diff --git a/globals/Dependencies/Groups/Group.php b/globals/Dependencies/Groups/Group.php new file mode 100644 index 0000000..565b55a --- /dev/null +++ b/globals/Dependencies/Groups/Group.php @@ -0,0 +1,705 @@ +prepare("SELECT COUNT(*) FROM groups WHERE id = :u"); + $group->bindParam(":u", $groupid, PDO::PARAM_INT); + $group->execute(); + if ($group->fetchColumn() > 0) { + return true; + } + return false; + } + + public static function NameExists(string $name) + { + $checkname = $GLOBALS['pdo']->prepare("SELECT COUNT(*) FROM groups WHERE name = :na"); + $checkname->bindParam(":na", $name, PDO::PARAM_STR); + $checkname->execute(); + if ($checkname->fetchColumn() > 0) { + return true; + } + return false; + } + + public static function IsOwner(int $userid, int $groupid) + { + $owner = $GLOBALS['pdo']->prepare("SELECT COUNT(*) FROM groups WHERE id = :gid AND creatorid = :cid"); + $owner->bindParam(":gid", $groupid, PDO::PARAM_INT); + $owner->bindParam(":cid", $userid, PDO::PARAM_INT); + $owner->execute(); + if ($owner->fetchColumn() > 0) { + return true; + } + return false; + } + + public static function IsMember(int $userid, int $groupid) + { + $member = $GLOBALS['pdo']->prepare("SELECT COUNT(*) FROM group_members WHERE userid = :uid AND groupid = :gid"); + $member->bindParam(":uid", $userid, PDO::PARAM_INT); + $member->bindParam(":gid", $groupid, PDO::PARAM_INT); + $member->execute(); + + if ($member->fetchColumn() > 0) { + return true; + } + return false; + } + + public static function IsPendingRequest(int $userid, int $groupid) + { + $pending = $GLOBALS['pdo']->prepare("SELECT COUNT(*) FROM group_join_requests WHERE groupid = :gid AND userid = :uid"); + $pending->bindParam(":gid", $groupid, PDO::PARAM_INT); + $pending->bindParam(":uid", $userid, PDO::PARAM_INT); + $pending->execute(); + if ($pending->fetchColumn() > 0) { + return true; + } + return false; + } + + public static function IsManualApproval(int $groupid) + { + $manual = $GLOBALS['pdo']->prepare("SELECT COUNT(*) FROM groups WHERE id = :gid AND manualapproval = 1"); + $manual->bindParam(":gid", $groupid, PDO::PARAM_INT); + $manual->execute(); + if ($manual->fetchColumn() > 0) { + return true; + } + return false; + } + + public static function RankExists(int $groupid, int $rank) + { + $role = $GLOBALS['pdo']->prepare("SELECT COUNT(*) FROM group_roles WHERE groupid = :groupid AND rank = :rank"); + $role->bindParam(":groupid", $groupid, PDO::PARAM_INT); + $role->bindParam(":rank", $rank, PDO::PARAM_INT); + $role->execute(); + if ($role->fetchColumn() > 0) { + return true; + } + return false; + } + + public static function MemberInfo(int $groupid, int $userid) + { + $member = $GLOBALS['pdo']->prepare("SELECT * FROM group_members WHERE userid = :uid AND groupid = :gid"); + $member->bindParam(":uid", $userid, PDO::PARAM_INT); + $member->bindParam(":gid", $groupid, PDO::PARAM_INT); + $member->execute(); + return $member->fetch(PDO::FETCH_OBJ); + } + + public static function RoleInfo(int $groupid, int $rank) + { + $role = $GLOBALS['pdo']->prepare("SELECT * FROM group_roles WHERE groupid = :gid AND rank = :r"); + $role->bindParam(":gid", $groupid, PDO::PARAM_INT); + $role->bindParam(":r", $rank, PDO::PARAM_INT); + $role->execute(); + return $role->fetch(PDO::FETCH_OBJ); + } + + public static function GetName(int $groupid) + { + $name = $GLOBALS['pdo']->prepare("SELECT * FROM groups WHERE id = :u"); + $name->bindParam(":u", $groupid, PDO::PARAM_INT); + $name->execute(); + return $name->fetch(PDO::FETCH_OBJ)->name; + } + + public static function GetDescription(int $groupid) + { + $name = $GLOBALS['pdo']->prepare("SELECT * FROM groups WHERE id = :u"); + $name->bindParam(":u", $groupid, PDO::PARAM_INT); + $name->execute(); + return cleanOutput($name->fetch(PDO::FETCH_OBJ)); + } + + public static function GetRankName(int $rank, int $groupid) + { + $name = $GLOBALS['pdo']->prepare("SELECT * FROM group_roles WHERE groupid = :gid AND rank = :rank"); + $name->bindParam(":gid", $groupid, PDO::PARAM_INT); + $name->bindParam(":rank", $rank, PDO::PARAM_INT); + $name->execute(); + return $name->fetch(PDO::FETCH_OBJ)->rolename; + } + + public static function GetUserRankName(int $userid, int $groupid) + { + return Group::GetRankName(Group::MemberInfo($groupid, $userid)->rank, $groupid); + } + + public static function GetRank($userid, $groupid) + { + if (Group::IsMember($userid, $groupid)) { + return Group::MemberInfo($groupid, $userid)->rank; + } + } + + public static function GetLowestRank(int $groupid) + { + $getrole = $GLOBALS['pdo']->prepare("SELECT rank FROM `group_roles` WHERE groupid = :groupid ORDER BY rank ASC LIMIT 1"); //lowest rank available + $getrole->bindParam(":groupid", $groupid, PDO::PARAM_INT); + $getrole->execute(); + return $getrole->fetchColumn(); + } + + public static function MemberCount(int $groupid) + { + $count = $GLOBALS['pdo']->prepare("SELECT COUNT(*) FROM group_members WHERE groupid = :gid"); + $count->bindParam(":gid", $groupid, PDO::PARAM_INT); + $count->execute(); + return $count->fetchColumn(); + } + + public static function RankMemberCount(int $groupid, int $rank) + { + $count = $GLOBALS['pdo']->prepare("SELECT COUNT(*) FROM group_members WHERE groupid = :gid AND rank = :r"); + $count->bindParam(":gid", $groupid, PDO::PARAM_INT); + $count->bindParam(":r", $rank, PDO::PARAM_INT); + $count->execute(); + return $count->fetchColumn(); + } + + public static function MemberRoleInfo(int $userid, int $groupid) + { + if (Group::IsMember($userid, $groupid)) { + return Group::RoleInfo($groupid, Group::MemberInfo($groupid, $userid)->rank); + } + } + + public static function RankingCooldown(int $groupid) + { + $whenCreated = $GLOBALS['pdo']->prepare("SELECT * FROM group_roles WHERE groupid = :groupid ORDER BY whenCreated DESC LIMIT 1"); + $whenCreated->bindParam(":groupid", $groupid, PDO::PARAM_INT); + $whenCreated->execute(); + + if ($whenCreated->rowCount() > 0) { + if($whenCreated->fetch(PDO::FETCH_OBJ)->whenCreated + 60 > time()) { + return true; + } + } + return false; + } + + public static function PostingCooldown(int $userid) + { + $whenCreated = $GLOBALS['pdo']->prepare("SELECT * FROM group_posts WHERE userid = :userid ORDER BY postdate DESC LIMIT 1"); + $whenCreated->bindParam(":userid", $userid, PDO::PARAM_INT); + $whenCreated->execute(); + + if ($whenCreated->rowCount() > 0) { + if($whenCreated->fetch(PDO::FETCH_OBJ)->postdate + 60 > time()) { + return true; + } + } + return false; + } + + public static function NewJoinRequest(int $groupid, int $userid) + { + $newrequest = $GLOBALS['pdo']->prepare("INSERT INTO `group_join_requests`(`groupid`, `userid`, `whenRequested`) VALUES (:groupid, :userid, UNIX_TIMESTAMP())"); + $newrequest->bindParam(":groupid", $groupid, PDO::PARAM_INT); + $newrequest->bindParam(":userid", $userid, PDO::PARAM_INT); + $newrequest->execute(); + if ($newrequest->rowCount() > 0) { + return true; + } + return false; + } + + public static function WallViewPermission(int $userid, int $groupid) + { + if (Group::MemberRoleInfo($userid, $groupid)->AccessGroupWall) { + return true; + } + return false; + } + + public static function WallPostPermission(int $userid, int $groupid) + { + if (Group::MemberRoleInfo($userid, $groupid)->PostGroupWall) { + return true; + } + return false; + } + + public static function WallDeletePermission(int $userid, int $groupid) + { + if (Group::MemberRoleInfo($userid, $groupid)->DeleteGroupWallPosts) { + return true; + } + return false; + } + + public static function PostShoutPermission(int $userid, int $groupid) + { + if (Group::MemberRoleInfo($userid, $groupid)->PostGroupShout) { + return true; + } + return false; + } + + public static function ManageLowerRankPermission(int $userid, int $groupid) + { + if (Group::MemberRoleInfo($userid, $groupid)->ManageLowerRanks) { + return true; + } + return false; + } + + public static function KickLowerRankPermission(int $userid, int $groupid) + { + if (Group::MemberRoleInfo($userid, $groupid)->KickLowerRanks) { + return true; + } + return false; + } + + public static function AcceptJoinRequestPermission(int $userid, int $groupid) + { + if (Group::MemberRoleInfo($userid, $groupid)->AcceptJoinRequests) { + return true; + } + return false; + } + + public static function ViewAuditLogPermission(int $userid, int $groupid) + { + if (Group::MemberRoleInfo($userid, $groupid)->ViewAuditLog) { + return true; + } + return false; + } + + public static function ConfigPermission(int $userid, int $groupid) + { + if (Group::KickLowerRankPermission($userid, $groupid) || Group::KickLowerRankPermission($userid, $groupid) || Group::AcceptJoinRequestPermission($userid, $groupid) || Group::ViewAuditLogPermission($userid, $groupid)) { + return true; + } + return false; + } + + public static function CreateRole(int $groupid, string $name, int $rank) + { + $name = cleanInput($name); + $localplayer = $GLOBALS['user']->id; + + if (!$groupid || !$rank) { + throw new Exception('Missing parameters'); + } else if (!Group::IsOwner($localplayer, $groupid)) { + throw new Exception('You do not have permission to perform this action'); + } else if ($rank < 0 || $rank > 254) { + throw new Exception('Rank must be above 0 and below 255'); + } else if (Group::RankExists($groupid, $rank)) { + throw new Exception('Rank '.$rank.' already exists'); + } else if (strlen($name) > 30) { + throw new Exception('Role name is too long'); + } else if (strlen($name) < 3) { + throw new Exception('Role name is too short'); + } else if (Group::RankingCooldown($groupid)) { + throw new Exception('Please wait before creating another role'); + } else { + $newrole = $GLOBALS['pdo']->prepare("INSERT INTO `group_roles` (`groupid`, `rolename`, `rank`, `AccessGroupWall`, `PostGroupWall`, `DeleteGroupWallPosts`, `PostGroupShout`, `ManageLowerRanks`, `KickLowerRanks`, `AcceptJoinRequests`, `ViewAuditLog`, `whenCreated`) VALUES (:groupid, :rolename, :rank, '1', '1', '0', '0', '0', '0', '0', '0', UNIX_TIMESTAMP())"); + $newrole->bindParam(":groupid", $groupid, PDO::PARAM_INT); + $newrole->bindParam(":rolename", $name, PDO::PARAM_STR); + $newrole->bindParam(":rank", $rank, PDO::PARAM_INT); + $newrole->execute(); + if ($newrole->rowCount() > 0) { + EconomyHelper::RemoveAlphabux(15, $localplayer, 'Purchase of role named '.$name.', groupid '.$groupid); + return true; + } + return false; + } + } + + public static function CreatePost(int $groupid, int $userid, string $post) + { + $post = cleanInput($post); + + if (!$groupid || !$userid) { + throw new Exception('Error occurred'); + } else if (!$post) { + throw new Exception('Post cannot be blank'); + } else if (!Group::IsMember($userid, $groupid) || !Group::WallPostPermission($userid, $groupid)) { + throw new Exception('You do not have permission to perform this action'); + } else if (strlen($post) > 256) { + throw new Exception('Post is too long'); + } else if (strlen($post) < 3) { + throw new Exception('Post is too short'); + } else if (Group::PostingCooldown($userid)) { + throw new Exception('Please wait before posting again'); + } else { + $newpost = $GLOBALS['pdo']->prepare("INSERT INTO group_posts(userid, groupid, post, postdate) VALUES(:u, :gid, :p, UNIX_TIMESTAMP())"); + $newpost->bindParam(":u", $userid, PDO::PARAM_INT); + $newpost->bindParam(":gid", $groupid, PDO::PARAM_INT); + $newpost->bindParam(":p", $post, PDO::PARAM_STR); + $newpost->execute(); + if ($newpost->rowCount() > 0){ + return true; + } + return false; + } + } + + public static function DeletePost(int $postid, int $groupid) + { + $localplayer = $GLOBALS['user']->id; + + if (!Group::WallDeletePermission($localplayer, $groupid)) { + throw new Exception('You do not have permission to perform this action'); + } else { + $deletepost = $GLOBALS['pdo']->prepare("DELETE FROM group_posts WHERE id = :id AND groupid = :groupid"); //lowest rank available + $deletepost->bindParam(":id", $postid, PDO::PARAM_INT); + $deletepost->bindParam(":groupid", $groupid, PDO::PARAM_INT); + $deletepost->execute(); + if ($deletepost->rowCount() > 0) { + return true; + } + return false; + } + } + + public static function Leave(int $userid, int $groupid) + { + if (Group::IsOwner($userid, $groupid) || !Group::IsMember($userid, $groupid) || Group::IsPendingRequest($userid, $groupid)) { + throw new Exception('You do not have permission to perform this action'); + } else { + $deletegroupuser = $GLOBALS['pdo']->prepare("DELETE FROM group_members WHERE userid = :userid AND groupid = :groupid"); + $deletegroupuser->bindParam(":userid", $userid, PDO::PARAM_INT); + $deletegroupuser->bindParam(":groupid", $groupid, PDO::PARAM_INT); + $deletegroupuser->execute(); + if ($deletegroupuser->rowCount() > 0) { + return true; + } + return false; + } + } + + public static function ExileUser(int $groupid, int $userid) + { + $localplayer = $GLOBALS['user']->id; + + if (!Group::IsOwner($localplayer, $groupid) || !Group::IsMember($userid, $groupid) || Group::GetRank($userid, $groupid) == 255) { + throw new Exception('You do not have permission to perform this action'); + } else { + $deleteuser = $GLOBALS['pdo']->prepare("DELETE FROM group_members WHERE userid = :userid AND groupid = :groupid"); + $deleteuser->bindParam(":userid", $userid, PDO::PARAM_INT); + $deleteuser->bindParam(":groupid", $groupid, PDO::PARAM_INT); + $deleteuser->execute(); + if ($deleteuser->rowCount() > 0) { + return true; + } + return false; + } + } + + public static function UpdateUserRank(int $groupid, int $userid, int $rank) + { + $localplayer = $GLOBALS['user']->id; + + if (!$groupid || !$userid || !$rank) { + throw new Exception('Error occurred'); + } else if (!Group::ManageLowerRankPermission($localplayer, $groupid) || + Group::GetRank($userid, $groupid) >= Group::GetRank($localplayer, $groupid) || + Group::GetRank($userid, $groupid) == 255 || + $rank == 255 || + !Group::RankExists($groupid, $rank)) { + throw new Exception('You do not have permission to perform this action'); + } else { + $updateuser = $GLOBALS['pdo']->prepare("UPDATE `group_members` SET rank = :rank WHERE userid = :userid AND groupid = :groupid"); + $updateuser->bindParam(":rank", $rank, PDO::PARAM_INT); + $updateuser->bindParam(":userid", $userid, PDO::PARAM_INT); + $updateuser->bindParam(":groupid", $groupid, PDO::PARAM_INT); + $updateuser->execute(); + if ($updateuser->rowCount() > 0) { + return true; + } + return false; + } + } + + public static function Create(string $name, string $description, bool $approval, int $creatorid, string $base64emblem) + { + $name = cleanInput($name); + $description = cleanInput($description); + $approval = boolval($approval); + $base64emblem = file_get_contents($base64emblem); //this removes the header from js post and base64 decodes it, very convenient + $mimetype = finfo_buffer(finfo_open(), $base64emblem, FILEINFO_MIME_TYPE); //file type + + if (!$name || !$description || !$creatorid || !$base64emblem) { + throw new Exception('Missing required fields'); + } else if (Group::NameExists($name)) { + throw new Exception('Group name already taken'); + } else if (strlen($name) > 50) { + throw new Exception('Group name too long'); + } else if (strlen($name) < 3) { + throw new Exception('Group name too short'); + } else if (strlen($description) > 1024) { + throw new Exception('Group description too long'); + } else if (strlen($description) < 3) { + throw new Exception('Group description too short'); + } else if (!in_array($mimetype, array('image/png','image/jpeg'))) { + throw new Exception('Invalid image provided'); + } else if (!User::UserExists($creatorid)) { + throw new Exception('Error Occurred'); + } else if (!EconomyHelper::RemoveAlphabux(20, $creatorid, "Purchase of group named ".$name)) { + throw new Exception('Not enough Alphabux to purchase a group'); + } else { + //new hash + $emblemhash = genAssetHash(16); + + if (!ImageHelper::ResizeImageFromString(150, 150, $GLOBALS['thumbnailCDNPath'] . $emblemhash, $base64emblem)) { //resize to 150x150 + throw new Exception('Error occurred'); + } + + + //TODO: clean up a bit vvvv + + + try //wrap this in a try-catch block, if anything happens we immediately unlock the db + { + $GLOBALS['pdo']->exec("LOCK TABLES assets WRITE"); //lock since this stuff is sensitive + + $b = $GLOBALS['pdo']->prepare("SELECT * FROM assets"); + $b->execute(); + + //grab auto increment values + $autoincrement = $b->rowCount() + 1; //initial auto increment value + + //add texture to assets + $assetname = $name . " Emblem"; + $x = $GLOBALS['pdo']->prepare("INSERT INTO `assets`(`id`, `AssetTypeId`, `Name`, `Description`, `Created`, `Updated`, `CreatorId`, `TargetId`, `PriceInAlphabux`, `Sales`, `IsNew`, `IsForSale`, `IsPublicDomain`, `IsLimited`, `IsLimitedUnique`, `IsApproved`, `Remaining`, `MinimumMembershipLevel`, `ContentRatingTypeId`, `Favorited`, `Visited`, `MaxPlayers`, `UpVotes`, `DownVotes`, `Hash`) VALUES (:aid,22,:aname,'Group Emblem',UNIX_TIMESTAMP(),UNIX_TIMESTAMP(),:oid,:aid2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,:hash)"); + $x->bindParam(":aid", $autoincrement, PDO::PARAM_INT); + $x->bindParam(":aname", $assetname, PDO::PARAM_STR); + $x->bindParam(":oid", $creatorid, PDO::PARAM_INT); + $x->bindParam(":aid2", $autoincrement, PDO::PARAM_INT); + $x->bindParam(":hash", $emblemhash, PDO::PARAM_STR); + $x->execute(); + + $GLOBALS['pdo']->exec("UNLOCK TABLES"); + + + $GLOBALS['pdo']->exec("LOCK TABLES groups WRITE"); //lock since this stuff is sensitive + + $g = $GLOBALS['pdo']->prepare("SELECT * FROM groups"); + $g->execute(); + + //grab auto increment values + $nextgroup = $g->rowCount() + 1; //initial auto increment value + + $group = $GLOBALS['pdo']->prepare("INSERT INTO `groups` (`id`, `name`, `description`, `manualapproval`, `creatorid`, `emblem`, `moderated`) VALUES (:id, :name, :description, :approvals, :creatorid, :emblem, 0)"); + $group->bindParam(":id", $nextgroup, PDO::PARAM_INT); + $group->bindParam(":name", $name, PDO::PARAM_STR); + $group->bindParam(":description", $description, PDO::PARAM_STR); + $group->bindParam(":approvals", $approval, PDO::PARAM_INT); + $group->bindParam(":creatorid", $creatorid, PDO::PARAM_INT); + $group->bindParam(":emblem", $autoincrement, PDO::PARAM_INT); + $group->execute(); + + $GLOBALS['pdo']->exec("UNLOCK TABLES"); + + + $groupjoin = $GLOBALS['pdo']->prepare("INSERT INTO `group_members` (`userid`, `groupid`, `rank`, `whenJoined`) VALUES (:userid, :groupid, '255', UNIX_TIMESTAMP())"); + $groupjoin->bindParam(":userid", $creatorid, PDO::PARAM_INT); + $groupjoin->bindParam(":groupid", $nextgroup, PDO::PARAM_INT); + $groupjoin->execute(); + + $ownerrole = $GLOBALS['pdo']->prepare("INSERT INTO `group_roles` (`groupid`, `rolename`, `rank`, `AccessGroupWall`, `PostGroupWall`, `DeleteGroupWallPosts`, `PostGroupShout`, `ManageLowerRanks`, `KickLowerRanks`, `AcceptJoinRequests`, `ViewAuditLog`) VALUES (:groupid, 'Owner', '255', '1', '1', '1', '1', '1', '1', '1', '1')"); + $ownerrole->bindParam(":groupid", $nextgroup, PDO::PARAM_INT); + $ownerrole->execute(); + + $adminrole = $GLOBALS['pdo']->prepare("INSERT INTO `group_roles` (`groupid`, `rolename`, `rank`, `AccessGroupWall`, `PostGroupWall`, `DeleteGroupWallPosts`, `PostGroupShout`, `ManageLowerRanks`, `KickLowerRanks`, `AcceptJoinRequests`, `ViewAuditLog`) VALUES (:groupid, 'Admin', '254', '1', '1', '1', '1', '0', '0', '0', '0')"); + $adminrole->bindParam(":groupid", $nextgroup, PDO::PARAM_INT); + $adminrole->execute(); + + $memberrole = $GLOBALS['pdo']->prepare("INSERT INTO `group_roles` (`groupid`, `rolename`, `rank`, `AccessGroupWall`, `PostGroupWall`, `DeleteGroupWallPosts`, `PostGroupShout`, `ManageLowerRanks`, `KickLowerRanks`, `AcceptJoinRequests`, `ViewAuditLog`) VALUES (:groupid, 'Member', '253', '1', '1', '0', '0', '0', '0', '0', '0')"); + $memberrole->bindParam(":groupid", $nextgroup, PDO::PARAM_INT); + $memberrole->execute(); + + } catch (Exception $e) { + $GLOBALS['pdo']->exec("UNLOCK TABLES"); //precaution + throw new Exception('Critical error occurred, please report this under #bugs'); + } + return true; + } + } + + public static function Join(int $groupid, int $userid, bool $force=false) + { + if (!Group::Exists($groupid) || Group::IsMember($userid, $groupid) && !$force) { + throw new Exception('Error occurred'); + } else { + if (Group::IsManualApproval($groupid) && !$force) { + if (Group::NewJoinRequest($groupid, $userid)) { + return true; + } + } else { + $lowestrank = Group::GetLowestRank($groupid); + $join = $GLOBALS['pdo']->prepare("INSERT INTO group_members(userid, groupid, rank, whenJoined) VALUES(:userid, :groupid, :rank, UNIX_TIMESTAMP())"); + $join->bindParam(":userid", $userid, PDO::PARAM_INT); + $join->bindParam(":groupid", $groupid, PDO::PARAM_INT); + $join->bindParam(":rank", $lowestrank, PDO::PARAM_INT); + $join->execute(); + if ($join->rowCount() > 0) { + return true; + } + } + return false; + } + } + + public static function DeleteJoinRequest(int $groupid, int $userid) + { + $localplayer = $GLOBALS['user']->id; + + if (!Group::IsOwner($localplayer, $groupid) || !Group::IsPendingRequest($userid, $groupid)) { + throw new Exception('You do not have permission to perform this action'); + } else { + $deleterequest = $GLOBALS['pdo']->prepare("DELETE FROM group_join_requests WHERE groupid = :groupid AND userid = :userid"); + $deleterequest->bindParam(":groupid", $groupid, PDO::PARAM_INT); + $deleterequest->bindParam(":userid", $userid, PDO::PARAM_INT); + $deleterequest->execute(); + if ($deleterequest->rowCount() > 0) { + return true; + } + return false; + } + } + + public static function ApproveJoinRequest(int $groupid, int $userid) + { + $localplayer = $GLOBALS['user']->id; + + if (!Group::IsOwner($localplayer, $groupid) || !Group::IsPendingRequest($userid, $groupid)) { + throw new Exception('You do not have permission to perform this action'); + } else { + if (Group::DeleteJoinRequest($groupid, $userid) && Group::Join($groupid, $userid, true)) { + return true; + } + return false; + } + } + + public static function UpdateGeneralConfig(int $groupid, string $description, bool $approval, string $base64emblem) + { + $localplayer = $GLOBALS['user']->id; + $description = cleanInput($description); + $approval = boolval($approval); + $newtextureid = 0; + + if (!$groupid) { + throw new Exception('Error occurred'); + } else if (!Group::IsOwner($localplayer, $groupid)) { + throw new Exception('You do not have permission to perform this action'); + } else if (!$description) { + throw new Exception('A description must be provided'); + } else if (strlen($description) < 3) { + throw new Exception('Group description is too short'); + } else if (strlen($description) > 1024) { + throw new Exception('Group description is too long'); + } else { + if ($base64emblem) { + $emblemname = Group::GetName($groupid) . " Emblem"; + $emblemhash = genAssetHash(16); + $base64emblem = file_get_contents($base64emblem); //this removes the header from js post and base64 decodes it, very convenient + $mimetype = finfo_buffer(finfo_open(), $base64emblem, FILEINFO_MIME_TYPE); //file type + + if (!in_array($mimetype, array('image/png','image/jpeg'))) { + throw new Exception('Invalid image provided'); + } + + if (!ImageHelper::ResizeImageFromString(150, 150, $GLOBALS['thumbnailCDNPath'] . $emblemhash, $base64emblem)) { //resize to 150x150 + throw new Exception('Error occurred'); + } + } + + try { + $GLOBALS['pdo']->exec("LOCK TABLES assets WRITE"); //lock since this stuff is sensitive + + $newtextureid = $GLOBALS['pdo']->prepare("SELECT * FROM assets"); + $newtextureid->execute(); + $newtextureid = $newtextureid->rowCount() + 1; + + if ($base64emblem && $newtextureid > 0) { + $x = $GLOBALS['pdo']->prepare("INSERT INTO `assets`(`id`, `AssetTypeId`, `Name`, `Description`, `Created`, `Updated`, `CreatorId`, `TargetId`, `PriceInAlphabux`, `Sales`, `IsNew`, `IsForSale`, `IsPublicDomain`, `IsLimited`, `IsLimitedUnique`, `IsApproved`, `Remaining`, `MinimumMembershipLevel`, `ContentRatingTypeId`, `Favorited`, `Visited`, `MaxPlayers`, `UpVotes`, `DownVotes`, `Hash`) VALUES (:aid,22,:aname,'Group Emblem',UNIX_TIMESTAMP(),UNIX_TIMESTAMP(),:oid,:aid2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,:hash)"); + $x->bindParam(":aid", $newtextureid, PDO::PARAM_INT); + $x->bindParam(":aname", $emblemname, PDO::PARAM_STR); + $x->bindParam(":oid", $localplayer, PDO::PARAM_INT); + $x->bindParam(":aid2", $newtextureid, PDO::PARAM_INT); + $x->bindParam(":hash", $emblemhash, PDO::PARAM_STR); + $x->execute(); + } + + $GLOBALS['pdo']->exec("UNLOCK TABLES"); + } catch (Exception $e) { + $GLOBALS['pdo']->exec("UNLOCK TABLES"); //precaution + throw new Exception('Critical error occurred, please report this under #bugs'); + } + + $config = $GLOBALS['pdo']->prepare("UPDATE groups SET description = :description, manualapproval = :approval" . (!empty($base64emblem) && $newtextureid > 0 ? " ,emblem = ".$newtextureid."":"") . " WHERE id = :gid"); + $config->bindParam(":gid", $groupid, PDO::PARAM_INT); + $config->bindParam(":description", $description, PDO::PARAM_STR); + $config->bindParam(":approval", $approval, PDO::PARAM_INT); + if ($config->execute()) { + return true; + } + return false; + } + } + + public static function UpdateRole(int $groupid, int $rank, int $newrank, string $name, bool $accessgroupwall, bool $postgroupwall, bool $deletegroupwallposts, bool $postgroupshout, bool $managelowerranks, bool $kicklowerranks, bool $acceptjoinrequests, bool $auditaccess) + { + $localplayer = $GLOBALS['user']->id; + + if (!$groupid || !$rank || !$newrank) { + throw new Exception('Missing parameters'); + } else if (!Group::IsOwner($localplayer, $groupid)) { + throw new Exception('You do not have permission to perform this action'); + } else if ($newrank < 0 || $newrank > 254) { + throw new Exception('Rank must be above 0 and below 255'); + } else if (Group::RankExists($groupid, $newrank) && $rank != $newrank) { + throw new Exception('Rank '.$newrank.' already exists'); + } else if (strlen($name) > 30) { + throw new Exception('Role name is too long'); + } else if (strlen($name) < 3) { + throw new Exception('Role name is too short'); + } else { + $updaterole = $GLOBALS['pdo']->prepare("UPDATE group_roles SET rolename = :rolename, rank = :newrank, AccessGroupWall = :groupwallaccess, PostGroupWall = :postgroupwall, DeleteGroupWallPosts = :deletegroupwallposts, PostGroupShout = :postgroupshout, ManageLowerRanks = :managelowerranks, KickLowerRanks = :kicklowerranks, AcceptJoinRequests = :acceptjoinrequest, ViewAuditLog = :viewauditlog WHERE groupid = :gid AND rank = :rank"); + $updaterole->bindParam(":rolename", $name, PDO::PARAM_STR); + $updaterole->bindParam(":newrank", $newrank, PDO::PARAM_INT); + $updaterole->bindParam(":groupwallaccess", $accessgroupwall, PDO::PARAM_INT); + $updaterole->bindParam(":postgroupwall", $postgroupwall, PDO::PARAM_INT); + $updaterole->bindParam(":deletegroupwallposts", $deletegroupwallposts, PDO::PARAM_INT); + $updaterole->bindParam(":postgroupshout", $postgroupshout, PDO::PARAM_INT); + $updaterole->bindParam(":managelowerranks", $managelowerranks, PDO::PARAM_INT); + $updaterole->bindParam(":kicklowerranks", $kicklowerranks, PDO::PARAM_INT); + $updaterole->bindParam(":acceptjoinrequest", $acceptjoinrequests, PDO::PARAM_INT); + $updaterole->bindParam(":viewauditlog", $auditaccess, PDO::PARAM_INT); + $updaterole->bindParam(":gid", $groupid, PDO::PARAM_INT); + $updaterole->bindParam(":rank", $rank, PDO::PARAM_INT); + if ($updaterole->execute()) { + return true; + } + return false; + } + } + } +} \ No newline at end of file diff --git a/globals/config.php b/globals/config.php index 6705bda..105b6d3 100644 --- a/globals/config.php +++ b/globals/config.php @@ -122,6 +122,7 @@ try include "C:/Webserver/nginx/Alphaland/globals/Dependencies/Moderation/Filter.php"; include "C:/Webserver/nginx/Alphaland/globals/Dependencies/Users/Badge.php"; include "C:/Webserver/nginx/Alphaland/globals/Dependencies/Administration/SignupKey.php"; + include "C:/Webserver/nginx/Alphaland/globals/Dependencies/Groups/Group.php"; //authenticator $authenticator = new PHPGangsta_GoogleAuthenticator(); diff --git a/globals/functions.php b/globals/functions.php index b9d19cc..d1c3cd1 100644 --- a/globals/functions.php +++ b/globals/functions.php @@ -364,1005 +364,6 @@ function updatePBSGameSettings($placeid, $name, $description, $commentsenabled, // ... -//groups (admins have full access to every group they join) - -function isInGroup($userid, $groupid) -{ - $member = $GLOBALS['pdo']->prepare("SELECT * FROM group_members WHERE userid = :uid AND groupid = :gid"); - $member->bindParam(":uid", $userid, PDO::PARAM_INT); - $member->bindParam(":gid", $groupid, PDO::PARAM_INT); - $member->execute(); - if ($member->rowCount() > 0) - { - return true; - } - return false; -} - -function userGroupsCount() -{ - $localplayer = $GLOBALS['user']->id; - $groups = $GLOBALS['pdo']->prepare("SELECT * FROM groups WHERE creatorid = :creatorid"); - $groups->bindParam(":creatorid", $localplayer, PDO::PARAM_INT); - $groups->execute(); - return $groups->rowCount(); -} - -function createGroup($name, $description, $approval, $base64emblem) -{ - if (userGroupsCount() == 6 && !$GLOBALS['user']->IsAdmin()) - { - return "Limited to 6 groups per player"; - } - - $name = cleanInput($name); - $description = cleanInput($description); - $approval = boolval($approval); - $base64emblem = file_get_contents($base64emblem); //this removes the header from js post and base64 decodes it, very convenient - $mimetype = finfo_buffer(finfo_open(), $base64emblem, FILEINFO_MIME_TYPE); //file type - - if (groupNameExists($name)) - { - return "Group name taken"; - } - else if (strlen($name) > 50) - { - return "Group name too long"; - } - else if (strlen($name) < 3) - { - return "Group name too short"; - } - else if (strlen($description) > 1024) - { - return "Group description too long"; - } - else if (strlen($description) < 3) - { - return "Group description too short"; - } - else if (!is_bool($approval)) - { - return "Error occurred"; - } - else if (!$base64emblem) - { - return "Image required"; - } - else if (!in_array($mimetype, array('image/png','image/jpeg'))) - { - return "Invalid image provided"; - } - else if (!removeCurrency(20, "Purchase of group name ".$name)) - { - return "Not enough Alphabux"; - } - else - { - try - { - $textureUploadDirectory = $GLOBALS['thumbnailCDNPath']; //directory where the textures are stored - $emblemhash = genAssetHash(16); - - //check dimensions - $imagedetails = getimagesizefromstring($base64emblem); - $width = $imagedetails[0]; - $height = $imagedetails[1]; - - if ($width > 150 || $height > 150 || $width < 150 || $height < 150) - { - $img = imagecreatefromstring($base64emblem); - $width = imagesx($img); - $height = imagesy($img); - $tmp = imagecreatetruecolor(150, 150); - imagealphablending($tmp , false); - imagesavealpha($tmp , true); - imagecopyresampled($tmp, $img, 0, 0, 0, 0, 150, 150, $width, $height); - if (!imagepng($tmp, $textureUploadDirectory . $emblemhash)) { - return "Error occurred"; - } - } - else - { - if (!file_put_contents($textureUploadDirectory . $emblemhash, $base64emblem)) - { - return "Error occurred"; - } - } - - $creatorid = $GLOBALS['user']->id; - - $GLOBALS['pdo']->exec("LOCK TABLES assets WRITE"); //lock since this stuff is sensitive - - $b = $GLOBALS['pdo']->prepare("SELECT * FROM assets"); - $b->execute(); - - //grab auto increment values - $autoincrement = $b->rowCount() + 1; //initial auto increment value - - //add texture to assets - $assetname = $name . " Emblem"; - $x = $GLOBALS['pdo']->prepare("INSERT INTO `assets`(`id`, `AssetTypeId`, `Name`, `Description`, `Created`, `Updated`, `CreatorId`, `TargetId`, `PriceInAlphabux`, `Sales`, `IsNew`, `IsForSale`, `IsPublicDomain`, `IsLimited`, `IsLimitedUnique`, `IsApproved`, `Remaining`, `MinimumMembershipLevel`, `ContentRatingTypeId`, `Favorited`, `Visited`, `MaxPlayers`, `UpVotes`, `DownVotes`, `Hash`) VALUES (:aid,22,:aname,'Group Emblem',UNIX_TIMESTAMP(),UNIX_TIMESTAMP(),:oid,:aid2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,:hash)"); - $x->bindParam(":aid", $autoincrement, PDO::PARAM_INT); - $x->bindParam(":aname", $assetname, PDO::PARAM_STR); - $x->bindParam(":oid", $creatorid, PDO::PARAM_INT); - $x->bindParam(":aid2", $autoincrement, PDO::PARAM_INT); - $x->bindParam(":hash", $emblemhash, PDO::PARAM_STR); - $x->execute(); - - $GLOBALS['pdo']->exec("UNLOCK TABLES"); - - - $GLOBALS['pdo']->exec("LOCK TABLES groups WRITE"); //lock since this stuff is sensitive - - $g = $GLOBALS['pdo']->prepare("SELECT * FROM groups"); - $g->execute(); - - //grab auto increment values - $nextgroup = $g->rowCount() + 1; //initial auto increment value - - $group = $GLOBALS['pdo']->prepare("INSERT INTO `groups` (`id`, `name`, `description`, `manualapproval`, `creatorid`, `emblem`, `moderated`) VALUES (:id, :name, :description, :approvals, :creatorid, :emblem, 0)"); - $group->bindParam(":id", $nextgroup, PDO::PARAM_INT); - $group->bindParam(":name", $name, PDO::PARAM_STR); - $group->bindParam(":description", $description, PDO::PARAM_STR); - $group->bindParam(":approvals", $approval, PDO::PARAM_INT); - $group->bindParam(":creatorid", $creatorid, PDO::PARAM_INT); - $group->bindParam(":emblem", $autoincrement, PDO::PARAM_INT); - $group->execute(); - - $GLOBALS['pdo']->exec("UNLOCK TABLES"); - - $groupjoin = $GLOBALS['pdo']->prepare("INSERT INTO `group_members` (`userid`, `groupid`, `rank`, `whenJoined`) VALUES (:userid, :groupid, '255', UNIX_TIMESTAMP())"); - $groupjoin->bindParam(":userid", $creatorid, PDO::PARAM_INT); - $groupjoin->bindParam(":groupid", $nextgroup, PDO::PARAM_INT); - $groupjoin->execute(); - - $ownerrole = $GLOBALS['pdo']->prepare("INSERT INTO `group_roles` (`groupid`, `rolename`, `rank`, `AccessGroupWall`, `PostGroupWall`, `DeleteGroupWallPosts`, `PostGroupShout`, `ManageLowerRanks`, `KickLowerRanks`, `AcceptJoinRequests`, `ViewAuditLog`) VALUES (:groupid, 'Owner', '255', '1', '1', '1', '1', '1', '1', '1', '1')"); - $ownerrole->bindParam(":groupid", $nextgroup, PDO::PARAM_INT); - $ownerrole->execute(); - - $adminrole = $GLOBALS['pdo']->prepare("INSERT INTO `group_roles` (`groupid`, `rolename`, `rank`, `AccessGroupWall`, `PostGroupWall`, `DeleteGroupWallPosts`, `PostGroupShout`, `ManageLowerRanks`, `KickLowerRanks`, `AcceptJoinRequests`, `ViewAuditLog`) VALUES (:groupid, 'Admin', '254', '1', '1', '1', '1', '0', '0', '0', '0')"); - $adminrole->bindParam(":groupid", $nextgroup, PDO::PARAM_INT); - $adminrole->execute(); - - $memberrole = $GLOBALS['pdo']->prepare("INSERT INTO `group_roles` (`groupid`, `rolename`, `rank`, `AccessGroupWall`, `PostGroupWall`, `DeleteGroupWallPosts`, `PostGroupShout`, `ManageLowerRanks`, `KickLowerRanks`, `AcceptJoinRequests`, `ViewAuditLog`) VALUES (:groupid, 'Member', '253', '1', '1', '0', '0', '0', '0', '0', '0')"); - $memberrole->bindParam(":groupid", $nextgroup, PDO::PARAM_INT); - $memberrole->execute(); - - return true; - } - catch (Exception $e) //UH OH SOMETHING WENT WRONG - { - giveCurrency(20, $creatorid); - return "Error Occurred"; - } - } -} - -function updateGeneralConfig($groupid, $description, $approval, $base64emblem) //no changing name after creation!! -{ - if (isGroupOwner($groupid)) - { - $description = cleanInput($description); - $approval = boolval($approval); - if ($base64emblem) - { - $base64emblem = file_get_contents($base64emblem); //this removes the header from js post and base64 decodes it, very convenient - $mimetype = finfo_buffer(finfo_open(), $base64emblem, FILEINFO_MIME_TYPE); //file type - } - - if (getGroupDescription($groupid) != $description) //dont run if group description hasnt changed - { - if (strlen($description) > 1024) - { - return "Group description too long"; - } - else if (strlen($description) < 3) - { - return "Group description too short"; - } - } - - if (!is_bool($approval)) - { - return "Error occurred"; - } - - if ($base64emblem) - { - if (!in_array($mimetype, array('image/png','image/jpeg'))) - { - return "Invalid image provided"; - } - - $textureUploadDirectory = $GLOBALS['thumbnailCDNPath']; //directory where the textures are stored - $emblemhash = genAssetHash(16); - - //check dimensions - $imagedetails = getimagesizefromstring($base64emblem); - - $img = imagecreatefromstring($base64emblem); - $width = imagesx($img); - $height = imagesy($img); - $tmp = imagecreatetruecolor(150, 150); - imagealphablending($tmp , false); - imagesavealpha($tmp , true); - imagecopyresampled($tmp, $img, 0, 0, 0, 0, 150, 150, $width, $height); - if (!imagepng($tmp, $textureUploadDirectory . $emblemhash)) { - return "Error occurred"; - } - - $creatorid = $GLOBALS['user']->id; - - $assetname = getGroupName($groupid) . " Emblem"; - - $GLOBALS['pdo']->exec("LOCK TABLES assets WRITE"); //lock since this stuff is sensitive - - $b = $GLOBALS['pdo']->prepare("SELECT * FROM assets"); - $b->execute(); - - //grab auto increment values - $autoincrement = $b->rowCount() + 1; //initial auto increment value - - //add texture to assets - $x = $GLOBALS['pdo']->prepare("INSERT INTO `assets`(`id`, `AssetTypeId`, `Name`, `Description`, `Created`, `Updated`, `CreatorId`, `TargetId`, `PriceInAlphabux`, `Sales`, `IsNew`, `IsForSale`, `IsPublicDomain`, `IsLimited`, `IsLimitedUnique`, `IsApproved`, `Remaining`, `MinimumMembershipLevel`, `ContentRatingTypeId`, `Favorited`, `Visited`, `MaxPlayers`, `UpVotes`, `DownVotes`, `Hash`) VALUES (:aid,22,:aname,'Group Emblem',UNIX_TIMESTAMP(),UNIX_TIMESTAMP(),:oid,:aid2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,:hash)"); - $x->bindParam(":aid", $autoincrement, PDO::PARAM_INT); - $x->bindParam(":aname", $assetname, PDO::PARAM_STR); - $x->bindParam(":oid", $creatorid, PDO::PARAM_INT); - $x->bindParam(":aid2", $autoincrement, PDO::PARAM_INT); - $x->bindParam(":hash", $emblemhash, PDO::PARAM_STR); - $x->execute(); - - $GLOBALS['pdo']->exec("UNLOCK TABLES"); - } - - $configgroup = $GLOBALS['pdo']->prepare("UPDATE groups SET description = :description, manualapproval = :approval" . (!empty($base64emblem) ? " ,emblem = ".$autoincrement."":"") . " WHERE id = :gid"); - $configgroup->bindParam(":gid", $groupid, PDO::PARAM_INT); - $configgroup->bindParam(":description", $description, PDO::PARAM_STR); - $configgroup->bindParam(":approval", $approval, PDO::PARAM_INT); - $configgroup->execute(); - - return true; - } - return "No permission"; -} - -function updateRole($groupid, $rank, $newrank, $name, $accessgroupwall, $postgroupwall, $deletegroupwallposts, $postgroupshout, $managelowerranks, $kicklowerranks, $acceptjoinrequests, $auditaccess) -{ - if (!$groupid || !is_int($groupid) || !$rank || !is_int($rank)) - { - return "Error Occurred"; - } - else - { - if (isGroupOwner($groupid)) - { - $grouproles = $GLOBALS['pdo']->prepare("SELECT * FROM group_roles WHERE groupid = :gid AND rank = :rank"); - $grouproles->bindParam(":gid", $groupid, PDO::PARAM_INT); - $grouproles->bindParam(":rank", $rank, PDO::PARAM_INT); - $grouproles->execute(); - if ($grouproles->rowCount() > 0) - { - $grouproles = $grouproles->fetch(PDO::FETCH_OBJ); - - if (!$name) - { - $name = $grouproles->rolename; - } - else - { - if (strlen($name) > 30) - { - return "Role name too long"; - } - else if (strlen($name) < 3) - { - return "Role name too short"; - } - } - - if ($grouproles->rank == $newrank || !$newrank || !is_int($newrank) || $grouproles->rank == 255) - { - $newrank = $grouproles->rank; - } - else - { - if (rankExists($groupid, $newrank)) - { - return "Rank " . $newrank . " already exists"; - } - else if ($newrank == 255) - { - return "Rank 255 is reserved for the Owner of the group"; - } - else if ($newrank < 1 || $newrank > 254) - { - return "Invalid Rank"; - } - } - - if (!is_bool($accessgroupwall) || $grouproles->rank == 255) - { - $accessgroupwall = $grouproles->AccessGroupWall; - } - if (!is_bool($postgroupwall) || $grouproles->rank == 255) - { - $postgroupwall = $grouproles->PostGroupWall; - } - if (!is_bool($deletegroupwallposts) || $grouproles->rank == 255) - { - $deletegroupwallposts = $grouproles->DeleteGroupWallPosts; - } - if (!is_bool($postgroupshout) || $grouproles->rank == 255) - { - $postgroupshout = $grouproles->PostGroupShout; - } - if (!is_bool($managelowerranks) || $grouproles->rank == 255) - { - $managelowerranks = $grouproles->ManageLowerRanks; - } - if (!is_bool($kicklowerranks) || $grouproles->rank == 255) - { - $kicklowerranks = $grouproles->KickLowerRanks; - } - if (!is_bool($acceptjoinrequests) || $grouproles->rank == 255) - { - $acceptjoinrequests = $grouproles->AcceptJoinRequests; - } - if (!is_bool($auditaccess) || $grouproles->rank == 255) - { - $auditaccess = $grouproles->ViewAuditLog; - } - - $updaterole = $GLOBALS['pdo']->prepare("UPDATE group_roles SET rolename = :rolename, rank = :newrank, AccessGroupWall = :groupwallaccess, PostGroupWall = :postgroupwall, DeleteGroupWallPosts = :deletegroupwallposts, PostGroupShout = :postgroupshout, ManageLowerRanks = :managelowerranks, KickLowerRanks = :kicklowerranks, AcceptJoinRequests = :acceptjoinrequest, ViewAuditLog = :viewauditlog WHERE groupid = :gid AND rank = :rank"); - $updaterole->bindParam(":rolename", $name, PDO::PARAM_STR); - $updaterole->bindParam(":newrank", $newrank, PDO::PARAM_INT); - $updaterole->bindParam(":groupwallaccess", $accessgroupwall, PDO::PARAM_INT); - $updaterole->bindParam(":postgroupwall", $postgroupwall, PDO::PARAM_INT); - $updaterole->bindParam(":deletegroupwallposts", $deletegroupwallposts, PDO::PARAM_INT); - $updaterole->bindParam(":postgroupshout", $postgroupshout, PDO::PARAM_INT); - $updaterole->bindParam(":managelowerranks", $managelowerranks, PDO::PARAM_INT); - $updaterole->bindParam(":kicklowerranks", $kicklowerranks, PDO::PARAM_INT); - $updaterole->bindParam(":acceptjoinrequest", $acceptjoinrequests, PDO::PARAM_INT); - $updaterole->bindParam(":viewauditlog", $auditaccess, PDO::PARAM_INT); - $updaterole->bindParam(":gid", $groupid, PDO::PARAM_INT); - $updaterole->bindParam(":rank", $rank, PDO::PARAM_INT); - if ($updaterole->execute()) - { - return true; - } - return "Error occurred"; - } - return "Group rank doesn't exist"; - } - return "No permission"; - } -} - -function updateUserRank($groupid, $userid, $rank) -{ - $localplayer = $GLOBALS['user']->id; - - if (!$groupid || !is_int($groupid) || !$rank || !is_int($rank) || !$userid || !is_int($userid)) - { - return "Error occurred"; - } - else if (!manageLowerRankPermission($groupid) || getRank($userid, $groupid) >= getRank($localplayer, $groupid)) - { - return "No permission"; - } - else if (getRank($userid, $groupid) == 255) - { - return "Cannot change rank of group Owner"; - } - else if ($rank == 255) - { - return "Rank 255 is reserved for the Owner of the group"; - } - else if (!rankExists($groupid, $rank)) - { - return "Rank " . $rank . " doesn't exist"; - } - else - { - $updateuser = $GLOBALS['pdo']->prepare("UPDATE `group_members` SET rank = :rank WHERE userid = :userid AND groupid = :groupid"); - $updateuser->bindParam(":rank", $rank, PDO::PARAM_INT); - $updateuser->bindParam(":userid", $userid, PDO::PARAM_INT); - $updateuser->bindParam(":groupid", $groupid, PDO::PARAM_INT); - $updateuser->execute(); - if ($updateuser->rowCount() > 0) - { - return true; - } - return "Error occurred"; - } -} - -function exileUser($groupid, $userid) -{ - if (isGroupOwner($groupid)) - { - if (isGroupMember($userid, $groupid)) - { - if (getRank($userid, $groupid) != 255) - { - $deleteuser = $GLOBALS['pdo']->prepare("DELETE FROM group_members WHERE userid = :userid AND groupid = :groupid"); - $deleteuser->bindParam(":userid", $userid, PDO::PARAM_INT); - $deleteuser->bindParam(":groupid", $groupid, PDO::PARAM_INT); - $deleteuser->execute(); - if ($deleteuser->rowCount() > 0) - { - return true; - } - } - return "Error occurred"; - } - return "Member doesn't exist"; - } - return "No permission"; -} - -function leaveGroup($groupid) -{ - $localplayer = $GLOBALS['user']->id; - - if (!isGroupOwner($groupid) && isGroupMember($localplayer, $groupid) && !isPendingRequest($groupid)) - { - $deletegroupuser = $GLOBALS['pdo']->prepare("DELETE FROM group_members WHERE userid = :userid AND groupid = :groupid"); - $deletegroupuser->bindParam(":userid", $localplayer, PDO::PARAM_INT); - $deletegroupuser->bindParam(":groupid", $groupid, PDO::PARAM_INT); - $deletegroupuser->execute(); - if ($deletegroupuser->rowCount() > 0) - { - return true; - } - } - return "Error occurred"; -} - -function performJoinGroup($groupid, $userid) //performs actual joining group -{ - $getrole = $GLOBALS['pdo']->prepare("SELECT * FROM `group_roles` WHERE groupid = :groupid ORDER BY rank ASC LIMIT 1"); //lowest rank available - $getrole->bindParam(":groupid", $groupid, PDO::PARAM_INT); - $getrole->execute(); - if ($getrole->rowCount() > 0) - { - $getrole = $getrole->fetch(PDO::FETCH_OBJ)->rank; - - $join = $GLOBALS['pdo']->prepare("INSERT INTO group_members(userid, groupid, rank, whenJoined) VALUES(:userid, :groupid, :rank, UNIX_TIMESTAMP())"); - $join->bindParam(":userid", $userid, PDO::PARAM_INT); - $join->bindParam(":groupid", $groupid, PDO::PARAM_INT); - $join->bindParam(":rank", $getrole, PDO::PARAM_INT); - $join->execute(); - if ($join->rowCount() > 0) - { - return true; - } - } - return false; -} - -function attemptJoinGroup($groupid) //called by the API -{ - $localplayer = $GLOBALS['user']->id; - - if (groupExists($groupid)) - { - if (!isGroupMember($localplayer, $groupid) && !isPendingRequest($groupid)) - { - if (isManualApproval($groupid)) - { - //handle manual approvals - if (newJoinRequest($groupid)) - { - return true; - } - } - else - { - //handle joining without approval - if (performJoinGroup($groupid, $localplayer)) - { - return true; - } - } - } - return "Already Joined"; - } - return "Failure joining group"; -} - -function deletePost($postid, $groupid) -{ - if (wallDeletePermission($groupid)) - { - $deletepost = $GLOBALS['pdo']->prepare("DELETE FROM group_posts WHERE id = :id AND groupid = :groupid"); //lowest rank available - $deletepost->bindParam(":id", $postid, PDO::PARAM_INT); - $deletepost->bindParam(":groupid", $groupid, PDO::PARAM_INT); - $deletepost->execute(); - if ($deletepost->rowCount() > 0) - { - return true; - } - return "Post not found"; - } - return "No permission"; -} - -function deleteRequest($groupid, $userid) -{ - $deleterequest = $GLOBALS['pdo']->prepare("DELETE FROM group_join_requests WHERE groupid = :groupid AND userid = :userid"); - $deleterequest->bindParam(":groupid", $groupid, PDO::PARAM_INT); - $deleterequest->bindParam(":userid", $userid, PDO::PARAM_INT); - $deleterequest->execute(); - if ($deleterequest->rowCount() > 0) - { - return true; - } - return false; -} - -function denyRequest($groupid, $userid) -{ - if (isGroupOwner($groupid)) - { - if (deleteRequest($groupid, $userid)) - { - return true; - } - } - return "Error occurred"; -} - -function approveRequest($groupid, $userid) -{ - if (isGroupOwner($groupid)) - { - if (deleteRequest($groupid, $userid)) - { - if (performJoinGroup($groupid, $userid)) - { - return true; - } - } - } - return "Error occurred"; -} - -function newJoinRequest($groupid) -{ - $localplayer = $GLOBALS['user']->id; - - $newrequest = $GLOBALS['pdo']->prepare("INSERT INTO `group_join_requests`(`groupid`, `userid`, `whenRequested`) VALUES (:groupid, :userid, UNIX_TIMESTAMP())"); - $newrequest->bindParam(":groupid", $groupid, PDO::PARAM_INT); - $newrequest->bindParam(":userid", $localplayer, PDO::PARAM_INT); - $newrequest->execute(); - if ($newrequest->rowCount() > 0) - { - return true; - } - return false; -} - -function createRole($groupid, $name, $rank) -{ - if (!$groupid || !is_int($groupid) || !$rank || !is_int($rank)) - { - return "Error occurred"; - } - else if (!$rank || !is_int($rank) || $rank < 0) - { - return "Invalid rank"; - } - else if (!isGroupOwner($groupid)) - { - return "No permission"; - } - else if ($rank == 255) - { - return "Rank 255 is reserved for the Owner of the group"; - } - else if (rankExists($groupid, $rank)) - { - return "Rank " . $rank . " already exists"; - } - else if (strlen($name) > 30) - { - return "Role name too long"; - } - else if (strlen($name) < 3) - { - return "Role name too short"; - } - else - { - $interval = 0; - $intervalcheck = $GLOBALS['pdo']->prepare("SELECT * FROM group_roles WHERE groupid = :groupid ORDER BY whenCreated DESC LIMIT 1"); - $intervalcheck->bindParam(":groupid", $groupid, PDO::PARAM_INT); - $intervalcheck->execute(); - - if ($intervalcheck->rowCount() > 0) //we dont want to be calling an object that is NULL - { - $interval = (int)$intervalcheck->fetch(PDO::FETCH_OBJ)->whenCreated; - } - - if(($interval + (60)) < time()) //60 second interval - { - $name = cleanInput($name); - - $newrole = $GLOBALS['pdo']->prepare("INSERT INTO `group_roles` (`groupid`, `rolename`, `rank`, `AccessGroupWall`, `PostGroupWall`, `DeleteGroupWallPosts`, `PostGroupShout`, `ManageLowerRanks`, `KickLowerRanks`, `AcceptJoinRequests`, `ViewAuditLog`, `whenCreated`) VALUES (:groupid, :rolename, :rank, '1', '1', '0', '0', '0', '0', '0', '0', UNIX_TIMESTAMP())"); - $newrole->bindParam(":groupid", $groupid, PDO::PARAM_INT); - $newrole->bindParam(":rolename", $name, PDO::PARAM_STR); - $newrole->bindParam(":rank", $rank, PDO::PARAM_INT); - $newrole->execute(); - if ($newrole->rowCount() > 0) - { - removeCurrency(15, "Purchase of role groupid ".$groupid); - return true; - } - } - return "Please wait before creating another role"; - } - return "Error occurred"; -} - -function rankExists($groupid, $rank) -{ - $role = $GLOBALS['pdo']->prepare("SELECT * FROM group_roles WHERE groupid = :groupid AND rank = :rank"); - $role->bindParam(":groupid", $groupid, PDO::PARAM_INT); - $role->bindParam(":rank", $rank, PDO::PARAM_INT); - $role->execute(); - if ($role->rowCount() > 0) - { - return true; - } - return false; -} - -function groupExists($groupid) -{ - $group = $GLOBALS['pdo']->prepare("SELECT * FROM groups WHERE id = :u"); - $group->bindParam(":u", $groupid, PDO::PARAM_INT); - $group->execute(); - if ($group->rowCount() > 0) - { - return true; - } - return false; -} - -function groupNameExists($name) -{ - $checkname = $GLOBALS['pdo']->prepare("SELECT * FROM groups WHERE name = :na"); - $checkname->bindParam(":na", $name, PDO::PARAM_STR); - $checkname->execute(); - if ($checkname->rowCount() > 0) - { - return true; - } - return false; -} - -function getGroupName($id) -{ - $name = $GLOBALS['pdo']->prepare("SELECT * FROM groups WHERE id = :u"); - $name->bindParam(":u", $id, PDO::PARAM_INT); - $name->execute(); - $name = $name->fetch(PDO::FETCH_OBJ); - return $name->name; -} - -function getRankName($rank, $groupid) -{ - $name = $GLOBALS['pdo']->prepare("SELECT * FROM group_roles WHERE groupid = :gid AND rank = :rank"); - $name->bindParam(":gid", $groupid, PDO::PARAM_INT); - $name->bindParam(":rank", $rank, PDO::PARAM_INT); - $name->execute(); - return $name->fetch(PDO::FETCH_OBJ)->rolename; -} - -function getUserRankName($userid, $groupid) -{ - return getRankName(groupMemberInfo($groupid, $userid)->rank, $groupid); -} - -function getRank($userid, $groupid) -{ - if (isGroupMember($userid, $groupid)) - { - return groupMemberInfo($groupid, $userid)->rank; - } -} - -function getGroupDescription($id) -{ - $name = $GLOBALS['pdo']->prepare("SELECT * FROM groups WHERE id = :u"); - $name->bindParam(":u", $id, PDO::PARAM_INT); - $name->execute(); - $name = $name->fetch(PDO::FETCH_OBJ); - return $name->description; -} - -function groupMemberCount($groupid) -{ - $count = $GLOBALS['pdo']->prepare("SELECT * FROM group_members WHERE groupid = :gid"); - $count->bindParam(":gid", $groupid, PDO::PARAM_INT); - $count->execute(); - return $count->rowCount(); -} - -function rankMemberCount($groupid, $rank) -{ - $count = $GLOBALS['pdo']->prepare("SELECT * FROM group_members WHERE groupid = :gid AND rank = :r"); - $count->bindParam(":gid", $groupid, PDO::PARAM_INT); - $count->bindParam(":r", $rank, PDO::PARAM_INT); - $count->execute(); - return $count->rowCount(); -} - -function isGroupMember($userid, $groupid) -{ - $member = $GLOBALS['pdo']->prepare("SELECT * FROM group_members WHERE userid = :uid AND groupid = :gid"); - $member->bindParam(":uid", $userid, PDO::PARAM_INT); - $member->bindParam(":gid", $groupid, PDO::PARAM_INT); - $member->execute(); - - if ($member->rowCount() > 0) - { - return true; - } - return false; -} - -function groupMemberInfo($groupid, $userid) -{ - $member = $GLOBALS['pdo']->prepare("SELECT * FROM group_members WHERE userid = :uid AND groupid = :gid"); - $member->bindParam(":uid", $userid, PDO::PARAM_INT); - $member->bindParam(":gid", $groupid, PDO::PARAM_INT); - $member->execute(); - return $member->fetch(PDO::FETCH_OBJ); -} - -function groupRoleInfo($groupid, $rank) -{ - $role = $GLOBALS['pdo']->prepare("SELECT * FROM group_roles WHERE groupid = :gid AND rank = :r"); - $role->bindParam(":gid", $groupid, PDO::PARAM_INT); - $role->bindParam(":r", $rank, PDO::PARAM_INT); - $role->execute(); - return $role->fetch(PDO::FETCH_OBJ); -} - -function isGroupOwner($groupid) -{ - $localplayer = $GLOBALS['user']->id; - - $owner = $GLOBALS['pdo']->prepare("SELECT * FROM groups WHERE id = :gid AND creatorid = :cid"); - $owner->bindParam(":gid", $groupid, PDO::PARAM_INT); - $owner->bindParam(":cid", $localplayer, PDO::PARAM_INT); - $owner->execute(); - if ($owner->rowCount() > 0 || $GLOBALS['user']->IsAdmin()) - { - return true; - } - return false; -} - -function isPendingRequest($groupid) -{ - $localplayer = $GLOBALS['user']->id; - - $pending = $GLOBALS['pdo']->prepare("SELECT * FROM group_join_requests WHERE groupid = :gid AND userid = :uid"); - $pending->bindParam(":gid", $groupid, PDO::PARAM_INT); - $pending->bindParam(":uid", $localplayer, PDO::PARAM_INT); - $pending->execute(); - if ($pending->rowCount() > 0) - { - return true; - } - return false; -} - -function isManualApproval($groupid) -{ - $manual = $GLOBALS['pdo']->prepare("SELECT * FROM groups WHERE id = :gid AND manualapproval = 1"); - $manual->bindParam(":gid", $groupid, PDO::PARAM_INT); - $manual->execute(); - if ($manual->rowCount() > 0) - { - return true; - } - return false; -} - -function submitPost($groupid, $post) -{ - $post = cleanInput($post); - $interval = 0; - $localuser = $GLOBALS['user']->id; - - if (wallPostPermission($groupid)) - { - $intervalcheck = $GLOBALS['pdo']->prepare("SELECT * FROM group_posts WHERE userid = :u ORDER BY postdate DESC LIMIT 1"); - $intervalcheck->bindParam(":u", $localuser, PDO::PARAM_INT); - $intervalcheck->execute(); - - if ($intervalcheck->rowCount() > 0) //we dont want to be calling an object that is NULL - { - $interval = (int)$intervalcheck->fetch(PDO::FETCH_OBJ)->postdate; - } - - if(($interval + (60)) < time()) //60 second interval - { - if(strlen($post) < 4) - { - return "Post too short, must be above 4 Characters"; - } - elseif(strlen($post) > 256) - { - return "Post too long, must be under 256 Characters"; - } - else - { - $newpost = $GLOBALS['pdo']->prepare("INSERT INTO group_posts(userid, groupid, post, postdate) VALUES(:u, :gid, :p, UNIX_TIMESTAMP())"); - $newpost->bindParam(":u", $localuser, PDO::PARAM_INT); - $newpost->bindParam(":gid", $groupid, PDO::PARAM_INT); - $newpost->bindParam(":p", $post, PDO::PARAM_INT); - if ($newpost->execute()) - { - return true; - } - return "An error has occurred"; - } - } - return "Please wait before posting again"; - } - return "No permission to post"; -} - -function wallViewPermission($groupid) -{ - $localplayer = $GLOBALS['user']->id; - - if (isGroupMember($localplayer, $groupid)) - { - $role = groupRoleInfo($groupid, groupMemberInfo($groupid, $localplayer)->rank); - - if ($role->AccessGroupWall == 1 || $GLOBALS['user']->IsAdmin()) - { - return true; - } - } - return false; -} - -function wallPostPermission($groupid) -{ - $localplayer = $GLOBALS['user']->id; - - if (isGroupMember($localplayer, $groupid)) - { - $role = groupRoleInfo($groupid, groupMemberInfo($groupid, $localplayer)->rank); - - if ($role->PostGroupWall == 1 || $GLOBALS['user']->IsAdmin()) - { - return true; - } - } - return false; -} - -function wallDeletePermission($groupid) -{ - $localplayer = $GLOBALS['user']->id; - - if (isGroupMember($localplayer, $groupid)) - { - $role = groupRoleInfo($groupid, groupMemberInfo($groupid, $localplayer)->rank); - - if ($role->DeleteGroupWallPosts == 1 || $GLOBALS['user']->IsAdmin()) - { - return true; - } - } - return false; -} - -function postShoutPermission($groupid) -{ - $localplayer = $GLOBALS['user']->id; - - if (isGroupMember($localplayer, $groupid)) - { - $role = groupRoleInfo($groupid, groupMemberInfo($groupid, $localplayer)->rank); - - if ($role->PostGroupShout == 1 || $GLOBALS['user']->IsAdmin()) - { - return true; - } - } - return false; -} - -function manageLowerRankPermission($groupid) -{ - $localplayer = $GLOBALS['user']->id; - - if (isGroupMember($localplayer, $groupid)) - { - $role = groupRoleInfo($groupid, groupMemberInfo($groupid, $localplayer)->rank); - - if ($role->ManageLowerRanks == 1 || $GLOBALS['user']->IsAdmin()) - { - return true; - } - } - return false; -} - -function kickLowerRankPermission($groupid) -{ - $localplayer = $GLOBALS['user']->id; - - if (isGroupMember($localplayer, $groupid)) - { - $role = groupRoleInfo($groupid, groupMemberInfo($groupid, $localplayer)->rank); - - if ($role->KickLowerRanks == 1 || $GLOBALS['user']->IsAdmin()) - { - return true; - } - } - return false; -} - -function acceptJoinRequestPermission($groupid) -{ - $localplayer = $GLOBALS['user']->id; - - if (isGroupMember($localplayer, $groupid)) - { - $role = groupRoleInfo($groupid, groupMemberInfo($groupid, $localplayer)->rank); - - if ($role->AcceptJoinRequests == 1 || $GLOBALS['user']->IsAdmin()) - { - return true; - } - } - return false; -} - -function viewAuditLogPermission($groupid) -{ - $localplayer = $GLOBALS['user']->id; - - if (isGroupMember($localplayer, $groupid)) - { - $role = groupRoleInfo($groupid, groupMemberInfo($groupid, $localplayer)->rank); - - if ($role->ViewAuditLog == 1 || $GLOBALS['user']->IsAdmin()) - { - return true; - } - } - return false; -} - -function configPermission($groupid) -{ - $localplayer = $GLOBALS['user']->id; - - if (isGroupMember($localplayer, $groupid) || $GLOBALS['user']->IsAdmin()) - { - if (manageLowerRankPermission($groupid) || kickLowerRankPermission($groupid) || acceptJoinRequestPermission($groupid) || viewAuditLogPermission($groupid) || $GLOBALS['user']->IsAdmin()) - { - return true; - } - } - return false; -} - -// ... - //asset functions function availableAssetId() { diff --git a/html/groups/config.php b/html/groups/config.php index dc3645c..49dac2d 100644 --- a/html/groups/config.php +++ b/html/groups/config.php @@ -1,10 +1,12 @@ id, $groupid)) { http_response_code(404); } diff --git a/html/groups/index.php b/html/groups/index.php index 612a6d4..d67ad5e 100644 --- a/html/groups/index.php +++ b/html/groups/index.php @@ -1,12 +1,14 @@ name; @@ -22,10 +25,14 @@ if (!$data) } else { - $newgroup = createGroup($name, $description, $joinapprovals, $img); - if ($newgroup === true) { - $newgroup = "Group Created"; + $newgroup = null; + try { + if (Group::Create($name, $description, $joinapprovals, $user->id, $img)) { + $newgroup = "Group Created"; + } + } catch (Exception $e) { + $newgroup = $e->getMessage(); } - header('Content-Type: application/json'); + echo json_encode(array("alert" => $newgroup)); } \ No newline at end of file diff --git a/html_api/group/info.php b/html_api/group/info.php index 10394ea..0040be1 100644 --- a/html_api/group/info.php +++ b/html_api/group/info.php @@ -6,6 +6,9 @@ Alphaland 2021 //headers + +use Alphaland\Groups\Group; + header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); @@ -14,7 +17,7 @@ header('Content-Type: application/json'); //get params $groupid = (int)$_GET['id']; -if (!groupExists($groupid)) +if (!Group::Exists($groupid)) { die("{}"); } @@ -40,23 +43,23 @@ $itemInfo = array( "id" => $id, "name" => $name, "description" => $description, - "members" => groupMemberCount($groupid), + "members" => Group::MemberCount($groupid), "creatorname" => getUsername($creatorid), "creatorid" => $creatorid, - "manualJoinRequests" => isManualApproval($groupid), - "pendingJoin" => isPendingRequest($groupid), - "groupMember" => isGroupMember($user->id, $groupid), - "groupOwner" => isGroupOwner($groupid), - "configPermission" => configPermission($groupid), + "manualJoinRequests" => Group::IsManualApproval($groupid), + "pendingJoin" => Group::IsPendingRequest($user->id, $groupid), + "groupMember" => Group::IsMember($user->id, $groupid), + "groupOwner" => Group::IsOwner($user->id, $groupid), + "configPermission" => Group::ConfigPermission($user->id, $groupid), //"leavePermission" => - "wallViewPermission" => wallViewPermission($groupid), - "wallPostPermission" => wallPostPermission($groupid), - "wallDeletePermission" => wallDeletePermission($groupid), - "postShoutPermission" => postShoutPermission($groupid), - "manageLowerRankPermission" => manageLowerRankPermission($groupid), - "kickLowerRankPermission" => kickLowerRankPermission($groupid), - "acceptJoinRequestPermission" => acceptJoinRequestPermission($groupid), - "viewAuditLogPermission" => viewAuditLogPermission($groupid), + "wallViewPermission" => Group::WallViewPermission($user->id, $groupid), + "wallPostPermission" => Group::WallPostPermission($user->id, $groupid), + "wallDeletePermission" => Group::WallDeletePermission($user->id, $groupid), + "postShoutPermission" => Group::PostShoutPermission($user->id, $groupid), + "manageLowerRankPermission" => Group::ManageLowerRankPermission($user->id, $groupid), + "kickLowerRankPermission" => Group::KickLowerRankPermission($user->id, $groupid), + "acceptJoinRequestPermission" => Group::AcceptJoinRequestPermission($user->id, $groupid), + "viewAuditLogPermission" => Group::ViewAuditLogPermission($user->id, $groupid), "emblem" => getAssetRender($emblem) ) ); diff --git a/html_api/group/join.php b/html_api/group/join.php index ee4ee18..0672639 100644 --- a/html_api/group/join.php +++ b/html_api/group/join.php @@ -6,9 +6,12 @@ Alphaland 2021 //headers -header("Access-Control-Allow-Origin: https://www.alphaland.cc"); +use Alphaland\Groups\Group; + +header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); +header('Content-Type: application/json'); $groupid = $_GET['id']; @@ -18,10 +21,14 @@ if (!$groupid) } else { - $joingroup = attemptJoinGroup($groupid); - if ($joingroup === true) { - $joingroup = "Joined Group"; + $joingroup = null; + try { + if (Group::Join($groupid, $user->id)) { + $joingroup = "Joined Group"; + } + } catch (Exception $e) { + $joingroup = $e->getMessage(); } - header('Content-Type: application/json'); + echo json_encode(array("alert" => $joingroup)); } \ No newline at end of file diff --git a/html_api/group/leave.php b/html_api/group/leave.php index 56a920c..faeb124 100644 --- a/html_api/group/leave.php +++ b/html_api/group/leave.php @@ -6,9 +6,12 @@ Alphaland 2021 //headers -header("Access-Control-Allow-Origin: https://www.alphaland.cc"); +use Alphaland\Groups\Group; + +header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); +header('Content-Type: application/json'); $groupid = $_GET['id']; @@ -18,10 +21,14 @@ if (!$groupid) } else { - $leavegroup = leaveGroup($groupid); - if ($leavegroup === true) { - $leavegroup = "Left Group"; + $leavegroup = null; + try { + if (Group::Leave($user->id, $groupid)) { + $leavegroup = "Left Group"; + } + } catch (Exception $e) { + $leavegroup = $e->getMessage(); } - header('Content-Type: application/json'); + echo json_encode(array("alert" => $leavegroup)); } \ No newline at end of file diff --git a/html_api/group/members.php b/html_api/group/members.php index 7a4acdc..a80dfe3 100644 --- a/html_api/group/members.php +++ b/html_api/group/members.php @@ -6,6 +6,9 @@ */ //headers + +use Alphaland\Groups\Group; + header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); @@ -19,7 +22,7 @@ $page = $_GET['page']; $limit = $_GET['limit']; //initial checks -if (!groupid || !$limit || !$page) +if (!$groupid || !$limit || !$page) { http_response_code(400); } @@ -72,7 +75,7 @@ foreach($members as $member) "username" => $username, "userid" => $userid, "thumbnail" => $thumbnail, - "rankname" => getRankName($rank, $groupid), + "rankname" => Group::GetRankName($rank, $groupid), "rank" => $rank ); array_push($jsonData, $membersInfo); diff --git a/html_api/group/posts.php b/html_api/group/posts.php index 3166b27..167b8ad 100644 --- a/html_api/group/posts.php +++ b/html_api/group/posts.php @@ -6,6 +6,9 @@ Alphaland 2021 //headers + +use Alphaland\Groups\Group; + header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); @@ -17,7 +20,7 @@ $page = $_GET['page']; $limit = $_GET['limit']; //people without permission cant go snooping from the api -if (!wallViewPermission($groupid)) +if (!Group::WallViewPermission($user->id, $groupid)) { http_response_code(400); } diff --git a/html_api/group/roles.php b/html_api/group/roles.php index fff8a9d..8bdb121 100644 --- a/html_api/group/roles.php +++ b/html_api/group/roles.php @@ -6,6 +6,9 @@ Alphaland 2021 //headers + +use Alphaland\Groups\Group; + header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); @@ -43,7 +46,7 @@ foreach($roles as $role) $roleInfo = array( "name" => $rolename, - "members" => rankMemberCount($groupid, $rolerank), + "members" => Group::RankMemberCount($groupid, $rolerank), "rank" => $rolerank, "wallViewPermission" => $accessgroupwall, "wallPostPermission" => $postgroupwall, diff --git a/html_api/group/submitpost.php b/html_api/group/submitpost.php index 6738570..cf02042 100644 --- a/html_api/group/submitpost.php +++ b/html_api/group/submitpost.php @@ -6,12 +6,15 @@ Alphaland 2021 //headers -header("Access-Control-Allow-Origin: https://www.alphaland.cc"); +use Alphaland\Groups\Group; + +header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); +header('Content-Type: application/json'); $groupid = (int)$_GET['groupid']; -$post = cleanInput(json_decode(file_get_contents('php://input'))->post); +$post = json_decode(file_get_contents('php://input'))->post; if (!$groupid) { @@ -19,10 +22,13 @@ if (!$groupid) } else { - $placepost = submitPost($groupid, $post); - if ($placepost === true) { - $placepost = "Post Placed"; + $placepost = null; + try { + if (Group::CreatePost($groupid, $user->id, $post)) { + $placepost = "Post Placed"; + } + } catch (Exception $e) { + $placepost = $e->getMessage(); } - header('Content-Type: application/json'); echo json_encode(array("alert" => $placepost)); } \ No newline at end of file diff --git a/html_api/group/update.php b/html_api/group/update.php index cce32c5..90df24e 100644 --- a/html_api/group/update.php +++ b/html_api/group/update.php @@ -6,9 +6,12 @@ Alphaland 2021 //headers -header("Access-Control-Allow-Origin: https://www.alphaland.cc"); +use Alphaland\Groups\Group; + +header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); +header('Content-Type: application/json'); $groupid = (int)$_GET['id']; $updateinfo = (bool)$_GET['updateinfo']; @@ -28,13 +31,20 @@ if (!$data || !$groupid) } else { - $updategroup = ""; + $updategroup = false; if ($updateinfo) //can be modified with configpermission (Should this be owner only?)(only general info) { $description = $data->description; $joinapprovals = (bool)$data->approvals; $img = $data->emblem; - $updategroup = updateGeneralConfig($groupid, $description, $joinapprovals, $img); + + try { + if (Group::UpdateGeneralConfig($groupid, $description, $joinapprovals, $img)) { + $updategroup = true; + } + } catch (Exception $e) { + $updategroup = $e->getMessage(); + } } else if ($updaterole) //owner restricted { @@ -49,39 +59,87 @@ else $kicklowerranks = $data->KickLowerRanks; $acceptjoinrequests = $data->AcceptJoinRequests; $auditaccess = $data->ViewAuditLog; - $updategroup = updateRole($groupid, $rank, $newrank, $name, $accessgroupwall, $postgroupwall, $deletegroupwallposts, $postgroupshout, $managelowerranks, $kicklowerranks, $acceptjoinrequests, $auditaccess); + + try { + if (Group::UpdateRole($groupid, $rank, $newrank, $name, $accessgroupwall, $postgroupwall, $deletegroupwallposts, $postgroupshout, $managelowerranks, $kicklowerranks, $acceptjoinrequests, $auditaccess)) { + $updategroup = true; + } + } catch (Exception $e) { + $updategroup = $e->getMessage(); + } } else if ($newrole) //owner restricted { $name = $data->name; $rank = $data->rank; - $updategroup = createRole($groupid, $name, $rank); + + try { + if (Group::CreateRole($groupid, $name, $rank)) { + $updategroup = true; + } + } catch (Exception $e) { + $updategroup = $e->getMessage(); + } } else if ($userrank) //manageLowerRankPermission needed { $userid = $data->userid; $rank = $data->rank; - $updategroup = updateUserRank($groupid, $userid, $rank); + + try { + if (Group::UpdateUserRank($groupid, $userid, $rank)) { + $updategroup = true; + } + } catch (Exception $e) { + $updategroup = $e->getMessage(); + } } else if ($exileuser) //restricted to owner for now { $userid = $data->userid; - $updategroup = exileUser($groupid, $userid); + + try { + if (Group::ExileUser($groupid, $userid)) { + $updategroup = true; + } + } catch (Exception $e) { + $updategroup = $e->getMessage(); + } } else if ($approverequest) //restricted to owner for now { $userid = $data->userid; - $updategroup = approveRequest($groupid, $userid); + try { + if (Group::ApproveJoinRequest($groupid, $userid)) { + $updategroup = true; + } + } catch (Exception $e) { + $updategroup = $e->getMessage(); + } } else if ($denyrequest) //restricted to group owner for now { $userid = $data->userid; - $updategroup = denyRequest($groupid, $userid); + + try { + if (Group::DeleteJoinRequest($groupid, $userid)) { + $updategroup = true; + } + } catch (Exception $e) { + $updategroup = $e->getMessage(); + } } else if ($deletepost) //requires delete permission { $postid = $data->postid; - $updategroup = deletePost($postid, $groupid); + + try { + if (Group::DeletePost($postid, $groupid)) { + $updategroup = true; + } + } catch (Exception $e) { + $updategroup = $e->getMessage(); + } } else { @@ -91,7 +149,5 @@ else if ($updategroup === true) { $updategroup = "Group Updated"; } - - header('Content-Type: application/json'); echo json_encode(array("alert" => $updategroup)); } \ No newline at end of file diff --git a/html_api/groups/index.php b/html_api/groups/index.php index 86a927f..a0f99b3 100644 --- a/html_api/groups/index.php +++ b/html_api/groups/index.php @@ -6,6 +6,9 @@ Alphaland 2021 //headers + +use Alphaland\Groups\Group; + header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); @@ -70,7 +73,7 @@ foreach($groups as $group) $groupid = $group['id']; $name = cleanOutput($group['name']); $desc = cleanOutput($group['description']); - $members = groupMemberCount($groupid); + $members = Group::MemberCount($groupid); $creatorid = $group['creatorid']; $emblem = $group['emblem']; diff --git a/html_api/users/groups.php b/html_api/users/groups.php index 66a9e66..6eafad4 100644 --- a/html_api/users/groups.php +++ b/html_api/users/groups.php @@ -6,6 +6,9 @@ Alphaland 2021 //headers + +use Alphaland\Groups\Group; + header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); @@ -85,8 +88,8 @@ foreach($groups as $group) "id" => $id, "name" => $name, "description" => $description, - "members" => groupMemberCount($id), - "rank" => getRankName(getRank($userid,$id), $id), + "members" => Group::MemberCount($id), + "rank" => Group::GetUserRankName($userid, $id), "emblem" => $emblem );