plateforme-tfjm2/server_files/controllers/mon_equipe.php

<?php

if (isset($_POST["leave_team"])) {
	quitTeam();
	exit();
}

$tournaments = Tournament::getAllTournaments(false, true);

if (isset($_POST["send_document"])) {
	$error_message = sendDocument();
}

if (isset($_POST["request_validation"])) {
	if (!checkCanValidate())
		$error_message = "Votre équipe ne peut pas demander la validation : il manque soit des participants, soit des documents.";
	else
		$_SESSION["team"]->setValidationStatus(ValidationStatus::WAITING);
}

if (isset($_SESSION["user_id"]) && isset($_SESSION["team"]) && $_SESSION["team"] !== null) {
	/**
	 * @var User $user
	 * @var Team $team
	 */
	$user = $_SESSION["user"];
	$team = $_SESSION["team"];

	$tournament = Tournament::fromId($team->getTournamentId());
	$documents = $user->getAllDocuments($team->getTournamentId());
	if ($team->isSelectedForFinal())
		$documents_final = $user->getAllDocuments($FINAL->getId());
}
else
    require_once "server_files/403.php";

if (isset($_POST["team_edit"])) {
	$error_message = updateTeam();
}

function sendDocument()
{
	global $LOCAL_PATH, $DB, $FINAL;
	
	$type = strtoupper(htmlspecialchars($_POST["type"]));
	if (!isset($type) || ($type != "PARENTAL_CONSENT" && $type != "PHOTO_CONSENT" && $type != "SANITARY_PLUG"))
		return "Le type de document est invalide. Merci de ne pas formuler vos propres requêtes.";
	
	$file = $_FILES["document"];
	
	if ($file["size"] > 5000000 || $file["error"])
		return "Une erreur est survenue. Merci de vérifier que le fichier pèse moins que 5 Mo.";
	
	if (finfo_file(finfo_open(FILEINFO_MIME_TYPE), $file["tmp_name"]) != 'application/pdf')
		return "Le fichier doit être au format PDF.";
	
	if (!is_dir("$LOCAL_PATH/files") && !mkdir("$LOCAL_PATH/files"))
		return "Les droits sont insuffisants. Veuillez contacter l'administrateur du serveur.";

	do
		$id = genRandomPhrase(64);
	while (file_exists("$LOCAL_PATH/files/$id"));
	
	if (!rename($file["tmp_name"], "$LOCAL_PATH/files/$id"))
		return "Une erreur est survenue lors de l'envoi du fichier.";
	
	$req = $DB->prepare("INSERT INTO `documents`(`file_id`, `user`, `team`, `tournament`, `type`)
                VALUES (?, ?, ?, ?, ?);");
	$req->execute([$id, $_SESSION["user_id"], $_SESSION["team"]->getId(), $_SESSION["team"]->isSelectedForFinal() ? $FINAL->getId() : $_SESSION["team"]->getTournamentId(), $type]);
	
	return false;
}

function updateTeam()
{
	global $DB, $YEAR, $URL_BASE, $team;

	$name = htmlspecialchars($_POST["name"]);
	
	if (!isset($name) || $name == "")
		return "Vous devez spécifier un nom d'équipe.";

	$result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `id` != " . $team->getId() . " AND `year` = '$YEAR';");
	if ($result->fetch())
		return "Une équipe existe déjà avec ce nom.";
	
	$trigram = strtoupper(htmlspecialchars($_POST["trigram"]));
	
	if (!preg_match("#^[A-Z][A-Z][A-Z]$#", $trigram))
		return "Le trigramme entré n'est pas valide.";
	
	$result = $DB->query("SELECT `id` FROM `teams` WHERE `trigram` = '" . $trigram . "' AND `id` != '" . $team->getId() . "' AND `year` = '$YEAR';");
	if ($result->fetch())
		return "Une équipe a déjà choisi ce trigramme.";
	
	$tournament_id = intval(htmlspecialchars($_POST["tournament"]));
	$tournament = Tournament::fromId($tournament_id);
	if ($tournament === null)
		return "Le tournoi spécifié n'existe pas.";

	$team->setName($name);
	$team->setTrigram($trigram);
	$team->setTournamentId($tournament_id);
	$_SESSION["tournament"] = $tournament;
	
	header("Location: $URL_BASE/mon_equipe");
	
	return false;
}

function checkCanValidate()
{
	global $DB, $team, $tournament, $YEAR;

	$can_validate = $team->getValidationStatus() == ValidationStatus::NOT_READY;
	$can_validate &= $team->getEncadrants()[0] != NULL;
	$can_validate &= $team->getParticipants()[3] != NULL;
	for ($i = 1; $i <= 2; ++$i) {
		if ($team->getEncadrants()[$i - 1] === NULL)
			continue;
		
		$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
		$req->execute([$team->getEncadrants()[$i - 1], "PHOTO_CONSENT"]);
		$d = $req->fetch();
		$can_validate &= $d["version"] > 0;
		
		$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
		$req->execute([$team->getEncadrants()[$i - 1], "SANITARY_PLUG"]);
		$d = $req->fetch();
		$can_validate &= $d["version"] > 0;
	}
	for ($i = 1; $i <= 6; ++$i) {
		if ($team->getParticipants()[$i] === NULL)
			continue;
		
		$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
		$req->execute([$team->getParticipants()[$i], "PHOTO_CONSENT"]);
		$d = $req->fetch();
		$can_validate &= $d["version"] > 0;
		
		$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
		$req->execute([$team->getParticipants()[$i], "SANITARY_PLUG"]);
		$d = $req->fetch();
		$can_validate &= $d["version"] > 0;
		
		$birth_date = $DB->query("SELECT `birth_date` FROM `users` WHERE `id` = " . $team->getParticipants()[$i] . ";")->fetch()["birth_date"];
		if ($birth_date > strval($YEAR - 18) . substr($tournament->getStartDate(), 4)) {
			$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
			$req->execute([$team->getParticipants()[$i], "PARENTAL_CONSENT"]);
			$d = $req->fetch();
			$can_validate &= $d["version"] > 0;
		}
	}
	
	return $can_validate;
}

require_once "server_files/views/mon_equipe.php";
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`<?php`

			`if (isset($_POST["leave_team"])) {`
			`quitTeam();`
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`exit();`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`}`

Améliorations du code 2019-09-07 23:35:05 +00:00			`$tournaments = Tournament::getAllTournaments(false, true);`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00
			`if (isset($_POST["send_document"])) {`
			`$error_message = sendDocument();`
			`}`

			`if (isset($_POST["request_validation"])) {`
			`if (!checkCanValidate())`
			`$error_message = "Votre équipe ne peut pas demander la validation : il manque soit des participants, soit des documents.";`
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`else`
			`$_SESSION["team"]->setValidationStatus(ValidationStatus::WAITING);`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`}`

Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`if (isset($_SESSION["user_id"]) && isset($_SESSION["team"]) && $_SESSION["team"] !== null) {`
Améliorations du code 2019-09-07 23:35:05 +00:00			`/**`
			`* @var User $user`
			`* @var Team $team`
			`*/`
			`$user = $_SESSION["user"];`
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`$team = $_SESSION["team"];`

			`$tournament = Tournament::fromId($team->getTournamentId());`
Améliorations du code 2019-09-07 23:35:05 +00:00			`$documents = $user->getAllDocuments($team->getTournamentId());`
			`if ($team->isSelectedForFinal())`
			`$documents_final = $user->getAllDocuments($FINAL->getId());`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`}`
			`else`
Utilisation d'un dispatcher pour gérer les redirections 2019-09-07 11:42:36 +00:00			`require_once "server_files/403.php";`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00
			`if (isset($_POST["team_edit"])) {`
			`$error_message = updateTeam();`
			`}`

			`function sendDocument()`
			`{`
Améliorations du code 2019-09-07 23:35:05 +00:00			`global $LOCAL_PATH, $DB, $FINAL;`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00
			`$type = strtoupper(htmlspecialchars($_POST["type"]));`
			`if (!isset($type) \|\| ($type != "PARENTAL_CONSENT" && $type != "PHOTO_CONSENT" && $type != "SANITARY_PLUG"))`
			`return "Le type de document est invalide. Merci de ne pas formuler vos propres requêtes.";`

			`$file = $_FILES["document"];`

			`if ($file["size"] > 5000000 \|\| $file["error"])`
			`return "Une erreur est survenue. Merci de vérifier que le fichier pèse moins que 5 Mo.";`

			`if (finfo_file(finfo_open(FILEINFO_MIME_TYPE), $file["tmp_name"]) != 'application/pdf')`
			`return "Le fichier doit être au format PDF.";`

			`if (!is_dir("$LOCAL_PATH/files") && !mkdir("$LOCAL_PATH/files"))`
			`return "Les droits sont insuffisants. Veuillez contacter l'administrateur du serveur.";`
Amélioration du code de la page de connexion 2019-09-08 22:41:52 +00:00
			`do`
			`$id = genRandomPhrase(64);`
			`while (file_exists("$LOCAL_PATH/files/$id"));`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00
			`if (!rename($file["tmp_name"], "$LOCAL_PATH/files/$id"))`
			`return "Une erreur est survenue lors de l'envoi du fichier.";`

			$req = $DB->prepare("INSERT INTO `documents`(`file_id`, `user`, `team`, `tournament`, `type`)
			`VALUES (?, ?, ?, ?, ?);");`
Améliorations du code 2019-09-07 23:35:05 +00:00			`$req->execute([$id, $_SESSION["user_id"], $_SESSION["team"]->getId(), $_SESSION["team"]->isSelectedForFinal() ? $FINAL->getId() : $_SESSION["team"]->getTournamentId(), $type]);`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00
			`return false;`
			`}`

			`function updateTeam()`
			`{`
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`global $DB, $YEAR, $URL_BASE, $team;`

Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`$name = htmlspecialchars($_POST["name"]);`

			`if (!isset($name) \|\| $name == "")`
			`return "Vous devez spécifier un nom d'équipe.";`
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00
			$result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `id` != " . $team->getId() . " AND `year` = '$YEAR';");
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`if ($result->fetch())`
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`return "Une équipe existe déjà avec ce nom.";`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00
			`$trigram = strtoupper(htmlspecialchars($_POST["trigram"]));`

			`if (!preg_match("#^[A-Z][A-Z][A-Z]$#", $trigram))`
			`return "Le trigramme entré n'est pas valide.";`

Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			$result = $DB->query("SELECT `id` FROM `teams` WHERE `trigram` = '" . $trigram . "' AND `id` != '" . $team->getId() . "' AND `year` = '$YEAR';");
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`if ($result->fetch())`
			`return "Une équipe a déjà choisi ce trigramme.";`

			`$tournament_id = intval(htmlspecialchars($_POST["tournament"]));`
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`$tournament = Tournament::fromId($tournament_id);`
			`if ($tournament === null)`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`return "Le tournoi spécifié n'existe pas.";`
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00
			`$team->setName($name);`
			`$team->setTrigram($trigram);`
			`$team->setTournamentId($tournament_id);`
			`$_SESSION["tournament"] = $tournament;`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00
			`header("Location: $URL_BASE/mon_equipe");`

			`return false;`
			`}`

			`function checkCanValidate()`
			`{`
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`global $DB, $team, $tournament, $YEAR;`

			`$can_validate = $team->getValidationStatus() == ValidationStatus::NOT_READY;`
			`$can_validate &= $team->getEncadrants()[0] != NULL;`
			`$can_validate &= $team->getParticipants()[3] != NULL;`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`for ($i = 1; $i <= 2; ++$i) {`
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`if ($team->getEncadrants()[$i - 1] === NULL)`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`continue;`

			$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`$req->execute([$team->getEncadrants()[$i - 1], "PHOTO_CONSENT"]);`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`$d = $req->fetch();`
			`$can_validate &= $d["version"] > 0;`

			$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`$req->execute([$team->getEncadrants()[$i - 1], "SANITARY_PLUG"]);`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`$d = $req->fetch();`
			`$can_validate &= $d["version"] > 0;`
			`}`
			`for ($i = 1; $i <= 6; ++$i) {`
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`if ($team->getParticipants()[$i] === NULL)`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`continue;`

			$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`$req->execute([$team->getParticipants()[$i], "PHOTO_CONSENT"]);`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`$d = $req->fetch();`
			`$can_validate &= $d["version"] > 0;`

			$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`$req->execute([$team->getParticipants()[$i], "SANITARY_PLUG"]);`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`$d = $req->fetch();`
			`$can_validate &= $d["version"] > 0;`

Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			$birth_date = $DB->query("SELECT `birth_date` FROM `users` WHERE `id` = " . $team->getParticipants()[$i] . ";")->fetch()["birth_date"];
			`if ($birth_date > strval($YEAR - 18) . substr($tournament->getStartDate(), 4)) {`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
Utilisation des nouvelles classes, amélioration du code 2019-09-06 23:33:05 +00:00			`$req->execute([$team->getParticipants()[$i], "PARENTAL_CONSENT"]);`
Séparation vue et contrôleur 2019-09-06 11:48:50 +00:00			`$d = $req->fetch();`
			`$can_validate &= $d["version"] > 0;`
			`}`
			`}`

			`return $can_validate;`
			`}`

Utilisation d'un dispatcher pour gérer les redirections 2019-09-07 11:42:36 +00:00			`require_once "server_files/views/mon_equipe.php";`