2026-02-24 14:26:25 +00:00
|
|
|
<?php
|
2026-02-27 13:56:12 +00:00
|
|
|
function getRaccourcis($bdd)
|
|
|
|
|
{
|
2026-02-24 14:26:25 +00:00
|
|
|
$results = mysqli_query($bdd, "SELECT * FROM `raccourcis`");
|
|
|
|
|
$return = [];
|
|
|
|
|
return $results;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-27 13:56:12 +00:00
|
|
|
function connectBDD($domain, $user, $password, $db)
|
|
|
|
|
{
|
2026-02-24 14:26:25 +00:00
|
|
|
$link = mysqli_connect($domain, $user, $password, $db);
|
|
|
|
|
|
|
|
|
|
if (!$link) {
|
|
|
|
|
die('Erreur de connexion');
|
|
|
|
|
} else {
|
|
|
|
|
mysqli_set_charset($link, "utf8");
|
|
|
|
|
|
|
|
|
|
return $link;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-27 13:56:12 +00:00
|
|
|
function getActus($bdd)
|
|
|
|
|
{
|
2026-02-24 14:26:25 +00:00
|
|
|
$results = mysqli_query($bdd, "SELECT * FROM `actus` ORDER BY `id` LIMIT 4");
|
|
|
|
|
$return = [];
|
|
|
|
|
return $results;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-27 13:56:12 +00:00
|
|
|
function validateCSRFToken($csrf_server, $csrf_client)
|
|
|
|
|
{
|
2026-02-24 14:26:25 +00:00
|
|
|
if (!hash_equals($csrf_server, $csrf_client)) {
|
2026-02-27 13:56:12 +00:00
|
|
|
echo ($csrf_client . " " . $csrf_server);
|
2026-02-24 14:26:25 +00:00
|
|
|
die('CSRF token validation failed');
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-27 13:56:12 +00:00
|
|
|
function verifyPassword($hash_password, $tryPassword)
|
|
|
|
|
{
|
2026-02-24 14:26:25 +00:00
|
|
|
$hashTry = hash('sha256', $tryPassword);
|
2026-02-27 13:56:12 +00:00
|
|
|
if ($hash_password == $hashTry) {
|
2026-02-24 14:26:25 +00:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-27 13:56:12 +00:00
|
|
|
function getHashPwd($bdd, $username)
|
|
|
|
|
{
|
2026-02-24 14:26:25 +00:00
|
|
|
|
|
|
|
|
$stmt = mysqli_prepare(
|
|
|
|
|
$bdd,
|
|
|
|
|
"SELECT password FROM utilisateurs WHERE username = ? LIMIT 1"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_bind_param($stmt, "s", $username);
|
|
|
|
|
mysqli_stmt_execute($stmt);
|
|
|
|
|
|
|
|
|
|
$result = mysqli_stmt_get_result($stmt);
|
|
|
|
|
$user = mysqli_fetch_assoc($result);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_close($stmt);
|
|
|
|
|
|
|
|
|
|
return $user; // retourne un tableau ou null
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-27 13:56:12 +00:00
|
|
|
function getEvenements($bdd, $site)
|
|
|
|
|
{
|
2026-02-24 14:26:25 +00:00
|
|
|
|
|
|
|
|
$results = mysqli_query(
|
|
|
|
|
$bdd,
|
|
|
|
|
"SELECT * FROM evenements WHERE `site_id`='" . $site . "' ORDER BY date DESC"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$evenements = [];
|
|
|
|
|
|
|
|
|
|
while ($row = mysqli_fetch_assoc($results)) {
|
|
|
|
|
$evenements[] = $row;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $evenements;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-27 13:56:12 +00:00
|
|
|
function getSite($bdd, $username)
|
|
|
|
|
{
|
2026-02-24 14:26:25 +00:00
|
|
|
$stmt = mysqli_prepare(
|
|
|
|
|
$bdd,
|
|
|
|
|
"SELECT site_id FROM utilisateurs WHERE username = ? LIMIT 1"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_bind_param($stmt, "s", $username);
|
|
|
|
|
mysqli_stmt_execute($stmt);
|
|
|
|
|
|
|
|
|
|
$result = mysqli_stmt_get_result($stmt);
|
|
|
|
|
$row = mysqli_fetch_assoc($result);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_close($stmt);
|
|
|
|
|
|
|
|
|
|
return $row ? $row['site_id'] : null;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-27 13:56:12 +00:00
|
|
|
function getSiteName($bdd, $site)
|
|
|
|
|
{
|
2026-02-24 14:26:25 +00:00
|
|
|
$stmt = mysqli_prepare(
|
|
|
|
|
$bdd,
|
|
|
|
|
"SELECT nom FROM site WHERE site_id = ? LIMIT 1"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_bind_param($stmt, "s", $site);
|
|
|
|
|
mysqli_stmt_execute($stmt);
|
|
|
|
|
|
|
|
|
|
$result = mysqli_stmt_get_result($stmt);
|
|
|
|
|
$row = mysqli_fetch_assoc($result);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_close($stmt);
|
|
|
|
|
|
|
|
|
|
return $row ? $row['nom'] : null;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-27 13:56:12 +00:00
|
|
|
function getEventName($bdd, $event)
|
|
|
|
|
{
|
2026-02-24 14:26:25 +00:00
|
|
|
$stmt = mysqli_prepare(
|
|
|
|
|
$bdd,
|
|
|
|
|
"SELECT titre FROM evenements WHERE id = ? LIMIT 1"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_bind_param($stmt, "s", $event);
|
|
|
|
|
mysqli_stmt_execute($stmt);
|
|
|
|
|
|
|
|
|
|
$result = mysqli_stmt_get_result($stmt);
|
|
|
|
|
$row = mysqli_fetch_assoc($result);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_close($stmt);
|
|
|
|
|
|
|
|
|
|
return $row ? $row['titre'] : null;
|
2026-02-24 15:43:05 +00:00
|
|
|
}
|
|
|
|
|
|
2026-02-27 13:56:12 +00:00
|
|
|
function getEventImages($bdd, $event)
|
|
|
|
|
{
|
2026-02-24 15:43:05 +00:00
|
|
|
$results = mysqli_query(
|
|
|
|
|
$bdd,
|
|
|
|
|
"SELECT * FROM gallerie WHERE `event_id`='" . $event . "'"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$evenements = [];
|
|
|
|
|
|
|
|
|
|
while ($row = mysqli_fetch_assoc($results)) {
|
|
|
|
|
$evenements[] = $row;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $evenements;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-27 13:56:12 +00:00
|
|
|
function getEventBigImage($bdd, $event)
|
|
|
|
|
{
|
2026-02-24 15:43:05 +00:00
|
|
|
$stmt = mysqli_prepare(
|
|
|
|
|
$bdd,
|
|
|
|
|
"SELECT couverture FROM evenements WHERE id = ? LIMIT 1"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_bind_param($stmt, "s", $event);
|
|
|
|
|
mysqli_stmt_execute($stmt);
|
|
|
|
|
|
|
|
|
|
$result = mysqli_stmt_get_result($stmt);
|
|
|
|
|
$row = mysqli_fetch_assoc($result);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_close($stmt);
|
|
|
|
|
|
|
|
|
|
return $row ? $row['couverture'] : null;
|
2026-02-27 13:56:12 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function getUserPerms($bdd, $username)
|
|
|
|
|
{
|
|
|
|
|
$stmt = mysqli_prepare(
|
|
|
|
|
$bdd,
|
|
|
|
|
"SELECT permissions FROM utilisateurs WHERE username = ? LIMIT 1"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_bind_param($stmt, "s", $username);
|
|
|
|
|
mysqli_stmt_execute($stmt);
|
|
|
|
|
|
|
|
|
|
$result = mysqli_stmt_get_result($stmt);
|
|
|
|
|
$row = mysqli_fetch_assoc($result);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_close($stmt);
|
|
|
|
|
|
|
|
|
|
return $row ? $row['permissions'] : null;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function verifyPoids($bdd, $username, $minPoids) {
|
|
|
|
|
$sql = "SELECT p.poids
|
|
|
|
|
FROM utilisateurs u
|
|
|
|
|
INNER JOIN permissions p ON u.permissions = p.nom
|
|
|
|
|
WHERE u.username = ?";
|
|
|
|
|
|
|
|
|
|
$stmt = mysqli_prepare($bdd, $sql);
|
|
|
|
|
|
|
|
|
|
if ($stmt) {
|
|
|
|
|
mysqli_stmt_bind_param($stmt, "s", $username);
|
|
|
|
|
mysqli_stmt_execute($stmt);
|
|
|
|
|
|
|
|
|
|
$result = mysqli_stmt_get_result($stmt);
|
|
|
|
|
$row = mysqli_fetch_assoc($result);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_close($stmt);
|
|
|
|
|
|
|
|
|
|
if ($row) {
|
|
|
|
|
return (int)$row['poids'] >= (int)$minPoids;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
2026-03-04 13:26:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function updateEventTitle($bdd, $eventid, $titre){
|
|
|
|
|
$stmt = mysqli_prepare(
|
|
|
|
|
$bdd,
|
|
|
|
|
"UPDATE evenements SET titre = ? WHERE id = ?"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_bind_param($stmt, "si", $titre, $eventid);
|
|
|
|
|
mysqli_stmt_execute($stmt);
|
|
|
|
|
|
|
|
|
|
$success = mysqli_stmt_affected_rows($stmt) >= 0;
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_close($stmt);
|
|
|
|
|
|
|
|
|
|
return $success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function updateEventImage($bdd, $eventId, $newFileName){
|
|
|
|
|
$stmt = mysqli_prepare(
|
|
|
|
|
$bdd,
|
|
|
|
|
"UPDATE evenements SET couverture = ? WHERE id = ?"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_bind_param($stmt, "si", $newFileName, $eventId);
|
|
|
|
|
mysqli_stmt_execute($stmt);
|
|
|
|
|
|
|
|
|
|
$success = mysqli_stmt_affected_rows($stmt) >= 0;
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_close($stmt);
|
|
|
|
|
|
2026-03-04 16:34:46 +00:00
|
|
|
return $success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function getSpecificActus($bdd, $id)
|
|
|
|
|
{
|
|
|
|
|
$results = mysqli_query($bdd, "SELECT * FROM `actus` WHERE `id`=" . $id);
|
|
|
|
|
$return = [];
|
|
|
|
|
|
|
|
|
|
while ($row = mysqli_fetch_assoc($results)) {
|
|
|
|
|
$return[] = $row;
|
|
|
|
|
}
|
|
|
|
|
return $return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function updateActuImage($bdd, $actuId, $newFileName){
|
|
|
|
|
$stmt = mysqli_prepare(
|
|
|
|
|
$bdd,
|
|
|
|
|
"UPDATE actus SET image = ? WHERE id = ?"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_bind_param($stmt, "si", $newFileName, $actuId);
|
|
|
|
|
mysqli_stmt_execute($stmt);
|
|
|
|
|
|
|
|
|
|
$success = mysqli_stmt_affected_rows($stmt) >= 0;
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_close($stmt);
|
|
|
|
|
|
|
|
|
|
return $success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function updateActuTitle($bdd, $actuId, $titre){
|
|
|
|
|
$stmt = mysqli_prepare(
|
|
|
|
|
$bdd,
|
|
|
|
|
"UPDATE actus SET titre = ? WHERE id = ?"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_bind_param($stmt, "si", $titre, $actuId);
|
|
|
|
|
mysqli_stmt_execute($stmt);
|
|
|
|
|
|
|
|
|
|
$success = mysqli_stmt_affected_rows($stmt) >= 0;
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_close($stmt);
|
|
|
|
|
|
|
|
|
|
return $success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function updateActuContent($bdd, $actuId, $content){
|
|
|
|
|
$stmt = mysqli_prepare(
|
|
|
|
|
$bdd,
|
|
|
|
|
"UPDATE actus SET actu = ? WHERE id = ?"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_bind_param($stmt, "si", $content, $actuId);
|
|
|
|
|
mysqli_stmt_execute($stmt);
|
|
|
|
|
|
|
|
|
|
$success = mysqli_stmt_affected_rows($stmt) >= 0;
|
|
|
|
|
|
|
|
|
|
mysqli_stmt_close($stmt);
|
|
|
|
|
|
2026-03-04 13:26:06 +00:00
|
|
|
return $success;
|
2026-03-06 08:50:19 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function createEvent($bdd, $titre, $date, $site){
|
|
|
|
|
|
|
|
|
|
$sql = "INSERT INTO evenements (date, titre, couverture, site_id) VALUES (?, ?, '', ?)";
|
|
|
|
|
$req = $bdd->prepare($sql);
|
|
|
|
|
$req->bind_param("ssi", $date, $titre, $site);
|
|
|
|
|
$req->execute();
|
|
|
|
|
return $bdd->insert_id;
|
2026-02-24 14:26:25 +00:00
|
|
|
}
|
