From fd9e25ca8c7092e86882ad8b26b35e5bb423f87f Mon Sep 17 00:00:00 2001
From: Thomas Rubini <74205383+ThomasRubini@users.noreply.github.com>
Date: Tue, 17 Jan 2023 16:49:16 +0100
Subject: [PATCH 1/8] create ManageUserController and admin-only access

---
 Controllers/ManageUserController.php | 25 +++++++++++++++++++++++++
 Models/UserModel.php                 | 12 ++++++++++++
 Views/manageruser/default.php        |  4 ++++
 3 files changed, 41 insertions(+)
 create mode 100644 Controllers/ManageUserController.php
 create mode 100644 Views/manageruser/default.php

diff --git a/Controllers/ManageUserController.php b/Controllers/ManageUserController.php
new file mode 100644
index 0000000..b0d3512
--- /dev/null
+++ b/Controllers/ManageUserController.php
@@ -0,0 +1,25 @@
+<?php
+
+final class ManageUserController
+{
+
+    public static function admin_or_die(){
+        Session::login_or_die();
+
+        $O_userModel = new UserModel();
+        if (!$O_userModel->isUserAdmin($_SESSION["ID"])) {
+            header("Location: /");
+            die();
+        }
+    }
+
+    public function defaultAction(Array $A_urlParams = null, Array $A_postParams = null)
+    {
+        self::admin_or_die();
+    }
+
+    public function searchAction(Array $A_urlParams = null, Array $A_postParams = null)
+    {
+        
+    }
+}
diff --git a/Models/UserModel.php b/Models/UserModel.php
index 43ff52d..6ad2eeb 100644
--- a/Models/UserModel.php
+++ b/Models/UserModel.php
@@ -69,6 +69,18 @@ final class UserModel
         if ($row === false) return false;
         return $row["DISABLED"] !== 1;
     }
+
+    public function isUserAdmin($I_id)
+    {
+        $O_model = Model::get();
+        $stmt = $O_model->prepare("SELECT ADMIN FROM USER WHERE ID=:id");
+        $stmt->bindParam("id", $I_id);
+        $stmt->execute();
+        
+        $row = $stmt->fetch();
+        if ($row === false) return false;
+        return $row["ADMIN"] === 1;
+    }
     
     public function updateEmailByID($I_id, $S_newEmail){
         $O_model = Model::get();
diff --git a/Views/manageruser/default.php b/Views/manageruser/default.php
new file mode 100644
index 0000000..c7fa839
--- /dev/null
+++ b/Views/manageruser/default.php
@@ -0,0 +1,4 @@
+<p> Default view </p>
+
+<p> Please search : </p>
+<input> </input>
\ No newline at end of file

From b29039418142369b77da8ffc91667366c2af0585 Mon Sep 17 00:00:00 2001
From: Thomas Rubini <74205383+ThomasRubini@users.noreply.github.com>
Date: Tue, 17 Jan 2023 17:15:59 +0100
Subject: [PATCH 2/8] start to make manageUser/search

---
 Controllers/ManageUserController.php | 12 +++++++++++-
 Views/manageUser/default.php         |  7 +++++++
 Views/manageruser/default.php        |  4 ----
 3 files changed, 18 insertions(+), 5 deletions(-)
 create mode 100644 Views/manageUser/default.php
 delete mode 100644 Views/manageruser/default.php

diff --git a/Controllers/ManageUserController.php b/Controllers/ManageUserController.php
index b0d3512..26f7947 100644
--- a/Controllers/ManageUserController.php
+++ b/Controllers/ManageUserController.php
@@ -13,13 +13,23 @@ final class ManageUserController
         }
     }
 
+    private function getOrDie($DICT, $key)
+    {
+        if (isset($DICT[$key])) return $DICT[$key];
+        else die("Key $key not present");
+    }
+
     public function defaultAction(Array $A_urlParams = null, Array $A_postParams = null)
     {
         self::admin_or_die();
+
+        return View::show("manageUser/default");
     }
 
     public function searchAction(Array $A_urlParams = null, Array $A_postParams = null)
     {
-        
+        self::admin_or_die();
+        $S_search = self::getOrDie($_POST, "search");
+        echo "Terme de recherche choisi: $S_search";
     }
 }
diff --git a/Views/manageUser/default.php b/Views/manageUser/default.php
new file mode 100644
index 0000000..b46b186
--- /dev/null
+++ b/Views/manageUser/default.php
@@ -0,0 +1,7 @@
+<p> Default view </p>
+
+<p> Please search : </p>
+<form action="/manageUser/search" method="POST">
+    <input name="search">
+    <input type="submit" value="Chercher">
+</form>
diff --git a/Views/manageruser/default.php b/Views/manageruser/default.php
deleted file mode 100644
index c7fa839..0000000
--- a/Views/manageruser/default.php
+++ /dev/null
@@ -1,4 +0,0 @@
-<p> Default view </p>
-
-<p> Please search : </p>
-<input> </input>
\ No newline at end of file

From 637782f9071657add9f8163410a2d1e9307d5682 Mon Sep 17 00:00:00 2001
From: Thomas Rubini <74205383+ThomasRubini@users.noreply.github.com>
Date: Fri, 20 Jan 2023 18:42:20 +0100
Subject: [PATCH 3/8] refactor admin checking function to Session

---
 Controllers/ManageUserController.php | 15 +++------------
 Kernel/Session.php                   | 11 +++++++++++
 2 files changed, 14 insertions(+), 12 deletions(-)

diff --git a/Controllers/ManageUserController.php b/Controllers/ManageUserController.php
index 26f7947..3e32b3a 100644
--- a/Controllers/ManageUserController.php
+++ b/Controllers/ManageUserController.php
@@ -3,16 +3,6 @@
 final class ManageUserController
 {
 
-    public static function admin_or_die(){
-        Session::login_or_die();
-
-        $O_userModel = new UserModel();
-        if (!$O_userModel->isUserAdmin($_SESSION["ID"])) {
-            header("Location: /");
-            die();
-        }
-    }
-
     private function getOrDie($DICT, $key)
     {
         if (isset($DICT[$key])) return $DICT[$key];
@@ -21,14 +11,15 @@ final class ManageUserController
 
     public function defaultAction(Array $A_urlParams = null, Array $A_postParams = null)
     {
-        self::admin_or_die();
+        Session::admin_or_die();
 
         return View::show("manageUser/default");
     }
 
     public function searchAction(Array $A_urlParams = null, Array $A_postParams = null)
     {
-        self::admin_or_die();
+        Session::admin_or_die();
+        
         $S_search = self::getOrDie($_POST, "search");
         echo "Terme de recherche choisi: $S_search";
     }
diff --git a/Kernel/Session.php b/Kernel/Session.php
index ed67da9..cc70040 100644
--- a/Kernel/Session.php
+++ b/Kernel/Session.php
@@ -64,4 +64,15 @@ final class Session
             die();
         }
     }
+
+    public static function admin_or_die(){
+        Session::login_or_die();
+
+        $O_userModel = new UserModel();
+        if (!$O_userModel->isUserAdmin($_SESSION["ID"])) {
+            header("Location: /");
+            die();
+        }
+    }
+
 }

From f7e0f5885f7efacd6bb8963fa84be1b8b179ba55 Mon Sep 17 00:00:00 2001
From: Thomas Rubini <74205383+ThomasRubini@users.noreply.github.com>
Date: Fri, 20 Jan 2023 18:42:40 +0100
Subject: [PATCH 4/8] use Kernel Utils getOrDie function

---
 Controllers/ManageUserController.php | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/Controllers/ManageUserController.php b/Controllers/ManageUserController.php
index 3e32b3a..f0295a4 100644
--- a/Controllers/ManageUserController.php
+++ b/Controllers/ManageUserController.php
@@ -3,12 +3,6 @@
 final class ManageUserController
 {
 
-    private function getOrDie($DICT, $key)
-    {
-        if (isset($DICT[$key])) return $DICT[$key];
-        else die("Key $key not present");
-    }
-
     public function defaultAction(Array $A_urlParams = null, Array $A_postParams = null)
     {
         Session::admin_or_die();
@@ -19,8 +13,8 @@ final class ManageUserController
     public function searchAction(Array $A_urlParams = null, Array $A_postParams = null)
     {
         Session::admin_or_die();
-        
-        $S_search = self::getOrDie($_POST, "search");
+
+        $S_search = Utils::getOrDie($_POST, "search");
         echo "Terme de recherche choisi: $S_search";
     }
 }

From 3361babf0533e6e20ae8e9ad251697b33620913f Mon Sep 17 00:00:00 2001
From: Thomas Rubini <74205383+ThomasRubini@users.noreply.github.com>
Date: Fri, 20 Jan 2023 18:52:04 +0100
Subject: [PATCH 5/8] finish controller manageUser/search

---
 Controllers/ManageUserController.php | 18 ++++++++++++++++--
 Views/manageUser/default.php         |  4 ++--
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/Controllers/ManageUserController.php b/Controllers/ManageUserController.php
index f0295a4..b082b3c 100644
--- a/Controllers/ManageUserController.php
+++ b/Controllers/ManageUserController.php
@@ -10,11 +10,25 @@ final class ManageUserController
         return View::show("manageUser/default");
     }
 
-    public function searchAction(Array $A_urlParams = null, Array $A_postParams = null)
+    public function searchAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
     {
         Session::admin_or_die();
+        if (isset($A_getParams["query"])) {
+            self::searchQueryViewAction($A_urlParams, $A_postParams, $A_getParams);
+        } else {
+            self::searchViewAction($A_urlParams, $A_postParams, $A_getParams);
+        }
+    }
+    
+    private function searchViewAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
+    {
 
-        $S_search = Utils::getOrDie($_POST, "search");
+    }
+    
+    private function searchQueryViewAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
+    {
+        $S_search = $A_getParams["query"];
         echo "Terme de recherche choisi: $S_search";
     }
+
 }
diff --git a/Views/manageUser/default.php b/Views/manageUser/default.php
index b46b186..ebea856 100644
--- a/Views/manageUser/default.php
+++ b/Views/manageUser/default.php
@@ -1,7 +1,7 @@
 <p> Default view </p>
 
 <p> Please search : </p>
-<form action="/manageUser/search" method="POST">
-    <input name="search">
+<form action="/manageUser/search" method="GET">
+    <input name="query">
     <input type="submit" value="Chercher">
 </form>

From 9b0013ba9fbd6771ad45976d28225c04986593fd Mon Sep 17 00:00:00 2001
From: Thomas Rubini <74205383+ThomasRubini@users.noreply.github.com>
Date: Fri, 20 Jan 2023 19:08:22 +0100
Subject: [PATCH 6/8]  use model for ManageUser search action

---
 Controllers/ManageUserController.php | 10 ++++++++--
 Models/UserModel.php                 | 18 ++++++++++++++++++
 2 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/Controllers/ManageUserController.php b/Controllers/ManageUserController.php
index b082b3c..7480766 100644
--- a/Controllers/ManageUserController.php
+++ b/Controllers/ManageUserController.php
@@ -27,8 +27,14 @@ final class ManageUserController
     
     private function searchQueryViewAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
     {
-        $S_search = $A_getParams["query"];
-        echo "Terme de recherche choisi: $S_search";
+        $S_query = $A_getParams["query"];
+
+        $O_userModel = new UserModel();
+        $A_results = $O_userModel->searchUsers($S_query);
+
+        var_dump($A_results);
+
+        echo "Terme de recherche choisi: $S_query";
     }
 
 }
diff --git a/Models/UserModel.php b/Models/UserModel.php
index 6ad2eeb..55c9f10 100644
--- a/Models/UserModel.php
+++ b/Models/UserModel.php
@@ -104,4 +104,22 @@ final class UserModel
         $stmt->bindParam("id", $I_id);
         $stmt->execute();
     }
+
+    public function searchUsers($S_query)
+    {
+        $O_model = Model::get();
+        $stmt = $O_model->prepare("
+        SELECT * FROM USER
+        WHERE USER.USERNAME LIKE :full_query
+        OR USER.EMAIL LIKE :full_query
+        LIMIT 10
+        ");
+        $S_full_query = "%".$S_query."%";
+        $stmt->bindParam("full_query", $S_full_query);
+        $stmt->execute();
+        
+        $rows = $stmt->fetchAll();
+        
+        return $rows;
+    }
 }

From 58e47ccb9464c5516c8b498d380a51fe63eac3a1 Mon Sep 17 00:00:00 2001
From: Thomas Rubini <74205383+ThomasRubini@users.noreply.github.com>
Date: Fri, 20 Jan 2023 19:09:01 +0100
Subject: [PATCH 7/8] refactor view manageUser/default to manageUser/search

---
 Controllers/ManageUserController.php         | 2 +-
 Views/manageUser/{default.php => search.php} | 0
 2 files changed, 1 insertion(+), 1 deletion(-)
 rename Views/manageUser/{default.php => search.php} (100%)

diff --git a/Controllers/ManageUserController.php b/Controllers/ManageUserController.php
index 7480766..ceece2f 100644
--- a/Controllers/ManageUserController.php
+++ b/Controllers/ManageUserController.php
@@ -7,7 +7,7 @@ final class ManageUserController
     {
         Session::admin_or_die();
 
-        return View::show("manageUser/default");
+        return View::show("manageUser/search");
     }
 
     public function searchAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
diff --git a/Views/manageUser/default.php b/Views/manageUser/search.php
similarity index 100%
rename from Views/manageUser/default.php
rename to Views/manageUser/search.php

From 8a5d6e4cfcb069b2e8a78cc6dd59ea814164fb13 Mon Sep 17 00:00:00 2001
From: Thomas Rubini <74205383+ThomasRubini@users.noreply.github.com>
Date: Fri, 20 Jan 2023 19:11:03 +0100
Subject: [PATCH 8/8] Alias default action to search action in ManagerUser
 controller

---
 Controllers/ManageUserController.php | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/Controllers/ManageUserController.php b/Controllers/ManageUserController.php
index ceece2f..4695201 100644
--- a/Controllers/ManageUserController.php
+++ b/Controllers/ManageUserController.php
@@ -3,11 +3,9 @@
 final class ManageUserController
 {
 
-    public function defaultAction(Array $A_urlParams = null, Array $A_postParams = null)
+    public function defaultAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
     {
-        Session::admin_or_die();
-
-        return View::show("manageUser/search");
+        self::searchAction($A_urlParams, $A_postParams, $A_getParams);
     }
 
     public function searchAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
@@ -22,19 +20,21 @@ final class ManageUserController
     
     private function searchViewAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
     {
-
+        View::show("manageUser/search");
     }
     
     private function searchQueryViewAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
     {
         $S_query = $A_getParams["query"];
-
+        
         $O_userModel = new UserModel();
         $A_results = $O_userModel->searchUsers($S_query);
-
+        
         var_dump($A_results);
-
+        
         echo "Terme de recherche choisi: $S_query";
+
+        View::show("manageUser/search");
     }
 
 }