From 5c1208460f37a1552405d8b95f6cffbc0ede0da2 Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Thu, 26 Jan 2017 16:12:50 +0100
Subject: [PATCH] Added direct button on the profile to chat with someone

---
 website/public/js/friendButtons.js  |   2 +
 website/queries/private_message.php | 131 +++++++++++++++-------------
 website/queries/user.php            |   8 +-
 website/views/profile.php           |   8 +-
 4 files changed, 86 insertions(+), 63 deletions(-)

diff --git a/website/public/js/friendButtons.js b/website/public/js/friendButtons.js
index 7b511a5..bdc3cc8 100644
--- a/website/public/js/friendButtons.js
+++ b/website/public/js/friendButtons.js
@@ -4,12 +4,14 @@ function placeFriendButtons() {
             friendshipStatus = data;
             $buttonContainer = $("div.friend-button-container");
             $buttonContainer.children().remove();
+            $("#start-profile-chat-form").hide();
             if (friendshipStatus == -1) {
                 return;
             } else if(friendshipStatus == 0) {
                 $buttonContainer.append($("<button class=\"green friend-button\" value=\"request\"><i class=\"fa fa-handshake-o\"></i> Bevriend</button>"));
             } else if(friendshipStatus == 1) {
                 $buttonContainer.append($("<button class=\"red friend-button\" value=\"delete\"><i class=\"fa fa-times\"></i> Verwijder</button>"));
+                $("#start-profile-chat-form").show();
             } else if(friendshipStatus == 2) {
                 $buttonContainer.append($("<button class=\"red friend-button\" value=\"delete\"><i class=\"fa fa-times\"></i> Trek verzoek in</button>"));
             } else if(friendshipStatus == 3) {
diff --git a/website/queries/private_message.php b/website/queries/private_message.php
index fecea2b..d2b1537 100644
--- a/website/queries/private_message.php
+++ b/website/queries/private_message.php
@@ -1,78 +1,90 @@
 <?php
 
 function getOldChatMessages($user2ID) {
+    require_once ("friendship.php");
     $user1ID = $_SESSION["userID"];
+    if (getFriendshipStatus($user2ID) == 1) {
+        $stmt = $GLOBALS["db"]->prepare("
+        SELECT
+            *
+        FROM
+            `private_message`
+        WHERE
+            `origin` = :user1 AND 
+            `destination` = :user2 OR 
+            `origin` = :user2 AND
+            `destination` = :user1
+        ORDER BY
+            `messageID` ASC
+        ");
 
-    $stmt = $GLOBALS["db"]->prepare("
-    SELECT
-        *
-    FROM
-        `private_message`
-    WHERE
-        `origin` = :user1 AND 
-        `destination` = :user2 OR 
-        `origin` = :user2 AND
-        `destination` = :user1
-    ORDER BY
-        `messageID` ASC
-    ");
+        $stmt->bindParam(":user1", $user1ID);
+        $stmt->bindParam(":user2", $user2ID);
 
-    $stmt->bindParam(":user1", $user1ID);
-    $stmt->bindParam(":user2", $user2ID);
+        $stmt->execute();
 
-    $stmt->execute();
-
-    return json_encode($stmt->fetchAll());
+        return json_encode($stmt->fetchAll());
+    } else {
+        return "[]";
+    }
 }
 
 function sendMessage($destination, $content) {
-    $stmt = $GLOBALS["db"]->prepare("
-    INSERT INTO
-        `private_message`
-    (
-        `origin`,
-        `destination`,
-        `content`
-    )
-    VALUES
-    (
-        :origin,
-        :destination,
-        :content
-    )
-    ");
+    if (getFriendshipStatus($destination) == 1) {
+        $stmt = $GLOBALS["db"]->prepare("
+        INSERT INTO
+            `private_message`
+        (
+            `origin`,
+            `destination`,
+            `content`
+        )
+        VALUES
+        (
+            :origin,
+            :destination,
+            :content
+        )
+        ");
 
-    return $stmt->execute(array(
-        "origin" => $_SESSION["userID"],
-        "destination" => $destination,
-        "content" => $content
-    ));
+        return $stmt->execute(array(
+            "origin" => $_SESSION["userID"],
+            "destination" => $destination,
+            "content" => $content
+        ));
+    } else {
+        return false;
+    }
 }
 
 function getNewChatMessages($lastID, $destination) {
-    $stmt = $GLOBALS["db"]->prepare("
-    SELECT
-        *
-    FROM
-        `private_message`
-    WHERE
-        (
-        `origin` = :user1 AND 
-        `destination` = :user2 OR 
-        `origin` = :user2 AND
-        `destination` = :user1) AND
-        `messageID` > :lastID
-    ORDER BY
-        `messageID` ASC
-    ");
+    if (getFriendshipStatus($user2ID) == 1) {
+        $stmt = $GLOBALS["db"]->prepare("
+        SELECT
+            *
+        FROM
+            `private_message`
+        WHERE
+            (
+            `origin` = :user1 AND 
+            `destination` = :user2 OR 
+            `origin` = :user2 AND
+            `destination` = :user1) AND
+            `messageID` > :lastID
+        ORDER BY
+            `messageID` ASC
+        ");
 
-    $stmt->bindParam(':user1', $_SESSION["userID"]);
-    $stmt->bindParam(':user2', $destination);
-    $stmt->bindParam(':lastID', $lastID);
+        $stmt->bindParam(':user1', $_SESSION["userID"]);
+        $stmt->bindParam(':user2', $destination);
+        $stmt->bindParam(':lastID', $lastID);
 
-    $stmt->execute();
+        $stmt->execute();
 
-    return json_encode($stmt->fetchAll());
+        return json_encode($stmt->fetchAll());
+    } else {
+        return "[]";
+    }
 }
 
 
@@ -101,7 +113,8 @@ function selectAllUnreadChat() {
        `friendship`.chatLastVisted2 IS NULL)) AND
       `private_message`.`origin` = `user`.`userID` AND
       `private_message`.`destination` = :userID AND
-      `user`.`role` != 'banned'
+      `user`.`role` != 'banned' AND
+      `friendship`.`status` = 'confirmed'
     
     GROUP BY `user`.`userID`
 
diff --git a/website/queries/user.php b/website/queries/user.php
index 4a7ee57..3b0c4a8 100644
--- a/website/queries/user.php
+++ b/website/queries/user.php
@@ -35,6 +35,7 @@ function getUsername($userID) {
 function selectUser($me, $other) {
     $stmt = $GLOBALS["db"]->prepare("
         SELECT
+          `userID`,
           `username`,
           `birthdate`,
           `location`,
@@ -94,7 +95,7 @@ function selectAllUserGroups($userID) {
             `group_page`.`groupID` = `group_member`.`groupID`
         WHERE
             `userID` = :userID AND
-            `role` = 1
+            `role` = 'member'
     ");
 
     $stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
@@ -331,9 +332,10 @@ function searchSomeUsers($n, $m, $search) {
     FROM
       `user`
     WHERE
-        `username` LIKE :keyword OR 
+        (`username` LIKE :keyword OR 
         `fname` LIKE :keyword OR 
-        `lname` LIKE :keyword
+        `lname` LIKE :keyword) AND
+        `role` != 'banned'
     ORDER BY 
         `fname`, 
         `lname`, 
diff --git a/website/views/profile.php b/website/views/profile.php
index 54f028d..bd009e3 100644
--- a/website/views/profile.php
+++ b/website/views/profile.php
@@ -1,7 +1,13 @@
 <div class="content">
     <div class="profile-box platform">
         <img class="left profile-picture" src="<?php echo $user["profilepicture"] ?>">
-
+        <form id="start-profile-chat-form" class="right" action="chat.php" method="get">
+            <button name="username"
+                    class="friend-button green"
+                    value="<?php echo $user["userID"] ?>">
+                <i class="fa fa-comment-o"></i> Chat
+            </button>
+        </form>
         <div class="friend-button-container">
 
         </div>