Travaux Pratiques du WEB 2

1. Structure du projet

2. Base de données (via phpMyAdmin ou init.sql)

CREATE DATABASE mini_chat;
USE mini_chat;

CREATE TABLE users (

id INT AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(100) UNIQUE NOT NULL,
password VARCHAR(255) NOT NULL
);

CREATE TABLE messages (

id INT AUTO_INCREMENT PRIMARY KEY,
user_id INT,
message TEXT,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
);

3. register.php (inscription)
<?php
require 'config.php';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {

$stmt = $pdo->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
$stmt->execute([$_POST['username'], password_hash($_POST['password'],
PASSWORD_DEFAULT)]);
header('Location: login.php');
}
?>

<form method="post">
<h2>Inscription</h2>
<input name="username" required>
<input name="password" type="password" required>
<button type="submit">S'inscrire</button>
</form>
 4. login.php (connexion)
<?php
session_start();
require 'config.php';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {

$stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
$stmt->execute([$_POST['username']]);
$user = $stmt->fetch();

if ($user && password_verify($_POST['password'], $user['password'])) {

$_SESSION['user'] = $user;
header('Location: chat.php');
} else {
echo "Identifiants incorrects";
}
}
?>

<form method="post">
<h2>Connexion</h2>
<input name="username" required>
<input name="password" type="password" required>
<button type="submit">Se connecter</button>
</form>
5. config.php
<?php
$pdo = new PDO("mysql:host=localhost;dbname=mini_chat;charset=utf8", 'root', '');
?>
6. logout.php
<?php
session_start();
session_destroy();
header('Location: login.php');
?>
7. chat.php (interface principale)
<?php
session_start();
require 'config.php';

if (!isset($_SESSION['user'])) {
header('Location: login.php');
exit;
}

$user = $_SESSION['user'];

// GESTION AJOUT/MODIF/SUPP
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['add'])) {
$stmt = $pdo->prepare("INSERT INTO messages (user_id, message) VALUES (?, ?)");
$stmt->execute([$user['id'], $_POST['message']]);
 }
if (isset($_POST['edit'])) {
$stmt = $pdo->prepare("UPDATE messages SET message=? WHERE id=? AND
user_id=?");
$stmt->execute([$_POST['message'], $_POST['msg_id'], $user['id']]);
}
if (isset($_POST['delete'])) {
$stmt = $pdo->prepare("DELETE FROM messages WHERE id=? AND user_id=?");
$stmt->execute([$_POST['msg_id'], $user['id']]);
}
}

$messages = $pdo->query("SELECT messages.*, users.username FROM messages JOIN

users ON users.id = messages.user_id ORDER BY created_at DESC")->fetchAll();
?>

<link rel="stylesheet" href="style.css">

<h2>Bienvenue <?= htmlspecialchars($user['username']) ?> <a

href="logout.php">[Déconnexion]</a></h2>

<form method="post">
<input name="message" placeholder="Votre message" required>
<button type="submit" name="add">Envoyer</button>
</form>

<hr>
<?php foreach ($messages as $msg): ?>
<div>
<strong><?= htmlspecialchars($msg['username']) ?> :</strong>
<?php if ($msg['user_id'] === $user['id']): ?>
<form method="post" style="display:inline;">
<input type="hidden" name="msg_id" value="<?= $msg['id'] ?>">
<input name="message" value="<?= htmlspecialchars($msg['message']) ?>">
<button type="submit" name="edit">Modifier</button>
<button type="submit" name="delete" onclick="return confirm('Supprimer
?')">Supprimer</button>
</form>
<?php else: ?>
<?= htmlspecialchars($msg['message']) ?>
<?php endif; ?>
<small><?= $msg['created_at'] ?></small>
</div>
<?php endforeach; ?>

8. style.css (simple)
body { font-family: sans-serif; margin: 20px; background: #f4f4f4; }
form input, form button { margin: 5px; padding: 5px; }
div { margin-bottom: 10px; }
hr { margin: 20px 0; }