connect_error) { die("Connection failed: " . $conn->connect_error); } $sql = "INSERT INTO ensembles (commentaire_auteur) VALUES(\"".htmlspecialchars($request['commentaire_auteur'])."\")"; try{ $conn->execute_query($sql); saveFilesFromPost($request,mysqli_insert_id($conn)); }catch(Exception $e){ echo(json_encode(["status"=>"0","msg"=>$e->getMessage()])); } } function saveFilesFromPost($postData,$id_ensemble) { global $conn; // Check if the $_POST variable is set and contains files //echo(print_r($_FILES,true)); if (isset($_FILES) && is_array($_FILES)) { // Iterate through each file in the $_FILES array $safe_type = intval($postData['type']); $i = 0; foreach ($_FILES as $file) { // Extract file information if (isset($file['name'])){ $fileName = htmlspecialchars($file['name']); if(!check_ext($fileName)){ echo(json_encode(["status"=>"0","msg"=>"Error saving file '$uniqueFileName'"])); exit; } }else{ echo("WTFFF"); print_r($file); } // Create a unique filename to avoid overwriting existing files $uniqueFileName = uniqid() . '_' . $fileName; // Define the path to save the file $filePath = $GLOBALS['uploadDir'] . $uniqueFileName; //echo($filePath."\n"); // Save the file if (move_uploaded_file($file['tmp_name'], $filePath)) { echo(json_encode(["status"=>"1","msg" =>"File '$uniqueFileName' has been saved successfully."])); } else { echo(json_encode(["status"=>"0","msg"=>"Error saving file '$uniqueFileName'"])); exit; } try{ //update the database $safe_titre = htmlspecialchars($postData['titre']); global $max_val_type; if ($safe_type < 1 || $safe_type > $max_val_type) { echo(json_encode(['status'=> '2','msg'=>"Le type de document spécifié n'existe pas."])); exit; } // pour tester, pas implémenté les commentaires globaux ni les themes $sql="INSERT INTO documents (titre,type,upload_path,commentaire_auteur,ensemble_id) VALUES(?,?,?,?,?)"; $conn->execute_query($sql,array($safe_titre,$safe_type,"archives/".$uniqueFileName,$postData['commentaire_doc_'.$i],$id_ensemble)); }catch(Exception $e){ echo(json_encode(['status'=> '0','msg'=>$e->getMessage()])); //exit; } $i ++; } // enregistrement des exercices dans le cas d'une annale if($safe_type == 1){ $exercices = json_decode($postData['exercices'],true); foreach ($exercices as $key => $ex) { // premièrement, on enregistre l'exercice $sql= 'INSERT INTO exercices (commentaire_auteur,ensemble_id,duree) VALUES(?,?,?)'; $conn->execute_query($sql,array($ex["commentaire_exo"],$id_ensemble,intval($ex["duree"]))); $id_exo = mysqli_insert_id($conn); // on recherche pour chaque thème s'il n'existe pas déjà, // si non, on en créer un nouveau foreach($ex["themes"] as $theme){ // pour l'instant un match complet mais on va essayer d'ameliorer ça avec // des regex $sql= "SELECT id FROM themes WHERE name=\"".htmlspecialchars($theme)."\""; $result = $conn->execute_query($sql); if ($result){ if (mysqli_num_rows($result) > 0) { $row = mysqli_fetch_assoc($result); $id_theme = $row["id"]; }else{ echo("creation d'un theme"); $sql = "INSERT INTO themes (name) VALUES(?)"; $conn->execute_query($sql,array($theme)); $id_theme = mysqli_insert_id($conn); } // ensuite, on enregistre les qui lui sont associés $sql= 'INSERT INTO exercices_themes (exercice_id,theme_id) VALUES(?,?)'; $result = $conn->execute_query($sql,array($id_exo,$id_theme)); echo("enregistrement d'un exercice"); } } } } } else { echo(json_encode(["status"=>"2","msg"=>"No files in the POST data."])); exit; } } function RechercheExercices($query, $length, $tags) { global $conn; // Build the SQL query based on the search parameters $sql = "SELECT * FROM documents AS d INNER JOIN ensembles AS e ON d.ensemble_id = e.id WHERE e.valide=TRUE"; $conditions = []; if (!empty($query)) { $query = htmlspecialchars($query); $conditions[] = "titre LIKE '%$query%'"; } if (!empty($length)) { $conditions[] = "duree = $length"; } if (!empty($tags)) { $tagConditions = array_map(function ($tag) { $tag = htmlspecialchars($tag); return "EXISTS (SELECT * FROM exercices_themes AS et INNER JOIN themes AS t ON et.exercice_id = t.id WHERE et.theme_id = t.id AND t.name = '$tag' AND)"; }, $tags); $conditions[] = implode(" AND ", $tagConditions); } $sql .= implode(" AND ", $conditions); //echo $sql; // Execute the query $result = $conn->query($sql); if (!$result) { throw new Exception("Error executing search query: " . $conn->error); } $exercises = []; while ($row = $result->fetch_assoc()) { $exercises[] = $row; } $conn->close(); return $exercises; } ?>