function message($message_id) { $dao = new DAO(false); $message = DataObject::select_one($dao, "message", array("message_id", "message_title", "message_description"), array("message_id" => $message_id)); if (!$message) { $message = DataObject::select_one($dao, "message", array("message_id", "message_title", "message_description"), array("message_id" => 1)); } return $message; }
function get_conversations($dao, $user_id, $latest_pulled, $latest_seen_by_u2) { global $user; global $INITIAL_CONVO_SIZE; $this_conversation = "((user_id1=\"{$user->user_id}\" AND user_id2=\"{$user_id}\") OR \n\t\t \t\t\t\t\t (user_id2=\"{$user->user_id}\" AND user_id1=\"{$user_id}\"))"; $properties = array("msg_id", "user_id1", "user_id2", "user_name", "msg_content", "msg_seen"); //Select all messages that have not been pulled by this client // AND all messages that have been seen by the other user, but this has not yet been observed // by this client. if ($latest_pulled != -1) { $query = "SELECT " . implode(",", $properties) . " FROM\n\t\t\t\t\t\tchat_msg JOIN user ON user.user_id=user_id1 \n\t\t\t\t\t\tWHERE {$this_conversation}\n\t\t\t\t\t\t\tAND ((msg_id > {$latest_seen_by_u2} AND msg_seen AND user_id2=\"{$user_id}\")\n\t\t\t\t\t\t\t OR (msg_id > {$latest_pulled}))\n\t\t\t\t\t\tORDER BY msg_id ASC;"; } else { $query = "(SELECT " . implode(",", $properties) . " FROM\n\t\t\t\t\t\tchat_msg JOIN user ON user.user_id=user_id1 \n\t\t\t \t\t\tWHERE {$this_conversation}\n\t\t\t \t\t\tORDER BY msg_id DESC LIMIT {$INITIAL_CONVO_SIZE}) ORDER BY msg_id ASC;"; } $dao->myquery($query); $messages = $dao->fetch_all_obj_part($properties); if (connection_aborted()) { echo "Connection aborted"; } $conversations = array(); //When a request for a specific user is made, include conversation info // even if there aren't any messages. if ($user_id != "-1") { $user2 = DataObject::select_one($dao, "user", array("user_id", "user_name", "user_picture"), array("user_id" => $user_id)); $conversation = new stdClass(); $conversation->messages = array(); $conversation->user_name = $user2->user_name; $conversation->user_picture = $user2->user_picture; $conversation->user_id = $user_id; $conversations[$user_id] = $conversation; } foreach ($messages as $message) { $dao->myquery("UPDATE chat_msg SET msg_seen=1 WHERE msg_id=\"{$message->msg_id}\" AND user_id2=\"{$user->user_id}\";"); if ($message->user_id2 != $user->user_id) { $convo_id = $message->user_id2; } else { $convo_id = $message->user_id1; } if (!array_key_exists($convo_id, $conversations)) { $user2 = DataObject::select_one($dao, "user", array("user_id", "user_name", "user_picture"), array("user_id" => $convo_id)); $conversation = new stdClass(); $conversation->messages = array(); $conversation->user_name = $user2->user_name; $conversation->user_id = $convo_id; $conversation->user_picture = $user2->user_picture; $conversations[$convo_id] = $conversation; } else { $conversation = $conversations[$convo_id]; } $conversation->messages[$message->msg_id] = $message; } return $conversations; }
include_once "../util/mysql.php"; //Return posts from a certain cohort $query = ""; $dao = new DAO(false); $page_from = "0"; if (!(isset($_POST["post_id"]) || isset($_POST["comment_id"]))) { $page_from = $dao->escape($_POST["page_from"]); $page_to = $dao->escape($_POST["page_to"]); $PAGE_LENGTH = 10; $limit = "LIMIT " . $page_from * $PAGE_LENGTH . "," . ($page_to - $page_from) * $PAGE_LENGTH; } $hidden = "(post.post_id in(SELECT post_id FROM hidden_post WHERE user_id=\"{$user->user_id}\"))"; $can_vote = "!(post.post_id in(SELECT post_id FROM post_vote WHERE user_id=\"{$user->user_id}\"))"; $properties = "post.post_id,user.user_id,post.post_time,post.post_content,post.post_rating_up,post.post_rating_dn,user.user_name,user.user_picture,{$hidden} AS post_is_hidden,{$can_vote} AS can_vote"; if (isset($_POST["comment_id"])) { $comment = DataObject::select_one($dao, "comment", array("comment_id", "post_id"), array("comment_id" => $_POST["comment_id"])); if ($comment) { $post_id = $comment->post_id; } $query = "SELECT {$properties} FROM post JOIN user ON user.user_id=post.user_id WHERE post_id=\"{$post_id}\" ORDER BY post_time;"; } else { if (isset($_POST["post_id"])) { $post_id = $dao->escape($_POST["post_id"]); $query = "SELECT {$properties} FROM post JOIN user ON user.user_id=post.user_id WHERE post_id=\"{$post_id}\" ORDER BY post_time;"; } else { if (isset($selected_user)) { $query = "SELECT {$properties} FROM post JOIN user ON user.user_id=post.user_id WHERE post.group_id=\"-1\" AND post.user_id=\"{$selected_user->user_id}\" ORDER BY post_time DESC {$limit};"; } else { if (isset($selected_group)) { $query = "SELECT {$properties} FROM post JOIN user ON user.user_id=post.user_id WHERE post.group_id=\"{$selected_group->group_id}\" ORDER BY post_time DESC {$limit};"; } else {
<?php include "../util/session.php"; include_once "../util/mysql.php"; include "../mail/send.php"; include "../util/status.php"; include "../util/constants.php"; $dao = new DAO(false); $user_id = $_POST["user_id"]; $group_id = $_POST["group_id"]; $member = DataObject::select_one($dao, "user", array("user_id", "user_email", "user_name"), array("user_id" => $user_id)); $group = DataObject::select_one($dao, "user_group", array("group_id", "group_name"), array("group_id" => $group_id)); if ($group != NULL) { if ($member != NULL) { if (NULL == DataObject::select_one($dao, "grouping_request", array("gr_id"), array("group_id" => $group_id, "user_id" => $user_id))) { $body = "<p>Hello " . $member->user_name . ",</p>\n\t\t\t\t<p>" . $user->user_name . " has asked you to join the group \"" . $group->group_name . "\".\n\t\t\t\t\tIf you would like to join, please click on this link: \n\t\t\t\t\t<a href=\"" . $SITE_URL . "script/grouping/confirm.php?group_id=" . $group_id . "\">Click here to join</a>.</p>\n\t\t\t\t<p>Best Wishes,<br>The Unify Team</p>"; $request = DataObject::create($dao, "grouping_request", array("group_id" => $group_id, "user_id" => $user_id)); $request->commit(); //Put the request in the database. So long as this is here, the user can accept (only when logged in) mail_message($member->user_email, "Group Join Request", $body); echo Status::json(0, "Request sent :)"); } else { echo Status::json(3, "Member has already been requested to join"); } } else { echo Status::json(1, "Member not found"); } } else { echo Status::json(2, "Group not found"); }
<?php //Determine the status of a connection: requested/connected/non existant include "../util/session.php"; include "../util/session_var.php"; include_once "../util/mysql.php"; include_once "../util/status.php"; $dao = new DAO(false); $connection = array("user_id1" => $user->user_id, "user_id2" => $selected_user->user_id); $connection_rev = array("user_id2" => $user->user_id, "user_id1" => $selected_user->user_id); //Has it been requested? $request = DataObject::select_one($dao, "friend_request", array("req_id"), $connection); if ($request == NULL) { //Check if they are friends $friendship = DataObject::select_one($dao, "connection", array("connection_id"), $connection_rev); if ($friendship != NULL) { echo Status::json(0, "Unification complete: <a href=\"javascript:;\" onclick=\"location.reload()\">refresh page?</a>"); } else { echo Status::json(1, "Unification failed!"); } } else { echo Status::json(1, "Unification requested"); }
<?php include "../util/session.php"; include_once "../util/mysql.php"; include "../util/status.php"; $dao = new DAO(false); if (isset($_GET["d"]) && isset($_GET["post_id"])) { $direction = $_GET["d"]; $post_id = $_GET["post_id"]; $post_vote = DataObject::select_one($dao, "post_vote", array("vote_id"), array("user_id" => $user->user_id, "post_id" => $post_id)); if ($post_vote) { echo Status::json(1, "User has already voted"); } else { $post = DataObject::select_one($dao, "post", array("post_id", "post_rating_up", "post_rating_dn"), array("post_id" => $post_id)); if ($post) { if ($direction == "u") { $post->post_rating_up++; } else { $post->post_rating_dn++; } if ($post->commit()) { $post_vote = DataObject::create($dao, "post_vote", array("user_id" => $user->user_id, "post_id" => $post_id)); if ($post_vote) { if ($post_vote->commit()) { echo Status::json(0, "Vote added"); } else { echo Status::json(2, "Failed to prevent future votes"); } } else { echo Status::json(3, "Failed to insert post_vote"); }
<?php include "../util/session.php"; include_once "../util/mysql.php"; include_once "../util/redirect.php"; $dao = new DAO(false); $friend_request = DataObject::select_one($dao, "friend_request", array("req_id"), array("user_id1" => $user->user_id, "user_id2" => $selected_user->user_id)); if ($friend_request != NULL) { $friend_request->delete(); } redirect("/user/" . $selected_user->user_id);
<?php if ($logged_in) { $dao = new DAO(false); if (isset($_GET["group_id"])) { $group_request = $dao->escape($_GET["group_id"]); $user_in_group = NULL != DataObject::select_one($dao, "grouping", array("grouping_id"), array("group_id" => $group_request, "user_id" => $user->user_id)); if ($user_in_group) { $row = DataObject::select_one($dao, "user_group", array("group_id", "group_name"), array("group_id" => $group_request)); if ($row) { $selected_group = new stdClass(); $selected_group->group_id = $row->group_id; $selected_group->group_name = stripslashes($row->group_name); $selected_group->posting_enabled = true; $selected_group->can_be_added_to = true; $_SESSION["selected_group"] = $selected_group; unset($_SESSION["selected_user"]); } else { redirect("../"); } } else { redirect("../"); } } }
<?php //Delete a notifcation from the database include_once "../util/mysql.php"; include_once "../util/redirect.php"; // include_once("../util/status.php"); include_once "../util/constants.php"; $notification_id = $_GET["notif_id"]; $dao = new DAO(false); $notification = DataObject::select_one($dao, "notification", array("notif_id", "notif_link", "notif_seen"), array("notif_id" => $notification_id)); if ($notification) { $notification->notif_seen = 1; // User has seen this now if ($notification->commit()) { redirect($SITE_URL . $notification->notif_link); } else { redirect($SITE_URL, array("m" => "0")); } } else { redirect($SITE_URL, array("m" => "0")); }
<?php //Unhide a post that has been hidden include "../util/session.php"; include_once "../util/mysql.php"; include "../util/status.php"; $dao = new DAO(false); if (isset($_GET["post_id"])) { $post_id = $dao->escape($_GET["post_id"]); $hidden_post = DataObject::select_one($dao, "hidden_post", array("hide_id"), array("post_id" => $post_id, "user_id" => $user->user_id)); if ($hidden_post) { $result = $hidden_post->delete(); if ($result) { echo Status::json(0, "Post unhidden"); } else { echo Status::json(1, "Post could not be unhidden"); } } else { echo Status::json(2, "Post not hidden"); } } else { echo Status::json(3, "No post id"); }
<?php //Add a comment to a post on a cohort/user's feed include "../util/session.php"; include_once "../util/mysql.php"; include "../util/status.php"; include "../notification/add.php"; $dao = new DAO(false); $post_id = $_POST["post_id"]; $comment_content = $_POST["comment_content"]; if ($comment_content != "") { $comment = DataObject::create($dao, "comment", array("user_id" => $user->user_id, "post_id" => $post_id, "comment_content" => $comment_content, "comment_time" => date("Y-m-d H:i:s", time() + 3600))); if ($comment->commit()) { //Comment has been added, notifier the orignal poster //Find the original poster $post = DataObject::select_one($dao, "post", array("post_id", "user_id"), array("post_id" => $post_id)); if ($post->user_id != $user->user_id) { $notification_user = $post->user_id; $notification_title = "New comment on your post"; $notification_message = "{$user->user_name} has commented on one of your posts."; $notification_link = "post/" . $post->post_id; notify($dao, $notification_user, $notification_title, $notification_message, $notification_link); } echo Status::json(0, "Comment added"); } else { echo Status::json(2, "Comment could not be added"); } } else { echo Status::json(1, "No comment content"); }
<?php include "../util/session.php"; include_once "../util/mysql.php"; include_once "../util/status.php"; $dao = new DAO(false); $connection_properties = array("user_id1" => $user->user_id, "user_id2" => $selected_user->user_id); $existing_request = DataObject::select_one($dao, "friend_request", array("req_id"), $connection_properties); if ($existing_request == NULL) { $existing_connection = DataObject::select_one($dao, "connection", array("connection_id"), $connection_properties); if ($existing_connection == NULL) { $my_lat = doubleval($dao->escape($_POST["my_lat"])); $my_lng = doubleval($dao->escape($_POST["my_lng"])); $query = "SELECT req_id,lat,lng FROM friend_request WHERE user_id1=\"{$selected_user->user_id}\" AND user_id2=\"{$user->user_id}\";"; $dao->myquery($query); if ($dao->fetch_num_rows() > 0) { $row = $dao->fetch_one(); $req_id = $row["req_id"]; $lng1 = $row["lng"]; $lng2 = $my_lng; $lat1 = $row["lat"]; $lat2 = $my_lat; $dlng = $lng1 - $lng2; $distance = sin(deg2rad($lat1)) * sin(deg2rad($lat2)) + cos(deg2rad($lat1)) * cos(deg2rad($lat2)) * cos(deg2rad($dlng)); $distance = acos($distance); $distance = rad2deg($distance); $distance = $distance * 60 * 1.1515 * 1.609344; $threshold = 0.01 + 0.01; //20m! if ($distance < $threshold) { $new_connection = DataObject::create($dao, "connection", $connection_properties);
<?php //Deletes a friend connection (unfriending) // Are you friends with this person? // Then you can unfriend include "../util/session.php"; include_once "../util/mysql.php"; include_once "../util/redirect.php"; $user_id1 = $user->user_id; $user_id2 = $_GET["user_id2"]; $dao = new DAO(false); $connection = DataObject::select_one($dao, "connection", array("connection_id"), array("user_id1" => $user_id1, "user_id2" => $user_id2)); if ($connection) { $connection->delete(); } else { // Reverse connection $connection = DataObject::select_one($dao, "connection", array("connection_id"), array("user_id2" => $user_id1, "user_id1" => $user_id2)); if ($connection) { $connection->delete(); } } //Now delete the messages relating to these two users $delete_query = "DELETE FROM chat_msg WHERE " . "(user_id1 = {$user_id1} AND user_id2 = {$user_id2}) OR" . "(user_id2 = {$user_id1} AND user_id1 = {$user_id2});"; $dao->myquery($delete_query); redirect("/user/" . $user_id2);
$user = DataObject::create($dao, "user", array("cohort_id" => $cohort->get_primary_id(), "user_name" => $user_name, "user_email" => "{$uncomfirmed} {$user_email}", "user_password" => $user_password, "user_picture" => "default")); if ($user->commit()) { //Add the user to the cohort's group $grouping = DataObject::create($dao, "grouping", array("group_id" => $cohort->group_id, "user_id" => $user->get_primary_id())); $grouping->commit(); $dao->myquery("SELECT MAX(conf_id) FROM confirmation;"); $maxid = $dao->fetch_one(); if ($maxid) { $rnd = salt(",jag,wd873423%Ed.fkug" . $maxid); } else { $rnd = salt(",jag,wd873423%Ed.fkug" . rand()); } //send rnd to the user and a link which will return rnd to the server for confirmation $send_email = false; //If the confirmation has already been sent, just resend it. Don't craete a new confimation if (NULL != DataObject::select_one($dao, "confirmation", array("conf_id"), array("user_email" => $user_email))) { $send_email = true; } else { $conf = DataObject::create($dao, "confirmation", array("conf_rnd" => $rnd, "user_id" => $user->get_primary_id(), "user_email" => $user_email)); if ($conf->commit()) { $send_email = true; } else { redirect("../../register/", array_merge(array("m" => "6"), $_POST)); //This should never happen } } if ($send_email) { $subject = "Confirm your account"; $body = "<p>Hello " . $user_name . ",</p>" . "<p>Thank you for joining Unify! Trust me, this is the best decision you've ever made.</p>" . "<p>Click <a href=\"" . $SITE_URL . "confirm.php?rnd={$rnd}\">CONFIRM</a> to confirm your account and to start using Unify.<br><br>" . "Click <a href=\"" . $SITE_URL . "unconfirm.php?rnd={$rnd}\">UNCONFIRM</a> if you have no idea why you are receiving this email." . " This will prevent this email address being used on Unify.</p>" . "<p>Best Wishes,<br>" . "The Unify Team</p>"; $success = mail_message($user_email, $subject, $body); if (!$success) {
<?php include "script/util/mysql.php"; include "script/util/redirect.php"; $dao = new DAO(false); $rnd = $dao->escape($_GET["rnd"]); //Delete the confirmation //Fix the users email! //Find the user id first $confirmation = DataObject::select_one($dao, "confirmation", array("conf_id", "user_id"), array("conf_rnd" => $rnd)); if ($confirmation != NULL) { $user_id = $confirmation->user_id; //Then delete the confirmation if ($confirmation->delete()) { //Find the user that it relates to $user = DataObject::select_one($dao, "user", array("user_id", "user_email"), array("user_id" => $user_id)); if ($user != NULL) { $user_email = $user->user_email; //Correct their email to enable login $space_pos = strpos($user_email, " ") + 1; $user_email = substr($user_email, $space_pos); //Take everything after space //Change and commit $user->user_email = $user_email; if ($user->commit()) { redirect("welcome/?m=10"); } else { //Faliure to change the user's email //User should be deleted so they can register again $user->delete(); redirect("welcome/?m=6");
<?php //Delete a notification include_once "../util/session.php"; include_once "../util/status.php"; include_once "../util/mysql.php"; $dao = new DAO(false); $notification = DataObject::select_one($dao, "notification", array("notif_id"), array("user_id" => $user->user_id, "notif_id" => $_POST["notif_id"])); if ($notification != NULL) { if ($notification->delete()) { echo Status::json(0, "Notification deleted"); } else { echo Status::json(1, "Could not delete notification"); } } else { echo Status::json(2, "Could not find notification"); }
<?php //Delete a comment from a post include "../util/session.php"; include_once "../util/mysql.php"; include "../util/status.php"; $dao = new DAO(false); if (isset($_GET["comment_id"])) { $comment_id = $_GET["comment_id"]; $comment = DataObject::select_one($dao, "comment", array("comment_id"), array("comment_id" => $comment_id, "user_id" => $user->user_id)); $success = $comment->delete(); if ($success) { echo Status::json(0, "Comment deleted"); } else { echo Status::json(1, "Comment could not be deleted from database"); } } else { echo Status::json(2, "No comment id"); }
<?php //Confirm that this user logged in wants to join the group include "../util/session.php"; include "../util/redirect.php"; include_once "../util/mysql.php"; $group_id = $_GET["group_id"]; if (isset($user)) { $new_values = array("group_id" => $group_id, "user_id" => $user->user_id); $dao = new DAO(false); //Check if the user has already been added: $already_grouped = DataObject::select_one($dao, "grouping", array("grouping_id"), $new_values); if ($already_grouped == NULL) { $grouping = DataObject::create($dao, "grouping", $new_values); $request = DataObject::select_one($dao, "grouping_request", array("gr_id", "group_id", "user_id"), array("group_id" => $group_id, "user_id" => $user->user_id)); if ($request != NULL) { $request->delete(); //Delete the request from the database if ($grouping->commit()) { redirect("/", array("group_id" => $group_id, "m" => 17)); //Send them to the new group! } else { redirect("/?m=11"); } } else { redirect("/?m=13"); //You have not been asked to join this group } } else { redirect("/", array("group_id" => $group_id, "m" => 14)); //You are already in this group... See!