YannickEHB

1. DATABASE
2. <?php
3. class DB_connection {
4.     protected $server;
5.     protected $username;
6.     protected $password;
7.     protected $db_name;
8.     protected $connection = null;
9.     public function __construct($server, $username, $password, $db_name)
10.     {
11.         $this->server = $server;
12.         $this->username = $username;
13.         $this->password = $password;
14.         $this->db_name = $db_name;
15.     }
16.     public function __destruct()
17.     {
18.         if ($this->connection != null){
19.             $this->closeConnection();
20.         }
21.     }
22.     protected function closeConnection(){
23.         if ($this->connection != null){
24.             $this->connection->close();
25.             $this->connection = null;
26.         }
27.     }
28.     protected function createConnection(){
29.         $this->connection = new mysqli($this->server, $this->username, $this->password, $this->db_name);
30.         if ($this->connection->connect_error){
31.             die("Connect Error (". $this->connection->connect_errno . ") " . $this->connection->connect_error);
32.         }
33.     }
34.     protected function antiSqlInjection($value){
35.         $result = $this->connection->real_escape_string($value);
36.         return result;
37.     }
38.      protected function executeAdvancedSqlQuery($mySqlQuery, $cancelConnection = true, $parameterArray = null) {
39.         $this->createConnection();
40.         if ($parameterArray != null) {
41.             $queryParts = preg_split("/\?/", $mySqlQuery);
42.             if (count($queryParts) != count($parameterArray) + 1) {
43.                 return false;
44.             }
45.             $finalQuery = $queryParts[0];
46.             for ($index = 0; $index < count($parameterArray); $index++) {
47.                 $finalQuery = $finalQuery . $this->antiSqlInjection($parameterArray[$index]) . $queryParts[$index + 1];
48.             }
49.             $mySqlQuery = $finalQuery;
50.         }
51.         $result = $this->connection->query($mySqlQuery);
52.         if ($cancelConnection) {
53.             $this->closeConnection();
54.         }
55.         return $result;
56.     }
57.     public function executeSqlQuery($mySqlQuery, $parameterArray = null){
58.         return $this->executeAdvancedSqlQuery($mySqlQuery, true, $parameterArray);
59.     }
60. }
61.  
62. <?php
63. include_once "DB_connection.php";
64. class DB_creds {
65.     private static $connection;
66.     public static function getCreds(){
67.         if (self::$connection == null){
68.             $server = "dtsl.ehb.be";
69.             $username = "WDA088";
70.             $password = "47382165";
71.             $db_name = "WDA088";
72.             self::$connection = new DB_connection($server, $username,$password,$db_name);
73.         }
74.         return self::$connection;
75.     }
76. }
77. ?>
78.  
79. <?php
80. include_once "data/Blog.php";
81. include_once "database/connection/DB_creds.php";
82. class BlogCRUD
83. {
84.     private static function getConnection(){
85.         return DB_creds::getCreds();
86.     }
87.     public static function getAllBlogs(){
88.         $myQuery = "SELECT * FROM Blogs";
89.         $result = self::getConnection()->executeSqlQuery($myQuery);
90.         $resultArray = array();
91.         for ($index = 0; $index < $result->num_rows; $index++){
92.             $row = $result->fetch_array();
93.             $object = self::convertToObject($row);
94.             $resultArray[$index] = $object;
95.         }
96.         return $resultArray;
97.     }
98.     public static function insert($blog) {
99.         $myQuery = "INSERT INTO Blogs(userID, title, image, category, text) VALUES ('".$blog->userID."','".$blog->title."','".$blog->image."','".$blog->category."','".$blog->text."')";
100.         return self::getConnection()->executeSqlQuery($myQuery);
101.     }
102.     public static function getBlogsByMonth($month, $year, $limit = 1000000){
103.         $myQuery = "SELECT * FROM Blogs WHERE MONTH(date) = ". $month . " AND year(date) = ". $year . " ORDER BY rand() LIMIT ". $limit;
104.         $result = self::getConnection()->executeSqlQuery($myQuery);
105.         $resultArray = array();
106.         for ($index = 0; $index < $result->num_rows; $index++){
107.             $row = $result->fetch_array();
108.             $object = self::convertToObject($row);
109.             $resultArray[$index] = $object;
110.         }
111.         return $resultArray;
112.     }
113.     public static function getAllBlogsFromCategory($category){
114.         $myQuery = "SELECT * FROM Blogs WHERE category =\"" . $category ."\"";
115.         $result = self::getConnection()->executeSqlQuery($myQuery);
116.         $resultArray = array();
117.         for ($index = 0; $index < $result->num_rows; $index++){
118.             $row = $result->fetch_array();
119.             $object = self::convertToObject($row);
120.             $resultArray[$index] = $object;
121.         }
122.         return $resultArray;
123.     }
124.     public static function get3BlogsFromSameCategory($category, $blogID){
125.         $myQuery = "SELECT * FROM Blogs WHERE category =\"" . $category ."\" AND blogID  !=". $blogID;
126.         $result = self::getConnection()->executeSqlQuery($myQuery);
127.         $resultArray = array();
128.         for ($index = 0; $index < $result->num_rows; $index++){
129.             $row = $result->fetch_array();
130.             $object = self::convertToObject($row);
131.             $resultArray[$index] = $object;
132.         }
133.         return $resultArray;
134.     }
135.     public static function getThreePopularBlogs(){
136.         $myQuery = "SELECT blogID, COUNT(blogID) as \"occurences\" FROM Comments GROUP BY blogID ORDER BY occurences DESC LIMIT 3";
137.         $result = self::getConnection()->executeSqlQuery($myQuery);
138.         $resultArray = array();
139.         for ($index = 0; $index < $result->num_rows; $index++){
140.             $row = $result->fetch_array();
141.             $id = self::convertToId($row);
142.             $object = self::getBlogById($id);
143.             $resultArray[$index] = $object;
144.         }
145.         return $resultArray;
146.     }
147.     public static function getCommentAmmountById($bID){
148.         $myQuery = "SELECT COUNT(blogID) as \"comments\" FROM Comments WHERE blogID = ". $bID . " GROUP BY blogID";
149.         $result = self::getConnection()->executeSqlQuery($myQuery);
150.         $row = $result->fetch_array();
151.         return $row["comments"];
152.     }
153.     public static function getBlogById($bID){
154.         $myQuery = "SELECT * FROM Blogs WHERE blogID = " . $bID;
155.         $result = self::getConnection()->executeSqlQuery($myQuery);
156.         $row = $result->fetch_array();
157.         $object = self::convertToObject($row);
158.         return $object;
159.     }
160.     public static function getDistinctCategories(){
161.         $myQuery = "SELECT DISTINCT category FROM Blogs";
162.         $result = self::getConnection()->executeSqlQuery($myQuery);
163.         $resultArray = array();
164.         for ($index = 0; $index < $result->num_rows; $index++){
165.             $row = $result->fetch_array();
166.             $resultArray[$index]= $row["category"];
167.         }
168.         return $resultArray;
169.     }
170.     public static function deleteById($blogID) {
171.         include_once "CommentCRUD.php";
172.         CommentCRUD::deleteAllById($blogID);
173.         return self::getConnection()->executeSqlQuery("DELETE FROM Blogs WHERE blogID=" . $blogID);
174.     }
175.     protected static function convertToObject($row){
176.         return new Blog($row["blogID"],$row["title"],$row["userID"],$row["image"],$row["date"],$row["category"],$row["text"]);
177.     }
178.     protected static function convertToId($row){
179.         return $row["blogID"];
180.     }
181. }
182.  
183. REGISTER
184. <?php include "validation.php"?>
185. <html>
186. <head>
187. <?php include_once "views/head.php" ?>
188.     <link rel="stylesheet" type="text/css" href="css/register.css">
189.     <link rel="stylesheet" type="text/css" href="css/homepage.css">
190.     <script src="javascript/formValidations.js"></script>
191. </head>
192.  
193. <body>
194. <?php
195. include "navbar.php";?>
196.  
197.  
198.     <div class="header">
199.         <h2>Register</h2>
200.     </div>
201.     <form method="post" action="register.php" onsubmit="return checkRegisterForm();">
202.         <?php include "errors.php"?>
203.         <div class="input-group">
204.             <label for="email">Email</label>
205.             <input type="email" name="email" value="<?php echo $email?>" id="email">
206.         </div>
207.         <div class="input-group">
208.             <label>Full name</label>
209.             <input type="text" name="fullName" value="<?php echo $fullName?>" id="fullName">
210.         </div>
211.         <div class="input-group">
212.             <label>Username</label>
213.             <input type="text" name="username" value="<?php echo $username?>" id="username">
214.         </div>
215.         <div class="input-group">
216.             <label>Password</label>
217.             <input type="password" name="password_1" id="password_1">
218.         </div>
219.         <div class="input-group">
220.             <label>Confirm password</label>
221.             <input type="password" name="password_2" id="password_2">
222.         </div>
223.         <div class="input-group">
224.             <button type="submit" name="register" class="btn">Register</button>
225.         </div>
226.         <p>Already a member? <a href="login.php">Sign in</a></p>
227.     </form>
228. </div>
229. </body>
230. </html>
231.  
232. function checkRegisterForm(){
233.     //client side validation bij inschrijven
234.     var email = document.getElementById("email");
235.     var fullName = document.getElementById("fullName");
236.     var username = document.getElementById("username");
237.     var password_1 = document.getElementById("password_1");
238.     var password_2 = document.getElementById("password_2");
239.  
240.     if(username=="" || password_1=="" || password_2=="" || email=="" || fullName==""){
241.         alert("Please fill in all fields");
242.         return false;
243.     }
244.  
245.     positionAt = email.indexOf("@");
246.     positionDot = email.lastIndexOf(".");
247.     if (positionAt<1 || positionDot<positionAt+2 || positionDot+2>=x.length) {
248.         alert("Not a valid e-mail address");
249.         return false;
250.     }
251.     return true;
252. }
253.  
254. <?php
255. session_start();
256. include_once "data/User.php";
257. include_once "database/crud/UserCRUD.php";
258. include_once "data/Session.php";
259. include_once "database/crud/SessionCRUD.php";
260. include_once "data/Comment.php";
261. include_once "database/crud/CommentCRUD.php";
262. $username = "";
263. $email ="";
264. $fullName="";
265. $comment_title="";
266. $comment_text="";
267. $blog_title ="";
268. $blog_text="";
269. $blog_image_url ="";
270. $category_name="";
271. $errors = array();
272. //wanneer de gehashte cookie gevonden is bij het bezoeken van de website, zal de user automatisch ingelogd worden
273. if(isset($_COOKIE["sessionID"])){
274.     $session = SessionCRUD::getSessionById($_COOKIE["sessionID"]);
275.     $user = UserCRUD::getUserByID($session->userID);
276.     $_SESSION["fullName"]= $user->fullName;
277.     $_SESSION["userID"] = $user->userID;
278.     $_SESSION["success"] = "You are now logged in";
279. }
280. //wanneer het register formulier gesubmit wordt, wordt deze hier serverside gevalideerd
281. if (isset($_POST["register"])){
282.     $username =$_POST["username"];
283.     $email = $_POST["email"];
284.     $fullName = $_POST["fullName"];
285.     $password_1 = $_POST["password_1"];
286.     $password_2 = $_POST["password_2"];
287.     if (empty($username)){
288.         array_push($errors, "Username is required");
289.     }
290.     if (empty($password_1)){
291.         array_push($errors, "Password is required");
292.     }
293.     if (empty($email)){
294.         array_push($errors, "Email is required");
295.     }
296.     if (empty($fullName)){
297.         array_push($errors, "Full name is required");
298.     }
299.     if($password_1 != $password_2){
300.         array_push($errors, "Please make sure the two passwords match");
301.     }
302.     if (count($errors) == 0){
303.         $password = md5($password_1);
304.         $date = date("Y-m-d");
305.         $user = new User(1, $username, $password, $email, $date, $fullName);
306.         UserCRUD::insert($user);
307.         $_SESSION["fullName"] = $fullName;
308.         $_SESSION["success"] = "You are now logged in";
309.         header("location: index.php");
310.     }
311. }
312. //logout: beëindigen van sessie, "verwijderen" van cookie & sessie variabelen
313. if (isset($_GET["logout"])){
314.     session_destroy();
315.     setcookie("sessionID", "", time()-3600);
316.     unset($_SESSION["success"]);
317.     unset($_SESSION["fullName"]);
318.     unset($_SESSION["userID"]);
319.     header("location: login.php");
320. }
321. //login: inloggen van gebruiker, valideren van info, wanneer dit succesvol gebeurt en de gebruiker gekozen heeft om in de toekomst automatisch herkend te worden wordt een cookie voor tien jaar opgeslaan met als waarde de gehashte sessionid
322. if (isset($_POST["login"])){
323.     $username =$_POST["username"];
324.     $password = $_POST["password"];
325.     if(isset($_POST["remember_me"])){
326.         $remember_me = $_POST["remember_me"];
327.     }
328.     if (empty($username)){
329.         array_push($errors, "Username is required");
330.     }
331.     if (empty($password)){
332.         array_push($errors, "Password is required");
333.     }
334.     if (count($errors) == 0) {
335.         $password = md5($password);
336.         $user = UserCRUD::getUserByLogin($username,$password);
337.         if ($user->username == $username && $user->password){
338.             $_SESSION["fullName"]= $user->fullName;
339.             $_SESSION["userID"] = $user->userID;
340.             $_SESSION["success"] = "You are now logged in";
341.             if($remember_me == true){
342.                 $sessionID = md5(session_id());
343.                 SessionCRUD::insert($sessionID, $user->userID);
344.                 setcookie("sessionID", "$sessionID", time()+60*60*24*365*10);
345.             }
346.             header("location: index.php");
347.         } else{
348.             array_push($errors, "wrong username/password");
349.         }
350.     }
351. }
352. //server side validatie van commentcreation
353. if (isset($_POST["comment"])){
354.     $comment_title =$_POST["comment_title"];
355.     $comment_text = $_POST["comment_text"];
356.     $blog_id = $_POST["blog_id"];
357.     if (empty($comment_title)){
358.         array_push($errors, "Please fill in a title for your comment");
359.     }
360.     if (empty($comment_text)){
361.         array_push($errors, "Please enter your comment");
362.     }
363.     if (count($errors) == 0){
364.         if(isset($_COOKIE["sessionID"])){
365.             $session = SessionCRUD::getSessionById($_COOKIE["sessionID"]);
366.             $user = UserCRUD::getUserByID($session->userID); }
367.             else {
368.                 $user = UserCRUD::getUserByID($_SESSION["userID"]);
369.             }
370.         $date = date("Y-m-d");
371.         $comment = new Comment(1, $date, $user->userID, $blog_id, $comment_title, $comment_text);
372.         CommentCRUD::insert($comment);
373.         header("location: blogdetail.php?id=".$blog_id);
374.     }
375. }
376. //server side validatie van blogcreation
377. if (isset($_POST["blog_create"])){
378.     include "data/Blog.php";
379.     include "database/crud/BlogCRUD.php";
380.     $blog_title =$_POST["blog_title"];
381.     $blog_text = $_POST["blog_text"];
382.     $blog_category = $_POST["blog_category"];
383.     $image_url = $_POST["image_url"];
384.     if (empty($blog_title)){
385.         array_push($errors, "Please fill in a title for your blog");
386.     }
387.     if (empty($blog_text)){
388.         array_push($errors, "Please enter your text");
389.     }
390.     if (empty($image_url)){
391.         array_push($errors, "Please enter an image URL");
392.     }
393.     if (empty($blog_category)){
394.         array_push($errors, "Please enter a valid category");
395.     }
396.     if (count($errors) == 0){
397.         if(isset($_COOKIE["sessionID"])){
398.             $session = SessionCRUD::getSessionById($_COOKIE["sessionID"]);
399.             $user = UserCRUD::getUserByID($session->userID); }
400.         else {
401.             $user = UserCRUD::getUserByID($_SESSION["userID"]);
402.         }
403.         $date = date("Y-m-d");
404.         $blog = new Blog(1,$blog_title, $user->userID, $image_url, $date, $blog_category, $blog_text);
405.         BlogCRUD::insert($blog);
406.         header("location: blogs.php");
407.     }
408. }
409. //server side validatie bij het aanmken van categorieën
410. if (isset($_POST["category"])){
411.     $category =$_POST["category_name"];
412.     if (empty($category)){
413.         array_push($errors, "Please enter a category name");
414.     }
415.     if (count($errors) == 0){
416.         include_once "data/Category.php";
417.         include_once "database/crud/CategoryCRUD.php";
418.         $category = new Category(1,$category);
419.         CategoryCRUD::insert($category);
420.         header("location: index.php");
421.     }
422. }
423. //admin verwijdert een blog (comments van de blog worden ook verwijderd in de crud methodes
424. if (isset($_POST["delete_blog"])){
425.     $blog_id = $_POST["blogID"];
426.     include_once "database/crud/BlogCRUD.php";
427.     BlogCRUD::deleteById($blog_id);
428.     header("location: blogs.php");
429. }
430. ?>
431.  
432. LOADCATEGORY
433. $(document).ready(function(){
434.    $(".cat_side").click(function(){
435.        var category = $(this).text();
436.        $("#all_blogs").load("load_category.php", {
437.             cat_parameter: category
438.        });
439.    })
440. });
441.  
442.  
443. <?php
444. $category = $_POST["cat_parameter"];
445. include_once "database/crud/BlogCRUD.php";
446. Blog::generateAllBlogsFromCategory($category);
447. ?>
448.  
449. MODEL
450. <?php
451. class Blog {
452.     public $blogID;
453.     public $title;
454.     public $userID;
455.     public $image;
456.     public $date;
457.     public $category;
458.     public $text;
459.     public function __construct($blogID, $title, $userID, $image, $date, $category, $text)
460.     {
461.         $this->blogID = $blogID;
462.         $this->title = $title;
463.         $this->userID = $userID;
464.         $this->image = $image;
465.         $date= strtotime($date);
466.         $date = date('d-m-Y', $date);
467.         $this->date = $date;
468.         $this->category = $category;
469.         $this->text = $text;
470.     }
471.     public static function generate3RandomBlogs()
472.     {
473.         include_once "database/crud/BlogCRUD.php";
474.         include_once "database/crud/UserCRUD.php";
475.         $month = date('m');
476.         $year = date('Y');
477.         $blogsMonth = BlogCrud::getBlogsByMonth($month, $year,3);
478.         for ($i = 0; $i < count($blogsMonth); $i++) {
479.             $blog = $blogsMonth[$i];
480.             $blog_id = $blog->blogID;
481.             $title = $blog->title;
482.             $image = $blog->image;
483.             $date = $blog->date;
484.             $category = $blog->category;
485.             $user = UserCRUD::getUserByID($blog->userID);
486.             $author = $user->fullName;
487.             $old_text = $blog->text;
488.             $text = substr($old_text, 0, 250);
489.             $text = $text . "...";
490.             $comments = BlogCRUD::getCommentAmmountById($blog->blogID);
491.             if($comments==0){
492.                 $comments = 0;
493.             }
494.             $id = $i+3;
495.             include "views/little_blog.php";
496.         }
497.     }
498.     public static function generate3PopularBlogs()
499.     {
500.         include_once "database/crud/BlogCRUD.php";
501.         include_once "database/crud/UserCRUD.php";
502.         $blogsMonth = BlogCrud::getThreePopularBlogs();
503.         for ($i = 0; $i < count($blogsMonth); $i++) {
504.             $blog = $blogsMonth[$i];
505.             $blog_id = $blog->blogID;
506.             $title = $blog->title;
507.             $image = $blog->image;
508.             $date = $blog->date;
509.             $category = $blog->category;
510.             $user = UserCRUD::getUserByID($blog->userID);
511.             $author = $user->fullName;
512.             $old_text = $blog->text;
513.             $text = substr($old_text, 0, 250);
514.             $text = $text . "...";
515.             $comments = BlogCRUD::getCommentAmmountById($blog->blogID);
516.             if($comments==0){
517.                 $comments = 0;
518.             }
519.             $id = $i;
520.             include "views/little_blog.php";
521.         }
522.     }
523.     public static function generateAllBlogs()
524.     {
525.         include_once "database/crud/BlogCRUD.php";
526.         include_once "database/crud/UserCRUD.php";
527.         $month = date('m');
528.         $year = date('Y');
529.         $allBlogs = BlogCrud::getAllBlogs();
530.         for ($i = 0; $i < count($allBlogs); $i++) {
531.             $blog = $allBlogs[$i];
532.             $blog_id = $blog->blogID;
533.             $title = $blog->title;
534.             $image = $blog->image;
535.             $date = $blog->date;
536.             $category = $blog->category;
537.             $user = UserCRUD::getUserByID($blog->userID);
538.             $author = $user->fullName;
539.             $old_text = $blog->text;
540.             $text = substr($old_text, 0, 250);
541.             $text = $text . "...";
542.             $comments = BlogCRUD::getCommentAmmountById($blog->blogID);
543.             $id = $i;
544.             include "views/little_blog.php";
545.         }
546.     }
547.     public static function generateAllBlogsFromCategory($category, $fromDetailpage=false)
548.     {
549.         include_once "database/crud/BlogCRUD.php";
550.         include_once "database/crud/UserCRUD.php";
551.         if($fromDetailpage ==false){
552.             include "views/sidebar.php";
553.         }
554.         $month = date('m');
555.         $year = date('Y');
556.         $allBlogs = BlogCrud::getAllBlogsFromCategory($category);
557.         for ($i = 0; $i < count($allBlogs); $i++) {
558.             $blog = $allBlogs[$i];
559.             $blog_id = $blog->blogID;
560.             $title = $blog->title;
561.             $image = $blog->image;
562.             $date = $blog->date;
563.             $category = $blog->category;
564.             $user = UserCRUD::getUserByID($blog->userID);
565.             $author = $user->fullName;
566.             $old_text = $blog->text;
567.             $text = substr($old_text, 0, 250);
568.             $text = $text . "...";
569.             $comments = BlogCRUD::getCommentAmmountById($blog->blogID);
570.             $id = $i;
571.             include "views/little_blog.php";
572.         }
573.     }
574.     public static function generateAllBlogsFromMonth($month, $fromDetailpage=false)
575.     {
576.         include_once "database/crud/BlogCRUD.php";
577.         include_once "database/crud/UserCRUD.php";
578.         if($fromDetailpage ==false){
579.             include "views/sidebar.php";
580.         }
581.         $year = date('Y');
582.         $allBlogs = BlogCrud::getBlogsByMonth($month, $year);
583.         if(count($allBlogs)<1){
584.             $title = "There are currently no blogs in this month.";
585.             include "views/errormessage.php";
586.         }
587.         else {
588.             for ($i = 0; $i < count($allBlogs); $i++) {
589.                 $blog = $allBlogs[$i];
590.                 $blog_id = $blog->blogID;
591.                 $title = $blog->title;
592.                 $image = $blog->image;
593.                 $date = $blog->date;
594.                 $category = $blog->category;
595.                 $user = UserCRUD::getUserByID($blog->userID);
596.                 $author = $user->fullName;
597.                 $old_text = $blog->text;
598.                 $text = substr($old_text, 0, 250);
599.                 $text = $text . "...";
600.                 $comments = BlogCRUD::getCommentAmmountById($blog->blogID);
601.                 $id = $i;
602.                 include "views/little_blog.php";
603.             }
604.         }
605.     }
606. }
607.  
608. HOVER
609. $(document).ready(function () {
610.     $(".mouseoverArea").hover(
611.         function () {
612.             $(this).find(".popup").show();
613.         },
614.         function () {
615.             $(this).find(".popup").hide();
616.         }
617.     )});
618.  
619. ERRORS
620.  
621. <?php
622. if (count($errors)>0) : ?>
623. <div class="error">
624.     <?php foreach($errors as $error): ?>
625.         <p><?php echo $error?></p>
626.     <?php endforeach;?>
627. </div>
628. <?php endif?>