first commit

This commit is contained in:
adriy 2017-05-21 14:59:04 +02:00
commit 99b780ba03
4 changed files with 416 additions and 0 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
config.php

15
config.php.sample Normal file
View File

@ -0,0 +1,15 @@
<?php
return array(
'host' => 'localhost',
'username' => 'root',
'password' => 'root',
'dbname' => 'root',
'timestampDeadLine' => 1488229200,
'IP_LOCAL' => '192.168.0.86',
'recaptcha_private' => '',
'recaptcha_public' => '',
'main_pw' => '1223T',
);
?>

249
index.php Normal file
View File

@ -0,0 +1,249 @@
<?php
session_start();
date_default_timezone_set("Europe/Brussels");
$config = include('config.php');
$timestampDeadLine = $config['timestampDeadLine'];
$_SESSION['deadLine'] = (time()>$timestampDeadLine)?1:0;
if(isset($_SESSION['accesOk']) || $_SERVER['HTTP_HOST'] == $config['IP_LOCAL'])
{
try
{
$bdd = new PDO('mysql:host='.$config['host'].';dbname='.$config['dbname'].';charset=utf8', $config['username'], $config['password']);
}
catch (Exception $e)
{
die('Erreur : ' . $e->getMessage());
}
?>
<!doctype html>
<html lang="fr">
<head>
<meta charset="utf-8">
<title>Titre de la page</title>
<link rel="stylesheet" href="style.css">
<script src="script.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script>
</head>
<body>
<div id="error" style="background-color:red"></div>
<?php
if(isset($_SESSION['idEtudiant']))
{
$sommeParEtudian = array();
$idEtudianMax = 0;
echo "<strong><div style='color:red'>BETA</div></strong><br>";
echo "<h1>".$_SESSION['nomPanier'];
if($_SESSION['deadLine'])
echo "(Dead Line passée)";
echo "</h1>";
echo "Dead Line : ".date('d/m/y H:i', $timestampDeadLine)."<br/><br/>";
?>
<input type="button" onclick="logout()" value="Se Deconnecter" style="float:right"/>
<table id="ownCMD">
<tr><th colspan="6">Ma commande (<?php echo $_SESSION["pseudo"]; ?>)</th></tr>
<tr><th>ref</th><th>Description</th><th>Prix</th><th>Quantité</th><th>Prix totale</th></tr>
<?php
$ssTotal = 0;
$rep = $bdd->query('SELECT * FROM panier WHERE idEtudiant='.$_SESSION['idEtudiant'].' AND panierId='.$_SESSION['panierId']); //vas chercher les produit de l'etudiant
while ($data = $rep->fetch())
{
$rep2 = $bdd->query('SELECT * FROM article WHERE id='.$data['idArticle'].' AND panierId='.$_SESSION['panierId']);
$data2 = $rep2->fetch();
if($data['nombre'] > 0)
{
?>
<tr><td><?php echo $data2['ref'];?></td><td><?php echo $data2['description']; ?></td><td><?php echo $data2['prix']; ?>€</td><td><input type="number" name="need" value="<?php echo $data['nombre'];
?>" onchange="updatePanier(<?php echo $data['id'];?>, this,0)"/></td><td><?php echo ($data2['prix']*$data['nombre']); ?>€</td><tr>
<?php
$ssTotal = $ssTotal + ($data2['prix']*$data['nombre']);
}
}
if(!$_SESSION['deadLine'])
{ ?>
<tr id="addArticle"><td><input type="text" name="ref"class="col" id="ref" placeholder="Ref." /></td>
<td><input type="text" name="description" class="col" id="description" placeholder="Description" /></td>
<td><input type="number" name="prix" class="col" id="prix" placeholder="Prix" step="0.01"/></td>
<td><input type="number" name="quantite" class="col" id="quantite" placeholder="Quantité" /></td>
<td class="prix tot"></td><tr>
<tr><td colspan="7"><input type="button" value="ajouter" onclick="sendForm()"/></td></tr><?php } ?>
</table>
Sous total HTVA : <?php echo $ssTotal; ?><br />
Sous total TTC (21%) : <?php echo $ssTotal*1.21; ?><br />
<br>
<table id="grpCMD">
<tr><th colspan="7">Commande de groupe</th></tr>
<tr><th>ref</th><th>Description</th><th>Prix</th><th>Quantité</th><th>Prix totale</th><th>J'en veux</th><th>Etudiant qui a commander</th><tr>
<?php
$rep = $bdd->query('SELECT * FROM article WHERE panierId='.$_SESSION['panierId']); //va chercher tt les article
$ssTotal = 0;
while ($data = $rep->fetch())
{
$rep2 = $bdd->query('SELECT * FROM panier WHERE idArticle='.$data['id']); //chercher les elem du panier qui appartienne a l'article en cours
$nbr = 0;
$meNbr = 0;
$student = "";
while($data2 = $rep2->fetch())
{
//if($data2['idEtudiant'] == $_SESSION['idEtudiant'])
//$meNbr = $data2['nombre'];
//$nbr = $nbr+$data2['nombre'];
if($data2['nombre']>0)
{
$rep3 = $bdd->query('SELECT * FROM etudiant WHERE id='.$data2['idEtudiant']); //Va voir le nom etudiant qui le commande
$data3 = $rep3->fetch();
if($data3['enable'])
{
if($data2['idEtudiant'] == $_SESSION['idEtudiant'])
$meNbr = $data2['nombre'];
$nbr = $nbr+$data2['nombre'];
$student = $student."".$data3['pseudo']."(".$data2['nombre']."); ";
if(isset($sommeParEtudian[$data3['id']]['somme']))
{
$sommeParEtudian[$data3['id']]['somme'] += $data['prix']*$data2['nombre'];
}
else
{
$sommeParEtudian[$data3['id']]['somme'] = $data['prix']*$data2['nombre'];
$sommeParEtudian[$data3['id']]['pseudo'] = $data3['pseudo'];
if($data3['id']>$idEtudianMax)
$idEtudianMax = $data3['id'];
}
}
else
{
if(isset($sommeParEtudian[$data3['id']]['somme']))
{
$sommeParEtudian[$data3['id']]['somme'] += $data['prix']*$data2['nombre'];
}
else
{
$sommeParEtudian[$data3['id']]['somme'] = $data['prix']*$data2['nombre'];
$sommeParEtudian[$data3['id']]['pseudo'] = $data3['pseudo'].'<span style="color:red">(NP)</span>';
if($data3['id']>$idEtudianMax)
$idEtudianMax = $data3['id'];
}
}
}
};
$ssTotal = $ssTotal + ($data['prix']*$nbr);
if($_SESSION['deadLine'] && $nbr > 0 || !$_SESSION['deadLine'])
{
?>
<tr><td><?php echo $data['ref']; ?></td><td><?php echo $data['description']; ?></td><td><?php echo $data['prix']; ?>€</td><td><?php echo $nbr; ?></td><td><?php echo ($data['prix']*$nbr); ?>€</td>
<td><input type="number" name="need" value="<?php echo $meNbr; ?>" onchange="updatePanier(<?php echo $data['id'];?>, this,1)"/></td><td><?php echo $student; ?></td><tr>
<?php
}
} ?>
</table>
Sous total HTVA : <?php echo $ssTotal; ?><br />
Sous total TTC (21%) : <?php echo $ssTotal*1.21; ?><br />
<br />
<table>
<tr><th colspan="3">Récapitulatif de la commande par étudiant</th><tr>
<tr><th>Pseudo</th><th>Prix HTVA</th><th>Prix TTC</th></tr>
<?php
for($i=0; $i<= $idEtudianMax ; $i++)
{
if(isset($sommeParEtudian[$i]['somme']))
{
// var_dump($sommeParEtudian);
echo "<tr><td>".$sommeParEtudian[$i]['pseudo']."</td><td>".$sommeParEtudian[$i]['somme']."</td><td>".round($sommeParEtudian[$i]['somme']*1.21,2)."</td></tr>";
}
}
?>
</table>
<?php
}
else {
echo "<strong><h1 style='color:red'>BETA</h1></strong>";
?>
<form action="index.php#" method="post" onsubmit="return false">
<table><tr><td>Pseudo* :</td><td><input type="text" id="pseudo"/></td><tr>
<tr><td>Mot de passe (vous pouvez laisser vide)</td><td><input type="password" id="password"></td></tr>
<tr><td colspan="2"><input type="submit" value="se connecter" onclick="login();return false;"/></td></table>
</form>
<div id="status" style="float:right"></div>
<?php
} ?>
<!-- Le reste du contenu -->
</body>
</html>
<?php
}
else if(isset($_POST['pw']))
{
$ch = curl_init("");
$params=array('secret'=>urlencode($config['recaptcha_private']), 'response'=>urlencode($_POST['g-recaptcha-response']));
$defaults = array(
CURLOPT_URL => 'https://www.google.com/recaptcha/api/siteverify',
CURLOPT_POST => true,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POSTFIELDS => $params,
);
curl_setopt_array($ch, $defaults);
$data = curl_exec($ch);
$result = json_decode($data, true);
if($result["success"] && $_POST['pw']== $config['main_pw'])
{
$_SESSION['accesOk'] = "";
header("Refresh:0");
}
else {
?>
<!doctype html>
<html lang="fr">
<head>
<meta charset="utf-8">
<title></title>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>
<body>
<form action="" method="post">
<input type="password" name="pw" />
<div class="g-recaptcha" data-sitekey="<?php echo $config['recaptcha_public'];?>"></div>
<input type="submit" />
</form>
</body>
<?php
}
}
else
{
?>
<!doctype html>
<html lang="fr">
<head>
<meta charset="utf-8">
<title></title>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>
<body>
<form action="" method="post">
<input type="password" name="pw" />
<div class="g-recaptcha" data-sitekey="<?php echo $config['recaptcha_public'];?>"></div>
<input type="submit" />
</form>
</body>
<?php } ?>

151
post.php Normal file
View File

@ -0,0 +1,151 @@
<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
session_start();
$config = include('config.php');
$deadLine = $_SESSION['deadLine'];
try
{
$bdd = new PDO('mysql:host='.$config['host'].';dbname='.$config['dbname'].';charset=utf8', $config['username'], $config['password']);
}
catch (Exception $e)
{
die('Erreur : ' . $e->getMessage());
}
if(isset($_POST['quant']) && isset($_POST['ref']) && isset($_POST['description']) && isset($_POST['prix']) && !$deadLine)
{
$req = $bdd->prepare('SELECT * FROM article WHERE ref=:ref');
$data = $req->execute(array(
'ref' => $_POST['ref']
));
$id;
$data = $req->fetch();
if(isset($data['ref']))
{
$req = $bdd->prepare('UPDATE panier SET nombre=:nbr WHERE id=:id');
$req->execute(array(
'nbr' => $_POST['quant'],
'id' => $data['id']
));
}
else
{
$req = $bdd->prepare('INSERT INTO article(ref, description, prix, panierId) VALUES(:ref, :description, :prix, :panierId)');
$req->execute(array(
'ref' => $_POST["ref"],
'description' => $_POST['description'],
'prix' => $_POST['prix'],
'panierId' => $_SESSION['panierId']
));
$id = $bdd->lastInsertId();
$req = $bdd->prepare('INSERT INTO panier(idEtudiant, idArticle, nombre, panierId) VALUES(:idEtudiant, :idAdrticle, :nombre, :panierId)');
$req->execute(array(
'idEtudiant' => $_SESSION["idEtudiant"],
'idAdrticle' => $id,
'nombre' => $_POST['quant'],
'panierId' => $_SESSION['panierId']
));
}
}
else if(isset($_POST['user']) && isset($_POST['pw']))
{
$req = $bdd->prepare('SELECT * FROM etudiant WHERE lower(pseudo)=:pseudo');
$data = $req->execute(array(
'pseudo' => strtolower($_POST['user'])
));
$data = $req->fetch();
if($data)
{
if($data['pw'] == (empty($_POST['pw'])?'':md5($_POST['pw'])))
{
$_SESSION['idEtudiant'] = $data['id'];
$_SESSION['pseudo'] = $data['pseudo'];
$_SESSION['admin'] = $data['admin'];
$_SESSION['panierId'] = 1;
$_SESSION['nomPanier'] = "farnell projet 1";
echo json_encode(array('loggin'=> '1'));
}
else
{
echo json_encode(array('loggin'=> '2'));
}
}
else
{
$req = $bdd->prepare('INSERT INTO etudiant(pseudo,pw) VALUE(:pseudo,:pw)');
$req->execute(array(
'pseudo' => htmlspecialchars($_POST['user']),
'pw' => empty($_POST['pw'])?'':md5($_POST['pw'])
));
$id = $bdd->lastInsertId();
$_SESSION['idEtudiant'] = $id;
$_SESSION['admin'] = 0;
$_SESSION['pseudo'] = $_POST['user'];
$_SESSION['admin'] = 0;
$_SESSION['panierId'] = 1;
$_SESSION['nomPanier'] = "farnell projet 1";
echo json_encode(array('loggin'=> '3'));
}
}
else if(isset($_POST['quant']) && !$deadLine){
if(isset($_POST['idarticle'])) //Pour ma commande j'envois un id
{
$req = $bdd->prepare('SELECT * FROM panier WHERE id=:id');
$rep = $req->execute(array(
'id' => $_POST['idarticle']
));
$data = $req->fetch();
if(isset($data['idEtudiant']) && $data['idEtudiant'] == $_SESSION['idEtudiant'])//C'est bien le bonne etudiant
{
$req = $bdd->prepare('UPDATE panier SET nombre=:nbr WHERE id=:id');
$req->execute(array(
'nbr' => $_POST['quant'],
'id' => $_POST['idarticle']
));
}
else {
echo json_encode("err");
}
}
else if(isset($_POST['refId']))//quand je passe par la commande globale je passe par la identifiant de la ref
{
$req = $bdd->prepare('SELECT * FROM panier WHERE idArticle=:refId AND idEtudiant=:idEtudiant');//Tchek si l'etudiant a déja l'article
$rep = $req->execute(array(
'refId' => $_POST['refId'],
'idEtudiant' => $_SESSION['idEtudiant']
));
$data = $req->fetch();
if($data)
{
$req = $bdd->prepare('UPDATE panier SET nombre=:nbr WHERE id=:id');
$req->execute(array(
'nbr' => $_POST['quant'],
'id' => $data['id']
));
}
else {
$req = $bdd->prepare('INSERT INTO panier(idEtudiant, idArticle, nombre, panierId) VALUES(:idEtudiant, :idAdrticle, :nombre, :panierId)');
$req->execute(array(
'idEtudiant' => $_SESSION["idEtudiant"],
'idAdrticle' => $_POST['refId'],
'nombre' => $_POST['quant'],
'panierId' => $_SESSION['panierId']
));
}
}
}
else if(isset($_POST['quant']) && $deadLine)
{
http_response_code(401);
echo "N'est plus autorisé ! DeadLine Dépaséé !";
}
else {
session_destroy();
session_start();
$_SESSION['accesOk'] = "";
}
?>