From b5f60f89589412e18b51326378ab13b9a4fa0f19 Mon Sep 17 00:00:00 2001
From: =?utf8?q?J=C3=A9r=C3=B4me=20Benoit?= <jerome.benoit@piment-noir.org>
Date: Tue, 9 Jan 2018 22:14:39 +0100
Subject: [PATCH] Tidy a bit the files structure.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Workaround a bug in variable arguments number in the DB class.

Signed-off-by: Jérôme Benoit <jerome.benoit@piment-noir.org>
---
 footer.html                         |  5 ----
 formlogin.php                       | 11 --------
 account.php => includes/account.php |  0
 booking.php => includes/booking.php |  0
 config.php => includes/config.php   |  0
 includes/footer.html                |  5 ++++
 includes/formlogin.php              | 16 +++++++++++
 includes/formregister.php           | 44 +++++++++++++++++++++++++++++
 header.html => includes/header.html |  2 +-
 header.php => includes/header.php   |  0
 home.php => includes/home.php       |  5 ++--
 includes/login.php                  |  6 ++++
 includes/register.php               | 15 ++++++++++
 search.php => includes/search.php   |  0
 index.php                           | 44 +++++++++++++++++------------
 lib/db.php                          | 11 ++++----
 login.php                           |  6 ----
 register.php                        |  0
 18 files changed, 121 insertions(+), 49 deletions(-)
 delete mode 100644 footer.html
 delete mode 100644 formlogin.php
 rename account.php => includes/account.php (100%)
 rename booking.php => includes/booking.php (100%)
 rename config.php => includes/config.php (100%)
 create mode 100644 includes/footer.html
 create mode 100644 includes/formlogin.php
 create mode 100644 includes/formregister.php
 rename header.html => includes/header.html (76%)
 rename header.php => includes/header.php (100%)
 rename home.php => includes/home.php (78%)
 create mode 100644 includes/login.php
 create mode 100644 includes/register.php
 rename search.php => includes/search.php (100%)
 delete mode 100644 login.php
 delete mode 100644 register.php

diff --git a/footer.html b/footer.html
deleted file mode 100644
index e06db19..0000000
--- a/footer.html
+++ /dev/null
@@ -1,5 +0,0 @@
-<div id="footer">
-    &copy;2018 - <a href="https://piment-noir.org">Piment Noir</a>
-</div>
-</body>
-</html>
diff --git a/formlogin.php b/formlogin.php
deleted file mode 100644
index f3b8765..0000000
--- a/formlogin.php
+++ /dev/null
@@ -1,11 +0,0 @@
-<?php
-$form_email = filter_input(INPUT_POST, "email", FILTER_VALIDATE_EMAIL);
-$form_password = filter_input(INPUT_POST, "password", FILTER_SANITIZE_STRING);
-
-if (!$form_email) {
-    echo "The email is not valid";
-} else {
-    $sql_pquery = "select count() from Client where EmailCI = ?";
-}
-
-?>
diff --git a/account.php b/includes/account.php
similarity index 100%
rename from account.php
rename to includes/account.php
diff --git a/booking.php b/includes/booking.php
similarity index 100%
rename from booking.php
rename to includes/booking.php
diff --git a/config.php b/includes/config.php
similarity index 100%
rename from config.php
rename to includes/config.php
diff --git a/includes/footer.html b/includes/footer.html
new file mode 100644
index 0000000..733dbb9
--- /dev/null
+++ b/includes/footer.html
@@ -0,0 +1,5 @@
+<div id="footer">
+    &copy;2018 - Made by <a href="https://piment-noir.org">Piment Noir</a>
+</div>
+</body>
+</html>
diff --git a/includes/formlogin.php b/includes/formlogin.php
new file mode 100644
index 0000000..8da2e2c
--- /dev/null
+++ b/includes/formlogin.php
@@ -0,0 +1,16 @@
+<?php
+$form_email = filter_input(INPUT_POST, "email", FILTER_VALIDATE_EMAIL);
+$form_password = filter_input(INPUT_POST, "password", FILTER_SANITIZE_STRING);
+
+if (!$form_email) {
+    echo "The email is not valid <br>";
+} else {
+    $sql_pquery = "select count(NumCI) from CLIENTS where EmailCI = ?";
+
+    echo "This email do not belong to a registred client, please register first <br>";
+
+    if (password_verify($form_password, $stored_password)) {
+
+    }
+}
+?>
diff --git a/includes/formregister.php b/includes/formregister.php
new file mode 100644
index 0000000..53b5f6d
--- /dev/null
+++ b/includes/formregister.php
@@ -0,0 +1,44 @@
+<?php
+$form_name = filter_input(INPUT_POST, "name", FILTER_SANITIZE_STRING);
+$form_firstname = filter_input(INPUT_POST, "firstname", FILTER_SANITIZE_STRING);
+$form_numstreet = filter_input(INPUT_POST, "numstreet", FILTER_VALIDATE_INT);
+$form_street = filter_input(INPUT_POST, "street", FILTER_SANITIZE_STRING);
+$form_postalcode = filter_input(INPUT_POST, "postalcode", FILTER_VALIDATE_INT);
+$form_town = filter_input(INPUT_POST, "postalcode", FILTER_SANITIZE_STRING);
+$form_email = filter_input(INPUT_POST, "email", FILTER_VALIDATE_EMAIL);
+$form_password = filter_input(INPUT_POST, "password", FILTER_SANITIZE_STRING);
+$form_confirmpassword = filter_input(INPUT_POST, "confirmpassword", FILTER_SANITIZE_STRING);
+
+$error_numstreet = false;
+$error_postalcode = false;
+$error_email = false;
+$error_password = false;
+
+if (!$form_numstreet) {
+    echo "The street number is not valid <br>" ;
+    $error_numstreet = true;
+}
+if (!$form_postalcode) {
+    echo "The postal code is not valid <br>";
+    $error_postalcode = true;
+}
+if (!$form_email) {
+    echo "The email is not valid <br>";
+    $error_email = true;
+}
+if (strcmp($form_password, $form_confirmpassword) === 0) {
+    echo "Password do not match <br>";
+    $error_password = true;
+}
+
+if (!empty($form_name) && !empty($form_firstname) && !empty($form_numstreet) && !empty($form_street) &&
+    !empty($form_postalcode) && !empty($form_town) && !empty($form_email) && !empty($form_password)){
+    global $connection;
+    $sql_pquery = "select count(NumCl) from CLIENTS where EmailCl = ?";
+    $stmt = $connection->prepare_query($sql_pquery);
+    $stmt->bind_param("s", $form_email);
+    //$connection->prepared_query_bind_param("s", $form_email);
+    $connection->run_prepared_query();
+    $connection->close_prepared_query();
+}
+?>
diff --git a/header.html b/includes/header.html
similarity index 76%
rename from header.html
rename to includes/header.html
index 5721c7d..602e0cf 100644
--- a/header.html
+++ b/includes/header.html
@@ -4,7 +4,7 @@
 <head>
 <title>Air Polytech</title>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<link href="https://fonts.googleapis.com/css?family=Encode+Sans+Semi+Condensed" rel="stylesheet">
+<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Encode+Sans+Semi+Condensed">
 <link rel="stylesheet" type="text/css" href="styles/airpolytech.css" />
 </head>
 <body>
diff --git a/header.php b/includes/header.php
similarity index 100%
rename from header.php
rename to includes/header.php
diff --git a/home.php b/includes/home.php
similarity index 78%
rename from home.php
rename to includes/home.php
index 5499ba9..cc378a2 100644
--- a/home.php
+++ b/includes/home.php
@@ -1,9 +1,9 @@
 <?php
+
 function home()
 {
-    global $configs;
+    global $connection;
 
-    $connection = new CustomDB($configs['host'], $configs['username'], $configs['password'], $configs['database']);
     $requete = "SELECT NumCl, NomCl, CodePosteCl, VilleCl FROM CLIENTS";
     $result = $connection->query($requete);
     echo "<table border=1>\n";
@@ -17,7 +17,6 @@ function home()
     }
     echo "</table>\n";
     $result->close();
-    $connection->close();
 }
 
 home();
diff --git a/includes/login.php b/includes/login.php
new file mode 100644
index 0000000..19c74da
--- /dev/null
+++ b/includes/login.php
@@ -0,0 +1,6 @@
+<form action="index.php" method="post">
+ <input type="hidden" name="form" value="login" />
+ <p> Email : <input type="text" name="email" /> </p>
+ <p> Mot de passe : <input type="password" name="password" /> </p>
+ <p> <input type="submit" value="Valider"> </p>
+</form>
diff --git a/includes/register.php b/includes/register.php
new file mode 100644
index 0000000..72b9884
--- /dev/null
+++ b/includes/register.php
@@ -0,0 +1,15 @@
+<form action="index.php" method="post">
+ <input type="hidden" name="form" value="register" />
+ <p> Nom  : <input type="text" name="name" /> </p>
+ <p> Pre&#769;nom : <input type="text" name="firstname" /> </p>
+ <p> Adresse : </p>
+ <p> Nume&#769;ro de rue : <input type="text" name="numstreet" />
+     Rue : <input type="text" name="street" />
+     Code postal : <input type="text" name="postalcode" />
+     Ville : <input type="text" name="town" />
+ </p>
+ <p> Email : <input type="text" name="email" /> </p>
+ <p> Mot de passe : <input type="password" name="password" /> </p>
+ <p> Confirnation du mot de passe : <input type="password" name="confirmpassword" /> </p>
+ <p> <input type="submit" value="Valider"> </p>
+</form>
diff --git a/search.php b/includes/search.php
similarity index 100%
rename from search.php
rename to includes/search.php
diff --git a/index.php b/index.php
index 9d22f3e..8bceb64 100644
--- a/index.php
+++ b/index.php
@@ -1,5 +1,5 @@
 <?php
-require('header.php');
+require('includes/header.php');
 
 include('lib/db.php');
 include('lib/utils.php');
@@ -9,6 +9,8 @@ include('lib/utils.php');
  */
 session_start();
 
+$connection = new CustomDB($configs['host'], $configs['username'], $configs['password'], $configs['database']);
+
 $page = filter_input(INPUT_GET, 'page', FILTER_SANITIZE_URL);
 $isPage = true;
 if (!isset($page)) {
@@ -40,17 +42,17 @@ function get_action_type() {
     }
 }
 
-function get_url_action() {
+function get_url_action($action_type) {
     global $page, $form;
 
-    if (get_action_type() === "page") {
+    if ($action_type === "page") {
         return $page;
-    } elseif (get_action_type() === "form") {
+    } elseif ($action_type === "form") {
         return $form;
-    } elseif (get_action_type() === "empty") {
+    } elseif ($action_type === "empty") {
         return "";
-    } elseif (get_action_type() === "unknown") {
-        die('Cannot get a valid action from URL parameters');
+    } elseif ($action_type === "unknown") {
+        die('Cannot get a valid action from URL parameters or form fields');
     }
 }
 
@@ -74,36 +76,42 @@ function validate_url_action($action_name)
     return $configs['actions'][0];
 }
 
-function display_action($action_name)
+function display_action($action_name, $action_type)
 {
-    global $configs, $isPage, $isForm;
+    global $configs;
+    $includes_rpath = 'includes';
 
     $found_action = false;
     foreach ($configs['actions'] as $action) {
         if (strcmp($action_name, $action) === 0) {
             // HTTP GET case
-            if (get_action_type() === "page" || get_action_type() === "empty") {
-                include($action . ".php");
+            if ($action_type === "page" || $action_type === "empty") {
+                include($includes_rpath . "/" . $action . ".php");
             // HTTP POST case
-            } elseif (get_action_type() === "form") {
-                include("form" . $action . ".php");
+            } elseif ($action_type === "form") {
+                include($includes_rpath . "/form" . $action . ".php");
             } else {
-                echo "Unknown error in action displaying";
+                echo "Unknown error in action displaying <br>";
             }
             $found_action = true;
             break;
         }
     }
     if (!$found_action) {
-        echo "Action to display do not exist";
+        echo "Action to display do not exist <br>";
     }
 }
 
-$url_action = get_url_action();
+//password_hash('12345678', PASSWORD_DEFAULT);
+
+$action_type = get_action_type();
+$url_action = get_url_action($action_type);
 $action = validate_url_action($url_action);
-display_action($action);
+display_action($action, $action_type);
+
+$connection->close();
 
 session_destroy();
 
-require('footer.html');
+require('includes/footer.html');
 ?>
diff --git a/lib/db.php b/lib/db.php
index 0f280a4..b548804 100644
--- a/lib/db.php
+++ b/lib/db.php
@@ -52,7 +52,7 @@ class CustomDB
     public function query($sql_query)
     {
         if ($this->connected && !($query_result = $this->connection->query($sql_query))) {
-            echo "Fail to execute the SQL query : " . $sql_query;
+            echo "Fail to execute the SQL query : " . $sql_query . "<br>";
         }
         return $query_result;
     }
@@ -68,7 +68,7 @@ class CustomDB
         if ($this->connected && !($this->current_stmt = $this->connection->prepare($this->current_pquery))) {
             // Empty the currently stored prepared query in the failure case
             $this->current_pquery = "";
-            echo "Fail to prepare SQL query : (" . $this->connection->errno . ") " . $this->connection->error . " - " . $this->current_pquery;
+            echo "Fail to prepare SQL query : (" . $this->connection->errno . ") " . $this->connection->error . " - " . $this->current_pquery . "<br>";
         }
         return $this->current_stmt;
     }
@@ -80,9 +80,10 @@ class CustomDB
      */
     public function prepared_query_bind_param(...$params)
     {
+        var_dump($params);
         $rt_val = $this->current_stmt->bind_param($params);
         if (!$rt_val) {
-            echo "Fail to link parameters to SQL query : (" . $this->current_stmt->errno . ") " . $this->current_stmt->error . " - " . $this->current_pquery;
+            echo "Fail to link parameters to SQL query : (" . $this->current_stmt->errno . ") " . $this->current_stmt->error . " - " . $this->current_pquery . "<br>";
         }
         return $rt_val;
     }
@@ -95,7 +96,7 @@ class CustomDB
     {
         $rt_val = $this->current_stmt->execute();
         if (!$rt_val) {
-            echo "Fail to execute SQL query : (" . $this->current_stmt->errno . ") " . $this->current_stmt->error . " - " . $this->current_pquery;
+            echo "Fail to execute SQL query : (" . $this->current_stmt->errno . ") " . $this->current_stmt->error . " - " . $this->current_pquery . "<br>";
         }
         return $rt_val;
     }
@@ -108,7 +109,7 @@ class CustomDB
     {
         $rt_val = $this->current_stmt->close();
         if (!$rt_val) {
-            echo "Fail to close SQL query : (" . $this->current_stmt->errno . ") " . $this->current_stmt->error . " - " . $this->current_pquery;
+            echo "Fail to close SQL query : (" . $this->current_stmt->errno . ") " . $this->current_stmt->error . " - " . $this->current_pquery . "<br>";
         }
         return $rt_val;
     }
diff --git a/login.php b/login.php
deleted file mode 100644
index e976fc9..0000000
--- a/login.php
+++ /dev/null
@@ -1,6 +0,0 @@
-<form action="index.php" method="post">
- <input type="hidden" name="form" value="login" />
- <p>Email : <input type="text" name="email" /></p>
- <p>Mot de passe : <input type="text" name="password" /></p>
- <p><input type="submit" value="OK"></p>
-</form>
diff --git a/register.php b/register.php
deleted file mode 100644
index e69de29..0000000
-- 
2.34.1