change auth from session to cookie on entire website
This commit is contained in:
parent
58e8c5653c
commit
22c807570c
26
accueil.php
26
accueil.php
@ -1,9 +1,13 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){ ?>
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
?>
|
||||
<html lang="fr">
|
||||
<head>
|
||||
<?php require "controller/Head.php" ?>
|
||||
@ -44,6 +48,16 @@ if (isset($_SESSION["username"])){ ?>
|
||||
<script src="assets/js/accueil.js"></script>
|
||||
</body>
|
||||
</html>
|
||||
<?php } else {?>
|
||||
<script>location.href='/';</script>
|
||||
<?php } ?>
|
||||
<?php
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
|
||||
|
||||
?>
|
||||
@ -18,8 +18,9 @@
|
||||
'controller/Auth.php',
|
||||
{user: $(input[0]).val().trim(), pass: sha1($(input[1]).val().trim())},
|
||||
function(data, status, jqXHR) {
|
||||
console.log(data.trim());
|
||||
if (data.trim() == "true"){
|
||||
window.location.href = "/accueil.php";
|
||||
location.href='/';
|
||||
} else {
|
||||
$("#zone-login").addClass("shaking_error");
|
||||
setTimeout(function() {
|
||||
|
||||
@ -1,15 +1,16 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){
|
||||
$sql = 'SELECT ID_candidature, progression_candidature, cv_file_path_candidature, lm_file_path_candidature, validation_form_file_path_candidature, internship_agreement_file_path_candidature, name_internship, name_company, email_company, ID_user, username, city_localisation, postal_code_localisation FROM candidatures NATURAL JOIN users INNER JOIN internships ON candidatures.ID_internship=internships.ID_internship INNER JOIN localisations ON internships.ID_localisation=localisations.ID_localisation NATURAL JOIN companies WHERE username=:user ORDER BY offer_date_internship ASC;';
|
||||
|
||||
include "controller/ConnexionBDD.php";
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
|
||||
$sql = 'SELECT ID_candidature, progression_candidature, cv_file_path_candidature, lm_file_path_candidature, validation_form_file_path_candidature, internship_agreement_file_path_candidature, name_internship, name_company, email_company, ID_user, username, city_localisation, postal_code_localisation FROM candidatures NATURAL JOIN users INNER JOIN internships ON candidatures.ID_internship=internships.ID_internship INNER JOIN localisations ON internships.ID_localisation=localisations.ID_localisation NATURAL JOIN companies WHERE username=:user ORDER BY offer_date_internship ASC;';
|
||||
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username=:user;');
|
||||
$query_perm->execute(['user' => $_SESSION["username"]]);
|
||||
$query_perm->execute(['user' => $_COOKIE["username"]]);
|
||||
$results_perm = $query_perm->fetchALL(PDO::FETCH_OBJ);
|
||||
if ($query_perm->rowCount() >= 1) {
|
||||
$showCandidatures = false;
|
||||
@ -23,7 +24,7 @@ if (isset($_SESSION["username"])){
|
||||
if ($showCandidatures){
|
||||
|
||||
$query_candidatures = $bdd->prepare($sql);
|
||||
$query_candidatures->execute(['user' => $_SESSION["username"]]);
|
||||
$query_candidatures->execute(['user' => $_COOKIE["username"]]);
|
||||
$results_candidatures = $query_candidatures->fetchALL(PDO::FETCH_OBJ);
|
||||
?>
|
||||
<html lang="fr">
|
||||
@ -136,6 +137,11 @@ if (isset($_SESSION["username"])){
|
||||
header('HTTP/1.0 403 Forbidden');
|
||||
require "controller/403.php";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
|
||||
@ -1,16 +1,17 @@
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') { /*Seulement si la method est en POST*/
|
||||
if (isset($_POST["action"]) && isset($_POST["ID_internship"])){ /*Vérification de l'existance des paramètres*/
|
||||
$action = $_POST["action"]; /*Récupération des paramètres*/
|
||||
$ID_internship = $_POST["ID_internship"]; /*Récupération des paramètres*/
|
||||
|
||||
require "ConnexionBDD.php"; /*Inclusion de la partie connexion*/
|
||||
if (!$error) { /*Si la connexion a été établie sans erreur*/
|
||||
$query_check_wishlist = $bdd->prepare('SELECT ID_user FROM users NATURAL JOIN wishlist INNER JOIN internships ON wishlist.ID_internship=internships.ID_internship WHERE username=:user AND wishlist.ID_internship=:id_internship;');
|
||||
$query_check_wishlist->execute(['user' => $_SESSION["username"], 'id_internship' => $ID_internship]); /*Remplissage de la requete avec les données*/
|
||||
$query_check_wishlist->execute(['user' => $_COOKIE["username"], 'id_internship' => $ID_internship]); /*Remplissage de la requete avec les données*/
|
||||
$results_check_wishlist = $query_check_wishlist->fetchALL(PDO::FETCH_OBJ); /*Retour un résultat sous forme d'objet*/
|
||||
|
||||
if ($action == "remove"){
|
||||
@ -23,7 +24,7 @@ if (isset($_SESSION["username"])){
|
||||
if ($query_check_wishlist->rowCount() == 0){
|
||||
|
||||
$query_get_id_user = $bdd->prepare('SELECT ID_user FROM users WHERE username=:user LIMIT 1;');
|
||||
$query_get_id_user->execute(['user' => $_SESSION["username"]]); /*Remplissage de la requete avec les données*/
|
||||
$query_get_id_user->execute(['user' => $_COOKIE["username"]]); /*Remplissage de la requete avec les données*/
|
||||
$results_get_id_user = $query_get_id_user->fetchALL(PDO::FETCH_OBJ); /*Retour un résultat sous forme d'objet*/
|
||||
|
||||
if ($query_get_id_user->rowCount() == 1){
|
||||
@ -35,13 +36,13 @@ if (isset($_SESSION["username"])){
|
||||
|
||||
} else { echo "false";}
|
||||
}
|
||||
|
||||
$bdd = null; /*Fin de connexion*/
|
||||
} else {echo "false";} /*Dans le cas d'une erreur de connexion à la BDD, retour false (erreur d'authentification)*/
|
||||
}
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
@ -1,6 +1,4 @@
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') { /*Seulement si la method est en POST*/
|
||||
if (isset($_POST["user"]) && isset($_POST["pass"])){ /*Vérification de l'existance des paramètres*/
|
||||
$user = $_POST["user"]; /*Récupération des paramètres*/
|
||||
@ -8,19 +6,16 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { /*Seulem
|
||||
require "ConnexionBDD.php"; /*Inclusion de la partie connexion*/
|
||||
|
||||
if (!$error) { /*Si la connexion a été établie sans erreur*/
|
||||
$query = $bdd->prepare('SELECT password_user FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user;');
|
||||
$query->execute(['user' => $user]); /*Remplissage de la requete avec les données*/
|
||||
$results = $query->fetchALL(PDO::FETCH_OBJ); /*Retour un résultat sous forme d'objet*/
|
||||
$query = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query->execute(['user' => $user, 'password_user' => $pass]);
|
||||
|
||||
if ($query->rowCount() == 1){
|
||||
if ($results[0]->password_user == $pass){
|
||||
echo "true"; /*Retourne true si le mot de passe correspond*/
|
||||
$_SESSION["username"] = $user;
|
||||
setcookie("username", $_POST["user"], time()+7200, "/");
|
||||
setcookie("pass", $_POST["pass"], time()+7200, "/");
|
||||
/*Requête permettant la mise à jour des champs : connection_count et last_connection de l'utilisateur*/
|
||||
$query = $bdd->prepare('UPDATE users SET connection_count = connection_count + 1, last_connection = CURDATE() WHERE username = :user;');
|
||||
$query->execute(['user' => $user]); /*Execution de la requête*/
|
||||
}
|
||||
else { echo "false";} /*false si mot de passe non correct*/
|
||||
} else { echo "false";}
|
||||
$bdd = null; /*Fin de connexion*/
|
||||
} else {echo "false";} /*Dans le cas d'une erreur de connexion à la BDD, retour false (erreur d'authentification)*/
|
||||
|
||||
@ -1,5 +1,9 @@
|
||||
<?php
|
||||
session_start();
|
||||
session_destroy();
|
||||
echo "<script>location.href='/'</script>"
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
setcookie("username", "", time() - 3600, "/");
|
||||
setcookie("pass", "", time() - 3600, "/");
|
||||
echo "<script>location.href='/';</script>";
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
?>
|
||||
@ -1,10 +1,14 @@
|
||||
<?php
|
||||
|
||||
if (isset($_SESSION["username"])){
|
||||
include "ConnexionBDD.php";
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
|
||||
$query_perm_nav = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username = :user;');
|
||||
$query_perm_nav->execute(['user' => $_SESSION["username"]]);
|
||||
$query_perm_nav->execute(['user' => $_COOKIE["username"]]);
|
||||
$results_nav = $query_perm_nav->fetchALL(PDO::FETCH_OBJ);
|
||||
if ($query_perm_nav->rowCount() >= 1) {
|
||||
$showOffres = false;
|
||||
@ -59,6 +63,7 @@ if (isset($_SESSION["username"])){
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
<div class="navigation">
|
||||
|
||||
@ -9,18 +9,20 @@ require_once '../assets/vendors/phpmailer/src/SMTP.php';
|
||||
|
||||
$mail = new PHPMailer(true);
|
||||
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){
|
||||
include "../controller/ConnexionBDD.php";
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
|
||||
if (is_uploaded_file($_FILES['cv']['tmp_name']) && is_uploaded_file($_FILES['lm']['tmp_name']) && isset($_POST["ID_internship"])) {
|
||||
$query_ID_user = $bdd->prepare('SELECT ID_user FROM users WHERE username=:user;');
|
||||
$query_ID_user->execute(['user' => $_SESSION["username"]]);
|
||||
$query_ID_user->execute(['user' => $_COOKIE["username"]]);
|
||||
$ID_user = $query_ID_user->fetchALL(PDO::FETCH_OBJ)[0]->ID_user;
|
||||
|
||||
$location_cv = "/documents/users/".$ID_user."/candidatures/".$_POST["ID_internship"]."/".$_FILES['cv']['name'];
|
||||
$location_lm = "/documents/users/".$ID_user."/candidatures/".$_POST["ID_internship"]."/".$_FILES['lm']['name'];
|
||||
$location_cv = "/documents/users/".$ID_user."/"."candidatures/".$_POST["ID_internship"]."/".$_FILES['cv']['name'];
|
||||
$location_lm = "/documents/users/".$ID_user."/"."candidatures/".$_POST["ID_internship"]."/".$_FILES['lm']['name'];
|
||||
|
||||
echo $location_cv;
|
||||
echo "<br>";
|
||||
@ -75,8 +77,6 @@ if (isset($_SESSION["username"])){
|
||||
}
|
||||
|
||||
echo "<script>location.href='/offres_stages.php';</script>";
|
||||
|
||||
|
||||
}
|
||||
catch (Exception $e) {
|
||||
echo "zut une erreur";
|
||||
@ -84,4 +84,5 @@ if (isset($_SESSION["username"])){
|
||||
} else {echo "POST file incomplet";}
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
||||
BIN
documents/users/8/candidatures/3/CV.pdf
Normal file
BIN
documents/users/8/candidatures/3/CV.pdf
Normal file
Binary file not shown.
BIN
documents/users/candidatures/3/CV.pdf
Normal file
BIN
documents/users/candidatures/3/CV.pdf
Normal file
Binary file not shown.
BIN
documents/users/candidatures/3/LM.pdf
Normal file
BIN
documents/users/candidatures/3/LM.pdf
Normal file
Binary file not shown.
20
favoris.php
20
favoris.php
@ -1,15 +1,16 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){
|
||||
$sql = 'SELECT ID_internship ,name_internship, description_internship, duration_internship, remuneration_internship, offer_date_internship, place_number_internship, competences_internship, city_localisation, postal_code_localisation, GROUP_CONCAT(name_promotion SEPARATOR ", ") AS "name_promotion", name_company, visibility_company, note FROM internships NATURAL JOIN localisations NATURAL JOIN companies NATURAL JOIN internship_for_promo NATURAL JOIN promotions NATURAL JOIN evaluate INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE name_role="Pilote" AND visibility_company="O" GROUP BY ID_internship ORDER BY offer_date_internship;';
|
||||
|
||||
include "controller/ConnexionBDD.php";
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
$sql = 'SELECT ID_internship ,name_internship, description_internship, duration_internship, remuneration_internship, offer_date_internship, place_number_internship, competences_internship, city_localisation, postal_code_localisation, GROUP_CONCAT(name_promotion SEPARATOR ", ") AS "name_promotion", name_company, visibility_company, note FROM internships NATURAL JOIN localisations NATURAL JOIN companies NATURAL JOIN internship_for_promo NATURAL JOIN promotions NATURAL JOIN evaluate INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE name_role="Pilote" AND visibility_company="O" GROUP BY ID_internship ORDER BY offer_date_internship;';
|
||||
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username=:user;');
|
||||
$query_perm->execute(['user' => $_SESSION["username"]]);
|
||||
$query_perm->execute(['user' => $_COOKIE["username"]]);
|
||||
$results_perm = $query_perm->fetchALL(PDO::FETCH_OBJ);
|
||||
if ($query_perm->rowCount() >= 1) {
|
||||
$showFavoris = false;
|
||||
@ -26,7 +27,7 @@ if (isset($_SESSION["username"])){
|
||||
$results_internships = $query_internships->fetchALL(PDO::FETCH_OBJ);
|
||||
|
||||
$query_wishlist = $bdd->prepare('SELECT ID_internship FROM internships NATURAL JOIN wishlist INNER JOIN users ON wishlist.ID_user=users.ID_user WHERE username=:user;');
|
||||
$query_wishlist->execute(['user' => $_SESSION["username"]]);
|
||||
$query_wishlist->execute(['user' => $_COOKIE["username"]]);
|
||||
$results_wishlist = $query_wishlist->fetchALL(PDO::FETCH_OBJ);
|
||||
$wishlist = [];
|
||||
foreach ($results_wishlist as $result) {
|
||||
@ -139,6 +140,11 @@ if (isset($_SESSION["username"])){
|
||||
header('HTTP/1.0 403 Forbidden');
|
||||
require "controller/403.php";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
|
||||
@ -1,9 +1,13 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){ ?>
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
?>
|
||||
<html lang="fr">
|
||||
<head>
|
||||
<?php require "controller/Head.php" ?>
|
||||
@ -24,6 +28,14 @@ if (isset($_SESSION["username"])){ ?>
|
||||
<script src="assets/js/gestion_delegates.js"></script>
|
||||
</body>
|
||||
</html>
|
||||
<?php } else {?>
|
||||
<script>location.href='/';</script>
|
||||
<?php } ?>
|
||||
<?php
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
?>
|
||||
@ -1,9 +1,13 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){ ?>
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
?>
|
||||
<html lang="fr">
|
||||
<head>
|
||||
<?php require "controller/Head.php" ?>
|
||||
@ -24,6 +28,14 @@ if (isset($_SESSION["username"])){ ?>
|
||||
<script src="assets/js/gestion_entreprises.js"></script>
|
||||
</body>
|
||||
</html>
|
||||
<?php } else {?>
|
||||
<script>location.href='/';</script>
|
||||
<?php } ?>
|
||||
<?php
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
?>
|
||||
@ -1,9 +1,13 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){ ?>
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
?>
|
||||
<html lang="fr">
|
||||
<head>
|
||||
<?php require "controller/Head.php" ?>
|
||||
@ -24,6 +28,14 @@ if (isset($_SESSION["username"])){ ?>
|
||||
<script src="assets/js/gestion_pilots.js"></script>
|
||||
</body>
|
||||
</html>
|
||||
<?php } else {?>
|
||||
<script>location.href='/';</script>
|
||||
<?php } ?>
|
||||
<?php
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
?>
|
||||
@ -1,9 +1,13 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){ ?>
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
?>
|
||||
<html lang="fr">
|
||||
<head>
|
||||
<?php require "controller/Head.php" ?>
|
||||
@ -24,6 +28,14 @@ if (isset($_SESSION["username"])){ ?>
|
||||
<script src="assets/js/gestion_stages.js"></script>
|
||||
</body>
|
||||
</html>
|
||||
<?php } else {?>
|
||||
<script>location.href='/';</script>
|
||||
<?php } ?>
|
||||
<?php
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
?>
|
||||
@ -1,9 +1,13 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){ ?>
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
?>
|
||||
<html lang="fr">
|
||||
<head>
|
||||
<?php require "controller/Head.php" ?>
|
||||
@ -24,6 +28,14 @@ if (isset($_SESSION["username"])){ ?>
|
||||
<script src="assets/js/gestion_students.js"></script>
|
||||
</body>
|
||||
</html>
|
||||
<?php } else {?>
|
||||
<script>location.href='/';</script>
|
||||
<?php } ?>
|
||||
<?php
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
?>
|
||||
17
gestions.php
17
gestions.php
@ -1,13 +1,15 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){
|
||||
include "controller/ConnexionBDD.php";
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
|
||||
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username=:user;');
|
||||
$query_perm->execute(['user' => $_SESSION["username"]]);
|
||||
$query_perm->execute(['user' => $_COOKIE["username"]]);
|
||||
$results = $query_perm->fetchALL(PDO::FETCH_OBJ);
|
||||
if ($query_perm->rowCount() >= 1) {
|
||||
$showGestion_Enterprises = false;
|
||||
@ -112,6 +114,11 @@ if (isset($_SESSION["username"])){
|
||||
header('HTTP/1.0 403 Forbidden');
|
||||
require "controller/403.php";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
|
||||
16
index.php
16
index.php
@ -1,13 +1,14 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){
|
||||
echo "<script>location.href='/accueil.php';</script>";
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query->rowCount() == 1){echo "<script>location.href='/accueil.php';</script>";}
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
|
||||
<html lang="fr">
|
||||
<head>
|
||||
<title>Connexion - CTS</title>
|
||||
@ -50,3 +51,6 @@ if (isset($_SESSION["username"])){
|
||||
<script src="assets/js/index.js"></script>
|
||||
</body>
|
||||
</html>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
28
offres.php
28
offres.php
@ -1,25 +1,22 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){
|
||||
include "controller/ConnexionBDD.php";
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username=:user;');
|
||||
$query_perm->execute(['user' => $_SESSION["username"]]);
|
||||
$query_perm->execute(['user' => $_COOKIE["username"]]);
|
||||
$results = $query_perm->fetchALL(PDO::FETCH_OBJ);
|
||||
if ($query_perm->rowCount() >= 1) {
|
||||
$showEnterprises = false;
|
||||
$showStages = false;
|
||||
|
||||
foreach($results as $result){
|
||||
if ($result->code_permission == "SFx2"){
|
||||
$showEnterprises = true;
|
||||
}
|
||||
if ($result->code_permission == "SFx8"){
|
||||
$showStages = true;
|
||||
}
|
||||
if ($result->code_permission == "SFx2"){ $showEnterprises = true; }
|
||||
if ($result->code_permission == "SFx8"){ $showStages = true; }
|
||||
}
|
||||
|
||||
if ($showEnterprises || $showStages) {
|
||||
@ -81,14 +78,17 @@ if (isset($_SESSION["username"])){
|
||||
</body>
|
||||
</html>
|
||||
<?php
|
||||
} else {
|
||||
header('HTTP/1.0 403 Forbidden');
|
||||
require "controller/403.php";
|
||||
|
||||
}
|
||||
} else {
|
||||
header('HTTP/1.0 403 Forbidden');
|
||||
require "controller/403.php";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/controller/Disconnect.php';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
|
||||
@ -1,9 +1,13 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
|
||||
if (isset($_SESSION["username"])){
|
||||
$sql = 'SELECT name_company, activity_sector_company, nb_intern_cesi_company, email_company, city_localisation, postal_code_localisation, COUNT(internships.ID_company) AS "number_of_internships", note FROM companies NATURAL JOIN companies_located NATURAL JOIN localisations LEFT JOIN internships ON companies.ID_company=internships.ID_company INNER JOIN evaluate ON companies.ID_company=evaluate.ID_company INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE visibility_company="O" AND name_role="Pilote"';
|
||||
$params = [];
|
||||
$selected = [];
|
||||
@ -37,10 +41,8 @@ if (isset($_SESSION["username"])){
|
||||
}
|
||||
$sql = $sql . ";";
|
||||
|
||||
include "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission=:perm AND username=:user;');
|
||||
$query_perm->execute(['user' => $_SESSION["username"], 'perm' => "SFx2"]);
|
||||
$query_perm->execute(['user' => $_COOKIE["username"], 'perm' => "SFx2"]);
|
||||
if ($query_perm->rowCount() == 1) {
|
||||
$query_companies = $bdd->prepare($sql);
|
||||
$query_companies->execute($params);
|
||||
@ -221,6 +223,11 @@ if (isset($_SESSION["username"])){
|
||||
header('HTTP/1.0 403 Forbidden');
|
||||
require "controller/403.php";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
|
||||
@ -1,9 +1,13 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
|
||||
if (isset($_SESSION["username"])){
|
||||
$sql = 'SELECT ID_internship ,name_internship, description_internship, duration_internship, remuneration_internship, offer_date_internship, place_number_internship, competences_internship, city_localisation, postal_code_localisation, GROUP_CONCAT(name_promotion SEPARATOR ", ") AS "name_promotion", name_company, email_company, email_company, note FROM internships NATURAL JOIN localisations NATURAL JOIN companies NATURAL JOIN internship_for_promo NATURAL JOIN promotions NATURAL JOIN evaluate INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE name_role="Pilote" AND visibility_company="O"';
|
||||
$params = [];
|
||||
$selected = [];
|
||||
@ -41,10 +45,8 @@ if (isset($_SESSION["username"])){
|
||||
}
|
||||
$sql = $sql . " GROUP BY ID_internship ORDER BY offer_date_internship ASC;";
|
||||
|
||||
include "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission=:perm AND username=:user;');
|
||||
$query_perm->execute(['user' => $_SESSION["username"], 'perm' => "SFx8"]);
|
||||
$query_perm->execute(['user' => $_COOKIE["username"], 'perm' => "SFx8"]);
|
||||
if ($query_perm->rowCount() == 1) {
|
||||
$query_internships = $bdd->prepare($sql);
|
||||
$query_internships->execute($params);
|
||||
@ -79,7 +81,7 @@ if (isset($_SESSION["username"])){
|
||||
$results_promotions = $query_promotions->fetchALL(PDO::FETCH_OBJ);
|
||||
|
||||
$query_wishlist = $bdd->prepare('SELECT ID_internship FROM internships NATURAL JOIN wishlist INNER JOIN users ON wishlist.ID_user=users.ID_user WHERE username=:user;');
|
||||
$query_wishlist->execute(['user' => $_SESSION["username"]]);
|
||||
$query_wishlist->execute(['user' => $_COOKIE["username"]]);
|
||||
$results_wishlist = $query_wishlist->fetchALL(PDO::FETCH_OBJ);
|
||||
$wishlist = [];
|
||||
foreach ($results_wishlist as $result) {
|
||||
@ -87,7 +89,7 @@ if (isset($_SESSION["username"])){
|
||||
}
|
||||
|
||||
$query_candidatures = $bdd->prepare('SELECT candidatures.ID_internship FROM candidatures NATURAL JOIN users INNER JOIN internships ON candidatures.ID_internship=internships.ID_internship WHERE username=:user;');
|
||||
$query_candidatures->execute(['user' => $_SESSION["username"]]);
|
||||
$query_candidatures->execute(['user' => $_COOKIE["username"]]);
|
||||
$results_candidatures = $query_candidatures->fetchALL(PDO::FETCH_OBJ);
|
||||
$candidatures = [];
|
||||
foreach ($results_candidatures as $result) {
|
||||
@ -306,6 +308,11 @@ if (isset($_SESSION["username"])){
|
||||
header('HTTP/1.0 403 Forbidden');
|
||||
require "controller/403.php";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
|
||||
@ -1,13 +1,15 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){
|
||||
include "controller/ConnexionBDD.php";
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
require "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
|
||||
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
|
||||
if ($query_check_cookie->rowCount() == 1){
|
||||
|
||||
$query = $bdd->prepare('SELECT username, lastname_user, firstname_user, email_user, city_localisation, date_creation, connection_count, GROUP_CONCAT(name_promotion SEPARATOR ", ") AS "name_promotion", name_role FROM a2_projet_web.users NATURAL JOIN user_belong_promo NATURAL JOIN promotions NATURAL JOIN localisations NATURAL JOIN roles WHERE username=:user GROUP BY username;');
|
||||
$query->execute(['user' => $_SESSION["username"]]);
|
||||
$query->execute(['user' => $_COOKIE["username"]]);
|
||||
$results = $query->fetchALL(PDO::FETCH_OBJ);
|
||||
?>
|
||||
<html lang="fr">
|
||||
@ -120,6 +122,11 @@ if (isset($_SESSION["username"])){
|
||||
</body>
|
||||
</html>
|
||||
<?php
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
}
|
||||
} else {
|
||||
echo "<script>location.href='/';</script>";
|
||||
|
||||
36
test.php
36
test.php
@ -1,30 +1,10 @@
|
||||
<!DOCTYPE html>
|
||||
|
||||
<?php
|
||||
session_start();
|
||||
setcookie("username", "louis.dumont", time()+3600, "/");
|
||||
setcookie("pass", "c499eec73d18319f4066758e1daf8c84a64e52f7", time()+3600, "/");
|
||||
|
||||
if (isset($_SESSION["username"])){ ?>
|
||||
<html lang="fr">
|
||||
<head>
|
||||
<?php require "controller/Head.php" ?>
|
||||
<title>TEST - CTS</title>
|
||||
</head>
|
||||
<body>
|
||||
<div class="container">
|
||||
<?php require "controller/Nav_bar.php"?>
|
||||
<div class="main">
|
||||
<?php require "controller/Top_bar.php" ?>
|
||||
<div class="content">
|
||||
<form action="/test2.php" method="post" enctype="multipart/form-data">
|
||||
<input id="file" type="file" name="file">
|
||||
<button type="submit">Envoyer</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php require "controller/Script.php" ?>
|
||||
</body>
|
||||
</html>
|
||||
<?php } else {?>
|
||||
<script>location.href='/';</script>
|
||||
<?php } ?>
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
echo $_COOKIE['username'].$_COOKIE['pass'];
|
||||
} else {
|
||||
echo "non";
|
||||
}
|
||||
?>
|
||||
35
test2.php
35
test2.php
@ -1,35 +1,10 @@
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (isset($_SESSION["username"])){
|
||||
include "controller/ConnexionBDD.php";
|
||||
if (!$error) {
|
||||
$query_ID_user = $bdd->prepare('SELECT ID_user FROM users WHERE username=:user;');
|
||||
$query_ID_user->execute(['user' => $_SESSION["username"]]);
|
||||
$ID_user = $query_ID_user->fetchALL(PDO::FETCH_OBJ)[0]->ID_user;
|
||||
print_r($_COOKIE);
|
||||
|
||||
$location_cv = "./documents/users/".$ID_user."/".$_FILES['cv']['name'];
|
||||
$location_lm = "./documents/users/".$ID_user."/".$_FILES['lm']['name'];
|
||||
|
||||
if (!is_dir('./documents/')){
|
||||
mkdir("./documents/", 0700);
|
||||
}
|
||||
if (!is_dir('./documents/users')){
|
||||
mkdir("./documents/users", 0700);
|
||||
}
|
||||
if (!is_dir("./documents/users/".$ID_user)){
|
||||
mkdir("./documents/users/".$ID_user, 0700);
|
||||
}
|
||||
|
||||
|
||||
try {
|
||||
move_uploaded_file($_FILES['cv']['tmp_name'], $location_cv);
|
||||
move_uploaded_file($_FILES['lm']['tmp_name'], $location_lm);
|
||||
echo "tout est ok";
|
||||
}
|
||||
catch (Exception $e) {
|
||||
echo "zut une erreur";
|
||||
}
|
||||
}
|
||||
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
|
||||
echo $_COOKIE['username'].$_COOKIE['pass'];
|
||||
} else {
|
||||
echo "non";
|
||||
}
|
||||
?>
|
||||
Loading…
x
Reference in New Issue
Block a user