changed files to more updated version

dev_mvc/controller/db/DBBoard.php

@@ -0,0 +1,12 @@
+<?php
+require_once './controller/db/Database.php';
+class DBBoard extends Database{
+	static function getBoards():array
+	{
+		$con = self::connectToDB();
+		$query = $con->prepare("SELECT * FROM board");
+		$query->execute();
+		return $query->fetchAll(PDO::FETCH_BOTH);
+	}
+	
+}

dev_mvc/controller/db/DBReply.php

@@ -0,0 +1,39 @@
+<?php
+require_once './controller/db/Database.php';
+
+class DBReply extends Database{
+	static function createReply($uid, $threadID, $content){
+		$con = self::connectToDB();
+		$query = $con->prepare("INSERT INTO reply (thread_ID, users_ID, content) VALUES (:tid, :uid, :content);");
+		$query->bindParam(":uid", $uid);
+		$query->bindParam(":tid", $threadID);
+		$query->bindParam(":content", $content);
+		echo "$uid, $threadID, $content";
+		$query->execute();
+	}
+	static function getReplyByID($id):array
+	{
+		$con = self::connectToDB();
+		$query = $con->prepare("SELECT * FROM reply WHERE id = :id");
+		$query->bindParam(":id", $id);
+		$query->execute();
+		return $query->fetch(PDO::FETCH_BOTH);
+		
+	}
+	static function getRepliesByThreadID($tid):array
+	{
+		$con = self::connectToDB();
+		$query = $con->prepare("SELECT * FROM reply WHERE thread_ID = :tid");
+		$query->bindParam(":tid", $tid);
+		$query->execute();
+		return $query->fetchAll(PDO::FETCH_BOTH);
+	}
+	static function getLastReplyByThreadID():array
+	{
+		$con = self::connectToDB();
+		$query = $con->prepare("SELECT * FROM reply WHERE thread_ID = :tid ORDER BY date_created DESC LIMIT 1");
+		$query->bindParam(":tid", $tid);
+		$query->execute();
+		return $query->fetch(PDO::FETCH_BOTH);
+	}
+}

dev_mvc/controller/db/DBThread.php

@@ -0,0 +1,37 @@
+<?php
+require_once './model/forum/Thread.php';
+class DBThread extends Database {
+	static function getThreadByID($id){
+		$con = self::connectToDB();
+		$query = $con->prepare("SELECT * FROM thread WHERE ID = :id");
+		$query->bindParam(":id", $id);
+		$query->execute();
+		return $query->fetch(PDO::FETCH_BOTH);
+	}
+	static function getThreadsByBoard($boardID){
+		$con = self::connectToDB();
+		$query = $con->prepare("SELECT * FROM thread WHERE board_ID = :boardID");
+		$query->bindParam(":boardID", $boardID);
+		$query->execute();
+		return $query->fetchAll(PDO::FETCH_BOTH);
+	}
+	static function createThread($threadObject){
+		$con = self::connectToDB();
+		$query = $con->prepare(	"INSERT INTO thread" . 
+								"(users_ID, board_ID, title, text)" . 
+								"VALUES (:uid, :bid, :title, :content);");
+		
+		$uid = $threadObject->getUserID();
+		$bid = $threadObject->getBoardID();
+		$title = $threadObject->getTitle();
+		$content = $threadObject->getContent();
+		
+		$query->bindParam(":uid", $uid);
+		$query->bindParam(":bid", $bid);
+		$query->bindParam(":title", $title);
+		$query->bindParam(":content", $content);
+		$query->execute();
+	}
+	
+}
+

dev_mvc/controller/db/DBUser.php

@@ -0,0 +1,134 @@
+<?php
+class DBUser extends Database
+{
+	static function isUserActive($uid){
+		$user = self::getUserByUID($uid);
+		if($user['active']){
+			return true;
+		}
+		else{
+			return false;
+		}
+	}
+	static function getUserByUID($uid){
+		$con = self::connectToDB();
+		$query = $con->prepare("SELECT * FROM users WHERE ID = :uid");
+		$query->bindParam(":uid", $uid);
+		$query->execute();
+		return $query->fetch(PDO::FETCH_BOTH);
+	}
+	
+	
+	//Controleert of het email adres al in de database voorkomt. Returnt true indien wel.
+	static function checkUsedEmail($email){
+		//Verbind met de database
+		$con = Database::connectToDB();
+		//Bereid query voor
+		$query = $con->prepare("SELECT * FROM users where email = :email");
+		//Bind parameters
+		$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
+		//Voer de query uit
+		$query->execute();
+		//Check de hoeveelheid rijen die de database returnt.
+		if($query->rowCount() == 0){
+			//Email adres is niet in gebruik, return false
+			return false;
+		}
+		else{
+			//Email is al in gebruik of komt meer dan een keer voor. Beide gevallen zijn een probleem dus return true.
+			return true;
+		}
+	}
+	//Controleert of de gebruikersnaam al in de database voorkomt. Returnt true indien wel.
+	static function checkUsedUsername($username){
+		$con = Database::connectToDB();
+		//Bereid query voor
+		$query = $con->prepare("SELECT * FROM users where username = :username");
+		//Bind parameters
+		$query->bindParam(':username', $username, PDO::PARAM_STR, 256);
+		//Voer de query uit
+		$query->execute();
+		//Check de hoeveelheid rijen die de database returnt.
+		if($query->rowCount() == 0){
+			//Username adres is niet in gebruik, return false
+			return false;
+		}
+		else{
+			//Username is al in gebruik of komt meer dan een keer voor. Beide gevallen zijn een probleem dus return true.
+			return true;
+		}
+	}
+	//Registreert een gebruiker. Neemt als invoer email, wachtwoord, gebruikersnaam. en email activation key. Nog niet volledig geimplementeerd
+	static function registerUser($email, $password, $username){
+		$ip = $_SERVER['REMOTE_ADDR'];
+		//Initit db connection
+		$con = Database::connectToDB();
+		//Bereid query voor
+		$query = $con->prepare("INSERT INTO users (username, email, password, reg_ip) VALUES (:username, :email, :password, :ip)");
+		//Bind parameters
+		$query->bindParam(':username', $username, PDO::PARAM_STR, 256);
+		$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
+		$query->bindParam(':password', $password, PDO::PARAM_STR, 256);
+		$query->bindParam(':ip', $ip, PDO::PARAM_STR, 256);
+		//Voer query uit
+		$query->execute();
+	}
+	//Check of gegeven login info in de database voorkomt
+	static function isLoginValid($email, $password){
+		//Init db connection
+		$con = Database::connectToDB();
+		//Bereid query voor
+		$query = $con->prepare("SELECT * FROM users where email = :email AND password = :password");
+		//Bind params
+		$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
+		$query->bindParam(':password', $password, PDO::PARAM_STR, 256);
+		//Voer query it
+		$query->execute();
+		//Check hoeveelheid teruggestuurde rijen
+		if($query->rowCount() == 1){
+			//login correct (komt voor in de db)
+			return true;
+		}
+		else{
+			//Incorrect
+			return false;
+		}
+	}
+	//Vraag gebruikers ID op doormiddel van email en pass
+	static function getUID($email, $password){
+		//Init db connection
+		$con = Database::connectToDB();
+		//Bereid query voor
+		$query = $con->prepare("SELECT id FROM users where email = :email AND password = :password");
+		//Bind params
+		$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
+		$query->bindParam(':password', $password, PDO::PARAM_STR, 256);
+		//Voer query it
+		$query->execute();
+		//Check hoeveelheid teruggestuurde rijen
+		if($query->rowCount() == 1){
+			//login correct, return uid
+			$result = $query->fetch(PDO::FETCH_COLUMN);
+			return $result;
+		}
+		else{
+			//something went wrong, return -1
+			return -1;
+		}
+	}
+	static function getUsername($uid){
+		$con = Database::connectToDB();
+		$query = $con->prepare("SELECT username FROM users where id = :uid");
+		$query->bindParam(':uid', $uid, PDO::PARAM_STR, 256);
+		$query->execute();
+		if($query->rowCount() == 1){
+			//login correct, return uid
+			$result = $query->fetch(PDO::FETCH_COLUMN);
+			return $result;
+		}
+		else{
+			//something went wrong, return -1
+			return "db_user_invalid";
+		}
+	}
+}

dev_mvc/controller/db/Database.php

@@ -0,0 +1,172 @@
+<?php
+Class Database{
+	static function connectToDB(){
+		//Defineer vars
+		$sql_server = "localhost";
+		$sql_username = "root";
+		$sql_password = "kankerlow";
+		$sql_database = "webforum";
+		$dsn = "mysql:host=$sql_server;dbname=$sql_database";
+		//Maak verbinding
+		$con = new PDO($dsn, $sql_username, $sql_password);
+		return $con;
+	}
+	
+	/***
+	 *      ______ __  __          _____ _                 _____ _______ _______      __  _______ _____ ____  _   _
+	 *     |  ____|  \/  |   /\   |_   _| |          /\   / ____|__   __|_   _\ \    / /\|__   __|_   _/ __ \| \ | |
+	 *     | |__  | \  / |  /  \    | | | |         /  \ | |       | |    | |  \ \  / /  \  | |    | || |  | |  \| |
+	 *     |  __| | |\/| | / /\ \   | | | |        / /\ \| |       | |    | |   \ \/ / /\ \ | |    | || |  | | . ` |
+	 *     | |____| |  | |/ ____ \ _| |_| |____   / ____ \ |____   | |   _| |_   \  / ____ \| |   _| || |__| | |\  |
+	 *     |______|_|  |_/_/    \_\_____|______| /_/    \_\_____|  |_|  |_____|   \/_/    \_\_|  |_____\____/|_| \_|
+	 *
+	 *
+	 ***/
+	
+	//Kijk of de user activation key al bestaat in de databse.
+	static function doesUserActivationKeyExist($activationKey){
+		$con = Database::connectToDB();
+		$query = $con->prepare("SELECT * FROM email_activation_keys WHERE activationkey = :activationKey");
+		$query->bindParam(':activationKey', $activationKey, PDO::PARAM_STR, 256);
+		$query->execute();
+		if($query->rowCount() == 0){
+			//bestaat nog niet
+			return false;
+		}
+		else{
+			//bestaat al
+			return true;
+		}
+	}
+	static function registerActivationKey($users_id, $activationKey){
+		$con = Database::connectToDB();
+		$query = $con->prepare("INSERT INTO email_activation_keys (users_id, activationkey) VALUES (:users_id, :activationkey)");
+		$query->bindParam(':users_id', $users_id);
+		$query->bindParam(':activationkey', $activationKey);
+		$query->execute();
+	}
+	
+	
+	
+	//Activeer gebruiker en verwijder activation key uit de activation key tabel
+	static function activateUser($activationKey){
+		$con = Database::connectToDb();
+		$query = $con->prepare("SELECT users_id FROM email_activation_keys WHERE activationKey = :activationKey");
+		$query->bindParam('activationKey', $activationKey);
+		$query->execute();
+		$result = -1;
+		if($query->rowCount() == 1){
+			//login correct, return uid
+			$result = $query->fetch(PDO::FETCH_COLUMN);
+		}
+		else{
+			//activation key komt niet voor in de db, return -1
+			return -1;
+		}
+		$id = $result;
+		$query = null;
+		$query = $con->prepare("UPDATE users SET active = 1 WHERE id = :id and active = 0");
+		$query->bindParam(':id',$id,PDO::PARAM_INT);
+		$query->execute();
+	}
+	
+	/***
+	 *       _____ ______  _____ _____ _____ ____  _   _   _______ ____  _  ________ _   _  _____
+	 *      / ____|  ____|/ ____/ ____|_   _/ __ \| \ | | |__   __/ __ \| |/ /  ____| \ | |/ ____|
+	 *     | (___ | |__  | (___| (___   | || |  | |  \| |    | | | |  | | ' /| |__  |  \| | (___
+	 *      \___ \|  __|  \___ \\___ \  | || |  | | . ` |    | | | |  | |  < |  __| | . ` |\___ \
+	 *      ____) | |____ ____) |___) |_| || |__| | |\  |    | | | |__| | . \| |____| |\  |____) |
+	 *     |_____/|______|_____/_____/|_____\____/|_| \_|    |_|  \____/|_|\_\______|_| \_|_____/
+	 *
+	 ***/
+	
+	
+	static function isSessionTokenInUse($token){
+		//Init db connection
+		$con = Database::connectToDB();
+		//Bereid query voor
+		$query = $con->prepare("SELECT * FROM usersessions where token = :token");
+		//Bind params
+		$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
+		//Voer query it
+		$query->execute();
+		//Check hoeveelheid teruggestuurde rijen
+		if($query->rowCount() == 0){
+			return false;
+		}
+		else{
+			return true;
+		}
+	}
+	static function registerNewSession($uid, $token, $expires){
+		//Init db connection
+		$con = Database::connectToDB();
+		//Bereid query voor
+		$query = $con->prepare("INSERT INTO usersessions (uid, token, expires) VALUES (:uid, :token, :expires)");
+		//Bind params
+		$query->bindParam(':uid', $uid, PDO::PARAM_INT);
+		$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
+		$query->bindParam(':expires', $expires, PDO::PARAM_STR);
+		//Voer query it
+		$query->execute();
+	}
+	static function isSessionValid($token, $uid){
+		//Init db connection
+		$con = Database::connectToDB();
+		//Bereid query voor
+		$query = $con->prepare("SELECT * FROM usersessions where token = :token AND uid = :uid AND expires > NOW()");
+		//Bind params
+		$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
+		$query->bindParam(':uid', $uid, PDO::PARAM_STR, 256);
+		//Voer query it
+		$query->execute();
+		//Check hoeveelheid teruggestuurde rijen
+		if($query->rowCount() == 1){
+			return true;
+		}
+		else{
+			return false;
+		}
+	}
+	static function invalidateSession($token){
+		//Init db connection
+		$con = Database::connectToDB();
+		//Bereid query voor
+		$query = $con->prepare("DELETE FROM usersessions WHERE token = :token");
+		//Bind params
+		$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
+		//Voer query it
+		$query->execute();
+	}
+	static function invalidateSessionByUID($uid){
+		//Init db connection
+		$con = Database::connectToDB();
+		//Bereid query voor
+		$query = $con->prepare("DELETE FROM usersessions WHERE uid = :uid");
+		//Bind params
+		$query->bindParam(':token', $uid, PDO::PARAM_INT);
+		//Voer query it
+		$query->execute();
+	}
+	static function deleteExpiredSessions(){
+		$con = Database::connectToDB();
+		//Bereid query voor
+		$query = $con->prepare("DELETE FROM usersessions WHERE expires < NOW()");
+		$query->execute();
+	}
+	static function getSessionExpiryDate($token){
+		$con = Database::connectToDB();
+		$query = $con->prepare("SELECT expires FROM usersessions where token = :token");
+		$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
+		$query->execute();
+		if($query->rowCount() == 1){
+			//login correct, return uid
+			$result = $query->fetch(PDO::FETCH_COLUMN);
+			return $result;
+		}
+		else{
+			//something went wrong, return an invalid date.
+			return "2000-01-01 00:00:00";
+		}
+	}
+}