diff --git a/php/connexion.php b/php/connexion.php index 411e8b3..e040d06 100644 --- a/php/connexion.php +++ b/php/connexion.php @@ -1,99 +1,76 @@ - + + - + Connexion - Jeux Olympiques - - - prepare("SELECT * FROM user WHERE login = ?"); + $stmt->bind_param("s", $login); + $stmt->execute(); + $result = $stmt->get_result(); - $result=mysqli_query($db,"SELECT * FROM user WHERE login = '$login' "); - - if (mysqli_num_rows($result) > 0) { - - $row = mysqli_fetch_assoc($result); + if ($result->num_rows > 0) { + $row = $result->fetch_assoc(); $hash = $row['mdp']; $mail = $row['mail']; $nom = $row['nom']; $prenom = $row['prenom']; $genre = $row['genre']; - $role = $row ['Role']; + $role = $row['Role']; if (password_verify($password, $hash)) { - if ($login) { - $_SESSION['login'] = $login; - $_SESSION['mail'] = $mail; - $_SESSION['nom'] = $nom; - $_SESSION['prenom'] = $prenom; - $_SESSION['genre'] = $genre; - $_SESSION['role'] = $role; + $_SESSION['login'] = $login; + $_SESSION['mail'] = $mail; + $_SESSION['nom'] = $nom; + $_SESSION['prenom'] = $prenom; + $_SESSION['genre'] = $genre; + $_SESSION['role'] = $role; - header('Location: ../index.php'); - exit(); - } - - + header('Location: ../index.php'); + exit(); } else { $error_verif2 = "Mot de passe incorrect"; } } else { $error_verif = "Ce login n'existe pas"; + } + $stmt->close(); } - - -} - -// Récupération des données du formulaire - - ?> - - - - -
-

Page de connexion

- -
- -
- -

Connexion


- -
-
-
- $error_verif
";} ?> -


-
- $error_verif2";} ?> -

+
+

Page de connexion

+ +
+
+

Connexion


+ +
+
+ $error_verif
"; } ?> +


+
+ $error_verif2"; } ?> +

Vous ne possédez pas de compte ?
Inscrivez-vous !

- - - - - + - \ No newline at end of file + diff --git a/php/créer_commentaire.php b/php/créer_commentaire.php index dd29631..0fc3a87 100644 --- a/php/créer_commentaire.php +++ b/php/créer_commentaire.php @@ -4,46 +4,81 @@ session_start(); $db = initDatabase(); -if (empty($_REQUEST['id_article'])) { - header('Location: evenement.php'); - exit(); +if (empty($_REQUEST['id_event'])) { + header('Location: evenement.php'); + exit(); } -if (!empty($_GET['tit']) && !empty($_GET['content'])) { - $title = $_GET['title']; - $content = htmlspecialchars($_GET['content']); - if (empty($_GET['id_comment'])) { // nouveau ou modif ? - $sql = "INSERT INTO comment (id_article, title, content, id_user) " - ."VALUES (".$_GET['id_article'].", '$title', '$content', ".$_SESSION['user']['id'].")"; - } else { - $sql = "UPDATE comment SET title='$title', content='$content', id_user=". $_SESSION['user']['id'] - ." WHERE id = " . $_GET['id_comment']; - } - if (mysqli_query($db,$sql)) { - header('Location: article_view.php?id=' . $_GET['id_article']); - exit(); - } else { - die("Erreur : $sql"); - } -} -?> - - -

Ajouter/modifier un commentaire

-
-
-\n"; -} ?> - -
- -
-
-prepare("INSERT INTO commentaire (id_comment, id_event, login, contenu) VALUES ($id,?, ?, ?)"); + $stmt->bind_param('iss', $id_event, $login, $content); + } else { // update existing comment + $id_comment = intval($_GET['id_comment']); // Ensure id_comment is an integer + $stmt = $db->prepare("UPDATE commentaire SET contenu = ?, login = ? WHERE id_comment = ?"); + $stmt->bind_param('ssi', $content, $login, $id_comment); + } + + if ($stmt->execute()) { + header('Location: event.php?id=' . $id_event); + exit(); + } else { + // Output SQL error for debugging + echo "Error: " . $stmt->error; + } + $stmt->close(); +} ?> + + + + + + + Évènements - Jeux Olympiques + + +
+

Évènement

+ +
+
+ +

Ajouter/modifier un commentaire

+
+ + + + + + + + + +
+
+ - \ No newline at end of file + diff --git a/php/evenement.php b/php/evenement.php index 6b74e70..4ffee44 100644 --- a/php/evenement.php +++ b/php/evenement.php @@ -76,13 +76,7 @@ $event = mysqli_stmt_get_result($stmt); ?> -Connexion"; - } -} -?> +
@@ -114,6 +108,13 @@ if (isset($_SESSION['role'])) { ?> + Créer un évènement"; + } + } +?>