site-accueil-insa/admin/stats.php
2022-06-16 22:52:20 +02:00

148 lines
No EOL
4 KiB
PHP

<?php
include "script.php";
$req = $db->query('SELECT id, texte, points, team, id_staff FROM scores');
if(isset($_GET['del']) AND !empty($_GET['del']))
{
$del = (int) htmlspecialchars($_GET['del']);
$req_del = $db->prepare("SELECT id_staff FROM scores WHERE id = ?");
$req_del->execute(array($del));
$staff = $req_del -> fetchAll(PDO::FETCH_ASSOC);
if($user['perm'] >= 2 OR $staff[0]['id_staff'] == $_SESSION['id']) {
$req_del = $db->prepare('DELETE FROM scores WHERE id =?');
$req_del->execute(array($del));
header('Location: stats.php');
}
}
if(isset($_POST['teamall'])) {
$req = $db->query('SELECT id, texte, points, team, id_staff FROM scores');
}
if(isset($_POST['team0'])) {
$req = $db->query('SELECT id, texte, points, team, id_staff FROM scores WHERE team = 0');
}
if(isset($_POST['team1'])) {
$req = $db->query('SELECT id, texte, points, team, id_staff FROM scores WHERE team = 1');
}
if(isset($_POST['send'])) {
if(isset($_POST['texte']) AND !empty($_POST['texte']) AND isset($_POST['point']) AND !empty($_POST['point']) AND isset($_POST['team']) AND !empty($_POST['team'])) {
$texte = htmlspecialchars($_POST['texte']);
$point = (int) htmlspecialchars($_POST['point']);
$team = htmlspecialchars($_POST['team']);
switch ($team) {
case "t0":
$team_int = 0;
break;
case "t1":
$team_int = 1;
break;
}
if(strlen($pseudo) <= 50) {
$req_ins = $db->prepare("INSERT INTO scores(texte, points, team, id_staff) VALUES(?, ?, ?, ?)");
$req_ins->execute(array($texte, $point, $team_int, $_SESSION['id']));
header('refresh:0');
} else {
$error = "le texte de doit pas dépasser 50 char";
}
} else {
$error = "Tout les champs doivent être complétés";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Admin / Stats</title>
</head>
<body>
<main>
<form method="POST">
<input type="text" placeholder="Texte" name="texte" class="input_inline">
<input type="number" placeholder="point" name="point" class="input_inline">
<select name="team" class="input_inline">
<option value="t0">Pkpeach</option>
<option value="t1">Boomario</option>
</select>
<input type="submit" name="send" value="Ajouter" class="submit_inline">
</form>
<?php
if(isset($error)) {
echo "<font color='red'>".$error."</font>";
}
?>
<br><br>
<form method="POST">
<input type="submit" name="teamall" value="All" class="submit_inline">
<input type="submit" name="team0" value="Pkpeach" class="submit_inline">
<input type="submit" name="team1" value="Boomario" class="submit_inline">
</form>
<br><br>
<table class="acces">
<tr>
<th width="10%">ID (db)</td>
<th width="40%">Texte</td>
<th width="20%">Points</td>
<th width="10%">Team</td>
<th width="10%">Staff</td>
<th width="10%">Action</td>
</tr>
<?php
while($stat = $req->fetch()) {
?>
<tr>
<td><?= $stat['id'] ?></td>
<td><?= $stat['texte'] ?></td>
<td><?= $stat['points'] ?></td>
<td><?php
switch ($stat['team']) {
case "0":
echo "Pkpeach";
break;
case "1":
echo "Boomario";
break;
}
?></td>
<td><?php
$req_adm = $db->prepare("SELECT pseudo FROM admin WHERE id = ?");
$req_adm->execute(array($stat['id_staff']));
$staff = $req_adm -> fetchAll(PDO::FETCH_ASSOC);
if(isset($staff[0]['pseudo'])) {
echo $staff[0]['pseudo']." (".$stat['id_staff'].")";
} else {
echo "<font color='red'>UNDEFINED</font> "."(".$stat['id_staff'].")";
}
?></td>
<td><?php
$req_int = $db->prepare("SELECT id_staff FROM scores WHERE id = ?");
$req_int->execute(array($stat['id']));
$staff = $req_int -> fetchAll(PDO::FETCH_ASSOC);
if($user['perm'] >= 2 OR $staff[0]['id_staff'] == $_SESSION['id']) {
?><a href="?del=<?= $stat['id'] ?>" class="cross">X</a></td><?php
}
?></td>
</tr>
<?php } ?>
</table>
</main>
</body>
</html>