MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' of ssh://gitlab-fnwi.uva.nl:1337/11166932/WebDB

Browse Source
This commit is contained in:
K. Nobel
2017-01-24 16:59:14 +01:00
parent 70957015ce 4b6fe1d202
commit b8f662f825
13 changed files with 446 additions and 139 deletions
Download Patch File Download Diff File Expand all files Collapse all files

206
website/queries/checkInput.php
View File

@@ -1,97 +1,138 @@
<?php
/**
* Function for checking inputfields
* @param variable $variable Give name of the inputfield.
* @param string $option Give the name of the option.
* @param String $variable Give name of the inputfield.
* @param String $option Give the name of the option.
* @return sets correct to false and gives value to error message if it doesn't pass the checks.
*/
function checkInputChoice($variable, $option){
if (empty($_POST[$variable])) {
$GLOBALS[$variable . "Err"] = "Verplicht!";
$GLOBALS["correct"] = false;
switch ($option) {
case "lettersAndSpaces";
checkName($variable);
break;
} else {
$GLOBALS[$variable] = test_input($_POST[$variable]);
switch ($option) {
case "lettersAndSpace":
checkonly($variable);
break;
case "bday";
validateBday($variable);
break;
case "username";
username($variable);
break;
case "username";
username($variable);
break;
case "longerEight";
longerEight($variable);
break;
case "longerEight";
longerEight($variable);
break;
case "email";
validateEmail($variable);
break;
case "email";
validateEmail($variable);
break;
default:
break;
default:
break;
}
}
}
/* Checks for only letters and spaces. */
function checkOnly($variable){
if (!preg_match("/^[a-zA-Z ]*$/",$GLOBALS[$variable])) {
$GLOBALS[$variable . "Err"] = "Alleen letters en spaties zijn toegestaan!";
$correct = false;
function checkName($variable){
if (empty($variable)) {
throw new lettersAndSpacesException("Verplicht!");
} else if (!preg_match("/^[a-zA-Z ]*$/", $variable)) {
throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
}
}
/* Checks for bday */
function validateBday($variable){
if (empty($variable)) {
throw new bdayException("Verplicht!");
} else {
if (!(validateDate($variable, "Y/m/d"))) {
throw new bdayException("Geen geldige datum");
} else {
$dateNow = date("Y/m/d");
if ($dateNow < $variable) {
throw new bdayException("Geen geldige datum");
}
}
}
}
// Checks for date
function validateDate($date, $format)
{
$d = DateTime::createFromFormat($format, $date);
return $d && $d->format($format) == $date;
}
/* checks if username exist and if its longer than 6 characters. */
function username($variable){
if (strlen($GLOBALS[$variable]) < 6) {
$GLOBALS[$variable . "Err"] = "Gebruikersnaam moet minstens 6 karakters bevatten";
$correct = false;
if (empty($variable)) {
throw new usernameException("Verplicht!");
} else if (strlen($variable) < 6) {
throw new usernameException("Moet minstens 6 karakters bevatten");
} else if (getExistingUsername() == 1) {
$GLOBALS[$variable . "Err"] = "Gebruikersnaam bestaat al";
$correct = false;
throw new usernameException("Gebruikersnaam bestaal al");
}
}
/* checks if an input is longer that 8 characters. */
function longerEight($variable){
if (strlen($GLOBALS[$variable]) < 8) {
$GLOBALS[$variable . "Err"] = "Moet minstens 8 karakters bevatten";
$correct = false;
if (empty($variable)) {
throw new passwordException("Verplicht!");
} else if (strlen($variable) < 8) {
throw new passwordException("Moet minstens 8 karakters bevatten");
}
}
/* checks if an input is a valid email. */
function validateEmail($variable){
if (!filter_var($GLOBALS[$variable], FILTER_VALIDATE_EMAIL)) {
$GLOBALS[$variable . "Err"] = "Geldige email invullen!";
$correct = false;
if (empty($variable)) {
throw new emailException("Verplicht!");
} else if (!filter_var($variable, FILTER_VALIDATE_EMAIL)) {
throw new emailException("Geldige email invullen");
} else if (getExistingEmail() == 1){
$GLOBALS[$variable . "Err"] = "Email bestaat al";
$correct = false;
throw new emailException("Email bestaal al!");
}
}
/* checks if two passwords matches. */
function matchPassword(){
if ($_POST["password"] != $_POST["confirmpassword"]) {
$GLOBALS["confirmpasswordErr"] = "Wachtwoorden matchen niet";
$GLOBALS["correct"] = false;
throw new confirmPasswordException("Wachtwoorden matchen niet!");
}
}
// Checks if everything is filled in correctly
function registerCheck(){
if ($GLOBALS["correct"] == false){
$GLOBALS["genericErr"] = "Bepaalde velden zijn verkeerd of niet ingevuld!";
/* Checks if captcha is correctly filled in */
function checkCaptcha($captcha){
if(!$captcha){
throw new captchaException("Captcha needs to be filled in!");
} else {
$response=json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6Lc72xIUAAAAAPizuF3nUbklCPljVCVzgYespz8o&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']));
if($response->success==false) {
throw new captchaException("You are a spammer!");
}
}
}
/* Get ip adres */
function getIp(){
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$GLOBALS["ip"] = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$GLOBALS["ip"] = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$GLOBALS["ip"] = $_SERVER['REMOTE_ADDR'];
}
}
/* Checks if everything is filled in correctly */
function registerCheck($status){
if ($status == false){
throw new registerException("Bepaalde velden zijn verkeerd of niet ingevuld");
} else {
registerAccount();
header("location: login.php");
}
}
@@ -102,4 +143,69 @@ function test_input($data) {
$data = htmlspecialchars($data);
return $data;
}
class lettersAndSpacesException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class bdayException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class usernameException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class passwordException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class confirmPasswordException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class emailException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class captchaException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class registerException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
?>

73
website/queries/friendship.php
View File

@@ -1,5 +1,7 @@
<?php
require("connect.php");
function selectAllFriends($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
@@ -64,6 +66,77 @@ function selectAllFriendRequests() {
return json_encode($stmt->fetchAll());
}
function getFriendshipStatus($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
CASE `status` IS NULL
WHEN TRUE THEN 0
WHEN FALSE THEN
CASE `status` = 'confirmed'
WHEN TRUE THEN
1
WHEN FALSE THEN
CASE `user1ID` = :me AND `user2ID` = :other
WHEN TRUE THEN
2
WHEN FALSE THEN
3
END
END
END AS `friend_state`
FROM
`friendship`
WHERE
`user1ID` = :other AND `user2ID` = :me OR
`user1ID` = :me AND `user2ID` = :other
");
$stmt->bindParam(':me', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':other', $userID, PDO::PARAM_INT);
$stmt->execute();
return $stmt->fetch()["friend_state"];
}
function requestFriendship($userID) {
$stmt = $GLOBALS["db"]->prepare("
INSERT INTO `friendship` (user1ID, user2ID)
VALUES (:user1, :user2)
");
$stmt->bindParam(':user1', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':user2', $userID, PDO::PARAM_INT);
$stmt->execute();
}
function removeFriendship($userID) {
$stmt = $GLOBALS["db"]->prepare("
DELETE FROM `friendship`
WHERE
`user1ID` = :user1 AND
`user2ID` = :user2 OR
`user1ID` = :user2 AND
`user2ID` = :user1
");
$stmt->bindParam(':user1', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':user2', $userID, PDO::PARAM_INT);
$stmt->execute();
}
function acceptFriendship($userID) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE `friendship`
SET `status`='confirmed'
WHERE
`user1ID` = :user1 AND
`user2ID` = :user2
LIMIT 1
");
$stmt->bindParam(':user1', $userID, PDO::PARAM_INT);
$stmt->bindParam(':user2', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->execute();
}
function setLastVisited($friend) {
$stmt = $GLOBALS["db"]->prepare("

63
website/queries/user.php
View File

@@ -17,27 +17,64 @@ function getUserID($username) {
return $stmt->fetch()["userID"];
}
function selectUser($userID) {
function getUsername($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`,
IFNULL(
`profilepicture`,
'../img/avatar-standard.png'
) AS profilepicture,
`bio`,
`role`,
`onlinestatus`,
`loggedin`,
`fname`,
`lname`
`username`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->bindParam(':userID', $userID, PDO::PARAM_STR);
$stmt->execute();
return $stmt->fetch()["username"];
}
function selectUser($me, $other) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`,
`birthdate`,
`location`,
IFNULL(
`profilepicture`,
'../img/avatar-standard.png'
) AS profilepicture,
`bio`,
`user`.`creationdate`,
`onlinestatus`,
`fname`,
`lname`,
CASE `status` IS NULL
WHEN TRUE THEN 0
WHEN FALSE THEN
CASE `status` = 'confirmed'
WHEN TRUE THEN
1
WHEN FALSE THEN
CASE `user1ID` = `userID` AND `user2ID` = :me
WHEN TRUE THEN
2
WHEN FALSE THEN
3
END
END
END AS `friend_status`
FROM
`user`
LEFT JOIN
`friendship`
ON
`user1ID` = `userID` AND `user2ID` = :me OR
`user1ID` = :me AND `user2ID` = `userID`
WHERE
`user`.`userID` = :other
");
$stmt->bindParam(':me', $me, PDO::PARAM_INT);
$stmt->bindParam(':other', $other, PDO::PARAM_INT);
$stmt->execute();
return $stmt->fetch();
}