MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Lars #210

Merged
11291680 merged 15 commits from lars into master 2017-02-03 11:21:14 +01:00
Conversation 2 Commits 15 Files Changed 16 +776 -570
52 changed files with 776 additions and 570 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 0f202088a1 - Show all commits

6
website/public/API/deletePost.php
View File

@@ -3,9 +3,9 @@ session_start();
require_once "../../queries/post.php";
require_once "../../queries/user.php";
if (isset($_SESSION["userID"]) and
getRoleByID($_SESSION["userID"]) != 'frozen' and
if (!isset($_SESSION["userID"])) {
echo "logged out";
} else if (getRoleByID($_SESSION["userID"]) != 'frozen' and
getRoleByID($_SESSION["userID"]) != 'banned') {
if (empty($_POST["postID"]) or empty($_SESSION["userID"])) {

6
website/public/API/postComment.php
View File

@@ -7,9 +7,9 @@ require_once("../../queries/connect.php");
require_once("../../queries/checkInput.php");
require_once("../../queries/user.php");
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'frozen' &&
if (!isset($_SESSION["userID"])) {
echo "logged out";
} else if (getRoleByID($_SESSION["userID"]) != 'frozen' &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if ($_POST['button'] == 'reaction') {
if (empty($_POST['newcomment-content'])) {

5
website/public/API/postPost.php
View File

@@ -8,8 +8,9 @@ require_once("../../queries/connect.php");
require_once("../../queries/checkInput.php");
require_once("../../queries/user.php");
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'frozen' &&
if (!isset($_SESSION["userID"])) {
echo "logged out";
} else if (getRoleByID($_SESSION["userID"]) != 'frozen' &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if (empty($_SESSION["userID"])) {

5
website/public/API/sendMessage.php
View File

@@ -7,8 +7,9 @@ require_once("../../queries/checkInput.php");
require_once("../../queries/user.php");
// Check if the user is allowed to send a message.
if (isset($_SESSION["userID"]) &&
getRoleByID($_SESSION["userID"]) != 'frozen' &&
if (!isset($_SESSION["userID"])) {
echo "logged out";
} else if (getRoleByID($_SESSION["userID"]) != 'frozen' &&
getRoleByID($_SESSION["userID"]) != 'banned') {
if (!empty(test_input($_POST["destination"])) &&
!empty(test_input($_POST["content"]))

8
website/public/bits/niet-slecht.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
if (isset($_GET["groupname"])) {
$url = "https://myhyvesbookplus.nl/~lars/group.php?groupname=" . $_GET["groupname"];
} else {
$url = "https://myhyvesbookplus.nl/";
}
?>
<a href="<?= $url ?>" target='_blank'><img style="width: 100%; height: auto;" src="../external/nietslecht_button.png" alt='\"Niet slecht\" ons op MyHyvesbook+' /></a>

7
website/public/bits/niet_slecht.php
View File

@@ -1,7 +0,0 @@
<?php
/**
* Created by PhpStorm.
* User: polo
* Date: 2-2-17
* Time: 14:02
*/

36
website/public/createGroup.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
require_once "../queries/createGroup.php";
require_once "../queries/connect.php";
require_once "../queries/alerts.php"?>
<!DOCTYPE html>
<html>
<head>
<?php include("../views/head.php"); ?>
<style>
@import url("styles/settings.css");
</style>
</head>
<body>
<?php
/*
* This view adds the main layout over the screen.
* Header and menu.
*/
include("../views/main.php");
if ($_SERVER["REQUEST_METHOD"] == "POST") {
try {
createGroup();
} catch (AlertMessage $e) {
}
$groupname = $_POST["groupName"];
header("location: group.php?groupname=$groupname");
}
/* Add your view files here. */
include("../views/createGroup.php");
/* This adds the footer. */
include("../views/footer.php");
?>
</body>
</html>

71
website/public/fb-callback.php
View File

@@ -1,71 +0,0 @@
<?php
$fb = new Facebook\Facebook([
'app_id' => $appID, // Replace {app-id} with your app id
'app_secret' => $appSecret,
'default_graph_version' => 'v2.2',
]);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (! isset($accessToken)) {
if ($helper->getError()) {
header('HTTP/1.0 401 Unauthorized');
echo "Error: " . $helper->getError() . "\n";
echo "Error Code: " . $helper->getErrorCode() . "\n";
echo "Error Reason: " . $helper->getErrorReason() . "\n";
echo "Error Description: " . $helper->getErrorDescription() . "\n";
} else {
header('HTTP/1.0 400 Bad Request');
echo 'Bad request';
}
exit;
}
// Logged in
echo '<h3>Access Token</h3>';
var_dump($accessToken->getValue());
// The OAuth 2.0 client handler helps us manage access tokens
$oAuth2Client = $fb->getOAuth2Client();
// Get the access token metadata from /debug_token
$tokenMetadata = $oAuth2Client->debugToken($accessToken);
echo '<h3>Metadata</h3>';
var_dump($tokenMetadata);
// Validation (these will throw FacebookSDKException's when they fail)
$tokenMetadata->validateAppId($appID); // Replace {app-id} with your app id
// If you know the user ID this access token belongs to, you can validate it here
//$tokenMetadata->validateUserId('123');
$tokenMetadata->validateExpiration();
if (! $accessToken->isLongLived()) {
// Exchanges a short-lived access token for a long-lived one
try {
$accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
} catch (Facebook\Exceptions\FacebookSDKException $e) {
echo "<p>Error getting long-lived access token: " . $helper->getMessage() . "</p>\n\n";
exit;
}
echo '<h3>Long-lived</h3>';
var_dump($accessToken->getValue());
}
$_SESSION['fb_access_token'] = (string) $accessToken;
// User is logged in with a long-lived access token.
// You can redirect them to a members-only page.
//header('Location: https://example.com/members.php');

9
website/public/group.php
View File

@@ -13,9 +13,16 @@
include_once("../queries/group_page.php");
$group = selectGroupByName($_GET["groupname"]);
if(!$group = selectGroupByName($_GET["groupname"])) {
header("HTTP/1.0 404 Not Found");
header("Location: error/404.php");
die();
}
$members = selectGroupMembers($group["groupID"]);
/*
* This view adds the main layout over the screen.
* Header, menu, footer.

61
website/public/groupAdmin.php Normal file
View File

@@ -0,0 +1,61 @@
<?php
require_once "../queries/picture.php";
require_once "../queries/groupAdmin.php";
require_once "../queries/alerts.php";
?>
<!DOCTYPE html>
<html>
<head>
<?php include("../views/head.php"); ?>
<style>
/*Insert own stylesheet here ;)*/
@import url("styles/settings.css");
</style>
</head>
<body>
<?php
/*
* This view adds the main layout over the screen.
* Header and menu.
*/
include("../views/main.php");
$alertClass;
$alertMessage;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
try {
switch ($_POST["form"]) {
case "group":
updateGroupSettings($_POST["groupID"]);
break;
case "picture":
if (checkGroupAdmin($_POST["groupID"], $_SESSION["userID"])) {
updateAvatar($_POST["groupID"]);
}
break;
case "mod":
if (!array_key_exists("userID", $_POST)) {
throw new AngryAlert("Geen gebruiker geselecteerd.");
}
upgradeUser($_POST["groupID"], $_POST["userID"], "mod");
break;
case "admin":
if (!array_key_exists("userID", $_POST)) {
throw new AngryAlert("Geen gebruiker geselecteerd.");
}
upgradeUser($_POST["groupID"], $_POST["userID"], "admin");
break;
}
} catch (AlertMessage $w) {
$alertClass = $w->getClass();
$alertMessage = $w->getMessage();
}
}
/* Add your view files here. */
include("../views/groupAdmin.php");
/* This adds the footer. */
include("../views/footer.php");
?>
</body>
</html>

2
website/public/js/chat.js
View File

@@ -43,6 +43,8 @@ function sendMessage() {
).done(function(response) {
if (response == "frozen") {
alert("Je account is bevroren, dus je kan niet chat berichten versturen. Contacteer een admin als je denkt dat dit onjuist is.");
} else if (response == "logged out") {
window.location.href = "login.php?url=" + window.location.pathname;
}
// Load messages if the message has been send, so it shows in the chat.
loadMessages();

123
website/public/js/dobPicker.js
View File

@@ -1,123 +0,0 @@
/**
* jQuery DOB Picker
* Website: https://github.com/tyea/dobpicker
* Version: 1.0
* Author: Tom Yeadon
* License: BSD 3-Clause
*/
jQuery.extend({
dobPicker: function(params) {
// set the defaults
if (typeof(params.dayDefault)==='undefined') params.dayDefault = 'Day';
if (typeof(params.monthDefault)==='undefined') params.monthDefault = 'Month';
if (typeof(params.yearDefault)==='undefined') params.yearDefault = 'Year';
if (typeof(params.minimumAge)==='undefined') params.minimumAge = 12;
if (typeof(params.maximumAge)==='undefined') params.maximumAge = 80;
// set the default messages
$(params.daySelector).append('<option value="">' + params.dayDefault + '</option>');
$(params.monthSelector).append('<option value="">' + params.monthDefault + '</option>');
$(params.yearSelector).append('<option value="">' + params.yearDefault + '</option>');
// populate the day select
for (i = 1; i <= 31; i++) {
if (i <= 9) {
var val = '0' + i;
} else {
var val = i;
}
$(params.daySelector).append('<option value="' + val + '">' + i + '</option>');
}
// populate the month select
var months = [
"January",
"February",
"March",
"April",
"May",
"June",
"July",
"August",
"September",
"October",
"November",
"December"
];
for (i = 1; i <= 12; i++) {
if (i <= 9) {
var val = '0' + i;
} else {
var val = i;
}
$(params.monthSelector).append('<option value="' + val + '">' + months[i - 1] + '</option>');
}
// populate the year select
var date = new Date();
var year = date.getFullYear();
var start = year - params.minimumAge;
var count = start - params.maximumAge;
for (i = start; i >= count; i--) {
$(params.yearSelector).append('<option value="' + i + '">' + i + '</option>');
}
// do the logic for the day select
$(params.daySelector).change(function() {
$(params.monthSelector)[0].selectedIndex = 0;
$(params.yearSelector)[0].selectedIndex = 0;
$(params.yearSelector + ' option').removeAttr('disabled');
if ($(params.daySelector).val() >= 1 && $(params.daySelector).val() <= 29) {
$(params.monthSelector + ' option').removeAttr('disabled');
} else if ($(params.daySelector).val() == 30) {
$(params.monthSelector + ' option').removeAttr('disabled');
$(params.monthSelector + ' option[value="02"]').attr('disabled', 'disabled');
} else if($(params.daySelector).val() == 31) {
$(params.monthSelector + ' option').removeAttr('disabled');
$(params.monthSelector + ' option[value="02"]').attr('disabled', 'disabled');
$(params.monthSelector + ' option[value="04"]').attr('disabled', 'disabled');
$(params.monthSelector + ' option[value="06"]').attr('disabled', 'disabled');
$(params.monthSelector + ' option[value="09"]').attr('disabled', 'disabled');
$(params.monthSelector + ' option[value="11"]').attr('disabled', 'disabled');
}
});
// do the logic for the month select
$(params.monthSelector).change(function() {
$(params.yearSelector)[0].selectedIndex = 0;
$(params.yearSelector + ' option').removeAttr('disabled');
if ($(params.daySelector).val() == 29 && $(params.monthSelector).val() == '02') {
$(params.yearSelector + ' option').each(function(index) {
if (index !== 0) {
var year = $(this).attr('value');
var leap = !((year % 4) || (!(year % 100) && (year % 400)));
if (leap === false) {
$(this).attr('disabled', 'disabled');
}
}
});
}
});
}
});

1
website/public/js/dobPicker.min.js vendored
View File

@@ -1 +0,0 @@
jQuery.extend({dobPicker:function(a){for("undefined"==typeof a.dayDefault&&(a.dayDefault="Day"),"undefined"==typeof a.monthDefault&&(a.monthDefault="Month"),"undefined"==typeof a.yearDefault&&(a.yearDefault="Year"),"undefined"==typeof a.minimumAge&&(a.minimumAge=12),"undefined"==typeof a.maximumAge&&(a.maximumAge=80),$(a.daySelector).append('<option value="">'+a.dayDefault+"</option>"),$(a.monthSelector).append('<option value="">'+a.monthDefault+"</option>"),$(a.yearSelector).append('<option value="">'+a.yearDefault+"</option>"),i=1;i<=31;i++){if(i<=9)var b="0"+i;else var b=i;$(a.daySelector).append('<option value="'+b+'">'+i+"</option>")}var c=["January","February","March","April","May","June","July","August","September","October","November","December"];for(i=1;i<=12;i++){if(i<=9)var b="0"+i;else var b=i;$(a.monthSelector).append('<option value="'+b+'">'+c[i-1]+"</option>")}var d=new Date,e=d.getFullYear(),f=e-a.minimumAge,g=f-a.maximumAge;for(i=f;i>=g;i--)$(a.yearSelector).append('<option value="'+i+'">'+i+"</option>");$(a.daySelector).change(function(){$(a.monthSelector)[0].selectedIndex=0,$(a.yearSelector)[0].selectedIndex=0,$(a.yearSelector+" option").removeAttr("disabled"),$(a.daySelector).val()>=1&&$(a.daySelector).val()<=29?$(a.monthSelector+" option").removeAttr("disabled"):30==$(a.daySelector).val()?($(a.monthSelector+" option").removeAttr("disabled"),$(a.monthSelector+' option[value="02"]').attr("disabled","disabled")):31==$(a.daySelector).val()&&($(a.monthSelector+" option").removeAttr("disabled"),$(a.monthSelector+' option[value="02"]').attr("disabled","disabled"),$(a.monthSelector+' option[value="04"]').attr("disabled","disabled"),$(a.monthSelector+' option[value="06"]').attr("disabled","disabled"),$(a.monthSelector+' option[value="09"]').attr("disabled","disabled"),$(a.monthSelector+' option[value="11"]').attr("disabled","disabled"))}),$(a.monthSelector).change(function(){$(a.yearSelector)[0].selectedIndex=0,$(a.yearSelector+" option").removeAttr("disabled"),29==$(a.daySelector).val()&&"02"==$(a.monthSelector).val()&&$(a.yearSelector+" option").each(function(a){if(0!==a){var b=$(this).attr("value"),c=!(b%4||!(b%100)&&b%400);c===!1&&$(this).attr("disabled","disabled")}})})}});

28
website/public/js/friendButtons.js
View File

@@ -19,24 +19,24 @@ function placeFriendButtons() {
case "0":
value1 = "request";
class1 = "green";
text1 = "Bevriend";
icon1 = "fa-handshake-o";
text1 = "Word vrienden";
icon1 = "fa-user-plus";
break;
case "1":
value1 = userID;
class1 = "green";
text1 = "Chat";
icon1 = "fa-comment-o";
icon1 = "fa-comment";
value2 = "delete";
class2 = "red";
text2 = "Verwijder";
icon2 = "fa-times";
text2 = "Ontvriend";
icon2 = "fa-user-times";
break;
case "2":
value1 = "delete";
class1 = "red";
text1 = "Trek verzoek in";
icon1 = "fa-cross";
icon1 = "fa-times";
break;
case "3":
value1 = "accept";
@@ -51,16 +51,18 @@ function placeFriendButtons() {
}
$buttonContainer.append(
"<button class='"+ class1 +" friend-button' value='"+ value1 +"'>" +
"<i class='fa "+ icon1 +"'></i> " + text1 +
"</button>");
"<div><button class='"+ class1 +" fancy-button friend-button' value='"+ value1 +"'>" +
"<span>"+ text1 +"</span>" +
"<i class='fa fa-fw "+ icon1 +"'></i> " +
"</button></div>");
$buttonContainer.append(
"<button class='"+ class2 +" friend-button' value='"+ value2 +"'>" +
"<i class='fa "+ icon2 +"'></i> " + text2 +
"</button>");
"<div><button class='"+ class2 +" fancy-button friend-button' value='"+ value2 +"'>" +
"<span>"+ text2 +"</span>" +
"<i class='fa fa-fw "+ icon2 +"'></i> " +
"</button></div>");
$buttonContainer.children().click(function() {
$buttonContainer.find("button").click(function() {
if (isNaN(this.value))
editFriendship(userID, this.value);
else if (this.value != "")

22
website/public/js/groupButtons.js
View File

@@ -5,22 +5,31 @@ function placeGroupButtons() {
if (data == 'none') {
$buttonContainer.append(
"<button class='green group-button' value='request'>" +
"<i class='fa fa-plus'></i> Voeg toe" +
"<button class='green group-button fancy-button' value='request'>" +
"<span>Treed toe</span><i class='fa fa-plus'></i>" +
"</button>");
} else if (data == 'request') {
$buttonContainer.append(
"<button class='red group-button' value='none'>" +
"<i class='fa fa-times'></i> Trek verzoek in" +
"<button class='red group-button fancy-button' value='none'>" +
"<span>Trek verzoek in</span><i class='fa fa-times'></i>" +
"</button>");
} else if (data == 'admin') {
$buttonContainer.append(
"<button class='group-button fancy-button' value='admin'>" +
"<span>Instellingen</span><i class='fa fa-cogs'></i>" +
"</button>"
);
} else {
$buttonContainer.append(
"<button class='red group-button' value='none'>" +
"<i class='fa fa-times'></i> Verlaat groep" +
"<button class='red group-button fancy-button' value='none'>" +
"<span>Verlaat groep</span><i class='fa fa-sign-out'></i>" +
"</button>");
}
$buttonContainer.children().click(function() {
if (this.value == 'admin') {
window.location.href='groupAdmin.php?groupID=' + groupID;
} else {
$.post("API/editMembership.php", {grp: groupID, role: this.value})
.done(function () {
$buttonContainer.children().remove();
@@ -28,6 +37,7 @@ function placeGroupButtons() {
updateMenus();
}).fail(function () {
});
}
});
});

68
website/public/js/loginRegisterModals.js Normal file
View File

@@ -0,0 +1,68 @@
// Get the modal
var modal = document.getElementById('myModal');
var registerModal = document.getElementById('registerModal');
var facebookModal = document.getElementById("fbModal");
// Get the button that opens the modal
var registerBtn = document.getElementById("registerBtn");
var btn = document.getElementById("myBtn");
// Get the <span> element that closes the modal
var span = document.getElementsByClassName("close")[0];
var registerSpan = document.getElementsByClassName("close")[1];
var facebookCLose = document.getElementsByClassName("close")[2];
/**
* When the user clicks the button, open the modal
*/
btn.onclick = function () {
modal.style.display = "block";
}
registerBtn.onclick = function () {
registerModal.style.display = "block";
}
/**
* WHen the user clicks on (X), close the modal
*/
span.onclick = function () {
modal.style.display = "none";
}
registerSpan.onclick = function () {
registerModal.style.display = "none";
}
facebookCLose.onclick = function () {
facebookModal.style.display = "none";
}
/**
* When the user clicks anywhere outside of the modal, close it
*/
window.onclick = function (event) {
if (event.target == modal) {
modal.style.display = "none";
}
if (event.target == registerModal) {
registerModal.style.display = "none";
}
if (event.target == facebookModal) {
facebookModal.style.display = "none";
}
}
/**
* When ESC is pressed, close modal
*/
document.addEventListener('keyup', function(e) {
if (e.keyCode == 27) {
modal.style.display = "none";
registerModal.style.display = "none";
}
});
/**
* Created by joey on 2-2-17.
*/

5
website/public/js/main.js
View File

@@ -3,8 +3,7 @@ var months = ["januari", "februari", "maart", "april", "mei", "juni", "juli", "a
function fancyText(text) {
// Add links, images, gifs and (youtube) video's.
var regex = /(https?:\/\/.[^ <>"]*)/ig;
text = text.replace(regex, function(link) {
text = text.replace(/(https?:\/\/.[^ \n<>"]*)/ig, function(link) {
// Add images
if (link.match(/(https?:\/\/.[^ ]*\.(?:png|jpg|jpeg|gif))/ig)) {
return "<img alt='" + link + "' src='" + link + "' />";
@@ -39,7 +38,7 @@ function fancyText(text) {
}
// This function gets the value of a cookie when given a key.
// If didn´t find any compatible cookie, it returns false.
// If it didn´t find any compatible cookie, it returns false.
function getCookie(key) {
cookies = document.cookie.split("; ");
for (var i in cookies) {

10
website/public/js/masonry.js
View File

@@ -26,7 +26,7 @@ function requestPost(postID) {
function postPost() {
title = $("input.newpost[name='title']").val();
content = $("textarea.newpost[name='content']").val();
console.log(masonryMode);
if (masonryMode == 2) {
$.post("API/postPost.php", { title: title,
content : content,
@@ -36,6 +36,10 @@ function postPost() {
$('#alertbox').show();
$('#alerttext').html("Geen titel of inhoud; vul a.u.b. in.");
window.scrollTo(0,0);
} else if (data == "logged out") {
window.location.href = "login.php?url=" + window.location.pathname;
} else if (data == "frozen") {
alert("Je account is bevroren, dus je kan geen posts plaatsen. Contacteer een admin als je denkt dat dit onjuist is.");
} else {
$('#alertbox').hide();
masonry(masonryMode);
@@ -49,6 +53,10 @@ function postPost() {
$('#alertbox').show();
$('#alerttext').html("Geen titel of inhoud; vul a.u.b. in.");
window.scrollTo(0,0);
} else if (data == "logged out") {
window.location.href = "login.php?url=" + window.location.pathname;
} else if (data == "frozen") {
alert("Je account is bevroren, dus je kan geen posts plaatsen. Contacteer een admin als je denkt dat dit onjuist is.");
} else {
$('#alertbox').hide();
masonry(masonryMode);

4
website/public/js/post.js
View File

@@ -8,6 +8,8 @@ function postComment(buttonValue) {
).done(function (response) {
if (response == "frozen") {
alert("Je account is bevroren, dus je kan geen comments plaatsen of \"niet slechten\". Contacteer een admin als je denkt dat dit onjuist is.");
} else if (response == "logged out") {
window.location.href = "login.php?url=" + window.location.pathname;
}
});
@@ -30,6 +32,8 @@ function deletePost(postID) {
).done(function (response) {
if (response == "frozen") {
alert("Je account is bevroren, dus je kan geen posts verwijderen. Contacteer een admin als je denkt dat dit onjuist is.");
} else if (response == "logged out") {
window.location.href = "login.php?url=" + window.location.pathname;
}
});
closeModal();

8
website/public/login.php
View File

@@ -13,18 +13,12 @@
?>
<body>
<?php
session_start();
// Checks if there's an user already logged in
if(isset($_SESSION["userID"])){
echo "<script>
window.onload=checkLoggedIn();
</script>";
}
include("../views/homeLoginRegister.php");
/* This view adds login view */
include("../views/login-view.php");
?>
<script src="js/loginRegisterModals.js"></script>;
</body>
</html>

14
website/public/profile.php
View File

@@ -21,19 +21,19 @@ include_once("../queries/calcAge.php");
if(empty($_GET["username"])) {
$userID = $_SESSION["userID"];
$showProfile = True;
} else {
$userID = getUserID($_GET["username"]);
$showProfile = False;
}
$user = selectUser($_SESSION["userID"], $userID);
if(!$user = selectUser($_SESSION["userID"], $userID)) {
header("HTTP/1.0 404 Not Found");
header("Location: error/404.php");
die();
}
$profile_friends = selectAllFriends($userID);
$profile_groups = selectAllUserGroups($userID);
$showProfile = $showProfile || $user["showProfile"] || ($user["status"] == 'confirmed');
echo " friendship status: " . $user["status"];
echo " showprofile: $showProfile";
echo " userID: " . $user["userID"];
$showProfile = $user["showProfile"] || ($user["status"] == 'confirmed') || $_SESSION["userID"] == $userID;
if ($userID == $_SESSION["userID"]) {

116
website/public/register(stash).php
View File

@@ -1,116 +0,0 @@
<!DOCTYPE html>
<html>
<?php
include("../views/login_head.php");
require_once("../queries/connect.php");
include_once("../queries/register.php");
include_once("../queries/checkInput.php");
include_once("../queries/emailconfirm.php");
?>
<body>
<?php
session_start();
if(isset($_SESSION["userID"])){
header("location: login.php");
}
// define variables and set to empty values
$name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $confirmEmail = $captcha = $ip = "";
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $confirmEmailErr = $captchaErr = "";
$correct = true;
$day_date = "dag";
$month_date = "maand";
$year_date = "jaar";
// Trying to register an account
if ($_SERVER["REQUEST_METHOD"] == "POST") {
try {
$name = test_input(($_POST["name"]));
checkInputChoice($name, "lettersAndSpaces");
} catch(lettersAndSpacesException $e){
$correct = false;
$nameErr = $e->getMessage();
}
try {
$surname = test_input(($_POST["surname"]));
checkInputChoice($surname, "lettersAndSpaces");
}
catch(lettersAndSpacesException $e){
$correct = false;
$surnameErr = $e->getMessage();
}
try{
$day_date = test_input(($_POST["day_date"]));
$month_date = test_input(($_POST["month_date"]));
$year_date = test_input(($_POST["year_date"]));
$bday = $year_date . "-" . $month_date . "-" . $day_date;
checkInputChoice($bday, "bday");
} catch(bdayException $e){
$correct = false;
$bdayErr = $e->getMessage();
}
try{
$username = str_replace(' ', '', test_input(($_POST["username"])));
checkInputChoice($username, "username");
} catch(usernameException $e){
$correct = false;
$usernameErr = $e->getMessage();
}
try{
$password = str_replace(' ', '', test_input(($_POST["password"])));
checkInputChoice($password, "longerEight");
matchPassword();
} catch(passwordException $e){
$correct = false;
$passwordErr = $e->getMessage();
} catch(confirmPasswordException $e){
$correct = false;
$confirmPasswordErr = $e->getMessage();
}
try{
$location = test_input(($_POST["location"]));
checkInputChoice($location, "lettersAndSpaces");
} catch(lettersAndSpacesException $e){
$correct = false;
$locationErr = $e->getMessage();
}
try{
$email = test_input(($_POST["email"]));
checkInputChoice($email, "email");
$confirmEmail = test_input(($_POST["confirmEmail"]));
matchEmail();
} catch(emailException $e){
$correct = false;
$emailErr = $e->getMessage();
} catch(confirmEmailException $e){
$correct = false;
$confirmEmailErr = $e->getMessage();
}
try{
$captcha = $_POST['g-recaptcha-response'];
checkCaptcha($captcha);
} catch(captchaException $e){
$correct = false;
$captchaErr = $e->getMessage();
}
try {
getIp();
registerCheck($correct);
sendConfirmEmailUsername($username);
} catch(registerException $e){
$genericErr = $e->getMessage();
}
}
/* This view adds register view */
include("../views/register-view.php");
?>
</body>
</html>

6
website/public/styles/index.css
View File

@@ -198,12 +198,6 @@ ul {
animation-duration: 0.4s
}
/* Add Animation */
@-webkit-keyframes animatetop {
from {top:-300px; opacity:0}
to {top:0; opacity:1}
}
@keyframes animatetop {
from {top:-300px; opacity:0}
to {top:0; opacity:1}

2
website/public/styles/main.css
View File

@@ -256,8 +256,6 @@ div[data-title]:hover:after {
top: 150%;
z-index: 200;
white-space: nowrap;
-moz-border-radius: 3px;
-webkit-border-radius: 3px;
border-radius: 3px;
box-shadow: 0 14px 28px rgba(0,0,0,0.25), 0 10px 10px rgba(0,0,0,0.22);
background-color: #333;

18
website/public/styles/post-popup.css
View File

@@ -48,6 +48,10 @@
width: 90%;
}
.post-content a {
text-decoration: underline;
}
.commentfield {
margin-bottom: 20px;
}
@@ -87,17 +91,5 @@
.deleteButton {
background-color: firebrick;
}
.deleteButton i {
display: inline-block;
}
.deleteButton:hover span {
display: inline-block;
}
.deleteButton span {
display: none;
float: right;
}

31
website/public/styles/profile.css
View File

@@ -27,14 +27,22 @@
display: inline-block;
}
.friend-button-container div, .status-buttons-container div {
width: 200px;
display: inline-block;
}
.friend-button-container button, .status-buttons-container button, .group-button-container button {
display: block;
float: right;
margin: 7px 0;
width: 200px;
font-size: 18px;
}
.status-buttons-container button {
float: left;
}
.group-button-container button {
float: right;
@@ -71,9 +79,24 @@
.group-picture {
border: none;
margin-right: 15px;
}
.fancy-button span {
display: none;
}
.fancy-button:hover {
text-align: right;
}
.fancy-button i {
display: inline-block;
}
.fancy-button:hover span {
display: inline-block;
margin-right: 5px;
}
/* Old */
@@ -98,6 +121,10 @@ div.posts div.post {
word-wrap: break-word;
}
div.posts div.post a {
text-decoration: underline;
}
div.posts div.post:hover {
box-shadow: 0 10px 20px rgba(0,0,0,0.19), 0 6px 6px rgba(0,0,0,0.23);
}

6
website/queries/checkInput.php
View File

@@ -68,7 +68,7 @@ function validateBday($variable){
}
}
// Checks for date
/* Checks for date */
function validateDate($date, $format)
{
$d = DateTime::createFromFormat($format, $date);
@@ -124,7 +124,7 @@ function validateEmail($variable){
throw new emailException("Mag maximaal 50 karakters!");
}
}
//255
/* checks if an input is a valid email. */
function validateFBEmail($variable){
if (empty($variable)) {
@@ -138,6 +138,7 @@ function validateFBEmail($variable){
}
}
/* checks if email is the same */
function matchEmail(){
if (strtolower($_POST["email"]) != strtolower($_POST["confirmEmail"])){
throw new confirmEmailException("Emails matchen niet!");
@@ -153,7 +154,6 @@ function resetEmail($variable){
}
}
/* checks if two passwords matches. */
function matchPassword(){
if ($_POST["password"] != $_POST["confirmpassword"]) {

37
website/queries/createGroup.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
require_once "../queries/checkInput.php";
require_once "../queries/picture.php";
require_once "../queries/alerts.php";
function createGroup()
{
$createGroup = prepareQuery("
INSERT INTO
`group_page` (`name`, `description`)
VALUES (:name, :description);
");
$createGroup->bindValue(':name', test_input($_POST["groupName"]), PDO::PARAM_STR);
$createGroup->bindValue(':description', test_input($_POST["bio"]));
$createGroup->execute();
$getGroupID = prepareQuery("
SELECT
`groupID`
FROM
`group_page`
WHERE
`name` LIKE :name");
$getGroupID->bindValue(':name', test_input($_POST["groupName"]), PDO::PARAM_STR);
$getGroupID->execute();
$groupID = $getGroupID->fetch()["groupID"];
$makeUserAdmin = prepareQuery("
INSERT INTO
`group_member` (userID, groupID, role)
VALUES (:userID, :groupID, 'admin')
");
$makeUserAdmin->bindValue(":userID", $_SESSION["userID"]);
$makeUserAdmin->bindValue("groupID", $groupID);
$makeUserAdmin->execute();
updateAvatar($groupID);
}

109
website/queries/groupAdmin.php Normal file
View File

@@ -0,0 +1,109 @@
<?php
function getGroupSettings(int $groupID) {
$stmt = prepareQuery("
SELECT
`name`,
`picture`,
`description`
FROM
`group_page`
WHERE
`groupID` = :groupID
");
$stmt->bindParam(":groupID", $groupID);
$stmt->execute();
return $stmt->fetch();
}
function updateGroupSettings(int $groupID)
{
if (!checkGroupAdmin($groupID, $_SESSION["userID"])) {
throw new AngryAlert("Je hebt geen rechten in deze groep");
}
$stmt = prepareQuery("
UPDATE
`group_page`
SET
`name` = :name,
`description` = :bio
WHERE
`groupID` = :groupID
");
$stmt->bindValue(":bio", test_input($_POST["bio"]));
$stmt->bindValue(":name", test_input($_POST["name"]));
$stmt->bindValue(":groupID", test_input($_POST["groupID"]));
$stmt->execute();
if ($stmt->rowCount()) {
throw new HappyAlert("Groep aangepast!");
} else {
throw new AngryAlert("Er is iets mis gegaan");
}
}
function checkGroupAdmin(int $groupID, int $userID) : bool {
$stmt = prepareQuery("
SELECT
`role`
FROM
`group_member`
WHERE
`groupID` = :groupID AND
`userID` = :userID
");
$stmt->bindValue(":userID", $userID);
$stmt->bindValue(":groupID", $groupID);
$stmt->execute();
if (!$stmt->rowCount()) {
return false;
}
$role = $stmt->fetch()["role"];
return ($role == "admin");
}
function getAllGroupMembers(int $groupID) {
$stmt = prepareQuery("
SELECT
`username`,
`user`.`userID`,
CONCAT(`fname`, ' ', `lname`) AS `fullname`,
`group_member`.`role`
FROM
`group_member`
LEFT JOIN
`user`
ON
`group_member`.`userID` = `user`.`userID`
WHERE
`groupID` = :groupID AND `group_member`.`role` = 'member'
");
$stmt->bindParam(':groupID', $groupID);
if (!$stmt->execute()) {
return False;
}
return $stmt->fetchAll();
}
function upgradeUser(int $groupID, int $userID, string $role) {
if (!checkGroupAdmin($groupID, $_SESSION["userID"])) {
throw new AngryAlert("Geen toestemming om te wijzigen");
}
$stmt = prepareQuery("
UPDATE
`group_member`
SET
`role` = :role
WHERE
`userID` = :userID AND `groupID` = :groupID
");
$stmt->bindValue(":groupID", $groupID);
$stmt->bindValue(":userID", $userID);
$stmt->bindValue(":role", $role);
$stmt->execute();
if ($stmt->rowCount()) {
throw new HappyAlert("Permissie aangepast!");
} else {
throw new AngryAlert("Er is iets mis gegaan");
}
}

7
website/queries/group_page.php
View File

@@ -33,7 +33,12 @@ function selectGroupByName($name) {
if (!$stmt->execute()) {
return False;
}
return $stmt->fetch();
$row = $stmt->fetch();
if($row["groupID"] == null) {
return False;
}
return $row;
}
function selectGroupRole(int $groupID) {

22
website/queries/login.php
View File

@@ -1,5 +1,6 @@
<?php
//Find matching password with the inputted username/emailadress.
function getUser() {
$stmt = prepareQuery("
SELECT
@@ -33,7 +34,8 @@ function getUserID() {
return $stmt->fetch(PDO::FETCH_ASSOC);
}
function validateLogin($username, $password){
function validateLogin($username, $password, $url){
echo $url;
// Empty username or password field
if (empty($username) || empty($password)) {
throw new loginException("Inloggegevens zijn niet ingevuld");
@@ -44,26 +46,42 @@ function validateLogin($username, $password){
$userID = getUser()["userID"];
$role = getUser()["role"];
// If there's an account, go to the profile page
// If there's an account, check if the account is banned, frozen or unconfirmed.
if(password_verify($psw, $hash)) {
if ($role == "banned"){
echo "<script>
window.onload=bannedAlert();
</script>";
} else if ($role == "frozen") {
$_SESSION["userID"] = $userID;
if (!isset($url) or $url = "") {
echo "<script>
window.onload=frozenAlert();
window.location.href= 'profile.php';
</script>";
} else {
echo "<script>
window.onload=frozenAlert();
window.location.href= $url;
</script>";
}
} else if ($role == "unconfirmed"){
sendConfirmEmail(getUser()["userID"]);
echo "<script>
window.onload=emailNotConfirmed();
</script>";
} else {
$_SESSION["userID"] = $userID;
if(!isset($url) or $url == "") {
header("location: profile.php");
echo "succes";
} else{
header("location: ".$url);
}
}
} else {
throw new loginException("Inloggevens zijn niet correct");

15
website/queries/picture.php
View File

@@ -6,7 +6,10 @@
* @throws AngryAlert
* @throws HappyAlert
*/
function updateAvatar(bool $group = false) {
function updateAvatar(int $group = 0) {
if (!array_key_exists("pp", $_FILES)) {
throw new AngryAlert("Geen afbeelding meegegeven!");
}
$publicDir = "/var/www/html/public/";
$tmpImg = $_FILES["pp"]["tmp_name"];
$avatarDir = $group ? "uploads/groupavatar/" : "uploads/profilepictures/";
@@ -16,17 +19,17 @@ function updateAvatar(bool $group = false) {
if ($_FILES["pp"]["size"] > 4000000) {
throw new AngryAlert("Bestand is te groot, maximaal 4MB toegestaan.");
}
$relativePath = $avatarDir . $_SESSION["userID"] . "_avatar.gif";
$group ? removeOldGroupAvatar($_POST["groupID"]) : removeOldUserAvatar();
$relativePath = $group ? $avatarDir . $group . "_avatar.gif" : $avatarDir . $_SESSION["userID"] . "_avatar.gif";
$group ? removeOldGroupAvatar($group) : removeOldUserAvatar();
move_uploaded_file($tmpImg, $publicDir . $relativePath);
} else {
$relativePath = $avatarDir . $_SESSION["userID"] . "_avatar.png";
$relativePath = $group ? $avatarDir . $group . "_avatar.png": $avatarDir . $_SESSION["userID"] . "_avatar.png";
$scaledImg = scaleAvatar($tmpImg);
$group ? removeOldGroupAvatar($_POST["groupID"]) : removeOldUserAvatar();
$group ? removeOldGroupAvatar($group) : removeOldUserAvatar();
imagepng($scaledImg, $publicDir . $relativePath);
}
$group ? setGroupAvatarToDatabase("../" . $relativePath, $_POST["groupID"]) : setUserAvatarToDatabase("../" . $relativePath);
$group ? setGroupAvatarToDatabase("../" . $relativePath, $group) : setUserAvatarToDatabase("../" . $relativePath);
throw new HappyAlert("Profielfoto veranderd.");
}

11
website/queries/private_message.php
View File

@@ -7,6 +7,9 @@ function getOldChatMessages($user2ID) {
$stmt = prepareQuery("
SELECT
*
FROM
(SELECT
*
FROM
`private_message`
WHERE
@@ -15,9 +18,11 @@ function getOldChatMessages($user2ID) {
`origin` = :user2 AND
`destination` = :user1
ORDER BY
`creationdate` ASC
`messageID` DESC
LIMIT
100
100) sub
ORDER BY
`messageID` ASC
");
$stmt->bindParam(":user1", $user1ID);
@@ -76,7 +81,7 @@ function getNewChatMessages($lastID, $destination) {
`destination` = :user1) AND
`messageID` > :lastID
ORDER BY
`creationdate` ASC
`messageID` ASC
");
$stmt->bindParam(':user1', $_SESSION["userID"]);

15
website/queries/settings.php
View File

@@ -148,6 +148,10 @@ function doChangePassword() {
}
}
/**
* Changes the users email if it is valid.
* @throws AngryAlert
*/
function changeEmail() {
if (test_input($_POST["email"]) == test_input($_POST["email-confirm"])) {
@@ -164,6 +168,11 @@ function changeEmail() {
}
}
/**
* Checks if an emailadres is available in the database.
* @param $email
* @throws AngryAlert
*/
function emailIsAvailableInDatabase($email) {
$stmt = prepareQuery("
SELECT
@@ -181,6 +190,12 @@ function emailIsAvailableInDatabase($email) {
}
}
/**
* Does the actual changing of an email-adress.
* @param $email
* @throws AngryAlert
* @throws HappyAlert
*/
function doChangeEmail($email) {
$stmt = prepareQuery("
UPDATE

6
website/queries/user.php
View File

@@ -101,7 +101,9 @@ function selectUser($me, $other) {
$stmt->bindParam(':me', $me, PDO::PARAM_INT);
$stmt->bindParam(':other', $other, PDO::PARAM_INT);
$stmt->execute();
if(!$stmt->execute() || $stmt->rowCount() == 0) {
return False;
}
return $stmt->fetch();
}
@@ -120,7 +122,7 @@ function selectAllUserGroups($userID) {
`group_page`.`groupID` = `group_member`.`groupID`
WHERE
`userID` = :userID AND
`role` = 'member'
`role` IN ('member', 'mod', 'admin')
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);

42
website/views/createGroup.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
?>
<div class="content">
<div class="createGroup">
<form class="platform settings" method="post" action="createGroup.php" enctype="multipart/form-data">
<h5>Maak een groep!</h5>
<ul>
<li>
<label for="groupName">Groepsnaam</label>
<input type="text"
name="groupName"
id="groupName"
maxlength="63"
placeholder="Groepsnaam"
>
</li>
<li>
<label for="bio">Bio</label>
<textarea name="bio"
rows="5"
title="bio"
id="bio"
maxlength="1000"
></textarea>
</li>
<li>
<label>Selecteer foto</label>
<input type="file"
name="pp"
accept="image/*"
size="4000000"
>
</li>
<li>
<label></label>
<button type="submit">Maak Groep</button>
</li>
</ul>
</form>
</div>
</div>

8
website/views/facebookRegisterModal.php
View File

@@ -1,7 +1,6 @@
<!-- The Modal -->
<div id="fbModal" class="modal">
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return= $correct
method="post"
name="fbModal">
@@ -66,17 +65,16 @@
</div>
<?php } ?>
</div>
*<span class="error"> <?php echo $fbEmailErr;?></span>
<span class="error"> <?php echo $fbEmailErr;?></span>
<div class="modal-footer">
<button type="submit"
value="fbRegister"
name="submit"
id="frm1_submit">
name="submit">
Registreer account
</button>
</div>
</div>
<!-- Facebook information-->
<input type="hidden"
name="fbName"
value="<?php echo $fbName ?>">

0
website/public/fbRegister.php → website/views/fbRegister.php
View File

4
website/views/forgotPasswordModal.php
View File

@@ -4,7 +4,6 @@
<!-- The Modal -->
<div id="myModal" class="modal">
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return= $correct
method="post"
name="forgotPassword">
@@ -26,8 +25,7 @@
<div class="login_containerfault"><span><?php echo $resetErr; ?></span></div>
<button type="submit"
value="reset"
name="submit"
id="frm1_submit">
name="submit">
Reset password
</button>
</div>

2
website/views/group.php
View File

@@ -1,6 +1,6 @@
<div class="content">
<div class="user-box">
<img class="group-picture main-picture" src="<?= $group["picture"] ?>"><br />
<img alt="<?= $group["name"] ?>" class="group-picture main-picture" src="<?= $group["picture"] ?>"><br />
<div class="platform">
<div class="status-buttons-container">
<button disabled class="gray"><?= $group["status"] ?></button>

126
website/views/groupAdmin.php Normal file
View File

@@ -0,0 +1,126 @@
<?php
require_once "../queries/connect.php";
require_once "../queries/groupAdmin.php";
require_once "../queries/checkInput.php";
$groupinfo = getGroupSettings($_GET["groupID"]);
?>
<div class="content">
<div class="settings">
<?php if ($_SERVER["REQUEST_METHOD"] == "POST"): ?>
<div class='platform settings-message <?=$alertClass?>'>
<?=$alertMessage?>
</div>
<?php endif; ?>
<div class="platform">
<ul>
<li>
<label></label>
<a href="group.php?groupname=<?=$groupinfo["name"]?>">
<button class="fa fa-chevron-left"> Terug naar de groep</button>
</a>
</li>
</ul>
</div>
<form class="platform" method="post">
<h5>Groep Instellingen</h5>
<input type="hidden" name="groupID" value="<?=$_GET["groupID"]?>">
<ul>
<li>
<label for="name">Groepsnaam</label>
<input type="text"
name="name"
id="name"
maxlength="63"
placeholder="Groepsnaam"
title="Groepsnaam"
value="<?=$groupinfo["name"]?>"
>
</li>
<li>
<label for="bio">Bio</label>
<textarea name="bio"
rows="5"
title="bio"
id="bio"
maxlength="1000"
><?=$groupinfo["description"]?></textarea>
<label></label>
</li>
<li>
<label></label>
<button type="submit"
name="form"
value="group"
class="fa fa-save"
> Opslaan</button>
</li>
</ul>
</form>
<form class="platform" method="post" enctype="multipart/form-data">
<h5>Verander groepsafbeelding.</h5>
<input type="hidden" name="groupID" value="<?=$_GET["groupID"]?>">
<ul>
<li>
<label>Huidige profielfoto</label>
<img src="<?=$groupinfo["picture"]?>"
class="group-picture"
>
</li>
<li>
<label>Selecteer foto</label>
<input type="file"
name="pp"
accept="image/*"
size="4000000"
required
>
</li>
<li>
<label></label>
<button type="submit"
name="form"
value="picture"
class="fa fa-picture-o"
> Verander profielfoto</button>
</li>
</ul>
</form>
<form class="platform" method="post">
<h5>Voeg een admin/mod toe</h5>
<ul>
<il>
<input name="groupID" value="<?=$_GET["groupID"]?>" type="hidden">
<label>Selecteer gebruiker</label>
<select name="userID">
<option disabled selected>Geen gebruiker geselecteerd:</option>
<?php
$groupMembers = getAllGroupMembers($_GET["groupID"]);
foreach ($groupMembers as $groupMember) {?>
<option value="<?=$groupMember["userID"]?>">
<?=$groupMember["fullname"]?> (<?=$groupMember["username"]?>)
</option>
<?php } ?>
</select>
<button name="form"
value="admin"
>
Maak Admin
</button>
<button name="form"
value="mod"
>
Maak Moderator
</button>
</il>
</ul>
</form>
<div class="platform">
<ul>
<li>
<label></label>
<a href="group.php?groupname=<?=$groupinfo["name"]?>"><button class="fa fa-chevron-left"> Terug naar de groep</button></a>
</li>
</ul>
</div>
</div>
</div>

4
website/views/head.php
View File

@@ -1,5 +1,5 @@
<meta charset="UTF-8">
<meta name="description" content="MyHyvesbook+ is het sociaal media voor alle coole mensen.">
<meta name="description" content="MyHyvesbook+ is het sociaal medium voor alle coole mensen. Stap nu over van facebook op het gloednieuwe en betere sociaal medium.">
<meta name="keywords" content="MyHyvesbookPlus,Myhyvesbook+,sociaal,media">
<meta name="author" content="MyHyvesbookplus corporation">
<title>MyHyvesbook+</title>
@@ -27,7 +27,7 @@ require_once ("../queries/user.php");
session_start();
if(!isset($_SESSION["userID"])) {
header("location:login.php");
header("location:login.php?url=" . "$_SERVER[REQUEST_URI]");
} else {
updateLastActivity();
}

2
website/views/header.php
View File

@@ -25,7 +25,7 @@ $userinfo = getHeaderInfo();
</div>
<?= $userinfo["fname"] ?>
</div>
<img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/><i id="open-notifications" class="fa fa-bars"></i>
<img alt="<?= $userinfo["lname"] ?>" id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/><i id="open-notifications" class="fa fa-bars"></i>
</div>
</header>
<?php include("notification-center.php"); ?>

31
website/views/homeLoginRegister.php
View File

@@ -1,18 +1,26 @@
<?php
session_start();
// Checks if there's an user already logged in
if(isset($_SESSION["userID"])){
echo "<script>
window.onload=checkLoggedIn();
</script>";
}
// Facebook variables
$appID = "353857824997532";
$appSecret = "db47e91ffbfd355fdd11b4b65eade851";
$fbUsername = $fbPassword = $fbConfirmpassword = "";
$fbUsername = $fbPassword = $fbConfirmpassword = $fbName = $fbSurname = $fbBday = $fbEmail = $fbUserID = "";
$fbUsernameErr = $fbPasswordErr = $fbConfirmpasswordErr = $fbEmailErr = $fbBdayErr = "";
$fbCorrect = true;
$fbName = $fbSurname = $fbBday = $fbEmail = $fbUserID = "";
// Register variables
$name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $confirmEmail = $captcha = $ip = "";
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $confirmEmailErr = $captchaErr = "";
$correct = true;
// Bday dates
$day_date = $month_date = $year_date = "";
$fbDay_date = $fbMonth_date = $fbYear_date = "";
@@ -21,12 +29,13 @@ $user = $psw = $remember ="";
$loginErr = $resetErr = $fbRegisterErr ="";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$url = $_POST["url"];
// Checks for which button is pressed
switch ($_POST["submit"]) {
case "login":
try {
$user = ($_POST["user"]);
validateLogin($_POST["user"], $_POST["psw"]);
validateLogin($_POST["user"], $_POST["psw"], $url);
} catch(loginException $e) {
$loginErr = $e->getMessage();
}
@@ -45,18 +54,22 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
}
break;
case "register":
include("register.php");
include("../views/register.php");
break;
case "fbRegister":
include("fbRegister.php");
include("../views/fbRegister.php");
break;
}
}
// Get facebook information with facebook PHP SDK.
$fb = new Facebook\Facebook([
'app_id' => $appID,
'app_secret' => $appSecret,
'default_graph_version' => 'v2.2',
]);
// Redirect back to login.php after logging/canceling with facebook.
$redirect = "https://myhyvesbookplus.nl/login.php";
$helper = $fb->getRedirectLoginHelper();
@@ -71,6 +84,7 @@ try {
exit;
}
// If theres no facebook account logged in, ask for permission.
if(!isset($acces_token)){
$permission=["email", "user_birthday"];
$loginurl=$helper->getLoginUrl($redirect,$permission);
@@ -79,13 +93,14 @@ if(!isset($acces_token)){
$response = $fb->get('/me?fields=email,name,birthday');
$usernode = $response->getGraphUser();
// Get facebook information
$nameSplit = explode(" ", $usernode->getName());
$fbName = $nameSplit[0];
$fbSurname = $nameSplit[1];
$fbUserID = $usernode->getID();
$fbEmail = $usernode->getProperty("email");
// $image = 'https://graph.facebook.com/' . $usernode->getId() . '/picture?width=200';
// If there is an account, check if the account is banned or frozen.
if (fbLogin($fbUserID) == 1) {
$fbID = getfbUserID($fbUserID)["userID"];
$fbRole = getfbUserID($fbUserID)["role"];
@@ -93,16 +108,20 @@ if(!isset($acces_token)){
echo "<script>
window.onload=bannedAlert();
</script>";
} else if($fbRole == "frozen"){
$_SESSION["userID"] = $fbID;
echo "<script>
window.onload=frozenAlert();
window.location.href= 'profile.php';
</script>";
} else {
$_SESSION["userID"] = $fbID;
header("location: profile.php");
}
// Registration with faceobook if theres no account.
} else {
echo "<script>
window.onload = function() {

83
website/views/login-view.php
View File

@@ -13,10 +13,17 @@
<h1>Welkom bij MyHyvesbook+</h1>
<!-- Login content -->
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return=$correct
method="post"
name="login">
<!-- Url parameter -->
<input type="hidden"
name="url"
value="<?php
if(isset($_GET["url"])) {
echo $_GET["url"];
} ?>"/>
<!-- Login name -->
<div class="login_containerlogin">
<label><b>Gebruikersnaam/Email</b></label>
@@ -47,8 +54,7 @@
<div class="login_containerlogin">
<button type="submit"
value="login"
name="submit"
id="frm1_submit">
name="submit">
Inloggen
</button>
</div>
@@ -69,74 +75,7 @@
<?php
if(!isset($acces_token)) {
echo '<div class="login_containerlogin"><a class="fbButton" href="' . $loginurl . '"><i class="fa fa-facebook-square"></i> login met Facebook!</a></div>';
} else {
echo '<div class="login_containerlogin"><a class="fbButton" href="' . "https://myhyvesbookplus.nl/login.php" . '"><i class="fa fa-facebook-square"></i> loguit Facebook sessie</a></div>';
}
?>
<script>
// Get the modal
var modal = document.getElementById('myModal');
var registerModal = document.getElementById('registerModal');
var facebookModal = document.getElementById("fbModal");
// Get the button that opens the modal
var registerBtn = document.getElementById("registerBtn");
var btn = document.getElementById("myBtn");
// Get the <span> element that closes the modal
var span = document.getElementsByClassName("close")[0];
var registerSpan = document.getElementsByClassName("close")[1];
var facebookCLose = document.getElementsByClassName("close")[2];
/**
* When the user clicks the button, open the modal
*/
btn.onclick = function () {
modal.style.display = "block";
}
registerBtn.onclick = function () {
registerModal.style.display = "block";
}
/**
* WHen the user clicks on (X), close the modal
*/
span.onclick = function () {
modal.style.display = "none";
}
registerSpan.onclick = function () {
registerModal.style.display = "none";
}
facebookCLose.onclick = function () {
facebookModal.style.display = "none";
}
/**
* When the user clicks anywhere outside of the modal, close it
*/
window.onclick = function (event) {
if (event.target == modal) {
modal.style.display = "none";
}
if (event.target == registerModal) {
registerModal.style.display = "none";
}
if (event.target == facebookModal) {
facebookModal.style.display = "none";
}
}
/**
* When ESC is pressed, close modal
*/
document.addEventListener('keyup', function(e) {
if (e.keyCode == 27) {
modal.style.display = "none";
registerModal.style.display = "none";
}
});
</script>

2
website/views/login_head.php
View File

@@ -1,6 +1,6 @@
<head>
<meta charset="UTF-8">
<meta name="description" content="MyHyvesbook+ is het sociaal media voor alle coole mensen.">
<meta name="description" content="MyHyvesbook+ is het sociaal medium voor alle coole mensen. Stap nu over van facebook op het gloednieuwe en betere sociaal medium.">
<meta name="keywords" content="MyHyvesbookPlus,Myhyvesbook+,sociaal,media">
<meta name="author" content="MyHyvesbookplus corporation">
<title>MyHyvesbook+</title>

4
website/views/menu.php
View File

@@ -12,9 +12,11 @@
</h4>
<ul id="menu-groups-list" class="nav-list">
</ul>
</section>
<section>
<ul class="nav-list">
<li>
<a href="#">
<a href="createGroup.php">
Maak een groep aan
</a>
</li>

17
website/views/post-view.php
View File

@@ -5,14 +5,6 @@ $fullname = $post['fname'] . " " . $post['lname'] . " (" . $post['username'] . "
?>
<div class='post-header header'>
<h4><?=$post['title']?></h4>
<?php if (checkPermissionOnPost($postID, $_SESSION["userID"])) {?>
<button class="deleteButton"
onclick="deletePost('<?=$postID?>')"
type="submit">
<i class="fa fa-trash"></i>
<span>Verwijder post</span>
</button><br />
<?php } ?>
<span class='postinfo'>
gepost door <?=$fullname?>,
<span class='posttime' title='<?=$post['creationdate']?>'>
@@ -20,7 +12,14 @@ $fullname = $post['fname'] . " " . $post['lname'] . " (" . $post['username'] . "
</span>
</span>
</div>
<?php if (checkPermissionOnPost($postID, $_SESSION["userID"])) {?>
<button class="deleteButton fancy-button"
onclick="deletePost('<?=$postID?>')"
type="submit">
<span>Verwijder post</span>
<i class="fa fa-trash"></i>
</button><br />
<?php } ?>
<div class='post-content'>
<p><?=$post['content']?></p>
</div>

14
website/views/profile.php
View File

@@ -4,13 +4,19 @@
</div>
<div class="user-box">
<img class="profile-picture main-picture <?= $user["onlinestatus"] ?>" src="<?= $user["profilepicture"] ?>"><br />
<img alt="<?= $user["fname"] ?>" class="profile-picture main-picture <?= $user["onlinestatus"] ?>" src="<?= $user["profilepicture"] ?>"><br />
<div class="platform">
<div class="status-buttons-container">
<div>
<button disabled class="gray">
<?= $user["onlinestatus"] ?>
</button>
<button disabled class="gray"><?= $user["role"] ?></button>
</div>
<div>
<button disabled class="gray">
<?= $user["role"] ?>
</button>
</div>
</div>
<div class="friend-button-container">
<p>:)</p>
@@ -33,7 +39,6 @@
<?php if($showProfile) { ?>
<div class="item-box platform">
<h3>Informatie</h3>
<p>
<ul>
<?php if ($user["showBday"]) { ?>
<li>Leeftijd: <?= getAge($user["birthdate"]) ?> jaar</li>
@@ -44,7 +49,6 @@
<li>Locatie: <?= $user["location"] ?></li>
<li>Lid sinds: <?= nicetime($user["creationdate"]) ?></li>
</ul>
</p>
</div>
<div class="item-box platform">
@@ -52,7 +56,7 @@
<p>
<?php
while($friend = $profile_friends->fetch()) {
echo "<a href='profile.php?username=${friend["username"]}' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>";
echo "<a href='profile.php?username=${friend["username"]}' data-title='${friend["username"]}'><img class='profile-picture' height='42' width='42' src='${friend["profilepicture"]}' alt='${friend["username"]}' /></a>";
}

0
website/public/register.php → website/views/register.php
View File

13
website/views/registerModal.php
View File

@@ -4,7 +4,6 @@
<!-- The Modal -->
<div id="registerModal" class="modal">
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return= $correct
method="post"
name="forgotPassword">
@@ -15,14 +14,11 @@
<h3>Registreer uw account</h3>
</div>
<div class="modal-body">
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return= $correct
method="post">
<div class="login_containerregister"><label>U krijgt een bevestigingsemail na het registreren</label></div>
<!-- Error message -->
<div class="login_containerfault"><?php echo $genericErr;?></span></div>
<div class="login_containerfault"><span><?php echo $genericErr;?></span></div>
<!-- Register name -->
<div class="login_containerregister">
@@ -82,7 +78,6 @@
placeholder="Voer uw wachtwoord in"
name="password"
value="<?php echo $password ?>"
id="password"
required>
*<span class="error"> <?php echo $passwordErr;?></span>
<ul>
@@ -96,7 +91,6 @@
placeholder="Herhaal wachtwoord"
name="confirmpassword"
value="<?php echo $confirmpassword ?>"
id="confirmpassword"
title="Herhaal wachtwoord"
required>
*<span class="error"> <?php echo $confirmpasswordErr;?></span>
@@ -120,7 +114,6 @@
placeholder="Voer uw email in"
name="email"
value="<?php echo $email ?>"
id="email"
title="Voer een geldige email in"
required>
*<span class="error"> <?php echo $emailErr;?></span>
@@ -133,7 +126,6 @@
placeholder="Herhaal uw email"
name="confirmEmail"
value="<?php echo $confirmEmail ?>"
id="email"
title="Herhaal uw email"
required>
*<span class="error"> <?php echo $confirmEmailErr;?></span>
@@ -152,8 +144,7 @@
<!-- Register button -->
<button type="submit"
value="register"
name="submit"
id="frm1_submit">
name="submit">
Registreer
</button>
</div>

8
website/views/settings-view.php
View File

@@ -45,8 +45,8 @@ $settings = getSettings();
</li>
<li>
<?php $currentbday = new DateTime($settings["birthdate"]); ?>
<label for="bday">Geboortedatum</label>
<select name='day' id="bday">
<label>Geboortedatum</label>
<select name='day'>
<?php for ($day = 1; $day <= 31; $day++): ?>
<option value='<?=$day?>'
<?=($day == $currentbday->format("d")) ? "selected" : ""?>
@@ -55,7 +55,7 @@ $settings = getSettings();
</option>
<?php endfor; ?>
</select>
<select name='month' id="bday">
<select name='month'>
<?php
$months = array ("januari", "februari", "maart", "april", "mei", "juni", "juli", "augustus",
"september", "oktober", "november", "december");
@@ -68,7 +68,7 @@ $settings = getSettings();
</option>
<?php endfor; ?>
</select>
<select name='year' id="bday">
<select name='year'>
<?php
$now = (new DateTime)->format("Y");
for ($year = $now; $year >= 1900; $year--): ?>