} else {
$params = array('groupsearch' => '');
}
$tree = $_SESSION['tree'];
$search = '%' . $params['groupsearch'] . '%';
$select_db = connect('select');
$stmt = dbexec($select_db, 'SELECT id, name, type, description FROM groups WHERE LOWER(name) LIKE LOWER(?) ORDER BY name', array($search), array(PDO::PARAM_STR));
$doc = new DOMDocument('1.0', 'utf-8');
$root = $doc->createElement('groups');
$doc->appendChild($root);
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$node = $doc->createElement('group');
$node->setAttribute('group-id', htmlspecialchars($row['id']));
$node->setAttribute('name', htmlspecialchars($row['name']));
$node->setAttribute('type', htmlspecialchars($row['type']));
$node->appendChild($doc->createTextNode(htmlspecialchars($row['description'])));
$parents = $doc->createElement('parents');
$path = get_path_to($select_db, $row['id']);
for ($i = count($path) - 1; $i >= 0; $i--) {
$parent = $doc->createElement('parent');
$parent->setAttribute('group-id', htmlspecialchars($path[$i]['id']));
$parent->setAttribute('name', htmlspecialchars($path[$i]['name']));
$parent->setAttribute('type', htmlspecialchars($path[$i]['type']));
$parent->appendChild($doc->createTextNode(htmlspecialchars($path[$i]['description'])));
$parents->appendChild($parent);
}
$node->appendChild($parents);
$root->appendChild($node);
}
header('Content-type: text/xml');
echo $doc->saveXML();
<?php
require '../../utility/common.php';
list($user_id, $tree, $name) = logged_in();
$select_db = connect('select');
$query = 'SELECT p.message, ' . '(SELECT u.username FROM users u JOIN posts p2 ON p2.author_id = u.id WHERE p2.author_id = p.author_id LIMIT 1) as author_name, ' . 'p.image, g.name, p.created, p.id, gp.andor FROM posts p ' . 'JOIN group_posts gp ON p.id = gp.post_id ' . 'JOIN group_users gu ON gu.group_id = gp.group_id ' . 'JOIN groups g ON g.id = gu.group_id ';
if (isset($_GET['groupid']) && $_GET['groupid']) {
$params = validate_params('GET', array('groupid'), array(FILTER_VALIDATE_INT), array(FILTER_SANITIZE_NUMBER_INT));
$group_ids = get_path_to($select_db, $params['groupid']);
$stmt = $select_db->prepare($query . 'WHERE gu.user_id = ? AND gp.group_id IN (' . implode(',', array_fill(0, count($group_ids), '?')) . ') ' . 'ORDER BY p.created DESC ');
$stmt->bindParam(1, $user_id, PDO::PARAM_INT);
for ($i = 0; $i < count($group_ids); $i++) {
$stmt->bindParam($i + 2, $group_ids[$i]['id'], PDO::PARAM_INT);
}
$stmt->execute();
} else {
$stmt = dbexec($select_db, $query . 'WHERE gu.user_id = ? ' . 'ORDER BY p.created DESC ', array($user_id), array(PDO::PARAM_INT));
}
if ($stmt->rowCount() == 0) {
echo '<p>There are no posts in that group</p>';
die;
}
$doc = new DOMDocument('1.0', 'utf-8');
$root = $doc->createElement('posts');
$doc->appendChild($root);
$usergroups = $tree->vars('id');
//all groups the user is in
//can't use dbexec, need to loop
$groups_stmt = $select_db->prepare('SELECT group_id, andor FROM group_posts WHERE post_id = :postid');
$groups_stmt->bindParam(':postid', $post_id);
while ($post_row = $stmt->fetch(PDO::FETCH_ASSOC)) {
<?php
require '../../utility/common.php';
list($user_id, $tree, $name) = logged_in();
validate_key();
$groupids = array();
$select_db = connect('select');
foreach ($_POST['add'] as $key => $value) {
$parentgroups = get_path_to($select_db, $value);
for ($i = 0; $i < count($parentgroups); $i++) {
if (!in_array($parentgroups[$i]['id'], $groupids)) {
array_push($groupids, $parentgroups[$i]['id']);
}
}
}
$insert_db = connect('insert');
$stmt = $insert_db->prepare('INSERT IGNORE INTO group_users VALUES (:userid, :groupid)');
$stmt->bindParam(':userid', $user_id, PDO::PARAM_INT);
$stmt->bindParam(':groupid', $group_id, PDO::PARAM_INT);
for ($i = 0; $i < count($groupids); $i++) {
$group_id = $groupids[$i];
$stmt->execute();
}
session_start();
$_SESSION['tree'] = get_tree($select_db, $user_id);
session_commit();
header('Location: ../groups.php');
