Merge branch 'master' into hendrik-post

2017-02-02 13:43:31 +01:00
parent d4d16661df ab5f243281
commit 6ed19d9060
29 changed files with 206 additions and 62 deletions
--- a/website/public/API/loadChatNotifications.php
+++ b/website/public/API/loadChatNotifications.php
@@ -6,6 +6,7 @@ require_once ("../../queries/connect.php");
 require_once ("../../queries/private_message.php");
 require_once("../../queries/user.php");

+// Check if the user is allowed to load them.
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
    echo selectAllUnreadChat();
--- a/website/public/API/loadFriendRequest.php
+++ b/website/public/API/loadFriendRequest.php
@@ -6,6 +6,7 @@ require_once ("../../queries/connect.php");
 require_once ("../../queries/friendship.php");
 require_once ("../../queries/user.php");

+// Check if the user is allowed to load them.
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'frozen' &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
--- a/website/public/API/loadFriends.php
+++ b/website/public/API/loadFriends.php
@@ -7,9 +7,11 @@ require_once ("../../queries/checkInput.php");
 require_once ("../../queries/friendship.php");
 require_once("../../queries/user.php");

+// Check if the user is allowed to load them.
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
    if (isset($_SESSION["userID"])) {
+        // Echo the limited or unlimited users.
        if (isset($_POST["limit"])) {
            echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_POST["limit"]));
        } else if (isset($_GET["limit"])) {
--- a/website/public/API/loadGroups.php
+++ b/website/public/API/loadGroups.php
@@ -8,8 +8,10 @@ require_once ("../../queries/group_member.php");

 require_once("../../queries/user.php");

+// Check if the user is allowed to load them.
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
+    // Echo the limited or unlimited groups.
    if (isset($_POST["limit"])) {
        echo selectLimitedGroupsFromUser($_SESSION["userID"], (int)test_input($_POST["limit"]));
    } else {
--- a/website/public/API/loadMessages.php
+++ b/website/public/API/loadMessages.php
@@ -8,8 +8,10 @@ require_once("../../queries/checkInput.php");
 require_once("../../queries/friendship.php");
 require_once("../../queries/user.php");

+// Check if the user is allowed to get the messages.
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
+    // Check if the users wants new messages or old ones, and give the right one back.
    if (isset($_POST["lastID"]) && $_POST["lastID"] != "") {
        setLastVisited(test_input($_POST["destination"]));
        echo getNewChatMessages(test_input($_POST["lastID"]), test_input($_POST["destination"]));
--- a/website/public/API/searchPageNumber.php
+++ b/website/public/API/searchPageNumber.php
@@ -6,11 +6,11 @@ require_once ("../../queries/connect.php");
 require_once ("../../queries/checkInput.php");
 require_once ("../../queries/user.php");
 require_once ("../../queries/group_page.php");
+require_once ("../../queries/friendship.php");
+require_once ("../../queries/group_member.php");

 if (isset($_SESSION["userID"]) &&
-    getRoleByID($_SESSION["userID"]) != 'banned') {
-
-    $user_perpage = $group_perpage = 20;
+    getRoleByID($_SESSION["userID"]) != 'banned') {$user_perpage = $group_perpage = 20;

    $user_currentpage = $group_currentpage = 1;
    if (isset($_POST['user-pageselect'])) {
@@ -28,20 +28,26 @@ if (isset($_SESSION["userID"]) &&
        $search = test_input($_POST['search']);
    }

-    $user_count = countSomeUsers($search)->fetchColumn();
-    $group_count = countSomeGroups($search)->fetchColumn();
-
    $filter = "all";
    if (isset($_POST['filter'])) {
        $filter = test_input($_POST['filter']);
    }

+    if ($filter == "all") {
+        $user_count = countSomeUsers($search)->fetchColumn();
+        $group_count = countSomeGroups($search)->fetchColumn();
+    } else {
+        $user_count = countSomeFriends($search);
+        $group_count = countSomeOwnGroups($search);
+    }
+
+
    $option = "user";
    if (isset($_POST['option'])) {
        $option = test_input($_POST['option']);
    }

-    include("../../views/searchPageNumber.php");
+    include ("../../views/searchPageNumber.php");
 } else {
    header('HTTP/1.0 403 Forbidden');
-}
+}
--- a/website/public/API/sendMessage.php
+++ b/website/public/API/sendMessage.php
@@ -6,12 +6,15 @@ require_once("../../queries/private_message.php");
 require_once("../../queries/checkInput.php");
 require_once("../../queries/user.php");

+// Check if the user is allowed to send a message.
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'frozen' &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
    if (!empty(test_input($_POST["destination"])) &&
        !empty(test_input($_POST["content"]))
    ) {
+        // Send the message.
+        // Returns false when it didn't succeed sending the message.
        if (sendMessage(test_input($_POST["destination"]), test_input($_POST["content"]))) {
            echo 1;
        } else {