Add notification view/delete UI to homepage (closes #10)

action.php

@@ -21,8 +21,6 @@ if ($VARS['action'] == 'signout' && $_SESSION['loggedin'] != true) {
 
 dieifnotloggedin();
 
-engageRateLimit();
-
 function returnToSender($msg, $arg = "") {
     global $VARS;
     if ($arg == "") {
@@ -40,6 +38,7 @@ switch ($VARS['action']) {
         header('Location: index.php');
         die("Logged out.");
     case "chpasswd":
+        engageRateLimit();
         $error = [];
         $user = new User($_SESSION['uid']);
         try {
@@ -59,6 +58,7 @@ switch ($VARS['action']) {
         }
         break;
     case "chpin":
+        engageRateLimit();
         $error = [];
         if (!($VARS['newpin'] == "" || (is_numeric($VARS['newpin']) && strlen($VARS['newpin']) >= 1 && strlen($VARS['newpin']) <= 8))) {
             returnToSender("invalid_pin_format");
@@ -82,8 +82,35 @@ switch ($VARS['action']) {
         Log::insert(LogType::ADDED_2FA, $user);
         returnToSender("2fa_enabled");
     case "rm2fa":
+        engageRateLimit();
         (new User($_SESSION['uid']))->save2fa("");
         Log::insert(LogType::REMOVED_2FA, $_SESSION['uid']);
         returnToSender("2fa_removed");
         break;
+    case "readnotification":
+        $user = new User($_SESSION['uid']);
+
+        if (empty($VARS['id'])) {
+            returnToSender("invalid_parameters#notifications");
+        }
+        try {
+            Notifications::read($user, $VARS['id']);
+            returnToSender("#notifications");
+        } catch (Exception $ex) {
+            returnToSender("invalid_parameters#notifications");
+        }
+        break;
+    case "deletenotification":
+        $user = new User($_SESSION['uid']);
+
+        if (empty($VARS['id'])) {
+            returnToSender("invalid_parameters#notifications");
+        }
+        try {
+            Notifications::delete($user, $VARS['id']);
+            returnToSender("notification_deleted#notifications");
+        } catch (Exception $ex) {
+            returnToSender("invalid_parameters#notifications");
+        }
+        break;
 }

langs/en/notifications.json

@@ -0,0 +1,6 @@
+{
+    "Notifications": "Notifications",
+    "Notification deleted.": "Notification deleted.",
+    "Mark as read": "Mark as read",
+    "Delete": "Delete"
+}

langs/messages.php

@@ -45,10 +45,6 @@ define("MESSAGES", [
         "string" => "account state error",
         "type" => "danger"
     ],
-    "ldap_error" => [
-        "string" => "ldap server error",
-        "type" => "danger"
-    ],
     "passwords_same" => [
         "string" => "old and new passwords match",
         "type" => "danger"
@@ -72,6 +68,9 @@ define("MESSAGES", [
     "invalid_pin_format" => [
         "string" => "invalid pin format",
         "type" => "danger"
+    ],
+    "notification_deleted" => [
+        "string" => "Notification deleted.",
+        "type" => "success"
     ]
-    
 ]);

pages/home.php

@@ -90,4 +90,54 @@
             </div>
         </div>
     </div>
+</div>
+
+<h3 class="font-weight-normal mt-4" id="notifications"><i class="fas fa-bell"></i> <?php $Strings->get("Notifications"); ?></h3>
+<div class="row">
+    <?php
+    $notifications = Notifications::get(User::byUsername($_SESSION['username']));
+    foreach ($notifications as $n) {
+        ?>
+        <div class="col-12 col-sm-6 col-md-4 col-xl-3">
+            <div class="card mb-4">
+                <div class="card-body <?php echo ($n['seen'] ? "text-muted" : "font-weight-bold"); ?>">
+                    <div class="d-flex flex-wrap justify-content-between">
+                        <h5 class="card-title"><?php echo $n['title']; ?></h5>
+                        <div class="d-flex flex-wrap">
+                            <form action="action.php" method="POST" class="mr-2">
+                                <input type="hidden" name="source" value="home" />
+                                <input type="hidden" name="id" value="<?php echo $n['id']; ?>" />
+                                <button type="submit" class="btn btn-sm btn-primary" name="action" value="readnotification" title="<?php $Strings->get("Mark as read"); ?>">
+                                    <i class="fas fa-eye"></i>
+                                </button>
+                            </form>
+                            <form action="action.php" method="POST">
+                                <input type="hidden" name="source" value="home" />
+                                <input type="hidden" name="id" value="<?php echo $n['id']; ?>" />
+                                <button type="submit" class="btn btn-sm btn-danger" name="action" value="deletenotification" title="<?php $Strings->get("Delete"); ?>">
+                                    <i class="fas fa-trash"></i>
+                                </button>
+                            </form>
+                        </div>
+                    </div>
+                    <div class="card-text"><?php echo $n['content']; ?></div>
+                </div>
+                <div class="card-footer">
+                    <div class="card-text">
+                        <i class="fas fa-clock"></i>
+                        <?php
+                        $ts = strtotime($n['timestamp']);
+                        if (time() - $ts < 60 * 60 * 12) {
+                            echo date(TIME_FORMAT, $ts);
+                        } else {
+                            echo date(DATETIME_FORMAT, $ts);
+                        }
+                        ?>
+                    </div>
+                </div>
+            </div>
+        </div>
+        <?php
+    }
+    ?>
 </div>

settings.template.php

@@ -131,6 +131,11 @@ define('EXTERNAL_APPS', [
     ],
 ]);
 
+// Used for notification timestamp display.
+define("DATETIME_FORMAT", "M j, g:i a");
+define("TIME_FORMAT", "g:i");
+
+
 // Email settings for receiving admin alerts.
 define("USE_SMTP", TRUE); // if FALSE, will use PHP's mail() instead
 define("ADMIN_EMAIL", "");