diff --git a/server_files/classes/User.php b/server_files/classes/User.php index b037e12..7cef374 100644 --- a/server_files/classes/User.php +++ b/server_files/classes/User.php @@ -2,30 +2,30 @@ class User { - private $id; - private $email; - private $pwd_hash; - private $surname; - private $first_name; - private $birth_date; - private $gender; - private $address; - private $postal_code; - private $city; - private $country; - private $phone_number; - private $school; - private $class; - private $responsible_name; - private $responsible_phone; - private $responsible_email; - private $description; - private $role; - private $team_id; - private $year; - private $confirm_email; - private $forgotten_password; - private $inscription_date; + public $id; + public $email; + public $pwd_hash; + public $surname; + public $first_name; + public $birth_date; + public $gender; + public $address; + public $postal_code; + public $city; + public $country; + public $phone_number; + public $school; + public $class; + public $responsible_name; + public $responsible_phone; + public $responsible_email; + public $description; + public $role; + public $team_id; + public $year; + public $confirm_email; + public $forgotten_password; + public $inscription_date; private function __construct() {} @@ -238,7 +238,7 @@ class User { global $DB; $this->school = $school; - $DB->prepare("UPDATE `users` SET `school` = ? WHERE `id` = ?;")->execute([$school, $this->getId()]); + $DB->prepare("UPDATE `users` SET `school` = ? WHERE `id` = ?;")->execute([SchoolClass::getName($school), $this->getId()]); } public function getClass() diff --git a/server_files/config.php b/server_files/config.php index a57349b..e67905d 100644 --- a/server_files/config.php +++ b/server_files/config.php @@ -7,8 +7,6 @@ $YEAR = $_ENV["TFJM_YEAR"]; $URL_BASE = $_ENV["TFJM_URL_BASE"]; $LOCAL_PATH = $_ENV["TFJM_LOCAL_PATH"]; $MAIL_DOMAIN = $_ENV["TFJM_MAIL_DOMAIN"]; -// TODO Remove -$MAIL_ADDRESS = "contact@" . $MAIL_DOMAIN; /** * DB infos diff --git a/server_files/controllers/equipe.php b/server_files/controllers/equipe.php index c989b0b..14d1b13 100644 --- a/server_files/controllers/equipe.php +++ b/server_files/controllers/equipe.php @@ -18,7 +18,6 @@ if (isset($_POST["validate"])) { if (isset($_POST["select"])) { $team->selectForFinal(true); $team->setValidationStatus(ValidationStatus::NOT_READY); - $tournament = Tournament::fromId($team->getTournamentId()); $sols = $tournament->getAllSolutions($team->getId()); /** @var Solution $sol */ foreach ($sols as $sol) { @@ -36,9 +35,9 @@ if (isset($_POST["select"])) { if (isset($_POST["download_zip"])) { $final = isset($_POST["final"]); - $tournament = $final ? $FINAL : Tournament::fromId($team->getTournamentId()); + $tournament_dest = $final ? $FINAL : $tournament; - $file_name = getZipFile(DocumentType::PARENTAL_CONSENT, $tournament->getId(), $team->getId()); + $file_name = getZipFile(DocumentType::PARENTAL_CONSENT, $tournament_dest->getId(), $team->getId()); header("Content-Type: application/zip"); header("Content-Disposition: attachment; filename=\"Documents de l'équipe " . $team->getTrigram() . ".zip\""); diff --git a/server_files/controllers/mon_compte.php b/server_files/controllers/mon_compte.php index 9db09e9..b4f799b 100644 --- a/server_files/controllers/mon_compte.php +++ b/server_files/controllers/mon_compte.php @@ -6,122 +6,147 @@ if (!isset($_SESSION["user_id"])) /** @var User $user */ $user = $_SESSION["user"]; +$has_error = false; +$error_message = null; + if (isset($_POST["submitted"])) { - $error_message = updateAccount(); -} elseif (isset($_POST["submitted_password"])) { - $error_message = updatePassword(); + $my_account = new MyAccount($_POST); + try { + $my_account->makeVerifications(); + $my_account->updateAccount(); + } + catch (AssertionError $e) { + $has_error = true; + $error_message = $e->getMessage(); + } } -function updateAccount() -{ - global $user; - - $surname = htmlspecialchars($_POST["surname"]); - if (isset($surname) && $surname != "") - $user->setSurname($surname); - - $first_name = htmlspecialchars($_POST["firstname"]); - if (isset($first_name) && $first_name != "") - $user->setFirstName($first_name); - - $birth_date = htmlspecialchars($_POST["birth_date"]); - if (isset($birth_date) && $birth_date != "") - $user->setBirthDate($birth_date); - - if (isset($_POST["gender"])) { - $gender = htmlspecialchars($_POST["gender"]); - if (isset($gender) && ($gender == "M" || $gender == "F")) - $user->setGender($gender); - } - - $address = htmlspecialchars($_POST["address"]); - if (isset($address) && $address != "") - $user->setAddress($address); - - $postal_code = htmlspecialchars($_POST["postal_code"]); - if (isset($postal_code) && $postal_code != "") - $user->setPostalCode($postal_code); - - $city = htmlspecialchars($_POST["city"]); - if (isset($city) && $city != "") - $user->setCity($city); - - $country = htmlspecialchars($_POST["country"]); - if (isset($country) && $country != "") - $user->setCountry($country); - - $phone_number = htmlspecialchars($_POST["phone_number"]); - if (isset($phone_number) && $phone_number != "") - $user->setPhoneNumber($phone_number); - - if (isset($_POST["school"])) { - $school = htmlspecialchars($_POST["school"]); - if (isset($school) && $school != "") - $user->setSchool($school); - } - - if (isset($_POST["class"])) { - $class = htmlspecialchars($_POST["class"]); - if (isset($class) && ($class == "terminale" || $class == "premiere" || $class == "seconde")) - $user->setClass($class); - } - - if (isset($_POST["responsible_name"])) { - $responsible_name = htmlspecialchars($_POST["responsible_name"]); - if (isset($responsible_name) && $responsible_name != "") - $user->setResponsibleName($responsible_name); +if (isset($_POST["submitted_password"])) { + $new_password = new NewPassword($_POST); + try { + $new_password->makeVerifications(); + $new_password->updatePassword(); } - - if (isset($_POST["responsible_phone"])) { - $responsible_phone = htmlspecialchars($_POST["responsible_phone"]); - if (isset($responsible_phone) && $responsible_phone != "") - $user->setResponsiblePhone($responsible_phone); + catch (AssertionError $e) { + $has_error = true; + $error_message = $e->getMessage(); } - - if (isset($_POST["responsible_email"])) { - $responsible_email = htmlspecialchars($_POST["responsible_email"]); - if (isset($responsible_email) && $responsible_email != "") - $user->setResponsibleEmail($responsible_email); - } - - if (isset($_POST["description"])) { - $description = htmlspecialchars($_POST["description"]); - if (isset($description) && $description != "") - $user->setDescription($description); - } - - $email = htmlspecialchars($_POST["email"]); - if (isset($email) && $email != "" && filter_var($email, FILTER_VALIDATE_EMAIL)) { - $confirm_email_token = genRandomPhrase(64); - $user->setEmail($email); - $user->setConfirmEmailToken($confirm_email_token); - - Mailer::sendChangeEmailAddressMail($user); - } - - return false; } -function updatePassword() +class MyAccount { - global $user; + public $email; + public $surname; + public $first_name; + public $birth_date; + public $gender; + public $address; + public $postal_code; + public $city; + public $country; + public $phone_number; + public $school; + public $class; + public $responsible_name; + public $responsible_phone; + public $responsible_email; + public $description; + private $user; - $old = htmlspecialchars($_POST["old_password"]); - $new = htmlspecialchars($_POST["new_password"]); - $confirm = htmlspecialchars($_POST["confirm_password"]); + public function __construct($data) + { + foreach ($data as $key => $value) + $this->$key = htmlspecialchars($value); - if (!$user->checkPassword($old)) - return "L'ancien mot de passe est incorrect."; + $this->user = $_SESSION["user"]; - if (strlen($new) < 8) - return "Le mot de passe doit comporter au moins 8 caractères."; + $keys = ["email", "surname", "first_name", "birth_date", "gender", "address", "postal_code", "city", "country", "phone_number", + "school", "class", "responsible_name", "responsible_phone", "responsible_email", "description"]; - if ($new != $confirm) - return "Les deux mots de passe sont différents."; + if ($this->user->getRole() == Role::PARTICIPANT) + $this->class = SchoolClass::fromName($this->class); - $user->setPassword($new); + foreach ($keys as $key) + $this->$key = $this->$key != null && $this->$key != "" ? $this->$key : $this->user->$key; + } - return false; + public function makeVerifications() + { + global $YEAR; + + ensure(filter_var($this->email, FILTER_VALIDATE_EMAIL), "L'adresse e-mail entrée est invalide."); + $this->email = strtolower($this->email); + ensure($this->email == $this->user->getEmail() || !userExists($this->email), "Un compte existe déjà avec cette adresse e-mail."); + ensure(dateWellFormed($this->birth_date), "La date de naissance est invalide."); + ensure($this->birth_date < $YEAR . "-01-01", "Vous devez être né."); + ensure($this->gender == "M" || $this->gender == "F", "Le sexe indiqué est invalide."); + ensure(preg_match("#^[0-9]{4}[0-9]?$#", $this->postal_code) && intval($this->postal_code) >= 01000 && intval($this->postal_code) <= 95999, "Le code postal est invalide."); + ensure(strlen($this->phone_number) >= 10, "Le numéro de téléphone est invalide."); + + if ($this->user->getRole() == Role::PARTICIPANT) { + if ($this->birth_date > strval($YEAR - 18) . "04-01") { + ensure($this->responsible_name != "", "Veuillez spécifier un responsable légal."); + ensure(strlen($this->responsible_phone) >= 10, "Veuillez rentrer le numéro de téléphone de votre responsable légal."); + ensure(filter_var($this->responsible_email, FILTER_VALIDATE_EMAIL), "Veuillez spécifier un responsable légal."); + } + } + } + + public function updateAccount() + { + $this->user->setSurname($this->surname); + $this->user->setFirstName($this->first_name); + $this->user->setBirthDate($this->birth_date); + $this->user->setGender($this->gender); + $this->user->setAddress($this->address); + $this->user->setPostalCode($this->postal_code); + $this->user->setCity($this->city); + $this->user->setCountry($this->country); + $this->user->setPhoneNumber($this->phone_number); + $this->user->setSchool($this->school); + $this->user->setClass($this->class); + $this->user->setResponsibleName($this->responsible_name); + $this->user->setResponsiblePhone($this->responsible_phone); + $this->user->setResponsibleEmail($this->responsible_email); + $this->user->setDescription($this->description); + + if ($this->email != $this->user->getEmail()) { + $this->user->setEmail($this->email); + $this->user->setConfirmEmailToken(genRandomPhrase(64)); + + Mailer::sendChangeEmailAddressMail($this->user); + } + } +} + +class NewPassword +{ + private $user; + private $old_password; + private $new_password; + private $confirm_password; + + public function __construct($data) + { + foreach ($data as $key => $value) + $this->$key = htmlspecialchars($value); + + $this->user = $_SESSION["user"]; + } + + public function makeVerifications() + { + ensure($this->user->checkPassword($this->old_password), "L'ancien mot de passe est incorrect."); + ensure(strlen($this->new_password) >= 8, "Le mot de passe doit comporter au moins 8 caractères."); + ensure($this->new_password == $this->confirm_password, "Les deux mots de passe sont différents."); + } + + public function updatePassword() + { + $this->user->setPassword($this->new_password); + + Mailer::sendChangePasswordMail($this->user); + } } require_once "server_files/views/mon_compte.php"; diff --git a/server_files/views/mon_compte.php b/server_files/views/mon_compte.php index c96e1be..7ddc241 100644 --- a/server_files/views/mon_compte.php +++ b/server_files/views/mon_compte.php @@ -1,16 +1,14 @@ Erreur : " . $error_message . ""; -?> -