MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Marijn button #99

Merged
11166932 merged 152 commits from marijn-button into master 2017-01-23 13:25:08 +01:00
Conversation 2 Commits 152 Files Changed 52 +675 -293
24 changed files with 675 additions and 293 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 3ae00f52bf - Show all commits

4
website/.htaccess → website/public/.htaccess
View File

@@ -9,6 +9,4 @@ RewriteCond %{SCRIPT_FILENAME} !-f
# Resolve .php file for extensionless php urls # Resolve .php file for extensionless php urls
RewriteRule ^([^/.]+)$ $1.php [L] RewriteRule ^([^/.]+)$ $1.php [L]
RewriteRule ^([^/.]+)\/$ $1.php [L] RewriteRule ^profile/([A-z0-9]+)$ profile.php?username=$1 [NC]
RewriteRule ^profile/([A-z0-9]+)\/?$ profile.php?username=$1 [NC]

44
website/public/js/admin.js Normal file
View File

@@ -0,0 +1,44 @@
window.onload = function() {
changeFilter();
};
function checkAll(allbox) {
var checkboxes = document.getElementsByClassName('checkbox-list');
for (var i = 0; i < checkboxes.length; i++) {
if (checkboxes[i].type == 'checkbox') {
checkboxes[i].checked = allbox.checked;
}
}
}
function checkCheckAll(allbox) {
var checkboxes = document.getElementsByClassName('checkbox-list');
var checked = true;
for (var i = 0; i < checkboxes.length; i++) {
if (checkboxes[i].type == 'checkbox') {
if (checkboxes[i].checked == false) {
checked = false;
break;
}
}
}
allbox.checked = checked;
}
function changeFilter() {
if (document.getElementById('group').checked) {
document.getElementById('admin-filter').style.display = 'none';
document.getElementById('admin-groupfilter').style.display = 'inline-block';
document.getElementById('admin-batchactions').style.display = 'none';
document.getElementById('admin-groupbatchactions').style.display = 'inline-block';
} else {
document.getElementById('admin-filter').style.display = 'inline-block';
document.getElementById('admin-groupfilter').style.display = 'none';
document.getElementById('admin-batchactions').style.display = 'inline-block';
document.getElementById('admin-groupbatchactions').style.display = 'none';
}
}

24
website/public/login.php
View File

@@ -7,6 +7,17 @@
include_once("../queries/checkInput.php") include_once("../queries/checkInput.php")
?> ?>
<body> <body>
<script>
function checkLoggedIn() {
if (confirm("You are already logged in!\nDo you want to logout?\nPress ok to logout.") == true) {
window.location.href = "logout.php";
} else {
window.history.back();
}
document.getElementById("demo").innerHTML = x;
}
</script>
<?php <?php
session_start(); session_start();
@@ -48,18 +59,5 @@
/* This view adds login view */ /* This view adds login view */
include("../views/login-view.php"); include("../views/login-view.php");
?> ?>
<script>
function checkLoggedIn() {
if (confirm("You are already logged in!\Do you want to logout?\Press ok to logout.") == true) {
unset($_SESSION["userID"]);
header("Location: login.php");
} else {
header("location: profile.php");
}
document.getElementById("demo").innerHTML = x;
}
</script>
</body> </body>
</html> </html>

62
website/public/profile.php
View File

@@ -1,45 +1,17 @@
<!DOCTYPE html>
<html>
<head>
<?php include("../views/head.php"); ?>
<script src="/js/masonry.js"></script>
<style>
@import url("/styles/profile.css");
</style>
</head>
<body>
<?php <?php
include("../queries/user.php"); include("../queries/user.php");
include("../queries/friendship.php"); include("../queries/friendship.php");
include("../queries/nicetime.php");
function nicetime($date) {
if(empty($date)) {
return "No date provided";
}
$single_periods = array("seconde", "minuut", "uur", "dag", "week", "maand", "jaar", "decennium");
$multiple_periods = array("seconden", "minuten", "uur", "dagen", "weken", "maanden", "jaar", "decennia");
$lengths = array("60", "60", "24", "7", "4.35", "12", "10", "0");
$now = time();
$unix_date = strtotime($date);
if(empty($unix_date)) {
return "Bad date";
}
if($now > $unix_date) {
$difference = $now - $unix_date;
$tense = "geleden";
} else {
$difference = $unix_date - $now;
$tense = "vanaf nu";
}
for($i = 0; $difference >= $lengths[$i] && $i < count($lengths) - 1; $i++) {
$difference /= $lengths[$i];
}
$difference = round($difference);
if($difference != 1) {
$period = $multiple_periods[$i];
} else {
$period = $single_periods[$i];
}
return "$difference $period $tense";
}
if(empty($_GET["username"])) { if(empty($_GET["username"])) {
$userID = $_SESSION["userID"]; $userID = $_SESSION["userID"];
@@ -52,18 +24,6 @@ $profile_friends = selectAllFriends($userID);
$profile_groups = selectAllUserGroups($userID); $profile_groups = selectAllUserGroups($userID);
$posts = selectAllUserPosts($userID); $posts = selectAllUserPosts($userID);
?>
<!DOCTYPE html>
<html>
<head>
<?php include("../views/head.php"); ?>
<style>
@import url("styles/profile.css");
</style>
</head>
<body>
<?php
/* /*
* This view adds the main layout over the screen. * This view adds the main layout over the screen.
* Header, menu, footer. * Header, menu, footer.

6
website/public/search.php
View File

@@ -1,7 +1,11 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
<?php include("../views/head.php"); ?> <?php
include_once("../queries/user.php");
include_once("../queries/group_page.php");
include("../views/head.php");
?>
<style> <style>
@import url("styles/search.css"); @import url("styles/search.css");
</style> </style>

3
website/public/settings.php
View File

@@ -22,12 +22,13 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
$result = updateSettings(); $result = updateSettings();
break; break;
case "password": case "password":
$result = updatePassword(); $result = changePassword();
break; break;
case "email": case "email":
$result = changeEmail(); $result = changeEmail();
break; break;
case "picture": case "picture":
updateProfilePicture();
$result = $notImplemented; $result = $notImplemented;
break; break;
} }

22
website/public/styles/adminpanel.css
View File

@@ -13,7 +13,7 @@
height: auto; height: auto;
} }
.admin-actions { .admin-batchactions, .admin-groupbatchactions {
display: inline-block; display: inline-block;
padding: 8px; padding: 8px;
vertical-align: top; vertical-align: top;
@@ -22,6 +22,10 @@
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
} }
.admin-searchform {
display: inline-block;
}
.admin-searchbar { .admin-searchbar {
display: inline-block; display: inline-block;
margin: 10px; margin: 10px;
@@ -44,18 +48,20 @@
width: 120px; width: 120px;
} }
.admin-groupfilter {
display: none;
}
.admin-users { .admin-users {
margin: 10px; margin: 10px;
} }
.admin-userpage { .admin-userheading {
width: 170px; width: auto;
margin-bottom: 20px; float: left;
}
.admin-pageui {
text-align: right;
float: right; float: right;
width: auto;
margin-bottom: 20px;
} }
.usertitle { .usertitle {

44
website/public/styles/index.css
View File

@@ -1,7 +1,7 @@
a.button { a.button {
background-color: #405550; background-color: #C8CABD;
border-radius: 10px; border-radius: 10px;
color: white; color: black;
cursor: pointer; cursor: pointer;
height: 50%; height: 50%;
margin: 8px 0; margin: 8px 0;
@@ -46,8 +46,8 @@ body {
form { form {
/*background-color: #a87a87;*/ /*background-color: #a87a87;*/
border-radius: 12px; border-radius: 12px;
height: 75%; height: 80%;
margin: 10px auto; margin: auto;
width: 70%; width: 70%;
overflow-y:auto; overflow-y:auto;
} }
@@ -66,14 +66,15 @@ h2 {
font-size: 2.0em; font-size: 2.0em;
} }
input[type=text], input[type=password], input[type=email], input[type="date"] { input[type=text], input[type=password], input[type=email], input[type="date"] {
box-sizing: border-box; box-sizing: border-box;
border-color: #C8CABD; border-color: #C8CABD;
display: inline-block; display: inline-block;
height: 50%; height: 60%;
padding: 8px 20px; padding: 8px 20px;
margin: 4px 0; margin: 4px 0;
width: 50%; width: 70%;
} }
/* /*
input[type=text], input[type=password], input[type=email], input[type="date"] { input[type=text], input[type=password], input[type=email], input[type="date"] {
@@ -101,6 +102,31 @@ label {
display: block; display: block;
} }
.left-arrow {
display: inline-block;
position: relative;
background-color: #C8CABD;
height: 30px;
width: 90px;
padding: 3px 3px 3px 0px;
text-align: center;
border-radius: 0px 10px 10px 0px;
font-size: 24px;
}
.left-arrow:after {
content: '';
display: block;
position: absolute;
right: 100%;
top: 0;
bottom: 0;
border-top: 15px solid transparent;
border-right: 20px solid #C8CABD;
border-bottom: 15px solid transparent;
border-left: 0px solid transparent;
}
/* padding voor registreer container */ /* padding voor registreer container */
.login_containerregister { .login_containerregister {
padding: 16px; padding: 16px;
@@ -109,7 +135,7 @@ label {
/* padding voor login_containers */ /* padding voor login_containers */
.login_containerlogin { .login_containerlogin {
padding: 16px; padding:25px;
text-align: center; text-align: center;
} }
@@ -133,11 +159,11 @@ label {
background-repeat: repeat-x; background-repeat: repeat-x;
background-attachment: fixed;*/ background-attachment: fixed;*/
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
height: 53%; height: 550px;
margin: 34px auto; margin: 34px auto;
overflow-y: auto; overflow-y: auto;
padding: 20px; padding: 20px;
width: 35%; width: 50%;
} }
/*.platform { /*.platform {

38
website/public/styles/profile.css
View File

@@ -10,9 +10,12 @@
margin: 0 20px 20px 0; margin: 0 20px 20px 0;
} }
.profile-box .profile-username { .profile-box h1.profile-username {
padding-top: 50px; padding-top: 50px;
} }
.profile-box h5.profile-username {
padding-top: 0;
}
div.posts { div.posts {
padding-top: 20px; padding-top: 20px;
@@ -37,23 +40,18 @@ div.posts .post p.subscript {
font-size: 8pt; font-size: 8pt;
} }
/*.posts {*/ div.posts .post form input, div.posts .post form textarea {
/*z-index: -1;*/ width: calc(100% - 15px);
/*margin-right: 0;*/ }
/*width: calc(100% + 15px);*/
/*}*/
/*.post-box {*/ div.posts .post form input[type="submit"] {
/*display: inline-flex;*/ width: 100%;
/*margin: 20px 15px 0 0;*/ }
/*padding: 25px;*/
/*background-color: #FFFFFF;*/
/*}*/
/*!* fullscreen *!*/ div.posts .post form textarea.newpost {
/*.post-box {*/ margin: 15px 0 15px 0;
/*width: calc(25% - 69px);*/ height: 100px;
/*}*/ }
@media only screen and (max-width: 1500px) { @media only screen and (max-width: 1500px) {
.post-box { .post-box {
@@ -68,14 +66,6 @@ div.posts .post p.subscript {
} }
} }
.post {
width: 100%;
}
.post img {
width: 100%;
}
.post .post-date { .post .post-date {
float: right; float: right;
color: #aaaaaa; color: #aaaaaa;

5
website/public/styles/search.css
View File

@@ -9,4 +9,9 @@
#search-friends-output { #search-friends-output {
margin-right: 10px; margin-right: 10px;
}
.searchleft, .searchright {
display: inline-block;
vertical-align: top;
} }

117
website/queries/group_page.php
View File

@@ -1,7 +1,7 @@
<?php <?php
function selectGroupById($groupID) { function selectGroupById($groupID) {
return $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
`group_page`.`name`, `group_page`.`name`,
`group_page`.`picture`, `group_page`.`picture`,
@@ -11,12 +11,16 @@ function selectGroupById($groupID) {
FROM FROM
`group_page` `group_page`
WHERE WHERE
`group_page`.`groupID` = $groupID `group_page`.`groupID` = :groupID
"); ");
$q->bindParam(':groupID', $groupID);
$q->execute();
return $q;
} }
function select20GroupsFromN($n) { function select20GroupsFromN($n) {
return $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
`group_page`.`groupID`, `group_page`.`groupID`,
`group_page`.`name`, `group_page`.`name`,
@@ -29,12 +33,16 @@ function select20GroupsFromN($n) {
ORDER BY ORDER BY
`group_page`.`name` ASC `group_page`.`name` ASC
LIMIT LIMIT
$n, 20 :n, 20
"); ");
$q->bindParam(':n', $n);
$q->execute();
return $q;
} }
function select20GroupsByStatusFromN($n, $status) { function select20GroupsByStatusFromN($n, $status) {
return $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
`group_page`.`groupID`, `group_page`.`groupID`,
`group_page`.`name`, `group_page`.`name`,
@@ -45,12 +53,17 @@ function select20GroupsByStatusFromN($n, $status) {
FROM FROM
`group_page` `group_page`
WHERE WHERE
`group_page`.`status` = $status `group_page`.`status` = :status
ORDER BY ORDER BY
`group_page`.`name` ASC `group_page`.`name` ASC
LIMIT LIMIT
$n, 20 :n, 20
"); ");
$q->bindParam(':status', $status);
$q->bindParam(':n', $n);
$q->execute();
return $q;
} }
function search20GroupsFromNByStatus($n, $keyword, $status) { function search20GroupsFromNByStatus($n, $keyword, $status) {
@@ -80,6 +93,55 @@ function search20GroupsFromNByStatus($n, $keyword, $status) {
return $q; return $q;
} }
function searchSomeGroupsByStatus($n, $m, $keyword, $status) {
$q = $GLOBALS['db']->prepare("
SELECT
`groupID`,
`name`,
`status`,
`description`
FROM
`group_page`
WHERE
`name` LIKE :keyword AND
FIND_IN_SET (`status`, :statuses)
ORDER BY
`name`
LIMIT
:n, :m
");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$q->bindParam(':n', $n, PDO::PARAM_INT);
$q->bindParam(':m', $m, PDO::PARAM_INT);
$statuses = implode(',', $status);
$q->bindParam(':statuses', $statuses);
$q->execute();
return $q;
}
function countSomeGroupsByStatus($keyword, $status) {
$q = $GLOBALS['db']->prepare("
SELECT
COUNT(*)
FROM
`group_page`
WHERE
`name` LIKE :keyword AND
FIND_IN_SET (`status`, :statuses)
ORDER BY
`name`
");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$statuses = implode(',', $status);
$q->bindParam(':statuses', $statuses);
$q->execute();
return $q;
}
function changeGroupStatusByID($id, $status) { function changeGroupStatusByID($id, $status) {
$q = $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->query("
UPDATE UPDATE
@@ -92,3 +154,44 @@ function changeGroupStatusByID($id, $status) {
return $q; return $q;
} }
function changeMultipleGroupStatusByID($ids, $status) {
$q = $GLOBALS['db']->prepare("
UPDATE
`group_page`
SET
`status` = :status
WHERE
FIND_IN_SET (`groupID`, :ids)
");
$ids = implode(',', $ids);
$q->bindParam(':ids', $ids);
$q->bindParam(':status', $status);
$q->execute();
return $q;
}
function searchSomeGroups($n, $m, $search) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`name`,
`picture`
FROM
`group_page`
WHERE
`name` LIKE :keyword
ORDER BY
`name`
LIMIT
:n, :m
");
$search = "%$search%";
$stmt->bindParam(':keyword', $search);
$stmt->bindParam(':n', $n, PDO::PARAM_INT);
$stmt->bindParam(':m', $m, PDO::PARAM_INT);
$stmt->execute();
return $stmt;
}
?>

39
website/queries/nicetime.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
function nicetime($date) {
if(empty($date)) {
return "No date provided";
}
$single_periods = array("seconde", "minuut", "uur", "dag", "week", "maand", "jaar", "decennium");
$multiple_periods = array("seconden", "minuten", "uur", "dagen", "weken", "maanden", "jaar", "decennia");
$lengths = array("60", "60", "24", "7", "4.35", "12", "10", "0");
$now = time();
$unix_date = strtotime($date);
if(empty($unix_date)) {
return "Bad date";
}
if($now > $unix_date) {
$difference = $now - $unix_date;
$tense = "geleden";
} else {
$difference = $unix_date - $now;
$tense = "vanaf nu";
}
for($i = 0; $difference >= $lengths[$i] && $i < count($lengths) - 1; $i++) {
$difference /= $lengths[$i];
}
$difference = round($difference);
if($difference != 1) {
$period = $multiple_periods[$i];
} else {
$period = $single_periods[$i];
}
return "$difference $period $tense";
}

36
website/queries/settings.php
View File

@@ -87,11 +87,11 @@ function updateSettings() {
`userID` = :userID `userID` = :userID
"); ");
$stmt->bindParam(":fname", $_POST["fname"]); $stmt->bindParam(":fname", test_input($_POST["fname"]));
$stmt->bindParam(":lname", $_POST["lname"]); $stmt->bindParam(":lname", test_input($_POST["lname"]));
$stmt->bindParam(":location", $_POST["location"]); $stmt->bindParam(":location", test_input($_POST["location"]));
$stmt->bindParam(":bday", $_POST["bday"]); $stmt->bindParam(":bday", $_POST["bday"]);
$stmt->bindParam(":bio", $_POST["bio"]); $stmt->bindParam(":bio", test_input($_POST["bio"]));
$stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute(); $stmt->execute();
@@ -99,11 +99,11 @@ function updateSettings() {
return new settingsMessage("happy", "Instellingen zijn opgeslagen."); return new settingsMessage("happy", "Instellingen zijn opgeslagen.");
} }
function updatePassword() { function changePassword() {
$user = getPasswordHash(); $user = getPasswordHash();
if (password_verify($_POST["password-old"], $user["password"])) { if (password_verify($_POST["password-old"], $user["password"])) {
if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) { if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
if (changePassword()) { if (doChangePassword()) {
return new settingsMessage("happy", "Wachtwoord gewijzigd."); return new settingsMessage("happy", "Wachtwoord gewijzigd.");
} else { } else {
return new settingsMessage("angry", "Er is iets mis gegaan."); return new settingsMessage("angry", "Er is iets mis gegaan.");
@@ -116,7 +116,7 @@ function updatePassword() {
} }
} }
function changePassword() { function doChangePassword() {
$stmt = $GLOBALS["db"]->prepare(" $stmt = $GLOBALS["db"]->prepare("
UPDATE UPDATE
`user` `user`
@@ -184,4 +184,26 @@ function doChangeEmail($email) {
$stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute(); $stmt->execute();
return $stmt->rowCount(); return $stmt->rowCount();
}
function updateProfilePicture() {
$profilePictureDir = "/var/www/html/public/";
$relativePath = "uploads/" . $_SESSION["userID"] . "_" . basename($_FILES["pp"]["name"]);
move_uploaded_file($_FILES['pp']['tmp_name'], $profilePictureDir . $relativePath);
setProfilePictureToDatabase("../" . $relativePath);
}
function setProfilePictureToDatabase($url) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`profilepicture` = :profilepicture
WHERE
`userID` = :userID
");
$stmt->bindParam(":profilepicture", $url);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
} }

126
website/queries/user.php
View File

@@ -88,7 +88,7 @@ function selectAllUserPosts($userID) {
} }
function select20UsersFromN($n) { function select20UsersFromN($n) {
return $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
SELECT SELECT
`userID`, `userID`,
`username`, `username`,
@@ -100,8 +100,12 @@ function select20UsersFromN($n) {
`role`, `role`,
`username` `username`
LIMIT LIMIT
$n, 20 :n, 20
"); ");
$q->bindParam(':n', $n);
$q->execute();
return $q;
} }
function search20UsersFromN($n, $keyword) { function search20UsersFromN($n, $keyword) {
@@ -156,19 +160,90 @@ function search20UsersFromNByStatus($n, $keyword, $status) {
return $q; return $q;
} }
function changeUserStatusByID($id, $status) { function searchSomeUsersByStatus($n, $m, $keyword, $status) {
$q = $GLOBALS["db"]->query(" $q = $GLOBALS["db"]->prepare("
UPDATE SELECT
`userID`,
`username`,
`role`,
`bancomment`
FROM
`user` `user`
SET
`role` = $status
WHERE WHERE
`userID` = $id `username` LIKE :keyword AND
FIND_IN_SET (`role`, :statuses)
ORDER BY
`role`,
`username`
LIMIT
:n, :m
"); ");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$q->bindParam(':n', $n, PDO::PARAM_INT);
$q->bindParam(':m', $m, PDO::PARAM_INT);
$statuses = implode(',', $status);
$q->bindParam(':statuses', $statuses);
$q->execute();
return $q; return $q;
} }
function countSomeUsersByStatus($keyword, $status) {
$q = $GLOBALS["db"]->prepare("
SELECT
COUNT(*)
FROM
`user`
WHERE
`username` LIKE :keyword AND
FIND_IN_SET (`role`, :statuses)
ORDER BY
`role`,
`username`
");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$statuses = implode(',', $status);
$q->bindParam(':statuses', $statuses);
$q->execute();
return $q;
}
function changeUserStatusByID($id, $status) {
$q = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`role` = :status
WHERE
`userID` = :id
");
$q->bindParam(':status', $status);
$q->bindParam(':id', $id);
$q->execute();
return $q;
}
function changeMultipleUserStatusByID($ids, $status) {
$q = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`role` = :status
WHERE
FIND_IN_SET (`userID`, :ids)
");
$ids = implode(',', $ids);
$q->bindParam(':ids', $ids);
$q->bindParam(':status', $status);
$q->execute();
return $q;
}
function selectRandomNotFriendUser($userID) { function selectRandomNotFriendUser($userID) {
$stmt = $GLOBALS["db"]->prepare(" $stmt = $GLOBALS["db"]->prepare("
@@ -177,12 +252,12 @@ function selectRandomNotFriendUser($userID) {
FROM FROM
`user` `user`
WHERE WHERE
`userID` NOT IN (SELECT `userID` NOT IN (SELECT
`user1ID` `user1ID`
FROM FROM
`friendship` `friendship`
WHERE `user1ID` = :userID) OR WHERE `user1ID` = :userID) OR
`userID` NOT IN (SELECT `userID` NOT IN (SELECT
`user2ID` `user2ID`
FROM FROM
`friendship` `friendship`
@@ -196,4 +271,33 @@ function selectRandomNotFriendUser($userID) {
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT); $stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->execute(); $stmt->execute();
return $stmt->fetch(); return $stmt->fetch();
} }
function searchSomeUsers($n, $m, $search) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`,
`profilepicture`,
`fname`,
`lname`
FROM
`user`
WHERE
`username` LIKE :keyword OR
`fname` LIKE :keyword OR
`lname` LIKE :keyword
ORDER BY
`fname`,
`lname`,
`username`
LIMIT
:n, :m
");
$search = "%$search%";
$stmt->bindParam(':keyword', $search);
$stmt->bindParam(':n', $n, PDO::PARAM_INT);
$stmt->bindParam(':m', $m, PDO::PARAM_INT);
$stmt->execute();
return $stmt;
}

208
website/views/adminpanel.php
View File

@@ -3,32 +3,7 @@
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<title>Admin Panel</title> <title>Admin Panel</title>
<script type="text/javascript"> <script src="/js/admin.js" charset="utf-8"></script>
window.onload = function() {
changeFilter();
};
function checkAll(allbox) {
var checkboxes = document.getElementsByName('checkbox-user[]');
for (var i = 0; i < checkboxes.length; i++) {
if (checkboxes[i].type == 'checkbox') {
checkboxes[i].checked = allbox.checked;
}
}
}
function changeFilter() {
if (document.getElementById('group').checked) {
document.getElementById('admin-filter').style.display = 'none';
document.getElementById('admin-groupfilter').style.display = 'inline-block';
} else {
document.getElementById('admin-filter').style.display = 'inline-block';
document.getElementById('admin-groupfilter').style.display = 'none';
}
}
</script>
<?php <?php
include_once("../queries/user.php"); include_once("../queries/user.php");
include_once("../queries/group_page.php"); include_once("../queries/group_page.php");
@@ -39,41 +14,54 @@
<!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp --> <!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
<?php <?php
$search = ""; $search = "";
$listnr = 0; // TODO: add page functionality $currentpage = 1;
$perpage = 20;
$status = $groupstatus = array(); $status = $groupstatus = array();
$pagetype = "user"; $pagetype = "user";
if (isset($_GET["search"])) {
$search = test_input($_GET["search"]);
}
if (isset($_GET["pagetype"])) {
$pagetype = test_input($_GET["pagetype"]);
}
if (isset($_GET["status"])) {
$status = $_GET["status"];
}
if (isset($_GET["groupstatus"])) {
$groupstatus = $_GET["groupstatus"];
}
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!empty($_POST["search"])) { if (isset($_POST["actions"]) && isset($_POST["userID"])) {
$search = test_input($_POST["search"]);
}
if (!empty($_POST["pagetype"])) {
$pagetype = test_input($_POST["pagetype"]);
}
if (!empty($_POST["status"])) {
$status = $_POST["status"];
}
if (!empty($_POST["groupstatus"])) {
$groupstatus = $_POST["groupstatus"];
}
if (!empty($_POST["actions"]) && !empty($_POST["userID"])) {
changeUserStatusByID($_POST["userID"], $_POST["actions"]); changeUserStatusByID($_POST["userID"], $_POST["actions"]);
} elseif (!empty($_POST["actions"]) && !empty($_POST["groupID"])) { }
if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
changeGroupStatusByID($_POST["groupID"], $_POST["actions"]); changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
} }
if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
}
if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
}
if (isset($_POST["pageselect"])) {
$currentpage = $_POST["pageselect"];
}
} }
function test_input($data) { $listn = ($currentpage-1) * $perpage;
$data = trim($data); $listm = $currentpage * $perpage;
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?> ?>
<div class="content"> <div class="content">
@@ -81,13 +69,10 @@ function test_input($data) {
<div class="admin-title"> <div class="admin-title">
<h1>User Management Panel</h1> <h1>User Management Panel</h1>
</div> <br> </div> <br>
<form class="admin-actionform"
action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
method="post">
<div class="admin-options"> <div class="admin-options">
<form class="admin-searchform" <form class="admin-searchform"
action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
method="post"> method="get">
<div class="admin-searchbar"> <div class="admin-searchbar">
<h2>Search</h2> <h2>Search</h2>
<input type="text" <input type="text"
@@ -147,32 +132,86 @@ function test_input($data) {
</div> </div>
</form> </form>
<div class="admin-actions"> <div class="admin-batchactions" id="admin-batchactions">
<h2>Batch Actions: </h2> <h2>Batch Actions: </h2>
<input type="radio" name="actions" id="freeze" value="freeze"> <form class="admin-batchform"
<label for="freeze">Freeze</label><br> id="admin-batchform"
<input type="radio" name="actions" id="ban" value="ban"> action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
<label for="ban">Ban</label><br> method="post">
<input type="radio" name="actions" id="restore" value="restore"> <input type="radio" name="batchactions" id="freeze" value="2">
<label for="restore">Restore</label><br><br> <label for="freeze">Freeze</label><br>
<input type="submit" value="Confirm"> <input type="radio" name="batchactions" id="ban" value="3">
<label for="ban">Ban</label><br>
<input type="radio" name="batchactions" id="restore" value="1">
<label for="restore">Restore</label><br><br>
<input type="submit" value="Confirm">
</form>
</div>
<div class="admin-groupbatchactions" id="admin-groupbatchactions">
<h2>Batch Actions: </h2>
<form class="admin-groupbatchform"
id="admin-groupbatchform"
action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
method="post">
<input type="radio" name="groupbatchactions" id="hide" value="0">
<label for="hide">Hide</label><br>
<input type="radio" name="groupbatchactions" id="public" value="1">
<label for="public">Public</label><br>
<input type="radio" name="groupbatchactions" id="membersonly" value="2">
<label for="membersonly">Member</label><br><br>
<input type="submit" value="Confirm">
</form>
</div> </div>
</div> </div>
<br> <br>
<div class="admin-users"> <div class="admin-users">
<h2 class="usertitle">Users:</h2> <div class="admin-usertitle">
<div class="admin-userheading">
<div class="admin-userpage"> <h2>Users:</h2>
<input type="submit" name="prev" value="prev"> </div>
1 / 1 <div class="admin-pageui">
<input type="submit" name="next" value="next"> <?php
if ($pagetype == "user") {
$pages = countSomeUsersByStatus($search, $status);
} else {
$pages = countSomeGroupsByStatus($search, $groupstatus);
}
$countresults = $pages->fetchColumn();
$mincount = min($listm, $countresults);
$minlist = min($listn + 1, $countresults);
?>
<p class="pagenumber">Current page:</p>
<form class="admin-pageselector"
action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
method="post">
<select class="admin-pageselect"
name="pageselect"
onchange="this.form.submit()"
value="">
<?php
for ($i=1; $i <= ceil($countresults / $perpage); $i++) {
if ($currentpage == $i) {
echo "<option value='$i' selected>$i</option>";
} else {
echo "<option value='$i'>$i</option>";
}
}
?>
</select>
</form>
<p class="entriesshown">
<?php
echo "Showing results $minlist to $mincount out of $countresults";
?>
</div>
</div> <br> </div> <br>
<table class="usertable"> <table class="usertable">
<tr> <tr>
<th class="table-checkbox"> <th class="table-checkbox">
<input type="checkbox" name="checkall" onchange="checkAll(this)"> <input type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)">
</th> </th>
<th class="table-username">User</th> <th class="table-username">User</th>
<th class="table-status">Status</th> <th class="table-status">Status</th>
@@ -182,21 +221,28 @@ function test_input($data) {
<!-- Table construction via php PDO. --> <!-- Table construction via php PDO. -->
<?php <?php
$listn = ($currentpage-1) * $perpage;
$listm = $currentpage * $perpage;
if ($pagetype == 'user') { if ($pagetype == 'user') {
$q = search20UsersFromNByStatus($listnr, $search, $status); $q = searchSomeUsersByStatus($listn, $listm, $search, $status);
while($user = $q->fetch(PDO::FETCH_ASSOC)) { while($user = $q->fetch(PDO::FETCH_ASSOC)) {
$userID = $user['userID']; $userID = $user['userID'];
$username = $user['username']; $username = $user['username'];
$role = $user['role']; $role = $user['role'];
$bancomment = $user['bancomment']; $bancomment = $user['bancomment'];
$thispage = htmlspecialchars($_SERVER['PHP_SELF']); $thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
$function = "checkCheckAll(document.getElementById('checkall'))";
echo(" echo("
<tr> <tr>
<td><input type='checkbox' <td><input type='checkbox'
name='checkbox-user[]' name='checkbox-user[]'
value='$userID'> class='checkbox-list'
value='$userID'
form='admin-batchform'
onchange=" . "$function" . ">
</td> </td>
<td>$username</td> <td>$username</td>
<td>$role</td> <td>$role</td>
@@ -218,20 +264,24 @@ function test_input($data) {
"); ");
} }
} else { } else {
$q = search20GroupsFromNByStatus($listnr, $search, $groupstatus); $q = searchSomeGroupsByStatus($listn, $listm, $search, $groupstatus);
while ($group = $q->fetch(PDO::FETCH_ASSOC)) { while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
$groupID = $group['groupID']; $groupID = $group['groupID'];
$name = $group['name']; $name = $group['name'];
$role = $group['status']; $role = $group['status'];
$description = $group['description']; $description = $group['description'];
$thispage = htmlspecialchars($_SERVER['PHP_SELF']); $thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
$function = "checkCheckAll(document.getElementById('checkall'))";
echo(" echo("
<tr> <tr>
<td><input type='checkbox' <td><input type='checkbox'
name='checkbox-group[]' name='checkbox-group[]'
value='$groupID'> class='checkbox-list'
value='$groupID'
form='admin-groupbatchform'
onchange=" . "$function" . ">
</td> </td>
<td>$name</td> <td>$name</td>
<td>$role</td> <td>$role</td>
@@ -243,7 +293,7 @@ function test_input($data) {
<select class='action' name='actions'> <select class='action' name='actions'>
<option value='0'>Hide</option> <option value='0'>Hide</option>
<option value='1'>Public</option> <option value='1'>Public</option>
<option value='2'>Members-only</option> <option value='2'>Members</option>
</select> </select>
<input type='hidden' name='groupID' value='$groupID'> <input type='hidden' name='groupID' value='$groupID'>
<input type='submit' value='Confirm'> <input type='submit' value='Confirm'>
@@ -256,10 +306,6 @@ function test_input($data) {
?> ?>
</table> </table>
</div> </div>
</form>
<pre>
<?php print_r($_POST); ?>
</pre>
</div> </div>
</div> </div>
</body> </body>

17
website/views/head.php
View File

@@ -1,17 +1,16 @@
<meta charset="utf-8"> <meta charset="utf-8">
<title>MyHyvesbook+</title> <title>MyHyvesbook+</title>
<!-- Add your javascript files here. --> <!-- Add your javascript files here. -->
<script src="js/jquery.js"></script> <script src="/js/jquery.js"></script>
<script src="js/header.js"></script> <script src="/js/header.js"></script>
<script src="js/menu.js"></script> <script src="/js/menu.js"></script>
<script src="js/masonry.js"></script>
<style> <style>
/* Add your css files here. */ /* Add your css files here. */
@import url("styles/main.css"); @import url("/styles/main.css");
@import url("styles/font-awesome.css"); @import url("/styles/font-awesome.css");
@import url("styles/header.css"); @import url("/styles/header.css");
@import url("styles/menu.css"); @import url("/styles/menu.css");
@import url("styles/footer.css"); @import url("/styles/footer.css");
</style> </style>
<?php <?php

5
website/views/header.php
View File

@@ -5,10 +5,10 @@ $userinfo = getHeaderInfo();
?> ?>
<header> <header>
<div id="header-logo"> <div id="header-logo">
<a href="profile.php"><img src="img/top-logo.png" alt="MyHyvesbook+" /></a> <a href="profile.php"><img src="/img/top-logo.png" alt="MyHyvesbook+" /></a>
</div> </div>
<div id="header-search"> <div id="header-search">
<form action="search.php" method="get"> <form action="/search" method="get">
<input name="search" <input name="search"
type="text" type="text"
placeholder="Zoek naar wat je wil" placeholder="Zoek naar wat je wil"
@@ -27,7 +27,6 @@ $userinfo = getHeaderInfo();
</div> </div>
<img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/> <img id="own-profile-picture" class="profile-picture" src="<?=$userinfo["profilepicture"]?>"/>
</div> </div>
<!-- <i class="right fa fa-bell-o" id="open-notifications" data-title="Prive chats"></i>-->
</header> </header>
<?php include("notification-center.php"); ?> <?php include("notification-center.php"); ?>

4
website/views/login-view.php
View File

@@ -1,6 +1,6 @@
<div> <div>
<img style="width:50%;margin-left:25%" <img style="width:50%;margin-left:25%"
src="img/top-logo.png" src="/img/top-logo.png"
alt="MyHyvesbook+"> alt="MyHyvesbook+">
</div> </div>
<div class="platform"> <div class="platform">
@@ -46,6 +46,6 @@
</form> </form>
<!-- Button for going to the register screen --> <!-- Button for going to the register screen -->
<div class="login_containerlogin"> <div class="login_containerlogin">
<a href="https://myhyvesbookplus.nl/register.php" class="button">Registreer een account</a> <a href="https://myhyvesbookplus.nl/register" class="button">Registreer een account</a>
</div> </div>
</div> </div>

6
website/views/login_head.php
View File

@@ -3,9 +3,9 @@
<title>MyHyvesbook+</title> <title>MyHyvesbook+</title>
<link rel="stylesheet" <link rel="stylesheet"
type="text/css" type="text/css"
href="styles/main.css"> href="/styles/main.css">
<link rel="stylesheet" <link rel="stylesheet"
type="text/css" type="text/css"
href="styles/index.css"> href="/styles/index.css">
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script> <script src="/js/jquery.js"></script>
</head> </head>

2
website/views/menu.php
View File

@@ -51,7 +51,7 @@
echo " echo "
<li class='friend-item'> <li class='friend-item'>
<form action='profile.php' method='get'> <form action='/profile' method='get'>
<button type='submit' <button type='submit'
name='username' name='username'
value='$randomUser'> value='$randomUser'>

25
website/views/profile.php
View File

@@ -2,9 +2,10 @@
<div class="profile-box platform"> <div class="profile-box platform">
<img class="left profile-picture" src="<?php echo $user["profilepicture"] ?>"> <img class="left profile-picture" src="<?php echo $user["profilepicture"] ?>">
<div class="profile-button"> <div class="profile-button">
<p><img src="img/add-friend.png"> Als vriend toevoegen</p> <p><img src="/img/add-friend.png"> Als vriend toevoegen</p>
</div> </div>
<h1 class="profile-username"><?= $user["fname"]?> <?=$user["lname"]?> (<?=$user["username"]?>)</h1> <h1 class="profile-username"><?=$user["username"]?></h1>
<h5 class="profile-username"><?= $user["fname"]?> <?=$user["lname"]?></h5>
<p><?=$user["bio"]?></p> <p><?=$user["bio"]?></p>
</div> </div>
@@ -13,11 +14,11 @@
<p> <p>
<?php <?php
while($friend = $profile_friends->fetch()) { while($friend = $profile_friends->fetch()) {
echo "<a href='#' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>"; echo "<a href='/profile/${friend["username"]}/' data-title='${friend["username"]}'><img class='profile-picture' src='${friend["profilepicture"]}' alt='${friend["username"]}'s profielfoto></a>";
} }
if($friends->rowCount() === 0) { if($profile_friends->rowCount() === 0) {
echo "<p>Deze gebruiker heeft nog geen vrienden gemaakt.</p>"; echo "<p>Deze gebruiker heeft nog geen vrienden gemaakt.</p>";
} }
?> ?>
@@ -29,10 +30,10 @@
<p> <p>
<?php <?php
while($group = $profile_groups->fetch()) { while($group = $profile_groups->fetch()) {
echo "<a href='#' data-title='${group["name"]}'><img class='group-picture' src='${group["picture"]}' alt='${group["name"]}s logo'></a>"; echo "<a href='/group/${group["name"]}/' data-title='${group["name"]}'><img class='group-picture' src='${group["picture"]}' alt='${group["name"]}s logo'></a>";
} }
if($groups->rowCount() === 0) { if($profile_groups->rowCount() === 0) {
echo "<p>Deze gebruiker is nog geen lid van een groep.</p>"; echo "<p>Deze gebruiker is nog geen lid van een groep.</p>";
} }
?> ?>
@@ -41,6 +42,18 @@
<div class="posts"> <div class="posts">
<?php <?php
if ($_SESSION["userID"] === $userID) {
?>
<div class="post platform">
<form>
<input type="text" class="newpost" placeholder="Titel">
<textarea class="newpost">Schrijf een berichtje...</textarea>
<input type="submit" value="Plaats!">
</form>
</div>
<?php
}
while($post = $posts->fetch()) { while($post = $posts->fetch()) {
$nicetime = nicetime($post["creationdate"]); $nicetime = nicetime($post["creationdate"]);
echo " echo "

9
website/views/register-view.php
View File

@@ -1,6 +1,6 @@
<div> <div>
<img style="width:50%;margin-left:25%" <img style="width:50%;margin-left:25%"
src="img/top-logo.png" src="/img/top-logo.png"
alt="MyHyvesbook+"> alt="MyHyvesbook+">
</div> </div>
@@ -123,13 +123,12 @@
value="Registreer uw account" value="Registreer uw account"
name="Submit" name="Submit"
id="frm1_submit"> id="frm1_submit">
Registreer uw account Registreer
</button> </button>
</div> </div>
</form> </form>
<!-- Button for going back to login screen -->
<div class="login_containerlogin"> <div class="login_containerlogin">
<a href="https://myhyvesbookplus.nl/login.php" class="button">Login met een account</a> <!-- Button for going back to login screen -->
<a href="https://myhyvesbookplus.nl/login.php" class="left-arrow">Login</a>
</div> </div>
</div> </div>

120
website/views/search-view.php
View File

File diff suppressed because one or more lines are too long

2
website/views/settings-view.php
View File

@@ -68,7 +68,7 @@ $settings = getSettings();
</li> </li>
</ul> </ul>
</form> </form>
<form class="settings-profilepictue platform" method="post"> <form class="settings-profilepictue platform" method="post" enctype="multipart/form-data">
<h5>Verander profielfoto</h5> <h5>Verander profielfoto</h5>
<ul> <ul>
<li> <li>