forked from rebillar/site-accueil-insa
224 lines
No EOL
7.6 KiB
PHP
224 lines
No EOL
7.6 KiB
PHP
<?php
|
|
include "script.php";
|
|
|
|
$refresh_rate = 15; //refresh rate en seconde (en gros on refresh la page toute les 15sec)
|
|
|
|
if($user['perm'] < 1) {
|
|
header('Location: deco.php');
|
|
}
|
|
|
|
|
|
|
|
|
|
// ajout d'une epreuve
|
|
if(isset($_POST['add_epreuve'])){
|
|
|
|
//$upload_state prend plusieurs valeurs :
|
|
// 1 si tout est valide et l'image n'existe pas déjà
|
|
// 0 si une verification a invalidé le fichier
|
|
// 2 si l'image existe déjà mais l'upload est valide, on va alors utiliser le nom pour la bdd
|
|
if(true){
|
|
$EXT_WHITELIST = array("gif","jpg","jpeg","raw","png","svg");
|
|
echo "passe";
|
|
/* gestion des uploads d'images indices */
|
|
$target_dir = "../assets/img/com_ville/";
|
|
$target_file = $target_dir . basename($_FILES["photo"]["name"]);
|
|
$upload_state = 1;
|
|
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
|
|
// Check if image file is a actual image or fake image
|
|
$check = $_FILES["photo"]["size"] > pow(2,2);;
|
|
if($check !== false) {
|
|
$upload_state = 1;
|
|
} else {
|
|
$upload_state = 0;
|
|
}
|
|
|
|
if (file_exists($target_file)) {
|
|
$upload_state = 2;
|
|
}
|
|
|
|
// limite de taille
|
|
if ($_FILES["photo"]["size"] > pow(2,40)) {
|
|
$upload_state = 0;
|
|
}
|
|
|
|
// check le type de fichier
|
|
if (!in_array($imageFileType,$EXT_WHITELIST)){
|
|
$upload_state = 0;
|
|
}
|
|
|
|
echo $target_file;
|
|
|
|
echo $upload_state;
|
|
|
|
$file_name = "";
|
|
switch($upload_state){
|
|
case 1:
|
|
|
|
move_uploaded_file($_FILES["photo"]["tmp_name"],$target_file);
|
|
$file_name = htmlspecialchars($_FILES["photo"]["name"]);
|
|
break;
|
|
|
|
case 2:
|
|
move_uploaded_file($_FILES["photo"]["tmp_name"],$target_file);
|
|
$file_name = htmlspecialchars($_FILES["photo"]["name"]);
|
|
break;
|
|
case 0:
|
|
?> <script>
|
|
alert("L'image envoyée n'a pas passées tout les tests de vérifications.");
|
|
</script>
|
|
<?php
|
|
break;
|
|
}
|
|
}else{
|
|
?>
|
|
<script>
|
|
alert("L'image envoyée n'a pas passées tout les tests de vérifications.");
|
|
echo $_FILES["file"]["error"];
|
|
</script>
|
|
<?php
|
|
}
|
|
|
|
|
|
$_POST['est_finale'] = $_POST['est_finale'] == 'on' ? 1 : 0;
|
|
|
|
$req = $db->prepare("INSERT INTO ville_epreuve(indice,reponse,photo,id_equipe,est_finale,ordre,est_trouvee) VALUES(?,?,?,?,?,?,?)");
|
|
$req->execute(array(htmlspecialchars($_POST['indice']),
|
|
htmlspecialchars($_POST['reponse']),
|
|
$file_name,
|
|
(int)htmlspecialchars($_POST['id_equipe']),
|
|
(int)htmlspecialchars($_POST['est_finale']),
|
|
(int)htmlspecialchars($_POST['ordre']),
|
|
0
|
|
|
|
));
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
//ajout d'une equipe
|
|
if(isset($_POST['add_equipe'])){
|
|
$req = $db->prepare("INSERT INTO ville_equipe(nom,temps) VALUES(?,?)");
|
|
$req->execute(array(htmlspecialchars($_POST['nom']),NULL));
|
|
}
|
|
|
|
// suppression d'une équipe
|
|
if(isset($_POST['del_equipe'])){
|
|
$req = $db->prepare("DELETE FROM ville_equipe WHERE id=?");
|
|
$req->execute(array(htmlspecialchars((int)$_POST['id_ekip'])));
|
|
}
|
|
|
|
//suppression d'une épreuve
|
|
|
|
if(isset($_POST['del_epreuve'])){
|
|
$req = $db->prepare("DELETE FROM ville_epreuve WHERE id=?");
|
|
$req->execute(array((int)$_POST['id_epreuve']));
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
<title>Admin / Com'ville</title>
|
|
<link rel="stylesheet" type="text/css" href="com_ville.css" />
|
|
</head>
|
|
<body>
|
|
<main>
|
|
|
|
<form method="POST" enctype="multipart/form-data">
|
|
<input type="text" name="indice" placeholder="indice" class="input_inline">
|
|
<input type="text" name="reponse" placeholder="réponse" class="input_inline">
|
|
<input type="file" name="photo" placeholder="image.png" id="photo" class="input_inline">
|
|
<input type="number" name="id_equipe" id="id_equipe" class="input_inline" value="<?= isset($_GET["ekip"]) ? (int)$_GET["ekip"]:1;?>">
|
|
<label for="id_equipe">id de l'équipe</label>
|
|
<br>
|
|
<input type="radio" name="est_finale" id="est_finale" class="input_inline">
|
|
<label for="est_finale">ultime épreuve</label>
|
|
<input type="number" name="ordre" id="ordre" class="input_inline">
|
|
<label for="ordre">ordre de l'épreuve</label>
|
|
<input type="submit" name="add_epreuve" value="Ajouter l'épreuve" class="submit_inline">
|
|
</form>
|
|
|
|
<hr>
|
|
<form method="POST">
|
|
<input type="text" name="nom" placeholder="nom de l'équipe" class="input_inline">
|
|
<input type="submit" name="add_equipe" value="Ajouter l'équipe" class="submit_inline">
|
|
</form>
|
|
|
|
<h4>Equipes déjà enregistrées :</h4>
|
|
<table class="acces">
|
|
<?php
|
|
$req = $db->query('SELECT * FROM ville_equipe');
|
|
while($equipe = $req->fetch()) {
|
|
|
|
echo "<th><a href=\"?ekip=".$equipe['id']."\">".htmlspecialchars($equipe['nom'])."(".$equipe['id'].")"."<a></th><wbr>";
|
|
}
|
|
|
|
?>
|
|
</table>
|
|
<hr>
|
|
<?php
|
|
$ekip = isset($_GET["ekip"]) ? (int)$_GET["ekip"]:1;
|
|
$req = $db->prepare('SELECT * FROM ville_epreuve WHERE id_equipe=?');
|
|
$req->execute(array($ekip));
|
|
?>
|
|
<form method="GET">
|
|
<input type="number" name="ekip" id="ekip" placeholder="numéro de l'équipe" class="input_inline">
|
|
<label for="ekip">Numéro de l'équipe dont tu veux voir le tableau</label>
|
|
<input type="submit" name="aff_equipe" value="Afficher le tableau de l'équipe" class="submit_inline">
|
|
</form>
|
|
|
|
<table class="acces">
|
|
<tr>
|
|
<th width="10%">ID (db)</th>
|
|
<th width="70%">Indice</th>
|
|
<th width="10%">Reponse</th>
|
|
<th width="10%">Photos</th>
|
|
<th width="10%">Id_equipe</th>
|
|
<th width="10%">Est finale</th>
|
|
<th width="10%">Ordre</th>
|
|
<th width="10%">Est trouvée</th>
|
|
<th width="10%">Action</th>
|
|
|
|
</tr>
|
|
<?php
|
|
|
|
|
|
|
|
while($epreuve = $req->fetch()) {
|
|
?>
|
|
<tr>
|
|
<td><?= $epreuve['id'] ?></td>
|
|
<td><?= $epreuve['indice'] ?></td>
|
|
<td><?= $epreuve['reponse'] ?></td>
|
|
<td><?php if(isset($epreuve['photo'])) { ?><img src="../assets/img/com_ville/<?= $epreuve['photo'] ?>" style="height: 100px;"><?php } else { echo "<font color='red'>no photos</font>"; }?></td>
|
|
<td><?= $epreuve['id_equipe'] ?></td>
|
|
<td><?= $epreuve['est_finale'] == 0 ? "non":"oui" ?></td>
|
|
<td><?= $epreuve['ordre'] ?></td>
|
|
<td><?= $epreuve['est_trouvee'] == 0 ? "non":"oui" ?></td>
|
|
<td>
|
|
<form method="POST">
|
|
<input type="text" name="del_epreuve" value="del_epreuve" hidden>
|
|
<input type="number" value="<?=$epreuve['id']?>" name="id_epreuve" hidden>
|
|
<input type="submit" value="supprimer">
|
|
</form>
|
|
</td>
|
|
|
|
</tr>
|
|
<?php } ?>
|
|
</table>
|
|
|
|
<?php ?>
|
|
</main>
|
|
</body>
|
|
</html>
|