added admin page

This commit is contained in:
Flavien Haas 2019-05-22 10:36:02 +02:00
parent 4ea87ca98a
commit 11e0e4f486
6 changed files with 227 additions and 50 deletions

106
WEB/profil/admin.php Normal file
View File

@ -0,0 +1,106 @@
<?php
session_start();
require_once('../connexionBD.php');
require_once ('../ressources/user.php');
$mail = $_SESSION['mail'];
if (!isset($_SESSION['mail'])) {
header('Location: index.php');
exit();
}
$user = getUser($db, $mail);
if (!$user){
header('Location: profil.php?error=3');
exit();
}
if (isset($_POST['login']) || isset($_FILES['avatar'])){
if (isset($_FILES['avatar']) and !empty($_FILES['avatar']['name'])) {
$fic = $_FILES['avatar'];
supprimerAvatar($mail);
$res = uploadAvatar($mail, $fic);
switch ($res){
case -1:
header('Location: profil.php?error=4');
exit();
case -2:
header('Location: profil.php?error=5');
exit();
case -3:
header('Location: profil.php?error=6');
exit();
}
}
if (isset($_POST['login']) && isset($_POST['password']) && isset($_POST['confirmation']) && isset($_POST['prenom']) && isset($_POST['nom']) && isset($_POST['phone'])) {
$login = htmlentities(pg_escape_string($_POST['login']));
$password = htmlentities(pg_escape_string($_POST['password']));
$confirmation = htmlentities(pg_escape_string($_POST['confirmation']));
$prenom = htmlentities(pg_escape_string($_POST['prenom']));
$nom = htmlentities(pg_escape_string($_POST['nom']));
$phone = htmlentities(pg_escape_string($_POST['phone']));
if (loginChange($user, $login)) {
if (!isLoginUniqueModifier($db, $mail, $login)) {
header('Location: profil.php?error=1');
exit();
} else {
if (!modifierLogin($db, $mail, $login)) {
header('Location: profil.php?error=6');
exit();
}
}
}
if (strcmp($password, $confirmation) != 0) {
header('Location: profil.php?error=2');
exit();
}
if (!modifierUtilisateur($db, $mail, $prenom, $nom, $password, $phone)) {
header('Location: profil.php?error=6');
exit();
}
}
sleep(0.85);
header('Location: profil.php');
exit();
}
$delmail = $_POST['delmail'];
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="admin.css">
<link rel="stylesheet" href="../ressources/navbaradminhtml.css">
<link rel="stylesheet" href="../index.css">
<script src="../inscription/inscription.js"></script>
<title>Administration</title>
</head>
<body>
<?php require_once("../ressources/navbaradminhtml.php"); ?>
<div id="formulaire">
<h1>Administration</h1>
<div>
<h1>Supprimer un utilisateur</h1>
<fieldset>
<form action="admin.php" method="post">
<table>
<tr>
<td><p>mail de l'utilisateur a supprimer :</p></td>
<td><input type="text" name="delmail"/></td>
</tr>
<tr>
<td><p><input type="submit" name="deluserbutton" value="supprimer l'utilisateur"></td>
</tr>
<tr>
<td><?php if (isset($_POST['delmail'])) { deluser($delmail); }?></td>
</tr>
</table>
</form>
</fieldset>
</div>
</body>
</html>

View File

@ -2,6 +2,7 @@
session_start();
require_once('../connexionBD.php');
require_once ('../ressources/user.php');
require_once ('../ressources/voiture.php');
$mail = $_SESSION['mail'];
$matricule = isset($_POST['matricule']) ? $_POST['matricule'] : NULL; //recuperation valeur formulaire, isset pour eviter l'erreur "Notice: Undefined index"
@ -10,53 +11,6 @@ $modele = isset($_POST['modele']) ? $_POST['modele'] : NULL;
$nbplaces = isset($_POST['nbplaces']) ? $_POST['nbplaces'] : NULL;
$anneefab = isset($_POST['anneefab']) ? $_POST['anneefab'] : NULL;
function printError(){
if (isset($_GET['error'])) {
$erreur = getErrorProfil($_GET['error']);
echo "<p class = 'error'>$erreur</p>";
}
}
function getErrorProfil($code){
switch ($code) {
case 1:
return "Ce login est déjà associé à un compte.";
case 2:
return "Les mots de passe ne correspondent pas.";
case 3:
return "Erreur lors de la récupération des informations de profil.";
case 4:
return "Le fichier envoyé doit être une image au format PNG ou JPEG.";
case 5:
return "La taille de l'image ne doit pas dépasser 2 MB.";
case 6:
return "Erreur lors de la modification du compte.";
}
}
function addVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
$requete = "INSERT INTO public.voiture (matricule, marque, modele, nbplaces, anneefab, mail) VALUES ('" . $matricule . "','" . $marque . "','" . $modele . "','" . $nbplaces . "','" . $anneefab . "','" . $_SESSION['mail'] . "');";
pg_query($db, $requete);
}
function changeVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
$requete = "UPDATE public.voiture SET (matricule, marque, modele, nbplaces, anneefab) = ('" . $matricule . "','" . $marque . "','" . $modele . "','" . $nbplaces . "','" . $anneefab . "') WHERE mail = '" . $_SESSION['mail'] . "';";
pg_query($db, $requete);
}
function showVoiture($db){
$requete = "SELECT * FROM public.voiture WHERE voiture.mail = '" . $_SESSION['mail'] . "';";
if ($donnees = pg_query($db, $requete)) {
while ($res = pg_fetch_assoc($donnees)) {
echo "matricule = ".$res['matricule']."<br>";
echo "marque = ".$res['marque']."<br>";
echo "modele = ".$res['modele']."<br>";
echo "nombre de places = ".$res['nbplaces']."<br>";
echo "année de fabrication = ".$res['anneefab']."<br>";
}
}
}
if (!isset($_SESSION['mail'])) {
header('Location: index.php');
exit();
@ -134,8 +88,8 @@ if (isset($_POST['login']) || isset($_FILES['avatar'])){
<meta charset="UTF-8">
<link rel="stylesheet" href="profil.css">
<link rel="stylesheet" href="../ressources/navbarhtml.css">
<link rel="stylesheet" href="../index_inscription.css">
<script src="../inscription.js"></script>
<link rel="stylesheet" href="../index.css">
<script src="../inscription/inscription.js"></script>
<title>Profil</title>
</head>
<body>
@ -303,7 +257,9 @@ if (isset($_POST['login']) || isset($_FILES['avatar'])){
<table>
<tr>
<td><p><input type="submit" name="submitshow" value="afficher ma voiture"></p></td>
<?php if (isset($_POST['submitshow'])) { showVoiture($db); }?>
</tr>
<tr>
<td><?php if (isset($_POST['submitshow'])) { showVoiture($db); }?></td>
</tr>
</table>
</form>

View File

@ -0,0 +1,39 @@
#menuDiv{
width: 100%;
display: block;
}
#menuDiv a{
font-family: "Arial";
font-size: 1em;
}
#menu {
display: flex;
flex-direction: row;
flex-wrap: wrap;
justify-content: center;
background-color: rgb(65, 154, 28);
}
.menuItem {
display: flex;
flex-wrap: nowrap;
align-items: center;
justify-content: center;
color: white;
width: 10%;
min-width: 5em;
font-weight: bold;
text-decoration: none;
padding: 0.8em;
border-bottom: 4px solid rgb(65, 154, 28);
border-top: 4px solid rgb(65, 154, 28);
font-size: 1.1em;
text-align: center;
}
.menuItem:hover{
cursor: pointer;
border-bottom: 4px solid orange;
}

View File

@ -0,0 +1,18 @@
<?php
$path = "..";
if (file_exists("./inscription.php")) {
$path = ".";
}
?>
<div id="menuDiv">
<nav id="menu">
<a class="menuItem" href="<?php echo $path ; ?>/tableauBord/tableauBord.php">Tableau de bord</a>
<a class="menuItem" href="<?php echo $path ; ?>/inscription.php">Trajets publiés</a>
<a class="menuItem" href="<?php echo $path ; ?>/inscription.php">Trajets réservés</a>
<a class="menuItem" href="<?php echo $path ; ?>/inscription.php">Messagerie</a>
<a class="menuItem" href="<?php echo $path ; ?>/inscription.php">Avis reçus</a>
<a class="menuItem" href="<?php echo $path ; ?>/inscription.php">Avis laissés</a>
<a class="menuItem" href="<?php echo $path ; ?>/admin/admin.php">Administration</a>
<a class="menuItem" href="<?php echo $path ; ?>/deconnexion.php">Se déconnecter</a>
</nav>
</div>

View File

@ -116,4 +116,38 @@ function uploadAvatar($mail, $fic){
}
return 0;
}
function printError(){
if (isset($_GET['error'])) {
$erreur = getErrorProfil($_GET['error']);
echo "<p class = 'error'>$erreur</p>";
}
}
function getErrorProfil($code){
switch ($code) {
case 1:
return "Ce login est déjà associé à un compte.";
case 2:
return "Les mots de passe ne correspondent pas.";
case 3:
return "Erreur lors de la récupération des informations de profil.";
case 4:
return "Le fichier envoyé doit être une image au format PNG ou JPEG.";
case 5:
return "La taille de l'image ne doit pas dépasser 2 MB.";
case 6:
return "Erreur lors de la modification du compte.";
}
}
function deluser($mail){
echo "c'est supprimé";
/*Update to userdel where mail
Del mail de la table utilisateur
Delete from where
Supprimer lavatar*/
}
?>

View File

@ -0,0 +1,24 @@
<?php
function addVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
$requete = "INSERT INTO public.voiture (matricule, marque, modele, nbplaces, anneefab, mail) VALUES ('" . $matricule . "','" . $marque . "','" . $modele . "','" . $nbplaces . "','" . $anneefab . "','" . $_SESSION['mail'] . "');";
pg_query($db, $requete);
}
function changeVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
$requete = "UPDATE public.voiture SET (matricule, marque, modele, nbplaces, anneefab) = ('" . $matricule . "','" . $marque . "','" . $modele . "','" . $nbplaces . "','" . $anneefab . "') WHERE mail = '" . $_SESSION['mail'] . "';";
pg_query($db, $requete);
}
function showVoiture($db){
$requete = "SELECT * FROM public.voiture WHERE voiture.mail = '" . $_SESSION['mail'] . "';";
if ($donnees = pg_query($db, $requete)) {
while ($res = pg_fetch_assoc($donnees)) {
echo "matricule = ".$res['matricule']."<br>";
echo "marque = ".$res['marque']."<br>";
echo "modele = ".$res['modele']."<br>";
echo "nombre de places = ".$res['nbplaces']."<br>";
echo "année de fabrication = ".$res['anneefab']."<br>";
}
}
}
?>