plateforme-tfjm2/server_files/inscription.php

<?php

include 'config.php';

if (isset($_POST["submitted"])) {
	$error_message = register();
}

function register() {
    global $DB, $YEAR, $URL_BASE, $MAIL_ADDRESS;

    $email = strtolower(htmlspecialchars($_POST["email"]));

    if (!filter_var($email, FILTER_VALIDATE_EMAIL))
        return "L'email entrée est invalide.";

    $result = $DB->query("SELECT `email` FROM `users` WHERE `email` = '" . $email . "' AND `year` = '$YEAR';");
    if ($result->fetch())
        return "Un compte existe déjà avec cette adresse e-mail.";

    $password = htmlspecialchars($_POST["password"]);
    if (strlen($password) < 8)
        return "Le mot de passe doit comporter au moins 8 caractères.";
    if ($password != $_POST["confirm_password"])
        return "Les deux mots de passe sont différents.";

    $password = password_hash($password, PASSWORD_BCRYPT);

    $surname = strtoupper(htmlspecialchars($_POST["surname"]));
    if (!isset($surname) || $surname == "")
        return "Le nom de famille est obligatoire.";

    $firstname = htmlspecialchars($_POST["firstname"]);
    if (!isset($surname) || $surname == "")
        return "Le prénom est obligatoire.";

    $birth_date = date_parse_from_format("yyyy-mm-dd", htmlspecialchars($_POST["birth_date"]));

    if ($birth_date === FALSE)
        return "La date de naissance est invalide.";

    if (htmlspecialchars($_POST["birth_date"]) >= $YEAR . "-01-01")
        return "Vous devez avoir un âge strictement positif. Date de naissance rentrée : " . htmlspecialchars($_POST["birth_date"]);

    $gender = htmlspecialchars($_POST["gender"]);

    if (!isset($gender) || ($gender != "M" && $gender != "F"))
        return "Le sexe indiqué est invalide.";

    $address = htmlspecialchars($_POST["address"]);

    if (!isset($address))
        $address = "";

    try {
        $postal_code = intval($_POST["postal_code"]);
        if ($postal_code < 1000 || $postal_code > 95999)
            return "Le code postal est invalide.";
    }
    catch (Exception $ex) {
        return "Le code postal n'est pas un nombre valide.";
    }

    $city = htmlspecialchars($_POST["city"]);

    if (!isset($city))
        $city = "";

    $country = htmlspecialchars($_POST["country"]);

    if (!isset($country))
        $country = "France";

    $phone_number = htmlspecialchars($_POST["phone_number"]);

    if (!isset($phone_number) || $phone_number == "")
        return "Vous devez renseigner un numéro de téléphone.";

    $role = htmlspecialchars($_POST["role"]);

    if (!isset($role) || ($role != "participant" && $role != "encadrant"))
        return "Le rôle entré n'est pas valide.";

    $role = strtoupper($role);

    $school = htmlspecialchars($_POST["school"]);
    $class = strtoupper(htmlspecialchars($_POST["class"]));
    $responsible_name = htmlspecialchars($_POST["responsible_name"]);
    $responsible_phone = htmlspecialchars($_POST["responsible_phone"]);
    $responsible_email = htmlspecialchars($_POST["responsible_email"]);

    if ($role == "ENCADRANT") {
        $school = NULL;
        $class = NULL;
        $responsible_name = NULL;
        $responsible_phone = NULL;
        $responsible_email = NULL;
    }
    else {
        if (!isset($class) && $class != "TERMINALE" && $class != "PREMIERE" && $class != "SECONDE")
            return "La classe spécifiée est invalide. Merci de ne pas créer vos propres requêtes.";

        if ((!isset($responsible_name) || $responsible_name == "") && $birth_date > strval($YEAR - 18) . "-05-01")
            return "Veuillez spécifier un nom de responsable légal.";

        if ((!isset($responsible_phone) || $responsible_phone == "") && (!isset($responsible_email) || !filter_var($responsible_email, FILTER_VALIDATE_EMAIL))
            && $birth_date > strval($YEAR - 18) . "-05-01")
            return "Veuillez préciser au moins le numéro de téléphone ou l'addresse e-mail de votre responsable légal.";
    }

    $description = $_POST["description"];

    if ($role == "PARTICIPANT")
        $description = NULL;

    $confirm_email_uid = uniqid();

    $req = $DB->prepare("INSERT INTO `users`(`email`, `pwd_hash`, `confirm_email`, `surname`, `first_name`, `birth_date`, `gender`,
               `address`, `postal_code`, `city`, `country`, `phone_number`, `school`, `class`, `role`, `description`, `year`)
                VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);");
    $req->execute([$email, $password, $confirm_email_uid, $surname, $firstname, $_POST["birth_date"], $gender, $address, $postal_code,
       $city, $country, $phone_number, $school, $class, $role, $description, $YEAR]);

    $msg = "Merci pour votre inscription au TFJM² $YEAR ! Veuillez désormais confirmer votre adresse mail en cliquant ici : $URL_BASE/confirmer_mail/$confirm_email_uid";
    mail($email, "Inscription au TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n");

    return false;
}

?>

<?php include "header.php" ?>

	<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>

    <?php
    if (isset($error_message) && $error_message === FALSE) {
    ?>
    Votre inscription est validée ! Merci désormais de confirmer votre boîte mail pour valider votre adresse.
    <?php } else if (isset($_SESSION["user_id"])) { ?>

        <h2>Vous êtes déjà connecté !</h2>

    <?php } else { ?>
        
	<form method="POST">
		<input type="hidden" name="submitted" value="true" />
		<table style="width: 90%;">
			<tr>
				<td><label for="email">E-mail :</label></td>
				<td><input type="email" id="email" name="email" value="<?php if (isset($email)) echo $email ?>" /></td>
			</tr>
			<tr>
				<td><label for="password">Mot de passe :</label></td>
				<td><input type="password" id="password" name="password" /></td>
			</tr>
			<tr>
				<td><label for="confirm_password">Confirmer le mot de passe :</label></td>
				<td><input type="password" id="confirm_password" name="confirm_password" /></td>
			</tr>
			<tr>
				<td><label for="surname">Nom :</label></td>
				<td><input type="text" id="surname" name="surname" value="<?php if (isset($surname)) echo $surname ?>" /></td>
			</tr>
			<tr>
				<td><label for="firstname">Prénom :</label></td>
				<td><input type="text" id="firstname" name="firstname" value="<?php if (isset($firstname)) echo $firstname ?>" /></td>
			</tr>
			<tr>
				<td><label for="birth_date">Date de naissance :</label></td>
				<td><input type="date" id="birth_date" name="birth_date" value="<?php if (isset($birth_date)) echo $_POST["birth-date"] ?>" /></td>
			</tr>
			<tr>
				<td><label for="gender">Sexe :</label></td>
				<td><input type="radio" id="male" name="gender" value="M" /><label for="male">Homme</label>
					<input type="radio" id="female" name="gender" value="F" /><label for="female">Femme</label></td>
			</tr>
			<tr>
				<td><label for="address">Adresse :</label></td>
				<td><input type="text" id="address" name="address" value="<?php if (isset($address)) echo $address ?>" /></td>
			</tr>
			<tr>
				<td><label for="postal_code">Code postal :</label></td>
				<td><input type="number" id="postal_code" name="postal_code" value="<?php if (isset($postal_code)) echo $postal_code ?>" min="1000" max="95999" /></td>
			</tr>
			<tr>
				<td><label for="city">Ville :</label></td>
				<td><input type="text" id="city" name="city" value="<?php if (isset($city)) echo $city ?>" /></td>
			</tr>
			<tr>
				<td><label for="country">Pays :</label></td>
				<td><input type="text" id="country" name="country" value="<?php echo isset($country) ? $country : "France" ?>" /></td>
			</tr>
			<tr>
				<td><label for="phone_number">Numéro de téléphone :</label></td>
				<td><input type="text" id="phone_number" name="phone_number" value="<?php if (isset($phone_number)) echo $phone_number ?>" /></td>
			</tr>
			<tr>
				<td><label for="role">Rôle :</label></td>
				<td><select id="role" name="role" onchange="selectRole()">
					<option value="participant">Participant</option>
					<option value="encadrant">Encadrant</option>
				</select></td>
			</tr>
			<tr>
				<td><label id="school_label" for="school">Établissement dans lequel l'élève étudie :</label></td>
				<td><input type="text" id="school" name="school" value="<?php if (isset($school)) echo $school ?>" /></td>
			</tr>
			<tr>
				<td><label id="class_label" for="class">Classe :</label></td>
				<td><select id="class" name="class">
					<option value="terminale">Terminale</option>
					<option value="premiere">Première</option>
					<option value="seconde">Seconde ou inférieur</option>
				</select></td>
			</tr>
            <tr>
                <td><label id="responsible_name_label" for="responsible_name">Nom du responsable légal :</label></td>
                <td><input type="text" id="responsible_name" name="responsible_name" value="<?php if (isset($responsible_name)) echo $responsible_name ?>" /></td>
            </tr>
            <tr>
                <td><label id="responsible_phone_label" for="responsible_phone">Téléphone du responsable légal :</label></td>
                <td><input type="text" id="responsible_phone" name="responsible_phone" value="<?php if (isset($responsible_phone)) echo $responsible_phone ?>" /></td>
            </tr>
            <tr>
                <td><label id="responsible_email_label" for="responsible_email">Email du responsable légal :</label></td>
                <td><input type="text" id="responsible_email" name="responsible_email" value="<?php if (isset($responsible_email)) echo $responsible_email ?>" /></td>
            </tr>
			<tr>
				<td><label id="description_label" for="description">Description :</label></td>
				<td><textarea id="description" name="description"><?php if (isset($description)) echo $description ?></textarea></td>
			</tr>
			<tr>
				<td colspan="2"><input type="submit" /></td>
			</tr>
		</table>
	</form>

<script>
    function selectRole() {
        switch (document.getElementById("role").value) {
            case "participant":
                document.getElementById("school_label").style.display = "block";
                document.getElementById("school").style.display = "block";
                document.getElementById("class_label").style.display = "block";
                document.getElementById("class").style.display = "block";
                document.getElementById("responsible_name_label").style.display = "block";
                document.getElementById("responsible_name").style.display = "block";
                document.getElementById("responsible_phone_label").style.display = "block";
                document.getElementById("responsible_phone").style.display = "block";
                document.getElementById("responsible_email_label").style.display = "block";
                document.getElementById("responsible_email").style.display = "block";
                document.getElementById("description_label").style.display = "none";
                document.getElementById("description").style.display = "none";
                break;
            case "encadrant":
                document.getElementById("school_label").style.display = "none";
                document.getElementById("school").style.display = "none";
                document.getElementById("class_label").style.display = "none";
                document.getElementById("class").style.display = "none";
                document.getElementById("responsible_name_label").style.display = "none";
                document.getElementById("responsible_name").style.display = "none";
                document.getElementById("responsible_phone_label").style.display = "none";
                document.getElementById("responsible_phone").style.display = "none";
                document.getElementById("responsible_email_label").style.display = "none";
                document.getElementById("responsible_email").style.display = "none";
                document.getElementById("description_label").style.display = "block";
                document.getElementById("description").style.display = "block";
                break;
        }
    }

    selectRole();
</script>

<?php include "footer.php" ?>

<?php } ?>
Initial commit 2019-08-21 20:56:46 +00:00			`<?php`

			`include 'config.php';`

			`if (isset($_POST["submitted"])) {`
			`$error_message = register();`
			`}`

			`function register() {`
			`global $DB, $YEAR, $URL_BASE, $MAIL_ADDRESS;`

			`$email = strtolower(htmlspecialchars($_POST["email"]));`

			`if (!filter_var($email, FILTER_VALIDATE_EMAIL))`
			`return "L'email entrée est invalide.";`

			$result = $DB->query("SELECT `email` FROM `users` WHERE `email` = '" . $email . "' AND `year` = '$YEAR';");
			`if ($result->fetch())`
			`return "Un compte existe déjà avec cette adresse e-mail.";`

			`$password = htmlspecialchars($_POST["password"]);`
			`if (strlen($password) < 8)`
			`return "Le mot de passe doit comporter au moins 8 caractères.";`
			`if ($password != $_POST["confirm_password"])`
			`return "Les deux mots de passe sont différents.";`

			`$password = password_hash($password, PASSWORD_BCRYPT);`

			`$surname = strtoupper(htmlspecialchars($_POST["surname"]));`
			`if (!isset($surname) \|\| $surname == "")`
			`return "Le nom de famille est obligatoire.";`

			`$firstname = htmlspecialchars($_POST["firstname"]);`
			`if (!isset($surname) \|\| $surname == "")`
			`return "Le prénom est obligatoire.";`

			`$birth_date = date_parse_from_format("yyyy-mm-dd", htmlspecialchars($_POST["birth_date"]));`

			`if ($birth_date === FALSE)`
			`return "La date de naissance est invalide.";`

			`if (htmlspecialchars($_POST["birth_date"]) >= $YEAR . "-01-01")`
			`return "Vous devez avoir un âge strictement positif. Date de naissance rentrée : " . htmlspecialchars($_POST["birth_date"]);`

			`$gender = htmlspecialchars($_POST["gender"]);`

			`if (!isset($gender) \|\| ($gender != "M" && $gender != "F"))`
			`return "Le sexe indiqué est invalide.";`

			`$address = htmlspecialchars($_POST["address"]);`

			`if (!isset($address))`
			`$address = "";`

			`try {`
			`$postal_code = intval($_POST["postal_code"]);`
			`if ($postal_code < 1000 \|\| $postal_code > 95999)`
			`return "Le code postal est invalide.";`
			`}`
			`catch (Exception $ex) {`
			`return "Le code postal n'est pas un nombre valide.";`
			`}`

			`$city = htmlspecialchars($_POST["city"]);`

			`if (!isset($city))`
			`$city = "";`

			`$country = htmlspecialchars($_POST["country"]);`

			`if (!isset($country))`
			`$country = "France";`

			`$phone_number = htmlspecialchars($_POST["phone_number"]);`

			`if (!isset($phone_number) \|\| $phone_number == "")`
			`return "Vous devez renseigner un numéro de téléphone.";`

			`$role = htmlspecialchars($_POST["role"]);`

			`if (!isset($role) \|\| ($role != "participant" && $role != "encadrant"))`
			`return "Le rôle entré n'est pas valide.";`

			`$role = strtoupper($role);`

			`$school = htmlspecialchars($_POST["school"]);`
			`$class = strtoupper(htmlspecialchars($_POST["class"]));`
			`$responsible_name = htmlspecialchars($_POST["responsible_name"]);`
			`$responsible_phone = htmlspecialchars($_POST["responsible_phone"]);`
			`$responsible_email = htmlspecialchars($_POST["responsible_email"]);`

			`if ($role == "ENCADRANT") {`
			`$school = NULL;`
			`$class = NULL;`
			`$responsible_name = NULL;`
			`$responsible_phone = NULL;`
			`$responsible_email = NULL;`
			`}`
			`else {`
			`if (!isset($class) && $class != "TERMINALE" && $class != "PREMIERE" && $class != "SECONDE")`
			`return "La classe spécifiée est invalide. Merci de ne pas créer vos propres requêtes.";`

			`if ((!isset($responsible_name) \|\| $responsible_name == "") && $birth_date > strval($YEAR - 18) . "-05-01")`
			`return "Veuillez spécifier un nom de responsable légal.";`

			`if ((!isset($responsible_phone) \|\| $responsible_phone == "") && (!isset($responsible_email) \|\| !filter_var($responsible_email, FILTER_VALIDATE_EMAIL))`
			`&& $birth_date > strval($YEAR - 18) . "-05-01")`
			`return "Veuillez préciser au moins le numéro de téléphone ou l'addresse e-mail de votre responsable légal.";`
			`}`

			`$description = $_POST["description"];`

			`if ($role == "PARTICIPANT")`
			`$description = NULL;`

			`$confirm_email_uid = uniqid();`

			$req = $DB->prepare("INSERT INTO `users`(`email`, `pwd_hash`, `confirm_email`, `surname`, `first_name`, `birth_date`, `gender`,
			`address`, `postal_code`, `city`, `country`, `phone_number`, `school`, `class`, `role`, `description`, `year`)
			`VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);");`
			`$req->execute([$email, $password, $confirm_email_uid, $surname, $firstname, $_POST["birth_date"], $gender, $address, $postal_code,`
			`$city, $country, $phone_number, $school, $class, $role, $description, $YEAR]);`

			`$msg = "Merci pour votre inscription au TFJM² $YEAR ! Veuillez désormais confirmer votre adresse mail en cliquant ici : $URL_BASE/confirmer_mail/$confirm_email_uid";`
			`mail($email, "Inscription au TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n");`

			`return false;`
			`}`

			`?>`

			`<?php include "header.php" ?>`

			`<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>`

			`<?php`
			`if (isset($error_message) && $error_message === FALSE) {`
			`?>`
			`Votre inscription est validée ! Merci désormais de confirmer votre boîte mail pour valider votre adresse.`
			`<?php } else if (isset($_SESSION["user_id"])) { ?>`

			`<h2>Vous êtes déjà connecté !</h2>`

			`<?php } else { ?>`

			`<form method="POST">`
			`<input type="hidden" name="submitted" value="true" />`
			`<table style="width: 90%;">`
			`<tr>`
			`<td><label for="email">E-mail :</label></td>`
			`<td><input type="email" id="email" name="email" value="<?php if (isset($email)) echo $email ?>" /></td>`
			`</tr>`
			`<tr>`
			`<td><label for="password">Mot de passe :</label></td>`
			`<td><input type="password" id="password" name="password" /></td>`
			`</tr>`
			`<tr>`
			`<td><label for="confirm_password">Confirmer le mot de passe :</label></td>`
			`<td><input type="password" id="confirm_password" name="confirm_password" /></td>`
			`</tr>`
			`<tr>`
			`<td><label for="surname">Nom :</label></td>`
			`<td><input type="text" id="surname" name="surname" value="<?php if (isset($surname)) echo $surname ?>" /></td>`
			`</tr>`
			`<tr>`
			`<td><label for="firstname">Prénom :</label></td>`
			`<td><input type="text" id="firstname" name="firstname" value="<?php if (isset($firstname)) echo $firstname ?>" /></td>`
			`</tr>`
			`<tr>`
			`<td><label for="birth_date">Date de naissance :</label></td>`
			`<td><input type="date" id="birth_date" name="birth_date" value="<?php if (isset($birth_date)) echo $_POST["birth-date"] ?>" /></td>`
			`</tr>`
			`<tr>`
			`<td><label for="gender">Sexe :</label></td>`
			`<td><input type="radio" id="male" name="gender" value="M" /><label for="male">Homme</label>`
			`<input type="radio" id="female" name="gender" value="F" /><label for="female">Femme</label></td>`
			`</tr>`
			`<tr>`
			`<td><label for="address">Adresse :</label></td>`
			`<td><input type="text" id="address" name="address" value="<?php if (isset($address)) echo $address ?>" /></td>`
			`</tr>`
			`<tr>`
			`<td><label for="postal_code">Code postal :</label></td>`
			`<td><input type="number" id="postal_code" name="postal_code" value="<?php if (isset($postal_code)) echo $postal_code ?>" min="1000" max="95999" /></td>`
			`</tr>`
			`<tr>`
			`<td><label for="city">Ville :</label></td>`
			`<td><input type="text" id="city" name="city" value="<?php if (isset($city)) echo $city ?>" /></td>`
			`</tr>`
			`<tr>`
			`<td><label for="country">Pays :</label></td>`
			`<td><input type="text" id="country" name="country" value="<?php echo isset($country) ? $country : "France" ?>" /></td>`
			`</tr>`
			`<tr>`
			`<td><label for="phone_number">Numéro de téléphone :</label></td>`
			`<td><input type="text" id="phone_number" name="phone_number" value="<?php if (isset($phone_number)) echo $phone_number ?>" /></td>`
			`</tr>`
			`<tr>`
			`<td><label for="role">Rôle :</label></td>`
			`<td><select id="role" name="role" onchange="selectRole()">`
			`<option value="participant">Participant</option>`
			`<option value="encadrant">Encadrant</option>`
			`</select></td>`
			`</tr>`
			`<tr>`
			`<td><label id="school_label" for="school">Établissement dans lequel l'élève étudie :</label></td>`
			`<td><input type="text" id="school" name="school" value="<?php if (isset($school)) echo $school ?>" /></td>`
			`</tr>`
			`<tr>`
			`<td><label id="class_label" for="class">Classe :</label></td>`
			`<td><select id="class" name="class">`
			`<option value="terminale">Terminale</option>`
			`<option value="premiere">Première</option>`
			`<option value="seconde">Seconde ou inférieur</option>`
			`</select></td>`
			`</tr>`
			`<tr>`
			`<td><label id="responsible_name_label" for="responsible_name">Nom du responsable légal :</label></td>`
			`<td><input type="text" id="responsible_name" name="responsible_name" value="<?php if (isset($responsible_name)) echo $responsible_name ?>" /></td>`
			`</tr>`
			`<tr>`
			`<td><label id="responsible_phone_label" for="responsible_phone">Téléphone du responsable légal :</label></td>`
			`<td><input type="text" id="responsible_phone" name="responsible_phone" value="<?php if (isset($responsible_phone)) echo $responsible_phone ?>" /></td>`
			`</tr>`
			`<tr>`
			`<td><label id="responsible_email_label" for="responsible_email">Email du responsable légal :</label></td>`
			`<td><input type="text" id="responsible_email" name="responsible_email" value="<?php if (isset($responsible_email)) echo $responsible_email ?>" /></td>`
			`</tr>`
			`<tr>`
			`<td><label id="description_label" for="description">Description :</label></td>`
			`<td><textarea id="description" name="description"><?php if (isset($description)) echo $description ?></textarea></td>`
			`</tr>`
			`<tr>`
			`<td colspan="2"><input type="submit" /></td>`
			`</tr>`
			`</table>`
			`</form>`

			`<script>`
			`function selectRole() {`
			`switch (document.getElementById("role").value) {`
			`case "participant":`
			`document.getElementById("school_label").style.display = "block";`
			`document.getElementById("school").style.display = "block";`
			`document.getElementById("class_label").style.display = "block";`
			`document.getElementById("class").style.display = "block";`
			`document.getElementById("responsible_name_label").style.display = "block";`
			`document.getElementById("responsible_name").style.display = "block";`
			`document.getElementById("responsible_phone_label").style.display = "block";`
			`document.getElementById("responsible_phone").style.display = "block";`
			`document.getElementById("responsible_email_label").style.display = "block";`
			`document.getElementById("responsible_email").style.display = "block";`
			`document.getElementById("description_label").style.display = "none";`
			`document.getElementById("description").style.display = "none";`
			`break;`
			`case "encadrant":`
			`document.getElementById("school_label").style.display = "none";`
			`document.getElementById("school").style.display = "none";`
			`document.getElementById("class_label").style.display = "none";`
			`document.getElementById("class").style.display = "none";`
			`document.getElementById("responsible_name_label").style.display = "none";`
			`document.getElementById("responsible_name").style.display = "none";`
			`document.getElementById("responsible_phone_label").style.display = "none";`
			`document.getElementById("responsible_phone").style.display = "none";`
			`document.getElementById("responsible_email_label").style.display = "none";`
			`document.getElementById("responsible_email").style.display = "none";`
			`document.getElementById("description_label").style.display = "block";`
			`document.getElementById("description").style.display = "block";`
			`break;`
			`}`
			`}`

			`selectRole();`
			`</script>`

			`<?php include "footer.php" ?>`

			`<?php } ?>`