From fc0c6bdf3f78104a93922eec3f2a944861f55c33 Mon Sep 17 00:00:00 2001
From: Daniel Tartavel <contact@librepc.com>
Date: Tue, 23 Mar 2021 20:26:52 +0100
Subject: [PATCH] first alpha

---
 avionpoeme.php                 | 36 +++++++++++++
 getAnthology.php               | 14 +++++
 getCurrentPlanes.php           | 10 ++++
 include/config.inc.php         |  8 +--
 include/db.class.php           | 94 ++++++++++++++++++++++------------
 include/envoi_courriel.inc.php |  9 ++--
 include/fonctions.inc.php      |  7 ++-
 include/log.php                |  6 +--
 include/plane.class.php        |  8 ---
 sql/.htaccess                  |  1 +
 sql/table_avionpoeme.sql       | 13 ++---
 11 files changed, 145 insertions(+), 61 deletions(-)
 create mode 100644 avionpoeme.php
 create mode 100644 getAnthology.php
 create mode 100644 getCurrentPlanes.php
 delete mode 100644 include/plane.class.php
 create mode 100644 sql/.htaccess

diff --git a/avionpoeme.php b/avionpoeme.php
new file mode 100644
index 0000000..25fb60c
--- /dev/null
+++ b/avionpoeme.php
@@ -0,0 +1,36 @@
+<?php
+	require_once 'session_init.php';
+	require_once 'config.inc.php';
+	require_once 'db.class.php';
+	require_once 'log.php';
+	require_once 'fonctions.inc.php';
+
+	$table=array("message", "expeMail", "expeKnown", "expeLang", "destLang", "startLat", "startLon", "startName", "startTime", "StartTZ", "destMail", "destLat", "destLon", "destName", "public", "color", "actual_lat", "actual_lon", "bearing", "deliveryTime", "deliveryTZ", "deliveryTimeServer");
+
+	$db = new db();
+	$db->open();
+
+	foreach ($table as $var)
+	{
+		if ( !empty(getpost( $var )))
+		{
+			$r = getpost( $var );
+			/*if ( $r == "true")
+			{
+				$r = 1;
+			}elseif( $r ="false")*/
+			$db->$var = $r;
+		}else
+		{
+			$erreur[] = $var;
+		}
+	}
+	if (!empty ($erreur))
+	{
+		echo json_encode($erreur);
+	}else
+	{
+		$db->newPlane();
+	}
+	$db->close();
+?>
diff --git a/getAnthology.php b/getAnthology.php
new file mode 100644
index 0000000..3a92eae
--- /dev/null
+++ b/getAnthology.php
@@ -0,0 +1,14 @@
+<?php
+	require_once 'session_init.php';
+	require_once 'config.inc.php';
+	require_once 'db.class.php';
+	require_once 'log.php';
+	require_once 'fonctions.inc.php';
+
+	$db = new db();
+	$db->open();
+
+	$page = getpost("page",0);
+	$db->getAnthology($page);
+
+?>
diff --git a/getCurrentPlanes.php b/getCurrentPlanes.php
new file mode 100644
index 0000000..8a76275
--- /dev/null
+++ b/getCurrentPlanes.php
@@ -0,0 +1,10 @@
+<?php
+	require_once 'session_init.php';
+	require_once 'config.inc.php';
+	require_once 'db.class.php';
+	require_once 'log.php';
+
+	$db = new db();
+	$db->open();
+	$db->getCurrentPlanes();
+?>
diff --git a/include/config.inc.php b/include/config.inc.php
index 4728af1..14d3a90 100644
--- a/include/config.inc.php
+++ b/include/config.inc.php
@@ -1,11 +1,4 @@
 <?php
-ini_set('display_errors', 1);
-ini_set('display_startup_errors', 1);
-ini_set('serialize_precision', 8);
-
-error_reporting(E_ALL);
-date_default_timezone_set("Europe/Paris");
-set_include_path(get_include_path() . ':../include');
 
 define( 'EOL', "\n" );
 define( 'LF', "\r\n" );
@@ -20,6 +13,7 @@ define( "DATE_MYSQL", "Y-m-d H:i:s" );
 
 //variables diverses
 $admin 			= "Daniel";
+$webmaster		= "dtux@free.fr";
 $site 			= "Avion Poème";
 $dossier 		= "/www";
 $basedir 		= dirname( $_SERVER['DOCUMENT_ROOT'] ) . $dossier;
diff --git a/include/db.class.php b/include/db.class.php
index 0c95a33..e1dbf69 100644
--- a/include/db.class.php
+++ b/include/db.class.php
@@ -1,5 +1,13 @@
 <?php
-include "log.php";
+if ( !isset($site) )
+{
+    require_once( "config.inc.php" );
+	header( 'Location:  ' . $accueil );
+}
+
+require_once "config.inc.php";
+require_once "log.php";
+
 $table_prefix = "";
 class db
 {
@@ -26,7 +34,7 @@ class db
 	public $destLat;
 	public $destLon;
 	public $destName;
-	public $status;
+	public $public;
 	public $color;
 	public $actual_lat;
 	public $actual_lon;
@@ -78,40 +86,62 @@ class db
 		//print_r( $this );
     }
 
-    function print_error()
-    {
-        print_r( $this );
-		//$this->error = $this->error;
-		return $this->connect->error;
-    }
-
     function newPlane()
     {
-		$query = "INSERT INTO avionpoeme SET (";
-		$query .= $this->message . ", ";
-		$query .= $this->expeMail . ", ";
-		$query .= $this->expeKnown . ", ";
-		$query .= $this->expeLang . ", ";
-		$query .= $this->destLang . ", ";
-		$query .= $this->startLat . ", ";
-		$query .= $this->startLon . ", ";
-		$query .= $this->startName . ", ";
-		$query .= $this->startTime . ", ";
-		$query .= $this->StartTZ . ", ";
-		$query .= $this->destMail . ", ";
-		$query .= $this->destLat . ", ";
-		$query .= $this->destLon . ", ";
-		$query .= $this->destName . ", ";
-		$query .= $this->status . ", ";
-		$query .= $this->color . ", ";
-		$query .= $this->actual_lat . ", ";
-		$query .= $this->actual_lon . ", ";
-		$query .= $this->bearing . ", ";
-		$query .= $this->deliveryTime . ", ";
-		$query .= $this->deliveryTZ . ", ";
-		$query .= $this->deliveryTimeServer . ", ";
+		$query = "INSERT INTO avionpoeme VALUES ('0','";
+		$query .= $this->protect($this->message) . "', '";
+		$query .= $this->protect($this->expeMail) . "', ";
+		$query .= $this->protect($this->expeKnown) . ", '";
+		$query .= $this->protect($this->expeLang) . "', '";
+		$query .= $this->protect($this->destLang) . "', '";
+		$query .= $this->protect($this->startLat) . "', '";
+		$query .= $this->protect($this->startLon) . "', '";
+		$query .= $this->protect($this->startName) . "', '";
+		$query .= $this->protect($this->startTime) . "', '";
+		$query .= $this->protect($this->StartTZ) . "', '";
+		$query .= $this->protect($this->destMail) . "', '";
+		$query .= $this->protect($this->destLat) . "', '";
+		$query .= $this->protect($this->destLon) . "', '";
+		$query .= $this->protect($this->destName) . "', ";
+		$query .= $this->protect($this->public) . ", '";
+		$query .= $this->protect($this->color) . "', '";
+		$query .= $this->protect($this->actual_lat) . "', '";
+		$query .= $this->protect($this->actual_lon) . "', '";
+		$query .= $this->protect($this->bearing) . "', '";
+		$query .= $this->protect($this->deliveryTime) . "', '";
+		$query .= $this->protect($this->deliveryTZ) . "', '";
+		$query .= $this->protect($this->deliveryTimeServer) . "'";
 		$query .= ")";
+		print_r($this);
+		$this->query($query);
+		echo "{'uid':'" . $this->connect->insert_id . "'}";
     }
+
+    function getCurrentPlanes()
+    {
+		$query = "SELECT deliveryTime, deliveryTZ, destLat, destLon, destName, sentTime, sentTZ, startLon, startLat, startName, color FROM avionpoeme WHERE deliveryTimeServer>NOW() AND public='1'";
+		$db->query($query);
+		$planes = $db->fetch_all(MYSQLI_ASSOC);
+		print json_encode($planes);
+	}
+
+	function getAnthology($page=0)
+	{
+		if ($page==0) //renvoie le nombre de ligne d'anthologie
+		{
+			$query = "SELECT COUNT(*) as count FROM avionpoeme WHERE public='1'";
+			$db->query($query);
+			print "['" . $db->data_seek(0) . "']";
+		}else  //renvoie les lignes d'anthologie
+		{
+			$query = "SELECT deliveryTime, deliveryTZ, destName, sentTime, sentTZ, startName, message FROM avionpoeme WHERE public='1' LIMIT " . ($page-1)*20+1 . ",20";
+			$db->query($query);
+			$planes = $db->fetch_all(MYSQLI_ASSOC);
+			print json_encode($planes);
+		}
+	}
+
 }
 
+
 ?>
diff --git a/include/envoi_courriel.inc.php b/include/envoi_courriel.inc.php
index ea8e00f..4ce8359 100644
--- a/include/envoi_courriel.inc.php
+++ b/include/envoi_courriel.inc.php
@@ -1,6 +1,7 @@
 <?php
 require_once 'log.php';
 
+
 function envoiMail($destinataire, $sujet, $text, $html=false)
 {
 
@@ -9,20 +10,22 @@ function envoiMail($destinataire, $sujet, $text, $html=false)
 	{
 		$headers .= "Content-type: text/html; charset=UTF-8" . LF;
 	}else
+	{
 		$headers .= "Content-type: text/plain; charset=UTF-8" . LF;
 	}
 	$headers .= "DATE: " . date( 'r' ) . LF . LF;
 
-	log_write(__FILE__ . __LINE__ . " Envoi d'un courriel à " . $courriel . "sujet:" . $sujet, INFO);
+	log_write(__FILE__ . __LINE__ . " Envoi d'un courriel à " . $text . "sujet:" . $sujet, INFO);
 	if( !mail($destinataire, $sujet, $text, $headers) )  //Sending mail
 	{
-		log_write(__FILE__ . EOL . __LINE__ .  EOL . "Le courriel n'est pas parti:" .$courriel . EOL . $sujet . EOL, ERROR);
+		log_write(__FILE__ . EOL . __LINE__ .  EOL . "Le courriel n'est pas parti:" .$text . EOL . $sujet . EOL, ERROR);
 		return 0;
 	}else
 	{
-		log_write(__FILE__ . EOL . __LINE__ .  EOL . "Le courriel avec les pièces jointes est parti:" .$courriel . EOL, INFO);
+		log_write(__FILE__ . EOL . __LINE__ .  EOL . "Le courriel avec les pièces jointes est parti:" .$text . EOL, INFO);
 		return 1;
 	}
 
 }
 
+?>
diff --git a/include/fonctions.inc.php b/include/fonctions.inc.php
index 0bee18b..251c30c 100644
--- a/include/fonctions.inc.php
+++ b/include/fonctions.inc.php
@@ -1,5 +1,9 @@
 <?php
-
+if ( !isset($site) )
+{
+    require_once( "config.inc.php" );
+	header( 'Location:  ' . $accueil );
+}
 //	$var clef à rechercher dans $_POST, $_GET, et $_SESSION (si $session=true)
 //	$default valeur retournée si aucune valeur n'est trouvée
 //	$session: si true, rechercher aussi dans $_SESSION
@@ -30,7 +34,6 @@ function getpost( $var, $default="", $session=false )
 
 }
 
-
 // MET LA PREMIÈRE LETTRE D'UN MOT EN MAJUSCULE ( utf8 compliant )
 
 function mb_ucfirst($str) {
diff --git a/include/log.php b/include/log.php
index 627f19a..83d9d19 100644
--- a/include/log.php
+++ b/include/log.php
@@ -4,14 +4,14 @@ if ( !isset($site) )
     require_once( "config.inc.php" );
 	header( 'Location:  ' . $accueil );
 }
-require_once( "db.class.php" );
-
+require_once 'db.class.php';
+require_once 'envoi_courriel.inc.php';
 
 // $level => INFO, ALERT, ERROR
 function log_write($log, $level=INFO)
 {
 	require_once( "envoi_courriel.inc.php" );
-	global $table_prefix;
+	global $table_prefix, $webmaster;
 	$user = ( !empty( $_SERVER["PHP_AUTH_USER"])?$_SERVER["PHP_AUTH_USER"]:'' );
 	$log_mail = str_replace ( "<br />", "\n", $log ) . "\n";
 	$log_mail .= ( !empty( $_SERVER["REQUEST_METHOD"])?'$_SERVER["REQUEST_METHOD"]' . $_SERVER["REQUEST_METHOD"] . "\n":'' );
diff --git a/include/plane.class.php b/include/plane.class.php
deleted file mode 100644
index 8cc4945..0000000
--- a/include/plane.class.php
+++ /dev/null
@@ -1,8 +0,0 @@
-<?php
-
-class plane()
-{
-
-}
-
-?>
diff --git a/sql/.htaccess b/sql/.htaccess
new file mode 100644
index 0000000..5a928f6
--- /dev/null
+++ b/sql/.htaccess
@@ -0,0 +1 @@
+Options -Indexes
diff --git a/sql/table_avionpoeme.sql b/sql/table_avionpoeme.sql
index 798f558..375d82e 100644
--- a/sql/table_avionpoeme.sql
+++ b/sql/table_avionpoeme.sql
@@ -3,7 +3,7 @@
 -- https://www.phpmyadmin.net/
 --
 -- Hôte : db120904.sql-pro.online.net
--- Généré le : sam. 20 mars 2021 à 17:16
+-- Généré le : lun. 22 mars 2021 à 13:50
 -- Version du serveur :  5.7.19-0ubuntu0.16.04.1
 -- Version de PHP : 7.0.32-0ubuntu0.16.04.1
 
@@ -29,7 +29,7 @@ SET time_zone = "+00:00";
 --
 
 CREATE TABLE `avionpoeme` (
-  `uid` int(10) UNSIGNED NOT NULL,
+  `idAvion` int(10) UNSIGNED NOT NULL,
   `message` text CHARACTER SET utf8mb4 NOT NULL,
   `expeMail` text NOT NULL,
   `expeKnown` tinyint(1) NOT NULL DEFAULT '0' COMMENT ' true/false en fonction de si l''utilisateur choisi de devoiler son addresse mail pour la premiere',
@@ -44,14 +44,14 @@ CREATE TABLE `avionpoeme` (
   `destLat` float NOT NULL,
   `destLon` float NOT NULL,
   `destName` text NOT NULL,
-  `status` tinyint(1) NOT NULL COMMENT '0 = privé, 1=public, 2=supprimé',
+  `status` tinyint(1) NOT NULL COMMENT '0 = public 1=privé, 2=supprimé',
   `color` varchar(7) NOT NULL COMMENT ' le code hexa de la couleur de l''avion aleatoire parmis la liste.',
   `actual_lat` int(11) NOT NULL,
   `actual_lon` int(11) NOT NULL,
   `bearing` smallint(6) NOT NULL,
   `deliveryTime` timestamp NOT NULL,
   `deliveryTZ` text NOT NULL,
-  `deliveryTimeServer` timestamp NOT NULL
+  `deliveryTimeServer` datetime NOT NULL
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 --
@@ -62,7 +62,8 @@ CREATE TABLE `avionpoeme` (
 -- Index pour la table `avionpoeme`
 --
 ALTER TABLE `avionpoeme`
-  ADD PRIMARY KEY (`uid`),
+  ADD PRIMARY KEY (`idAvion`),
+  ADD UNIQUE KEY `status_index` (`idAvion`),
   ADD KEY `expe_mail_index` (`expeMail`(40)),
   ADD KEY `dest_mail_index` (`destMail`(40)),
   ADD KEY `delivery_date_index` (`deliveryTime`);
@@ -75,7 +76,7 @@ ALTER TABLE `avionpoeme`
 -- AUTO_INCREMENT pour la table `avionpoeme`
 --
 ALTER TABLE `avionpoeme`
-  MODIFY `uid` int(10) UNSIGNED NOT NULL AUTO_INCREMENT;
+  MODIFY `idAvion` int(10) UNSIGNED NOT NULL AUTO_INCREMENT;
 COMMIT;
 
 /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;