include_once 'include/allQueries.php';
if (!$_SESSION['login']) {
header('Location:login.php');
} else {
$completed = checkComplete();
if ($completed == false) {
header('Location:completeAccount.php');
}
}
if (isset($_GET['q'])) {
logout();
header("location:login.php");
}
if (isset($_GET['RemoveId'])) {
$frienId = $_GET['RemoveId'];
$result = removeFriend($frienId);
if ($result) {
header('Location:Friends.php');
} else {
echo "Error";
}
}
if (isset($_GET['AddId'])) {
$frienId = $_GET['AddId'];
$result = confirmFriend($frienId);
if ($result) {
header('Location:Friends.php');
} else {
echo "Error";
}
}
if (isset($_REQUEST['friends'])) {
$friends = $_REQUEST['friends'];
}
if (isset($_REQUEST['action'])) {
switch ($_REQUEST['action']) {
case 'createuser':
createUser($apikeyvalue, $username, $password, $displayname, $avatarfile, $avatarlink, $profilelink);
break;
case 'updateuser':
updateuser($apikeyvalue, $userid, $username, $password, $newpassword, $displayname, $avatarfile, $avatarlink, $profilelink);
break;
case 'addfriend':
addFriend($apikeyvalue, $userid, $friends);
break;
case 'removefriend':
removeFriend($apikeyvalue, $userid, $friends);
break;
case 'getfriend':
getfriend($apikeyvalue, $userid);
break;
case 'checkAPIKEY':
checkAPIKEY($apikeyvalue);
break;
case 'checkpassword':
checkpassword($apikeyvalue, $password);
break;
case 'authenticateUser':
authenticateUser($apikeyvalue, $username, $password);
break;
case 'removeuser':
removeuser($apikeyvalue, $userid);
require AT_INCLUDE_PATH . 'header.inc.php';
$info = array('INVALID_USER', $_SESSION['course_id']);
$msg->printInfos($info);
require AT_INCLUDE_PATH . 'footer.inc.php';
exit;
}
//Handles search queries from side menu
if (isset($_GET['searchFriends']) && $_GET['friendsName'] != '') {
$wanted = $addslashes($_GET['friendsName']);
$friends = searchFriends($wanted, true);
}
//Handles remove request
if (isset($_GET['remove'])) {
$id = intval($_GET['id']);
// if (isset($_GET['confirm_remove'])){
removeFriend($id);
header('Location: ' . url_rewrite(AT_SOCIAL_BASENAME . AT_SOCIAL_INDEX, AT_PRETTY_URL_IS_HEADER));
exit;
// }
// $msg->addConfirm("are_you_sure?");
// header('Location: '.url_rewrite(AT_SOCIAL_BASENAME.'index.php?remove=yes'.SEP.'id='.$id.SEP.'confirm_remove=yes'));
}
//Handles request approval, and rejection
if (isset($_GET['approval'])) {
$id = intval($_GET['id']);
if ($_GET['approval'] == 'y') {
approveFriendRequest($id);
$sql_notify = "SELECT first_name, last_name, email FROM " . TABLE_PREFIX . "members WHERE member_id={$id}";
$result_notify = mysql_query($sql_notify, $db);
$row_notify = mysql_fetch_assoc($result_notify);
if ($row_notify['email'] != '') {
$results = addFriend($db, $_SESSION['id'], $_POST['addfriendid'], $_SESSION['token']);
switch ($results[SP::ERROR]) {
case ERR::OK:
echo "<p>Friend added! <a href='friendslist.php'>See friends</a></p>";
break;
case ERR::TOKEN_EXPIRED:
case ERR::TOKEN_FAIL:
case ERR::USER_NO_TOKEN:
header("Location: logout.php?error=" . $results[SP::ERROR]);
break;
default:
echo "<p>Could not add friend. Error: " . $ERRORS[$results[SP::ERROR]] . "</p>";
break;
}
} elseif ($_POST['deletefriendid']) {
$results = removeFriend($db, $_SESSION['id'], $_POST['deletefriendid'], $_SESSION['token']);
switch ($results[SP::ERROR]) {
case ERR::OK:
echo "<p>Friend removed! <a href='friendslist.php'>See friends</a></p>";
break;
case ERR::TOKEN_EXPIRED:
case ERR::TOKEN_FAIL:
case ERR::USER_NO_TOKEN:
header("Location: logout.php?error=" . $results[SP::ERROR]);
break;
default:
echo "<p>Could not remove friend. Error: " . $ERRORS[$results[SP::ERROR]] . "</p>";
break;
}
} else {
$results = getFriends($db, $_SESSION['id'], $_SESSION['token']);
