Usurpation d'identité
This commit is contained in:
parent
7db606e6eb
commit
e9f10ca14f
|
@ -14,6 +14,14 @@ if ($_SESSION["role"] != Role::ORGANIZER && $_SESSION["role"] != Role::ADMIN) {
|
||||||
if ($user === null)
|
if ($user === null)
|
||||||
require_once "server_files/404.php";
|
require_once "server_files/404.php";
|
||||||
|
|
||||||
|
if (isset($_POST["view_as"]) && $_SESSION["role"] == Role::ADMIN) {
|
||||||
|
if (!isset($_SESSION["admin"]))
|
||||||
|
$_SESSION["admin"] = $_SESSION["user_id"];
|
||||||
|
$_SESSION["user_id"] = $user->getId();
|
||||||
|
header("Location: /");
|
||||||
|
exit();
|
||||||
|
}
|
||||||
|
|
||||||
$team = Team::fromId($user->getTeamId());
|
$team = Team::fromId($user->getTeamId());
|
||||||
$tournaments = $user->getOrganizedTournaments();
|
$tournaments = $user->getOrganizedTournaments();
|
||||||
|
|
||||||
|
|
|
@ -19,27 +19,12 @@ function loadUserValues()
|
||||||
$_SESSION["tournament"] = Tournament::fromId($team->getTournamentId());
|
$_SESSION["tournament"] = Tournament::fromId($team->getTournamentId());
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_GET["be-admin"])) {
|
if (isset($_GET["view-as-admin"])) {
|
||||||
quitTeam();
|
if (isset($_SESSION["admin"])) {
|
||||||
$user->setRole(Role::ADMIN);
|
$_SESSION["user_id"] = $_SESSION["admin"];
|
||||||
exit();
|
unset($_SESSION["admin"]);
|
||||||
}
|
}
|
||||||
|
header("Location: /");
|
||||||
if (isset($_GET["be-organizer"])) {
|
|
||||||
quitTeam();
|
|
||||||
$user->setRole(Role::ORGANIZER);
|
|
||||||
exit();
|
|
||||||
}
|
|
||||||
|
|
||||||
if (isset($_GET["be-participant"])) {
|
|
||||||
quitTeam();
|
|
||||||
$user->setRole(Role::PARTICIPANT);
|
|
||||||
exit();
|
|
||||||
}
|
|
||||||
|
|
||||||
if (isset($_GET["be-encadrant"])) {
|
|
||||||
quitTeam();
|
|
||||||
$user->setRole(Role::ENCADRANT);
|
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -85,25 +85,11 @@
|
||||||
<a class="nav-link" href="/inscription">Inscription</a>
|
<a class="nav-link" href="/inscription">Inscription</a>
|
||||||
</li>
|
</li>
|
||||||
<?php } else { ?>
|
<?php } else { ?>
|
||||||
|
<?php if (isset($_SESSION["admin"])) { ?>
|
||||||
<li class="nav-item active">
|
<li class="nav-item active">
|
||||||
<a class="nav-link">Changer de point de vue</a>
|
<a class="nav-link" href="/?view-as-admin">Retourner en vue administrateur</a>
|
||||||
<ul class="deroule">
|
|
||||||
<?php
|
|
||||||
if ($_SESSION["role"] != Role::ADMIN) {
|
|
||||||
echo "<li><a class=\"nav-link\" href=\"?be-admin=1\">Devenir administrateur</a></li>\n";
|
|
||||||
}
|
|
||||||
if ($_SESSION["role"] != Role::ORGANIZER) {
|
|
||||||
echo "<li><a class=\"nav-link\" href=\"?be-organizer=1\">Devenir organisateur</a></li>\n";
|
|
||||||
}
|
|
||||||
if ($_SESSION["role"] != Role::PARTICIPANT) {
|
|
||||||
echo "<li><a class=\"nav-link\" href=\"?be-participant=1\">Devenir participant</a></li>\n";
|
|
||||||
}
|
|
||||||
if ($_SESSION["role"] != Role::ENCADRANT) {
|
|
||||||
echo "<li><a class=\"nav-link\" href=\"?be-encadrant=1\">Devenir encadrant</a></li>\n";
|
|
||||||
}
|
|
||||||
?>
|
|
||||||
</ul>
|
|
||||||
</li>
|
</li>
|
||||||
|
<?php } ?>
|
||||||
<li class="nav-item active">
|
<li class="nav-item active">
|
||||||
<a class="nav-link" href="/deconnexion">Déconnexion</a>
|
<a class="nav-link" href="/deconnexion">Déconnexion</a>
|
||||||
</li>
|
</li>
|
||||||
|
|
|
@ -84,23 +84,36 @@ if (!$has_error) {
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<?php if ($user->getRole() == Role::PARTICIPANT) { ?>
|
<?php if ($user->getRole() == Role::PARTICIPANT) { ?>
|
||||||
|
<div class="alert alert-info">
|
||||||
Lycée : <?= $user->getSchool() ?><br />
|
Lycée : <?= $user->getSchool() ?><br />
|
||||||
Classe : <?php SchoolClass::getTranslatedName($user->getClass()) ?><br />
|
Classe : <?php SchoolClass::getTranslatedName($user->getClass()) ?>
|
||||||
Nom du responsable légal : <?= $user->getResponsibleName() ?><br />
|
</div>
|
||||||
Numéro de téléphone du responsable légal : <?= $user->getResponsiblePhone() ?><br />
|
|
||||||
Adresse e-mail du responsable légal : <a href="mailto:<?= $user->getResponsibleEmail() ?>"><?= $user->getResponsibleEmail() ?></a>
|
|
||||||
<?php } elseif ($user->getDescription() != "") { ?>
|
|
||||||
Description : <?= $user->getDescription() ?><br />
|
|
||||||
<?php }
|
|
||||||
|
|
||||||
echo "<hr />";
|
<div class="alert alert-info">
|
||||||
|
Nom du responsable légal : <?= $user->getResponsibleName() ?>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="alert alert-info">
|
||||||
|
Numéro de téléphone du responsable légal : <?= $user->getResponsiblePhone() ?>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="alert alert-info">
|
||||||
|
Adresse e-mail du responsable légal : <a href="mailto:<?= $user->getResponsibleEmail() ?>"><?= $user->getResponsibleEmail() ?></a>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<?php } elseif ($user->getDescription() != "") { ?>
|
||||||
|
<div class="alert alert-info">
|
||||||
|
Description : <?= $user->getDescription() ?>
|
||||||
|
</div>
|
||||||
|
<?php }
|
||||||
|
|
||||||
if ($user->getRole() == Role::ADMIN || $user->getRole() == Role::ORGANIZER) {
|
if ($user->getRole() == Role::ADMIN || $user->getRole() == Role::ORGANIZER) {
|
||||||
foreach ($tournaments as $tournament) {
|
foreach ($tournaments as $tournament) {
|
||||||
echo "Organise le tournoi <a href=\"/tournoi/" . $tournament->getName(). "\">" . $tournament->getName() . "</a><br />";
|
echo "<div class=\"alert alert-info\">Organise le tournoi <a href=\"/tournoi/" . $tournament->getName(). "\">" . $tournament->getName() . "</a></div>";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
elseif ($user->getRole() == Role::PARTICIPANT || $user->getRole() == Role::ENCADRANT) { ?>
|
elseif ($user->getRole() == Role::PARTICIPANT || $user->getRole() == Role::ENCADRANT) { ?>
|
||||||
|
|
||||||
<h2>Autorisations</h2>
|
<h2>Autorisations</h2>
|
||||||
<?php
|
<?php
|
||||||
printDocuments($documents);
|
printDocuments($documents);
|
||||||
|
@ -113,4 +126,12 @@ elseif ($user->getRole() == Role::PARTICIPANT || $user->getRole() == Role::ENCAD
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($_SESSION["role"] == Role::ADMIN) { ?>
|
||||||
|
<hr />
|
||||||
|
<form method="POST">
|
||||||
|
<input type="submit" name="view_as" class="btn btn-secondary btn-lg btn-block" style="background-color: #2ba42b"
|
||||||
|
value="Afficher le site en tant que <?= $user->getFirstName() . " " . $user->getSurname() ?>"/>
|
||||||
|
</form>
|
||||||
|
<?php }
|
||||||
|
|
||||||
require_once "footer.php";
|
require_once "footer.php";
|
Loading…
Reference in New Issue