From a81a2169fe13097d1a875cdf60999cbebee8e63c Mon Sep 17 00:00:00 2001
From: "remi.biette" <remi.biette98@outlook.fr>
Date: Fri, 10 May 2019 10:23:27 +0200
Subject: [PATCH] Modification agencement des fonctions et fichiers appelant la
 bd

---
 WEB/deconnexion.php             |   2 +-
 WEB/index.php                   |  62 +++++++--------
 WEB/inscription.php             | 131 +++++++++++++++-----------------
 WEB/tableauBord/tableauBord.php |  67 +++++++---------
 4 files changed, 115 insertions(+), 147 deletions(-)

diff --git a/WEB/deconnexion.php b/WEB/deconnexion.php
index 02d7c42..3941d16 100644
--- a/WEB/deconnexion.php
+++ b/WEB/deconnexion.php
@@ -1,6 +1,6 @@
 <?php
 
-require_once 'connectionBD.php';
+require_once ('connexionBD.php');
 
 session_start();
 
diff --git a/WEB/index.php b/WEB/index.php
index 3958a8c..8e0bbe6 100644
--- a/WEB/index.php
+++ b/WEB/index.php
@@ -1,7 +1,30 @@
 <?php
 
-require_once("connectionBD.php");
-init();
+require_once("connexionBD.php");
+
+session_start();
+
+if(!isset($_SESSION['mail'])){
+    if (isset($_POST['mail_field'])){
+
+        $mail = strtolower(htmlentities(pg_escape_string ($_POST['mail_field'])));
+        $password = htmlentities(pg_escape_string($_POST['password']));
+        $result = authentification($db, $mail, $password);
+        if($result) {
+            $_SESSION['mail'] = $mail;
+            header('Location: tableauBord/tableauBord.php');
+            exit();
+        }
+        else {
+            header('Location: index.php?error=1');
+            exit();
+        }
+    }
+}
+else{
+    header('Location: tableauBord/tableauBord.php');
+    exit();
+}
 
 function printError(){
     if(isset($_GET['error'])){
@@ -17,8 +40,7 @@ function getError($code){
     }
 }
 
-function authentification($mail, $password){
-    global $db;
+function authentification($db, $mail, $password){
     $result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
     if ($result){
         $row = pg_fetch_array($result);
@@ -27,38 +49,6 @@ function authentification($mail, $password){
     return false;
 }
 
-function init(){
-    global $db;
-    session_start();
-
-    /*if(isset($_COOKIE['mail']) && isset($_COOKIE['password'])){
-        if (authentification($_COOKIE['mail'], $_COOKIE['mail'])){
-            $_SESSION['mail'] = $_COOKIE['mail'];
-        }
-    }*/
-    if(!isset($_SESSION['mail'])){
-        if (isset($_POST['mail_field'])){
-
-            $mail = strtolower(htmlentities(pg_escape_string ($_POST['mail_field'])));
-            $password = htmlentities(pg_escape_string($_POST['password']));
-            $result = authentification($mail, $password);
-            if($result) {
-                $_SESSION['mail'] = $mail;
-                header('Location: tableauBord/tableauBord.php');
-                exit();
-            }
-            else {
-                header('Location: index.php?error=1');
-                exit();
-            }
-        }
-    }
-    else{
-        header('Location: tableauBord/tableauBord.php');
-        exit();
-    }
-}
-
 ?>
 <!DOCTYPE html>
 <html lang="fr">
diff --git a/WEB/inscription.php b/WEB/inscription.php
index e0a58dd..2bdf50f 100644
--- a/WEB/inscription.php
+++ b/WEB/inscription.php
@@ -1,17 +1,58 @@
 <?php
 
-require_once ('connectionBD.php');
-init();
+require_once('connexionBD.php');
 
-function printError(){
-    if(isset($_GET['error'])){
+session_start();
+
+if (!isset($_SESSION['mail'])) {
+    if ($_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST) && empty($_FILES) && $_SERVER['CONTENT_LENGTH'] > 0) {
+        echo "<p class='error'>PHP a ignoré les données POST à ​​cause d'une requête dépassant post_max_size (" . ini_get('post_max_size') . ").</p>";
+        exit();
+    }
+    if (isset($_POST['mail_field'])) {
+        $login = htmlentities(pg_escape_string($_POST['login_field']));
+        $password = htmlentities(pg_escape_string($_POST['password']));
+        $prenom = htmlentities(pg_escape_string($_POST['prenom']));
+        $nom = htmlentities(pg_escape_string($_POST['nom']));
+        $dateN = htmlentities(pg_escape_string($_POST['dateN']));
+        $mail = strtolower(htmlentities(pg_escape_string($_POST['mail_field'])));
+        $phone = htmlentities(pg_escape_string($_POST['phone']));
+
+        if (!filter_var($mail, FILTER_VALIDATE_EMAIL)) {
+            header('Location: inscription.php?error=1');
+            exit();
+        } elseif (!isMailUnique($db, $mail)) {
+            header('Location: inscription.php?error=2');
+            exit();
+        } elseif (!isLoginUnique($db, $login)) {
+            header('Location: inscription.php?error=3');
+            exit();
+        } else {
+            uploadAvatar($mail);
+            $result = creerUtilisateur($db, $mail, $password, $prenom, $nom, $login, $phone, $dateN);
+            if ($result) {
+                header('Location: index.php');
+            } else {
+                header('Location: inscription.php?error=6');
+            }
+        }
+
+    }
+} else {
+    header('Location: tableauBord/tableauBord.php');
+}
+
+function printError()
+{
+    if (isset($_GET['error'])) {
         $erreur = getError($_GET['error']);
         echo "<p class = 'error'>$erreur</p>";
     }
 }
 
-function getError($code){
-    switch ($code){
+function getError($code)
+{
+    switch ($code) {
         case 1:
             return "L'adresse mail est invalide.";
         case 2:
@@ -28,99 +69,51 @@ function getError($code){
     }
 }
 
-function isMailUnique($mail){
-    global $db;
+function isMailUnique($db, $mail)
+{
     $result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
-    if($result){
+    if ($result) {
         $row = pg_fetch_array($result);
         return (strcmp($row['mail'], $mail) != 0);
     }
     return false;
 }
 
-function isLoginUnique($login){
-    global $db;
+function isLoginUnique($db, $login)
+{
     $result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE login = $1;", array($login));
-    if($result){
+    if ($result) {
         $row = pg_fetch_array($result);
         return (strcmp($row['login'], $login) != 0);
     }
     return false;
 }
 
-function creerUtilisateur($mail, $password, $prenom, $nom, $login, $phone, $dateN){
-    global $db;
+function creerUtilisateur($db, $mail, $password, $prenom, $nom, $login, $phone, $dateN)
+{
     $result = pg_query_params($db, "INSERT INTO Utilisateur VALUES ($1, $2, $3, $4, $5, $6, to_date($7, 'YYYY/MM/DD'), false);", array($mail, $password, $prenom, $nom, $login, $phone, $dateN));
     return $result;
 }
 
-function uploadAvatar($mail){
-    if(isset($_FILES['avatar']) and $_FILES['avatar']['name'] != "") {
+function uploadAvatar($mail)
+{
+    if (isset($_FILES['avatar']) and $_FILES['avatar']['name'] != "") {
         $target_file = "imageProfil/$mail.png";
         $file_tmp = $_FILES['avatar']['tmp_name'];
         $extension = end(explode('.', $_FILES['avatar']['name']));
         $check = getimagesize($file_tmp);
-        if($check === false or !in_array($extension, array('png'))) {
+        if ($check === false or !in_array($extension, array('png'))) {
             header('Location: inscription.php?error=4');
             exit();
-        }
-        else if ($_FILES['avatar']['size'] > 2 * 1024 * 1024){
+        } else if ($_FILES['avatar']['size'] > 2 * 1024 * 1024) {
             header('Location: inscription.php?error=5');
             exit();
-        }
-        else{
+        } else {
             move_uploaded_file($file_tmp, $target_file);
         }
     }
 }
 
-
-function init(){
-    session_start();
-    if(!isset($_SESSION['mail'])){
-        if ($_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST) && empty($_FILES) && $_SERVER['CONTENT_LENGTH'] > 0 ){
-            echo "<p class='error'>PHP a ignoré les données POST à ​​cause d'une requête dépassant post_max_size (".ini_get('post_max_size').").</p>";
-            exit();
-        }
-        if(isset($_POST['mail_field'])){
-            $login = htmlentities(pg_escape_string ($_POST['login_field']));
-            $password = htmlentities(pg_escape_string ($_POST['password']));
-            $prenom = htmlentities(pg_escape_string ($_POST['prenom']));
-            $nom = htmlentities(pg_escape_string ($_POST['nom']));
-            $dateN = htmlentities(pg_escape_string ($_POST['dateN']));
-            $mail = strtolower(htmlentities(pg_escape_string ($_POST['mail_field'])));
-            $phone = htmlentities(pg_escape_string ($_POST['phone']));
-
-            if(!filter_var($mail, FILTER_VALIDATE_EMAIL)){
-                header('Location: inscription.php?error=1');
-                exit();
-            }
-            elseif(!isMailUnique($mail)){
-                header('Location: inscription.php?error=2');
-                exit();
-            }
-            elseif(!isLoginUnique($login)){
-                header('Location: inscription.php?error=3');
-                exit();
-            }
-            else{
-                uploadAvatar($mail);
-                $result = creerUtilisateur($mail, $password, $prenom, $nom, $login, $phone, $dateN);
-                if($result){
-                    header('Location: index.php');
-                }
-                else{
-                    header('Location: inscription.php?error=6');
-                }
-            }
-
-        }
-    }
-    else{
-        header('Location: tableauBord/tableauBord.php');
-    }
-}
-
 ?>
 <!DOCTYPE html>
 <html lang="fr">
@@ -171,7 +164,7 @@ function init(){
             <input type="file" id="avatar" class="form" name="avatar" accept="image/png">
         </div>
         <?php
-            printError();
+        printError();
         ?>
         <input id="submit" class="button" type="submit" value="S'inscrire">
     </form>
diff --git a/WEB/tableauBord/tableauBord.php b/WEB/tableauBord/tableauBord.php
index 541fee7..138707c 100644
--- a/WEB/tableauBord/tableauBord.php
+++ b/WEB/tableauBord/tableauBord.php
@@ -3,9 +3,15 @@
 include '../ressources/navbarHTML.php';
 navbarHTML("Tableau de bord");
 
-require_once ('../connectionBD.php');
-$mail = null;
-init();
+require_once('../connexionBD.php');
+session_start();
+
+//Si on est pas connecté redirection vers la page de connexion
+if(!isset($_SESSION['mail'])){
+    header('Location: ../index.php');
+    exit();
+}
+$mail = $_SESSION['mail'];
 
 $matricule = isset($_POST['matricule']) ? $_POST['matricule'] : NULL; //recuperation valeur formulaire, isset pour eviter l'erreur "Notice: Undefined index"
 $marque = isset($_POST['marque']) ? $_POST['marque'] : NULL;
@@ -14,30 +20,16 @@ $nbplaces = isset($_POST['nbplaces']) ? $_POST['nbplaces'] : NULL;
 $anneefab = isset($_POST['anneefab']) ? $_POST['anneefab'] : NULL;
 
 if(isset($_POST['submitadd'])){
-  addVoiture($matricule, $marque, $modele, $nbplaces, $anneefab);
+  addVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab);
 }
 if(isset($_POST['submitchange'])){
-  changeVoiture($matricule, $marque, $modele, $nbplaces, $anneefab);
+  changeVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab);
 }
 if(isset($_POST['submitshow'])){
-  showVoiture();
-}
-
-function init(){
-  session_start();
-  global $mail;
-  //Si on est pas connecté redirection vers la page de connexion
-  if(!isset($_SESSION['mail'])){
-    header('Location: ../index.php');
-    exit();
-  }
-  else{
-    $mail = $_SESSION['mail'];
-  }
+  showVoiture($db);
 }
 
-function getPrenom($mail){
-  global $db;
+function getPrenom($db, $mail){
   $result = pg_query_params($db, "SELECT prenom from Utilisateur WHERE mail = $1;", array($mail));
   if($result){
     $row = pg_fetch_array($result);
@@ -47,8 +39,7 @@ function getPrenom($mail){
   return null;
 }
 
-function getLogin($mail){
-  global $db;
+function getLogin($db, $mail){
   $result = pg_query_params($db, "SELECT login from Utilisateur WHERE mail = $1;", array($mail));
   if($result){
     $row = pg_fetch_array($result);
@@ -58,8 +49,7 @@ function getLogin($mail){
   return null;
 }
 
-function getTrajetsProposes($mail){
-  global $db;
+function getTrajetsProposes($db, $mail){
   $result = pg_query_params($db, "SELECT COUNT(*) from Trajet WHERE mailProposition = $1 AND estAnnule = false AND datedepart >= current_date;", array($mail));
   if($result){
     $row = pg_fetch_array($result);
@@ -68,8 +58,7 @@ function getTrajetsProposes($mail){
   return 0;
 }
 
-function getTrajetsReserves($mail){
-  global $db;
+function getTrajetsReserves($db, $mail){
   $result = pg_query_params($db, "SELECT COUNT(*) FROM trajet tr, reserver r WHERE r.codetrajet = tr.codetrajet AND mailutilisateur = $1 AND etatres != 'Annulée' AND estAnnule = false AND datedepart >= current_date;", array($mail));
   if($result){
     $row = pg_fetch_array($result);
@@ -78,8 +67,7 @@ function getTrajetsReserves($mail){
   return 0;
 }
 
-function getMessagesNonLus($mail){
-  global $db;
+function getMessagesNonLus($db, $mail){
   $result = pg_query_params($db, "SELECT COUNT(*) from Message WHERE mailRecepteur = $1 AND estLu = FALSE;", array($mail));
   if($result){
     $row = pg_fetch_array($result);
@@ -88,7 +76,7 @@ function getMessagesNonLus($mail){
   }
 }
 
-function getAvisNonLus($mail){
+function getAvisNonLus($db, $mail){
   global $db;
   $result = pg_query_params($db, "SELECT COUNT(tr.mailProposition) FROM Trajet tr, Avis av WHERE tr.codeTrajet = av.codeTrajet AND av.estLu = false AND tr.mailProposition = $1;", array($mail));
   if($result){
@@ -105,21 +93,18 @@ function getPathImgProfil($mail){
   return "../imageProfil/default.svg";
 }
 
-function addVoiture($matricule, $marque, $modele, $nbplaces, $anneefab){
-  global $db;
+function addVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
   $requete = "INSERT INTO public.voiture (matricule, marque, modele, nbplaces, anneefab, mail) VALUES ('".$matricule."','".$marque."','".$modele."','".$nbplaces."','".$anneefab."','".$_SESSION['mail']."');";
   pg_query($db, $requete);
 }
 
-function changeVoiture($matricule, $marque, $modele, $nbplaces, $anneefab){
-  global $db;
+function changeVoiture($db, $matricule, $marque, $modele, $nbplaces, $anneefab){
   $requete = "UPDATE public.voiture SET (matricule, marque, modele, nbplaces, anneefab) = ('".$matricule."','".$marque."','".$modele."','".$nbplaces."','".$anneefab."') WHERE mail = '".$_SESSION['mail']."';";
   echo "requete =".$requete;
   pg_query($db, $requete);
 }
 
-function showVoiture(){
-  global $db;
+function showVoiture($db){
   $requete = "SELECT * FROM public.voiture WHERE voiture.mail = '".$_SESSION['mail']."';";
   if($donnees = pg_query($db, $requete)){
     while($res = pg_fetch_assoc($donnees)){
@@ -142,7 +127,7 @@ function showVoiture(){
   </script>
   <div id="content">
     <div id="tableauBord">
-      <h1>Bienvenue <?php echo getLogin($mail); ?></h1>
+      <h1>Bienvenue <?php echo getLogin($db, $mail); ?></h1>
       <div id="divImgProfil">
         <img id="imgProfil" src="<?php echo getPathImgProfil($mail); ?>">
       </div>
@@ -153,19 +138,19 @@ function showVoiture(){
       <div id="recap">
         <div class="recapLine">
           <img class="recapIcon" src="../car.png">
-          <p>Vous avez <?php echo getTrajetsProposes($mail); ?> trajets proposés à effectuer.</p>
+          <p>Vous avez <?php echo getTrajetsProposes($db, $mail); ?> trajets proposés à effectuer.</p>
         </div>
         <div class="recapLine">
           <img class="recapIcon" src="../car.png">
-          <p>Vous avez <?php echo getTrajetsReserves($mail); ?> trajets réservés à effectuer.</p>
+          <p>Vous avez <?php echo getTrajetsReserves($db, $mail); ?> trajets réservés à effectuer.</p>
         </div>
         <div class="recapLine">
           <img class="recapIcon" src="../mail.svg">
-          <p>Vous avez <?php echo getMessagesNonLus($mail); ?> messages non lus.</p>
+          <p>Vous avez <?php echo getMessagesNonLus($db, $mail); ?> messages non lus.</p>
         </div>
         <div class="recapLine">
           <img class="recapIcon" src="../star.png">
-          <p>Vous avez <?php echo getAvisNonLus($mail); ?> avis non lus.</p>
+          <p>Vous avez <?php echo getAvisNonLus($db, $mail); ?> avis non lus.</p>
         </div>
       </div>
       <form id="choixFormeTestVoiture">