Untitled

<?php

    function getProfile($db,$userId){
        $sql = "SELECT * FROM users where id='$userId'";
        $result = $db->query($sql);

        if ($result->num_rows > 0) {
            while($row = $result->fetch_assoc()) {
                $profile = $row;
                return $profile;
            }
        }
    }
    function getFriends($db,$userId){
        $friends = array();

        //Retrieve users who i've added to Friends
        $sql = "SELECT users.* FROM friends join users on users.id = friends.friend2 where friends.friend1 = '$userId'";
        $result = $db->query($sql);

        if ($result->num_rows > 0) {
            while($row = $result->fetch_assoc()) {
                $friends[] = $row;
            }
        }

        //Retrieve users who've added me to Friends
        $sql = "SELECT users.* FROM friends join users on users.id = friends.friend1 where friends.friend2 = '$userId'";
        $result = $db->query($sql);

        if ($result->num_rows > 0) {
            while($row = $result->fetch_assoc()) {
                $friends[] = $row;
            }
        }
        //removes double friends
        $friends = array_unique($friends,SORT_REGULAR);

        return $friends;
    }
    function getUpdates($db,$userId){
        $statusupdates = array();

        $sql = "SELECT statusupdates.*, users.firstname, users.lastname FROM statusupdates JOIN users on statusupdates.user_id = users.id WHERE user_id ='$userId' ORDER BY date_posted DESC ";
        $result = $db->query($sql);

        if ($result->num_rows > 0) {
            while($row = $result->fetch_assoc()) {
                $statusupdates[] = $row;
            }
        }
        return $statusupdates;
    }
    function getComments($db,$updateId){
        $comments = array();

        $sql = "SELECT * FROM comments join users on comments.user_id = users.id WHERE statusupdate_id = '$updateId' order by date_commented DESC";
        $result = $db->query($sql);

        if ($result->num_rows > 0) {
            while($row = $result->fetch_assoc()) {
                $comments[] = $row;
            }
        }
        return $comments;
    }

    function removeUpdate($db,$updateId){
        // remove update
        $sql = "DELETE FROM statusupdates WHERE id='$updateId'";
        $db->query($sql);

        //remove comments
        $sql = "DELETE FROM comments WHERE statusupdate_id='$updateId'";
        $db->query($sql);

        //remove likes
        $sql = "DELETE FROM likes WHERE statusupdate_id='$updateId'";
        $db->query($sql);
    }
    function insertUpdate($db,$userId,$updateText,$image){
        $sql = "INSERT INTO statusupdates (updatetext, user_id,image) VALUES ('$updateText','$userId','$image')";
        $db->query($sql);
    }
    function insertComment($db,$updateId,$userId,$comment){
        $sql = "INSERT INTO comments (statusupdate_id, user_id,comment) VALUES ('$updateId','$userId','$comment')";
        $db->query($sql);
    }

    function doILikeUpdate($db,$updateId,$userId){
        $sql = "SELECT * FROM likes WHERE user_id='$userId' AND statusupdate_id='$updateId'";
        $result = $db->query($sql);

        if ($result->num_rows > 0){
            return true;
        }
        else{
            return false;
        }
    }
    function likeUpdate($db,$updateId,$userId){
        //query to add 1 like to likesfield in statusupdates
        $sql = "UPDATE statusupdates SET likes = likes + 1 WHERE id='$updateId'";
        $db->query($sql);

        //query to add that i like to the likes table
        $sql = "INSERT into likes (statusupdate_id,user_id) VALUES ('$updateId','$userId')";
        $db->query($sql);
    }
    function unlikeUpdate($db,$updateId,$userId){
        //query to reduce 1 like from likesfield in statusupdates
        $sql = "UPDATE statusupdates SET likes = likes - 1 WHERE id='$updateId'";
        $db->query($sql);

        //query to remove that i like to the likes table
        $sql = "DELETE FROM likes WHERE statusupdate_id='$updateId' AND user_id= '$userId'";
        $db->query($sql);
    }

    function searchUsers($db,$search){
        $users = array();

        $sql = "SELECT * FROM users WHERE firstname LIKE '%$searchq%' OR lastname LIKE '%$searchq%'";
        $result = $db->query($sql);

        if ($result->num_rows > 0) {
            while($row = $result->fetch_assoc()) {
                $users[] = $row;
            }
        }
        return $users;
    }
    function login($db,$email,$password){
        $password = md5($password);
        $sql = "SELECT * FROM users WHERE email='$email' AND password='$password'";
        $result = $db->query($sql);

        if ($result->num_rows == 1){
            while($user = $result->fetch_assoc()) {
                return $user;
            }
        }
        else{
            return 0;
        }
    }
    function register($db,$email,$password,$firstname,$lastname,$birthdate,$picture){
        $password = md5($password);
        $sql = "INSERT INTO profile (email,password,firstname, lastname, birthdate, profilepicture) VALUES ('$email','$password','$firstname', '$lastname', '$birthdate', '$picture')";
        $db->query($sql);
    }
    function saveFile($file,$dir){
        $filename = basename($file['name']);
        $target = "$dir/$filename"
        move_uploaded_file($filename,$target);
        return $filename;
    }