plateforme-tfjm2/server_files/syntheses.php

124 lines
4.1 KiB
PHP

<?php
include 'config.php';
if (!isset($_SESSION["team_id"]))
include "403.php";
if (isset($_POST["send_synthese"])) {
$error_message = saveSynthese();
}
$syntheses_req = $DB->prepare("SELECT `file_id`, `dest`, COUNT(`dest`) AS `version` FROM `syntheses` WHERE `team` = ? AND `tournament` = ? GROUP BY `dest`, `uploaded_at` ORDER BY `dest`, `uploaded_at` DESC;");
$syntheses_req->execute([$_SESSION["team_id"], $_SESSION[isset($_SESSION["final_id"]) ? "final_id" : "tournament_id"]]);
$tournament_req = $DB->prepare("SELECT `date_solutions`, `date_syntheses` FROM `tournaments` WHERE `id` = ?;");
$tournament_req->execute([$_SESSION[isset($_SESSION["final_id"]) ? "final_id" : "tournament_id"]]);
$tournament_data = $tournament_req->fetch();
function saveSynthese() {
global $LOCAL_PATH, $DB;
$dest = strtoupper(htmlspecialchars($_POST["dest"]));
if (!isset($dest) || ($dest != "OPPOSANT" && $dest != "RAPPORTEUR"))
return "Le destinataire est invalide.";
$file = $_FILES["synthese"];
if ($file["size"] > 5000000 || $file["error"])
return "Une erreur est survenue. Merci de vérifier que le fichier pèse moins que 5 Mo.";
if (finfo_file(finfo_open(FILEINFO_MIME_TYPE), $file["tmp_name"]) != 'application/pdf')
return "Le fichier doit être au destmat PDF.";
if (!is_dir("$LOCAL_PATH/files") && !mkdir("$LOCAL_PATH/files"))
return "Les droits sont insuffisants. Veuillez contacter l'administrateur du serveur.";
$alphabet = "abcdefghijklmnopqrstuvwxyz0123456789";
do {
$id = "";
for ($i = 0; $i < 64; ++$i) {
$id .= $alphabet[rand(0, strlen($alphabet) - 1)];
}
}
while (file_exists("$LOCAL_PATH/files/$id"));
if (!rename($file["tmp_name"], "$LOCAL_PATH/files/$id"))
return "Une erreur est survenue lors de l'envoi du fichier.";
$req = $DB->prepare("INSERT INTO `syntheses`(`file_id`, `team`, `tournament`, `dest`) VALUES (?, ?, ?, ?);");
$req->execute([$id, $_SESSION["team_id"], $_SESSION["tournament_id"], $dest]);
return false;
}
?>
<?php include 'header.php' ?>
<?php
if (date("yyyy-mm-dd") < $tournament_data["date_solutions"]) {
echo "<h3>Il est trop tôt pour se préoccuper des notes de synthèse, attendez le tirage des poules.</h3>";
include "footer.php";
}
if (isset($error_message)) {
if ($error_message !== false) {
echo "<h2>Erreur : " . $error_message . "</h2>";
}
else {
echo "<h2>Le fichier a été correctement envoyé !</h2>";
}
}?>
<?php if (date("yyyy-mm-dd") < $tournament_data["date_syntheses"]) { ?>
<form method="post" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="5000000" />
<table style="width: 100%;">
<tbody>
<tr>
<td>
<label for="dest">Destination de la note de synthèse :</label>
</td>
<td>
<select style="width: 100%;" id="dest" name="dest">
<option value="opposant">Opposant</option>
<option value="rapporteur">Rapporteur</option>
</select>
</td>
</tr>
<tr>
<td>
<label for="file">Fichier :</label>
</td>
<td>
<input type="file" id="file" name="synthese" />
</td>
</tr>
<tr>
<td colspan="2">
<input style="width: 100%;" type="submit" name="send_synthese" value="Envoyer" />
</td>
</tr>
</tbody>
</table>
</form>
<?php } ?>
<div style="padding: 20px"></div>
<h2>Notes de synthèse soumises :</h2>
<?php
while (($data = $syntheses_req->fetch()) !== false) {
$file_id = $data["file_id"];
$dest = $data["dest"];
$version = $data["version"];
echo "Note de synthèse pour " . ($dest == "OPPOSANT" ? "l'opposant" : "le rapporteur") . " (Version $version) : <a href=\"$URL_BASE/file/$file_id\">Télécharger</a><br />";
}
?>
<?php include 'footer.php' ?>