Merge pull request #44 from ThomasRubini/manageuser

2023-01-20 19:14:06 +01:00 · 2023-01-20 19:14:06 +01:00 · 92c4cd94d3
commit 92c4cd94d3
parent 09c83cca97 8a5d6e4cfc
4 changed files with 88 additions and 0 deletions
--- a/Controllers/ManageUserController.php
+++ b/Controllers/ManageUserController.php
@ -0,0 +1,40 @@
+<?php
+
+final class ManageUserController
+{
+
+    public function defaultAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
+    {
+        self::searchAction($A_urlParams, $A_postParams, $A_getParams);
+    }
+
+    public function searchAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
+    {
+        Session::admin_or_die();
+        if (isset($A_getParams["query"])) {
+            self::searchQueryViewAction($A_urlParams, $A_postParams, $A_getParams);
+        } else {
+            self::searchViewAction($A_urlParams, $A_postParams, $A_getParams);
+        }
+    }
+    
+    private function searchViewAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
+    {
+        View::show("manageUser/search");
+    }
+    
+    private function searchQueryViewAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
+    {
+        $S_query = $A_getParams["query"];
+        
+        $O_userModel = new UserModel();
+        $A_results = $O_userModel->searchUsers($S_query);
+        
+        var_dump($A_results);
+        
+        echo "Terme de recherche choisi: $S_query";
+
+        View::show("manageUser/search");
+    }
+
+}
--- a/Kernel/Session.php
+++ b/Kernel/Session.php
@ -64,4 +64,15 @@ final class Session
            die();
        }
    }
+
+    public static function admin_or_die(){
+        Session::login_or_die();
+
+        $O_userModel = new UserModel();
+        if (!$O_userModel->isUserAdmin($_SESSION["ID"])) {
+            header("Location: /");
+            die();
+        }
+    }
+
 }
--- a/Models/UserModel.php
+++ b/Models/UserModel.php
@ -69,6 +69,18 @@ final class UserModel
        if ($row === false) return false;
        return $row["DISABLED"] !== 1;
    }
+
+    public function isUserAdmin($I_id)
+    {
+        $O_model = Model::get();
+        $stmt = $O_model->prepare("SELECT ADMIN FROM USER WHERE ID=:id");
+        $stmt->bindParam("id", $I_id);
+        $stmt->execute();
+        
+        $row = $stmt->fetch();
+        if ($row === false) return false;
+        return $row["ADMIN"] === 1;
+    }
    
    public function updateEmailByID($I_id, $S_newEmail){
        $O_model = Model::get();
@ -92,4 +104,22 @@ final class UserModel
        $stmt->bindParam("id", $I_id);
        $stmt->execute();
    }
+
+    public function searchUsers($S_query)
+    {
+        $O_model = Model::get();
+        $stmt = $O_model->prepare("
+        SELECT * FROM USER
+        WHERE USER.USERNAME LIKE :full_query
+        OR USER.EMAIL LIKE :full_query
+        LIMIT 10
+        ");
+        $S_full_query = "%".$S_query."%";
+        $stmt->bindParam("full_query", $S_full_query);
+        $stmt->execute();
+        
+        $rows = $stmt->fetchAll();
+        
+        return $rows;
+    }
 }
--- a/Views/manageUser/search.php
+++ b/Views/manageUser/search.php
@ -0,0 +1,7 @@
+<p> Default view </p>
+
+<p> Please search : </p>
+<form action="/manageUser/search" method="GET">
+    <input name="query">
+    <input type="submit" value="Chercher">
+</form>