Refonte complète du projet

2025-11-02 19:53:50 +01:00
commit 20df067b19
16 changed files with 326 additions and 0 deletions
--- a/public/add.php
+++ b/public/add.php
@@ -0,0 +1,34 @@
+<?php
+session_start();
+require_once '../includes/db.php';
+require_once '../includes/header.php';
+
+if (!isset($_SESSION['user'])) {
+    header("Location: login.php");
+    exit;
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $titre = $_POST['titre'] ?? '';
+    $contenu = $_POST['contenu'] ?? '';
+
+    if ($titre && $contenu) {
+        $stmt = $pdo->prepare("INSERT INTO articles (titre, contenu, date_creation) VALUES (?, ?, NOW())");
+        $stmt->execute([$titre, $contenu]);
+        echo "<p>Article ajouté avec succès.</p>";
+    } else {
+        echo "<p style='color:red;'>Veuillez remplir tous les champs.</p>";
+    }
+}
+?>
+
+<h2>Ajouter un article</h2>
+<form method="post">
+    <label>Titre :</label><br>
+    <input type="text" name="titre" required><br><br>
+    <label>Contenu :</label><br>
+    <textarea name="contenu" rows="5" required></textarea><br><br>
+    <input type="submit" value="Ajouter">
+</form>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/public/admin.php
+++ b/public/admin.php
@@ -0,0 +1,22 @@
+<?php
+session_start();
+require_once '../includes/db.php';
+require_once '../includes/header.php';
+
+if (!isset($_SESSION['user'])) {
+    header("Location: login.php");
+    exit;
+}
+?>
+
+<h2>Tableau de bord</h2>
+<p>Bienvenue, <?= htmlspecialchars($_SESSION['user']) ?> !</p>
+
+<ul>
+    <li><a href="add.php">Ajouter un article</a></li>
+    <li><a href="edit.php">Modifier un article</a></li>
+    <li><a href="delete.php">Supprimer un article</a></li>
+    <li><a href="index.php">Voir les articles</a></li>
+</ul>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/public/article.php
+++ b/public/article.php
@@ -0,0 +1,29 @@
+<?php
+require_once '../includes/db.php';
+require_once '../includes/header.php';
+
+$id = $_GET['id'] ?? null;
+
+if (!$id || !is_numeric($id)) {
+    echo "<p>Article introuvable (404)</p>";
+    require_once '../includes/footer.php';
+    exit;
+}
+
+$stmt = $pdo->prepare("SELECT * FROM articles WHERE id = ?");
+$stmt->execute([$id]);
+$article = $stmt->fetch();
+
+if (!$article) {
+    echo "<p>Article introuvable (404)</p>";
+    require_once '../includes/footer.php';
+    exit;
+}
+?>
+<article>
+    <h2><?= htmlspecialchars($article['titre']) ?></h2>
+    <p><?= nl2br(htmlspecialchars($article['contenu'])) ?></p>
+    <small>Publié le <?= $article['date_creation'] ?></small>
+</article>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/public/delete.php
+++ b/public/delete.php
@@ -0,0 +1,45 @@
+<?php
+session_start();
+require_once '../includes/db.php';
+require_once '../includes/header.php';
+
+if (!isset($_SESSION['user'])) {
+    header("Location: login.php");
+    exit;
+}
+
+$id = $_GET['id'] ?? null;
+if (!$id || !is_numeric($id)) {
+    echo "<p>Article introuvable (404)</p>";
+    require_once '../includes/footer.php';
+    exit;
+}
+
+$stmt = $pdo->prepare("SELECT * FROM articles WHERE id = ?");
+$stmt->execute([$id]);
+$article = $stmt->fetch();
+
+if (!$article) {
+    echo "<p>Article introuvable (404)</p>";
+    require_once '../includes/footer.php';
+    exit;
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $stmt = $pdo->prepare("DELETE FROM articles WHERE id = ?");
+    $stmt->execute([$id]);
+    echo "<p>Article supprimé avec succès.</p>";
+    echo '<a href="admin.php">Retour au tableau de bord</a>';
+    require_once '../includes/footer.php';
+    exit;
+}
+?>
+
+<h2>Supprimer l'article</h2>
+<p>Êtes-vous sûr de vouloir supprimer l'article "<strong><?= htmlspecialchars($article['titre']) ?></strong>" ?</p>
+<form method="post">
+    <input type="submit" value="Oui, supprimer">
+    <a href="admin.php">Annuler</a>
+</form>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/public/edit.php
+++ b/public/edit.php
@@ -0,0 +1,50 @@
+<?php
+session_start();
+require_once '../includes/db.php';
+require_once '../includes/header.php';
+
+if (!isset($_SESSION['user'])) {
+    header("Location: login.php");
+    exit;
+}
+
+$id = $_GET['id'] ?? null;
+if (!$id || !is_numeric($id)) {
+    echo "<p>Article introuvable (404)</p>";
+    require_once '../includes/footer.php';
+    exit;
+}
+
+$stmt = $pdo->prepare("SELECT * FROM articles WHERE id = ?");
+$stmt->execute([$id]);
+$article = $stmt->fetch();
+
+if (!$article) {
+    echo "<p>Article introuvable (404)</p>";
+    require_once '../includes/footer.php';
+    exit;
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $titre = $_POST['titre'] ?? '';
+    $contenu = $_POST['contenu'] ?? '';
+    if ($titre && $contenu) {
+        $stmt = $pdo->prepare("UPDATE articles SET titre=?, contenu=? WHERE id=?");
+        $stmt->execute([$titre, $contenu, $id]);
+        echo "<p>Article mis à jour avec succès.</p>";
+    } else {
+        echo "<p style='color:red;'>Veuillez remplir tous les champs.</p>";
+    }
+}
+?>
+
+<h2>Modifier l'article</h2>
+<form method="post">
+    <label>Titre :</label><br>
+    <input type="text" name="titre" value="<?= htmlspecialchars($article['titre']) ?>" required><br><br>
+    <label>Contenu :</label><br>
+    <textarea name="contenu" rows="5" required><?= htmlspecialchars($article['contenu']) ?></textarea><br><br>
+    <input type="submit" value="Modifier">
+</form>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/public/index.php
+++ b/public/index.php
@@ -0,0 +1,18 @@
+<?php
+require_once '../includes/db.php';
+require_once '../includes/header.php';
+
+$stmt = $pdo->query("SELECT id, titre, SUBSTRING(contenu,1,150) AS extrait, date_creation 
+                     FROM articles ORDER BY date_creation DESC LIMIT 10");
+?>
+<h2>Derniers articles</h2>
+<?php while ($row = $stmt->fetch()): ?>
+<article>
+    <h3><a href="article.php?id=<?= $row['id'] ?>"><?= htmlspecialchars($row['titre']) ?></a></h3>
+    <p><?= htmlspecialchars($row['extrait']) ?>...</p>
+    <small>Publié le <?= $row['date_creation'] ?></small>
+</article>
+<hr>
+<?php endwhile; ?>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/public/login.php
+++ b/public/login.php
@@ -0,0 +1,34 @@
+<?php
+session_start();
+require_once '../includes/db.php';
+require_once '../includes/header.php';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $login = $_POST['login'] ?? '';
+    $password = $_POST['password'] ?? '';
+
+    $stmt = $pdo->prepare("SELECT * FROM utilisateur WHERE login = ?");
+    $stmt->execute([$login]);
+    $user = $stmt->fetch();
+
+    if ($user && password_verify($password, $user['password'])) {
+        $_SESSION['user'] = $user['login'];
+        header("Location: admin.php");
+        exit;
+    } else {
+        $error = "Identifiants incorrects";
+    }
+}
+?>
+
+<h2>Connexion administrateur</h2>
+<?php if (!empty($error)) echo "<p style='color:red;'>$error</p>"; ?>
+<form method="post">
+    <label>Login :</label><br>
+    <input type="text" name="login" required><br><br>
+    <label>Mot de passe :</label><br>
+    <input type="password" name="password" required><br><br>
+    <input type="submit" value="Se connecter">
+</form>
+
+<?php require_once '../includes/footer.php'; ?>
--- a/public/logout.php
+++ b/public/logout.php
@@ -0,0 +1,5 @@
+<?php
+session_start();
+session_destroy();
+header("Location: login.php");
+exit;
--- a/public/style.css
+++ b/public/style.css
@@ -0,0 +1,27 @@
+body {
+    font-family: Arial, sans-serif;
+    margin: 0;
+    padding: 0;
+}
+
+header, footer {
+    background-color: #333;
+    color: #fff;
+    padding: 1rem;
+    text-align: center;
+}
+
+nav a {
+    color: #fff;
+    margin: 0 1rem;
+    text-decoration: none;
+}
+
+main {
+    padding: 2rem;
+}
+
+article {
+    border-bottom: 1px solid #ccc;
+    padding: 1rem 0;
+}