From dc4ab633a14c12f3211bda7469f325a66e489145 Mon Sep 17 00:00:00 2001
From: Loris BALOCCHI <loris.balocchi@etu.u-pec.fr>
Date: Sun, 16 Jun 2024 01:22:30 +0200
Subject: [PATCH] =?UTF-8?q?Ajout=20de=20la=20fonctionnalit=C3=A9=20de=20vu?=
 =?UTF-8?q?e=20de=20tous=20les=20=C3=A9v=C3=A8nements.=20Ajout=20de=20la?=
 =?UTF-8?q?=20r=C3=A9servation=20d'un=20=C3=A9v=C3=A8nement.=20Fix=20incom?=
 =?UTF-8?q?plet=20de=20la=20modification=20d'un=20utilisateur.=20CSS.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Charpentier Juliette <juliette.charpentier1@etu.u-pec.fr
---
 account/profile/index.php          |   6 +-
 account/profile/myevents/index.php | 107 ++++++++++++++++++++++++++++
 account/register/index.php         |  15 ++--
 admin/users/add/add.php            |  57 ++++++++-------
 admin/users/edit/edit.php          |  60 ++++++++++++++++
 admin/users/edit/index.php         |  93 +++++++++++++++++++++----
 admin/users/index.php              |   2 +-
 events/book/book.php               |  48 +++++++++++--
 events/book/cancel.php             |  61 ++++++++++++++++
 events/index.php                   |  84 +++++++++++++++++++---
 events/list/display/index.php      |  76 ++++++++++++++------
 styles/main.css                    |  84 ++++++++++++++++++++++
 tools/discordWebhookBooking.php    | 108 +++++++++++++++++++++++++++++
 views/footer.php                   |   8 +++
 views/header.php                   |   8 +++
 15 files changed, 728 insertions(+), 89 deletions(-)
 create mode 100644 account/profile/myevents/index.php
 create mode 100644 admin/users/edit/edit.php
 create mode 100644 events/book/cancel.php
 create mode 100644 tools/discordWebhookBooking.php

diff --git a/account/profile/index.php b/account/profile/index.php
index a79b2eb..6aeaefb 100644
--- a/account/profile/index.php
+++ b/account/profile/index.php
@@ -26,9 +26,9 @@ if (isset($_COOKIE['userData'])) {
 <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <link rel="stylesheet" href="../../styles/main.css" />
-    <link rel="stylesheet" href="../../styles/header.css" />
-    <link rel="stylesheet" href="../../styles/footer.css" />
+    <link rel="stylesheet" href="/styles/main.css" />
+    <link rel="stylesheet" href="/styles/header.css" />
+    <link rel="stylesheet" href="/styles/footer.css" />
     <link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
 
     <link rel="icon" type="image/png" sizes="32x32"
diff --git a/account/profile/myevents/index.php b/account/profile/myevents/index.php
new file mode 100644
index 0000000..2976db2
--- /dev/null
+++ b/account/profile/myevents/index.php
@@ -0,0 +1,107 @@
+<?php
+require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
+session_start();
+
+if (isset($_COOKIE['userData'])) {
+    $userDataEncoded = $_COOKIE['userData'];
+    $userData = json_decode($userDataEncoded, true); // 'true' pour obtenir un tableau associatif
+
+    $email = $userData['email'];
+    $name = $userData['name'];
+    $familyName = $userData['familyName'];
+    $role = $userData['role'];
+}
+?>
+
+<!DOCTYPE html>
+<html lang="fr">
+
+<head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <link rel="stylesheet" href="/styles/main.css" />
+    <link rel="stylesheet" href="/styles/header.css" />
+    <link rel="stylesheet" href="/styles/footer.css" />
+    <link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
+
+    <link rel="icon" type="image/png" sizes="32x32"
+        href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
+    <script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>
+    <title>Jeux Olympiques - Paris 2024</title>
+</head>
+
+<body>
+    <?php include $_SERVER['DOCUMENT_ROOT'] . '/views/header.php';
+    if (!isset($_COOKIE['userData'])) {
+        echo "<p class='text'>Vous n'êtes pas autorisé à accéder à cette page.</p>";
+        echo "<p class='text'>Redirection vers l'accueil dans 5 secondes...</p>";
+        header("refresh:5; url=/");
+        include $_SERVER['DOCUMENT_ROOT'] . '/views/footer.php';
+        die();
+    } ?>
+    <h1>Mes réservations</h1>
+    <?php echo "<p class='text'>Bienvenue <span>" . $name . " " . $familyName . ".</span></p>";
+
+    ?>
+    <!-- code de la page ici -->
+    <?php
+    if (isset($_GET['res'])) {
+        if ($_GET['res'] == "booking-succeeded") {
+            echo "<p class='text'>✅ Votre réservation a bien été prise en compte.</p>";
+        } else if ($_GET['res'] == "booking-failed") {
+            echo "<p class='text'>❌ La réservation a échoué. Veuillez réessayer.</p>";
+        } else if ($_GET['res'] == "cancellation-failed") {
+            echo "<p class='text'>❌ L'annulation a échoué. Veuillez réessayer.</p>";
+        } else if ($_GET['res'] == "cancellation-succeeded") {
+            $eventTitleFetched = $_GET['eventtitle'];
+            echo "<p class='text'>✅ L'annulation de $eventTitleFetched a bien été prise en compte.</p>";
+        }
+    }
+    //afficher la liste des évènements auxquels l'utilisateur est inscrit (avec mysqli) (table booking)
+    $stmt = mysqli_prepare($db, "SELECT * FROM booking WHERE mail = ?");
+    mysqli_stmt_bind_param($stmt, "s", $email);
+    mysqli_stmt_execute($stmt);
+    $result = mysqli_stmt_get_result($stmt);
+    if (mysqli_num_rows($result) == 0) {
+        echo "<p class='text'>Vous n'êtes inscrit à aucun évènement pour le moment.</p>";
+    } else {
+        echo "<p class='text'>Voici la liste des évènements auxquels vous êtes inscrit :</p>";
+        echo "<table class='table'>";
+        echo "<thead>";
+        echo "<tr>";
+        echo "<th scope='col'>Nom de l'évènement</th>";
+        echo "<th scope='col'>Date</th>";
+        ;
+        echo "<th scope='col'>Lieu</th>";
+        echo "<th scope='col'>Action</th>";
+        echo "</tr>";
+        echo "</thead>";
+        echo "<tbody>";
+        // sélectionner les évènements auxquels l'utilisateur est inscrit (avec mysqli et à l'aide de $email) (utiliser cette requete ? SELECT * FROM booking WHERE mail="$email";)
+        while ($booking = mysqli_fetch_assoc($result)) {
+            $eventID = $booking['id'];
+            $stmt = mysqli_prepare($db, "SELECT * FROM event WHERE id = ?");
+            mysqli_stmt_bind_param($stmt, "i", $eventID);
+            mysqli_stmt_execute($stmt);
+            $eventResult = mysqli_stmt_get_result($stmt);
+            $event = mysqli_fetch_assoc($eventResult);
+
+
+            echo "<tr>";
+            echo "<td>" . $event['title'] . "</td>";
+            echo "<td>" . date('d/m/Y', strtotime($event['date'])) . "</td>";
+            echo "<td>" . $event['location'] . "</td>";
+            echo "<td><a href='/events/book/cancel.php?usermail=$email&id=" . $event['id'] . "'>Annuler</a></td>";
+            echo "</tr>";
+        }
+        echo "</table>";
+    }
+
+    //echo "<td><a href='/events/book/cancel.php?id=" . $event['id'] . "'>Annuler</a></td>";
+    
+    ?>
+
+    <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/account/register/index.php b/account/register/index.php
index 51a72ee..4857fb2 100644
--- a/account/register/index.php
+++ b/account/register/index.php
@@ -17,22 +17,15 @@ if (isset($_COOKIE['userData'])) {
 <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <link rel="stylesheet" href="../../styles/main.css" />
-    <link rel="stylesheet" href="../../styles/header.css" />
-    <link rel="stylesheet" href="../../styles/footer.css" />
+    <link rel="stylesheet" href="/styles/main.css" />
+    <link rel="stylesheet" href="/styles/header.css" />
+    <link rel="stylesheet" href="/styles/footer.css" />
     <link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
 
     <link rel="icon" type="image/png" sizes="32x32"
         href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
     <title>Nouveau compte | Jeux Olympiques - Paris 2024</title>
-    <script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous">
-        function verifMDP() {
-            var pw1 = document.getElementById("password");
-            var pw2 = document.getElementById("password-bis");
-            if (pw1 != pw2) {
-                alert("Les mots de passe ne correspondent pas. Veuillez réessayer.");
-            } 
-    </script>
+    <script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>
 </head>
 
 <body>
diff --git a/admin/users/add/add.php b/admin/users/add/add.php
index d0d3f52..d8393b2 100644
--- a/admin/users/add/add.php
+++ b/admin/users/add/add.php
@@ -16,14 +16,18 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
     $userName = htmlspecialchars($_POST["name"]);
     $userFamilyName = htmlspecialchars($_POST["family_name"]);
     $userEmail = htmlspecialchars($_POST["email"]);
-    $usePassword = htmlspecialchars($_POST["password"]);
+    $userPassword = htmlspecialchars($_POST["password"]);
     $userUserRole = htmlspecialchars($_POST["role"]);
+    $hashedPassword = sha1($userPassword);
 }
 
-$hashedPassword = sha1($userPassword);
 
-$query = "SELECT mail FROM user WHERE mail = '$userEmail'";
-$result = mysqli_query($db, $query);
+
+$query = "SELECT mail FROM user WHERE mail = ?";
+$stmt = mysqli_prepare($db, $query);
+mysqli_stmt_bind_param($stmt, "s", $userEmail);
+mysqli_stmt_execute($stmt);
+$result = mysqli_stmt_get_result($stmt);
 
 if (!$result) {
     die("Erreur lors de l'exécution de la requête.");
@@ -32,30 +36,31 @@ if (!$result) {
 $row = mysqli_fetch_assoc($result);
 
 if ($row) {
-    die("<p>Un utilisateur avec cette adresse mail existe déjà.</p>");
-}
+    $addUser = "INSERT INTO `user`(`mail`, `name`, `family_name`, `role`, `password`) VALUES (?, ?, ?, ?, ?)";
+    $stmtAddUser = mysqli_prepare($db, $addUser);
+    mysqli_stmt_bind_param($stmtAddUser, "sssss", $userEmail, $userName, $userFamilyName, $userUserRole, $hashedPassword);
+    $resultAddUser = mysqli_stmt_execute($stmtAddUser);
+    $addUser = "INSERT INTO `user`(`mail`, `name`, `family_name`, `role`, `password`) VALUES ('$userEmail', '$userName', '$userFamilyName', '$userUserRole', '$hashedPassword')";
 
-$addUser = "INSERT INTO `user`(`mail`, `name`, `family_name`, `role`, `password`) VALUES ('$userEmail', '$userName', '$userFamilyName', '$userUserRole', '$hashedPassword')";
-
-$resultAddUser = mysqli_query($db, $addUser);
-if (!$resultAddUser) {
-    echo "<p class='text'>Erreur lors de l'exécution de la requête.</p>";
-} else {
-    if (mysqli_affected_rows($db) > 0) {
-        echo "<p class='text'>Utilisateur créé avec succès. </p>";
-
-        echo "<p class='text'>Prénom : " . $userName . "</p>";
-        echo "<p class='text'>Nom : " . $userFamilyName . "</p>";
-        echo "<p class='text'>Adresse mail : " . $userEmail . "</p>";
-        echo "<p class='text'>Mot de passe : " . $userPassword . "</p>";
-        echo "<p class='text'>Mot de passe hashé : " . $hashedPassword . "</p>";
-        echo "<p class='text'>Rôle : " . $userUserRole . "</p>";
-        include ($_SERVER['DOCUMENT_ROOT'] . '/tools/discordWebhookRegister.php');
-        header("Location: /admin/users/?newuser=$userEmail");
-        die();
+    $resultAddUser = mysqli_query($db, $addUser);
+    if (!$resultAddUser) {
+        echo "<p class='text'>Erreur lors de l'exécution de la requête.</p>";
     } else {
-        echo "<p class='text'>Aucun utilisateur n\'a été ajouté.</p>";
+        if (mysqli_affected_rows($db) > 0) {
+            echo "<p class='text'>Utilisateur créé avec succès. </p>";
+
+            echo "<p class='text'>Prénom : " . $userName . "</p>";
+            echo "<p class='text'>Nom : " . $userFamilyName . "</p>";
+            echo "<p class='text'>Adresse mail : " . $userEmail . "</p>";
+            echo "<p class='text'>Mot de passe : " . $userPassword . "</p>";
+            echo "<p class='text'>Mot de passe hashé : " . $hashedPassword . "</p>";
+            echo "<p class='text'>Rôle : " . $userUserRole . "</p>";
+            include ($_SERVER['DOCUMENT_ROOT'] . '/tools/discordWebhookRegister.php');
+            header("Location: /admin/users/?newuser=$userEmail");
+            die();
+        } else {
+            echo "<p class='text'>Aucun utilisateur n\'a été ajouté.</p>";
+        }
     }
 }
-
 ?>
\ No newline at end of file
diff --git a/admin/users/edit/edit.php b/admin/users/edit/edit.php
new file mode 100644
index 0000000..ae0f889
--- /dev/null
+++ b/admin/users/edit/edit.php
@@ -0,0 +1,60 @@
+<?php
+require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
+session_start();
+
+if (isset($_COOKIE['userData'])) {
+    $userDataEncoded = $_COOKIE['userData'];
+    $userData = json_decode($userDataEncoded, true); // 'true' pour obtenir un tableau associatif
+
+    $email = $userData['email'];
+    $name = $userData['name'];
+    $familyName = $userData['familyName'];
+    $role = $userData['role'];
+}
+
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+    $userName = htmlspecialchars($_POST["name"]);
+    $userFamilyName = htmlspecialchars($_POST["family_name"]);
+    $userEmail = htmlspecialchars($_POST["email"]);
+    $userPassword = isset($_POST["password"]) ? htmlspecialchars($_POST["password"]) : "";
+    $userUserRole = htmlspecialchars($_POST["role"]);
+    $hashedPassword = sha1($userPassword);
+
+    $query = "SELECT mail FROM user WHERE mail = '$userEmail'";
+    $result = mysqli_query($db, $query);
+
+    $row = mysqli_fetch_assoc($result);
+
+    if ($row) {
+        die("<p>Un utilisateur avec cette adresse mail existe déjà.</p>");
+    }
+}
+
+if (!$result) {
+    die("Erreur lors de l'exécution de la requête.");
+}
+
+$editUser = "UPDATE `user` SET `mail`='$userEmail', `name`='$userName', `family_name`='$userFamilyName', `role`='$userUserRole' WHERE `mail`='$userEmail'";
+
+$resultEditUser = mysqli_query($db, $editUser);
+if (!$resultEditUser) {
+    echo "<p class='text'>Erreur lors de l'exécution de la requête.</p>";
+} else {
+    if (mysqli_affected_rows($db) > 0) {
+        echo "<p class='text'>Utilisateur créé avec succès. </p>";
+
+        echo "<p class='text'>Prénom : " . $userName . "</p>";
+        echo "<p class='text'>Nom : " . $userFamilyName . "</p>";
+        echo "<p class='text'>Adresse mail : " . $userEmail . "</p>";
+        echo "<p class='text'>Mot de passe : " . $userPassword . "</p>";
+        echo "<p class='text'>Mot de passe hashé : " . $hashedPassword . "</p>";
+        echo "<p class='text'>Rôle : " . $userUserRole . "</p>";
+        include ($_SERVER['DOCUMENT_ROOT'] . '/tools/discordWebhookRegister.php');
+        header("Location: /admin/users/edit?usermail=$userEmail");
+        die();
+    } else {
+        echo "<p class='text'>Aucun utilisateur n\'a été ajouté.</p>";
+    }
+}
+
+?>
\ No newline at end of file
diff --git a/admin/users/edit/index.php b/admin/users/edit/index.php
index 13be7ef..b3bf848 100644
--- a/admin/users/edit/index.php
+++ b/admin/users/edit/index.php
@@ -2,8 +2,8 @@
 require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
 session_start();
 
-if (isset($_COOKIE['userData'])) {
-    $userDataEncoded = $_COOKIE['userData'];
+$userDataEncoded = isset($_COOKIE['userData']) ? $_COOKIE['userData'] : null;
+if ($userDataEncoded) {
     $userData = json_decode($userDataEncoded, true); // 'true' pour obtenir un tableau associatif
 
     $email = $userData['email'];
@@ -11,6 +11,30 @@ if (isset($_COOKIE['userData'])) {
     $familyName = $userData['familyName'];
     $role = $userData['role'];
 }
+//faire le nécessaire epour récup le mail donné en valriable dans l'url dans $userEmail
+// requete préparée sql pour obtenir les infos de l'utilisateur à partir du mail 
+// tu auras des variuables qui contiendront les informations de l'utilisateur, tu n'as plus qu'à
+// les afficher correctement dans les cases. Laisse son role d'affiché, mais mets juste en dessous un 
+// menu déroulant avec tous les 4 rôles possibles 
+
+
+if (isset($_GET['usermail'])) {
+    $userEmail = $_GET['usermail'];
+    $stmt = mysqli_prepare($db, "SELECT * FROM user WHERE mail = ?");
+    mysqli_stmt_bind_param($stmt, "s", $userEmail);
+    mysqli_stmt_execute($stmt);
+    $result = mysqli_stmt_get_result($stmt);
+    while ($row = mysqli_fetch_assoc($result)) {
+        $userEmail = $row["mail"];
+        $userFirstName = $row["name"];
+        $userFamilyName = $row["family_name"];
+        $userRole = $row["role"];
+    }
+
+} else {
+    echo "<p class='text' >Vous n'avez pas renseigné d'utilisateur à modifier.</p>";
+}
+
 ?>
 
 <!DOCTYPE html>
@@ -19,28 +43,71 @@ if (isset($_COOKIE['userData'])) {
 <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <link rel="stylesheet" href="/styles/main.css" />
-    <link rel="stylesheet" href="/styles/header.css" />
-    <link rel="stylesheet" href="/styles/footer.css" />
+    <link rel="stylesheet" href="../../styles/main.css" />
+    <link rel="stylesheet" href="../../styles/header.css" />
+    <link rel="stylesheet" href="../../styles/footer.css" />
     <link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />
 
     <link rel="icon" type="image/png" sizes="32x32"
         href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
     <script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>
-    <title>Titre de la page | Jeux Olympiques - Paris 2024</title>
+    <script>
+        if (!document.cookie.includes("userData")) { window.location.href = '/account/login'; }
+    </script>
+
+    <title>Profil de l'utilisateur| Jeux Olympiques - Paris 2024</title>
 </head>
 
 <body>
-    <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/header.php') ?>=
-    <!-- code de la page ici -->
+    <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/header.php'); ?>
+    <h1>Profil de l'utilisateur :</h1>
 
-    <?php
-    // script php ici
-    if (isset($_GET['email'])) {
+    <div class="login-container" style="margin-top: 1rem;">
+        <img src="https://cdn-icons-png.flaticon.com/512/4139/4139948.png" alt="Avatar">
+        <h2>Mettre à jour ces informations</h2>
+        <p>Modifiez les informations de ce profil.</p>
+        <?php
+        echo "<p class='text' >Vous modifiez actuellement le profil de l'utilisateur $userEmail.</p>";
+        echo "<p class='text' >Ce profil est actuellement de type $userRole.</p>";
+        echo "<p class='text'>" . $userFirstName . " " . $userFamilyName . "</p>";
+        echo "<p class='text'>" . $userEmail . "</p>";
 
-    }
+        ?>
 
-    ?>
+        <form action="/admin/users/edit/edit.php" method="post">
+            <div class="form-group">
+                <label for="name"><span style="color:red;"><abbr title="Requis">*</abbr></span> Prénom</label>
+                <input type="text" id="name" name="name" value="<?php echo $userFirstName ?>">
+            </div>
+            <div class="form-group">
+                <label for="family_name"><span style="color:red;"><abbr title="Requis">*</abbr></span> Nom</label>
+                <input type="text" id="family_name" name="family_name" value="<?php echo $userFamilyName ?>">
+            </div>
+            <div class="form-group">
+                <label for="email"><span style="color:red;"><abbr title="Requis">*</abbr></span> Adresse
+                    mail</label>
+                <input type="email" id="email" name="email" value="<?php echo $userEmail ?>">
+            </div>
+            <div class="form-group">
+                <label for="role">Rôle actuel</label>
+                <input type="text" id="role" name="role" value="<?php echo $userRole ?>" readonly>
+            </div>
+
+            <div class='form-group'>
+                <label for='role'>Rôle à assigner</label>
+                <select name='role' id='role'>
+                    <option>Administrateur</option>
+                    <option>Organisateur</option>
+                    <option>Sportif</option>
+                    <option>Spectateur</option>
+
+                </select>
+                <button type="submit" class="submit-button"><i class="fas fa-edit"></i>
+                    Mettre à jour ces informations</i></button>
+            </div>
+        </form>
+
+    </div>
 
     <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?>
 </body>
diff --git a/admin/users/index.php b/admin/users/index.php
index b2d5a27..07b278c 100644
--- a/admin/users/index.php
+++ b/admin/users/index.php
@@ -82,7 +82,7 @@ if (isset($_COOKIE['userData'])) {
             echo "<td>" . $row['name'] . "</td>";
             echo "<td>" . $row['family_name'] . "</td>";
             echo "<td>" . $row['role'] . "</td>";
-            echo "<td><a href='/admin/users/edit?email=" . $row['mail'] . "'>Modifier</a> | <a href='/admin/users/delete?oldemail=" . $row['mail'] . "'>Supprimer</a></td>";
+            echo "<td><a href='/admin/users/edit?usermail=" . $row['mail'] . "'>Modifier</a> | <a href='/admin/users/delete?oldemail=" . $row['mail'] . "'>Supprimer</a></td>";
             echo "</tr>";
         }
         echo "</table>";
diff --git a/events/book/book.php b/events/book/book.php
index c92a807..71d240e 100644
--- a/events/book/book.php
+++ b/events/book/book.php
@@ -3,8 +3,7 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
 session_start();
 
 if (isset($_COOKIE['userData'])) {
-  $userDataEncoded = $_COOKIE['userData'];
-  $userData = json_decode($userDataEncoded, true); // 'true' pour obtenir un tableau associatif
+  $userData = json_decode($_COOKIE['userData'], true);
 
   $email = $userData['email'];
   $name = $userData['name'];
@@ -12,12 +11,51 @@ if (isset($_COOKIE['userData'])) {
   $role = $userData['role'];
 }
 
-// un utilisateur a cliqué sur le bouton "S'inscrire" d'un évènement
-
-
+if (isset($_GET['usermail']) && isset($_GET['event'])) {
+  $userEmail = $_GET['usermail'];
+  $eventId = $_GET['event'];
 
+  $stmt = mysqli_prepare($db, "SELECT * FROM event WHERE id = ?");
+  mysqli_stmt_bind_param($stmt, "i", $eventId);
+  mysqli_stmt_execute($stmt);
+  $result = mysqli_stmt_get_result($stmt);
+  $eventDetails = mysqli_fetch_assoc($result);
 
+  if ($eventDetails) {
+    $eventTitle = $eventDetails["title"];
+    $eventDescription = $eventDetails["description"];
+    $eventType = $eventDetails["event_type"];
+    $eventDate = $eventDetails["date"];
+    $eventLocation = $eventDetails["location"];
 
+    echo "<p class='text'>Vous vous apprêtez à vous inscrire à l'évènement suivant : </p>";
+    echo "<p class='text'>Nom de l'évènement : $eventTitle</p>";
+    echo "<p class='text'>Date de l'évènement : $eventDate</p>";
+    echo "<p class='text'>Lieu de l'évènement : $eventLocation</p>";
+    echo "<p class='text'>Discipline de l'évènement : $eventType</p>";
+    echo "<p class='text'>Description de l'évènement : $eventDescription</p>";
+    echo "<p class='text'>Adresse mail de l'utilisateur : $userEmail</p>";
 
+    $stmt = mysqli_prepare($db, "INSERT INTO booking (id, mail, title, description, event_type, date, location) VALUES (?, ?, ?, ?, ?, ?, ?)");
+    mysqli_stmt_bind_param($stmt, "issssss", $eventId, $userEmail, $eventTitle, $eventDescription, $eventType, $eventDate, $eventLocation);
+    if (mysqli_stmt_execute($stmt)) {
+      echo "<p class='text'>Votre inscription à l'évènement $eventTitle a bien été prise en compte.</p>";
 
+      $stmt = mysqli_prepare($db, "UPDATE event SET guest_count = guest_count + 1 WHERE id = ?");
+      mysqli_stmt_bind_param($stmt, "i", $eventId);
+      if (mysqli_stmt_execute($stmt)) {
+        echo "<p class='text'>Le nombre de participants a été mis à jour.</p>";
+        include $_SERVER['DOCUMENT_ROOT'] . '/tools/discordWebhookBooking.php';
+        header("Location: /account/profile/myevents?res=booking-succeeded");
+      } else {
+        echo "<p class='text'>Erreur lors de la mise à jour du nombre de participants.</p>";
+      }
+    } else {
+      echo "<p class='text'>Une erreur est survenue lors de votre inscription à l'évènement. Erreur : " . mysqli_error($db) . "</p>";
+      header("Location: /account/profile/myevents?res=booking-failed");
+    }
+  } else {
+    echo "<p class='text'>Évènement introuvable.</p>";
+  }
+}
 ?>
\ No newline at end of file
diff --git a/events/book/cancel.php b/events/book/cancel.php
new file mode 100644
index 0000000..60136b4
--- /dev/null
+++ b/events/book/cancel.php
@@ -0,0 +1,61 @@
+<?php
+require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
+session_start();
+
+if (isset($_COOKIE['userData'])) {
+    $userData = json_decode($_COOKIE['userData'], true);
+
+    $email = $userData['email'];
+    $name = $userData['name'];
+    $familyName = $userData['familyName'];
+    $role = $userData['role'];
+}
+
+if (isset($_GET['usermail']) && isset($_GET['id'])) {
+    $userEmail = $_GET['usermail'];
+    $eventId = $_GET['id'];
+
+    $stmt = mysqli_prepare($db, "SELECT * FROM booking WHERE id = ? AND mail = ?");
+    mysqli_stmt_bind_param($stmt, "is", $eventId, $userEmail);
+    mysqli_stmt_execute($stmt);
+    $result = mysqli_stmt_get_result($stmt);
+    $eventDetails = mysqli_fetch_assoc($result);
+
+    if ($eventDetails) {
+        $eventTitle = $eventDetails["title"];
+        $eventDescription = $eventDetails["description"];
+        $eventType = $eventDetails["event_type"];
+        $eventDate = $eventDetails["date"];
+        $eventLocation = $eventDetails["location"];
+
+        echo "<p class='text'>Vous vous apprêtez à annuler votre inscription à l'évènement suivant : </p>";
+        echo "<p class='text'>Nom de l'évènement : $eventTitle</p>";
+        echo "<p class='text'>Date de l'évènement : $eventDate</p>";
+        echo "<p class='text'>Lieu de l'évènement : $eventLocation</p>";
+        echo "<p class='text'>Discipline de l'évènement : $eventType</p>";
+        echo "<p class='text'>Description de l'évènement : $eventDescription</p>";
+        echo "<p class='text'>Adresse mail de l'utilisateur : $userEmail</p>";
+
+        $stmt = mysqli_prepare($db, "DELETE FROM booking WHERE id = ? AND mail = ?");
+        mysqli_stmt_bind_param($stmt, "is", $eventId, $userEmail);
+        if (mysqli_stmt_execute($stmt)) {
+
+
+            echo "<p class='text'>Votre annulation à l'évènement $eventTitle a bien été prise en compte.</p>";
+
+            $stmt = mysqli_prepare($db, "UPDATE event SET guest_count = guest_count - 1 WHERE id = ?");
+            mysqli_stmt_bind_param($stmt, "i", $eventId);
+            if (mysqli_stmt_execute($stmt)) {
+                echo "<p class='text'>Le nombre de participants a été mis à jour.</p>";
+                include $_SERVER['DOCUMENT_ROOT'] . '/tools/discordWebhookBooking.php';
+                header("Location: /account/profile/myevents?res=cancellation-succeeded&eventtitle=$eventTitle");
+            } else {
+                echo "<p class='text'>Erreur lors de la mise à jour du nombre de participants.</p>";
+            }
+        } else {
+            echo "<p class='text'>Une erreur est survenue lors de votre annulation à l'évènement. Erreur : " . mysqli_error($db) . "</p>";
+            header("Location: /account/profile/myevents?res=cancellation-failed");
+        }
+    }
+}
+?>
\ No newline at end of file
diff --git a/events/index.php b/events/index.php
index ef1db34..8e621a9 100644
--- a/events/index.php
+++ b/events/index.php
@@ -34,33 +34,101 @@
     ?>
     <!-- to do
     -- Créer un évènement (rôle organisateur ou admin) ✅
-    -- s'inscrire à un évènement (rôle membre ou +)
-    -- participer à un évènement (sportif)
-    -- laisser un commentaire (rôle membre ou +)
+    -- s'inscrire à un évènement (rôle membre ou +)✅
     -- afficher la liste des évènements (tout le monde) ✅
     -- Rechercher un évènement par date, lieu, ou nom ✅
+    -- Trier les évènements par date, nombre de participants, personnes y ayant accès, etc...✅
+    -- participer à un évènement (sportif)
+    -- sécuriser les pages avec actions administratives
+
 -->
 
     <?php
     if (isset($_COOKIE['userData'])) {
         if (($role == 'Administrateur') or ($role == 'Organisateur')) {
             echo '<button class="new-event" onclick="window.location.href = \'/events/new\';">Créer un évènement</button>';
-            echo '<button class="new-event" onclick="window.location.href = \'/events/list\';">Consulter la liste des évènements</button>';
+            echo '<button class="new-event" onclick="window.location.href = \'/events/list\';">Rechercher un évènement</button>';
 
         } else if ($role == 'Sportif') {
             echo '<button class="new-event" onclick="window.location.href = \'/events/participate\';">Participer à un évènement</button>';
-            echo '<button class="new-event" onclick="window.location.href = \'/events/list\';">Consulter la liste des évènements</button>';
+            echo '<button class="new-event" onclick="window.location.href = \'/events/list\';">Rechercher un évènement</button>';
+            echo '<button class="new-event" onclick="window.location.href = \'/events/book\';">Réserver un évènement</button>';
+
         } else {
-            echo '<button class="new-event" onclick="window.location.href = \'/events/list\';">Consulter la liste des évènements</button>';
+            echo '<button class="new-event" onclick="window.location.href = \'/events/list\';">Rechercher un évènement</button>';
         }
-        echo '<button class="new-event" onclick="window.location.href = \'/events/book\';">S\'inscrire un évènement</button>';
+        echo '<button class="new-event" onclick="window.location.href = \'/events/book\';">Réserver un évènement</button>';
 
     } else {
-        echo '<button class="new-event" onclick="window.location.href = \'/events/list\';">Consulter la liste des évènements</button>';
+        echo '<button class="new-event" onclick="window.location.href = \'/events/list\';">Rechercher un évènement</button>';
 
     }
 
 
+    // faire une requete sql avec mysqli permettant d'afficher tous les évènements
+    // afficher les évènements sous forme de tableau
+    // voici les colonnes disponibles dans la table event
+    // id title description event_type date location role guest_count creator	
+    
+
+    $query = "SELECT * FROM event";
+
+    if (isset($_GET['sort'])) {
+        $sort = $_GET['sort'];
+        switch ($sort) {
+            case 'date':
+                $query .= " ORDER BY date";
+                break;
+            case 'location':
+                $query .= " ORDER BY location";
+                break;
+            case 'discipline':
+                $query .= " ORDER BY event_type";
+                break;
+            default:
+                break;
+        }
+    }
+
+    // Menu déroulant pour sélectionner le tri
+    echo "<form method='GET' action='' class='order-by'>";
+    echo "<label for='sort' class='text'>Trier par:</label>";
+    echo "<select name='sort' id='sort' onchange='this.form.submit()'>";
+    echo "<option value=''>Aucun</option>";
+    echo "<option value='date' " . ($sort == 'date' ? 'selected' : '') . ">Date</option>";
+    echo "<option value='location' " . ($sort == 'location' ? 'selected' : '') . ">Lieu</option>";
+    echo "<option value='discipline' " . ($sort == 'discipline' ? 'selected' : '') . ">Discipline</option>";
+    echo "</select>";
+    echo "</form>";
+    $result = mysqli_query($db, $query);
+    echo "<div class='events-flex-container'>";
+    echo "<div class='scrollable'>";
+    echo "<table class='event-table'>";
+    echo "<thead>";  // En-tête du tableau
+    echo "<tr>";
+    echo "<th class='event-table-header'>Titre</th>"; // Ensure class name matches with the CSS
+    echo "<th class='event-table-header'>Description</th>"; // Ensure class name matches with the CSS
+    echo "<th class='event-table-header'>Discipline</th>"; // Ensure class name matches with the CSS
+    echo "<th class='event-table-header'>Date</th>"; // Ensure class name matches with the CSS
+    echo "<th class='event-table-header'>Lieu</th>"; // Ensure class name matches with the CSS
+    echo "</tr>";
+    echo "</thead>";
+    echo "<tbody>";  // The scrollable body class removed here if not necessary
+    while ($row = mysqli_fetch_array($result)) {
+        echo "<tr>";
+        echo "<td class='event-table-data'>" . htmlspecialchars($row['title']) . "</td>";
+        echo "<td class='event-table-data'>" . htmlspecialchars($row['description']) . "</td>";
+        echo "<td class='event-table-data'>" . htmlspecialchars($row['event_type']) . "</td>";
+        echo "<td class='event-table-data'>" . htmlspecialchars($row['date']) . "</td>";
+        echo "<td class='event-table-data'>" . htmlspecialchars($row['location']) . "</td>";
+        echo "</tr>";
+    }
+    echo "</tbody>";
+    echo "</table>";
+    echo "</div>";
+    echo "</div>";
+
+
 
 
     ?>
diff --git a/events/list/display/index.php b/events/list/display/index.php
index 2835bbe..f79a010 100644
--- a/events/list/display/index.php
+++ b/events/list/display/index.php
@@ -37,19 +37,24 @@ if (isset($_COOKIE['userData'])) {
     <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/header.php');
 
     if (isset($_GET['location'])) {
-        $location = htmlspecialchars($_GET['location']);
-        echo "<h2>Évènements à $location</h2>";
-        $query = "SELECT * FROM event WHERE location = '$location'";
+        $location = $_GET['location'];
+        echo "<h2>Évènements à $location pour les $role" . "s" . "</h2>";
+        if ($role == 'Administrateur') {
+            $query = "SELECT * FROM event WHERE location = '$location'";
+        } else {
+            $query = "SELECT * FROM event WHERE location = '$location' AND role LIKE '%$role%'";
+        }
         $result = mysqli_query($db, $query);
         echo "<div class='events-flex-container'>";
         if (mysqli_num_rows($result) > 0) {
             while ($row = mysqli_fetch_assoc($result)) {
+                $eventID = htmlspecialchars($row['id'], ENT_QUOTES);
                 $title = htmlspecialchars($row['title'], ENT_QUOTES, 'UTF-8');
                 $description = htmlspecialchars($row['description'], ENT_QUOTES);
                 $event_type = htmlspecialchars($row['event_type'], ENT_QUOTES);
                 $date = date('d/m/Y', strtotime(htmlspecialchars($row['date'])));
                 $location = htmlspecialchars($row['location'], ENT_QUOTES);
-                $role = htmlspecialchars($row['role'], ENT_QUOTES);
+                $authorized_roles = htmlspecialchars($row['role'], ENT_QUOTES);
                 $guest_count = htmlspecialchars($row['guest_count'], ENT_QUOTES);
                 $creator = htmlspecialchars($row['creator'], ENT_QUOTES);
                 echo "<div class='event-card'>";
@@ -58,33 +63,44 @@ if (isset($_COOKIE['userData'])) {
                 echo "<p class='text'>Date : $date</p>";
                 echo "<p class='text'>Lieu : $location</p>";
                 echo "<p class='text'>Nombre de participants : $guest_count</p>";
-                echo "<p class='text'>(Roles autorisés) : $role</p>";
+                echo "<p class='text'>(Roles autorisés) : $authorized_roles</p>";
                 echo "<p class='text'>$description</p>";
-
+                if ($role != 'Administrateur') {
+                    if ($role != 'Administrateur') {
+                        echo "<button class='submit-button' onclick=\"window.location.href = '/events/book/book.php?usermail=$email&event=$eventID';\">Réserver une place</button>";
+                    }
+                }
+                if ($role == 'Sportif') {
+                    echo "<button class='submit-button'>Concourir</button>";
+                }
                 echo "</div>";
-
             }
         } else {
-            echo "<p class='text'>Aucun évènement trouvé à $location</p>";
+            echo "<p class='text'>Aucun évènement trouvé à cet endroit.</p>";
+            echo "</div>";
         }
-        echo "</div>";
     }
 
+
     if (isset($_GET['date'])) {
-        $date = htmlspecialchars($_GET['date']);
-        $date_fr = date('d/m/Y', strtotime($date));
-        echo "<h2>Évènements le $date_fr</h2>";
-        $query = "SELECT * FROM event WHERE date = '$date'";
+        $date = $_GET['date'];
+        echo "<h2>Évènements le $date pour $role</h2>";
+        if ($role == 'Administrateur') {
+            $query = "SELECT * FROM event WHERE date = '$date'";
+        } else {
+            $query = "SELECT * FROM event WHERE date = '$date' AND role LIKE '%$role%'";
+        }
         $result = mysqli_query($db, $query);
         echo "<div class='events-flex-container'>";
         if (mysqli_num_rows($result) > 0) {
             while ($row = mysqli_fetch_assoc($result)) {
+                $eventID = htmlspecialchars($row['id'], ENT_QUOTES);
                 $title = htmlspecialchars($row['title'], ENT_QUOTES);
                 $description = htmlspecialchars($row['description'], ENT_QUOTES);
                 $event_type = htmlspecialchars($row['event_type'], ENT_QUOTES);
                 $date = date('d/m/Y', strtotime(htmlspecialchars($row['date'])));
                 $location = htmlspecialchars($row['location'], ENT_QUOTES);
-                $role = htmlspecialchars($row['role'], ENT_QUOTES);
+                $authorized_roles = htmlspecialchars($row['role'], ENT_QUOTES);
                 $guest_count = htmlspecialchars($row['guest_count'], ENT_QUOTES);
                 $creator = htmlspecialchars($row['creator'], ENT_QUOTES);
                 echo "<div class='event-card'>";
@@ -93,31 +109,42 @@ if (isset($_COOKIE['userData'])) {
                 echo "<p class='text'>Date : $date</p>";
                 echo "<p class='text'>Lieu : $location</p>";
                 echo "<p class='text'>Nombre de participants : $guest_count</p>";
-                echo "<p class='text'>(Roles autorisés) : $role</p>";
+                echo "<p class='text'>(Roles autorisés) : $authorized_roles</p>";
                 echo "<p class='text'>$description</p>";
+                if ($role != 'Administrateur') {
+                    echo "<button class='submit-button' onclick=\"window.location.href = '/events/book/book.php?usermail=$email&event=$eventID';\">Réserver une place</button>";
+                }
+                if ($role == 'Sportif') {
+                    echo "<button class='submit-button'>Concourir</button>";
+                }
                 echo "</div>";
             }
         } else {
-            echo "<p class='text'>Aucun évènement trouvé le" . $date_fr . ".</p>";
+            echo "<p class='text'>Aucun évènement trouvé à la date recherchée.</p>";
         }
         echo "</div>";
     }
 
 
     if (isset($_GET['title'])) {
-        $title = htmlspecialchars($_GET['title']);
-        echo "<h2>Évènement intitulé " . $title . "</h2>";
-        $query = "SELECT * FROM event WHERE title = '$title'";
+        $title = $_GET['title'];
+        echo "<h2>Évènement intitulé \"$title\"</h2>";
+        if ($role == 'Administrateur') {
+            $query = "SELECT * FROM event WHERE title = '$title'";
+        } else {
+            $query = "SELECT * FROM event WHERE title = '$title' AND role LIKE '%$role%'";
+        }
         $result = mysqli_query($db, $query);
         echo "<div class='events-flex-container'>";
         if (mysqli_num_rows($result) > 0) {
             while ($row = mysqli_fetch_assoc($result)) {
+                $eventID = htmlspecialchars($row['id'], ENT_QUOTES);
                 $title = htmlspecialchars($row['title'], ENT_QUOTES);
                 $description = htmlspecialchars($row['description'], ENT_QUOTES);
                 $event_type = htmlspecialchars($row['event_type'], ENT_QUOTES);
                 $date = date('d/m/Y', strtotime(htmlspecialchars($row['date'])));
                 $location = htmlspecialchars($row['location'], ENT_QUOTES);
-                $role = htmlspecialchars($row['role'], ENT_QUOTES);
+                $authorized_roles = htmlspecialchars($row['role'], ENT_QUOTES);
                 $guest_count = htmlspecialchars($row['guest_count'], ENT_QUOTES);
                 $creator = htmlspecialchars($row['creator'], ENT_QUOTES);
                 echo "<div class='event-card'>";
@@ -126,9 +153,14 @@ if (isset($_COOKIE['userData'])) {
                 echo "<p class='text'>Date : $date</p>";
                 echo "<p class='text'>Lieu : $location</p>";
                 echo "<p class='text'>Nombre de participants : $guest_count</p>";
-                echo "<p class='text'>(Roles autorisés) : $role</p>";
+                echo "<p class='text'>(Roles autorisés) : $authorized_roles</p>";
                 echo "<p class='text'>$description</p>";
-                echo "<button class='book-button'>S'inscrire</button>"; // Add the button here
+                if ($role != 'Administrateur') {
+                    echo "<button class='submit-button' onclick=\"window.location.href = '/events/book/book.php?usermail=$email&event=$eventID';\">Réserver une place</button>";
+                }
+                if ($role == 'Sportif') {
+                    echo "<button class='submit-button'>Concourir</button>";
+                }
                 echo "</div>";
             }
         } else {
diff --git a/styles/main.css b/styles/main.css
index a257700..eaad6b1 100644
--- a/styles/main.css
+++ b/styles/main.css
@@ -465,3 +465,87 @@ button.new-event:hover {
   font-family: "RobotoFlex";
   color: #8e8c8c;
 }
+
+.events-flex-container {
+  background: #26272b; /* Dark background for contrast */
+  padding: 3rem;
+  border-radius: 10px;
+  box-shadow: 0 4px 6px rgba(0, 0, 0, 0.5);
+  width: 75%;
+  margin: 2rem auto; /* Center the element horizontally */
+  color: #ffffff; /* Ensure text is readable on dark background */
+  overflow: hidden; /* Ensures no spillover from the inner table */
+}
+
+.event-table {
+  width: 100%; /* Full width of its container */
+  border-collapse: collapse; /* Collapse borders */
+  table-layout: fixed; /* Fixed layout for consistent column sizing */
+
+  font-size: 0.9em;
+  min-width: 400px;
+}
+
+.event-table thead th {
+  background-color: #34353a; /* Dark background for contrast */
+  color: #ffffff;
+  text-align: left;
+  font-weight: bold;
+  position: sticky;
+  z-index: 2;
+  top: 0;
+}
+
+.event-table th,
+.event-table td {
+  padding: 12px 15px;
+}
+
+.event-table tbody tr {
+  border-bottom: 1px solid #dddddd;
+}
+
+.event-table tbody tr:nth-of-type(even) {
+  background-color: #242427; /* Dark background for contrast */
+}
+
+.event-table tbody tr:last-of-type {
+  border-bottom: 2px solid #26272b; /* Dark background for contrast */
+}
+
+.scrollable {
+  height: 600px;
+  overflow-y: scroll;
+  border-bottom: 1px solid #ddd;
+}
+
+.order-by {
+  margin-bottom: 1rem;
+  text-align: center;
+  width: 100%;
+  margin-left: auto;
+  margin-right: auto;
+}
+.order-by label {
+  display: block;
+  margin-bottom: 0.5rem;
+  color: #b1aeae;
+  padding-right: 11%;
+}
+
+.order-by select {
+  width: 15%;
+  padding: 0.5rem;
+  border: 1px solid #121216;
+  border-radius: 5px;
+  background-color: #34353a;
+  color: #fffe;
+  transition: all 0.3s ease;
+  appearance: none; /* Pour supprimer le style par défaut */
+  -webkit-appearance: none; /* Pour Safari */
+  -moz-appearance: none; /* Pour Firefox */
+  background-image: url("https://cdn-icons-png.flaticon.com/16/8442/8442683.png"); /* Ajoutez votre icône personnalisée */
+  background-repeat: no-repeat;
+  background-position: right 0.5rem center; /* Ajustez selon la taille de votre padding */
+  background-size: 1.5rem; /* Ajustez selon la taille souhaitée pour l'icône */
+}
diff --git a/tools/discordWebhookBooking.php b/tools/discordWebhookBooking.php
new file mode 100644
index 0000000..46f333e
--- /dev/null
+++ b/tools/discordWebhookBooking.php
@@ -0,0 +1,108 @@
+<?php
+// Code fork depuis https://stackoverflow.com/a/51748785
+
+require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
+session_start();
+
+if (isset($_COOKIE['userData'])) {
+    $userDataEncoded = $_COOKIE['userData'];
+    $userData = json_decode($userDataEncoded, true); // 'true' pour obtenir un tableau associatif
+
+    $email = $userData['email'];
+    $name = $userData['name'];
+    $familyName = $userData['familyName'];
+    $role = $userData['role'];
+}
+
+$url = "https://ptb.discord.com/api/webhooks/1251631249357803540/c-GCgeZZIG-gVzCxXJ77QhSrPhS2VbVHFKhSV7eqrK7UrKEPBc-0lXwI9FKDwiysgAg6";
+
+$hookObject = json_encode([
+    "content" => "## ✅ Nouvelle réservation à un évènement ! \n@here",
+    "username" => "Jeux Olympiques - Paris 2024",
+    "avatar_url" => "https://i.imgur.com/gg5xPa1.png",
+    "tts" => false,
+    "embeds" => [
+        [
+            "title" => "Jeux Olympiques - Paris 2024",
+            "type" => "rich",
+            "description" => "",
+            "url" => "https://but.lbalocchi.fr/",
+            "timestamp" => date('c', time()),
+            "color" => hexdec("F4B400"),
+            "footer" => [
+                "text" => "© Juliette & Loris - 2024",
+                "icon_url" => "https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png"
+            ],
+            "image" => [
+                "url" => "https://www.fromagersdefrance.com/wp-content/uploads/2023/03/1200px-Logo_JO_dete_-_Paris_2024.svg__0.png"
+            ],
+            "author" => [
+                "name" => "Juliette & Loris",
+                "url" => "https://stackoverflow.com/a/51748785",
+            ],
+
+            // Field array of objects
+            "fields" => [
+                [
+                    "name" => "Nom",
+                    "value" => $name,
+                    "inline" => true
+                ],
+                [
+                    "name" => "Prénom",
+                    "value" => $familyName,
+                    "inline" => true
+                ],
+                [
+                    "name" => "Email",
+                    "value" => $email,
+                    "inline" => true
+                ],
+                [
+                    "name" => "Rôle",
+                    "value" => $role,
+                    "inline" => true
+                ],
+                [
+                    "name" => "Évènement",
+                    "value" => $eventTitle,
+                    "inline" => true
+                ],
+                [
+                    "name" => "Date",
+                    "value" => $eventDate,
+                    "inline" => true
+                ],
+                [
+                    "name" => "Lieu",
+                    "value" => $eventLocation,
+                    "inline" => true
+                ],
+                [
+                    "name" => "Type",
+                    "value" => $eventType,
+                    "inline" => true
+                ],
+                [
+                    "name" => "Description",
+                    "value" => $eventDescription,
+                    "inline" => true
+                ]
+
+            ]
+        ]
+    ]
+
+], JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
+$ch = curl_init();
+curl_setopt_array($ch, [
+    CURLOPT_URL => $url,
+    CURLOPT_POST => true,
+    CURLOPT_POSTFIELDS => $hookObject,
+    CURLOPT_HTTPHEADER => [
+        "Content-Type: application/json"
+    ]
+]);
+$response = curl_exec($ch);
+curl_close($ch);
+?>
\ No newline at end of file
diff --git a/views/footer.php b/views/footer.php
index 8cf8ebd..57c17af 100644
--- a/views/footer.php
+++ b/views/footer.php
@@ -36,6 +36,14 @@ if (isset($_COOKIE['userData'])) {
                     }
                     ?></li>
                     <li><a href="/events">Évènements</a></li>
+                    <?php
+                    if (isset($_COOKIE['userData'])) {
+                        $role = $userData['role'];
+                        if ($role != 'Administrateur') {
+                            echo "<li><a href='/account/profile/myevents'>Mes réservations</a></li>";
+                        }
+                    }
+                    ?>
                 </ul>
             </div>
 
diff --git a/views/header.php b/views/header.php
index 344f58a..a7b2cd7 100644
--- a/views/header.php
+++ b/views/header.php
@@ -79,6 +79,14 @@ if (isset($_COOKIE['userData'])) {
                     ?>
                 </ul>
             </li>
+            <?php
+            if (isset($_COOKIE['userData'])) {
+                $role = $userData['role'];
+                if ($role != 'Administrateur') {
+                    echo "<li><a href='/account/profile/myevents'>Mes réservations</a></li>";
+                }
+            }
+            ?>
         </ul>
 
         <ul>