<?php
if (isset($selected_user)) {
unset($selected_user);
}
if ($logged_in && isset($_GET["user_id"])) {
$dao = new DAO(false);
$user_request = $dao->escape($_GET["user_id"]);
$properties = array("user_id", "user_name", "user_picture", "course_name", "university_name");
$dao->myquery("SELECT " . implode(",", $properties) . " FROM user " . "JOIN cohort ON user.cohort_id=cohort.cohort_id " . "JOIN course ON cohort.course_id=course.course_id " . "JOIN university ON course.university_id=university.university_id WHERE user_id=\"{$user_request}\";");
if ($dao->fetch_num_rows() > 0) {
//User exists
$selected_user = $dao->fetch_one_obj_part($properties);
$friends_query = "SELECT * FROM connection WHERE (user_id1=\"{$user->user_id}\" AND user_id2=\"{$selected_user->user_id}\") OR " . "(user_id2=\"{$user->user_id}\" AND user_id1=\"{$selected_user->user_id}\");";
$dao->myquery($friends_query);
$is_friend = $dao->fetch_num_rows() != 0 || $selected_user->user_id == $user->user_id || $selected_user->user_id == 1;
// I am friends with myself
$selected_user->is_friend = $is_friend;
$dao->myquery("SELECT * FROM friend_request WHERE user_id1=\"{$user->user_id}\" AND user_id2=\"{$selected_user->user_id}\";");
$selected_user->request_sent = $dao->fetch_num_rows() != 0;
$_SESSION["selected_user"] = $selected_user;
unset($_SESSION["selected_cohort"]);
}
}
data:{user_password:new_pwd,conf_rnd: conf_rnd,user_id: user_id},
type:"POST"
}).done(function() {
id("info").innerHTML = "Password reset. Please <a href=\"../welcome/\">login</a>.";
});
}
return false;
}
</script>
</head>
<body>
<div id="main">
<?php
$query = "SELECT * FROM reset_request WHERE user_id=\"{$user->user_id}\" AND conf_rnd=\"{$conf_rnd}\";";
$dao->myquery($query);
if ($dao->fetch_num_rows() == 1) {
?>
<div>
<form onsubmit="reset_password(event)" action="">
<input id="new_pwd" type="password" placeholder="New password" onkeyup="verify_password()"/>
<input id="conf_pwd" type="password" placeholder="Confirm password" onkeyup="verify_password()"/>
<input type="submit" value="reset"/>
</form>
</div>
<div id="info">
</div>
<?php
} else {
?>
<?php
if ($logged_in) {
$dao = new DAO(false);
if (isset($_GET["cohort_id"])) {
$cohort_request = $dao->escape($_GET["cohort_id"]);
if ($cohort_request == $user->cohort_id) {
$dao->myquery("SELECT cohort_id,cohort.group_id,group_name,cohort_start,course.course_name,university.university_name FROM cohort \n\t\t\t\t\tJOIN course ON cohort.course_id=course.course_id \n\t\t\t\t\tJOIN university ON university.university_id=course.university_id\n\t\t\t\t\tJOIN user_group ON cohort.group_id=user_group.group_id WHERE cohort_id=\"{$cohort_request}\";");
$row = $dao->fetch_one_obj();
if ($dao->fetch_num_rows() > 0) {
//It exists
$selected_group = new stdClass();
$selected_group->cohort_id = $row->cohort_id;
$selected_group->course_name = $row->course_name;
$selected_group->university_name = $row->university_name;
$selected_group->group_id = $row->group_id;
$selected_group->group_name = $row->course_name . " at " . $row->university_name . " " . date("Y", strtotime($row->cohort_start));
$selected_group->can_be_added_to = false;
$d = new DateTime($row->cohort_start);
$selected_group->cohort_start = $d->format('jS F Y');
$selected_group->posting_enabled = $selected_group->cohort_id == $user->cohort_id;
$_SESSION["selected_group"] = $selected_group;
unset($_SESSION["selected_user"]);
}
} else {
redirect("../");
}
}
}
