diff --git a/config/global.ini b/config/global.ini index e2145dae..e14271aa 100644 --- a/config/global.ini +++ b/config/global.ini @@ -2,7 +2,14 @@ title = "Club Réseaux" header-title = "E59" header-subtitle = "Club Réseaux" -copyright = "© 2024 - E59" +copyright = "© 2024 - E59" + +[sql] +dbname = "" +dbuser = "" +dbpass = "" +dbhost = "" [nav] Journal = "journal.php" + diff --git a/html/admin.php b/html/admin.php new file mode 100644 index 00000000..4887f5ae --- /dev/null +++ b/html/admin.php @@ -0,0 +1,60 @@ + + + + + + + + + <?=$title?> + + +
+
+
+ + + +
+
+
+
+
+
+
+
+
+
+
+ +
+
+
+
+
Publier un article
+
+
+
+
+ + + \ No newline at end of file diff --git a/html/index.php b/html/index.php index b915d3fe..7084adee 100644 --- a/html/index.php +++ b/html/index.php @@ -1,6 +1,7 @@ diff --git a/html/journal.php b/html/journal.php index 733f2db5..9c43782f 100644 --- a/html/journal.php +++ b/html/journal.php @@ -1,6 +1,7 @@ text($markdownContent); } else { - echo "

L'article demandé n'existe pas

"; + $bdd = connect($dbhost, $dbname, $dbuser, $dbpass); + $req = $bdd->prepare("SELECT (ID, titre, date, auteur) FROM articles ORDER BY date DESC"); + $bdd->execute(); + $resultat = $req->fetch(PDO::FETCH_ASSOC); + + if ($resultat) { + foreach($resultat as $row) { + echo "
" . $row['Titre'] . "
" . $row['auteur'] . "
" . $row['date'] . "
"; + } + } } ?> diff --git a/html/login.php b/html/login.php new file mode 100644 index 00000000..fb5d419a --- /dev/null +++ b/html/login.php @@ -0,0 +1,82 @@ +prepare("SELECT (ID, username, email, display_name) FROM admins WHERE (username = :username OR email = :username) AND password = :password"); + $bdd->bindParam(':username', htmlspecialchars($_POST['username'])); + $bdd->bindParam(':password', md5($_POST['password'])); + $bdd->execute(); + + $resultat = $req->fetch(PDO::FETCH_ASSOC); + + if ($resultat) { + $_SESSION['username'] = $resultat[0]['username']; + $_SESSION['email'] = $resultat[0]['email']; + $_SESSION['display_name'] = $resultat[0]['display_name']; + $_SESSION['userid'] = $resultat[0]['ID']; + } + } +} + +?> + + + + + + + + <?=$title?> + + +
+
+
+ + + +
+
+
+
+
+
+
+
+
+
+
+ +
+
+
+
+
+
+
+
+
+
+
+ + + \ No newline at end of file diff --git a/html/upload.php b/html/upload.php new file mode 100644 index 00000000..53e75c4f --- /dev/null +++ b/html/upload.php @@ -0,0 +1,87 @@ +prepare("INSERT INTO articles (ID, titre, date, auteur) VALUES (:filename, :titre, :date, :auteur)"); + $bdd->bindParam(':filename', $filename); + $bdd->bindParam(':titre', htmlspecialchars($_POST['titre'])); + $bdd->bindParam(':auteur', $_SESSION['display_name']); + if (isset($_POST['date']) && empty($_POST['date']) == false) { + $bdd->bindParam(':date', htmlspecialchars($_POST['date'])); + } else { + $bdd->bindParam(':date', date()); + } + $insertcred->execute(); + + move_uploaded_file($_FILES['file']['tmp_name'], $destination); +} + +?> + + + + + + + + <?=$title?> + + +
+
+
+ + + +
+
+
+
+
+
+
+
+
+
+
+ +
+
+
+
+

Publier un article

+
+
+
+
+ +
+
+
+
+
+
+
+
+ + + \ No newline at end of file diff --git a/include/functions.php b/include/functions.php index 9dffc145..6efa906b 100644 --- a/include/functions.php +++ b/include/functions.php @@ -1,7 +1,26 @@ $url) { echo "
$name
"; } + if(isset($_SESSION['userid'])) { + echo "
Admin
"; + } + echo "
Déconnexion
"; +} + +function connect($dbhost, $dbname, $dbuser, $dbpass) { + try + { + $bdd = new PDO('mysql:host=' . $dbhost . ';dbname=' . $dbname . ';charset=UTF8',$dbuser,$dbpass); + $bdd->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + } + catch(Exception $e) + { + die('Erreur : '.$e->getMessage()); + } + return $bdd; } ?> \ No newline at end of file diff --git a/include/variables.php b/include/variables.php index d83fae48..741671b9 100644 --- a/include/variables.php +++ b/include/variables.php @@ -1,9 +1,16 @@ \ No newline at end of file