From e9f10ca14f79c82f7b869c0a661acd9059607038 Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <yohann.danello@gmail.com>
Date: Thu, 19 Dec 2019 15:05:11 +0100
Subject: [PATCH] =?UTF-8?q?Usurpation=20d'identit=C3=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 server_files/controllers/informations.php |  8 +++++
 server_files/model.php                    | 27 ++++-----------
 server_files/views/header.php             | 24 +++----------
 server_files/views/informations.php       | 41 +++++++++++++++++------
 4 files changed, 50 insertions(+), 50 deletions(-)

diff --git a/server_files/controllers/informations.php b/server_files/controllers/informations.php
index 9b076e2..5422f72 100644
--- a/server_files/controllers/informations.php
+++ b/server_files/controllers/informations.php
@@ -14,6 +14,14 @@ if ($_SESSION["role"] != Role::ORGANIZER && $_SESSION["role"] != Role::ADMIN) {
 if ($user === null)
 	require_once "server_files/404.php";
 
+if (isset($_POST["view_as"]) && $_SESSION["role"] == Role::ADMIN) {
+	if (!isset($_SESSION["admin"]))
+		$_SESSION["admin"] = $_SESSION["user_id"];
+	$_SESSION["user_id"] = $user->getId();
+	header("Location: /");
+	exit();
+}
+
 $team = Team::fromId($user->getTeamId());
 $tournaments = $user->getOrganizedTournaments();
 
diff --git a/server_files/model.php b/server_files/model.php
index d655971..218e8b2 100644
--- a/server_files/model.php
+++ b/server_files/model.php
@@ -19,27 +19,12 @@ function loadUserValues()
 			$_SESSION["tournament"] = Tournament::fromId($team->getTournamentId());
 		}
 
-		if (isset($_GET["be-admin"])) {
-			quitTeam();
-			$user->setRole(Role::ADMIN);
-			exit();
-		}
-
-		if (isset($_GET["be-organizer"])) {
-			quitTeam();
-			$user->setRole(Role::ORGANIZER);
-			exit();
-		}
-
-		if (isset($_GET["be-participant"])) {
-			quitTeam();
-			$user->setRole(Role::PARTICIPANT);
-			exit();
-		}
-
-		if (isset($_GET["be-encadrant"])) {
-			quitTeam();
-			$user->setRole(Role::ENCADRANT);
+		if (isset($_GET["view-as-admin"])) {
+			if (isset($_SESSION["admin"])) {
+				$_SESSION["user_id"] = $_SESSION["admin"];
+				unset($_SESSION["admin"]);
+			}
+			header("Location: /");
 			exit();
 		}
 	}
diff --git a/server_files/views/header.php b/server_files/views/header.php
index b70780d..1a8d053 100644
--- a/server_files/views/header.php
+++ b/server_files/views/header.php
@@ -85,25 +85,11 @@
                         <a class="nav-link" href="/inscription">Inscription</a>
                     </li>
                 <?php } else { ?>
-                    <li class="nav-item active">
-                        <a class="nav-link">Changer de point de vue</a>
-                        <ul class="deroule">
-                        <?php
-                        if ($_SESSION["role"] != Role::ADMIN) {
-                            echo "<li><a class=\"nav-link\" href=\"?be-admin=1\">Devenir administrateur</a></li>\n";
-                        }
-                        if ($_SESSION["role"] != Role::ORGANIZER) {
-                            echo "<li><a class=\"nav-link\" href=\"?be-organizer=1\">Devenir organisateur</a></li>\n";
-                        }
-                        if ($_SESSION["role"] != Role::PARTICIPANT) {
-                            echo "<li><a class=\"nav-link\" href=\"?be-participant=1\">Devenir participant</a></li>\n";
-                        }
-                        if ($_SESSION["role"] != Role::ENCADRANT) {
-                            echo "<li><a class=\"nav-link\" href=\"?be-encadrant=1\">Devenir encadrant</a></li>\n";
-                        }
-                        ?>
-                    </ul>
-                    </li>
+					<?php if (isset($_SESSION["admin"])) { ?>
+                        <li class="nav-item active">
+                            <a class="nav-link" href="/?view-as-admin">Retourner en vue administrateur</a>
+                        </li>
+					<?php } ?>
                     <li class="nav-item active">
                         <a class="nav-link" href="/deconnexion">Déconnexion</a>
                     </li>
diff --git a/server_files/views/informations.php b/server_files/views/informations.php
index ee9fec6..e9383b2 100644
--- a/server_files/views/informations.php
+++ b/server_files/views/informations.php
@@ -84,23 +84,36 @@ if (!$has_error) {
 </div>
 
 <?php if ($user->getRole() == Role::PARTICIPANT) { ?>
-	Lycée : <?= $user->getSchool() ?><br />
-	Classe : <?php SchoolClass::getTranslatedName($user->getClass())	?><br />
-	Nom du responsable légal : <?= $user->getResponsibleName() ?><br />
-	Numéro de téléphone du responsable légal : <?= $user->getResponsiblePhone() ?><br />
-	Adresse e-mail du responsable légal : <a href="mailto:<?= $user->getResponsibleEmail() ?>"><?= $user->getResponsibleEmail() ?></a>
-<?php } elseif ($user->getDescription() != "") { ?>
-	Description : <?= $user->getDescription() ?><br />
-<?php }
+    <div class="alert alert-info">
+	    Lycée : <?= $user->getSchool() ?><br />
+	    Classe : <?php SchoolClass::getTranslatedName($user->getClass()) ?>
+    </div>
 
-echo "<hr />";
+    <div class="alert alert-info">
+	    Nom du responsable légal : <?= $user->getResponsibleName() ?>
+    </div>
+
+    <div class="alert alert-info">
+	    Numéro de téléphone du responsable légal : <?= $user->getResponsiblePhone() ?>
+    </div>
+
+    <div class="alert alert-info">
+	    Adresse e-mail du responsable légal : <a href="mailto:<?= $user->getResponsibleEmail() ?>"><?= $user->getResponsibleEmail() ?></a>
+    </div>
+
+<?php } elseif ($user->getDescription() != "") { ?>
+    <div class="alert alert-info">
+	    Description : <?= $user->getDescription() ?>
+    </div>
+<?php }
 
 if ($user->getRole() == Role::ADMIN || $user->getRole() == Role::ORGANIZER) {
 	foreach ($tournaments as $tournament) {
-		echo "Organise le tournoi <a href=\"/tournoi/" . $tournament->getName(). "\">" . $tournament->getName() . "</a><br />";
+		echo "<div class=\"alert alert-info\">Organise le tournoi <a href=\"/tournoi/" . $tournament->getName(). "\">" . $tournament->getName() . "</a></div>";
 	}
 }
 elseif ($user->getRole() == Role::PARTICIPANT || $user->getRole() == Role::ENCADRANT) { ?>
+
 	<h2>Autorisations</h2>
     <?php
     printDocuments($documents);
@@ -113,4 +126,12 @@ elseif ($user->getRole() == Role::PARTICIPANT || $user->getRole() == Role::ENCAD
     }
 }
 
+if ($_SESSION["role"] == Role::ADMIN) { ?>
+    <hr />
+    <form method="POST">
+        <input type="submit" name="view_as" class="btn btn-secondary btn-lg btn-block" style="background-color: #2ba42b"
+               value="Afficher le site en tant que <?= $user->getFirstName() . " " . $user->getSurname() ?>"/>
+    </form>
+<?php }
+
 require_once "footer.php";
\ No newline at end of file