Fixed chat in safari

fixsquared

See merge request !163

website/public/API/adminChangeUser.php

@@ -6,15 +6,20 @@ require_once ("../../queries/checkInput.php");
 require_once ("../../queries/user.php");
 require_once ("../../queries/group_page.php");
 
+$userinfo = getRoleByID($_SESSION['userID']);
+
 if (isset($_POST["actions"]) && isset($_POST["userID"])) {
     changeUserStatusByID($_POST["userID"], $_POST["actions"]);
 } else if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
     changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
 } else if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
-    changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
+    if ($userinfo == 'owner') {
+        changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
+    } else {
+        changeMultipleUserStatusByIDAdmin($_POST["checkbox-user"], $_POST["batchactions"]);
+    }
 } else if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
     changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
+} else if (isset($_POST['bancommentuserID']) && isset($_POST['bancommenttext'])) {
+    editBanCommentByID($_POST['bancommentuserID'], $_POST['bancommenttext']);
 }
-
-//header("location: ../admin.php");
-print_r($_POST);

website/public/API/adminPageNumber.php

@@ -5,6 +5,7 @@ session_start();
 require_once ("../../queries/connect.php");
 require_once ("../../queries/checkInput.php");
 require_once ("../../queries/user.php");
+require_once ("../../queries/group_page.php");
 
 $search = "";
 if (isset($_POST["search"])) {
@@ -21,8 +22,17 @@ if (isset($_POST['status'])) {
     $status = $_POST["status"];
 }
 
-if ($pagetype == "user") {
+$groupstatus = array();
-    include ("../../views/adminpanel-page.php");
+if (isset($_POST['groupstatus'])) {
-} else {
+    $groupstatus = $_POST["groupstatus"];
-    echo "Pagenumber failed!";
 }
+
+$entries = 20;
+$currentpage = 1;
+if (isset($_POST['currentpage'])) {
+    $currentpage = (int) test_input($_POST["currentpage"]);
+}
+
+$offset = (int) $currentpage * $entries - $entries;
+
+include ("../../views/adminpanel-page.php");

website/public/API/adminSearchUsers.php

@@ -8,13 +8,11 @@ require_once ("../../queries/user.php");
 require_once ("../../queries/group_page.php");
 
 $offset = 0;
-if (isset($_POST["n"])) {
-    $offset = (int) test_input($_POST["n"]);
-}
 $entries = 20;
-if (isset($_POST["m"])) {
+if (isset($_POST["currentpage"])) {
-    $entries = (int) test_input($_POST["m"]);
+    $offset = (int) test_input($_POST["currentpage"]) * $entries - $entries;
 }
+
 $search = "";
 if (isset($_POST["search"])) {
     $search = test_input($_POST["search"]);
@@ -35,6 +33,8 @@ if (isset($_POST['groupstatus'])) {
     $groupstatus = $_POST["groupstatus"];
 }
 
+$userinfo = getRoleByID($_SESSION['userID']);
+
 if ($pagetype == "user") {
     include ("../../views/adminpanel-table.php");
 } else if ($pagetype == "group") {

website/public/API/loadFriendRequest.php

@@ -4,5 +4,12 @@ session_start();
 
 require_once ("../../queries/connect.php");
 require_once ("../../queries/friendship.php");
+require_once ("../../queries/user.php");
 
-echo selectAllFriendRequests();
+if (isset($_SESSION["userID"]) &&
+    getRoleByID($_SESSION["userID"]) != 'frozen' &&
+    getRoleByID($_SESSION["userID"]) != 'banned') {
+    echo selectAllFriendRequests();
+} else {
+    echo "[]";
+}

website/public/API/loadFriends.php

@@ -6,11 +6,15 @@ require_once ("../../queries/connect.php");
 require_once ("../../queries/checkInput.php");
 require_once ("../../queries/friendship.php");
 
-if (isset($_POST["limit"])) {
+if (isset($_SESSION["userID"])) {
-    echo selectLimitedFriends($_SESSION["userID"], (int) test_input($_POST["limit"]));
+    if (isset($_POST["limit"])) {
-} else if (isset($_GET["limit"])) {
+        echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_POST["limit"]));
-    echo selectLimitedFriends($_SESSION["userID"], (int) test_input($_GET["limit"]));
+    } else if (isset($_GET["limit"])) {
+        echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_GET["limit"]));
+    } else {
+        echo selectFriends($_SESSION["userID"]);
+    }
 } else {
-    echo selectFriends($_SESSION["userID"]);
+    echo "[]";
 }
 

website/public/API/postComment.php

@@ -2,28 +2,36 @@
 
 session_start();
 
-require("../../queries/post.php");
+require_once("../../queries/post.php");
 require_once("../../queries/connect.php");
-require("../../queries/checkInput.php");
+require_once("../../queries/checkInput.php");
-print_r($_POST);
+require_once("../../queries/user.php");
-if ($_POST['button'] == 'reaction') {
+
-    if (empty($_POST['newcomment-content'])) {
+
-        echo 0;
+if (isset($_SESSION["userID"]) &&
-    } else {
+    getRoleByID($_SESSION["userID"]) != 'frozen' &&
-        if (makeComment($_POST['postID'],
+    getRoleByID($_SESSION["userID"]) != 'banned') {
-            $_SESSION['userID'],
+    if ($_POST['button'] == 'reaction') {
-            test_input($_POST['newcomment-content']))) {
+        if (empty($_POST['newcomment-content'])) {
+            echo 0;
+        } else {
+            if (makeComment($_POST['postID'],
+                $_SESSION['userID'],
+                test_input($_POST['newcomment-content']))) {
+                echo 1;
+            } else {
+                echo 0;
+            }
+        }
+    } else if ($_POST['button'] == 'nietslecht') {
+        if (makeNietSlecht($_POST["postID"], $_SESSION["userID"])) {
             echo 1;
         } else {
             echo 0;
         }
-    }
-} else if ($_POST['button'] == 'nietslecht') {
-    if (makeNietSlecht($_POST["postID"], $_SESSION["userID"])) {
-        echo 1;
     } else {
         echo 0;
     }
 } else {
-    echo 0;
+    echo "frozen";
 }

website/public/API/searchPageNumber.php

@@ -0,0 +1,41 @@
+<?php
+
+session_start();
+
+require_once ("../../queries/connect.php");
+require_once ("../../queries/checkInput.php");
+require_once ("../../queries/user.php");
+require_once ("../../queries/group_page.php");
+
+$user_perpage = $group_perpage = 20;
+
+$user_currentpage = $group_currentpage = 1;
+if (isset($_POST['user-pageselect'])) {
+    $user_currentpage = test_input($_POST['user-pageselect']);
+}
+if (isset($_POST['group-pageselect'])) {
+    $group_currentpage = test_input($_POST['group-pageselect']);
+}
+
+$user_n = $user_currentpage * $user_perpage - $user_perpage;
+$group_n = $group_currentpage * $group_perpage - $group_perpage;
+
+$search = "";
+if (isset($_POST['search'])) {
+    $search = test_input($_POST['search']);
+}
+
+$user_count = countSomeUsers($search)->fetchColumn();
+$group_count = countSomeGroups($search)->fetchColumn();
+
+$filter = "all";
+if (isset($_POST['filter'])) {
+    $filter = test_input($_POST['filter']);
+}
+
+$option = "user";
+if (isset($_POST['option'])) {
+    $option = test_input($_POST['option']);
+}
+
+include ("../../views/searchPageNumber.php");

website/public/API/searchUsers.php

@@ -8,13 +8,15 @@ require_once ("../../queries/friendship.php");
 require_once ("../../queries/user.php");
 
 $n = 0;
-if (isset($_POST["n"])) {
-    $n = (int) test_input($_POST["n"]);
-}
 $m = 20;
-if (isset($_POST["m"])) {
+
-    $m = (int) test_input($_POST["m"]);
+$page = 1;
+if (isset($_POST["user-pageselect"])) {
+    $page = (int) test_input($_POST['user-pageselect']);
 }
+
+$n = ($page - 1) * $m;
+
 $search = "";
 if (isset($_POST["search"])) {
     $search = test_input($_POST["search"]);

website/public/API/sendMessage.php

@@ -4,14 +4,22 @@ session_start();
 require_once("../../queries/connect.php");
 require_once("../../queries/private_message.php");
 require_once("../../queries/checkInput.php");
+require_once("../../queries/user.php");
 
-if (!empty(test_input($_POST["destination"])) &&
+if (isset($_SESSION["userID"]) &&
-    !empty(test_input($_POST["content"]))) {
+    getRoleByID($_SESSION["userID"]) != 'frozen' &&
-    if (sendMessage(test_input($_POST["destination"]), test_input($_POST["content"]))) {
+    getRoleByID($_SESSION["userID"]) != 'banned') {
-        echo 1;
+    if (!empty(test_input($_POST["destination"])) &&
+        !empty(test_input($_POST["content"]))
+    ) {
+        if (sendMessage(test_input($_POST["destination"]), test_input($_POST["content"]))) {
+            echo 1;
+        } else {
+            echo 0;
+        }
     } else {
         echo 0;
     }
 } else {
-    echo 0;
+    echo "frozen";
 }

website/public/admin.php

@@ -8,7 +8,7 @@
     <style>
         @import url("styles/adminpanel.css");
     </style>
-    <script src="js/admin.js" charset="utf-8"></script>
+<script src="js/admin.js" charset="utf-8"></script>
 </head>
 <body>
 <?php
@@ -19,9 +19,9 @@
 include_once ("../queries/user.php");
 
 // auth
-$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
+$role = getRoleByID($_SESSION['userID']);
 
-if ($userinfo['role'] != 'admin' AND $userinfo['role'] != 'owner') {
+if ($role != 'admin' AND $role != 'owner') {
     header("location:profile.php");
 }
 

website/public/bits/friend-item.php

@@ -33,7 +33,7 @@ foreach($friends as $i => $friend) {
                     }
                     ?>'>
                 <div class='friend'>
-                    <img alt='PF' class='profile-picture' src='<?= $friend->profilepicture ?>'/>
+                    <img alt='PF' class='profile-picture <?= $friend->onlinestatus ?>' src='<?= $friend->profilepicture ?>'/>
                     <div class='friend-name'>
                         <?= $friend->fullname ?><br/>
                         <span style='color: #666'><?php

website/public/group.php

@@ -11,7 +11,7 @@
 <body>
 <?php
 
-include("../queries/group_page.php");
+include_once("../queries/group_page.php");
 
 $group = selectGroupByName($_GET["groupname"]);
 $members = selectGroupMembers(2);

website/public/js/admin.js

@@ -1,42 +1,48 @@
 $(window).on("load", function () {
     changeFilter();
+    searchFromOne();
+
     $(".admin-searchinput").keyup(function(){
-        adminSearch();
+        searchFromOne();
     });
     // all inputs and labels directly under admin filter and groupfilter
-    $("#admin-filter, #admin-groupfilter > input, label").click(function(){
+    $("#admin-filter, #admin-groupfilter > input, label").change(function(){
-        adminSearch();
+        searchFromOne();
     });
     $("#pagetype").change(function(){
-        adminSearch();
+        searchFromOne();
     });
 
-    adminSearch();
+    /* Update hidden input to be equal to submit pressed,
+        because serialize doesn't take submit values. */
+    $('#admin-batchform > button').click(function () {
+        $('#batchinput').prop('value', $(this).prop('value'));
+        console.log($('#batchinput').prop('value'));
+    });
+
+    $('#admin-groupbatchform > button').click(function () {
+        $('#groupbatchinput').prop('value', $(this).prop('value'));
+        console.log($('#batchinput').prop('value'));
+    });
 });
 
-function checkAll(allbox) {
+function checkAll() {
-    var checkboxes = document.getElementsByClassName('checkbox-list');
+    $('.checkbox-list').each(function () {
-
+        $(this).prop('checked', $('#checkall').prop('checked'));
-    for (var i = 0; i < checkboxes.length; i++) {
+    });
-        if (checkboxes[i].type == 'checkbox') {
-            checkboxes[i].checked = allbox.checked;
-        }
-    }
 }
 
-function checkCheckAll(allbox) {
+function checkCheckAll() {
-    var checkboxes = document.getElementsByClassName('checkbox-list');
     var checked = true;
 
-    for (var i = 0; i < checkboxes.length; i++) {
+    $('.checkbox-list').each(function () {
-        if (checkboxes[i].type == 'checkbox') {
+        if ($(this).prop('checked') == false) {
-            if (checkboxes[i].checked == false) {
+            checked = false;
-                checked = false;
+            return;
-                break;
-            }
         }
-    }
+    });
-    allbox.checked = checked;
+
+    $('#checkall').prop('checked', checked);
 }
 
 function changeFilter() {
@@ -55,12 +61,28 @@ function changeFilter() {
     }
 }
 
+function searchFromOne() {
+    $('#currentpage').prop('value', 1);
+    adminSearch();
+}
+
 function adminSearch() {
+    console.log($("#admin-searchform").serialize());
     $.post(
         "API/adminSearchUsers.php",
         $("#admin-searchform").serialize()
     ).done(function (data) {
         $("#usertable").html(data);
+        updatePageN();
+    })
+}
+
+function adminUpdate(form) {
+    $.post(
+        "API/adminChangeUser.php",
+        $(form).serialize()
+    ).done(function () {
+        adminSearch();
     })
 }
 
@@ -71,4 +93,18 @@ function updatePageN() {
     ).done(function (data) {
         $("#admin-pageinfo").html(data);
     })
+}
+
+function toggleBancomment(button) {
+    $(button).siblings("div").toggle();
+    $(button).toggle();
+}
+
+function editComment(form) {
+    $.post(
+        "API/adminChangeUser.php",
+        $(form).serialize()
+    ).done(function (data) {
+        adminSearch();
+    });
 }

website/public/js/chat.js

@@ -33,7 +33,11 @@ function sendMessage() {
     $.post(
         "API/sendMessage.php",
         $("#sendMessageForm").serialize()
-    );
+    ).done(function(response) {
+        if (response == "frozen") {
+            alert("Je account is bevroren, dus je kan niet chat berichten versturen. Contacteer een admin als je denkt dat dit onjuist is.");
+        }
+    });
 
     $("#newContent").val("");
     loadMessages();
@@ -43,8 +47,9 @@ function addMessages(messages) {
     var messagesText = "";
     for(var i in messages) {
         // Initialize message variables
-        var thisDate = new Date(messages[i].creationdate);
+        var thisDate = new Date(messages[i].creationdate.replace(/ /,"T"));
         var thisTime = thisDate.getHours() + ":" + thisDate.getMinutes();
+        console.log(thisDate);
         var type;
         thisDate.setHours(0,0,0,0);
 
@@ -54,17 +59,15 @@ function addMessages(messages) {
             type = "chat-message-other";
         }
         if (i == 0) {
-            if (thisDate > previousDate) {
+            previousDate = thisDate;
-                previousDate = thisDate;
+            messagesText += '\
-                messagesText += '\
+                <div class="day-message"> \
-                    <div class="day-message"> \
+                    <div class="day-message-content">\
-                        <div class="day-message-content">\
+                    ' + days[thisDate.getDay()] + " " + thisDate.getDate() + " " + months[thisDate.getMonth()] + " " + thisDate.getFullYear() + '\
-                        ' + days[thisDate.getDay()] + " " + thisDate.getDate() + " " + months[thisDate.getMonth()] + " " + thisDate.getFullYear() + '\
+                    </div> \
-                        </div> \
+                </div>';
-                    </div>';
-            }
             messagesText += '<div class="chat-message"><div class="' + type + '">';
-        } else if (type != previousType || thisTime != previousTime || thisDate > previousDate) {
+        } else if (type != previousType || thisTime != previousTime || thisDate.getTime() > previousDate.getTime()) {
             messagesText += '<div class="chat-time">\
                     ' + thisTime + '\
                     </div></div></div>';

website/public/js/main.js

@@ -3,7 +3,7 @@ var months = ["januari", "februari", "maart", "april", "mei", "juni", "juli", "a
 
 function fancyText(text) {
     // Add links, images, gifs and (youtube) video's.
-    var regex = /(https?:\/\/.[^ ]*)/ig;
+    var regex = /(https?:\/\/.[^ <>"]*)/ig;
     text = text.replace(regex, function(link) {
         // Add images
         if (link.match(/(https?:\/\/.[^ ]*\.(?:png|jpg|jpeg|gif))/ig)) {
@@ -93,4 +93,14 @@ function showGroups(groups, list) {
     } else {
         return false;
     }
-}
+}
+
+$(document).ready(function() {
+    $("body").delegate("textarea[maxlength]", "keydown", function() {
+        if ($(this).val().length / .9 >= $(this).attr("maxlength")) {
+            $(this).next().text($(this).val().length + "/" + $(this).attr("maxlength"));
+        } else {
+            $(this).next().text("");
+        }
+    });
+});

website/public/js/masonry.js

@@ -19,7 +19,7 @@ function requestPost(postID) {
         var scrollBarWidth = window.innerWidth - document.body.offsetWidth;
         scrollbarMargin(scrollBarWidth, 'hidden');
         $('#modal-response').show();
-        $('#modal-response').html(data);
+        $('#modal-response').html(fancyText(data));
     });
 }
 
@@ -78,7 +78,7 @@ function masonry(mode) {
      * Initialise columns.
      */
     var columns = new Array(columnCount);
-    var $columns = new Array(columnCount);
+
     for (i = 0; i < columnCount; i++) {
         $column = $("<div class=\"column\">");
         $column.width(100/columnCount + "%");
@@ -96,7 +96,7 @@ function masonry(mode) {
         }
 
         $form.append($("<input class=\"newpost\" name=\"title\" placeholder=\"Titel\" type=\"text\">"));
-        $form.append($("<textarea class=\"newpost\" name=\"content\" placeholder=\"Schrijf een berichtje...\">"));
+        $form.append($("<textarea class=\"newpost\" name=\"content\" placeholder=\"Schrijf een berichtje...\" maxlength='1000'></textarea><span></span>"));
         $form.append($("<input value=\"Plaats!\" type=\"submit\">"));
         columns[0][1].append($postInput);
 
@@ -130,7 +130,7 @@ function masonry(mode) {
                $.each(posts, function() {
                    $post = $("<div class=\"post platform\" onclick=\"requestPost(\'"+this['postID']+"\')\">");
                    $post.append($("<h2>").html(this["title"]));
-                   $post.append($("<p>").html(this["content"]));
+                   $post.append($("<p>").html(fancyText(this["content"])));
                    $post.append($("<p class=\"subscript\">").text(this["nicetime"]));
                    $post.append($("<p class=\"subscript\">").text("comments: " + this["comments"] + ", niet slechts: " + this["niet_slechts"]));
 

website/public/js/post.js

@@ -4,8 +4,10 @@ function postComment(buttonValue) {
     $.post(
         "API/postComment.php",
         formData
-    ).done(function(data) {
+    ).done(function (response) {
-        console.log(data);
+        if (response == "frozen") {
+            alert("Je account is bevroren, dus je kan geen comments plaatsen of \"niet slechten\". Contacteer een admin als je denkt dat dit onjuist is.");
+        }
     });
 
     $("#newcomment").val("");
@@ -15,6 +17,6 @@ function postComment(buttonValue) {
         "API/loadPost.php",
         $("#newcommentform").serialize()
     ).done(function (data) {
-        $('#modal-response').html(data);
+        $('#modal-response').html(fancyText(data));
     });
 }

website/public/js/search.js

@@ -1,12 +1,11 @@
-function searchUsers(n, m) {
+$(window).on('load', function () {
+    pageNumber();
+});
+
+function searchUsers() {
     $.post(
         "API/searchUsers.php",
-        {
+        $('#search-form').serialize()
-            n: n,
-            m: m,
-            search: $("#search-input").val(),
-            filter: $("#search-filter").val()
-        }
     ).done(function(data) {
         if (!showFriends(data, "#search-users-list", 0, "profile.php", "GET")) {
             $("#search-users-list").text("Niemand gevonden");
@@ -14,18 +13,29 @@ function searchUsers(n, m) {
     });
 }
 
-function searchGroups(n, m) {
+function searchGroups() {
     $.post(
         "API/searchGroups.php",
-        {
+        $('#search-form').serialize()
-            n: n,
-            m: m,
-            search: $("#search-input").val(),
-            filter: $("#search-filter").val()
-        }
     ).done(function(data) {
         if (!showGroups(data, "#search-groups-list")) {
             $("#search-groups-list").text("Geen groepen gevonden");
         }
     });
+}
+
+function pageNumber() {
+    var input = input2 = $('#search-form').serialize();
+    $.post(
+        "API/searchPageNumber.php",
+        input + "&option=user"
+    ).done(function (data) {
+        $('#user-pageselect').html(data);
+    });
+    $.post(
+        "API/searchPageNumber.php",
+        input2 + "&option=group"
+    ).done(function (data) {
+        $('#group-pageselect').html(data);
+    });
 }

website/public/profile.php

@@ -13,10 +13,11 @@
 </head>
 <body>
 <?php
-include("../queries/user.php");
+include_once("../queries/user.php");
-include("../queries/friendship.php");
+include_once("../queries/friendship.php");
-include("../queries/nicetime.php");
+include_once("../queries/nicetime.php");
-include("../queries/post.php");
+include_once("../queries/post.php");
+include_once("../queries/calcAge.php");
 
 if(empty($_GET["username"])) {
     $userID = $_SESSION["userID"];

website/public/styles/adminpanel.css

@@ -4,7 +4,7 @@
 
 .admin-panel input[type="radio"], input[type="checkbox"] {
     vertical-align: middle;
-    height: auto;
+    height: 28px;
     margin: 2px;
 }
 
@@ -34,7 +34,6 @@
     width: 100%;
 }
 
-.usertable .table-checkbox {width: 20px}
 .usertable .table-username {width: 150px}
 .usertable .table-status {width: 100px}
 .usertable .table-action {width: 200px}
@@ -44,10 +43,18 @@
     padding: 3px;
 }
 
-.usertable tr {
+.usertable th, tr {
     text-align: left;
 }
 
 .usertable tr:hover {
     background-color: #f5f5f5;
 }
+
+.bancommentedit {
+    display: none;
+}
+
+.bancommentform input[type="text"] {
+    width: 100%;
+}

website/public/styles/chat.css

@@ -22,6 +22,7 @@ body {
     height: calc(100% - 100px);
 
     display: inline-block;
+    float: left;
 
     overflow-y: auto;
 }
@@ -31,12 +32,14 @@ body {
     overflow-y: auto;
     overflow-x: hidden;
 
-    width: calc(100% - 256px - 75px);
+    width: calc(100% - 256px - 85px);
     height: calc(100% - 80px);
+    margin-right: 10px;
 
     padding: 10px;
 
     display: inline-block;
+    float: right;
 
     word-wrap: break-word;
 }

website/public/styles/header.css

@@ -49,7 +49,7 @@ header div {
 }
 
 #open-notifications {
-    padding: 5px 20px 5px 0px;
+    padding: 20px 20px 20px 0px;
 }
 
 @media only screen and (max-width: 1080px) {

website/public/styles/main.css

@@ -92,6 +92,14 @@ p {
     border-radius: 50%;
 }
 
+.online {
+    border: #4CAF50 solid 3px;
+}
+
+.offline {
+    border: #666666 solid 3px;
+}
+
 .group-picture {
     border-radius: 5px;
 }
@@ -299,8 +307,16 @@ div[data-title]:hover:after {
     body {
         font-size: 28px!important;
     }
-    button {
+    button, input, select {
         font-size: 28px;
+        height: 42px;
+    }
+    textarea {
+        font-size: 28px;
+    }
+    input[type="checkbox"], input[type="radio"] {
+        width: 28px;
+        height: 28px;
     }
 
 }

website/public/styles/profile.css

@@ -45,7 +45,7 @@
 
 .main-picture {
     position: relative;
-    border: #4CAF50 solid 5px;
+    border-width: 5px;
 
     display: inline-block;
     width: 150px;
@@ -120,4 +120,8 @@ div.posts .post form textarea.newpost {
     .post-box {
         width: calc(100% - 65px);
     }
+    .modal {
+        left: 0!important;
+        width: 100%!important;
+    }
 }

website/queries/friendship.php

@@ -16,6 +16,10 @@ function selectLimitedFriends($userID, $limit) {
                 `profilepicture`,
                 '../img/avatar-standard.png'
             ) AS profilepicture,
+            CASE `lastactivity` >= DATE_SUB(NOW(),INTERVAL 15 MINUTE)
+              WHEN TRUE THEN 'online'
+              WHEN FALSE THEN 'offline'
+            END AS `onlinestatus`,
             `role`
         FROM
             `user`
@@ -28,11 +32,8 @@ function selectLimitedFriends($userID, $limit) {
             `friendship`.`user1ID` = `user`.`userID`) AND
             `user`.`role` != 'banned' AND
             `friendship`.`status` = 'confirmed'
-        ORDER BY 
+        ORDER BY
-            CASE
+            `user`.`lastactivity`
-            WHEN `friendship`.`user2ID` = `user`.`userID` THEN `friendship`.`chatLastVisted1`
-            WHEN `friendship`.`user1ID` = `user`.`userID` THEN `friendship`.`chatLastVisted2`
-            END
             DESC
         LIMIT :limitCount
     ");

website/queries/private_message.php

@@ -16,6 +16,8 @@ function getOldChatMessages($user2ID) {
             `destination` = :user1
         ORDER BY
             `creationdate` ASC
+        LIMIT
+          100
         ");
 
         $stmt->bindParam(":user1", $user1ID);

website/queries/user.php

@@ -2,6 +2,19 @@
 
 require_once ("connect.php");
 
+function updateLastActivity() {
+    $stmt = prepareQuery("
+      UPDATE
+        `user`
+      SET
+        `lastactivity` = NOW()
+      WHERE
+        `userID` = :userID
+    ");
+    $stmt->bindParam(":userID", $_SESSION["userID"]);
+    return $stmt->execute();
+}
+
 function getUserID($username) {
     $stmt = prepareQuery("
         SELECT
@@ -265,6 +278,25 @@ function changeMultipleUserStatusByID($ids, $status) {
     return $q;
 }
 
+function changeMultipleUserStatusByIDAdmin($ids, $status) {
+    $q = prepareQuery("
+    UPDATE
+        `user`
+    SET
+        `role` = :status
+    WHERE
+        FIND_IN_SET (`userID`, :ids)
+        AND NOT `role` = 'admin'
+        AND NOT `role` = 'owner'
+    ");
+
+    $ids = implode(',', $ids);
+    $q->bindParam(':ids', $ids);
+    $q->bindParam(':status', $status);
+    $q->execute();
+    return $q;
+}
+
 function selectRandomNotFriendUser($userID) {
     $stmt = prepareQuery("
     SELECT
@@ -335,9 +367,10 @@ function countSomeUsers($search) {
     FROM
         `user`
     WHERE
-        `username` LIKE :keyword OR 
+        (`username` LIKE :keyword OR 
         `fname` LIKE :keyword OR 
-        `lname` LIKE :keyword
+        `lname` LIKE :keyword) AND 
+        `role` != 'banned'
     ORDER BY 
         `fname`, 
         `lname`, 
@@ -362,5 +395,20 @@ function getRoleByID($userID) {
 
     $stmt->bindParam(':userID', $userID);
     $stmt->execute();
-    return $stmt;
+    return $stmt->fetch()["role"];
+}
+
+function editBanCommentByID($userID, $comment) {
+    $stmt = prepareQuery("
+        UPDATE
+            `user`
+        SET
+            `bancomment` = :comment
+        WHERE
+            `userID` = :userID
+    ");
+
+    $stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
+    $stmt->bindParam(':comment', $comment);
+    $stmt->execute();
 }

website/views/adminpanel-grouptable.php

@@ -16,7 +16,6 @@ while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
     $name = $group['name'];
     $role = $group['status'];
     $description = $group['description'];
-    $function = "checkCheckAll(document.getElementById('checkall'))";
 
     echo("
         <tr>
@@ -25,15 +24,14 @@ while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
                        class='checkbox-list'
                        value='$groupID'
                        form='admin-groupbatchform'
-                       onchange='$function'>
+                       onchange='checkCheckAll();'>
             </td>
             <td>$name</td>
             <td>$role</td>
             <td>$description</td>
             <td>
                 <form class='admin-groupaction'
-                      action='API/adminChangeUser.php'
+                      onsubmit=\"adminUpdate(this);  return false;\">
-                      method='post'>
                     <select class='action' name='actions'>
                         <option value='hidden'>Hidden</option>
                         <option value='public'>Public</option>

website/views/adminpanel-page.php

@@ -5,27 +5,26 @@ if ($pagetype == "user") {
     $pages = countSomeGroupsByStatus($search, $groupstatus);
 }
 $countresults = $pages->fetchColumn();
-$mincount = min($listm, $countresults);
+
-$minlist = min($listn + 1, $countresults);
 ?>
-    Pagina: <form class="admin-pageselector"
+Pagina:
-                  action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
+<select class="admin-pageselect"
-                  method="post">
+        name="currentpage"
-    <select class="admin-pageselect"
+        id="currentpage"
-            name="pageselect"
+        form="admin-searchform"
-            onchange="this.form.submit()"
+        onchange="adminSearch();">
-            value="">
+    <?php
-        <?php
+    for ($i=1; $i <= ceil($countresults / $entries); $i++) {
-        for ($i=1; $i <= ceil($countresults / $perpage); $i++) {
+        if ($currentpage == $i) {
-            if ($currentpage == $i) {
+            echo "<option value='$i' selected>$i</option>";
-                echo "<option value='$i' selected>$i</option>";
+        } else {
-            } else {
+            echo "<option value='$i'>$i</option>";
-                echo "<option value='$i'>$i</option>";
-            }
         }
-        ?>
+    }
-    </select>
+    ?>
-</form>
+</select>
 <?php
-echo "$minlist tot $mincount ($countresults totaal)";
+$n = min($offset + 1, $countresults);
+$m = min($offset + $entries, $countresults);
+echo " $n tot $m ($countresults totaal)";
 ?>

website/views/adminpanel-table.php

@@ -1,5 +1,5 @@
 <tr>
-    <th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)"></th>
+    <th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll()"></th>
     <th class="table-username">Gebruikersnaam</th>
     <th class="table-status">Status</th>
     <th class="table-comment">Aantekening</th>
@@ -14,7 +14,6 @@ while($user = $q->fetch(PDO::FETCH_ASSOC)) {
     $username = $user['username'];
     $role = $user['role'];
     $bancomment = $user['bancomment'];
-    $function = "checkCheckAll(document.getElementById('checkall'))";
 
     echo("
         <tr>
@@ -24,20 +23,47 @@ while($user = $q->fetch(PDO::FETCH_ASSOC)) {
                        class='checkbox-list'
                        value='$userID'
                        form='admin-batchform'
-                       onchange='$function'>
+                       onchange='checkCheckAll();'>
             </td>
             <td>$username</td>
             <td>$role</td>
-            <td>$bancomment</td>
+            <td>
+                <div class='bancomment'>$bancomment</div>
+                <div class='bancommentedit'>
+                    <form class='bancommentform'
+                          id='bancommentform'
+                          onsubmit='editComment(this); 
+                                    return false;'>
+                          <input type='text'
+                                 name='bancommenttext'
+                                 placeholder='Schrijf een aantekening'
+                                 value='$bancomment'>
+                          <input type='hidden'
+                                 name='bancommentuserID'
+                                 value='$userID'>
+                          <button type='submit'>Update</button>
+                    </form>
+                </div>
+                <button type='button' onclick='toggleBancomment(this)'>Verander</button>
+            </td>
             <td>
                 <form class='admin-useraction'
-                      action='API/adminChangeUser.php'
+                      onsubmit=\"adminUpdate(this);  return false;\">
-                      method='post'>
+                    <select class='action' name='actions'>");
-                    <select class='action' name='actions'>
+                        if (!($userinfo == 'admin'
-                        <option value='frozen'>Bevries</option>
+                              AND ($user['role'] == 'admin'
-                        <option value='banned'>Ban</option>
+                              OR $user['role'] == 'owner'))) {
-                        <option value='user'>Activeer</option>
+                            echo "<option value='frozen'>Bevries</option>
-                    </select>
+                                  <option value='banned'>Ban</option>
+                                  <option value='user'>Activeer</option>";
+
+                            if ($userinfo == 'owner') {
+                                echo "<option value='admin'>Admin</option>
+                                      <option value='owner'>Owner</option>";
+                            }
+                        }
+
+                    echo ("</select>
                     <input type='hidden' name='userID' value='$userID'>
                     <input type='submit' value='Confirm'>
                 </form>

website/views/adminpanel.php

@@ -2,11 +2,10 @@
 <!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
 <?php
 $search = "";
-$currentpage = 1;
-$perpage = 20;
 $status = array("user", "frozen", "banned", "unconfirmed", "admin", "owner");
 $groupstatus = array("hidden", "public", "membersonly");
 $pagetype = "user";
+$userinfo = getRoleByID($_SESSION['userID']);
 
 if (isset($_GET["search"])) {
     $search = test_input($_GET["search"]);
@@ -24,13 +23,6 @@ if (isset($_GET["groupstatus"])) {
     $groupstatus = $_GET["groupstatus"];
 }
 
-
-if ($_SERVER["REQUEST_METHOD"] == "POST") {
-    if (isset($_POST["pageselect"])) {
-        $currentpage = $_POST["pageselect"];
-    }
-}
-
 ?>
 
 <div class="content">
@@ -39,7 +31,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
         <div class="admin-options">
             <form class="admin-searchform"
                   id="admin-searchform"
-                  action="javascript:adminSearch();"
+                  action="javascript:searchFromOne();"
                   method="get">
 
                 <div class="admin-searchbar">
@@ -120,23 +112,33 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
         <div class="admin-users">
             <div class="admin-usertitle">
                 <h4>Resultaat:</h4>
-                <span style="float: right" id="admin-pageinfo">
+                <div style="float: right" id="admin-pageinfo">
 
-                </span>
+                </div>
-                <form
+                <form id="admin-batchform"
-                        id="admin-batchform"
+                      onsubmit="adminUpdate(this); return false;">
-                        action="API/adminChangeUser.php"
-                        method="post">
 
+                    <input type="hidden" name="batchactions" id="batchinput">
                     <button type="submit" name="batchactions" id="freeze" value="frozen">Bevries</button>
                     <button type="submit" name="batchactions" id="ban" value="banned">Ban</button>
                     <button type="submit" name="batchactions" id="restore" value="user">Activeer</button>
+                    <?php
+                    if ($userinfo == 'owner') {
+                        echo "<button type=\"submit\" 
+                                      name=\"batchactions\" 
+                                      id=\"admin\" 
+                                      value=\"admin\">Maak Admin</button>
+                              <button type=\"submit\" 
+                                      name=\"batchactions\" 
+                                      id=\"owner\" 
+                                      value=\"owner\">Maak Owner</button>";
+                    }
+                    ?>
                 </form>
-                <form
+                <form id="admin-groupbatchform"
-                        id="admin-groupbatchform"
+                      onsubmit="adminUpdate(this);  return false;">
-                        action="API/adminChangeUser.php"
-                        method="post">
 
+                    <input type="hidden" name="groupbatchactions" id="groupbatchinput">
                     <button type="submit" name="batchactions" id="hide" value="hidden">Hide</button>
                     <button type="submit" name="batchactions" id="ban" value="public">Public</button>
                     <button type="submit" name="batchactions" id="members" value="membersonly">Members</button>

website/views/head.php

@@ -19,9 +19,12 @@
 
 require_once ("../queries/checkInput.php");
 require_once ("../queries/connect.php");
+require_once ("../queries/user.php");
 
 session_start();
 
 if(!isset($_SESSION["userID"])){
     header("location:login.php");
-}
+} else {
+    updateLastActivity();
+}

website/views/header.php

@@ -25,8 +25,7 @@ $userinfo = getHeaderInfo();
             </div>
             <?=$userinfo["fname"]?>
         </div>
-        <img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/>
+        <img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/><i id="open-notifications" class="fa fa-bars"></i>
-        <i id="open-notifications" class="fa fa-bars"></i>
     </div>
 </header>
 <?php include("notification-center.php"); ?>

website/views/notification-center.php

@@ -7,9 +7,9 @@
         include_once ("../queries/user.php");
 
         // auth
-        $userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
+        $role = getRoleByID($_SESSION['userID']);
 
-        if ($userinfo['role'] == 'admin' OR $userinfo['role'] == 'owner') {
+        if ($role == 'admin' OR $role == 'owner') {
             echo "<a href=\"admin.php\" data-title=\"Admin\"><i class=\"fa fa-lock\"></i></a>";
             echo "<style>@import url('styles/adminbutton.css'); </style>";
         }

website/views/post-view.php

@@ -24,7 +24,7 @@ echo("
     <div class="commentfield">
         <form id="newcommentform" onsubmit="return false;">
             <input type="hidden" id="newcomment-textarea" name="postID" value="<?= $postID ?>">
-            <textarea id="newcomment" name="newcomment-content" placeholder="Laat een reactie achter..."></textarea> <br>
+            <textarea id="newcomment" name="newcomment-content" placeholder="Laat een reactie achter..." maxlength="1000"></textarea><span></span> <br>
             <button onclick="postComment('reaction')" name="button" value="reaction">Reageer!</button>
             <button onclick="postComment('nietslecht')" name="button" value="nietslecht" class="nietslecht">
             <?php

website/views/profile.php

@@ -1,10 +1,10 @@
 <div class="content">
     <div class="user-box">
-        <img class="profile-picture main-picture" src="<?= $user["profilepicture"] ?>"><br />
+        <img class="profile-picture main-picture <?= $user["onlinestatus"] ?>" src="<?= $user["profilepicture"] ?>"><br />
         <div class="platform">
             <div class="status-buttons-container">
                 <button disabled class="gray">
-                    <?= $user["onlinestatus"]  ?>
+                    <?= $user["onlinestatus"] ?>
                 </button>
                 <button disabled class="gray"><?= $user["role"] ?></button>
             </div>
@@ -29,7 +29,7 @@
         <h3>Informatie</h3>
         <p>
             <ul>
-                <li>Geboren op: <?= $user["birthdate"] ?></li>
+                <li>Leeftijd: <?= getAge($user["birthdate"]) ?> jaar</li>
                 <li>Locatie: <?= $user["location"] ?></li>
                 <li>Lid sinds: <?= nicetime($user["creationdate"]) ?></li>
             </ul>

website/views/search-view.php

@@ -21,10 +21,8 @@ if (isset($_GET['filter'])) {
 }
 
 $user_n = ($user_currentpage - 1) * $user_perpage;
-$user_count = countSomeUsers($search)->fetchColumn();
 
 $group_n = ($group_currentpage - 1) * $group_perpage;
-$group_count = countSomeGroups($search)->fetchColumn();
 ?>
 
 <div class="content">
@@ -40,8 +38,10 @@ $group_count = countSomeGroups($search)->fetchColumn();
                    id="search-input"
                    name="search"
                    onkeyup="
-                           searchUsers(<?= $user_n ?>, <?= $user_perpage ?>);
+                           $('#user-pagenumber, #group-pagenumber').prop('value', 1);
-                           searchGroups(<?= $group_n ?>, <?= $group_perpage ?>);"
+                           searchUsers();
+                           searchGroups();
+                           pageNumber();"
                    placeholder="Zoek"
                    value=<?php echo "$search";?>
             >
@@ -66,26 +66,12 @@ $group_count = countSomeGroups($search)->fetchColumn();
     <div class="platform item-box searchleft" id="search-friends-output">
         <h4>Gebruikers</h4>
 
-        <select class="user-pageselect"
+        <div id="user-pageselect"></div>
-                name="user-pageselect"
-                id="user-pageselect"
-                form="search-form"
-                onchange="this.form.submit()">
-            <?php
-            for ($i=1; $i <= ceil($user_count / $user_perpage); $i++) {
-                if ($user_currentpage == $i) {
-                    echo "<option value='$i' selected>$i</option>";
-                } else {
-                    echo "<option value='$i'>$i</option>";
-                }
-            }
-            ?>
-        </select>
 
         <ul id='search-users-list' class='nav-list'>
             <script>
             $(document).ready(function(){
-                searchUsers(<?= $user_n ?>, <?= $user_perpage ?>);
+                searchUsers();
             });
             </script>
         </ul>
@@ -94,26 +80,12 @@ $group_count = countSomeGroups($search)->fetchColumn();
     <div class="platform item-box searchright" id="search-group-output">
         <h4>Groepen</h4>
 
-        <select class="group-pageselect"
+        <div id="group-pageselect"></div>
-                name="group-pageselect"
-                id="group-pageselect"
-                form="search-form"
-                onchange="this.form.submit()">
-            <?php
-            for ($i=1; $i <= ceil($group_count / $group_perpage); $i++) {
-                if ($group_currentpage == $i) {
-                    echo "<option value='$i' selected>$i</option>";
-                } else {
-                    echo "<option value='$i'>$i</option>";
-                }
-            }
-            ?>
-        </select>
 
         <ul id="search-groups-list" class="nav-list">
             <script>
                 $(document).ready(function(){
-                    searchGroups(<?= $group_n ?>, <?= $group_perpage ?>);
+                    searchGroups();
                 });
             </script>
         </ul>

website/views/searchPageNumber.php

@@ -0,0 +1,36 @@
+<?php
+if ($option == "user") {
+    echo "<select class=\"user-pageselect\"
+    name=\"user-pageselect\"
+    id='user-pagenumber'
+    form=\"search-form\"
+    onchange=\"pageNumber(); searchUsers();\">";
+
+    for ($i=1; $i <= ceil($user_count / $user_perpage); $i++) {
+        if ($user_currentpage == $i) {
+            echo "<option value='$i' selected>$i</option>";
+        } else {
+            echo "<option value='$i'>$i</option>";
+        }
+    }
+
+    echo "</select>";
+} else {
+    echo "<select class=\"group-pageselect\"
+    name=\"group-pageselect\"
+    id='group-pagenumber'
+    form=\"search-form\"
+    onchange=\"pageNumber(); searchGroups();\">";
+
+    for ($i=1; $i <= ceil($group_count / $group_perpage); $i++) {
+        if ($group_currentpage == $i) {
+            echo "<option value='$i' selected>$i</option>";
+        } else {
+            echo "<option value='$i'>$i</option>";
+        }
+    }
+
+    echo "</select>";
+}
+
+?>

website/views/settings-view.php

@@ -75,6 +75,9 @@ $settings = getSettings();
                             <?=$year?>
                         </option>
                         <?php endfor; ?>
+                        <option value="680" <?=(680 == $currentbday->format("Y")) ? "selected" : ""?>>
+                            680
+                        </option>
                     </select>
                 </li>
                 <li>
@@ -99,7 +102,8 @@ $settings = getSettings();
                               rows="5"
                               title="bio"
                               id="bio"
-                    ><?=$settings["bio"]?></textarea>
+                              maxlength="1000"
+                    ><?=$settings["bio"]?></textarea><span></span>
                 </li>
                 <li>
                     <label></label>