MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into hendrik-post

Browse Source
This commit is contained in:
Hendrik
2017-02-01 14:13:55 +01:00
parent 9b89058484 61fa0c3781
commit 7f31575bfc
117 changed files with 11735 additions and 414 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
website/public/API/adminChangeUser.php
View File

@@ -3,23 +3,29 @@ session_start();
require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php");
require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php");
require_once ("../../queries/user.php");
$userinfo = getRoleByID($_SESSION['userID']);
if (isset($_SESSION["userID"]) &&
(getRoleByID($_SESSION["userID"]) == 'admin' ||
getRoleByID($_SESSION["userID"]) == 'owner')) {
$userinfo = getRoleByID($_SESSION['userID']);
if (isset($_POST["actions"]) && isset($_POST["userID"])) {
changeUserStatusByID($_POST["userID"], $_POST["actions"]);
} else if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
} else if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
if ($userinfo == 'owner') {
changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
} else {
changeMultipleUserStatusByIDAdmin($_POST["checkbox-user"], $_POST["batchactions"]);
if (isset($_POST["actions"]) && isset($_POST["userID"])) {
changeUserStatusByID($_POST["userID"], $_POST["actions"]);
} else if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
} else if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
if ($userinfo == 'owner') {
changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
} else {
changeMultipleUserStatusByIDAdmin($_POST["checkbox-user"], $_POST["batchactions"]);
}
} else if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
} else if (isset($_POST['bancommentuserID']) && isset($_POST['bancommenttext'])) {
editBanCommentByID($_POST['bancommentuserID'], $_POST['bancommenttext']);
}
} else if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
} else if (isset($_POST['bancommentuserID']) && isset($_POST['bancommenttext'])) {
editBanCommentByID($_POST['bancommentuserID'], $_POST['bancommenttext']);
}
} else {
header('HTTP/1.0 403 Forbidden');
}

52
website/public/API/adminPageNumber.php
View File

@@ -7,32 +7,38 @@ require_once ("../../queries/checkInput.php");
require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php");
$search = "";
if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
}
if (isset($_SESSION["userID"]) &&
(getRoleByID($_SESSION["userID"]) == 'admin' ||
getRoleByID($_SESSION["userID"]) == 'owner')) {
$search = "";
if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
}
$pagetype = "user";
if (isset($_POST['pagetype'])) {
$pagetype = test_input($_POST['pagetype']);
}
$pagetype = "user";
if (isset($_POST['pagetype'])) {
$pagetype = test_input($_POST['pagetype']);
}
$status = array();
if (isset($_POST['status'])) {
$status = $_POST["status"];
}
$status = array();
if (isset($_POST['status'])) {
$status = $_POST["status"];
}
$groupstatus = array();
if (isset($_POST['groupstatus'])) {
$groupstatus = $_POST["groupstatus"];
}
$groupstatus = array();
if (isset($_POST['groupstatus'])) {
$groupstatus = $_POST["groupstatus"];
}
$entries = 20;
$currentpage = 1;
if (isset($_POST['currentpage'])) {
$currentpage = (int) test_input($_POST["currentpage"]);
}
$entries = 20;
$currentpage = 1;
if (isset($_POST['currentpage'])) {
$currentpage = (int) test_input($_POST["currentpage"]);
}
$offset = (int) $currentpage * $entries - $entries;
$offset = (int) $currentpage * $entries - $entries;
include ("../../views/adminpanel-page.php");
include ("../../views/adminpanel-page.php");
} else {
header('HTTP/1.0 403 Forbidden');
}

62
website/public/API/adminSearchUsers.php
View File

@@ -7,38 +7,44 @@ require_once ("../../queries/checkInput.php");
require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php");
$offset = 0;
$entries = 20;
if (isset($_POST["currentpage"])) {
$offset = (int) test_input($_POST["currentpage"]) * $entries - $entries;
}
if (isset($_SESSION["userID"]) &&
(getRoleByID($_SESSION["userID"]) == 'admin' ||
getRoleByID($_SESSION["userID"]) == 'owner')) {
$offset = 0;
$entries = 20;
if (isset($_POST["currentpage"])) {
$offset = (int)test_input($_POST["currentpage"]) * $entries - $entries;
}
$search = "";
if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
}
$search = "";
if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
}
$pagetype = "user";
if (isset($_POST['pagetype'])) {
$pagetype = test_input($_POST['pagetype']);
}
$pagetype = "user";
if (isset($_POST['pagetype'])) {
$pagetype = test_input($_POST['pagetype']);
}
$status = array();
if (isset($_POST['status'])) {
$status = $_POST["status"];
}
$status = array();
if (isset($_POST['status'])) {
$status = $_POST["status"];
}
$groupstatus = array();
if (isset($_POST['groupstatus'])) {
$groupstatus = $_POST["groupstatus"];
}
$groupstatus = array();
if (isset($_POST['groupstatus'])) {
$groupstatus = $_POST["groupstatus"];
}
$userinfo = getRoleByID($_SESSION['userID']);
$userinfo = getRoleByID($_SESSION['userID']);
if ($pagetype == "user") {
include ("../../views/adminpanel-table.php");
} else if ($pagetype == "group") {
include ("../../views/adminpanel-grouptable.php");
if ($pagetype == "user") {
include("../../views/adminpanel-table.php");
} else if ($pagetype == "group") {
include("../../views/adminpanel-grouptable.php");
} else {
echo "Search failed!";
}
} else {
echo "Search failed!";
}
header('HTTP/1.0 403 Forbidden');
}

41
website/public/API/editFriendship.php
View File

@@ -3,25 +3,32 @@
session_start();
require_once ("../../queries/friendship.php");
require_once("../../queries/user.php");
if(empty($_POST["usr"]) OR empty($_POST["action"]) OR !in_array($_POST["action"], array("request", "accept", "delete"))) {
header('HTTP/1.1 500 Non enough arguments');
}
$friendship_status = getFriendshipStatus($_POST["usr"]);
if($_POST["action"] == "request" AND $friendship_status == 0) {
if (!requestFriendship($_POST["usr"])) {
header('HTTP/1.1 500 Query (request) failed');
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'frozen' &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if (empty($_POST["usr"]) OR empty($_POST["action"]) OR !in_array($_POST["action"], array("request", "accept", "delete"))) {
header('HTTP/1.1 500 Non enough arguments');
}
} else if($_POST["action"] == "delete" AND in_array($friendship_status, array(1, 2, 3))) {
if (!removeFriendship($_POST["usr"])) {
header('HTTP/1.1 500 Query (delete) failed');
}
} else if ($_POST["action"] == "accept" AND $friendship_status == 3) {
if (!acceptFriendship($_POST["usr"])) {
header('HTTP/1.1 500 Query (accept) failed');
$friendship_status = getFriendshipStatus($_POST["usr"]);
if ($_POST["action"] == "request" AND $friendship_status == 0) {
if (!requestFriendship($_POST["usr"])) {
header('HTTP/1.1 500 Query (request) failed');
}
} else if ($_POST["action"] == "delete" AND in_array($friendship_status, array(1, 2, 3))) {
if (!removeFriendship($_POST["usr"])) {
header('HTTP/1.1 500 Query (delete) failed');
}
} else if ($_POST["action"] == "accept" AND $friendship_status == 3) {
if (!acceptFriendship($_POST["usr"])) {
header('HTTP/1.1 500 Query (accept) failed');
}
} else {
header('HTTP/1.1 500 Not the right friendship status');
}
} else {
header('HTTP/1.1 500 Not the right friendship status');
header('HTTP/1.0 403 Forbidden');
}

40
website/public/API/editMembership.php Normal file
View File

@@ -0,0 +1,40 @@
<?php
session_start();
if(empty($_POST["grp"]) or empty($_POST["role"])) {
header('HTTP/1.1 500 Non enough arguments');
}
if(in_array($_POST["role"], array('request', 'member', 'banned', 'mod', 'admin'))) {
header('HTTP/1.1 500 Wrong argument given for role');
}
require_once ("../../queries/group_member.php");
require_once ("../../queries/group_page.php");
require_once ("../../queries/group_member.php");
$currentRole = selectGroupRole($_POST["grp"]);
$groupStatus = selectGroupStatus($_POST["grp"]);
echo "role: $currentRole status: $groupStatus ";
if($_POST["role"] == 'request' and $currentRole == 'none') {
if($groupStatus = 'public') {
// Add member to public group
addMember($_POST["grp"], $_SESSION["userID"], 'member');
echo "ADDED";
} else if($groupStatus = 'membersonly') {
// Send request to members only group
addMember($_POST["grp"], $_SESSION["userID"], 'request');
} else {
// Can't invite yourself to hidden groups
header('HTTP/1.1 500 This group is hidden');
}
header('HTTP/1.1 200');
} else if($_POST["role"] == 'none' and $currentRole != 'none') {
// Remove yourself from a group
deleteMember($_POST["grp"], $_SESSION["userID"]);
} else {
echo "failure";
header('HTTP/1.1 500 Wrong argument given for role');
}

22
website/public/API/getFriendshipStatus.php
View File

@@ -10,15 +10,21 @@
session_start();
require_once ("../../queries/friendship.php");
require_once("../../queries/user.php");
if(empty($_POST["usr"])) {
header('HTTP/1.1 500 Non enough arguments');
}
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if (empty($_POST["usr"])) {
header('HTTP/1.1 500 Non enough arguments');
}
$friendship_status = getFriendshipStatus($_POST["usr"]);
$friendship_status = getFriendshipStatus($_POST["usr"]);
if($friendship_status == -2) {
header('HTTP/1.1 500 Query failed');
}
if ($friendship_status == -2) {
header('HTTP/1.1 500 Query failed');
}
echo $friendship_status;
echo $friendship_status;
} else {
header('HTTP/1.0 403 Forbidden');
}

12
website/public/API/getGrouprole.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
session_start();
if(empty($_POST["grp"])) {
header('HTTP/1.1 500 Non enough arguments');
}
require_once("../../queries/group_page.php");
echo selectGroupRole($_POST["grp"]);

37
website/public/API/getPosts.php
View File

@@ -7,24 +7,31 @@ if(!isset($_POST["usr"]) and !isset($_POST["grp"])) {
header('HTTP/1.1 500 Not enough arguments');
}
session_start();
require_once ("../../queries/post.php");
require_once ("../../queries/nicetime.php");
require_once("../../queries/user.php");
if(empty($_POST["usr"])) {
$posts = selectSomePosts(0, $_POST["grp"], $_POST["offset"], $_POST["limit"]);
} else {
$posts = selectSomePosts($_POST["usr"], 0, $_POST["offset"], $_POST["limit"]);
}
if(!$posts) {
echo false;
} else {
$results = $posts->fetchAll(PDO::FETCH_ASSOC);
for($i = 0; $i < sizeof($results); $i++) {
$results[$i]["nicetime"] = nicetime($results[$i]["creationdate"]);
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if(empty($_POST["usr"])) {
$posts = selectSomePosts(0, $_POST["grp"], $_POST["offset"], $_POST["limit"]);
} else {
$posts = selectSomePosts($_POST["usr"], 0, $_POST["offset"], $_POST["limit"]);
}
echo json_encode($results);
}
if(!$posts) {
echo false;
} else {
$results = $posts->fetchAll(PDO::FETCH_ASSOC);
for($i = 0; $i < sizeof($results); $i++) {
$results[$i]["nicetime"] = nicetime($results[$i]["creationdate"]);
}
echo json_encode($results);
}
} else {
header('HTTP/1.0 403 Forbidden');
}

8
website/public/API/loadChatNotifications.php
View File

@@ -4,5 +4,11 @@ session_start();
require_once ("../../queries/connect.php");
require_once ("../../queries/private_message.php");
require_once("../../queries/user.php");
echo selectAllUnreadChat();
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
echo selectAllUnreadChat();
} else {
header('HTTP/1.0 403 Forbidden');
}

2
website/public/API/loadFriendRequest.php
View File

@@ -11,5 +11,5 @@ if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
echo selectAllFriendRequests();
} else {
echo "[]";
header('HTTP/1.0 403 Forbidden');
}

20
website/public/API/loadFriends.php
View File

@@ -5,16 +5,22 @@ session_start();
require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php");
require_once ("../../queries/friendship.php");
require_once("../../queries/user.php");
if (isset($_SESSION["userID"])) {
if (isset($_POST["limit"])) {
echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_POST["limit"]));
} else if (isset($_GET["limit"])) {
echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_GET["limit"]));
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if (isset($_SESSION["userID"])) {
if (isset($_POST["limit"])) {
echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_POST["limit"]));
} else if (isset($_GET["limit"])) {
echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_GET["limit"]));
} else {
echo selectFriends($_SESSION["userID"]);
}
} else {
echo selectFriends($_SESSION["userID"]);
echo "[]";
}
} else {
echo "[]";
header('HTTP/1.0 403 Forbidden');
}

16
website/public/API/loadGroups.php
View File

@@ -6,9 +6,15 @@ require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php");
require_once ("../../queries/group_member.php");
if (isset($_POST["limit"])) {
echo selectLimitedGroupsFromUser($_SESSION["userID"], (int) test_input($_POST["limit"]));
} else {
echo selectAllGroupsFromUser($_SESSION["userID"]);
}
require_once("../../queries/user.php");
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if (isset($_POST["limit"])) {
echo selectLimitedGroupsFromUser($_SESSION["userID"], (int)test_input($_POST["limit"]));
} else {
echo selectAllGroupsFromUser($_SESSION["userID"]);
}
} else {
header('HTTP/1.0 403 Forbidden');
}

16
website/public/API/loadMessages.php
View File

@@ -6,11 +6,17 @@ require_once("../../queries/connect.php");
require_once("../../queries/private_message.php");
require_once("../../queries/checkInput.php");
require_once("../../queries/friendship.php");
require_once("../../queries/user.php");
if (isset($_POST["lastID"]) && $_POST["lastID"] != "") {
setLastVisited(test_input($_POST["destination"]));
echo getNewChatMessages(test_input($_POST["lastID"]), test_input($_POST["destination"]));
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if (isset($_POST["lastID"]) && $_POST["lastID"] != "") {
setLastVisited(test_input($_POST["destination"]));
echo getNewChatMessages(test_input($_POST["lastID"]), test_input($_POST["destination"]));
} else {
setLastVisited(test_input($_POST["destination"]));
echo getOldChatMessages(test_input($_POST["destination"]));
}
} else {
setLastVisited(test_input($_POST["destination"]));
echo getOldChatMessages(test_input($_POST["destination"]));
header('HTTP/1.0 403 Forbidden');
}

15
website/public/API/loadPost.php
View File

@@ -1,12 +1,21 @@
<?php
session_start();
require_once("../../queries/connect.php");
require_once("../../queries/post.php");
require_once("../../queries/checkInput.php");
require_once("../../queries/nicetime.php");
if(isset($_GET['postID'])) {
include("../../views/post-view.php");
require_once("../../queries/user.php");
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if (isset($_GET['postID'])) {
include("../../views/post-view.php");
} else {
echo "Kan de post niet laden";
}
} else {
echo "Failed to load";
header('HTTP/1.0 403 Forbidden');
}

41
website/public/API/nietSlecht.php
View File

@@ -1,41 +0,0 @@
<?php
session_start();
require_once ("../queries/connect.php");
require_once ("../queries/checkInput.php");
function getNietSlechtCountForPost(int $postID) : int {
$stmt = prepareQuery("
SELECT
`userID`
FROM
`niet_slecht`
WHERE
`postID` = :postID
");
$stmt->bindParam(":postID", $postID);
$stmt->execute();
return $stmt->rowCount();
}
function getNietSlechtUsersForPost(int $postID) {
$stmt = prepareQuery("
SELECT
`fname`,
`lname`,
CONCAT(`user`.`fname`, ' ', `user`.`lname`) as `fullname`
FROM
`user`
INNER JOIN
`niet_slecht`
WHERE
`user`.`userID` = `niet_slecht`.`userID` AND
`niet_slecht`.`postID` = :postID
");
$stmt->bindParam(":postID", $postID);
$stmt->execute();
$rows = $stmt->fetchAll();
foreach ($rows as $row) {
print($row["fullname"]);
}
}

74
website/public/API/postPost.php
View File

@@ -6,49 +6,43 @@ require_once("../../queries/post.php");
require_once("../../queries/group_page.php");
require_once("../../queries/connect.php");
require_once("../../queries/checkInput.php");
require_once("../../queries/user.php");
if (empty($_POST["title"]) or
empty($_POST["content"]) or
empty($_SESSION["userID"])) {
header('HTTP/1.1 500 Non enough arguments');
}
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'frozen' &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if (empty($_POST["group"])) {
// User Post
makePost(
$_SESSION["userID"],
null,
test_input($_POST["title"]),
test_input($_POST["content"])
);
} else {
// Group Post
// Check if the user is an admin or mod of the group.
if(!in_array(selectGroupRole($_POST["group"]), array('mod', 'admin'))) {
header('HTTP/1.1 500 Non enough rights');
return;
if (empty($_POST["title"]) or
empty($_POST["content"]) or
empty($_SESSION["userID"])
) {
header('HTTP/1.1 500 Non enough arguments');
}
makePost(
$_SESSION["userID"],
$_POST["group"],
test_input($_POST["title"]),
test_input($_POST["content"])
);
}
if (empty($_POST["group"])) {
// User Post
makePost(
$_SESSION["userID"],
null,
test_input($_POST["title"]),
test_input($_POST["content"])
);
} else {
// Group Post
// Check if the user is an admin or mod of the group.
if (!in_array(selectGroupRole($_POST["group"]), array('mod', 'admin'))) {
header('HTTP/1.1 500 Non enough rights');
return;
}
//if (empty($_POST['newpost-title'])) {
//} else {
// makePost($_SESSION['userID'],
// null,
// test_input($_POST['newpost-title']),
// test_input($_POST['newpost-content']));
//}
//
//header("Location: ../profile.php");
makePost(
$_SESSION["userID"],
$_POST["group"],
test_input($_POST["title"]),
test_input($_POST["content"])
);
}
} else {
echo "frozen";
}

39
website/public/API/searchGroups.php
View File

@@ -7,22 +7,29 @@ require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php");
require_once ("../../queries/group_member.php");
require_once ("../../queries/group_page.php");
require_once ("../../queries/user.php");
$n = 0;
if (isset($_POST["n"])) {
$n = (int) test_input($_POST["n"]);
}
$m = 20;
if (isset($_POST["m"])) {
$m = (int) test_input($_POST["m"]);
}
$search = "";
if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
}
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if (isset($_POST["filter"]) && $_POST["filter"] == "personal") {
echo searchSomeOwnGroups($n, $m, $search);
$n = 0;
if (isset($_POST["n"])) {
$n = (int)test_input($_POST["n"]);
}
$m = 20;
if (isset($_POST["m"])) {
$m = (int)test_input($_POST["m"]);
}
$search = "";
if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
}
if (isset($_POST["filter"]) && $_POST["filter"] == "personal") {
echo searchSomeOwnGroups($n, $m, $search);
} else {
echo searchSomeGroups($n, $m, $search);
}
} else {
echo searchSomeGroups($n, $m, $search);
}
header('HTTP/1.0 403 Forbidden');
}

56
website/public/API/searchPageNumber.php
View File

@@ -7,35 +7,41 @@ require_once ("../../queries/checkInput.php");
require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php");
$user_perpage = $group_perpage = 20;
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
$user_currentpage = $group_currentpage = 1;
if (isset($_POST['user-pageselect'])) {
$user_currentpage = test_input($_POST['user-pageselect']);
}
if (isset($_POST['group-pageselect'])) {
$group_currentpage = test_input($_POST['group-pageselect']);
}
$user_perpage = $group_perpage = 20;
$user_n = $user_currentpage * $user_perpage - $user_perpage;
$group_n = $group_currentpage * $group_perpage - $group_perpage;
$user_currentpage = $group_currentpage = 1;
if (isset($_POST['user-pageselect'])) {
$user_currentpage = test_input($_POST['user-pageselect']);
}
if (isset($_POST['group-pageselect'])) {
$group_currentpage = test_input($_POST['group-pageselect']);
}
$search = "";
if (isset($_POST['search'])) {
$search = test_input($_POST['search']);
}
$user_n = $user_currentpage * $user_perpage - $user_perpage;
$group_n = $group_currentpage * $group_perpage - $group_perpage;
$user_count = countSomeUsers($search)->fetchColumn();
$group_count = countSomeGroups($search)->fetchColumn();
$search = "";
if (isset($_POST['search'])) {
$search = test_input($_POST['search']);
}
$filter = "all";
if (isset($_POST['filter'])) {
$filter = test_input($_POST['filter']);
}
$user_count = countSomeUsers($search)->fetchColumn();
$group_count = countSomeGroups($search)->fetchColumn();
$option = "user";
if (isset($_POST['option'])) {
$option = test_input($_POST['option']);
}
$filter = "all";
if (isset($_POST['filter'])) {
$filter = test_input($_POST['filter']);
}
include ("../../views/searchPageNumber.php");
$option = "user";
if (isset($_POST['option'])) {
$option = test_input($_POST['option']);
}
include("../../views/searchPageNumber.php");
} else {
header('HTTP/1.0 403 Forbidden');
}

36
website/public/API/searchUsers.php
View File

@@ -7,23 +7,29 @@ require_once ("../../queries/checkInput.php");
require_once ("../../queries/friendship.php");
require_once ("../../queries/user.php");
$n = 0;
$m = 20;
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
$page = 1;
if (isset($_POST["user-pageselect"])) {
$page = (int) test_input($_POST['user-pageselect']);
}
$n = 0;
$m = 20;
$n = ($page - 1) * $m;
$page = 1;
if (isset($_POST["user-pageselect"])) {
$page = (int)test_input($_POST['user-pageselect']);
}
$search = "";
if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
}
$n = ($page - 1) * $m;
if (isset($_POST["filter"]) && $_POST["filter"] == "personal") {
echo searchSomeFriends($n, $m, $search);
$search = "";
if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
}
if (isset($_POST["filter"]) && $_POST["filter"] == "personal") {
echo searchSomeFriends($n, $m, $search);
} else {
echo searchSomeUsers($n, $m, $search);
}
} else {
echo searchSomeUsers($n, $m, $search);
}
header('HTTP/1.0 403 Forbidden');
}

71
website/public/fb-callback.php Normal file
View File

@@ -0,0 +1,71 @@
<?php
$fb = new Facebook\Facebook([
'app_id' => $appID, // Replace {app-id} with your app id
'app_secret' => $appSecret,
'default_graph_version' => 'v2.2',
]);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (! isset($accessToken)) {
if ($helper->getError()) {
header('HTTP/1.0 401 Unauthorized');
echo "Error: " . $helper->getError() . "\n";
echo "Error Code: " . $helper->getErrorCode() . "\n";
echo "Error Reason: " . $helper->getErrorReason() . "\n";
echo "Error Description: " . $helper->getErrorDescription() . "\n";
} else {
header('HTTP/1.0 400 Bad Request');
echo 'Bad request';
}
exit;
}
// Logged in
echo '<h3>Access Token</h3>';
var_dump($accessToken->getValue());
// The OAuth 2.0 client handler helps us manage access tokens
$oAuth2Client = $fb->getOAuth2Client();
// Get the access token metadata from /debug_token
$tokenMetadata = $oAuth2Client->debugToken($accessToken);
echo '<h3>Metadata</h3>';
var_dump($tokenMetadata);
// Validation (these will throw FacebookSDKException's when they fail)
$tokenMetadata->validateAppId($appID); // Replace {app-id} with your app id
// If you know the user ID this access token belongs to, you can validate it here
//$tokenMetadata->validateUserId('123');
$tokenMetadata->validateExpiration();
if (! $accessToken->isLongLived()) {
// Exchanges a short-lived access token for a long-lived one
try {
$accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
} catch (Facebook\Exceptions\FacebookSDKException $e) {
echo "<p>Error getting long-lived access token: " . $helper->getMessage() . "</p>\n\n";
exit;
}
echo '<h3>Long-lived</h3>';
var_dump($accessToken->getValue());
}
$_SESSION['fb_access_token'] = (string) $accessToken;
// User is logged in with a long-lived access token.
// You can redirect them to a members-only page.
//header('Location: https://example.com/members.php');

68
website/public/fbRegister.php Normal file
View File

@@ -0,0 +1,68 @@
<?php
try{
$fbUsername = str_replace(' ', '', test_input(($_POST["fbUsername"])));
checkInputChoice($fbUsername, "fbUsername");
} catch(usernameException $e){
$fbCorrect = false;
$fbUsernameErr = $e->getMessage();
}
try{
$fbPassword = str_replace(' ', '', test_input(($_POST["fbPassword"])));
checkInputChoice($fbPassword, "longerEight");
matchfbPassword();
} catch(passwordException $e){
$fbCorrect = false;
$fbPasswordErr = $e->getMessage();
} catch(fbConfirmPasswordException $e){
$fbCorrect = false;
$fbConfirmpasswordErr = $e->getMessage();
}
try{
$fbName = test_input(($_POST["fbName"]));
checkInputChoice($fbName, "lettersAndSpaces");
} catch(lettersAndSpacesException $e){
$fbCorrect = false;
}
try {
$fbSurname = test_input(($_POST["fbSurname"]));
checkInputChoice($fbSurname, "lettersAndSpaces");
}
catch(lettersAndSpacesException $e){
$fbCorrect = false;
}
try {
$fbDay_date = test_input(($_POST["fbDay_date"]));
$fbMonth_date = test_input(($_POST["fbMonth_date"]));
$fbYear_date = test_input(($_POST["fbYear_date"]));
$fbBday = $fbYear_date . "-" . $fbMonth_date . "-" . $fbDay_date;
checkInputChoice($fbBday, "bday");
} catch (bdayException $e) {
$fbBdayErr = $e->getMessage();
$fbCorrect = false;
}
try{
$fbEmail = test_input(($_POST["fbEmail"]));
checkInputChoice($fbEmail, "fbEmail");
} catch(emailException $e){
$fbCorrect = false;
$fbEmailErr = $e->getMessage();
}
$fbUserID = test_input(($_POST["fbUserID"]));
try {
fbRegisterCheck($fbCorrect);
} catch(registerException $e){
echo "<script>
window.onload = function() {
$('#fbModal').show();
}
</script>";
$fbRegisterErr = $e->getMessage();
}

3
website/public/group.php
View File

@@ -40,12 +40,15 @@ if ($group["role"] == "mod" OR $group["role"] == "admin") {
?>
<script src="js/masonry.js"></script>
<script src="js/groupButtons.js"></script>
<script src="js/post.js"></script>
<script>
$(document).ready(function() {
userID = 0;
groupID = <?= $group["groupID"] ?>;
placeGroupButtons();
masonry(<?= $masonry_mode ?>);
});
</script>

3
website/public/js/admin.js
View File

@@ -17,12 +17,10 @@ $(window).on("load", function () {
because serialize doesn't take submit values. */
$('#admin-batchform > button').click(function () {
$('#batchinput').prop('value', $(this).prop('value'));
console.log($('#batchinput').prop('value'));
});
$('#admin-groupbatchform > button').click(function () {
$('#groupbatchinput').prop('value', $(this).prop('value'));
console.log($('#batchinput').prop('value'));
});
});
@@ -67,7 +65,6 @@ function searchFromOne() {
}
function adminSearch() {
console.log($("#admin-searchform").serialize());
$.post(
"API/adminSearchUsers.php",
$("#admin-searchform").serialize()

20
website/public/js/chat.js
View File

@@ -47,7 +47,7 @@ function addMessages(messages) {
var messagesText = "";
for(var i in messages) {
// Initialize message variables
var thisDate = new Date(messages[i].creationdate);
var thisDate = new Date(messages[i].creationdate.replace(/ /,"T"));
var thisTime = thisDate.getHours() + ":" + thisDate.getMinutes();
var type;
thisDate.setHours(0,0,0,0);
@@ -58,17 +58,15 @@ function addMessages(messages) {
type = "chat-message-other";
}
if (i == 0) {
if (thisDate > previousDate) {
previousDate = thisDate;
messagesText += '\
<div class="day-message"> \
<div class="day-message-content">\
' + days[thisDate.getDay()] + " " + thisDate.getDate() + " " + months[thisDate.getMonth()] + " " + thisDate.getFullYear() + '\
</div> \
</div>';
}
previousDate = thisDate;
messagesText += '\
<div class="day-message"> \
<div class="day-message-content">\
' + days[thisDate.getDay()] + " " + thisDate.getDate() + " " + months[thisDate.getMonth()] + " " + thisDate.getFullYear() + '\
</div> \
</div>';
messagesText += '<div class="chat-message"><div class="' + type + '">';
} else if (type != previousType || thisTime != previousTime || thisDate > previousDate) {
} else if (type != previousType || thisTime != previousTime || thisDate.getTime() > previousDate.getTime()) {
messagesText += '<div class="chat-time">\
' + thisTime + '\
</div></div></div>';

34
website/public/js/groupButtons.js Normal file
View File

@@ -0,0 +1,34 @@
function placeGroupButtons() {
$.post("API/getGrouprole.php", { grp: groupID })
.done(function(data) {
var $buttonContainer = $("div.group-button-container");
if(data == 'none') {
$buttonContainer.append(
"<button class='green group-button' value='request'>" +
"<i class='fa fa-plus'></i> Voeg toe" +
"</button>");
} else if(data == 'request') {
$buttonContainer.append(
"<button class='red group-button' value='none'>" +
"<i class='fa fa-times'></i> Trek verzoek in" +
"</button>");
} else {
$buttonContainer.append(
"<button class='red group-button' value='none'>" +
"<i class='fa fa-times'></i> Verlaat groep" +
"</button>");
}
$buttonContainer.children().click(function() {
$.post("API/editMembership.php", { grp: groupID, role: this.value })
.done(function() {
$buttonContainer.children().remove();
placeGroupButtons();
updateMenus();
}).fail(function() {
});
});
});
}

68
website/public/js/header.js
View File

@@ -1,40 +1,52 @@
$(document).ready(function() {
// Toggle menu
$("#own-profile-picture, #open-notifications").click(function() {
if ($("#notification-center").css('display') == "none") {
// Make the menu visible and move the content to the left.
$(".modal").width("calc(100% - 512px)");
$(".content").css("margin-right", "256px");
$("#notification-center").css("right", "0px");
$("#notification-center").css("display", "block");
$("#contact-menu").css("display", "block");
if ($("#notification-center").css('display') == "none") {
// Make the menu visible and move the content to the left.
$(".modal").width("calc(100% - 512px)");
$(".content").css("margin-right", "256px");
$("#notification-center").css("right", "0px");
$("#notification-center").css("display", "block");
$("#contact-menu").css("display", "block");
// Add cookie so the menu stays open on other pages
if (window.innerWidth > 1080) {
$("#chat-history").width("calc(100% - 587px)");
document.cookie = "menu=open; path=/";
} else {
document.cookie = "menu=closed; path=/";
}
// Add cookie so the menu stays open on other pages
if (window.innerWidth > 1080) {
$("#chat-history").width("calc(100% - 587px)");
document.cookie = "menu=open; path=/";
} else {
$(".modal").width("calc(100% - 256px)");
$(".content").css("margin-right", "0px");
$("#notification-center").css("display", "none");
if (window.innerWidth > 1080) {
$("#chat-history").width("calc(100% - 331px)");
} else {
// Make the menu invisible and move the content to the right.
$("#contact-menu").css("display", "none");
}
// Change menu cookie to close
document.cookie = "menu=closed; path=/";
}
} else {
$(".modal").width("calc(100% - 256px)");
$(".content").css("margin-right", "0px");
$("#notification-center").css("display", "none");
if (window.innerWidth > 1080) {
$("#chat-history").width("calc(100% - 331px)");
} else {
// Make the menu invisible and move the content to the right.
$("#contact-menu").css("display", "none");
}
// Change menu cookie to close
document.cookie = "menu=closed; path=/";
}
});
if (getCookie("menu") == "open") {
$("#own-profile-picture").click();
// Make the menu visible and move the content to the left.
$(".modal").width("calc(100% - 512px)");
$(".content").css("margin-right", "256px");
$("#notification-center").css("right", "0px");
$("#notification-center").css("display", "block");
$("#contact-menu").css("display", "block");
// Add cookie so the menu stays open on other pages
if (window.innerWidth > 1080) {
$("#chat-history").width("calc(100% - 587px)");
document.cookie = "menu=open; path=/";
} else {
document.cookie = "menu=closed; path=/";
}
}
});

1
website/public/js/main.js
View File

@@ -53,6 +53,7 @@ function editFriendship(userID, value) {
$.post("API/editFriendship.php", { usr: userID, action: value })
.done(function() {
placeFriendButtons();
updateMenus();
});
}

21
website/public/js/menu.js
View File

@@ -2,23 +2,28 @@ var menuFriendsData;
var menuGroupsData;
var notificationMessagesData;
var notificationRequestsData;
var updatingMenus = 0;
// On document load, load menus and loops loading menus every 10 seconds.
$(document).ready(function() {
updatingMenus = 4;
loadMenuFriends(5);
loadNotificationFriends();
loadUnreadMessages();
loadMenuGroups();
setInterval(updateMenus, 3000);
setInterval(updateMenus, 10000);
});
// Update the menu and notification items.
function updateMenus() {
loadMenuFriends(5);
loadNotificationFriends();
loadUnreadMessages();
loadMenuGroups();
if (updatingMenus <= 0) {
updatingMenus = 4;
loadMenuFriends(5);
loadNotificationFriends();
loadUnreadMessages();
loadMenuGroups();
}
}
@@ -38,6 +43,7 @@ function loadMenuFriends(limit) {
$("#friends-menu-section").hide();
}
}
updatingMenus --;
});
}
@@ -57,6 +63,7 @@ function loadMenuGroups() {
$("#groups-menu-section").hide();
}
}
updatingMenus --;
});
}
@@ -73,6 +80,7 @@ function loadNotificationFriends() {
$("#friend-request-section").hide();
}
}
updatingMenus --;
});
}
@@ -89,5 +97,6 @@ function loadUnreadMessages() {
$("#unread-messages-section").hide();
}
}
updatingMenus --;
});
}

10
website/public/js/registerAndLogin.js
View File

@@ -1,15 +1,23 @@
function checkLoggedIn() {
if (confirm("U bent al ingelogd!!\nWilt u uitloggen?\nKlik ok om uit te loggen.") == true) {
if (confirm("U bent al ingelogd!\nWilt u uitloggen?\nKlik ok om uit te loggen.") == true) {
window.location.href = "logout.php";
} else {
window.location.href = "profile.php";
}
}
function emailAlert(){
alert("Bevestigingsemail is gestuurd!\n");
}
function bannedAlert(){
alert("Uw account is geband!");
}
function frozenAlert(){
alert("Uw account is bevroren!\n");
}
function emailNotConfirmed(){
alert("Uw account is nog niet bevestigd!\nEr is een nieuwe email gestuurd om uw account te bevestigen");
}

43
website/public/login.php
View File

@@ -8,56 +8,21 @@
include_once("../queries/emailconfirm.php");
include_once("../queries/requestpassword.php");
include_once("../queries/register.php");
require_once("../queries/Facebook/autoload.php");
?>
<body>
<?php
session_start();
// Checks if there's an user already logged in
if(isset($_SESSION["userID"])){
echo "<script>
window.onload=checkLoggedIn();
</script>";
}
include("../views/homeLoginRegister.php");
// define variables and set to empty values
$name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $confirmEmail = $captcha = $ip = "";
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $confirmEmailErr = $captchaErr = "";
$correct = true;
$day_date = "dag";
$month_date = "maand";
$year_date = "jaar";
// Define variables and set to empty values
$user = $psw = $remember ="";
$loginErr = $resetErr ="";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
switch ($_POST["submit"]) {
case "login":
try {
$user = ($_POST["user"]);
validateLogin($_POST["user"], $_POST["psw"]);
} catch(loginException $e) {
$loginErr = $e->getMessage();
}
break;
case "reset":
try {
resetEmail($_POST["forgotEmail"]);
sendPasswordRecovery($_POST["forgotEmail"]);
} catch (emailException $e){
$resetErr = $e->getMessage();
echo "<script>
window.onload = function() {
$('#myModal').show();
}
</script>";
}
break;
case "register":
include("register.php");
}
}
/* This view adds login view */
include("../views/login-view.php");
?>

12
website/public/register.php
View File

@@ -50,7 +50,7 @@
try{
$location = test_input(($_POST["location"]));
checkInputChoice($location, "lettersAndSpaces");
checkInputChoice($location, "");
} catch(lettersAndSpacesException $e){
$correct = false;
$locationErr = $e->getMessage();
@@ -80,12 +80,12 @@
try {
getIp();
registerCheck($correct);
sendConfirmEmailUsername($username);
sendConfirmEmail(getUserID()["userID"]);
} catch(registerException $e){
echo "<script>
window.onload = function() {
$('#registerModal').show();
}
</script>";
window.onload = function() {
$('#registerModal').show();
}
</script>";
$genericErr = $e->getMessage();
}

5
website/public/styles/chat.css
View File

@@ -22,6 +22,7 @@ body {
height: calc(100% - 100px);
display: inline-block;
float: left;
overflow-y: auto;
}
@@ -31,12 +32,14 @@ body {
overflow-y: auto;
overflow-x: hidden;
width: calc(100% - 256px - 75px);
width: calc(100% - 256px - 85px);
height: calc(100% - 80px);
margin-right: 10px;
padding: 10px;
display: inline-block;
float: right;
word-wrap: break-word;
}

18
website/public/styles/index.css
View File

@@ -10,6 +10,19 @@ a.button {
}
a.fbButton {
background-color: #3B5998;
border-radius: 5px;
color: black;
cursor: pointer;
padding: 8px 20px;
font-family: Arial;
font-size: 22px;
color: white;
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
}
/* Body */
body {
height: 100%;
@@ -28,7 +41,7 @@ body {
form {
/*background-color: #a87a87;*/
border-radius: 12px;
height: 85%;
height: 80%;
margin: auto;
width: 600px;
overflow-y: auto;
@@ -154,7 +167,7 @@ ul {
display: none; /* Hidden by default */
position: fixed; /* Stay in place */
z-index: 1; /* Sit on top */
padding-top: 30px; /* Location of the box */
padding-top: 75px; /* Location of the box */
left: 0;
top: 0;
width: 100%; /* Full width */
@@ -216,6 +229,7 @@ ul {
}
.modal-footer {
padding: 2px 8px;
background-color: #FBC02D;
color: black;
}

1
website/public/styles/main.css
View File

@@ -102,6 +102,7 @@ p {
.group-picture {
border-radius: 5px;
border: none;
}
.item-box, .item-box-full-width {

16
website/public/styles/profile.css
View File

@@ -18,7 +18,7 @@
display: inline-block;
}
.friend-button-container button, .status-buttons-container button {
.friend-button-container button, .status-buttons-container button, .group-button-container button {
display: block;
margin: 7px 0;
@@ -27,6 +27,10 @@
font-size: 18px;
}
.group-button-container button {
float: right;
}
.empty-button {
background: none;
cursor: auto;
@@ -51,8 +55,18 @@
width: 150px;
height: 150px;
margin-bottom: -45px;
object-fit: cover;
vertical-align: middle;
}
.group-picture {
border: none;
margin-bottom: 0;
margin-right: 15px;
}
/* Old */
.profile-box h1.profile-username {