From 96f70e1a113ee487e65af9e0ab3adebf3d5a29e7 Mon Sep 17 00:00:00 2001
From: Joey Lai <joeylai96@hotmail.com>
Date: Thu, 26 Jan 2017 14:50:41 +0100
Subject: [PATCH 1/6] Fixed date and other extras

---
 website/public/login.php        |  6 +--
 website/public/register.php     | 17 ++++++--
 website/public/styles/index.css |  7 ++-
 website/queries/checkInput.php  | 23 +++++++---
 website/queries/login.php       |  6 +--
 website/queries/register.php    | 26 ++++++-----
 website/views/login-view.php    | 77 +++++++++++++++++----------------
 website/views/register-view.php | 66 ++++++++++++++++++++++++----
 8 files changed, 156 insertions(+), 72 deletions(-)

diff --git a/website/public/login.php b/website/public/login.php
index 0515793..d4dd991 100644
--- a/website/public/login.php
+++ b/website/public/login.php
@@ -20,15 +20,15 @@
     }
 
     // Define variables and set to empty values
-    $uname = $psw ="";
+    $user = $psw ="";
     $loginErr = $resetErr ="";
 
     if ($_SERVER["REQUEST_METHOD"] == "POST") {
         switch ($_POST["submit"]) {
             case "login":
                 try {
-                    $uname = ($_POST["uname"]);
-                    validateLogin($_POST["uname"], $_POST["psw"]);
+                    $user = ($_POST["user"]);
+                    validateLogin($_POST["user"], $_POST["psw"]);
                 } catch(loginException $e) {
                     $loginErr = $e->getMessage();
                 }
diff --git a/website/public/register.php b/website/public/register.php
index 1ce4817..0077e62 100644
--- a/website/public/register.php
+++ b/website/public/register.php
@@ -14,9 +14,12 @@
         header("location: login.php");
     }
     // define variables and set to empty values
-    $name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $captcha = $ip = "";
-    $genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $captchaErr = "";
+    $name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $confirmEmail = $captcha = $ip = "";
+    $genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $confirmEmailErr = $captchaErr = "";
     $correct = true;
+    $day_date = "dag";
+    $month_date = "maand";
+    $year_date = "jaar";
 
     // Trying to register an account
     if ($_SERVER["REQUEST_METHOD"] == "POST") {
@@ -38,7 +41,10 @@
         }
 
         try{
-            $bday = test_input(($_POST["bday"]));
+            $day_date = test_input(($_POST["day_date"]));
+            $month_date = test_input(($_POST["month_date"]));
+            $year_date = test_input(($_POST["year_date"]));
+            $bday = $year_date . "-" . $month_date . "-" . $day_date;
             checkInputChoice($bday, "bday");
         } catch(bdayException $e){
             $correct = false;
@@ -76,9 +82,14 @@
         try{
             $email = test_input(($_POST["email"]));
             checkInputChoice($email, "email");
+            $confirmEmail = test_input(($_POST["confirmEmail"]));
+            matchEmail();
         } catch(emailException $e){
             $correct = false;
             $emailErr = $e->getMessage();
+        } catch(confirmEmailException $e){
+            $correct = false;
+            $confirmEmailErr = $e->getMessage();
         }
 
         try{
diff --git a/website/public/styles/index.css b/website/public/styles/index.css
index 97d6f63..9829688 100644
--- a/website/public/styles/index.css
+++ b/website/public/styles/index.css
@@ -133,6 +133,10 @@ label {
     width: 45%;
 }
 
+select{
+    width: 18%;
+}
+
 ul {
     font-family: Arial;
     font-size: 16px;
@@ -203,7 +207,6 @@ ul {
 .modal-body {padding: 2px 16px;}
 
 .modal-footer {
-    padding: 2px 16px;
     background-color: #FBC02D;
     color: black;
-}
\ No newline at end of file
+}
diff --git a/website/queries/checkInput.php b/website/queries/checkInput.php
index 9b91833..fbf64a7 100644
--- a/website/queries/checkInput.php
+++ b/website/queries/checkInput.php
@@ -38,8 +38,7 @@ function checkName($variable){
     if (empty($variable)) {
         throw new lettersAndSpacesException("Verplicht!");
     } else if (!preg_match("/^[a-zA-Z ]*$/", $variable)) {
-
-            throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
+        throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
     }
 }
 
@@ -48,12 +47,12 @@ function validateBday($variable){
     if (empty($variable)) {
         throw new bdayException("Verplicht!");
     } else {
-        if (!(validateDate($variable, "Y/m/d"))) {
+        if (!(validateDate($variable, "Y-m-d"))) {
             throw new bdayException("Geen geldige datum");
         } else {
-            $dateNow = date("Y/m/d");
+            $dateNow = date("Y-m-d");
             if ($dateNow < $variable) {
-                throw new bdayException("Geen geldige datum");
+                throw new bdayException("Geen geldige datum!");
             }
         }
     }
@@ -97,6 +96,12 @@ function validateEmail($variable){
     }
 }
 
+function matchEmail(){
+    if (strtolower($_POST["email"]) != strtolower($_POST["confirmEmail"])){
+        throw new confirmEmailException("Emails matchen niet!");
+    }
+}
+
 /* checks if an input is a valid email. */
 function resetEmail($variable){
     if (empty($variable)) {
@@ -206,6 +211,14 @@ class emailException extends Exception
     }
 }
 
+class confirmEmailException extends Exception
+{
+    public function __construct($message = "", $code = 0, Exception $previous = null)
+    {
+        parent::__construct($message, $code, $previous);
+    }
+}
+
 class captchaException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
diff --git a/website/queries/login.php b/website/queries/login.php
index 2af255a..15a5de1 100644
--- a/website/queries/login.php
+++ b/website/queries/login.php
@@ -9,10 +9,10 @@ function getUser() {
     FROM
       `user`
     WHERE
-      `username` LIKE :username
+      `username` LIKE :username OR 
+      `email` LIKE :username
     ");
 
-    $stmt->bindParam(":username", $_POST["uname"]);
     $stmt->execute();
     return $stmt->fetch(PDO::FETCH_ASSOC);
 }
@@ -20,7 +20,7 @@ function getUser() {
 function validateLogin($username, $password){
     // Empty username or password field
     if (empty($username) || empty($password)) {
-        throw new loginException("Gebruikersnaam of wachtwoord is niet ingevuld");
+        throw new loginException("Inloggegevens zijn niet ingevuld");
     }
     else {
         $psw = test_input($password);
diff --git a/website/queries/register.php b/website/queries/register.php
index 738ef43..be9d415 100644
--- a/website/queries/register.php
+++ b/website/queries/register.php
@@ -10,7 +10,7 @@ function getExistingUsername() {
       `username` LIKE :username
     ");
 
-    $stmt->bindParam(":username", $_POST["username"]);
+    $stmt->bindParam(":username", test_input($_POST["username"]));
     $stmt->execute();
     return $stmt->rowCount();
 
@@ -26,7 +26,7 @@ function getExistingEmail() {
       `email` LIKE :email
     ");
 
-    $stmt->bindParam(":email", $_POST["email"]);
+    $stmt->bindParam(":email", test_input($_POST["email"]));
     $stmt->execute();
     return $stmt->rowCount();
 
@@ -42,7 +42,7 @@ function getResetEmail() {
       `email` LIKE :email
     ");
 
-    $stmt->bindParam(":email", $_POST["forgotEmail"]);
+    $stmt->bindParam(":email", test_input($_POST["forgotEmail"]));
     $stmt->execute();
     return $stmt->rowCount();
 
@@ -70,15 +70,21 @@ function registerAccount() {
 
     $hash=password_hash($_POST["password"], PASSWORD_DEFAULT);
 
-    $stmt->bindParam(":fname", $_POST["name"]);
-    $stmt->bindParam(":lname", $_POST["surname"]);
-    $stmt->bindParam(":bday", $_POST["bday"]);
-    $stmt->bindParam(":username", $_POST["username"]);
-    $stmt->bindParam(":password", $hash);
-    $stmt->bindParam(":location", $_POST["location"]);
-    $stmt->bindParam(":email", (strtolower($_POST["email"])));
+    $stmt->bindParam(":fname", test_input($_POST["name"]));
+    $stmt->bindParam(":lname", test_input($_POST["surname"]));
+    $stmt->bindParam(":bday", test_input($_POST["bday"]));
+    $stmt->bindParam(":username", test_input($_POST["username"]));
+    $stmt->bindParam(":password", test_input($hash));
+    $stmt->bindParam(":location", test_input($_POST["location"]));
+    $stmt->bindParam(":email", test_input(strtolower($_POST["email"])));
 
     $stmt->execute();
     $stmt->rowCount();
 }
+
+function submitselect($date, $value){
+    if ($date == $value){
+        echo "selected";
+    }
+}
 ?>
diff --git a/website/views/login-view.php b/website/views/login-view.php
index de4c48b..c64590e 100644
--- a/website/views/login-view.php
+++ b/website/views/login-view.php
@@ -13,11 +13,11 @@
 
         <!-- Login name -->
         <div class="login_containerlogin">
-            <label><b>Gebruikersnaam</b></label>
+            <label><b>Gebruikersnaam/Email</b></label>
             <input type="text"
-                   placeholder="Voer uw gebruikersnaam in"
-                   name="uname"
-                   value="<?php echo $uname ?>"
+                   placeholder="Voer uw gebruikersnaam/email in"
+                   name="user"
+                   value="<?php echo $user ?>"
                    title="Moet 6 of meer karakters bevatten"
                    >
         </div>
@@ -47,46 +47,47 @@
     </form>
 </div>
 
-    <!-- Button for going to the register screen -->
-    <div class="login_containerlogin">
-        <a href="https://myhyvesbookplus.nl/register" class="button">Registreer een account</a>
+<!-- Button for going to the register screen -->
+<div class="login_containerlogin">
+    <a href="https://myhyvesbookplus.nl/register" class="button">Registreer een account</a>
 
-        <!-- Trigger/Open The Modal -->
-        <button id="myBtn" class="button">Wachtwoord vergeten</button>
+    <!-- Trigger/Open The Modal -->
+    <button id="myBtn" class="button">Wachtwoord vergeten</button>
 
-        <!-- The Modal -->
-        <div id="myModal" class="modal">
-            <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
-                  return= $correct
-                  method="post"
-                  name="forgotPassword">
+    <!-- The Modal -->
+    <div id="myModal" class="modal">
+        <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
+              return= $correct
+              method="post"
+              name="forgotPassword">
 
-            <!-- Modal content -->
-            <div class="modal-content">
-                <div class="modal-header">
-                    <span class="close">&times;</span>
-                    <h3>Voer uw emailadres in</h3>
-                </div>
-                <div class="modal-body">
-                    <input type="text"
-                           placeholder="Voer uw email in"
-                           name="forgotEmail"
-                           title="Voer een email in">
-                </div>
-                <div class="modal-footer">
-                    <div class="login_containerfault"><span><?php echo $resetErr; ?></span></div>
-                    <button type="submit"
-                            value="reset"
-                            name="submit"
-                            id="frm1_submit">
-                        Reset password
-                    </button>
-                </div>
+        <!-- Modal content -->
+        <div class="modal-content">
+            <div class="modal-header">
+                <span class="close">&times;</span>
+                <h3>Voer uw emailadres in</h3>
+            </div>
+            <div class="modal-body">
+                <input type="text"
+                       placeholder="Voer uw email in"
+                       name="forgotEmail"
+                       title="Voer een email in">
+            </div>
+            <div class="modal-footer">
+                <div class="login_containerfault"><span><?php echo $resetErr; ?></span></div>
+                <button type="submit"
+                        value="reset"
+                        name="submit"
+                        id="frm1_submit">
+                    Reset password
+                </button>
             </div>
-
-            </form>
         </div>
+
+        </form>
     </div>
+</div>
+
 <script>
     // Get the modal
     var modal = document.getElementById('myModal');
diff --git a/website/views/register-view.php b/website/views/register-view.php
index 5f39472..9577216 100644
--- a/website/views/register-view.php
+++ b/website/views/register-view.php
@@ -40,14 +40,52 @@
 
         <!-- Register birthday -->
         <div class="login_containerregister">
-            <label><b>Geboortedatum</b></label>
-            <input type="text"
-                   name="bday"
-                   value="<?php echo $bday ?>"
-                   id="bday"
-                   placeholder="1996/01/01"
-                   data-fv-date-max=""
-                   >
+            <label><b>Geboortedatum(Dag/Maand/Jaar)</b></label>
+<!--            <input type="date"-->
+<!--                   name="bday"-->
+<!--                   value="--><?php //echo $bday ?><!--"-->
+<!--                   id="bday"-->
+<!--                   placeholder="1996/01/01"-->
+<!--                   data-fv-date-max=""-->
+<!--                   data-date="" data-date-format="DD MMMM YYYY"-->
+<!--                   >-->
+            <select name="day_date" >
+                    <option>dag</option>
+                <?php
+                for($i=1; $i<32; $i++) {
+                    $i = sprintf("%02d", $i);
+                    ?>
+                    <option value="<?= $i ?>" <?php submitselect($day_date, $i)?>><?= $i ?></option>
+                    <?php
+                }
+                ?>
+            </select>
+            <select name="month_date">
+                <option>Maand</option>
+                <option value="01" <?php submitselect($month_date, "01")?>>Januari</option>
+                <option value="02" <?php submitselect($month_date, "02")?>>Februari</option>
+                <option value="03" <?php submitselect($month_date, "03")?>>Maart</option>
+                <option value="04" <?php submitselect($month_date, "04")?>>April</option>
+                <option value="05" <?php submitselect($month_date, "05")?>>Mei</option>
+                <option value="06" <?php submitselect($month_date, "06")?>>Juni</option>
+                <option value="07" <?php submitselect($month_date, "07")?>>Juli</option>
+                <option value="08" <?php submitselect($month_date, "08")?>>Augustus</option>
+                <option value="09" <?php submitselect($month_date, "09")?>>September</option>
+                <option value="10" <?php submitselect($month_date, "10")?>>Oktober</option>
+                <option value="11" <?php submitselect($month_date, "11")?>>November</option>
+                <option value="12" <?php submitselect($month_date, "12")?>>December</option>
+            </select>
+            <select name="year_date">
+                <option>Jaar</option>
+                <?php
+                $year = (new DateTime)->format("Y");
+                for($i=$year; $i > $year - 100; $i--) {
+                    ?>
+                    <option value="<?= $i ?>" <?php submitselect($year_date, $i)?>><?= $i ?></option>
+                    <?php
+                }
+                ?>
+            </select>
             *<span class="error"> <?php echo $bdayErr;?></span>
         </div>
 
@@ -118,6 +156,18 @@
             *<span class="error"> <?php echo $emailErr;?></span>
         </div>
 
+        <!-- Register email -->
+        <div class="login_containerregister">
+            <label><b>Herhaal email</b></label>
+            <input type="text"
+                   placeholder="Herhaal uw email"
+                   name="confirmEmail"
+                   value="<?php echo $confirmEmail ?>"
+                   id="email"
+                   title="Herhaal uw email">
+            *<span class="error"> <?php echo $confirmEmailErr;?></span>
+        </div>
+
         <div class="login_containerregister">
              <div class="g-recaptcha" data-sitekey="6Lc72xIUAAAAADumlWetgENm7NGd9Npyo0c_tYYQ"></div>
              <span class="error"> <?php echo $captchaErr;?></span>

From 5c1208460f37a1552405d8b95f6cffbc0ede0da2 Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Thu, 26 Jan 2017 16:12:50 +0100
Subject: [PATCH 2/6] Added direct button on the profile to chat with someone

---
 website/public/js/friendButtons.js  |   2 +
 website/queries/private_message.php | 131 +++++++++++++++-------------
 website/queries/user.php            |   8 +-
 website/views/profile.php           |   8 +-
 4 files changed, 86 insertions(+), 63 deletions(-)

diff --git a/website/public/js/friendButtons.js b/website/public/js/friendButtons.js
index 7b511a5..bdc3cc8 100644
--- a/website/public/js/friendButtons.js
+++ b/website/public/js/friendButtons.js
@@ -4,12 +4,14 @@ function placeFriendButtons() {
             friendshipStatus = data;
             $buttonContainer = $("div.friend-button-container");
             $buttonContainer.children().remove();
+            $("#start-profile-chat-form").hide();
             if (friendshipStatus == -1) {
                 return;
             } else if(friendshipStatus == 0) {
                 $buttonContainer.append($("<button class=\"green friend-button\" value=\"request\"><i class=\"fa fa-handshake-o\"></i> Bevriend</button>"));
             } else if(friendshipStatus == 1) {
                 $buttonContainer.append($("<button class=\"red friend-button\" value=\"delete\"><i class=\"fa fa-times\"></i> Verwijder</button>"));
+                $("#start-profile-chat-form").show();
             } else if(friendshipStatus == 2) {
                 $buttonContainer.append($("<button class=\"red friend-button\" value=\"delete\"><i class=\"fa fa-times\"></i> Trek verzoek in</button>"));
             } else if(friendshipStatus == 3) {
diff --git a/website/queries/private_message.php b/website/queries/private_message.php
index fecea2b..d2b1537 100644
--- a/website/queries/private_message.php
+++ b/website/queries/private_message.php
@@ -1,78 +1,90 @@
 <?php
 
 function getOldChatMessages($user2ID) {
+    require_once ("friendship.php");
     $user1ID = $_SESSION["userID"];
+    if (getFriendshipStatus($user2ID) == 1) {
+        $stmt = $GLOBALS["db"]->prepare("
+        SELECT
+            *
+        FROM
+            `private_message`
+        WHERE
+            `origin` = :user1 AND 
+            `destination` = :user2 OR 
+            `origin` = :user2 AND
+            `destination` = :user1
+        ORDER BY
+            `messageID` ASC
+        ");
 
-    $stmt = $GLOBALS["db"]->prepare("
-    SELECT
-        *
-    FROM
-        `private_message`
-    WHERE
-        `origin` = :user1 AND 
-        `destination` = :user2 OR 
-        `origin` = :user2 AND
-        `destination` = :user1
-    ORDER BY
-        `messageID` ASC
-    ");
+        $stmt->bindParam(":user1", $user1ID);
+        $stmt->bindParam(":user2", $user2ID);
 
-    $stmt->bindParam(":user1", $user1ID);
-    $stmt->bindParam(":user2", $user2ID);
+        $stmt->execute();
 
-    $stmt->execute();
-
-    return json_encode($stmt->fetchAll());
+        return json_encode($stmt->fetchAll());
+    } else {
+        return "[]";
+    }
 }
 
 function sendMessage($destination, $content) {
-    $stmt = $GLOBALS["db"]->prepare("
-    INSERT INTO
-        `private_message`
-    (
-        `origin`,
-        `destination`,
-        `content`
-    )
-    VALUES
-    (
-        :origin,
-        :destination,
-        :content
-    )
-    ");
+    if (getFriendshipStatus($destination) == 1) {
+        $stmt = $GLOBALS["db"]->prepare("
+        INSERT INTO
+            `private_message`
+        (
+            `origin`,
+            `destination`,
+            `content`
+        )
+        VALUES
+        (
+            :origin,
+            :destination,
+            :content
+        )
+        ");
 
-    return $stmt->execute(array(
-        "origin" => $_SESSION["userID"],
-        "destination" => $destination,
-        "content" => $content
-    ));
+        return $stmt->execute(array(
+            "origin" => $_SESSION["userID"],
+            "destination" => $destination,
+            "content" => $content
+        ));
+    } else {
+        return false;
+    }
 }
 
 function getNewChatMessages($lastID, $destination) {
-    $stmt = $GLOBALS["db"]->prepare("
-    SELECT
-        *
-    FROM
-        `private_message`
-    WHERE
-        (
-        `origin` = :user1 AND 
-        `destination` = :user2 OR 
-        `origin` = :user2 AND
-        `destination` = :user1) AND
-        `messageID` > :lastID
-    ORDER BY
-        `messageID` ASC
-    ");
+    if (getFriendshipStatus($user2ID) == 1) {
+        $stmt = $GLOBALS["db"]->prepare("
+        SELECT
+            *
+        FROM
+            `private_message`
+        WHERE
+            (
+            `origin` = :user1 AND 
+            `destination` = :user2 OR 
+            `origin` = :user2 AND
+            `destination` = :user1) AND
+            `messageID` > :lastID
+        ORDER BY
+            `messageID` ASC
+        ");
 
-    $stmt->bindParam(':user1', $_SESSION["userID"]);
-    $stmt->bindParam(':user2', $destination);
-    $stmt->bindParam(':lastID', $lastID);
+        $stmt->bindParam(':user1', $_SESSION["userID"]);
+        $stmt->bindParam(':user2', $destination);
+        $stmt->bindParam(':lastID', $lastID);
 
-    $stmt->execute();
+        $stmt->execute();
 
-    return json_encode($stmt->fetchAll());
+        return json_encode($stmt->fetchAll());
+    } else {
+        return "[]";
+    }
 }
 
 
@@ -101,7 +113,8 @@ function selectAllUnreadChat() {
        `friendship`.chatLastVisted2 IS NULL)) AND
       `private_message`.`origin` = `user`.`userID` AND
       `private_message`.`destination` = :userID AND
-      `user`.`role` != 'banned'
+      `user`.`role` != 'banned' AND
+      `friendship`.`status` = 'confirmed'
     
     GROUP BY `user`.`userID`
 
diff --git a/website/queries/user.php b/website/queries/user.php
index 4a7ee57..3b0c4a8 100644
--- a/website/queries/user.php
+++ b/website/queries/user.php
@@ -35,6 +35,7 @@ function getUsername($userID) {
 function selectUser($me, $other) {
     $stmt = $GLOBALS["db"]->prepare("
         SELECT
+          `userID`,
           `username`,
           `birthdate`,
           `location`,
@@ -94,7 +95,7 @@ function selectAllUserGroups($userID) {
             `group_page`.`groupID` = `group_member`.`groupID`
         WHERE
             `userID` = :userID AND
-            `role` = 1
+            `role` = 'member'
     ");
 
     $stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
@@ -331,9 +332,10 @@ function searchSomeUsers($n, $m, $search) {
     FROM
       `user`
     WHERE
-        `username` LIKE :keyword OR 
+        (`username` LIKE :keyword OR 
         `fname` LIKE :keyword OR 
-        `lname` LIKE :keyword
+        `lname` LIKE :keyword) AND
+        `role` != 'banned'
     ORDER BY 
         `fname`, 
         `lname`, 
diff --git a/website/views/profile.php b/website/views/profile.php
index 54f028d..bd009e3 100644
--- a/website/views/profile.php
+++ b/website/views/profile.php
@@ -1,7 +1,13 @@
 <div class="content">
     <div class="profile-box platform">
         <img class="left profile-picture" src="<?php echo $user["profilepicture"] ?>">
-
+        <form id="start-profile-chat-form" class="right" action="chat.php" method="get">
+            <button name="username"
+                    class="friend-button green"
+                    value="<?php echo $user["userID"] ?>">
+                <i class="fa fa-comment-o"></i> Chat
+            </button>
+        </form>
         <div class="friend-button-container">
 
         </div>

From dbdb12cca0f52619c25c891d98b7d7b9f4b08ce6 Mon Sep 17 00:00:00 2001
From: Joey Lai <joeylai96@hotmail.com>
Date: Thu, 26 Jan 2017 16:17:58 +0100
Subject: [PATCH 3/6] Modal for register

---
 website/public/login.php        |  97 ++++++++++++++
 website/public/styles/index.css |  14 +-
 website/queries/login.php       |   1 +
 website/views/login-view.php    | 220 ++++++++++++++++++++++++++++++--
 4 files changed, 317 insertions(+), 15 deletions(-)

diff --git a/website/public/login.php b/website/public/login.php
index d4dd991..81fee57 100644
--- a/website/public/login.php
+++ b/website/public/login.php
@@ -19,6 +19,14 @@
             </script>";
     }
 
+    // define variables and set to empty values
+    $name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $confirmEmail = $captcha = $ip = "";
+    $genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $confirmEmailErr = $captchaErr = "";
+    $correct = true;
+    $day_date = "dag";
+    $month_date = "maand";
+    $year_date = "jaar";
+
     // Define variables and set to empty values
     $user = $psw ="";
     $loginErr = $resetErr ="";
@@ -46,7 +54,96 @@
                           </script>";
                 }
                 break;
+            case "register":
+                try {
+                    $name = test_input(($_POST["name"]));
+                    checkInputChoice($name, "lettersAndSpaces");
+                } catch(lettersAndSpacesException $e){
+                    $correct = false;
+                    $nameErr = $e->getMessage();
+                }
 
+                try {
+                    $surname = test_input(($_POST["surname"]));
+                    checkInputChoice($surname, "lettersAndSpaces");
+                }
+                catch(lettersAndSpacesException $e){
+                    $correct = false;
+                    $surnameErr = $e->getMessage();
+                }
+
+                try{
+                    $day_date = test_input(($_POST["day_date"]));
+                    $month_date = test_input(($_POST["month_date"]));
+                    $year_date = test_input(($_POST["year_date"]));
+                    $bday = $year_date . "-" . $month_date . "-" . $day_date;
+                    checkInputChoice($bday, "bday");
+                } catch(bdayException $e){
+                    $correct = false;
+                    $bdayErr = $e->getMessage();
+                }
+
+                try{
+                    $username = str_replace(' ', '', test_input(($_POST["username"])));
+                    checkInputChoice($username, "username");
+                } catch(usernameException $e){
+                    $correct = false;
+                    $usernameErr = $e->getMessage();
+                }
+
+                try{
+                    $password = str_replace(' ', '', test_input(($_POST["password"])));
+                    checkInputChoice($password, "longerEight");
+                    matchPassword();
+                } catch(passwordException $e){
+                    $correct = false;
+                    $passwordErr = $e->getMessage();
+                } catch(confirmPasswordException $e){
+                    $correct = false;
+                    $confirmPasswordErr = $e->getMessage();
+                }
+
+                try{
+                    $location = test_input(($_POST["location"]));
+                    checkInputChoice($location, "lettersAndSpaces");
+                } catch(lettersAndSpacesException $e){
+                    $correct = false;
+                    $locationErr = $e->getMessage();
+                }
+
+                try{
+                    $email = test_input(($_POST["email"]));
+                    checkInputChoice($email, "email");
+                    $confirmEmail = test_input(($_POST["confirmEmail"]));
+                    matchEmail();
+                } catch(emailException $e){
+                    $correct = false;
+                    $emailErr = $e->getMessage();
+                } catch(confirmEmailException $e){
+                    $correct = false;
+                    $confirmEmailErr = $e->getMessage();
+                }
+
+                try{
+                    $captcha = $_POST['g-recaptcha-response'];
+                    checkCaptcha($captcha);
+                } catch(captchaException $e){
+                    $correct = false;
+                    $captchaErr = $e->getMessage();
+                }
+
+                try {
+                    getIp();
+                    registerCheck($correct);
+                    sendConfirmEmailUsername($username);
+                } catch(registerException $e){
+                    echo "<script>
+                            window.onload = function() {
+                              $('#registerModal').show();
+                            }
+                          </script>";
+                    $genericErr = $e->getMessage();
+                }
         }
     }
 //    // Trying to login
diff --git a/website/public/styles/index.css b/website/public/styles/index.css
index 9829688..85cc670 100644
--- a/website/public/styles/index.css
+++ b/website/public/styles/index.css
@@ -28,10 +28,12 @@ body {
 form {
     /*background-color: #a87a87;*/
     border-radius: 12px;
-    height: 85%;
+    height: 80%;
     margin: auto;
-    width: 80%;
+    width: 600px;
     overflow-y:auto;
+    overflow-x: hidden;
+
 }
 
 
@@ -130,7 +132,7 @@ label {
     margin: 34px auto;
     overflow-y: auto;
     padding: 20px;
-    width: 45%;
+    width: 600px;
 }
 
 select{
@@ -164,7 +166,7 @@ ul {
     margin: auto;
     padding: 0;
     border: 1px solid #888;
-    width: 500px;
+    width: 589px;
     box-shadow: 0 4px 8px 0 rgba(0,0,0,0.2),0 6px 20px 0 rgba(0,0,0,0.19);
     -webkit-animation-name: animatetop;
     -webkit-animation-duration: 0.4s;
@@ -204,7 +206,9 @@ ul {
     color: black;
 }
 
-.modal-body {padding: 2px 16px;}
+.modal-body {
+    padding: 2px 16px;
+}
 
 .modal-footer {
     background-color: #FBC02D;
diff --git a/website/queries/login.php b/website/queries/login.php
index 15a5de1..6af9e1e 100644
--- a/website/queries/login.php
+++ b/website/queries/login.php
@@ -13,6 +13,7 @@ function getUser() {
       `email` LIKE :username
     ");
 
+    $stmt->bindParam(":username", test_input($_POST["user"]));
     $stmt->execute();
     return $stmt->fetch(PDO::FETCH_ASSOC);
 }
diff --git a/website/views/login-view.php b/website/views/login-view.php
index c64590e..b9052b3 100644
--- a/website/views/login-view.php
+++ b/website/views/login-view.php
@@ -18,7 +18,7 @@
                    placeholder="Voer uw gebruikersnaam/email in"
                    name="user"
                    value="<?php echo $user ?>"
-                   title="Moet 6 of meer karakters bevatten"
+                   title="Moet een geldige gebruiker zijn"
                    >
         </div>
 
@@ -86,32 +86,232 @@
 
         </form>
     </div>
+
+    <!-- Trigger/Open The Modal -->
+    <button id="registerBtn" class="button">Registreer een account</button>
+
+    <!-- The Modal -->
+    <div id="registerModal" class="modal">
+        <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
+              return= $correct
+              method="post"
+              name="forgotPassword">
+
+            <!-- Modal content -->
+            <div class="modal-content">
+                <div class="modal-header">
+                    <span class="close">&times;</span>
+                    <h3>Registreer uw account</h3>
+                </div>
+                <div class="modal-body">
+                    <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
+                          return= $correct
+                          method="post">
+
+                        <!-- Error message -->
+                        <div class="login_containerfault"><?php echo $genericErr;?></span></div>
+
+                        <!-- Register name -->
+                        <div class="login_containerregister">
+                            <label><b>Naam</b></label>
+                            <input type="text"
+                                   placeholder="Voer uw naam in"
+                                   name="name"
+                                   value="<?php echo $name ?>"
+                                   title="Mag alleen letters bevatten"
+                            >
+                            *<span class="error"><?php echo $nameErr;?></span>
+                        </div>
+
+                        <!-- Register surname -->
+                        <div class="login_containerregister">
+                            <label><b>Achternaam</b></label>
+                            <input type="text"
+                                   placeholder="Voer uw achternaam in"
+                                   name="surname"
+                                   value="<?php echo $surname ?>"
+                                   title="Mag alleen letters bevatten"
+                            >
+                            *<span class="error"> <?php echo $surnameErr;?></span>
+                        </div>
+
+                        <!-- Register birthday -->
+                        <div class="login_containerregister">
+                            <label><b>Geboortedatum</b></label>
+                            <!--            <input type="date"-->
+                            <!--                   name="bday"-->
+                            <!--                   value="--><?php //echo $bday ?><!--"-->
+                            <!--                   id="bday"-->
+                            <!--                   placeholder="1996/01/01"-->
+                            <!--                   data-fv-date-max=""-->
+                            <!--                   data-date="" data-date-format="DD MMMM YYYY"-->
+                            <!--                   >-->
+                            <select name="day_date" >
+                                <option>dag</option>
+                                <?php
+                                for($i=1; $i<32; $i++) {
+                                    $i = sprintf("%02d", $i);
+                                    ?>
+                                    <option value="<?= $i ?>" <?php submitselect($day_date, $i)?>><?= $i ?></option>
+                                    <?php
+                                }
+                                ?>
+                            </select>
+                            <select name="month_date">
+                                <option>Maand</option>
+                                <option value="01" <?php submitselect($month_date, "01")?>>Januari</option>
+                                <option value="02" <?php submitselect($month_date, "02")?>>Februari</option>
+                                <option value="03" <?php submitselect($month_date, "03")?>>Maart</option>
+                                <option value="04" <?php submitselect($month_date, "04")?>>April</option>
+                                <option value="05" <?php submitselect($month_date, "05")?>>Mei</option>
+                                <option value="06" <?php submitselect($month_date, "06")?>>Juni</option>
+                                <option value="07" <?php submitselect($month_date, "07")?>>Juli</option>
+                                <option value="08" <?php submitselect($month_date, "08")?>>Augustus</option>
+                                <option value="09" <?php submitselect($month_date, "09")?>>September</option>
+                                <option value="10" <?php submitselect($month_date, "10")?>>Oktober</option>
+                                <option value="11" <?php submitselect($month_date, "11")?>>November</option>
+                                <option value="12" <?php submitselect($month_date, "12")?>>December</option>
+                            </select>
+                            <select name="year_date">
+                                <option>Jaar</option>
+                                <?php
+                                $year = (new DateTime)->format("Y");
+                                for($i=$year; $i > $year - 100; $i--) {
+                                    ?>
+                                    <option value="<?= $i ?>" <?php submitselect($year_date, $i)?>><?= $i ?></option>
+                                    <?php
+                                }
+                                ?>
+                            </select>
+                            *<span class="error"> <?php echo $bdayErr;?></span>
+                        </div>
+
+                        <!-- Register username -->
+                        <div class="login_containerregister">
+                            <label><b>Gebruikersnaam</b></label>
+                            <input type="text"
+                                   placeholder="Voer uw gebruikersnaam in"
+                                   name="username"
+                                   value="<?php echo $username ?>"
+                                   title="Moet minimaal 6 karakters bevatten"
+                            >
+                            *<span class="error"> <?php echo $usernameErr;?></span>
+                            <ul>
+                                <li>Minstens 6 karakters</li>
+                            </ul>
+                        </div>
+
+
+                        <!-- Register password -->
+                        <div class="login_containerregister">
+                            <label><b>Wachtwoord</b></label>
+                            <input type="password"
+                                   placeholder="Voer uw wachtwoord in"
+                                   name="password"
+                                   value="<?php echo $password ?>"
+                                   id="password"
+                            >
+                            *<span class="error"> <?php echo $passwordErr;?></span>
+                            <ul>
+                                <li>Minstens 8 karakters</li>
+                            </ul>
+                        </div>
+                        <!-- Repeat password -->
+                        <div class="login_containerregister">
+                            <label><b>Herhaal wachtwoord</b></label>
+                            <input type="password"
+                                   placeholder="Herhaal wachtwoord"
+                                   name="confirmpassword"
+                                   value="<?php echo $confirmpassword ?>"
+                                   id="confirmpassword"
+                                   title="Herhaal wachtwoord"
+                            >
+                            *<span class="error"> <?php echo $confirmpasswordErr;?></span>
+                        </div>
+
+                        <!-- Register location -->
+                        <div class="login_containerregister">
+                            <label><b>Locatie</b></label>
+                            <input type="text"
+                                   placeholder="Voer uw woonplaats in"
+                                   name="location"
+                                   value="<?php echo $location ?>"
+                                   pattern="[A-Za-z]{1,}"
+                                   title="Mag alleen letters bevatten">
+                            *<span class="error"> <?php echo $locationErr;?></span>
+                        </div>
+
+                        <!-- Register email -->
+                        <div class="login_containerregister">
+                            <label><b>Email</b></label>
+                            <input type="text"
+                                   placeholder="Voer uw email in"
+                                   name="email"
+                                   value="<?php echo $email ?>"
+                                   id="email"
+                                   title="Voer een geldige email in">
+                            *<span class="error"> <?php echo $emailErr;?></span>
+                        </div>
+
+                        <!-- Register email -->
+                        <div class="login_containerregister">
+                            <label><b>Herhaal email</b></label>
+                            <input type="text"
+                                   placeholder="Herhaal uw email"
+                                   name="confirmEmail"
+                                   value="<?php echo $confirmEmail ?>"
+                                   id="email"
+                                   title="Herhaal uw email">
+                            *<span class="error"> <?php echo $confirmEmailErr;?></span>
+                        </div>
+
+                        <div class="login_containerregister">
+                            <div class="g-recaptcha" data-sitekey="6Lc72xIUAAAAADumlWetgENm7NGd9Npyo0c_tYYQ"></div>
+                            <span class="error"> <?php echo $captchaErr;?></span>
+                        </div>
+
+                </div>
+                <div class="modal-footer">
+                    <div class="login_containerfault"><span><?php echo $resetErr; ?></span></div>
+                    <button type="submit"
+                            value="register"
+                            name="submit"
+                            id="frm1_submit">
+                        Registreer
+                    </button>
+                </div>
+            </div>
+
+        </form>
+    </div>
 </div>
 
 <script>
-    // Get the modal
-    var modal = document.getElementById('myModal');
-
     // Get the button that opens the modal
+    var modal = document.getElementById('myModal');
     var btn = document.getElementById("myBtn");
 
+    // Get the modal
+    var registerModal = document.getElementById('registerModal');
+    var registerBtn = document.getElementById("registerBtn");
+
     // Get the <span> element that closes the modal
     var span = document.getElementsByClassName("close")[0];
+    var registerSpan = document.getElementsByClassName("close")[1];
 
     // When the user clicks the button, open the modal
     btn.onclick = function() {
         modal.style.display = "block";
     }
+    registerBtn.onclick = function() {
+        registerModal.style.display = "block";
+    }
 
     // When the user clicks on <span> (x), close the modal
     span.onclick = function() {
         modal.style.display = "none";
     }
-
-    // When the user clicks anywhere outside of the modal, close it
-    window.onclick = function(event) {
-        if (event.target == modal) {
-            modal.style.display = "none";
-        }
+    registerSpan.onclick = function() {
+        registerModal.style.display = "none";
     }
 </script>

From 032e25b044c11d0018dfb506de4a9d3d21496f05 Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Thu, 26 Jan 2017 21:50:47 +0100
Subject: [PATCH 4/6] You can now only chat with friends

---
 website/public/API/sendMessage.php  | 1 +
 website/queries/private_message.php | 2 +-
 website/views/chat-view.php         | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/website/public/API/sendMessage.php b/website/public/API/sendMessage.php
index c5d47d1..f84cb11 100644
--- a/website/public/API/sendMessage.php
+++ b/website/public/API/sendMessage.php
@@ -3,6 +3,7 @@
 session_start();
 require_once("../../queries/connect.php");
 require_once("../../queries/private_message.php");
+require_once("../../queries/friendship.php");
 require_once("../../queries/checkInput.php");
 
 if (!empty(test_input($_POST["destination"])) &&
diff --git a/website/queries/private_message.php b/website/queries/private_message.php
index d2b1537..369ee40 100644
--- a/website/queries/private_message.php
+++ b/website/queries/private_message.php
@@ -58,7 +58,7 @@ function sendMessage($destination, $content) {
 }
 
 function getNewChatMessages($lastID, $destination) {
-    if (getFriendshipStatus($user2ID) == 1) {
+    if (getFriendshipStatus($destination) == 1) {
         $stmt = $GLOBALS["db"]->prepare("
         SELECT
             *
diff --git a/website/views/chat-view.php b/website/views/chat-view.php
index 0d90149..974b441 100644
--- a/website/views/chat-view.php
+++ b/website/views/chat-view.php
@@ -74,6 +74,7 @@
                                name="content"
                                id="newContent"
                                placeholder="Schrijf een bericht..."
+                               autocomplete="off"
                                autofocus
                                required
                         />

From d89e672990325f96c060f3cbb74854eed4519289 Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Thu, 26 Jan 2017 21:54:47 +0100
Subject: [PATCH 5/6] Also fixed unread chat

---
 website/public/API/sendMessage.php  | 1 -
 website/queries/private_message.php | 6 ++++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/website/public/API/sendMessage.php b/website/public/API/sendMessage.php
index f84cb11..c5d47d1 100644
--- a/website/public/API/sendMessage.php
+++ b/website/public/API/sendMessage.php
@@ -3,7 +3,6 @@
 session_start();
 require_once("../../queries/connect.php");
 require_once("../../queries/private_message.php");
-require_once("../../queries/friendship.php");
 require_once("../../queries/checkInput.php");
 
 if (!empty(test_input($_POST["destination"])) &&
diff --git a/website/queries/private_message.php b/website/queries/private_message.php
index 369ee40..4d48d3a 100644
--- a/website/queries/private_message.php
+++ b/website/queries/private_message.php
@@ -30,6 +30,7 @@ function getOldChatMessages($user2ID) {
 }
 
 function sendMessage($destination, $content) {
+    require_once("friendship.php");
     if (getFriendshipStatus($destination) == 1) {
         $stmt = $GLOBALS["db"]->prepare("
         INSERT INTO
@@ -58,6 +59,7 @@ function sendMessage($destination, $content) {
 }
 
 function getNewChatMessages($lastID, $destination) {
+    require_once("friendship.php");
     if (getFriendshipStatus($destination) == 1) {
         $stmt = $GLOBALS["db"]->prepare("
         SELECT
@@ -91,13 +93,13 @@ function getNewChatMessages($lastID, $destination) {
 function selectAllUnreadChat() {
     $stmt = $GLOBALS["db"]->prepare("
     SELECT
-      LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `fullname`,
+      LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) AS `fullname`,
       `user`.`userID`,
       IFNULL(
           `profilepicture`,
           '../img/avatar-standard.png'
       ) AS profilepicture,
-      LEFT(`private_message`.`content`, 15) as `content`
+      LEFT(`private_message`.`content`, 15) AS `content`
     FROM
       `private_message`,
       `friendship`,

From f1bfc89e6afafc61456c4652fade6f197ebd6a26 Mon Sep 17 00:00:00 2001
From: Lars van Hijfte <larsvanhijfte@hotmail.com>
Date: Thu, 26 Jan 2017 22:33:32 +0100
Subject: [PATCH 6/6] Custom scrollbar

---
 website/public/styles/main.css    | 13 +++++++++++++
 website/public/styles/profile.css |  1 +
 2 files changed, 14 insertions(+)

diff --git a/website/public/styles/main.css b/website/public/styles/main.css
index abda8be..0c37afa 100644
--- a/website/public/styles/main.css
+++ b/website/public/styles/main.css
@@ -275,3 +275,16 @@ div[data-title]:hover:after {
     display: inline-block;
     vertical-align: middle;
 }
+
+::-webkit-scrollbar {
+    width: 5px;
+    height: 5px;
+}
+::-webkit-scrollbar-track {
+    background: none;
+}
+::-webkit-scrollbar-thumb {
+    -webkit-border-radius: 20px;
+    border-radius: 20px;
+    background: #4CAF50;
+}
\ No newline at end of file
diff --git a/website/public/styles/profile.css b/website/public/styles/profile.css
index 85b2db5..becbeca 100644
--- a/website/public/styles/profile.css
+++ b/website/public/styles/profile.css
@@ -30,6 +30,7 @@ div.posts div.post {
     width: calc(100% - 40px);
     cursor: pointer;
     transition-duration: 250ms;
+    word-wrap: break-word;
 }
 
 div.posts div.post:hover {