MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into hendrik-testing

Browse Source
This commit is contained in:
Hendrik
2017-01-26 13:02:35 +01:00
parent 648c2d26e4 423c2fd771
commit b89a575039
71 changed files with 2479 additions and 821 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
website/public/API/editFriendship.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
session_start();
require_once ("../../queries/friendship.php");
if(empty($_POST["usr"]) OR empty($_POST["action"]) OR !in_array($_POST["action"], array("request", "accept", "delete"))) {
header('HTTP/1.1 500 Non enough arguments');
}
$friendship_status = getFriendshipStatus($_POST["usr"]);
if($_POST["action"] == "request" AND $friendship_status == 0) {
if (!requestFriendship($_POST["usr"])) {
header('HTTP/1.1 500 Query (request) failed');
}
} else if($_POST["action"] == "delete" AND in_array($friendship_status, array(1, 2, 3))) {
if (!removeFriendship($_POST["usr"])) {
header('HTTP/1.1 500 Query (delete) failed');
}
} else if ($_POST["action"] == "accept" AND $friendship_status == 3) {
if (!acceptFriendship($_POST["usr"])) {
header('HTTP/1.1 500 Query (accept) failed');
}
} else {
header('HTTP/1.1 500 Not the right friendship status');
}

31
website/public/API/edit_friendship.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
session_start();
require("../../queries/friendship.php");
require("../../queries/user.php");
if(empty($_POST["userID"]) OR empty($_POST["delete"]) AND empty($_POST["accept"]) AND empty($_POST["request"])) {
echo "Not enough arguments.";
return;
}
$friendship_status = getFriendshipStatus($_POST["userID"]);
echo "\nfriendshipstatus: $friendship_status";
echo "You: " . $_SESSION["userID"];
echo "other user: " . $_POST["userID"];
if(!empty($_POST["request"]) AND $friendship_status == 0) {
echo "request";
requestFriendship($_POST["userID"]);
} else if(!empty($_POST["delete"]) AND in_array($friendship_status, array(1, 2, 3))) {
echo "delete";
removeFriendship($_POST["userID"]);
} else if (!empty($_POST["accept"]) AND $friendship_status == 3) {
echo "accept";
acceptFriendship($_POST["userID"]);
}
$username = getUsername($_POST["userID"]);
header("Location: ../profile.php?username=$username");

24
website/public/API/getFriendshipStatus.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
# -2: Query failed.
# -1: user1 and 2 are the same user
# 0 : no record found
# 1 : confirmed
# 2 : user1 sent request (you)
# 3 : user2 sent request (other)
session_start();
require_once ("../../queries/friendship.php");
if(empty($_POST["usr"])) {
header('HTTP/1.1 500 Non enough arguments');
}
$friendship_status = getFriendshipStatus($_POST["usr"]);
if($friendship_status == -2) {
header('HTTP/1.1 500 Query failed');
}
echo $friendship_status;

8
website/public/API/loadChatNotifications.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
session_start();
require_once ("../../queries/connect.php");
require_once ("../../queries/private_message.php");
echo selectAllUnreadChat();

0
website/public/API/loadNotifications.php → website/public/API/loadFriendRequest.php
View File

16
website/public/API/loadFriends.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
session_start();
require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php");
require_once ("../../queries/friendship.php");
if (isset($_POST["limit"])) {
echo selectLimitedFriends($_SESSION["userID"], (int) test_input($_POST["limit"]));
} else if (isset($_GET["limit"])) {
echo selectLimitedFriends($_SESSION["userID"], (int) test_input($_GET["limit"]));
} else {
echo selectFriends($_SESSION["userID"]);
}

14
website/public/API/loadGroups.php Normal file
View File

@@ -0,0 +1,14 @@
<?php
session_start();
require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php");
require_once ("../../queries/group_member.php");
if (isset($_POST["limit"])) {
echo selectLimitedGroupsFromUser($_SESSION["userID"], (int) test_input($_POST["limit"]));
} else {
echo selectAllGroupsFromUser($_SESSION["userID"]);
}

3
website/public/API/loadMessages.php
View File

@@ -5,9 +5,12 @@ session_start();
require_once("../../queries/connect.php");
require_once("../../queries/private_message.php");
require_once("../../queries/checkInput.php");
require_once("../../queries/friendship.php");
if (isset($_POST["lastID"]) && $_POST["lastID"] != "") {
setLastVisited(test_input($_POST["destination"]));
echo getNewChatMessages(test_input($_POST["lastID"]), test_input($_POST["destination"]));
} else {
setLastVisited(test_input($_POST["destination"]));
echo getOldChatMessages(test_input($_POST["destination"]));
}

12
website/public/API/loadPost.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
require_once("../../queries/connect.php");
require_once("../../queries/post.php");
require_once("../../queries/checkInput.php");
require_once("../../queries/nicetime.php");
if(isset($_GET['postID'])) {
include("../../views/post-view.php");
} else {
echo "Failed to load";
}

102
website/public/bits/friend-item.php Normal file
View File

@@ -0,0 +1,102 @@
<?php
session_start();
include_once ("../../queries/friendship.php");
if (isset($_POST["limit"])) {
$limit = $_POST["limit"];
} else {
$limit = 5;
}
if (isset($_POST["action"])) {
$action = $_POST["action"];
} else {
$action = "profile.php";
}
if (isset($_POST["actionType"])) {
$actionType = $_POST["actionType"];
} else {
$actionType = "GET";
}
$friends = json_decode($_POST["friends"]);
foreach($friends as $i => $friend) {
$friendshipStatus = getFriendshipStatus($friend->userID);
if ($limit != 0 && $i >= $limit)
$extra = "extra-friend-item";
else
$extra = "";
?>
<li class='friend-item <?= $extra ?>'>
<form action='<?= $action ?>' method='<?= $actionType ?>'>
<button type='submit'
name='username'
value='<?php
if (isset($friend->username)) {
echo $friend->username;
} else if (isset($friend->content)) {
echo $friend->userID;
}
?>'>
<div class='friend'>
<img alt='PF' class='profile-picture' src='<?= $friend->profilepicture ?>'/>
<div class='friend-name'>
<?= $friend->fullname ?><br/>
<span style='color: #666'><?php
if (isset($friend->username)) {
echo $friend->username;
} else if (isset($friend->content)) {
echo $friend->content;
}
?></span>
</div>
</div>
</button>
</form>
<?php
if ($friendshipStatus > 1) {
?>
<div class='notification-options'>
<input type='hidden' name='userID' value='' />
<button name='delete'
onclick="editFriendship('<?= $friend->userID ?>', 'delete')"
class='deny-notification'
value='1'>
<i class='fa fa-times'></i>
</button>
<?php
if ($friendshipStatus == 3) {
?>
<button name='accept'
onclick="editFriendship('<?= $friend->userID ?>', 'accept')"
class='accept-notification'
value='1'>
<i class='fa fa-check'></i>
</button>
<?php
}
?>
</div>
<?php
}
?>
</li>
<?php
}
if (sizeof($friends) > $limit) {
?>
<li class='more-item'>
Meer vrienden...
</li>
<?php
}
?>

38
website/public/bits/group-item.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
session_start();
include_once ("../../queries/group_member.php");
$groups = json_decode($_POST["groups"]);
foreach($groups as $i => $group) {
?>
<li class='group-item'>
<form action='group.php' method='get'>
<button type='submit'
name='groupname'
value='<?= $group->name ?>'>
<div class='group'>
<img alt='PF' class='group-picture' src='<?= $group->picture ?>'/>
<?= $group->name ?>
</div>
</button>
</form>
</li>
<?php
}
?>
<li>
<form action="search.php" method="get">
<input type="hidden"
name="search"
value="" />
<input type="hidden"
name="filter"
value="groups" />
<button type="submit">
Alle groepen...
</button>
</form>
</li>

49
website/public/emailconfirm.php Normal file
View File

@@ -0,0 +1,49 @@
<?php
include_once("../queries/connect.php");
include_once("../views/messagepage.php");
if (array_key_exists("u", $_GET) and array_key_exists("h", $_GET)) {
$checkHash = $GLOBALS["db"]->prepare("
SELECT
`email`,
`role`
FROM
`user`
WHERE
`userID` = :userID
");
$checkHash->bindParam(":userID", $_GET["u"]);
$checkHash->execute();
$result = $checkHash->fetch();
$email = $result["email"];
$role = $result["role"];
if ($role == "unconfirmed") {
doActivate($email);
} else {
messagePage("Ongeldige link.");
}
} else {
messagePage("Ongeldige link.");
}
function doActivate(string $email) {
if (password_verify($email, $_GET["h"])) {
$confirmUser = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`role` = :role
WHERE
`userID` = :userID
");
$confirmUser->bindValue(":role", "user");
$confirmUser->bindParam(":userID", $_GET["u"]);
$confirmUser->execute();
if ($confirmUser->rowCount()) {
messagePage("Email bevestigd <br />
<a href='index.php'>Klik hier om terug te gaan naar de login pagina.</a>");
}
} else {
messagePage("Ongeldige link.");
}
}

BIN
website/public/img/avatar-standard.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 98 KiB

BIN
website/public/img/notbad.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 24 KiB

14
website/public/index.php
View File

@@ -1,5 +1,9 @@
<html>
<head>
<meta http-equiv="refresh" content="0; url=login.php" />
</head>
</html>
<?php
session_start();
if (isset($_SESSION["userID"])) {
header("Location: profile.php");
} else {
header("Location: login.php");
}

2
website/public/js/admin.js
View File

@@ -28,7 +28,7 @@ function checkCheckAll(allbox) {
}
function changeFilter() {
if (document.getElementById('group').checked) {
if ($('#pagetype').find(":selected").val() == "group") {
document.getElementById('admin-filter').style.display = 'none';
document.getElementById('admin-groupfilter').style.display = 'inline-block';

4
website/public/js/chat.js
View File

@@ -53,8 +53,8 @@ function switchUser(userID) {
$(".destinationID").val(userID);
$("#chat-history").html("");
$("#lastID").val("");
$(".chat-left .friend-item").removeClass("active-friend-chat");
$(".chat-left #friend-item-" + userID).addClass("active-friend-chat");
$("#chat-recent-panel .friend-item").removeClass("active-friend-chat");
$("#friend-item-" + userID).addClass("active-friend-chat");
}
function sayEmpty() {

24
website/public/js/friendButtons.js Normal file
View File

@@ -0,0 +1,24 @@
function placeFriendButtons() {
$.post("API/getFriendshipStatus.php", { usr: userID })
.done(function(data) {
friendshipStatus = data;
$buttonContainer = $("div.friend-button-container");
$buttonContainer.children().remove();
if (friendshipStatus == -1) {
return;
} else if(friendshipStatus == 0) {
$buttonContainer.append($("<button class=\"green friend-button\" value=\"request\"><i class=\"fa fa-handshake-o\"></i> Bevriend</button>"));
} else if(friendshipStatus == 1) {
$buttonContainer.append($("<button class=\"red friend-button\" value=\"delete\"><i class=\"fa fa-times\"></i> Verwijder</button>"));
} else if(friendshipStatus == 2) {
$buttonContainer.append($("<button class=\"red friend-button\" value=\"delete\"><i class=\"fa fa-times\"></i> Trek verzoek in</button>"));
} else if(friendshipStatus == 3) {
$buttonContainer.append($("<button class=\"red friend-button\" value=\"delete\"><i class=\"fa fa-times\"></i> Weiger</button>"));
$buttonContainer.append($("<button class=\"green friend-button\" value=\"accept\"><i class=\"fa fa-check\"></i> Accepteer</button>"));
}
$buttonContainer.children().click(function() {
editFriendship(userID, this.value);
});
});
}

12
website/public/js/header.js
View File

@@ -1,26 +1,18 @@
$(document).ready(function() {
// Hide notification center.
$("#profile-menu-popup").hide();
// $("#own-profile-picture").click(function() {
// $("#profile-menu-popup").toggle();
// $("#profile-hello-popup").toggle();
// });
$("#own-profile-picture").click(function() {
if($("#notification-center").css('right') == "-256px") {
$(".content").animate({
marginRight: "256px"
}, 500);
$(".chat-right").animate({
width: "100%"
width: $(".chat-right").width() - 266
}, 500);
$("#notification-center").animate({
right: "0px"
}, 500);
} else {
$(".chat-right").animate({
width: "100%"
width: $(".chat-right").width() + 266
}, 500);
$(".content").animate({
marginRight: "0px"

45
website/public/js/main.js Normal file
View File

@@ -0,0 +1,45 @@
function editFriendship(userID, value) {
$.post("API/editFriendship.php", { usr: userID, action: value })
.done(function() {
placeFriendButtons();
});
}
function showFriends(friends, list) {
if(friends && friends != "[]") {
$(list).load("bits/friend-item.php", {
"friends": friends
});
return true;
} else {
return false;
}
}
function showFriendsPlus(friends, list, limit, action, actionType) {
if(friends && friends != "[]") {
$(list).load("bits/friend-item.php", {
"friends": friends,
"limit": limit,
"action": action,
"actionType": actionType
});
return true;
} else {
return false;
}
}
function showGroups(groups, list) {
if(groups && groups != "[]") {
$(list).load("bits/group-item.php", {
"groups": groups
});
return true;
} else {
return false;
}
}

33
website/public/js/masonry.js
View File

@@ -1,5 +1,30 @@
margin = 20;
// scrolling modal taken from http://stackoverflow.com/questions/10476632/how-to-scroll-the-page-when-a-modal-dialog-is-longer-than-the-screen
function scrollbarMargin(width, overflow) {
$('body').css({
marginRight: width,
overflow: overflow
});
$('.profile-menu').css({
marginRight: width
});
}
function requestPost(post) {
$(".modal").show();
$.get(
"API/loadPost.php",
$(post).children("form").serialize()
).done(function (data) {
$('.modal-default').hide();
var scrollBarWidth = window.innerWidth - document.body.offsetWidth;
scrollbarMargin(scrollBarWidth, 'hidden');
$('#modal-response').show();
$('#modal-response').html(data);
});
}
$(window).on("load", function() {
console.log("LOADED");
container = $("div.posts");
@@ -69,8 +94,14 @@ function mansonry() {
column = $('<div class="column"></div>').append(columns[i][1]);
console.log(column);
container.append(column);
}
$("div.posts div.column").width(100/columnCount + "%");
$(".modal-close").click(function () {
$(".modal").hide();
scrollbarMargin(0, 'auto');
$('#modal-response').hide();
$('.modal-default').show();
});
}

135
website/public/js/menu.js
View File

@@ -1,39 +1,108 @@
$(document).ready(function() {
$(".extra-menu-items").hide();
$("#menu-back").hide();
// Show more friends/users
// Show more friends
$("#more-friends-click").click(function() {
// Show only friends
$("#groups-menu-section").slideUp();
$("#friends-menu-section li").show();
// $("#more-friends-click").click(function() {
// // Show only friends
// $("#groups-menu-section").slideUp();
// $("#friends-menu-section li").show();
//
// // Change buttons
// $("#more-friends-click").hide();
// $("#menu-back").show();
// });
//
// // Show more groups
// $("#more-groups-click").click(function() {
// // Show only groups
// $("#friends-menu-section").slideUp();
// $("#groups-menu-section li").show();
//
// // Change buttons
// $("#more-groups-click").hide();
// $("#menu-back").show();
// });
// Change buttons
$("#more-friends-click").hide();
$("#menu-back").show();
});
// // Go back
// $("#menu-back").click(function() {
// // Show overview of friends and groups
// $("#friends-menu-section").slideDown();
// $("#groups-menu-section").slideDown();
// $(".extra-menu-items").hide();
//
// // Change buttons
// $("#menu-back").hide();
// $("#more-groups-click").show();
// $("#more-friends-click").show();
// });
// Show more groups
$("#more-groups-click").click(function() {
// Show only groups
$("#friends-menu-section").slideUp();
$("#groups-menu-section li").show();
// Change buttons
$("#more-groups-click").hide();
$("#menu-back").show();
});
// Go back
$("#menu-back").click(function() {
// Show overview of friends and groups
$("#friends-menu-section").slideDown();
$("#groups-menu-section").slideDown();
$(".extra-menu-items").hide();
// Change buttons
$("#menu-back").hide();
$("#more-groups-click").show();
$("#more-friends-click").show();
});
loadMenuFriends(5);
loadNotificationFriends();
loadUnreadMessages();
loadMenuGroups();
});
function loadMenuFriends(limit) {
$.post(
"API/loadFriends.php",
{
limit: 5
}
).done(function(data) {
if (showFriends(data, "#menu-friends-list", 5, "profile.php", "GET", limit)) {
$("#friends-menu-section").show();
} else {
$("#friends-menu-section").hide();
}
});
setTimeout(loadMenuFriends, 3000, limit);
}
function loadMenuGroups() {
$.post(
"API/loadGroups.php",
{
limit: 5
}
).done(function(data) {
if (showGroups(data, "#menu-groups-list")) {
$("#groups-menu-section").show();
} else {
$("#groups-menu-section").hide();
}
});
setTimeout(loadMenuGroups, 3000);
}
function loadNotificationFriends() {
$.post(
"API/loadFriendRequest.php"
).done(function(data) {
if (showFriendsPlus(data, "#friend-requests-list", 5, "profile.php", "GET")) {
$("#friend-request-section").show();
} else {
$("#friend-request-section").hide();
}
});
setTimeout(loadNotificationFriends, 3000);
}
function loadUnreadMessages() {
$.post(
"API/loadChatNotifications.php"
).done(function(data) {
if (showFriendsPlus(data, "#unread-chat-list", 5, "chat.php", "GET")) {
console.log(data);
$("#unread-messages-section").show();
} else {
$("#unread-messages-section").hide();
}
});
setTimeout(loadUnreadMessages, 3000);
}

71
website/public/js/notifications.js
View File

@@ -1,34 +1,43 @@
function showNotifications(notifications, id) {
$("#friendrequestslist").html("");
for (i in notifications) {
$("#friendrequestslist").append(" \
<li class='friend-item $extraItem'> \
<form action='profile.php' method='get'> \
<button type='submit' \
name='username' \
value='"+ notifications[i].username +"'> \
<div class='friend'> \
<img alt='PF' class='profile-picture' src='"+ notifications[i].profilepicture +"'/> \
"+ notifications[i].username +" \
</div> \
</button> \
</form> \
</li> \
");
}
}
// function showChatNotifications(notifications) {
// $("#unreadChatlist").html("");
// for (i in notifications) {
// $("#unreadChatlist").append(" \
// <li class='friend-item'> \
// <form action='chat.php' method='get'> \
// <button type='submit' \
// name='chatID' \
// value='"+ notifications[i].userID +"'> \
// <div class='friend'> \
// <img alt='PF' class='profile-picture' src='"+ notifications[i].profilepicture +"'/> \
// <div class='friend-name'> \
// "+ notifications[i].name +"<br/> \
// <span style='color: #666'>"+ notifications[i].content +"</span> \
// </div> \
// </div> \
// </button> \
// </form> \
// </li> \
// ");
// }
// }
//
// function loadNotifications() {
// $.post(
// "API/loadChatNotifications.php"
// ).done(function(data) {
// if (data && data != "[]") {
// $("#unread-messages-section").show();
// showChatNotifications(JSON.parse(data));
// } else {
// $("#unread-messages-section").hide();
// }
// });
//
// setTimeout(loadNotifications, 10000);
// }
// $(document).ready(function() {
// loadNotifications();
// });
function loadNotifications() {
$.post(
"API/loadNotifications.php"
).done(function(data) {
if (data && data != "[]") {
showNotifications(JSON.parse(data), "friendrequestslist");
}
});
setTimeout(loadNotifications, 10000);
}
loadNotifications();

8
website/public/js/profile.js Normal file
View File

@@ -0,0 +1,8 @@
function loadPost(postID) {
$.get(
"API/loadPost.php",
$(postID).serialize()
).done(function (data) {
$('#modal-response').innerHTML= JSON.parse(data);
});
}

9
website/public/js/registerAndLogin.js
View File

@@ -4,5 +4,12 @@ function checkLoggedIn() {
} else {
window.location.href = "profile.php";
}
document.getElementById("demo").innerHTML = x;
}
function bannedAlert(){
alert("Your account is banned");
}
function emailNotConfirmed(){
alert("Your account has not been verified yet!\nAnother email has been sent to you")
}

56
website/public/login.php
View File

@@ -5,6 +5,9 @@
require_once("../queries/connect.php");
include_once("../queries/login.php");
include_once("../queries/checkInput.php");
include_once("../queries/emailconfirm.php");
include_once("../queries/requestpassword.php");
include_once("../queries/register.php");
?>
<body>
<?php
@@ -18,32 +21,43 @@
// Define variables and set to empty values
$uname = $psw ="";
$loginErr ="";
$loginErr = $resetErr ="";
// Trying to login
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Empty username or password field
if (empty($_POST["uname"]) || empty($_POST["psw"])) {
$loginErr = "Gebruikersnaam of wachtwoord is niet ingevuld";
}
else {
$uname = strtolower(test_input($_POST["uname"]));
$psw = test_input($_POST["psw"]);
$hash = getUser()["password"];
$userid = getUser()["userID"];
// If there's an account, go to the profile page
if(password_verify($psw, $hash)) {
$_SESSION["userID"] = $userid;
header("location: profile.php");
} else {
$loginErr = "Inloggegevens zijn niet correct";
}
switch ($_POST["submit"]) {
case "login":
try {
$uname = ($_POST["uname"]);
validateLogin($_POST["uname"], $_POST["psw"]);
} catch(loginException $e) {
$loginErr = $e->getMessage();
}
break;
case "reset":
try {
resetEmail($_POST["forgotEmail"]);
sendPasswordRecovery($_POST["forgotEmail"]);
} catch (emailException $e){
$resetErr = $e->getMessage();
echo "<script>
window.onload = function() {
$('#myModal').show();
}
</script>";
}
break;
}
}
// // Trying to login
// if ($_SERVER["REQUEST_METHOD"] == "POST") {
// try{
// $uname = ($_POST["uname"]);
// validateLogin($_POST["uname"], $_POST["psw"]);
// } catch(loginException $e) {
// $loginErr = $e->getMessage();
// }
// }
/* This view adds login view */
include("../views/login-view.php");

17
website/public/logout.php
View File

@@ -1,15 +1,4 @@
<!DOCTYPE html>
<html>
<?php
include("../views/login_head.php");
require_once("../queries/connect.php");
include_once("../queries/login.php");
?>
<body>
<?php
session_start();
unset($_SESSION["userID"]);
header("Location: login.php");
?>
</body>
</html>
session_start();
session_destroy();
header("Location: login.php");

22
website/public/profile.php
View File

@@ -2,9 +2,11 @@
<html>
<head>
<?php include("../views/head.php"); ?>
<script src="/js/masonry.js"></script>
<script src="js/masonry.js"></script>
<!-- <script src="js/profile.js"></script>-->
<style>
@import url("styles/profile.css");
@import url("styles/post-popup.css");
</style>
</head>
<body>
@@ -12,6 +14,7 @@
include("../queries/user.php");
include("../queries/friendship.php");
include("../queries/nicetime.php");
include("../queries/post.php");
if(empty($_GET["username"])) {
$userID = $_SESSION["userID"];
@@ -19,11 +22,18 @@ if(empty($_GET["username"])) {
$userID = getUserID($_GET["username"]);
}
$user = selectUser($userID);
$user = selectUser($_SESSION["userID"], $userID);
$profile_friends = selectAllFriends($userID);
$profile_groups = selectAllUserGroups($userID);
$posts = selectAllUserPosts($userID);
if ($userID == $_SESSION["userID"]) {
$friendship_status = -1;
} else {
$friendship_status = $user["friend_status"];
}
/*
* This view adds the main layout over the screen.
* Header, menu, footer.
@@ -36,5 +46,13 @@ include("../views/profile.php");
/* This adds the footer. */
include("../views/footer.php");
?>
<script src="js/friendButtons.js"></script>
<script>
$(document).ready(function() {
userID = <?= $userID ?>;
placeFriendButtons();
});
</script>
</body>
</html>

95
website/public/register.php
View File

@@ -5,38 +5,97 @@
require_once("../queries/connect.php");
include_once("../queries/register.php");
include_once("../queries/checkInput.php");
include_once("../queries/emailconfirm.php");
?>
<body>
<?php
session_start();
if(isset($_SESSION["userID"])){
header("location: profile.php");
header("location: login.php");
}
// define variables and set to empty values
$name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = "";
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = "";
$name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $captcha = $ip = "";
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $captchaErr = "";
$correct = true;
// Trying to register an account
if ($_SERVER["REQUEST_METHOD"] == "POST") {
checkInputChoice("name", "lettersAndSpace");
checkInputChoice("surname", "lettersAndSpace");
if (empty($_POST["bday"])) {
$bdayErr = "Geboortedatum is verplicht!";
try {
$name = test_input(($_POST["name"]));
checkInputChoice($name, "lettersAndSpaces");
} catch(lettersAndSpacesException $e){
$correct = false;
} else {
$bday = test_input($_POST["bday"]);
$nameErr = $e->getMessage();
}
checkInputChoice("username", "username");
checkInputChoice("password", "longerEight");
checkInputChoice("confirmpassword", "");
matchPassword();
checkInputChoice("location", "lettersAndSpace");
checkInputChoice("email", "email");
registerCheck();
try {
$surname = test_input(($_POST["surname"]));
checkInputChoice($surname, "lettersAndSpaces");
}
catch(lettersAndSpacesException $e){
$correct = false;
$surnameErr = $e->getMessage();
}
try{
$bday = test_input(($_POST["bday"]));
checkInputChoice($bday, "bday");
} catch(bdayException $e){
$correct = false;
$bdayErr = $e->getMessage();
}
try{
$username = str_replace(' ', '', test_input(($_POST["username"])));
checkInputChoice($username, "username");
} catch(usernameException $e){
$correct = false;
$usernameErr = $e->getMessage();
}
try{
$password = str_replace(' ', '', test_input(($_POST["password"])));
checkInputChoice($password, "longerEight");
matchPassword();
} catch(passwordException $e){
$correct = false;
$passwordErr = $e->getMessage();
} catch(confirmPasswordException $e){
$correct = false;
$confirmPasswordErr = $e->getMessage();
}
try{
$location = test_input(($_POST["location"]));
checkInputChoice($location, "lettersAndSpaces");
} catch(lettersAndSpacesException $e){
$correct = false;
$locationErr = $e->getMessage();
}
try{
$email = test_input(($_POST["email"]));
checkInputChoice($email, "email");
} catch(emailException $e){
$correct = false;
$emailErr = $e->getMessage();
}
try{
$captcha = $_POST['g-recaptcha-response'];
checkCaptcha($captcha);
} catch(captchaException $e){
$correct = false;
$captchaErr = $e->getMessage();
}
try {
getIp();
registerCheck($correct);
sendConfirmEmailUsername($username);
} catch(registerException $e){
$genericErr = $e->getMessage();
}
}
/* This view adds register view */
include("../views/register-view.php");

57
website/public/resetpassword.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
include_once("../queries/connect.php");
include_once("../views/messagepage.php");
include_once("../views/resetpassword.php");
if ($_SERVER["REQUEST_METHOD"] == "GET") {
if (array_key_exists("u", $_GET) and array_key_exists("h", $_GET)) {
if (verifyLink($_GET["u"], $_GET["h"])) {
messagePage(passwordResetFields());
} else {
messagePage("Wachtwoorden komen niet overeen.");
}
} else {
messagePage("Ongeldige links");
}
} elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
if (verifyLink($_POST["u"], $_POST["h"])) {
if ($_POST["password"] == $_POST["password-confirm"]) {
changePassword();
messagePage("Wachtwoord gewijzigd");
} else {
messagePage("Ongeldige link");
}
}
} else {
messagePage("Ongeldige link");
}
function changePassword() {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`password` = :password
WHERE
`userID` = :userID
");
$stmt->bindValue(":password", password_hash($_POST["password"], PASSWORD_DEFAULT));
$stmt->bindParam(":userID", $_POST["u"]);
$stmt->execute();
}
function verifyLink(int $userID, string $hash) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`password`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $userID);
$stmt->execute();
$password = $stmt->fetch()["password"];
return password_verify($password, $hash);
}

42
website/public/settings.php
View File

@@ -2,7 +2,7 @@
<html>
<head>
<?php
include("../views/head.php");
include_once("../views/head.php");
include_once("../queries/connect.php");
include_once("../queries/settings.php");
?>
@@ -12,27 +12,31 @@
</head>
<body>
<?php
include("../views/main.php");
$notImplemented = new settingsMessage("angry", "Deze functie werkt nog niet :(");
$alertClass;
$alertMessage;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
switch ($_POST["form"]) {
case "profile":
$result = updateSettings();
break;
case "password":
$result = changePassword();
break;
case "email":
$result = changeEmail();
break;
case "picture":
updateProfilePicture();
$result = new settingsMessage("happy", "Deze melding doet nog niks nuttigs.");
break;
try {
switch ($_POST["form"]) {
case "profile":
updateSettings();
break;
case "password":
changePassword();
break;
case "email":
changeEmail();
break;
case "picture":
updateAvatar();
break;
}
} catch (AlertMessage $w) {
$alertClass = $w->getClass();
$alertMessage = $w->getMessage();
}
}
include("../views/main.php");
include("../views/settings-view.php");

66
website/public/styles/adminpanel.css
View File

@@ -1,71 +1,33 @@
.admin-panel {
margin: auto;
min-width: 800px;
}
.admin-title {
margin: 10px;
padding-bottom: 5px;
border-bottom: 4px solid #FBC02D;
}
.admin-panel input[type="radio"], input[type="checkbox"] {
vertical-align: middle;
height: auto;
}
.admin-batchactions, .admin-groupbatchactions {
display: inline-block;
padding: 8px;
vertical-align: top;
border-radius: 10px;
border: 4px solid #FBC02D;
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
margin: 2px;
}
.admin-searchform {
display: inline-block;
width: 100%;
}
.admin-searchbar {
display: inline-block;
margin: 10px;
vertical-align: top;
}
.admin-searchinput {
margin-bottom: 10px;
}
.admin-filter, .admin-filtertype, .admin-groupfilter {
display: inline-block;
margin: 10px;
vertical-align: top;
margin-right: 50px;
margin-left: 50px;
}
.admin-filter, .admin-groupfilter {
width: 120px;
}
.admin-users {
margin: 10px;
}
.admin-userheading {
width: auto;
float: left;
}
.admin-pageui {
text-align: right;
float: right;
width: auto;
margin-bottom: 20px;
}
.usertitle {
width: 150px;
.admin-pageui {
display: inline-block;
width: 100%;
}
.admin-pageselector {
display: inline-block;
}
.admin-users {
margin-top: 50px;
}
.usertable {

54
website/public/styles/chat.css
View File

@@ -1,39 +1,52 @@
/* Overall chat-screen */
.chat {
position: fixed;
top: 80px;
left: 256px;
padding: 15px 0;
width: calc(100% - 256px);
height: calc(100% - 120px);
display: inline-flex;
padding: 20px 0;
display: inline-block;
}
.chat-left {
#chat-recent-panel {
width: 256px;
height: calc(100% - 100px);
margin: 0 10px;
overflow-y: auto;
}
.chat-right {
width: calc(100% - 256px - 40px);
height: calc(100% - 80px);
margin-right: 10px;
display: inline-block;
overflow-y: auto;
}
/* Chat history. */
.chat-history {
#chat-history {
overflow-y: auto;
height: 100%;
overflow-x: hidden;
width: calc(100% - 256px - 75px);
height: calc(100% - 80px);
padding: 10px;
display: inline-block;
word-wrap: break-word;
}
/* Chat-message takes the whole width of the chat area */
.chat-message {
width: 100%;
min-height: 40px;
padding-top: 10px;
padding: 10px 0;
clear: both;
}
.chat-message::after {
content: '';
display: table;
clear: both;
}
@@ -46,20 +59,21 @@
.chat-message-self {
float: right;
margin-right: 10px;
background-color: darkgreen;
color: white;
background-color: #FBC02D;
color: #333;
}
.chat-message-other {
float: left;
margin-left: 10px;
background-color: aquamarine;
background-color: #4CAF50;
color: white;
}
/* Chat reply field */
.chat-field {
width: 100%;
width: calc(100% - 10px);
display: table;
}
@@ -77,7 +91,6 @@
width: 100%;
border: none;
border-radius: 10px 0 0 10px;
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
}
.chat-field input[type="submit"] {
@@ -87,10 +100,9 @@
color: white;
padding: 5px 10px;
border-radius: 0 10px 10px 0;
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
}
.active-friend-chat {
background: aquamarine;
color: #333;
background: #4CAF50;
color: white;
}

3
website/public/styles/footer.css
View File

@@ -1,6 +1,5 @@
footer {
width: calc(100% - 256px);
margin-left: 256px;
width: 100%;
background-color: rgba(0,0,0,0.4);
}

4
website/public/styles/header.css
View File

@@ -7,7 +7,9 @@ header {
height: 80px;
width: 100%;
color: white;
color: #FFF;
font-weight: bold;
letter-spacing: 1px;
background-color: #FBC02D;
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
}

177
website/public/styles/index.css
View File

@@ -1,20 +1,19 @@
a.button {
background-color: #C8CABD;
border-radius: 10px;
border-radius: 5px;
color: black;
cursor: pointer;
height: 50%;
margin: 8px 0;
padding: 14px 20px;
width: 25%;
padding: 8px 20px;
font-family: Arial;
font-size: 16px;
font-size: 22px;
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
}
/* Body */
body {
height: 100%;
background-color: #C8CABD;
background-color: #FBC02D;
/*background-image: url(http://play.pokemonshowdown.com/fx/client-bg-shaymin.jpg);
background-size: cover;
background-attachment: fixed;*/
@@ -24,34 +23,18 @@ body {
font-family: Arial, sans-serif;
}
/* The Close Button */
.close {
/* Position it in the top right corner outside of the modal */
color: white;
font-size: 100px;
font-weight: bold;
position: absolute;
right: 25px;
top: 0;
}
/* Close button on hover */
.close:hover,
.close:focus {
color: red;
cursor: pointer;
}
/* inlogform */
form {
/*background-color: #a87a87;*/
border-radius: 12px;
height: 70%;
height: 85%;
margin: auto;
width: 70%;
width: 80%;
overflow-y:auto;
}
/* inlog titel */
h1 {
padding: 8px;
@@ -66,30 +49,39 @@ h2 {
font-size: 2.0em;
}
h3 {
padding: 16px;
text-align: center;
font-size: 1.5em;
}
input[type=text], input[type=password], input[type=email], input[type="date"] {
box-sizing: border-box;
border-color: #C8CABD;
display: inline-block;
height: 60%;
font-size: 16px;
padding: 8px 20px;
margin: 4px 0;
width: 70%;
width: 55%;
}
/*
input[type=text], input[type=password], input[type=email], input[type="date"] {
border: 0px;
border-bottom: 4px solid lightgray;
border-radius: 0px;
}*/
button[type=submit] {
.center{
text-align: center;
}
button {
background-color: #C8CABD;
color: black ;
border-radius: 5px;
color: black;
cursor: pointer;
height: 50%;
padding: 8px 20px;
margin: 10px;
font-family: Arial;
font-size: 16px;
width: 50%;
font-size: 22px;
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
}
.error {
@@ -102,31 +94,6 @@ label {
display: block;
}
.left-arrow {
display: inline-block;
position: relative;
background-color: #C8CABD;
height: 30px;
width: 90px;
padding: 3px 3px 3px 0px;
text-align: center;
border-radius: 0px 10px 10px 0px;
font-size: 24px;
}
.left-arrow:after {
content: '';
display: block;
position: absolute;
right: 100%;
top: 0;
bottom: 0;
border-top: 15px solid transparent;
border-right: 20px solid #C8CABD;
border-bottom: 15px solid transparent;
border-left: 0px solid transparent;
}
/* padding voor registreer container */
.login_containerregister {
padding: 16px;
@@ -135,7 +102,7 @@ label {
/* padding voor login_containers */
.login_containerlogin {
padding:25px;
padding:16px;
text-align: center;
}
@@ -159,24 +126,84 @@ label {
background-repeat: repeat-x;
background-attachment: fixed;*/
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
height: 500px;
height: 400px;
margin: 34px auto;
overflow-y: auto;
padding: 20px;
width: 50%;
}
/*.platform {
width: 40%;
margin: 34px auto;
}*/
@-webkit-keyframes animatezoom {
from {-webkit-transform: scale(0)}
to {-webkit-transform: scale(1)}
width: 45%;
}
ul {
font-family: Arial;
font-size: 16px;
}
/* The Modal (background) */
.modal {
display: none; /* Hidden by default */
position: fixed; /* Stay in place */
z-index: 1; /* Sit on top */
padding-top: 100px; /* Location of the box */
left: 0;
top: 0;
width: 100%; /* Full width */
height: 100%; /* Full height */
overflow: auto; /* Enable scroll if needed */
background-color: rgb(0,0,0); /* Fallback color */
background-color: rgba(0,0,0,0.4); /* Black w/ opacity */
}
/* Modal Content */
.modal-content {
position: relative;
background-color: #FFFFFF;
margin: auto;
padding: 0;
border: 1px solid #888;
width: 500px;
box-shadow: 0 4px 8px 0 rgba(0,0,0,0.2),0 6px 20px 0 rgba(0,0,0,0.19);
-webkit-animation-name: animatetop;
-webkit-animation-duration: 0.4s;
animation-name: animatetop;
animation-duration: 0.4s
}
/* Add Animation */
@-webkit-keyframes animatetop {
from {top:-300px; opacity:0}
to {top:0; opacity:1}
}
@keyframes animatetop {
from {top:-300px; opacity:0}
to {top:0; opacity:1}
}
/* The Close Button */
.close {
color: white;
float: right;
font-size: 28px;
font-weight: bold;
}
.close:hover,
.close:focus {
color: #000;
text-decoration: none;
cursor: pointer;
}
.modal-header {
padding: 2px 16px;
background-color: #FBC02D;
color: black;
}
.modal-body {padding: 2px 16px;}
.modal-footer {
padding: 2px 16px;
background-color: #FBC02D;
color: black;
}

30
website/public/styles/main.css
View File

@@ -166,6 +166,7 @@ textarea {
textarea:hover, input:hover, select:hover {
border-radius: 10px;
box-shadow: 0 1px 1px rgba(0,0,0,0.12);
}
textarea:focus, input:focus, select:focus {
@@ -174,6 +175,15 @@ textarea:focus, input:focus, select:focus {
}
/* All buttons */
button.red {
background-color: firebrick;
}
button.green {
background-color: forestgreen;
}
button,
input[type="submit"],
input[type="reset"] {
@@ -241,3 +251,23 @@ div[data-title]:hover:after {
line-height: normal;
font-family: Arial, sans-serif;
}
.friend {
}
.friend-item, .group-item {
cursor: pointer;
transition-duration: 250ms;
}
.friend-item:hover, .group-item:hover {
background: #FBC02D;
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
}
.friend-name {
display: inline-block;
vertical-align: middle;
}

56
website/public/styles/menu.css
View File

@@ -6,15 +6,15 @@
left: 0;
top: 80px;
height: calc(100% - 80px);
width: 256px;
width: 236px;
background-color: #EEE;
/*box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);*/
padding: 20px 10px;
}
.menu section {
margin: 0 5px 10px 5px;
background-color: white;
margin-bottom: 10px;
border-radius: 5px;
background-color: #FFFFFF;
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
}
@@ -24,6 +24,7 @@
.nav-list li {
padding: 5px 20px;
border-radius: 4px;
}
.more-item {
@@ -33,16 +34,6 @@
cursor: pointer;
}
.friend-item, .group-item {
cursor: pointer;
transition-duration: 250ms;
}
.friend-item:hover, .group-item:hover {
background: #FBC02D;
color: white;
}
.menu button {
background: none;
color: inherit;
@@ -54,7 +45,7 @@
#notification-center {
left: auto;
width: 256px;
width: 236px;
right: -256px;
}
@@ -67,4 +58,37 @@
color: #4CAF50;
font-size: 42px;
padding: 7px;
transition-duration: 250ms;
}
#quick-links i:hover {
color: #FBC02D;
}
.notification-options {
display: none;
width: 100%;
}
.notification-options form {
width: 100%;
text-align: center;
}
.notification-options button {
display: inline-block;
padding: 5px 20px;
width: auto;
}
.accept-notification:hover {
color: #4CAF50;
}
.deny-notification:hover {
color: firebrick;
}
.friend-item:hover .notification-options {
display: inline-block;
}

72
website/public/styles/post-popup.css Normal file
View File

@@ -0,0 +1,72 @@
/* modal based on: http://www.w3schools.com/howto/howto_css_modals.asp */
.modal {
display: none;
position: fixed;
top: 80px;
left: 256px;
width: calc(100% - 256px); /* Full width */
height: calc(100% - 80px); /* Full height */
background-color: rgb(0,0,0); /* Fallback color */
background-color: rgba(0,0,0,0.4); /* Black w/ opacity */
overflow-y: auto;
}
/* Modal Content/Box */
.modal-content {
margin: 5% auto;
width: 70%; /* Could be more or less, depending on screen size */
overflow-y: auto;
}
.modal-close {
color: #aaa;
float: right;
font-size: 28px;
font-weight: bold;
margin: auto;
}
.modal-close:hover,
.modal-close:focus {
color: black;
text-decoration: none;
cursor: pointer;
}
.modal-content img {
max-height: 100%;
max-width: 100%;
}
.post-header h4 {
font-size: 20pt;
}
.post-content {
margin: 30px auto;
width: 90%;
}
.commentfield {
margin-bottom: 20px;
}
.commentfield textarea {
width: 100%;
}
.comment {
padding-top: 10px;
padding-bottom: 10px;
border-top: 1px solid #4CAF50;
}
.commentinfo {
font-size: 10pt;
}
.commentcontent {
margin: 5px auto;
width: 95%;
}

11
website/public/styles/profile.css
View File

@@ -33,9 +33,6 @@ div.posts div.post {
}
div.posts div.post:hover {
/*margin: 15px 0 0 -5px;*/
/*padding: 15px;*/
/*z-index: 20;*/
box-shadow: 0 10px 20px rgba(0,0,0,0.19), 0 6px 6px rgba(0,0,0,0.23);
}
@@ -81,16 +78,16 @@ div.posts .post form textarea.newpost {
font-size: 0.8em;
}
.profile-button {
button.friend-button {
float: right;
height: auto;
padding: 10px;
margin-left: 10px;
border-radius: 5px;
background-color: #4CAF50;
color: #FFFFFF;
transition-duration: 250ms;
cursor: pointer;
}
.profile-button:hover {
button.friend-button:hover {
box-shadow: 0 10px 20px rgba(0,0,0,0.19), 0 6px 6px rgba(0,0,0,0.23);
}

17
website/public/styles/resetpassword.css Normal file
View File

@@ -0,0 +1,17 @@
.password-change {
height: 100%;
background-color: #FBC02D;
margin: auto;
}
.top-logo {
text-align: center;
}
.item-box {
margin: 30px auto auto;
display: block;
}
.password-change img {
width: 50%;
}

12
website/public/styles/search.css
View File

@@ -14,4 +14,16 @@
.searchleft, .searchright {
display: inline-block;
vertical-align: top;
}
.user-pageselect, .searchleft h4, .group-pageselect, .searchright h4 {
display: inline-block;
}
.user-pageselect, .group-pageselect {
float: right;
}
li.search-item:hover{
background-color: #FBC02D;
}

219
website/queries/checkInput.php
View File

@@ -1,97 +1,151 @@
<?php
/**
* Function for checking inputfields
* @param variable $variable Give name of the inputfield.
* @param string $option Give the name of the option.
* @param String $variable Give name of the inputfield.
* @param String $option Give the name of the option.
* @return sets correct to false and gives value to error message if it doesn't pass the checks.
*/
function checkInputChoice($variable, $option){
if (empty($_POST[$variable])) {
$GLOBALS[$variable . "Err"] = "Verplicht!";
$GLOBALS["correct"] = false;
switch ($option) {
case "lettersAndSpaces";
checkName($variable);
break;
} else {
$GLOBALS[$variable] = test_input($_POST[$variable]);
switch ($option) {
case "lettersAndSpace":
checkonly($variable);
break;
case "bday";
validateBday($variable);
break;
case "username";
username($variable);
break;
case "username";
username($variable);
break;
case "longerEight";
longerEight($variable);
break;
case "longerEight";
longerEight($variable);
break;
case "email";
validateEmail($variable);
break;
case "email";
validateEmail($variable);
break;
default:
break;
default:
break;
}
}
}
/* Checks for only letters and spaces. */
function checkOnly($variable){
if (!preg_match("/^[a-zA-Z ]*$/",$GLOBALS[$variable])) {
$GLOBALS[$variable . "Err"] = "Alleen letters en spaties zijn toegestaan!";
$correct = false;
function checkName($variable){
if (empty($variable)) {
throw new lettersAndSpacesException("Verplicht!");
} else if (!preg_match("/^[a-zA-Z ]*$/", $variable)) {
throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
}
}
/* Checks for bday */
function validateBday($variable){
if (empty($variable)) {
throw new bdayException("Verplicht!");
} else {
if (!(validateDate($variable, "Y/m/d"))) {
throw new bdayException("Geen geldige datum");
} else {
$dateNow = date("Y/m/d");
if ($dateNow < $variable) {
throw new bdayException("Geen geldige datum");
}
}
}
}
// Checks for date
function validateDate($date, $format)
{
$d = DateTime::createFromFormat($format, $date);
return $d && $d->format($format) == $date;
}
/* checks if username exist and if its longer than 6 characters. */
function username($variable){
if (strlen($GLOBALS[$variable]) < 6) {
$GLOBALS[$variable . "Err"] = "Gebruikersnaam moet minstens 6 karakters bevatten";
$correct = false;
if (empty($variable)) {
throw new usernameException("Verplicht!");
} else if (strlen($variable) < 6) {
throw new usernameException("Moet minstens 6 karakters bevatten");
} else if (getExistingUsername() == 1) {
$GLOBALS[$variable . "Err"] = "Gebruikersnaam bestaat al";
$correct = false;
throw new usernameException("Gebruikersnaam bestaal al");
}
}
/* checks if an input is longer that 8 characters. */
function longerEight($variable){
if (strlen($GLOBALS[$variable]) < 8) {
$GLOBALS[$variable . "Err"] = "Moet minstens 8 karakters bevatten";
$correct = false;
if (empty($variable)) {
throw new passwordException("Verplicht!");
} else if (strlen($variable) < 8) {
throw new passwordException("Moet minstens 8 karakters bevatten");
}
}
/* checks if an input is a valid email. */
function validateEmail($variable){
if (!filter_var($GLOBALS[$variable], FILTER_VALIDATE_EMAIL)) {
$GLOBALS[$variable . "Err"] = "Geldige email invullen!";
$correct = false;
if (empty($variable)) {
throw new emailException("Verplicht!");
} else if (!filter_var($variable, FILTER_VALIDATE_EMAIL)) {
throw new emailException("Geldige email invullen");
} else if (getExistingEmail() == 1){
$GLOBALS[$variable . "Err"] = "Email bestaat al";
$correct = false;
throw new emailException("Email bestaal al!");
}
}
/* checks if an input is a valid email. */
function resetEmail($variable){
if (empty($variable)) {
throw new emailException("Verplicht!");
} else if (!filter_var($variable, FILTER_VALIDATE_EMAIL)) {
throw new emailException("Geldige email invullen");
} else if (getResetEmail() == 0){
throw new emailException("Email bestaat niet!");
}
}
/* checks if two passwords matches. */
function matchPassword(){
if ($_POST["password"] != $_POST["confirmpassword"]) {
$GLOBALS["confirmpasswordErr"] = "Wachtwoorden matchen niet";
$GLOBALS["correct"] = false;
throw new confirmPasswordException("Wachtwoorden matchen niet!");
}
}
// Checks if everything is filled in correctly
function registerCheck(){
if ($GLOBALS["correct"] == false){
$GLOBALS["genericErr"] = "Bepaalde velden zijn verkeerd of niet ingevuld!";
/* Checks if captcha is correctly filled in */
function checkCaptcha($captcha){
if(!$captcha){
throw new captchaException("Captcha needs to be filled in!");
} else {
$response=json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6Lc72xIUAAAAAPizuF3nUbklCPljVCVzgYespz8o&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']));
if($response->success==false) {
throw new captchaException("You are a spammer!");
}
}
}
/* Get ip adres */
function getIp(){
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$GLOBALS["ip"] = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$GLOBALS["ip"] = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$GLOBALS["ip"] = $_SERVER['REMOTE_ADDR'];
}
}
/* Checks if everything is filled in correctly */
function registerCheck($status){
if ($status == false){
throw new registerException("Bepaalde velden zijn verkeerd of niet ingevuld");
} else {
registerAccount();
header("location: login.php");
}
}
@@ -102,4 +156,69 @@ function test_input($data) {
$data = htmlspecialchars($data);
return $data;
}
class lettersAndSpacesException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class bdayException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class usernameException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class passwordException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class confirmPasswordException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class emailException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class captchaException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class registerException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
?>

42
website/queries/emailconfirm.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
function sendConfirmEmailUsername(string $username) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`userID`
FROM
`user`
WHERE
`username` = :username
");
$stmt->bindParam(":username", $username);
$stmt->execute();
$userID = $stmt->fetch()["username"];
sendConfirmEmail($userID);
}
function sendConfirmEmail(int $userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`email`,
`fname`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $userID);
$stmt->execute();
$user = $stmt->fetch();
$email = $user["email"];
$fname = $user["fname"];
$hash = password_hash($email, PASSWORD_DEFAULT);
$confirmLink = "https://myhyvesbookplus.nl/emailconfirm.php?u=$userID&h=$hash";
$subject = "Bevestig uw emailadres";
$body = "Hallo $fname,\r\n\r\nKlik op de onderstaande link om uw emailadres te bevestigen.\r\n\r\n$confirmLink\r\n\r\nGroeten MyHyvesbook+";
$header = "From: MyHyvesbook+ <noreply@myhyvesbookplus.nl>";
mail($email, $subject, $body, $header);
}

169
website/queries/friendship.php
View File

@@ -1,13 +1,54 @@
<?php
require_once ("connect.php");
function selectFriends($userID) {
return selectLimitedFriends($userID, 9999);
}
function selectLimitedFriends($userID, $limit) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`userID`,
`username`,
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `fullname`,
IFNULL(
`profilepicture`,
'../img/avatar-standard.png'
) AS profilepicture,
`onlinestatus`,
`role`
FROM
`user`
INNER JOIN
`friendship`
WHERE
(`friendship`.`user1ID` = :userID AND
`friendship`.`user2ID` = `user`.`userID` OR
`friendship`.`user2ID` = :userID AND
`friendship`.`user1ID` = `user`.`userID`) AND
`user`.`role` != 'banned' AND
`friendship`.`status` = 'confirmed'
LIMIT :limitCount
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->bindParam(':limitCount', $limit, PDO::PARAM_INT);
$stmt->execute();
return json_encode($stmt->fetchAll());
}
function selectAllFriends($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`userID`,
`username`,
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `fullname`,
IFNULL(
`profilepicture`,
'../img/notbad.jpg'
'../img/avatar-standard.png'
) AS profilepicture,
`onlinestatus`,
`role`
@@ -21,8 +62,8 @@ function selectAllFriends($userID) {
`friendship`.`user2ID` = `user`.`userID` OR
`friendship`.`user2ID` = :userID AND
`friendship`.`user1ID` = `user`.`userID`) AND
`role` != 5 AND
`status` = 1
`user`.`role` != 'banned' AND
`friendship`.`status` = 'confirmed'
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
@@ -36,9 +77,10 @@ function selectAllFriendRequests() {
SELECT
`userID`,
`username`,
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `fullname`,
IFNULL(
`profilepicture`,
'../img/notbad.jpg'
'../img/avatar-standard.png'
) AS profilepicture,
`onlinestatus`,
`role`
@@ -52,12 +94,127 @@ function selectAllFriendRequests() {
`friendship`.`user2ID` = `user`.`userID` OR
`friendship`.`user2ID` = :userID AND
`friendship`.`user1ID` = `user`.`userID`) AND
`role` != 5 AND
`status` = 0
`user`.`role` != 5 AND
`friendship`.`status` = 'requested'
");
$stmt->bindParam(':userID', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->execute();
return json_encode($stmt->fetchAll());
}
function getFriendshipStatus($userID) {
# -2: Query failed.
# -1: user1 and 2 are the same user
# 0 : no record found
# 1 : confirmed
# 2 : user1 sent request (you)
# 3 : user2 sent request (other)
if($_SESSION["userID"] == $userID) {
return -1;
}
$stmt = $GLOBALS["db"]->prepare("
SELECT
CASE `status` IS NULL
WHEN TRUE THEN 0
WHEN FALSE THEN
CASE `status` = 'confirmed'
WHEN TRUE THEN
1
WHEN FALSE THEN
CASE `user1ID` = :me AND `user2ID` = :other
WHEN TRUE THEN
2
WHEN FALSE THEN
3
END
END
END AS `friend_state`
FROM
`friendship`
WHERE
`user1ID` = :other AND `user2ID` = :me OR
`user1ID` = :me AND `user2ID` = :other
");
$stmt->bindParam(':me', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':other', $userID, PDO::PARAM_INT);
if(!$stmt->execute()) {
return -2;
}
return intval($stmt->fetch()["friend_state"]);
}
function requestFriendship($userID) {
$stmt = $GLOBALS["db"]->prepare("
INSERT INTO `friendship` (user1ID, user2ID)
VALUES (:user1, :user2)
");
$stmt->bindParam(':user1', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':user2', $userID, PDO::PARAM_INT);
return $stmt->execute();
}
function removeFriendship($userID) {
$stmt = $GLOBALS["db"]->prepare("
DELETE FROM `friendship`
WHERE
`user1ID` = :user1 AND
`user2ID` = :user2 OR
`user1ID` = :user2 AND
`user2ID` = :user1
LIMIT 1
");
$stmt->bindParam(':user1', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':user2', $userID, PDO::PARAM_INT);
return $stmt->execute();
}
function acceptFriendship($userID) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE `friendship`
SET `status`='confirmed'
WHERE
`user1ID` = :user1 AND
`user2ID` = :user2
LIMIT 1
");
$stmt->bindParam(':user1', $userID, PDO::PARAM_INT);
$stmt->bindParam(':user2', $_SESSION["userID"], PDO::PARAM_INT);
return $stmt->execute();
}
function setLastVisited($friend) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`friendship`
SET `friendship`.chatLastVisted1=(
CASE `user1ID` = :sessionUser
WHEN TRUE THEN NOW()
WHEN FALSE THEN `chatLastVisted1`
END
),
`friendship`.`chatLastVisted2`=(
CASE `user2ID` = :sessionUser
WHEN TRUE THEN NOW()
WHEN FALSE THEN `chatLastVisted2`
END
)
WHERE
`user1ID` = :sessionUser AND
`user2ID` = :friend OR
`user2ID` = :sessionUser AND
`user1ID` = :friend;
");
$stmt->bindParam(':sessionUser', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':friend', $friend, PDO::PARAM_INT);
$stmt->execute();
return $stmt;
}

18
website/queries/group_member.php
View File

@@ -1,7 +1,11 @@
<?php
function selectAllGroupsFromUser($userID) {
return $GLOBALS["db"]->query("
selectLimitedGroupsFromUser($userID, 9999);
}
function selectLimitedGroupsFromUser($userID, $limit) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`group_page`.`name`,
`group_page`.`picture`
@@ -10,8 +14,16 @@ function selectAllGroupsFromUser($userID) {
INNER JOIN
`group_member`
WHERE
`group_member`.`userID` = $userID AND
`group_member`.`userID` = :userID AND
`group_member`.`groupID` = `group_page`.`groupID` AND
`group_page`.`status` != 0
`group_page`.`status` != 'hidden'
LIMIT :limitCount
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->bindParam(':limitCount', $limit, PDO::PARAM_INT);
$stmt->execute();
return json_encode($stmt->fetchAll());
}

18
website/queries/group_page.php
View File

@@ -194,4 +194,22 @@ function searchSomeGroups($n, $m, $search) {
$stmt->execute();
return $stmt;
}
function countSomeGroups($search) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
COUNT(*)
FROM
`group_page`
WHERE
`name` LIKE :keyword
ORDER BY
`name`
");
$search = "%$search%";
$stmt->bindParam(':keyword', $search);
$stmt->execute();
return $stmt;
}
?>

2
website/queries/header.php
View File

@@ -6,7 +6,7 @@ function getHeaderInfo() {
`lname`,
IFNULL(
`profilepicture`,
'img/notbad.jpg'
'img/avatar-standard.png'
) AS profilepicture
FROM
`user`

46
website/queries/login.php
View File

@@ -4,7 +4,8 @@ function getUser() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`password`,
`userID`
`userID`,
`role`
FROM
`user`
WHERE
@@ -15,3 +16,46 @@ function getUser() {
$stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC);
}
function validateLogin($username, $password){
// Empty username or password field
if (empty($username) || empty($password)) {
throw new loginException("Gebruikersnaam of wachtwoord is niet ingevuld");
}
else {
$psw = test_input($password);
$hash = getUser()["password"];
$userID = getUser()["userID"];
$role = getUser()["role"];
// If there's an account, go to the profile page
if(password_verify($psw, $hash)) {
if ($role == "banned"){
echo "<script>
window.onload=bannedAlert();
</script>";
} else if ($role == "unconfirmed"){
sendConfirmEmail(getUser()["userID"]);
echo "<script>
window.onload=emailNotConfirmed();
</script>";
} else {
$_SESSION["userID"] = $userID;
header("location: profile.php");
}
} else {
throw new loginException("Inloggevens zijn niet correct");
}
}
}
class loginException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
?>

97
website/queries/post.php Normal file
View File

@@ -0,0 +1,97 @@
<?php
function selectPostById($postID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`user`.`fname`,
`user`.`lname`,
`user`.`username`,
`post`.`groupID`,
`post`.`title`,
`post`.`content`,
`post`.`creationdate`
FROM
`post`
INNER JOIN
`user`
ON
`post`.`author` = `user`. `userID`
WHERE
`post`.`postID` = :postID
");
$stmt->bindParam(':postID', $postID);
$stmt->execute();
return $stmt;
}
function selectCommentsByPostId($postID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`comment`.`commentID`,
`comment`.`postID`,
`comment`.`author`,
`comment`.`content`,
`comment`.`creationdate`,
`user`.`fname`,
`user`.`lname`,
`user`.`username`
FROM
`comment`
INNER JOIN
`user`
ON
`comment`.`author` = `user`.`userID`
WHERE
`comment`.`postID` = :postID
");
$stmt->bindParam(':postID', $postID);
$stmt->execute();
return $stmt;
}
function makePost($userID, $groupID, $title, $content) {
$stmt = $GLOBALS["db"]->prepare("
INSERT INTO
`post` (
`author`,
`groupID`,
`title`,
`content`
)
VALUES (
:userID,
:groupID,
:title,
:content
)
");
$stmt->bindParam(':userID', $userID);
$stmt->bindParam(':groupID', $groupID);
$stmt->bindParam(':title', $title);
$stmt->bindParam(':content', $content);
$stmt->execute();
}
function makeComment($postID, $userID, $content) {
$stmt = $_GLOBAL["db"]->prepare("
INSERT INTO
`comment` (
`postID`,
`author`,
`content`
)
VALUES (
:postID,
:userID,
:content
)
");
$stmt->bindParam(':postID', $postID);
$stmt->bindParam(':userID', $userID);
$stmt->bindParam(':content', $content);
$stmt->execute();
}

39
website/queries/private_message.php
View File

@@ -74,3 +74,42 @@ function getNewChatMessages($lastID, $destination) {
return json_encode($stmt->fetchAll());
}
function selectAllUnreadChat() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `fullname`,
`user`.`userID`,
IFNULL(
`profilepicture`,
'../img/notbad.jpg'
) AS profilepicture,
LEFT(`private_message`.`content`, 15) as `content`
FROM
`private_message`,
`friendship`,
`user`
WHERE
(`friendship`.user2ID = `private_message`.`origin` AND
`friendship`.user1ID = `private_message`.`destination` AND
(`friendship`.chatLastVisted1 < `private_message`.`creationdate` OR
`friendship`.chatLastVisted1 IS NULL) OR
`friendship`.user1ID = `private_message`.`origin` AND
`friendship`.user2ID = `private_message`.`destination` AND
(`friendship`.chatLastVisted2 < `private_message`.`creationdate` OR
`friendship`.chatLastVisted2 IS NULL)) AND
`private_message`.`origin` = `user`.`userID` AND
`private_message`.`destination` = :userID AND
`user`.`role` != 'banned'
GROUP BY `user`.`userID`
");
$stmt->bindParam(':userID', $_SESSION["userID"]);
$stmt->execute();
return json_encode($stmt->fetchAll());
}

16
website/queries/register.php
View File

@@ -32,6 +32,22 @@ function getExistingEmail() {
}
function getResetEmail() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`email`
FROM
`user`
WHERE
`email` LIKE :email
");
$stmt->bindParam(":email", $_POST["forgotEmail"]);
$stmt->execute();
return $stmt->rowCount();
}
function registerAccount() {
$stmt = $GLOBALS["db"]->prepare("
INSERT INTO

54
website/queries/requestpassword.php Normal file
View File

@@ -0,0 +1,54 @@
<?php
include_once "../queries/connect.php";
function sendPasswordRecovery(string $email) {
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`userID`,
`username`
FROM
`user`
WHERE
`email` = :email
");
$stmt->bindParam(":email", $email);
$stmt->execute();
if (!$stmt->rowCount()) {
return;
}
$result = $stmt->fetch();
$userID = $result["userID"];
$username = $result["username"];
$hash = md5(random_int(0, 1000000));
$hashedHash = password_hash($hash, PASSWORD_DEFAULT);
setHashToDatabase($userID, $hash);
doSendPasswordRecovery($userID, $email, $username, $hashedHash);
} else {
// TODO: Be angry!
}
}
function doSendPasswordRecovery(int $userID, string $email, string $username, string $hash) {
$resetLink = "https://myhyvesbookplus.nl/resetpassword.php?u=$userID&h=$hash";
$subject = "Reset uw wachtwoord";
$body = "Hallo $username,\r\n\r\nKlik op de onderstaande link om uw wachtwoord te resetten.\r\n\r\n$resetLink\r\n\r\nGroeten MyHyvesbook+";
$header = "From: MyHyvesbook+ <noreply@myhyvesbookplus.nl>";
mail($email, $subject, $body, $header);
}
function setHashToDatabase(int $userID, string $hash) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`password` = :hash
WHERE
`userID` = :userID
");
$stmt->bindParam(":hash", $hash);
$stmt->bindParam(":userID", $userID);
$stmt->execute();
return $stmt->rowCount();
}

167
website/queries/settings.php
View File

@@ -1,35 +1,35 @@
<?php
include_once "../queries/emailconfirm.php";
class settingsMessage {
private $class;
private $message;
abstract class AlertMessage extends Exception {
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
/**
* settingsMessage constructor.
* @param string $type Happy or angry
* @param string $message The message to display
*/
public function __construct($type, $message) {
$this->message = $message;
switch ($type) {
case "happy":
$this->class = "settings-message-happy";
break;
case "angry":
$this->class = "settings-message-angry";
break;
default:
$this->class = "settings-message";
break;
}
abstract public function getClass();
}
class HappyAlert extends AlertMessage {
public function __construct($message = "Gelukt!", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
public function getClass() {
return $this->class;
return "settings-message-happy";
}
}
class AngryAlert extends AlertMessage {
public function __construct($message = "Er is iets fout gegaan.", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
public function getMessage() {
return $this->message;
public function getClass() {
return "settings-message-angry";
}
}
@@ -94,24 +94,19 @@ function updateSettings() {
$stmt->bindValue(":bio", test_input($_POST["bio"]));
$stmt->bindValue(":userID", $_SESSION["userID"]);
$stmt->execute();
return new settingsMessage("happy", "Instellingen zijn opgeslagen.");
throw new HappyAlert("Instellingen zijn opgeslagen.");
}
function changePassword() {
$user = getPasswordHash();
if (password_verify($_POST["password-old"], $user["password"])) {
if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
if (doChangePassword()) {
return new settingsMessage("happy", "Wachtwoord gewijzigd.");
} else {
return new settingsMessage("angry", "Er is iets mis gegaan.");
}
doChangePassword();
} else {
return new settingsMessage("angry", "Wachtwoorden komen niet oveen.");
throw new AngryAlert("Wachtwoorden komen niet overeen.");
}
} else {
return new settingsMessage("angry", "Oud wachtwoord niet correct.");
throw new AngryAlert("Oud wachtwoord niet correct.");
}
}
@@ -129,7 +124,12 @@ function doChangePassword() {
$stmt->bindParam(":new_password", $hashed_password);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->rowCount();
if ($stmt->rowCount()) {
throw new HappyAlert("Wachtwoord gewijzigd.");
} else {
throw new AngryAlert();
}
}
function changeEmail() {
@@ -138,20 +138,13 @@ function changeEmail() {
$email = strtolower($_POST["email"]);
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
//check if email exists
if (emailIsAvailableInDatabase($email)) {
if (doChangeEmail($email)) {
return new settingsMessage("happy", "Emailadres is veranderd.");
} else {
return new settingsMessage("angry", "Er is iets mis gegaan.");
}
} else {
return new settingsMessage("angry", "Emailadres bestaat al.");
}
emailIsAvailableInDatabase($email);
doChangeEmail($email);
} else {
return new settingsMessage("angry", "Geef een geldig emailadres.");
throw new AngryAlert("Geef een geldig emailadres");
}
} else {
return new settingsMessage("angry", "Emailadressen komen niet overeen.");
throw new AngryAlert("Emailadressen komen niet overeen.");
}
}
@@ -161,13 +154,15 @@ function emailIsAvailableInDatabase($email) {
`email`
FROM
`user`
WHERE
WHERE
`email` = :email
");
$stmt->bindParam(":email", $email);
$stmt->execute();
return !$stmt->rowCount();
if ($stmt->rowCount()) {
throw new AngryAlert("Emailadres wordt al gebruikt.");
}
}
function doChangeEmail($email) {
@@ -175,40 +170,90 @@ function doChangeEmail($email) {
UPDATE
`user`
SET
`email` = :email
`email` = :email,
`role` = 'unconfirmed'
WHERE
`userID` = :userID
");
$stmt->bindParam(":email", $email);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->rowCount();
if ($stmt->rowCount()) {
sendConfirmEmail($_SESSION["userID"]);
session_destroy();
throw new HappyAlert("Emailadres is veranderd.");
} else {
throw new AngryAlert();
}
}
function updateProfilePicture() {
function updateAvatar() {
$profilePictureDir = "/var/www/html/public/";
$relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_" . basename($_FILES["pp"]["name"]);
// removeOldProfilePicture();
move_uploaded_file($_FILES['pp']['tmp_name'], $profilePictureDir . $relativePath);
setProfilePictureToDatabase("../" . $relativePath);
$tmpImg = $_FILES["pp"]["tmp_name"];
checkAvatarSize($tmpImg);
removeOldAvatar();
if (getimagesize($tmpImg)["mime"] == "image/gif") {
if ($_FILES["pp"]["size"] > 4000000) {
throw new AngryAlert("Bestand is te groot, maximaal 4MB toegestaan.");
}
$relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_avatar.gif";
move_uploaded_file($tmpImg, $profilePictureDir . $relativePath);
} else {
$relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_avatar.png";
$scaledImg = scaleAvatar($tmpImg);
imagepng($scaledImg, $profilePictureDir . $relativePath);
}
setAvatarToDatabase("../" . $relativePath);
throw new HappyAlert("Profielfoto veranderd.");
}
//function removeOldProfilePicture() {
//
// unlink("/var/www/html/public/uploads/profilepictures/" . $_SESSION["userID"] . "_*");
//}
function removeOldAvatar() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`profilepicture`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
$old_avatar = $stmt->fetch()["profilepicture"];
if ($old_avatar != NULL) {
unlink("/var/www/html/public/uploads/" . $old_avatar);
}
}
function setProfilePictureToDatabase($url) {
function setAvatarToDatabase(string $url) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`profilepicture` = :profilePicture
`profilepicture` = :avatar
WHERE
`userID` = :userID
");
$stmt->bindParam(":profilePicture", $url);
$stmt->bindParam(":avatar", $url);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
}
function checkAvatarSize(string $img) {
$minResolution = 200;
$imgSize = getimagesize($img);
if ($imgSize[0] < $minResolution or $imgSize[1] < $minResolution) {
throw new AngryAlert("Afbeelding te klein, minimaal 200x200 pixels.");
}
}
function scaleAvatar(string $imgLink, int $newWidth = 600) {
$img = imagecreatefromstring(file_get_contents($imgLink));
if ($img) {
return imagescale($img, $newWidth);
} else {
throw new AngryAlert("Afbeelding wordt niet ondersteund.");
}
}

117
website/queries/user.php
View File

@@ -17,27 +17,64 @@ function getUserID($username) {
return $stmt->fetch()["userID"];
}
function selectUser($userID) {
function getUsername($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`,
IFNULL(
`profilepicture`,
'../img/notbad.jpg'
) AS profilepicture,
`bio`,
`role`,
`onlinestatus`,
`loggedin`,
`fname`,
`lname`
`username`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->bindParam(':userID', $userID, PDO::PARAM_STR);
$stmt->execute();
return $stmt->fetch()["username"];
}
function selectUser($me, $other) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`,
`birthdate`,
`location`,
IFNULL(
`profilepicture`,
'../img/avatar-standard.png'
) AS profilepicture,
`bio`,
`user`.`creationdate`,
`onlinestatus`,
`fname`,
`lname`,
CASE `status` IS NULL
WHEN TRUE THEN 0
WHEN FALSE THEN
CASE `status` = 'confirmed'
WHEN TRUE THEN
1
WHEN FALSE THEN
CASE `user1ID` = `userID` AND `user2ID` = :me
WHEN TRUE THEN
2
WHEN FALSE THEN
3
END
END
END AS `friend_status`
FROM
`user`
LEFT JOIN
`friendship`
ON
`user1ID` = `userID` AND `user2ID` = :me OR
`user1ID` = :me AND `user2ID` = `userID`
WHERE
`user`.`userID` = :other
");
$stmt->bindParam(':me', $me, PDO::PARAM_INT);
$stmt->bindParam(':other', $other, PDO::PARAM_INT);
$stmt->execute();
return $stmt->fetch();
}
@@ -68,18 +105,24 @@ function selectAllUserGroups($userID) {
function selectAllUserPosts($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`postID`,
`author`,
`title`,
`content`,
`creationdate`
`postID`,
`author`,
`title`,
CASE LENGTH(`content`) >= 150 AND `content` NOT LIKE '<img%'
WHEN TRUE THEN
CONCAT(LEFT(`content`, 150), '...')
WHEN FALSE THEN
`content`
END
AS `content`,
`creationdate`
FROM
`post`
`post`
WHERE
`author` = :userID AND
`groupID` IS NULL
`author` = :userID AND
`groupID` IS NULL
ORDER BY
`creationdate` DESC
`creationdate` DESC
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
@@ -273,11 +316,15 @@ function selectRandomNotFriendUser($userID) {
return $stmt->fetch();
}
function searchSomeUsers($n, $m, $search) {
function searchSomeUsers($n, $m, $search)
{
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`,
`profilepicture`,
IFNULL(
`profilepicture`,
'../img/notbad.jpg'
) AS profilepicture,
`fname`,
`lname`
FROM
@@ -301,3 +348,25 @@ function searchSomeUsers($n, $m, $search) {
$stmt->execute();
return $stmt;
}
function countSomeUsers($search) {
$q = $GLOBALS["db"]->prepare("
SELECT
COUNT(*)
FROM
`user`
WHERE
`username` LIKE :keyword OR
`fname` LIKE :keyword OR
`lname` LIKE :keyword
ORDER BY
`fname`,
`lname`,
`username`
");
$search = "%$search%";
$q->bindParam(':keyword', $search);
$q->execute();
return $q;
}

292
website/views/adminpanel.php
View File

@@ -1,16 +1,8 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Admin Panel</title>
<script src="/js/admin.js" charset="utf-8"></script>
<?php
include_once("../queries/user.php");
include_once("../queries/group_page.php");
?>
</head>
<body>
<script src="js/admin.js" charset="utf-8"></script>
<?php
require_once ("../queries/user.php");
require_once ("../queries/group_page.php");
?>
<!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
<?php
$search = "";
@@ -66,112 +58,97 @@ $listm = $currentpage * $perpage;
<div class="content">
<div class="platform admin-panel">
<div class="admin-title">
<h1>User Management Panel</h1>
</div> <br>
<h5>Zoek naar gebruikers of groepen:</h5>
<div class="admin-options">
<form class="admin-searchform"
action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
method="get">
<div class="admin-searchbar">
<h2>Search</h2>
<input type="text"
name="search"
class="admin-searchinput"
value="<?php echo $search;?>"> <br>
<input type="submit" value="Search">
Zoek: <input type="text"
name="search"
class="admin-searchinput"
placeholder="Naam"
value="<?php echo $search;?>">
Op: <select name="pagetype" id="pagetype" onchange="changeFilter()">
<option value="user"
<?php if (isset($pagetype) && $pagetype=="user") echo "selected";?>>
Gerbuiker
</option>
<option value="group"
<?php if (isset($pagetype) && $pagetype=="group") echo "selected";?>>
Groep
</option>
</select>
<button type="submit"><i class="fa fa-search"></i></button>
</div>
<div class="admin-filter" id="admin-filter">
<h2>Show:</h2>
<input type="checkbox" name="status[]" id="normal" value="user"
<?php if (in_array("user", $status)) echo "checked";?>>
<div id="admin-filter">
<h5>Type gebruiker:</h5>
<input type="checkbox"
name="status[]"
id="all"
value="all"
<?php if (in_array("all", $status)) echo "checked";?>>
<label for="normal">Allemaal</label><br>
<input type="checkbox"
name="status[]"
id="normal"
value="user"
<?php if (in_array("user", $status)) echo "checked";?>>
<label for="normal">Normal</label><br>
<input type="checkbox" name="status[]" id="frozen" value="frozen"
<?php if (in_array("frozen", $status)) echo "checked";?>>
<input type="checkbox"
name="status[]"
id="frozen"
value="frozen"
<?php if (in_array("frozen", $status)) echo "checked";?>>
<label for="frozen">Frozen</label><br>
<input type="checkbox" name="status[]" id="banned" value="banned"
<?php if (in_array("banned", $status)) echo "checked";?>>
<input type="checkbox"
name="status[]"
id="banned"
value="banned"
<?php if (in_array("banned", $status)) echo "checked";?>>
<label for="banned">Banned</label><br>
<input type="checkbox" name="status[]" id="admin" value="admin"
<?php if (in_array("admin", $status)) echo "checked";?>>
<input type="checkbox"
name="status[]"
id="admin"
value="admin"
<?php if (in_array("admin", $status)) echo "checked";?>>
<label for="admin">Admin</label><br>
<input type="checkbox" name="status[]" id="unvalidated" value="unconfirmed"
<?php if (in_array("unconfirmed", $status)) echo "checked";?>>
<input type="checkbox"
name="status[]"
id="unvalidated"
value="unconfirmed"
<?php if (in_array("unconfirmed", $status)) echo "checked";?>>
<label for="unvalidated">Unvalidated</label><br>
<input type="checkbox" name="status[]" id="owner" value="owner"
<?php if (in_array("owner", $status)) echo "checked";?>>
<input type="checkbox"
name="status[]"
id="owner"
value="owner"
<?php if (in_array("owner", $status)) echo "checked";?>>
<label for="owner">Owner</label>
</div>
<div class="admin-groupfilter" id="admin-groupfilter">
<h2>Show:</h2>
<input type="checkbox" name="groupstatus[]" id="hidden" value="hidden"
<?php if (in_array("hidden", $groupstatus)) echo "checked";?>>
<div id="admin-groupfilter">
<h5>Type groep:</h5>
<input type="checkbox" name="groupstatus[]" id="all" value="all"
<?php if (in_array("all", $groupstatus)) echo "checked";?>>
<label for="hidden">Allemaal</label><br>
<input type="checkbox" name="groupstatus[]" id="hidden" value="0"
<?php if (in_array("0", $groupstatus)) echo "checked";?>>
<label for="hidden">Hidden</label><br>
<input type="checkbox" name="groupstatus[]" id="public" value="public"
<?php if (in_array("public", $groupstatus)) echo "checked";?>>
<input type="checkbox" name="groupstatus[]" id="public" value="1"
<?php if (in_array("1", $groupstatus)) echo "checked";?>>
<label for="public">Public</label><br>
<input type="checkbox" name="groupstatus[]" id="membersonly" value="membersonly"
<?php if (in_array("membersonly", $groupstatus)) echo "checked";?>>
<input type="checkbox" name="groupstatus[]" id="membersonly" value="2"
<?php if (in_array("2", $groupstatus)) echo "checked";?>>
<label for="membersonly">Members-only</label><br>
</div>
<div class="admin-filtertype">
<h2>Page Type:</h2>
<input type="radio" name="pagetype" id="user" value="user"
<?php if (isset($pagetype) && $pagetype=="user") echo "checked";?>
onchange="changeFilter()">
<label for="user">Users</label><br>
<input type="radio" name="pagetype" id="group" value="group"
<?php if (isset($pagetype) && $pagetype=="group") echo "checked";?>
onchange="changeFilter()">
<label for="group">Groups</label>
</div>
</form>
<div class="admin-batchactions" id="admin-batchactions">
<h2>Batch Actions: </h2>
<form class="admin-batchform"
id="admin-batchform"
action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
method="post">
<input type="radio" name="batchactions" id="freeze" value="frozen">
<label for="freeze">Freeze</label><br>
<input type="radio" name="batchactions" id="ban" value="banned">
<label for="ban">Ban</label><br>
<input type="radio" name="batchactions" id="restore" value="user">
<label for="restore">Restore</label><br><br>
<input type="submit" value="Confirm">
</form>
</div>
<div class="admin-groupbatchactions" id="admin-groupbatchactions">
<h2>Batch Actions: </h2>
<form class="admin-groupbatchform"
id="admin-groupbatchform"
action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
method="post">
<input type="radio" name="groupbatchactions" id="hide" value="hidden">
<label for="hide">Hide</label><br>
<input type="radio" name="groupbatchactions" id="public" value="public">
<label for="public">Public</label><br>
<input type="radio" name="groupbatchactions" id="membersonly" value="membersonly">
<label for="membersonly">Member</label><br><br>
<input type="submit" value="Confirm">
</form>
</div>
</div>
<br>
<div class="admin-users">
<div class="admin-usertitle">
<div class="admin-userheading">
<h2>Users:</h2>
</div>
<div class="admin-pageui">
</div>
<div class="admin-users">
<div class="admin-usertitle">
<h4>Resultaat:</h4>
<span style="float: right">
<?php
if ($pagetype == "user") {
$pages = countSomeUsersByStatus($search, $status);
@@ -182,10 +159,9 @@ $listm = $currentpage * $perpage;
$mincount = min($listm, $countresults);
$minlist = min($listn + 1, $countresults);
?>
<p class="pagenumber">Current page:</p>
<form class="admin-pageselector"
action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
method="post">
Pagina: <form class="admin-pageselector"
action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
method="post">
<select class="admin-pageselect"
name="pageselect"
onchange="this.form.submit()"
@@ -201,41 +177,45 @@ $listm = $currentpage * $perpage;
?>
</select>
</form>
<p class="entriesshown">
<?php
echo "Showing results $minlist to $mincount out of $countresults";
?>
</div>
</div> <br>
<table class="usertable">
<tr>
<th class="table-checkbox">
<input type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)">
</th>
<th class="table-username">User</th>
<th class="table-status">Status</th>
<th class="table-comment">Comment</th>
<th class="table-action">Action</th>
</tr>
<!-- Table construction via php PDO. -->
<?php
$listn = ($currentpage-1) * $perpage;
$listm = $currentpage * $perpage;
echo "$minlist tot $mincount ($countresults totaal)";
?>
</span>
<form
id="admin-batchform"
action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
method="post">
if ($pagetype == 'user') {
$q = searchSomeUsersByStatus($listn, $perpage, $search, $status);
<button type="submit" name="batchactions" id="freeze" value="frozen">Bevries</button>
<button type="submit" name="batchactions" id="ban" value="banned">Ban</button>
<button type="submit" name="batchactions" id="restore" value="user">Activeer</button>
</form>
</div>
<table class="usertable">
<tr>
<th><input type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)"></th>
<th class="table-username">Gebruikersnaam</th>
<th class="table-status">Status</th>
<th class="table-comment">Aantekening</th>
<th class="table-action">Actie</th>
</tr>
while($user = $q->fetch(PDO::FETCH_ASSOC)) {
$userID = $user['userID'];
$username = $user['username'];
$role = $user['role'];
$bancomment = $user['bancomment'];
$thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
$function = "checkCheckAll(document.getElementById('checkall'))";
<!-- Table construction via php PDO. -->
<?php
$listn = ($currentpage-1) * $perpage;
$listm = $currentpage * $perpage;
echo("
if ($pagetype == 'user') {
$q = searchSomeUsersByStatus($listn, $listm, $search, $status);
while($user = $q->fetch(PDO::FETCH_ASSOC)) {
$userID = $user['userID'];
$username = $user['username'];
$role = $user['role'];
$bancomment = $user['bancomment'];
$thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
$function = "checkCheckAll(document.getElementById('checkall'))";
echo("
<tr>
<td><input type='checkbox'
name='checkbox-user[]'
@@ -252,9 +232,9 @@ $listm = $currentpage * $perpage;
action='$thispage'
method='post'>
<select class='action' name='actions'>
<option value='frozen'>Freeze</option>
<option value='frozen'>Bevries</option>
<option value='banned'>Ban</option>
<option value='user'>Restore</option>
<option value='user'>Activeer</option>
</select>
<input type='hidden' name='userID' value='$userID'>
<input type='submit' value='Confirm'>
@@ -262,19 +242,19 @@ $listm = $currentpage * $perpage;
</td>
</tr>
");
}
} else {
$q = searchSomeGroupsByStatus($listn, $perpage, $search, $groupstatus);
}
} else {
$q = searchSomeGroupsByStatus($listn, $listm, $search, $groupstatus);
while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
$groupID = $group['groupID'];
$name = $group['name'];
$role = $group['status'];
$description = $group['description'];
$thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
$function = "checkCheckAll(document.getElementById('checkall'))";
while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
$groupID = $group['groupID'];
$name = $group['name'];
$role = $group['status'];
$description = $group['description'];
$thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
$function = "checkCheckAll(document.getElementById('checkall'))";
echo("
echo("
<tr>
<td><input type='checkbox'
name='checkbox-group[]'
@@ -291,9 +271,9 @@ $listm = $currentpage * $perpage;
action='$thispage'
method='post'>
<select class='action' name='actions'>
<option value='hidden'>Hide</option>
<option value='public'>Public</option>
<option value='membersonly'>Members</option>
<option value='0'>Hide</option>
<option value='1'>Public</option>
<option value='2'>Members</option>
</select>
<input type='hidden' name='groupID' value='$groupID'>
<input type='submit' value='Confirm'>
@@ -301,12 +281,12 @@ $listm = $currentpage * $perpage;
</td>
</tr>
");
}
}
?>
</table>
</div>
}
?>
</table>
</div>
</div>
</div>
</body>
</html>
</html>

22
website/views/chat-view.php
View File

@@ -1,6 +1,6 @@
<div class="content">
<div class="chat">
<nav class="nav-list chat-left left platform chat-recent">
<nav class="nav-list platform" id="chat-recent-panel">
<h5>Chats</h5>
<ul>
<?php
@@ -16,8 +16,9 @@
// Set default values of a friend.
$username = $friend["username"];
$name = $friend["fullname"];
$userID = $friend["userID"];
$pf = "img/notbad.jpg";
$pf = "img/avatar-standard.png";
// Change values if needed.
if (!empty($friend["profilepicture"]))
@@ -28,17 +29,24 @@
<li class='friend-item' id='friend-item-$userID' onclick='switchUser(\"$userID\")'>
<div class='friend'>
<img alt='PF' class='profile-picture' src='$pf'/>
$username
<div class='friend-name'>
$name<br/>
<span style='color: #666'>$username</span>
</div>
</div>
</li>
";
";
}
if (isset($_GET["username"]) && $_GET["username"] != "") {
$chatID = $_GET["username"];
echo "<script>$(document).ready(function(){switchUser('$chatID')});</script>";
}
?>
</ul>
</nav>
<div class="chat-right">
<div id="chat-history" class="chat-history platform">
</div>
<div id="chat-history" class="chat-history platform">
</div>
<div>
<form id="lastIDForm">
<input type="hidden"
id="lastID"

1
website/views/head.php
View File

@@ -2,6 +2,7 @@
<title>MyHyvesbook+</title>
<!-- Add your javascript files here. -->
<script src="js/jquery.js"></script>
<script src="js/main.js"></script>
<script src="js/header.js"></script>
<script src="js/menu.js"></script>
<script src="js/notifications.js"></script>

5
website/views/header.php
View File

@@ -14,8 +14,9 @@ $userinfo = getHeaderInfo();
placeholder="Zoek naar wat je wil"
required
/>
<input type="submit"
value="Zoek"/>
<button type="submit">
<i class="fa fa-search"></i>
</button>
</form>
</div>
<div class="right profile-menu">

3
website/views/loadFriends.php Normal file
View File

@@ -0,0 +1,3 @@
<?php
echo json_encode(selectAllFriends($_SESSION["userID"])->fetchAll());

81
website/views/login-view.php
View File

@@ -7,8 +7,9 @@
<h1>Welkom bij MyHyvesbook+</h1>
<!-- Login content -->
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return= $correct
method="post">
return=$correct
method="post"
name="login">
<!-- Login name -->
<div class="login_containerlogin">
@@ -37,15 +38,79 @@
<!-- Button for logging in -->
<div class="login_containerlogin">
<button type="submit"
value="Login"
name="submit"
id="frm1_submit">
Login
value="login"
name="submit"
id="frm1_submit">
Inloggen
</button>
</div>
</form>
</div>
<!-- Button for going to the register screen -->
<div class="login_containerlogin">
<a href="https://myhyvesbookplus.nl/register" class="button">Registreer een account</a>
<a href="https://myhyvesbookplus.nl/register" class="button">Registreer een account</a>
<!-- Trigger/Open The Modal -->
<button id="myBtn" class="button">Wachtwoord vergeten</button>
<!-- The Modal -->
<div id="myModal" class="modal">
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return= $correct
method="post"
name="forgotPassword">
<!-- Modal content -->
<div class="modal-content">
<div class="modal-header">
<span class="close">&times;</span>
<h3>Voer uw emailadres in</h3>
</div>
<div class="modal-body">
<input type="text"
placeholder="Voer uw email in"
name="forgotEmail"
title="Voer een email in">
</div>
<div class="modal-footer">
<div class="login_containerfault"><span><?php echo $resetErr; ?></span></div>
<button type="submit"
value="reset"
name="submit"
id="frm1_submit">
Reset password
</button>
</div>
</div>
</form>
</div>
</div>
</div>
<script>
// Get the modal
var modal = document.getElementById('myModal');
// Get the button that opens the modal
var btn = document.getElementById("myBtn");
// Get the <span> element that closes the modal
var span = document.getElementsByClassName("close")[0];
// When the user clicks the button, open the modal
btn.onclick = function() {
modal.style.display = "block";
}
// When the user clicks on <span> (x), close the modal
span.onclick = function() {
modal.style.display = "none";
}
// When the user clicks anywhere outside of the modal, close it
window.onclick = function(event) {
if (event.target == modal) {
modal.style.display = "none";
}
}
</script>

5
website/views/login_head.php
View File

@@ -7,6 +7,7 @@
<link rel="stylesheet"
type="text/css"
href="styles/index.css">
<script src="/js/jqeury.js"></script>
<script src="/js/registerAndLogin.js"></script>
<script src="js/jquery.js"></script>
<script src="js/registerAndLogin.js"></script>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>

149
website/views/menu.php
View File

@@ -1,148 +1,25 @@
<nav class="menu">
<section id="friends-menu-section platform">
<section id="friends-menu-section">
<h4>
Vrienden
</h4>
<ul class="nav-list">
<?php
// Load file.
require_once("../queries/friendship.php");
require_once("../queries/user.php");
// Get all the friends of a user.
$friends = selectAllFriends($_SESSION["userID"]);
$i = 0;
// Print all the users.
while($friend = $friends->fetch(PDO::FETCH_ASSOC)) {
$i ++;
// Set default values of a friend.
$username = $friend["username"];
$extraItem = "";
$pf = "img/notbad.jpg";
// Change values if needed.
if (!empty($friend["profilepicture"]))
$pf = $friend["profilepicture"];
if ($i > 5)
$extraItem = "extra-menu-items";
// Echo the friend.
echo "
<li class='friend-item $extraItem'>
<form action='profile.php' method='get'>
<button type='submit'
name='username'
value='$username'>
<div class='friend'>
<img alt='PF' class='profile-picture' src='$pf'/>
$username
</div>
</button>
</form>
</li>
";
}
$randomUser = selectRandomNotFriendUser($_SESSION["userID"])["username"];
echo "
<li class='friend-item'>
<form action='/profile' method='get'>
<button type='submit'
name='username'
value='$randomUser'>
<div class='friend'>
Klik hier voor een nieuw vriendje :)
</div>
</button>
</form>
</li>
";
if ($i > 5) {
$i -= 5;
echo "
<li class='more-item' id='more-friends-click'>
En nog $i anderen...
</li>
";
}
?>
<ul id="menu-friends-list" class="nav-list">
</ul>
<h4><form action="search.php">
<input type="hidden"
value="friends"
name="filter" />
<button value=""
name="search">
Alle vrienden...
</button>
</form></h4>
</section>
<section id="groups-menu-section">
<h4>
Groepen
</h4>
<ul class="nav-list">
<?php
// Load file.
include_once("../queries/group_member.php");
// Get all the friends of a user.
$groups = selectAllGroupsFromUser($_SESSION["userID"]);
$i = 0;
// Print all the users.
while($group = $groups->fetch(PDO::FETCH_ASSOC)) {
$i ++;
// Set default values of a friend.
$name = $group["name"];
$extraItem = "";
$picture = "img/notbad.jpg";
// Change values if needed.
if (!empty($group["picture"]))
$picture = $group["picture"];
if ($i > 3)
$extraItem = "extra-menu-items";
// Echo the friend.
echo "
<li class='group-item'>
<form action='group.php' method='get'>
<button type='submit'
name='groupname'
value='$name'>
<div class='group'>
<img alt='PF' class='group-picture' src='$picture'/>
$name
</div>
</button>
</form>
</li>
";
}
if ($i == 0) {
echo "<li class='group-item'>
<div class='group'>
Je hoort nergens bij.
</div>
</li>";
} else if ($i > 3) {
$i -= 3;
echo "
<li class='more-item' id='more-groups-click'>
En nog $i andere...
</li>
";
}
?>
<ul id="menu-groups-list" class="nav-list">
</ul>
</section>
<section>
<ul>
<li class="more-item" id="menu-back">
Ga terug
</li>
</ul>
</section>
</nav>
</nav>

23
website/views/messagepage.php Normal file
View File

@@ -0,0 +1,23 @@
<?php
function messagePage(string $content) {
$webpage = ("
<!DOCTYPE html>
<html>
<head>
<style>
@import url(styles/main.css);
@import url(styles/settings.css);
@import url(styles/resetpassword.css);
</style>
</head>
<body>
<div class='password-change'>
<div class='top-logo'><a href='login.php'><img src='img/top-logo.png' alt='MyHyvesbook+'/></a></div>
<div class='item-box platform'>$content</div>
</div>
</body>
</html>
");
echo $webpage;
}

12
website/views/notification-center.php
View File

@@ -5,11 +5,19 @@
<a href="profile.php"><i class="fa fa-user" data-title="Profiel"></i></a>
<a href="logout.php"><i class="fa fa-sign-out" data-title="Uitloggen"></i></a>
</section>
<section id="notifocationCenter">
<section id="friend-request-section">
<h4>
Vriendchapsverzoeken
</h4>
<ul class="nav-list" id="friendrequestslist">
<ul class="nav-list" id="friend-requests-list">
</ul>
</section>
<section id="unread-messages-section">
<h4>
Nieuwe berichten
</h4>
<ul class="nav-list" id="unread-chat-list">
</ul>
</section>

52
website/views/post-view.php Normal file
View File

@@ -0,0 +1,52 @@
<?php
$postID = $_GET['postID'];
$post = selectPostById($postID)->fetch(PDO::FETCH_ASSOC);
$fullname = $post['fname'] . " " . $post['lname'] . " (" . $post['username'] . ")";
echo("
<div class='post-header header'>
<h4>" . $post['title'] . "</h4>
<span class='postinfo'>
gepost door $fullname,
<span class='posttime' title='" . $post['creationdate'] . "'>
" . nicetime($post['creationdate']) . "
</span>
</span>
</div>
<div class='post-content'>
<p>" . $post['content'] . "</p>
</div>
"); ?>
<div class='post-comments'>
<div class="commentfield">
<form name="newcomment" method="post">
<textarea placeholder="Laat een reactie achter..."></textarea> <br>
<input type="submit" value="Reageer!">
</form>
</div>
<?php
$q = selectCommentsByPostId($postID);
while($comment = $q->fetch(PDO::FETCH_ASSOC)) {
$commentauthor = $comment['fname'] . " " . $comment['lname'] . " (" . $comment['username'] . ")";
$commentdate = $comment['creationdate'];
$commentnicetime = nicetime($commentdate);
$commentcontent = $comment['content'];
echo("
<div class='comment'>
<div class='commentinfo'>
$commentauthor
<span class='commentdate', title='$commentdate'>
$commentnicetime
</span>
</div>
<div class='commentcontent'>
$commentcontent
</div>
</div>
");
} ?>
</div>

36
website/views/profile.php
View File

@@ -1,11 +1,13 @@
<div class="content">
<div class="profile-box platform">
<img class="left profile-picture" src="<?php echo $user["profilepicture"] ?>">
<div class="profile-button">
<p><img src="/img/add-friend.png"> Als vriend toevoegen</p>
<div class="friend-button-container">
</div>
<h1 class="profile-username"><?=$user["username"]?></h1>
<h5 class="profile-username"><?= $user["fname"]?> <?=$user["lname"]?></h5>
<h1 class="profile-username"><?= $user["fname"]?> <?=$user["lname"]?></h1>
<h5 class="profile-username"><?=$user["username"]?></h5>
<p><?=$user["bio"]?></p>
</div>
@@ -14,7 +16,7 @@
<p>
<?php
while($friend = $profile_friends->fetch()) {
echo "<a href='/profile/${friend["username"]}/' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>";
echo "<a href='profile.php?username=${friend["username"]}' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>";
}
@@ -47,7 +49,7 @@
<div class="post platform">
<form>
<input type="text" class="newpost" placeholder="Titel">
<textarea class="newpost">Schrijf een berichtje...</textarea>
<textarea class="newpost" placeholder="Schrijf een berichtje..."></textarea>
<input type="submit" value="Plaats!">
</form>
</div>
@@ -56,14 +58,32 @@
while($post = $posts->fetch()) {
$nicetime = nicetime($post["creationdate"]);
$postID = $post["postID"];
echo "
<div class='post platform'>
<div class='post platform' onclick='requestPost(this)'>
<h2>${post["title"]}</h2>
<p>${post["content"]}</p>
<p class=\"subscript\">${nicetime} geplaatst.</p>
<p class=\"subscript\" title='" . $post["creationdate"] ."'>${nicetime} geplaatst.</p>
<form>
<input type='hidden'
name='postID'
value='$postID'
/>
</form>
</div>
";
}
?>
</div>
<div class="modal">
<div class="modal-content platform">
<div class="modal-close">
&times;
</div>
<div class="modal-response" id="modal-response">
<span class="modal-default">Aan het laden...</span>
</div>
</div>
</div>
</div>

24
website/views/register-view.php
View File

@@ -41,11 +41,12 @@
<!-- Register birthday -->
<div class="login_containerregister">
<label><b>Geboortedatum</b></label>
<input type="date"
<input type="text"
name="bday"
value="<?php echo $bday ?>"
id="bday"
placeholder="01/01/1900"
placeholder="1996/01/01"
data-fv-date-max=""
>
*<span class="error"> <?php echo $bdayErr;?></span>
</div>
@@ -95,7 +96,7 @@
<!-- Register location -->
<div class="login_containerregister">
<label><b>Woonplaats</b></label>
<label><b>Locatie</b></label>
<input type="text"
placeholder="Voer uw woonplaats in"
name="location"
@@ -117,18 +118,23 @@
*<span class="error"> <?php echo $emailErr;?></span>
</div>
<!-- Button for registering -->
<div class="login_containerregister">
<div class="g-recaptcha" data-sitekey="6Lc72xIUAAAAADumlWetgENm7NGd9Npyo0c_tYYQ"></div>
<span class="error"> <?php echo $captchaErr;?></span>
</div>
<!-- Button for registering -->
<div class="login_containerlogin">
<!-- Button for going back to login screen -->
<a href="https://myhyvesbookplus.nl/login.php" class="button">Annuleren</a>
<button type="submit"
value="Registreer uw account"
name="Submit"
id="frm1_submit">
Registreer
</button>
</div>
</div>
</form>
<div class="login_containerlogin">
<!-- Button for going back to login screen -->
<a href="https://myhyvesbookplus.nl/login.php" class="left-arrow">Login</a>
</div>
</div>

38
website/views/resetpassword.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
function passwordResetFields() {
$username = $_GET['u'];
$hash = $_GET['h'];
$content ="
<form class='settings' method = 'post' >
<h5 > Voer een nieuw wachtwoord in </h5 >
<input type = 'hidden'
name = 'u'
value = '$username'
>
<input type = 'hidden'
name = 'h'
value = '$hash'
>
<ul >
<li >
<label > Nieuw wachtwoord </label >
<input type = 'password'
name = 'password'
placeholder = 'Nieuw wachtwoord'
>
</li >
<li >
<label > Bevestig wachtwoord </label >
<input type = 'password'
name = 'password-confirm'
placeholder = 'Bevestig wachtwoord'
>
</li >
<li >
<label ></label >
<button type = 'submit' > Verander wachtwoord </button >
</li >
</ul >
</form >";
return $content;
}

72
website/views/search-view.php
View File

@@ -1,6 +1,16 @@
<?php
$search = "";
$filter = "all";
$user_perpage = $group_perpage = 20;
$user_currentpage = $group_currentpage = 1;
if (isset($_GET['user-pageselect'])) {
$user_currentpage = $_GET['user-pageselect'];
}
if (isset($_GET['group-pageselect'])) {
$group_currentpage = $_GET['group-pageselect'];
}
if (isset($_GET['search'])) {
$search = test_input($_GET['search']);
@@ -9,18 +19,26 @@ if (isset($_GET['search'])) {
if (isset($_GET['filter'])) {
$filter = $_GET['filter'];
}
$user_n = ($user_currentpage - 1) * $user_perpage;
$user_count = countSomeUsers($search)->fetchColumn();
$group_n = ($group_currentpage - 1) * $group_perpage;
$group_count = countSomeGroups($search)->fetchColumn();
?>
<div class="content">
<div class="platform">
<form class="search-form" action="search.php" method="get">
<form class="search-form"
id="search-form"
action="search.php"
method="get">
<label>
Zoek:
</label>
<input type="text"
name="search"
placeholder="zoek"
required
placeholder="Zoek"
value=<?php echo "$search";?>
>
<label for="filter">
@@ -40,17 +58,36 @@ if (isset($_GET['filter'])) {
<?php if ($filter == "friends") echo "selected";?>>
Vrienden</option>
</select>
<input type="submit"
<input onclick="document.getElementById('user-pageselect').value = 1;
document.getElementById('group-pageselect').value = 1"
type="submit"
value="Zoek"
/>
>
</form>
</div>
<div class="platform item-box searchleft" id="search-friends-output">
<h4>Gebruikers</h4>
<select class="user-pageselect"
name="user-pageselect"
id="user-pageselect"
form="search-form"
onchange="this.form.submit()">
<?php
for ($i=1; $i <= ceil($user_count / $user_perpage); $i++) {
if ($user_currentpage == $i) {
echo "<option value='$i' selected>$i</option>";
} else {
echo "<option value='$i'>$i</option>";
}
}
?>
</select>
<ul class='nav-list'>
<?php
$q = searchSomeUsers(0, 20, $search);
$q = searchSomeUsers($user_n, $user_perpage, $search);
while ($user = $q->fetch(PDO::FETCH_ASSOC)) {
$username = $user['username'];
@@ -59,7 +96,7 @@ if (isset($_GET['filter'])) {
$lname = $user['lname'];
echo("
<a href='https://myhyvesbookplus.nl/profile/$username/'>
<a href='https://myhyvesbookplus.nl/profile?username=$username'>
<li class='search-item'>
<div class='friend'>
<img class='profile-picture'
@@ -77,17 +114,34 @@ if (isset($_GET['filter'])) {
<div class="platform item-box searchright" id="search-group-output">
<h4>Groepen</h4>
<select class="group-pageselect"
name="group-pageselect"
id="group-pageselect"
form="search-form"
onchange="this.form.submit()">
<?php
for ($i=1; $i <= ceil($group_count / $group_perpage); $i++) {
if ($group_currentpage == $i) {
echo "<option value='$i' selected>$i</option>";
} else {
echo "<option value='$i'>$i</option>";
}
}
?>
</select>
<ul class="nav-list">
<?php
$q = searchSomeGroups(0, 20, $search);
$q = searchSomeGroups($group_n, $user_perpage, $search);
while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
$groupname = $group['name'];
$grouppic = $group['picture'];
echo("
<a href='https://myhyvesbookplus.nl/group/$groupname/'>
<a href='https://myhyvesbookplus.nl/group?groupName=$groupname'>
<li class='search-item'>
<div class='group'>
<img class='group-picture'

9
website/views/settings-view.php
View File

@@ -6,9 +6,9 @@ $settings = getSettings();
<div class="settings">
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
echo "<div class='platform settings-message ". $result->getClass()."'>".
$result->getMessage().
"</div>";
echo "<div class='platform settings-message $alertClass '>
$alertMessage
</div>";
}
?>
<form class="settings-profile platform" method="post">
@@ -81,7 +81,8 @@ $settings = getSettings();
<label>Selecteer foto</label>
<input type="file"
name="pp"
accept="image/jpeg,image/gif,image/png"
accept="image/*"
size="4000000"
>
</li>
<li>