Improve security

Change-Id: Ia98bb629c8c81f609d3a5e4d023616a95f9c4248
diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 0000000..538ba2b
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,5 @@
+root = true
+
+[*]
+indent_style = tab
+indent_size = 2
diff --git a/admin/createtable.php b/admin/createtable.php
index b5b411f..971499b 100644
--- a/admin/createtable.php
+++ b/admin/createtable.php
@@ -13,7 +13,7 @@
 	  `quimata` int(11) NOT NULL,
 	  `requested` tinyint(1) NOT NULL DEFAULT 0,
 	  `mort` tinyint(1) NOT NULL DEFAULT 0,
-	  `password` varchar(100) NOT NULL DEFAULT '',
+	  `password` varchar(255) NOT NULL DEFAULT '',
 	  `bits` int(3) NOT NULL
 	)",
 	"CREATE TABLE `$mortsname` (
@@ -27,4 +27,3 @@
 	
 	foreach ($queries as $query) if (!query($query)) die('An error ocurred. ' . $query);
 	die("<script>window.location.href = './?dbname=$dbname'</script>");
-?>
diff --git a/ajax/getusers.php b/ajax/getusers.php
index 181ca56..8df8a4e 100644
--- a/ajax/getusers.php
+++ b/ajax/getusers.php
@@ -10,6 +10,7 @@
 		
 		$user["nopassword"] = ($user["md5password"] == "" ? "nopassword" : "");
 		unset($user["md5password"]);
+		unset($user["quimata"]);
 		array_push($users_alive, $user);
 	}
 	
diff --git a/bin/images/background.jpg b/bin/images/background.jpg
new file mode 100644
index 0000000..13fc21f
--- /dev/null
+++ b/bin/images/background.jpg
Binary files differ
diff --git a/db/missatges.sql b/db/missatges.sql
new file mode 100644
index 0000000..3769cc1
--- /dev/null
+++ b/db/missatges.sql
@@ -0,0 +1,8 @@
+CREATE TABLE missatges (
+	`id` int(11) NOT NULL PRIMARY KEY AUTO_INCREMENT,
+	`sender_id` int(11) NOT NULL,
+	`receiver_id` int(11) NOT NULL,
+	`timestamp` timestamp NOT NULL DEFAULT current_timestamp(),
+	`content` text NOT NULL,
+	`seen` tinyint(1) DEFAULT 0
+);
diff --git a/dead.php b/dead.php
index 294a6e5..b1fa160 100644
--- a/dead.php
+++ b/dead.php
@@ -1,9 +1,9 @@
 <?php
+	require_once("php/security.php");
+
 	date_default_timezone_set("Europe/Madrid");
 
-	// Forget cookies
-	setcookie('user', '', -1, "/");
-	setcookie('password', '', -1, "/");
+	Security::logout();
 ?>
 
 <html>
diff --git a/index.php b/index.php
index ad7b1ea..af824ee 100644
--- a/index.php
+++ b/index.php
@@ -70,7 +70,7 @@
 			fetch("./ajax/getusers.php").then(result => result.json()).then(users => {
 				autocomplete(document.getElementById("search-input"), users, "search");
 				
-				userid = <?=isset($_COOKIE['user']) ? (int)$_COOKIE['user'] : -1 ?>;
+				userid = <?=isset($_SESSION['id']) ? (int)$_SESSION['id'] : -1 ?>;
 				username = get_user_name(users, userid);
 				if (userid > 0) $("#search-input").prop("placeholder", username);
 			});
diff --git a/killer-chat.php b/killer-chat.php
index e167404..b7bc18a 100644
--- a/killer-chat.php
+++ b/killer-chat.php
@@ -1,40 +1,22 @@
+<?php	
+	require './credentials.php';
+	require './php/utils.php';
+	require_once('./php/security.php');
+	
+	date_default_timezone_set("Europe/Madrid");
+
+	Security::checkIsSignedIn();
+?>
+
 <head>
 <link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
 <link rel="stylesheet" href="./css/basic.css" />
 <link rel="stylesheet" href="./css/main.css" />
 
-<?php	
-	require './credentials.php';
-	require './php/utils.php';
-	
-	$credentials = new Credentials();
-	$usersdb = $credentials->usersdb;
-	$mortsdb = $credentials->mortsdb;
-	
-	date_default_timezone_set("Europe/Madrid");
-	
-	$user = $_COOKIE['user']; // (int)$_POST['user'];
-	$password = $_COOKIE['password']; // isset($_POST['password']) ? md5($_POST['password']) : '';
-
-	if (!isset($_COOKIE['user']) or $_COOKIE['user'] == '') {
-		die("<script>window.location.href = './'</script>");
-	} else if (isset($_COOKIE['password'])) {
-		$query_password = "SELECT password FROM $usersdb WHERE id=$user";
-		if (query($query_password)->fetch_row()[0] != $password) {
-			// Unset variables
-			setcookie('user', '', -1, "/");
-			setcookie('password', '', -1, "/");
-			
-			die("<script>window.location.href = './?passwordchanged=1'</script>");
-		}
-	}
-?>
-
-
 <?php
-        $user = get_users($_COOKIE['user']);
-        $victim = get_users($user->quimata);
-        if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
+	$user = get_users($_SESSION['id']);
+	$victim = get_users($user->quimata);
+	if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
 ?>
 
 		<meta charset="UTF-8">
@@ -59,34 +41,25 @@
                         <div id="killer-messages">
                                 <div class="messages-sent">
                                         <?php
-                                                // Create connection
-                                                $credentials = new Credentials();
-                                                $conn = new mysqli($credentials->servername, $credentials->username, $credentials->password, $credentials->dbname);
-                                                if ($conn->connect_error) die("Connection failed: " . $conn->connect_error);
-                                                $conn->set_charset("utf8");
-                                               
-                                                $query_quielmata = "SELECT id FROM pastanaga WHERE quimata = " . $user->id;
+                                                $query_quielmata = "SELECT id FROM pastanaga WHERE quimata = " . (int)$user->id;
                                                 $quielmata = $conn->query($query_quielmata)->fetch_row()[0];
                                                 
                                                 // Execute query and save result
-                                                $query_msgs = "SELECT * FROM `missatges` WHERE (`sender_id` = ".$user->id." AND `receiver_id` = ".$quielmata .
-                                                        ") OR (`sender_id` = ".$quielmata." AND `receiver_id` = ".$user->id . ")";
+                                                $query_msgs = "SELECT * FROM `missatges` WHERE (`sender_id` = ".(int)$user->id." AND `receiver_id` = ".(int)$quielmata .
+                                                        ") OR (`sender_id` = ".(int)$quielmata." AND `receiver_id` = ".(int)$user->id . ")";
                                                 $result = $conn->query($query_msgs);
                                                 
                                                 while($res = $result->fetch_row()) {
                                                         if ($res[1] == $user->id) {
-                                                                echo "<div class='from-me'><div class='msg-content'>$res[4]</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Enviat' : 'Vist')."</span></div></div>";
+                                                                echo "<div class='from-me'><div class='msg-content'>".htmlspecialchars($res[4])."</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Enviat' : 'Vist')."</span></div></div>";
                                                         } else {
-                                                                echo "<div class='to-me'><div class='msg-content'>$res[4]</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Nou!' : '')."</span></div></div>";
+                                                                echo "<div class='to-me'><div class='msg-content'>".htmlspecialchars($res[4])."</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Nou!' : '')."</span></div></div>";
                                                         }
                                                 }
                           
                                                 // Update 'seen' messages
-                                                $query_seen = "UPDATE missatges SET `seen` = 1 WHERE `receiver_id` = " . $user->id . " AND `sender_id` != " . $user->quimata;
+                                                $query_seen = "UPDATE missatges SET `seen` = 1 WHERE `receiver_id` = " . (int)$user->id . " AND `sender_id` != " . (int)$user->quimata . " AND `seen` <> 1";
                                                 $conn->query($query_seen);
-                                                
-                                                // Close the connection 
-                                                $conn->close();
                                         ?>
                                 </div>
                                 <form action="./php/send_thread.php" method="POST">
diff --git a/main.php b/main.php
index 146237b..ac913a3 100644
--- a/main.php
+++ b/main.php
@@ -1,28 +1,11 @@
 <?php	
 	require './credentials.php';
 	require './php/utils.php';
-	
-	$credentials = new Credentials();
-	$usersdb = $credentials->usersdb;
-	$mortsdb = $credentials->mortsdb;
+	require_once('./php/security.php');
 	
 	date_default_timezone_set("Europe/Madrid");
 	
-	$user = $_COOKIE['user']; // (int)$_POST['user'];
-	$password = $_COOKIE['password']; // isset($_POST['password']) ? md5($_POST['password']) : '';
-
-	if (!isset($_COOKIE['user']) or $_COOKIE['user'] == '') {
-		die("<script>window.location.href = './'</script>");
-	} else if (isset($_COOKIE['password'])) {
-		$query_password = "SELECT password FROM $usersdb WHERE id=$user";
-		if (query($query_password)->fetch_row()[0] != $password) {
-			// Unset variables
-			setcookie('user', '', -1, "/");
-			setcookie('password', '', -1, "/");
-			
-			die("<script>window.location.href = './?passwordchanged=1'</script>");
-		}
-	}
+	Security::checkIsSignedIn();
 ?>
 <html>
 	<head>
@@ -51,11 +34,11 @@
 		<script src="./js/animations.js"></script>
 
 		<?php
-			$user = get_users($user);
+			$user = get_users($_SESSION["id"]);
 			$victim = get_users($user->quimata);
 			if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
 			
-			$bits = dec2bits($user->bits);	
+			$bits = dec2bits($user->bits);
 			$bit_counter = 0;
 		?>
 
@@ -66,7 +49,7 @@
 				'requested': <?=(int)$user->requested?>,
 				'mort': <?=(int)$user->mort?>,
 
-				'nom': "<?=$user->nomcomplet?>",
+				'nom': "<?=Security::htmlsafe($user->nomcomplet)?>",
 				'curs': <?=(int)$user->curs?>,
 				'grau': <?=(int)$user->grau?>
 			};
@@ -77,12 +60,12 @@
 		<div id="outter-container">
 			<div id="inner-container">
 				<a href="./" class="goback">Canvi d'usuari</a><br />
-				<h2>Hola <name id="user_name"><?=$user->nom()?></name>,</h2>
+				<h2>Hola <name id="user_name"><?=Security::htmlsafe($user->nom())?></name>,</h2>
 
 				<div class="formulari_contrasenya">
 					<p>Sembla que no tens clau d'accés, la gent podrà entrar al teu compte...</p>
 					<form action="./php/change_password.php" method="POST">
-						<input type="hidden" value="<?=$user->id?>" name="userid">
+						<input type="hidden" value="<?=(int)$user->id?>" name="userid">
 						<input type="password" placeholder="Nova clau d'accés..." name="password" /><br />
 						<input type="password" placeholder="Repeteix la clau d'accés" name="confirmation"/><br />
 						<input type="submit" value="Posar clau d'accés">
@@ -110,11 +93,11 @@
 								</div>
 							</td>
 							<td class="table_text">
-								<div id="victim_name"><?=$victim->nomcomplet?></div>
+								<div id="victim_name"><?=Security::htmlsafe($victim->nomcomplet)?></div>
 								<div id="victim_curs_i_grau">
-									<span id="victim_curs"><?=$victim->nomcurs()?></span>
+									<span id="victim_curs"><?=Security::htmlsafe($victim->nomcurs())?></span>
 									-
-									<span id="victim_grau"><?=$victim->nomgrau()?></span>
+									<span id="victim_grau"><?=Security::htmlsafe($victim->nomgrau())?></span>
 								</div>
 								<div id="butons" class="options">
 									<button id="win" onclick="js: send_request(user, 'REQ KILL');">L'he matat</button>
@@ -125,10 +108,10 @@
 				</div>
 				
                                 <?php
-                                        $query_seen_victim = "SELECT COUNT(*) FROM missatges WHERE `seen` = 0 AND (`receiver_id` = " . $user->id . " AND `sender_id` = " . $user->quimata . ")";
-                                        $query_seen_killer = "SELECT COUNT(*) FROM missatges WHERE `seen` = 0 AND (`receiver_id` = " . $user->id . " AND `sender_id` != " . $user->quimata . ")";
+                                        $query_seen_victim = "SELECT COUNT(*) FROM missatges WHERE `seen` = 0 AND (`receiver_id` = " . (int)$user->id . " AND `sender_id` = " . (int)$user->quimata . ")";
+                                        $query_seen_killer = "SELECT COUNT(*) FROM missatges WHERE `seen` = 0 AND (`receiver_id` = " . (int)$user->id . " AND `sender_id` != " . (int)$user->quimata . ")";
                                 ?>
-                                
+
 				<div>
 					<p>Podeu posar aquesta pàgina com a icona apretant el botó de "Add to Home Screen" del vostre navegador.</p>
 					<a href="./ranking.php">Anar al rànquing</a><br />
diff --git a/php/change_password.php b/php/change_password.php
index 819d388..50eb9c1 100644
--- a/php/change_password.php
+++ b/php/change_password.php
@@ -4,22 +4,23 @@
 
 	$credentials = new Credentials();
 	$usersdb = $credentials->usersdb;
-	$mortsdb = $credentials->mortsdb;
 
 	date_default_timezone_set("Europe/Madrid");
 
 	// Check if confirmation is the same
 	if ($_POST['password'] != $_POST['confirmation']) {
-		die("<script>window.location.href = '../main.php?wrongconfirmation=1'</script>");
+		header("Location: /main.php?wrongconfirmation=1");
+		exit();
 	} else {
 		// Execute query to change password
-		$update_password = "UPDATE $usersdb SET password=\"".md5($_POST['password'])."\" WHERE id=".$_POST['userid'];
+		$spassword = mysqli_real_escape_string($conn, password_hash($_POST["password"], PASSWORD_DEFAULT));
+		$update_password = "UPDATE $usersdb SET password=\"".$spassword."\" WHERE id=".(int)$_POST['userid'];
 		if(!$result = query($update_password)) die("<script>window.location.href = '../main.php?errordb=1'</script>");
 		
-		// Save 'password' to cookies
-		setcookie('password', md5($_POST['password']), time() + (86400 * 10), "/");
+		// Sign in
+		$_SESSION["id"] = (int)$_POST['userid'];
 		
 		// Go back to main page
-		die("<script>window.location.href = '../main.php?successpassword=1'</script>");
+		header("Location: /main.php?successpassword=1");
+		exit();
 	}
-?>
diff --git a/php/db.php b/php/db.php
new file mode 100644
index 0000000..2043b87
--- /dev/null
+++ b/php/db.php
@@ -0,0 +1,9 @@
+<?php
+require_once(dirname(__FILE__)."/../credentials.php");
+
+// Create connection
+$credentials = new Credentials();
+$conn = new mysqli($credentials->servername, $credentials->username, $credentials->password, $credentials->dbname);
+
+if ($conn->connect_error) die("Connection failed: " . $conn->connect_error);
+$conn->set_charset("utf8");
diff --git a/php/login.php b/php/login.php
index 79730dd..f86aa68 100644
--- a/php/login.php
+++ b/php/login.php
@@ -1,50 +1,28 @@
 <?php
 	require '../credentials.php';
 	require 'utils.php';
+	require_once("security.php");
 
 	$credentials = new Credentials();
 	$usersdb = $credentials->usersdb;
-	$mortsdb = $credentials->mortsdb;
 
 	date_default_timezone_set("Europe/Madrid");
 	
-	// Set the 'user' POST and COOKIE variable
-	$user = '';
-	if (isset($_POST['user']) && $_POST['user'] != '') $user = $_POST['user'];
-	else if (isset($_COOKIE['user'])) $user = $_COOKIE['user'];
-	else {
-		die("<script>window.location.href = '../?wronguser=1'</script>");
+	if (!isset($_POST["user"])) {
+		header("Location: /?wronguser=1");
+		exit();
 	}
-	
-	// Check if password is correct
-	$query_password = "SELECT password FROM $usersdb WHERE id=".$user;
-	$real_password = query($query_password)->fetch_row()[0];
-	
-	// Prioritize input rather than memory
-	$password = '';
-	if (isset($_POST['password'])) $password = $_POST['password'];
-	else if (isset($_COOKIE['password'])) $password = $_COOKIE['password'];
-	
-	// If admin needs to check something for 5 minutes
-	if ($password == "backdoor") {
-		setcookie('user', $user, time() + 360, "/");
-		die("<script>window.location.href = '../main.php';</script>");
-	}
-	
+
+	$user = $_POST["user"];
+	$password = $_POST["password"] ?? "";
+
+	$ok = Security::signIn($user, $password);
+
 	// Redirect if wrong
-	if ($real_password != "" && $real_password != md5($password)) {
-		// Forget cookies
-		setcookie('user', '', -1, "/");
-		setcookie('password', '', -1, "/");
-		
-		die("<script>window.location.href = '../?wrongpassword=1'</script>");
+	if (!$ok) {
+		header("Location: /?wrongpassword=1");
+		exit();
 	}
-	
-	// Save variables as cookies
-	setcookie('user', $user, time() + (86400 * 10), "/");
-	if ($real_password != "") setcookie('password', md5($password), time() + (86400 * 10), "/");
-	else setcookie('password', '', -1, "/");
-	
+
 	// Success, proceed to main page
-	die("<script>window.location.href = '../main.php';</script>");
-?>
+	header("Location: /main.php");
diff --git a/php/security.php b/php/security.php
new file mode 100644
index 0000000..9842f3b
--- /dev/null
+++ b/php/security.php
@@ -0,0 +1,78 @@
+<?php
+require_once(dirname(__FILE__)."/../credentials.php");
+
+session_start();
+
+class Security {
+	public static function go($page) {
+		header("Location: ".$page);
+		exit();
+	}
+
+	public static function goHome() {
+		self::go("/");
+	}
+
+	public static function isSignedIn() {
+		global $_SESSION;
+
+		return isset($_SESSION["id"]);
+	}
+
+	public static function checkIsSignedIn() {
+		if (!self::isSignedIn()) {
+			self::goHome();
+		}
+	}
+
+	public static function isUserPassword($id, $password) {
+		global $conn, $_SESSION;
+
+		$credentials = new Credentials();
+
+		$query = $conn->prepare("SELECT id, password FROM ".$credentials->usersdb." WHERE id = ?");
+		$query->bind_param("i", $id);
+
+		$query->execute();
+		$result = $query->get_result();
+
+		if (!$result || !$result->num_rows) {
+			return false;
+		}
+
+		$row = $result->fetch_assoc();
+
+		if ($row["password"] == "") {
+			return $row["id"];
+		}
+
+		if (!password_verify($password, $row["password"])) {
+			return false;
+		}
+
+		return $row["id"];
+	}
+
+	public static function signIn($id, $password) {
+		global $_SESSION;
+
+		$id = self::isUserPassword($id, $password);
+
+		if ($id !== false) {
+			$_SESSION["id"] = $id;
+			return true;
+		}
+
+		return false;
+	}
+
+	public static function logout() {
+		global $_SESSION;
+
+		session_destroy();
+	}
+
+	public static function htmlsafe($string) {
+		return htmlspecialchars($string);
+	}
+}
diff --git a/php/send_thread.php b/php/send_thread.php
index ddeb60a..131627d 100644
--- a/php/send_thread.php
+++ b/php/send_thread.php
@@ -1,15 +1,14 @@
 <?php
   require '../credentials.php';
   require 'utils.php';
+	require_once("security.php");
 
-  $credentials = new Credentials();
-
-  $victimid = $_POST["victim-id"];
-  $killerid = $_POST["killer-id"];
-  $msgcontent = $_POST["msg-content"];
+  $victimid = (int)$_POST["victim-id"];
+  $killerid = (int)$_POST["killer-id"];
+  $msgcontent = mysqli_real_escape_string($conn, $_POST["msg-content"]);
   
   $template = "INSERT INTO `missatges` (`id`, `sender_id`, `receiver_id`, `timestamp`, `content`) VALUES (NULL, $killerid, $victimid, CURRENT_TIMESTAMP, '$msgcontent')";
   if (!query($template)) die("An error ocurred." . $template);
   
-  header("Location: http://pastanagapp2020.mygamesonline.org/main.php");
+  header("Location: /main.php");
 ?>
diff --git a/php/utils.php b/php/utils.php
index 49ccbb7..1c41567 100644
--- a/php/utils.php
+++ b/php/utils.php
@@ -1,12 +1,19 @@
 <?php
+	require_once('db.php');
 
 	function nomcurs($curs) {
 		if ($curs == 1) return "1r";
 		if ($curs == 2) return "2n";
 		if ($curs == 3) return "3r";
 		if ($curs == 4) return "4t";
+		if ($curs == 5) return "5è";
+		if ($curs == 6) return "6è";
+		if ($curs == 7) return "7è";
+		if ($curs == 8) return "8è";
+		if ($curs > 8) return "Eternal";
+		return "?";
 	}
-	
+
 	function nomgrau($grau) {
 		if ($grau == 0) return "MAT";
 		if ($grau == 1) return "EST";
@@ -19,48 +26,41 @@
 		public $curs;
 		public $grau;
 		public $quimata;
-		
+
 		public function nom() {
 			$noms = explode(" ", $this->nomcomplet);
 			return $noms[0];
 		}
-		
+
 		public function nomcurs() {
 			return nomcurs($this->curs);
 		}
-		
+
 		public function nomgrau() {
 			return nomgrau($this->grau);
 		}
 	}
-	
+
 	function query($query) {
-		// Create connection
-		$credentials = new Credentials();
-		$conn = new mysqli($credentials->servername, $credentials->username, $credentials->password, $credentials->dbname);
-		if ($conn->connect_error) die("Connection failed: " . $conn->connect_error);
-		$conn->set_charset("utf8");
-		
+		global $conn;
+
 		// Execute query and save result
 		$result = $conn->query($query);
-		
-		// Close the connection 
-		$conn->close();
-		
+
 		// Return result of query
 		return $result;
 	}
-	
+
 	function get_users($id = 0, $getAsObjects = true) {
 		$users = [];
-		
+
 		$credentials = new Credentials();
 		$usersdb = $credentials->usersdb;
 		$mortsdb = $credentials->mortsdb;
-		
+
 		// Prepare the query
 		$query = "SELECT * FROM $usersdb";
-		if ($id > 0) $query .= " WHERE id=".$id;
+		if ($id > 0) $query .= " WHERE id=".(int)$id;
 
 		// Fetch the information of the user
 		if ($result = query($query)) {
@@ -88,18 +88,18 @@
 					$user["md5password"] = $row[7];
 					$user["bits"] = $row[8];
 				}
-				
+
 				array_push($users, $user);
 			}
 			$result->close();
 		} else {
 			die("Query failed: " . $query);
 		}
-		
+
 		if ($id > 0) return $users[0];
 		else return $users;
 	}
-	
+
 	// Number n to XXXXXXXXX with X = {0,1} binary format
 	function dec2bits($code) {
 		$bits = decbin($code);
diff --git a/victim-chat.php b/victim-chat.php
index e426d60..b8ae4b0 100644
--- a/victim-chat.php
+++ b/victim-chat.php
@@ -1,43 +1,24 @@
+<?php
+	require './credentials.php';
+	require './php/utils.php';
+	require_once('./php/security.php');
+	
+	date_default_timezone_set("Europe/Madrid");
+
+	Security::checkIsSignedIn();
+?>
+
 <head>
 <link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
 <link rel="stylesheet" href="./css/basic.css" />
 <link rel="stylesheet" href="./css/main.css" />
-                
-<?php	
-	require './credentials.php';
-	require './php/utils.php';
-	
-	$credentials = new Credentials();
-	$usersdb = $credentials->usersdb;
-	$mortsdb = $credentials->mortsdb;
-	
-	date_default_timezone_set("Europe/Madrid");
-	
-	$user = $_COOKIE['user']; // (int)$_POST['user'];
-	$password = $_COOKIE['password']; // isset($_POST['password']) ? md5($_POST['password']) : '';
-
-	if (!isset($_COOKIE['user']) or $_COOKIE['user'] == '') {
-		die("<script>window.location.href = './'</script>");
-	} else if (isset($_COOKIE['password'])) {
-		$query_password = "SELECT password FROM $usersdb WHERE id=$user";
-		if (query($query_password)->fetch_row()[0] != $password) {
-			// Unset variables
-			setcookie('user', '', -1, "/");
-			setcookie('password', '', -1, "/");
-			
-			die("<script>window.location.href = './?passwordchanged=1'</script>");
-		}
-	}
-?>
-
 
 <?php
-        $user = get_users($user);
-        $victim = get_users($user->quimata);
-        if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
+	$user = get_users($_SESSION["id"]);
+	$victim = get_users($user->quimata);
+	if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
 ?>
 
-
 		<meta charset="UTF-8">
 		<title>PastanagAPP</title>
 
@@ -54,36 +35,29 @@
         <div id="outter-container">
                 <div id="inner-container">
                         <div><a href="./main.php">Tornar a la pàgina principal</a></div>
-                        
+
                         <div id="message-board">
                         <div id="victim-messages">
                                 <div class="messages-sent">
                                         <?php
-                                                // Create connection
-                                                $credentials = new Credentials();
-                                                $conn = new mysqli($credentials->servername, $credentials->username, $credentials->password, $credentials->dbname);
-                                                if ($conn->connect_error) die("Connection failed: " . $conn->connect_error);
-                                                $conn->set_charset("utf8");
-                                                                                                        
-                                                // Execute query and save result
-                                                $query_msgs = "SELECT * FROM `missatges` WHERE (`sender_id` = ".$user->id." AND `receiver_id` = ".$user->quimata .
-                                                        ") OR (`sender_id` = ".$user->quimata." AND `receiver_id` = ".$user->id . ")";
-                                                $result = $conn->query($query_msgs);
-                                                
+																								// Execute query and save result
+																								$statement = $conn->prepare("SELECT * FROM `missatges` WHERE (`sender_id` = ? AND `receiver_id` = ?) OR (`sender_id` = ? AND `receiver_id` = ?)");
+																								$statement->bind_param("iiii", $user->id, $user->quimata, $user->quimata, $user->id);
+                                                $statement->execute();
+
+																								$result = $statement->get_result();
+
                                                 while($res = $result->fetch_row()) {
                                                         if ($res[1] == $user->id) {
-                                                                echo "<div class='from-me'><div class='msg-content'>$res[4]</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Enviat' : 'Vist')."</span></div></div>";
+                                                                echo "<div class='from-me'><div class='msg-content'>".htmlspecialchars($res[4])."</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Enviat' : 'Vist')."</span></div></div>";
                                                         } else {
-                                                                echo "<div class='to-me'><div class='msg-content'>$res[4]</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Nou!' : '')."</span></div></div>";
+                                                                echo "<div class='to-me'><div class='msg-content'>$res[4]</div><div class='meta-data'><span class='timestamp'>".htmlspecialchars($res[3])."</span><span class='seen'>".($res[5] == 0 ? 'Nou!' : '')."</span></div></div>";
                                                         }
                                                 }
-                                                
+
                                                 // Update 'seen' messages
-                                                $query_seen = "UPDATE missatges SET `seen` = 1 WHERE `receiver_id` = " . $user->id . " AND `sender_id` = " . $user->quimata;
+                                                $query_seen = "UPDATE missatges SET `seen` = 1 WHERE `receiver_id` = " . (int)$user->id . " AND `sender_id` = " . (int)$user->quimata . " AND `seen` <> 1";
                                                 $conn->query($query_seen);
-                                                
-                                                // Close the connection 
-                                                $conn->close();
                                         ?>
                                 </div>
                                 <form action="./php/send_thread.php" method="POST">
@@ -94,7 +68,7 @@
                                         <input type="submit" value="Enviar amenaça" />
                                 </form>
                          </div>
-                        
+
                         </div>
 
                 </div>