From: Jérôme Benoit <jerome.benoit@piment-noir.org>
Date: Thu, 18 Jan 2018 16:21:18 +0000 (+0100)
Subject: Add return flight booking cinematic and personal informations editing.
X-Git-Url: https://git.piment-noir.org/?p=Project_webapp.git;a=commitdiff_plain;h=22f1dc6402dbc9a9c5d2ed2f17ef54044d35ec2a

Add return flight booking cinematic and personal informations editing.

And fix a couple of bugs.

Signed-off-by: Jérôme Benoit <jerome.benoit@piment-noir.org>
---

diff --git a/includes/account.php b/includes/account.php
index 073d5ad..7b2c366 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -2,11 +2,98 @@
 global $is_logged_in;
 if (!$is_logged_in) {
     echo "Please login first. <br>";
+    $_SESSION['login_referer'] = $_SERVER['HTTP_REFERER'];
     redirect("index.php?page=login", 2);
     include('footer.html');
     exit();
 }
-?>
 
-<h2>Mes informations</h2>
-<h2><a href="<?php echo $configs['root_url']; ?>/index.php?page=reservations">Mes re&#769;servations</a></h2>
+$action = filter_input(INPUT_GET, "action", FILTER_SANITIZE_STRING);
+
+global $connection;
+$sql_pquery = "select NomCl, PrenomCl, EmailCl, NumRueCl, NomRueCl, CodePosteCl, VilleCl from CLIENTS where EmailCl = ?";
+$connection->prepare_query($sql_pquery);
+$connection->prepared_query_bind_param("s", array($_SESSION['email']));
+$connection->run_prepared_query();
+$connection->get_pquery_result();
+$rows = $connection->get_result_array();
+$connection->close_prepared_query();
+
+if (empty($action)) {
+    echo "<h2>Mes informations</h2>\n";
+
+    echo "<table id=\"account\">\n";
+    foreach ($rows as $row) {
+        echo " <tr>\n";
+        echo "  <td>Nom : </td>\n";
+        echo "  <td>" . htmlentities($row['NomCl']) . "</td>\n";
+        echo " </tr>\n";
+
+        echo " <tr>\n";
+        echo "  <td>Pre&#769;nom : </td>\n";
+        echo "  <td>" . htmlentities($row['PrenomCl']) . "</td>\n";
+        echo " </tr>\n";
+
+        echo " <tr>\n";
+        echo "  <td>Email : </td>\n";
+        echo "  <td>" . htmlentities($row['EmailCl']) . "</td>\n";
+        echo " </tr>\n";
+
+        echo " <tr>\n";
+        echo "  <td>Adresse : </td>\n";
+        echo "  <td></td>\n";
+        echo " </tr>\n";
+
+        echo " <tr>\n";
+        echo "  <td>Nume&#769;ro de rue : </td>\n";
+        echo "  <td>" . htmlentities($row['NumRueCl']) . "</td>\n";
+        echo " </tr>\n";
+
+        echo " <tr>\n";
+        echo "  <td>Rue : </td>\n";
+        echo "  <td>" . htmlentities($row['NomRueCl']) . "</td>\n";
+        echo " </tr>\n";
+
+        echo " <tr>\n";
+        echo "  <td>Code postal : </td>\n";
+        echo "  <td>" . htmlentities($row['CodePosteCl']) . "</td>\n";
+        echo " </tr>\n";
+
+        echo " <tr>\n";
+        echo "  <td>Ville : </td>\n";
+        echo "  <td>" . htmlentities($row['VilleCl']) . "</td>\n";
+        echo " </tr>\n";
+    }
+    echo "</table>\n";
+
+    echo "| <a href=\"" . $configs['root_url'] . "/index.php?page=account&action=modifyaccount\">Modifier vos informations</a> | <a href=\"" . $configs['root_url'] . "/index.php?page=account&action=modifypassword\">Modifier votre mot de passe</a> |\n";
+    echo "<h2><a href=\"" . $configs['root_url'] . "/index.php?page=reservations\">Mes re&#769;servations</a></h2>\n";
+} elseif ($action === "modifyaccount") {
+    echo "
+    <form action=\"index.php\" id=\"account\" method=\"post\">
+     <input type=\"hidden\" name=\"form\" value=\"account\" />
+     <label> Nom : </label>
+     <input type=\"text\" size=\"25\" name=\"name\" value=\"" . $rows[0]['NomCl'] . "\" required/>
+     <label> Pre&#769;nom : </label>
+     <input type=\"text\" size=\"25\" name=\"firstname\" value=\"" . $rows[0]['PrenomCl'] . "\" required/>
+         <label> Adresse : <br> Nume&#769;ro de rue : </label>
+         <input type=\"number\" size=\"5\" name=\"numstreet\" value=\"" . $rows[0]['NumRueCl'] . "\" required/>
+         <label> Rue : </label>
+         <input type=\"text\" size=\"50\" name=\"street\" value=\"" . $rows[0]['NomRueCl'] . "\" required/>
+         <label> Code postal : </label>
+         <input type=\"number\" size=\"5\" name=\"postalcode\" value=\"" . $rows[0]['CodePosteCl'] . "\" required/>
+         <label> Ville : </label>
+         <input type=\"text\" size=\"15\" name=\"city\" value=\"" . $rows[0]['VilleCl'] . "\" required/>
+     <label> Email : </label>
+     <input type=\"email\" size=\"25\" name=\"email\" value=\"" . $rows[0]['EmailCl'] . "\" required/>
+     <input type=\"submit\" value=\"Valider\">
+    </form>
+    <br>\n";
+} elseif ($action === "modifypassword") {
+    echo "Work in progress. <br>\n";
+    redirect("index.php?page=account", 3);
+} else {
+    echo "Unknown account action. <br>\n";
+}
+
+?>
diff --git a/includes/formaccount.php b/includes/formaccount.php
new file mode 100644
index 0000000..37acd6d
--- /dev/null
+++ b/includes/formaccount.php
@@ -0,0 +1,44 @@
+<?php
+$form_name = filter_input(INPUT_POST, "name", FILTER_SANITIZE_STRING);
+$form_firstname = filter_input(INPUT_POST, "firstname", FILTER_SANITIZE_STRING);
+$form_numstreet = filter_input(INPUT_POST, "numstreet", FILTER_VALIDATE_INT);
+$form_street = filter_input(INPUT_POST, "street", FILTER_SANITIZE_STRING);
+$form_postalcode = filter_input(INPUT_POST, "postalcode", FILTER_VALIDATE_INT);
+$form_city = filter_input(INPUT_POST, "city", FILTER_SANITIZE_STRING);
+$form_email = filter_input(INPUT_POST, "email", FILTER_VALIDATE_EMAIL);
+
+$input_failure = false;
+
+if (!$form_numstreet) {
+    echo "The street number is not valid. <br>" ;
+    $input_failure = true;
+}
+if (!$form_postalcode) {
+    echo "The postal code is not valid. <br>";
+    $input_failure = true;
+}
+if (!$form_email) {
+    echo "The email is not valid. <br>";
+    $input_failure = true;
+}
+
+if (!empty($form_name) && !empty($form_firstname) && !empty($form_numstreet) && !empty($form_street) &&
+    !empty($form_postalcode) && !empty($form_city) && !empty($form_email) &&
+    !$input_failure) {
+        global $connection;
+        $client_id = get_client_id($_SESSION['email']);
+        $sql_pquery = "update CLIENTS
+                       set NomCl = ?, PrenomCl = ?, EmailCl = ?, NumRueCl = ?, NomRueCl = ?, CodePosteCl = ?, VilleCl = ?
+                       where NumCl = ?";
+        $connection->prepare_query($sql_pquery);
+        $connection->prepared_query_bind_param("sssisisi", array($form_name, $form_firstname, $form_email, $form_numstreet, $form_street, $form_postalcode, $form_city, $client_id));
+        $connection->run_prepared_query();
+        $connection->close_prepared_query();
+        echo "You've updated your personal informations, you will be redirected to your account in 3 seconds. <br>";
+        redirect("index.php?page=account", 3);
+
+} else {
+    echo "There's a required non filled field or the input in a field do not match the required pattern. <br>";
+    echo "<a href=\"javascript:history.go(-1)\">Retour</a>";
+}
+?>
diff --git a/includes/formbooking.php b/includes/formbooking.php
index 2d47f81..be30b87 100644
--- a/includes/formbooking.php
+++ b/includes/formbooking.php
@@ -8,6 +8,7 @@ $form_return_flight = filter_input(INPUT_POST, "return_flight", FILTER_VALIDATE_
 global $is_logged_in;
 if (!$is_logged_in) {
     echo "Please login first. <br>";
+    $_SESSION['login_referer'] = $_SERVER['HTTP_REFERER'];
     redirect("index.php?page=login", 2);
 }
 
@@ -23,7 +24,9 @@ if (!$form_nb_place) {
     $input_failure = true;
 }
 
-if (!$form_return_flight) {
+if (is_null($form_return_flight)) {
+    $form_return_flight = false;
+} elseif (!$form_return_flight) {
     echo "Vol retour invalide. <br>";
     $input_failure = true;
 }
@@ -31,7 +34,7 @@ if (!$form_return_flight) {
 if (!$input_failure && $is_logged_in && !empty($form_nb_place) && !empty($form_class_name)) {
     global $connection;
     $client_id = get_client_id($_SESSION['email']);
-    $nb_booked = nb_booked($client_id, $form_flight_id);
+    $nb_booked = nb_booked($client_id, $form_flight_id, $form_class_name);
     if (!empty($nb_booked)) {
         echo "Vous avez de&#769;ja&#768; re&#769;serve&#769; ce vol, vous allez e&#770;tre redirige&#769; vers la liste de vos re&#769;servations dans 2 secondes. <br>";
         redirect("index.php?page=reservations", 2);
@@ -54,15 +57,16 @@ if (!$input_failure && $is_logged_in && !empty($form_nb_place) && !empty($form_c
     $rows = $connection->get_result_array();
     $connection->close_prepared_query();
     foreach ($rows as $row) {
-        echo "(Simulation de paiement d'une re&#769;servation) <br>";
+        echo "(Simulation de validation et paiement d'une re&#769;servation) <br>";
         echo "Vous avez re&#769;serve&#769; et paye&#769; " . $form_nb_place . " place(s) sur le vol " .$form_flight_id .
              " au de&#769;part de " . $row['VilleD'].  " a&#768; " . $row['DateD'] . " arrivant a&#768; " . $row['VilleA'] . " a&#768; " . $row['DateA'] .
              " pour un montant total de " . $form_place_price * $form_nb_place . "&euro;. <br>";
     }
     if ($form_return_flight) {
-        redirect("index.php?page=search", 3);
-        $_SESSION['current_flight_id'] = $form_flight_id;
-        $_SESSION['return_flight'] = $form_return_flight;
+        $_SESSION['return_flight_departure_city'] = $row['VilleA'];
+        $_SESSION['return_flight_arrival_city'] = $row['VilleD'];
+        $_SESSION['return_flight_departure_date'] = $row['DateA'];
+        redirect("index.php?page=search&action=return_flight", 3);
     } else {
         redirect("index.php?page=reservations", 3);
     }
diff --git a/includes/formsearch.php b/includes/formsearch.php
index e40ab12..66c57c9 100644
--- a/includes/formsearch.php
+++ b/includes/formsearch.php
@@ -4,6 +4,7 @@ $form_departure_date = filter_input(INPUT_POST, "departure_date", FILTER_SANITIZ
 $form_arrival_city = filter_input(INPUT_POST, "arrival_city", FILTER_SANITIZE_STRING);
 $form_arrival_date = filter_input(INPUT_POST, "arrival_date", FILTER_SANITIZE_STRING);
 $form_date_now = filter_input(INPUT_POST, "date_now", FILTER_SANITIZE_STRING);
+$action = filter_input(INPUT_POST, "action", FILTER_SANITIZE_STRING);
 
 $oDepartureDate = new DateTime($form_departure_date);
 $oArrivalDate = new DateTime($form_arrival_date);
@@ -25,7 +26,7 @@ if ($oDepartureDate < $oDateNow) {
     $input_failure = true;
 }
 
-if ($oArrivalDate <= $oDepartureDate) {
+if (!($action === "return_flight") && $oArrivalDate <= $oDepartureDate) {
     echo "Arrival date is before departure date. <br>";
     $input_failure = true;
 }
@@ -39,10 +40,11 @@ if (empty($form_arrival_date)) {
 
 ?>
 
-<h1> Rechercher un vol </h1>
+<h1> Rechercher un vol <?php if ($action === "return_flight") { echo "retour"; } ?></h1>
 
 <form action="index.php" id="search" method="post">
  <input type="hidden" name="form" value="search" />
+ <?php if ($action === "return_flight") echo "<input type=\"hidden\" name=\"action\" value=\"return_flight\" />" ?>
  <input type="hidden" name="date_now" value="<?php echo $form_date_now; ?>" />
  <label> De&#769;part : Ville -> </label>
  <select size="1" name="departure_city" required>
@@ -97,7 +99,7 @@ if (empty($form_arrival_date)) {
 <?php
 if (!$input_failure) {
     global $connection;
-    $sql_pquery = "select VOLS.NumVol as NumVol, VilleD, DateD, VilleA, DateA, Classe, round(CoutVol*CoeffPrix, 2) as Prix from VOLS, DEFCLASSES
+    $sql_pquery = "select VOLS.NumVol as NumVol, VilleD, DateD, VilleA, DateA, Classe, round(CoutVol*CoeffPrix, 2) as Prix, NumAv from VOLS, DEFCLASSES
                    where DEFCLASSES.NumVol = VOLS.NumVol and
                    DateD >= ? and VilleD = ? and DateA <= ? and VilleA = ?
                    order by DateD, NumVol, Prix";
@@ -107,6 +109,7 @@ if (!$input_failure) {
     $connection->get_pquery_result();
     $rows = $connection->get_result_array();
     $connection->close_prepared_query();
+    //FIXME: Use NumAv to see if a flight is fully booked.
     //var_dump($rows);
     if (empty($rows)) {
         echo "Aucun vol ne correspond aux crite&#768;res de recherche. <br>";
@@ -139,14 +142,16 @@ if (!$input_failure) {
                           <input type=\"hidden\" name=\"place_price\" value=\"" . $row['Prix'] . "\" />
                           <label> Place(s) : </label>
                           <input type=\"number\" name=\"nb_place\" min=\"1\" max=\"9\" value=\"1\" required/>
-                          <label> Vol retour : </label>
-                          <input type=\"checkbox\" name=\"return_flight\" checked required/>
-                          <input type=\"submit\" value=\"Re&#769;server\">
-                        </form>
-                      </td>\n";
+                          <label> Vol retour : </label>\n";
+                          if (!($action === "return_flight")) {
+                              echo "        <input type=\"checkbox\" name=\"return_flight\" checked/>\n";
+                          }
+            echo "        <input type=\"submit\" value=\"Re&#769;server\">\n";
+            echo "      </form>
+                     </td>\n";
             echo "  </tr>\n";
         }
-        echo "</table>";
+        echo "</table>\n";
     }
 }
 
diff --git a/includes/header.php b/includes/header.php
index 4dae576..13ce88c 100644
--- a/includes/header.php
+++ b/includes/header.php
@@ -37,7 +37,7 @@ $is_logged_in = chk_logged_in();
     |
     <?php
     if ($is_logged_in) {
-        echo "<a href=\"" . $configs['root_url'] . "/index.php?page=reservations\">Mes re&#769;servations</a> |";
+        echo "<a href=\"" . $configs['root_url'] . "/index.php?page=reservations\">Mes re&#769;servations</a> |\n";
     }
     ?>
 </div>
diff --git a/includes/register.php b/includes/register.php
index 09918a4..20ad699 100644
--- a/includes/register.php
+++ b/includes/register.php
@@ -15,7 +15,7 @@
      <label> Ville :* </label>
      <input type="text" size="15" name="city" required/>
  <label> Email :* </label>
- <input type="email" size="25 "name="email" required/>
+ <input type="email" size="25" name="email" required/>
  <label> Mot de passe :* </label>
  <input type="password" minlength="8" size="15" name="password" pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*" title="Doit contenir 8 caracte&#768;res minimum dont une majuscule, une minuscule et un chiffre" required/>
  <label> Confirmation du mot de passe :* </label>
diff --git a/includes/reservations.php b/includes/reservations.php
index 15beeac..3230f34 100644
--- a/includes/reservations.php
+++ b/includes/reservations.php
@@ -2,6 +2,7 @@
 global $is_logged_in;
 if (!$is_logged_in) {
     echo "Please login first. <br>";
+    $_SESSION['login_referer'] = $_SERVER['HTTP_REFERER'];
     redirect("index.php?page=login", 2);
     include('footer.html');
     exit();
@@ -63,10 +64,10 @@ if (empty($rows)) {
                         </form>
                       </td>\n";
         } else {
-            echo "Vol en cours";
+            echo "Vol en cours\n";
         }
         echo "  </tr>\n";
     }
-    echo "</table>";
+    echo "</table>\n";
 }
 ?>
diff --git a/includes/search.php b/includes/search.php
index c7e761f..b35c762 100644
--- a/includes/search.php
+++ b/includes/search.php
@@ -1,9 +1,29 @@
-<h1> Rechercher un vol </h1>
+<?php
+$action = filter_input(INPUT_GET, "action", FILTER_SANITIZE_STRING);
+?>
+<h1> Rechercher un vol <?php if ($action === "return_flight") { echo "retour"; } ?></h1>
 
-<?php if (isset($_SESSION['return_flight'])) ?>
+<?php
+
+$return_flight_departure_city = "";
+$return_flight_arrival_city = "";
+$return_flight_departure_date = "";
+$oDepartureDate = new DateTime("now");
+if ($action === "return_flight") {
+    //var_dump($_SESSION);
+    if (isset($_SESSION['return_flight_departure_city'])) $return_flight_departure_city = $_SESSION['return_flight_departure_city'];
+    if (isset($_SESSION['return_flight_arrival_city'])) $return_flight_arrival_city = $_SESSION['return_flight_arrival_city'];
+    if (isset($_SESSION['return_flight_departure_date'])) {
+        $return_flight_departure_date = $_SESSION['return_flight_departure_date'];
+        $oDepartureDate = new DateTime($return_flight_departure_date);
+    }
+}
+
+?>
 
 <form action="index.php" id="search" method="post">
  <input type="hidden" name="form" value="search" />
+ <?php if ($action === "return_flight") echo "<input type=\"hidden\" name=\"action\" value=\"return_flight\" />" ?>
  <input type="hidden" name="date_now" value="<?php echo date('Y-m-d\TH:i', time() - 600); ?>" />
  <label> De&#769;part : Ville -> </label>
  <select size="1" name="departure_city" required>
@@ -17,13 +37,17 @@
  $cities = $connection->get_result_array();
  $connection->close_prepared_query();
  foreach ($cities as $city) {
-     echo "<option value=\"$city[0]\">$city[0]</option>\n";
+     if (strcmp($city[0], $return_flight_departure_city) === 0) {
+         echo "<option value=\"$city[0]\" selected>$city[0]</option>\n";
+     } else {
+         echo "<option value=\"$city[0]\">$city[0]</option>\n";
+     }
  }
  ?>
   </optgroup>
  </select>
  <label> Date -> </label>
- <input type="datetime-local" name="departure_date" value="<?php echo date('Y-m-d\TH:i'); ?>" required/>
+ <input type="datetime-local" name="departure_date" value="<?php echo $oDepartureDate->format('Y-m-d\TH:i'); ?>" required/>
  <label> Arrive&#769;e : Ville -> </label>
  <select size="1" name="arrival_city" required>
   <optgroup label="Se&#769;lectionner une ville">
@@ -36,7 +60,11 @@
  $cities = $connection->get_result_array();
  $connection->close_prepared_query();
  foreach ($cities as $city) {
-     echo "<option value=\"$city[0]\">$city[0]</option>\n";
+     if (strcmp($city[0], $return_flight_arrival_city) === 0) {
+         echo "<option value=\"$city[0]\" selected>$city[0]</option>\n";
+     } else {
+         echo "<option value=\"$city[0]\">$city[0]</option>\n";
+     }
  }
  ?>
   </optgroup>
@@ -46,3 +74,10 @@
  <input type="submit" value="Rechercher">
 </form>
 <br>
+
+<?php
+// Unset all used session variables
+unset($_SESSION['return_flight_departure_city']);
+unset($_SESSION['return_flight_arrival_city']);
+unset($_SESSION['return_flight_departure_date']);
+?>
diff --git a/index.php b/index.php
index 9dc9e0b..5c12c9e 100644
--- a/index.php
+++ b/index.php
@@ -22,6 +22,8 @@ if (!isset($form)) {
     $form = "";
 }
 
+//var_dump($_SESSION);
+
 function get_action_type() {
     global $is_page, $is_form;
 
diff --git a/lib/utils.php b/lib/utils.php
index 9955458..5ab99b5 100644
--- a/lib/utils.php
+++ b/lib/utils.php
@@ -95,12 +95,12 @@ function get_client_id($email)
  * @param  [type] $flight_id [description]
  * @return [type]            [description]
  */
-function nb_booked($client_id, $flight_id)
+function nb_booked($client_id, $flight_id, $class_name)
 {
     global $connection;
-    $sql_pquery = "select SUM(NbPlaces) from RESERVATIONS where NumCl = ? and NumVol = ?";
+    $sql_pquery = "select SUM(NbPlaces) from RESERVATIONS where NumCl = ? and NumVol = ? and Classe = ?";
     $connection->prepare_query($sql_pquery);
-    $connection->prepared_query_bind_param("is", array($client_id, $flight_id));
+    $connection->prepared_query_bind_param("iss", array($client_id, $flight_id, $class_name));
     $connection->run_prepared_query();
     $connection->get_pquery_result();
     $row = $connection->get_result_array();
diff --git a/styles/airpolytech.css b/styles/airpolytech.css
index fbbb3cc..c425d29 100644
--- a/styles/airpolytech.css
+++ b/styles/airpolytech.css
@@ -60,14 +60,14 @@ label {
     text-align: right;
 }
 
-label + input {
+label+input {
     width: 30%;
     /* large margin-right to force the next element to the new-line
        and margin-left to create a gutter between the label and input */
     margin: 0 30% 0 4%;
 }
 
-label + select {
+label+select {
     width: 30%;
     /* large margin-right to force the next element to the new-line
        and margin-left to create a gutter between the label and select */
@@ -76,13 +76,18 @@ label + select {
 
 /* only the submit button is matched by this selector,
    but to be sure you could use an id or class for that button */
-input + input {
+input+input {
     float: right;
 }
 
 table {
     margin: 0px auto;
     width: 100%;
+    vertical-align: middle;
+}
+
+table#account {
+    width: 40%;
 }
 
 table#home {