tp5 bd

tp5-files/webapp/admin/do_login.php

@@ -0,0 +1,19 @@
+<?php
+ob_start();
+session_start();
+$_SESSION['login']=$_POST['login'];
+$_SESSION['password']=$_POST['password'];
+
+require_once("../db.inc.php");
+
+
+$login = $_POST['login'];
+$password = $_POST['password'];
+$query = "SELECT * FROM clients WHERE name='$login' AND password='$password' AND role='admin'";
+$result = pg_query($dbconn, $query) or die('Échec de la requête : ' . pg_last_error());
+
+if (pg_num_rows($result) > 0)
+  header('Location: print_clients.php');
+else
+  print "Authentication failed, $query";
+?>

tp5-files/webapp/admin/do_support.php

@@ -0,0 +1,32 @@
+<?php
+ob_start();
+session_start();
+echo "Login is ". $_SESSION['login'];
+echo "&nbsp;<a href=login.php?logout=1>Logout</a><br/><br/>";
+
+require_once("../db.inc.php");
+
+
+// Gestion des ajouts/suppressions
+if (isset($_POST['name'])) {  // Ajout d'un nouveau client
+	$name=$_POST['name'];
+	$email=$_POST['email'];
+	$comment=$_POST['comment'];
+	$password=$_POST['password'];
+        $role=$_POST['role'];
+	$query = "INSERT INTO clients (name, email, comment, password, role) VALUES ('$name','$email','$comment', '$password', '$role')";
+	pg_query($dbconn, $query) or die('Échec de la requête : ' . pg_last_error());
+}
+
+if (isset($_GET['delete'])) {   // Suppression d'un client
+	$id = $_GET['delete'];
+	$query = "DELETE FROM clients WHERE id='$id'";
+        pg_query($dbconn, $query) or die('Échec de la requête : ' . pg_last_error());
+}
+
+
+// Ferme la connexion
+pg_close($dbconn);
+
+header('Location: print_clients.php');
+?>

tp5-files/webapp/admin/index.php

@@ -0,0 +1,17 @@
+<?
+	session_start();
+	unset($_SESSION['login']);
+	unset($_SESSION['password']);
+?>
+
+<html><head><title>Login Admin</title></head>
+<body>
+<form action="do_login.php" method="post">
+Login: <input type="text" name="login"><br/>
+Password: <input type="password" name="password"><br/>
+<input type="submit" value="Submit">
+</form>
+</body>
+</html>
+
+

tp5-files/webapp/admin/print_clients.php

@@ -0,0 +1,45 @@
+<?php
+session_start();
+echo "Login is ". $_SESSION['login'];
+echo "&nbsp;<a href=index.php?logout=1>Logout</a><br/><br/>";
+
+require_once("../db.inc.php");
+
+// Affichage de la table des clients
+// Exécution de la requête SQL
+$query = 'SELECT * FROM clients';
+$result = pg_query($dbconn, $query) or die('Échec de la requête : ' . pg_last_error());
+
+// Affichage des résultats en HTML
+echo "<table border=1><tr><td>Name</td><td>Email</td><td>Comment</td><td>Role</td><td>Supprimer</td>\n";
+while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
+	$id=$line['id'];
+	$name=$line['name'];
+	$email=$line['email'];
+	$comment=$line['comment'];
+	$role=$line['role'];
+
+    echo "\t<tr><td>$name</td><td>$email</td><td>$comment</td><td>$role</td>\n";
+    echo "\t<td><a href=do_support.php?delete=".$id.">Supprimer</a></td></tr>\n";
+}
+echo "</table>\n";
+
+// Libère le résultat
+pg_free_result($result);
+
+// Ferme la connexion
+pg_close($dbconn);
+?>
+
+
+
+<br/><br/>
+Ajouter un client :<br/>
+<form action=do_support.php method=post>
+Name: <input type="text" name="name"><br/>
+Password: <input type="text" name="password"><br/>
+Role: <input type="text" name="role"><br/>
+Email: <input type="text" name="email"><br/>
+Comment: <input type="text" name="comment"><br/>
+<input type="submit" value="Submit">
+</form>