From c8dbdfe70e4c8a9d8ac20e7cd504996cbf58ace7 Mon Sep 17 00:00:00 2001 From: Joey Lai Date: Fri, 3 Feb 2017 10:34:44 +0100 Subject: [PATCH 1/4] Fixed url --- website/views/homeLoginRegister.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/views/homeLoginRegister.php b/website/views/homeLoginRegister.php index 24fa266..2e00905 100644 --- a/website/views/homeLoginRegister.php +++ b/website/views/homeLoginRegister.php @@ -34,7 +34,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { case "login": try { $user = ($_POST["user"]); - validateLogin($_POST["user"], $_POST["psw"], $_POST["url"];); + validateLogin($_POST["user"], $_POST["psw"], $_POST["url"]); } catch(loginException $e) { $loginErr = $e->getMessage(); } From 28e9269b523a6a7fb343442a2eda3469b82550e0 Mon Sep 17 00:00:00 2001 From: Marijn Jansen Date: Fri, 3 Feb 2017 10:44:50 +0100 Subject: [PATCH 2/4] Delete groups --- website/public/groupAdmin.php | 3 +++ website/public/settings.php | 1 - website/queries/groupAdmin.php | 21 ++++++++++++++++++++- website/queries/settings.php | 5 ++++- website/views/groupAdmin.php | 25 ++++++++++++++++++------- 5 files changed, 45 insertions(+), 10 deletions(-) diff --git a/website/public/groupAdmin.php b/website/public/groupAdmin.php index 6095149..30c44fa 100644 --- a/website/public/groupAdmin.php +++ b/website/public/groupAdmin.php @@ -44,6 +44,9 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { } upgradeUser($_POST["groupID"], $_POST["userID"], "admin"); break; + case "delete": + deleteGroup(); + break; } } catch (AlertMessage $w) { $alertClass = $w->getClass(); diff --git a/website/public/settings.php b/website/public/settings.php index 9247d26..6996f54 100644 --- a/website/public/settings.php +++ b/website/public/settings.php @@ -29,7 +29,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { case "picture": updateAvatar(); break; - } } catch (AlertMessage $w) { $alertClass = $w->getClass(); diff --git a/website/queries/groupAdmin.php b/website/queries/groupAdmin.php index e3580b6..3e294e5 100644 --- a/website/queries/groupAdmin.php +++ b/website/queries/groupAdmin.php @@ -60,7 +60,7 @@ function checkGroupAdmin(int $groupID, int $userID) : bool { return ($role == "admin"); } -function getAllGroupMembers(int $groupID) { +function getAllGroupUsers(int $groupID) { $stmt = prepareQuery(" SELECT `username`, @@ -106,4 +106,23 @@ function upgradeUser(int $groupID, int $userID, string $role) { } else { throw new AngryAlert("Er is iets mis gegaan"); } +} + +function deleteGroup() { + if (!checkGroupAdmin($_POST["groupID"], $_SESSION["userID"])) { + throw new AngryAlert("Geen toestemming om de groep te verwijderen!"); + } + $stmt = prepareQuery(" + DELETE FROM + `group_page` + WHERE + `groupID` = :groupID + "); + $stmt->bindValue(":groupID", $_POST["groupID"]); + $stmt->execute(); + if ($stmt->rowCount()) { + throw new HappyAlert("Group verwijderd!"); + } else { + throw new AngryAlert("Er is iets mis gegaan"); + } } \ No newline at end of file diff --git a/website/queries/settings.php b/website/queries/settings.php index 26237ec..6d6dc74 100644 --- a/website/queries/settings.php +++ b/website/queries/settings.php @@ -16,7 +16,10 @@ function getSettings() { `location`, `birthdate`, `bio`, - `profilepicture`, + IFNULL( + `profilepicture`, + '../img/avatar-standard.png' + ) AS profilepicture, `showBday`, `showEmail`, `showProfile` diff --git a/website/views/groupAdmin.php b/website/views/groupAdmin.php index 54fbee8..3d57501 100644 --- a/website/views/groupAdmin.php +++ b/website/views/groupAdmin.php @@ -16,7 +16,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
  • "> - +
    • @@ -51,8 +51,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]); + > Opslaan @@ -80,8 +79,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]); + > Verander profielfoto @@ -94,7 +92,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]); " type="hidden"> + + + +
    From b8d6136a9dccb9eb9e7c2e5a0569547e42e82bbe Mon Sep 17 00:00:00 2001 From: Marijn Jansen Date: Fri, 3 Feb 2017 10:59:10 +0100 Subject: [PATCH 3/4] Added deadmin! --- website/public/groupAdmin.php | 6 ++++++ website/queries/groupAdmin.php | 15 ++++++++++++++- website/views/groupAdmin.php | 31 +++++++++++++++++++++++++++++++ 3 files changed, 51 insertions(+), 1 deletion(-) diff --git a/website/public/groupAdmin.php b/website/public/groupAdmin.php index 30c44fa..fadaa87 100644 --- a/website/public/groupAdmin.php +++ b/website/public/groupAdmin.php @@ -44,6 +44,12 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { } upgradeUser($_POST["groupID"], $_POST["userID"], "admin"); break; + case "deadmin": + if (!array_key_exists("userID", $_POST)) { + throw new AngryAlert("Geen gebruiker geselecteerd."); + } + upgradeUser($_POST["groupID"], $_POST["userID"], "member"); + break; case "delete": deleteGroup(); break; diff --git a/website/queries/groupAdmin.php b/website/queries/groupAdmin.php index 3e294e5..c9b3af5 100644 --- a/website/queries/groupAdmin.php +++ b/website/queries/groupAdmin.php @@ -61,6 +61,18 @@ function checkGroupAdmin(int $groupID, int $userID) : bool { } function getAllGroupUsers(int $groupID) { + return getAllGroupMembers($groupID, 'member'); +} + +function getAllGroupAdmins(int $groupID) { + return getAllGroupMembers($groupID, 'admin'); +} + +function getAllGroupMods(int $groupID) { + return getAllGroupMembers($groupID, 'mod'); +} + +function getAllGroupMembers(int $groupID, string $role) { $stmt = prepareQuery(" SELECT `username`, @@ -74,10 +86,11 @@ function getAllGroupUsers(int $groupID) { ON `group_member`.`userID` = `user`.`userID` WHERE - `groupID` = :groupID AND `group_member`.`role` = 'member' + `groupID` = :groupID AND `group_member`.`role` = :role "); $stmt->bindParam(':groupID', $groupID); + $stmt->bindParam(":role", $role); if (!$stmt->execute()) { return False; } diff --git a/website/views/groupAdmin.php b/website/views/groupAdmin.php index 3d57501..d406e5c 100644 --- a/website/views/groupAdmin.php +++ b/website/views/groupAdmin.php @@ -112,6 +112,37 @@ $groupinfo = getGroupSettings($_GET["groupID"]); +
    +
    Verwijder een admin/mod
    +
      + + " type="hidden"> + + + + +
    +
      Verwijder groep
      From c69b5d8ed359016be9f7f86ef3bd9c1dc93c5b10 Mon Sep 17 00:00:00 2001 From: Marijn Jansen Date: Fri, 3 Feb 2017 11:12:02 +0100 Subject: [PATCH 4/4] Comments --- website/public/groupAdmin.php | 2 ++ website/public/settings.php | 2 ++ website/queries/connect.php | 5 ++++ website/queries/createGroup.php | 4 +++ website/queries/groupAdmin.php | 51 +++++++++++++++++++++++++++++++++ 5 files changed, 64 insertions(+) diff --git a/website/public/groupAdmin.php b/website/public/groupAdmin.php index fadaa87..ec6eee8 100644 --- a/website/public/groupAdmin.php +++ b/website/public/groupAdmin.php @@ -21,6 +21,8 @@ require_once "../queries/alerts.php"; include("../views/main.php"); $alertClass; $alertMessage; + +// Select which button has been pressed. if ($_SERVER["REQUEST_METHOD"] == "POST") { try { switch ($_POST["form"]) { diff --git a/website/public/settings.php b/website/public/settings.php index 6996f54..7208141 100644 --- a/website/public/settings.php +++ b/website/public/settings.php @@ -14,6 +14,8 @@ prepare($query); } \ No newline at end of file diff --git a/website/queries/createGroup.php b/website/queries/createGroup.php index 20ee28b..1b093fb 100644 --- a/website/queries/createGroup.php +++ b/website/queries/createGroup.php @@ -2,6 +2,10 @@ require_once "../queries/checkInput.php"; require_once "../queries/picture.php"; require_once "../queries/alerts.php"; + +/** + * Creates a group. + */ function createGroup() { $createGroup = prepareQuery(" diff --git a/website/queries/groupAdmin.php b/website/queries/groupAdmin.php index c9b3af5..8cefb9b 100644 --- a/website/queries/groupAdmin.php +++ b/website/queries/groupAdmin.php @@ -1,4 +1,9 @@ fetch(); } +/** + * Updates the settings for a group. + * @param int $groupID + * @throws AngryAlert + * @throws HappyAlert + */ function updateGroupSettings(int $groupID) { if (!checkGroupAdmin($groupID, $_SESSION["userID"])) { @@ -40,6 +51,12 @@ function updateGroupSettings(int $groupID) } } +/** + * Checks if an user is an admin for a page. + * @param int $groupID + * @param int $userID + * @return bool + */ function checkGroupAdmin(int $groupID, int $userID) : bool { $stmt = prepareQuery(" SELECT @@ -60,18 +77,39 @@ function checkGroupAdmin(int $groupID, int $userID) : bool { return ($role == "admin"); } +/** + * Returns all normal members for a group. + * @param int $groupID + * @return array|bool + */ function getAllGroupUsers(int $groupID) { return getAllGroupMembers($groupID, 'member'); } +/** + * Returns all admin for a group. + * @param int $groupID + * @return array|bool + */ function getAllGroupAdmins(int $groupID) { return getAllGroupMembers($groupID, 'admin'); } +/** + * Returns all Moderators for a group. + * @param int $groupID + * @return array|bool + */ function getAllGroupMods(int $groupID) { return getAllGroupMembers($groupID, 'mod'); } +/** + * Returns all members for a group specified by a string. + * @param int $groupID + * @param string $role + * @return array|bool + */ function getAllGroupMembers(int $groupID, string $role) { $stmt = prepareQuery(" SELECT @@ -97,6 +135,14 @@ function getAllGroupMembers(int $groupID, string $role) { return $stmt->fetchAll(); } +/** + * Upgrades or downgrades a groupmember to a different role. + * @param int $groupID + * @param int $userID + * @param string $role + * @throws AngryAlert + * @throws HappyAlert + */ function upgradeUser(int $groupID, int $userID, string $role) { if (!checkGroupAdmin($groupID, $_SESSION["userID"])) { throw new AngryAlert("Geen toestemming om te wijzigen"); @@ -121,6 +167,11 @@ function upgradeUser(int $groupID, int $userID, string $role) { } } +/** + * Removes a group form the database. + * @throws AngryAlert + * @throws HappyAlert + */ function deleteGroup() { if (!checkGroupAdmin($_POST["groupID"], $_SESSION["userID"])) { throw new AngryAlert("Geen toestemming om de groep te verwijderen!");