jan/e59-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' of https://gitlab.e59.fr/club-reseaux/e59-website

Browse Source
This commit is contained in:
cbo 2024-04-11 00:36:23 +02:00
commit b612f3a785
55 changed files with 847 additions and 498 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -1,4 +1,4 @@
# e59.fr
# e59.fr version 1.4
Le site officiel du club réseaux disponible à l'adresse https://e59.fr/
@ -31,7 +31,7 @@ Le site officiel du club réseaux disponible à l'adresse https://e59.fr/
- ```userID```
- ```userName```
- ```userDisplayName```
- ```userLevel```
- ```userRole```
- ```userAccreditation```
# Includes

44
config/global.ini
View File

@ -1,40 +1,34 @@
[root]
pageURL = "http://srv1.intra.e59.fr:8088/"
pageURL = "https://e59.fr/"
filePath = "/var/www/e59/"
[social]
instagram = "https://instagram.com/e59.club"
linkedin = "https://linkedin.com/company/e59/"
x = "https://twitter.com/e59_club"
youtube = "https://www.youtube.com/@e59-club"
[sql]
databaseName = "E59"
databaseUser = "root"
databasePass = "Broadca@Storm"
databasePass = "Broadca@Storm_SQL"
databaseHost = "127.0.0.1"
[recaptcha]
siteKey = "6LeoNrMpAAAAALnwweMo-JUMu7VvJlR6JUQW1fqy"
secretKey = "6LeoNrMpAAAAAAqmZpuvcFwuRhglX0rkI2rcdvw9"
[main]
pageTitle = "Club Réseaux - E59"
pageTitle = "E59"
pageName = "E59"
headerTitle = "E59"
headerSubtitle = "Club Réseaux"
footerText = "© Jan BELLON - E59 v1.2"
[confidentialLevels]
0 = "E59i-P (Public)"
1 = "E59i-M (Membres)"
2 = "E59i-R (Responsables)"
3 = "E59i-D (Direction)"
[userLevels]
0 = "Invité"
1 = "Membre"
2 = "Responsable"
3 = "Directeur"
[badges]
1 = '<path fill="#67c6d3" d="M11,0C4.92,0,0,4.92,0,11s4.92,11,11,11,11-4.92,11-11S17.08,0,11,0ZM16.81,9.3l-6.67,6.67c-.36.36-.95.36-1.32,0l-3.55-3.55c-.47-.47-.47-1.24,0-1.71.47-.47,1.24-.47,1.71,0l2.5,2.5,5.61-5.61c.47-.47,1.24-.47,1.71,0,.47.47.47,1.24,0,1.71Z"/>'
2 = '<path fill="#b467d3" d="M21.62,10.02l-.86-.95c-.31-.35-.44-.82-.34-1.28l.27-1.26c.16-.73-.26-1.46-.98-1.69l-1.22-.39c-.45-.14-.79-.49-.94-.94l-.39-1.22c-.23-.71-.96-1.13-1.69-.98l-1.26.27c-.46.1-.93-.03-1.28-.34l-.95-.86c-.55-.5-1.4-.5-1.95,0l-.95.86c-.35.31-.82.44-1.28.34l-1.26-.27c-.73-.16-1.46.26-1.69.98l-.39,1.22c-.14.45-.49.79-.94.94l-1.22.39c-.71.23-1.13.96-.98,1.69l.27,1.26c.1.46-.03.93-.34,1.28l-.86.95c-.5.55-.5,1.4,0,1.95l.86.95c.31.35.44.82.34,1.28l-.27,1.26c-.16.73.26,1.46.98,1.69l1.22.39c.45.14.79.49.94.94l.39,1.22c.23.71.96,1.13,1.69.98l1.26-.27c.46-.1.93.03,1.28.34l.95.86c.55.5,1.4.5,1.95,0l.95-.86c.35-.31.82-.44,1.28-.34l1.26.27c.73.16,1.46-.26,1.69-.98l.39-1.22c.14-.45.49-.79.94-.94l1.22-.39c.71-.23,1.13-.96.98-1.69l-.27-1.26c-.1-.46.03-.93.34-1.28l.86-.95c.5-.55.5-1.4,0-1.95ZM16.77,9.3l-6.67,6.67c-.36.36-.95.36-1.32,0l-3.55-3.55c-.47-.47-.47-1.24,0-1.71.47-.47,1.24-.47,1.71,0l2.5,2.5,5.61-5.61c.47-.47,1.24-.47,1.71,0,.47.47.47,1.24,0,1.71Z"/>'
3 = '<path fill="#d39367" d="M21.75,9.92l-1.31-2.67c-.04-.09-.08-.19-.12-.28l-.96-2.81c-.25-.72-.81-1.28-1.52-1.52l-2.81-.96c-.1-.03-.19-.07-.28-.12L12.08.25c-.68-.33-1.48-.33-2.16,0l-2.67,1.31c-.09.04-.19.08-.28.12l-2.81.96c-.72.25-1.28.81-1.52,1.52l-.96,2.81c-.03.1-.07.19-.12.28L.25,9.92c-.33.68-.33,1.48,0,2.16l1.31,2.67c.04.09.08.19.12.28l.96,2.81c.25.72.81,1.28,1.52,1.52l2.81.96c.1.03.19.07.28.12l2.67,1.31c.68.33,1.48.33,2.16,0l2.67-1.31c.09-.04.19-.08.28-.12l2.81-.96c.72-.25,1.28-.81,1.52-1.52l.96-2.81c.03-.1.07-.19.12-.28l1.31-2.67c.33-.68.33-1.48,0-2.16ZM16.91,8.78l-6.84,6.83c-.37.37-.98.37-1.35,0l-3.64-3.64c-.48-.48-.48-1.27,0-1.76.48-.48,1.27-.48,1.76,0l2.56,2.56,5.76-5.76c.48-.48,1.27-.48,1.76,0,.48.48.48,1.27,0,1.76Z"/>'
footerText = "© Jan BELLON - E59 v1.6"
[darkThemes]
0 = '--text: hsl(0, 0%, 80%);--background: hsl(0, 0%, 15%);--panel-background: hsl(0, 0%, 10%);--buttons: hsl(0, 0%, 5%)'
1 = '--text: hsl(208, 100%, 96%); --background: hsl(215, 21%, 11%); --panel-background: hsl(216, 28%, 7%); --buttons: hsl(216, 28%, 7%)'
0 = '.body {--text: #ffffff; --background: #0e0e0e; --panel-background: #0e0e0e; --buttons: #C2694C} textarea, .form, .select-input, .text-input, .file-input input {border:1px solid #a0a0a0}'
1 = '.body {--text: hsl(208, 100%, 96%); --background: hsl(215, 21%, 11%); --panel-background: hsl(216, 28%, 7%); --buttons: hsl(216, 28%, 7%)}'
2 = '.body {--text: hsl(160, 65%, 95%); --background: hsl(160, 65%, 3%); --panel-background: hsl(160, 65%, 3%); --buttons: hsl(160, 65%, 3%)} .text-input, .file-input input, .select-input, .select-input select, textarea, .button, button, .form {border:1px solid var(--text)}'
[lightThemes]
0 = '--text: hsl(0, 0%, 20%);--background: hsl(0, 0%, 100%);--panel-background: hsl(0, 0%, 100%);--buttons: hsl(0, 0%, 100%)'
1 = '--text: hsl(208, 100%, 0%); --background: hsl(215, 21%, 100%); --panel-background: hsl(216, 28%, 95%); --buttons: hsl(216, 28%, 95%)'
0 = '.body {--text: #0e0e0e; --background: #ffffff; --panel-background: #ffffff; --buttons: #fafafa} textarea, .button, button, .form, .select-input select, .select-input, .text-input, .file-input input {border:1px solid #a0a0a0}'

1
content/articles/1.md
View File

@ -6,4 +6,3 @@ De nombreuses idées que nous aurions aimé concrétiser fusent dans nos têtes.
<br />
##Un travail public<br />
Nous avons travaillé à la mise en place d'une plateforme collaborative sur laquelle seront déposés nos projets. En espérant que vous trouverez nos projets intéressants ! [Gitlab de la e59](https://gitlab.e59.fr/club-reseaux)<br />
<br />

5
content/articles/11.md
View File

@ -1,5 +0,0 @@
#Changelog update 1.1<br />
- Les utilisateurs membres peuvent publier des articles, pour cela il suffit de se rendre dans [Profil->Publier un article](upload.php)<br />
- En haut de chaque article se trouve une petite pastille contenant le nom de l'auteur, en cliquant dessus, on peut aller voir son profil.<br />
- Les articles ont des miniatures qui peuvent être modifiées dans [Edition](editpage.php).<br />
- Système de certification des utilisateurs avec des pastilles comme sur Twitter (Certifié : bleu, Directeur : jaune)

8
content/articles/12.md
View File

@ -1,8 +0,0 @@
#Changelog Update 1.2
- Interface utilisateur améliorée
- Liens des pages modifiés
- Code source mieux compréhensible
- Failles de sécurité corrigées
- Transmission de la propriété des articles à Deleted_User lors de la suppression du compte
- Insersion d'émojis possible

13
content/articles/16.md Normal file
View File

@ -0,0 +1,13 @@
##Visite du Forum InCyber à Lille<br />
Ce Mardi 26 mars, l'équipe de la E59 est allée visiter le forum International de Cybersécurité à Lille.<br />
Cette journée a été une superbe expérience pour nous tous et nous avons eu l'occasion d'échanger avec différents acteurs de la cyber.<br />
##Nouvelle fonctionnalité sur GitHub<br />
Lors de ce forum, GitHub a présenté une nouvelle fonctionnalité qui permet d'identifier des failles dans du code. Cette fonctionnalité devrait sortir prochainement<br />
##Echange avec la CNIL<br />
Nous avons eu l'occasion d'échanger avec un représentant de la CNIL, nous lui avons posé diverses questions concernant la gestion des donnés sur nos différentes infrastructures (sites web, vidéosurveillance). Cela nous a permis d'avoir une vision plus clair de nos responsabilités vis à vis des données personnelles que nous gérons.<br />
##Yubico<br />
Yubico nous ont présenté leur Yubikey, une solution d'authentification par clé. Nous sommes intéressés par cette solution pour nos systèmes d'authentification sur notre infrastructure.<br />
##Les outils de forensique de la Douane<br />
La Douane nous a présenté leurs outils de forensique permettant de récupérer le contenu d'un disque dur. Ils ne nous ont pas donné de précisions détaillées quant au fonctionnement de ces systèmes.<br />
##Thalès pirate un microprocesseur avec un oscilloscope.<br />
Thalès nous a présenté leur système permettant de pirater un microprocesseur faisant tourner de l'IA. Ce système est composé d'un capteur sensible aux variations électromagnétiques tenu par un bras et posé sur une zone précise du microprocesseur. Ce capteur est relié à un oscilloscope qui affiche les variations électromagnétiques sur un écran. En retrouvant des motifs répétitifs de variations, il est possible de tromper le comportement de la puce pour changer le résultat de sortie de la chaine neuronale. Il serait donc possible par exemple de tromper un système de reconnaissance faciale en lui faisant croire que nous sommes une personne différente ou encore forcer une authentification.

22
content/articles/17.md Normal file
View File

@ -0,0 +1,22 @@
##Une infra on premise<br />
Notre objectif est d'avoir une infrastructure avec 0 frais d'abonnement, nous souhaitons donc nous séparer de nos VPS dans le but de tout héberger en E59.<br />
<br />
##Accès internet<br />
Notre accès internet actuel passe par Renater. Les nombreux blocages ainsi que les coupures occasionnelles de l'accès internet nous ont poussé à prévoir des solutions pour nous créer un accès internet indépendant de Renater.<br />
Emilien a eu l'idée ambitieuse de demander un accès internet direct à l'IUT et une adresse IP publique pour la E59. Il est confiant quant au fait que Madame Moreau ait la possibilité de répondre à notre demande.<br />
Jan quant à lui est moins optimiste et il est nécéssaire selon lui de prévoir un plan B au cas ou L'IUT nous refuse la demande.<br />
<br />
##Cybersécurité 0 trust<br />
Emilien suivi par Eliott et Akram, souhaite mettre en place une infrastructure 0 trust avec 3 firewall, un bastion et un reverse proxy. Jan et Lucas quant à eux ne sont pas totalement convaincus de l'idée affirmant que c'est une approche paranoïaque abusive. <br />
Il est cependant important de souligner le fait que c'est Emilien, Eliott et Akram les responsables du réseau et qu'elles sont prêtes à donner du temps pour mettre en place l'infrastructure d'Emilien.<br />
Jan et Lucas ne se sont donc pas opposés à l'idée et souhaitent bonne chance à Emilien et son équipe pour mettre en place l'infrastructure.<br />
<br />
##Trop de brassage d'air selon Jan<br />
Jan a fait un coup de gueule sur teams dans la soirée, affirmant que ce n'est pas en ajoutant des étages à la tour qu'on fait avancer le projet. <br />
Selon lui, tout le monde a déjà une vision du projet final et, pour être efficace, il faut juste passer à l'action et commencer le projet en faisant des planifications court terme des actions.<br />
<br />
##Pour conclure..<br />
L'équipe de la E59 est pleine d'idées et a beaucoup d'ambition.<br />
Le 5 avril, aura lieu la première assemblée générale durant laquelle, les personnes impliquées dans le projet de la E59 auront l'occasion de mettre leur point de vue sur la table et échanger à propos de la création de l'Association E59. <br />
Ce sera aussi l'occasion de planifier les taches pour créer les statuts et trouver une assurance.<br />
Nous nous retrouverons Vendredi, pour faire un point sur l'assemblée générale numéro 1.

3
content/articles/2.md
View File

@ -1,5 +1,4 @@
# SpyLab, une plateforme de CTF<br />
<br />
#SpyLab, une plateforme de CTF<br />
La plateforme de CTF SpyLab est displonible sur le gitlab de la E59.<br />
Ce projet a été mené dans le cadre de la SAE Pentest, un projet universitaire dirigé par Monsieur Guillemin.<br />
Nous remercions tous les participants de ce projet pour leur contribution. <br />

2
content/pages/about.md
View File

@ -2,7 +2,7 @@
<br />
Seuls les cookies nécessaires au bon fonctionnement du site sont stockés sur la machine de l'utilisateur.<br />
<br />
Il est possible de supprimer votre compte et toutes les données associées dans [compte.php](compte.php)<br />
Il est possible de supprimer votre compte et toutes les données associées dans [Options](/settings)<br />
<br />
###Liste des données personnelles stockées :<br />
- Nom d'utilisateur<br />

3
content/pages/index.md
View File

@ -1,3 +0,0 @@
#Bienvenue sur le journal de la E59.<br />
**Vous y trouverez les dernières actualités du Club.<br />**
**Vous pouvez nous contacter en écrivant à [club@e59.fr](mailto:club@e59.fr).**

167
database/E59.sql Executable file → Normal file
View File

@ -1,11 +1,11 @@
-- phpMyAdmin SQL Dump
-- version 5.2.1
-- version 5.2.1deb1+jammy2
-- https://www.phpmyadmin.net/
--
-- Host: localhost
-- Generation Time: Mar 15, 2024 at 01:26 AM
-- Server version: 10.5.23-MariaDB-0+deb11u1
-- PHP Version: 7.4.33
-- Hôte : localhost:3306
-- Généré le : dim. 17 mars 2024 à 15:14
-- Version du serveur : 10.6.16-MariaDB-0ubuntu0.22.04.1
-- Version de PHP : 8.1.2-1ubuntu2.14
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
START TRANSACTION;
@ -18,47 +18,92 @@ SET time_zone = "+00:00";
/*!40101 SET NAMES utf8mb4 */;
--
-- Database: `E59`
-- Base de données : `E59`
--
-- --------------------------------------------------------
--
-- Table structure for table `articles`
-- Structure de la table `articles`
--
CREATE TABLE `articles` (
`ID` int(12) NOT NULL,
`title` varchar(255) NOT NULL,
`date` datetime NOT NULL DEFAULT current_timestamp(),
`author` int(12) NOT NULL,
`classification` int(12) NOT NULL,
`creation_date` datetime NOT NULL DEFAULT current_timestamp(),
`last_update` datetime NOT NULL DEFAULT current_timestamp(),
`author` int(12) NOT NULL COMMENT 'users.ID',
`classification` int(12) NOT NULL COMMENT 'confidential_levels.ID',
`miniature` varchar(255) DEFAULT NULL,
`resume` text DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
--
-- Dumping data for table `articles`
-- Déchargement des données de la table `articles`
--
INSERT INTO `articles` (`ID`, `title`, `date`, `author`, `classification`, `miniature`, `resume`) VALUES
(1, 'Écrivons le futur !', '2024-03-07 09:32:00', 1, 0, '/assets/miniatures/1.png', 'Après avoir discuté avec l\'administration de notre IUT, nous avons découvert la partie humaine qui assure sa gestion, avec laquelle nous avons eu le plaisir de sympathiser. '),
(2, 'SpyLab', '2024-03-07 19:15:00', 2, 0, '/assets/miniatures/2.png', 'La plateforme de CTF SpyLab est displonible sur le gitlab de la E59.&lt;br /&gt;\r\nCe projet a été mené dans le cadre de la SAE Pentest, un projet universitaire dirigé par Monsieur Guillemin.'),
(3, 'Réunion Association #1', '2024-03-07 21:53:16', 2, 3, '/assets/miniatures/3.png', 'Récapitulatif de la réunion concernant la transition du Club vers l\'état d\'association'),
(4, 'Update 1.0', '2024-03-08 23:00:24', 2, 0, '/assets/miniatures/4.png', 'Changelog de la mise à jour 1.0 de la plateforme e59.fr..'),
(5, 'Connaissez vous l\'attaque PCDoS ?', '2024-03-11 07:45:04', 2, 0, '/assets/miniatures/5.png', 'Aussi connue sous le nom PCDoS (Plane Crash Denial of Service), cette faille est une faille 0day patchée grâce au plan vigipirate.'),
(6, 'Rapport Pentest (WDoS)', '2024-03-11 07:52:33', 4, 0, '/assets/miniatures/6.png', 'Dans le cadre de notre évaluation de sécurité, nous avons réalisé une attaque de pentesting physique simulée sur les infrastructures réseau de l\'entreprise. '),
(7, 'Rapport d\'incident (PCDoS)', '2024-03-11 15:59:25', 4, 1, '/assets/miniatures/7.png', 'Le présent rapport détaille un événement impliquant une tentative d\'attaque par déni de service distribué (DDoS) non conventionnelle et à grande échelle sur un centre de données.'),
(8, 'Invasion Volante', '2024-03-11 19:49:51', 2, 0, '/assets/miniatures/8.png', 'Montmartre Assiégé par une Armada de Pigeons.'),
(9, 'Un avion s\'écrase sur l\'IUT !', '2024-03-12 08:11:11', 2, 0, '/assets/miniatures/9.png', 'Ce matin, dans une tournure d\'événements tragique et inattendue, un avion s\'est écrasé sur l\'Institut Universitaire de Technologie (IUT) de Vélizy, ...'),
(10, 'Comment faire un 49.3 ?', '2024-03-12 12:39:50', 7, 0, '/assets/miniatures/10.png', 'Dans ce tutoriel je vais te montrer comme faire un 49.3. <br />\r\nTu pourras appliquer ce tutoriel pendant les travaux de groupe quand il faudra rétablir l\'ordre suprême !'),
(11, 'Update 1.1', '2024-03-12 17:07:47', 2, 0, '/assets/miniatures/11.png', 'Liste des changements suite à la mise à jour de la plateforme vers la version 1.1'),
(12, 'Update 1.2', '2024-03-14 20:50:15', 2, 0, '/assets/miniatures/12.png', 'La première update majeure vient de sortir !');
INSERT INTO `articles` (`ID`, `title`, `creation_date`, `last_update`, `author`, `classification`, `miniature`, `resume`) VALUES
(1, 'Écrivons le futur !', '2024-03-07 09:32:00', '2024-03-17 14:20:54', 1, 0, '/assets/miniatures/1.png', 'Après avoir discuté avec l\'administration de notre IUT, nous avons découvert la partie humaine qui assure sa gestion, avec laquelle nous avons eu le plaisir de sympathiser. '),
(2, 'SpyLab', '2024-03-07 19:15:00', '2024-03-17 14:20:54', 2, 0, '/assets/miniatures/2.png', 'La plateforme de CTF SpyLab est displonible sur le gitlab de la E59.&lt;br /&gt;\r\nCe projet a été mené dans le cadre de la SAE Pentest, un projet universitaire dirigé par Monsieur Guillemin.'),
(3, 'Réunion Association #1', '2024-03-07 21:53:16', '2024-03-17 14:20:54', 2, 50, '/assets/miniatures/3.png', 'Récapitulatif de la réunion concernant la transition du Club vers l\'état d\'association'),
(4, 'Update 1.0', '2024-03-08 23:00:24', '2024-03-17 14:20:54', 2, 10, '/assets/miniatures/4.png', 'Changelog de la mise à jour 1.0 de la plateforme e59.fr..'),
(5, 'Connaissez vous l\'attaque PCDoS ?', '2024-03-11 07:45:04', '2024-03-17 14:20:54', 2, 0, '/assets/miniatures/5.png', 'Aussi connue sous le nom PCDoS (Plane Crash Denial of Service), cette faille est une faille 0day patchée grâce au plan vigipirate.'),
(6, 'Rapport Pentest (WDoS)', '2024-03-11 07:52:33', '2024-03-17 14:20:54', 4, 0, '/assets/miniatures/6.png', 'Dans le cadre de notre évaluation de sécurité, nous avons réalisé une attaque de pentesting physique simulée sur les infrastructures réseau de l\'entreprise. '),
(7, 'Rapport d\'incident (PCDoS)', '2024-03-11 15:59:25', '2024-03-17 14:20:54', 4, 0, '/assets/miniatures/7.png', 'Le présent rapport détaille un événement impliquant une tentative d\'attaque par déni de service distribué (DDoS) non conventionnelle et à grande échelle sur un centre de données.'),
(8, 'Invasion Volante', '2024-03-11 19:49:51', '2024-03-17 14:20:54', 2, 10, '/assets/miniatures/8.png', 'Montmartre Assiégé par une Armada de Pigeons.'),
(9, 'Un avion s\'écrase sur l\'IUT !', '2024-03-12 08:11:11', '2024-03-17 14:20:54', 2, 10, '/assets/miniatures/9.png', 'Ce matin, dans une tournure d\'événements tragique et inattendue, un avion s\'est écrasé sur l\'Institut Universitaire de Technologie (IUT) de Vélizy, ...'),
(10, 'Comment faire un 49.3 ?', '2024-03-12 12:39:50', '2024-03-17 14:20:54', 7, 0, '/assets/miniatures/10.png', 'Dans ce tutoriel je vais te montrer comme faire un 49.3. <br />\r\nTu pourras appliquer ce tutoriel pendant les travaux de groupe quand il faudra rétablir l\'ordre suprême !'),
(11, 'Update 1.1', '2024-03-12 17:07:47', '2024-03-17 14:20:54', 2, 10, '/assets/miniatures/11.png', 'Liste des changements suite à la mise à jour de la plateforme vers la version 1.1'),
(12, 'Update 1.2', '2024-03-14 20:50:15', '2024-03-17 15:03:03', 2, 10, '/assets/miniatures/12.png', 'La première update majeure vient de sortir !');
-- --------------------------------------------------------
--
-- Table structure for table `users`
-- Structure de la table `confidential_levels`
--
CREATE TABLE `confidential_levels` (
`ID` int(11) NOT NULL,
`name` varchar(255) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
--
-- Déchargement des données de la table `confidential_levels`
--
INSERT INTO `confidential_levels` (`ID`, `name`) VALUES
(0, 'E59i-P (Public)'),
(10, 'E59i-M (Membres)'),
(20, 'E59i-R (Responsables)'),
(50, 'E59i-D (Direction)');
-- --------------------------------------------------------
--
-- Structure de la table `roles`
--
CREATE TABLE `roles` (
`ID` int(11) NOT NULL,
`badge_svg` varchar(2047) NOT NULL,
`role_name` varchar(255) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
--
-- Déchargement des données de la table `roles`
--
INSERT INTO `roles` (`ID`, `badge_svg`, `role_name`) VALUES
(0, ' ', 'Non connecté'),
(1, '', 'Connecté'),
(10, '<svg class=\"certification\" viewBox=\"0 0 22 22\" aria-label=\"Compte certifié\" role=\"img\"><g><path fill=\"#67c6d3\" d=\"M11,0C4.92,0,0,4.92,0,11s4.92,11,11,11,11-4.92,11-11S17.08,0,11,0ZM16.81,9.3l-6.67,6.67c-.36.36-.95.36-1.32,0l-3.55-3.55c-.47-.47-.47-1.24,0-1.71.47-.47,1.24-.47,1.71,0l2.5,2.5,5.61-5.61c.47-.47,1.24-.47,1.71,0,.47.47.47,1.24,0,1.71Z\"></path></g></svg>', 'Membre'),
(20, '<svg class=\"certification\" viewBox=\"0 0 22 22\" aria-label=\"Compte certifié\" role=\"img\"><g><path fill=\"#b467d3\" d=\"M21.62,10.02l-.86-.95c-.31-.35-.44-.82-.34-1.28l.27-1.26c.16-.73-.26-1.46-.98-1.69l-1.22-.39c-.45-.14-.79-.49-.94-.94l-.39-1.22c-.23-.71-.96-1.13-1.69-.98l-1.26.27c-.46.1-.93-.03-1.28-.34l-.95-.86c-.55-.5-1.4-.5-1.95,0l-.95.86c-.35.31-.82.44-1.28.34l-1.26-.27c-.73-.16-1.46.26-1.69.98l-.39,1.22c-.14.45-.49.79-.94.94l-1.22.39c-.71.23-1.13.96-.98,1.69l.27,1.26c.1.46-.03.93-.34,1.28l-.86.95c-.5.55-.5,1.4,0,1.95l.86.95c.31.35.44.82.34,1.28l-.27,1.26c-.16.73.26,1.46.98,1.69l1.22.39c.45.14.79.49.94.94l.39,1.22c.23.71.96,1.13,1.69.98l1.26-.27c.46-.1.93.03,1.28.34l.95.86c.55.5,1.4.5,1.95,0l.95-.86c.35-.31.82-.44,1.28-.34l1.26.27c.73.16,1.46-.26,1.69-.98l.39-1.22c.14-.45.49-.79.94-.94l1.22-.39c.71-.23,1.13-.96.98-1.69l-.27-1.26c-.1-.46.03-.93.34-1.28l.86-.95c.5-.55.5-1.4,0-1.95ZM16.77,9.3l-6.67,6.67c-.36.36-.95.36-1.32,0l-3.55-3.55c-.47-.47-.47-1.24,0-1.71.47-.47,1.24-.47,1.71,0l2.5,2.5,5.61-5.61c.47-.47,1.24-.47,1.71,0,.47.47.47,1.24,0,1.71Z\"></path></g></svg>', 'Responsable'),
(50, '<svg class=\"certification\" viewBox=\"0 0 22 22\" aria-label=\"Compte certifié\" role=\"img\"><g><path fill=\"#d39367\" d=\"M21.75,9.92l-1.31-2.67c-.04-.09-.08-.19-.12-.28l-.96-2.81c-.25-.72-.81-1.28-1.52-1.52l-2.81-.96c-.1-.03-.19-.07-.28-.12L12.08.25c-.68-.33-1.48-.33-2.16,0l-2.67,1.31c-.09.04-.19.08-.28.12l-2.81.96c-.72.25-1.28.81-1.52,1.52l-.96,2.81c-.03.1-.07.19-.12.28L.25,9.92c-.33.68-.33,1.48,0,2.16l1.31,2.67c.04.09.08.19.12.28l.96,2.81c.25.72.81,1.28,1.52,1.52l2.81.96c.1.03.19.07.28.12l2.67,1.31c.68.33,1.48.33,2.16,0l2.67-1.31c.09-.04.19-.08.28-.12l2.81-.96c.72-.25,1.28-.81,1.52-1.52l.96-2.81c.03-.1.07-.19.12-.28l1.31-2.67c.33-.68.33-1.48,0-2.16ZM16.91,8.78l-6.84,6.83c-.37.37-.98.37-1.35,0l-3.64-3.64c-.48-.48-.48-1.27,0-1.76.48-.48,1.27-.48,1.76,0l2.56,2.56,5.76-5.76c.48-.48,1.27-.48,1.76,0,.48.48.48,1.27,0,1.76Z\"></path></g></svg>', 'Directeur');
-- --------------------------------------------------------
--
-- Structure de la table `users`
--
CREATE TABLE `users` (
@ -66,61 +111,85 @@ CREATE TABLE `users` (
`username` varchar(255) NOT NULL,
`password` varchar(255) NOT NULL,
`email` varchar(255) DEFAULT NULL,
`date` datetime NOT NULL DEFAULT current_timestamp(),
`creation_date` datetime NOT NULL DEFAULT current_timestamp(),
`last_update` datetime NOT NULL DEFAULT current_timestamp(),
`display_name` varchar(255) DEFAULT 'Guest',
`level` int(12) NOT NULL DEFAULT 0,
`accreditation` int(12) NOT NULL DEFAULT 0,
`role` int(12) NOT NULL DEFAULT 0 COMMENT 'roles.ID',
`accreditation` int(12) NOT NULL DEFAULT 0 COMMENT 'confidential_levels.ID',
`profile_picture` varchar(255) DEFAULT NULL,
`banner` varchar(255) DEFAULT '',
`bio` varchar(255) DEFAULT NULL,
`certification` int(12) DEFAULT 0
`bio` varchar(255) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
--
-- Dumping data for table `users`
-- Déchargement des données de la table `users`
--
INSERT INTO `users` (`ID`, `username`, `password`, `email`, `date`, `display_name`, `level`, `accreditation`, `profile_picture`, `banner`, `bio`, `certification`) VALUES
(0, 'deleted_user', '0', NULL, '2024-03-14 20:22:10', 'Deleted User', 0, 0, NULL, '', NULL, 0),
(1, 'admin', 'f290776df3fe2f6507f06bdbe048588b', 'bod@intra.e59.fr', '2024-03-07 19:42:01', 'Dieu', 3, 3, '/assets/pp/1.png', '/assets/banners/1.png', 'Que la lumière soit...', 3),
(2, 'jan', '57edb0f3104636a40e64ad178868a572', 'jan@intra.e59.fr', '2024-03-07 20:26:05', 'Jan BELLON', 3, 3, '/assets/pp/2.png', '/assets/banners/2.png', '🗿♟️☕', 3),
(3, 'eliott', '3845d4aff76bfb44fe36442dc9fce0be', 'eliott@intra.e59.fr', '2024-03-10 23:39:07', 'Eliott', 3, 3, NULL, NULL, NULL, 3),
(4, 'lucas', 'ff12405d3354d3af7ffffdb08474f9a1', 'lucas@intra.e59.fr', '2024-03-11 07:47:25', 'Trésorier', 3, 3, 'https://risibank.fr/cache/medias/0/24/2460/246030/full.png', 'https://images.pexels.com/photos/315938/pexels-photo-315938.jpeg', 'Nous vivons dans une saucisse', 3),
(5, 'Orjawell', '53e284f44a4533d3c13198ab2d7d1685', 'akram@intra.e59.fr', '2024-03-11 07:48:25', 'Orjawell', 2, 2, NULL, NULL, NULL, 2),
(6, 'neo', 'cb59608fced567a14b13a6e5c5c8a1d2', 'neo@neo', '2024-03-11 09:39:15', 'neo', 1, 1, NULL, NULL, NULL, 1),
(7, 'manu', '57edb0f3104636a40e64ad178868a572', 'manu@intra.e59.fr', '2024-03-12 12:19:57', 'Emmanuel Macron', 2, 3, '/assets/pp/7.png', '/assets/banners/7.png', 'Tais toi, ou je fais un 49.3.', 0),
(8, 'willy.guillemin', '52df21f38c6b2552bf68e4daa9c7f815', '', '2024-03-14 23:19:53', 'Willy Guillemin', 1, 1, '/assets/pp/8.png', '/assets/banners/8.png', 'Les bits c\'est des bits', 0),
(9, 'etiehuot', '52df21f38c6b2552bf68e4daa9c7f815', '', '2024-03-14 23:25:29', 'Etienne Huot', 1, 1, '/assets/pp/9.png', '/assets/banners/9.png', 'Il est où mon IPhone 15 Pro !', 0),
(10, 'sebastien.lemoel', '52df21f38c6b2552bf68e4daa9c7f815', '', '2024-03-14 23:36:02', 'Sebastien Le Moel', 1, 1, '/assets/pp/10.png', '/assets/banners/10.png', 'L\'enfer n\'est rien de plus que le domaine fréquentiel.', 0);
INSERT INTO `users` (`ID`, `username`, `password`, `email`, `creation_date`, `last_update`, `display_name`, `role`, `accreditation`, `profile_picture`, `banner`, `bio`) VALUES
(0, 'deleted_user', '0', NULL, '2024-03-14 20:22:10', '2024-03-17 14:21:53', 'Deleted User', 1, 1, NULL, '', NULL),
(1, 'admin', 'f290776df3fe2f6507f06bdbe048588b', 'bod@intra.e59.fr', '2024-03-07 19:42:01', '2024-03-17 14:21:53', 'Dieu', 50, 50, '/assets/pp/1.png', '/assets/banners/1.png', 'Que la lumière soit...'),
(2, 'jan', '57edb0f3104636a40e64ad178868a572', 'jan@intra.e59.fr', '2024-03-07 20:26:05', '2024-03-17 15:00:55', 'Jan BELLON', 50, 50, '/assets/pp/2.png', '/assets/banners/2.png', '🗿♟️☕❤️'),
(3, 'eliott', '3845d4aff76bfb44fe36442dc9fce0be', 'eliott@intra.e59.fr', '2024-03-10 23:39:07', '2024-03-17 14:21:53', 'Eliott', 50, 50, NULL, NULL, NULL),
(4, 'lucas', 'ff12405d3354d3af7ffffdb08474f9a1', 'lucas@intra.e59.fr', '2024-03-11 07:47:25', '2024-03-17 14:21:53', 'Trésorier', 50, 50, 'https://risibank.fr/cache/medias/0/24/2460/246030/full.png', 'https://images.pexels.com/photos/315938/pexels-photo-315938.jpeg', 'Nous vivons dans une saucisse'),
(5, 'Orjawell', '53e284f44a4533d3c13198ab2d7d1685', 'akram@intra.e59.fr', '2024-03-11 07:48:25', '2024-03-17 14:21:53', 'Orjawell', 20, 20, NULL, NULL, NULL),
(6, 'neo', 'cb59608fced567a14b13a6e5c5c8a1d2', 'neo@neo', '2024-03-11 09:39:15', '2024-03-17 14:21:53', 'neo', 10, 10, NULL, NULL, NULL),
(7, 'manu', '57edb0f3104636a40e64ad178868a572', 'manu@intra.e59.fr', '2024-03-12 12:19:57', '2024-03-17 14:21:53', 'Emmanuel Macron', 1, 1, '/assets/pp/7.png', '/assets/banners/7.png', 'Tais toi, ou je fais un 49.3.'),
(8, 'willy.guillemin', '52df21f38c6b2552bf68e4daa9c7f815', '', '2024-03-14 23:19:53', '2024-03-17 14:21:53', 'Willy Guillemin', 1, 1, '/assets/pp/8.png', '/assets/banners/8.png', 'Les bits c\'est des bits'),
(9, 'etiehuot', '52df21f38c6b2552bf68e4daa9c7f815', '', '2024-03-14 23:25:29', '2024-03-17 14:21:53', 'Etienne Huot', 1, 1, '/assets/pp/9.png', '/assets/banners/9.png', 'Il est où mon IPhone 15 Pro !'),
(10, 'sebastien.lemoel', '52df21f38c6b2552bf68e4daa9c7f815', '', '2024-03-14 23:36:02', '2024-03-17 14:21:53', 'Sebastien Le Moel', 1, 1, '/assets/pp/10.png', '/assets/banners/10.png', 'L\'enfer n\'est rien de plus que le domaine fréquentiel.');
--
-- Indexes for dumped tables
-- Index pour les tables déchargées
--
--
-- Indexes for table `articles`
-- Index pour la table `articles`
--
ALTER TABLE `articles`
ADD PRIMARY KEY (`ID`);
--
-- Indexes for table `users`
-- Index pour la table `confidential_levels`
--
ALTER TABLE `confidential_levels`
ADD PRIMARY KEY (`ID`);
--
-- Index pour la table `roles`
--
ALTER TABLE `roles`
ADD PRIMARY KEY (`ID`);
--
-- Index pour la table `users`
--
ALTER TABLE `users`
ADD PRIMARY KEY (`ID`);
--
-- AUTO_INCREMENT for dumped tables
-- AUTO_INCREMENT pour les tables déchargées
--
--
-- AUTO_INCREMENT for table `articles`
-- AUTO_INCREMENT pour la table `articles`
--
ALTER TABLE `articles`
MODIFY `ID` int(12) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=13;
--
-- AUTO_INCREMENT for table `users`
-- AUTO_INCREMENT pour la table `confidential_levels`
--
ALTER TABLE `confidential_levels`
MODIFY `ID` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=51;
--
-- AUTO_INCREMENT pour la table `roles`
--
ALTER TABLE `roles`
MODIFY `ID` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=101;
--
-- AUTO_INCREMENT pour la table `users`
--
ALTER TABLE `users`
MODIFY `ID` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=16;

4
html/about/index.php
View File

@ -11,7 +11,7 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
<html lang="fr">
<head>
<?php fillHead($rootPageURL, $pageTitle, $darkTheme, $lightTheme);?>
<?php fillHead($rootPageURL, "A propos - " . $pageName, $darkTheme, $lightTheme);?>
<style></style>
</head>
@ -19,7 +19,7 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
<header>
<div class="panel-content">
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social);?>
</div>
</header>

47
html/account/index.php
View File

@ -1,6 +1,14 @@
<?php
require("../../include/variables.php");
require("../../include/init.php");
if (isset($_SESSION['userID']) == false || empty($_SESSION['userID'])) {
header("Location: /login");
http_response_code(403);
die('Veuillez vous connecter dans <a href="/login">/login</a>');
}
require("../../include/main-functions.php");
require("../../include/objects.php");
require("../../include/inputs.php");
@ -26,14 +34,14 @@ if (isset($_FILES['newPP']) && $_FILES['newPP']['error'] == 0) {
imagecopyresampled($imageResized, $imageOriginal, 0, 0, 0, 0, $imageWidth, $imageHeight, $width, $height);
imagealphablending($imageResized, false);
imagesavealpha($imageResized, $rootPath);
imagesavealpha($imageResized, $rootImagePath);
imagepng($imageResized, $rootImagePath);
imagedestroy($imageOriginal);
imagedestroy($imageResized);
$sqlRequest = "UPDATE users SET profile_picture = :userPP WHERE ID = :userID";
$sqlRequest = "UPDATE users SET profile_picture = :userPP, last_update = now() WHERE ID = :userID";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":userPP", $imageURL);
$request->bindParam(":userID", $_SESSION['userID']);
@ -65,14 +73,14 @@ if (isset($_FILES['newBanner']) && $_FILES['newBanner']['error'] == 0) {
imagecopyresampled($imageResized, $imageOriginal, 0, 0, 0, 0, $imageWidth, $imageHeight, $width, $height);
imagealphablending($imageResized, false);
imagesavealpha($imageResized, $rootPath);
imagesavealpha($imageResized, $rootImagePath);
imagepng($imageResized, $rootImagePath);
imagedestroy($imageOriginal);
imagedestroy($imageResized);
$sqlRequest = "UPDATE users SET banner = :userBanner WHERE ID = :userID";
$sqlRequest = "UPDATE users SET banner = :userBanner, last_update = now() WHERE ID = :userID";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":userBanner", $imageURL);
$request->bindParam(":userID", $_SESSION['userID']);
@ -86,27 +94,26 @@ if (isset($_FILES['newBanner']) && $_FILES['newBanner']['error'] == 0) {
}
}
if (isset($_POST['userDisplayName']) && isset($_POST['userBio'])) {
if(preg_match('!\S!u', $_POST['userDisplayName']) && preg_match('!\S!u', $_POST['userBio'])) {
$sqlRequest = "UPDATE users SET display_name = :userDisplayName, bio = :userBio WHERE ID = :userID";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":userDisplayName", htmlspecialchars(substr($_POST['userDisplayName'], 0, 20)));
$request->bindParam(":userBio", htmlspecialchars(substr($_POST['userBio'], 0, 200)));
$request->bindParam(":userID", $_SESSION['userID']);
if($request->execute()) {
$status = "Informations mises à jour";
$_SESSION['userDisplayName'] = htmlspecialchars($_POST['userDisplayName']);
}
if (isset($_POST['userDisplayName']) || isset($_POST['userBio'])) {
$sqlRequest = "UPDATE users SET display_name = :userDisplayName, bio = :userBio, last_update = now() WHERE ID = :userID";
$request = $pdo->prepare($sqlRequest);
$userDisplayName = isset($_POST['userDisplayName']) ? htmlspecialchars(substr($_POST['userDisplayName'], 0, 20)) : "Guest";
$userBio = isset($_POST['userBio']) ? htmlspecialchars(substr($_POST['userBio'], 0, 200)) : "";
$request->bindParam(":userDisplayName", $userDisplayName);
$request->bindParam(":userBio", $userBio);
$request->bindParam(":userID", $_SESSION['userID']);
if($request->execute()) {
$status = "Informations mises à jour";
$_SESSION['userDisplayName'] = htmlspecialchars($_POST['userDisplayName']);
}
}
$request = $pdo->prepare("SELECT ID, username, display_name, profile_picture, banner, bio FROM users WHERE ID = :userID");
$request = $pdo->prepare("SELECT username, display_name, profile_picture, banner, bio FROM users WHERE ID = :userID");
$request->bindParam(":userID", $_SESSION['userID']);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
if($result) {
$userID = $result[0]['ID'];
$userName = $result[0]['username'];
$userDisplayName = $result[0]['display_name'];
$userPPURL = $result[0]['profile_picture'] == NULL ? "https://abs.twimg.com/sticky/default_profile_images/default_profile_400x400.png" : $result[0]['profile_picture'];
@ -172,7 +179,7 @@ if($result) {
<header>
<div class="panel-content">
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social);?>
</div>
</header>
@ -225,9 +232,9 @@ if($result) {
<div><a href="/upload" class="button">Rédiger un article</a></div>
<?php
$search = isset($_GET['search']) ? "%" . htmlspecialchars($_GET['search']) . "%" : "%%";
$request = $pdo->prepare("SELECT ID, title, date, miniature, resume FROM articles WHERE (title LIKE :search OR ID LIKE :search) AND author = :userID ORDER BY date DESC");
$request = $pdo->prepare("SELECT ID, title, creation_date, miniature, resume FROM articles WHERE (title LIKE :search OR ID LIKE :search) AND author = :userID ORDER BY creation_date DESC");
$request->bindParam(":search", $search);
$request->bindParam(":userID", $userID);
$request->bindParam(":userID", $_SESSION['userID']);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
echo ('<h1>Vos articles</h1>');

84
html/admin/index.php
View File

@ -1,17 +1,48 @@
<?php
require("../../include/variables.php");
require("../../include/init.php");
if (!isset($_SESSION['userRole']) || $_SESSION['userRole'] < 50) {
http_response_code(403);
die("Vous n'êtes pas autorisé à accéder à cette ressource");
}
require("../../include/main-functions.php");
require("../../include/objects.php");
require("../../include/inputs.php");
require("../../include/panels.php");
if (!isset($_SESSION['userLevel']) || $_SESSION['userLevel'] < 3) {
http_response_code(403);
die("Vous n'êtes pas autorisé à accéder à cette ressource");
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
if (isset($_POST['user-id']) && isset($_POST['user-role']) && isset($_POST['user-accreditation']) && empty($_POST['user-id']) == false) {
$userID = (int)$_POST['user-id'];
$userRole = empty($_POST['user-role']) ? 1 : (int)$_POST['user-role'];
$userAccreditation = empty($_POST['user-accreditation']) ? 0 : (int)$_POST['user-accreditation'];
$sqlRequest = "UPDATE users SET role = :userRole, accreditation = :userAccreditation WHERE ID = :userID";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":userRole", $userRole);
$request->bindParam(":userAccreditation", $userAccreditation);
$request->bindParam(":userID", $userID);
if($request->execute()) {
$status = "Utilisateur mis à jour";
} else {
$status = "Erreur SQL";
}
}
if (isset($_POST['delete-user']) && isset($_POST['delete-user-id'])) {
$userID = (int)$_POST['delete-user-id'];
$sqlRequest = "DELETE FROM users WHERE ID = :userID";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":userID", $userID);
if($request->execute()) {
$status = "Utilisateur supprimé";
} else {
$status = "Erreur SQL";
}
}
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
?>
<!DOCTYPE html>
@ -20,6 +51,10 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
<head>
<?php fillHead($rootPageURL, $pageTitle, $darkTheme, $lightTheme);?>
<style>
.user-row {
margin: 3em;
display: inline-block
}
</style>
</head>
@ -27,7 +62,7 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
<header>
<div class="panel-content">
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social);?>
</div>
</header>
@ -39,8 +74,8 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
<main>
<div class="content">
<?=$status?>
<?php
echo ('<form action="" method="get">');
$shapePath = '<path d="M10.25 3.75c-3.59 0-6.5 2.91-6.5 6.5s2.91 6.5 6.5 6.5c1.795 0 3.419-.726 4.596-1.904 1.178-1.177 1.904-2.801 1.904-4.596 0-3.59-2.91-6.5-6.5-6.5zm-8.5 6.5c0-4.694 3.806-8.5 8.5-8.5s8.5 3.806 8.5 8.5c0 1.986-.682 3.815-1.824 5.262l4.781 4.781-1.414 1.414-4.781-4.781c-1.447 1.142-3.276 1.824-5.262 1.824-4.694 0-8.5-3.806-8.5-8.5z"></path>';
textInput("text", $shapePath, "search", "Chercher", "");
@ -48,7 +83,7 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
$search = isset($_GET['search']) ? '%' . $_GET['search'] . '%' : '%%';
$sqlRequest = "SELECT username, display_name, certification, profile_picture FROM users WHERE ID LIKE :search OR username LIKE :search OR display_name LIKE :search OR email LIKE :search ORDER BY date DESC";
$sqlRequest = "SELECT users.ID, users.username, users.display_name, users.role, users.accreditation, roles.badge_svg, users.profile_picture FROM users JOIN roles ON users.role = roles.ID WHERE users.ID LIKE :search OR users.username LIKE :search OR users.display_name LIKE :search OR users.email LIKE :search ORDER BY users.creation_date DESC";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":search", $search);
$request->execute();
@ -56,18 +91,41 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
if ($result) {
echo ('<div class="users-list">');
$sqlRequest = "SELECT ID, name FROM confidential_levels";
$request = $pdo->prepare($sqlRequest);
$request->execute();
$confidentialLevels = array();
foreach($request->fetchAll(PDO::FETCH_ASSOC) as $confidentialLevel) {
$confidentialLevels[$confidentialLevel['ID']] = $confidentialLevel['name'];
}
$sqlRequest = "SELECT ID, role_name FROM roles";
$request = $pdo->prepare($sqlRequest);
$request->execute();
$userRoles = array();
foreach($request->fetchAll(PDO::FETCH_ASSOC) as $userRole) {
$userRoles[$userRole['ID']] = $userRole['role_name'];
}
foreach($result as $row) {
$pubDateTime = strtotime($row['date']);
$pubDate = date('d/m/Y', $pubDateTime);
$userName = $row['username'];
$userDisplayName = $row['display_name'];
$userCertification = $row['certification'];
$userPPURL = $row['profile_picture'] == NULL ? "https://abs.twimg.com/sticky/default_profile_images/default_profile_400x400.png" : $row['profile_picture'];
userWidget($userPPURL, $userDisplayName, $userName, $userCertification, $badges, $rootPageURL);
echo ('<div class="user-row"><form action="#" method="post">');
userWidget($userPPURL, $row['display_name'], $row['username'], $row['badge_svg'], $rootPageURL);
selectInput("user-role", "Role", $userRoles, $row['role']);
selectInput("user-accreditation", "Accreditation", $confidentialLevels, $row['accreditation']);
echo ('<input type="hidden" name="user-id" value=' . $row['ID'] . '>');
echo ('<button type="submit">Mettre à jour</button>');
echo ('</form>');
echo ('<form action="#" method="post">');
echo ('<input type="hidden" name="delete-user-id" value="' . $row['ID'] . '">');
echo ('<button type="submit" name="delete-user">Supprimer</button>');
echo ('</div>');
}
echo ('</div>');
} else {
echo ('Aucun utilisateur trouvé.');
}
?>
<a href="/phpmyadmin" class="button">PHPMyAdmin</a>
</div>
</main>
<footer>

BIN
html/assets/banners/1.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 466 KiB

After

Width:  |  Height:  |  Size: 123 KiB

BIN
html/assets/banners/44.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 928 KiB

BIN
html/assets/miniatures/11.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 328 KiB

After

Width:  |  Height:  |  Size: 60 KiB

BIN
html/assets/miniatures/13.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 328 KiB

BIN
html/assets/miniatures/14.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 328 KiB

BIN
html/assets/miniatures/16.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 221 KiB

BIN
html/assets/miniatures/17.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 183 KiB

BIN
html/assets/pp/1.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 33 KiB

After

Width:  |  Height:  |  Size: 5.6 KiB

BIN
html/assets/pp/16.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 12 KiB

BIN
html/assets/pp/44.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 13 KiB

BIN
html/assets/pp/46.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 23 KiB

29
html/editor/index.php
View File

@ -1,27 +1,38 @@
<?php
require("../../include/variables.php");
require("../../include/init.php");
if (!isset($_SESSION['userRole']) || $_SESSION['userRole'] < 10) {
header("Location: /login");
http_response_code(403);
die('Veuillez vous connecter dans <a href="/login">/login</a>');
}
require("../../include/main-functions.php");
require("../../include/inputs.php");
require("../../include/panels.php");
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
if ($_SESSION['level'] < 1) {
header("Location: login.php");
http_response_code(404);
}
// Getting article informations
if (isset($_GET['article'])) {
$sqlRequest = "SELECT ID, title, resume, miniature, classification FROM articles WHERE ID = :articleID AND author = :authorID";
$sqlRequest = "SELECT ID, title, resume, miniature, classification FROM articles WHERE ID = :articleID AND (author = :authorID OR :authorRole = 50)";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":articleID", $_GET['article']);
$request->bindParam(":authorID", $_SESSION['userID']);
$request->bindParam(":authorRole", $_SESSION['userRole']);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
if ($result) {
$sqlRequest = "SELECT ID, name FROM confidential_levels";
$request = $pdo->prepare($sqlRequest);
$request->execute();
$confidentialLevels = array();
foreach($request->fetchAll(PDO::FETCH_ASSOC) as $confidentialLevel) {
$confidentialLevels[$confidentialLevel['ID']] = $confidentialLevel['name'];
}
$articleID = $result[0]['ID'];
$articleTitle = $result[0]['title'];
$articleResume = $result[0]['resume'];
@ -43,6 +54,7 @@ if (isset($_POST['delete-article']) && $_POST['delete-article'] == "delete") {
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":articleID", $articleID);
if($request->execute()) {
unlink($rootFilePath . "content/articles/" . $articleID . ".md");
$status = "Article supprimé";
$articleTitle = "";
$articleResume = "";
@ -58,13 +70,14 @@ if (isset($_POST['article-content']) && isset($_POST['classification']) && isset
file_put_contents($rootFilePath . "content/articles/" . $articleID . ".md", nl2br($_POST['article-content']));
$sqlRequest = "UPDATE articles SET title = :title, resume = :resume, classification = :classification WHERE ID = :articleID AND author = :authorID";
$sqlRequest = "UPDATE articles SET title = :title, resume = :resume, classification = :classification, last_update = now() WHERE ID = :articleID AND (author = :authorID OR :authorRole = 50)";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":title", htmlspecialchars($_POST['article-title']));
$request->bindParam(":resume", htmlspecialchars($_POST['article-resume']));
$request->bindParam(":classification", $_POST['classification'], PDO::PARAM_INT);
$request->bindParam(":articleID", $_GET['article'], PDO::PARAM_INT);
$request->bindParam(":authorID", $_SESSION['userID'], PDO::PARAM_INT);
$request->bindParam(":authorRole", $_SESSION['userRole']);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
if($request->execute()) {
@ -155,7 +168,7 @@ if (isset($_FILES['miniature']) && $_FILES['miniature']['error'] == 0 && isset($
<header>
<div class="panel-content">
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social);?>
</div>
</header>

22
html/index.php
View File

@ -20,7 +20,7 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
<header>
<div class="panel-content">
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social);?>
</div>
</header>
@ -32,22 +32,26 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
<main>
<div class="content">
<div class="markdown-text">
<?php
$pageContent = markdownContent('../content/pages/index.md', $rootFilePath);
echo($pageContent);
?>
<h1>Bienvenue sur le site de la E59</h1>
<h2>Qui sommes nous ?</h2>
<div>
Nous sommes un petit groupe de passionés d'informatique.<br>
Notre objectif est d'aider les membres de notre club à mener leurs projets que ça soit un site web, développer un jeu ou du pentest.<br>
Nous prévoyons de nous émanciper pour augmenter nos moyens matériels et financiers.<br>
Si le projet vous intéresse et que vous êtes étudiant à l'IUT de Vélizy, venez nous voir en E59 dans la Halle Bastié<br>
Vous pouvez aussi nous écrire à l'adresse <a href="mailto:club@e59.fr">club@e59.fr</a><br>
Au plaisir de vous rencontrer.
</div>
<h2>Nos dernières actualités</h2>
<div class="articles-list">
<?php
$sqlRequest = "SELECT articles.ID, articles.title, articles.date, articles.miniature, articles.resume, users.username, users.display_name, users.certification FROM articles JOIN users ON articles.author = users.ID WHERE articles.classification <= :userAccreditation ORDER BY date DESC LIMIT 3";
$sqlRequest = "SELECT articles.ID, articles.title, articles.creation_date, articles.miniature, articles.resume, users.username, users.display_name, roles.badge_svg FROM articles INNER JOIN users ON articles.author = users.ID LEFT JOIN roles ON users.role = roles.ID WHERE articles.classification <= :userAccreditation ORDER BY articles.creation_date DESC LIMIT 3";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":userAccreditation", $_SESSION['userAccreditation']);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
if ($result) {
listArticles($result, $rootPageURL, $badges);
listArticles($result, $rootPageURL);
}
?>
</div>

26
html/login/index.php
View File

@ -1,27 +1,31 @@
<?php
require("../../include/variables.php");
require("../../include/init.php");
require("../../include/main-functions.php");
require("../../include/inputs.php");
require("../../include/panels.php");
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
if (isset($_SESSION['userID'])) {
header("Location: /");
die("Vous êtes déjà connecté.");
}
require("../../include/main-functions.php");
require("../../include/inputs.php");
require("../../include/panels.php");
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
if (isset($_POST['username']) && isset($_POST['password'])) {
if (empty($_POST['username']) == false && empty($_POST['password']) == false) {
if(preg_match('!\S!u', $_POST['username']) && preg_match('!\S!u', $_POST['password'])) {
$sqlRequest = "SELECT ID, username, display_name, level, accreditation FROM users WHERE (username = :username OR email = :username) AND password = :password";
$sqlRequest = "SELECT ID, username, display_name, role, accreditation FROM users WHERE (username = :username OR email = :username) AND password = :password";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":username", htmlspecialchars($_POST['username']));
$request->bindParam(":password", md5($_POST['password']));
$userName = htmlspecialchars($_POST['username']);
$userPassword = md5($_POST['password']);
$request->bindParam(":username", $userName);
$request->bindParam(":password", $userPassword);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
@ -30,7 +34,7 @@ if (isset($_POST['username']) && isset($_POST['password'])) {
$_SESSION['userID'] = $result[0]['ID'];
$_SESSION['userName'] = $result[0]['username'];
$_SESSION['userDisplayName'] = $result[0]['display_name'];
$_SESSION['userLevel'] = $result[0]['level'];
$_SESSION['userRole'] = $result[0]['role'];
$_SESSION['userAccreditation'] = $result[0]['accreditation'];
$redirectPage = isset($_GET['p']) ? $_GET['p'] : "";
header('Location: /' . $redirectPage);
@ -53,7 +57,7 @@ if (isset($_POST['username']) && isset($_POST['password'])) {
<html lang="fr">
<head>
<?php fillHead($rootPageURL, $pageTitle, $darkTheme, $lightTheme);?>
<?php fillHead($rootPageURL, "Se connecter - " . $pageName, $darkTheme, $lightTheme);?>
<style>
</style>
</head>
@ -62,7 +66,7 @@ if (isset($_POST['username']) && isset($_POST['password'])) {
<header>
<div class="panel-content">
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social);?>
</div>
</header>

109
html/login/register.php
View File

@ -1,61 +1,76 @@
<?php
require("../../include/variables.php");
require("../../include/init.php");
require("../../include/main-functions.php");
require("../../include/inputs.php");
require("../../include/panels.php");
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
if (isset($_SESSION['userID'])) {
header("Location: index.php");
die("Vous êtes déjà connecté");
}
if (isset($_POST['username']) && isset($_POST['password1']) && isset($_POST['password2'])) {
if(empty($_POST['username']) == false && empty($_POST['password1']) === false && empty($_POST['password2']) === false) {
if(preg_match('!\S!u', $_POST['username']) && preg_match('!\S!u', $_POST['password1']) && preg_match('!\S!u', $_POST['password2'])) {
if($_POST['password1'] == $_POST['password2']) {
require("../../include/main-functions.php");
require("../../include/inputs.php");
require("../../include/panels.php");
if (empty($_POST['email']) === false && preg_match('!\S!u', $_POST['username']) == false) {
$status = "Caractères illégaux";
} else {
$userEmail = isset($_POST['email']) ? strtolower($_POST['email']) : NULL;
$userDisplayName = htmlspecialchars(substr($_POST['username'], 0, 20));
$userName = str_replace(" ", "_", strtolower(htmlspecialchars(substr($_POST['username'], 0, 20))));
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
$sqlRequest = "SELECT ID FROM users WHERE username = :username";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":username", $userName);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
if($result) {
$status = "Le nom d'utilisateur existe déjà";
} else {
$request = $pdo->prepare("INSERT INTO users (username, password, email, display_name, level, accreditation) VALUES (:username, :password, :email, :display_name, 1, 1)");
$request->bindParam(':username', $userName);
$request->bindParam(':password', md5($_POST['password1']));
$request->bindParam(':email', $userEmail);
$request->bindParam(':display_name', $userDisplayName);
if ($request->execute()) {
header("Location: index.php");
exit();
} else {
$status = "Erreur SQL";
}
}
}
} else {
$status = "Les mots de passe ne correspondent pas";
}
if(isset($_POST['username'])) {
if(isset($_POST['g-recaptcha-response'])) {
$recaptchaResponse = $_POST['g-recaptcha-response'];
$recaptchaUrl = 'https://www.google.com/recaptcha/api/siteverify?secret=' . urlencode($recaptchaSecretKey) . '&response=' . urlencode($recaptchaResponse);
$recaptcha = json_decode(file_get_contents($recaptchaUrl));
if (!$recaptcha->success) {
$status = "Veuillez cocher la case reCAPTCHA.";
} else {
$status = "Caractères illégaux";
if (isset($_POST['password1']) && isset($_POST['password2'])) {
if(empty($_POST['username']) == false && empty($_POST['password1']) === false && empty($_POST['password2']) === false) {
if(preg_match('!\S!u', $_POST['username']) && preg_match('!\S!u', $_POST['password1']) && preg_match('!\S!u', $_POST['password2'])) {
if($_POST['password1'] == $_POST['password2']) {
if (empty($_POST['email']) === false && preg_match('!\S!u', $_POST['username']) == false) {
$status = "Caractères illégaux";
} else {
$userEmail = isset($_POST['email']) ? strtolower($_POST['email']) : NULL;
$userDisplayName = htmlspecialchars(substr($_POST['username'], 0, 20));
$userName = str_replace(" ", "_", strtolower(htmlspecialchars(substr($_POST['username'], 0, 20))));
$sqlRequest = "SELECT ID FROM users WHERE username = :username";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":username", $userName);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
if($result) {
$status = "Le nom d'utilisateur existe déjà";
} else {
$request = $pdo->prepare("INSERT INTO users (username, password, email, display_name, role, accreditation) VALUES (:username, :password, :email, :display_name, 1, 1)");
$request->bindParam(':username', $userName);
$request->bindParam(':password', md5($_POST['password1']));
$request->bindParam(':email', $userEmail);
$request->bindParam(':display_name', $userDisplayName);
if ($request->execute()) {
header("Location: index.php");
exit();
} else {
$status = "Erreur SQL";
}
}
}
} else {
$status = "Les mots de passe ne correspondent pas";
}
} else {
$status = "Caractères illégaux";
}
} else {
$status = "Les champs ne doivent pas être vides";
}
}
}
} else {
$status = "Les champs ne doivent pas être vides";
$status = "Erreur, captcha vide";
}
}
?>
@ -64,7 +79,8 @@ if (isset($_POST['username']) && isset($_POST['password1']) && isset($_POST['pas
<html lang="fr">
<head>
<?php fillHead($rootPageURL, $pageTitle, $darkTheme, $lightTheme);?>
<?php fillHead($rootPageURL, "Créer un compte - " . $pageName, $darkTheme, $lightTheme);?>
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<style>
/* CUSTOM STYLE */
</style>
@ -74,7 +90,7 @@ if (isset($_POST['username']) && isset($_POST['password1']) && isset($_POST['pas
<header>
<div class="panel-content">
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social);?>
</div>
</header>
@ -96,6 +112,7 @@ if (isset($_POST['username']) && isset($_POST['password1']) && isset($_POST['pas
textInput("password", "", "password1", "Mot de Passe", "");
textInput("password", "", "password2", "Confirmation du Mot de passe", "");
?>
<div class="g-recaptcha" data-sitekey="<?=$recaptchaSiteKey?>" data-theme="dark" data-size="normal"></div>
<button type="submit">Créer un compte</button>
<div>ou</div>
<a href="index.php" class="button">Se connecter</a>

182
html/news/index.php
View File

@ -7,13 +7,90 @@ require("../../include/inputs.php");
require("../../include/panels.php");
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
if (isset($_GET['article']) && filter_var($_GET['article'], FILTER_VALIDATE_INT) && file_exists($rootFilePath . 'content/articles/' . $_GET['article'] . '.md')) {
$sqlRequest = "SELECT articles.ID, articles.title, articles.creation_date, articles.last_update, articles.miniature, articles.resume, articles.author, users.username, users.display_name, roles.badge_svg, users.profile_picture FROM articles INNER JOIN users ON articles.author = users.ID LEFT JOIN roles ON users.role = roles.ID WHERE articles.ID = :articleID AND (articles.classification <= :userAccreditation OR articles.author = :userID)";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":articleID", $_GET['article']);
$request->bindParam(":userAccreditation", $_SESSION['userAccreditation']);
$request->bindParam(":userID", $_SESSION['userID']);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
if($result) {
$pubDateTime = strtotime($result[0]['creation_date']);
$pubDate = date('d/m/Y H:i', $pubDateTime);
$updateDateTime = strtotime($result[0]['last_update']);
if($updateDateTime != $pubDateTime) {
$updateDate = date('d/m/Y H:i', $updateDateTime);
} else {
$updateDate = 0;
}
$articleID = $result[0]['ID'];
$articleTitle = $result[0]['title'];
$articleResume = $result[0]['resume'];
$articleDescription = str_replace("<br />", "", $articleResume);
$miniatureURL = $result[0]['miniature'];
$authorUsername = $result[0]['username'];
$authorDisplayName = $result[0]['display_name'];
$authorBadge = $result[0]['badge_svg'];
$authorPPURL = $result[0]['profile_picture'] == NULL ? "https://abs.twimg.com/sticky/default_profile_images/default_profile_400x400.png" : $result[0]['profile_picture'];
$authorID = $result[0]['author'];
}
} else {
$search = isset($_GET['search']) ? "%" . htmlspecialchars($_GET['search']) . "%" : "%%";
$sqlRequest = "SELECT articles.ID, articles.title, articles.creation_date, articles.miniature, articles.resume, users.username, users.display_name, roles.badge_svg FROM articles INNER JOIN users ON articles.author = users.ID LEFT JOIN roles ON users.role = roles.ID WHERE (articles.title LIKE :search OR articles.ID LIKE :search OR users.username LIKE :search OR users.display_name LIKE :search) AND (articles.classification <= :userAccreditation OR articles.author = :userID) ORDER BY articles.creation_date DESC";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":search", $search);
$request->bindParam(":userAccreditation", $_SESSION['userAccreditation']);
$request->bindParam(":userID", $_SESSION['userID']);
$request->execute();
$articlesResult = $request->fetchAll(PDO::FETCH_ASSOC);
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<?php fillHead($rootPageURL, $pageTitle, $darkTheme, $lightTheme);?>
<?php
if (isset($articleID)) {
echo ('<meta name="description" content="' . $articleDescription . '">');
echo ('<meta name="author" content="' . $authorDisplayName . '">');
echo ('<meta property="og:locale" content="fr_FR">');
echo ('<meta property="og:site_name" content="E59">');
echo ('<meta property="og:type" content="article">');
echo ('<meta property="og:title" content="' . $articleTitle . '">');
echo ('<meta property="og:description" content="' . $articleDescription . '">');
echo ('<meta property="og:url" content="' . $rootPageURL . 'news?article=' . $articleID . '">');
echo ('<meta property="og:image" content="' . $rootPageURL . $miniatureURL . '">');
echo ('<meta property="og:image:width" content="500">');
echo ('<meta property="og:image:height" content="300">');
echo ('<meta property="og:image:type" content="image/png">');
echo ('<meta property="og:article:published_time" content="' . $pubDateTime . '">');
echo ('<meta property="og:article:modified_time" content="' . $updateDateTime . '">');
echo ('<meta property="twitter:card" content="summary_large_image">');
echo ('<meta property="twitter:site" content="@clubreseaux">');
echo ('<meta property="twitter:title" content="' . $articleTitle . '">');
echo ('<meta property="twitter:description" content="' . $articleDescription . '">');
echo ('<meta property="twitter:url" content="' . $rootPageURL . 'news?article=' . $articleID . '">');
echo ('<meta property="twitter:image" content="' . $rootPageURL . $miniatureURL . '">');
echo ('<meta property="ownpage:title" content="' . $articleTitle . '">');
echo ('<meta property="ownpage:description" content="' . $articleDescription . '">');
echo ('<meta property="ownpage:published_date" content="' . $pubDateTime . '">');
echo ('<meta property="ownpage:image" content="' . $rootPageURL . $miniatureURL . '">');
echo ('<meta property="ownpage:offer_url" content="' . $rootPageURL . 'news?article=' . $articleID . '">');
echo ('<meta name="robots" content="max-snippet:-1,max-image-preview:large,noarchive">');
fillHead($rootPageURL, $articleTitle, $darkTheme, $lightTheme);
} else {
fillHead($rootPageURL, "Actualités - " . $pageName, $darkTheme, $lightTheme);
}
?>
<style>
.article .article-title {
font-family: cfont, Arial, sans-serif;
@ -30,17 +107,27 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
max-height: 30em;
}
.article .article-content {
font-family: cfont, Arial, sans-serif;
}
.article .article-content p {
font-family: Calibri, Arial, sans-serif;
}
.article .article-content img {
max-width: 100%;
max-height: 30em;
}
.article .article-content h1 {
font-family: Arial, sans-serif;
font-weight: bold;
font-size: 2em;
}
.article .article-content h2 {
font-weight: normal;
}
.button {
display: block;
width: min-content;
@ -52,7 +139,7 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
<header>
<div class="panel-content">
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social);?>
</div>
</header>
@ -65,64 +152,35 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
<main>
<div class="content">
<?php
if (isset($_GET['article']) && filter_var($_GET['article'], FILTER_VALIDATE_INT) && file_exists($rootFilePath . 'content/articles/' . $_GET['article'] . '.md')) {
$sqlRequest = "SELECT articles.ID, articles.title, articles.date, articles.miniature, articles.resume, articles.author, users.username, users.display_name, users.certification, users.profile_picture FROM articles JOIN users ON articles.author = users.ID WHERE articles.ID = :articleID AND (articles.classification <= :userAccreditation OR articles.author = :userID)";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":articleID", $_GET['article']);
$request->bindParam(":userAccreditation", $_SESSION['userAccreditation']);
$request->bindParam(":userID", $_SESSION['userID']);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
if($result) {
$pubDateTime = strtotime($result[0]['date']);
$pubDate = date('d/m/Y', $pubDateTime);
$articleID = $result[0]['ID'];
$articleTitle = $result[0]['title'];
$articleResume = $result[0]['resume'];
$miniatureURL = $result[0]['miniature'];
$authorUsername = $result[0]['username'];
$authorDisplayName = $result[0]['display_name'];
$authorCertification = $result[0]['certification'];
$authorPPURL = $result[0]['profile_picture'] == NULL ? "https://abs.twimg.com/sticky/default_profile_images/default_profile_400x400.png" : $result[0]['profile_picture'];
$authorID = $result[0]['author'];
echo ('<div class="article">');
echo ('<div class="article-info">');
echo ('<div class="article-title">' . $articleTitle . '</div>');
echo ('<div class="article-date">' . $pubDate . '</div>');
if ($_SESSION['userID'] == $authorID) {
echo ('<a href="/editor?article=' . $articleID . '" class="button">Editer</a>');
}
userWidget($authorPPURL, $authorDisplayName, $authorUsername, $authorCertification, $badges, $rootPageURL);
echo ('<div class="article-illustration">');
echo ('<img src="' . $miniatureURL . '"/>');
echo ('</div>');
echo ('<div class="article-content">');
$pageContent = markdownContent($rootFilePath . 'content/articles/' . $articleID . '.md', $rootFilePath);
echo($pageContent);
echo ('</div>');
echo ('</div>');
echo ('</div>');
if(isset($articleID)) {
echo ('<div class="article">');
echo ('<div class="article-info">');
echo ('<div class="article-title">' . $articleTitle . '</div>');
echo ('<div class="article-date">' . $pubDate);
if ($updateDate != 0) {
echo (' (Mis à jour le ' . $updateDate . ')');
}
echo ('</div>');
if ($_SESSION['userID'] == $authorID || $_SESSION['userRole'] == 50) {
echo ('<a href="/editor?article=' . $articleID . '" class="button">Editer</a>');
}
} else {
$search = isset($_GET['search']) ? "%" . htmlspecialchars($_GET['search']) . "%" : "%%";
$sqlRequest = "SELECT articles.ID, articles.title, articles.date, articles.miniature, articles.resume, users.username, users.display_name, users.certification FROM articles JOIN users ON articles.author = users.ID WHERE (articles.title LIKE :search OR articles.ID LIKE :search OR users.username LIKE :search OR users.display_name LIKE :search) AND (articles.classification <= :userAccreditation OR articles.author = :userID) ORDER BY articles.date DESC";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":search", $search);
$request->bindParam(":userAccreditation", $_SESSION['userAccreditation']);
$request->bindParam(":userID", $_SESSION['userID']);
$request->execute();
$articlesResult = $request->fetchAll(PDO::FETCH_ASSOC);
userWidget($authorPPURL, $authorDisplayName, $authorUsername, $authorBadge, $rootPageURL);
echo ('<h1>News</h1>');
echo ('<div class="article-illustration">');
echo ('<img src="' . $miniatureURL . '"/>');
echo ('</div>');
echo ('<div class="article-content">');
$pageContent = markdownContent($rootFilePath . 'content/articles/' . $articleID . '.md', $rootFilePath);
echo($pageContent);
echo ('</div>');
echo ('</div>');
echo ('</div>');
} else {
echo ('<h1>Actualités</h1>');
echo ('<form action="" method="get">');
$shapePath = '<path d="M10.25 3.75c-3.59 0-6.5 2.91-6.5 6.5s2.91 6.5 6.5 6.5c1.795 0 3.419-.726 4.596-1.904 1.178-1.177 1.904-2.801 1.904-4.596 0-3.59-2.91-6.5-6.5-6.5zm-8.5 6.5c0-4.694 3.806-8.5 8.5-8.5s8.5 3.806 8.5 8.5c0 1.986-.682 3.815-1.824 5.262l4.781 4.781-1.414 1.414-4.781-4.781c-1.447 1.142-3.276 1.824-5.262 1.824-4.694 0-8.5-3.806-8.5-8.5z"></path>';
@ -130,7 +188,7 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
echo ('</form>');
if(empty($_GET['search']) == false) {
$sqlRequest = "SELECT username, display_name, certification, profile_picture FROM users WHERE username LIKE :search OR display_name LIKE :search";
$sqlRequest = "SELECT users.username, users.display_name, roles.badge_svg, users.profile_picture FROM users JOIN roles ON users.role = roles.ID WHERE username LIKE :search OR display_name LIKE :search";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":search", $search);
$request->execute();
@ -139,7 +197,7 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
echo ('<div class="users-list">');
foreach ($userResult as $user) {
$userPPURL = $user['profile_picture'] == NULL ? "https://abs.twimg.com/sticky/default_profile_images/default_profile_400x400.png" : $user['profile_picture'];
userWidget($userPPURL, $user['display_name'], $user['username'], $user['certification'], $badges, $rootPageURL);
userWidget($userPPURL, $user['display_name'], $user['username'], $user['badge_svg'], $rootPageURL);
}
echo ('</div>');
}
@ -147,7 +205,7 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
if ($articlesResult) {
echo('<div class="articles-list">');
listArticles($articlesResult, $rootPageURL, $badges);
listArticles($articlesResult, $rootPageURL);
echo('</div>');
} else {
echo ('Aucun article trouvé');

15
html/settings/deleteaccount.php
View File

@ -1,16 +1,19 @@
<?php
require("../../include/variables.php");
require("../../include/init.php");
if (isset($_SESSION['userID']) == false || empty($_SESSION['userID'])) {
header("Location: /login");
http_response_code(403);
die('Veuillez vous connecter dans <a href="/login">/login</a>');
}
require("../../include/main-functions.php");
require("../../include/panels.php");
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
if (!isset($_SESSION['userID'])) {
header("Location: /login");
http_response_code(403);
}
if (isset($_POST['delete-account']) && $_POST['delete-account'] == "delete-account") {
$sqlRequest = "DELETE FROM users WHERE ID = :userID";
$request = $pdo->prepare($sqlRequest);
@ -60,7 +63,7 @@ if (isset($_POST['delete-account']) && $_POST['delete-account'] == "delete-accou
<header>
<div class="panel-content">
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social);?>
</div>
</header>

25
html/settings/index.php
View File

@ -1,32 +1,37 @@
<?php
require("../../include/variables.php");
require("../../include/init.php");
if (isset($_SESSION['userID']) == false || empty($_SESSION['userID'])) {
header("Location: /login");
http_response_code(403);
die('Veuillez vous connecter dans <a href="/login">/login</a>');
}
require("../../include/main-functions.php");
require("../../include/inputs.php");
require("../../include/panels.php");
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
if (!isset($_SESSION['userID'])) {
header("Location: /login");
http_response_code(403);
}
if (isset($_POST['username']) && isset($_POST['email'])) {
if(empty($_POST['username']) == false) {
if(preg_match('!\S!u', $_POST['username']) && preg_match('!\S!u', $_POST['email'])) {
$sqlRequest = "SELECT ID FROM users WHERE username = :username";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":username", htmlspecialchars(substr($_POST['username'], 0, 20)));
$userName = htmlspecialchars(substr($_POST['username'], 0, 20));
$request->bindParam(":username", $userName);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
if($result && $result[0]['ID'] != $_SESSION['userID']) {
$status = "Le nom d'utilisateur n'est pas disponible";
} else {
$sqlRequest = "UPDATE users SET username = :username, email = :email WHERE ID = :userID";
$sqlRequest = "UPDATE users SET username = :username, email = :email, last_update = now() WHERE ID = :userID";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":username", htmlspecialchars(substr($_POST['username'], 0, 20)));
$request->bindParam(":email", htmlspecialchars($_POST['email']));
$request->bindParam(":username", $userName);
$userEmail = htmlspecialchars($_POST['email']);
$request->bindParam(":email", $userEmail);
$request->bindParam(":userID", $_SESSION['userID']);
if($request->execute()) {
$status = "Informations mises à jour";
@ -60,7 +65,7 @@ if (isset($_POST['username']) && isset($_POST['email'])) {
<header>
<div class="panel-content">
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social);?>
</div>
</header>

12
html/sitemap.xml
View File

@ -2,18 +2,22 @@
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<url>
<loc>https://e59.fr/</loc>
<lastmod>2024-03-14</lastmod>
<lastmod>2024-03-18</lastmod>
</url>
<url>
<loc>https://e59.fr/news</loc>
<lastmod>2024-03-18</lastmod>
</url>
<url>
<loc>https://e59.fr/login</loc>
<lastmod>2024-03-14</lastmod>
<lastmod>2024-03-18</lastmod>
</url>
<url>
<loc>https://e59.fr/login/register.php</loc>
<lastmod>2024-03-14</lastmod>
<lastmod>2024-03-18</lastmod>
</url>
<url>
<loc>https://e59.fr/about</loc>
<lastmod>2024-03-14</lastmod>
<lastmod>2024-03-18</lastmod>
</url>
</urlset>

79
html/src/css/style.css
View File

@ -13,8 +13,10 @@ html {
body {
font-family: cfont, Arial, sans-serif;
font-size: 20px;
color: var(--text);
margin: 0;
line-height: 1.3;
}
a {
@ -72,11 +74,11 @@ input:focus, textarea:focus {
color: var(--text);
border-radius: 10px;
padding: 0.5em 1em;
font-size: 1.2em;
display: inline-block;
border: none;
border-radius: 1.5em;
margin: 0.5em 0;
font-size: 0.8em;
}
.status {
@ -102,7 +104,8 @@ header {
}
.logo-img:hover {
box-shadow: 0 0 15px rgba(255, 255, 255, 0.322);
-webkit-filter: drop-shadow(0 0 10px rgba(255, 255, 255, 0.1));
filter: drop-shadow(0 0 10px rgba(255, 255, 255, 0.1));
}
.header-title-container {
@ -114,6 +117,40 @@ header {
font-size: 3em;
}
.social-zone {
display: flex;
justify-content: right;
}
.social-zone .social-link {
margin: 0 0.2em;
}
.social-zone .social-logo {
height: 1.2em;
border-radius: 0;
}
.social-zone .instagram-logo {
background-image: url("/src/svg/instagram.svg");
background-size: contain;
}
.social-zone .linkedin-logo {
-webkit-mask: url("/src/svg/linkedin.svg");
mask: url("/src/svg/linkedin.svg") no-repeat center;
}
.social-zone .x-logo {
-webkit-mask: url("/src/svg/x.svg");
mask: url("/src/svg/x.svg") no-repeat center;
}
.social-zone .youtube-logo {
-webkit-mask: url("/src/svg/youtube.svg");
mask: url("/src/svg/youtube.svg") no-repeat center;
}
/* NAV */
@ -126,15 +163,19 @@ nav {
.nav-link {
padding: 0.5em;
background-color: var(--buttons);
margin-right: 1em;
border-radius: 10px;
border-bottom: 1px solid var(--panel-background)
}
.nav-link:hover {
border-bottom: 1px solid var(--text)
}
/* MAIN */
main {
font-family: Helvetica, Arial, sans-serif;
font-family: Calibri, Arial, sans-serif;
background: var(--background);
width: 100%;
margin: 0;
@ -143,8 +184,23 @@ main {
main h1 {
font-family: cfont, Arial, sans-serif;
font-size: 3em;
font-size: 2em;
font-weight: lighter;
margin: 2em 0 0.5em 0;
}
main h2 {
font-family: cfont, Arial, sans-serif;
font-size: 1.5em;
font-weight: lighter;
margin: 2em 0 0.5em 0;
}
main h3 {
font-family: cfont, Arial, sans-serif;
font-size: 1em;
font-weight: lighter;
margin: 2em 0 0.5em 0;
}
/* FOOTER */
@ -155,6 +211,7 @@ footer {
padding: 1em;
background: var(--panel-background);
display: flex;
font-size: 0.8em;
}
/* ARTICLES LISTING */
@ -239,7 +296,6 @@ footer {
}
.file-input input[type='file'] {
background-color: var(--buttons);
padding: 0.5em;
border-radius: 1.5em;
}
@ -334,7 +390,7 @@ footer {
}
.user-widget .user-display-name {
font-weight: bold;
font-family: cfont, Arial, sans-serif;
display: flex;
white-space: nowrap;
}
@ -379,7 +435,7 @@ footer {
}
.user-profile .display-name {
font-weight: bold;
font-family: cfont, Arial, sans-serif;
display: inline;
}
@ -405,6 +461,13 @@ footer {
margin: 0 auto;
}
.g-recaptcha {
margin: 1em auto;
width: 300px;
height: 75px;
overflow: hidden;
}
/* PHONE SCREEN */
@media(max-width: 750px) {

BIN
html/src/img/athena-mono.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 404 KiB

BIN
html/src/img/e59.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 35 KiB

BIN
html/src/img/tampon-club.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 209 KiB

6
html/src/svg/instagram.svg Normal file
View File

@ -0,0 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg id="Instagram" data-name="Instagram" class="social-icon" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1000 1000">
<defs>
</defs>
<path fill="#fff" class="cls-1" d="M292.92,3.46c-53.2,2.51-89.54,11.03-121.29,23.47-32.87,12.81-60.73,29.99-88.45,57.82-27.75,27.85-44.79,55.76-57.51,88.66-12.31,31.83-20.66,68.19-23,121.42C.33,348.17-.2,365.18.06,500.96c.26,135.76.86,152.8,3.4,206.15,2.54,53.19,11.03,89.51,23.47,121.28,12.83,32.87,29.99,60.72,57.83,88.45,27.83,27.73,55.76,44.76,88.68,57.49,31.8,12.3,68.17,20.67,121.39,23,53.33,2.35,70.36,2.87,206.1,2.61,135.8-.26,152.83-.86,206.16-3.39,53.2-2.54,89.5-11.06,121.29-23.47,32.87-12.86,60.73-29.99,88.45-57.83,27.72-27.83,44.76-55.76,57.48-88.68,12.31-31.8,20.69-68.17,23-121.36,2.33-53.36,2.88-70.41,2.62-206.16-.26-135.77-.87-152.78-3.4-206.1-2.53-53.23-11.05-89.54-23.47-121.32-12.85-32.87-29.99-60.7-57.82-88.45-27.83-27.72-55.76-44.79-88.68-57.48-31.82-12.31-68.17-20.7-121.39-23C651.85.32,634.83-.2,499.04.06c-135.76.26-152.78.84-206.11,3.4M298.76,907.34c-48.75-2.12-75.22-10.22-92.86-17.01-23.36-9.04-40.03-19.88-57.58-37.29-17.51-17.48-28.38-34.1-37.5-57.41-6.85-17.64-15.1-44.08-17.38-92.83-2.48-52.7-3.05-68.51-3.29-202.02-.26-133.47.23-149.29,2.53-202.03,2.09-48.71,10.24-75.22,17.01-92.84,9.04-23.39,19.84-40.03,37.29-57.58,17.48-17.54,34.1-28.38,57.43-37.5,17.63-6.89,44.06-15.07,92.79-17.38,52.73-2.5,68.53-3.03,202-3.29,133.5-.26,149.32.21,202.06,2.53,48.71,2.12,75.22,10.19,92.83,17.01,23.38,9.04,40.05,19.81,57.58,37.29,17.53,17.48,28.4,34.07,37.52,57.45,6.88,17.58,15.07,44.05,17.37,92.76,2.51,52.73,3.08,68.54,3.32,202.02.26,133.51-.23,149.32-2.54,202.03-2.12,48.75-10.21,75.23-17.01,92.89-9.04,23.34-19.85,40.01-37.31,57.56-17.46,17.48-34.08,28.38-57.43,37.5-17.59,6.87-44.06,15.07-92.76,17.38-52.73,2.48-68.53,3.05-202.05,3.29-133.47.26-149.27-.24-202.01-2.53M706.36,232.73c.06,33.11,26.99,59.92,60.1,59.86,33.13-.06,59.94-26.97,59.89-60.09-.07-33.11-26.99-59.94-60.12-59.88-33.13.06-59.94,26.99-59.88,60.1M243.27,500.49c.27,141.8,115.44,256.5,257.21,256.22,141.78-.28,256.54-115.41,256.27-257.21-.28-141.75-115.46-256.51-257.26-256.24-141.77.28-256.5,115.46-256.22,257.23M333.33,500.31c-.16-92.03,74.33-166.8,166.34-166.96,92.03-.18,166.81,74.28,166.99,166.33.18,92.05-74.31,166.8-166.36,166.98-92.02.18-166.8-74.29-166.97-166.34"/>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 2.3 KiB

14
html/src/svg/linkedin.svg Normal file
View File

@ -0,0 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg id="linkedin" data-name="Linkedin" class="social-logo" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1000 1000">
<defs>
</defs>
<g>
<path fill="#fff" class="cls-1" d="M541.19,362.58l-33.64-19.5c-4.76-2.76-10.33-2.76-15.09,0l-33.64,19.5c-5.82,3.37-9.51,10.34-9.51,17.96v38.08c0,.79.38,1.51.98,1.86l9.76,5.66h0s38.08,22.08,38.08,22.08c1.18.68,2.56.68,3.73,0l33.93-19.67c1.91-1.11,4.16.53,4.16,3.04h0c0,1.29-.62,2.47-1.61,3.04l-35.63,20.66c-1.71.99-3.71.99-5.42,0l-46.48-26.94c-.69-.4-1.51.19-1.51,1.1h0c0,6.42,3.1,12.28,8,15.12l35.15,20.38c4.76,2.76,10.33,2.76,15.09,0l33.64-19.5c5.82-3.37,9.51-10.34,9.51-17.96v-46.92c0-7.63-3.69-14.59-9.51-17.96ZM539.95,409.21c0,2.74-1.32,5.24-3.42,6.45l-33.83,19.61c-1.71.99-3.71.99-5.42,0l-33.83-19.61c-2.09-1.21-3.42-3.71-3.42-6.45v-30.42c0-2.74,1.32-5.24,3.42-6.45l33.83-19.61c1.71-.99,3.71-.99,5.42,0l33.83,19.61c2.09,1.21,3.42,3.71,3.42,6.45v30.42Z"/>
<path fill="#fff" class="cls-1" d="M529.28,378.86l-7.14-4.01c-.59-.33-1.28-.33-1.87,0l-9.08,5.1-9.48,5.33c-1.08.61-2.35.61-3.43,0l-8.14-4.57c-.55-.31-.55-1.2,0-1.5l9.86-5.54,8-4.5c.82-.46.82-1.8,0-2.26l-6.47-3.64c-.96-.54-2.09-.54-3.05,0l-27.76,15.6s-.01,0-.02,0c-.78.44-.76,1.72.02,2.16l26.2,14.72c1.94,1.09,4.22,1.09,6.16,0l16.57-9.31c.71-.4,1.54.19,1.54,1.09v12.92c0,1.2-.6,2.3-1.54,2.83l-18.67,10.49c-.62.35-1.34.35-1.96,0l-18.72-10.52c-.91-.51-1.49-1.57-1.49-2.73v-3.54c0-.49-.25-.94-.63-1.16l-7.74-4.35c-.75-.42-1.64.2-1.64,1.16v12.97c0,1.49.75,2.86,1.92,3.52l27.75,15.59c.96.54,2.09.54,3.05,0l27.75-15.59c1.18-.66,1.92-2.03,1.92-3.52v-23.23c0-1.49-.75-2.86-1.92-3.52Z"/>
</g>
<g>
<path fill="#fff" class="cls-1" d="M339.72,269.41c0,41.94-34,75.93-75.93,75.93s-75.93-34-75.93-75.93,34-75.93,75.93-75.93,75.93,34,75.93,75.93ZM331.69,794.24h-127.09v-411.83h127.09v411.83Z"/>
<path fill="#fff" class="cls-1" d="M793.09,794.24h-127.06v-229.51c0-63.99-22.86-96-68.57-96-22.05,0-40.2,8.47-54.45,25.41-14.26,16.94-21.38,38.46-21.38,64.54v235.56h-127.46v-413.03h127.46v65.34h1.61c30.38-50.28,74.62-75.43,132.7-75.43,91.42,0,137.14,56.74,137.14,170.22v252.9Z"/>
</g>
<path fill="#fff" class="cls-1" d="M755,90c41.4,0,80.33,16.12,109.6,45.4,29.28,29.28,45.4,68.2,45.4,109.6v510c0,41.4-16.12,80.33-45.4,109.6-29.28,29.28-68.2,45.4-109.6,45.4H245c-41.4,0-80.33-16.12-109.6-45.4s-45.4-68.2-45.4-109.6V245c0-41.4,16.12-80.33,45.4-109.6,29.28-29.28,68.2-45.4,109.6-45.4h510M755,0H245C109.69,0,0,109.69,0,245v510c0,135.31,109.69,245,245,245h510c135.31,0,245-109.69,245-245V245C1000,109.69,890.31,0,755,0h0Z"/>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 2.5 KiB

7
html/src/svg/x.svg Normal file
View File

@ -0,0 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg id="x-logo" data-name="X" class="social-logo" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1000 1000">
<defs>
</defs>
<path fill="#fff" class="cls-1" d="M755,90c41.4,0,80.33,16.12,109.6,45.4,29.28,29.28,45.4,68.2,45.4,109.6v510c0,41.4-16.12,80.33-45.4,109.6-29.28,29.28-68.2,45.4-109.6,45.4H245c-41.4,0-80.33-16.12-109.6-45.4s-45.4-68.2-45.4-109.6V245c0-41.4,16.12-80.33,45.4-109.6,29.28-29.28,68.2-45.4,109.6-45.4h510M755,0H245C109.69,0,0,109.69,0,245v510c0,135.31,109.69,245,245,245h510c135.31,0,245-109.69,245-245V245C1000,109.69,890.31,0,755,0h0Z"/>
<path fill="#fff" class="cls-1" d="M554.45,447.86l218.84-254.38h-51.86l-190.02,220.88-151.77-220.88h-175.05l229.5,334.01-229.5,266.76h51.86l200.66-233.25,160.28,233.25h175.05l-238.01-346.38h.01ZM483.42,530.42l-23.25-33.26-185.02-264.65h79.66l149.31,213.58,23.25,33.26,194.09,277.62h-79.66l-158.38-226.54h0Z"/>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 925 B

6
html/src/svg/youtube.svg Normal file
View File

@ -0,0 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg id="yt-logo" data-name="Youtube" class="social-logo" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1428.57 1000">
<defs>
</defs>
<path fill="#fff" class="cls-1" d="M1398.72,156.15c-16.43-61.46-64.84-109.87-126.3-126.3C1161.01,0,714.29,0,714.29,0,714.29,0,267.56,0,156.15,29.85c-61.46,16.43-109.87,64.84-126.3,126.3C0,267.56,0,500,0,500,0,500,0,732.44,29.85,843.85c16.43,61.46,64.84,109.87,126.3,126.3,111.41,29.85,558.13,29.85,558.13,29.85,0,0,446.73,0,558.13-29.85,61.46-16.43,109.87-64.84,126.3-126.3,29.85-111.41,29.85-343.85,29.85-343.85,0,0,0-232.44-29.85-343.85ZM571.43,714.29v-428.57l371.14,214.29-371.14,214.28Z"/>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 681 B

23
html/upload/index.php
View File

@ -1,21 +1,23 @@
<?php
require("../../include/variables.php");
require("../../include/init.php");
if ($_SESSION['userRole'] < 1) {
header("Location: /login");
http_response_code(403);
die('Veuillez vous connecter dans <a href="/login">/login</a>');
}
require("../../include/main-functions.php");
require("../../include/inputs.php");
require("../../include/panels.php");
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
if ($_SESSION['level'] < 1) {
header("Location: login.php");
http_response_code(404);
}
if(isset($_POST['article-content']) && isset($_POST['classification'])) {
$sqlRequest = "SELECT ID FROM articles WHERE ID >= 1 ORDER BY ID DESC LIMIT 1";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":userAccreditation", $_SESSION['userAccreditation']);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
@ -61,7 +63,7 @@ if(isset($_POST['article-content']) && isset($_POST['classification'])) {
<header>
<div class="panel-content">
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social);?>
</div>
</header>
@ -81,6 +83,13 @@ if(isset($_POST['article-content']) && isset($_POST['classification'])) {
<div><textarea name="article-resume" placeholder="Résumé de l'article (200 cacactères) ..." class="article-resume-input" maxlength="200"></textarea></div>
<div><textarea name="article-content" placeholder="Contenu de l'article (MarkDown) ..." class="article-content-input"></textarea></div>
<?php
$sqlRequest = "SELECT ID, name FROM confidential_levels";
$request = $pdo->prepare($sqlRequest);
$request->execute();
$confidentialLevels = array();
foreach($request->fetchAll(PDO::FETCH_ASSOC) as $confidentialLevel) {
$confidentialLevels[$confidentialLevel['ID']] = $confidentialLevel['name'];
}
selectInput("classification", "Classification", $confidentialLevels, 0);
?>
<div><button type="submit">Publier</button></div>

24
html/users/index.php
View File

@ -9,8 +9,9 @@ require("../../include/panels.php");
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
if(isset($_GET['u']) && empty($_GET['u']) == false) {
$request = $pdo->prepare("SELECT ID, username, display_name, profile_picture, banner, bio, certification FROM users WHERE username = :username");
$request->bindParam(":username", htmlspecialchars($_GET['u']));
$request = $pdo->prepare("SELECT users.ID, users.username, users.display_name, users.profile_picture, users.banner, users.bio, roles.badge_svg FROM users JOIN roles ON users.role = roles.ID WHERE users.username = :username");
$requestedUserName = htmlspecialchars($_GET['u']);
$request->bindParam(":username", $requestedUserName);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
@ -21,7 +22,7 @@ if(isset($_GET['u']) && empty($_GET['u']) == false) {
$userPPURL = $result[0]['profile_picture'] == NULL ? "https://abs.twimg.com/sticky/default_profile_images/default_profile_400x400.png" : $result[0]['profile_picture'];
$userBanner = $result[0]['banner'] = NULL ? "" : $result[0]['banner'];
$userBio = $result[0]['bio'];
$userCertification = $result[0]['certification'];
$userBadgeSVG = $userBadgeSVG = $result[0]['badge_svg'];
} else {
$userID = 0;
$userName = htmlspecialchars($_GET['u']);
@ -29,7 +30,7 @@ if(isset($_GET['u']) && empty($_GET['u']) == false) {
$userPPURL = "https://abs.twimg.com/sticky/default_profile_images/default_profile_400x400.png";
$userBanner = "";
$userBio = "";
$userCertification = 0;
$userBadgeSVG = "";
}
} else {
$userID = 0;
@ -38,7 +39,7 @@ if(isset($_GET['u']) && empty($_GET['u']) == false) {
$userPPURL = "https://abs.twimg.com/sticky/default_profile_images/default_profile_400x400.png";
$userBanner = "";
$userBio = "";
$userCertification = 0;
$userBadgeSVG = "";
}
?>
@ -70,7 +71,7 @@ if(isset($_GET['u']) && empty($_GET['u']) == false) {
<header>
<div class="panel-content">
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social);?>
</div>
</header>
@ -93,11 +94,7 @@ if(isset($_GET['u']) && empty($_GET['u']) == false) {
<div class="display-name"><?=$userDisplayName?></div>
<div class="user-level">
<?php
if($userCertification > 0) {
echo ('<svg class="certification" viewBox="0 0 22 22" aria-label="Compte certifié" role="img"><g>');
echo ($badges[$userCertification]);
echo ('</g></svg>');
}
echo($userBadgeSVG)
?>
</div>
<div class="username">@<?=$userName?></div>
@ -117,9 +114,10 @@ if(isset($_GET['u']) && empty($_GET['u']) == false) {
<div class="user-content">
<?php
$search = isset($_GET['search']) ? "%" . htmlspecialchars($_GET['search']) . "%" : "%%";
$request = $pdo->prepare("SELECT ID, title, date, miniature, resume FROM articles WHERE (title LIKE :search OR ID LIKE :search) AND author = :userID ORDER BY date DESC");
$request = $pdo->prepare("SELECT ID, title, creation_date, miniature, resume FROM articles WHERE (title LIKE :search OR ID LIKE :search) AND author = :userID AND classification <= :userRole ORDER BY creation_date DESC");
$request->bindParam(":search", $search);
$request->bindParam(":userID", $userID);
$request->bindParam(":userRole", $_SESSION['userRole']);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
echo ('<h1>Articles de ' . $userDisplayName . '</h1>');
@ -130,7 +128,7 @@ if(isset($_GET['u']) && empty($_GET['u']) == false) {
if ($result) {
echo('<div class="articles-list">');
listArticles($result, $rootPageURL, $badges);
listArticles($result, $rootPageURL);
echo ('</div>');
} else {
echo ($userDisplayName . ' n\'a encore rien publié');

17
include/init.php
View File

@ -2,25 +2,26 @@
session_start();
if (!isset($_SESSION['userAccreditation']) || !isset($_SESSION['userLevel'])) {
if (!isset($_SESSION['userAccreditation']) || !isset($_SESSION['userRole'])) {
$_SESSION['userAccreditation'] = 0;
$_SESSION['userLevel'] = 0;
$_SESSION['userRole'] = 0;
}
if (!isset($_COOKIE['theme'])) {
setcookie('theme', 0, time()+10*60*60, "/", ".e59.fr");
$darkTheme = $darkThemes[0];
$lightTheme = $lightThemes[0];
$theme = 0;
setcookie('theme', $theme, time()+10*60*60, "/", ".e59.fr");
$darkTheme = $darkThemes[$theme];
$lightTheme = $lightThemes[$theme];
}
if (isset($_GET['theme'])) {
$newTheme = (int)$_GET['theme'] % 2;
setcookie('theme', $newTheme, time()+10*60*60, "/", ".e59.fr"); // % 2 => Number of different themes
$newTheme = (int)$_GET['theme'] % 3;
setcookie('theme', $newTheme, time()+10*60*60, "/", ".e59.fr"); // % 3 => Number of different themes
$darkTheme = $darkThemes[$newTheme];
$lightTHeme = $lightThemes[$newTheme];
} else if (isset($_COOKIE['theme'])) {
$theme = (int)$_COOKIE['theme'] % 2;
$theme = (int)$_COOKIE['theme'] % 3;
$darkTheme = $darkThemes[$theme];
$lightTheme = $lightThemes[$theme];
}

15
include/objects.php
View File

@ -1,6 +1,6 @@
<?php
function userWidget($userPPURL, $userDisplayName, $userName, $userCertification, $badges, $rootPageURL) {
function userWidget($userPPURL, $userDisplayName, $userName, $userBadgeSVG, $rootPageURL) {
echo ('<a href="' . $rootPageURL . 'users?u=' . $userName . '" class="user-widget-link">');
echo ('<div class="user-widget">');
@ -13,11 +13,7 @@ function userWidget($userPPURL, $userDisplayName, $userName, $userCertification,
echo ('<div class="user-display-name">');
echo ($userDisplayName);
if ($userCertification > 0) {
echo ('<svg class="certification" viewBox="0 0 22 22" aria-label="Compte certifié" role="img">');
echo ('<g>' . $badges[$userCertification] . '</g>');
echo ('</svg>');
}
echo ($userBadgeSVG);
echo ('</div>');
echo ('<div class="user-name">@' . $userName . '</div>');
@ -29,11 +25,11 @@ function userWidget($userPPURL, $userDisplayName, $userName, $userCertification,
}
function listArticles($result, $rootPageURL, $badges) {
function listArticles($result, $rootPageURL) {
foreach($result as $article) {
$pubDateTime = strtotime($article['date']);
$pubDateTime = strtotime($article['creation_date']);
$pubDate = date('d/m/Y', $pubDateTime);
$articleID = $article['ID'];
$articleTitle = $article['title'];
@ -41,8 +37,7 @@ function listArticles($result, $rootPageURL, $badges) {
$miniatureURL = empty($article['miniature']) ? $rootPageURL . "src/img/empty.jpg" : $article['miniature'];
if (isset($article['username'])) {
$badge = $article['certification'] > 0 ? '<svg class="certification" viewBox="0 0 22 22" aria-label="Compte certifié" role="img"><g>' . $badges[$article['certification']] . '</g></svg>' : "";
$authorLink = ' | <a href="/users?u=' . $article['username'] . '">' . $article['display_name'] . $badge . '</a>';
$authorLink = ' | <a href="/users?u=' . $article['username'] . '">' . $article['display_name'] . $article['badge_svg'] . '</a>';
} else {
$authorLink = '';
}

31
include/panels.php
View File

@ -1,4 +1,4 @@
<?
<?php
function fillHead($rootPageURL, $pageTitle, $darkTheme, $lightTheme) {
@ -8,37 +8,33 @@ function fillHead($rootPageURL, $pageTitle, $darkTheme, $lightTheme) {
echo ('<link rel="icon" href="' . $rootPageURL . 'src/img/favicon.ico">');
echo ('<style>');
echo ('@media (prefers-color-scheme: dark) {');
echo ('.body {');
echo ($darkTheme);
echo ('}');
echo ('}');
echo ('@media (prefers-color-scheme: light) {');
echo ('.body {');
echo ($lightTheme);
echo ('}');
echo ('}');
echo ('</style>');
echo ('<title>' . $pageTitle . '</title>');
}
function fillHeader($rootPageURL, $headerTitle, $headerSubtitle) {
function fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social) {
echo ('<div class="logo-container">');
echo ('<a href="' . $rootPageURL . '">');
echo ('<img src="' . $rootPageURL . 'src/img/athena-mono.png" class="logo-img">');
echo ('<img src="' . $rootPageURL . 'src/img/e59.png" class="logo-img">');
echo ('</a>');
echo ('</div>');
echo ('<div class="content">');
echo ('<div class="social-zone">');
foreach($social as $name => $url) {
echo ('<a href="' . $url . '" target="_blank" class="social-link">');
echo ('<img src="/src/svg/' . $name . '.svg" class="' . $name . '-logo social-logo">');
echo ('</a>');
}
echo ('</div>');
echo ('<div class="header-title-container">');
echo ('<div class="header-title">' . $headerTitle . '</div>');
echo ('<div class="header-subtitle">' . $headerSubtitle . '</div>');
@ -49,11 +45,10 @@ function fillHeader($rootPageURL, $headerTitle, $headerSubtitle) {
function fillNav($rootPageURL) {
echo ('<a href="' . $rootPageURL . 'news"><div class="nav-link">News</div></a>');
echo ('<a href="' . $rootPageURL . 'news"><div class="nav-link">Actualités</div></a>');
echo ('<a href="' . $rootPageURL . 'about"><div class="nav-link">A propos</div></a>');
if ($_SESSION['userLevel'] >= 3) {
if ($_SESSION['userRole'] == 50) {
echo ('<a href="' . $rootPageURL . 'admin"><div class="nav-link">Admin</div></a>');
}

8
include/variables.php
View File

@ -11,13 +11,15 @@
$sqlDatabaseHost = $globalConfig['sql']['databaseHost'];
$pageTitle = $globalConfig['main']['pageTitle'];
$pageName = $globalConfig['main']['pageName'];
$headerTitle = $globalConfig['main']['headerTitle'];
$headerSubtitle = $globalConfig['main']['headerSubtitle'];
$footerText = $globalConfig['main']['footerText'];
$confidentialLevels = $globalConfig['confidentialLevels'];
$userLevels = $globalConfig['userLevels'];
$badges = $globalConfig['badges'];
$social = $globalConfig['social'];
$recaptchaSiteKey = $globalConfig['recaptcha']['siteKey'];
$recaptchaSecretKey = $globalConfig['recaptcha']['secretKey'];
$darkThemes = $globalConfig['darkThemes'];
$lightThemes = $globalConfig['lightThemes'];

BIN
logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 4.5 KiB