From e87885486167f83215ffb1b5afb2216ed59d86df Mon Sep 17 00:00:00 2001 From: galaxyoyo Date: Tue, 24 Sep 2019 11:00:44 +0200 Subject: [PATCH] Sans utilisateur, le premier inscrit est administrateur --- server_files/config.php | 9 +++++---- server_files/controllers/inscription.php | 4 ++++ server_files/model.php | 5 +++++ 3 files changed, 14 insertions(+), 4 deletions(-) diff --git a/server_files/config.php b/server_files/config.php index 98b892a..459906c 100644 --- a/server_files/config.php +++ b/server_files/config.php @@ -45,10 +45,11 @@ class Config global $DB; $DB->exec("SET GLOBAL time_zone = 'Europe/Paris';"); - $DB->exec("INSERT IGNORE INTO `config` VALUES ('inscription_date', CURRENT_TIMESTAMP), ('start_phase1_date', CURRENT_TIMESTAMP), ('end_phase1_date', CURRENT_TIMESTAMP), - ('start_phase2_date', CURRENT_TIMESTAMP), ('end_phase2_date', CURRENT_TIMESTAMP), - ('start_phase3_date', CURRENT_TIMESTAMP), ('end_phase3_date', CURRENT_TIMESTAMP), - ('start_phase4_date', CURRENT_TIMESTAMP), ('end_phase4_date', CURRENT_TIMESTAMP);"); + $DB->exec("INSERT IGNORE INTO `config` VALUES ('inscription_date', CURRENT_TIMESTAMP + INTERVAL 2 DAY), + ('start_phase1_date', CURRENT_TIMESTAMP + INTERVAL 1 DAY), ('end_phase1_date', CURRENT_TIMESTAMP + INTERVAL 3 DAY), + ('start_phase2_date', CURRENT_TIMESTAMP + INTERVAL 4 DAY), ('end_phase2_date', CURRENT_TIMESTAMP + INTERVAL 5 DAY), + ('start_phase3_date', CURRENT_TIMESTAMP + INTERVAL 6 DAY), ('end_phase3_date', CURRENT_TIMESTAMP + INTERVAL 7 DAY), + ('start_phase4_date', CURRENT_TIMESTAMP + INTERVAL 8 DAY), ('end_phase4_date', CURRENT_TIMESTAMP + INTERVAL 9 DAY);"); } public function loadConfigValues() diff --git a/server_files/controllers/inscription.php b/server_files/controllers/inscription.php index 6006b39..8b4d9af 100644 --- a/server_files/controllers/inscription.php +++ b/server_files/controllers/inscription.php @@ -48,6 +48,7 @@ class NewUser ensure($this->surname != "", "Le nom de famille est obligatoire."); ensure($this->first_name != "", "Le prénom est obligatoire."); $this->role = Role::fromName(strtoupper($this->role)); + ensure($this->role == Role::PARTICIPANT || $this->role == Role::ENCADRANT, "Vous devez être participant ou encadrant."); if ($this->role == Role::PARTICIPANT) $this->class = SchoolClass::fromName(strtoupper($this->class)); @@ -59,6 +60,9 @@ class NewUser { global $DB, $YEAR; + if (!$DB->query("SELECT `id` FROM `users` WHERE `year` = $YEAR;")->fetch()) + $this->role = Role::ADMIN; + $req = $DB->prepare("INSERT INTO `users`(`email`, `pwd_hash`, `confirm_email`, `surname`, `first_name`, `school`, `class`, `role`, `description`, `year`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?);"); $req->execute([$this->email, password_hash($this->password, PASSWORD_BCRYPT), $this->confirm_email_token, $this->surname, $this->first_name, diff --git a/server_files/model.php b/server_files/model.php index 0a21cee..b3889c7 100644 --- a/server_files/model.php +++ b/server_files/model.php @@ -9,6 +9,11 @@ function loadUserValues() if (isset($_SESSION["user_id"])) { $user = $_SESSION["user"] = User::fromId($_SESSION["user_id"]); + if ($user == null) { + unset($_SESSION["user_id"]); + return; + } + $_SESSION["role"] = $user->getRole(); if ($user->getTeamId() !== null)