first commit

README.md

@@ -0,0 +1 @@
+# camagru

config/database.php

@@ -0,0 +1,5 @@
+<?php
+    $DB_DSN = "mysql:host=localhost";
+    $DB_USER = "root";
+    $DB_PASSWORD = "root";
+?>

config/setup.php

@@ -0,0 +1,56 @@
+<?php
+
+
+require 'database.php';
+
+$dbname = "Camagru";
+
+try {
+	$conn = new PDO($DB_DSN, $DB_USER, $DB_PASSWORD);
+	// set the PDO error mode to exception
+	$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+	$sql = "CREATE DATABASE $dbname";
+	$conn->exec($sql);
+	// sql to create table
+	$sql = "CREATE TABLE $dbname.user (
+		  uid int(11) NOT NULL AUTO_INCREMENT PRIMARY KEY,
+		  login char(50) NOT NULL,
+		  pass text NOT NULL,
+		  mail char(50) NOT NULL,
+		  validated boolean DEFAULT '1' NOT NULL
+		)";
+
+	// use exec() because no results are returned
+	$conn->exec($sql);
+	echo "Table user created successfully".PHP_EOL;
+	$sql = "CREATE TABLE $dbname.pictures (
+			pic_id int not null AUTO_INCREMENT PRIMARY  KEY,
+			user_pseudo char(50) NOT NULL,
+			pic_path text not NULL 
+			)";
+	$conn->exec($sql);
+	echo "Table pictures created successfully".PHP_EOL;
+
+	$sql = "CREATE TABLE $dbname.comments (
+			com_id int not null AUTO_INCREMENT PRIMARY  KEY,
+			user_pseudo char(50) NOT NULL,
+			pic_id int not NULL,
+			com text not null
+			)";
+	$conn->exec($sql);
+	echo "Table comments created successfully".PHP_EOL;
+
+	$sql = "CREATE TABLE $dbname.likes (
+			like_id int not null AUTO_INCREMENT PRIMARY  KEY,
+			user_pseudo char(50) NOT NULL,
+			pic_id int not NULL
+			)";
+	$conn->exec($sql);
+	echo "Table likes created successfully".PHP_EOL;
+}
+catch(PDOException $e)
+{
+	echo $sql . "\n" . $e->getMessage();
+}
+
+?>

db.php

@@ -0,0 +1,30 @@
+<?php
+
+require 'sql.php';
+
+
+function removeFromDb ($id) {
+    insert("DELETE FROM pictures WHERE pic_id = $id");
+}
+
+function delComment ($id){
+    insert("delete from comments where com_id = $id");
+}
+
+function like ($id, $user){
+    $like = select("select * from likes where pic_id = $id and user_pseudo = '$user'");
+    if (empty($like))
+        insert("insert into likes VALUES (null, '$user', $id)");
+    else
+        insert("delete from likes WHERE pic_id = $id and user_pseudo = '$user'");
+}
+
+//    print_r($_POST);
+
+    if ($_POST['com_id'])
+        delComment($_POST['com_id']);
+    elseif ($_POST['like'])
+        like($_POST['pic_id'], $_POST['user']);
+    else
+        removeFromDb($_POST['pic_id']);
+?>

footer.php

@@ -0,0 +1,3 @@
+<div id="footer">
+    <p><i>Made by me : <a href="https://profile.intra.42.fr/users/nbouliol" target="_blank" style="color:red;">nbouliol</a></i></p>
+</div>

forgot.php

@@ -0,0 +1,27 @@
+<?php
+    require 'header.php';
+?>
+<div id="forgot">
+    <h2>You forgot your password ?</h2>
+    <form  method="POST" >
+        Login / mail: <input type="text" name="login" value="" />
+        <input type="submit" name="submit" value="OK" />
+    </form>
+</div>
+
+<?php
+    if ($_POST['submit']) {
+        $mail = $_POST['login'];
+        $user = select("select * from user where mail = '$mail' or login = '$mail'")[0];
+        if (!empty($user)) {
+            $hmail = hash('whirlpool', $user['mail']);
+            $folder = substr_replace($_SERVER['REQUEST_URI'], '', strrpos($_SERVER['REQUEST_URI'], '/'));
+            $str = "http://" . $_SERVER['HTTP_HOST'] . $folder . "/newpass.php?p1=" . $user['login'] . "&p2=" . $hmail;
+            $headers = 'From: [email protected]';
+            $ret = mail($user['mail'], 'Camagru password reset', $str, $headers);
+        } else
+            echo "<h3 class='error mb5 text-center'>Incorrect mail or login !</h3>";
+    }
+    require 'footer.php';
+?>
+

gallery.php

@@ -0,0 +1,83 @@
+<?php
+    require 'header.php';
+if ($_SESSION['loggued_on_user']){
+?>
+
+<div id="gallery" class="text-center mtb5">
+    <h2>Gallery of all users</h2>
+    <form method="get">
+        <select name="sort" onchange="this.form.submit();">
+            <option value="date">Sort by date (default)</option>
+            <option value="likes">Sort by likes</option>
+            <option value="comments">Sort by comments</option>
+        </select>
+    </form>
+    <div id="gallery_images">
+    <?php
+
+        $total = select("SELECT COUNT(*) AS total FROM pictures")[0]['total'];
+        $messagesParPage = 20;
+        $nombreDePages=ceil($total/$messagesParPage);
+        if(isset($_GET['page'])) // Si la variable $_GET['page'] existe...
+        {
+            $pageActuelle=intval($_GET['page']);
+
+            if($pageActuelle>$nombreDePages) // Si la valeur de $pageActuelle (le numéro de la page) est plus grande que $nombreDePages...
+            {
+                $pageActuelle=$nombreDePages;
+            }
+        }
+        else // Sinon
+        {
+            $pageActuelle=1; // La page actuelle est la n°1
+        }
+        $premiereEntree=($pageActuelle-1)*$messagesParPage;
+//        $sql = "SELECT * FROM pictures ORDER BY pic_id DESC LIMIT $premiereEntree, $messagesParPage";
+        console($sql);
+//        $images = select($sql);
+        if ($_GET['sort'] == 'dates' || empty($_GET['sort'])) {
+            $images = select("select * from pictures order by pic_id desc LIMIT $premiereEntree, $messagesParPage");
+        }
+        elseif ($_GET['sort'] == 'comments'){
+            $images = select("SELECT pictures.*, COUNT(comments.pic_id) as total_comments FROM pictures LEFT JOIN comments ON comments.pic_id = pictures.pic_id GROUP BY pictures.pic_id ORDER BY COUNT(comments.pic_id) DESC LIMIT $premiereEntree, $messagesParPage");
+        }
+        elseif ($_GET['sort'] == 'likes'){
+            $images = select("SELECT pictures.*, COUNT(likes.pic_id) as total_comments FROM pictures LEFT JOIN likes ON likes.pic_id = pictures.pic_id GROUP BY pictures.pic_id ORDER BY COUNT(likes.pic_id) DESC LIMIT $premiereEntree, $messagesParPage");
+        }
+
+        foreach ($images as $image){
+            echo "<a href='image.php?id=".$image['pic_id']."'><img class='img' src='" . $image['pic_path'] . "' alt='" . $image['pic_id'] . "'></a>";
+        }
+    echo '<p align="center">Page : ';
+    for($i=1; $i<=$nombreDePages; $i++) //On fait notre boucle
+    {
+        //On va faire notre condition
+        if($i==$pageActuelle) //Si il s'agit de la page actuelle...
+        {
+            echo ' [ '.$i.' ] ';
+        }
+        else //Sinon...
+        {
+            $str = $_GET['sort'] ? " <a href='gallery.php?page=$i&sort=".$_GET['sort']."'>$i</a> " : ' <a href="gallery.php?page='.$i.'">'.$i.'</a> ';
+            echo $str;
+        }
+    }
+    echo '</p>';
+    ?>
+    </div>
+</div>
+
+<?php
+}
+else{
+    ?>
+
+    <div id='in'>
+        <h3>You have to be logged in to access website.</h3>
+        <p>Go to <a href="login.php">login page</a> or <a href="register.php">register page</a></p>
+    </div>
+
+    <?php
+}
+    require 'footer.php';
+?>

header.php

@@ -0,0 +1,29 @@
+<?php
+    session_start();
+    require 'sql.php';
+
+?>
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Cama_gru</title>
+    <script src="javascript/ajax.js"></script>
+    <link rel="stylesheet" href="style/style.css">
+</head>
+<body><div id="header">
+    <a href="index.php"><h2>Camagr_U</h2></a>
+    <?php if (empty($_SESSION['loggued_on_user'])){ ?>
+<!--        <a href="login.php">Sign in</a>-->
+<!--        <a href="register.php">Sign up</a>-->
+    <?php }
+    else {
+        echo '<!--Welcome <span id="name">'.$_SESSION['loggued_on_user'].'</span>'; ?>
+<!--        <a href="change.php">Change password</a>-->
+<!--        <a href="gallery.php">Gallery</a>-->
+<!--        <a href="logout.php">Logout</a>-->
+    <?php	} ?>
+</div>
+
+<?php
+    require 'menu.php';
+?>

host.php

@@ -0,0 +1,53 @@
+<?php 
+$indicesServer = array('PHP_SELF', 
+'argv', 
+'argc', 
+'GATEWAY_INTERFACE', 
+'SERVER_ADDR', 
+'SERVER_NAME', 
+'SERVER_SOFTWARE', 
+'SERVER_PROTOCOL', 
+'REQUEST_METHOD', 
+'REQUEST_TIME', 
+'REQUEST_TIME_FLOAT', 
+'QUERY_STRING', 
+'DOCUMENT_ROOT', 
+'HTTP_ACCEPT', 
+'HTTP_ACCEPT_CHARSET', 
+'HTTP_ACCEPT_ENCODING', 
+'HTTP_ACCEPT_LANGUAGE', 
+'HTTP_CONNECTION', 
+'HTTP_HOST', 
+'HTTP_REFERER', 
+'HTTP_USER_AGENT', 
+'HTTPS', 
+'REMOTE_ADDR', 
+'REMOTE_HOST', 
+'REMOTE_PORT', 
+'REMOTE_USER', 
+'REDIRECT_REMOTE_USER', 
+'SCRIPT_FILENAME', 
+'SERVER_ADMIN', 
+'SERVER_PORT', 
+'SERVER_SIGNATURE', 
+'PATH_TRANSLATED', 
+'SCRIPT_NAME', 
+'REQUEST_URI', 
+'PHP_AUTH_DIGEST', 
+'PHP_AUTH_USER', 
+'PHP_AUTH_PW', 
+'AUTH_TYPE', 
+'PATH_INFO', 
+'ORIG_PATH_INFO') ; 
+
+echo '<table cellpadding="10">' ; 
+foreach ($indicesServer as $arg) { 
+	if (isset($_SERVER[$arg])) { 
+		echo '<tr><td>'.$arg.'</td><td>' . $_SERVER[$arg] . '</td></tr>' ; 
+	} 
+	else { 
+		echo '<tr><td>'.$arg.'</td><td>-</td></tr>' ; 
+	} 
+} 
+echo '</table>' ; 
+?>

image.php

@@ -0,0 +1,95 @@
+<?php
+    require 'header.php';
+if ($_SESSION['loggued_on_user']){
+    if (!$_SESSION['loggued_on_user']){
+        echo "<h2 class='error text-center'>You need to be logged to access this page ! :(</h2>
+        <br><p class='text-center' ><a href='register.php'>Go to register page ?</a></p><br>
+        <p class='text-center' >or</p><br>
+        <p class='text-center mb5' ><a href='login.php'>Go to login page ?</a></p>";
+
+        require 'footer.php';
+        exit ();
+    }
+
+    if (!$_GET['id']){
+        $folder = substr_replace ($_SERVER['REQUEST_URI'], '', strrpos($_SERVER['REQUEST_URI'],'/'));
+        $goto = "http://".$_SERVER['HTTP_HOST'].$folder.'/gallery.php';
+        echo "<script> window.location = '".$goto."'</script>";
+        exit ;
+    }else{
+        $image = select("select * from pictures where pic_id = ".$_GET['id'])[0];
+        $comments = select("select * from comments WHERE pic_id = ".$_GET['id']);
+        $user = $image['user_pseudo'];
+        $mail = select("select * from user inner join pictures on pictures.user_pseudo = user.login WHERE pic_id = ".$_GET['id'])[0]['mail'];
+    }
+
+    if ($_POST['comment']){
+        insert("insert into comments VALUES (null, '".$_SESSION['loggued_on_user']."', ".$_GET['id'].", '".$_POST['comment']."')");
+        $url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
+        if ($user != $_SESSION['loggued_on_user'])
+            mail($mail, $_SESSION['loggued_on_user']." commented your picture !", "Come and check your commented picture :  $url");
+        echo "<script> window.location = window.location </script>";
+    }
+
+?>
+
+<div id="image" class="text-center">
+    <img src="<?php echo $image['pic_path']; ?>">
+    <p>Picture taken by <strong class="user"><?php  echo $user; ?></strong></p>
+    <h3 id="like">Like it ? <span id="heart">♥</span></h3>
+    <p><?php
+        echo select("SELECT pic_id, count(*) as likes FROM `likes` where pic_id = ".$_GET['id'])[0]['likes'];
+    ?> ♥</p>
+    <h3>Speak about it ?</h3>
+    <textarea rows="4" cols="50" name="comment" form="addComment" placeholder="You wanna talk about it ?"></textarea>
+    <form method="post" id="addComment">
+        <input type="submit">
+    </form>
+    <br>
+    <?php
+        foreach ($comments as $comment){
+            echo "<div class='comment'>";
+            $str = "<p>".$comment['com']." <i class='user'>by ".$comment['user_pseudo']."</i>";
+            if ($comment['user_pseudo'] == $_SESSION['loggued_on_user']) {
+                $str .= "<span class='delete' id='".$comment['com_id']."'> remove it ?</span>";
+            }
+            $str .= "</p>";
+            echo $str;
+            echo "</div>";
+        }
+    ?>
+</div>
+<script>
+    img = document.getElementById('image');
+    del = document.getElementsByClassName('delete');
+    [].forEach.call(del, function (i) {
+        i.addEventListener("click", function () {
+            if (confirm("You want to remove the com' ?!") == true) {
+                ajaxRequest('db.php', {'com_id': i.id});
+                img.removeChild(i.parentNode.parentNode);
+            }
+        });
+    });
+
+    like = document.getElementById('like');
+//    name  = document.querySelector('#name');
+    like.addEventListener("click", function (name) {
+        ajaxRequest('db.php', {'like':1 ,'pic_id':window.location.search.split('=')[1] ,'user':document.querySelector("#name").innerHTML})
+    });
+</script>
+
+<?php
+
+    }
+    else{
+        ?>
+
+        <div id='in'>
+            <h3>You have to be logged in to access website.</h3>
+            <p>Go to <a href="login.php">login page</a> or <a href="register.php">register page</a></p>
+        </div>
+
+        <?php
+    }
+    require 'footer.php';
+?>