From 80f744a0ba29cb6f981dd22702bd05571264a8b5 Mon Sep 17 00:00:00 2001
From: Jan BELLON <jan@intra.e59.fr>
Date: Mon, 11 Mar 2024 22:05:20 +0000
Subject: [PATCH] Update file compte.php

---
 html/compte.php | 202 ++++++++++++++++++++++++++----------------------
 1 file changed, 109 insertions(+), 93 deletions(-)

diff --git a/html/compte.php b/html/compte.php
index 4c781253..b4ecf0e9 100644
--- a/html/compte.php
+++ b/html/compte.php
@@ -2,39 +2,21 @@
 require "../include/variables.php";
 require "../include/functions.php";
 
-if(isset($_SESSION['userid']) == false) {
-    header("Location: index.php");
-    http_response_code(404);
-    die();
-}
+$bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
+$req = $bdd->prepare("SELECT ID, username, creation_date, display_name, role, profile_picture, banner, bio FROM users WHERE ID = :user_id");
+$req->bindParam(":user_id", $_SESSION['ID']);
+$req->execute();
+$resultat = $req->fetchAll(PDO::FETCH_ASSOC);
 
-if(isset($_POST['delete_account'])) {
-
-    $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
-    $req = $bdd->prepare("DELETE FROM users WHERE ID = :id");
-    $req->bindParam(':id', $_SESSION['userid']);
-
-    if($req->execute()) {
-        header("Location: logout.php");
-        exit();
-    } else {
-        die("Erreur SQL");
-    }
-
-} else if (isset($_POST['display_name']) && isset($_POST['email']) && isset($_POST['username'])) {
-   
-    $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
-    $req = $bdd->prepare("UPDATE users SET display_name = :display_name, email = :email, username = :username WHERE ID = :userid");
-    $req->bindParam(':display_name', htmlspecialchars($_POST['display_name']));
-    $req->bindParam(':email', htmlspecialchars($_POST['email']));
-    $req->bindParam(':username', htmlspecialchars($_POST['username']));
-    $req->bindParam(':userid', $_SESSION['userid']);
-
-    if($req->execute()) {
-        $status = "Informations mises à jour";
-    } else {
-        $status = "Erreur SQL";
-    }
+if($resultat) {
+    $user_id = $resultat[0]['ID'];
+    $user_name = $resultat[0]['username'];
+    $user_creation_date = $resultat[0]['creation_date'];
+    $user_display_name = $resultat[0]['display_name'];
+    $user_role = $resultat[0]['role'];
+    $user_pp = $resultat[0]['profile_picture'] == NULL ? "https://abs.twimg.com/sticky/default_profile_images/default_profile_400x400.png" : $resultat[0]['profile_picture'];
+    $user_banner = $resultat[0]['banner'] = NULL ? "./src/img/empty.jpg" : $resultat[0]['banner'];
+    $user_bio = $resultat[0]['bio'];
 }
 
 ?>
@@ -46,43 +28,49 @@ if(isset($_POST['delete_account'])) {
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <link rel="stylesheet" href="./src/css/style.css">
     <style>
-    @media (prefers-color-scheme: dark) {
-        .body {
-            <?=$theme_dark?>
-        }
-        <?php 
-        for ($i = 0; $i < count($themes_dark); $i++) {
-            echo "#palette" . $i . " { ";
-            echo $themes_dark[$i];
-            echo " } ";
-        }
-        ?>
-    } 
-    @media (prefers-color-scheme: light) {
-        .body {
-            <?=$theme_light?>
+        @media (prefers-color-scheme: dark) {
+            .body {
+                <?=$theme_dark?>
             }
-        <?php 
-        for ($i = 0; $i < count($themes_light); $i++) {
-            echo "#palette" . $i . " { ";
-            echo $themes_light[$i];
-            echo " } ";
+            <?php 
+            for ($i = 0; $i < count($themes_dark); $i++) {
+                echo "#palette" . $i . " { ";
+                echo $themes_dark[$i];
+                echo " } ";
+            }
+            ?>
+        } 
+        @media (prefers-color-scheme: light) {
+            .body {
+                <?=$theme_light?>
+                }
+            <?php 
+            for ($i = 0; $i < count($themes_light); $i++) {
+                echo "#palette" . $i . " { ";
+                echo $themes_light[$i];
+                echo " } ";
+            }
+            ?>
         }
-        ?>
-    }
 
-    .userinfo {
-        margin: 5em auto;
-    }
+        .content {
+            padding: 0;
+            width: 100%;
+        }
 
-    .palettes {
-        display: flex;
-    }
-
-    .delaccount {
-        margin-top: 15em;
-    }
+        .user-banner {
+            <?php
+            if (empty($user_banner)) {
+                echo "background-color: black";
+            } else {
+                echo "background-image: url('" . $user_banner . "');";
+            }
+            ?>
+        }
 
+        .certification {
+            fill: <?php echo $user_role > 0 ? $certif_colors[$user_role] : "#000000"?>;
+        }
     </style>
     <link rel="icon" href="./src/img/favicon.ico">
     <title><?=$title?></title>
@@ -113,37 +101,65 @@ if(isset($_POST['delete_account'])) {
     <main>
         <div class="content">
             <div>
-                <div class="userinfo">
-                    <form action='' method='post'>
+                <div class="user-profile">
+                    <div class="user-banner"></div>
+                    <div class="user-header">
+                        <div class="user-content">
+                            <div class="user-pp"><img src="<?=$user_pp?>" class="user-pp-image"></div>
+                            <div class="user-info">
+                                <div class="names">
+                                    <div class="display-name"><input type="text" value="<?=$user_display_name?>"/></div>
+                                    <div class="user-role">
+
+                                        <?php
+                                            if($user_role != 0) {
+                                                echo '<svg class="certification" viewBox="0 0 22 22" aria-label="Compte certifié" role="img"><g><path d="M20.396 11c-.018-.646-.215-1.275-.57-1.816-.354-.54-.852-.972-1.438-1.246.223-.607.27-1.264.14-1.897-.131-.634-.437-1.218-.882-1.687-.47-.445-1.053-.75-1.687-.882-.633-.13-1.29-.083-1.897.14-.273-.587-.704-1.086-1.245-1.44S11.647 1.62 11 1.604c-.646.017-1.273.213-1.813.568s-.969.854-1.24 1.44c-.608-.223-1.267-.272-1.902-.14-.635.13-1.22.436-1.69.882-.445.47-.749 1.055-.878 1.688-.13.633-.08 1.29.144 1.896-.587.274-1.087.705-1.443 1.245-.356.54-.555 1.17-.574 1.817.02.647.218 1.276.574 1.817.356.54.856.972 1.443 1.245-.224.606-.274 1.263-.144 1.896.13.634.433 1.218.877 1.688.47.443 1.054.747 1.687.878.633.132 1.29.084 1.897-.136.274.586.705 1.084 1.246 1.439.54.354 1.17.551 1.816.569.647-.016 1.276-.213 1.817-.567s.972-.854 1.245-1.44c.604.239 1.266.296 1.903.164.636-.132 1.22-.447 1.68-.907.46-.46.776-1.044.908-1.681s.075-1.299-.165-1.903c.586-.274 1.084-.705 1.439-1.246.354-.54.551-1.17.569-1.816zM9.662 14.85l-3.429-3.428 1.293-1.302 2.072 2.072 4.4-4.794 1.347 1.246z"></path></g></svg>';
+                                            }
+                                        ?>
+
+                                    </div>
+                                    <div class="username">@<input type="text" value="<?=$user_name?>"/></div>
+                                </div>
+                                <div class="bio"><textarea class="bio-input" placeholder="Bio..." maxlength="100"><?=$user_bio?></textarea></div>
+                            </div>
+                        </div>
+                    </div>
+                    <div class="user-articles">
+                        <div class="user-content">
                         <?php
-                            echo "<div><input type='text' name='display_name' value='" . $_SESSION['display_name'] . "' required></div>";
-                            echo "<div><input type='email' name='email' value='" . $_SESSION['email'] . "' required></div>";
-                            echo "<div><input type='text' name='username' value='" . $_SESSION['username'] . "' required></div>";
-                            echo "<div><input type='submit' value='Mettre à jour'></div>";
+                            $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
+                            $search = isset($_GET['search']) ? "%" . htmlspecialchars($_GET['search']) . "%" : "%%";
+                            $req = $bdd->prepare("SELECT ID, titre, date, auteur, image, resume FROM articles WHERE (titre LIKE :search OR ID LIKE :search OR auteur LIKE :search) AND classification <= :accreditation AND auteur = :user_id ORDER BY date DESC");
+                            $req->bindParam(":search", $search);
+                            $req->bindParam(":accreditation", $_SESSION['accreditation']);
+                            $req->bindParam(":user_id", $user_id);
+                            $req->execute();
+                            $resultat = $req->fetchAll(PDO::FETCH_ASSOC);
+                            echo "<h1>Articles de " . $user_display_name . "</h1>";
+                            echo "<form action='' method='get'><input type='text' placeholder='Article' name='search'><input type='submit' value='Rechercher'></form>";
+
+                            if ($resultat) {
+                                foreach($resultat as $row) {
+                                    $date = strtotime($row['date']);
+                                    echo '<div class="article-preview">';
+                                    echo '<div class="article-illustration">';
+                                    echo '<a href="?article=' . $row['ID'] . '" class="article-link"><img src="' . $row['image'] . '" class="article-miniature"></a>';
+                                    echo '</div>';
+                                    echo '<div class="article-details">';
+                                    echo '<div class="article-data">n° ' . $row['ID'] . ' | ' . date('d/m/Y', $date) . ' | '. $row['auteur'] . '</div>';
+                                    echo '<a href="?article=' . $row['ID'] . '" class="article-link">';
+                                    echo '<div class="article-titre">' . $row['titre'] . '</div>';
+                                    echo '</a>';
+                                    echo '<div class="article-resume">' . $row['resume'] . '</div>';
+                                    echo '</div>';
+                                    echo '</div> ';
+                                }
+                            } else {
+                                echo "L'utilisateur n'a pas publié d'articles";
+                            }
                         ?>
-                        <div><?=$status?></div>
-                    </form>
-                </div>
-                <div class="palettes">
-                <?php
-
-                $height = 4;
-                $width = 6;
-
-                for ($i = 0; $i < count($themes_dark); $i++) {
-                    echo "<a href='?theme=" . $i . "'><div id='palette" . $i .  "'style='display: flex; margin: 0 1em; border: 1px solid var(--text)'>";
-                    echo "<div style='display: inline; background-color: var(--text); padding: " . $height/2 . "em ". $width/8 ."em'></div>";
-                    echo "<div style='display: inline; background-color: var(--background); padding: " . $height/2 . "em ". $width/8 ."em'></div>";
-                    echo "<div style='display: inline; background-color: var(--banner-background); padding: " . $height/2 . "em ". $width/8 ."em'></div>";
-                    echo "<div style='display: inline; background-color: var(--buttons); padding: " . $height/2 . "em ". $width/8 ."em'></div>";
-                    echo "</div></a>";
-                    }
-                ?>
-                </div>
-                <div class="delaccount">
-                    <form action="" method="post">
-                        <input type="submit" name="delete_account" value="Supprimer le compte (irréversible)" style="font-size: 1em;">
-                    </form>
+                        </div>
+                    </div>
                 </div>
             </div>
         </div>