LouisD/a2-projet-web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

change auth from session to cookie on entire website

Browse Source
This commit is contained in:
Louis DUMONT 2022-03-24 14:34:36 +01:00
parent 58e8c5653c
commit 22c807570c
26 changed files with 622 additions and 542 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
accueil.php
View File

@ -1,9 +1,13 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_SESSION["username"])){ ?>
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
?>
<html lang="fr">
<head>
<?php require "controller/Head.php" ?>
@ -44,6 +48,16 @@ if (isset($_SESSION["username"])){ ?>
<script src="assets/js/accueil.js"></script>
</body>
</html>
<?php } else {?>
<script>location.href='/';</script>
<?php } ?>
<?php
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
?>

3
assets/js/index.js
View File

@ -18,8 +18,9 @@
'controller/Auth.php',
{user: $(input[0]).val().trim(), pass: sha1($(input[1]).val().trim())},
function(data, status, jqXHR) {
console.log(data.trim());
if (data.trim() == "true"){
window.location.href = "/accueil.php";
location.href='/';
} else {
$("#zone-login").addClass("shaking_error");
setTimeout(function() {

48
candidatures.php
View File

@ -1,30 +1,31 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
if (isset($_SESSION["username"])){
$sql = 'SELECT ID_candidature, progression_candidature, cv_file_path_candidature, lm_file_path_candidature, validation_form_file_path_candidature, internship_agreement_file_path_candidature, name_internship, name_company, email_company, ID_user, username, city_localisation, postal_code_localisation FROM candidatures NATURAL JOIN users INNER JOIN internships ON candidatures.ID_internship=internships.ID_internship INNER JOIN localisations ON internships.ID_localisation=localisations.ID_localisation NATURAL JOIN companies WHERE username=:user ORDER BY offer_date_internship ASC;';
$sql = 'SELECT ID_candidature, progression_candidature, cv_file_path_candidature, lm_file_path_candidature, validation_form_file_path_candidature, internship_agreement_file_path_candidature, name_internship, name_company, email_company, ID_user, username, city_localisation, postal_code_localisation FROM candidatures NATURAL JOIN users INNER JOIN internships ON candidatures.ID_internship=internships.ID_internship INNER JOIN localisations ON internships.ID_localisation=localisations.ID_localisation NATURAL JOIN companies WHERE username=:user ORDER BY offer_date_internship ASC;';
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username=:user;');
$query_perm->execute(['user' => $_COOKIE["username"]]);
$results_perm = $query_perm->fetchALL(PDO::FETCH_OBJ);
if ($query_perm->rowCount() >= 1) {
$showCandidatures = false;
include "controller/ConnexionBDD.php";
if (!$error) {
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username=:user;');
$query_perm->execute(['user' => $_SESSION["username"]]);
$results_perm = $query_perm->fetchALL(PDO::FETCH_OBJ);
if ($query_perm->rowCount() >= 1) {
$showCandidatures = false;
foreach ($results_perm as $result) {
if ($result->code_permission == "SFx29" || $result->code_permission == "SFx30" || $result->code_permission == "SFx31" || $result->code_permission == "SFx32" || $result->code_permission == "SFx33" || $result->code_permission == "SFx34" || $result->code_permission == "SFx35"){
$showCandidatures = true;
foreach ($results_perm as $result) {
if ($result->code_permission == "SFx29" || $result->code_permission == "SFx30" || $result->code_permission == "SFx31" || $result->code_permission == "SFx32" || $result->code_permission == "SFx33" || $result->code_permission == "SFx34" || $result->code_permission == "SFx35"){
$showCandidatures = true;
}
}
}
if ($showCandidatures){
if ($showCandidatures){
$query_candidatures = $bdd->prepare($sql);
$query_candidatures->execute(['user' => $_SESSION["username"]]);
$results_candidatures = $query_candidatures->fetchALL(PDO::FETCH_OBJ);
$query_candidatures = $bdd->prepare($sql);
$query_candidatures->execute(['user' => $_COOKIE["username"]]);
$results_candidatures = $query_candidatures->fetchALL(PDO::FETCH_OBJ);
?>
<html lang="fr">
<head>
@ -128,14 +129,19 @@ if (isset($_SESSION["username"])){
</body>
</html>
<?php
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
}
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
}
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";

69
controller/AddRemoveWishlist.php
View File

@ -1,47 +1,48 @@
<?php
session_start();
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
if ($_SERVER['REQUEST_METHOD'] === 'POST') { /*Seulement si la method est en POST*/
if (isset($_POST["action"]) && isset($_POST["ID_internship"])){ /*Vérification de l'existance des paramètres*/
$action = $_POST["action"]; /*Récupération des paramètres*/
$ID_internship = $_POST["ID_internship"]; /*Récupération des paramètres*/
if (isset($_SESSION["username"])){
if ($_SERVER['REQUEST_METHOD'] === 'POST') { /*Seulement si la method est en POST*/
if (isset($_POST["action"]) && isset($_POST["ID_internship"])){ /*Vérification de l'existance des paramètres*/
$action = $_POST["action"]; /*Récupération des paramètres*/
$ID_internship = $_POST["ID_internship"]; /*Récupération des paramètres*/
$query_check_wishlist = $bdd->prepare('SELECT ID_user FROM users NATURAL JOIN wishlist INNER JOIN internships ON wishlist.ID_internship=internships.ID_internship WHERE username=:user AND wishlist.ID_internship=:id_internship;');
$query_check_wishlist->execute(['user' => $_COOKIE["username"], 'id_internship' => $ID_internship]); /*Remplissage de la requete avec les données*/
$results_check_wishlist = $query_check_wishlist->fetchALL(PDO::FETCH_OBJ); /*Retour un résultat sous forme d'objet*/
require "ConnexionBDD.php"; /*Inclusion de la partie connexion*/
if (!$error) { /*Si la connexion a été établie sans erreur*/
$query_check_wishlist = $bdd->prepare('SELECT ID_user FROM users NATURAL JOIN wishlist INNER JOIN internships ON wishlist.ID_internship=internships.ID_internship WHERE username=:user AND wishlist.ID_internship=:id_internship;');
$query_check_wishlist->execute(['user' => $_SESSION["username"], 'id_internship' => $ID_internship]); /*Remplissage de la requete avec les données*/
$results_check_wishlist = $query_check_wishlist->fetchALL(PDO::FETCH_OBJ); /*Retour un résultat sous forme d'objet*/
if ($action == "remove"){
if ($query_check_wishlist->rowCount() == 1){
$query_del_wishlist = $bdd->prepare('DELETE FROM wishlist WHERE ID_internship=:id_internship AND ID_user=:id_user;');
$query_del_wishlist->execute(['id_internship' => $ID_internship, 'id_user' => $results_check_wishlist[0]->ID_user, ]);
echo 'remove_ok';
} else { echo "remove_error";}
} else if ($action == "add"){
if ($query_check_wishlist->rowCount() == 0){
if ($action == "remove"){
if ($query_check_wishlist->rowCount() == 1){
$query_del_wishlist = $bdd->prepare('DELETE FROM wishlist WHERE ID_internship=:id_internship AND ID_user=:id_user;');
$query_del_wishlist->execute(['id_internship' => $ID_internship, 'id_user' => $results_check_wishlist[0]->ID_user, ]);
echo 'remove_ok';
} else { echo "remove_error";}
} else if ($action == "add"){
if ($query_check_wishlist->rowCount() == 0){
$query_get_id_user = $bdd->prepare('SELECT ID_user FROM users WHERE username=:user LIMIT 1;');
$query_get_id_user->execute(['user' => $_COOKIE["username"]]); /*Remplissage de la requete avec les données*/
$results_get_id_user = $query_get_id_user->fetchALL(PDO::FETCH_OBJ); /*Retour un résultat sous forme d'objet*/
$query_get_id_user = $bdd->prepare('SELECT ID_user FROM users WHERE username=:user LIMIT 1;');
$query_get_id_user->execute(['user' => $_SESSION["username"]]); /*Remplissage de la requete avec les données*/
$results_get_id_user = $query_get_id_user->fetchALL(PDO::FETCH_OBJ); /*Retour un résultat sous forme d'objet*/
if ($query_get_id_user->rowCount() == 1){
$query_del_wishlist = $bdd->prepare('INSERT INTO wishlist (ID_internship, ID_user) VALUES (:id_internship, :id_user);');
$query_del_wishlist->execute(['id_internship' => $ID_internship, 'id_user' => $results_get_id_user[0]->ID_user, ]);
echo 'add_ok';
} else {echo 'add_error';}
if ($query_get_id_user->rowCount() == 1){
$query_del_wishlist = $bdd->prepare('INSERT INTO wishlist (ID_internship, ID_user) VALUES (:id_internship, :id_user);');
$query_del_wishlist->execute(['id_internship' => $ID_internship, 'id_user' => $results_get_id_user[0]->ID_user, ]);
echo 'add_ok';
} else {echo 'add_error';}
} else { echo "false";}
} else { echo "false";}
}
$bdd = null; /*Fin de connexion*/
}
$bdd = null; /*Fin de connexion*/
} else {echo "false";} /*Dans le cas d'une erreur de connexion à la BDD, retour false (erreur d'authentification)*/
}
} else {
echo "<script>location.href='/';</script>";
}
}
} else {
echo "<script>location.href='/';</script>";
}
?>

21
controller/Auth.php
View File

@ -1,6 +1,4 @@
<?php
session_start();
if ($_SERVER['REQUEST_METHOD'] === 'POST') { /*Seulement si la method est en POST*/
if (isset($_POST["user"]) && isset($_POST["pass"])){ /*Vérification de l'existance des paramètres*/
$user = $_POST["user"]; /*Récupération des paramètres*/
@ -8,19 +6,16 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { /*Seulem
require "ConnexionBDD.php"; /*Inclusion de la partie connexion*/
if (!$error) { /*Si la connexion a été établie sans erreur*/
$query = $bdd->prepare('SELECT password_user FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user;');
$query->execute(['user' => $user]); /*Remplissage de la requete avec les données*/
$results = $query->fetchALL(PDO::FETCH_OBJ); /*Retour un résultat sous forme d'objet*/
$query = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query->execute(['user' => $user, 'password_user' => $pass]);
if ($query->rowCount() == 1){
if ($results[0]->password_user == $pass){
echo "true"; /*Retourne true si le mot de passe correspond*/
$_SESSION["username"] = $user;
/*Requête permettant la mise à jour des champs : connection_count et last_connection de l'utilisateur*/
$query = $bdd->prepare('UPDATE users SET connection_count = connection_count + 1, last_connection = CURDATE() WHERE username = :user;');
$query->execute(['user' => $user]); /*Execution de la requête*/
}
else { echo "false";} /*false si mot de passe non correct*/
echo "true"; /*Retourne true si le mot de passe correspond*/
setcookie("username", $_POST["user"], time()+7200, "/");
setcookie("pass", $_POST["pass"], time()+7200, "/");
/*Requête permettant la mise à jour des champs : connection_count et last_connection de l'utilisateur*/
$query = $bdd->prepare('UPDATE users SET connection_count = connection_count + 1, last_connection = CURDATE() WHERE username = :user;');
$query->execute(['user' => $user]); /*Execution de la requête*/
} else { echo "false";}
$bdd = null; /*Fin de connexion*/
} else {echo "false";} /*Dans le cas d'une erreur de connexion à la BDD, retour false (erreur d'authentification)*/

10
controller/Disconnect.php
View File

@ -1,5 +1,9 @@
<?php
session_start();
session_destroy();
echo "<script>location.href='/'</script>"
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
setcookie("username", "", time() - 3600, "/");
setcookie("pass", "", time() - 3600, "/");
echo "<script>location.href='/';</script>";
} else {
echo "<script>location.href='/';</script>";
}
?>

111
controller/Nav_bar.php
View File

@ -1,59 +1,64 @@
<?php
if (isset($_SESSION["username"])){
include "ConnexionBDD.php";
if (!$error) {
$query_perm_nav = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username = :user;');
$query_perm_nav->execute(['user' => $_SESSION["username"]]);
$results_nav = $query_perm_nav->fetchALL(PDO::FETCH_OBJ);
if ($query_perm_nav->rowCount() >= 1) {
$showOffres = false;
$showStages = false;
$showEntreprises = false;
$showFavoris = false;
$showCandidatures = false; //A revoir au niveau des permissions
$showGestions = false;
$showGestion_Enterprises = false;
$showGestion_Studients = false;
$showGestion_Pilots = false;
$showGestion_Delegates = false;
$showGestion_Stages = false;
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
foreach($results_nav as $result){
if ($result->code_permission == "SFx2" || $result->code_permission == "SFx8"){
$showOffres = true;
}
if ($result->code_permission == "SFx8"){
$showStages = true;
}
if ($result->code_permission == "SFx2"){
$showEntreprises = true;
}
if ($result->code_permission == "SFx27" || $result->code_permission == "SFx28"){
$showFavoris = true;
}
if ($result->code_permission == "SFx29" || $result->code_permission == "SFx30" || $result->code_permission == "SFx31" || $result->code_permission == "SFx32" || $result->code_permission == "SFx33" || $result->code_permission == "SFx34" || $result->code_permission == "SFx35"){
$showCandidatures = true;
}
if ($result->code_permission == "SFx3" || $result->code_permission == "SFx4" || $result->code_permission == "SFx5" || $result->code_permission == "SFx6" || $result->code_permission == "SFx7"){
$showGestion_Enterprises = true;
$showGestions = true;
}
if ($result->code_permission == "SFx22" || $result->code_permission == "SFx23" || $result->code_permission == "SFx24" || $result->code_permission == "SFx25" || $result->code_permission == "SFx26"){
$showGestion_Studients = true;
$showGestions = true;
}
if ($result->code_permission == "SFx13" || $result->code_permission == "SFx14" || $result->code_permission == "SFx15" || $result->code_permission == "SFx16"){
$showGestion_Pilots = true;
$showGestions = true;
}
if ($result->code_permission == "SFx17" || $result->code_permission == "SFx18" || $result->code_permission == "SFx19" || $result->code_permission == "SFx20" || $result->code_permission == "SFx21"){
$showGestion_Delegates = true;
$showGestions = true;
}
if ($result->code_permission == "SFx9" || $result->code_permission == "SFx10" || $result->code_permission == "SFx11" || $result->code_permission == "SFx12"){
$showGestion_Stages = true;
$showGestions = true;
$query_perm_nav = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username = :user;');
$query_perm_nav->execute(['user' => $_COOKIE["username"]]);
$results_nav = $query_perm_nav->fetchALL(PDO::FETCH_OBJ);
if ($query_perm_nav->rowCount() >= 1) {
$showOffres = false;
$showStages = false;
$showEntreprises = false;
$showFavoris = false;
$showCandidatures = false; //A revoir au niveau des permissions
$showGestions = false;
$showGestion_Enterprises = false;
$showGestion_Studients = false;
$showGestion_Pilots = false;
$showGestion_Delegates = false;
$showGestion_Stages = false;
foreach($results_nav as $result){
if ($result->code_permission == "SFx2" || $result->code_permission == "SFx8"){
$showOffres = true;
}
if ($result->code_permission == "SFx8"){
$showStages = true;
}
if ($result->code_permission == "SFx2"){
$showEntreprises = true;
}
if ($result->code_permission == "SFx27" || $result->code_permission == "SFx28"){
$showFavoris = true;
}
if ($result->code_permission == "SFx29" || $result->code_permission == "SFx30" || $result->code_permission == "SFx31" || $result->code_permission == "SFx32" || $result->code_permission == "SFx33" || $result->code_permission == "SFx34" || $result->code_permission == "SFx35"){
$showCandidatures = true;
}
if ($result->code_permission == "SFx3" || $result->code_permission == "SFx4" || $result->code_permission == "SFx5" || $result->code_permission == "SFx6" || $result->code_permission == "SFx7"){
$showGestion_Enterprises = true;
$showGestions = true;
}
if ($result->code_permission == "SFx22" || $result->code_permission == "SFx23" || $result->code_permission == "SFx24" || $result->code_permission == "SFx25" || $result->code_permission == "SFx26"){
$showGestion_Studients = true;
$showGestions = true;
}
if ($result->code_permission == "SFx13" || $result->code_permission == "SFx14" || $result->code_permission == "SFx15" || $result->code_permission == "SFx16"){
$showGestion_Pilots = true;
$showGestions = true;
}
if ($result->code_permission == "SFx17" || $result->code_permission == "SFx18" || $result->code_permission == "SFx19" || $result->code_permission == "SFx20" || $result->code_permission == "SFx21"){
$showGestion_Delegates = true;
$showGestions = true;
}
if ($result->code_permission == "SFx9" || $result->code_permission == "SFx10" || $result->code_permission == "SFx11" || $result->code_permission == "SFx12"){
$showGestion_Stages = true;
$showGestions = true;
}
}
}
}

127
controller/Postuler.php
View File

@ -9,79 +9,80 @@ require_once '../assets/vendors/phpmailer/src/SMTP.php';
$mail = new PHPMailer(true);
session_start();
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
if (isset($_SESSION["username"])){
include "../controller/ConnexionBDD.php";
if (!$error) {
if (is_uploaded_file($_FILES['cv']['tmp_name']) && is_uploaded_file($_FILES['lm']['tmp_name']) && isset($_POST["ID_internship"])) {
$query_ID_user = $bdd->prepare('SELECT ID_user FROM users WHERE username=:user;');
$query_ID_user->execute(['user' => $_SESSION["username"]]);
$ID_user = $query_ID_user->fetchALL(PDO::FETCH_OBJ)[0]->ID_user;
if (is_uploaded_file($_FILES['cv']['tmp_name']) && is_uploaded_file($_FILES['lm']['tmp_name']) && isset($_POST["ID_internship"])) {
$query_ID_user = $bdd->prepare('SELECT ID_user FROM users WHERE username=:user;');
$query_ID_user->execute(['user' => $_COOKIE["username"]]);
$ID_user = $query_ID_user->fetchALL(PDO::FETCH_OBJ)[0]->ID_user;
$location_cv = "/documents/users/".$ID_user."/candidatures/".$_POST["ID_internship"]."/".$_FILES['cv']['name'];
$location_lm = "/documents/users/".$ID_user."/candidatures/".$_POST["ID_internship"]."/".$_FILES['lm']['name'];
$location_cv = "/documents/users/".$ID_user."/"."candidatures/".$_POST["ID_internship"]."/".$_FILES['cv']['name'];
$location_lm = "/documents/users/".$ID_user."/"."candidatures/".$_POST["ID_internship"]."/".$_FILES['lm']['name'];
echo $location_cv;
echo "<br>";
echo $location_lm;
try {
if (!is_dir('../documents/')){
mkdir("../documents/", 0700);
}
if (!is_dir('../documents/users')){
mkdir("../documents/users", 0700);
}
if (!is_dir("../documents/users/".$ID_user."/")){
mkdir("../documents/users/".$ID_user."/", 0700);
}
if (!is_dir("../documents/users/".$ID_user."/"."candidatures/")){
mkdir("../documents/users/".$ID_user."/"."candidatures/", 0700);
}
if (!is_dir("../documents/users/".$ID_user."/"."candidatures/".$_POST["ID_internship"])){
mkdir("../documents/users/".$ID_user."/"."candidatures/".$_POST["ID_internship"], 0700);
}
move_uploaded_file($_FILES['cv']['tmp_name'], "..".$location_cv);
move_uploaded_file($_FILES['lm']['tmp_name'], "..".$location_lm);
$query_ID_user = $bdd->prepare('INSERT INTO candidatures VALUES (NULL, "1", :location_cv, :location_lm, NULL, NULL, :ID_user, :ID_internship);');
$query_ID_user->execute(['location_cv' => $location_cv, 'location_lm' => $location_lm, 'ID_user' => $ID_user, 'ID_internship' => $_POST["ID_internship"]]);
echo $location_cv;
echo "<br>";
echo $location_lm;
try {
$mail->SMTPDebug = SMTP::DEBUG_SERVER;
$mail->isSMTP();
$mail->Host = 'smtp.gmail.com';
$mail->SMTPAuth = true;
$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS;
$mail->Port = 587;
if (!is_dir('../documents/')){
mkdir("../documents/", 0700);
}
if (!is_dir('../documents/users')){
mkdir("../documents/users", 0700);
}
if (!is_dir("../documents/users/".$ID_user."/")){
mkdir("../documents/users/".$ID_user."/", 0700);
}
if (!is_dir("../documents/users/".$ID_user."/"."candidatures/")){
mkdir("../documents/users/".$ID_user."/"."candidatures/", 0700);
}
if (!is_dir("../documents/users/".$ID_user."/"."candidatures/".$_POST["ID_internship"])){
mkdir("../documents/users/".$ID_user."/"."candidatures/".$_POST["ID_internship"], 0700);
}
$mail->Username = 'teamspeakcompte@gmail.com';
$mail->Password = 'wptjusfmrxurmgcf';
move_uploaded_file($_FILES['cv']['tmp_name'], "..".$location_cv);
move_uploaded_file($_FILES['lm']['tmp_name'], "..".$location_lm);
$mail->setFrom('teamspeakcompte@gmail.com', 'CTS');
$mail->addAddress('louisdumont4@gmail.com', 'Louis');
$query_ID_user = $bdd->prepare('INSERT INTO candidatures VALUES (NULL, "1", :location_cv, :location_lm, NULL, NULL, :ID_user, :ID_internship);');
$query_ID_user->execute(['location_cv' => $location_cv, 'location_lm' => $location_lm, 'ID_user' => $ID_user, 'ID_internship' => $_POST["ID_internship"]]);
$mail->IsHTML(true);
$mail->Subject = "Send email using Gmail SMTP and PHPMailer";
$mail->Body = 'HTML message body. <b>Gmail</b> SMTP email body.';
$mail->AltBody = 'Plain text message body for non-HTML email client. Gmail SMTP email body.';
try {
$mail->SMTPDebug = SMTP::DEBUG_SERVER;
$mail->isSMTP();
$mail->Host = 'smtp.gmail.com';
$mail->SMTPAuth = true;
$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS;
$mail->Port = 587;
$mail->send();
echo "Email message sent.";
} catch (Exception $e) {
echo "Error in sending email. Mailer Error: {$mail->ErrorInfo}";
$mail->Username = 'teamspeakcompte@gmail.com';
$mail->Password = 'wptjusfmrxurmgcf';
$mail->setFrom('teamspeakcompte@gmail.com', 'CTS');
$mail->addAddress('louisdumont4@gmail.com', 'Louis');
$mail->IsHTML(true);
$mail->Subject = "Send email using Gmail SMTP and PHPMailer";
$mail->Body = 'HTML message body. <b>Gmail</b> SMTP email body.';
$mail->AltBody = 'Plain text message body for non-HTML email client. Gmail SMTP email body.';
$mail->send();
echo "Email message sent.";
} catch (Exception $e) {
echo "Error in sending email. Mailer Error: {$mail->ErrorInfo}";
}
echo "<script>location.href='/offres_stages.php';</script>";
}
echo "<script>location.href='/offres_stages.php';</script>";
}
catch (Exception $e) {
echo "zut une erreur";
}
} else {echo "POST file incomplet";}
catch (Exception $e) {
echo "zut une erreur";
}
} else {echo "POST file incomplet";}
}
}
}
?>

BIN
documents/users/8/candidatures/3/CV.pdf Normal file
View File

Binary file not shown.

0
controller/0 → documents/users/8/candidatures/3/LM.pdf
View File

BIN
documents/users/candidatures/3/CV.pdf Normal file
View File

Binary file not shown.

BIN
documents/users/candidatures/3/LM.pdf Normal file
View File

Binary file not shown.

64
favoris.php
View File

@ -1,37 +1,38 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_SESSION["username"])){
$sql = 'SELECT ID_internship ,name_internship, description_internship, duration_internship, remuneration_internship, offer_date_internship, place_number_internship, competences_internship, city_localisation, postal_code_localisation, GROUP_CONCAT(name_promotion SEPARATOR ", ") AS "name_promotion", name_company, visibility_company, note FROM internships NATURAL JOIN localisations NATURAL JOIN companies NATURAL JOIN internship_for_promo NATURAL JOIN promotions NATURAL JOIN evaluate INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE name_role="Pilote" AND visibility_company="O" GROUP BY ID_internship ORDER BY offer_date_internship;';
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
$sql = 'SELECT ID_internship ,name_internship, description_internship, duration_internship, remuneration_internship, offer_date_internship, place_number_internship, competences_internship, city_localisation, postal_code_localisation, GROUP_CONCAT(name_promotion SEPARATOR ", ") AS "name_promotion", name_company, visibility_company, note FROM internships NATURAL JOIN localisations NATURAL JOIN companies NATURAL JOIN internship_for_promo NATURAL JOIN promotions NATURAL JOIN evaluate INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE name_role="Pilote" AND visibility_company="O" GROUP BY ID_internship ORDER BY offer_date_internship;';
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username=:user;');
$query_perm->execute(['user' => $_COOKIE["username"]]);
$results_perm = $query_perm->fetchALL(PDO::FETCH_OBJ);
if ($query_perm->rowCount() >= 1) {
$showFavoris = false;
include "controller/ConnexionBDD.php";
if (!$error) {
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username=:user;');
$query_perm->execute(['user' => $_SESSION["username"]]);
$results_perm = $query_perm->fetchALL(PDO::FETCH_OBJ);
if ($query_perm->rowCount() >= 1) {
$showFavoris = false;
foreach ($results_perm as $result) {
if ($result->code_permission == "SFx27" || $result->code_permission == "SFx28"){
$showFavoris = true;
}
}
foreach ($results_perm as $result) {
if ($result->code_permission == "SFx27" || $result->code_permission == "SFx28"){
$showFavoris = true;
}
}
if ($showFavoris){
$query_internships = $bdd->prepare($sql);
$query_internships->execute();
$results_internships = $query_internships->fetchALL(PDO::FETCH_OBJ);
if ($showFavoris){
$query_internships = $bdd->prepare($sql);
$query_internships->execute();
$results_internships = $query_internships->fetchALL(PDO::FETCH_OBJ);
$query_wishlist = $bdd->prepare('SELECT ID_internship FROM internships NATURAL JOIN wishlist INNER JOIN users ON wishlist.ID_user=users.ID_user WHERE username=:user;');
$query_wishlist->execute(['user' => $_SESSION["username"]]);
$results_wishlist = $query_wishlist->fetchALL(PDO::FETCH_OBJ);
$wishlist = [];
foreach ($results_wishlist as $result) {
array_push($wishlist, $result->ID_internship);
}
$query_wishlist = $bdd->prepare('SELECT ID_internship FROM internships NATURAL JOIN wishlist INNER JOIN users ON wishlist.ID_user=users.ID_user WHERE username=:user;');
$query_wishlist->execute(['user' => $_COOKIE["username"]]);
$results_wishlist = $query_wishlist->fetchALL(PDO::FETCH_OBJ);
$wishlist = [];
foreach ($results_wishlist as $result) {
array_push($wishlist, $result->ID_internship);
}
@ -131,14 +132,19 @@ if (isset($_SESSION["username"])){
</body>
</html>
<?php
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
}
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
}
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";

24
gestion_delegates.php
View File

@ -1,9 +1,13 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_SESSION["username"])){ ?>
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
?>
<html lang="fr">
<head>
<?php require "controller/Head.php" ?>
@ -24,6 +28,14 @@ if (isset($_SESSION["username"])){ ?>
<script src="assets/js/gestion_delegates.js"></script>
</body>
</html>
<?php } else {?>
<script>location.href='/';</script>
<?php } ?>
<?php
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
?>

24
gestion_entreprises.php
View File

@ -1,9 +1,13 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_SESSION["username"])){ ?>
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
?>
<html lang="fr">
<head>
<?php require "controller/Head.php" ?>
@ -24,6 +28,14 @@ if (isset($_SESSION["username"])){ ?>
<script src="assets/js/gestion_entreprises.js"></script>
</body>
</html>
<?php } else {?>
<script>location.href='/';</script>
<?php } ?>
<?php
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
?>

24
gestion_pilots.php
View File

@ -1,9 +1,13 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_SESSION["username"])){ ?>
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
?>
<html lang="fr">
<head>
<?php require "controller/Head.php" ?>
@ -24,6 +28,14 @@ if (isset($_SESSION["username"])){ ?>
<script src="assets/js/gestion_pilots.js"></script>
</body>
</html>
<?php } else {?>
<script>location.href='/';</script>
<?php } ?>
<?php
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
?>

24
gestion_stages.php
View File

@ -1,9 +1,13 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_SESSION["username"])){ ?>
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
?>
<html lang="fr">
<head>
<?php require "controller/Head.php" ?>
@ -24,6 +28,14 @@ if (isset($_SESSION["username"])){ ?>
<script src="assets/js/gestion_stages.js"></script>
</body>
</html>
<?php } else {?>
<script>location.href='/';</script>
<?php } ?>
<?php
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
?>

24
gestion_students.php
View File

@ -1,9 +1,13 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_SESSION["username"])){ ?>
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
?>
<html lang="fr">
<head>
<?php require "controller/Head.php" ?>
@ -24,6 +28,14 @@ if (isset($_SESSION["username"])){ ?>
<script src="assets/js/gestion_students.js"></script>
</body>
</html>
<?php } else {?>
<script>location.href='/';</script>
<?php } ?>
<?php
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
?>

69
gestions.php
View File

@ -1,38 +1,40 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
if (isset($_SESSION["username"])){
include "controller/ConnexionBDD.php";
if (!$error) {
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username=:user;');
$query_perm->execute(['user' => $_SESSION["username"]]);
$results = $query_perm->fetchALL(PDO::FETCH_OBJ);
if ($query_perm->rowCount() >= 1) {
$showGestion_Enterprises = false;
$showGestion_Studients = false;
$showGestion_Pilots = false;
$showGestion_Delegates = false;
$showGestion_Stages = false;
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username=:user;');
$query_perm->execute(['user' => $_COOKIE["username"]]);
$results = $query_perm->fetchALL(PDO::FETCH_OBJ);
if ($query_perm->rowCount() >= 1) {
$showGestion_Enterprises = false;
$showGestion_Studients = false;
$showGestion_Pilots = false;
$showGestion_Delegates = false;
$showGestion_Stages = false;
foreach($results as $result){
if ($result->code_permission == "SFx3" || $result->code_permission == "SFx4" || $result->code_permission == "SFx5" || $result->code_permission == "SFx6" || $result->code_permission == "SFx7"){
$showGestion_Enterprises = true;
foreach($results as $result){
if ($result->code_permission == "SFx3" || $result->code_permission == "SFx4" || $result->code_permission == "SFx5" || $result->code_permission == "SFx6" || $result->code_permission == "SFx7"){
$showGestion_Enterprises = true;
}
if ($result->code_permission == "SFx22" || $result->code_permission == "SFx23" || $result->code_permission == "SFx24" || $result->code_permission == "SFx25" || $result->code_permission == "SFx26"){
$showGestion_Studients = true;
}
if ($result->code_permission == "SFx13" || $result->code_permission == "SFx14" || $result->code_permission == "SFx15" || $result->code_permission == "SFx16"){
$showGestion_Pilots = true;
}
if ($result->code_permission == "SFx17" || $result->code_permission == "SFx18" || $result->code_permission == "SFx19" || $result->code_permission == "SFx20" || $result->code_permission == "SFx21"){
$showGestion_Delegates = true;
}
if ($result->code_permission == "SFx9" || $result->code_permission == "SFx10" || $result->code_permission == "SFx11" || $result->code_permission == "SFx12"){
$showGestion_Stages = true;
}
}
if ($result->code_permission == "SFx22" || $result->code_permission == "SFx23" || $result->code_permission == "SFx24" || $result->code_permission == "SFx25" || $result->code_permission == "SFx26"){
$showGestion_Studients = true;
}
if ($result->code_permission == "SFx13" || $result->code_permission == "SFx14" || $result->code_permission == "SFx15" || $result->code_permission == "SFx16"){
$showGestion_Pilots = true;
}
if ($result->code_permission == "SFx17" || $result->code_permission == "SFx18" || $result->code_permission == "SFx19" || $result->code_permission == "SFx20" || $result->code_permission == "SFx21"){
$showGestion_Delegates = true;
}
if ($result->code_permission == "SFx9" || $result->code_permission == "SFx10" || $result->code_permission == "SFx11" || $result->code_permission == "SFx12"){
$showGestion_Stages = true;
}
}
?>
<html lang="fr">
<head>
@ -108,10 +110,15 @@ if (isset($_SESSION["username"])){
</body>
</html>
<?php
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
}
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";

18
index.php
View File

@ -1,13 +1,14 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_SESSION["username"])){
echo "<script>location.href='/accueil.php';</script>";
}
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query->rowCount() == 1){echo "<script>location.href='/accueil.php';</script>";}
}
} else {
?>
<html lang="fr">
<head>
<title>Connexion - CTS</title>
@ -50,3 +51,6 @@ if (isset($_SESSION["username"])){
<script src="assets/js/index.js"></script>
</body>
</html>
<?php
}
?>

42
offres.php
View File

@ -1,28 +1,25 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username=:user;');
$query_perm->execute(['user' => $_COOKIE["username"]]);
$results = $query_perm->fetchALL(PDO::FETCH_OBJ);
if ($query_perm->rowCount() >= 1) {
$showEnterprises = false;
$showStages = false;
if (isset($_SESSION["username"])){
include "controller/ConnexionBDD.php";
if (!$error) {
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE username=:user;');
$query_perm->execute(['user' => $_SESSION["username"]]);
$results = $query_perm->fetchALL(PDO::FETCH_OBJ);
if ($query_perm->rowCount() >= 1) {
$showEnterprises = false;
$showStages = false;
foreach($results as $result){
if ($result->code_permission == "SFx2"){
$showEnterprises = true;
foreach($results as $result){
if ($result->code_permission == "SFx2"){ $showEnterprises = true; }
if ($result->code_permission == "SFx8"){ $showStages = true; }
}
if ($result->code_permission == "SFx8"){
$showStages = true;
}
}
if ($showEnterprises || $showStages) {
if ($showEnterprises || $showStages) {
?>
<html lang="fr">
<head>
@ -81,14 +78,17 @@ if (isset($_SESSION["username"])){
</body>
</html>
<?php
}
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
}
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
echo "<script>location.href='/controller/Disconnect.php';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";

127
offres_entreprises.php
View File

@ -1,74 +1,76 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
if (isset($_SESSION["username"])){
$sql = 'SELECT name_company, activity_sector_company, nb_intern_cesi_company, email_company, city_localisation, postal_code_localisation, COUNT(internships.ID_company) AS "number_of_internships", note FROM companies NATURAL JOIN companies_located NATURAL JOIN localisations LEFT JOIN internships ON companies.ID_company=internships.ID_company INNER JOIN evaluate ON companies.ID_company=evaluate.ID_company INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE visibility_company="O" AND name_role="Pilote"';
$params = [];
$selected = [];
if (isset($_GET["localisation"]) && isset($_GET["activity_sector"]) && isset($_GET["confiance"]) && isset($_GET["nb_stage"])){
if ($_GET["localisation"] != ""){
$sql = $sql . " AND city_localisation=:localisation";
$params['localisation'] = $_GET["localisation"];
$selected['localisation'] = $_GET["localisation"];
}
if ($_GET["activity_sector"] != ""){
echo $_GET["activity_sector"];
$sql = $sql . " AND activity_sector_company LIKE :activity_sector";
$params['activity_sector'] = '%'.$_GET["activity_sector"].'%';
$selected['activity_sector'] = $_GET["activity_sector"];
}
if ($_GET["confiance"] != ""){
$sql = $sql . " AND note=:note";
$params['note'] = $_GET["confiance"];
$selected['note'] = $_GET["confiance"];
}
$sql = 'SELECT name_company, activity_sector_company, nb_intern_cesi_company, email_company, city_localisation, postal_code_localisation, COUNT(internships.ID_company) AS "number_of_internships", note FROM companies NATURAL JOIN companies_located NATURAL JOIN localisations LEFT JOIN internships ON companies.ID_company=internships.ID_company INNER JOIN evaluate ON companies.ID_company=evaluate.ID_company INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE visibility_company="O" AND name_role="Pilote"';
$params = [];
$selected = [];
if (isset($_GET["localisation"]) && isset($_GET["activity_sector"]) && isset($_GET["confiance"]) && isset($_GET["nb_stage"])){
if ($_GET["localisation"] != ""){
$sql = $sql . " AND city_localisation=:localisation";
$params['localisation'] = $_GET["localisation"];
$selected['localisation'] = $_GET["localisation"];
}
if ($_GET["activity_sector"] != ""){
echo $_GET["activity_sector"];
$sql = $sql . " AND activity_sector_company LIKE :activity_sector";
$params['activity_sector'] = '%'.$_GET["activity_sector"].'%';
$selected['activity_sector'] = $_GET["activity_sector"];
}
if ($_GET["confiance"] != ""){
$sql = $sql . " AND note=:note";
$params['note'] = $_GET["confiance"];
$selected['note'] = $_GET["confiance"];
}
$sql = $sql . " GROUP BY internships.ID_company";
$sql = $sql . " GROUP BY internships.ID_company";
if ($_GET["nb_stage"] != ""){
$sql = $sql . " HAVING COUNT(internships.ID_company)=:nb_stage";
$params['nb_stage'] = $_GET["nb_stage"];
$selected['nb_stage'] = $_GET["nb_stage"];
}
} else {
$sql = $sql . " GROUP BY internships.ID_company";
}
$sql = $sql . ";";
if ($_GET["nb_stage"] != ""){
$sql = $sql . " HAVING COUNT(internships.ID_company)=:nb_stage";
$params['nb_stage'] = $_GET["nb_stage"];
$selected['nb_stage'] = $_GET["nb_stage"];
}
} else {
$sql = $sql . " GROUP BY internships.ID_company";
}
$sql = $sql . ";";
include "controller/ConnexionBDD.php";
if (!$error) {
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission=:perm AND username=:user;');
$query_perm->execute(['user' => $_SESSION["username"], 'perm' => "SFx2"]);
if ($query_perm->rowCount() == 1) {
$query_companies = $bdd->prepare($sql);
$query_companies->execute($params);
$results_companies = $query_companies->fetchALL(PDO::FETCH_OBJ);
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission=:perm AND username=:user;');
$query_perm->execute(['user' => $_COOKIE["username"], 'perm' => "SFx2"]);
if ($query_perm->rowCount() == 1) {
$query_companies = $bdd->prepare($sql);
$query_companies->execute($params);
$results_companies = $query_companies->fetchALL(PDO::FETCH_OBJ);
$query_localisations = $bdd->prepare('SELECT city_localisation FROM companies NATURAL JOIN companies_located NATURAL JOIN localisations WHERE visibility_company="O" GROUP BY city_localisation ORDER BY city_localisation ASC;');
$query_localisations->execute();
$results_localisations = $query_localisations->fetchALL(PDO::FETCH_OBJ);
$query_localisations = $bdd->prepare('SELECT city_localisation FROM companies NATURAL JOIN companies_located NATURAL JOIN localisations WHERE visibility_company="O" GROUP BY city_localisation ORDER BY city_localisation ASC;');
$query_localisations->execute();
$results_localisations = $query_localisations->fetchALL(PDO::FETCH_OBJ);
$query_activity_sector = $bdd->prepare('SELECT activity_sector_company FROM companies WHERE visibility_company="O" GROUP BY activity_sector_company;');
$query_activity_sector->execute();
$results_activity_sector = $query_activity_sector->fetchALL(PDO::FETCH_OBJ);
$liste_activity_sector = [];
foreach ($results_activity_sector as $result_activity_sector) {
foreach (explode(", ", $result_activity_sector->activity_sector_company) as $result) {
if (!in_array($result, $liste_activity_sector)) {
array_push($liste_activity_sector, $result);
$query_activity_sector = $bdd->prepare('SELECT activity_sector_company FROM companies WHERE visibility_company="O" GROUP BY activity_sector_company;');
$query_activity_sector->execute();
$results_activity_sector = $query_activity_sector->fetchALL(PDO::FETCH_OBJ);
$liste_activity_sector = [];
foreach ($results_activity_sector as $result_activity_sector) {
foreach (explode(", ", $result_activity_sector->activity_sector_company) as $result) {
if (!in_array($result, $liste_activity_sector)) {
array_push($liste_activity_sector, $result);
}
}
}
}
$query_notes = $bdd->prepare('SELECT note FROM companies NATURAL JOIN evaluate INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE name_role="Pilote" GROUP BY note ORDER BY note ASC;');
$query_notes->execute();
$results_notes = $query_notes->fetchALL(PDO::FETCH_OBJ);
$query_notes = $bdd->prepare('SELECT note FROM companies NATURAL JOIN evaluate INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE name_role="Pilote" GROUP BY note ORDER BY note ASC;');
$query_notes->execute();
$results_notes = $query_notes->fetchALL(PDO::FETCH_OBJ);
$query_nb_stages = $bdd->prepare('SELECT * FROM (SELECT COUNT(internships.ID_company) AS "number_of_internships" FROM companies LEFT JOIN internships ON companies.ID_company=internships.ID_company GROUP BY internships.ID_company) AS T GROUP BY number_of_internships ORDER BY number_of_internships ASC;');
$query_nb_stages->execute();
$results_nb_stages = $query_nb_stages->fetchALL(PDO::FETCH_OBJ);
$query_nb_stages = $bdd->prepare('SELECT * FROM (SELECT COUNT(internships.ID_company) AS "number_of_internships" FROM companies LEFT JOIN internships ON companies.ID_company=internships.ID_company GROUP BY internships.ID_company) AS T GROUP BY number_of_internships ORDER BY number_of_internships ASC;');
$query_nb_stages->execute();
$results_nb_stages = $query_nb_stages->fetchALL(PDO::FETCH_OBJ);
?>
<html lang="fr">
<head>
@ -217,10 +219,15 @@ if (isset($_SESSION["username"])){
</body>
</html>
<?php
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
}
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";

179
offres_stages.php
View File

@ -1,98 +1,100 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
if (isset($_SESSION["username"])){
$sql = 'SELECT ID_internship ,name_internship, description_internship, duration_internship, remuneration_internship, offer_date_internship, place_number_internship, competences_internship, city_localisation, postal_code_localisation, GROUP_CONCAT(name_promotion SEPARATOR ", ") AS "name_promotion", name_company, email_company, email_company, note FROM internships NATURAL JOIN localisations NATURAL JOIN companies NATURAL JOIN internship_for_promo NATURAL JOIN promotions NATURAL JOIN evaluate INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE name_role="Pilote" AND visibility_company="O"';
$params = [];
$selected = [];
if (isset($_GET["localisation"]) && isset($_GET["competences"]) && isset($_GET["confiance"]) && isset($_GET["dateoffre"]) && isset($_GET["duree"]) && isset($_GET["promotion"])){
if ($_GET["localisation"] != ""){
$sql = $sql . " AND city_localisation=:localisation";
$params['localisation'] = $_GET["localisation"];
$selected['localisation'] = $_GET["localisation"];
}
if ($_GET["competences"] != ""){
$sql = $sql . " AND competences_internship LIKE :competences";
$params['competences'] = '%'.$_GET["competences"].'%';
$selected['competences'] = $_GET["competences"];
}
if ($_GET["confiance"] != ""){
$sql = $sql . " AND note=:note";
$params['note'] = $_GET["confiance"];
$selected['note'] = $_GET["confiance"];
}
if ($_GET["dateoffre"] != ""){
$sql = $sql . " AND offer_date_internship >= :dateoffre";
$params['dateoffre'] = $_GET["dateoffre"];
$selected['dateoffre'] = $_GET["dateoffre"];
}
if ($_GET["duree"] != ""){
$sql = $sql . " AND duration_internship = :duree";
$params['duree'] = $_GET["duree"];
$selected['duree'] = $_GET["duree"];
}
if ($_GET["promotion"] != ""){
$sql = $sql . " AND name_promotion = :promotion";
$params['promotion'] = $_GET["promotion"];
$selected['promotion'] = $_GET["promotion"];
}
}
$sql = $sql . " GROUP BY ID_internship ORDER BY offer_date_internship ASC;";
include "controller/ConnexionBDD.php";
if (!$error) {
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission=:perm AND username=:user;');
$query_perm->execute(['user' => $_SESSION["username"], 'perm' => "SFx8"]);
if ($query_perm->rowCount() == 1) {
$query_internships = $bdd->prepare($sql);
$query_internships->execute($params);
$results_internships = $query_internships->fetchALL(PDO::FETCH_OBJ);
$query_localisations = $bdd->prepare('SELECT city_localisation FROM localisations NATURAL JOIN internships NATURAL JOIN companies WHERE visibility_company="O" GROUP BY city_localisation ORDER BY city_localisation ASC;');
$query_localisations->execute();
$results_localisations = $query_localisations->fetchALL(PDO::FETCH_OBJ);
$query_competences = $bdd->prepare('SELECT competences_internship FROM internships NATURAL JOIN companies WHERE visibility_company="O";');
$query_competences->execute();
$results_competences = $query_competences->fetchALL(PDO::FETCH_OBJ);
$liste_competences = [];
foreach ($results_competences as $result_competences) {
foreach (explode(", ", $result_competences->competences_internship) as $result) {
if (!in_array($result, $liste_competences)) {
array_push($liste_competences, $result);
}
$sql = 'SELECT ID_internship ,name_internship, description_internship, duration_internship, remuneration_internship, offer_date_internship, place_number_internship, competences_internship, city_localisation, postal_code_localisation, GROUP_CONCAT(name_promotion SEPARATOR ", ") AS "name_promotion", name_company, email_company, email_company, note FROM internships NATURAL JOIN localisations NATURAL JOIN companies NATURAL JOIN internship_for_promo NATURAL JOIN promotions NATURAL JOIN evaluate INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE name_role="Pilote" AND visibility_company="O"';
$params = [];
$selected = [];
if (isset($_GET["localisation"]) && isset($_GET["competences"]) && isset($_GET["confiance"]) && isset($_GET["dateoffre"]) && isset($_GET["duree"]) && isset($_GET["promotion"])){
if ($_GET["localisation"] != ""){
$sql = $sql . " AND city_localisation=:localisation";
$params['localisation'] = $_GET["localisation"];
$selected['localisation'] = $_GET["localisation"];
}
if ($_GET["competences"] != ""){
$sql = $sql . " AND competences_internship LIKE :competences";
$params['competences'] = '%'.$_GET["competences"].'%';
$selected['competences'] = $_GET["competences"];
}
if ($_GET["confiance"] != ""){
$sql = $sql . " AND note=:note";
$params['note'] = $_GET["confiance"];
$selected['note'] = $_GET["confiance"];
}
if ($_GET["dateoffre"] != ""){
$sql = $sql . " AND offer_date_internship >= :dateoffre";
$params['dateoffre'] = $_GET["dateoffre"];
$selected['dateoffre'] = $_GET["dateoffre"];
}
if ($_GET["duree"] != ""){
$sql = $sql . " AND duration_internship = :duree";
$params['duree'] = $_GET["duree"];
$selected['duree'] = $_GET["duree"];
}
if ($_GET["promotion"] != ""){
$sql = $sql . " AND name_promotion = :promotion";
$params['promotion'] = $_GET["promotion"];
$selected['promotion'] = $_GET["promotion"];
}
}
$sql = $sql . " GROUP BY ID_internship ORDER BY offer_date_internship ASC;";
$query_notes = $bdd->prepare('SELECT note FROM internships NATURAL JOIN companies NATURAL JOIN evaluate INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE name_role="Pilote" AND visibility_company="O" GROUP BY note ORDER BY note ASC;');
$query_notes->execute();
$results_notes = $query_notes->fetchALL(PDO::FETCH_OBJ);
$query_perm = $bdd->prepare('SELECT username, code_permission FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission=:perm AND username=:user;');
$query_perm->execute(['user' => $_COOKIE["username"], 'perm' => "SFx8"]);
if ($query_perm->rowCount() == 1) {
$query_internships = $bdd->prepare($sql);
$query_internships->execute($params);
$results_internships = $query_internships->fetchALL(PDO::FETCH_OBJ);
$query_durations = $bdd->prepare('SELECT ROUND(duration_internship/30) AS duration_internship FROM internships NATURAL JOIN companies WHERE visibility_company="O" GROUP BY duration_internship ORDER BY duration_internship ASC;');
$query_durations->execute();
$results_durations = $query_durations->fetchALL(PDO::FETCH_OBJ);
$query_localisations = $bdd->prepare('SELECT city_localisation FROM localisations NATURAL JOIN internships NATURAL JOIN companies WHERE visibility_company="O" GROUP BY city_localisation ORDER BY city_localisation ASC;');
$query_localisations->execute();
$results_localisations = $query_localisations->fetchALL(PDO::FETCH_OBJ);
$query_promotions = $bdd->prepare('SELECT name_promotion FROM internships NATURAL JOIN internship_for_promo NATURAL JOIN promotions NATURAL JOIN companies WHERE visibility_company="O" GROUP BY name_promotion;');
$query_promotions->execute();
$results_promotions = $query_promotions->fetchALL(PDO::FETCH_OBJ);
$query_competences = $bdd->prepare('SELECT competences_internship FROM internships NATURAL JOIN companies WHERE visibility_company="O";');
$query_competences->execute();
$results_competences = $query_competences->fetchALL(PDO::FETCH_OBJ);
$liste_competences = [];
foreach ($results_competences as $result_competences) {
foreach (explode(", ", $result_competences->competences_internship) as $result) {
if (!in_array($result, $liste_competences)) {
array_push($liste_competences, $result);
}
}
}
$query_wishlist = $bdd->prepare('SELECT ID_internship FROM internships NATURAL JOIN wishlist INNER JOIN users ON wishlist.ID_user=users.ID_user WHERE username=:user;');
$query_wishlist->execute(['user' => $_SESSION["username"]]);
$results_wishlist = $query_wishlist->fetchALL(PDO::FETCH_OBJ);
$wishlist = [];
foreach ($results_wishlist as $result) {
array_push($wishlist, $result->ID_internship);
}
$query_notes = $bdd->prepare('SELECT note FROM internships NATURAL JOIN companies NATURAL JOIN evaluate INNER JOIN users ON evaluate.ID_user=users.ID_user NATURAL JOIN roles WHERE name_role="Pilote" AND visibility_company="O" GROUP BY note ORDER BY note ASC;');
$query_notes->execute();
$results_notes = $query_notes->fetchALL(PDO::FETCH_OBJ);
$query_candidatures = $bdd->prepare('SELECT candidatures.ID_internship FROM candidatures NATURAL JOIN users INNER JOIN internships ON candidatures.ID_internship=internships.ID_internship WHERE username=:user;');
$query_candidatures->execute(['user' => $_SESSION["username"]]);
$results_candidatures = $query_candidatures->fetchALL(PDO::FETCH_OBJ);
$candidatures = [];
foreach ($results_candidatures as $result) {
array_push($candidatures, $result->ID_internship);
}
$query_durations = $bdd->prepare('SELECT ROUND(duration_internship/30) AS duration_internship FROM internships NATURAL JOIN companies WHERE visibility_company="O" GROUP BY duration_internship ORDER BY duration_internship ASC;');
$query_durations->execute();
$results_durations = $query_durations->fetchALL(PDO::FETCH_OBJ);
$query_promotions = $bdd->prepare('SELECT name_promotion FROM internships NATURAL JOIN internship_for_promo NATURAL JOIN promotions NATURAL JOIN companies WHERE visibility_company="O" GROUP BY name_promotion;');
$query_promotions->execute();
$results_promotions = $query_promotions->fetchALL(PDO::FETCH_OBJ);
$query_wishlist = $bdd->prepare('SELECT ID_internship FROM internships NATURAL JOIN wishlist INNER JOIN users ON wishlist.ID_user=users.ID_user WHERE username=:user;');
$query_wishlist->execute(['user' => $_COOKIE["username"]]);
$results_wishlist = $query_wishlist->fetchALL(PDO::FETCH_OBJ);
$wishlist = [];
foreach ($results_wishlist as $result) {
array_push($wishlist, $result->ID_internship);
}
$query_candidatures = $bdd->prepare('SELECT candidatures.ID_internship FROM candidatures NATURAL JOIN users INNER JOIN internships ON candidatures.ID_internship=internships.ID_internship WHERE username=:user;');
$query_candidatures->execute(['user' => $_COOKIE["username"]]);
$results_candidatures = $query_candidatures->fetchALL(PDO::FETCH_OBJ);
$candidatures = [];
foreach ($results_candidatures as $result) {
array_push($candidatures, $result->ID_internship);
}
?>
<html lang="fr">
<head>
@ -302,10 +304,15 @@ if (isset($_SESSION["username"])){
</body>
</html>
<?php
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
}
} else {
header('HTTP/1.0 403 Forbidden');
require "controller/403.php";
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";

21
parameters.php
View File

@ -1,14 +1,16 @@
<!DOCTYPE html>
<?php
session_start();
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
require "controller/ConnexionBDD.php";
if (!$error) {
$query_check_cookie = $bdd->prepare('SELECT * FROM users NATURAL JOIN roles NATURAL JOIN roles_has_permissions NATURAL JOIN permissions WHERE code_permission="SFx1" AND username=:user AND password_user=:password_user;');
$query_check_cookie->execute(['user' => $_COOKIE['username'], 'password_user' => $_COOKIE['pass']]);
if ($query_check_cookie->rowCount() == 1){
if (isset($_SESSION["username"])){
include "controller/ConnexionBDD.php";
if (!$error) {
$query = $bdd->prepare('SELECT username, lastname_user, firstname_user, email_user, city_localisation, date_creation, connection_count, GROUP_CONCAT(name_promotion SEPARATOR ", ") AS "name_promotion", name_role FROM a2_projet_web.users NATURAL JOIN user_belong_promo NATURAL JOIN promotions NATURAL JOIN localisations NATURAL JOIN roles WHERE username=:user GROUP BY username;');
$query->execute(['user' => $_SESSION["username"]]);
$results = $query->fetchALL(PDO::FETCH_OBJ);
$query = $bdd->prepare('SELECT username, lastname_user, firstname_user, email_user, city_localisation, date_creation, connection_count, GROUP_CONCAT(name_promotion SEPARATOR ", ") AS "name_promotion", name_role FROM a2_projet_web.users NATURAL JOIN user_belong_promo NATURAL JOIN promotions NATURAL JOIN localisations NATURAL JOIN roles WHERE username=:user GROUP BY username;');
$query->execute(['user' => $_COOKIE["username"]]);
$results = $query->fetchALL(PDO::FETCH_OBJ);
?>
<html lang="fr">
<head>
@ -120,6 +122,11 @@ if (isset($_SESSION["username"])){
</body>
</html>
<?php
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";
}
} else {
echo "<script>location.href='/';</script>";

36
test.php
View File

@ -1,30 +1,10 @@
<!DOCTYPE html>
<?php
session_start();
setcookie("username", "louis.dumont", time()+3600, "/");
setcookie("pass", "c499eec73d18319f4066758e1daf8c84a64e52f7", time()+3600, "/");
if (isset($_SESSION["username"])){ ?>
<html lang="fr">
<head>
<?php require "controller/Head.php" ?>
<title>TEST - CTS</title>
</head>
<body>
<div class="container">
<?php require "controller/Nav_bar.php"?>
<div class="main">
<?php require "controller/Top_bar.php" ?>
<div class="content">
<form action="/test2.php" method="post" enctype="multipart/form-data">
<input id="file" type="file" name="file">
<button type="submit">Envoyer</button>
</form>
</div>
</div>
</div>
<?php require "controller/Script.php" ?>
</body>
</html>
<?php } else {?>
<script>location.href='/';</script>
<?php } ?>
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
echo $_COOKIE['username'].$_COOKIE['pass'];
} else {
echo "non";
}
?>

35
test2.php
View File

@ -1,35 +1,10 @@
<?php
session_start();
if (isset($_SESSION["username"])){
include "controller/ConnexionBDD.php";
if (!$error) {
$query_ID_user = $bdd->prepare('SELECT ID_user FROM users WHERE username=:user;');
$query_ID_user->execute(['user' => $_SESSION["username"]]);
$ID_user = $query_ID_user->fetchALL(PDO::FETCH_OBJ)[0]->ID_user;
print_r($_COOKIE);
$location_cv = "./documents/users/".$ID_user."/".$_FILES['cv']['name'];
$location_lm = "./documents/users/".$ID_user."/".$_FILES['lm']['name'];
if (!is_dir('./documents/')){
mkdir("./documents/", 0700);
}
if (!is_dir('./documents/users')){
mkdir("./documents/users", 0700);
}
if (!is_dir("./documents/users/".$ID_user)){
mkdir("./documents/users/".$ID_user, 0700);
}
try {
move_uploaded_file($_FILES['cv']['tmp_name'], $location_cv);
move_uploaded_file($_FILES['lm']['tmp_name'], $location_lm);
echo "tout est ok";
}
catch (Exception $e) {
echo "zut une erreur";
}
}
if (isset($_COOKIE['username']) && isset($_COOKIE['pass'])) {
echo $_COOKIE['username'].$_COOKIE['pass'];
} else {
echo "non";
}
?>