 >= $(this).attr("maxlength")) {
+            $(this).next().text($(this).val().length + "/" + $(this).attr("maxlength"));
+        } else {
+            $(this).next().text("");
+        }
+    });
+});
\ No newline at end of file
diff --git a/website/public/js/masonry.js b/website/public/js/masonry.js
index 93b5fae..b4370b7 100644
--- a/website/public/js/masonry.js
+++ b/website/public/js/masonry.js
@@ -96,7 +96,7 @@ function masonry(mode) {
         }
 
         $form.append($("<input class=\"newpost\" name=\"title\" placeholder=\"Titel\" type=\"text\">"));
-        $form.append($("<textarea class=\"newpost\" name=\"content\" placeholder=\"Schrijf een berichtje...\">"));
+        $form.append($("<textarea class=\"newpost\" name=\"content\" placeholder=\"Schrijf een berichtje...\" maxlength='1000'></textarea><span></span>"));
         $form.append($("<input value=\"Plaats!\" type=\"submit\">"));
         columns[0][1].append($postInput);
 
diff --git a/website/views/post-view.php b/website/views/post-view.php
index 264d67c..d961334 100644
--- a/website/views/post-view.php
+++ b/website/views/post-view.php
@@ -24,7 +24,7 @@ echo("
     <div class="commentfield">
         <form id="newcommentform" onsubmit="return false;">
             <input type="hidden" id="newcomment-textarea" name="postID" value="<?= $postID ?>">
-            <textarea id="newcomment" name="newcomment-content" placeholder="Laat een reactie achter..."></textarea> <br>
+            <textarea id="newcomment" name="newcomment-content" placeholder="Laat een reactie achter..." maxlength="1000"></textarea><span></span> <br>
             <button onclick="postComment('reaction')" name="button" value="reaction">Reageer!</button>
             <button onclick="postComment('nietslecht')" name="button" value="nietslecht" class="nietslecht">
             <?php
diff --git a/website/views/settings-view.php b/website/views/settings-view.php
index b7f554a..41f093e 100644
--- a/website/views/settings-view.php
+++ b/website/views/settings-view.php
@@ -99,7 +99,8 @@ $settings = getSettings();
                               rows="5"
                               title="bio"
                               id="bio"
-                    ><?=$settings["bio"]?></textarea>
+                              maxlength="1000"
+                    ><?=$settings["bio"]?></textarea><span></span>
                 </li>
                 <li>
                     <label></label>

From 78e96d5a74a5475159f4ba2f7724a58b4db4b683 Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Tue, 31 Jan 2017 15:30:48 +0100
Subject: [PATCH 13/16] add pageselector on search

---
 website/public/API/searchPageNumber.php | 41 +++++++++++++++++++++++
 website/public/API/searchUsers.php      | 12 ++++---
 website/public/js/search.js             | 38 +++++++++++++--------
 website/queries/user.php                |  5 +--
 website/views/search-view.php           | 44 +++++--------------------
 website/views/searchPageNumber.php      | 36 ++++++++++++++++++++
 6 files changed, 119 insertions(+), 57 deletions(-)
 create mode 100644 website/public/API/searchPageNumber.php
 create mode 100644 website/views/searchPageNumber.php

diff --git a/website/public/API/searchPageNumber.php b/website/public/API/searchPageNumber.php
new file mode 100644
index 0000000..4a76516
--- /dev/null
+++ b/website/public/API/searchPageNumber.php
@@ -0,0 +1,41 @@
+<?php
+
+session_start();
+
+require_once ("../../queries/connect.php");
+require_once ("../../queries/checkInput.php");
+require_once ("../../queries/user.php");
+require_once ("../../queries/group_page.php");
+
+$user_perpage = $group_perpage = 20;
+
+$user_currentpage = $group_currentpage = 1;
+if (isset($_POST['user-pageselect'])) {
+    $user_currentpage = test_input($_POST['user-pageselect']);
+}
+if (isset($_POST['group-pageselect'])) {
+    $group_currentpage = test_input($_POST['group-pageselect']);
+}
+
+$user_n = $user_currentpage * $user_perpage - $user_perpage;
+$group_n = $group_currentpage * $group_perpage - $group_perpage;
+
+$search = "";
+if (isset($_POST['search'])) {
+    $search = test_input($_POST['search']);
+}
+
+$user_count = countSomeUsers($search)->fetchColumn();
+$group_count = countSomeGroups($search)->fetchColumn();
+
+$filter = "all";
+if (isset($_POST['filter'])) {
+    $filter = test_input($_POST['filter']);
+}
+
+$option = "user";
+if (isset($_POST['option'])) {
+    $option = test_input($_POST['option']);
+}
+
+include ("../../views/searchPageNumber.php");
diff --git a/website/public/API/searchUsers.php b/website/public/API/searchUsers.php
index 15b03ed..f431f88 100644
--- a/website/public/API/searchUsers.php
+++ b/website/public/API/searchUsers.php
@@ -8,13 +8,15 @@ require_once ("../../queries/friendship.php");
 require_once ("../../queries/user.php");
 
 $n = 0;
-if (isset($_POST["n"])) {
-    $n = (int) test_input($_POST["n"]);
-}
 $m = 20;
-if (isset($_POST["m"])) {
-    $m = (int) test_input($_POST["m"]);
+
+$page = 1;
+if (isset($_POST["user-pageselect"])) {
+    $page = (int) test_input($_POST['user-pageselect']);
 }
+
+$n = ($page - 1) * $m;
+
 $search = "";
 if (isset($_POST["search"])) {
     $search = test_input($_POST["search"]);
diff --git a/website/public/js/search.js b/website/public/js/search.js
index c026b64..f7c4bbe 100644
--- a/website/public/js/search.js
+++ b/website/public/js/search.js
@@ -1,12 +1,11 @@
-function searchUsers(n, m) {
+$(window).on('load', function () {
+    pageNumber();
+});
+
+function searchUsers() {
     $.post(
         "API/searchUsers.php",
-        {
-            n: n,
-            m: m,
-            search: $("#search-input").val(),
-            filter: $("#search-filter").val()
-        }
+        $('#search-form').serialize()
     ).done(function(data) {
         if (!showFriends(data, "#search-users-list", 0, "profile.php", "GET")) {
             $("#search-users-list").text("Niemand gevonden");
@@ -14,18 +13,29 @@ function searchUsers(n, m) {
     });
 }
 
-function searchGroups(n, m) {
+function searchGroups() {
     $.post(
         "API/searchGroups.php",
-        {
-            n: n,
-            m: m,
-            search: $("#search-input").val(),
-            filter: $("#search-filter").val()
-        }
+        $('#search-form').serialize()
     ).done(function(data) {
         if (!showGroups(data, "#search-groups-list")) {
             $("#search-groups-list").text("Geen groepen gevonden");
         }
     });
+}
+
+function pageNumber() {
+    var input = input2 = $('#search-form').serialize();
+    $.post(
+        "API/searchPageNumber.php",
+        input + "&option=user"
+    ).done(function (data) {
+        $('#user-pageselect').html(data);
+    });
+    $.post(
+        "API/searchPageNumber.php",
+        input2 + "&option=group"
+    ).done(function (data) {
+        $('#group-pageselect').html(data);
+    });
 }
\ No newline at end of file
diff --git a/website/queries/user.php b/website/queries/user.php
index 0900d9f..21d018c 100644
--- a/website/queries/user.php
+++ b/website/queries/user.php
@@ -377,9 +377,10 @@ function countSomeUsers($search) {
     FROM
         `user`
     WHERE
-        `username` LIKE :keyword OR 
+        (`username` LIKE :keyword OR 
         `fname` LIKE :keyword OR 
-        `lname` LIKE :keyword
+        `lname` LIKE :keyword) AND 
+        `role` != 'banned'
     ORDER BY 
         `fname`, 
         `lname`, 
diff --git a/website/views/search-view.php b/website/views/search-view.php
index 392ea45..e42f985 100644
--- a/website/views/search-view.php
+++ b/website/views/search-view.php
@@ -21,10 +21,8 @@ if (isset($_GET['filter'])) {
 }
 
 $user_n = ($user_currentpage - 1) * $user_perpage;
-$user_count = countSomeUsers($search)->fetchColumn();
 
 $group_n = ($group_currentpage - 1) * $group_perpage;
-$group_count = countSomeGroups($search)->fetchColumn();
 ?>
 
 <div class="content">
@@ -40,8 +38,10 @@ $group_count = countSomeGroups($search)->fetchColumn();
                    id="search-input"
                    name="search"
                    onkeyup="
-                           searchUsers(<?= $user_n ?>, <?= $user_perpage ?>);
-                           searchGroups(<?= $group_n ?>, <?= $group_perpage ?>);"
+                           $('#user-pagenumber, #group-pagenumber').prop('value', 1);
+                           searchUsers();
+                           searchGroups();
+                           pageNumber();"
                    placeholder="Zoek"
                    value=<?php echo "$search";?>
             >
@@ -66,26 +66,12 @@ $group_count = countSomeGroups($search)->fetchColumn();
     <div class="platform item-box searchleft" id="search-friends-output">
         <h4>Gebruikers</h4>
 
-        <select class="user-pageselect"
-                name="user-pageselect"
-                id="user-pageselect"
-                form="search-form"
-                onchange="this.form.submit()">
-            <?php
-            for ($i=1; $i <= ceil($user_count / $user_perpage); $i++) {
-                if ($user_currentpage == $i) {
-                    echo "<option value='$i' selected>$i</option>";
-                } else {
-                    echo "<option value='$i'>$i</option>";
-                }
-            }
-            ?>
-        </select>
+        <div id="user-pageselect"></div>
 
         <ul id='search-users-list' class='nav-list'>
             <script>
             $(document).ready(function(){
-                searchUsers(<?= $user_n ?>, <?= $user_perpage ?>);
+                searchUsers();
             });
             </script>
         </ul>
@@ -94,26 +80,12 @@ $group_count = countSomeGroups($search)->fetchColumn();
     <div class="platform item-box searchright" id="search-group-output">
         <h4>Groepen</h4>
 
-        <select class="group-pageselect"
-                name="group-pageselect"
-                id="group-pageselect"
-                form="search-form"
-                onchange="this.form.submit()">
-            <?php
-            for ($i=1; $i <= ceil($group_count / $group_perpage); $i++) {
-                if ($group_currentpage == $i) {
-                    echo "<option value='$i' selected>$i</option>";
-                } else {
-                    echo "<option value='$i'>$i</option>";
-                }
-            }
-            ?>
-        </select>
+        <div id="group-pageselect"></div>
 
         <ul id="search-groups-list" class="nav-list">
             <script>
                 $(document).ready(function(){
-                    searchGroups(<?= $group_n ?>, <?= $group_perpage ?>);
+                    searchGroups();
                 });
             </script>
         </ul>
diff --git a/website/views/searchPageNumber.php b/website/views/searchPageNumber.php
new file mode 100644
index 0000000..b98d4ef
--- /dev/null
+++ b/website/views/searchPageNumber.php
@@ -0,0 +1,36 @@
+<?php
+if ($option == "user") {
+    echo "<select class=\"user-pageselect\"
+    name=\"user-pageselect\"
+    id='user-pagenumber'
+    form=\"search-form\"
+    onchange=\"pageNumber(); searchUsers();\">";
+
+    for ($i=1; $i <= ceil($user_count / $user_perpage); $i++) {
+        if ($user_currentpage == $i) {
+            echo "<option value='$i' selected>$i</option>";
+        } else {
+            echo "<option value='$i'>$i</option>";
+        }
+    }
+
+    echo "</select>";
+} else {
+    echo "<select class=\"group-pageselect\"
+    name=\"group-pageselect\"
+    id='group-pagenumber'
+    form=\"search-form\"
+    onchange=\"pageNumber(); searchGroups();\">";
+
+    for ($i=1; $i <= ceil($group_count / $group_perpage); $i++) {
+        if ($group_currentpage == $i) {
+            echo "<option value='$i' selected>$i</option>";
+        } else {
+            echo "<option value='$i'>$i</option>";
+        }
+    }
+
+    echo "</select>";
+}
+
+?>

From d6c2fab617a72b4c2502d8b61df967932f24bd95 Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Tue, 31 Jan 2017 15:32:19 +0100
Subject: [PATCH 14/16] Post is now mobile friendly

---
 website/public/styles/header.css  | 2 +-
 website/public/styles/profile.css | 4 ++++
 website/views/header.php          | 3 +--
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/website/public/styles/header.css b/website/public/styles/header.css
index 61727eb..d400e07 100644
--- a/website/public/styles/header.css
+++ b/website/public/styles/header.css
@@ -49,7 +49,7 @@ header div {
 }
 
 #open-notifications {
-    padding: 5px 20px 5px 0px;
+    padding: 20px 20px 20px 0px;
 }
 
 @media only screen and (max-width: 1080px) {
diff --git a/website/public/styles/profile.css b/website/public/styles/profile.css
index 61f3615..421e781 100644
--- a/website/public/styles/profile.css
+++ b/website/public/styles/profile.css
@@ -120,4 +120,8 @@ div.posts .post form textarea.newpost {
     .post-box {
         width: calc(100% - 65px);
     }
+    .modal {
+        left: 0!important;
+        width: 100%!important;
+    }
 }
diff --git a/website/views/header.php b/website/views/header.php
index 9d2aa56..c1379fc 100644
--- a/website/views/header.php
+++ b/website/views/header.php
@@ -25,8 +25,7 @@ $userinfo = getHeaderInfo();
             </div>
             <?=$userinfo["fname"]?>
         </div>
-        <img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/>
-        <i id="open-notifications" class="fa fa-bars"></i>
+        <img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/><i id="open-notifications" class="fa fa-bars"></i>
     </div>
 </header>
 <?php include("notification-center.php"); ?>

From 4d40bb60421a6cbf3aab914a1f786855a6fc81d6 Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Tue, 31 Jan 2017 15:46:53 +0100
Subject: [PATCH 15/16] checkbox width fix

---
 website/public/styles/adminpanel.css | 1 -
 1 file changed, 1 deletion(-)

diff --git a/website/public/styles/adminpanel.css b/website/public/styles/adminpanel.css
index 1dc2eb6..4d55945 100644
--- a/website/public/styles/adminpanel.css
+++ b/website/public/styles/adminpanel.css
@@ -34,7 +34,6 @@
     width: 100%;
 }
 
-.usertable .table-checkbox {width: 20px}
 .usertable .table-username {width: 150px}
 .usertable .table-status {width: 100px}
 .usertable .table-action {width: 200px}

From b41a365b609a83f60680e12c19bc98f61da8d8c2 Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Tue, 31 Jan 2017 16:11:20 +0100
Subject: [PATCH 16/16] Age instead of birthday

---
 website/public/profile.php | 1 +
 website/views/profile.php  | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/website/public/profile.php b/website/public/profile.php
index c67b60d..05c661d 100644
--- a/website/public/profile.php
+++ b/website/public/profile.php
@@ -17,6 +17,7 @@ include_once("../queries/user.php");
 include_once("../queries/friendship.php");
 include_once("../queries/nicetime.php");
 include_once("../queries/post.php");
+include_once("../queries/calcAge.php");
 
 if(empty($_GET["username"])) {
     $userID = $_SESSION["userID"];
diff --git a/website/views/profile.php b/website/views/profile.php
index 4db1a1e..c72c01b 100644
--- a/website/views/profile.php
+++ b/website/views/profile.php
@@ -29,7 +29,7 @@
         <h3>Informatie</h3>
         <p>
             <ul>
-                <li>Geboren op: <?= $user["birthdate"] ?></li>
+                <li>Leeftijd: <?= getAge($user["birthdate"]) ?> jaar</li>
                 <li>Locatie: <?= $user["location"] ?></li>
                 <li>Lid sinds: <?= nicetime($user["creationdate"]) ?></li>
             </ul>