Nouvelle version complète (remplacement total)

2025-11-02 22:39:12 +01:00
commit 1a5e015663
14 changed files with 253 additions and 0 deletions
--- a/public/.DS_Store
+++ b/public/.DS_Store
--- a/public/add.php
+++ b/public/add.php
@@ -0,0 +1,34 @@
+<?php
+session_start();
+require_once '../includes/db.php';
+require_once '../includes/header.php';
+
+if (!isset($_SESSION['user'])) {
+    header("Location: login.php");
+    exit;
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $titre = $_POST['titre'] ?? '';
+    $contenu = $_POST['contenu'] ?? '';
+
+    if ($titre && $contenu) {
+        $stmt = $pdo->prepare("INSERT INTO articles (titre, contenu, date_creation) VALUES (?, ?, NOW())");
+        $stmt->execute([$titre, $contenu]);
+        echo "<p>Article ajouté avec succès.</p>";
+    } else {
+        echo "<p style='color:red;'>Veuillez remplir tous les champs.</p>";
+    }
+}
+?>
+
+<h2>Ajouter un article</h2>
+<form method="post">
+    <label>Titre :</label><br>
+    <input type="text" name="titre" required><br><br>
+    <label>Contenu :</label><br>
+    <textarea name="contenu" rows="5" required></textarea><br><br>
+    <input type="submit" value="Ajouter">
+</form>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/public/admin.php
+++ b/public/admin.php
@@ -0,0 +1,22 @@
+<?php
+session_start();
+require_once '../includes/db.php';
+require_once '../includes/header.php';
+
+if (!isset($_SESSION['user'])) {
+    header("Location: login.php");
+    exit;
+}
+?>
+
+<h2>Tableau de bord</h2>
+<p>Bienvenue, <?= htmlspecialchars($_SESSION['user']) ?> !</p>
+
+<ul>
+    <li><a href="add.php">Ajouter un article</a></li>
+    <li><a href="edit.php">Modifier un article</a></li>
+    <li><a href="delete.php">Supprimer un article</a></li>
+    <li><a href="index.php">Voir les articles</a></li>
+</ul>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/public/article.php
+++ b/public/article.php
@@ -0,0 +1,30 @@
+<?php
+require_once '../includes/db.php';
+require_once '../includes/header.php';
+
+$id = $_GET['id'] ?? null;
+
+if (!$id || !is_numeric($id)) {
+    echo "<p>Article introuvable (404)</p>";
+    require_once '../includes/footer.php';
+    exit;
+}
+
+$stmt = $pdo->prepare("SELECT * FROM articles WHERE id = ?");
+$stmt->execute([$id]);
+$article = $stmt->fetch();
+
+if (!$article) {
+    echo "<p>Article introuvable (404)</p>";
+    require_once '../includes/footer.php';
+    exit;
+}
+?>
+<article>
+    <h2><?= htmlspecialchars($article['titre']) ?></h2>
+    <p><?= nl2br(htmlspecialchars($article['contenu'])) ?></p>
+    <small>Publié le <?= $article['date_creation'] ?></small>
+</article>
+
+<?php require_once '../includes/footer.php'; ?>
+
--- a/public/edit.php
+++ b/public/edit.php
@@ -0,0 +1,50 @@
+<?php
+session_start();
+require_once '../includes/db.php';
+require_once '../includes/header.php';
+
+if (!isset($_SESSION['user'])) {
+    header("Location: login.php");
+    exit;
+}
+
+$id = $_GET['id'] ?? null;
+if (!$id || !is_numeric($id)) {
+    echo "<p>Article introuvable (404)</p>";
+    require_once '../includes/footer.php';
+    exit;
+}
+
+$stmt = $pdo->prepare("SELECT * FROM articles WHERE id = ?");
+$stmt->execute([$id]);
+$article = $stmt->fetch();
+
+if (!$article) {
+    echo "<p>Article introuvable (404)</p>";
+    require_once '../includes/footer.php';
+    exit;
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $titre = $_POST['titre'] ?? '';
+    $contenu = $_POST['contenu'] ?? '';
+    if ($titre && $contenu) {
+        $stmt = $pdo->prepare("UPDATE articles SET titre=?, contenu=? WHERE id=?");
+        $stmt->execute([$titre, $contenu, $id]);
+        echo "<p>Article mis à jour avec succès.</p>";
+    } else {
+        echo "<p style='color:red;'>Veuillez remplir tous les champs.</p>";
+    }
+}
+?>
+
+<h2>Modifier l'article</h2>
+<form method="post">
+    <label>Titre :</label><br>
+    <input type="text" name="titre" value="<?= htmlspecialchars($article['titre']) ?>" required><br><br>
+    <label>Contenu :</label><br>
+    <textarea name="contenu" rows="5" required><?= htmlspecialchars($article['contenu']) ?></textarea><br><br>
+    <input type="submit" value="Modifier">
+</form>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/public/login.php
+++ b/public/login.php
@@ -0,0 +1,34 @@
+<?php
+session_start();
+require_once '../includes/db.php';
+require_once '../includes/header.php';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $login = $_POST['login'] ?? '';
+    $password = $_POST['password'] ?? '';
+
+    $stmt = $pdo->prepare("SELECT * FROM utilisateur WHERE login = ?");
+    $stmt->execute([$login]);
+    $user = $stmt->fetch();
+
+    if ($user && password_verify($password, $user['password'])) {
+        $_SESSION['user'] = $user['login'];
+        header("Location: admin.php");
+        exit;
+    } else {
+        $error = "Identifiants incorrects";
+    }
+}
+?>
+
+<h2>Connexion administrateur</h2>
+<?php if (!empty($error)) echo "<p style='color:red;'>$error</p>"; ?>
+<form method="post">
+    <label>Login :</label><br>
+    <input type="text" name="login" required><br><br>
+    <label>Mot de passe :</label><br>
+    <input type="password" name="password" required><br><br>
+    <input type="submit" value="Se connecter">
+</form>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/public/logout.php
+++ b/public/logout.php
@@ -0,0 +1,7 @@
+<?php
+session_start();
+session_destroy();
+header("Location: login.php");
+exit;  
+
+