jan/e59-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update 10 files

Browse Source 
- /html/upload-file.php
- /html/editpage.php
- /html/admin.php
- /html/journal-interne.php
- /html/login.php
- /html/compte.php
- /html/upload.php
- /config/global.ini
- /include/variables.php
- /include/functions.php
This commit is contained in:
Jan BELLON 2024-03-07 20:04:47 +00:00
parent 6bcb648af2
commit dedb5b10b6
10 changed files with 172 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
config/global.ini
View File

@ -13,3 +13,10 @@ dbhost = "127.0.0.1"
[nav] [nav]
Journal = "journal.php" Journal = "journal.php"
[classifications]
0 = "Public"
1 = "Membres"
2 = "Membres Impliqués"
3 = "Responsables"
4 = "Directeurs"
5 = "Administrateur"

2
html/admin.php
View File

@ -2,7 +2,7 @@
require "../include/variables.php"; require "../include/variables.php";
require "../include/functions.php"; require "../include/functions.php";
if(isset($_SESSION['userid']) == false) { if(isset($_SESSION['role']) == false || $_SESSION['role'] < 4) {
header("Location: login.php"); header("Location: login.php");
http_response_code(404); http_response_code(404);
die(); die();

57
html/compte.php Normal file
View File

@ -0,0 +1,57 @@
<?php
require "../include/variables.php";
require "../include/functions.php";
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="./src/css/style.css">
<link rel="icon" href="src/img/favicon.ico">
<title><?=$title?></title>
</head>
<body>
<header>
<div class="pancontent">
<div class="athena-container">
<a href="/" class="athena-link">
<img src="./src/img/athena-mono.png" class="athena">
</a>
</div>
<div class="content">
<div>
<div class="main-title">
<div class="title"><?=$header_title?></div>
<div class="subtitle"><?=$header_subtitle?></div>
</div>
</div>
</div>
</div>
</header>
<nav>
<div class="pancontent">
<?php nav($nav);?>
</div>
</nav>
<main>
<div class="content">
<div>
<div>
<?php
foreach($_SESSION as $name => $value) { echo "<div>" . $name . " : " . $value . "</div>";}
?>
</div>
</div>
</div>
</main>
<footer>
<div class="content">
<div>
<div><?=$copyright?></div>
</div>
</div>
</footer>
</body>
</html>

12
html/editpage.php
View File

@ -2,6 +2,12 @@
require "../include/variables.php"; require "../include/variables.php";
require "../include/functions.php"; require "../include/functions.php";
if(isset($_SESSION['role']) == false || $_SESSION['role'] < 3) {
header("Location: login.php");
http_response_code(404);
die();
}
$filetypes = [ $filetypes = [
0 => "article", 0 => "article",
1 => "page" 1 => "page"
@ -9,12 +15,6 @@ $filetypes = [
$repertoire = "/var/www/e59/"; $repertoire = "/var/www/e59/";
if(isset($_SESSION['userid']) == false) {
header("Location: login.php");
http_response_code(404);
die();
}
if(isset($_GET['article']) && filter_var($_GET['article'], FILTER_VALIDATE_INT)) { if(isset($_GET['article']) && filter_var($_GET['article'], FILTER_VALIDATE_INT)) {
if(file_exists($repertoire . "content/journal/" . $_GET['article'] . ".md")){ if(file_exists($repertoire . "content/journal/" . $_GET['article'] . ".md")){
$fichier = $repertoire . "content/journal/" . $_GET['article'] . ".md"; $fichier = $repertoire . "content/journal/" . $_GET['article'] . ".md";

89
html/journal-interne.php Normal file
View File

@ -0,0 +1,89 @@
<?php
require "../include/variables.php";
require "../include/functions.php";
if(isset($_SESSION['role']) == false || $_SESSION['role'] < 1) {
header("Location: login.php");
http_response_code(404);
die();
}
if (filter_var($_GET['article'], FILTER_VALIDATE_INT)) {
$article = $_GET['article'];
} else {
$article = "";
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="./src/css/style.css">
<link rel="icon" href="src/img/favicon.ico">
<title><?=$title?></title>
</head>
<body>
<header>
<div class="pancontent">
<div class="athena-container">
<a href="/" class="athena-link">
<img src="./src/img/athena-mono.png" class="athena">
</a>
</div>
<div class="content">
<div>
<div class="main-title">
<div class="title"><?=$header_title?></div>
<div class="subtitle"><?=$header_subtitle?></div>
</div>
</div>
</div>
</div>
</header>
<nav>
<div class="pancontent">
<?php nav($nav);?>
</div>
</nav>
<main>
<div class="content">
<div>
<div>
<?php
if ($article != "" && file_exists('/var/www/e59/content/journal/' . $article . '.md')) {
$markdownContent = file_get_contents('/var/www/e59/content/journal/' . $article . '.md');
require_once '../include/parsedown.php';
$parsedown = new Parsedown();
echo "<div class='article'><div class='article-content'>";
echo $parsedown->text($markdownContent);
echo "</div></div>";
} else {
$bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
$req = $bdd->prepare("SELECT ID, titre, date, auteur FROM articles ORDER BY date DESC");
$req->execute();
$resultat = $req->fetchAll(PDO::FETCH_ASSOC);
$date = new Datetime($row['date']);
if ($resultat) {
foreach($resultat as $row) {
echo "<a href='?article=" . $row['ID'] . "' class='article-link'><div class='article'><div class='article-content'><div><h1>" . $row['titre'] . "</h1></div><div><h2>" . $row['auteur'] . "</h2></div><div>" . $date->format('d/m/Y') . "</div></div></div></a>";
}
}
}
?>
</div>
</div>
</div>
</main>
<footer>
<div class="content">
<div>
<div><?=$copyright?></div>
</div>
</div>
</footer>
</body>
</html>

3
html/login.php
View File

@ -11,7 +11,7 @@ if(isset($_POST['username']) && isset($_POST['password'])) {
if(empty($_POST['username']) == false && empty($_POST['password']) === false) { if(empty($_POST['username']) == false && empty($_POST['password']) === false) {
$bdd = connect($dbhost, $dbname, $dbuser, $dbpass); $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
$req = $bdd->prepare("SELECT ID, username, email, display_name FROM admins WHERE (username = :username OR email = :username) AND password = :password"); $req = $bdd->prepare("SELECT ID, username, email, display_name, role FROM users WHERE (username = :username OR email = :username) AND password = :password");
$req->bindParam(':username', htmlspecialchars($_POST['username'])); $req->bindParam(':username', htmlspecialchars($_POST['username']));
$req->bindParam(':password', md5($_POST['password'])); $req->bindParam(':password', md5($_POST['password']));
$req->execute(); $req->execute();
@ -23,6 +23,7 @@ if(isset($_POST['username']) && isset($_POST['password'])) {
$_SESSION['email'] = $resultat[0]['email']; $_SESSION['email'] = $resultat[0]['email'];
$_SESSION['display_name'] = $resultat[0]['display_name']; $_SESSION['display_name'] = $resultat[0]['display_name'];
$_SESSION['userid'] = $resultat[0]['ID']; $_SESSION['userid'] = $resultat[0]['ID'];
$_SESSION['role'] = $resultat[0]['role'];
header("Location: index.php"); header("Location: index.php");
exit(); exit();
} else { } else {

95
html/upload-file.php
View File

@ -1,95 +0,0 @@
<?php
require "../include/variables.php";
require "../include/functions.php";
if(isset($_SESSION['userid']) == false) {
header("Location: login.php");
http_response_code(404);
die();
}
if(isset($_POST['titre']) && isset($_FILES['file'])) {
$filename = rand(100000, 999999);
$destination = "/var/www/e59/content/journal/" . $filename . ".md";
$bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
if (!move_uploaded_file($_FILES['file']['tmp_name'], $destination)) {
$erreur = error_get_last();
die("Le fichier n'a pas pu être téléchargé. Erreur : " . $erreur['message']);
}
$upload = $bdd->prepare("INSERT INTO articles (ID, titre, date, auteur) VALUES (:filename, :titre, :date, :auteur)");
$upload->bindParam(':filename', $filename);
$upload->bindParam(':titre', htmlspecialchars($_POST['titre']));
$upload->bindParam(':auteur', $_SESSION['display_name']);
if (isset($_POST['date']) && empty($_POST['date']) == false) {
$upload->bindParam(':date', htmlspecialchars($_POST['date']));
} else {
$upload->bindParam(':date', date("Y-m-d"));
}
if($upload->execute()) {
$status = "Uploaded";
} else {
$status = "SQL Error";
}
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="./src/css/style.css">
<link rel="icon" href="src/img/favicon.ico">
<titre><?=$titre?></titre>
</head>
<body>
<header>
<div class="pancontent">
<div class="athena-container">
<a href="/" class="athena-link">
<img src="./src/img/athena-mono.png" class="athena">
</a>
</div>
<div class="content">
<div>
<div class="main-titre">
<div class="titre"><?=$header_titre?></div>
<div class="subtitre"><?=$header_subtitre?></div>
</div>
</div>
</div>
</div>
</header>
<nav>
<div class="pancontent">
<?php nav($nav);?>
</div>
</nav>
<main>
<div class="content">
<div>
<div>
<h1>Publier un article</h1>
<form action="#" method="post" enctype="multipart/form-data">
<div>
<div><input type="text" name="titre" placeholder="Titre de l'article" required></div>
<div><input type="date" name="date"></div>
<!--<div><input type="radio">Interne</input></div>-->
<div><input type="file" name="file" required></div>
<div><input type="submit" value="Publier"></div>
<div><?=$status?></div>
</div>
</form>
</div>
</div>
</div>
</main>
<footer>
<div class="content">
<div>
<div><?=$copyright?></div>
</div>
</div>
</footer>
</body>
</html>

10
html/upload.php
View File

@ -4,7 +4,7 @@ require "../include/functions.php";
$repertoire = "/var/www/e59/"; $repertoire = "/var/www/e59/";
if(isset($_SESSION['userid']) == false) { if(isset($_SESSION['role']) == false || $_SESSION['role'] < 3) {
header("Location: login.php"); header("Location: login.php");
http_response_code(404); http_response_code(404);
die(); die();
@ -18,10 +18,11 @@ if(isset($_POST['page-content'])) {
file_put_contents($repertoire . "content/journal/" . $filename . ".md", nl2br($_POST['page-content'])); file_put_contents($repertoire . "content/journal/" . $filename . ".md", nl2br($_POST['page-content']));
$bdd = connect($dbhost, $dbname, $dbuser, $dbpass); $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
$upload = $bdd->prepare("INSERT INTO articles (ID, titre, date, auteur) VALUES (:filename, :titre, :date, :auteur)"); $upload = $bdd->prepare("INSERT INTO articles (ID, titre, date, auteur, classification) VALUES (:filename, :titre, :date, :auteur, :classification)");
$upload->bindParam(':filename', $filename); $upload->bindParam(':filename', $filename);
$upload->bindParam(':titre', htmlspecialchars($_POST['titre'])); $upload->bindParam(':titre', htmlspecialchars($_POST['titre']));
$upload->bindParam(':auteur', $_SESSION['display_name']); $upload->bindParam(':auteur', $_SESSION['display_name']);
$upload->bindParam(':classification', $_POST['classification']);
if($upload->execute()) { if($upload->execute()) {
$status = "Article Publié"; $status = "Article Publié";
} else { } else {
@ -77,6 +78,11 @@ if(isset($_POST['page-content'])) {
<div><div><h1>Publier un article</h1></div> <div><div><h1>Publier un article</h1></div>
<div><input type="text" name="titre" placeholder="Titre"></div> <div><input type="text" name="titre" placeholder="Titre"></div>
<div><textarea name="page-content"></textarea></div> <div><textarea name="page-content"></textarea></div>
<div>
<select name="classification" id="cars">
<?php foreach($classifications as $id => $nom) { echo '<option value="' . $id .'">' . $nom . '</option>'; }?>
</select>
</div>
<div><input type="submit" value="Publier"></div> <div><input type="submit" value="Publier"></div>
</div> </div>
</form> </form>

2
include/functions.php
View File

@ -9,7 +9,7 @@ function nav($nav) {
echo "<a href='admin.php'><div class='navitem'>Admin</div></a>"; echo "<a href='admin.php'><div class='navitem'>Admin</div></a>";
} }
if (isset($_SESSION['userid'])) { if (isset($_SESSION['userid'])) {
echo "<a href='logout.php'><div class='navitem'>Déconnexion</div></a>"; echo "<a href='compte.php'><div class='navitem'>" . $_SESSION['display_name'] . "</div></a><a href='logout.php'><div class='navitem'>Déconnexion</div></a>";
} else { } else {
echo "<a href='login.php'><div class='navitem'>Connexion</div></a>"; echo "<a href='login.php'><div class='navitem'>Connexion</div></a>";
} }

1
include/variables.php
View File

@ -13,5 +13,6 @@ $copyright = $config['main']['copyright'];
$nav = $config['nav']; $nav = $config['nav'];
$navadmin = $nav; $navadmin = $nav;
$status = ""; $status = "";
$classifications = $config['classification'];
?> ?>