rebillar/site-accueil-insa
1
1
Fork 1
forked from vergnet/site-accueil-insa
Code Issues Pull requests Releases Wiki Activity

Improved permission management and debug mode detection

Browse source
This commit is contained in:
keplyx 2019-07-25 09:56:54 +02:00
parent d7e0a63580
commit 8484840bcf
15 changed files with 100 additions and 76 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

52
admin/index.php
View file

@ -2,21 +2,59 @@
ob_start(); // Start reading html ob_start(); // Start reading html
$relativePath = "../"; $relativePath = "../";
?> ?>
<div class="inner"> <div class="inner">
<h1>ADMIN</h1> <h1>ADMIN</h1>
<h2>Bienvenue sur la page d'administration</h2> <h2>Bienvenue sur la page d'administration</h2>
<p>
Sur cette page, tu vas pouvoir animer le site en changeant les scores, le planning ou les informations de la
carte.
<br/>
Attention, tu dois avoir le compte approprié pour pouvoir modifier ces informations.
<br/>
Les comptes sont les suivants (le numéro indique le niveau de privilèges) :
</p>
<ol>
<li>
Prof
</li>
<li>
Admin
</li>
<li>
Webmaster
</li>
</ol>
<p>
Un compte hérite des privilèges de tous ceux ayant un niveau inférieur.
<br/>
Donc ici, Webmaster les possède tous.
</p>
<div class="admin-container">
<h4>
Action des profs
</h4>
<a href="scores.php">Editer les scores</a> <a href="scores.php">Editer les scores</a>
<br> </div>
<a href="map.php">Editer le texte de la carte</a> <div class="admin-container">
<br> <h4>
Action des admins
</h4>
<a href="planning.php">Editer le planning</a> <a href="planning.php">Editer le planning</a>
</div> </div>
<div class="admin-container">
<h4>
Action des webmasters
</h4>
<a href="map.php">Editer le texte de la carte</a>
</div>
</div>
<link rel="stylesheet" type="text/css" media="screen" href="<?= $relativePath ?>assets/css/adminEdit.css"/>
<?php <?php
$pageContent = ob_get_clean(); // Store html content in variable $pageContent = ob_get_clean(); // Store html content in variable
$pageTitle = "ADMIN"; $pageTitle = "ADMIN";
include($relativePath . "includes/template.php"); // Display template with variable content include($relativePath . "includes/template.php"); // Display template with variable content
?> ?>

4
admin/map.php
View file

@ -47,10 +47,10 @@ include($relativePath . "includes/template.php"); // Display template with varia
function setup_map_dropdown() function setup_map_dropdown()
{ {
$dao = new Dao('../'); $dao = new Dao();
foreach ($dao->get_map_selectors() as $row) { foreach ($dao->get_map_selectors() as $row) {
echo "<option value='" . $row['selector'] . "'>" . $row['selector'] . "</option>"; echo "<option value='" . $row['selector'] . "'>" . $row['selector'] . "</option>";
} }
} }
?> ?>

12
admin/planning.php
View file

@ -39,7 +39,7 @@ require_once $relativePath . 'classes/dao.php';
<a href="index.php" class="admin-back-button"> <a href="index.php" class="admin-back-button">
Retour sur la page admin Retour sur la page admin
</a> </a>
<a href="<?= $relativePath ?>map.php" class="website-back-button"> <a href="<?= $relativePath ?>planning.php" class="website-back-button">
Retour sur le site Retour sur le site
</a> </a>
</div> </div>
@ -56,12 +56,4 @@ $pageScripts = "<script type=\"text/javascript\" src=\"../assets/js/planningMana
include($relativePath . "includes/template.php"); // Display template with variable content include($relativePath . "includes/template.php"); // Display template with variable content
function setup_map_dropdown() ?>
{
$dao = new Dao('../');
foreach ($dao->get_map_selectors() as $row) {
echo "<option value='" . $row['selector'] . "'>" . $row['selector'] . "</option>";
}
}
?>

18
admin/scores.php
View file

@ -59,20 +59,4 @@ $pageScripts = "<script type=\"text/javascript\" src=\"../assets/js/statsManager
include($relativePath . "includes/template.php"); // Display template with variable content include($relativePath . "includes/template.php"); // Display template with variable content
function get_stats($team, $path) ?>
{
$dao = new Dao($path);
foreach ($dao->get_score_team($team) as $row) {
$text = $row['text'];
$points = $row['points'];
?>
<tr class="entry">
<td class="edit-text"><input type='text' value="<?= $text ?>"/></td>
<td class="edit-points"><input type='number' value="<?= $points ?>"/></td>
<td class='remove-line'><i class="fas fa-trash"></td>
</tr>
<?php
}
}
?>

8
ajax/read/index.php
View file

@ -15,7 +15,7 @@ if (isset($_GET['function'])) {
function get_scores() { function get_scores() {
if (isset($_GET['team'])) { if (isset($_GET['team'])) {
header('Content-Type: application/json'); header('Content-Type: application/json');
$dao = new Dao('../'); $dao = new Dao();
echo json_encode($dao->get_score_team($_GET['team'])); echo json_encode($dao->get_score_team($_GET['team']));
} else { } else {
show_error(); show_error();
@ -25,7 +25,7 @@ function get_scores() {
function get_map_info() { function get_map_info() {
if (isset($_GET['selector'])) { if (isset($_GET['selector'])) {
header('Content-Type: application/json'); header('Content-Type: application/json');
$dao = new Dao('../'); $dao = new Dao();
echo json_encode($dao->get_map_info($_GET['selector'])); echo json_encode($dao->get_map_info($_GET['selector']));
} else { } else {
show_error(); show_error();
@ -36,7 +36,7 @@ function get_map_info() {
function get_activities_of_day() { function get_activities_of_day() {
if (isset($_GET['day'])) { if (isset($_GET['day'])) {
header('Content-Type: application/json'); header('Content-Type: application/json');
$dao = new Dao('../'); $dao = new Dao();
echo json_encode($dao->get_activities_of_day($_GET['day'])); echo json_encode($dao->get_activities_of_day($_GET['day']));
} else { } else {
show_error(); show_error();
@ -48,4 +48,4 @@ function get_activities_of_day() {
function show_error() { function show_error() {
echo "Échec : "; echo "Échec : ";
var_dump($_GET); var_dump($_GET);
} }

12
ajax/write/master.php
View file

@ -3,15 +3,15 @@ require_once '../../classes/dao.php';
if (isset($_GET['function'])) { if (isset($_GET['function'])) {
if ($_GET['function'] == "save_day_activities") if ($_GET['function'] == "save_map_info")
save_day_activities(); save_map_info();
} else } else
show_error(); show_error();
function save_day_activities() { function save_map_info() {
if (isset($_GET['day']) && isset($_GET['entries'])) { if (isset($_GET['selector']) && isset($_GET['info'])) {
$dao = new Dao('../'); $dao = new Dao();
$dao->save_day_activities($_GET['day'], $_GET['entries']); $dao->save_map_info($_GET['selector'], $_GET['info']);
echo "Réussite"; echo "Réussite";
} else { } else {
show_error(); show_error();

12
ajax/write/planning.php
View file

@ -3,15 +3,15 @@ require_once '../../classes/dao.php';
if (isset($_GET['function'])) { if (isset($_GET['function'])) {
if ($_GET['function'] == "save_map_info") if ($_GET['function'] == "save_day_activities")
save_map_info(); save_day_activities();
} else } else
show_error(); show_error();
function save_map_info() { function save_day_activities() {
if (isset($_GET['selector']) && isset($_GET['info'])) { if (isset($_GET['day']) && isset($_GET['entries'])) {
$dao = new Dao('../'); $dao = new Dao();
$dao->save_map_info($_GET['selector'], $_GET['info']); $dao->save_day_activities($_GET['day'], $_GET['entries']);
echo "Réussite"; echo "Réussite";
} else { } else {
show_error(); show_error();

3
ajax/write/scores.php
View file

@ -11,14 +11,13 @@ if (isset($_GET['function'])) {
function save_scores() function save_scores()
{ {
if (isset($_GET['lines']) && isset($_GET['team'])) { if (isset($_GET['lines']) && isset($_GET['team'])) {
$dao = new Dao('../'); $dao = new Dao();
$dao->save_scores($_GET['lines'], $_GET['team']); $dao->save_scores($_GET['lines'], $_GET['team']);
echo "Réussite"; echo "Réussite";
} else } else
show_error(); show_error();
} }
function show_error() { function show_error() {
echo "Échec : "; echo "Échec : ";
var_dump($_GET); var_dump($_GET);

7
assets/css/adminEdit.css
View file

@ -1,3 +1,8 @@
.admin-container {
border: 1px solid #5a5a5a;
margin-bottom: 20px;
}
.edit-header .stat-log { .edit-header .stat-log {
width: 70%; width: 70%;
@ -185,4 +190,4 @@ input, textarea {
} }
.planning-trash { .planning-trash {
width: 10%; width: 10%;
} }

22
classes/dao.php
View file

@ -5,17 +5,23 @@ class Dao
private $conn; private $conn;
private $debug = true; private $debug = false;
public function __construct($path_to_password) private function get_debug_mode () {
$this->debug = file_exists(__DIR__.DIRECTORY_SEPARATOR."../DEBUG");
}
public function __construct()
{ {
$this->get_debug_mode();
if ($this->debug) { if ($this->debug) {
$username = 'phpmyadmin'; $username = 'phpmyadmin';
$password = 'coucou'; $password = $this->read_password();;
$dsn = 'mysql:dbname=phpmyadmin;host=127.0.0.1'; $dsn = 'mysql:dbname=phpmyadmin;host=127.0.0.1';
} else { } else {
$username = 'accueil_insa'; $username = 'accueil_insa';
$password = $this->read_password($path_to_password); $password = $this->read_password();
$dsn = 'mysql:dbname=accueil_insa;host=127.0.0.1'; $dsn = 'mysql:dbname=accueil_insa;host=127.0.0.1';
} }
try { try {
@ -25,13 +31,13 @@ class Dao
} }
} }
private function read_password($path_to_password) private function read_password()
{ {
if ($this->debug) if ($this->debug)
$real_path = $path_to_password . "includes/.htpassdb_debug"; $real_path = __DIR__.DIRECTORY_SEPARATOR.".htpassdb_debug";
else else
$real_path = $path_to_password . "includes/.htpassdb"; $real_path = __DIR__.DIRECTORY_SEPARATOR.".htpassdb";
$file = fopen($real_path, "r") or die("Unable to open file!");; $file = fopen($real_path, "r") or die("Unable to open DB password file!");;
$password = fgets($file); $password = fgets($file);
fclose($file); fclose($file);
return $password; return $password;

2
includes/pass/.htpass_master
View file

@ -1 +1 @@
master:$apr1$infHioAH$.fpTd.P9M23jG3dMLM4ha. Webmaster:$apr1$infHioAH$.fpTd.P9M23jG3dMLM4ha.

4
includes/pass/.htpass_planning
View file

@ -1,2 +1,2 @@
master:$apr1$infHioAH$.fpTd.P9M23jG3dMLM4ha. Webmaster:$apr1$infHioAH$.fpTd.P9M23jG3dMLM4ha.
admin:$apr1$kQeLzJ44$jOg93m9Vbz6FRkj.ViuIf. Admin:$apr1$kQeLzJ44$jOg93m9Vbz6FRkj.ViuIf.

6
includes/pass/.htpass_scores
View file

@ -1,3 +1,3 @@
master:$apr1$infHioAH$.fpTd.P9M23jG3dMLM4ha. Webmaster:$apr1$infHioAH$.fpTd.P9M23jG3dMLM4ha.
admin:$apr1$kQeLzJ44$jOg93m9Vbz6FRkj.ViuIf. Admin:$apr1$kQeLzJ44$jOg93m9Vbz6FRkj.ViuIf.
prof:$apr1$le.qklCM$DXph5TAfGT4fjbyejzv1J0 Prof:$apr1$le.qklCM$DXph5TAfGT4fjbyejzv1J0

12
includes/score_functions.php
View file

@ -1,8 +1,8 @@
<?php <?php
function get_total_points($team, $path) function get_total_points($team)
{ {
$dao = new Dao($path); $dao = new Dao();
$points = 0; $points = 0;
foreach ($dao->get_score_team($team) as $row) { foreach ($dao->get_score_team($team) as $row) {
$points += $row['points']; $points += $row['points'];
@ -10,7 +10,7 @@ function get_total_points($team, $path)
return $points; return $points;
} }
$scoreGli = get_total_points('gli', $relativePath); $scoreGli = get_total_points('gli');
$scorePek = get_total_points('pek', $relativePath); $scorePek = get_total_points('pek');
$scoreBoo = get_total_points('boo', $relativePath); $scoreBoo = get_total_points('boo');
$scoreVer = get_total_points('ver', $relativePath); $scoreVer = get_total_points('ver');

2
stats.php
View file

@ -6,7 +6,7 @@ ob_start(); // Start reading html
function get_stats($team) function get_stats($team)
{ {
$dao = new Dao(''); $dao = new Dao();
foreach ($dao->get_score_team($team) as $row) { foreach ($dao->get_score_team($team) as $row) {
$text = $row['text']; $text = $row['text'];
$points = $row['points']; $points = $row['points'];