Final Friendasy

2015-06-20 16:06:07 +00:00 · 2015-06-20 16:06:07 +00:00 · 8a6ba4c499
commit 8a6ba4c499
parent 4070774a96
8 changed files with 188 additions and 33 deletions
--- a/_sakura/changelog.json
+++ b/_sakura/changelog.json
@ -20,7 +20,8 @@
                "20150530",
                "20150602",
                "20150604",
-                "20150619"
+                "20150619",
+                "20150620"

            ]

@ -1261,6 +1262,15 @@
                "change":   "Added notification history section contents to settings panel."
            }

+        ],
+
+        "20150620": [
+
+            {
+                "type":     "ADD",
+                "change":   "Added friends system."
+            }
+
        ]

    }
--- a/_sakura/components/Users.php
+++ b/_sakura/components/Users.php
@ -1122,7 +1122,7 @@ class Users {
    }

    // Check if a friend is mutual
-    public static function checkMutualFriend($fid, $uid = null) {
+    public static function checkFriend($fid, $uid = null) {

        // Assign $uid
        if(!$uid)
@ -1133,17 +1133,17 @@ class Users {

        // Check if the friend is actually in the user's array
        if(!in_array($fid, $self))
-            return false;
+            return 0;

        // Get the friend's friends
        $friend = self::getFriends($fid);

        // Check if the friend is actually in the user's array
-        if(!in_array($uid, $friend))
-            return false;
+        if(in_array($uid, $friend))
+            return 2;

        // Return true if all went through
-        return true;
+        return 1;

    }

@ -1166,7 +1166,7 @@ class Users {
        ]);

        // Return true because yay
-        return [1, Users::checkMutualFriend($uid) ? 'FRIENDS' : 'NOT_MUTUAL'];
+        return [1, Users::checkFriend($uid) == 2 ? 'FRIENDS' : 'NOT_MUTUAL'];

    }

@ -1179,8 +1179,8 @@ class Users {

        // Remove friend
        Database::delete('friends', [
-            'uid'       => Session::$userId,
-            'fid'       => $uid
+            'uid' => [Session::$userId, '='],
+            'fid' => [$uid, '=']
        ]);

        // Return true because yay
--- a/_sakura/sakura.php
+++ b/_sakura/sakura.php
@ -8,7 +8,7 @@
 namespace Sakura;

 // Define Sakura version
-define('SAKURA_VERSION',    '20150619');
+define('SAKURA_VERSION',    '20150620');
 define('SAKURA_VLABEL',     'Eminence');
 define('SAKURA_VTYPE',      'Development');
 define('SAKURA_COLOUR',     '#6C3082');
--- a/_sakura/templates/yuuno/global/header.tpl
+++ b/_sakura/templates/yuuno/global/header.tpl
@ -108,6 +108,42 @@
            }

        {% endif %}
+
+        {% if php.self == '/profile.php' and user.checklogin and user.data.id != profile.user.id %}
+
+            // Prepare friend toggle
+            function initFriendToggle() {
+
+                var profileFriendToggle = document.getElementById('profileFriendToggle');
+
+                profileFriendToggle.setAttribute('href', 'javascript:void(0);');
+                profileFriendToggle.setAttribute('onclick', 'doFriendToggle();');
+
+            }
+
+            function doFriendToggle() {
+
+                generateForm("doFriendToggle", {
+                    "class":    "hidden",
+                    "method":   "post",
+                    "action":   "//{{ sakura.urls.main }}/friends"
+                },
+                {
+                    "{% if profile.friend == 0 %}add{% else %}remove{% endif %}": "{{ profile.user.id }}",
+                    "ajax":     "true",
+                    "time":     "{{ php.time }}",
+                    "session":  "{{ php.sessionid }}",
+                    "redirect": "{{ sakura.currentpage }}"
+                }, "contentwrapper");
+
+                setTimeout(function(){
+                    submitPost("doFriendToggle", true, "{% if profile.friend == 0 %}Adding{% else %}Removing{% endif %} friend...")
+                }, 10);
+
+            }
+
+        {% endif %}
+
        // Space for things that need to happen onload
        window.onload = function() {

@ -125,6 +161,10 @@
            setInterval(function(){notifyRequest('{{ php.sessionid }}');}, 60000);
            {% endif %}

+            {% if php.self == '/profile.php' and user.checklogin and user.data.id != profile.user.id %}
+            initFriendToggle();
+            {% endif %}
+
            {% if php.self == '/authenticate.php' and not sakura.lockauth %}
            // AJAX Form Submission            
            var forms = {
--- a/_sakura/templates/yuuno/main/profile.tpl
+++ b/_sakura/templates/yuuno/main/profile.tpl
@ -25,7 +25,8 @@
                {% if user.data.id == profile.user.id %}
                <a class="fa fa-pencil-square" title="Edit your profile" href="//{{ sakura.urls.main }}/settings/profile"></a>
                {% else %}
-                <a class="fa fa-user-plus" title="Add {{ profile.user.username }} as a friend" href="//{{ sakura.urls.main }}/friends?add={{ profile.user.id }}&session={{ php.sessionid }}&time={{ php.time }}&return={{ sakura.currentpage }}"></a>
+                {% if profile.friend != 0 %}<a class="fa fa-{% if profile.friend == 2 %}heart{% else %}star{% endif %}" title="You are friends"></a>{% endif %}
+                <a class="fa fa-user-{% if profile.friend == 0 %}plus{% else %}times{% endif %}" title="{% if profile.friend == 0 %}Add {{ profile.user.username }} as a friend{% else %}Remove friend{% endif %}" href="//{{ sakura.urls.main }}/friends?{% if profile.friend == 0 %}add{% else %}remove{% endif %}={{ profile.user.id }}&session={{ php.sessionid }}&time={{ php.time }}&redirect={{ sakura.currentpage }}" id="profileFriendToggle"></a>
                <a class="fa fa-flag" title="Report {{ profile.user.username }}" href="//{{ sakura.urls.main }}/report/{{ profile.user.id }}"></a>
                {% endif %}
                </div>
--- a/main/authenticate.php
+++ b/main/authenticate.php
@ -39,7 +39,7 @@ if(isset($_REQUEST['mode'])) {
            $renderData['page'] = [
                'title'     => 'Action failed',
                'redirect'  => '/authenticate',
-                'message'   => 'Session IDs do not match.',
+                'message'   => 'Invalid session, please try again.',
                'success'   => 0
            ];

--- a/main/profile.php
+++ b/main/profile.php
@ -36,7 +36,8 @@ if(isset($_GET['u'])) {
        'online'        => Users::checkUserOnline($_PROFILE_USER_DATA['id']),
        'profilePage'   => Users::getProfilePage($_PROFILE_PROFILE_DATA, true),
        'fields'        => Users::getUserProfileFields($_PROFILE_PROFILE_DATA, true),
-        'warnings'      => Users::getWarnings($_PROFILE_USER_DATA['id'])
+        'warnings'      => Users::getWarnings($_PROFILE_USER_DATA['id']),
+        'friend'        => Users::checkFriend($_PROFILE_USER_DATA['id'])
    ];

    $renderData['page'] = [
--- a/main/settings.php
+++ b/main/settings.php
@ -49,32 +49,135 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications
 // Friends
 } elseif(isset($_REQUEST['friend-action']) && $_REQUEST['friend-action']) {

-    if(!isset($_REQUEST['session']) || $_REQUEST['session'] !== session_id()) {
-        print Templates::render('errors/information.tpl', array_merge($renderData, ['page' => ['redirect' => $_SERVER['PHP_SELF'], 'message' => 'Invalid session ID, please try again.', 'title' => 'Information']]));
-        exit;
+    // Continue
+    $continue = true;
+
+    // Referrer
+    $redirect = isset($_REQUEST['redirect']) ? $_REQUEST['redirect'] : (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/');
+
+    // Compare time and session so we know the link isn't forged
+    if(!isset($_REQUEST['add']) && !isset($_REQUEST['remove'])) {
+
+        $renderData['page'] = [
+            'title'     => 'Action failed',
+            'redirect'  => $redirect,
+            'message'   => 'One of the required operators isn\'t set.',
+            'success'   => 0
+        ];
+
+        // Prevent
+        $continue = false;
+
    }

-    if((!isset($_REQUEST['add']) && !isset($_REQUEST['remove'])) || !isset($_REQUEST['time'])) {
-        print Templates::render('errors/information.tpl', array_merge($renderData, ['page' => ['redirect' => $_SERVER['PHP_SELF'], 'message' => 'One or more required parameter is not set.', 'title' => 'Information']]));
-        exit;
+    // Compare time and session so we know the link isn't forged
+    if($_REQUEST[(isset($_REQUEST['add']) ? 'add' : 'remove')] == Session::$userId) {
+
+        $renderData['page'] = [
+            'title'     => 'Action failed',
+            'redirect'  => $redirect,
+            'message'   => 'You can\'t be friends with yourself, stop trying to bend reality.',
+            'success'   => 0
+        ];
+
+        // Prevent
+        $continue = false;
+
    }

-    if((isset($_REQUEST['add']) && $_REQUEST['add'] == Session::$userId) || (isset($_REQUEST['remove']) && $_REQUEST['remove'] == Session::$userId)) {
-        print Templates::render('errors/information.tpl', array_merge($renderData, ['page' => ['redirect' => $_SERVER['PHP_SELF'], 'message' => 'Can\'t add yourself as a friend.', 'title' => 'Information']]));
-        exit;
+    // Compare time and session so we know the link isn't forged
+    if(!isset($_REQUEST['time']) || $_REQUEST['time'] < time() - 1000) {
+
+        $renderData['page'] = [
+            'title'     => 'Action failed',
+            'redirect'  => $redirect,
+            'message'   => 'Timestamps differ too much, refresh the page and try again.',
+            'success'   => 0
+        ];
+
+        // Prevent
+        $continue = false;
+
    }
-    
-    $add = Users::addFriend($_REQUEST['add']);
-print $add[1];
-    if($add[0]) {
-        $user = Users::getUser(Session::$userId);
-        Users::createNotification($_REQUEST['add'], $user['username'] .' added you as a friend!', 'If you aren\'t mutual friends yet click here to add them as well.', 60000, '//'. Configuration::getLocalConfig('urls', 'main') .'/a/'. $user['id'], '//'. Configuration::getLocalConfig('urls', 'main') .'/u/'. $user['id'], '1');
-        print Templates::render('errors/information.tpl', array_merge($renderData, ['page' => ['redirect' => $_SERVER['PHP_SELF'], 'message' => 'You are now friends!', 'title' => 'Information']]));
-        exit;
-    } else {
-        print Templates::render('errors/information.tpl', array_merge($renderData, ['page' => ['redirect' => $_SERVER['PHP_SELF'], 'message' => 'Something went wrong.', 'title' => 'Information']]));
-        exit;
+
+    // Match session ids for the same reason
+    if(!isset($_REQUEST['session']) || $_REQUEST['session'] != session_id()) {
+
+        $renderData['page'] = [
+            'title'     => 'Action failed',
+            'redirect'  => $redirect,
+            'message'   => 'Invalid session, please try again.',
+            'success'   => 0
+        ];
+
+        // Prevent
+        $continue = false;
+
    }
+
+    // Continue if nothing fucked up
+    if($continue) {
+
+        // Execute the action
+        $action = (isset($_REQUEST['add']) ?  Users::addFriend($_REQUEST['add']) : Users::removeFriend($_REQUEST['remove']));
+
+        // Set the messages
+        $messages = [
+            'USER_NOT_EXIST'    => 'The user you tried to add doesn\'t exist.',
+            'ALREADY_FRIENDS'   => 'You are already friends with this person!',
+            'FRIENDS'           => 'You are now mutual friends!',
+            'NOT_MUTUAL'        => 'A friend request has been sent to this person.',
+            'ALREADY_REMOVED'   => 'You aren\'t friends with this person.',
+            'REMOVED'           => 'Removed this person from your friends list.'
+        ];
+
+        // Notification strings
+        $notifStrings = [
+            'FRIENDS'       => ['%s accepted your friend request!',     'You can now do mutual friend things!'],
+            'NOT_MUTUAL'    => ['%s added you as a friend!',            'Click here to add them as well.'],
+            'REMOVED'       => ['%s removed you from their friends.',   'You can no longer do friend things now ;_;']
+        ];
+
+        // Add page specific things
+        $renderData['page'] = [
+            'title'     => 'Managing Friends',
+            'redirect'  => $redirect,
+            'message'   => $messages[$action[1]],
+            'success'   => $action[0]
+        ];
+
+        // Create a notification
+        if(array_key_exists($action[1], $notifStrings)) {
+
+            // Get the current user's profile data
+            $user = Users::getUser(Session::$userId);
+
+            Users::createNotification(
+                $_REQUEST[(isset($_REQUEST['add']) ? 'add' : 'remove')],
+                sprintf($notifStrings[$action[1]][0], $user['username']),
+                $notifStrings[$action[1]][1],
+                60000,
+                '//'. Configuration::getLocalConfig('urls', 'main') .'/a/'. $user['id'],
+                '//'. Configuration::getLocalConfig('urls', 'main') .'/u/'. $user['id'],
+                '1'
+            );
+
+        }
+
+    }
+
+    // Print page contents or if the AJAX request is set only display the render data
+    print   isset($_REQUEST['ajax']) ?
+            (
+                $renderData['page']['title']
+                . '|'
+                . $renderData['page']['message']
+                . '|'
+                . $renderData['page']['success']
+                . '|'
+                . $renderData['page']['redirect']
+            ) :
+            Templates::render('errors/information.tpl', $renderData);
    exit;

 }