From fffdaabe7c2fb92bd686b7462d507274bba95d8b Mon Sep 17 00:00:00 2001 From: galaxyoyo Date: Mon, 9 Sep 2019 23:28:03 +0200 Subject: [PATCH] =?UTF-8?q?Fichier=20"Mon=20=C3=A9quipe"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- server_files/classes/User.php | 16 +- server_files/controllers/mon_equipe.php | 207 +++++++++++------------- server_files/model.php | 71 +++++++- server_files/views/mon_equipe.php | 13 +- 4 files changed, 171 insertions(+), 136 deletions(-) diff --git a/server_files/classes/User.php b/server_files/classes/User.php index 7cef374..cd1fd8d 100644 --- a/server_files/classes/User.php +++ b/server_files/classes/User.php @@ -2,9 +2,9 @@ class User { - public $id; + private $id; public $email; - public $pwd_hash; + private $pwd_hash; public $surname; public $first_name; public $birth_date; @@ -20,12 +20,12 @@ class User public $responsible_phone; public $responsible_email; public $description; - public $role; - public $team_id; - public $year; - public $confirm_email; - public $forgotten_password; - public $inscription_date; + private $role; + private $team_id; + private $year; + private $confirm_email; + private $forgotten_password; + private $inscription_date; private function __construct() {} diff --git a/server_files/controllers/mon_equipe.php b/server_files/controllers/mon_equipe.php index 0f17104..bb14051 100644 --- a/server_files/controllers/mon_equipe.php +++ b/server_files/controllers/mon_equipe.php @@ -7,12 +7,35 @@ if (isset($_POST["leave_team"])) { $tournaments = Tournament::getAllTournaments(false, true); +$has_error = false; +$error_message = null; + if (isset($_POST["send_document"])) { - $error_message = sendDocument(); + $send_document = new SendDocument(); + try { + $send_document->makeVerifications(); + $send_document->sendDocument(); + } + catch (AssertionError $e) { + $has_error = true; + $error_message = $e->getMessage(); + } +} + +if (isset($_POST["team_edit"])) { + $my_team = new MyTeam($_POST); + try { + $my_team->makeVerifications(); + $my_team->updateTeam(); + } + catch (AssertionError $e) { + $has_error = true; + $error_message = $e->getMessage(); + } } if (isset($_POST["request_validation"])) { - if (!checkCanValidate()) + if (!canValidate($team, $tournament)) $error_message = "Votre équipe ne peut pas demander la validation : il manque soit des participants, soit des documents."; else $_SESSION["team"]->setValidationStatus(ValidationStatus::WAITING); @@ -32,127 +55,87 @@ if (isset($_SESSION["user_id"]) && isset($_SESSION["team"]) && $_SESSION["team"] $documents_final = $user->getAllDocuments($FINAL->getId()); } else - require_once "server_files/403.php"; + require_once "server_files/403.php"; -if (isset($_POST["team_edit"])) { - $error_message = updateTeam(); -} - -function sendDocument() +class SendDocument { - global $LOCAL_PATH, $DB, $FINAL; - - $type = strtoupper(htmlspecialchars($_POST["type"])); - if (!isset($type) || ($type != "PARENTAL_CONSENT" && $type != "PHOTO_CONSENT" && $type != "SANITARY_PLUG")) - return "Le type de document est invalide. Merci de ne pas formuler vos propres requêtes."; - - $file = $_FILES["document"]; - - if ($file["size"] > 5000000 || $file["error"]) - return "Une erreur est survenue. Merci de vérifier que le fichier pèse moins que 5 Mo."; - - if (finfo_file(finfo_open(FILEINFO_MIME_TYPE), $file["tmp_name"]) != 'application/pdf') - return "Le fichier doit être au format PDF."; - - if (!is_dir("$LOCAL_PATH/files") && !mkdir("$LOCAL_PATH/files")) - return "Les droits sont insuffisants. Veuillez contacter l'administrateur du serveur."; + private $file; + private $type; - do - $id = genRandomPhrase(64); - while (file_exists("$LOCAL_PATH/files/$id")); - - if (!rename($file["tmp_name"], "$LOCAL_PATH/files/$id")) - return "Une erreur est survenue lors de l'envoi du fichier."; - - $req = $DB->prepare("INSERT INTO `documents`(`file_id`, `user`, `team`, `tournament`, `type`) + public function __construct() + { + $this->file = $_FILES["document"]; + $this->type = strtoupper(htmlspecialchars($_POST["type"])); + } + + public function makeVerifications() + { + global $LOCAL_PATH; + + ensure($this->file["size"] <= 2e6, "Le fichier doit peser moins que 2 Mo."); + ensure(!$this->file["error"], "Une erreur est survenue."); + ensure(finfo_file(finfo_open(FILEINFO_MIME_TYPE), $this->file["tmp_name"]) == "application/pdf", "Le fichier doit être au format PDF."); + ensure(is_dir("$LOCAL_PATH/files") || mkdir("$LOCAL_PATH/files"), "Un problème est survenue dans l'envoi du fichier. Veuillez contacter l'administrateur du serveur."); + } + + public function sendDocument() + { + global $LOCAL_PATH, $DB, $FINAL; + + do + $id = genRandomPhrase(64); + while (file_exists("$LOCAL_PATH/files/$id")); + + if (!rename($this->file["tmp_name"], "$LOCAL_PATH/files/$id")) + throw new AssertionError("Une erreur est survenue lors de l'envoi du fichier."); + + $req = $DB->prepare("INSERT INTO `documents`(`file_id`, `user`, `team`, `tournament`, `type`) VALUES (?, ?, ?, ?, ?);"); - $req->execute([$id, $_SESSION["user_id"], $_SESSION["team"]->getId(), $_SESSION["team"]->isSelectedForFinal() ? $FINAL->getId() : $_SESSION["team"]->getTournamentId(), $type]); - - return false; + $req->execute([$id, $_SESSION["user_id"], $_SESSION["team"]->getId(), $_SESSION["team"]->isSelectedForFinal() ? $FINAL->getId() : $_SESSION["team"]->getTournamentId(), $this->type]); + } } -function updateTeam() +class MyTeam { - global $DB, $YEAR, $URL_BASE, $team; + public $name; + public $trigram; + public $tournament_id; + private $team; + private $tournament; - $name = htmlspecialchars($_POST["name"]); - - if (!isset($name) || $name == "") - return "Vous devez spécifier un nom d'équipe."; + public function __construct($data) + { + foreach ($data as $key => $value) + $this->$key = htmlspecialchars($value); - $result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `id` != " . $team->getId() . " AND `year` = '$YEAR';"); - if ($result->fetch()) - return "Une équipe existe déjà avec ce nom."; - - $trigram = strtoupper(htmlspecialchars($_POST["trigram"])); - - if (!preg_match("#^[A-Z][A-Z][A-Z]$#", $trigram)) - return "Le trigramme entré n'est pas valide."; - - $result = $DB->query("SELECT `id` FROM `teams` WHERE `trigram` = '" . $trigram . "' AND `id` != '" . $team->getId() . "' AND `year` = '$YEAR';"); - if ($result->fetch()) - return "Une équipe a déjà choisi ce trigramme."; - - $tournament_id = intval(htmlspecialchars($_POST["tournament"])); - $tournament = Tournament::fromId($tournament_id); - if ($tournament === null) - return "Le tournoi spécifié n'existe pas."; - - $team->setName($name); - $team->setTrigram($trigram); - $team->setTournamentId($tournament_id); - $_SESSION["tournament"] = $tournament; - - header("Location: $URL_BASE/mon_equipe"); - - return false; -} - -function checkCanValidate() -{ - global $DB, $team, $tournament, $YEAR; - - $can_validate = $team->getValidationStatus() == ValidationStatus::NOT_READY; - $can_validate &= $team->getEncadrants()[0] != NULL; - $can_validate &= $team->getParticipants()[3] != NULL; - for ($i = 1; $i <= 2; ++$i) { - if ($team->getEncadrants()[$i - 1] === NULL) - continue; - - $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); - $req->execute([$team->getEncadrants()[$i - 1], "PHOTO_CONSENT"]); - $d = $req->fetch(); - $can_validate &= $d["version"] > 0; - - $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); - $req->execute([$team->getEncadrants()[$i - 1], "SANITARY_PLUG"]); - $d = $req->fetch(); - $can_validate &= $d["version"] > 0; + $this->trigram = strtoupper($this->trigram); + $this->team = $_SESSION["team"]; + $this->tournament = Tournament::fromId($this->tournament_id); } - for ($i = 1; $i <= 6; ++$i) { - if ($team->getParticipants()[$i] === NULL) - continue; - - $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); - $req->execute([$team->getParticipants()[$i], "PHOTO_CONSENT"]); - $d = $req->fetch(); - $can_validate &= $d["version"] > 0; - - $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); - $req->execute([$team->getParticipants()[$i], "SANITARY_PLUG"]); - $d = $req->fetch(); - $can_validate &= $d["version"] > 0; - - $birth_date = $DB->query("SELECT `birth_date` FROM `users` WHERE `id` = " . $team->getParticipants()[$i] . ";")->fetch()["birth_date"]; - if ($birth_date > strval($YEAR - 18) . substr($tournament->getStartDate(), 4)) { - $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); - $req->execute([$team->getParticipants()[$i], "PARENTAL_CONSENT"]); - $d = $req->fetch(); - $can_validate &= $d["version"] > 0; - } + + public function makeVerifications() + { + ensure($this->name != "" && $this->name != null, "Veuillez spécifier un nom d'équipe."); + ensure($this->name == $this->team->getName() || !teamExists($this->name), "Une équipe existe déjà avec ce nom."); + ensure(preg_match("#^[A-Z]{3}$#", $this->trigram), "Le trigramme n'est pas valide."); + ensure($this->trigram == $this->team->getTrigram() || !trigramExists($this->trigram), "Une équipe a déjà choisi ce trigramme."); + ensure($this->tournament != null, "Le tournoi indiqué n'existe pas."); + ensure(date("y-m-d H:i:s") <= $this->tournament->getInscriptionDate(), "Les inscriptions sont terminées."); + ensure($this->team->getValidationStatus() == ValidationStatus::NOT_READY, "Votre équipe est déjà validée ou en cours de validation."); + } + + public function updateTeam() + { + global $URL_BASE; + + $this->team->setName($this->name); + $this->team->setTrigram($this->trigram); + $this->team->setTournamentId($this->tournament_id); + + $_SESSION["tournament"] = $this->tournament; + + header("Location: $URL_BASE/mon_equipe"); } - - return $can_validate; } require_once "server_files/views/mon_equipe.php"; diff --git a/server_files/model.php b/server_files/model.php index ece61da..0587714 100644 --- a/server_files/model.php +++ b/server_files/model.php @@ -2,7 +2,8 @@ $FINAL = Tournament::getFinalTournament(); -function loadUserValues() { +function loadUserValues() +{ $_SESSION["user"] = $_SESSION["team"] = $_SESSION["tournament"] = null; unset($_SESSION["user"]); unset($_SESSION["role"]); @@ -44,7 +45,8 @@ function loadUserValues() { } } -function quitTeam() { +function quitTeam() +{ global $DB, $URL_BASE; header("Location: $URL_BASE"); @@ -89,7 +91,8 @@ function quitTeam() { unset($_SESSION["team"]); } -function userExists($email) { +function userExists($email) +{ global $DB, $YEAR; $req = $DB->prepare("SELECT `id` FROM `users` WHERE `email` = ? AND `year` = '$YEAR';"); @@ -97,7 +100,8 @@ function userExists($email) { return $req->fetch(); } -function teamExists($name) { +function teamExists($name) +{ global $DB, $YEAR; $req = $DB->prepare("SELECT `id` FROM `teams` WHERE `name` = ? AND `year` = '$YEAR';"); @@ -105,7 +109,8 @@ function teamExists($name) { return $req->fetch(); } -function trigramExists($trigram) { +function trigramExists($trigram) +{ global $DB, $YEAR; $req = $DB->prepare("SELECT `id` FROM `teams` WHERE `trigram` = ? AND `year` = '$YEAR';"); @@ -113,7 +118,8 @@ function trigramExists($trigram) { return $req->fetch(); } -function tournamentExists($name) { +function tournamentExists($name) +{ global $DB, $YEAR; $req = $DB->prepare("SELECT `id` FROM `tournaments` WHERE `name` = ? AND `year` = '$YEAR';"); @@ -121,7 +127,55 @@ function tournamentExists($name) { return $req->fetch(); } -function printDocuments($documents) { +function canValidate(Team $team, Tournament $tournament) +{ + global $DB, $YEAR; + + $can_validate = $team->getValidationStatus() == ValidationStatus::NOT_READY; + $can_validate &= $team->getEncadrants()[0] != NULL; + $can_validate &= $team->getParticipants()[3] != NULL; + for ($i = 1; $i <= 2; ++$i) { + if ($team->getEncadrants()[$i - 1] === NULL) + continue; + + $req = $DB->prepare("SELECT COUNT(*) AS `version` FROM `documents` WHERE `user` = ? AND `tournament` = ? AND `type` = ?;"); + $req->execute([$team->getEncadrants()[$i - 1], $tournament->getId(), "PHOTO_CONSENT"]); + $d = $req->fetch(); + $can_validate &= $d["version"] > 0; + + $req = $DB->prepare("SELECT COUNT(*) AS `version` FROM `documents` WHERE `user` = ? AND `tournament` = ? AND `type` = ?;"); + $req->execute([$team->getEncadrants()[$i - 1], $tournament->getId(), "SANITARY_PLUG"]); + $d = $req->fetch(); + $can_validate &= $d["version"] > 0; + } + for ($i = 1; $i <= 6; ++$i) { + if ($team->getParticipants()[$i] === NULL) + continue; + + $req = $DB->prepare("SELECT COUNT(*) AS `version` FROM `documents` WHERE `user` = ? AND `tournament` = ? AND `type` = ?;"); + $req->execute([$team->getParticipants()[$i], $tournament->getId(), "PHOTO_CONSENT"]); + $d = $req->fetch(); + $can_validate &= $d["version"] > 0; + + $req = $DB->prepare("SELECT COUNT(*) AS `version` FROM `documents` WHERE `user` = ? AND `tournament` = ? AND `type` = ?;"); + $req->execute([$team->getParticipants()[$i], $tournament->getId(), "SANITARY_PLUG"]); + $d = $req->fetch(); + $can_validate &= $d["version"] > 0; + + $birth_date = $DB->query("SELECT `birth_date` FROM `users` WHERE `id` = " . $team->getParticipants()[$i] . ";")->fetch()["birth_date"]; + if ($birth_date > strval($YEAR - 18) . substr($tournament->getStartDate(), 4)) { + $req = $DB->prepare("SELECT COUNT(*) AS `version` FROM `documents` WHERE `user` = ? AND `tournament` = ? AND `type` = ?;"); + $req->execute([$team->getParticipants()[$i], $tournament->getId(), "PARENTAL_CONSENT"]); + $d = $req->fetch(); + $can_validate &= $d["version"] > 0; + } + } + + return $can_validate; +} + +function printDocuments($documents) +{ global $URL_BASE; foreach ($documents as $document) { @@ -135,7 +189,8 @@ function printDocuments($documents) { } } -function getZipFile($document_type, $tournament_id, $team_id = -1) { +function getZipFile($document_type, $tournament_id, $team_id = -1) +{ global $LOCAL_PATH; $tournament = Tournament::fromId($tournament_id); diff --git a/server_files/views/mon_equipe.php b/server_files/views/mon_equipe.php index 20c97c6..b11eb89 100644 --- a/server_files/views/mon_equipe.php +++ b/server_files/views/mon_equipe.php @@ -1,13 +1,10 @@ Erreur : " . $error_message . ""; - } else { +if ($has_error) + echo "

Erreur : " . $error_message . "

"; +elseif (isset($send_document)) echo "

Le fichier a été correctement envoyé !

"; - } -} ?>

Informations sur l'équipe

@@ -65,7 +62,7 @@ for ($i = 1; $i <= 6; ++$i) { - getId() . "\">" . $tournament->getName() . "\n"; @@ -147,7 +144,7 @@ for ($i = 1; $i <= 6; ++$i) {