From c6bdf349a8217ecd77b5c0308591581cf310630b Mon Sep 17 00:00:00 2001 From: Hendrik Date: Tue, 17 Jan 2017 10:34:30 +0100 Subject: [PATCH 001/295] fixed forms for php, user status and page type --- website/styles/adminpanel.css | 7 +++--- website/views/adminpanel.php | 47 ++++++++++++++++++++++++----------- 2 files changed, 36 insertions(+), 18 deletions(-) diff --git a/website/styles/adminpanel.css b/website/styles/adminpanel.css index e761592..edeb9c8 100644 --- a/website/styles/adminpanel.css +++ b/website/styles/adminpanel.css @@ -1,6 +1,6 @@ .admin-panel { margin: auto; - min-width: 800px; + /*min-width: 800px;*/ } .admin-title { @@ -32,11 +32,12 @@ margin-bottom: 10px; } -.admin-filter { +.admin-filter, .admin-filtertype { display: inline-block; margin: 10px; vertical-align: top; - margin-right: 100px; + margin-left: 20px; + margin-right: 20px; } .admin-users { diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php index b789aad..96c02d3 100644 --- a/website/views/adminpanel.php +++ b/website/views/adminpanel.php @@ -21,26 +21,43 @@

User Management Panel


-
+ " method="post">
- + " method="post">

Search


-

Show users:

- Active
- Muted
- Banned +

Show:

+ +
+ +
+ +
+ +
+ + +
+
+

Page Type:

+ +
+ +

Batch Actions:

- Mute
- Ban
- Unban

+ +
+ +
+ +

@@ -63,11 +80,11 @@ Banned unregulated time travel -
+ " method="post">
@@ -79,11 +96,11 @@ Banned l33t h4xx -
+ " method="post">
-- 2.49.1 From b60d118ac603355bf36463892735cfd743e658e6 Mon Sep 17 00:00:00 2001 From: Hendrik Date: Tue, 17 Jan 2017 12:40:41 +0100 Subject: [PATCH 002/295] added form complete on search in adminpanel --- website/public/styles/adminpanel.css | 6 +- website/views/adminpanel.php | 261 ++++++++++++++++----------- 2 files changed, 156 insertions(+), 111 deletions(-) diff --git a/website/public/styles/adminpanel.css b/website/public/styles/adminpanel.css index edeb9c8..019924e 100644 --- a/website/public/styles/adminpanel.css +++ b/website/public/styles/adminpanel.css @@ -1,6 +1,6 @@ .admin-panel { margin: auto; - /*min-width: 800px;*/ + min-width: 800px; } .admin-title { @@ -36,8 +36,8 @@ display: inline-block; margin: 10px; vertical-align: top; - margin-left: 20px; - margin-right: 20px; + margin-right: 50px; + margin-left: 50px; } .admin-users { diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php index 96c02d3..95d518d 100644 --- a/website/views/adminpanel.php +++ b/website/views/adminpanel.php @@ -1,115 +1,160 @@ - - - Admin Panel - - - -
-
-
-

User Management Panel

-

-
" method="post"> -
- " method="post"> -
-

Search

-
- -
-
-

Show:

- -
- -
- -
- -
- - -
-
-

Page Type:

- -
- - -
- -
-

Batch Actions:

- -
- -
- -

- -
-
-
-
-

Users:

- - - - - - - - - - - - - - - - - - - - - - -
- - UserStatusCommentAction
John SmithBannedunregulated time travel -
" method="post"> - - -
-
poey jokeaimBannedl33t h4xx -
" method="post"> - - -
-
-
- + } + + + + + + + +
+
+
+

User Management Panel

+

+
" + method="post"> +
+ " + method="post"> +
+

Search

+
+ +
+
+

Show:

+ > +
+ > +
+ > +
+ > +
+ > + +
+
+

Page Type:

+ > +
+ > + +
+ +
+

Batch Actions:

+ +
+ +
+ +

+ +
-
- +
+
+

Users:

+ + + + + + + + + + + + + + + + + + + + + + +
+ + UserStatusCommentAction
John SmithBannedunregulated time travel +
" + method="post"> + + +
+
poey jokeaimBannedl33t h4xx +
" + method="post"> + + +
+
+
+ +
+
+ -- 2.49.1 From f00b3d9a231ff7073c3fc77ea8d1b8600ce60d02 Mon Sep 17 00:00:00 2001 From: Hendrik Date: Tue, 17 Jan 2017 12:55:15 +0100 Subject: [PATCH 003/295] add page selector in adminpanel --- website/public/styles/adminpanel.css | 6 ++++++ website/views/adminpanel.php | 5 +++++ 2 files changed, 11 insertions(+) diff --git a/website/public/styles/adminpanel.css b/website/public/styles/adminpanel.css index 019924e..5a9fb7e 100644 --- a/website/public/styles/adminpanel.css +++ b/website/public/styles/adminpanel.css @@ -44,6 +44,12 @@ margin: 10px; } +.admin-userpage { + width: 170px; + margin-bottom: 20px; + float: right; +} + .usertable { width: 100%; } diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php index 95d518d..9c1c818 100644 --- a/website/views/adminpanel.php +++ b/website/views/adminpanel.php @@ -105,6 +105,11 @@ function test_input($data) {

Users:

+
+ + 1 / 1 + +

+ fetch(PDO::FETCH_ASSOC)) { $userID = $user['userID']; @@ -135,6 +182,7 @@ function test_input($data) { $role = $user['role']; $bancomment = $user['bancomment']; $thispage = htmlspecialchars($_SERVER['PHP_SELF']); + echo(" - - - - - + + + + + - "); + "); + } + } else { + $q = search20GroupsFromNByStatus($db, $listnr, $search, $groupstatus); + + while ($group = $q->fetch(PDO::FETCH_ASSOC)) { + $groupID = $group['groupID']; + $name = $group['name']; + $role = $group['status']; + $description = $group['description']; + $thispage = htmlspecialchars($_SERVER['PHP_SELF']); + + echo(" + + + + + + + + "); + } } ?>
-- 2.49.1 From e3e72b8ef6f4687b2421542d131dc08a7f2ee81f Mon Sep 17 00:00:00 2001 From: Hendrik Date: Tue, 17 Jan 2017 14:02:33 +0100 Subject: [PATCH 004/295] fixed connect.php location in head --- website/views/head.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/views/head.php b/website/views/head.php index fc28320..997f2d1 100644 --- a/website/views/head.php +++ b/website/views/head.php @@ -15,6 +15,6 @@ \ No newline at end of file +?> -- 2.49.1 From 877072f9e3092378ddeef8e9767cd0c54f552749 Mon Sep 17 00:00:00 2001 From: Hendrik Date: Tue, 17 Jan 2017 15:12:56 +0100 Subject: [PATCH 005/295] add sql usersearch base in adminpanel --- website/views/adminpanel.php | 45 +++++++++++++++++++++++++++++++++--- 1 file changed, 42 insertions(+), 3 deletions(-) diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php index 9c1c818..21fe476 100644 --- a/website/views/adminpanel.php +++ b/website/views/adminpanel.php @@ -5,7 +5,7 @@ Admin Panel + @@ -110,6 +111,8 @@ function test_input($data) { 1 / 1
+ + - + + fetch(PDO::FETCH_ASSOC)) { + $userID = $user['userID']; + $username = $user['username']; + $role = $user['role']; + $bancomment = $user['bancomment']; + $thispage = htmlspecialchars($_SERVER['PHP_SELF']); + echo(" + + + + + + + + "); + } + ?> + +
@@ -120,7 +123,43 @@ function test_input($data) { Comment Action
+ $username$role$bancomment +
+ + + +
+
-- 2.49.1 From 146fc7108ba63eb1d565cff7a7b23567bd5d6e1c Mon Sep 17 00:00:00 2001 From: Hendrik Date: Tue, 17 Jan 2017 15:13:32 +0100 Subject: [PATCH 006/295] add usersearch query --- website/queries/user.php | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 website/queries/user.php diff --git a/website/queries/user.php b/website/queries/user.php new file mode 100644 index 0000000..d355771 --- /dev/null +++ b/website/queries/user.php @@ -0,0 +1,19 @@ +query(" + SELECT + `userID`, + `username`, + `role`, + `bancomment` + FROM + `user` + ORDER BY + `username` + LIMIT + $n + "); +} + +?> -- 2.49.1 From 8ce6cd1aa2303db0e910cb6ecc6ecc39e64fafa8 Mon Sep 17 00:00:00 2001 From: Hendrik Date: Tue, 17 Jan 2017 16:23:44 +0100 Subject: [PATCH 007/295] add rudimentary search --- website/queries/user.php | 29 +++++++++++++++++++-- website/views/adminpanel.php | 50 +++++++----------------------------- 2 files changed, 36 insertions(+), 43 deletions(-) diff --git a/website/queries/user.php b/website/queries/user.php index d355771..8029154 100644 --- a/website/queries/user.php +++ b/website/queries/user.php @@ -1,6 +1,6 @@ query(" SELECT `userID`, @@ -10,10 +10,35 @@ function selectSomeUsers($db, $n) { FROM `user` ORDER BY + `role`, `username` LIMIT - $n + $n, 20 "); } +function search20UsersFromN($db, $n, $keyword) { + $q = $db->prepare(" + SELECT + `userID`, + `username`, + `role`, + `bancomment` + FROM + `user` + WHERE + `username` LIKE :keyword + ORDER BY + `username` + LIMIT + :n, 20 + "); + + $keyword = "%$keyword%"; + $q->bindParam(':keyword', $keyword); + $q->bindParam(':n', $n, PDO::PARAM_INT); + $q->execute(); + return $q; +} + ?> diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php index 21fe476..a8cdb73 100644 --- a/website/views/adminpanel.php +++ b/website/views/adminpanel.php @@ -20,11 +20,14 @@
- fetch(PDO::FETCH_ASSOC)) { $userID = $user['userID']; $username = $user['username']; @@ -158,46 +161,11 @@ function test_input($data) { "); } ?> - -
@@ -125,7 +127,8 @@ function test_input($data) {
+ +
-- 2.49.1 From eb2a343d5fe5d4dc1ab44fbb3fb792579fbfca46 Mon Sep 17 00:00:00 2001 From: Lars van Hijfte Date: Wed, 18 Jan 2017 12:08:53 +0100 Subject: [PATCH 008/295] added live sending messages from user 2 to user 2 --- website/public/chat.php | 1 + website/public/js/sendMessage.js | 14 ++++++++ website/public/sendMessage.php | 16 +++++++++ website/queries/private_message.php | 51 +++++++++++++++++++++++++++++ website/views/chat-view.php | 12 ++++--- 5 files changed, 90 insertions(+), 4 deletions(-) create mode 100644 website/public/js/sendMessage.js create mode 100644 website/public/sendMessage.php create mode 100644 website/queries/private_message.php diff --git a/website/public/chat.php b/website/public/chat.php index f077a4d..150638d 100644 --- a/website/public/chat.php +++ b/website/public/chat.php @@ -5,6 +5,7 @@ + prepare(" + SELECT + * + FROM + `private_message` + WHERE + `origin` = :user1 AND + `destination` = :user2 OR + `origin` = :user2 AND + `destination` = :user1 + ORDER BY + `creationdate` DESC + LIMIT + :n, 100 + "); + + $stmt->bindParam(":user1", $user1ID); + $stmt->bindParam(":user2", $user2ID); + $stmt->bindParam(":n", $n); + + return $stmt->execute(); +} + +function sendMessage($destination, $content) { + $db = $GLOBALS["db"]; + $stmt = $db->prepare(" + INSERT INTO + `private_message` + ( + `origin`, + `destination`, + `content` + ) + VALUES + ( + :origin, + :destination, + :content + ) + "); + + return $stmt->execute(array( + "origin" => 2, + "destination" => $destination, + "content" => $content + )); +} \ No newline at end of file diff --git a/website/views/chat-view.php b/website/views/chat-view.php index a23a1c5..6b6aecd 100644 --- a/website/views/chat-view.php +++ b/website/views/chat-view.php @@ -37,16 +37,20 @@
-
+ + + /> + />
-- 2.49.1 From b5ceb1b5e0fe7edee7d0dcec754e68ac03fbabe1 Mon Sep 17 00:00:00 2001 From: Hendrik Date: Wed, 18 Jan 2017 14:20:32 +0100 Subject: [PATCH 009/295] add pagetype selector, add search filter --- website/public/styles/adminpanel.css | 10 +++- website/queries/user.php | 28 +++++++++ website/views/adminpanel.php | 88 +++++++++++++++++++++------- 3 files changed, 104 insertions(+), 22 deletions(-) diff --git a/website/public/styles/adminpanel.css b/website/public/styles/adminpanel.css index 5a9fb7e..c8e29b6 100644 --- a/website/public/styles/adminpanel.css +++ b/website/public/styles/adminpanel.css @@ -32,7 +32,7 @@ margin-bottom: 10px; } -.admin-filter, .admin-filtertype { +.admin-filter, .admin-filtertype, .admin-groupfilter { display: inline-block; margin: 10px; vertical-align: top; @@ -40,6 +40,14 @@ margin-left: 50px; } +.admin-filter, .admin-groupfilter { + width: 120px; +} + +.admin-groupfilter { + display: none; +} + .admin-users { margin: 10px; } diff --git a/website/queries/user.php b/website/queries/user.php index 8029154..42d90bc 100644 --- a/website/queries/user.php +++ b/website/queries/user.php @@ -41,4 +41,32 @@ function search20UsersFromN($db, $n, $keyword) { return $q; } +function search20UsersFromNByStatus($db, $n, $keyword, $status) { + $q = $db->prepare(" + SELECT + `userID`, + `username`, + `role`, + `bancomment` + FROM + `user` + WHERE + `username` LIKE :keyword AND + FIND_IN_SET (`role`, :statuses) + ORDER BY + `username` + LIMIT + :n, 20 + "); + + $keyword = "%$keyword%"; + $q->bindParam(':keyword', $keyword); + $q->bindParam(':n', $n, PDO::PARAM_INT); + $statuses = implode(',', $status); + $q->bindParam(':statuses', $statuses); + $q->execute(); + return $q; +} + + ?> diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php index a8cdb73..8ce9fb1 100644 --- a/website/views/adminpanel.php +++ b/website/views/adminpanel.php @@ -4,6 +4,10 @@ Admin Panel @@ -20,13 +35,14 @@ ">
-
+ +

Show:

- > + + >
- > + >
- > + >
- > + >
- > - + > +
+ > +
+ +
+

Show:

+ + > +
+ > +
+ > +
+
+

Page Type:

> + + onchange="changeFilter()">
> + + onchange="changeFilter()">
+

Batch Actions:

@@ -107,8 +151,10 @@ function test_input($data) {

+

Users:

+
1 / 1 @@ -126,8 +172,9 @@ function test_input($data) {
Action
- -
-- 2.49.1 From e80ce3b793adee1844f826f7aa8aa41b91fd20af Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Wed, 18 Jan 2017 14:22:03 +0100 Subject: [PATCH 010/295] Improved selectAllFriends query --- website/queries/friendship.php | 46 +++++++++++++++++++--------------- 1 file changed, 26 insertions(+), 20 deletions(-) diff --git a/website/queries/friendship.php b/website/queries/friendship.php index 45a599e..94cd123 100644 --- a/website/queries/friendship.php +++ b/website/queries/friendship.php @@ -1,24 +1,30 @@ query(" - SELECT - `user`.`username`, - `user`.`profilepicture`, - `user`.`onlinestatus`, - `user`.`role` - FROM - `user` - INNER JOIN - `friendship` - WHERE - `friendship`.`user1ID` = $userID AND - `friendship`.`user2ID` = `user`.`userID` OR - `friendship`.`user2ID` = $userID AND - `friendship`.`user1ID` = `user`.`userID`" - ); + $stmt = $db->prepare(" + SELECT + `username`, + IFNULL( + `profilepicture`, + 'img/notbad.png' + ) AS profilepicture, + `onlinestatus`, + `role` + FROM + `user` + INNER JOIN + `friendship` + WHERE + (`friendship`.`user1ID` = :userID AND + `friendship`.`user2ID` = `user`.`userID` OR + `friendship`.`user2ID` = :userID AND + `friendship`.`user1ID` = `user`.`userID`) AND + `role` != 5 AND + `status` = 1 + "); + + $stmt->bindParam(':userID', $userID, PDO::PARAM_INT); + $stmt->execute(); + return $stmt; } - - - -?> \ No newline at end of file -- 2.49.1 From bdf5c221a7026fcd4e9a4477664e41bb776d37e1 Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Wed, 18 Jan 2017 14:23:36 +0100 Subject: [PATCH 011/295] Added queries related to users. --- website/queries/user.php | 72 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 website/queries/user.php diff --git a/website/queries/user.php b/website/queries/user.php new file mode 100644 index 0000000..a73c16c --- /dev/null +++ b/website/queries/user.php @@ -0,0 +1,72 @@ +prepare(" + SELECT + `username`, + IFNULL( + `profilepicture`, + 'img/notbad.png' + ) AS profilepicture, + `bio`, + `role`, + `onlinestatus`, + `loggedin`, + `fname`, + `lname` + FROM + `user` + WHERE + `userID` = :userID + "); + + $stmt->bindParam(':userID', $userID, PDO::PARAM_INT); + $stmt->execute(); + return $stmt->fetch(); +} + +function selectAllUserGroups($db, $userID) { + $stmt = $db->prepare(" + SELECT + `group_page`.`groupID`, + `name`, + `picture`, + `userID` + FROM + `group_page` + INNER JOIN + `group_member` + ON + `group_page`.`groupID` = `group_member`.`groupID` + WHERE + `userID` = :userID AND + `status` = 1 + "); + + $stmt->bindParam(':userID', $userID, PDO::PARAM_INT); + $stmt->execute(); + return $stmt; +} + +function selectAllUserPosts($db, $userID) { + $stmt = $db->prepare(" + SELECT + `postID`, + `author`, + `title`, + `content`, + `creationdate` + FROM + `post` + WHERE + `author` = :userID AND + `groupID` IS NULL + ORDER BY + `creationdate` DESC + "); + + $stmt->bindParam(':userID', $userID, PDO::PARAM_INT); + $stmt->execute(); + return $stmt; +} \ No newline at end of file -- 2.49.1 From 19f525d168703a217ba6dfc981b3e91c05511388 Mon Sep 17 00:00:00 2001 From: Lars van Hijfte Date: Wed, 18 Jan 2017 14:34:15 +0100 Subject: [PATCH 012/295] Live chatting now shows up in the chat-history --- website/public/chat.php | 2 +- website/public/js/chat.js | 50 +++++++++++++++++++++++ website/public/js/sendMessage.js | 14 ------- website/public/sendMessage.php | 2 +- website/queries/private_message.php | 46 ++++++++++++++++++--- website/views/chat-view.php | 63 +++++++++++++++++------------ website/views/head.php | 2 + 7 files changed, 132 insertions(+), 47 deletions(-) create mode 100644 website/public/js/chat.js delete mode 100644 website/public/js/sendMessage.js diff --git a/website/public/chat.php b/website/public/chat.php index 150638d..09be336 100644 --- a/website/public/chat.php +++ b/website/public/chat.php @@ -5,7 +5,7 @@ - + \ +
\ + ' + messages[i].content + '\ +
\ + \ + '); + } +} \ No newline at end of file diff --git a/website/public/js/sendMessage.js b/website/public/js/sendMessage.js deleted file mode 100644 index 1c300b2..0000000 --- a/website/public/js/sendMessage.js +++ /dev/null @@ -1,14 +0,0 @@ -// $("#sendMessageForm").submit(function(e) { -function sendMessage() { - console.log($("#sendMessageForm").serialize()); - $.post( - "sendMessage.php", - $("#sendMessageForm").serialize() - ).done(function( data ) { - alert( "Data Loaded: " + data ); - }); -} - -function loadMessages() { - -} \ No newline at end of file diff --git a/website/public/sendMessage.php b/website/public/sendMessage.php index c0dde12..e555e2a 100644 --- a/website/public/sendMessage.php +++ b/website/public/sendMessage.php @@ -5,7 +5,7 @@ include_once("../queries/private_message.php"); if (isset($_POST["destination"]) && isset($_POST["content"])) { - if (sendMessage($db, $_POST["destination"], $_POST["content"])) { + if (sendMessage($_POST["destination"], $_POST["content"])) { echo $_POST["content"] . " is naar " . $_POST["destination"] . " gestuurd"; } else { echo "YOU FAILED!!!"; diff --git a/website/queries/private_message.php b/website/queries/private_message.php index 22fb085..56c0c26 100644 --- a/website/queries/private_message.php +++ b/website/queries/private_message.php @@ -1,7 +1,13 @@ prepare(" SELECT * @@ -13,16 +19,15 @@ function get100ChatMessagesFromN($n, $user1ID, $user2ID) { `origin` = :user2 AND `destination` = :user1 ORDER BY - `creationdate` DESC - LIMIT - :n, 100 + `messageID` ASC "); $stmt->bindParam(":user1", $user1ID); $stmt->bindParam(":user2", $user2ID); - $stmt->bindParam(":n", $n); - return $stmt->execute(); + $stmt->execute(); + + return json_encode($stmt->fetchAll()); } function sendMessage($destination, $content) { @@ -48,4 +53,33 @@ function sendMessage($destination, $content) { "destination" => $destination, "content" => $content )); +} + +function getNewChatMessages($lastID, $destination) { + $db = $GLOBALS["db"]; + $origin = 2; + + $stmt = $db->prepare(" + SELECT + * + FROM + `private_message` + WHERE + ( + `origin` = :user1 AND + `destination` = :user2 OR + `origin` = :user2 AND + `destination` = :user1) AND + `messageID` > :lastID + ORDER BY + `messageID` ASC + "); + + $stmt->bindParam(':user1', $origin); + $stmt->bindParam(':user2', $destination); + $stmt->bindParam(':lastID', $lastID); + + $stmt->execute(); + + return json_encode($stmt->fetchAll()); } \ No newline at end of file diff --git a/website/views/chat-view.php b/website/views/chat-view.php index 6b6aecd..dabd348 100644 --- a/website/views/chat-view.php +++ b/website/views/chat-view.php @@ -10,32 +10,43 @@
-
-
-
Hi!
-
-
-
Hi!
-
-
-
How it's going?
-
-
-
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
-
-
-
Hi!
-
-
-
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
-
-
-
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
-
-
-
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
-
+
+ + + + + + + + + + + + + + + + + + + + + + + +
+
+ + +
diff --git a/website/views/head.php b/website/views/head.php index 9306edf..39e29af 100644 --- a/website/views/head.php +++ b/website/views/head.php @@ -17,4 +17,6 @@ include_once("../queries/connect.php"); +session_start(); + ?> \ No newline at end of file -- 2.49.1 From 95fd3c0040abd55e1e0e90b409d8d8283a931976 Mon Sep 17 00:00:00 2001 From: Lars van Hijfte Date: Wed, 18 Jan 2017 15:09:52 +0100 Subject: [PATCH 013/295] chat is done? --- website/public/js/chat.js | 7 ++ website/public/styles/chat.css | 4 ++ website/queries/friendship.php | 1 + website/queries/private_message.php | 6 +- website/views/chat-view.php | 100 +++++++++++++++++++--------- 5 files changed, 84 insertions(+), 34 deletions(-) diff --git a/website/public/js/chat.js b/website/public/js/chat.js index 5b56586..dd0b00f 100644 --- a/website/public/js/chat.js +++ b/website/public/js/chat.js @@ -12,6 +12,7 @@ function loadMessages() { messages = JSON.parse(data); addMessages(messages); $("#lastID").val(messages[messages.length - 1].messageID); + $("#chat-history").scrollTop($("#chat-history")[0].scrollHeight); } }); @@ -47,4 +48,10 @@ function addMessages(messages) {
\ '); } +} + +function switchUser(userID) { + $(".destinationID").val(userID); + $("#chat-history").html(""); + $("#lastID").val(""); } \ No newline at end of file diff --git a/website/public/styles/chat.css b/website/public/styles/chat.css index 8f486bb..132c750 100644 --- a/website/public/styles/chat.css +++ b/website/public/styles/chat.css @@ -16,6 +16,10 @@ overflow-y: auto; } +.chat-left .friend-item { + cursor: pointer; +} + .chat-right { width: calc(100% - 256px - 40px); height: calc(100% - 80px); diff --git a/website/queries/friendship.php b/website/queries/friendship.php index 56ce274..dc7a669 100644 --- a/website/queries/friendship.php +++ b/website/queries/friendship.php @@ -3,6 +3,7 @@ function selectAllFriends($db, $userID) { return $db->query(" SELECT + `user`.`userID`, `user`.`username`, `user`.`profilepicture`, `user`.`onlinestatus`, diff --git a/website/queries/private_message.php b/website/queries/private_message.php index 56c0c26..6cf8b16 100644 --- a/website/queries/private_message.php +++ b/website/queries/private_message.php @@ -6,7 +6,7 @@ session_start(); function getOldChatMessages($user2ID) { $db = $GLOBALS["db"]; - $user1ID = 2; + $user1ID = $_SESSION["userID"]; $stmt = $db->prepare(" SELECT @@ -49,7 +49,7 @@ function sendMessage($destination, $content) { "); return $stmt->execute(array( - "origin" => 2, + "origin" => $_SESSION["userID"], "destination" => $destination, "content" => $content )); @@ -57,7 +57,7 @@ function sendMessage($destination, $content) { function getNewChatMessages($lastID, $destination) { $db = $GLOBALS["db"]; - $origin = 2; + $origin = $_SESSION["userID"]; $stmt = $db->prepare(" SELECT diff --git a/website/views/chat-view.php b/website/views/chat-view.php index dabd348..1f9a0d8 100644 --- a/website/views/chat-view.php +++ b/website/views/chat-view.php @@ -1,40 +1,76 @@
-
- $username$role$bancomment - - - - - - + $username$role$bancomment +
+ + + +
+
+ $name$role$description +
+ + + +
+
+ 
+            
+
-- 2.49.1 From 7469a10f1387b01a9ae80dc9cc2e9c63f90e2a89 Mon Sep 17 00:00:00 2001 From: Lars van Hijfte Date: Wed, 18 Jan 2017 15:37:49 +0100 Subject: [PATCH 015/295] Fixed Chat! --- website/public/js/chat.js | 2 +- website/public/styles/chat.css | 4 ---- website/queries/private_message.php | 2 +- website/views/chat-view.php | 28 ++-------------------------- 4 files changed, 4 insertions(+), 32 deletions(-) diff --git a/website/public/js/chat.js b/website/public/js/chat.js index dd0b00f..cf33f69 100644 --- a/website/public/js/chat.js +++ b/website/public/js/chat.js @@ -34,7 +34,7 @@ function sendMessage() { function addMessages(messages) { for(i in messages) { - if (messages[i].origin == 2) { + if (messages[i].destination == $(".destinationID").val()) { type = "chat-message-self"; } else { type = "chat-message-other"; diff --git a/website/public/styles/chat.css b/website/public/styles/chat.css index 132c750..8f486bb 100644 --- a/website/public/styles/chat.css +++ b/website/public/styles/chat.css @@ -16,10 +16,6 @@ overflow-y: auto; } -.chat-left .friend-item { - cursor: pointer; -} - .chat-right { width: calc(100% - 256px - 40px); height: calc(100% - 80px); diff --git a/website/queries/private_message.php b/website/queries/private_message.php index 6cf8b16..2d953c5 100644 --- a/website/queries/private_message.php +++ b/website/queries/private_message.php @@ -49,7 +49,7 @@ function sendMessage($destination, $content) { "); return $stmt->execute(array( - "origin" => $_SESSION["userID"], + "origin" => $_SESSION["userID"], "destination" => $destination, "content" => $content )); diff --git a/website/views/chat-view.php b/website/views/chat-view.php index 1f9a0d8..a3acd4c 100644 --- a/website/views/chat-view.php +++ b/website/views/chat-view.php @@ -47,30 +47,6 @@
- - - - - - - - - - - - - - - - - - - - - - - -
@@ -89,7 +65,7 @@ Date: Wed, 18 Jan 2017 15:53:10 +0100 Subject: [PATCH 016/295] Fixed login link --- website/public/login.php | 6 +++--- website/public/styles/index.css | 14 +++++++------- website/queries/register.php | 10 ++++++++-- website/views/login-view.php | 8 +++++--- website/views/register-view.php | 6 ++++-- 5 files changed, 27 insertions(+), 17 deletions(-) diff --git a/website/public/login.php b/website/public/login.php index 82570a6..09dce8c 100644 --- a/website/public/login.php +++ b/website/public/login.php @@ -15,21 +15,21 @@ // Trying to login if ($_SERVER["REQUEST_METHOD"] == "POST") { + $uname=strtolower($_POST["uname"]); // Empty username or password field if (empty($_POST["uname"]) || empty($_POST["psw"])) { $loginErr = "Gebruikersnaam of wachtwoord is niet ingevuld"; } else { - $uname=strtolower($_POST["uname"]); $psw=$_POST["psw"]; $hash=hashPassword()["password"]; $userid=hashPassword()["userID"]; - + // If there's an account, go to the profile page if(password_verify($psw.$uname, $hash)) { $_SESSION["userID"] = $userid; - header("location: /profile.php"); + header("location: profile.php"); } else { $loginErr = "Inloggegevens zijn niet correct"; diff --git a/website/public/styles/index.css b/website/public/styles/index.css index a368066..c7d482f 100644 --- a/website/public/styles/index.css +++ b/website/public/styles/index.css @@ -60,7 +60,7 @@ body { height: 900px; background-image: url(https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTEnqKdVtLbxjKuNsCSCxFRhTOpp3Gm0gsU8bMgA_MeUYyzrUFy); - background-size: contain; + background-size: cover; background-repeat: repeat-x; background-attachment: fixed; @@ -109,10 +109,10 @@ form { border: 5px solid #325da3; background-color: #a87a87; border-radius: 12px; - height: 57%; - margin: 8px auto; + height: 55%; + margin: 35px auto; width: 45%; - overflow: auto; + overflow-y:auto; } /* inlog titel */ @@ -135,14 +135,14 @@ input[type=text], input[type=password], input[type=email], input[type="date"] { box-sizing: border-box; display: inline-block; height: 50%; - padding: 12px 20px; - margin: 8px 0; + padding: 8px 20px; + margin: 4px 0; width: 50%; font-family: Arial; font-size: 16px; } -input[type=submit] { +button[type=submit] { background-color: #845663; border: 2px solid black; border-radius: 12px; diff --git a/website/queries/register.php b/website/queries/register.php index 9881872..893bb3a 100644 --- a/website/queries/register.php +++ b/website/queries/register.php @@ -18,12 +18,18 @@ function getExistingUsername() { function getExistingEmail() { $stmt = $GLOBALS["db"]->prepare(" - SELECT * FROM `user` WHERE `email` = :email + SELECT + `email` + FROM + `user` + WHERE + `email` LIKE :email "); $stmt->bindParam(":email", $_POST["email"]); $stmt->execute(); return $stmt->rowCount(); + } function registerAccount() { @@ -54,7 +60,7 @@ function registerAccount() { $stmt->bindParam(":username", $_POST["username"]); $stmt->bindParam(":password", $hash); $stmt->bindParam(":location", $_POST["location"]); - $stmt->bindParam(":email", $_POST["email"]); + $stmt->bindParam(":email", (strtolower($_POST["email"]))); $stmt->execute(); $stmt->rowCount(); diff --git a/website/views/login-view.php b/website/views/login-view.php index e70d96b..df29cbc 100644 --- a/website/views/login-view.php +++ b/website/views/login-view.php @@ -27,7 +27,7 @@
@@ -36,10 +36,12 @@ diff --git a/website/views/register-view.php b/website/views/register-view.php index 3ccc978..b7efbc8 100644 --- a/website/views/register-view.php +++ b/website/views/register-view.php @@ -120,10 +120,12 @@ -- 2.49.1 From df9f782809173e2d42c3e431fd234c60741d64e2 Mon Sep 17 00:00:00 2001 From: Lars van Hijfte Date: Wed, 18 Jan 2017 15:54:13 +0100 Subject: [PATCH 017/295] Friends in the menu now redirects to the users profile. --- website/public/styles/menu.css | 13 +++++++++++++ website/views/menu.php | 20 ++++++++++++-------- 2 files changed, 25 insertions(+), 8 deletions(-) diff --git a/website/public/styles/menu.css b/website/public/styles/menu.css index 7778545..45163de 100644 --- a/website/public/styles/menu.css +++ b/website/public/styles/menu.css @@ -25,3 +25,16 @@ font-size: 14px; cursor: pointer; } + +.friend-item { + cursor: pointer; +} + +.menu button { + background: none; + color: #333; + width: 100%; + height: 100%; + padding: 0; + text-align: left; +} \ No newline at end of file diff --git a/website/views/menu.php b/website/views/menu.php index 5486cd6..731b284 100644 --- a/website/views/menu.php +++ b/website/views/menu.php @@ -34,14 +34,18 @@ // Echo the friend. echo " - -
  • -
    - PF - $username -
    -
    • -     +
  • +
    + +
    +
    • "; } if ($i > 1) { -- 2.49.1 From 62d77fc61664fca1ca266cbe753dd481e7e2bfa1 Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Wed, 18 Jan 2017 15:56:59 +0100 Subject: [PATCH 018/295] Added query needed to get userID --- website/queries/user.php | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/website/queries/user.php b/website/queries/user.php index a73c16c..fee8fe8 100644 --- a/website/queries/user.php +++ b/website/queries/user.php @@ -1,6 +1,21 @@ prepare(" + SELECT + `userID` + FROM + `user` + WHERE + LOWER(`username`) = LOWER(:username) + "); + + $stmt->bindParam(':username', $username, PDO::PARAM_STR); + $stmt->execute(); + return $stmt->fetch()["userID"]; +} + function selectUser($db, $userID) { $stmt = $db->prepare(" SELECT @@ -41,7 +56,7 @@ function selectAllUserGroups($db, $userID) { `group_page`.`groupID` = `group_member`.`groupID` WHERE `userID` = :userID AND - `status` = 1 + `role` = 1 "); $stmt->bindParam(':userID', $userID, PDO::PARAM_INT); -- 2.49.1 From e7e3ae9c8be3492b20fcddd0c16d444099ee17b9 Mon Sep 17 00:00:00 2001 From: Hendrik Date: Wed, 18 Jan 2017 15:57:39 +0100 Subject: [PATCH 019/295] add changing single group status --- website/queries/group_page.php | 14 ++++++++++++++ website/queries/user.php | 1 + website/views/adminpanel.php | 8 +++++--- 3 files changed, 20 insertions(+), 3 deletions(-) diff --git a/website/queries/group_page.php b/website/queries/group_page.php index 8f04ca3..c6db01b 100644 --- a/website/queries/group_page.php +++ b/website/queries/group_page.php @@ -80,6 +80,20 @@ function search20GroupsFromNByStatus($db, $n, $keyword, $status) { return $q; } +function changeGroupStatusByID($db, $id, $status) { + $q = $db->query(" + UPDATE + `group_page` + SET + `status` = $status + WHERE + `groupID` = $id + "); + + return $q; +} + + ?> diff --git a/website/queries/user.php b/website/queries/user.php index de8c52b..bfd9579 100644 --- a/website/queries/user.php +++ b/website/queries/user.php @@ -54,6 +54,7 @@ function search20UsersFromNByStatus($db, $n, $keyword, $status) { `username` LIKE :keyword AND FIND_IN_SET (`role`, :statuses) ORDER BY + `role`, `username` LIMIT :n, 20 diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php index d478003..5a3ba97 100644 --- a/website/views/adminpanel.php +++ b/website/views/adminpanel.php @@ -62,6 +62,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { if (!empty($_POST["actions"]) && !empty($_POST["userID"])) { changeUserStatusByID($db, $_POST["userID"], $_POST["actions"]); + } elseif (!empty($_POST["actions"]) && !empty($_POST["groupID"])) { + changeGroupStatusByID($db, $_POST["groupID"], $_POST["actions"]); } } @@ -239,9 +241,9 @@ function test_input($data) { action='$thispage' method='post'> -- 2.49.1 From e86a6a6d6f27f187d2c74e065ebd53a0cdd42610 Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Wed, 18 Jan 2017 16:01:26 +0100 Subject: [PATCH 020/295] Changed queries include --- website/views/head.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/views/head.php b/website/views/head.php index fc28320..9306edf 100644 --- a/website/views/head.php +++ b/website/views/head.php @@ -15,6 +15,6 @@ \ No newline at end of file -- 2.49.1 From 3ee5488a88ad92cd7a5fddcaeb570459b8995768 Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Wed, 18 Jan 2017 16:02:11 +0100 Subject: [PATCH 021/295] Improved profile page, profile now takes data from the DB! --- website/public/profile.php | 57 +++++++++++++++++ website/views/profile.php | 125 ++++++++++--------------------------- 2 files changed, 90 insertions(+), 92 deletions(-) diff --git a/website/public/profile.php b/website/public/profile.php index d82fe48..4854080 100644 --- a/website/public/profile.php +++ b/website/public/profile.php @@ -1,3 +1,60 @@ + $unix_date) { + $difference = $now - $unix_date; + $tense = "geleden"; + } else { + $difference = $unix_date - $now; + $tense = "vanaf nu"; + } + + for($i = 0; $difference >= $lengths[$i] && $i < count($lengths) - 1; $i++) { + $difference /= $lengths[$i]; + } + + $difference = round($difference); + + if($difference != 1) { + $period = $multiple_periods[$i]; + } else { + $period = $single_periods[$i]; + } + + return "$difference $period $tense"; +} + +if(empty($_GET["username"])) { + echo "User does not exist!"; + return; +} + +$userID = getUserID($db, $_GET["username"]); + +$user = selectUser($db, $userID); +$friends = selectAllFriends($db, $userID); +$groups = selectAllUserGroups($db, $userID); +$posts = selectAllUserPosts($db, $userID); + +?> + diff --git a/website/views/profile.php b/website/views/profile.php index 8f5efe2..395dd15 100644 --- a/website/views/profile.php +++ b/website/views/profile.php @@ -1,113 +1,54 @@
    - + ">

    Als vriend toevoegen

    -

    [gebruikersnaam]

    -

    Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec dictum turpis quam, eu ultrices sapien hendrerit tincidunt. Nunc aliquam neque turpis, id porta quam iaculis id. Sed suscipit, nisl a fermentum congue, nunc augue finibus lectus, id varius nunc purus nec dolor. Integer laoreet tellus sit amet sapien auctor congue. Mauris laoreet eu elit vel rhoncus. Nam et tortor arcu. Maecenas sit amet leo quis tellus varius gravida. Sed quis fermentum odio, sed dictum nulla. Donec aliquam rutrum orci cursus tempus. Quisque sit amet ipsum eget velit aliquam facilisis ultricies quis ligula. Nunc nisi lacus, luctus non bibendum quis, sagittis sit amet odio.

    +

    +

    Vrienden

    - [gebruikersnaam]'s profielfoto - [gebruikersnaam]'s profielfoto - [gebruikersnaam]'s profielfoto - [gebruikersnaam]'s profielfoto - [gebruikersnaam]'s profielfoto - ...en nog 25 anderen! + fetch()) { + echo "" . $friend["username"] . ""; + } + + if($friends->rowCount() === 0) { + echo "

    Deze gebruiker heeft nog geen vrienden gemaakt.

    "; + } + ?>

    Groepen

    - [groepsnaam]'s logo - [groepsnaam]'s logo - [groepsnaam]'s logo - [groepsnaam]'s logo - [groepsnaam]'s logo - ...en nog 6 anderen! + fetch()) { + echo "${group["name"]}s logo"; + } + + if($groups->rowCount() === 0) { + echo "

    Deze gebruiker is nog geen lid van een groep.

    "; + } + ?>

    -
    -

    Lorem

    -

    Lorem ipsum dolor sit amet, consectetur.

    -

    Enkele minuten geleden geplaatst

    -
    -
    -

    Image

    - Olympic Mountains, Washington -

    Gisteren geplaatst

    -
    -
    -

    Ipsum

    -

    Lorem ipsum dolor sit amet, consectetur adipisicing elit. Rem nihil alias amet dolores fuga totam sequi a cupiditate ipsa voluptas id facilis nobis.

    -

    Maandag geplaatst

    -
    -
    -

    Dolor

    -

    Lorem ipsum dolor sit amet, consectetur adipisicing elit.

    -

    4 Januari geplaatst

    -
    -
    -

    Sit

    -

    Lorem ipsum dolor sit.

    -

    4 Januari geplaatst

    -
    -
    -

    Image

    - Nunobiki Falls, Kobe Japan -

    4 Januari geplaatst

    -
    -
    -

    Amet

    -

    Lorem ipsum dolor sit amet, consectetur adipisicing elit. Minima asperiores eveniet vero velit eligendi aliquid in.

    -

    4 Januari geplaatst

    -
    -
    -

    Consectetur

    -

    Lorem ipsum dolor sit amet, consectetur adipisicing elit. Error aliquid reprehenderit expedita odio beatae est.

    -

    4 Januari geplaatst

    -
    -
    -

    Adipisicing

    -

    Lorem ipsum dolor sit amet, consectetur adipisicing elit. Quaerat architecto quis tenetur fugiat veniam iste molestiae fuga labore!

    -

    4 Januari geplaatst

    -
    -
    -

    Elit

    -

    Lorem ipsum dolor sit amet, consectetur adipisicing elit. Rem ut debitis dolorum earum expedita eveniet voluptatem quibusdam facere eos numquam commodi ad iusto laboriosam rerum aliquam.

    -

    4 Januari geplaatst

    -
    -
    -

    Geen error

    -

    Lorem ipsum dolor sit amet, consectetur adipisicing elit. Doloribus dolorem maxime minima animi cum.

    -

    4 Januari geplaatst

    -
    -
    -

    Image

    - Oregon cliffs are no joke. -

    4 Januari geplaatst

    -
    -
    -

    Aliquid

    -

    Lorem ipsum dolor sit amet, consectetur.

    -

    4 Januari geplaatst

    -
    -
    -

    Odit

    -

    Lorem ipsum dolor sit amet, consectetur adipisicing elit. Odit accusamus tempore at porro officia rerum est impedit ea ipsa tenetur. Labore libero hic error sunt laborum expedita.

    -

    4 Januari geplaatst

    -
    -
    -

    Accusamus

    -

    Lorem ipsum dolor sit amet, consectetur adipisicing elit. Nobis quaerat suscipit ad.

    -

    4 Januari geplaatst

    -
    -
    - + fetch()) { + $nicetime = nicetime($post["creationdate"]); + echo " +
    +

    ${post["title"]}

    +

    ${post["content"]}

    +

    ${nicetime} geplaatst.

    +
    + "; + } + ?>
    \ No newline at end of file -- 2.49.1 From d06ad5a44d094501f9b3a49124cc1ea106ea7fe5 Mon Sep 17 00:00:00 2001 From: Lars van Hijfte Date: Wed, 18 Jan 2017 16:12:38 +0100 Subject: [PATCH 022/295] fixed menu more friends bug --- website/public/js/menu.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/public/js/menu.js b/website/public/js/menu.js index d4471eb..32b048a 100644 --- a/website/public/js/menu.js +++ b/website/public/js/menu.js @@ -6,7 +6,7 @@ $(document).ready(function() { $("#more-friends-click").click(function() { // Show only friends $("#groups-menu-section").slideUp(); - $("#friends-menu-section a").show(); + $("#friends-menu-section li").show(); // Change buttons $("#more-friends-click").hide(); @@ -17,7 +17,7 @@ $(document).ready(function() { $("#more-groups-click").click(function() { // Show only groups $("#friends-menu-section").slideUp(); - $("#groups-menu-section a").show(); + $("#groups-menu-section li").show(); // Change buttons $("#more-groups-click").hide(); -- 2.49.1 From 380b256d292630a028a0096036c6568d2b351343 Mon Sep 17 00:00:00 2001 From: Lars van Hijfte Date: Wed, 18 Jan 2017 16:20:33 +0100 Subject: [PATCH 023/295] added this file because it is needed --- website/public/loadMessages.php | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 website/public/loadMessages.php diff --git a/website/public/loadMessages.php b/website/public/loadMessages.php new file mode 100644 index 0000000..fb9f129 --- /dev/null +++ b/website/public/loadMessages.php @@ -0,0 +1,11 @@ + Date: Thu, 19 Jan 2017 11:00:55 +0100 Subject: [PATCH 024/295] Ignore .idea folder --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 49adb33..9479d1a 100644 --- a/.gitignore +++ b/.gitignore @@ -8,7 +8,7 @@ # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 - +.idea/* # User-specific stuff: .idea/workspace.xml .idea/tasks.xml -- 2.49.1 From ff19b5e1b9d33ae2f3d6c374a1e762997f52c2e9 Mon Sep 17 00:00:00 2001 From: Marijn Jansen Date: Thu, 19 Jan 2017 11:01:29 +0100 Subject: [PATCH 025/295] Settings messages now uses a Class (: --- website/public/settings.php | 12 ++---- website/queries/settings.php | 67 ++++++++++++++++++++++----------- website/views/settings-view.php | 6 +-- 3 files changed, 53 insertions(+), 32 deletions(-) diff --git a/website/public/settings.php b/website/public/settings.php index 2f91690..c3645f1 100644 --- a/website/public/settings.php +++ b/website/public/settings.php @@ -5,6 +5,7 @@ include("../views/head.php"); include_once("../queries/connect.php"); include_once("../queries/settings.php"); + $_SESSION["userID"] = 2; ?> "; } + + $randomUser = selectRandomNotFriendUser($_SESSION["userID"])["username"]; + + echo " +
  • +
    + +
    +
    • + "; if ($i > 1) { $i -= 1; echo " -
  • - En nog $i anderen... -
    • "; +
  • + En nog $i anderen... +
    • + "; } + ?> @@ -87,17 +106,28 @@ // Echo the friend. echo " - -
  • -
    - PF - $name -
    -
    • -     +
  • +
    + +
    +
    • "; } - if ($i > 3) { + + if ($i == 0) { + echo "
  • +
    + Je hoort nergens bij. +
    +
    • "; + } else if ($i > 3) { $i -= 3; echo "
  • -- 2.49.1 From daff2f41faf4b0f8b7def9edc294aace9976f068 Mon Sep 17 00:00:00 2001 From: Hendrik Date: Fri, 20 Jan 2017 12:29:34 +0100 Subject: [PATCH 051/295] minor fix --- website/views/adminpanel.php | 7 ------- 1 file changed, 7 deletions(-) diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php index 86c674a..52681a4 100644 --- a/website/views/adminpanel.php +++ b/website/views/adminpanel.php @@ -99,15 +99,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { changeMultipleGroupStatusByID($db, $_POST["checkbox-group"], $_POST["groupbatchactions"]); } -<<<<<<< HEAD if (isset($_POST["pageselect"])) { $currentpage = $_POST["pageselect"]; -======= - if (!empty($_POST["actions"]) && !empty($_POST["userID"])) { - changeUserStatusByID($_POST["userID"], $_POST["actions"]); - } elseif (!empty($_POST["actions"]) && !empty($_POST["groupID"])) { - changeGroupStatusByID($_POST["groupID"], $_POST["actions"]); ->>>>>>> master } } -- 2.49.1 From eb1fc154015d8477041aee70a05c2561f8983196 Mon Sep 17 00:00:00 2001 From: Joey Lai Date: Fri, 20 Jan 2017 12:32:39 +0100 Subject: [PATCH 052/295] script on right lines --- website/public/login.php | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/website/public/login.php b/website/public/login.php index 65babdf..3d37da7 100644 --- a/website/public/login.php +++ b/website/public/login.php @@ -7,6 +7,18 @@ include_once("../queries/checkInput.php") ?> + + - - - -- 2.49.1 From 6c41e825fe4527ca83949d647183d70eb34466c4 Mon Sep 17 00:00:00 2001 From: Lars van Hijfte Date: Fri, 20 Jan 2017 12:53:23 +0100 Subject: [PATCH 053/295] Removed absolute path --- website/views/head.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/website/views/head.php b/website/views/head.php index e267d61..bb6eec4 100644 --- a/website/views/head.php +++ b/website/views/head.php @@ -1,17 +1,17 @@ MyHyvesbook+ - - - - + + + + Date: Fri, 20 Jan 2017 12:58:34 +0100 Subject: [PATCH 054/295] fix queries for global and prepared --- website/queries/group_page.php | 43 ++++++++++++++++++++-------------- website/queries/user.php | 29 ++++++++++++++--------- website/views/adminpanel.php | 16 ++++++------- 3 files changed, 52 insertions(+), 36 deletions(-) diff --git a/website/queries/group_page.php b/website/queries/group_page.php index 44d346c..ef7af07 100644 --- a/website/queries/group_page.php +++ b/website/queries/group_page.php @@ -1,7 +1,7 @@ query(" + $q = $GLOBALS["db"]->prepare(" SELECT `group_page`.`name`, `group_page`.`picture`, @@ -11,12 +11,16 @@ function selectGroupById($groupID) { FROM `group_page` WHERE - `group_page`.`groupID` = $groupID + `group_page`.`groupID` = :groupID "); + + $q->bindParam(':groupID', $groupID); + $q->execute(); + return $q; } function select20GroupsFromN($n) { - return $GLOBALS["db"]->query(" + $q = $GLOBALS["db"]->prepare(" SELECT `group_page`.`groupID`, `group_page`.`name`, @@ -29,12 +33,16 @@ function select20GroupsFromN($n) { ORDER BY `group_page`.`name` ASC LIMIT - $n, 20 + :n, 20 "); + + $q->bindParam(':n', $n); + $q->execute(); + return $q; } function select20GroupsByStatusFromN($n, $status) { - return $GLOBALS["db"]->query(" + $q = $GLOBALS["db"]->prepare(" SELECT `group_page`.`groupID`, `group_page`.`name`, @@ -45,12 +53,17 @@ function select20GroupsByStatusFromN($n, $status) { FROM `group_page` WHERE - `group_page`.`status` = $status + `group_page`.`status` = :status ORDER BY `group_page`.`name` ASC LIMIT - $n, 20 + :n, 20 "); + + $q->bindParam(':status', $status); + $q->bindParam(':n', $n); + $q->execute(); + return $q; } function search20GroupsFromNByStatus($n, $keyword, $status) { @@ -80,8 +93,8 @@ function search20GroupsFromNByStatus($n, $keyword, $status) { return $q; } -function searchSomeGroupsByStatus($db, $n, $m, $keyword, $status) { - $q = $db->prepare(" +function searchSomeGroupsByStatus($n, $m, $keyword, $status) { + $q = $GLOBALS['db']->prepare(" SELECT `groupID`, `name`, @@ -108,8 +121,8 @@ function searchSomeGroupsByStatus($db, $n, $m, $keyword, $status) { return $q; } -function countSomeGroupsByStatus($db, $keyword, $status) { - $q = $db->prepare(" +function countSomeGroupsByStatus($keyword, $status) { + $q = $GLOBALS['db']->prepare(" SELECT COUNT(*) FROM @@ -141,11 +154,9 @@ function changeGroupStatusByID($id, $status) { return $q; } -<<<<<<< HEAD - -function changeMultipleGroupStatusByID($db, $ids, $status) { - $q = $db->prepare(" +function changeMultipleGroupStatusByID($ids, $status) { + $q = $GLOBALS['db']->prepare(" UPDATE `group_page` SET @@ -163,5 +174,3 @@ function changeMultipleGroupStatusByID($db, $ids, $status) { ?> -======= ->>>>>>> master diff --git a/website/queries/user.php b/website/queries/user.php index 71cef11..719a40f 100644 --- a/website/queries/user.php +++ b/website/queries/user.php @@ -87,7 +87,7 @@ function selectAllUserPosts($userID) { } function select20UsersFromN($n) { - return $GLOBALS["db"]->query(" + $q = $GLOBALS["db"]->prepare(" SELECT `userID`, `username`, @@ -99,8 +99,12 @@ function select20UsersFromN($n) { `role`, `username` LIMIT - $n, 20 + :n, 20 "); + + $q->bindParam(':n', $n); + $q->execute(); + return $q; } function search20UsersFromN($n, $keyword) { @@ -155,8 +159,8 @@ function search20UsersFromNByStatus($n, $keyword, $status) { return $q; } -function searchSomeUsersByStatus($db, $n, $m, $keyword, $status) { - $q = $db->prepare(" +function searchSomeUsersByStatus($n, $m, $keyword, $status) { + $q = $GLOBALS["db"]->prepare(" SELECT `userID`, `username`, @@ -184,8 +188,8 @@ function searchSomeUsersByStatus($db, $n, $m, $keyword, $status) { return $q; } -function countSomeUsersByStatus($db, $keyword, $status) { - $q = $db->prepare(" +function countSomeUsersByStatus($keyword, $status) { + $q = $GLOBALS["db"]->prepare(" SELECT COUNT(*) FROM @@ -208,20 +212,23 @@ function countSomeUsersByStatus($db, $keyword, $status) { function changeUserStatusByID($id, $status) { - $q = $GLOBALS["db"]->query(" + $q = $GLOBALS["db"]->prepare(" UPDATE `user` SET - `role` = $status + `role` = :status WHERE - `userID` = $id + `userID` = :id "); + $q->bindParam(':status', $status); + $q->bindParam(':id', $id); + $q->execute(); return $q; } -function changeMultipleUserStatusByID($db, $ids, $status) { - $q = $db->prepare(" +function changeMultipleUserStatusByID($ids, $status) { + $q = $GLOBALS["db"]->prepare(" UPDATE `user` SET diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php index 52681a4..af23dae 100644 --- a/website/views/adminpanel.php +++ b/website/views/adminpanel.php @@ -84,19 +84,19 @@ if (isset($_GET["groupstatus"])) { if ($_SERVER["REQUEST_METHOD"] == "POST") { if (isset($_POST["actions"]) && isset($_POST["userID"])) { - changeUserStatusByID($db, $_POST["userID"], $_POST["actions"]); + changeUserStatusByID($_POST["userID"], $_POST["actions"]); } if (isset($_POST["actions"]) && isset($_POST["groupID"])) { - changeGroupStatusByID($db, $_POST["groupID"], $_POST["actions"]); + changeGroupStatusByID($_POST["groupID"], $_POST["actions"]); } if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) { - changeMultipleUserStatusByID($db, $_POST["checkbox-user"], $_POST["batchactions"]); + changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]); } if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) { - changeMultipleGroupStatusByID($db, $_POST["checkbox-group"], $_POST["groupbatchactions"]); + changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]); } if (isset($_POST["pageselect"])) { @@ -226,9 +226,9 @@ function test_input($data) {
    fetchColumn(); $mincount = min($listm, $countresults); @@ -277,7 +277,7 @@ function test_input($data) { $listm = $currentpage * $perpage; if ($pagetype == 'user') { - $q = searchSomeUsersByStatus($db, $listn, $listm, $search, $status); + $q = searchSomeUsersByStatus($listn, $listm, $search, $status); while($user = $q->fetch(PDO::FETCH_ASSOC)) { $userID = $user['userID']; @@ -316,7 +316,7 @@ function test_input($data) { "); } } else { - $q = searchSomeGroupsByStatus($db, $listn, $listm, $search, $groupstatus); + $q = searchSomeGroupsByStatus($listn, $listm, $search, $groupstatus); while ($group = $q->fetch(PDO::FETCH_ASSOC)) { $groupID = $group['groupID']; -- 2.49.1 From bfdf9e989b2a724f505975d9ab79ccef106e937d Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Fri, 20 Jan 2017 13:07:47 +0100 Subject: [PATCH 055/295] Fixed profile page, now shows current user when no username is given in get variable. --- website/public/profile.php | 61 ++++++------------------------------ website/queries/nicetime.php | 39 +++++++++++++++++++++++ 2 files changed, 49 insertions(+), 51 deletions(-) create mode 100644 website/queries/nicetime.php diff --git a/website/public/profile.php b/website/public/profile.php index f3f499b..0fe2feb 100644 --- a/website/public/profile.php +++ b/website/public/profile.php @@ -1,45 +1,16 @@ + + + + + + + $unix_date) { - $difference = $now - $unix_date; - $tense = "geleden"; - } else { - $difference = $unix_date - $now; - $tense = "vanaf nu"; - } - - for($i = 0; $difference >= $lengths[$i] && $i < count($lengths) - 1; $i++) { - $difference /= $lengths[$i]; - } - - $difference = round($difference); - - if($difference != 1) { - $period = $multiple_periods[$i]; - } else { - $period = $single_periods[$i]; - } - - return "$difference $period $tense"; -} +include("../queries/nicetime.php"); if(empty($_GET["username"])) { $userID = $_SESSION["userID"]; @@ -52,18 +23,6 @@ $profile_friends = selectAllFriends($userID); $profile_groups = selectAllUserGroups($userID); $posts = selectAllUserPosts($userID); -?> - - - - - - - - - $unix_date) { +$difference = $now - $unix_date; +$tense = "geleden"; +} else { +$difference = $unix_date - $now; +$tense = "vanaf nu"; +} + +for($i = 0; $difference >= $lengths[$i] && $i < count($lengths) - 1; $i++) { +$difference /= $lengths[$i]; +} + +$difference = round($difference); + +if($difference != 1) { +$period = $multiple_periods[$i]; +} else { +$period = $single_periods[$i]; +} + +return "$difference $period $tense"; +} \ No newline at end of file -- 2.49.1 From 6418b2b679fdaee5f70da8dddf6321989ea5ea5d Mon Sep 17 00:00:00 2001 From: Hendrik Date: Fri, 20 Jan 2017 13:14:28 +0100 Subject: [PATCH 056/295] move js to /js --- website/public/js/admin.js | 44 +++++++++++++++++++++++++++++++ website/views/adminpanel.php | 50 ++---------------------------------- 2 files changed, 46 insertions(+), 48 deletions(-) create mode 100644 website/public/js/admin.js diff --git a/website/public/js/admin.js b/website/public/js/admin.js new file mode 100644 index 0000000..2055123 --- /dev/null +++ b/website/public/js/admin.js @@ -0,0 +1,44 @@ +window.onload = function() { + changeFilter(); +}; + +function checkAll(allbox) { + var checkboxes = document.getElementsByClassName('checkbox-list'); + + for (var i = 0; i < checkboxes.length; i++) { + if (checkboxes[i].type == 'checkbox') { + checkboxes[i].checked = allbox.checked; + } + } +} + +function checkCheckAll(allbox) { + var checkboxes = document.getElementsByClassName('checkbox-list'); + var checked = true; + + for (var i = 0; i < checkboxes.length; i++) { + if (checkboxes[i].type == 'checkbox') { + if (checkboxes[i].checked == false) { + checked = false; + break; + } + } + } + allbox.checked = checked; +} + +function changeFilter() { + if (document.getElementById('group').checked) { + document.getElementById('admin-filter').style.display = 'none'; + document.getElementById('admin-groupfilter').style.display = 'inline-block'; + + document.getElementById('admin-batchactions').style.display = 'none'; + document.getElementById('admin-groupbatchactions').style.display = 'inline-block'; + } else { + document.getElementById('admin-filter').style.display = 'inline-block'; + document.getElementById('admin-groupfilter').style.display = 'none'; + + document.getElementById('admin-batchactions').style.display = 'inline-block'; + document.getElementById('admin-groupbatchactions').style.display = 'none'; + } +} diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php index af23dae..fde8237 100644 --- a/website/views/adminpanel.php +++ b/website/views/adminpanel.php @@ -3,53 +3,7 @@ Admin Panel - + fetchColumn(); $mincount = min($listm, $countresults); -- 2.49.1 From 61c148e127bade2b031d75264504a84754b70200 Mon Sep 17 00:00:00 2001 From: Lars van Hijfte Date: Fri, 20 Jan 2017 13:30:40 +0100 Subject: [PATCH 057/295] Made chat xss prove --- website/public/API/loadMessages.php | 7 +++---- website/public/API/sendMessage.php | 15 +++++++-------- website/public/js/chat.js | 6 +----- 3 files changed, 11 insertions(+), 17 deletions(-) diff --git a/website/public/API/loadMessages.php b/website/public/API/loadMessages.php index fef9db7..1c6b942 100644 --- a/website/public/API/loadMessages.php +++ b/website/public/API/loadMessages.php @@ -3,11 +3,10 @@ session_start(); require_once("../../queries/connect.php"); require_once("../../queries/private_message.php"); +require_once("../../queries/checkInput.php"); if (isset($_POST["lastID"]) && $_POST["lastID"] != "") { - - echo getNewChatMessages($_POST["lastID"], $_POST["destination"]); - + echo getNewChatMessages(test_input($_POST["lastID"]), test_input($_POST["destination"])); } else { - echo getOldChatMessages($_POST["destination"]); + echo getOldChatMessages(test_input($_POST["destination"])); } \ No newline at end of file diff --git a/website/public/API/sendMessage.php b/website/public/API/sendMessage.php index d1bc758..c5d47d1 100644 --- a/website/public/API/sendMessage.php +++ b/website/public/API/sendMessage.php @@ -3,16 +3,15 @@ session_start(); require_once("../../queries/connect.php"); require_once("../../queries/private_message.php"); +require_once("../../queries/checkInput.php"); -if (isset($_POST["destination"]) && - isset($_POST["content"])) { - - if (sendMessage($_POST["destination"], $_POST["content"])) { - echo $_POST["content"] . " is naar " . $_POST["destination"] . " gestuurd"; +if (!empty(test_input($_POST["destination"])) && + !empty(test_input($_POST["content"]))) { + if (sendMessage(test_input($_POST["destination"]), test_input($_POST["content"]))) { + echo 1; } else { - echo "YOU FAILED!!!"; + echo 0; } - } else { - echo "maybe dont try to hax the system?"; + echo 0; } \ No newline at end of file diff --git a/website/public/js/chat.js b/website/public/js/chat.js index 75eb32e..6c420a1 100644 --- a/website/public/js/chat.js +++ b/website/public/js/chat.js @@ -10,7 +10,6 @@ function loadMessages() { $("#lastIDForm").serialize() ).done(function(data) { if (data && data != "[]") { - console.log(data); messages = JSON.parse(data); addMessages(messages); $("#lastID").val(messages[messages.length - 1].messageID); @@ -23,13 +22,10 @@ function loadMessages() { function sendMessage() { - console.log($("#sendMessageForm").serialize()); $.post( "API/sendMessage.php", $("#sendMessageForm").serialize() - ).done(function( data ) { - console.log(data); - }); + ); $("#newContent").val(""); } -- 2.49.1 From b7620fe4dbe3cdaf595eb71087b485e4bbeaf81e Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Fri, 20 Jan 2017 14:05:20 +0100 Subject: [PATCH 058/295] Moved .htaccess --- website/.htaccess | 14 -------------- website/public/.htaccess | 14 ++++++++++++++ 2 files changed, 14 insertions(+), 14 deletions(-) delete mode 100644 website/.htaccess create mode 100644 website/public/.htaccess diff --git a/website/.htaccess b/website/.htaccess deleted file mode 100644 index 5c0147b..0000000 --- a/website/.htaccess +++ /dev/null @@ -1,14 +0,0 @@ -Options +FollowSymLinks -RewriteEngine On - -ErrorDocument 404 /error404.jpg - -RewriteCond %{SCRIPT_FILENAME} !-d -RewriteCond %{SCRIPT_FILENAME} !-f - -# Resolve .php file for extensionless php urls -RewriteRule ^([^/.]+)$ $1.php [L] - -RewriteRule ^([^/.]+)\/$ $1.php [L] - -RewriteRule ^profile/([A-z0-9]+)\/?$ profile.php?username=$1 [NC] \ No newline at end of file diff --git a/website/public/.htaccess b/website/public/.htaccess new file mode 100644 index 0000000..69fda24 --- /dev/null +++ b/website/public/.htaccess @@ -0,0 +1,14 @@ +#Options +FollowSymLinks +#RewriteEngine On +# +#ErrorDocument 404 /error404.jpg +# +#RewriteCond %{SCRIPT_FILENAME} !-d +#RewriteCond %{SCRIPT_FILENAME} !-f +# +## Resolve .php file for extensionless php urls +#RewriteRule ^([^/.]+)$ $1.php [L] +# +#RewriteRule ^([^/.]+)\/$ $1.php [L] +# +#RewriteRule ^profile/([A-z0-9]+)\/?$ profile.php?username=$1 [NC] \ No newline at end of file -- 2.49.1 From f9c55323ad54047ab80381499fef430b3f49fd8b Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Fri, 20 Jan 2017 14:09:04 +0100 Subject: [PATCH 059/295] Made friends and groups clickable. --- website/views/profile.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/views/profile.php b/website/views/profile.php index 6c273a6..47b880d 100644 --- a/website/views/profile.php +++ b/website/views/profile.php @@ -13,7 +13,7 @@

    fetch()) { - echo "${friend["username"]}"; + echo "${friend["username"]}"; } @@ -29,7 +29,7 @@

    fetch()) { - echo "${group["name"]}s logo"; + echo "${group["name"]}s logo"; } if($groups->rowCount() === 0) { -- 2.49.1 From 0e5f7dc9fb4e7581bef3d1f85ef1231ad9ad71c0 Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Fri, 20 Jan 2017 14:10:32 +0100 Subject: [PATCH 060/295] Fixed no friends text and no groups text. --- website/views/profile.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/views/profile.php b/website/views/profile.php index 47b880d..83ac799 100644 --- a/website/views/profile.php +++ b/website/views/profile.php @@ -17,7 +17,7 @@ } - if($friends->rowCount() === 0) { + if($profile_friends->rowCount() === 0) { echo "

    Deze gebruiker heeft nog geen vrienden gemaakt.

    "; } ?> @@ -32,7 +32,7 @@ echo "${group["name"]}s logo"; } - if($groups->rowCount() === 0) { + if($profile_groups->rowCount() === 0) { echo "

    Deze gebruiker is nog geen lid van een groep.

    "; } ?> -- 2.49.1 From adb7f2f37db78f7099b3fedbcfe48d783c9c91a7 Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Fri, 20 Jan 2017 14:31:49 +0100 Subject: [PATCH 061/295] Fixed .htaccess --- website/public/.htaccess | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/website/public/.htaccess b/website/public/.htaccess index 69fda24..5c0147b 100644 --- a/website/public/.htaccess +++ b/website/public/.htaccess @@ -1,14 +1,14 @@ -#Options +FollowSymLinks -#RewriteEngine On -# -#ErrorDocument 404 /error404.jpg -# -#RewriteCond %{SCRIPT_FILENAME} !-d -#RewriteCond %{SCRIPT_FILENAME} !-f -# -## Resolve .php file for extensionless php urls -#RewriteRule ^([^/.]+)$ $1.php [L] -# -#RewriteRule ^([^/.]+)\/$ $1.php [L] -# -#RewriteRule ^profile/([A-z0-9]+)\/?$ profile.php?username=$1 [NC] \ No newline at end of file +Options +FollowSymLinks +RewriteEngine On + +ErrorDocument 404 /error404.jpg + +RewriteCond %{SCRIPT_FILENAME} !-d +RewriteCond %{SCRIPT_FILENAME} !-f + +# Resolve .php file for extensionless php urls +RewriteRule ^([^/.]+)$ $1.php [L] + +RewriteRule ^([^/.]+)\/$ $1.php [L] + +RewriteRule ^profile/([A-z0-9]+)\/?$ profile.php?username=$1 [NC] \ No newline at end of file -- 2.49.1 From 6478ce920f56a1fe1b004b99ef253cdc6fe10a1e Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Fri, 20 Jan 2017 14:40:21 +0100 Subject: [PATCH 062/295] Fixed .htaccess --- website/public/.htaccess | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/website/public/.htaccess b/website/public/.htaccess index 5c0147b..f08898a 100644 --- a/website/public/.htaccess +++ b/website/public/.htaccess @@ -9,6 +9,4 @@ RewriteCond %{SCRIPT_FILENAME} !-f # Resolve .php file for extensionless php urls RewriteRule ^([^/.]+)$ $1.php [L] -RewriteRule ^([^/.]+)\/$ $1.php [L] - -RewriteRule ^profile/([A-z0-9]+)\/?$ profile.php?username=$1 [NC] \ No newline at end of file +RewriteRule ^profile/([A-z0-9]+)$ profile.php?username=$1 [NC] \ No newline at end of file -- 2.49.1 From 42188609363a214a33a7df8a5bbd8c91a3e6334a Mon Sep 17 00:00:00 2001 From: Hendrik Date: Fri, 20 Jan 2017 14:43:04 +0100 Subject: [PATCH 063/295] remove testinput --- website/views/adminpanel.php | 6 ------ 1 file changed, 6 deletions(-) diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php index fde8237..116512c 100644 --- a/website/views/adminpanel.php +++ b/website/views/adminpanel.php @@ -62,12 +62,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $listn = ($currentpage-1) * $perpage; $listm = $currentpage * $perpage; -function test_input($data) { - $data = trim($data); - $data = stripslashes($data); - $data = htmlspecialchars($data); - return $data; -} ?>
    -- 2.49.1 From ca28724274047a90649944303022a2d503cd45f7 Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Fri, 20 Jan 2017 14:48:00 +0100 Subject: [PATCH 064/295] Fixed script tags and @import. Has to be absolute path in order to work with the .htaccess file. --- website/public/profile.php | 3 ++- website/views/head.php | 17 ++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/website/public/profile.php b/website/public/profile.php index 0fe2feb..6ede201 100644 --- a/website/public/profile.php +++ b/website/public/profile.php @@ -2,8 +2,9 @@ + diff --git a/website/views/head.php b/website/views/head.php index bb6eec4..4347650 100644 --- a/website/views/head.php +++ b/website/views/head.php @@ -1,17 +1,16 @@ MyHyvesbook+ - - - - + + + Date: Fri, 20 Jan 2017 14:55:47 +0100 Subject: [PATCH 065/295] Alpha 0.0.1 profile picture upload shizzle! --- website/public/settings.php | 3 ++- website/queries/settings.php | 28 +++++++++++++++++++++++++--- website/views/settings-view.php | 3 ++- 3 files changed, 29 insertions(+), 5 deletions(-) diff --git a/website/public/settings.php b/website/public/settings.php index 45e50d8..d52608b 100644 --- a/website/public/settings.php +++ b/website/public/settings.php @@ -22,12 +22,13 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $result = updateSettings(); break; case "password": - $result = updatePassword(); + $result = changePassword(); break; case "email": $result = changeEmail(); break; case "picture": + updateProfilePicture(); $result = $notImplemented; break; } diff --git a/website/queries/settings.php b/website/queries/settings.php index 7c92583..b85cae8 100644 --- a/website/queries/settings.php +++ b/website/queries/settings.php @@ -99,11 +99,11 @@ function updateSettings() { return new settingsMessage("happy", "Instellingen zijn opgeslagen."); } -function updatePassword() { +function changePassword() { $user = getPasswordHash(); if (password_verify($_POST["password-old"], $user["password"])) { if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) { - if (changePassword()) { + if (doChangePassword()) { return new settingsMessage("happy", "Wachtwoord gewijzigd."); } else { return new settingsMessage("angry", "Er is iets mis gegaan."); @@ -116,7 +116,7 @@ function updatePassword() { } } -function changePassword() { +function doChangePassword() { $stmt = $GLOBALS["db"]->prepare(" UPDATE `user` @@ -184,4 +184,26 @@ function doChangeEmail($email) { $stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->execute(); return $stmt->rowCount(); +} + +function updateProfilePicture() { + $profilePictureDir = "/var/www/html/public/"; + $relativePath = "uploads/" . $_SESSION["userID"] . "_" . basename($_FILES["pp"]["name"]); + move_uploaded_file($_FILES['pp']['tmp_name'], $profilePictureDir . $relativePath); + setProfilePictureToDatabase("../" . $relativePath); +} + +function setProfilePictureToDatabase($url) { + $stmt = $GLOBALS["db"]->prepare(" + UPDATE + `user` + SET + `profilepicture` = :profilepicture + WHERE + `userID` = :userID + "); + + $stmt->bindParam(":profilepicture", $url); + $stmt->bindParam(":userID", $_SESSION["userID"]); + $stmt->execute(); } \ No newline at end of file diff --git a/website/views/settings-view.php b/website/views/settings-view.php index 6d9d660..f6c4e07 100644 --- a/website/views/settings-view.php +++ b/website/views/settings-view.php @@ -1,5 +1,6 @@
    @@ -68,7 +69,7 @@ $settings = getSettings();
    • -
    +
    Verander profielfoto
    • -- 2.49.1 From e547712b2a6020aaee8cb59ee4795287f82dfa74 Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Fri, 20 Jan 2017 15:02:05 +0100 Subject: [PATCH 066/295] Changed links to absolute path. --- website/views/adminpanel.php | 2 +- website/views/header.php | 12 ++++++------ website/views/login-view.php | 4 ++-- website/views/login_head.php | 6 +++--- website/views/menu.php | 2 +- website/views/profile.php | 2 +- website/views/register-view.php | 2 +- 7 files changed, 15 insertions(+), 15 deletions(-) diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php index fde8237..e8efe6f 100644 --- a/website/views/adminpanel.php +++ b/website/views/adminpanel.php @@ -3,7 +3,7 @@ Admin Panel - +
      diff --git a/website/views/login-view.php b/website/views/login-view.php index 33fa7e9..7a023f0 100644 --- a/website/views/login-view.php +++ b/website/views/login-view.php @@ -1,6 +1,6 @@
      MyHyvesbook+
      @@ -46,6 +46,6 @@
      diff --git a/website/views/login_head.php b/website/views/login_head.php index a41e87e..645f919 100644 --- a/website/views/login_head.php +++ b/website/views/login_head.php @@ -3,9 +3,9 @@ MyHyvesbook+ + href="/styles/main.css"> - + href="/styles/index.css"> + diff --git a/website/views/menu.php b/website/views/menu.php index 88ae076..c6b030a 100644 --- a/website/views/menu.php +++ b/website/views/menu.php @@ -51,7 +51,7 @@ echo "
    • -
      +
    - - -- 2.49.1 From e7d63c2f572a79d6a2250e2f3ae23a57f6e370fc Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Fri, 20 Jan 2017 15:34:01 +0100 Subject: [PATCH 068/295] Changed how name is displayed on profile page. --- website/public/styles/profile.css | 23 ++++------------------- website/views/profile.php | 7 ++++--- 2 files changed, 8 insertions(+), 22 deletions(-) diff --git a/website/public/styles/profile.css b/website/public/styles/profile.css index af1ed58..7437e4c 100644 --- a/website/public/styles/profile.css +++ b/website/public/styles/profile.css @@ -10,9 +10,12 @@ margin: 0 20px 20px 0; } -.profile-box .profile-username { +.profile-box h1.profile-username { padding-top: 50px; } +.profile-box h5.profile-username { + padding-top: 0; +} div.posts { padding-top: 20px; @@ -37,24 +40,6 @@ div.posts .post p.subscript { font-size: 8pt; } -/*.posts {*/ - /*z-index: -1;*/ - /*margin-right: 0;*/ - /*width: calc(100% + 15px);*/ -/*}*/ - -/*.post-box {*/ - /*display: inline-flex;*/ - /*margin: 20px 15px 0 0;*/ - /*padding: 25px;*/ - /*background-color: #FFFFFF;*/ -/*}*/ - -/*!* fullscreen *!*/ -/*.post-box {*/ - /*width: calc(25% - 69px);*/ -/*}*/ - @media only screen and (max-width: 1500px) { .post-box { width: calc(50% - 68px); diff --git a/website/views/profile.php b/website/views/profile.php index f8cdadd..1457dee 100644 --- a/website/views/profile.php +++ b/website/views/profile.php @@ -4,7 +4,8 @@

    Als vriend toevoegen

    -

    ()

    +

    +

    @@ -13,7 +14,7 @@

    fetch()) { - echo "${friend["username"]}"; + echo "${friend["username"]}"; } @@ -29,7 +30,7 @@

    fetch()) { - echo "${group["name"]}s logo"; + echo "${group["name"]}s logo"; } if($profile_groups->rowCount() === 0) { -- 2.49.1 From 587d0e6ac351787fe1d944b06c6a05b42e1952f1 Mon Sep 17 00:00:00 2001 From: Marijn Jansen Date: Fri, 20 Jan 2017 15:41:13 +0100 Subject: [PATCH 069/295] fixed crosssitescripting on settings pagw --- website/queries/settings.php | 8 ++++---- website/views/settings-view.php | 1 - 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/website/queries/settings.php b/website/queries/settings.php index b85cae8..7d3bf9c 100644 --- a/website/queries/settings.php +++ b/website/queries/settings.php @@ -87,11 +87,11 @@ function updateSettings() { `userID` = :userID "); - $stmt->bindParam(":fname", $_POST["fname"]); - $stmt->bindParam(":lname", $_POST["lname"]); - $stmt->bindParam(":location", $_POST["location"]); + $stmt->bindParam(":fname", test_input($_POST["fname"])); + $stmt->bindParam(":lname", test_input($_POST["lname"])); + $stmt->bindParam(":location", test_input($_POST["location"])); $stmt->bindParam(":bday", $_POST["bday"]); - $stmt->bindParam(":bio", $_POST["bio"]); + $stmt->bindParam(":bio", test_input($_POST["bio"])); $stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->execute(); diff --git a/website/views/settings-view.php b/website/views/settings-view.php index f6c4e07..1fa5278 100644 --- a/website/views/settings-view.php +++ b/website/views/settings-view.php @@ -1,6 +1,5 @@

    -- 2.49.1 From e17a55e82dff94723917a2393698892134aab18e Mon Sep 17 00:00:00 2001 From: Joey Lai Date: Fri, 20 Jan 2017 16:01:08 +0100 Subject: [PATCH 070/295] Fixed redirect to profile page after going back 1 page --- website/public/js/registerAndLogin.js | 8 ++++++++ website/public/login.php | 13 +------------ website/public/register.php | 6 ++++-- website/views/login_head.php | 1 + 4 files changed, 14 insertions(+), 14 deletions(-) create mode 100644 website/public/js/registerAndLogin.js diff --git a/website/public/js/registerAndLogin.js b/website/public/js/registerAndLogin.js new file mode 100644 index 0000000..8428440 --- /dev/null +++ b/website/public/js/registerAndLogin.js @@ -0,0 +1,8 @@ +function checkLoggedIn() { + if (confirm("You are already logged in!\nDo you want to logout?\nPress ok to logout.") == true) { + window.location.href = "logout.php"; + } else { + window.history.back(); + } + document.getElementById("demo").innerHTML = x; +} diff --git a/website/public/login.php b/website/public/login.php index b3da203..0d07413 100644 --- a/website/public/login.php +++ b/website/public/login.php @@ -4,20 +4,9 @@ include("../views/login_head.php"); require_once("../queries/connect.php"); include_once("../queries/login.php"); - include_once("../queries/checkInput.php") + include_once("../queries/checkInput.php"); ?> - - + -- 2.49.1 From 6ff70440e67ad96ef71867ef26ca1a1f3f90135c Mon Sep 17 00:00:00 2001 From: Joey Lai Date: Fri, 20 Jan 2017 16:14:32 +0100 Subject: [PATCH 071/295] history back -> profile.php --- website/public/js/registerAndLogin.js | 2 +- website/public/register.php | 2 +- website/views/login_head.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/website/public/js/registerAndLogin.js b/website/public/js/registerAndLogin.js index 8428440..0452d15 100644 --- a/website/public/js/registerAndLogin.js +++ b/website/public/js/registerAndLogin.js @@ -2,7 +2,7 @@ function checkLoggedIn() { if (confirm("You are already logged in!\nDo you want to logout?\nPress ok to logout.") == true) { window.location.href = "logout.php"; } else { - window.history.back(); + window.location.href = "profile.php"; } document.getElementById("demo").innerHTML = x; } diff --git a/website/public/register.php b/website/public/register.php index ec1f879..8c0f8e4 100644 --- a/website/public/register.php +++ b/website/public/register.php @@ -29,7 +29,7 @@ } else { $bday = test_input($_POST["bday"]); } -g + checkInputChoice("username", "username"); checkInputChoice("password", "longerEight"); checkInputChoice("confirmpassword", ""); diff --git a/website/views/login_head.php b/website/views/login_head.php index 7f1771a..05c9e38 100644 --- a/website/views/login_head.php +++ b/website/views/login_head.php @@ -7,6 +7,6 @@ - + -- 2.49.1 From 173ef3e50c2feceb27e715fddbfc33aac08ff5db Mon Sep 17 00:00:00 2001 From: Lars van Hijfte Date: Fri, 20 Jan 2017 16:17:56 +0100 Subject: [PATCH 072/295] Added a notification bar --- website/public/js/header.js | 24 ++++++++++++++++++++++-- website/public/styles/header.css | 22 +--------------------- website/public/styles/menu.css | 17 +++++++++++++++++ website/queries/friendship.php | 3 ++- website/views/header.php | 9 +++------ website/views/notification-center.php | 11 +++++++++++ 6 files changed, 56 insertions(+), 30 deletions(-) create mode 100644 website/views/notification-center.php diff --git a/website/public/js/header.js b/website/public/js/header.js index 797c56c..ceb6086 100644 --- a/website/public/js/header.js +++ b/website/public/js/header.js @@ -1,7 +1,27 @@ $(document).ready(function() { + // Hide notification center. $("#profile-menu-popup").hide(); + + // $("#own-profile-picture").click(function() { + // $("#profile-menu-popup").toggle(); + // $("#profile-hello-popup").toggle(); + // }); + $("#own-profile-picture").click(function() { - $("#profile-menu-popup").toggle(); - $("#profile-hello-popup").toggle(); + if($("#notification-center").css('right') == "-256px") { + // $(".content").animate({ + // marginRight: "256px" + // }, 500); + $("#notification-center").animate({ + right: "0px" + }, 500); + } else { + // $(".content").animate({ + // marginRight: "0px" + // }, 500); + $("#notification-center").animate({ + right: "-256px" + }, 500); + } }); }); diff --git a/website/public/styles/header.css b/website/public/styles/header.css index 84f308c..ddefdec 100644 --- a/website/public/styles/header.css +++ b/website/public/styles/header.css @@ -33,32 +33,12 @@ header { header div { display: inline-block; } - -#open-chat { - font-size: 32px; - line-height: 80px; - margin-right: 50px; -} - -.profile-menu { - font-size: 21px; -} - .profile-menu img { padding: 8px; height: 64px; width: 64px; } -#own-profile-picture, #profile-menu-popup span { +#own-profile-picture { cursor: pointer; } - -#profile-menu-popup { - padding: 5px; - - background: white; - color: #666; - - border-radius: 3px; -} diff --git a/website/public/styles/menu.css b/website/public/styles/menu.css index 4d4b8bb..b9e3904 100644 --- a/website/public/styles/menu.css +++ b/website/public/styles/menu.css @@ -42,4 +42,21 @@ height: 100%; padding: 0; text-align: left; +} + +#notification-center { + left: auto; + width: 256px; + right: -256px; +} + +#quick-links { + text-align: center; + box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); +} + +#quick-links i { + color: #845663; + font-size: 42px; + padding: 7px; } \ No newline at end of file diff --git a/website/queries/friendship.php b/website/queries/friendship.php index 258699f..df6a917 100644 --- a/website/queries/friendship.php +++ b/website/queries/friendship.php @@ -15,13 +15,14 @@ function selectAllFriends($userID) { `user` INNER JOIN `friendship` + WHERE (`friendship`.`user1ID` = :userID AND `friendship`.`user2ID` = `user`.`userID` OR `friendship`.`user2ID` = :userID AND `friendship`.`user1ID` = `user`.`userID`) AND `role` != 5 AND - `status` = 1 + `status` = 1 "); $stmt->bindParam(':userID', $userID, PDO::PARAM_INT); diff --git a/website/views/header.php b/website/views/header.php index a58e5f0..2d65291 100644 --- a/website/views/header.php +++ b/website/views/header.php @@ -19,11 +19,6 @@ $userinfo = getHeaderInfo();
    -
    - | - | - -
    Hallo @@ -32,5 +27,7 @@ $userinfo = getHeaderInfo();
    "/>
    -
    + + + diff --git a/website/views/notification-center.php b/website/views/notification-center.php new file mode 100644 index 0000000..f4b4b5d --- /dev/null +++ b/website/views/notification-center.php @@ -0,0 +1,11 @@ + \ No newline at end of file -- 2.49.1 From 9152ae4f75b17fd7903ba10624f54560f337a637 Mon Sep 17 00:00:00 2001 From: Hendrik Date: Fri, 20 Jan 2017 16:18:09 +0100 Subject: [PATCH 073/295] add searching users, searching groups, remembering search options --- website/public/search.php | 6 +- website/public/styles/search.css | 5 ++ website/queries/group_page.php | 23 +++++- website/queries/user.php | 35 ++++++++- website/views/search-view.php | 120 +++++++++++++++++++------------ 5 files changed, 137 insertions(+), 52 deletions(-) diff --git a/website/public/search.php b/website/public/search.php index c314791..6cfadd8 100644 --- a/website/public/search.php +++ b/website/public/search.php @@ -1,7 +1,11 @@ - + diff --git a/website/public/styles/search.css b/website/public/styles/search.css index 4b2281c..b54723d 100644 --- a/website/public/styles/search.css +++ b/website/public/styles/search.css @@ -9,4 +9,9 @@ #search-friends-output { margin-right: 10px; +} + +.searchleft, .searchright { + display: inline-block; + vertical-align: top; } \ No newline at end of file diff --git a/website/queries/group_page.php b/website/queries/group_page.php index ef7af07..d704e8c 100644 --- a/website/queries/group_page.php +++ b/website/queries/group_page.php @@ -172,5 +172,26 @@ function changeMultipleGroupStatusByID($ids, $status) { return $q; } +function searchSomeGroups($n, $m, $search) { + $stmt = $GLOBALS["db"]->prepare(" + SELECT + `name`, + `picture` + FROM + `group_page` + WHERE + `name` LIKE :keyword + ORDER BY + `name` + LIMIT + :n, :m + "); -?> + $search = "%$search%"; + $stmt->bindParam(':keyword', $search); + $stmt->bindParam(':n', $n, PDO::PARAM_INT); + $stmt->bindParam(':m', $m, PDO::PARAM_INT); + $stmt->execute(); + return $stmt; +} +?> \ No newline at end of file diff --git a/website/queries/user.php b/website/queries/user.php index 398e2e4..114d673 100644 --- a/website/queries/user.php +++ b/website/queries/user.php @@ -252,12 +252,12 @@ function selectRandomNotFriendUser($userID) { FROM `user` WHERE - `userID` NOT IN (SELECT + `userID` NOT IN (SELECT `user1ID` FROM `friendship` WHERE `user1ID` = :userID) OR - `userID` NOT IN (SELECT + `userID` NOT IN (SELECT `user2ID` FROM `friendship` @@ -271,4 +271,33 @@ function selectRandomNotFriendUser($userID) { $stmt->bindParam(':userID', $userID, PDO::PARAM_INT); $stmt->execute(); return $stmt->fetch(); -} \ No newline at end of file +} + +function searchSomeUsers($n, $m, $search) { + $stmt = $GLOBALS["db"]->prepare(" + SELECT + `username`, + `profilepicture`, + `fname`, + `lname` + FROM + `user` + WHERE + `username` LIKE :keyword OR + `fname` LIKE :keyword OR + `lname` LIKE :keyword + ORDER BY + `fname`, + `lname`, + `username` + LIMIT + :n, :m + "); + + $search = "%$search%"; + $stmt->bindParam(':keyword', $search); + $stmt->bindParam(':n', $n, PDO::PARAM_INT); + $stmt->bindParam(':m', $m, PDO::PARAM_INT); + $stmt->execute(); + return $stmt; +} diff --git a/website/views/search-view.php b/website/views/search-view.php index b1418d1..0d650d4 100644 --- a/website/views/search-view.php +++ b/website/views/search-view.php @@ -1,3 +1,16 @@ + +
    @@ -7,72 +20,85 @@ + value= + >
    -
    +

    Gebruikers

    -
    - \ No newline at end of file +
    -- 2.49.1 From 18185020c3b4a389d623042050a8edafe622dc6a Mon Sep 17 00:00:00 2001 From: "K. Nobel" Date: Fri, 20 Jan 2017 16:18:12 +0100 Subject: [PATCH 074/295] Added improvements to profile page. --- website/public/styles/profile.css | 21 +++++++++++++-------- website/views/profile.php | 12 ++++++++++++ 2 files changed, 25 insertions(+), 8 deletions(-) diff --git a/website/public/styles/profile.css b/website/public/styles/profile.css index 7437e4c..9c07242 100644 --- a/website/public/styles/profile.css +++ b/website/public/styles/profile.css @@ -40,6 +40,19 @@ div.posts .post p.subscript { font-size: 8pt; } +div.posts .post form input, div.posts .post form textarea { + width: calc(100% - 15px); +} + +div.posts .post form input[type="submit"] { + width: 100%; +} + +div.posts .post form textarea.newpost { + margin: 15px 0 15px 0; + height: 100px; +} + @media only screen and (max-width: 1500px) { .post-box { width: calc(50% - 68px); @@ -53,14 +66,6 @@ div.posts .post p.subscript { } } -.post { - width: 100%; -} - -.post img { - width: 100%; -} - .post .post-date { float: right; color: #aaaaaa; diff --git a/website/views/profile.php b/website/views/profile.php index 1457dee..19bd908 100644 --- a/website/views/profile.php +++ b/website/views/profile.php @@ -42,6 +42,18 @@
    +
    +
    + + + +
    +
    + fetch()) { $nicetime = nicetime($post["creationdate"]); echo " -- 2.49.1 From ac96200d1642a663c61545de841af182285d9981 Mon Sep 17 00:00:00 2001 From: Marijn Jansen Date: Fri, 20 Jan 2017 16:20:34 +0100 Subject: [PATCH 075/295] Kind of works now: Profile update --- website/public/settings.php | 2 +- website/queries/settings.php | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/website/public/settings.php b/website/public/settings.php index d52608b..06d17c0 100644 --- a/website/public/settings.php +++ b/website/public/settings.php @@ -29,7 +29,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { break; case "picture": updateProfilePicture(); - $result = $notImplemented; + $result = new settingsMessage("happy", "Deze melding doet nog niks nuttigs."); break; } } diff --git a/website/queries/settings.php b/website/queries/settings.php index 7d3bf9c..0e6dff2 100644 --- a/website/queries/settings.php +++ b/website/queries/settings.php @@ -188,22 +188,28 @@ function doChangeEmail($email) { function updateProfilePicture() { $profilePictureDir = "/var/www/html/public/"; - $relativePath = "uploads/" . $_SESSION["userID"] . "_" . basename($_FILES["pp"]["name"]); + $relativePath = "uploads/profilepictures/" . $_SESSION["userID"] . "_" . basename($_FILES["pp"]["name"]); +// removeOldProfilePicture(); move_uploaded_file($_FILES['pp']['tmp_name'], $profilePictureDir . $relativePath); setProfilePictureToDatabase("../" . $relativePath); } +//function removeOldProfilePicture() { +// +// unlink("/var/www/html/public/uploads/profilepictures/" . $_SESSION["userID"] . "_*"); +//} + function setProfilePictureToDatabase($url) { $stmt = $GLOBALS["db"]->prepare(" UPDATE `user` SET - `profilepicture` = :profilepicture + `profilepicture` = :profilePicture WHERE `userID` = :userID "); - $stmt->bindParam(":profilepicture", $url); + $stmt->bindParam(":profilePicture", $url); $stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->execute(); } \ No newline at end of file -- 2.49.1 From 2a44057233f4abb86eec42c419e566adcb5e7d2d Mon Sep 17 00:00:00 2001 From: Marijn Jansen Date: Sun, 22 Jan 2017 11:23:13 +0100 Subject: [PATCH 076/295] Changed binParam for bindValue --- website/queries/settings.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/website/queries/settings.php b/website/queries/settings.php index 0e6dff2..f4c7011 100644 --- a/website/queries/settings.php +++ b/website/queries/settings.php @@ -87,12 +87,12 @@ function updateSettings() { `userID` = :userID "); - $stmt->bindParam(":fname", test_input($_POST["fname"])); - $stmt->bindParam(":lname", test_input($_POST["lname"])); - $stmt->bindParam(":location", test_input($_POST["location"])); - $stmt->bindParam(":bday", $_POST["bday"]); - $stmt->bindParam(":bio", test_input($_POST["bio"])); - $stmt->bindParam(":userID", $_SESSION["userID"]); + $stmt->bindValue(":fname", test_input($_POST["fname"])); + $stmt->bindValue(":lname", test_input($_POST["lname"])); + $stmt->bindValue(":location", test_input($_POST["location"])); + $stmt->bindValue(":bday", $_POST["bday"]); + $stmt->bindValue(":bio", test_input($_POST["bio"])); + $stmt->bindValue(":userID", $_SESSION["userID"]); $stmt->execute(); -- 2.49.1 From 93b6835ea4400193d9a8fe98ecbafb7018ab4697 Mon Sep 17 00:00:00 2001 From: Lars van Hijfte Date: Mon, 23 Jan 2017 11:33:27 +0100 Subject: [PATCH 077/295] Changed style and added friendrequests --- website/public/API/loadMessages.php | 1 + website/public/API/loadNotifications.php | 8 +++ website/public/js/notifications.js | 34 ++++++++++++ website/public/profile.php | 2 +- website/public/styles/adminpanel.css | 4 +- website/public/styles/chat.css | 2 +- website/public/styles/header.css | 8 ++- website/public/styles/index.css | 2 +- website/public/styles/main.css | 71 +++++++++++++++++------- website/public/styles/menu.css | 12 +++- website/public/styles/profile.css | 16 +++++- website/queries/friendship.php | 33 ++++++++++- website/views/head.php | 17 +++--- website/views/header.php | 2 +- website/views/menu.php | 6 +- website/views/notification-center.php | 7 ++- 16 files changed, 178 insertions(+), 47 deletions(-) create mode 100644 website/public/API/loadNotifications.php create mode 100644 website/public/js/notifications.js diff --git a/website/public/API/loadMessages.php b/website/public/API/loadMessages.php index 1c6b942..e30acc8 100644 --- a/website/public/API/loadMessages.php +++ b/website/public/API/loadMessages.php @@ -1,6 +1,7 @@ \ +
    \ + \ +
    \ + \ + "); + } +} + +function loadNotifications() { + $.post( + "API/loadNotifications.php" + ).done(function(data) { + if (data && data != "[]") { + showNotifications(JSON.parse(data), "friendrequestslist"); + } + }); + + setTimeout(loadNotifications, 10000); +} + +loadNotifications(); + diff --git a/website/public/profile.php b/website/public/profile.php index 6ede201..e4f1452 100644 --- a/website/public/profile.php +++ b/website/public/profile.php @@ -4,7 +4,7 @@ diff --git a/website/public/styles/adminpanel.css b/website/public/styles/adminpanel.css index b226cd3..4c5356f 100644 --- a/website/public/styles/adminpanel.css +++ b/website/public/styles/adminpanel.css @@ -6,7 +6,7 @@ .admin-title { margin: 10px; padding-bottom: 5px; - border-bottom: 4px solid #845663; + border-bottom: 4px solid #FBC02D; } .admin-panel input[type="radio"], input[type="checkbox"] { @@ -18,7 +18,7 @@ padding: 8px; vertical-align: top; border-radius: 10px; - border: 4px solid #845663; + border: 4px solid #FBC02D; box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); } diff --git a/website/public/styles/chat.css b/website/public/styles/chat.css index e2fa7c9..f6060dd 100644 --- a/website/public/styles/chat.css +++ b/website/public/styles/chat.css @@ -83,7 +83,7 @@ .chat-field input[type="submit"] { width: auto; float: right; - background-color: #845663; + background-color: #FBC02D; color: white; padding: 5px 10px; border-radius: 0 10px 10px 0; diff --git a/website/public/styles/header.css b/website/public/styles/header.css index ddefdec..e39f204 100644 --- a/website/public/styles/header.css +++ b/website/public/styles/header.css @@ -8,21 +8,23 @@ header { width: 100%; color: white; - background-color: rgba(132,86,99, 0.98); + background-color: #FBC02D; box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); } +#header-logo { + padding-left: 42px; +} #header-logo, #header-logo img { height: 80px; vertical-align: middle; line-height: 80px; - padding-left: 5px; } #header-search { - padding-left: 48px; + padding-left: 42px; } diff --git a/website/public/styles/index.css b/website/public/styles/index.css index 4b55904..6c12823 100644 --- a/website/public/styles/index.css +++ b/website/public/styles/index.css @@ -19,7 +19,7 @@ body { background-size: cover; background-attachment: fixed;*/ - /*background-color: #B78996;*/ + /*background-color: #EEE;*/ color: #333; font-family: Arial, sans-serif; } diff --git a/website/public/styles/main.css b/website/public/styles/main.css index 014d05b..062d5d9 100644 --- a/website/public/styles/main.css +++ b/website/public/styles/main.css @@ -18,7 +18,7 @@ html { body { height: 100%; - background-color: #B78996; + background-color: #EEE; color: #333; font-family: Arial, sans-serif; } @@ -37,11 +37,12 @@ h3 { } h4 { - font-size: 1.6em; + font-size: 1.2em; } h5 { - font-size: 1.4em; + font-size: 1.0em; + color: #666; } ul { @@ -54,12 +55,12 @@ p { /* Selection colors */ ::selection { - background: #845663; + background: #FBC02D; color: white; } ::-moz-selection { - background: #845663; + background: #FBC02D; color: white; } @@ -75,7 +76,7 @@ p { .platform { padding: 20px; margin-bottom: 10px; - border-radius: 10px; + border-radius: 5px; background-color: #FFFFFF; box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); } @@ -143,7 +144,7 @@ button, input, select { cursor: pointer; border: none; font-size: 16px; - border-radius: 7px; + transition-duration: 250ms; } /* All textinput and sections */ @@ -151,19 +152,53 @@ textarea, input, select { padding: 0 5px; background: white; color: #333333; - border: 1px solid #845663; - border-radius: 7px; + border-radius: 5px; + border-bottom: 1px solid #4CAF50; font-size: 16px; + outline: none; + transition-duration: 250ms; +} + +textarea { + padding: 5px; + resize: none; +} + +textarea:hover, input:hover, select:hover { + border-radius: 10px; +} + +textarea:focus, input:focus, select:focus { + border-radius: 10px; + box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); } /* All buttons */ button, input[type="submit"], input[type="reset"] { - background-color: #845663; + background-color: #FBC02D; color: white; padding: 0 10px; border: none; + border-radius: 5px; +} + +button:focus, +input[type="submit"]:focus, +input[type="reset"]:focus { + outline: none; +} + +button:active, +input[type="submit"]:active, +input[type="reset"]:active { + outline: none; + box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24) +} + +input[type="radio"] { + border-radius: 100%; } /* Tables */ @@ -190,19 +225,17 @@ img[data-title]:hover:after, span[data-title]:hover:after, div[data-title]:hover:after { content: attr(data-title); - padding: 4px 4px; + padding: 7px 7px; color: #FFFFFF; position: absolute; left: 0; - top: 100%; - z-index: 20; + top: 150%; + z-index: 200; white-space: nowrap; - -moz-border-radius: 5px; - -webkit-border-radius: 5px; - border-radius: 5px; - -moz-box-shadow: 0 0 4px #222; - -webkit-box-shadow: 0 0 4px #222; - box-shadow: 0 0 4px #222; + -moz-border-radius: 3px; + -webkit-border-radius: 3px; + border-radius: 3px; + box-shadow: 0 14px 28px rgba(0,0,0,0.25), 0 10px 10px rgba(0,0,0,0.22); background-color: #333; font-size: 15px; line-height: normal; diff --git a/website/public/styles/menu.css b/website/public/styles/menu.css index b9e3904..69aa8a9 100644 --- a/website/public/styles/menu.css +++ b/website/public/styles/menu.css @@ -1,6 +1,7 @@ .menu { position: fixed; z-index: 50; + overflow-y: auto; left: 0; top: 80px; @@ -11,6 +12,10 @@ box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); } +.menu section { + box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); +} + .menu h4 { padding: 10px; } @@ -26,12 +31,13 @@ cursor: pointer; } -.friend-item { +.friend-item, .group-item { cursor: pointer; + transition-duration: 250ms; } .friend-item:hover, .group-item:hover { - background: #845663; + background: #FBC02D; color: white; } @@ -56,7 +62,7 @@ } #quick-links i { - color: #845663; + color: #4CAF50; font-size: 42px; padding: 7px; } \ No newline at end of file diff --git a/website/public/styles/profile.css b/website/public/styles/profile.css index 9c07242..f5dd6b1 100644 --- a/website/public/styles/profile.css +++ b/website/public/styles/profile.css @@ -14,7 +14,7 @@ padding-top: 50px; } .profile-box h5.profile-username { - padding-top: 0; + padding: 0 0 10px 0; } div.posts { @@ -28,6 +28,15 @@ div.posts div.post { margin: 20px 0 0 0; padding: 10px; width: calc(100% - 40px); + cursor: pointer; + transition-duration: 250ms; +} + +div.posts div.post:hover { + /*margin: 15px 0 0 -5px;*/ + /*padding: 15px;*/ + /*z-index: 20;*/ + box-shadow: 0 10px 20px rgba(0,0,0,0.19), 0 6px 6px rgba(0,0,0,0.23); } div.posts div.post img { @@ -76,11 +85,12 @@ div.posts .post form textarea.newpost { float: right; padding: 10px; border-radius: 5px; - background-color: #845663; + background-color: #4CAF50; color: #FFFFFF; transition-duration: 250ms; + cursor: pointer; } .profile-button:hover { - background-color: #B78996; + box-shadow: 0 10px 20px rgba(0,0,0,0.19), 0 6px 6px rgba(0,0,0,0.23); } \ No newline at end of file diff --git a/website/queries/friendship.php b/website/queries/friendship.php index df6a917..0deba63 100644 --- a/website/queries/friendship.php +++ b/website/queries/friendship.php @@ -22,11 +22,42 @@ function selectAllFriends($userID) { `friendship`.`user2ID` = :userID AND `friendship`.`user1ID` = `user`.`userID`) AND `role` != 5 AND - `status` = 1 + `status` = 1 "); $stmt->bindParam(':userID', $userID, PDO::PARAM_INT); $stmt->execute(); return $stmt; +} + +function selectAllFriendRequests() { + $stmt = $GLOBALS["db"]->prepare(" + SELECT + `userID`, + `username`, + IFNULL( + `profilepicture`, + '../img/notbad.jpg' + ) AS profilepicture, + `onlinestatus`, + `role` + FROM + `user` + INNER JOIN + `friendship` + + WHERE + (`friendship`.`user1ID` = :userID AND + `friendship`.`user2ID` = `user`.`userID` OR + `friendship`.`user2ID` = :userID AND + `friendship`.`user1ID` = `user`.`userID`) AND + `role` != 5 AND + `status` = 0 + "); + + $stmt->bindParam(':userID', $_SESSION["userID"], PDO::PARAM_INT); + $stmt->execute(); + + return json_encode($stmt->fetchAll()); } \ No newline at end of file diff --git a/website/views/head.php b/website/views/head.php index 4347650..044ac83 100644 --- a/website/views/head.php +++ b/website/views/head.php @@ -1,16 +1,17 @@ MyHyvesbook+ - - - + + + + MyHyvesbook+