From c2eba2bb2e3b4c78d9210fc48728177925725816 Mon Sep 17 00:00:00 2001
From: Yohann <yohann.danello@gmail.com>
Date: Mon, 2 Sep 2019 19:45:28 +0200
Subject: [PATCH] Ajout d'une page de visualisation des informations
 personnelles des participants

---
 .htaccess                     |  1 +
 server_files/equipe.php       | 12 +++--
 server_files/informations.php | 94 +++++++++++++++++++++++++++++++++++
 3 files changed, 102 insertions(+), 5 deletions(-)
 create mode 100644 server_files/informations.php

diff --git a/.htaccess b/.htaccess
index 48a8884..5c45ecf 100644
--- a/.htaccess
+++ b/.htaccess
@@ -18,6 +18,7 @@ RewriteRule ^connexion/(.*?)$ server_files/connexion.php?$1 [L]
 RewriteRule ^deconnexion$ server_files/deconnexion.php [L]
 RewriteRule ^equipe/(.*?)$ server_files/equipe.php?trigram=$1 [L]
 RewriteRule ^file/(.*?)$ server_files/view_file.php?file_id=$1 [L]
+RewriteRule ^informations/(.*?)/.*?$ server_files/informations.php?id=$1 [L]
 RewriteRule ^inscription$ server_files/inscription.php [L]
 RewriteRule ^mon_compte$ server_files/mon_compte.php [L]
 RewriteRule ^mon_equipe/(.*?)$ server_files/mon_equipe.php?$1 [L]
diff --git a/server_files/equipe.php b/server_files/equipe.php
index 73d2993..6e70360 100644
--- a/server_files/equipe.php
+++ b/server_files/equipe.php
@@ -12,7 +12,7 @@ $team_data = $DB->query("SELECT * FROM `teams` WHERE `trigram` = '$trigram' AND
 
 $tournament_data = $DB->query("SELECT `name`, `date_start` FROM `tournaments` WHERE `id` = '" . $team_data["tournament"] . "' AND `year` = '$YEAR';")->fetch();
 
-$documents_req = $DB->prepare("SELECT `file_id`, `user`, `type`, COUNT(`type`) AS `version` FROM `documents` WHERE `team` = ? GROUP BY `type` ORDER BY `user`, `type` ASC, `uploaded_at` DESC;");
+$documents_req = $DB->prepare("SELECT `file_id`, `user`, `type`, COUNT(`type`) AS `version` FROM `documents` WHERE `team` = ? GROUP BY `user`, `type` ORDER BY `user`, `type` ASC, MAX(`uploaded_at`) DESC;");
 $documents_req->execute([$team_data["id"]]);
 
 ?>
@@ -28,14 +28,16 @@ Tournoi : <?php echo $tournament_data["name"] ?><br />
 for ($i = 1; $i <= 2; ++$i) {
 	if ($team_data["encadrant_" . $i] == NULL)
 		continue;
-	$user_data = $DB->query("SELECT `surname`, `first_name` FROM `users` WHERE `id` = " . $team_data["encadrant_" . $i] . " AND `year` = '$YEAR';")->fetch();
-	echo "Encadrant $i : " . $user_data["first_name"] . " " . $user_data["surname"] . "<br />";
+	$user_data = $DB->query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE `id` = " . $team_data["encadrant_" . $i] . " AND `year` = '$YEAR';")->fetch();
+	$id = $user_data["id"];
+	echo "Encadrant $i : <a href=\"$URL_BASE/informations/$id/" . $user_data["first_name"] . " " . $user_data["surname"] . "\">" . $user_data["first_name"] . " " . $user_data["surname"] . "</a><br />";
 }
 for ($i = 1; $i <= 6; ++$i) {
 	if ($team_data["participant_" . $i] == NULL)
 		continue;
-	$user_data = $DB->query("SELECT `surname`, `first_name` FROM `users` WHERE `id` = " . $team_data["participant_" . $i] . " AND `year` = '$YEAR';")->fetch();
-	echo "Participant $i : " . $user_data["first_name"] . " " . $user_data["surname"] . "<br />";
+	$user_data = $DB->query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE `id` = " . $team_data["participant_" . $i] . " AND `year` = '$YEAR';")->fetch();
+	$id = $user_data["id"];
+	echo "Participant $i : <a href=\"$URL_BASE/informations/$id/" . $user_data["first_name"] . " " . $user_data["surname"] . "\">" . $user_data["first_name"] . " " . $user_data["surname"] . "</a><br />";
 }
 ?>
 
diff --git a/server_files/informations.php b/server_files/informations.php
new file mode 100644
index 0000000..c02d3d7
--- /dev/null
+++ b/server_files/informations.php
@@ -0,0 +1,94 @@
+<?php
+
+include "config.php";
+
+if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ORGANIZER" && $_SESSION["role"] != "ADMIN") {
+	include "../403.php";
+}
+
+$id = $_GET["id"];
+$user_data = $DB->query("SELECT * FROM `users` WHERE `id` = $id;")->fetch();
+
+if ($user_data === false) {
+	include "../404.php";
+}
+
+$team_data = false;
+if ($user_data["team_id"] !== NULL)
+	$team_data = $DB->query("SELECT `name`, `trigram` FROM `teams` WHERE `id` = " . $user_data["team_id"] . ";")->fetch();
+
+$documents_req = $DB->query("SELECT * FROM `documents` WHERE `user` = $id;");
+$tournaments_req = $DB->query("SELECT `tournament`, `name` FROM `organizers` JOIN `tournaments` ON `tournaments`.`id` = `tournament` WHERE `organizer` = $id ORDER BY `name`;");
+
+?>
+
+<?php include "header.php" ?>
+
+<h1><?= $user_data["first_name"] . " " . $user_data["surname"] ?></h1>
+
+<?php if ($user_data["role"] == "PARTICIPANT" || $user_data["role"] == "ENCADRANT") { ?>
+	Équipe : <?= $team_data === false ? "Pas d'équipe" : "<a href=\"$URL_BASE/equipe/" . $team_data["trigram"] . "\">" . $team_data["name"] . " (" . $team_data["trigram"] . ")</a>" ?><br />
+<?php } ?>
+Date de naissance : <?= echo_date($user_data["birth_date"]) ?><br />
+Sexe : <?= $user_data["gender"] == "M" ? "Masculin" : "Féminin" ?><br />
+Adresse : <?= $user_data["address"] . ", " . $user_data["postal_code"] . " " . $user_data["city"] . ($user_data["country"] == "France" ? "" : ", " . $user_data["country"]) ?><br />
+Adresse e-mail : <a href="mailto:<?= $user_data["email"] ?>"><?= $user_data["email"] ?></a><br />
+Numéro de téléphone : <?= $user_data["phone_number"] ?><br />
+
+<?php if ($user_data["role"] == "PARTICIPANT") { ?>
+	Lycée : <?= $user_data["school"] ?><br />
+	Classe : <?php switch ($user_data["class"]) {
+		case "TERMINALE":
+			echo "Terminale";
+			break;
+		case "PREMIERE":
+			echo "Première";
+			break;
+		case "SECONDE":
+			echo "Seconde ou avant";
+			break;
+		default:
+			echo "A hacké le site";
+			break;
+	}
+	?><br />
+	Nom du responsable légal : <?= $user_data["responsible_name"] ?><br />
+	Numéro de téléphone du responsable légal : <?= $user_data["responsible_phone"] ?><br />
+	Adresse e-mail du responsable légal : <a href="mailto:<?= $user_data["responsible_email"] ?>"><?= $user_data["responsible_email"] ?></a>
+<?php } else { ?>
+	Description : <?= $user_data["description"] ?><br />
+<?php }
+
+if ($user_data["role"] == "ADMIN" || $user_data["role"] == "ORGANIZER") {
+	while (($tournament_data = $tournaments_req->fetch()) !== false) {
+		echo "Organise le tournoi de <a href=\"$URL_BASE/tournoi/" . $tournament_data["name"] . "\">" . $tournament_data["name"] . "</a><br />";
+	}
+}
+elseif ($user_data["role"] == "PARTICIPANT" || $user_data["role"] == "ENCADRANT") { ?>
+	<hr />
+	<h2>Autorisations</h2>
+	<?php
+	while (($data = $documents_req->fetch()) !== false) {
+		$file_id = $data["file_id"];
+		$type = $data["type"];
+		$user_id = $data["user"];
+		$user_data = $DB->query("SELECT `surname`, `first_name` FROM `users` WHERE `id` = '$user_id';")->fetch();
+		$surname = $user_data["surname"];
+		$first_name = $user_data["first_name"];
+		$version = $data["version"];
+		switch ($data["type"]) {
+			case "PARENTAL_CONSENT":
+				$name = "Autorisation parentale";
+				break;
+			case "PHOTO_CONSENT":
+				$name = "Autorisation de droit à l'image";
+				break;
+			case "SANITARY_PLUG":
+				$name = "Fiche sanitaire";
+				break;
+		}
+		echo "$name de $first_name $surname : <a href=\"$URL_BASE/file/$file_id\">Télécharger</a><br />";
+	}
+} ?>
+
+<?php include "footer.php" ?>