<?php require_once $_SERVER['DOCUMENT_ROOT'] . '/WebBristol/model/DAL/UserDAL.php'; // TODO : Si l'user connecte est student, ne pouvoir editer que ses propres info if (isset($_GET['id'])) { $id = filter_input(INPUT_GET, 'id'); } else { header('Location: ../home'); } $student = UserDAL::findStudentById($id); $role = $_SESSION['user']->getRole()->getName(); $_SESSION['data']['mode'] = 'edit'; if ($role === 'Professor') { if ($student->getId() > 0) { $_SESSION['data']['student'] = $student; require_once 'view/menu/menu_student.phtml'; require_once 'view/student/student_form.phtml'; } else { $_SESSION['message']['warning'] = 'This student doesn\'t exist.'; header('Location: ../../home'); } } else { if (intval($id) === $_SESSION['user']->getId()) { $_SESSION['data']['student'] = $_SESSION['user']; require_once 'view/menu/menu_student.phtml'; require_once 'view/student/student_form.phtml'; } else { // 403 $_SESSION['message']['danger'] = 'You can\'t access this page.'; header('Location: ../../home'); }