bouton d'ajout d'actus et résolution de problèmes

Assets/functions.php

@@ -19,11 +19,14 @@ function connectBDD($domain, $user, $password, $db)
     }
 }
 
-function getActus($bdd)
+function getActus($bdd, $limit)
 {
-    $results = mysqli_query($bdd, "SELECT * FROM `actus` ORDER BY `id` LIMIT 4");
-    $return = [];
-    return $results;
+    $results = mysqli_query($bdd, "SELECT * FROM actus ORDER BY id DESC LIMIT ".$limit);
+    $actus = [];
+    while ($row = mysqli_fetch_assoc($results)) {
+        $actus[] = $row;
+    }
+    return $actus;
 }
 
 function validateCSRFToken($csrf_server, $csrf_client)
@@ -227,13 +230,13 @@ function updateEventTitle($bdd, $eventid, $titre){
     return $success;
 }
 
-function updateEventImage($bdd, $eventId, $newFileName){
+function updateEventImage($bdd, $eventId, $image){
     $stmt = mysqli_prepare(
         $bdd,
         "UPDATE evenements SET couverture = ? WHERE id = ?"
     );
 
-    mysqli_stmt_bind_param($stmt, "si", $newFileName, $eventId);
+    mysqli_stmt_bind_param($stmt, "si", $image, $eventId);
     mysqli_stmt_execute($stmt);
 
     $success = mysqli_stmt_affected_rows($stmt) >= 0;
@@ -254,13 +257,13 @@ function getSpecificActus($bdd, $id)
     return $return;
 }
 
-function updateActuImage($bdd, $actuId, $newFileName){
+function updateActuImage($bdd, $actuId, $image){
     $stmt = mysqli_prepare(
         $bdd,
         "UPDATE actus SET image = ? WHERE id = ?"
     );
 
-    mysqli_stmt_bind_param($stmt, "si", $newFileName, $actuId);
+    mysqli_stmt_bind_param($stmt, "si", $image, $actuId);
     mysqli_stmt_execute($stmt);
 
     $success = mysqli_stmt_affected_rows($stmt) >= 0;
@@ -326,3 +329,16 @@ function deleteActu($bdd, $eventId){
     $req->execute();
     return $req->affected_rows > 0;
 }
+
+function createActu($bdd, $titre, $actu, $date, $idSite){
+
+    $stmt = mysqli_prepare(
+        $bdd,
+        "INSERT INTO actus (titre, actu, date, idSite) VALUES (?, ?, ?, ?)"
+    );
+    mysqli_stmt_bind_param($stmt, "sssi", $titre, $actu, $date, $idSite);
+    mysqli_stmt_execute($stmt);
+    $actuId = mysqli_insert_id($bdd);
+    mysqli_stmt_close($stmt);
+    return $actuId;
+}

admin/createActu.php

@@ -0,0 +1,169 @@
+<?php
+include("../Assets/functions.php");
+
+$config = json_decode(file_get_contents("../Assets/config.json"), true);
+$bdd = connectBDD("localhost", $config["BDD_USER"], $config["BDD_PASSWD"], $config["BDD_NAME"]);
+
+session_start();
+
+if (!isset($_SESSION['connected']) || $_SESSION['connected'] == false) {
+    header('location: login.php?redirect_to=./admin/');
+    exit;
+}
+
+$minPoids = 50;
+if (!verifyPoids($bdd, $_SESSION['username'], $minPoids)) {
+    header('location: ../index.php');
+    exit;
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+
+    if (!empty($_FILES['image']['name']) && !empty($_POST['title']) && !empty($_POST['content'])) {
+
+        $uploadDir = "../Photos/INTRANET/actus/";
+        $fileTmpPath = $_FILES["image"]["tmp_name"];
+        $fileSize = $_FILES["image"]["size"];
+
+        $finfo = finfo_open(FILEINFO_MIME_TYPE);
+        $mime = finfo_file($finfo, $fileTmpPath);
+        finfo_close($finfo);
+
+        $allowedTypes = ['image/jpeg', 'image/png', 'image/gif'];
+
+        if (in_array($mime, $allowedTypes) && $fileSize <= 5 * 1024 * 1024) {
+            $actuId = createActu(
+                $bdd,
+                $_POST['title'],
+                $_POST['content'],
+                date('Y-m-d'),
+                $_SESSION['site']
+            );
+
+            $extension = pathinfo($_FILES["image"]["name"], PATHINFO_EXTENSION);
+            $newFileName = "actu_" . $actuId . "_" . time() . "." . $extension;
+
+            $destination = $uploadDir . $newFileName;
+            if (move_uploaded_file($fileTmpPath, $destination)) {
+                updateActuImage($bdd, $actuId, $newFileName);
+            } else {
+                die('Erreur lors de l\'upload de l\'image.');
+            }
+        } else {
+            die('Type de fichier non autorisé ou fichier trop volumineux.');
+        }
+    }
+
+    header("Location: ?id=" . $actuId);
+    exit;
+}
+?>
+
+<!DOCTYPE html>
+<html lang="fr">
+
+<head>
+    <meta charset="UTF-8">
+    <title>Gestion Intranet</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
+
+    <style>
+        .preview-box {
+            height: 220px;
+            border: 2px dashed #ddd;
+            border-radius: 8px;
+            display: flex;
+            align-items: center;
+            justify-content: center;
+            overflow: hidden;
+            background: #fafafa;
+        }
+
+        .preview-box img {
+            max-height: 100%;
+            max-width: 100%;
+        }
+    </style>
+
+</head>
+
+<body class="container py-4">
+
+    <h1>Gestion de l'intranet</h1>
+
+    <nav class="navbar navbar-expand-lg navbar-light bg-light mb-4">
+        <div class="collapse navbar-collapse">
+            <ul class="navbar-nav mr-auto">
+                <li class="nav-item">
+                    <a href="./index.php" class="nav-link">Évènements</a>
+                </li>
+                <li class="nav-item">
+                    <a href="#" class="nav-link">Actualités</a>
+                </li>
+                <li class="nav-item">
+                    <a href="#" class="nav-link disabled">Administration</a>
+                </li>
+            </ul>
+        </div>
+    </nav>
+
+    <div class="card p-4">
+        <form action="" method="post" enctype="multipart/form-data">
+            <div class="mb-3">
+                <label class="form-label">Titre de l'actualité</label>
+                <input type="text"
+                    name="title"
+                    class="form-control">
+            </div>
+
+            <div class="mb-3">
+                <label class="form_label">Nouveau contenu de l'actualité</label>
+                <textarea name="content" id="content"></textarea>
+            </div>
+
+            <div class="mb-3">
+                <label class="form-label">Nouvelle image de l'actu</label>
+
+                <div id="preview" class="preview-box mb-2">
+                    <span class="text-muted">Aucune image sélectionnée</span>
+                </div>
+
+                <input type="file"
+                    name="image"
+                    id="image"
+                    class="form-control"
+                    accept="image/*">
+            </div>
+
+            <button type="submit" class="btn btn-primary">
+                Enregistrer l'actualité
+            </button>
+
+        </form>
+
+    </div>
+
+    <script>
+        const input = document.getElementById('image');
+        const preview = document.getElementById('preview');
+
+        input.addEventListener('change', function() {
+            const file = this.files[0];
+
+            if (file) {
+                const reader = new FileReader();
+
+                reader.onload = function(e) {
+                    preview.innerHTML =
+                        `<img src="${e.target.result}" alt="Preview">`;
+                };
+
+                reader.readAsDataURL(file);
+            }
+        });
+    </script>
+
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
+</body>
+
+</html>

admin/modifyActuality.php

@@ -10,7 +10,7 @@ if (!isset($_SESSION['connected']) || $_SESSION['connected'] == false) {
     header('location: login.php?redirect_to=./admin/');
 }
 
-$actualites = getActus($bdd);
+$actualites = getActus($bdd, 99);
 
 /* Récupération des infos */
 $permissions = $_SESSION['permission'];

index.php

@@ -20,7 +20,7 @@ $prefixe = $config["LOCAL_IMG_PREFIXE"]."actus/";
     <!-- Carousel -->
     <ul id="carousel" class="carousel">
     <?php 
-    $actus = getActus($bdd);
+    $actus = getActus($bdd, 4);
     foreach ($actus as $actu): ?>
         <li data-accName="<?= htmlspecialchars($actu["id"]) ?>" class="carousel">
             <h2><?= htmlspecialchars($actu["titre"]) ?></h2>