define('ARRAY_CONTRATS', ['CDI','CDD','Interimaire','Stagiaire']);

<div class="col-10 col-lg-4 offset-lg-0 mb-3">
<select name="contrats"
id="contrats"
class="form-control">
<option value="">Contrat *</option>
<?php foreach(ARRAY_CONTRATS as $value):?>
<option value="<?=$value?>" <?=$value==$contrats ? 'selected' : ''?> ><?=$value?></option>
<?php endforeach?>
</select>
<div class="error"><?= htmlentities($error['contrats'] ?? '', ENT_QUOTES, 'UTF-8')?></div>
</div>

<?php

include(dirname(__FILE__).'/../utils/connexion_bdd.php');
class Employs
{
private $id = 0;
private $name;
private $firstname;
private $adress;
private $birthday;
private $tel_mobile;
private $tel_home;
private $mail;
private $commentaire;
private $pseudo;
private $mdpc;
private $logs;
private $create_employs;
private $update_employs;
private $state;
private $id_roles;
private $id_location;
private $id_civility;

private $connexion_bdd;

public function __construct($name = "", $firstname = "", $adress = "", $birthday = "", $tel_mobile = "", $tel_home = "", $mail = "", $commentaire = "", $pseudo = "", $mdpc = "", $logs = "", $state = "", $id_roles = "", $id_location = "", $id_civility = "")
{
$this->name = $name;
$this->firstname = $firstname;
$this->adress = $adress;
$this->birthday = $birthday;
$this->tel_mobile = $tel_mobile;
$this->tel_home = $tel_home;
$this->mail = $mail;
$this->commentaire = $commentaire;
$this->pseudo = $pseudo;
$this->mdpc = $mdpc;
$this->logs = $logs;
$this->state = $state;
$this->id_roles = $id_roles;
$this->id_location = $id_location;
$this->id_civility = $id_civility;
$this->connexion_bdd = db_connect();
}

function __set($property, $value)
{
$this->$property = $value;
}

public function create()
{

$sql = "INSERT INTO `registration_employs` (`name`,`firstname`,`adress`,`birthday`,`tel_mobile`,`tel_home`,`mail`,`commentaire`,`pseudo`,`mdpc`,`logs`,`state`,`id_roles`,`id_location`,`id_civility`) VALUES (:name, :firstname, :adress, :birthday, :tel_mobile, :tel_home, :mail, :commentaire, :pseudo, :mdpc, :logs, :state, :id_roles, :id_location, :id_civility)";

$req = $this->db->prepare($sql);

$req->bindValue(':name', $this->name);
$req->bindValue(':firstname', $this->firstname);
$req->bindValue(':adress', $this->adress);
$req->bindValue(':birthday', $this->birthday);
$req->bindValue(':tel_mobile', $this->tel_mobile);
$req->bindValue(':tel_home', $this->tel_home);
$req->bindValue(':mail', $this->mail);
$req->bindValue(':commentaire', $this->commentaire);
$req->bindValue(':pseudo', $this->pseudo);
$req->bindValue(':mdpc', $this->mdpc);
$req->bindValue(':logs', $this->logs);
$req->bindValue(':state', $this->state);
$req->bindValue(':id_roles', $this->id_roles);
$req->bindValue(':id_location', $this->id_location);
$req->bindValue(':id_civility', $this->id_civility);

try {
return $req->execute();
} catch (PDOException $ex) {
return false;
}
}

public function findAll()
{
}

/**
* pseudo, email ou id de l'utilisateur
*/
public function findOne()
{
$sql = "SELECT `id`,`name`,`firstname`,`adress`,`birthday`,`tel_mobile`,`tel_home`,`mail`,`commentaire`,`pseudo`,`mdpc`,`logs`,`create_employs`,`update_employs`,`state`,`id_roles`,`id_location`,`id_civility` FROM `registration_employs` WHERE `id` = :id OR `pseudo` = :pseudo";

$req = $this->db->prepare($sql);
// associer les variable sql et les données envoyées par l'utilisateur
// bind permet de sécuriser contre les injections sql
$req->bindValue(':pseudo', $this->pseudo);
$req->bindValue(':id', $this->id);

try {

if($req->execute()) {
// on return les données récupérées
return $req->fetch(PDO::FETCH_OBJ);
}
} catch (PDOException $ex) {
return false;
}
}
}

<?php ob_start() ?>

<!-- Inscription collaborateur/trice -->
<div class="middleSite mt-3">
<form action="<?=htmlspecialchars($_SERVER['PHP_SELF'])?>" method="post">

<!-- bouton radio Civilite Nom et prenom -->
<div class="container">
<div class="row d-flex justify-content-center align-items-center">

<div class="col-10 col-lg-4 d-flex mb-3 texteFond">
<div class="form-check me-2">
<input class="form-check-input"
type="radio"
value="1"
name="civility"
id="civilityO"
<?= (!empty($civility) && $civility == "1") ? 'checked' : '' ?>>
<label class="form-check-label" for="civility0">Mme</label>
</div>

<div class="form-check me-2">
<input class="form-check-input"
type="radio"
value="2"
name="civility"
id="civility1"
<?= (!empty($civility) && $civility == "2") ? 'checked' : '' ?>>
<label class="form-check-label" for="civility1">Mlle</label>
</div>

<div class="form-check">
<input class="form-check-input"
type="radio"
value="3"
name="civility"
required
id="civility2"
<?= (!empty($civility) && $civility == "3") ? 'checked' : '' ?>>
<label class="form-check-label" for="civility2">Mr</label>
</div>
<div class="error"><br><?= htmlentities($error['civility'] ?? '', ENT_QUOTES, 'UTF-8')?></div>
</div>


<div class="col-10 col-lg-4">
<div class="form-floating mb-3">
<input type="text"
class="form-control"
minlenght ="2"
maxlength="25"
name="name"
id="name"
placeholder="Votre nom"
pattern="<?=REGEX_NO_NUMBER?>"
required
value="<?= htmlentities($_POST['name'] ?? '', ENT_QUOTES, 'UTF-8')?>">
<div class="error"><?= htmlentities($error['name'] ?? '', ENT_QUOTES, 'UTF-8')?></div>
<label for="name">Nom *</label>
</div>
</div>

<div class="col-10 col-lg-4 offset-lg-0">
<div class="form-floating mb-3">
<input type="text"
class="form-control"
minlenght ="2"
maxlength="25"
name="firstname"
id="firstname"
placeholder="Votre prénom"
pattern="<?=REGEX_NO_NUMBER?>"
required
value="<?= htmlentities($_POST['firstname'] ?? '', ENT_QUOTES, 'UTF-8')?>">
<div class="error"><?= htmlentities($error['firstname'] ?? '', ENT_QUOTES, 'UTF-8')?></div>
<label for="firstname">Prénom *</label>
</div>
</div>

</div>
</div>
<!-- Fin nom et prenom -->

<!-- Debut adresse -->
<div class="container">
<div class="row justify-content-center">

<div class="col-10 col-lg-4">
<div class="form-floating mb-3">
<input type="text"
class="form-control"
name="adress"
id="adress"
placeholder="Votre adresse"
minlength="8"
maxlength="100"
required
value="<?= htmlentities($_POST['adress'] ?? '', ENT_QUOTES, 'UTF-8')?>">
<div class="error"><?= htmlentities($error['adress'] ?? '', ENT_QUOTES, 'UTF-8')?></div>
<label for="adress">Adresse *</label>
</div>
</div>

<div class="col-10 col-lg-4 offset-lg-0">
<div class="form-floating mb-3">
<input type="text"
class="form-control"
name="cp"
id="cp"
placeholder="Votre code postal"
minlength="5"
maxlength="5"
required
pattern="<?=REGEX_CP?>"
value="<?= htmlentities($_POST['cp'] ?? '', ENT_QUOTES, 'UTF-8')?>">
<div class="error"><?= htmlentities($error['cp'] ?? '', ENT_QUOTES, 'UTF-8')?></div>
<label for="cp">Code postal *</label>
</div>
</div>

<div class="col-10 col-lg-4">
<div class="form-floating mb-3">
<input type="text"
class="form-control"
name="city"
id="city"
placeholder="Votre ville"
minlength="2"
maxlength="50"
required
pattern="<?=REGEX_NO_NUMBER?>"
value="<?= htmlentities($_POST['city'] ?? '', ENT_QUOTES, 'UTF-8')?>">
<div class="error"><?= htmlentities($error['city'] ?? '', ENT_QUOTES, 'UTF-8')?></div>
<label for="city">Ville *</label>
</div>
</div>

</div>
</div>
<!-- Fin adresse -->

<!-- Debut Date naissance + tel -->
<div class="container">
<div class="row justify-content-center">

<div class="col-10 col-lg-4">
<div class="form-floating mb-3">
<input type="date"
class="form-control"
name="birthday"
id="birthday"
placeholder="Votre date de naissance"
required
pattern="<?=REGEX_DATE?>"
value="<?=htmlentities($birthday ?? '', ENT_QUOTES, 'UTF-8')?>">
<div class="error"><?= htmlentities($error['birthday'] ?? '', ENT_QUOTES, 'UTF-8')?></div>
<label for="birthday">Naissance *</label>
</div>
</div>

<div class="col-10 col-lg-4">
<div class="form-floating mb-3">
<input type="tel"
class="form-control"
name="telMobile"
id="telMobile"
placeholder="Votre telephone mobile"
required
pattern="<?=REGEX_PHONE_FRANCE10?>"
value="<?= htmlentities($_POST['telMobile'] ?? '', ENT_QUOTES, 'UTF-8')?>">
<div class="error"><?= htmlentities($error['telMobile'] ?? '', ENT_QUOTES, 'UTF-8')?></div>
<label for="telMobile">Tel portable ou telephone joignable *</label>
</div>
</div>

<div class="col-10 col-lg-4">
<div class="form-floating mb-3">
<input type="tel"
class="form-control"
name="telHome"
id="telHome"
placeholder="Votre telephone fixe"
pattern="<?=REGEX_PHONE_FRANCE10?>"
value="<?= htmlentities($_POST['telHome'] ?? '', ENT_QUOTES, 'UTF-8')?>">
<div class="error"><?= htmlentities($error['telHome'] ?? '', ENT_QUOTES, 'UTF-8')?></div>
<label for="telHome">Tel fixe</label>
</div>
</div>

</div>
</div>
<!-- Fin date naissance + tel -->

<!-- Debut mail -->
<div class="container">
<div class="row justify-content-center align-items-center">

<div class="col-10 col-lg-4">
<div class="form-floating mb-3">
<input type="email"
class="form-control"
name="mail"
id="mail"
placeholder="Votre mail"
required
value="<?= htmlentities($_POST['mail'] ?? '', ENT_QUOTES, 'UTF-8')?>">
<div class="error"><?= htmlentities($error['mail'] ?? '', ENT_QUOTES, 'UTF-8')?></div>
<label for="mail">Mail *</label>
</div>
</div>

<div class="col-10 col-lg-4 offset-lg-0">
<div class="form-floating mb-3">
<input type="email"
class="form-control"
name="mailConf"
id="mailConf"
placeholder="Confirmation du mail"
required
value="<?= htmlentities($_POST['mailConf'] ?? '', ENT_QUOTES, 'UTF-8')?>">
<div class="error"><?= htmlentities($error['mailConf'] ?? '', ENT_QUOTES, 'UTF-8')?></div>
<label for="mailConf">Confirmation du mail *</label>
</div>
</div>

<div class="col-10 col-lg-4 offset-lg-0 mb-3">
<select name="niveaux"
id="niveaux"
class="form-control">
<option value="">Niveaux *</option>
<?php foreach(ARRAY_NIVEAUX as $value):?>
<option value="<?=$value?>" <?=$value==$niveaux ? 'selected' : ''?> ><?=$value?></option>
<?php endforeach?>
</select>
<?= htmlentities($error['niveaux'] ?? '', ENT_QUOTES, 'UTF-8')?>
</div>

<div class="col-10 col-lg-12">
<textarea
class="form-control mb-3"
name="commentaire"
id="commentaire"
rows="2"
placeholder="Commentaire"><?= htmlentities($_POST['commentaire'] ?? '', ENT_QUOTES, 'UTF-8')?></textarea>
</div>

<div class="col-10 col-lg-12">
<div class="form-floating mb-3">
<p class="texteFond">* Champs obligatoire</p>
</div>
</div>

</div>
</div>
<!-- Fin mail -->

<!-- Debut buttons -->
<div class="container">
<div class="row d-flex justify-content-center">
<div class="col-10 d-flex col-lg-12 justify-content-end mb-5">
<button type="reset" class="btn btn-danger ">Effacer</button>
<button type="submit" class="btn btn-success ms-2">Valider</button>
</div>
</div>
</div>
<!-- Fin buttons -->

</form>
<!-- Fin inscription collaborateur/trice -->
</div>

<?php
$content = ob_get_clean();
$title = "Enregistrement d'un collaborateur";

$title1 = "Enregistrement d'un collaborateur";
$title2 = "";
$title3 = "Connecter";

include(dirname(__FILE__).'/../templates/template.php');
?>

<?php
// Session start et redirection vers connexion
include(dirname(__FILE__).'/../utils/session.php');
// Appel aux regex
include(dirname(__FILE__).'/../utils/regex.php');
// Connexion a la bdd
include(dirname(__FILE__).'/../utils/connexion_bdd.php');
$pdo = db_connect();

// Tableau d'erreur vide //
$error = [];
// Declaration de niveau //
$niveaux= '';
// Declaration de maxid à enlever avant mise en prod //
$maxid = 12;

// Generation de chaine aléatoire //
function mdp($car) {
$mdp = "";
$chaine = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnpqrstuvwxy#@!";
srand((double)microtime()*1000000);
for($i=0; $i<$car; $i++) {
$mdp .= $chaine[rand()%strlen($chaine)];
}
return $mdp;
}

// On verifie que le formulaire est envoyé
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Validation des champs back
//bouton radio Mde Mlle Mr
$civility = trim(filter_input(INPUT_POST, 'civility', FILTER_SANITIZE_NUMBER_INT));
if(!empty($civility)){
if($civility<1 || $civility>3){
$error["civility"] = "Le choix n'est pas au bon format.";
}
} else {
$error["civility"] = "Votre choix n'est pas renseigné.";
}

//Champ nom on nettoie et on vérifie que ce n'est pas vide
$name = trim(filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES));
if(!empty($name)){
$testRegex = preg_match('/'.REGEX_NO_NUMBER.'/',$name);
// Avec une regex (constante déclarée plus haut), on vérifie si c'est le format attendu
if(!$testRegex){
$error["name"] = "Le nom n'est pas au bon format.";
} else {
// Dans ce cas précis, on vérifie aussi la longueur de chaine (on aurait pu le faire aussi direct dans la regex)
if(strlen($name)<=2 || strlen($name)>=25){
$error["name"] = "La longueur du nom n'est pas bonne entre 2 et 25 caractéres";
}
}
} else { // Pour les champs obligatoires, on retourne une erreur
$error["name"] = "Vous devez entrer un nom.";
}

//Champ Prenom
$firstname = trim(filter_input(INPUT_POST, 'firstname', FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES));
if(!empty($firstname)){
$testRegex = preg_match('/'.REGEX_NO_NUMBER.'/',$firstname);
if(!$testRegex){
$error["firstname"] = "Le prénom n'est pas au bon format.";
} else {
if(strlen($firstname)<=2 || strlen($firstname)>=25){
$error["firstname"] = "La longueur de chaine n'est pas bonne entre 2 et 25 caractéres.";
}
}
} else {
$error["firstname"] = "Vous devez entrer un nom.";
}

//Champ Adresse
$adress = trim(filter_input(INPUT_POST, 'adress', FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES));
if(!empty($adress)){
if(strlen($adress)<=8 || strlen($adress)>=100){
$error["adress"] = "La longueur de chaine n'est pas bonne entre 8 et 100 caractéres.";
}
} else {
$error["adress"] = "Vous devez entrer votre adresse.";
}

//Champ cp
$cp = trim(filter_input(INPUT_POST, 'cp', FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES));
if(!empty($cp)){
$testRegex = preg_match('/'.REGEX_CP.'/', $cp);
if(!$testRegex){
$error["cp"] = "votre cp n'est pas au bon format!!";
}
} else {
$error["cp"] = "Le cp n'est pas renseigné.";
}

//Champ ville
$city = trim(filter_input(INPUT_POST, 'city', FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES));
if(!empty($city)){
$testRegex = preg_match('/'.REGEX_NO_NUMBER.'/', $city);
if(!$testRegex){
$error["city"] = "Votre ville n'est pas au bon format.";
}
elseif(strlen($city)>50){
$error["city"] = "La longueur de la ville n'est pas bonne inférieur à 50 caractéres.";
}
} else {
$error["city"] = "Votre ville n'est pas renseignée.";
}

//Telephone Mobile Nettoyage et validation
$telMobile = trim(filter_input(INPUT_POST, 'telMobile', FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES));
if(!empty($telMobile)){
$testRegex = preg_match('/'.REGEX_PHONE_FRANCE10.'/', $telMobile);
if(!$testRegex){
$error["telMobile"] = "Le téléphone n'est pas au bon format!!";
}
} else {
$error["telMobile"] = 'Votre téléphone n\'est pas renseigné';
}

//Telephone Maison Nettoyage et validation
$telHome = trim(filter_input(INPUT_POST, 'telHome', FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES));
if(!empty($telHome)){
$testRegex = preg_match('/'.REGEX_PHONE_FRANCE10.'/', $telHome);
if(!$testRegex){
$error["telHome"] = "Le téléphone n'est pas au bon format!!";
}
}

//Champ date anniversaire
$birthday = trim(filter_input(INPUT_POST, 'birthday', FILTER_SANITIZE_STRING));
if(!empty($birthday)){
$year = date('Y', strtotime($birthday));
$month = date('m', strtotime($birthday));
$day = date('d', strtotime($birthday));
$checkdate = checkdate ($month, $day, $year);
if ($checkdate == false) {
$error["birthday"] = "Votre date de naissance n'est pas au bon format";
}
} else {
$error["birthday"] = "Vous devez entrer une date de naissance";
}

//Mail Nettoyage et validation
$mail = trim(filter_input(INPUT_POST, 'mail', FILTER_SANITIZE_EMAIL));
if(!empty($mail)){
$testRegex = filter_var($mail, FILTER_VALIDATE_EMAIL);
if(!$testRegex){
$error["mail"] = "Le mail n'est pas au bon format.";
} if(strlen($mail)>50){
$error["mail"] = "La longueur du mail n'est pas bonne inférieur à 50 caractéres.";
}
} else {
$error["mail"] = "Vous devez entrer une adresse mail.";
}

//Mail confirmation Nettoyage et validation
$mailConf = trim(filter_input(INPUT_POST, 'mailConf', FILTER_SANITIZE_EMAIL));
if(!empty($mailConf)){
$testRegex = filter_var($mailConf, FILTER_VALIDATE_EMAIL);
if(!$testRegex){
$error["mailConf"] = "Le mail n'est pas au bon format.";
} if(strlen($mail)>50){
$error["mailConf"] = "La longueur du mail n'est pas bonne inférieur à 50 caractéres.";
}
} else {
$error["mailConf"] = "Vous devez entrer une adresse mail.";
}

//Verification des mails
if($mail && $mailConf) {
if ($mail != $mailConf) {
$error["mail"] = "Les 2 emails saisis sont différents.";
$error["mailConf"] = "Les 2 emails saisis sont différents.";
}
}

//Niveaux Nettoyage et validation
$niveaux = trim(filter_input(INPUT_POST, 'niveaux', FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES));
if(!empty($niveaux)) {
if (!in_array($niveaux, ARRAY_NIVEAUX)) {
$error['niveaux'] = "La fonction n'est pas reconnue.";
}
} else {
$error['niveaux'] = "Votre choix n'est pas renseigné.";
}

//Commentaire Nettoyage et validation
$commentaire = trim(filter_input(INPUT_POST, 'commentaire', FILTER_SANITIZE_STRING));
if(strlen($commentaire)<=250){
$error["commentaire"] = "La longueur du commentaire n'est pas bonne inférieur à 50 caractéres.";
}

//Génération pseudo et mot de passe
//Compostion pseudo avec extraction nom prenom et max id
$nameExt = strtoupper(substr($name, 0, 2));
$firstnameExt = strtoupper(substr($firstname, 0, 2));
$pseudo = $maxid.$nameExt.$firstnameExt;

//Mot de passe sur 12 caractéres
$test = mdp(12);
$mdpc=password_hash($test, PASSWORD_BCRYPT);
}

if($_SERVER["REQUEST_METHOD"] != "POST" || !empty($error)){
include(dirname(__FILE__).'/../views/users/registrationEmploy.php';
} else {
// extraction des posts dans les varibles
extract($_POST);

$employs = new employs();

$employs->id = $id;

// récupération des infos de l'utilisateur correspondant au mail

$singleEmploy = $employs->findOne();

// vérification de la correspondance des mots de passe

if(password_verify($password, $singleEmploy->mdpc)){
$_SESSION['auth']['id'] = $singleEmploy->id;
$_SESSION['auth']['name'] = $singleEmploy->name;
}
// creation dans la bdd

include(dirname(__FILE__).'/../views/users/nextParent.php');
}