ynerant/plateforme-tfjm2
1
0
Fork 0
mirror of https://gitlab.com/animath/si/plateforme.git synced 2025-06-25 16:17:24 +02:00
Code Issues Releases Wiki Activity

Utilisation des nouvelles classes, amélioration du code

Browse Source
This commit is contained in:
galaxyoyo
2019-09-07 01:33:05 +02:00
parent b5d567e364
commit bffaf4b360
30 changed files with 472 additions and 440 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
server_files/controllers/ajouter_equipe.php
View File

@ -2,6 +2,9 @@
require_once "../config.php";
if (!isset($_SESSION["role"]) || ($_SESSION["role"] != Role::PARTICIPANT && $_SESSION["role"] != Role::ENCADRANT))
require_once "../403.php";
$tournaments_response = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `date_inscription` > CURRENT_DATE AND `year` = '$YEAR';");
if (isset($_POST["submitted"])) {
@ -11,7 +14,7 @@ if (isset($_POST["submitted"])) {
function registerTeam() {
global $DB, $YEAR, $MAIL_ADDRESS, $access_code;
if ($_SESSION["team_id"] != NULL)
if ($_SESSION["team"] != NULL)
return "Vous êtes déjà dans une équipe.";
$name = htmlspecialchars($_POST["name"]);
@ -33,10 +36,8 @@ function registerTeam() {
return "Une équipe a déjà choisi ce trigramme.";
$tournament_id = intval(htmlspecialchars($_POST["tournament"]));
$result = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `id` = '" . $tournament_id . "' AND `year` = '$YEAR';");
$data = $result->fetch();
if ($data === FALSE)
$tournament = Tournament::fromId($tournament_id);
if ($tournament === null)
return "Le tournoi spécifié n'existe pas.";
$alphabet = "0123456789abcdefghijkmnopqrstuvwxyz0123456789";
@ -46,18 +47,17 @@ function registerTeam() {
$req = $DB->prepare("INSERT INTO `teams` (`name`, `trigram`, `tournament`, `encadrant_1`, `participant_1`, `validation_status`, `access_code`, `year`)
VALUES (?, ?, ?, ?, ?, ?, ?, ?);");
$req->execute([$name, $trigram, $tournament_id, $_SESSION["role"] == "ENCADRANT" ? $_SESSION["user_id"] : NULL,
$_SESSION["role"] == "PARTICIPANT" ? $_SESSION["user_id"] : NULL, "NOT_READY", $access_code, $YEAR]);
$req->execute([$name, $trigram, $tournament_id, $_SESSION["role"] == Role::ENCADRANT ? $_SESSION["user_id"] : NULL,
$_SESSION["role"] == Role::PARTICIPANT ? $_SESSION["user_id"] : NULL, ValidationStatus::NOT_READY, $access_code, $YEAR]);
$result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `year` = '$YEAR';");
$data_team = $result->fetch();
$DB->prepare("UPDATE `users` SET `team_id` = ? WHERE `id` = " . $_SESSION["user_id"] . ";")->execute([$data_team["id"]]);
$_SESSION["team"] = Team::fromTrigram($trigram);
$_SESSION["user"]->setTeamId($_SESSION["team"]->getId());
$msg = "Bonjour " . $_SESSION["first_name"] . " " . $_SESSION["surname"] . ",\r\n\r\n";
$msg .= "Vous venez de créer l'équipe « $name » ($trigram) pour le TFJM² de " . $data["name"] . " et nous vous en remercions. ";
$msg = "Bonjour " . $_SESSION["user"]->getFirstName() . " " . $_SESSION["user"]->getSurname() . ",\r\n\r\n";
$msg .= "Vous venez de créer l'équipe « $name » ($trigram) pour le TFJM² de " . $tournament->getName() . " et nous vous en remercions. ";
$msg .= "Afin de permettre aux autres membres de votre équipe de vous rejoindre, veuillez leur transmettre le code d'accès : " . $access_code . "\r\n\r\n";
$msg .= "Cordialement,\r\n\r\nL'organisation du TFJM² $YEAR";
mail($_SESSION["email"], "Nouvelle équipe TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n");
mail($_SESSION["user"]->getEmail(), "Nouvelle équipe TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n");
return false;
}

2
server_files/controllers/ajouter_organisateur.php
View File

@ -2,7 +2,7 @@
require_once "../config.php";
if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ADMIN")
if (!isset($_SESSION["role"]) || $_SESSION["role"] != Role::ADMIN)
require_once "../403.php";
if (isset($_POST["submitted"])) {

4
server_files/controllers/ajouter_tournoi.php
View File

@ -2,7 +2,7 @@
require_once "../config.php";
if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ADMIN")
if (!isset($_SESSION["role"]) || $_SESSION["role"] != Role::ADMIN)
require_once "../403.php";
$orgas_response = $DB->query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE (`role` = 'ORGANIZER' OR `role` = 'ADMIN') AND `year` = '$YEAR';");
@ -31,7 +31,7 @@ function registerTournament() {
$data = $result->fetch();
if ($data === FALSE)
return "L'organisateur spécifié n'existe pas.";
if ($data["role"] != "ORGANIZER" && $data["role"] != "ADMIN")
if ($data["role"] != Role::ORGANIZER && $data["role"] != Role::ADMIN)
return "L'organisateur indiqué ne peut pas organiser de tournoi.";
$orga_mails[] = $data["email"];
}

38
server_files/controllers/connexion.php
View File

@ -26,7 +26,7 @@ if (isset($_GET["confirmation-mail"]) && !isset($_SESSION["user_id"])) {
}
function login() {
global $DB, $URL_BASE;
global $URL_BASE;
$email = htmlspecialchars($_POST["email"]);
@ -35,39 +35,39 @@ function login() {
$password = htmlspecialchars($_POST["password"]);
$result = $DB->query("SELECT `id`, `pwd_hash`, `email`, `surname`, `first_name`, `role`, `team_id`, `confirm_email` FROM `users` WHERE `email` = '" . $email . "';");
if (($data = $result->fetch()) === FALSE)
$user = User::fromEmail($email);
if ($user === FALSE)
return "Le compte n'existe pas.";
if ($data["confirm_email"] !== NULL) {
if ($user->getConfirmEmailToken() !== NULL) {
$_SESSION["confirm_email"] = $email;
return "L'adresse mail n'a pas été validée. Veuillez vérifier votre boîte mail (surtout vos spams). <a href=\"$URL_BASE/connexion/confirmation-mail\">Cliquez ici pour renvoyer le mail de confirmation</a>.";
}
if (!password_verify($password, $data["pwd_hash"]))
if (!$user->checkPassword($password))
return "Le mot de passe est incorrect.";
$_SESSION["user_id"] = $data["id"];
$_SESSION["user_id"] = $user->getId();
loadUserValues();
return false;
}
function recuperateAccount() {
global $DB, $MAIL_ADDRESS, $URL_BASE, $YEAR;
global $MAIL_ADDRESS, $URL_BASE;
$email = htmlspecialchars($_POST["email"]);
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
return "L'email entrée est invalide.";
$req = $DB->query("SELECT `id` FROM `users` WHERE `email` = '$email' AND `year` = $YEAR;");
if (!$req->fetch())
$user = User::fromEmail($email);
if ($user == null)
return "Le compte n'existe pas.";
$token = uniqid();
$DB->exec("UPDATE `users` SET `forgotten_password` = '$token' WHERE `email` = '$email' AND `year` = $YEAR;");
$user->setForgottenPasswordToken($token);
$msg = "Bonjour,\r\n\r\n"
. "Vous avez indiqué avoir oublié votre mot de passe. Veuillez cliquer ici pour le réinitialiser : $URL_BASE/connexion/reinitialiser_mdp/$token\r\n\r\n"
@ -81,7 +81,7 @@ function recuperateAccount() {
function resetPassword() {
global $DB, $MAIL_ADDRESS, $reset_data;
$id = $reset_data["id"];
$email = $reset_data["email"];
$password = htmlspecialchars($_POST["password"]);
@ -92,9 +92,9 @@ function resetPassword() {
if ($password != $confirm)
return "Les deux mots de passe sont différents.";
$hash = password_hash($password, PASSWORD_BCRYPT);
$DB->prepare("UPDATE `users` SET `pwd_hash` = ?, `forgotten_password` = NULL WHERE `id` = ?;")->execute([$hash, $id]);
$msg = "Bonjour,\r\n\r\nNous vous informons que votre mot de passe vient d'être modifié. "
@ -106,7 +106,7 @@ function resetPassword() {
}
function sendConfirmEmail() {
global $DB, $URL_BASE, $MAIL_ADDRESS, $YEAR;
global $URL_BASE, $MAIL_ADDRESS, $YEAR;
$email = htmlspecialchars($_SESSION["confirm_email"]);
@ -114,16 +114,16 @@ function sendConfirmEmail() {
header("Location: $URL_BASE/connexion");
exit();
}
$user = User::fromEmail($email);
$data = $DB->query("SELECT `confirm_email` FROM `users` WHERE `email` = '$email' AND `year` = $YEAR;")->fetch();
if ($data === FALSE) {
if ($user === null) {
unset($_SESSION["confirm_email"]);
header("Location: $URL_BASE/connexion");
exit();
}
$confirm_email_uid = $data["confirm_email"];
$confirm_email_uid = $user->getConfirmEmailToken();
$msg = "Bonjour,\r\n\r\nPour confirmer votre adresse mail, cliquez ici : $URL_BASE/confirmer_mail/$confirm_email_uid\r\n\r\n"
. "Cordialement,\r\n\r\nLe comité national d'organisation du TFJM²";

41
server_files/controllers/equipe.php
View File

@ -2,23 +2,27 @@
require_once "../config.php";
if (!isset($_SESSION["user_id"]) || $_SESSION["role"] != Role::ORGANIZER && $_SESSION["role"] != Role::ADMIN)
require_once "../403.php";
$trigram = htmlspecialchars($_GET["trigram"]);
$team = Team::fromTrigram($trigram);
if ($team === null)
require_once "../404.php";
if (isset($_POST["validate"])) {
$DB->exec("UPDATE `teams` SET `validation_status` = 'VALIDATED' WHERE `trigram` = '$trigram' AND `year` = $YEAR;");
$team->setValidationStatus(ValidationStatus::VALIDATED);
}
$team_data = $DB->query("SELECT * FROM `teams` WHERE `trigram` = '$trigram' AND `year` = $YEAR;")->fetch();
if (isset($_POST["select"])) {
$DB->exec("UPDATE `teams` SET `final_selection` = true, `validation_status` = 'NOT_READY' WHERE `trigram` = '$trigram' AND `year` = $YEAR;");
$team_data["validation_status"] = "NOT_READY";
$team_data["final_selection"] = true;
$final_id = $_SESSION["final_id"];
$team_id = $team_data["id"];
$team->selectForFinal(true);
$team->setValidationStatus(ValidationStatus::NOT_READY);
$_SESSION["final"] = Tournament::getFinalTournament();
$sols_req = $DB->prepare("SELECT `file_id`, `problem`, COUNT(`problem`) AS `version` FROM `solutions` WHERE `team` = ? AND `tournament` = ? GROUP BY `problem`, `uploaded_at` ORDER BY `problem`, `uploaded_at` DESC;");
$sols_req->execute([$team_data["id"], $team_data["tournament"]]);
$sols_req->execute([$team->getId(), $team->getTournamentId()]);
while (($sol_data = $sols_req->fetch()) !== false) {
$old_id = $sol_data["file_id"];
$alphabet = "abcdefghijklmnopqrstuvwxyz0123456789";
@ -35,11 +39,11 @@ if (isset($_POST["select"])) {
$req = $DB->prepare("INSERT INTO `solutions`(`file_id`, `team`, `tournament`, `problem`)
VALUES (?, ?, ?, ?);");
$req->execute([$id, $team_id, $_SESSION["final_id"], $sol_data["problem"]]);
$req->execute([$id, $team->getId(), $_SESSION["final_id"], $sol_data["problem"]]);
}
$syntheses_req = $DB->prepare("SELECT `file_id`, `dest`, COUNT(`dest`) AS `version` FROM `syntheses` WHERE `team` = ? AND `tournament` = ? GROUP BY `dest`, `uploaded_at` ORDER BY `dest`, `uploaded_at` DESC;");
$syntheses_req->execute([$team_data["id"], $team_data["tournament"]]);
$syntheses_req->execute([$team->getId(), $team->getTournamentId()]);
while (($synthese_data = $syntheses_req->fetch()) !== false) {
$old_id = $synthese_data["file_id"];
$alphabet = "abcdefghijklmnopqrstuvwxyz0123456789";
@ -55,23 +59,20 @@ if (isset($_POST["select"])) {
copy("$LOCAL_PATH/files/$old_id", "$LOCAL_PATH/files/$id");
$req = $DB->prepare("INSERT INTO `syntheses`(`file_id`, `team`, `tournament`, `dest`) VALUES (?, ?, ?, ?);");
$req->execute([$id, $team_id, $_SESSION["final_id"], $synthese_data["dest"]]);
$req->execute([$id, $team->getId(), $_SESSION["final"]->getId(), $synthese_data["dest"]]);
}
}
if ($team_data === false)
require_once "../404.php";
$tournament_data = $DB->query("SELECT `name`, `date_start` FROM `tournaments` WHERE `id` = '" . $team_data["tournament"] . "' AND `year` = '$YEAR';")->fetch();
$documents_req = $DB->prepare("SELECT `file_id`, `user`, `type`, COUNT(`type`) AS `version` FROM `documents` WHERE `team` = ? AND `tournament` = ? GROUP BY `user`, `type` ORDER BY `user`, `type` ASC, MAX(`uploaded_at`) DESC;");
$documents_req->execute([$team_data["id"], $team_data["tournament"]]);
$documents_req->execute([$team->getId(), $team->getId()]);
if ($team_data["final_selection"]) {
if ($team->isSelectedForFinal()) {
$documents_final_req = $DB->prepare("SELECT `file_id`, `user`, `type`, COUNT(`type`) AS `version` FROM `documents` WHERE `team` = ? AND `tournament` != ? GROUP BY `user`, `type` ORDER BY `user`, `type` ASC, MAX(`uploaded_at`) DESC;");
$documents_final_req->execute([$team_data["id"], $_SESSION["final_id"]]);
$documents_final_req->execute([$team->getId(), $_SESSION["final"]->getId()]);
}
$tournament = Tournament::fromId($team->getTournamentId());
require_once "../views/header.php";
require_once "../views/equipe.php";
require_once "../views/footer.php";

16
server_files/controllers/informations.php
View File

@ -2,20 +2,22 @@
require_once "../config.php";
if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ORGANIZER" && $_SESSION["role"] != "ADMIN") {
if (!isset($_SESSION["role"]))
require_once "../403.php";
}
$id = $_GET["id"];
$user_data = $DB->query("SELECT * FROM `users` WHERE `id` = $id;")->fetch();
$user = User::fromId($id);
if ($user_data === false) {
if ($_SESSION["role"] != Role::ORGANIZER && $_SESSION["role"] != Role::ADMIN) {
if ($user->getId() != $_SESSION["user_id"] && ($user->getTeamId() == null || $user->getTeamId() != $_SESSION["user"]->getTeamId()))
require_once "../403.php";
}
if ($user === null) {
require_once "../404.php";
}
$team_data = false;
if ($user_data["team_id"] !== NULL)
$team_data = $DB->query("SELECT `name`, `trigram` FROM `teams` WHERE `id` = " . $user_data["team_id"] . ";")->fetch();
$team = Team::fromId($user->getTeamId());
$documents_req = $DB->query("SELECT * FROM `documents` WHERE `user` = $id;");
$tournaments_req = $DB->query("SELECT `tournament`, `name` FROM `organizers` JOIN `tournaments` ON `tournaments`.`id` = `tournament` WHERE `organizer` = $id ORDER BY `date_start`, `name`;");

64
server_files/controllers/mon_compte.php
View File

@ -8,102 +8,96 @@ if (isset($_POST["submitted"])) {
$error_message = updatePassword();
}
if (isset($_SESSION["user_id"])) {
$result = $DB->query("SELECT * FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "';");
$user_data = $result->fetch();
}
else
if (!isset($_SESSION["user_id"]))
require_once "../403.php";
/** @var User $user */
$user = $_SESSION["user"];
function updateAccount()
{
global $DB, $URL_BASE, $MAIL_ADDRESS;
if (!isset($_SESSION["user_id"]))
return "Vous n'êtes pas connecté.";
$ID = $_SESSION["user_id"];
global $URL_BASE, $MAIL_ADDRESS, $user;
$surname = htmlspecialchars($_POST["surname"]);
if (isset($surname) && $surname != "")
$DB->prepare("UPDATE `users` SET `surname` = ? WHERE `id` = ?;")->execute([$surname, $ID]);
$user->setSurname($surname);
$first_name = htmlspecialchars($_POST["firstname"]);
if (isset($first_name) && $first_name != "")
$DB->prepare("UPDATE `users` SET `first_name` = ? WHERE `id` = ?;")->execute([$first_name, $ID]);
$user->setFirstName($first_name);
$birth_date = htmlspecialchars($_POST["birth_date"]);
if (isset($birth_date) && $birth_date != "")
$DB->prepare("UPDATE `users` SET `birth_date` = ? WHERE `id` = ?;")->execute([$birth_date, $ID]);
$user->setBirthDate($birth_date);
if (isset($_POST["gender"])) {
$gender = htmlspecialchars($_POST["gender"]);
if (isset($gender) && ($gender == "M" || $gender == "F"))
$DB->prepare("UPDATE `users` SET `gender` = ? WHERE `id` = ?;")->execute([$gender, $ID]);
$user->setGender($gender);
}
$address = htmlspecialchars($_POST["address"]);
if (isset($address) && $address != "")
$DB->prepare("UPDATE `users` SET `address` = ? WHERE `id` = ?;")->execute([$address, $ID]);
$user->setAddress($address);
$postal_code = htmlspecialchars($_POST["postal_code"]);
if (isset($postal_code) && $postal_code != "")
$DB->prepare("UPDATE `users` SET `postal_code` = ? WHERE `id` = ?;")->execute([$postal_code, $ID]);
$user->setPostalCode($postal_code);
$city = htmlspecialchars($_POST["city"]);
if (isset($city) && $city != "")
$DB->prepare("UPDATE `users` SET `city` = ? WHERE `id` = ?;")->execute([$city, $ID]);
$user->setCity($city);
$country = htmlspecialchars($_POST["country"]);
if (isset($country) && $country != "")
$DB->prepare("UPDATE `users` SET `country` = ? WHERE `id` = ?;")->execute([$country, $ID]);
$user->setCountry($country);
$phone_number = htmlspecialchars($_POST["phone_number"]);
if (isset($phone_number) && $phone_number != "")
$DB->prepare("UPDATE `users` SET `phone_number` = ? WHERE `id` = ?;")->execute([$phone_number, $ID]);
$user->setPhoneNumber($phone_number);
if (isset($_POST["school"])) {
$school = htmlspecialchars($_POST["school"]);
if (isset($school) && $school != "")
$DB->prepare("UPDATE `users` SET `school` = ? WHERE `id` = ?;")->execute([$school, $ID]);
$user->setSchool($school);
}
if (isset($_POST["class"])) {
$class = htmlspecialchars($_POST["class"]);
if (isset($class) && ($class == "terminale" || $class == "premiere" || $class == "seconde"))
$DB->prepare("UPDATE `users` SET `class` = ? WHERE `id` = ?;")->execute([strtoupper($class), $ID]);
$user->setClass($class);
}
if (isset($_POST["responsible_name"])) {
$responsible_name = htmlspecialchars($_POST["responsible_name"]);
if (isset($responsible_name) && $responsible_name != "")
$DB->prepare("UPDATE `users` SET `responsible_name` = ? WHERE `id` = ?;")->execute([$responsible_name, $ID]);
$user->setResponsibleName($responsible_name);
}
if (isset($_POST["responsible_phone"])) {
$responsible_phone = htmlspecialchars($_POST["responsible_phone"]);
if (isset($responsible_phone) && $responsible_phone != "")
$DB->prepare("UPDATE `users` SET `responsible_phone` = ? WHERE `id` = ?;")->execute([$responsible_phone, $ID]);
$user->setResponsiblePhone($responsible_phone);
}
if (isset($_POST["responsible_email"])) {
$responsible_email = htmlspecialchars($_POST["responsible_email"]);
if (isset($responsible_email) && $responsible_email != "")
$DB->prepare("UPDATE `users` SET `responsible_email` = ? WHERE `id` = ?;")->execute([$responsible_email, $ID]);
$user->setResponsibleEmail($responsible_email);
}
if (isset($_POST["description"])) {
$description = htmlspecialchars($_POST["description"]);
if (isset($description) && $description != "")
$DB->prepare("UPDATE `users` SET `description` = ? WHERE `id` = ?;")->execute([$description, $ID]);
$user->setDescription($description);
}
$email = htmlspecialchars($_POST["email"]);
if (isset($email) && $email != "" && filter_var($email, FILTER_VALIDATE_EMAIL)) {
$confirm_email_uid = uniqid();
$DB->prepare("UPDATE `users` SET `email` = ?, `confirm_email` = ? WHERE `id` = ?;")->execute([$email, $confirm_email_uid, $ID]);
$confirm_email_token = uniqid();
$user->setConfirmEmailToken($confirm_email_token);
$msg = "Vous venez de changer votre adresse mail. Veuillez désormais confirmer votre adresse mail en cliquant ici : $URL_BASE/confirmer_mail/$confirm_email_uid";
$msg = "Vous venez de changer votre adresse mail. Veuillez désormais confirmer votre adresse mail en cliquant ici : $URL_BASE/confirmer_mail/$confirm_email_token";
mail($email, "Changement d'adresse mail - TFJM²", $msg, "From: $MAIL_ADDRESS\r\n");
}
@ -112,17 +106,13 @@ function updateAccount()
function updatePassword()
{
global $DB, $YEAR;
global $user;
$old = htmlspecialchars($_POST["old_password"]);
$new = htmlspecialchars($_POST["new_password"]);
$confirm = htmlspecialchars($_POST["confirm_password"]);
$result = $DB->query("SELECT `pwd_hash` FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "' AND `year` = '$YEAR';");
if (($data = $result->fetch()) === FALSE)
return "Le compte n'existe pas.";
if (!password_verify($old, $data["pwd_hash"]))
if (!$user->checkPassword($old))
return "L'ancien mot de passe est incorrect.";
if (strlen($new) < 8)
@ -131,9 +121,7 @@ function updatePassword()
if ($new != $confirm)
return "Les deux mots de passe sont différents.";
$hash = password_hash($new, PASSWORD_BCRYPT);
$DB->prepare("UPDATE `users` SET `pwd_hash` = ? WHERE `id` = ?;")->execute([$hash, $_SESSION["user_id"]]);
$user->setPassword($new);
return false;
}

78
server_files/controllers/mon_equipe.php
View File

@ -4,6 +4,7 @@ require_once "../config.php";
if (isset($_POST["leave_team"])) {
quitTeam();
exit();
}
$tournaments_response = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `year` = '$YEAR';");
@ -15,20 +16,18 @@ if (isset($_POST["send_document"])) {
if (isset($_POST["request_validation"])) {
if (!checkCanValidate())
$error_message = "Votre équipe ne peut pas demander la validation : il manque soit des participants, soit des documents.";
else {
$DB->exec("UPDATE `teams` SET `validation_status` = 'WAITING' WHERE `id` = " . $_SESSION["team_id"] . ";");
$_SESSION["team_validation_status"] = "WAITING";
}
else
$_SESSION["team"]->setValidationStatus(ValidationStatus::WAITING);
}
if (isset($_SESSION["user_id"]) && isset($_SESSION["team_id"])) {
$result = $DB->query("SELECT * FROM `teams` WHERE `id` = '" . $_SESSION["team_id"] . "' AND `year` = '$YEAR';");
$team_data = $result->fetch();
$tournament_data = $DB->query("SELECT `name`, `date_start` FROM `tournaments` WHERE `id` = '" . $team_data["tournament"] . "' AND `year` = '$YEAR';")->fetch();
if (isset($_SESSION["user_id"]) && isset($_SESSION["team"]) && $_SESSION["team"] !== null) {
/** @var Team $team */
$team = $_SESSION["team"];
$tournament = Tournament::fromId($team->getTournamentId());
$documents_req = $DB->prepare("SELECT `file_id`, `type`, COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `tournament` = ? GROUP BY `type`, `uploaded_at` ORDER BY `type`, `uploaded_at` DESC;");
$documents_req->execute([$_SESSION["user_id"], $_SESSION[isset($_SESSION["final_id"]) ? "final_id" : "tournament_id"]]);
$documents_req->execute([$_SESSION["user_id"], $_SESSION[$team->isSelectedForFinal() ? $_SESSION["final"]->getId() : $tournament->getId()]]);
}
else
require_once "../403.php";
@ -77,39 +76,35 @@ function sendDocument()
function updateTeam()
{
global $DB, $YEAR, $URL_BASE, $team_data;
if ($_SESSION["team_id"] == NULL)
return "Vous n'êtes pas dans une équipe.";
global $DB, $YEAR, $URL_BASE, $team;
$name = htmlspecialchars($_POST["name"]);
if (!isset($name) || $name == "")
return "Vous devez spécifier un nom d'équipe.";
echo $team_data["id"];
$result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `id` != " . $team_data["id"] . " AND `year` = '$YEAR';");
$result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `id` != " . $team->getId() . " AND `year` = '$YEAR';");
if ($result->fetch())
return "Une équipe existe déjà avec ce nom." . $team_data["id"];
return "Une équipe existe déjà avec ce nom.";
$trigram = strtoupper(htmlspecialchars($_POST["trigram"]));
if (!preg_match("#^[A-Z][A-Z][A-Z]$#", $trigram))
return "Le trigramme entré n'est pas valide.";
$result = $DB->query("SELECT `id` FROM `teams` WHERE `trigram` = '" . $trigram . "' AND `id` != '" . $team_data["id"] . "' AND `year` = '$YEAR';");
$result = $DB->query("SELECT `id` FROM `teams` WHERE `trigram` = '" . $trigram . "' AND `id` != '" . $team->getId() . "' AND `year` = '$YEAR';");
if ($result->fetch())
return "Une équipe a déjà choisi ce trigramme.";
$tournament_id = intval(htmlspecialchars($_POST["tournament"]));
$result = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `id` = '" . $tournament_id . "' AND `year` = '$YEAR';");
$data = $result->fetch();
if ($data === FALSE)
$tournament = Tournament::fromId($tournament_id);
if ($tournament === null)
return "Le tournoi spécifié n'existe pas.";
$req = $DB->prepare("UPDATE `teams` SET `name` = ?, `trigram` = ?, `tournament` = ? WHERE `id` = ?;");
$req->execute([$name, $trigram, $tournament_id, $team_data["id"]]);
$team->setName($name);
$team->setTrigram($trigram);
$team->setTournamentId($tournament_id);
$_SESSION["tournament"] = $tournament;
header("Location: $URL_BASE/mon_equipe");
@ -118,42 +113,43 @@ function updateTeam()
function checkCanValidate()
{
global $DB, $team_data, $tournament_data, $YEAR;
$can_validate = $team_data["validation_status"] == "NOT_READY";
$can_validate &= $team_data["encadrant_1"] != NULL;
$can_validate &= $team_data["participant_4"] != NULL;
global $DB, $team, $tournament, $YEAR;
$can_validate = $team->getValidationStatus() == ValidationStatus::NOT_READY;
$can_validate &= $team->getEncadrants()[0] != NULL;
$can_validate &= $team->getParticipants()[3] != NULL;
for ($i = 1; $i <= 2; ++$i) {
if ($team_data["encadrant_$i"] === NULL)
if ($team->getEncadrants()[$i - 1] === NULL)
continue;
$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
$req->execute([$team_data["encadrant_$i"], "PHOTO_CONSENT"]);
$req->execute([$team->getEncadrants()[$i - 1], "PHOTO_CONSENT"]);
$d = $req->fetch();
$can_validate &= $d["version"] > 0;
$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
$req->execute([$team_data["encadrant_$i"], "SANITARY_PLUG"]);
$req->execute([$team->getEncadrants()[$i - 1], "SANITARY_PLUG"]);
$d = $req->fetch();
$can_validate &= $d["version"] > 0;
}
for ($i = 1; $i <= 6; ++$i) {
if ($team_data["participant_$i"] === NULL)
if ($team->getParticipants()[$i] === NULL)
continue;
$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
$req->execute([$team_data["participant_$i"], "PHOTO_CONSENT"]);
$req->execute([$team->getParticipants()[$i], "PHOTO_CONSENT"]);
$d = $req->fetch();
$can_validate &= $d["version"] > 0;
$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
$req->execute([$team_data["participant_$i"], "SANITARY_PLUG"]);
$req->execute([$team->getParticipants()[$i], "SANITARY_PLUG"]);
$d = $req->fetch();
$can_validate &= $d["version"] > 0;
$birth_date = $DB->query("SELECT `birth_date` FROM `users` WHERE `id` = " . $team_data["participant_$i"] . ";")->fetch()["birth_date"];
if ($birth_date > strval($YEAR - 18) . substr($tournament_data["date_start"], 4)) {
$birth_date = $DB->query("SELECT `birth_date` FROM `users` WHERE `id` = " . $team->getParticipants()[$i] . ";")->fetch()["birth_date"];
if ($birth_date > strval($YEAR - 18) . substr($tournament->getStartDate(), 4)) {
$req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;");
$req->execute([$team_data["participant_$i"], "PARENTAL_CONSENT"]);
$req->execute([$team->getParticipants()[$i], "PARENTAL_CONSENT"]);
$d = $req->fetch();
$can_validate &= $d["version"] > 0;
}

48
server_files/controllers/rejoindre_equipe.php
View File

@ -2,48 +2,50 @@
require_once "../config.php";
if (isset($_SESSION["team"]) || !isset($_SESSION["user"]) || ($_SESSION["role"] != Role::PARTICIPANT && $_SESSION["role"] != Role::ENCADRANT))
require_once "../403.php";
if (isset($_POST["submitted"])) {
$error_message = joinTeam();
}
function joinTeam() {
global $DB, $YEAR, $MAIL_ADDRESS, $access_code, $data;
if ($_SESSION["team_id"] != NULL)
return "Vous êtes déjà dans une équipe.";
global $YEAR, $MAIL_ADDRESS, $access_code;
$access_code = htmlspecialchars($_POST["access_code"]);
if (!isset($access_code) || strlen($access_code) != 6)
return "Le code d'accès doit comporter 6 caractères.";
$result = $DB->query("SELECT * FROM `teams` WHERE `access_code` = '" . $access_code . "' AND `year` = '$YEAR';");
if (($data = $result->fetch()) === FALSE)
return "Ce code d'accès est invalide.";
if ($_SESSION["role"] != "PARTICIPANT" && $_SESSION["role"] != "ENCADRANT")
return "Seuls les participants et les encadrants peuvent rejoindre une équipe.";
if ($data["validation_status"] != "NOT_READY")
/** @var User $user */
$user = $_SESSION["user"];
$team = Team::fromAccessCode($access_code);
if ($team === null)
return "Ce code d'accès est invalide.";
if ($team->getValidationStatus() != ValidationStatus::NOT_READY)
return "Cette équipe est déjà en cours de validation ou validée, vous ne pouvez pas la rejoindre.";
for ($i = 1; $i <= $_SESSION["role"] == "PARTICIPANT" ? 6 : 2; ++$i) {
if ($data[strtolower($_SESSION["role"]) . "_" . strval($i)] == NULL)
for ($i = 1; $i <= $_SESSION["role"] == Role::PARTICIPANT ? 6 : 2; ++$i) {
if (($_SESSION["role"] == Role::PARTICIPANT ? $team->getParticipants()[$i - 1] : $team->getEncadrants()[$i - 1]) == NULL)
break;
}
if ($_SESSION["role"] == "PARTICIPANT" && $i == 7 || $_SESSION["role"] == "ENCADRANT" && $i == 3)
if ($_SESSION["role"] == Role::PARTICIPANT && $i == 7 || $_SESSION["role"] == Role::ENCADRANT && $i == 3)
return "Il n'y a plus de place pour vous dans l'équipe.";
$DB->prepare("UPDATE `users` SET `team_id` = ? WHERE `id` = " . $_SESSION["user_id"] . ";")->execute([$data["id"]]);
/** @noinspection SqlResolve */
$DB->prepare("UPDATE `teams` SET `" . strtolower($_SESSION["role"]) . "_" . strval($i) . "` = ? WHERE `id` = " . $data["id"] . ";")->execute([$_SESSION["user_id"]]);
$_SESSION["team_id"] = $data["id"];
$_SESSION["team_validation_status"] = $data["validation_status"];
$user->setTeamId($team->getId());
$msg = "Bonjour " . $_SESSION["first_name"] . " " . $_SESSION["surname"] . ",\r\n\r\n";
$msg .= "Vous venez de rejoindre l'équipe « " . $data["name"] . " » (" . $data["trigram"] . ") pour le TFJM² de " . $data["name"] . " et nous vous en remercions.\r\n\r\n";
if ($_SESSION["role"] == Role::ENCADRANT)
$team->setEncadrant($i, $user->getId());
else
$team->setParticipant($i, $user->getId());
$_SESSION["team"] = $team;
$tournament = $_SESSION["tournament"] = Tournament::fromId($team->getTournamentId());
$msg = "Bonjour " . $user->getFirstName() . " " . $user->getSurname() . ",\r\n\r\n";
$msg .= "Vous venez de rejoindre l'équipe « " . $team->getName() . " » (" . $team->getTrigram() . ") pour le TFJM² de " . $tournament->getId() . " et nous vous en remercions.\r\n\r\n";
$msg .= "Cordialement,\r\n\r\nL'organisation du TFJM² $YEAR";
mail($_SESSION["email"], "Équipe rejointe TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n");

23
server_files/controllers/solutions_orga.php
View File

@ -2,17 +2,19 @@
require_once "../config.php";
if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ADMIN" && $_SESSION["role"] != "ORGANIZER")
if (!isset($_SESSION["role"]) || $_SESSION["role"] != Role::ADMIN && $_SESSION["role"] != Role::ORGANIZER)
require_once "../403.php";
/** @noinspection SqlAggregates */
$req = $DB->query("SELECT `tournaments`.`id`, `name` FROM `tournaments` JOIN `organizers` ON `tournament` = `tournaments`.`id` WHERE "
. ($_SESSION["role"] == "ADMIN" ? "" : "`organizer` = '" . $_SESSION["user_id"] . "' AND ")
. ($_SESSION["role"] == Role::ADMIN ? "" : "`organizer` = '" . $_SESSION["user_id"] . "' AND ")
. "`year` = $YEAR GROUP BY `tournament` ORDER BY `name`;");
if (isset($_POST["download_zip"])) {
$id = $_POST["tournament"];
$tournament_name = $_POST["tournament_name"];
$files_req = $DB->query("SELECT *, COUNT(`problem`) AS `version` FROM `solutions` WHERE `tournament` = '$id' GROUP BY `team`, `problem` ORDER BY `team`, `problem`, `uploaded_at` DESC;");
/** @noinspection SqlAggregates */
$files_req = $DB->query("SELECT *, COUNT(`problem`) AS `version` FROM `solutions` WHERE `tournament` = '$id' GROUP BY `team`, `problem` ORDER BY `team`, `problem`, `uploaded_at` DESC;");
$zip = new ZipArchive();
@ -27,9 +29,9 @@ if (isset($_POST["download_zip"])) {
$problem = $data_file["problem"];
$version = $data_file["version"];
$team_id = $data_file["team"];
$team_data = $DB->query("SELECT `name`, `trigram` FROM `teams` WHERE `id` = '$team_id' AND `year` = $YEAR;")->fetch();
$team_name = $team_data["name"];
$team_trigram = $team_data["trigram"];
$team = Team::fromId($team_id);
$team_name = $team->getName();
$team_trigram = $team->getTrigram();
$zip->addFile("$LOCAL_PATH/files/$file_id", "Problème $problem $team_trigram.pdf");
}
@ -50,15 +52,16 @@ require_once "../views/header.php";
while (($data_tournament = $req->fetch()) !== false) {
echo "<h1>Tournoi de " . $data_tournament["name"] . "</h1>\n";
$id = $data_tournament["id"];
$files_req = $DB->query("SELECT *, COUNT(`problem`) AS `version` FROM `solutions` WHERE `tournament` = '$id' GROUP BY `team` ORDER BY `team`, `problem`, `uploaded_at` DESC;");
/** @noinspection SqlAggregates */
$files_req = $DB->query("SELECT *, COUNT(`problem`) AS `version` FROM `solutions` WHERE `tournament` = '$id' GROUP BY `team` ORDER BY `team`, `problem`, `uploaded_at` DESC;");
while (($data_file = $files_req->fetch()) !== false) {
$file_id = $data_file["file_id"];
$problem = $data_file["problem"];
$version = $data_file["version"];
$team_id = $data_file["team"];
$team_data = $DB->query("SELECT `name`, `trigram` FROM `teams` WHERE `id` = '$team_id' AND `year` = $YEAR;")->fetch();
$team_name = $team_data["name"];
$team_trigram = $team_data["trigram"];
$team = Team::fromId($team_id);
$team_name = $team->getName();
$team_trigram = $team->getTrigram();
echo "Problème n°$problem de l'équipe $team_name ($team_trigram), version $version : <a href=\"$URL_BASE/file/$file_id\">Télécharger</a><br />";
}

23
server_files/controllers/syntheses_orga.php
View File

@ -1,14 +1,13 @@
<?php require_once "../config.php"; ?>
<?php require_once "../config.php";
<?php
if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ADMIN" && $_SESSION["role"] != "ORGANIZER")
if (!isset($_SESSION["role"]) || $_SESSION["role"] != Role::ADMIN && $_SESSION["role"] != Role::ORGANIZER)
require_once "../403.php";
if (isset($_POST["download_zip"])) {
$id = $_POST["tournament"];
$tournament_name = $_POST["tournament_name"];
$files_req = $DB->query("SELECT *, COUNT(`dest`) AS `version` FROM `syntheses` WHERE `tournament` = '$id' GROUP BY `team`, `dest`, `uploaded_at` ORDER BY `team`, `dest`, `uploaded_at` DESC;");
/** @noinspection SqlAggregates */
$files_req = $DB->query("SELECT *, COUNT(`dest`) AS `version` FROM `syntheses` WHERE `tournament` = '$id' GROUP BY `team`, `dest` ORDER BY `team`, `dest`, `uploaded_at` DESC;");
$zip = new ZipArchive();
@ -23,9 +22,9 @@ if (isset($_POST["download_zip"])) {
$dest = $data_file["dest"];
$version = $data_file["version"];
$team_id = $data_file["team"];
$team_data = $DB->query("SELECT `name`, `trigram` FROM `teams` WHERE `id` = '$team_id' AND `year` = $YEAR;")->fetch();
$team_name = $team_data["name"];
$team_trigram = $team_data["trigram"];
$team = Team::fromId($team_id);
$team_name = $team->getName();
$team_trigram = $team->getTrigram();
$zip->addFile("$LOCAL_PATH/files/$file_id", "Note de synthèse $team_trigram pour " . ($dest == "OPPOSANT" ? "l'opposant" : "le rapporteur") . ".pdf");
}
@ -44,7 +43,7 @@ if (isset($_POST["download_zip"])) {
require_once "../views/header.php";
$req = $DB->query("SELECT `tournaments`.`id`, `name` FROM `tournaments` JOIN `organizers` ON `tournament` = `tournaments`.`id` WHERE "
. ($_SESSION["role"] == "ADMIN" ? "" : "`organizer` = '" . $_SESSION["user_id"] . "' AND ")
. ($_SESSION["role"] == Role::ADMIN ? "" : "`organizer` = '" . $_SESSION["user_id"] . "' AND ")
. "`year` = $YEAR GROUP BY `tournament`, `name` ORDER BY `name`;");
while (($data_tournament = $req->fetch()) !== false) {
@ -56,9 +55,9 @@ while (($data_tournament = $req->fetch()) !== false) {
$dest = $data_file["dest"];
$version = $data_file["version"];
$team_id = $data_file["team"];
$team_data = $DB->query("SELECT `name`, `trigram` FROM `teams` WHERE `id` = '$team_id' AND `year` = $YEAR;")->fetch();
$team_name = $team_data["name"];
$team_trigram = $team_data["trigram"];
$team = Team::fromId($team_id);
$team_name = $team->getName();
$team_trigram = $team->getTrigram();
echo "Note de synthèse de l'équipe $team_name ($team_trigram) pour " . ($dest == "OPPOSANT" ? "l'opposant" : "le rapporteur")
. ", version $version : <a href=\"$URL_BASE/file/$file_id\">Télécharger</a><br />";
}

43
server_files/controllers/tournoi.php
View File

@ -4,61 +4,56 @@ require_once "../config.php";
$tournament_name = htmlspecialchars($_GET["nom"]);
$response = $DB->prepare("SELECT * FROM `tournaments` WHERE `name` = ? AND `year` = $YEAR;");
$response->execute([$tournament_name]);
$data = $response->fetch();
$tournament = Tournament::fromName($tournament_name);
if ($data === false)
if ($tournament === null)
require_once "../404.php";
$orgas_req = $DB->query("SELECT `users`.`id` AS `id`, `surname`, `first_name` FROM `users` JOIN `organizers` ON `users`.`id` = `organizer` WHERE `tournament` = " . $data["id"] . ";");
$orgas_req = $DB->query("SELECT `users`.`id` AS `id` FROM `users` JOIN `organizers` ON `users`.`id` = `organizer` WHERE `tournament` = " . $tournament->getId() . ";");
$orgas = [];
$orgas_id = [];
while (($orga_data = $orgas_req->fetch()) !== false) {
$orgas[] = $orga_data["first_name"] . " " . $orga_data["surname"];
$orgas[] = User::fromId($orga_data["id"]);
$orgas_id[] = $orga_data["id"];
}
if (isset($_GET["modifier"]) && $_SESSION["role"] != "ADMIN" && !in_array($_SESSION["user_id"], $orgas_id))
if (isset($_GET["modifier"]) && $_SESSION["role"] != Role::ADMIN && !in_array($_SESSION["user_id"], $orgas_id))
require_once "../403.php";
if (isset($_POST["edit_tournament"])) {
$error_message = updateTournament();
}
if ($data["final"])
if ($tournament->isFinal())
$teams_response = $DB->query("SELECT `id`, `name`, `trigram`, `inscription_date`, `validation_status` FROM `teams` WHERE `final_selection` AND `year` = $YEAR;");
else
$teams_response = $DB->query("SELECT `id`, `name`, `trigram`, `inscription_date`, `validation_status` FROM `teams` WHERE `tournament` = " . $data["id"] . " AND `year` = $YEAR;");
$teams_response = $DB->query("SELECT `id`, `name`, `trigram`, `inscription_date`, `validation_status` FROM `teams` WHERE `tournament` = " . $tournament->getId() . " AND `year` = $YEAR;");
$orgas_response = $DB->query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE (`role` = 'ORGANIZER' OR `role` = 'ADMIN') AND `year` = '$YEAR';");
function updateTournament() {
global $DB, $URL_BASE, $YEAR, $data;
$tournament_id = $data["id"];
global $DB, $URL_BASE, $YEAR, $tournament;
$name = htmlspecialchars($_POST["name"]);
$result = $DB->query("SELECT `id` FROM `tournaments` WHERE `name` = '" . $name . "' AND `id` != $tournament_id AND `year` = '$YEAR';");
$result = $DB->query("SELECT `id` FROM `tournaments` WHERE `name` = '" . $name . "' AND `id` != " . $tournament->getId() . " AND `year` = '$YEAR';");
if ($result->fetch())
return "Un tournoi existe déjà avec ce nom.";
if (!isset($_POST["organizer"]) || sizeof($_POST["organizer"]) == 0)
return "Aucun organisateur n'a été choisi.";
if ($_SESSION["role"] == "ADMIN") {
if ($_SESSION["role"] == Role::ADMIN) {
$organizers = $_POST["organizer"];
$orga_mails = [];
foreach ($organizers as $orga) {
$result = $DB->query("SELECT `role`, `email` FROM `users` WHERE `id` = '" . $orga . "' AND `year` = '$YEAR';");
$data = $result->fetch();
if ($data === FALSE)
foreach ($organizers as $orga_id) {
$orga = User::fromId($orga_id);
if ($orga === null)
return "L'organisateur spécifié n'existe pas.";
if ($data["role"] != "ORGANIZER" && $data["role"] != "ADMIN")
if ($orga->getRole() != Role::ORGANIZER && $orga->getRole() != Role::ADMIN)
return "L'organisateur indiqué ne peut pas organiser de tournoi.";
$orga_mails[] = $data["email"];
$orga_mails[] = $orga->getEmail();
}
}
@ -112,15 +107,15 @@ function updateTournament() {
$req = $DB->prepare("UPDATE `tournaments` SET `name` = ?, `size` = ?, `place` = ?, `price` = ?, `description` = ?,
`date_start` = ?, `date_end` = ?, `date_inscription` = ?, `date_solutions` = ?, `date_syntheses` = ?
WHERE `id` = $tournament_id;");
WHERE `id` = " . $tournament->getId() . ";");
$req->execute([$name, $size, $place, $price, $description, $date_start, $date_end,
"$date_inscription $time_inscription", "$date_solutions $time_solutions", "$date_syntheses $time_syntheses"]);
if ($_SESSION["role"] == "ADMIN") {
$DB->exec("DELETE FROM `organizers` WHERE `tournament` = $tournament_id;");
if ($_SESSION["role"] == Role::ADMIN) {
$DB->exec("DELETE FROM `organizers` WHERE `tournament` = " . $tournament->getId() . ";");
foreach ($organizers as $orga) {
$req = $DB->prepare("INSERT INTO `organizers`(`organizer`, `tournament`) VALUES(?, ?);");
$req->execute([$orga, $tournament_id]);
$req->execute([$orga->getId(), $tournament->getId()]);
}
}

6
server_files/controllers/view_file.php
View File

@ -23,9 +23,9 @@ if (($data = $req->fetch()) === false) {
}
if ($data !== false) {
$team_data = $DB->query("SELECT `trigram` FROM `teams` WHERE `id` = " . $data["team"] . ";")->fetch();
$tournament_data = $DB->query("SELECT `name` FROM `tournaments` WHERE `id` = " . $data["tournament"] . ";")->fetch();
$trigram = $team_data["trigram"];
$team = Team::fromId($data["team"]);
$tournament = Tournament::fromId($data["tournament"]);
$trigram = $team->getTrigram();
if ($type == "SOLUTION") {
$problem = $data["problem"];
$name = "Problème $problem $trigram.pdf";