MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Added comments to javascript code #215

Merged
11319801 merged 65 commits from kevin-prototype into master 2017-02-03 21:19:51 +01:00
Conversation 2 Commits 65 Files Changed 91 +219 -28
16 changed files with 219 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 4eae09dfc7 - Show all commits

11
website/public/groupAdmin.php
View File

@@ -21,6 +21,8 @@ require_once "../queries/alerts.php";
include("../views/main.php"); include("../views/main.php");
$alertClass; $alertClass;
$alertMessage; $alertMessage;
// Select which button has been pressed.
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
try { try {
switch ($_POST["form"]) { switch ($_POST["form"]) {
@@ -44,6 +46,15 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
} }
upgradeUser($_POST["groupID"], $_POST["userID"], "admin"); upgradeUser($_POST["groupID"], $_POST["userID"], "admin");
break; break;
case "deadmin":
if (!array_key_exists("userID", $_POST)) {
throw new AngryAlert("Geen gebruiker geselecteerd.");
}
upgradeUser($_POST["groupID"], $_POST["userID"], "member");
break;
case "delete":
deleteGroup();
break;
} }
} catch (AlertMessage $w) { } catch (AlertMessage $w) {
$alertClass = $w->getClass(); $alertClass = $w->getClass();

9
website/public/js/admin.js
View File

@@ -24,12 +24,14 @@ $(window).on("load", function () {
}); });
}); });
// Toggles all checkboxes based on one.
function checkAll() { function checkAll() {
$('.checkbox-list').each(function () { $('.checkbox-list').each(function () {
$(this).prop('checked', $('#checkall').prop('checked')); $(this).prop('checked', $('#checkall').prop('checked'));
}); });
} }
// Simple function that checks if checkall should stay checked.
function checkCheckAll() { function checkCheckAll() {
var checked = true; var checked = true;
@@ -43,6 +45,7 @@ function checkCheckAll() {
$('#checkall').prop('checked', checked); $('#checkall').prop('checked', checked);
} }
// Toggle of filter options.
function changeFilter() { function changeFilter() {
if ($('#pagetype').find(":selected").val() == "group") { if ($('#pagetype').find(":selected").val() == "group") {
document.getElementById('admin-filter').style.display = 'none'; document.getElementById('admin-filter').style.display = 'none';
@@ -59,11 +62,13 @@ function changeFilter() {
} }
} }
// Sets the search page to one, relevant when changing filter or search.
function searchFromOne() { function searchFromOne() {
$('#currentpage').prop('value', 1); $('#currentpage').prop('value', 1);
adminSearch(); adminSearch();
} }
// AJAX live search.
function adminSearch() { function adminSearch() {
$.post( $.post(
"API/adminSearchUsers.php", "API/adminSearchUsers.php",
@@ -74,6 +79,7 @@ function adminSearch() {
}) })
} }
// AJAX live update.
function adminUpdate(form) { function adminUpdate(form) {
$.post( $.post(
"API/adminChangeUser.php", "API/adminChangeUser.php",
@@ -83,6 +89,7 @@ function adminUpdate(form) {
}) })
} }
// AJAX pagenumber functionality.
function updatePageN() { function updatePageN() {
$.post( $.post(
"API/adminPageNumber.php", "API/adminPageNumber.php",
@@ -92,11 +99,13 @@ function updatePageN() {
}) })
} }
// Intended for the edit button to show a form.
function toggleBancomment(button) { function toggleBancomment(button) {
$(button).siblings("div").toggle(); $(button).siblings("div").toggle();
$(button).toggle(); $(button).toggle();
} }
// AJAX value editing.
function editComment(form) { function editComment(form) {
$.post( $.post(
"API/adminChangeUser.php", "API/adminChangeUser.php",

15
website/public/js/masonry.js
View File

@@ -91,6 +91,21 @@ $(window).on("load", function() {
loadMorePosts(userID, groupID, postAmount, postLimit); loadMorePosts(userID, groupID, postAmount, postLimit);
} }
}; };
$(document).keyup(function(e) {
if (e.keyCode == 27) {
closeModal();
}
});
$('.modal').click(function() {
closeModal();
});
$('.modal-content').click(function(event){
event.stopPropagation();
});
}); });
function closeModal() { function closeModal() {

3
website/public/settings.php
View File

@@ -14,6 +14,8 @@
<?php <?php
$alertClass; $alertClass;
$alertMessage; $alertMessage;
// Select which button has been pressed.
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
try { try {
switch ($_POST["form"]) { switch ($_POST["form"]) {
@@ -29,7 +31,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
case "picture": case "picture":
updateAvatar(); updateAvatar();
break; break;
} }
} catch (AlertMessage $w) { } catch (AlertMessage $w) {
$alertClass = $w->getClass(); $alertClass = $w->getClass();

11
website/public/styles/adminpanel.css
View File

@@ -36,9 +36,10 @@
width: 100%; width: 100%;
} }
.usertable .table-username {width: 150px} .table-checkbox {width: 20px}
.usertable .table-status {width: 100px} .table-username {width: 150px}
.usertable .table-action {width: 200px} .table-status {width: 100px}
.table-action {width: 200px}
.usertable th, td { .usertable th, td {
border-bottom: 1px solid #ddd; border-bottom: 1px solid #ddd;
@@ -54,6 +55,10 @@
background-color: #f5f5f5; background-color: #f5f5f5;
} }
.bancomment {
width: 80%;
}
.bancommentedit { .bancommentedit {
display: none; display: none;
} }

1
website/queries/checkInput.php
View File

@@ -216,6 +216,7 @@ function test_input($data) {
$data = trim($data); $data = trim($data);
$data = stripslashes($data); $data = stripslashes($data);
$data = htmlspecialchars($data); $data = htmlspecialchars($data);
$data = trim($data);
return $data; return $data;
} }

5
website/queries/connect.php
View File

@@ -10,6 +10,11 @@ else {
or die('Error connecting to mysql server'); or die('Error connecting to mysql server');
} }
/**
* Helperfunction to create a database query.
* @param string $query
* @return PDOStatement
*/
function prepareQuery(string $query) : PDOStatement { function prepareQuery(string $query) : PDOStatement {
return $GLOBALS["db"]->prepare($query); return $GLOBALS["db"]->prepare($query);
} }

4
website/queries/createGroup.php
View File

@@ -2,6 +2,10 @@
require_once "../queries/checkInput.php"; require_once "../queries/checkInput.php";
require_once "../queries/picture.php"; require_once "../queries/picture.php";
require_once "../queries/alerts.php"; require_once "../queries/alerts.php";
/**
* Creates a group.
*/
function createGroup() function createGroup()
{ {
$createGroup = prepareQuery(" $createGroup = prepareQuery("

87
website/queries/groupAdmin.php
View File

@@ -1,4 +1,9 @@
<?php <?php
/**
* Gets the current settings for a group.
* @param int $groupID
* @return mixed
*/
function getGroupSettings(int $groupID) { function getGroupSettings(int $groupID) {
$stmt = prepareQuery(" $stmt = prepareQuery("
SELECT SELECT
@@ -15,6 +20,12 @@ function getGroupSettings(int $groupID) {
return $stmt->fetch(); return $stmt->fetch();
} }
/**
* Updates the settings for a group.
* @param int $groupID
* @throws AngryAlert
* @throws HappyAlert
*/
function updateGroupSettings(int $groupID) function updateGroupSettings(int $groupID)
{ {
if (!checkGroupAdmin($groupID, $_SESSION["userID"])) { if (!checkGroupAdmin($groupID, $_SESSION["userID"])) {
@@ -40,6 +51,12 @@ function updateGroupSettings(int $groupID)
} }
} }
/**
* Checks if an user is an admin for a page.
* @param int $groupID
* @param int $userID
* @return bool
*/
function checkGroupAdmin(int $groupID, int $userID) : bool { function checkGroupAdmin(int $groupID, int $userID) : bool {
$stmt = prepareQuery(" $stmt = prepareQuery("
SELECT SELECT
@@ -60,7 +77,40 @@ function checkGroupAdmin(int $groupID, int $userID) : bool {
return ($role == "admin"); return ($role == "admin");
} }
function getAllGroupMembers(int $groupID) { /**
* Returns all normal members for a group.
* @param int $groupID
* @return array|bool
*/
function getAllGroupUsers(int $groupID) {
return getAllGroupMembers($groupID, 'member');
}
/**
* Returns all admin for a group.
* @param int $groupID
* @return array|bool
*/
function getAllGroupAdmins(int $groupID) {
return getAllGroupMembers($groupID, 'admin');
}
/**
* Returns all Moderators for a group.
* @param int $groupID
* @return array|bool
*/
function getAllGroupMods(int $groupID) {
return getAllGroupMembers($groupID, 'mod');
}
/**
* Returns all members for a group specified by a string.
* @param int $groupID
* @param string $role
* @return array|bool
*/
function getAllGroupMembers(int $groupID, string $role) {
$stmt = prepareQuery(" $stmt = prepareQuery("
SELECT SELECT
`username`, `username`,
@@ -74,16 +124,25 @@ function getAllGroupMembers(int $groupID) {
ON ON
`group_member`.`userID` = `user`.`userID` `group_member`.`userID` = `user`.`userID`
WHERE WHERE
`groupID` = :groupID AND `group_member`.`role` = 'member' `groupID` = :groupID AND `group_member`.`role` = :role
"); ");
$stmt->bindParam(':groupID', $groupID); $stmt->bindParam(':groupID', $groupID);
$stmt->bindParam(":role", $role);
if (!$stmt->execute()) { if (!$stmt->execute()) {
return False; return False;
} }
return $stmt->fetchAll(); return $stmt->fetchAll();
} }
/**
* Upgrades or downgrades a groupmember to a different role.
* @param int $groupID
* @param int $userID
* @param string $role
* @throws AngryAlert
* @throws HappyAlert
*/
function upgradeUser(int $groupID, int $userID, string $role) { function upgradeUser(int $groupID, int $userID, string $role) {
if (!checkGroupAdmin($groupID, $_SESSION["userID"])) { if (!checkGroupAdmin($groupID, $_SESSION["userID"])) {
throw new AngryAlert("Geen toestemming om te wijzigen"); throw new AngryAlert("Geen toestemming om te wijzigen");
@@ -107,3 +166,27 @@ function upgradeUser(int $groupID, int $userID, string $role) {
throw new AngryAlert("Er is iets mis gegaan"); throw new AngryAlert("Er is iets mis gegaan");
} }
} }
/**
* Removes a group form the database.
* @throws AngryAlert
* @throws HappyAlert
*/
function deleteGroup() {
if (!checkGroupAdmin($_POST["groupID"], $_SESSION["userID"])) {
throw new AngryAlert("Geen toestemming om de groep te verwijderen!");
}
$stmt = prepareQuery("
DELETE FROM
`group_page`
WHERE
`groupID` = :groupID
");
$stmt->bindValue(":groupID", $_POST["groupID"]);
$stmt->execute();
if ($stmt->rowCount()) {
throw new HappyAlert("Group verwijderd!");
} else {
throw new AngryAlert("Er is iets mis gegaan");
}
}

3
website/queries/login.php
View File

@@ -35,8 +35,7 @@ function getUserID() {
} }
function validateLogin($username, $password, $url){ function validateLogin($username, $password, $url){
echo $url; // Empty username or password field
// Empty username or password field
if (empty($username) || empty($password)) { if (empty($username) || empty($password)) {
throw new loginException("Inloggegevens zijn niet ingevuld"); throw new loginException("Inloggegevens zijn niet ingevuld");
} }

5
website/queries/settings.php
View File

@@ -16,7 +16,10 @@ function getSettings() {
`location`, `location`,
`birthdate`, `birthdate`,
`bio`, `bio`,
`profilepicture`, IFNULL(
`profilepicture`,
'../img/avatar-standard.png'
) AS profilepicture,
`showBday`, `showBday`,
`showEmail`, `showEmail`,
`showProfile` `showProfile`

2
website/views/adminpanel-grouptable.php
View File

@@ -3,7 +3,7 @@
<th class="table-username">Groepsnaam</th> <th class="table-username">Groepsnaam</th>
<th class="table-status">Status</th> <th class="table-status">Status</th>
<th class="table-comment">Beschrijving</th> <th class="table-comment">Beschrijving</th>
<th class="table-action">Actie</th> <th class="table-action">Zichtbaarheid</th>
</tr> </tr>
<?php <?php

15
website/views/adminpanel.php
View File

@@ -1,5 +1,4 @@
<!-- Form value holding. -->
<!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
<?php <?php
$search = ""; $search = "";
$status = array("user", "frozen", "banned", "unconfirmed", "admin", "owner"); $status = array("user", "frozen", "banned", "unconfirmed", "admin", "owner");
@@ -127,11 +126,11 @@ if (isset($_GET["groupstatus"])) {
if ($userinfo == 'owner') { if ($userinfo == 'owner') {
echo "<button type=\"submit\" echo "<button type=\"submit\"
name=\"batchactions\" name=\"batchactions\"
id=\"admin\" id=\"batch-admin\"
value=\"admin\">Maak Admin</button> value=\"admin\">Maak Admin</button>
<button type=\"submit\" <button type=\"submit\"
name=\"batchactions\" name=\"batchactions\"
id=\"owner\" id=\"batch-owner\"
value=\"owner\">Maak Eigenaar</button>"; value=\"owner\">Maak Eigenaar</button>";
} }
?> ?>
@@ -140,9 +139,9 @@ if (isset($_GET["groupstatus"])) {
onsubmit="adminUpdate(this); return false;"> onsubmit="adminUpdate(this); return false;">
<input type="hidden" name="groupbatchactions" id="groupbatchinput"> <input type="hidden" name="groupbatchactions" id="groupbatchinput">
<button type="submit" name="batchactions" id="hide" value="hidden">Verborgen</button> <button type="submit" name="batchactions" id="batch-hide" value="hidden">Verborgen</button>
<button type="submit" name="batchactions" id="ban" value="public">Publiek</button> <button type="submit" name="batchactions" id="batch-public" value="public">Publiek</button>
<button type="submit" name="batchactions" id="members" value="membersonly">Alleen Leden</button> <button type="submit" name="batchactions" id="batch-members" value="membersonly">Alleen Leden</button>
</form> </form>
</div> </div>
@@ -152,5 +151,3 @@ if (isset($_GET["groupstatus"])) {
</div> </div>
</div> </div>
</div> </div>
</body>
</html>

56
website/views/groupAdmin.php
View File

@@ -16,7 +16,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
<li> <li>
<label></label> <label></label>
<a href="group.php?groupname=<?=$groupinfo["name"]?>"> <a href="group.php?groupname=<?=$groupinfo["name"]?>">
<button class="fa fa-chevron-left"> Terug naar de groep</button> <button><i class="fa fa-chevron-left"></i> Terug naar de groep</button>
</a> </a>
</li> </li>
</ul> </ul>
@@ -51,8 +51,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
<button type="submit" <button type="submit"
name="form" name="form"
value="group" value="group"
class="fa fa-save" ><i class="fa fa-save"></i> Opslaan</button>
> Opslaan</button>
</li> </li>
</ul> </ul>
</form> </form>
@@ -80,8 +79,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
<button type="submit" <button type="submit"
name="form" name="form"
value="picture" value="picture"
class="fa fa-picture-o" ><i class="fa fa-picture-o"></i> Verander profielfoto</button>
> Verander profielfoto</button>
</li> </li>
</ul> </ul>
</form> </form>
@@ -94,7 +92,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
<select name="userID"> <select name="userID">
<option disabled selected>Geen gebruiker geselecteerd:</option> <option disabled selected>Geen gebruiker geselecteerd:</option>
<?php <?php
$groupMembers = getAllGroupMembers($_GET["groupID"]); $groupMembers = getAllGroupUsers($_GET["groupID"]);
foreach ($groupMembers as $groupMember) {?> foreach ($groupMembers as $groupMember) {?>
<option value="<?=$groupMember["userID"]?>"> <option value="<?=$groupMember["userID"]?>">
<?=$groupMember["fullname"]?> (<?=$groupMember["username"]?>) <?=$groupMember["fullname"]?> (<?=$groupMember["username"]?>)
@@ -114,11 +112,55 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
</il> </il>
</ul> </ul>
</form> </form>
<form class="platform" method="post">
<h5>Verwijder een admin/mod</h5>
<ul>
<il>
<input name="groupID" value="<?=$_GET["groupID"]?>" type="hidden">
<label>Selecteer gebruiker</label>
<select name="userID">
<option disabled selected>Geen gebruiker geselecteerd:</option>
<?php
$groupAdmins = getAllGroupAdmins($_GET["groupID"]);
foreach ($groupAdmins as $groupAdmin) {?>
<option value="<?=$groupAdmin["userID"]?>">
<?=$groupAdmin["fullname"]?> (<?=$groupAdmin["username"]?>) (<?=$groupAdmin["role"]?>)
</option>
<?php } ?>
<?php
$groupMods = getAllGroupMods($_GET["groupID"]);
foreach ($groupMods as $groupMod) {?>
<option value="<?=$groupMod["userID"]?>">
<?=$groupMod["fullname"]?> (<?=$groupMod["username"]?>) (<?=$groupMod["role"]?>)
</option>
<?php } ?>
</select>
<button name="form"
value="deadmin"
>
Verwijder
</button>
</il>
</ul>
</form>
<form class="platform" method="post">
<ul>
<h5>Verwijder groep</h5>
<li>
<label></label>
<input name="groupID" value="<?=$_GET["groupID"]?>" type="hidden">
<button class="red"
name="form"
value="delete"
><i class="fa fa-trash"></i> Verwijder groep</button>
</li>
</ul>
</form>
<div class="platform"> <div class="platform">
<ul> <ul>
<li> <li>
<label></label> <label></label>
<a href="group.php?groupname=<?=$groupinfo["name"]?>"><button class="fa fa-chevron-left"> Terug naar de groep</button></a> <a href="group.php?groupname=<?=$groupinfo["name"]?>"><button><i class="fa fa-chevron-left"></i> Terug naar de groep</button></a>
</li> </li>
</ul> </ul>
</div> </div>

1
website/views/head.php
View File

@@ -26,6 +26,7 @@ require_once ("../queries/user.php");
session_start(); session_start();
$_SESSION["userID"] = 11;
if(!isset($_SESSION["userID"])) { if(!isset($_SESSION["userID"])) {
header("location:login.php?url=" . "$_SERVER[REQUEST_URI]"); header("location:login.php?url=" . "$_SERVER[REQUEST_URI]");
} else { } else {

19
website/views/profile.php
View File

@@ -55,10 +55,17 @@
<h3>Vrienden</h3> <h3>Vrienden</h3>
<p> <p>
<?php <?php
while($friend = $profile_friends->fetch()) { $friendcount = $profile_friends->rowCount();
$frienddif = $friendcount - 7;
for ($i = 0; $i < min($friendcount, 7); $i += 1) {
$friend = $profile_friends->fetch();
echo "<a href='profile.php?username=${friend["username"]}' data-title='${friend["username"]}'><img class='profile-picture' height='42' width='42' src='${friend["profilepicture"]}' alt='${friend["username"]}' /></a>"; echo "<a href='profile.php?username=${friend["username"]}' data-title='${friend["username"]}'><img class='profile-picture' height='42' width='42' src='${friend["profilepicture"]}' alt='${friend["username"]}' /></a>";
} }
if ($frienddif > 0) {
echo $frienddif === 1 ? "en nog 1 andere." : "...en nog $frienddif anderen.";
}
if($profile_friends->rowCount() === 0) { if($profile_friends->rowCount() === 0) {
echo "<p>Deze gebruiker heeft nog geen vrienden gemaakt.</p>"; echo "<p>Deze gebruiker heeft nog geen vrienden gemaakt.</p>";
@@ -71,10 +78,18 @@
<h3>Groepen</h3> <h3>Groepen</h3>
<p> <p>
<?php <?php
while($group = $profile_groups->fetch()) { $groupcount = $profile_groups->rowCount();
$groupdif = $groupcount - 7;
for ($i = 0; $i < min($groupcount, 7); $i += 1) {
$group = $profile_groups->fetch();
echo "<a href='group.php?groupname=${group['name']}' data-title='${group["name"]}'><img class='group-picture' src='${group["picture"]}' alt='${group["name"]}s logo'></a>"; echo "<a href='group.php?groupname=${group['name']}' data-title='${group["name"]}'><img class='group-picture' src='${group["picture"]}' alt='${group["name"]}s logo'></a>";
} }
if ($groupdif > 0) {
echo $groupdif === 1 ? "en nog 1 andere." : "...en nog $groupdif anderen.";
}
if($profile_groups->rowCount() === 0) { if($profile_groups->rowCount() === 0) {
echo "<p>Deze gebruiker is nog geen lid van een groep.</p>"; echo "<p>Deze gebruiker is nog geen lid van een groep.</p>";
} }