flavien
/
PROJET-WEB_STRI1A
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Ajout commentaires

Browse Source
avisTrajet
remi.biette 5 years ago
parent a2ff64d3e1
commit 3a00f1bb99
7 changed files with 75 additions and 62 deletions
Show Stats Download Patch File Download Diff File

3
WEB/deposer_avis/deposer_avis.php
Unescape Escape View File

@ -1,5 +1,6 @@
<?php <?php
//Verifier qu'un avis n'a pas déja été envoyer avec le compte $mail pour le trajet $codetrajet
function checkAvis($db, $mail, $codetrajet) function checkAvis($db, $mail, $codetrajet)
{ {
$result = pg_query_params($db, "SELECT COUNT(*) FROM avis WHERE mailEmetteur = $1 AND codetrajet = $2;", array($mail, $codetrajet)); $result = pg_query_params($db, "SELECT COUNT(*) FROM avis WHERE mailEmetteur = $1 AND codetrajet = $2;", array($mail, $codetrajet));
@ -7,6 +8,7 @@ function checkAvis($db, $mail, $codetrajet)
return $row[0] == 0; return $row[0] == 0;
} }
//Verifier que le trajet à bien été fait par l'utilisateur $mail
function checkCodeTrajetAvis($db, $mail, $codetrajet) function checkCodeTrajetAvis($db, $mail, $codetrajet)
{ {
$result = pg_query_params($db, "SELECT COUNT(*) FROM trajet tr, reserver re WHERE tr.codetrajet = $1 AND tr.codetrajet = re.codetrajet AND re.mailutilisateur = $2;", array($codetrajet, $mail)); $result = pg_query_params($db, "SELECT COUNT(*) FROM trajet tr, reserver re WHERE tr.codetrajet = $1 AND tr.codetrajet = re.codetrajet AND re.mailutilisateur = $2;", array($codetrajet, $mail));
@ -30,6 +32,7 @@ if (isset($_POST['codetrajet']) && isset($_POST['avislaisse']) && isset($_POST['
$note = $_POST['note']; $note = $_POST['note'];
$codetrajet = intval($_POST['codetrajet']); $codetrajet = intval($_POST['codetrajet']);
$date = date('Y-m-d H:i:s'); $date = date('Y-m-d H:i:s');
//Verifier que l'utilisateur a bien participé au trajet et qu'il n'en a pas déjà poster un
if (checkAvis($db, $mail, $codetrajet) && checkCodeTrajetAvis($db, $mail, $codetrajet)) { if (checkAvis($db, $mail, $codetrajet) && checkCodeTrajetAvis($db, $mail, $codetrajet)) {
$requete = "INSERT INTO avis (mailemetteur, codetrajet, commentaire, dateavis, note, estlu) VALUES ($1,$2,$3,$4,$5, false);"; $requete = "INSERT INTO avis (mailemetteur, codetrajet, commentaire, dateavis, note, estlu) VALUES ($1,$2,$3,$4,$5, false);";
$envoi = pg_query_params($db, $requete, array($mail, $codetrajet, $avis, $date, $note)); $envoi = pg_query_params($db, $requete, array($mail, $codetrajet, $avis, $date, $note));

1
WEB/index.php
Unescape Escape View File

@ -8,6 +8,7 @@ if(!isset($_SESSION['mail'])){
$mail = strtolower(htmlentities(pg_escape_string ($_POST['mail_field']))); $mail = strtolower(htmlentities(pg_escape_string ($_POST['mail_field'])));
$password = htmlentities(pg_escape_string($_POST['password'])); $password = htmlentities(pg_escape_string($_POST['password']));
//Vérification des information d'authentification
$result = authentification($db, $mail, $password); $result = authentification($db, $mail, $password);
if($result) { if($result) {
$_SESSION['mail'] = $mail; $_SESSION['mail'] = $mail;

103
WEB/inscription/inscription.php
Unescape Escape View File

@ -3,61 +3,60 @@ session_start();
require_once('../connexionBD.php'); require_once('../connexionBD.php');
require_once('../ressources/user.php'); require_once('../ressources/user.php');
if (!isset($_SESSION['mail'])){ if (!isset($_SESSION['mail'])) {
if (isset($_POST['login']) || isset($_FILES['avatar'])){ if (isset($_POST['login']) || isset($_FILES['avatar'])) {
if (isset($_POST['login']) && isset($_POST['password']) && isset($_POST['confirmation']) && isset($_POST['prenom']) && isset($_POST['nom']) && isset($_POST['phone'])){ if (isset($_POST['login']) && isset($_POST['password']) && isset($_POST['confirmation']) && isset($_POST['prenom']) && isset($_POST['nom']) && isset($_POST['phone'])) {
$login = htmlentities(pg_escape_string($_POST['login'])); $login = htmlentities(pg_escape_string($_POST['login']));
$password = htmlentities(pg_escape_string($_POST['password'])); $password = htmlentities(pg_escape_string($_POST['password']));
$prenom = htmlentities(pg_escape_string($_POST['prenom'])); $prenom = htmlentities(pg_escape_string($_POST['prenom']));
$nom = htmlentities(pg_escape_string($_POST['nom'])); $nom = htmlentities(pg_escape_string($_POST['nom']));
$dateN = htmlentities(pg_escape_string($_POST['dateN'])); $dateN = htmlentities(pg_escape_string($_POST['dateN']));
$mail = strtolower(htmlentities(pg_escape_string($_POST['mail']))); $mail = strtolower(htmlentities(pg_escape_string($_POST['mail'])));
$phone = htmlentities(pg_escape_string($_POST['phone'])); $phone = htmlentities(pg_escape_string($_POST['phone']));
//Verifier que le format du mail est correct
if (!filter_var($mail, FILTER_VALIDATE_EMAIL)) {
header('Location: inscription.php?error=1');
exit();
} //Verifie qu'un compte n'a pas déjà été créé avec ce mail
elseif (!isMailUnique($db, $mail)) {
header('Location: inscription.php?error=2');
exit();
} //Verifie que le login entré est unique
elseif (!isLoginUnique($db, $login)) {
header('Location: inscription.php?error=3');
exit();
} else {
if (!filter_var($mail, FILTER_VALIDATE_EMAIL)){ if (isset($_FILES['avatar']) and !empty($_FILES['avatar']['name'])) {
header('Location: inscription.php?error=1'); $fic = $_FILES['avatar'];
exit(); //Charger l'avatar sur le serveur
} $res = uploadAvatar($mail, $fic);
elseif (!isMailUnique($db, $mail)){ switch ($res) {
header('Location: inscription.php?error=2'); case -1:
exit(); header('Location: inscription.php?error=4');
} exit();
elseif (!isLoginUnique($db, $login)){ case -2:
header('Location: inscription.php?error=3'); header('Location: inscription.php?error=5');
exit(); exit();
} case -3:
else { header('Location: inscription.php?error=6');
if (isset($_FILES['avatar']) and !empty($_FILES['avatar']['name'])) { exit();
$fic = $_FILES['avatar']; }
$res = uploadAvatar($mail, $fic); }
switch ($res){ $result = creerUtilisateur($db, $mail, $password, $prenom, $nom, $login, $phone, $dateN);
case -1: if ($result) {
header('Location: inscription.php?error=4'); header('Location: ../index.php');
exit(); exit();
case -2: } else {
header('Location: inscription.php?error=5'); header('Location: inscription.php?error=6');
exit(); exit();
case -3: }
header('Location: inscription.php?error=6'); }
exit();
} }
}
$result = creerUtilisateur($db, $mail, $password, $prenom, $nom, $login, $phone, $dateN);
if ($result) {
header('Location: ../index.php');
exit();
}
else{
header('Location: inscription.php?error=6');
exit();
}
} }
} } else {
} header('Location: ../tableauBord/tableauBord.php');
} exit();
else {
header('Location: ../tableauBord/tableauBord.php');
exit();
} }
?> ?>
<!DOCTYPE html> <!DOCTYPE html>

4
WEB/profil/profil.php
Unescape Escape View File

@ -58,7 +58,7 @@ if (isset($_POST['login']) || isset($_FILES['avatar'])){
$prenom = htmlentities(pg_escape_string($_POST['prenom'])); $prenom = htmlentities(pg_escape_string($_POST['prenom']));
$nom = htmlentities(pg_escape_string($_POST['nom'])); $nom = htmlentities(pg_escape_string($_POST['nom']));
$phone = htmlentities(pg_escape_string($_POST['phone'])); $phone = htmlentities(pg_escape_string($_POST['phone']));
//Si le login a change on le modifie
if (loginChange($user, $login)) { if (loginChange($user, $login)) {
if (!isLoginUniqueModifier($db, $mail, $login)) { if (!isLoginUniqueModifier($db, $mail, $login)) {
header('Location: profil.php?error=1'); header('Location: profil.php?error=1');
@ -75,7 +75,7 @@ if (isset($_POST['login']) || isset($_FILES['avatar'])){
header('Location: profil.php?error=2'); header('Location: profil.php?error=2');
exit(); exit();
} }
//Modifier l'utilisateur et afficher un message d'erreur si erreur
if (!modifierUtilisateur($db, $mail, $prenom, $nom, $password, $phone)) { if (!modifierUtilisateur($db, $mail, $prenom, $nom, $password, $phone)) {
header('Location: profil.php?error=6'); header('Location: profil.php?error=6');
exit(); exit();

14
WEB/recherche/recherche.js
Unescape Escape View File

@ -1,25 +1,23 @@
$(document).ready(function () { $(document).ready(function () {
//copy options //Copier les options
let options = $('#villeDepart option').clone(); let options = $('#villeDepart option').clone();
//react on keyup in textbox
$('#villeDepartText').keyup(function () { $('#villeDepartText').keyup(function () {
let val = $(this).val().toString().toLowerCase(); let val = $(this).val().toString().toLowerCase();
$('#villeDepart').empty(); $('#villeDepart').empty();
//take only the options containing your filter text or all if empty //Récuperer les option filtrées ou toutes les options si vide
options.filter(function (idx, el) { options.filter(function (idx, el) {
return val === '' || $(el).text().toLowerCase().indexOf(val) >= 0; return val === '' || $(el).text().toLowerCase().indexOf(val) >= 0;
}).appendTo('#villeDepart');//add it to list }).appendTo('#villeDepart');//ajouter à la liste
}); });
//copy options //Copier les options
let optionsArrive = $('#villeArrive option').clone(); let optionsArrive = $('#villeArrive option').clone();
//react on keyup in textbox
$('#villeArriveText').keyup(function () { $('#villeArriveText').keyup(function () {
let val = $(this).val().toString().toLowerCase(); let val = $(this).val().toString().toLowerCase();
$('#villeArrive').empty(); $('#villeArrive').empty();
//take only the options containing your filter text or all if empty //Récuperer les option filtrées ou toutes les options si vide
optionsArrive.filter(function (idx, el) { optionsArrive.filter(function (idx, el) {
return val === '' || $(el).text().toLowerCase().indexOf(val) >= 0; return val === '' || $(el).text().toLowerCase().indexOf(val) >= 0;
}).appendTo('#villeArrive');//add it to list }).appendTo('#villeArrive');//ajouter à la liste
}); });
}); });

7
WEB/ressources/trajet.php
Unescape Escape View File

@ -86,6 +86,7 @@ function checkVoiture($db, $mail, $matricule)
return !strcmp($matricule, $row[0]); return !strcmp($matricule, $row[0]);
} }
//Recuperer le nombre de trajets restant proposés par l'utilisateur $mail
function getTrajetsProposes($db, $mail) function getTrajetsProposes($db, $mail)
{ {
$result = pg_query_params($db, "SELECT COUNT(*) from Trajet WHERE mailProposition = $1 AND estAnnule = false AND datedepart >= $2;", array($mail, date('Y-m-d H:i:s'))); $result = pg_query_params($db, "SELECT COUNT(*) from Trajet WHERE mailProposition = $1 AND estAnnule = false AND datedepart >= $2;", array($mail, date('Y-m-d H:i:s')));
@ -96,6 +97,7 @@ function getTrajetsProposes($db, $mail)
return 0; return 0;
} }
//Recuperer le nombre de trajets restant reservés par l'utilisateur $mail
function getTrajetsReserves($db, $mail) function getTrajetsReserves($db, $mail)
{ {
$result = pg_query_params($db, "SELECT COUNT(*) FROM trajet tr, reserver re WHERE re.codetrajet = tr.codetrajet AND mailutilisateur = $1 AND tr.estannule = false AND re.estannule = false AND tr.datedepart >= $2;", array($mail, date('Y-m-d H:i:s'))); $result = pg_query_params($db, "SELECT COUNT(*) FROM trajet tr, reserver re WHERE re.codetrajet = tr.codetrajet AND mailutilisateur = $1 AND tr.estannule = false AND re.estannule = false AND tr.datedepart >= $2;", array($mail, date('Y-m-d H:i:s')));
@ -156,6 +158,7 @@ function afficherVilles($db)
} }
} }
//Récuperer la ville de départ du trajet $codetrajet
function getDepart($db, $codetajet) function getDepart($db, $codetajet)
{ {
$result = pg_query_params($db, "SELECT * FROM ville v, traverser tr WHERE tr.nomVille = v.nomVille AND tr.codepostal = v.codepostal AND tr.codetrajet = $1 AND tr.numeroetape = (SELECT MIN(numeroetape) FROM traverser WHERE codetrajet = $1);", array($codetajet)); $result = pg_query_params($db, "SELECT * FROM ville v, traverser tr WHERE tr.nomVille = v.nomVille AND tr.codepostal = v.codepostal AND tr.codetrajet = $1 AND tr.numeroetape = (SELECT MIN(numeroetape) FROM traverser WHERE codetrajet = $1);", array($codetajet));
@ -166,6 +169,7 @@ function getDepart($db, $codetajet)
return $return; return $return;
} }
//Récuperer la ville d'arrivée du trajet $codetrajet
function getFin($db, $codetajet) function getFin($db, $codetajet)
{ {
$result = pg_query_params($db, "SELECT * FROM ville v, traverser tr WHERE tr.nomVille = v.nomVille AND tr.codepostal = v.codepostal AND tr.codetrajet = $1 AND tr.numeroetape = (SELECT MAX(numeroetape) FROM traverser WHERE codetrajet = $1);", array($codetajet)); $result = pg_query_params($db, "SELECT * FROM ville v, traverser tr WHERE tr.nomVille = v.nomVille AND tr.codepostal = v.codepostal AND tr.codetrajet = $1 AND tr.numeroetape = (SELECT MAX(numeroetape) FROM traverser WHERE codetrajet = $1);", array($codetajet));
@ -176,11 +180,13 @@ function getFin($db, $codetajet)
return $return; return $return;
} }
//Annuler le trajet $codetrajet
function annulerTrajet($db, $codetrajet){ function annulerTrajet($db, $codetrajet){
$result = pg_query_params($db, "UPDATE Trajet SET estannule = true WHERE codetrajet = $1;", array($codetrajet)); $result = pg_query_params($db, "UPDATE Trajet SET estannule = true WHERE codetrajet = $1;", array($codetrajet));
return $result; return $result;
} }
//Annuler la reservation pour le tajet $codetrajet de l'utilisateur $mail
function annulerReservation($db, $mail,$codetrajet){ function annulerReservation($db, $mail,$codetrajet){
$result = pg_query_params($db, "DELETE FROM reserver WHERE codetrajet = $1 AND mailutilisateur = $2;", array($codetrajet, $mail)); $result = pg_query_params($db, "DELETE FROM reserver WHERE codetrajet = $1 AND mailutilisateur = $2;", array($codetrajet, $mail));
return $result; return $result;
@ -200,6 +206,7 @@ function getErrorDepotTrajet($code)
} }
} }
//Verifie l'existance d'un avis pour le trajet $codetrajet émit par l'utilisateur $mail
function avisExiste($db, $mail, $codetrajet){ function avisExiste($db, $mail, $codetrajet){
$result = pg_query_params($db, "SELECT COUNT(*) FROM Avis WHERE mailemetteur = $1 AND codetrajet = $2;", array($mail, $codetrajet)); $result = pg_query_params($db, "SELECT COUNT(*) FROM Avis WHERE mailemetteur = $1 AND codetrajet = $2;", array($mail, $codetrajet));
if(!$result){ if(!$result){

5
WEB/ressources/user.php
Unescape Escape View File

@ -111,6 +111,7 @@ function getLogin($db, $mail)
function getPathImgProfilTableau($mail) function getPathImgProfilTableau($mail)
{ {
//Récuperer le fichier contenant $mail dans son nom
$list = scandir("../imageProfil"); $list = scandir("../imageProfil");
foreach ($list as $entry) { foreach ($list as $entry) {
if (strpos($entry, $mail) !== false) { if (strpos($entry, $mail) !== false) {
@ -122,6 +123,7 @@ function getPathImgProfilTableau($mail)
function getPathImgProfil($mail) function getPathImgProfil($mail)
{ {
//Récuperer le fichier contenant $mail dans son nom
$list = scandir("../imageProfil"); $list = scandir("../imageProfil");
foreach ($list as $entry) { foreach ($list as $entry) {
if (strpos($entry, $mail) !== false) { if (strpos($entry, $mail) !== false) {
@ -133,6 +135,7 @@ function getPathImgProfil($mail)
function supprimerAvatar($mail) function supprimerAvatar($mail)
{ {
//Supprimer le fichier contenant $mail dans son nom
$list = scandir("../imageProfil"); $list = scandir("../imageProfil");
foreach ($list as $entry) { foreach ($list as $entry) {
if (strpos($entry, $mail) !== false) { if (strpos($entry, $mail) !== false) {
@ -188,6 +191,7 @@ function uploadAvatar($mail, $fic)
function deluser($db, $delmail) function deluser($db, $delmail)
{ {
//Remplacer le mail de l'utilisateur à supprimer par l'utilisateur utilisateur_supprime@local
$requete = "UPDATE trajet SET mailproposition = $1 WHERE mailproposition = $2;"; $requete = "UPDATE trajet SET mailproposition = $1 WHERE mailproposition = $2;";
$result1 = pg_query_params($db, $requete, array('utilisateur_supprime@local', $delmail)); $result1 = pg_query_params($db, $requete, array('utilisateur_supprime@local', $delmail));
$requete = "UPDATE reserver SET mailutilisateur = $1 WHERE mailutilisateur = $2;"; $requete = "UPDATE reserver SET mailutilisateur = $1 WHERE mailutilisateur = $2;";
@ -196,6 +200,7 @@ function deluser($db, $delmail)
$result3 = pg_query_params($db, $requete, array($delmail)); $result3 = pg_query_params($db, $requete, array($delmail));
$requete = "UPDATE voiture SET mail = $1 WHERE mail = $2;"; $requete = "UPDATE voiture SET mail = $1 WHERE mail = $2;";
$result4 = pg_query_params($db, $requete, array('utilisateur_supprime@local', $delmail)); $result4 = pg_query_params($db, $requete, array('utilisateur_supprime@local', $delmail));
//Supprimer l'utilisateur $mail
$requete = "DELETE FROM utilisateur WHERE mail = $1;"; $requete = "DELETE FROM utilisateur WHERE mail = $1;";
$result5 = pg_query_params($db, $requete, array($delmail)); $result5 = pg_query_params($db, $requete, array($delmail));
return $result1 && $result2 && $result3 && $result4 && $result5; return $result1 && $result2 && $result3 && $result4 && $result5;

Write Preview
Loading…
Cancel
Save