134 lines
5.1 KiB
PHP
134 lines
5.1 KiB
PHP
<?php
|
|
|
|
require_once "../config.php";
|
|
|
|
if (isset($_POST["submitted"])) {
|
|
$error_message = register();
|
|
}
|
|
|
|
function register() {
|
|
global $DB, $YEAR, $URL_BASE, $MAIL_ADDRESS;
|
|
global $email, $firstname, $surname, $birth_date, $gender, $address, $postal_code, $city, $country, $phone_number, $role, $school, $class, $responsible_name, $responsible_phone, $responsible_email;
|
|
|
|
$email = strtolower(htmlspecialchars($_POST["email"]));
|
|
|
|
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
|
|
return "L'email entrée est invalide.";
|
|
|
|
$result = $DB->query("SELECT `email` FROM `users` WHERE `email` = '" . $email . "' AND `year` = '$YEAR';");
|
|
if ($result->fetch())
|
|
return "Un compte existe déjà avec cette adresse e-mail.";
|
|
|
|
$password = htmlspecialchars($_POST["password"]);
|
|
if (strlen($password) < 8)
|
|
return "Le mot de passe doit comporter au moins 8 caractères.";
|
|
if ($password != $_POST["confirm_password"])
|
|
return "Les deux mots de passe sont différents.";
|
|
|
|
$password = password_hash($password, PASSWORD_BCRYPT);
|
|
|
|
$surname = strtoupper(htmlspecialchars($_POST["surname"]));
|
|
if (!isset($surname) || $surname == "")
|
|
return "Le nom de famille est obligatoire.";
|
|
|
|
$firstname = htmlspecialchars($_POST["firstname"]);
|
|
if (!isset($surname) || $surname == "")
|
|
return "Le prénom est obligatoire.";
|
|
|
|
$birth_date = date_parse_from_format("yyyy-mm-dd", htmlspecialchars($_POST["birth_date"]));
|
|
|
|
if ($birth_date === FALSE)
|
|
return "La date de naissance est invalide.";
|
|
|
|
if (htmlspecialchars($_POST["birth_date"]) >= $YEAR . "-01-01")
|
|
return "Vous devez avoir un âge strictement positif. Date de naissance rentrée : " . htmlspecialchars($_POST["birth_date"]);
|
|
|
|
$gender = htmlspecialchars($_POST["gender"]);
|
|
|
|
if (!isset($gender) || ($gender != "M" && $gender != "F"))
|
|
return "Le sexe indiqué est invalide.";
|
|
|
|
$address = htmlspecialchars($_POST["address"]);
|
|
|
|
if (!isset($address))
|
|
$address = "";
|
|
|
|
try {
|
|
$postal_code = intval($_POST["postal_code"]);
|
|
if ($postal_code < 1000 || $postal_code > 95999)
|
|
return "Le code postal est invalide.";
|
|
}
|
|
catch (Exception $ex) {
|
|
return "Le code postal n'est pas un nombre valide.";
|
|
}
|
|
|
|
$city = htmlspecialchars($_POST["city"]);
|
|
|
|
if (!isset($city))
|
|
$city = "";
|
|
|
|
$country = htmlspecialchars($_POST["country"]);
|
|
|
|
if (!isset($country))
|
|
$country = "France";
|
|
|
|
$phone_number = htmlspecialchars($_POST["phone_number"]);
|
|
|
|
if (!isset($phone_number) || $phone_number == "")
|
|
return "Vous devez renseigner un numéro de téléphone.";
|
|
|
|
$role = htmlspecialchars($_POST["role"]);
|
|
|
|
if (!isset($role) || ($role != "participant" && $role != "encadrant"))
|
|
return "Le rôle entré n'est pas valide.";
|
|
|
|
$role = strtoupper($role);
|
|
|
|
$school = htmlspecialchars($_POST["school"]);
|
|
$class = strtoupper(htmlspecialchars($_POST["class"]));
|
|
$responsible_name = htmlspecialchars($_POST["responsible_name"]);
|
|
$responsible_phone = htmlspecialchars($_POST["responsible_phone"]);
|
|
$responsible_email = htmlspecialchars($_POST["responsible_email"]);
|
|
|
|
if ($role == "ENCADRANT") {
|
|
$school = NULL;
|
|
$class = NULL;
|
|
$responsible_name = NULL;
|
|
$responsible_phone = NULL;
|
|
$responsible_email = NULL;
|
|
}
|
|
else {
|
|
if (!isset($class) && $class != "TERMINALE" && $class != "PREMIERE" && $class != "SECONDE")
|
|
return "La classe spécifiée est invalide. Merci de ne pas créer vos propres requêtes.";
|
|
|
|
if ((!isset($responsible_name) || $responsible_name == "") && $birth_date > strval($YEAR - 18) . "-05-01")
|
|
return "Veuillez spécifier un nom de responsable légal.";
|
|
|
|
if ((!isset($responsible_phone) || $responsible_phone == "") && (!isset($responsible_email) || !filter_var($responsible_email, FILTER_VALIDATE_EMAIL))
|
|
&& $birth_date > strval($YEAR - 18) . "-05-01")
|
|
return "Veuillez préciser au moins le numéro de téléphone ou l'addresse e-mail de votre responsable légal.";
|
|
}
|
|
|
|
$description = $_POST["description"];
|
|
|
|
if ($role == "PARTICIPANT")
|
|
$description = NULL;
|
|
|
|
$confirm_email_uid = uniqid();
|
|
|
|
$req = $DB->prepare("INSERT INTO `users`(`email`, `pwd_hash`, `confirm_email`, `surname`, `first_name`, `birth_date`, `gender`,
|
|
`address`, `postal_code`, `city`, `country`, `phone_number`, `school`, `class`, `role`, `description`, `year`)
|
|
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);");
|
|
$req->execute([$email, $password, $confirm_email_uid, $surname, $firstname, $_POST["birth_date"], $gender, $address, $postal_code,
|
|
$city, $country, $phone_number, $school, $class, $role, $description, $YEAR]);
|
|
|
|
$msg = "Merci pour votre inscription au TFJM² $YEAR ! Veuillez désormais confirmer votre adresse mail en cliquant ici : $URL_BASE/confirmer_mail/$confirm_email_uid";
|
|
mail($email, "Inscription au TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n");
|
|
|
|
return false;
|
|
}
|
|
|
|
require_once "../views/header.php";
|
|
require_once "../views/inscription.php";
|
|
require_once "../views/footer.php";
|