MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into kevin-prototype

Browse Source
This commit is contained in:
K. Nobel
2017-01-18 16:20:15 +01:00
parent 3ee5488a88 fddeba821d
commit 880db2d325
34 changed files with 1683 additions and 570 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
website/queries/connect.php
View File

@@ -5,9 +5,7 @@ if ($dbconf === FALSE) {
die("Error parsing XML file");
}
else {
$db = new PDO("mysql:host=$dbconf->mysql_host;dbname=$dbconf->mysql_database;charset=utf8",
$GLOBALS["db"] = new PDO("mysql:host=$dbconf->mysql_host;dbname=$dbconf->mysql_database;charset=utf8",
"$dbconf->mysql_username", "$dbconf->mysql_password")
or die('Error connecting to mysql server');
}
?>
}

21
website/queries/group_member.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
function selectAllGroupsFromUser($db, $userID) {
return $db->query("
SELECT
`group_page`.`name`,
`group_page`.`picture`
FROM
`group_page`
INNER JOIN
`group_member`
WHERE
`group_member`.`userID` = $userID AND
`group_member`.`groupID` = `group_page`.`groupID` AND
`group_page`.`status` != 0
");
}
?>

99
website/queries/group_page.php Normal file
View File

@@ -0,0 +1,99 @@
<?php
function selectGroupById($db, $groupID) {
return $db->query("
SELECT
`group_page`.`name`,
`group_page`.`picture`,
`group_page`.`description`,
`group_page`.`status`,
`group_page`.`creationdate`
FROM
`group_page`
WHERE
`group_page`.`groupID` = $groupID
");
}
function select20GroupsFromN($db, $n) {
return $db->query("
SELECT
`group_page`.`groupID`,
`group_page`.`name`,
`group_page`.`picture`,
`group_page`.`description`,
`group_page`.`status`,
`group_page`.`creationdate`
FROM
`group_page`
ORDER BY
`group_page`.`name` ASC
LIMIT
$n, 20
");
}
function select20GroupsByStatusFromN($db, $n, $status) {
return $db->query("
SELECT
`group_page`.`groupID`,
`group_page`.`name`,
`group_page`.`picture`,
`group_page`.`description`,
`group_page`.`status`,
`group_page`.`creationdate`
FROM
`group_page`
WHERE
`group_page`.`status` = $status
ORDER BY
`group_page`.`name` ASC
LIMIT
$n, 20
");
}
function search20GroupsFromNByStatus($db, $n, $keyword, $status) {
$q = $db->prepare("
SELECT
`groupID`,
`name`,
`status`,
`description`
FROM
`group_page`
WHERE
`name` LIKE :keyword AND
FIND_IN_SET (`status`, :statuses)
ORDER BY
`name`
LIMIT
:n, 20
");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$q->bindParam(':n', $n, PDO::PARAM_INT);
$statuses = implode(',', $status);
$q->bindParam(':statuses', $statuses);
$q->execute();
return $q;
}
function changeGroupStatusByID($db, $id, $status) {
$q = $db->query("
UPDATE
`group_page`
SET
`status` = $status
WHERE
`groupID` = $id
");
return $q;
}
?>

19
website/queries/login.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
function hashPassword() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`password`,
`userID`
FROM
`user`
WHERE
`username` LIKE :username
");
$stmt->bindParam(":username", $_POST["uname"]);
$stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC);
}
?>

85
website/queries/private_message.php Normal file
View File

@@ -0,0 +1,85 @@
<?php
include_once("connect.php");
session_start();
function getOldChatMessages($user2ID) {
$db = $GLOBALS["db"];
$user1ID = $_SESSION["userID"];
$stmt = $db->prepare("
SELECT
*
FROM
`private_message`
WHERE
`origin` = :user1 AND
`destination` = :user2 OR
`origin` = :user2 AND
`destination` = :user1
ORDER BY
`messageID` ASC
");
$stmt->bindParam(":user1", $user1ID);
$stmt->bindParam(":user2", $user2ID);
$stmt->execute();
return json_encode($stmt->fetchAll());
}
function sendMessage($destination, $content) {
$db = $GLOBALS["db"];
$stmt = $db->prepare("
INSERT INTO
`private_message`
(
`origin`,
`destination`,
`content`
)
VALUES
(
:origin,
:destination,
:content
)
");
return $stmt->execute(array(
"origin" => $_SESSION["userID"],
"destination" => $destination,
"content" => $content
));
}
function getNewChatMessages($lastID, $destination) {
$db = $GLOBALS["db"];
$origin = $_SESSION["userID"];
$stmt = $db->prepare("
SELECT
*
FROM
`private_message`
WHERE
(
`origin` = :user1 AND
`destination` = :user2 OR
`origin` = :user2 AND
`destination` = :user1) AND
`messageID` > :lastID
ORDER BY
`messageID` ASC
");
$stmt->bindParam(':user1', $origin);
$stmt->bindParam(':user2', $destination);
$stmt->bindParam(':lastID', $lastID);
$stmt->execute();
return json_encode($stmt->fetchAll());
}

68
website/queries/register.php Normal file
View File

@@ -0,0 +1,68 @@
<?php
function getExistingUsername() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`
FROM
`user`
WHERE
`username` LIKE :username
");
$stmt->bindParam(":username", $_POST["username"]);
$stmt->execute();
return $stmt->rowCount();
}
function getExistingEmail() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`email`
FROM
`user`
WHERE
`email` LIKE :email
");
$stmt->bindParam(":email", $_POST["email"]);
$stmt->execute();
return $stmt->rowCount();
}
function registerAccount() {
$stmt = $GLOBALS["db"]->prepare("
INSERT INTO
`user`(fname,
lname,
birthdate,
username,
password,
location,
email)
VALUES(
:fname,
:lname,
:bday,
:username,
:password,
:location,
:email
)");
$hash=password_hash($_POST["password"].(strtolower($_POST["username"])), PASSWORD_DEFAULT);
$stmt->bindParam(":fname", $_POST["name"]);
$stmt->bindParam(":lname", $_POST["surname"]);
$stmt->bindParam(":bday", $_POST["bday"]);
$stmt->bindParam(":username", $_POST["username"]);
$stmt->bindParam(":password", $hash);
$stmt->bindParam(":location", $_POST["location"]);
$stmt->bindParam(":email", (strtolower($_POST["email"])));
$stmt->execute();
$stmt->rowCount();
}
?>

109
website/queries/settings.php Normal file
View File

@@ -0,0 +1,109 @@
<?php
function getSettings() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`fname`,
`lname`,
`email`,
`location`,
`birthdate`,
`bio`,
`profilepicture`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->fetch();
}
function getPasswordHash() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`password`,
`username`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->fetch();
}
function updateSettings() {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`fname` = :fname,
`lname` = :lname,
`location` = :location,
`birthdate` = :bday,
`bio` = :bio
WHERE
`userID` = :userID
");
$stmt->bindParam(":fname", $_POST["fname"]);
$stmt->bindParam(":lname", $_POST["lname"]);
$stmt->bindParam(":location", $_POST["location"]);
$stmt->bindParam(":bday", $_POST["bday"]);
$stmt->bindParam(":bio", $_POST["bio"]);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return array (
"type" => "settings-message-happy",
"message" => "Instellingen zijn opgeslagen."
);
}
function updatePassword() {
$user = getPasswordHash();
if (password_verify($_POST["password-old"].strtolower($user["username"]), $user["password"])) {
if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
if (changePassword($user)) {
return array ("type" => "settings-message-happy",
"message" => "Wachtwoord gewijzigd.");
} else {
return array (
"type" => "settings-message-angry",
"message" => "Er is iets mis gegaan.");
}
} else {
return array (
"type" => "settings-message-angry",
"message" => "Wachtwoorden komen niet oveeen."
);
}
} else {
return array(
"type" => "settings-message-angry",
"message" => "Oud wachtwoord niet correct."
);
}
}
function changePassword($user) {
$stmt =$GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`password` = :new_password
WHERE
`userID` = :userID
");
$hashed_password = password_hash($_POST["password-new"].strtolower($user["username"]), PASSWORD_DEFAULT);
$stmt->bindParam(":new_password", $hashed_password);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->rowCount();
}

88
website/queries/user.php
View File

@@ -1,4 +1,5 @@
<?php
require("connect.php");
function getUserID($db, $username) {
@@ -84,4 +85,89 @@ function selectAllUserPosts($db, $userID) {
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->execute();
return $stmt;
}
}
function select20UsersFromN($db, $n) {
return $db->query("
SELECT
`userID`,
`username`,
`role`,
`bancomment`
FROM
`user`
ORDER BY
`role`,
`username`
LIMIT
$n, 20
");
}
function search20UsersFromN($db, $n, $keyword) {
$q = $db->prepare("
SELECT
`userID`,
`username`,
`role`,
`bancomment`
FROM
`user`
WHERE
`username` LIKE :keyword
ORDER BY
`username`
LIMIT
:n, 20
");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$q->bindParam(':n', $n, PDO::PARAM_INT);
$q->execute();
return $q;
}
function search20UsersFromNByStatus($db, $n, $keyword, $status) {
$q = $db->prepare("
SELECT
`userID`,
`username`,
`role`,
`bancomment`
FROM
`user`
WHERE
`username` LIKE :keyword AND
FIND_IN_SET (`role`, :statuses)
ORDER BY
`role`,
`username`
LIMIT
:n, 20
");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$q->bindParam(':n', $n, PDO::PARAM_INT);
$statuses = implode(',', $status);
$q->bindParam(':statuses', $statuses);
$q->execute();
return $q;
}
function changeUserStatusByID($db, $id, $status) {
$q = $db->query("
UPDATE
`user`
SET
`role` = $status
WHERE
`userID` = $id
");
return $q;
}
?>