diff --git a/.htaccess b/.htaccess index f11ae5e..f69d89c 100644 --- a/.htaccess +++ b/.htaccess @@ -7,30 +7,30 @@ RewriteEngine On RewriteOptions Inherit RewriteBase /tfjm RewriteRule index.html accueil [L] -RewriteRule ^accueil$ server_files/index.php [L] -RewriteRule ^ajouter_equipe$ server_files/ajouter_equipe.php [L] -RewriteRule ^ajouter_organisateur$ server_files/ajouter_organisateur.php [L] -RewriteRule ^ajouter_tournoi$ server_files/ajouter_tournoi.php [L] -RewriteRule ^confirmer_mail/(.*?)$ server_files/confirmer_mail.php?token=$1 [L] -RewriteRule ^connexion$ server_files/connexion.php [L] -RewriteRule ^connexion/reinitialiser_mdp/(.*?)$ server_files/connexion.php?reset_password&token=$1 [L] -RewriteRule ^connexion/(.*?)$ server_files/connexion.php?$1 [L] -RewriteRule ^deconnexion$ server_files/deconnexion.php [L] -RewriteRule ^equipe/(.*?)$ server_files/equipe.php?trigram=$1 [L] -RewriteRule ^file/(.*?)$ server_files/view_file.php?file_id=$1 [L] -RewriteRule ^informations/(.*?)/.*?$ server_files/informations.php?id=$1 [L] -RewriteRule ^inscription$ server_files/inscription.php [L] -RewriteRule ^mon_compte$ server_files/mon_compte.php [L] -RewriteRule ^mon_equipe/(.*?)$ server_files/mon_equipe.php?$1 [L] -RewriteRule ^mon_equipe$ server_files/mon_equipe.php [L] -RewriteRule ^rejoindre_equipe$ server_files/rejoindre_equipe.php [L] -RewriteRule ^solutions$ server_files/solutions.php [L] -RewriteRule ^solutions_orga$ server_files/solutions_orga.php [L] -RewriteRule ^syntheses$ server_files/syntheses.php [L] -RewriteRule ^syntheses_orga$ server_files/syntheses_orga.php [L] -RewriteRule ^tournoi/(.*?)/(.*?)$ server_files/tournoi.php?nom=$1&$2 [L] -RewriteRule ^tournoi/(.*?)$ server_files/tournoi.php?nom=$1 [L] -RewriteRule ^tournois$ server_files/tournois.php [L] +RewriteRule ^accueil$ server_files/controllers/index.php [L] +RewriteRule ^ajouter_equipe$ server_files/controllers/ajouter_equipe.php [L] +RewriteRule ^ajouter_organisateur$ server_files/controllers/ajouter_organisateur.php [L] +RewriteRule ^ajouter_tournoi$ server_files/controllers/ajouter_tournoi.php [L] +RewriteRule ^confirmer_mail/(.*?)$ server_files/controllers/confirmer_mail.php?token=$1 [L] +RewriteRule ^connexion$ server_files/controllers/connexion.php [L] +RewriteRule ^connexion/reinitialiser_mdp/(.*?)$ server_files/controllers/connexion.php?reset_password&token=$1 [L] +RewriteRule ^connexion/(.*?)$ server_files/controllers/connexion.php?$1 [L] +RewriteRule ^deconnexion$ server_files/controllers/deconnexion.php [L] +RewriteRule ^equipe/(.*?)$ server_files/controllers/equipe.php?trigram=$1 [L] +RewriteRule ^file/(.*?)$ server_files/controllers/view_file.php?file_id=$1 [L] +RewriteRule ^informations/(.*?)/.*?$ server_files/controllers/informations.php?id=$1 [L] +RewriteRule ^inscription$ server_files/controllers/inscription.php [L] +RewriteRule ^mon_compte$ server_files/controllers/mon_compte.php [L] +RewriteRule ^mon_equipe/(.*?)$ server_files/controllers/mon_equipe.php?$1 [L] +RewriteRule ^mon_equipe$ server_files/controllers/mon_equipe.php [L] +RewriteRule ^rejoindre_equipe$ server_files/controllers/rejoindre_equipe.php [L] +RewriteRule ^solutions$ server_files/controllers/solutions.php [L] +RewriteRule ^solutions_orga$ server_files/controllers/solutions_orga.php [L] +RewriteRule ^syntheses$ server_files/controllers/syntheses.php [L] +RewriteRule ^syntheses_orga$ server_files/controllers/syntheses_orga.php [L] +RewriteRule ^tournoi/(.*?)/(.*?)$ server_files/controllers/tournoi.php?nom=$1&$2 [L] +RewriteRule ^tournoi/(.*?)$ server_files/controllers/tournoi.php?nom=$1 [L] +RewriteRule ^tournois$ server_files/controllers/tournois.php [L] RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\ /tfjm/server_files.*? [NC] RewriteRule ^server_files.*?$ - [R=404] diff --git a/server_files/403.php b/server_files/403.php index 427856f..51e6852 100644 --- a/server_files/403.php +++ b/server_files/403.php @@ -1,12 +1,12 @@ Vous n'êtes pas autorisé à accéder à cette page."; -require_once "footer.php"; +require_once "views/footer.php"; exit(); \ No newline at end of file diff --git a/server_files/404.php b/server_files/404.php index a02d434..9fc419b 100644 --- a/server_files/404.php +++ b/server_files/404.php @@ -1,12 +1,12 @@ Cette page n'existe pas."; -require_once "footer.php"; +require_once "views/footer.php"; exit(); \ No newline at end of file diff --git a/server_files/ajouter_organisateur.php b/server_files/ajouter_organisateur.php deleted file mode 100644 index c3950e5..0000000 --- a/server_files/ajouter_organisateur.php +++ /dev/null @@ -1,124 +0,0 @@ -prepare("SELECT `id` FROM `users` WHERE `email` = ? AND `year` = '$YEAR';"); - $req->execute([$email]); - if ($req->fetch() !== FALSE) - return "Cette adresse e-mail est déjà utilisée."; - - $alphabet = "0123456789abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; - $password = ""; - for ($i = 0; $i < 16; ++$i) - $password .= $alphabet[rand(0, strlen($alphabet) - 1)]; - $hash = password_hash($password, PASSWORD_BCRYPT); - - $req = $DB->prepare("INSERT INTO `users`(`email`, `pwd_hash`, `surname`, `first_name`, `role`, `year`) - VALUES (?, ?, ?, ?, ?, ?);"); - $req->execute([$email, $hash, $surname, $first_name, $admin ? "ADMIN" : "ORGANIZER", $YEAR]); - - $msg = "Bonjour " . $first_name . " " . $surname . ",\r\n\r\n" - . "Vous recevez ce message (envoyé automatiquement) car vous êtes organisateur d'un des tournois du TFJM². " - . "Veuillez trouver ci-dessous vos informations d'utilisateur pour le site officiel des inscriptions. " - . "Elles vous permettront de gérer les inscriptions des équipes de votre tournoi.\r\n\r\n" - . "Votre mot de passe est : $password\r\n\r\n" - . "Notez bien que ce mot de passe est temporaire, et pour des raisons de sécurité vous devrez le changer " - . "lors de votre prochaine connexion sur le site.\r\n\r\n" - . "Merci beaucoup pour votre aide !\r\n\r\n" - . "Les organisateurs du TFJM²"; - - mail($email, "Organisateur du TFJM²", $msg, "From: $MAIL_ADDRESS\r\n"); - - return false; -} - -?> - - - - -

Vous n'êtes pas autorisé à accéder à cette page.

- - - Erreur : " . $error_message . ""; - } else { - echo "

Organisateur ajouté avec succès ! Ses identifiants ont été transmis par mail.

"; - } - }?> - -
- - - - - - - - - - - - - - - - - - - - - - - -
- - - -
- - - -
- - - -
- - - -
- -
-
- - - - diff --git a/server_files/ajouter_tournoi.php b/server_files/ajouter_tournoi.php deleted file mode 100644 index 4ab7e02..0000000 --- a/server_files/ajouter_tournoi.php +++ /dev/null @@ -1,244 +0,0 @@ -query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE (`role` = 'ORGANIZER' OR `role` = 'ADMIN') AND `year` = '$YEAR';"); - -if (isset($_POST["submitted"])) { - $error_message = registerTournament(); -} - -function registerTournament() { - global $DB, $YEAR, $MAIL_ADDRESS; - - $name = htmlspecialchars($_POST["name"]); - - $result = $DB->query("SELECT `id` FROM `tournaments` WHERE `name` = '" . $name . "' AND `year` = '$YEAR';"); - if ($result->fetch()) - return "Un tournoi existe déjà avec ce nom."; - - if (!isset($_POST["organizer"]) || sizeof($_POST["organizer"]) == 0) - return "Aucun organisateur n'a été choisi."; - - $organizers = $_POST["organizer"]; - $orga_mails = []; - - foreach ($organizers as $orga) { - $result = $DB->query("SELECT `role`, `email` FROM `users` WHERE `id` = '" . $orga . "' AND `year` = '$YEAR';"); - $data = $result->fetch(); - if ($data === FALSE) - return "L'organisateur spécifié n'existe pas."; - if ($data["role"] != "ORGANIZER" && $data["role"] != "ADMIN") - return "L'organisateur indiqué ne peut pas organiser de tournoi."; - $orga_mails[] = $data["email"]; - } - - try { - $size = intval(htmlspecialchars($_POST["size"])); - } - catch (Exception $ex) { - return "Le nombre d'équipes indiqué n'est pas un entier valide."; - } - - if ($size < 3 || $size > 12) - return "Un tournoi doit comporter entre 3 et 12 équipes."; - - $place = htmlspecialchars($_POST["place"]); - - try { - $price = intval(htmlspecialchars($_POST["price"])); - } - catch (Throwable $t) { - return "Le tarif pour les participants n'est pas un nombre valide."; - } - - if ($price < 0) - return "Le TFJM² ne va pas payer les élèves pour venir."; - - if ($price > 50) - return "Soyons raisonnable sur le prix."; - - $date_start = htmlspecialchars($_POST["date_start"]); - $date_start_parsed = date_parse_from_format("yyyy-mm-dd", $date_start); - - $date_end = htmlspecialchars($_POST["date_end"]); - $date_end_parsed = date_parse_from_format("yyyy-mm-dd", $date_end); - - $date_inscription = htmlspecialchars($_POST["date_inscription"]); - $time_inscription = htmlspecialchars($_POST["time_inscription"]); - $date_inscription_parsed = date_parse_from_format("yyyy-mm-dd", $date_inscription . ' ' . $time_inscription); - - $date_solutions = htmlspecialchars($_POST["date_solutions"]); - $time_solutions = htmlspecialchars($_POST["time_solutions"]); - $date_solutions_parsed = date_parse_from_format("yyyy-mm-dd", $date_solutions . ' ' . $time_solutions); - - $date_syntheses = htmlspecialchars($_POST["date_syntheses"]); - $time_syntheses = htmlspecialchars($_POST["time_syntheses"]); - $date_syntheses_parsed = date_parse_from_format("yyyy-mm-dd", $date_syntheses . ' ' . $time_syntheses); - - if (!$date_start_parsed || !$date_end_parsed || !$date_inscription_parsed || !$date_solutions_parsed || !$date_syntheses_parsed) - return "Une date est mal formée."; - - $description = htmlspecialchars($_POST["description"]); - - $final = isset($_POST["final"]) && $_POST["final"]; - - if ($final && $DB->query("SELECT `id` FROM `tournaments` WHERE `final` = true AND `year` = $YEAR;")->fetch() !== false) - return "Une finale est déjà enregistrée."; - - $req = $DB->prepare("INSERT INTO `tournaments` (`name`, `size`, `place`, `price`, `description`, - `date_start`, `date_end`, `date_inscription`, `date_solutions`, `date_syntheses`, `final`, `year`) - VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);"); - $req->execute([$name, $size, $place, $price, $description, $date_start, $date_end, - "$date_inscription $time_inscription", "$date_solutions $time_solutions", "$date_syntheses $time_syntheses", $final, $YEAR]); - - $req = $DB->query("SELECT `id` FROM `tournaments` WHERE `name` = '$name' AND `year` = $YEAR;"); - $tournament_id = $req->fetch()["id"]; - - foreach ($organizers as $orga) { - $req = $DB->prepare("INSERT INTO `organizers`(`organizer`, `tournament`) VALUES(?, ?);"); - $req->execute([$orga, $tournament_id]); - } - - foreach ($orga_mails as $orga_mail) - mail($orga_mail, "Organisateur TFJM² " . $name, "Vous venez d'être promu organisateur du tournoi " . $name . " pour le TFJM² $YEAR !", "From: $MAIL_ADDRESS"); - - return false; -} - -?> - - - - -

Vous n'êtes pas autorisé à accéder à cette page.

- - -Erreur : " . $error_message . ""; - } else { - echo "

Tournoi de " . htmlspecialchars($_POST["name"]) . " ajouté avec succès !

"; - } - }?> - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - -
- - - -
- - - -
- - - -
- - - -
- - - Du au - -
- - - - - -
- - - - - -
- - - - - -
- - - -
- - - -
- -
-
- - - - diff --git a/server_files/classes/role.php b/server_files/classes/Role.php similarity index 100% rename from server_files/classes/role.php rename to server_files/classes/Role.php diff --git a/server_files/classes/team.php b/server_files/classes/Team.php similarity index 100% rename from server_files/classes/team.php rename to server_files/classes/Team.php diff --git a/server_files/classes/tournament.php b/server_files/classes/Tournament.php similarity index 100% rename from server_files/classes/tournament.php rename to server_files/classes/Tournament.php diff --git a/server_files/classes/user.php b/server_files/classes/User.php similarity index 100% rename from server_files/classes/user.php rename to server_files/classes/User.php diff --git a/server_files/classes/validation_status.php b/server_files/classes/ValidationStatus.php similarity index 100% rename from server_files/classes/validation_status.php rename to server_files/classes/ValidationStatus.php diff --git a/server_files/config.php b/server_files/config.php index 2ee4d36..5a99caf 100644 --- a/server_files/config.php +++ b/server_files/config.php @@ -25,41 +25,8 @@ catch (Exception $ex) { } session_start(); - -if (isset($_SESSION["user_id"])) { - $response = $DB->query("SELECT * FROM `users` WHERE `id` ='" . $_SESSION["user_id"] . "' AND `year` = '$YEAR';"); - $data = $response->fetch(); - if ($data === FALSE) - unset($_SESSION["user_id"]); - else { - $_SESSION["email"] = $data["email"]; - $_SESSION["surname"] = $data["surname"]; - $_SESSION["first_name"] = $data["first_name"]; - $_SESSION["birth_date"] = $data["birth_date"]; - $_SESSION["role"] = $data["role"]; - $_SESSION["team_id"] = $data["team_id"]; - } - - if (isset($_SESSION["user_id"]) && isset($_SESSION["team_id"]) && $_SESSION["team_id"] != NULL) { - $response = $DB->query("SELECT `tournament`, `validation_status`, `final_selection` FROM `teams` WHERE `id` ='" . $_SESSION["team_id"] . "' AND `year` = '$YEAR';"); - $data = $response->fetch(); - $_SESSION["tournament_id"] = $data["tournament"]; - $_SESSION["team_validation_status"] = $data["validation_status"]; - } - - if ((isset($data["final_selection"]) && $data["final_selection"]) || $_SESSION["role"] == "ADMIN" || $_SESSION["role"] == "ORGANIZER") { - $response = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `final` AND `year` = $YEAR;"); - $data = $response->fetch(); - $_SESSION["final_id"] = $data["id"]; - $_SESSION["final_name"] = $data["name"]; - } -} - setlocale(LC_ALL, "fr_FR.utf8"); -function echo_date($date = NULL, $with_time = false) { - if ($date == NULL) - $date = date("yyyy-mm-dd"); +require_once "model.php"; - return strftime("%d %B %G" . ($with_time ? " %H:%M" : ""), strtotime($date)); -} +loadUserValues(); \ No newline at end of file diff --git a/server_files/ajouter_equipe.php b/server_files/controllers/ajouter_equipe.php similarity index 57% rename from server_files/ajouter_equipe.php rename to server_files/controllers/ajouter_equipe.php index 7878268..b0f3272 100644 --- a/server_files/ajouter_equipe.php +++ b/server_files/controllers/ajouter_equipe.php @@ -1,6 +1,6 @@ query("SELECT `id`, `name` FROM `tournaments` WHERE `date_inscription` > CURRENT_DATE AND `year` = '$YEAR';"); @@ -62,66 +62,6 @@ function registerTeam() { return false; } -?> - - - - -

Vous devez être participant ou encadrant pour pouvoir ajouter une équipe.

- -

Vous êtes déjà dans une équipe.

- - Votre équipe a bien été créée ! Voici le code d'accès à transmettre aux autres membres de votre équipe : - - -Erreur : " . $error_message . ""; ?> - -
- - - - - - - - - - - - - - - - - - - -
- - - -
- - - -
- - - -
- -
-
- - - - +require_once "../views/header.php"; +require_once "../views/ajouter_equipe.php"; +require_once "../views/footer.php"; diff --git a/server_files/controllers/ajouter_organisateur.php b/server_files/controllers/ajouter_organisateur.php new file mode 100644 index 0000000..6c91bfe --- /dev/null +++ b/server_files/controllers/ajouter_organisateur.php @@ -0,0 +1,64 @@ +prepare("SELECT `id` FROM `users` WHERE `email` = ? AND `year` = '$YEAR';"); + $req->execute([$email]); + if ($req->fetch() !== FALSE) + return "Cette adresse e-mail est déjà utilisée."; + + $alphabet = "0123456789abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; + $password = ""; + for ($i = 0; $i < 16; ++$i) + $password .= $alphabet[rand(0, strlen($alphabet) - 1)]; + $hash = password_hash($password, PASSWORD_BCRYPT); + + $req = $DB->prepare("INSERT INTO `users`(`email`, `pwd_hash`, `surname`, `first_name`, `role`, `year`) + VALUES (?, ?, ?, ?, ?, ?);"); + $req->execute([$email, $hash, $surname, $first_name, $admin ? "ADMIN" : "ORGANIZER", $YEAR]); + + $msg = "Bonjour " . $first_name . " " . $surname . ",\r\n\r\n" + . "Vous recevez ce message (envoyé automatiquement) car vous êtes organisateur d'un des tournois du TFJM². " + . "Veuillez trouver ci-dessous vos informations d'utilisateur pour le site officiel des inscriptions. " + . "Elles vous permettront de gérer les inscriptions des équipes de votre tournoi.\r\n\r\n" + . "Votre mot de passe est : $password\r\n\r\n" + . "Notez bien que ce mot de passe est temporaire, et pour des raisons de sécurité vous devrez le changer " + . "lors de votre prochaine connexion sur le site.\r\n\r\n" + . "Merci beaucoup pour votre aide !\r\n\r\n" + . "Les organisateurs du TFJM²"; + + mail($email, "Organisateur du TFJM²", $msg, "From: $MAIL_ADDRESS\r\n"); + + return false; +} + +require_once "../views/header.php"; +require_once "../views/ajouter_organisateur.php"; +require_once "../views/footer.php"; \ No newline at end of file diff --git a/server_files/controllers/ajouter_tournoi.php b/server_files/controllers/ajouter_tournoi.php new file mode 100644 index 0000000..c323c7e --- /dev/null +++ b/server_files/controllers/ajouter_tournoi.php @@ -0,0 +1,114 @@ +query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE (`role` = 'ORGANIZER' OR `role` = 'ADMIN') AND `year` = '$YEAR';"); + +if (isset($_POST["submitted"])) { + $error_message = registerTournament(); +} + +function registerTournament() { + global $DB, $YEAR, $MAIL_ADDRESS; + + $name = htmlspecialchars($_POST["name"]); + + $result = $DB->query("SELECT `id` FROM `tournaments` WHERE `name` = '" . $name . "' AND `year` = '$YEAR';"); + if ($result->fetch()) + return "Un tournoi existe déjà avec ce nom."; + + if (!isset($_POST["organizer"]) || sizeof($_POST["organizer"]) == 0) + return "Aucun organisateur n'a été choisi."; + + $organizers = $_POST["organizer"]; + $orga_mails = []; + + foreach ($organizers as $orga) { + $result = $DB->query("SELECT `role`, `email` FROM `users` WHERE `id` = '" . $orga . "' AND `year` = '$YEAR';"); + $data = $result->fetch(); + if ($data === FALSE) + return "L'organisateur spécifié n'existe pas."; + if ($data["role"] != "ORGANIZER" && $data["role"] != "ADMIN") + return "L'organisateur indiqué ne peut pas organiser de tournoi."; + $orga_mails[] = $data["email"]; + } + + try { + $size = intval(htmlspecialchars($_POST["size"])); + } + catch (Exception $ex) { + return "Le nombre d'équipes indiqué n'est pas un entier valide."; + } + + if ($size < 3 || $size > 12) + return "Un tournoi doit comporter entre 3 et 12 équipes."; + + $place = htmlspecialchars($_POST["place"]); + + try { + $price = intval(htmlspecialchars($_POST["price"])); + } + catch (Throwable $t) { + return "Le tarif pour les participants n'est pas un nombre valide."; + } + + if ($price < 0) + return "Le TFJM² ne va pas payer les élèves pour venir."; + + if ($price > 50) + return "Soyons raisonnable sur le prix."; + + $date_start = htmlspecialchars($_POST["date_start"]); + $date_start_parsed = date_parse_from_format("yyyy-mm-dd", $date_start); + + $date_end = htmlspecialchars($_POST["date_end"]); + $date_end_parsed = date_parse_from_format("yyyy-mm-dd", $date_end); + + $date_inscription = htmlspecialchars($_POST["date_inscription"]); + $time_inscription = htmlspecialchars($_POST["time_inscription"]); + $date_inscription_parsed = date_parse_from_format("yyyy-mm-dd", $date_inscription . ' ' . $time_inscription); + + $date_solutions = htmlspecialchars($_POST["date_solutions"]); + $time_solutions = htmlspecialchars($_POST["time_solutions"]); + $date_solutions_parsed = date_parse_from_format("yyyy-mm-dd", $date_solutions . ' ' . $time_solutions); + + $date_syntheses = htmlspecialchars($_POST["date_syntheses"]); + $time_syntheses = htmlspecialchars($_POST["time_syntheses"]); + $date_syntheses_parsed = date_parse_from_format("yyyy-mm-dd", $date_syntheses . ' ' . $time_syntheses); + + if (!$date_start_parsed || !$date_end_parsed || !$date_inscription_parsed || !$date_solutions_parsed || !$date_syntheses_parsed) + return "Une date est mal formée."; + + $description = htmlspecialchars($_POST["description"]); + + $final = isset($_POST["final"]) && $_POST["final"]; + + if ($final && $DB->query("SELECT `id` FROM `tournaments` WHERE `final` = true AND `year` = $YEAR;")->fetch() !== false) + return "Une finale est déjà enregistrée."; + + $req = $DB->prepare("INSERT INTO `tournaments` (`name`, `size`, `place`, `price`, `description`, + `date_start`, `date_end`, `date_inscription`, `date_solutions`, `date_syntheses`, `final`, `year`) + VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);"); + $req->execute([$name, $size, $place, $price, $description, $date_start, $date_end, + "$date_inscription $time_inscription", "$date_solutions $time_solutions", "$date_syntheses $time_syntheses", $final, $YEAR]); + + $req = $DB->query("SELECT `id` FROM `tournaments` WHERE `name` = '$name' AND `year` = $YEAR;"); + $tournament_id = $req->fetch()["id"]; + + foreach ($organizers as $orga) { + $req = $DB->prepare("INSERT INTO `organizers`(`organizer`, `tournament`) VALUES(?, ?);"); + $req->execute([$orga, $tournament_id]); + } + + foreach ($orga_mails as $orga_mail) + mail($orga_mail, "Organisateur TFJM² " . $name, "Vous venez d'être promu organisateur du tournoi " . $name . " pour le TFJM² $YEAR !", "From: $MAIL_ADDRESS"); + + return false; +} + +require_once "../views/header.php"; +require_once "../views/ajouter_tournoi.php"; +require_once "../views/footer.php"; diff --git a/server_files/confirmer_mail.php b/server_files/controllers/confirmer_mail.php similarity index 80% rename from server_files/confirmer_mail.php rename to server_files/controllers/confirmer_mail.php index 317e489..484a024 100644 --- a/server_files/confirmer_mail.php +++ b/server_files/controllers/confirmer_mail.php @@ -1,6 +1,6 @@ - - - -

- - \ No newline at end of file +require_once "../views/header.php"; +echo "

$error_message

"; +require_once "../views/footer.php"; diff --git a/server_files/connexion.php b/server_files/controllers/connexion.php similarity index 50% rename from server_files/connexion.php rename to server_files/controllers/connexion.php index 5e3882b..a5dd18b 100644 --- a/server_files/connexion.php +++ b/server_files/controllers/connexion.php @@ -1,6 +1,6 @@ query("SELECT `tournament`, `validation_status` FROM `teams` WHERE `id` ='" . $_SESSION["team_id"] . "' AND `year` = '$YEAR';"); - $data = $response->fetch(); - $_SESSION["tournament_id"] = $data["tournament"]; - $_SESSION["team_validation_status"] = $data["validation_status"]; + loadUserValues(); return false; } @@ -141,103 +132,6 @@ function sendConfirmEmail() { return false; } -?> - - - -Erreur : " . $error_message . ""; ?> - - -

Vous êtes déjà connecté !

- - - - -
- - - - - - - - - - -
- - - -
- -
-
- -
- " /> - - - - - - - - - - - - - - -
- - - -
- - - -
- -
-
- - -
- - - - - - - - - - - - - - - - -
- - Mot de passe oublié ? -
-
- - - - - +require_once "../views/header.php"; +require_once "../views/connexion.php"; +require_once "../views/footer.php"; diff --git a/server_files/controllers/deconnexion.php b/server_files/controllers/deconnexion.php new file mode 100644 index 0000000..948c39b --- /dev/null +++ b/server_files/controllers/deconnexion.php @@ -0,0 +1,10 @@ +Déconnexion réussie !"; +require_once "../views/footer.php"; diff --git a/server_files/controllers/equipe.php b/server_files/controllers/equipe.php new file mode 100644 index 0000000..4fdec18 --- /dev/null +++ b/server_files/controllers/equipe.php @@ -0,0 +1,77 @@ +exec("UPDATE `teams` SET `validation_status` = 'VALIDATED' WHERE `trigram` = '$trigram' AND `year` = $YEAR;"); +} + +$team_data = $DB->query("SELECT * FROM `teams` WHERE `trigram` = '$trigram' AND `year` = $YEAR;")->fetch(); + +if (isset($_POST["select"])) { + $DB->exec("UPDATE `teams` SET `final_selection` = true, `validation_status` = 'NOT_READY' WHERE `trigram` = '$trigram' AND `year` = $YEAR;"); + $team_data["validation_status"] = "NOT_READY"; + $team_data["final_selection"] = true; + $final_id = $_SESSION["final_id"]; + $team_id = $team_data["id"]; + + $sols_req = $DB->prepare("SELECT `file_id`, `problem`, COUNT(`problem`) AS `version` FROM `solutions` WHERE `team` = ? AND `tournament` = ? GROUP BY `problem`, `uploaded_at` ORDER BY `problem`, `uploaded_at` DESC;"); + $sols_req->execute([$team_data["id"], $team_data["tournament"]]); + while (($sol_data = $sols_req->fetch()) !== false) { + $old_id = $sol_data["file_id"]; + $alphabet = "abcdefghijklmnopqrstuvwxyz0123456789"; + + do { + $id = ""; + for ($i = 0; $i < 64; ++$i) { + $id .= $alphabet[rand(0, strlen($alphabet) - 1)]; + } + } + while (file_exists("$LOCAL_PATH/files/$id")); + + copy("$LOCAL_PATH/files/$old_id", "$LOCAL_PATH/files/$id"); + + $req = $DB->prepare("INSERT INTO `solutions`(`file_id`, `team`, `tournament`, `problem`) + VALUES (?, ?, ?, ?);"); + $req->execute([$id, $team_id, $_SESSION["final_id"], $sol_data["problem"]]); + } + + $syntheses_req = $DB->prepare("SELECT `file_id`, `dest`, COUNT(`dest`) AS `version` FROM `syntheses` WHERE `team` = ? AND `tournament` = ? GROUP BY `dest`, `uploaded_at` ORDER BY `dest`, `uploaded_at` DESC;"); + $syntheses_req->execute([$team_data["id"], $team_data["tournament"]]); + while (($synthese_data = $syntheses_req->fetch()) !== false) { + $old_id = $synthese_data["file_id"]; + $alphabet = "abcdefghijklmnopqrstuvwxyz0123456789"; + + do { + $id = ""; + for ($i = 0; $i < 64; ++$i) { + $id .= $alphabet[rand(0, strlen($alphabet) - 1)]; + } + } + while (file_exists("$LOCAL_PATH/files/$id")); + + copy("$LOCAL_PATH/files/$old_id", "$LOCAL_PATH/files/$id"); + + $req = $DB->prepare("INSERT INTO `syntheses`(`file_id`, `team`, `tournament`, `dest`) VALUES (?, ?, ?, ?);"); + $req->execute([$id, $team_id, $_SESSION["final_id"], $synthese_data["dest"]]); + } +} + +if ($team_data === false) + require_once "../404.php"; + +$tournament_data = $DB->query("SELECT `name`, `date_start` FROM `tournaments` WHERE `id` = '" . $team_data["tournament"] . "' AND `year` = '$YEAR';")->fetch(); + +$documents_req = $DB->prepare("SELECT `file_id`, `user`, `type`, COUNT(`type`) AS `version` FROM `documents` WHERE `team` = ? AND `tournament` = ? GROUP BY `user`, `type` ORDER BY `user`, `type` ASC, MAX(`uploaded_at`) DESC;"); +$documents_req->execute([$team_data["id"], $team_data["tournament"]]); + +if ($team_data["final_selection"]) { + $documents_final_req = $DB->prepare("SELECT `file_id`, `user`, `type`, COUNT(`type`) AS `version` FROM `documents` WHERE `team` = ? AND `tournament` != ? GROUP BY `user`, `type` ORDER BY `user`, `type` ASC, MAX(`uploaded_at`) DESC;"); + $documents_final_req->execute([$team_data["id"], $_SESSION["final_id"]]); +} + +require_once "../views/header.php"; +require_once "../views/equipe.php"; +require_once "../views/footer.php"; diff --git a/server_files/controllers/index.php b/server_files/controllers/index.php new file mode 100644 index 0000000..254491b --- /dev/null +++ b/server_files/controllers/index.php @@ -0,0 +1,6 @@ +query("SELECT * FROM `users` WHERE `id` = $id;")->fetch(); + +if ($user_data === false) { + require_once "../404.php"; +} + +$team_data = false; +if ($user_data["team_id"] !== NULL) + $team_data = $DB->query("SELECT `name`, `trigram` FROM `teams` WHERE `id` = " . $user_data["team_id"] . ";")->fetch(); + +$documents_req = $DB->query("SELECT * FROM `documents` WHERE `user` = $id;"); +$tournaments_req = $DB->query("SELECT `tournament`, `name` FROM `organizers` JOIN `tournaments` ON `tournaments`.`id` = `tournament` WHERE `organizer` = $id ORDER BY `date_start`, `name`;"); + +require_once "../views/header.php"; +require_once "../views/informations.php"; +require_once "../views/footer.php"; diff --git a/server_files/controllers/inscription.php b/server_files/controllers/inscription.php new file mode 100644 index 0000000..54101e4 --- /dev/null +++ b/server_files/controllers/inscription.php @@ -0,0 +1,133 @@ +query("SELECT `email` FROM `users` WHERE `email` = '" . $email . "' AND `year` = '$YEAR';"); + if ($result->fetch()) + return "Un compte existe déjà avec cette adresse e-mail."; + + $password = htmlspecialchars($_POST["password"]); + if (strlen($password) < 8) + return "Le mot de passe doit comporter au moins 8 caractères."; + if ($password != $_POST["confirm_password"]) + return "Les deux mots de passe sont différents."; + + $password = password_hash($password, PASSWORD_BCRYPT); + + $surname = strtoupper(htmlspecialchars($_POST["surname"])); + if (!isset($surname) || $surname == "") + return "Le nom de famille est obligatoire."; + + $firstname = htmlspecialchars($_POST["firstname"]); + if (!isset($surname) || $surname == "") + return "Le prénom est obligatoire."; + + $birth_date = date_parse_from_format("yyyy-mm-dd", htmlspecialchars($_POST["birth_date"])); + + if ($birth_date === FALSE) + return "La date de naissance est invalide."; + + if (htmlspecialchars($_POST["birth_date"]) >= $YEAR . "-01-01") + return "Vous devez avoir un âge strictement positif. Date de naissance rentrée : " . htmlspecialchars($_POST["birth_date"]); + + $gender = htmlspecialchars($_POST["gender"]); + + if (!isset($gender) || ($gender != "M" && $gender != "F")) + return "Le sexe indiqué est invalide."; + + $address = htmlspecialchars($_POST["address"]); + + if (!isset($address)) + $address = ""; + + try { + $postal_code = intval($_POST["postal_code"]); + if ($postal_code < 1000 || $postal_code > 95999) + return "Le code postal est invalide."; + } + catch (Exception $ex) { + return "Le code postal n'est pas un nombre valide."; + } + + $city = htmlspecialchars($_POST["city"]); + + if (!isset($city)) + $city = ""; + + $country = htmlspecialchars($_POST["country"]); + + if (!isset($country)) + $country = "France"; + + $phone_number = htmlspecialchars($_POST["phone_number"]); + + if (!isset($phone_number) || $phone_number == "") + return "Vous devez renseigner un numéro de téléphone."; + + $role = htmlspecialchars($_POST["role"]); + + if (!isset($role) || ($role != "participant" && $role != "encadrant")) + return "Le rôle entré n'est pas valide."; + + $role = strtoupper($role); + + $school = htmlspecialchars($_POST["school"]); + $class = strtoupper(htmlspecialchars($_POST["class"])); + $responsible_name = htmlspecialchars($_POST["responsible_name"]); + $responsible_phone = htmlspecialchars($_POST["responsible_phone"]); + $responsible_email = htmlspecialchars($_POST["responsible_email"]); + + if ($role == "ENCADRANT") { + $school = NULL; + $class = NULL; + $responsible_name = NULL; + $responsible_phone = NULL; + $responsible_email = NULL; + } + else { + if (!isset($class) && $class != "TERMINALE" && $class != "PREMIERE" && $class != "SECONDE") + return "La classe spécifiée est invalide. Merci de ne pas créer vos propres requêtes."; + + if ((!isset($responsible_name) || $responsible_name == "") && $birth_date > strval($YEAR - 18) . "-05-01") + return "Veuillez spécifier un nom de responsable légal."; + + if ((!isset($responsible_phone) || $responsible_phone == "") && (!isset($responsible_email) || !filter_var($responsible_email, FILTER_VALIDATE_EMAIL)) + && $birth_date > strval($YEAR - 18) . "-05-01") + return "Veuillez préciser au moins le numéro de téléphone ou l'addresse e-mail de votre responsable légal."; + } + + $description = $_POST["description"]; + + if ($role == "PARTICIPANT") + $description = NULL; + + $confirm_email_uid = uniqid(); + + $req = $DB->prepare("INSERT INTO `users`(`email`, `pwd_hash`, `confirm_email`, `surname`, `first_name`, `birth_date`, `gender`, + `address`, `postal_code`, `city`, `country`, `phone_number`, `school`, `class`, `role`, `description`, `year`) + VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);"); + $req->execute([$email, $password, $confirm_email_uid, $surname, $firstname, $_POST["birth_date"], $gender, $address, $postal_code, + $city, $country, $phone_number, $school, $class, $role, $description, $YEAR]); + + $msg = "Merci pour votre inscription au TFJM² $YEAR ! Veuillez désormais confirmer votre adresse mail en cliquant ici : $URL_BASE/confirmer_mail/$confirm_email_uid"; + mail($email, "Inscription au TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n"); + + return false; +} + +require_once "../views/header.php"; +require_once "../views/inscription.php"; +require_once "../views/footer.php"; diff --git a/server_files/controllers/mon_compte.php b/server_files/controllers/mon_compte.php new file mode 100644 index 0000000..cef24b8 --- /dev/null +++ b/server_files/controllers/mon_compte.php @@ -0,0 +1,143 @@ +query("SELECT * FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "';"); + $user_data = $result->fetch(); +} +else + require_once "../403.php"; + +function updateAccount() +{ + global $DB, $URL_BASE, $MAIL_ADDRESS; + + if (!isset($_SESSION["user_id"])) + return "Vous n'êtes pas connecté."; + + $ID = $_SESSION["user_id"]; + + $surname = htmlspecialchars($_POST["surname"]); + if (isset($surname) && $surname != "") + $DB->prepare("UPDATE `users` SET `surname` = ? WHERE `id` = ?;")->execute([$surname, $ID]); + + $first_name = htmlspecialchars($_POST["firstname"]); + if (isset($first_name) && $first_name != "") + $DB->prepare("UPDATE `users` SET `first_name` = ? WHERE `id` = ?;")->execute([$first_name, $ID]); + + $birth_date = htmlspecialchars($_POST["birth_date"]); + if (isset($birth_date) && $birth_date != "") + $DB->prepare("UPDATE `users` SET `birth_date` = ? WHERE `id` = ?;")->execute([$birth_date, $ID]); + + if (isset($_POST["gender"])) { + $gender = htmlspecialchars($_POST["gender"]); + if (isset($gender) && ($gender == "M" || $gender == "F")) + $DB->prepare("UPDATE `users` SET `gender` = ? WHERE `id` = ?;")->execute([$gender, $ID]); + } + + $address = htmlspecialchars($_POST["address"]); + if (isset($address) && $address != "") + $DB->prepare("UPDATE `users` SET `address` = ? WHERE `id` = ?;")->execute([$address, $ID]); + + $postal_code = htmlspecialchars($_POST["postal_code"]); + if (isset($postal_code) && $postal_code != "") + $DB->prepare("UPDATE `users` SET `postal_code` = ? WHERE `id` = ?;")->execute([$postal_code, $ID]); + + $city = htmlspecialchars($_POST["city"]); + if (isset($city) && $city != "") + $DB->prepare("UPDATE `users` SET `city` = ? WHERE `id` = ?;")->execute([$city, $ID]); + + $country = htmlspecialchars($_POST["country"]); + if (isset($country) && $country != "") + $DB->prepare("UPDATE `users` SET `country` = ? WHERE `id` = ?;")->execute([$country, $ID]); + + $phone_number = htmlspecialchars($_POST["phone_number"]); + if (isset($phone_number) && $phone_number != "") + $DB->prepare("UPDATE `users` SET `phone_number` = ? WHERE `id` = ?;")->execute([$phone_number, $ID]); + + if (isset($_POST["school"])) { + $school = htmlspecialchars($_POST["school"]); + if (isset($school) && $school != "") + $DB->prepare("UPDATE `users` SET `school` = ? WHERE `id` = ?;")->execute([$school, $ID]); + } + + if (isset($_POST["class"])) { + $class = htmlspecialchars($_POST["class"]); + if (isset($class) && ($class == "terminale" || $class == "premiere" || $class == "seconde")) + $DB->prepare("UPDATE `users` SET `class` = ? WHERE `id` = ?;")->execute([strtoupper($class), $ID]); + } + + if (isset($_POST["responsible_name"])) { + $responsible_name = htmlspecialchars($_POST["responsible_name"]); + if (isset($responsible_name) && $responsible_name != "") + $DB->prepare("UPDATE `users` SET `responsible_name` = ? WHERE `id` = ?;")->execute([$responsible_name, $ID]); + } + + if (isset($_POST["responsible_phone"])) { + $responsible_phone = htmlspecialchars($_POST["responsible_phone"]); + if (isset($responsible_phone) && $responsible_phone != "") + $DB->prepare("UPDATE `users` SET `responsible_phone` = ? WHERE `id` = ?;")->execute([$responsible_phone, $ID]); + } + + if (isset($_POST["responsible_email"])) { + $responsible_email = htmlspecialchars($_POST["responsible_email"]); + if (isset($responsible_email) && $responsible_email != "") + $DB->prepare("UPDATE `users` SET `responsible_email` = ? WHERE `id` = ?;")->execute([$responsible_email, $ID]); + } + + if (isset($_POST["description"])) { + $description = htmlspecialchars($_POST["description"]); + if (isset($description) && $description != "") + $DB->prepare("UPDATE `users` SET `description` = ? WHERE `id` = ?;")->execute([$description, $ID]); + } + + $email = htmlspecialchars($_POST["email"]); + if (isset($email) && $email != "" && filter_var($email, FILTER_VALIDATE_EMAIL)) { + $confirm_email_uid = uniqid(); + $DB->prepare("UPDATE `users` SET `email` = ?, `confirm_email` = ? WHERE `id` = ?;")->execute([$email, $confirm_email_uid, $ID]); + + $msg = "Vous venez de changer votre adresse mail. Veuillez désormais confirmer votre adresse mail en cliquant ici : $URL_BASE/confirmer_mail/$confirm_email_uid"; + mail($email, "Changement d'adresse mail - TFJM²", $msg, "From: $MAIL_ADDRESS\r\n"); + } + + return false; +} + +function updatePassword() +{ + global $DB, $YEAR; + + $old = htmlspecialchars($_POST["old_password"]); + $new = htmlspecialchars($_POST["new_password"]); + $confirm = htmlspecialchars($_POST["confirm_password"]); + + $result = $DB->query("SELECT `pwd_hash` FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "' AND `year` = '$YEAR';"); + if (($data = $result->fetch()) === FALSE) + return "Le compte n'existe pas."; + + if (!password_verify($old, $data["pwd_hash"])) + return "L'ancien mot de passe est incorrect."; + + if (strlen($new) < 8) + return "Le mot de passe doit comporter au moins 8 caractères."; + + if ($new != $confirm) + return "Les deux mots de passe sont différents."; + + $hash = password_hash($new, PASSWORD_BCRYPT); + + $DB->prepare("UPDATE `users` SET `pwd_hash` = ? WHERE `id` = ?;")->execute([$hash, $_SESSION["user_id"]]); + + return false; +} + +require_once "../views/header.php"; +require_once "../views/mon_compte.php"; +require_once "../views/footer.php"; diff --git a/server_files/controllers/mon_equipe.php b/server_files/controllers/mon_equipe.php new file mode 100644 index 0000000..f76ca1e --- /dev/null +++ b/server_files/controllers/mon_equipe.php @@ -0,0 +1,167 @@ +query("SELECT `id`, `name` FROM `tournaments` WHERE `year` = '$YEAR';"); + +if (isset($_POST["send_document"])) { + $error_message = sendDocument(); +} + +if (isset($_POST["request_validation"])) { + if (!checkCanValidate()) + $error_message = "Votre équipe ne peut pas demander la validation : il manque soit des participants, soit des documents."; + else { + $DB->exec("UPDATE `teams` SET `validation_status` = 'WAITING' WHERE `id` = " . $_SESSION["team_id"] . ";"); + $_SESSION["team_validation_status"] = "WAITING"; + } +} + +if (isset($_SESSION["user_id"]) && isset($_SESSION["team_id"])) { + $result = $DB->query("SELECT * FROM `teams` WHERE `id` = '" . $_SESSION["team_id"] . "' AND `year` = '$YEAR';"); + $team_data = $result->fetch(); + + $tournament_data = $DB->query("SELECT `name`, `date_start` FROM `tournaments` WHERE `id` = '" . $team_data["tournament"] . "' AND `year` = '$YEAR';")->fetch(); + + $documents_req = $DB->prepare("SELECT `file_id`, `type`, COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `tournament` = ? GROUP BY `type`, `uploaded_at` ORDER BY `type`, `uploaded_at` DESC;"); + $documents_req->execute([$_SESSION["user_id"], $_SESSION[isset($_SESSION["final_id"]) ? "final_id" : "tournament_id"]]); +} +else + require_once "../403.php"; + +if (isset($_POST["team_edit"])) { + $error_message = updateTeam(); +} + +function sendDocument() +{ + global $LOCAL_PATH, $DB; + + $type = strtoupper(htmlspecialchars($_POST["type"])); + if (!isset($type) || ($type != "PARENTAL_CONSENT" && $type != "PHOTO_CONSENT" && $type != "SANITARY_PLUG")) + return "Le type de document est invalide. Merci de ne pas formuler vos propres requêtes."; + + $file = $_FILES["document"]; + + if ($file["size"] > 5000000 || $file["error"]) + return "Une erreur est survenue. Merci de vérifier que le fichier pèse moins que 5 Mo."; + + if (finfo_file(finfo_open(FILEINFO_MIME_TYPE), $file["tmp_name"]) != 'application/pdf') + return "Le fichier doit être au format PDF."; + + if (!is_dir("$LOCAL_PATH/files") && !mkdir("$LOCAL_PATH/files")) + return "Les droits sont insuffisants. Veuillez contacter l'administrateur du serveur."; + + $alphabet = "abcdefghijklmnopqrstuvwxyz0123456789"; + + do { + $id = ""; + for ($i = 0; $i < 64; ++$i) { + $id .= $alphabet[rand(0, strlen($alphabet) - 1)]; + } + } while (file_exists("$LOCAL_PATH/files/$id")); + + if (!rename($file["tmp_name"], "$LOCAL_PATH/files/$id")) + return "Une erreur est survenue lors de l'envoi du fichier."; + + $req = $DB->prepare("INSERT INTO `documents`(`file_id`, `user`, `team`, `tournament`, `type`) + VALUES (?, ?, ?, ?, ?);"); + $req->execute([$id, $_SESSION["user_id"], $_SESSION["team_id"], $_SESSION[isset($_SESSION["final_id"]) ? "final_id" : "tournament_id"], $type]); + + return false; +} + +function updateTeam() +{ + global $DB, $YEAR, $URL_BASE, $team_data; + + if ($_SESSION["team_id"] == NULL) + return "Vous n'êtes pas dans une équipe."; + + $name = htmlspecialchars($_POST["name"]); + + if (!isset($name) || $name == "") + return "Vous devez spécifier un nom d'équipe."; + + echo $team_data["id"]; + $result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `id` != " . $team_data["id"] . " AND `year` = '$YEAR';"); + if ($result->fetch()) + return "Une équipe existe déjà avec ce nom." . $team_data["id"]; + + $trigram = strtoupper(htmlspecialchars($_POST["trigram"])); + + if (!preg_match("#^[A-Z][A-Z][A-Z]$#", $trigram)) + return "Le trigramme entré n'est pas valide."; + + $result = $DB->query("SELECT `id` FROM `teams` WHERE `trigram` = '" . $trigram . "' AND `id` != '" . $team_data["id"] . "' AND `year` = '$YEAR';"); + if ($result->fetch()) + return "Une équipe a déjà choisi ce trigramme."; + + $tournament_id = intval(htmlspecialchars($_POST["tournament"])); + + $result = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `id` = '" . $tournament_id . "' AND `year` = '$YEAR';"); + $data = $result->fetch(); + if ($data === FALSE) + return "Le tournoi spécifié n'existe pas."; + + $req = $DB->prepare("UPDATE `teams` SET `name` = ?, `trigram` = ?, `tournament` = ? WHERE `id` = ?;"); + $req->execute([$name, $trigram, $tournament_id, $team_data["id"]]); + + header("Location: $URL_BASE/mon_equipe"); + + return false; +} + +function checkCanValidate() +{ + global $DB, $team_data, $tournament_data, $YEAR; + $can_validate = $team_data["validation_status"] == "NOT_READY"; + $can_validate &= $team_data["encadrant_1"] != NULL; + $can_validate &= $team_data["participant_4"] != NULL; + for ($i = 1; $i <= 2; ++$i) { + if ($team_data["encadrant_$i"] === NULL) + continue; + + $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); + $req->execute([$team_data["encadrant_$i"], "PHOTO_CONSENT"]); + $d = $req->fetch(); + $can_validate &= $d["version"] > 0; + + $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); + $req->execute([$team_data["encadrant_$i"], "SANITARY_PLUG"]); + $d = $req->fetch(); + $can_validate &= $d["version"] > 0; + } + for ($i = 1; $i <= 6; ++$i) { + if ($team_data["participant_$i"] === NULL) + continue; + + $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); + $req->execute([$team_data["participant_$i"], "PHOTO_CONSENT"]); + $d = $req->fetch(); + $can_validate &= $d["version"] > 0; + + $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); + $req->execute([$team_data["participant_$i"], "SANITARY_PLUG"]); + $d = $req->fetch(); + $can_validate &= $d["version"] > 0; + + $birth_date = $DB->query("SELECT `birth_date` FROM `users` WHERE `id` = " . $team_data["participant_$i"] . ";")->fetch()["birth_date"]; + if ($birth_date > strval($YEAR - 18) . substr($tournament_data["date_start"], 4)) { + $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); + $req->execute([$team_data["participant_$i"], "PARENTAL_CONSENT"]); + $d = $req->fetch(); + $can_validate &= $d["version"] > 0; + } + } + + return $can_validate; +} + +require_once "../views/header.php"; +require_once "../views/mon_equipe.php"; +require_once "../views/footer.php"; diff --git a/server_files/rejoindre_equipe.php b/server_files/controllers/rejoindre_equipe.php similarity index 65% rename from server_files/rejoindre_equipe.php rename to server_files/controllers/rejoindre_equipe.php index 3e518ad..17a3860 100644 --- a/server_files/rejoindre_equipe.php +++ b/server_files/controllers/rejoindre_equipe.php @@ -1,6 +1,6 @@ - - - - -

Vous devez être participant ou encadrant pour pouvoir rejoindre une équipe.

- - Vous avez bien rejoint l'équipe ! - -

Vous êtes déjà dans une équipe.

- - -Erreur : " . $error_message . ""; ?> - -
- - - - - - - - - - - -
- - - -
- -
-
- - - - +require_once "../views/header.php"; +require_once "../views/rejoindre_equipe.php"; +require_once "../views/footer.php"; diff --git a/server_files/solutions.php b/server_files/controllers/solutions.php similarity index 53% rename from server_files/solutions.php rename to server_files/controllers/solutions.php index 379ccde..30115e3 100644 --- a/server_files/solutions.php +++ b/server_files/controllers/solutions.php @@ -1,9 +1,9 @@ - - - -Erreur : " . $error_message . ""; - } else { - echo "

Le fichier a été correctement envoyé !

"; - } -}?> - - -
- - - - - - - - - - - - - - - -
- - - -
- - - -
- -
-
- - -
- -

Solutions soumises :

- -fetch()) !== false) { - $file_id = $data["file_id"]; - $problem = $data["problem"]; - $version = $data["version"]; - echo "Problème $problem (Version $version) : Télécharger
"; -} -?> - - +require_once "../views/header.php"; +require_once "../views/solutions.php"; +require_once "../views/footer.php"; diff --git a/server_files/solutions_orga.php b/server_files/controllers/solutions_orga.php similarity index 77% rename from server_files/solutions_orga.php rename to server_files/controllers/solutions_orga.php index 8030be8..7dc2540 100644 --- a/server_files/solutions_orga.php +++ b/server_files/controllers/solutions_orga.php @@ -1,9 +1,13 @@ - - query("SELECT `tournaments`.`id`, `name` FROM `tournaments` JOIN `organizers` ON `tournament` = `tournaments`.`id` WHERE " + . ($_SESSION["role"] == "ADMIN" ? "" : "`organizer` = '" . $_SESSION["user_id"] . "' AND ") + . "`year` = $YEAR GROUP BY `tournament` ORDER BY `name`;"); if (isset($_POST["download_zip"])) { $id = $_POST["tournament"]; @@ -34,22 +38,14 @@ if (isset($_POST["download_zip"])) { header("Content-Type: application/zip"); header("Content-Disposition: attachment; filename=\"Solutions du tournoi de $tournament_name.zip\""); - header("Content-Length: " . strval(filesize($temp) + 1)); + header("Content-Length: " . strval(filesize($temp))); readfile($temp); exit(); } -?> - - - -query("SELECT `tournaments`.`id`, `name` FROM `tournaments` JOIN `organizers` ON `tournament` = `tournaments`.`id` WHERE " - . ($_SESSION["role"] == "ADMIN" ? "" : "`organizer` = '" . $_SESSION["user_id"] . "' AND ") - . "`year` = $YEAR GROUP BY `tournament` ORDER BY `name`;"); +require_once "../views/header.php"; while (($data_tournament = $req->fetch()) !== false) { echo "

Tournoi de " . $data_tournament["name"] . "

\n"; @@ -66,16 +62,11 @@ while (($data_tournament = $req->fetch()) !== false) { echo "Problème n°$problem de l'équipe $team_name ($team_trigram), version $version : Télécharger
"; } - ?> -
- - " /> - -
-
- \n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "
\n"; } -?> - - +require_once "../views/footer.php"; diff --git a/server_files/controllers/syntheses.php b/server_files/controllers/syntheses.php new file mode 100644 index 0000000..4c39972 --- /dev/null +++ b/server_files/controllers/syntheses.php @@ -0,0 +1,59 @@ +prepare("SELECT `file_id`, `dest`, COUNT(`dest`) AS `version` FROM `syntheses` WHERE `team` = ? AND `tournament` = ? GROUP BY `dest`, `uploaded_at` ORDER BY `dest`, `uploaded_at` DESC;"); +$syntheses_req->execute([$_SESSION["team_id"], $_SESSION[isset($_SESSION["final_id"]) ? "final_id" : "tournament_id"]]); + +$tournament_req = $DB->prepare("SELECT `date_solutions`, `date_syntheses` FROM `tournaments` WHERE `id` = ?;"); +$tournament_req->execute([$_SESSION[isset($_SESSION["final_id"]) ? "final_id" : "tournament_id"]]); +$tournament_data = $tournament_req->fetch(); + +function saveSynthese() { + global $LOCAL_PATH, $DB; + + $dest = strtoupper(htmlspecialchars($_POST["dest"])); + + if (!isset($dest) || ($dest != "OPPOSANT" && $dest != "RAPPORTEUR")) + return "Le destinataire est invalide."; + + $file = $_FILES["synthese"]; + + if ($file["size"] > 5000000 || $file["error"]) + return "Une erreur est survenue. Merci de vérifier que le fichier pèse moins que 5 Mo."; + + if (finfo_file(finfo_open(FILEINFO_MIME_TYPE), $file["tmp_name"]) != 'application/pdf') + return "Le fichier doit être au destmat PDF."; + + if (!is_dir("$LOCAL_PATH/files") && !mkdir("$LOCAL_PATH/files")) + return "Les droits sont insuffisants. Veuillez contacter l'administrateur du serveur."; + + $alphabet = "abcdefghijklmnopqrstuvwxyz0123456789"; + + do { + $id = ""; + for ($i = 0; $i < 64; ++$i) { + $id .= $alphabet[rand(0, strlen($alphabet) - 1)]; + } + } + while (file_exists("$LOCAL_PATH/files/$id")); + + if (!rename($file["tmp_name"], "$LOCAL_PATH/files/$id")) + return "Une erreur est survenue lors de l'envoi du fichier."; + + $req = $DB->prepare("INSERT INTO `syntheses`(`file_id`, `team`, `tournament`, `dest`) VALUES (?, ?, ?, ?);"); + $req->execute([$id, $_SESSION["team_id"], $_SESSION["tournament_id"], $dest]); + + return false; +} + +require_once "../views/header.php"; +require_once "../views/syntheses.php"; +require_once "../views/footer.php"; diff --git a/server_files/syntheses_orga.php b/server_files/controllers/syntheses_orga.php similarity index 85% rename from server_files/syntheses_orga.php rename to server_files/controllers/syntheses_orga.php index 1e5b1d2..4286085 100644 --- a/server_files/syntheses_orga.php +++ b/server_files/controllers/syntheses_orga.php @@ -1,9 +1,9 @@ - + - - - -query("SELECT `tournaments`.`id`, `name` FROM `tournaments` JOIN `organizers` ON `tournament` = `tournaments`.`id` WHERE " . ($_SESSION["role"] == "ADMIN" ? "" : "`organizer` = '" . $_SESSION["user_id"] . "' AND ") @@ -66,15 +62,12 @@ while (($data_tournament = $req->fetch()) !== false) { echo "Note de synthèse de l'équipe $team_name ($team_trigram) pour " . ($dest == "OPPOSANT" ? "l'opposant" : "le rapporteur") . ", version $version : Télécharger
"; } - ?> -
- - " /> - -
-
- - + echo "
\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "
\n"; +} + +require_once '../views/footer.php'; diff --git a/server_files/controllers/tournoi.php b/server_files/controllers/tournoi.php new file mode 100644 index 0000000..3a55c44 --- /dev/null +++ b/server_files/controllers/tournoi.php @@ -0,0 +1,133 @@ +prepare("SELECT * FROM `tournaments` WHERE `name` = ? AND `year` = $YEAR;"); +$response->execute([$tournament_name]); +$data = $response->fetch(); + +if ($data === false) + require_once "../404.php"; + +$orgas_req = $DB->query("SELECT `users`.`id` AS `id`, `surname`, `first_name` FROM `users` JOIN `organizers` ON `users`.`id` = `organizer` WHERE `tournament` = " . $data["id"] . ";"); +$orgas = []; +$orgas_id = []; +while (($orga_data = $orgas_req->fetch()) !== false) { + $orgas[] = $orga_data["first_name"] . " " . $orga_data["surname"]; + $orgas_id[] = $orga_data["id"]; +} + +if (isset($_GET["modifier"]) && $_SESSION["role"] != "ADMIN" && !in_array($_SESSION["user_id"], $orgas_id)) + require_once "../403.php"; + +if (isset($_POST["edit_tournament"])) { + $error_message = updateTournament(); +} + +if ($data["final"]) + $teams_response = $DB->query("SELECT `id`, `name`, `trigram`, `inscription_date`, `validation_status` FROM `teams` WHERE `final_selection` AND `year` = $YEAR;"); +else + $teams_response = $DB->query("SELECT `id`, `name`, `trigram`, `inscription_date`, `validation_status` FROM `teams` WHERE `tournament` = " . $data["id"] . " AND `year` = $YEAR;"); + +$orgas_response = $DB->query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE (`role` = 'ORGANIZER' OR `role` = 'ADMIN') AND `year` = '$YEAR';"); + +function updateTournament() { + global $DB, $URL_BASE, $YEAR, $data; + + $tournament_id = $data["id"]; + + $name = htmlspecialchars($_POST["name"]); + + $result = $DB->query("SELECT `id` FROM `tournaments` WHERE `name` = '" . $name . "' AND `id` != $tournament_id AND `year` = '$YEAR';"); + if ($result->fetch()) + return "Un tournoi existe déjà avec ce nom."; + + if (!isset($_POST["organizer"]) || sizeof($_POST["organizer"]) == 0) + return "Aucun organisateur n'a été choisi."; + + if ($_SESSION["role"] == "ADMIN") { + $organizers = $_POST["organizer"]; + $orga_mails = []; + + foreach ($organizers as $orga) { + $result = $DB->query("SELECT `role`, `email` FROM `users` WHERE `id` = '" . $orga . "' AND `year` = '$YEAR';"); + $data = $result->fetch(); + if ($data === FALSE) + return "L'organisateur spécifié n'existe pas."; + if ($data["role"] != "ORGANIZER" && $data["role"] != "ADMIN") + return "L'organisateur indiqué ne peut pas organiser de tournoi."; + $orga_mails[] = $data["email"]; + } + } + + try { + $size = intval(htmlspecialchars($_POST["size"])); + } + catch (Exception $ex) { + return "Le nombre d'équipes indiqué n'est pas un entier valide."; + } + + if ($size < 3 || $size > 12) + return "Un tournoi doit comporter entre 3 et 12 équipes."; + + $place = htmlspecialchars($_POST["place"]); + + try { + $price = intval(htmlspecialchars($_POST["price"])); + } + catch (Throwable $t) { + return "Le tarif pour les participants n'est pas un nombre valide."; + } + + if ($price < 0) + return "Le TFJM² ne va pas payer les élèves pour venir."; + + if ($price > 50) + return "Soyons raisonnable sur le prix."; + + $date_start = htmlspecialchars($_POST["date_start"]); + $date_start_parsed = date_parse_from_format("yyyy-mm-dd", $date_start); + + $date_end = htmlspecialchars($_POST["date_end"]); + $date_end_parsed = date_parse_from_format("yyyy-mm-dd", $date_end); + + $date_inscription = htmlspecialchars($_POST["date_inscription"]); + $time_inscription = htmlspecialchars($_POST["time_inscription"]); + $date_inscription_parsed = date_parse_from_format("yyyy-mm-dd", $date_inscription . ' ' . $time_inscription); + + $date_solutions = htmlspecialchars($_POST["date_solutions"]); + $time_solutions = htmlspecialchars($_POST["time_solutions"]); + $date_solutions_parsed = date_parse_from_format("yyyy-mm-dd", $date_solutions . ' ' . $time_solutions); + + $date_syntheses = htmlspecialchars($_POST["date_syntheses"]); + $time_syntheses = htmlspecialchars($_POST["time_syntheses"]); + $date_syntheses_parsed = date_parse_from_format("yyyy-mm-dd", $date_syntheses . ' ' . $time_syntheses); + + if (!$date_start_parsed || !$date_end_parsed || !$date_inscription_parsed || !$date_solutions_parsed || !$date_syntheses_parsed) + return "Une date est mal formée."; + + $description = htmlspecialchars($_POST["description"]); + + $req = $DB->prepare("UPDATE `tournaments` SET `name` = ?, `size` = ?, `place` = ?, `price` = ?, `description` = ?, + `date_start` = ?, `date_end` = ?, `date_inscription` = ?, `date_solutions` = ?, `date_syntheses` = ? + WHERE `id` = $tournament_id;"); + $req->execute([$name, $size, $place, $price, $description, $date_start, $date_end, + "$date_inscription $time_inscription", "$date_solutions $time_solutions", "$date_syntheses $time_syntheses"]); + + if ($_SESSION["role"] == "ADMIN") { + $DB->exec("DELETE FROM `organizers` WHERE `tournament` = $tournament_id;"); + foreach ($organizers as $orga) { + $req = $DB->prepare("INSERT INTO `organizers`(`organizer`, `tournament`) VALUES(?, ?);"); + $req->execute([$orga, $tournament_id]); + } + } + + header("Location: $URL_BASE/tournoi/" . $name); + exit(); +} + +require_once "../views/header.php"; +require_once "../views/tournoi.php"; +require_once "../views/footer.php"; diff --git a/server_files/controllers/tournois.php b/server_files/controllers/tournois.php new file mode 100644 index 0000000..a12ff7c --- /dev/null +++ b/server_files/controllers/tournois.php @@ -0,0 +1,11 @@ +query("SELECT `name`, `date_start`, `date_end`, `date_inscription`, `date_solutions`, `size` FROM `tournaments` + WHERE `year` = '$YEAR' AND `final` = false ORDER BY `date_start`, `name`;"); +$final_data = $DB->query("SELECT `name`, `date_start`, `date_end`, `date_solutions`, `size` FROM `tournaments` WHERE `final` AND `year` = $YEAR;")->fetch(); + +require_once "../views/header.php"; +require_once "../views/tournois.php"; +require_once "../views/footer.php"; diff --git a/server_files/view_file.php b/server_files/controllers/view_file.php similarity index 96% rename from server_files/view_file.php rename to server_files/controllers/view_file.php index 5b8fa4c..029e01c 100644 --- a/server_files/view_file.php +++ b/server_files/controllers/view_file.php @@ -1,6 +1,6 @@ - - - -

Déconnexion réussie !

- - diff --git a/server_files/equipe.php b/server_files/equipe.php deleted file mode 100644 index 7dc2c38..0000000 --- a/server_files/equipe.php +++ /dev/null @@ -1,173 +0,0 @@ -exec("UPDATE `teams` SET `validation_status` = 'VALIDATED' WHERE `trigram` = '$trigram' AND `year` = $YEAR;"); -} - -$team_data = $DB->query("SELECT * FROM `teams` WHERE `trigram` = '$trigram' AND `year` = $YEAR;")->fetch(); - -if (isset($_POST["select"])) { - $DB->exec("UPDATE `teams` SET `final_selection` = true, `validation_status` = 'NOT_READY' WHERE `trigram` = '$trigram' AND `year` = $YEAR;"); - $team_data["validation_status"] = "NOT_READY"; - $team_data["final_selection"] = true; - $final_id = $_SESSION["final_id"]; - $team_id = $team_data["id"]; - - $sols_req = $DB->prepare("SELECT `file_id`, `problem`, COUNT(`problem`) AS `version` FROM `solutions` WHERE `team` = ? AND `tournament` = ? GROUP BY `problem`, `uploaded_at` ORDER BY `problem`, `uploaded_at` DESC;"); - $sols_req->execute([$team_data["id"], $team_data["tournament"]]); - while (($sol_data = $sols_req->fetch()) !== false) { - $old_id = $sol_data["file_id"]; - $alphabet = "abcdefghijklmnopqrstuvwxyz0123456789"; - - do { - $id = ""; - for ($i = 0; $i < 64; ++$i) { - $id .= $alphabet[rand(0, strlen($alphabet) - 1)]; - } - } - while (file_exists("$LOCAL_PATH/files/$id")); - - copy("$LOCAL_PATH/files/$old_id", "$LOCAL_PATH/files/$id"); - - $req = $DB->prepare("INSERT INTO `solutions`(`file_id`, `team`, `tournament`, `problem`) - VALUES (?, ?, ?, ?);"); - $req->execute([$id, $team_id, $_SESSION["final_id"], $sol_data["problem"]]); - } - - $syntheses_req = $DB->prepare("SELECT `file_id`, `dest`, COUNT(`dest`) AS `version` FROM `syntheses` WHERE `team` = ? AND `tournament` = ? GROUP BY `dest`, `uploaded_at` ORDER BY `dest`, `uploaded_at` DESC;"); - $syntheses_req->execute([$team_data["id"], $team_data["tournament"]]); - while (($synthese_data = $syntheses_req->fetch()) !== false) { - $old_id = $synthese_data["file_id"]; - $alphabet = "abcdefghijklmnopqrstuvwxyz0123456789"; - - do { - $id = ""; - for ($i = 0; $i < 64; ++$i) { - $id .= $alphabet[rand(0, strlen($alphabet) - 1)]; - } - } - while (file_exists("$LOCAL_PATH/files/$id")); - - copy("$LOCAL_PATH/files/$old_id", "$LOCAL_PATH/files/$id"); - - $req = $DB->prepare("INSERT INTO `syntheses`(`file_id`, `team`, `tournament`, `dest`) VALUES (?, ?, ?, ?);"); - $req->execute([$id, $team_id, $_SESSION["final_id"], $synthese_data["dest"]]); - } -} - -if ($team_data === false) - require_once "404.php"; - -$tournament_data = $DB->query("SELECT `name`, `date_start` FROM `tournaments` WHERE `id` = '" . $team_data["tournament"] . "' AND `year` = '$YEAR';")->fetch(); - -$documents_req = $DB->prepare("SELECT `file_id`, `user`, `type`, COUNT(`type`) AS `version` FROM `documents` WHERE `team` = ? AND `tournament` = ? GROUP BY `user`, `type` ORDER BY `user`, `type` ASC, MAX(`uploaded_at`) DESC;"); -$documents_req->execute([$team_data["id"], $team_data["tournament"]]); - -if ($team_data["final_selection"]) { - $documents_final_req = $DB->prepare("SELECT `file_id`, `user`, `type`, COUNT(`type`) AS `version` FROM `documents` WHERE `team` = ? AND `tournament` != ? GROUP BY `user`, `type` ORDER BY `user`, `type` ASC, MAX(`uploaded_at`) DESC;"); - $documents_final_req->execute([$team_data["id"], $_SESSION["final_id"]]); -} - -?> - - - -

Informations sur l'équipe

- -Nom de l'équipe :
-Trigramme :
-Tournoi : ">
-query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE `id` = " . $team_data["encadrant_" . $i] . " AND `year` = '$YEAR';")->fetch(); - $id = $user_data["id"]; - echo "Encadrant $i : " . $user_data["first_name"] . " " . $user_data["surname"] . "
"; -} -for ($i = 1; $i <= 6; ++$i) { - if ($team_data["participant_" . $i] == NULL) - continue; - $user_data = $DB->query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE `id` = " . $team_data["participant_" . $i] . " AND `year` = '$YEAR';")->fetch(); - $id = $user_data["id"]; - echo "Participant $i : " . $user_data["first_name"] . " " . $user_data["surname"] . "
"; -} -if ($team_data["final_selection"]) { - $final_name = $_SESSION["final_name"]; - echo "Équipe sélectionnée pour la finale nationale."; -} -?> - -
- -

Autorisations

- -fetch()) !== false) { - $file_id = $data["file_id"]; - $type = $data["type"]; - $user_id = $data["user"]; - $user_data = $DB->query("SELECT `surname`, `first_name` FROM `users` WHERE `id` = '$user_id';")->fetch(); - $surname = $user_data["surname"]; - $first_name = $user_data["first_name"]; - $version = $data["version"]; - switch ($data["type"]) { - case "PARENTAL_CONSENT": - $name = "Autorisation parentale"; - break; - case "PHOTO_CONSENT": - $name = "Autorisation de droit à l'image"; - break; - case "SANITARY_PLUG": - $name = "Fiche sanitaire"; - break; - } - echo "$name de $first_name $surname : Télécharger
"; -} -?> - - -
-

Autorisations pour la finale

- fetch()) !== false) { - $file_id = $data["file_id"]; - $type = $data["type"]; - $user_id = $data["user"]; - $user_data = $DB->query("SELECT `surname`, `first_name` FROM `users` WHERE `id` = '$user_id';")->fetch(); - $surname = $user_data["surname"]; - $first_name = $user_data["first_name"]; - $version = $data["version"]; - switch ($data["type"]) { - case "PARENTAL_CONSENT": - $name = "Autorisation parentale"; - break; - case "PHOTO_CONSENT": - $name = "Autorisation de droit à l'image"; - break; - case "SANITARY_PLUG": - $name = "Fiche sanitaire"; - break; - } - echo "$name de $first_name $surname : Télécharger
"; - } -} - -if ($team_data["validation_status"] == "WAITING" && $_SESSION["role"] == "ADMIN") { ?> -
- -
- -
- -
- - - diff --git a/server_files/index.php b/server_files/index.php deleted file mode 100644 index e93227b..0000000 --- a/server_files/index.php +++ /dev/null @@ -1,114 +0,0 @@ - - - - -
- - - - - -
- - -
- - -

Vous souhaitez participer au tournoi ? Votre équipe est déjà formée ?

-

Créez un compte pour commencer la procédure d'inscription ou connectez-vous si votre équipe a déjà un compte.

-
- -
- -
-

Bienvenue sur le site d'inscription du TFJM2 !

-
- -
- Ce site a été conçu pour gérer les inscriptions au Tournoi Français des Jeunes Mathématiciennes et Mathématiciens. -
- Cliquez ici pour accéder au site de présentation du tournoi. -
- -
- - -

- Attention aux échéances ! Chaque tournoi a une date limite pour les inscriptions et une date limite pour déposer vos solutions. Elles sont affichées avec les informations de chaque tournoi. Merci de vous y référer ! -
- Une fois l'échéance passée, le site bloque tout accès aux inscriptions (et respectivement au dépôt des solutions). -

- -

- Attention, modification du règlement par rapport aux années précédentes : article 4.3 -
- "l’équipe doit envoyer par mail à contact@tfjm.org, une lettre (au format pdf), répondant aux questions suivantes : -
- -

- - Cette lettre permettra aux organisateurs•trices de vérifier que l’équipe dispose des conditions nécessaires à une participation sérieuse. Sont dispensées les équipes dont la moitié ou plus des membres sont scolarisés dans le même établissement. Le comité National d’Organisation se réserve le droit d’accepter ou non l’inscription des équipes concernées par cette lettre." -
- - Pour plus de détail, voir le règlement : https://tfjm.org/infos-tournois/ -

- - -
-

Comment ça marche ?

-
- -

- Pour participer à l'un des tournois régionaux, il suffit de créer un compte sur la rubrique Inscription. Il vous faudra une adresse email pour ce faire. Un mail de confirmation sera envoyé à cette adresse. Il vous fournira un nom d'utilisateur et un mot de passe que vous allez devoir changer par la suite. -

- -

- Vous pouvez accéder à votre compte via la rubrique Connexion. Une fois connecté, vous pourrez : -

- - Une fois que vous aurez fourni toutes les informations demandées dans la rubrique Mon Équipe, votre inscription pourra être validée par les organisateurs locaux. -

- - -

ATTENTION ! Votre équipe ne sera considérée comme admissible à participer au tournoi que lorsque cette première étape aura été franchie.

- -

Pensez donc à former une équipe complète (minimum 4 participants et 1 encadrant) le plus tôt possible pour avoir plus de chances de participer, compte tenu du nombre des places disponibles dans chaque tournoi (qui sera dûment affiché sur la rubrique Liste des Tournois). Les équipes restantes seront placées en liste d'attente. -

- -

- Pour les équipes dont l'inscription aura été validée, des documents à télécharger, remplir et signer deviendront disponibles sur votre compte. Vous allez devoir ensuite les scanner et les télécharger vers le site pour compléter votre inscription. -

- - -

ATTENTION ! Les équipes qui ne respecteront pas les délais pour rendre ces documents risquent d'être disqualifiées et de laisser leur place aux équipes placées en liste d'attente.

- -

- NB : Ce site est récent et il est encore possible que certaines pages ne fonctionnent pas correctement. Si vous remarquez des bugs, merci de les signaler à l'adresse contact@tfjm.org. -

- - - - - - - - - -
- - \ No newline at end of file diff --git a/server_files/inscription.php b/server_files/inscription.php deleted file mode 100644 index 751b20d..0000000 --- a/server_files/inscription.php +++ /dev/null @@ -1,281 +0,0 @@ -query("SELECT `email` FROM `users` WHERE `email` = '" . $email . "' AND `year` = '$YEAR';"); - if ($result->fetch()) - return "Un compte existe déjà avec cette adresse e-mail."; - - $password = htmlspecialchars($_POST["password"]); - if (strlen($password) < 8) - return "Le mot de passe doit comporter au moins 8 caractères."; - if ($password != $_POST["confirm_password"]) - return "Les deux mots de passe sont différents."; - - $password = password_hash($password, PASSWORD_BCRYPT); - - $surname = strtoupper(htmlspecialchars($_POST["surname"])); - if (!isset($surname) || $surname == "") - return "Le nom de famille est obligatoire."; - - $firstname = htmlspecialchars($_POST["firstname"]); - if (!isset($surname) || $surname == "") - return "Le prénom est obligatoire."; - - $birth_date = date_parse_from_format("yyyy-mm-dd", htmlspecialchars($_POST["birth_date"])); - - if ($birth_date === FALSE) - return "La date de naissance est invalide."; - - if (htmlspecialchars($_POST["birth_date"]) >= $YEAR . "-01-01") - return "Vous devez avoir un âge strictement positif. Date de naissance rentrée : " . htmlspecialchars($_POST["birth_date"]); - - $gender = htmlspecialchars($_POST["gender"]); - - if (!isset($gender) || ($gender != "M" && $gender != "F")) - return "Le sexe indiqué est invalide."; - - $address = htmlspecialchars($_POST["address"]); - - if (!isset($address)) - $address = ""; - - try { - $postal_code = intval($_POST["postal_code"]); - if ($postal_code < 1000 || $postal_code > 95999) - return "Le code postal est invalide."; - } - catch (Exception $ex) { - return "Le code postal n'est pas un nombre valide."; - } - - $city = htmlspecialchars($_POST["city"]); - - if (!isset($city)) - $city = ""; - - $country = htmlspecialchars($_POST["country"]); - - if (!isset($country)) - $country = "France"; - - $phone_number = htmlspecialchars($_POST["phone_number"]); - - if (!isset($phone_number) || $phone_number == "") - return "Vous devez renseigner un numéro de téléphone."; - - $role = htmlspecialchars($_POST["role"]); - - if (!isset($role) || ($role != "participant" && $role != "encadrant")) - return "Le rôle entré n'est pas valide."; - - $role = strtoupper($role); - - $school = htmlspecialchars($_POST["school"]); - $class = strtoupper(htmlspecialchars($_POST["class"])); - $responsible_name = htmlspecialchars($_POST["responsible_name"]); - $responsible_phone = htmlspecialchars($_POST["responsible_phone"]); - $responsible_email = htmlspecialchars($_POST["responsible_email"]); - - if ($role == "ENCADRANT") { - $school = NULL; - $class = NULL; - $responsible_name = NULL; - $responsible_phone = NULL; - $responsible_email = NULL; - } - else { - if (!isset($class) && $class != "TERMINALE" && $class != "PREMIERE" && $class != "SECONDE") - return "La classe spécifiée est invalide. Merci de ne pas créer vos propres requêtes."; - - if ((!isset($responsible_name) || $responsible_name == "") && $birth_date > strval($YEAR - 18) . "-05-01") - return "Veuillez spécifier un nom de responsable légal."; - - if ((!isset($responsible_phone) || $responsible_phone == "") && (!isset($responsible_email) || !filter_var($responsible_email, FILTER_VALIDATE_EMAIL)) - && $birth_date > strval($YEAR - 18) . "-05-01") - return "Veuillez préciser au moins le numéro de téléphone ou l'addresse e-mail de votre responsable légal."; - } - - $description = $_POST["description"]; - - if ($role == "PARTICIPANT") - $description = NULL; - - $confirm_email_uid = uniqid(); - - $req = $DB->prepare("INSERT INTO `users`(`email`, `pwd_hash`, `confirm_email`, `surname`, `first_name`, `birth_date`, `gender`, - `address`, `postal_code`, `city`, `country`, `phone_number`, `school`, `class`, `role`, `description`, `year`) - VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);"); - $req->execute([$email, $password, $confirm_email_uid, $surname, $firstname, $_POST["birth_date"], $gender, $address, $postal_code, - $city, $country, $phone_number, $school, $class, $role, $description, $YEAR]); - - $msg = "Merci pour votre inscription au TFJM² $YEAR ! Veuillez désormais confirmer votre adresse mail en cliquant ici : $URL_BASE/confirmer_mail/$confirm_email_uid"; - mail($email, "Inscription au TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n"); - - return false; -} - -?> - - - - Erreur : " . $error_message . ""; ?> - - - Votre inscription est validée ! Merci désormais de confirmer votre boîte mail pour valider votre adresse. - - -

Vous êtes déjà connecté !

- - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
" required />
" required />
" required />
" required />
/> - />
" />
" min="1000" max="95999" required />
" />
" required />
" />
" />
" />
" />
" />
-
- - - - - - diff --git a/server_files/model.php b/server_files/model.php new file mode 100644 index 0000000..daac47a --- /dev/null +++ b/server_files/model.php @@ -0,0 +1,105 @@ +query("SELECT * FROM `users` WHERE `id` ='" . $_SESSION["user_id"] . "' AND `year` = '$YEAR';"); + $data = $response->fetch(); + if ($data === FALSE) + unset($_SESSION["user_id"]); + else { + $_SESSION["email"] = $data["email"]; + $_SESSION["surname"] = $data["surname"]; + $_SESSION["first_name"] = $data["first_name"]; + $_SESSION["birth_date"] = $data["birth_date"]; + $_SESSION["role"] = $data["role"]; + $_SESSION["team_id"] = $data["team_id"]; + } + + if (isset($_SESSION["user_id"]) && isset($_SESSION["team_id"]) && $_SESSION["team_id"] != NULL) { + $response = $DB->query("SELECT `tournament`, `validation_status`, `final_selection` FROM `teams` WHERE `id` ='" . $_SESSION["team_id"] . "' AND `year` = '$YEAR';"); + $data = $response->fetch(); + $_SESSION["tournament_id"] = $data["tournament"]; + $_SESSION["team_validation_status"] = $data["validation_status"]; + } + + if ((isset($data["final_selection"]) && $data["final_selection"]) || $_SESSION["role"] == "ADMIN" || $_SESSION["role"] == "ORGANIZER") { + $response = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `final` AND `year` = $YEAR;"); + $data = $response->fetch(); + $_SESSION["final_id"] = $data["id"]; + $_SESSION["final_name"] = $data["name"]; + } + } + + if (isset($_SESSION["user_id"]) && isset($_GET["be-admin"])) { + $DB->exec("UPDATE `users` SET `role` = 'ADMIN' WHERE `id` = '" . $_SESSION["user_id"] . "';"); + quitTeam(); + header("Location: $URL_BASE"); + exit(); + } + + if (isset($_SESSION["user_id"]) && isset($_GET["be-organizer"])) { + $DB->exec("UPDATE `users` SET `role` = 'ORGANIZER' WHERE `id` = '" . $_SESSION["user_id"] . "';"); + quitTeam(); + header("Location: $URL_BASE"); + exit(); + } + + if (isset($_SESSION["user_id"]) && isset($_GET["be-participant"])) { + $DB->exec("UPDATE `users` SET `role` = 'PARTICIPANT' WHERE `id` = '" . $_SESSION["user_id"] . "';"); + quitTeam(); + header("Location: $URL_BASE"); + exit(); + } + + if (isset($_SESSION["user_id"]) && isset($_GET["be-encadrant"])) { + $DB->exec("UPDATE `users` SET `role` = 'ENCADRANT' WHERE `id` = '" . $_SESSION["user_id"] . "';"); + quitTeam(); + header("Location: $URL_BASE"); + exit(); + } +} + +function echoDate($date = NULL, $with_time = false) { + if ($date == NULL) + $date = date("yyyy-mm-dd"); + + return strftime("%d %B %G" . ($with_time ? " %H:%M" : ""), strtotime($date)); +} + +function quitTeam() { + global $DB, $URL_BASE; + + if ($_SESSION["role"] == "ADMIN" || $_SESSION["role"] == "ORGANIZER") + return; + + for ($i = 1; $i <= ($_SESSION["role"] == "PARTICIPANT" ? 6 : 2); ++$i) + /** @noinspection SqlResolve */ + $DB->exec("UPDATE `teams` SET `" . strtolower($_SESSION["role"]) . "_$i` = NULL WHERE `" . strtolower($_SESSION["role"]) . "_$i` = " . $_SESSION["user_id"] . ";"); + $DB->exec("UPDATE `users` SET `team_id` = NULL WHERE `id` = " . $_SESSION["user_id"] . ";"); + $DB->exec("UPDATE `teams` SET `encadrant_1` = `encadrant_2`, `encadrant_2` = NULL WHERE `encadrant_1` IS NULL;"); + for ($i = 1; $i <= 5; ++$i) { + /** @noinspection SqlResolve */ + $DB->exec("UPDATE `teams` SET `participant_$i` = `participant_" . strval($i + 1) . "`, `participant_" . strval($i + 1) . "` = NULL WHERE `participant_$i` IS NULL;"); + } + + $req = $DB->query("SELECT `file_id` FROM `documents` WHERE `user` = '" . $_SESSION["user_id"] . "';"); + while (($data = $req->fetch()) !== false) + unlink("$URL_BASE/files/" . $data["file_id"]); + $DB->exec("DELETE FROM `documents` WHERE `user` = '" . $_SESSION["user_id"] . "';"); + + if ($DB->exec("DELETE FROM `teams` WHERE `encadrant_1` IS NULL AND `participant_1` IS NULL;") > 0) { + $req = $DB->query("SELECT `file_id` FROM `solutions` WHERE `team` = '" . $_SESSION["team_id"] . "';"); + while (($data = $req->fetch()) !== false) + unlink("$URL_BASE/files/" . $data["file_id"]); + $DB->exec("DELETE FROM `solutions` WHERE `team` = " . $_SESSION["team_id"] . ";"); + + $req = $DB->query("SELECT `file_id` FROM `syntheses` WHERE `team` = '" . $_SESSION["team_id"] . "';"); + while (($data = $req->fetch()) !== false) + unlink("$URL_BASE/files/" . $data["file_id"]); + $DB->exec("DELETE FROM `syntheses` WHERE `team` = " . $_SESSION["team_id"] . ";"); + } + unset($_SESSION["team_id"]); + unset($_SESSION["team_validation_status"]); +} \ No newline at end of file diff --git a/server_files/mon_compte.php b/server_files/mon_compte.php deleted file mode 100644 index 1c19358..0000000 --- a/server_files/mon_compte.php +++ /dev/null @@ -1,323 +0,0 @@ -query("SELECT * FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "';"); - $user_data = $result->fetch(); -} - -function updateAccount() -{ - global $DB, $URL_BASE, $MAIL_ADDRESS; - - if (!isset($_SESSION["user_id"])) - return "Vous n'êtes pas connecté."; - - $ID = $_SESSION["user_id"]; - - $surname = htmlspecialchars($_POST["surname"]); - if (isset($surname) && $surname != "") - $DB->prepare("UPDATE `users` SET `surname` = ? WHERE `id` = ?;")->execute([$surname, $ID]); - - $first_name = htmlspecialchars($_POST["firstname"]); - if (isset($first_name) && $first_name != "") - $DB->prepare("UPDATE `users` SET `first_name` = ? WHERE `id` = ?;")->execute([$first_name, $ID]); - - $birth_date = htmlspecialchars($_POST["birth_date"]); - if (isset($birth_date) && $birth_date != "") - $DB->prepare("UPDATE `users` SET `birth_date` = ? WHERE `id` = ?;")->execute([$birth_date, $ID]); - - if (isset($_POST["gender"])) { - $gender = htmlspecialchars($_POST["gender"]); - if (isset($gender) && ($gender == "M" || $gender == "F")) - $DB->prepare("UPDATE `users` SET `gender` = ? WHERE `id` = ?;")->execute([$gender, $ID]); - } - - $address = htmlspecialchars($_POST["address"]); - if (isset($address) && $address != "") - $DB->prepare("UPDATE `users` SET `address` = ? WHERE `id` = ?;")->execute([$address, $ID]); - - $postal_code = htmlspecialchars($_POST["postal_code"]); - if (isset($postal_code) && $postal_code != "") - $DB->prepare("UPDATE `users` SET `postal_code` = ? WHERE `id` = ?;")->execute([$postal_code, $ID]); - - $city = htmlspecialchars($_POST["city"]); - if (isset($city) && $city != "") - $DB->prepare("UPDATE `users` SET `city` = ? WHERE `id` = ?;")->execute([$city, $ID]); - - $country = htmlspecialchars($_POST["country"]); - if (isset($country) && $country != "") - $DB->prepare("UPDATE `users` SET `country` = ? WHERE `id` = ?;")->execute([$country, $ID]); - - $phone_number = htmlspecialchars($_POST["phone_number"]); - if (isset($phone_number) && $phone_number != "") - $DB->prepare("UPDATE `users` SET `phone_number` = ? WHERE `id` = ?;")->execute([$phone_number, $ID]); - - if (isset($_POST["school"])) { - $school = htmlspecialchars($_POST["school"]); - if (isset($school) && $school != "") - $DB->prepare("UPDATE `users` SET `school` = ? WHERE `id` = ?;")->execute([$school, $ID]); - } - - if (isset($_POST["class"])) { - $class = htmlspecialchars($_POST["class"]); - if (isset($class) && ($class == "terminale" || $class == "premiere" || $class == "seconde")) - $DB->prepare("UPDATE `users` SET `class` = ? WHERE `id` = ?;")->execute([strtoupper($class), $ID]); - } - - if (isset($_POST["responsible_name"])) { - $responsible_name = htmlspecialchars($_POST["responsible_name"]); - if (isset($responsible_name) && $responsible_name != "") - $DB->prepare("UPDATE `users` SET `responsible_name` = ? WHERE `id` = ?;")->execute([$responsible_name, $ID]); - } - - if (isset($_POST["responsible_phone"])) { - $responsible_phone = htmlspecialchars($_POST["responsible_phone"]); - if (isset($responsible_phone) && $responsible_phone != "") - $DB->prepare("UPDATE `users` SET `responsible_phone` = ? WHERE `id` = ?;")->execute([$responsible_phone, $ID]); - } - - if (isset($_POST["responsible_email"])) { - $responsible_email = htmlspecialchars($_POST["responsible_email"]); - if (isset($responsible_email) && $responsible_email != "") - $DB->prepare("UPDATE `users` SET `responsible_email` = ? WHERE `id` = ?;")->execute([$responsible_email, $ID]); - } - - if (isset($_POST["description"])) { - $description = htmlspecialchars($_POST["description"]); - if (isset($description) && $description != "") - $DB->prepare("UPDATE `users` SET `description` = ? WHERE `id` = ?;")->execute([$description, $ID]); - } - - $email = htmlspecialchars($_POST["email"]); - if (isset($email) && $email != "" && filter_var($email, FILTER_VALIDATE_EMAIL)) { - $confirm_email_uid = uniqid(); - $DB->prepare("UPDATE `users` SET `email` = ?, `confirm_email` = ? WHERE `id` = ?;")->execute([$email, $confirm_email_uid, $ID]); - - $msg = "Vous venez de changer votre adresse mail. Veuillez désormais confirmer votre adresse mail en cliquant ici : $URL_BASE/confirmer_mail/$confirm_email_uid"; - mail($email, "Changement d'adresse mail - TFJM²", $msg, "From: $MAIL_ADDRESS\r\n"); - } - - return false; -} - -function updatePassword() -{ - global $DB, $YEAR; - - $old = htmlspecialchars($_POST["old_password"]); - $new = htmlspecialchars($_POST["new_password"]); - $confirm = htmlspecialchars($_POST["confirm_password"]); - - $result = $DB->query("SELECT `pwd_hash` FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "' AND `year` = '$YEAR';"); - if (($data = $result->fetch()) === FALSE) - return "Le compte n'existe pas."; - - if (!password_verify($old, $data["pwd_hash"])) - return "L'ancien mot de passe est incorrect."; - - if (strlen($new) < 8) - return "Le mot de passe doit comporter au moins 8 caractères."; - - if ($new != $confirm) - return "Les deux mots de passe sont différents."; - - $hash = password_hash($new, PASSWORD_BCRYPT); - - $DB->prepare("UPDATE `users` SET `pwd_hash` = ? WHERE `id` = ?;")->execute([$hash, $_SESSION["user_id"]]); - - return false; -} - -?> - - - -Vous devez être connecté pour afficher cette page."; - require_once "footer.php"; - return; -} ?> - -Erreur : " . $error_message . ""; ?> - - -

Votre compte a bien été mis à jour !

- - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/> - />
- - - -
- -
- - - -
- -
- - - -
- -
-
- -
- -
- - - - - - - - - - - - - - - - - -
-
- - diff --git a/server_files/mon_equipe.php b/server_files/mon_equipe.php deleted file mode 100644 index 92f6a40..0000000 --- a/server_files/mon_equipe.php +++ /dev/null @@ -1,367 +0,0 @@ -exec("UPDATE `teams` SET `" . strtolower($_SESSION["role"]) . "_$i` = NULL WHERE `" . strtolower($_SESSION["role"]) . "_$i` = " . $_SESSION["user_id"] . ";"); - $DB->exec("UPDATE `users` SET `team_id` = NULL WHERE `id` = " . $_SESSION["user_id"] . ";"); - $DB->exec("UPDATE `teams` SET `encadrant_1` = `encadrant_2`, `encadrant_2` = NULL WHERE `encadrant_1` IS NULL;"); - for ($i = 1; $i <= 5; ++$i) { - /** @noinspection SqlResolve */ - $DB->exec("UPDATE `teams` SET `participant_$i` = `participant_" . strval($i + 1) . "`, `participant_" . strval($i + 1) . "` = NULL WHERE `participant_$i` IS NULL;"); - } - - $req = $DB->query("SELECT `file_id` FROM `documents` WHERE `user` = '" . $_SESSION["user_id"] . "';"); - while (($data = $req->fetch()) !== false) - unlink("$URL_BASE/files/" . $data["file_id"]); - $DB->exec("DELETE FROM `documents` WHERE `user` = '" . $_SESSION["user_id"] . "';"); - - if ($DB->exec("DELETE FROM `teams` WHERE `encadrant_1` IS NULL AND `participant_1` IS NULL;") > 0) { - $req = $DB->query("SELECT `file_id` FROM `solutions` WHERE `team` = '" . $_SESSION["team_id"] . "';"); - while (($data = $req->fetch()) !== false) - unlink("$URL_BASE/files/" . $data["file_id"]); - $DB->exec("DELETE FROM `solutions` WHERE `team` = " . $_SESSION["team_id"] . ";"); - - $req = $DB->query("SELECT `file_id` FROM `syntheses` WHERE `team` = '" . $_SESSION["team_id"] . "';"); - while (($data = $req->fetch()) !== false) - unlink("$URL_BASE/files/" . $data["file_id"]); - $DB->exec("DELETE FROM `syntheses` WHERE `team` = " . $_SESSION["team_id"] . ";"); - } - unset($_SESSION["team_id"]); - unset($_SESSION["team_validation_status"]); - header("Location: $URL_BASE"); - exit(); -} - -$tournaments_response = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `year` = '$YEAR';"); - -if (isset($_POST["send_document"])) { - $error_message = sendDocument(); -} - -if (isset($_POST["request_validation"])) { - if (!checkCanValidate()) - $error_message = "Votre équipe ne peut pas demander la validation : il manque soit des participants, soit des documents."; - else { - $DB->exec("UPDATE `teams` SET `validation_status` = 'WAITING' WHERE `id` = " . $_SESSION["team_id"] . ";"); - $_SESSION["team_validation_status"] = "WAITING"; - } -} - -if (isset($_SESSION["user_id"]) && isset($_SESSION["team_id"])) { - $result = $DB->query("SELECT * FROM `teams` WHERE `id` = '" . $_SESSION["team_id"] . "' AND `year` = '$YEAR';"); - $team_data = $result->fetch(); - - $tournament_data = $DB->query("SELECT `name`, `date_start` FROM `tournaments` WHERE `id` = '" . $team_data["tournament"] . "' AND `year` = '$YEAR';")->fetch(); - - $documents_req = $DB->prepare("SELECT `file_id`, `type`, COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `tournament` = ? GROUP BY `type`, `uploaded_at` ORDER BY `type`, `uploaded_at` DESC;"); - $documents_req->execute([$_SESSION["user_id"], $_SESSION[isset($_SESSION["final_id"]) ? "final_id" : "tournament_id"]]); -} - -if (isset($_POST["team_edit"])) { - $error_message = updateTeam(); -} - -function sendDocument() -{ - global $LOCAL_PATH, $DB; - - $type = strtoupper(htmlspecialchars($_POST["type"])); - if (!isset($type) || ($type != "PARENTAL_CONSENT" && $type != "PHOTO_CONSENT" && $type != "SANITARY_PLUG")) - return "Le type de document est invalide. Merci de ne pas formuler vos propres requêtes."; - - $file = $_FILES["document"]; - - if ($file["size"] > 5000000 || $file["error"]) - return "Une erreur est survenue. Merci de vérifier que le fichier pèse moins que 5 Mo."; - - if (finfo_file(finfo_open(FILEINFO_MIME_TYPE), $file["tmp_name"]) != 'application/pdf') - return "Le fichier doit être au format PDF."; - - if (!is_dir("$LOCAL_PATH/files") && !mkdir("$LOCAL_PATH/files")) - return "Les droits sont insuffisants. Veuillez contacter l'administrateur du serveur."; - - $alphabet = "abcdefghijklmnopqrstuvwxyz0123456789"; - - do { - $id = ""; - for ($i = 0; $i < 64; ++$i) { - $id .= $alphabet[rand(0, strlen($alphabet) - 1)]; - } - } while (file_exists("$LOCAL_PATH/files/$id")); - - if (!rename($file["tmp_name"], "$LOCAL_PATH/files/$id")) - return "Une erreur est survenue lors de l'envoi du fichier."; - - $req = $DB->prepare("INSERT INTO `documents`(`file_id`, `user`, `team`, `tournament`, `type`) - VALUES (?, ?, ?, ?, ?);"); - $req->execute([$id, $_SESSION["user_id"], $_SESSION["team_id"], $_SESSION[isset($_SESSION["final_id"]) ? "final_id" : "tournament_id"], $type]); - - return false; -} - -function updateTeam() -{ - global $DB, $YEAR, $URL_BASE, $team_data; - - if ($_SESSION["team_id"] == NULL) - return "Vous n'êtes pas dans une équipe."; - - $name = htmlspecialchars($_POST["name"]); - - if (!isset($name) || $name == "") - return "Vous devez spécifier un nom d'équipe."; - - echo $team_data["id"]; - $result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `id` != " . $team_data["id"] . " AND `year` = '$YEAR';"); - if ($result->fetch()) - return "Une équipe existe déjà avec ce nom." . $team_data["id"]; - - $trigram = strtoupper(htmlspecialchars($_POST["trigram"])); - - if (!preg_match("#^[A-Z][A-Z][A-Z]$#", $trigram)) - return "Le trigramme entré n'est pas valide."; - - $result = $DB->query("SELECT `id` FROM `teams` WHERE `trigram` = '" . $trigram . "' AND `id` != '" . $team_data["id"] . "' AND `year` = '$YEAR';"); - if ($result->fetch()) - return "Une équipe a déjà choisi ce trigramme."; - - $tournament_id = intval(htmlspecialchars($_POST["tournament"])); - - $result = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `id` = '" . $tournament_id . "' AND `year` = '$YEAR';"); - $data = $result->fetch(); - if ($data === FALSE) - return "Le tournoi spécifié n'existe pas."; - - $req = $DB->prepare("UPDATE `teams` SET `name` = ?, `trigram` = ?, `tournament` = ? WHERE `id` = ?;"); - $req->execute([$name, $trigram, $tournament_id, $team_data["id"]]); - - header("Location: $URL_BASE/mon_equipe"); - - return false; -} - -function checkCanValidate() -{ - global $DB, $team_data, $tournament_data, $YEAR; - $can_validate = $team_data["validation_status"] == "NOT_READY"; - $can_validate &= $team_data["encadrant_1"] != NULL; - $can_validate &= $team_data["participant_4"] != NULL; - for ($i = 1; $i <= 2; ++$i) { - if ($team_data["encadrant_$i"] === NULL) - continue; - - $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); - $req->execute([$team_data["encadrant_$i"], "PHOTO_CONSENT"]); - $d = $req->fetch(); - $can_validate &= $d["version"] > 0; - - $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); - $req->execute([$team_data["encadrant_$i"], "SANITARY_PLUG"]); - $d = $req->fetch(); - $can_validate &= $d["version"] > 0; - } - for ($i = 1; $i <= 6; ++$i) { - if ($team_data["participant_$i"] === NULL) - continue; - - $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); - $req->execute([$team_data["participant_$i"], "PHOTO_CONSENT"]); - $d = $req->fetch(); - $can_validate &= $d["version"] > 0; - - $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); - $req->execute([$team_data["participant_$i"], "SANITARY_PLUG"]); - $d = $req->fetch(); - $can_validate &= $d["version"] > 0; - - $birth_date = $DB->query("SELECT `birth_date` FROM `users` WHERE `id` = " . $team_data["participant_$i"] . ";")->fetch()["birth_date"]; - if ($birth_date > strval($YEAR - 18) . substr($tournament_data["date_start"], 4)) { - $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); - $req->execute([$team_data["participant_$i"], "PARENTAL_CONSENT"]); - $d = $req->fetch(); - $can_validate &= $d["version"] > 0; - } - } - - return $can_validate; -} - -?> - - - -Vous devez être dans une équipe pour afficher cette page."; - require_once "footer.php"; - return; -} ?> - -Erreur : " . $error_message . ""; - } else { - echo "

Le fichier a été correctement envoyé !

"; - } -} ?> - -

Informations sur l'équipe

- -Nom de l'équipe :
-Trigramme :
-Tournoi : ">
-query("SELECT `surname`, `first_name` FROM `users` WHERE `id` = " . $team_data["encadrant_" . $i] . " AND `year` = '$YEAR';")->fetch(); - echo "Encadrant $i : " . $user_data["first_name"] . " " . $user_data["surname"] . "
"; -} -for ($i = 1; $i <= 6; ++$i) { - if ($team_data["participant_" . $i] == NULL) - continue; - $user_data = $DB->query("SELECT `surname`, `first_name` FROM `users` WHERE `id` = " . $team_data["participant_" . $i] . " AND `year` = '$YEAR';")->fetch(); - echo "Participant $i : " . $user_data["first_name"] . " " . $user_data["surname"] . "
"; -} -?> -Code d'accès :
-Équipe sélectionnée pour la finale nationale.
"; -} ?> - - - -
- - - - - - - - - - - - - - - - - - - -
- - - "/> -
- - - "/> -
- - - -
- -
-
- - - - - - Modifier mon équipe - -
-

Mes autorisations

- fetch()) !== false) { - $file_id = $data["file_id"]; - $type = $data["type"]; - $version = $data["version"]; - switch ($data["type"]) { - case "PARENTAL_CONSENT": - $name = "Autorisation parentale"; - break; - case "PHOTO_CONSENT": - $name = "Autorisation de droit à l'image"; - break; - case "SANITARY_PLUG": - $name = "Fiche sanitaire"; - break; - } - echo "$name : Télécharger
"; - } - if ($team_data["validation_status"] == "NOT_READY") { ?> -
- - - - - - - - - - - - - - - -
- - - -
- - - -
- -
-
- -
- - - - - - - - -
-
- -
- 		-
- -
-
- - - - diff --git a/server_files/syntheses.php b/server_files/syntheses.php deleted file mode 100644 index 96441d7..0000000 --- a/server_files/syntheses.php +++ /dev/null @@ -1,123 +0,0 @@ -prepare("SELECT `file_id`, `dest`, COUNT(`dest`) AS `version` FROM `syntheses` WHERE `team` = ? AND `tournament` = ? GROUP BY `dest`, `uploaded_at` ORDER BY `dest`, `uploaded_at` DESC;"); -$syntheses_req->execute([$_SESSION["team_id"], $_SESSION[isset($_SESSION["final_id"]) ? "final_id" : "tournament_id"]]); - -$tournament_req = $DB->prepare("SELECT `date_solutions`, `date_syntheses` FROM `tournaments` WHERE `id` = ?;"); -$tournament_req->execute([$_SESSION[isset($_SESSION["final_id"]) ? "final_id" : "tournament_id"]]); -$tournament_data = $tournament_req->fetch(); - -function saveSynthese() { - global $LOCAL_PATH, $DB; - - $dest = strtoupper(htmlspecialchars($_POST["dest"])); - - if (!isset($dest) || ($dest != "OPPOSANT" && $dest != "RAPPORTEUR")) - return "Le destinataire est invalide."; - - $file = $_FILES["synthese"]; - - if ($file["size"] > 5000000 || $file["error"]) - return "Une erreur est survenue. Merci de vérifier que le fichier pèse moins que 5 Mo."; - - if (finfo_file(finfo_open(FILEINFO_MIME_TYPE), $file["tmp_name"]) != 'application/pdf') - return "Le fichier doit être au destmat PDF."; - - if (!is_dir("$LOCAL_PATH/files") && !mkdir("$LOCAL_PATH/files")) - return "Les droits sont insuffisants. Veuillez contacter l'administrateur du serveur."; - - $alphabet = "abcdefghijklmnopqrstuvwxyz0123456789"; - - do { - $id = ""; - for ($i = 0; $i < 64; ++$i) { - $id .= $alphabet[rand(0, strlen($alphabet) - 1)]; - } - } - while (file_exists("$LOCAL_PATH/files/$id")); - - if (!rename($file["tmp_name"], "$LOCAL_PATH/files/$id")) - return "Une erreur est survenue lors de l'envoi du fichier."; - - $req = $DB->prepare("INSERT INTO `syntheses`(`file_id`, `team`, `tournament`, `dest`) VALUES (?, ?, ?, ?);"); - $req->execute([$id, $_SESSION["team_id"], $_SESSION["tournament_id"], $dest]); - - return false; -} - -?> - - - -Il est trop tôt pour se préoccuper des notes de synthèse, attendez le tirage des poules."; - require_once "footer.php"; -} - -if (isset($error_message)) { - if ($error_message !== false) { - echo "

Erreur : " . $error_message . "

"; - } - else { - echo "

Le fichier a été correctement envoyé !

"; - } -}?> - - -
- - - - - - - - - - - - - - - -
- - - -
- - - -
- -
-
- - -
- -

Notes de synthèse soumises :

- -fetch()) !== false) { - $file_id = $data["file_id"]; - $dest = $data["dest"]; - $version = $data["version"]; - echo "Note de synthèse pour " . ($dest == "OPPOSANT" ? "l'opposant" : "le rapporteur") . " (Version $version) : Télécharger
"; -} -?> - - diff --git a/server_files/tournoi.php b/server_files/tournoi.php deleted file mode 100644 index 4645ab4..0000000 --- a/server_files/tournoi.php +++ /dev/null @@ -1,359 +0,0 @@ -prepare("SELECT * FROM `tournaments` WHERE `name` = ? AND `year` = $YEAR;"); -$response->execute([$tournament_name]); -$data = $response->fetch(); - -if ($data === false) - require_once "404.php"; - -$orgas_req = $DB->query("SELECT `users`.`id` AS `id`, `surname`, `first_name` FROM `users` JOIN `organizers` ON `users`.`id` = `organizer` WHERE `tournament` = " . $data["id"] . ";"); -$orgas = []; -$orgas_id = []; -while (($orga_data = $orgas_req->fetch()) !== false) { - $orgas[] = $orga_data["first_name"] . " " . $orga_data["surname"]; - $orgas_id[] = $orga_data["id"]; -} - -if (isset($_GET["modifier"]) && $_SESSION["role"] != "ADMIN" && !in_array($_SESSION["user_id"], $orgas_id)) - require_once "403.php"; - -if (isset($_POST["edit_tournament"])) { - $error_message = updateTournament(); -} - -if ($data["final"]) - $teams_response = $DB->query("SELECT `id`, `name`, `trigram`, `inscription_date`, `validation_status` FROM `teams` WHERE `final_selection` AND `year` = $YEAR;"); -else - $teams_response = $DB->query("SELECT `id`, `name`, `trigram`, `inscription_date`, `validation_status` FROM `teams` WHERE `tournament` = " . $data["id"] . " AND `year` = $YEAR;"); - -$orgas_response = $DB->query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE (`role` = 'ORGANIZER' OR `role` = 'ADMIN') AND `year` = '$YEAR';"); - -function updateTournament() { - global $DB, $URL_BASE, $YEAR, $data; - - $tournament_id = $data["id"]; - - $name = htmlspecialchars($_POST["name"]); - - $result = $DB->query("SELECT `id` FROM `tournaments` WHERE `name` = '" . $name . "' AND `id` != $tournament_id AND `year` = '$YEAR';"); - if ($result->fetch()) - return "Un tournoi existe déjà avec ce nom."; - - if (!isset($_POST["organizer"]) || sizeof($_POST["organizer"]) == 0) - return "Aucun organisateur n'a été choisi."; - - if ($_SESSION["role"] == "ADMIN") { - $organizers = $_POST["organizer"]; - $orga_mails = []; - - foreach ($organizers as $orga) { - $result = $DB->query("SELECT `role`, `email` FROM `users` WHERE `id` = '" . $orga . "' AND `year` = '$YEAR';"); - $data = $result->fetch(); - if ($data === FALSE) - return "L'organisateur spécifié n'existe pas."; - if ($data["role"] != "ORGANIZER" && $data["role"] != "ADMIN") - return "L'organisateur indiqué ne peut pas organiser de tournoi."; - $orga_mails[] = $data["email"]; - } - } - - try { - $size = intval(htmlspecialchars($_POST["size"])); - } - catch (Exception $ex) { - return "Le nombre d'équipes indiqué n'est pas un entier valide."; - } - - if ($size < 3 || $size > 12) - return "Un tournoi doit comporter entre 3 et 12 équipes."; - - $place = htmlspecialchars($_POST["place"]); - - try { - $price = intval(htmlspecialchars($_POST["price"])); - } - catch (Throwable $t) { - return "Le tarif pour les participants n'est pas un nombre valide."; - } - - if ($price < 0) - return "Le TFJM² ne va pas payer les élèves pour venir."; - - if ($price > 50) - return "Soyons raisonnable sur le prix."; - - $date_start = htmlspecialchars($_POST["date_start"]); - $date_start_parsed = date_parse_from_format("yyyy-mm-dd", $date_start); - - $date_end = htmlspecialchars($_POST["date_end"]); - $date_end_parsed = date_parse_from_format("yyyy-mm-dd", $date_end); - - $date_inscription = htmlspecialchars($_POST["date_inscription"]); - $time_inscription = htmlspecialchars($_POST["time_inscription"]); - $date_inscription_parsed = date_parse_from_format("yyyy-mm-dd", $date_inscription . ' ' . $time_inscription); - - $date_solutions = htmlspecialchars($_POST["date_solutions"]); - $time_solutions = htmlspecialchars($_POST["time_solutions"]); - $date_solutions_parsed = date_parse_from_format("yyyy-mm-dd", $date_solutions . ' ' . $time_solutions); - - $date_syntheses = htmlspecialchars($_POST["date_syntheses"]); - $time_syntheses = htmlspecialchars($_POST["time_syntheses"]); - $date_syntheses_parsed = date_parse_from_format("yyyy-mm-dd", $date_syntheses . ' ' . $time_syntheses); - - if (!$date_start_parsed || !$date_end_parsed || !$date_inscription_parsed || !$date_solutions_parsed || !$date_syntheses_parsed) - return "Une date est mal formée."; - - $description = htmlspecialchars($_POST["description"]); - - $req = $DB->prepare("UPDATE `tournaments` SET `name` = ?, `size` = ?, `place` = ?, `price` = ?, `description` = ?, - `date_start` = ?, `date_end` = ?, `date_inscription` = ?, `date_solutions` = ?, `date_syntheses` = ? - WHERE `id` = $tournament_id;"); - $req->execute([$name, $size, $place, $price, $description, $date_start, $date_end, - "$date_inscription $time_inscription", "$date_solutions $time_solutions", "$date_syntheses $time_syntheses"]); - - if ($_SESSION["role"] == "ADMIN") { - $DB->exec("DELETE FROM `organizers` WHERE `tournament` = $tournament_id;"); - foreach ($organizers as $orga) { - $req = $DB->prepare("INSERT INTO `organizers`(`organizer`, `tournament`) VALUES(?, ?);"); - $req->execute([$orga, $tournament_id]); - } - } - - header("Location: $URL_BASE/tournoi/" . $name); - exit(); -} - -?> - - - -

Tournoi de

- - Organisateur= 2 ? 's' : '' ?> : - $orgas[$i]"; - else - $s .= $orgas[$i]; - $s .= ", "; - } - echo substr($s, 0, -2); - ?> -
- Nombre d'équipes maximal :
- Lieu :
- Prix par partipant :
- Dates : Du au
- Clôture des inscriptions :
- Date limite d'envoi des solutions :
- Date limite d'envoi des notes de synthèse :
- Description :
- Ce tournoi est la finale nationale du TFJM² 2020.
"; - ?> - - - /modifier">Éditer le tournoi - - - - -
- -

Équipes inscrites à ce tournoi :

- - - - - - - - - - - - fetch()) != false) { - ?> - - - - - - - - - - - - - - - - -
- Équipe - - Trigramme - - Date d'inscription - - État de validation de l'inscription -
- " . $team_data["name"] . ""; - else - echo $team_data["name"]; - ?> - - -
- Équipe - - Trigramme - - Date d'inscription - - État de validation de l'inscription -
- - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - " required /> -
- - - -
- - - " required /> -
- - - " required /> -
- - - " required /> -
- - - Du " required /> - au " required /> -
- - - " required /> - " required /> -
- - - " required /> - " required /> -
- - - " required /> - " required /> -
- - - -
- -
-
- - - \ No newline at end of file diff --git a/server_files/tournois.php b/server_files/tournois.php deleted file mode 100644 index 5f160db..0000000 --- a/server_files/tournois.php +++ /dev/null @@ -1,58 +0,0 @@ -query("SELECT `name`, `date_start`, `date_end`, `date_inscription`, `date_solutions`, `size` FROM `tournaments` - WHERE `year` = '$YEAR' AND `final` = false ORDER BY `date_start`, `name`;"); -$final_data = $DB->query("SELECT `name`, `date_start`, `date_end`, `date_solutions`, `size` FROM `tournaments` WHERE `final` AND `year` = $YEAR;")->fetch(); - -?> - - - -

Liste des tournois

- - - - - - - - - - - - - fetch()) !== FALSE) { - ?> - - - - - - - - - - - - - - - - - - - - - - - - - -
LieuDatesInscription avant leDate de rendu des solutionsPlaces disponibles
">Du au
">Du au
LieuDatesInscription avant leDate de rendu des solutionsPlaces disponibles
- - \ No newline at end of file diff --git a/server_files/views/ajouter_equipe.php b/server_files/views/ajouter_equipe.php new file mode 100644 index 0000000..a7def93 --- /dev/null +++ b/server_files/views/ajouter_equipe.php @@ -0,0 +1,54 @@ + +

Vous devez être participant ou encadrant pour pouvoir ajouter une équipe.

+ +

Vous êtes déjà dans une équipe.

+ + Votre équipe a bien été créée ! Voici le code d'accès à transmettre aux autres membres de votre équipe : + + +Erreur : " . $error_message . ""; ?> + +
+ + + + + + + + + + + + + + + + + + + +
+ + + +
+ + + +
+ + + +
+ +
+
+ \ No newline at end of file diff --git a/server_files/views/ajouter_organisateur.php b/server_files/views/ajouter_organisateur.php new file mode 100644 index 0000000..4ca6ba0 --- /dev/null +++ b/server_files/views/ajouter_organisateur.php @@ -0,0 +1,53 @@ +Erreur : " . $error_message . ""; + } else { + echo "

Organisateur ajouté avec succès ! Ses identifiants ont été transmis par mail.

"; + } +} ?> + +
+ + + + + + + + + + + + + + + + + + + + + + + +
+ + + +
+ + + +
+ + + +
+ + + +
+ +
+
\ No newline at end of file diff --git a/server_files/views/ajouter_tournoi.php b/server_files/views/ajouter_tournoi.php new file mode 100644 index 0000000..cc8d84f --- /dev/null +++ b/server_files/views/ajouter_tournoi.php @@ -0,0 +1,121 @@ +Erreur : " . $error_message . ""; + } else { + echo "

Tournoi de " . htmlspecialchars($_POST["name"]) . " ajouté avec succès !

"; + } +}?> + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + + +
+ + + +
+ + + +
+ + + +
+ + + +
+ + + Du au + +
+ + + + + +
+ + + + + +
+ + + + + +
+ + + +
+ + + +
+ +
+
\ No newline at end of file diff --git a/server_files/views/connexion.php b/server_files/views/connexion.php new file mode 100644 index 0000000..647e99e --- /dev/null +++ b/server_files/views/connexion.php @@ -0,0 +1,92 @@ +Erreur : " . $error_message . ""; ?> + + +

Vous êtes déjà connecté !

+ + + +
+ + + + + + + + + + +
+ + + +
+ +
+
+ +
+ " /> + + + + + + + + + + + + + + +
+ + + +
+ + + +
+ +
+
+ + +
+ + + + + + + + + + + + + + + + +
+ + Mot de passe oublié ? +
+
+ + \ No newline at end of file diff --git a/server_files/views/equipe.php b/server_files/views/equipe.php new file mode 100644 index 0000000..40f0c73 --- /dev/null +++ b/server_files/views/equipe.php @@ -0,0 +1,93 @@ +

Informations sur l'équipe

+ +Nom de l'équipe :
+Trigramme :
+Tournoi : ">
+query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE `id` = " . $team_data["encadrant_" . $i] . " AND `year` = '$YEAR';")->fetch(); + $id = $user_data["id"]; + echo "Encadrant $i : " . $user_data["first_name"] . " " . $user_data["surname"] . "
"; +} +for ($i = 1; $i <= 6; ++$i) { + if ($team_data["participant_" . $i] == NULL) + continue; + $user_data = $DB->query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE `id` = " . $team_data["participant_" . $i] . " AND `year` = '$YEAR';")->fetch(); + $id = $user_data["id"]; + echo "Participant $i : " . $user_data["first_name"] . " " . $user_data["surname"] . "
"; +} +if ($team_data["final_selection"]) { + $final_name = $_SESSION["final_name"]; + echo "Équipe sélectionnée pour la finale nationale."; +} +?> + +
+ +

Autorisations

+ +fetch()) !== false) { + $file_id = $data["file_id"]; + $type = $data["type"]; + $user_id = $data["user"]; + $user_data = $DB->query("SELECT `surname`, `first_name` FROM `users` WHERE `id` = '$user_id';")->fetch(); + $surname = $user_data["surname"]; + $first_name = $user_data["first_name"]; + $version = $data["version"]; + switch ($data["type"]) { + case "PARENTAL_CONSENT": + $name = "Autorisation parentale"; + break; + case "PHOTO_CONSENT": + $name = "Autorisation de droit à l'image"; + break; + case "SANITARY_PLUG": + $name = "Fiche sanitaire"; + break; + } + echo "$name de $first_name $surname : Télécharger
"; +} +?> + + +
+

Autorisations pour la finale

+ fetch()) !== false) { + $file_id = $data["file_id"]; + $type = $data["type"]; + $user_id = $data["user"]; + $user_data = $DB->query("SELECT `surname`, `first_name` FROM `users` WHERE `id` = '$user_id';")->fetch(); + $surname = $user_data["surname"]; + $first_name = $user_data["first_name"]; + $version = $data["version"]; + switch ($data["type"]) { + case "PARENTAL_CONSENT": + $name = "Autorisation parentale"; + break; + case "PHOTO_CONSENT": + $name = "Autorisation de droit à l'image"; + break; + case "SANITARY_PLUG": + $name = "Fiche sanitaire"; + break; + } + echo "$name de $first_name $surname : Télécharger
"; + } +} + +if ($team_data["validation_status"] == "WAITING" && $_SESSION["role"] == "ADMIN") { ?> +
+ +
+ +
+ +
+ \ No newline at end of file diff --git a/server_files/footer.php b/server_files/views/footer.php similarity index 92% rename from server_files/footer.php rename to server_files/views/footer.php index b806435..078caa7 100644 --- a/server_files/footer.php +++ b/server_files/views/footer.php @@ -1,6 +1,6 @@ - - - - - - + + + + + + diff --git a/server_files/header.php b/server_files/views/header.php similarity index 54% rename from server_files/header.php rename to server_files/views/header.php index d521b4f..256d8d0 100644 --- a/server_files/header.php +++ b/server_files/views/header.php @@ -1,144 +1,75 @@ -exec("UPDATE `users` SET `role` = 'ADMIN' WHERE `id` = '" . $_SESSION["user_id"] . "';"); - quitTeam(); - header("Location: $URL_BASE"); - exit(); -} - -if (isset($_SESSION["user_id"]) && isset($_GET["be-organizer"])) { - $DB->exec("UPDATE `users` SET `role` = 'ORGANIZER' WHERE `id` = '" . $_SESSION["user_id"] . "';"); - quitTeam(); - header("Location: $URL_BASE"); - exit(); -} - -if (isset($_SESSION["user_id"]) && isset($_GET["be-participant"])) { - $DB->exec("UPDATE `users` SET `role` = 'PARTICIPANT' WHERE `id` = '" . $_SESSION["user_id"] . "';"); - quitTeam(); - header("Location: $URL_BASE"); - exit(); -} - -if (isset($_SESSION["user_id"]) && isset($_GET["be-encadrant"])) { - $DB->exec("UPDATE `users` SET `role` = 'ENCADRANT' WHERE `id` = '" . $_SESSION["user_id"] . "';"); - quitTeam(); - header("Location: $URL_BASE"); - exit(); -} - -function quitTeam() { - global $DB, $URL_BASE; - - if ($_SESSION["role"] == "ADMIN" || $_SESSION["role"] == "ORGANIZER") - return; - - for ($i = 1; $i <= ($_SESSION["role"] == "PARTICIPANT" ? 6 : 2); ++$i) - /** @noinspection SqlResolve */ - $DB->exec("UPDATE `teams` SET `" . strtolower($_SESSION["role"]) . "_$i` = NULL WHERE `" . strtolower($_SESSION["role"]) . "_$i` = " . $_SESSION["user_id"] . ";"); - $DB->exec("UPDATE `users` SET `team_id` = NULL WHERE `id` = " . $_SESSION["user_id"] . ";"); - $DB->exec("UPDATE `teams` SET `encadrant_1` = `encadrant_2`, `encadrant_2` = NULL WHERE `encadrant_1` IS NULL;"); - for ($i = 1; $i <= 5; ++$i) { - /** @noinspection SqlResolve */ - $DB->exec("UPDATE `teams` SET `participant_$i` = `participant_" . strval($i + 1) . "`, `participant_" . strval($i + 1) . "` = NULL WHERE `participant_$i` IS NULL;"); - } - - $req = $DB->query("SELECT `file_id` FROM `documents` WHERE `user` = '" . $_SESSION["user_id"] . "';"); - while (($data = $req->fetch()) !== false) - unlink("$URL_BASE/files/" . $data["file_id"]); - $DB->exec("DELETE FROM `documents` WHERE `user` = '" . $_SESSION["user_id"] . "';"); - - if ($DB->exec("DELETE FROM `teams` WHERE `encadrant_1` IS NULL AND `participant_1` IS NULL;") > 0) { - $req = $DB->query("SELECT `file_id` FROM `solutions` WHERE `team` = '" . $_SESSION["team_id"] . "';"); - while (($data = $req->fetch()) !== false) - unlink("$URL_BASE/files/" . $data["file_id"]); - $DB->exec("DELETE FROM `solutions` WHERE `team` = " . $_SESSION["team_id"] . ";"); - - $req = $DB->query("SELECT `file_id` FROM `syntheses` WHERE `team` = '" . $_SESSION["team_id"] . "';"); - while (($data = $req->fetch()) !== false) - unlink("$URL_BASE/files/" . $data["file_id"]); - $DB->exec("DELETE FROM `syntheses` WHERE `team` = " . $_SESSION["team_id"] . ";"); - } - unset($_SESSION["team_id"]); - unset($_SESSION["team_validation_status"]); -} - -?> - - - - - - - Site d'inscription pour le TFJM² <?= $YEAR ?> - - - - - - - - - - - - - - - - - - - -
-
- + + + + + + Site d'inscription pour le TFJM² <?= $YEAR ?> + + + + + + + + + + + + + + + + + + + +
+
\ No newline at end of file diff --git a/server_files/views/index.php b/server_files/views/index.php new file mode 100644 index 0000000..ab44cbc --- /dev/null +++ b/server_files/views/index.php @@ -0,0 +1,104 @@ +
+ + + + + +
+ + +
+ + +

Vous souhaitez participer au tournoi ? Votre équipe est déjà formée ?

+

Créez un compte pour commencer la procédure d'inscription ou connectez-vous si votre équipe a déjà un compte.

+
+ +
+ +
+

Bienvenue sur le site d'inscription du TFJM2 !

+
+ +
+ Ce site a été conçu pour gérer les inscriptions au Tournoi Français des Jeunes Mathématiciennes et Mathématiciens. +
+ Cliquez ici pour accéder au site de présentation du tournoi. +
+ +
+ + +

+ Attention aux échéances ! Chaque tournoi a une date limite pour les inscriptions et une date limite pour déposer vos solutions. Elles sont affichées avec les informations de chaque tournoi. Merci de vous y référer ! +
+ Une fois l'échéance passée, le site bloque tout accès aux inscriptions (et respectivement au dépôt des solutions). +

+ +

+ Attention, modification du règlement par rapport aux années précédentes : article 4.3 +
+ "l’équipe doit envoyer par mail à contact@tfjm.org, une lettre (au format pdf), répondant aux questions suivantes : +
+ +

    +
  • Comment l’équipe s’est-elle formée ?
    • +
  • Comment l’équipe va-t-elle travailler (où peut-elle se rencontrer, à quelle fréquence, rencontres avec l’encadrant•e) ?
    • +
+ + Cette lettre permettra aux organisateurs•trices de vérifier que l’équipe dispose des conditions nécessaires à une participation sérieuse. Sont dispensées les équipes dont la moitié ou plus des membres sont scolarisés dans le même établissement. Le comité National d’Organisation se réserve le droit d’accepter ou non l’inscription des équipes concernées par cette lettre." +
+ + Pour plus de détail, voir le règlement : https://tfjm.org/infos-tournois/ +

+ + +
+

Comment ça marche ?

+
+ +

+ Pour participer à l'un des tournois régionaux, il suffit de créer un compte sur la rubrique Inscription. Il vous faudra une adresse email pour ce faire. Un mail de confirmation sera envoyé à cette adresse. Il vous fournira un nom d'utilisateur et un mot de passe que vous allez devoir changer par la suite. +

+ +

+ Vous pouvez accéder à votre compte via la rubrique Connexion. Une fois connecté, vous pourrez : +

    +
  • rentrer des informations sur les membres de votre équipe, tant participants qu'encadrants ;
    • +
  • enregistrer et télécharger des versions préliminaires de vos solutions (seulement la dernière version enregistrée avant + la date limite sera prise en compte pour le tournoi).
    • +
+ + Une fois que vous aurez fourni toutes les informations demandées dans la rubrique Mon Équipe, votre inscription pourra être validée par les organisateurs locaux. +

+ + +

ATTENTION ! Votre équipe ne sera considérée comme admissible à participer au tournoi que lorsque cette première étape aura été franchie.

+ +

Pensez donc à former une équipe complète (minimum 4 participants et 1 encadrant) le plus tôt possible pour avoir plus de chances de participer, compte tenu du nombre des places disponibles dans chaque tournoi (qui sera dûment affiché sur la rubrique Liste des Tournois). Les équipes restantes seront placées en liste d'attente. +

+ +

+ Pour les équipes dont l'inscription aura été validée, des documents à télécharger, remplir et signer deviendront disponibles sur votre compte. Vous allez devoir ensuite les scanner et les télécharger vers le site pour compléter votre inscription. +

+ + +

ATTENTION ! Les équipes qui ne respecteront pas les délais pour rendre ces documents risquent d'être disqualifiées et de laisser leur place aux équipes placées en liste d'attente.

+ +

+ NB : Ce site est récent et il est encore possible que certaines pages ne fonctionnent pas correctement. Si vous remarquez des bugs, merci de les signaler à l'adresse contact@tfjm.org. +

+ + + + + + + + + +
\ No newline at end of file diff --git a/server_files/informations.php b/server_files/views/informations.php similarity index 74% rename from server_files/informations.php rename to server_files/views/informations.php index d32a7f2..a96220e 100644 --- a/server_files/informations.php +++ b/server_files/views/informations.php @@ -1,35 +1,9 @@ -query("SELECT * FROM `users` WHERE `id` = $id;")->fetch(); - -if ($user_data === false) { - require_once "404.php"; -} - -$team_data = false; -if ($user_data["team_id"] !== NULL) - $team_data = $DB->query("SELECT `name`, `trigram` FROM `teams` WHERE `id` = " . $user_data["team_id"] . ";")->fetch(); - -$documents_req = $DB->query("SELECT * FROM `documents` WHERE `user` = $id;"); -$tournaments_req = $DB->query("SELECT `tournament`, `name` FROM `organizers` JOIN `tournaments` ON `tournaments`.`id` = `tournament` WHERE `organizer` = $id ORDER BY `date_start`, `name`;"); - -?> - - -

Équipe : " . $team_data["name"] . " (" . $team_data["trigram"] . ")" ?>
-Date de naissance :
+Date de naissance :
Sexe :
Adresse :
Adresse e-mail : ">
@@ -91,6 +65,4 @@ elseif ($user_data["role"] == "PARTICIPANT" || $user_data["role"] == "ENCADRANT" } echo "$name de $first_name $surname : Télécharger
"; } -} ?> - - +} \ No newline at end of file diff --git a/server_files/views/inscription.php b/server_files/views/inscription.php new file mode 100644 index 0000000..4718ea8 --- /dev/null +++ b/server_files/views/inscription.php @@ -0,0 +1,145 @@ +Erreur : " . $error_message . ""; ?> + + + Votre inscription est validée ! Merci désormais de confirmer votre boîte mail pour valider votre adresse. + + +

Vous êtes déjà connecté !

+ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
" required />
" required />
" required />
" required />
/> + />
" />
" min="1000" max="95999" required />
" />
" required />
" />
" />
" />
" />
" />
+
+ + + + \ No newline at end of file diff --git a/server_files/views/mon_compte.php b/server_files/views/mon_compte.php new file mode 100644 index 0000000..bca8208 --- /dev/null +++ b/server_files/views/mon_compte.php @@ -0,0 +1,173 @@ +Erreur : " . $error_message . ""; ?> + + +

Votre compte a bien été mis à jour !

+ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
/> + />
+ + + +
+ +
+ + + +
+ +
+ + + +
+ +
+
+ +
+ +
+ + + + + + + + + + + + + + + + + +
+
\ No newline at end of file diff --git a/server_files/views/mon_equipe.php b/server_files/views/mon_equipe.php new file mode 100644 index 0000000..988996a --- /dev/null +++ b/server_files/views/mon_equipe.php @@ -0,0 +1,164 @@ +Erreur : " . $error_message . ""; + } else { + echo "

Le fichier a été correctement envoyé !

"; + } +} ?> + +

Informations sur l'équipe

+ +Nom de l'équipe :
+Trigramme :
+Tournoi : ">
+query("SELECT `surname`, `first_name` FROM `users` WHERE `id` = " . $team_data["encadrant_" . $i] . " AND `year` = '$YEAR';")->fetch(); + echo "Encadrant $i : " . $user_data["first_name"] . " " . $user_data["surname"] . "
"; +} +for ($i = 1; $i <= 6; ++$i) { + if ($team_data["participant_" . $i] == NULL) + continue; + $user_data = $DB->query("SELECT `surname`, `first_name` FROM `users` WHERE `id` = " . $team_data["participant_" . $i] . " AND `year` = '$YEAR';")->fetch(); + echo "Participant $i : " . $user_data["first_name"] . " " . $user_data["surname"] . "
"; +} +?> +Code d'accès :
+Équipe sélectionnée pour la finale nationale.
"; +} ?> + + + +
+ + + + + + + + + + + + + + + + + + + +
+ + + "/> +
+ + + "/> +
+ + + +
+ +
+
+ + + + + + Modifier mon équipe + +
+

Mes autorisations

+ fetch()) !== false) { + $file_id = $data["file_id"]; + $type = $data["type"]; + $version = $data["version"]; + switch ($data["type"]) { + case "PARENTAL_CONSENT": + $name = "Autorisation parentale"; + break; + case "PHOTO_CONSENT": + $name = "Autorisation de droit à l'image"; + break; + case "SANITARY_PLUG": + $name = "Fiche sanitaire"; + break; + } + echo "$name : Télécharger
"; + } + if ($team_data["validation_status"] == "NOT_READY") { ?> +
+ + + + + + + + + + + + + + + +
+ + + +
+ + + +
+ +
+
+ +
+ + + + + + + + +
+
+ +
+ 		+
+ +
+
+ + diff --git a/server_files/views/rejoindre_equipe.php b/server_files/views/rejoindre_equipe.php new file mode 100644 index 0000000..71273c2 --- /dev/null +++ b/server_files/views/rejoindre_equipe.php @@ -0,0 +1,34 @@ + +

Vous devez être participant ou encadrant pour pouvoir rejoindre une équipe.

+ + Vous avez bien rejoint l'équipe ! + +

Vous êtes déjà dans une équipe.

+ + + Erreur : " . $error_message . ""; ?> + +
+ + + + + + + + + + + +
+ + + +
+ +
+
+ + \ No newline at end of file diff --git a/server_files/views/solutions.php b/server_files/views/solutions.php new file mode 100644 index 0000000..6c1a36f --- /dev/null +++ b/server_files/views/solutions.php @@ -0,0 +1,58 @@ +Erreur : " . $error_message . ""; + } else { + echo "

Le fichier a été correctement envoyé !

"; + } +}?> + + +
+ + + + + + + + + + + + + + + +
+ + + +
+ + + +
+ +
+
+ + +
+ +

Solutions soumises :

+ +fetch()) !== false) { + $file_id = $data["file_id"]; + $problem = $data["problem"]; + $version = $data["version"]; + echo "Problème $problem (Version $version) : Télécharger
"; +} +?> + diff --git a/server_files/views/syntheses.php b/server_files/views/syntheses.php new file mode 100644 index 0000000..e05ed0b --- /dev/null +++ b/server_files/views/syntheses.php @@ -0,0 +1,61 @@ +Il est trop tôt pour se préoccuper des notes de synthèse, attendez le tirage des poules."; + require_once "../views/footer.php"; +} + +if (isset($error_message)) { + if ($error_message !== false) { + echo "

Erreur : " . $error_message . "

"; + } + else { + echo "

Le fichier a été correctement envoyé !

"; + } +}?> + + +
+ + + + + + + + + + + + + + + +
+ + + +
+ + + +
+ +
+
+ + +
+ +

Notes de synthèse soumises :

+ +fetch()) !== false) { + $file_id = $data["file_id"]; + $dest = $data["dest"]; + $version = $data["version"]; + echo "Note de synthèse pour " . ($dest == "OPPOSANT" ? "l'opposant" : "le rapporteur") . " (Version $version) : Télécharger
"; +} +?> \ No newline at end of file diff --git a/server_files/views/tournoi.php b/server_files/views/tournoi.php new file mode 100644 index 0000000..a058b66 --- /dev/null +++ b/server_files/views/tournoi.php @@ -0,0 +1,222 @@ +

Tournoi de

+ +Organisateur= 2 ? 's' : '' ?> : +$orgas[$i]"; + else + $s .= $orgas[$i]; + $s .= ", "; +} +echo substr($s, 0, -2); +?> +
+Nombre d'équipes maximal :
+Lieu :
+Prix par partipant :
+Dates : Du au
+Clôture des inscriptions :
+Date limite d'envoi des solutions :
+Date limite d'envoi des notes de synthèse :
+Description :
+Ce tournoi est la finale nationale du TFJM² 2020.
"; +?> + + + /modifier">Éditer le tournoi + + + + +
+ +

Équipes inscrites à ce tournoi :

+ + + + + + + + + + + + fetch()) != false) { + ?> + + + + + + + + + + + + + + + + +
+ Équipe + + Trigramme + + Date d'inscription + + État de validation de l'inscription +
+ " . $team_data["name"] . ""; + else + echo $team_data["name"]; + ?> + + +
+ Équipe + + Trigramme + + Date d'inscription + + État de validation de l'inscription +
+ + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + + " required /> +
+ + + +
+ + + " required /> +
+ + + " required /> +
+ + + " required /> +
+ + + Du " required /> + au " required /> +
+ + + " required /> + " required /> +
+ + + " required /> + " required /> +
+ + + " required /> + " required /> +
+ + + +
+ +
+
+ + diff --git a/server_files/views/tournois.php b/server_files/views/tournois.php new file mode 100644 index 0000000..b145b75 --- /dev/null +++ b/server_files/views/tournois.php @@ -0,0 +1,44 @@ +

Liste des tournois

+ + + + + + + + + + + + + fetch()) !== FALSE) { + ?> + + + + + + + + + + + + + + + + + + + + + + + + + +
LieuDatesInscription avant leDate de rendu des solutionsPlaces disponibles
">Du au
">Du au
LieuDatesInscription avant leDate de rendu des solutionsPlaces disponibles
\ No newline at end of file