MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'lars' into 'master'

Browse Source 
Lars

See merge request !165
This commit was merged in pull request #169.
This commit is contained in:
Lars van Hijfte
2017-02-01 12:30:08 +01:00
parent fcd58857c0 6aee603a64
commit 8e81cec843
19 changed files with 334 additions and 273 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
website/public/API/adminChangeUser.php
View File

@@ -3,23 +3,29 @@ session_start();
require_once ("../../queries/connect.php"); require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php"); require_once ("../../queries/checkInput.php");
require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php"); require_once ("../../queries/group_page.php");
require_once ("../../queries/user.php");
$userinfo = getRoleByID($_SESSION['userID']); if (isset($_SESSION["userID"]) &&
(getRoleByID($_SESSION["userID"]) == 'admin' ||
getRoleByID($_SESSION["userID"]) == 'owner')) {
$userinfo = getRoleByID($_SESSION['userID']);
if (isset($_POST["actions"]) && isset($_POST["userID"])) { if (isset($_POST["actions"]) && isset($_POST["userID"])) {
changeUserStatusByID($_POST["userID"], $_POST["actions"]); changeUserStatusByID($_POST["userID"], $_POST["actions"]);
} else if (isset($_POST["actions"]) && isset($_POST["groupID"])) { } else if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
changeGroupStatusByID($_POST["groupID"], $_POST["actions"]); changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
} else if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) { } else if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
if ($userinfo == 'owner') { if ($userinfo == 'owner') {
changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]); changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
} else { } else {
changeMultipleUserStatusByIDAdmin($_POST["checkbox-user"], $_POST["batchactions"]); changeMultipleUserStatusByIDAdmin($_POST["checkbox-user"], $_POST["batchactions"]);
}
} else if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
} else if (isset($_POST['bancommentuserID']) && isset($_POST['bancommenttext'])) {
editBanCommentByID($_POST['bancommentuserID'], $_POST['bancommenttext']);
} }
} else if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) { } else {
changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]); header('HTTP/1.0 403 Forbidden');
} else if (isset($_POST['bancommentuserID']) && isset($_POST['bancommenttext'])) {
editBanCommentByID($_POST['bancommentuserID'], $_POST['bancommenttext']);
} }

62
website/public/API/adminPageNumber.php
View File

@@ -7,32 +7,38 @@ require_once ("../../queries/checkInput.php");
require_once ("../../queries/user.php"); require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php"); require_once ("../../queries/group_page.php");
$search = ""; if (isset($_SESSION["userID"]) &&
if (isset($_POST["search"])) { (getRoleByID($_SESSION["userID"]) == 'admin' ||
$search = test_input($_POST["search"]); getRoleByID($_SESSION["userID"]) == 'owner')) {
$search = "";
if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
}
$pagetype = "user";
if (isset($_POST['pagetype'])) {
$pagetype = test_input($_POST['pagetype']);
}
$status = array();
if (isset($_POST['status'])) {
$status = $_POST["status"];
}
$groupstatus = array();
if (isset($_POST['groupstatus'])) {
$groupstatus = $_POST["groupstatus"];
}
$entries = 20;
$currentpage = 1;
if (isset($_POST['currentpage'])) {
$currentpage = (int) test_input($_POST["currentpage"]);
}
$offset = (int) $currentpage * $entries - $entries;
include ("../../views/adminpanel-page.php");
} else {
header('HTTP/1.0 403 Forbidden');
} }
$pagetype = "user";
if (isset($_POST['pagetype'])) {
$pagetype = test_input($_POST['pagetype']);
}
$status = array();
if (isset($_POST['status'])) {
$status = $_POST["status"];
}
$groupstatus = array();
if (isset($_POST['groupstatus'])) {
$groupstatus = $_POST["groupstatus"];
}
$entries = 20;
$currentpage = 1;
if (isset($_POST['currentpage'])) {
$currentpage = (int) test_input($_POST["currentpage"]);
}
$offset = (int) $currentpage * $entries - $entries;
include ("../../views/adminpanel-page.php");

60
website/public/API/adminSearchUsers.php
View File

@@ -7,38 +7,44 @@ require_once ("../../queries/checkInput.php");
require_once ("../../queries/user.php"); require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php"); require_once ("../../queries/group_page.php");
$offset = 0; if (isset($_SESSION["userID"]) &&
$entries = 20; (getRoleByID($_SESSION["userID"]) == 'admin' ||
if (isset($_POST["currentpage"])) { getRoleByID($_SESSION["userID"]) == 'owner')) {
$offset = (int) test_input($_POST["currentpage"]) * $entries - $entries; $offset = 0;
} $entries = 20;
if (isset($_POST["currentpage"])) {
$offset = (int)test_input($_POST["currentpage"]) * $entries - $entries;
}
$search = ""; $search = "";
if (isset($_POST["search"])) { if (isset($_POST["search"])) {
$search = test_input($_POST["search"]); $search = test_input($_POST["search"]);
} }
$pagetype = "user"; $pagetype = "user";
if (isset($_POST['pagetype'])) { if (isset($_POST['pagetype'])) {
$pagetype = test_input($_POST['pagetype']); $pagetype = test_input($_POST['pagetype']);
} }
$status = array(); $status = array();
if (isset($_POST['status'])) { if (isset($_POST['status'])) {
$status = $_POST["status"]; $status = $_POST["status"];
} }
$groupstatus = array(); $groupstatus = array();
if (isset($_POST['groupstatus'])) { if (isset($_POST['groupstatus'])) {
$groupstatus = $_POST["groupstatus"]; $groupstatus = $_POST["groupstatus"];
} }
$userinfo = getRoleByID($_SESSION['userID']); $userinfo = getRoleByID($_SESSION['userID']);
if ($pagetype == "user") { if ($pagetype == "user") {
include ("../../views/adminpanel-table.php"); include("../../views/adminpanel-table.php");
} else if ($pagetype == "group") { } else if ($pagetype == "group") {
include ("../../views/adminpanel-grouptable.php"); include("../../views/adminpanel-grouptable.php");
} else {
echo "Search failed!";
}
} else { } else {
echo "Search failed!"; header('HTTP/1.0 403 Forbidden');
} }

41
website/public/API/editFriendship.php
View File

@@ -3,25 +3,32 @@
session_start(); session_start();
require_once ("../../queries/friendship.php"); require_once ("../../queries/friendship.php");
require_once("../../queries/user.php");
if(empty($_POST["usr"]) OR empty($_POST["action"]) OR !in_array($_POST["action"], array("request", "accept", "delete"))) { if (isset($_SESSION["userID"]) &&
header('HTTP/1.1 500 Non enough arguments'); getRoleByID($_SESSION["userID"]) != 'frozen' &&
} getRoleByID($_SESSION["userID"]) != 'banned') {
if (empty($_POST["usr"]) OR empty($_POST["action"]) OR !in_array($_POST["action"], array("request", "accept", "delete"))) {
$friendship_status = getFriendshipStatus($_POST["usr"]); header('HTTP/1.1 500 Non enough arguments');
if($_POST["action"] == "request" AND $friendship_status == 0) {
if (!requestFriendship($_POST["usr"])) {
header('HTTP/1.1 500 Query (request) failed');
} }
} else if($_POST["action"] == "delete" AND in_array($friendship_status, array(1, 2, 3))) {
if (!removeFriendship($_POST["usr"])) { $friendship_status = getFriendshipStatus($_POST["usr"]);
header('HTTP/1.1 500 Query (delete) failed');
} if ($_POST["action"] == "request" AND $friendship_status == 0) {
} else if ($_POST["action"] == "accept" AND $friendship_status == 3) { if (!requestFriendship($_POST["usr"])) {
if (!acceptFriendship($_POST["usr"])) { header('HTTP/1.1 500 Query (request) failed');
header('HTTP/1.1 500 Query (accept) failed'); }
} else if ($_POST["action"] == "delete" AND in_array($friendship_status, array(1, 2, 3))) {
if (!removeFriendship($_POST["usr"])) {
header('HTTP/1.1 500 Query (delete) failed');
}
} else if ($_POST["action"] == "accept" AND $friendship_status == 3) {
if (!acceptFriendship($_POST["usr"])) {
header('HTTP/1.1 500 Query (accept) failed');
}
} else {
header('HTTP/1.1 500 Not the right friendship status');
} }
} else { } else {
header('HTTP/1.1 500 Not the right friendship status'); header('HTTP/1.0 403 Forbidden');
} }

26
website/public/API/getFriendshipStatus.php
View File

@@ -10,15 +10,21 @@
session_start(); session_start();
require_once ("../../queries/friendship.php"); require_once ("../../queries/friendship.php");
require_once("../../queries/user.php");
if(empty($_POST["usr"])) { if (isset($_SESSION["userID"]) &&
header('HTTP/1.1 500 Non enough arguments'); getRoleByID($_SESSION["userID"]) != 'banned') {
if (empty($_POST["usr"])) {
header('HTTP/1.1 500 Non enough arguments');
}
$friendship_status = getFriendshipStatus($_POST["usr"]);
if ($friendship_status == -2) {
header('HTTP/1.1 500 Query failed');
}
echo $friendship_status;
} else {
header('HTTP/1.0 403 Forbidden');
} }
$friendship_status = getFriendshipStatus($_POST["usr"]);
if($friendship_status == -2) {
header('HTTP/1.1 500 Query failed');
}
echo $friendship_status;

37
website/public/API/getPosts.php
View File

@@ -6,21 +6,28 @@ if(empty($_POST["usr"]) and empty($_POST["grp"])) {
require_once ("../../queries/post.php"); require_once ("../../queries/post.php");
require_once ("../../queries/nicetime.php"); require_once ("../../queries/nicetime.php");
require_once("../../queries/user.php");
if(empty($_POST["usr"])) { if (isset($_SESSION["userID"]) &&
$posts = selectAllPosts(0, $_POST["grp"]); getRoleByID($_SESSION["userID"]) != 'banned') {
if (empty($_POST["usr"])) {
$posts = selectAllPosts(0, $_POST["grp"]);
} else {
$posts = selectAllPosts($_POST["usr"], 0);
}
if (!$posts) {
header('HTTP/1.1 500 Query failed');
}
$results = $posts->fetchAll(PDO::FETCH_ASSOC);
for ($i = 0; $i < sizeof($results); $i++) {
$results[$i]["nicetime"] = nicetime($results[$i]["creationdate"]);
}
echo json_encode($results);
} else { } else {
$posts = selectAllPosts($_POST["usr"], 0); header('HTTP/1.0 403 Forbidden');
} }
if(!$posts) {
header('HTTP/1.1 500 Query failed');
}
$results = $posts->fetchAll(PDO::FETCH_ASSOC);
for($i = 0; $i < sizeof($results); $i++) {
$results[$i]["nicetime"] = nicetime($results[$i]["creationdate"]);
}
echo json_encode($results);

8
website/public/API/loadChatNotifications.php
View File

@@ -4,5 +4,11 @@ session_start();
require_once ("../../queries/connect.php"); require_once ("../../queries/connect.php");
require_once ("../../queries/private_message.php"); require_once ("../../queries/private_message.php");
require_once("../../queries/user.php");
echo selectAllUnreadChat(); if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
echo selectAllUnreadChat();
} else {
header('HTTP/1.0 403 Forbidden');
}

2
website/public/API/loadFriendRequest.php
View File

@@ -11,5 +11,5 @@ if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') { getRoleByID($_SESSION["userID"]) != 'banned') {
echo selectAllFriendRequests(); echo selectAllFriendRequests();
} else { } else {
echo "[]"; header('HTTP/1.0 403 Forbidden');
} }

20
website/public/API/loadFriends.php
View File

@@ -5,16 +5,22 @@ session_start();
require_once ("../../queries/connect.php"); require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php"); require_once ("../../queries/checkInput.php");
require_once ("../../queries/friendship.php"); require_once ("../../queries/friendship.php");
require_once("../../queries/user.php");
if (isset($_SESSION["userID"])) { if (isset($_SESSION["userID"]) &&
if (isset($_POST["limit"])) { getRoleByID($_SESSION["userID"]) != 'banned') {
echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_POST["limit"])); if (isset($_SESSION["userID"])) {
} else if (isset($_GET["limit"])) { if (isset($_POST["limit"])) {
echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_GET["limit"])); echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_POST["limit"]));
} else if (isset($_GET["limit"])) {
echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_GET["limit"]));
} else {
echo selectFriends($_SESSION["userID"]);
}
} else { } else {
echo selectFriends($_SESSION["userID"]); echo "[]";
} }
} else { } else {
echo "[]"; header('HTTP/1.0 403 Forbidden');
} }

16
website/public/API/loadGroups.php
View File

@@ -6,9 +6,15 @@ require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php"); require_once ("../../queries/checkInput.php");
require_once ("../../queries/group_member.php"); require_once ("../../queries/group_member.php");
if (isset($_POST["limit"])) { require_once("../../queries/user.php");
echo selectLimitedGroupsFromUser($_SESSION["userID"], (int) test_input($_POST["limit"]));
} else {
echo selectAllGroupsFromUser($_SESSION["userID"]);
}
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if (isset($_POST["limit"])) {
echo selectLimitedGroupsFromUser($_SESSION["userID"], (int)test_input($_POST["limit"]));
} else {
echo selectAllGroupsFromUser($_SESSION["userID"]);
}
} else {
header('HTTP/1.0 403 Forbidden');
}

16
website/public/API/loadMessages.php
View File

@@ -6,11 +6,17 @@ require_once("../../queries/connect.php");
require_once("../../queries/private_message.php"); require_once("../../queries/private_message.php");
require_once("../../queries/checkInput.php"); require_once("../../queries/checkInput.php");
require_once("../../queries/friendship.php"); require_once("../../queries/friendship.php");
require_once("../../queries/user.php");
if (isset($_POST["lastID"]) && $_POST["lastID"] != "") { if (isset($_SESSION["userID"]) &&
setLastVisited(test_input($_POST["destination"])); getRoleByID($_SESSION["userID"]) != 'banned') {
echo getNewChatMessages(test_input($_POST["lastID"]), test_input($_POST["destination"])); if (isset($_POST["lastID"]) && $_POST["lastID"] != "") {
setLastVisited(test_input($_POST["destination"]));
echo getNewChatMessages(test_input($_POST["lastID"]), test_input($_POST["destination"]));
} else {
setLastVisited(test_input($_POST["destination"]));
echo getOldChatMessages(test_input($_POST["destination"]));
}
} else { } else {
setLastVisited(test_input($_POST["destination"])); header('HTTP/1.0 403 Forbidden');
echo getOldChatMessages(test_input($_POST["destination"]));
} }

13
website/public/API/loadPost.php
View File

@@ -5,8 +5,15 @@ require_once("../../queries/post.php");
require_once("../../queries/checkInput.php"); require_once("../../queries/checkInput.php");
require_once("../../queries/nicetime.php"); require_once("../../queries/nicetime.php");
if(isset($_GET['postID'])) { require_once("../../queries/user.php");
include("../../views/post-view.php");
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if (isset($_GET['postID'])) {
include("../../views/post-view.php");
} else {
echo "Kan de post niet laden";
}
} else { } else {
echo "Failed to load"; header('HTTP/1.0 403 Forbidden');
} }

41
website/public/API/nietSlecht.php
View File

@@ -1,41 +0,0 @@
<?php
session_start();
require_once ("../queries/connect.php");
require_once ("../queries/checkInput.php");
function getNietSlechtCountForPost(int $postID) : int {
$stmt = prepareQuery("
SELECT
`userID`
FROM
`niet_slecht`
WHERE
`postID` = :postID
");
$stmt->bindParam(":postID", $postID);
$stmt->execute();
return $stmt->rowCount();
}
function getNietSlechtUsersForPost(int $postID) {
$stmt = prepareQuery("
SELECT
`fname`,
`lname`,
CONCAT(`user`.`fname`, ' ', `user`.`lname`) as `fullname`
FROM
`user`
INNER JOIN
`niet_slecht`
WHERE
`user`.`userID` = `niet_slecht`.`userID` AND
`niet_slecht`.`postID` = :postID
");
$stmt->bindParam(":postID", $postID);
$stmt->execute();
$rows = $stmt->fetchAll();
foreach ($rows as $row) {
print($row["fullname"]);
}
}

76
website/public/API/postPost.php
View File

@@ -6,49 +6,43 @@ require_once("../../queries/post.php");
require_once("../../queries/group_page.php"); require_once("../../queries/group_page.php");
require_once("../../queries/connect.php"); require_once("../../queries/connect.php");
require_once("../../queries/checkInput.php"); require_once("../../queries/checkInput.php");
require_once("../../queries/user.php");
if (empty($_POST["title"]) or if (isset($_SESSION["userID"]) &&
empty($_POST["content"]) or getRoleByID($_SESSION["userID"]) != 'frozen' &&
empty($_SESSION["userID"])) { getRoleByID($_SESSION["userID"]) != 'banned') {
header('HTTP/1.1 500 Non enough arguments');
}
if (empty($_POST["group"])) { if (empty($_POST["title"]) or
// User Post empty($_POST["content"]) or
makePost( empty($_SESSION["userID"])
$_SESSION["userID"], ) {
null, header('HTTP/1.1 500 Non enough arguments');
test_input($_POST["title"]),
test_input($_POST["content"])
);
} else {
// Group Post
// Check if the user is an admin or mod of the group.
if(!in_array(selectGroupRole($_POST["group"]), array('mod', 'admin'))) {
header('HTTP/1.1 500 Non enough rights');
return;
} }
makePost( if (empty($_POST["group"])) {
$_SESSION["userID"], // User Post
$_POST["group"], makePost(
test_input($_POST["title"]), $_SESSION["userID"],
test_input($_POST["content"]) null,
); test_input($_POST["title"]),
test_input($_POST["content"])
);
} else {
// Group Post
// Check if the user is an admin or mod of the group.
if (!in_array(selectGroupRole($_POST["group"]), array('mod', 'admin'))) {
header('HTTP/1.1 500 Non enough rights');
return;
}
makePost(
$_SESSION["userID"],
$_POST["group"],
test_input($_POST["title"]),
test_input($_POST["content"])
);
}
} else {
echo "frozen";
} }
//if (empty($_POST['newpost-title'])) {
//} else {
// makePost($_SESSION['userID'],
// null,
// test_input($_POST['newpost-title']),
// test_input($_POST['newpost-content']));
//}
//
//header("Location: ../profile.php");

37
website/public/API/searchGroups.php
View File

@@ -7,22 +7,29 @@ require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php"); require_once ("../../queries/checkInput.php");
require_once ("../../queries/group_member.php"); require_once ("../../queries/group_member.php");
require_once ("../../queries/group_page.php"); require_once ("../../queries/group_page.php");
require_once ("../../queries/user.php");
$n = 0; if (isset($_SESSION["userID"]) &&
if (isset($_POST["n"])) { getRoleByID($_SESSION["userID"]) != 'banned') {
$n = (int) test_input($_POST["n"]);
}
$m = 20;
if (isset($_POST["m"])) {
$m = (int) test_input($_POST["m"]);
}
$search = "";
if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
}
if (isset($_POST["filter"]) && $_POST["filter"] == "personal") { $n = 0;
echo searchSomeOwnGroups($n, $m, $search); if (isset($_POST["n"])) {
$n = (int)test_input($_POST["n"]);
}
$m = 20;
if (isset($_POST["m"])) {
$m = (int)test_input($_POST["m"]);
}
$search = "";
if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
}
if (isset($_POST["filter"]) && $_POST["filter"] == "personal") {
echo searchSomeOwnGroups($n, $m, $search);
} else {
echo searchSomeGroups($n, $m, $search);
}
} else { } else {
echo searchSomeGroups($n, $m, $search); header('HTTP/1.0 403 Forbidden');
} }

66
website/public/API/searchPageNumber.php
View File

@@ -7,35 +7,41 @@ require_once ("../../queries/checkInput.php");
require_once ("../../queries/user.php"); require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php"); require_once ("../../queries/group_page.php");
$user_perpage = $group_perpage = 20; if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'banned') {
$user_currentpage = $group_currentpage = 1; $user_perpage = $group_perpage = 20;
if (isset($_POST['user-pageselect'])) {
$user_currentpage = test_input($_POST['user-pageselect']); $user_currentpage = $group_currentpage = 1;
if (isset($_POST['user-pageselect'])) {
$user_currentpage = test_input($_POST['user-pageselect']);
}
if (isset($_POST['group-pageselect'])) {
$group_currentpage = test_input($_POST['group-pageselect']);
}
$user_n = $user_currentpage * $user_perpage - $user_perpage;
$group_n = $group_currentpage * $group_perpage - $group_perpage;
$search = "";
if (isset($_POST['search'])) {
$search = test_input($_POST['search']);
}
$user_count = countSomeUsers($search)->fetchColumn();
$group_count = countSomeGroups($search)->fetchColumn();
$filter = "all";
if (isset($_POST['filter'])) {
$filter = test_input($_POST['filter']);
}
$option = "user";
if (isset($_POST['option'])) {
$option = test_input($_POST['option']);
}
include("../../views/searchPageNumber.php");
} else {
header('HTTP/1.0 403 Forbidden');
} }
if (isset($_POST['group-pageselect'])) {
$group_currentpage = test_input($_POST['group-pageselect']);
}
$user_n = $user_currentpage * $user_perpage - $user_perpage;
$group_n = $group_currentpage * $group_perpage - $group_perpage;
$search = "";
if (isset($_POST['search'])) {
$search = test_input($_POST['search']);
}
$user_count = countSomeUsers($search)->fetchColumn();
$group_count = countSomeGroups($search)->fetchColumn();
$filter = "all";
if (isset($_POST['filter'])) {
$filter = test_input($_POST['filter']);
}
$option = "user";
if (isset($_POST['option'])) {
$option = test_input($_POST['option']);
}
include ("../../views/searchPageNumber.php");

34
website/public/API/searchUsers.php
View File

@@ -7,23 +7,29 @@ require_once ("../../queries/checkInput.php");
require_once ("../../queries/friendship.php"); require_once ("../../queries/friendship.php");
require_once ("../../queries/user.php"); require_once ("../../queries/user.php");
$n = 0; if (isset($_SESSION["userID"]) &&
$m = 20; getRoleByID($_SESSION["userID"]) != 'banned') {
$page = 1; $n = 0;
if (isset($_POST["user-pageselect"])) { $m = 20;
$page = (int) test_input($_POST['user-pageselect']);
}
$n = ($page - 1) * $m; $page = 1;
if (isset($_POST["user-pageselect"])) {
$page = (int)test_input($_POST['user-pageselect']);
}
$search = ""; $n = ($page - 1) * $m;
if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
}
if (isset($_POST["filter"]) && $_POST["filter"] == "personal") { $search = "";
echo searchSomeFriends($n, $m, $search); if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
}
if (isset($_POST["filter"]) && $_POST["filter"] == "personal") {
echo searchSomeFriends($n, $m, $search);
} else {
echo searchSomeUsers($n, $m, $search);
}
} else { } else {
echo searchSomeUsers($n, $m, $search); header('HTTP/1.0 403 Forbidden');
} }

2
website/queries/group_member.php
View File

@@ -1,7 +1,7 @@
<?php <?php
function selectAllGroupsFromUser($userID) { function selectAllGroupsFromUser($userID) {
selectLimitedGroupsFromUser($userID, 9999); return selectLimitedGroupsFromUser($userID, 9999);
} }
function selectLimitedGroupsFromUser($userID, $limit) { function selectLimitedGroupsFromUser($userID, $limit) {

30
website/queries/user.php
View File

@@ -126,7 +126,11 @@ function select20UsersFromN($n) {
`userID`, `userID`,
`username`, `username`,
`role`, `role`,
`bancomment` `bancomment`,
CASE `lastactivity` >= DATE_SUB(NOW(),INTERVAL 15 MINUTE)
WHEN TRUE THEN 'online'
WHEN FALSE THEN 'offline'
END AS `onlinestatus`
FROM FROM
`user` `user`
ORDER BY ORDER BY
@@ -147,7 +151,11 @@ function search20UsersFromN($n, $keyword) {
`userID`, `userID`,
`username`, `username`,
`role`, `role`,
`bancomment` `bancomment`,
CASE `lastactivity` >= DATE_SUB(NOW(),INTERVAL 15 MINUTE)
WHEN TRUE THEN 'online'
WHEN FALSE THEN 'offline'
END AS `onlinestatus`
FROM FROM
`user` `user`
WHERE WHERE
@@ -171,7 +179,11 @@ function search20UsersFromNByStatus($n, $keyword, $status) {
`userID`, `userID`,
`username`, `username`,
`role`, `role`,
`bancomment` `bancomment`,
CASE `lastactivity` >= DATE_SUB(NOW(),INTERVAL 15 MINUTE)
WHEN TRUE THEN 'online'
WHEN FALSE THEN 'offline'
END AS `onlinestatus`
FROM FROM
`user` `user`
WHERE WHERE
@@ -199,7 +211,11 @@ function searchSomeUsersByStatus($n, $m, $keyword, $status) {
`userID`, `userID`,
`username`, `username`,
`role`, `role`,
`bancomment` `bancomment`,
CASE `lastactivity` >= DATE_SUB(NOW(),INTERVAL 15 MINUTE)
WHEN TRUE THEN 'online'
WHEN FALSE THEN 'offline'
END AS `onlinestatus`
FROM FROM
`user` `user`
WHERE WHERE
@@ -334,7 +350,11 @@ function searchSomeUsers($n, $m, $search) {
`profilepicture`, `profilepicture`,
'../img/avatar-standard.png' '../img/avatar-standard.png'
) AS profilepicture, ) AS profilepicture,
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `fullname` LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `fullname`,
CASE `lastactivity` >= DATE_SUB(NOW(),INTERVAL 15 MINUTE)
WHEN TRUE THEN 'online'
WHEN FALSE THEN 'offline'
END AS `onlinestatus`
FROM FROM
`user` `user`
WHERE WHERE