Issues in index.php - New Issues - Inspection of "Fixed XSS" - mmainstreet/jodel-web - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 285880...d65ec1 )

by mains

created 2016-11-26 14:03 UTC

index.php (2 issues)

Labels

Severity

Informational 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
error_reporting(-1);
include 'php/jodel-web.php';

	$location = new Location();
	$location->setLat('0.1');
	$location->setLng('0.1');
	$location->setCityName('Munich');

	isTokenFresh($location);

	$result = $db->query("SELECT * FROM accounts WHERE id='1'");
	
	$accessToken;
	$newPositionStatus;
	
	if ($result->num_rows > 0)
	{
		// output data of each row
		while($row = $result->fetch_assoc())
		{
			$accessToken = $row["access_token"];
		}
	}
	else
	{
		echo "Error: 0 results";
	}
	
	
	//createAccount();
	
	//Set Location
	if(isset($_GET['city'])) {
		$url = 'https://maps.googleapis.com/maps/api/geocode/json?address=' . htmlspecialchars($_GET['city']) . '&key=AIzaSyCwhnja-or07012HqrhPW7prHEDuSvFT4w';
		$result = Requests::post($url);
		if(json_decode($result->body, true)['status'] == 'ZERO_RESULTS' || json_decode($result->body, true)['status'] == 'INVALID_REQUEST')

		{
			$newPositionStatus = "0 results";
		}
		else
		{
			$location = new Location();
			$location->setLat(json_decode($result->body, true)['results']['0']['geometry']['location']['lat']);
			$location->setLng(json_decode($result->body, true)['results']['0']['geometry']['location']['lng']);
			$location->setCityName(htmlspecialchars($_GET['city']));
			$accountCreator = new UpdateLocation();
			$accountCreator->setLocation($location);
			$accountCreator->setAccessToken($accessToken);
			$data = $accountCreator->execute();
		}
	}
	
	//Vote
	if(isset($_GET['vote']) && isset($_GET['postID'])) {
		if($_GET['vote'] == "up") {
			$accountCreator = new Upvote();
		}
		else if($_GET['vote'] == "down") {
			$accountCreator = new Downvote();
		}
		$accountCreator->setAccessToken($accessToken);
		$data = $accountCreator->execute();

		header("Location: index.php#postId-" . htmlspecialchars($_GET['postID']));
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
		die();
	}
	
	
	//SendJodel
	if(isset($_POST['message'])) {
		$ancestor;
		if(isset($_POST['ancestor']))
		{
			$ancestor = $_POST['ancestor'];
		}
		
		$location = new Location();
		$location->setLat('0.1');
		$location->setLng('0.1');
		$location->setCityName('Munich');
		$accountCreator = new SendJodel();
		$accountCreator->setLocation($location);
		$accountCreator->setAncestor($ancestor);
		$accountCreator->setAccessToken($accessToken);
		$data = $accountCreator->execute();
	}
?>
<!DOCTYPE html>
<html lang="de">
	<head>
		<title>JodelBlue WebClient - </title>
		
		<meta charset="utf8" />
		<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
		<meta http-equiv="x-ua-compatible" content="ie=edge">
		
		<meta name="description" content=""/>
		<meta name="keywords" content=""/>
		
		<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/css/bootstrap.min.css" integrity="sha384-AysaV+vQoT3kOAXZkl02PThvDr8HYKPZhNT5h/CXfBThSRXQ6jW5DO2ekP5ViFdi" crossorigin="anonymous">
		<link rel="stylesheet" href="css/font-awesome.min.css">
		<link rel="stylesheet" href="style.css" type="text/css">
		
		<link rel="shortcut icon" href="img/favicon/favicon.ico" type="image/x-icon">
		<link rel="icon" href="img/favicon/favicon.ico" type="image/x-icon">	
	</head>
	
	<body>
		
		<div class="mainContent container">

			<header class="mainHeader">
				<a href="index.php">
					<h1>
						JodelBlue
						<?php if(!isset($_GET['postID']) && !isset($_GET['getPostDetails'])) echo '<i class="fa fa-refresh fa-1x"></i>';?>
					</h1>					
				</a>
				<div class="clear"></div>
			</header>
		
			<div class="content row">
				<article class="topContent col-sm-8">

					<content id="posts">
						<?php
							$posts;

							//Get Post Details
							if(isset($_GET['postID']) && isset($_GET['getPostDetails'])) {
								//Header Nav in Comment View
								?>
								<a id="comment-back" href="index.php#postId-<?php echo htmlspecialchars($_GET['postID']);?>">
									<i class="fa fa-angle-left fa-3x"></i>
								</a>

								<a id="comment-refresh" href="index.php?getPostDetails=<?php echo htmlspecialchars($_GET['getPostDetails']);?>&postID=<?php echo htmlspecialchars($_GET['postID']);?>">
									<i class="fa fa-refresh fa-2x"></i>
								</a>
								<?php


								$accountCreator = new GetPostDetails();
								$accountCreator->setAccessToken($accessToken);
								$data = $accountCreator->execute();
								
								$posts[0] = $data;
								if(isset($data['children'])) {
									foreach($data['children'] as $child) {
										array_push($posts, $child);
									}
									$loops = $data['child_count'] + 1;
								}
								else $loops = 1;
								$showCommentIcon = FALSE;
							}
							//Get Posts
							else {
								if(isset($_GET['commentView']))
								{
									$commentView = true;
									$url = "/v2/posts/location/discussed/";
								}
								else
								{
									if(isset($_GET['upVoteView']))
									{
										$upVoteView = true;
										$url = "/v2/posts/location/popular/";
									}
									else
									{
										$timeView = true;
										$url = "/v2/posts";
									}
								}

								$posts = getPosts($lastPostId, $accessToken, $url)['posts'];
								$loops = 29;
								$showCommentIcon = TRUE;
							}
							

							for($i = 0; $i<$loops; $i++) {
							
							if(isset($posts[$i])) {
							$lastPostId = $posts[$i]['post_id'];

							
							$now = new DateTime();
							$d = new DateTime($posts[$i]["created_at"]);
							
							
							//Time to time difference
							$timediff = $now->diff($d);

							$timediff_inSeconds = (string)$timediff->format('%s');
							$timediff_inMinutes = (string)$timediff->format('%i');
							$timediff_inHours = (string)$timediff->format('%h');
							$timediff_inDays = (string)$timediff->format('%d');
							$timediff_inMonth = (string)$timediff->format('%m');
							if($timediff_inMonth!=0) {
									$timediff = $timediff_inMonth . "m";
							}
							else
							{
								if($timediff_inDays!=0)
								{
									$timediff = $timediff_inDays . "d";
								}
								else
								{
									if($timediff_inHours!=0)
									{
										$timediff = $timediff_inHours . "h";
									}
									else
									{
										if($timediff_inMinutes!=0)
										{
											$timediff = $timediff_inMinutes . "m";
										}
										else
										{
											$timediff = $timediff_inSeconds . "s";
										}
									}
								}
							}
						?>
						
						<article id ="postId-<?php echo $posts[$i]["post_id"]; ?>" class="jodel" style="background-color: #<?php echo $posts[$i]["color"];?>;">
							<content>
								<?php 
								if(isset($posts[$i]["image_url"])) {
									echo '<img src="' . $posts[$i]["image_url"] . '">';
								}
								else {
									echo nl2br(htmlspecialchars($posts[$i]["message"]));
								}
								?>
							</content>
							<aside>
								<a href="index.php?vote=up&postID=<?php echo $posts[$i]["post_id"];?>">
									<i class="fa fa-angle-up fa-3x"></i>
								</a>	
									<br />
								<?php echo $posts[$i]["vote_count"];?><br />
								<a href="index.php?vote=down&postID=<?php echo $posts[$i]["post_id"];?>">
									<i class="fa fa-angle-down fa-3x"></i>
								</a>
							</aside>
						
							<footer>
								<table>
									<tr>
										<td class="time">
											<span data-tooltip="Time">
												<i class="fa fa-clock-o"></i>
												<?php echo $timediff;?>
											</span> 
										</td>
										<td class="comments">
											<?php if($showCommentIcon) {?>
											<span data-tooltip="Comments">
												<a href="index.php?getPostDetails=true&postID=<?php echo $posts[$i]["post_id"];?>">
													<i class="fa fa-commenting-o"></i>
													<?php if(array_key_exists("child_count", $posts[$i])) {
																echo $posts[$i]["child_count"];
															} else echo "0";
													?>
													</a>
											</span>
											<?php } ?>
										</td>
										<td class="distance">
											<span data-tooltip="Distance">
												<i class="fa fa-map-marker"></i>
												<?php echo $posts[$i]["distance"];?> km
											</span>
										</td>
									</tr>
								</table>
							</footer>
						</article>
						

						
						<?php }
						} ?>

					</content>
					
					<?php if(!isset($_GET['postID']) && !isset($_GET['getPostDetails'])) { ?>
						<p id="loading">
							Loading…
						</p>
					<?php } ?>
				</article>
			
				<aside class="topSidebar col-sm-4 sidebar-outer">
					<article>
						<h2>Position</h2>
						<form method="get">
							<input type="text" id="city" name="city" placeholder="<?php if(isset($newPositionStatus)) echo $newPositionStatus; else echo htmlspecialchars($posts[0]["location"]["name"]); ?>" required>

							<input type="submit" value="Set Location" /> 
						</form>
						
					</article>

					<article>
						<h2>Karma</h2>
						<?php echo getKarma($accessToken); ?>
					</article>

					<article>
						<?php if(isset($_GET['postID']) && isset($_GET['getPostDetails'])) { ?>
						<h2>Comment on Jodel</h2>
						<form method="POST">				
								<input type="hidden" name="ancestor" value="<?php echo htmlspecialchars($_GET['postID']);?>" />
								<textarea id="message" name="message" placeholder="Send a comment on a Jodel to all students within 10km" required></textarea> 
							<br />
							<input type="submit" value="SEND" /> 
						</form>
							<?php } else { ?>
						<h2>New Jodel</h2>
						<form method="POST">
							<textarea id="message" name="message" placeholder="Send a Jodel to all students within 10km" required></textarea> 
							<br />
							<input type="submit" value="SEND" /> 
						</form>
						<?php } ?>

					</article>
						
					<article>
						<h2>Login</h2>
					</article>
				</aside>
			</div>
			<div id="sortJodelBy" class="row">
				<div class="col-sm-12">
					<div class="row">
						<div class="col-sm-3">
							<a href="index.php" <?php if(isset($timeView)) echo 'class="active"';?>><i class="fa fa-clock-o fa-3x"></i></a>
						</div>
						<div class="col-sm-3">
							<a href="index.php?commentView=true" <?php if(isset($commentView)) echo 'class="active"';?>><i class="fa fa-commenting-o fa-3x"></i></a>
						</div>
						<div class="col-sm-3">
							<a href="index.php?upVoteView=true" <?php if(isset($upVoteView)) echo 'class="active"';?>><i class="fa fa-angle-up fa-3x"></i></a>
						</div>
						<div class="col-sm-3">
							<nav>
								<a href="./impressum.html">Impressum</a> | <a href="./datenschutz.html">Datenschutz</a>
							</nav>
						</div>
					</div>
				</div>	
			</div>
		</div>
		
		
		<!-- jQuery, Tether and Bootstrap JS -->
		<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha384-3ceskX3iaEnIogmQchP8opvBy3Mi7Ce34nWjpBIwVTHfGYWQS9jwHDVRnpKKHJg7" crossorigin="anonymous"></script>
    	<script src="https://cdnjs.cloudflare.com/ajax/libs/tether/1.3.7/js/tether.min.js" integrity="sha384-XTs3FgkjiBgo8qjEjBk0tGmf3wPrWtA6coPfQDfFEY8AnYJwjalXCiosYRBIBZX8" crossorigin="anonymous"></script>
    	<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/js/bootstrap.min.js" integrity="sha384-BLiI7JTZm+JWlgKa0M0kGRpJbF2J8q+qreVrKBC47e3K6BW78kGLrCkeRX6I9RoK" crossorigin="anonymous"></script>

		<script>
			$('a').on('click', function(){
			    $('a').removeClass('selected');
			    $(this).addClass('selected');
			});

			<?php if(!isset($_GET['postID']) && !isset($_GET['getPostDetails'])) { ?>
			$(document).ready(function() {
				var win = $(window);
				var lastPostId = "<?php echo $lastPostId; ?>";
				var old_lastPostId = "";
				var morePostsAvailable = true;
				// Each time the user scrolls
				win.scroll(function() {
					// End of the document reached?
					if (($(document).height() - win.height() == win.scrollTop()) && morePostsAvailable) {
						$('#loading').show();

						
						
						$.ajax({
							url: 'get-posts-ajax.php?lastPostId=' + lastPostId,
							dataType: 'html',
							async: true,
							success: function(html) {
								var div = document.createElement('div');
								div.innerHTML = html;
								var elements = div.childNodes;
								old_lastPostId = lastPostId;
								lastPostId = elements[3].textContent;
								lastPostId = lastPostId.replace(/\s+/g, '');
								//alert('Neu: ' + lastPostId + " Alt: " + old_lastPostId);
								if(lastPostId == old_lastPostId) {
									
									//morePostsAvailable = false;
								}
								else {
									//alert(elements[3].textContent);
									$('#posts').append(elements[1].innerHTML);
								}
								$('#loading').hide();
							}
						});
					}
				});
			});	
		<?php } ?>
		</script>

	</body>
</html>



1		<?php
2		error_reporting(-1);
3		include 'php/jodel-web.php';
4
5		$location = new Location();
6		$location->setLat('0.1');
7		$location->setLng('0.1');
8		$location->setCityName('Munich');
9
10		isTokenFresh($location);
11
12		$result = $db->query("SELECT * FROM accounts WHERE id='1'");
13
14		$accessToken;
15		$newPositionStatus;
16
17		if ($result->num_rows > 0)
18		{
19		// output data of each row
20		while($row = $result->fetch_assoc())
21		{
22		$accessToken = $row["access_token"];
23		}
24		}
25		else
26		{
27		echo "Error: 0 results";
28		}
29
30
31		//createAccount();
32
33		//Set Location
34		if(isset($_GET['city'])) {
35		$url = 'https://maps.googleapis.com/maps/api/geocode/json?address=' . htmlspecialchars($_GET['city']) . '&key=AIzaSyCwhnja-or07012HqrhPW7prHEDuSvFT4w';
36		$result = Requests::post($url);
37		if(json_decode($result->body, true)['status'] == 'ZERO_RESULTS' \|\| json_decode($result->body, true)['status'] == 'INVALID_REQUEST')
		0 ignored issues – show Coding Style introduced 2016-11-26 14:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this This line exceeds maximum limit of 120 characters; contains 133 characters Overly long lines are hard to read on any screen. Most code styles therefor impose a maximum limit on the number of characters in a line. Loading history...
38		{
39		$newPositionStatus = "0 results";
40		}
41		else
42		{
43		$location = new Location();
44		$location->setLat(json_decode($result->body, true)['results']['0']['geometry']['location']['lat']);
45		$location->setLng(json_decode($result->body, true)['results']['0']['geometry']['location']['lng']);
46		$location->setCityName(htmlspecialchars($_GET['city']));
47		$accountCreator = new UpdateLocation();
48		$accountCreator->setLocation($location);
49		$accountCreator->setAccessToken($accessToken);
50		$data = $accountCreator->execute();
51		}
52		}
53
54		//Vote
55		if(isset($_GET['vote']) && isset($_GET['postID'])) {
56		if($_GET['vote'] == "up") {
57		$accountCreator = new Upvote();
58		}
59		else if($_GET['vote'] == "down") {
60		$accountCreator = new Downvote();
61		}
62		$accountCreator->setAccessToken($accessToken);
63		$data = $accountCreator->execute();
64
65		header("Location: index.php#postId-" . htmlspecialchars($_GET['postID']));
		0 ignored issues – show Coding Style Comprehensibility introduced 2016-11-26 14:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this The string literal `Location: index.php#postId-` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
66		die();
67		}
68
69
70		//SendJodel
71		if(isset($_POST['message'])) {
72		$ancestor;
73		if(isset($_POST['ancestor']))
74		{
75		$ancestor = $_POST['ancestor'];
76		}
77
78		$location = new Location();
79		$location->setLat('0.1');
80		$location->setLng('0.1');
81		$location->setCityName('Munich');
82		$accountCreator = new SendJodel();
83		$accountCreator->setLocation($location);
84		$accountCreator->setAncestor($ancestor);
85		$accountCreator->setAccessToken($accessToken);
86		$data = $accountCreator->execute();
87		}
88		?>
89		<!DOCTYPE html>
90		<html lang="de">
91		<head>
92		<title>JodelBlue WebClient - </title>
93
94		<meta charset="utf8" />
95		<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
96		<meta http-equiv="x-ua-compatible" content="ie=edge">
97
98		<meta name="description" content=""/>
99		<meta name="keywords" content=""/>
100
101		<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/css/bootstrap.min.css" integrity="sha384-AysaV+vQoT3kOAXZkl02PThvDr8HYKPZhNT5h/CXfBThSRXQ6jW5DO2ekP5ViFdi" crossorigin="anonymous">
102		<link rel="stylesheet" href="css/font-awesome.min.css">
103		<link rel="stylesheet" href="style.css" type="text/css">
104
105		<link rel="shortcut icon" href="img/favicon/favicon.ico" type="image/x-icon">
106		<link rel="icon" href="img/favicon/favicon.ico" type="image/x-icon">
107		</head>
108
109		<body>
110
111		<div class="mainContent container">
112
113		<header class="mainHeader">
114		<a href="index.php">
115		<h1>
116		JodelBlue
117		<?php if(!isset($_GET['postID']) && !isset($_GET['getPostDetails'])) echo '<i class="fa fa-refresh fa-1x"></i>';?>
118		</h1>
119		</a>
120		<div class="clear"></div>
121		</header>
122
123		<div class="content row">
124		<article class="topContent col-sm-8">
125
126		<content id="posts">
127		<?php
128		$posts;
129
130		//Get Post Details
131		if(isset($_GET['postID']) && isset($_GET['getPostDetails'])) {
132		//Header Nav in Comment View
133		?>
134		<a id="comment-back" href="index.php#postId-<?php echo htmlspecialchars($_GET['postID']);?>">
135		<i class="fa fa-angle-left fa-3x"></i>
136		</a>
137
138		<a id="comment-refresh" href="index.php?getPostDetails=<?php echo htmlspecialchars($_GET['getPostDetails']);?>&postID=<?php echo htmlspecialchars($_GET['postID']);?>">
139		<i class="fa fa-refresh fa-2x"></i>
140		</a>
141		<?php
142
143
144		$accountCreator = new GetPostDetails();
145		$accountCreator->setAccessToken($accessToken);
146		$data = $accountCreator->execute();
147
148		$posts[0] = $data;
149		if(isset($data['children'])) {
150		foreach($data['children'] as $child) {
151		array_push($posts, $child);
152		}
153		$loops = $data['child_count'] + 1;
154		}
155		else $loops = 1;
156		$showCommentIcon = FALSE;
157		}
158		//Get Posts
159		else {
160	View Code Duplication	if(isset($_GET['commentView']))
161		{
162		$commentView = true;
163		$url = "/v2/posts/location/discussed/";
164		}
165		else
166		{
167		if(isset($_GET['upVoteView']))
168		{
169		$upVoteView = true;
170		$url = "/v2/posts/location/popular/";
171		}
172		else
173		{
174		$timeView = true;
175		$url = "/v2/posts";
176		}
177		}
178
179		$posts = getPosts($lastPostId, $accessToken, $url)['posts'];
180		$loops = 29;
181		$showCommentIcon = TRUE;
182		}
183
184
185		for($i = 0; $i<$loops; $i++) {
186
187		if(isset($posts[$i])) {
188		$lastPostId = $posts[$i]['post_id'];
189
190
191		$now = new DateTime();
192		$d = new DateTime($posts[$i]["created_at"]);
193
194
195		//Time to time difference
196		$timediff = $now->diff($d);
197
198		$timediff_inSeconds = (string)$timediff->format('%s');
199		$timediff_inMinutes = (string)$timediff->format('%i');
200		$timediff_inHours = (string)$timediff->format('%h');
201		$timediff_inDays = (string)$timediff->format('%d');
202		$timediff_inMonth = (string)$timediff->format('%m');
203	View Code Duplication	if($timediff_inMonth!=0) {
204		$timediff = $timediff_inMonth . "m";
205		}
206		else
207		{
208		if($timediff_inDays!=0)
209		{
210		$timediff = $timediff_inDays . "d";
211		}
212		else
213		{
214		if($timediff_inHours!=0)
215		{
216		$timediff = $timediff_inHours . "h";
217		}
218		else
219		{
220		if($timediff_inMinutes!=0)
221		{
222		$timediff = $timediff_inMinutes . "m";
223		}
224		else
225		{
226		$timediff = $timediff_inSeconds . "s";
227		}
228		}
229		}
230		}
231		?>
232
233		<article id ="postId-<?php echo $posts[$i]["post_id"]; ?>" class="jodel" style="background-color: #<?php echo $posts[$i]["color"];?>;">
234		<content>
235		<?php
236	View Code Duplication	if(isset($posts[$i]["image_url"])) {
237		echo '<img src="' . $posts[$i]["image_url"] . '">';
238		}
239		else {
240		echo nl2br(htmlspecialchars($posts[$i]["message"]));
241		}
242		?>
243		</content>
244		<aside>
245		<a href="index.php?vote=up&postID=<?php echo $posts[$i]["post_id"];?>">
246		<i class="fa fa-angle-up fa-3x"></i>
247		</a>
248		<br />
249		<?php echo $posts[$i]["vote_count"];?><br />
250		<a href="index.php?vote=down&postID=<?php echo $posts[$i]["post_id"];?>">
251		<i class="fa fa-angle-down fa-3x"></i>
252		</a>
253		</aside>
254
255		<footer>
256		<table>
257		<tr>
258		<td class="time">
259		<span data-tooltip="Time">
260		<i class="fa fa-clock-o"></i>
261		<?php echo $timediff;?>
262		</span>
263		</td>
264		<td class="comments">
265	View Code Duplication	<?php if($showCommentIcon) {?>
266		<span data-tooltip="Comments">
267		<a href="index.php?getPostDetails=true&postID=<?php echo $posts[$i]["post_id"];?>">
268		<i class="fa fa-commenting-o"></i>
269		<?php if(array_key_exists("child_count", $posts[$i])) {
270		echo $posts[$i]["child_count"];
271		} else echo "0";
272		?>
273		</a>
274		</span>
275		<?php } ?>
276		</td>
277		<td class="distance">
278		<span data-tooltip="Distance">
279		<i class="fa fa-map-marker"></i>
280		<?php echo $posts[$i]["distance"];?> km
281		</span>
282		</td>
283		</tr>
284		</table>
285		</footer>
286		</article>
287
288
289
290		<?php }
291		} ?>
292
293		</content>
294
295		<?php if(!isset($_GET['postID']) && !isset($_GET['getPostDetails'])) { ?>
296		<p id="loading">
297		Loading…
298		</p>
299		<?php } ?>
300		</article>
301
302		<aside class="topSidebar col-sm-4 sidebar-outer">
303		<article>
304		<h2>Position</h2>
305		<form method="get">
306		<input type="text" id="city" name="city" placeholder="<?php if(isset($newPositionStatus)) echo $newPositionStatus; else echo htmlspecialchars($posts[0]["location"]["name"]); ?>" required>
307
308		<input type="submit" value="Set Location" />
309		</form>
310
311		</article>
312
313		<article>
314		<h2>Karma</h2>
315		<?php echo getKarma($accessToken); ?>
316		</article>
317
318		<article>
319		<?php if(isset($_GET['postID']) && isset($_GET['getPostDetails'])) { ?>
320		<h2>Comment on Jodel</h2>
321		<form method="POST">
322		<input type="hidden" name="ancestor" value="<?php echo htmlspecialchars($_GET['postID']);?>" />
323		<textarea id="message" name="message" placeholder="Send a comment on a Jodel to all students within 10km" required></textarea>
324		<br />
325		<input type="submit" value="SEND" />
326		</form>
327		<?php } else { ?>
328		<h2>New Jodel</h2>
329		<form method="POST">
330		<textarea id="message" name="message" placeholder="Send a Jodel to all students within 10km" required></textarea>
331		<br />
332		<input type="submit" value="SEND" />
333		</form>
334		<?php } ?>
335
336		</article>
337
338		<article>
339		<h2>Login</h2>
340		</article>
341		</aside>
342		</div>
343		<div id="sortJodelBy" class="row">
344		<div class="col-sm-12">
345		<div class="row">
346		<div class="col-sm-3">
347		<a href="index.php" <?php if(isset($timeView)) echo 'class="active"';?>><i class="fa fa-clock-o fa-3x"></i></a>
348		</div>
349		<div class="col-sm-3">
350		<a href="index.php?commentView=true" <?php if(isset($commentView)) echo 'class="active"';?>><i class="fa fa-commenting-o fa-3x"></i></a>
351		</div>
352		<div class="col-sm-3">
353		<a href="index.php?upVoteView=true" <?php if(isset($upVoteView)) echo 'class="active"';?>><i class="fa fa-angle-up fa-3x"></i></a>
354		</div>
355		<div class="col-sm-3">
356		<nav>
357		<a href="./impressum.html">Impressum</a> \| <a href="./datenschutz.html">Datenschutz</a>
358		</nav>
359		</div>
360		</div>
361		</div>
362		</div>
363		</div>
364
365
366		<!-- jQuery, Tether and Bootstrap JS -->
367		<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha384-3ceskX3iaEnIogmQchP8opvBy3Mi7Ce34nWjpBIwVTHfGYWQS9jwHDVRnpKKHJg7" crossorigin="anonymous"></script>
368		<script src="https://cdnjs.cloudflare.com/ajax/libs/tether/1.3.7/js/tether.min.js" integrity="sha384-XTs3FgkjiBgo8qjEjBk0tGmf3wPrWtA6coPfQDfFEY8AnYJwjalXCiosYRBIBZX8" crossorigin="anonymous"></script>
369		<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/js/bootstrap.min.js" integrity="sha384-BLiI7JTZm+JWlgKa0M0kGRpJbF2J8q+qreVrKBC47e3K6BW78kGLrCkeRX6I9RoK" crossorigin="anonymous"></script>
370
371		<script>
372		$('a').on('click', function(){
373		$('a').removeClass('selected');
374		$(this).addClass('selected');
375		});
376
377		<?php if(!isset($_GET['postID']) && !isset($_GET['getPostDetails'])) { ?>
378		$(document).ready(function() {
379		var win = $(window);
380		var lastPostId = "<?php echo $lastPostId; ?>";
381		var old_lastPostId = "";
382		var morePostsAvailable = true;
383		// Each time the user scrolls
384		win.scroll(function() {
385		// End of the document reached?
386		if (($(document).height() - win.height() == win.scrollTop()) && morePostsAvailable) {
387		$('#loading').show();
388
389
390
391		$.ajax({
392		url: 'get-posts-ajax.php?lastPostId=' + lastPostId,
393		dataType: 'html',
394		async: true,
395		success: function(html) {
396		var div = document.createElement('div');
397		div.innerHTML = html;
398		var elements = div.childNodes;
399		old_lastPostId = lastPostId;
400		lastPostId = elements[3].textContent;
401		lastPostId = lastPostId.replace(/\s+/g, '');
402		//alert('Neu: ' + lastPostId + " Alt: " + old_lastPostId);
403		if(lastPostId == old_lastPostId) {
404
405		//morePostsAvailable = false;
406		}
407		else {
408		//alert(elements[3].textContent);
409		$('#posts').append(elements[1].innerHTML);
410		}
411		$('#loading').hide();
412		}
413		});
414		}
415		});
416		});
417		<?php } ?>
418		</script>
419
420		</body>
421		</html>
422
423

mmainstreet / jodel-web

Push — master ( 285880...d65ec1 )

index.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like