flavien
/
PROJET-WEB_STRI1A
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Modification agencement des fonctions et fichiers appelant la bd

Browse Source
admin
remi.biette 5 years ago
parent 31196609a4
commit a81a2169fe
4 changed files with 115 additions and 147 deletions
Show Stats Download Patch File Download Diff File

2
WEB/deconnexion.php
Unescape Escape View File

@ -1,6 +1,6 @@
<?php
require_once 'connectionBD.php';
require_once ('connexionBD.php');
session_start();

62
WEB/index.php
Unescape Escape View File

@ -1,7 +1,30 @@
<?php
require_once("connectionBD.php");
init();
require_once("connexionBD.php");
session_start();
if(!isset($_SESSION['mail'])){
if (isset($_POST['mail_field'])){
$mail = strtolower(htmlentities(pg_escape_string ($_POST['mail_field'])));
$password = htmlentities(pg_escape_string($_POST['password']));
$result = authentification($db, $mail, $password);
if($result) {
$_SESSION['mail'] = $mail;
header('Location: tableauBord/tableauBord.php');
exit();
}
else {
header('Location: index.php?error=1');
exit();
}
}
}
else{
header('Location: tableauBord/tableauBord.php');
exit();
}
function printError(){
if(isset($_GET['error'])){
@ -17,8 +40,7 @@ function getError($code){
}
}
function authentification($mail, $password){
global $db;
function authentification($db, $mail, $password){
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
if ($result){
$row = pg_fetch_array($result);
@ -27,38 +49,6 @@ function authentification($mail, $password){
return false;
}
function init(){
global $db;
session_start();
/*if(isset($_COOKIE['mail']) && isset($_COOKIE['password'])){
if (authentification($_COOKIE['mail'], $_COOKIE['mail'])){
$_SESSION['mail'] = $_COOKIE['mail'];
}
}*/
if(!isset($_SESSION['mail'])){
if (isset($_POST['mail_field'])){
$mail = strtolower(htmlentities(pg_escape_string ($_POST['mail_field'])));
$password = htmlentities(pg_escape_string($_POST['password']));
$result = authentification($mail, $password);
if($result) {
$_SESSION['mail'] = $mail;
header('Location: tableauBord/tableauBord.php');
exit();
}
else {
header('Location: index.php?error=1');
exit();
}
}
}
else{
header('Location: tableauBord/tableauBord.php');
exit();
}
}
?>
<!DOCTYPE html>
<html lang="fr">

131
WEB/inscription.php
Unescape Escape View File

@ -1,17 +1,58 @@
<?php
require_once ('connectionBD.php');
init();
require_once('connexionBD.php');
function printError(){
if(isset($_GET['error'])){
session_start();
if (!isset($_SESSION['mail'])) {
if ($_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST) && empty($_FILES) && $_SERVER['CONTENT_LENGTH'] > 0) {
echo "<p class='error'>PHP a ignoré les données POST à cause d'une requête dépassant post_max_size (" . ini_get('post_max_size') . ").</p>";
exit();
}
if (isset($_POST['mail_field'])) {
$login = htmlentities(pg_escape_string($_POST['login_field']));
$password = htmlentities(pg_escape_string($_POST['password']));
$prenom = htmlentities(pg_escape_string($_POST['prenom']));
$nom = htmlentities(pg_escape_string($_POST['nom']));
$dateN = htmlentities(pg_escape_string($_POST['dateN']));
$mail = strtolower(htmlentities(pg_escape_string($_POST['mail_field'])));
$phone = htmlentities(pg_escape_string($_POST['phone']));
if (!filter_var($mail, FILTER_VALIDATE_EMAIL)) {
header('Location: inscription.php?error=1');
exit();
} elseif (!isMailUnique($db, $mail)) {
header('Location: inscription.php?error=2');
exit();
} elseif (!isLoginUnique($db, $login)) {
header('Location: inscription.php?error=3');
exit();
} else {
uploadAvatar($mail);
$result = creerUtilisateur($db, $mail, $password, $prenom, $nom, $login, $phone, $dateN);
if ($result) {
header('Location: index.php');
} else {
header('Location: inscription.php?error=6');
}
}
}
} else {
header('Location: tableauBord/tableauBord.php');
}
function printError()
{
if (isset($_GET['error'])) {
$erreur = getError($_GET['error']);
echo "<p class = 'error'>$erreur</p>";
}
}
function getError($code){
switch ($code){
function getError($code)
{
switch ($code) {
case 1:
return "L'adresse mail est invalide.";
case 2:
@ -28,99 +69,51 @@ function getError($code){
}
}
function isMailUnique($mail){
global $db;
function isMailUnique($db, $mail)
{
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
if($result){
if ($result) {
$row = pg_fetch_array($result);
return (strcmp($row['mail'], $mail) != 0);
}
return false;
}
function isLoginUnique($login){
global $db;
function isLoginUnique($db, $login)
{
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE login = $1;", array($login));
if($result){
if ($result) {
$row = pg_fetch_array($result);
return (strcmp($row['login'], $login) != 0);
}
return false;
}
function creerUtilisateur($mail, $password, $prenom, $nom, $login, $phone, $dateN){
global $db;
function creerUtilisateur($db, $mail, $password, $prenom, $nom, $login, $phone, $dateN)
{
$result = pg_query_params($db, "INSERT INTO Utilisateur VALUES ($1, $2, $3, $4, $5, $6, to_date($7, 'YYYY/MM/DD'), false);", array($mail, $password, $prenom, $nom, $login, $phone, $dateN));
return $result;
}
function uploadAvatar($mail){
if(isset($_FILES['avatar']) and $_FILES['avatar']['name'] != "") {
function uploadAvatar($mail)
{
if (isset($_FILES['avatar']) and $_FILES['avatar']['name'] != "") {
$target_file = "imageProfil/$mail.png";
$file_tmp = $_FILES['avatar']['tmp_name'];
$extension = end(explode('.', $_FILES['avatar']['name']));
$check = getimagesize($file_tmp);
if($check === false or !in_array($extension, array('png'))) {
if ($check === false or !in_array($extension, array('png'))) {
header('Location: inscription.php?error=4');
exit();
}
else if ($_FILES['avatar']['size'] > 2 * 1024 * 1024){
} else if ($_FILES['avatar']['size'] > 2 * 1024 * 1024) {
header('Location: inscription.php?error=5');
exit();
}
else{
} else {
move_uploaded_file($file_tmp, $target_file);
}
}
}
function init(){
session_start();
if(!isset($_SESSION['mail'])){
if ($_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST) && empty($_FILES) && $_SERVER['CONTENT_LENGTH'] > 0 ){
echo "<p class='error'>PHP a ignoré les données POST à cause d'une requête dépassant post_max_size (".ini_get('post_max_size').").</p>";
exit();
}
if(isset($_POST['mail_field'])){
$login = htmlentities(pg_escape_string ($_POST['login_field']));
$password = htmlentities(pg_escape_string ($_POST['password']));
$prenom = htmlentities(pg_escape_string ($_POST['prenom']));
$nom = htmlentities(pg_escape_string ($_POST['nom']));
$dateN = htmlentities(pg_escape_string ($_POST['dateN']));
$mail = strtolower(htmlentities(pg_escape_string ($_POST['mail_field'])));
$phone = htmlentities(pg_escape_string ($_POST['phone']));
if(!filter_var($mail, FILTER_VALIDATE_EMAIL)){
header('Location: inscription.php?error=1');
exit();
}
elseif(!isMailUnique($mail)){
header('Location: inscription.php?error=2');
exit();
}
elseif(!isLoginUnique($login)){
header('Location: inscription.php?error=3');
exit();
}
else{
uploadAvatar($mail);
$result = creerUtilisateur($mail, $password, $prenom, $nom, $login, $phone, $dateN);
if($result){
header('Location: index.php');
}
else{
header('Location: inscription.php?error=6');
}
}
}
}
else{
header('Location: tableauBord/tableauBord.php');
}
}
?>
<!DOCTYPE html>
<html lang="fr">
@ -171,7 +164,7 @@ function init(){
<input type="file" id="avatar" class="form" name="avatar" accept="image/png">
</div>
<?php
printError();
printError();
?>
<input id="submit" class="button" type="submit" value="S'inscrire">
</form>

67
WEB/tableauBord/tableauBord.php
Unescape Escape View File

@ -3,9 +3,15 @@
include '../ressources/navbarHTML.php';
navbarHTML("Tableau de bord");
require_once ('../connectionBD.php');
$mail = null;
init();
require_once('../connexionBD.php');
session_start();
//Si on est pas connecté redirection vers la page de connexion
if(!isset($_SESSION['mail'])){
header('Location: ../index.php');
exit();
}
$mail = $_SESSION['mail'];
$matricule = isset($_POST['matricule']) ? $_POST['matricule'] : NULL; //recuperation valeur formulaire, isset pour eviter l'erreur "Notice: Undefined index"
$marque = isset($_POST['marque']) ? $_POST['marque'] : NULL;
@ -14,30 +20,16 @@ $nbplaces = isset($_POST['nbplaces']) ? $_POST['nbplaces'] : NULL;
$anneefab = isset($_POST['anneefab']) ? $_POST['anneefab'] : NULL;
if(isset($_POST['submitadd'])){
addVoiture($matricule, $marque, $modele, $nbplaces, $anneefab);
addVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab);
}
if(isset($_POST['submitchange'])){
changeVoiture($matricule, $marque, $modele, $nbplaces, $anneefab);
changeVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab);
}
if(isset($_POST['submitshow'])){
showVoiture();
}
function init(){
session_start();
global $mail;
//Si on est pas connecté redirection vers la page de connexion
if(!isset($_SESSION['mail'])){
header('Location: ../index.php');
exit();
}
else{
$mail = $_SESSION['mail'];
}
showVoiture($db);
}
function getPrenom($mail){
global $db;
function getPrenom($db, $mail){
$result = pg_query_params($db, "SELECT prenom from Utilisateur WHERE mail = $1;", array($mail));
if($result){
$row = pg_fetch_array($result);
@ -47,8 +39,7 @@ function getPrenom($mail){
return null;
}
function getLogin($mail){
global $db;
function getLogin($db, $mail){
$result = pg_query_params($db, "SELECT login from Utilisateur WHERE mail = $1;", array($mail));
if($result){
$row = pg_fetch_array($result);
@ -58,8 +49,7 @@ function getLogin($mail){
return null;
}
function getTrajetsProposes($mail){
global $db;
function getTrajetsProposes($db, $mail){
$result = pg_query_params($db, "SELECT COUNT(*) from Trajet WHERE mailProposition = $1 AND estAnnule = false AND datedepart >= current_date;", array($mail));
if($result){
$row = pg_fetch_array($result);
@ -68,8 +58,7 @@ function getTrajetsProposes($mail){
return 0;
}
function getTrajetsReserves($mail){
global $db;
function getTrajetsReserves($db, $mail){
$result = pg_query_params($db, "SELECT COUNT(*) FROM trajet tr, reserver r WHERE r.codetrajet = tr.codetrajet AND mailutilisateur = $1 AND etatres != 'Annulée' AND estAnnule = false AND datedepart >= current_date;", array($mail));
if($result){
$row = pg_fetch_array($result);
@ -78,8 +67,7 @@ function getTrajetsReserves($mail){
return 0;
}
function getMessagesNonLus($mail){
global $db;
function getMessagesNonLus($db, $mail){
$result = pg_query_params($db, "SELECT COUNT(*) from Message WHERE mailRecepteur = $1 AND estLu = FALSE;", array($mail));
if($result){
$row = pg_fetch_array($result);
@ -88,7 +76,7 @@ function getMessagesNonLus($mail){
}
}
function getAvisNonLus($mail){
function getAvisNonLus($db, $mail){
global $db;
$result = pg_query_params($db, "SELECT COUNT(tr.mailProposition) FROM Trajet tr, Avis av WHERE tr.codeTrajet = av.codeTrajet AND av.estLu = false AND tr.mailProposition = $1;", array($mail));
if($result){
@ -105,21 +93,18 @@ function getPathImgProfil($mail){
return "../imageProfil/default.svg";
}
function addVoiture($matricule, $marque, $modele, $nbplaces, $anneefab){
global $db;
function addVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
$requete = "INSERT INTO public.voiture (matricule, marque, modele, nbplaces, anneefab, mail) VALUES ('".$matricule."','".$marque."','".$modele."','".$nbplaces."','".$anneefab."','".$_SESSION['mail']."');";
pg_query($db, $requete);
}
function changeVoiture($matricule, $marque, $modele, $nbplaces, $anneefab){
global $db;
function changeVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
$requete = "UPDATE public.voiture SET (matricule, marque, modele, nbplaces, anneefab) = ('".$matricule."','".$marque."','".$modele."','".$nbplaces."','".$anneefab."') WHERE mail = '".$_SESSION['mail']."';";
echo "requete =".$requete;
pg_query($db, $requete);
}
function showVoiture(){
global $db;
function showVoiture($db){
$requete = "SELECT * FROM public.voiture WHERE voiture.mail = '".$_SESSION['mail']."';";
if($donnees = pg_query($db, $requete)){
while($res = pg_fetch_assoc($donnees)){
@ -142,7 +127,7 @@ function showVoiture(){
</script>
<div id="content">
<div id="tableauBord">
<h1>Bienvenue <?php echo getLogin($mail); ?></h1>
<h1>Bienvenue <?php echo getLogin($db, $mail); ?></h1>
<div id="divImgProfil">
<img id="imgProfil" src="<?php echo getPathImgProfil($mail); ?>">
</div>
@ -153,19 +138,19 @@ function showVoiture(){
<div id="recap">
<div class="recapLine">
<img class="recapIcon" src="../car.png">
<p>Vous avez <?php echo getTrajetsProposes($mail); ?> trajets proposés à effectuer.</p>
<p>Vous avez <?php echo getTrajetsProposes($db, $mail); ?> trajets proposés à effectuer.</p>
</div>
<div class="recapLine">
<img class="recapIcon" src="../car.png">
<p>Vous avez <?php echo getTrajetsReserves($mail); ?> trajets réservés à effectuer.</p>
<p>Vous avez <?php echo getTrajetsReserves($db, $mail); ?> trajets réservés à effectuer.</p>
</div>
<div class="recapLine">
<img class="recapIcon" src="../mail.svg">
<p>Vous avez <?php echo getMessagesNonLus($mail); ?> messages non lus.</p>
<p>Vous avez <?php echo getMessagesNonLus($db, $mail); ?> messages non lus.</p>
</div>
<div class="recapLine">
<img class="recapIcon" src="../star.png">
<p>Vous avez <?php echo getAvisNonLus($mail); ?> avis non lus.</p>
<p>Vous avez <?php echo getAvisNonLus($db, $mail); ?> avis non lus.</p>
</div>
</div>
<form id="choixFormeTestVoiture">

Write Preview
Loading…
Cancel
Save