Merge branch 'master' into kevin-prototype

website/public/API/deletePost.php

@@ -3,9 +3,9 @@ session_start();
 
 require_once "../../queries/post.php";
 require_once "../../queries/user.php";
-
+if (!isset($_SESSION["userID"])) {
-if (isset($_SESSION["userID"]) and
+    echo "logged out";
-    getRoleByID($_SESSION["userID"]) != 'frozen' and
+} else if (getRoleByID($_SESSION["userID"]) != 'frozen' and
            getRoleByID($_SESSION["userID"]) != 'banned') {
 
     if (empty($_POST["postID"]) or empty($_SESSION["userID"])) {

website/public/API/postComment.php

@@ -7,9 +7,9 @@ require_once("../../queries/connect.php");
 require_once("../../queries/checkInput.php");
 require_once("../../queries/user.php");
 
-
+if (!isset($_SESSION["userID"])) {
-if (isset($_SESSION["userID"]) &&
+    echo "logged out";
-    getRoleByID($_SESSION["userID"]) != 'frozen' &&
+} else if (getRoleByID($_SESSION["userID"]) != 'frozen' &&
            getRoleByID($_SESSION["userID"]) != 'banned') {
     if ($_POST['button'] == 'reaction') {
         if (empty($_POST['newcomment-content'])) {

website/public/API/postPost.php

@@ -8,8 +8,9 @@ require_once("../../queries/connect.php");
 require_once("../../queries/checkInput.php");
 require_once("../../queries/user.php");
 
-if (isset($_SESSION["userID"]) &&
+if (!isset($_SESSION["userID"])) {
-    getRoleByID($_SESSION["userID"]) != 'frozen' &&
+    echo "logged out";
+} else if (getRoleByID($_SESSION["userID"]) != 'frozen' &&
            getRoleByID($_SESSION["userID"]) != 'banned') {
 
     if (empty($_SESSION["userID"])) {

website/public/API/sendMessage.php

@@ -7,8 +7,9 @@ require_once("../../queries/checkInput.php");
 require_once("../../queries/user.php");
 
 // Check if the user is allowed to send a message.
-if (isset($_SESSION["userID"]) &&
+if (!isset($_SESSION["userID"])) {
-    getRoleByID($_SESSION["userID"]) != 'frozen' &&
+    echo "logged out";
+} else if (getRoleByID($_SESSION["userID"]) != 'frozen' &&
            getRoleByID($_SESSION["userID"]) != 'banned') {
     if (!empty(test_input($_POST["destination"])) &&
         !empty(test_input($_POST["content"]))

website/public/browserconfig.xml

@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="utf-8"?>
+	<browserconfig>
+		<msapplication>
+			<tile>
+				<square70x70logo src="tiny.png"/>
+				<square150x150logo src="square.jpg"/>
+				<wide310x150logo src="wide.jpg"/>
+				<square310x310logo src="large.jpg"/>
+				<TileColor>#000000</TileColor>
+			</tile>
+		</msapplication>
+	</browserconfig>

website/public/createGroup.php

@@ -0,0 +1,36 @@
+<?php
+require_once "../queries/createGroup.php";
+require_once "../queries/connect.php";
+require_once "../queries/alerts.php"?>
+<!DOCTYPE html>
+<html>
+<head>
+    <?php include("../views/head.php"); ?>
+    <style>
+        @import url("styles/settings.css");
+    </style>
+</head>
+<body>
+<?php
+/*
+ * This view adds the main layout over the screen.
+ * Header and menu.
+ */
+include("../views/main.php");
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+    try {
+        createGroup();
+    } catch (AlertMessage $e) {
+
+    }
+    $groupname = $_POST["groupName"];
+    header("location: group.php?groupname=$groupname");
+}
+/* Add your view files here. */
+include("../views/createGroup.php");
+
+/* This adds the footer. */
+include("../views/footer.php");
+?>
+</body>
+</html>

website/public/fb-callback.php

@@ -1,71 +0,0 @@
-<?php
-$fb = new Facebook\Facebook([
-    'app_id' => $appID, // Replace {app-id} with your app id
-    'app_secret' => $appSecret,
-    'default_graph_version' => 'v2.2',
-]);
-
-$helper = $fb->getRedirectLoginHelper();
-
-try {
-    $accessToken = $helper->getAccessToken();
-} catch(Facebook\Exceptions\FacebookResponseException $e) {
-    // When Graph returns an error
-    echo 'Graph returned an error: ' . $e->getMessage();
-    exit;
-} catch(Facebook\Exceptions\FacebookSDKException $e) {
-    // When validation fails or other local issues
-    echo 'Facebook SDK returned an error: ' . $e->getMessage();
-    exit;
-}
-
-if (! isset($accessToken)) {
-    if ($helper->getError()) {
-        header('HTTP/1.0 401 Unauthorized');
-        echo "Error: " . $helper->getError() . "\n";
-        echo "Error Code: " . $helper->getErrorCode() . "\n";
-        echo "Error Reason: " . $helper->getErrorReason() . "\n";
-        echo "Error Description: " . $helper->getErrorDescription() . "\n";
-    } else {
-        header('HTTP/1.0 400 Bad Request');
-        echo 'Bad request';
-    }
-    exit;
-}
-
-// Logged in
-echo '<h3>Access Token</h3>';
-var_dump($accessToken->getValue());
-
-// The OAuth 2.0 client handler helps us manage access tokens
-$oAuth2Client = $fb->getOAuth2Client();
-
-// Get the access token metadata from /debug_token
-$tokenMetadata = $oAuth2Client->debugToken($accessToken);
-echo '<h3>Metadata</h3>';
-var_dump($tokenMetadata);
-
-// Validation (these will throw FacebookSDKException's when they fail)
-$tokenMetadata->validateAppId($appID); // Replace {app-id} with your app id
-// If you know the user ID this access token belongs to, you can validate it here
-//$tokenMetadata->validateUserId('123');
-$tokenMetadata->validateExpiration();
-
-if (! $accessToken->isLongLived()) {
-    // Exchanges a short-lived access token for a long-lived one
-    try {
-        $accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
-    } catch (Facebook\Exceptions\FacebookSDKException $e) {
-        echo "<p>Error getting long-lived access token: " . $helper->getMessage() . "</p>\n\n";
-        exit;
-    }
-
-    echo '<h3>Long-lived</h3>';
-    var_dump($accessToken->getValue());
-}
-
-$_SESSION['fb_access_token'] = (string) $accessToken;
-
-// User is logged in with a long-lived access token.
-// You can redirect them to a members-only page.
-//header('Location: https://example.com/members.php');

website/public/group.php

@@ -13,7 +13,7 @@
 
 include_once("../queries/group_page.php");
 
-if(!$group = selectGroupByName($_GET["groupname"])) {
+if(isset($_SESSION["userID"]) and !$group = selectGroupByName($_GET["groupname"])) {
     header("HTTP/1.0 404 Not Found");
     header("Location: error/404.php");
     die();

website/public/groupAdmin.php

@@ -0,0 +1,72 @@
+<?php
+require_once "../queries/picture.php";
+require_once "../queries/groupAdmin.php";
+require_once "../queries/alerts.php";
+?>
+<!DOCTYPE html>
+<html>
+<head>
+    <?php include("../views/head.php"); ?>
+<style>
+    /*Insert own stylesheet here ;)*/
+    @import url("styles/settings.css");
+</style>
+</head>
+<body>
+<?php
+/*
+ * This view adds the main layout over the screen.
+ * Header and menu.
+ */
+include("../views/main.php");
+$alertClass;
+$alertMessage;
+
+// Select which button has been pressed.
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+    try {
+        switch ($_POST["form"]) {
+            case "group":
+                updateGroupSettings($_POST["groupID"]);
+                break;
+            case "picture":
+                if (checkGroupAdmin($_POST["groupID"], $_SESSION["userID"])) {
+                    updateAvatar($_POST["groupID"]);
+                }
+                break;
+            case "mod":
+                if (!array_key_exists("userID", $_POST)) {
+                    throw new AngryAlert("Geen gebruiker geselecteerd.");
+                }
+                upgradeUser($_POST["groupID"], $_POST["userID"], "mod");
+                break;
+            case "admin":
+                if (!array_key_exists("userID", $_POST)) {
+                    throw new AngryAlert("Geen gebruiker geselecteerd.");
+                }
+                upgradeUser($_POST["groupID"], $_POST["userID"], "admin");
+                break;
+            case "deadmin":
+                if (!array_key_exists("userID", $_POST)) {
+                    throw new AngryAlert("Geen gebruiker geselecteerd.");
+                }
+                upgradeUser($_POST["groupID"], $_POST["userID"], "member");
+                break;
+            case "delete":
+                deleteGroup();
+                break;
+        }
+    } catch (AlertMessage $w) {
+        $alertClass = $w->getClass();
+        $alertMessage = $w->getMessage();
+    }
+}
+
+/* Add your view files here. */
+include("../views/groupAdmin.php");
+
+/* This adds the footer. */
+include("../views/footer.php");
+?>
+</body>
+</html>

website/public/js/admin.js

@@ -24,12 +24,14 @@ $(window).on("load", function () {
     });
 });
 
+// Toggles all checkboxes based on one.
 function checkAll() {
     $('.checkbox-list').each(function () {
         $(this).prop('checked', $('#checkall').prop('checked'));
     });
 }
 
+// Simple function that checks if checkall should stay checked.
 function checkCheckAll() {
     var checked = true;
 
@@ -43,6 +45,7 @@ function checkCheckAll() {
     $('#checkall').prop('checked', checked);
 }
 
+// Toggle of filter options.
 function changeFilter() {
     if ($('#pagetype').find(":selected").val() == "group") {
         document.getElementById('admin-filter').style.display = 'none';
@@ -59,11 +62,13 @@ function changeFilter() {
     }
 }
 
+// Sets the search page to one, relevant when changing filter or search.
 function searchFromOne() {
     $('#currentpage').prop('value', 1);
     adminSearch();
 }
 
+// AJAX live search.
 function adminSearch() {
     $.post(
         "API/adminSearchUsers.php",
@@ -74,6 +79,7 @@ function adminSearch() {
     })
 }
 
+// AJAX live update.
 function adminUpdate(form) {
     $.post(
         "API/adminChangeUser.php",
@@ -83,6 +89,7 @@ function adminUpdate(form) {
     })
 }
 
+// AJAX pagenumber functionality.
 function updatePageN() {
     $.post(
         "API/adminPageNumber.php",
@@ -92,11 +99,13 @@ function updatePageN() {
     })
 }
 
+// Intended for the edit button to show a form.
 function toggleBancomment(button) {
     $(button).siblings("div").toggle();
     $(button).toggle();
 }
 
+// AJAX value editing.
 function editComment(form) {
     $.post(
         "API/adminChangeUser.php",

website/public/js/chat.js

@@ -43,12 +43,15 @@ function sendMessage() {
     ).done(function(response) {
         if (response == "frozen") {
             alert("Je account is bevroren, dus je kan niet chat berichten versturen. Contacteer een admin als je denkt dat dit onjuist is.");
+        } else if (response == "logged out") {
+            window.location.href = "login.php?url=" + window.location.pathname;
         }
         // Load messages if the message has been send, so it shows in the chat.
         loadMessages();
     });
 
     $("#newContent").val("");
+    $("#newContent").focus();
 }
 
 // Add messages to the chat.

website/public/js/dobPicker.js

@@ -1,123 +0,0 @@
-/**
- * jQuery DOB Picker
- * Website: https://github.com/tyea/dobpicker
- * Version: 1.0
- * Author: Tom Yeadon
- * License: BSD 3-Clause
- */
-
-jQuery.extend({
-
-	dobPicker: function(params) {
-
-		// set the defaults		
-		if (typeof(params.dayDefault)==='undefined') params.dayDefault = 'Day';
-		if (typeof(params.monthDefault)==='undefined') params.monthDefault = 'Month';
-		if (typeof(params.yearDefault)==='undefined') params.yearDefault = 'Year';
-		if (typeof(params.minimumAge)==='undefined') params.minimumAge = 12;
-		if (typeof(params.maximumAge)==='undefined') params.maximumAge = 80;
-
-		// set the default messages		
-		$(params.daySelector).append('<option value="">' + params.dayDefault + '</option>');
-		$(params.monthSelector).append('<option value="">' + params.monthDefault + '</option>');
-		$(params.yearSelector).append('<option value="">' + params.yearDefault + '</option>');
-
-		// populate the day select
-		for (i = 1; i <= 31; i++) {
-			if (i <= 9) {
-				var val = '0' + i;
-			} else {
-				var val = i;
-			}
-			$(params.daySelector).append('<option value="' + val + '">' + i + '</option>');
-		}
-
-		// populate the month select		
-		var months = [
-			"January",
-			"February",
-			"March",
-			"April",
-			"May",
-			"June",
-			"July",
-			"August",
-			"September",
-			"October",
-			"November",
-			"December"
-		];
-			
-		for (i = 1; i <= 12; i++) {
-			if (i <= 9) {
-				var val = '0' + i;
-			} else {
-				var val = i;
-			}
-			$(params.monthSelector).append('<option value="' + val + '">' + months[i - 1] + '</option>');
-		}
-
-		// populate the year select
-		var date = new Date();
-		var year = date.getFullYear();
-		var start = year - params.minimumAge;
-		var count = start - params.maximumAge;
-		
-		for (i = start; i >= count; i--) {
-			$(params.yearSelector).append('<option value="' + i + '">' + i + '</option>');
-		}
-		
-		// do the logic for the day select
-		$(params.daySelector).change(function() {
-			
-			$(params.monthSelector)[0].selectedIndex = 0;
-			$(params.yearSelector)[0].selectedIndex = 0;
-			$(params.yearSelector + ' option').removeAttr('disabled');
-			
-			if ($(params.daySelector).val() >= 1 && $(params.daySelector).val() <= 29) {
-			
-				$(params.monthSelector + ' option').removeAttr('disabled');
-				
-			} else if ($(params.daySelector).val() == 30) {
-			
-				$(params.monthSelector + ' option').removeAttr('disabled');
-				$(params.monthSelector + ' option[value="02"]').attr('disabled', 'disabled');
-				
-			} else if($(params.daySelector).val() == 31) {
-			
-				$(params.monthSelector + ' option').removeAttr('disabled');
-				$(params.monthSelector + ' option[value="02"]').attr('disabled', 'disabled');
-				$(params.monthSelector + ' option[value="04"]').attr('disabled', 'disabled');
-				$(params.monthSelector + ' option[value="06"]').attr('disabled', 'disabled');
-				$(params.monthSelector + ' option[value="09"]').attr('disabled', 'disabled');
-				$(params.monthSelector + ' option[value="11"]').attr('disabled', 'disabled');
-				
-			}
-			
-		});
-		
-		// do the logic for the month select
-		$(params.monthSelector).change(function() {
-			
-			$(params.yearSelector)[0].selectedIndex = 0;
-			$(params.yearSelector + ' option').removeAttr('disabled');
-			
-			if ($(params.daySelector).val() == 29 && $(params.monthSelector).val() == '02') {
-			
-				$(params.yearSelector + ' option').each(function(index) {
-					if (index !== 0) {
-						var year = $(this).attr('value');
-						var leap = !((year % 4) || (!(year % 100) && (year % 400)));
-						if (leap === false) {
-							$(this).attr('disabled', 'disabled');
-						}
-					}
-				});
-				
-			}
-			
-		});
-		
-	}
-	
-});

website/public/js/dobPicker.min.js

@@ -1 +0,0 @@
-jQuery.extend({dobPicker:function(a){for("undefined"==typeof a.dayDefault&&(a.dayDefault="Day"),"undefined"==typeof a.monthDefault&&(a.monthDefault="Month"),"undefined"==typeof a.yearDefault&&(a.yearDefault="Year"),"undefined"==typeof a.minimumAge&&(a.minimumAge=12),"undefined"==typeof a.maximumAge&&(a.maximumAge=80),$(a.daySelector).append('<option value="">'+a.dayDefault+"</option>"),$(a.monthSelector).append('<option value="">'+a.monthDefault+"</option>"),$(a.yearSelector).append('<option value="">'+a.yearDefault+"</option>"),i=1;i<=31;i++){if(i<=9)var b="0"+i;else var b=i;$(a.daySelector).append('<option value="'+b+'">'+i+"</option>")}var c=["January","February","March","April","May","June","July","August","September","October","November","December"];for(i=1;i<=12;i++){if(i<=9)var b="0"+i;else var b=i;$(a.monthSelector).append('<option value="'+b+'">'+c[i-1]+"</option>")}var d=new Date,e=d.getFullYear(),f=e-a.minimumAge,g=f-a.maximumAge;for(i=f;i>=g;i--)$(a.yearSelector).append('<option value="'+i+'">'+i+"</option>");$(a.daySelector).change(function(){$(a.monthSelector)[0].selectedIndex=0,$(a.yearSelector)[0].selectedIndex=0,$(a.yearSelector+" option").removeAttr("disabled"),$(a.daySelector).val()>=1&&$(a.daySelector).val()<=29?$(a.monthSelector+" option").removeAttr("disabled"):30==$(a.daySelector).val()?($(a.monthSelector+" option").removeAttr("disabled"),$(a.monthSelector+' option[value="02"]').attr("disabled","disabled")):31==$(a.daySelector).val()&&($(a.monthSelector+" option").removeAttr("disabled"),$(a.monthSelector+' option[value="02"]').attr("disabled","disabled"),$(a.monthSelector+' option[value="04"]').attr("disabled","disabled"),$(a.monthSelector+' option[value="06"]').attr("disabled","disabled"),$(a.monthSelector+' option[value="09"]').attr("disabled","disabled"),$(a.monthSelector+' option[value="11"]').attr("disabled","disabled"))}),$(a.monthSelector).change(function(){$(a.yearSelector)[0].selectedIndex=0,$(a.yearSelector+" option").removeAttr("disabled"),29==$(a.daySelector).val()&&"02"==$(a.monthSelector).val()&&$(a.yearSelector+" option").each(function(a){if(0!==a){var b=$(this).attr("value"),c=!(b%4||!(b%100)&&b%400);c===!1&&$(this).attr("disabled","disabled")}})})}});

website/public/js/friendButtons.js

@@ -21,26 +21,26 @@ function placeFriendButtons() {
                     case "0":
                         value1 = "request";
                         class1 = "green";
-                        text1 = "Bevriend";
+                        text1 = "Word vrienden";
-                        icon1 = "fa-handshake-o";
+                        icon1 = "fa-user-plus";
                         break;
                         // Users are friends.
                     case "1":
                         value1 = userID;
                         class1 = "green";
                         text1 = "Chat";
-                        icon1 = "fa-comment-o";
+                        icon1 = "fa-comment";
                         value2 = "delete";
                         class2 = "red";
-                        text2 = "Verwijder";
+                        text2 = "Ontvriend";
-                        icon2 = "fa-times";
+                        icon2 = "fa-user-times";
                         break;
                         // This user sent request.
                     case "2":
                         value1 = "delete";
                         class1 = "red";
                         text1 = "Trek verzoek in";
-                        icon1 = "fa-cross";
+                        icon1 = "fa-times";
                         break;
                         // Other user sent request.
                     case "3":
@@ -57,16 +57,18 @@ function placeFriendButtons() {
 
                 // Append buttons to the container.
                 $buttonContainer.append(
-                    "<button class='"+ class1 +" friend-button' value='"+ value1 +"'>" +
+                    "<div><button class='"+ class1 +" fancy-button friend-button' value='"+ value1 +"'>" +
-                        "<i class='fa "+ icon1 +"'></i> " + text1 +
+                    "<span>"+ text1 +"</span>" +
-                    "</button>");
+                    "<i class='fa fa-fw "+ icon1 +"'></i> " +
+                    "</button></div>");
                 $buttonContainer.append(
-                    "<button class='"+ class2 +" friend-button' value='"+ value2 +"'>" +
+                    "<div><button class='"+ class2 +" fancy-button friend-button' value='"+ value2 +"'>" +
-                        "<i class='fa "+ icon2 +"'></i> " + text2 +
+                    "<span>"+ text2 +"</span>" +
-                    "</button>");
+                    "<i class='fa fa-fw "+ icon2 +"'></i> " +
+                    "</button></div>");
 
             // Gets triggered when a friend button is triggered.
-            $buttonContainer.children().click(function() {
+            $buttonContainer.find("button").click(function() {
                 if (isNaN(this.value))
                     editFriendship(userID, this.value);
                 else if (this.value != "")

website/public/js/groupButtons.js

@@ -7,32 +7,44 @@ function placeGroupButtons() {
             // When user is not a member
             if(data == 'none') {
                 $buttonContainer.append(
-                    "<button class='green group-button' value='request'>" +
+                    "<button class='green group-button fancy-button' value='request'>" +
-                    "<i class='fa fa-plus'></i> Voeg toe" +
+                    "<span>Treed toe</span><i class='fa fa-plus'></i>" +
                     "</button>");
+
                 // when user sent a request to become a member.
             } else if(data == 'request') {
                 $buttonContainer.append(
-                    "<button class='red group-button' value='none'>" +
+                    "<button class='red group-button fancy-button' value='none'>" +
-                    "<i class='fa fa-times'></i> Trek verzoek in" +
+                    "<span>Trek verzoek in</span><i class='fa fa-times'></i>" +
                     "</button>");
                 // When user is a member of the group.
+            } else if (data == 'admin') {
+                $buttonContainer.append(
+                    "<button class='group-button fancy-button' value='admin'>" +
+                        "<span>Instellingen</span><i class='fa fa-cogs'></i>" +
+                        "</button>"
+                );
+
             } else {
                 $buttonContainer.append(
-                    "<button class='red group-button' value='none'>" +
+                    "<button class='red group-button fancy-button' value='none'>" +
-                    "<i class='fa fa-times'></i> Verlaat groep" +
+                    "<span>Verlaat groep</span><i class='fa fa-sign-out'></i>" +
                     "</button>");
             }
 
             // Gets triggered when a group button is clicked.
             $buttonContainer.children().click(function() {
-                $.post("API/editMembership.php", { grp: groupID, role: this.value })
+                if (this.value == 'admin') {
-                    .done(function() {
+                    window.location.href='groupAdmin.php?groupID=' + groupID;
+                } else {
+                    $.post("API/editMembership.php", {grp: groupID, role: this.value})
+                        .done(function () {
                             $buttonContainer.children().remove();
                             placeGroupButtons();
                             updateMenus();
-                    }).fail(function() {
+                        }).fail(function () {
                     });
+                }
             });
 
     });

website/public/js/loginRegisterModals.js

@@ -0,0 +1,68 @@
+
+// Get the modal
+var modal = document.getElementById('myModal');
+var registerModal = document.getElementById('registerModal');
+var facebookModal = document.getElementById("fbModal");
+
+// Get the button that opens the modal
+var registerBtn = document.getElementById("registerBtn");
+var btn = document.getElementById("myBtn");
+
+
+// Get the <span> element that closes the modal
+var span = document.getElementsByClassName("close")[0];
+var registerSpan = document.getElementsByClassName("close")[1];
+var facebookCLose = document.getElementsByClassName("close")[2];
+
+/**
+ * When the user clicks the button, open the modal
+ */
+btn.onclick = function () {
+    modal.style.display = "block";
+
+}
+registerBtn.onclick = function () {
+    registerModal.style.display = "block";
+}
+
+/**
+ * WHen the user clicks on (X), close the modal
+ */
+span.onclick = function () {
+    modal.style.display = "none";
+}
+registerSpan.onclick = function () {
+    registerModal.style.display = "none";
+}
+facebookCLose.onclick = function () {
+    facebookModal.style.display = "none";
+}
+
+/**
+ * When the user clicks anywhere outside of the modal, close it
+ */
+window.onclick = function (event) {
+    if (event.target == modal) {
+        modal.style.display = "none";
+    }
+    if (event.target == registerModal) {
+        registerModal.style.display = "none";
+    }
+    if (event.target == facebookModal) {
+        facebookModal.style.display = "none";
+    }
+}
+
+/**
+ * When ESC is pressed, close modal
+ */
+document.addEventListener('keyup', function(e) {
+    if (e.keyCode == 27) {
+        modal.style.display = "none";
+        registerModal.style.display = "none";
+
+    }
+});
+/**
+ * Created by joey on 2-2-17.
+ */

website/public/js/main.js

@@ -3,8 +3,7 @@ var months = ["januari", "februari", "maart", "april", "mei", "juni", "juli", "a
 
 function fancyText(text) {
     // Add links, images, gifs and (youtube) video's.
-    var regex = /(https?:\/\/.[^ <>"]*)/ig;
+    text = text.replace(/(https?:\/\/.[^ \n<>"]*)/ig, function(link) {
-    text = text.replace(regex, function(link) {
         // Add images
         if (link.match(/(https?:\/\/.[^ ]*\.(?:png|jpg|jpeg|gif))/ig)) {
             return "<img alt='" + link + "' src='" + link + "' />";
@@ -39,7 +38,7 @@ function fancyText(text) {
 }
 
 // This function gets the value of a cookie when given a key.
-// If didn´t find any compatible cookie, it returns false.
+// If it didn´t find any compatible cookie, it returns false.
 function getCookie(key) {
     cookies = document.cookie.split("; ");
     for (var i in cookies) {

website/public/js/masonry.js

@@ -43,6 +43,10 @@ function postPost() {
                     $('#alertbox').show();
                     $('#alerttext').html("Geen titel of inhoud; vul a.u.b. in.");
                     window.scrollTo(0,0);
+                } else if (data == "logged out") {
+                    window.location.href = "login.php?url=" + window.location.pathname;
+                } else if (data == "frozen") {
+                    alert("Je account is bevroren, dus je kan geen posts plaatsen. Contacteer een admin als je denkt dat dit onjuist is.");
                 } else {
                     $('#alertbox').hide();
                     masonry(masonryMode);
@@ -57,6 +61,10 @@ function postPost() {
                     $('#alertbox').show();
                     $('#alerttext').html("Geen titel of inhoud; vul a.u.b. in.");
                     window.scrollTo(0,0);
+                } else if (data == "logged out") {
+                    window.location.href = "login.php?url=" + window.location.pathname;
+                } else if (data == "frozen") {
+                    alert("Je account is bevroren, dus je kan geen posts plaatsen. Contacteer een admin als je denkt dat dit onjuist is.");
                 } else {
                     $('#alertbox').hide();
                     masonry(masonryMode);
@@ -93,6 +101,21 @@ $(window).on("load", function() {
             loadMorePosts(userID, groupID, postAmount, postLimit);
         }
     };
+
+    $(document).keyup(function(e) {
+        if (e.keyCode == 27) {
+            closeModal();
+        }
+    });
+
+    $('.modal').click(function() {
+        closeModal();
+    });
+
+    $('.modal-content').click(function(event){
+        event.stopPropagation();
+    });
+
 });
 
 // Hide modal view from the screen.

website/public/js/post.js

@@ -8,6 +8,8 @@ function postComment(buttonValue) {
     ).done(function (response) {
         if (response == "frozen") {
             alert("Je account is bevroren, dus je kan geen comments plaatsen of \"niet slechten\". Contacteer een admin als je denkt dat dit onjuist is.");
+        } else if (response == "logged out") {
+            window.location.href = "login.php?url=" + window.location.pathname;
         }
     });
 
@@ -30,6 +32,8 @@ function deletePost(postID) {
     ).done(function (response) {
         if (response == "frozen") {
             alert("Je account is bevroren, dus je kan geen posts verwijderen. Contacteer een admin als je denkt dat dit onjuist is.");
+        } else if (response == "logged out") {
+            window.location.href = "login.php?url=" + window.location.pathname;
         }
     });
     closeModal();

website/public/login.php

@@ -13,18 +13,12 @@
 ?>
 <body>
 <?php
-    session_start();
 
-    // Checks if there's an user already logged in
-    if(isset($_SESSION["userID"])){
-      echo "<script>
-                window.onload=checkLoggedIn();
-            </script>";
-    }
 include("../views/homeLoginRegister.php");
 
 /* This view adds login view */
 include("../views/login-view.php");
 ?>
+<script src="js/loginRegisterModals.js"></script>;
 </body>
 </html>

website/public/manifest.json

@@ -0,0 +1,44 @@
+{
+  "name": "Web Application Manifest Sample",
+  "icons": [
+    {
+      "src": "launcher-icon-0-75x.png",
+      "sizes": "36x36",
+      "type": "image/png",
+      "density": "0.75"
+    },
+    {
+      "src": "launcher-icon-1x.png",
+      "sizes": "48x48",
+      "type": "image/png",
+      "density": "1.0"
+    },
+    {
+      "src": "launcher-icon-1-5x.png",
+      "sizes": "72x72",
+      "type": "image/png",
+      "density": "1.5"
+    },
+    {
+      "src": "launcher-icon-2x.png",
+      "sizes": "96x96",
+      "type": "image/png",
+      "density": "2.0"
+    },
+    {
+      "src": "launcher-icon-3x.png",
+      "sizes": "144x144",
+      "type": "image/png",
+      "density": "3.0"
+    },
+    {
+      "src": "launcher-icon-4x.png",
+      "sizes": "192x192",
+      "type": "image/png",
+      "density": "4.0"
+    }
+  ],
+  "start_url": "index.html",
+  "display": "standalone",
+  "orientation": "portrait"
+}

website/public/profile.php

@@ -25,7 +25,8 @@ if(empty($_GET["username"])) {
     $userID = getUserID($_GET["username"]);
 }
 
-if(!$user = selectUser($_SESSION["userID"], $userID)) {
+
+if (isset($_SESSION["userID"]) and !$user = selectUser($_SESSION["userID"], $userID)) {
     header("HTTP/1.0 404 Not Found");
     header("Location: error/404.php");
     die();

website/public/register(stash).php

@@ -1,116 +0,0 @@
-<!DOCTYPE html>
-<html>
-<?php
-    include("../views/login_head.php");
-    require_once("../queries/connect.php");
-    include_once("../queries/register.php");
-    include_once("../queries/checkInput.php");
-    include_once("../queries/emailconfirm.php");
-?>
-<body>
-<?php
-    session_start();
-
-    if(isset($_SESSION["userID"])){
-        header("location: login.php");
-    }
-    // define variables and set to empty values
-    $name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $confirmEmail = $captcha = $ip = "";
-    $genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $confirmEmailErr = $captchaErr = "";
-    $correct = true;
-    $day_date = "dag";
-    $month_date = "maand";
-    $year_date = "jaar";
-
-    // Trying to register an account
-    if ($_SERVER["REQUEST_METHOD"] == "POST") {
-        try {
-            $name = test_input(($_POST["name"]));
-            checkInputChoice($name, "lettersAndSpaces");
-        } catch(lettersAndSpacesException $e){
-            $correct = false;
-            $nameErr = $e->getMessage();
-        }
-
-        try {
-            $surname = test_input(($_POST["surname"]));
-            checkInputChoice($surname, "lettersAndSpaces");
-        }
-        catch(lettersAndSpacesException $e){
-            $correct = false;
-            $surnameErr = $e->getMessage();
-        }
-
-        try{
-            $day_date = test_input(($_POST["day_date"]));
-            $month_date = test_input(($_POST["month_date"]));
-            $year_date = test_input(($_POST["year_date"]));
-            $bday = $year_date . "-" . $month_date . "-" . $day_date;
-            checkInputChoice($bday, "bday");
-        } catch(bdayException $e){
-            $correct = false;
-            $bdayErr = $e->getMessage();
-        }
-
-        try{
-            $username = str_replace(' ', '', test_input(($_POST["username"])));
-            checkInputChoice($username, "username");
-        } catch(usernameException $e){
-            $correct = false;
-            $usernameErr = $e->getMessage();
-        }
-
-        try{
-            $password = str_replace(' ', '', test_input(($_POST["password"])));
-            checkInputChoice($password, "longerEight");
-            matchPassword();
-        } catch(passwordException $e){
-            $correct = false;
-            $passwordErr = $e->getMessage();
-        } catch(confirmPasswordException $e){
-            $correct = false;
-            $confirmPasswordErr = $e->getMessage();
-        }
-
-        try{
-            $location = test_input(($_POST["location"]));
-            checkInputChoice($location, "lettersAndSpaces");
-        } catch(lettersAndSpacesException $e){
-            $correct = false;
-            $locationErr = $e->getMessage();
-        }
-
-        try{
-            $email = test_input(($_POST["email"]));
-            checkInputChoice($email, "email");
-            $confirmEmail = test_input(($_POST["confirmEmail"]));
-            matchEmail();
-        } catch(emailException $e){
-            $correct = false;
-            $emailErr = $e->getMessage();
-        } catch(confirmEmailException $e){
-            $correct = false;
-            $confirmEmailErr = $e->getMessage();
-        }
-
-        try{
-            $captcha = $_POST['g-recaptcha-response'];
-            checkCaptcha($captcha);
-        } catch(captchaException $e){
-            $correct = false;
-            $captchaErr = $e->getMessage();
-        }
-
-        try {
-            getIp();
-            registerCheck($correct);
-            sendConfirmEmailUsername($username);
-        } catch(registerException $e){
-            $genericErr = $e->getMessage();
-        }
-    }
-/* This view adds register view */
-include("../views/register-view.php");
-?>
-</body>
-</html>

website/public/settings.php

@@ -14,6 +14,8 @@
 <?php
 $alertClass;
 $alertMessage;
+
+// Select which button has been pressed.
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
     try {
         switch ($_POST["form"]) {
@@ -29,7 +31,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
             case "picture":
                 updateAvatar();
                 break;
-
         }
     } catch (AlertMessage $w) {
         $alertClass = $w->getClass();

website/public/styles/adminpanel.css

@@ -1,11 +1,13 @@
-.admin-panel {
-    min-width: 800px;
-}
 
 .admin-panel input[type="radio"], input[type="checkbox"] {
     vertical-align: middle;
-    height: 28px;
+    height: 14px;
-    margin: 2px;
+    width: 14px;
+    margin: 7px;
+}
+
+.table-checkbox {
+    width: 28px;
 }
 
 .admin-searchform {
@@ -34,13 +36,15 @@
     width: 100%;
 }
 
-.usertable .table-username {width: 150px}
+.table-checkbox {width: 20px}
-.usertable .table-status {width: 100px}
+.table-username {width: 150px}
-.usertable .table-action {width: 200px}
+.table-status {width: 100px}
+.table-action {width: 200px}
 
 .usertable th, td {
     border-bottom: 1px solid #ddd;
     padding: 3px;
+    word-wrap: break-word;
 }
 
 .usertable th, tr {
@@ -51,6 +55,10 @@
     background-color: #f5f5f5;
 }
 
+.bancomment {
+    width: 80%;
+}
+
 .bancommentedit {
     display: none;
 }

website/public/styles/index.css

@@ -198,12 +198,6 @@ ul {
     animation-duration: 0.4s
 }
 
-/* Add Animation */
-@-webkit-keyframes animatetop {
-    from {top:-300px; opacity:0}
-    to {top:0; opacity:1}
-}
-
 @keyframes animatetop {
     from {top:-300px; opacity:0}
     to {top:0; opacity:1}

website/public/styles/main.css

@@ -256,8 +256,6 @@ div[data-title]:hover:after {
     top: 150%;
     z-index: 200;
     white-space: nowrap;
-    -moz-border-radius: 3px;
-    -webkit-border-radius: 3px;
     border-radius: 3px;
     box-shadow: 0 14px 28px rgba(0,0,0,0.25), 0 10px 10px rgba(0,0,0,0.22);
     background-color: #333;

website/public/styles/post-popup.css

@@ -91,17 +91,5 @@
 
 .deleteButton {
     background-color: firebrick;
-
+    float: right;
-}
-
-.deleteButton i {
-    display: inline-block;
-}
-
-.deleteButton:hover span {
-    display: inline-block;
-}
-
-.deleteButton span {
-    display: none;
 }

website/public/styles/profile.css

@@ -27,14 +27,22 @@
     display: inline-block;
 }
 
+.friend-button-container div, .status-buttons-container div {
+    width: 200px;
+    display: inline-block;
+}
+
 .friend-button-container button, .status-buttons-container button, .group-button-container button {
     display: block;
+    float: right;
 
     margin: 7px 0;
-    width: 200px;
 
     font-size: 18px;
 }
+.status-buttons-container button {
+    float: left;
+}
 
 .group-button-container button {
     float: right;
@@ -71,9 +79,24 @@
 
 .group-picture {
     border: none;
-    margin-right: 15px;
 }
 
+.fancy-button span {
+    display: none;
+}
+
+.fancy-button:hover {
+    text-align: right;
+}
+
+.fancy-button i {
+    display: inline-block;
+}
+
+.fancy-button:hover span {
+    display: inline-block;
+    margin-right: 5px;
+}
 
 /* Old */
 

website/queries/checkInput.php

@@ -41,7 +41,11 @@ function checkInputChoice($variable, $option){
     }
 }
 
-/* Checks for only letters and spaces. */
+/**
+ * Checks for only letters and spaces.
+ * @param $variable
+ * @throws lettersAndSpacesException
+ */
 function checkName($variable){
     if (empty($variable)) {
         throw new lettersAndSpacesException("Verplicht!");
@@ -52,7 +56,11 @@ function checkName($variable){
     }
 }
 
-/* Checks for bday */
+/**
+ * Checks for bday
+ * @param $variable
+ * @throws bdayException
+ */
 function validateBday($variable){
     if (empty($variable)) {
         throw new bdayException("Verplicht!");
@@ -68,7 +76,7 @@ function validateBday($variable){
     }
 }
 
-// Checks for date
+/* Checks for date */
 function validateDate($date, $format)
 {
     $d = DateTime::createFromFormat($format, $date);
@@ -124,7 +132,7 @@ function validateEmail($variable){
         throw new emailException("Mag maximaal 50 karakters!");
     }
 }
-//255
+
 /* checks if an input is a valid email. */
 function validateFBEmail($variable){
     if (empty($variable)) {
@@ -138,6 +146,7 @@ function validateFBEmail($variable){
     }
 }
 
+/* checks if email is the same */
 function matchEmail(){
     if (strtolower($_POST["email"]) != strtolower($_POST["confirmEmail"])){
         throw new confirmEmailException("Emails matchen niet!");
@@ -153,7 +162,6 @@ function resetEmail($variable){
     }
 }
 
-
 /* checks if two passwords matches. */
 function matchPassword(){
     if ($_POST["password"] != $_POST["confirmpassword"]) {
@@ -216,9 +224,13 @@ function test_input($data) {
     $data = trim($data);
     $data = stripslashes($data);
     $data = htmlspecialchars($data);
+    $data = trim($data);
     return $data;
 }
 
+/**
+ * Class lettersAndSpacesException
+ */
 class lettersAndSpacesException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -227,7 +239,9 @@ class lettersAndSpacesException extends Exception
     }
 }
 
-
+/**
+ * Class bdayException
+ */
 class bdayException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -236,6 +250,9 @@ class bdayException extends Exception
     }
 }
 
+/**
+ * Class usernameException
+ */
 class usernameException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -244,6 +261,9 @@ class usernameException extends Exception
     }
 }
 
+/**
+ * Class passwordException
+ */
 class passwordException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -252,6 +272,9 @@ class passwordException extends Exception
     }
 }
 
+/**
+ * Class confirmPasswordException
+ */
 class confirmPasswordException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -260,6 +283,9 @@ class confirmPasswordException extends Exception
     }
 }
 
+/**
+ * Class fbConfirmPasswordException
+ */
 class fbConfirmPasswordException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -268,6 +294,9 @@ class fbConfirmPasswordException extends Exception
     }
 }
 
+/**
+ * Class emailException
+ */
 class emailException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -276,6 +305,9 @@ class emailException extends Exception
     }
 }
 
+/**
+ * Class confirmEmailException
+ */
 class confirmEmailException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -284,6 +316,9 @@ class confirmEmailException extends Exception
     }
 }
 
+/**
+ * Class captchaException
+ */
 class captchaException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -292,6 +327,9 @@ class captchaException extends Exception
     }
 }
 
+/**
+ * Class registerException
+ */
 class registerException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)

website/queries/connect.php

@@ -10,6 +10,11 @@ else {
     or die('Error connecting to mysql server');
 }
 
+/**
+ * Helperfunction to create a database query.
+ * @param string $query
+ * @return PDOStatement
+ */
 function prepareQuery(string $query) : PDOStatement {
     return $GLOBALS["db"]->prepare($query);
 }

website/queries/createGroup.php

@@ -0,0 +1,44 @@
+<?php
+require_once "../queries/checkInput.php";
+require_once "../queries/picture.php";
+require_once "../queries/alerts.php";
+
+/**
+ * Creates a group.
+ */
+function createGroup()
+{
+    // Creates the group.
+    $createGroup = prepareQuery("
+    INSERT INTO
+        `group_page` (`name`, `description`)
+    VALUES (:name, :description);
+    ");
+    $createGroup->bindValue(':name', test_input($_POST["groupName"]), PDO::PARAM_STR);
+    $createGroup->bindValue(':description', test_input($_POST["bio"]));
+    $createGroup->execute();
+
+    // Gets the groupID just created.
+    $getGroupID = prepareQuery("
+    SELECT
+        `groupID`
+    FROM
+        `group_page`
+    WHERE
+        `name` LIKE :name");
+    $getGroupID->bindValue(':name', test_input($_POST["groupName"]), PDO::PARAM_STR);
+    $getGroupID->execute();
+    $groupID = $getGroupID->fetch()["groupID"];
+
+    // Adds the user as an admin.
+    $makeUserAdmin = prepareQuery("
+    INSERT INTO
+        `group_member` (userID, groupID, role)
+    VALUES (:userID, :groupID, 'admin')
+    ");
+    $makeUserAdmin->bindValue(":userID", $_SESSION["userID"]);
+    $makeUserAdmin->bindValue("groupID", $groupID);
+    $makeUserAdmin->execute();
+
+    updateAvatar($groupID);
+}

website/queries/emailconfirm.php

@@ -1,5 +1,8 @@
 <?php
-
+/**
+ * Sends a confirm email if you know the username.
+ * @param string $username
+ */
 function sendConfirmEmailUsername(string $username) {
     $stmt = prepareQuery("
     SELECT
@@ -15,6 +18,10 @@ function sendConfirmEmailUsername(string $username) {
     sendConfirmEmail($userID);
 }
 
+/**
+ * Sends a confirm email if you know the userID.
+ * @param int $userID
+ */
 function sendConfirmEmail(int $userID) {
     $stmt = prepareQuery("
     SELECT 

website/queries/friendship.php

@@ -2,10 +2,21 @@
 
 require_once ("connect.php");
 
+/**
+ * Selects all friends of a user.
+ * @param $userID
+ * @return string
+ */
 function selectFriends($userID) {
     return selectLimitedFriends($userID, 9999);
 }
 
+/**
+ * Returns a limited amount of friends of a user.
+ * @param $userID
+ * @param $limit
+ * @return string
+ */
 function selectLimitedFriends($userID, $limit) {
     $stmt = prepareQuery("
         SELECT
@@ -46,7 +57,11 @@ function selectLimitedFriends($userID, $limit) {
     return json_encode($stmt->fetchAll());
 }
 
-
+/**
+ * Selects all friends of a user.
+ * @param $userID
+ * @return PDOStatement
+ */
 function selectAllFriends($userID) {
     $stmt = prepareQuery("
         SELECT
@@ -83,6 +98,10 @@ function selectAllFriends($userID) {
     return $stmt;
 }
 
+/**
+ * Returns all friend requests of the current user.
+ * @return string
+ */
 function selectAllFriendRequests() {
     $stmt = prepareQuery("
         SELECT
@@ -119,6 +138,11 @@ function selectAllFriendRequests() {
     return json_encode($stmt->fetchAll());
 }
 
+/**
+ * Gets the friendship status from current user and userID.
+ * @param $userID
+ * @return int
+ */
 function getFriendshipStatus($userID) {
     # -2: Query failed.
     # -1: user1 and 2 are the same user
@@ -162,6 +186,11 @@ function getFriendshipStatus($userID) {
     return intval($stmt->fetch()["friend_state"]);
 }
 
+/**
+ * Request friendship from current user to target user.
+ * @param $userID
+ * @return bool
+ */
 function requestFriendship($userID) {
     $stmt = prepareQuery("
         INSERT INTO `friendship` (user1ID, user2ID)
@@ -173,6 +202,11 @@ function requestFriendship($userID) {
     return $stmt->execute();
 }
 
+/**
+ * Removes friendship between current and target user.
+ * @param $userID
+ * @return bool
+ */
 function removeFriendship($userID) {
     $stmt = prepareQuery("
         DELETE FROM `friendship`
@@ -189,6 +223,11 @@ function removeFriendship($userID) {
     return $stmt->execute();
 }
 
+/**
+ * Sets the friendship between current and target user to accepted.
+ * @param $userID
+ * @return bool
+ */
 function acceptFriendship($userID) {
     $stmt = prepareQuery("
         UPDATE `friendship`
@@ -204,6 +243,11 @@ function acceptFriendship($userID) {
     return $stmt->execute();
 }
 
+/**
+ * Sets the last time the user visited the chat with specified friend.
+ * @param $friend
+ * @return PDOStatement
+ */
 function setLastVisited($friend) {
     $stmt = prepareQuery("
         UPDATE
@@ -234,6 +278,13 @@ function setLastVisited($friend) {
     return $stmt;
 }
 
+/**
+ * Searches m friends from n filtered by search.
+ * @param $n
+ * @param $m
+ * @param $search
+ * @return string
+ */
 function searchSomeFriends($n, $m, $search) {
     $stmt = prepareQuery("
     SELECT
@@ -281,6 +332,11 @@ function searchSomeFriends($n, $m, $search) {
     return json_encode($stmt->fetchAll());
 }
 
+/**
+ * Counts all friends of current user filtered by search.
+ * @param $search
+ * @return string
+ */
 function countSomeFriends($search) {
     $stmt = prepareQuery("
     SELECT

website/queries/groupAdmin.php

@@ -0,0 +1,192 @@
+<?php
+/**
+ * Gets the current settings for a group.
+ * @param int $groupID
+ * @return mixed
+ */
+function getGroupSettings(int $groupID) {
+    $stmt = prepareQuery("
+    SELECT
+        `name`,
+        `picture`,
+        `description`
+    FROM
+        `group_page`
+    WHERE
+        `groupID` = :groupID
+    ");
+    $stmt->bindParam(":groupID", $groupID);
+    $stmt->execute();
+    return $stmt->fetch();
+}
+
+/**
+ * Updates the settings for a group.
+ * @param int $groupID
+ * @throws AngryAlert
+ * @throws HappyAlert
+ */
+function updateGroupSettings(int $groupID)
+{
+    if (!checkGroupAdmin($groupID, $_SESSION["userID"])) {
+        throw new AngryAlert("Je hebt geen rechten in deze groep");
+    }
+    $stmt = prepareQuery("
+    UPDATE
+        `group_page`
+    SET
+      `name` = :name,
+      `description` = :bio
+    WHERE
+      `groupID` = :groupID
+    ");
+    $stmt->bindValue(":bio", test_input($_POST["bio"]));
+    $stmt->bindValue(":name", test_input($_POST["name"]));
+    $stmt->bindValue(":groupID", test_input($_POST["groupID"]));
+    $stmt->execute();
+    if ($stmt->rowCount()) {
+        throw new HappyAlert("Groep aangepast!");
+    } else {
+        throw new AngryAlert("Er is iets mis gegaan");
+    }
+}
+
+/**
+ * Checks if a user is an admin for a page.
+ * @param int $groupID
+ * @param int $userID
+ * @return bool
+ */
+function checkGroupAdmin(int $groupID, int $userID) : bool {
+    $stmt = prepareQuery("
+    SELECT
+        `role`
+    FROM
+        `group_member`
+    WHERE
+        `groupID` = :groupID AND 
+        `userID` = :userID
+    ");
+    $stmt->bindValue(":userID", $userID);
+    $stmt->bindValue(":groupID", $groupID);
+    $stmt->execute();
+    if (!$stmt->rowCount()) {
+        return false;
+    }
+    $role = $stmt->fetch()["role"];
+    return ($role == "admin");
+}
+
+/**
+ * Returns all normal members for a group.
+ * @param int $groupID
+ * @return array|bool
+ */
+function getAllGroupUsers(int $groupID) {
+    return getAllGroupMembers($groupID, 'member');
+}
+
+/**
+ * Returns all admin for a group.
+ * @param int $groupID
+ * @return array|bool
+ */
+function getAllGroupAdmins(int $groupID) {
+    return getAllGroupMembers($groupID, 'admin');
+}
+
+/**
+ * Returns all Moderators for a group.
+ * @param int $groupID
+ * @return array|bool
+ */
+function getAllGroupMods(int $groupID) {
+    return getAllGroupMembers($groupID, 'mod');
+}
+
+/**
+ * Returns all members for a group specified by a string.
+ * @param int $groupID
+ * @param string $role
+ * @return array|bool
+ */
+function getAllGroupMembers(int $groupID, string $role) {
+    $stmt = prepareQuery("
+        SELECT
+          `username`,
+          `user`.`userID`,
+          CONCAT(`fname`, ' ', `lname`) AS `fullname`,
+          `group_member`.`role`
+        FROM
+          `group_member`
+        LEFT JOIN
+          `user`
+        ON
+          `group_member`.`userID` = `user`.`userID`
+        WHERE
+          `groupID` = :groupID AND `group_member`.`role` = :role
+    ");
+
+    $stmt->bindParam(':groupID', $groupID);
+    $stmt->bindParam(":role", $role);
+    if (!$stmt->execute()) {
+        return False;
+    }
+    return $stmt->fetchAll();
+}
+
+/**
+ * Upgrades or downgrades a groupmember to a different role.
+ * @param int $groupID
+ * @param int $userID
+ * @param string $role
+ * @throws AngryAlert
+ * @throws HappyAlert
+ */
+function upgradeUser(int $groupID, int $userID, string $role) {
+    if (!checkGroupAdmin($groupID, $_SESSION["userID"])) {
+        throw new AngryAlert("Geen toestemming om te wijzigen");
+    }
+
+    $stmt = prepareQuery("
+    UPDATE
+        `group_member`
+    SET
+        `role` = :role
+    WHERE 
+        `userID` = :userID AND `groupID` = :groupID
+    ");
+    $stmt->bindValue(":groupID", $groupID);
+    $stmt->bindValue(":userID", $userID);
+    $stmt->bindValue(":role", $role);
+    $stmt->execute();
+    if ($stmt->rowCount()) {
+        throw new HappyAlert("Permissie aangepast!");
+    } else {
+        throw new AngryAlert("Er is iets mis gegaan");
+    }
+}
+
+/**
+ * Removes a group form the database.
+ * @throws AngryAlert
+ * @throws HappyAlert
+ */
+function deleteGroup() {
+    if (!checkGroupAdmin($_POST["groupID"], $_SESSION["userID"])) {
+        throw new AngryAlert("Geen toestemming om de groep te verwijderen!");
+    }
+    $stmt = prepareQuery("
+    DELETE FROM
+        `group_page`
+    WHERE
+        `groupID` = :groupID
+    ");
+    $stmt->bindValue(":groupID", $_POST["groupID"]);
+    $stmt->execute();
+    if ($stmt->rowCount()) {
+        throw new HappyAlert("Group verwijderd!");
+    } else {
+        throw new AngryAlert("Er is iets mis gegaan");
+    }
+}

website/queries/group_member.php

@@ -1,9 +1,20 @@
 <?php
 
+/**
+ * Returns all groups a user is member of.
+ * @param $userID
+ * @return string
+ */
 function selectAllGroupsFromUser($userID) {
     return selectLimitedGroupsFromUser($userID, 9999);
 }
 
+/**
+ * Selects number of groups that a user is member of.
+ * @param $userID
+ * @param $limit
+ * @return string
+ */
 function selectLimitedGroupsFromUser($userID, $limit) {
     $stmt = prepareQuery("
     SELECT
@@ -27,6 +38,13 @@ function selectLimitedGroupsFromUser($userID, $limit) {
     return json_encode($stmt->fetchAll());
 }
 
+/**
+ * Returns m groups offset by n filtered by search that the current user is part of.
+ * @param $n
+ * @param $m
+ * @param $search
+ * @return string
+ */
 function searchSomeOwnGroups($n, $m, $search) {
     $stmt = prepareQuery("
     SELECT
@@ -55,6 +73,11 @@ function searchSomeOwnGroups($n, $m, $search) {
     return json_encode($stmt->fetchAll());
 }
 
+/**
+ * Counts all groups filtered by search that the current user is member of.
+ * @param $search
+ * @return string
+ */
 function countSomeOwnGroups($search) {
     $stmt = prepareQuery("
     SELECT
@@ -78,6 +101,13 @@ function countSomeOwnGroups($search) {
     return $stmt->fetchColumn();
 }
 
+/**
+ * Adds a user by userID to a group by groupID with a specified role.
+ * @param $groupID
+ * @param $userID
+ * @param $role
+ * @return bool
+ */
 function addMember($groupID, $userID, $role) {
     $stmt = prepareQuery("
     INSERT INTO
@@ -92,6 +122,13 @@ function addMember($groupID, $userID, $role) {
     return $stmt->execute();
 }
 
+/**
+ * Changes te role of a user within a group to the specified one.
+ * @param $groupID
+ * @param $userID
+ * @param $role
+ * @return bool
+ */
 function changeMember($groupID, $userID, $role) {
     $stmt = prepareQuery("
     UPDATE
@@ -109,6 +146,12 @@ function changeMember($groupID, $userID, $role) {
     return $stmt->execute();
 }
 
+/**
+ * Removes a user from a group.
+ * @param $groupID
+ * @param $userID
+ * @return bool
+ */
 function deleteMember($groupID, $userID) {
     $stmt = prepareQuery("
     DELETE FROM

website/queries/group_page.php

@@ -2,6 +2,10 @@
 
 require_once("connect.php");
 
+/**
+ * Selects some info from a group by name.
+ * @return bool|mixed
+ */
 function selectGroupByName($name) {
     $stmt = prepareQuery("
         SELECT
@@ -41,6 +45,11 @@ function selectGroupByName($name) {
     return $row;
 }
 
+/**
+ * Selects the current user's role within a group by the group's ID.
+ * @param int $groupID
+ * @return bool|string
+ */
 function selectGroupRole(int $groupID) {
     $stmt = prepareQuery("
         SELECT
@@ -63,6 +72,11 @@ function selectGroupRole(int $groupID) {
     return $stmt->fetch()["role"];
 }
 
+/**
+ * Returns the status of a group by it's ID.
+ * @param int $groupID
+ * @return bool
+ */
 function selectGroupStatus(int $groupID) {
     $stmt = prepareQuery("
         SELECT
@@ -80,6 +94,11 @@ function selectGroupStatus(int $groupID) {
     return $stmt->fetch()["status"];
 }
 
+/**
+ * Returns some info of all group members.
+ * @param int $groupID
+ * @return bool|PDOStatement
+ */
 function selectGroupMembers(int $groupID) {
     $stmt = prepareQuery("
         SELECT
@@ -105,9 +124,14 @@ function selectGroupMembers(int $groupID) {
     if (!$stmt->execute()) {
         return False;
     }
-    return $stmt->fetchAll();
+    return $stmt;
 }
 
+/**
+ * Returns group info by it's ID.
+ * @param $groupID
+ * @return PDOStatement
+ */
 function selectGroupById($groupID) {
     $q = prepareQuery("
     SELECT
@@ -127,6 +151,11 @@ function selectGroupById($groupID) {
     return $q;
 }
 
+/**
+ * Returns some info of 20 groups offset by n.
+ * @param $n
+ * @return PDOStatement
+ */
 function select20GroupsFromN($n) {
     $q = prepareQuery("
     SELECT
@@ -149,6 +178,12 @@ function select20GroupsFromN($n) {
     return $q;
 }
 
+/**
+ * Returns info of 20 groups offset by n, filtered by status.
+ * @param $n
+ * @param $status
+ * @return PDOStatement
+ */
 function select20GroupsByStatusFromN($n, $status) {
     $q = prepareQuery("
     SELECT
@@ -174,6 +209,13 @@ function select20GroupsByStatusFromN($n, $status) {
     return $q;
 }
 
+/**
+ * Returns info of 20 groups offset by n, filtered by status, filtered by search.
+ * @param $n
+ * @param $keyword
+ * @param $status
+ * @return PDOStatement
+ */
 function search20GroupsFromNByStatus($n, $keyword, $status) {
     $q = prepareQuery("
     SELECT
@@ -201,6 +243,14 @@ function search20GroupsFromNByStatus($n, $keyword, $status) {
     return $q;
 }
 
+/**
+ * Returns info of n groups offset by m, filtered by status and search.
+ * @param $n
+ * @param $m
+ * @param $search
+ * @param $status
+ * @return PDOStatement
+ */
 function searchSomeGroupsByStatus($n, $m, $search, $status) {
 //    parentheses not needed in where clause, for clarity as
 //      role search should override status filter.
@@ -233,6 +283,12 @@ function searchSomeGroupsByStatus($n, $m, $search, $status) {
     return $q;
 }
 
+/**
+ * Count all groups filtered by status and search.
+ * @param $search
+ * @param $status
+ * @return PDOStatement
+ */
 function countSomeGroupsByStatus($search, $status) {
     $q = prepareQuery("
     SELECT
@@ -256,6 +312,12 @@ function countSomeGroupsByStatus($search, $status) {
     return $q;
 }
 
+/**
+ * Changes the status of a group with the given ID.
+ * @param $id
+ * @param $status
+ * @return PDOStatement
+ */
 function changeGroupStatusByID($id, $status) {
     $q = prepareQuery("
     UPDATE
@@ -272,6 +334,12 @@ function changeGroupStatusByID($id, $status) {
     return $q;
 }
 
+/**
+ * Changes the status of multiple groups to 1 status by an array of IDs.
+ * @param $ids
+ * @param $status
+ * @return PDOStatement
+ */
 function changeMultipleGroupStatusByID($ids, $status) {
     $q = prepareQuery("
     UPDATE
@@ -289,6 +357,13 @@ function changeMultipleGroupStatusByID($ids, $status) {
     return $q;
 }
 
+/**
+ * Returns m groups offset by n, filtered by search.
+ * @param $n
+ * @param $m
+ * @param $search
+ * @return string
+ */
 function searchSomeGroups($n, $m, $search) {
     $stmt = prepareQuery("
     SELECT
@@ -312,6 +387,11 @@ function searchSomeGroups($n, $m, $search) {
     return json_encode($stmt->fetchAll());
 }
 
+/**
+ * Counts all group filtered by search.
+ * @param $search
+ * @return PDOStatement
+ */
 function countSomeGroups($search) {
     $stmt = prepareQuery("
     SELECT

website/queries/login.php

@@ -1,5 +1,9 @@
 <?php
 
+/**
+ * Find matching password with the inputted username/emailadress.
+ * @return mixed
+ */
 function getUser() {
     $stmt = prepareQuery("
     SELECT
@@ -33,7 +37,7 @@ function getUserID() {
     return $stmt->fetch(PDO::FETCH_ASSOC);
 }
 
-function validateLogin($username, $password){
+function validateLogin($username, $password, $url){
         // Empty username or password field
     if (empty($username) || empty($password)) {
         throw new loginException("Inloggegevens zijn niet ingevuld");
@@ -44,26 +48,42 @@ function validateLogin($username, $password){
         $userID = getUser()["userID"];
         $role = getUser()["role"];
 
-        // If there's an account, go to the profile page
+        // If there's an account, check if the account is banned, frozen or unconfirmed.
         if(password_verify($psw, $hash)) {
             if ($role == "banned"){
                 echo "<script>
                          window.onload=bannedAlert();
                     </script>";
-            } else if ($role == "frozen"){
+
+            } else if ($role == "frozen") {
                 $_SESSION["userID"] = $userID;
+                if (!isset($url) or $url = "") {
                 echo "<script>
                          window.onload=frozenAlert();
                          window.location.href= 'profile.php';
                     </script>";
+                } else {
+                    echo "<script>
+                         window.onload=frozenAlert();
+                         window.location.href= $url;
+                    </script>";
+                }
+
             } else if ($role == "unconfirmed"){
                 sendConfirmEmail(getUser()["userID"]);
                 echo "<script>
                          window.onload=emailNotConfirmed();
                     </script>";
+
             } else {
                 $_SESSION["userID"] = $userID;
+                if(!isset($url) or $url == "") {
                     header("location: profile.php");
+                    echo "succes";
+                } else{
+                    header("location: ".$url);
+                }
+
             }
         } else {
             throw new loginException("Inloggevens zijn niet correct");

website/queries/nicetime.php

@@ -1,9 +1,16 @@
 <?php
+
+/**
+ * Return a relative dutch and readable text when given a datetime.
+ * @param $date
+ * @return string
+ */
 function nicetime($date) {
     if(empty($date)) {
         return "No date provided";
     }
 
+    // Create dutch arrays so it has dutch words.
     $single_periods = array("seconde", "minuut", "uur", "dag", "week", "maand", "jaar", "decennium");
     $multiple_periods = array("seconden", "minuten", "uur", "dagen", "weken", "maanden", "jaar", "decennia");
     $lengths = array("60", "60", "24", "7", "4.35", "12", "10", "0");
@@ -15,7 +22,8 @@ function nicetime($date) {
         return "Bad date";
     }
 
-    if($now > $unix_date) {
+    // Check if it is in the future or not.
+    if($now >= $unix_date) {
         $difference = $now - $unix_date;
         $tense = "geleden";
     } else {
@@ -23,6 +31,7 @@ function nicetime($date) {
         $tense = "vanaf nu";
     }
 
+    // Get the nice time.
     for($i = 0; $difference >= $lengths[$i] && $i < count($lengths) - 1; $i++) {
         $difference /= $lengths[$i];
     }

website/queries/picture.php

@@ -6,7 +6,10 @@
  * @throws AngryAlert
  * @throws HappyAlert
  */
-function updateAvatar(bool $group = false) {
+function updateAvatar(int $group = 0) {
+    if (!array_key_exists("pp", $_FILES)) {
+        throw new AngryAlert("Geen afbeelding meegegeven!");
+    }
     $publicDir = "/var/www/html/public/";
     $tmpImg = $_FILES["pp"]["tmp_name"];
     $avatarDir = $group ? "uploads/groupavatar/" : "uploads/profilepictures/";
@@ -16,17 +19,17 @@ function updateAvatar(bool $group = false) {
         if ($_FILES["pp"]["size"] > 4000000) {
             throw new AngryAlert("Bestand is te groot, maximaal 4MB toegestaan.");
         }
-        $relativePath = $avatarDir . $_SESSION["userID"] . "_avatar.gif";
+        $relativePath = $group ? $avatarDir . $group . "_avatar.gif"  : $avatarDir . $_SESSION["userID"] . "_avatar.gif";
-        $group ? removeOldGroupAvatar($_POST["groupID"]) : removeOldUserAvatar();
+        $group ? removeOldGroupAvatar($group) : removeOldUserAvatar();
         move_uploaded_file($tmpImg, $publicDir . $relativePath);
     } else {
-        $relativePath = $avatarDir . $_SESSION["userID"] . "_avatar.png";
+        $relativePath = $group ? $avatarDir . $group . "_avatar.png": $avatarDir . $_SESSION["userID"] . "_avatar.png";
         $scaledImg = scaleAvatar($tmpImg);
-        $group ? removeOldGroupAvatar($_POST["groupID"]) : removeOldUserAvatar();
+        $group ? removeOldGroupAvatar($group) : removeOldUserAvatar();
         imagepng($scaledImg, $publicDir . $relativePath);
     }
 
-    $group ? setGroupAvatarToDatabase("../" . $relativePath, $_POST["groupID"]) : setUserAvatarToDatabase("../" . $relativePath);
+    $group ? setGroupAvatarToDatabase("../" . $relativePath, $group) : setUserAvatarToDatabase("../" . $relativePath);
     throw new HappyAlert("Profielfoto veranderd.");
 }
 

website/queries/post.php

@@ -2,6 +2,12 @@
 
 require_once("connect.php");
 
+/**
+ * Select all posts on a user.
+ * @param $userID
+ * @param $groupID
+ * @return bool|PDOStatement
+ */
 function selectAllPosts($userID, $groupID) {
     $stmt = prepareQuery("
         SELECT
@@ -46,6 +52,14 @@ function selectAllPosts($userID, $groupID) {
 
 }
 
+/**
+ * Select $limit posts from $offset from a user or group.
+ * @param $userID
+ * @param $groupID
+ * @param $offset
+ * @param $limit
+ * @return bool|PDOStatement
+ */
 function selectSomePosts($userID, $groupID, $offset, $limit) {
     $stmt = prepareQuery("
         SELECT
@@ -94,9 +108,13 @@ function selectSomePosts($userID, $groupID, $offset, $limit) {
         return False;
     }
     return $stmt;
-
 }
 
+/**
+ * Select all the post information from an postID.
+ * @param $postID
+ * @return PDOStatement
+ */
 function selectPostById($postID) {
     $stmt = prepareQuery("
         SELECT
@@ -122,6 +140,11 @@ function selectPostById($postID) {
     return $stmt;
 }
 
+/**
+ * Get all the comments from a post.
+ * @param $postID
+ * @return PDOStatement
+ */
 function selectCommentsByPostId($postID) {
     $stmt = prepareQuery("
         SELECT
@@ -148,6 +171,13 @@ function selectCommentsByPostId($postID) {
     return $stmt;
 }
 
+/**
+ * Insert a post to a group or user
+ * @param $userID
+ * @param $groupID
+ * @param $title
+ * @param $content
+ */
 function makePost($userID, $groupID, $title, $content) {
     $stmt = prepareQuery("
         INSERT INTO
@@ -172,6 +202,13 @@ function makePost($userID, $groupID, $title, $content) {
     $stmt->execute();
 }
 
+/**
+ * Insert a comment by a post.
+ * @param $postID
+ * @param $userID
+ * @param $content
+ * @return int
+ */
 function makeComment($postID, $userID, $content) : int {
     $stmt = prepareQuery("
         INSERT INTO
@@ -194,6 +231,12 @@ function makeComment($postID, $userID, $content) : int {
     return $stmt->rowCount();
 }
 
+/**
+ * If a post already is niet slechted.
+ * @param int $postID
+ * @param int $userID
+ * @return int
+ */
 function makeNietSlecht(int $postID, int $userID) : int {
     if (checkNietSlecht($postID, $userID)) {
         return deleteNietSlecht($postID, $userID);
@@ -202,6 +245,12 @@ function makeNietSlecht(int $postID, int $userID) : int {
     }
 }
 
+/**
+ * Toggle a niet slecht of a post.
+ * @param int $postID
+ * @param int $userID
+ * @return int
+ */
 function checkNietSlecht(int $postID, int $userID) {
     $stmt = prepareQuery("
     SELECT
@@ -218,6 +267,12 @@ function checkNietSlecht(int $postID, int $userID) {
     return $stmt->rowCount();
 }
 
+/**
+ * Add a niet slecht to a post.
+ * @param int $postID
+ * @param int $userID
+ * @return int
+ */
 function addNietSlecht(int $postID, int $userID) {
     $stmt = prepareQuery("
     INSERT INTO
@@ -230,6 +285,12 @@ function addNietSlecht(int $postID, int $userID) {
     return $stmt->rowCount();
 }
 
+/**
+ * Delete a niet slecht.
+ * @param int $postID
+ * @param int $userID
+ * @return int
+ */
 function deleteNietSlecht(int $postID, int $userID) {
     $stmt = prepareQuery("
     DELETE FROM
@@ -244,6 +305,11 @@ function deleteNietSlecht(int $postID, int $userID) {
     return $stmt->rowCount();
 }
 
+/**
+ * Delete a post
+ * @param int $postID
+ * @param int $userID
+ */
 function deletePost(int $postID, int $userID) {
     if (checkPermissionOnPost($postID, $userID)) {
         $stmt = prepareQuery("
@@ -257,6 +323,12 @@ function deletePost(int $postID, int $userID) {
     }
 }
 
+/**
+ * Check if a user has premissions to delete a post.
+ * @param int $postID
+ * @param int $userID
+ * @return bool
+ */
 function checkPermissionOnPost(int $postID, int $userID) : bool {
     $getGroupID = prepareQuery("
     SELECT
@@ -281,6 +353,12 @@ function checkPermissionOnPost(int $postID, int $userID) : bool {
     }
 }
 
+/**
+ * Returns role of a user.
+ * @param int $userID
+ * @param int $groupID
+ * @return mixed role of a user.
+ */
 function getRoleInGroup(int $userID, int $groupID) {
     $stmt = prepareQuery("
     SELECT

website/queries/private_message.php

@@ -1,5 +1,10 @@
 <?php
 
+/**
+ * Get the the last 100 chat messages.
+ * @param $user2ID
+ * @return string
+ */
 function getOldChatMessages($user2ID) {
     require_once ("friendship.php");
     $user1ID = $_SESSION["userID"];
@@ -7,6 +12,9 @@ function getOldChatMessages($user2ID) {
         $stmt = prepareQuery("
         SELECT
           *
+        FROM
+            (SELECT
+                *
             FROM
                 `private_message`
             WHERE
@@ -15,9 +23,11 @@ function getOldChatMessages($user2ID) {
                 `origin` = :user2 AND
                 `destination` = :user1
             ORDER BY
-            `creationdate` ASC
+                `messageID` DESC
             LIMIT
-          100
+              100) sub
+        ORDER BY
+            `messageID` ASC
         ");
 
         $stmt->bindParam(":user1", $user1ID);
@@ -31,6 +41,12 @@ function getOldChatMessages($user2ID) {
     }
 }
 
+/**
+ * Send a chat message.
+ * @param $destination
+ * @param $content
+ * @return bool
+ */
 function sendMessage($destination, $content) {
     require_once("friendship.php");
     if (getFriendshipStatus($destination) == 1) {
@@ -60,6 +76,12 @@ function sendMessage($destination, $content) {
     }
 }
 
+/**
+ * Get all the chat messages after an messageID ($lastID).
+ * @param $lastID
+ * @param $destination
+ * @return string
+ */
 function getNewChatMessages($lastID, $destination) {
     require_once("friendship.php");
     if (getFriendshipStatus($destination) == 1) {
@@ -76,7 +98,7 @@ function getNewChatMessages($lastID, $destination) {
             `destination` = :user1) AND
             `messageID` > :lastID
         ORDER BY
-            `creationdate` ASC
+            `messageID` ASC
         ");
 
         $stmt->bindParam(':user1', $_SESSION["userID"]);
@@ -91,7 +113,10 @@ function getNewChatMessages($lastID, $destination) {
     }
 }
 
-
+/**
+ * Get of every friend the first unread chat message.
+ * @return string
+ */
 function selectAllUnreadChat() {
     $stmt = prepareQuery("
     SELECT

website/queries/settings.php

@@ -16,7 +16,10 @@ function getSettings() {
       `location`,
       `birthdate`,
       `bio`,
+      IFNULL(
                 `profilepicture`,
+                '../img/avatar-standard.png'
+            ) AS profilepicture,
       `showBday`,
       `showEmail`,
       `showProfile`
@@ -148,6 +151,10 @@ function doChangePassword() {
     }
 }
 
+/**
+ * Changes the users email if it is valid.
+ * @throws AngryAlert
+ */
 function changeEmail() {
 
     if (test_input($_POST["email"]) == test_input($_POST["email-confirm"])) {
@@ -164,6 +171,11 @@ function changeEmail() {
     }
 }
 
+/**
+ * Checks if an emailadres is available in the database.
+ * @param $email
+ * @throws AngryAlert
+ */
 function emailIsAvailableInDatabase($email) {
     $stmt = prepareQuery("
     SELECT
@@ -181,6 +193,12 @@ function emailIsAvailableInDatabase($email) {
     }
 }
 
+/**
+ * Does the actual changing of an email-adress.
+ * @param $email
+ * @throws AngryAlert
+ * @throws HappyAlert
+ */
 function doChangeEmail($email) {
     $stmt = prepareQuery("
     UPDATE

website/queries/user.php

@@ -2,6 +2,10 @@
 
 require_once ("connect.php");
 
+/**
+ * This sets the last activity of the session user to now.
+ * @return bool, true is it ran correctly
+ */
 function updateLastActivity() {
     $stmt = prepareQuery("
       UPDATE
@@ -15,6 +19,11 @@ function updateLastActivity() {
     return $stmt->execute();
 }
 
+/**
+ * This gets the userID from a username
+ * @param $username
+ * @return mixed
+ */
 function getUserID($username) {
     $stmt = prepareQuery("
         SELECT
@@ -30,6 +39,11 @@ function getUserID($username) {
     return $stmt->fetch()["userID"];
 }
 
+/**
+ * This gets the username from a userID
+ * @param $userID
+ * @return mixed
+ */
 function getUsername($userID) {
     $stmt = prepareQuery("
         SELECT
@@ -45,6 +59,12 @@ function getUsername($userID) {
     return $stmt->fetch()["username"];
 }
 
+/**
+ * This selects the information about the other user and the connection between the two.
+ * @param $me
+ * @param $other
+ * @return bool|mixed
+ */
 function selectUser($me, $other) {
     $stmt = prepareQuery("
         SELECT
@@ -107,6 +127,11 @@ function selectUser($me, $other) {
     return $stmt->fetch();
 }
 
+/**
+ * Select all the users from a group.
+ * @param $userID
+ * @return PDOStatement
+ */
 function selectAllUserGroups($userID) {
     $stmt = prepareQuery("
         SELECT
@@ -130,6 +155,11 @@ function selectAllUserGroups($userID) {
     return $stmt;
 }
 
+/**
+ * Selects 20 users from a given point in the table, ordered by role and name
+ * @param $n
+ * @return PDOStatement
+ */
 function select20UsersFromN($n) {
     $q = prepareQuery("
     SELECT
@@ -155,6 +185,12 @@ function select20UsersFromN($n) {
     return $q;
 }
 
+/**
+ * Search 20 users from a given point in the table, ordered by role and name
+ * @param $n
+ * @param $keyword
+ * @return PDOStatement
+ */
 function search20UsersFromN($n, $keyword) {
     $q = prepareQuery("
     SELECT
@@ -183,6 +219,13 @@ function search20UsersFromN($n, $keyword) {
     return $q;
 }
 
+/**
+ * Search 20 users from a given point in the database where the status @param $status
+ * @param $n
+ * @param $keyword
+ * @param $status
+ * @return PDOStatement
+ */
 function search20UsersFromNByStatus($n, $keyword, $status) {
     $q = prepareQuery("
     SELECT
@@ -215,6 +258,14 @@ function search20UsersFromNByStatus($n, $keyword, $status) {
     return $q;
 }
 
+/**
+ * Search users from a given point in the database where the status @param $status
+ * @param $n
+ * @param $m
+ * @param $search
+ * @param $status
+ * @return PDOStatement
+ */
 function searchSomeUsersByStatus($n, $m, $search, $status) {
 //    parentheses not needed in where clause, for clarity as
 //      role search should override status filter.
@@ -252,6 +303,12 @@ function searchSomeUsersByStatus($n, $m, $search, $status) {
     return $q;
 }
 
+/**
+ * Count the users with a name like $search and a $status
+ * @param $search
+ * @param $status
+ * @return PDOStatement
+ */
 function countSomeUsersByStatus($search, $status) {
     $q = prepareQuery("
     SELECT
@@ -276,7 +333,12 @@ function countSomeUsersByStatus($search, $status) {
     return $q;
 }
 
-
+/**
+ * Change the user status
+ * @param $id
+ * @param $status
+ * @return PDOStatement
+ */
 function changeUserStatusByID($id, $status) {
     $q = prepareQuery("
     UPDATE
@@ -293,6 +355,12 @@ function changeUserStatusByID($id, $status) {
     return $q;
 }
 
+/**
+ * Change multiple user statuses by an id array.
+ * @param $ids
+ * @param $status
+ * @return PDOStatement
+ */
 function changeMultipleUserStatusByID($ids, $status) {
     $q = prepareQuery("
     UPDATE
@@ -310,6 +378,13 @@ function changeMultipleUserStatusByID($ids, $status) {
     return $q;
 }
 
+/**
+ * Change multiple user statuses by an id array.
+ * This excludes that admins and owners statuses can be changed.
+ * @param $ids
+ * @param $status
+ * @return PDOStatement
+ */
 function changeMultipleUserStatusByIDAdmin($ids, $status) {
     $q = prepareQuery("
     UPDATE
@@ -329,6 +404,11 @@ function changeMultipleUserStatusByIDAdmin($ids, $status) {
     return $q;
 }
 
+/**
+ * Select a random user that is nog your friend.
+ * @param $userID
+ * @return mixed
+ */
 function selectRandomNotFriendUser($userID) {
     $stmt = prepareQuery("
     SELECT
@@ -357,6 +437,13 @@ function selectRandomNotFriendUser($userID) {
     return $stmt->fetch();
 }
 
+/**
+ * Search users.
+ * @param $n
+ * @param $m
+ * @param $search
+ * @return string
+ */
 function searchSomeUsers($n, $m, $search) {
     $stmt = prepareQuery("
     SELECT
@@ -397,6 +484,11 @@ function searchSomeUsers($n, $m, $search) {
     return json_encode($stmt->fetchAll());
 }
 
+/**
+ * Count the users that you get searching for a user with a keyword.
+ * @param $search
+ * @return PDOStatement
+ */
 function countSomeUsers($search) {
     $q = prepareQuery("
     SELECT
@@ -420,6 +512,11 @@ function countSomeUsers($search) {
         return $q;
 }
 
+/**
+ * Get the role of a user by userID.
+ * @param $userID
+ * @return mixed
+ */
 function getRoleByID($userID) {
     $stmt = prepareQuery("
         SELECT
@@ -435,6 +532,11 @@ function getRoleByID($userID) {
     return $stmt->fetch()["role"];
 }
 
+/**
+ * Edit the ban comment.
+ * @param $userID
+ * @param $comment
+ */
 function editBanCommentByID($userID, $comment) {
     $stmt = prepareQuery("
         UPDATE

website/views/adminpanel-grouptable.php

@@ -3,7 +3,7 @@
     <th class="table-username">Groepsnaam</th>
     <th class="table-status">Status</th>
     <th class="table-comment">Beschrijving</th>
-    <th class="table-action">Actie</th>
+    <th class="table-action">Zichtbaarheid</th>
 </tr>
 
 <?php

website/views/adminpanel-page.php

@@ -13,6 +13,7 @@ Pagina:
         id="currentpage"
         form="admin-searchform"
         onchange="adminSearch();">
+<!--  Construct the options.  -->
     <?php
     for ($i=1; $i <= ceil($countresults / $entries); $i++) {
         if ($currentpage == $i) {

website/views/adminpanel-table.php

@@ -1,5 +1,5 @@
 <tr>
-    <th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll()"></th>
+    <th class="table-checkbox"><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll()"></th>
     <th class="table-username">Gebruikersnaam</th>
     <th class="table-status">Status</th>
     <th class="table-comment">Aantekening</th>

website/views/adminpanel.php

@@ -1,5 +1,4 @@
-
+<!-- Form value holding. -->
-<!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
 <?php
 $search = "";
 $status = array("user", "frozen", "banned", "unconfirmed", "admin", "owner");
@@ -127,11 +126,11 @@ if (isset($_GET["groupstatus"])) {
                     if ($userinfo == 'owner') {
                         echo "<button type=\"submit\" 
                                       name=\"batchactions\" 
-                                      id=\"admin\" 
+                                      id=\"batch-admin\" 
                                       value=\"admin\">Maak Admin</button>
                               <button type=\"submit\" 
                                       name=\"batchactions\" 
-                                      id=\"owner\" 
+                                      id=\"batch-owner\" 
                                       value=\"owner\">Maak Eigenaar</button>";
                     }
                     ?>
@@ -140,9 +139,9 @@ if (isset($_GET["groupstatus"])) {
                       onsubmit="adminUpdate(this);  return false;">
 
                     <input type="hidden" name="groupbatchactions" id="groupbatchinput">
-                    <button type="submit" name="batchactions" id="hide" value="hidden">Verborgen</button>
+                    <button type="submit" name="batchactions" id="batch-hide" value="hidden">Verborgen</button>
-                    <button type="submit" name="batchactions" id="ban" value="public">Publiek</button>
+                    <button type="submit" name="batchactions" id="batch-public" value="public">Publiek</button>
-                    <button type="submit" name="batchactions" id="members" value="membersonly">Alleen Leden</button>
+                    <button type="submit" name="batchactions" id="batch-members" value="membersonly">Alleen Leden</button>
                 </form>
             </div>
 
@@ -152,5 +151,3 @@ if (isset($_GET["groupstatus"])) {
         </div>
     </div>
 </div>
-</body>
-</html>

website/views/createGroup.php

@@ -0,0 +1,42 @@
+<?php
+?>
+
+<div class="content">
+    <div class="createGroup">
+        <form class="platform settings" method="post" action="createGroup.php" enctype="multipart/form-data">
+            <h5>Maak een groep!</h5>
+            <ul>
+                <li>
+                    <label for="groupName">Groepsnaam</label>
+                    <input type="text"
+                           name="groupName"
+                           id="groupName"
+                           maxlength="63"
+                           placeholder="Groepsnaam"
+                    >
+                </li>
+                <li>
+                    <label for="bio">Bio</label>
+                    <textarea name="bio"
+                              rows="5"
+                              title="bio"
+                              id="bio"
+                              maxlength="1000"
+                    ></textarea>
+                </li>
+                <li>
+                    <label>Selecteer foto</label>
+                    <input type="file"
+                           name="pp"
+                           accept="image/*"
+                           size="4000000"
+                    >
+                </li>
+                <li>
+                    <label></label>
+                    <button type="submit">Maak Groep</button>
+                </li>
+            </ul>
+        </form>
+    </div>
+</div>

website/views/facebookRegisterModal.php

@@ -1,7 +1,6 @@
 <!-- The Modal -->
 <div id="fbModal" class="modal">
     <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
-          return= $correct
           method="post"
           name="fbModal">
 
@@ -66,17 +65,16 @@
                 </div>
                 <?php } ?>
             </div>
-            *<span class="error"> <?php echo $fbEmailErr;?></span>
+            <span class="error"> <?php echo $fbEmailErr;?></span>
             <div class="modal-footer">
                 <button type="submit"
                         value="fbRegister"
-                        name="submit"
+                        name="submit">
-                        id="frm1_submit">
                     Registreer account
                 </button>
             </div>
         </div>
-
+        <!-- Facebook information-->
         <input type="hidden"
                name="fbName"
                value="<?php echo $fbName ?>">

website/views/forgotPasswordModal.php

@@ -4,7 +4,6 @@
 <!-- The Modal -->
 <div id="myModal" class="modal">
     <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
-          return= $correct
           method="post"
           name="forgotPassword">
 
@@ -26,8 +25,7 @@
                 <div class="login_containerfault"><span><?php echo $resetErr; ?></span></div>
                 <button type="submit"
                         value="reset"
-                        name="submit"
+                        name="submit">
-                        id="frm1_submit">
                     Reset password
                 </button>
             </div>

website/views/group.php

@@ -1,6 +1,6 @@
 <div class="content">
     <div class="user-box">
-        <img class="group-picture main-picture" src="<?= $group["picture"] ?>"><br />
+        <img alt="<?= $group["name"] ?>" class="group-picture main-picture" src="<?= $group["picture"] ?>"><br />
         <div class="platform">
             <div class="status-buttons-container">
                 <button disabled class="gray"><?= $group["status"] ?></button>
@@ -16,9 +16,18 @@
         <h2>Leden (<?= $group['members'] ?>)</h2>
         <p>
             <?php
-                foreach($members as $member) {
+                $membercount = $members->rowCount();
+                $memberdif = $membercount - 7;
+
+                for ($i = 0; $i < min($membercount, 7); $i += 1) {
+                    $member = $members->fetch();
                     echo "<a href=\"profile.php?username=" . $member["username"] . "\" data-title=\"" . $member["username"] . "\"><img class=\"profile-picture\" src=\"" . $member["profilepicture"] . "\" alt=\"" . $member["username"] . "'s profielfoto\"></a>";
                 }
+
+                if ($memberdif > 0) {
+                    echo $memberdif === 1 ? "en nog 1 andere." : "...en nog $memberdif anderen.";
+                }
+
             ?>
         </p>
     </div>

website/views/groupAdmin.php

@@ -0,0 +1,168 @@
+<?php
+require_once "../queries/connect.php";
+require_once "../queries/groupAdmin.php";
+require_once "../queries/checkInput.php";
+$groupinfo = getGroupSettings($_GET["groupID"]);
+?>
+<div class="content">
+    <div class="settings">
+        <?php if ($_SERVER["REQUEST_METHOD"] == "POST"): ?>
+        <div class='platform settings-message <?=$alertClass?>'>
+            <?=$alertMessage?>
+        </div>
+        <?php endif; ?>
+        <div class="platform">
+            <ul>
+                <li>
+                    <label></label>
+                    <a href="group.php?groupname=<?=$groupinfo["name"]?>">
+                        <button><i class="fa fa-chevron-left"></i> Terug naar de groep</button>
+                    </a>
+                </li>
+            </ul>
+        </div>
+        <form class="platform" method="post">
+            <h5>Groep Instellingen</h5>
+            <input type="hidden" name="groupID" value="<?=$_GET["groupID"]?>">
+            <ul>
+                <li>
+                    <label for="name">Groepsnaam</label>
+                    <input type="text"
+                           name="name"
+                           id="name"
+                           maxlength="63"
+                           placeholder="Groepsnaam"
+                           title="Groepsnaam"
+                           value="<?=$groupinfo["name"]?>"
+                    >
+                </li>
+                <li>
+                    <label for="bio">Bio</label>
+                    <textarea name="bio"
+                              rows="5"
+                              title="bio"
+                              id="bio"
+                              maxlength="1000"
+                    ><?=$groupinfo["description"]?></textarea>
+                    <label></label>
+                </li>
+                <li>
+                    <label></label>
+                    <button type="submit"
+                            name="form"
+                            value="group"
+                    ><i class="fa fa-save"></i> Opslaan</button>
+                </li>
+            </ul>
+        </form>
+        <form class="platform" method="post" enctype="multipart/form-data">
+            <h5>Verander groepsafbeelding.</h5>
+            <input type="hidden" name="groupID" value="<?=$_GET["groupID"]?>">
+            <ul>
+                <li>
+                    <label>Huidige profielfoto</label>
+                    <img src="<?=$groupinfo["picture"]?>"
+                         class="group-picture"
+                    >
+                </li>
+                <li>
+                    <label>Selecteer foto</label>
+                    <input type="file"
+                           name="pp"
+                           accept="image/*"
+                           size="4000000"
+                           required
+                    >
+                </li>
+                <li>
+                    <label></label>
+                    <button type="submit"
+                            name="form"
+                            value="picture"
+                    ><i class="fa fa-picture-o"></i> Verander profielfoto</button>
+                </li>
+            </ul>
+        </form>
+        <form class="platform" method="post">
+            <h5>Voeg een admin/mod toe</h5>
+            <ul>
+                <il>
+                    <input name="groupID" value="<?=$_GET["groupID"]?>" type="hidden">
+                    <label>Selecteer gebruiker</label>
+                    <select name="userID">
+                        <option disabled selected>Geen gebruiker geselecteerd:</option>
+                        <?php
+                        $groupMembers = getAllGroupUsers($_GET["groupID"]);
+                        foreach ($groupMembers as $groupMember) {?>
+                            <option value="<?=$groupMember["userID"]?>">
+                                <?=$groupMember["fullname"]?> (<?=$groupMember["username"]?>)
+                            </option>
+                        <?php } ?>
+                    </select>
+                    <button name="form"
+                            value="admin"
+                    >
+                        Maak Admin
+                    </button>
+                    <button name="form"
+                            value="mod"
+                    >
+                        Maak Moderator
+                    </button>
+                </il>
+            </ul>
+        </form>
+        <form class="platform" method="post">
+            <h5>Verwijder een admin/mod</h5>
+            <ul>
+                <il>
+                    <input name="groupID" value="<?=$_GET["groupID"]?>" type="hidden">
+                    <label>Selecteer gebruiker</label>
+                    <select name="userID">
+                        <option disabled selected>Geen gebruiker geselecteerd:</option>
+                        <?php
+                        $groupAdmins = getAllGroupAdmins($_GET["groupID"]);
+                        foreach ($groupAdmins as $groupAdmin) {?>
+                            <option value="<?=$groupAdmin["userID"]?>">
+                                <?=$groupAdmin["fullname"]?> (<?=$groupAdmin["username"]?>) (<?=$groupAdmin["role"]?>)
+                            </option>
+                        <?php } ?>
+                        <?php
+                        $groupMods = getAllGroupMods($_GET["groupID"]);
+                        foreach ($groupMods as $groupMod) {?>
+                            <option value="<?=$groupMod["userID"]?>">
+                                <?=$groupMod["fullname"]?> (<?=$groupMod["username"]?>) (<?=$groupMod["role"]?>)
+                            </option>
+                        <?php } ?>
+                    </select>
+                    <button name="form"
+                            value="deadmin"
+                    >
+                        Verwijder
+                    </button>
+                </il>
+            </ul>
+        </form>
+        <form class="platform" method="post">
+            <ul>
+                <h5>Verwijder groep</h5>
+                <li>
+                    <label></label>
+                    <input name="groupID" value="<?=$_GET["groupID"]?>" type="hidden">
+                    <button class="red"
+                            name="form"
+                            value="delete"
+                    ><i class="fa fa-trash"></i> Verwijder groep</button>
+                </li>
+            </ul>
+        </form>
+        <div class="platform">
+            <ul>
+                <li>
+                    <label></label>
+                    <a href="group.php?groupname=<?=$groupinfo["name"]?>"><button><i class="fa fa-chevron-left"></i> Terug naar de groep</button></a>
+                </li>
+            </ul>
+        </div>
+    </div>        
+</div>

website/views/head.php

@@ -1,7 +1,41 @@
 <meta charset="UTF-8">
-<meta name="description" content="MyHyvesbook+ is het sociaal media voor alle coole mensen.">
+<meta name="description" content="MyHyvesbook+ is het sociaal medium voor alle coole mensen. Stap nu over van facebook op het gloednieuwe en betere sociaal medium.">
 <meta name="keywords" content="MyHyvesbookPlus,Myhyvesbook+,sociaal,media">
 <meta name="author" content="MyHyvesbookplus corporation">
+<!--Favicon-->
+<!-- Desktop Browsers -->
+<link rel="shortcut icon" type="image/x-icon" href="favicon.ico" />
+
+<!-- Android: Chrome M39 and up-->
+<link rel="manifest" href="manifest.json">
+<!-- Android: Chrome M31 and up, ignored if manifest is present-->
+<meta name="mobile-web-app-capable" content="yes">
+<link rel="icon" sizes="192x192" href="icon-192x192.png">
+<!-- iOS -->
+<meta name="apple-mobile-web-app-capable" content="yes">
+<meta name="apple-mobile-web-app-title" content="My Awesome Web App">
+
+<link rel="apple-touch-icon" sizes="180x180" href="apple-touch-icon-180x180-precomposed.png">
+<link href="apple-touch-icon-152x152-precomposed.png" sizes="152x152" rel="apple-touch-icon">
+<link href="apple-touch-icon-144x144-precomposed.png" sizes="144x144" rel="apple-touch-icon">
+<link href="apple-touch-icon-120x120-precomposed.png" sizes="120x120" rel="apple-touch-icon">
+<link href="apple-touch-icon-114x114-precomposed.png" sizes="114x114" rel="apple-touch-icon">
+<link href="apple-touch-icon-76x76-precomposed.png" sizes="76x76" rel="apple-touch-icon">
+<link href="apple-touch-icon-72x72-precomposed.png" sizes="72x72" rel="apple-touch-icon">
+<link href="apple-touch-icon-60x60-precomposed.png" sizes="60x60" rel="apple-touch-icon">
+<link href="apple-touch-icon-57x57-precomposed.png" sizes="57x57" rel="apple-touch-icon">
+<link href="apple-touch-icon-precomposed.png" rel="apple-touch-icon">
+
+<!-- Windows 8 and IE 11 -->
+<meta name="msapplication-config" content="browserconfig.xml" />
+
+<!-- Windows -->
+<meta name="application-name" content="My Awesome Web App" />
+<meta name="msapplication-tooltip" content="Get the latest updates!" />
+<meta name="msapplication-window" content="width=1024;height=768" />
+<meta name="msapplication-navbutton-color" content="#FF3300" />
+<meta name="msapplication-starturl" content="./" />
+
 <title>MyHyvesbook+</title>
 <!-- Add your javascript files here. -->
 <script src="js/jquery.js"></script>
@@ -26,8 +60,8 @@ require_once ("../queries/user.php");
 
 session_start();
 
-if(!isset($_SESSION["userID"])){
+if(!isset($_SESSION["userID"])) {
-    header("location:login.php");
+    header("location:login.php?url=" . "$_SERVER[REQUEST_URI]");
 } else {
     updateLastActivity();
 }

website/views/header.php

@@ -23,9 +23,9 @@ $userinfo = getHeaderInfo();
             <div id="hello-loop">
                 Hallo
             </div>
-            <?=$userinfo["fname"]?>
+            <?= $userinfo["fname"] ?>
         </div>
-        <img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/><i id="open-notifications" class="fa fa-bars"></i>
+        <img alt="<?= $userinfo["lname"] ?>" id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/><i id="open-notifications" class="fa fa-bars"></i>
     </div>
 </header>
 <?php include("notification-center.php"); ?>

website/views/homeLoginRegister.php

@@ -1,18 +1,26 @@
 <?php
+session_start();
+
+// Checks if there's a user already logged in
+if(isset($_SESSION["userID"])){
+    echo "<script>
+                window.onload=checkLoggedIn();
+            </script>";
+}
 
 // Facebook variables
 $appID = "353857824997532";
 $appSecret = "db47e91ffbfd355fdd11b4b65eade851";
-$fbUsername = $fbPassword = $fbConfirmpassword = "";
+$fbUsername = $fbPassword = $fbConfirmpassword = $fbName = $fbSurname = $fbBday = $fbEmail = $fbUserID = "";
 $fbUsernameErr = $fbPasswordErr = $fbConfirmpasswordErr = $fbEmailErr = $fbBdayErr = "";
 $fbCorrect = true;
-$fbName = $fbSurname = $fbBday = $fbEmail = $fbUserID = "";
 
 // Register variables
 $name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $confirmEmail = $captcha = $ip = "";
 $genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $confirmEmailErr = $captchaErr = "";
 $correct = true;
 
+// Bday dates
 $day_date = $month_date = $year_date = "";
 $fbDay_date = $fbMonth_date = $fbYear_date = "";
 
@@ -26,7 +34,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
         case "login":
             try {
                 $user = ($_POST["user"]);
-                validateLogin($_POST["user"], $_POST["psw"]);
+                validateLogin($_POST["user"], $_POST["psw"], $_POST["url"]);
             } catch(loginException $e) {
                 $loginErr = $e->getMessage();
             }
@@ -45,18 +53,22 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
             }
             break;
         case "register":
-            include("register.php");
+            include("../views/register.php");
             break;
         case "fbRegister":
-            include("fbRegister.php");
+            include("../views/fbRegister.php");
             break;
     }
 }
+
+// Get facebook information with facebook PHP SDK.
 $fb = new Facebook\Facebook([
     'app_id' => $appID,
     'app_secret' => $appSecret,
     'default_graph_version' => 'v2.2',
 ]);
+
+// Redirect back to login.php after logging/canceling with facebook.
 $redirect = "https://myhyvesbookplus.nl/login.php";
 $helper = $fb->getRedirectLoginHelper();
 
@@ -71,6 +83,7 @@ try {
     exit;
 }
 
+// If theres no facebook account logged in, ask for permission.
 if(!isset($acces_token)){
     $permission=["email", "user_birthday"];
     $loginurl=$helper->getLoginUrl($redirect,$permission);
@@ -79,13 +92,14 @@ if(!isset($acces_token)){
     $response = $fb->get('/me?fields=email,name,birthday');
     $usernode = $response->getGraphUser();
 
+    // Get facebook information
     $nameSplit = explode(" ", $usernode->getName());
     $fbName = $nameSplit[0];
     $fbSurname = $nameSplit[1];
     $fbUserID = $usernode->getID();
     $fbEmail = $usernode->getProperty("email");
-//        $image = 'https://graph.facebook.com/' . $usernode->getId() . '/picture?width=200';
 
+    // If there is an account, check if the account is banned or frozen.
     if (fbLogin($fbUserID) == 1) {
         $fbID = getfbUserID($fbUserID)["userID"];
         $fbRole = getfbUserID($fbUserID)["role"];
@@ -93,16 +107,20 @@ if(!isset($acces_token)){
             echo "<script>
                          window.onload=bannedAlert();
                     </script>";
+
         } else if($fbRole == "frozen"){
             $_SESSION["userID"] = $fbID;
             echo "<script>
                      window.onload=frozenAlert();
                      window.location.href= 'profile.php';
                   </script>";
+
         } else {
             $_SESSION["userID"] = $fbID;
             header("location: profile.php");
+
         }
+    // Registration with faceobook if theres no account.
     } else {
         echo "<script>
                     window.onload = function() {

website/views/login-view.php

@@ -13,10 +13,17 @@
     <h1>Welkom bij MyHyvesbook+</h1>
     <!-- Login content  -->
     <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
-          return=$correct
           method="post"
           name="login">
 
+        <!-- Url parameter  -->
+        <input type="hidden"
+               name="url"
+               value="<?php
+                        if(isset($_GET["url"])) {
+                            echo $_GET["url"];
+                        } ?>"/>
+
         <!-- Login name -->
         <div class="login_containerlogin">
             <label><b>Gebruikersnaam/Email</b></label>
@@ -47,8 +54,7 @@
         <div class="login_containerlogin">
             <button type="submit"
                     value="login"
-                    name="submit"
+                    name="submit">
-                    id="frm1_submit">
             Inloggen
             </button>
         </div>
@@ -69,74 +75,7 @@
 <?php
     if(!isset($acces_token)) {
         echo '<div class="login_containerlogin"><a class="fbButton" href="' . $loginurl . '"><i class="fa fa-facebook-square"></i> login met Facebook!</a></div>';
+    } else {
+        echo '<div class="login_containerlogin"><a class="fbButton" href="' . "https://myhyvesbookplus.nl/login.php" . '"><i class="fa fa-facebook-square"></i> loguit Facebook sessie</a></div>';
     }
 ?>
-
-<script>
-
-// Get the modal
-var modal = document.getElementById('myModal');
-var registerModal = document.getElementById('registerModal');
-var facebookModal = document.getElementById("fbModal");
-
-// Get the button that opens the modal
-var registerBtn = document.getElementById("registerBtn");
-var btn = document.getElementById("myBtn");
-
-
-// Get the <span> element that closes the modal
-var span = document.getElementsByClassName("close")[0];
-var registerSpan = document.getElementsByClassName("close")[1];
-var facebookCLose = document.getElementsByClassName("close")[2];
-
-    /**
-     * When the user clicks the button, open the modal
-     */
-    btn.onclick = function () {
-        modal.style.display = "block";
-
-    }
-    registerBtn.onclick = function () {
-        registerModal.style.display = "block";
-    }
-
-    /**
-     * WHen the user clicks on (X), close the modal
-     */
-    span.onclick = function () {
-        modal.style.display = "none";
-    }
-    registerSpan.onclick = function () {
-        registerModal.style.display = "none";
-    }
-    facebookCLose.onclick = function () {
-        facebookModal.style.display = "none";
-    }
-
-    /**
-     * When the user clicks anywhere outside of the modal, close it
-     */
-    window.onclick = function (event) {
-        if (event.target == modal) {
-            modal.style.display = "none";
-        }
-        if (event.target == registerModal) {
-            registerModal.style.display = "none";
-        }
-        if (event.target == facebookModal) {
-            facebookModal.style.display = "none";
-        }
-    }
-
-    /**
-     * When ESC is pressed, close modal
-     */
-    document.addEventListener('keyup', function(e) {
-            if (e.keyCode == 27) {
-                modal.style.display = "none";
-                registerModal.style.display = "none";
-
-            }
-        });
-
-</script>

website/views/login_head.php

@@ -1,8 +1,42 @@
 <head>
     <meta charset="UTF-8">
-    <meta name="description" content="MyHyvesbook+ is het sociaal media voor alle coole mensen.">
+    <meta name="description" content="MyHyvesbook+ is het sociaal medium voor alle coole mensen. Stap nu over van facebook op het gloednieuwe en betere sociaal medium.">
     <meta name="keywords" content="MyHyvesbookPlus,Myhyvesbook+,sociaal,media">
     <meta name="author" content="MyHyvesbookplus corporation">
+    <!-- Favicon-->
+    <!-- Desktop Browsers -->
+    <link rel="shortcut icon" type="image/x-icon" href="favicon.ico" />
+
+    <!-- Android: Chrome M39 and up-->
+    <link rel="manifest" href="manifest.json">
+    <!-- Android: Chrome M31 and up, ignored if manifest is present-->
+    <meta name="mobile-web-app-capable" content="yes">
+    <link rel="icon" sizes="192x192" href="icon-192x192.png">
+    <!-- iOS -->
+    <meta name="apple-mobile-web-app-capable" content="yes">
+    <meta name="apple-mobile-web-app-title" content="My Awesome Web App">
+
+    <link rel="apple-touch-icon" sizes="180x180" href="apple-touch-icon-180x180-precomposed.png">
+    <link href="apple-touch-icon-152x152-precomposed.png" sizes="152x152" rel="apple-touch-icon">
+    <link href="apple-touch-icon-144x144-precomposed.png" sizes="144x144" rel="apple-touch-icon">
+    <link href="apple-touch-icon-120x120-precomposed.png" sizes="120x120" rel="apple-touch-icon">
+    <link href="apple-touch-icon-114x114-precomposed.png" sizes="114x114" rel="apple-touch-icon">
+    <link href="apple-touch-icon-76x76-precomposed.png" sizes="76x76" rel="apple-touch-icon">
+    <link href="apple-touch-icon-72x72-precomposed.png" sizes="72x72" rel="apple-touch-icon">
+    <link href="apple-touch-icon-60x60-precomposed.png" sizes="60x60" rel="apple-touch-icon">
+    <link href="apple-touch-icon-57x57-precomposed.png" sizes="57x57" rel="apple-touch-icon">
+    <link href="apple-touch-icon-precomposed.png" rel="apple-touch-icon">
+
+    <!-- Windows 8 and IE 11 -->
+    <meta name="msapplication-config" content="browserconfig.xml" />
+
+    <!-- Windows -->
+    <meta name="application-name" content="My Awesome Web App" />
+    <meta name="msapplication-tooltip" content="Get the latest updates!" />
+    <meta name="msapplication-window" content="width=1024;height=768" />
+    <meta name="msapplication-navbutton-color" content="#FF3300" />
+    <meta name="msapplication-starturl" content="./" />
+
     <title>MyHyvesbook+</title>
     <link rel="stylesheet"
           type="text/css"

website/views/menu.php

@@ -16,7 +16,7 @@
     <section>
         <ul class="nav-list">
             <li>
-                <a href="#">
+                <a href="createGroup.php">
                     Maak een groep aan
                 </a>
             </li>

website/views/post-view.php

@@ -5,14 +5,6 @@ $fullname = $post['fname'] . " " . $post['lname'] . " (" . $post['username'] . "
 ?>
 <div class='post-header header'>
     <h4><?=$post['title']?></h4>
-    <?php if (checkPermissionOnPost($postID, $_SESSION["userID"])) {?>
-    <button class="deleteButton"
-            onclick="deletePost('<?=$postID?>')"
-            type="submit">
-        <i class="fa fa-trash"></i>
-        <span>Verwijder post</span>
-    </button><br />
-    <?php } ?>
     <span class='postinfo'>
         gepost door <?=$fullname?>,
             <span class='posttime' title='<?=$post['creationdate']?>'>
@@ -20,7 +12,14 @@ $fullname = $post['fname'] . " " . $post['lname'] . " (" . $post['username'] . "
             </span>
     </span>
 </div>
-
+<?php if (checkPermissionOnPost($postID, $_SESSION["userID"])) {?>
+    <button class="deleteButton fancy-button"
+            onclick="deletePost('<?=$postID?>')"
+            type="submit">
+        <span>Verwijder post</span>
+        <i class="fa fa-trash"></i>
+    </button><br />
+<?php } ?>
 <div class='post-content'>
     <p><?=$post['content']?></p>
 </div>

website/views/profile.php

@@ -4,13 +4,19 @@
     </div>
 
     <div class="user-box">
-        <img class="profile-picture main-picture <?= $user["onlinestatus"] ?>" src="<?= $user["profilepicture"] ?>"><br />
+        <img alt="<?= $user["fname"] ?>" class="profile-picture main-picture <?= $user["onlinestatus"] ?>" src="<?= $user["profilepicture"] ?>"><br />
         <div class="platform">
             <div class="status-buttons-container">
+                <div>
                     <button disabled class="gray">
                         <?= $user["onlinestatus"] ?>
                     </button>
-                <button disabled class="gray"><?= $user["role"] ?></button>
+                </div>
+                <div>
+                    <button disabled class="gray">
+                        <?= $user["role"] ?>
+                    </button>
+                </div>
             </div>
             <div class="friend-button-container">
                 <p>:)</p>
@@ -33,7 +39,6 @@
     <?php if($showProfile) { ?>
     <div class="item-box platform">
         <h3>Informatie</h3>
-        <p>
         <ul>
             <?php if ($user["showBday"]) { ?>
             <li>Leeftijd: <?= getAge($user["birthdate"]) ?> jaar</li>
@@ -44,17 +49,23 @@
             <li>Locatie: <?= $user["location"] ?></li>
             <li>Lid sinds: <?= nicetime($user["creationdate"]) ?></li>
         </ul>
-        </p>
     </div>
 
     <div class="item-box platform">
         <h3>Vrienden</h3>
         <p>
             <?php
-                while($friend = $profile_friends->fetch()) {
+                $friendcount = $profile_friends->rowCount();
-                    echo "<a href='profile.php?username=${friend["username"]}' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>";
+                $frienddif = $friendcount - 7;
+
+                for ($i = 0; $i < min($friendcount, 7); $i += 1) {
+                    $friend = $profile_friends->fetch();
+                    echo "<a href='profile.php?username=${friend["username"]}' data-title='${friend["username"]}'><img class='profile-picture' height='42' width='42' src='${friend["profilepicture"]}' alt='${friend["username"]}' /></a>";
                 }
 
+                if ($frienddif > 0) {
+                    echo $frienddif === 1 ? "en nog 1 andere." : "...en nog $frienddif anderen.";
+                }
 
                 if($profile_friends->rowCount() === 0) {
                     echo "<p>Deze gebruiker heeft nog geen vrienden gemaakt.</p>";
@@ -67,10 +78,18 @@
         <h3>Groepen</h3>
         <p>
             <?php
-                while($group = $profile_groups->fetch()) {
+                $groupcount = $profile_groups->rowCount();
+                $groupdif = $groupcount - 7;
+
+                for ($i = 0; $i < min($groupcount, 7); $i += 1) {
+                    $group = $profile_groups->fetch();
                     echo "<a href='group.php?groupname=${group['name']}' data-title='${group["name"]}'><img class='group-picture' src='${group["picture"]}' alt='${group["name"]}s logo'></a>";
                 }
 
+                if ($groupdif > 0) {
+                    echo $groupdif === 1 ? "en nog 1 andere." : "...en nog $groupdif anderen.";
+                }
+
                 if($profile_groups->rowCount() === 0) {
                     echo "<p>Deze gebruiker is nog geen lid van een groep.</p>";
                 }

website/views/registerModal.php

@@ -4,7 +4,6 @@
 <!-- The Modal -->
 <div id="registerModal" class="modal">
     <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
-          return= $correct
           method="post"
           name="forgotPassword">
 
@@ -15,14 +14,11 @@
                 <h3>Registreer uw account</h3>
             </div>
             <div class="modal-body">
-                <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
-                      return= $correct
-                      method="post">
 
                     <div class="login_containerregister"><label>U krijgt een bevestigingsemail na het registreren</label></div>
 
                     <!-- Error message -->
-                    <div class="login_containerfault"><?php echo $genericErr;?></span></div>
+                    <div class="login_containerfault"><span><?php echo $genericErr;?></span></div>
 
                     <!-- Register name -->
                     <div class="login_containerregister">
@@ -82,7 +78,6 @@
                                placeholder="Voer uw wachtwoord in"
                                name="password"
                                value="<?php echo $password ?>"
-                               id="password"
                                required>
                         *<span class="error"> <?php echo $passwordErr;?></span>
                         <ul>
@@ -96,7 +91,6 @@
                                placeholder="Herhaal wachtwoord"
                                name="confirmpassword"
                                value="<?php echo $confirmpassword ?>"
-                               id="confirmpassword"
                                title="Herhaal wachtwoord"
                                required>
                         *<span class="error"> <?php echo $confirmpasswordErr;?></span>
@@ -120,7 +114,6 @@
                                placeholder="Voer uw email in"
                                name="email"
                                value="<?php echo $email ?>"
-                               id="email"
                                title="Voer een geldige email in"
                                required>
                         *<span class="error"> <?php echo $emailErr;?></span>
@@ -133,7 +126,6 @@
                                placeholder="Herhaal uw email"
                                name="confirmEmail"
                                value="<?php echo $confirmEmail ?>"
-                               id="email"
                                title="Herhaal uw email"
                                required>
                         *<span class="error"> <?php echo $confirmEmailErr;?></span>
@@ -152,8 +144,7 @@
                 <!-- Register button -->
                 <button type="submit"
                         value="register"
-                        name="submit"
+                        name="submit">
-                        id="frm1_submit">
                     Registreer
                 </button>
             </div>

website/views/settings-view.php

@@ -45,8 +45,8 @@ $settings = getSettings();
                 </li>
                 <li>
                     <?php $currentbday = new DateTime($settings["birthdate"]); ?>
-                    <label for="bday">Geboortedatum</label>
+                    <label>Geboortedatum</label>
-                    <select name='day' id="bday">
+                    <select name='day'>
                         <?php for ($day = 1; $day <= 31; $day++): ?>
                         <option value='<?=$day?>'
                                 <?=($day == $currentbday->format("d")) ? "selected" : ""?>
@@ -55,7 +55,7 @@ $settings = getSettings();
                         </option>
                         <?php endfor; ?>
                     </select>
-                    <select name='month' id="bday">
+                    <select name='month'>
                         <?php
                         $months = array ("januari", "februari", "maart", "april", "mei", "juni", "juli", "augustus",
                             "september", "oktober", "november", "december");
@@ -68,7 +68,7 @@ $settings = getSettings();
                             </option>
                         <?php endfor; ?>
                     </select>
-                    <select name='year' id="bday">
+                    <select name='year'>
                         <?php
                         $now = (new DateTime)->format("Y");
                         for ($year = $now; $year >= 1900; $year--): ?>