MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into hendrik-post

Browse Source
This commit is contained in:
Hendrik
2017-01-25 15:59:40 +01:00
parent b161596d67 c23b8bd8e5
commit f06de1e88d
35 changed files with 989 additions and 315 deletions
Download Patch File Download Diff File Expand all files Collapse all files

207
website/queries/checkInput.php
View File

@@ -1,97 +1,139 @@
<?php
/**
* Function for checking inputfields
* @param variable $variable Give name of the inputfield.
* @param string $option Give the name of the option.
* @param String $variable Give name of the inputfield.
* @param String $option Give the name of the option.
* @return sets correct to false and gives value to error message if it doesn't pass the checks.
*/
function checkInputChoice($variable, $option){
if (empty($_POST[$variable])) {
$GLOBALS[$variable . "Err"] = "Verplicht!";
$GLOBALS["correct"] = false;
switch ($option) {
case "lettersAndSpaces";
checkName($variable);
break;
} else {
$GLOBALS[$variable] = test_input($_POST[$variable]);
switch ($option) {
case "lettersAndSpace":
checkonly($variable);
break;
case "bday";
validateBday($variable);
break;
case "username";
username($variable);
break;
case "username";
username($variable);
break;
case "longerEight";
longerEight($variable);
break;
case "longerEight";
longerEight($variable);
break;
case "email";
validateEmail($variable);
break;
case "email";
validateEmail($variable);
break;
default:
break;
default:
break;
}
}
}
/* Checks for only letters and spaces. */
function checkOnly($variable){
if (!preg_match("/^[a-zA-Z ]*$/",$GLOBALS[$variable])) {
$GLOBALS[$variable . "Err"] = "Alleen letters en spaties zijn toegestaan!";
$correct = false;
function checkName($variable){
if (empty($variable)) {
throw new lettersAndSpacesException("Verplicht!");
} else if (!preg_match("/^[a-zA-Z ]*$/", $variable)) {
throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
}
}
/* Checks for bday */
function validateBday($variable){
if (empty($variable)) {
throw new bdayException("Verplicht!");
} else {
if (!(validateDate($variable, "Y/m/d"))) {
throw new bdayException("Geen geldige datum");
} else {
$dateNow = date("Y/m/d");
if ($dateNow < $variable) {
throw new bdayException("Geen geldige datum");
}
}
}
}
// Checks for date
function validateDate($date, $format)
{
$d = DateTime::createFromFormat($format, $date);
return $d && $d->format($format) == $date;
}
/* checks if username exist and if its longer than 6 characters. */
function username($variable){
if (strlen($GLOBALS[$variable]) < 6) {
$GLOBALS[$variable . "Err"] = "Gebruikersnaam moet minstens 6 karakters bevatten";
$correct = false;
if (empty($variable)) {
throw new usernameException("Verplicht!");
} else if (strlen($variable) < 6) {
throw new usernameException("Moet minstens 6 karakters bevatten");
} else if (getExistingUsername() == 1) {
$GLOBALS[$variable . "Err"] = "Gebruikersnaam bestaat al";
$correct = false;
throw new usernameException("Gebruikersnaam bestaal al");
}
}
/* checks if an input is longer that 8 characters. */
function longerEight($variable){
if (strlen($GLOBALS[$variable]) < 8) {
$GLOBALS[$variable . "Err"] = "Moet minstens 8 karakters bevatten";
$correct = false;
if (empty($variable)) {
throw new passwordException("Verplicht!");
} else if (strlen($variable) < 8) {
throw new passwordException("Moet minstens 8 karakters bevatten");
}
}
/* checks if an input is a valid email. */
function validateEmail($variable){
if (!filter_var($GLOBALS[$variable], FILTER_VALIDATE_EMAIL)) {
$GLOBALS[$variable . "Err"] = "Geldige email invullen!";
$correct = false;
if (empty($variable)) {
throw new emailException("Verplicht!");
} else if (!filter_var($variable, FILTER_VALIDATE_EMAIL)) {
throw new emailException("Geldige email invullen");
} else if (getExistingEmail() == 1){
$GLOBALS[$variable . "Err"] = "Email bestaat al";
$correct = false;
throw new emailException("Email bestaal al!");
}
}
/* checks if two passwords matches. */
function matchPassword(){
if ($_POST["password"] != $_POST["confirmpassword"]) {
$GLOBALS["confirmpasswordErr"] = "Wachtwoorden matchen niet";
$GLOBALS["correct"] = false;
throw new confirmPasswordException("Wachtwoorden matchen niet!");
}
}
// Checks if everything is filled in correctly
function registerCheck(){
if ($GLOBALS["correct"] == false){
$GLOBALS["genericErr"] = "Bepaalde velden zijn verkeerd of niet ingevuld!";
/* Checks if captcha is correctly filled in */
function checkCaptcha($captcha){
if(!$captcha){
throw new captchaException("Captcha needs to be filled in!");
} else {
$response=json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6Lc72xIUAAAAAPizuF3nUbklCPljVCVzgYespz8o&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']));
if($response->success==false) {
throw new captchaException("You are a spammer!");
}
}
}
/* Get ip adres */
function getIp(){
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$GLOBALS["ip"] = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$GLOBALS["ip"] = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$GLOBALS["ip"] = $_SERVER['REMOTE_ADDR'];
}
}
/* Checks if everything is filled in correctly */
function registerCheck($status){
if ($status == false){
throw new registerException("Bepaalde velden zijn verkeerd of niet ingevuld");
} else {
registerAccount();
header("location: login.php");
}
}
@@ -102,4 +144,69 @@ function test_input($data) {
$data = htmlspecialchars($data);
return $data;
}
class lettersAndSpacesException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class bdayException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class usernameException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class passwordException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class confirmPasswordException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class emailException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class captchaException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class registerException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
?>

42
website/queries/emailconfirm.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
function sendConfirmEmailUsername(string $username) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`userID`
FROM
`user`
WHERE
`username` = :username
");
$stmt->bindParam(":username", $username);
$stmt->execute();
$userID = $stmt->fetch()["username"];
sendConfirmEmail($userID);
}
function sendConfirmEmail(int $userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`email`,
`fname`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $userID);
$stmt->execute();
$user = $stmt->fetch();
$email = $user["email"];
$fname = $user["fname"];
$hash = password_hash($email, PASSWORD_DEFAULT);
$confirmLink = "https://myhyvesbookplus.nl/emailconfirm.php?u=$userID&h=$hash";
$subject = "Bevestig uw emailadres";
$body = "Hallo $fname,\r\n\r\nKlik op de onderstaande link om uw emailadres te bevestigen.\r\n\r\n$confirmLink\r\n\r\nGroeten MyHyvesbook+";
$header = "From: MyHyvesbook+ <noreply@myhyvesbookplus.nl>";
mail($email, $subject, $body, $header);
}

125
website/queries/friendship.php
View File

@@ -1,13 +1,16 @@
<?php
require("connect.php");
function selectAllFriends($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`userID`,
`username`,
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `name`,
IFNULL(
`profilepicture`,
'../img/notbad.jpg'
'../img/avatar-standard.png'
) AS profilepicture,
`onlinestatus`,
`role`
@@ -36,9 +39,25 @@ function selectAllFriendRequests() {
SELECT
`userID`,
`username`,
CASE `status` IS NULL
WHEN TRUE THEN 0
WHEN FALSE THEN
CASE `status` = 'confirmed'
WHEN TRUE THEN
1
WHEN FALSE THEN
CASE `user1ID` = :userID
WHEN TRUE THEN
2
WHEN FALSE THEN
3
END
END
END AS `friend_state`,
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `name`,
IFNULL(
`profilepicture`,
'../img/notbad.jpg'
'../img/avatar-standard.png'
) AS profilepicture,
`onlinestatus`,
`role`
@@ -60,4 +79,106 @@ function selectAllFriendRequests() {
$stmt->execute();
return json_encode($stmt->fetchAll());
}
function getFriendshipStatus($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
CASE `status` IS NULL
WHEN TRUE THEN 0
WHEN FALSE THEN
CASE `status` = 'confirmed'
WHEN TRUE THEN
1
WHEN FALSE THEN
CASE `user1ID` = :me AND `user2ID` = :other
WHEN TRUE THEN
2
WHEN FALSE THEN
3
END
END
END AS `friend_state`
FROM
`friendship`
WHERE
`user1ID` = :other AND `user2ID` = :me OR
`user1ID` = :me AND `user2ID` = :other
");
$stmt->bindParam(':me', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':other', $userID, PDO::PARAM_INT);
$stmt->execute();
return $stmt->fetch()["friend_state"];
}
function requestFriendship($userID) {
$stmt = $GLOBALS["db"]->prepare("
INSERT INTO `friendship` (user1ID, user2ID)
VALUES (:user1, :user2)
");
$stmt->bindParam(':user1', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':user2', $userID, PDO::PARAM_INT);
$stmt->execute();
}
function removeFriendship($userID) {
$stmt = $GLOBALS["db"]->prepare("
DELETE FROM `friendship`
WHERE
`user1ID` = :user1 AND
`user2ID` = :user2 OR
`user1ID` = :user2 AND
`user2ID` = :user1
");
$stmt->bindParam(':user1', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':user2', $userID, PDO::PARAM_INT);
$stmt->execute();
}
function acceptFriendship($userID) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE `friendship`
SET `status`='confirmed'
WHERE
`user1ID` = :user1 AND
`user2ID` = :user2
LIMIT 1
");
$stmt->bindParam(':user1', $userID, PDO::PARAM_INT);
$stmt->bindParam(':user2', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->execute();
}
function setLastVisited($friend) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`friendship`
SET `friendship`.chatLastVisted1=(
CASE `user1ID` = :sessionUser
WHEN TRUE THEN NOW()
WHEN FALSE THEN `chatLastVisted1`
END
),
`friendship`.`chatLastVisted2`=(
CASE `user2ID` = :sessionUser
WHEN TRUE THEN NOW()
WHEN FALSE THEN `chatLastVisted2`
END
)
WHERE
`user1ID` = :sessionUser AND
`user2ID` = :friend OR
`user2ID` = :sessionUser AND
`user1ID` = :friend;
");
$stmt->bindParam(':sessionUser', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':friend', $friend, PDO::PARAM_INT);
$stmt->execute();
return $stmt;
}

2
website/queries/header.php
View File

@@ -6,7 +6,7 @@ function getHeaderInfo() {
`lname`,
IFNULL(
`profilepicture`,
'img/notbad.jpg'
'img/avatar-standard.png'
) AS profilepicture
FROM
`user`

46
website/queries/login.php
View File

@@ -4,7 +4,8 @@ function getUser() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`password`,
`userID`
`userID`,
`role`
FROM
`user`
WHERE
@@ -15,3 +16,46 @@ function getUser() {
$stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC);
}
function validateLogin($username, $password){
// Empty username or password field
if (empty($username) || empty($password)) {
throw new loginException("Gebruikersnaam of wachtwoord is niet ingevuld");
}
else {
$psw = test_input($password);
$hash = getUser()["password"];
$userID = getUser()["userID"];
$role = getUser()["role"];
// If there's an account, go to the profile page
if(password_verify($psw, $hash)) {
if ($role == "banned"){
echo "<script>
window.onload=bannedAlert();
</script>";
} else if ($role == "unconfirmed"){
sendConfirmEmail(getUser()["userID"]);
echo "<script>
window.onload=emailNotConfirmed();
</script>";
} else {
$_SESSION["userID"] = $userID;
header("location: profile.php");
}
} else {
throw new loginException("Inloggevens zijn niet correct");
}
}
}
class loginException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
?>

36
website/queries/private_message.php
View File

@@ -74,3 +74,39 @@ function getNewChatMessages($lastID, $destination) {
return json_encode($stmt->fetchAll());
}
function selectAllUnreadChat() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `name`,
`user`.`userID`,
IFNULL(
`profilepicture`,
'../img/notbad.jpg'
) AS profilepicture,
LEFT(`private_message`.`content`, 15) as `content`
FROM
`private_message`,
`friendship`,
`user`
WHERE
(`friendship`.user2ID = `private_message`.`origin` AND
`friendship`.user1ID = `private_message`.`destination` AND
`friendship`.chatLastVisted1 < `private_message`.`creationdate` OR
`friendship`.user1ID = `private_message`.`origin` AND
`friendship`.user2ID = `private_message`.`destination` AND
`friendship`.chatLastVisted2 < `private_message`.`creationdate`) AND
`private_message`.`origin` = `user`.`userID` AND
`private_message`.`destination` = :userID AND
`user`.`role` != 'banned'
GROUP BY `user`.`userID`
");
$stmt->bindParam(':userID', $_SESSION["userID"]);
$stmt->execute();
return json_encode($stmt->fetchAll());
}

153
website/queries/settings.php
View File

@@ -1,35 +1,35 @@
<?php
include_once "../queries/emailconfirm.php";
class settingsMessage {
private $class;
private $message;
abstract class AlertMessage extends Exception {
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
/**
* settingsMessage constructor.
* @param string $type Happy or angry
* @param string $message The message to display
*/
public function __construct($type, $message) {
$this->message = $message;
switch ($type) {
case "happy":
$this->class = "settings-message-happy";
break;
case "angry":
$this->class = "settings-message-angry";
break;
default:
$this->class = "settings-message";
break;
}
abstract public function getClass();
}
class HappyAlert extends AlertMessage {
public function __construct($message = "Gelukt!", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
public function getClass() {
return $this->class;
return "settings-message-happy";
}
}
class AngryAlert extends AlertMessage {
public function __construct($message = "Er is iets fout gegaan.", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
public function getMessage() {
return $this->message;
public function getClass() {
return "settings-message-angry";
}
}
@@ -94,24 +94,19 @@ function updateSettings() {
$stmt->bindValue(":bio", test_input($_POST["bio"]));
$stmt->bindValue(":userID", $_SESSION["userID"]);
$stmt->execute();
return new settingsMessage("happy", "Instellingen zijn opgeslagen.");
throw new HappyAlert("Instellingen zijn opgeslagen.");
}
function changePassword() {
$user = getPasswordHash();
if (password_verify($_POST["password-old"], $user["password"])) {
if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
if (doChangePassword()) {
return new settingsMessage("happy", "Wachtwoord gewijzigd.");
} else {
return new settingsMessage("angry", "Er is iets mis gegaan.");
}
doChangePassword();
} else {
return new settingsMessage("angry", "Wachtwoorden komen niet oveen.");
throw new AngryAlert("Wachtwoorden komen niet overeen.");
}
} else {
return new settingsMessage("angry", "Oud wachtwoord niet correct.");
throw new AngryAlert("Oud wachtwoord niet correct.");
}
}
@@ -129,7 +124,12 @@ function doChangePassword() {
$stmt->bindParam(":new_password", $hashed_password);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->rowCount();
if ($stmt->rowCount()) {
throw new HappyAlert("Wachtwoord gewijzigd.");
} else {
throw new AngryAlert();
}
}
function changeEmail() {
@@ -138,20 +138,13 @@ function changeEmail() {
$email = strtolower($_POST["email"]);
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
//check if email exists
if (emailIsAvailableInDatabase($email)) {
if (doChangeEmail($email)) {
return new settingsMessage("happy", "Emailadres is veranderd.");
} else {
return new settingsMessage("angry", "Er is iets mis gegaan.");
}
} else {
return new settingsMessage("angry", "Emailadres bestaat al.");
}
emailIsAvailableInDatabase($email);
doChangeEmail($email);
} else {
return new settingsMessage("angry", "Geef een geldig emailadres.");
throw new AngryAlert("Geef een geldig emailadres");
}
} else {
return new settingsMessage("angry", "Emailadressen komen niet overeen.");
throw new AngryAlert("Emailadressen komen niet overeen.");
}
}
@@ -161,13 +154,15 @@ function emailIsAvailableInDatabase($email) {
`email`
FROM
`user`
WHERE
WHERE
`email` = :email
");
$stmt->bindParam(":email", $email);
$stmt->execute();
return !$stmt->rowCount();
if ($stmt->rowCount()) {
throw new AngryAlert("Emailadres wordt al gebruikt.");
}
}
function doChangeEmail($email) {
@@ -175,25 +170,46 @@ function doChangeEmail($email) {
UPDATE
`user`
SET
`email` = :email
`email` = :email,
`role` = 'unconfirmed'
WHERE
`userID` = :userID
");
$stmt->bindParam(":email", $email);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->rowCount();
if ($stmt->rowCount()) {
sendConfirmEmail($_SESSION["userID"]);
session_destroy();
throw new HappyAlert("Emailadres is veranderd.");
} else {
throw new AngryAlert();
}
}
function updateProfilePicture() {
function updateAvatar() {
$profilePictureDir = "/var/www/html/public/";
$relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_" . basename($_FILES["pp"]["name"]);
removeOldProfilePicture();
move_uploaded_file($_FILES['pp']['tmp_name'], $profilePictureDir . $relativePath);
setProfilePictureToDatabase("../" . $relativePath);
$tmpImg = $_FILES["pp"]["tmp_name"];
checkAvatarSize($tmpImg);
removeOldAvatar();
if (getimagesize($tmpImg)["mime"] == "image/gif") {
if ($_FILES["pp"]["size"] > 4000000) {
throw new AngryAlert("Bestand is te groot, maximaal 4MB toegestaan.");
}
$relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_avatar.gif";
move_uploaded_file($tmpImg, $profilePictureDir . $relativePath);
} else {
$relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_avatar.png";
$scaledImg = scaleAvatar($tmpImg);
imagepng($scaledImg, $profilePictureDir . $relativePath);
}
setAvatarToDatabase("../" . $relativePath);
throw new HappyAlert("Profielfoto veranderd.");
}
function removeOldProfilePicture() {
function removeOldAvatar() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`profilepicture`
@@ -205,20 +221,39 @@ function removeOldProfilePicture() {
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
$old_avatar = $stmt->fetch()["profilepicture"];
unlink("/var/www/html/public/uploads/" . $old_avatar);
if ($old_avatar != NULL) {
unlink("/var/www/html/public/uploads/" . $old_avatar);
}
}
function setProfilePictureToDatabase($url) {
function setAvatarToDatabase(string $url) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`profilepicture` = :profilePicture
`profilepicture` = :avatar
WHERE
`userID` = :userID
");
$stmt->bindParam(":profilePicture", $url);
$stmt->bindParam(":avatar", $url);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
}
function checkAvatarSize(string $img) {
$minResolution = 200;
$imgSize = getimagesize($img);
if ($imgSize[0] < $minResolution or $imgSize[1] < $minResolution) {
throw new AngryAlert("Afbeelding te klein, minimaal 200x200 pixels.");
}
}
function scaleAvatar(string $imgLink, int $newWidth = 600) {
$img = imagecreatefromstring(file_get_contents($imgLink));
if ($img) {
return imagescale($img, $newWidth);
} else {
throw new AngryAlert("Afbeelding wordt niet ondersteund.");
}
}

87
website/queries/user.php
View File

@@ -17,27 +17,64 @@ function getUserID($username) {
return $stmt->fetch()["userID"];
}
function selectUser($userID) {
function getUsername($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`,
IFNULL(
`profilepicture`,
'../img/notbad.jpg'
) AS profilepicture,
`bio`,
`role`,
`onlinestatus`,
`loggedin`,
`fname`,
`lname`
`username`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->bindParam(':userID', $userID, PDO::PARAM_STR);
$stmt->execute();
return $stmt->fetch()["username"];
}
function selectUser($me, $other) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`,
`birthdate`,
`location`,
IFNULL(
`profilepicture`,
'../img/avatar-standard.png'
) AS profilepicture,
`bio`,
`user`.`creationdate`,
`onlinestatus`,
`fname`,
`lname`,
CASE `status` IS NULL
WHEN TRUE THEN 0
WHEN FALSE THEN
CASE `status` = 'confirmed'
WHEN TRUE THEN
1
WHEN FALSE THEN
CASE `user1ID` = `userID` AND `user2ID` = :me
WHEN TRUE THEN
2
WHEN FALSE THEN
3
END
END
END AS `friend_status`
FROM
`user`
LEFT JOIN
`friendship`
ON
`user1ID` = `userID` AND `user2ID` = :me OR
`user1ID` = :me AND `user2ID` = `userID`
WHERE
`user`.`userID` = :other
");
$stmt->bindParam(':me', $me, PDO::PARAM_INT);
$stmt->bindParam(':other', $other, PDO::PARAM_INT);
$stmt->execute();
return $stmt->fetch();
}
@@ -68,18 +105,24 @@ function selectAllUserGroups($userID) {
function selectAllUserPosts($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`postID`,
`author`,
`title`,
`content`,
`creationdate`
`postID`,
`author`,
`title`,
CASE LENGTH(`content`) >= 150
WHEN TRUE THEN
CONCAT(LEFT(`content`, 150), '...')
WHEN FALSE THEN
`content`
END
AS `content`,
`creationdate`
FROM
`post`
`post`
WHERE
`author` = :userID AND
`groupID` IS NULL
`author` = :userID AND
`groupID` IS NULL
ORDER BY
`creationdate` DESC
`creationdate` DESC
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);