query("SELECT * FROM `solutions` WHERE `file_id` = '$id';"); if (($data = $req->fetch()) === false) { $req = $DB->query("SELECT * FROM `syntheses` WHERE `file_id` = '$id';"); $type = "SYNTHESE"; if (($data = $req->fetch()) === false) { $req = $DB->query("SELECT * FROM `documents` WHERE `file_id` = '$id';"); $type = "DOCUMENT"; $data = $req->fetch(); } } if ($data !== false) { $team = Team::fromId($data["team"]); $tournament = Tournament::fromId($data["tournament"]); $trigram = $team->getTrigram(); if ($type == "SOLUTION") { $problem = $data["problem"]; $name = "Problème $problem $trigram.pdf"; if (($_SESSION["role"] == Role::PARTICIPANT || $_SESSION["role"] == Role::ENCADRANT) && (!isset($_SESSION["team"]) || $_SESSION["team"]->getId() != $team->getId())) require_once "server_files/403.php"; // TODO Seuls les organisateurs concernés doivent pouvoir télécharger les fichiers } else if ($type == "SYNTHESE") { $dest = $data["dest"]; $name = "Note de synthèse $trigram pour " . ($dest == "OPPOSANT" ? "l'opposant" : "le rapporteur") . ".pdf"; // TODO Seuls les organisateurs, défenseurs, opposants et rapporteurs doivent pouvoir télécharger les fichiers } else if ($type == "DOCUMENT") { $user_id = $data["user"]; $user = User::fromId($user_id); if (($_SESSION["role"] == Role::PARTICIPANT || $_SESSION["role"] == Role::ENCADRANT) && $user_id != $_SESSION["user_id"]) require_once "server_files/403.php"; // TODO Seuls les organisateurs concernés doivent pouvoir télécharger les fichiers $surname = $user->getSurname(); $first_name = $user->getFirstName(); switch ($data["type"]) { case "PARENTAL_CONSENT": $name = "Autorisation parentale"; break; case "PHOTO_CONSENT": $name = "Autorisation de droit à l'image"; break; case "SANITARY_PLUG": $name = "Fiche sanitaire"; break; } $name .= " de $first_name $surname.pdf"; } } else { require_once "server_files/404.php"; http_response_code(404); exit(); } header("Content-Type: application/pdf"); header("Content-Disposition: inline; filename=\"$name\""); readfile("$URL_BASE/files/$id"); exit();