PROJET-WEB_STRI1A/WEB/inscription.php

174 lines
6.2 KiB
PHP
Raw Normal View History

<?php
require_once('connexionBD.php');
session_start();
if (!isset($_SESSION['mail'])) {
if ($_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST) && empty($_FILES) && $_SERVER['CONTENT_LENGTH'] > 0) {
echo "<p class='error'>PHP a ignoré les données POST à cause d'une requête dépassant post_max_size (" . ini_get('post_max_size') . ").</p>";
exit();
}
if (isset($_POST['mail_field'])) {
$login = htmlentities(pg_escape_string($_POST['login_field']));
$password = htmlentities(pg_escape_string($_POST['password']));
$prenom = htmlentities(pg_escape_string($_POST['prenom']));
$nom = htmlentities(pg_escape_string($_POST['nom']));
$dateN = htmlentities(pg_escape_string($_POST['dateN']));
$mail = strtolower(htmlentities(pg_escape_string($_POST['mail_field'])));
$phone = htmlentities(pg_escape_string($_POST['phone']));
if (!filter_var($mail, FILTER_VALIDATE_EMAIL)) {
header('Location: inscription.php?error=1');
exit();
} elseif (!isMailUnique($db, $mail)) {
header('Location: inscription.php?error=2');
exit();
} elseif (!isLoginUnique($db, $login)) {
header('Location: inscription.php?error=3');
exit();
} else {
uploadAvatar($mail);
$result = creerUtilisateur($db, $mail, $password, $prenom, $nom, $login, $phone, $dateN);
if ($result) {
header('Location: index.php');
} else {
header('Location: inscription.php?error=6');
}
}
}
} else {
header('Location: tableauBord/tableauBord.php');
}
function printError()
{
if (isset($_GET['error'])) {
$erreur = getError($_GET['error']);
echo "<p class = 'error'>$erreur</p>";
}
}
function getError($code)
{
switch ($code) {
case 1:
return "L'adresse mail est invalide.";
case 2:
return "Cette adresse est déjà associée à un compte.";
case 3:
return "Ce login est déjà associé à un compte.";
case 4:
return "Le fichier envoyé doit être une image au format PNG.";
case 5:
return "La taille de l'image ne doit pas dépasser 2 MB.";
case 6:
return "Erreur lors de la création du compte.";
}
}
function isMailUnique($db, $mail)
{
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
if ($result) {
$row = pg_fetch_array($result);
return (strcmp($row['mail'], $mail) != 0);
}
return false;
}
function isLoginUnique($db, $login)
{
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE login = $1;", array($login));
if ($result) {
$row = pg_fetch_array($result);
return (strcmp($row['login'], $login) != 0);
}
return false;
}
function creerUtilisateur($db, $mail, $password, $prenom, $nom, $login, $phone, $dateN)
{
$result = pg_query_params($db, "INSERT INTO Utilisateur VALUES ($1, $2, $3, $4, $5, $6, to_date($7, 'YYYY/MM/DD'), false);", array($mail, $password, $prenom, $nom, $login, $phone, $dateN));
return $result;
}
function uploadAvatar($mail)
{
if (isset($_FILES['avatar']) and $_FILES['avatar']['name'] != "") {
$target_file = "imageProfil/$mail.png";
$file_tmp = $_FILES['avatar']['tmp_name'];
$extension = end(explode('.', $_FILES['avatar']['name']));
$check = getimagesize($file_tmp);
if ($check === false or !in_array($extension, array('png'))) {
header('Location: inscription.php?error=4');
exit();
} else if ($_FILES['avatar']['size'] > 2 * 1024 * 1024) {
header('Location: inscription.php?error=5');
exit();
} else {
move_uploaded_file($file_tmp, $target_file);
}
}
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="index_inscription.css">
<title>Inscription</title>
<script src="inscription.js"></script>
</head>
<body>
<div id="formulaire">
<h1>Inscription</h1>
<form method="post" enctype="multipart/form-data" action="inscription.php">
<div class="line">
<label for="mail_field">Adresse mail : </label>
<input id="mail_field" class="form" name="mail_field" type="email" maxlength="100" required>
</div>
<div class="line">
<label for="login_field">Login : </label>
<input id="login_field" class="form" name="login_field" type="text" maxlength="50" required>
</div>
<div class="line">
<label for="password">Mot de passe : </label>
<input class="form" id="password" name="password" type="password" maxlength="50" required>
</div>
<div class="line">
<label for="confirmation">Confirmation : </label>
<input class="form" id="confirmation" name="confirmation" type="password" maxlength="16">
</div>
<div class="line">
<label for="prenom_field">Prénom : </label>
<input id="prenom_field" class="form" name="prenom" type="text" maxlength="50" required>
</div>
<div class="line">
<label for="nom_field">Nom : </label>
<input id="nom_field" class="form" name="nom" type="text" maxlength="50" required>
</div>
<div class="line">
<label for="dateN_field">Date de naissance : </label>
<input id="dateN_field" class="form" name="dateN" type="date" required>
</div>
<div class="line">
<label for="phone_field">Numéro de téléphone : </label>
<input id="phone_field" class="form" name="phone" type="tel" pattern="[0-9]{10}" maxlength="10" required>
</div>
<div class="line">
<label for="avatar">Image du Profil :</label>
<input type="file" id="avatar" class="form" name="avatar" accept="image/png">
</div>
<?php
printError();
?>
<input id="submit" class="button" type="submit" value="S'inscrire">
</form>
<p id="enregistrer">Si vous avez déjà un compte <a href="index.php" title="S'identifier">cliquez ici</a>.</p>
</div>
</body>
</html>