2019-05-22 17:16:12 +02:00
< ? php
2019-05-22 22:52:03 +02:00
function checkAvis ( $db , $mail , $codetrajet )
{
$result = pg_query_params ( $db , " SELECT COUNT(*) FROM avis WHERE mailEmetteur = $ 1 AND codetrajet = $ 2; " , array ( $mail , $codetrajet ));
$row = pg_fetch_array ( $result );
return $row [ 0 ] == 0 ;
}
function checkCodeTrajetAvis ( $db , $mail , $codetrajet )
{
2019-05-23 02:11:30 +02:00
$result = pg_query_params ( $db , " SELECT COUNT(*) FROM trajet tr, reserver re WHERE tr.codetrajet = $ 1 AND tr.codetrajet = re.codetrajet AND re.mailutilisateur = $ 2; " , array ( $codetrajet , $mail ));
2019-05-22 22:52:03 +02:00
$row = pg_fetch_array ( $result );
return $row [ 0 ] >= 1 ;
}
2019-05-22 17:16:12 +02:00
session_start ();
2019-05-22 22:52:03 +02:00
require_once ( " ../connexionBD.php " );
require_once ( " ../ressources/user.php " );
2019-05-22 17:16:12 +02:00
//Si on est pas connecté redirection vers la page de connexion
if ( ! isset ( $_SESSION [ 'mail' ])) {
header ( 'Location: ../index.php' );
exit ();
}
$mail = $_SESSION [ 'mail' ];
2019-05-22 22:52:03 +02:00
if ( isset ( $_POST [ 'codetrajet' ]) && isset ( $_POST [ 'avislaisse' ]) && isset ( $_POST [ 'note' ])) {
$avis = $_POST [ 'avislaisse' ];
$note = $_POST [ 'note' ];
$codetrajet = intval ( $_POST [ 'codetrajet' ]);
$date = date ( 'Y-m-d H:i:s' );
if ( checkAvis ( $db , $mail , $codetrajet ) && checkCodeTrajetAvis ( $db , $mail , $codetrajet )) {
$requete = " INSERT INTO avis (mailemetteur, codetrajet, commentaire, dateavis, note, estlu) VALUES ( $ 1, $ 2, $ 3, $ 4, $ 5, false); " ;
$envoi = pg_query_params ( $db , $requete , array ( $mail , $codetrajet , $avis , $date , $note ));
if ( ! $envoi ) {
echo " Erreur d'ecriture dans la BD " ;
2019-05-23 02:11:30 +02:00
echo " <br><a href='../tableauBord/tableauBord.php'>Retour vers le tableau de bord</a> " ;
2019-05-22 22:52:03 +02:00
exit ();
} else {
2019-05-23 02:11:30 +02:00
header ( 'Location: ../tableauBord/tableauBord.php' );
2019-05-22 22:52:03 +02:00
exit ();
}
}
2019-05-22 17:16:12 +02:00
}
?>
<! DOCTYPE html >
2019-05-22 22:52:03 +02:00
< html lang = " fr " >
2019-05-22 17:16:12 +02:00
< head >
2019-05-22 22:52:03 +02:00
< meta charset = " UTF-8 " >
< link rel = " stylesheet " href = " deposer_avis.css " >
< link rel = " stylesheet " href = " ../ressources/navbarhtml.css " >
< link rel = " icon " href = " ../ressources/favicon.ico " />
< title > Deposer un avis </ title >
2019-05-22 17:16:12 +02:00
</ head >
< body >
2019-05-22 22:52:03 +02:00
< ? php require_once ( " ../ressources/navbarhtml.php " ); ?>
< div id = " container " >
< div id = " entete " >
< h1 id = " titre " > Deposer un avis </ h1 >
</ div >
< div id = " form " >
< form id = " formulaire_avis " enctype = " multipart/form-data " action = " deposer_avis.php " method = " post " >
< textarea id = " avis_laisse " name = " avislaisse " form = " formulaire_avis " placeholder = " Avis " ></ textarea >
< h2 > NOTE </ h2 >
< div class = " rating " >
< input type = " radio " name = " note " id = " note3 " value = " 3 " >
< a href = " #3 " label for = " note3 " title = " Donner 3 étoiles " > ☆ </ a >
< input type = " radio " name = " note " id = " note2 " value = " 2 " >
< a href = " #2 " label for = " note2 " title = " Donner 2 étoiles " > ☆ </ a >
< input type = " radio " name = " note " id = " note1 " value = " 1 " >
< a href = " #1 " label for = " note1 " title = " Donner 1 étoiles " > ☆ </ a >
< ? php
if ( isset ( $_GET [ 'codetrajet' ])) {
$codeTrajet = $_GET [ 'codetrajet' ];
echo " <input type='hidden' name='codetrajet' value=' $codeTrajet '> " ;
}
?>
</ div >
< br >
< input type = " submit " value = " Valider " id = " submit " >
</ form >
</ div >
</ div >
2019-05-22 17:16:12 +02:00
</ body >
</ html >