site-accueil-insa/admin/gestion_des_acces.php

<?php
include "script.php";

if($user['perm'] < 2) {
	header('Location: deco.php');
}

if(isset($_POST['send'])) {
	if(isset($_POST['pseudo']) AND !empty($_POST['pseudo']) AND isset($_POST['mdp']) AND !empty($_POST['mdp']) AND isset($_POST['perm']) AND !empty($_POST['perm'])) {
		$pseudo = htmlspecialchars($_POST['pseudo']);
		$mdp = htmlspecialchars($_POST['mdp']);
		$perm = (int) htmlspecialchars($_POST['perm']);

		if(strlen($pseudo) <= 50) {
			$req = $db->prepare("SELECT id FROM admin WHERE pseudo = ?");
            $req->execute(array($pseudo));
            $pseudo_exist = $req->rowCount();
            if ($pseudo_exist == 0) {
				$req = $db->prepare("INSERT INTO admin(pseudo, mdp, perm) VALUES(?, ?, ?)");
				$req->execute(array($pseudo, password_hash($mdp, PASSWORD_DEFAULT), $perm));
			} else {
				$error = "pseudo déja utilisé";
			}
		} else {
			$error = "le pseudo ne doit pas dépasser 50 char";
		}
	} else {
		$error = "Tout les champs doivent être complétés";
	}
}
?>
<!DOCTYPE html>
<html>
<head>
	<meta charset="utf-8">
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<title>Admin / Accès</title>
</head>
<body>
	<main>
		<form method="POST">
			<input type="text" placeholder="identifiant" name="pseudo">
			<input type="password" placeholder="mot de passe" name="mdp">
			<select name="perm">
				<option value="0">GDA - Perm 0</option>
				<option value="1">Bureau - Perm 1</option>
				<option value="2">Admin - Perm 2</option>
			</select>
			<input type="submit" name="send" value="Creer l'acces">
		</form>
		<?php
		if(isset($error)) {
			echo "<font color='red'>".$error."</font>";
		}
		?>
		<br><br>
		<?php
		$req = $db->query('SELECT id, pseudo, perm FROM admin');
		while($admin = $req->fetch()) {
		?>
		<?= $admin['id'] ?> || <?= $admin['pseudo'] ?> || <?= $admin['perm'] ?>
		<?php } ?>
	</main>
</body>
</html>