wktr/intranet-apei
wktr/intranet-apei
1
0
Fork 0
Code Issues Wiki Activity
intranet-apei/Assets/functions.php

303 lines
No EOL
6.5 KiB
PHP
Raw Blame History

<?php
function getRaccourcis($bdd)
{
$results = mysqli_query($bdd, "SELECT * FROM `raccourcis`");
$return = [];
return $results;
}
function connectBDD($domain, $user, $password, $db)
{
$link = mysqli_connect($domain, $user, $password, $db);
if (!$link) {
die('Erreur de connexion');
} else {
mysqli_set_charset($link, "utf8");
return $link;
}
}
function getActus($bdd)
{
$results = mysqli_query($bdd, "SELECT * FROM `actus` ORDER BY `id` LIMIT 4");
$return = [];
return $results;
}
function validateCSRFToken($csrf_server, $csrf_client)
{
if (!hash_equals($csrf_server, $csrf_client)) {
echo ($csrf_client . " " . $csrf_server);
die('CSRF token validation failed');
}
return true;
}
function verifyPassword($hash_password, $tryPassword)
{
$hashTry = hash('sha256', $tryPassword);
if ($hash_password == $hashTry) {
return true;
}
return false;
}
function getHashPwd($bdd, $username)
{
$stmt = mysqli_prepare(
$bdd,
"SELECT password FROM utilisateurs WHERE username = ? LIMIT 1"
);
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$user = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
return $user; // retourne un tableau ou null
}
function getEvenements($bdd, $site)
{
$results = mysqli_query(
$bdd,
"SELECT * FROM evenements WHERE `site_id`='" . $site . "' ORDER BY date DESC"
);
$evenements = [];
while ($row = mysqli_fetch_assoc($results)) {
$evenements[] = $row;
}
return $evenements;
}
function getSite($bdd, $username)
{
$stmt = mysqli_prepare(
$bdd,
"SELECT site_id FROM utilisateurs WHERE username = ? LIMIT 1"
);
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$row = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
return $row ? $row['site_id'] : null;
}
function getSiteName($bdd, $site)
{
$stmt = mysqli_prepare(
$bdd,
"SELECT nom FROM site WHERE site_id = ? LIMIT 1"
);
mysqli_stmt_bind_param($stmt, "s", $site);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$row = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
return $row ? $row['nom'] : null;
}
function getEventName($bdd, $event)
{
$stmt = mysqli_prepare(
$bdd,
"SELECT titre FROM evenements WHERE id = ? LIMIT 1"
);
mysqli_stmt_bind_param($stmt, "s", $event);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$row = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
return $row ? $row['titre'] : null;
}
function getEventImages($bdd, $event)
{
$results = mysqli_query(
$bdd,
"SELECT * FROM gallerie WHERE `event_id`='" . $event . "'"
);
$evenements = [];
while ($row = mysqli_fetch_assoc($results)) {
$evenements[] = $row;
}
return $evenements;
}
function getEventBigImage($bdd, $event)
{
$stmt = mysqli_prepare(
$bdd,
"SELECT couverture FROM evenements WHERE id = ? LIMIT 1"
);
mysqli_stmt_bind_param($stmt, "s", $event);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$row = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
return $row ? $row['couverture'] : null;
}
function getUserPerms($bdd, $username)
{
$stmt = mysqli_prepare(
$bdd,
"SELECT permissions FROM utilisateurs WHERE username = ? LIMIT 1"
);
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$row = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
return $row ? $row['permissions'] : null;
}
function verifyPoids($bdd, $username, $minPoids) {
$sql = "SELECT p.poids
FROM utilisateurs u
INNER JOIN permissions p ON u.permissions = p.nom
WHERE u.username = ?";
$stmt = mysqli_prepare($bdd, $sql);
if ($stmt) {
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$row = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
if ($row) {
return (int)$row['poids'] >= (int)$minPoids;
}
}
return false;
}
function updateEventTitle($bdd, $eventid, $titre){
$stmt = mysqli_prepare(
$bdd,
"UPDATE evenements SET titre = ? WHERE id = ?"
);
mysqli_stmt_bind_param($stmt, "si", $titre, $eventid);
mysqli_stmt_execute($stmt);
$success = mysqli_stmt_affected_rows($stmt) >= 0;
mysqli_stmt_close($stmt);
return $success;
}
function updateEventImage($bdd, $eventId, $newFileName){
$stmt = mysqli_prepare(
$bdd,
"UPDATE evenements SET couverture = ? WHERE id = ?"
);
mysqli_stmt_bind_param($stmt, "si", $newFileName, $eventId);
mysqli_stmt_execute($stmt);
$success = mysqli_stmt_affected_rows($stmt) >= 0;
mysqli_stmt_close($stmt);
return $success;
}
function getSpecificActus($bdd, $id)
{
$results = mysqli_query($bdd, "SELECT * FROM `actus` WHERE `id`=" . $id);
$return = [];
while ($row = mysqli_fetch_assoc($results)) {
$return[] = $row;
}
return $return;
}
function updateActuImage($bdd, $actuId, $newFileName){
$stmt = mysqli_prepare(
$bdd,
"UPDATE actus SET image = ? WHERE id = ?"
);
mysqli_stmt_bind_param($stmt, "si", $newFileName, $actuId);
mysqli_stmt_execute($stmt);
$success = mysqli_stmt_affected_rows($stmt) >= 0;
mysqli_stmt_close($stmt);
return $success;
}
function updateActuTitle($bdd, $actuId, $titre){
$stmt = mysqli_prepare(
$bdd,
"UPDATE actus SET titre = ? WHERE id = ?"
);
mysqli_stmt_bind_param($stmt, "si", $titre, $actuId);
mysqli_stmt_execute($stmt);
$success = mysqli_stmt_affected_rows($stmt) >= 0;
mysqli_stmt_close($stmt);
return $success;
}
function updateActuContent($bdd, $actuId, $content){
$stmt = mysqli_prepare(
$bdd,
"UPDATE actus SET actu = ? WHERE id = ?"
);
mysqli_stmt_bind_param($stmt, "si", $content, $actuId);
mysqli_stmt_execute($stmt);
$success = mysqli_stmt_affected_rows($stmt) >= 0;
mysqli_stmt_close($stmt);
return $success;
}
Reference in a new issue View git blame Copy permalink