diff --git a/.gitignore b/.gitignore index 7f6ca2c..cd48afb 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ -test_creds.php \ No newline at end of file +test_creds.php +archives \ No newline at end of file diff --git a/api.php b/api.php index 241c3bd..1de700c 100644 --- a/api.php +++ b/api.php @@ -55,6 +55,25 @@ echo(json_encode(["status"=> "4","msg"=> "Utilisateur non authentifié."])); } } + + + + if (isset($_GET["chercher"])) { + // Example URL: /api/chercher?rech=math&duree=30&tags=algebre,geometrie + + $query = isset($_GET["req"]) ? $_GET["req"] : ""; + $length = isset($_GET["duree"]) ? $_GET["duree"] : ""; + $tags = isset($_GET["duree"]) ? explode(",", $_GET["tags"]) : []; + + try { + $results = searchExercises($query, $length, $tags); + echo json_encode(["status" => "1", "results" => $results]); + } catch (Exception $e) { + echo json_encode(["status" => "0", "msg" => $e->getMessage()]); + } + } + + exit; } @@ -74,6 +93,8 @@ default: echo(json_encode(["status"=> "2","msg"=> "Opération inconnue."])); } + + exit; } ?> \ No newline at end of file diff --git a/bdd.php b/bdd.php index 9e55081..167b25d 100644 --- a/bdd.php +++ b/bdd.php @@ -6,6 +6,37 @@ $servername = "127.0.0.1"; $username = "root"; $password = ""; $dbname = "archivinsa"; + + +// Liste des extensions autorisées pour les images +$image_extensions = [ +'jpg', +'jpeg', +'png', +'gif', +'bmp', +'tiff', +'tif', +'webp', +'svg', +'ico', +'raw']; + +// Liste des extensions autorisées pour les fichiers PDF +$pdf_extensions = ['pdf']; + +// Liste des extensions autorisées pour les fichiers de présentation (par exemple, PowerPoint) +$presentation_extensions = ['ppt', 'pptx','odp','pptm','ppsx']; + +// Fusionner les listes en une seule liste +$ext_autorisees = array_merge($imageExtensions, $pdfExtensions, $presentationExtensions); + +function check_ext($filename) { + $extension = pathinfo($filename, PATHINFO_EXTENSION); + return in_array(strtolower($extension), $GLOBALS["ext_autorisees"]); +} + + function ajouter_doc($request){ $conn = new mysqli($GLOBALS["servername"], $GLOBALS["username"], $GLOBALS["password"], $GLOBALS["dbname"]); @@ -30,32 +61,49 @@ function ajouter_doc($request){ function saveFilesFromPost($postData,$id_ensemble,$conn) { // Check if the $_POST variable is set and contains files - if (isset($postData['files']) && is_array($postData['files'])) { + echo(print_r($_FILES,true)); + if (isset($_FILES['fichiers']) && is_array($_FILES['fichiers'])) { // Directory to save the files - $uploadDir = 'archives/'; - - // Iterate through each file in the $_POST['files'] array - foreach ($postData['files'] as $file) { + // /!\ A CHANGER EN PROD /!\ + $uploadDir = '/opt/lampp/htdocs/annales/archives/'; + + + // Iterate through each file in the $_FILES array + foreach ($_FILES as $file) { // Extract file information - $fileName = $file['name']; - $fileData = $file['data']; + if (isset($file['name'])){ + $fileName = $file['name']; + if(!check_ext($fileName)){ + echo(json_encode(["status"=>"0","msg"=>"Error saving file '$uniqueFileName'"])); + exit; + } - // Decode base64 encoded file data - $fileData = base64_decode($fileData); + }else{ + echo("WTFFF"); + print_r($file); + } // Create a unique filename to avoid overwriting existing files - $uniqueFileName = uniqid() . '_' . $fileName; + $uniqueFileName = uniqid() . '_' . htmlspecialchars($fileName); // Define the path to save the file $filePath = $uploadDir . $uniqueFileName; + //echo($filePath."\n"); + + // Save the file - if (file_put_contents($filePath, $fileData) !== false) { + if (move_uploaded_file($file['tmp_name'], $filePath)) { echo(json_encode(["status"=>"1","msg" =>"File '$uniqueFileName' has been saved successfully."])); } else { echo(json_encode(["status"=>"0","msg"=>"Error saving file '$uniqueFileName'"])); + exit; + } + + + try{ //update the database $safe_titre = htmlspecialchars($postData['titre']); $safe_type = htmlspecialchars($postData['type']); @@ -64,10 +112,71 @@ function saveFilesFromPost($postData,$id_ensemble,$conn) { $sql="INSERT INTO documents (titre,type,upload_path,commentaire_auteur,ensemble_id) VALUES(?,?,?,?,?)"; $conn->execute_query($sql, array("titre"=> $safe_titre,"type"=>$safe_type,"upload_path"=> $uploadDir,"commentaire_auteur"=>"","ensemble_id"=>$id_ensemble)); + }catch(Exception $e){ + echo(json_encode(['status'=> '0','msg'=>$e])); + exit; + } + } + + } else { echo(json_encode(["status"=>"2","msg"=>"No files in the POST data."])); + exit; } } +function searchExercises($query, $length, $tags) +{ + $conn = new mysqli($GLOBALS["servername"], $GLOBALS["username"], $GLOBALS["password"], $GLOBALS["dbname"]); + + if ($conn->connect_error) { + throw new Exception("Connection failed: " . $conn->connect_error); + } + + // Build the SQL query based on the search parameters + $sql = "SELECT * FROM exercices"; + + if (!empty($query) || !empty($length) || !empty($tags)) { + $sql .= " WHERE"; + } + + $conditions = []; + + if (!empty($query)) { + $conditions[] = "titre LIKE '%$query%'"; + } + + if (!empty($length)) { + $conditions[] = "duree = $length"; + } + + if (!empty($tags)) { + $tagConditions = array_map(function ($tag) { + return "EXISTS (SELECT 1 FROM exercices_themes et, themes t WHERE et.exercice_id = e.id AND et.theme_id = t.id AND t.name = '$tag')"; + }, $tags); + + $conditions[] = implode(" AND ", $tagConditions); + } + + $sql .= implode(" AND ", $conditions); + + // Execute the query + $result = $conn->query($sql); + + if (!$result) { + throw new Exception("Error executing search query: " . $conn->error); + } + + $exercises = []; + + while ($row = $result->fetch_assoc()) { + $exercises[] = $row; + } + + $conn->close(); + + return $exercises; +} + ?> \ No newline at end of file diff --git a/readme.md b/readme.md index dbe5f06..ead639c 100644 --- a/readme.md +++ b/readme.md @@ -27,6 +27,8 @@ D'autres fonctionnalités seront ajoutées petit à petit. (si vous avez des sug | titre | VARCHAR(255) | NOT NULL | | commentaire_auteur | TEXT | | | document_id | INT | FOREIGN KEY (document_id) REFERENCES documents(id) | +| duree | INT | | +(la durée est en secondes) ### Table: ensemble diff --git a/televerser.php b/televerser.php index 3924b85..ac3de7b 100644 --- a/televerser.php +++ b/televerser.php @@ -8,12 +8,9 @@
+ + + + + + + +