MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into hendrik-testing

Browse Source
This commit is contained in:
Hendrik
2017-01-31 16:17:42 +01:00
parent b16dc1d4b7 83f75e0282
commit 64a3b13adf
36 changed files with 565 additions and 294 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
website/public/API/loadFriendRequest.php
View File

@@ -4,5 +4,12 @@ session_start();
require_once ("../../queries/connect.php"); require_once ("../../queries/connect.php");
require_once ("../../queries/friendship.php"); require_once ("../../queries/friendship.php");
require_once ("../../queries/user.php");
echo selectAllFriendRequests(); if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'frozen' &&
getRoleByID($_SESSION["userID"]) != 'banned') {
echo selectAllFriendRequests();
} else {
echo "[]";
}

14
website/public/API/loadFriends.php
View File

@@ -6,11 +6,15 @@ require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php"); require_once ("../../queries/checkInput.php");
require_once ("../../queries/friendship.php"); require_once ("../../queries/friendship.php");
if (isset($_POST["limit"])) { if (isset($_SESSION["userID"])) {
echo selectLimitedFriends($_SESSION["userID"], (int) test_input($_POST["limit"])); if (isset($_POST["limit"])) {
} else if (isset($_GET["limit"])) { echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_POST["limit"]));
echo selectLimitedFriends($_SESSION["userID"], (int) test_input($_GET["limit"])); } else if (isset($_GET["limit"])) {
echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_GET["limit"]));
} else {
echo selectFriends($_SESSION["userID"]);
}
} else { } else {
echo selectFriends($_SESSION["userID"]); echo "[]";
} }

38
website/public/API/postComment.php
View File

@@ -2,28 +2,36 @@
session_start(); session_start();
require("../../queries/post.php"); require_once("../../queries/post.php");
require_once("../../queries/connect.php"); require_once("../../queries/connect.php");
require("../../queries/checkInput.php"); require_once("../../queries/checkInput.php");
print_r($_POST); require_once("../../queries/user.php");
if ($_POST['button'] == 'reaction') {
if (empty($_POST['newcomment-content'])) {
echo 0; if (isset($_SESSION["userID"]) &&
} else { getRoleByID($_SESSION["userID"]) != 'frozen' &&
if (makeComment($_POST['postID'], getRoleByID($_SESSION["userID"]) != 'banned') {
$_SESSION['userID'], if ($_POST['button'] == 'reaction') {
test_input($_POST['newcomment-content']))) { if (empty($_POST['newcomment-content'])) {
echo 0;
} else {
if (makeComment($_POST['postID'],
$_SESSION['userID'],
test_input($_POST['newcomment-content']))) {
echo 1;
} else {
echo 0;
}
}
} else if ($_POST['button'] == 'nietslecht') {
if (makeNietSlecht($_POST["postID"], $_SESSION["userID"])) {
echo 1; echo 1;
} else { } else {
echo 0; echo 0;
} }
}
} else if ($_POST['button'] == 'nietslecht') {
if (makeNietSlecht($_POST["postID"], $_SESSION["userID"])) {
echo 1;
} else { } else {
echo 0; echo 0;
} }
} else { } else {
echo 0; echo "frozen";
} }

57
website/public/API/postPost.php
View File

@@ -2,16 +2,53 @@
session_start(); session_start();
require("../../queries/post.php"); require_once("../../queries/post.php");
require("../../queries/connect.php"); require_once("../../queries/group_page.php");
require("../../queries/checkInput.php"); require_once("../../queries/connect.php");
require_once("../../queries/checkInput.php");
if (empty($_POST['newpost-title'])) { if (empty($_POST["title"]) or
} else { empty($_POST["content"]) or
makePost($_SESSION['userID'], empty($_SESSION["userID"])) {
null, header('HTTP/1.1 500 Non enough arguments');
test_input($_POST['newpost-title']),
test_input($_POST['newpost-content']));
} }
header("Location: ../profile.php"); if (empty($_POST["group"])) {
// User Post
makePost(
$_SESSION["userID"],
null,
test_input($_POST["title"]),
test_input($_POST["content"])
);
} else {
// Group Post
// Check if the user is an admin or mod of the group.
if(!in_array(selectGroupRole($_POST["group"]), array('mod', 'admin'))) {
header('HTTP/1.1 500 Non enough rights');
return;
}
makePost(
$_SESSION["userID"],
$_POST["group"],
test_input($_POST["title"]),
test_input($_POST["content"])
);
}
//if (empty($_POST['newpost-title'])) {
//} else {
// makePost($_SESSION['userID'],
// null,
// test_input($_POST['newpost-title']),
// test_input($_POST['newpost-content']));
//}
//
//header("Location: ../profile.php");

41
website/public/API/searchPageNumber.php Normal file
View File

@@ -0,0 +1,41 @@
<?php
session_start();
require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php");
require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php");
$user_perpage = $group_perpage = 20;
$user_currentpage = $group_currentpage = 1;
if (isset($_POST['user-pageselect'])) {
$user_currentpage = test_input($_POST['user-pageselect']);
}
if (isset($_POST['group-pageselect'])) {
$group_currentpage = test_input($_POST['group-pageselect']);
}
$user_n = $user_currentpage * $user_perpage - $user_perpage;
$group_n = $group_currentpage * $group_perpage - $group_perpage;
$search = "";
if (isset($_POST['search'])) {
$search = test_input($_POST['search']);
}
$user_count = countSomeUsers($search)->fetchColumn();
$group_count = countSomeGroups($search)->fetchColumn();
$filter = "all";
if (isset($_POST['filter'])) {
$filter = test_input($_POST['filter']);
}
$option = "user";
if (isset($_POST['option'])) {
$option = test_input($_POST['option']);
}
include ("../../views/searchPageNumber.php");

12
website/public/API/searchUsers.php
View File

@@ -8,13 +8,15 @@ require_once ("../../queries/friendship.php");
require_once ("../../queries/user.php"); require_once ("../../queries/user.php");
$n = 0; $n = 0;
if (isset($_POST["n"])) {
$n = (int) test_input($_POST["n"]);
}
$m = 20; $m = 20;
if (isset($_POST["m"])) {
$m = (int) test_input($_POST["m"]); $page = 1;
if (isset($_POST["user-pageselect"])) {
$page = (int) test_input($_POST['user-pageselect']);
} }
$n = ($page - 1) * $m;
$search = ""; $search = "";
if (isset($_POST["search"])) { if (isset($_POST["search"])) {
$search = test_input($_POST["search"]); $search = test_input($_POST["search"]);

18
website/public/API/sendMessage.php
View File

@@ -4,14 +4,22 @@ session_start();
require_once("../../queries/connect.php"); require_once("../../queries/connect.php");
require_once("../../queries/private_message.php"); require_once("../../queries/private_message.php");
require_once("../../queries/checkInput.php"); require_once("../../queries/checkInput.php");
require_once("../../queries/user.php");
if (!empty(test_input($_POST["destination"])) && if (isset($_SESSION["userID"]) &&
!empty(test_input($_POST["content"]))) { getRoleByID($_SESSION["userID"]) != 'frozen' &&
if (sendMessage(test_input($_POST["destination"]), test_input($_POST["content"]))) { getRoleByID($_SESSION["userID"]) != 'banned') {
echo 1; if (!empty(test_input($_POST["destination"])) &&
!empty(test_input($_POST["content"]))
) {
if (sendMessage(test_input($_POST["destination"]), test_input($_POST["content"]))) {
echo 1;
} else {
echo 0;
}
} else { } else {
echo 0; echo 0;
} }
} else { } else {
echo 0; echo "frozen";
} }

4
website/public/admin.php
View File

@@ -19,9 +19,9 @@
include_once ("../queries/user.php"); include_once ("../queries/user.php");
// auth // auth
$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC); $role = getRoleByID($_SESSION['userID']);
if ($userinfo['role'] != 'admin' AND $userinfo['role'] != 'owner') { if ($role != 'admin' AND $role != 'owner') {
header("location:profile.php"); header("location:profile.php");
} }

2
website/public/bits/friend-item.php
View File

@@ -33,7 +33,7 @@ foreach($friends as $i => $friend) {
} }
?>'> ?>'>
<div class='friend'> <div class='friend'>
<img alt='PF' class='profile-picture' src='<?= $friend->profilepicture ?>'/> <img alt='PF' class='profile-picture <?= $friend->onlinestatus ?>' src='<?= $friend->profilepicture ?>'/>
<div class='friend-name'> <div class='friend-name'>
<?= $friend->fullname ?><br/> <?= $friend->fullname ?><br/>
<span style='color: #666'><?php <span style='color: #666'><?php

5
website/public/group.php
View File

@@ -11,7 +11,7 @@
<body> <body>
<?php <?php
include("../queries/group_page.php"); include_once("../queries/group_page.php");
$group = selectGroupByName($_GET["groupname"]); $group = selectGroupByName($_GET["groupname"]);
$members = selectGroupMembers(2); $members = selectGroupMembers(2);
@@ -34,6 +34,9 @@ include("../views/group.php");
include("../views/footer.php"); include("../views/footer.php");
$masonry_mode = 0; $masonry_mode = 0;
if ($group["role"] == "mod" OR $group["role"] == "admin") {
$masonry_mode = 2;
}
?> ?>
<script src="js/masonry.js"></script> <script src="js/masonry.js"></script>

6
website/public/js/chat.js
View File

@@ -33,7 +33,11 @@ function sendMessage() {
$.post( $.post(
"API/sendMessage.php", "API/sendMessage.php",
$("#sendMessageForm").serialize() $("#sendMessageForm").serialize()
); ).done(function(response) {
if (response == "frozen") {
alert("Je account is bevroren, dus je kan niet chat berichten versturen. Contacteer een admin als je denkt dat dit onjuist is.");
}
});
$("#newContent").val(""); $("#newContent").val("");
loadMessages(); loadMessages();

14
website/public/js/main.js
View File

@@ -3,7 +3,7 @@ var months = ["januari", "februari", "maart", "april", "mei", "juni", "juli", "a
function fancyText(text) { function fancyText(text) {
// Add links, images, gifs and (youtube) video's. // Add links, images, gifs and (youtube) video's.
var regex = /(https?:\/\/.[^ ]*)/ig; var regex = /(https?:\/\/.[^ <>"]*)/ig;
text = text.replace(regex, function(link) { text = text.replace(regex, function(link) {
// Add images // Add images
if (link.match(/(https?:\/\/.[^ ]*\.(?:png|jpg|jpeg|gif))/ig)) { if (link.match(/(https?:\/\/.[^ ]*\.(?:png|jpg|jpeg|gif))/ig)) {
@@ -93,4 +93,14 @@ function showGroups(groups, list) {
} else { } else {
return false; return false;
} }
} }
$(document).ready(function() {
$("body").delegate("textarea[maxlength]", "keydown", function() {
if ($(this).val().length / .9 >= $(this).attr("maxlength")) {
$(this).next().text($(this).val().length + "/" + $(this).attr("maxlength"));
} else {
$(this).next().text("");
}
});
});

46
website/public/js/masonry.js
View File

@@ -19,10 +19,32 @@ function requestPost(postID) {
var scrollBarWidth = window.innerWidth - document.body.offsetWidth; var scrollBarWidth = window.innerWidth - document.body.offsetWidth;
scrollbarMargin(scrollBarWidth, 'hidden'); scrollbarMargin(scrollBarWidth, 'hidden');
$('#modal-response').show(); $('#modal-response').show();
$('#modal-response').html(data); $('#modal-response').html(fancyText(data));
}); });
} }
function postPost() {
title = $("input.newpost[name='title']").val();
content = $("textarea.newpost[name='content']").val();
if (masonryMode == 2) {
$.post("API/postPost.php", { title: title,
content : content,
group : groupID })
.done(function() {
masonry(masonryMode);
});
} else {
$.post("API/postPost.php", { title: title,
content : content })
.done(function() {
masonry(masonryMode);
});
}
}
$(window).on("load", function() { $(window).on("load", function() {
$(".modal-close").click(function () { $(".modal-close").click(function () {
$(".modal").hide(); $(".modal").hide();
@@ -33,11 +55,15 @@ $(window).on("load", function() {
}); });
var masonryMode = 0; var masonryMode = 0;
var windowWidth = $(window).width();
$(window).resize(function() { $(window).resize(function() {
clearTimeout(window.resizedFinished); clearTimeout(window.resizedFinished);
window.resizeFinished = setTimeout(function() { window.resizeFinished = setTimeout(function() {
masonry(masonryMode); if ($(window).width() != windowWidth) {
windowWidth = $(window).width();
masonry(masonryMode);
}
}, 250); }, 250);
}); });
@@ -52,7 +78,7 @@ function masonry(mode) {
* Initialise columns. * Initialise columns.
*/ */
var columns = new Array(columnCount); var columns = new Array(columnCount);
var $columns = new Array(columnCount);
for (i = 0; i < columnCount; i++) { for (i = 0; i < columnCount; i++) {
$column = $("<div class=\"column\">"); $column = $("<div class=\"column\">");
$column.width(100/columnCount + "%"); $column.width(100/columnCount + "%");
@@ -60,13 +86,17 @@ function masonry(mode) {
columns[i] = [0, $column]; columns[i] = [0, $column];
} }
if(mode == 1) { if(mode > 0) {
$postInput = $("<div class=\"post platform\">"); $postInput = $("<div class=\"post platform\">");
$form = $("<form action=\"API/postPost.php\" method=\"post\">"); $form = $("<form class=\"newpost\" action=\"API/postPost.php\" method=\"post\" onsubmit=\"postPost(); return false;\">");
$postInput.append($form); $postInput.append($form);
$form.append($("<input class=\"newpost\" name=\"newpost-title\" placeholder=\"Titel\" type=\"text\">")); if(mode == 2) {
$form.append($("<textarea class=\"newpost\" name=\"newpost-content\" placeholder=\"Schrijf een berichtje...\">")); $form.append($("<input class=\"newpost\" type=\"hidden\" name=\"group\" value=\"" + groupID + "\">"));
}
$form.append($("<input class=\"newpost\" name=\"title\" placeholder=\"Titel\" type=\"text\">"));
$form.append($("<textarea class=\"newpost\" name=\"content\" placeholder=\"Schrijf een berichtje...\" maxlength='1000'></textarea><span></span>"));
$form.append($("<input value=\"Plaats!\" type=\"submit\">")); $form.append($("<input value=\"Plaats!\" type=\"submit\">"));
columns[0][1].append($postInput); columns[0][1].append($postInput);
@@ -100,7 +130,7 @@ function masonry(mode) {
$.each(posts, function() { $.each(posts, function() {
$post = $("<div class=\"post platform\" onclick=\"requestPost(\'"+this['postID']+"\')\">"); $post = $("<div class=\"post platform\" onclick=\"requestPost(\'"+this['postID']+"\')\">");
$post.append($("<h2>").html(this["title"])); $post.append($("<h2>").html(this["title"]));
$post.append($("<p>").html(this["content"])); $post.append($("<p>").html(fancyText(this["content"])));
$post.append($("<p class=\"subscript\">").text(this["nicetime"])); $post.append($("<p class=\"subscript\">").text(this["nicetime"]));
$post.append($("<p class=\"subscript\">").text("comments: " + this["comments"] + ", niet slechts: " + this["niet_slechts"])); $post.append($("<p class=\"subscript\">").text("comments: " + this["comments"] + ", niet slechts: " + this["niet_slechts"]));

8
website/public/js/post.js
View File

@@ -4,8 +4,10 @@ function postComment(buttonValue) {
$.post( $.post(
"API/postComment.php", "API/postComment.php",
formData formData
).done(function(data) { ).done(function (response) {
console.log(data); if (response == "frozen") {
alert("Je account is bevroren, dus je kan geen comments plaatsen of \"niet slechten\". Contacteer een admin als je denkt dat dit onjuist is.");
}
}); });
$("#newcomment").val(""); $("#newcomment").val("");
@@ -15,6 +17,6 @@ function postComment(buttonValue) {
"API/loadPost.php", "API/loadPost.php",
$("#newcommentform").serialize() $("#newcommentform").serialize()
).done(function (data) { ).done(function (data) {
$('#modal-response').html(data); $('#modal-response').html(fancyText(data));
}); });
} }

38
website/public/js/search.js
View File

@@ -1,12 +1,11 @@
function searchUsers(n, m) { $(window).on('load', function () {
pageNumber();
});
function searchUsers() {
$.post( $.post(
"API/searchUsers.php", "API/searchUsers.php",
{ $('#search-form').serialize()
n: n,
m: m,
search: $("#search-input").val(),
filter: $("#search-filter").val()
}
).done(function(data) { ).done(function(data) {
if (!showFriends(data, "#search-users-list", 0, "profile.php", "GET")) { if (!showFriends(data, "#search-users-list", 0, "profile.php", "GET")) {
$("#search-users-list").text("Niemand gevonden"); $("#search-users-list").text("Niemand gevonden");
@@ -14,18 +13,29 @@ function searchUsers(n, m) {
}); });
} }
function searchGroups(n, m) { function searchGroups() {
$.post( $.post(
"API/searchGroups.php", "API/searchGroups.php",
{ $('#search-form').serialize()
n: n,
m: m,
search: $("#search-input").val(),
filter: $("#search-filter").val()
}
).done(function(data) { ).done(function(data) {
if (!showGroups(data, "#search-groups-list")) { if (!showGroups(data, "#search-groups-list")) {
$("#search-groups-list").text("Geen groepen gevonden"); $("#search-groups-list").text("Geen groepen gevonden");
} }
}); });
}
function pageNumber() {
var input = input2 = $('#search-form').serialize();
$.post(
"API/searchPageNumber.php",
input + "&option=user"
).done(function (data) {
$('#user-pageselect').html(data);
});
$.post(
"API/searchPageNumber.php",
input2 + "&option=group"
).done(function (data) {
$('#group-pageselect').html(data);
});
} }

9
website/public/profile.php
View File

@@ -13,10 +13,11 @@
</head> </head>
<body> <body>
<?php <?php
include("../queries/user.php"); include_once("../queries/user.php");
include("../queries/friendship.php"); include_once("../queries/friendship.php");
include("../queries/nicetime.php"); include_once("../queries/nicetime.php");
include("../queries/post.php"); include_once("../queries/post.php");
include_once("../queries/calcAge.php");
if(empty($_GET["username"])) { if(empty($_GET["username"])) {
$userID = $_SESSION["userID"]; $userID = $_SESSION["userID"];

3
website/public/styles/adminpanel.css
View File

@@ -4,7 +4,7 @@
.admin-panel input[type="radio"], input[type="checkbox"] { .admin-panel input[type="radio"], input[type="checkbox"] {
vertical-align: middle; vertical-align: middle;
height: auto; height: 28px;
margin: 2px; margin: 2px;
} }
@@ -34,7 +34,6 @@
width: 100%; width: 100%;
} }
.usertable .table-checkbox {width: 20px}
.usertable .table-username {width: 150px} .usertable .table-username {width: 150px}
.usertable .table-status {width: 100px} .usertable .table-status {width: 100px}
.usertable .table-action {width: 200px} .usertable .table-action {width: 200px}

2
website/public/styles/header.css
View File

@@ -49,7 +49,7 @@ header div {
} }
#open-notifications { #open-notifications {
padding: 5px 20px 5px 0px; padding: 20px 20px 20px 0px;
} }
@media only screen and (max-width: 1080px) { @media only screen and (max-width: 1080px) {

18
website/public/styles/main.css
View File

@@ -92,6 +92,14 @@ p {
border-radius: 50%; border-radius: 50%;
} }
.online {
border: #4CAF50 solid 3px;
}
.offline {
border: #666666 solid 3px;
}
.group-picture { .group-picture {
border-radius: 5px; border-radius: 5px;
} }
@@ -299,8 +307,16 @@ div[data-title]:hover:after {
body { body {
font-size: 28px!important; font-size: 28px!important;
} }
button { button, input, select {
font-size: 28px; font-size: 28px;
height: 42px;
}
textarea {
font-size: 28px;
}
input[type="checkbox"], input[type="radio"] {
width: 28px;
height: 28px;
} }
} }

6
website/public/styles/profile.css
View File

@@ -45,7 +45,7 @@
.main-picture { .main-picture {
position: relative; position: relative;
border: #4CAF50 solid 5px; border-width: 5px;
display: inline-block; display: inline-block;
width: 150px; width: 150px;
@@ -120,4 +120,8 @@ div.posts .post form textarea.newpost {
.post-box { .post-box {
width: calc(100% - 65px); width: calc(100% - 65px);
} }
.modal {
left: 0!important;
width: 100%!important;
}
} }

44
website/queries/alerts.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
/**
* Class AlertMessage
* abstract class for alertMessages used in
*/
abstract class AlertMessage extends Exception {
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
abstract public function getClass();
}
/**
* Class HappyAlert
* class for a happy alert as an exception.
*/
class HappyAlert extends AlertMessage {
public function __construct($message = "Gelukt!", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
public function getClass() {
return "settings-message-happy";
}
}
/**
* Class AngryAlert
* class for an angry alert as as exception.
*/
class AngryAlert extends AlertMessage {
public function __construct($message = "Er is iets fout gegaan.", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
public function getClass() {
return "settings-message-angry";
}
}

11
website/queries/friendship.php
View File

@@ -16,6 +16,10 @@ function selectLimitedFriends($userID, $limit) {
`profilepicture`, `profilepicture`,
'../img/avatar-standard.png' '../img/avatar-standard.png'
) AS profilepicture, ) AS profilepicture,
CASE `lastactivity` >= DATE_SUB(NOW(),INTERVAL 15 MINUTE)
WHEN TRUE THEN 'online'
WHEN FALSE THEN 'offline'
END AS `onlinestatus`,
`role` `role`
FROM FROM
`user` `user`
@@ -28,11 +32,8 @@ function selectLimitedFriends($userID, $limit) {
`friendship`.`user1ID` = `user`.`userID`) AND `friendship`.`user1ID` = `user`.`userID`) AND
`user`.`role` != 'banned' AND `user`.`role` != 'banned' AND
`friendship`.`status` = 'confirmed' `friendship`.`status` = 'confirmed'
ORDER BY ORDER BY
CASE `user`.`lastactivity`
WHEN `friendship`.`user2ID` = `user`.`userID` THEN `friendship`.`chatLastVisted1`
WHEN `friendship`.`user1ID` = `user`.`userID` THEN `friendship`.`chatLastVisted2`
END
DESC DESC
LIMIT :limitCount LIMIT :limitCount
"); ");

31
website/queries/group_page.php
View File

@@ -11,6 +11,12 @@ function selectGroupByName($name) {
`description`, `description`,
`picture`, `picture`,
`status`, `status`,
(
SELECT `role`
FROM `group_member`
WHERE `group_member`.`groupID` = `group_page`.`groupID` AND
`userID` = :userID
) AS `role`,
COUNT(`group_member`.`groupID`) as `members` COUNT(`group_member`.`groupID`) as `members`
FROM FROM
`group_page` `group_page`
@@ -22,13 +28,36 @@ function selectGroupByName($name) {
name LIKE :name name LIKE :name
"); ");
$stmt->bindParam(':name', $name); $stmt->bindParam(':name', $name, PDO::PARAM_STR);
$stmt->bindParam(':userID', $_SESSION["userID"], PDO::PARAM_INT);
if (!$stmt->execute()) { if (!$stmt->execute()) {
return False; return False;
} }
return $stmt->fetch(); return $stmt->fetch();
} }
function selectGroupRole(int $groupID) {
$stmt = prepareQuery("
SELECT
`role`
FROM
`group_member`
WHERE
`groupID` = :groupID AND
`userID` = :userID
");
$stmt->bindParam(':groupID', $groupID, PDO::PARAM_INT);
$stmt->bindParam(':userID', $_SESSION["userID"], PDO::PARAM_INT);
if(!$stmt->execute()) {
return False;
}
if($stmt->rowCount() == 0) {
return "none";
}
return $stmt->fetch()["role"];
}
function selectGroupMembers(int $groupID) { function selectGroupMembers(int $groupID) {
$stmt = prepareQuery(" $stmt = prepareQuery("
SELECT SELECT

138
website/queries/picture.php Normal file
View File

@@ -0,0 +1,138 @@
<?php
/**
* Uploads Avatar, checks it, and removes the old one.
* @param bool $group
* @throws AngryAlert
* @throws HappyAlert
*/
function updateAvatar(bool $group = false) {
$publicDir = "/var/www/html/public/";
$tmpImg = $_FILES["pp"]["tmp_name"];
$avatarDir = $group ? "uploads/groupavatar/" : "uploads/profilepictures/";
checkAvatarSize($tmpImg);
if (getimagesize($tmpImg)["mime"] == "image/gif") {
if ($_FILES["pp"]["size"] > 4000000) {
throw new AngryAlert("Bestand is te groot, maximaal 4MB toegestaan.");
}
$relativePath = $avatarDir . $_SESSION["userID"] . "_avatar.gif";
$group ? removeOldGroupAvatar($_POST["groupID"]) : removeOldUserAvatar();
move_uploaded_file($tmpImg, $publicDir . $relativePath);
} else {
$relativePath = $avatarDir . $_SESSION["userID"] . "_avatar.png";
$scaledImg = scaleAvatar($tmpImg);
$group ? removeOldGroupAvatar($_POST["groupID"]) : removeOldUserAvatar();
imagepng($scaledImg, $publicDir . $relativePath);
}
$group ? setGroupAvatarToDatabase("../" . $relativePath, $_POST["groupID"]) : setUserAvatarToDatabase("../" . $relativePath);
throw new HappyAlert("Profielfoto veranderd.");
}
/**
* Removes the old avatar from the uploads folder, for a user.
*/
function removeOldUserAvatar() {
$stmt = prepareQuery("
SELECT
`profilepicture`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
$old_avatar = $stmt->fetch()["profilepicture"];
if ($old_avatar != NULL) {
unlink("/var/www/html/public/uploads/" . $old_avatar);
}
}
/**
* Removes the old avatar from the uploads folder, for a group.
* @param int $groupID
*/
function removeOldGroupAvatar(int $groupID) {
$stmt = prepareQuery("
SELECT
`picture`
FROM
`group_page`
WHERE
groupID = :groupID
");
$stmt->bindParam(":groupID", $groupID);
$stmt->execute();
$old_avatar = $stmt->fetch()["picture"];
if ($old_avatar != NULL) {
unlink("/var/www/html/public/uploads/" . $old_avatar);
}
}
/**
* Inserts the the path to the avatar into the database, for Users.
* @param string $url path to the avatar
*/
function setUserAvatarToDatabase(string $url) {
$stmt = prepareQuery("
UPDATE
`user`
SET
`profilepicture` = :avatar
WHERE
`userID` = :userID
");
$stmt->bindParam(":avatar", $url);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
}
/**
* Inserts the the path to the avatar into the database, for Groups.
* @param string $url path to the avatar
* @param int $groupID
*/
function setGroupAvatarToDatabase(string $url, int $groupID) {
$stmt = prepareQuery("
UPDATE
`group_page`
SET
`picture` = :avatar
WHERE
`groupID` = :groupID
");
$stmt->bindParam(":avatar", $url);
$stmt->bindParam(":groupID", $groupID);
$stmt->execute();
}
/**
* Checks the resoluton of a picture.
* @param string $img
* @throws AngryAlert
*/
function checkAvatarSize(string $img) {
$minResolution = 200;
$imgSize = getimagesize($img);
if ($imgSize[0] < $minResolution or $imgSize[1] < $minResolution) {
throw new AngryAlert("Afbeelding te klein, minimaal 200x200 pixels.");
}
}
/**
* Scales a picture, standard width is 600px.
* @param string $imgLink Path to a image file
* @param int $newWidth Custom image width.
* @return bool|resource Returns the image as an Resource.
* @throws AngryAlert
*/
function scaleAvatar(string $imgLink, int $newWidth = 600) {
$img = imagecreatefromstring(file_get_contents($imgLink));
if ($img) {
return imagescale($img, $newWidth);
} else {
throw new AngryAlert("Afbeelding wordt niet ondersteund.");
}
}

2
website/queries/private_message.php
View File

@@ -16,6 +16,8 @@ function getOldChatMessages($user2ID) {
`destination` = :user1 `destination` = :user1
ORDER BY ORDER BY
`creationdate` ASC `creationdate` ASC
LIMIT
100
"); ");
$stmt->bindParam(":user1", $user1ID); $stmt->bindParam(":user1", $user1ID);

116
website/queries/settings.php
View File

@@ -1,49 +1,7 @@
<?php <?php
include_once "../queries/emailconfirm.php"; include_once "../queries/emailconfirm.php";
include_once "../queries/picture.php";
/** include_once "../queries/alerts.php";
* Class AlertMessage
* abstract class for alertMessages used in
*/
abstract class AlertMessage extends Exception {
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
abstract public function getClass();
}
/**
* Class HappyAlert
* class for a happy alert as an exception.
*/
class HappyAlert extends AlertMessage {
public function __construct($message = "Gelukt!", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
public function getClass() {
return "settings-message-happy";
}
}
/**
* Class AngryAlert
* class for an angry alert as as exception.
*/
class AngryAlert extends AlertMessage {
public function __construct($message = "Er is iets fout gegaan.", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
public function getClass() {
return "settings-message-angry";
}
}
/** /**
* Gets the settings form the database. * Gets the settings form the database.
@@ -232,74 +190,4 @@ function doChangeEmail($email) {
} else { } else {
throw new AngryAlert(); throw new AngryAlert();
} }
}
function updateAvatar() {
$profilePictureDir = "/var/www/html/public/";
$tmpImg = $_FILES["pp"]["tmp_name"];
checkAvatarSize($tmpImg);
if (getimagesize($tmpImg)["mime"] == "image/gif") {
if ($_FILES["pp"]["size"] > 4000000) {
throw new AngryAlert("Bestand is te groot, maximaal 4MB toegestaan.");
}
$relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_avatar.gif";
move_uploaded_file($tmpImg, $profilePictureDir . $relativePath);
} else {
$relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_avatar.png";
$scaledImg = scaleAvatar($tmpImg);
imagepng($scaledImg, $profilePictureDir . $relativePath);
}
removeOldAvatar();
setAvatarToDatabase("../" . $relativePath);
throw new HappyAlert("Profielfoto veranderd.");
}
function removeOldAvatar() {
$stmt = prepareQuery("
SELECT
`profilepicture`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
$old_avatar = $stmt->fetch()["profilepicture"];
if ($old_avatar != NULL) {
unlink("/var/www/html/public/uploads/" . $old_avatar);
}
}
function setAvatarToDatabase(string $url) {
$stmt = prepareQuery("
UPDATE
`user`
SET
`profilepicture` = :avatar
WHERE
`userID` = :userID
");
$stmt->bindParam(":avatar", $url);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
}
function checkAvatarSize(string $img) {
$minResolution = 200;
$imgSize = getimagesize($img);
if ($imgSize[0] < $minResolution or $imgSize[1] < $minResolution) {
throw new AngryAlert("Afbeelding te klein, minimaal 200x200 pixels.");
}
}
function scaleAvatar(string $imgLink, int $newWidth = 600) {
$img = imagecreatefromstring(file_get_contents($imgLink));
if ($img) {
return imagescale($img, $newWidth);
} else {
throw new AngryAlert("Afbeelding wordt niet ondersteund.");
}
} }

62
website/queries/user.php
View File

@@ -2,6 +2,19 @@
require_once ("connect.php"); require_once ("connect.php");
function updateLastActivity() {
$stmt = prepareQuery("
UPDATE
`user`
SET
`lastactivity` = NOW()
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $_SESSION["userID"]);
return $stmt->execute();
}
function getUserID($username) { function getUserID($username) {
$stmt = prepareQuery(" $stmt = prepareQuery("
SELECT SELECT
@@ -107,48 +120,6 @@ function selectAllUserGroups($userID) {
return $stmt; return $stmt;
} }
function selectAllUserPosts($userID) {
$stmt = prepareQuery("
SELECT
`post`.`postID`,
`post`.`author`,
`title`,
CASE LENGTH(`post`.`content`) >= 150 AND `post`.`content` NOT LIKE '<img%'
WHEN TRUE THEN
CONCAT(LEFT(`post`.`content`, 150), '...')
WHEN FALSE THEN
`post`.`content`
END
AS `content`,
`post`.`creationdate`,
COUNT(`commentID`) AS `comments`,
COUNT(`niet_slecht`.`postID`) AS `niet_slechts`
FROM
`post`
LEFT JOIN
`niet_slecht`
ON
`post`.`postID` = `niet_slecht`.`postID`
LEFT JOIN
`comment`
ON
`post`.`postID` = `comment`.`postID`
WHERE
`post`.`author` = :userID AND
`groupID` IS NULL
GROUP BY
`post`.`postID`
ORDER BY
`post`.`creationdate` DESC
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
if(!$stmt->execute()) {
return False;
}
return $stmt;
}
function select20UsersFromN($n) { function select20UsersFromN($n) {
$q = prepareQuery(" $q = prepareQuery("
SELECT SELECT
@@ -396,9 +367,10 @@ function countSomeUsers($search) {
FROM FROM
`user` `user`
WHERE WHERE
`username` LIKE :keyword OR (`username` LIKE :keyword OR
`fname` LIKE :keyword OR `fname` LIKE :keyword OR
`lname` LIKE :keyword `lname` LIKE :keyword) AND
`role` != 'banned'
ORDER BY ORDER BY
`fname`, `fname`,
`lname`, `lname`,
@@ -423,7 +395,7 @@ function getRoleByID($userID) {
$stmt->bindParam(':userID', $userID); $stmt->bindParam(':userID', $userID);
$stmt->execute(); $stmt->execute();
return $stmt; return $stmt->fetch()["role"];
} }
function editBanCommentByID($userID, $comment) { function editBanCommentByID($userID, $comment) {

2
website/views/group.php
View File

@@ -1,6 +1,6 @@
<div class="content"> <div class="content">
<div class="profile-box platform"> <div class="profile-box platform">
<img class="left group-picture" src="<?= $group['picture'] ?>"> <img class="left main-picture" src="<?= $group['picture'] ?>">
<div class="profile-button"> <div class="profile-button">
<p><img src="img/leave-group.png"> Groep verlaten</p> <p><img src="img/leave-group.png"> Groep verlaten</p>
</div> </div>

5
website/views/head.php
View File

@@ -19,9 +19,12 @@
require_once ("../queries/checkInput.php"); require_once ("../queries/checkInput.php");
require_once ("../queries/connect.php"); require_once ("../queries/connect.php");
require_once ("../queries/user.php");
session_start(); session_start();
if(!isset($_SESSION["userID"])){ if(!isset($_SESSION["userID"])){
header("location:login.php"); header("location:login.php");
} } else {
updateLastActivity();
}

3
website/views/header.php
View File

@@ -25,8 +25,7 @@ $userinfo = getHeaderInfo();
</div> </div>
<?=$userinfo["fname"]?> <?=$userinfo["fname"]?>
</div> </div>
<img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/> <img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/><i id="open-notifications" class="fa fa-bars"></i>
<i id="open-notifications" class="fa fa-bars"></i>
</div> </div>
</header> </header>
<?php include("notification-center.php"); ?> <?php include("notification-center.php"); ?>

4
website/views/notification-center.php
View File

@@ -7,9 +7,9 @@
include_once ("../queries/user.php"); include_once ("../queries/user.php");
// auth // auth
$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC); $role = getRoleByID($_SESSION['userID']);
if ($userinfo['role'] == 'admin' OR $userinfo['role'] == 'owner') { if ($role == 'admin' OR $role == 'owner') {
echo "<a href=\"admin.php\" data-title=\"Admin\"><i class=\"fa fa-lock\"></i></a>"; echo "<a href=\"admin.php\" data-title=\"Admin\"><i class=\"fa fa-lock\"></i></a>";
echo "<style>@import url('styles/adminbutton.css'); </style>"; echo "<style>@import url('styles/adminbutton.css'); </style>";
} }

2
website/views/post-view.php
View File

@@ -24,7 +24,7 @@ echo("
<div class="commentfield"> <div class="commentfield">
<form id="newcommentform" onsubmit="return false;"> <form id="newcommentform" onsubmit="return false;">
<input type="hidden" id="newcomment-textarea" name="postID" value="<?= $postID ?>"> <input type="hidden" id="newcomment-textarea" name="postID" value="<?= $postID ?>">
<textarea id="newcomment" name="newcomment-content" placeholder="Laat een reactie achter..."></textarea> <br> <textarea id="newcomment" name="newcomment-content" placeholder="Laat een reactie achter..." maxlength="1000"></textarea><span></span> <br>
<button onclick="postComment('reaction')" name="button" value="reaction">Reageer!</button> <button onclick="postComment('reaction')" name="button" value="reaction">Reageer!</button>
<button onclick="postComment('nietslecht')" name="button" value="nietslecht" class="nietslecht"> <button onclick="postComment('nietslecht')" name="button" value="nietslecht" class="nietslecht">
<?php <?php

6
website/views/profile.php
View File

@@ -1,10 +1,10 @@
<div class="content"> <div class="content">
<div class="user-box"> <div class="user-box">
<img class="profile-picture main-picture" src="<?= $user["profilepicture"] ?>"><br /> <img class="profile-picture main-picture <?= $user["onlinestatus"] ?>" src="<?= $user["profilepicture"] ?>"><br />
<div class="platform"> <div class="platform">
<div class="status-buttons-container"> <div class="status-buttons-container">
<button disabled class="gray"> <button disabled class="gray">
<?= $user["onlinestatus"] ?> <?= $user["onlinestatus"] ?>
</button> </button>
<button disabled class="gray"><?= $user["role"] ?></button> <button disabled class="gray"><?= $user["role"] ?></button>
</div> </div>
@@ -29,7 +29,7 @@
<h3>Informatie</h3> <h3>Informatie</h3>
<p> <p>
<ul> <ul>
<li>Geboren op: <?= $user["birthdate"] ?></li> <li>Leeftijd: <?= getAge($user["birthdate"]) ?> jaar</li>
<li>Locatie: <?= $user["location"] ?></li> <li>Locatie: <?= $user["location"] ?></li>
<li>Lid sinds: <?= nicetime($user["creationdate"]) ?></li> <li>Lid sinds: <?= nicetime($user["creationdate"]) ?></li>
</ul> </ul>

44
website/views/search-view.php
View File

@@ -21,10 +21,8 @@ if (isset($_GET['filter'])) {
} }
$user_n = ($user_currentpage - 1) * $user_perpage; $user_n = ($user_currentpage - 1) * $user_perpage;
$user_count = countSomeUsers($search)->fetchColumn();
$group_n = ($group_currentpage - 1) * $group_perpage; $group_n = ($group_currentpage - 1) * $group_perpage;
$group_count = countSomeGroups($search)->fetchColumn();
?> ?>
<div class="content"> <div class="content">
@@ -40,8 +38,10 @@ $group_count = countSomeGroups($search)->fetchColumn();
id="search-input" id="search-input"
name="search" name="search"
onkeyup=" onkeyup="
searchUsers(<?= $user_n ?>, <?= $user_perpage ?>); $('#user-pagenumber, #group-pagenumber').prop('value', 1);
searchGroups(<?= $group_n ?>, <?= $group_perpage ?>);" searchUsers();
searchGroups();
pageNumber();"
placeholder="Zoek" placeholder="Zoek"
value=<?php echo "$search";?> value=<?php echo "$search";?>
> >
@@ -66,26 +66,12 @@ $group_count = countSomeGroups($search)->fetchColumn();
<div class="platform item-box searchleft" id="search-friends-output"> <div class="platform item-box searchleft" id="search-friends-output">
<h4>Gebruikers</h4> <h4>Gebruikers</h4>
<select class="user-pageselect" <div id="user-pageselect"></div>
name="user-pageselect"
id="user-pageselect"
form="search-form"
onchange="this.form.submit()">
<?php
for ($i=1; $i <= ceil($user_count / $user_perpage); $i++) {
if ($user_currentpage == $i) {
echo "<option value='$i' selected>$i</option>";
} else {
echo "<option value='$i'>$i</option>";
}
}
?>
</select>
<ul id='search-users-list' class='nav-list'> <ul id='search-users-list' class='nav-list'>
<script> <script>
$(document).ready(function(){ $(document).ready(function(){
searchUsers(<?= $user_n ?>, <?= $user_perpage ?>); searchUsers();
}); });
</script> </script>
</ul> </ul>
@@ -94,26 +80,12 @@ $group_count = countSomeGroups($search)->fetchColumn();
<div class="platform item-box searchright" id="search-group-output"> <div class="platform item-box searchright" id="search-group-output">
<h4>Groepen</h4> <h4>Groepen</h4>
<select class="group-pageselect" <div id="group-pageselect"></div>
name="group-pageselect"
id="group-pageselect"
form="search-form"
onchange="this.form.submit()">
<?php
for ($i=1; $i <= ceil($group_count / $group_perpage); $i++) {
if ($group_currentpage == $i) {
echo "<option value='$i' selected>$i</option>";
} else {
echo "<option value='$i'>$i</option>";
}
}
?>
</select>
<ul id="search-groups-list" class="nav-list"> <ul id="search-groups-list" class="nav-list">
<script> <script>
$(document).ready(function(){ $(document).ready(function(){
searchGroups(<?= $group_n ?>, <?= $group_perpage ?>); searchGroups();
}); });
</script> </script>
</ul> </ul>

36
website/views/searchPageNumber.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
if ($option == "user") {
echo "<select class=\"user-pageselect\"
name=\"user-pageselect\"
id='user-pagenumber'
form=\"search-form\"
onchange=\"pageNumber(); searchUsers();\">";
for ($i=1; $i <= ceil($user_count / $user_perpage); $i++) {
if ($user_currentpage == $i) {
echo "<option value='$i' selected>$i</option>";
} else {
echo "<option value='$i'>$i</option>";
}
}
echo "</select>";
} else {
echo "<select class=\"group-pageselect\"
name=\"group-pageselect\"
id='group-pagenumber'
form=\"search-form\"
onchange=\"pageNumber(); searchGroups();\">";
for ($i=1; $i <= ceil($group_count / $group_perpage); $i++) {
if ($group_currentpage == $i) {
echo "<option value='$i' selected>$i</option>";
} else {
echo "<option value='$i'>$i</option>";
}
}
echo "</select>";
}
?>

3
website/views/settings-view.php
View File

@@ -99,7 +99,8 @@ $settings = getSettings();
rows="5" rows="5"
title="bio" title="bio"
id="bio" id="bio"
><?=$settings["bio"]?></textarea> maxlength="1000"
><?=$settings["bio"]?></textarea><span></span>
</li> </li>
<li> <li>
<label></label> <label></label>