🔧 ajout d'une ébauche de panel admin et de possibilité de modifier les informations du compte.

Modification des header&footer pour afficher le panel admin si connecté en tant qu'ADM
This commit is contained in:
Loris BALOCCHI 2024-06-11 10:56:40 +02:00
parent 8d66d324bc
commit b4a541eb8c
11 changed files with 254 additions and 28 deletions

View File

@ -1,6 +1,6 @@
MIT License
Copyright (c) 2024 balocchi
Copyright (c) 2024 Juliette CHARPENTIER & Loris BALOCCHI
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

View File

@ -1,3 +1,17 @@
<?php
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
session_start();
if (isset($_COOKIE['userData'])) {
header("Location: /account/profile");
}
?>
<!DOCTYPE html>
<html lang="fr">

View File

@ -15,7 +15,6 @@ if (isset($_COOKIE['userData'])) {
$familyName = $userData['familyName'];
$role = $userData['role'];
} else {
echo "Cookie 'userData' non trouvé.";
header("Location: /account/login");
}
?>
@ -44,18 +43,35 @@ if (isset($_COOKIE['userData'])) {
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/header.php') ?>
<h1>Mon profil :</h1>
<?php
echo "<p class='text'>Email : " . $userData['email'] . "</p>";
echo "<p class='text'>Prénom : " . $userData['name'] . "</p>";
echo "<p class='text'>Nom : " . $userData['familyName'] . "</p>";
echo "<p class='text'>Rôle : " . $userData['role'] . "</p>";
<div class="login-container" style="margin-top: 1rem;">
<img src="https://cdn-icons-png.flaticon.com/512/4139/4139948.png" alt="Avatar">
<h2>Mettre à jour mes informations</h2>
<p>Modifiez les informations de votre profil.</p>
<form action="/tools/updater.php" method="post">
<div class="form-group">
<label for="name"><span style="color:red;"><abbr title="Requis">*</abbr></span> Prénom</label>
<input type="text" id="name" name="name" value="<?php echo $name ?>">
</div>
<div class="form-group">
<label for="family_name"><span style="color:red;"><abbr title="Requis">*</abbr></span> Nom</label>
<input type="text" id="family_name" name="family_name" value="<?php echo $familyName ?>">
</div>
<div class="form-group">
<label for="email"><span style="color:red;"><abbr title="Requis">*</abbr></span> Adresse mail</label>
<input type="email" id="email" name="email" value="<?php echo $email ?>">
</div>
<div class="form-group">
<label for="password"><span style="color:red;"><abbr title="Requis">*</abbr></span> Mot de passe</label>
<input type="password" id="password" name="password" required placeholder="••••••••" placeholder=" ">
</div>
?>
<form action="/tools/logout.php" method="post">
<button type="submit">Déconnexion</button>
<button type="submit" class="submit-button"><i class="fas fa-sign-in-alt"></i>
Mettre à jour mes informations</i></button>
</form>
</div>
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?>
</body>

View File

@ -1,3 +1,16 @@
<?php
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
session_start();
if (isset($_COOKIE['userData'])) {
header("Location: /account/profile");
}
?>
<!DOCTYPE html>
<html lang="fr">

View File

@ -96,7 +96,10 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
echo "<p class='text'>Mot de passe : " . $password . "</p>";
echo "<p class='text'>Mot de passe hashé : " . $hashedPassword . "</p>";
echo "<p class='text'>Rôle : " . $role . "</p>";
?>
<script type="text/javascript">
window.location.href = '/account/profile';
</script> <?php
} else {
echo "<p class='text'>Aucun utilisateur n\'a été ajouté.</p>";
}
@ -107,14 +110,6 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php');
?>
</body>
</html>
<?php
$newURL = "/account/profile";
header("Location: " . $newURL);
die();
?>

54
admin/index.php Normal file
View File

@ -0,0 +1,54 @@
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
if (isset($_COOKIE['userData'])) {
$userDataEncoded = $_COOKIE['userData'];
$userData = json_decode($userDataEncoded, true); // 'true' pour obtenir un tableau associatif
$email = $userData['email'];
$name = $userData['name'];
$familyName = $userData['familyName'];
$role = $userData['role'];
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="stylesheet" href="styles/main.css" />
<link rel="stylesheet" href="styles/header.css" />
<link rel="stylesheet" href="styles/footer.css" />
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
<link rel="icon" type="image/png" sizes="32x32"
href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
<script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>
<title>Jeux Olympiques - Paris 2024</title>
</head>
<body>
<?php include $_SERVER['DOCUMENT_ROOT'] . '/views/header.php'; ?>
<h1>Panel d'administration</h1>
<?php
if (isset($_COOKIE['userData'])) {
$role = $userData['role'];
if ($role == 'Administrateur') {
echo "<p class='text'>Vous êtes connecté en tant qu'administrateur.</p>";
}
} else {
include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php');
die("<p class='text'>Vous n'êtes pas autorisé à accéder à cette page.</p>");
} ?>
<!-- code de la page ici -->
<?php include $_SERVER['DOCUMENT_ROOT'] . '/views/footer.php'; ?>
</body>
</html>

View File

@ -9,8 +9,6 @@ if (isset($_COOKIE['userData'])) {
$name = $userData['name'];
$familyName = $userData['familyName'];
$role = $userData['role'];
} else {
echo "Cookie 'userData' non trouvé.";
}
?>

View File

@ -8,9 +8,11 @@
<link rel="stylesheet" href="/styles/header.css" />
<link rel="stylesheet" href="/styles/footer.css" />
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
<link rel="icon" type="image/png" sizes="32x32"
href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
<link rel="stylesheet" type="text/css" href="./style.css"> <!--truc pour la barre de recherche-->
<title>Accueil | Jeux Olympiques - Paris 2024</title>
</head>
@ -25,6 +27,17 @@
<p class="text">Vous pourrez également créer un compte pour accéder à des fonctionnalités supplémentaires.</p>
<!-- barre de recherche -->
<input id="searchbar" onkeyup="rechercher_evenement()" type="text" name="search"
placeholder="Rechercher évènement..">
<!-- linking javascript -->
<script src="./animals.js"></script>
<br><br><br><br><br><br><br><br><br>
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?>
<script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>

104
tools/updater.php Normal file
View File

@ -0,0 +1,104 @@
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
/*
- prénom, nom, mail, mdp, code rôle
- vérifier que le mail n'existe pas déjà
- vérifier que le code rôle est correct, et affecter le rôle correspondant
- hasher le mdp
- enregistrer le nouvel utilisateur dans la bdd
- créer un cookie avec mail, nom, prénom, rôle. Qui expire dans 1h
*/
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="stylesheet" href="../../styles/main.css" />
<link rel="stylesheet" href="../../styles/header.css" />
<link rel="stylesheet" href="../../styles/footer.css" />
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
<link rel="icon" type="image/png" sizes="32x32"
href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
<script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>
<title>Jeux Olympiques - Paris 2024</title>
</head>
<body>
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/header.php');
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$name = htmlspecialchars($_POST["name"]);
$familyName = htmlspecialchars($_POST["family_name"]);
$email = htmlspecialchars($_POST["email"]);
$password = htmlspecialchars($_POST["password"]);
}
$hashedPassword = sha1($password);
$query = "SELECT mail FROM user WHERE mail = '$email'";
$result = mysqli_query($db, $query);
if (!$result) {
die("Erreur lors de l'exécution de la requête.");
}
$row = mysqli_fetch_assoc($result);
if ($row) {
die("<p>Un utilisateur avec cette adresse mail existe déjà.</p>");
}
$addUser = "INSERT INTO `user`(`mail`, `name`, `family_name`, `role`, `password`) VALUES ('$email', '$name', '$familyName', '$role', '$hashedPassword')";
$resultAddUser = mysqli_query($db, $addUser);
if (!$resultAddUser) {
echo "<p class='text'>Erreur lors de l'exécution de la requête.</p>";
} else {
if (mysqli_affected_rows($db) > 0) {
echo "<p class='text'>Utilisateur créé avec succès. </p>";
// Créer un tableau avec les données utilisateur
$userData = array(
"email" => $email,
"name" => $name,
"familyName" => $familyName,
"role" => $role,
);
// Sérialiser le tableau en JSON
$userDataEncoded = json_encode($userData);
// Stocker les données sérialisées dans un cookie
setcookie("userData", $userDataEncoded, time() + 3600, "/");
echo "<p class='text'>Cookie créé avec succès. Contenu du cookie :</p>";
echo "<p class='text'>" . $userDataEncoded . "</p>";
echo "<p class='text'>Prénom : " . $name . "</p>";
echo "<p class='text'>Nom : " . $familyName . "</p>";
echo "<p class='text'>Adresse mail : " . $email . "</p>";
echo "<p class='text'>Mot de passe : " . $password . "</p>";
echo "<p class='text'>Mot de passe hashé : " . $hashedPassword . "</p>";
echo "<p class='text'>Rôle : " . $role . "</p>";
?>
<script type="text/javascript">
window.location.href = '/account/profile';
</script> <?php
} else {
echo "<p class='text'>Aucun utilisateur n\'a été ajouté.</p>";
}
}
include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php');
?>
</body>
</html>

View File

@ -9,8 +9,6 @@ if (isset($_COOKIE['userData'])) {
$name = $userData['name'];
$familyName = $userData['familyName'];
$role = $userData['role'];
} else {
echo "Cookie 'userData' non trouvé.";
}
?>
@ -28,8 +26,16 @@ if (isset($_COOKIE['userData'])) {
<div class="col-xs-6 col-md-3">
<h6>Catégories</h6>
<ul class="footer-links">
<li><a href="../../../">Accueil</a></li>
<li><a href="../../../events">Évènements</a></li>
<li><a href="/">Accueil</a></li>
<li><?php
if (isset($_COOKIE['userData'])) {
$role = $userData['role'];
if ($role == 'Administrateur') {
echo "<a href='/admin'>Panel d'administration</a>";
}
}
?></li>
<li><a href="/events">Évènements</a></li>
</ul>
</div>

View File

@ -27,6 +27,14 @@ if (isset($_COOKIE['userData'])) {
<!-- menu items -->
<div class="menu">
<ul>
<li><?php
if (isset($_COOKIE['userData'])) {
$role = $userData['role'];
if ($role == 'Administrateur') {
echo "<a href='/admin'>Panel d'administration</a>";
}
}
?></li>
<li>
<a href="/events">
Évènements
@ -46,6 +54,11 @@ if (isset($_COOKIE['userData'])) {
<!-- script php qui vérifie le cookie. Si cookie, propose déconnexion, si pas cookie propose connexion -->
</li>
<li><?php
if (isset($_COOKIE['userData'])) {
echo "<a href='/tools/logout.php'>Déconnexion</a>";
}
?></li>
</ul>
</div>
</nav>