fichiers php sur src\admin

2025-11-02 22:17:33 +00:00
parent 20144d413d
commit 3ec0c90870
5 changed files with 194 additions and 0 deletions
--- a/src/admin/ad_article.php
+++ b/src/admin/ad_article.php
@@ -0,0 +1,32 @@
+<?php
+session_start();
+require_once '../includes/config.php';
+require_once '../includes/functions.php';
+
+if (!isLoggedIn()) {
+    redirect('login.php');
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $titre = $_POST['titre'];
+    $contenu = $_POST['contenu'];
+
+    $stmt = $pdo->prepare("INSERT INTO articles (titre, contenu) VALUES (?, ?)");
+    $stmt->execute([$titre, $contenu]);
+
+    redirect('dashboard.php');
+}
+?>
+
+<?php require_once '../includes/header.php'; ?>
+
+<main>
+    <h1>Ajouter un article</h1>
+    <form method="post">
+        <input type="text" name="titre" placeholder="Titre" required>
+        <textarea name="contenu" placeholder="Contenu" required></textarea>
+        <button type="submit">Ajouter</button>
+    </form>
+</main>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/src/admin/dashboard.php
+++ b/src/admin/dashboard.php
@@ -0,0 +1,38 @@
+<?php
+session_start();
+require_once '../includes/config.php';
+require_once '../includes/functions.php';
+
+if (!isLoggedIn()) {
+    redirect('login.php');
+}
+
+$stmt = $pdo->query("SELECT * FROM articles ORDER BY date_creation DESC");
+$articles = $stmt->fetchAll(PDO::FETCH_ASSOC);
+?>
+
+<?php require_once '../includes/header.php'; ?>
+
+<main>
+    <h1>Tableau de bord</h1>
+    <p><a href="add_article.php">Ajouter un article</a></p>
+    <table>
+        <tr>
+            <th>Titre</th>
+            <th>Date</th>
+            <th>Actions</th>
+        </tr>
+        <?php foreach ($articles as $article) : ?>
+        <tr>
+            <td><?= htmlspecialchars($article['titre']) ?></td>
+            <td><?= $article['date_creation'] ?></td>
+            <td>
+                <a href="edit_article.php?id=<?= $article['id'] ?>">Modifier</a>
+                <a href="delete_article.php?id=<?= $article['id'] ?>">Supprimer</a>
+            </td>
+        </tr>
+        <?php endforeach; ?>
+    </table>
+</main>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/src/admin/delete_article.php
+++ b/src/admin/delete_article.php
@@ -0,0 +1,42 @@
+<?php
+session_start();
+require_once '../includes/config.php';
+require_once '../includes/functions.php';
+
+if (!isLoggedIn()) {
+    redirect('login.php');
+}
+
+if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
+    redirect('dashboard.php');
+}
+
+$id = $_GET['id'];
+$stmt = $pdo->prepare("SELECT * FROM articles WHERE id = ?");
+$stmt->execute([$id]);
+$article = $stmt->fetch(PDO::FETCH_ASSOC);
+
+if (!$article) {
+    redirect('dashboard.php');
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $stmt = $pdo->prepare("DELETE FROM articles WHERE id = ?");
+    $stmt->execute([$id]);
+
+    redirect('dashboard.php');
+}
+?>
+
+<?php require_once '../includes/header.php'; ?>
+
+<main>
+    <h1>Supprimer l'article</h1>
+    <p>Êtes-vous sûr de vouloir supprimer "<?= htmlspecialchars($article['titre']) ?>" ?</p>
+    <form method="post">
+        <button type="submit">Oui, supprimer</button>
+        <a href="dashboard.php">Annuler</a>
+    </form>
+</main>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/src/admin/edit_article.php
+++ b/src/admin/edit_article.php
@@ -0,0 +1,45 @@
+<?php
+session_start();
+require_once '../includes/config.php';
+require_once '../includes/functions.php';
+
+if (!isLoggedIn()) {
+    redirect('login.php');
+}
+
+if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
+    redirect('dashboard.php');
+}
+
+$id = $_GET['id'];
+$stmt = $pdo->prepare("SELECT * FROM articles WHERE id = ?");
+$stmt->execute([$id]);
+$article = $stmt->fetch(PDO::FETCH_ASSOC);
+
+if (!$article) {
+    redirect('dashboard.php');
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $titre = $_POST['titre'];
+    $contenu = $_POST['contenu'];
+
+    $stmt = $pdo->prepare("UPDATE articles SET titre = ?, contenu = ? WHERE id = ?");
+    $stmt->execute([$titre, $contenu, $id]);
+
+    redirect('dashboard.php');
+}
+?>
+
+<?php require_once '../includes/header.php'; ?>
+
+<main>
+    <h1>Modifier l'article</h1>
+    <form method="post">
+        <input type="text" name="titre" value="<?= htmlspecialchars($article['titre']) ?>" required>
+        <textarea name="contenu" required><?= htmlspecialchars($article['contenu']) ?></textarea>
+        <button type="submit">Enregistrer</button>
+    </form>
+</main>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/src/admin/login.php
+++ b/src/admin/login.php
@@ -0,0 +1,37 @@
+<?php
+session_start();
+require_once '../includes/config.php';
+require_once '../includes/functions.php';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $login = $_POST['login'];
+    $password = $_POST['password'];
+
+    $stmt = $pdo->prepare("SELECT * FROM utilisateur WHERE login = ?");
+    $stmt->execute([$login]);
+    $user = $stmt->fetch(PDO::FETCH_ASSOC);
+
+    if ($user && password_verify($password, $user['password'])) {
+        $_SESSION['user_id'] = $user['id'];
+        redirect('dashboard.php');
+    } else {
+        $error = "Identifiants incorrects.";
+    }
+}
+?>
+
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Connexion</title>
+</head>
+<body>
+    <h1>Connexion</h1>
+    <?php if (isset($error)) echo "<p style='color:red;'>$error</p>"; ?>
+    <form method="post">
+        <input type="text" name="login" placeholder="Login" required>
+        <input type="password" name="password" placeholder="Mot de passe" required>
+        <button type="submit">Se connecter</button>
+    </form>
+</body>
+</html>