Added comments to javascript code #215
@@ -21,6 +21,8 @@ require_once "../queries/alerts.php";
|
|||||||
include("../views/main.php");
|
include("../views/main.php");
|
||||||
$alertClass;
|
$alertClass;
|
||||||
$alertMessage;
|
$alertMessage;
|
||||||
|
|
||||||
|
// Select which button has been pressed.
|
||||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||||
try {
|
try {
|
||||||
switch ($_POST["form"]) {
|
switch ($_POST["form"]) {
|
||||||
@@ -44,6 +46,15 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|||||||
}
|
}
|
||||||
upgradeUser($_POST["groupID"], $_POST["userID"], "admin");
|
upgradeUser($_POST["groupID"], $_POST["userID"], "admin");
|
||||||
break;
|
break;
|
||||||
|
case "deadmin":
|
||||||
|
if (!array_key_exists("userID", $_POST)) {
|
||||||
|
throw new AngryAlert("Geen gebruiker geselecteerd.");
|
||||||
|
}
|
||||||
|
upgradeUser($_POST["groupID"], $_POST["userID"], "member");
|
||||||
|
break;
|
||||||
|
case "delete":
|
||||||
|
deleteGroup();
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
} catch (AlertMessage $w) {
|
} catch (AlertMessage $w) {
|
||||||
$alertClass = $w->getClass();
|
$alertClass = $w->getClass();
|
||||||
|
|||||||
@@ -14,6 +14,8 @@
|
|||||||
<?php
|
<?php
|
||||||
$alertClass;
|
$alertClass;
|
||||||
$alertMessage;
|
$alertMessage;
|
||||||
|
|
||||||
|
// Select which button has been pressed.
|
||||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||||
try {
|
try {
|
||||||
switch ($_POST["form"]) {
|
switch ($_POST["form"]) {
|
||||||
@@ -29,7 +31,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|||||||
case "picture":
|
case "picture":
|
||||||
updateAvatar();
|
updateAvatar();
|
||||||
break;
|
break;
|
||||||
|
|
||||||
}
|
}
|
||||||
} catch (AlertMessage $w) {
|
} catch (AlertMessage $w) {
|
||||||
$alertClass = $w->getClass();
|
$alertClass = $w->getClass();
|
||||||
|
|||||||
@@ -10,6 +10,11 @@ else {
|
|||||||
or die('Error connecting to mysql server');
|
or die('Error connecting to mysql server');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Helperfunction to create a database query.
|
||||||
|
* @param string $query
|
||||||
|
* @return PDOStatement
|
||||||
|
*/
|
||||||
function prepareQuery(string $query) : PDOStatement {
|
function prepareQuery(string $query) : PDOStatement {
|
||||||
return $GLOBALS["db"]->prepare($query);
|
return $GLOBALS["db"]->prepare($query);
|
||||||
}
|
}
|
||||||
@@ -2,6 +2,10 @@
|
|||||||
require_once "../queries/checkInput.php";
|
require_once "../queries/checkInput.php";
|
||||||
require_once "../queries/picture.php";
|
require_once "../queries/picture.php";
|
||||||
require_once "../queries/alerts.php";
|
require_once "../queries/alerts.php";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a group.
|
||||||
|
*/
|
||||||
function createGroup()
|
function createGroup()
|
||||||
{
|
{
|
||||||
$createGroup = prepareQuery("
|
$createGroup = prepareQuery("
|
||||||
|
|||||||
@@ -1,4 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
|
/**
|
||||||
|
* Gets the current settings for a group.
|
||||||
|
* @param int $groupID
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
function getGroupSettings(int $groupID) {
|
function getGroupSettings(int $groupID) {
|
||||||
$stmt = prepareQuery("
|
$stmt = prepareQuery("
|
||||||
SELECT
|
SELECT
|
||||||
@@ -15,6 +20,12 @@ function getGroupSettings(int $groupID) {
|
|||||||
return $stmt->fetch();
|
return $stmt->fetch();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Updates the settings for a group.
|
||||||
|
* @param int $groupID
|
||||||
|
* @throws AngryAlert
|
||||||
|
* @throws HappyAlert
|
||||||
|
*/
|
||||||
function updateGroupSettings(int $groupID)
|
function updateGroupSettings(int $groupID)
|
||||||
{
|
{
|
||||||
if (!checkGroupAdmin($groupID, $_SESSION["userID"])) {
|
if (!checkGroupAdmin($groupID, $_SESSION["userID"])) {
|
||||||
@@ -40,6 +51,12 @@ function updateGroupSettings(int $groupID)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Checks if an user is an admin for a page.
|
||||||
|
* @param int $groupID
|
||||||
|
* @param int $userID
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
function checkGroupAdmin(int $groupID, int $userID) : bool {
|
function checkGroupAdmin(int $groupID, int $userID) : bool {
|
||||||
$stmt = prepareQuery("
|
$stmt = prepareQuery("
|
||||||
SELECT
|
SELECT
|
||||||
@@ -60,7 +77,40 @@ function checkGroupAdmin(int $groupID, int $userID) : bool {
|
|||||||
return ($role == "admin");
|
return ($role == "admin");
|
||||||
}
|
}
|
||||||
|
|
||||||
function getAllGroupMembers(int $groupID) {
|
/**
|
||||||
|
* Returns all normal members for a group.
|
||||||
|
* @param int $groupID
|
||||||
|
* @return array|bool
|
||||||
|
*/
|
||||||
|
function getAllGroupUsers(int $groupID) {
|
||||||
|
return getAllGroupMembers($groupID, 'member');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns all admin for a group.
|
||||||
|
* @param int $groupID
|
||||||
|
* @return array|bool
|
||||||
|
*/
|
||||||
|
function getAllGroupAdmins(int $groupID) {
|
||||||
|
return getAllGroupMembers($groupID, 'admin');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns all Moderators for a group.
|
||||||
|
* @param int $groupID
|
||||||
|
* @return array|bool
|
||||||
|
*/
|
||||||
|
function getAllGroupMods(int $groupID) {
|
||||||
|
return getAllGroupMembers($groupID, 'mod');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns all members for a group specified by a string.
|
||||||
|
* @param int $groupID
|
||||||
|
* @param string $role
|
||||||
|
* @return array|bool
|
||||||
|
*/
|
||||||
|
function getAllGroupMembers(int $groupID, string $role) {
|
||||||
$stmt = prepareQuery("
|
$stmt = prepareQuery("
|
||||||
SELECT
|
SELECT
|
||||||
`username`,
|
`username`,
|
||||||
@@ -74,16 +124,25 @@ function getAllGroupMembers(int $groupID) {
|
|||||||
ON
|
ON
|
||||||
`group_member`.`userID` = `user`.`userID`
|
`group_member`.`userID` = `user`.`userID`
|
||||||
WHERE
|
WHERE
|
||||||
`groupID` = :groupID AND `group_member`.`role` = 'member'
|
`groupID` = :groupID AND `group_member`.`role` = :role
|
||||||
");
|
");
|
||||||
|
|
||||||
$stmt->bindParam(':groupID', $groupID);
|
$stmt->bindParam(':groupID', $groupID);
|
||||||
|
$stmt->bindParam(":role", $role);
|
||||||
if (!$stmt->execute()) {
|
if (!$stmt->execute()) {
|
||||||
return False;
|
return False;
|
||||||
}
|
}
|
||||||
return $stmt->fetchAll();
|
return $stmt->fetchAll();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Upgrades or downgrades a groupmember to a different role.
|
||||||
|
* @param int $groupID
|
||||||
|
* @param int $userID
|
||||||
|
* @param string $role
|
||||||
|
* @throws AngryAlert
|
||||||
|
* @throws HappyAlert
|
||||||
|
*/
|
||||||
function upgradeUser(int $groupID, int $userID, string $role) {
|
function upgradeUser(int $groupID, int $userID, string $role) {
|
||||||
if (!checkGroupAdmin($groupID, $_SESSION["userID"])) {
|
if (!checkGroupAdmin($groupID, $_SESSION["userID"])) {
|
||||||
throw new AngryAlert("Geen toestemming om te wijzigen");
|
throw new AngryAlert("Geen toestemming om te wijzigen");
|
||||||
@@ -106,4 +165,28 @@ function upgradeUser(int $groupID, int $userID, string $role) {
|
|||||||
} else {
|
} else {
|
||||||
throw new AngryAlert("Er is iets mis gegaan");
|
throw new AngryAlert("Er is iets mis gegaan");
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Removes a group form the database.
|
||||||
|
* @throws AngryAlert
|
||||||
|
* @throws HappyAlert
|
||||||
|
*/
|
||||||
|
function deleteGroup() {
|
||||||
|
if (!checkGroupAdmin($_POST["groupID"], $_SESSION["userID"])) {
|
||||||
|
throw new AngryAlert("Geen toestemming om de groep te verwijderen!");
|
||||||
|
}
|
||||||
|
$stmt = prepareQuery("
|
||||||
|
DELETE FROM
|
||||||
|
`group_page`
|
||||||
|
WHERE
|
||||||
|
`groupID` = :groupID
|
||||||
|
");
|
||||||
|
$stmt->bindValue(":groupID", $_POST["groupID"]);
|
||||||
|
$stmt->execute();
|
||||||
|
if ($stmt->rowCount()) {
|
||||||
|
throw new HappyAlert("Group verwijderd!");
|
||||||
|
} else {
|
||||||
|
throw new AngryAlert("Er is iets mis gegaan");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
@@ -16,7 +16,10 @@ function getSettings() {
|
|||||||
`location`,
|
`location`,
|
||||||
`birthdate`,
|
`birthdate`,
|
||||||
`bio`,
|
`bio`,
|
||||||
`profilepicture`,
|
IFNULL(
|
||||||
|
`profilepicture`,
|
||||||
|
'../img/avatar-standard.png'
|
||||||
|
) AS profilepicture,
|
||||||
`showBday`,
|
`showBday`,
|
||||||
`showEmail`,
|
`showEmail`,
|
||||||
`showProfile`
|
`showProfile`
|
||||||
|
|||||||
@@ -16,7 +16,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
|
|||||||
<li>
|
<li>
|
||||||
<label></label>
|
<label></label>
|
||||||
<a href="group.php?groupname=<?=$groupinfo["name"]?>">
|
<a href="group.php?groupname=<?=$groupinfo["name"]?>">
|
||||||
<button class="fa fa-chevron-left"> Terug naar de groep</button>
|
<button><i class="fa fa-chevron-left"></i> Terug naar de groep</button>
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
@@ -51,8 +51,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
|
|||||||
<button type="submit"
|
<button type="submit"
|
||||||
name="form"
|
name="form"
|
||||||
value="group"
|
value="group"
|
||||||
class="fa fa-save"
|
><i class="fa fa-save"></i> Opslaan</button>
|
||||||
> Opslaan</button>
|
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
</form>
|
</form>
|
||||||
@@ -80,8 +79,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
|
|||||||
<button type="submit"
|
<button type="submit"
|
||||||
name="form"
|
name="form"
|
||||||
value="picture"
|
value="picture"
|
||||||
class="fa fa-picture-o"
|
><i class="fa fa-picture-o"></i> Verander profielfoto</button>
|
||||||
> Verander profielfoto</button>
|
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
</form>
|
</form>
|
||||||
@@ -94,7 +92,7 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
|
|||||||
<select name="userID">
|
<select name="userID">
|
||||||
<option disabled selected>Geen gebruiker geselecteerd:</option>
|
<option disabled selected>Geen gebruiker geselecteerd:</option>
|
||||||
<?php
|
<?php
|
||||||
$groupMembers = getAllGroupMembers($_GET["groupID"]);
|
$groupMembers = getAllGroupUsers($_GET["groupID"]);
|
||||||
foreach ($groupMembers as $groupMember) {?>
|
foreach ($groupMembers as $groupMember) {?>
|
||||||
<option value="<?=$groupMember["userID"]?>">
|
<option value="<?=$groupMember["userID"]?>">
|
||||||
<?=$groupMember["fullname"]?> (<?=$groupMember["username"]?>)
|
<?=$groupMember["fullname"]?> (<?=$groupMember["username"]?>)
|
||||||
@@ -114,11 +112,55 @@ $groupinfo = getGroupSettings($_GET["groupID"]);
|
|||||||
</il>
|
</il>
|
||||||
</ul>
|
</ul>
|
||||||
</form>
|
</form>
|
||||||
|
<form class="platform" method="post">
|
||||||
|
<h5>Verwijder een admin/mod</h5>
|
||||||
|
<ul>
|
||||||
|
<il>
|
||||||
|
<input name="groupID" value="<?=$_GET["groupID"]?>" type="hidden">
|
||||||
|
<label>Selecteer gebruiker</label>
|
||||||
|
<select name="userID">
|
||||||
|
<option disabled selected>Geen gebruiker geselecteerd:</option>
|
||||||
|
<?php
|
||||||
|
$groupAdmins = getAllGroupAdmins($_GET["groupID"]);
|
||||||
|
foreach ($groupAdmins as $groupAdmin) {?>
|
||||||
|
<option value="<?=$groupAdmin["userID"]?>">
|
||||||
|
<?=$groupAdmin["fullname"]?> (<?=$groupAdmin["username"]?>) (<?=$groupAdmin["role"]?>)
|
||||||
|
</option>
|
||||||
|
<?php } ?>
|
||||||
|
<?php
|
||||||
|
$groupMods = getAllGroupMods($_GET["groupID"]);
|
||||||
|
foreach ($groupMods as $groupMod) {?>
|
||||||
|
<option value="<?=$groupMod["userID"]?>">
|
||||||
|
<?=$groupMod["fullname"]?> (<?=$groupMod["username"]?>) (<?=$groupMod["role"]?>)
|
||||||
|
</option>
|
||||||
|
<?php } ?>
|
||||||
|
</select>
|
||||||
|
<button name="form"
|
||||||
|
value="deadmin"
|
||||||
|
>
|
||||||
|
Verwijder
|
||||||
|
</button>
|
||||||
|
</il>
|
||||||
|
</ul>
|
||||||
|
</form>
|
||||||
|
<form class="platform" method="post">
|
||||||
|
<ul>
|
||||||
|
<h5>Verwijder groep</h5>
|
||||||
|
<li>
|
||||||
|
<label></label>
|
||||||
|
<input name="groupID" value="<?=$_GET["groupID"]?>" type="hidden">
|
||||||
|
<button class="red"
|
||||||
|
name="form"
|
||||||
|
value="delete"
|
||||||
|
><i class="fa fa-trash"></i> Verwijder groep</button>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
</form>
|
||||||
<div class="platform">
|
<div class="platform">
|
||||||
<ul>
|
<ul>
|
||||||
<li>
|
<li>
|
||||||
<label></label>
|
<label></label>
|
||||||
<a href="group.php?groupname=<?=$groupinfo["name"]?>"><button class="fa fa-chevron-left"> Terug naar de groep</button></a>
|
<a href="group.php?groupname=<?=$groupinfo["name"]?>"><button><i class="fa fa-chevron-left"></i> Terug naar de groep</button></a>
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@@ -29,13 +29,12 @@ $user = $psw = $remember ="";
|
|||||||
$loginErr = $resetErr = $fbRegisterErr ="";
|
$loginErr = $resetErr = $fbRegisterErr ="";
|
||||||
|
|
||||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||||
$url = $_POST["url"];
|
|
||||||
// Checks for which button is pressed
|
// Checks for which button is pressed
|
||||||
switch ($_POST["submit"]) {
|
switch ($_POST["submit"]) {
|
||||||
case "login":
|
case "login":
|
||||||
try {
|
try {
|
||||||
$user = ($_POST["user"]);
|
$user = ($_POST["user"]);
|
||||||
validateLogin($_POST["user"], $_POST["psw"], $url);
|
validateLogin($_POST["user"], $_POST["psw"], $_POST["url"]);
|
||||||
} catch(loginException $e) {
|
} catch(loginException $e) {
|
||||||
$loginErr = $e->getMessage();
|
$loginErr = $e->getMessage();
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user