function message($message_id)
{
$dao = new DAO(false);
$message = DataObject::select_one($dao, "message", array("message_id", "message_title", "message_description"), array("message_id" => $message_id));
if (!$message) {
$message = DataObject::select_one($dao, "message", array("message_id", "message_title", "message_description"), array("message_id" => 1));
}
return $message;
}
function get_conversations($dao, $user_id, $latest_pulled, $latest_seen_by_u2)
{
global $user;
global $INITIAL_CONVO_SIZE;
$this_conversation = "((user_id1=\"{$user->user_id}\" AND user_id2=\"{$user_id}\") OR \n\t\t \t\t\t\t\t (user_id2=\"{$user->user_id}\" AND user_id1=\"{$user_id}\"))";
$properties = array("msg_id", "user_id1", "user_id2", "user_name", "msg_content", "msg_seen");
//Select all messages that have not been pulled by this client
// AND all messages that have been seen by the other user, but this has not yet been observed
// by this client.
if ($latest_pulled != -1) {
$query = "SELECT " . implode(",", $properties) . " FROM\n\t\t\t\t\t\tchat_msg JOIN user ON user.user_id=user_id1 \n\t\t\t\t\t\tWHERE {$this_conversation}\n\t\t\t\t\t\t\tAND ((msg_id > {$latest_seen_by_u2} AND msg_seen AND user_id2=\"{$user_id}\")\n\t\t\t\t\t\t\t OR (msg_id > {$latest_pulled}))\n\t\t\t\t\t\tORDER BY msg_id ASC;";
} else {
$query = "(SELECT " . implode(",", $properties) . " FROM\n\t\t\t\t\t\tchat_msg JOIN user ON user.user_id=user_id1 \n\t\t\t \t\t\tWHERE {$this_conversation}\n\t\t\t \t\t\tORDER BY msg_id DESC LIMIT {$INITIAL_CONVO_SIZE}) ORDER BY msg_id ASC;";
}
$dao->myquery($query);
$messages = $dao->fetch_all_obj_part($properties);
if (connection_aborted()) {
echo "Connection aborted";
}
$conversations = array();
//When a request for a specific user is made, include conversation info
// even if there aren't any messages.
if ($user_id != "-1") {
$user2 = DataObject::select_one($dao, "user", array("user_id", "user_name", "user_picture"), array("user_id" => $user_id));
$conversation = new stdClass();
$conversation->messages = array();
$conversation->user_name = $user2->user_name;
$conversation->user_picture = $user2->user_picture;
$conversation->user_id = $user_id;
$conversations[$user_id] = $conversation;
}
foreach ($messages as $message) {
$dao->myquery("UPDATE chat_msg SET msg_seen=1 WHERE msg_id=\"{$message->msg_id}\" AND user_id2=\"{$user->user_id}\";");
if ($message->user_id2 != $user->user_id) {
$convo_id = $message->user_id2;
} else {
$convo_id = $message->user_id1;
}
if (!array_key_exists($convo_id, $conversations)) {
$user2 = DataObject::select_one($dao, "user", array("user_id", "user_name", "user_picture"), array("user_id" => $convo_id));
$conversation = new stdClass();
$conversation->messages = array();
$conversation->user_name = $user2->user_name;
$conversation->user_id = $convo_id;
$conversation->user_picture = $user2->user_picture;
$conversations[$convo_id] = $conversation;
} else {
$conversation = $conversations[$convo_id];
}
$conversation->messages[$message->msg_id] = $message;
}
return $conversations;
}
include_once "../util/mysql.php";
//Return posts from a certain cohort
$query = "";
$dao = new DAO(false);
$page_from = "0";
if (!(isset($_POST["post_id"]) || isset($_POST["comment_id"]))) {
$page_from = $dao->escape($_POST["page_from"]);
$page_to = $dao->escape($_POST["page_to"]);
$PAGE_LENGTH = 10;
$limit = "LIMIT " . $page_from * $PAGE_LENGTH . "," . ($page_to - $page_from) * $PAGE_LENGTH;
}
$hidden = "(post.post_id in(SELECT post_id FROM hidden_post WHERE user_id=\"{$user->user_id}\"))";
$can_vote = "!(post.post_id in(SELECT post_id FROM post_vote WHERE user_id=\"{$user->user_id}\"))";
$properties = "post.post_id,user.user_id,post.post_time,post.post_content,post.post_rating_up,post.post_rating_dn,user.user_name,user.user_picture,{$hidden} AS post_is_hidden,{$can_vote} AS can_vote";
if (isset($_POST["comment_id"])) {
$comment = DataObject::select_one($dao, "comment", array("comment_id", "post_id"), array("comment_id" => $_POST["comment_id"]));
if ($comment) {
$post_id = $comment->post_id;
}
$query = "SELECT {$properties} FROM post JOIN user ON user.user_id=post.user_id WHERE post_id=\"{$post_id}\" ORDER BY post_time;";
} else {
if (isset($_POST["post_id"])) {
$post_id = $dao->escape($_POST["post_id"]);
$query = "SELECT {$properties} FROM post JOIN user ON user.user_id=post.user_id WHERE post_id=\"{$post_id}\" ORDER BY post_time;";
} else {
if (isset($selected_user)) {
$query = "SELECT {$properties} FROM post JOIN user ON user.user_id=post.user_id WHERE post.group_id=\"-1\" AND post.user_id=\"{$selected_user->user_id}\" ORDER BY post_time DESC {$limit};";
} else {
if (isset($selected_group)) {
$query = "SELECT {$properties} FROM post JOIN user ON user.user_id=post.user_id WHERE post.group_id=\"{$selected_group->group_id}\" ORDER BY post_time DESC {$limit};";
} else {
<?php
include "../util/session.php";
include_once "../util/mysql.php";
include "../mail/send.php";
include "../util/status.php";
include "../util/constants.php";
$dao = new DAO(false);
$user_id = $_POST["user_id"];
$group_id = $_POST["group_id"];
$member = DataObject::select_one($dao, "user", array("user_id", "user_email", "user_name"), array("user_id" => $user_id));
$group = DataObject::select_one($dao, "user_group", array("group_id", "group_name"), array("group_id" => $group_id));
if ($group != NULL) {
if ($member != NULL) {
if (NULL == DataObject::select_one($dao, "grouping_request", array("gr_id"), array("group_id" => $group_id, "user_id" => $user_id))) {
$body = "<p>Hello " . $member->user_name . ",</p>\n\t\t\t\t<p>" . $user->user_name . " has asked you to join the group \"" . $group->group_name . "\".\n\t\t\t\t\tIf you would like to join, please click on this link: \n\t\t\t\t\t<a href=\"" . $SITE_URL . "script/grouping/confirm.php?group_id=" . $group_id . "\">Click here to join</a>.</p>\n\t\t\t\t<p>Best Wishes,<br>The Unify Team</p>";
$request = DataObject::create($dao, "grouping_request", array("group_id" => $group_id, "user_id" => $user_id));
$request->commit();
//Put the request in the database. So long as this is here, the user can accept (only when logged in)
mail_message($member->user_email, "Group Join Request", $body);
echo Status::json(0, "Request sent :)");
} else {
echo Status::json(3, "Member has already been requested to join");
}
} else {
echo Status::json(1, "Member not found");
}
} else {
echo Status::json(2, "Group not found");
}
<?php
//Determine the status of a connection: requested/connected/non existant
include "../util/session.php";
include "../util/session_var.php";
include_once "../util/mysql.php";
include_once "../util/status.php";
$dao = new DAO(false);
$connection = array("user_id1" => $user->user_id, "user_id2" => $selected_user->user_id);
$connection_rev = array("user_id2" => $user->user_id, "user_id1" => $selected_user->user_id);
//Has it been requested?
$request = DataObject::select_one($dao, "friend_request", array("req_id"), $connection);
if ($request == NULL) {
//Check if they are friends
$friendship = DataObject::select_one($dao, "connection", array("connection_id"), $connection_rev);
if ($friendship != NULL) {
echo Status::json(0, "Unification complete: <a href=\"javascript:;\" onclick=\"location.reload()\">refresh page?</a>");
} else {
echo Status::json(1, "Unification failed!");
}
} else {
echo Status::json(1, "Unification requested");
}
<?php
include "../util/session.php";
include_once "../util/mysql.php";
include "../util/status.php";
$dao = new DAO(false);
if (isset($_GET["d"]) && isset($_GET["post_id"])) {
$direction = $_GET["d"];
$post_id = $_GET["post_id"];
$post_vote = DataObject::select_one($dao, "post_vote", array("vote_id"), array("user_id" => $user->user_id, "post_id" => $post_id));
if ($post_vote) {
echo Status::json(1, "User has already voted");
} else {
$post = DataObject::select_one($dao, "post", array("post_id", "post_rating_up", "post_rating_dn"), array("post_id" => $post_id));
if ($post) {
if ($direction == "u") {
$post->post_rating_up++;
} else {
$post->post_rating_dn++;
}
if ($post->commit()) {
$post_vote = DataObject::create($dao, "post_vote", array("user_id" => $user->user_id, "post_id" => $post_id));
if ($post_vote) {
if ($post_vote->commit()) {
echo Status::json(0, "Vote added");
} else {
echo Status::json(2, "Failed to prevent future votes");
}
} else {
echo Status::json(3, "Failed to insert post_vote");
}
<?php
include "../util/session.php";
include_once "../util/mysql.php";
include_once "../util/redirect.php";
$dao = new DAO(false);
$friend_request = DataObject::select_one($dao, "friend_request", array("req_id"), array("user_id1" => $user->user_id, "user_id2" => $selected_user->user_id));
if ($friend_request != NULL) {
$friend_request->delete();
}
redirect("/user/" . $selected_user->user_id);
<?php
if ($logged_in) {
$dao = new DAO(false);
if (isset($_GET["group_id"])) {
$group_request = $dao->escape($_GET["group_id"]);
$user_in_group = NULL != DataObject::select_one($dao, "grouping", array("grouping_id"), array("group_id" => $group_request, "user_id" => $user->user_id));
if ($user_in_group) {
$row = DataObject::select_one($dao, "user_group", array("group_id", "group_name"), array("group_id" => $group_request));
if ($row) {
$selected_group = new stdClass();
$selected_group->group_id = $row->group_id;
$selected_group->group_name = stripslashes($row->group_name);
$selected_group->posting_enabled = true;
$selected_group->can_be_added_to = true;
$_SESSION["selected_group"] = $selected_group;
unset($_SESSION["selected_user"]);
} else {
redirect("../");
}
} else {
redirect("../");
}
}
}
<?php
//Delete a notifcation from the database
include_once "../util/mysql.php";
include_once "../util/redirect.php";
// include_once("../util/status.php");
include_once "../util/constants.php";
$notification_id = $_GET["notif_id"];
$dao = new DAO(false);
$notification = DataObject::select_one($dao, "notification", array("notif_id", "notif_link", "notif_seen"), array("notif_id" => $notification_id));
if ($notification) {
$notification->notif_seen = 1;
// User has seen this now
if ($notification->commit()) {
redirect($SITE_URL . $notification->notif_link);
} else {
redirect($SITE_URL, array("m" => "0"));
}
} else {
redirect($SITE_URL, array("m" => "0"));
}
<?php
//Unhide a post that has been hidden
include "../util/session.php";
include_once "../util/mysql.php";
include "../util/status.php";
$dao = new DAO(false);
if (isset($_GET["post_id"])) {
$post_id = $dao->escape($_GET["post_id"]);
$hidden_post = DataObject::select_one($dao, "hidden_post", array("hide_id"), array("post_id" => $post_id, "user_id" => $user->user_id));
if ($hidden_post) {
$result = $hidden_post->delete();
if ($result) {
echo Status::json(0, "Post unhidden");
} else {
echo Status::json(1, "Post could not be unhidden");
}
} else {
echo Status::json(2, "Post not hidden");
}
} else {
echo Status::json(3, "No post id");
}
<?php
//Add a comment to a post on a cohort/user's feed
include "../util/session.php";
include_once "../util/mysql.php";
include "../util/status.php";
include "../notification/add.php";
$dao = new DAO(false);
$post_id = $_POST["post_id"];
$comment_content = $_POST["comment_content"];
if ($comment_content != "") {
$comment = DataObject::create($dao, "comment", array("user_id" => $user->user_id, "post_id" => $post_id, "comment_content" => $comment_content, "comment_time" => date("Y-m-d H:i:s", time() + 3600)));
if ($comment->commit()) {
//Comment has been added, notifier the orignal poster
//Find the original poster
$post = DataObject::select_one($dao, "post", array("post_id", "user_id"), array("post_id" => $post_id));
if ($post->user_id != $user->user_id) {
$notification_user = $post->user_id;
$notification_title = "New comment on your post";
$notification_message = "{$user->user_name} has commented on one of your posts.";
$notification_link = "post/" . $post->post_id;
notify($dao, $notification_user, $notification_title, $notification_message, $notification_link);
}
echo Status::json(0, "Comment added");
} else {
echo Status::json(2, "Comment could not be added");
}
} else {
echo Status::json(1, "No comment content");
}
<?php
include "../util/session.php";
include_once "../util/mysql.php";
include_once "../util/status.php";
$dao = new DAO(false);
$connection_properties = array("user_id1" => $user->user_id, "user_id2" => $selected_user->user_id);
$existing_request = DataObject::select_one($dao, "friend_request", array("req_id"), $connection_properties);
if ($existing_request == NULL) {
$existing_connection = DataObject::select_one($dao, "connection", array("connection_id"), $connection_properties);
if ($existing_connection == NULL) {
$my_lat = doubleval($dao->escape($_POST["my_lat"]));
$my_lng = doubleval($dao->escape($_POST["my_lng"]));
$query = "SELECT req_id,lat,lng FROM friend_request WHERE user_id1=\"{$selected_user->user_id}\" AND user_id2=\"{$user->user_id}\";";
$dao->myquery($query);
if ($dao->fetch_num_rows() > 0) {
$row = $dao->fetch_one();
$req_id = $row["req_id"];
$lng1 = $row["lng"];
$lng2 = $my_lng;
$lat1 = $row["lat"];
$lat2 = $my_lat;
$dlng = $lng1 - $lng2;
$distance = sin(deg2rad($lat1)) * sin(deg2rad($lat2)) + cos(deg2rad($lat1)) * cos(deg2rad($lat2)) * cos(deg2rad($dlng));
$distance = acos($distance);
$distance = rad2deg($distance);
$distance = $distance * 60 * 1.1515 * 1.609344;
$threshold = 0.01 + 0.01;
//20m!
if ($distance < $threshold) {
$new_connection = DataObject::create($dao, "connection", $connection_properties);
<?php
//Deletes a friend connection (unfriending)
// Are you friends with this person?
// Then you can unfriend
include "../util/session.php";
include_once "../util/mysql.php";
include_once "../util/redirect.php";
$user_id1 = $user->user_id;
$user_id2 = $_GET["user_id2"];
$dao = new DAO(false);
$connection = DataObject::select_one($dao, "connection", array("connection_id"), array("user_id1" => $user_id1, "user_id2" => $user_id2));
if ($connection) {
$connection->delete();
} else {
// Reverse connection
$connection = DataObject::select_one($dao, "connection", array("connection_id"), array("user_id2" => $user_id1, "user_id1" => $user_id2));
if ($connection) {
$connection->delete();
}
}
//Now delete the messages relating to these two users
$delete_query = "DELETE FROM chat_msg WHERE " . "(user_id1 = {$user_id1} AND user_id2 = {$user_id2}) OR" . "(user_id2 = {$user_id1} AND user_id1 = {$user_id2});";
$dao->myquery($delete_query);
redirect("/user/" . $user_id2);
$user = DataObject::create($dao, "user", array("cohort_id" => $cohort->get_primary_id(), "user_name" => $user_name, "user_email" => "{$uncomfirmed} {$user_email}", "user_password" => $user_password, "user_picture" => "default"));
if ($user->commit()) {
//Add the user to the cohort's group
$grouping = DataObject::create($dao, "grouping", array("group_id" => $cohort->group_id, "user_id" => $user->get_primary_id()));
$grouping->commit();
$dao->myquery("SELECT MAX(conf_id) FROM confirmation;");
$maxid = $dao->fetch_one();
if ($maxid) {
$rnd = salt(",jag,wd873423%Ed.fkug" . $maxid);
} else {
$rnd = salt(",jag,wd873423%Ed.fkug" . rand());
}
//send rnd to the user and a link which will return rnd to the server for confirmation
$send_email = false;
//If the confirmation has already been sent, just resend it. Don't craete a new confimation
if (NULL != DataObject::select_one($dao, "confirmation", array("conf_id"), array("user_email" => $user_email))) {
$send_email = true;
} else {
$conf = DataObject::create($dao, "confirmation", array("conf_rnd" => $rnd, "user_id" => $user->get_primary_id(), "user_email" => $user_email));
if ($conf->commit()) {
$send_email = true;
} else {
redirect("../../register/", array_merge(array("m" => "6"), $_POST));
//This should never happen
}
}
if ($send_email) {
$subject = "Confirm your account";
$body = "<p>Hello " . $user_name . ",</p>" . "<p>Thank you for joining Unify! Trust me, this is the best decision you've ever made.</p>" . "<p>Click <a href=\"" . $SITE_URL . "confirm.php?rnd={$rnd}\">CONFIRM</a> to confirm your account and to start using Unify.<br><br>" . "Click <a href=\"" . $SITE_URL . "unconfirm.php?rnd={$rnd}\">UNCONFIRM</a> if you have no idea why you are receiving this email." . " This will prevent this email address being used on Unify.</p>" . "<p>Best Wishes,<br>" . "The Unify Team</p>";
$success = mail_message($user_email, $subject, $body);
if (!$success) {
<?php
include "script/util/mysql.php";
include "script/util/redirect.php";
$dao = new DAO(false);
$rnd = $dao->escape($_GET["rnd"]);
//Delete the confirmation
//Fix the users email!
//Find the user id first
$confirmation = DataObject::select_one($dao, "confirmation", array("conf_id", "user_id"), array("conf_rnd" => $rnd));
if ($confirmation != NULL) {
$user_id = $confirmation->user_id;
//Then delete the confirmation
if ($confirmation->delete()) {
//Find the user that it relates to
$user = DataObject::select_one($dao, "user", array("user_id", "user_email"), array("user_id" => $user_id));
if ($user != NULL) {
$user_email = $user->user_email;
//Correct their email to enable login
$space_pos = strpos($user_email, " ") + 1;
$user_email = substr($user_email, $space_pos);
//Take everything after space
//Change and commit
$user->user_email = $user_email;
if ($user->commit()) {
redirect("welcome/?m=10");
} else {
//Faliure to change the user's email
//User should be deleted so they can register again
$user->delete();
redirect("welcome/?m=6");
<?php
//Delete a notification
include_once "../util/session.php";
include_once "../util/status.php";
include_once "../util/mysql.php";
$dao = new DAO(false);
$notification = DataObject::select_one($dao, "notification", array("notif_id"), array("user_id" => $user->user_id, "notif_id" => $_POST["notif_id"]));
if ($notification != NULL) {
if ($notification->delete()) {
echo Status::json(0, "Notification deleted");
} else {
echo Status::json(1, "Could not delete notification");
}
} else {
echo Status::json(2, "Could not find notification");
}
<?php
//Delete a comment from a post
include "../util/session.php";
include_once "../util/mysql.php";
include "../util/status.php";
$dao = new DAO(false);
if (isset($_GET["comment_id"])) {
$comment_id = $_GET["comment_id"];
$comment = DataObject::select_one($dao, "comment", array("comment_id"), array("comment_id" => $comment_id, "user_id" => $user->user_id));
$success = $comment->delete();
if ($success) {
echo Status::json(0, "Comment deleted");
} else {
echo Status::json(1, "Comment could not be deleted from database");
}
} else {
echo Status::json(2, "No comment id");
}
<?php
//Confirm that this user logged in wants to join the group
include "../util/session.php";
include "../util/redirect.php";
include_once "../util/mysql.php";
$group_id = $_GET["group_id"];
if (isset($user)) {
$new_values = array("group_id" => $group_id, "user_id" => $user->user_id);
$dao = new DAO(false);
//Check if the user has already been added:
$already_grouped = DataObject::select_one($dao, "grouping", array("grouping_id"), $new_values);
if ($already_grouped == NULL) {
$grouping = DataObject::create($dao, "grouping", $new_values);
$request = DataObject::select_one($dao, "grouping_request", array("gr_id", "group_id", "user_id"), array("group_id" => $group_id, "user_id" => $user->user_id));
if ($request != NULL) {
$request->delete();
//Delete the request from the database
if ($grouping->commit()) {
redirect("/", array("group_id" => $group_id, "m" => 17));
//Send them to the new group!
} else {
redirect("/?m=11");
}
} else {
redirect("/?m=13");
//You have not been asked to join this group
}
} else {
redirect("/", array("group_id" => $group_id, "m" => 14));
//You are already in this group... See!
