Merge branch 'master' into kevin-prototype
This commit is contained in:
K. Nobel
@@ -38,8 +38,7 @@ function checkName($variable){
|
||||
if (empty($variable)) {
|
||||
throw new lettersAndSpacesException("Verplicht!");
|
||||
} else if (!preg_match("/^[a-zA-Z ]*$/", $variable)) {
|
||||
|
||||
throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
|
||||
throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -48,12 +47,12 @@ function validateBday($variable){
|
||||
if (empty($variable)) {
|
||||
throw new bdayException("Verplicht!");
|
||||
} else {
|
||||
if (!(validateDate($variable, "Y/m/d"))) {
|
||||
if (!(validateDate($variable, "Y-m-d"))) {
|
||||
throw new bdayException("Geen geldige datum");
|
||||
} else {
|
||||
$dateNow = date("Y/m/d");
|
||||
$dateNow = date("Y-m-d");
|
||||
if ($dateNow < $variable) {
|
||||
throw new bdayException("Geen geldige datum");
|
||||
throw new bdayException("Geen geldige datum!");
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -97,6 +96,12 @@ function validateEmail($variable){
|
||||
}
|
||||
}
|
||||
|
||||
function matchEmail(){
|
||||
if (strtolower($_POST["email"]) != strtolower($_POST["confirmEmail"])){
|
||||
throw new confirmEmailException("Emails matchen niet!");
|
||||
}
|
||||
}
|
||||
|
||||
/* checks if an input is a valid email. */
|
||||
function resetEmail($variable){
|
||||
if (empty($variable)) {
|
||||
@@ -119,11 +124,11 @@ function matchPassword(){
|
||||
/* Checks if captcha is correctly filled in */
|
||||
function checkCaptcha($captcha){
|
||||
if(!$captcha){
|
||||
throw new captchaException("Captcha needs to be filled in!");
|
||||
throw new captchaException("Captcha moet ingevuld worde!");
|
||||
} else {
|
||||
$response=json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6Lc72xIUAAAAAPizuF3nUbklCPljVCVzgYespz8o&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']));
|
||||
if($response->success==false) {
|
||||
throw new captchaException("You are a spammer!");
|
||||
throw new captchaException("Je bent een spammer!");
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -206,6 +211,14 @@ class emailException extends Exception
|
||||
}
|
||||
}
|
||||
|
||||
class confirmEmailException extends Exception
|
||||
{
|
||||
public function __construct($message = "", $code = 0, Exception $previous = null)
|
||||
{
|
||||
parent::__construct($message, $code, $previous);
|
||||
}
|
||||
}
|
||||
|
||||
class captchaException extends Exception
|
||||
{
|
||||
public function __construct($message = "", $code = 0, Exception $previous = null)
|
||||
|
||||
@@ -9,10 +9,11 @@ function getUser() {
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
`username` LIKE :username
|
||||
`username` LIKE :username OR
|
||||
`email` LIKE :username
|
||||
");
|
||||
|
||||
$stmt->bindParam(":username", $_POST["uname"]);
|
||||
$stmt->bindValue(":username", test_input($_POST["user"]));
|
||||
$stmt->execute();
|
||||
return $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
}
|
||||
@@ -20,7 +21,7 @@ function getUser() {
|
||||
function validateLogin($username, $password){
|
||||
// Empty username or password field
|
||||
if (empty($username) || empty($password)) {
|
||||
throw new loginException("Gebruikersnaam of wachtwoord is niet ingevuld");
|
||||
throw new loginException("Inloggegevens zijn niet ingevuld");
|
||||
}
|
||||
else {
|
||||
$psw = test_input($password);
|
||||
@@ -41,6 +42,9 @@ function validateLogin($username, $password){
|
||||
</script>";
|
||||
} else {
|
||||
$_SESSION["userID"] = $userID;
|
||||
// if($_POST[rememberMe] == 1){
|
||||
// ini_set("session.gc_maxlifetime", "10");
|
||||
// }
|
||||
header("location: profile.php");
|
||||
}
|
||||
} else {
|
||||
|
||||
@@ -75,7 +75,7 @@ function makePost($userID, $groupID, $title, $content) {
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
function makeComment($postID, $userID, $content) {
|
||||
function makeComment($postID, $userID, $content) : int {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
INSERT INTO
|
||||
`comment` (
|
||||
@@ -94,4 +94,55 @@ function makeComment($postID, $userID, $content) {
|
||||
$stmt->bindParam(':userID', $userID);
|
||||
$stmt->bindParam(':content', $content);
|
||||
$stmt->execute();
|
||||
}
|
||||
return $stmt->rowCount();
|
||||
}
|
||||
|
||||
function makeNietSlecht(int $postID, int $userID) : int {
|
||||
if (checkNietSlecht($postID, $userID)) {
|
||||
return deleteNietSlecht($postID, $userID);
|
||||
} else {
|
||||
return addNietSlecht($postID, $userID);
|
||||
}
|
||||
}
|
||||
|
||||
function checkNietSlecht(int $postID, int $userID) {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
*
|
||||
FROM
|
||||
`niet_slecht`
|
||||
WHERE
|
||||
`userID` = :userID AND
|
||||
`postID` = :postID
|
||||
");
|
||||
$stmt->bindParam(":userID", $userID);
|
||||
$stmt->bindParam(":postID", $postID);
|
||||
$stmt->execute();
|
||||
return $stmt->rowCount();
|
||||
}
|
||||
|
||||
function addNietSlecht(int $postID, int $userID) {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
INSERT INTO
|
||||
`niet_slecht` (`userID`, `postID`)
|
||||
VALUES (:userID, :postID)
|
||||
");
|
||||
$stmt->bindParam(":userID", $userID);
|
||||
$stmt->bindParam(":postID", $postID);
|
||||
$stmt->execute();
|
||||
return $stmt->rowCount();
|
||||
}
|
||||
|
||||
function deleteNietSlecht(int $postID, int $userID) {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
DELETE FROM
|
||||
`niet_slecht`
|
||||
WHERE
|
||||
`userID` = :userID AND
|
||||
`postID` = :postID
|
||||
");
|
||||
$stmt->bindParam(":userID", $userID);
|
||||
$stmt->bindParam(":postID", $postID);
|
||||
$stmt->execute();
|
||||
return $stmt->rowCount();
|
||||
}
|
||||
|
||||
@@ -1,91 +1,105 @@
|
||||
<?php
|
||||
|
||||
function getOldChatMessages($user2ID) {
|
||||
require_once ("friendship.php");
|
||||
$user1ID = $_SESSION["userID"];
|
||||
if (getFriendshipStatus($user2ID) == 1) {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
*
|
||||
FROM
|
||||
`private_message`
|
||||
WHERE
|
||||
`origin` = :user1 AND
|
||||
`destination` = :user2 OR
|
||||
`origin` = :user2 AND
|
||||
`destination` = :user1
|
||||
ORDER BY
|
||||
`messageID` ASC
|
||||
");
|
||||
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
*
|
||||
FROM
|
||||
`private_message`
|
||||
WHERE
|
||||
`origin` = :user1 AND
|
||||
`destination` = :user2 OR
|
||||
`origin` = :user2 AND
|
||||
`destination` = :user1
|
||||
ORDER BY
|
||||
`messageID` ASC
|
||||
");
|
||||
$stmt->bindParam(":user1", $user1ID);
|
||||
$stmt->bindParam(":user2", $user2ID);
|
||||
|
||||
$stmt->bindParam(":user1", $user1ID);
|
||||
$stmt->bindParam(":user2", $user2ID);
|
||||
$stmt->execute();
|
||||
|
||||
$stmt->execute();
|
||||
|
||||
return json_encode($stmt->fetchAll());
|
||||
return json_encode($stmt->fetchAll());
|
||||
} else {
|
||||
return "[]";
|
||||
}
|
||||
}
|
||||
|
||||
function sendMessage($destination, $content) {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
INSERT INTO
|
||||
`private_message`
|
||||
(
|
||||
`origin`,
|
||||
`destination`,
|
||||
`content`
|
||||
)
|
||||
VALUES
|
||||
(
|
||||
:origin,
|
||||
:destination,
|
||||
:content
|
||||
)
|
||||
");
|
||||
require_once("friendship.php");
|
||||
if (getFriendshipStatus($destination) == 1) {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
INSERT INTO
|
||||
`private_message`
|
||||
(
|
||||
`origin`,
|
||||
`destination`,
|
||||
`content`
|
||||
)
|
||||
VALUES
|
||||
(
|
||||
:origin,
|
||||
:destination,
|
||||
:content
|
||||
)
|
||||
");
|
||||
|
||||
return $stmt->execute(array(
|
||||
"origin" => $_SESSION["userID"],
|
||||
"destination" => $destination,
|
||||
"content" => $content
|
||||
));
|
||||
return $stmt->execute(array(
|
||||
"origin" => $_SESSION["userID"],
|
||||
"destination" => $destination,
|
||||
"content" => $content
|
||||
));
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
function getNewChatMessages($lastID, $destination) {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
*
|
||||
FROM
|
||||
`private_message`
|
||||
WHERE
|
||||
(
|
||||
`origin` = :user1 AND
|
||||
`destination` = :user2 OR
|
||||
`origin` = :user2 AND
|
||||
`destination` = :user1) AND
|
||||
`messageID` > :lastID
|
||||
ORDER BY
|
||||
`messageID` ASC
|
||||
");
|
||||
require_once("friendship.php");
|
||||
if (getFriendshipStatus($destination) == 1) {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
*
|
||||
FROM
|
||||
`private_message`
|
||||
WHERE
|
||||
(
|
||||
`origin` = :user1 AND
|
||||
`destination` = :user2 OR
|
||||
`origin` = :user2 AND
|
||||
`destination` = :user1) AND
|
||||
`messageID` > :lastID
|
||||
ORDER BY
|
||||
`messageID` ASC
|
||||
");
|
||||
|
||||
$stmt->bindParam(':user1', $_SESSION["userID"]);
|
||||
$stmt->bindParam(':user2', $destination);
|
||||
$stmt->bindParam(':lastID', $lastID);
|
||||
$stmt->bindParam(':user1', $_SESSION["userID"]);
|
||||
$stmt->bindParam(':user2', $destination);
|
||||
$stmt->bindParam(':lastID', $lastID);
|
||||
|
||||
$stmt->execute();
|
||||
$stmt->execute();
|
||||
|
||||
return json_encode($stmt->fetchAll());
|
||||
return json_encode($stmt->fetchAll());
|
||||
} else {
|
||||
return "[]";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
function selectAllUnreadChat() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `fullname`,
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) AS `fullname`,
|
||||
`user`.`userID`,
|
||||
IFNULL(
|
||||
`profilepicture`,
|
||||
'../img/avatar-standard.png'
|
||||
) AS profilepicture,
|
||||
LEFT(`private_message`.`content`, 15) as `content`
|
||||
LEFT(`private_message`.`content`, 15) AS `content`
|
||||
FROM
|
||||
`private_message`,
|
||||
`friendship`,
|
||||
@@ -101,7 +115,8 @@ function selectAllUnreadChat() {
|
||||
`friendship`.chatLastVisted2 IS NULL)) AND
|
||||
`private_message`.`origin` = `user`.`userID` AND
|
||||
`private_message`.`destination` = :userID AND
|
||||
`user`.`role` != 'banned'
|
||||
`user`.`role` != 'banned' AND
|
||||
`friendship`.`status` = 'confirmed'
|
||||
|
||||
GROUP BY `user`.`userID`
|
||||
|
||||
|
||||
@@ -10,7 +10,7 @@ function getExistingUsername() {
|
||||
`username` LIKE :username
|
||||
");
|
||||
|
||||
$stmt->bindParam(":username", $_POST["username"]);
|
||||
$stmt->bindValue(":username", test_input($_POST["username"]));
|
||||
$stmt->execute();
|
||||
return $stmt->rowCount();
|
||||
|
||||
@@ -26,7 +26,7 @@ function getExistingEmail() {
|
||||
`email` LIKE :email
|
||||
");
|
||||
|
||||
$stmt->bindParam(":email", $_POST["email"]);
|
||||
$stmt->bindValue(":email", test_input($_POST["email"]));
|
||||
$stmt->execute();
|
||||
return $stmt->rowCount();
|
||||
|
||||
@@ -42,7 +42,7 @@ function getResetEmail() {
|
||||
`email` LIKE :email
|
||||
");
|
||||
|
||||
$stmt->bindParam(":email", $_POST["forgotEmail"]);
|
||||
$stmt->bindValue(":email", test_input($_POST["forgotEmail"]));
|
||||
$stmt->execute();
|
||||
return $stmt->rowCount();
|
||||
|
||||
@@ -70,15 +70,21 @@ function registerAccount() {
|
||||
|
||||
$hash=password_hash($_POST["password"], PASSWORD_DEFAULT);
|
||||
|
||||
$stmt->bindParam(":fname", $_POST["name"]);
|
||||
$stmt->bindParam(":lname", $_POST["surname"]);
|
||||
$stmt->bindParam(":bday", $_POST["bday"]);
|
||||
$stmt->bindParam(":username", $_POST["username"]);
|
||||
$stmt->bindParam(":password", $hash);
|
||||
$stmt->bindParam(":location", $_POST["location"]);
|
||||
$stmt->bindParam(":email", (strtolower($_POST["email"])));
|
||||
$stmt->bindValue(":fname", test_input($_POST["name"]));
|
||||
$stmt->bindValue(":lname", test_input($_POST["surname"]));
|
||||
$stmt->bindValue(":bday", test_input($_POST["bday"]));
|
||||
$stmt->bindValue(":username", test_input($_POST["username"]));
|
||||
$stmt->bindValue(":password", test_input($hash));
|
||||
$stmt->bindValue(":location", test_input($_POST["location"]));
|
||||
$stmt->bindValue(":email", test_input(strtolower($_POST["email"])));
|
||||
|
||||
$stmt->execute();
|
||||
$stmt->rowCount();
|
||||
}
|
||||
|
||||
function submitselect($date, $value){
|
||||
if ($date == $value){
|
||||
echo "selected";
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
@@ -50,5 +50,5 @@ function setHashToDatabase(int $userID, string $hash) {
|
||||
$stmt->bindParam(":hash", $hash);
|
||||
$stmt->bindParam(":userID", $userID);
|
||||
$stmt->execute();
|
||||
return $stmt->rowCount();
|
||||
$stmt->rowCount();
|
||||
}
|
||||
@@ -1,6 +1,10 @@
|
||||
<?php
|
||||
include_once "../queries/emailconfirm.php";
|
||||
|
||||
/**
|
||||
* Class AlertMessage
|
||||
* abstract class for alertMessages used in
|
||||
*/
|
||||
abstract class AlertMessage extends Exception {
|
||||
public function __construct($message = "", $code = 0, Exception $previous = null)
|
||||
{
|
||||
@@ -10,6 +14,10 @@ abstract class AlertMessage extends Exception {
|
||||
abstract public function getClass();
|
||||
}
|
||||
|
||||
/**
|
||||
* Class HappyAlert
|
||||
* class for a happy alert as an exception.
|
||||
*/
|
||||
class HappyAlert extends AlertMessage {
|
||||
|
||||
public function __construct($message = "Gelukt!", $code = 0, Exception $previous = null)
|
||||
@@ -22,6 +30,10 @@ class HappyAlert extends AlertMessage {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Class AngryAlert
|
||||
* class for an angry alert as as exception.
|
||||
*/
|
||||
class AngryAlert extends AlertMessage {
|
||||
public function __construct($message = "Er is iets fout gegaan.", $code = 0, Exception $previous = null)
|
||||
{
|
||||
@@ -46,7 +58,9 @@ function getSettings() {
|
||||
`location`,
|
||||
`birthdate`,
|
||||
`bio`,
|
||||
`profilepicture`
|
||||
`profilepicture`,
|
||||
`showBday`,
|
||||
`showEmail`
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
@@ -58,6 +72,10 @@ function getSettings() {
|
||||
return $stmt->fetch();
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the passwordHas form the database
|
||||
* @return mixed passwordhash
|
||||
*/
|
||||
function getPasswordHash() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
@@ -73,6 +91,10 @@ function getPasswordHash() {
|
||||
return $stmt->fetch();
|
||||
}
|
||||
|
||||
/**
|
||||
* Changes the setting from post.
|
||||
* @throws HappyAlert
|
||||
*/
|
||||
function updateSettings() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
UPDATE
|
||||
@@ -82,7 +104,9 @@ function updateSettings() {
|
||||
`lname` = :lname,
|
||||
`location` = :location,
|
||||
`birthdate` = :bday,
|
||||
`bio` = :bio
|
||||
`bio` = :bio,
|
||||
`showEmail` = :showEmail,
|
||||
`showBday` = :showBday
|
||||
WHERE
|
||||
`userID` = :userID
|
||||
");
|
||||
@@ -92,15 +116,22 @@ function updateSettings() {
|
||||
$stmt->bindValue(":location", test_input($_POST["location"]));
|
||||
$stmt->bindValue(":bday", test_input($_POST["bday"]));
|
||||
$stmt->bindValue(":bio", test_input($_POST["bio"]));
|
||||
$stmt->bindValue(":showEmail", test_input($_POST["showEmail"]));
|
||||
$stmt->bindValue(":showBday", test_input($_POST["showBday"]));
|
||||
|
||||
$stmt->bindValue(":userID", $_SESSION["userID"]);
|
||||
$stmt->execute();
|
||||
throw new HappyAlert("Instellingen zijn opgeslagen.");
|
||||
}
|
||||
|
||||
/**
|
||||
* Change
|
||||
* @throws AngryAlert
|
||||
*/
|
||||
function changePassword() {
|
||||
$user = getPasswordHash();
|
||||
if (password_verify($_POST["password-old"], $user["password"])) {
|
||||
if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
|
||||
if (password_verify($_POST["password-old"], test_input($user["password"]))) {
|
||||
if (test_input($_POST["password-new"]) == test_input($_POST["password-confirm"]) && (strlen(test_input($_POST["password-new"])) >= 8)) {
|
||||
doChangePassword();
|
||||
} else {
|
||||
throw new AngryAlert("Wachtwoorden komen niet overeen.");
|
||||
@@ -110,6 +141,10 @@ function changePassword() {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws AngryAlert
|
||||
* @throws HappyAlert
|
||||
*/
|
||||
function doChangePassword() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
UPDATE
|
||||
@@ -134,8 +169,8 @@ function doChangePassword() {
|
||||
|
||||
function changeEmail() {
|
||||
|
||||
if ($_POST["email"] == $_POST["email-confirm"]) {
|
||||
$email = strtolower($_POST["email"]);
|
||||
if (test_input($_POST["email"]) == test_input($_POST["email-confirm"])) {
|
||||
$email = strtolower(test_input($_POST["email"]));
|
||||
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
//check if email exists
|
||||
emailIsAvailableInDatabase($email);
|
||||
@@ -193,7 +228,6 @@ function updateAvatar() {
|
||||
$tmpImg = $_FILES["pp"]["tmp_name"];
|
||||
|
||||
checkAvatarSize($tmpImg);
|
||||
removeOldAvatar();
|
||||
if (getimagesize($tmpImg)["mime"] == "image/gif") {
|
||||
if ($_FILES["pp"]["size"] > 4000000) {
|
||||
throw new AngryAlert("Bestand is te groot, maximaal 4MB toegestaan.");
|
||||
@@ -205,6 +239,7 @@ function updateAvatar() {
|
||||
$scaledImg = scaleAvatar($tmpImg);
|
||||
imagepng($scaledImg, $profilePictureDir . $relativePath);
|
||||
}
|
||||
removeOldAvatar();
|
||||
setAvatarToDatabase("../" . $relativePath);
|
||||
throw new HappyAlert("Profielfoto veranderd.");
|
||||
}
|
||||
|
||||
@@ -35,6 +35,7 @@ function getUsername($userID) {
|
||||
function selectUser($me, $other) {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
`userID`,
|
||||
`username`,
|
||||
`birthdate`,
|
||||
`location`,
|
||||
@@ -94,7 +95,7 @@ function selectAllUserGroups($userID) {
|
||||
`group_page`.`groupID` = `group_member`.`groupID`
|
||||
WHERE
|
||||
`userID` = :userID AND
|
||||
`role` = 1
|
||||
`role` = 'member'
|
||||
");
|
||||
|
||||
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
|
||||
@@ -343,9 +344,10 @@ function searchSomeUsers($n, $m, $search) {
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
`username` LIKE :keyword OR
|
||||
(`username` LIKE :keyword OR
|
||||
`fname` LIKE :keyword OR
|
||||
`lname` LIKE :keyword
|
||||
`lname` LIKE :keyword) AND
|
||||
`role` != 'banned'
|
||||
ORDER BY
|
||||
`fname`,
|
||||
`lname`,
|
||||
|
||||
Reference in New Issue
Block a user