ynerant
/
plateforme-tfjm2
mirror of https://gitlab.com/animath/si/plateforme.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Modification mineure

This commit is contained in:
galaxyoyo 2019-09-05 19:07:41 +02:00
parent 39abeec4e6
commit d2a0d0fbec
22 changed files with 621 additions and 621 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
server_files/403.php
View File

@ -1,12 +1,12 @@
<?php
include_once "config.php";
include_once "header.php";
require_once_once "config.php";
require_once_once "header.php";
http_response_code(403);
echo "<h1>Vous n'êtes pas autorisé à accéder à cette page.</h1>";
include "footer.php";
require_once "footer.php";
exit();

6
server_files/404.php
View File

@ -1,12 +1,12 @@
<?php
include_once "config.php";
include_once "header.php";
require_once_once "config.php";
require_once_once "header.php";
http_response_code(404);
echo "<h1>Cette page n'existe pas.</h1>";
include "footer.php";
require_once "footer.php";
exit();

254
server_files/ajouter_equipe.php
View File

@ -1,127 +1,127 @@
<?php
include 'config.php';
$tournaments_response = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `date_inscription` > CURRENT_DATE AND `year` = '$YEAR';");
if (isset($_POST["submitted"])) {
$error_message = registerTeam();
}
function registerTeam() {
global $DB, $YEAR, $MAIL_ADDRESS, $access_code;
if ($_SESSION["team_id"] != NULL)
return "Vous êtes déjà dans une équipe.";
$name = htmlspecialchars($_POST["name"]);
if (!isset($name) || $name == "")
return "Vous devez spécifier un nom d'équipe.";
$result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `year` = '$YEAR';");
if ($result->fetch())
return "Une équipe existe déjà avec ce nom.";
$trigram = strtoupper(htmlspecialchars($_POST["trigram"]));
if (!preg_match("#^[A-Z][A-Z][A-Z]$#", $trigram))
return "Le trigramme entré n'est pas valide.";
$result = $DB->query("SELECT `id` FROM `teams` WHERE `trigram` = '" . $trigram . "' AND `year` = '$YEAR';");
if ($result->fetch())
return "Une équipe a déjà choisi ce trigramme.";
$tournament_id = intval(htmlspecialchars($_POST["tournament"]));
$result = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `id` = '" . $tournament_id . "' AND `year` = '$YEAR';");
$data = $result->fetch();
if ($data === FALSE)
return "Le tournoi spécifié n'existe pas.";
$alphabet = "0123456789abcdefghijkmnopqrstuvwxyz0123456789";
$access_code = "";
for ($i = 0; $i < 6; ++$i)
$access_code .= $alphabet[rand(0, strlen($alphabet) - 1)];
$req = $DB->prepare("INSERT INTO `teams` (`name`, `trigram`, `tournament`, `encadrant_1`, `participant_1`, `validation_status`, `access_code`, `year`)
VALUES (?, ?, ?, ?, ?, ?, ?, ?);");
$req->execute([$name, $trigram, $tournament_id, $_SESSION["role"] == "ENCADRANT" ? $_SESSION["user_id"] : NULL,
$_SESSION["role"] == "PARTICIPANT" ? $_SESSION["user_id"] : NULL, "NOT_READY", $access_code, $YEAR]);
$result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `year` = '$YEAR';");
$data_team = $result->fetch();
$DB->prepare("UPDATE `users` SET `team_id` = ? WHERE `id` = " . $_SESSION["user_id"] . ";")->execute([$data_team["id"]]);
$msg = "Bonjour " . $_SESSION["first_name"] . " " . $_SESSION["surname"] . ",\r\n\r\n";
$msg .= "Vous venez de créer l'équipe « $name » ($trigram) pour le TFJM² de " . $data["name"] . " et nous vous en remercions. ";
$msg .= "Afin de permettre aux autres membres de votre équipe de vous rejoindre, veuillez leur transmettre le code d'accès : " . $access_code . "\r\n\r\n";
$msg .= "Cordialement,\r\n\r\nL'organisation du TFJM² $YEAR";
mail($_SESSION["email"], "Nouvelle équipe TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n");
return false;
}
?>
<?php include "header.php" ?>
<?php
if (!isset($_SESSION["role"]) or ($_SESSION["role"] != "PARTICIPANT" && $_SESSION["role"] != "ENCADRANT")) {
?>
<h2>Vous devez être participant ou encadrant pour pouvoir ajouter une équipe.</h2>
<?php } else if ($_SESSION["team_id"] != NULL) { ?>
<h2>Vous êtes déjà dans une équipe.</h2>
<?php } else if (isset($access_code)) { ?>
Votre équipe a bien été créée ! Voici le code d'accès à transmettre aux autres membres de votre équipe : <strong><?php echo $access_code ?></strong>
<?php } else { ?>
<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>
<form method="POST">
<input type="hidden" name="submitted" value="true" />
<table style="width: 100%;">
<tbody>
<tr>
<td style="width: 30%;">
<label for="name">Nom :</label>
</td>
<td style="width: 70%;">
<input style="width: 100%;" type="text" id="name" name="name" />
</td>
</tr>
<tr>
<td>
<label for="trigram">Trigramme :</label>
</td>
<td>
<input style="width: 100%;" type="text" id="trigram" name="trigram" />
</td>
</tr>
<tr>
<td>
<label for="tournament">Tournoi :</label>
</td>
<td>
<select style="width: 100%;" id="tournament" name="tournament">
<?php
while (($data = $tournaments_response->fetch()) !== FALSE) {
echo "<option value=\"" . $data["id"] . "\">" . $data["name"] . "</option>\n";
}
?>
</select>
</td>
</tr>
<tr>
<td colspan="2">
<input style="width: 100%;" type="submit" value="Ajouter une équipe" />
</td>
</tr>
</tbody>
</table>
</form>
<?php include "footer.php" ?>
<?php } ?>
<?php
require_once 'config.php';
$tournaments_response = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `date_inscription` > CURRENT_DATE AND `year` = '$YEAR';");
if (isset($_POST["submitted"])) {
$error_message = registerTeam();
}
function registerTeam() {
global $DB, $YEAR, $MAIL_ADDRESS, $access_code;
if ($_SESSION["team_id"] != NULL)
return "Vous êtes déjà dans une équipe.";
$name = htmlspecialchars($_POST["name"]);
if (!isset($name) || $name == "")
return "Vous devez spécifier un nom d'équipe.";
$result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `year` = '$YEAR';");
if ($result->fetch())
return "Une équipe existe déjà avec ce nom.";
$trigram = strtoupper(htmlspecialchars($_POST["trigram"]));
if (!preg_match("#^[A-Z][A-Z][A-Z]$#", $trigram))
return "Le trigramme entré n'est pas valide.";
$result = $DB->query("SELECT `id` FROM `teams` WHERE `trigram` = '" . $trigram . "' AND `year` = '$YEAR';");
if ($result->fetch())
return "Une équipe a déjà choisi ce trigramme.";
$tournament_id = intval(htmlspecialchars($_POST["tournament"]));
$result = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `id` = '" . $tournament_id . "' AND `year` = '$YEAR';");
$data = $result->fetch();
if ($data === FALSE)
return "Le tournoi spécifié n'existe pas.";
$alphabet = "0123456789abcdefghijkmnopqrstuvwxyz0123456789";
$access_code = "";
for ($i = 0; $i < 6; ++$i)
$access_code .= $alphabet[rand(0, strlen($alphabet) - 1)];
$req = $DB->prepare("INSERT INTO `teams` (`name`, `trigram`, `tournament`, `encadrant_1`, `participant_1`, `validation_status`, `access_code`, `year`)
VALUES (?, ?, ?, ?, ?, ?, ?, ?);");
$req->execute([$name, $trigram, $tournament_id, $_SESSION["role"] == "ENCADRANT" ? $_SESSION["user_id"] : NULL,
$_SESSION["role"] == "PARTICIPANT" ? $_SESSION["user_id"] : NULL, "NOT_READY", $access_code, $YEAR]);
$result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `year` = '$YEAR';");
$data_team = $result->fetch();
$DB->prepare("UPDATE `users` SET `team_id` = ? WHERE `id` = " . $_SESSION["user_id"] . ";")->execute([$data_team["id"]]);
$msg = "Bonjour " . $_SESSION["first_name"] . " " . $_SESSION["surname"] . ",\r\n\r\n";
$msg .= "Vous venez de créer l'équipe « $name » ($trigram) pour le TFJM² de " . $data["name"] . " et nous vous en remercions. ";
$msg .= "Afin de permettre aux autres membres de votre équipe de vous rejoindre, veuillez leur transmettre le code d'accès : " . $access_code . "\r\n\r\n";
$msg .= "Cordialement,\r\n\r\nL'organisation du TFJM² $YEAR";
mail($_SESSION["email"], "Nouvelle équipe TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n");
return false;
}
?>
<?php require_once "header.php" ?>
<?php
if (!isset($_SESSION["role"]) or ($_SESSION["role"] != "PARTICIPANT" && $_SESSION["role"] != "ENCADRANT")) {
?>
<h2>Vous devez être participant ou encadrant pour pouvoir ajouter une équipe.</h2>
<?php } else if ($_SESSION["team_id"] != NULL) { ?>
<h2>Vous êtes déjà dans une équipe.</h2>
<?php } else if (isset($access_code)) { ?>
Votre équipe a bien été créée ! Voici le code d'accès à transmettre aux autres membres de votre équipe : <strong><?php echo $access_code ?></strong>
<?php } else { ?>
<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>
<form method="POST">
<input type="hidden" name="submitted" value="true" />
<table style="width: 100%;">
<tbody>
<tr>
<td style="width: 30%;">
<label for="name">Nom :</label>
</td>
<td style="width: 70%;">
<input style="width: 100%;" type="text" id="name" name="name" />
</td>
</tr>
<tr>
<td>
<label for="trigram">Trigramme :</label>
</td>
<td>
<input style="width: 100%;" type="text" id="trigram" name="trigram" />
</td>
</tr>
<tr>
<td>
<label for="tournament">Tournoi :</label>
</td>
<td>
<select style="width: 100%;" id="tournament" name="tournament">
<?php
while (($data = $tournaments_response->fetch()) !== FALSE) {
echo "<option value=\"" . $data["id"] . "\">" . $data["name"] . "</option>\n";
}
?>
</select>
</td>
</tr>
<tr>
<td colspan="2">
<input style="width: 100%;" type="submit" value="Ajouter une équipe" />
</td>
</tr>
</tbody>
</table>
</form>
<?php require_once "footer.php" ?>
<?php } ?>

6
server_files/ajouter_organisateur.php
View File

@ -1,6 +1,6 @@
<?php
include 'config.php';
require_once 'config.php';
if (isset($_POST["submitted"])) {
$error_message = addOrganizer();
@ -57,7 +57,7 @@ function addOrganizer() {
?>
<?php include "header.php" ?>
<?php require_once "header.php" ?>
<?php
@ -119,6 +119,6 @@ if (!isset($_SESSION["role"]) or $_SESSION["role"] != "ADMIN") {
</table>
</form>
<?php include "footer.php" ?>
<?php require_once "footer.php" ?>
<?php } ?>

6
server_files/ajouter_tournoi.php
View File

@ -1,6 +1,6 @@
<?php
include 'config.php';
require_once 'config.php';
$orgas_response = $DB->query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE (`role` = 'ORGANIZER' OR `role` = 'ADMIN') AND `year` = '$YEAR';");
@ -108,7 +108,7 @@ function registerTournament() {
?>
<?php include "header.php" ?>
<?php require_once "header.php" ?>
<?php
@ -239,6 +239,6 @@ if (!isset($_SESSION["role"]) or $_SESSION["role"] != "ADMIN") {
</table>
</form>
<?php include "footer.php" ?>
<?php require_once "footer.php" ?>
<?php } ?>

6
server_files/confirmer_mail.php
View File

@ -1,6 +1,6 @@
<?php
include 'config.php';
require_once 'config.php';
$token = $_GET["token"];
@ -19,8 +19,8 @@ else {
?>
<?php include "header.php" ?>
<?php require_once "header.php" ?>
<h2><?php echo $error_message ?></h2>
<?php include "footer.php" ?>
<?php require_once "footer.php" ?>

6
server_files/connexion.php
View File

@ -1,6 +1,6 @@
<?php
include 'config.php';
require_once 'config.php';
if (isset($_POST["submitted"]) && !isset($_SESSION["user_id"])) {
$error_message = login();
@ -143,7 +143,7 @@ function sendConfirmEmail() {
?>
<?php include "header.php" ?>
<?php require_once "header.php" ?>
<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>
@ -238,6 +238,6 @@ else if (isset($_SESSION["user_id"])) { ?>
</form>
<?php } ?>
<?php include "footer.php" ?>
<?php require_once "footer.php" ?>
<?php } ?>

28
server_files/deconnexion.php
View File

@ -1,14 +1,14 @@
<?php
include 'config.php';
unset($_SESSION["user_id"]);
session_destroy();
?>
<?php include "header.php" ?>
<h2>Déconnexion réussie !</h2>
<?php include "footer.php" ?>
<?php
require_once 'config.php';
unset($_SESSION["user_id"]);
session_destroy();
?>
<?php require_once "header.php" ?>
<h2>Déconnexion réussie !</h2>
<?php require_once "footer.php" ?>

8
server_files/equipe.php
View File

@ -1,6 +1,6 @@
<?php
include "config.php";
require_once "config.php";
$trigram = htmlspecialchars($_GET["trigram"]);
@ -60,7 +60,7 @@ if (isset($_POST["select"])) {
}
if ($team_data === false)
include "404.php";
require_once "404.php";
$tournament_data = $DB->query("SELECT `name`, `date_start` FROM `tournaments` WHERE `id` = '" . $team_data["tournament"] . "' AND `year` = '$YEAR';")->fetch();
@ -74,7 +74,7 @@ if ($team_data["final_selection"]) {
?>
<?php include "header.php" ?>
<?php require_once "header.php" ?>
<h2>Informations sur l'équipe</h2>
@ -170,4 +170,4 @@ if (!$team_data["final_selection"]) { ?>
</form>
<?php } ?>
<?php include "footer.php" ?>
<?php require_once "footer.php" ?>

6
server_files/index.php
View File

@ -1,10 +1,10 @@
<?php
include 'config.php';
require_once 'config.php';
?>
<?php include "header.php" ?>
<?php require_once "header.php" ?>
<div class="container-fluid">
@ -111,4 +111,4 @@ include 'config.php';
</div>
<?php include "footer.php" ?>
<?php require_once "footer.php" ?>

10
server_files/informations.php
View File

@ -1,16 +1,16 @@
<?php
include "config.php";
require_once "config.php";
if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ORGANIZER" && $_SESSION["role"] != "ADMIN") {
include "403.php";
require_once "403.php";
}
$id = $_GET["id"];
$user_data = $DB->query("SELECT * FROM `users` WHERE `id` = $id;")->fetch();
if ($user_data === false) {
include "404.php";
require_once "404.php";
}
$team_data = false;
@ -22,7 +22,7 @@ $tournaments_req = $DB->query("SELECT `tournament`, `name` FROM `organizers` JOI
?>
<?php include "header.php" ?>
<?php require_once "header.php" ?>
<h1><?= $user_data["first_name"] . " " . $user_data["surname"] ?></h1>
@ -93,4 +93,4 @@ elseif ($user_data["role"] == "PARTICIPANT" || $user_data["role"] == "ENCADRANT"
}
} ?>
<?php include "footer.php" ?>
<?php require_once "footer.php" ?>

6
server_files/inscription.php
View File

@ -1,6 +1,6 @@
<?php
include 'config.php';
require_once 'config.php';
if (isset($_POST["submitted"])) {
$error_message = register();
@ -130,7 +130,7 @@ function register() {
?>
<?php include "header.php" ?>
<?php require_once "header.php" ?>
<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>
@ -276,6 +276,6 @@ function register() {
selectRole();
</script>
<?php include "footer.php" ?>
<?php require_once "footer.php" ?>
<?php } ?>

646
server_files/mon_compte.php
View File

@ -1,323 +1,323 @@
<?php
include 'config.php';
if (isset($_POST["submitted"])) {
$error_message = updateAccount();
} elseif (isset($_POST["submitted_password"])) {
$error_message = updatePassword();
}
if (isset($_SESSION["user_id"])) {
$result = $DB->query("SELECT * FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "';");
$user_data = $result->fetch();
}
function updateAccount()
{
global $DB, $URL_BASE, $MAIL_ADDRESS;
if (!isset($_SESSION["user_id"]))
return "Vous n'êtes pas connecté.";
$ID = $_SESSION["user_id"];
$surname = htmlspecialchars($_POST["surname"]);
if (isset($surname) && $surname != "")
$DB->prepare("UPDATE `users` SET `surname` = ? WHERE `id` = ?;")->execute([$surname, $ID]);
$first_name = htmlspecialchars($_POST["firstname"]);
if (isset($first_name) && $first_name != "")
$DB->prepare("UPDATE `users` SET `first_name` = ? WHERE `id` = ?;")->execute([$first_name, $ID]);
$birth_date = htmlspecialchars($_POST["birth_date"]);
if (isset($birth_date) && $birth_date != "")
$DB->prepare("UPDATE `users` SET `birth_date` = ? WHERE `id` = ?;")->execute([$birth_date, $ID]);
if (isset($_POST["gender"])) {
$gender = htmlspecialchars($_POST["gender"]);
if (isset($gender) && ($gender == "M" || $gender == "F"))
$DB->prepare("UPDATE `users` SET `gender` = ? WHERE `id` = ?;")->execute([$gender, $ID]);
}
$address = htmlspecialchars($_POST["address"]);
if (isset($address) && $address != "")
$DB->prepare("UPDATE `users` SET `address` = ? WHERE `id` = ?;")->execute([$address, $ID]);
$postal_code = htmlspecialchars($_POST["postal_code"]);
if (isset($postal_code) && $postal_code != "")
$DB->prepare("UPDATE `users` SET `postal_code` = ? WHERE `id` = ?;")->execute([$postal_code, $ID]);
$city = htmlspecialchars($_POST["city"]);
if (isset($city) && $city != "")
$DB->prepare("UPDATE `users` SET `city` = ? WHERE `id` = ?;")->execute([$city, $ID]);
$country = htmlspecialchars($_POST["country"]);
if (isset($country) && $country != "")
$DB->prepare("UPDATE `users` SET `country` = ? WHERE `id` = ?;")->execute([$country, $ID]);
$phone_number = htmlspecialchars($_POST["phone_number"]);
if (isset($phone_number) && $phone_number != "")
$DB->prepare("UPDATE `users` SET `phone_number` = ? WHERE `id` = ?;")->execute([$phone_number, $ID]);
if (isset($_POST["school"])) {
$school = htmlspecialchars($_POST["school"]);
if (isset($school) && $school != "")
$DB->prepare("UPDATE `users` SET `school` = ? WHERE `id` = ?;")->execute([$school, $ID]);
}
if (isset($_POST["class"])) {
$class = htmlspecialchars($_POST["class"]);
if (isset($class) && ($class == "terminale" || $class == "premiere" || $class == "seconde"))
$DB->prepare("UPDATE `users` SET `class` = ? WHERE `id` = ?;")->execute([strtoupper($class), $ID]);
}
if (isset($_POST["responsible_name"])) {
$responsible_name = htmlspecialchars($_POST["responsible_name"]);
if (isset($responsible_name) && $responsible_name != "")
$DB->prepare("UPDATE `users` SET `responsible_name` = ? WHERE `id` = ?;")->execute([$responsible_name, $ID]);
}
if (isset($_POST["responsible_phone"])) {
$responsible_phone = htmlspecialchars($_POST["responsible_phone"]);
if (isset($responsible_phone) && $responsible_phone != "")
$DB->prepare("UPDATE `users` SET `responsible_phone` = ? WHERE `id` = ?;")->execute([$responsible_phone, $ID]);
}
if (isset($_POST["responsible_email"])) {
$responsible_email = htmlspecialchars($_POST["responsible_email"]);
if (isset($responsible_email) && $responsible_email != "")
$DB->prepare("UPDATE `users` SET `responsible_email` = ? WHERE `id` = ?;")->execute([$responsible_email, $ID]);
}
if (isset($_POST["description"])) {
$description = htmlspecialchars($_POST["description"]);
if (isset($description) && $description != "")
$DB->prepare("UPDATE `users` SET `description` = ? WHERE `id` = ?;")->execute([$description, $ID]);
}
$email = htmlspecialchars($_POST["email"]);
if (isset($email) && $email != "" && filter_var($email, FILTER_VALIDATE_EMAIL)) {
$confirm_email_uid = uniqid();
$DB->prepare("UPDATE `users` SET `email` = ?, `confirm_email` = ? WHERE `id` = ?;")->execute([$email, $confirm_email_uid, $ID]);
$msg = "Vous venez de changer votre adresse mail. Veuillez désormais confirmer votre adresse mail en cliquant ici : $URL_BASE/confirmer_mail/$confirm_email_uid";
mail($email, "Changement d'adresse mail - TFJM²", $msg, "From: $MAIL_ADDRESS\r\n");
}
return false;
}
function updatePassword()
{
global $DB, $YEAR;
$old = htmlspecialchars($_POST["old_password"]);
$new = htmlspecialchars($_POST["new_password"]);
$confirm = htmlspecialchars($_POST["confirm_password"]);
$result = $DB->query("SELECT `pwd_hash` FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "' AND `year` = '$YEAR';");
if (($data = $result->fetch()) === FALSE)
return "Le compte n'existe pas.";
if (!password_verify($old, $data["pwd_hash"]))
return "L'ancien mot de passe est incorrect.";
if (strlen($new) < 8)
return "Le mot de passe doit comporter au moins 8 caractères.";
if ($new != $confirm)
return "Les deux mots de passe sont différents.";
$hash = password_hash($new, PASSWORD_BCRYPT);
$DB->prepare("UPDATE `users` SET `pwd_hash` = ? WHERE `id` = ?;")->execute([$hash, $_SESSION["user_id"]]);
return false;
}
?>
<?php include "header.php" ?>
<?php if (!isset($_SESSION["user_id"])) {
echo "<h2>Vous devez être connecté pour afficher cette page.</h2>";
include "footer.php";
return;
} ?>
<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>
<?php
if (isset($error_message) && $error_message === FALSE) {
?>
<h2>Votre compte a bien été mis à jour !</h2>
<?php
if (isset($email) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo "Votre adresse mail a bien été changée. Veuillez vérifier votre boîte mail pour valider votre nouvelle adresse, vous en aurez besoin pour vous reconnecter.";
}
?>
<?php } ?>
<form method="POST">
<input type="hidden" name="submitted" value="true"/>
<table style="width: 100%">
<tr>
<td style="width: 30%"><label for="email">E-mail :</label></td>
<td style="width: 70%"><?php echo $user_data["email"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="email" id="email" name="email"/></td>
</tr>
<tr>
<td><label for="surname">Nom :</label></td>
<td><?php echo $user_data["surname"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="surname" name="surname"/></td>
</tr>
<tr>
<td><label for="firstname">Prénom :</label></td>
<td><?php echo $user_data["first_name"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="firstname" name="firstname"/></td>
</tr>
<tr>
<td><label for="birth_date">Date de naissance :</label></td>
<td><?php echo echo_date($user_data["birth_date"]) ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="date" id="birth_date" name="birth_date"/></td>
</tr>
<tr>
<td><label for="gender">Sexe :</label></td>
<td><input type="radio" id="male" name="gender" value="M" <?php if ($user_data["gender"] == "M") echo "checked" ?> /><label for="male">Homme</label>
<input type="radio" id="female" name="gender" value="F" <?php if ($user_data["gender"] == "F") echo "checked" ?> /><label for="female">Femme</label></td>
</tr>
<tr>
<td><label for="address">Adresse :</label></td>
<td><?php echo $user_data["address"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="address" name="address"/></td>
</tr>
<tr>
<td><label for="postal_code">Code postal :</label></td>
<td><?php echo $user_data["postal_code"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="number" id="postal_code" name="postal_code" min="1000" max="95999"/></td>
</tr>
<tr>
<td><label for="city">Ville :</label></td>
<td><?php echo $user_data["city"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="city" name="city"/></td>
</tr>
<tr>
<td><label for="country">Pays :</label></td>
<td><?php echo $user_data["country"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="country" name="country"/></td>
</tr>
<tr>
<td><label for="phone_number">Numéro de téléphone :</label></td>
<td><?php echo $user_data["phone_number"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="phone_number" name="phone_number"/></td>
</tr>
<?php if ($user_data["role"] == "PARTICIPANT") { ?>
<tr>
<td><label for="school">Établissement dans lequel l'élève étudie :</label></td>
<td><?php echo $user_data["school"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="school" name="school"/></td>
</tr>
<tr>
<td><label for="class">Classe :</label></td>
<td><select style="width: 100%" id="class" name="class">
<option value="terminale" <?php if ($user_data["class"] == "terminale") echo "selected" ?>>Terminale</option>
<option value="premiere" <?php if ($user_data["class"] == "premiere") echo "selected" ?>>Première</option>
<option value="seconde" <?php if ($user_data["class"] == "seconde") echo "selected" ?>>Seconde ou inférieur</option>
</select></td>
</tr>
<tr>
<td>
<label for="responsible_name">Nom du responsable légal :</label>
</td>
<td>
<?php echo $user_data["responsible_name"] ?>
</td>
</tr>
<tr>
<td colspan="2">
<input style="width: 100%;" type="text" id="responsible_name" name="responsible_name" />
</td>
</tr>
<tr>
<td>
<label for="responsible_phone">Téléphone du responsable légal :</label>
</td>
<td>
<?php echo $user_data["responsible_phone"] ?>
</td>
</tr>
<tr>
<td colspan="2">
<input style="width: 100%" type="text" id="responsible_phone" name="responsible_phone" />
</td>
</tr>
<tr>
<td>
<label for="responsible_email">Email du responsable légal :</label>
</td>
<td>
<?php echo $user_data["responsible_email"] ?>
</td>
</tr>
<tr>
<td colspan="2">
<input style="width: 100%" type="email" id="responsible_email" name="responsible_email" />
</td>
</tr>
<?php } else { ?>
<tr>
<td><label for="description">Description :</label></td>
<td><textarea style="width: 100%" id="description" name="description"><?php echo $user_data["description"] ?></textarea></td>
</tr>
<?php } ?>
<tr>
<td colspan="2"><input type="submit" style="width: 100%" value="Mettre à jour mes données"/></td>
</tr>
</table>
</form>
<div style="padding: 20px"></div>
<form method="POST">
<input type="hidden" name="submitted_password" value="true"/>
<table style="width: 100%">
<tr>
<td style="width: 30%"><label for="old_password">Ancien mot de passe :</label></td>
<td style="width: 70%"><input style="width: 100%" type="password" id="old_password" name="old_password"/></td>
</tr>
<tr>
<td><label for="new_password">Nouveau mot de passe :</label></td>
<td><input style="width: 100%" type="password" id="new_password" name="new_password"/></td>
</tr>
<tr>
<td><label for="confirm_password">Confirmer le mot de passe :</label></td>
<td><input style="width: 100%" type="password" id="confirm_password" name="confirm_password"/></td>
</tr>
<tr>
<td colspan="2"><input type="submit" style="width: 100%" value="Mettre à jour mon mot de passe"/></td>
</tr>
</table>
</form>
<?php include "footer.php" ?>
<?php
require_once 'config.php';
if (isset($_POST["submitted"])) {
$error_message = updateAccount();
} elseif (isset($_POST["submitted_password"])) {
$error_message = updatePassword();
}
if (isset($_SESSION["user_id"])) {
$result = $DB->query("SELECT * FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "';");
$user_data = $result->fetch();
}
function updateAccount()
{
global $DB, $URL_BASE, $MAIL_ADDRESS;
if (!isset($_SESSION["user_id"]))
return "Vous n'êtes pas connecté.";
$ID = $_SESSION["user_id"];
$surname = htmlspecialchars($_POST["surname"]);
if (isset($surname) && $surname != "")
$DB->prepare("UPDATE `users` SET `surname` = ? WHERE `id` = ?;")->execute([$surname, $ID]);
$first_name = htmlspecialchars($_POST["firstname"]);
if (isset($first_name) && $first_name != "")
$DB->prepare("UPDATE `users` SET `first_name` = ? WHERE `id` = ?;")->execute([$first_name, $ID]);
$birth_date = htmlspecialchars($_POST["birth_date"]);
if (isset($birth_date) && $birth_date != "")
$DB->prepare("UPDATE `users` SET `birth_date` = ? WHERE `id` = ?;")->execute([$birth_date, $ID]);
if (isset($_POST["gender"])) {
$gender = htmlspecialchars($_POST["gender"]);
if (isset($gender) && ($gender == "M" || $gender == "F"))
$DB->prepare("UPDATE `users` SET `gender` = ? WHERE `id` = ?;")->execute([$gender, $ID]);
}
$address = htmlspecialchars($_POST["address"]);
if (isset($address) && $address != "")
$DB->prepare("UPDATE `users` SET `address` = ? WHERE `id` = ?;")->execute([$address, $ID]);
$postal_code = htmlspecialchars($_POST["postal_code"]);
if (isset($postal_code) && $postal_code != "")
$DB->prepare("UPDATE `users` SET `postal_code` = ? WHERE `id` = ?;")->execute([$postal_code, $ID]);
$city = htmlspecialchars($_POST["city"]);
if (isset($city) && $city != "")
$DB->prepare("UPDATE `users` SET `city` = ? WHERE `id` = ?;")->execute([$city, $ID]);
$country = htmlspecialchars($_POST["country"]);
if (isset($country) && $country != "")
$DB->prepare("UPDATE `users` SET `country` = ? WHERE `id` = ?;")->execute([$country, $ID]);
$phone_number = htmlspecialchars($_POST["phone_number"]);
if (isset($phone_number) && $phone_number != "")
$DB->prepare("UPDATE `users` SET `phone_number` = ? WHERE `id` = ?;")->execute([$phone_number, $ID]);
if (isset($_POST["school"])) {
$school = htmlspecialchars($_POST["school"]);
if (isset($school) && $school != "")
$DB->prepare("UPDATE `users` SET `school` = ? WHERE `id` = ?;")->execute([$school, $ID]);
}
if (isset($_POST["class"])) {
$class = htmlspecialchars($_POST["class"]);
if (isset($class) && ($class == "terminale" || $class == "premiere" || $class == "seconde"))
$DB->prepare("UPDATE `users` SET `class` = ? WHERE `id` = ?;")->execute([strtoupper($class), $ID]);
}
if (isset($_POST["responsible_name"])) {
$responsible_name = htmlspecialchars($_POST["responsible_name"]);
if (isset($responsible_name) && $responsible_name != "")
$DB->prepare("UPDATE `users` SET `responsible_name` = ? WHERE `id` = ?;")->execute([$responsible_name, $ID]);
}
if (isset($_POST["responsible_phone"])) {
$responsible_phone = htmlspecialchars($_POST["responsible_phone"]);
if (isset($responsible_phone) && $responsible_phone != "")
$DB->prepare("UPDATE `users` SET `responsible_phone` = ? WHERE `id` = ?;")->execute([$responsible_phone, $ID]);
}
if (isset($_POST["responsible_email"])) {
$responsible_email = htmlspecialchars($_POST["responsible_email"]);
if (isset($responsible_email) && $responsible_email != "")
$DB->prepare("UPDATE `users` SET `responsible_email` = ? WHERE `id` = ?;")->execute([$responsible_email, $ID]);
}
if (isset($_POST["description"])) {
$description = htmlspecialchars($_POST["description"]);
if (isset($description) && $description != "")
$DB->prepare("UPDATE `users` SET `description` = ? WHERE `id` = ?;")->execute([$description, $ID]);
}
$email = htmlspecialchars($_POST["email"]);
if (isset($email) && $email != "" && filter_var($email, FILTER_VALIDATE_EMAIL)) {
$confirm_email_uid = uniqid();
$DB->prepare("UPDATE `users` SET `email` = ?, `confirm_email` = ? WHERE `id` = ?;")->execute([$email, $confirm_email_uid, $ID]);
$msg = "Vous venez de changer votre adresse mail. Veuillez désormais confirmer votre adresse mail en cliquant ici : $URL_BASE/confirmer_mail/$confirm_email_uid";
mail($email, "Changement d'adresse mail - TFJM²", $msg, "From: $MAIL_ADDRESS\r\n");
}
return false;
}
function updatePassword()
{
global $DB, $YEAR;
$old = htmlspecialchars($_POST["old_password"]);
$new = htmlspecialchars($_POST["new_password"]);
$confirm = htmlspecialchars($_POST["confirm_password"]);
$result = $DB->query("SELECT `pwd_hash` FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "' AND `year` = '$YEAR';");
if (($data = $result->fetch()) === FALSE)
return "Le compte n'existe pas.";
if (!password_verify($old, $data["pwd_hash"]))
return "L'ancien mot de passe est incorrect.";
if (strlen($new) < 8)
return "Le mot de passe doit comporter au moins 8 caractères.";
if ($new != $confirm)
return "Les deux mots de passe sont différents.";
$hash = password_hash($new, PASSWORD_BCRYPT);
$DB->prepare("UPDATE `users` SET `pwd_hash` = ? WHERE `id` = ?;")->execute([$hash, $_SESSION["user_id"]]);
return false;
}
?>
<?php require_once "header.php" ?>
<?php if (!isset($_SESSION["user_id"])) {
echo "<h2>Vous devez être connecté pour afficher cette page.</h2>";
require_once "footer.php";
return;
} ?>
<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>
<?php
if (isset($error_message) && $error_message === FALSE) {
?>
<h2>Votre compte a bien été mis à jour !</h2>
<?php
if (isset($email) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo "Votre adresse mail a bien été changée. Veuillez vérifier votre boîte mail pour valider votre nouvelle adresse, vous en aurez besoin pour vous reconnecter.";
}
?>
<?php } ?>
<form method="POST">
<input type="hidden" name="submitted" value="true"/>
<table style="width: 100%">
<tr>
<td style="width: 30%"><label for="email">E-mail :</label></td>
<td style="width: 70%"><?php echo $user_data["email"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="email" id="email" name="email"/></td>
</tr>
<tr>
<td><label for="surname">Nom :</label></td>
<td><?php echo $user_data["surname"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="surname" name="surname"/></td>
</tr>
<tr>
<td><label for="firstname">Prénom :</label></td>
<td><?php echo $user_data["first_name"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="firstname" name="firstname"/></td>
</tr>
<tr>
<td><label for="birth_date">Date de naissance :</label></td>
<td><?php echo echo_date($user_data["birth_date"]) ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="date" id="birth_date" name="birth_date"/></td>
</tr>
<tr>
<td><label for="gender">Sexe :</label></td>
<td><input type="radio" id="male" name="gender" value="M" <?php if ($user_data["gender"] == "M") echo "checked" ?> /><label for="male">Homme</label>
<input type="radio" id="female" name="gender" value="F" <?php if ($user_data["gender"] == "F") echo "checked" ?> /><label for="female">Femme</label></td>
</tr>
<tr>
<td><label for="address">Adresse :</label></td>
<td><?php echo $user_data["address"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="address" name="address"/></td>
</tr>
<tr>
<td><label for="postal_code">Code postal :</label></td>
<td><?php echo $user_data["postal_code"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="number" id="postal_code" name="postal_code" min="1000" max="95999"/></td>
</tr>
<tr>
<td><label for="city">Ville :</label></td>
<td><?php echo $user_data["city"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="city" name="city"/></td>
</tr>
<tr>
<td><label for="country">Pays :</label></td>
<td><?php echo $user_data["country"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="country" name="country"/></td>
</tr>
<tr>
<td><label for="phone_number">Numéro de téléphone :</label></td>
<td><?php echo $user_data["phone_number"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="phone_number" name="phone_number"/></td>
</tr>
<?php if ($user_data["role"] == "PARTICIPANT") { ?>
<tr>
<td><label for="school">Établissement dans lequel l'élève étudie :</label></td>
<td><?php echo $user_data["school"] ?></td>
</tr>
<tr>
<td colspan="2"><input style="width: 100%" type="text" id="school" name="school"/></td>
</tr>
<tr>
<td><label for="class">Classe :</label></td>
<td><select style="width: 100%" id="class" name="class">
<option value="terminale" <?php if ($user_data["class"] == "terminale") echo "selected" ?>>Terminale</option>
<option value="premiere" <?php if ($user_data["class"] == "premiere") echo "selected" ?>>Première</option>
<option value="seconde" <?php if ($user_data["class"] == "seconde") echo "selected" ?>>Seconde ou inférieur</option>
</select></td>
</tr>
<tr>
<td>
<label for="responsible_name">Nom du responsable légal :</label>
</td>
<td>
<?php echo $user_data["responsible_name"] ?>
</td>
</tr>
<tr>
<td colspan="2">
<input style="width: 100%;" type="text" id="responsible_name" name="responsible_name" />
</td>
</tr>
<tr>
<td>
<label for="responsible_phone">Téléphone du responsable légal :</label>
</td>
<td>
<?php echo $user_data["responsible_phone"] ?>
</td>
</tr>
<tr>
<td colspan="2">
<input style="width: 100%" type="text" id="responsible_phone" name="responsible_phone" />
</td>
</tr>
<tr>
<td>
<label for="responsible_email">Email du responsable légal :</label>
</td>
<td>
<?php echo $user_data["responsible_email"] ?>
</td>
</tr>
<tr>
<td colspan="2">
<input style="width: 100%" type="email" id="responsible_email" name="responsible_email" />
</td>
</tr>
<?php } else { ?>
<tr>
<td><label for="description">Description :</label></td>
<td><textarea style="width: 100%" id="description" name="description"><?php echo $user_data["description"] ?></textarea></td>
</tr>
<?php } ?>
<tr>
<td colspan="2"><input type="submit" style="width: 100%" value="Mettre à jour mes données"/></td>
</tr>
</table>
</form>
<div style="padding: 20px"></div>
<form method="POST">
<input type="hidden" name="submitted_password" value="true"/>
<table style="width: 100%">
<tr>
<td style="width: 30%"><label for="old_password">Ancien mot de passe :</label></td>
<td style="width: 70%"><input style="width: 100%" type="password" id="old_password" name="old_password"/></td>
</tr>
<tr>
<td><label for="new_password">Nouveau mot de passe :</label></td>
<td><input style="width: 100%" type="password" id="new_password" name="new_password"/></td>
</tr>
<tr>
<td><label for="confirm_password">Confirmer le mot de passe :</label></td>
<td><input style="width: 100%" type="password" id="confirm_password" name="confirm_password"/></td>
</tr>
<tr>
<td colspan="2"><input type="submit" style="width: 100%" value="Mettre à jour mon mot de passe"/></td>
</tr>
</table>
</form>
<?php require_once "footer.php" ?>

8
server_files/mon_equipe.php
View File

@ -1,6 +1,6 @@
<?php
include 'config.php';
require_once 'config.php';
if (isset($_POST["leave_team"])) {
for ($i = 1; $i <= ($_SESSION["role"] == "PARTICIPANT" ? 6 : 2); ++$i)
@ -191,11 +191,11 @@ function checkCanValidate()
?>
<?php include "header.php" ?>
<?php require_once "header.php" ?>
<?php if (!isset($_SESSION["user_id"]) || !isset($_SESSION["team_id"]) || $_SESSION["team_id"] == NULL) {
echo "<h2>Vous devez être dans une équipe pour afficher cette page.</h2>";
include "footer.php";
require_once "footer.php";
return;
} ?>
@ -364,4 +364,4 @@ Code d'accès : <strong><?php echo $team_data["access_code"] ?></strong><br/>
<?php } ?>
<?php } ?>
<?php include "footer.php" ?>
<?php require_once "footer.php" ?>

186
server_files/rejoindre_equipe.php
View File

@ -1,93 +1,93 @@
<?php
include 'config.php';
if (isset($_POST["submitted"])) {
$error_message = joinTeam();
}
function joinTeam() {
global $DB, $YEAR, $MAIL_ADDRESS, $access_code, $data;
if ($_SESSION["team_id"] != NULL)
return "Vous êtes déjà dans une équipe.";
$access_code = htmlspecialchars($_POST["access_code"]);
if (!isset($access_code) || strlen($access_code) != 6)
return "Le code d'accès doit comporter 6 caractères.";
$result = $DB->query("SELECT * FROM `teams` WHERE `access_code` = '" . $access_code . "' AND `year` = '$YEAR';");
if (($data = $result->fetch()) === FALSE)
return "Ce code d'accès est invalide.";
if ($_SESSION["role"] != "PARTICIPANT" && $_SESSION["role"] != "ENCADRANT")
return "Seuls les participants et les encadrants peuvent rejoindre une équipe.";
if ($data["validation_status"] != "NOT_READY")
return "Cette équipe est déjà en cours de validation ou validée, vous ne pouvez pas la rejoindre.";
for ($i = 1; $i <= $_SESSION["role"] == "PARTICIPANT" ? 6 : 2; ++$i) {
if ($data[strtolower($_SESSION["role"]) . "_" . strval($i)] == NULL)
break;
}
if ($_SESSION["role"] == "PARTICIPANT" && $i == 7 || $_SESSION["role"] == "ENCADRANT" && $i == 3)
return "Il n'y a plus de place pour vous dans l'équipe.";
$DB->prepare("UPDATE `users` SET `team_id` = ? WHERE `id` = " . $_SESSION["user_id"] . ";")->execute([$data["id"]]);
/** @noinspection SqlResolve */
$DB->prepare("UPDATE `teams` SET `" . strtolower($_SESSION["role"]) . "_" . strval($i) . "` = ? WHERE `id` = " . $data["id"] . ";")->execute([$_SESSION["user_id"]]);
$_SESSION["team_id"] = $data["id"];
$_SESSION["team_validation_status"] = $data["validation_status"];
$msg = "Bonjour " . $_SESSION["first_name"] . " " . $_SESSION["surname"] . ",\r\n\r\n";
$msg .= "Vous venez de rejoindre l'équipe « " . $data["name"] . " » (" . $data["trigram"] . ") pour le TFJM² de " . $data["name"] . " et nous vous en remercions.\r\n\r\n";
$msg .= "Cordialement,\r\n\r\nL'organisation du TFJM² $YEAR";
mail($_SESSION["email"], "Équipe rejointe TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n");
return false;
}
?>
<?php include "header.php" ?>
<?php
if (!isset($_SESSION["role"]) or ($_SESSION["role"] != "PARTICIPANT" && $_SESSION["role"] != "ENCADRANT")) {
?>
<h2>Vous devez être participant ou encadrant pour pouvoir rejoindre une équipe.</h2>
<?php } else if (isset($access_code)) { ?>
Vous avez bien rejoint l'équipe <?php echo $data["name"] ?> !
<?php } else if ($_SESSION["team_id"] != NULL) { ?>
<h2>Vous êtes déjà dans une équipe.</h2>
<?php } else { ?>
<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>
<form method="POST">
<input type="hidden" name="submitted" value="true" />
<table style="width: 100%;">
<tbody>
<tr>
<td style="width: 30%;">
<label for="access_code">Code d'accès :</label>
</td>
<td style="width: 70%;">
<input style="width: 100%;" type="text" id="access_code" name="access_code" />
</td>
</tr>
<tr>
<td colspan="2">
<input style="width: 100%;" type="submit" value="Rejoindre l'équipe" />
</td>
</tr>
</tbody>
</table>
</form>
<?php include "footer.php" ?>
<?php } ?>
<?php
require_once 'config.php';
if (isset($_POST["submitted"])) {
$error_message = joinTeam();
}
function joinTeam() {
global $DB, $YEAR, $MAIL_ADDRESS, $access_code, $data;
if ($_SESSION["team_id"] != NULL)
return "Vous êtes déjà dans une équipe.";
$access_code = htmlspecialchars($_POST["access_code"]);
if (!isset($access_code) || strlen($access_code) != 6)
return "Le code d'accès doit comporter 6 caractères.";
$result = $DB->query("SELECT * FROM `teams` WHERE `access_code` = '" . $access_code . "' AND `year` = '$YEAR';");
if (($data = $result->fetch()) === FALSE)
return "Ce code d'accès est invalide.";
if ($_SESSION["role"] != "PARTICIPANT" && $_SESSION["role"] != "ENCADRANT")
return "Seuls les participants et les encadrants peuvent rejoindre une équipe.";
if ($data["validation_status"] != "NOT_READY")
return "Cette équipe est déjà en cours de validation ou validée, vous ne pouvez pas la rejoindre.";
for ($i = 1; $i <= $_SESSION["role"] == "PARTICIPANT" ? 6 : 2; ++$i) {
if ($data[strtolower($_SESSION["role"]) . "_" . strval($i)] == NULL)
break;
}
if ($_SESSION["role"] == "PARTICIPANT" && $i == 7 || $_SESSION["role"] == "ENCADRANT" && $i == 3)
return "Il n'y a plus de place pour vous dans l'équipe.";
$DB->prepare("UPDATE `users` SET `team_id` = ? WHERE `id` = " . $_SESSION["user_id"] . ";")->execute([$data["id"]]);
/** @noinspection SqlResolve */
$DB->prepare("UPDATE `teams` SET `" . strtolower($_SESSION["role"]) . "_" . strval($i) . "` = ? WHERE `id` = " . $data["id"] . ";")->execute([$_SESSION["user_id"]]);
$_SESSION["team_id"] = $data["id"];
$_SESSION["team_validation_status"] = $data["validation_status"];
$msg = "Bonjour " . $_SESSION["first_name"] . " " . $_SESSION["surname"] . ",\r\n\r\n";
$msg .= "Vous venez de rejoindre l'équipe « " . $data["name"] . " » (" . $data["trigram"] . ") pour le TFJM² de " . $data["name"] . " et nous vous en remercions.\r\n\r\n";
$msg .= "Cordialement,\r\n\r\nL'organisation du TFJM² $YEAR";
mail($_SESSION["email"], "Équipe rejointe TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n");
return false;
}
?>
<?php require_once "header.php" ?>
<?php
if (!isset($_SESSION["role"]) or ($_SESSION["role"] != "PARTICIPANT" && $_SESSION["role"] != "ENCADRANT")) {
?>
<h2>Vous devez être participant ou encadrant pour pouvoir rejoindre une équipe.</h2>
<?php } else if (isset($access_code)) { ?>
Vous avez bien rejoint l'équipe <?php echo $data["name"] ?> !
<?php } else if ($_SESSION["team_id"] != NULL) { ?>
<h2>Vous êtes déjà dans une équipe.</h2>
<?php } else { ?>
<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>
<form method="POST">
<input type="hidden" name="submitted" value="true" />
<table style="width: 100%;">
<tbody>
<tr>
<td style="width: 30%;">
<label for="access_code">Code d'accès :</label>
</td>
<td style="width: 70%;">
<input style="width: 100%;" type="text" id="access_code" name="access_code" />
</td>
</tr>
<tr>
<td colspan="2">
<input style="width: 100%;" type="submit" value="Rejoindre l'équipe" />
</td>
</tr>
</tbody>
</table>
</form>
<?php require_once "footer.php" ?>
<?php } ?>

8
server_files/solutions.php
View File

@ -1,9 +1,9 @@
<?php
include 'config.php';
require_once 'config.php';
if (!isset($_SESSION["team_id"]))
include "403.php";
require_once "403.php";
if (isset($_POST["send_solution"])) {
$error_message = saveSolution();
@ -60,7 +60,7 @@ function saveSolution() {
?>
<?php include 'header.php' ?>
<?php require_once 'header.php' ?>
<?php if (isset($error_message)) {
if ($error_message !== false) {
@ -120,4 +120,4 @@ while (($data = $solutions_req->fetch()) !== false) {
}
?>
<?php include 'footer.php' ?>
<?php require_once 'footer.php' ?>

8
server_files/solutions_orga.php
View File

@ -1,9 +1,9 @@
<?php include 'config.php'; ?>
<?php require_once 'config.php'; ?>
<?php
if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ADMIN" && $_SESSION["role"] != "ORGANIZER")
include "403.php";
require_once "403.php";
if (isset($_POST["download_zip"])) {
$id = $_POST["tournament"];
@ -43,7 +43,7 @@ if (isset($_POST["download_zip"])) {
?>
<?php include 'header.php'; ?>
<?php require_once 'header.php'; ?>
<?php
@ -78,4 +78,4 @@ while (($data_tournament = $req->fetch()) !== false) {
?>
<?php include 'footer.php'; ?>
<?php require_once 'footer.php'; ?>

10
server_files/syntheses.php
View File

@ -1,9 +1,9 @@
<?php
include 'config.php';
require_once 'config.php';
if (!isset($_SESSION["team_id"]))
include "403.php";
require_once "403.php";
if (isset($_POST["send_synthese"])) {
$error_message = saveSynthese();
@ -56,12 +56,12 @@ function saveSynthese() {
?>
<?php include 'header.php' ?>
<?php require_once 'header.php' ?>
<?php
if (date("yyyy-mm-dd") < $tournament_data["date_solutions"]) {
echo "<h3>Il est trop tôt pour se préoccuper des notes de synthèse, attendez le tirage des poules.</h3>";
include "footer.php";
require_once "footer.php";
}
if (isset($error_message)) {
@ -120,4 +120,4 @@ while (($data = $syntheses_req->fetch()) !== false) {
}
?>
<?php include 'footer.php' ?>
<?php require_once 'footer.php' ?>

8
server_files/syntheses_orga.php
View File

@ -1,9 +1,9 @@
<?php include 'config.php'; ?>
<?php require_once 'config.php'; ?>
<?php
if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ADMIN" && $_SESSION["role"] != "ORGANIZER")
include "403.php";
require_once "403.php";
if (isset($_POST["download_zip"])) {
$id = $_POST["tournament"];
@ -43,7 +43,7 @@ if (isset($_POST["download_zip"])) {
?>
<?php include 'header.php'; ?>
<?php require_once 'header.php'; ?>
<?php
@ -77,4 +77,4 @@ while (($data_tournament = $req->fetch()) !== false) {
}
?>
<?php include 'footer.php'; ?>
<?php require_once 'footer.php'; ?>

10
server_files/tournoi.php
View File

@ -1,6 +1,6 @@
<?php
include 'config.php';
require_once 'config.php';
$tournament_name = htmlspecialchars($_GET["nom"]);
@ -9,7 +9,7 @@ $response->execute([$tournament_name]);
$data = $response->fetch();
if ($data === false)
include "404.php";
require_once "404.php";
$orgas_req = $DB->query("SELECT `users`.`id` AS `id`, `surname`, `first_name` FROM `users` JOIN `organizers` ON `users`.`id` = `organizer` WHERE `tournament` = " . $data["id"] . ";");
$orgas = [];
@ -20,7 +20,7 @@ while (($orga_data = $orgas_req->fetch()) !== false) {
}
if (isset($_GET["modifier"]) && $_SESSION["role"] != "ADMIN" && !in_array($_SESSION["user_id"], $orgas_id))
include "403.php";
require_once "403.php";
if (isset($_POST["edit_tournament"])) {
$error_message = updateTournament();
@ -130,7 +130,7 @@ function updateTournament() {
?>
<?php include "header.php" ?>
<?php require_once "header.php" ?>
<h2>Tournoi de <?php echo $data["name"] ?></h2>
@ -356,4 +356,4 @@ else {
}
?>
<?php include "footer.php" ?>
<?php require_once "footer.php" ?>

6
server_files/tournois.php
View File

@ -1,6 +1,6 @@
<?php
include 'config.php';
require_once 'config.php';
$response = $DB->query("SELECT `name`, `date_start`, `date_end`, `date_inscription`, `date_solutions`, `size` FROM `tournaments`
WHERE `year` = '$YEAR' AND `final` = false ORDER BY `date_start`, `name`;");
@ -8,7 +8,7 @@ $final_data = $DB->query("SELECT `name`, `date_start`, `date_end`, `date_solutio
?>
<?php include "header.php" ?>
<?php require_once "header.php" ?>
<h2>Liste des tournois</h2>
@ -55,4 +55,4 @@ $final_data = $DB->query("SELECT `name`, `date_start`, `date_end`, `date_solutio
</tfoot>
</table>
<?php include "footer.php" ?>
<?php require_once "footer.php" ?>

4
server_files/view_file.php
View File

@ -1,6 +1,6 @@
<?php
include "config.php";
require_once "config.php";
if (!isset($_GET["file_id"])) {
header("Location: $URL_BASE");
@ -54,7 +54,7 @@ if ($data !== false) {
}
}
else {
include_once "404.php";
require_once_once "404.php";
http_response_code(404);
exit();
}