You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
PROJET-WEB_STRI1A/WEB/profil.php

218 lines
7.3 KiB
PHP

<?php
require_once('connexionBD.php');
session_start();
if (!isset($_SESSION['mail'])) {
header('Location: index.php');
exit();
}
$mail = $_SESSION['mail'];
if (isset($_POST['login_field']) || isset($_FILES['avatar'])) {
if (isset($_FILES['avatar']) and $_FILES['avatar']['name'] != "") {
$fic = $_FILES['avatar'];
supprimerAvatar($mail);
uploadAvatar($mail, $fic);
}
if (isset($_POST['login_field']) && isset($_POST['password']) && isset($_POST['confirmation']) && isset($_POST['prenom']) && isset($_POST['nom']) && isset($_POST['phone'])) {
$login = htmlentities(pg_escape_string($_POST['login_field']));
$password = htmlentities(pg_escape_string($_POST['password']));
$confirmation = htmlentities(pg_escape_string($_POST['confirmation']));
$prenom = htmlentities(pg_escape_string($_POST['prenom']));
$nom = htmlentities(pg_escape_string($_POST['nom']));
$phone = htmlentities(pg_escape_string($_POST['phone']));
if (!isLoginUniqueModifier($db, $mail, $login)) {
header('Location: profil.php?error=1');
exit();
}
if (strcmp($password, $confirmation) != 0) {
header('Location: profil.php?error=2');
exit();
}
if (!modifierUtilisateur($db, $prenom, $nom, $login, $phone)) {
header('Location: profil.php?error=6');
exit();
}
}
header('Location: profil.php');
exit();
}
$user = getUser($db, $_SESSION['mail']);
if (!$user) {
header('Location: profil.php?error=3');
exit();
}
function getPathImgProfil($mail)
{
$protocol = "https";
if (!isset($_SERVER['HTTPS_HOST'])) {
$protocol = "http";
}
$list = scandir($_SERVER['DOCUMENT_ROOT'] . "/imageProfil");
foreach ($list as $entry) {
if (strpos($entry, $mail) !== false) {
return "$protocol://" . $_SERVER['HTTP_HOST'] . "/imageProfil/$entry";
}
}
return "$protocol://" . $_SERVER['HTTP_HOST'] . "/imageProfil/default.svg";
}
function supprimerAvatar($mail)
{
$list = scandir($_SERVER['DOCUMENT_ROOT'] . "/imageProfil");
foreach ($list as $entry) {
if (strpos($entry, $mail) !== false) {
unlink($_SERVER['DOCUMENT_ROOT'] . "/imageProfil/$entry");
}
}
}
function uploadAvatar($mail, $fic)
{
$tmp = explode('.', $fic['name']);
$extension = end($tmp);
$target_file = "imageProfil/$mail.$extension";
$file_tmp = $fic['tmp_name'];
$check = getimagesize($file_tmp);
if ($check === false or !in_array($extension, array('png', 'jpg', 'jpeg', 'pjpeg', 'jfif', 'pjp'))) {
header('Location: inscription.php?error=4');
exit();
} else if ($fic['size'] > 2 * 1024 * 1024) {
header('Location: inscription.php?error=5');
exit();
} else {
move_uploaded_file($file_tmp, $target_file);
}
}
function modifierUtilisateur($db, $prenom, $nom, $login, $phone)
{
$result = pg_query_params($db, "UPDATE Utilisateur SET prenom = $1, nom = $2, login = $3, telephone = $4;", array($prenom, $nom, $login, $phone));
return $result;
}
function getUser($db, $mail)
{
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
return pg_fetch_array($result);
}
function printError()
{
if (isset($_GET['error'])) {
$erreur = getErrorProfil($_GET['error']);
echo "<p class = 'error'>$erreur</p>";
}
}
function isLoginUniqueModifier($db, $mail, $login)
{
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE login = $1 AND mail != $2;", array($login, $mail));
if ($result) {
$row = pg_fetch_array($result);
return (strcmp($row['login'], $login) != 0);
}
return false;
}
function getErrorProfil($code)
{
switch ($code) {
case 1:
return "Ce login est déjà associé à un compte.";
case 2:
return "Les mots de passe ne correspondent pas.";
case 3:
return "Erreur lors de la récupération des informations de profil.";
case 4:
return "Le fichier envoyé doit être une image au format PNG ou JPEG.";
case 5:
return "La taille de l'image ne doit pas dépasser 2 MB.";
case 6:
return "Erreur lors de la modification du compte.";
}
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="profil.css">
<link rel="stylesheet" href="ressources/navbarhtml.css">
<link rel="stylesheet" href="index_inscription.css">
<script src="inscription.js"></script>
<title>Profil</title>
</head>
<body>
<?php require_once("ressources/navbarhtml.php"); ?>
<div id="formulaire">
<h1>Profil</h1>
<div id="divImgProfil">
<img id="imgProfil" src="<?php echo getPathImgProfil($mail); ?>">
</div>
<form method="post" enctype="multipart/form-data" action="profil.php">
<div class="line">
<label for="mail_field">Adresse mail : </label>
<input id="mail_field" class="form" type="email" maxlength="100" readonly
value="<?php echo $user['mail']; ?>">
</div>
<div class="line">
<label for="login_field">Login : </label>
<input id="login_field" class="form" name="login_field" type="text" maxlength="50"
value="<?php echo $user['login']; ?>" required>
</div>
<div class="line">
<label for="password">Mot de passe : </label>
<input class="form" id="password" name="password" type="password" maxlength="50"
value="<?php echo $user['passwd']; ?>" required>
</div>
<div class="line">
<label for="confirmation">Confirmation : </label>
<input class="form" id="confirmation" name="confirmation" type="password" maxlength="16"
value="<?php echo $user['passwd']; ?>" required>
</div>
<div class="line">
<label for="prenom_field">Prénom : </label>
<input id="prenom_field" class="form" name="prenom" type="text" maxlength="50"
value="<?php echo $user['prenom']; ?>" required>
</div>
<div class="line">
<label for="nom_field">Nom : </label>
<input id="nom_field" class="form" name="nom" type="text" maxlength="50" value="<?php echo $user['nom']; ?>"
required>
</div>
<div class="line">
<label for="dateN_field">Date de naissance : </label>
<input id="dateN_field" class="form" readonly="readonly" type="date"
value="<?php echo $user['datenaissance']; ?>" required>
</div>
<div class="line">
<label for="phone_field">Numéro de téléphone : </label>
<input id="phone_field" class="form" name="phone" type="tel" pattern="[0-9]{10}" maxlength="10"
value="<?php echo $user['telephone']; ?>" required>
</div>
<div class="line">
<label for="avatar">Image du Profil :</label>
<input type="file" id="avatar" class="form" name="avatar" accept="image/png, image/jpeg">
</div>
<?php
printError();
?>
<input id="submit" class="button" type="submit" value="Modifier">
</form>
</div>
</body>
</html>