Compare commits
No commits in common. "414b460e20be7c148d984f2265a8c665bbd6f12e" and "f4596236de668151d03821a8f22e208febd9be86" have entirely different histories.
414b460e20
...
f4596236de
12 changed files with 70 additions and 161 deletions
12
api.php
12
api.php
|
|
@ -45,10 +45,9 @@
|
|||
$query = isset($_GET["req"]) ? $_GET["req"] : "";
|
||||
$length = isset($_GET["duree"]) ? $_GET["duree"] : "";
|
||||
$themes = isset($_GET["themes"]) ? explode(",", $_GET["themes"]) : [];
|
||||
$tout_les_insa = isset($_GET["tout_les_insa"]) ? true : false;
|
||||
//print_r($_GET);
|
||||
try {
|
||||
$results = RechercheExercices($query, $length, $themes,$tout_les_insa);
|
||||
$results = RechercheExercices($query, $length, $themes);
|
||||
echo json_encode(["status" => "1", "resultats" => $results]);
|
||||
} catch (Exception $e) {
|
||||
echo json_encode(["status" => "0", "msg" => $e->getMessage()]);
|
||||
|
|
@ -162,10 +161,10 @@
|
|||
case "aj_doc":
|
||||
if($user_auth){
|
||||
|
||||
/*if(!$csrf->validate($context='televersement',$_POST["jeton-csrf"])){
|
||||
if(!$csrf->validate($context='televersement',$_POST["jeton-csrf"])){
|
||||
echo( json_encode(["status"=> "2","msg"=>"jeton csrf manquant ou invalide. ( contenu du champ : ".$_POST["jeton-csrf"]." )"]) );
|
||||
break;
|
||||
}*/
|
||||
}
|
||||
|
||||
try{
|
||||
ajouter_doc($_POST);
|
||||
|
|
@ -250,15 +249,14 @@
|
|||
|
||||
$username = $_POST['username'];
|
||||
$password = $_POST['password'];
|
||||
$nom_insa = $_POST['nom_insa'];
|
||||
|
||||
$password_hash = password_hash($password, PASSWORD_DEFAULT);
|
||||
|
||||
$succes = inscription_utilisateur(htmlspecialchars($username),$password_hash,$nom_insa);
|
||||
$succes = inscription_utilisateur(htmlspecialchars($username),$password_hash);
|
||||
if($succes){
|
||||
echo( json_encode(["status"=> 1,"msg"=> "Utilisateur inscrit !" ]) );
|
||||
}else{
|
||||
echo( json_encode(["status"=> "0","msg"=> "Une erreur est survenue lors de votre inscription ou vous avez essayé de modifier le contenu de la requête :/" ]) );
|
||||
echo( json_encode(["status"=> "0","msg"=> "Une erreur est survenue lors de votre inscription :/" ]) );
|
||||
}
|
||||
|
||||
break;
|
||||
|
|
|
|||
94
bdd.php
94
bdd.php
|
|
@ -53,14 +53,14 @@ function ajouter_doc($request){
|
|||
die("Connection failed: " . $conn->connect_error);
|
||||
}
|
||||
|
||||
$sql = "INSERT INTO ensembles (commentaire_auteur,corrige_inclu,date_conception,id_auteur) VALUES(?,?,?,?)";
|
||||
$sql = "INSERT INTO ensembles (commentaire_auteur,corrige_inclu,date_conception) VALUES(?,?,?)";
|
||||
|
||||
try{
|
||||
$stm = $conn->prepare($sql);
|
||||
$request['commentaire_auteur'] = htmlspecialchars($request["commentaire_auteur"]);
|
||||
$request["corrige_inclu"] = boolval($request["corrige_inclu"]);
|
||||
$request["date_conception"] = htmlspecialchars($request["date_conception"]);
|
||||
$stm->bind_param("sisi",$request['commentaire_auteur'],$request["corrige_inclu"],$request["date_conception"],$_SESSION["user_id"]);
|
||||
$stm->bind_param("sis",$request['commentaire_auteur'],$request["corrige_inclu"],$request["date_conception"]);
|
||||
$stm->execute();
|
||||
//$conn->execute_query($sql,array(htmlspecialchars($request['commentaire_auteur']),boolval($request["corrige_inclu"])));
|
||||
|
||||
|
|
@ -218,86 +218,67 @@ function saveFilesFromPost($postData,$id_ensemble) {
|
|||
}
|
||||
}
|
||||
|
||||
function RechercheExercices($query, $length, $tags, $tout_les_insa)
|
||||
function RechercheExercices($query, $length, $tags)
|
||||
{
|
||||
global $conn;
|
||||
|
||||
// Start with the base SQL query
|
||||
$sql = "SELECT * FROM documents AS d INNER JOIN ensembles AS e ON d.ensemble_id = e.id JOIN users as u ON u.id=e.id_auteur WHERE e.valide=TRUE";
|
||||
// Build the SQL query based on the search parameters
|
||||
$sql = "SELECT * FROM documents AS d INNER JOIN ensembles AS e ON d.ensemble_id = e.id WHERE e.valide=TRUE ";
|
||||
|
||||
// Array to hold the parameters
|
||||
$params = [];
|
||||
$types = ""; // Types for the bind_param function
|
||||
$conditions = [];
|
||||
|
||||
// Handle the INSA restriction
|
||||
if (!$tout_les_insa) {
|
||||
$sql .= " AND u.nom_insa = ?";
|
||||
$params[] = $_SESSION["nom_insa"];
|
||||
$types .= "s"; // Assuming nom_insa is a string
|
||||
}
|
||||
|
||||
// Handle the search query
|
||||
if (!empty($query)) {
|
||||
$query_words = preg_split("/\s+/", htmlspecialchars($query));
|
||||
|
||||
// va essayer de retrouver tout les mots de la requête dans le titre
|
||||
$query = htmlspecialchars($query);
|
||||
$query_words = preg_split("[ ]",$query);
|
||||
|
||||
foreach ($query_words as $word) {
|
||||
$sql .= " AND titre LIKE ?";
|
||||
$params[] = "%$word%";
|
||||
$types .= "s";
|
||||
$conditions[] = "AND titre LIKE '%$word%'";
|
||||
}
|
||||
}
|
||||
|
||||
// Handle the length filter
|
||||
if (!empty($length)) {
|
||||
$sql .= " AND duree = ?";
|
||||
$params[] = $length;
|
||||
$types .= "i"; // Assuming duree is an integer
|
||||
$conditions[] = "duree = $length";
|
||||
}
|
||||
|
||||
// Handle the tags filter
|
||||
if (!empty($tags)) {
|
||||
foreach ($tags as $tag) {
|
||||
$tagConditions = array_map(function ($tag) {
|
||||
$tag = htmlspecialchars($tag);
|
||||
$sql .= " AND EXISTS (SELECT * FROM exercices_themes AS et INNER JOIN themes AS t ON et.exercice_id = t.id WHERE et.theme_id = t.id AND t.name = ?)";
|
||||
$params[] = $tag;
|
||||
$types .= "s";
|
||||
}
|
||||
return "EXISTS (SELECT * FROM exercices_themes AS et INNER JOIN themes AS t ON et.exercice_id = t.id WHERE et.theme_id = t.id AND t.name = '$tag')";
|
||||
}, $tags);
|
||||
|
||||
$conditions[] = implode(" AND ", $tagConditions);
|
||||
}
|
||||
|
||||
// Prepare the SQL statement
|
||||
$stmt = $conn->prepare($sql);
|
||||
|
||||
if ($stmt === false) {
|
||||
throw new Exception("Error preparing the query: " . $conn->error);
|
||||
}
|
||||
|
||||
// Bind the parameters dynamically
|
||||
if (!empty($params)) {
|
||||
$stmt->bind_param($types, ...$params);
|
||||
}
|
||||
|
||||
$sql .= implode(" AND ", $conditions);
|
||||
//echo $sql;
|
||||
// Execute the query
|
||||
if (!$stmt->execute()) {
|
||||
throw new Exception("Error executing the search query: " . $stmt->error);
|
||||
$result = $conn->query($sql);
|
||||
|
||||
if (!$result) {
|
||||
throw new Exception("Error executing search query: " . $conn->error);
|
||||
}
|
||||
|
||||
// Fetch the results
|
||||
$result = $stmt->get_result();
|
||||
$exercises = [];
|
||||
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$exercises[] = $row;
|
||||
}
|
||||
|
||||
// Clean up
|
||||
$stmt->close();
|
||||
$conn->close();
|
||||
|
||||
return $exercises;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
function valider_ensemble($ensembleId) {
|
||||
|
||||
$sql = "UPDATE ensembles SET valide = 1 WHERE id = $ensembleId";
|
||||
|
|
@ -371,22 +352,20 @@ function connecter_utilisateur($username,$password){
|
|||
|
||||
$ret = 0;
|
||||
|
||||
$stmt = $conn->prepare("SELECT id,password_hash,admin,nom_insa FROM users WHERE username = ?");
|
||||
$stmt = $conn->prepare("SELECT password_hash,admin FROM users WHERE username = ?");
|
||||
$stmt->bind_param("s", $username);
|
||||
$stmt->execute();
|
||||
$stmt->store_result();
|
||||
|
||||
if ($stmt->num_rows > 0) {
|
||||
|
||||
$stmt->bind_result($id,$password_hash,$admin,$nom_insa);
|
||||
$stmt->bind_result($password_hash,$admin);
|
||||
$ret = $stmt->fetch();
|
||||
|
||||
if (password_verify($password, $password_hash)) {
|
||||
$_SESSION["utilisateur_authentifie"] = true;
|
||||
$_SESSION["username"] = $username;
|
||||
$_SESSION["admin"] = $admin;
|
||||
$_SESSION["nom_insa"] = $nom_insa;
|
||||
$_SESSION["user_id"] = $id;
|
||||
$ret = 1;
|
||||
} else {
|
||||
$ret = 0;
|
||||
|
|
@ -400,17 +379,12 @@ function connecter_utilisateur($username,$password){
|
|||
}
|
||||
|
||||
|
||||
function inscription_utilisateur($username,$password_hash,$nom_insa){
|
||||
function inscription_utilisateur($username,$password_hash){
|
||||
|
||||
global $conn;
|
||||
|
||||
if(!in_array($nom_insa,["insa_toulouse","insa_lyon","insa_rennes","insa_cvl","insa_hdf","insa_rouen","insa_strasbourg","insa_hdf"])){
|
||||
$ret = 0;
|
||||
return $ret;
|
||||
}
|
||||
|
||||
$stmt = $conn->prepare("INSERT INTO users (username, password_hash,nom_insa) VALUES (?, ?,?)");
|
||||
$stmt->bind_param("sss", $username, $password_hash,$nom_insa);
|
||||
$stmt = $conn->prepare("INSERT INTO users (username, password_hash) VALUES (?, ?)");
|
||||
$stmt->bind_param("ss", $username, $password_hash);
|
||||
|
||||
$ret = $stmt->execute();
|
||||
|
||||
|
|
@ -421,8 +395,6 @@ function inscription_utilisateur($username,$password_hash,$nom_insa){
|
|||
$_SESSION["utilisateur_authentifie"] = true;
|
||||
$_SESSION["username"] = $username;
|
||||
$_SESSION["admin"] = 0;
|
||||
$_SESSION["nom_insa"] = $nom_insa;
|
||||
$_SESSION["user_id"] = $conn->insert_id;
|
||||
}
|
||||
|
||||
return $ret;
|
||||
|
|
|
|||
|
|
@ -195,14 +195,4 @@
|
|||
.secondary-text {
|
||||
font-size: 14px;
|
||||
color: #777;
|
||||
}
|
||||
|
||||
#recherche_input{
|
||||
height: 4vw;
|
||||
}
|
||||
|
||||
|
||||
.checkbox{
|
||||
height: 20px;
|
||||
width: 20px;
|
||||
}
|
||||
|
|
@ -118,10 +118,3 @@
|
|||
margin-right: auto;
|
||||
display: block;
|
||||
}
|
||||
|
||||
.label-input{
|
||||
margin-left: auto;
|
||||
margin-right: auto;
|
||||
font-size: larger;
|
||||
margin-top: 1vw;
|
||||
}
|
||||
19
index.php
19
index.php
|
|
@ -24,18 +24,9 @@
|
|||
|
||||
<h4>Comme vous pouvez le constater, on cherche quelqu'un pour le design (html + css) du site :D club.info@amicale-insat.fr</h4>
|
||||
|
||||
<?php
|
||||
if(isset($_SESSION["utilisateur_authentifie"]) && ($_SESSION["utilisateur_authentifie"] == 1)){
|
||||
?>
|
||||
<a href="deconnection.php" class="button color-red-tr" id="btn-deconnection">Se déconnecter</a>
|
||||
<?php
|
||||
}else{
|
||||
?>
|
||||
<a href="inscription.php" class="button color-red-tr" id="btn-connection">S'inscrire</a>
|
||||
<a href="connection.php" class="button color-red-tr" id="btn-connection">Se connecter</a>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
<a href="inscription.php" class="button color-red-tr" id="btn-connection">S'inscrire</a>
|
||||
<a href="connection.php" class="button color-red-tr" id="btn-connection">Se connecter</a>
|
||||
<a href="deconnection.php" class="button color-red-tr" id="btn-deconnection">Se déconnecter</a>
|
||||
<br>
|
||||
<br>
|
||||
<div id="user_status">
|
||||
|
|
@ -51,9 +42,7 @@
|
|||
<div class="barre-recherche centre-horizontal">
|
||||
<form id="recherche_form">
|
||||
<input class="champ" type="text" id="recherche_input" placeholder="Rechercher une fiche, annale ...">
|
||||
<label class="champ" for="tout-les-insa-switch">Activer la recherche sur tout les INSA</label>
|
||||
<input class="champ checkbox" type="checkbox" id="tout_les_insa_switch">
|
||||
<!--<input hidden type="submit">-->
|
||||
<input hidden type="submit">
|
||||
<input hidden class="champ" type="text" id="themes_input" placeholder="themes (appuyez sur la touche entrée entre chaque thèmes)">
|
||||
<input hidden class="champ" type="number" id="duree_input" placeholder="durée en minutes">
|
||||
</form>
|
||||
|
|
|
|||
20
init_db.php
20
init_db.php
|
|
@ -12,15 +12,6 @@ if ($conn->connect_error) {
|
|||
|
||||
// Create tables
|
||||
$sql = "
|
||||
|
||||
CREATE TABLE IF NOT EXISTS users (
|
||||
id INT AUTO_INCREMENT PRIMARY KEY,
|
||||
username VARCHAR(50) NOT NULL UNIQUE,
|
||||
password_hash VARCHAR(255) NOT NULL,
|
||||
nom_insa VARCHAR(25) NOT NULL,
|
||||
admin BOOLEAN DEFAULT 0
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS themes (
|
||||
id INT AUTO_INCREMENT PRIMARY KEY,
|
||||
name VARCHAR(255) NOT NULL
|
||||
|
|
@ -32,9 +23,7 @@ $sql = "
|
|||
valide BOOLEAN NOT NULL DEFAULT FALSE,
|
||||
corrige_inclu BOOLEAN NOT NULL DEFAULT FALSE,
|
||||
date_televersement DATETIME DEFAULT CURRENT_TIMESTAMP,
|
||||
date_conception VARCHAR(10),
|
||||
id_auteur INT,
|
||||
FOREIGN KEY (id_auteur) REFERENCES users(id)
|
||||
date_conception VARCHAR(9)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS documents (
|
||||
|
|
@ -71,6 +60,13 @@ $sql = "
|
|||
FOREIGN KEY (theme_id) REFERENCES themes(id)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS users (
|
||||
id INT AUTO_INCREMENT PRIMARY KEY,
|
||||
username VARCHAR(50) NOT NULL UNIQUE,
|
||||
password_hash VARCHAR(255) NOT NULL,
|
||||
admin BOOLEAN DEFAULT 0
|
||||
);
|
||||
|
||||
";
|
||||
|
||||
if ($conn->multi_query($sql) === TRUE) {
|
||||
|
|
|
|||
|
|
@ -25,21 +25,6 @@ session_start();
|
|||
<div class="formulaire">
|
||||
<input class="champ" id="username-input" type="text" name="username" placeholder="Nom d'utilisateur" required>
|
||||
<input class="champ" id="password-input" type="password" name="password" placeholder="Mot de passe" required>
|
||||
|
||||
<h4 class=" centre-txt label-input" for="insa-input">Selectionne ton INSA</h4>
|
||||
<select class="champ" id="insa-input" type="select" name="insa" required>
|
||||
|
||||
<option value="insa_toulouse">INSA Toulouse <3</option>
|
||||
<option value="insa_lyon">INSA Lyon</option>
|
||||
<option value="insa_rennes">INSA Rennes</option>
|
||||
<option value="insa_cvl">INSA CVL</option>
|
||||
<option value="insa_hdf">INSA HDF</option>
|
||||
<option value="insa_rouen">INSA Rouen</option>
|
||||
<option value="insa_strasbourg">INSA Strasbourg</option>
|
||||
<option value="insa_hdf">INSA HDF</option>
|
||||
|
||||
</select>
|
||||
|
||||
<button class="submit-button color-red-tr" onclick="inscription()">S'inscrire !</button>
|
||||
</div>
|
||||
<h2>Oui c'est vide oui ~\_(^-^)_/~</h2>
|
||||
|
|
|
|||
28
js/index.js
28
js/index.js
|
|
@ -1,6 +1,4 @@
|
|||
|
||||
async function rechercher(){
|
||||
|
||||
var req = document.getElementById("recherche_input").value;
|
||||
var themes = [];
|
||||
Array.from(document.getElementsByClassName("theme")).forEach(function (el) {
|
||||
|
|
@ -9,36 +7,24 @@ async function rechercher(){
|
|||
});
|
||||
var duree =document.getElementById("duree_input").value
|
||||
|
||||
|
||||
var url = "api.php/rechercher?req="+req;
|
||||
if(themes.toString() != ""){
|
||||
url = url +"&themes="+themes.toString();
|
||||
}
|
||||
|
||||
if(duree != ""){
|
||||
url = url +"&duree="+duree;
|
||||
url = url +"duree="+duree;
|
||||
|
||||
}
|
||||
console.log(url);
|
||||
|
||||
|
||||
var tout_les_insa_switch = document.getElementById("tout_les_insa_switch").checked;
|
||||
if(tout_les_insa_switch){
|
||||
url = url+"&tout_les_insa=1"
|
||||
}
|
||||
|
||||
resp = await fetch(url);
|
||||
|
||||
data = await resp.json();
|
||||
|
||||
console.log(data);
|
||||
|
||||
// vide d'abord les éléments présents dans la liste sur la page
|
||||
document.getElementById("liste_resultats").innerHTML = "";
|
||||
|
||||
// ensuite on ajoute un petit titre à la chronologie
|
||||
let titre = document.createElement("h1");
|
||||
titre.innerText = "Voilà les "+data.resultats.length+" résultats de ta recherche :";
|
||||
document.getElementById("liste_resultats").appendChild(titre);
|
||||
|
||||
if(data.status == 1){
|
||||
data.resultats.forEach(doc => {
|
||||
|
|
@ -143,6 +129,7 @@ async function gen_chronologie(){
|
|||
resp = await fetch(url);
|
||||
|
||||
data = await resp.json();
|
||||
console.log(data);
|
||||
// vide d'abord les éléments présents dans la liste sur la page
|
||||
document.getElementById("liste_resultats").innerHTML = "";
|
||||
|
||||
|
|
@ -253,21 +240,17 @@ document.addEventListener("DOMContentLoaded", (event)=>{
|
|||
gen_chronologie();
|
||||
|
||||
test_auth();
|
||||
document.getElementById("recherche_input").addEventListener("keypress", (event)=>{
|
||||
console.log("???");
|
||||
document.getElementById("recherche_input").onkeydown =function(event) {
|
||||
if (event.key === "Enter"){
|
||||
event.preventDefault();
|
||||
rechercher();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
document.getElementById("recherche_form").onsubmit = function(event){
|
||||
event.preventDefault();
|
||||
// faire tomber le clavier sur mobile
|
||||
document.activeElement.blur();
|
||||
rechercher();
|
||||
|
||||
|
||||
}
|
||||
|
||||
document.getElementById("themes_input").onkeydown =function(event) {
|
||||
|
|
@ -293,6 +276,5 @@ document.addEventListener("DOMContentLoaded", (event)=>{
|
|||
window.location.pathname = "/archinsa";
|
||||
});
|
||||
|
||||
|
||||
});
|
||||
|
||||
|
|
|
|||
|
|
@ -4,8 +4,7 @@ function inscription(){
|
|||
|
||||
formData.append("username",document.getElementById("username-input").value);
|
||||
formData.append("password",document.getElementById("password-input").value);
|
||||
console.log(document.getElementById("insa-input").value);
|
||||
formData.append("nom_insa",document.getElementById("insa-input").value)
|
||||
|
||||
formData.append("jeton-csrf",jeton_csrf);
|
||||
|
||||
fetch('api.php/inscription', {
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ function televerser_fichiers() {
|
|||
|
||||
|
||||
formData.append("type",document.getElementById("select_type").value);
|
||||
formData.append("titre",concatener_titre_inputs());
|
||||
formData.append("titre",concatenater_titre_inputs());
|
||||
formData.append("commentaire_auteur",document.getElementById("commentaire_auteur").value);
|
||||
|
||||
formData.append("corrige_inclu",document.getElementById("corrige_checkbox").value);
|
||||
|
|
|
|||
10
readme.md
10
readme.md
|
|
@ -59,9 +59,7 @@ D'autres fonctionnalités seront ajoutées petit à petit. (si vous avez des sug
|
|||
|
||||
|
||||
## TOUDOU :
|
||||
> choisir un insa à l'inscription
|
||||
> rajouter automatiquement l'insa de celui qui dépose un truc dans la table des ensembles
|
||||
> mettre un switch pour activer une recherche sur tout les insa
|
||||
> Tester le code qui a été séparé en plusieurs fichiers différents (les pages pour utilisateurs)
|
||||
|
||||
|
||||
### téléverser.php :
|
||||
|
|
@ -72,4 +70,10 @@ let ex = [{duree:"10",themes:["algèbre","analyse"],commentaire_exo:"cci est un
|
|||
;
|
||||
``
|
||||
|
||||
### _partials/_head.php
|
||||
- définir la variable $titre_page avant de l'inclure
|
||||
- va s'occuper de generer tout ce qu'on met dans les tags <head> ainsi que d'importer un fichier css du même nom que la page depuis css/<page>.css (s'il existe)
|
||||
### _partials/_footer.php
|
||||
- tout ce qu'on veut faire en fin de chargement de page
|
||||
- va inclure un script depuis js/<page>.js (s'il existe).
|
||||
|
||||
|
|
|
|||
|
|
@ -6,15 +6,16 @@ session_start();
|
|||
|
||||
$csrf = new CSRF();
|
||||
|
||||
// Check if user is logged in and is an admin
|
||||
if (!isset($_SESSION["utilisateur_authentifie"]) || $_SESSION["utilisateur_authentifie"] !== true || !$_SESSION["admin"]) {
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
include("session_verif.php");
|
||||
|
||||
|
||||
include("test_creds.php");
|
||||
|
||||
$conn = new mysqli($servername, $username, $password,$dbname);
|
||||
|
||||
admin_seulement();
|
||||
|
||||
|
||||
// Function to fetch and display documents
|
||||
function generer_chronologie() {
|
||||
|
|
|
|||
Loading…
Reference in a new issue