🔧 ajout d'une ébauche de panel admin et de possibilité de modifier les informations du compte.

Modification des header&footer pour afficher le panel admin si connecté en tant qu'ADM
This commit is contained in:
Loris BALOCCHI 2024-06-11 10:56:40 +02:00
parent 8d66d324bc
commit b4a541eb8c
11 changed files with 254 additions and 28 deletions

View File

@ -1,6 +1,6 @@
MIT License MIT License
Copyright (c) 2024 balocchi Copyright (c) 2024 Juliette CHARPENTIER & Loris BALOCCHI
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

View File

@ -1,3 +1,17 @@
<?php
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
session_start();
if (isset($_COOKIE['userData'])) {
header("Location: /account/profile");
}
?>
<!DOCTYPE html> <!DOCTYPE html>
<html lang="fr"> <html lang="fr">

View File

@ -15,7 +15,6 @@ if (isset($_COOKIE['userData'])) {
$familyName = $userData['familyName']; $familyName = $userData['familyName'];
$role = $userData['role']; $role = $userData['role'];
} else { } else {
echo "Cookie 'userData' non trouvé.";
header("Location: /account/login"); header("Location: /account/login");
} }
?> ?>
@ -44,18 +43,35 @@ if (isset($_COOKIE['userData'])) {
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/header.php') ?> <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/header.php') ?>
<h1>Mon profil :</h1> <h1>Mon profil :</h1>
<?php
echo "<p class='text'>Email : " . $userData['email'] . "</p>";
echo "<p class='text'>Prénom : " . $userData['name'] . "</p>";
echo "<p class='text'>Nom : " . $userData['familyName'] . "</p>";
echo "<p class='text'>Rôle : " . $userData['role'] . "</p>";
<div class="login-container" style="margin-top: 1rem;">
<img src="https://cdn-icons-png.flaticon.com/512/4139/4139948.png" alt="Avatar">
<h2>Mettre à jour mes informations</h2>
<p>Modifiez les informations de votre profil.</p>
<form action="/tools/updater.php" method="post">
<div class="form-group">
<label for="name"><span style="color:red;"><abbr title="Requis">*</abbr></span> Prénom</label>
<input type="text" id="name" name="name" value="<?php echo $name ?>">
</div>
<div class="form-group">
<label for="family_name"><span style="color:red;"><abbr title="Requis">*</abbr></span> Nom</label>
<input type="text" id="family_name" name="family_name" value="<?php echo $familyName ?>">
</div>
<div class="form-group">
<label for="email"><span style="color:red;"><abbr title="Requis">*</abbr></span> Adresse mail</label>
<input type="email" id="email" name="email" value="<?php echo $email ?>">
</div>
<div class="form-group">
<label for="password"><span style="color:red;"><abbr title="Requis">*</abbr></span> Mot de passe</label>
<input type="password" id="password" name="password" required placeholder="••••••••" placeholder=" ">
</div>
?> <button type="submit" class="submit-button"><i class="fas fa-sign-in-alt"></i>
<form action="/tools/logout.php" method="post"> Mettre à jour mes informations</i></button>
<button type="submit">Déconnexion</button>
</form> </form>
</div>
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?> <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?>
</body> </body>

View File

@ -1,3 +1,16 @@
<?php
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
session_start();
if (isset($_COOKIE['userData'])) {
header("Location: /account/profile");
}
?>
<!DOCTYPE html> <!DOCTYPE html>
<html lang="fr"> <html lang="fr">

View File

@ -96,7 +96,10 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
echo "<p class='text'>Mot de passe : " . $password . "</p>"; echo "<p class='text'>Mot de passe : " . $password . "</p>";
echo "<p class='text'>Mot de passe hashé : " . $hashedPassword . "</p>"; echo "<p class='text'>Mot de passe hashé : " . $hashedPassword . "</p>";
echo "<p class='text'>Rôle : " . $role . "</p>"; echo "<p class='text'>Rôle : " . $role . "</p>";
?>
<script type="text/javascript">
window.location.href = '/account/profile';
</script> <?php
} else { } else {
echo "<p class='text'>Aucun utilisateur n\'a été ajouté.</p>"; echo "<p class='text'>Aucun utilisateur n\'a été ajouté.</p>";
} }
@ -107,14 +110,6 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php'); include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php');
?> ?>
</body> </body>
</html> </html>
<?php
$newURL = "/account/profile";
header("Location: " . $newURL);
die();
?>

54
admin/index.php Normal file
View File

@ -0,0 +1,54 @@
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
if (isset($_COOKIE['userData'])) {
$userDataEncoded = $_COOKIE['userData'];
$userData = json_decode($userDataEncoded, true); // 'true' pour obtenir un tableau associatif
$email = $userData['email'];
$name = $userData['name'];
$familyName = $userData['familyName'];
$role = $userData['role'];
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="stylesheet" href="styles/main.css" />
<link rel="stylesheet" href="styles/header.css" />
<link rel="stylesheet" href="styles/footer.css" />
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
<link rel="icon" type="image/png" sizes="32x32"
href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
<script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>
<title>Jeux Olympiques - Paris 2024</title>
</head>
<body>
<?php include $_SERVER['DOCUMENT_ROOT'] . '/views/header.php'; ?>
<h1>Panel d'administration</h1>
<?php
if (isset($_COOKIE['userData'])) {
$role = $userData['role'];
if ($role == 'Administrateur') {
echo "<p class='text'>Vous êtes connecté en tant qu'administrateur.</p>";
}
} else {
include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php');
die("<p class='text'>Vous n'êtes pas autorisé à accéder à cette page.</p>");
} ?>
<!-- code de la page ici -->
<?php include $_SERVER['DOCUMENT_ROOT'] . '/views/footer.php'; ?>
</body>
</html>

View File

@ -9,8 +9,6 @@ if (isset($_COOKIE['userData'])) {
$name = $userData['name']; $name = $userData['name'];
$familyName = $userData['familyName']; $familyName = $userData['familyName'];
$role = $userData['role']; $role = $userData['role'];
} else {
echo "Cookie 'userData' non trouvé.";
} }
?> ?>

View File

@ -8,9 +8,11 @@
<link rel="stylesheet" href="/styles/header.css" /> <link rel="stylesheet" href="/styles/header.css" />
<link rel="stylesheet" href="/styles/footer.css" /> <link rel="stylesheet" href="/styles/footer.css" />
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" /> <link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
<link rel="icon" type="image/png" sizes="32x32" <link rel="icon" type="image/png" sizes="32x32"
href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" /> href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
<link rel="stylesheet" type="text/css" href="./style.css"> <!--truc pour la barre de recherche-->
<title>Accueil | Jeux Olympiques - Paris 2024</title> <title>Accueil | Jeux Olympiques - Paris 2024</title>
</head> </head>
@ -25,6 +27,17 @@
<p class="text">Vous pourrez également créer un compte pour accéder à des fonctionnalités supplémentaires.</p> <p class="text">Vous pourrez également créer un compte pour accéder à des fonctionnalités supplémentaires.</p>
<!-- barre de recherche -->
<input id="searchbar" onkeyup="rechercher_evenement()" type="text" name="search"
placeholder="Rechercher évènement..">
<!-- linking javascript -->
<script src="./animals.js"></script>
<br><br><br><br><br><br><br><br><br>
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?> <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?>
<script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script> <script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>

104
tools/updater.php Normal file
View File

@ -0,0 +1,104 @@
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
/*
- prénom, nom, mail, mdp, code rôle
- vérifier que le mail n'existe pas déjà
- vérifier que le code rôle est correct, et affecter le rôle correspondant
- hasher le mdp
- enregistrer le nouvel utilisateur dans la bdd
- créer un cookie avec mail, nom, prénom, rôle. Qui expire dans 1h
*/
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="stylesheet" href="../../styles/main.css" />
<link rel="stylesheet" href="../../styles/header.css" />
<link rel="stylesheet" href="../../styles/footer.css" />
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
<link rel="icon" type="image/png" sizes="32x32"
href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
<script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>
<title>Jeux Olympiques - Paris 2024</title>
</head>
<body>
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/header.php');
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$name = htmlspecialchars($_POST["name"]);
$familyName = htmlspecialchars($_POST["family_name"]);
$email = htmlspecialchars($_POST["email"]);
$password = htmlspecialchars($_POST["password"]);
}
$hashedPassword = sha1($password);
$query = "SELECT mail FROM user WHERE mail = '$email'";
$result = mysqli_query($db, $query);
if (!$result) {
die("Erreur lors de l'exécution de la requête.");
}
$row = mysqli_fetch_assoc($result);
if ($row) {
die("<p>Un utilisateur avec cette adresse mail existe déjà.</p>");
}
$addUser = "INSERT INTO `user`(`mail`, `name`, `family_name`, `role`, `password`) VALUES ('$email', '$name', '$familyName', '$role', '$hashedPassword')";
$resultAddUser = mysqli_query($db, $addUser);
if (!$resultAddUser) {
echo "<p class='text'>Erreur lors de l'exécution de la requête.</p>";
} else {
if (mysqli_affected_rows($db) > 0) {
echo "<p class='text'>Utilisateur créé avec succès. </p>";
// Créer un tableau avec les données utilisateur
$userData = array(
"email" => $email,
"name" => $name,
"familyName" => $familyName,
"role" => $role,
);
// Sérialiser le tableau en JSON
$userDataEncoded = json_encode($userData);
// Stocker les données sérialisées dans un cookie
setcookie("userData", $userDataEncoded, time() + 3600, "/");
echo "<p class='text'>Cookie créé avec succès. Contenu du cookie :</p>";
echo "<p class='text'>" . $userDataEncoded . "</p>";
echo "<p class='text'>Prénom : " . $name . "</p>";
echo "<p class='text'>Nom : " . $familyName . "</p>";
echo "<p class='text'>Adresse mail : " . $email . "</p>";
echo "<p class='text'>Mot de passe : " . $password . "</p>";
echo "<p class='text'>Mot de passe hashé : " . $hashedPassword . "</p>";
echo "<p class='text'>Rôle : " . $role . "</p>";
?>
<script type="text/javascript">
window.location.href = '/account/profile';
</script> <?php
} else {
echo "<p class='text'>Aucun utilisateur n\'a été ajouté.</p>";
}
}
include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php');
?>
</body>
</html>

View File

@ -9,8 +9,6 @@ if (isset($_COOKIE['userData'])) {
$name = $userData['name']; $name = $userData['name'];
$familyName = $userData['familyName']; $familyName = $userData['familyName'];
$role = $userData['role']; $role = $userData['role'];
} else {
echo "Cookie 'userData' non trouvé.";
} }
?> ?>
@ -28,8 +26,16 @@ if (isset($_COOKIE['userData'])) {
<div class="col-xs-6 col-md-3"> <div class="col-xs-6 col-md-3">
<h6>Catégories</h6> <h6>Catégories</h6>
<ul class="footer-links"> <ul class="footer-links">
<li><a href="../../../">Accueil</a></li> <li><a href="/">Accueil</a></li>
<li><a href="../../../events">Évènements</a></li> <li><?php
if (isset($_COOKIE['userData'])) {
$role = $userData['role'];
if ($role == 'Administrateur') {
echo "<a href='/admin'>Panel d'administration</a>";
}
}
?></li>
<li><a href="/events">Évènements</a></li>
</ul> </ul>
</div> </div>

View File

@ -27,6 +27,14 @@ if (isset($_COOKIE['userData'])) {
<!-- menu items --> <!-- menu items -->
<div class="menu"> <div class="menu">
<ul> <ul>
<li><?php
if (isset($_COOKIE['userData'])) {
$role = $userData['role'];
if ($role == 'Administrateur') {
echo "<a href='/admin'>Panel d'administration</a>";
}
}
?></li>
<li> <li>
<a href="/events"> <a href="/events">
Évènements Évènements
@ -46,6 +54,11 @@ if (isset($_COOKIE['userData'])) {
<!-- script php qui vérifie le cookie. Si cookie, propose déconnexion, si pas cookie propose connexion --> <!-- script php qui vérifie le cookie. Si cookie, propose déconnexion, si pas cookie propose connexion -->
</li> </li>
<li><?php
if (isset($_COOKIE['userData'])) {
echo "<a href='/tools/logout.php'>Déconnexion</a>";
}
?></li>
</ul> </ul>
</div> </div>
</nav> </nav>