Issues in index.php - Fixed Issues - Inspection of "Activate voting" - mmainstreet/jodel-web - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 30b726...b85380 )

by mains

created 2017-02-06 16:19 UTC

index.php (2 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
error_reporting(-1);

include 'php/jodel-web.php';

	$config = parse_ini_file('config/config.ini.php');


	$location = new Location();
	$location->setLat($config['default_lat']);
	$location->setLng($config['default_lng']);
	$location->setCityName($config['default_location']);

	$accessToken;
	$accessToken_forId1;
	$deviceUid;
	$isSpider = FALSE;

	//What is dude doing with my Server?
	if($_SERVER['REMOTE_ADDR'] == '94.231.103.52')
	{
		echo('You are flooting my Server! Pls enable Cookies in your script and contact me: [email protected]');
		die();
	}


	//Check if it's a Spider or Google Bot
	if(botDeviceUidIsSet($config) && isUserBot())
	{
		$isSpider = TRUE;
		error_log('Spider or Bot checked in!');
		
		//Change this to a free device_uid listed in your DB
		$deviceUid = $config['botDeviceUid'];
		$config = NULL;
	}
	else
	{
		$config = NULL;
		if(!isset($_COOKIE['JodelDeviceId']) || !isDeviceUidInDatabase($db->real_escape_string($_COOKIE['JodelDeviceId'])))
		{
			$deviceUid = createAccount();
			setcookie('JodelDeviceId', $deviceUid, time()+60*60*24*365*10);
			error_log('Created account with JodelDeviceId:' . $deviceUid .  ' for [' . $_SERVER ['HTTP_USER_AGENT'] . ']');
			
		}
		else
		{
			$deviceUid = $db->real_escape_string($_COOKIE['JodelDeviceId']);
		}
	}

	$location = getLocationByDeviceUid($deviceUid);
	$newPositionStatus = $location->getCityName();
	$accessToken = isTokenFreshByDeviceUid($location, $deviceUid);
	//Acc is fresh. token and location is set

	$accessToken_forId1 = isTokenFresh($location);
	$deviceUid_forId1 = getDeviceUidByAccessToken($accessToken_forId1);


	//Set View
	if(isset($_GET['view']))
	{
		switch ($_GET['view']) {
			case 'comment':
				$view = 'comment';
				break;
			
			case 'upVote':
				$view = 'upVote';
				break;

			default:
				$view = 'time';
				break;
		}
	}
	else
	{
		$view = 'time';
	}
	
	//Set Location
	if(isset($_GET['city'])) {
		$url = 'https://maps.googleapis.com/maps/api/geocode/json?address=' . htmlspecialchars($_GET['city']) . '&key=AIzaSyCwhnja-or07012HqrhPW7prHEDuSvFT4w';
		$result = Requests::post($url);
		if(json_decode($result->body, true)['status'] == 'ZERO_RESULTS' || json_decode($result->body, true)['status'] == 'INVALID_REQUEST')
		{
			$newPositionStatus = "0 results";
		}
		else
		{
			$name = json_decode($result->body, true)['results']['0']['address_components']['0']['long_name'];
			$lat = json_decode($result->body, true)['results']['0']['geometry']['location']['lat'];
			$lng = json_decode($result->body, true)['results']['0']['geometry']['location']['lng'];

			$location = new Location();
			$location->setLat($lat);
			$location->setLng($lng);
			$location->setCityName($name);
			$accountCreator = new UpdateLocation();
			$accountCreator->setLocation($location);
			$accountCreator->setAccessToken($accessToken);
			$data = $accountCreator->execute();

			//safe location to db
			if($data == 'Success')
			{
				$result = $db->query("UPDATE accounts 
						SET name='" . $name . "',
							lat='" . $lat . "',
							lng='" . $lng . "'
						WHERE access_token='" . $accessToken . "'");

				if($result === false)
				{
						echo "Updating location failed: (" . $db->errno . ") " . $db->error;
				}
				else
				{
					$newPositionStatus = $name;
					error_log('User with JodelDeviceId:' . $deviceUid .  ' [' . $_SERVER['REMOTE_ADDR'] . '][' . $_SERVER ['HTTP_USER_AGENT'] . '] changed to Location: ' . $name);
				}
			}
		}
	}
	
	//Vote
	if(isset($_GET['vote']) && isset($_GET['postID']))
	{
		exit("Voting is not working!");
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
		if(!deviceUidHasVotedThisPostId($deviceUid_forId1, $_GET['postID']))
		{
			if($_GET['vote'] == "up")
			{
				$accountCreator = new Upvote();
			}
			else if($_GET['vote'] == "down")
			{
				$accountCreator = new Downvote();
			}
			$accountCreator->setAccessToken($accessToken_forId1);
			$accountCreator->postId = htmlspecialchars($_GET['postID']);
			$data = $accountCreator->execute();


			addVoteWithPostIdAndTypeToDeviceUid($_GET['postID'], $_GET['vote'], $deviceUid_forId1);
		}

		
		if(isset($_GET['getPostDetails']) && isset($_GET['getPostDetails']))
		{
			header('Location: index.php?getPostDetails=true&postID=' . htmlspecialchars($_GET['postID_parent']) . '#postId-' . htmlspecialchars($_GET['postID']));
		}
		else
		{
			header("Location: index.php#postId-" . htmlspecialchars($_GET['postID']));
		}	
		die();
	}
	
	
	//SendJodel
	if(isset($_POST['message']))
	{
		$accountCreator = new SendJodel();

		if(isset($_POST['ancestor']))
		{
			$ancestor = $_POST['ancestor'];
			$accountCreator->ancestor = $ancestor;
		}
		if(isset($_POST['color']))
		{
			$color = $_POST['color'];
			switch ($color) {
				case '8ABDB0':
					$color = '8ABDB0';
					break;
				case '9EC41C':
					$color = '9EC41C';
					break;
				case '06A3CB':
					$color = '06A3CB';
					break;
				case 'FFBA00':
					$color = 'FFBA00';
					break;
				case 'DD5F5F':
					$color = 'DD5F5F';
					break;
				case 'FF9908':
					$color = 'FF9908';
					break;
				
				default:
					$color = '8ABDB0';
					break;
			}
			$accountCreator->color = $color;
		}
		
		//$location = getLocationByAccessToken($accessToken);


		$accountCreatorLocation = new UpdateLocation();
		$accountCreatorLocation->setLocation($location);
		$accountCreatorLocation->setAccessToken($accessToken_forId1);
		$data = $accountCreatorLocation->execute();
		
		$accountCreator->location = $location;
		
		$accountCreator->setAccessToken($accessToken_forId1);
		$data = $accountCreator->execute();

		if(isset($_POST['ancestor']))
		{
			$actual_link = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
			header('Location: ' . $actual_link . '#postId-' . htmlspecialchars($data['post_id']));
			exit;
		}
		else
		{
			header('Location: ./');
			exit;
		}
	}
?>
<!DOCTYPE html>
<html lang="en">
	<head>
		<title>JodelBlue - Web-App and Browser-Client</title>
		
		<meta charset="utf-8">
		<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
		<meta http-equiv="x-ua-compatible" content="ie=edge">
		
		<meta name="description" content="JodelBlue is a Web-App and Browser-Client for the Jodel App. No registration required! Browse Jodels all over the world. Send your own Jodels or upvote others.">
		<meta name="keywords" content="jodelblue, jodel, blue, webclient, web, client, web-app, browser, app">
		
		<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/css/bootstrap.min.css" integrity="sha384-AysaV+vQoT3kOAXZkl02PThvDr8HYKPZhNT5h/CXfBThSRXQ6jW5DO2ekP5ViFdi" crossorigin="anonymous">
		<link rel="stylesheet" href="css/font-awesome.min.css">
		<link rel="stylesheet" href="style.css" type="text/css">
		
		<link rel="shortcut icon" type="image/x-icon" href="./img/favicon/favicon.ico">
		<link rel="icon" type="image/x-icon" href="./img/favicon/favicon.ico">
		<link rel="icon" type="image/gif" href="./img/favicon/favicon.gif">
		<link rel="icon" type="image/png" href="./img/favicon/favicon.png">
		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon.png">
		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-57x57.png" sizes="57x57">
		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-60x60.png" sizes="60x60">
		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-72x72.png" sizes="72x72">
		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-76x76.png" sizes="76x76">
		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-114x114.png" sizes="114x114">
		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-120x120.png" sizes="120x120">
		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-128x128.png" sizes="128x128">
		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-144x144.png" sizes="144x144">
		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-152x152.png" sizes="152x152">
		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-180x180.png" sizes="180x180">
		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-precomposed.png">
		<link rel="icon" type="image/png" href="./img/favicon/favicon-16x16.png" sizes="16x16">
		<link rel="icon" type="image/png" href="./img/favicon/favicon-32x32.png" sizes="32x32">
		<link rel="icon" type="image/png" href="./img/favicon/favicon-96x96.png" sizes="96x96">
		<link rel="icon" type="image/png" href="./img/favicon/favicon-160x160.png" sizes="160x160">
		<link rel="icon" type="image/png" href="./img/favicon/favicon-192x192.png" sizes="192x192">
		<link rel="icon" type="image/png" href="./img/favicon/favicon-196x196.png" sizes="196x196">
		<meta name="msapplication-TileImage" content="./img/favicon/win8-tile-144x144.png"> 
		<meta name="msapplication-TileColor" content="#5682a3"> 
		<meta name="msapplication-navbutton-color" content="#5682a3"> 
		<meta name="application-name" content="JodelBlue"/> 
		<meta name="msapplication-tooltip" content="JodelBlue"/> 
		<meta name="apple-mobile-web-app-title" content="JodelBlue"/> 
		<meta name="msapplication-square70x70logo" content="./img/favicon/win8-tile-70x70.png"> 
		<meta name="msapplication-square144x144logo" content="./img/favicon/win8-tile-144x144.png"> 
		<meta name="msapplication-square150x150logo" content="./img/favicon/win8-tile-150x150.png"> 
		<meta name="msapplication-wide310x150logo" content="./img/favicon/win8-tile-310x150.png"> 
		<meta name="msapplication-square310x310logo" content="./img/favicon/win8-tile-310x310.png"> 
	</head>
	
	<body>
		<header>
			<nav class="navbar navbar-full navbar-dark navbar-fixed-top">
				<div class="container">					
						<?php
							if(isset($_GET['postID']) && isset($_GET['getPostDetails']))
							{
								echo '<a id="comment-back" href="index.php?view=' . $view . '#postId-' . htmlspecialchars($_GET['postID']) . '">';
								echo '<i class="fa fa-angle-left fa-3x"></i>';
								echo '</a>';
								echo '<h1>';
								echo '<a href="index.php?getPostDetails=' . htmlspecialchars($_GET['getPostDetails']) . '&postID=' . htmlspecialchars($_GET['postID']) . '" class="spinnable">';
							}
							else
							{
								echo '<h1>';	
								echo '<a href="./" class="spinnable">';
							}
						?>
						JodelBlue <i class="fa fa-refresh fa-1x"></i></a>
					</h1>

					<div id="location_mobile" class="hidden-sm-up">
						<form method="get">
							<input type="text" id="city_mobile" name="city" placeholder="<?php if(isset($newPositionStatus)) echo $newPositionStatus; ?>" required>

							<input type="submit" id="submit_mobile" class="fa" value="&#xf0ac;" />
						</form>
					</div>
				</div>
			</nav>
		</header>
		
		<div class="mainContent container">		
			<div class="content row">
				<article class="topContent col-sm-8">

					<content id="posts">
						<?php
							$posts;

							//Get Post Details
							if(isset($_GET['postID']) && isset($_GET['getPostDetails']))
							{
								$userHandleBuffer = [];

								$accountCreator = new GetPostDetails();
								$accountCreator->setAccessToken($accessToken);
								$data = $accountCreator->execute();
								
								$posts[0] = $data;
								if(array_key_exists('children', $data)) {
									foreach($data['children'] as $key => $child)
									{
										
										if(!$child["parent_creator"] == 1)
										{
											$numberForUser = array_search($child['user_handle'], $userHandleBuffer);
											if($numberForUser === FALSE)
											{
												array_push($userHandleBuffer, $child['user_handle']);
												$data['children'][$key]['user_handle'] = count($userHandleBuffer);
											}
											else
											{
												$data['children'][$key]['user_handle'] = $numberForUser + 1;
											}
										}

										array_push($posts, $data['children'][$key]);
									}
									$loops = $data['child_count'] + 1;
								}
								else
								{
									$loops = 1;
								}
								$isDetailedView = TRUE;
							}
							//Get Posts
							else
							{
								$version = 'v2';
								if($view=='comment')
								{
									$url = "/v2/posts/location/discussed/";
								}
								else
								{
									if($view=='upVote')
									{
										$url = "/v2/posts/location/popular/";
									}
									else
									{
										$url = "/v3/posts/location/combo/";
										$version = 'v3';
									}
								}

								if($version == 'v3')
								{
									$posts = getPosts($lastPostId, $accessToken, $url, $version)['recent'];
								}
								else
								{
									$posts = getPosts($lastPostId, $accessToken, $url, $version)['posts'];
								}
								$loops = 29;
								$isDetailedView = FALSE;
							}
							

							for($i = 0; $i<$loops; $i++)
							{
								if(array_key_exists($i, $posts) && array_key_exists('post_id', $posts[$i]) && isset($posts[$i]['post_id']))
								{
									$lastPostId = $posts[$i]['post_id'];

									jodelToHtml($posts[$i], $view, $isDetailedView);
								}
							} ?>

					</content>
					
					<?php if(!isset($_GET['postID']) && !isset($_GET['getPostDetails'])) { ?>
						<p id="loading">
							Loading…
						</p>
					<?php } ?>
				</article>
			
				<aside class="topSidebar col-sm-4 sidebar-outer">
					<div class="fixed">
						<article>
							<div>
								<h2>Position</h2>
								<form method="get">
									<input type="text" id="city" name="city" placeholder="<?php if(isset($newPositionStatus)) echo $newPositionStatus; ?>" required>

									<input type="submit" value="Set Location" /> 
								</form>
							</div>
						</article>

						<article>
							<div>
								<h2>Karma</h2>
								<?php echo getKarma($accessToken_forId1); ?>
							</div>
						</article>

						<article>
							<div>
								<?php if(isset($_GET['postID']) && isset($_GET['getPostDetails'])) { ?>
								<h2>Comment on Jodel</h2>
								<form method="POST">				
										<input type="hidden" name="ancestor" value="<?php echo htmlspecialchars($_GET['postID']);?>" />
										<textarea id="message" name="message" placeholder="Send a comment on a Jodel to all students within 10km" required></textarea> 
									<br />
									<input type="submit" value="SEND" /> 
								</form>
									<?php } else { ?>
								<h2>New Jodel</h2>
								<form method="POST">
									<textarea id="message" name="message" placeholder="Send a Jodel to all students within 10km" required></textarea> 
									<br />
									<select id="postColorPicker" name="color">
										<option value="06A3CB">Blue</option>
										<option value="8ABDB0">Teal</option>
										<option value="9EC41C">Green</option>
										<option value="FFBA00">Yellow</option>
										<option value="DD5F5F">Red</option>
										<option value="FF9908">Orange</option>
									</select> 
									<br />
									<input type="submit" value="SEND" /> 
								</form>
								<?php } ?>
							</div>
						</article>
							
						<article>
							<div>
								<h2>Login</h2>
							</div>
						</article>
					</div>
				</aside>
			</div>
			<div id="sortJodelBy" class="row">
				<div class="col-xs-12">
					<div class="row">
						<div class="col-xs-3">
							<a href="index.php" <?php if($view=='time') echo 'class="active"';?>><i class="fa fa-clock-o fa-3x"></i></a>
						</div>
						<div class="col-xs-3">
							<a href="index.php?view=comment" <?php if($view=='comment') echo 'class="active"';?>><i class="fa fa-commenting-o fa-3x"></i></a>
						</div>
						<div class="col-xs-3">
							<a href="index.php?view=upVote" <?php if($view=='upVote') echo 'class="active"';?>><i class="fa fa-angle-up fa-3x"></i></a>
						</div>
						<div class="col-xs-3">
							<nav>
								<a href="./about-us.html">about us</a>
							</nav>
						</div>
					</div>
				</div>	
			</div>
		</div>
		
		
		<!-- jQuery, Tether, Bootstrap JS and own-->
		<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha384-3ceskX3iaEnIogmQchP8opvBy3Mi7Ce34nWjpBIwVTHfGYWQS9jwHDVRnpKKHJg7" crossorigin="anonymous"></script>
    	<script src="https://cdnjs.cloudflare.com/ajax/libs/tether/1.3.7/js/tether.min.js" integrity="sha384-XTs3FgkjiBgo8qjEjBk0tGmf3wPrWtA6coPfQDfFEY8AnYJwjalXCiosYRBIBZX8" crossorigin="anonymous"></script>
    	<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/js/bootstrap.min.js" integrity="sha384-BLiI7JTZm+JWlgKa0M0kGRpJbF2J8q+qreVrKBC47e3K6BW78kGLrCkeRX6I9RoK" crossorigin="anonymous"></script>
    	<script src="js/jQueryEmoji.js"></script>

		<script>
			//BackButton
			function goBack()
			{
				window.history.back();
			}

			$(document).ready(function()
			{


				//Transform UTF-8 Emoji to img
				$('.jodel > content').Emoji();

				$('a').on('click', function(){
				    $('a').removeClass('selected');
				    $(this).addClass('selected');
				});

				function scrollToAnchor(aid){
				    var aTag = $("article[id='"+ aid +"']");
				    $('html,body').animate({scrollTop: aTag.offset().top-90},'slow');
				}

				<?php if(!isset($_GET['postID']) && !isset($_GET['getPostDetails'])) { ?>

				



				var win = $(window);
				var lastPostId = "<?php echo $lastPostId; ?>";
				var view = "<?php echo $view; ?>"
				var old_lastPostId = "";
				var morePostsAvailable = true;

				if(window.location.hash)
				{
					var hash = window.location.hash.slice(1);

					if(!$("article[id='"+ hash +"']").length)
					{
						for (var i = 5; i >= 0; i--)
						{
							if(!$("article[id='"+ hash +"']").length)
							{
								$.ajax({
									url: 'get-posts-ajax.php?lastPostId=' + lastPostId + '&view=' + view,
									dataType: 'html',
									async: false,
									success: function(html) {
										var div = document.createElement('div');
										div.innerHTML = html;
										var elements = div.childNodes;
										old_lastPostId = lastPostId;
										lastPostId = elements[3].textContent;
										lastPostId = lastPostId.replace(/\s+/g, '');
										//alert('Neu: ' + lastPostId + " Alt: " + old_lastPostId);
										if(lastPostId == old_lastPostId) {
											
											//morePostsAvailable = false;
										}
										else {
											//alert(elements[3].textContent);
											$('#posts').append(elements[1].innerHTML);
											$('#posts').hide().show(0);
										}
										$('#loading').hide();
									}
								});

								$('.jodel > content').Emoji();
							}
							
						}
						scrollToAnchor(hash);

					}						
				}

				// Each time the user scrolls
				win.scroll(function() {


					// End of the document reached?
					if ($(window).scrollTop() + $(window).height() > $(document).height() - 100 && morePostsAvailable)
					{
						$('#loading').show();

						$.ajax({
							url: 'get-posts-ajax.php?lastPostId=' + lastPostId + '&view=' + view,
							dataType: 'html',
							async: false,
							success: function(html) {
								var div = document.createElement('div');
								div.innerHTML = html;
								var elements = div.childNodes;
								old_lastPostId = lastPostId;
								lastPostId = elements[3].textContent;
								lastPostId = lastPostId.replace(/\s+/g, '');
								//alert('Neu: ' + lastPostId + " Alt: " + old_lastPostId);
								if(lastPostId == old_lastPostId)
								{
									
									//morePostsAvailable = false;
								}
								else
								{
									//alert(elements[3].textContent);
									$('#posts').append(elements[1].innerHTML);
								}
								$('#loading').hide();
							}
						});

						$('.jodel > content').Emoji();
					}
				});
			<?php } ?>
			});	

		</script>
	</body>
</html>



1		<?php
2		error_reporting(-1);
3
4		include 'php/jodel-web.php';
5
6		$config = parse_ini_file('config/config.ini.php');
7
8
9		$location = new Location();
10		$location->setLat($config['default_lat']);
11		$location->setLng($config['default_lng']);
12		$location->setCityName($config['default_location']);
13
14		$accessToken;
15		$accessToken_forId1;
16		$deviceUid;
17		$isSpider = FALSE;
18
19		//What is dude doing with my Server?
20		if($_SERVER['REMOTE_ADDR'] == '94.231.103.52')
21		{
22		echo('You are flooting my Server! Pls enable Cookies in your script and contact me: [email protected]');
23		die();
24		}
25
26
27		//Check if it's a Spider or Google Bot
28		if(botDeviceUidIsSet($config) && isUserBot())
29		{
30		$isSpider = TRUE;
31		error_log('Spider or Bot checked in!');
32
33		//Change this to a free device_uid listed in your DB
34		$deviceUid = $config['botDeviceUid'];
35		$config = NULL;
36		}
37		else
38		{
39		$config = NULL;
40		if(!isset($_COOKIE['JodelDeviceId']) \|\| !isDeviceUidInDatabase($db->real_escape_string($_COOKIE['JodelDeviceId'])))
41		{
42		$deviceUid = createAccount();
43		setcookie('JodelDeviceId', $deviceUid, time()+60602436510);
44		error_log('Created account with JodelDeviceId:' . $deviceUid . ' for [' . $_SERVER ['HTTP_USER_AGENT'] . ']');
45
46		}
47		else
48		{
49		$deviceUid = $db->real_escape_string($_COOKIE['JodelDeviceId']);
50		}
51		}
52
53		$location = getLocationByDeviceUid($deviceUid);
54		$newPositionStatus = $location->getCityName();
55		$accessToken = isTokenFreshByDeviceUid($location, $deviceUid);
56		//Acc is fresh. token and location is set
57
58		$accessToken_forId1 = isTokenFresh($location);
59		$deviceUid_forId1 = getDeviceUidByAccessToken($accessToken_forId1);
60
61
62		//Set View
63	View Code Duplication	if(isset($_GET['view']))
64		{
65		switch ($_GET['view']) {
66		case 'comment':
67		$view = 'comment';
68		break;
69
70		case 'upVote':
71		$view = 'upVote';
72		break;
73
74		default:
75		$view = 'time';
76		break;
77		}
78		}
79		else
80		{
81		$view = 'time';
82		}
83
84		//Set Location
85		if(isset($_GET['city'])) {
86		$url = 'https://maps.googleapis.com/maps/api/geocode/json?address=' . htmlspecialchars($_GET['city']) . '&key=AIzaSyCwhnja-or07012HqrhPW7prHEDuSvFT4w';
87		$result = Requests::post($url);
88		if(json_decode($result->body, true)['status'] == 'ZERO_RESULTS' \|\| json_decode($result->body, true)['status'] == 'INVALID_REQUEST')
89		{
90		$newPositionStatus = "0 results";
91		}
92		else
93		{
94		$name = json_decode($result->body, true)['results']['0']['address_components']['0']['long_name'];
95		$lat = json_decode($result->body, true)['results']['0']['geometry']['location']['lat'];
96		$lng = json_decode($result->body, true)['results']['0']['geometry']['location']['lng'];
97
98		$location = new Location();
99		$location->setLat($lat);
100		$location->setLng($lng);
101		$location->setCityName($name);
102		$accountCreator = new UpdateLocation();
103		$accountCreator->setLocation($location);
104		$accountCreator->setAccessToken($accessToken);
105		$data = $accountCreator->execute();
106
107		//safe location to db
108		if($data == 'Success')
109		{
110		$result = $db->query("UPDATE accounts
111		SET name='" . $name . "',
112		lat='" . $lat . "',
113		lng='" . $lng . "'
114		WHERE access_token='" . $accessToken . "'");
115
116		if($result === false)
117		{
118		echo "Updating location failed: (" . $db->errno . ") " . $db->error;
119		}
120		else
121		{
122		$newPositionStatus = $name;
123		error_log('User with JodelDeviceId:' . $deviceUid . ' [' . $_SERVER['REMOTE_ADDR'] . '][' . $_SERVER ['HTTP_USER_AGENT'] . '] changed to Location: ' . $name);
124		}
125		}
126		}
127		}
128
129		//Vote
130		if(isset($_GET['vote']) && isset($_GET['postID']))
131		{
132		exit("Voting is not working!");
		0 ignored issues – show Coding Style Comprehensibility introduced 2017-02-04 11:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this The string literal `Voting is not working!` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
133		if(!deviceUidHasVotedThisPostId($deviceUid_forId1, $_GET['postID']))
134		{
135	View Code Duplication	if($_GET['vote'] == "up")
136		{
137		$accountCreator = new Upvote();
138		}
139		else if($_GET['vote'] == "down")
140		{
141		$accountCreator = new Downvote();
142		}
143		$accountCreator->setAccessToken($accessToken_forId1);
144		$accountCreator->postId = htmlspecialchars($_GET['postID']);
145		$data = $accountCreator->execute();
146
147
148		addVoteWithPostIdAndTypeToDeviceUid($_GET['postID'], $_GET['vote'], $deviceUid_forId1);
149		}
150
151
152		if(isset($_GET['getPostDetails']) && isset($_GET['getPostDetails']))
153		{
154		header('Location: index.php?getPostDetails=true&postID=' . htmlspecialchars($_GET['postID_parent']) . '#postId-' . htmlspecialchars($_GET['postID']));
155		}
156		else
157		{
158		header("Location: index.php#postId-" . htmlspecialchars($_GET['postID']));
159		}
160		die();
161		}
162
163
164		//SendJodel
165		if(isset($_POST['message']))
166		{
167		$accountCreator = new SendJodel();
168
169		if(isset($_POST['ancestor']))
170		{
171		$ancestor = $_POST['ancestor'];
172		$accountCreator->ancestor = $ancestor;
173		}
174		if(isset($_POST['color']))
175		{
176		$color = $_POST['color'];
177		switch ($color) {
178		case '8ABDB0':
179		$color = '8ABDB0';
180		break;
181		case '9EC41C':
182		$color = '9EC41C';
183		break;
184		case '06A3CB':
185		$color = '06A3CB';
186		break;
187		case 'FFBA00':
188		$color = 'FFBA00';
189		break;
190		case 'DD5F5F':
191		$color = 'DD5F5F';
192		break;
193		case 'FF9908':
194		$color = 'FF9908';
195		break;
196
197		default:
198		$color = '8ABDB0';
199		break;
200		}
201		$accountCreator->color = $color;
202		}
203
204		//$location = getLocationByAccessToken($accessToken);
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-12-09 16:30 UTC by Report Bug Copy Issue Report Show Similar Issues like this `56%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
205
206		$accountCreatorLocation = new UpdateLocation();
207		$accountCreatorLocation->setLocation($location);
208		$accountCreatorLocation->setAccessToken($accessToken_forId1);
209		$data = $accountCreatorLocation->execute();
210
211		$accountCreator->location = $location;
212
213		$accountCreator->setAccessToken($accessToken_forId1);
214		$data = $accountCreator->execute();
215
216		if(isset($_POST['ancestor']))
217		{
218		$actual_link = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
219		header('Location: ' . $actual_link . '#postId-' . htmlspecialchars($data['post_id']));
220		exit;
221		}
222		else
223		{
224		header('Location: ./');
225		exit;
226		}
227		}
228		?>
229		<!DOCTYPE html>
230		<html lang="en">
231		<head>
232		<title>JodelBlue - Web-App and Browser-Client</title>
233
234		<meta charset="utf-8">
235		<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
236		<meta http-equiv="x-ua-compatible" content="ie=edge">
237
238		<meta name="description" content="JodelBlue is a Web-App and Browser-Client for the Jodel App. No registration required! Browse Jodels all over the world. Send your own Jodels or upvote others.">
239		<meta name="keywords" content="jodelblue, jodel, blue, webclient, web, client, web-app, browser, app">
240
241		<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/css/bootstrap.min.css" integrity="sha384-AysaV+vQoT3kOAXZkl02PThvDr8HYKPZhNT5h/CXfBThSRXQ6jW5DO2ekP5ViFdi" crossorigin="anonymous">
242		<link rel="stylesheet" href="css/font-awesome.min.css">
243		<link rel="stylesheet" href="style.css" type="text/css">
244
245		<link rel="shortcut icon" type="image/x-icon" href="./img/favicon/favicon.ico">
246		<link rel="icon" type="image/x-icon" href="./img/favicon/favicon.ico">
247		<link rel="icon" type="image/gif" href="./img/favicon/favicon.gif">
248		<link rel="icon" type="image/png" href="./img/favicon/favicon.png">
249		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon.png">
250		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-57x57.png" sizes="57x57">
251		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-60x60.png" sizes="60x60">
252		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-72x72.png" sizes="72x72">
253		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-76x76.png" sizes="76x76">
254		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-114x114.png" sizes="114x114">
255		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-120x120.png" sizes="120x120">
256		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-128x128.png" sizes="128x128">
257		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-144x144.png" sizes="144x144">
258		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-152x152.png" sizes="152x152">
259		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-180x180.png" sizes="180x180">
260		<link rel="apple-touch-icon" href="./img/favicon/apple-touch-icon-precomposed.png">
261		<link rel="icon" type="image/png" href="./img/favicon/favicon-16x16.png" sizes="16x16">
262		<link rel="icon" type="image/png" href="./img/favicon/favicon-32x32.png" sizes="32x32">
263		<link rel="icon" type="image/png" href="./img/favicon/favicon-96x96.png" sizes="96x96">
264		<link rel="icon" type="image/png" href="./img/favicon/favicon-160x160.png" sizes="160x160">
265		<link rel="icon" type="image/png" href="./img/favicon/favicon-192x192.png" sizes="192x192">
266		<link rel="icon" type="image/png" href="./img/favicon/favicon-196x196.png" sizes="196x196">
267		<meta name="msapplication-TileImage" content="./img/favicon/win8-tile-144x144.png">
268		<meta name="msapplication-TileColor" content="#5682a3">
269		<meta name="msapplication-navbutton-color" content="#5682a3">
270		<meta name="application-name" content="JodelBlue"/>
271		<meta name="msapplication-tooltip" content="JodelBlue"/>
272		<meta name="apple-mobile-web-app-title" content="JodelBlue"/>
273		<meta name="msapplication-square70x70logo" content="./img/favicon/win8-tile-70x70.png">
274		<meta name="msapplication-square144x144logo" content="./img/favicon/win8-tile-144x144.png">
275		<meta name="msapplication-square150x150logo" content="./img/favicon/win8-tile-150x150.png">
276		<meta name="msapplication-wide310x150logo" content="./img/favicon/win8-tile-310x150.png">
277		<meta name="msapplication-square310x310logo" content="./img/favicon/win8-tile-310x310.png">
278		</head>
279
280		<body>
281		<header>
282		<nav class="navbar navbar-full navbar-dark navbar-fixed-top">
283		<div class="container">
284		<?php
285		if(isset($_GET['postID']) && isset($_GET['getPostDetails']))
286		{
287		echo '<a id="comment-back" href="index.php?view=' . $view . '#postId-' . htmlspecialchars($_GET['postID']) . '">';
288		echo '<i class="fa fa-angle-left fa-3x"></i>';
289		echo '</a>';
290		echo '<h1>';
291		echo '<a href="index.php?getPostDetails=' . htmlspecialchars($_GET['getPostDetails']) . '&postID=' . htmlspecialchars($_GET['postID']) . '" class="spinnable">';
292		}
293		else
294		{
295		echo '<h1>';
296		echo '<a href="./" class="spinnable">';
297		}
298		?>
299		JodelBlue <i class="fa fa-refresh fa-1x"></i></a>
300		</h1>
301
302		<div id="location_mobile" class="hidden-sm-up">
303		<form method="get">
304		<input type="text" id="city_mobile" name="city" placeholder="<?php if(isset($newPositionStatus)) echo $newPositionStatus; ?>" required>
305
306		<input type="submit" id="submit_mobile" class="fa" value="" />
307		</form>
308		</div>
309		</div>
310		</nav>
311		</header>
312
313		<div class="mainContent container">
314		<div class="content row">
315		<article class="topContent col-sm-8">
316
317		<content id="posts">
318		<?php
319		$posts;
320
321		//Get Post Details
322		if(isset($_GET['postID']) && isset($_GET['getPostDetails']))
323		{
324		$userHandleBuffer = [];
325
326		$accountCreator = new GetPostDetails();
327		$accountCreator->setAccessToken($accessToken);
328		$data = $accountCreator->execute();
329
330		$posts[0] = $data;
331		if(array_key_exists('children', $data)) {
332		foreach($data['children'] as $key => $child)
333		{
334
335		if(!$child["parent_creator"] == 1)
336		{
337		$numberForUser = array_search($child['user_handle'], $userHandleBuffer);
338		if($numberForUser === FALSE)
339		{
340		array_push($userHandleBuffer, $child['user_handle']);
341		$data['children'][$key]['user_handle'] = count($userHandleBuffer);
342		}
343		else
344		{
345		$data['children'][$key]['user_handle'] = $numberForUser + 1;
346		}
347		}
348
349		array_push($posts, $data['children'][$key]);
350		}
351		$loops = $data['child_count'] + 1;
352		}
353		else
354		{
355		$loops = 1;
356		}
357		$isDetailedView = TRUE;
358		}
359		//Get Posts
360		else
361		{
362		$version = 'v2';
363		if($view=='comment')
364		{
365		$url = "/v2/posts/location/discussed/";
366		}
367		else
368		{
369		if($view=='upVote')
370		{
371		$url = "/v2/posts/location/popular/";
372		}
373		else
374		{
375		$url = "/v3/posts/location/combo/";
376		$version = 'v3';
377		}
378		}
379
380		if($version == 'v3')
381		{
382		$posts = getPosts($lastPostId, $accessToken, $url, $version)['recent'];
383		}
384		else
385		{
386		$posts = getPosts($lastPostId, $accessToken, $url, $version)['posts'];
387		}
388		$loops = 29;
389		$isDetailedView = FALSE;
390		}
391
392
393		for($i = 0; $i<$loops; $i++)
394		{
395		if(array_key_exists($i, $posts) && array_key_exists('post_id', $posts[$i]) && isset($posts[$i]['post_id']))
396		{
397		$lastPostId = $posts[$i]['post_id'];
398
399		jodelToHtml($posts[$i], $view, $isDetailedView);
400		}
401		} ?>
402
403		</content>
404
405		<?php if(!isset($_GET['postID']) && !isset($_GET['getPostDetails'])) { ?>
406		<p id="loading">
407		Loading…
408		</p>
409		<?php } ?>
410		</article>
411
412		<aside class="topSidebar col-sm-4 sidebar-outer">
413		<div class="fixed">
414		<article>
415		<div>
416		<h2>Position</h2>
417		<form method="get">
418		<input type="text" id="city" name="city" placeholder="<?php if(isset($newPositionStatus)) echo $newPositionStatus; ?>" required>
419
420		<input type="submit" value="Set Location" />
421		</form>
422		</div>
423		</article>
424
425		<article>
426		<div>
427		<h2>Karma</h2>
428		<?php echo getKarma($accessToken_forId1); ?>
429		</div>
430		</article>
431
432		<article>
433		<div>
434		<?php if(isset($_GET['postID']) && isset($_GET['getPostDetails'])) { ?>
435		<h2>Comment on Jodel</h2>
436		<form method="POST">
437		<input type="hidden" name="ancestor" value="<?php echo htmlspecialchars($_GET['postID']);?>" />
438		<textarea id="message" name="message" placeholder="Send a comment on a Jodel to all students within 10km" required></textarea>
439		<br />
440		<input type="submit" value="SEND" />
441		</form>
442		<?php } else { ?>
443		<h2>New Jodel</h2>
444		<form method="POST">
445		<textarea id="message" name="message" placeholder="Send a Jodel to all students within 10km" required></textarea>
446		<br />
447		<select id="postColorPicker" name="color">
448		<option value="06A3CB">Blue</option>
449		<option value="8ABDB0">Teal</option>
450		<option value="9EC41C">Green</option>
451		<option value="FFBA00">Yellow</option>
452		<option value="DD5F5F">Red</option>
453		<option value="FF9908">Orange</option>
454		</select>
455		<br />
456		<input type="submit" value="SEND" />
457		</form>
458		<?php } ?>
459		</div>
460		</article>
461
462		<article>
463		<div>
464		<h2>Login</h2>
465		</div>
466		</article>
467		</div>
468		</aside>
469		</div>
470		<div id="sortJodelBy" class="row">
471		<div class="col-xs-12">
472		<div class="row">
473		<div class="col-xs-3">
474		<a href="index.php" <?php if($view=='time') echo 'class="active"';?>><i class="fa fa-clock-o fa-3x"></i></a>
475		</div>
476		<div class="col-xs-3">
477		<a href="index.php?view=comment" <?php if($view=='comment') echo 'class="active"';?>><i class="fa fa-commenting-o fa-3x"></i></a>
478		</div>
479		<div class="col-xs-3">
480		<a href="index.php?view=upVote" <?php if($view=='upVote') echo 'class="active"';?>><i class="fa fa-angle-up fa-3x"></i></a>
481		</div>
482		<div class="col-xs-3">
483		<nav>
484		<a href="./about-us.html">about us</a>
485		</nav>
486		</div>
487		</div>
488		</div>
489		</div>
490		</div>
491
492
493		<!-- jQuery, Tether, Bootstrap JS and own-->
494		<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha384-3ceskX3iaEnIogmQchP8opvBy3Mi7Ce34nWjpBIwVTHfGYWQS9jwHDVRnpKKHJg7" crossorigin="anonymous"></script>
495		<script src="https://cdnjs.cloudflare.com/ajax/libs/tether/1.3.7/js/tether.min.js" integrity="sha384-XTs3FgkjiBgo8qjEjBk0tGmf3wPrWtA6coPfQDfFEY8AnYJwjalXCiosYRBIBZX8" crossorigin="anonymous"></script>
496		<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/js/bootstrap.min.js" integrity="sha384-BLiI7JTZm+JWlgKa0M0kGRpJbF2J8q+qreVrKBC47e3K6BW78kGLrCkeRX6I9RoK" crossorigin="anonymous"></script>
497		<script src="js/jQueryEmoji.js"></script>
498
499		<script>
500		//BackButton
501		function goBack()
502		{
503		window.history.back();
504		}
505
506		$(document).ready(function()
507		{
508
509
510		//Transform UTF-8 Emoji to img
511		$('.jodel > content').Emoji();
512
513		$('a').on('click', function(){
514		$('a').removeClass('selected');
515		$(this).addClass('selected');
516		});
517
518		function scrollToAnchor(aid){
519		var aTag = $("article[id='"+ aid +"']");
520		$('html,body').animate({scrollTop: aTag.offset().top-90},'slow');
521		}
522
523		<?php if(!isset($_GET['postID']) && !isset($_GET['getPostDetails'])) { ?>
524
525
526
527
528
529		var win = $(window);
530		var lastPostId = "<?php echo $lastPostId; ?>";
531		var view = "<?php echo $view; ?>"
532		var old_lastPostId = "";
533		var morePostsAvailable = true;
534
535		if(window.location.hash)
536		{
537		var hash = window.location.hash.slice(1);
538
539		if(!$("article[id='"+ hash +"']").length)
540		{
541		for (var i = 5; i >= 0; i--)
542		{
543		if(!$("article[id='"+ hash +"']").length)
544		{
545		$.ajax({
546		url: 'get-posts-ajax.php?lastPostId=' + lastPostId + '&view=' + view,
547		dataType: 'html',
548		async: false,
549		success: function(html) {
550		var div = document.createElement('div');
551		div.innerHTML = html;
552		var elements = div.childNodes;
553		old_lastPostId = lastPostId;
554		lastPostId = elements[3].textContent;
555		lastPostId = lastPostId.replace(/\s+/g, '');
556		//alert('Neu: ' + lastPostId + " Alt: " + old_lastPostId);
557		if(lastPostId == old_lastPostId) {
558
559		//morePostsAvailable = false;
560		}
561		else {
562		//alert(elements[3].textContent);
563		$('#posts').append(elements[1].innerHTML);
564		$('#posts').hide().show(0);
565		}
566		$('#loading').hide();
567		}
568		});
569
570		$('.jodel > content').Emoji();
571		}
572
573		}
574		scrollToAnchor(hash);
575
576		}
577		}
578
579		// Each time the user scrolls
580		win.scroll(function() {
581
582
583		// End of the document reached?
584		if ($(window).scrollTop() + $(window).height() > $(document).height() - 100 && morePostsAvailable)
585		{
586		$('#loading').show();
587
588		$.ajax({
589		url: 'get-posts-ajax.php?lastPostId=' + lastPostId + '&view=' + view,
590		dataType: 'html',
591		async: false,
592		success: function(html) {
593		var div = document.createElement('div');
594		div.innerHTML = html;
595		var elements = div.childNodes;
596		old_lastPostId = lastPostId;
597		lastPostId = elements[3].textContent;
598		lastPostId = lastPostId.replace(/\s+/g, '');
599		//alert('Neu: ' + lastPostId + " Alt: " + old_lastPostId);
600		if(lastPostId == old_lastPostId)
601		{
602
603		//morePostsAvailable = false;
604		}
605		else
606		{
607		//alert(elements[3].textContent);
608		$('#posts').append(elements[1].innerHTML);
609		}
610		$('#loading').hide();
611		}
612		});
613
614		$('.jodel > content').Emoji();
615		}
616		});
617		<?php } ?>
618		});
619
620		</script>
621		</body>
622		</html>
623
624

mmainstreet / jodel-web

Push — master ( 30b726...b85380 )

index.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like