PROJET-WEB_STRI1A/WEB/deposer_avis/deposer_avis.php

<?php

function checkAvis($db, $mail, $codetrajet)
{
    $result = pg_query_params($db, "SELECT COUNT(*) FROM avis WHERE mailEmetteur = $1 AND codetrajet = $2;", array($mail, $codetrajet));
    $row = pg_fetch_array($result);
    return $row[0] == 0;
}

function checkCodeTrajetAvis($db, $mail, $codetrajet)
{
    $result = pg_query_params($db, "SELECT COUNT(*) FROM trajet tr, reserver re WHERE tr.codetrajet = $1 AND tr.codetrajet = re.codetrajet AND re.mailutilisateur = $2;", array($codetrajet, $mail));
    $row = pg_fetch_array($result);
    return $row[0] >= 1;
}

session_start();
require_once("../connexionBD.php");
require_once("../ressources/user.php");

//Si on est pas connecté redirection vers la page de connexion
if (!isset($_SESSION['mail'])) {
    header('Location: ../index.php');
    exit();
}

$mail = $_SESSION['mail'];
if (isset($_POST['codetrajet']) && isset($_POST['avislaisse']) && isset($_POST['note'])) {
    $avis = $_POST['avislaisse'];
    $note = $_POST['note'];
    $codetrajet = intval($_POST['codetrajet']);
    $date = date('Y-m-d H:i:s');
    if (checkAvis($db, $mail, $codetrajet) && checkCodeTrajetAvis($db, $mail, $codetrajet)) {
        $requete = "INSERT INTO avis (mailemetteur, codetrajet, commentaire, dateavis, note, estlu) VALUES ($1,$2,$3,$4,$5, false);";
        $envoi = pg_query_params($db, $requete, array($mail, $codetrajet, $avis, $date, $note));
        if (!$envoi) {
            echo "Erreur d'ecriture dans la BD";
            echo "<br><a href='../tableauBord/tableauBord.php'>Retour vers le tableau de bord</a>";
            exit();
        } else {
            header('Location: ../tableauBord/tableauBord.php');
            exit();
        }
    }
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
    <meta charset="UTF-8">
    <link rel="stylesheet" href="deposer_avis.css">
    <link rel="stylesheet" href="../ressources/navbarhtml.css">
    <link rel="icon" href="../ressources/favicon.ico"/>
    <title>Deposer un avis</title>
</head>
<body>
<?php require_once("../ressources/navbarhtml.php"); ?>
<div id="container">
    <div id="entete">
        <h1 id="titre">Deposer un avis</h1>
    </div>
    <div id="form">
        <form id="formulaire_avis" enctype="multipart/form-data" action="deposer_avis.php" method="post">
            <textarea id="avis_laisse" name="avislaisse" form="formulaire_avis" placeholder="Avis"></textarea>
            <h2>NOTE</h2>
            <div class="rating">
                <input type="radio" name="note" id="note3" value="3">
                <a href="#3" label for="note3" title="Donner 3 étoiles">☆</a>
                <input type="radio" name="note" id="note2" value="2">
                <a href="#2" label for="note2" title="Donner 2 étoiles">☆</a>
                <input type="radio" name="note" id="note1" value="1">
                <a href="#1" label for="note1" title="Donner 1 étoiles">☆</a>
                <?php
                if (isset($_GET['codetrajet'])) {
                    $codeTrajet = $_GET['codetrajet'];
                    echo "<input type='hidden' name='codetrajet' value='$codeTrajet'>";
                }
                ?>
            </div>
            <br>
            <input type="submit" value="Valider" id="submit">
        </form>
    </div>
</div>
</body>
</html>