added admin page

6 years ago · 11e0e4f486
parent 4ea87ca98a
commit 11e0e4f486
6 changed files with 227 additions and 50 deletions
--- a/WEB/profil/admin.php
+++ b/WEB/profil/admin.php
@ -0,0 +1,106 @@
 <?php
 session_start();
 require_once('../connexionBD.php');
 require_once ('../ressources/user.php');
 $mail = $_SESSION['mail'];
 if (!isset($_SESSION['mail'])) {
    header('Location: index.php');
    exit();
 }
 $user = getUser($db, $mail);
 if (!$user){
    header('Location: profil.php?error=3');
    exit();
 }
 if (isset($_POST['login']) || isset($_FILES['avatar'])){
    if (isset($_FILES['avatar']) and !empty($_FILES['avatar']['name'])) {
        $fic = $_FILES['avatar'];
        supprimerAvatar($mail);
        $res = uploadAvatar($mail, $fic);
        switch ($res){
            case -1:
                header('Location: profil.php?error=4');
                exit();
            case -2:
                header('Location: profil.php?error=5');
                exit();
            case -3:
                header('Location: profil.php?error=6');
                exit();
        }
    }
    if (isset($_POST['login']) && isset($_POST['password']) && isset($_POST['confirmation']) && isset($_POST['prenom']) && isset($_POST['nom']) && isset($_POST['phone'])) {
        $login = htmlentities(pg_escape_string($_POST['login']));
        $password = htmlentities(pg_escape_string($_POST['password']));
        $confirmation = htmlentities(pg_escape_string($_POST['confirmation']));
        $prenom = htmlentities(pg_escape_string($_POST['prenom']));
        $nom = htmlentities(pg_escape_string($_POST['nom']));
        $phone = htmlentities(pg_escape_string($_POST['phone']));
        if (loginChange($user, $login)) {
            if (!isLoginUniqueModifier($db, $mail, $login)) {
                header('Location: profil.php?error=1');
                exit();
            } else {
                if (!modifierLogin($db, $mail, $login)) {
                    header('Location: profil.php?error=6');
                    exit();
                }
            }
        }
        if (strcmp($password, $confirmation) != 0) {
            header('Location: profil.php?error=2');
            exit();
        }
        if (!modifierUtilisateur($db, $mail, $prenom, $nom, $password, $phone)) {
            header('Location: profil.php?error=6');
            exit();
        }
    }
    sleep(0.85);
    header('Location: profil.php');
    exit();
 }
 $delmail = $_POST['delmail'];
 ?>
 <!DOCTYPE html>
 <html lang="fr">
 <head>
    <meta charset="UTF-8">
    <link rel="stylesheet" href="admin.css">
    <link rel="stylesheet" href="../ressources/navbaradminhtml.css">
    <link rel="stylesheet" href="../index.css">
    <script src="../inscription/inscription.js"></script>
    <title>Administration</title>
 </head>
 <body>
 <?php require_once("../ressources/navbaradminhtml.php"); ?>
 <div id="formulaire">
    <h1>Administration</h1>
    <div>
      <h1>Supprimer un utilisateur</h1>
      <fieldset>
        <form action="admin.php" method="post">
          <table>
            <tr>
              <td><p>mail de l'utilisateur a supprimer :</p></td>
              <td><input type="text" name="delmail"/></td>
            </tr>
            <tr>
              <td><p><input type="submit" name="deluserbutton" value="supprimer l'utilisateur"></td>
            </tr>
            <tr>
              <td><?php if (isset($_POST['delmail'])) { deluser($delmail); }?></td>
            </tr>
          </table>
        </form>
      </fieldset>
    </div>
 </body>
 </html>
--- a/WEB/profil/profil.php
+++ b/WEB/profil/profil.php
@ -2,6 +2,7 @@
 session_start();
 require_once('../connexionBD.php');
 require_once ('../ressources/user.php');
 require_once ('../ressources/voiture.php');
 $mail = $_SESSION['mail'];
 $matricule = isset($_POST['matricule']) ? $_POST['matricule'] : NULL; //recuperation valeur formulaire, isset pour eviter l'erreur "Notice: Undefined index"
@ -10,53 +11,6 @@ $modele = isset($_POST['modele']) ? $_POST['modele'] : NULL;
 $nbplaces = isset($_POST['nbplaces']) ? $_POST['nbplaces'] : NULL;
 $anneefab = isset($_POST['anneefab']) ? $_POST['anneefab'] : NULL;
 function printError(){
    if (isset($_GET['error'])) {
        $erreur = getErrorProfil($_GET['error']);
        echo "<p class = 'error'>$erreur</p>";
    }
 }
 function getErrorProfil($code){
    switch ($code) {
        case 1:
            return "Ce login est déjà associé à un compte.";
        case 2:
            return "Les mots de passe ne correspondent pas.";
        case 3:
            return "Erreur lors de la récupération des informations de profil.";
        case 4:
            return "Le fichier envoyé doit être une image au format PNG ou JPEG.";
        case 5:
            return "La taille de l'image ne doit pas dépasser 2 MB.";
        case 6:
            return "Erreur lors de la modification du compte.";
    }
 }
 function addVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
    $requete = "INSERT INTO public.voiture (matricule, marque, modele, nbplaces, anneefab, mail) VALUES ('" . $matricule . "','" . $marque . "','" . $modele . "','" . $nbplaces . "','" . $anneefab . "','" . $_SESSION['mail'] . "');";
    pg_query($db, $requete);
 }
 function changeVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
    $requete = "UPDATE public.voiture SET (matricule, marque, modele, nbplaces, anneefab) = ('" . $matricule . "','" . $marque . "','" . $modele . "','" . $nbplaces . "','" . $anneefab . "') WHERE mail = '" . $_SESSION['mail'] . "';";
    pg_query($db, $requete);
 }
 function showVoiture($db){
    $requete = "SELECT * FROM public.voiture WHERE voiture.mail = '" . $_SESSION['mail'] . "';";
    if ($donnees = pg_query($db, $requete)) {
        while ($res = pg_fetch_assoc($donnees)) {
            echo "matricule = ".$res['matricule']."<br>";
            echo "marque = ".$res['marque']."<br>";
            echo "modele = ".$res['modele']."<br>";
            echo "nombre de places = ".$res['nbplaces']."<br>";
            echo "année de fabrication = ".$res['anneefab']."<br>";
        }
    }
 }
 if (!isset($_SESSION['mail'])) {
    header('Location: index.php');
    exit();
@ -134,8 +88,8 @@ if (isset($_POST['login']) || isset($_FILES['avatar'])){
    <meta charset="UTF-8">
    <link rel="stylesheet" href="profil.css">
    <link rel="stylesheet" href="../ressources/navbarhtml.css">
-    <link rel="stylesheet" href="../index_inscription.css">
+    <link rel="stylesheet" href="../index.css">
-    <script src="../inscription.js"></script>
+    <script src="../inscription/inscription.js"></script>
    <title>Profil</title>
 </head>
 <body>
@ -303,7 +257,9 @@ if (isset($_POST['login']) || isset($_FILES['avatar'])){
                  <table>
                      <tr>
                        <td><p><input type="submit" name="submitshow" value="afficher ma voiture"></p></td>
-                        <?php if (isset($_POST['submitshow'])) { showVoiture($db); }?>
+                      </tr>
                      <tr>
                        <td><?php if (isset($_POST['submitshow'])) { showVoiture($db); }?></td>
                      </tr>
                  </table>
              </form>
--- a/WEB/ressources/navbaradminhtml.css
+++ b/WEB/ressources/navbaradminhtml.css
@ -0,0 +1,39 @@
 #menuDiv{
    width: 100%;
    display: block;
 }
 #menuDiv a{
    font-family: "Arial";
    font-size: 1em;
 }
 #menu {
    display: flex;
    flex-direction: row;
    flex-wrap: wrap;
    justify-content: center;
    background-color: rgb(65, 154, 28);
 }
 .menuItem {
    display: flex;
    flex-wrap: nowrap;
    align-items: center;
    justify-content: center;
    color: white;
    width: 10%;
    min-width: 5em;
    font-weight: bold;
    text-decoration: none;
    padding: 0.8em;
    border-bottom: 4px solid rgb(65, 154, 28);
    border-top: 4px solid rgb(65, 154, 28);
    font-size: 1.1em;
    text-align: center;
 }
 .menuItem:hover{
    cursor: pointer;
    border-bottom: 4px solid orange;
 }
--- a/WEB/ressources/navbaradminhtml.php
+++ b/WEB/ressources/navbaradminhtml.php
@ -0,0 +1,18 @@
 <?php
 $path = "..";
 if (file_exists("./inscription.php")) {
  $path = ".";
 }
 ?>
 <div id="menuDiv">
    <nav id="menu">
        <a class="menuItem" href="<?php echo $path ; ?>/tableauBord/tableauBord.php">Tableau de bord</a>
        <a class="menuItem" href="<?php echo $path ; ?>/inscription.php">Trajets publiés</a>
        <a class="menuItem" href="<?php echo $path ; ?>/inscription.php">Trajets réservés</a>
        <a class="menuItem" href="<?php echo $path ; ?>/inscription.php">Messagerie</a>
        <a class="menuItem" href="<?php echo $path ; ?>/inscription.php">Avis reçus</a>
        <a class="menuItem" href="<?php echo $path ; ?>/inscription.php">Avis laissés</a>
        <a class="menuItem" href="<?php echo $path ; ?>/admin/admin.php">Administration</a>
        <a class="menuItem" href="<?php echo $path ; ?>/deconnexion.php">Se déconnecter</a>
    </nav>
 </div>
--- a/WEB/ressources/user.php
+++ b/WEB/ressources/user.php
@ -116,4 +116,38 @@ function uploadAvatar($mail, $fic){
    }
    return 0;
 }
 function printError(){
    if (isset($_GET['error'])) {
        $erreur = getErrorProfil($_GET['error']);
        echo "<p class = 'error'>$erreur</p>";
    }
 }
 function getErrorProfil($code){
    switch ($code) {
        case 1:
            return "Ce login est déjà associé à un compte.";
        case 2:
            return "Les mots de passe ne correspondent pas.";
        case 3:
            return "Erreur lors de la récupération des informations de profil.";
        case 4:
            return "Le fichier envoyé doit être une image au format PNG ou JPEG.";
        case 5:
            return "La taille de l'image ne doit pas dépasser 2 MB.";
        case 6:
            return "Erreur lors de la modification du compte.";
    }
 }
 function deluser($mail){
  echo "c'est supprimé";
  /*Update to userdel where mail
  Del mail de la table utilisateur
  Delete from where
  Supprimer l’avatar*/
 }
 ?>
--- a/WEB/ressources/voiture.php
+++ b/WEB/ressources/voiture.php
@ -0,0 +1,24 @@
 <?php
 function addVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
    $requete = "INSERT INTO public.voiture (matricule, marque, modele, nbplaces, anneefab, mail) VALUES ('" . $matricule . "','" . $marque . "','" . $modele . "','" . $nbplaces . "','" . $anneefab . "','" . $_SESSION['mail'] . "');";
    pg_query($db, $requete);
 }
 function changeVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
    $requete = "UPDATE public.voiture SET (matricule, marque, modele, nbplaces, anneefab) = ('" . $matricule . "','" . $marque . "','" . $modele . "','" . $nbplaces . "','" . $anneefab . "') WHERE mail = '" . $_SESSION['mail'] . "';";
    pg_query($db, $requete);
 }
 function showVoiture($db){
    $requete = "SELECT * FROM public.voiture WHERE voiture.mail = '" . $_SESSION['mail'] . "';";
    if ($donnees = pg_query($db, $requete)) {
        while ($res = pg_fetch_assoc($donnees)) {
            echo "matricule = ".$res['matricule']."<br>";
            echo "marque = ".$res['marque']."<br>";
            echo "modele = ".$res['modele']."<br>";
            echo "nombre de places = ".$res['nbplaces']."<br>";
            echo "année de fabrication = ".$res['anneefab']."<br>";
        }
    }
 }
 ?>