Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
<?php
include 'config.php';
session_start();
if (!isset($_SESSION['user']) || $_SESSION['user']['role'] !== 'student') {
echo "<div class='container'><p class='error'>Access denied. Only students can upload files.</p><a href='login.php'>Go back</a></div>";
exit;
}
$user = $_SESSION['user'];
$student_name = $conn->real_escape_string($user['first_name']); // Récupération du nom de l'utilisateur connecté
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$depot_id = intval($_POST['depot_id']);
$nom_fichier = $conn->real_escape_string($_FILES['fichier']['name']);
$target_dir = "uploads/";
$target_file = $target_dir . basename($nom_fichier);
if (move_uploaded_file($_FILES['fichier']['tmp_name'], $target_file)) {
$sql = "INSERT INTO fichiers (depot_id, nom_fichier, path_fichier, expediteur)
VALUES ('$depot_id', '$nom_fichier', '$target_file', '$student_name')";
if ($conn->query($sql) === TRUE) {
echo "<div class='container'><p class='success'>File uploaded successfully.</p><a href='welcome.php'>Go back</a></div>";
} else {
echo "<div class='container'><p class='error'>Error: " . htmlspecialchars($conn->error, ENT_QUOTES, 'UTF-8') . "</p><a href='student_upload_file.php'>Try again</a></div>";
}
} else {
echo "<div class='container'><p class='error'>File upload failed.</p><a href='student_upload_file.php'>Try again</a></div>";
}
} else {
$depots = $conn->query("SELECT * FROM depots");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Dépots de fichiers</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
<?php include 'sidebar.php'; ?>
<div class="main-content">
<div class="create-session-page">
<h1>Déposer un fichier</h1>
<form method="POST" enctype="multipart/form-data">
<label for="depot_id">Dépot sélectionné:</label>
<select name="depot_id" id="depot_id" required>
<?php while ($row = $depots->fetch_assoc()): ?>
<option value="<?= $row['id'] ?>"><?= htmlspecialchars($row['nom']) ?></option>
<?php endwhile; ?>
</select>
<label for="fichier">Choisir un fichier:</label>
<input type="file" name="fichier" id="fichier" required>
<button type="submit">Upload</button>
</form>
</div>
</div>
</body>
</html>
<?php } ?>