7 年之前 · 95c7ad8851
--- a/canvas/js/canvas.js
+++ b/canvas/js/canvas.js
@@ -384,6 +384,27 @@ $(document).ready(function() {
 
															     Collaborative features
														
 
															     ================================================= */
														
 
															+    // Add the owner as a collaborator if the currently logged in user is the owner and hasn't been added before
														
 
															+    function addOwnerToCollaborators() {
														
 
															+        // AJAX
														
 
															+        $.ajax({
														
 
															+            type: "POST",
														
 
															+            url: "php/add-owner-to-collaborators.php",
														
 
															+            dataType: "JSON",
														
 
															+            data: {
														
 
															+                "canvas_id": canvasId
														
 
															+            },
														
 
															+            timeout: 5000,
														
 
															+            success: function() {
														
 
															+            },
														
 
															+            error: function(xhr) {
														
 
															+                console.log(xhr.statusText);
														
 
															+            }
														
 
															+        });
														
 
															+    }
														
 
															+    
														
 
															+    addOwnerToCollaborators();
														
 
															+    
														
 
															     // Update active collaborators
														
 
															     function updateActiveCollaborators() {
														
 
															         // AJAX
														
@@ -429,8 +450,10 @@ $(document).ready(function() {
 
															                     // Toggle the text explaining that the canvas is saved automatically
														
 
															                     // $("p#save-canvas").hide();
														
 
															-                    $("p#saved-automatically").show();
														
 
															-                    $("div.save-canvas-feedback").hide();
														
 
															+                    if(returnData.length > 1) {
														
 
															+                        $("p#saved-automatically").show();
														
 
															+                        $("div.save-canvas-feedback").hide();
														
 
															+                    }
														
 
															                     // If the user clicks on the "Remove" button
														
 
															                     showRemoveCollaboratorDialog();
														
--- a/canvas/js/dashboard.js
+++ b/canvas/js/dashboard.js
@@ -98,7 +98,7 @@ $(function() {
 
															             }
														
 
															             var canvasGalleryHTML = '<div class="canvas-gallery-item col-md-4 col-sm-6 text-center" id="' + canvasItem.canvas_id + '"><div class="col-md-12 color' + canvas_color_index + '"><h4>Canvas Title:</h4><h3>' + canvasItem.canvas_name + '</h3><p>Owner:<br />' + canvasItem.owner + '</p></div></div>';
														
 
															-            //the added divs are appended to the outer gallery div .user-canvas-gallery
														
 
															+            // The added divs are appended to the outer gallery div .user-canvas-gallery
														
 
															             $('.user-dashboard').find('.shared-canvases-gallery').append(canvasGalleryHTML);
														
 
															         }); // End of $.each loop for the user canvas data
														
--- a/canvas/php/add-collaborator.php
+++ b/canvas/php/add-collaborator.php
@@ -2,6 +2,7 @@
 
															     require_once("../../php/db_utils.php");
														
 
															     try {
														
 
															+        // Declarations
														
 
															         $collaboratorIsMember = false;
														
 
															         $collaboratorExists = false;
														
@@ -48,7 +49,7 @@
 
															         }
														
 
															         else if($collaboratorIsMember == true && $collaboratorExists == false) {
														
 
															             // Add collaborator
														
 
															-            $query = 'INSERT INTO collaborators (canvas_id, owner, collaborator) VALUE ("' . $canvasId . '", "' . $username . '", "' . $collaborator . '");';
														
 
															+            $query = 'INSERT INTO collaborators (canvas_id, owner, collaborator) VALUES ("' . $canvasId . '", "' . $username . '", "' . $collaborator . '");';
														
 
															             echo(3);
														
 
															         }
														
--- a/canvas/php/add-owner-to-collaborators.php
+++ b/canvas/php/add-owner-to-collaborators.php
@@ -0,0 +1,56 @@
 
															+<?php
														
 
															+    require_once("../../php/db_utils.php");
														
 
															+    
														
 
															+    try {
														
 
															+        // Declarations
														
 
															+        $ownerExists = false;
														
 
															+        
														
 
															+        // Connect to the database
														
 
															+        $database = db_connect();
														
 
															+        
														
 
															+        // Incoming data
														
 
															+        $canvasId = $_POST["canvas_id"];
														
 
															+        
														
 
															+        // Check if the collaborator is a member
														
 
															+        $query = 'SELECT collaborator
														
 
															+                  FROM collaborators
														
 
															+                  WHERE canvas_id = "' . $canvasId . '"
														
 
															+                  AND collaborator = (SELECT owner
														
 
															+                                      FROM collaborators
														
 
															+                                      WHERE canvas_id = "' . $canvasId . '"
														
 
															+                                      LIMIT 1);';
														
 
															+                                        
														
 
															+        $recordSet = db_query_return($database, $query);
														
 
															+        
														
 
															+        $record = mysqli_fetch_assoc($recordSet);
														
 
															+        
														
 
															+        if(isset($record["collaborator"])) {
														
 
															+            $ownerExists = true;
														
 
															+        }
														
 
															+        
														
 
															+        // If the owner does not already exist
														
 
															+        if($ownerExists == false) {
														
 
															+            // Add owner
														
 
															+            $query = 'INSERT INTO collaborators (canvas_id, owner, collaborator)
														
 
															+                      VALUES ("' . $canvasId . '",
														
 
															+                             (SELECT user_id
														
 
															+                              FROM canvas
														
 
															+                              WHERE canvas_id = "' . $canvasId . '"
														
 
															+                              LIMIT 1),
														
 
															+                             (SELECT user_id
														
 
															+                              FROM canvas
														
 
															+                              WHERE canvas_id = "' . $canvasId . '"
														
 
															+                              LIMIT 1));';
														
 
															+                                
														
 
															+            // Insert new or update old description
														
 
															+            db_query_no_return($database, $query);
														
 
															+        }
														
 
															+        
														
 
															+        // Close the connection to the database
														
 
															+        db_close($database);
														
 
															+    }
														
 
															+    catch(Exception $e) {
														
 
															+        $errorMsg = $e->getMessage();
														
 
															+        print_r($errorMsg);
														
 
															+    }
														
 
															+?>
														
--- a/canvas/php/dashboard.php
+++ b/canvas/php/dashboard.php
@@ -8,7 +8,7 @@
 
															         $conn = db_connect(); // Connect to the database
														
 
															         // Check if the username exists
														
 
															-        if(($result = mysqli_query($conn, 'SELECT name FROM user WHERE username = "$email"'))) {
														
 
															+        if(($result = mysqli_query($conn, 'SELECT name FROM user WHERE username = "' . $email . '"'))) {
														
 
															             // Check that there is only one user with this email
														
 
															             if(mysqli_num_rows($result) == 1) {
														
 
															                 $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
														
--- a/canvas/php/load_other_canvases.php
+++ b/canvas/php/load_other_canvases.php
@@ -8,7 +8,7 @@
 
															     $conn = db_connect(); // Connect to the database
														
 
															     // Check if the username already exists
														
 
															-    if(!($result = mysqli_query($conn, "SELECT name FROM user WHERE username = '$email'"))) {
														
 
															+    if(!($result = mysqli_query($conn, 'SELECT name FROM user WHERE username = "' . $email . '"'))) {
														
 
															         echo 400; // Wrong query
														
 
															     }
														
 
															     else if(mysqli_num_rows($result) != 1) { // User not registered or duplicated
														
@@ -16,11 +16,7 @@
 
															     }
														
 
															     else { // User registered: Retrieve canvases
														
 
															         if(!($result = mysqli_query($conn,
														
 
															-            "SELECT canvas.canvas_id, canvas.canvas_name, canvas.canvas_date, collaborators.owner
														
 
															-            FROM canvas
														
 
															-            INNER JOIN collaborators ON canvas.user_id = collaborators.owner
														
 
															-            WHERE collaborators.collaborator = '" . $email . "'
														
 
															-            AND NOT canvas.user_id = '" . $email . "';"))) {
														
 
															+                                    'SELECT * FROM canvas INNER JOIN collaborators ON canvas.canvas_id = collaborators.canvas_id WHERE collaborators.collaborator = "' . $email . '" AND NOT collaborators.owner = "' . $email . '";'))) {
														
 
															             echo 400; // Wrong query
														
 
															         }
														
 
															         else { // Request accepted
														
--- a/canvas/php/load_user_canvases.php
+++ b/canvas/php/load_user_canvases.php
@@ -8,14 +8,14 @@
 
															     $conn = db_connect(); // Connect to the database
														
 
															     // Check if the username already exists
														
 
															-    if(!($result = mysqli_query($conn, "SELECT name FROM user WHERE username = '$email'"))) {
														
 
															+    if(!($result = mysqli_query($conn, 'SELECT name FROM user WHERE username = "' . $email . '"'))) {
														
 
															         echo 400; // Wrong query
														
 
															     }
														
 
															     else if(mysqli_num_rows($result) != 1) { // User not registered or duplicated
														
 
															         echo 401;
														
 
															     }
														
 
															     else { // User registered: Retrieve canvases
														
 
															-        if(!($result = mysqli_query($conn, "SELECT * FROM canvas WHERE user_id = '$email'"))) {
														
 
															+        if(!($result = mysqli_query($conn,  'SELECT * FROM canvas WHERE user_id = "' . $email . '"'))) {
														
 
															             echo 400; // Wrong query
														
 
															         }
														
 
															         else { // Request accepted
														
--- a/canvas/php/update-active-collaborators.php
+++ b/canvas/php/update-active-collaborators.php
@@ -10,7 +10,7 @@
 
															         $username = $_POST["username"];
														
 
															         // Update last active of the current user
														
 
															-        $query = 'UPDATE collaborators SET lastactive = NOW() WHERE canvas_id = "' . $canvasId . '" AND owner = "' . $username . '" AND collaborator = "' . $username . '";';
														
 
															+        $query = 'UPDATE collaborators SET lastactive = NOW() WHERE canvas_id = "' . $canvasId . '" AND collaborator = "' . $username . '";';
														
 
															         // Run query
														
 
															         db_query_no_return($database, $query);
														
@@ -30,12 +30,11 @@
 
															                   AND NOT collaborator = '" . $username . "'
														
 
															                   ORDER BY name ASC;";
														
 
															          */
														
 
															+            
														
 
															         $query = 'SELECT user.name, collaborators.collaborator, collaborators.lastactive
														
 
															                   FROM collaborators
														
 
															                   INNER JOIN user ON collaborators.collaborator = user.username
														
 
															                   WHERE canvas_id = "' . $canvasId . '"
														
 
															-                  AND owner = "' . $username . '"
														
 
															-                  AND NOT collaborator = "' . $username . '"
														
 
															                   ORDER BY name ASC;';
														
 
															         // /* AND lastactive BETWEEN DATE_SUB(NOW(), INTERVAL 7 SECOND) AND NOW() */