Commit 1fbeb0e3 authored by Rémy Huet's avatar Rémy Huet 💻

Correct HTML, replace php double-quotes, correct prepared statements

parent 092297a1
......@@ -14,37 +14,53 @@ class DB {
}
function subList(string $utclogin) : array {
$sql = "SELECT *
$sql = 'SELECT *
FROM vsubscription
WHERE utclogin='".$utclogin."'";
WHERE utclogin=:utclogin';
$st = $this->conn->prepare($sql);
$st->execute();
$st->execute([
'utclogin' => $utclogin,
]);
$res = $st->fetchAll(PDO::FETCH_ASSOC);
return $res;
}
function apiList(string $semester, int $year) : array {
$sql = "SELECT *
$sql = 'SELECT *
FROM vApi
WHERE semester='".$semester."' AND year=".$year;
WHERE semester=:semester AND year=:year';
$st = $this->conn->prepare($sql);
$st->execute();
$st->execute([
'semester' => $semester,
'year' => $year,
]);
$res = $st->fetchAll(PDO::FETCH_ASSOC);
return $res;
}
function subToApi($utclogin, $api) {
$today = date("Ymd");
$sql = "INSERT INTO subscribe VALUES ('".$utclogin."',".$api.",TO_DATE('".$today."','YYYYMMDD'))";
$res=$this->conn->exec($sql);
}
function subToApi($utclogin, $api) : bool {
$today = date('Ymd');
$sql = 'INSERT INTO subscribe(utclogin, api, subdate) VALUES (:utclogin, :api, :today)';
$st = $this->conn->prepare($sql);
$res = $st->execute([
'utclogin' => $utclogin,
'api' => $api,
'today' => $today,
]);
function unsubToApi($utclogin, $api) {
$sql = "DELETE FROM subscribe WHERE utclogin='".$utclogin."' AND api=".$api;
$res=$this->conn->exec($sql);
return $res;
}
function unsubToApi($utclogin, $api) : bool {
$sql = 'DELETE FROM subscribe WHERE utclogin=:utclogin AND api=:api';
$st = $this->conn->prepare($sql);
$res = $st->execute([
'utclogin' => $utclogin,
'api' => $api,
]);
return $res;
}
}
......@@ -3,10 +3,12 @@
class Views {
public static function printHtmlBegin() : void {
echo '<html>';
echo '<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/></head>';
echo '<html>';
echo '<head>';
echo '<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>';
echo '<title>Api Sub</title>';
echo '<link href="css/main.css" type="text/css" rel="stylesheet"/>';
echo '</head>';
echo '<body>';
echo '<h1>Inscriptions Api</h1>';
}
......@@ -21,7 +23,7 @@ class Views {
foreach ($list as $row) {
echo '<p>';
echo ' <a href="index.php?action=unsub&api='.$row['code'].'&utclogin='.$utclogin.'">[désinscription]</a> ';
echo $row['code']."-".$row['name']." (".$row['semester'].$row['year'].", du ".$row['dbegin']." au ".$row['dend'].") [inscrit le ".$row['subdate']."]";
echo $row['code'].'-'.$row['name'].' ('.$row['semester'].$row['year'].', du '.$row['dbegin'].' au '.$row['dend'].') [inscrit le '.$row['subdate'].']';
echo '</p>';
}
}
......@@ -36,7 +38,7 @@ class Views {
foreach ($list as $row) {
echo '<p>';
echo '<a href="index.php?action=sub&api='.$row['code'].'&utclogin='.$utclogin.'">[inscription]</a> ';
echo $row['code']."-".$row['name'];
echo $row['code'].'-'.$row['name'];
echo '</p>';
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment