jan/e59-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update 3 files

Browse Source 
- /html/editpage.php
- /html/news.php
- /html/compte.php
This commit is contained in:
Jan BELLON 2024-03-11 15:47:07 +00:00
parent 56820b4c5b
commit 74a85cf092
3 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
html/compte.php
View File

@ -9,23 +9,27 @@ if(isset($_SESSION['userid']) == false) {
} }
if(isset($_POST['delete_account'])) { if(isset($_POST['delete_account'])) {
$bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
$bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
$req = $bdd->prepare("DELETE FROM users WHERE ID = :id"); $req = $bdd->prepare("DELETE FROM users WHERE ID = :id");
$req->bindParam(':id', $_SESSION['userid']); $req->bindParam(':id', $_SESSION['userid']);
if($req->execute()) { if($req->execute()) {
header("Location: logout.php"); header("Location: logout.php");
exit(); exit();
} else { } else {
die("Erreur SQL"); die("Erreur SQL");
} }
} else if (isset($_POST['display_name']) && isset($_POST['email'])){
$bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
$req = $bdd->prepare("UPDATE users SET display_name = :display_name, email = :email WHERE ID = :userid"); } else if (isset($_POST['display_name']) && isset($_POST['email'])) && isset($_POST['username']) {
$req->bindParam(':display_name', $_SESSION['display_name']);
$req->bindParam(':email', $_SESSION['email']); $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
$req = $bdd->prepare("UPDATE users SET display_name = :display_name, email = :email, username = :username WHERE ID = :userid");
$req->bindParam(':display_name', htmlspecialchars($_POST['display_name']));
$req->bindParam(':email', htmlspecialchars($_POST['email']));
$req->bindParam(':username', htmlspecialchars($_POST['username']));
$req->bindParam(':userid', $_SESSION['userid']); $req->bindParam(':userid', $_SESSION['userid']);
if($req->execute()) { if($req->execute()) {
$status = "Informations mises à jour"; $status = "Informations mises à jour";
} else { } else {
@ -114,6 +118,7 @@ if(isset($_POST['delete_account'])) {
<?php <?php
echo "<div><input type='text' name='display_name' value='" . $_SESSION['display_name'] . "' required></div>"; echo "<div><input type='text' name='display_name' value='" . $_SESSION['display_name'] . "' required></div>";
echo "<div><input type='email' name='email' value='" . $_SESSION['email'] . "' required></div>"; echo "<div><input type='email' name='email' value='" . $_SESSION['email'] . "' required></div>";
echo "<div><input type='text' name='username' value='" . $_SESSION['username'] . "' required></div>";
echo "<div><input type='submit' value='Mettre à jour'></div>"; echo "<div><input type='submit' value='Mettre à jour'></div>";
?> ?>
<div><?=$status?></div> <div><?=$status?></div>

1
html/editpage.php
View File

@ -188,6 +188,7 @@ if(isset($fichier)) {
echo "<div class='article-id'>" . $row['ID'] . "</div></div>"; echo "<div class='article-id'>" . $row['ID'] . "</div></div>";
} }
} }
echo "</div>"; echo "</div>";
} }
?> ?>

6
html/news.php
View File

@ -58,6 +58,7 @@ if (isset($_GET['article']) && filter_var($_GET['article'], FILTER_VALIDATE_INT)
<div> <div>
<?php <?php
if ($article == "") { if ($article == "") {
$bdd = connect($dbhost, $dbname, $dbuser, $dbpass); $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
$search = isset($_GET['search']) ? "%" . htmlspecialchars($_GET['search']) . "%" : "%%"; $search = isset($_GET['search']) ? "%" . htmlspecialchars($_GET['search']) . "%" : "%%";
$req = $bdd->prepare("SELECT ID, titre, date, auteur FROM articles WHERE (titre LIKE :search OR ID LIKE :search OR auteur LIKE :search) AND classification <= :accreditation ORDER BY date DESC"); $req = $bdd->prepare("SELECT ID, titre, date, auteur FROM articles WHERE (titre LIKE :search OR ID LIKE :search OR auteur LIKE :search) AND classification <= :accreditation ORDER BY date DESC");
@ -82,12 +83,14 @@ if (isset($_GET['article']) && filter_var($_GET['article'], FILTER_VALIDATE_INT)
} else { } else {
echo "Aucun article trouvé"; echo "Aucun article trouvé";
} }
} else if (!isset($_GET['search']) && $article != "" && file_exists($wwwroot . '/content/journal/' . $article . '.md')) { } else if (!isset($_GET['search']) && $article != "" && file_exists($wwwroot . '/content/journal/' . $article . '.md')) {
$markdownContent = file_get_contents($wwwroot . '/content/journal/' . $article . '.md'); $markdownContent = file_get_contents($wwwroot . '/content/journal/' . $article . '.md');
require_once '../include/parsedown.php'; require_once '../include/parsedown.php';
$parsedown = new Parsedown(); $parsedown = new Parsedown();
echo "<div class='article-info'>";
$bdd = connect($dbhost, $dbname, $dbuser, $dbpass); $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
$req = $bdd->prepare("SELECT ID, titre, date, auteur, classification FROM articles WHERE ID = :article AND classification <= :accreditation"); $req = $bdd->prepare("SELECT ID, titre, date, auteur, classification FROM articles WHERE ID = :article AND classification <= :accreditation");
$req->bindParam(":article", $article); $req->bindParam(":article", $article);
@ -97,6 +100,7 @@ if (isset($_GET['article']) && filter_var($_GET['article'], FILTER_VALIDATE_INT)
if ($resultat) { if ($resultat) {
$date = strtotime($resultat[0]['date']); $date = strtotime($resultat[0]['date']);
echo "<div class='article-info'>";
echo "<div class='article-titre'>" . $resultat[0]['titre'] . "</div>"; echo "<div class='article-titre'>" . $resultat[0]['titre'] . "</div>";
echo "<div class='article-date'>" . date('d/m/Y', $date) . "</div>"; echo "<div class='article-date'>" . date('d/m/Y', $date) . "</div>";
echo "<div class='article-auteur'>" . $resultat[0]['auteur'] . "</div>"; echo "<div class='article-auteur'>" . $resultat[0]['auteur'] . "</div>";