site-accueil-insa/admin/ville.php

213 lines
7.2 KiB
PHP
Raw Normal View History

2022-07-24 19:54:06 +02:00
<?php
include "script.php";
2022-08-03 14:19:19 +02:00
$refresh_rate = 15; //refresh rate en seconde (en gros on refresh la page toute les 15sec)
2022-07-24 19:54:06 +02:00
if($user['perm'] < 1) {
header('Location: deco.php');
}
2022-07-30 23:20:40 +02:00
// ajout d'une epreuve
if(isset($_POST['add_epreuve'])){
2023-06-27 15:01:01 +02:00
//$upload_state prend plusieurs valeurs :
// 1 si tout est valide et l'image n'existe pas déjà
// 0 si une verification a invalidé le fichier
// 2 si l'image existe déjà mais l'upload est valide, on va alors utiliser le nom pour la bdd
2023-07-02 20:08:35 +02:00
if(isset($_FILES["photo"])){
$EXT_WHITELIST = array("gif","jpg","jpeg","raw","png","svg");
2023-06-27 15:01:01 +02:00
2023-07-02 20:08:35 +02:00
/* gestion des uploads d'images indices */
$target_dir = "../assets/img/com_ville/";
$target_file = $target_dir . basename($_FILES["photo"]["name"]);
2023-06-27 15:01:01 +02:00
$upload_state = 1;
2023-07-02 20:08:35 +02:00
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
// Check if image file is a actual image or fake image
$check = $_FILES["photo"]["size"] > pow(2,2);;
if($check !== false) {
$upload_state = 1;
} else {
$upload_state = 0;
}
if (file_exists($target_file)) {
$upload_state = 2;
}
// limite de taille
if ($_FILES["photo"]["size"] > pow(2,25)) {
$upload_state = 0;
}
// check le type de fichier
if (!in_array($imageFileType,$EXT_WHITELIST)){
$upload_state = 0;
}
$file_name = "";
switch($upload_state){
case 1:
move_uploaded_file($_FILES["photo"]["tmp_name"],$target_file);
$file_name = htmlspecialchars($_FILES["photo"]["name"]);
break;
case 2:
$file_name = htmlspecialchars($_FILES["photo"]["name"]);
break;
case 0:
?> <script>
alert("L'image envoyée n'a pas passées tout les tests de vérifications.");
</script>
<?php
break;
}
2023-06-27 15:01:01 +02:00
}
2023-07-02 20:08:35 +02:00
2023-06-27 15:01:01 +02:00
$_POST['est_finale'] = $_POST['est_finale'] == 'on' ? true : false;
$req = $db->prepare("INSERT INTO ville_epreuve(indice,reponse,photo,id_equipe,est_finale,ordre,est_trouvee) VALUES(?,?,?,?,?,?,?)");
$req->execute(array(htmlspecialchars($_POST['indice']),
htmlspecialchars($_POST['reponse']),
2023-06-27 15:01:01 +02:00
$file_name,
(int)htmlspecialchars($_POST['id_equipe']),
(bool)htmlspecialchars($_POST['est_finale']),
(int)htmlspecialchars($_POST['ordre']),
false
));
2023-06-27 15:01:01 +02:00
}
//ajout d'une equipe
if(isset($_POST['add_equipe'])){
$req = $db->prepare("INSERT INTO ville_equipe(nom,temps) VALUES(?,?)");
$req->execute(array(htmlspecialchars($_POST['nom']),NULL));
}
// suppression d'une équipe
if(isset($_POST['del_equipe'])){
$req = $db->prepare("DELETE FROM ville_equipe WHERE id=?");
$req->execute(array(htmlspecialchars((int)$_POST['id_ekip'])));
}
//suppression d'une épreuve
if(isset($_POST['del_epreuve'])){
$req = $db->prepare("DELETE FROM ville_epreuve WHERE id=?");
$req->execute(array((int)$_POST['id_epreuve']));
}
2022-07-30 23:20:40 +02:00
2023-06-27 15:01:01 +02:00
2022-07-24 19:54:06 +02:00
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Admin / Com'ville</title>
2022-08-03 14:19:19 +02:00
<link rel="stylesheet" type="text/css" href="com_ville.css" />
2022-07-24 19:54:06 +02:00
</head>
<body>
<main>
2023-06-27 15:01:01 +02:00
<form method="POST" enctype="multipart/form-data">
<input type="text" name="indice" placeholder="indice" class="input_inline">
<input type="text" name="reponse" placeholder="réponse" class="input_inline">
2023-06-27 15:01:01 +02:00
<input type="file" name="photo" placeholder="image.png" id="photo" class="input_inline">
<input type="number" name="id_equipe" id="id_equipe" class="input_inline" value="<?= isset($_GET["ekip"]) ? (int)$_GET["ekip"]:1;?>">
<label for="id_equipe">id de l'équipe</label>
2023-06-27 15:01:01 +02:00
<br>
<input type="radio" name="est_finale" id="est_finale" class="input_inline">
<label for="est_finale">ultime épreuve</label>
<input type="number" name="ordre" id="ordre" class="input_inline">
<label for="ordre">ordre de l'épreuve</label>
<input type="submit" name="add_epreuve" value="Ajouter l'épreuve" class="submit_inline">
</form>
<hr>
<form method="POST">
<input type="text" name="nom" placeholder="nom de l'équipe" class="input_inline">
<input type="submit" name="add_equipe" value="Ajouter l'équipe" class="submit_inline">
</form>
<h4>Equipes déjà enregistrées :</h4>
<table class="acces">
2022-07-30 23:20:40 +02:00
<?php
$req = $db->query('SELECT * FROM ville_equipe');
while($equipe = $req->fetch()) {
echo "<th><a href=\"?ekip=".$equipe['id']."\">".htmlspecialchars($equipe['nom'])."(".$equipe['id'].")"."<a></th><wbr>";
2022-07-30 23:20:40 +02:00
}
2022-07-30 23:20:40 +02:00
?>
</table>
<hr>
<?php
$ekip = isset($_GET["ekip"]) ? (int)$_GET["ekip"]:1;
$req = $db->prepare('SELECT * FROM ville_epreuve WHERE id_equipe=?');
$req->execute(array($ekip));
?>
<form method="GET">
<input type="number" name="ekip" id="ekip" placeholder="numéro de l'équipe" class="input_inline">
<label for="ekip">Numéro de l'équipe dont tu veux voir le tableau</label>
<input type="submit" name="aff_equipe" value="Afficher le tableau de l'équipe" class="submit_inline">
</form>
2022-07-30 23:20:40 +02:00
<table class="acces">
2022-07-24 23:12:31 +02:00
<tr>
<th width="10%">ID (db)</th>
<th width="70%">Indice</th>
<th width="10%">Reponse</th>
<th width="10%">Photos</th>
<th width="10%">Id_equipe</th>
<th width="10%">Est finale</th>
<th width="10%">Ordre</th>
<th width="10%">Est trouvée</th>
<th width="10%">Action</th>
2022-07-24 23:12:31 +02:00
</tr>
2022-07-30 23:20:40 +02:00
<?php
2022-07-30 23:20:40 +02:00
while($epreuve = $req->fetch()) {
?>
<tr>
<td><?= $epreuve['id'] ?></td>
<td><?= $epreuve['indice'] ?></td>
<td><?= $epreuve['reponse'] ?></td>
<td><?php if(isset($epreuve['photo'])) { ?><img src="../assets/img/com_ville/<?= $epreuve['photo'] ?>" style="height: 100px;"><?php } else { echo "<font color='red'>no photos</font>"; }?></td>
<td><?= $epreuve['id_equipe'] ?></td>
<td><?= $epreuve['est_finale'] == 0 ? "non":"oui" ?></td>
<td><?= $epreuve['ordre'] ?></td>
<td><?= $epreuve['est_trouvee'] == 0 ? "non":"oui" ?></td>
<td>
<form method="POST">
<input type="text" name="del_epreuve" value="del_epreuve" hidden>
<input type="number" value="<?=$epreuve['id']?>" name="id_epreuve" hidden>
<input type="submit" value="supprimer">
</form>
</td>
2022-07-30 23:20:40 +02:00
</tr>
<?php } ?>
</table>
<?php ?>
2022-07-24 19:54:06 +02:00
</main>
</body>
</html>