2023-10-22 19:24:59 +02:00
< ? php
2023-11-03 22:22:27 +01:00
include ( " test_creds.php " );
2023-11-01 22:23:40 +01:00
2023-11-03 22:22:27 +01:00
$conn = new mysqli ( $servername , $username , $password , $dbname );
// /!\ A CHANGER EN PROD /!\
$uploadDir = '/opt/lampp/htdocs/annales/archives/' ;
// le type de document est classifié entre 0 et n dans l'ensemble des entiers naturels
$max_val_type = 2 ;
2023-11-01 22:23:40 +01:00
// Liste des extensions autorisées pour les images
$image_extensions = [
'jpg' ,
'jpeg' ,
'png' ,
'gif' ,
'bmp' ,
'tiff' ,
'tif' ,
'webp' ,
'svg' ,
'ico' ,
'raw' ];
// Liste des extensions autorisées pour les fichiers PDF
$pdf_extensions = [ 'pdf' ];
// Liste des extensions autorisées pour les fichiers de présentation (par exemple, PowerPoint)
$presentation_extensions = [ 'ppt' , 'pptx' , 'odp' , 'pptm' , 'ppsx' ];
// Fusionner les listes en une seule liste
2023-11-03 22:22:27 +01:00
$ext_autorisees = array_merge ( $image_extensions , $pdf_extensions , $presentation_extensions );
2023-11-01 22:23:40 +01:00
function check_ext ( $filename ) {
$extension = pathinfo ( $filename , PATHINFO_EXTENSION );
return in_array ( strtolower ( $extension ), $GLOBALS [ " ext_autorisees " ]);
}
2023-10-22 20:01:47 +02:00
function ajouter_doc ( $request ){
2023-10-22 19:24:59 +02:00
2023-11-03 22:22:27 +01:00
global $conn ;
2023-10-22 19:24:59 +02:00
2023-11-03 22:22:27 +01:00
print_r ( $request );
2023-10-22 20:09:34 +02:00
2023-10-22 20:01:47 +02:00
// Check connection
if ( $conn -> connect_error ) {
die ( " Connection failed: " . $conn -> connect_error );
}
2023-10-22 19:24:59 +02:00
2023-11-11 20:33:14 +01:00
$sql = " INSERT INTO ensembles (commentaire_auteur,corrige_inclu) VALUES(?,?) " ;
2023-10-22 20:01:47 +02:00
try {
2023-11-11 20:33:14 +01:00
$conn -> execute_query ( $sql , array ( htmlspecialchars ( $request [ 'commentaire_auteur' ]), boolval ( $request [ " corrige_inclu " ])));
2023-11-03 22:22:27 +01:00
saveFilesFromPost ( $request , mysqli_insert_id ( $conn ));
2023-10-22 20:01:47 +02:00
} catch ( Exception $e ){
2023-11-03 22:22:27 +01:00
echo ( json_encode ([ " status " => " 0 " , " msg " => $e -> getMessage ()]));
2023-10-22 19:24:59 +02:00
}
}
2023-11-03 22:22:27 +01:00
function saveFilesFromPost ( $postData , $id_ensemble ) {
global $conn ;
2023-10-22 19:24:59 +02:00
// Check if the $_POST variable is set and contains files
2023-11-10 20:03:46 +01:00
//echo(print_r($_FILES,true));
2023-11-05 16:49:48 +01:00
2023-11-03 22:22:27 +01:00
if ( isset ( $_FILES ) && is_array ( $_FILES )) {
2023-11-01 22:23:40 +01:00
// Iterate through each file in the $_FILES array
2023-11-05 16:49:48 +01:00
$safe_type = intval ( $postData [ 'type' ]);
$i = 0 ;
2023-11-01 22:23:40 +01:00
foreach ( $_FILES as $file ) {
2023-10-22 19:24:59 +02:00
// Extract file information
2023-11-01 22:23:40 +01:00
if ( isset ( $file [ 'name' ])){
2023-11-05 16:49:48 +01:00
$fileName = htmlspecialchars ( $file [ 'name' ]);
2023-11-01 22:23:40 +01:00
if ( ! check_ext ( $fileName )){
echo ( json_encode ([ " status " => " 0 " , " msg " => " Error saving file ' $uniqueFileName ' " ]));
exit ;
}
} else {
echo ( " WTFFF " );
print_r ( $file );
}
2023-10-22 19:24:59 +02:00
// Create a unique filename to avoid overwriting existing files
2023-11-05 16:49:48 +01:00
$uniqueFileName = uniqid () . '_' . $fileName ;
2023-10-22 19:24:59 +02:00
// Define the path to save the file
2023-11-03 22:22:27 +01:00
$filePath = $GLOBALS [ 'uploadDir' ] . $uniqueFileName ;
2023-10-22 19:24:59 +02:00
2023-11-01 22:23:40 +01:00
//echo($filePath."\n");
2023-10-22 19:24:59 +02:00
// Save the file
2023-11-01 22:23:40 +01:00
if ( move_uploaded_file ( $file [ 'tmp_name' ], $filePath )) {
2023-10-22 19:24:59 +02:00
echo ( json_encode ([ " status " => " 1 " , " msg " => " File ' $uniqueFileName ' has been saved successfully. " ]));
} else {
echo ( json_encode ([ " status " => " 0 " , " msg " => " Error saving file ' $uniqueFileName ' " ]));
2023-11-01 22:23:40 +01:00
exit ;
2023-10-22 19:24:59 +02:00
}
2023-10-22 20:01:47 +02:00
2023-11-01 22:23:40 +01:00
try {
2023-10-22 20:01:47 +02:00
//update the database
$safe_titre = htmlspecialchars ( $postData [ 'titre' ]);
2023-11-03 22:22:27 +01:00
global $max_val_type ;
2023-11-10 22:38:52 +01:00
if ( $safe_type < 1 || $safe_type > $max_val_type ) {
2023-11-03 22:22:27 +01:00
echo ( json_encode ([ 'status' => '2' , 'msg' => " Le type de document spécifié n'existe pas. " ]));
exit ;
}
2023-10-22 20:01:47 +02:00
// pour tester, pas implémenté les commentaires globaux ni les themes
$sql = " INSERT INTO documents (titre,type,upload_path,commentaire_auteur,ensemble_id) VALUES(?,?,?,?,?) " ;
2023-11-10 22:38:52 +01:00
$conn -> execute_query ( $sql , array ( $safe_titre , $safe_type , " archives/ " . $uniqueFileName , $postData [ 'commentaire_doc_' . $i ], $id_ensemble ));
2023-11-01 22:23:40 +01:00
} catch ( Exception $e ){
2023-11-03 22:22:27 +01:00
echo ( json_encode ([ 'status' => '0' , 'msg' => $e -> getMessage ()]));
//exit;
2023-11-01 22:23:40 +01:00
}
2023-11-05 16:49:48 +01:00
$i ++ ;
}
// enregistrement des exercices dans le cas d'une annale
if ( $safe_type == 1 ){
2023-11-10 22:38:52 +01:00
2023-11-05 17:03:58 +01:00
$exercices = json_decode ( $postData [ 'exercices' ], true );
2023-11-05 16:49:48 +01:00
foreach ( $exercices as $key => $ex ) {
// premièrement, on enregistre l'exercice
$sql = 'INSERT INTO exercices (commentaire_auteur,ensemble_id,duree) VALUES(?,?,?)' ;
2023-11-05 17:06:04 +01:00
$conn -> execute_query ( $sql , array ( $ex [ " commentaire_exo " ], $id_ensemble , intval ( $ex [ " duree " ])));
2023-11-05 16:49:48 +01:00
$id_exo = mysqli_insert_id ( $conn );
// on recherche pour chaque thème s'il n'existe pas déjà,
// si non, on en créer un nouveau
foreach ( $ex [ " themes " ] as $theme ){
// pour l'instant un match complet mais on va essayer d'ameliorer ça avec
// des regex
$sql = " SELECT id FROM themes WHERE name= \" " . htmlspecialchars ( $theme ) . " \" " ;
$result = $conn -> execute_query ( $sql );
if ( $result ){
if ( mysqli_num_rows ( $result ) > 0 ) {
$row = mysqli_fetch_assoc ( $result );
$id_theme = $row [ " id " ];
} else {
2023-11-05 17:03:58 +01:00
echo ( " creation d'un theme " );
2023-11-05 16:49:48 +01:00
$sql = " INSERT INTO themes (name) VALUES(?) " ;
$conn -> execute_query ( $sql , array ( $theme ));
$id_theme = mysqli_insert_id ( $conn );
}
// ensuite, on enregistre les qui lui sont associés
$sql = 'INSERT INTO exercices_themes (exercice_id,theme_id) VALUES(?,?)' ;
$result = $conn -> execute_query ( $sql , array ( $id_exo , $id_theme ));
2023-11-05 17:03:58 +01:00
echo ( " enregistrement d'un exercice " );
2023-11-05 16:49:48 +01:00
}
}
}
2023-10-22 19:24:59 +02:00
}
2023-11-01 22:23:40 +01:00
2023-11-05 16:49:48 +01:00
2023-10-22 19:24:59 +02:00
} else {
echo ( json_encode ([ " status " => " 2 " , " msg " => " No files in the POST data. " ]));
2023-11-01 22:23:40 +01:00
exit ;
}
}
2023-11-10 20:03:46 +01:00
function RechercheExercices ( $query , $length , $tags )
2023-11-01 22:23:40 +01:00
{
2023-11-10 20:03:46 +01:00
global $conn ;
2023-11-01 22:23:40 +01:00
// Build the SQL query based on the search parameters
2023-12-03 16:30:07 +01:00
$sql = " SELECT * FROM documents AS d INNER JOIN ensembles AS e ON d.ensemble_id = e.id WHERE e.valide=TRUE AND " ;
2023-11-01 22:23:40 +01:00
$conditions = [];
if ( ! empty ( $query )) {
2023-11-10 20:03:46 +01:00
$query = htmlspecialchars ( $query );
2023-11-01 22:23:40 +01:00
$conditions [] = " titre LIKE '% $query %' " ;
}
if ( ! empty ( $length )) {
$conditions [] = " duree = $length " ;
}
if ( ! empty ( $tags )) {
$tagConditions = array_map ( function ( $tag ) {
2023-11-10 20:03:46 +01:00
$tag = htmlspecialchars ( $tag );
2023-11-10 22:38:52 +01:00
return " EXISTS (SELECT * FROM exercices_themes AS et INNER JOIN themes AS t ON et.exercice_id = t.id WHERE et.theme_id = t.id AND t.name = ' $tag ' AND) " ;
2023-11-01 22:23:40 +01:00
}, $tags );
$conditions [] = implode ( " AND " , $tagConditions );
}
2023-12-03 16:30:07 +01:00
2023-11-01 22:23:40 +01:00
$sql .= implode ( " AND " , $conditions );
2023-11-10 20:03:46 +01:00
//echo $sql;
2023-11-01 22:23:40 +01:00
// Execute the query
$result = $conn -> query ( $sql );
if ( ! $result ) {
throw new Exception ( " Error executing search query: " . $conn -> error );
}
$exercises = [];
while ( $row = $result -> fetch_assoc ()) {
$exercises [] = $row ;
}
$conn -> close ();
return $exercises ;
2023-12-03 16:30:07 +01:00
}
function valider_ensemble ( $ensembleId ) {
$updateQuery = " UPDATE ensembles SET valide = 1 WHERE id = $ensembleId " ;
global $conn ;
$conn -> execute_query ( $updateQuery );
2023-10-22 19:24:59 +02:00
}
?>