2017-02-01 12:29:09 +01:00
25 changed files with 145 additions and 64 deletions
--- a/website/public/API/loadFriendRequest.php
+++ b/website/public/API/loadFriendRequest.php
@@ -4,5 +4,12 @@ session_start();
 require_once ("../../queries/connect.php");
 require_once ("../../queries/friendship.php");
 require_once ("../../queries/user.php");
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'frozen' &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
    echo selectAllFriendRequests();
 } else {
    echo "[]";
 }
--- a/website/public/API/loadFriends.php
+++ b/website/public/API/loadFriends.php
@@ -6,6 +6,7 @@ require_once ("../../queries/connect.php");
 require_once ("../../queries/checkInput.php");
 require_once ("../../queries/friendship.php");
 if (isset($_SESSION["userID"])) {
    if (isset($_POST["limit"])) {
        echo selectLimitedFriends($_SESSION["userID"], (int)test_input($_POST["limit"]));
    } else if (isset($_GET["limit"])) {
@@ -13,4 +14,7 @@ if (isset($_POST["limit"])) {
    } else {
        echo selectFriends($_SESSION["userID"]);
    }
 } else {
    echo "[]";
 }
--- a/website/public/API/postComment.php
+++ b/website/public/API/postComment.php
@@ -2,10 +2,15 @@
 session_start();
-require("../../queries/post.php");
+require_once("../../queries/post.php");
 require_once("../../queries/connect.php");
-require("../../queries/checkInput.php");
+require_once("../../queries/checkInput.php");
-print_r($_POST);
+require_once("../../queries/user.php");
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'frozen' &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
    if ($_POST['button'] == 'reaction') {
        if (empty($_POST['newcomment-content'])) {
            echo 0;
@@ -27,3 +32,6 @@ if ($_POST['button'] == 'reaction') {
    } else {
        echo 0;
    }
 } else {
    echo "frozen";
 }
--- a/website/public/API/sendMessage.php
+++ b/website/public/API/sendMessage.php
@@ -4,9 +4,14 @@ session_start();
 require_once("../../queries/connect.php");
 require_once("../../queries/private_message.php");
 require_once("../../queries/checkInput.php");
 require_once("../../queries/user.php");
 if (isset($_SESSION["userID"]) &&
    getRoleByID($_SESSION["userID"]) != 'frozen' &&
    getRoleByID($_SESSION["userID"]) != 'banned') {
    if (!empty(test_input($_POST["destination"])) &&
-    !empty(test_input($_POST["content"]))) {
+        !empty(test_input($_POST["content"]))
    ) {
        if (sendMessage(test_input($_POST["destination"]), test_input($_POST["content"]))) {
            echo 1;
        } else {
@@ -15,3 +20,6 @@ if (!empty(test_input($_POST["destination"])) &&
    } else {
        echo 0;
    }
 } else {
    echo "frozen";
 }
--- a/website/public/admin.php
+++ b/website/public/admin.php
@@ -19,9 +19,9 @@
 include_once ("../queries/user.php");
 // auth
-$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
+$role = getRoleByID($_SESSION['userID']);
-if ($userinfo['role'] != 'admin' AND $userinfo['role'] != 'owner') {
+if ($role != 'admin' AND $role != 'owner') {
    header("location:profile.php");
 }
--- a/website/public/bits/friend-item.php
+++ b/website/public/bits/friend-item.php
@@ -33,7 +33,7 @@ foreach($friends as $i => $friend) {
                    }
                    ?>'>
                <div class='friend'>
-                    <img alt='PF' class='profile-picture' src='<?= $friend->profilepicture ?>'/>
+                    <img alt='PF' class='profile-picture <?= $friend->onlinestatus ?>' src='<?= $friend->profilepicture ?>'/>
                    <div class='friend-name'>
                        <?= $friend->fullname ?><br/>
                        <span style='color: #666'><?php
--- a/website/public/group.php
+++ b/website/public/group.php
@@ -11,7 +11,7 @@
 <body>
 <?php
-include("../queries/group_page.php");
+include_once("../queries/group_page.php");
 $group = selectGroupByName($_GET["groupname"]);
 $members = selectGroupMembers(2);
--- a/website/public/js/chat.js
+++ b/website/public/js/chat.js
@@ -33,7 +33,11 @@ function sendMessage() {
    $.post(
        "API/sendMessage.php",
        $("#sendMessageForm").serialize()
-    );
+    ).done(function(response) {
        if (response == "frozen") {
            alert("Je account is bevroren, dus je kan niet chat berichten versturen. Contacteer een admin als je denkt dat dit onjuist is.");
        }
    });
    $("#newContent").val("");
    loadMessages();
--- a/website/public/js/main.js
+++ b/website/public/js/main.js
@@ -3,7 +3,7 @@ var months = ["januari", "februari", "maart", "april", "mei", "juni", "juli", "a
 function fancyText(text) {
    // Add links, images, gifs and (youtube) video's.
-    var regex = /(https?:\/\/.[^ ]*)/ig;
+    var regex = /(https?:\/\/.[^ <>"]*)/ig;
    text = text.replace(regex, function(link) {
        // Add images
        if (link.match(/(https?:\/\/.[^ ]*\.(?:png|jpg|jpeg|gif))/ig)) {
@@ -94,3 +94,13 @@ function showGroups(groups, list) {
        return false;
    }
 }
 $(document).ready(function() {
    $("body").delegate("textarea[maxlength]", "keydown", function() {
        if ($(this).val().length / .9 >= $(this).attr("maxlength")) {
            $(this).next().text($(this).val().length + "/" + $(this).attr("maxlength"));
        } else {
            $(this).next().text("");
        }
    });
 });
--- a/website/public/js/masonry.js
+++ b/website/public/js/masonry.js
@@ -19,7 +19,7 @@ function requestPost(postID) {
        var scrollBarWidth = window.innerWidth - document.body.offsetWidth;
        scrollbarMargin(scrollBarWidth, 'hidden');
        $('#modal-response').show();
-        $('#modal-response').html(data);
+        $('#modal-response').html(fancyText(data));
    });
 }
@@ -78,7 +78,7 @@ function masonry(mode) {
     * Initialise columns.
     */
    var columns = new Array(columnCount);
-    var $columns = new Array(columnCount);
+
    for (i = 0; i < columnCount; i++) {
        $column = $("<div class=\"column\">");
        $column.width(100/columnCount + "%");
@@ -96,7 +96,7 @@ function masonry(mode) {
        }
        $form.append($("<input class=\"newpost\" name=\"title\" placeholder=\"Titel\" type=\"text\">"));
-        $form.append($("<textarea class=\"newpost\" name=\"content\" placeholder=\"Schrijf een berichtje...\">"));
+        $form.append($("<textarea class=\"newpost\" name=\"content\" placeholder=\"Schrijf een berichtje...\" maxlength='1000'></textarea><span></span>"));
        $form.append($("<input value=\"Plaats!\" type=\"submit\">"));
        columns[0][1].append($postInput);
@@ -130,7 +130,7 @@ function masonry(mode) {
               $.each(posts, function() {
                   $post = $("<div class=\"post platform\" onclick=\"requestPost(\'"+this['postID']+"\')\">");
                   $post.append($("<h2>").html(this["title"]));
-                   $post.append($("<p>").html(this["content"]));
+                   $post.append($("<p>").html(fancyText(this["content"])));
                   $post.append($("<p class=\"subscript\">").text(this["nicetime"]));
                   $post.append($("<p class=\"subscript\">").text("comments: " + this["comments"] + ", niet slechts: " + this["niet_slechts"]));
--- a/website/public/js/post.js
+++ b/website/public/js/post.js
@@ -4,8 +4,10 @@ function postComment(buttonValue) {
    $.post(
        "API/postComment.php",
        formData
-    ).done(function(data) {
+    ).done(function (response) {
-        console.log(data);
+        if (response == "frozen") {
            alert("Je account is bevroren, dus je kan geen comments plaatsen of \"niet slechten\". Contacteer een admin als je denkt dat dit onjuist is.");
        }
    });
    $("#newcomment").val("");
@@ -15,6 +17,6 @@ function postComment(buttonValue) {
        "API/loadPost.php",
        $("#newcommentform").serialize()
    ).done(function (data) {
-        $('#modal-response').html(data);
+        $('#modal-response').html(fancyText(data));
    });
 }
--- a/website/public/profile.php
+++ b/website/public/profile.php
@@ -13,10 +13,10 @@
 </head>
 <body>
 <?php
-include("../queries/user.php");
+include_once("../queries/user.php");
-include("../queries/friendship.php");
+include_once("../queries/friendship.php");
-include("../queries/nicetime.php");
+include_once("../queries/nicetime.php");
-include("../queries/post.php");
+include_once("../queries/post.php");
 if(empty($_GET["username"])) {
    $userID = $_SESSION["userID"];
--- a/website/public/styles/adminpanel.css
+++ b/website/public/styles/adminpanel.css
@@ -4,7 +4,7 @@
 .admin-panel input[type="radio"], input[type="checkbox"] {
    vertical-align: middle;
-    height: auto;
+    height: 28px;
    margin: 2px;
 }
@@ -34,7 +34,6 @@
    width: 100%;
 }
 .usertable .table-checkbox {width: 20px}
 .usertable .table-username {width: 150px}
 .usertable .table-status {width: 100px}
 .usertable .table-action {width: 200px}
--- a/website/public/styles/header.css
+++ b/website/public/styles/header.css
@@ -49,7 +49,7 @@ header div {
 }
 #open-notifications {
-    padding: 5px 20px 5px 0px;
+    padding: 20px 20px 20px 0px;
 }
@media only screen and (max-width: 1080px) {
--- a/website/public/styles/main.css
+++ b/website/public/styles/main.css
@@ -92,6 +92,14 @@ p {
    border-radius: 50%;
 }
 .online {
    border: #4CAF50 solid 3px;
 }
 .offline {
    border: #666666 solid 3px;
 }
 .group-picture {
    border-radius: 5px;
 }
@@ -299,8 +307,16 @@ div[data-title]:hover:after {
    body {
        font-size: 28px!important;
    }
-    button {
+    button, input, select {
        font-size: 28px;
        height: 42px;
    }
    textarea {
        font-size: 28px;
    }
    input[type="checkbox"], input[type="radio"] {
        width: 28px;
        height: 28px;
    }
 }
--- a/website/public/styles/profile.css
+++ b/website/public/styles/profile.css
@@ -45,7 +45,7 @@
 .main-picture {
    position: relative;
-    border: #4CAF50 solid 5px;
+    border-width: 5px;
    display: inline-block;
    width: 150px;
@@ -120,4 +120,8 @@ div.posts .post form textarea.newpost {
    .post-box {
        width: calc(100% - 65px);
    }
    .modal {
        left: 0!important;
        width: 100%!important;
    }
 }
--- a/website/queries/friendship.php
+++ b/website/queries/friendship.php
@@ -16,6 +16,10 @@ function selectLimitedFriends($userID, $limit) {
                `profilepicture`,
                '../img/avatar-standard.png'
            ) AS profilepicture,
            CASE `lastactivity` >= DATE_SUB(NOW(),INTERVAL 15 MINUTE)
              WHEN TRUE THEN 'online'
              WHEN FALSE THEN 'offline'
            END AS `onlinestatus`,
            `role`
        FROM
            `user`
@@ -29,10 +33,7 @@ function selectLimitedFriends($userID, $limit) {
            `user`.`role` != 'banned' AND
            `friendship`.`status` = 'confirmed'
        ORDER BY
-            CASE
+            `user`.`lastactivity`
            WHEN `friendship`.`user2ID` = `user`.`userID` THEN `friendship`.`chatLastVisted1`
            WHEN `friendship`.`user1ID` = `user`.`userID` THEN `friendship`.`chatLastVisted2`
            END
            DESC
        LIMIT :limitCount
    ");
--- a/website/queries/private_message.php
+++ b/website/queries/private_message.php
@@ -16,6 +16,8 @@ function getOldChatMessages($user2ID) {
            `destination` = :user1
        ORDER BY
            `creationdate` ASC
        LIMIT
          100
        ");
        $stmt->bindParam(":user1", $user1ID);
--- a/website/queries/user.php
+++ b/website/queries/user.php
@@ -2,6 +2,19 @@
 require_once ("connect.php");
 function updateLastActivity() {
    $stmt = prepareQuery("
      UPDATE
        `user`
      SET
        `lastactivity` = NOW()
      WHERE
        `userID` = :userID
    ");
    $stmt->bindParam(":userID", $_SESSION["userID"]);
    return $stmt->execute();
 }
 function getUserID($username) {
    $stmt = prepareQuery("
        SELECT
@@ -363,5 +376,5 @@ function getRoleByID($userID) {
    $stmt->bindParam(':userID', $userID);
    $stmt->execute();
-    return $stmt;
+    return $stmt->fetch()["role"];
 }
--- a/website/views/head.php
+++ b/website/views/head.php
@@ -19,9 +19,12 @@
 require_once ("../queries/checkInput.php");
 require_once ("../queries/connect.php");
 require_once ("../queries/user.php");
 session_start();
 if(!isset($_SESSION["userID"])){
    header("location:login.php");
 } else {
    updateLastActivity();
 }
--- a/website/views/header.php
+++ b/website/views/header.php
@@ -25,8 +25,7 @@ $userinfo = getHeaderInfo();
            </div>
            <?=$userinfo["fname"]?>
        </div>
-        <img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/>
+        <img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/><i id="open-notifications" class="fa fa-bars"></i>
        <i id="open-notifications" class="fa fa-bars"></i>
    </div>
 </header>
 <?php include("notification-center.php"); ?>
--- a/website/views/notification-center.php
+++ b/website/views/notification-center.php
@@ -7,9 +7,9 @@
        include_once ("../queries/user.php");
        // auth
-        $userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
+        $role = getRoleByID($_SESSION['userID']);
-        if ($userinfo['role'] == 'admin' OR $userinfo['role'] == 'owner') {
+        if ($role == 'admin' OR $role == 'owner') {
            echo "<a href=\"admin.php\" data-title=\"Admin\"><i class=\"fa fa-lock\"></i></a>";
            echo "<style>@import url('styles/adminbutton.css'); </style>";
        }
--- a/website/views/post-view.php
+++ b/website/views/post-view.php
@@ -24,7 +24,7 @@ echo("
    <div class="commentfield">
        <form id="newcommentform" onsubmit="return false;">
            <input type="hidden" id="newcomment-textarea" name="postID" value="<?= $postID ?>">
-            <textarea id="newcomment" name="newcomment-content" placeholder="Laat een reactie achter..."></textarea> <br>
+            <textarea id="newcomment" name="newcomment-content" placeholder="Laat een reactie achter..." maxlength="1000"></textarea><span></span> <br>
            <button onclick="postComment('reaction')" name="button" value="reaction">Reageer!</button>
            <button onclick="postComment('nietslecht')" name="button" value="nietslecht" class="nietslecht">
            <?php
--- a/website/views/profile.php
+++ b/website/views/profile.php
@@ -1,6 +1,6 @@
 <div class="content">
    <div class="user-box">
-        <img class="profile-picture main-picture" src="<?= $user["profilepicture"] ?>"><br />
+        <img class="profile-picture main-picture <?= $user["onlinestatus"] ?>" src="<?= $user["profilepicture"] ?>"><br />
        <div class="platform">
            <div class="status-buttons-container">
                <button disabled class="gray">
--- a/website/views/settings-view.php
+++ b/website/views/settings-view.php
@@ -99,7 +99,8 @@ $settings = getSettings();
                              rows="5"
                              title="bio"
                              id="bio"
-                    ><?=$settings["bio"]?></textarea>
+                              maxlength="1000"
                    ><?=$settings["bio"]?></textarea><span></span>
                </li>
                <li>
                    <label></label>