From bf65d62297a8adf353f823196c182af249351870 Mon Sep 17 00:00:00 2001
From: nox <daniel.leporini@gmail.com>
Date: Mon, 23 Dec 2019 02:09:54 +0100
Subject: [PATCH] Gestion du statut actif/inactif des users - Ajout des
 sessions pour twig

---
 config/apply.php                           |  4 ++-
 public/models/connexion.php                |  2 +-
 public/models/readRecords.php              |  2 +-
 public/models/readRecords2.php             |  2 +-
 src/Account/Action/ActiveAction.php        | 30 +++++++++++++++----
 src/Account/Action/ProfilAction.php        |  2 +-
 src/Admin/AdminModule.php                  |  4 +--
 src/Admin/DashboardAction.php              | 29 ++++++++++++-------
 src/Admin/DashboardUserAction.php          | 21 ++++----------
 src/Admin/Table/UserTable.php              | 16 +++++++++--
 src/Admin/config.php                       |  2 --
 src/Admin/views/dashboard.twig             | 21 ++++++++------
 src/Admin/views/dashboard_user.twig        | 24 ++++++++++------
 src/Admin/views/layout.twig                |  7 +++--
 src/Auth/Action/LoginAttemptAction.php     | 30 +++++++++++++++----
 src/Auth/Action/LogoutAction.php           |  9 ++++--
 src/Contact/ContactAction.php              |  2 +-
 src/Contact/contact.twig                   |  1 -
 src/Framework/Auth/LoggedInMiddleware.php  | 21 +++++++++-----
 src/Framework/Database/Query.php           |  2 +-
 src/Framework/Database/Table.php           |  1 +
 src/Framework/Twig/UrlExtension.php        |  4 +--
 src/Framework/Twig/VariableExtension.php   | 46 ++++++++++++++++++++++++++++++
 src/Gmarche/Actions/AntenneShowAction.php  |  2 +-
 src/Gmarche/Actions/RegionIndexAction.php  | 41 +++++++++++++++++---------
 src/Gmarche/GmarcheModule.php              |  4 ++-
 src/Gmarche/views/index.twig               | 24 +++++++++-------
 src/Product/Actions/ProductIndexAction.php |  2 +-
 src/Product/Actions/RechIndexAction.php    |  2 +-
 views/layout.twig                          | 11 +++----
 30 files changed, 250 insertions(+), 118 deletions(-)
 create mode 100644 src/Framework/Twig/VariableExtension.php

diff --git a/config/apply.php b/config/apply.php
index fe4745c..cba9769 100644
--- a/config/apply.php
+++ b/config/apply.php
@@ -2,6 +2,7 @@
 include 'config.php';
 
 use App\Framework\Twig\UrlExtension;
+use App\Framework\Twig\VariableExtension;
 use Framework\Middleware\CsrfMiddleware;
 use Framework\Renderer\RendererInterface;
 use Framework\Renderer\TwigRendererFactory;
@@ -29,7 +30,8 @@ return [
         \DI\get(FlashExtension::class),
         \DI\get(FormExtension::class),
         \DI\get(CsrfExtension::class),
-        \DI\get(UrlExtension::class)
+        \DI\get(UrlExtension::class),
+        \DI\get(VariableExtension::class)
     ],
     SessionInterface::class => \DI\object(PHPSession::class),
     CsrfMiddleware::class => \DI\object()->constructor(\DI\get(SessionInterface::class)),
diff --git a/public/models/connexion.php b/public/models/connexion.php
index 91816eb..ed3a7ce 100644
--- a/public/models/connexion.php
+++ b/public/models/connexion.php
@@ -15,7 +15,7 @@ try {
         $query->execute($params);
         $row = $query->fetch(PDO::FETCH_ASSOC);
         if (password_verify($_POST['mdp'],$row['password'])) {
-            session_start();
+            //session_start();
             $_SESSION['user']=$row['username'];
             $_SESSION['role']=$row['role'];
             echo '{"valide":true,"username":"'.$row['username'].'"}';
diff --git a/public/models/readRecords.php b/public/models/readRecords.php
index f679ae9..76ae9c6 100644
--- a/public/models/readRecords.php
+++ b/public/models/readRecords.php
@@ -1,5 +1,5 @@
 <?php
-    session_start();
+    //session_start();
     ini_set('display_errors', 0);
     include '../../config/config.php';
     $antenne_slug = $_GET['antenne_slug'];
diff --git a/public/models/readRecords2.php b/public/models/readRecords2.php
index c6e9cb8..f560335 100644
--- a/public/models/readRecords2.php
+++ b/public/models/readRecords2.php
@@ -1,5 +1,5 @@
 <?php
-	session_start();
+	//session_start();
 	ini_set('display_errors', 0);
 	include '../../config/config.php';
 	$antenne_slug = $_GET['antenne_slug'];
diff --git a/src/Account/Action/ActiveAction.php b/src/Account/Action/ActiveAction.php
index 6aa61fb..fdb02e2 100644
--- a/src/Account/Action/ActiveAction.php
+++ b/src/Account/Action/ActiveAction.php
@@ -5,6 +5,7 @@ use App\Auth\UserTable;
 use Framework\Auth;
 use Framework\Renderer\RendererInterface;
 use Framework\Response\RedirectResponse;
+use Framework\Router;
 use Framework\Session\FlashService;
 use Framework\Validator;
 use Psr\Http\Message\ServerRequestInterface;
@@ -33,36 +34,53 @@ class ActiveAction
         RendererInterface $renderer,
         Auth $auth,
         FlashService $flashService,
+        Router $router,
         UserTable $userTable
     ) {
-
         $this->renderer = $renderer;
         $this->auth = $auth;
         $this->flashService = $flashService;
+        $this->router = $router;
         $this->userTable = $userTable;
     }
 
     public function __invoke(ServerRequestInterface $request)
     {
-        $user = $this->auth->getUser();
-        var_dump($user);
-        die();
+       // $user = $this->auth->getUser();
         $params = $request->getParsedBody();
+
+        $url_part = explode('/',$_SERVER['HTTP_REFERER']);
+        //var_dump($url_part);
+        //var_dump($_SERVER['HTTP_REFERER']);
+        $chemin = $url_part[3].'/'.$url_part[4];
+
+        //echo "<br /><br />";
+        //echo "chemin=".$chemin;
+        //die();
+        //echo "user_id2=".$params['id'];
+        //die();
+
+
         $validator = (new Validator($params))
             ->required('username', 'actif');
         if ($validator->isValid()) {
+            if ($params['actif']) {
+                $params['actif'] = '0';
+            } else {
+                $params['actif'] = '1';
+            }
             $userParams = [
                 'username' => $params['username'],
                 'actif'  => $params['actif']
             ];
 
-            $this->userTable->update($user->id, $userParams);
+            $this->userTable->update($params['id'], $userParams);
             if (!$params['actif']) {
                 $this->flashService->success("L'utilisateur ".$params['username']." a bien été désactivé");
             } else {
                 $this->flashService->success("L'utilisateur ".$params['username']." a bien été réactivé");
             }
-            return new RedirectResponse($request->getUri()->getPath());
+            return new RedirectResponse($chemin);
         }
         $errors = $validator->getErrors();
         return $this->renderer->render('@account/account', compact('user', 'errors'));
diff --git a/src/Account/Action/ProfilAction.php b/src/Account/Action/ProfilAction.php
index cbc3f18..6b83446 100644
--- a/src/Account/Action/ProfilAction.php
+++ b/src/Account/Action/ProfilAction.php
@@ -36,7 +36,7 @@ class ProfilAction
     {
         /* Transmission du nom et de l'avatar de l'utilisateur connecté à la vue Twig */
         if(!isset($_SESSION)) {
-            session_start();
+           //session_start();
         }
         if (isset($_SESSION['user'])) {
             $nom_user = $_SESSION['user'];
diff --git a/src/Admin/AdminModule.php b/src/Admin/AdminModule.php
index 03b3884..ae50433 100644
--- a/src/Admin/AdminModule.php
+++ b/src/Admin/AdminModule.php
@@ -2,7 +2,6 @@
 
 namespace App\Admin;
 
-use App\Account\Action\AccountAction;
 use App\Account\Action\ActiveAction;
 use App\Auth\Action\PasswordForgetAction;
 use Framework\Auth\LoggedInMiddleware;
@@ -22,13 +21,14 @@ class AdminModule extends Module
         string $prefix
     )
     {
-        $router->get('/dashboard', DashboardAction::class, 'dashboard');
+        $router->get('/dashboard', [LoggedInMiddleware::class, DashboardAction::class], 'dashboard');
         $router->get('/dashboard/{user:[a-zA-Z\-0-9]+}', [LoggedInMiddleware::class, DashboardUserAction::class], 'dashboard.user');
         $router->get('/activation', ActiveAction::class, 'account.active');
         $router->post('/activation', ActiveAction::class);
         $router->any('/password_reinit', PasswordForgetAction::class, 'auth.password');
         if ($renderer instanceof TwigRenderer) {
             $renderer->getTwig()->addExtension($adminTwigExtension);
+           // $renderer->getTwig()->addExtension($variableExtension);
         }
     }
 }
diff --git a/src/Admin/DashboardAction.php b/src/Admin/DashboardAction.php
index 006d610..9f388c5 100644
--- a/src/Admin/DashboardAction.php
+++ b/src/Admin/DashboardAction.php
@@ -4,6 +4,7 @@ namespace App\Admin;
 use App\Admin\Table\UserTable;
 use App\Gmarche\Table\AntenneTable;
 use Framework\Renderer\RendererInterface;
+use Framework\Session\SessionInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
 class DashboardAction
@@ -18,7 +19,10 @@ class DashboardAction
      */
     private $antenneTable;
 
-
+    /**
+     * @var SessionInterface
+     */
+    private $session;
     /**
      * @var UserTable
      */
@@ -27,10 +31,12 @@ class DashboardAction
     public function __construct(
         RendererInterface $renderer,
         AntenneTable $antenneTable,
+        SessionInterface $session,
         UserTable $userTable)
     {
         $this->renderer = $renderer;
         $this->antenneTable = $antenneTable;
+        $this->session = $session;
         $this->userTable = $userTable;
     }
 
@@ -41,25 +47,26 @@ class DashboardAction
     public function __invoke(ServerRequestInterface $request)
     {
         if ($request->getMethod() === 'GET') {
-
+            $role     = $this->session->get('role', []);
+            $username = $this->session->get('username', []);
             $this->renderer->addPath('admin', __DIR__ . '/views');
             $page = $params['p'] ?? 1; // Si la page n'est pas définie, on l'initialise à 1
             $liste_adminGeneral = $this->userTable->findAdminUsers('1');
             $liste_adminAntenne = $this->userTable->findAdminUsers('2');
             $liste_users_suivi  = $this->userTable->findUsers('3');
             $listeAntennes = $this->antenneTable->findAllAntennes();
-            if (!isset($_SESSION)) {
-                session_start();
-            }
-            if (isset($_SESSION['user'])) {
-                $nom_user = $_SESSION['user'];
-                $role = $_SESSION['role'];
+            if ($this->session->get('username')) {
+                $this->session->delete('role');
+                $this->session->delete('username');
+                $this->session->set('role',$role);
+                $this->session->set('username',$username);
             } else {
-                $nom_user = '';
-                $role = '3';
+                $this->session->set('username',$username);
+                $this->session->set('role',$role);
             }
+
             return $this->renderer->render('@admin/dashboard',
-                compact('nom_user','role', 'liste_adminGeneral', 'liste_users_suivi',
+                compact('username','liste_adminGeneral', 'liste_users_suivi',
                     'liste_adminAntenne', 'listeAntennes'));
         }
     }
diff --git a/src/Admin/DashboardUserAction.php b/src/Admin/DashboardUserAction.php
index 69e34fb..52aba9c 100644
--- a/src/Admin/DashboardUserAction.php
+++ b/src/Admin/DashboardUserAction.php
@@ -52,25 +52,16 @@ class DashboardUserAction
             $this->renderer->addPath('admin', __DIR__ . '/views');
             $liste_users_suivi  = $this->userTableAdmin->findUsers('3');
 
-            $username = $request->getAttribute('user');
+            $url_part = explode('/',$_SERVER['REQUEST_URI']);
+            $user_affiche = $url_part[2];
 
-            $profil_user = $this->userTable->findBy('username', $username);
-           // var_dump($profil_user);
-           // die();
+            $user = $this->userTable->findBy('username', $user_affiche);
+            $id_affiche = $user->id;
+            $actif_affiche = $user->actif;
             $listeAntennes = $this->antenneTable->findAllAntennes();
-            if (!isset($_SESSION)) {
-                session_start();
-            }
-            if (isset($_SESSION['user'])) {
-                $nom_user = $_SESSION['user'];
-                $role = $_SESSION['role'];
-            } else {
-                $nom_user = '';
-                $role = '3';
-            }
 
             return $this->renderer->render('@admin/dashboard_user',
-                compact('nom_user','role','username','profil_user','liste_users_suivi','listeAntennes'));
+                compact('user_affiche','id_affiche', 'actif_affiche', 'user','liste_users_suivi','listeAntennes'));
         }
     }
 }
diff --git a/src/Admin/Table/UserTable.php b/src/Admin/Table/UserTable.php
index bca7486..c09b85b 100644
--- a/src/Admin/Table/UserTable.php
+++ b/src/Admin/Table/UserTable.php
@@ -25,6 +25,7 @@ class UserTable extends Table
         }
         return $list;
     }
+
     public function findAntennebyId(int $id_antenne): Query
     {
         $antenne = new AntenneTable($this->pdo);
@@ -32,13 +33,15 @@ class UserTable extends Table
             ->select('a.name as nameAntenne')
             ->where("a.id = $id_antenne");
     }
+
     public function findUsers($role): Query
     {
         return $this->makeQuery()
             ->select('u.*')
-            ->where("u.role = '".$role."'")
+            ->where("u.role = '" . $role . "'")
             ->order('u.username ASC');
     }
+
     /*public function findUsersSuivi($role): Query
     {
         $antenne = new AntenneTable($this->pdo);
@@ -55,11 +58,18 @@ class UserTable extends Table
             ->where("u.role = $role")
             ->order('u.username ASC');
     }
+
     public function findRole($username): Query
     {
-         return $this->makeQuery()
+        return $this->makeQuery()
             ->select('u.role')
-            ->where("u.username = $username");
+            ->where("u.username = '" . $username . "'");
     }
 
+    public function findRole2($username)
+    {
+        return $this->pdo
+        ->query("SELECT role FROM {$this->table} WHERE username='".$username."'")
+        ->fetch();
+    }
 }
diff --git a/src/Admin/config.php b/src/Admin/config.php
index 511c1c4..f1de900 100644
--- a/src/Admin/config.php
+++ b/src/Admin/config.php
@@ -1,12 +1,10 @@
 <?php
 
 use App\Admin\AdminModule;
-use App\Admin\DashboardAction;
 
 return [
     'admin.prefix' => '/admin',
     'admin.widgets' => [],
     \App\Admin\AdminTwigExtension::class => \DI\object()->constructor(\DI\get('admin.widgets')),
     AdminModule::class => \DI\object()->constructorParameter('prefix', \DI\get('admin.prefix'))
-    //DashboardAction::class => \DI\object()->constructorParameter('widgets', \DI\get('admin.widgets'))
 ];
diff --git a/src/Admin/views/dashboard.twig b/src/Admin/views/dashboard.twig
index 04d9a93..148525e 100644
--- a/src/Admin/views/dashboard.twig
+++ b/src/Admin/views/dashboard.twig
@@ -7,14 +7,14 @@
         <div class="container tab-de-bord">
             <h3 style="display:inline-block;">Tableau de bord - </h3>
                 <h4 style="display:inline-block;">
-                    {% if role == '0' %} Super Admin{% endif %}
-                    {% if role == '1' %} Admin général{% endif %}
-                    {% if role == '2' %} Admin Antenne{% endif %}
+                    {% if affiche_role() == 0 %} Super Admin{% endif %}
+                    {% if affiche_role() == 1 %} Admin général{% endif %}
+                    {% if affiche_role() == 2 %} Admin Antenne{% endif %}
                 </h4>
             </h3>
         </div>
         <p></p>
-        {% if role == '0' %}
+        {% if affiche_role() == 0 %}
             <h4>Liste des admins généraux</h4>
             <ul class="list-group list-group-flush">
                 {% for admin_gen in liste_adminGeneral %}
@@ -27,7 +27,7 @@
             </ul>
         {% endif %}
         <p></p>
-        {% if (role == '0' or role == '1') %}
+        {% if (affiche_role() == 0 or affiche_role() == 1) %}
             <h4>Liste des admins Antenne</h4>
             <ul class="list-group list-group-flush">
                 {% for admin_ant in liste_adminAntenne %}
@@ -40,7 +40,7 @@
             </ul>
         {% endif %}
         <p></p>
-        {% if (role == '0' or role == '1' or role == '2') %}
+        {% if affiche_role()==0 or affiche_role()==1 or affiche_role()==2 %}
             <h4>Liste des régions/antennes</h4>
             <ul class="list-group list-group-flush">
                 {% set antenne = '' %}
@@ -69,7 +69,7 @@
             </ul>
         {% endif %}
         <p></p>
-        {% if (role == '0' or role == '1' or role == '2') %}
+        {% if affiche_role()==0 or affiche_role()==1 or affiche_role()==2 %}
             <h4>Liste des utilisateurs</h4>
 
             <ul class="list-group list-group-flush">
@@ -85,17 +85,20 @@
                                     {% endif %}
                                 {% endfor %}
                             {% endfor %}
+                            {% if not (item2.actif) %}
+                                <button class="btn btn-primary">DESACTIVE</button>
+                            {% endif %}
                         </li>
                     </a>
                 {% endfor %}
             </ul>
         {% endif %}
         <p></p>
-        {% if (role == '0' or role == '1') %}
+        {% if (affiche_role()== 0 or affiche_role()== 1) %}
             <h4>Gestion d'une antenne</h4>
         {% endif %}
         <p></p>
-        {% if (role == '0' or role == '1' or role == '2') %}
+        {% if affiche_role()==0 or affiche_role()==1 or affiche_role()==2 %}
             <h4>Gestion d'un G-Marché</h4>
         {% endif %}
         <div class="row">
diff --git a/src/Admin/views/dashboard_user.twig b/src/Admin/views/dashboard_user.twig
index 8bd3406..700128b 100644
--- a/src/Admin/views/dashboard_user.twig
+++ b/src/Admin/views/dashboard_user.twig
@@ -5,14 +5,20 @@
 {% block body %}
     <div class="container" style="color:floralwhite;background-color: #333333;padding: 1rem;">
         <div class="container tab-de-bord">
-            <h3 style="display:inline-block;">Tableau de bord User - {{ username }}</h3>
+            <h3 style="display:inline-block;">Tableau de bord User - {{ user_affiche }}</h3>
         </div>
         <ul class="list-group list-group-flush">
             <div class="container" style="color:black;background-color: lightgray;opacity: 0.9;margin: 1rem;padding:1rem;">
                 <form action="{{ path('account.active') }}" method="post">
-                    <button class="btn btn-primary">Désactiver l'utilisateur</button>
-                    <div style="width:0;height:0;"> {{ field('actif', false, "", {type: 'hidden'}) }}
-                        {{ field('username', username, "", {type: 'hidden'}) }}</div>
+                    {% if actif_affiche %}
+                       <button class="btn btn-primary">Désactiver l'utilisateur</button>
+                    {% else %}
+                       <button class="btn btn-primary">Activer l'utilisateur</button>
+                    {% endif %}
+                    <div style="width:0;height:0;"> {{ field('actif', actif_affiche, "", {type: 'hidden'}) }}
+                        {{ field('username', user_affiche, "", {type: 'hidden'}) }}
+                        {{ field('id', id_affiche, "", {type: 'hidden'}) }}
+                    </div>
                 </form>
             </div>
         </ul>
@@ -22,10 +28,10 @@
             <div class="container" style="color:black;background-color: lightgray;opacity: 0.9;margin: 1rem;padding:1rem;">
                 <form action="" method="post">
                     <!-- csrf_input() -->
-                    {{ field('firstname', profil_user.firstname, 'Prénom') }}
-                    {{ field('lastname', profil_user.lastname, 'Nom') }}
-                    Adresse mail {{ profil_user.email }}<p></p>
-                    Clé publique {{ profil_user.pubkey }}
+                    {{ field('firstname', user.firstname, 'Prénom') }}
+                    {{ field('lastname', user.lastname, 'Nom') }}
+                    Adresse mail {{ user.email }}<p></p>
+                    Clé publique {{ user.pubkey }}
                     <p></p>
                     <button class="btn btn-primary">Modifier les informations</button>
                 </form>
@@ -43,7 +49,7 @@
 
             <ul class="list-group list-group-flush">
                 <li class="liste_antennes list-group-item" style="color:black;padding: .2rem 1.25rem;">
-                    {% set antenne_suivie = profil_user.suiviantenne|split('|') %}
+                    {% set antenne_suivie = user.suiviantenne|split('|') %}
                     {% for antenne in antenne_suivie %}
                         {% for item in listeAntennes %}
                             {% if (item.id == antenne) %}
diff --git a/src/Admin/views/layout.twig b/src/Admin/views/layout.twig
index 440c29b..48000bf 100644
--- a/src/Admin/views/layout.twig
+++ b/src/Admin/views/layout.twig
@@ -22,10 +22,13 @@
     <div class="navbar-nav">
         <div class="navbar-text" style="color:lightgray;margin-right:15px; margin-top:3px;">
             {{ "now"|date('d/m/y') }}
+            affiche_username =  {{ affiche_username() }} /affiche_username
         </div>
-        {% if name_user != '' %}
+
+        {% if affiche_username()!= '' %}
             <form method="post" style="margin-top:5px;" action="{{ path('account.profil') }}">
-                <span><img src="\avatar_user.png" width="22" height="22" /></span>
+                <span><img src="\avatar_user.png" width="22" height="22" />
+                         affiche_username =  {{ affiche_username() }} /affiche_username</span>
                 <button style="color:white;font-size: 14px;" class="btn-primary">user = {{ name_user }}</button>
                 <button style="color:white;font-size: 14px;" class="btn-primary">user2 = {{ name_user2 }}</button>
             </form>
diff --git a/src/Auth/Action/LoginAttemptAction.php b/src/Auth/Action/LoginAttemptAction.php
index e0e493c..11d59d5 100644
--- a/src/Auth/Action/LoginAttemptAction.php
+++ b/src/Auth/Action/LoginAttemptAction.php
@@ -7,11 +7,13 @@ use Framework\Actions\RouterAwareAction;
 use Framework\Renderer\RendererInterface;
 use Framework\Response\RedirectResponse;
 use Framework\Router;
+use Framework\Session\ArraySession;
 use Framework\Session\FlashService;
 use Framework\Session\SessionInterface;
 use Psr\Http\Message\ServerRequestInterface;
 use Zend\Expressive\Router\RouterInterface;
 
+
 class LoginAttemptAction
 {
 
@@ -53,17 +55,33 @@ class LoginAttemptAction
         $params = $request->getParsedBody();
         $user = $this->auth->login($params['username'], $params['password']);
         if ($user) {
-            if(!isset($_SESSION)) {
-                session_start();
-            }
-            $_SESSION['role'] = $this->userTable->findRole($params['username']);
-            $_SESSION['user'] = $params['username'];
+            $role = $this->userTable->findBy('username', $params['username'])->role;
             $path = $this->session->get('auth.redirect') ?: $this->router->generateUri('gmarche.index');
             $this->session->delete('auth.redirect');
-            return new RedirectResponse($path);
+            //$path = $this->router->generateUri('gmarche.index');
+            //return new RedirectResponse('/');
+            if ($this->session->get('username')) {
+                $this->session->delete('role');
+                $this->session->delete('username');
+                $this->session->set('username',$params['username']);
+                $this->session->set('role',$role);
+            } else {
+                $this->session->set('username',$params['username']);
+                $this->session->set('role',$role);
+            }
+            //$this->renderer->addGlobal('user', $user);
+            //$this->renderer->addGlobal('role', $role);
+            return $this->renderer->render('@gmarche/index');
         } else {
             (new FlashService($this->session))->error('Identifiant ou mot de passe incorrect');
             return $this->redirect('auth.login');
         }
     }
+    private function show($role)
+    {
+       // $path = $this->router->generateUri('gmarche.index');
+        return $this->renderer->render('@gmarche/index');
+    }
+
+
 }
diff --git a/src/Auth/Action/LogoutAction.php b/src/Auth/Action/LogoutAction.php
index f10ef64..740b392 100644
--- a/src/Auth/Action/LogoutAction.php
+++ b/src/Auth/Action/LogoutAction.php
@@ -5,6 +5,7 @@ use App\Auth\DatabaseAuth;
 use Framework\Renderer\RendererInterface;
 use Framework\Response\RedirectResponse;
 use Framework\Session\FlashService;
+use Framework\Session\SessionInterface;
 use Psr\Container\ContainerInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
@@ -31,21 +32,25 @@ class LogoutAction
     private $container;
 
     public function __construct(RendererInterface $renderer, DatabaseAuth $auth, FlashService $flashService
-        , ContainerInterface $container)
+        , ContainerInterface $container, SessionInterface $session)
     {
         $this->renderer = $renderer;
         $this->auth = $auth;
         $this->flashService = $flashService;
         $this->container = $container;
+        $this->session = $session;
     }
 
     public function __invoke(ServerRequestInterface $request)
     {
         $gmarchePrefix = $this->container->get('gmarche.prefix');
         if(!isset($_SESSION)) {
-            session_start();
+            //session_start();
         }
         unset($_SESSION['user']);
+        if ($this->session->get('username')) {
+            $this->session->delete('username');
+        }
         $this->auth->logout();
         $this->flashService->success('Vous êtes maintenant déconnecté');
         return new RedirectResponse("$gmarchePrefix");
diff --git a/src/Contact/ContactAction.php b/src/Contact/ContactAction.php
index 9467c8a..fd6b785 100644
--- a/src/Contact/ContactAction.php
+++ b/src/Contact/ContactAction.php
@@ -27,7 +27,7 @@ class ContactAction
     {
         if ($request->getMethod() === 'GET') {
             if (!isset($_SESSION)) {
-                session_start();
+                //session_start();
             }
             if (isset($_SESSION['user'])) {
                 $nom_user = $_SESSION['user'];
diff --git a/src/Contact/contact.twig b/src/Contact/contact.twig
index 8140d7c..c48b9ff 100644
--- a/src/Contact/contact.twig
+++ b/src/Contact/contact.twig
@@ -83,7 +83,6 @@
         </script>
     {%  endif %}
 <div class="main" style="background:none;">
-    nom_user = {{ nom_user }}
     <div class="header">
        <img class="img_header" src="/images/logo_contacts.jpg" style="width: 294px;height: 294px;" alt="Ğ1-Marché" title="Logo Contact" />
     </div>
diff --git a/src/Framework/Auth/LoggedInMiddleware.php b/src/Framework/Auth/LoggedInMiddleware.php
index 0e2882a..b0ab70b 100644
--- a/src/Framework/Auth/LoggedInMiddleware.php
+++ b/src/Framework/Auth/LoggedInMiddleware.php
@@ -1,8 +1,7 @@
 <?php
 namespace Framework\Auth;
-
+error_reporting(E_ALL & ~E_NOTICE);
 use Framework\Auth;
-use Framework\Actions\RouterAwareAction;
 use Framework\Response\RedirectResponse;
 use Framework\Router;
 use Framework\Session\FlashService;
@@ -19,23 +18,31 @@ class LoggedInMiddleware implements MiddlewareInterface
      * @var Auth
      */
     private $auth;
+    /**
+     * @var Router
+     */
+    private $router;
+    /**
+     * @var SessionInterface
+     */
+    private $session;
 
-    public function __construct(Auth $auth, Router $router)
+    public function __construct(Auth $auth, Router $router, SessionInterface $session)
     {
         $this->auth = $auth;
         $this->router = $router;
+        $this->session = $session;
     }
 
     public function process(ServerRequestInterface $request, DelegateInterface $delegate): ResponseInterface
     {
         $user = $this->auth->getUser();
-        if (is_null($user)) {
-            //echo "is null";
-            //die();
+
+        if (is_null($user) and (!$_SESSION['user'])) {
             //throw new ForbiddenException();
             //return $this->redirect('auth.login');
             //$this->session->set('auth.login', $request->getUri()->getPath());
-            //(new FlashService($this->session))->error('Vous devez posséder un compte pour accéder à cette page');
+            (new FlashService($this->session))->error('Vous devez vous connecter pour accéder à cette page');
             return new RedirectResponse($this->router->generateUri('auth.login'));
         }
         return $delegate->process($request->withAttribute('user', $user));
diff --git a/src/Framework/Database/Query.php b/src/Framework/Database/Query.php
index a2f615a..f4836bc 100644
--- a/src/Framework/Database/Query.php
+++ b/src/Framework/Database/Query.php
@@ -172,7 +172,7 @@ class Query implements \IteratorAggregate
     {
         $record = $this->fetch();
         if ($record === false) {
-            throw new NoRecordException();
+           // throw new NoRecordException();
         }
         return $record;
     }
diff --git a/src/Framework/Database/Table.php b/src/Framework/Database/Table.php
index f8a6243..c10d7dc 100644
--- a/src/Framework/Database/Table.php
+++ b/src/Framework/Database/Table.php
@@ -81,6 +81,7 @@ class Table
     public function findBy(string $field, string $value)
     {
        // echo "field = ".$field;
+       // echo "<br />value = ".$value;
        // die();
         return $this->makeQuery()->where("$field = :field")->params(["field" => $value])->fetchOrFail();
     }
diff --git a/src/Framework/Twig/UrlExtension.php b/src/Framework/Twig/UrlExtension.php
index e4d1d0a..f49157e 100644
--- a/src/Framework/Twig/UrlExtension.php
+++ b/src/Framework/Twig/UrlExtension.php
@@ -19,7 +19,7 @@ class UrlExtension extends \Twig_Extension
     {
         return [
             //new \Twig_SimpleFunction('url', [$this, 'getUrl']),
-            new \Twig_SimpleFunction('explodeUrl', [$this, 'explodeUrl'])
+            new \Twig_SimpleFunction('explodeUrl', [$this, 'explodUrl'])
         ];
     }
 
@@ -27,7 +27,7 @@ class UrlExtension extends \Twig_Extension
     {
         return $_SERVER['REQUEST_URI'] ?? '/';
     }*/
-    public function explodeUrl(): array
+    public function explodUrl(): array
     {
         $url = $_SERVER['REQUEST_URI'] ?? '/';
         $url_parts = explode('/', $url);
diff --git a/src/Framework/Twig/VariableExtension.php b/src/Framework/Twig/VariableExtension.php
new file mode 100644
index 0000000..23c7090
--- /dev/null
+++ b/src/Framework/Twig/VariableExtension.php
@@ -0,0 +1,46 @@
+<?php
+
+namespace App\Framework\Twig;
+
+use Framework\Session\SessionInterface;
+
+class VariableExtension extends \Twig_Extension
+{
+
+    /**
+     * @var SessionInterface
+     */
+    private $session;
+
+    /**
+     * @var string
+     */
+    //private $url;
+
+    public function __construct(SessionInterface $session)
+    {
+        $this->session = $session;
+    }
+
+    public function getFunctions()
+    {
+        return [
+            new \Twig_SimpleFunction('affiche_username', [$this, 'affich_usrname']),
+            new \Twig_SimpleFunction('affiche_role', [$this, 'affich_role'])
+        ];
+    }
+    public function affich_role(): ?string
+    {
+        //echo "session=".$_SESSION['user'];
+        //die();
+        $retour_aff = $this->session->get('role') ?: '';
+        return $retour_aff;
+    }
+    public function affich_usrname(): ?string
+    {
+        //echo "session=".$_SESSION['user'];
+        //die();
+        $retour_aff = $this->session->get('username') ?: '';
+        return $retour_aff;
+    }
+}
diff --git a/src/Gmarche/Actions/AntenneShowAction.php b/src/Gmarche/Actions/AntenneShowAction.php
index 7547dd3..cb1cc41 100644
--- a/src/Gmarche/Actions/AntenneShowAction.php
+++ b/src/Gmarche/Actions/AntenneShowAction.php
@@ -61,7 +61,7 @@ class AntenneShowAction
             ]);
         }*/
         if (!isset($_SESSION)) {
-            session_start();
+            //session_start();
         }
         if (isset($_SESSION['user'])) {
             $nom_user = $_SESSION['user'];
diff --git a/src/Gmarche/Actions/RegionIndexAction.php b/src/Gmarche/Actions/RegionIndexAction.php
index 564fb4a..2e8345d 100644
--- a/src/Gmarche/Actions/RegionIndexAction.php
+++ b/src/Gmarche/Actions/RegionIndexAction.php
@@ -1,8 +1,10 @@
 <?php
 namespace App\Gmarche\Actions;
 
+use App\Admin\Table\UserTable;
 use Framework\Actions\RouterAwareAction;
 use Framework\Renderer\RendererInterface;
+use Psr\Http\Message\ServerRequestInterface;
 
 class RegionIndexAction
 {
@@ -14,23 +16,36 @@ class RegionIndexAction
     use RouterAwareAction;
 
     public function __construct(
-       RendererInterface $renderer
+       RendererInterface $renderer,
+       UserTable $userTable
     ) {
        $this->renderer = $renderer;
+       $this->userTable = $userTable;
     }
-    public function __invoke()
+    public function __invoke(ServerRequestInterface $request)
     {
-        if (!isset($_SESSION)) {
-            session_start();
+        /*$userId = $this->session->get('auth.user');
+        echo "userid = ";
+        var_dump($userId);*/
+        if ($request->getMethod() === 'GET') {
+            //$params = $request->getParsedBody();
+            //var_dump($params);
+            //die();
+            //$role = $this->userTable->findBy('username', $params['username'])->role;
+            //var_dump($role);
+            //die();
+            if (!isset($_SESSION)) {
+                //session_start();
+            }
+            $accueil = true;
+            if (isset($_SESSION['user'])) {
+                $nom_user = $_SESSION['user'];
+                $role = $_SESSION['role'];
+            } else {
+                $nom_user = '';
+                $role = '3';
+            }
+            return $this->renderer->render('@gmarche/index', compact('nom_user', 'accueil', 'role'));
         }
-        $accueil = true;
-        if (isset($_SESSION['user'])) {
-            $nom_user = $_SESSION['user'];
-            $role = $_SESSION['role'];
-        } else {
-            $nom_user = '';
-            $role = '3';
-        }
-        return $this->renderer->render('@gmarche/index', compact('nom_user','accueil','role'));
     }
 }
diff --git a/src/Gmarche/GmarcheModule.php b/src/Gmarche/GmarcheModule.php
index fd4df78..da00868 100644
--- a/src/Gmarche/GmarcheModule.php
+++ b/src/Gmarche/GmarcheModule.php
@@ -3,6 +3,7 @@ namespace App\Gmarche;
 
 use App\Gmarche\Actions\AntenneShowAction;
 use App\Gmarche\Actions\RegionIndexAction;
+use Framework\Auth;
 use Framework\Module;
 use Framework\Renderer\RendererInterface;
 use Framework\Router;
@@ -15,8 +16,9 @@ class GmarcheModule extends Module
     const MIGRATIONS  = __DIR__ . '/db/migrations';
     const SEEDS  = __DIR__ . '/db/seeds';
 
-    public function __construct(ContainerInterface $container)
+    public function __construct(ContainerInterface $container, Auth $auth)
     {
+        $this->auth = $auth;
         $gmarchePrefix = $container->get('gmarche.prefix');
         $container->get(RendererInterface::class)->addPath('gmarche', __DIR__ . '/views');
         $router = $container->get(Router::class);
diff --git a/src/Gmarche/views/index.twig b/src/Gmarche/views/index.twig
index 2e5eeb2..ac68f5c 100644
--- a/src/Gmarche/views/index.twig
+++ b/src/Gmarche/views/index.twig
@@ -4,19 +4,23 @@
     Ğ1-Marché : Régions {% if page > 1 %}, page {{ page }} {% endif %}
 {% endblock %}
 {% block body %}
+    {% if flash('error') %}
+        <div class="alert alert-danger">
+            {{ flash('error') }}
+        </div>
+    {% endif %}
     <div class="container home">
         <img id="logo_home" src="\images\logo_home.jpg"/>
-
-            <ul class="list-group list-group-flush">
-                <div class="mapcontainer">
-                    <div class="map">
-                        <span>Alternative content for the map</span>
-                    </div>
-                    <div class="areaLegend"></div>
-                    <div class="plotLegend"></div>
+        <ul class="list-group list-group-flush">
+            <div class="mapcontainer">
+                <div class="map">
+                    <span>Alternative content for the map</span>
                 </div>
-            </ul>
-        </div>
+                <div class="areaLegend"></div>
+                <div class="plotLegend"></div>
+            </div>
+        </ul>
+    </div>
 
     <script type="text/javascript">
         $(".container").mapael({
diff --git a/src/Product/Actions/ProductIndexAction.php b/src/Product/Actions/ProductIndexAction.php
index 6937f1b..127f44c 100644
--- a/src/Product/Actions/ProductIndexAction.php
+++ b/src/Product/Actions/ProductIndexAction.php
@@ -57,7 +57,7 @@ class  ProductIndexAction
         $viewPath = '@product/admin/products';
         $items = $this->productTable->findByAntenneId('antenne_id', $antenne_id)->paginate(20, $page);
         if (!isset($_SESSION)) {
-            session_start();
+            //session_start();
         }
         if (isset($_SESSION['user'])) {
             $nom_user = $_SESSION['user'];
diff --git a/src/Product/Actions/RechIndexAction.php b/src/Product/Actions/RechIndexAction.php
index 6fe9c02..5c957d3 100644
--- a/src/Product/Actions/RechIndexAction.php
+++ b/src/Product/Actions/RechIndexAction.php
@@ -59,7 +59,7 @@ class RechIndexAction
         $viewPath = '@product/admin/recherches';
         $items = $this->rechTable->findByAntenneId('antenne_id', $antenne_id)->paginate(20, $page);
         if (!isset($_SESSION)) {
-            session_start();
+           //session_start();
         }
         if (isset($_SESSION['user'])) {
             $nom_user = $_SESSION['user'];
diff --git a/views/layout.twig b/views/layout.twig
index a66cda4..98e358e 100644
--- a/views/layout.twig
+++ b/views/layout.twig
@@ -45,7 +45,7 @@
                     <a class="nav-link {% if accueil %} active{% endif %}" style="font-size:14px;"
                        href="{{ path('gmarche.index') }}">Accueil</a>
                 </li>
-                {% if role=='0' or role=='1' or role=='2' %}
+                {% if (affiche_role()==0 or affiche_role()==1 or affiche_role()==2) and affiche_username()!='' %}
                     <li class="nav-item">
                         <a class="nav-link {% if explodeUrl()[1]=='dashboard' %} active{% endif %}" style="font-size:14px;"
                            href="{{ path('dashboard') }}">Administration</a>
@@ -61,10 +61,10 @@
                 <div class="navbar-text" style="color:lightgray;margin-right:15px; margin-top:3px;">
                     {{ "now"|date('d/m/y') }}
                 </div>
-                {% if nom_user != '' %}
+                {% if affiche_username() != '' %}
                     <form method="post" style="margin-top:5px;" action="{{ path('account.profil') }}">
                         <span><img src="\avatar_user.png" width="22" height="22" /></span>
-                        <button id="nom_connecte" style="color:white;font-size: 14px;" class="btn-primary">{{ nom_user }}</button>
+                        <button id="nom_connecte" style="color:white;font-size: 14px;" class="btn-primary">{{ affiche_username() }}</button>
                     </form>
                     <form method="post" action="{{ path('auth.logout') }}">
                         <!-- csrf_input() }}-->
@@ -74,8 +74,6 @@
                     <div class="nav-item" id="bouton-connexion">
                         <button style="color:white; font-size: 14px;" class="btn btn-primary" data-toggle="modal" data-target="#connexion_modal">Se connecter</button>
                     </div>
-                   <!-- <div id="nom_connecte" style="display:none;margin-left:10px;margin-top:6px;margin-right:8px;">
-                    </div>-->
                     <div id="deconnexion" style="display:none;">
                         <form method="post" action="{{ path('auth.logout') }}">
                             <!-- csrf_input() }}-->
@@ -108,7 +106,7 @@
                     <div class="modal-body">
                         <div class="form-group">
                             <label for="pseudo">Pseudo</label>
-                            <input type="text" id="pseudo" placeholder="{{ nom_user }}" class="form-control"/>
+                            <input type="text" id="pseudo" placeholder="{{ user.username }}" class="form-control"/>
                         </div>
                         <div class="form-group">
                             <label for="mdp">Mot de passe</label>
@@ -129,7 +127,6 @@
             </div>
         </div>
 
-
         <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js"></script>
         <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js"></script>
     </div>