comments

Marijn groups

See merge request !201

website/public/groupAdmin.php

@@ -21,6 +21,8 @@ require_once "../queries/alerts.php";
 include("../views/main.php");
 $alertClass;
 $alertMessage;
+
+// Select which button has been pressed.
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
     try {
         switch ($_POST["form"]) {
@@ -44,6 +46,15 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
                 }
                 upgradeUser($_POST["groupID"], $_POST["userID"], "admin");
                 break;
+            case "deadmin":
+                if (!array_key_exists("userID", $_POST)) {
+                    throw new AngryAlert("Geen gebruiker geselecteerd.");
+                }
+                upgradeUser($_POST["groupID"], $_POST["userID"], "member");
+                break;
+            case "delete":
+                deleteGroup();
+                break;
         }
     } catch (AlertMessage $w) {
         $alertClass = $w->getClass();

website/public/settings.php

@@ -14,6 +14,8 @@
 <?php
 $alertClass;
 $alertMessage;
+
+// Select which button has been pressed.
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
     try {
         switch ($_POST["form"]) {
@@ -29,7 +31,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
             case "picture":
                 updateAvatar();
                 break;
-
         }
     } catch (AlertMessage $w) {
         $alertClass = $w->getClass();

website/queries/checkInput.php

@@ -41,7 +41,11 @@ function checkInputChoice($variable, $option){
     }
 }
 
-/* Checks for only letters and spaces. */
+/**
+ * Checks for only letters and spaces.
+ * @param $variable
+ * @throws lettersAndSpacesException
+ */
 function checkName($variable){
     if (empty($variable)) {
         throw new lettersAndSpacesException("Verplicht!");
@@ -52,7 +56,11 @@ function checkName($variable){
     }
 }
 
-/* Checks for bday */
+/**
+ * Checks for bday
+ * @param $variable
+ * @throws bdayException
+ */
 function validateBday($variable){
     if (empty($variable)) {
         throw new bdayException("Verplicht!");
@@ -219,6 +227,9 @@ function test_input($data) {
     return $data;
 }
 
+/**
+ * Class lettersAndSpacesException
+ */
 class lettersAndSpacesException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -227,7 +238,9 @@ class lettersAndSpacesException extends Exception
     }
 }
 
-
+/**
+ * Class bdayException
+ */
 class bdayException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -236,6 +249,9 @@ class bdayException extends Exception
     }
 }
 
+/**
+ * Class usernameException
+ */
 class usernameException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -244,6 +260,9 @@ class usernameException extends Exception
     }
 }
 
+/**
+ * Class passwordException
+ */
 class passwordException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -252,6 +271,9 @@ class passwordException extends Exception
     }
 }
 
+/**
+ * Class confirmPasswordException
+ */
 class confirmPasswordException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -260,6 +282,9 @@ class confirmPasswordException extends Exception
     }
 }
 
+/**
+ * Class fbConfirmPasswordException
+ */
 class fbConfirmPasswordException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -268,6 +293,9 @@ class fbConfirmPasswordException extends Exception
     }
 }
 
+/**
+ * Class emailException
+ */
 class emailException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -276,6 +304,9 @@ class emailException extends Exception
     }
 }
 
+/**
+ * Class confirmEmailException
+ */
 class confirmEmailException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -284,6 +315,9 @@ class confirmEmailException extends Exception
     }
 }
 
+/**
+ * Class captchaException
+ */
 class captchaException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)
@@ -292,6 +326,9 @@ class captchaException extends Exception
     }
 }
 
+/**
+ * Class registerException
+ */
 class registerException extends Exception
 {
     public function __construct($message = "", $code = 0, Exception $previous = null)

website/queries/connect.php

@@ -10,6 +10,11 @@ else {
     or die('Error connecting to mysql server');
 }
 
+/**
+ * Helperfunction to create a database query.
+ * @param string $query
+ * @return PDOStatement
+ */
 function prepareQuery(string $query) : PDOStatement {
     return $GLOBALS["db"]->prepare($query);
 }

website/queries/createGroup.php

@@ -2,8 +2,13 @@
 require_once "../queries/checkInput.php";
 require_once "../queries/picture.php";
 require_once "../queries/alerts.php";
+
+/**
+ * Creates a group.
+ */
 function createGroup()
 {
+    // Creates the group.
     $createGroup = prepareQuery("
     INSERT INTO
         `group_page` (`name`, `description`)
@@ -13,6 +18,7 @@ function createGroup()
     $createGroup->bindValue(':description', test_input($_POST["bio"]));
     $createGroup->execute();
 
+    // Gets the groupID just created.
     $getGroupID = prepareQuery("
     SELECT
         `groupID`
@@ -24,6 +30,7 @@ function createGroup()
     $getGroupID->execute();
     $groupID = $getGroupID->fetch()["groupID"];
 
+    // Adds the user as an admin.
     $makeUserAdmin = prepareQuery("
     INSERT INTO
         `group_member` (userID, groupID, role)

website/queries/emailconfirm.php

@@ -1,5 +1,8 @@
 <?php
-
+/**
+ * Sends a confirm email if you know the username.
+ * @param string $username
+ */
 function sendConfirmEmailUsername(string $username) {
     $stmt = prepareQuery("
     SELECT
@@ -15,6 +18,10 @@ function sendConfirmEmailUsername(string $username) {
     sendConfirmEmail($userID);
 }
 
+/**
+ * Sends a confirm email if you know the userID.
+ * @param int $userID
+ */
 function sendConfirmEmail(int $userID) {
     $stmt = prepareQuery("
     SELECT 

website/queries/groupAdmin.php

@@ -1,4 +1,9 @@
 <?php
+/**
+ * Gets the current settings for a group.
+ * @param int $groupID
+ * @return mixed
+ */
 function getGroupSettings(int $groupID) {
     $stmt = prepareQuery("
     SELECT
@@ -15,6 +20,12 @@ function getGroupSettings(int $groupID) {
     return $stmt->fetch();
 }
 
+/**
+ * Updates the settings for a group.
+ * @param int $groupID
+ * @throws AngryAlert
+ * @throws HappyAlert
+ */
 function updateGroupSettings(int $groupID)
 {
     if (!checkGroupAdmin($groupID, $_SESSION["userID"])) {
@@ -40,6 +51,12 @@ function updateGroupSettings(int $groupID)
     }
 }
 
+/**
+ * Checks if an user is an admin for a page.
+ * @param int $groupID
+ * @param int $userID
+ * @return bool
+ */
 function checkGroupAdmin(int $groupID, int $userID) : bool {
     $stmt = prepareQuery("
     SELECT
@@ -60,7 +77,40 @@ function checkGroupAdmin(int $groupID, int $userID) : bool {
     return ($role == "admin");
 }
 
-function getAllGroupMembers(int $groupID) {
+/**
+ * Returns all normal members for a group.
+ * @param int $groupID
+ * @return array|bool
+ */
+function getAllGroupUsers(int $groupID) {
+    return getAllGroupMembers($groupID, 'member');
+}
+
+/**
+ * Returns all admin for a group.
+ * @param int $groupID
+ * @return array|bool
+ */
+function getAllGroupAdmins(int $groupID) {
+    return getAllGroupMembers($groupID, 'admin');
+}
+
+/**
+ * Returns all Moderators for a group.
+ * @param int $groupID
+ * @return array|bool
+ */
+function getAllGroupMods(int $groupID) {
+    return getAllGroupMembers($groupID, 'mod');
+}
+
+/**
+ * Returns all members for a group specified by a string.
+ * @param int $groupID
+ * @param string $role
+ * @return array|bool
+ */
+function getAllGroupMembers(int $groupID, string $role) {
     $stmt = prepareQuery("
         SELECT
           `username`,
@@ -74,16 +124,25 @@ function getAllGroupMembers(int $groupID) {
         ON
           `group_member`.`userID` = `user`.`userID`
         WHERE
-          `groupID` = :groupID AND `group_member`.`role` = 'member'
+          `groupID` = :groupID AND `group_member`.`role` = :role
     ");
 
     $stmt->bindParam(':groupID', $groupID);
+    $stmt->bindParam(":role", $role);
     if (!$stmt->execute()) {
         return False;
     }
     return $stmt->fetchAll();
 }
 
+/**
+ * Upgrades or downgrades a groupmember to a different role.
+ * @param int $groupID
+ * @param int $userID
+ * @param string $role
+ * @throws AngryAlert
+ * @throws HappyAlert
+ */
 function upgradeUser(int $groupID, int $userID, string $role) {
     if (!checkGroupAdmin($groupID, $_SESSION["userID"])) {
         throw new AngryAlert("Geen toestemming om te wijzigen");
@@ -107,3 +166,27 @@ function upgradeUser(int $groupID, int $userID, string $role) {
         throw new AngryAlert("Er is iets mis gegaan");
     }
 }
+
+/**
+ * Removes a group form the database.
+ * @throws AngryAlert
+ * @throws HappyAlert
+ */
+function deleteGroup() {
+    if (!checkGroupAdmin($_POST["groupID"], $_SESSION["userID"])) {
+        throw new AngryAlert("Geen toestemming om de groep te verwijderen!");
+    }
+    $stmt = prepareQuery("
+    DELETE FROM
+        `group_page`
+    WHERE
+        `groupID` = :groupID
+    ");
+    $stmt->bindValue(":groupID", $_POST["groupID"]);
+    $stmt->execute();
+    if ($stmt->rowCount()) {
+        throw new HappyAlert("Group verwijderd!");
+    } else {
+        throw new AngryAlert("Er is iets mis gegaan");
+    }
+}

website/queries/login.php

@@ -1,6 +1,9 @@
 <?php
 
-//Find matching password with the inputted username/emailadress.
+/**
+ * Find matching password with the inputted username/emailadress.
+ * @return mixed
+ */
 function getUser() {
     $stmt = prepareQuery("
     SELECT

website/queries/post.php

@@ -281,6 +281,12 @@ function checkPermissionOnPost(int $postID, int $userID) : bool {
     }
 }
 
+/**
+ * Returns role of an user.
+ * @param int $userID
+ * @param int $groupID
+ * @return mixed role of an user.
+ */
 function getRoleInGroup(int $userID, int $groupID) {
     $stmt = prepareQuery("
     SELECT

website/queries/settings.php

@@ -16,7 +16,10 @@ function getSettings() {
       `location`,
       `birthdate`,
       `bio`,
+      IFNULL(
                 `profilepicture`,
+                '../img/avatar-standard.png'
+            ) AS profilepicture,
       `showBday`,
       `showEmail`,
       `showProfile`

website/views/groupAdmin.php

@@ -16,7 +16,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
                 <li>
                     <label></label>
                     <a href="group.php?groupname=<?=$groupinfo["name"]?>">
-                        <button class="fa fa-chevron-left"> Terug naar de groep</button>
+                        <button><i class="fa fa-chevron-left"></i> Terug naar de groep</button>
                     </a>
                 </li>
             </ul>
@@ -51,8 +51,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
                     <button type="submit"
                             name="form"
                             value="group"
-                            class="fa fa-save"
+                    ><i class="fa fa-save"></i> Opslaan</button>
-                    > Opslaan</button>
                 </li>
             </ul>
         </form>
@@ -80,8 +79,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
                     <button type="submit"
                             name="form"
                             value="picture"
-                            class="fa fa-picture-o"
+                    ><i class="fa fa-picture-o"></i> Verander profielfoto</button>
-                    > Verander profielfoto</button>
                 </li>
             </ul>
         </form>
@@ -94,7 +92,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
                     <select name="userID">
                         <option disabled selected>Geen gebruiker geselecteerd:</option>
                         <?php
-                        $groupMembers = getAllGroupMembers($_GET["groupID"]);
+                        $groupMembers = getAllGroupUsers($_GET["groupID"]);
                         foreach ($groupMembers as $groupMember) {?>
                             <option value="<?=$groupMember["userID"]?>">
                                 <?=$groupMember["fullname"]?> (<?=$groupMember["username"]?>)
@@ -114,11 +112,55 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
                 </il>
             </ul>
         </form>
+        <form class="platform" method="post">
+            <h5>Verwijder een admin/mod</h5>
+            <ul>
+                <il>
+                    <input name="groupID" value="<?=$_GET["groupID"]?>" type="hidden">
+                    <label>Selecteer gebruiker</label>
+                    <select name="userID">
+                        <option disabled selected>Geen gebruiker geselecteerd:</option>
+                        <?php
+                        $groupAdmins = getAllGroupAdmins($_GET["groupID"]);
+                        foreach ($groupAdmins as $groupAdmin) {?>
+                            <option value="<?=$groupAdmin["userID"]?>">
+                                <?=$groupAdmin["fullname"]?> (<?=$groupAdmin["username"]?>) (<?=$groupAdmin["role"]?>)
+                            </option>
+                        <?php } ?>
+                        <?php
+                        $groupMods = getAllGroupMods($_GET["groupID"]);
+                        foreach ($groupMods as $groupMod) {?>
+                            <option value="<?=$groupMod["userID"]?>">
+                                <?=$groupMod["fullname"]?> (<?=$groupMod["username"]?>) (<?=$groupMod["role"]?>)
+                            </option>
+                        <?php } ?>
+                    </select>
+                    <button name="form"
+                            value="deadmin"
+                    >
+                        Verwijder
+                    </button>
+                </il>
+            </ul>
+        </form>
+        <form class="platform" method="post">
+            <ul>
+                <h5>Verwijder groep</h5>
+                <li>
+                    <label></label>
+                    <input name="groupID" value="<?=$_GET["groupID"]?>" type="hidden">
+                    <button class="red"
+                            name="form"
+                            value="delete"
+                    ><i class="fa fa-trash"></i> Verwijder groep</button>
+                </li>
+            </ul>
+        </form>
         <div class="platform">
             <ul>
                 <li>
                     <label></label>
-                    <a href="group.php?groupname=<?=$groupinfo["name"]?>"><button class="fa fa-chevron-left"> Terug naar de groep</button></a>
+                    <a href="group.php?groupname=<?=$groupinfo["name"]?>"><button><i class="fa fa-chevron-left"></i> Terug naar de groep</button></a>
                 </li>
             </ul>
         </div>