Merge branch 'kevin-prototype' into 'master'
Redirect to 404 from profile and group See merge request !190
This commit was merged in pull request #194.
This commit is contained in:
Lars van Hijfte
@@ -13,9 +13,16 @@
|
||||
|
||||
include_once("../queries/group_page.php");
|
||||
|
||||
$group = selectGroupByName($_GET["groupname"]);
|
||||
if(!$group = selectGroupByName($_GET["groupname"])) {
|
||||
header("HTTP/1.0 404 Not Found");
|
||||
header("Location: error/404.php");
|
||||
die();
|
||||
}
|
||||
|
||||
|
||||
$members = selectGroupMembers($group["groupID"]);
|
||||
|
||||
|
||||
/*
|
||||
* This view adds the main layout over the screen.
|
||||
* Header, menu, footer.
|
||||
|
||||
@@ -21,19 +21,19 @@ include_once("../queries/calcAge.php");
|
||||
|
||||
if(empty($_GET["username"])) {
|
||||
$userID = $_SESSION["userID"];
|
||||
$showProfile = True;
|
||||
} else {
|
||||
$userID = getUserID($_GET["username"]);
|
||||
$showProfile = False;
|
||||
}
|
||||
|
||||
$user = selectUser($_SESSION["userID"], $userID);
|
||||
if(!$user = selectUser($_SESSION["userID"], $userID)) {
|
||||
header("HTTP/1.0 404 Not Found");
|
||||
header("Location: error/404.php");
|
||||
die();
|
||||
}
|
||||
|
||||
$profile_friends = selectAllFriends($userID);
|
||||
$profile_groups = selectAllUserGroups($userID);
|
||||
$showProfile = $showProfile || $user["showProfile"] || ($user["status"] == 'confirmed');
|
||||
echo " friendship status: " . $user["status"];
|
||||
echo " showprofile: $showProfile";
|
||||
echo " userID: " . $user["userID"];
|
||||
$showProfile = $user["showProfile"] || ($user["status"] == 'confirmed') || $_SESSION["userID"] == $userID;
|
||||
|
||||
|
||||
if ($userID == $_SESSION["userID"]) {
|
||||
|
||||
@@ -33,7 +33,12 @@ function selectGroupByName($name) {
|
||||
if (!$stmt->execute()) {
|
||||
return False;
|
||||
}
|
||||
return $stmt->fetch();
|
||||
$row = $stmt->fetch();
|
||||
if($row["groupID"] == null) {
|
||||
return False;
|
||||
}
|
||||
|
||||
return $row;
|
||||
}
|
||||
|
||||
function selectGroupRole(int $groupID) {
|
||||
|
||||
@@ -101,7 +101,9 @@ function selectUser($me, $other) {
|
||||
|
||||
$stmt->bindParam(':me', $me, PDO::PARAM_INT);
|
||||
$stmt->bindParam(':other', $other, PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
if(!$stmt->execute() || $stmt->rowCount() == 0) {
|
||||
return False;
|
||||
}
|
||||
return $stmt->fetch();
|
||||
}
|
||||
|
||||
@@ -120,7 +122,7 @@ function selectAllUserGroups($userID) {
|
||||
`group_page`.`groupID` = `group_member`.`groupID`
|
||||
WHERE
|
||||
`userID` = :userID AND
|
||||
`role` = 'member'
|
||||
`role` IN ('member', 'mod', 'admin')
|
||||
");
|
||||
|
||||
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
|
||||
|
||||
Reference in New Issue
Block a user