Comunic/ComunicAPI
1
0
Fork 0
mirror of https://github.com/pierre42100/ComunicAPI synced 2025-07-01 06:13:30 +00:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: Comunic:13-05-2018
Branches Tags
Comunic:master
Comunic:25-02-2019 Comunic:25-02-2018 Comunic:22-01-2019 Comunic:30-08-2018 Comunic:20-08-2018 Comunic:13-05-2018
...
compare: Comunic:30-08-2018
Branches Tags
Comunic:master
Comunic:25-02-2019 Comunic:25-02-2018 Comunic:22-01-2019 Comunic:30-08-2018 Comunic:20-08-2018 Comunic:13-05-2018

114 Commits
13-05-2018 ... 30-08-2018

Author SHA1 Message Date
Pierre HUBERT
9df1c93a24 Can update the content of a conversation message 2018-08-29 13:36:27 +02:00
Pierre HUBERT
2749dbcb3f Updated API tables structure 2018-08-27 17:36:58 +02:00
Pierre HUBERT
b698118a47 Updated mails queue structure 2018-08-27 17:18:55 +02:00
Pierre HUBERT
f5ddc7d476 Fix potential time issue 2018-08-27 10:56:09 +02:00
Pierre HUBERT
01b66f5026 Updated database structure 2018-08-27 10:42:38 +02:00
Pierre HUBERT
90ecca7101 Use constants to define tables name 2018-08-27 10:18:44 +02:00
Pierre HUBERT
382f816ad8 Can delete a conversation message 2018-08-27 10:14:54 +02:00
Pierre HUBERT
9a4048af4b Fix issue. 2018-08-26 14:58:01 +02:00
Pierre HUBERT
e1760dd772 Can get the number of friendship request with the notifications. 2018-08-24 08:25:38 +02:00
Pierre HUBERT
85582a44cc Added missing tables structure 2018-08-20 15:08:29 +02:00
Pierre HUBERT
4937e66c71 Limit the number of account / hour / ip 2018-08-20 14:48:21 +02:00
Pierre HUBERT
5bddd624ca Returns special error code when a new account try to reuse existing email address. 2018-08-20 14:10:58 +02:00
Pierre HUBERT
4c74b9c414 Setup API requests limit system. 2018-08-20 13:45:50 +02:00
Pierre HUBERT
fba6c796a8 Display call trace on exceptions reporting 2018-08-20 13:34:44 +02:00
Pierre HUBERT
addd9f55e8 Escape security questions and answers 2018-08-20 12:06:32 +02:00
Pierre HUBERT
179ac1e4ea Added language settings 2018-08-15 08:16:22 +02:00
Pierre HUBERT
5a21389017 Updated database structure 2018-08-15 07:55:01 +02:00
Pierre HUBERT
2e877f2446 Fix issue. 2018-08-05 16:21:16 +02:00
Pierre HUBERT
b3d1f84e12 Fix issue 2018-08-04 09:06:18 +02:00
Pierre HUBERT
c152593c88 Made notification system more clear. 2018-08-02 09:06:21 +02:00
Pierre HUBERT
814ee8949b Added group membership notifications 2018-08-02 08:57:49 +02:00
Pierre HUBERT
473c1ac3b1 Set download timeout. 2018-07-31 14:08:45 +02:00
Pierre HUBERT
54cff328d7 Secrete group does not appear in search form. 2018-07-31 11:25:09 +02:00
Pierre HUBERT
53b72bd767 Can search for users and groups from the API 2018-07-28 17:15:50 +02:00
Pierre HUBERT
eea4378a9c Created SearchResult object 2018-07-28 16:49:46 +02:00
Pierre HUBERT
a9f4afdcbc Latest posts thread can includes groups posts. 2018-07-20 15:31:21 +02:00
Pierre HUBERT
af304d7409 Fix issue. 2018-07-20 14:05:08 +02:00
Pierre HUBERT
ed8ee8f04c Can push public notifications for group. 2018-07-20 13:37:59 +02:00
Pierre HUBERT
d99b4c7f18 Get the list of followers of a group 2018-07-20 13:37:32 +02:00
Pierre HUBERT
ffcef67b70 Can get information about multiple groups. 2018-07-20 08:53:33 +02:00
Pierre HUBERT
e1c8399a74 Fixed error. 2018-07-20 08:53:13 +02:00
Pierre HUBERT
620e4ac23b Improved numbers_list_to_array casting. 2018-07-20 08:53:01 +02:00
Pierre HUBERT
6c100fecce Can update following status of a group membership. 2018-07-19 14:43:29 +02:00
Pierre HUBERT
f054107277 Can get and return following state of a user. 2018-07-17 10:56:12 +02:00
Pierre HUBERT
46730f2b97 Can update the like of group. 2018-07-17 10:25:34 +02:00
Pierre HUBERT
9f52240a5c Can get and return the number of likes of a group. 2018-07-17 10:19:45 +02:00
Pierre HUBERT
a0c750f5eb Added special visibility level for group members. 2018-07-17 09:55:03 +02:00
Pierre HUBERT
0dff74f987 Returns the ID of the target group of a post (if any) 2018-07-17 09:44:13 +02:00
Pierre HUBERT
2d820403f5 Can get the posts of a group and returns them to the API 2018-07-16 15:06:23 +02:00
Pierre HUBERT
cd772c03c3 Can create posts for groups. 2018-07-16 14:38:07 +02:00
Pierre HUBERT
770fa95eb7 Prepare group posts implementation. 2018-07-16 09:27:05 +02:00
Pierre HUBERT
ee40186aeb Updated table texte structure. 2018-07-16 09:22:43 +02:00
Pierre HUBERT
fd1b08b74c Can update posts creation level of a group 2018-07-16 08:52:41 +02:00
Pierre HUBERT
18c5f2e64c Returns posts creation level with group info. 2018-07-16 08:38:54 +02:00
Pierre HUBERT
39645de9ff Can update group settings 2018-07-15 19:12:59 +02:00
Pierre HUBERT
91943a49ab Can return the URL and the description of a group to the API. 2018-07-15 18:55:00 +02:00
Pierre HUBERT
b1e01dbb09 Can find the user or the group associated with a virtual directory. 2018-07-14 13:31:14 +02:00
Pierre HUBERT
b5e4e52272 Can check through the API the validity of a domain. 2018-07-14 11:42:54 +02:00
Pierre HUBERT
86cdc3d9a8 Groups can now have their own virtual directories too. 2018-07-14 11:37:28 +02:00
Pierre HUBERT
8e0eba4385 Fix GroupInfo model 2018-07-14 11:37:06 +02:00
Pierre HUBERT
c014dbdd48 Made getPostUserDirectory function generic 2018-07-14 11:13:29 +02:00
Pierre HUBERT
82e8106b71 Made checkUserDirectoryValidity generic 2018-07-14 11:10:57 +02:00
Pierre HUBERT
cb422ef627 Added virtual directory property 2018-07-14 11:01:40 +02:00
Pierre HUBERT
3d297a01f5 Can tests for BaseUniqueObject 2018-07-12 14:10:41 +02:00
Pierre HUBERT
a6021aeffc Created first test 2018-07-12 14:05:56 +02:00
Pierre HUBERT
4c3b9ff814 Users can remove their membership to groups 2018-07-10 15:00:07 +02:00
Pierre HUBERT
ad5c2f54b8 Can get the list of groups of a user 2018-07-10 08:42:35 +02:00
Pierre HUBERT
564a06bd1c Can update group membership level. 2018-07-10 08:30:06 +02:00
Pierre HUBERT
a90cde6268 Removed duplicate 2018-07-09 16:04:28 +02:00
Pierre HUBERT
f526893786 Can cancel a membership invitation 2018-07-09 16:01:38 +02:00
Pierre HUBERT
1a9b152b4d Can get a user membership 2018-07-09 15:32:52 +02:00
Pierre HUBERT
aee09dee43 Can respond to a membership request 2018-07-09 15:24:56 +02:00
Pierre HUBERT
4fd5cfde37 Can delete a membership 2018-07-07 16:15:14 +02:00
Pierre HUBERT
5f4dc54ab3 Fix potential security issue. 2018-07-07 15:13:30 +02:00
Pierre HUBERT
65ab64c22c Can get the list of members of a group 2018-07-07 08:08:05 +02:00
Pierre HUBERT
7a4dd8ea9f Can send registration request. 2018-07-06 19:04:22 +02:00
Pierre HUBERT
cd8fc40810 Can cancel a membership request. 2018-07-06 18:36:19 +02:00
Pierre HUBERT
c3bdbedb30 Can respond to a membership invitation. 2018-07-06 06:53:59 +02:00
Pierre HUBERT
d55cca75b2 Centralized membership levels in GroupMember class 2018-07-05 08:30:46 +02:00
Pierre HUBERT
a1d078a461 Can update registration level 2018-07-05 08:07:17 +02:00
Pierre HUBERT
f726b4cc2b Return registration levels on the API 2018-07-05 07:53:31 +02:00
Pierre HUBERT
e35323915f Added registration levels 2018-07-05 07:48:51 +02:00
Pierre HUBERT
fd4259c38d Created invited status for groups. 2018-07-04 17:34:59 +02:00
Pierre HUBERT
d058ce1f74 Fix issue with previous commit. 2018-07-04 17:31:48 +02:00
Pierre HUBERT
796a325590 Upgraded groups visibility system. 2018-07-04 17:28:29 +02:00
Pierre HUBERT
e8d8fffbd1 Can change group visibility. 2018-07-04 16:49:28 +02:00
Pierre HUBERT
44181ee5c7 Returns group visibility 2018-07-04 16:11:29 +02:00
Pierre HUBERT
feeebcbae3 Can delete a group logo 2018-07-04 14:14:36 +02:00
Pierre HUBERT
1b9d9a2f3e Can update group logo 2018-07-04 13:52:39 +02:00
Pierre HUBERT
b591f008a4 Can update the name of the group 2018-07-04 11:36:32 +02:00
Pierre HUBERT
57401c8ce0 Can get group settings. 2018-07-04 07:44:37 +02:00
Pierre HUBERT
291558578b Get safely the ID of a group in a POST request. 2018-07-04 06:12:27 +02:00
Pierre HUBERT
0a3ae02bce Can check whether a group exists or not. 2018-07-04 06:12:15 +02:00
Pierre HUBERT
d6312f4b38 Get membership level of a user 2018-07-03 14:33:53 +02:00
Pierre HUBERT
7ef4d438c9 Added visitor level 2018-07-03 13:12:03 +02:00
Pierre HUBERT
d4ac0fbf8c Fix compatibility issue with MariaDB 2018-07-03 11:18:37 +02:00
Pierre HUBERT
1e229455fc Added groups default icon 2018-07-03 11:14:16 +02:00
Pierre HUBERT
8367bd81ac Can get information about a group 2018-07-03 09:10:04 +02:00
Pierre HUBERT
30d6a1fd9d Can create groups 2018-07-02 12:03:33 +02:00
Pierre HUBERT
1637885a97 Updated function 2018-07-02 08:56:27 +02:00
Pierre HUBERT
e73f5a2b15 Update database 2018-06-29 14:57:06 +02:00
Pierre
46fb9b7a3d Export data method returns information about related users 2018-05-27 12:03:49 +02:00
Pierre
ce92bb04b2 Returns conversations messages 2018-05-27 11:39:21 +02:00
Pierre
9e85b25c1a Can get all the messages of a conversation. 2018-05-27 11:36:27 +02:00
Pierre
b11bd0740f Create MailQueue component 2018-05-27 11:19:36 +02:00
Pierre
bee510c507 Create mail queue table 2018-05-27 11:16:49 +02:00
Pierre
f011d06e5b Password reset token can be now used only once. 2018-05-27 11:11:23 +02:00
Pierre
d149eadfbe Can update user password using reset token 2018-05-26 15:59:47 +02:00
Pierre
2bf74a9ad0 Background image is deleted on account deletion. 2018-05-26 15:33:37 +02:00
Pierre
4c02f6a2a4 Renamed file 2018-05-26 15:12:30 +02:00
Pierre
9711e6b087 Can check the validity of a password reset token 2018-05-26 14:52:05 +02:00
Pierre
d3570af12f Fix table structure typo 2018-05-26 14:45:08 +02:00
Pierre
5a928c9198 Can use security answers to create password reset token 2018-05-26 07:28:36 +02:00
Pierre
3ecdfe257d Countdown timer now accepts is now minute-precise 2018-05-24 21:30:48 +02:00
Pierre
8d3fa9441f Can get the security questions of a user 2018-05-23 21:34:18 +02:00
Pierre
7a4d11d71f API clients can check if an account with an email address links to an account with security questions defined or not. 2018-05-21 11:17:07 +02:00
Pierre
2a397c20aa Can check if an account has security questions defined or not. 2018-05-21 11:16:28 +02:00
Pierre
bbca6f9ebd Added utilities 2018-05-21 11:09:06 +02:00
Pierre
fd73652589 Can get account ID from email 2018-05-21 11:08:50 +02:00
Pierre
993319057a Created a function to check email address 2018-05-21 10:54:39 +02:00
Pierre
c44ee1cb1b Added a method to check if an email is associated or not with an account. 2018-05-21 10:27:07 +02:00
Pierre
f3392db596 API returns specific error code in case of invalid login tokens 2018-05-20 14:58:35 +02:00
Pierre
b3cf5fab61 Clients with domains must make their request from https connection 2018-05-20 14:54:55 +02:00
Pierre
039a47a105 Fix online issue 2018-05-19 09:36:09 +02:00
46 changed files with 4011 additions and 365 deletions
Expand all files Collapse all files

2
RestControllers/CommentsController.php
View File

@ -190,7 +190,7 @@ class CommentsController {
$data["userID"] = $comment->get_userID();
$data["postID"] = $comment->get_postID();
$data["time_sent"] = $comment->get_time_sent();
$data["content"] = $comment->has_content() ? utf8_encode($comment->get_content()) : "";
$data["content"] = $comment->has_content() ? $comment->get_content() : "";
$data["img_path"] = $comment->has_img_path() ? $comment->get_img_path() : null;
$data["img_url"] = $comment->has_img_url() ? $comment->get_img_url() : null;

49
RestControllers/ConversationsController.php
View File

@ -480,6 +480,55 @@ class ConversationsController {
return array("success" => "The conversation has been deleted");
}
/**
* Update the content of a conversation message
*
* @url POST /conversations/updateMessage
*/
public function updateMessage(){
user_login_required();
$messageID = postInt("messageID");
$newContent = postString("content");
if(!check_string_before_insert($newContent))
Rest_fatal_error(401, "Invalid new message content!");
//Check whether the user own or not conversation message
if(!components()->conversations->isOwnerMessage(userID, $messageID))
Rest_fatal_error(401, "You do not own this conversation message!");
//Update the message
$message = new ConversationMessage();
$message->set_id($messageID);
$message->set_message($newContent);
if(!components()->conversations->updateMessage($message))
Rest_fatal_error(500, "Could not update the content of the message!");
return array("success" => "The conversation message has been successfully updated!");
}
/**
* Delete a conversation message
*
* @url POST /conversations/deleteMessage
*/
public function deleteMessage(){
user_login_required();
$messageID = postInt("messageID");
//Check whether the user own or not conversation message
if(!components()->conversations->isOwnerMessage(userID, $messageID))
Rest_fatal_error(401, "You do not own this conversation message!");
if(!components()->conversations->deleteConversationMessage($messageID))
Rest_fatal_error(500, "Could not delete conversation message!");
return array("success" => "Conversation message has been successfully deleted!");
}
/**
* Get and return safely a conversation ID specified in a $_POST Request
*

778
RestControllers/GroupsController.php Normal file
View File

@ -0,0 +1,778 @@
<?php
/**
* API Groups controller
*
* @author Pierre HUBERT
*/
class GroupsController {
/**
* API groups registration levels
*/
const GROUPS_REGISTRATION_LEVELS = array(
GroupInfo::OPEN_REGISTRATION => "open",
GroupInfo::MODERATED_REGISTRATION => "moderated",
GroupInfo::CLOSED_REGISTRATION => "closed"
);
/**
* API groups membership levels
*/
const GROUPS_MEMBERSHIP_LEVELS = array(
GroupMember::ADMINISTRATOR => "administrator",
GroupMember::MODERATOR => "moderator",
GroupMember::MEMBER => "member",
GroupMember::INVITED => "invited",
GroupMember::PENDING => "pending",
GroupMember::VISITOR => "visitor"
);
/**
* API groups visibility levels
*/
const GROUPS_VISIBILITY_LEVELS = array(
GroupInfo::OPEN_GROUP => "open",
GroupInfo::PRIVATE_GROUP => "private",
GroupInfo::SECRET_GROUP => "secrete"
);
/**
* API posts creation levels
*/
const GROUPS_POSTS_LEVELS = array(
GroupInfo::POSTS_LEVEL_MODERATORS => "moderators",
GroupInfo::POSTS_LEVEL_ALL_MEMBERS => "members"
);
/**
* Create a group
*
* @url POST /groups/create
*/
public function create(){
//Login required
user_login_required();
//Get the name of the new group
$name = postString("name", 3);
//Prepare group creation
$newGroup = new NewGroup();
$newGroup->set_name($name);
$newGroup->set_userID(userID);
$newGroup->set_time_sent(time());
//Try to create the group
$groupID = components()->groups->create($newGroup);
//Check for errors
if($groupID < 1)
Rest_fatal_error(500, "An error occurred while trying to create the group!");
//Success
return array(
"success" => "The group has been successfully created!",
"id" => $groupID
);
}
/**
* Get information about a group
*
* @url POST /groups/get_info
*/
public function getInfo(){
//Get the ID of the requested group
$groupID = getPostGroupIdWithAccess("id", GroupInfo::LIMITED_ACCESS);
//Get information about the group
$group = components()->groups->get_info($groupID);
//Check if the group was not found
if(!$group->isValid())
Rest_fatal_error(404, "The requested group was not found !");
//Parse and return information about the group
return self::GroupInfoToAPI($group);
}
/**
* Get information about multiple groups
*
* @url POST /groups/get_multiple_info
*/
public function getMultipleInfo(){
//Get the IDs of requested groups
$IDs = numbers_list_to_array(postString("list", 1));
//Process the list of groups
foreach($IDs as $groupID){
//Check if the group exists or not
if(!components()->groups->exists($groupID))
Rest_fatal_error(404, "Group ".$groupID." not found!");
//Check the user is allowed to access this group information
if(components()->groups->getAccessLevel($groupID, userID) < GroupInfo::LIMITED_ACCESS)
Rest_fatal_error(404, "Group ".$groupID." not found!");
//Get the group information
$group = components()->groups->get_info($groupID);
if(!$group->isValid())
Rest_fatal_error(500, "Could not get a group information!");
$IDs[$groupID] = self::GroupInfoToAPI($group);
}
return $IDs;
}
/**
* Get advanced information about a group
*
* @url POST /groups/get_advanced_info
*/
public function getAdvancedInfo(){
//Get the ID of the requested group
$groupID = getPostGroupIdWithAccess("id", GroupInfo::VIEW_ACCESS);
//Get information about the group
$group = components()->groups->get_advanced_info($groupID);
//Check if the group was not found
if(!$group->isValid())
Rest_fatal_error(404, "The requested group was not found !");
//If the user is signed in, check whether he is liking and following or not the group
if(userID > 0) {
$group->setLiking(components()->likes->is_liking(
userID, $group->get_id(), Likes::LIKE_GROUP));
$group->set_following(components()->groups->isFollowing(
userID, $group->get_id()
));
}
//Parse and return information about the group
return self::AdvancedGroupInfoToAPI($group);
}
/**
* Get the settings of a group
*
* @url POST /groups/get_settings
*/
public function getSettings(){
user_login_required();
//Get the ID of the group (with admin access)
$groupID = getPostGroupIdWithAccess("id", GroupInfo::ADMIN_ACCESS);
//Retrieve the settings of the group
$settings = components()->groups->get_settings($groupID);
//Check for error
if(!$settings->isValid())
Rest_fatal_error(500, "Could not get the settings of the group!");
//Return parsed settings
return self::GroupSettingsToAPI($settings);
}
/**
* Set (update) the settings of a group
*
* @url POST /groups/set_settings
*/
public function setSettings(){
user_login_required();
//Get the ID of the group (with admin access)
$groupID = getPostGroupIdWithAccess("id", GroupInfo::ADMIN_ACCESS);
//Create and fill a GroupSettings object with new values
$settings = new GroupSettings();
$settings->set_id($groupID);
$settings->set_name(postString("name", 3));
$settings->set_description(removeHTMLnodes(postString("description", 0)));
//Get group URL
$url = postString("url", 0);
if($url != ""){
if(!filter_var($url, FILTER_VALIDATE_URL))
Rest_fatal_error(401, "Invalid group URL!");
$settings->set_url($url);
}
//Get group visibility
$visiblity = postString("visibility", 3);
$levels = array_flip(self::GROUPS_VISIBILITY_LEVELS);
if(!isset($levels[$visiblity]))
Rest_fatal_error(400, "Unrecognized group visibility level!");
$settings->set_visibility($levels[$visiblity]);
//Get group registration level
$registration_level = postString("registration_level", 3);
$levels = array_flip(self::GROUPS_REGISTRATION_LEVELS);
if(!isset($levels[$registration_level]))
Reset_fatal_error(400, "Unrecognized group registration level!");
$settings->set_registration_level($levels[$registration_level]);
//Get group posts creation levels
$postsLevel = postString("posts_level", 3);
$levels = array_flip(self::GROUPS_POSTS_LEVELS);
if(!isset($levels[$postsLevel]))
Rest_fatal_error(400, "Unrecognized group posts level!");
$settings->set_posts_level($levels[$postsLevel]);
//Get and check group virtual directory
$virtualDirectory = postString("virtual_directory", 0);
if($virtualDirectory != ""){
$virtualDirectory = getPostVirtualDirectory("virtual_directory");
//Check virtual directory availability
if(!checkVirtualDirectoryAvailability($virtualDirectory, $groupID, TRUE))
Rest_fatal_error(401, "The virtual directory seems not to be available!");
$settings->set_virtual_directory($virtualDirectory);
}
//Try to save the new settings of the group
if(!components()->groups->set_settings($settings))
Rest_fatal_error(500, "An error occured while trying to update group settings!");
return array("success" => "Group settings have been successfully updated!");
}
/**
* Check the availability of a virtual directory
*
* @url POST /groups/checkVirtualDirectory
*/
public function checkVirtualDirectory() : array {
//Get the ID of the group to check
$groupID = getPostGroupIdWithAccess("groupID", GroupMember::ADMINISTRATOR);
//Get post virtual directory
$virtualDirectory = getPostVirtualDirectory("directory");
//Check virtual directory availability
if(!checkVirtualDirectoryAvailability($virtualDirectory, $groupID, TRUE))
Rest_fatal_error(401, "The virtual directory seems not to be available!");
//The directory is available
return array("success" => "The directory is available!");
}
/**
* Change (update) the logo of the group
*
* @url POST /groups/upload_logo
*/
public function uploadLogo(){
user_login_required();
//Get the ID of the group (with admin access)
$groupID = getPostGroupIdWithAccess("id", GroupInfo::ADMIN_ACCESS);
//Check if it is a valid file
if(!check_post_file("logo"))
Rest_fatal_error(400, "An error occurred while receiving logo !");
//Delete any previous logo
if(!components()->groups->deleteLogo($groupID))
Rest_fatal_error(500, "An error occurred while trying to delete previous group logo!");
//Save the new group logo
$file_path = save_post_image("logo", 0, GroupInfo::PATH_GROUPS_LOGO, 500, 500);
//Update the settings of the group
$settings = components()->groups->get_settings($groupID);
$settings->set_logo($file_path);
if(!components()->groups->set_settings($settings))
Rest_fatal_error(500, "Could not save information about new group logo!");
//Success
return array(
"success" => "The new group logo has been successfully saved !",
"url" => $settings->get_logo_url()
);
}
/**
* Delete a group logo
*
* @url POST /groups/delete_logo
*/
public function deleteLogo(){
user_login_required();
//Get the ID of the group (with admin access)
$groupID = getPostGroupIdWithAccess("id", GroupInfo::ADMIN_ACCESS);
//Try to delete group logo
if(!components()->groups->deleteLogo($groupID))
Rest_fatal_error(500, "An error occurred while trying to delete group logo!");
//Success
return array(
"success" => "The group logo has been successfully deleted!",
"url" => components()->groups->get_settings($groupID)->get_logo_url()
);
}
/**
* Get the entire list of the members of a group
*
* @url POST /groups/get_members
*/
public function getMembers(){
user_login_required();
//Get the ID of the group (with admin access)
$groupID = getPostGroupIdWithAccess("id", GroupInfo::MODERATOR_ACCESS);
//Get the list of members of the group
$members = components()->groups->getListMembers($groupID);
//Parse the list of members
foreach($members as $num => $member)
$members[$num] = self::GroupMemberToAPI($member);
return $members;
}
/**
* Respond to a membership invitation
*
* @url POST /groups/respond_invitation
*/
public function respondInvitation(){
user_login_required();
//Get the ID of the group (with basic access)
$groupID = getPostGroupIdWithAccess("id", GroupInfo::LIMITED_ACCESS);
//Get the response to the invitation
$accept = postBool("accept");
//Check if the user received an invitation or not
if(!components()->groups->receivedInvitation(userID, $groupID))
Rest_fatal_error(404, "Invitation not found!");
//Try to respond to the invitation
if(!components()->groups->respondInvitation(userID, $groupID, $accept))
Rest_fatal_error(500, "An error occurred while trying to respond to membership invitation!");
//Push notification
create_group_membership_notification(userID, 0, $groupID,
$accept ? Notification::ACCEPTED_GROUP_MEMBERSHIP_INVITATION : Notification::REJECTED_GROUP_MEMBERSHIP_INVITATION);
//Success
return array("success" => "The response to the invitation was saved!");
}
/**
* Cancel a membership request
*
* @url POST /groups/cancel_request
*/
public function cancelRequest(){
user_login_required();
//Get the ID of the group (with basic access)
$groupID = getPostGroupIdWithAccess("id", GroupInfo::LIMITED_ACCESS);
//Check if the user has created a membership request
if(components()->groups->getMembershipLevel(userID, $groupID) != GroupMember::PENDING)
Rest_fatal_error(401, "You did not send a membership request to this group!");
//Try to cancel membership request
if(!components()->groups->deleteRequest(userID, $groupID))
Rest_fatal_error(500, "An error occurred while trying to cancel membership request!");
//Delete group membership notifications
delete_notifications_group_membership(userID, $groupID);
return array("success" => "The request has been successfully cancelled!");
}
/**
* Send a membership request to the server
*
* @url POST /groups/send_request
*/
public function sendRequest(){
user_login_required();
//Get the ID of the target group
$groupID = getPostGroupIdWithAccess("id", GroupInfo::LIMITED_ACCESS);
//Check if the user is currently only a visitor of the website
if(components()->groups->getMembershipLevel(userID, $groupID) != GroupMember::VISITOR)
Rest_fatal_error(401, "You are not currently a visitor of the group!");
//Check if the user can register a new membership to the group
//Get information about the group
$info = components()->groups->get_info($groupID);
if($info->get_registration_level() == GroupInfo::CLOSED_REGISTRATION)
Rest_fatal_error(401, "You are not authorized to send a registration request for this group!");
//Create and insert membership
$member = new GroupMember();
$member->set_userID(userID);
$member->set_time_sent(time());
$member->set_group_id($groupID);
$member->set_level(
$info->get_registration_level() == GroupInfo::MODERATED_REGISTRATION ?
GroupMember::PENDING : GroupMember::MEMBER);
if(!components()->groups->insertMember($member))
Rest_fatal_error(500, "Could not register membership!");
//Push notification
if($info->get_registration_level() == GroupInfo::MODERATED_REGISTRATION)
create_group_membership_notification(userID, 0, $groupID,
Notification::SENT_GROUP_MEMBERSHIP_REQUEST);
//Success
return array("success" => "The membership has been successfully saved!");
}
/**
* Delete the member from the group
*
* @url POST /groups/delete_member
*/
public function deleteMember() : array {
user_login_required();
//Get the ID of the target group
$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::MODERATOR_ACCESS);
$currUserLevel = components()->groups->getMembershipLevel(userID, $groupID);
//Get the ID of the member
$userID = getPostUserID("userID");
if($userID == userID && $currUserLevel == GroupMember::ADMINISTRATOR){
//Count the number of admin in the group
if(components()->groups->countMembersAtLevel($groupID, GroupMember::ADMINISTRATOR) == 1)
Rest_fatal_error(401, "You are the last administrator of this group!");
}
//Get the current membership level
$level = components()->groups->getMembershipLevel($userID, $groupID);
//Check if the user is more than a member. In this case, only an administrator can delete him
if($level < GroupMember::MEMBER && $currUserLevel != GroupMember::ADMINISTRATOR)
Rest_fatal_error(401, "Only an administrator can delete this membership!");
//Delete the membership
if(!components()->groups->deleteMembershipWithStatus($userID, $groupID, $level))
Rest_fatal_error(500, "Could not delete membership!");
//Delete group membership notifications
delete_notifications_group_membership($userID, $groupID);
//Success
return array("success" => "The membership has been successfully deleted!");
}
/**
* Update a membership level
*
* @url POST /groups/update_membership_level
*/
public function updateMembershipLevel() : array {
user_login_required();
//Get the ID of the target group
$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::ADMIN_ACCESS);
//Get target user ID
$userID = getPostUserID("userID");
if($userID == userID)
Rest_fatal_error(400, "You can not update your own membership!");
//Get current user membership
$level = components()->groups->getMembershipLevel($userID, $groupID);
//Check if the user is at least a member of the group
if($level > GroupMember::MEMBER)
Rest_fatal_error(401, "This user is not a member of the group!");
//Get the new membership level of the user
$levels = array_flip(self::GROUPS_MEMBERSHIP_LEVELS);
$new_level_str = postString("level");
if(!isset($levels[$new_level_str]))
Rest_fatal_error(401, "Specified membership level not found!");
$newLevel = $levels[$new_level_str];
if($newLevel > GroupMember::MEMBER)
Rest_fatal_error(401, "You can not assign this visibility level to a group member!");
//Try to update the membership of the user
if(!components()->groups->updateMembershipLevel($userID, $groupID, $newLevel))
Rest_fatal_error(500, "Could not update membership level!");
//Success
return array("success" => "User membership has been updated!");
}
/**
* Respond to a membership request
*
* @url POST /groups/respond_request
*/
public function respondRequest() : array {
user_login_required();
//Get the ID of the target group
$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::MODERATOR_ACCESS);
//Get user ID
$userID = getPostUserID("userID");
//Get the response
$accept = postBool("accept");
//Check if the user membership is really pending or not
if(components()->groups->getMembershipLevel($userID, $groupID) != GroupMember::PENDING)
Rest_fatal_error(401, "This user has not requested a membership in this group!");
//Respond to the request
if(!components()->groups->respondRequest($userID, $groupID, $accept))
Rest_fatal_error(500, "Could not respond to the membership request!");
//Push notification
create_group_membership_notification($userID, userID, $groupID,
$accept ? Notification::ACCEPTED_GROUP_MEMBERSHIP_REQUEST : Notification::REJECTED_GROUP_MEMBERSHIP_REQUEST);
//Success
return array("success" => "The response to the request has been successfully saved!");
}
/**
* Get information about a membership
*
* @url POST /groups/get_membership
*/
public function getMembership() : array {
//Get the ID of the target group
$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::MODERATOR_ACCESS);
//Get user ID
$userID = getPostUserID("userID");
//Check if the user has a membership or not
if(!components()->groups->hasMembership($userID, $groupID))
Rest_fatal_error(404, "Specified user does not have any membership in this group!");
//Get user membership
$membership = components()->groups->getMembership($userID, $groupID);
//Parse and return result
return self::GroupMemberToAPI($membership);
}
/**
* Cancel a membership invitation
*
* @url POST /groups/cancel_invitation
*/
public function cancelInvitation() : array {
//Get the ID of the target group
$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::MODERATOR_ACCESS);
//Get user ID
$userID = getPostUserID("userID");
//Check if the user has really been invited to the group or not
if(components()->groups->getMembershipLevel($userID, $groupID) != GroupMember::INVITED)
Rest_fatal_error(401, "This user has not been invited to join this group!");
//Cancel group invitation
if(!components()->groups->deleteInvitation($userID, $groupID))
Rest_fatal_error(500, "Could not cancel membership invitation!");
//Delete group membership notifications
delete_notifications_group_membership($userID, $groupID);
//Success
return array("success" => "Membership invitation has been cancelled !");
}
/**
* Get the list of membership of the current user
*
* @url POST groups/get_my_list
*/
public function getMyList() : array {
user_login_required();
//Get the list of groups of the user
$list = components()->groups->getListUser(userID);
//Parse list
foreach($list as $num => $info)
$list[$num] = self::GroupInfoToAPI($info);
return $list;
}
/**
* Delete a user membership to a group
*
* @url POST groups/remove_membership
*/
public function removeMembership() : array {
user_login_required();
//Get the group
$groupID = getPostGroupIdWithAccess("id", GroupInfo::LIMITED_ACCESS);
//Get user membership level
$level = components()->groups->getMembershipLevel(userID, $groupID);
if($level == GroupMember::ADMINISTRATOR){
//Check the user is not the last administrator of the page
if(components()->groups->countMembersAtLevel($groupID, GroupMember::ADMINISTRATOR) == 1)
Rest_fatal_error(401, "You are the latest administrator of the group!");
}
//Delete membership
if(!components()->groups->deleteMembershipWithStatus(userID, $groupID, $level))
Rest_fatal_error(500, "An error occurred while trying to delete your membership!");
//Delete group membership notifications
delete_notifications_group_membership(userID, $groupID);
//Success
return array("success" => "Your membership has been successfully deleted!");
}
/**
* Set whether a user is following a group or not
*
* @url POST groups/set_following
*/
public function setFollowing(){
user_login_required();
//Get the group
$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::MEMBER_ACCESS);
//Get following status
$following = postBool("follow");
//Save the new value
if(!components()->groups->setFollowing($groupID, userID, $following))
Rest_fatal_error(500, "Could not update following status!");
//Success
return array("success" => "Follow status has been successfully updated!");
}
/**
* Parse a GroupInfo object into an array for the API
*
* @param GroupInfo $info Information about the group
* @return array Generated API data
*/
public static function GroupInfoToAPI(GroupInfo $info) : array {
$data = array();
$data["id"] = $info->get_id();
$data["name"] = removeHTMLnodes($info->get_name());
$data["icon_url"] = $info->get_logo_url();
$data["number_members"] = $info->get_number_members();
$data["membership"] = self::GROUPS_MEMBERSHIP_LEVELS[$info->get_membership_level()];
$data["visibility"] = self::GROUPS_VISIBILITY_LEVELS[$info->get_visibility()];
$data["registration_level"] = self::GROUPS_REGISTRATION_LEVELS[$info->get_registration_level()];
$data["posts_level"] = self::GROUPS_POSTS_LEVELS[$info->get_posts_level()];
$data["virtual_directory"] = $info->get_virtual_directory();
$data["following"] = $info->isFollowing();
return $data;
}
/**
* Parse an AdvancedGroupInfo object into an array for the API
*
* @param AdvancedGroupInfo $info Information about the group
* @return array Generated API data
*/
public static function AdvancedGroupInfoToAPI(AdvancedGroupInfo $info) : array {
$data = self::GroupInfoToAPI($info);
$data["time_create"] = $info->get_time_create();
$data["description"] = $info->get_description();
$data["url"] = $info->get_url();
$data["number_likes"] = $info->get_number_likes();
$data["is_liking"] = $info->isLiking();
return $data;
}
/**
* Parse a GroupSettings object into an array for the API
*
* @param GroupSettings $settings The settings to parse
* @return array Generated array
*/
public static function GroupSettingsToAPI(GroupSettings $info) : array {
$data = self::AdvancedGroupInfoToAPI($info);
return $data;
}
/**
* Turn GroupMember oject into an API array
*
* @param GroupMember $member The member entry to convert
* @return array Generated entry
*/
public static function GroupMemberToAPI(GroupMember $member) : array {
$data = array();
$data["user_id"] = $member->get_userID();
$data["group_id"] = $member->get_group_id();
$data["time_create"] = $member->get_time_sent();
$data["level"] = self::GROUPS_MEMBERSHIP_LEVELS[$member->get_level()];
return $data;
}
}

7
RestControllers/LikesController.php
View File

@ -68,6 +68,13 @@ class LikesController {
break;
//In case of group
case "group":
$id = getPostGroupIdWithAccess("id", GroupInfo::VIEW_ACCESS);
$componentType = Likes::LIKE_GROUP;
break;
//Default case : error
default:
Rest_fatal_error(404, "Specifed component type currently not supported !");

58
RestControllers/PostsController.php
View File

@ -15,7 +15,8 @@ class PostsController {
const VISIBILITY_LEVELS_API = array(
Posts::VISIBILITY_PUBLIC => "public",
Posts::VISIBILITY_FRIENDS => "friends",
Posts::VISIBILITY_USER => "private"
Posts::VISIBILITY_USER => "private",
Posts::VISIBILITY_GROUP_MEMBERS => "members",
);
/**
@ -56,6 +57,31 @@ class PostsController {
return $this->parsePostsList($posts);
}
/**
* Get group posts
*
* @url POST /posts/get_group
*/
public function getGroupPosts(){
//Get group ID
$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::VIEW_ACCESS);
//Get the startpoint for the posts
$startFrom = postInt("startFrom", 0);
//Check whether the user can see members only posts or not
$membershipLevel = components()->groups->getMembershipLevel(userID, $groupID);
$seeAllPosts = $membershipLevel <= GroupMember::MEMBER;
//Get the posts of the group
$posts = components()->posts->getGroupPosts($groupID, $seeAllPosts, $startFrom);
//Return parsed list of posts
return $this->parsePostsList($posts);
}
/**
* Get the latest posts for the user
*
@ -72,8 +98,11 @@ class PostsController {
else
$startFrom = 0; //No start point
//Check whether groups posts should be included or not
$include_groups = isset($_POST['include_groups']) ? postBool("include_groups") : FALSE;
//Get the post of the user
$posts = CS::get()->components->posts->get_latest(userID, $startFrom, 10);
$posts = CS::get()->components->posts->get_latest(userID, $startFrom, 10, $include_groups);
//Return parsed list of posts
return $this->parsePostsList($posts);
@ -99,7 +128,11 @@ class PostsController {
Rest_fatal_error(500, "Couldn't retrieve post informations !");
//Check if we can get the comments of the post
if(components()->user->allowComments($postInfos->get_user_page_id()))
$load_comments = TRUE;
if($postInfos->get_kind_page() == Posts::PAGE_KIND_USER)
$load_comments = components()->user->allowComments($postInfos->get_user_page_id());
if($load_comments)
$postInfos->set_comments(components()->comments->get($postInfos->get_id()));
//Parse post informations
@ -142,6 +175,20 @@ class PostsController {
break;
//In case of group
case "group":
//Save the values
$kind_page = Posts::PAGE_KIND_GROUP;
$kind_page_id = getPostGroupIdWithAccess("kind-id", GroupInfo::MEMBER_ACCESS);
//Check whether the user is authorized to create posts on the page or not
if(!components()->groups->canUserCreatePost(userID, $kind_page_id))
Rest_fatal_error(401, "You are not authorized to create posts on this group!");
break;
//Unsupported kind of page
default:
Rest_fatal_error(500, "Unsupported kind of page !");
@ -349,6 +396,7 @@ class PostsController {
if($postID < 0)
Rest_fatal_error(400, "Couldn't create post !");
//Create a notification
$notification = new Notification();
$notification->set_from_user_id(userID);
@ -357,6 +405,7 @@ class PostsController {
$notification->set_type(Notification::ELEM_CREATED);
components()->notifications->push($notification);
//Success
return array(
"success" => "The post has been created !",
@ -528,8 +577,9 @@ class PostsController {
$data["ID"] = $post->get_id();
$data["userID"] = $post->get_userID();
$data["user_page_id"] = $post->get_user_page_id();
$data["group_id"] = $post->get_group_id();
$data["post_time"] = $post->get_time_sent();
$data["content"] = $post->has_content() ? utf8_encode($post->get_content()) : null;
$data["content"] = $post->has_content() ? $post->get_content() : null;
$data["visibility_level"] = self::VISIBILITY_LEVELS_API[$post->get_visibility_level()];
$data["kind"] = $post->get_kind();

109
RestControllers/SearchController.php Normal file
View File

@ -0,0 +1,109 @@
<?php
/**
* Search controller
*
* @author Pierre HUBERT
*/
class SearchController
{
/**
* Search results kinds to API
*/
const SEARCH_RESULTS_KINDS = array(
SearchResult::KIND_USER => "user",
SearchResult::KIND_GROUP => "group"
);
/**
* Peform a research on the database
*
* @url POST /search/user
* @url POST /user/search
*/
public function search_user(){
user_login_required();
//Check if the query was specified with the request
if(!isset($_POST['query']))
Rest_fatal_error(400, "Please specify search terms");
$query = $_POST['query'];
//Check the query
if(strlen($query) < 1)
Rest_fatal_error(401, "Empty requests not allowed !");
//Check for search limit
$searchLimit = (isset($_POST['searchLimit']) ? toInt($_POST['searchLimit']) : 5);
//Check the limit
if($searchLimit < 1 || $searchLimit > 25)
Rest_fatal_error(401, "Invalid search limit !");
//Perform research on the database and return results
$results = CS::get()->components->search->search_user($query, $searchLimit);
if($results === false)
Rest_fatal_error(500, "An error occured while trying to perform a research in user list !");
//Return results
return $results;
}
/**
* Peform a global search (search for groups + users)
*
* @url POST /search/global
*/
public function searchGlobal(){
user_login_required();
//Get search query
$query = postString("query", 1);
//Set abitrary limit
$limit = 10;
$results = array();
//First, search for groups
foreach(components()->search->search_group($query, $limit) as $groupID)
$results[] = new SearchResult(SearchResult::KIND_GROUP, $groupID);
$limit -= count($results);
//Then search for users
foreach(components()->search->search_user($query, $limit) as $userID)
$results[] = new SearchResult(SearchResult::KIND_USER, $userID);
//Parse and return result
return self::MultipleSearchResultToAPI($results);
}
/**
* Parse multiple SearchResult entry to API
*
* @param array $list The list of SearchResults to parse
* @return array Generated array
*/
public static function MultipleSearchResultToAPI(array $list) : array {
$data = array();
foreach($list as $entry)
$data[] = self::SearchResultToAPI($entry);
return $data;
}
/**
* Turn a SearchResult object into API object
*
* @param SearchResult $result The result to process
* @return array Generated entry
*/
public static function SearchResultToAPI(SearchResult $result) : array {
$data = array();
$data["kind"] = self::SEARCH_RESULTS_KINDS[$result->get_kind()];
$data["id"] = $result->get_kind_id();
return $data;
}
}

79
RestControllers/SettingsController.php
View File

@ -55,10 +55,10 @@ class SettingsController {
//Get and check virtual directory
$virtualDirectory = postString("virtualDirectory", 0);
if($virtualDirectory != ""){
$virtualDirectory = getPostUserDirectory("virtualDirectory");
$virtualDirectory = getPostVirtualDirectory("virtualDirectory");
//Check if the directory is available
if(!components()->settings->checkUserDirectoryAvailability($virtualDirectory, userID))
if(!checkVirtualDirectoryAvailability($virtualDirectory, userID, FALSE))
Rest_fatal_error(401, "The specified directory is not available!");
}
@ -104,16 +104,64 @@ class SettingsController {
user_login_required();
//Get user directory
$userDirectory = getPostUserDirectory("directory");
$userDirectory = getPostVirtualDirectory("directory");
//Check if the directory is available
if(!components()->settings->checkUserDirectoryAvailability($userDirectory, userID))
if(!checkVirtualDirectoryAvailability($userDirectory, userID, FALSE))
Rest_fatal_error(401, "The specified directory is not available!");
//Else the directory is available
return array("success" => "The directory is available!");
}
/**
* Get language settings
*
* @url POST /settings/get_language
*/
public function getLanguage(){
//User login required
user_login_required();
//Get the settings of the user
$settings = components()->settings->get_language(userID);
if(!$settings->isValid())
Rest_fatal_error(500, "Could not get language settings!");
//Return parsed settings object
return $this->LanguageSettingsToAPI($settings);
}
/**
* Set (update) language settings
*
* @url POST /settings/set_language
*/
public function setLanguage(){
//User login required
user_login_required();
//Get specified language
$lang = postString("lang", 2);
if(!in_array($lang, LanguageSettings::LANGUAGES))
Rest_fatal_error(401, "Language not recognized !");
$settings = new LanguageSettings();
$settings->set_id(userID);
$settings->set_lang($lang);
//Save language in database
if(!components()->settings->save_language($settings))
Rest_fatal_error(500, "Could not save language settings!");
//Success
return array("success" => "Language settings have been successfully updated!");
}
/**
* Get security settings
*
@ -160,10 +208,10 @@ class SettingsController {
//Create a security settings object and fill it with the new information
$settings = new SecuritySettings();
$settings->set_id(userID);
$settings->set_security_question_1(postString("security_question_1", 0));
$settings->set_security_answer_1(postString("security_answer_1", 0));
$settings->set_security_question_2(postString("security_question_2", 0));
$settings->set_security_answer_2(postString("security_answer_2", 0));
$settings->set_security_question_1(removeHTMLnodes(postString("security_question_1", 0)));
$settings->set_security_answer_1(removeHTMLnodes(postString("security_answer_1", 0)));
$settings->set_security_question_2(removeHTMLnodes(postString("security_question_2", 0)));
$settings->set_security_answer_2(removeHTMLnodes(postString("security_answer_2", 0)));
//Try to update settings
if(!components()->settings->save_security($settings))
@ -311,6 +359,21 @@ class SettingsController {
return $data;
}
/**
* Turn a LanguageSettings object into a valid API object
*
* @param LanguageSettings $settings The object to convert
* @return array Generated API object
*/
private function LanguageSettingsToAPI(LanguageSettings $settings) : array {
$data = array();
$data["lang"] = $settings->get_lang();
return $data;
}
/**
* Turn a SecuritySettings object into a valid API object
*

42
RestControllers/VirtualDirectoryController.php Normal file
View File

@ -0,0 +1,42 @@
<?php
/**
* Virtual directory controller
*
* @author Pierre HUBERT
*/
class VirtualDirectoryController {
/**
* Find a group / user using a given virtual directory
*
* @url POST /virtualDirectory/find
*/
public function findVirtualDirectory(){
//Get the virtual directory to analyze
$virtualDirectory = getPostVirtualDirectory("directory");
//Check if the directory is a user or group
$userID = components()->user->findByFolder($virtualDirectory);
$groupID = components()->groups->findByVirtualDirectory($virtualDirectory);
if($userID != 0){
$kind = "user";
$id = $userID;
}
else if($groupID != 0){
$kind = "group";
$id = $groupID;
}
else
Rest_fatal_error(404, "Specified user / group virtual directory not found !");
return array(
"kind" => $kind,
"id" => $id
);
}
}

325
RestControllers/accountController.php
View File

@ -17,31 +17,38 @@ class accountController {
* @url POST /account/login
*/
public function connectUSER(){
//Check variables sent in request
if(!isset($_POST['userMail']) OR !isset($_POST['userPassword']))
throw new RestException(400, "Missing data !");
//Retrieve database connection
$db = CS::get()->db;;
//API limit
api_limit_query(APILimits::ACTION_LOGIN_FAILED, false);
//Extract data
$userMail = $_POST["userMail"];
$userPassword = $_POST['userPassword'];
//Retrieve database connection
$db = CS::get()->db;;
//Try to perform login
$loginTokens = CS::get()->components->account->generateUserLoginTokens($userMail, $userPassword, APIServiceID, $db);
//Extract data
$userMail = $_POST["userMail"];
$userPassword = $_POST['userPassword'];
if(count($loginTokens) == 0)
throw new RestException(401, "Invalid e-mail address / password !");
//Try to perform login
$loginTokens = CS::get()->components->account->generateUserLoginTokens($userMail, $userPassword, APIServiceID, $db);
//Return result with tokens
return array(
"success" => "User logged in !",
"tokens" => array(
"token1" => $loginTokens[0],
"token2" => $loginTokens[1],
),
);
if(count($loginTokens) == 0){
api_limit_query(APILimits::ACTION_LOGIN_FAILED, true);
throw new RestException(401, "Invalid e-mail address / password !");
}
//Return result with tokens
return array(
"success" => "User logged in !",
"tokens" => array(
"token1" => $loginTokens[0],
"token2" => $loginTokens[1],
),
);
}
/**
@ -62,6 +69,155 @@ class accountController {
return array("success" => "The user has been disconnected !");
}
/**
* Check if an email is already associated with an account or not
*
* @url POST /account/exists_email
*/
public function existsMail(){
//Check the given email address
$email = postEmail("email", 5);
//Check if the email address is already associated with an account
$email_exists = components()->account->exists_email($email);
return array(
"exists" => $email_exists
);
}
/**
* Check if an account associated with an email address has set up
* security question or not
*
* @url POST /account/has_security_questions
*/
public function hasSecurityQuestion(){
//Get account ID
$userID = $this->getUserIDFromPostEmail("email");
//Check if the specified account has defined security questions or not
return array(
"defined" => components()->settings->has_security_questions($userID)
);
}
/**
* Get the security questions of a user using its email address
*
* @url POST /account/get_security_questions
*/
public function getSecurityQuestions(){
//Get account ID
$userID = $this->getUserIDFromPostEmail("email");
//Check if user has defined security questions
if(!components()->settings->has_security_questions($userID))
Rest_fatal_error(401, "Specified user has not set up security questions!");
//Get the security settings of the user
$settings = components()->settings->get_security($userID);
//Check for errors
if(!$settings->isValid())
Rest_fatal_error(500, "An error occurred while retrieving security settings of the user!");
//Return the questions of the user
return array(
"questions" => array(
$settings->get_security_question_1(),
$settings->get_security_question_2()
)
);
}
/**
* Check the security answers given by a user in order to reset its
* password
*
* @url POST /account/check_security_answers
*/
public function checkSecurityAnswers(){
//Get account ID
$userID = $this->getUserIDFromPostEmail("email");
//Check if user has defined security questions
if(!components()->settings->has_security_questions($userID))
Rest_fatal_error(401, "Specified user has not set up security questions!");
//Get the security settings of the user
$settings = components()->settings->get_security($userID);
//Check for errors
if(!$settings->isValid())
Rest_fatal_error(500, "An error occurred while retrieving security settings of the user!");
//Get the list of security answers
$answersString = postString("answers", 3);
//Get answers
$answers = explode("&", $answersString);
//Check the number of given answers
if(count($answers) != 2)
Rest_fatal_error(401, "Please specify 2 security answers!");
//Check the security answers
if(strtolower(urldecode($answers[0])) != strtolower($settings->get_security_answer_1()) ||
strtolower(urldecode($answers[1])) != strtolower($settings->get_security_answer_2()))
Rest_fatal_error(401, "Specified security answers are invalid!");
//If we get there, security anwsers are valid
$token = random_str(255);
if(!components()->account->set_new_password_reset_token($userID, $token))
Rest_fatal_error(500, "Could not set a password reset token for the account!");
//Return result
return array(
"reset_token" => $token
);
}
/**
* Check the validity of a reset account token
*
* @url POST /account/check_password_reset_token
*/
public function checkResetAccountToken(){
//Get user ID
$userID = $this->getUserIDFromPasswordResetToken("token");
//The token is valid
return array("success" => "The token is valid.");
}
/**
* Reset user password using reset token
*
* @url POST /account/reset_user_passwd
*/
public function resetPasswordUsingToken(){
//Get user ID
$userID = $this->getUserIDFromPasswordResetToken("token");
//Save new password
$newPassword = postString("password");
if(!components()->account->set_new_user_password($userID, $newPassword))
Rest_fatal_error(500, "Could not update user password!");
//Cancel password reset token of the password
components()->account->remove_password_reset_token($userID);
//Success
return array("success" => "Your password has been updated!");
}
/**
* Create an account
*
@ -69,6 +225,8 @@ class accountController {
*/
public function createAccount(){
api_limit_query(APILimits::ACTION_CREATE_ACCOUNT, false);
//Check post fields existence
if(!check_post_parametres(array("emailAddress", "firstName", "lastName", "password")))
Rest_fatal_error(400, "Please check given parameters");
@ -92,7 +250,7 @@ class accountController {
//Check if the email address is already associated with an account
if(components()->account->exists_email($email))
Rest_fatal_error(401, "The specified email address is already associated with an account!");
Rest_fatal_error(409, "The specified email address is already associated with an account!");
//Create new account object
$newAccount = new NewAccount();
@ -105,6 +263,8 @@ class accountController {
if(!components()->account->create($newAccount))
Rest_fatal_error(500, "An error occured while trying to create the account !");
api_limit_query(APILimits::ACTION_CREATE_ACCOUNT, true);
//Success
return array(
"success" => "The account has been created !"
@ -126,6 +286,53 @@ class accountController {
$data = components()->account->export(userID);
//Process data set
//Find the users to fetch information about too
$users = array();
$add_user_id = function(int $userID, array &$list){
if(!in_array($userID, $list))
$list[] = $userID;
};
//Friends
foreach($data["friends_list"] as $friend)
$add_user_id($friend->getFriendID(), $users);
//Posts
foreach($data["posts"] as $num => $post){
$add_user_id($post->get_userID(), $users);
//Process post comments
if($post->has_comments()){
foreach($post->get_comments() as $comment)
$add_user_id($comment->get_userID(), $users);
}
}
//Comments
foreach($data["comments"] as $num => $comment)
$add_user_id($comment->get_userID(), $users);
//Conversation members
foreach($data["conversations_list"] as $num => $conversation){
foreach($conversation->get_members() as $member)
$add_user_id($member, $users);
}
//Conversation messages
foreach($data["conversations_messages"] as $num => $conversation){
foreach($conversation as $message)
$add_user_id($message->get_userID(), $users);
}
//Fetch information about related users
$data["users_info"] = components()->user->getMultipleUserInfos($users);
//Prepare API return
//Advanced user information
$data["advanced_info"] = userController::advancedUserToAPI($data["advanced_info"]);
@ -149,18 +356,28 @@ class accountController {
foreach($data["movies"] as $num => $movie)
$data["movies"][$num] = MoviesController::MovieToAPI($movie);
//Conversations messages
foreach($data["conversation_messages"] as $num => $message)
$data["conversation_messages"][$num] = ConversationsController::ConvMessageToAPI($message);
//All conversations messages from user
foreach($data["all_conversation_messages"] as $num => $message)
$data["all_conversation_messages"][$num] = ConversationsController::ConvMessageToAPI($message);
//Conversations list
foreach($data["conversations_list"] as $num => $conversation)
$data["conversations_list"][$num] = ConversationsController::ConvInfoToAPI($conversation);
//Conversation messages
foreach($data["conversations_messages"] as $convID=>$messages){
foreach($messages as $num=>$message)
$data["conversations_messages"][$convID][$num] = ConversationsController::ConvMessageToAPI($message);
}
//Friends list
foreach($data["friends_list"] as $num => $friend)
$data["friends_list"][$num] = friendsController::parseFriendAPI($friend);
//Users information
foreach($data["users_info"] as $num => $user)
$data["users_info"][$num] = userController::userToAPI($user);
return $data;
}
@ -184,4 +401,70 @@ class accountController {
return array("success" => "The user account has been successfully deleted!");
}
/**
* Get and return the email address associated with an account
* from a $_POST request
*
* @param string $name The name of the POST field containing the
* email address
* @return string The email address
*/
private function getPostAccountEmail(string $name) : string {
//Get the email address
$email = postEmail($name);
//Check if the email is associated with an account
if(!components()->account->exists_email($email))
Rest_fatal_error(404, "Specified email address in '".$name."' not found!");
return $email;
}
/**
* Get email address from $_POST request and return associated
* account ID
*
* @param string $name The name of post field containing email
* @return int Associated account ID
*/
private function getUserIDFromPostEmail(string $name) : int {
//Get account email
$email = $this->getPostAccountEmail($name);
//Get the ID of the assocated account
$userID = components()->account->getIDfromEmail($email);
//Check user ID
if($userID < 1)
Rest_fatal_error(500, "Could link the email address to an account!");
return $userID;
}
/**
* Get the ID of a user from a password reset token
*
* @param string $name The name of the post field containing token
* @return int Associated user ID
*/
private function getUserIDFromPasswordResetToken(string $name) : int {
//Get the token
$token = postString($name, 10);
//Validate the tokens
$userID = components()->account->getUserIDfromResetToken($token);
//Check if the user ID is valid
if($userID < 1)
Rest_fatal_error(401, "Invalid token!");
return $userID;
}
}

4
RestControllers/friendsController.php
View File

@ -113,6 +113,10 @@ class friendsController{
//Get target ID
$friendID = getPostUserID('friendID');
//Check if the current user is requesting himself as friend
if($friendID == userID)
Rest_fatal_error(401, "You can not become a friend to yourself!");
//Check if the two persons are already friend
if(CS::get()->components->friends->are_friend(userID, $friendID))
Rest_fatal_error(401, "The two personns are already friend !");

8
RestControllers/notificationsController.php
View File

@ -40,11 +40,17 @@ class notificationsController {
user_login_required();
//Get and return the data
return array(
$data = array(
"notifications" => components()->notifications->count_unread(userID),
"conversations" => components()->conversations->number_user_unread(userID)
);
//Include friendship requests if required
if(isset($_POST["friends_request"]))
if(postBool("friends_request"))
$data["friends_request"] = components()->friends->count_requests(userID);
return $data;
}

43
RestControllers/searchController.php
View File

@ -1,43 +0,0 @@
<?php
/**
* Search controller
*
* @author Pierre HUBERT
*/
class searchController
{
/**
* Peform a research on the database
*
* @url POST /search/user
* @url POST /user/search
*/
public function search_user(){
user_login_required();
//Check if the query was specified with the request
if(!isset($_POST['query']))
Rest_fatal_error(400, "Please specify search terms");
$query = $_POST['query'];
//Check the query
if(strlen($query) < 1)
Rest_fatal_error(401, "Empty requests not allowed !");
//Check for search limit
$searchLimit = (isset($_POST['searchLimit']) ? toInt($_POST['searchLimit']) : 5);
//Check the limit
if($searchLimit < 1 || $searchLimit > 25)
Rest_fatal_error(401, "Invalid search limit !");
//Perform research on the database and return results
$results = CS::get()->components->search->search_user($query, $searchLimit);
if($results === false)
Rest_fatal_error(500, "An error occured while trying to perform a research in user list !");
//Return results
return $results;
}
}

18
classes/APIClients.php
View File

@ -7,6 +7,12 @@
class APIClients {
/**
* Tables name
*/
const SERVICES_TOKENS_TABLE = DBprefix."api_services_tokens";
const USERS_TOKENS_TABLE = DBprefix."api_users_tokens";
/**
* Check request client tokens
*
@ -21,7 +27,7 @@ class APIClients {
return false;
//Save service ID in a constant
define("APIServiceID", $serviceInfos["ID"]);
define("APIServiceID", $serviceInfos["id"]);
//Save service domain in a constant (if any)
if($serviceInfos["clientDomain"] != "")
@ -40,8 +46,8 @@ class APIClients {
*/
private function validateClientTokens(string $serviceName, string $token) {
//Prepare DataBase request
$tableName = CS::get()->config->get("dbprefix")."API_ServicesToken";
$conditions = "WHERE serviceName = ? AND token = ?";
$tableName = self::SERVICES_TOKENS_TABLE;
$conditions = "WHERE service_name = ? AND token = ?";
$values = array(
$serviceName,
$token
@ -58,7 +64,7 @@ class APIClients {
//The API is correctly identified
//Generate client informations
$clientInformations = array(
"ID" => $requestResult[0]['ID'],
"id" => $requestResult[0]['id'],
"clientDomain" => ($requestResult[0]["client_domain"] == "" ? false : $requestResult[0]["client_domain"])
);
@ -80,7 +86,7 @@ class APIClients {
$entry = self::APIClientsToDb($client);
//Insert the entry in the database
$tableName = CS::get()->config->get("dbprefix")."API_ServicesToken";
$tableName = self::SERVICES_TOKENS_TABLE;
return CS::get()->db->addLine($tableName, $entry);
}
@ -95,7 +101,7 @@ class APIClients {
$data = array();
$data["time_insert"] = $client->get_time_insert();
$data["serviceName"] = $client->get_name();
$data["service_name"] = $client->get_name();
$data["token"] = $client->get_token();
if($client->has_client_domain())
$data["client_domain"] = $client->get_client_domain();

141
classes/APILimits.php Normal file
View File

@ -0,0 +1,141 @@
<?php
/**
* API Actions limits count
*
* @author Pierre HUBERT
*/
class APILimits {
/**
* Table name
*/
const TABLE_NAME = DBprefix."api_limit_count";
/**
* Entries live time
*/
const KEEP_DATA_FOR = 3600; // 1 hour
/**
* Actions list
*/
const ACTION_LOGIN_FAILED = "failed_login";
const ACTION_CREATE_ACCOUNT = "create_account";
/**
* Actions configruation
*/
const ACTIONS = array(
//Login failed
self::ACTION_LOGIN_FAILED => array(
"limit" => 10
),
//Create an account
self::ACTION_CREATE_ACCOUNT => array(
"limit" => 10
),
);
/**
* Limit the number of time a client can perform a query over the API
*
* @param string $action The name of the action to limit
* @param bool $trigger Specify whether this call of the method must be
* considered as a call of the client or not
*/
public function limit_query(string $action, bool $trigger){
//First, clean old entries
$this->clean();
$ip = $_SERVER["REMOTE_ADDR"];
//If required, increase action by one
if($trigger)
$this->trigger($action, $ip);
//Count the number of time the action occurred
if($this->count($action, $ip) > self::ACTIONS[$action]["limit"])
Rest_fatal_error(429, "Too many request. Please try again later.");
}
/**
* Clean old entries
*/
public function clean(){
db()->deleteEntry(
self::TABLE_NAME,
"time_start < ?",
array(time() - self::KEEP_DATA_FOR)
);
}
/**
* Increase by one the number of the time a client performed
* an action
*
* @param string $action The action to trigger
* @param string $ip The target IP address
* @return bool TRUE for a success else FALSE
*/
private function trigger(string $action, string $ip) : bool {
if(!$this->exists($action, $ip)){
return db()->addLine(self::TABLE_NAME, array(
"ip" => $ip,
"time_start" => time(),
"action" => $action,
"count" => 1
));
}
else {
$number = $this->count($action, $ip);
$number++;
return db()->updateDB(self::TABLE_NAME,
"ip = ? AND action = ?",
array("count" => $number),
array($ip, $action));
}
}
/**
* Check wether an action has been referenced at least once in
* the database
*
* @param string $action The action to check
* @param string $ip The target IP address
* @return bool TRUE if the entry has been found at least once / FALSE else
*/
private function exists(string $action, string $ip) : bool {
return db()->count(self::TABLE_NAME,
"WHERE ip = ? AND action = ?",
array($ip, $action)) > 0;
}
/**
* Count the number of time an IP address has performed an action
*
* @param string $action The target action
* @param string $ip Target IP address
* @return int The number of time the action has been done
*/
private function count(string $action, string $ip) : int {
$data = db()->select(self::TABLE_NAME,
"WHERE ip = ? AND action = ?",
array($ip, $action),
array("count"));
if(count($data) < 1)
return 1;
else
return $data[0]["count"];
}
}

11
classes/DBLibrary.php
View File

@ -560,7 +560,12 @@ class DBLibrary {
//PDO informations
if($this->verbose){
echo "\n PDO last error:";
echo "\n\n Call trace:";
echo $e->getTraceAsString();
echo "\n\n PDO last error:";
print_r($this->db->errorInfo());
}
}
@ -576,6 +581,10 @@ class DBLibrary {
//PDO informations
if($this->verbose){
echo "\n\n Call trace:";
echo $e->getTraceAsString();
echo "\n PDO last error:";
print_r($this->db->errorInfo);
}

1
classes/URLanalyzer.php
View File

@ -25,6 +25,7 @@ class URLAnalyzer {
//Set timeout
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
//Get the response
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

139
classes/components/AccountComponent.php
View File

@ -12,18 +12,6 @@ class AccountComponent {
*/
const USER_TABLE = "utilisateurs";
/**
* @var String $userLoginAPItable The name of the table that contains logins performed on the API
*/
private $userLoginAPItable = "";
/**
* Public constructor
*/
public function __construct(){
$this->userLoginAPItable = CS::get()->config->get("dbprefix")."API_userLoginToken";
}
/**
* Try to login user with returning a service token
*
@ -61,10 +49,10 @@ class AccountComponent {
$token2 = random_str(75);
//Insert token in the database
$tableName = $this->userLoginAPItable;
$tableName = APIClients::USERS_TOKENS_TABLE;
$insertValues = array(
"ID_utilisateurs" => $userID,
"ID_".CS::get()->config->get("dbprefix")."API_ServicesToken" => $serviceID,
"user_id" => $userID,
"service_id" => $serviceID,
"token1" => $token1,
"token2" => $token2
);
@ -84,12 +72,12 @@ class AccountComponent {
*/
private function getUserLoginTokenByIDs(int $userID, int $serviceID) {
//Prepare database request
$conditions = "WHERE ID_utilisateurs = ? AND ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ?";
$conditions = "WHERE user_id = ? AND service_id = ?";
$values = array(
$userID,
$serviceID
);
$tokenInfos = CS::get()->db->select($this->userLoginAPItable, $conditions, $values);
$tokenInfos = CS::get()->db->select(APIClients::USERS_TOKENS_TABLE, $conditions, $values);
if(count($tokenInfos) == 0)
return false; //There is nobody at this address
@ -111,14 +99,14 @@ class AccountComponent {
public function deleteUserLoginToken(int $userID, string $serviceID) : bool {
//Prepare database request
$condition = "ID_utilisateurs = ? AND ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ?";
$condition = "user_id = ? AND service_id = ?";
$values = array(
$userID,
$serviceID
);
//Try to perform request
if(!CS::get()->db->deleteEntry($this->userLoginAPItable, $condition, $values))
if(!CS::get()->db->deleteEntry(APIClients::USERS_TOKENS_TABLE, $condition, $values))
return false; //Something went wrong during the request
//Everything is ok
@ -135,13 +123,13 @@ class AccountComponent {
public function deleteAllUserLoginTokens(int $userID) : bool {
//Prepare database request
$condition = "ID_utilisateurs = ?";
$condition = "user_id = ?";
$values = array(
$userID
);
//Try to perform request
if(!CS::get()->db->deleteEntry($this->userLoginAPItable, $condition, $values))
if(!CS::get()->db->deleteEntry(APIClients::USERS_TOKENS_TABLE, $condition, $values))
return false; //Something went wrong during the request
//Everything is ok
@ -162,8 +150,8 @@ class AccountComponent {
return 0;
//Prepare database request
$tablesName = $this->userLoginAPItable;
$conditions = "WHERE ".$this->userLoginAPItable.".ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ? AND ".$this->userLoginAPItable.".token1 = ? AND ".$this->userLoginAPItable.".token2 = ?";
$tablesName = APIClients::USERS_TOKENS_TABLE;
$conditions = "WHERE ".APIClients::USERS_TOKENS_TABLE.".service_id = ? AND ".APIClients::USERS_TOKENS_TABLE.".token1 = ? AND ".APIClients::USERS_TOKENS_TABLE.".token2 = ?";
$conditionsValues = array(
$serviceID,
$tokens[0],
@ -178,7 +166,7 @@ class AccountComponent {
return 0; //No result
//Return ID
return $userInfos[0]["ID_utilisateurs"];
return $userInfos[0]["user_id"];
}
/**
@ -198,6 +186,30 @@ class AccountComponent {
}
/**
* Get the ID of the account associated with an email address
*
* @param string $email The email address
* @return int The ID of the account / -1 in case of failure
*/
public function getIDfromEmail(string $email): int {
//Perform an API request
$tableName = self::USER_TABLE;
$conditions = "WHERE mail = ?";
$values = array($email);
//Peform the request
$values = cs()->db->select($tableName, $conditions, $values);
if(count($values) == 0)
return -1; //No result found
//Return first value
return $values[0]["ID"];
}
/**
* Intend to create an account
*
@ -267,6 +279,69 @@ class AccountComponent {
return CS::get()->db->updateDB(self::USER_TABLE, "ID = ?", $modif, array($userID));
}
/**
* Set new password reset token for an account
*
* @param int $userID Target user ID
* @param string $token The new token to apply
* @return bool TRUE for a success / FALSE else
*/
public function set_new_password_reset_token(int $userID, string $token) : bool {
//Prepare database update
$modifs = array(
"password_reset_token" => $token,
"password_reset_token_time_create" => time()
);
//Apply update
return cs()->db->updateDB(self::USER_TABLE, "ID = ?", $modifs, array($userID));
}
/**
* Delete the password reset token for an account
*
* @param int $userID Target user ID
* @return bool TRUE for a success / FALSE else
*/
public function remove_password_reset_token(int $userID) : bool {
//Prepare database update
$modifs = array(
"password_reset_token" => "",
"password_reset_token_time_create" => 84 //Too low value to be valid
);
//Apply update
return cs()->db->updateDB(self::USER_TABLE, "ID = ?", $modifs, array($userID));
}
/**
* Associate password reset token with user ID
*
* @param string $token The token to associate
* @return int The ID of the user / -1 in case of failure
*/
public function getUserIDfromResetToken(string $token) : int {
//Prepare database query
$conditions = "WHERE password_reset_token = ? AND password_reset_token_time_create > ?";
$values = array(
$token,
time()-60*60*24 //Maximum validity : 24 hours
);
//Query the database
$results = cs()->db->select(self::USER_TABLE, $conditions, $values);
//Check if there is not any result
if(count($results) == 0)
return -1;
//Return first result user ID
return $results[0]["ID"];
}
/**
* Crypt user password
*
@ -306,11 +381,20 @@ class AccountComponent {
$data["movies"] = components()->movies->get_list($userID);
//Conversation messages
$data["conversation_messages"] = components()->conversations->getAllUserMessages($userID);
$data["all_conversation_messages"] = components()->conversations->getAllUserMessages($userID);
//Conversations list
$data["conversations_list"] = components()->conversations->getList($userID);
//Conversation messages
$data["conversations_messages"] = array();
foreach($data["conversations_list"] as $conversation)
//Get all the messages of the conversation
$data["conversations_messages"][$conversation->get_ID()] =
components()->conversations->getAllMessages($conversation->get_ID());
//Friend list
$data["friends_list"] = components()->friends->getList($userID);
@ -365,6 +449,9 @@ class AccountComponent {
if(!components()->accountImage->delete($userID))
return FALSE;
if(!components()->backgroundImage->delete($userID))
return FALSE;
//Delete connections to all the services
if(!$this->deleteAllUserLoginTokens($userID))
return FALSE;*/
@ -372,6 +459,8 @@ class AccountComponent {
//Delete user from the database
//WILL BE IMPLEMENTED WHEN LEGACY VERSION WILL BE REMOVED
exit("Notice: Account deletion should be available soon...");
//Success
return FALSE;
}

99
classes/components/BackgroundImage.php Normal file
View File

@ -0,0 +1,99 @@
<?php
/**
* User background image class
*
* @author Pierre HUBERT
*/
class BackgroundImage {
/**
* @var String Base folder path for account image
*/
private $files_path;
/**
* @var String Base URL for account images
*/
private $files_url;
/**
* @var String Default background image
*/
private $defaultFile = "0.jpg";
/**
* Constructor of the class
*/
public function __construct(){
//Set values
$this->files_path = path_user_data(CS::get()->config->get("backgroundImagePath"), true);
$this->files_url = path_user_data(CS::get()->config->get("backgroundImagePath"), false);
}
/**
* Returns the path of a background image
*
* @param int $userID The ID of the user on which we perform research
* @return string The URL pointing on the background image
*/
public function getPath(int $userID) : string {
//First, check if the background image exists
$backgroundImageRefFile = $this->getPathMetadata($userID);
if(file_exists($backgroundImageRefFile)){
//Get background image path and return it
return $this->files_url.file_get_contents($backgroundImageRefFile);
}
else {
//Return default background image
return $this->files_url.$this->defaultFile;
}
}
/**
* Delete the account image of a user (if any)
*
* @param int $userID The ID of the target user
* @return bool TRUE for a success / FALSE else
*/
public function delete(int $userID) : bool {
//Get the path to the background image
$refFile = $this->getPathMetadata($userID);
//Check if ref file exists or not
if(file_exists($refFile)){
$file_target = $this->files_path.file_get_contents($refFile);
//Delete file
if(file_exists($file_target)){
if(!unlink($file_target))
return FALSE;
}
//Unlink reference file
return unlink($refFile);
}
//Nothing to be done
else
return TRUE;
}
/**
* Get the path to the file containing the path to the background image
*
* @param int $userID Target user ID
* @return string The path to the file
*/
private function getPathMetadata(int $userID) : string {
return $this->files_path."adresse_imgfond/".$userID.".txt";
}
}
//Register class
Components::register("backgroundImage", new BackgroundImage());

259
classes/components/Conversations.php
View File

@ -8,29 +8,11 @@
class Conversations {
/**
* @var String $conversationsListTable Name of the conversation list table
* Tables name definition
*/
private $conversationsListTable;
/**
* @var String $conversationsUsersTable Name of the conversation users table
*/
private $conversationsUsersTable;
/**
* @var String $conversationMessagesTabel Name of the conversation messages table
*/
private $conversationsMessagesTable;
/**
* Public constructor
*/
public function __construct(){
$this->conversationsListTable = CS::get()->config->get("dbprefix")."conversations_list";
$this->conversationsUsersTable = CS::get()->config->get("dbprefix")."conversations_users";
$this->conversationsMessagesTable = CS::get()->config->get("dbprefix")."conversations_messages";
}
const LIST_TABLE = DBprefix."conversations_list";
const USERS_TABLE = DBprefix."conversations_users";
const MESSAGES_TABLE = DBprefix."conversations_messages";
/**
* Get the conversations list of a specified user
@ -43,19 +25,19 @@ class Conversations {
public function getList(int $userID, int $conversationID = 0){
//Prepare database request
$tablesName = $this->conversationsListTable.", ".$this->conversationsUsersTable;
$tablesName = self::LIST_TABLE.", ".self::USERS_TABLE;
//Prepare conditions
$tableJoinCondition = $this->conversationsListTable.".ID = ".$this->conversationsUsersTable.".ID_".$this->conversationsListTable."";
$userCondition = $this->conversationsUsersTable.".ID_utilisateurs = ?";
$orderResults = "ORDER BY ".$this->conversationsListTable.".last_active DESC";
$tableJoinCondition = self::LIST_TABLE.".id = ".self::USERS_TABLE.".conv_id";
$userCondition = self::USERS_TABLE.".user_id = ?";
$orderResults = "ORDER BY ".self::LIST_TABLE.".last_active DESC";
//Specify conditions values
$conditionsValues = array($userID);
//Check if we have to get informations about just one conversation
if($conversationID != 0){
$specificConditions = "AND ".$this->conversationsListTable.".ID = ?";
$specificConditions = "AND ".self::LIST_TABLE.".id = ?";
$conditionsValues[] = $conversationID;
}
else
@ -66,12 +48,12 @@ class Conversations {
//Fields list
$requiredFields = array(
$this->conversationsListTable.".ID",
$this->conversationsListTable.".last_active",
$this->conversationsListTable.".name",
$this->conversationsListTable.".ID_utilisateurs AS ID_owner",
$this->conversationsUsersTable.".following",
$this->conversationsUsersTable.".saw_last_message",
self::LIST_TABLE.".id",
self::LIST_TABLE.".last_active",
self::LIST_TABLE.".name",
self::LIST_TABLE.".user_id AS owner_id",
self::USERS_TABLE.".following",
self::USERS_TABLE.".saw_last_message",
);
//Perform database request
@ -101,10 +83,10 @@ class Conversations {
public function getConversationMembers(int $conversationID) : array {
//Perform a request on the database
$tableName = $this->conversationsUsersTable;
$conditions = "WHERE ID_".$this->conversationsListTable." = ?";
$tableName = self::USERS_TABLE;
$conditions = "WHERE conv_id = ?";
$conditionsValues = array($conversationID*1);
$getFields = array("ID_utilisateurs as userID");
$getFields = array("user_id");
//Perform the request
$results = CS::get()->db->select($tableName, $conditions, $conditionsValues, $getFields);
@ -116,7 +98,7 @@ class Conversations {
$membersList = array();
foreach($results as $processUser)
$membersList[] = $processUser["userID"];
$membersList[] = $processUser["user_id"];
//Return result
return $membersList;
@ -131,18 +113,18 @@ class Conversations {
public function create(ConversationInfo $conv) : int{
$mainInformations = array(
"ID_utilisateurs" => $conv->get_id_owner(),
"user_id" => $conv->get_id_owner(),
"name" => ($conv->has_name() ? $conv->get_name() : ""),
"last_active" => time(),
"creation_time" => time()
);
//First, insert the conversation in the main table
if(!CS::get()->db->addLine($this->conversationsListTable, $mainInformations))
if(!CS::get()->db->addLine(self::LIST_TABLE, $mainInformations))
return 0; //An error occured
//Get the last inserted ID
$conversationID = CS::get()->db->getLastInsertedID();
$conversationID = db()->getLastInsertedID();
//Check for errors
if($conversationID == 0)
@ -175,8 +157,8 @@ class Conversations {
public function userBelongsTo(int $userID, int $conversationID) : bool {
//Prepare a request on the database
$tableName = $this->conversationsUsersTable;
$conditions = "WHERE ID_".$this->conversationsListTable." = ? AND ID_utilisateurs = ?";
$tableName = self::USERS_TABLE;
$conditions = "WHERE conv_id = ? AND user_id = ?";
$values = array(
$conversationID,
$userID
@ -204,8 +186,8 @@ class Conversations {
public function changeFollowState(int $userID, int $conversationID, bool $follow) : bool{
//Prepare the request on the database
$tableName = $this->conversationsUsersTable;
$conditions = "ID_".$this->conversationsListTable." = ? AND ID_utilisateurs = ?";
$tableName = self::USERS_TABLE;
$conditions = "conv_id = ? AND user_id = ?";
$condVals = array(
$conversationID,
$userID
@ -233,8 +215,8 @@ class Conversations {
*/
public function changeName(int $conversationID, string $conversationName) : bool{
//Prepare database request
$tableName = $this->conversationsListTable;
$conditions = "ID = ?";
$tableName = self::LIST_TABLE;
$conditions = "id = ?";
$condVals = array($conversationID);
//Changes
@ -295,10 +277,10 @@ class Conversations {
private function addMember(int $conversationID, int $userID, bool $follow = false) : bool {
//Prepare database request
$tableName = $this->conversationsUsersTable;
$tableName = self::USERS_TABLE;
$values = array(
"ID_".$this->conversationsListTable => $conversationID,
"ID_utilisateurs" => $userID,
"conv_id" => $conversationID,
"user_id" => $userID,
"time_add" => time(),
"following" => $follow ? 1 : 0,
"saw_last_message" => 1
@ -317,8 +299,8 @@ class Conversations {
*/
private function removeMember(int $conversationID, int $userID) : bool {
//Prepare database request
$tableName = $this->conversationsUsersTable;
$conditions = "ID_".$this->conversationsListTable." = ? AND ID_utilisateurs = ?";
$tableName = self::USERS_TABLE;
$conditions = "conv_id = ? AND user_id = ?";
$values = array(
$conversationID,
$userID
@ -337,11 +319,11 @@ class Conversations {
*/
public function userIsModerator(int $userID, int $conversationID) : bool {
//Prepare database request
$tableName = $this->conversationsListTable;
$conditions = "WHERE ID = ?";
$tableName = self::LIST_TABLE;
$conditions = "WHERE id = ?";
$values = array($conversationID);
$requiredFields = array(
"ID_utilisateurs"
"user_id"
);
//Peform a request on the database
@ -356,7 +338,22 @@ class Conversations {
return false;
//Check the first result only
return $results[0]["ID_utilisateurs"] == $userID;
return $results[0]["user_id"] == $userID;
}
/**
* Check whether a user is the owner of a conversation message or not
*
* @param int $userID Target user ID
* @param int $messageID Target message
* @return bool TRUE if the user is the owner of the conversation / FALSE else
*/
public function isOwnerMessage(int $userID, int $messageID) : bool {
return db()->count(
self::MESSAGES_TABLE,
"WHERE id = ? AND user_id = ?",
array($messageID, $userID)
) > 0;
}
/**
@ -369,22 +366,22 @@ class Conversations {
public function findPrivate(int $user1, int $user2) : array{
//Prepare database request
$tableName = $this->conversationsUsersTable." AS table1 JOIN ".
$this->conversationsUsersTable." AS table2 JOIN ".
$this->conversationsUsersTable." AS table3";
$tableName = self::USERS_TABLE." AS table1 JOIN ".
self::USERS_TABLE." AS table2 JOIN ".
self::USERS_TABLE." AS table3";
//Prepare conditions
$joinCondition = "(table1.ID_".$this->conversationsListTable." = table2.ID_".$this->conversationsListTable.")".
"AND (table1.ID_".$this->conversationsListTable." = table3.ID_".$this->conversationsListTable.")";
$whereConditions = "table1.ID_utilisateurs = ? AND table2.ID_utilisateurs = ?";
$groupCondition = "table1.ID_".$this->conversationsListTable." having count(*) = 2";
$joinCondition = "(table1.conv_id = table2.conv_id)".
"AND (table1.conv_id = table3.conv_id)";
$whereConditions = "table1.user_id = ? AND table2.user_id = ?";
$groupCondition = "table1.conv_id having count(*) = 2";
//Conditions values
$condValues = array($user1, $user2);
//Required fields
$requiredFields = array(
"table1.ID_".$this->conversationsListTable." as conversationID",
"table1.conv_id as conversationID",
);
//Build conditions
@ -415,11 +412,11 @@ class Conversations {
private function insertMessage(NewConversationMessage $message) : bool {
//Prepare values
$tableName = $this->conversationsMessagesTable;
$tableName = self::MESSAGES_TABLE;
$values = array(
"ID_".$this->conversationsListTable => $message->get_conversationID(),
"ID_utilisateurs" => $message->get_userID(),
"time_insert" => time(),
"conv_id" => $message->get_conversationID(),
"user_id" => $message->get_userID(),
"time_insert" => $message->get_time_sent(),
"message" => $message->has_message() ? $message->get_message() : ""
);
@ -445,8 +442,8 @@ class Conversations {
private function updateLastActive(int $conversationID, int $time) : bool{
//Perform a request on the database
$tableName = $this->conversationsListTable;
$conditions = "ID = ?";
$tableName = self::LIST_TABLE;
$conditions = "id = ?";
$condVals = array($conversationID);
//Set new values
@ -472,13 +469,13 @@ class Conversations {
private function allUsersAsUnread(int $conversationID, array $exceptions) : bool{
//Prepare request
$tableName = $this->conversationsUsersTable;
$conditions = "ID_".$this->conversationsListTable." = ?";
$tableName = self::USERS_TABLE;
$conditions = "conv_id = ?";
$condVals = array($conversationID);
//Remove users exceptions
foreach($exceptions as $userID){
$conditions.= " AND ID_utilisateurs != ?";
$conditions.= " AND user_id != ?";
$condVals[] = $userID;
}
@ -505,8 +502,8 @@ class Conversations {
public function markUserAsRead(int $userID, int $conversationID) : bool {
//Prepare database request
$tableName = $this->conversationsUsersTable;
$conditions = "ID_".$this->conversationsListTable." = ? AND ID_utilisateurs = ?";
$tableName = self::USERS_TABLE;
$conditions = "conv_id = ? AND user_id = ?";
$condVals = array(
$conversationID,
$userID
@ -536,12 +533,15 @@ class Conversations {
//GUIDE LINE : this method act like a "controller" : it doesn't perform any database operation
//But it manages all operations (insert message; save image; inform other users; ...)
//Set unique message time
$message->set_time_sent(time());
//First, try to insert the message
if(!$this->insertMessage($message))
return false; //An error occured
//Then, update the last activity of the conversation
if(!$this->updateLastActive($message->get_conversationID(), time()))
if(!$this->updateLastActive($message->get_conversationID(), $message->get_time_sent()))
return false; //An error occured (2)
//Then, set all the users of the conversation as unread
@ -552,6 +552,24 @@ class Conversations {
return true;
}
/**
* Update a message
*
* @param ConversationMessage $message Information about the message to update
* @return bool TRUE for a success / FALSE else
*/
public function updateMessage(ConversationMessage $message) : bool {
$modifs = array();
//Check if the content of message has to be updated
if($message->has_message())
$modifs["message"] = $message->get_message();
//Peform update
return db()->updateDB(self::MESSAGES_TABLE, "id = ?", $modifs, array($message->get_id()));
}
/**
* Get the last messages of a conversation
*
@ -562,7 +580,7 @@ class Conversations {
public function getLastMessages(int $conversationID, int $numberOfMessages) : array {
//Define conditions
$conditions = "WHERE ID_".$this->conversationsListTable." = ? ORDER BY ID DESC LIMIT ".($numberOfMessages*1);
$conditions = "WHERE conv_id = ? ORDER BY id DESC LIMIT ".($numberOfMessages*1);
$condVals = array(
$conversationID
);
@ -587,7 +605,7 @@ class Conversations {
public function getNewMessages(int $conversationID, int $lastMessageID) : array {
//Define conditions
$conditions = "WHERE ID_".$this->conversationsListTable." = ? AND ID > ? ORDER BY ID";
$conditions = "WHERE conv_id = ? AND ID > ? ORDER BY id";
$condVals = array(
$conversationID,
$lastMessageID
@ -611,7 +629,7 @@ class Conversations {
public function getOlderMessages(int $conversationID, int $startID, int $limit) : array {
//Define conditions
$conditions = "WHERE ID_".$this->conversationsListTable." = ? AND ID < ? ORDER BY ID DESC LIMIT ".($limit);
$conditions = "WHERE conv_id = ? AND ID < ? ORDER BY id DESC LIMIT ".($limit);
$condVals = array(
$conversationID,
$startID + 1
@ -628,6 +646,27 @@ class Conversations {
}
/**
* Get all the messages of a conversation
*
* @param int $conversationID The ID of the target conversation
* @return array The list of messages
*/
public function getAllMessages(int $conversationID) : array {
//Define conditions
$conditions = "WHERE conv_id = ? ORDER BY id";
$condVals = array(
$conversationID
);
//Perform request
$messages = $this->getMessages($conditions, $condVals);
//Return messages
return $messages;
}
/**
* Check whether a conversation exists or not
*
@ -637,9 +676,9 @@ class Conversations {
public function exist(int $convID) : bool {
//Perform a request on the database
$tableName = $this->conversationsListTable;
$tableName = self::LIST_TABLE;
return CS::get()->db->count($tableName, "WHERE ID = ?", array($convID)) > 0;
return CS::get()->db->count($tableName, "WHERE id = ?", array($convID)) > 0;
}
@ -677,7 +716,7 @@ class Conversations {
public function delete_conversation(int $convID) : bool {
//Get all the messages of the conversation
$messages = $this->getMessages("WHERE ID_".$this->conversationsListTable." = ?", array($convID));
$messages = $this->getMessages("WHERE conv_id = ?", array($convID));
//Delete each message
foreach($messages as $message){
@ -712,7 +751,7 @@ class Conversations {
//Get all the messages of member the conversation
$messages = $this->getMessages(
"WHERE ID_".$this->conversationsListTable." = ? AND ID_utilisateurs = ?",
"WHERE conv_id = ? AND user_id = ?",
array($convID, $memberID));
//Delete each message
@ -729,6 +768,22 @@ class Conversations {
return true;
}
/**
* Delete a single conversation message
*
* @param int $messageID The ID of the message to delete
* @return bool TRUE for a success / FALSE else
*/
public function deleteConversationMessage(int $messageID) : bool {
//Get information about the message
$messages = $this->getMessages("WHERE id = ?", array($messageID));
if(count($messages) < 1)
return FALSE; //Message not found
return $this->delete_message($messages[0]);
}
/**
* Delete a single message of a conversation
@ -753,7 +808,7 @@ class Conversations {
//Delete message from the database
$conditions = "ID = ?";
$condValues = array($message->get_id());
return CS::get()->db->deleteEntry($this->conversationsMessagesTable, $conditions, $condValues);
return CS::get()->db->deleteEntry(self::MESSAGES_TABLE, $conditions, $condValues);
}
@ -766,13 +821,13 @@ class Conversations {
private function delete_all_members(int $convID) : bool {
//Prepare request on the database
$conditions = "ID_".$this->conversationsListTable." = ?";
$conditions = "conv_id = ?";
$values = array(
$convID
);
//Try to perform request
return CS::get()->db->deleteEntry($this->conversationsUsersTable, $conditions, $values);
return CS::get()->db->deleteEntry(self::USERS_TABLE, $conditions, $values);
}
@ -783,7 +838,7 @@ class Conversations {
* @return bool True in case of success / false else
*/
private function delete_conversation_entry(int $convID) : bool {
return CS::get()->db->deleteEntry($this->conversationsListTable, "ID = ?", array($convID));
return CS::get()->db->deleteEntry(self::LIST_TABLE, "id = ?", array($convID));
}
/**
@ -795,8 +850,8 @@ class Conversations {
public function number_user_unread(int $userID) : int {
//Prepare database request
$tableName = $this->conversationsUsersTable;
$conditions = "WHERE ID_utilisateurs = ? AND saw_last_message = 0 AND following = 1";
$tableName = self::USERS_TABLE;
$conditions = "WHERE user_id = ? AND saw_last_message = 0 AND following = 1";
$values = array($userID);
//Perform request and return result
@ -813,9 +868,9 @@ class Conversations {
public function get_list_unread(int $userID) : array {
//Perform the request on the server
$tablesName = $this->conversationsUsersTable." as users, ".$this->conversationsListTable." as list, ".$this->conversationsMessagesTable." as messages";
$conditions = "WHERE users.ID_utilisateurs = ? AND users.following = 1 AND users.saw_last_message = 0 AND users.ID_comunic_conversations_list = list.ID
AND list.ID = messages.ID_comunic_conversations_list AND list.last_active = messages.time_insert";
$tablesName = self::USERS_TABLE." as users, ".self::LIST_TABLE." as list, ".self::MESSAGES_TABLE." as messages";
$conditions = "WHERE users.user_id = ? AND users.following = 1 AND users.saw_last_message = 0 AND users.conv_id = list.id
AND list.id = messages.conv_id AND list.last_active = messages.time_insert";
$values = array($userID);
//Perform the request
@ -843,7 +898,7 @@ class Conversations {
public function getAllUserMessages(int $userID) : array {
//Define conditions
$conditions = "WHERE ID_utilisateurs = ? ";
$conditions = "WHERE user_id = ? ";
$condVals = array(
$userID
);
@ -908,12 +963,12 @@ class Conversations {
private function getMessages(string $conditions, array $conditionsValues = array()) : array{
//Prepare database request
$tableName = $this->conversationsMessagesTable;
$tableName = self::MESSAGES_TABLE;
//Define required fields
$requiredFields = array(
"ID",
"ID_utilisateurs AS ID_user",
"id",
"user_id",
"image_path",
"message",
"time_insert"
@ -940,14 +995,14 @@ class Conversations {
$conv = new ConversationInfo();
$conv->set_id($entry["ID"]);
$conv->set_id_owner($entry["ID_owner"]);
$conv->set_id($entry["id"]);
$conv->set_id_owner($entry["owner_id"]);
$conv->set_last_active($entry["last_active"]);
if($entry["name"] != null)
$conv->set_name($entry["name"]);
$conv->set_following($entry["following"] == 1);
$conv->set_saw_last_message($entry["saw_last_message"] == 1);
$conv->set_members($this->getConversationMembers($entry["ID"]));
$conv->set_members($this->getConversationMembers($entry["id"]));
return $conv;
@ -963,8 +1018,8 @@ class Conversations {
$message = new ConversationMessage();
$message->set_id($entry["ID"]);
$message->set_userID($entry["ID_user"]);
$message->set_id($entry["id"]);
$message->set_userID($entry["user_id"]);
$message->set_time_sent($entry["time_insert"]);
if($entry["image_path"] != null)
$message->set_image_path($entry["image_path"]);
@ -985,11 +1040,11 @@ class Conversations {
$conversation = new UnreadConversation();
$conversation->set_id($entry["ID_comunic_conversations_list"]);
$conversation->set_id($entry["conv_id"]);
if($entry["name"] != null)
$conversation->set_conv_name($entry["name"]);
$conversation->set_last_active($entry["last_active"]);
$conversation->set_userID($entry["ID_utilisateurs"]);
$conversation->set_userID($entry["user_id"]);
if($entry["message"] != null)
$conversation->set_message($entry["message"]);

839
classes/components/GroupsComponent.php Normal file
View File

@ -0,0 +1,839 @@
<?php
/**
* Groups component
*
* @author Pierre HUBERT
*/
class GroupsComponent {
/**
* Groups list table
*/
const GROUPS_LIST_TABLE = DBprefix . "groups";
/**
* Groups members table
*/
const GROUPS_MEMBERS_TABLE = DBprefix."groups_members";
/**
* Create a new group
*
* @param NewGroup $newGroup Information about the new group
* to create
* @return int The ID of the created group / -1 in case of failure
*/
public function create(NewGroup $newGroup) : int {
//Insert the group in the database
db()->addLine(self::GROUPS_LIST_TABLE, array(
"time_create" => $newGroup->get_time_sent(),
"userid_create" => $newGroup->get_userID(),
"name" => $newGroup->get_name()
));
//Get the ID of the last inserted group
$groupID = db()->getLastInsertedID();
//Check for errors
if(!$groupID > 0)
return -1;
//Register the user who created the group as an admin of the group
$member = new GroupMember;
$member->set_group_id($groupID);
$member->set_userID($newGroup->get_userID());
$member->set_time_sent($newGroup->get_time_sent());
$member->set_level(GroupMember::ADMINISTRATOR);
$this->insertMember($member);
return $groupID;
}
/**
* Check whether a group exists or not
*
* @param int $id The ID of the target group
* @return bool TRUE if the group exists / FALSE else
*/
public function exists(int $id) : bool {
return db()->count(
self::GROUPS_LIST_TABLE,
"WHERE id = ?",
array($id)
) > 0;
}
/**
* Get the list of groups of a user
*
* @param int $userID The ID of the target user
* @return array The list of groups of the user
*/
public function getListUser(int $userID) : array {
//First, get IDs of the groups the user belongs to
$groups = db()->select(
self::GROUPS_MEMBERS_TABLE,
"WHERE user_id = ?",
array($userID),
array("groups_id")
);
//Parse results
$info = array();
foreach($groups as $group)
$info[] = $this->get_info($group["groups_id"]);
return $info;
}
/**
* Get the visibility level of a group
*
* @param int $id The ID of the target group
* @return int The visibility level of the group
*/
public function getVisiblity(int $id) : int {
$data = db()->select(
self::GROUPS_LIST_TABLE,
"WHERE id = ?",
array($id),
array("visibility")
);
if(count($data) < 1)
throw new Exception("Group " . $id . " does not exists!");
return $data[0]["visibility"];
}
/**
* Find a group by its virtual directory
*
* @param string $directory The directory to search
* @return int The ID of the target group / 0 if none found
*/
public function findByVirtualDirectory(string $directory) : int {
$data = db()->select(
self::GROUPS_LIST_TABLE,
"WHERE virtual_directory = ?",
array($directory),
array("id")
);
if(count($data) == 0)
return 0;
else
return $data[0]["id"];
}
/**
* Get and return information about a group
*
* @param int $id The ID of the target group
* @return GroupInfo Information about the group / invalid
* object in case of failure
*/
public function get_info(int $id) : GroupInfo {
//Query the database
$info = db()->select(self::GROUPS_LIST_TABLE, "WHERE id = ?", array($id));
//Check for results
if(count($info) == 0)
return new GroupInfo(); //Return invalid object
//Create and fill GroupInfo object with database entry
return $this->dbToGroupInfo($info[0]);
}
/**
* Get and return advanced information about a group
*
* @param int $id The ID of the target group
* @return GroupInfo Information about the group / invalid
* object in case of failure
*/
public function get_advanced_info(int $id) : AdvancedGroupInfo {
//Query the database
$info = db()->select(self::GROUPS_LIST_TABLE, "WHERE id = ?", array($id));
//Check for results
if(count($info) == 0)
return new AdvancedGroupInfo(); //Return invalid object
//Create and fill GroupInfo object with database entry
return $this->dbToAdvancedGroupInfo($info[0], null, TRUE);
}
/**
* Get a group settings
*
* @param int $id The ID of the target group
* @return GroupSettings The settings of the group / invalid
* GroupSettings object in case of failure
*/
public function get_settings(int $id) : GroupSettings {
//Query the database
$info = db()->select(self::GROUPS_LIST_TABLE, "WHERE id = ?", array($id));
//Check for results
if(count($info) == 0)
return new GroupSettings(); //Return invalid object
//Create and fill GroupInfo object with database entry
return $this->dbToGroupSettings($info[0]);
}
/**
* Set (update) group settings
*
* @param GroupSettings $settings The settings to update
* @return bool TRUE for a success / FALSE
*/
public function set_settings(GroupSettings $settings) : bool {
//Generate database entry
$modif = $this->GroupSettingsToDB($settings);
//Apply update
return db()->updateDB(
self::GROUPS_LIST_TABLE,
"id = ?",
$modif,
array($settings->get_id()));
}
/**
* Get the list of members of a group
*
* @param int $groupID The ID of the group to fetch
* @return array The list of members of the group
*/
public function getListMembers(int $groupID) : array {
$members = db()->select(
self::GROUPS_MEMBERS_TABLE,
"WHERE groups_id = ?",
array($groupID)
);
//Process the list of results
return $this->multipleDBToGroupMember($members);
}
/**
* Get the list of members of the group that follows it
*
* @param int $groupID The ID of the target group
* @return array The list of members
*/
public function getListFollowers(int $groupID) : array {
$result = db()->select(
self::GROUPS_MEMBERS_TABLE,
"WHERE groups_id = ? AND following = 1",
array($groupID),
array("user_id")
);
//Parse the list of IDs
$list = array();
foreach($result as $el)
$list[] = $el["user_id"];
return $list;
}
/**
* Get the list of groups a user is following
*
* @param int $userID The ID of the target group
* @return array The IDs of the groups followed by the user
*/
public function getListFollowedByUser(int $userID) : array {
$result = db()->select(
self::GROUPS_MEMBERS_TABLE,
"WHERE user_id = ? AND following = 1",
array($userID),
array("groups_id")
);
//Parse the list of IDs
$list = array();
foreach($result as $el)
$list[] = $el["groups_id"];
return $list;
}
/**
* Count the number of a kind of membership in a group
*
* @param int $groupID The ID of the target group
* @param int $level The membership level to count
* @return int The number of administrators of the group
*/
public function countMembersAtLevel(int $groupID, int $level) : int {
return db()->count(
self::GROUPS_MEMBERS_TABLE,
"WHERE groups_id = ? AND level = ?",
array($groupID, $level)
);
}
/**
* Insert a new group member
*
* @param GroupMember $member Information about the member to insert
* @return bool TRUE for a success / FALSE else
*/
public function insertMember(GroupMember $member) : bool {
return db()->addLine(self::GROUPS_MEMBERS_TABLE, array(
"groups_id" => $member->get_group_id(),
"user_id" => $member->get_userID(),
"time_create" => $member->get_time_sent(),
"level" => $member->get_level()
));
}
/**
* Update a membership level
*
* @param int $userID The ID of the target user
* @param int $groupID The ID of the related group
* @param int $level The target level
* @return bool TRUE for a success / FALSE else
*/
public function updateMembershipLevel(int $userID, int $groupID, int $level) : bool {
return db()->updateDB(
self::GROUPS_MEMBERS_TABLE,
"user_id = ? AND groups_id = ?",
array("level" => $level),
array($userID, $groupID)
);
}
/**
* Check whether a user has already a saved membership in a group or not
*
* @param int $userID The ID of the target user
* @param int $groupID The ID of the target group
* @return bool TRUE if the database includes a membership for the user / FALSE else
*/
public function hasMembership(int $userID, int $groupID) : bool {
return db()->count(
self::GROUPS_MEMBERS_TABLE,
"WHERE groups_id = ? AND user_id = ?",
array($groupID, $userID)) > 0;
}
/**
* Delete a user membership with a precise status
*
* @param int $userID Target user ID
* @param int $groupID Target group
* @param int $status The status of the membership to delete
* @return bool TRUE for a success / FALSE else
*/
public function deleteMembershipWithStatus(int $userID, int $groupID, int $status) : bool {
return db()->deleteEntry(
self::GROUPS_MEMBERS_TABLE,
"groups_id = ? AND user_id = ? AND level = ?",
array($groupID, $userID, $status)
);
}
/**
* Check whether a user received an invitation or not
*
* @param int $userID The ID of the user to check
* @param int $groupID The ID of the related group
* @return bool TRUE if the user received an invitation / FALSE else
*/
public function receivedInvitation(int $userID, int $groupID) : bool {
return db()->count(
self::GROUPS_MEMBERS_TABLE,
"WHERE groups_id = ? AND user_ID = ? AND level = ?",
array($groupID, $userID, GroupMember::INVITED)
) > 0;
}
/**
* Respond to a membership invitation
*
* @param int $userID The ID of the target user
* @param int $groupID The ID of the related group
* @param bool $accept Set wether the user accept the invitation or not
* @return bool TRUE for a success / FALSE else
*/
public function respondInvitation(int $userID, int $groupID, bool $accept) : bool {
//If the user reject the invitation, delete it
if(!$accept)
return $this->deleteInvitation($userID, $groupID);
//Upgrade the user as member
return $this->updateMembershipLevel($userID, $groupID, GroupMember::MEMBER);
}
/**
* Respond to a membership request
*
* @param int $userID The ID of the target user
* @param int $groupID The ID of the related group
* @param bool $accept Set whether the request was accepted or not
* @return bool TRUE for a success / FALSE else
*/
public function respondRequest(int $userID, int $groupID, bool $accept) : bool {
//If the user reject the invitation, delete it
if(!$accept)
return $this->deleteRequest($userID, $groupID);
//Upgrade the user as member
return $this->updateMembershipLevel($userID, $groupID, GroupMember::MEMBER);
}
/**
* Delete a membership invitation
*
* @param int $userID The ID of the target user
* @param int $groupID The ID of the related group
* @return bool TRUE for a success / FALSE else
*/
public function deleteInvitation(int $userID, int $groupID) : bool {
return $this->deleteMembershipWithStatus($userID, $groupID, GroupMember::INVITED);
}
/**
* Delete a membership request
*
* @param int $userID The ID of the target user
* @param int $groupID The ID of the related group
* @return bool TRUE for a success / FALSE else
*/
public function deleteRequest(int $userID, int $groupID) : bool {
return $this->deleteMembershipWithStatus($userID, $groupID, GroupMember::PENDING);
}
/**
* Get the membership level of a user to a group
*
* @param int $userID The ID of the queried user
* @param int $groupID The ID of the target group
* @return int The membership level of the user
*/
public function getMembershipLevel(int $userID, int $groupID) : int {
//Check for membership
if(!$this->hasMembership($userID, $groupID))
return GroupMember::VISITOR;
//Fetch the database to get membership
$results = db()->select(
self::GROUPS_MEMBERS_TABLE,
"WHERE groups_id = ? AND user_id = ?",
array($groupID, $userID),
array("level")
);
//Check for results
if(count($results) < 0)
return GroupMember::VISITOR; //Security first
return $results[0]["level"];
}
/**
* Get information the membership of a user over a group
*
* @param int $userID The ID of the target user
* @param int $groupID The ID of the target group
* @param GroupMember User membership
*/
public function getMembership(int $userID, int $groupID) : GroupMember {
//Fetch the database to get membership
$results = db()->select(
self::GROUPS_MEMBERS_TABLE,
"WHERE groups_id = ? AND user_id = ?",
array($groupID, $userID)
);
//Check for results
if(count($results) < 0)
return new GroupMember(); //Invalid object
return $this->dbToGroupMember($results[0]);
}
/**
* Determine whether a user is following or not a group
*
* @param int $userID Target user ID
* @param int $groupID The ID of the related group
* @return bool TRUE if the user is following the group / FALSE else
*/
public function isFollowing(int $userID, int $groupID) : bool {
return db()->count(
self::GROUPS_MEMBERS_TABLE,
"WHERE groups_id = ? AND user_ID = ? AND following = 1",
array($groupID, $userID)
) > 0;
}
/**
* Check whether a user is an administrator of a group
* or not
*
* @param int $userID Requested user ID to check
* @param int $groupID Requested group to check
* @return bool TRUE if the user is an admin / FALSE else
*/
public function isAdmin(int $userID, int $groupID) : bool {
return $this->getMembershipLevel($userID, $groupID)
== GroupMember::ADMINISTRATOR;
}
/**
* Check whether a group is open or not
*
* @param int $groupID The ID of the target group
* @return bool TRUE if the group is open / FALSE else
*/
public function isOpen(int $groupID) : bool {
return db()->count(
self::GROUPS_LIST_TABLE,
"WHERE id = ? AND visibility = ?",
array($groupID, GroupInfo::OPEN_GROUP)) > 0;
}
/**
* Check whether a group is secret or not
*
* @param int $groupID The ID of the target group
* @return bool TRUE if the group is open / FALSE else
*/
public function isSecret(int $groupID) : bool {
return db()->count(
self::GROUPS_LIST_TABLE,
"WHERE id = ? AND visibility = ?",
array($groupID, GroupInfo::SECRET_GROUP)) > 0;
}
/**
* Count the number of members of a group
*
* @param int $id The ID of the target group
* @return int The number of members of the group
*/
private function countMembers(int $id) : int {
return db()->count(self::GROUPS_MEMBERS_TABLE,
"WHERE groups_id = ?",
array($id));
}
/**
* Get and return the access level of a user over a group
*
* @param int $groupID The ID of the target group
* @param int $userID The ID of the user
* @return int The visiblity access level of the user
*/
public function getAccessLevel(int $groupID, int $userID) : int {
if($userID > 0)
//Get the membership level of the user
$membership_level = $this->getMembershipLevel($userID, $groupID);
else
$membership_level = GroupMember::VISITOR; //Signed out users are all visitors
//Check if the user is a confirmed member of group
if($membership_level == GroupMember::ADMINISTRATOR)
return GroupInfo::ADMIN_ACCESS;
if($membership_level == GroupMember::MODERATOR)
return GroupInfo::MODERATOR_ACCESS;
if($membership_level == GroupMember::MEMBER)
return GroupInfo::MEMBER_ACCESS;
//Get the visibility level of the group
$group_visibility_level = $this->getVisiblity($groupID);
//If the group is open, everyone has view access
if($group_visibility_level == GroupInfo::OPEN_GROUP)
return GroupInfo::VIEW_ACCESS;
//Else, all pending and invited membership get limited access
if($membership_level == GroupMember::PENDING ||
$membership_level == GroupMember::INVITED)
return GroupInfo::LIMITED_ACCESS;
//Private groups gives limited access
if($group_visibility_level == GroupInfo::PRIVATE_GROUP)
return GroupInfo::LIMITED_ACCESS;
//Else the user can not see the group
return GroupInfo::NO_ACCESS;
}
/**
* Check whether a user can create posts or not on a group
*
* @param int $userID The related user ID
* @param int $groupID The ID of the target group
* @return bool TRUE if the user is authorized / FALSE else
*/
public function canUserCreatePost(int $userID, int $groupID) : bool {
//Get the membership level of the user over the post
$membership_level = $this->getMembershipLevel($userID, $groupID);
//Moderators + administrators : can always create posts
if($membership_level == GroupMember::ADMINISTRATOR
|| $membership_level == GroupMember::MODERATOR)
return TRUE;
if($membership_level == GroupMember::MEMBER) {
//Get information about the group to check whether all the members of
//the group are authorized to create posts or not
$group = $this->get_advanced_info($groupID);
if($group->get_posts_level() == GroupInfo::POSTS_LEVEL_ALL_MEMBERS)
return TRUE;
}
//Other members can not create posts
return FALSE;
}
/**
* Delete current group logo (if any)
*
* @param int $id The ID of the target group
* @return bool TRUE if the logo was deleted / FALSE else
*/
public function deleteLogo(int $id) : bool {
//Get the current settings of the group
$settings = $this->get_settings($id);
//Check if the group has currently an group logo or not
if($settings->has_logo()){
//Delete the previous logo
if(file_exists($settings->get_logo_sys_path()))
if(!unlink($settings->get_logo_sys_path()))
return FALSE;
//Save new information
$settings->set_logo("null");
return $this->set_settings($settings);
}
//Success (nothing to be done)
return TRUE;
}
/**
* Check whether a directory is available or not
*
* @param string $directory The directory to check
* @param int $groupID The ID of the target group
* @return bool TRUE if the directory is available / FALSE
*/
public function checkDirectoryAvailability(string $directory, int $groupID) : int {
$currID = $this->findByVirtualDirectory($directory);
//Check if the domain has not been allocated
if($currID < 1)
return TRUE;
else
//Else check if the directory has been allocated to the current user
return $groupID == $currID;
}
/**
* Set (update) user following status
*
* @param int $groupID Target group ID
* @param int $userID Target user ID
* @param bool $following New following status
* @return bool TRUE to follow / FALSE else
*/
public function setFollowing(int $groupID, int $userID, bool $following) : bool {
return db()->updateDB(
self::GROUPS_MEMBERS_TABLE,
"groups_id = ? AND user_id = ?",
array("following" => $following ? 1 : 0),
array($groupID, $userID));
}
/**
* Turn a database entry into a GroupInfo object
*
* @param array $data Database entry
* @param GroupInfo $group The object to fill with the information (optionnal)
* @return GroupInfo Generated object
*/
private function dbToGroupInfo(array $data, GroupInfo $info = null) : GroupInfo {
if($info == null)
$info = new GroupInfo();
$info->set_id($data["id"]);
$info->set_name($data["name"]);
$info->set_number_members($this->countMembers($info->get_id()));
$info->set_membership_level($this->getMembershipLevel(userID, $info->get_id()));
$info->set_visibility($data["visibility"]);
$info->set_registration_level($data["registration_level"]);
$info->set_posts_level($data["posts_level"]);
if($data["path_logo"] != null && $data["path_logo"] != "" && $data["path_logo"] != "null")
$info->set_logo($data["path_logo"]);
if($data["virtual_directory"] != null && $data["virtual_directory"] != "" && $data["virtual_directory"] != "null")
$info->set_virtual_directory($data["virtual_directory"]);
return $info;
}
/**
* Turn a database group entry into AdvancedGroupInfo object entry
*
* @param array $data Database entry
* @param AdvancedGroupInfo $info Optionnal, fill an existing object
* instead of creating a new one
* @param bool $load_likes Specified whether the likes of the group should
* be loaded or not (default: FALSE)
* @return AdvancedGroupInfo Advanced information about the group
*/
private function dbToAdvancedGroupInfo(array $data, AdvancedGroupInfo $info = null, bool $load_likes = FALSE) : AdvancedGroupInfo {
if($info == null)
$info = new AdvancedGroupInfo();
//Parse basical information about the group
$this->dbToGroupInfo($data, $info);
//Parse advanced information
$info->set_time_create($data["time_create"]);
if($data["description"] != null && $data["description"] != "" && $data["description"] != "null")
$info->set_description($data["description"]);
if($data["url"] != null && $data["url"] != "" && $data["url"] != "null")
$info->set_url($data["url"]);
//Load likes information, if required
if($load_likes){
$info->set_number_likes(components()->likes->count($info->get_id(), Likes::LIKE_GROUP));
}
return $info;
}
/**
* Turn a database group entry into GroupSettings object
*
* @param array $data Database entry
* @return GroupSettings The settings of the group
*/
private function dbToGroupSettings(array $data) : GroupSettings {
//Parse advanced settings about the group
$info = new GroupSettings();
$this->dbToAdvancedGroupInfo($data, $info);
return $info;
}
/**
* Turn a GroupSettings object into a database entry
*
* @param GroupSettings $settings The object to convert
* @return array Generated database entry
*/
private function GroupSettingsToDB(GroupSettings $settings) : array {
$data = array();
if($settings->has_name())
$data["name"] = $settings->get_name();
if($settings->has_logo())
$data["path_logo"] = $settings->get_logo();
if($settings->has_visibility())
$data["visibility"] = $settings->get_visibility();
if($settings->has_registration_level())
$data["registration_level"] = $settings->get_registration_level();
if($settings->has_posts_level())
$data["posts_level"] = $settings->get_posts_level();
$data["virtual_directory"] =
$settings->has_virtual_directory() ? $settings->get_virtual_directory() : "";
$data["description"] =
$settings->has_description() ? $settings->get_description() : "";
$data["url"] =
$settings->has_url() ? $settings->get_url() : "";
return $data;
}
/**
* Turn multiple database entries into GroupMember entries
*
* @param array $entries The entries to process
* @return array Generated GroupMember objects
*/
private function multipleDBToGroupMember(array $entries) : array {
foreach($entries as $num => $entry)
$entries[$num] = $this->dbToGroupMember($entry);
return $entries;
}
/**
* Turn a database entry into a GroupMember entry
*
* @param array $entry The database entry to convert
* @return GroupMember Generated entry
*/
private function dbToGroupMember(array $entry) : GroupMember {
$member = new GroupMember();
$member->set_id($entry["id"]);
$member->set_group_id($entry["groups_id"]);
$member->set_userID($entry["user_id"]);
$member->set_time_sent($entry["time_create"]);
$member->set_level($entry["level"]);
$member->set_following($entry["following"] == 1);
return $member;
}
}
//Register component
Components::register("groups", new GroupsComponent());

13
classes/components/MailQueue.php Normal file
View File

@ -0,0 +1,13 @@
<?php
/**
* Mail queue component
*
* @author Pierre HUBERT
*/
class MailQueue {
}
//Register component
Components::register("mail", new MailQueue());

95
classes/components/SettingsComponent.php
View File

@ -64,6 +64,42 @@ class SettingsComponents {
return $folderUserID == $userID;
}
/**
* Get and return language settings of a user
*
* @param int $userID Target user ID
* @return LanguageSettings The language settings of the user / invalid object
* in case of failure
*/
public function get_language(int $userID) : LanguageSettings {
//Get user database entry
$entry = $this->getDBUserInfo($userID);
//Check for error
if(count($entry) == 0)
return new LanguageSettings(); //Return invalid object
//Parse database entry into LanguageSettings entry
return $this->dbToLanguageSettings($entry);
}
/**
* Save new version of the language settings of a user
*
* @param LanguageSettings $settings The settings to save in the database
* @return bool TRUE in case of success / FALSE else
*/
public function save_language(LanguageSettings $settings) : bool {
//Convert LanguageSettings object into database entry
$entry = $this->LanguageSettingsToDb($settings);
//Save information in the database
return $this->saveDBUserInfo($settings->get_id(), $entry);
}
/**
* Get and return security settings of a user
*
@ -84,6 +120,28 @@ class SettingsComponents {
return $this->dbToSecuritySettings($entry);
}
/**
* Check whether the user has defined security questions or not
*
* @param int $userID Target user ID
* @return bool TRUE if the user has defined security questions / FALSE else
*/
public function has_security_questions(int $userID) : bool {
//Get security settings
$security = $this->get_security($userID);
//Check for errors
if(!$security->isValid())
return FALSE;
return $security->has_security_question_1() &&
$security->has_security_answer_1() &&
$security->has_security_question_2() &&
$security->has_security_answer_2();
}
/**
* Save new version of the security settings of a user
*
@ -195,6 +253,21 @@ class SettingsComponents {
return $data;
}
/**
* Parse a user information into LanguageSettings object
*
* @param array $entry The entry to parse
* @return LanguageSettings Generated model
*/
private function dbToLanguageSettings(array $entry) : LanguageSettings {
$obj = new LanguageSettings();
$obj->set_id($entry['ID']);
$obj->set_lang($entry["lang"]);
return $obj;
}
/**
* Parse a user information entry into SecuritySettings object
*
@ -206,15 +279,29 @@ class SettingsComponents {
$obj = new SecuritySettings();
$obj->set_id($entry['ID']);
$obj->set_security_question_1($entry["question1"]);
$obj->set_security_answer_1($entry["reponse1"]);
$obj->set_security_question_2($entry["question2"]);
$obj->set_security_answer_2($entry["reponse2"]);
if($entry["question1"] != null) $obj->set_security_question_1($entry["question1"]);
if($entry["reponse1"] != null) $obj->set_security_answer_1($entry["reponse1"]);
if($entry["question2"] != null) $obj->set_security_question_2($entry["question2"]);
if($entry["reponse2"] != null) $obj->set_security_answer_2($entry["reponse2"]);
return $obj;
}
/**
* Turn LanguageSettings object into database entry
*
* @param LanguageSettings $settings Language settings to turn into database entry
* @return array Generated entry
*/
private function LanguageSettingsToDb(LanguageSettings $settings) : array {
$data = array();
$data["lang"] = $settings->get_lang();
return $data;
}
/**
* Turn SecuritySettings object into database entry
*

57
classes/components/backgroundImage.php
View File

@ -1,57 +0,0 @@
<?php
/**
* User background image class
*
* @author Pierre HUBERT
*/
class BackgroundImage {
/**
* @var String Base folder path for account image
*/
private $files_path;
/**
* @var String Base URL for account images
*/
private $files_url;
/**
* @var String Default background image
*/
private $defaultFile = "0.jpg";
/**
* Constructor of the class
*/
public function __construct(){
//Set values
$this->files_path = path_user_data(CS::get()->config->get("backgroundImagePath"), true);
$this->files_url = path_user_data(CS::get()->config->get("backgroundImagePath"), false);
}
/**
* Returns the path of a background image
*
* @param Integer $userID The ID of the user on which we perform research
* @return String The URL pointing on the background image
*/
public function getPath(int $userID) : string {
//First, check if the background image exists
$backgroundImageRefFile = $this->files_path."adresse_imgfond/".$userID.".txt";
if(file_exists($backgroundImageRefFile)){
//Get background image path and return it
return $this->files_url.file_get_contents($backgroundImageRefFile);
}
else {
//Return default background image
return $this->files_url.$this->defaultFile;
}
}
}
//Register class
Components::register("backgroundImage", new BackgroundImage());

13
classes/components/friends.php
View File

@ -409,6 +409,19 @@ class friends {
}
/**
* Count the number of friendship requests a user has received
*
* @param int $userID Target user ID
* @return int The number of friendship request the user received
*/
public function count_requests(int $userID) : int {
return db()->count(
$this->friendsTable,
"WHERE ID_personne = ? AND actif = 0",
array($userID));
}
/**
* Parse friend informations from the database
*

4
classes/components/likes.php
View File

@ -18,6 +18,7 @@ class Likes {
const LIKE_USER = "user";
const LIKE_POST = "post";
const LIKE_COMMENT = "comment";
const LIKE_GROUP = "group";
/**
* Translation of the kinds of like for the database
@ -25,7 +26,8 @@ class Likes {
const KINDS_DB = array(
Likes::LIKE_USER => "page",
Likes::LIKE_POST => "texte",
Likes::LIKE_COMMENT => "commentaire"
Likes::LIKE_COMMENT => "commentaire",
Likes::LIKE_GROUP => "group"
);
/**

102
classes/components/notifications.php
View File

@ -101,10 +101,20 @@ class notificationComponent {
return false;
//Update post informations
$notification->set_from_container_type(Notification::USER_PAGE);
$notification->set_from_container_id($info_post->get_user_page_id());
if($info_post->get_kind_page() == Posts::PAGE_KIND_USER){
$notification->set_from_container_type(Notification::USER_PAGE);
$notification->set_from_container_id($info_post->get_user_page_id());
}
else if($info_post->get_kind_page() == Posts::PAGE_KIND_GROUP){
$notification->set_from_container_type(Notification::GROUP_PAGE);
$notification->set_from_container_id($info_post->get_group_id());
}
else
throw new Exception("Unsupported page kind: ".$info_post->get_kind_page());
//Check if the notification is private or not
//Private posts
if($info_post->get_visibility_level() == Posts::VISIBILITY_USER){
//Push the notification only to the user, and only if it is not him
@ -117,7 +127,9 @@ class notificationComponent {
//Push the notification
return $this->push_private($notification);
}
else {
//For the posts on user pages
else if($notification->get_from_container_type() == Notification::USER_PAGE) {
//Get the list of friends of the user
$friendslist = components()->friends->getList($notification->get_from_user_id());
@ -146,6 +158,18 @@ class notificationComponent {
}
//For the posts on groups
else if($notification->get_from_container_type() == Notification::GROUP_PAGE){
//Push to all the members of a group who follows it
return $this->push_members_group($notification, $notification->get_from_container_id());
}
//Unimplemented scenario
else {
throw new Exception("Notification scenarios not implemented!");
}
}
//Handles friendship request notifications
@ -160,6 +184,28 @@ class notificationComponent {
}
//Handles groups membership notifications
else if($notification->get_on_elem_type() == Notification::GROUP_MEMBERSHIP){
//Complete the notification
$notification->set_from_container_id(0);
$notification->set_from_container_type("");
//Check whether the notification has to be pushed to a single user
//or to all the moderators of the page
if($notification->has_dest_user_id())
//Push the notification in private way (if it has a destination,
//generally the target of the membership request)
return $this->push_private($notification);
else {
//Push the notification to all the moderators of the group
return $this->push_group_moderators($notification, $notification->get_on_elem_id());
}
}
//Unsupported element
else {
throw new Exception("The kind of notification ".$notification->get_on_elem_type()." is not currently supported !");
@ -167,6 +213,56 @@ class notificationComponent {
}
/**
* Push a notification to all the members of a group following it
*
* @param Notification $notification The notification to push
* @param int $groupID Target group ID
* @return bool TRUE success / FALSE else
*/
private function push_members_group(Notification $notification, int $groupID) : bool {
//Get the list of the members of the group that follows it
$list = components()->groups->getListFollowers($groupID);
//Process the list of followers
$target_users = array();
foreach($list as $userID){
//If the current follower is the user creating the notification
if($userID == $notification->get_from_user_id())
continue;
$target_users[] = $userID;
}
//Push the notification
return $this->push_public($notification, $target_users);
}
/**
* Push a notification to all the moderators of a group
*
* @param Notification $notification The notification to push
* @param int $groupID The ID of the target group
* @return bool TRUE for a success / FALSE else
*/
private function push_group_moderators(Notification $notification, int $groupID) : bool {
//Get the list of the moderators of the group
$members = components()->groups->getListMembers($groupID);
$moderators = array();
foreach($members as $member){
if($member->get_level() <= GroupMember::MODERATOR)
$moderators[] = $member->get_userID();
}
return $this->push_public($notification, $moderators);
}
/**
* Push a notification to several users
*

197
classes/components/posts.php
View File

@ -19,6 +19,9 @@ class Posts {
//Posts that can be seen by the user only
const VISIBILITY_USER = 3;
//Posts that can be seen by the members of a group (same as friends)
const VISIBILITY_GROUP_MEMBERS = 50;
/**
* Access level to a post
*/
@ -39,6 +42,7 @@ class Posts {
*/
//Post on user page
const PAGE_KIND_USER = "user";
const PAGE_KIND_GROUP = "group";
/**
* Kinds of post
@ -118,7 +122,7 @@ class Posts {
$visibilityLevel = $this->getUserVisibility($userID, $targetID);
//Prepare the request on the database
$conditions = "WHERE ID_personne = ? AND (";
$conditions = "WHERE ID_personne = ? AND group_id = 0 AND (";
$dataConds = array($targetID);
//Add the visibility level conditions
@ -158,15 +162,68 @@ class Posts {
}
/**
* Get the posts of a group
*
* @param int $groupID The ID of the related group
* @param bool $all_posts Specify whether we should get all the posts of the user or not
* @param int $from Start point for the query
* @param int $limit The limit for the request (default = 10)
*/
public function getGroupPosts(int $groupID, bool $all_posts, int $from = 0, int $limit = 10){
//Check the value of limit (security)
if($limit < 1){
throw new Exception("The limit of the query must absolutly be positive !");
}
//Get user visibility level
$visibilityLevel = $all_posts ? $this::VISIBILITY_GROUP_MEMBERS : $this::VISIBILITY_PUBLIC;
//Prepare the request on the database
$conditions = "WHERE group_id = ? AND (";
$dataConds = array($groupID);
//Add the visibility level conditions
$conditions .= "(niveau_visibilite <= ?)";
$dataConds[] = $visibilityLevel;
//Close permissions conditions
$conditions .= ")";
//Add startpoint condition if required (and get older messages)
if($from != 0){
$conditions .= " AND ID <= ? ";
$dataConds[] = $from;
}
//Specify order and limit
$conditions.= " ORDER BY ID DESC LIMIT ".$limit;
//Perform the request
$list = CS::get()->db->select(
$this::TABLE_NAME,
$conditions,
$dataConds
);
//Parse and return posts
return $this->processGetMultiple($list, TRUE);
}
/**
* Get the list of latest posts for a user
*
* @param int $userID The ID of the user requesting its list of posts
* @param int $startPoint The startpoint of the research (default: 0 = none)
* @param int $limit The limit of the research (default: 10)
* @param bool $include_groups Specify whether groups post can be selected
* too or not
* @return array The list of newest posts for the user
*/
public function get_latest(int $userID, int $startPoint = 0, int $limit = 10) : array {
public function get_latest(int $userID, int $startPoint = 0,
int $limit = 10, bool $include_groups) : array {
//Check the value of limit (security)
if($limit < 1){
@ -182,27 +239,41 @@ class Posts {
//Prepare the request on the database
//Add the visibility level conditions
$conditions = "WHERE niveau_visibilite <= ? AND (ID_personne = ?";
$conditions = "WHERE ((group_id = 0 AND niveau_visibilite <= ? AND (ID_personne = ?";
$dataConds = array($visibilityLevel, $userID);
//Process the list of friends of the user
foreach($friendsList as $friend){
$friendID = $friend->getFriendID();
$conditions .= " OR ID_personne = ?";
$conditions .= " OR (ID_personne = ?)";
$dataConds[] = $friendID;
}
//Close user list conditions
$conditions .= ")";
$conditions .= "))";
//Check whether posts from groups should be included too
if($include_groups){
//Get the list of groups the user is following
$groups = components()->groups->getListFollowedByUser($userID);
//Process the list of groups
foreach($groups as $groupID){
$conditions .= " OR (group_id = ?)";
$dataConds[] = $groupID;
}
}
//Add startpoint condition if required (and get older messages)
if($startPoint != 0){
$conditions .= " AND ID <= ? ";
$conditions .= ") AND (ID <= ? ";
$dataConds[] = $startPoint;
}
//Specify order and limit
$conditions.= " ORDER BY ID DESC LIMIT ".$limit;
$conditions.= ") ORDER BY ID DESC LIMIT ".$limit;
//Perform the request
$list = CS::get()->db->select(
@ -334,52 +405,82 @@ class Posts {
if($post_info->get_userID() == $userID)
return $this::FULL_ACCESS;
//Check if the post was made on the user page
if($post_info->get_user_page_id() == $userID)
return $this::INTERMEDIATE_ACCESS;
//Special checks if the posts belongs to a user's page
if($post_info->get_kind_page() == Posts::PAGE_KIND_USER){
//Check if the post is private
if($post_info->get_visibility_level() == $this::VISIBILITY_USER)
return $this::NO_ACCESS;
//Check if the post was made on the user page
if($post_info->get_user_page_id() == $userID)
return $this::INTERMEDIATE_ACCESS;
//Check if the post is for friends only
if($post_info->get_visibility_level() == $this::VISIBILITY_FRIENDS){
//Check if user is signed in
if($userID == 0)
//Check if the post is private
if($post_info->get_visibility_level() == $this::VISIBILITY_USER)
return $this::NO_ACCESS;
//Check if this user and the owner of the page are friends or not
else if(!CS::get()->components->friends->are_friend($userID, $post_info->get_user_page_id()))
return $this::NO_ACCESS;
//Check if the post is for friends only
if($post_info->get_visibility_level() == $this::VISIBILITY_FRIENDS){
else
//User can access the post
return $this::BASIC_ACCESS;
}
//Check if user is signed in
if($userID == 0)
return $this::NO_ACCESS;
//Check if the post is public
if($post_info->get_visibility_level() == $this::VISIBILITY_PUBLIC){
//Check if this user and the owner of the page are friends or not
else if(!CS::get()->components->friends->are_friend($userID, $post_info->get_user_page_id()))
return $this::NO_ACCESS;
//Check if the two personns are friend
if($userID != 0){
if(CS::get()->components->friends->are_friend($userID, $post_info->get_user_page_id()))
else
//User can access the post
return $this::BASIC_ACCESS;
}
//Get user visibility level
$visibilityLevel = CS::get()->components->user->getVisibility($post_info->get_user_page_id());
//Check if the post is public
if($post_info->get_visibility_level() == $this::VISIBILITY_PUBLIC){
//If the page is open, access is free
if($visibilityLevel == UserComponent::USER_PAGE_OPEN)
//Check if the two personns are friend
if($userID != 0){
if(CS::get()->components->friends->are_friend($userID, $post_info->get_user_page_id()))
return $this::BASIC_ACCESS;
}
//Get user visibility level
$visibilityLevel = CS::get()->components->user->getVisibility($post_info->get_user_page_id());
//If the page is open, access is free
if($visibilityLevel == UserComponent::USER_PAGE_OPEN)
return $this::BASIC_ACCESS;
//Else check if the user is signed in and the page is public
else if($userID != 0 AND $visibilityLevel == UserComponent::USER_PAGE_PUBLIC)
return $this::BASIC_ACCESS;
else
return $this::NO_ACCESS;
}
}
//Checks if the posts belongs to a group's page
if($post_info->get_kind_page() == Posts::PAGE_KIND_GROUP){
//Get the access level of the user over the group
$access_level = components()->groups->getMembershipLevel($userID, $post_info->get_group_id());
//Moderators and administrators can delete all the posts of the group
if($access_level < GroupMember::MEMBER)
return $this::INTERMEDIATE_ACCESS;
//Members of a group can see all the posts of the group
if($access_level == GroupMember::MEMBER)
return $this::BASIC_ACCESS;
//Else check if the user is signed in and the page is public
else if($userID != 0 AND $visibilityLevel == UserComponent::USER_PAGE_PUBLIC)
return $this::BASIC_ACCESS;
else
//Check if the post is public or not
if($post_info->get_visibility_level() != Posts::VISIBILITY_PUBLIC)
return $this::NO_ACCESS;
//Check if the group is open or not
if(!components()->groups->isOpen($post_info->get_group_id()))
return $this::NO_ACCESS;
// Post public + open group > basic access
return $this::BASIC_ACCESS;
}
//Not implemented
@ -408,6 +509,7 @@ class Posts {
$day_end = $array_date_end[0];
$month_end = $array_date_end[1];
$year_end = $array_date_end[2];
$time_end = $post->get_time_end();
}
//Process user page posts
@ -416,6 +518,14 @@ class Posts {
//Determine who is creating the post
$post_user_id = $post->get_kind_page_id();
$post_friend_id = $post->get_kind_page_id() == $post->get_userID() ? 0 : $post->get_userID();
$post_group_id = 0;
}
else if($post->get_kind_page() == $this::PAGE_KIND_GROUP){
$post_user_id = $post->get_userID();
$post_friend_id = 0;
$post_group_id = $post->get_kind_page_id();
}
else {
@ -426,6 +536,7 @@ class Posts {
$data = array(
"ID_personne" => $post_user_id,
"ID_amis" => $post_friend_id,
"group_id" => $post_group_id,
"date_envoi" => mysql_date(),
"time_insert" => time(),
"texte" => $post->has_content() ? $post->get_content() : "",
@ -444,6 +555,7 @@ class Posts {
"jour_fin" => isset($day_end) ? $day_end : null,
"mois_fin" => isset($month_end) ? $month_end : null,
"annee_fin" => isset($year_end) ? $year_end : null,
"time_end" => isset($time_end) ? $time_end : null,
//Weblink page
"url_page" => $post->has_link_url() ? $post->get_link_url() : null,
@ -686,7 +798,11 @@ class Posts {
//General information
$post->set_id($entry["ID"]);
$post->set_userID($entry["ID_amis"] == 0 ? $entry["ID_personne"] : $entry["ID_amis"]);
//Determine the kind of target page and its ID
$post->set_user_page_id($entry["ID_personne"]);
$post->set_group_id($entry["group_id"]);
$post->set_time_sent($entry["time_insert"] == null ? strtotime($entry["date_envoi"]) : $entry["time_insert"]);
$post->set_content($entry["texte"]);
$post->set_visibility_level($entry["niveau_visibilite"]);
@ -707,7 +823,8 @@ class Posts {
//Countdown timer - specific
if($entry['annee_fin'] != 0)
$post->set_time_end(strtotime($entry["annee_fin"]."/".$entry['mois_fin']."/".$entry["jour_fin"]));
if($entry["time_end"] != 0)
$post->set_time_end($entry["time_end"]);
//Web link
$post->set_link_url($entry["url_page"] != null ? $entry["url_page"] : "");

28
classes/components/search.php
View File

@ -37,6 +37,34 @@ class search {
//Return result
return $return;
}
/**
* Search for groups in the database
*
* @param string $query
* @param int $limit (default = 10)
* @return array List of results
*/
public function search_group(string $query, int $limit = 10){
//Query string
$query = "%".$query."%";
//Request
$results = db()->select(
GroupsComponent::GROUPS_LIST_TABLE,
"WHERE name LIKE ? AND visibility != ".GroupInfo::SECRET_GROUP,
array($query),
array("id")
);
//Parse and return results
$list = array();
foreach($results as $el)
$list[] = $el["id"];
return $list;
}
}
//Register class

80
classes/models/AdvancedGroupInfo.php Normal file
View File

@ -0,0 +1,80 @@
<?php
/**
* Advanced information about a group model
*
* @author Pierre HUBERT
*/
//Make sure that GroupInfo has already been included
require_once __DIR__."/GroupInfo.php";
class AdvancedGroupInfo extends GroupInfo {
//Private fields
private $time_create = -1;
private $url;
private $description;
private $number_likes = -1;
private $is_liking = false;
//Get and set the creation time of the group
public function set_time_create(int $time_create){
$this->time_create = $time_create;
}
public function has_time_create() : bool {
return $this->time_create > -1;
}
public function get_time_create() : int {
return $this->time_create;
}
//Set and get url
public function set_url(string $url){
$this->url = $url == "" ? null : $url;
}
public function has_url() : bool {
return $this->url != null;
}
public function get_url() : string {
return $this->url != null ? $this->url : "null";
}
//Set and get description
public function set_description(string $description){
$this->description = $description == "" ? null : $description;
}
public function has_description() : bool {
return $this->description != null;
}
public function get_description() : string {
return $this->description != null ? $this->description : "null";
}
//Set and get the number of likes over the group
public function set_number_likes(int $number_likes){
$this->number_likes = $number_likes;
}
public function has_number_likes() : bool {
return $this->number_likes > -1;
}
public function get_number_likes() : int {
return $this->number_likes;
}
//Set and get wheter the user is liking the group or not
public function setLiking(bool $liking){
$this->is_liking = $liking;
}
public function isLiking() : bool {
return $this->is_liking;
}
}

173
classes/models/GroupInfo.php Normal file
View File

@ -0,0 +1,173 @@
<?php
/**
* Group information model
*
* @author Pierre HUBERT
*/
class GroupInfo extends BaseUniqueObject {
//Path to group logo in user data
const PATH_GROUPS_LOGO = "groups_logo";
//Groups visibility
const OPEN_GROUP = 0;
const PRIVATE_GROUP = 1;
const SECRET_GROUP = 2;
//Registration levels
const OPEN_REGISTRATION = 0;
const MODERATED_REGISTRATION = 1;
const CLOSED_REGISTRATION = 2;
//User access to a group
const NO_ACCESS = 0; //Can not even know if the group exists or not
const LIMITED_ACCESS = 1; //Access to the name of the group only
const VIEW_ACCESS = 2; //Can see the posts of the group, but not a member of the group
const MEMBER_ACCESS = 3; //Member access (same as view access but as member)
const MODERATOR_ACCESS = 4; //Can create posts, even if posts creation is restricted
const ADMIN_ACCESS = 5; //Can do everything
//Post levels
const POSTS_LEVEL_MODERATORS = 0; //Only the moderators and the administrator can create posts
const POSTS_LEVEL_ALL_MEMBERS = 1; //All the members of the group can create posts
//Private fields
private $name;
private $number_members = -1;
private $logo;
private $membership_level = -1;
private $visiblity = -1;
private $registration_level = -1;
private $posts_level = -1;
private $virtual_directory;
private $following = FALSE;
//Get and set the name of group
public function set_name(string $name){
$this->name = $name == "" ? null : $name;
}
public function has_name() : bool {
return $this->name != null;
}
public function get_name() : string {
return $this->name != null ? $this->name : "null";
}
//Get and set the number of members of the group
public function set_number_members(int $number_members){
$this->number_members = $number_members;
}
public function has_number_members() : bool {
return $this->number_members > -1;
}
public function get_number_members() : int {
return $this->number_members;
}
//Get and set the URL of the logo of group
public function set_logo(string $logo){
$this->logo = $logo == "" ? null : $logo;
}
public function has_logo() : bool {
return $this->logo != null;
}
public function get_logo() : string {
return $this->logo != null ? $this->logo : self::PATH_GROUPS_LOGO."/default.png";
}
public function get_logo_url() : string {
return path_user_data($this->get_logo());
}
public function get_logo_sys_path() : string {
//For security reasons, this method is available
//only if the user has really a logo (avoid unattended
//operation on default logo)
if(!$this->has_logo())
throw new Exception("This GroupInfo object has not any logo set!");
return path_user_data($this->get_logo(), true);
}
//Get and set the membership level of the current user
public function set_membership_level(int $membership_level){
$this->membership_level = $membership_level;
}
public function has_membership_level() : bool {
return $this->membership_level > -1;
}
public function get_membership_level() : int {
return $this->membership_level;
}
//Get and set group visibility
public function set_visibility(int $visibility){
$this->visibility = $visibility;
}
public function has_visibility() : bool {
return $this->visibility > -1;
}
public function get_visibility() : int {
return $this->visibility;
}
//Get and set registration levels
public function set_registration_level(int $registration_level){
$this->registration_level = $registration_level;
}
public function has_registration_level() : bool {
return $this->registration_level > -1;
}
public function get_registration_level() : int {
return $this->registration_level;
}
//Get and set posts level
public function set_posts_level(int $posts_level){
$this->posts_level = $posts_level;
}
public function has_posts_level() : bool {
return $this->posts_level > -1;
}
public function get_posts_level() : int {
return $this->posts_level;
}
//Get and set virtual directory
public function set_virtual_directory(string $virtual_directory){
$this->virtual_directory = $virtual_directory == "" ? null : $virtual_directory;
}
public function has_virtual_directory() : bool {
return $this->virtual_directory != null;
}
public function get_virtual_directory() : string {
return $this->virtual_directory != null ? $this->virtual_directory : "null";
}
//Set and get following status
public function set_following(bool $following){
$this->following = $following;
}
public function isFollowing() : bool {
return $this->following;
}
}

59
classes/models/GroupMember.php Normal file
View File

@ -0,0 +1,59 @@
<?php
/**
* Group member object model
*
* @author Pierre HUBERT
*/
class GroupMember extends BaseUniqueObjectFromUser {
/**
* Groups membership levels
*/
const ADMINISTRATOR = 0;
const MODERATOR = 1;
const MEMBER = 2;
const INVITED = 3;
const PENDING = 4; //When the group membership has not been approved yet
const VISITOR = 5; //Simple visitor
//Private fields
private $group_id = 1;
private $level = -1;
private $following;
//Set and get group id
public function set_group_id(int $group_id){
$this->group_id = $group_id;
}
public function has_group_id() : bool {
return $this->group_id > -1;
}
public function get_group_id() : int {
return $this->group_id;
}
//Set and get user membership level
public function set_level(int $level){
$this->level = $level;
}
public function has_level() : bool {
return $this->level > -1;
}
public function get_level() : int {
return $this->level;
}
//Set and get following status
public function set_following(bool $following){
$this->is_following = $following;
}
public function isFollowing() : bool {
return $this->is_following;
}
}

10
classes/models/GroupSettings.php Normal file
View File

@ -0,0 +1,10 @@
<?php
/**
* Group settings model object
*
* @author Pierre HUBERT
*/
class GroupSettings extends AdvancedGroupInfo {
}

28
classes/models/LanguageSettings.php Normal file
View File

@ -0,0 +1,28 @@
<?php
/**
* Language settings base model
*
* @author Pierre HUBERT
*/
class LanguageSettings extends BaseUserModel {
//Available languages
const LANGUAGES = array("fr", "en");
//Private fields
private $lang;
//Set and get the language the user
public function set_lang(string $lang){
$this->lang = $lang;
}
public function has_lang() : bool {
return $this->lang != null;
}
public function get_lang() : string {
return $this->lang;
}
}

25
classes/models/NewGroup.php Normal file
View File

@ -0,0 +1,25 @@
<?php
/**
* New Group Object
*
* @author Pierre HUBERT
*/
class NewGroup extends BaseUniqueObjectFromUser {
//Private properties
private $name;
//Set and get name
public function set_name(string $name){
$this->name = $name == "" ? null : $name;
}
public function has_name() : bool {
return $this->name != null;
}
public function get_name() : string {
return $this->name != null ? $this->name : "null";
}
}

16
classes/models/Notification.php
View File

@ -11,6 +11,7 @@ class Notification {
* Elements type
*/
const USER_PAGE = "user_page";
const GROUP_PAGE = "group_page";
const CONVERSATION = "conversation";
const CONVERSATION_MESSAGE = "conversation_message";
const POST = "post";
@ -24,6 +25,7 @@ class Notification {
const POST_SURVEY = "post_survey";
const COMMENT = "comment";
const FRIENDSHIP_REQUEST = "friend_request";
const GROUP_MEMBERSHIP = "group_membership";
/**
* Event type
@ -34,6 +36,12 @@ class Notification {
const REJECTED_FRIEND_REQUEST = "rejected_friend_request";
const ELEM_CREATED = "elem_created";
const ELEM_UPDATED = "elem_updated";
const SENT_GROUP_MEMBERSHIP_INVITATION = "sent_group_membership_invitation";
const ACCEPTED_GROUP_MEMBERSHIP_INVITATION = "accepted_group_membership_invitation";
const REJECTED_GROUP_MEMBERSHIP_INVITATION = "rejected_group_membership_invitation";
const SENT_GROUP_MEMBERSHIP_REQUEST = "sent_group_membership_request";
const ACCEPTED_GROUP_MEMBERSHIP_REQUEST = "accepted_group_membership_request";
const REJECTED_GROUP_MEMBERSHIP_REQUEST = "rejected_group_membership_request";
/**
* Event visibility
@ -158,6 +166,10 @@ class Notification {
*/
public function set_from_user_id(int $from_user_id){
$this->from_user_id = $from_user_id;
//Check if we have to reset the value
if($from_user_id < 0)
$this->from_user_id = null;
}
/**
@ -185,6 +197,10 @@ class Notification {
*/
public function set_dest_user_id(int $dest_user_id){
$this->dest_user_id = $dest_user_id;
//Reset the value if required
if($dest_user_id < 0)
$this->dest_user_id = null;
}
/**

16
classes/models/Post.php
View File

@ -75,6 +75,22 @@ class Post extends BaseUniqueObjectFromUser {
return $this->kind_page == Posts::PAGE_KIND_USER ? $this->kind_page_id : 0;
}
//Set and get the target group ID
public function set_group_id(int $group_id){
if($group_id > 0){
$this->set_kind_page(Posts::PAGE_KIND_GROUP);
$this->kind_page_id = $group_id;
}
}
public function has_group_id() : bool {
return $this->kind_page_id > 0 && $this->kind_page == Posts::PAGE_KIND_GROUP;
}
public function get_group_id() : int {
return $this->kind_page == Posts::PAGE_KIND_GROUP ? $this->kind_page_id : 0;
}
//Set and get content
public function set_content(string $content){

54
classes/models/SearchResult.php Normal file
View File

@ -0,0 +1,54 @@
<?php
/**
* Search result model
*
* @author Pierre HUBERT
*/
class SearchResult {
//Kind of result
const KIND_GROUP = 1;
const KIND_USER = 2;
//Private fields
private $kind;
private $kind_id;
/**
* Constructor of the object
*
* @param int $kind The kind of result (group, user...)
* @param int $kind_id The ID of the result
*/
public function SearchResult(int $kind, int $kind_id){
$this->set_kind($kind);
$this->set_kind_id($kind_id);
}
//Set and get the kind of object
public function set_kind(int $kind){
$this->kind = $kind;
}
public function has_kind() : bool {
return $this->kind > 0;
}
public function get_kind() : int {
return $this->kind;
}
//Set and get kind id
public function set_kind_id(int $kind_id){
$this->kind_id = $kind_id;
}
public function has_kind_id() : bool {
return $this->kind_id > 0;
}
public function get_kind_id() : int {
return $this->kind_id;
}
}

4
config/main.php
View File

@ -33,8 +33,8 @@ $config->set("storage_path", "/home/pierre/Documents/projets_web/comunic/current
$config->set("mysql", array(
"host" => "localhost",
"database" => "comunic",
"user" => "root",
"password" => "root"
"user" => "pierre",
"password" => "pierre"
));
/**

107
db_struct.sql
View File

@ -72,61 +72,109 @@ CREATE TABLE `commentaires` (
PRIMARY KEY (`ID`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
DROP TABLE IF EXISTS `comunic_API_ServicesToken`;
CREATE TABLE `comunic_API_ServicesToken` (
`ID` int(11) NOT NULL AUTO_INCREMENT,
`time_insert` int(11) DEFAULT NULL,
`serviceName` varchar(255) NOT NULL,
`token` varchar(255) NOT NULL,
`client_domain` varchar(45) DEFAULT NULL,
PRIMARY KEY (`ID`)
DROP TABLE IF EXISTS `comunic_api_limit_count`;
CREATE TABLE `comunic_api_limit_count` (
`ip` varchar(15) NOT NULL,
`time_start` int(11) DEFAULT NULL,
`action` varchar(45) DEFAULT NULL,
`count` int(11) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
DROP TABLE IF EXISTS `comunic_API_userLoginToken`;
CREATE TABLE `comunic_API_userLoginToken` (
`ID` int(11) NOT NULL AUTO_INCREMENT,
`ID_utilisateurs` int(11) NOT NULL,
`ID_comunic_API_ServicesToken` int(11) NOT NULL,
DROP TABLE IF EXISTS `comunic_api_services_tokens`;
CREATE TABLE `comunic_api_services_tokens` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`time_insert` int(11) DEFAULT NULL,
`service_name` varchar(255) NOT NULL,
`token` varchar(255) NOT NULL,
`client_domain` varchar(45) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
DROP TABLE IF EXISTS `comunic_api_users_tokens`;
CREATE TABLE `comunic_api_users_tokens` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`user_id` int(11) NOT NULL,
`service_id` int(11) NOT NULL,
`token1` varchar(255) NOT NULL,
`token2` varchar(255) NOT NULL,
PRIMARY KEY (`ID`)
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
DROP TABLE IF EXISTS `comunic_conversations_list`;
CREATE TABLE `comunic_conversations_list` (
`ID` int(11) NOT NULL AUTO_INCREMENT,
`ID_utilisateurs` int(11) DEFAULT NULL,
`id` int(11) NOT NULL AUTO_INCREMENT,
`user_id` int(11) DEFAULT NULL,
`name` varchar(50) DEFAULT NULL,
`last_active` int(11) DEFAULT NULL,
`creation_time` int(11) DEFAULT NULL,
PRIMARY KEY (`ID`)
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
DROP TABLE IF EXISTS `comunic_conversations_messages`;
CREATE TABLE `comunic_conversations_messages` (
`ID` int(11) NOT NULL AUTO_INCREMENT,
`ID_comunic_conversations_list` int(11) DEFAULT NULL,
`ID_utilisateurs` int(11) DEFAULT NULL,
`id` int(11) NOT NULL AUTO_INCREMENT,
`conv_id` int(11) DEFAULT NULL,
`user_id` int(11) DEFAULT NULL,
`time_insert` int(11) DEFAULT NULL,
`message` varchar(200) DEFAULT NULL,
`image_path` varchar(100) DEFAULT NULL,
PRIMARY KEY (`ID`)
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
DROP TABLE IF EXISTS `comunic_conversations_users`;
CREATE TABLE `comunic_conversations_users` (
`ID` int(11) NOT NULL AUTO_INCREMENT,
`ID_comunic_conversations_list` int(11) DEFAULT NULL,
`ID_utilisateurs` int(11) DEFAULT NULL,
`id` int(11) NOT NULL AUTO_INCREMENT,
`conv_id` int(11) DEFAULT NULL,
`user_id` int(11) DEFAULT NULL,
`time_add` int(11) DEFAULT NULL,
`following` int(1) DEFAULT '0',
`saw_last_message` int(1) DEFAULT NULL,
PRIMARY KEY (`ID`)
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
DROP TABLE IF EXISTS `comunic_groups`;
CREATE TABLE `comunic_groups` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`time_create` int(11) DEFAULT NULL,
`userid_create` int(11) DEFAULT NULL,
`name` varchar(45) DEFAULT NULL,
`path_logo` varchar(45) DEFAULT NULL,
`visibility` int(11) NOT NULL DEFAULT '1',
`registration_level` int(11) DEFAULT '1',
`posts_level` int(11) DEFAULT '0',
`virtual_directory` varchar(45) DEFAULT NULL,
`description` varchar(255) DEFAULT NULL,
`url` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=8 DEFAULT CHARSET=latin1;
DROP TABLE IF EXISTS `comunic_groups_members`;
CREATE TABLE `comunic_groups_members` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`groups_id` int(11) DEFAULT NULL,
`user_id` varchar(45) DEFAULT NULL,
`time_create` varchar(45) DEFAULT NULL,
`level` int(11) DEFAULT '2',
`following` tinyint(4) DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=28 DEFAULT CHARSET=latin1;
DROP TABLE IF EXISTS `comunic_mails_queue`;
CREATE TABLE `comunic_mails_queue` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`priority` int(11) DEFAULT NULL,
`time_insert` int(11) DEFAULT NULL,
`user_id` int(11) DEFAULT NULL,
`template` varchar(45) DEFAULT NULL,
`data` text DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
@ -139,7 +187,7 @@ CREATE TABLE `comunic_notifications` (
`dest_user_id` int(11) DEFAULT NULL,
`on_elem_id` int(11) DEFAULT NULL,
`on_elem_type` varchar(25) DEFAULT NULL,
`type` varchar(25) DEFAULT NULL,
`type` varchar(50) DEFAULT NULL,
`visibility` varchar(20) DEFAULT NULL,
`from_container_id` int(11) DEFAULT NULL,
`from_container_type` varchar(25) DEFAULT NULL,
@ -424,6 +472,7 @@ CREATE TABLE `texte` (
`time_insert` int(11) DEFAULT NULL,
`texte` text NOT NULL,
`ID_amis` int(11) NOT NULL DEFAULT '0',
`group_id` int(11) DEFAULT '0',
`niveau_visibilite` varchar(255) NOT NULL DEFAULT '1',
`type` varchar(255) NOT NULL DEFAULT 'texte',
`idvideo` int(11) DEFAULT NULL,
@ -433,6 +482,7 @@ CREATE TABLE `texte` (
`annee_fin` varchar(255) DEFAULT NULL,
`mois_fin` varchar(255) DEFAULT NULL,
`jour_fin` varchar(255) DEFAULT NULL,
`time_end` int(11) DEFAULT NULL,
`url_page` varchar(255) DEFAULT NULL,
`titre_page` varchar(255) DEFAULT NULL,
`description_page` longtext,
@ -483,5 +533,8 @@ CREATE TABLE `utilisateurs` (
`allow_multilogin` int(11) NOT NULL DEFAULT '0',
`allow_piwik` int(11) NOT NULL DEFAULT '1',
`public_note` varchar(255) DEFAULT NULL,
`password_reset_token` varchar(255) DEFAULT NULL,
`password_reset_token_time_create` int(11) DEFAULT NULL,
`lang` varchar(4) DEFAULT 'en',
PRIMARY KEY (`ID`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

127
functions/requests.php
View File

@ -33,10 +33,10 @@ function check_post_parametres(array $varList) : bool {
/**
* Convert a list of numbers (anything with IDs) comma-separated to an array
*
* @param String $list The input list
* @return Array The list of user / an empty list in case of errors
* @param string $list The input list
* @return array The list of user / an empty list in case of errors
*/
function numbers_list_to_array($list) : array {
function numbers_list_to_array(string $list) : array {
//Split the list into an array
$array = explode(",", $list);
$usersList = array();
@ -102,15 +102,38 @@ function postBool(string $name) : bool {
* This function makes a REST_Error in case of error
*
* @param string $name The name of the $_POST field
* @param string $default The default value (null = none)
* @return int The integer
*/
function postInt(string $name) : int {
function postInt(string $name, string $default = null) : int {
//Check the variable
if(!isset($_POST[$name]))
if(!isset($_POST[$name]) && $default == null)
Rest_fatal_error(400, "Please add a POST integer named '".$name."' in the request !");
return (int)$_POST[$name];
if(isset($_POST[$name]))
return (int)$_POST[$name];
else
return (int) $default;
}
/**
* Get an email address specified in a $_POST request
*
* @param string $name The name of the post field containing the
* email address
* @return string The email address
*/
function postEmail(string $name) : string {
//Get the email as a string
$email = postString($name, 5);
//Check the email
if(!filter_var($email, FILTER_VALIDATE_EMAIL))
Rest_fatal_error(400, "Specified email address is invalid !");
return $email;
}
/**
@ -120,7 +143,7 @@ function postInt(string $name) : int {
* @return int $output The output (safe integer)
*/
function toInt($input) : int{
return floor($input*1);
return (int) $input;
}
/**
@ -509,7 +532,7 @@ function save_post_image(string $fieldName, int $userID, string $folder, int $ma
* @param string $directory The directory to check
* @return bool TRUE if the domain seems to be valid / FALSE else
*/
function checkUserDirectoryValidity(string $directory) : bool {
function checkVirtualDirectoryValidity(string $directory) : bool {
//Check domain length
if(strlen($directory) < 4)
@ -524,13 +547,14 @@ function checkUserDirectoryValidity(string $directory) : bool {
}
/**
* Get a user post directory from a $_POST request and transform it to make it SQL-safe
* Get a user / group post directory from a $_POST
* request and transform it to make it SQL-safe
*
* @param string $name The name of the $_POST Request
* @return string The user virtual directory, safe for saving
* @throws RESTException If the directory is missing, or invalid
*/
function getPostUserDirectory(string $name) : string {
function getPostVirtualDirectory(string $name) : string {
//Check if the $_POST variable exists or not
if(!isset($_POST[$name]))
@ -538,10 +562,91 @@ function getPostUserDirectory(string $name) : string {
$directory = (string) $_POST[$name];
//Check domain validity
if(!checkUserDirectoryValidity($directory))
if(!checkVirtualDirectoryValidity($directory))
Rest_fatal_error(401, "Specified directory seems to be invalid!");
//Return the directory
return $directory;
}
/**
* Check wether a virtual directory is available or not
*
* @param string $name The virtual directory to check
* @param int $id The ID of the target element
* @param bool $isPage TRUE if the request is made for a page
* @return bool TRUE if the virtual directory is valid / FALSE else
*/
function checkVirtualDirectoryAvailability(string $name, int $id, bool $isPage) : bool {
if(!checkVirtualDirectoryValidity($name))
return FALSE;
if(!$isPage){
if(!components()->settings->checkUserDirectoryAvailability($name, $id))
return FALSE;
if(!components()->groups->checkDirectoryAvailability($name, -1))
return FALSE;
}
else {
if(!components()->settings->checkUserDirectoryAvailability($name, -1))
return FALSE;
if(!components()->groups->checkDirectoryAvailability($name, $id))
return FALSE;
}
//The directory seems to be valid
return TRUE;
}
/**
* Get a POST group ID
*
* @param string $name The name of variable in the $_POST request
* @return int The ID of the group
* @throws RESTException If the value is missing
*/
function getPostGroupId(string $name) : int {
//Get the ID of the group
$id = postInt($name);
//Check if the group exists or not
if(!components()->groups->exists($id))
Rest_fatal_error(404, "Specified group does not exists !");
//Return the ID of the group
return $id;
}
/**
* Get a POST group ID with a check for the minimal access requested
*
* @param string $name The name of the post field containing group ID
* @param int $minAccess The minimal access required
* @return int The ID of the group
*/
function getPostGroupIdWithAccess(string $name, int $minVisibility) : int {
//Get the ID of the group
$groupID = getPostGroupId($name);
//Get the access level of the current user over the group
$accessLevel = components()->groups->getAccessLevel($groupID, userID);
//Check if the user has no access
if($accessLevel == GroupInfo::NO_ACCESS)
Rest_fatal_error(404, "Specified group does not exists !"); //Act like if the group did not exists
//Check access level
if($accessLevel < $minVisibility)
Rest_fatal_error(401, "You do not have enough rights to perform what you intend to do on this group!");
return $groupID;
}

16
helpers/APILimits.php Normal file
View File

@ -0,0 +1,16 @@
<?php
/**
* API Limits helper
*
* @author Pierre HUBERT
*/
/**
* Limit the number of time a query can be performed by a client
*
* @param string $name The name of the action to limit
* @param bool $trigger Count this as an action of the user or not
*/
function api_limit_query(string $name, bool $trigger){
cs()->limit->limit_query($name, $trigger);
}

15
helpers/database.php Normal file
View File

@ -0,0 +1,15 @@
<?php
/**
* Database helper
*
* @author Pierre HUBERT
*/
/**
* Get and return database object
*
* @param DBLibrary The database object
*/
function db() : DBLibrary {
return CS::get()->db;
}

70
helpers/notifications.php
View File

@ -57,6 +57,36 @@ function delete_notifications_friendship_request(int $userOne, int $userTwo) : b
return true;
}
/**
* Delete all the notifications related to a group membership
*
* @param int $userID The ID of the target user
* @param int $groupID The ID of the target group
* @return bool TRUE for a success / FALSE else
*/
function delete_notifications_group_membership(int $userID, int $groupID) : bool {
user_login_required();
//Create notification object
$notification = new Notification();
$notification->set_on_elem_type(Notification::GROUP_MEMBERSHIP);
$notification->set_on_elem_id($groupID);
//Delete notifications
$notification->set_dest_user_id($userID);
$notification->set_from_user_id(-1);
if(!components()->notifications->delete($notification))
return false;
$notification->set_dest_user_id(-1);
$notification->set_from_user_id($userID);
if(!components()->notifications->delete($notification))
return false;
return true;
}
/**
* Create and push a friendship request notification
*
@ -83,3 +113,43 @@ function create_friendship_notification(int $fromUser, int $destUser, string $ki
//Try to push the notification
return components()->notifications->push($notif);
}
/**
* Create and push a group membership notification
*
* @param int $userID The ID of the target user for the membershp
* @param int $moderatorID The ID of the moderator creating the notification (0 if it is the user)
* @param int $groupID The ID of the target group
* @param string $kind The kind of notification to create
* @return bool TRUE in case of success / FALSE else
*/
function create_group_membership_notification(int $userID, int $moderatorID, int $groupID, string $kind) : bool {
//Delete all the previous notifications
if(!delete_notifications_group_membership($userID, $groupID))
return false;
//Create the notification
$notif = new Notification();
$notif->set_time_create(time());
$notif->set_on_elem_id($groupID);
$notif->set_on_elem_type(Notification::GROUP_MEMBERSHIP);
$notif->set_type($kind);
if($moderatorID < 1){
//The notification must be sent to all the moderators of the group
$notif->set_from_user_id($userID);
$notif->set_dest_user_id(-1);
}
else {
//We specify both the source and the destination of the notification not
//to broadcast the notification to all the group members
$notif->set_from_user_id($moderatorID);
$notif->set_dest_user_id($userID);
}
//Try to push the notification
return components()->notifications->push($notif);
}

9
index.php
View File

@ -35,7 +35,7 @@ if(!$cs->clients->checkClientRequestTokens())
if(defined("APIServiceDomain")){
//First, limit requests
header("Access-Control-Allow-Origin: http://".APIServiceDomain.", https://".APIServiceDomain);
header("Access-Control-Allow-Origin: https://".APIServiceDomain);
//Then check for referer
if(!isset($_SERVER["HTTP_REFERER"]))
@ -59,7 +59,7 @@ if(isset($_POST['userToken1']) AND isset($_POST['userToken2'])){
));
if($userID < 1){
Rest_fatal_error(401, "Please check your login tokens!");
Rest_fatal_error(412, "Please check your login tokens!");
}
//Else save userID
@ -70,6 +70,11 @@ else {
define("userID", 0);
}
//Setup API limits
require_once "classes/APILimits.php";
$api_limits = new APILimits();
cs()->register("limit", $api_limits);
/**
* Handle Rest requests
*/

15
tests/classes/models/APIClientTest.php Normal file
View File

@ -0,0 +1,15 @@
<?php
//Include class
require_once(__DIR__."/../../../classes/models/APIClient.php");
use PHPUnit\Framework\TestCase;
class APIClientTest extends TestCase {
public function testConfirmHasTokenAfterSet(){
$client = new APIClient();
$client->set_token("token");
$this->assertEquals(TRUE, $client->has_token());
}
}

20
tests/classes/models/BaseUniqueModelTest.php Normal file
View File

@ -0,0 +1,20 @@
<?php
//Include class
require_once(__DIR__."/../../../classes/models/BaseUniqueObject.php");
use PHPUnit\Framework\TestCase;
class BaseUniqueObjectTest extends TestCase {
public function testValidObjectWithoutId(){
$obj = new BaseUniqueObject();
$obj->set_id(10);
$this->assertEquals(TRUE, $obj->isValid());
}
public function testInvalidObjectWithoutId(){
$obj = new BaseUniqueObject();
$this->assertEquals(FALSE, $obj->isValid());
}
}