Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once __DIR__ . '/databaseManager.php';
- use Nowaste\Database;
- class User
- {
- private $id;
- private $firstName;
- private $lastName;
- private $email;
- private $role;
- private $rue;
- private $postalCode;
- private $city;
- private $password;
- public function __construct($firstName, $lastName, $email, $role, $rue, $postalCode, $city, $password, $photo = null)
- {
- $this->setFirstName($firstName);
- $this->setLastName($lastName);
- $this->setEmail($email);
- $this->setRole($role);
- $this->setRue($rue);
- $this->setPostalCode($postalCode);
- $this->setCity($city);
- $this->setPassword($password);
- }
- public function registerUser()
- {
- // Sécuriser les entrées avec les setters
- // Vérifier que les informations rentrées sont bonnes
- $database = DatabaseManager::getManager();
- $this->email = htmlspecialchars($_POST['email']);
- $this->password = hash('sha256', $_POST['password']);
- $this->mdp2 = hash('sha256', $_POST['password2']);
- $this->role = htmlspecialchars($_POST['role']);
- $this->lastName = htmlspecialchars($_POST['nom']);
- $this->firstName = htmlspecialchars($_POST['prenom']);
- $this->rue = htmlspecialchars($_POST['rue']);
- $this->city = htmlspecialchars($_POST['ville']);
- $this->postalCode = htmlspecialchars($_POST['code_postal']);
- $mailexist = $database->exec("SELECT Email FROM utilisateurs WHERE Email = ?", [$this->email]);
- if (isset($_POST['forminscription'])) {
- if ($mailexist == 0) {
- if ($_POST['password'] == $_POST['password2']) {
- if ($this->role == "Benevole") {
- if(empty($_POST['conducteur']))
- {
- $_FILES['img_conducteur'] == 'default.jpg';
- }
- if(empty($_POST['cuisinier']))
- {
- $_FILES['img_cuisinier']['name'] == 'default.jpg';
- }
- if(empty($_POST['service']))
- {
- $_FILES['img_service'] == 'default.jpg';
- }
- if(empty($_POST['gardiennage']))
- {
- $_FILES['img_gardiennage'] == 'default.jpg';
- }
- if(empty($_POST['autre']))
- {
- $_FILES['img_autre'] == 'default.jpg';
- }
- $taillemax = 2097152; //taille de 2mo
- $extensionvalides = array('jpg', 'jpeg', 'png', 'gif');
- //var_dump($_FILES);
- if ($_FILES['img_conducteur']['size'] <= $taillemax
- AND $_FILES['img_cuisinier']['size'] <= $taillemax
- AND $_FILES['img_service']['size'] <= $taillemax
- AND $_FILES['img_gardiennage']['size'] <= $taillemax
- AND $_FILES['img_autre']['size'] <= $taillemax) //si la taille est < ou = a 2 mo
- {
- $extensionupload_con = strtolower(substr(strrchr($_FILES['img_conducteur']['name'], '.'), 1));
- $extensionupload_cui = strtolower(substr(strrchr($_FILES['img_cuisinier']['name'], '.'), 1));
- $extensionupload_ser = strtolower(substr(strrchr($_FILES['img_service']['name'], '.'), 1));
- $extensionupload_gar = strtolower(substr(strrchr($_FILES['img_gardiennage']['name'], '.'), 1));
- $extensionupload_aut = strtolower(substr(strrchr($_FILES['img_autre']['name'], '.'), 1));
- //strrchr renvoie l'extension avec le point (« . »).
- //substr(chaine,1) ignore le premier caractère de chaine.
- //strtolower met l'extension en minuscules.
- if (in_array($extensionupload_con, $extensionvalides)
- OR in_array($extensionupload_cui, $extensionvalides)
- OR in_array($extensionupload_ser, $extensionvalides)
- OR in_array($extensionupload_gar, $extensionvalides)
- OR in_array($extensionupload_aut, $extensionvalides)) // on regarde dans le tableau extensionvalide si la variable extensionupload y est.
- {
- $uniqueFilename = uniqid();
- $chemin = "img/" . $uniqueFilename . "." . $extensionupload_con; //chemin pour mettre l'image dans notre dossier
- $resultat = move_uploaded_file($_FILES['img_conducteur']['tmp_name'], $chemin);
- $uniqueFilename_2 = uniqid();
- $chemin = "img/" . $uniqueFilename . "." . $extensionupload_cui; //chemin pour mettre l'image dans notre dossier
- $resultat_2 = move_uploaded_file($_FILES['img_cuisinier']['tmp_name'], $chemin);
- if ($resultat OR $resultat_2) {
- $sql = 'INSERT INTO utilisateurs (Nom,Prenom,Email,Role,Rue,Code_postal,Ville,Pass,conducteur,cuisinier,service,gardiennage,autre,img_conducteur, img_cuisinier) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)';
- $insertInto = $database->exec($sql, [
- $this->lastName,
- $this->firstName,
- $this->email,
- $this->role,
- $this->rue,
- $this->postalCode,
- $this->city,
- $this->password,
- $_POST['conducteur'],
- $_POST['cuisinier'],
- $_POST['service'],
- $_POST['gardiennage'],
- $_POST['autre'],
- $uniqueFilename . "." . $extensionupload_con,
- $uniqueFilename_2 . "." . $extensionupload_cui
- ]);
- //header("Location: connexion.php");
- //exit();
- } else {
- $erreur = "<div class = 'alert alert-danger'> <strong> Erreur </strong></div>";
- if (isset($erreur)) {
- echo $erreur;
- }
- exit();
- }
- } else {
- $erreur = "<div class = 'alert alert-danger'> <strong> Vos photos doivent être au format : jpg / jpeg / png / gif </strong></div>";
- if (isset($erreur)) {
- echo $erreur;
- }
- exit();
- }
- } else {
- $erreur = "<div class = 'alert alert-danger'> <strong> Vos photos ne doivent pas dépasser 2 mo </strong></div>";
- if (isset($erreur)) {
- echo $erreur;
- }
- exit();
- }
- }
- $sql = 'INSERT INTO utilisateurs (Nom,Prenom,Email,Role,Rue,Code_postal,Ville,Pass) VALUES(?,?,?,?,?,?,?,?)';
- $insertInto = $database->exec($sql, [
- $this->lastName, $this->firstName, $this->email,
- $this->role, $this->rue, $this->postalCode, $this->city, $this->password
- ]);
- if ($this->role == "Commercant") {
- $sql = 'SELECT ID_Utilisateurs FROM utilisateurs WHERE Email = ?';
- $ID_Owner = $database->findOne($sql, [$this->email]);
- $this->nom_societe = htmlspecialchars($_POST['nom_societe']);
- $this->telephone_societe = htmlspecialchars($_POST['telephone_societe']);
- $this->adresse_societe = htmlspecialchars($_POST['adresse_societe']);
- $this->ville_societe = htmlspecialchars($_POST['ville_societe']);
- $this->code_postal_societe = htmlspecialchars($_POST['code_postal_societe']);
- $sql = 'INSERT INTO society
- (Nom, Tel, Rue, Ville, Code_Postal)
- VALUES
- ( ?, ?, ?, ?, ?)';
- $insertInto = $database->exec(
- $sql,
- [
- $this->nom_societe,
- $this->telephone_societe,
- $this->adresse_societe,
- $this->ville_societe,
- $this->code_postal_societe
- ]
- );
- $sql = 'SELECT ID_Society FROM society WHERE Tel = ?';
- $ID_Society = $database->findOne($sql, [$this->telephone_societe]);
- $ID_Owner = $ID_Owner["ID_Utilisateurs"];
- $ID_Society = $ID_Society["ID_Society"];
- $sql2 = 'INSERT INTO manage
- (ID_Society, ID_Utilisateurs)
- VALUES
- (?, ?)';
- $insertInto = $database->exec(
- $sql2,
- [
- $ID_Society,
- $ID_Owner
- ]
- );
- }
- //header('Location: connexion.php');
- //exit();
- } else {
- $erreur = "<div class = 'alert alert-danger'> <strong> Les mot de passe ne correspondent pas ! </strong></div>";
- if (isset($erreur)) {
- echo $erreur;
- }
- }
- } else {
- $erreur = "<div class = 'alert alert-danger'> <strong> Ce mail est déjà utilisé ! </strong></div>";
- if (isset($erreur)) {
- echo $erreur;
- }
- }
- }
- }
- public function connectUser()
- {
- $database = DatabaseManager::getManager();
- //$mailexist = $database->exec("SELECT Email FROM utilisateurs WHERE Email = ?", ['email']);
- $this->email = htmlspecialchars($_POST['email']);
- $this->password = hash('sha256', $_POST['password']);
- $sql = 'SELECT * FROM utilisateurs WHERE Email = ? AND Pass = ?';
- if (isset($_POST['formconnexion'])) {
- if (!empty($_POST['email']) and !empty($_POST['password'])) {
- $this->counter = $database->exec($sql, [$this->email, $this->password]);
- //$userexist = $database-> rowcount();
- if ($this->counter == 1) {
- $userinfo = $database->findOne($sql, [$this->email, $this->password]);
- //var_dump('userinfo :' . $userinfo);
- $_SESSION['ID_Utilisateurs'] = $userinfo['ID_Utilisateurs'];
- //$_SESSION['Prenom'] = $userinfo['Prenom'];
- //$_SESSION['Email'] = $userinfo['Email'];
- header('Location: profil.php');
- //var_dump($userinfo);
- exit();
- } else {
- $erreur = "<div class = 'alert alert-danger'> <strong> Email ou mot de passe incorrect</strong></div>";
- if (isset($erreur)) {
- echo $erreur;
- }
- }
- } else {
- $erreur = "<div class = 'alert alert-danger'> <strong>Tous les champs doivent être complétés ! </strong></div> ";
- if (isset($erreur)) {
- echo $erreur;
- }
- }
- }
- }
- public static function initSession()
- {
- //var_dump($_SESSION['Prenom']);
- $database = DatabaseManager::getManager();
- $sql = 'SELECT * FROM utilisateurs WHERE ID_Utilisateurs = ?';
- $sql_society = 'SELECT * FROM society WHERE ID_Society = ?';
- $sql_manage = 'SELECT ID_Society FROM manage WHERE ID_Utilisateurs = ?';
- if (!empty($_SESSION["ID_Utilisateurs"])) {
- $_SESSION['user'] = $database->findOne($sql, [$_SESSION["ID_Utilisateurs"]]);
- //$_SESSION['society'] = $database->findOne($sql,[$_SESSION["ID_Society"]]);
- if ($_SESSION['user']['Role'] == 'Commercant') {
- $ID_Society = $database->findOne($sql_manage, [$_SESSION["ID_Utilisateurs"]]);
- $ID_Society = $ID_Society["ID_Society"];
- $_SESSION['society'] = $database->findOne($sql_society, [$ID_Society]);
- }
- }
- }
- public function editSession()
- {
- if (isset($_SESSION['user'])) {
- $database = DatabaseManager::getManager();
- $this->newfirstname = htmlspecialchars($_POST['newfirstname']);
- $this->newlastname = htmlspecialchars($_POST['newlastname']);
- $this->newmail = htmlspecialchars($_POST['newmail']);
- $this->newmdp1 = hash('sha256', $_POST['newmdp1']);
- $this->newmdp2 = hash('sha256', $_POST['newmdp2']);
- $this->newadresse = htmlspecialchars($_POST['newadresse']);
- $this->newpostal = htmlspecialchars($_POST['newpostal']);
- $this->newcity = htmlspecialchars($_POST['newcity']);
- $sql3 = 'SELECT * FROM utilisateurs WHERE ID_Utilisateurs = ? ';
- $this->userinfo = $database->findOne($sql3, [$_SESSION["ID_Utilisateurs"]]);
- $requsername = 'SELECT * FROM utilisateurs WHERE Prenom = ? AND Nom = ? ';
- $this->usernameexist = $database->exec($requsername, [$this->newfirstname, $this->newlastname]);
- $reqmail = 'SELECT * FROM utilisateurs WHERE Email = ? ';
- $this->mailexist = $database->exec($reqmail, [$this->newmail]);
- if (isset($_POST['newfirstname']) and !empty($_POST['newfirstname']) and $_POST['newfirstname'] != $_SESSION["user"]["Prenom"]) {
- $insertpseudo = "UPDATE utilisateurs SET Prenom = ? WHERE ID_Utilisateurs = ?";
- $this->insertInto = $database->exec($insertpseudo, [$this->newfirstname, $_SESSION["ID_Utilisateurs"]]);
- $success = "<div class = 'alert alert-success'> <strong>Votre Prenom à été modifié avec succès </strong></div> ";
- if (isset($success)) {
- echo $success;
- }
- }
- if (isset($_POST['newlastname']) and !empty($_POST['newlastname']) and $_POST['newlastname'] != $_SESSION["user"]["Nom"]) {
- $insertpseudo = "UPDATE utilisateurs SET Nom = ? WHERE ID_Utilisateurs = ?";
- $this->insertInto = $database->exec($insertpseudo, [$this->newlastname, $_SESSION["ID_Utilisateurs"]]);
- $success = "<div class = 'alert alert-success'> <strong>Votre Nom à été changé avec succès </strong></div> ";
- if (isset($success)) {
- echo $success;
- }
- }
- if (isset($_POST['newmail']) and $_POST['newmail'] != $_SESSION["user"]["Email"] and !empty($_POST['newmail'])) {
- if ($this->mailexist == 0) {
- $insertmail = "UPDATE utilisateurs SET Email = ? WHERE ID_Utilisateurs = ?";
- $this->insertInto = $database->exec($insertmail, [$this->newmail, $_SESSION["ID_Utilisateurs"]]);
- $success = "<div class = 'alert alert-success'> <strong>Votre Email à été modifié avec succès </strong></div> ";
- if (isset($success)) {
- echo $success;
- }
- } else {
- $erreur = "<div class = 'alert alert-danger'> <strong>Un compte possède déjà cet Email</strong></div> ";
- if (isset($erreur)) {
- echo $erreur;
- }
- }
- }
- if (isset($_POST['newmdp1']) and !empty($_POST['newmdp1']) and isset($_POST['newmdp2']) and !empty($_POST['newmdp2'])) {
- if ($this->newmdp1 == $this->newmdp2) {
- $insertmdp = "UPDATE utilisateurs SET Pass = ? WHERE ID_Utilisateurs = ?";
- $this->insertInto = $database->exec($insertmdp, [$this->newmdp1, $_SESSION['ID_Utilisateurs']]);
- $success = "<div class = 'alert alert-success'> <strong>Votre mot de passe a bien été modifié</strong></div> ";
- if (isset($success)) {
- echo $success;
- }
- } else {
- $erreur = "<div class = 'alert alert-danger'> <strong>Mot de passe différents</strong></div> ";
- if (isset($erreur)) {
- echo $erreur;
- }
- }
- }
- if (isset($_POST['newadresse']) and !empty($_POST['newadresse'])) {
- if ($this->newadresse != $_SESSION["user"]['Rue']) {
- $insertadresse = "UPDATE utilisateurs SET Rue = ? WHERE ID_Utilisateurs = ?";
- $this->insertInto = $database->exec($insertadresse, [$this->newadresse, $_SESSION['ID_Utilisateurs']]);
- $success = "<div class = 'alert alert-success'> <strong>Votre Adresse a bien été modifié</strong></div> ";
- if (isset($success)) {
- echo $success;
- }
- }
- }
- if (isset($_POST['newpostal']) and !empty($_POST['newpostal'])) {
- if ($this->newpostal != $_SESSION["user"]['Code_Postal']) {
- $insertpostal = "UPDATE utilisateurs SET Code_Postal = ? WHERE ID_Utilisateurs = ?";
- $this->insertInto = $database->exec($insertpostal, [$this->newpostal, $_SESSION['ID_Utilisateurs']]);
- $success = "<div class = 'alert alert-success'> <strong>Votre Code postal à bien été modifié</strong></div> ";
- if (isset($success)) {
- echo $success;
- }
- }
- }
- if (isset($_POST['newcity']) and !empty($_POST['newcity'])) {
- if ($this->newcity != $_SESSION["user"]['Ville']) {
- $insertcity = "UPDATE utilisateurs SET Ville = ? WHERE ID_Utilisateurs = ?";
- $this->insertInto = $database->exec($insertcity, [$this->newcity, $_SESSION['ID_Utilisateurs']]);
- $success = "<div class = 'alert alert-success'> <strong>Votre Ville à bien été modifié</strong></div> ";
- if (isset($success)) {
- echo $success;
- }
- }
- }
- }
- }
- public function editSociety()
- {
- if (isset($_SESSION['society'])) {
- $database = DatabaseManager::getManager();
- $this->newsocietyname = htmlspecialchars($_POST['newsocietyname']);
- $this->newsocietyphone = htmlspecialchars($_POST['newsocietyphone']);
- $this->newsocietyadresse = htmlspecialchars($_POST['newsocietyadresse']);
- $this->newsocietycity = htmlspecialchars($_POST['newsocietycity']);
- $this->newsocietypostal = htmlspecialchars($_POST['newsocietypostal']);
- if (isset($_POST['newsocietyname']) and !empty($_POST['newsocietyname'])) {
- if ($this->newsocietyname != $_SESSION["society"]['Nom']) {
- $societyname = "UPDATE society SET Nom = ? WHERE ID_Society = ?";
- $this->insertInto = $database->exec($societyname, [$this->newsocietyname, $_SESSION["society"]['ID_Society']]);
- $success = "<div class = 'alert alert-success'> <strong>Le nom de votre société a bien été modifié</strong></div> ";
- if (isset($success)) {
- echo $success;
- }
- }
- }
- if (isset($_POST['newsocietyphone']) and !empty($_POST['newsocietyphone'])) {
- if ($this->newsocietyphone != $_SESSION["society"]['Tel']) {
- $societyphone = "UPDATE society SET Tel = ? WHERE ID_Society = ?";
- $this->insertInto = $database->exec($societyphone, [$this->newsocietyphone, $_SESSION["society"]['ID_Society']]);
- $success = "<div class = 'alert alert-success'> <strong>Le Numéro de téléphone a bien été modifié</strong></div> ";
- if (isset($success)) {
- echo $success;
- }
- }
- }
- if (isset($_POST['newsocietyadresse']) and !empty($_POST['newsocietyadresse'])) {
- if ($this->newsocietyadresse != $_SESSION["society"]['Rue']) {
- $societyadresse = "UPDATE society SET Rue = ? WHERE ID_Society = ?";
- $this->insertInto = $database->exec($societyadresse, [$this->newsocietyadresse, $_SESSION["society"]['ID_Society']]);
- $success = "<div class = 'alert alert-success'> <strong>Votre Adresse a bien été modifié</strong></div> ";
- if (isset($success)) {
- echo $success;
- }
- }
- }
- if (isset($_POST['newsocietycity']) and !empty($_POST['newsocietycity'])) {
- if ($this->newsocietycity != $_SESSION["society"]['Ville']) {
- $societycity = "UPDATE society SET Ville = ? WHERE ID_Society = ?";
- $this->insertInto = $database->exec($societycity, [$this->newsocietycity, $_SESSION["society"]['ID_Society']]);
- $success = "<div class = 'alert alert-success'> <strong>Votre Ville a bien été modifié</strong></div> ";
- if (isset($success)) {
- echo $success;
- }
- }
- }
- if (isset($_POST['newsocietypostal']) and !empty($_POST['newsocietypostal'])) {
- if ($this->newsocietypostal != $_SESSION["society"]['Code_Postal']) {
- $societypsotal = "UPDATE society SET Code_Postal = ? WHERE ID_Society = ?";
- $this->insertInto = $database->exec($societypsotal, [$this->newsocietypostal, $_SESSION["society"]['ID_Society']]);
- $success = "<div class = 'alert alert-success'> <strong>Votre Code postal a bien été modifié</strong></div> ";
- if (isset($success)) {
- echo $success;
- }
- }
- }
- }
- }
- // getter
- public function getId()
- {
- return $this->id;
- }
- public function getFirstName()
- {
- return $this->firstName;
- }
- public function getLastName()
- {
- return $this->lastName;
- }
- public function getEmail()
- {
- return $this->email;
- }
- public function getRole()
- {
- return $this->role;
- }
- public function getRue()
- {
- return $this->rue;
- }
- public function getPostalCode()
- {
- return $this->postalCode;
- }
- public function getCity()
- {
- return $this->city;
- }
- public function getPassword()
- {
- return $this->password;
- }
- //setter
- public function setId($id)
- {
- $this->id = $id;
- }
- public function setFirstName($firstName)
- {
- $this->firstName = $firstName;
- }
- public function setLastName($lastName)
- {
- $this->lastName = $lastName;
- }
- public function setEmail($email)
- {
- $this->email = $email;
- }
- public function setRole($role)
- {
- $this->role = $role;
- }
- public function setRue($rue)
- {
- $this->rue = $rue;
- }
- public function setPostalCode($postalCode)
- {
- $this->postalCode = $postalCode;
- }
- public function setCity($city)
- {
- $this->city = $city;
- }
- public function setPassword($password)
- {
- $this->password = $password;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement