MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into joey-testing

Browse Source
This commit is contained in:
Joey Lai
2017-01-20 16:18:57 +01:00
parent 6ff70440e6 7e3648d36c
commit e456591db6
22 changed files with 548 additions and 224 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
website/.htaccess → website/public/.htaccess
View File

@@ -9,6 +9,4 @@ RewriteCond %{SCRIPT_FILENAME} !-f
# Resolve .php file for extensionless php urls # Resolve .php file for extensionless php urls
RewriteRule ^([^/.]+)$ $1.php [L] RewriteRule ^([^/.]+)$ $1.php [L]
RewriteRule ^([^/.]+)\/$ $1.php [L] RewriteRule ^profile/([A-z0-9]+)$ profile.php?username=$1 [NC]
RewriteRule ^profile/([A-z0-9]+)\/?$ profile.php?username=$1 [NC]

7
website/public/API/loadMessages.php
View File

@@ -3,11 +3,10 @@
session_start(); session_start();
require_once("../../queries/connect.php"); require_once("../../queries/connect.php");
require_once("../../queries/private_message.php"); require_once("../../queries/private_message.php");
require_once("../../queries/checkInput.php");
if (isset($_POST["lastID"]) && $_POST["lastID"] != "") { if (isset($_POST["lastID"]) && $_POST["lastID"] != "") {
echo getNewChatMessages(test_input($_POST["lastID"]), test_input($_POST["destination"]));
echo getNewChatMessages($_POST["lastID"], $_POST["destination"]);
} else { } else {
echo getOldChatMessages($_POST["destination"]); echo getOldChatMessages(test_input($_POST["destination"]));
} }

15
website/public/API/sendMessage.php
View File

@@ -3,16 +3,15 @@
session_start(); session_start();
require_once("../../queries/connect.php"); require_once("../../queries/connect.php");
require_once("../../queries/private_message.php"); require_once("../../queries/private_message.php");
require_once("../../queries/checkInput.php");
if (isset($_POST["destination"]) && if (!empty(test_input($_POST["destination"])) &&
isset($_POST["content"])) { !empty(test_input($_POST["content"]))) {
if (sendMessage(test_input($_POST["destination"]), test_input($_POST["content"]))) {
if (sendMessage($_POST["destination"], $_POST["content"])) { echo 1;
echo $_POST["content"] . " is naar " . $_POST["destination"] . " gestuurd";
} else { } else {
echo "YOU FAILED!!!"; echo 0;
} }
} else { } else {
echo "maybe dont try to hax the system?"; echo 0;
} }

44
website/public/js/admin.js Normal file
View File

@@ -0,0 +1,44 @@
window.onload = function() {
changeFilter();
};
function checkAll(allbox) {
var checkboxes = document.getElementsByClassName('checkbox-list');
for (var i = 0; i < checkboxes.length; i++) {
if (checkboxes[i].type == 'checkbox') {
checkboxes[i].checked = allbox.checked;
}
}
}
function checkCheckAll(allbox) {
var checkboxes = document.getElementsByClassName('checkbox-list');
var checked = true;
for (var i = 0; i < checkboxes.length; i++) {
if (checkboxes[i].type == 'checkbox') {
if (checkboxes[i].checked == false) {
checked = false;
break;
}
}
}
allbox.checked = checked;
}
function changeFilter() {
if (document.getElementById('group').checked) {
document.getElementById('admin-filter').style.display = 'none';
document.getElementById('admin-groupfilter').style.display = 'inline-block';
document.getElementById('admin-batchactions').style.display = 'none';
document.getElementById('admin-groupbatchactions').style.display = 'inline-block';
} else {
document.getElementById('admin-filter').style.display = 'inline-block';
document.getElementById('admin-groupfilter').style.display = 'none';
document.getElementById('admin-batchactions').style.display = 'inline-block';
document.getElementById('admin-groupbatchactions').style.display = 'none';
}
}

6
website/public/js/chat.js
View File

@@ -10,7 +10,6 @@ function loadMessages() {
$("#lastIDForm").serialize() $("#lastIDForm").serialize()
).done(function(data) { ).done(function(data) {
if (data && data != "[]") { if (data && data != "[]") {
console.log(data);
messages = JSON.parse(data); messages = JSON.parse(data);
addMessages(messages); addMessages(messages);
$("#lastID").val(messages[messages.length - 1].messageID); $("#lastID").val(messages[messages.length - 1].messageID);
@@ -23,13 +22,10 @@ function loadMessages() {
function sendMessage() { function sendMessage() {
console.log($("#sendMessageForm").serialize());
$.post( $.post(
"API/sendMessage.php", "API/sendMessage.php",
$("#sendMessageForm").serialize() $("#sendMessageForm").serialize()
).done(function( data ) { );
console.log(data);
});
$("#newContent").val(""); $("#newContent").val("");
} }

62
website/public/profile.php
View File

@@ -1,45 +1,17 @@
<!DOCTYPE html>
<html>
<head>
<?php include("../views/head.php"); ?>
<script src="/js/masonry.js"></script>
<style>
@import url("/styles/profile.css");
</style>
</head>
<body>
<?php <?php
include("../queries/user.php"); include("../queries/user.php");
include("../queries/friendship.php"); include("../queries/friendship.php");
include("../queries/nicetime.php");
function nicetime($date) {
if(empty($date)) {
return "No date provided";
}
$single_periods = array("seconde", "minuut", "uur", "dag", "week", "maand", "jaar", "decennium");
$multiple_periods = array("seconden", "minuten", "uur", "dagen", "weken", "maanden", "jaar", "decennia");
$lengths = array("60", "60", "24", "7", "4.35", "12", "10", "0");
$now = time();
$unix_date = strtotime($date);
if(empty($unix_date)) {
return "Bad date";
}
if($now > $unix_date) {
$difference = $now - $unix_date;
$tense = "geleden";
} else {
$difference = $unix_date - $now;
$tense = "vanaf nu";
}
for($i = 0; $difference >= $lengths[$i] && $i < count($lengths) - 1; $i++) {
$difference /= $lengths[$i];
}
$difference = round($difference);
if($difference != 1) {
$period = $multiple_periods[$i];
} else {
$period = $single_periods[$i];
}
return "$difference $period $tense";
}
if(empty($_GET["username"])) { if(empty($_GET["username"])) {
$userID = $_SESSION["userID"]; $userID = $_SESSION["userID"];
@@ -52,18 +24,6 @@ $profile_friends = selectAllFriends($userID);
$profile_groups = selectAllUserGroups($userID); $profile_groups = selectAllUserGroups($userID);
$posts = selectAllUserPosts($userID); $posts = selectAllUserPosts($userID);
?>
<!DOCTYPE html>
<html>
<head>
<?php include("../views/head.php"); ?>
<style>
@import url("styles/profile.css");
</style>
</head>
<body>
<?php
/* /*
* This view adds the main layout over the screen. * This view adds the main layout over the screen.
* Header, menu, footer. * Header, menu, footer.

3
website/public/settings.php
View File

@@ -22,12 +22,13 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
$result = updateSettings(); $result = updateSettings();
break; break;
case "password": case "password":
$result = updatePassword(); $result = changePassword();
break; break;
case "email": case "email":
$result = changeEmail(); $result = changeEmail();
break; break;
case "picture": case "picture":
updateProfilePicture();
$result = $notImplemented; $result = $notImplemented;
break; break;
} }

22
website/public/styles/adminpanel.css
View File

@@ -13,7 +13,7 @@
height: auto; height: auto;
} }
.admin-actions { .admin-batchactions, .admin-groupbatchactions {
display: inline-block; display: inline-block;
padding: 8px; padding: 8px;
vertical-align: top; vertical-align: top;
@@ -22,6 +22,10 @@
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
} }
.admin-searchform {
display: inline-block;
}
.admin-searchbar { .admin-searchbar {
display: inline-block; display: inline-block;
margin: 10px; margin: 10px;
@@ -44,18 +48,20 @@
width: 120px; width: 120px;
} }
.admin-groupfilter {
display: none;
}
.admin-users { .admin-users {
margin: 10px; margin: 10px;
} }
.admin-userpage { .admin-userheading {
width: 170px; width: auto;
margin-bottom: 20px; float: left;
}
.admin-pageui {
text-align: right;
float: right; float: right;
width: auto;
margin-bottom: 20px;
} }
.usertitle { .usertitle {

2
website/public/styles/menu.css
View File

@@ -30,7 +30,7 @@
cursor: pointer; cursor: pointer;
} }
.friend-item:hover { .friend-item:hover, .group-item:hover {
background: #845663; background: #845663;
color: white; color: white;
} }

96
website/queries/group_page.php
View File

@@ -1,7 +1,7 @@
<?php <?php
function selectGroupById($groupID) { function selectGroupById($groupID) {
return $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
`group_page`.`name`, `group_page`.`name`,
`group_page`.`picture`, `group_page`.`picture`,
@@ -11,12 +11,16 @@ function selectGroupById($groupID) {
FROM FROM
`group_page` `group_page`
WHERE WHERE
`group_page`.`groupID` = $groupID `group_page`.`groupID` = :groupID
"); ");
$q->bindParam(':groupID', $groupID);
$q->execute();
return $q;
} }
function select20GroupsFromN($n) { function select20GroupsFromN($n) {
return $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
`group_page`.`groupID`, `group_page`.`groupID`,
`group_page`.`name`, `group_page`.`name`,
@@ -29,12 +33,16 @@ function select20GroupsFromN($n) {
ORDER BY ORDER BY
`group_page`.`name` ASC `group_page`.`name` ASC
LIMIT LIMIT
$n, 20 :n, 20
"); ");
$q->bindParam(':n', $n);
$q->execute();
return $q;
} }
function select20GroupsByStatusFromN($n, $status) { function select20GroupsByStatusFromN($n, $status) {
return $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
`group_page`.`groupID`, `group_page`.`groupID`,
`group_page`.`name`, `group_page`.`name`,
@@ -45,12 +53,17 @@ function select20GroupsByStatusFromN($n, $status) {
FROM FROM
`group_page` `group_page`
WHERE WHERE
`group_page`.`status` = $status `group_page`.`status` = :status
ORDER BY ORDER BY
`group_page`.`name` ASC `group_page`.`name` ASC
LIMIT LIMIT
$n, 20 :n, 20
"); ");
$q->bindParam(':status', $status);
$q->bindParam(':n', $n);
$q->execute();
return $q;
} }
function search20GroupsFromNByStatus($n, $keyword, $status) { function search20GroupsFromNByStatus($n, $keyword, $status) {
@@ -80,6 +93,55 @@ function search20GroupsFromNByStatus($n, $keyword, $status) {
return $q; return $q;
} }
function searchSomeGroupsByStatus($n, $m, $keyword, $status) {
$q = $GLOBALS['db']->prepare("
SELECT
`groupID`,
`name`,
`status`,
`description`
FROM
`group_page`
WHERE
`name` LIKE :keyword AND
FIND_IN_SET (`status`, :statuses)
ORDER BY
`name`
LIMIT
:n, :m
");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$q->bindParam(':n', $n, PDO::PARAM_INT);
$q->bindParam(':m', $m, PDO::PARAM_INT);
$statuses = implode(',', $status);
$q->bindParam(':statuses', $statuses);
$q->execute();
return $q;
}
function countSomeGroupsByStatus($keyword, $status) {
$q = $GLOBALS['db']->prepare("
SELECT
COUNT(*)
FROM
`group_page`
WHERE
`name` LIKE :keyword AND
FIND_IN_SET (`status`, :statuses)
ORDER BY
`name`
");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$statuses = implode(',', $status);
$q->bindParam(':statuses', $statuses);
$q->execute();
return $q;
}
function changeGroupStatusByID($id, $status) { function changeGroupStatusByID($id, $status) {
$q = $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->query("
UPDATE UPDATE
@@ -92,3 +154,23 @@ function changeGroupStatusByID($id, $status) {
return $q; return $q;
} }
function changeMultipleGroupStatusByID($ids, $status) {
$q = $GLOBALS['db']->prepare("
UPDATE
`group_page`
SET
`status` = :status
WHERE
FIND_IN_SET (`groupID`, :ids)
");
$ids = implode(',', $ids);
$q->bindParam(':ids', $ids);
$q->bindParam(':status', $status);
$q->execute();
return $q;
}
?>

39
website/queries/nicetime.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
function nicetime($date) {
if(empty($date)) {
return "No date provided";
}
$single_periods = array("seconde", "minuut", "uur", "dag", "week", "maand", "jaar", "decennium");
$multiple_periods = array("seconden", "minuten", "uur", "dagen", "weken", "maanden", "jaar", "decennia");
$lengths = array("60", "60", "24", "7", "4.35", "12", "10", "0");
$now = time();
$unix_date = strtotime($date);
if(empty($unix_date)) {
return "Bad date";
}
if($now > $unix_date) {
$difference = $now - $unix_date;
$tense = "geleden";
} else {
$difference = $unix_date - $now;
$tense = "vanaf nu";
}
for($i = 0; $difference >= $lengths[$i] && $i < count($lengths) - 1; $i++) {
$difference /= $lengths[$i];
}
$difference = round($difference);
if($difference != 1) {
$period = $multiple_periods[$i];
} else {
$period = $single_periods[$i];
}
return "$difference $period $tense";
}

36
website/queries/settings.php
View File

@@ -87,11 +87,11 @@ function updateSettings() {
`userID` = :userID `userID` = :userID
"); ");
$stmt->bindParam(":fname", $_POST["fname"]); $stmt->bindParam(":fname", test_input($_POST["fname"]));
$stmt->bindParam(":lname", $_POST["lname"]); $stmt->bindParam(":lname", test_input($_POST["lname"]));
$stmt->bindParam(":location", $_POST["location"]); $stmt->bindParam(":location", test_input($_POST["location"]));
$stmt->bindParam(":bday", $_POST["bday"]); $stmt->bindParam(":bday", $_POST["bday"]);
$stmt->bindParam(":bio", $_POST["bio"]); $stmt->bindParam(":bio", test_input($_POST["bio"]));
$stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute(); $stmt->execute();
@@ -99,11 +99,11 @@ function updateSettings() {
return new settingsMessage("happy", "Instellingen zijn opgeslagen."); return new settingsMessage("happy", "Instellingen zijn opgeslagen.");
} }
function updatePassword() { function changePassword() {
$user = getPasswordHash(); $user = getPasswordHash();
if (password_verify($_POST["password-old"], $user["password"])) { if (password_verify($_POST["password-old"], $user["password"])) {
if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) { if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
if (changePassword()) { if (doChangePassword()) {
return new settingsMessage("happy", "Wachtwoord gewijzigd."); return new settingsMessage("happy", "Wachtwoord gewijzigd.");
} else { } else {
return new settingsMessage("angry", "Er is iets mis gegaan."); return new settingsMessage("angry", "Er is iets mis gegaan.");
@@ -116,7 +116,7 @@ function updatePassword() {
} }
} }
function changePassword() { function doChangePassword() {
$stmt = $GLOBALS["db"]->prepare(" $stmt = $GLOBALS["db"]->prepare("
UPDATE UPDATE
`user` `user`
@@ -185,3 +185,25 @@ function doChangeEmail($email) {
$stmt->execute(); $stmt->execute();
return $stmt->rowCount(); return $stmt->rowCount();
} }
function updateProfilePicture() {
$profilePictureDir = "/var/www/html/public/";
$relativePath = "uploads/" . $_SESSION["userID"] . "_" . basename($_FILES["pp"]["name"]);
move_uploaded_file($_FILES['pp']['tmp_name'], $profilePictureDir . $relativePath);
setProfilePictureToDatabase("../" . $relativePath);
}
function setProfilePictureToDatabase($url) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`profilepicture` = :profilepicture
WHERE
`userID` = :userID
");
$stmt->bindParam(":profilepicture", $url);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
}

119
website/queries/user.php
View File

@@ -88,7 +88,7 @@ function selectAllUserPosts($userID) {
} }
function select20UsersFromN($n) { function select20UsersFromN($n) {
return $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
`userID`, `userID`,
`username`, `username`,
@@ -100,8 +100,12 @@ function select20UsersFromN($n) {
`role`, `role`,
`username` `username`
LIMIT LIMIT
$n, 20 :n, 20
"); ");
$q->bindParam(':n', $n);
$q->execute();
return $q;
} }
function search20UsersFromN($n, $keyword) { function search20UsersFromN($n, $keyword) {
@@ -156,18 +160,115 @@ function search20UsersFromNByStatus($n, $keyword, $status) {
return $q; return $q;
} }
function changeUserStatusByID($id, $status) { function searchSomeUsersByStatus($n, $m, $keyword, $status) {
$q = $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
UPDATE SELECT
`userID`,
`username`,
`role`,
`bancomment`
FROM
`user` `user`
SET
`role` = $status
WHERE WHERE
`userID` = $id `username` LIKE :keyword AND
FIND_IN_SET (`role`, :statuses)
ORDER BY
`role`,
`username`
LIMIT
:n, :m
"); ");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$q->bindParam(':n', $n, PDO::PARAM_INT);
$q->bindParam(':m', $m, PDO::PARAM_INT);
$statuses = implode(',', $status);
$q->bindParam(':statuses', $statuses);
$q->execute();
return $q;
}
function countSomeUsersByStatus($keyword, $status) {
$q = $GLOBALS["db"]->prepare("
SELECT
COUNT(*)
FROM
`user`
WHERE
`username` LIKE :keyword AND
FIND_IN_SET (`role`, :statuses)
ORDER BY
`role`,
`username`
");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$statuses = implode(',', $status);
$q->bindParam(':statuses', $statuses);
$q->execute();
return $q; return $q;
} }
?> function changeUserStatusByID($id, $status) {
$q = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`role` = :status
WHERE
`userID` = :id
");
$q->bindParam(':status', $status);
$q->bindParam(':id', $id);
$q->execute();
return $q;
}
function changeMultipleUserStatusByID($ids, $status) {
$q = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`role` = :status
WHERE
FIND_IN_SET (`userID`, :ids)
");
$ids = implode(',', $ids);
$q->bindParam(':ids', $ids);
$q->bindParam(':status', $status);
$q->execute();
return $q;
}
function selectRandomNotFriendUser($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`user`.`username`
FROM
`user`
WHERE
`userID` NOT IN (SELECT
`user1ID`
FROM
`friendship`
WHERE `user1ID` = :userID) OR
`userID` NOT IN (SELECT
`user2ID`
FROM
`friendship`
WHERE `user2ID` = :userID)
ORDER BY
RAND()
LIMIT
1
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->execute();
return $stmt->fetch();
}

198
website/views/adminpanel.php
View File

@@ -3,32 +3,7 @@
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<title>Admin Panel</title> <title>Admin Panel</title>
<script type="text/javascript"> <script src="/js/admin.js" charset="utf-8"></script>
window.onload = function() {
changeFilter();
};
function checkAll(allbox) {
var checkboxes = document.getElementsByName('checkbox-user[]');
for (var i = 0; i < checkboxes.length; i++) {
if (checkboxes[i].type == 'checkbox') {
checkboxes[i].checked = allbox.checked;
}
}
}
function changeFilter() {
if (document.getElementById('group').checked) {
document.getElementById('admin-filter').style.display = 'none';
document.getElementById('admin-groupfilter').style.display = 'inline-block';
} else {
document.getElementById('admin-filter').style.display = 'inline-block';
document.getElementById('admin-groupfilter').style.display = 'none';
}
}
</script>
<?php <?php
include_once("../queries/user.php"); include_once("../queries/user.php");
include_once("../queries/group_page.php"); include_once("../queries/group_page.php");
@@ -39,41 +14,54 @@
<!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp --> <!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
<?php <?php
$search = ""; $search = "";
$listnr = 0; // TODO: add page functionality $currentpage = 1;
$perpage = 20;
$status = $groupstatus = array(); $status = $groupstatus = array();
$pagetype = "user"; $pagetype = "user";
if (isset($_GET["search"])) {
$search = test_input($_GET["search"]);
}
if (isset($_GET["pagetype"])) {
$pagetype = test_input($_GET["pagetype"]);
}
if (isset($_GET["status"])) {
$status = $_GET["status"];
}
if (isset($_GET["groupstatus"])) {
$groupstatus = $_GET["groupstatus"];
}
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!empty($_POST["search"])) { if (isset($_POST["actions"]) && isset($_POST["userID"])) {
$search = test_input($_POST["search"]);
}
if (!empty($_POST["pagetype"])) {
$pagetype = test_input($_POST["pagetype"]);
}
if (!empty($_POST["status"])) {
$status = $_POST["status"];
}
if (!empty($_POST["groupstatus"])) {
$groupstatus = $_POST["groupstatus"];
}
if (!empty($_POST["actions"]) && !empty($_POST["userID"])) {
changeUserStatusByID($_POST["userID"], $_POST["actions"]); changeUserStatusByID($_POST["userID"], $_POST["actions"]);
} elseif (!empty($_POST["actions"]) && !empty($_POST["groupID"])) { }
if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
changeGroupStatusByID($_POST["groupID"], $_POST["actions"]); changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
} }
if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
} }
function test_input($data) { if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
$data = trim($data); changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
} }
if (isset($_POST["pageselect"])) {
$currentpage = $_POST["pageselect"];
}
}
$listn = ($currentpage-1) * $perpage;
$listm = $currentpage * $perpage;
?> ?>
<div class="content"> <div class="content">
@@ -81,13 +69,10 @@ function test_input($data) {
<div class="admin-title"> <div class="admin-title">
<h1>User Management Panel</h1> <h1>User Management Panel</h1>
</div> <br> </div> <br>
<form class="admin-actionform"
action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
method="post">
<div class="admin-options"> <div class="admin-options">
<form class="admin-searchform" <form class="admin-searchform"
action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
method="post"> method="get">
<div class="admin-searchbar"> <div class="admin-searchbar">
<h2>Search</h2> <h2>Search</h2>
<input type="text" <input type="text"
@@ -147,32 +132,86 @@ function test_input($data) {
</div> </div>
</form> </form>
<div class="admin-actions"> <div class="admin-batchactions" id="admin-batchactions">
<h2>Batch Actions: </h2> <h2>Batch Actions: </h2>
<input type="radio" name="actions" id="freeze" value="freeze"> <form class="admin-batchform"
id="admin-batchform"
action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
method="post">
<input type="radio" name="batchactions" id="freeze" value="2">
<label for="freeze">Freeze</label><br> <label for="freeze">Freeze</label><br>
<input type="radio" name="actions" id="ban" value="ban"> <input type="radio" name="batchactions" id="ban" value="3">
<label for="ban">Ban</label><br> <label for="ban">Ban</label><br>
<input type="radio" name="actions" id="restore" value="restore"> <input type="radio" name="batchactions" id="restore" value="1">
<label for="restore">Restore</label><br><br> <label for="restore">Restore</label><br><br>
<input type="submit" value="Confirm"> <input type="submit" value="Confirm">
</form>
</div>
<div class="admin-groupbatchactions" id="admin-groupbatchactions">
<h2>Batch Actions: </h2>
<form class="admin-groupbatchform"
id="admin-groupbatchform"
action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
method="post">
<input type="radio" name="groupbatchactions" id="hide" value="0">
<label for="hide">Hide</label><br>
<input type="radio" name="groupbatchactions" id="public" value="1">
<label for="public">Public</label><br>
<input type="radio" name="groupbatchactions" id="membersonly" value="2">
<label for="membersonly">Member</label><br><br>
<input type="submit" value="Confirm">
</form>
</div> </div>
</div> </div>
<br> <br>
<div class="admin-users"> <div class="admin-users">
<h2 class="usertitle">Users:</h2> <div class="admin-usertitle">
<div class="admin-userheading">
<div class="admin-userpage"> <h2>Users:</h2>
<input type="submit" name="prev" value="prev"> </div>
1 / 1 <div class="admin-pageui">
<input type="submit" name="next" value="next"> <?php
if ($pagetype == "user") {
$pages = countSomeUsersByStatus($search, $status);
} else {
$pages = countSomeGroupsByStatus($search, $groupstatus);
}
$countresults = $pages->fetchColumn();
$mincount = min($listm, $countresults);
$minlist = min($listn + 1, $countresults);
?>
<p class="pagenumber">Current page:</p>
<form class="admin-pageselector"
action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
method="post">
<select class="admin-pageselect"
name="pageselect"
onchange="this.form.submit()"
value="">
<?php
for ($i=1; $i <= ceil($countresults / $perpage); $i++) {
if ($currentpage == $i) {
echo "<option value='$i' selected>$i</option>";
} else {
echo "<option value='$i'>$i</option>";
}
}
?>
</select>
</form>
<p class="entriesshown">
<?php
echo "Showing results $minlist to $mincount out of $countresults";
?>
</div>
</div> <br> </div> <br>
<table class="usertable"> <table class="usertable">
<tr> <tr>
<th class="table-checkbox"> <th class="table-checkbox">
<input type="checkbox" name="checkall" onchange="checkAll(this)"> <input type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)">
</th> </th>
<th class="table-username">User</th> <th class="table-username">User</th>
<th class="table-status">Status</th> <th class="table-status">Status</th>
@@ -182,21 +221,28 @@ function test_input($data) {
<!-- Table construction via php PDO. --> <!-- Table construction via php PDO. -->
<?php <?php
$listn = ($currentpage-1) * $perpage;
$listm = $currentpage * $perpage;
if ($pagetype == 'user') { if ($pagetype == 'user') {
$q = search20UsersFromNByStatus($listnr, $search, $status); $q = searchSomeUsersByStatus($listn, $listm, $search, $status);
while($user = $q->fetch(PDO::FETCH_ASSOC)) { while($user = $q->fetch(PDO::FETCH_ASSOC)) {
$userID = $user['userID']; $userID = $user['userID'];
$username = $user['username']; $username = $user['username'];
$role = $user['role']; $role = $user['role'];
$bancomment = $user['bancomment']; $bancomment = $user['bancomment'];
$thispage = htmlspecialchars($_SERVER['PHP_SELF']); $thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
$function = "checkCheckAll(document.getElementById('checkall'))";
echo(" echo("
<tr> <tr>
<td><input type='checkbox' <td><input type='checkbox'
name='checkbox-user[]' name='checkbox-user[]'
value='$userID'> class='checkbox-list'
value='$userID'
form='admin-batchform'
onchange=" . "$function" . ">
</td> </td>
<td>$username</td> <td>$username</td>
<td>$role</td> <td>$role</td>
@@ -218,20 +264,24 @@ function test_input($data) {
"); ");
} }
} else { } else {
$q = search20GroupsFromNByStatus($listnr, $search, $groupstatus); $q = searchSomeGroupsByStatus($listn, $listm, $search, $groupstatus);
while ($group = $q->fetch(PDO::FETCH_ASSOC)) { while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
$groupID = $group['groupID']; $groupID = $group['groupID'];
$name = $group['name']; $name = $group['name'];
$role = $group['status']; $role = $group['status'];
$description = $group['description']; $description = $group['description'];
$thispage = htmlspecialchars($_SERVER['PHP_SELF']); $thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
$function = "checkCheckAll(document.getElementById('checkall'))";
echo(" echo("
<tr> <tr>
<td><input type='checkbox' <td><input type='checkbox'
name='checkbox-group[]' name='checkbox-group[]'
value='$groupID'> class='checkbox-list'
value='$groupID'
form='admin-groupbatchform'
onchange=" . "$function" . ">
</td> </td>
<td>$name</td> <td>$name</td>
<td>$role</td> <td>$role</td>
@@ -243,7 +293,7 @@ function test_input($data) {
<select class='action' name='actions'> <select class='action' name='actions'>
<option value='0'>Hide</option> <option value='0'>Hide</option>
<option value='1'>Public</option> <option value='1'>Public</option>
<option value='2'>Members-only</option> <option value='2'>Members</option>
</select> </select>
<input type='hidden' name='groupID' value='$groupID'> <input type='hidden' name='groupID' value='$groupID'>
<input type='submit' value='Confirm'> <input type='submit' value='Confirm'>
@@ -256,10 +306,6 @@ function test_input($data) {
?> ?>
</table> </table>
</div> </div>
</form>
<pre>
<?php print_r($_POST); ?>
</pre>
</div> </div>
</div> </div>
</body> </body>

20
website/views/head.php
View File

@@ -1,21 +1,21 @@
<meta charset="utf-8"> <meta charset="utf-8">
<title>MyHyvesbook+</title> <title>MyHyvesbook+</title>
<!-- Add your javascript files here. --> <!-- Add your javascript files here. -->
<script src="js/jquery.js"></script> <script src="/js/jquery.js"></script>
<script src="js/header.js"></script> <script src="/js/header.js"></script>
<script src="js/menu.js"></script> <script src="/js/menu.js"></script>
<script src="js/masonry.js"></script>
<style> <style>
/* Add your css files here. */ /* Add your css files here. */
@import url("styles/main.css"); @import url("/styles/main.css");
@import url("styles/font-awesome.css"); @import url("/styles/font-awesome.css");
@import url("styles/header.css"); @import url("/styles/header.css");
@import url("styles/menu.css"); @import url("/styles/menu.css");
@import url("styles/footer.css"); @import url("/styles/footer.css");
</style> </style>
<?php <?php
include_once("../queries/connect.php"); require_once ("../queries/checkInput.php");
require_once ("../queries/connect.php");
session_start(); session_start();

12
website/views/header.php
View File

@@ -5,10 +5,10 @@ $userinfo = getHeaderInfo();
?> ?>
<header> <header>
<div id="header-logo"> <div id="header-logo">
<a href="profile.php"><img src="img/top-logo.png" alt="MyHyvesbook+" /></a> <a href="profile.php"><img src="/img/top-logo.png" alt="MyHyvesbook+" /></a>
</div> </div>
<div id="header-search"> <div id="header-search">
<form action="search.php" method="get"> <form action="/search" method="get">
<input name="search" <input name="search"
type="text" type="text"
placeholder="Zoek naar wat je wil" placeholder="Zoek naar wat je wil"
@@ -20,9 +20,9 @@ $userinfo = getHeaderInfo();
</div> </div>
<div class="right profile-menu"> <div class="right profile-menu">
<div id="profile-menu-popup"> <div id="profile-menu-popup">
<a href="logout.php"><span style="color: red;" class="fa fa-sign-out" data-title="Uitloggen"></span></a> | <a href="/logout"><span style="color: red;" class="fa fa-sign-out" data-title="Uitloggen"></span></a> |
<a href="settings.php"><span style="color: blue;" class="fa fa-cog" data-title="Instellingen"></span></a> | <a href="/settings"><span style="color: blue;" class="fa fa-cog" data-title="Instellingen"></span></a> |
<a href="profile.php"><span style="color: green;" class="fa fa-user" data-title="Profiel"></span></a> <a href="/profile"><span style="color: green;" class="fa fa-user" data-title="Profiel"></span></a>
</div> </div>
<div id="profile-hello-popup"> <div id="profile-hello-popup">
<div id="hello-loop"> <div id="hello-loop">
@@ -32,5 +32,5 @@ $userinfo = getHeaderInfo();
</div> </div>
<img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/> <img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/>
</div> </div>
<a href="chat.php"><div class="right fa fa-comments-o" id="open-chat" data-title="Prive chats"></div></a> <a href="/chat"><div class="right fa fa-comments-o" id="open-chat" data-title="Prive chats"></div></a>
</header> </header>

4
website/views/login-view.php
View File

@@ -1,6 +1,6 @@
<div> <div>
<img style="width:50%;margin-left:25%" <img style="width:50%;margin-left:25%"
src="img/top-logo.png" src="/img/top-logo.png"
alt="MyHyvesbook+"> alt="MyHyvesbook+">
</div> </div>
<div class="platform"> <div class="platform">
@@ -46,6 +46,6 @@
</form> </form>
<!-- Button for going to the register screen --> <!-- Button for going to the register screen -->
<div class="login_containerlogin"> <div class="login_containerlogin">
<a href="https://myhyvesbookplus.nl/register.php" class="button">Registreer een account</a> <a href="https://myhyvesbookplus.nl/register" class="button">Registreer een account</a>
</div> </div>
</div> </div>

3
website/views/login_head.php
View File

@@ -3,10 +3,11 @@
<title>MyHyvesbook+</title> <title>MyHyvesbook+</title>
<link rel="stylesheet" <link rel="stylesheet"
type="text/css" type="text/css"
href="styles/main.css"> href="/styles/main.css">
<link rel="stylesheet" <link rel="stylesheet"
type="text/css" type="text/css"
href="styles/index.css"> href="styles/index.css">
<script src="jqeury.js"></script> <script src="jqeury.js"></script>
<script src="registerAndLogin.js"></script> <script src="registerAndLogin.js"></script>
</head> </head>

40
website/views/menu.php
View File

@@ -7,7 +7,8 @@
<?php <?php
// Load file. // Load file.
include_once("../queries/friendship.php"); require_once("../queries/friendship.php");
require_once("../queries/user.php");
// Get all the friends of a user. // Get all the friends of a user.
$friends = selectAllFriends($_SESSION["userID"]); $friends = selectAllFriends($_SESSION["userID"]);
@@ -45,13 +46,31 @@
</li> </li>
"; ";
} }
$randomUser = selectRandomNotFriendUser($_SESSION["userID"])["username"];
echo "
<li class='friend-item'>
<form action='/profile' method='get'>
<button type='submit'
name='username'
value='$randomUser'>
<div class='friend'>
Klik hier voor een nieuw vriendje :)
</div>
</button>
</form>
</li>
";
if ($i > 1) { if ($i > 1) {
$i -= 1; $i -= 1;
echo " echo "
<li class='more-item' id='more-friends-click'> <li class='more-item' id='more-friends-click'>
En nog $i anderen... En nog $i anderen...
</li>"; </li>
";
} }
?> ?>
</ul> </ul>
</section> </section>
@@ -87,17 +106,28 @@
// Echo the friend. // Echo the friend.
echo " echo "
<a href='#' class='$extraItem'>
<li class='group-item'> <li class='group-item'>
<form action='group.php' method='get'>
<button type='submit'
name='groupname'
value='$name'>
<div class='group'> <div class='group'>
<img alt='PF' class='group-picture' src='$picture'/> <img alt='PF' class='group-picture' src='$picture'/>
$name $name
</div> </div>
</button>
</form>
</li> </li>
</a>
"; ";
} }
if ($i > 3) {
if ($i == 0) {
echo "<li class='group-item'>
<div class='group'>
Je hoort nergens bij.
</div>
</li>";
} else if ($i > 3) {
$i -= 3; $i -= 3;
echo " echo "
<li class='more-item' id='more-groups-click'> <li class='more-item' id='more-groups-click'>

10
website/views/profile.php
View File

@@ -2,7 +2,7 @@
<div class="profile-box platform"> <div class="profile-box platform">
<img class="left profile-picture" src="<?php echo $user["profilepicture"] ?>"> <img class="left profile-picture" src="<?php echo $user["profilepicture"] ?>">
<div class="profile-button"> <div class="profile-button">
<p><img src="img/add-friend.png"> Als vriend toevoegen</p> <p><img src="/img/add-friend.png"> Als vriend toevoegen</p>
</div> </div>
<h1 class="profile-username"><?= $user["fname"]?> <?=$user["lname"]?> (<?=$user["username"]?>)</h1> <h1 class="profile-username"><?= $user["fname"]?> <?=$user["lname"]?> (<?=$user["username"]?>)</h1>
<p><?=$user["bio"]?></p> <p><?=$user["bio"]?></p>
@@ -13,11 +13,11 @@
<p> <p>
<?php <?php
while($friend = $profile_friends->fetch()) { while($friend = $profile_friends->fetch()) {
echo "<a href='#' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>"; echo "<a href='profile/${friend["username"]}/' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>";
} }
if($friends->rowCount() === 0) { if($profile_friends->rowCount() === 0) {
echo "<p>Deze gebruiker heeft nog geen vrienden gemaakt.</p>"; echo "<p>Deze gebruiker heeft nog geen vrienden gemaakt.</p>";
} }
?> ?>
@@ -29,10 +29,10 @@
<p> <p>
<?php <?php
while($group = $profile_groups->fetch()) { while($group = $profile_groups->fetch()) {
echo "<a href='#' data-title='${group["name"]}'><img class='group-picture' src='${group["picture"]}' alt='${group["name"]}s logo'></a>"; echo "<a href='group/${group["name"]}/' data-title='${group["name"]}'><img class='group-picture' src='${group["picture"]}' alt='${group["name"]}s logo'></a>";
} }
if($groups->rowCount() === 0) { if($profile_groups->rowCount() === 0) {
echo "<p>Deze gebruiker is nog geen lid van een groep.</p>"; echo "<p>Deze gebruiker is nog geen lid van een groep.</p>";
} }
?> ?>

2
website/views/register-view.php
View File

@@ -1,6 +1,6 @@
<div> <div>
<img style="width:50%;margin-left:25%" <img style="width:50%;margin-left:25%"
src="img/top-logo.png" src="/img/top-logo.png"
alt="MyHyvesbook+"> alt="MyHyvesbook+">
</div> </div>

2
website/views/settings-view.php
View File

@@ -68,7 +68,7 @@ $settings = getSettings();
</li> </li>
</ul> </ul>
</form> </form>
<form class="settings-profilepictue platform" method="post"> <form class="settings-profilepictue platform" method="post" enctype="multipart/form-data">
<h5>Verander profielfoto</h5> <h5>Verander profielfoto</h5>
<ul> <ul>
<li> <li>