PROJET-WEB_STRI1A/WEB/profil.php

202 lines
7.0 KiB
PHP
Raw Normal View History

2019-05-09 16:35:10 +02:00
<?php
2019-05-11 12:44:29 +02:00
require_once ('connexionBD.php');
session_start();
2019-05-09 16:35:10 +02:00
if (!isset($_SESSION['mail'])){
header('Location: index.php');
exit();
}
2019-05-11 12:44:29 +02:00
$mail = $_SESSION['mail'];
if (isset($_POST['login_field']) || isset($_FILES['avatar'])){
if (isset($_FILES['avatar']) and $_FILES['avatar']['name'] != ""){
$fic = $_FILES['avatar'];
supprimerAvatar($mail);
uploadAvatar($mail, $fic);
}
if (isset($_POST['login_field']) && isset($_POST['password']) && isset($_POST['confirmation']) && isset($_POST['prenom']) && isset($_POST['nom']) && isset($_POST['phone'])){
$login = htmlentities(pg_escape_string ($_POST['login_field']));
$password = htmlentities(pg_escape_string ($_POST['password']));
$confirmation = htmlentities(pg_escape_string ($_POST['confirmation']));
$prenom = htmlentities(pg_escape_string ($_POST['prenom']));
$nom = htmlentities(pg_escape_string ($_POST['nom']));
$phone = htmlentities(pg_escape_string ($_POST['phone']));
if (!isLoginUniqueModifier($db, $mail, $login)){
header('Location: profil.php?error=1');
exit();
}
if (strcmp($password, $confirmation) != 0){
header('Location: profil.php?error=2');
exit();
}
if (!modifierUtilisateur($db, $prenom, $nom, $login, $phone)){
header('Location: profil.php?error=6');
exit();
}
}
header('Location: profil.php');
exit();
}
$user = getUser($db, $_SESSION['mail']);
2019-05-09 16:35:10 +02:00
if (!$user){
2019-05-11 12:44:29 +02:00
header('Location: profil.php?error=3');
2019-05-09 16:35:10 +02:00
exit();
}
2019-05-11 12:44:29 +02:00
function getPathImgProfil($mail){
$protocol = "https";
if (!isset($_SERVER['HTTPS_HOST'])){
$protocol = "http";
}
$list = scandir($_SERVER['DOCUMENT_ROOT']."/imageProfil");
foreach ($list as $entry){
if (strpos($entry, $mail) !== false){
return "$protocol://".$_SERVER['HTTP_HOST']."/imageProfil/$entry";
}
}
return "$protocol://".$_SERVER['HTTP_HOST']."/imageProfil/default.svg";
}
function supprimerAvatar($mail){
$list = scandir($_SERVER['DOCUMENT_ROOT']."/imageProfil");
foreach ($list as $entry){
if (strpos($entry, $mail) !== false){
unlink($_SERVER['DOCUMENT_ROOT']."/imageProfil/$entry");
}
}
}
function uploadAvatar($mail, $fic){
$tmp = explode('.', $fic['name']);
$extension = end($tmp);
$target_file = "imageProfil/$mail.$extension";
$file_tmp = $fic['tmp_name'];
$check = getimagesize($file_tmp);
if($check === false or !in_array($extension, array('png', 'jpg', 'jpeg', 'pjpeg', 'jfif', 'pjp'))) {
header('Location: inscription.php?error=4');
exit();
}
else if ($fic['size'] > 2 * 1024 * 1024){
header('Location: inscription.php?error=5');
exit();
}
else{
move_uploaded_file($file_tmp, $target_file);
}
}
function modifierUtilisateur($db, $prenom, $nom, $login, $phone){
$result = pg_query_params($db, "UPDATE Utilisateur SET prenom = $1, nom = $2, login = $3, telephone = $4;", array($prenom, $nom, $login, $phone));
return $result;
}
function getUser($db, $mail){
2019-05-09 16:35:10 +02:00
$result = pg_query_params($db,"SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
return pg_fetch_array($result);
}
2019-05-11 12:44:29 +02:00
function printError(){
if(isset($_GET['error'])){
$erreur = getErrorProfil($_GET['error']);
echo "<p class = 'error'>$erreur</p>";
}
}
function isLoginUniqueModifier($db, $mail, $login){
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE login = $1 AND mail != $2;", array($login, $mail));
if($result){
$row = pg_fetch_array($result);
return (strcmp($row['login'], $login) != 0);
}
return false;
}
function getErrorProfil($code){
switch ($code){
case 1:
return "Ce login est déjà associé à un compte.";
case 2:
return "Les mots de passe ne correspondent pas.";
case 3:
return "Erreur lors de la récupération des informations de profil.";
case 4:
return "Le fichier envoyé doit être une image au format PNG ou JPEG.";
case 5:
return "La taille de l'image ne doit pas dépasser 2 MB.";
case 6:
return "Erreur lors de la modification du compte.";
}
}
2019-05-09 16:35:10 +02:00
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
2019-05-11 12:44:29 +02:00
<link rel="stylesheet" href="profil.css">
<link rel="stylesheet" href="index_inscription.css">
2019-05-09 16:35:10 +02:00
<script src="inscription.js"></script>
2019-05-11 12:44:29 +02:00
<title>Profil</title>
2019-05-09 16:35:10 +02:00
</head>
<body>
<div id="formulaire">
<h1>Profil</h1>
2019-05-11 12:44:29 +02:00
<div id="divImgProfil">
<img id="imgProfil" src="<?php echo getPathImgProfil($mail); ?>">
</div>
<form method="post" enctype="multipart/form-data" action="profil.php">
2019-05-09 16:35:10 +02:00
<div class="line">
<label for="mail_field">Adresse mail : </label>
<input id="mail_field" class="form" type="email" maxlength="100" readonly value="<?php echo $user['mail']; ?>">
</div>
<div class="line">
<label for="login_field">Login : </label>
<input id="login_field" class="form" name="login_field" type="text" maxlength="50" value="<?php echo $user['login'];?>" required>
</div>
<div class="line">
2019-05-11 12:44:29 +02:00
<label for="password">Mot de passe : </label>
<input class="form" id="password" name="password" type="password" maxlength="50" value="<?php echo $user['passwd'];?>" required>
</div>
<div class="line">
<label for="confirmation">Confirmation : </label>
<input class="form" id="confirmation" name="confirmation" type="password" maxlength="16" value="<?php echo $user['passwd'];?>" required>
2019-05-09 16:35:10 +02:00
</div>
<div class="line">
<label for="prenom_field">Prénom : </label>
<input id="prenom_field" class="form" name="prenom" type="text" maxlength="50" value="<?php echo $user['prenom'];?>" required>
</div>
<div class="line">
<label for="nom_field">Nom : </label>
<input id="nom_field" class="form" name="nom" type="text" maxlength="50" value="<?php echo $user['nom'];?>" required>
</div>
<div class="line">
<label for="dateN_field">Date de naissance : </label>
<input id="dateN_field" class="form" readonly="readonly" type="date" value="<?php echo $user['datenaissance'];?>" required>
</div>
<div class="line">
<label for="phone_field">Numéro de téléphone : </label>
<input id="phone_field" class="form" name="phone" type="tel" pattern="[0-9]{10}" maxlength="10" value="<?php echo $user['telephone'];?>" required>
</div>
<div class="line">
<label for="avatar">Image du Profil :</label>
2019-05-11 12:44:29 +02:00
<input type="file" id="avatar" class="form" name="avatar" accept="image/png, image/jpeg">
2019-05-09 16:35:10 +02:00
</div>
<?php
printError();
?>
2019-05-11 12:44:29 +02:00
<input id="submit" class="button" type="submit" value="Modifier">
2019-05-09 16:35:10 +02:00
</form>
</div>
</body>
</html>