mirror of
https://github.com/BreizhHardware/Site-comptage-heure.git
synced 2026-01-18 16:17:28 +01:00
feat(user): Add user creation functionality for administrators
This commit is contained in:
@@ -42,3 +42,8 @@ elseif($method == "POST"){
|
||||
if($uri == "/admin/refuse") $cntrlApp->getRefuseResult();
|
||||
if($uri == "/admin/historique") $cntrlApp->getSpecificHistoric();
|
||||
}
|
||||
|
||||
if (isset($_GET['action']) && $_GET['action'] === 'adduser') {
|
||||
require_once 'src/appli/cntrlAddUser.php';
|
||||
exit();
|
||||
}
|
||||
|
||||
38
src/appli/cntrlAddUser.php
Normal file
38
src/appli/cntrlAddUser.php
Normal file
@@ -0,0 +1,38 @@
|
||||
<?php
|
||||
require_once "src/dao/DaoUser.php";
|
||||
require_once "src/appli/utils.php";
|
||||
require_once "src/dao/DaoSpeciality.php";
|
||||
|
||||
if (session_status() === PHP_SESSION_NONE) {
|
||||
session_start();
|
||||
}
|
||||
if (!isset($_SESSION['user']) || !$_SESSION['user']->getIsAdmin()) {
|
||||
header('Location: index.php');
|
||||
exit();
|
||||
}
|
||||
|
||||
$utils = new Utils();
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
$name = $_POST['name'] ?? '';
|
||||
$surname = $_POST['surname'] ?? '';
|
||||
$cycle = $_POST['cycle'] ?? '';
|
||||
$mail = $_POST['mail'] ?? '';
|
||||
$password = $_POST['password'] ?? '';
|
||||
$id_Speciality = $_POST['id_Speciality'] ?? '';
|
||||
$is_admin = isset($_POST['is_admin']) ? true : false;
|
||||
|
||||
if ($name && $surname && $cycle && $mail && $password && $id_Speciality) {
|
||||
$DaoUser = new DaoUser(getenv('DBHOST') ?: 'localhost', getenv('DBNAME') ?: 'bdehours', getenv('DBPORT') ?: 5432, getenv('DBUSER') ?: 'postgres', getenv('DBPASS') ?: 'Isen44N');
|
||||
$success = $DaoUser->addUser($name, $surname, $cycle, $mail, $password, $id_Speciality, $is_admin);
|
||||
if ($success) {
|
||||
header('Location: /admin');
|
||||
exit();
|
||||
} else {
|
||||
$utils->echoError("Erreur lors de la création de l'utilisateur.");
|
||||
}
|
||||
} else {
|
||||
$utils->echoError("Tous les champs sont obligatoires.");
|
||||
}
|
||||
}
|
||||
require_once "src/view/vadduser.php";
|
||||
@@ -30,4 +30,15 @@ class DaoSpeciality {
|
||||
return $speciality;
|
||||
}
|
||||
|
||||
public function getAllSpecialities() {
|
||||
$statement = $this->db->prepare("SELECT id, type FROM speciality ORDER BY id ASC");
|
||||
$statement->execute();
|
||||
$results = $statement->fetchAll(PDO::FETCH_ASSOC);
|
||||
$specialities = [];
|
||||
foreach ($results as $row) {
|
||||
$specialities[] = new Speciality($row['id'], $row['type']);
|
||||
}
|
||||
return $specialities;
|
||||
}
|
||||
|
||||
};
|
||||
@@ -49,4 +49,16 @@ class DaoUser {
|
||||
}
|
||||
return $users;
|
||||
}
|
||||
public function addUser($name, $surname, $cycle, $mail, $password, $id_speciality, $is_admin) {
|
||||
$hashedPassword = password_hash($password, PASSWORD_BCRYPT);
|
||||
$statement = $this->db->prepare("INSERT INTO users (name, surname, cycle, mail, password, id_speciality, is_admin) VALUES (:name, :surname, :cycle, :mail, :password, :id_speciality, :is_admin)");
|
||||
$statement->bindParam(":name", $name);
|
||||
$statement->bindParam(":surname", $surname);
|
||||
$statement->bindParam(":cycle", $cycle);
|
||||
$statement->bindParam(":mail", $mail);
|
||||
$statement->bindParam(":password", $hashedPassword);
|
||||
$statement->bindParam(":id_speciality", $id_speciality);
|
||||
$statement->bindParam(":is_admin", $is_admin, PDO::PARAM_BOOL);
|
||||
return $statement->execute();
|
||||
}
|
||||
};
|
||||
25
src/view/vadduser.php
Normal file
25
src/view/vadduser.php
Normal file
@@ -0,0 +1,25 @@
|
||||
<?php
|
||||
// Formulaire de création d'utilisateur (réservé aux administrateurs)
|
||||
?>
|
||||
<h2>Créer un nouvel utilisateur</h2>
|
||||
<form method="post" action="?action=adduser">
|
||||
<label>Nom : <input type="text" name="name" required></label><br>
|
||||
<label>Prénom : <input type="text" name="surname" required></label><br>
|
||||
<label>Cycle : <input type="text" name="cycle" required></label><br>
|
||||
<label>Email : <input type="email" name="mail" required></label><br>
|
||||
<label>Mot de passe : <input type="password" name="password" required></label><br>
|
||||
<label>Spécialité : <select name="id_Speciality" required>
|
||||
<?php
|
||||
// Affichage dynamique des spécialités
|
||||
require_once 'src/dao/DaoSpeciality.php';
|
||||
$daoSpec = new DaoSpeciality(getenv('DBHOST') ?: 'localhost', getenv('DBNAME') ?: 'bdehours', getenv('DBPORT') ?: 5432, getenv('DBUSER') ?: 'postgres', getenv('DBPASS') ?: 'Isen44N');
|
||||
$specialities = $daoSpec->getAllSpecialities();
|
||||
foreach ($specialities as $spec) {
|
||||
echo '<option value="' . $spec->getId() . '">' . htmlspecialchars($spec->getType()) . '</option>';
|
||||
}
|
||||
?>
|
||||
</select></label><br>
|
||||
<label>Administrateur : <input type="checkbox" name="is_admin" value="1"></label><br>
|
||||
<button type="submit">Créer l'utilisateur</button>
|
||||
</form>
|
||||
|
||||
@@ -1,4 +1,7 @@
|
||||
<?php require_once "header.php"; ?>
|
||||
<?php if (isset($_SESSION['user']) && $_SESSION['user']->getIsAdmin()) { ?>
|
||||
<a href="?action=adduser" class="btn btn-primary" style="margin-bottom: 20px;">Créer un utilisateur</a>
|
||||
<?php } ?>
|
||||
<div style="margin: 2%;">
|
||||
|
||||
<h3 class="" style="">Consulter un historique</h3>
|
||||
|
||||
Reference in New Issue
Block a user