Bug fix + database update

Database schema/ethicscanvas_2017-07-31.sql

@@ -7,7 +7,7 @@
 #
 # Host: 127.0.0.1 (MySQL 5.5.42)
 # Database: ethicscanvas
-# Generation Time: 2017-07-31 09:49:25 +0000
+# Generation Time: 2017-07-31 13:37:14 +0000
 # ************************************************************
 
 
@@ -40,14 +40,12 @@ LOCK TABLES `canvas` WRITE;
 
 INSERT INTO `canvas` (`canvas_id`, `user_id`, `canvas_name`, `canvas_date`)
 VALUES
-	('','dave.lewis@adaptcentre.ie','',''),
 	('0IArBuzPj8','inglec@tcd.ie','Trinity Vincent de Paul','2016-10-01'),
 	('0XQ16MwzOQ','myersjo@tcd.ie','MySecondCanvas','2017-01-05'),
 	('1gaVfm7HXO','nearyh@tcd.ie','Hello Barbie','2016-10-29'),
 	('2UrR4nxyut','laulu@tcd.ie','','2016-09-30'),
 	('5ja7vgSCEc','ggunn@tcd.ie','','2017-02-06'),
 	('8z4zaBkW5D','dave.lewis@adaptcentre.ie','Whatsapp','2016-10-16'),
-	('8z4zaBkW5E','dave.lewis@adaptcentre.ie','Andreas','2017-07-31'),
 	('9rqtf43AsZ','myersjo@tcd.ie','Book Face Canvas','2017-02-01'),
 	('9WmWFOuug3','huntfe@tcd.ie','The title','2017-01-25'),
 	('afJd9a5exC','maibrahi@tcd.ie','','2016-10-01'),
@@ -97,12 +95,10 @@ CREATE TABLE `collaborators` (
   `collaborator` varchar(100) NOT NULL DEFAULT '',
   `lastactive` datetime DEFAULT NULL,
   PRIMARY KEY (`id`),
-  KEY `canvas_id` (`canvas_id`),
   KEY `owner` (`owner`),
   KEY `collaborator` (`collaborator`),
-  CONSTRAINT `collaborators_ibfk_1` FOREIGN KEY (`canvas_id`) REFERENCES `canvas` (`canvas_id`),
-  CONSTRAINT `collaborators_ibfk_2` FOREIGN KEY (`owner`) REFERENCES `canvas` (`user_id`),
-  CONSTRAINT `collaborators_ibfk_3` FOREIGN KEY (`collaborator`) REFERENCES `user` (`username`)
+  KEY `canvas_id` (`canvas_id`),
+  CONSTRAINT `collaborators_ibfk_1` FOREIGN KEY (`canvas_id`) REFERENCES `canvas` (`canvas_id`) ON DELETE CASCADE ON UPDATE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
 
 LOCK TABLES `collaborators` WRITE;
@@ -110,12 +106,12 @@ LOCK TABLES `collaborators` WRITE;
 
 INSERT INTO `collaborators` (`id`, `canvas_id`, `owner`, `collaborator`, `lastactive`)
 VALUES
-	(5,'8z4zaBkW5D','dave.lewis@adaptcentre.ie','a.burburan@gmail.com','2017-07-28 14:32:15'),
-	(6,'Op4cMXAhv7','a.burburan@gmail.com','a.burburan@gmail.com','2017-07-31 10:22:25'),
-	(11,'Op4cMXAhv7','a.burburan@gmail.com','dylanterry2@gmail.com','2017-07-31 10:22:25'),
-	(12,'Op4cMXAhv7','a.burburan@gmail.com','arturo.calvo@adaptcentre.ie','2017-07-31 10:22:25'),
-	(13,'Op4cMXAhv7','a.burburan@gmail.com','dave.lewis@adaptcentre.ie','2017-07-31 10:22:25'),
-	(14,'Op4cMXAhv7','a.burburan@gmail.com','myersjo@tcd.ie','2017-07-31 10:22:25');
+	(1,'8z4zaBkW5D','dave.lewis@adaptcentre.ie','a.burburan@gmail.com','2017-07-28 14:32:15'),
+	(2,'Op4cMXAhv7','a.burburan@gmail.com','a.burburan@gmail.com','2017-07-31 14:01:07'),
+	(3,'Op4cMXAhv7','a.burburan@gmail.com','dylanterry2@gmail.com','2017-07-31 10:22:25'),
+	(4,'Op4cMXAhv7','a.burburan@gmail.com','arturo.calvo@adaptcentre.ie','2017-07-31 10:22:25'),
+	(5,'Op4cMXAhv7','a.burburan@gmail.com','dave.lewis@adaptcentre.ie','2017-07-31 10:22:25'),
+	(6,'Op4cMXAhv7','a.burburan@gmail.com','myersjo@tcd.ie','2017-07-31 10:22:25');
 
 /*!40000 ALTER TABLE `collaborators` ENABLE KEYS */;
 UNLOCK TABLES;
@@ -130,42 +126,42 @@ CREATE TABLE `tags` (
   `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
   `tag` varchar(100) DEFAULT NULL,
   `description` varchar(200) DEFAULT NULL,
-  `username` varchar(45) DEFAULT NULL,
+  `canvas_id` varchar(45) DEFAULT NULL,
   PRIMARY KEY (`id`),
-  KEY `username` (`username`),
-  CONSTRAINT `tags_ibfk_1` FOREIGN KEY (`username`) REFERENCES `user` (`username`)
+  KEY `canvas_id` (`canvas_id`),
+  CONSTRAINT `tags_ibfk_1` FOREIGN KEY (`canvas_id`) REFERENCES `canvas` (`canvas_id`) ON DELETE CASCADE ON UPDATE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
 
 LOCK TABLES `tags` WRITE;
 /*!40000 ALTER TABLE `tags` DISABLE KEYS */;
 
-INSERT INTO `tags` (`id`, `tag`, `description`, `username`)
+INSERT INTO `tags` (`id`, `tag`, `description`, `canvas_id`)
 VALUES
-	(1,'free education','Lorem ipsum free education dolor sit amet, consectetur adipiscing elit. Habes, inquam, Cato, formam eorum, de quibus loquor, philosophorum. Hoc Hieronymus summum bonum esse dixit.','a.burburan@gmail.com'),
-	(2,'CRISPR','Tu autem CRISPR inter haec tantam multitudinem hominum interiectam non vides nec laetantium nec dolentium?','a.burburan@gmail.com'),
-	(3,'evil corporation','Quae hic evil corporation rei publicae vulnera inponebat, eadem ille sanabat.','a.burburan@gmail.com'),
-	(4,'dogs','Dogs go \"ruff\"!','a.burburan@gmail.com'),
-	(5,'capitalism','Tertium autem capitalism omnibus aut maximis rebus iis, quae secundum naturam sint, fruentem vivere. Haec bene dicuntur, nec ego repugno, sed inter sese ipsa pugnant. Rationis enim perfectio est.','arturo.calvo@adaptcentre.ie'),
-	(6,'water balloons','At modo water balloons dixeras nihil in istis rebus esse, quod interesset.','myersjo@tcd.ie'),
-	(7,'liquid nitrogen','Nihil opus liquid nitrogen est exemplis hoc facere longius. Suo genere perveniant ad extremum; Quodsi vultum tibi, si incessum fingeres, quo gravior viderere, non esses tui similis.','myersjo@tcd.ie'),
-	(8,'CCTV','Itaque earum CCTV rerum hic tenetur a sapiente delectus.','arturo.calvo@adaptcentre.ie'),
-	(9,'animal testing','Ut placet animal testing etsi enim illud erat aptius, aequum cuique concedere. Aliter enim nosmet ipsos nosse non possumus.','a.burburan@gmail.com'),
-	(10,'evil corporations','Sed ut evil corporations perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium.','arturo.calvo@adaptcentre.ie'),
-	(11,'devil corporation','Nemo enim cool corporation ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit.','arturo.calvo@adaptcentre.ie'),
-	(12,'evil corporation','Quis nostrum evil corporation exercitationem ullam corporis suscipit laboriosam.','myersjo@tcd.ie'),
-	(13,'super fun time','Testing!','a.burburan@gmail.com'),
-	(14,'cats','Cats go \"meow\"!','a.burburan@gmail.com'),
-	(15,'test','This is an incredibly interesting test!','a.burburan@gmail.com'),
-	(16,'test 1','Profectus in exilium Tubulus statim nec respondere ausus; Nam, ut sint illa vendibiliora, haec uberiora certe sunt. Quae sequuntur igitur? Quicquid porro animo cernimus, id omne oritur a sensibus.','arturo.calvo@adaptcentre.ie'),
-	(17,'test 2','Non pugnem homine, cur tantum habeat in natura boni; Conferam tecum, quam cuique verso rem subicias; Primum in nostrane potestate est, quid meminerimus? Satisne vobis videor pro meo iure in vestris.','myersjo@tcd.ie'),
-	(18,'test 3','A mene tu? Vide, quaeso, rectumne sit. Idem iste, inquam, de voluptate quid sentit? Intellegi quidem, ut propter aliam quampiam rem, verbi gratia propter voluptatem.','arturo.calvo@adaptcentre.ie'),
-	(19,'test 4','Ut id aliis narrare gestiant? Quae finem ille. An hoc usque quaque, aliter in vita? Sed plane dicit quod intellegit. Quamquam haec quidem praeposita recte et reiecta dicere licebit.','arturo.calvo@adaptcentre.ie'),
-	(20,'test 5','Quod ea non occurrentia fingunt, vincunt Aristonem; Luxuriam non reprehendit, modo sit vacua infinita cupiditate et timore. Et quidem, inquit. Laboro autem non sine causa; Cave putes quicquam esse.','myersjo@tcd.ie'),
-	(21,'test 6','Quacumque enim ingredimur, in aliqua historia vestigium ponimus. Non potes, nisi retexueris illa. Quamquam ab iis philosophiam et omnes ingenua. Duo Reges constructio interrete. Putabam equidem satis.','myersjo@tcd.ie'),
-	(22,'test 7','Falli igitur possumus. Maximus dolor, inquit, brevis est. Quare ad ea primum, si videtur; Duo Reges: constructio interrete. Sed quot homines. Aliter homines, aliter philosophos loqui putas oportere.','arturo.calvo@adaptcentre.ie'),
-	(23,'test 8','Aliter enim explicari, quod quaeritur, non potest. An eum discere ea mavis, quae cum plane perdidiceriti nihil. Non minor, inquit, voluptas percipitur ex vilissimis.','myersjo@tcd.ie'),
-	(24,'test 9','In tantum modo ad indicia veteris memoriae cognoscenda, curiosorum. Sed tamen est aliquid, quod nobis non liceat, liceat illis. Ex ea difficultate illae fallaciloquae, ut ait accius malitiae natae.','arturo.calvo@adaptcentre.ie'),
-	(25,'civil corporation','Sed ad bona praeterita redeamus. Egone quaeris, inquit, quid sentiam? Maximas vero virtutes iacere omnis necesse est voluptate dominante.','mlumley@shulmans.co.uk');
+	(1,'free education','Lorem ipsum free education dolor sit amet, consectetur adipiscing elit. Habes, inquam, Cato, formam eorum, de quibus loquor, philosophorum. Hoc Hieronymus summum bonum esse dixit.','Op4cMXAhv7'),
+	(2,'CRISPR','Tu autem CRISPR inter haec tantam multitudinem hominum interiectam non vides nec laetantium nec dolentium?','Op4cMXAhv7'),
+	(3,'evil corporation','Quae hic evil corporation rei publicae vulnera inponebat, eadem ille sanabat.','Op4cMXAhv7'),
+	(4,'dogs','Dogs go \"ruff\"!','Op4cMXAhv7'),
+	(5,'capitalism','Tertium autem capitalism omnibus aut maximis rebus iis, quae secundum naturam sint, fruentem vivere. Haec bene dicuntur, nec ego repugno, sed inter sese ipsa pugnant. Rationis enim perfectio est.','M1sJHSbTdD'),
+	(6,'water balloons','At modo water balloons dixeras nihil in istis rebus esse, quod interesset.','9rqtf43AsZ'),
+	(7,'liquid nitrogen','Nihil opus liquid nitrogen est exemplis hoc facere longius. Suo genere perveniant ad extremum; Quodsi vultum tibi, si incessum fingeres, quo gravior viderere, non esses tui similis.','9rqtf43AsZ'),
+	(8,'CCTV','Itaque earum CCTV rerum hic tenetur a sapiente delectus.','M1sJHSbTdD'),
+	(9,'animal testing','Ut placet animal testing etsi enim illud erat aptius, aequum cuique concedere. Aliter enim nosmet ipsos nosse non possumus.','Op4cMXAhv7'),
+	(10,'evil corporations','Sed ut evil corporations perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium.','M1sJHSbTdD'),
+	(11,'devil corporation','Nemo enim cool corporation ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit.','M1sJHSbTdD'),
+	(12,'evil corporation','Quis nostrum evil corporation exercitationem ullam corporis suscipit laboriosam.','9rqtf43AsZ'),
+	(13,'super fun time','Testing!','Op4cMXAhv7'),
+	(14,'cats','Cats go \"meow\"!','Op4cMXAhv7'),
+	(15,'test','This is an incredibly interesting test!','Op4cMXAhv7'),
+	(16,'test 1','Profectus in exilium Tubulus statim nec respondere ausus; Nam, ut sint illa vendibiliora, haec uberiora certe sunt. Quae sequuntur igitur? Quicquid porro animo cernimus, id omne oritur a sensibus.','M1sJHSbTdD'),
+	(17,'test 2','Non pugnem homine, cur tantum habeat in natura boni; Conferam tecum, quam cuique verso rem subicias; Primum in nostrane potestate est, quid meminerimus? Satisne vobis videor pro meo iure in vestris.','9rqtf43AsZ'),
+	(18,'test 3','A mene tu? Vide, quaeso, rectumne sit. Idem iste, inquam, de voluptate quid sentit? Intellegi quidem, ut propter aliam quampiam rem, verbi gratia propter voluptatem.','M1sJHSbTdD'),
+	(19,'test 4','Ut id aliis narrare gestiant? Quae finem ille. An hoc usque quaque, aliter in vita? Sed plane dicit quod intellegit. Quamquam haec quidem praeposita recte et reiecta dicere licebit.','M1sJHSbTdD'),
+	(20,'test 5','Quod ea non occurrentia fingunt, vincunt Aristonem; Luxuriam non reprehendit, modo sit vacua infinita cupiditate et timore. Et quidem, inquit. Laboro autem non sine causa; Cave putes quicquam esse.','9rqtf43AsZ'),
+	(21,'test 6','Quacumque enim ingredimur, in aliqua historia vestigium ponimus. Non potes, nisi retexueris illa. Quamquam ab iis philosophiam et omnes ingenua. Duo Reges constructio interrete. Putabam equidem satis.','9rqtf43AsZ'),
+	(22,'test 7','Falli igitur possumus. Maximus dolor, inquit, brevis est. Quare ad ea primum, si videtur; Duo Reges: constructio interrete. Sed quot homines. Aliter homines, aliter philosophos loqui putas oportere.','M1sJHSbTdD'),
+	(23,'test 8','Aliter enim explicari, quod quaeritur, non potest. An eum discere ea mavis, quae cum plane perdidiceriti nihil. Non minor, inquit, voluptas percipitur ex vilissimis.','9rqtf43AsZ'),
+	(24,'test 9','In tantum modo ad indicia veteris memoriae cognoscenda, curiosorum. Sed tamen est aliquid, quod nobis non liceat, liceat illis. Ex ea difficultate illae fallaciloquae, ut ait accius malitiae natae.','M1sJHSbTdD'),
+	(25,'civil corporation','Sed ad bona praeterita redeamus. Egone quaeris, inquit, quid sentiam? Maximas vero virtutes iacere omnis necesse est voluptate dominante.','M1sJHSbTdD');
 
 /*!40000 ALTER TABLE `tags` ENABLE KEYS */;
 UNLOCK TABLES;

canvas/js/canvas.js

@@ -55,8 +55,6 @@ $(document).ready(function() {
         $("input[name='canvas_id']").val(randomString);
     }
     
-    console.log(canvasId);
-    
     /* ================================================
     Rearrange fields numerically if 1 column is displayed
     ================================================= */
@@ -1395,6 +1393,8 @@ $(document).ready(function() {
     Serialize Form to JSON
     ================================================= */
     
+    // ååå 1
+    
     $.fn.serializeObject = function() {
         var o = {};
         var a = this.serializeArray();
@@ -1445,9 +1445,10 @@ $(document).ready(function() {
     otherwise load an empty canvas
     ================================================= */
     
+    // ååå 2
+    
     // if a canvas is chosen by the user to be loaded
     if (current_canvas_id !== '') {
-        
         var url = 'json/' + current_canvas_id + '.json';
         // var url= 'json/test_canvas.json';
         
@@ -1951,17 +1952,18 @@ $(document).ready(function() {
     CLICK ON #EXPORT JSON# form button
     ================================================= */
     
-    // ååå
-    
     /* ----------------------------------------------
     If the user clicks on the SAVE CANVAS button
     ----------------------------------------------- */
     $('.canvas-form').on('click', '.json_exp', function() {
         
         /* ----------------------------------------------
-        A: saving the canvas
+        A: Saving the canvas
         as a registered user
         ----------------------------------------------- */
+        
+        // ååå 3
+        
         //  php variables are retieved in the header of the canvas index.php as js variables -->
         var name_save_canvas = $('.form-header').find('.proj_title').val();
         var date_save_canvas = $('.form-header').find('.proj_date').val();
@@ -1987,7 +1989,7 @@ $(document).ready(function() {
                 if ($('.imp-exp-btn ').find(".save-canvas-feedback") !== null) {
                     $('.imp-exp-btn ').find(".save-canvas-feedback").remove();
                 }
-                $('.canvas-form').find('.imp-exp-btn ').append('<div class="save-canvas-feedback"><p><span class="glyphicon glyphicon-ok" aria-hidden="true"></span>Your canvas has been saved in your dashbord</p></div>');
+                $('.canvas-form').find('.imp-exp-btn ').append('<div class="save-canvas-feedback"><p><span class="glyphicon glyphicon-ok" aria-hidden="true"></span>Your canvas has been saved in your dashboard</p></div>');
                 // remove the canvas is saves message as soon as user changes the canvas
                 // $('.canvas-form').on("change keyup", 'textarea', function() {
                 $('.canvas-form').on("change keyup", '.expandable', function() {
@@ -2003,6 +2005,8 @@ $(document).ready(function() {
             and save it on the server
             ----------------------------------------------- */
             
+            // ååå 4
+            
             // $('#result').text(JSON.stringify($('.canvas-form').serializeObject()));
             
             // Make the JSON object into a JSON string

canvas/js/dashboard.js

@@ -51,12 +51,12 @@ $(function() {
             var canvasGalleryHTML = '<div class="canvas-gallery-item col-md-4 col-sm-6 text-center" id="' + canvasItem.canvas_id + '"><div class="col-md-12 color' + canvas_color_index + '"><h4>Canvas Title:</h4><h3>' + canvasItem.canvas_name + '</h3><p>Created:</p><p>' + canvasItem.canvas_date + '</p></div><button type="button" class="remove-canvas"><span class="glyphicon glyphicon-remove-circle" aria-hidden="true"></span>Remove</button></div>';
             //the added divs are appended to the outer gallery div .user-canvas-gallery
             $('.user-dashboard').find('.user-canvas-gallery').append(canvasGalleryHTML);
-        }); // end of $.each loop for the user canvas data
+        }); // End of $.each loop for the user canvas data
         
-        // if the AJAX request fails
+        // If the AJAX request fails
     }).fail(function(jqXHR) {
         console.log("Error " + jqXHR.status + ' ' + jqXHR.statustext);
-    }); // end of AJAX request t post the user's email
+    }); // End of AJAX request t post the user's email
     
     /* ---------------------------------------------------------
     An AJAX request to load canvases shared with the user
@@ -100,12 +100,12 @@ $(function() {
             var canvasGalleryHTML = '<div class="canvas-gallery-item col-md-4 col-sm-6 text-center" id="' + canvasItem.canvas_id + '"><div class="col-md-12 color' + canvas_color_index + '"><h4>Canvas Title:</h4><h3>' + canvasItem.canvas_name + '</h3><p>Owner:</p><p>' + canvasItem.owner + '</p></div></div>';
             //the added divs are appended to the outer gallery div .user-canvas-gallery
             $('.user-dashboard').find('.shared-canvases-gallery').append(canvasGalleryHTML);
-        }); // end of $.each loop for the user canvas data
-
-        // if the AJAX request fails
+        }); // End of $.each loop for the user canvas data
+        
+        // If the AJAX request fails
     }).fail(function(jqXHR) {
         console.log("Error " + jqXHR.status + ' ' + jqXHR.statustext);
-    }); // end of AJAX request t post the user's email
+    }); // End of AJAX request t post the user's email
     
     /*=============================================
      Handling click on the log out button
@@ -134,7 +134,7 @@ $(function() {
             }
         });
         // window.location.href='../index.php';
-    }); //end of 'click' on '.canvas-gallery-item'
+    }); // End of 'click' on '.canvas-gallery-item'
     
     /*=============================================
      Handling the click on "remove" btn for each
@@ -143,8 +143,9 @@ $(function() {
     // .remove-canvas
     $('.user-dashboard').on('click', '.remove-canvas', function(event) {
         event.stopPropagation();
-        //get the serialized canvas id for this element (given to the element as it's id attribute by the time of creation)
+        // Get the serialized canvas id for this element (given to the element as it's id attribute by the time of creation)
         var remove_canvas_ID = $(this).closest('.canvas-gallery-item').attr('id');
+        
         $(this).closest('.canvas-gallery-item').remove();
         // Also tell the back end to remove this from the database
         var url = 'remove-canvas.php';
@@ -152,6 +153,6 @@ $(function() {
             remove_canvas_ID: remove_canvas_ID
         }, function(data, status) {
             console.log("response from remove-canvas.php: --DATA: " + data + " --STATUS:" + status);
-        }); //end of ajax post
-    }); // end of 'click', '.remove-canvas'
-}); // end of dashbord.js file
+        }); // End of ajax post
+    }); // End of 'click', '.remove-canvas'
+}); // End of dashbord.js file

canvas/php/dashboard.php

@@ -126,8 +126,8 @@
                             <li><img src="../../icon/by.large.png" alt="ethics-canvas-by-icon"/> </li>
                             <li><img src="../../icon/share.large.png" alt="ethics-canvas-share-icon"/> </li>
                             <li><img src="../../icon/cc.large.png" alt="ethics-canvas-cc-icon"/> </li>
-                            <li> <img src="../../icon/remix.large.png" alt="ethics-canvas-remix-icon"/></li>
-                            <li> <img src="../../icon/sa.large.png" alt="ethics-canvas-sa-icon"/></li>
+                            <li><img src="../../icon/remix.large.png" alt="ethics-canvas-remix-icon"/></li>
+                            <li><img src="../../icon/sa.large.png" alt="ethics-canvas-sa-icon"/></li>
                         </ul>
                     </div>
                     <p class="ethics-copy terms"><a href="../../privacy-terms/terms.html">Terms of Service</a></p>

canvas/php/remove-canvas.php

@@ -1,38 +1,37 @@
 <?php
- /* Removes the canvas passed by parameter, prior check that it
-    belongs to the user currently logged in                    */
- session_start();
-
- if(!isset($_POST['remove_canvas_ID'], $_SESSION['userlogin'])) {
-   echo 400; // Missing parameters
- }
- else {
-   // Retrieve user credentials
-   $canvas_id = $_POST['remove_canvas_ID'];
-   $email = $_SESSION['userlogin'];
-
-   require_once('../../php/db_utils.php');
-   $conn = db_connect(); // Connect to the database
-
-   // Check if the canvas exists and belongs to the current user
-   if(!($result = mysqli_query($conn, "SELECT canvas_id FROM canvas WHERE canvas_id = '$canvas_id' AND user_id = '$email'"))) {
-      echo 400; // Wrong query
-   }
-   else if(mysqli_num_rows($result) != 1) { // User not registered or duplicated
-      echo 401;
-   }
-   else { // Canvas exists: delete canvas
-     if(!mysqli_query($conn, "DELETE FROM canvas WHERE canvas_id = '$canvas_id'")) {
-       echo 400; // Wrong query
-     }
-     else { // Canvas successfully deleted: remove json file
-       unlink("../json/$canvas_id.json");
-       echo 200;
-     }
-   }
-
-   mysqli_free_result($result);
-   db_close($conn); // Close the database
-}
-
-?>
+    /* Removes the canvas passed by parameter, prior check that it
+        belongs to the user currently logged in                    */
+    session_start();
+    
+    if(!isset($_POST['remove_canvas_ID'], $_SESSION['userlogin'])) {
+        echo 400; // Missing parameters
+    }
+    else {
+        // Retrieve user credentials
+        $canvas_id = $_POST['remove_canvas_ID'];
+        $email = $_SESSION['userlogin'];
+        
+        require_once('../../php/db_utils.php');
+        $conn = db_connect(); // Connect to the database
+        
+        // Check if the canvas exists and belongs to the current user
+        if(!($result = mysqli_query($conn, "SELECT canvas_id FROM canvas WHERE canvas_id = '$canvas_id' AND user_id = '$email'"))) {
+            echo 400; // Wrong query
+        }
+        else if(mysqli_num_rows($result) != 1) { // User not registered or duplicated
+            echo 401;
+        }
+        else { // Canvas exists: delete canvas
+            if(!mysqli_query($conn, "DELETE FROM canvas WHERE canvas_id = '$canvas_id'")) {
+                echo 400; // Wrong query
+            }
+            else { // Canvas successfully deleted: remove json file
+                unlink("../json/$canvas_id.json");
+                echo 200;
+            }
+        }
+        
+        mysqli_free_result($result);
+        db_close($conn); // Close the database
+    }
+?>