rebillar/site-accueil-insa
1
1
Fork 1
forked from vergnet/site-accueil-insa
Code Issues Pull requests Releases Wiki Activity

admin > ville

Browse source
This commit is contained in:
Baptiste 2022-07-24 19:54:06 +02:00
parent 595de91486
commit acd91a23f1
8 changed files with 76 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
admin/admin.css
View file

@ -46,6 +46,9 @@ nav ul li:hover {
nav ul li.green { nav ul li.green {
border-bottom: 1px solid green; border-bottom: 1px solid green;
} }
nav ul li.yellow {
border-bottom: 1px solid #3498DB;
}
nav ul li.orange { nav ul li.orange {
border-bottom: 1px solid orange; border-bottom: 1px solid orange;
} }

4
admin/enigma.php
View file

@ -1,7 +1,7 @@
<?php <?php
include "script.php"; include "script.php";
if($user['perm'] < 2) { if($user['perm'] < 3) {
header('Location: deco.php'); header('Location: deco.php');
} }
@ -9,7 +9,7 @@ $req = $db->query("SELECT * FROM enigma WHERE id = 1");
$r = $req -> fetchAll(PDO::FETCH_ASSOC); $r = $req -> fetchAll(PDO::FETCH_ASSOC);
if(isset($_POST['send'])) { if(isset($_POST['send'])) {
if($user['perm'] >= 2) { if($user['perm'] >= 3) {
if(isset($_POST['answer']) AND !empty($_POST['answer'])) { if(isset($_POST['answer']) AND !empty($_POST['answer'])) {
$ans = htmlspecialchars($_POST['answer']); $ans = htmlspecialchars($_POST['answer']);
$req = $db->prepare("UPDATE enigma SET answer = ? WHERE id = 1"); $req = $db->prepare("UPDATE enigma SET answer = ? WHERE id = 1");

47
admin/gestion_des_acces.php
View file

@ -1,13 +1,13 @@
<?php <?php
include "script.php"; include "script.php";
if($user['perm'] < 2) { if($user['perm'] < 3) {
header('Location: deco.php'); header('Location: deco.php');
} }
if(isset($_GET['del']) AND !empty($_GET['del'])) if(isset($_GET['del']) AND !empty($_GET['del']))
{ {
if($user['perm'] >= 2) { if($user['perm'] >= 3) {
$del = (int) htmlspecialchars($_GET['del']); $del = (int) htmlspecialchars($_GET['del']);
if($del != 1) { if($del != 1) {
@ -22,7 +22,7 @@ if(isset($_GET['del']) AND !empty($_GET['del']))
if(isset($_GET['gda']) AND !empty($_GET['gda'])) if(isset($_GET['gda']) AND !empty($_GET['gda']))
{ {
if($user['perm'] >= 2) { if($user['perm'] >= 3) {
$gda = (int) htmlspecialchars($_GET['gda']); $gda = (int) htmlspecialchars($_GET['gda']);
@ -36,15 +36,31 @@ if(isset($_GET['gda']) AND !empty($_GET['gda']))
} }
} }
if(isset($_GET['ville']) AND !empty($_GET['ville']))
{
if($user['perm'] >= 3) {
$ville = (int) htmlspecialchars($_GET['ville']);
if($ville != 1) {
$req = $db->prepare('UPDATE admin SET perm = ? WHERE id =?');
$req->execute(array(1,$ville));
header('Location: gestion_des_acces.php');
} else {
$error = "On ne peut pas modifier le grade du superutilisateur sauf manuellement dans la base de données !";
}
}
}
if(isset($_GET['bur']) AND !empty($_GET['bur'])) if(isset($_GET['bur']) AND !empty($_GET['bur']))
{ {
if($user['perm'] >= 2) { if($user['perm'] >= 3) {
$bur = (int) htmlspecialchars($_GET['bur']); $bur = (int) htmlspecialchars($_GET['bur']);
if($bur != 1) { if($bur != 1) {
$req = $db->prepare('UPDATE admin SET perm = ? WHERE id =?'); $req = $db->prepare('UPDATE admin SET perm = ? WHERE id =?');
$req->execute(array(1,$bur)); $req->execute(array(2,$bur));
header('Location: gestion_des_acces.php'); header('Location: gestion_des_acces.php');
} else { } else {
$error = "On ne peut pas modifier le grade du superutilisateur sauf manuellement dans la base de données !"; $error = "On ne peut pas modifier le grade du superutilisateur sauf manuellement dans la base de données !";
@ -54,13 +70,13 @@ if(isset($_GET['bur']) AND !empty($_GET['bur']))
if(isset($_GET['adm']) AND !empty($_GET['adm'])) if(isset($_GET['adm']) AND !empty($_GET['adm']))
{ {
if($user['perm'] >= 2) { if($user['perm'] >= 3) {
$adm = (int) htmlspecialchars($_GET['adm']); $adm = (int) htmlspecialchars($_GET['adm']);
if($adm != 1) { if($adm != 1) {
$req = $db->prepare('UPDATE admin SET perm = ? WHERE id =?'); $req = $db->prepare('UPDATE admin SET perm = ? WHERE id =?');
$req->execute(array(2,$adm)); $req->execute(array(3,$adm));
header('Location: gestion_des_acces.php'); header('Location: gestion_des_acces.php');
} else { } else {
$error = "On ne peut pas modifier le grade du superutilisateur sauf manuellement dans la base de données !"; $error = "On ne peut pas modifier le grade du superutilisateur sauf manuellement dans la base de données !";
@ -72,7 +88,7 @@ if(isset($_GET['adm']) AND !empty($_GET['adm']))
if(isset($_POST['send'])) { if(isset($_POST['send'])) {
if(isset($_POST['pseudo']) AND !empty($_POST['pseudo']) AND isset($_POST['perm']) AND !empty($_POST['perm'])) { if(isset($_POST['pseudo']) AND !empty($_POST['pseudo']) AND isset($_POST['perm']) AND !empty($_POST['perm'])) {
if($user['perm'] >= 2) { if($user['perm'] >= 3) {
$pseudo = htmlspecialchars($_POST['pseudo']); $pseudo = htmlspecialchars($_POST['pseudo']);
$perm = htmlspecialchars($_POST['perm']); $perm = htmlspecialchars($_POST['perm']);
@ -86,6 +102,9 @@ if(isset($_POST['send'])) {
case "v2": case "v2":
$perm_int = 2; $perm_int = 2;
break; break;
case "v3":
$perm_int = 3;
break;
} }
if(strlen($pseudo) <= 50) { if(strlen($pseudo) <= 50) {
@ -121,8 +140,9 @@ if(isset($_POST['send'])) {
<input type="text" placeholder="identifiant INSA" name="pseudo" class="input_inline"> <input type="text" placeholder="identifiant INSA" name="pseudo" class="input_inline">
<select name="perm" class="input_inline"> <select name="perm" class="input_inline">
<option value="v0">GDA - Perm 0</option> <option value="v0">GDA - Perm 0</option>
<option value="v1">Bureau - Perm 1</option> <option value="v1">Ville - Perm 1</option>
<option value="v2">Admin - Perm 2</option> <option value="v2">Bureau - Perm 2</option>
<option value="v3">Admin - Perm 3</option>
</select> </select>
<input type="submit" name="send" value="Creer l'acces" class="submit_inline"> <input type="submit" name="send" value="Creer l'acces" class="submit_inline">
</form> </form>
@ -149,12 +169,15 @@ if(isset($_POST['send'])) {
<td><?php <td><?php
switch ($admin['perm']) { switch ($admin['perm']) {
case 0: case 0:
echo "<a href='?bur=".$admin['id']."'><font color='green'>GDA</font></a>"; echo "<a href='?ville=".$admin['id']."'><font color='green'>GDA</font></a>";
break; break;
case 1: case 1:
echo "<a href='?adm=".$admin['id']."'><font color='orange'>Bureau</font></a>"; echo "<a href='?bur=".$admin['id']."'><font color='#3498DB'>Ville</font></a>";
break; break;
case 2: case 2:
echo "<a href='?adm=".$admin['id']."'><font color='orange'>Bureau</font></a>";
break;
case 3:
echo "<a href='?gda=".$admin['id']."'><font color='red'>Admin</font></a>"; echo "<a href='?gda=".$admin['id']."'><font color='red'>Admin</font></a>";
break; break;
} }

5
admin/index.php
View file

@ -62,9 +62,12 @@ if(isset($_POST['login'])) {
echo "<font color='green'>GDA</font>"; echo "<font color='green'>GDA</font>";
break; break;
case 1: case 1:
echo "<font color='orange'>Bureau</font>"; echo "<font color='#3498DB'>ville</font>";
break; break;
case 2: case 2:
echo "<font color='orange'>bureau</font>";
break;
case 3:
echo "<font color='red'>Admin</font>"; echo "<font color='red'>Admin</font>";
break; break;
} }

6
admin/planning.php
View file

@ -1,7 +1,7 @@
<?php <?php
include "script.php"; include "script.php";
if($user['perm'] < 1) { if($user['perm'] < 2) {
header('Location: deco.php'); header('Location: deco.php');
} }
@ -9,7 +9,7 @@ $req = $db->query('SELECT * FROM planning_insa');
if(isset($_GET['del']) AND !empty($_GET['del'])) if(isset($_GET['del']) AND !empty($_GET['del']))
{ {
if($user['perm'] >= 1) { if($user['perm'] >= 2) {
$del = (int) htmlspecialchars($_GET['del']); $del = (int) htmlspecialchars($_GET['del']);
$req = $db->prepare('DELETE FROM planning_insa WHERE id =?'); $req = $db->prepare('DELETE FROM planning_insa WHERE id =?');
@ -35,7 +35,7 @@ while($h = $req2->fetch()) {
$tab = array_unique($tab); //supprimer les doublons $tab = array_unique($tab); //supprimer les doublons
if(isset($_POST['send'])) { if(isset($_POST['send'])) {
if($user['perm'] >= 1) { if($user['perm'] >= 2) {
if(isset($_POST['day']) AND !empty($_POST['day']) AND isset($_POST['title']) AND !empty($_POST['title']) AND isset($_POST['description']) AND !empty($_POST['description']) AND isset($_POST['color']) AND !empty($_POST['color']) AND isset($_POST['order_start']) AND !empty($_POST['order_start']) AND isset($_POST['length']) AND !empty($_POST['length']) AND isset($_POST['num_planning']) AND !empty($_POST['num_planning']) AND isset($_POST['opacity'])) { if(isset($_POST['day']) AND !empty($_POST['day']) AND isset($_POST['title']) AND !empty($_POST['title']) AND isset($_POST['description']) AND !empty($_POST['description']) AND isset($_POST['color']) AND !empty($_POST['color']) AND isset($_POST['order_start']) AND !empty($_POST['order_start']) AND isset($_POST['length']) AND !empty($_POST['length']) AND isset($_POST['num_planning']) AND !empty($_POST['num_planning']) AND isset($_POST['opacity'])) {
$day = (int) htmlspecialchars($_POST['day']); $day = (int) htmlspecialchars($_POST['day']);
$title = htmlspecialchars($_POST['title']); $title = htmlspecialchars($_POST['title']);

8
admin/script.php
View file

@ -25,10 +25,16 @@ if($user_exist != 1) {
switch ($user['perm']) { switch ($user['perm']) {
case 1: case 1:
$content = $content.'<a href="planning.php"><li class="orange">Planning</li></a>'; $content = $content."<a href='ville.php'><li class='yellow'>Com'ville</li></a>";
break; break;
case 2: case 2:
$content = $content $content = $content
."<a href='ville.php'><li class='yellow'>Com'ville</li></a>"
.'<a href="planning.php"><li class="orange">Planning</li></a>';
break;
case 3:
$content = $content
."<a href='ville.php'><li class='yellow'>Com'ville</li></a>"
.'<a href="planning.php"><li class="orange">Planning</li></a>' .'<a href="planning.php"><li class="orange">Planning</li></a>'
.'<a href="gestion_des_acces.php"><li class="red">Gestion des accès</li></a>' .'<a href="gestion_des_acces.php"><li class="red">Gestion des accès</li></a>'
.'<a href="enigma.php"><li class="red">Enigma</li></a>' .'<a href="enigma.php"><li class="red">Enigma</li></a>'

4
admin/stats.php
View file

@ -14,7 +14,7 @@ if(isset($_GET['del']) AND !empty($_GET['del']))
$staff = $req_del -> fetchAll(PDO::FETCH_ASSOC); $staff = $req_del -> fetchAll(PDO::FETCH_ASSOC);
if($user['perm'] >= 2 OR $staff[0]['id_staff'] == $_SESSION['id']) { if($user['perm'] >= 3 OR $staff[0]['id_staff'] == $_SESSION['id']) {
$req_del = $db->prepare('DELETE FROM scores WHERE id =?'); $req_del = $db->prepare('DELETE FROM scores WHERE id =?');
$req_del->execute(array($del)); $req_del->execute(array($del));
header('Location: stats.php'); header('Location: stats.php');
@ -136,7 +136,7 @@ if(isset($_POST['send'])) {
$staff = $req_int -> fetchAll(PDO::FETCH_ASSOC); $staff = $req_int -> fetchAll(PDO::FETCH_ASSOC);
if($user['perm'] >= 2 OR $staff[0]['id_staff'] == $_SESSION['id']) { if($user['perm'] >= 3 OR $staff[0]['id_staff'] == $_SESSION['id']) {
?><a href="?del=<?= $stat['id'] ?>" class="cross">X</a></td><?php ?><a href="?del=<?= $stat['id'] ?>" class="cross">X</a></td><?php
} }
?></td> ?></td>

20
admin/ville.php Normal file
View file

@ -0,0 +1,20 @@
<?php
include "script.php";
if($user['perm'] < 1) {
header('Location: deco.php');
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Admin / Com'ville</title>
</head>
<body>
<main>
yo, ça arrive mais calmos les enfants
</main>
</body>
</html>