Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- DATABASE
- <?php
- class DB_connection {
- protected $server;
- protected $username;
- protected $password;
- protected $db_name;
- protected $connection = null;
- public function __construct($server, $username, $password, $db_name)
- {
- $this->server = $server;
- $this->username = $username;
- $this->password = $password;
- $this->db_name = $db_name;
- }
- public function __destruct()
- {
- if ($this->connection != null){
- $this->closeConnection();
- }
- }
- protected function closeConnection(){
- if ($this->connection != null){
- $this->connection->close();
- $this->connection = null;
- }
- }
- protected function createConnection(){
- $this->connection = new mysqli($this->server, $this->username, $this->password, $this->db_name);
- if ($this->connection->connect_error){
- die("Connect Error (". $this->connection->connect_errno . ") " . $this->connection->connect_error);
- }
- }
- protected function antiSqlInjection($value){
- $result = $this->connection->real_escape_string($value);
- return result;
- }
- protected function executeAdvancedSqlQuery($mySqlQuery, $cancelConnection = true, $parameterArray = null) {
- $this->createConnection();
- if ($parameterArray != null) {
- $queryParts = preg_split("/\?/", $mySqlQuery);
- if (count($queryParts) != count($parameterArray) + 1) {
- return false;
- }
- $finalQuery = $queryParts[0];
- for ($index = 0; $index < count($parameterArray); $index++) {
- $finalQuery = $finalQuery . $this->antiSqlInjection($parameterArray[$index]) . $queryParts[$index + 1];
- }
- $mySqlQuery = $finalQuery;
- }
- $result = $this->connection->query($mySqlQuery);
- if ($cancelConnection) {
- $this->closeConnection();
- }
- return $result;
- }
- public function executeSqlQuery($mySqlQuery, $parameterArray = null){
- return $this->executeAdvancedSqlQuery($mySqlQuery, true, $parameterArray);
- }
- }
- <?php
- include_once "DB_connection.php";
- class DB_creds {
- private static $connection;
- public static function getCreds(){
- if (self::$connection == null){
- $server = "dtsl.ehb.be";
- $username = "WDA088";
- $password = "47382165";
- $db_name = "WDA088";
- self::$connection = new DB_connection($server, $username,$password,$db_name);
- }
- return self::$connection;
- }
- }
- ?>
- <?php
- include_once "data/Blog.php";
- include_once "database/connection/DB_creds.php";
- class BlogCRUD
- {
- private static function getConnection(){
- return DB_creds::getCreds();
- }
- public static function getAllBlogs(){
- $myQuery = "SELECT * FROM Blogs";
- $result = self::getConnection()->executeSqlQuery($myQuery);
- $resultArray = array();
- for ($index = 0; $index < $result->num_rows; $index++){
- $row = $result->fetch_array();
- $object = self::convertToObject($row);
- $resultArray[$index] = $object;
- }
- return $resultArray;
- }
- public static function insert($blog) {
- $myQuery = "INSERT INTO Blogs(userID, title, image, category, text) VALUES ('".$blog->userID."','".$blog->title."','".$blog->image."','".$blog->category."','".$blog->text."')";
- return self::getConnection()->executeSqlQuery($myQuery);
- }
- public static function getBlogsByMonth($month, $year, $limit = 1000000){
- $myQuery = "SELECT * FROM Blogs WHERE MONTH(date) = ". $month . " AND year(date) = ". $year . " ORDER BY rand() LIMIT ". $limit;
- $result = self::getConnection()->executeSqlQuery($myQuery);
- $resultArray = array();
- for ($index = 0; $index < $result->num_rows; $index++){
- $row = $result->fetch_array();
- $object = self::convertToObject($row);
- $resultArray[$index] = $object;
- }
- return $resultArray;
- }
- public static function getAllBlogsFromCategory($category){
- $myQuery = "SELECT * FROM Blogs WHERE category =\"" . $category ."\"";
- $result = self::getConnection()->executeSqlQuery($myQuery);
- $resultArray = array();
- for ($index = 0; $index < $result->num_rows; $index++){
- $row = $result->fetch_array();
- $object = self::convertToObject($row);
- $resultArray[$index] = $object;
- }
- return $resultArray;
- }
- public static function get3BlogsFromSameCategory($category, $blogID){
- $myQuery = "SELECT * FROM Blogs WHERE category =\"" . $category ."\" AND blogID !=". $blogID;
- $result = self::getConnection()->executeSqlQuery($myQuery);
- $resultArray = array();
- for ($index = 0; $index < $result->num_rows; $index++){
- $row = $result->fetch_array();
- $object = self::convertToObject($row);
- $resultArray[$index] = $object;
- }
- return $resultArray;
- }
- public static function getThreePopularBlogs(){
- $myQuery = "SELECT blogID, COUNT(blogID) as \"occurences\" FROM Comments GROUP BY blogID ORDER BY occurences DESC LIMIT 3";
- $result = self::getConnection()->executeSqlQuery($myQuery);
- $resultArray = array();
- for ($index = 0; $index < $result->num_rows; $index++){
- $row = $result->fetch_array();
- $id = self::convertToId($row);
- $object = self::getBlogById($id);
- $resultArray[$index] = $object;
- }
- return $resultArray;
- }
- public static function getCommentAmmountById($bID){
- $myQuery = "SELECT COUNT(blogID) as \"comments\" FROM Comments WHERE blogID = ". $bID . " GROUP BY blogID";
- $result = self::getConnection()->executeSqlQuery($myQuery);
- $row = $result->fetch_array();
- return $row["comments"];
- }
- public static function getBlogById($bID){
- $myQuery = "SELECT * FROM Blogs WHERE blogID = " . $bID;
- $result = self::getConnection()->executeSqlQuery($myQuery);
- $row = $result->fetch_array();
- $object = self::convertToObject($row);
- return $object;
- }
- public static function getDistinctCategories(){
- $myQuery = "SELECT DISTINCT category FROM Blogs";
- $result = self::getConnection()->executeSqlQuery($myQuery);
- $resultArray = array();
- for ($index = 0; $index < $result->num_rows; $index++){
- $row = $result->fetch_array();
- $resultArray[$index]= $row["category"];
- }
- return $resultArray;
- }
- public static function deleteById($blogID) {
- include_once "CommentCRUD.php";
- CommentCRUD::deleteAllById($blogID);
- return self::getConnection()->executeSqlQuery("DELETE FROM Blogs WHERE blogID=" . $blogID);
- }
- protected static function convertToObject($row){
- return new Blog($row["blogID"],$row["title"],$row["userID"],$row["image"],$row["date"],$row["category"],$row["text"]);
- }
- protected static function convertToId($row){
- return $row["blogID"];
- }
- }
- REGISTER
- <?php include "validation.php"?>
- <html>
- <head>
- <?php include_once "views/head.php" ?>
- <link rel="stylesheet" type="text/css" href="css/register.css">
- <link rel="stylesheet" type="text/css" href="css/homepage.css">
- <script src="javascript/formValidations.js"></script>
- </head>
- <body>
- <?php
- include "navbar.php";?>
- <div class="header">
- <h2>Register</h2>
- </div>
- <form method="post" action="register.php" onsubmit="return checkRegisterForm();">
- <?php include "errors.php"?>
- <div class="input-group">
- <label for="email">Email</label>
- <input type="email" name="email" value="<?php echo $email?>" id="email">
- </div>
- <div class="input-group">
- <label>Full name</label>
- <input type="text" name="fullName" value="<?php echo $fullName?>" id="fullName">
- </div>
- <div class="input-group">
- <label>Username</label>
- <input type="text" name="username" value="<?php echo $username?>" id="username">
- </div>
- <div class="input-group">
- <label>Password</label>
- <input type="password" name="password_1" id="password_1">
- </div>
- <div class="input-group">
- <label>Confirm password</label>
- <input type="password" name="password_2" id="password_2">
- </div>
- <div class="input-group">
- <button type="submit" name="register" class="btn">Register</button>
- </div>
- <p>Already a member? <a href="login.php">Sign in</a></p>
- </form>
- </div>
- </body>
- </html>
- function checkRegisterForm(){
- //client side validation bij inschrijven
- var email = document.getElementById("email");
- var fullName = document.getElementById("fullName");
- var username = document.getElementById("username");
- var password_1 = document.getElementById("password_1");
- var password_2 = document.getElementById("password_2");
- if(username=="" || password_1=="" || password_2=="" || email=="" || fullName==""){
- alert("Please fill in all fields");
- return false;
- }
- positionAt = email.indexOf("@");
- positionDot = email.lastIndexOf(".");
- if (positionAt<1 || positionDot<positionAt+2 || positionDot+2>=x.length) {
- alert("Not a valid e-mail address");
- return false;
- }
- return true;
- }
- <?php
- session_start();
- include_once "data/User.php";
- include_once "database/crud/UserCRUD.php";
- include_once "data/Session.php";
- include_once "database/crud/SessionCRUD.php";
- include_once "data/Comment.php";
- include_once "database/crud/CommentCRUD.php";
- $username = "";
- $email ="";
- $fullName="";
- $comment_title="";
- $comment_text="";
- $blog_title ="";
- $blog_text="";
- $blog_image_url ="";
- $category_name="";
- $errors = array();
- //wanneer de gehashte cookie gevonden is bij het bezoeken van de website, zal de user automatisch ingelogd worden
- if(isset($_COOKIE["sessionID"])){
- $session = SessionCRUD::getSessionById($_COOKIE["sessionID"]);
- $user = UserCRUD::getUserByID($session->userID);
- $_SESSION["fullName"]= $user->fullName;
- $_SESSION["userID"] = $user->userID;
- $_SESSION["success"] = "You are now logged in";
- }
- //wanneer het register formulier gesubmit wordt, wordt deze hier serverside gevalideerd
- if (isset($_POST["register"])){
- $username =$_POST["username"];
- $email = $_POST["email"];
- $fullName = $_POST["fullName"];
- $password_1 = $_POST["password_1"];
- $password_2 = $_POST["password_2"];
- if (empty($username)){
- array_push($errors, "Username is required");
- }
- if (empty($password_1)){
- array_push($errors, "Password is required");
- }
- if (empty($email)){
- array_push($errors, "Email is required");
- }
- if (empty($fullName)){
- array_push($errors, "Full name is required");
- }
- if($password_1 != $password_2){
- array_push($errors, "Please make sure the two passwords match");
- }
- if (count($errors) == 0){
- $password = md5($password_1);
- $date = date("Y-m-d");
- $user = new User(1, $username, $password, $email, $date, $fullName);
- UserCRUD::insert($user);
- $_SESSION["fullName"] = $fullName;
- $_SESSION["success"] = "You are now logged in";
- header("location: index.php");
- }
- }
- //logout: beëindigen van sessie, "verwijderen" van cookie & sessie variabelen
- if (isset($_GET["logout"])){
- session_destroy();
- setcookie("sessionID", "", time()-3600);
- unset($_SESSION["success"]);
- unset($_SESSION["fullName"]);
- unset($_SESSION["userID"]);
- header("location: login.php");
- }
- //login: inloggen van gebruiker, valideren van info, wanneer dit succesvol gebeurt en de gebruiker gekozen heeft om in de toekomst automatisch herkend te worden wordt een cookie voor tien jaar opgeslaan met als waarde de gehashte sessionid
- if (isset($_POST["login"])){
- $username =$_POST["username"];
- $password = $_POST["password"];
- if(isset($_POST["remember_me"])){
- $remember_me = $_POST["remember_me"];
- }
- if (empty($username)){
- array_push($errors, "Username is required");
- }
- if (empty($password)){
- array_push($errors, "Password is required");
- }
- if (count($errors) == 0) {
- $password = md5($password);
- $user = UserCRUD::getUserByLogin($username,$password);
- if ($user->username == $username && $user->password){
- $_SESSION["fullName"]= $user->fullName;
- $_SESSION["userID"] = $user->userID;
- $_SESSION["success"] = "You are now logged in";
- if($remember_me == true){
- $sessionID = md5(session_id());
- SessionCRUD::insert($sessionID, $user->userID);
- setcookie("sessionID", "$sessionID", time()+60*60*24*365*10);
- }
- header("location: index.php");
- } else{
- array_push($errors, "wrong username/password");
- }
- }
- }
- //server side validatie van commentcreation
- if (isset($_POST["comment"])){
- $comment_title =$_POST["comment_title"];
- $comment_text = $_POST["comment_text"];
- $blog_id = $_POST["blog_id"];
- if (empty($comment_title)){
- array_push($errors, "Please fill in a title for your comment");
- }
- if (empty($comment_text)){
- array_push($errors, "Please enter your comment");
- }
- if (count($errors) == 0){
- if(isset($_COOKIE["sessionID"])){
- $session = SessionCRUD::getSessionById($_COOKIE["sessionID"]);
- $user = UserCRUD::getUserByID($session->userID); }
- else {
- $user = UserCRUD::getUserByID($_SESSION["userID"]);
- }
- $date = date("Y-m-d");
- $comment = new Comment(1, $date, $user->userID, $blog_id, $comment_title, $comment_text);
- CommentCRUD::insert($comment);
- header("location: blogdetail.php?id=".$blog_id);
- }
- }
- //server side validatie van blogcreation
- if (isset($_POST["blog_create"])){
- include "data/Blog.php";
- include "database/crud/BlogCRUD.php";
- $blog_title =$_POST["blog_title"];
- $blog_text = $_POST["blog_text"];
- $blog_category = $_POST["blog_category"];
- $image_url = $_POST["image_url"];
- if (empty($blog_title)){
- array_push($errors, "Please fill in a title for your blog");
- }
- if (empty($blog_text)){
- array_push($errors, "Please enter your text");
- }
- if (empty($image_url)){
- array_push($errors, "Please enter an image URL");
- }
- if (empty($blog_category)){
- array_push($errors, "Please enter a valid category");
- }
- if (count($errors) == 0){
- if(isset($_COOKIE["sessionID"])){
- $session = SessionCRUD::getSessionById($_COOKIE["sessionID"]);
- $user = UserCRUD::getUserByID($session->userID); }
- else {
- $user = UserCRUD::getUserByID($_SESSION["userID"]);
- }
- $date = date("Y-m-d");
- $blog = new Blog(1,$blog_title, $user->userID, $image_url, $date, $blog_category, $blog_text);
- BlogCRUD::insert($blog);
- header("location: blogs.php");
- }
- }
- //server side validatie bij het aanmken van categorieën
- if (isset($_POST["category"])){
- $category =$_POST["category_name"];
- if (empty($category)){
- array_push($errors, "Please enter a category name");
- }
- if (count($errors) == 0){
- include_once "data/Category.php";
- include_once "database/crud/CategoryCRUD.php";
- $category = new Category(1,$category);
- CategoryCRUD::insert($category);
- header("location: index.php");
- }
- }
- //admin verwijdert een blog (comments van de blog worden ook verwijderd in de crud methodes
- if (isset($_POST["delete_blog"])){
- $blog_id = $_POST["blogID"];
- include_once "database/crud/BlogCRUD.php";
- BlogCRUD::deleteById($blog_id);
- header("location: blogs.php");
- }
- ?>
- LOADCATEGORY
- $(document).ready(function(){
- $(".cat_side").click(function(){
- var category = $(this).text();
- $("#all_blogs").load("load_category.php", {
- cat_parameter: category
- });
- })
- });
- <?php
- $category = $_POST["cat_parameter"];
- include_once "database/crud/BlogCRUD.php";
- Blog::generateAllBlogsFromCategory($category);
- ?>
- MODEL
- <?php
- class Blog {
- public $blogID;
- public $title;
- public $userID;
- public $image;
- public $date;
- public $category;
- public $text;
- public function __construct($blogID, $title, $userID, $image, $date, $category, $text)
- {
- $this->blogID = $blogID;
- $this->title = $title;
- $this->userID = $userID;
- $this->image = $image;
- $date= strtotime($date);
- $date = date('d-m-Y', $date);
- $this->date = $date;
- $this->category = $category;
- $this->text = $text;
- }
- public static function generate3RandomBlogs()
- {
- include_once "database/crud/BlogCRUD.php";
- include_once "database/crud/UserCRUD.php";
- $month = date('m');
- $year = date('Y');
- $blogsMonth = BlogCrud::getBlogsByMonth($month, $year,3);
- for ($i = 0; $i < count($blogsMonth); $i++) {
- $blog = $blogsMonth[$i];
- $blog_id = $blog->blogID;
- $title = $blog->title;
- $image = $blog->image;
- $date = $blog->date;
- $category = $blog->category;
- $user = UserCRUD::getUserByID($blog->userID);
- $author = $user->fullName;
- $old_text = $blog->text;
- $text = substr($old_text, 0, 250);
- $text = $text . "...";
- $comments = BlogCRUD::getCommentAmmountById($blog->blogID);
- if($comments==0){
- $comments = 0;
- }
- $id = $i+3;
- include "views/little_blog.php";
- }
- }
- public static function generate3PopularBlogs()
- {
- include_once "database/crud/BlogCRUD.php";
- include_once "database/crud/UserCRUD.php";
- $blogsMonth = BlogCrud::getThreePopularBlogs();
- for ($i = 0; $i < count($blogsMonth); $i++) {
- $blog = $blogsMonth[$i];
- $blog_id = $blog->blogID;
- $title = $blog->title;
- $image = $blog->image;
- $date = $blog->date;
- $category = $blog->category;
- $user = UserCRUD::getUserByID($blog->userID);
- $author = $user->fullName;
- $old_text = $blog->text;
- $text = substr($old_text, 0, 250);
- $text = $text . "...";
- $comments = BlogCRUD::getCommentAmmountById($blog->blogID);
- if($comments==0){
- $comments = 0;
- }
- $id = $i;
- include "views/little_blog.php";
- }
- }
- public static function generateAllBlogs()
- {
- include_once "database/crud/BlogCRUD.php";
- include_once "database/crud/UserCRUD.php";
- $month = date('m');
- $year = date('Y');
- $allBlogs = BlogCrud::getAllBlogs();
- for ($i = 0; $i < count($allBlogs); $i++) {
- $blog = $allBlogs[$i];
- $blog_id = $blog->blogID;
- $title = $blog->title;
- $image = $blog->image;
- $date = $blog->date;
- $category = $blog->category;
- $user = UserCRUD::getUserByID($blog->userID);
- $author = $user->fullName;
- $old_text = $blog->text;
- $text = substr($old_text, 0, 250);
- $text = $text . "...";
- $comments = BlogCRUD::getCommentAmmountById($blog->blogID);
- $id = $i;
- include "views/little_blog.php";
- }
- }
- public static function generateAllBlogsFromCategory($category, $fromDetailpage=false)
- {
- include_once "database/crud/BlogCRUD.php";
- include_once "database/crud/UserCRUD.php";
- if($fromDetailpage ==false){
- include "views/sidebar.php";
- }
- $month = date('m');
- $year = date('Y');
- $allBlogs = BlogCrud::getAllBlogsFromCategory($category);
- for ($i = 0; $i < count($allBlogs); $i++) {
- $blog = $allBlogs[$i];
- $blog_id = $blog->blogID;
- $title = $blog->title;
- $image = $blog->image;
- $date = $blog->date;
- $category = $blog->category;
- $user = UserCRUD::getUserByID($blog->userID);
- $author = $user->fullName;
- $old_text = $blog->text;
- $text = substr($old_text, 0, 250);
- $text = $text . "...";
- $comments = BlogCRUD::getCommentAmmountById($blog->blogID);
- $id = $i;
- include "views/little_blog.php";
- }
- }
- public static function generateAllBlogsFromMonth($month, $fromDetailpage=false)
- {
- include_once "database/crud/BlogCRUD.php";
- include_once "database/crud/UserCRUD.php";
- if($fromDetailpage ==false){
- include "views/sidebar.php";
- }
- $year = date('Y');
- $allBlogs = BlogCrud::getBlogsByMonth($month, $year);
- if(count($allBlogs)<1){
- $title = "There are currently no blogs in this month.";
- include "views/errormessage.php";
- }
- else {
- for ($i = 0; $i < count($allBlogs); $i++) {
- $blog = $allBlogs[$i];
- $blog_id = $blog->blogID;
- $title = $blog->title;
- $image = $blog->image;
- $date = $blog->date;
- $category = $blog->category;
- $user = UserCRUD::getUserByID($blog->userID);
- $author = $user->fullName;
- $old_text = $blog->text;
- $text = substr($old_text, 0, 250);
- $text = $text . "...";
- $comments = BlogCRUD::getCommentAmmountById($blog->blogID);
- $id = $i;
- include "views/little_blog.php";
- }
- }
- }
- }
- HOVER
- $(document).ready(function () {
- $(".mouseoverArea").hover(
- function () {
- $(this).find(".popup").show();
- },
- function () {
- $(this).find(".popup").hide();
- }
- )});
- ERRORS
- <?php
- if (count($errors)>0) : ?>
- <div class="error">
- <?php foreach($errors as $error): ?>
- <p><?php echo $error?></p>
- <?php endforeach;?>
- </div>
- <?php endif?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement