MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into hendrik-post

Browse Source
This commit is contained in:
Hendrik
2017-01-25 15:59:40 +01:00
parent b161596d67 c23b8bd8e5
commit f06de1e88d
35 changed files with 989 additions and 315 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
website/public/API/edit_friendship.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
session_start();
require("../../queries/friendship.php");
require("../../queries/user.php");
if(empty($_POST["userID"]) OR empty($_POST["delete"]) AND empty($_POST["accept"]) AND empty($_POST["request"])) {
echo "Not enough arguments.";
return;
}
$friendship_status = getFriendshipStatus($_POST["userID"]);
echo "\nfriendshipstatus: $friendship_status";
echo "You: " . $_SESSION["userID"];
echo "other user: " . $_POST["userID"];
if(!empty($_POST["request"]) AND $friendship_status == 0) {
echo "request";
requestFriendship($_POST["userID"]);
} else if(!empty($_POST["delete"]) AND in_array($friendship_status, array(1, 2, 3))) {
echo "delete";
removeFriendship($_POST["userID"]);
} else if (!empty($_POST["accept"]) AND $friendship_status == 3) {
echo "accept";
acceptFriendship($_POST["userID"]);
}
$username = getUsername($_POST["userID"]);
header("Location: ../profile.php?username=$username");

2
website/public/API/loadChatNotifications.php
View File

@@ -3,6 +3,6 @@
session_start(); session_start();
require_once ("../../queries/connect.php"); require_once ("../../queries/connect.php");
require_once ("../../queries/friendship.php"); require_once ("../../queries/private_message.php");
echo selectAllUnreadChat(); echo selectAllUnreadChat();

3
website/public/API/loadMessages.php
View File

@@ -5,9 +5,12 @@ session_start();
require_once("../../queries/connect.php"); require_once("../../queries/connect.php");
require_once("../../queries/private_message.php"); require_once("../../queries/private_message.php");
require_once("../../queries/checkInput.php"); require_once("../../queries/checkInput.php");
require_once("../../queries/friendship.php");
if (isset($_POST["lastID"]) && $_POST["lastID"] != "") { if (isset($_POST["lastID"]) && $_POST["lastID"] != "") {
echo getNewChatMessages(test_input($_POST["lastID"]), test_input($_POST["destination"])); echo getNewChatMessages(test_input($_POST["lastID"]), test_input($_POST["destination"]));
setLastVisited(test_input($_POST["destination"]));
} else { } else {
echo getOldChatMessages(test_input($_POST["destination"])); echo getOldChatMessages(test_input($_POST["destination"]));
setLastVisited(test_input($_POST["destination"]));
} }

49
website/public/emailconfirm.php Normal file
View File

@@ -0,0 +1,49 @@
<?php
include_once("../queries/connect.php");
if (array_key_exists("u", $_GET) and array_key_exists("h", $_GET)) {
$checkHash = $GLOBALS["db"]->prepare("
SELECT
`email`,
`role`
FROM
`user`
WHERE
`userID` = :userID
");
$checkHash->bindParam(":userID", $_GET["u"]);
$checkHash->execute();
$result = $checkHash->fetch();
$email = $result["email"];
$role = $result["role"];
if ($role == "unconfirmed") {
doActivate($email);
} else {
echo "Ongeldige link.";
}
} else {
echo "Ongeldige link.";
}
function doActivate(string $email) {
if (password_verify($email, $_GET["h"])) {
$confirmUser = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`role` = :role
WHERE
`userID` = :userID
");
$confirmUser->bindValue(":role", "user");
$confirmUser->bindParam(":userID", $_GET["u"]);
$confirmUser->execute();
if ($confirmUser->rowCount()) {
echo "Email bevestigd <br />
<a href='index.php'>U wordt automatisch doorgestuurd naar de login pagina over 5 seconden.</a> ";
header("refresh:5;url=login.php");
}
} else {
echo "Ongeldige link.";
}
}

BIN
website/public/img/avatar-standard.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 98 KiB

BIN
website/public/img/notbad.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 24 KiB

4
website/public/js/chat.js
View File

@@ -53,8 +53,8 @@ function switchUser(userID) {
$(".destinationID").val(userID); $(".destinationID").val(userID);
$("#chat-history").html(""); $("#chat-history").html("");
$("#lastID").val(""); $("#lastID").val("");
$(".chat-left .friend-item").removeClass("active-friend-chat"); $("#chat-recent-panel .friend-item").removeClass("active-friend-chat");
$(".chat-left #friend-item-" + userID).addClass("active-friend-chat"); $("#chat-left #friend-item-" + userID).addClass("active-friend-chat");
} }
function sayEmpty() { function sayEmpty() {

57
website/public/js/notifications.js
View File

@@ -1,8 +1,18 @@
function showNotifications(notifications, id) { function showFriendNotifications(notifications) {
$("#" + id).html(""); $("#friendrequestslist").html("");
for (i in notifications) { for (i in notifications) {
$("#" + id).append(" \ var outgoing = "";
<li class='friend-item $extraItem'> \ if (notifications[i].friend_state == "3") {
outgoing = "<button\
name='accept' \
class='accept-notification' \
value='"+ notifications[i].userID +"'> \
<i class='fa fa-check'></i> \
</button>";
}
$("#friendrequestslist").append(" \
<li class='friend-item'> \
<form action='profile.php' method='get'> \ <form action='profile.php' method='get'> \
<button type='submit' \ <button type='submit' \
name='username' \ name='username' \
@@ -13,6 +23,41 @@ function showNotifications(notifications, id) {
</div> \ </div> \
</button> \ </button> \
</form> \ </form> \
<div class='notification-options'>\
<form action='API/edit_friendship.php' method='post'> \
<input type='hidden' name='userID' value='"+ notifications[i].userID +"' /> \
"+ outgoing +" \
<button type='submit' \
name='delete' \
class='deny-notification' \
value='"+ notifications[i].userID +"'> \
<i class='fa fa-times'></i> \
</button>\
<form>\
</div> \
</li> \
");
}
}
function showChatNotifications(notifications) {
$("#unreadChatlist").html("");
for (i in notifications) {
$("#unreadChatlist").append(" \
<li class='friend-item'> \
<form action='chat.php' method='get'> \
<button type='submit' \
name='chatID' \
value='"+ notifications[i].userID +"'> \
<div class='friend'> \
<img alt='PF' class='profile-picture' src='"+ notifications[i].profilepicture +"'/> \
<div class='friend-name'> \
"+ notifications[i].name +"<br/> \
<span style='color: #666'>"+ notifications[i].content +"</span> \
</div> \
</div> \
</button> \
</form> \
</li> \ </li> \
"); ");
} }
@@ -23,14 +68,14 @@ function loadNotifications() {
"API/loadFriendRequestNotifications.php" "API/loadFriendRequestNotifications.php"
).done(function(data) { ).done(function(data) {
if (data && data != "[]") { if (data && data != "[]") {
showNotifications(JSON.parse(data), "friendrequestslist"); showFriendNotifications(JSON.parse(data));
} }
}); });
$.post( $.post(
"API/loadChatNotifications.php" "API/loadChatNotifications.php"
).done(function(data) { ).done(function(data) {
if (data && data != "[]") { if (data && data != "[]") {
showNotifications(JSON.parse(data), "unreadChatlist"); showChatNotifications(JSON.parse(data));
} }
}); });

9
website/public/js/registerAndLogin.js
View File

@@ -4,5 +4,12 @@ function checkLoggedIn() {
} else { } else {
window.location.href = "profile.php"; window.location.href = "profile.php";
} }
document.getElementById("demo").innerHTML = x;
} }
function bannedAlert(){
alert("Your account is banned");
}
function emailNotConfirmed(){
alert("Your account has not been verified yet!\nAnother email has been sent to you")
}

26
website/public/login.php
View File

@@ -5,6 +5,7 @@
require_once("../queries/connect.php"); require_once("../queries/connect.php");
include_once("../queries/login.php"); include_once("../queries/login.php");
include_once("../queries/checkInput.php"); include_once("../queries/checkInput.php");
include_once("../queries/emailconfirm.php");
?> ?>
<body> <body>
<?php <?php
@@ -22,26 +23,11 @@
// Trying to login // Trying to login
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Empty username or password field try{
if (empty($_POST["uname"]) || empty($_POST["psw"])) { $uname = ($_POST["uname"]);
$loginErr = "Gebruikersnaam of wachtwoord is niet ingevuld"; validateLogin($_POST["uname"], $_POST["psw"]);
} catch(loginException $e) {
} $loginErr = $e->getMessage();
else {
$uname = strtolower(test_input($_POST["uname"]));
$psw = test_input($_POST["psw"]);
$hash = getUser()["password"];
$userid = getUser()["userID"];
// If there's an account, go to the profile page
if(password_verify($psw, $hash)) {
$_SESSION["userID"] = $userid;
header("location: profile.php");
} else {
$loginErr = "Inloggegevens zijn niet correct";
}
} }
} }

17
website/public/logout.php
View File

@@ -1,15 +1,4 @@
<!DOCTYPE html>
<html>
<?php <?php
include("../views/login_head.php"); session_start();
require_once("../queries/connect.php"); session_destroy();
include_once("../queries/login.php"); header("Location: login.php");
?>
<body>
<?php
session_start();
unset($_SESSION["userID"]);
header("Location: login.php");
?>
</body>
</html>

2
website/public/profile.php
View File

@@ -22,7 +22,7 @@ if(empty($_GET["username"])) {
$userID = getUserID($_GET["username"]); $userID = getUserID($_GET["username"]);
} }
$user = selectUser($userID); $user = selectUser($_SESSION["userID"], $userID);
$profile_friends = selectAllFriends($userID); $profile_friends = selectAllFriends($userID);
$profile_groups = selectAllUserGroups($userID); $profile_groups = selectAllUserGroups($userID);
$posts = selectAllUserPosts($userID); $posts = selectAllUserPosts($userID);

95
website/public/register.php
View File

@@ -5,38 +5,97 @@
require_once("../queries/connect.php"); require_once("../queries/connect.php");
include_once("../queries/register.php"); include_once("../queries/register.php");
include_once("../queries/checkInput.php"); include_once("../queries/checkInput.php");
include_once("../queries/emailconfirm.php");
?> ?>
<body> <body>
<?php <?php
session_start(); session_start();
if(isset($_SESSION["userID"])){ if(isset($_SESSION["userID"])){
header("location: profile.php"); header("location: login.php");
} }
// define variables and set to empty values // define variables and set to empty values
$name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = ""; $name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $captcha = $ip = "";
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = ""; $genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $captchaErr = "";
$correct = true; $correct = true;
// Trying to register an account // Trying to register an account
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
checkInputChoice("name", "lettersAndSpace"); try {
checkInputChoice("surname", "lettersAndSpace"); $name = test_input(($_POST["name"]));
checkInputChoice($name, "lettersAndSpaces");
if (empty($_POST["bday"])) { } catch(lettersAndSpacesException $e){
$bdayErr = "Geboortedatum is verplicht!";
$correct = false; $correct = false;
$nameErr = $e->getMessage();
} else {
$bday = test_input($_POST["bday"]);
} }
checkInputChoice("username", "username"); try {
checkInputChoice("password", "longerEight"); $surname = test_input(($_POST["surname"]));
checkInputChoice("confirmpassword", ""); checkInputChoice($surname, "lettersAndSpaces");
matchPassword(); }
checkInputChoice("location", "lettersAndSpace"); catch(lettersAndSpacesException $e){
checkInputChoice("email", "email"); $correct = false;
registerCheck(); $surnameErr = $e->getMessage();
}
try{
$bday = test_input(($_POST["bday"]));
checkInputChoice($bday, "bday");
} catch(bdayException $e){
$correct = false;
$bdayErr = $e->getMessage();
}
try{
$username = str_replace(' ', '', test_input(($_POST["username"])));
checkInputChoice($username, "username");
} catch(usernameException $e){
$correct = false;
$usernameErr = $e->getMessage();
}
try{
$password = str_replace(' ', '', test_input(($_POST["password"])));
checkInputChoice($password, "longerEight");
matchPassword();
} catch(passwordException $e){
$correct = false;
$passwordErr = $e->getMessage();
} catch(confirmPasswordException $e){
$correct = false;
$confirmPasswordErr = $e->getMessage();
}
try{
$location = test_input(($_POST["location"]));
checkInputChoice($location, "lettersAndSpaces");
} catch(lettersAndSpacesException $e){
$correct = false;
$locationErr = $e->getMessage();
}
try{
$email = test_input(($_POST["email"]));
checkInputChoice($email, "email");
} catch(emailException $e){
$correct = false;
$emailErr = $e->getMessage();
}
try{
$captcha = $_POST['g-recaptcha-response'];
checkCaptcha($captcha);
} catch(captchaException $e){
$correct = false;
$captchaErr = $e->getMessage();
}
try {
getIp();
registerCheck($correct);
sendConfirmEmailUsername($username);
} catch(registerException $e){
$genericErr = $e->getMessage();
}
} }
/* This view adds register view */ /* This view adds register view */
include("../views/register-view.php"); include("../views/register-view.php");

37
website/public/settings.php
View File

@@ -12,23 +12,28 @@
</head> </head>
<body> <body>
<?php <?php
$notImplemented = new settingsMessage("angry", "Deze functie werkt nog niet :("); $alertClass;
$alertMessage;
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
switch ($_POST["form"]) { try {
case "profile": switch ($_POST["form"]) {
$result = updateSettings(); case "profile":
break; updateSettings();
case "password": break;
$result = changePassword(); case "password":
break; changePassword();
case "email": break;
$result = changeEmail(); case "email":
break; changeEmail();
case "picture": break;
updateProfilePicture(); case "picture":
$result = new settingsMessage("happy", "Deze melding doet nog niks nuttigs."); updateAvatar();
break; break;
}
} catch (AlertMessage $w) {
$alertClass = $w->getClass();
$alertMessage = $w->getMessage();
} }
} }
include("../views/main.php"); include("../views/main.php");

38
website/public/styles/chat.css
View File

@@ -1,34 +1,38 @@
/* Overall chat-screen */ /* Overall chat-screen */
.chat { .chat {
position: fixed; position: fixed;
top: 80px; top: 80px;
left: 256px; left: 256px;
padding: 20px 0;
width: calc(100% - 256px); width: calc(100% - 256px);
height: calc(100% - 120px); height: calc(100% - 120px);
display: inline-flex;
padding: 20px 0;
display: inline-block;
} }
.chat-left { #chat-recent-panel {
width: 256px; width: 256px;
height: calc(100% - 100px); height: calc(100% - 100px);
margin: 0 10px;
overflow-y: auto;
}
.chat-right { display: inline-block;
width: calc(100% - 256px - 40px);
height: calc(100% - 80px); overflow-y: auto;
margin-right: 10px;
} }
/* Chat history. */ /* Chat history. */
.chat-history { #chat-history {
overflow-y: auto; overflow-y: auto;
overflow-x: hidden; overflow-x: hidden;
height: 100%;
width: calc(100% - 256px - 75px);
height: calc(100% - 80px);
padding: 10px; padding: 10px;
display: inline-block;
word-wrap: break-word; word-wrap: break-word;
} }
@@ -36,7 +40,13 @@
.chat-message { .chat-message {
width: 100%; width: 100%;
min-height: 40px; min-height: 40px;
padding-top: 10px; padding: 10px 0;
clear: both;
}
.chat-message::after {
content: '';
display: table;
clear: both; clear: both;
} }
@@ -63,7 +73,7 @@
/* Chat reply field */ /* Chat reply field */
.chat-field { .chat-field {
width: 100%; width: calc(100% - 10px);
display: table; display: table;
} }

66
website/public/styles/index.css
View File

@@ -1,20 +1,19 @@
a.button { a.button {
background-color: #C8CABD; background-color: #C8CABD;
border-radius: 10px; border-radius: 5px;
color: black; color: black;
cursor: pointer; cursor: pointer;
height: 50%; height: 50%;
margin: 8px 0; padding: 8px 20px;
padding: 14px 20px; width: 50%;
width: 25%;
font-family: Arial; font-family: Arial;
font-size: 16px; font-size: 20px;
} }
/* Body */ /* Body */
body { body {
height: 100%; height: 100%;
background-color: #C8CABD; background-color: #FBC02D;
/*background-image: url(http://play.pokemonshowdown.com/fx/client-bg-shaymin.jpg); /*background-image: url(http://play.pokemonshowdown.com/fx/client-bg-shaymin.jpg);
background-size: cover; background-size: cover;
background-attachment: fixed;*/ background-attachment: fixed;*/
@@ -24,31 +23,14 @@ body {
font-family: Arial, sans-serif; font-family: Arial, sans-serif;
} }
/* The Close Button */
.close {
/* Position it in the top right corner outside of the modal */
color: white;
font-size: 100px;
font-weight: bold;
position: absolute;
right: 25px;
top: 0;
}
/* Close button on hover */
.close:hover,
.close:focus {
color: red;
cursor: pointer;
}
/* inlogform */ /* inlogform */
form { form {
/*background-color: #a87a87;*/ /*background-color: #a87a87;*/
border-radius: 12px; border-radius: 12px;
height: 70%; height: 75%;
margin: auto; margin: auto;
width: 70%; width: 80%;
overflow-y:auto; overflow-y:auto;
} }
@@ -72,24 +54,20 @@ input[type=text], input[type=password], input[type=email], input[type="date"] {
border-color: #C8CABD; border-color: #C8CABD;
display: inline-block; display: inline-block;
height: 60%; height: 60%;
font-size: 16px;
padding: 8px 20px; padding: 8px 20px;
margin: 4px 0; margin: 4px 0;
width: 70%; width: 55%;
} }
/*
input[type=text], input[type=password], input[type=email], input[type="date"] {
border: 0px;
border-bottom: 4px solid lightgray;
border-radius: 0px;
}*/
button[type=submit] { button[type=submit] {
background-color: #C8CABD; background-color: #C8CABD;
color: black ; color: black;
cursor: pointer; cursor: pointer;
font-family: Arial; font-family: Arial;
font-size: 16px; font-size: 22px;
width: 50%; height: 30px;
width: 120px;
} }
.error { .error {
@@ -106,12 +84,12 @@ label {
display: inline-block; display: inline-block;
position: relative; position: relative;
background-color: #C8CABD; background-color: #C8CABD;
height: 30px; height: 25px;
width: 90px; width: 120px;
padding: 3px 3px 3px 0px; padding: 3px 3px 3px 3px;
text-align: center; text-align: center;
border-radius: 0px 10px 10px 0px; border-radius: 0px 5px 5px 0px;
font-size: 24px; font-size: 22px;
} }
.left-arrow:after { .left-arrow:after {
@@ -121,9 +99,9 @@ label {
right: 100%; right: 100%;
top: 0; top: 0;
bottom: 0; bottom: 0;
border-top: 15px solid transparent; border-top: 12px solid transparent;
border-right: 20px solid #C8CABD; border-right: 20px solid #C8CABD;
border-bottom: 15px solid transparent; border-bottom: 12px solid transparent;
border-left: 0px solid transparent; border-left: 0px solid transparent;
} }
@@ -135,7 +113,7 @@ label {
/* padding voor login_containers */ /* padding voor login_containers */
.login_containerlogin { .login_containerlogin {
padding:25px; padding:16px;
text-align: center; text-align: center;
} }
@@ -163,7 +141,7 @@ label {
margin: 34px auto; margin: 34px auto;
overflow-y: auto; overflow-y: auto;
padding: 20px; padding: 20px;
width: 50%; width: 45%;
} }
/*.platform { /*.platform {

20
website/public/styles/main.css
View File

@@ -242,3 +242,23 @@ div[data-title]:hover:after {
line-height: normal; line-height: normal;
font-family: Arial, sans-serif; font-family: Arial, sans-serif;
} }
.friend {
}
.friend-item, .group-item {
cursor: pointer;
transition-duration: 250ms;
}
.friend-item:hover, .group-item:hover {
background: #FBC02D;
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
}
.friend-name {
display: inline-block;
vertical-align: middle;
}

38
website/public/styles/menu.css
View File

@@ -34,16 +34,6 @@
cursor: pointer; cursor: pointer;
} }
.friend-item, .group-item {
cursor: pointer;
transition-duration: 250ms;
}
.friend-item:hover, .group-item:hover {
background: #FBC02D;
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
}
.menu button { .menu button {
background: none; background: none;
color: inherit; color: inherit;
@@ -73,4 +63,32 @@
#quick-links i:hover { #quick-links i:hover {
color: #FBC02D; color: #FBC02D;
}
.notification-options {
display: none;
width: 100%;
}
.notification-options form {
width: 100%;
text-align: center;
}
.notification-options button {
display: inline-block;
padding: 5px 20px;
width: auto;
}
.accept-notification:hover {
color: #4CAF50;
}
.deny-notification:hover {
color: firebrick;
}
.friend-item:hover .notification-options {
display: inline-block;
} }

3
website/public/styles/profile.css
View File

@@ -78,8 +78,9 @@ div.posts .post form textarea.newpost {
font-size: 0.8em; font-size: 0.8em;
} }
.profile-button { input.profile-button {
float: right; float: right;
height: auto;
padding: 10px; padding: 10px;
border-radius: 5px; border-radius: 5px;
background-color: #4CAF50; background-color: #4CAF50;

207
website/queries/checkInput.php
View File

@@ -1,97 +1,139 @@
<?php <?php
/** /**
* Function for checking inputfields * Function for checking inputfields
* @param variable $variable Give name of the inputfield. * @param String $variable Give name of the inputfield.
* @param string $option Give the name of the option. * @param String $option Give the name of the option.
* @return sets correct to false and gives value to error message if it doesn't pass the checks. * @return sets correct to false and gives value to error message if it doesn't pass the checks.
*/ */
function checkInputChoice($variable, $option){ function checkInputChoice($variable, $option){
if (empty($_POST[$variable])) { switch ($option) {
$GLOBALS[$variable . "Err"] = "Verplicht!"; case "lettersAndSpaces";
$GLOBALS["correct"] = false; checkName($variable);
break;
} else { case "bday";
$GLOBALS[$variable] = test_input($_POST[$variable]); validateBday($variable);
switch ($option) { break;
case "lettersAndSpace":
checkonly($variable);
break;
case "username"; case "username";
username($variable); username($variable);
break; break;
case "longerEight"; case "longerEight";
longerEight($variable); longerEight($variable);
break; break;
case "email"; case "email";
validateEmail($variable); validateEmail($variable);
break; break;
default:
break;
default:
break;
}
} }
} }
/* Checks for only letters and spaces. */ /* Checks for only letters and spaces. */
function checkOnly($variable){ function checkName($variable){
if (!preg_match("/^[a-zA-Z ]*$/",$GLOBALS[$variable])) { if (empty($variable)) {
$GLOBALS[$variable . "Err"] = "Alleen letters en spaties zijn toegestaan!"; throw new lettersAndSpacesException("Verplicht!");
$correct = false; } else if (!preg_match("/^[a-zA-Z ]*$/", $variable)) {
throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
} }
} }
/* Checks for bday */
function validateBday($variable){
if (empty($variable)) {
throw new bdayException("Verplicht!");
} else {
if (!(validateDate($variable, "Y/m/d"))) {
throw new bdayException("Geen geldige datum");
} else {
$dateNow = date("Y/m/d");
if ($dateNow < $variable) {
throw new bdayException("Geen geldige datum");
}
}
}
}
// Checks for date
function validateDate($date, $format)
{
$d = DateTime::createFromFormat($format, $date);
return $d && $d->format($format) == $date;
}
/* checks if username exist and if its longer than 6 characters. */ /* checks if username exist and if its longer than 6 characters. */
function username($variable){ function username($variable){
if (strlen($GLOBALS[$variable]) < 6) { if (empty($variable)) {
$GLOBALS[$variable . "Err"] = "Gebruikersnaam moet minstens 6 karakters bevatten"; throw new usernameException("Verplicht!");
$correct = false; } else if (strlen($variable) < 6) {
throw new usernameException("Moet minstens 6 karakters bevatten");
} else if (getExistingUsername() == 1) { } else if (getExistingUsername() == 1) {
$GLOBALS[$variable . "Err"] = "Gebruikersnaam bestaat al"; throw new usernameException("Gebruikersnaam bestaal al");
$correct = false;
} }
} }
/* checks if an input is longer that 8 characters. */ /* checks if an input is longer that 8 characters. */
function longerEight($variable){ function longerEight($variable){
if (strlen($GLOBALS[$variable]) < 8) { if (empty($variable)) {
$GLOBALS[$variable . "Err"] = "Moet minstens 8 karakters bevatten"; throw new passwordException("Verplicht!");
$correct = false; } else if (strlen($variable) < 8) {
throw new passwordException("Moet minstens 8 karakters bevatten");
} }
} }
/* checks if an input is a valid email. */ /* checks if an input is a valid email. */
function validateEmail($variable){ function validateEmail($variable){
if (!filter_var($GLOBALS[$variable], FILTER_VALIDATE_EMAIL)) { if (empty($variable)) {
$GLOBALS[$variable . "Err"] = "Geldige email invullen!"; throw new emailException("Verplicht!");
$correct = false; } else if (!filter_var($variable, FILTER_VALIDATE_EMAIL)) {
throw new emailException("Geldige email invullen");
} else if (getExistingEmail() == 1){ } else if (getExistingEmail() == 1){
$GLOBALS[$variable . "Err"] = "Email bestaat al"; throw new emailException("Email bestaal al!");
$correct = false;
} }
} }
/* checks if two passwords matches. */ /* checks if two passwords matches. */
function matchPassword(){ function matchPassword(){
if ($_POST["password"] != $_POST["confirmpassword"]) { if ($_POST["password"] != $_POST["confirmpassword"]) {
$GLOBALS["confirmpasswordErr"] = "Wachtwoorden matchen niet"; throw new confirmPasswordException("Wachtwoorden matchen niet!");
$GLOBALS["correct"] = false;
} }
} }
// Checks if everything is filled in correctly /* Checks if captcha is correctly filled in */
function registerCheck(){ function checkCaptcha($captcha){
if ($GLOBALS["correct"] == false){ if(!$captcha){
$GLOBALS["genericErr"] = "Bepaalde velden zijn verkeerd of niet ingevuld!"; throw new captchaException("Captcha needs to be filled in!");
} else {
$response=json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6Lc72xIUAAAAAPizuF3nUbklCPljVCVzgYespz8o&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']));
if($response->success==false) {
throw new captchaException("You are a spammer!");
}
}
}
/* Get ip adres */
function getIp(){
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$GLOBALS["ip"] = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$GLOBALS["ip"] = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$GLOBALS["ip"] = $_SERVER['REMOTE_ADDR'];
}
}
/* Checks if everything is filled in correctly */
function registerCheck($status){
if ($status == false){
throw new registerException("Bepaalde velden zijn verkeerd of niet ingevuld");
} else { } else {
registerAccount(); registerAccount();
header("location: login.php"); header("location: login.php");
} }
} }
@@ -102,4 +144,69 @@ function test_input($data) {
$data = htmlspecialchars($data); $data = htmlspecialchars($data);
return $data; return $data;
} }
class lettersAndSpacesException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class bdayException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class usernameException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class passwordException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class confirmPasswordException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class emailException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class captchaException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class registerException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
?> ?>

42
website/queries/emailconfirm.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
function sendConfirmEmailUsername(string $username) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`userID`
FROM
`user`
WHERE
`username` = :username
");
$stmt->bindParam(":username", $username);
$stmt->execute();
$userID = $stmt->fetch()["username"];
sendConfirmEmail($userID);
}
function sendConfirmEmail(int $userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`email`,
`fname`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $userID);
$stmt->execute();
$user = $stmt->fetch();
$email = $user["email"];
$fname = $user["fname"];
$hash = password_hash($email, PASSWORD_DEFAULT);
$confirmLink = "https://myhyvesbookplus.nl/emailconfirm.php?u=$userID&h=$hash";
$subject = "Bevestig uw emailadres";
$body = "Hallo $fname,\r\n\r\nKlik op de onderstaande link om uw emailadres te bevestigen.\r\n\r\n$confirmLink\r\n\r\nGroeten MyHyvesbook+";
$header = "From: MyHyvesbook+ <noreply@myhyvesbookplus.nl>";
mail($email, $subject, $body, $header);
}

125
website/queries/friendship.php
View File

@@ -1,13 +1,16 @@
<?php <?php
require("connect.php");
function selectAllFriends($userID) { function selectAllFriends($userID) {
$stmt = $GLOBALS["db"]->prepare(" $stmt = $GLOBALS["db"]->prepare("
SELECT SELECT
`userID`, `userID`,
`username`, `username`,
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `name`,
IFNULL( IFNULL(
`profilepicture`, `profilepicture`,
'../img/notbad.jpg' '../img/avatar-standard.png'
) AS profilepicture, ) AS profilepicture,
`onlinestatus`, `onlinestatus`,
`role` `role`
@@ -36,9 +39,25 @@ function selectAllFriendRequests() {
SELECT SELECT
`userID`, `userID`,
`username`, `username`,
CASE `status` IS NULL
WHEN TRUE THEN 0
WHEN FALSE THEN
CASE `status` = 'confirmed'
WHEN TRUE THEN
1
WHEN FALSE THEN
CASE `user1ID` = :userID
WHEN TRUE THEN
2
WHEN FALSE THEN
3
END
END
END AS `friend_state`,
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `name`,
IFNULL( IFNULL(
`profilepicture`, `profilepicture`,
'../img/notbad.jpg' '../img/avatar-standard.png'
) AS profilepicture, ) AS profilepicture,
`onlinestatus`, `onlinestatus`,
`role` `role`
@@ -60,4 +79,106 @@ function selectAllFriendRequests() {
$stmt->execute(); $stmt->execute();
return json_encode($stmt->fetchAll()); return json_encode($stmt->fetchAll());
}
function getFriendshipStatus($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
CASE `status` IS NULL
WHEN TRUE THEN 0
WHEN FALSE THEN
CASE `status` = 'confirmed'
WHEN TRUE THEN
1
WHEN FALSE THEN
CASE `user1ID` = :me AND `user2ID` = :other
WHEN TRUE THEN
2
WHEN FALSE THEN
3
END
END
END AS `friend_state`
FROM
`friendship`
WHERE
`user1ID` = :other AND `user2ID` = :me OR
`user1ID` = :me AND `user2ID` = :other
");
$stmt->bindParam(':me', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':other', $userID, PDO::PARAM_INT);
$stmt->execute();
return $stmt->fetch()["friend_state"];
}
function requestFriendship($userID) {
$stmt = $GLOBALS["db"]->prepare("
INSERT INTO `friendship` (user1ID, user2ID)
VALUES (:user1, :user2)
");
$stmt->bindParam(':user1', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':user2', $userID, PDO::PARAM_INT);
$stmt->execute();
}
function removeFriendship($userID) {
$stmt = $GLOBALS["db"]->prepare("
DELETE FROM `friendship`
WHERE
`user1ID` = :user1 AND
`user2ID` = :user2 OR
`user1ID` = :user2 AND
`user2ID` = :user1
");
$stmt->bindParam(':user1', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':user2', $userID, PDO::PARAM_INT);
$stmt->execute();
}
function acceptFriendship($userID) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE `friendship`
SET `status`='confirmed'
WHERE
`user1ID` = :user1 AND
`user2ID` = :user2
LIMIT 1
");
$stmt->bindParam(':user1', $userID, PDO::PARAM_INT);
$stmt->bindParam(':user2', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->execute();
}
function setLastVisited($friend) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`friendship`
SET `friendship`.chatLastVisted1=(
CASE `user1ID` = :sessionUser
WHEN TRUE THEN NOW()
WHEN FALSE THEN `chatLastVisted1`
END
),
`friendship`.`chatLastVisted2`=(
CASE `user2ID` = :sessionUser
WHEN TRUE THEN NOW()
WHEN FALSE THEN `chatLastVisted2`
END
)
WHERE
`user1ID` = :sessionUser AND
`user2ID` = :friend OR
`user2ID` = :sessionUser AND
`user1ID` = :friend;
");
$stmt->bindParam(':sessionUser', $_SESSION["userID"], PDO::PARAM_INT);
$stmt->bindParam(':friend', $friend, PDO::PARAM_INT);
$stmt->execute();
return $stmt;
} }

2
website/queries/header.php
View File

@@ -6,7 +6,7 @@ function getHeaderInfo() {
`lname`, `lname`,
IFNULL( IFNULL(
`profilepicture`, `profilepicture`,
'img/notbad.jpg' 'img/avatar-standard.png'
) AS profilepicture ) AS profilepicture
FROM FROM
`user` `user`

46
website/queries/login.php
View File

@@ -4,7 +4,8 @@ function getUser() {
$stmt = $GLOBALS["db"]->prepare(" $stmt = $GLOBALS["db"]->prepare("
SELECT SELECT
`password`, `password`,
`userID` `userID`,
`role`
FROM FROM
`user` `user`
WHERE WHERE
@@ -15,3 +16,46 @@ function getUser() {
$stmt->execute(); $stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC); return $stmt->fetch(PDO::FETCH_ASSOC);
} }
function validateLogin($username, $password){
// Empty username or password field
if (empty($username) || empty($password)) {
throw new loginException("Gebruikersnaam of wachtwoord is niet ingevuld");
}
else {
$psw = test_input($password);
$hash = getUser()["password"];
$userID = getUser()["userID"];
$role = getUser()["role"];
// If there's an account, go to the profile page
if(password_verify($psw, $hash)) {
if ($role == "banned"){
echo "<script>
window.onload=bannedAlert();
</script>";
} else if ($role == "unconfirmed"){
sendConfirmEmail(getUser()["userID"]);
echo "<script>
window.onload=emailNotConfirmed();
</script>";
} else {
$_SESSION["userID"] = $userID;
header("location: profile.php");
}
} else {
throw new loginException("Inloggevens zijn niet correct");
}
}
}
class loginException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
?>

36
website/queries/private_message.php
View File

@@ -74,3 +74,39 @@ function getNewChatMessages($lastID, $destination) {
return json_encode($stmt->fetchAll()); return json_encode($stmt->fetchAll());
} }
function selectAllUnreadChat() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `name`,
`user`.`userID`,
IFNULL(
`profilepicture`,
'../img/notbad.jpg'
) AS profilepicture,
LEFT(`private_message`.`content`, 15) as `content`
FROM
`private_message`,
`friendship`,
`user`
WHERE
(`friendship`.user2ID = `private_message`.`origin` AND
`friendship`.user1ID = `private_message`.`destination` AND
`friendship`.chatLastVisted1 < `private_message`.`creationdate` OR
`friendship`.user1ID = `private_message`.`origin` AND
`friendship`.user2ID = `private_message`.`destination` AND
`friendship`.chatLastVisted2 < `private_message`.`creationdate`) AND
`private_message`.`origin` = `user`.`userID` AND
`private_message`.`destination` = :userID AND
`user`.`role` != 'banned'
GROUP BY `user`.`userID`
");
$stmt->bindParam(':userID', $_SESSION["userID"]);
$stmt->execute();
return json_encode($stmt->fetchAll());
}

153
website/queries/settings.php
View File

@@ -1,35 +1,35 @@
<?php <?php
include_once "../queries/emailconfirm.php";
class settingsMessage { abstract class AlertMessage extends Exception {
private $class; public function __construct($message = "", $code = 0, Exception $previous = null)
private $message; {
parent::__construct($message, $code, $previous);
}
/** abstract public function getClass();
* settingsMessage constructor. }
* @param string $type Happy or angry
* @param string $message The message to display class HappyAlert extends AlertMessage {
*/
public function __construct($type, $message) { public function __construct($message = "Gelukt!", $code = 0, Exception $previous = null)
$this->message = $message; {
switch ($type) { parent::__construct($message, $code, $previous);
case "happy":
$this->class = "settings-message-happy";
break;
case "angry":
$this->class = "settings-message-angry";
break;
default:
$this->class = "settings-message";
break;
}
} }
public function getClass() { public function getClass() {
return $this->class; return "settings-message-happy";
}
}
class AngryAlert extends AlertMessage {
public function __construct($message = "Er is iets fout gegaan.", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
} }
public function getMessage() { public function getClass() {
return $this->message; return "settings-message-angry";
} }
} }
@@ -94,24 +94,19 @@ function updateSettings() {
$stmt->bindValue(":bio", test_input($_POST["bio"])); $stmt->bindValue(":bio", test_input($_POST["bio"]));
$stmt->bindValue(":userID", $_SESSION["userID"]); $stmt->bindValue(":userID", $_SESSION["userID"]);
$stmt->execute(); $stmt->execute();
throw new HappyAlert("Instellingen zijn opgeslagen.");
return new settingsMessage("happy", "Instellingen zijn opgeslagen.");
} }
function changePassword() { function changePassword() {
$user = getPasswordHash(); $user = getPasswordHash();
if (password_verify($_POST["password-old"], $user["password"])) { if (password_verify($_POST["password-old"], $user["password"])) {
if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) { if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
if (doChangePassword()) { doChangePassword();
return new settingsMessage("happy", "Wachtwoord gewijzigd.");
} else {
return new settingsMessage("angry", "Er is iets mis gegaan.");
}
} else { } else {
return new settingsMessage("angry", "Wachtwoorden komen niet oveen."); throw new AngryAlert("Wachtwoorden komen niet overeen.");
} }
} else { } else {
return new settingsMessage("angry", "Oud wachtwoord niet correct."); throw new AngryAlert("Oud wachtwoord niet correct.");
} }
} }
@@ -129,7 +124,12 @@ function doChangePassword() {
$stmt->bindParam(":new_password", $hashed_password); $stmt->bindParam(":new_password", $hashed_password);
$stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute(); $stmt->execute();
return $stmt->rowCount();
if ($stmt->rowCount()) {
throw new HappyAlert("Wachtwoord gewijzigd.");
} else {
throw new AngryAlert();
}
} }
function changeEmail() { function changeEmail() {
@@ -138,20 +138,13 @@ function changeEmail() {
$email = strtolower($_POST["email"]); $email = strtolower($_POST["email"]);
if (filter_var($email, FILTER_VALIDATE_EMAIL)) { if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
//check if email exists //check if email exists
if (emailIsAvailableInDatabase($email)) { emailIsAvailableInDatabase($email);
if (doChangeEmail($email)) { doChangeEmail($email);
return new settingsMessage("happy", "Emailadres is veranderd.");
} else {
return new settingsMessage("angry", "Er is iets mis gegaan.");
}
} else {
return new settingsMessage("angry", "Emailadres bestaat al.");
}
} else { } else {
return new settingsMessage("angry", "Geef een geldig emailadres."); throw new AngryAlert("Geef een geldig emailadres");
} }
} else { } else {
return new settingsMessage("angry", "Emailadressen komen niet overeen."); throw new AngryAlert("Emailadressen komen niet overeen.");
} }
} }
@@ -161,13 +154,15 @@ function emailIsAvailableInDatabase($email) {
`email` `email`
FROM FROM
`user` `user`
WHERE WHERE
`email` = :email `email` = :email
"); ");
$stmt->bindParam(":email", $email); $stmt->bindParam(":email", $email);
$stmt->execute(); $stmt->execute();
return !$stmt->rowCount(); if ($stmt->rowCount()) {
throw new AngryAlert("Emailadres wordt al gebruikt.");
}
} }
function doChangeEmail($email) { function doChangeEmail($email) {
@@ -175,25 +170,46 @@ function doChangeEmail($email) {
UPDATE UPDATE
`user` `user`
SET SET
`email` = :email `email` = :email,
`role` = 'unconfirmed'
WHERE WHERE
`userID` = :userID `userID` = :userID
"); ");
$stmt->bindParam(":email", $email); $stmt->bindParam(":email", $email);
$stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute(); $stmt->execute();
return $stmt->rowCount();
if ($stmt->rowCount()) {
sendConfirmEmail($_SESSION["userID"]);
session_destroy();
throw new HappyAlert("Emailadres is veranderd.");
} else {
throw new AngryAlert();
}
} }
function updateProfilePicture() { function updateAvatar() {
$profilePictureDir = "/var/www/html/public/"; $profilePictureDir = "/var/www/html/public/";
$relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_" . basename($_FILES["pp"]["name"]); $tmpImg = $_FILES["pp"]["tmp_name"];
removeOldProfilePicture();
move_uploaded_file($_FILES['pp']['tmp_name'], $profilePictureDir . $relativePath); checkAvatarSize($tmpImg);
setProfilePictureToDatabase("../" . $relativePath); removeOldAvatar();
if (getimagesize($tmpImg)["mime"] == "image/gif") {
if ($_FILES["pp"]["size"] > 4000000) {
throw new AngryAlert("Bestand is te groot, maximaal 4MB toegestaan.");
}
$relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_avatar.gif";
move_uploaded_file($tmpImg, $profilePictureDir . $relativePath);
} else {
$relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_avatar.png";
$scaledImg = scaleAvatar($tmpImg);
imagepng($scaledImg, $profilePictureDir . $relativePath);
}
setAvatarToDatabase("../" . $relativePath);
throw new HappyAlert("Profielfoto veranderd.");
} }
function removeOldProfilePicture() { function removeOldAvatar() {
$stmt = $GLOBALS["db"]->prepare(" $stmt = $GLOBALS["db"]->prepare("
SELECT SELECT
`profilepicture` `profilepicture`
@@ -205,20 +221,39 @@ function removeOldProfilePicture() {
$stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute(); $stmt->execute();
$old_avatar = $stmt->fetch()["profilepicture"]; $old_avatar = $stmt->fetch()["profilepicture"];
unlink("/var/www/html/public/uploads/" . $old_avatar); if ($old_avatar != NULL) {
unlink("/var/www/html/public/uploads/" . $old_avatar);
}
} }
function setProfilePictureToDatabase($url) { function setAvatarToDatabase(string $url) {
$stmt = $GLOBALS["db"]->prepare(" $stmt = $GLOBALS["db"]->prepare("
UPDATE UPDATE
`user` `user`
SET SET
`profilepicture` = :profilePicture `profilepicture` = :avatar
WHERE WHERE
`userID` = :userID `userID` = :userID
"); ");
$stmt->bindParam(":profilePicture", $url); $stmt->bindParam(":avatar", $url);
$stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute(); $stmt->execute();
}
function checkAvatarSize(string $img) {
$minResolution = 200;
$imgSize = getimagesize($img);
if ($imgSize[0] < $minResolution or $imgSize[1] < $minResolution) {
throw new AngryAlert("Afbeelding te klein, minimaal 200x200 pixels.");
}
}
function scaleAvatar(string $imgLink, int $newWidth = 600) {
$img = imagecreatefromstring(file_get_contents($imgLink));
if ($img) {
return imagescale($img, $newWidth);
} else {
throw new AngryAlert("Afbeelding wordt niet ondersteund.");
}
} }

87
website/queries/user.php
View File

@@ -17,27 +17,64 @@ function getUserID($username) {
return $stmt->fetch()["userID"]; return $stmt->fetch()["userID"];
} }
function selectUser($userID) { function getUsername($userID) {
$stmt = $GLOBALS["db"]->prepare(" $stmt = $GLOBALS["db"]->prepare("
SELECT SELECT
`username`, `username`
IFNULL(
`profilepicture`,
'../img/notbad.jpg'
) AS profilepicture,
`bio`,
`role`,
`onlinestatus`,
`loggedin`,
`fname`,
`lname`
FROM FROM
`user` `user`
WHERE WHERE
`userID` = :userID `userID` = :userID
"); ");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT); $stmt->bindParam(':userID', $userID, PDO::PARAM_STR);
$stmt->execute();
return $stmt->fetch()["username"];
}
function selectUser($me, $other) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`,
`birthdate`,
`location`,
IFNULL(
`profilepicture`,
'../img/avatar-standard.png'
) AS profilepicture,
`bio`,
`user`.`creationdate`,
`onlinestatus`,
`fname`,
`lname`,
CASE `status` IS NULL
WHEN TRUE THEN 0
WHEN FALSE THEN
CASE `status` = 'confirmed'
WHEN TRUE THEN
1
WHEN FALSE THEN
CASE `user1ID` = `userID` AND `user2ID` = :me
WHEN TRUE THEN
2
WHEN FALSE THEN
3
END
END
END AS `friend_status`
FROM
`user`
LEFT JOIN
`friendship`
ON
`user1ID` = `userID` AND `user2ID` = :me OR
`user1ID` = :me AND `user2ID` = `userID`
WHERE
`user`.`userID` = :other
");
$stmt->bindParam(':me', $me, PDO::PARAM_INT);
$stmt->bindParam(':other', $other, PDO::PARAM_INT);
$stmt->execute(); $stmt->execute();
return $stmt->fetch(); return $stmt->fetch();
} }
@@ -68,18 +105,24 @@ function selectAllUserGroups($userID) {
function selectAllUserPosts($userID) { function selectAllUserPosts($userID) {
$stmt = $GLOBALS["db"]->prepare(" $stmt = $GLOBALS["db"]->prepare("
SELECT SELECT
`postID`, `postID`,
`author`, `author`,
`title`, `title`,
`content`, CASE LENGTH(`content`) >= 150
`creationdate` WHEN TRUE THEN
CONCAT(LEFT(`content`, 150), '...')
WHEN FALSE THEN
`content`
END
AS `content`,
`creationdate`
FROM FROM
`post` `post`
WHERE WHERE
`author` = :userID AND `author` = :userID AND
`groupID` IS NULL `groupID` IS NULL
ORDER BY ORDER BY
`creationdate` DESC `creationdate` DESC
"); ");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT); $stmt->bindParam(':userID', $userID, PDO::PARAM_INT);

23
website/views/chat-view.php
View File

@@ -1,6 +1,6 @@
<div class="content"> <div class="content">
<div class="chat"> <div class="chat">
<nav class="nav-list chat-left left platform chat-recent"> <nav class="nav-list platform" id="chat-recent-panel">
<h5>Chats</h5> <h5>Chats</h5>
<ul> <ul>
<?php <?php
@@ -16,8 +16,9 @@
// Set default values of a friend. // Set default values of a friend.
$username = $friend["username"]; $username = $friend["username"];
$name = $friend["name"];
$userID = $friend["userID"]; $userID = $friend["userID"];
$pf = "img/notbad.jpg"; $pf = "img/avatar-standard.png";
// Change values if needed. // Change values if needed.
if (!empty($friend["profilepicture"])) if (!empty($friend["profilepicture"]))
@@ -28,17 +29,25 @@
<li class='friend-item' id='friend-item-$userID' onclick='switchUser(\"$userID\")'> <li class='friend-item' id='friend-item-$userID' onclick='switchUser(\"$userID\")'>
<div class='friend'> <div class='friend'>
<img alt='PF' class='profile-picture' src='$pf'/> <img alt='PF' class='profile-picture' src='$pf'/>
$username <div class='friend-name'>
$name<br/>
<span style='color: #666'>$username</span>
</div>
</div> </div>
</li> </li>
"; ";
}
$chatID = $_GET["chatID"];
if (isset($chatID) && $chatID != "") {
echo "<script>$(document).ready(function(){switchUser('$chatID')});</script>";
} }
?> ?>
</ul> </ul>
</nav> </nav>
<div class="chat-right"> <div id="chat-history" class="chat-history platform">
<div id="chat-history" class="chat-history platform"> </div>
</div> <div>
<form id="lastIDForm"> <form id="lastIDForm">
<input type="hidden" <input type="hidden"
id="lastID" id="lastID"

3
website/views/loadFriends.php Normal file
View File

@@ -0,0 +1,3 @@
<?php
echo json_encode(selectAllFriends($_SESSION["userID"])->fetchAll());

5
website/views/login_head.php
View File

@@ -7,6 +7,7 @@
<link rel="stylesheet" <link rel="stylesheet"
type="text/css" type="text/css"
href="styles/index.css"> href="styles/index.css">
<script src="/js/jqeury.js"></script> <script src="js/jqeury.js"></script>
<script src="/js/registerAndLogin.js"></script> <script src="js/registerAndLogin.js"></script>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head> </head>

8
website/views/menu.php
View File

@@ -35,6 +35,7 @@
foreach ($friends as $i => $friend) { foreach ($friends as $i => $friend) {
$username = $friend["username"]; $username = $friend["username"];
$name = $friend["name"];
$extraItem = ""; $extraItem = "";
$pf = $friend["profilepicture"]; $pf = $friend["profilepicture"];
@@ -49,7 +50,10 @@
value='$username'> value='$username'>
<div class='friend'> <div class='friend'>
<img alt='PF' class='profile-picture' src='$pf'/> <img alt='PF' class='profile-picture' src='$pf'/>
$username <div class='friend-name'>
$name<br/>
<span style='color: #666'>$username</span>
</div>
</div> </div>
</button> </button>
</form> </form>
@@ -127,4 +131,4 @@
</li> </li>
</ul> </ul>
</section> </section>
</nav> </nav>

10
website/views/notification-center.php
View File

@@ -5,12 +5,20 @@
<a href="profile.php"><i class="fa fa-user" data-title="Profiel"></i></a> <a href="profile.php"><i class="fa fa-user" data-title="Profiel"></i></a>
<a href="logout.php"><i class="fa fa-sign-out" data-title="Uitloggen"></i></a> <a href="logout.php"><i class="fa fa-sign-out" data-title="Uitloggen"></i></a>
</section> </section>
<section id="notifocationCenter"> <section>
<h4> <h4>
Vriendchapsverzoeken Vriendchapsverzoeken
</h4> </h4>
<ul class="nav-list" id="friendrequestslist"> <ul class="nav-list" id="friendrequestslist">
</ul>
</section>
<section>
<h4>
Nieuwe berichten
</h4>
<ul class="nav-list" id="unreadChatlist">
</ul> </ul>
</section> </section>
</nav> </nav>

27
website/views/profile.php
View File

@@ -1,11 +1,24 @@
<div class="content"> <div class="content">
<div class="profile-box platform"> <div class="profile-box platform">
<img class="left profile-picture" src="<?php echo $user["profilepicture"] ?>"> <img class="left profile-picture" src="<?php echo $user["profilepicture"] ?>">
<div class="profile-button">
<p><img src="/img/add-friend.png"> Als vriend toevoegen</p> <form action="API/edit_friendship.php" method="post">
</div> <input type="hidden" name="userID" value="<?= $userID ?>">
<h1 class="profile-username"><?=$user["username"]?></h1> <?php
<h5 class="profile-username"><?= $user["fname"]?> <?=$user["lname"]?></h5> if($userID != $_SESSION["userID"] AND $user["friend_status"] == 0) {
echo "<input class='profile-button' type='submit' name='request' value='Stuur vriendschapsverzoek!'>";
} else if($user["friend_status"] == 1) {
echo "<input class='profile-button' type='submit' name='delete' value='Verwijder vriend!'>";
} else if($user["friend_status"] == 2) {
echo "<input class='profile-button' type='submit' name='accept' value='Accepteer vriendschapsverzoek!'>";
echo "<input class='profile-button' type='submit' name='delete' value='Weiger vriendschapsverzoek!'>";
} else if($user["friend_status"] == 3) {
echo "<input class='profile-button' type='submit' name='delete' value='Trek vriendschapsverzoek in!'>";
}
?>
</form>
<h1 class="profile-username"><?= $user["fname"]?> <?=$user["lname"]?></h1>
<h5 class="profile-username"><?=$user["username"]?></h5>
<p><?=$user["bio"]?></p> <p><?=$user["bio"]?></p>
</div> </div>
@@ -14,7 +27,7 @@
<p> <p>
<?php <?php
while($friend = $profile_friends->fetch()) { while($friend = $profile_friends->fetch()) {
echo "<a href='/profile/${friend["username"]}/' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>"; echo "<a href='profile.php?username=${friend["username"]}' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>";
} }
@@ -47,7 +60,7 @@
<div class="post platform"> <div class="post platform">
<form> <form>
<input type="text" class="newpost" placeholder="Titel"> <input type="text" class="newpost" placeholder="Titel">
<textarea class="newpost">Schrijf een berichtje...</textarea> <textarea class="newpost" placeholder="Schrijf een berichtje..."></textarea>
<input type="submit" value="Plaats!"> <input type="submit" value="Plaats!">
</form> </form>
</div> </div>

24
website/views/register-view.php
View File

@@ -41,11 +41,12 @@
<!-- Register birthday --> <!-- Register birthday -->
<div class="login_containerregister"> <div class="login_containerregister">
<label><b>Geboortedatum</b></label> <label><b>Geboortedatum</b></label>
<input type="date" <input type="text"
name="bday" name="bday"
value="<?php echo $bday ?>" value="<?php echo $bday ?>"
id="bday" id="bday"
placeholder="01/01/1900" placeholder="1996/01/01"
data-fv-date-max=""
> >
*<span class="error"> <?php echo $bdayErr;?></span> *<span class="error"> <?php echo $bdayErr;?></span>
</div> </div>
@@ -95,7 +96,7 @@
<!-- Register location --> <!-- Register location -->
<div class="login_containerregister"> <div class="login_containerregister">
<label><b>Woonplaats</b></label> <label><b>Locatie</b></label>
<input type="text" <input type="text"
placeholder="Voer uw woonplaats in" placeholder="Voer uw woonplaats in"
name="location" name="location"
@@ -117,18 +118,23 @@
*<span class="error"> <?php echo $emailErr;?></span> *<span class="error"> <?php echo $emailErr;?></span>
</div> </div>
<!-- Button for registering -->
<div class="login_containerregister"> <div class="login_containerregister">
<div class="g-recaptcha" data-sitekey="6Lc72xIUAAAAADumlWetgENm7NGd9Npyo0c_tYYQ"></div>
<span class="error"> <?php echo $captchaErr;?></span>
</div>
<!-- Button for registering -->
<div class="login_containerlogin">
<!-- Button for going back to login screen -->
<a href="https://myhyvesbookplus.nl/login.php" class="left-arrow">Login</a>
<button type="submit" <button type="submit"
value="Registreer uw account" value="Registreer uw account"
name="Submit" name="Submit"
id="frm1_submit"> id="frm1_submit">
Registreer Registreer
</button> </button>
</div>
</div>
</form> </form>
<div class="login_containerlogin">
<!-- Button for going back to login screen -->
<a href="https://myhyvesbookplus.nl/login.php" class="left-arrow">Login</a>
</div>
</div> </div>

9
website/views/settings-view.php
View File

@@ -6,9 +6,9 @@ $settings = getSettings();
<div class="settings"> <div class="settings">
<?php <?php
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
echo "<div class='platform settings-message ". $result->getClass()."'>". echo "<div class='platform settings-message $alertClass '>
$result->getMessage(). $alertMessage
"</div>"; </div>";
} }
?> ?>
<form class="settings-profile platform" method="post"> <form class="settings-profile platform" method="post">
@@ -81,7 +81,8 @@ $settings = getSettings();
<label>Selecteer foto</label> <label>Selecteer foto</label>
<input type="file" <input type="file"
name="pp" name="pp"
accept="image/jpeg,image/gif,image/png" accept="image/*"
size="4000000"
> >
</li> </li>
<li> <li>