Added missing tables structure

RestControllers/CommentsController.php

@@ -190,7 +190,7 @@ class CommentsController {
 		$data["userID"] = $comment->get_userID();
 		$data["postID"] = $comment->get_postID();
 		$data["time_sent"] = $comment->get_time_sent();
-		$data["content"] = $comment->has_content() ? utf8_encode($comment->get_content()) : "";
+		$data["content"] = $comment->has_content() ? $comment->get_content() : "";
 
 		$data["img_path"] = $comment->has_img_path() ? $comment->get_img_path() : null;
 		$data["img_url"] = $comment->has_img_url() ? $comment->get_img_url() : null;

RestControllers/GroupsController.php

@@ -0,0 +1,778 @@
+<?php
+/**
+ * API Groups controller
+ * 
+ * @author Pierre HUBERT
+ */
+
+class GroupsController {
+	
+	/**
+	 * API groups registration levels
+	 */
+	const GROUPS_REGISTRATION_LEVELS = array(
+		GroupInfo::OPEN_REGISTRATION => "open",
+		GroupInfo::MODERATED_REGISTRATION => "moderated",
+		GroupInfo::CLOSED_REGISTRATION => "closed"
+	);
+
+	/**
+	 * API groups membership levels
+	 */
+	const GROUPS_MEMBERSHIP_LEVELS = array(
+		GroupMember::ADMINISTRATOR => "administrator",
+		GroupMember::MODERATOR => "moderator",
+		GroupMember::MEMBER => "member",
+		GroupMember::INVITED => "invited",
+		GroupMember::PENDING => "pending",
+		GroupMember::VISITOR => "visitor"
+	);
+
+	/**
+	 * API groups visibility levels
+	 */
+	const GROUPS_VISIBILITY_LEVELS = array(
+		GroupInfo::OPEN_GROUP => "open",
+		GroupInfo::PRIVATE_GROUP => "private",
+		GroupInfo::SECRET_GROUP => "secrete"
+	);
+
+	/**
+	 * API posts creation levels
+	 */
+	const GROUPS_POSTS_LEVELS = array(
+		GroupInfo::POSTS_LEVEL_MODERATORS => "moderators",
+		GroupInfo::POSTS_LEVEL_ALL_MEMBERS => "members"
+	);
+
+	/**
+	 * Create a group
+	 * 
+	 * @url POST /groups/create
+	 */
+	public function create(){
+
+		//Login required
+		user_login_required();
+
+		//Get the name of the new group
+		$name = postString("name", 3);
+
+		//Prepare group creation
+		$newGroup = new NewGroup();
+		$newGroup->set_name($name);
+		$newGroup->set_userID(userID);
+		$newGroup->set_time_sent(time());
+
+		//Try to create the group
+		$groupID = components()->groups->create($newGroup);
+
+		//Check for errors
+		if($groupID < 1)
+			Rest_fatal_error(500, "An error occurred while trying to create the group!");
+		
+		//Success
+		return array(
+			"success" => "The group has been successfully created!",
+			"id" => $groupID
+		);
+	}
+
+	/**
+	 * Get information about a group
+	 * 
+	 * @url POST /groups/get_info
+	 */
+	public function getInfo(){
+
+		//Get the ID of the requested group
+		$groupID = getPostGroupIdWithAccess("id", GroupInfo::LIMITED_ACCESS);
+
+		//Get information about the group
+		$group = components()->groups->get_info($groupID);
+
+		//Check if the group was not found
+		if(!$group->isValid())
+			Rest_fatal_error(404, "The requested group was not found !");
+		
+		//Parse and return information about the group
+		return self::GroupInfoToAPI($group);
+	}
+
+	/**
+	 * Get information about multiple groups
+	 * 
+	 * @url POST /groups/get_multiple_info
+	 */
+	public function getMultipleInfo(){
+
+		//Get the IDs of requested groups
+		$IDs = numbers_list_to_array(postString("list", 1));
+
+		//Process the list of groups
+		foreach($IDs as $groupID){
+
+			//Check if the group exists or not
+			if(!components()->groups->exists($groupID))
+				Rest_fatal_error(404, "Group ".$groupID." not found!");
+
+			//Check the user is allowed to access this group information
+			if(components()->groups->getAccessLevel($groupID, userID) < GroupInfo::LIMITED_ACCESS)
+				Rest_fatal_error(404, "Group ".$groupID." not found!");
+			
+			//Get the group information
+			$group = components()->groups->get_info($groupID);
+
+			if(!$group->isValid())
+				Rest_fatal_error(500, "Could not get a group information!");
+			
+			$IDs[$groupID] = self::GroupInfoToAPI($group);
+		}
+
+		return $IDs;
+	}
+
+	/**
+	 * Get advanced information about a group
+	 * 
+	 * @url POST /groups/get_advanced_info
+	 */
+	public function getAdvancedInfo(){
+
+		//Get the ID of the requested group
+		$groupID = getPostGroupIdWithAccess("id", GroupInfo::VIEW_ACCESS);
+
+		//Get information about the group
+		$group = components()->groups->get_advanced_info($groupID);
+
+		//Check if the group was not found
+		if(!$group->isValid())
+			Rest_fatal_error(404, "The requested group was not found !");
+		
+		//If the user is signed in, check whether he is liking and following or not the group
+		if(userID > 0) {
+			$group->setLiking(components()->likes->is_liking(
+				userID, $group->get_id(), Likes::LIKE_GROUP));
+
+			
+			$group->set_following(components()->groups->isFollowing(
+				userID, $group->get_id()
+			));
+		}
+
+		//Parse and return information about the group
+		return self::AdvancedGroupInfoToAPI($group);
+	}
+
+	/**
+	 * Get the settings of a group
+	 * 
+	 * @url POST /groups/get_settings
+	 */
+	public function getSettings(){
+
+		user_login_required();
+
+		//Get the ID of the group (with admin access)
+		$groupID = getPostGroupIdWithAccess("id", GroupInfo::ADMIN_ACCESS);
+
+		//Retrieve the settings of the group
+		$settings = components()->groups->get_settings($groupID);
+
+		//Check for error
+		if(!$settings->isValid())
+			Rest_fatal_error(500, "Could not get the settings of the group!");
+		
+		//Return parsed settings
+		return self::GroupSettingsToAPI($settings);
+	}
+
+	/**
+	 * Set (update) the settings of a group
+	 * 
+	 * @url POST /groups/set_settings
+	 */
+	public function setSettings(){
+
+		user_login_required();
+
+		//Get the ID of the group (with admin access)
+		$groupID = getPostGroupIdWithAccess("id", GroupInfo::ADMIN_ACCESS);
+
+		//Create and fill a GroupSettings object with new values
+		$settings = new GroupSettings();
+		$settings->set_id($groupID);
+		$settings->set_name(postString("name", 3));
+		$settings->set_description(removeHTMLnodes(postString("description", 0)));
+		
+		//Get group URL
+		$url = postString("url", 0);
+		if($url != ""){
+			if(!filter_var($url, FILTER_VALIDATE_URL))
+				Rest_fatal_error(401, "Invalid group URL!");
+			
+			$settings->set_url($url);
+		}
+
+		//Get group visibility
+		$visiblity = postString("visibility", 3);
+		$levels = array_flip(self::GROUPS_VISIBILITY_LEVELS);
+		if(!isset($levels[$visiblity]))
+			Rest_fatal_error(400, "Unrecognized group visibility level!");
+		$settings->set_visibility($levels[$visiblity]);
+
+		//Get group registration level
+		$registration_level = postString("registration_level", 3);
+		$levels = array_flip(self::GROUPS_REGISTRATION_LEVELS);
+		if(!isset($levels[$registration_level]))
+			Reset_fatal_error(400, "Unrecognized group registration level!");
+		$settings->set_registration_level($levels[$registration_level]);
+
+		//Get group posts creation levels
+		$postsLevel = postString("posts_level", 3);
+		$levels = array_flip(self::GROUPS_POSTS_LEVELS);
+		if(!isset($levels[$postsLevel]))
+			Rest_fatal_error(400, "Unrecognized group posts level!");
+		$settings->set_posts_level($levels[$postsLevel]);
+
+		//Get and check group virtual directory
+		$virtualDirectory = postString("virtual_directory", 0);
+		if($virtualDirectory != ""){
+
+			$virtualDirectory = getPostVirtualDirectory("virtual_directory");
+
+			//Check virtual directory availability
+			if(!checkVirtualDirectoryAvailability($virtualDirectory, $groupID, TRUE))
+				Rest_fatal_error(401, "The virtual directory seems not to be available!");
+			
+			$settings->set_virtual_directory($virtualDirectory);
+
+		}
+
+		//Try to save the new settings of the group
+		if(!components()->groups->set_settings($settings))
+			Rest_fatal_error(500, "An error occured while trying to update group settings!");
+		
+		return array("success" => "Group settings have been successfully updated!");
+	}
+
+	/**
+	 * Check the availability of a virtual directory
+	 * 
+	 * @url POST /groups/checkVirtualDirectory
+	 */
+	public function checkVirtualDirectory() : array {
+
+		//Get the ID of the group to check
+		$groupID = getPostGroupIdWithAccess("groupID", GroupMember::ADMINISTRATOR);
+
+		//Get post virtual directory
+		$virtualDirectory = getPostVirtualDirectory("directory");
+
+		//Check virtual directory availability
+		if(!checkVirtualDirectoryAvailability($virtualDirectory, $groupID, TRUE))
+			Rest_fatal_error(401, "The virtual directory seems not to be available!");
+		
+		//The directory is available
+		return array("success" => "The directory is available!");
+	}
+
+	/**
+	 * Change (update) the logo of the group
+	 * 
+	 * @url POST /groups/upload_logo
+	 */
+	public function uploadLogo(){
+
+		user_login_required();
+
+		//Get the ID of the group (with admin access)
+		$groupID = getPostGroupIdWithAccess("id", GroupInfo::ADMIN_ACCESS);
+
+		//Check if it is a valid file
+		if(!check_post_file("logo"))
+			Rest_fatal_error(400, "An error occurred while receiving logo !");
+		
+		//Delete any previous logo
+		if(!components()->groups->deleteLogo($groupID))
+			Rest_fatal_error(500, "An error occurred while trying to delete previous group logo!");
+		
+		//Save the new group logo
+		$file_path = save_post_image("logo", 0, GroupInfo::PATH_GROUPS_LOGO, 500, 500);
+
+		//Update the settings of the group
+		$settings = components()->groups->get_settings($groupID);
+		$settings->set_logo($file_path);
+		
+		if(!components()->groups->set_settings($settings))
+			Rest_fatal_error(500, "Could not save information about new group logo!");
+		
+		//Success
+		return array(
+			"success" => "The new group logo has been successfully saved !",
+			"url" => $settings->get_logo_url()
+		);
+	}
+
+	/**
+	 * Delete a group logo
+	 * 
+	 * @url POST /groups/delete_logo
+	 */
+	public function deleteLogo(){
+
+		user_login_required();
+
+		//Get the ID of the group (with admin access)
+		$groupID = getPostGroupIdWithAccess("id", GroupInfo::ADMIN_ACCESS);
+
+		//Try to delete group logo
+		if(!components()->groups->deleteLogo($groupID))
+			Rest_fatal_error(500, "An error occurred while trying to delete group logo!");
+		
+		//Success
+		return array(
+			"success" => "The group logo has been successfully deleted!",
+			"url" => components()->groups->get_settings($groupID)->get_logo_url()
+		);
+	}
+
+	/**
+	 * Get the entire list of the members of a group
+	 * 
+	 * @url POST /groups/get_members
+	 */
+	public function getMembers(){
+
+		user_login_required();
+
+		//Get the ID of the group (with admin access)
+		$groupID = getPostGroupIdWithAccess("id", GroupInfo::MODERATOR_ACCESS);
+
+		//Get the list of members of the group
+		$members = components()->groups->getListMembers($groupID);
+
+		//Parse the list of members
+		foreach($members as $num => $member)
+			$members[$num] = self::GroupMemberToAPI($member);
+
+		return $members;
+	}
+
+	/**
+	 * Respond to a membership invitation
+	 * 
+	 * @url POST /groups/respond_invitation
+	 */
+	public function respondInvitation(){
+
+		user_login_required();
+
+		//Get the ID of the group (with basic access)
+		$groupID = getPostGroupIdWithAccess("id", GroupInfo::LIMITED_ACCESS);
+
+		//Get the response to the invitation
+		$accept = postBool("accept");
+
+		//Check if the user received an invitation or not
+		if(!components()->groups->receivedInvitation(userID, $groupID))
+			Rest_fatal_error(404, "Invitation not found!");
+
+		//Try to respond to the invitation
+		if(!components()->groups->respondInvitation(userID, $groupID, $accept))
+			Rest_fatal_error(500, "An error occurred while trying to respond to membership invitation!");
+		
+		//Push notification
+		create_group_membership_notification(userID, 0, $groupID, 
+			$accept ? Notification::ACCEPTED_GROUP_MEMBERSHIP_INVITATION : Notification::REJECTED_GROUP_MEMBERSHIP_INVITATION);
+
+		//Success
+		return array("success" => "The response to the invitation was saved!");
+	}
+
+	/**
+	 * Cancel a membership request
+	 * 
+	 * @url POST /groups/cancel_request
+	 */
+	public function cancelRequest(){
+
+		user_login_required();
+
+		//Get the ID of the group (with basic access)
+		$groupID = getPostGroupIdWithAccess("id", GroupInfo::LIMITED_ACCESS);
+
+		//Check if the user has created a membership request
+		if(components()->groups->getMembershipLevel(userID, $groupID) != GroupMember::PENDING)
+			Rest_fatal_error(401, "You did not send a membership request to this group!");
+		
+		//Try to cancel membership request
+		if(!components()->groups->deleteRequest(userID, $groupID))
+			Rest_fatal_error(500, "An error occurred while trying to cancel membership request!");
+		
+		//Delete group membership notifications
+		delete_notifications_group_membership(userID, $groupID);
+
+		return array("success" => "The request has been successfully cancelled!");
+	}
+
+	/**
+	 * Send a membership request to the server
+	 * 
+	 * @url POST /groups/send_request
+	 */
+	public function sendRequest(){
+
+		user_login_required();
+
+		//Get the ID of the target group
+		$groupID = getPostGroupIdWithAccess("id", GroupInfo::LIMITED_ACCESS);
+
+		//Check if the user is currently only a visitor of the website
+		if(components()->groups->getMembershipLevel(userID, $groupID) != GroupMember::VISITOR)
+			Rest_fatal_error(401, "You are not currently a visitor of the group!");
+
+		//Check if the user can register a new membership to the group
+		//Get information about the group
+		$info = components()->groups->get_info($groupID);
+
+		if($info->get_registration_level() == GroupInfo::CLOSED_REGISTRATION)
+			Rest_fatal_error(401, "You are not authorized to send a registration request for this group!");
+		
+		//Create and insert membership
+		$member = new GroupMember();
+		$member->set_userID(userID);
+		$member->set_time_sent(time());
+		$member->set_group_id($groupID);
+		$member->set_level(
+			$info->get_registration_level() == GroupInfo::MODERATED_REGISTRATION ? 
+			GroupMember::PENDING : GroupMember::MEMBER);
+		if(!components()->groups->insertMember($member))
+			Rest_fatal_error(500, "Could not register membership!");
+		
+		//Push notification
+		if($info->get_registration_level() == GroupInfo::MODERATED_REGISTRATION)
+			create_group_membership_notification(userID, 0, $groupID, 
+				Notification::SENT_GROUP_MEMBERSHIP_REQUEST);
+
+		//Success
+		return array("success" => "The membership has been successfully saved!");
+	}
+
+	/**
+	 * Delete the member from the group
+	 * 
+	 * @url POST /groups/delete_member
+	 */
+	public function deleteMember() : array {
+
+		user_login_required();
+
+		//Get the ID of the target group
+		$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::MODERATOR_ACCESS);
+		$currUserLevel = components()->groups->getMembershipLevel(userID, $groupID);
+
+		//Get the ID of the member
+		$userID = getPostUserID("userID");
+
+		if($userID == userID && $currUserLevel == GroupMember::ADMINISTRATOR){
+
+			//Count the number of admin in the group
+			if(components()->groups->countMembersAtLevel($groupID, GroupMember::ADMINISTRATOR) == 1)
+				Rest_fatal_error(401, "You are the last administrator of this group!");
+
+		}
+
+		//Get the current membership level
+		$level = components()->groups->getMembershipLevel($userID, $groupID);
+
+		//Check if the user is more than a member. In this case, only an administrator can delete him
+		if($level < GroupMember::MEMBER && $currUserLevel != GroupMember::ADMINISTRATOR)
+			Rest_fatal_error(401, "Only an administrator can delete this membership!");
+		
+		//Delete the membership
+		if(!components()->groups->deleteMembershipWithStatus($userID, $groupID, $level))
+			Rest_fatal_error(500, "Could not delete membership!");
+		
+		//Delete group membership notifications
+		delete_notifications_group_membership($userID, $groupID);
+
+		//Success
+		return array("success" => "The membership has been successfully deleted!");
+	}
+
+	/**
+	 * Update a membership level
+	 * 
+	 * @url POST /groups/update_membership_level
+	 */
+	public function updateMembershipLevel() : array {
+
+		user_login_required();
+
+		//Get the ID of the target group
+		$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::ADMIN_ACCESS);
+
+		//Get target user ID
+		$userID = getPostUserID("userID");
+
+		if($userID == userID)
+			Rest_fatal_error(400, "You can not update your own membership!");
+
+		//Get current user membership
+		$level = components()->groups->getMembershipLevel($userID, $groupID);
+
+		//Check if the user is at least a member of the group
+		if($level > GroupMember::MEMBER)
+			Rest_fatal_error(401, "This user is not a member of the group!");
+		
+		//Get the new membership level of the user
+		$levels = array_flip(self::GROUPS_MEMBERSHIP_LEVELS);
+
+		$new_level_str = postString("level");
+		if(!isset($levels[$new_level_str]))
+			Rest_fatal_error(401, "Specified membership level not found!");
+		$newLevel = $levels[$new_level_str];
+		
+		if($newLevel > GroupMember::MEMBER)
+			Rest_fatal_error(401, "You can not assign this visibility level to a group member!");
+
+		//Try to update the membership of the user
+		if(!components()->groups->updateMembershipLevel($userID, $groupID, $newLevel))
+			Rest_fatal_error(500, "Could not update membership level!");
+
+		//Success
+		return array("success" => "User membership has been updated!");
+	}
+
+	/**
+	 * Respond to a membership request
+	 * 
+	 * @url POST /groups/respond_request
+	 */
+	public function respondRequest() : array {
+
+		user_login_required();
+
+		//Get the ID of the target group
+		$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::MODERATOR_ACCESS);
+
+		//Get user ID
+		$userID = getPostUserID("userID");
+
+		//Get the response
+		$accept = postBool("accept");
+
+		//Check if the user membership is really pending or not
+		if(components()->groups->getMembershipLevel($userID, $groupID) != GroupMember::PENDING)
+			Rest_fatal_error(401, "This user has not requested a membership in this group!");
+		
+		//Respond to the request
+		if(!components()->groups->respondRequest($userID, $groupID, $accept))
+			Rest_fatal_error(500, "Could not respond to the membership request!");
+		
+		//Push notification
+		create_group_membership_notification($userID, userID, $groupID, 
+			$accept ? Notification::ACCEPTED_GROUP_MEMBERSHIP_REQUEST : Notification::REJECTED_GROUP_MEMBERSHIP_REQUEST);
+
+		//Success
+		return array("success" => "The response to the request has been successfully saved!");
+	}
+
+	/**
+	 * Get information about a membership
+	 * 
+	 * @url POST /groups/get_membership
+	 */
+	public function getMembership() : array {
+
+		//Get the ID of the target group
+		$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::MODERATOR_ACCESS);
+
+		//Get user ID
+		$userID = getPostUserID("userID");
+
+		//Check if the user has a membership or not
+		if(!components()->groups->hasMembership($userID, $groupID))
+			Rest_fatal_error(404, "Specified user does not have any membership in this group!");
+
+		//Get user membership
+		$membership = components()->groups->getMembership($userID, $groupID);
+
+		//Parse and return result
+		return self::GroupMemberToAPI($membership);
+	}
+
+	/**
+	 * Cancel a membership invitation
+	 * 
+	 * @url POST /groups/cancel_invitation
+	 */
+	public function cancelInvitation() : array {
+
+		//Get the ID of the target group
+		$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::MODERATOR_ACCESS);
+
+		//Get user ID
+		$userID = getPostUserID("userID");
+
+		//Check if the user has really been invited to the group or not
+		if(components()->groups->getMembershipLevel($userID, $groupID) != GroupMember::INVITED)
+			Rest_fatal_error(401, "This user has not been invited to join this group!");
+		
+		//Cancel group invitation
+		if(!components()->groups->deleteInvitation($userID, $groupID))
+			Rest_fatal_error(500, "Could not cancel membership invitation!");
+
+		//Delete group membership notifications
+		delete_notifications_group_membership($userID, $groupID);
+
+		//Success
+		return array("success" => "Membership invitation has been cancelled !");
+	}
+
+	/**
+	 * Get the list of membership of the current user
+	 * 
+	 * @url POST groups/get_my_list
+	 */
+	public function getMyList() : array {
+
+		user_login_required();
+
+		//Get the list of groups of the user
+		$list = components()->groups->getListUser(userID);
+
+		//Parse list
+		foreach($list as $num => $info)
+			$list[$num] = self::GroupInfoToAPI($info);
+		
+		return $list;
+
+	}
+
+	/**
+	 * Delete a user membership to a group
+	 * 
+	 * @url POST groups/remove_membership
+	 */
+	public function removeMembership() : array {
+		user_login_required();
+
+		//Get the group
+		$groupID = getPostGroupIdWithAccess("id", GroupInfo::LIMITED_ACCESS);
+
+		//Get user membership level
+		$level = components()->groups->getMembershipLevel(userID, $groupID);
+
+		if($level == GroupMember::ADMINISTRATOR){
+
+			//Check the user is not the last administrator of the page
+			if(components()->groups->countMembersAtLevel($groupID, GroupMember::ADMINISTRATOR) == 1)
+				Rest_fatal_error(401, "You are the latest administrator of the group!");
+
+		}
+
+		//Delete membership
+		if(!components()->groups->deleteMembershipWithStatus(userID, $groupID, $level))
+			Rest_fatal_error(500, "An error occurred while trying to delete your membership!");
+		
+		//Delete group membership notifications
+		delete_notifications_group_membership(userID, $groupID);
+
+		//Success
+		return array("success" => "Your membership has been successfully deleted!");
+	}
+
+	/**
+	 * Set whether a user is following a group or not
+	 * 
+	 * @url POST groups/set_following
+	 */
+	public function setFollowing(){
+		user_login_required();
+
+		//Get the group
+		$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::MEMBER_ACCESS);
+
+		//Get following status
+		$following = postBool("follow");
+
+		//Save the new value
+		if(!components()->groups->setFollowing($groupID, userID, $following))
+			Rest_fatal_error(500, "Could not update following status!");
+		
+		//Success
+		return array("success" => "Follow status has been successfully updated!");
+	}
+
+	/**
+	 * Parse a GroupInfo object into an array for the API
+	 * 
+	 * @param GroupInfo $info Information about the group
+	 * @return array Generated API data
+	 */
+	public static function GroupInfoToAPI(GroupInfo $info) : array {
+		$data = array();
+
+		$data["id"] = $info->get_id();
+		$data["name"] = removeHTMLnodes($info->get_name());
+		$data["icon_url"] = $info->get_logo_url();
+		$data["number_members"] = $info->get_number_members();
+		$data["membership"] = self::GROUPS_MEMBERSHIP_LEVELS[$info->get_membership_level()];
+		$data["visibility"] = self::GROUPS_VISIBILITY_LEVELS[$info->get_visibility()];
+		$data["registration_level"] = self::GROUPS_REGISTRATION_LEVELS[$info->get_registration_level()];
+		$data["posts_level"] = self::GROUPS_POSTS_LEVELS[$info->get_posts_level()];
+		$data["virtual_directory"] = $info->get_virtual_directory();
+		$data["following"] = $info->isFollowing();
+
+		return $data;
+	}
+
+	/**
+	 * Parse an AdvancedGroupInfo object into an array for the API
+	 * 
+	 * @param AdvancedGroupInfo $info Information about the group
+	 * @return array Generated API data
+	 */
+	public static function AdvancedGroupInfoToAPI(AdvancedGroupInfo $info) : array {
+		$data = self::GroupInfoToAPI($info);
+
+		$data["time_create"] = $info->get_time_create();
+		$data["description"] = $info->get_description();
+		$data["url"] = $info->get_url();
+		$data["number_likes"] = $info->get_number_likes();
+		$data["is_liking"] = $info->isLiking();
+
+		return $data;
+	}
+
+	/**
+	 * Parse a GroupSettings object into an array for the API
+	 * 
+	 * @param GroupSettings $settings The settings to parse
+	 * @return array Generated array
+	 */
+	public static function GroupSettingsToAPI(GroupSettings $info) : array {
+		$data = self::AdvancedGroupInfoToAPI($info);
+
+		return $data;
+	}
+
+	/**
+	 * Turn GroupMember oject into an API array
+	 * 
+	 * @param GroupMember $member The member entry to convert
+	 * @return array Generated entry
+	 */
+	public static function GroupMemberToAPI(GroupMember $member) : array {
+		$data = array();
+
+		$data["user_id"] = $member->get_userID();
+		$data["group_id"] = $member->get_group_id();
+		$data["time_create"] = $member->get_time_sent();
+		$data["level"] = self::GROUPS_MEMBERSHIP_LEVELS[$member->get_level()];
+
+		return $data;
+	}
+}

RestControllers/LikesController.php

@@ -68,6 +68,13 @@ class LikesController {
 				break;
 
 
+			//In case of group
+			case "group":
+				$id = getPostGroupIdWithAccess("id", GroupInfo::VIEW_ACCESS);
+				$componentType = Likes::LIKE_GROUP;
+				break;
+				
+
 			//Default case : error
 			default:
 				Rest_fatal_error(404, "Specifed component type currently not supported !");

RestControllers/PostsController.php

@@ -15,7 +15,8 @@ class PostsController {
 	const VISIBILITY_LEVELS_API = array(
 		Posts::VISIBILITY_PUBLIC => "public",
 		Posts::VISIBILITY_FRIENDS => "friends",
-		Posts::VISIBILITY_USER => "private"
+		Posts::VISIBILITY_USER => "private",
+		Posts::VISIBILITY_GROUP_MEMBERS => "members",
 	);
 
 	/**
@@ -56,6 +57,31 @@ class PostsController {
 		return $this->parsePostsList($posts);
 	}
 
+	/**
+	 * Get group posts
+	 * 
+	 * @url POST /posts/get_group
+	 */
+	public function getGroupPosts(){
+
+		//Get group ID
+		$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::VIEW_ACCESS);
+
+		//Get the startpoint for the posts
+		$startFrom = postInt("startFrom", 0);
+
+		//Check whether the user can see members only posts or not
+		$membershipLevel = components()->groups->getMembershipLevel(userID, $groupID);
+		$seeAllPosts = $membershipLevel <= GroupMember::MEMBER;
+
+		//Get the posts of the group
+		$posts = components()->posts->getGroupPosts($groupID, $seeAllPosts, $startFrom);
+
+		//Return parsed list of posts
+		return $this->parsePostsList($posts);
+
+	}
+
 	/**
 	 * Get the latest posts for the user
 	 * 
@@ -72,8 +98,11 @@ class PostsController {
 		else
 			$startFrom = 0; //No start point
 
+		//Check whether groups posts should be included or not
+		$include_groups = isset($_POST['include_groups']) ? postBool("include_groups") : FALSE;
+		
 		//Get the post of the user
-		$posts = CS::get()->components->posts->get_latest(userID, $startFrom, 10);
+		$posts = CS::get()->components->posts->get_latest(userID, $startFrom, 10, $include_groups);
 
 		//Return parsed list of posts
 		return $this->parsePostsList($posts);
@@ -99,7 +128,11 @@ class PostsController {
 			Rest_fatal_error(500, "Couldn't retrieve post informations !");
 
 		//Check if we can get the comments of the post
-		if(components()->user->allowComments($postInfos->get_user_page_id()))
+		$load_comments = TRUE;
+		if($postInfos->get_kind_page() == Posts::PAGE_KIND_USER)
+			$load_comments = components()->user->allowComments($postInfos->get_user_page_id());
+
+		if($load_comments)
 			$postInfos->set_comments(components()->comments->get($postInfos->get_id()));
 
 		//Parse post informations
@@ -142,6 +175,20 @@ class PostsController {
 
 				break;
 			
+
+			//In case of group
+			case "group":
+
+				//Save the values
+				$kind_page = Posts::PAGE_KIND_GROUP;
+				$kind_page_id = getPostGroupIdWithAccess("kind-id", GroupInfo::MEMBER_ACCESS);
+
+				//Check whether the user is authorized to create posts on the page or not
+				if(!components()->groups->canUserCreatePost(userID, $kind_page_id))
+					Rest_fatal_error(401, "You are not authorized to create posts on this group!");
+				
+				break;	
+			
 			//Unsupported kind of page
 			default:
 				Rest_fatal_error(500, "Unsupported kind of page !");
@@ -349,6 +396,7 @@ class PostsController {
 		if($postID < 0)
 			Rest_fatal_error(400, "Couldn't create post !");
 
+
 		//Create a notification
 		$notification = new Notification();
 		$notification->set_from_user_id(userID);
@@ -357,6 +405,7 @@ class PostsController {
 		$notification->set_type(Notification::ELEM_CREATED);
 		components()->notifications->push($notification);
 		
+
 		//Success
 		return array(
 			"success" => "The post has been created !",
@@ -528,8 +577,9 @@ class PostsController {
 		$data["ID"] = $post->get_id();
 		$data["userID"] = $post->get_userID();
 		$data["user_page_id"] = $post->get_user_page_id();
+		$data["group_id"] = $post->get_group_id();
 		$data["post_time"] = $post->get_time_sent();
-		$data["content"] = $post->has_content() ? utf8_encode($post->get_content()) : null;
+		$data["content"] = $post->has_content() ? $post->get_content() : null;
 		$data["visibility_level"] = self::VISIBILITY_LEVELS_API[$post->get_visibility_level()];
 		$data["kind"] = $post->get_kind();
 

RestControllers/SearchController.php

@@ -0,0 +1,109 @@
+<?php
+/**
+ * Search controller
+ *
+ * @author Pierre HUBERT
+ */
+
+class SearchController
+{
+
+	/**
+	 * Search results kinds to API
+	 */
+	const SEARCH_RESULTS_KINDS = array(
+		SearchResult::KIND_USER => "user",
+		SearchResult::KIND_GROUP => "group"
+	);
+
+	/**
+	 * Peform a research on the database
+	 *
+	 * @url POST /search/user
+	 * @url POST /user/search
+	 */
+	public function search_user(){
+		user_login_required();
+
+		//Check if the query was specified with the request
+		if(!isset($_POST['query']))
+			Rest_fatal_error(400, "Please specify search terms");
+		$query = $_POST['query'];
+
+		//Check the query
+		if(strlen($query) < 1)
+			Rest_fatal_error(401, "Empty requests not allowed !");
+		
+		//Check for search limit
+		$searchLimit = (isset($_POST['searchLimit']) ? toInt($_POST['searchLimit']) : 5);
+
+		//Check the limit
+		if($searchLimit < 1 || $searchLimit > 25)
+			Rest_fatal_error(401, "Invalid search limit !");
+		
+		//Perform research on the database and return results
+		$results = CS::get()->components->search->search_user($query, $searchLimit);
+		if($results === false)
+			Rest_fatal_error(500, "An error occured while trying to perform a research in user list !");
+		
+		//Return results
+		return $results;
+	}
+
+	/**
+	 * Peform a global search (search for groups + users)
+	 * 
+	 * @url POST /search/global
+	 */
+	public function searchGlobal(){
+		user_login_required();
+
+		//Get search query
+		$query = postString("query", 1);
+
+		//Set abitrary limit
+		$limit = 10;
+
+		$results = array();
+		
+		//First, search for groups
+		foreach(components()->search->search_group($query, $limit) as $groupID)
+			$results[] = new SearchResult(SearchResult::KIND_GROUP, $groupID);
+		$limit -= count($results);
+
+		//Then search for users
+		foreach(components()->search->search_user($query, $limit) as $userID)
+			$results[] = new SearchResult(SearchResult::KIND_USER, $userID);
+		
+		//Parse and return result
+		return self::MultipleSearchResultToAPI($results);
+	}
+
+	/**
+	 * Parse multiple SearchResult entry to API
+	 * 
+	 * @param array $list The list of SearchResults to parse
+	 * @return array Generated array
+	 */
+	public static function MultipleSearchResultToAPI(array $list) : array {
+		$data = array();
+		foreach($list as $entry)
+			$data[] = self::SearchResultToAPI($entry);
+		return $data;
+	}
+
+	/**
+	 * Turn a SearchResult object into API object
+	 * 
+	 * @param SearchResult $result The result to process
+	 * @return array Generated entry
+	 */
+	public static function SearchResultToAPI(SearchResult $result) : array {
+		$data = array();
+
+		$data["kind"] = self::SEARCH_RESULTS_KINDS[$result->get_kind()];
+		$data["id"] = $result->get_kind_id();
+
+		return $data;
+	}
+}

RestControllers/SettingsController.php

@@ -55,10 +55,10 @@ class SettingsController {
 		//Get and check virtual directory
 		$virtualDirectory = postString("virtualDirectory", 0);
 		if($virtualDirectory != ""){
-			$virtualDirectory = getPostUserDirectory("virtualDirectory");
+			$virtualDirectory = getPostVirtualDirectory("virtualDirectory");
 
 			//Check if the directory is available
-			if(!components()->settings->checkUserDirectoryAvailability($virtualDirectory, userID))
+			if(!checkVirtualDirectoryAvailability($virtualDirectory, userID, FALSE))
 				Rest_fatal_error(401, "The specified directory is not available!");
 
 		}
@@ -104,16 +104,64 @@ class SettingsController {
 		user_login_required();
 
 		//Get user directory
-		$userDirectory = getPostUserDirectory("directory");
+		$userDirectory = getPostVirtualDirectory("directory");
 
 		//Check if the directory is available
-		if(!components()->settings->checkUserDirectoryAvailability($userDirectory, userID))
+		if(!checkVirtualDirectoryAvailability($userDirectory, userID, FALSE))
 			Rest_fatal_error(401, "The specified directory is not available!");
 
 		//Else the directory is available
 		return array("success" => "The directory is available!");
 	}
 
+	/**
+	 * Get language settings
+	 * 
+	 * @url POST /settings/get_language
+	 */
+	public function getLanguage(){
+
+		//User login required
+		user_login_required();
+
+		//Get the settings of the user
+		$settings = components()->settings->get_language(userID);
+
+		if(!$settings->isValid())
+			Rest_fatal_error(500, "Could not get language settings!");
+
+		//Return parsed settings object
+		return $this->LanguageSettingsToAPI($settings);
+	}
+
+	/**
+	 * Set (update) language settings
+	 * 
+	 * @url POST /settings/set_language
+	 */
+	public function setLanguage(){
+
+		//User login required
+		user_login_required();
+
+		//Get specified language
+		$lang = postString("lang", 2);
+
+		if(!in_array($lang, LanguageSettings::LANGUAGES))
+			Rest_fatal_error(401, "Language not recognized !");
+
+		$settings = new LanguageSettings();
+		$settings->set_id(userID);
+		$settings->set_lang($lang);
+
+		//Save language in database
+		if(!components()->settings->save_language($settings))
+			Rest_fatal_error(500, "Could not save language settings!");
+		
+		//Success
+		return array("success" => "Language settings have been successfully updated!");
+	}
+
 	/**
 	 * Get security settings
 	 * 
@@ -160,10 +208,10 @@ class SettingsController {
 		//Create a security settings object and fill it with the new information
 		$settings = new SecuritySettings();
 		$settings->set_id(userID);
-		$settings->set_security_question_1(postString("security_question_1", 0));
+		$settings->set_security_question_1(removeHTMLnodes(postString("security_question_1", 0)));
-		$settings->set_security_answer_1(postString("security_answer_1", 0));
+		$settings->set_security_answer_1(removeHTMLnodes(postString("security_answer_1", 0)));
-		$settings->set_security_question_2(postString("security_question_2", 0));
+		$settings->set_security_question_2(removeHTMLnodes(postString("security_question_2", 0)));
-		$settings->set_security_answer_2(postString("security_answer_2", 0));
+		$settings->set_security_answer_2(removeHTMLnodes(postString("security_answer_2", 0)));
 		
 		//Try to update settings
 		if(!components()->settings->save_security($settings))
@@ -311,6 +359,21 @@ class SettingsController {
 		return $data;
 	}
 
+	/**
+	 * Turn a LanguageSettings object into a valid API object
+	 * 
+	 * @param LanguageSettings $settings The object to convert
+	 * @return array Generated API object
+	 */
+	private function LanguageSettingsToAPI(LanguageSettings $settings) : array {
+
+		$data = array();
+
+		$data["lang"] = $settings->get_lang();
+
+		return $data;
+	}
+
 	/**
 	 * Turn a SecuritySettings object into a valid API object
 	 * 

RestControllers/VirtualDirectoryController.php

@@ -0,0 +1,42 @@
+<?php
+/**
+ * Virtual directory controller
+ * 
+ * @author Pierre HUBERT
+ */
+
+class VirtualDirectoryController {
+
+	/**
+	 * Find a group / user using a given virtual directory
+	 * 
+	 * @url POST /virtualDirectory/find
+	 */
+	public function findVirtualDirectory(){
+
+		//Get the virtual directory to analyze
+		$virtualDirectory = getPostVirtualDirectory("directory");
+
+		//Check if the directory is a user or group
+		$userID = components()->user->findByFolder($virtualDirectory);
+		$groupID = components()->groups->findByVirtualDirectory($virtualDirectory);
+		
+		if($userID != 0){
+			$kind = "user";
+			$id = $userID;
+		}
+		else if($groupID != 0){
+			$kind = "group";
+			$id = $groupID;
+		}
+
+		else
+			Rest_fatal_error(404, "Specified user / group virtual directory not found !");
+
+		return array(
+			"kind" => $kind,
+			"id" => $id
+		);
+	}
+
+}

RestControllers/accountController.php

@@ -17,10 +17,14 @@ class accountController {
 	 * @url POST /account/login
 	 */
 	public function connectUSER(){
+
 		//Check variables sent in request
 		if(!isset($_POST['userMail']) OR !isset($_POST['userPassword']))
 		   throw new RestException(400, "Missing data !");
 	   
+		//API limit
+		api_limit_query(APILimits::ACTION_LOGIN_FAILED, false);
+
 		//Retrieve database connection
 		$db = CS::get()->db;;
 
@@ -31,8 +35,11 @@ class accountController {
 		//Try to perform login
 		$loginTokens = CS::get()->components->account->generateUserLoginTokens($userMail, $userPassword, APIServiceID, $db);
 
-	   if(count($loginTokens) == 0)
+		if(count($loginTokens) == 0){
+			api_limit_query(APILimits::ACTION_LOGIN_FAILED, true);
 			throw new RestException(401, "Invalid e-mail address / password !");
+		}
+		   
 
 		//Return result with tokens
 		return array(
@@ -62,6 +69,155 @@ class accountController {
 		return array("success" => "The user has been disconnected !");
 	}
 
+	/**
+	 * Check if an email is already associated with an account or not
+	 * 
+	 * @url POST /account/exists_email
+	 */
+	public function existsMail(){
+
+		//Check the given email address
+		$email = postEmail("email", 5);
+		
+		//Check if the email address is already associated with an account
+		$email_exists = components()->account->exists_email($email);
+		
+		return array(
+			"exists" => $email_exists
+		);
+	}
+
+	/**
+	 * Check if an account associated with an email address has set up 
+	 * security question or not
+	 * 
+	 * @url POST /account/has_security_questions
+	 */
+	public function hasSecurityQuestion(){
+
+		//Get account ID
+		$userID = $this->getUserIDFromPostEmail("email");
+
+		//Check if the specified account has defined security questions or not
+		return array(
+			"defined" => components()->settings->has_security_questions($userID)
+		);
+	}
+
+	/**
+	 * Get the security questions of a user using its email address
+	 * 
+	 * @url POST /account/get_security_questions
+	 */
+	public function getSecurityQuestions(){
+
+		//Get account ID
+		$userID = $this->getUserIDFromPostEmail("email");
+
+		//Check if user has defined security questions
+		if(!components()->settings->has_security_questions($userID))
+			Rest_fatal_error(401, "Specified user has not set up security questions!");
+
+		//Get the security settings of the user
+		$settings = components()->settings->get_security($userID);
+
+		//Check for errors
+		if(!$settings->isValid())
+			Rest_fatal_error(500, "An error occurred while retrieving security settings of the user!");
+		
+		//Return the questions of the user
+		return array(
+			"questions" => array(
+				$settings->get_security_question_1(),
+				$settings->get_security_question_2()
+			)
+		);
+	}
+
+	/**
+	 * Check the security answers given by a user in order to reset its 
+	 * password
+	 * 
+	 * @url POST /account/check_security_answers
+	 */
+	public function checkSecurityAnswers(){
+
+		//Get account ID
+		$userID = $this->getUserIDFromPostEmail("email");
+
+		//Check if user has defined security questions
+		if(!components()->settings->has_security_questions($userID))
+			Rest_fatal_error(401, "Specified user has not set up security questions!");
+
+		//Get the security settings of the user
+		$settings = components()->settings->get_security($userID);
+
+		//Check for errors
+		if(!$settings->isValid())
+			Rest_fatal_error(500, "An error occurred while retrieving security settings of the user!");
+
+		//Get the list of security answers
+		$answersString = postString("answers", 3);
+
+		//Get answers
+		$answers = explode("&", $answersString);
+
+		//Check the number of given answers
+		if(count($answers) != 2)
+			Rest_fatal_error(401, "Please specify 2 security answers!");
+			
+		//Check the security answers
+		if(strtolower(urldecode($answers[0])) != strtolower($settings->get_security_answer_1()) || 
+			strtolower(urldecode($answers[1])) != strtolower($settings->get_security_answer_2()))
+			Rest_fatal_error(401, "Specified security answers are invalid!");
+		
+		//If we get there, security anwsers are valid
+		$token = random_str(255);
+		if(!components()->account->set_new_password_reset_token($userID, $token))
+			Rest_fatal_error(500, "Could not set a password reset token for the account!");
+		
+		//Return result
+		return array(
+			"reset_token" => $token
+		);
+	}
+
+	/**
+	 * Check the validity of a reset account token
+	 * 
+	 * @url POST /account/check_password_reset_token
+	 */
+	public function checkResetAccountToken(){
+
+		//Get user ID
+		$userID = $this->getUserIDFromPasswordResetToken("token");
+		
+		//The token is valid
+		return array("success" => "The token is valid.");
+	}
+
+	/**
+	 * Reset user password using reset token
+	 * 
+	 * @url POST /account/reset_user_passwd 
+	 */
+	public function resetPasswordUsingToken(){
+
+		//Get user ID
+		$userID = $this->getUserIDFromPasswordResetToken("token");
+
+		//Save new password
+		$newPassword = postString("password");
+		if(!components()->account->set_new_user_password($userID, $newPassword))
+			Rest_fatal_error(500, "Could not update user password!");
+
+		//Cancel password reset token of the password
+		components()->account->remove_password_reset_token($userID);
+
+		//Success
+		return array("success" => "Your password has been updated!");
+	}
+
 	/**
 	 * Create an account
 	 * 
@@ -69,6 +225,8 @@ class accountController {
 	 */
 	public function createAccount(){
 
+		api_limit_query(APILimits::ACTION_CREATE_ACCOUNT, false);
+
 		//Check post fields existence
 		if(!check_post_parametres(array("emailAddress", "firstName", "lastName", "password")))
 			Rest_fatal_error(400, "Please check given parameters");
@@ -92,7 +250,7 @@ class accountController {
 		
 		//Check if the email address is already associated with an account
 		if(components()->account->exists_email($email))
-			Rest_fatal_error(401, "The specified email address is already associated with an account!");
+			Rest_fatal_error(409, "The specified email address is already associated with an account!");
 		
 		//Create new account object
 		$newAccount = new NewAccount();
@@ -105,6 +263,8 @@ class accountController {
 		if(!components()->account->create($newAccount))
 			Rest_fatal_error(500, "An error occured while trying to create the account !");
 
+		api_limit_query(APILimits::ACTION_CREATE_ACCOUNT, true);
+
 		//Success
 		return array(
 			"success" => "The account has been created !"
@@ -126,6 +286,53 @@ class accountController {
 		$data = components()->account->export(userID);
 
 		//Process data set
+
+
+		//Find the users to fetch information about too
+		$users = array();
+		$add_user_id = function(int $userID, array &$list){
+			if(!in_array($userID, $list))
+				$list[] = $userID;
+		};
+		
+		//Friends
+		foreach($data["friends_list"] as $friend)
+			$add_user_id($friend->getFriendID(), $users);
+		
+		//Posts
+		foreach($data["posts"] as $num => $post){
+			$add_user_id($post->get_userID(), $users);
+
+			//Process post comments
+			if($post->has_comments()){
+				foreach($post->get_comments() as $comment)
+					$add_user_id($comment->get_userID(), $users);
+			}
+		}
+			
+		//Comments
+		foreach($data["comments"] as $num => $comment)
+			$add_user_id($comment->get_userID(), $users);
+		
+		//Conversation members
+		foreach($data["conversations_list"] as $num => $conversation){
+			foreach($conversation->get_members() as $member)
+				$add_user_id($member, $users);
+		}
+
+		//Conversation messages
+		foreach($data["conversations_messages"] as $num => $conversation){
+			foreach($conversation as $message)
+				$add_user_id($message->get_userID(), $users);
+		}
+
+		//Fetch information about related users
+		$data["users_info"] = components()->user->getMultipleUserInfos($users);
+
+
+
+
+		//Prepare API return
 		//Advanced user information
 		$data["advanced_info"] = userController::advancedUserToAPI($data["advanced_info"]);
 
@@ -149,18 +356,28 @@ class accountController {
 		foreach($data["movies"] as $num => $movie)
 			$data["movies"][$num] = MoviesController::MovieToAPI($movie);
 
-		//Conversations messages
+		//All conversations messages from user
-		foreach($data["conversation_messages"] as $num => $message)
+		foreach($data["all_conversation_messages"] as $num => $message)
-			$data["conversation_messages"][$num] = ConversationsController::ConvMessageToAPI($message);
+			$data["all_conversation_messages"][$num] = ConversationsController::ConvMessageToAPI($message);
 
 		//Conversations list
 		foreach($data["conversations_list"] as $num => $conversation)
 			$data["conversations_list"][$num] = ConversationsController::ConvInfoToAPI($conversation);
 		
+		//Conversation messages
+		foreach($data["conversations_messages"] as $convID=>$messages){
+			foreach($messages as $num=>$message)
+				$data["conversations_messages"][$convID][$num] = ConversationsController::ConvMessageToAPI($message); 
+		}
+
 		//Friends list
 		foreach($data["friends_list"] as $num => $friend)
 			$data["friends_list"][$num] = friendsController::parseFriendAPI($friend);
 
+		//Users information
+		foreach($data["users_info"] as $num => $user)
+			$data["users_info"][$num] = userController::userToAPI($user);
+		
 		return $data;
 	
 	}
@@ -184,4 +401,70 @@ class accountController {
 		return array("success" => "The user account has been successfully deleted!");
 
 	}
+
+	/**
+	 * Get and return the email address associated with an account
+	 * from a $_POST request
+	 * 
+	 * @param string $name The name of the POST field containing the
+	 * email address
+	 * @return string The email address
+	 */
+	private function getPostAccountEmail(string $name) : string {
+
+		//Get the email address
+		$email = postEmail($name);
+
+		//Check if the email is associated with an account
+		if(!components()->account->exists_email($email))
+			Rest_fatal_error(404, "Specified email address in '".$name."' not found!");
+		
+		return $email;
+
+	}
+
+	/**
+	 * Get email address from $_POST request and return associated
+	 * account ID
+	 * 
+	 * @param string $name The name of post field containing email
+	 * @return int Associated account ID
+	 */
+	private function getUserIDFromPostEmail(string $name) : int {
+
+		//Get account email
+		$email = $this->getPostAccountEmail($name);
+
+		//Get the ID of the assocated account
+		$userID = components()->account->getIDfromEmail($email);
+
+		//Check user ID
+		if($userID < 1)
+			Rest_fatal_error(500, "Could link the email address to an account!");
+		
+		return $userID;
+
+	}
+
+	/**
+	 * Get the ID of a user from a password reset token
+	 * 
+	 * @param string $name The name of the post field containing token
+	 * @return int Associated user ID
+	 */
+	private function getUserIDFromPasswordResetToken(string $name) : int {
+
+		//Get the token
+		$token = postString($name, 10);
+		
+		//Validate the tokens
+		$userID = components()->account->getUserIDfromResetToken($token);
+
+		//Check if the user ID is valid
+		if($userID < 1)
+			Rest_fatal_error(401, "Invalid token!");
+
+		return $userID;
+
+	}
 }

RestControllers/searchController.php

@@ -1,43 +0,0 @@
-<?php
-/**
- * Search controller
- *
- * @author Pierre HUBERT
- */
-
-class searchController
-{
-	/**
-	 * Peform a research on the database
-	 *
-	 * @url POST /search/user
-	 * @url POST /user/search
-	 */
-	public function search_user(){
-		user_login_required();
-
-		//Check if the query was specified with the request
-		if(!isset($_POST['query']))
-			Rest_fatal_error(400, "Please specify search terms");
-		$query = $_POST['query'];
-
-		//Check the query
-		if(strlen($query) < 1)
-			Rest_fatal_error(401, "Empty requests not allowed !");
-		
-		//Check for search limit
-		$searchLimit = (isset($_POST['searchLimit']) ? toInt($_POST['searchLimit']) : 5);
-
-		//Check the limit
-		if($searchLimit < 1 || $searchLimit > 25)
-			Rest_fatal_error(401, "Invalid search limit !");
-		
-		//Perform research on the database and return results
-		$results = CS::get()->components->search->search_user($query, $searchLimit);
-		if($results === false)
-			Rest_fatal_error(500, "An error occured while trying to perform a research in user list !");
-		
-		//Return results
-		return $results;
-	}
-}

classes/APILimits.php

@@ -0,0 +1,141 @@
+<?php
+/**
+ * API Actions limits count
+ * 
+ * @author Pierre HUBERT
+ */
+
+class APILimits {
+
+	/**
+	 * Table name
+	 */
+	const TABLE_NAME = DBprefix."api_limit_count";
+
+	/**
+	 * Entries live time
+	 */
+	const KEEP_DATA_FOR = 3600; // 1 hour
+
+	/**
+	 * Actions list
+	 */
+	const ACTION_LOGIN_FAILED = "failed_login";
+	const ACTION_CREATE_ACCOUNT = "create_account";
+
+	/**
+	 * Actions configruation
+	 */
+	const ACTIONS = array(
+
+		//Login failed
+		self::ACTION_LOGIN_FAILED => array(
+			"limit" => 10
+		),
+
+		//Create an account
+		self::ACTION_CREATE_ACCOUNT => array(
+			"limit" => 10
+		),
+	);
+
+	/**
+	 * Limit the number of time a client can perform a query over the API
+	 * 
+	 * @param string $action The name of the action to limit
+	 * @param bool $trigger Specify whether this call of the method must be
+	 * considered as a call of the client or not
+	 */
+	public function limit_query(string $action, bool $trigger){
+
+		//First, clean old entries
+		$this->clean();
+
+		$ip = $_SERVER["REMOTE_ADDR"];
+
+		//If required, increase action by one
+		if($trigger)
+			$this->trigger($action, $ip);
+		
+		//Count the number of time the action occurred
+		if($this->count($action, $ip) > self::ACTIONS[$action]["limit"])
+			Rest_fatal_error(429, "Too many request. Please try again later.");
+	}
+
+	/**
+	 * Clean old entries
+	 */
+	public function clean(){
+		db()->deleteEntry(
+			self::TABLE_NAME,
+			"time_start < ?",
+			array(time() - self::KEEP_DATA_FOR)
+		);
+	}
+
+	/**
+	 * Increase by one the number of the time a client performed
+	 * an action
+	 * 
+	 * @param string $action The action to trigger
+	 * @param string $ip The target IP address
+	 * @return bool TRUE for a success else FALSE
+	 */
+	private function trigger(string $action, string $ip) : bool {
+
+		if(!$this->exists($action, $ip)){
+			return db()->addLine(self::TABLE_NAME, array(
+				"ip" => $ip,
+				"time_start" => time(),
+				"action" => $action,
+				"count" => 1
+			));
+		}
+
+		else {
+			
+			$number = $this->count($action, $ip);
+			$number++;
+
+			return db()->updateDB(self::TABLE_NAME,
+				"ip = ? AND action = ?",
+				array("count" => $number),
+				array($ip, $action));
+		}
+
+	}
+
+	/**
+	 * Check wether an action has been referenced at least once in
+	 * the database
+	 * 
+	 * @param string $action The action to check
+	 * @param string $ip The target IP address
+	 * @return bool TRUE if the entry has been found at least once / FALSE else
+	 */
+	private function exists(string $action, string $ip) : bool {
+		return db()->count(self::TABLE_NAME, 
+			"WHERE ip = ? AND action = ?",
+			array($ip, $action)) > 0;
+	}
+
+	/**
+	 * Count the number of time an IP address has performed an action
+	 * 
+	 * @param string $action The target action
+	 * @param string $ip Target IP address
+	 * @return int The number of time the action has been done
+	 */
+	private function count(string $action, string $ip) : int {
+		$data = db()->select(self::TABLE_NAME, 
+			"WHERE ip = ? AND action = ?",
+			array($ip, $action),
+			array("count"));
+		
+		if(count($data) < 1)
+			return 1;
+		
+		else
+			return $data[0]["count"];
+	}
+}

classes/DBLibrary.php

@@ -560,7 +560,12 @@ class DBLibrary {
         
         //PDO informations
         if($this->verbose){
-            echo "\n PDO last error:";
+
+            echo "\n\n Call trace:";
+            echo $e->getTraceAsString();
+
+
+            echo "\n\n PDO last error:";
             print_r($this->db->errorInfo());
         }
     }
@@ -576,6 +581,10 @@ class DBLibrary {
         
         //PDO informations
         if($this->verbose){
+
+            echo "\n\n Call trace:";
+            echo $e->getTraceAsString();
+
             echo "\n PDO last error:";
             print_r($this->db->errorInfo);
         }

classes/URLanalyzer.php

@@ -25,6 +25,7 @@ class URLAnalyzer {
 		
 		//Set timeout
 		curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
+		curl_setopt($ch, CURLOPT_TIMEOUT, 5);
 		
 		//Get the response
 		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

classes/components/AccountComponent.php

@@ -198,6 +198,30 @@ class AccountComponent {
 
 	}
 
+	/**
+	 * Get the ID of the account associated with an email address
+	 * 
+	 * @param string $email The email address
+	 * @return int The ID of the account / -1 in case of failure
+	 */
+	public function getIDfromEmail(string $email): int {
+
+		//Perform an API request
+		$tableName = self::USER_TABLE;
+		$conditions = "WHERE mail = ?";
+		$values = array($email);
+
+		//Peform the request
+		$values = cs()->db->select($tableName, $conditions, $values);
+
+		if(count($values) == 0)
+			return -1; //No result found
+		
+		//Return first value
+		return $values[0]["ID"];
+
+	}
+
 	/**
 	 * Intend to create an account
 	 * 
@@ -267,6 +291,69 @@ class AccountComponent {
 		return CS::get()->db->updateDB(self::USER_TABLE, "ID = ?", $modif, array($userID));
 	}
 
+	/**
+	 * Set new password reset token for an account
+	 * 
+	 * @param int $userID Target user ID
+	 * @param string $token The new token to apply
+	 * @return bool TRUE for a success / FALSE else
+	 */
+	public function set_new_password_reset_token(int $userID, string $token) : bool {
+		
+		//Prepare database update
+		$modifs = array(
+			"password_reset_token" => $token,
+			"password_reset_token_time_create" => time()
+		);
+
+		//Apply update
+		return cs()->db->updateDB(self::USER_TABLE, "ID = ?", $modifs, array($userID));
+	}
+
+	/**
+	 * Delete the password reset token for an account
+	 * 
+	 * @param int $userID Target user ID
+	 * @return bool TRUE for a success / FALSE else
+	 */
+	public function remove_password_reset_token(int $userID) : bool {
+		
+		//Prepare database update
+		$modifs = array(
+			"password_reset_token" => "",
+			"password_reset_token_time_create" => 84 //Too low value to be valid
+		);
+
+		//Apply update
+		return cs()->db->updateDB(self::USER_TABLE, "ID = ?", $modifs, array($userID));
+	}
+
+	/**
+	 * Associate password reset token with user ID
+	 * 
+	 * @param string $token The token to associate
+	 * @return int The ID of the user / -1 in case of failure
+	 */
+	public function getUserIDfromResetToken(string $token) : int {
+
+		//Prepare database query
+		$conditions = "WHERE password_reset_token = ? AND password_reset_token_time_create > ?";
+		$values = array(
+			$token,
+			time()-60*60*24 //Maximum validity : 24 hours
+		);
+
+		//Query the database
+		$results = cs()->db->select(self::USER_TABLE, $conditions, $values);
+
+		//Check if there is not any result
+		if(count($results) == 0)
+			return -1;
+		
+		//Return first result user ID
+		return $results[0]["ID"];
+	}
+
 	/**
 	 * Crypt user password
 	 *
@@ -306,11 +393,20 @@ class AccountComponent {
 		$data["movies"] = components()->movies->get_list($userID);
 
 		//Conversation messages
-		$data["conversation_messages"] = components()->conversations->getAllUserMessages($userID);
+		$data["all_conversation_messages"] = components()->conversations->getAllUserMessages($userID);
 
 		//Conversations list
 		$data["conversations_list"] = components()->conversations->getList($userID);
 
+		//Conversation messages
+		$data["conversations_messages"] = array();
+		foreach($data["conversations_list"] as $conversation)
+
+			//Get all the messages of the conversation
+			$data["conversations_messages"][$conversation->get_ID()] = 
+				components()->conversations->getAllMessages($conversation->get_ID());
+		
+
 		//Friend list
 		$data["friends_list"] = components()->friends->getList($userID);
 
@@ -365,6 +461,9 @@ class AccountComponent {
 		if(!components()->accountImage->delete($userID))
 			return FALSE;
 		
+		if(!components()->backgroundImage->delete($userID))
+			return FALSE;
+
 		//Delete connections to all the services
 		if(!$this->deleteAllUserLoginTokens($userID))
 			return FALSE;*/
@@ -372,6 +471,8 @@ class AccountComponent {
 		//Delete user from the database
 		//WILL BE IMPLEMENTED WHEN LEGACY VERSION WILL BE REMOVED
 
+		exit("Notice: Account deletion should be available soon...");
+
 		//Success
 		return FALSE;
 	}

classes/components/BackgroundImage.php

@@ -0,0 +1,99 @@
+<?php
+/**
+ * User background image class
+ *
+ * @author Pierre HUBERT
+ */
+class BackgroundImage {
+
+	/**
+	 * @var String Base folder path for account image
+	 */
+	private $files_path;
+
+	/**
+	 * @var String Base URL for account images
+	 */
+	private $files_url;
+	
+	/**
+	 * @var String Default background image
+	 */
+	private $defaultFile = "0.jpg";
+
+	/**
+	 * Constructor of the class
+	 */
+	public function __construct(){
+		//Set values
+		$this->files_path = path_user_data(CS::get()->config->get("backgroundImagePath"), true);
+		$this->files_url = path_user_data(CS::get()->config->get("backgroundImagePath"), false);
+	}
+
+	/**
+	 * Returns the path of a background image
+	 *
+	 * @param int $userID The ID of the user on which we perform research
+	 * @return string The URL pointing on the background image
+	 */
+	public function getPath(int $userID) : string {
+		//First, check if the background image exists
+		$backgroundImageRefFile = $this->getPathMetadata($userID);
+		if(file_exists($backgroundImageRefFile)){
+
+			//Get background image path and return it
+			return $this->files_url.file_get_contents($backgroundImageRefFile);
+			
+		}
+		else {
+			//Return default background image
+			return $this->files_url.$this->defaultFile;
+		}
+	}
+
+	/**
+	 * Delete the account image of a user (if any)
+	 * 
+	 * @param int $userID The ID of the target user
+	 * @return bool TRUE for a success / FALSE else
+	 */
+	public function delete(int $userID) : bool {
+
+		//Get the path to the background image
+		$refFile = $this->getPathMetadata($userID);
+
+		//Check if ref file exists or not
+		if(file_exists($refFile)){
+
+			$file_target = $this->files_path.file_get_contents($refFile);
+
+			//Delete file
+			if(file_exists($file_target)){
+				if(!unlink($file_target))
+					return FALSE;
+			}
+			
+			//Unlink reference file
+			return unlink($refFile);
+
+		}
+
+		//Nothing to be done
+		else
+			return TRUE;
+
+	}
+
+	/**
+	 * Get the path to the file containing the path to the background image
+	 * 
+	 * @param int $userID Target user ID
+	 * @return string The path to the file
+	 */
+	private function getPathMetadata(int $userID) : string {
+		return $this->files_path."adresse_imgfond/".$userID.".txt";
+	}
+}
+
+//Register class
+Components::register("backgroundImage", new BackgroundImage());

classes/components/Conversations.php

@@ -628,6 +628,27 @@ class Conversations {
 
 	}
 
+	/**
+	 * Get all the messages of a conversation
+	 *
+	 * @param int $conversationID The ID of the target conversation
+	 * @return array The list of messages
+	 */
+	public function getAllMessages(int $conversationID) : array {
+
+		//Define conditions
+		$conditions = "WHERE ID_".$this->conversationsListTable." = ? ORDER BY ID";
+		$condVals = array(
+			$conversationID
+		);
+
+		//Perform request
+		$messages = $this->getMessages($conditions, $condVals);
+
+		//Return messages
+		return $messages;
+	}
+
 	/**
 	 * Check whether a conversation exists or not
 	 * 

classes/components/GroupsComponent.php

@@ -0,0 +1,839 @@
+<?php
+/**
+ * Groups component
+ * 
+ * @author Pierre HUBERT
+ */
+
+class GroupsComponent {
+
+	/**
+	 * Groups list table
+	 */
+	const GROUPS_LIST_TABLE = DBprefix . "groups";
+
+	/**
+	 * Groups members table
+	 */
+	const GROUPS_MEMBERS_TABLE = DBprefix."groups_members";
+
+	/**
+	 * Create a new group
+	 * 
+	 * @param NewGroup $newGroup Information about the new group
+	 * to create
+	 * @return int The ID of the created group / -1 in case of failure
+	 */
+	public function create(NewGroup $newGroup) : int {
+
+		//Insert the group in the database
+		db()->addLine(self::GROUPS_LIST_TABLE, array(
+			"time_create" => $newGroup->get_time_sent(),
+			"userid_create" => $newGroup->get_userID(),
+			"name" => $newGroup->get_name()
+		));
+
+		//Get the ID of the last inserted group
+		$groupID = db()->getLastInsertedID();
+
+		//Check for errors
+		if(!$groupID > 0)
+			return -1;
+
+		//Register the user who created the group as an admin of the group
+		$member = new GroupMember;
+		$member->set_group_id($groupID);
+		$member->set_userID($newGroup->get_userID());
+		$member->set_time_sent($newGroup->get_time_sent());
+		$member->set_level(GroupMember::ADMINISTRATOR);
+		$this->insertMember($member);
+
+		return $groupID;
+	}
+
+	/**
+	 * Check whether a group exists or not
+	 * 
+	 * @param int $id The ID of the target group
+	 * @return bool TRUE if the group exists / FALSE else
+	 */
+	public function exists(int $id) : bool {
+
+		return db()->count(
+			self::GROUPS_LIST_TABLE,
+			"WHERE id = ?",
+			array($id)
+		) > 0;
+
+	}
+
+	/**
+	 * Get the list of groups of a user
+	 * 
+	 * @param int $userID The ID of the target user
+	 * @return array The list of groups of the user
+	 */
+	public function getListUser(int $userID) : array {
+
+		//First, get IDs of the groups the user belongs to
+		$groups = db()->select(
+			self::GROUPS_MEMBERS_TABLE,
+			"WHERE user_id = ?",
+			array($userID),
+			array("groups_id")
+		);
+
+		//Parse results
+		$info = array();
+		foreach($groups as $group)
+			$info[] = $this->get_info($group["groups_id"]);
+		
+		return $info;
+	}
+
+	/**
+	 * Get the visibility level of a group
+	 * 
+	 * @param int $id The ID of the target group
+	 * @return int The visibility level of the group
+	 */
+	public function getVisiblity(int $id) : int {
+		$data = db()->select(
+			self::GROUPS_LIST_TABLE,
+			"WHERE id = ?",
+			array($id),
+			array("visibility")
+		);
+
+		if(count($data) < 1)
+			throw new Exception("Group " . $id . " does not exists!");
+		
+		return $data[0]["visibility"];
+	}
+
+	/**
+	 * Find a group by its virtual directory
+	 * 
+	 * @param string $directory The directory to search
+	 * @return int The ID of the target group / 0 if none found
+	 */
+	public function findByVirtualDirectory(string $directory) : int {
+		
+		$data = db()->select(
+			self::GROUPS_LIST_TABLE,
+			"WHERE virtual_directory = ?",
+			array($directory),
+			array("id")
+		);
+
+		if(count($data) == 0)
+			return 0;
+		else
+			return $data[0]["id"];
+	}
+
+	/**
+	 * Get and return information about a group
+	 * 
+	 * @param int $id The ID of the target group
+	 * @return GroupInfo Information about the group / invalid
+	 * object in case of failure
+	 */
+	public function get_info(int $id) : GroupInfo {
+
+		//Query the database
+		$info = db()->select(self::GROUPS_LIST_TABLE, "WHERE id = ?", array($id));
+
+		//Check for results
+		if(count($info) == 0)
+			return new GroupInfo(); //Return invalid object
+		
+		//Create and fill GroupInfo object with database entry
+		return $this->dbToGroupInfo($info[0]);
+	}
+
+	/**
+	 * Get and return advanced information about a group
+	 * 
+	 * @param int $id The ID of the target group
+	 * @return GroupInfo Information about the group / invalid
+	 * object in case of failure
+	 */
+	public function get_advanced_info(int $id) : AdvancedGroupInfo {
+
+		//Query the database
+		$info = db()->select(self::GROUPS_LIST_TABLE, "WHERE id = ?", array($id));
+
+		//Check for results
+		if(count($info) == 0)
+			return new AdvancedGroupInfo(); //Return invalid object
+		
+		//Create and fill GroupInfo object with database entry
+		return $this->dbToAdvancedGroupInfo($info[0], null, TRUE);
+	}
+
+	/**
+	 * Get a group settings
+	 * 
+	 * @param int $id The ID of the target group
+	 * @return GroupSettings The settings of the group / invalid
+	 * GroupSettings object in case of failure
+	 */
+	public function get_settings(int $id) : GroupSettings {
+
+		//Query the database
+		$info = db()->select(self::GROUPS_LIST_TABLE, "WHERE id = ?", array($id));
+
+		//Check for results
+		if(count($info) == 0)
+			return new GroupSettings(); //Return invalid object
+		
+		//Create and fill GroupInfo object with database entry
+		return $this->dbToGroupSettings($info[0]);
+
+	}
+
+	/**
+	 * Set (update) group settings
+	 * 
+	 * @param GroupSettings $settings The settings to update
+	 * @return bool TRUE for a success / FALSE
+	 */
+	public function set_settings(GroupSettings $settings) : bool {
+		
+		//Generate database entry
+		$modif = $this->GroupSettingsToDB($settings);
+
+		//Apply update
+		return db()->updateDB(
+			self::GROUPS_LIST_TABLE, 
+			"id = ?",
+			$modif,
+			array($settings->get_id()));
+
+	}
+
+	/**
+	 * Get the list of members of a group
+	 * 
+	 * @param int $groupID The ID of the group to fetch
+	 * @return array The list of members of the group
+	 */
+	public function getListMembers(int $groupID) : array {
+
+		$members = db()->select(
+			self::GROUPS_MEMBERS_TABLE,
+			"WHERE groups_id = ?",
+			array($groupID)
+		);
+
+		//Process the list of results
+		return $this->multipleDBToGroupMember($members);
+	}
+
+	/**
+	 * Get the list of members of the group that follows it
+	 * 
+	 * @param int $groupID The ID of the target group
+	 * @return array The list of members
+	 */
+	public function getListFollowers(int $groupID) : array {
+
+		$result = db()->select(
+			self::GROUPS_MEMBERS_TABLE,
+			"WHERE groups_id = ? AND following = 1",
+			array($groupID),
+			array("user_id")
+		);
+
+		//Parse the list of IDs
+		$list = array();
+		foreach($result as $el)
+			$list[] = $el["user_id"];
+		return $list;
+
+	}
+
+	/**
+	 * Get the list of groups a user is following
+	 * 
+	 * @param int $userID The ID of the target group
+	 * @return array The IDs of the groups followed by the user
+	 */
+	public function getListFollowedByUser(int $userID) : array {
+
+		$result = db()->select(
+			self::GROUPS_MEMBERS_TABLE,
+			"WHERE user_id = ? AND following = 1",
+			array($userID),
+			array("groups_id")
+		);
+
+		//Parse the list of IDs
+		$list = array();
+		foreach($result as $el)
+			$list[] = $el["groups_id"];
+		return $list;
+
+	}
+
+	/**
+	 * Count the number of a kind of membership in a group
+	 * 
+	 * @param int $groupID The ID of the target group
+	 * @param int $level The membership level to count
+	 * @return int The number of administrators of the group
+	 */
+	public function countMembersAtLevel(int $groupID, int $level) : int {
+		return db()->count(
+			self::GROUPS_MEMBERS_TABLE,
+			"WHERE groups_id = ? AND level = ?",
+			array($groupID, $level)
+		);
+	}
+
+	/**
+	 * Insert a new group member
+	 * 
+	 * @param GroupMember $member Information about the member to insert
+	 * @return bool TRUE for a success / FALSE else
+	 */
+	public function insertMember(GroupMember $member) : bool {
+		return db()->addLine(self::GROUPS_MEMBERS_TABLE, array(
+			"groups_id" => $member->get_group_id(),
+			"user_id" => $member->get_userID(),
+			"time_create" => $member->get_time_sent(),
+			"level" => $member->get_level()
+		));
+	}
+
+	/**
+	 * Update a membership level
+	 * 
+	 * @param int $userID The ID of the target user
+	 * @param int $groupID The ID of the related group
+	 * @param int $level The target level
+	 * @return bool TRUE for a success / FALSE else
+	 */
+	public function updateMembershipLevel(int $userID, int $groupID, int $level) : bool {
+		return db()->updateDB(
+			self::GROUPS_MEMBERS_TABLE,
+			"user_id = ? AND groups_id = ?",
+			array("level" => $level),
+			array($userID, $groupID)
+		);
+	}
+
+	/**
+	 * Check whether a user has already a saved membership in a group or not
+	 * 
+	 * @param int $userID The ID of the target user
+	 * @param int $groupID The ID of the target group
+	 * @return bool TRUE if the database includes a membership for the user / FALSE else
+	 */
+	public function hasMembership(int $userID, int $groupID) : bool {
+		return db()->count(
+			self::GROUPS_MEMBERS_TABLE,
+			"WHERE groups_id = ? AND user_id = ?", 
+			array($groupID, $userID)) > 0;
+	}
+
+	/**
+	 * Delete a user membership with a precise status
+	 * 
+	 * @param int $userID Target user ID
+	 * @param int $groupID Target group
+	 * @param int $status The status of the membership to delete
+	 * @return bool TRUE for a success / FALSE else
+	 */
+	public function deleteMembershipWithStatus(int $userID, int $groupID, int $status) : bool {
+		return db()->deleteEntry(
+			self::GROUPS_MEMBERS_TABLE,
+			"groups_id = ? AND user_id = ? AND level = ?",
+			array($groupID, $userID, $status)
+		);
+	}
+
+	/**
+	 * Check whether a user received an invitation or not
+	 * 
+	 * @param int $userID The ID of the user to check
+	 * @param int $groupID The ID of the related group
+	 * @return bool TRUE if the user received an invitation / FALSE else
+	 */
+	public function receivedInvitation(int $userID, int $groupID) : bool {
+		return db()->count(
+			self::GROUPS_MEMBERS_TABLE,
+			"WHERE groups_id = ? AND user_ID = ? AND level = ?",
+			array($groupID, $userID, GroupMember::INVITED)
+		) > 0;
+	}
+
+	/**
+	 * Respond to a membership invitation
+	 * 
+	 * @param int $userID The ID of the target user
+	 * @param int $groupID The ID of the related group
+	 * @param bool $accept Set wether the user accept the invitation or not
+	 * @return bool TRUE for a success / FALSE else
+	 */
+	public function respondInvitation(int $userID, int $groupID, bool $accept) : bool {
+
+		//If the user reject the invitation, delete it
+		if(!$accept)
+			return $this->deleteInvitation($userID, $groupID);
+
+		//Upgrade the user as member
+		return $this->updateMembershipLevel($userID, $groupID, GroupMember::MEMBER);
+	}
+
+	/**
+	 * Respond to a membership request
+	 * 
+	 * @param int $userID The ID of the target user
+	 * @param int $groupID The ID of the related group
+	 * @param bool $accept Set whether the request was accepted or not
+	 * @return bool TRUE for a success / FALSE else
+	 */
+	public function respondRequest(int $userID, int $groupID, bool $accept) : bool {
+
+		//If the user reject the invitation, delete it
+		if(!$accept)
+			return $this->deleteRequest($userID, $groupID);
+
+		//Upgrade the user as member
+		return $this->updateMembershipLevel($userID, $groupID, GroupMember::MEMBER);
+	}
+
+	/**
+	 * Delete a membership invitation
+	 * 
+	 * @param int $userID The ID of the target user
+	 * @param int $groupID The ID of the related group
+	 * @return bool TRUE for a success / FALSE else
+	 */
+	public function deleteInvitation(int $userID, int $groupID) : bool {
+		return $this->deleteMembershipWithStatus($userID, $groupID, GroupMember::INVITED);
+	}
+
+	/**
+	 * Delete a membership request
+	 * 
+	 * @param int $userID The ID of the target user
+	 * @param int $groupID The ID of the related group
+	 * @return bool TRUE for a success / FALSE else
+	 */
+	public function deleteRequest(int $userID, int $groupID) : bool {
+		return $this->deleteMembershipWithStatus($userID, $groupID, GroupMember::PENDING);
+	}
+
+	/**
+	 * Get the membership level of a user to a group
+	 * 
+	 * @param int $userID The ID of the queried user
+	 * @param int $groupID The ID of the target group
+	 * @return int The membership level of the user
+	 */
+	public function getMembershipLevel(int $userID, int $groupID) : int {
+
+		//Check for membership
+		if(!$this->hasMembership($userID, $groupID))
+			return GroupMember::VISITOR;
+		
+		//Fetch the database to get membership
+		$results = db()->select(
+			self::GROUPS_MEMBERS_TABLE,
+			"WHERE groups_id = ? AND user_id = ?",
+			array($groupID, $userID),
+			array("level")
+		);
+
+		//Check for results
+		if(count($results) < 0)
+			return GroupMember::VISITOR; //Security first
+		
+		return $results[0]["level"];
+	}
+
+	/**
+	 * Get information the membership of a user over a group
+	 * 
+	 * @param int $userID The ID of the target user
+	 * @param int $groupID The ID of the target group
+	 * @param GroupMember User membership
+	 */
+	public function getMembership(int $userID, int $groupID) : GroupMember {
+		//Fetch the database to get membership
+		$results = db()->select(
+			self::GROUPS_MEMBERS_TABLE,
+			"WHERE groups_id = ? AND user_id = ?",
+			array($groupID, $userID)
+		);
+
+		//Check for results
+		if(count($results) < 0)
+			return new GroupMember(); //Invalid object
+		
+		return $this->dbToGroupMember($results[0]);
+	}
+
+	/**
+	 * Determine whether a user is following or not a group
+	 * 
+	 * @param int $userID Target user ID
+	 * @param int $groupID The ID of the related group
+	 * @return bool TRUE if the user is following the group / FALSE else
+	 */
+	public function isFollowing(int $userID, int $groupID) : bool {
+		return db()->count(
+			self::GROUPS_MEMBERS_TABLE,
+			"WHERE groups_id = ? AND user_ID = ? AND following = 1",
+			array($groupID, $userID)
+		) > 0;
+	}
+
+	/**
+	 * Check whether a user is an administrator of a group
+	 * or not
+	 * 
+	 * @param int $userID Requested user ID to check
+	 * @param int $groupID Requested group to check
+	 * @return bool TRUE if the user is an admin / FALSE else
+	 */
+	public function isAdmin(int $userID, int $groupID) : bool {
+		return $this->getMembershipLevel($userID, $groupID)
+			 == GroupMember::ADMINISTRATOR;
+	}
+
+	/**
+	 * Check whether a group is open or not
+	 * 
+	 * @param int $groupID The ID of the target group
+	 * @return bool TRUE if the group is open / FALSE else
+	 */
+	public function isOpen(int $groupID) : bool {
+		return db()->count(
+			self::GROUPS_LIST_TABLE,
+			"WHERE id = ? AND visibility = ?",
+			array($groupID, GroupInfo::OPEN_GROUP)) > 0;
+	}
+
+	/**
+	 * Check whether a group is secret or not
+	 * 
+	 * @param int $groupID The ID of the target group
+	 * @return bool TRUE if the group is open / FALSE else
+	 */
+	public function isSecret(int $groupID) : bool {
+		return db()->count(
+			self::GROUPS_LIST_TABLE,
+			"WHERE id = ? AND visibility = ?",
+			array($groupID, GroupInfo::SECRET_GROUP)) > 0;
+	}
+
+	/**
+	 * Count the number of members of a group
+	 * 
+	 * @param int $id The ID of the target group
+	 * @return int The number of members of the group
+	 */
+	private function countMembers(int $id) : int {
+		return db()->count(self::GROUPS_MEMBERS_TABLE, 
+			"WHERE groups_id = ?",
+			array($id));
+	}
+
+	/**
+	 * Get and return the access level of a user over a group
+	 * 
+	 * @param int $groupID The ID of the target group
+	 * @param int $userID The ID of the user
+	 * @return int The visiblity access level of the user
+	 */
+	public function getAccessLevel(int $groupID, int $userID) : int {
+
+		if($userID > 0)
+			//Get the membership level of the user
+			$membership_level = $this->getMembershipLevel($userID, $groupID);
+		
+		else
+			$membership_level = GroupMember::VISITOR; //Signed out users are all visitors
+
+		//Check if the user is a confirmed member of group
+		if($membership_level == GroupMember::ADMINISTRATOR)
+			return GroupInfo::ADMIN_ACCESS;
+		if($membership_level == GroupMember::MODERATOR)
+			return GroupInfo::MODERATOR_ACCESS;
+		if($membership_level == GroupMember::MEMBER)
+			return GroupInfo::MEMBER_ACCESS;
+		
+		//Get the visibility level of the group
+		$group_visibility_level = $this->getVisiblity($groupID);
+
+		//If the group is open, everyone has view access
+		if($group_visibility_level == GroupInfo::OPEN_GROUP)
+			return GroupInfo::VIEW_ACCESS;
+
+		//Else, all pending and invited membership get limited access
+		if($membership_level == GroupMember::PENDING ||
+			$membership_level == GroupMember::INVITED)
+			return GroupInfo::LIMITED_ACCESS;
+
+		//Private groups gives limited access
+		if($group_visibility_level == GroupInfo::PRIVATE_GROUP)
+			return GroupInfo::LIMITED_ACCESS;
+		
+		//Else the user can not see the group
+		return GroupInfo::NO_ACCESS;
+	}
+
+	/**
+	 * Check whether a user can create posts or not on a group
+	 * 
+	 * @param int $userID The related user ID
+	 * @param int $groupID The ID of the target group
+	 * @return bool TRUE if the user is authorized / FALSE else
+	 */
+	public function canUserCreatePost(int $userID, int $groupID) : bool {
+
+		//Get the membership level of the user over the post
+		$membership_level = $this->getMembershipLevel($userID, $groupID);
+
+		//Moderators + administrators : can always create posts
+		if($membership_level == GroupMember::ADMINISTRATOR
+			|| $membership_level == GroupMember::MODERATOR)
+
+			return TRUE;
+		
+		if($membership_level == GroupMember::MEMBER) {
+
+			//Get information about the group to check whether all the members of
+			//the group are authorized to create posts or not
+			$group = $this->get_advanced_info($groupID);
+
+			if($group->get_posts_level() == GroupInfo::POSTS_LEVEL_ALL_MEMBERS)
+				return TRUE;
+
+		}
+		
+		//Other members can not create posts
+		return FALSE;
+
+	}
+
+	/**
+	 * Delete current group logo (if any)
+	 * 
+	 * @param int $id The ID of the target group
+	 * @return bool TRUE if the logo was deleted / FALSE else
+	 */
+	public function deleteLogo(int $id) : bool {
+
+		//Get the current settings of the group
+		$settings = $this->get_settings($id);
+
+		//Check if the group has currently an group logo or not
+		if($settings->has_logo()){
+			
+			//Delete the previous logo
+			if(file_exists($settings->get_logo_sys_path()))
+				if(!unlink($settings->get_logo_sys_path()))
+					return FALSE;
+			
+			//Save new information
+			$settings->set_logo("null");
+			return $this->set_settings($settings);
+		}
+		
+		//Success (nothing to be done)
+		return TRUE;
+	}
+
+	/**
+	 * Check whether a directory is available or not
+	 * 
+	 * @param string $directory The directory to check
+	 * @param int $groupID The ID of the target group
+	 * @return bool TRUE if the directory is available / FALSE
+	 */
+	public function checkDirectoryAvailability(string $directory, int $groupID) : int {
+		$currID = $this->findByVirtualDirectory($directory);
+
+		//Check if the domain has not been allocated
+		if($currID < 1)
+			return TRUE;
+		
+		else
+			//Else check if the directory has been allocated to the current user 
+			return $groupID == $currID;
+	}
+
+	/**
+	 * Set (update) user following status
+	 * 
+	 * @param int $groupID Target group ID
+	 * @param int $userID Target user ID
+	 * @param bool $following New following status
+	 * @return bool TRUE to follow / FALSE else
+	 */
+	public function setFollowing(int $groupID, int $userID, bool $following) : bool {
+		return db()->updateDB(
+			self::GROUPS_MEMBERS_TABLE, 
+			"groups_id = ? AND user_id = ?",
+			array("following" => $following ? 1 : 0),
+			array($groupID, $userID));
+	}
+
+	/**
+	 * Turn a database entry into a GroupInfo object
+	 * 
+	 * @param array $data Database entry
+	 * @param GroupInfo $group The object to fill with the information (optionnal)
+	 * @return GroupInfo Generated object
+	 */
+	private function dbToGroupInfo(array $data, GroupInfo $info = null) : GroupInfo {
+
+		if($info == null)
+			$info = new GroupInfo();
+
+		$info->set_id($data["id"]);
+		$info->set_name($data["name"]);
+		$info->set_number_members($this->countMembers($info->get_id()));
+		$info->set_membership_level($this->getMembershipLevel(userID, $info->get_id()));
+		$info->set_visibility($data["visibility"]);
+		$info->set_registration_level($data["registration_level"]);
+		$info->set_posts_level($data["posts_level"]);
+
+		if($data["path_logo"] != null && $data["path_logo"] != "" && $data["path_logo"] != "null")
+			$info->set_logo($data["path_logo"]);
+		
+		if($data["virtual_directory"] != null && $data["virtual_directory"] != "" && $data["virtual_directory"] != "null")
+			$info->set_virtual_directory($data["virtual_directory"]);
+
+		return $info;
+
+	}
+
+	/**
+	 * Turn a database group entry into AdvancedGroupInfo object entry
+	 * 
+	 * @param array $data Database entry
+	 * @param AdvancedGroupInfo $info Optionnal, fill an existing object
+	 * instead of creating a new one
+	 * @param bool $load_likes Specified whether the likes of the group should
+	 * be loaded or not (default: FALSE)
+	 * @return AdvancedGroupInfo Advanced information about the group
+	 */
+	private function dbToAdvancedGroupInfo(array $data, AdvancedGroupInfo $info = null, bool $load_likes = FALSE) : AdvancedGroupInfo {
+
+		if($info == null)
+			$info = new AdvancedGroupInfo();
+
+		//Parse basical information about the group
+		$this->dbToGroupInfo($data, $info);
+
+		//Parse advanced information
+		$info->set_time_create($data["time_create"]);
+		if($data["description"] != null && $data["description"] != "" && $data["description"] != "null")
+			$info->set_description($data["description"]);
+		if($data["url"] != null && $data["url"] != "" && $data["url"] != "null")
+			$info->set_url($data["url"]);
+		
+		//Load likes information, if required
+		if($load_likes){
+			$info->set_number_likes(components()->likes->count($info->get_id(), Likes::LIKE_GROUP));
+		}
+
+		return $info;
+
+	}
+
+	/**
+	 * Turn a database group entry into GroupSettings object
+	 * 
+	 * @param array $data Database entry
+	 * @return GroupSettings The settings of the group
+	 */
+	private function dbToGroupSettings(array $data) : GroupSettings {
+
+		//Parse advanced settings about the group
+		$info = new GroupSettings();
+		$this->dbToAdvancedGroupInfo($data, $info);
+
+		return $info;
+
+	}
+
+	/**
+	 * Turn a GroupSettings object into a database entry
+	 * 
+	 * @param GroupSettings $settings The object to convert
+	 * @return array Generated database entry
+	 */
+	private function GroupSettingsToDB(GroupSettings $settings) : array {
+		$data = array();
+
+		if($settings->has_name())
+			$data["name"] = $settings->get_name();
+
+		if($settings->has_logo())
+			$data["path_logo"] = $settings->get_logo();
+
+		if($settings->has_visibility())
+			$data["visibility"] = $settings->get_visibility();
+		
+		if($settings->has_registration_level())
+			$data["registration_level"] = $settings->get_registration_level();
+		
+		if($settings->has_posts_level())
+			$data["posts_level"] = $settings->get_posts_level();
+
+		$data["virtual_directory"] = 
+			$settings->has_virtual_directory() ? $settings->get_virtual_directory() : "";
+
+		$data["description"] = 
+			$settings->has_description() ? $settings->get_description() : "";
+
+		$data["url"] = 
+			$settings->has_url() ? $settings->get_url() : "";
+
+		return $data;
+	}
+
+	/**
+	 * Turn multiple database entries into GroupMember entries
+	 * 
+	 * @param array $entries The entries to process
+	 * @return array Generated GroupMember objects
+	 */
+	private function multipleDBToGroupMember(array $entries) : array {
+		foreach($entries as $num => $entry)
+			$entries[$num] = $this->dbToGroupMember($entry);
+		
+		return $entries;
+	}
+
+	/**
+	 * Turn a database entry into a GroupMember entry
+	 * 
+	 * @param array $entry The database entry to convert
+	 * @return GroupMember Generated entry
+	 */
+	private function dbToGroupMember(array $entry) : GroupMember {
+
+		$member = new GroupMember();
+
+		$member->set_id($entry["id"]);
+		$member->set_group_id($entry["groups_id"]);
+		$member->set_userID($entry["user_id"]);
+		$member->set_time_sent($entry["time_create"]);
+		$member->set_level($entry["level"]);
+		$member->set_following($entry["following"] == 1);
+
+		return $member;
+
+	}
+}
+
+//Register component
+Components::register("groups", new GroupsComponent());

classes/components/MailQueue.php

@@ -0,0 +1,13 @@
+<?php
+/**
+ * Mail queue component
+ * 
+ * @author Pierre HUBERT
+ */
+
+class MailQueue {
+	
+}
+
+//Register component
+Components::register("mail", new MailQueue());

classes/components/SettingsComponent.php

@@ -64,6 +64,42 @@ class SettingsComponents {
 		return $folderUserID == $userID;
 	}
 
+	/**
+	 * Get and return language settings of a user
+	 * 
+	 * @param int $userID Target user ID
+	 * @return LanguageSettings The language settings of the user / invalid object
+	 * in case of failure
+	 */
+	public function get_language(int $userID) : LanguageSettings {
+
+		//Get user database entry
+		$entry = $this->getDBUserInfo($userID);
+
+		//Check for error
+		if(count($entry) == 0)
+			return new LanguageSettings(); //Return invalid object
+		
+		//Parse database entry into LanguageSettings entry
+		return $this->dbToLanguageSettings($entry);
+
+	}
+
+	/**
+	 * Save new version of the language settings of a user
+	 * 
+	 * @param LanguageSettings $settings The settings to save in the database
+	 * @return bool TRUE in case of success / FALSE else
+	 */
+	public function save_language(LanguageSettings $settings) : bool {
+
+		//Convert LanguageSettings object into database entry
+		$entry = $this->LanguageSettingsToDb($settings);
+
+		//Save information in the database
+		return $this->saveDBUserInfo($settings->get_id(), $entry);
+	}
+
 	/**
 	 * Get and return security settings of a user
 	 * 
@@ -84,6 +120,28 @@ class SettingsComponents {
 		return $this->dbToSecuritySettings($entry);
 	}
 
+	/**
+	 * Check whether the user has defined security questions or not
+	 * 
+	 * @param int $userID Target user ID
+	 * @return bool TRUE if the user has defined security questions / FALSE else
+	 */
+	public function has_security_questions(int $userID) : bool {
+
+		//Get security settings
+		$security = $this->get_security($userID);
+
+		//Check for errors
+		if(!$security->isValid())
+			return FALSE;
+		
+		return $security->has_security_question_1() &&
+			$security->has_security_answer_1() &&
+			$security->has_security_question_2() &&
+			$security->has_security_answer_2();
+
+	}
+
 	/**
 	 * Save new version of the security settings of a user
 	 * 
@@ -195,6 +253,21 @@ class SettingsComponents {
 		return $data;
 	}
 
+	/**
+	 * Parse a user information into LanguageSettings object
+	 * 
+	 * @param array $entry The entry to parse
+	 * @return LanguageSettings Generated model
+	 */
+	private function dbToLanguageSettings(array $entry) : LanguageSettings {
+		$obj = new LanguageSettings();
+
+		$obj->set_id($entry['ID']);
+		$obj->set_lang($entry["lang"]);
+
+		return $obj;
+	}
+
 	/**
 	 * Parse a user information entry into SecuritySettings object
 	 * 
@@ -206,15 +279,29 @@ class SettingsComponents {
 		$obj = new SecuritySettings();
 
 		$obj->set_id($entry['ID']);
-		$obj->set_security_question_1($entry["question1"]);
+		if($entry["question1"] != null) $obj->set_security_question_1($entry["question1"]);
-		$obj->set_security_answer_1($entry["reponse1"]);
+		if($entry["reponse1"] != null) $obj->set_security_answer_1($entry["reponse1"]);
-		$obj->set_security_question_2($entry["question2"]);
+		if($entry["question2"] != null) $obj->set_security_question_2($entry["question2"]);
-		$obj->set_security_answer_2($entry["reponse2"]);
+		if($entry["reponse2"] != null) $obj->set_security_answer_2($entry["reponse2"]);
 
 		return $obj;
 
 	}
 
+	/**
+	 * Turn LanguageSettings object into database entry
+	 * 
+	 * @param LanguageSettings $settings Language settings to turn into database entry
+	 * @return array Generated entry
+	 */
+	private function LanguageSettingsToDb(LanguageSettings $settings) : array {
+		$data = array();
+
+		$data["lang"] = $settings->get_lang();
+
+		return $data;
+	}
+
 	/**
 	 * Turn SecuritySettings object into database entry
 	 * 

classes/components/backgroundImage.php

@@ -1,57 +0,0 @@
-<?php
-/**
- * User background image class
- *
- * @author Pierre HUBERT
- */
-class BackgroundImage {
-
-	/**
-	 * @var String Base folder path for account image
-	 */
-	private $files_path;
-
-	/**
-	 * @var String Base URL for account images
-	 */
-	private $files_url;
-	
-	/**
-	 * @var String Default background image
-	 */
-	private $defaultFile = "0.jpg";
-
-	/**
-	 * Constructor of the class
-	 */
-	public function __construct(){
-		//Set values
-		$this->files_path = path_user_data(CS::get()->config->get("backgroundImagePath"), true);
-		$this->files_url = path_user_data(CS::get()->config->get("backgroundImagePath"), false);
-	}
-
-	/**
-	 * Returns the path of a background image
-	 *
-	 * @param Integer $userID The ID of the user on which we perform research
-	 * @return String The URL pointing on the background image
-	 */
-	public function getPath(int $userID) : string {
-		//First, check if the background image exists
-		$backgroundImageRefFile = $this->files_path."adresse_imgfond/".$userID.".txt";
-		if(file_exists($backgroundImageRefFile)){
-
-			//Get background image path and return it
-			return $this->files_url.file_get_contents($backgroundImageRefFile);
-			
-		}
-		else {
-			//Return default background image
-			return $this->files_url.$this->defaultFile;
-		}
-	}
-
-}
-
-//Register class
-Components::register("backgroundImage", new BackgroundImage());

classes/components/likes.php

@@ -18,6 +18,7 @@ class Likes {
 	const LIKE_USER = "user";
 	const LIKE_POST = "post";
 	const LIKE_COMMENT = "comment";
+	const LIKE_GROUP = "group";
 
 	/**
 	 * Translation of the kinds of like for the database
@@ -25,7 +26,8 @@ class Likes {
 	const KINDS_DB = array(
 		Likes::LIKE_USER => "page",
 		Likes::LIKE_POST => "texte",
-		Likes::LIKE_COMMENT => "commentaire"
+		Likes::LIKE_COMMENT => "commentaire",
+		Likes::LIKE_GROUP => "group"
 	);
 
 	/**

classes/components/notifications.php

@@ -101,10 +101,20 @@ class notificationComponent {
 				return false;
 				
 			//Update post informations
+			if($info_post->get_kind_page() == Posts::PAGE_KIND_USER){
 				$notification->set_from_container_type(Notification::USER_PAGE);
 				$notification->set_from_container_id($info_post->get_user_page_id());
+			}
+			else if($info_post->get_kind_page() == Posts::PAGE_KIND_GROUP){
+				$notification->set_from_container_type(Notification::GROUP_PAGE);
+				$notification->set_from_container_id($info_post->get_group_id());
+			}
+			else
+				throw new Exception("Unsupported page kind: ".$info_post->get_kind_page());
+			
 
 			//Check if the notification is private or not
+			//Private posts
 			if($info_post->get_visibility_level() == Posts::VISIBILITY_USER){
 
 				//Push the notification only to the user, and only if it is not him
@@ -117,7 +127,9 @@ class notificationComponent {
 				//Push the notification
 				return $this->push_private($notification);
 			}
-			else {
+
+			//For the posts on user pages
+			else if($notification->get_from_container_type() == Notification::USER_PAGE) {
 
 				//Get the list of friends of the user
 				$friendslist = components()->friends->getList($notification->get_from_user_id());
@@ -146,6 +158,18 @@ class notificationComponent {
 
 			}
 
+			//For the posts on groups
+			else if($notification->get_from_container_type() == Notification::GROUP_PAGE){
+				
+				//Push to all the members of a group who follows it
+				return $this->push_members_group($notification, $notification->get_from_container_id());
+			}
+
+			//Unimplemented scenario
+			else {
+				throw new Exception("Notification scenarios not implemented!");
+			}
+
 		}
 
 		//Handles friendship request notifications
@@ -160,6 +184,28 @@ class notificationComponent {
 
 		}
 
+		//Handles groups membership notifications
+		else if($notification->get_on_elem_type() == Notification::GROUP_MEMBERSHIP){
+
+			//Complete the notification
+			$notification->set_from_container_id(0);
+			$notification->set_from_container_type("");
+			
+			//Check whether the notification has to be pushed to a single user
+			//or to all the moderators of the page
+			if($notification->has_dest_user_id())
+
+				//Push the notification in private way (if it has a destination,
+				//generally the target of the membership request)
+				return $this->push_private($notification);
+			
+			else {
+				//Push the notification to all the moderators of the group
+				return $this->push_group_moderators($notification, $notification->get_on_elem_id());
+			}
+
+		}
+		
 		//Unsupported element
 		else {
 			throw new Exception("The kind of notification ".$notification->get_on_elem_type()." is not currently supported !");
@@ -167,6 +213,56 @@ class notificationComponent {
 		
 	}
 
+	/**
+	 * Push a notification to all the members of a group following it
+	 * 
+	 * @param Notification $notification The notification to push
+	 * @param int $groupID Target group ID
+	 * @return bool TRUE success / FALSE else
+	 */
+	private function push_members_group(Notification $notification, int $groupID) : bool {
+
+		//Get the list of the members of the group that follows it
+		$list = components()->groups->getListFollowers($groupID);
+		
+		//Process the list of followers
+		$target_users = array();
+		foreach($list as $userID){
+
+			//If the current follower is the user creating the notification
+			if($userID == $notification->get_from_user_id())
+				continue;
+			
+			$target_users[] = $userID;
+		}
+
+		//Push the notification
+		return $this->push_public($notification, $target_users);
+
+	}
+
+	/**
+	 * Push a notification to all the moderators of a group
+	 * 
+	 * @param Notification $notification The notification to push
+	 * @param int $groupID The ID of the target group
+	 * @return bool TRUE for a success / FALSE else
+	 */
+	private function push_group_moderators(Notification $notification, int $groupID) : bool {
+
+		//Get the list of the moderators of the group
+		$members = components()->groups->getListMembers($groupID);
+		$moderators = array();
+
+		foreach($members as $member){
+			if($member->get_level() <= GroupMember::MODERATOR)
+				$moderators[] = $member->get_userID();
+			
+		}
+
+		return $this->push_public($notification, $moderators);
+	}
+
 	/**
 	 * Push a notification to several users
 	 * 

classes/components/posts.php

@@ -19,6 +19,9 @@ class Posts {
 	//Posts that can be seen by the user only
 	const VISIBILITY_USER = 3;
 
+	//Posts that can be seen by the members of a group (same as friends)
+	const VISIBILITY_GROUP_MEMBERS = 50;
+
 	/**
 	 * Access level to a post
 	 */
@@ -39,6 +42,7 @@ class Posts {
 	 */
 	//Post on user page
 	const PAGE_KIND_USER = "user";
+	const PAGE_KIND_GROUP = "group";
 
 	/**
 	 * Kinds of post
@@ -118,7 +122,7 @@ class Posts {
 		$visibilityLevel = $this->getUserVisibility($userID, $targetID);
 
 		//Prepare the request on the database
-		$conditions = "WHERE ID_personne = ? AND (";
+		$conditions = "WHERE ID_personne = ? AND group_id = 0 AND (";
 		$dataConds = array($targetID);
 
 		//Add the visibility level conditions
@@ -158,15 +162,68 @@ class Posts {
 
 	}
 
+	/**
+	 * Get the posts of a group
+	 * 
+	 * @param int $groupID The ID of the related group
+	 * @param bool $all_posts Specify whether we should get all the posts of the user or not
+	 * @param int $from Start point for the query
+	 * @param int $limit The limit for the request (default = 10)
+	 */
+	public function getGroupPosts(int $groupID, bool $all_posts, int $from = 0, int $limit = 10){
+
+		//Check the value of limit (security)
+		if($limit < 1){
+			throw new Exception("The limit of the query must absolutly be positive !");
+		}
+
+		//Get user visibility level
+		$visibilityLevel = $all_posts ? $this::VISIBILITY_GROUP_MEMBERS : $this::VISIBILITY_PUBLIC;
+
+		//Prepare the request on the database
+		$conditions = "WHERE group_id = ? AND (";
+		$dataConds = array($groupID);
+
+		//Add the visibility level conditions
+		$conditions .= "(niveau_visibilite <= ?)";
+		$dataConds[] = $visibilityLevel;
+
+		//Close permissions conditions
+		$conditions .= ")";
+		
+		//Add startpoint condition if required (and get older messages)
+		if($from != 0){
+			$conditions .= " AND ID <= ? ";
+			$dataConds[] = $from;
+		}
+
+		//Specify order and limit
+		$conditions.= " ORDER BY ID DESC LIMIT ".$limit;
+
+		//Perform the request
+		$list = CS::get()->db->select(
+			$this::TABLE_NAME,
+			$conditions,
+			$dataConds
+		);
+
+		//Parse and return posts
+		return $this->processGetMultiple($list, TRUE);
+
+	}
+
 	/**
 	 * Get the list of latest posts for a user
 	 * 
 	 * @param int $userID The ID of the user requesting its list of posts
 	 * @param int $startPoint The startpoint of the research (default: 0 = none)
 	 * @param int $limit The limit of the research (default: 10)
+	 * @param bool $include_groups Specify whether groups post can be selected
+	 * too or not
 	 * @return array The list of newest posts for the user
 	 */
-	public function get_latest(int $userID, int $startPoint = 0, int $limit = 10) : array {
+	public function get_latest(int $userID, int $startPoint = 0, 
+		int $limit = 10, bool $include_groups) : array {
 
 		//Check the value of limit (security)
 		if($limit < 1){
@@ -182,27 +239,41 @@ class Posts {
 
 		//Prepare the request on the database
 		//Add the visibility level conditions
-		$conditions = "WHERE niveau_visibilite <= ? AND (ID_personne = ?";
+		$conditions = "WHERE ((group_id = 0 AND niveau_visibilite <= ? AND (ID_personne = ?";
 		$dataConds = array($visibilityLevel, $userID);
 
 		//Process the list of friends of the user
 		foreach($friendsList as $friend){
 			$friendID = $friend->getFriendID();
-			$conditions .= " OR ID_personne = ?";
+			$conditions .= " OR (ID_personne = ?)";
 			$dataConds[] = $friendID;
 		}
 
 		//Close user list conditions
-		$conditions .= ")";
+		$conditions .= "))";
+
+		//Check whether posts from groups should be included too
+		if($include_groups){
+
+			//Get the list of groups the user is following
+			$groups = components()->groups->getListFollowedByUser($userID);
+
+			//Process the list of groups
+			foreach($groups as $groupID){
+				$conditions .= " OR (group_id = ?)";
+				$dataConds[] = $groupID;
+			}
+		}
+
 		
 		//Add startpoint condition if required (and get older messages)
 		if($startPoint != 0){
-			$conditions .= " AND ID <= ? ";
+			$conditions .= ") AND (ID <= ? ";
 			$dataConds[] = $startPoint;
 		}
 
 		//Specify order and limit
-		$conditions.= " ORDER BY ID DESC LIMIT ".$limit;
+		$conditions.= ") ORDER BY ID DESC LIMIT ".$limit;
 
 		//Perform the request
 		$list = CS::get()->db->select(
@@ -334,6 +405,9 @@ class Posts {
 		if($post_info->get_userID() == $userID)
 			return $this::FULL_ACCESS;
 		
+		//Special checks if the posts belongs to a user's page
+		if($post_info->get_kind_page() == Posts::PAGE_KIND_USER){
+
 			//Check if the post was made on the user page
 			if($post_info->get_user_page_id() == $userID)
 				return $this::INTERMEDIATE_ACCESS;
@@ -381,6 +455,33 @@ class Posts {
 				else
 					return $this::NO_ACCESS;
 			}
+		}
+
+		//Checks if the posts belongs to a group's page
+		if($post_info->get_kind_page() == Posts::PAGE_KIND_GROUP){
+
+			//Get the access level of the user over the group
+			$access_level = components()->groups->getMembershipLevel($userID, $post_info->get_group_id());
+
+			//Moderators and administrators can delete all the posts of the group
+			if($access_level < GroupMember::MEMBER)
+				return $this::INTERMEDIATE_ACCESS;
+				
+			//Members of a group can see all the posts of the group
+			if($access_level == GroupMember::MEMBER)
+				return $this::BASIC_ACCESS;
+				
+			//Check if the post is public or not
+			if($post_info->get_visibility_level() != Posts::VISIBILITY_PUBLIC)
+				return $this::NO_ACCESS;
+			
+			//Check if the group is open or not
+			if(!components()->groups->isOpen($post_info->get_group_id()))
+				return $this::NO_ACCESS;
+			
+			// Post public + open group > basic access
+			return $this::BASIC_ACCESS;
+		}
 		
 		//Not implemented
 		return $this::NO_ACCESS;
@@ -408,6 +509,7 @@ class Posts {
 			$day_end = $array_date_end[0];
 			$month_end = $array_date_end[1];
 			$year_end = $array_date_end[2];
+			$time_end = $post->get_time_end();
 		}
 		
 		//Process user page posts
@@ -416,6 +518,14 @@ class Posts {
 			//Determine who is creating the post
 			$post_user_id = $post->get_kind_page_id();
 			$post_friend_id = $post->get_kind_page_id() == $post->get_userID() ? 0 : $post->get_userID();
+			$post_group_id = 0;
+
+		}
+		else if($post->get_kind_page() == $this::PAGE_KIND_GROUP){
+
+			$post_user_id = $post->get_userID();
+			$post_friend_id = 0;
+			$post_group_id = $post->get_kind_page_id();
 
 		}
 		else {
@@ -426,6 +536,7 @@ class Posts {
 		$data = array(
 			"ID_personne" => $post_user_id,
 			"ID_amis" => $post_friend_id,
+			"group_id" => $post_group_id,
 			"date_envoi" => mysql_date(),
 			"time_insert" => time(),
 			"texte" => $post->has_content() ? $post->get_content() : "",
@@ -444,6 +555,7 @@ class Posts {
 			"jour_fin" => isset($day_end) ? $day_end : null,
 			"mois_fin" => isset($month_end) ? $month_end : null,
 			"annee_fin" => isset($year_end) ? $year_end : null,
+			"time_end" => isset($time_end) ? $time_end : null,
 
 			//Weblink page
 			"url_page" => $post->has_link_url() ? $post->get_link_url() : null,
@@ -686,7 +798,11 @@ class Posts {
 		//General information
 		$post->set_id($entry["ID"]);
 		$post->set_userID($entry["ID_amis"] == 0 ? $entry["ID_personne"] : $entry["ID_amis"]);
+
+		//Determine the kind of target page and its ID
 		$post->set_user_page_id($entry["ID_personne"]);
+		$post->set_group_id($entry["group_id"]);
+		
 		$post->set_time_sent($entry["time_insert"] == null ? strtotime($entry["date_envoi"]) : $entry["time_insert"]);
 		$post->set_content($entry["texte"]);
 		$post->set_visibility_level($entry["niveau_visibilite"]);
@@ -707,7 +823,8 @@ class Posts {
 		//Countdown timer - specific
 		if($entry['annee_fin'] != 0)
 			$post->set_time_end(strtotime($entry["annee_fin"]."/".$entry['mois_fin']."/".$entry["jour_fin"]));
-		
+		if($entry["time_end"] != 0)
+			$post->set_time_end($entry["time_end"]);	
 		
 		//Web link
 		$post->set_link_url($entry["url_page"] != null ? $entry["url_page"] : "");

classes/components/search.php

@@ -37,6 +37,34 @@ class search {
 		//Return result
 		return $return;
 	}
+
+	/**
+	 * Search for groups in the database
+	 * 
+	 * @param string $query
+	 * @param int $limit (default = 10)
+	 * @return array List of results
+	 */
+	public function search_group(string $query, int $limit = 10){
+
+		//Query string
+		$query = "%".$query."%";
+
+		//Request
+		$results = db()->select(
+			GroupsComponent::GROUPS_LIST_TABLE,
+			"WHERE name LIKE ? AND visibility != ".GroupInfo::SECRET_GROUP,
+			array($query),
+			array("id")
+		);
+
+		//Parse and return results
+		$list = array();
+		foreach($results as $el)
+			$list[] = $el["id"];
+		
+		return $list;
+	}
 }
 
 //Register class

classes/models/AdvancedGroupInfo.php

@@ -0,0 +1,80 @@
+<?php
+/**
+ * Advanced information about a group model
+ * 
+ * @author Pierre HUBERT
+ */
+
+//Make sure that GroupInfo has already been included
+require_once __DIR__."/GroupInfo.php";
+
+class AdvancedGroupInfo extends GroupInfo {
+
+	//Private fields
+	private $time_create = -1;
+	private $url;
+	private $description;
+	private $number_likes = -1;
+	private $is_liking = false;
+
+	//Get and set the creation time of the group
+	public function set_time_create(int $time_create){
+		$this->time_create = $time_create;
+	}
+
+	public function has_time_create() : bool {
+		return $this->time_create > -1;
+	}
+
+	public function get_time_create() : int {
+		return $this->time_create;
+	}
+
+	//Set and get url
+	public function set_url(string $url){
+		$this->url = $url == "" ? null : $url;
+	}
+
+	public function has_url() : bool {
+		return $this->url != null;
+	}
+
+	public function get_url() : string {
+		return $this->url != null ? $this->url : "null";
+	}
+
+	//Set and get description
+	public function set_description(string $description){
+		$this->description = $description == "" ? null : $description;
+	}
+
+	public function has_description() : bool {
+		return $this->description != null;
+	}
+
+	public function get_description() : string {
+		return $this->description != null ? $this->description : "null";
+	}
+
+	//Set and get the number of likes over the group
+	public function set_number_likes(int $number_likes){
+		$this->number_likes = $number_likes;
+	}
+
+	public function has_number_likes() : bool {
+		return $this->number_likes > -1;
+	}
+
+	public function get_number_likes() : int {
+		return $this->number_likes;
+	}
+
+	//Set and get wheter the user is liking the group or not
+	public function setLiking(bool $liking){
+		$this->is_liking = $liking;
+	}
+	
+	public function isLiking() : bool {
+		return $this->is_liking;
+	}
+}

classes/models/GroupInfo.php

@@ -0,0 +1,173 @@
+<?php
+/**
+ * Group information model
+ * 
+ * @author Pierre HUBERT
+ */
+
+class GroupInfo extends BaseUniqueObject {
+
+	//Path to group logo in user data
+	const PATH_GROUPS_LOGO = "groups_logo";
+
+	//Groups visibility
+	const OPEN_GROUP = 0;
+	const PRIVATE_GROUP = 1;
+	const SECRET_GROUP = 2;
+
+	//Registration levels
+	const OPEN_REGISTRATION = 0;
+	const MODERATED_REGISTRATION = 1;
+	const CLOSED_REGISTRATION = 2;
+
+	//User access to a group
+	const NO_ACCESS = 0; //Can not even know if the group exists or not
+	const LIMITED_ACCESS = 1; //Access to the name of the group only
+	const VIEW_ACCESS = 2; //Can see the posts of the group, but not a member of the group
+	const MEMBER_ACCESS = 3; //Member access (same as view access but as member)
+	const MODERATOR_ACCESS = 4; //Can create posts, even if posts creation is restricted
+	const ADMIN_ACCESS = 5; //Can do everything
+
+	//Post levels
+	const POSTS_LEVEL_MODERATORS = 0; //Only the moderators and the administrator can create posts
+	const POSTS_LEVEL_ALL_MEMBERS = 1; //All the members of the group can create posts
+
+	//Private fields
+    private $name;
+    private $number_members = -1;
+	private $logo;
+	private $membership_level = -1;
+	private $visiblity = -1;
+	private $registration_level = -1;
+	private $posts_level = -1;
+	private $virtual_directory;
+	private $following = FALSE;
+    
+    //Get and set the name of group
+    public function set_name(string $name){
+		$this->name = $name == "" ? null : $name;
+	}
+
+	public function has_name() : bool {
+		return $this->name != null;
+	}
+
+	public function get_name() : string {
+		return $this->name != null ? $this->name : "null";
+    }
+    
+    //Get and set the number of members of the group
+    public function set_number_members(int $number_members){
+		$this->number_members = $number_members;
+	}
+
+	public function has_number_members() : bool {
+		return $this->number_members > -1;
+	}
+
+	public function get_number_members() : int {
+		return $this->number_members;
+	}
+	
+	//Get and set the URL of the logo of group
+    public function set_logo(string $logo){
+		$this->logo = $logo == "" ? null : $logo;
+	}
+
+	public function has_logo() : bool {
+		return $this->logo != null;
+	}
+
+	public function get_logo() : string {
+		return $this->logo != null ? $this->logo : self::PATH_GROUPS_LOGO."/default.png";
+	}
+	
+	public function get_logo_url() : string {
+		return path_user_data($this->get_logo());
+	}
+
+	public function get_logo_sys_path() : string {
+
+		//For security reasons, this method is available 
+		//only if the user has really a logo (avoid unattended
+		//operation on default logo)
+		if(!$this->has_logo())
+			throw new Exception("This GroupInfo object has not any logo set!");
+
+		return path_user_data($this->get_logo(), true);
+	}
+	
+	//Get and set the membership level of the current user
+	public function set_membership_level(int $membership_level){
+		$this->membership_level = $membership_level;
+	}
+
+	public function has_membership_level() : bool {
+		return $this->membership_level > -1;
+	}
+
+	public function get_membership_level() : int {
+		return $this->membership_level;
+	}
+
+	//Get and set group visibility
+    public function set_visibility(int $visibility){
+		$this->visibility = $visibility;
+	}
+
+	public function has_visibility() : bool {
+		return $this->visibility > -1;
+	}
+
+	public function get_visibility() : int {
+		return $this->visibility;
+	}
+
+	//Get and set registration levels
+    public function set_registration_level(int $registration_level){
+		$this->registration_level = $registration_level;
+	}
+
+	public function has_registration_level() : bool {
+		return $this->registration_level > -1;
+	}
+
+	public function get_registration_level() : int {
+		return $this->registration_level;
+	}
+
+	//Get and set posts level
+    public function set_posts_level(int $posts_level){
+		$this->posts_level = $posts_level;
+	}
+
+	public function has_posts_level() : bool {
+		return $this->posts_level > -1;
+	}
+
+	public function get_posts_level() : int {
+		return $this->posts_level;
+	}
+
+	//Get and set virtual directory
+    public function set_virtual_directory(string $virtual_directory){
+		$this->virtual_directory = $virtual_directory == "" ? null : $virtual_directory;
+	}
+
+	public function has_virtual_directory() : bool {
+		return $this->virtual_directory != null;
+	}
+
+	public function get_virtual_directory() : string {
+		return $this->virtual_directory != null ? $this->virtual_directory : "null";
+	}
+
+	//Set and get following status
+	public function set_following(bool $following){
+		$this->following = $following;
+	}
+	
+	public function isFollowing() : bool {
+		return $this->following;
+	}
+}

classes/models/GroupMember.php

@@ -0,0 +1,59 @@
+<?php
+/**
+ * Group member object model
+ * 
+ * @author Pierre HUBERT
+ */
+
+class GroupMember extends BaseUniqueObjectFromUser {
+
+    /**
+     * Groups membership levels
+     */
+    const ADMINISTRATOR = 0;
+    const MODERATOR = 1;
+	const MEMBER = 2;
+	const INVITED = 3;
+	const PENDING = 4; //When the group membership has not been approved yet
+	const VISITOR = 5; //Simple visitor
+
+    //Private fields
+    private $group_id = 1;
+	private $level = -1;
+	private $following;
+
+    //Set and get group id
+    public function set_group_id(int $group_id){
+		$this->group_id = $group_id;
+	}
+
+	public function has_group_id() : bool {
+		return $this->group_id > -1;
+	}
+
+	public function get_group_id() : int {
+		return $this->group_id;
+	}
+
+    //Set and get user membership level
+    public function set_level(int $level){
+		$this->level = $level;
+	}
+
+	public function has_level() : bool {
+		return $this->level > -1;
+	}
+
+	public function get_level() : int {
+		return $this->level;
+	}
+
+	//Set and get following status
+	public function set_following(bool $following){
+		$this->is_following = $following;
+	}
+	
+	public function isFollowing() : bool {
+		return $this->is_following;
+	}
+}

classes/models/GroupSettings.php

@@ -0,0 +1,10 @@
+<?php
+/**
+ * Group settings model object
+ * 
+ * @author Pierre HUBERT
+ */
+
+class GroupSettings extends AdvancedGroupInfo {
+    
+}

classes/models/LanguageSettings.php

@@ -0,0 +1,28 @@
+<?php
+/**
+ * Language settings base model
+ * 
+ * @author Pierre HUBERT
+ */
+
+class LanguageSettings extends BaseUserModel {
+
+	//Available languages
+	const LANGUAGES = array("fr", "en");
+
+	//Private fields
+	private $lang;
+
+	//Set and get the language the user
+	public function set_lang(string $lang){
+		$this->lang = $lang;
+	}
+
+	public function has_lang() : bool {
+		return $this->lang != null;
+	}
+
+	public function get_lang() : string {
+		return $this->lang;
+	}
+}

classes/models/NewGroup.php

@@ -0,0 +1,25 @@
+<?php
+/**
+ * New Group Object
+ * 
+ * @author Pierre HUBERT
+ */
+
+class NewGroup extends BaseUniqueObjectFromUser {
+
+    //Private properties
+    private $name;
+
+    //Set and get name
+	public function set_name(string $name){
+		$this->name = $name == "" ? null : $name;
+	}
+
+	public function has_name() : bool {
+		return $this->name != null;
+	}
+
+	public function get_name() : string {
+		return $this->name != null ? $this->name : "null";
+	}
+}

classes/models/Notification.php

@@ -11,6 +11,7 @@ class Notification {
 	 * Elements type
 	 */
 	const USER_PAGE = "user_page";
+	const GROUP_PAGE = "group_page";
 	const CONVERSATION = "conversation";
 	const CONVERSATION_MESSAGE = "conversation_message";
 	const POST = "post";
@@ -24,6 +25,7 @@ class Notification {
 	const POST_SURVEY = "post_survey";
 	const COMMENT = "comment";
 	const FRIENDSHIP_REQUEST = "friend_request";
+	const GROUP_MEMBERSHIP = "group_membership";
 
 	/**
 	 * Event type
@@ -34,6 +36,12 @@ class Notification {
 	const REJECTED_FRIEND_REQUEST = "rejected_friend_request";
 	const ELEM_CREATED = "elem_created";
 	const ELEM_UPDATED = "elem_updated";
+	const SENT_GROUP_MEMBERSHIP_INVITATION = "sent_group_membership_invitation";
+	const ACCEPTED_GROUP_MEMBERSHIP_INVITATION = "accepted_group_membership_invitation";
+	const REJECTED_GROUP_MEMBERSHIP_INVITATION = "rejected_group_membership_invitation";
+	const SENT_GROUP_MEMBERSHIP_REQUEST = "sent_group_membership_request";
+	const ACCEPTED_GROUP_MEMBERSHIP_REQUEST = "accepted_group_membership_request";
+	const REJECTED_GROUP_MEMBERSHIP_REQUEST = "rejected_group_membership_request";
 
 	/**
 	 * Event visibility
@@ -158,6 +166,10 @@ class Notification {
 	 */
 	public function set_from_user_id(int $from_user_id){
 		$this->from_user_id = $from_user_id;
+
+		//Check if we have to reset the value
+		if($from_user_id < 0)
+			$this->from_user_id = null;
 	}
 
 	/**
@@ -185,6 +197,10 @@ class Notification {
 	 */
 	public function set_dest_user_id(int $dest_user_id){
 		$this->dest_user_id = $dest_user_id;
+
+		//Reset the value if required
+		if($dest_user_id < 0)
+			$this->dest_user_id = null;
 	}
 
 	/**

classes/models/Post.php

@@ -75,6 +75,22 @@ class Post extends BaseUniqueObjectFromUser {
 		return $this->kind_page == Posts::PAGE_KIND_USER ? $this->kind_page_id : 0;
 	}
 
+	//Set and get the target group ID
+	public function set_group_id(int $group_id){
+		if($group_id > 0){
+			$this->set_kind_page(Posts::PAGE_KIND_GROUP);
+			$this->kind_page_id = $group_id;
+		}
+	}
+
+	public function has_group_id() : bool {
+		return $this->kind_page_id > 0 && $this->kind_page == Posts::PAGE_KIND_GROUP;
+	}
+
+	public function get_group_id() : int {
+		return $this->kind_page == Posts::PAGE_KIND_GROUP ? $this->kind_page_id : 0;
+	}
+
 
 	//Set and get content
 	public function set_content(string $content){

classes/models/SearchResult.php

@@ -0,0 +1,54 @@
+<?php
+/**
+ * Search result model
+ * 
+ * @author Pierre HUBERT
+ */
+
+class SearchResult {
+
+	//Kind of result
+	const KIND_GROUP = 1;
+	const KIND_USER = 2;
+
+	//Private fields
+	private $kind;
+	private $kind_id;
+
+	/**
+	 * Constructor of the object
+	 * 
+	 * @param int $kind The kind of result (group, user...)
+	 * @param int $kind_id The ID of the result
+	 */
+	public function SearchResult(int $kind, int $kind_id){
+		$this->set_kind($kind);
+		$this->set_kind_id($kind_id);
+	}
+
+	//Set and get the kind of object
+	public function set_kind(int $kind){
+		$this->kind = $kind;
+	}
+
+	public function has_kind() : bool {
+		return $this->kind > 0;
+	}
+
+	public function get_kind() : int {
+		return $this->kind;
+	}
+
+	//Set and get kind id
+	public function set_kind_id(int $kind_id){
+		$this->kind_id = $kind_id;
+	}
+
+	public function has_kind_id() : bool {
+		return $this->kind_id > 0;
+	}
+
+	public function get_kind_id() : int {
+		return $this->kind_id;
+	}
+}

config/main.php

@@ -33,8 +33,8 @@ $config->set("storage_path", "/home/pierre/Documents/projets_web/comunic/current
 $config->set("mysql", array(
     "host" => "localhost",
     "database" => "comunic", 
-    "user" => "root", 
+    "user" => "pierre", 
-    "password" => "root"
+    "password" => "pierre"
 ));
 
 /**

db_struct.sql

@@ -72,6 +72,14 @@ CREATE TABLE `commentaires` (
   PRIMARY KEY (`ID`)
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
 
+DROP TABLE IF EXISTS `comunic_api_limit_count`;
+CREATE TABLE `comunic_api_limit_count` (
+  `ip` varchar(15) NOT NULL,
+  `time_start` int(11) DEFAULT NULL,
+  `action` varchar(45) DEFAULT NULL,
+  `count` int(11) DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
 
 DROP TABLE IF EXISTS `comunic_API_ServicesToken`;
 CREATE TABLE `comunic_API_ServicesToken` (
@@ -129,6 +137,46 @@ CREATE TABLE `comunic_conversations_users` (
   PRIMARY KEY (`ID`)
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
 
+DROP TABLE IF EXISTS `comunic_groups`;
+CREATE TABLE `comunic_groups` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `time_create` int(11) DEFAULT NULL,
+  `userid_create` int(11) DEFAULT NULL,
+  `name` varchar(45) DEFAULT NULL,
+  `path_logo` varchar(45) DEFAULT NULL,
+  `visibility` int(11) NOT NULL DEFAULT '1',
+  `registration_level` int(11) DEFAULT '1',
+  `posts_level` int(11) DEFAULT '0',
+  `virtual_directory` varchar(45) DEFAULT NULL,
+  `description` varchar(255) DEFAULT NULL,
+  `url` varchar(255) DEFAULT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB AUTO_INCREMENT=8 DEFAULT CHARSET=latin1;
+
+DROP TABLE IF EXISTS `comunic_groups_members`;
+CREATE TABLE `comunic_groups_members` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `groups_id` int(11) DEFAULT NULL,
+  `user_id` varchar(45) DEFAULT NULL,
+  `time_create` varchar(45) DEFAULT NULL,
+  `level` int(11) DEFAULT '2',
+  `following` tinyint(4) DEFAULT '0',
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB AUTO_INCREMENT=28 DEFAULT CHARSET=latin1;
+
+
+
+DROP TABLE IF EXISTS `comunic_mails_queue`;
+CREATE TABLE `comunic_mails_queue` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `priority` int(11) DEFAULT NULL,
+  `time_insert` int(11) DEFAULT NULL,
+  `userID` int(11) DEFAULT NULL,
+  `template` varchar(45) DEFAULT NULL,
+  `data` text DEFAULT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
 
 DROP TABLE IF EXISTS `comunic_notifications`;
 CREATE TABLE `comunic_notifications` (
@@ -139,7 +187,7 @@ CREATE TABLE `comunic_notifications` (
   `dest_user_id` int(11) DEFAULT NULL,
   `on_elem_id` int(11) DEFAULT NULL,
   `on_elem_type` varchar(25) DEFAULT NULL,
-  `type` varchar(25) DEFAULT NULL,
+  `type` varchar(50) DEFAULT NULL,
   `visibility` varchar(20) DEFAULT NULL,
   `from_container_id` int(11) DEFAULT NULL,
   `from_container_type` varchar(25) DEFAULT NULL,
@@ -424,6 +472,7 @@ CREATE TABLE `texte` (
   `time_insert` int(11) DEFAULT NULL,
   `texte` text NOT NULL,
   `ID_amis` int(11) NOT NULL DEFAULT '0',
+  `group_id` int(11) DEFAULT '0',
   `niveau_visibilite` varchar(255) NOT NULL DEFAULT '1',
   `type` varchar(255) NOT NULL DEFAULT 'texte',
   `idvideo` int(11) DEFAULT NULL,
@@ -433,6 +482,7 @@ CREATE TABLE `texte` (
   `annee_fin` varchar(255) DEFAULT NULL,
   `mois_fin` varchar(255) DEFAULT NULL,
   `jour_fin` varchar(255) DEFAULT NULL,
+  `time_end` int(11) DEFAULT NULL,
   `url_page` varchar(255) DEFAULT NULL,
   `titre_page` varchar(255) DEFAULT NULL,
   `description_page` longtext,
@@ -483,5 +533,8 @@ CREATE TABLE `utilisateurs` (
   `allow_multilogin` int(11) NOT NULL DEFAULT '0',
   `allow_piwik` int(11) NOT NULL DEFAULT '1',
   `public_note` varchar(255) DEFAULT NULL,
+  `password_reset_token` varchar(255) DEFAULT NULL,
+  `password_reset_token_time_create` int(11) DEFAULT NULL,
+  `lang` varchar(4) DEFAULT 'en',
   PRIMARY KEY (`ID`)
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1;

functions/requests.php

@@ -33,10 +33,10 @@ function check_post_parametres(array $varList) : bool {
 /**
  * Convert a list of numbers (anything with IDs) comma-separated to an array
  *
- * @param String $list The input list
+ * @param string $list The input list
- * @return Array The list of user / an empty list in case of errors
+ * @return array The list of user / an empty list in case of errors
  */
-function numbers_list_to_array($list) : array {
+function numbers_list_to_array(string $list) : array {
 	//Split the list into an array
 	$array = explode(",", $list);
 	$usersList = array();
@@ -102,15 +102,38 @@ function postBool(string $name) : bool {
  * This function makes a REST_Error in case of error
  * 
  * @param string $name The name of the $_POST field
+ * @param string $default The default value (null = none)
  * @return int The integer
  */
-function postInt(string $name) : int {
+function postInt(string $name, string $default = null) : int {
 	
 	//Check the variable
-	if(!isset($_POST[$name]))
+	if(!isset($_POST[$name]) && $default == null)
 		Rest_fatal_error(400, "Please add a POST integer named '".$name."' in the request !");
 
+	if(isset($_POST[$name]))
 		return (int)$_POST[$name];
+	else
+		return (int) $default;
+}
+
+/**
+ * Get an email address specified in a $_POST request
+ * 
+ * @param string $name The name of the post field containing the
+ * email address
+ * @return string The email address
+ */
+function postEmail(string $name) : string {
+
+	//Get the email as a string
+	$email = postString($name, 5);
+	
+	//Check the email
+	if(!filter_var($email, FILTER_VALIDATE_EMAIL))
+		Rest_fatal_error(400, "Specified email address is invalid !");
+
+	return $email;
 }
 
 /**
@@ -120,7 +143,7 @@ function postInt(string $name) : int {
  * @return int $output The output (safe integer)
  */
 function toInt($input) : int{
-	return floor($input*1);
+	return (int) $input;
 }
 
 /**
@@ -509,7 +532,7 @@ function save_post_image(string $fieldName, int $userID, string $folder, int $ma
  * @param string $directory The directory to check
  * @return bool TRUE if the domain seems to be valid / FALSE else
  */
-function checkUserDirectoryValidity(string $directory) : bool {
+function checkVirtualDirectoryValidity(string $directory) : bool {
 	
 	//Check domain length
 	if(strlen($directory) < 4)
@@ -524,13 +547,14 @@ function checkUserDirectoryValidity(string $directory) : bool {
 }
 
 /**
- * Get a user post directory from a $_POST request and transform it to make it SQL-safe
+ * Get a user / group post directory from a $_POST 
+ * request and transform it to make it SQL-safe
  * 
  * @param string $name The name of the $_POST Request
  * @return string The user virtual directory, safe for saving
  * @throws RESTException If the directory is missing, or invalid
  */
-function getPostUserDirectory(string $name) : string {
+function getPostVirtualDirectory(string $name) : string {
 
 	//Check if the $_POST variable exists or not
 	if(!isset($_POST[$name]))
@@ -538,10 +562,91 @@ function getPostUserDirectory(string $name) : string {
 	$directory = (string) $_POST[$name];
 
 	//Check domain validity
-	if(!checkUserDirectoryValidity($directory))
+	if(!checkVirtualDirectoryValidity($directory))
 		Rest_fatal_error(401, "Specified directory seems to be invalid!");
 	
 	//Return the directory
 	return $directory;
 
 }
+
+/**
+ * Check wether a virtual directory is available or not
+ * 
+ * @param string $name The virtual directory to check
+ * @param int $id The ID of the target element
+ * @param bool $isPage TRUE if the request is made for a page
+ * @return bool TRUE if the virtual directory is valid / FALSE else
+ */
+function checkVirtualDirectoryAvailability(string $name, int $id, bool $isPage) : bool {
+
+	if(!checkVirtualDirectoryValidity($name))
+		return FALSE;
+	
+	if(!$isPage){
+
+		if(!components()->settings->checkUserDirectoryAvailability($name, $id))
+			return FALSE;
+
+		if(!components()->groups->checkDirectoryAvailability($name, -1))
+			return FALSE;
+			
+	}
+	else {
+
+		if(!components()->settings->checkUserDirectoryAvailability($name, -1))
+			return FALSE;
+
+		if(!components()->groups->checkDirectoryAvailability($name, $id))
+			return FALSE;
+	}
+
+	//The directory seems to be valid
+	return TRUE;
+}
+
+/**
+ * Get a POST group ID
+ * 
+ * @param string $name The name of variable in the $_POST request
+ * @return int The ID of the group
+ * @throws RESTException If the value is missing
+ */
+function getPostGroupId(string $name) : int {
+
+	//Get the ID of the group
+	$id = postInt($name);
+
+	//Check if the group exists or not
+	if(!components()->groups->exists($id))
+		Rest_fatal_error(404, "Specified group does not exists !");
+	
+	//Return the ID of the group
+	return $id;
+}
+
+/**
+ * Get a POST group ID with a check for the minimal access requested
+ * 
+ * @param string $name The name of the post field containing group ID
+ * @param int $minAccess The minimal access required
+ * @return int The ID of the group
+ */
+function getPostGroupIdWithAccess(string $name, int $minVisibility) : int {
+	
+	//Get the ID of the group
+	$groupID = getPostGroupId($name);
+
+	//Get the access level of the current user over the group
+	$accessLevel = components()->groups->getAccessLevel($groupID, userID);
+
+	//Check if the user has no access
+	if($accessLevel == GroupInfo::NO_ACCESS)
+		Rest_fatal_error(404, "Specified group does not exists !"); //Act like if the group did not exists
+	
+	//Check access level
+	if($accessLevel < $minVisibility)
+		Rest_fatal_error(401, "You do not have enough rights to perform what you intend to do on this group!");
+
+	return $groupID;
+}

helpers/APILimits.php

@@ -0,0 +1,16 @@
+<?php
+/**
+ * API Limits helper
+ * 
+ * @author Pierre HUBERT
+ */
+
+/**
+ * Limit the number of time a query can be performed by a client
+ * 
+ * @param string $name The name of the action to limit
+ * @param bool $trigger Count this as an action of the user or not
+ */
+function api_limit_query(string $name, bool $trigger){
+	cs()->limit->limit_query($name, $trigger);
+}

helpers/database.php

@@ -0,0 +1,15 @@
+<?php
+/**
+ * Database helper
+ * 
+ * @author Pierre HUBERT
+ */
+
+/**
+ * Get and return database object
+ * 
+ * @param DBLibrary The database object
+ */
+function db() : DBLibrary {
+    return CS::get()->db;
+}

helpers/notifications.php

@@ -57,6 +57,36 @@ function delete_notifications_friendship_request(int $userOne, int $userTwo) : b
 	return true;
 }
 
+/**
+ * Delete all the notifications related to a group membership
+ * 
+ * @param int $userID The ID of the target user
+ * @param int $groupID The ID of the target group
+ * @return bool TRUE for a success / FALSE else
+ */
+function delete_notifications_group_membership(int $userID, int $groupID) : bool {
+	
+	user_login_required();
+
+	//Create notification object
+	$notification = new Notification();
+	$notification->set_on_elem_type(Notification::GROUP_MEMBERSHIP);
+	$notification->set_on_elem_id($groupID);
+
+	//Delete notifications
+	$notification->set_dest_user_id($userID);
+	$notification->set_from_user_id(-1);
+	if(!components()->notifications->delete($notification))
+		return false;
+	
+	$notification->set_dest_user_id(-1);
+	$notification->set_from_user_id($userID);
+	if(!components()->notifications->delete($notification))
+		return false;
+
+	return true;
+}
+
 /**
  * Create and push a friendship request notification
  * 
@@ -83,3 +113,43 @@ function create_friendship_notification(int $fromUser, int $destUser, string $ki
 	//Try to push the notification
 	return components()->notifications->push($notif);
 }
+
+/**
+ * Create and push a group membership  notification
+ * 
+ * @param int $userID The ID of the target user for the membershp
+ * @param int $moderatorID The ID of the moderator creating the notification (0 if it is the user)
+ * @param int $groupID The ID of the target group
+ * @param string $kind The kind of notification to create
+ * @return bool TRUE in case of success / FALSE else
+ */
+function create_group_membership_notification(int $userID, int $moderatorID, int $groupID, string $kind) : bool {
+
+	//Delete all the previous notifications
+	if(!delete_notifications_group_membership($userID, $groupID))
+		return false;
+	
+	//Create the notification
+	$notif = new Notification();
+	$notif->set_time_create(time());
+	$notif->set_on_elem_id($groupID);
+	$notif->set_on_elem_type(Notification::GROUP_MEMBERSHIP);
+	$notif->set_type($kind);
+
+	if($moderatorID < 1){
+
+		//The notification must be sent to all the moderators of the group
+		$notif->set_from_user_id($userID);
+		$notif->set_dest_user_id(-1);
+
+	}
+	else {
+		//We specify both the source and the destination of the notification not
+		//to broadcast the notification to all the group members
+		$notif->set_from_user_id($moderatorID);
+		$notif->set_dest_user_id($userID);
+	}
+	
+	//Try to push the notification
+	return components()->notifications->push($notif);
+}

index.php

@@ -35,7 +35,7 @@ if(!$cs->clients->checkClientRequestTokens())
 if(defined("APIServiceDomain")){
 
 	//First, limit requests
-	header("Access-Control-Allow-Origin: http://".APIServiceDomain.", https://".APIServiceDomain);
+	header("Access-Control-Allow-Origin: https://".APIServiceDomain);
 
 	//Then check for referer
 	if(!isset($_SERVER["HTTP_REFERER"]))
@@ -59,7 +59,7 @@ if(isset($_POST['userToken1']) AND isset($_POST['userToken2'])){
 	));
 
 	if($userID < 1){
-		Rest_fatal_error(401, "Please check your login tokens!");
+		Rest_fatal_error(412, "Please check your login tokens!");
 	}
 
 	//Else save userID
@@ -70,6 +70,11 @@ else {
 	define("userID", 0);
 }
 
+//Setup API limits
+require_once "classes/APILimits.php";
+$api_limits = new APILimits();
+cs()->register("limit", $api_limits);
+
 /**
  * Handle Rest requests
  */

tests/classes/models/APIClientTest.php

@@ -0,0 +1,15 @@
+<?php
+
+//Include class
+require_once(__DIR__."/../../../classes/models/APIClient.php");
+
+use PHPUnit\Framework\TestCase;
+
+class APIClientTest extends TestCase {
+
+	public function testConfirmHasTokenAfterSet(){
+		$client = new APIClient();
+		$client->set_token("token");
+		$this->assertEquals(TRUE, $client->has_token());
+	}
+}

tests/classes/models/BaseUniqueModelTest.php

@@ -0,0 +1,20 @@
+<?php
+
+//Include class
+require_once(__DIR__."/../../../classes/models/BaseUniqueObject.php");
+
+use PHPUnit\Framework\TestCase;
+
+class BaseUniqueObjectTest extends TestCase {
+
+	public function testValidObjectWithoutId(){
+		$obj = new BaseUniqueObject();
+		$obj->set_id(10);
+		$this->assertEquals(TRUE, $obj->isValid());
+	}
+
+	public function testInvalidObjectWithoutId(){
+		$obj = new BaseUniqueObject();
+		$this->assertEquals(FALSE, $obj->isValid());
+	}
+}