From f3e6508e8f27aa9b9d2ed4e5c732ec327b4d6437 Mon Sep 17 00:00:00 2001
From: "erucquoy@gmail.com" <erucquoy@gmail.com>
Date: Fri, 21 Oct 2022 15:48:23 +0200
Subject: [PATCH 1/2] update without story 4

---
 actions/create_user.php | 18 +++++++++
 actions/delete_user.php | 12 ++++++
 actions/update_user.php | 33 ++++++++++++++++-
 init/db.php             | 17 ++++++---
 update_form.php         | 16 +++++++-
 users.php               | 81 ++++++++++++++++++++++++++++++++++++++---
 6 files changed, 162 insertions(+), 15 deletions(-)

diff --git a/actions/create_user.php b/actions/create_user.php
index e9e68b3..bceb477 100644
--- a/actions/create_user.php
+++ b/actions/create_user.php
@@ -5,4 +5,22 @@
 // verifier les champs recu avec $_POST
 // Creer en BDD
 
+if (!isset($_POST['username'], $_POST['password'])) {
+    header('Location: ../users.php?error=create_user_empty');
+    die();
+}
+
+$username = $_POST['username'];
+$password = hash('sha256', $_POST['password']);
+
+if (strlen($username) < 2) {
+    header('Location: ../users.php?error=create_user_short_username');
+    die();
+}
+
+$stmt = $db->prepare('INSERT INTO users (username, password) VALUES(?, ?)');
+$stmt->execute([$username, $password]);
+
+header('Location: ../users.php?success_create=ok')
+
 ?>
diff --git a/actions/delete_user.php b/actions/delete_user.php
index df90370..7124f06 100644
--- a/actions/delete_user.php
+++ b/actions/delete_user.php
@@ -2,7 +2,19 @@
 
 require_once __DIR__ . '/../init/db.php';
 
+if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
+    header('Location: ../users.php?error=delete_not_numeric');
+    die();
+}
+
 // id de l'utilisateur a supprimer
 $id_to_delete = $_GET['id'];
 
+$stmt = $db->prepare('DELETE FROM users WHERE id = ?');
+$stmt->execute([
+    $id_to_delete
+]);
+
+header('Location: ../users.php?success_delete=' . $id_to_delete);
+
 ?>
diff --git a/actions/update_user.php b/actions/update_user.php
index e0e56bc..feacb2a 100644
--- a/actions/update_user.php
+++ b/actions/update_user.php
@@ -2,10 +2,39 @@
 
 require_once __DIR__ . '/../init/db.php';
 
-// id de l'utilisateur a mettre a jour
-$id_to_update = $_GET['id'];
+if (!isset($_GET['id'])) {
+    header('Location: ../users.php');
+    die();
+}
+
+$stmt = $db->prepare('SELECT * FROM users WHERE id = ?');
+$stmt->execute([$_GET['id']]);
+$user = $stmt->fetch();
+
+if (!$user) {
+    header('Location: ../users.php');
+    die();
+}
 
 // verifier les champs recu avec $_POST
 // Mettre a jour en BDD
 
+$password = $user['password'];
+if (isset($_POST['password'])) {
+    $password = hash('sha265', $_POST['password']);
+}
+$username = $user['username'];
+if (isset($_POST['username'])) {
+    $username = $_POST['username'];
+}
+
+$stmt = $db->prepare('UPDATE users SET username = ?, password = ? WHERE id = ?');
+$stmt->execute([
+    $username,
+    $password,
+    $_GET['id']
+]);
+
+header('Location: ../users.php?success_update=' . $_GET['id']);
+
 ?>
diff --git a/init/db.php b/init/db.php
index f3a41d8..af8b759 100644
--- a/init/db.php
+++ b/init/db.php
@@ -1,10 +1,15 @@
 <?php
-
+error_reporting(E_ALL);
+ini_set('display_errors', 1);
 // connexion a la DB
 
-$db = new PDO('mysql:...', 'root', '');
-
-// par défaut, les SELECT FROM  -> fetch et fetchAll recupere des tableaux associatifs
-// possible de recup des objets en changeant PDO::FETCH_ASSOC par PDO::FETCH_OBJ
-$db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
+try {
+    $db = new PDO('mysql:host=localhost;dbname=exo;', 'exo', 'exopassword');
 
+    // par défaut, les SELECT FROM  -> fetch et fetchAll recupere des tableaux associatifs
+    // possible de recup des objets en changeant PDO::FETCH_ASSOC par PDO::FETCH_OBJ
+    $db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
+}
+catch(PDOException $e) {
+    die('Cannot connect to DB');
+}
diff --git a/update_form.php b/update_form.php
index f34dc3b..83cd3b4 100644
--- a/update_form.php
+++ b/update_form.php
@@ -12,7 +12,14 @@
 }
 
 // Recuperer l'utilisateur a mettre a jour avec PDO et une requete SQL
-// $user = ...;
+$stmt = $db->prepare('SELECT * FROM users WHERE id = ?');
+$stmt->execute([$_GET['id']]);
+$user = $stmt->fetch();
+
+if (!$user) {
+    header('Location: users.php');
+    die();
+}
 ?>
 <!DOCTYPE html>
 <html lang="en">
@@ -24,6 +31,11 @@
 </head>
 <body>
     <!-- Afficher un formulaire avec les data de l'utilisateur -->
-    <!-- <input type="text" name="username" value="<?= /* $user['username'] */ ?>" -->
+    <form method="POST" action="actions/update_user.php?id=<?= $user['id'] ?>">
+        <input type="hidden" name="old_username" value="<?= $user['username'] ?>">
+        <input type="text" name="username" value="<?= $user['username'] ?>">
+        <input type="password" name="new_password" value="">
+        <input type="submit" value="Update now!">
+    </form>
 </body>
 </html>
diff --git a/users.php b/users.php
index ea105dc..8a6472a 100644
--- a/users.php
+++ b/users.php
@@ -8,11 +8,11 @@
 }
 
 // Story 0: request to find all username
-/*
-$stmt = ... 
+
+$stmt = $db->prepare('SELECT * FROM users');
 $stmt->execute();
 $users = $stmt->fetchAll();
-*/
+
 ?>
 <!DOCTYPE html>
 <html lang="en">
@@ -21,12 +21,83 @@
     <meta http-equiv="X-UA-Compatible" content="IE=edge">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>Liste des utilisateurs</title>
+    <style>
+        .flex-ct {
+            display: flex;
+            flex-direction: column;
+        }
+
+        .flex-row: {
+            margin-top: 20px;
+            margin-bottom: 20px;
+            display: row;
+        }
+
+        .flex-row a {
+            background-color: grey;
+            color: white;
+            padding: 3px;
+            margin: 3px;
+        }
+
+        .flex-row a:visited {
+            background-color: grey;
+            color: yellow;
+        }
+
+        .error {
+            background-color: red;
+        }
+
+        .success {
+            background-color: green;
+        }
+    </style>
 </head>
 <body>
+    <!-- Message erreur et success -->
+    <?php 
+    if (isset($_GET['success_delete'])) { ?>
+    <div class="flex-ct success">
+        <p>User deleted</p>
+    </div>
+    <?php
+    }
+    if (isset($_GET['success_create'])) { ?>
+    <div class="flex-ct success">
+        <p>User created</p>
+    </div>
+    <?php } ?>
+
+    <div>
+        <h2>Creer un user</h2>
+        <form method="POST" action="actions/create_user.php">
+            username: <input type="text" name="username" /><br />
+            password : <input type="password" name="password" /><br />
+            <input type="submit" value="Create now!">
+        </form>
+    </div>
+
     <!-- Input Search -->
-    <div></div>
+    <div>
+        <h2>Chercher un user</h2>
+        <form action="users.php" method="GET">
+            Username: <input type="text" name="id"><input type="submit" value="Search" />
+        </form>
+    </div>
 
     <!-- Table des Utilisateurs -->
-    <div></div>
+    <div class="flex-ct">
+        <h2>Tableau des users</h2>
+        <?php for($i = 0; $i < count($users); $i++) { ?>
+        <div class="flex-row">
+            <div>
+                User: <?= $users[$i]['username'] ?>
+                <a href="update_form.php?id=<?= $users[$i]['id'] ?>">Edit</a>
+                <a href="actions/delete_user.php?id=<?= $users[$i]['id'] ?>">Delete</a>
+            </div>
+        </div>
+        <?php } ?>
+    </div>
 </body>
 </html>

From d3a9fbd26bc1c6b4aff9ec4cfad9d1e2505495a6 Mon Sep 17 00:00:00 2001
From: "erucquoy@gmail.com" <erucquoy@gmail.com>
Date: Thu, 27 Oct 2022 10:52:43 +0200
Subject: [PATCH 2/2] JS help

---
 actions/create_user.php |  9 +++--
 sql/users.sql           | 86 +++++++++++++++++++++++++++++++++++++++++
 users.php               | 17 +++-----
 3 files changed, 98 insertions(+), 14 deletions(-)
 create mode 100644 sql/users.sql

diff --git a/actions/create_user.php b/actions/create_user.php
index bceb477..57c5a21 100644
--- a/actions/create_user.php
+++ b/actions/create_user.php
@@ -6,7 +6,8 @@
 // Creer en BDD
 
 if (!isset($_POST['username'], $_POST['password'])) {
-    header('Location: ../users.php?error=create_user_empty');
+    // header('Location: ../users.php?error=create_user_empty');
+    echo json_encode(['error' => 'empty_fields']); // {"error": "empty_fields"}
     die();
 }
 
@@ -14,13 +15,15 @@
 $password = hash('sha256', $_POST['password']);
 
 if (strlen($username) < 2) {
-    header('Location: ../users.php?error=create_user_short_username');
+    // header('Location: ../users.php?error=create_user_short_username');
+    echo json_encode(['error' => 'username_is_too_short']);
     die();
 }
 
 $stmt = $db->prepare('INSERT INTO users (username, password) VALUES(?, ?)');
 $stmt->execute([$username, $password]);
 
-header('Location: ../users.php?success_create=ok')
+// header('Location: ../users.php?success_create=ok')
+echo json_encode(['success' => 'ok']);
 
 ?>
diff --git a/sql/users.sql b/sql/users.sql
new file mode 100644
index 0000000..85a66ea
--- /dev/null
+++ b/sql/users.sql
@@ -0,0 +1,86 @@
+-- phpMyAdmin SQL Dump
+-- version 5.2.0
+-- https://www.phpmyadmin.net/
+--
+-- Host: localhost
+-- Generation Time: Oct 27, 2022 at 10:50 AM
+-- Server version: 10.3.34-MariaDB-0ubuntu0.20.04.1
+-- PHP Version: 7.4.3
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `exo`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `id` int(11) NOT NULL,
+  `username` varchar(255) NOT NULL,
+  `password` varchar(255) NOT NULL,
+  `created_at` datetime NOT NULL DEFAULT current_timestamp(),
+  `updated_at` datetime NOT NULL DEFAULT current_timestamp()
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`id`, `username`, `password`, `created_at`, `updated_at`) VALUES
+(4, 'test5', 'a140c0c1eda2def2b830363ba362aa4d7d255c262960544821f556e16661b6ff', '2022-10-21 15:32:04', '2022-10-21 15:32:04'),
+(5, 'test6', 'ed0cb90bdfa4f93981a7d03cff99213a86aa96a6cbcf89ec5e8889871f088727', '2022-10-21 15:32:08', '2022-10-21 15:32:08'),
+(6, 'test7', 'bd7c911264aae15b66d4291b6850829aa96986b1d3ead34d1fdbfef27056c112', '2022-10-21 15:32:11', '2022-10-21 15:32:11'),
+(7, 'test110', '23563039b0b8e23fdb5563593245f78d4a1c3ed6fd320835be50c56ef55c85e1', '2022-10-25 09:30:14', '2022-10-25 09:30:14'),
+(8, 'test120', 'b1798d017f7bdd0d0f8b5113ef1ce27e2bdcee2989bd6db9b2456e3390e846a7', '2022-10-25 09:45:01', '2022-10-25 09:45:01'),
+(9, 'test133', 'ad23ed9832d5432e03699647528aa511429c224959ff3c5f91bb0a0235ad5b8f', '2022-10-25 09:50:28', '2022-10-25 09:50:28'),
+(10, 'test134', 'ad23ed9832d5432e03699647528aa511429c224959ff3c5f91bb0a0235ad5b8f', '2022-10-25 09:51:50', '2022-10-25 09:51:50'),
+(11, 'test135', '791ad8e8bd458a75ee2c85459a021e6d0ae1c27c3573807fef99623e817f2e10', '2022-10-25 09:55:11', '2022-10-25 09:55:11'),
+(12, 'test136', 'bf3ed890dee9d08ce3549e83c4ac3ba233c8025070081bf0506a9a50716fa6bd', '2022-10-25 09:55:24', '2022-10-25 09:55:24'),
+(13, 'test137', '2c11d71ef09661204dcbb1aa987259aef95f53eafa6d807da9b583cfc6cb387a', '2022-10-25 09:55:33', '2022-10-25 09:55:33'),
+(14, 'test138', 'f29204004a73caa5e9fdc10176ddfd4cde537c5276fd2396d09b568bd76ae78b', '2022-10-25 09:56:37', '2022-10-25 09:56:37'),
+(15, 'test139', 'a8ec458e65c1a901def1abb623173842bad6201670b71e4ac494789091d51b55', '2022-10-25 09:57:39', '2022-10-25 09:57:39'),
+(16, 'test140', 'b445c39fefe7a43ea539c9f28d50c02bd8e9db1f15fbd7d39b49a854616e0747', '2022-10-25 09:59:35', '2022-10-25 09:59:35'),
+(17, 'test141', '29a24f09edc509f4f14a619ddfe6b74a68b496d0cf67f5a5d133bc2685a0de31', '2022-10-25 10:01:13', '2022-10-25 10:01:13'),
+(18, 'test142', '338c0605bab38900480ebcc7fb0651426cc26cd1732579f04b47f779a8962d83', '2022-10-25 10:09:03', '2022-10-25 10:09:03'),
+(19, 'test444', 'ca940482ee68082d127ae8f9755941eeefc1d332549b5f066201eb39db57613d', '2022-10-25 16:10:18', '2022-10-25 16:10:18'),
+(20, 'test445', 'e30868740b64ba106d0bf4e96c9d200ced2dad8527222df56e467dff9ba226a7', '2022-10-25 16:11:50', '2022-10-25 16:11:50'),
+(21, 'test888', '19039f03235dcbe6341e666c370bdad678cbad5fb0bfda3f1e99f801f7aa0300', '2022-10-27 09:36:09', '2022-10-27 09:36:09');
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `username` (`username`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=26;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/users.php b/users.php
index 8a6472a..2d1d49f 100644
--- a/users.php
+++ b/users.php
@@ -71,7 +71,7 @@
 
     <div>
         <h2>Creer un user</h2>
-        <form method="POST" action="actions/create_user.php">
+        <form method="POST" action="actions/create_user.php" id="create_user_form">
             username: <input type="text" name="username" /><br />
             password : <input type="password" name="password" /><br />
             <input type="submit" value="Create now!">
@@ -87,17 +87,12 @@
     </div>
 
     <!-- Table des Utilisateurs -->
-    <div class="flex-ct">
+    <div class="flex-ct" id="users-list">
         <h2>Tableau des users</h2>
-        <?php for($i = 0; $i < count($users); $i++) { ?>
-        <div class="flex-row">
-            <div>
-                User: <?= $users[$i]['username'] ?>
-                <a href="update_form.php?id=<?= $users[$i]['id'] ?>">Edit</a>
-                <a href="actions/delete_user.php?id=<?= $users[$i]['id'] ?>">Delete</a>
-            </div>
-        </div>
-        <?php } ?>
+        
     </div>
+
+    <!-- <script src="ajax.js"></script> -->
+    <script src="ajax2.js"></script>
 </body>
 </html>