plateforme-tfjm2/server_files/controllers/mon_compte.php

221 lines
6.9 KiB
PHP

<?php
if (!isset($_SESSION["user_id"]))
require_once "server_files/403.php";
/**
* @var User $user
* @var Team $team
* @var Tournament $tournament
*/
$user = $_SESSION["user"];
$team = $_SESSION["team"];
if ($team != null)
$tournament = Tournament::fromId($team->getTournamentId());
$has_error = false;
$error_message = null;
if (isset($_POST["update_account"])) {
$my_account = new MyAccount($_POST);
try {
$my_account->makeVerifications();
$my_account->updateAccount();
}
catch (AssertionError $e) {
$has_error = true;
$error_message = $e->getMessage();
}
}
if (isset($_POST["update_password"])) {
$new_password = new NewPassword($_POST);
try {
$new_password->makeVerifications();
$new_password->updatePassword();
}
catch (AssertionError $e) {
$has_error = true;
$error_message = $e->getMessage();
}
}
if (isset($_POST["send_document"])) {
$send_document = new SendDocument();
try {
$send_document->makeVerifications();
$send_document->sendDocument();
}
catch (AssertionError $e) {
$has_error = true;
$error_message = $e->getMessage();
}
}
class MyAccount
{
public $email;
public $surname;
public $first_name;
public $birth_date;
public $gender;
public $address;
public $postal_code;
public $city;
public $country;
public $phone_number;
public $school;
public $class;
public $responsible_name;
public $responsible_phone;
public $responsible_email;
public $description;
private $user;
public function __construct($data)
{
foreach ($data as $key => $value)
$this->$key = htmlspecialchars($value);
$this->user = $_SESSION["user"];
$keys = ["email", "surname", "first_name", "birth_date", "gender", "address", "postal_code", "city", "country", "phone_number",
"school", "class", "responsible_name", "responsible_phone", "responsible_email", "description"];
if ($this->user->getRole() == Role::PARTICIPANT)
$this->class = SchoolClass::fromName(strtoupper($this->class));
else
$this->class = SchoolClass::ADULT;
foreach ($keys as $key)
$this->$key = $this->$key != null && $this->$key != "" ? $this->$key : $this->user->$key;
}
public function makeVerifications()
{
global $YEAR;
ensure(filter_var($this->email, FILTER_VALIDATE_EMAIL), "L'adresse e-mail entrée est invalide.");
$this->email = strtolower($this->email);
ensure($this->email == $this->user->getEmail() || !userExists($this->email), "Un compte existe déjà avec cette adresse e-mail.");
ensure(dateWellFormed($this->birth_date), "La date de naissance est invalide.");
ensure($this->birth_date < $YEAR . "-01-01", "Vous devez être né.");
ensure($this->gender == "M" || $this->gender == "F", "Le sexe indiqué est invalide.");
ensure(preg_match("#^[0-9]{4}[0-9]?$#", $this->postal_code) && intval($this->postal_code) >= 01000 && intval($this->postal_code) <= 95999, "Le code postal est invalide.");
ensure(strlen($this->phone_number) >= 10, "Le numéro de téléphone est invalide.");
if ($this->user->getRole() == Role::PARTICIPANT) {
if ($this->birth_date > strval($YEAR - 18) . "04-01") {
ensure($this->responsible_name != "", "Veuillez spécifier un responsable légal.");
ensure(strlen($this->responsible_phone) >= 10, "Veuillez rentrer le numéro de téléphone de votre responsable légal.");
ensure(filter_var($this->responsible_email, FILTER_VALIDATE_EMAIL), "Veuillez spécifier un responsable légal.");
}
}
}
public function updateAccount()
{
$this->user->setSurname($this->surname);
$this->user->setFirstName($this->first_name);
$this->user->setBirthDate($this->birth_date);
$this->user->setGender($this->gender);
$this->user->setAddress($this->address);
$this->user->setPostalCode($this->postal_code);
$this->user->setCity($this->city);
$this->user->setCountry($this->country);
$this->user->setPhoneNumber($this->phone_number);
$this->user->setSchool($this->school);
$this->user->setClass($this->class);
$this->user->setResponsibleName($this->responsible_name);
$this->user->setResponsiblePhone($this->responsible_phone);
$this->user->setResponsibleEmail($this->responsible_email);
$this->user->setDescription($this->description);
if ($this->email != $this->user->getEmail()) {
$this->user->setEmail($this->email);
$this->user->setConfirmEmailToken(genRandomPhrase(64));
Mailer::sendChangeEmailAddressMail($this->user);
}
}
}
class NewPassword
{
private $user;
private $old_password;
private $new_password;
private $confirm_password;
public function __construct($data)
{
foreach ($data as $key => $value)
$this->$key = htmlspecialchars($value);
$this->user = $_SESSION["user"];
}
public function makeVerifications()
{
ensure($this->user->checkPassword($this->old_password), "L'ancien mot de passe est incorrect.");
ensure(strlen($this->new_password) >= 8, "Le mot de passe doit comporter au moins 8 caractères.");
ensure($this->new_password == $this->confirm_password, "Les deux mots de passe sont différents.");
}
public function updatePassword()
{
$this->user->setPassword($this->new_password);
Mailer::sendChangePasswordMail($this->user);
}
}
class SendDocument
{
private $file;
private $type;
public function __construct()
{
$this->file = $_FILES["document"];
$this->type = strtoupper(htmlspecialchars($_POST["type"]));
}
public function makeVerifications()
{
global $LOCAL_PATH;
ensure($this->file["size"] <= 2e6, "Le fichier doit peser moins que 2 Mo.");
ensure(!$this->file["error"], "Une erreur est survenue.");
$mime = finfo_file(finfo_open(FILEINFO_MIME_TYPE), $this->file["tmp_name"]);
ensure($mime == "application/pdf" || $mime = "image/png" || $mime == "image/jpeg", "Le fichier doit être au format PDF.");
ensure(is_dir("$LOCAL_PATH/files") || mkdir("$LOCAL_PATH/files"), "Un problème est survenue dans l'envoi du fichier. Veuillez contacter l'administrateur du serveur.");
}
public function sendDocument()
{
global $LOCAL_PATH, $DB, $FINAL;
do
$id = genRandomPhrase(64);
while (file_exists("$LOCAL_PATH/files/$id"));
if (!rename($this->file["tmp_name"], "$LOCAL_PATH/files/$id"))
throw new AssertionError("Une erreur est survenue lors de l'envoi du fichier.");
$req = $DB->prepare("INSERT INTO `documents`(`file_id`, `user`, `team`, `tournament`, `type`)
VALUES (?, ?, ?, ?, ?);");
$req->execute([$id, $this->type == DocumentType::getName(DocumentType::MOTIVATION_LETTER) ? -1 : $_SESSION["user_id"], $_SESSION["team"]->getId(),
$_SESSION["team"]->isSelectedForFinal() ? $FINAL->getId() : $_SESSION["team"]->getTournamentId(), $this->type]);
}
}
if ($team != null) {
$documents = $user->getAllDocuments($team->getTournamentId());
if ($team->isSelectedForFinal())
$documents_final = $user->getAllDocuments($FINAL->getId());
}
require_once "server_files/views/mon_compte.php";