balocchi/SAE_web
1
2
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

🔧 ajout d'une ébauche de panel admin et de possibilité de modifier les informations du compte.

Browse Source 
Modification des header&footer pour afficher le panel admin si connecté en tant qu'ADM
This commit is contained in:
Loris BALOCCHI 2024-06-11 10:56:40 +02:00
parent 8d66d324bc
commit b4a541eb8c
11 changed files with 254 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
LICENSE
View File

@ -1,6 +1,6 @@
MIT License
Copyright (c) 2024 balocchi
Copyright (c) 2024 Juliette CHARPENTIER & Loris BALOCCHI
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

14
account/login/index.php
View File

@ -1,3 +1,17 @@
<?php
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
session_start();
if (isset($_COOKIE['userData'])) {
header("Location: /account/profile");
}
?>
<!DOCTYPE html>
<html lang="fr">

36
account/profile/index.php
View File

@ -15,7 +15,6 @@ if (isset($_COOKIE['userData'])) {
$familyName = $userData['familyName'];
$role = $userData['role'];
} else {
echo "Cookie 'userData' non trouvé.";
header("Location: /account/login");
}
?>
@ -44,17 +43,34 @@ if (isset($_COOKIE['userData'])) {
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/header.php') ?>
<h1>Mon profil :</h1>
<?php
echo "<p class='text'>Email : " . $userData['email'] . "</p>";
echo "<p class='text'>Prénom : " . $userData['name'] . "</p>";
echo "<p class='text'>Nom : " . $userData['familyName'] . "</p>";
echo "<p class='text'>Rôle : " . $userData['role'] . "</p>";
<div class="login-container" style="margin-top: 1rem;">
<img src="https://cdn-icons-png.flaticon.com/512/4139/4139948.png" alt="Avatar">
<h2>Mettre à jour mes informations</h2>
<p>Modifiez les informations de votre profil.</p>
<form action="/tools/updater.php" method="post">
<div class="form-group">
<label for="name"><span style="color:red;"><abbr title="Requis">*</abbr></span> Prénom</label>
<input type="text" id="name" name="name" value="<?php echo $name ?>">
</div>
<div class="form-group">
<label for="family_name"><span style="color:red;"><abbr title="Requis">*</abbr></span> Nom</label>
<input type="text" id="family_name" name="family_name" value="<?php echo $familyName ?>">
</div>
<div class="form-group">
<label for="email"><span style="color:red;"><abbr title="Requis">*</abbr></span> Adresse mail</label>
<input type="email" id="email" name="email" value="<?php echo $email ?>">
</div>
<div class="form-group">
<label for="password"><span style="color:red;"><abbr title="Requis">*</abbr></span> Mot de passe</label>
<input type="password" id="password" name="password" required placeholder="••••••••" placeholder=" ">
</div>
?>
<form action="/tools/logout.php" method="post">
<button type="submit">Déconnexion</button>
</form>
<button type="submit" class="submit-button"><i class="fas fa-sign-in-alt"></i>
Mettre à jour mes informations</i></button>
</form>
</div>
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?>
</body>

13
account/register/index.php
View File

@ -1,3 +1,16 @@
<?php
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
session_start();
if (isset($_COOKIE['userData'])) {
header("Location: /account/profile");
}
?>
<!DOCTYPE html>
<html lang="fr">

13
account/register/register.php
View File

@ -96,7 +96,10 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
echo "<p class='text'>Mot de passe : " . $password . "</p>";
echo "<p class='text'>Mot de passe hashé : " . $hashedPassword . "</p>";
echo "<p class='text'>Rôle : " . $role . "</p>";
?>
<script type="text/javascript">
window.location.href = '/account/profile';
</script> <?php
} else {
echo "<p class='text'>Aucun utilisateur n\'a été ajouté.</p>";
}
@ -107,14 +110,6 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php');
?>
</body>
</html>
<?php
$newURL = "/account/profile";
header("Location: " . $newURL);
die();
?>

54
admin/index.php Normal file
View File

@ -0,0 +1,54 @@
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
if (isset($_COOKIE['userData'])) {
$userDataEncoded = $_COOKIE['userData'];
$userData = json_decode($userDataEncoded, true); // 'true' pour obtenir un tableau associatif
$email = $userData['email'];
$name = $userData['name'];
$familyName = $userData['familyName'];
$role = $userData['role'];
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="stylesheet" href="styles/main.css" />
<link rel="stylesheet" href="styles/header.css" />
<link rel="stylesheet" href="styles/footer.css" />
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
<link rel="icon" type="image/png" sizes="32x32"
href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
<script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>
<title>Jeux Olympiques - Paris 2024</title>
</head>
<body>
<?php include $_SERVER['DOCUMENT_ROOT'] . '/views/header.php'; ?>
<h1>Panel d'administration</h1>
<?php
if (isset($_COOKIE['userData'])) {
$role = $userData['role'];
if ($role == 'Administrateur') {
echo "<p class='text'>Vous êtes connecté en tant qu'administrateur.</p>";
}
} else {
include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php');
die("<p class='text'>Vous n'êtes pas autorisé à accéder à cette page.</p>");
} ?>
<!-- code de la page ici -->
<?php include $_SERVER['DOCUMENT_ROOT'] . '/views/footer.php'; ?>
</body>
</html>

2
base.html
View File

@ -9,8 +9,6 @@ if (isset($_COOKIE['userData'])) {
$name = $userData['name'];
$familyName = $userData['familyName'];
$role = $userData['role'];
} else {
echo "Cookie 'userData' non trouvé.";
}
?>

15
index.php
View File

@ -8,9 +8,11 @@
<link rel="stylesheet" href="/styles/header.css" />
<link rel="stylesheet" href="/styles/footer.css" />
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
<link rel="icon" type="image/png" sizes="32x32"
href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
<link rel="stylesheet" type="text/css" href="./style.css"> <!--truc pour la barre de recherche-->
<title>Accueil | Jeux Olympiques - Paris 2024</title>
</head>
@ -25,6 +27,17 @@
<p class="text">Vous pourrez également créer un compte pour accéder à des fonctionnalités supplémentaires.</p>
<!-- barre de recherche -->
<input id="searchbar" onkeyup="rechercher_evenement()" type="text" name="search"
placeholder="Rechercher évènement..">
<!-- linking javascript -->
<script src="./animals.js"></script>
<br><br><br><br><br><br><br><br><br>
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?>
<script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>

104
tools/updater.php Normal file
View File

@ -0,0 +1,104 @@
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
/*
- prénom, nom, mail, mdp, code rôle
- vérifier que le mail n'existe pas déjà
- vérifier que le code rôle est correct, et affecter le rôle correspondant
- hasher le mdp
- enregistrer le nouvel utilisateur dans la bdd
- créer un cookie avec mail, nom, prénom, rôle. Qui expire dans 1h
*/
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="stylesheet" href="../../styles/main.css" />
<link rel="stylesheet" href="../../styles/header.css" />
<link rel="stylesheet" href="../../styles/footer.css" />
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
<link rel="icon" type="image/png" sizes="32x32"
href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
<script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>
<title>Jeux Olympiques - Paris 2024</title>
</head>
<body>
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/header.php');
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$name = htmlspecialchars($_POST["name"]);
$familyName = htmlspecialchars($_POST["family_name"]);
$email = htmlspecialchars($_POST["email"]);
$password = htmlspecialchars($_POST["password"]);
}
$hashedPassword = sha1($password);
$query = "SELECT mail FROM user WHERE mail = '$email'";
$result = mysqli_query($db, $query);
if (!$result) {
die("Erreur lors de l'exécution de la requête.");
}
$row = mysqli_fetch_assoc($result);
if ($row) {
die("<p>Un utilisateur avec cette adresse mail existe déjà.</p>");
}
$addUser = "INSERT INTO `user`(`mail`, `name`, `family_name`, `role`, `password`) VALUES ('$email', '$name', '$familyName', '$role', '$hashedPassword')";
$resultAddUser = mysqli_query($db, $addUser);
if (!$resultAddUser) {
echo "<p class='text'>Erreur lors de l'exécution de la requête.</p>";
} else {
if (mysqli_affected_rows($db) > 0) {
echo "<p class='text'>Utilisateur créé avec succès. </p>";
// Créer un tableau avec les données utilisateur
$userData = array(
"email" => $email,
"name" => $name,
"familyName" => $familyName,
"role" => $role,
);
// Sérialiser le tableau en JSON
$userDataEncoded = json_encode($userData);
// Stocker les données sérialisées dans un cookie
setcookie("userData", $userDataEncoded, time() + 3600, "/");
echo "<p class='text'>Cookie créé avec succès. Contenu du cookie :</p>";
echo "<p class='text'>" . $userDataEncoded . "</p>";
echo "<p class='text'>Prénom : " . $name . "</p>";
echo "<p class='text'>Nom : " . $familyName . "</p>";
echo "<p class='text'>Adresse mail : " . $email . "</p>";
echo "<p class='text'>Mot de passe : " . $password . "</p>";
echo "<p class='text'>Mot de passe hashé : " . $hashedPassword . "</p>";
echo "<p class='text'>Rôle : " . $role . "</p>";
?>
<script type="text/javascript">
window.location.href = '/account/profile';
</script> <?php
} else {
echo "<p class='text'>Aucun utilisateur n\'a été ajouté.</p>";
}
}
include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php');
?>
</body>
</html>

14
views/footer.php
View File

@ -9,8 +9,6 @@ if (isset($_COOKIE['userData'])) {
$name = $userData['name'];
$familyName = $userData['familyName'];
$role = $userData['role'];
} else {
echo "Cookie 'userData' non trouvé.";
}
?>
@ -28,8 +26,16 @@ if (isset($_COOKIE['userData'])) {
<div class="col-xs-6 col-md-3">
<h6>Catégories</h6>
<ul class="footer-links">
<li><a href="../../../">Accueil</a></li>
<li><a href="../../../events">Évènements</a></li>
<li><a href="/">Accueil</a></li>
<li><?php
if (isset($_COOKIE['userData'])) {
$role = $userData['role'];
if ($role == 'Administrateur') {
echo "<a href='/admin'>Panel d'administration</a>";
}
}
?></li>
<li><a href="/events">Évènements</a></li>
</ul>
</div>

13
views/header.php
View File

@ -27,6 +27,14 @@ if (isset($_COOKIE['userData'])) {
<!-- menu items -->
<div class="menu">
<ul>
<li><?php
if (isset($_COOKIE['userData'])) {
$role = $userData['role'];
if ($role == 'Administrateur') {
echo "<a href='/admin'>Panel d'administration</a>";
}
}
?></li>
<li>
<a href="/events">
Évènements
@ -46,6 +54,11 @@ if (isset($_COOKIE['userData'])) {
<!-- script php qui vérifie le cookie. Si cookie, propose déconnexion, si pas cookie propose connexion -->
</li>
<li><?php
if (isset($_COOKIE['userData'])) {
echo "<a href='/tools/logout.php'>Déconnexion</a>";
}
?></li>
</ul>
</div>
</nav>