🔧 ajout d'une ébauche de panel admin et de possibilité de modifier les informations du compte.

Modification des header&footer pour afficher le panel admin si connecté en tant qu'ADM
2024-06-11 10:56:40 +02:00 · 2024-06-11 10:56:40 +02:00 · b4a541eb8c
commit b4a541eb8c
parent 8d66d324bc
11 changed files with 254 additions and 28 deletions
--- a/2
+++ b/2
@ -1,6 +1,6 @@
 MIT License
-Copyright (c) 2024 balocchi
+Copyright (c) 2024 Juliette CHARPENTIER & Loris BALOCCHI
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
--- a/account/login/index.php
+++ b/account/login/index.php
@ -1,3 +1,17 @@
 <?php
 header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
 header("Cache-Control: post-check=0, pre-check=0", false);
 header("Pragma: no-cache");
 require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
 session_start();
 if (isset($_COOKIE['userData'])) {
    header("Location: /account/profile");
 }
 ?>
 <!DOCTYPE html>
 <html lang="fr">
--- a/account/profile/index.php
+++ b/account/profile/index.php
@ -15,7 +15,6 @@ if (isset($_COOKIE['userData'])) {
    $familyName = $userData['familyName'];
    $role = $userData['role'];
 } else {
    echo "Cookie 'userData' non trouvé.";
    header("Location: /account/login");
 }
 ?>
@ -44,17 +43,34 @@ if (isset($_COOKIE['userData'])) {
    <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/header.php') ?>
    <h1>Mon profil :</h1>
    <?php
    echo "<p class='text'>Email : " . $userData['email'] . "</p>";
    echo "<p class='text'>Prénom : " . $userData['name'] . "</p>";
    echo "<p class='text'>Nom : " . $userData['familyName'] . "</p>";
    echo "<p class='text'>Rôle : " . $userData['role'] . "</p>";
    <div class="login-container" style="margin-top: 1rem;">
        <img src="https://cdn-icons-png.flaticon.com/512/4139/4139948.png" alt="Avatar">
        <h2>Mettre à jour mes informations</h2>
        <p>Modifiez les informations de votre profil.</p>
        <form action="/tools/updater.php" method="post">
            <div class="form-group">
                <label for="name"><span style="color:red;"><abbr title="Requis">*</abbr></span> Prénom</label>
                <input type="text" id="name" name="name" value="<?php echo $name ?>">
            </div>
            <div class="form-group">
                <label for="family_name"><span style="color:red;"><abbr title="Requis">*</abbr></span> Nom</label>
                <input type="text" id="family_name" name="family_name" value="<?php echo $familyName ?>">
            </div>
            <div class="form-group">
                <label for="email"><span style="color:red;"><abbr title="Requis">*</abbr></span> Adresse mail</label>
                <input type="email" id="email" name="email" value="<?php echo $email ?>">
            </div>
            <div class="form-group">
                <label for="password"><span style="color:red;"><abbr title="Requis">*</abbr></span> Mot de passe</label>
                <input type="password" id="password" name="password" required placeholder="••••••••" placeholder=" ">
            </div>
-    ?>
+            <button type="submit" class="submit-button"><i class="fas fa-sign-in-alt"></i>
-    <form action="/tools/logout.php" method="post">
+                Mettre à jour mes informations</i></button>
-        <button type="submit">Déconnexion</button>
+        </form>
-    </form>
+
    </div>
    <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?>
 </body>
--- a/account/register/index.php
+++ b/account/register/index.php
@ -1,3 +1,16 @@
 <?php
 header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
 header("Cache-Control: post-check=0, pre-check=0", false);
 header("Pragma: no-cache");
 require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
 session_start();
 if (isset($_COOKIE['userData'])) {
    header("Location: /account/profile");
 }
 ?>
 <!DOCTYPE html>
 <html lang="fr">
--- a/account/register/register.php
+++ b/account/register/register.php
@ -96,7 +96,10 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
            echo "<p class='text'>Mot de passe : " . $password . "</p>";
            echo "<p class='text'>Mot de passe hashé : " . $hashedPassword . "</p>";
            echo "<p class='text'>Rôle : " . $role . "</p>";
-
+            ?>
            <script type="text/javascript">
                window.location.href = '/account/profile';
            </script> <?php
        } else {
            echo "<p class='text'>Aucun utilisateur n\'a été ajouté.</p>";
        }
@ -107,14 +110,6 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
    include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php');
    ?>
 </body>
 </html>
 <?php
 $newURL = "/account/profile";
 header("Location: " . $newURL);
 die();
 ?>
--- a/admin/index.php
+++ b/admin/index.php
@ -0,0 +1,54 @@
 <?php
 require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
 if (isset($_COOKIE['userData'])) {
    $userDataEncoded = $_COOKIE['userData'];
    $userData = json_decode($userDataEncoded, true); // 'true' pour obtenir un tableau associatif
    $email = $userData['email'];
    $name = $userData['name'];
    $familyName = $userData['familyName'];
    $role = $userData['role'];
 }
 ?>
 <!DOCTYPE html>
 <html lang="fr">
 <head>
    <meta charset="UTF-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <link rel="stylesheet" href="styles/main.css" />
    <link rel="stylesheet" href="styles/header.css" />
    <link rel="stylesheet" href="styles/footer.css" />
    <link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
    <link rel="icon" type="image/png" sizes="32x32"
        href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
    <script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>
    <title>Jeux Olympiques - Paris 2024</title>
 </head>
 <body>
    <?php include $_SERVER['DOCUMENT_ROOT'] . '/views/header.php'; ?>
    <h1>Panel d'administration</h1>
    <?php
    if (isset($_COOKIE['userData'])) {
        $role = $userData['role'];
        if ($role == 'Administrateur') {
            echo "<p class='text'>Vous êtes connecté en tant qu'administrateur.</p>";
        }
    } else {
        include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php');
        die("<p class='text'>Vous n'êtes pas autorisé à accéder à cette page.</p>");
    } ?>
    <!-- code de la page ici -->
    <?php include $_SERVER['DOCUMENT_ROOT'] . '/views/footer.php'; ?>
 </body>
 </html>
--- a/base.html
+++ b/base.html
@ -9,8 +9,6 @@ if (isset($_COOKIE['userData'])) {
    $name = $userData['name'];
    $familyName = $userData['familyName'];
    $role = $userData['role'];
 } else {
    echo "Cookie 'userData' non trouvé.";
 }
 ?>
--- a/index.php
+++ b/index.php
@ -8,9 +8,11 @@
    <link rel="stylesheet" href="/styles/header.css" />
    <link rel="stylesheet" href="/styles/footer.css" />
    <link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
    <link rel="icon" type="image/png" sizes="32x32"
        href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
    <link rel="stylesheet" type="text/css" href="./style.css"> <!--truc pour la barre de recherche-->
    <title>Accueil | Jeux Olympiques - Paris 2024</title>
 </head>
@ -25,6 +27,17 @@
    <p class="text">Vous pourrez également créer un compte pour accéder à des fonctionnalités supplémentaires.</p>
    <!-- barre de recherche -->
    <input id="searchbar" onkeyup="rechercher_evenement()" type="text" name="search"
        placeholder="Rechercher évènement..">
    <!-- linking javascript -->
    <script src="./animals.js"></script>
    <br><br><br><br><br><br><br><br><br>
    <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?>
    <script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>
--- a/tools/updater.php
+++ b/tools/updater.php
@ -0,0 +1,104 @@
 <?php
 require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
 /* 
 - prénom, nom, mail, mdp, code rôle
 - vérifier que le mail n'existe pas déjà
 - vérifier que le code rôle est correct, et affecter le rôle correspondant
 - hasher le mdp
 - enregistrer le nouvel utilisateur dans la bdd
 - créer un cookie avec mail, nom, prénom, rôle. Qui expire dans 1h
 */
 ?>
 <!DOCTYPE html>
 <html lang="fr">
 <head>
    <meta charset="UTF-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <link rel="stylesheet" href="../../styles/main.css" />
    <link rel="stylesheet" href="../../styles/header.css" />
    <link rel="stylesheet" href="../../styles/footer.css" />
    <link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
    <link rel="icon" type="image/png" sizes="32x32"
        href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
    <script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>
    <title>Jeux Olympiques - Paris 2024</title>
 </head>
 <body>
    <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/header.php');
    if ($_SERVER["REQUEST_METHOD"] == "POST") {
        $name = htmlspecialchars($_POST["name"]);
        $familyName = htmlspecialchars($_POST["family_name"]);
        $email = htmlspecialchars($_POST["email"]);
        $password = htmlspecialchars($_POST["password"]);
    }
    $hashedPassword = sha1($password);
    $query = "SELECT mail FROM user WHERE mail = '$email'";
    $result = mysqli_query($db, $query);
    if (!$result) {
        die("Erreur lors de l'exécution de la requête.");
    }
    $row = mysqli_fetch_assoc($result);
    if ($row) {
        die("<p>Un utilisateur avec cette adresse mail existe déjà.</p>");
    }
    $addUser = "INSERT INTO `user`(`mail`, `name`, `family_name`, `role`, `password`) VALUES ('$email', '$name', '$familyName', '$role', '$hashedPassword')";
    $resultAddUser = mysqli_query($db, $addUser);
    if (!$resultAddUser) {
        echo "<p class='text'>Erreur lors de l'exécution de la requête.</p>";
    } else {
        if (mysqli_affected_rows($db) > 0) {
            echo "<p class='text'>Utilisateur créé avec succès. </p>";
            // Créer un tableau avec les données utilisateur
            $userData = array(
                "email" => $email,
                "name" => $name,
                "familyName" => $familyName,
                "role" => $role,
            );
            // Sérialiser le tableau en JSON
            $userDataEncoded = json_encode($userData);
            // Stocker les données sérialisées dans un cookie
            setcookie("userData", $userDataEncoded, time() + 3600, "/");
            echo "<p class='text'>Cookie créé avec succès. Contenu du cookie :</p>";
            echo "<p class='text'>" . $userDataEncoded . "</p>";
            echo "<p class='text'>Prénom : " . $name . "</p>";
            echo "<p class='text'>Nom : " . $familyName . "</p>";
            echo "<p class='text'>Adresse mail : " . $email . "</p>";
            echo "<p class='text'>Mot de passe : " . $password . "</p>";
            echo "<p class='text'>Mot de passe hashé : " . $hashedPassword . "</p>";
            echo "<p class='text'>Rôle : " . $role . "</p>";
            ?>
            <script type="text/javascript">
                window.location.href = '/account/profile';
            </script> <?php
        } else {
            echo "<p class='text'>Aucun utilisateur n\'a été ajouté.</p>";
        }
    }
    include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php');
    ?>
 </body>
 </html>
--- a/views/footer.php
+++ b/views/footer.php
@ -9,8 +9,6 @@ if (isset($_COOKIE['userData'])) {
    $name = $userData['name'];
    $familyName = $userData['familyName'];
    $role = $userData['role'];
 } else {
    echo "Cookie 'userData' non trouvé.";
 }
 ?>
@ -28,8 +26,16 @@ if (isset($_COOKIE['userData'])) {
            <div class="col-xs-6 col-md-3">
                <h6>Catégories</h6>
                <ul class="footer-links">
-                    <li><a href="../../../">Accueil</a></li>
+                    <li><a href="/">Accueil</a></li>
-                    <li><a href="../../../events">Évènements</a></li>
+                    <li><?php
                    if (isset($_COOKIE['userData'])) {
                        $role = $userData['role'];
                        if ($role == 'Administrateur') {
                            echo "<a href='/admin'>Panel d'administration</a>";
                        }
                    }
                    ?></li>
                    <li><a href="/events">Évènements</a></li>
                </ul>
            </div>
--- a/views/header.php
+++ b/views/header.php
@ -27,6 +27,14 @@ if (isset($_COOKIE['userData'])) {
    <!-- menu items -->
    <div class="menu">
        <ul>
            <li><?php
            if (isset($_COOKIE['userData'])) {
                $role = $userData['role'];
                if ($role == 'Administrateur') {
                    echo "<a href='/admin'>Panel d'administration</a>";
                }
            }
            ?></li>
            <li>
                <a href="/events">
                    Évènements
@ -46,6 +54,11 @@ if (isset($_COOKIE['userData'])) {
                <!-- script php qui vérifie le cookie. Si cookie, propose déconnexion, si pas cookie propose connexion -->
            </li>
            <li><?php
            if (isset($_COOKIE['userData'])) {
                echo "<a href='/tools/logout.php'>Déconnexion</a>";
            }
            ?></li>
        </ul>
    </div>
 </nav>