appnotes/gestion_etudiant.php at master · Blue-B-code/appnotes · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
<?php
session_start();
require_once "config/database.php";
require_once "models/Etudiant.php";
require_once "auth_check.php";
require_once "models/Classe.php";

// Vérifier si l'utilisateur est connecté et est un admin
if (!isset($_SESSION['user_id']) || !isset($_SESSION['user_type']) || $_SESSION['user_type'] != 'admin') {
    $_SESSION['redirect_url'] = $_SERVER['PHP_SELF'];
    header("Location: login.php");
    exit();
}

$database = new Database();
$db = $database->getConnection();
$etudiant = new Etudiant($db);
$class = new Classe($db);
$etab = $_SESSION['etab'] ?? '';
$isSuperAdmin = $_SESSION['is_super_admin'] ?? 0;
$message = '';
$error = '';


//Traitement du formulaire d'ajout/modification
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    if (isset($_POST['action'])) {
        // Vérifier le jeton CSRF
        if (!isset($_POST['csrf_token']) || $_POST['csrf_token'] != $_SESSION['csrf_token']) {
            $error = "Erreur de sécurité. Veuillez réessayer.";
        } else {
            $etudiant->etab = $_SESSION['etab'];

            if ($_POST['action'] === 'add') {
                $etudiant->nom = trim($_POST['nom']) ?? '';
                $etudiant->prenom = trim($_POST['prenom']) ?? '';
                $etudiant->classe = trim($_POST['classe']) ?? '';
                if ($etudiant->exists($etudiant->nom, $etudiant->prenom)) {
                    $error = "Cet etudiant existe déjà.";
                } else {
                    if ($etudiant->create()) {
                        $message = "Etudiant ajouté avec succès.";
                    } else {
                        $error = "Une erreur est survenue lors de l'ajout de l'etudiant.";
                    }
                }
            } elseif ($_POST['action'] === 'edit' && isset($_POST['id'])) {
                $etudiant->nom = trim($_POST['nom']) ?? '';
                $etudiant->prenom = trim($_POST['prenom']) ?? '';
                $etudiant->classe = trim($_POST['classe']) ?? '';
                $etudiant->id = $_POST['id'];
                if ($etudiant->update()) {
                    $message = "Etudiant mise à jour avec succès.";
                } else {
                    $error = "Une erreur est survenue lors de la mise à jour de l'etudiant.";
                }
            } elseif ($_POST['action'] === 'delete' && isset($_POST['id'])) {
                $id = $_POST['id'];
                if ($etudiant->delete($id)) {
                    $message = "Etudiant supprimé avec succès.";
                } else {
                    $error = "Une erreur est survenue lors de la suppression de l'etudiant.";
                }
            }
        }
    }
}

// Générer un nouveau jeton CSRF
if (!isset($_SESSION['csrf_token'])) {
    $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}

if ($isSuperAdmin) {
    $etudiants = $etudiant->readAll();
} else {
    $etudiants = $etudiant->readByEtab($etab);
}
// Récupérer la liste des classes
$classes = $class->readAll();
?>

<!DOCTYPE html>
<html lang="fr">
<head>
    <meta charset="UTF-8">
    <title>Ajouter un Étudiant</title>
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet">
    <link href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css" rel="stylesheet">
</head>
<body>
    <?php include('header.php'); ?>

    <div class="container mt-4">
        <div class="card">
            <div class="card-header bg-primary text-white d-flex justify-content-between align-items-center">
                <h1 class="h3 mb-0">Gestion des Étudiants</h1>
            </div>
            <div class="card-body">
                <?php if ($message): ?>
                    <div class="alert alert-success"><?php echo htmlspecialchars($message); ?></div>
                <?php endif; ?>

                <?php if ($error): ?>
                    <div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div>
                <?php endif; ?>

                <form method="POST" class="mb-4">
                    <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>">
                    <input type="hidden" name="action" value="add">
                    <div class="row g-3">
                        <div class="col-md-4">
                            <input type="text" name="nom" class="form-control" placeholder="Nom" required>
                        </div>
                        <div class="col-md-4">
                            <input type="text" name="prenom" class="form-control" placeholder="Prenom" required>
                        </div>
                        <div class="col-md-4">
                            <select name="classe" id="classe" class="form-select" required>
                                <option value="">Sélectionner une classe</option>
                                <?php foreach ($classes as $classe): ?>
                                    <option value="<?php echo htmlspecialchars($classe['classe']); ?>">
                                        <?php echo htmlspecialchars($classe['classe']); ?>
                                    </option>
                                <?php endforeach; ?>
                            </select>
                        </div>
                        <div class="col-md-3">
                            <button type="submit" class="btn btn-primary w-100">
                                <i class="bi bi-plus-circle"></i> Ajouter un Étudiant
                            </button>
                        </div>
                    </div>
                </form>
            </div>
            <div class="card">
                <div class="card-header bg-light">
                    <h2 class="h4 mb-0">Liste des Étudiants</h2>
                </div>
                <div class="card-body">
                    <div class="table-responsive">
                        <table class="table table-striped table-hover">
                            <thead>
                                <tr>
                                <th>Nom</th>
                                <th>Prénom</th>
                                <th>Classe</th>
                                <?php if ($isSuperAdmin): ?>
                                    <th>Établissement</th>
                                <?php endif; ?>
                                <th>Actions</th>
                            </tr>
                        </thead>
                        <tbody>
                            <?php while ($row = $etudiants->fetch(PDO::FETCH_ASSOC)): ?>
                                <tr>
                                    <td><?php echo htmlspecialchars($row['nom']); ?></td>
                                    <td><?php echo htmlspecialchars($row['prenom']); ?></td>
                                    <td><?php echo htmlspecialchars($row['classe']); ?></td>
                                    <?php if ($isSuperAdmin): ?>
                                        <td><?php echo htmlspecialchars($row['etab']); ?></td>
                                    <?php endif; ?>
                                    <td>
                                        <a href="voir_notes.php?id=<?php echo $row['id']; ?>" class="btn btn-primary btn-sm">
                                            <i class="bi bi-eye"></i> Voir les notes
                                        </a>
                                        <form method="POST" class="d-inline">
                                            <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>">
                                            <input type="hidden" name="action" value="edit">
                                            <input type="hidden" name="id" value="<?php echo $row['id']; ?>">
                                            <div class="btn-group">
                                                <button type="button" class="btn btn-sm btn-outline-primary" data-bs-toggle="modal" data-bs-target="#editModal<?php echo $row['id']; ?>">
                                                    <i class="bi bi-pencil"></i> Modifier
                                                </button>
                                            </div>
                                        </form>
                                        <form method="POST" onsubmit="return confirmDelete()" class="d-inline">
                                            <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>">
                                            <input type="hidden" name="action" value="delete">
                                            <input type="hidden" name="id" value="<?php echo $row['id']; ?>">
                                            <div class="btn-group">
                                                <button type="submit" id="deleteBtn" class="btn btn-sm btn-outline-danger">
                                                    <i class="bi bi-trash"></i> Supprimer
                                                </button>
                                            </div>
                                        </form>
                                    </td>
                                </tr>

                                <!-- Modal pour modification -->
                                <div class="modal fade" id="editModal<?php echo $row['id']; ?>" tabindex="-1">
                                    <div class="modal-dialog">
                                        <div class="modal-content">
                                            <div class="modal-header">
                                                <h5 class="modal-title">Modifier l'étudiant</h5>
                                                <button type="button" class="btn-close" data-bs-dismiss="modal"></button>
                                            </div>
                                            <form method="POST">
                                                <div class="modal-body">
                                                    <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>">
                                                    <input type="hidden" name="action" value="edit">
                                                    <input type="hidden" name="id" value="<?php echo $row['id']; ?>">
                                                    <div class="mb-3">
                                                        <label class="form-label">nom</label>
                                                        <input type="text" name="nom" class="form-control" value="<?php echo htmlspecialchars($row['nom']); ?>" required>
                                                    </div>
                                                    <div class="mb-3">
                                                        <label class="form-label">prenom</label>
                                                        <input type="text" name="prenom" class="form-control" value="<?php echo htmlspecialchars($row['prenom']); ?>" required>
                                                    </div>
                                                    <div class="mb-3">
                                                        <label class="form-label">classe</label>
                                                        <input type="text" name="classe" class="form-control" value="<?php echo htmlspecialchars($row['classe']); ?>" required>
                                                    </div>
                                                </div>
                                                <div class="modal-footer">
                                                    <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Annuler</button>
                                                    <button type="submit" class="btn btn-primary">Enregistrer</button>
                                                </div>
                                            </form>
                                        </div>
                                    </div>
                                </div>
                            <?php endwhile; ?>
                        </tbody>
                    </table>
                </div>
            </div>
        </div>
    </div>

    <script type="text/javascript">
        function confirmDelete() {
            return confirm('Êtes-vous sûr de vouloir supprimer cet élément ?');
        }
    </script>


    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>