flavien/PROJET-WEB_STRI1A
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Mise à jour avec branche bd

Browse Source
This commit is contained in:
remi.biette 2019-05-17 05:58:27 +02:00
commit 17aba86405
5 changed files with 123 additions and 180 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
WEB/connectionBD.php → WEB/connexionBD.php
View File

@ -1,19 +1,7 @@
<?php <?php
/**
* Created by PhpStorm.
* User: REMI
* Date: 16/04/2019
* Time: 14:46
*/
function connexionBD(){
$host = "localhost"; $host = "localhost";
$dbname = "projet"; $dbname = "projet";
$user = "utilisateur"; $user = "utilisateur";
$pass = "-stri-"; $pass = "-stri-";
$db = pg_connect("host=$host port=5432 dbname=$dbname user=$user password=$pass") or die("Erreur lors de la connexion à la base de données."); $db = pg_connect("host=$host port=5432 dbname=$dbname user=$user password=$pass") or die("Erreur lors de la connexion à la base de données.");
return $db;
}
?>

14
WEB/deconnexion.php
View File

@ -1,21 +1,11 @@
<?php <?php
/**
* Created by PhpStorm.
* User: REMI
* Date: 19/04/2019
* Time: 10:10
*/
require 'connectionBD.php'; require_once ('connexionBD.php');
$db = connexionBD();
init();
function init(){
session_start(); session_start();
if (isset($_SESSION['mail'])){ if (isset($_SESSION['mail'])){
session_unset(); session_unset();
session_destroy(); session_destroy();
} }
header('Location: index.php'); header('Location: index.php');
exit();
}

59
WEB/index.php
View File

@ -1,48 +1,15 @@
<?php <?php
require("connectionBD.php"); require_once("connexionBD.php");
$db = connexionBD();
init();
function printError(){
if(isset($_GET['error'])){
$erreur = getError($_GET['error']);
echo "<p class = 'error'>$erreur</p>";
}
}
function getError($code){
switch ($code){
case 1:
return "Adresse mail ou mot de passe invalide.";
}
}
function authentification($mail, $password){
global $db;
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
if ($result){
$row = pg_fetch_array($result);
return (strcmp($row["passwd"], $password)) == 0;
}
return false;
}
function init(){
global $db;
session_start(); session_start();
/*if(isset($_COOKIE['mail']) && isset($_COOKIE['password'])){
if (authentification($_COOKIE['mail'], $_COOKIE['mail'])){
$_SESSION['mail'] = $_COOKIE['mail'];
}
}*/
if(!isset($_SESSION['mail'])){ if(!isset($_SESSION['mail'])){
if (isset($_POST['mail_field'])){ if (isset($_POST['mail_field'])){
$mail = strtolower(htmlentities(pg_escape_string ($_POST['mail_field']))); $mail = strtolower(htmlentities(pg_escape_string ($_POST['mail_field'])));
$password = htmlentities(pg_escape_string($_POST['password'])); $password = htmlentities(pg_escape_string($_POST['password']));
$result = authentification($mail, $password); $result = authentification($db, $mail, $password);
if($result) { if($result) {
$_SESSION['mail'] = $mail; $_SESSION['mail'] = $mail;
header('Location: tableauBord/tableauBord.php'); header('Location: tableauBord/tableauBord.php');
@ -58,6 +25,28 @@ function init(){
header('Location: tableauBord/tableauBord.php'); header('Location: tableauBord/tableauBord.php');
exit(); exit();
} }
function printError(){
if(isset($_GET['error'])){
$erreur = getError($_GET['error']);
echo "<p class = 'error'>$erreur</p>";
}
}
function getError($code){
switch ($code){
case 1:
return "Adresse mail ou mot de passe invalide.";
}
}
function authentification($db, $mail, $password){
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
if ($result){
$row = pg_fetch_array($result);
return (strcmp($row["passwd"], $password)) == 0;
}
return false;
} }
?> ?>

166
WEB/inscription.php
View File

@ -1,83 +1,9 @@
<?php <?php
require ('connectionBD.php'); require_once('connexionBD.php');
$db = connexionBD();
init();
function printError(){
if(isset($_GET['error'])){
$erreur = getError($_GET['error']);
echo "<p class = 'error'>$erreur</p>";
}
}
function getError($code){
switch ($code){
case 1:
return "L'adresse mail est invalide.";
case 2:
return "Cette adresse est déjà associée à un compte.";
case 3:
return "Ce login est déjà associé à un compte.";
case 4:
return "Le fichier envoyé doit être une image au format PNG.";
case 5:
return "La taille de l'image ne doit pas dépasser 2 MB.";
case 6:
return "Erreur lors de la création du compte.";
}
}
function isMailUnique($mail){
global $db;
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
if($result){
$row = pg_fetch_array($result);
return (strcmp($row['mail'], $mail) != 0);
}
return false;
}
function isLoginUnique($login){
global $db;
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE login = $1;", array($login));
if($result){
$row = pg_fetch_array($result);
return (strcmp($row['login'], $login) != 0);
}
return false;
}
function creerUtilisateur($mail, $password, $prenom, $nom, $login, $phone, $dateN){
global $db;
$result = pg_query_params($db, "INSERT INTO Utilisateur VALUES ($1, $2, $3, $4, $5, $6, to_date($7, 'YYYY/MM/DD'), false);", array($mail, $password, $prenom, $nom, $login, $phone, $dateN));
return $result;
}
function uploadAvatar($mail){
if(isset($_FILES['avatar']) and $_FILES['avatar']['name'] != "") {
$target_file = "imageProfil/$mail.png";
$file_tmp = $_FILES['avatar']['tmp_name'];
$extension = end(explode('.', $_FILES['avatar']['name']));
$check = getimagesize($file_tmp);
if($check === false or !in_array($extension, array('png'))) {
header('Location: inscription.php?error=4');
exit();
}
else if ($_FILES['avatar']['size'] > 2 * 1024 * 1024){
header('Location: inscription.php?error=5');
exit();
}
else{
move_uploaded_file($file_tmp, $target_file);
}
}
}
function init(){
session_start(); session_start();
if (!isset($_SESSION['mail'])) { if (!isset($_SESSION['mail'])) {
if ($_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST) && empty($_FILES) && $_SERVER['CONTENT_LENGTH'] > 0) { if ($_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST) && empty($_FILES) && $_SERVER['CONTENT_LENGTH'] > 0) {
echo "<p class='error'>PHP a ignoré les données POST à cause d'une requête dépassant post_max_size (" . ini_get('post_max_size') . ").</p>"; echo "<p class='error'>PHP a ignoré les données POST à cause d'une requête dépassant post_max_size (" . ini_get('post_max_size') . ").</p>";
@ -95,31 +21,97 @@ function init(){
if (!filter_var($mail, FILTER_VALIDATE_EMAIL)) { if (!filter_var($mail, FILTER_VALIDATE_EMAIL)) {
header('Location: inscription.php?error=1'); header('Location: inscription.php?error=1');
exit(); exit();
} } elseif (!isMailUnique($db, $mail)) {
elseif(!isMailUnique($mail)){
header('Location: inscription.php?error=2'); header('Location: inscription.php?error=2');
exit(); exit();
} } elseif (!isLoginUnique($db, $login)) {
elseif(!isLoginUnique($login)){
header('Location: inscription.php?error=3'); header('Location: inscription.php?error=3');
exit(); exit();
} } else {
else{
uploadAvatar($mail); uploadAvatar($mail);
$result = creerUtilisateur($mail, $password, $prenom, $nom, $login, $phone, $dateN); $result = creerUtilisateur($db, $mail, $password, $prenom, $nom, $login, $phone, $dateN);
if ($result) { if ($result) {
header('Location: index.php'); header('Location: index.php');
} } else {
else{
header('Location: inscription.php?error=6'); header('Location: inscription.php?error=6');
} }
} }
} }
} } else {
else{
header('Location: tableauBord/tableauBord.php'); header('Location: tableauBord/tableauBord.php');
} }
function printError()
{
if (isset($_GET['error'])) {
$erreur = getError($_GET['error']);
echo "<p class = 'error'>$erreur</p>";
}
}
function getError($code)
{
switch ($code) {
case 1:
return "L'adresse mail est invalide.";
case 2:
return "Cette adresse est déjà associée à un compte.";
case 3:
return "Ce login est déjà associé à un compte.";
case 4:
return "Le fichier envoyé doit être une image au format PNG.";
case 5:
return "La taille de l'image ne doit pas dépasser 2 MB.";
case 6:
return "Erreur lors de la création du compte.";
}
}
function isMailUnique($db, $mail)
{
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
if ($result) {
$row = pg_fetch_array($result);
return (strcmp($row['mail'], $mail) != 0);
}
return false;
}
function isLoginUnique($db, $login)
{
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE login = $1;", array($login));
if ($result) {
$row = pg_fetch_array($result);
return (strcmp($row['login'], $login) != 0);
}
return false;
}
function creerUtilisateur($db, $mail, $password, $prenom, $nom, $login, $phone, $dateN)
{
$result = pg_query_params($db, "INSERT INTO Utilisateur VALUES ($1, $2, $3, $4, $5, $6, to_date($7, 'YYYY/MM/DD'), false);", array($mail, $password, $prenom, $nom, $login, $phone, $dateN));
return $result;
}
function uploadAvatar($mail)
{
if (isset($_FILES['avatar']) and $_FILES['avatar']['name'] != "") {
$target_file = "imageProfil/$mail.png";
$file_tmp = $_FILES['avatar']['tmp_name'];
$extension = end(explode('.', $_FILES['avatar']['name']));
$check = getimagesize($file_tmp);
if ($check === false or !in_array($extension, array('png'))) {
header('Location: inscription.php?error=4');
exit();
} else if ($_FILES['avatar']['size'] > 2 * 1024 * 1024) {
header('Location: inscription.php?error=5');
exit();
} else {
move_uploaded_file($file_tmp, $target_file);
}
}
} }
?> ?>

68
WEB/tableauBord/tableauBord.php
View File

@ -1,8 +1,13 @@
<?php <?php
require ('../connectionBD.php'); require_once('../connexionBD.php');
$mail = null; session_start();
$db = connexionBD();
init(); //Si on est pas connecté redirection vers la page de connexion
if(!isset($_SESSION['mail'])){
header('Location: ../index.php');
exit();
}
$mail = $_SESSION['mail'];
$matricule = isset($_POST['matricule']) ? $_POST['matricule'] : NULL; //recuperation valeur formulaire, isset pour eviter l'erreur "Notice: Undefined index" $matricule = isset($_POST['matricule']) ? $_POST['matricule'] : NULL; //recuperation valeur formulaire, isset pour eviter l'erreur "Notice: Undefined index"
$marque = isset($_POST['marque']) ? $_POST['marque'] : NULL; $marque = isset($_POST['marque']) ? $_POST['marque'] : NULL;
@ -11,30 +16,16 @@ $nbplaces = isset($_POST['nbplaces']) ? $_POST['nbplaces'] : NULL;
$anneefab = isset($_POST['anneefab']) ? $_POST['anneefab'] : NULL; $anneefab = isset($_POST['anneefab']) ? $_POST['anneefab'] : NULL;
if(isset($_POST['submitadd'])){ if(isset($_POST['submitadd'])){
addVoiture($matricule, $marque, $modele, $nbplaces, $anneefab); addVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab);
} }
if(isset($_POST['submitchange'])){ if(isset($_POST['submitchange'])){
changeVoiture($matricule, $marque, $modele, $nbplaces, $anneefab); changeVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab);
} }
if(isset($_POST['submitshow'])){ if(isset($_POST['submitshow'])){
showVoiture(); showVoiture($db);
} }
function init(){ function getPrenom($db, $mail){
session_start();
global $mail;
//Si on est pas connecté redirection vers la page de connexion
if(!isset($_SESSION['mail'])){
header('Location: ../index.php');
exit();
}
else{
$mail = $_SESSION['mail'];
}
}
function getPrenom($mail){
global $db;
$result = pg_query_params($db, "SELECT prenom from Utilisateur WHERE mail = $1;", array($mail)); $result = pg_query_params($db, "SELECT prenom from Utilisateur WHERE mail = $1;", array($mail));
if($result){ if($result){
$row = pg_fetch_array($result); $row = pg_fetch_array($result);
@ -44,8 +35,7 @@ function getPrenom($mail){
return null; return null;
} }
function getLogin($mail){ function getLogin($db, $mail){
global $db;
$result = pg_query_params($db, "SELECT login from Utilisateur WHERE mail = $1;", array($mail)); $result = pg_query_params($db, "SELECT login from Utilisateur WHERE mail = $1;", array($mail));
if($result){ if($result){
$row = pg_fetch_array($result); $row = pg_fetch_array($result);
@ -55,8 +45,7 @@ function getLogin($mail){
return null; return null;
} }
function getTrajetsProposes($mail){ function getTrajetsProposes($db, $mail){
global $db;
$result = pg_query_params($db, "SELECT COUNT(*) from Trajet WHERE mailProposition = $1 AND estAnnule = false AND datedepart >= current_date;", array($mail)); $result = pg_query_params($db, "SELECT COUNT(*) from Trajet WHERE mailProposition = $1 AND estAnnule = false AND datedepart >= current_date;", array($mail));
if($result){ if($result){
$row = pg_fetch_array($result); $row = pg_fetch_array($result);
@ -65,8 +54,7 @@ function getTrajetsProposes($mail){
return 0; return 0;
} }
function getTrajetsReserves($mail){ function getTrajetsReserves($db, $mail){
global $db;
$result = pg_query_params($db, "SELECT COUNT(*) FROM trajet tr, reserver r WHERE r.codetrajet = tr.codetrajet AND mailutilisateur = $1 AND etatres != 'Annulée' AND estAnnule = false AND datedepart >= current_date;", array($mail)); $result = pg_query_params($db, "SELECT COUNT(*) FROM trajet tr, reserver r WHERE r.codetrajet = tr.codetrajet AND mailutilisateur = $1 AND etatres != 'Annulée' AND estAnnule = false AND datedepart >= current_date;", array($mail));
if($result){ if($result){
$row = pg_fetch_array($result); $row = pg_fetch_array($result);
@ -75,8 +63,7 @@ function getTrajetsReserves($mail){
return 0; return 0;
} }
function getMessagesNonLus($mail){ function getMessagesNonLus($db, $mail){
global $db;
$result = pg_query_params($db, "SELECT COUNT(*) from Message WHERE mailRecepteur = $1 AND estLu = FALSE;", array($mail)); $result = pg_query_params($db, "SELECT COUNT(*) from Message WHERE mailRecepteur = $1 AND estLu = FALSE;", array($mail));
if($result){ if($result){
$row = pg_fetch_array($result); $row = pg_fetch_array($result);
@ -85,7 +72,7 @@ function getMessagesNonLus($mail){
} }
} }
function getAvisNonLus($mail){ function getAvisNonLus($db, $mail){
global $db; global $db;
$result = pg_query_params($db, "SELECT COUNT(tr.mailProposition) FROM Trajet tr, Avis av WHERE tr.codeTrajet = av.codeTrajet AND av.estLu = false AND tr.mailProposition = $1;", array($mail)); $result = pg_query_params($db, "SELECT COUNT(tr.mailProposition) FROM Trajet tr, Avis av WHERE tr.codeTrajet = av.codeTrajet AND av.estLu = false AND tr.mailProposition = $1;", array($mail));
if($result){ if($result){
@ -102,21 +89,18 @@ function getPathImgProfil($mail){
return "../imageProfil/default.svg"; return "../imageProfil/default.svg";
} }
function addVoiture($matricule, $marque, $modele, $nbplaces, $anneefab){ function addVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
global $db;
$requete = "INSERT INTO public.voiture (matricule, marque, modele, nbplaces, anneefab, mail) VALUES ('".$matricule."','".$marque."','".$modele."','".$nbplaces."','".$anneefab."','".$_SESSION['mail']."');"; $requete = "INSERT INTO public.voiture (matricule, marque, modele, nbplaces, anneefab, mail) VALUES ('".$matricule."','".$marque."','".$modele."','".$nbplaces."','".$anneefab."','".$_SESSION['mail']."');";
pg_query($db, $requete); pg_query($db, $requete);
} }
function changeVoiture($matricule, $marque, $modele, $nbplaces, $anneefab){ function changeVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
global $db;
$requete = "UPDATE public.voiture SET (matricule, marque, modele, nbplaces, anneefab) = ('".$matricule."','".$marque."','".$modele."','".$nbplaces."','".$anneefab."') WHERE mail = '".$_SESSION['mail']."';"; $requete = "UPDATE public.voiture SET (matricule, marque, modele, nbplaces, anneefab) = ('".$matricule."','".$marque."','".$modele."','".$nbplaces."','".$anneefab."') WHERE mail = '".$_SESSION['mail']."';";
echo "requete =".$requete; echo "requete =".$requete;
pg_query($db, $requete); pg_query($db, $requete);
} }
function showVoiture(){ function showVoiture($db){
global $db;
$requete = "SELECT * FROM public.voiture WHERE voiture.mail = '".$_SESSION['mail']."';"; $requete = "SELECT * FROM public.voiture WHERE voiture.mail = '".$_SESSION['mail']."';";
if($donnees = pg_query($db, $requete)){ if($donnees = pg_query($db, $requete)){
while($res = pg_fetch_assoc($donnees)){ while($res = pg_fetch_assoc($donnees)){
@ -147,7 +131,7 @@ function showVoiture(){
</script> </script>
<div id="content"> <div id="content">
<div id="tableauBord"> <div id="tableauBord">
<h1>Bienvenue <?php echo getLogin($mail); ?></h1> <h1>Bienvenue <?php echo getLogin($db, $mail); ?></h1>
<div id="divImgProfil"> <div id="divImgProfil">
<img id="imgProfil" src="<?php echo getPathImgProfil($mail); ?>"> <img id="imgProfil" src="<?php echo getPathImgProfil($mail); ?>">
</div> </div>
@ -158,19 +142,19 @@ function showVoiture(){
<div id="recap"> <div id="recap">
<div class="recapLine"> <div class="recapLine">
<img class="recapIcon" src="../car.png"> <img class="recapIcon" src="../car.png">
<p>Vous avez <?php echo getTrajetsProposes($mail); ?> trajets proposés à effectuer.</p> <p>Vous avez <?php echo getTrajetsProposes($db, $mail); ?> trajets proposés à effectuer.</p>
</div> </div>
<div class="recapLine"> <div class="recapLine">
<img class="recapIcon" src="../car.png"> <img class="recapIcon" src="../car.png">
<p>Vous avez <?php echo getTrajetsReserves($mail); ?> trajets réservés à effectuer.</p> <p>Vous avez <?php echo getTrajetsReserves($db, $mail); ?> trajets réservés à effectuer.</p>
</div> </div>
<div class="recapLine"> <div class="recapLine">
<img class="recapIcon" src="../mail.svg"> <img class="recapIcon" src="../mail.svg">
<p>Vous avez <?php echo getMessagesNonLus($mail); ?> messages non lus.</p> <p>Vous avez <?php echo getMessagesNonLus($db, $mail); ?> messages non lus.</p>
</div> </div>
<div class="recapLine"> <div class="recapLine">
<img class="recapIcon" src="../star.png"> <img class="recapIcon" src="../star.png">
<p>Vous avez <?php echo getAvisNonLus($mail); ?> avis non lus.</p> <p>Vous avez <?php echo getAvisNonLus($db, $mail); ?> avis non lus.</p>
</div> </div>
</div> </div>
<form id="choixFormeTestVoiture"> <form id="choixFormeTestVoiture">