From da8efde05785a0a6f6dec9b47e82aac66156c3dd Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <yohann.danello@gmail.com>
Date: Thu, 26 Dec 2019 22:30:42 +0100
Subject: [PATCH] Ajouts & correction de bugs

---
 dispatcher.php                              |   3 +
 server_files/403.php                        |  12 ++-
 server_files/404.php                        |  12 ++-
 server_files/classes/Team.php               |  16 +++
 server_files/classes/User.php               |  46 ++++++++
 server_files/controllers/informations.php   | 111 +++++++++++++++++---
 server_files/controllers/inscription.php    |   2 +-
 server_files/controllers/organisateurs.php  |   8 ++
 server_files/controllers/profils.php        |   9 ++
 server_files/model.php                      |  18 +++-
 server_files/views/ajouter_organisateur.php |  10 +-
 server_files/views/equipe.php               |   2 +-
 server_files/views/header.php               |   5 +
 server_files/views/informations.php         |   2 +-
 server_files/views/organisateurs.php        |  76 ++++++++++++++
 server_files/views/profils.php              |  63 +++++++++++
 16 files changed, 363 insertions(+), 32 deletions(-)
 create mode 100644 server_files/controllers/organisateurs.php
 create mode 100644 server_files/controllers/profils.php
 create mode 100644 server_files/views/organisateurs.php
 create mode 100644 server_files/views/profils.php

diff --git a/dispatcher.php b/dispatcher.php
index 1e85705..317038c 100644
--- a/dispatcher.php
+++ b/dispatcher.php
@@ -41,6 +41,9 @@ $ROUTES["^inscription/?$"] = ["server_files/controllers/inscription.php"];
 $ROUTES["^mon-compte/?$"] = ["server_files/controllers/mon_compte.php"];
 $ROUTES["^mon-equipe/(modifier)/?$"] = ["server_files/controllers/mon_equipe.php", "modifier"];
 $ROUTES["^mon-equipe/?$"] = ["server_files/controllers/mon_equipe.php"];
+$ROUTES["^organisateurs"] = ["server_files/controllers/organisateurs.php"];
+$ROUTES["^profils/?$"] = ["server_files/controllers/profils.php"];
+$ROUTES["^profils-(orphelins)/?$"] = ["server_files/controllers/profils.php", "orphans"];
 $ROUTES["^rejoindre_equipe/?$"] = ["server_files/controllers/rejoindre_equipe.php"];
 $ROUTES["^solutions/?$"] = ["server_files/controllers/solutions.php"];
 $ROUTES["^solutions_orga/?$"] = ["server_files/controllers/solutions_orga.php"];
diff --git a/server_files/403.php b/server_files/403.php
index 51e6852..72127d0 100644
--- a/server_files/403.php
+++ b/server_files/403.php
@@ -4,9 +4,13 @@ require_once "config.php";
 require_once "views/header.php";
 
 http_response_code(403);
+?>
 
-echo "<h1>Vous n'êtes pas autorisé à accéder à cette page.</h1>";
+    <div class="alert alert-danger mt-4 mb-4">
+        <h2 class="display-5">
+            Vous n'êtes pas autorisé à accéder à cette page.
+        </h2>
+    </div>
 
-require_once "views/footer.php";
-
-exit();
\ No newline at end of file
+<?php
+require_once "views/footer.php";
\ No newline at end of file
diff --git a/server_files/404.php b/server_files/404.php
index 9fc419b..1724071 100644
--- a/server_files/404.php
+++ b/server_files/404.php
@@ -4,9 +4,13 @@ require_once "config.php";
 require_once "views/header.php";
 
 http_response_code(404);
+?>
 
-echo "<h1>Cette page n'existe pas.</h1>";
+    <div class="alert alert-danger mt-4 mb-4">
+        <h2 class="display-5">
+            Cette page n'existe pas.
+        </h2>
+    </div>
 
-require_once "views/footer.php";
-
-exit();
\ No newline at end of file
+<?php
+require_once "views/footer.php";
\ No newline at end of file
diff --git a/server_files/classes/Team.php b/server_files/classes/Team.php
index 53e29a1..4e0de30 100644
--- a/server_files/classes/Team.php
+++ b/server_files/classes/Team.php
@@ -182,4 +182,20 @@ class Team
 	{
 		return $this->year;
 	}
+
+	public static function getAllTeams($only_not_validated = false)
+	{
+		global $DB, $YEAR;
+		$req = $DB->query("SELECT * FROM `teams` WHERE " . ($only_not_validated ? "`validation_status` = 'NOT_READY' AND " : "") .  "`year` = $YEAR;");
+
+		$teams = [];
+
+		while (($data = $req->fetch()) != false) {
+			$team = new Team();
+			$team->fill($data);
+			$teams[] = $team;
+		}
+
+		return $teams;
+	}
 }
diff --git a/server_files/classes/User.php b/server_files/classes/User.php
index cd1fd8d..15a6f62 100644
--- a/server_files/classes/User.php
+++ b/server_files/classes/User.php
@@ -86,6 +86,52 @@ class User
 		$this->forgotten_password = $data["forgotten_password"];
 		$this->inscription_date = $data["inscription_date"];
 	}
+	public static function getOrganizers()
+	{
+		global $DB, $YEAR;
+		$admins = [];
+		$req = $DB->query("SELECT * FROM `users` WHERE `role` = 'ORGANIZER' OR `role` = 'ADMIN' AND `year` = $YEAR;");
+
+		while (($data = $req->fetch()) !== false) {
+			$admin = new User();
+			$admin->fill($data);
+			$admins[] = $admin;
+		}
+
+		return $admins;
+	}
+
+	public static function getAllUsers()
+	{
+		global $DB, $YEAR;
+		$users = [];
+		$req = $DB->query("SELECT * FROM `users` WHERE (`role` = 'PARTICIPANT' OR `role` = 'ENCADRANT') "
+			. "AND `year` = $YEAR ORDER BY `role`, `inscription_date`;");
+
+		while (($data = $req->fetch()) !== false) {
+			$orphan = new User();
+			$orphan->fill($data);
+			$users[] = $orphan;
+		}
+
+		return $users;
+	}
+
+	public static function getOrphanUsers()
+	{
+		global $DB, $YEAR;
+		$orphans = [];
+		$req = $DB->query("SELECT * FROM `users` WHERE `role` != 'ADMIN' AND `team_id` IS NULL "
+			. "AND `year` = $YEAR ORDER BY `role`, `inscription_date`;");
+
+		while (($data = $req->fetch()) !== false) {
+			$orphan = new User();
+			$orphan->fill($data);
+			$orphans[] = $orphan;
+		}
+
+		return $orphans;
+	}
 
 	public function getEmail()
 	{
diff --git a/server_files/controllers/informations.php b/server_files/controllers/informations.php
index 5422f72..6863dec 100644
--- a/server_files/controllers/informations.php
+++ b/server_files/controllers/informations.php
@@ -6,29 +6,110 @@ if (!isset($_SESSION["role"]))
 $id = $_GET["id"];
 $user = User::fromId($id);
 
-if ($_SESSION["role"] != Role::ORGANIZER && $_SESSION["role"] != Role::ADMIN) {
-	if ($user->getId() != $_SESSION["user_id"] && ($user->getTeamId() == null || $user->getTeamId() != $_SESSION["user"]->getTeamId()))
+if ($_SESSION["role"] != Role::ADMIN) {
+	if ($user->getId() != $_SESSION["user_id"])
 		require_once "server_files/403.php";
 }
 
 if ($user === null)
 	require_once "server_files/404.php";
 
-if (isset($_POST["view_as"]) && $_SESSION["role"] == Role::ADMIN) {
-	if (!isset($_SESSION["admin"]))
-		$_SESSION["admin"] = $_SESSION["user_id"];
-	$_SESSION["user_id"] = $user->getId();
-	header("Location: /");
-	exit();
-}
-
 $team = Team::fromId($user->getTeamId());
-$tournaments = $user->getOrganizedTournaments();
 
-if ($team != null) {
-	$documents = $user->getAllDocuments($team->getTournamentId());
-	if ($team->isSelectedForFinal())
-		$documents_final = $user->getAllDocuments($FINAL->getId());
+$has_error = false;
+$error_message = null;
+
+if (isset($_POST["kick"])) {
+	if ($team == null) {
+		$has_error = true;
+		$error_message = "La personne à expulser n'est dans aucune équipe.";
+	}
+	else {
+		quitTeam($id);
+		$team = null;
+	}
 }
 
+if (isset($_POST["attribute_team"])) {
+	$attribute_team = new AttributeTeam($_POST);
+	try {
+		$attribute_team->makeVerifications();
+		$attribute_team->attribute();
+	} catch (AssertionError $e) {
+		$has_error = true;
+		$error_message = $e->getMessage();
+	}
+}
+
+if (isset($_POST["view_as"]) && $_SESSION["role"] == Role::ADMIN) {
+    if (!isset($_SESSION["admin"]))
+        $_SESSION["admin"] = $_SESSION["user_id"];
+    $_SESSION["user_id"] = $user->getId();
+    header("Location: /");
+    exit();
+}
+
+if (isset($_POST["delete_account"]) && $team == null && $_SESSION["role"] == Role::ADMIN) {
+    /** @var Document $document */
+    foreach ($user->getAllDocuments($team->getTournamentId()) as $document)
+        unlink($LOCAL_PATH . "/files/" . $document->getFileId());
+    $DB->prepare("DELETE FROM `documents` WHERE `user` = ?;")->execute([$user->getId()]);
+    $DB->prepare("DELETE FROM `users` WHERE `id` = ?;")->execute([$user->getId()]);
+    header("Location: /");
+    exit();
+}
+
+class AttributeTeam
+{
+    private $team_id;
+	private $team;
+	private $min_null_index;
+
+	public function __construct($data)
+	{
+		$this->team_id = $data["team"];
+		$this->team = Team::fromId($this->team_id);
+	}
+
+	public function makeVerifications()
+	{
+		global $user;
+
+		ensure($user->getConfirmEmailToken() == null, "Ce participant n'a pas encore validé son adresse e-mail.");
+		ensure($this->team_id != "no_team", "Vous n'avez pas choisi d'équipe.");
+		ensure($this->team != null, "Cette équipe n'existe pas.");
+		ensure($this->team->getValidationStatus() == ValidationStatus::NOT_READY, "Cette équipe est déjà validée ou en cours de validation.");
+
+		$role = $user->getRole();
+		for ($i = 1; $i <= $role == Role::ENCADRANT ? 2 : 6; ++$i) {
+			if (($role == Role::PARTICIPANT ? $this->team->getParticipants()[$i - 1] : $this->team->getEncadrants()[$i]) == NULL)
+				break;
+		}
+
+		$this->min_null_index = $i;
+
+		ensure($role == Role::PARTICIPANT && $this->min_null_index <= 5 || $role == Role::ENCADRANT && $this->min_null_index <= 2,
+			"Il n'y a plus de place pour vous dans l'équipe.");
+	}
+
+	public function attribute()
+	{
+		global $user, $team;
+
+		$user->setTeamId($this->team->getId());
+
+		if ($user->getRole() == Role::ENCADRANT)
+			$this->team->setEncadrant($this->min_null_index, $user->getId());
+		else
+			$this->team->setParticipant($this->min_null_index, $user->getId());
+
+		Mailer::sendJoinTeamMail($user, $this->team, Tournament::fromId($this->team->getTournamentId()));
+
+		$team = $this->team;
+	}
+}
+
+if ($team != null)
+	$documents = $user->getAllDocuments($team->getTournamentId());
+
 require_once "server_files/views/informations.php";
diff --git a/server_files/controllers/inscription.php b/server_files/controllers/inscription.php
index 3f1462a..2ab593b 100644
--- a/server_files/controllers/inscription.php
+++ b/server_files/controllers/inscription.php
@@ -3,7 +3,7 @@
 $has_error = false;
 $error_message = null;
 
-if (isset($_POST["submitted"])) {
+if (isset($_POST["register"])) {
 	$user = new NewUser($_POST);
 
 	try {
diff --git a/server_files/controllers/organisateurs.php b/server_files/controllers/organisateurs.php
new file mode 100644
index 0000000..446dccc
--- /dev/null
+++ b/server_files/controllers/organisateurs.php
@@ -0,0 +1,8 @@
+<?php
+
+if ($_SESSION["role"] != Role::ADMIN)
+    require_once "server_files/403.php";
+
+$organizers = User::getOrganizers();
+
+require_once "server_files/views/organisateurs.php";
\ No newline at end of file
diff --git a/server_files/controllers/profils.php b/server_files/controllers/profils.php
new file mode 100644
index 0000000..64c1edb
--- /dev/null
+++ b/server_files/controllers/profils.php
@@ -0,0 +1,9 @@
+<?php
+
+if (!isset($_SESSION["user_id"]) || $_SESSION["role"] != Role::ADMIN)
+	require_once "server_files/403.php";
+
+$orphans = isset($_GET["orphans"]);
+$users = $orphans ? User::getOrphanUsers() : User::getAllUsers();
+
+require_once "server_files/views/profils.php";
\ No newline at end of file
diff --git a/server_files/model.php b/server_files/model.php
index 218e8b2..344ba49 100644
--- a/server_files/model.php
+++ b/server_files/model.php
@@ -30,7 +30,7 @@ function loadUserValues()
 	}
 }
 
-function quitTeam()
+function quitTeam($user_id = -1)
 {
 	global $DB, $URL_BASE;
 
@@ -38,7 +38,10 @@ function quitTeam()
 
 	/** @var User $user */
 	$user = $_SESSION["user"];
-	$user_id = $user->getId();
+	if ($user_id == -1)
+		$user_id = $user->getId();
+	else
+		$user = User::fromId($user_id);
 	$role = $user->getRole();
 
 	if ($role == Role::ADMIN || $role == Role::ORGANIZER)
@@ -161,17 +164,22 @@ function canValidate(Team $team, Tournament $tournament)
 
 function printDocuments($documents)
 {
-	global $URL_BASE;
+	if (sizeof($documents) == 0) {
+		echo "<div class=\"alert alert-warning\">\nPas de document envoyé pour le moment.\n</div>\n";
+		return;
+	}
 
+	echo "<div class=\"alert alert-info\">\n";
 	foreach ($documents as $document) {
 		$file_id = $document->getFileId();
 		$user = User::fromId($document->getUserId());
 		$surname = $user->getSurname();
 		$first_name = $user->getFirstName();
-		$name = DocumentType::getTranslatedName($document->getType());
+		$name = "Autorisation de droit à l'image";
 		$version = $document->getVersion();
-		echo "$name de $first_name $surname (version $version) : <a href=\"/file/$file_id\">Télécharger</a><br />";
+		echo "$name de $first_name $surname (version $version) : <a href=\"/file/$file_id\"><strong>Télécharger</strong></a><br />\n";
 	}
+	echo "</div>\n";
 }
 
 function getZipFile($document_type, $tournament_id, $team_id = -1)
diff --git a/server_files/views/ajouter_organisateur.php b/server_files/views/ajouter_organisateur.php
index 097aa41..53b1c86 100644
--- a/server_files/views/ajouter_organisateur.php
+++ b/server_files/views/ajouter_organisateur.php
@@ -35,8 +35,16 @@ require_once "header.php";
         </div>
     </div>
 
+    <div class="form-row">
+        <div class="form-group col-md-12">
+            <label for="admin">Compte administrateur :</label>
+            <input type="checkbox" id="admin" name="admin"
+                   value="<?php if (isset($orga)) echo $orga->admin ?>"/>
+        </div>
+    </div>
+
     <div class="form-group row">
-        <input class="btn btn-primary btn-lg btn-block" name="add_admin" type="submit" value="Ajouter un administrateur" />
+        <input class="btn btn-primary btn-lg btn-block" name="add_admin" type="submit" value="Ajouter un organisateur" />
     </div>
 </form>
 
diff --git a/server_files/views/equipe.php b/server_files/views/equipe.php
index 89cabb5..e5610ba 100644
--- a/server_files/views/equipe.php
+++ b/server_files/views/equipe.php
@@ -39,7 +39,7 @@
     <div class="alert alert-info">
         <?php
         for ($i = 1; $i <= 2; ++$i) {
-            if ($team->getEncadrants()[$i] == NULL)
+            if ($team->getEncadrants()[$i - 1] == NULL)
                 continue;
             $encadrant = User::fromId($team->getEncadrants()[$i - 1]);
             $id = $encadrant->getId();
diff --git a/server_files/views/header.php b/server_files/views/header.php
index 1a8d053..a1fbe99 100644
--- a/server_files/views/header.php
+++ b/server_files/views/header.php
@@ -28,6 +28,11 @@
                 </li>
                 <li class="nav-item active">
                     <a class="nav-link" href="/tournois">Liste des tournois</a>
+                    <ul class="deroule">
+                        <li class="nav-item active"><a class="nav-link" href="/profils-orphelins">Profils orphelins</a></li>
+                        <li class="nav-item active"><a class="nav-link" href="/profils">Tous les profils</a></li>
+                        <li class="nav-item active"><a class="nav-link" href="/organisateurs">Organisateurs</a></li>
+                    </ul>
                 </li>
                 <?php if (isset($_SESSION["user_id"])) { ?>
                     <li class="nav-item active">
diff --git a/server_files/views/informations.php b/server_files/views/informations.php
index e9383b2..0500384 100644
--- a/server_files/views/informations.php
+++ b/server_files/views/informations.php
@@ -112,7 +112,7 @@ if ($user->getRole() == Role::ADMIN || $user->getRole() == Role::ORGANIZER) {
 		echo "<div class=\"alert alert-info\">Organise le tournoi <a href=\"/tournoi/" . $tournament->getName(). "\">" . $tournament->getName() . "</a></div>";
 	}
 }
-elseif ($user->getRole() == Role::PARTICIPANT || $user->getRole() == Role::ENCADRANT) { ?>
+elseif (($user->getRole() == Role::PARTICIPANT || $user->getRole() == Role::ENCADRANT) && $user->getTeamId() !== NULL) { ?>
 
 	<h2>Autorisations</h2>
     <?php
diff --git a/server_files/views/organisateurs.php b/server_files/views/organisateurs.php
new file mode 100644
index 0000000..4e5ebea
--- /dev/null
+++ b/server_files/views/organisateurs.php
@@ -0,0 +1,76 @@
+<?php
+require_once "header.php";
+?>
+
+<div class="mt-4 mb-4">
+    <h1 class="display-4">Liste des organisateurs</h1>
+</div>
+
+<hr />
+
+    <table class="table table-striped table-bordered table-hover">
+        <thead>
+        <tr>
+            <th scope="col">
+                Nom
+            </th>
+            <th scope="col">
+                Prénom
+            </th>
+            <th scope="col">
+                Adresse e-mail
+            </th>
+            <th>
+                Est administrateur
+            </th>
+        </tr>
+        </thead>
+        <tbody>
+        <?php
+        /** @var User $orga */
+        foreach ($organizers as $orga) {
+            ?>
+            <tr>
+                <td>
+                    <a href="/informations/<?= $orga->getId() ?>/<?= $orga->getFirstName() . " " . $orga->getSurname() ?>">
+                        <?= $orga->getSurname() ?>
+                    </a>
+                </td>
+                <td>
+                    <a href="/informations/<?= $orga->getId() ?>/<?= $orga->getFirstName() . " " . $orga->getSurname() ?>">
+                        <?= $orga->getFirstName() ?>
+                    </a>
+                </td>
+                <td>
+                    <a href="mailto:<?= $orga->getEmail() ?>">
+                        <?= $orga->getEmail() ?>
+                    </a>
+                </td>
+                <td>
+                    <?= $orga->getRole() == Role::ADMIN ? "oui" : "non" ?>
+                </td>
+            </tr>
+            <?php
+        }
+        ?>
+        </tbody>
+        <tfoot>
+        <tr>
+            <th>
+                Nom
+            </th>
+            <th>
+                Prénom
+            </th>
+            <th>
+                Adresse e-mail
+            </th>
+            <th>
+                Est administrateur
+            </th>
+        </tr>
+        </tfoot>
+    </table>
+
+<?php
+require_once "footer.php";
\ No newline at end of file
diff --git a/server_files/views/profils.php b/server_files/views/profils.php
new file mode 100644
index 0000000..cc8f2e6
--- /dev/null
+++ b/server_files/views/profils.php
@@ -0,0 +1,63 @@
+<?php
+require_once "header.php";
+?>
+
+<div class="mt-4 mb-4">
+	<h2 class="display-3"><?= $orphans ? "Profils orphelins" : "Tous les profils" ?></h2>
+</div>
+
+<div>
+	Cette page recense tous les utilisateurs inscrits<?= $orphans ? " mais qui n'ont pas rejoint d'équipe" : "" ?>.
+</div>
+
+<br />
+
+<table class="table table-striped table-bordered table-hover">
+	<thead>
+	<tr>
+		<th scope="col">
+			Nom
+		</th>
+		<th scope="col">
+			Rôle
+		</th>
+		<th scope="col">
+			Inscrit le
+		</th>
+	</tr>
+	</thead>
+	<tbody>
+	<?php
+	/** @var User $user */
+	foreach ($users as $user) {
+		?>
+		<tr>
+			<th scope="row">
+				<a href="/informations/<?= $user->getId() . "/" . $user->getFirstName() . " " . $user->getSurname() ?>">
+					<?= $user->getFirstName() . " " . $user->getSurname() ?>
+				</a>
+			</th>
+			<td><?= Role::getTranslatedName($user->getRole()) ?></td>
+			<td><?= formatDate($user->getInscriptionDate(), true) ?></td>
+		</tr>
+		<?php
+	}
+	?>
+	</tbody>
+	<tfoot>
+	<tr>
+		<th scope="col">
+			Nom
+		</th>
+		<th scope="col">
+			Rôle
+		</th>
+		<th scope="col">
+			Inscrit le
+		</th>
+	</tr>
+	</tfoot>
+</table>
+
+<?php
+require_once "footer.php";
\ No newline at end of file