query("SELECT `id`, `name` FROM `tournaments` WHERE `year` = '$YEAR';"); if (isset($_POST["send_document"])) { $error_message = sendDocument(); } if (isset($_POST["request_validation"])) { if (!checkCanValidate()) $error_message = "Votre équipe ne peut pas demander la validation : il manque soit des participants, soit des documents."; else { $DB->exec("UPDATE `teams` SET `validation_status` = 'WAITING' WHERE `id` = " . $_SESSION["team_id"] . ";"); $_SESSION["team_validation_status"] = "WAITING"; } } if (isset($_SESSION["user_id"]) && isset($_SESSION["team_id"])) { $result = $DB->query("SELECT * FROM `teams` WHERE `id` = '" . $_SESSION["team_id"] . "' AND `year` = '$YEAR';"); $team_data = $result->fetch(); $tournament_data = $DB->query("SELECT `name`, `date_start` FROM `tournaments` WHERE `id` = '" . $team_data["tournament"] . "' AND `year` = '$YEAR';")->fetch(); $documents_req = $DB->prepare("SELECT `file_id`, `type`, COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `tournament` = ? GROUP BY `type`, `uploaded_at` ORDER BY `type`, `uploaded_at` DESC;"); $documents_req->execute([$_SESSION["user_id"], $_SESSION[isset($_SESSION["final_id"]) ? "final_id" : "tournament_id"]]); } else require_once "../403.php"; if (isset($_POST["team_edit"])) { $error_message = updateTeam(); } function sendDocument() { global $LOCAL_PATH, $DB; $type = strtoupper(htmlspecialchars($_POST["type"])); if (!isset($type) || ($type != "PARENTAL_CONSENT" && $type != "PHOTO_CONSENT" && $type != "SANITARY_PLUG")) return "Le type de document est invalide. Merci de ne pas formuler vos propres requêtes."; $file = $_FILES["document"]; if ($file["size"] > 5000000 || $file["error"]) return "Une erreur est survenue. Merci de vérifier que le fichier pèse moins que 5 Mo."; if (finfo_file(finfo_open(FILEINFO_MIME_TYPE), $file["tmp_name"]) != 'application/pdf') return "Le fichier doit être au format PDF."; if (!is_dir("$LOCAL_PATH/files") && !mkdir("$LOCAL_PATH/files")) return "Les droits sont insuffisants. Veuillez contacter l'administrateur du serveur."; $alphabet = "abcdefghijklmnopqrstuvwxyz0123456789"; do { $id = ""; for ($i = 0; $i < 64; ++$i) { $id .= $alphabet[rand(0, strlen($alphabet) - 1)]; } } while (file_exists("$LOCAL_PATH/files/$id")); if (!rename($file["tmp_name"], "$LOCAL_PATH/files/$id")) return "Une erreur est survenue lors de l'envoi du fichier."; $req = $DB->prepare("INSERT INTO `documents`(`file_id`, `user`, `team`, `tournament`, `type`) VALUES (?, ?, ?, ?, ?);"); $req->execute([$id, $_SESSION["user_id"], $_SESSION["team_id"], $_SESSION[isset($_SESSION["final_id"]) ? "final_id" : "tournament_id"], $type]); return false; } function updateTeam() { global $DB, $YEAR, $URL_BASE, $team_data; if ($_SESSION["team_id"] == NULL) return "Vous n'êtes pas dans une équipe."; $name = htmlspecialchars($_POST["name"]); if (!isset($name) || $name == "") return "Vous devez spécifier un nom d'équipe."; echo $team_data["id"]; $result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `id` != " . $team_data["id"] . " AND `year` = '$YEAR';"); if ($result->fetch()) return "Une équipe existe déjà avec ce nom." . $team_data["id"]; $trigram = strtoupper(htmlspecialchars($_POST["trigram"])); if (!preg_match("#^[A-Z][A-Z][A-Z]$#", $trigram)) return "Le trigramme entré n'est pas valide."; $result = $DB->query("SELECT `id` FROM `teams` WHERE `trigram` = '" . $trigram . "' AND `id` != '" . $team_data["id"] . "' AND `year` = '$YEAR';"); if ($result->fetch()) return "Une équipe a déjà choisi ce trigramme."; $tournament_id = intval(htmlspecialchars($_POST["tournament"])); $result = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `id` = '" . $tournament_id . "' AND `year` = '$YEAR';"); $data = $result->fetch(); if ($data === FALSE) return "Le tournoi spécifié n'existe pas."; $req = $DB->prepare("UPDATE `teams` SET `name` = ?, `trigram` = ?, `tournament` = ? WHERE `id` = ?;"); $req->execute([$name, $trigram, $tournament_id, $team_data["id"]]); header("Location: $URL_BASE/mon_equipe"); return false; } function checkCanValidate() { global $DB, $team_data, $tournament_data, $YEAR; $can_validate = $team_data["validation_status"] == "NOT_READY"; $can_validate &= $team_data["encadrant_1"] != NULL; $can_validate &= $team_data["participant_4"] != NULL; for ($i = 1; $i <= 2; ++$i) { if ($team_data["encadrant_$i"] === NULL) continue; $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); $req->execute([$team_data["encadrant_$i"], "PHOTO_CONSENT"]); $d = $req->fetch(); $can_validate &= $d["version"] > 0; $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); $req->execute([$team_data["encadrant_$i"], "SANITARY_PLUG"]); $d = $req->fetch(); $can_validate &= $d["version"] > 0; } for ($i = 1; $i <= 6; ++$i) { if ($team_data["participant_$i"] === NULL) continue; $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); $req->execute([$team_data["participant_$i"], "PHOTO_CONSENT"]); $d = $req->fetch(); $can_validate &= $d["version"] > 0; $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); $req->execute([$team_data["participant_$i"], "SANITARY_PLUG"]); $d = $req->fetch(); $can_validate &= $d["version"] > 0; $birth_date = $DB->query("SELECT `birth_date` FROM `users` WHERE `id` = " . $team_data["participant_$i"] . ";")->fetch()["birth_date"]; if ($birth_date > strval($YEAR - 18) . substr($tournament_data["date_start"], 4)) { $req = $DB->prepare("SELECT COUNT(`type`) AS `version` FROM `documents` WHERE `user` = ? AND `type` = ? GROUP BY `uploaded_at` ORDER BY `uploaded_at` DESC;"); $req->execute([$team_data["participant_$i"], "PARENTAL_CONSENT"]); $d = $req->fetch(); $can_validate &= $d["version"] > 0; } } return $can_validate; } require_once "../views/header.php"; require_once "../views/mon_equipe.php"; require_once "../views/footer.php";