Skip to content
Snippets Groups Projects
student_upload_file.php 2.56 KiB
Newer Older
  • Learn to ignore specific revisions
  • ZHANG David's avatar
    ZHANG David committed
    <?php
    include 'config.php';
    session_start();
    
    if (!isset($_SESSION['user']) || $_SESSION['user']['role'] !== 'student') {
        echo "<div class='container'><p class='error'>Access denied. Only students can upload files.</p><a href='login.php'>Go back</a></div>";
        exit;
    }
    
    $user = $_SESSION['user'];
    $student_name = $conn->real_escape_string($user['first_name']); // Récupération du nom de l'utilisateur connecté
    
    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $depot_id = intval($_POST['depot_id']);
        $nom_fichier = $conn->real_escape_string($_FILES['fichier']['name']);
        $target_dir = "uploads/";
        $target_file = $target_dir . basename($nom_fichier);
    
        if (move_uploaded_file($_FILES['fichier']['tmp_name'], $target_file)) {
            $sql = "INSERT INTO fichiers (depot_id, nom_fichier, path_fichier, expediteur) 
                    VALUES ('$depot_id', '$nom_fichier', '$target_file', '$student_name')";
            
            if ($conn->query($sql) === TRUE) {
                echo "<div class='container'><p class='success'>File uploaded successfully.</p><a href='welcome.php'>Go back</a></div>";
            } else {
                echo "<div class='container'><p class='error'>Error: " . htmlspecialchars($conn->error, ENT_QUOTES, 'UTF-8') . "</p><a href='student_upload_file.php'>Try again</a></div>";
            }
        } else {
            echo "<div class='container'><p class='error'>File upload failed.</p><a href='student_upload_file.php'>Try again</a></div>";
        }
    } else {
        $depots = $conn->query("SELECT * FROM depots");
    ?>
    <!DOCTYPE html>
    <html lang="en">
    <head>
        <meta charset="UTF-8">
        <meta name="viewport" content="width=device-width, initial-scale=1.0">
        <title>Dépots de fichiers</title>
        <link rel="stylesheet" href="style.css">
    </head>
    <body>
        <?php include 'sidebar.php'; ?>
    
        <div class="main-content">
            <div class="create-session-page">
                <h1>Déposer un fichier</h1>
                <form method="POST" enctype="multipart/form-data">
                    <label for="depot_id">Dépot sélectionné:</label>
                    <select name="depot_id" id="depot_id" required>
                        <?php while ($row = $depots->fetch_assoc()): ?>
                            <option value="<?= $row['id'] ?>"><?= htmlspecialchars($row['nom']) ?></option>
                        <?php endwhile; ?>
                    </select>
                    <label for="fichier">Choisir un fichier:</label>
                    <input type="file" name="fichier" id="fichier" required>
                    <button type="submit">Upload</button>
                </form>
            </div>
        </div>
    </body>
    </html>
    <?php } ?>