From 30ca31ed2bbcdd725cc914a046a287d0606887f5 Mon Sep 17 00:00:00 2001
From: Poty Thomas <thomaspoty6@gmail.com>
Date: Mon, 8 Jun 2026 16:04:21 +0200
Subject: [PATCH] =?UTF-8?q?ajout=20de=20la=20foction=20de=20la=20s=C3=A9pa?=
 =?UTF-8?q?ration=20des=20pages=20selon=20les=20r=C3=B4les?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 controllers/auth_ctrl2.php  | 16 ++++++-
 controllers/auth_ctrl2.php~ | 15 +++----
 index.php                   |  6 ++-
 index.php~                  | 85 +++++++++++++++++++++++++++++++++++++
 models/connection.php       |  2 +-
 models/connection.php~      |  4 +-
 models/user_crud.php        |  6 +--
 models/user_crud.php~       | 16 +++++++
 8 files changed, 131 insertions(+), 19 deletions(-)
 create mode 100644 index.php~
 create mode 100644 models/user_crud.php~

diff --git a/controllers/auth_ctrl2.php b/controllers/auth_ctrl2.php
index 875b914..00ddfc7 100644
--- a/controllers/auth_ctrl2.php
+++ b/controllers/auth_ctrl2.php
@@ -22,7 +22,21 @@ function verify_login_ctrl(?string $route) {
         session_regenerate_id(true);
         $_SESSION['login'] = $user['login'];
         $_SESSION['role']  = $user['type'];
-        header('Location: index.php?route=' . $route);
+        if ($route) {
+    header('Location: index.php?route=' . $route);
+} else {
+    switch ($user['type']) {
+        case 'admin':
+            header('Location: index.php?route=admin');
+            break;
+        case 'lecteur':
+            header('Location: index.php?route=operations');
+            break;
+        default:
+            header('Location: index.php');
+            break;
+    }
+}
         exit;
     } else {
         echo 'Erreur d\'authentification.';
diff --git a/controllers/auth_ctrl2.php~ b/controllers/auth_ctrl2.php~
index 22bf620..875b914 100644
--- a/controllers/auth_ctrl2.php~
+++ b/controllers/auth_ctrl2.php~
@@ -1,11 +1,9 @@
 <?php
-
 function login_ctrl() {
     $ask_route = null;
     if (isset($_GET['ask'])) {
         $ask_route = htmlentities($_GET['ask']);
     }
-
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         verify_login_ctrl($ask_route);
     } else {
@@ -14,18 +12,14 @@ function login_ctrl() {
 }
 
 function verify_login_ctrl(?string $route) {
+    require('models/connection.php');
+    require('models/user_crud.php');
     $login  = isset($_POST['login']) ? htmlentities($_POST['login']) : '';
     $passwd = isset($_POST['password']) ? $_POST['password'] : '';
-    
-    require('models/connection.php');
-	 require('models/user_crud.php');
-	
     $c = connection();
     $user = recuperation_auth($c, $login);
-
-    
-
     if ($user && password_verify($passwd, $user['passwd'])) {
+        session_regenerate_id(true);
         $_SESSION['login'] = $user['login'];
         $_SESSION['role']  = $user['type'];
         header('Location: index.php?route=' . $route);
@@ -42,7 +36,8 @@ function login_form_ctrl(?string $route) {
 }
 
 function logout_ctrl() {
-    unset($_SESSION);
+    session_unset();
     session_destroy();
+    setcookie(session_name(), '', time() - 3600, '/');
     require('views/welcome_view.php');
 }
diff --git a/index.php b/index.php
index c0d7d6a..035c89b 100644
--- a/index.php
+++ b/index.php
@@ -28,11 +28,13 @@
 
     
         case null:
-            require('views/welcome_view.php');
+            require('views/login_views.php');
+            login_form_view($route);
             break;
 
         case '':
-            require('views/welcome_view.php');
+            require('views/login_views.php');
+            login_form_view($route);
             break;
             
         case 'auth':
diff --git a/index.php~ b/index.php~
new file mode 100644
index 0000000..fd82f21
--- /dev/null
+++ b/index.php~
@@ -0,0 +1,85 @@
+<?php
+    /**
+     * The front controller
+     * Vincent Verdon - 20240604
+     */
+
+    
+    //Loads some functions for session managment and starts the session
+    require('controllers/auth_utilities.php');
+    session_start();
+    //var_dump($_SESSION);
+    
+    //Erreurs à afficher SEULEMENT en phase de développement !
+    error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED);
+    ini_set('display_errors', 1);
+    
+    //The requested route
+    $route = null;
+    if (isset($_GET['route'])) {
+        $route = 'invalid';
+        if (preg_match('#^[a-zA-Z0-9 _]*$#', $_GET['route'])) {
+            $route = $_GET['route'];
+        }
+    }
+    
+    //We switch to the good controller
+    switch ($route) {
+
+    
+        case null:
+            require('views/login_views.php');
+            break;
+
+        case '':
+            require('views/login_views.php');
+            break;
+            
+        case 'auth':
+            require('controllers/auth_ctrl2.php');
+            login_ctrl();
+            break;
+
+        case 'logout':
+            require('controllers/auth_ctrl2.php');
+            logout_ctrl();
+            break;
+
+        case 'add_utilisateurs_form':
+            require('controllers/utilisateur_ctrl.php');
+            add_utilisateurs_form_ctrl();
+            break;
+
+        case 'add_utilisateurs':
+             require('controllers/utilisateur_ctrl.php');
+            add_utilisateurs_write_ctrl();
+            break;
+
+        case 'modif_utilisateurs_form':
+            require('controllers/modif_compte_ctrl.php');
+            modif_utilisateurs_form_ctrl();
+            break;
+
+        case 'modif_utilisateurs':
+            require('controllers/modif_compte_ctrl.php');
+            modif_utilisateurs_write_ctrl();
+            break;
+
+        case 'operations':
+            require('controllers/operation_ctrl.php');
+            operations_form_ctrl();
+            break;
+
+        case 'lecture':
+            require('views/lecture_page.php');
+            break;
+
+        case 'lecture_ctrl':
+            require('controllers/lecture_page_ctrl.php');
+            break;
+
+        default:
+            require('views/404_view.php');
+            break;
+            
+    }
diff --git a/models/connection.php b/models/connection.php
index d6afbab..2bf9045 100644
--- a/models/connection.php
+++ b/models/connection.php
@@ -6,7 +6,7 @@
  */
 function connection() {
     //Loads config from file config.php
-    require('config/config.php');
+    require_once('config/config.php');
     
     //Db connection
     $connex = new PDO('mysql:host=' . HOST . ';dbname=' . DB,USER , PASSWORD);
diff --git a/models/connection.php~ b/models/connection.php~
index 22116bc..2bf9045 100644
--- a/models/connection.php~
+++ b/models/connection.php~
@@ -6,9 +6,9 @@
  */
 function connection() {
     //Loads config from file config.php
-    require('config/config.php');
+    require_once('config/config.php');
     
     //Db connection
     $connex = new PDO('mysql:host=' . HOST . ';dbname=' . DB,USER , PASSWORD);
     return $connex;
-}
\ No newline at end of file
+}
diff --git a/models/user_crud.php b/models/user_crud.php
index 54969c3..ef00b2f 100644
--- a/models/user_crud.php
+++ b/models/user_crud.php
@@ -2,12 +2,12 @@
 
 
 
-function recuperation_auth(PDO $connex, int $id):array {
-	 require('config/config.php');
+function recuperation_auth(PDO $connex, string $login):array {
+	 require_once('config/config.php');
     $req = "SELECT login, passwd, type FROM Utilisateur WHERE login = :login";
     
     $prep = $connex->prepare($req);
-    $prep->bindValue(':id', $id);
+    $prep->bindValue(':login', $login);
     $prep->execute();
     $auth = $prep->fetch(PDO::FETCH_ASSOC);
     $prep->closeCursor();
diff --git a/models/user_crud.php~ b/models/user_crud.php~
new file mode 100644
index 0000000..7d36bc9
--- /dev/null
+++ b/models/user_crud.php~
@@ -0,0 +1,16 @@
+<?php
+
+
+
+function recuperation_auth(PDO $connex, string $login):array {
+	 require('config/config.php');
+    $req = "SELECT login, passwd, type FROM Utilisateur WHERE login = :login";
+    
+    $prep = $connex->prepare($req);
+    $prep->bindValue(':login', $login);
+    $prep->execute();
+    $auth = $prep->fetch(PDO::FETCH_ASSOC);
+    $prep->closeCursor();
+    return $auth;
+ }
+  
\ No newline at end of file