And fix a couple of CSS bugs in the account informations displaying.
Signed-off-by: Jérôme Benoit <jerome.benoit@piment-noir.org>
if (empty($action)) {
echo "<h2>Mes informations</h2>\n";
- echo "<table id=\"account\">\n";
+ echo "<table id=\"taccount\">\n";
foreach ($rows as $row) {
echo " <tr>\n";
- echo " <td>Nom : </td>\n";
- echo " <td>" . htmlentities($row['NomCl']) . "</td>\n";
+ echo " <td align=\"right\" valign=\"middle\">Prénom : </td>\n";
+ echo " <td align=\"left\" valign=\"middle\">" . htmlentities($row['PrenomCl']) . "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
- echo " <td>Prénom : </td>\n";
- echo " <td>" . htmlentities($row['PrenomCl']) . "</td>\n";
+ echo " <td align=\"right\" valign=\"middle\">Nom : </td>\n";
+ echo " <td align=\"left\" valign=\"middle\">" . htmlentities($row['NomCl']) . "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
- echo " <td>Email : </td>\n";
- echo " <td>" . htmlentities($row['EmailCl']) . "</td>\n";
+ echo " <td align=\"right\" valign=\"middle\">Email : </td>\n";
+ echo " <td align=\"left\" valign=\"middle\">" . htmlentities($row['EmailCl']) . "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
- echo " <td>Adresse : </td>\n";
- echo " <td></td>\n";
+ echo " <td align=\"right\" valign=\"middle\">Adresse : </td>\n";
+ echo " <td align=\"left\" valign=\"middle\"></td>\n";
echo " </tr>\n";
echo " <tr>\n";
- echo " <td>Numéro de rue : </td>\n";
- echo " <td>" . htmlentities($row['NumRueCl']) . "</td>\n";
+ echo " <td align=\"right\" valign=\"middle\">Numéro de rue : </td>\n";
+ echo " <td align=\"left\" valign=\"middle\">" . htmlentities($row['NumRueCl']) . "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
- echo " <td>Rue : </td>\n";
- echo " <td>" . htmlentities($row['NomRueCl']) . "</td>\n";
+ echo " <td align=\"right\" valign=\"middle\">Rue : </td>\n";
+ echo " <td align=\"left\" valign=\"middle\">" . htmlentities($row['NomRueCl']) . "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
- echo " <td>Code postal : </td>\n";
- echo " <td>" . htmlentities($row['CodePosteCl']) . "</td>\n";
+ echo " <td align=\"right\" valign=\"middle\">Code postal : </td>\n";
+ echo " <td align=\"left\" valign=\"middle\">" . htmlentities($row['CodePosteCl']) . "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
- echo " <td>Ville : </td>\n";
- echo " <td>" . htmlentities($row['VilleCl']) . "</td>\n";
+ echo " <td align=\"right\" valign=\"middle\">Ville : </td>\n";
+ echo " <td align=\"left\" valign=\"middle\">" . htmlentities($row['VilleCl']) . "</td>\n";
echo " </tr>\n";
}
echo "</table>\n";
echo "<h2><a href=\"" . $configs['root_url'] . "/index.php?page=reservations\">Mes réservations</a></h2>\n";
} elseif ($action === "modifyaccount") {
echo "
- <form action=\"index.php\" id=\"account\" method=\"post\">
+ <form action=\"index.php\" id=\"faccount\" method=\"post\">
<input type=\"hidden\" name=\"form\" value=\"account\" />
- <label> Nom : </label>
- <input type=\"text\" size=\"25\" name=\"name\" value=\"" . $rows[0]['NomCl'] . "\" required/>
<label> Prénom : </label>
<input type=\"text\" size=\"25\" name=\"firstname\" value=\"" . $rows[0]['PrenomCl'] . "\" required/>
+ <label> Nom : </label>
+ <input type=\"text\" size=\"25\" name=\"name\" value=\"" . $rows[0]['NomCl'] . "\" required/>
+ <label> Email : </label>
+ <input type=\"email\" size=\"25\" name=\"email\" value=\"" . $rows[0]['EmailCl'] . "\" required/>
<label> Adresse : <br> Numéro de rue : </label>
<input type=\"number\" size=\"5\" name=\"numstreet\" value=\"" . $rows[0]['NumRueCl'] . "\" required/>
<label> Rue : </label>
<input type=\"number\" size=\"5\" name=\"postalcode\" value=\"" . $rows[0]['CodePosteCl'] . "\" required/>
<label> Ville : </label>
<input type=\"text\" size=\"15\" name=\"city\" value=\"" . $rows[0]['VilleCl'] . "\" required/>
- <label> Email : </label>
- <input type=\"email\" size=\"25\" name=\"email\" value=\"" . $rows[0]['EmailCl'] . "\" required/>
<input type=\"submit\" value=\"Valider\">
</form>
<br>\n";
} elseif ($action === "modifypassword") {
- echo "Work in progress. <br>\n";
- redirect("index.php?page=account", 3);
+ echo "
+ <form action=\"index.php\" id=\"fpassword\" method=\"post\">
+ <input type=\"hidden\" name=\"form\" value=\"account\" />
+ <label> Ancien mot de passe : </label>
+ <input type=\"password\" size=\"15\" name=\"oldpassword\" required/>
+ <label> Nouveau mot de passe : </label>
+ <input type=\"password\" minlength=\"8\" size=\"15\" name=\"password\" pattern=\"(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*\" title=\"Doit contenir 8 caractères minimum dont une majuscule, une minuscule et un chiffre\" required/>
+ <label> Confirmation du mot de passe : </label>
+ <input type=\"password\" minlength=\"8\" size=\"15\" name=\"confirmpassword\" pattern=\"(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*\" title=\"Doit contenir 8 caractères minimum dont une majuscule, une minuscule et un chiffre\" required/>
+ <input type=\"submit\" value=\"Valider\">
+ </form>
+ <br>\n";
} else {
echo "Unknown account action. <br>\n";
}
$form_city = filter_input(INPUT_POST, "city", FILTER_SANITIZE_STRING);
$form_email = filter_input(INPUT_POST, "email", FILTER_VALIDATE_EMAIL);
+$form_oldpassword = filter_input(INPUT_POST, "oldpassword", FILTER_SANITIZE_STRING);
+$form_password = filter_input(INPUT_POST, "password", FILTER_SANITIZE_STRING);
+$form_confirmpassword = filter_input(INPUT_POST, "confirmpassword", FILTER_SANITIZE_STRING);
+
$input_failure = false;
+$password_failure = false;
-if (!$form_numstreet) {
+if (isset($form_street) && !$form_numstreet) {
echo "The street number is not valid. <br>" ;
$input_failure = true;
}
-if (!$form_postalcode) {
+if (isset($form_street) && !$form_postalcode) {
echo "The postal code is not valid. <br>";
$input_failure = true;
}
-if (!$form_email) {
+if (isset($form_street) && !$form_email) {
echo "The email is not valid. <br>";
$input_failure = true;
}
+if (isset($form_oldpassword) && isset($form_password) && strcmp($form_oldpassword, $form_password) === 0) {
+ echo "Old and new password are the same. <br>";
+ $password_failure = true;
+}
+
+if (strcmp($form_password, $form_confirmpassword) !== 0) {
+ echo "Password do not match. <br>";
+ $password_failure = true;
+}
+
if (!empty($form_name) && !empty($form_firstname) && !empty($form_numstreet) && !empty($form_street) &&
!empty($form_postalcode) && !empty($form_city) && !empty($form_email) &&
!$input_failure) {
+ global $connection;
+ $client_id = get_client_id($_SESSION['email']);
+ $sql_pquery = "update CLIENTS
+ set NomCl = ?, PrenomCl = ?, EmailCl = ?, NumRueCl = ?, NomRueCl = ?, CodePosteCl = ?, VilleCl = ?
+ where NumCl = ?";
+ $connection->prepare_query($sql_pquery);
+ $connection->prepared_query_bind_param("sssisisi", array($form_name, $form_firstname, $form_email, $form_numstreet, $form_street, $form_postalcode, $form_city, $client_id));
+ $connection->run_prepared_query();
+ $connection->close_prepared_query();
+ echo "You've updated your personal informations, you will be redirected to your account in 3 seconds. <br>";
+ redirect("index.php?page=account", 3);
+} elseif (!empty($form_oldpassword) && !empty($form_password) && !empty($form_confirmpassword) &&
+ !$password_failure) {
+ if (chk_password($_SESSION['email'], $form_oldpassword)) {
global $connection;
$client_id = get_client_id($_SESSION['email']);
+ $hashed_password = password_hash($form_password, PASSWORD_DEFAULT);
$sql_pquery = "update CLIENTS
- set NomCl = ?, PrenomCl = ?, EmailCl = ?, NumRueCl = ?, NomRueCl = ?, CodePosteCl = ?, VilleCl = ?
- where NumCl = ?";
+ set PasswordCl = ?
+ where NumCl = ?";
$connection->prepare_query($sql_pquery);
- $connection->prepared_query_bind_param("sssisisi", array($form_name, $form_firstname, $form_email, $form_numstreet, $form_street, $form_postalcode, $form_city, $client_id));
+ $connection->prepared_query_bind_param("si", array($hashed_password, $client_id));
$connection->run_prepared_query();
$connection->close_prepared_query();
- echo "You've updated your personal informations, you will be redirected to your account in 3 seconds. <br>";
+ echo "You've successfully updated your password. <br>";
redirect("index.php?page=account", 3);
-
+ } else {
+ echo "Your old password is incorrect. <br>";
+ redirect("index.php?page=account&action=modifypassword", 3);
+ }
} else {
echo "There's a required non filled field or the input in a field do not match the required pattern. <br>";
echo "<a href=\"javascript:history.go(-1)\">Retour</a>";
}
+
?>
echo "Fail to authenticate for unknown reason. <br>";
redirect("index.php?page=login", 3);
}
+
+?>
echo "There's a required non filled field or the input in a field do not match the required pattern. <br>";
echo "<a href=\"javascript:history.go(-1)\">Retour</a>";
}
+
?>
if (isset($form_modify) && isset($form_flight_id) && isset($form_class_name)) {
echo $form_modify;
} elseif (isset($form_cancel) && isset($form_flight_id) && isset($form_class_name)) {
- //FIXME: Add a confirmation step
$client_id = get_client_id($_SESSION['email']);
global $connection;
$sql_pquery = "delete from RESERVATIONS
redirect("index.php?page=reservations", 3);
} else {
echo "Make an error message. <br>";
+ echo "<a href=\"javascript:history.go(-1)\">Retour</a>";
}
?>
?>
-<h1> Rechercher un vol <?php if ($action === "return_flight") { echo "retour"; } ?></h1>
+<h1> Rechercher un vol <?php if ($action === "return_flight") { echo "retour"; } ?> </h1>
<form action="index.php" id="search" method="post">
<input type="hidden" name="form" value="search" />
- <?php if ($action === "return_flight") echo "<input type=\"hidden\" name=\"action\" value=\"return_flight\" />" ?>
+ <?php if ($action === "return_flight") { echo "<input type=\"hidden\" name=\"action\" value=\"return_flight\" />"; } ?>
<input type="hidden" name="date_now" value="<?php echo $form_date_now; ?>" />
<label> Départ : Ville -> </label>
<select size="1" name="departure_city" required>
</optgroup>
</select>
<label> Date -> </label>
- <input type="datetime-local" name="arrival_date" <?php if (isset($form_arrival_date)) echo "value=\"$form_arrival_date\"";?> />
+ <input type="datetime-local" name="arrival_date" <?php if (isset($form_arrival_date)) { echo "value=\"$form_arrival_date\""; } ?> />
<input type="submit" value="Rechercher">
</form>
<br>
<?php
if (!$input_failure) {
- global $connection;
- $sql_pquery = "select VOLS.NumVol as NumVol, VilleD, DateD, VilleA, DateA, Classe, round(CoutVol*CoeffPrix, 2) as Prix, NumAv from VOLS, DEFCLASSES
- where DEFCLASSES.NumVol = VOLS.NumVol and
- DateD >= ? and VilleD = ? and DateA <= ? and VilleA = ?
- order by DateD, NumVol, Prix";
- $connection->prepare_query($sql_pquery);
- $connection->prepared_query_bind_param("ssss", array($form_departure_date, $form_departure_city, $form_arrival_date, $form_arrival_city));
- $connection->run_prepared_query();
- $connection->get_pquery_result();
- $rows = $connection->get_result_array();
- $connection->close_prepared_query();
- //FIXME: Use NumAv to see if a flight is fully booked.
- //var_dump($rows);
- if (empty($rows)) {
- echo "Aucun vol ne correspond aux critères de recherche. <br>";
- } else {
- echo "<table id=\"search\">\n";
- echo " <tr>\n";
- echo " <th>Numéro de vol</th>\n";
- echo " <th>Ville de départ</th>\n";
- echo " <th>Date de départ</th>\n";
- echo " <th>Ville d'arrivée</th>\n";
- echo " <th>Date d'arrivée</th>\n";
- echo " <th>Classe</th>\n";
- echo " <th>Prix d'une place</th>\n";
- echo " <th>Réserver</th>\n";
- echo " </tr>\n";
- foreach ($rows as $row) {
- echo " <tr>\n";
- echo " <td>" . $row['NumVol'] . "</td>\n";
- echo " <td>" . $row['VilleD'] . "</td>\n";
- echo " <td>" . $row['DateD'] . "</td>\n";
- echo " <td>" . $row['VilleA'] . "</td>\n";
- echo " <td>" . $row['DateA'] . "</td>\n";
- echo " <td>" . $row['Classe'] . "</td>\n";
- echo " <td>" . $row['Prix'] . "€</td>\n";
- echo " <td>
+ global $connection;
+ $sql_pquery = "select VOLS.NumVol as NumVol, VilleD, DateD, VilleA, DateA, Classe, round(CoutVol*CoeffPrix, 2) as Prix, NumAv from VOLS, DEFCLASSES
+ where DEFCLASSES.NumVol = VOLS.NumVol and
+ DateD >= ? and VilleD = ? and DateA <= ? and VilleA = ?
+ order by DateD, NumVol, Prix";
+ $connection->prepare_query($sql_pquery);
+ $connection->prepared_query_bind_param("ssss", array($form_departure_date, $form_departure_city, $form_arrival_date, $form_arrival_city));
+ $connection->run_prepared_query();
+ $connection->get_pquery_result();
+ $rows = $connection->get_result_array();
+ $connection->close_prepared_query();
+ //FIXME: Use NumAv to see if a flight is fully booked.
+ //var_dump($rows);
+ if (empty($rows)) {
+ echo "Aucun vol ne correspond aux critères de recherche. <br>";
+ } else {
+
echo "<table id=\"search\">\n";
+ echo " <tr>\n";
+ echo " <th>Numéro de vol</th>\n";
+ echo " <th>Ville de départ</th>\n";
+ echo " <th>Date de départ</th>\n";
+ echo " <th>Ville d'arrivée</th>\n";
+ echo " <th>Date d'arrivée</th>\n";
+ echo " <th>Classe</th>\n";
+ echo " <th>Prix d'une place</th>\n";
+ echo " <th>Réserver</th>\n";
+ echo " </tr>\n";
+ foreach ($rows as $row) {
+ echo " <tr>\n";
+ echo " <td>" . $row['NumVol'] . "</td>\n";
+ echo " <td>" . $row['VilleD'] . "</td>\n";
+ echo " <td>" . $row['DateD'] . "</td>\n";
+ echo " <td>" . $row['VilleA'] . "</td>\n";
+ echo " <td>" . $row['DateA'] . "</td>\n";
+ echo " <td>" . $row['Classe'] . "</td>\n";
+ echo " <td>" . $row['Prix'] . "€</td>\n";
+ echo " <td>
<form action=\"index.php\" id=\"booking\" method=\"post\">
<input type=\"hidden\" name=\"form\" value=\"booking\" />
<input type=\"hidden\" name=\"flight_id\" value=\"" . $row['NumVol'] . "\" />
<label> Place(s) : </label>
<input type=\"number\" name=\"nb_place\" min=\"1\" max=\"9\" value=\"1\" required/>
<label> Vol retour : </label>\n";
- if (!($action === "return_flight")) {
- echo " <input type=\"checkbox\" name=\"return_flight\" checked/>\n";
- }
- echo " <input type=\"submit\" value=\"Réserver\">\n";
- echo " </form>
- </td>\n";
- echo " </tr>\n";
- }
- echo "</table>\n";
- }
-}
+ if (!($action === "return_flight")) {
+ echo " <input type=\"checkbox\" name=\"return_flight\" checked/>\n";
+ }
+ echo " <input type=\"submit\" value=\"Réserver\">\n";
+ echo " </form>
+ </td>\n";
+ echo " </tr>\n";
+ }
+ echo "</table>\n";
+ }
+ }
?>
<form action="index.php" id="register" method="post">
<input type="hidden" name="form" value="register" />
- <label> Nom :* </label>
- <input type="text" size="25" name="name" required/>
<label> Prénom :* </label>
<input type="text" size="25" name="firstname" required/>
+ <label> Nom :* </label>
+ <input type="text" size="25" name="name" required/>
+ <label> Email :* </label>
+ <input type="email" size="25" name="email" required/>
<label> Adresse : <br> Numéro de rue :* </label>
<input type="number" size="5" name="numstreet" required/>
<label> Rue :* </label>
<input type="number" size="5" name="postalcode" required/>
<label> Ville :* </label>
<input type="text" size="15" name="city" required/>
- <label> Email :* </label>
- <input type="email" size="25" name="email" required/>
<label> Mot de passe :* </label>
<input type="password" minlength="8" size="15" name="password" pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*" title="Doit contenir 8 caractères minimum dont une majuscule, une minuscule et un chiffre" required/>
<label> Confirmation du mot de passe :* </label>
$connection->get_pquery_result();
$rows = $connection->get_result_array();
$connection->close_prepared_query();
-//var_dump($rows);
if (empty($rows)) {
echo "Aucune(s) réservation(s) en cours pour le moment. <br>";
} else {
<input type=\"hidden\" name=\"flight_id\" value=\"" . $row['NumVol'] . "\" />
<input type=\"hidden\" name=\"class_name\" value=\"" . $row['Classe'] . "\" />
<input type=\"submit\" name=\"modify\" value=\"Modifier\">
- <input type=\"submit\" name=\"cancel\" value=\"Annuler\">
+ <input type=\"button\" name=\"cancel\" value=\"Annuler\" onClick=\"ConfirmCancelFlight()\">
</form>
</td>\n";
} else {
$return_flight_departure_date = "";
$oDepartureDate = new DateTime("now");
if ($action === "return_flight") {
- //var_dump($_SESSION);
if (isset($_SESSION['return_flight_departure_city'])) $return_flight_departure_city = $_SESSION['return_flight_departure_city'];
if (isset($_SESSION['return_flight_arrival_city'])) $return_flight_arrival_city = $_SESSION['return_flight_arrival_city'];
if (isset($_SESSION['return_flight_departure_date'])) {
+function ConfirmCancelFlight() {
+ var oFormObject = document.forms['reservations'];
+ if (confirm("Voulez-vous vraiment annuler votre réservation sur le vol " + oFormObject.elements['flight_id'].value + " ?")) {
+ var input = document.createElement("input");
+ input.setAttribute("type", "hidden");
+ input.setAttribute("name", "cancel");
+ input.setAttribute("value", "Annuler");
+ oFormObject.appendChild(input);
+ oFormObject.submit();
+ }
+}
width: 720px;
}
+form#fpassword {
+ width: 720px;
+}
+
form#booking {
width: 250px;
}
vertical-align: middle;
}
-table#account {
- width: 40%;
+table#taccount {
+ width: 30%;
}
table#home {
repositories / Project_webapp.git / commitdiff
