ynerant/plateforme-tfjm2
1
0
Fork 0
mirror of https://gitlab.com/animath/si/plateforme.git synced 2025-11-04 13:12:17 +01:00
Code Issues Releases Wiki Activity

Modification mineure

Browse Source
This commit is contained in:
galaxyoyo
2019-09-05 19:07:41 +02:00
parent 39abeec4e6
commit d2a0d0fbec
22 changed files with 621 additions and 621 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
server_files/403.php
View File

@@ -1,12 +1,12 @@
<?php <?php
include_once "config.php"; require_once_once "config.php";
include_once "header.php"; require_once_once "header.php";
http_response_code(403); http_response_code(403);
echo "<h1>Vous n'êtes pas autorisé à accéder à cette page.</h1>"; echo "<h1>Vous n'êtes pas autorisé à accéder à cette page.</h1>";
include "footer.php"; require_once "footer.php";
exit(); exit();

6
server_files/404.php
View File

@@ -1,12 +1,12 @@
<?php <?php
include_once "config.php"; require_once_once "config.php";
include_once "header.php"; require_once_once "header.php";
http_response_code(404); http_response_code(404);
echo "<h1>Cette page n'existe pas.</h1>"; echo "<h1>Cette page n'existe pas.</h1>";
include "footer.php"; require_once "footer.php";
exit(); exit();

254
server_files/ajouter_equipe.php
View File

@@ -1,127 +1,127 @@
<?php <?php
include 'config.php'; require_once 'config.php';
$tournaments_response = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `date_inscription` > CURRENT_DATE AND `year` = '$YEAR';"); $tournaments_response = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `date_inscription` > CURRENT_DATE AND `year` = '$YEAR';");
if (isset($_POST["submitted"])) { if (isset($_POST["submitted"])) {
$error_message = registerTeam(); $error_message = registerTeam();
} }
function registerTeam() { function registerTeam() {
global $DB, $YEAR, $MAIL_ADDRESS, $access_code; global $DB, $YEAR, $MAIL_ADDRESS, $access_code;
if ($_SESSION["team_id"] != NULL) if ($_SESSION["team_id"] != NULL)
return "Vous êtes déjà dans une équipe."; return "Vous êtes déjà dans une équipe.";
$name = htmlspecialchars($_POST["name"]); $name = htmlspecialchars($_POST["name"]);
if (!isset($name) || $name == "") if (!isset($name) || $name == "")
return "Vous devez spécifier un nom d'équipe."; return "Vous devez spécifier un nom d'équipe.";
$result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `year` = '$YEAR';"); $result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `year` = '$YEAR';");
if ($result->fetch()) if ($result->fetch())
return "Une équipe existe déjà avec ce nom."; return "Une équipe existe déjà avec ce nom.";
$trigram = strtoupper(htmlspecialchars($_POST["trigram"])); $trigram = strtoupper(htmlspecialchars($_POST["trigram"]));
if (!preg_match("#^[A-Z][A-Z][A-Z]$#", $trigram)) if (!preg_match("#^[A-Z][A-Z][A-Z]$#", $trigram))
return "Le trigramme entré n'est pas valide."; return "Le trigramme entré n'est pas valide.";
$result = $DB->query("SELECT `id` FROM `teams` WHERE `trigram` = '" . $trigram . "' AND `year` = '$YEAR';"); $result = $DB->query("SELECT `id` FROM `teams` WHERE `trigram` = '" . $trigram . "' AND `year` = '$YEAR';");
if ($result->fetch()) if ($result->fetch())
return "Une équipe a déjà choisi ce trigramme."; return "Une équipe a déjà choisi ce trigramme.";
$tournament_id = intval(htmlspecialchars($_POST["tournament"])); $tournament_id = intval(htmlspecialchars($_POST["tournament"]));
$result = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `id` = '" . $tournament_id . "' AND `year` = '$YEAR';"); $result = $DB->query("SELECT `id`, `name` FROM `tournaments` WHERE `id` = '" . $tournament_id . "' AND `year` = '$YEAR';");
$data = $result->fetch(); $data = $result->fetch();
if ($data === FALSE) if ($data === FALSE)
return "Le tournoi spécifié n'existe pas."; return "Le tournoi spécifié n'existe pas.";
$alphabet = "0123456789abcdefghijkmnopqrstuvwxyz0123456789"; $alphabet = "0123456789abcdefghijkmnopqrstuvwxyz0123456789";
$access_code = ""; $access_code = "";
for ($i = 0; $i < 6; ++$i) for ($i = 0; $i < 6; ++$i)
$access_code .= $alphabet[rand(0, strlen($alphabet) - 1)]; $access_code .= $alphabet[rand(0, strlen($alphabet) - 1)];
$req = $DB->prepare("INSERT INTO `teams` (`name`, `trigram`, `tournament`, `encadrant_1`, `participant_1`, `validation_status`, `access_code`, `year`) $req = $DB->prepare("INSERT INTO `teams` (`name`, `trigram`, `tournament`, `encadrant_1`, `participant_1`, `validation_status`, `access_code`, `year`)
VALUES (?, ?, ?, ?, ?, ?, ?, ?);"); VALUES (?, ?, ?, ?, ?, ?, ?, ?);");
$req->execute([$name, $trigram, $tournament_id, $_SESSION["role"] == "ENCADRANT" ? $_SESSION["user_id"] : NULL, $req->execute([$name, $trigram, $tournament_id, $_SESSION["role"] == "ENCADRANT" ? $_SESSION["user_id"] : NULL,
$_SESSION["role"] == "PARTICIPANT" ? $_SESSION["user_id"] : NULL, "NOT_READY", $access_code, $YEAR]); $_SESSION["role"] == "PARTICIPANT" ? $_SESSION["user_id"] : NULL, "NOT_READY", $access_code, $YEAR]);
$result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `year` = '$YEAR';"); $result = $DB->query("SELECT `id` FROM `teams` WHERE `name` = '" . $name . "' AND `year` = '$YEAR';");
$data_team = $result->fetch(); $data_team = $result->fetch();
$DB->prepare("UPDATE `users` SET `team_id` = ? WHERE `id` = " . $_SESSION["user_id"] . ";")->execute([$data_team["id"]]); $DB->prepare("UPDATE `users` SET `team_id` = ? WHERE `id` = " . $_SESSION["user_id"] . ";")->execute([$data_team["id"]]);
$msg = "Bonjour " . $_SESSION["first_name"] . " " . $_SESSION["surname"] . ",\r\n\r\n"; $msg = "Bonjour " . $_SESSION["first_name"] . " " . $_SESSION["surname"] . ",\r\n\r\n";
$msg .= "Vous venez de créer l'équipe « $name » ($trigram) pour le TFJM² de " . $data["name"] . " et nous vous en remercions. "; $msg .= "Vous venez de créer l'équipe « $name » ($trigram) pour le TFJM² de " . $data["name"] . " et nous vous en remercions. ";
$msg .= "Afin de permettre aux autres membres de votre équipe de vous rejoindre, veuillez leur transmettre le code d'accès : " . $access_code . "\r\n\r\n"; $msg .= "Afin de permettre aux autres membres de votre équipe de vous rejoindre, veuillez leur transmettre le code d'accès : " . $access_code . "\r\n\r\n";
$msg .= "Cordialement,\r\n\r\nL'organisation du TFJM² $YEAR"; $msg .= "Cordialement,\r\n\r\nL'organisation du TFJM² $YEAR";
mail($_SESSION["email"], "Nouvelle équipe TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n"); mail($_SESSION["email"], "Nouvelle équipe TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n");
return false; return false;
} }
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<?php <?php
if (!isset($_SESSION["role"]) or ($_SESSION["role"] != "PARTICIPANT" && $_SESSION["role"] != "ENCADRANT")) { if (!isset($_SESSION["role"]) or ($_SESSION["role"] != "PARTICIPANT" && $_SESSION["role"] != "ENCADRANT")) {
?> ?>
<h2>Vous devez être participant ou encadrant pour pouvoir ajouter une équipe.</h2> <h2>Vous devez être participant ou encadrant pour pouvoir ajouter une équipe.</h2>
<?php } else if ($_SESSION["team_id"] != NULL) { ?> <?php } else if ($_SESSION["team_id"] != NULL) { ?>
<h2>Vous êtes déjà dans une équipe.</h2> <h2>Vous êtes déjà dans une équipe.</h2>
<?php } else if (isset($access_code)) { ?> <?php } else if (isset($access_code)) { ?>
Votre équipe a bien été créée ! Voici le code d'accès à transmettre aux autres membres de votre équipe : <strong><?php echo $access_code ?></strong> Votre équipe a bien été créée ! Voici le code d'accès à transmettre aux autres membres de votre équipe : <strong><?php echo $access_code ?></strong>
<?php } else { ?> <?php } else { ?>
<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?> <?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>
<form method="POST"> <form method="POST">
<input type="hidden" name="submitted" value="true" /> <input type="hidden" name="submitted" value="true" />
<table style="width: 100%;"> <table style="width: 100%;">
<tbody> <tbody>
<tr> <tr>
<td style="width: 30%;"> <td style="width: 30%;">
<label for="name">Nom :</label> <label for="name">Nom :</label>
</td> </td>
<td style="width: 70%;"> <td style="width: 70%;">
<input style="width: 100%;" type="text" id="name" name="name" /> <input style="width: 100%;" type="text" id="name" name="name" />
</td> </td>
</tr> </tr>
<tr> <tr>
<td> <td>
<label for="trigram">Trigramme :</label> <label for="trigram">Trigramme :</label>
</td> </td>
<td> <td>
<input style="width: 100%;" type="text" id="trigram" name="trigram" /> <input style="width: 100%;" type="text" id="trigram" name="trigram" />
</td> </td>
</tr> </tr>
<tr> <tr>
<td> <td>
<label for="tournament">Tournoi :</label> <label for="tournament">Tournoi :</label>
</td> </td>
<td> <td>
<select style="width: 100%;" id="tournament" name="tournament"> <select style="width: 100%;" id="tournament" name="tournament">
<?php <?php
while (($data = $tournaments_response->fetch()) !== FALSE) { while (($data = $tournaments_response->fetch()) !== FALSE) {
echo "<option value=\"" . $data["id"] . "\">" . $data["name"] . "</option>\n"; echo "<option value=\"" . $data["id"] . "\">" . $data["name"] . "</option>\n";
} }
?> ?>
</select> </select>
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<input style="width: 100%;" type="submit" value="Ajouter une équipe" /> <input style="width: 100%;" type="submit" value="Ajouter une équipe" />
</td> </td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</form> </form>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>
<?php } ?> <?php } ?>

6
server_files/ajouter_organisateur.php
View File

@@ -1,6 +1,6 @@
<?php <?php
include 'config.php'; require_once 'config.php';
if (isset($_POST["submitted"])) { if (isset($_POST["submitted"])) {
$error_message = addOrganizer(); $error_message = addOrganizer();
@@ -57,7 +57,7 @@ function addOrganizer() {
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<?php <?php
@@ -119,6 +119,6 @@ if (!isset($_SESSION["role"]) or $_SESSION["role"] != "ADMIN") {
</table> </table>
</form> </form>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>
<?php } ?> <?php } ?>

6
server_files/ajouter_tournoi.php
View File

@@ -1,6 +1,6 @@
<?php <?php
include 'config.php'; require_once 'config.php';
$orgas_response = $DB->query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE (`role` = 'ORGANIZER' OR `role` = 'ADMIN') AND `year` = '$YEAR';"); $orgas_response = $DB->query("SELECT `id`, `surname`, `first_name` FROM `users` WHERE (`role` = 'ORGANIZER' OR `role` = 'ADMIN') AND `year` = '$YEAR';");
@@ -108,7 +108,7 @@ function registerTournament() {
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<?php <?php
@@ -239,6 +239,6 @@ if (!isset($_SESSION["role"]) or $_SESSION["role"] != "ADMIN") {
</table> </table>
</form> </form>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>
<?php } ?> <?php } ?>

6
server_files/confirmer_mail.php
View File

@@ -1,6 +1,6 @@
<?php <?php
include 'config.php'; require_once 'config.php';
$token = $_GET["token"]; $token = $_GET["token"];
@@ -19,8 +19,8 @@ else {
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<h2><?php echo $error_message ?></h2> <h2><?php echo $error_message ?></h2>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>

6
server_files/connexion.php
View File

@@ -1,6 +1,6 @@
<?php <?php
include 'config.php'; require_once 'config.php';
if (isset($_POST["submitted"]) && !isset($_SESSION["user_id"])) { if (isset($_POST["submitted"]) && !isset($_SESSION["user_id"])) {
$error_message = login(); $error_message = login();
@@ -143,7 +143,7 @@ function sendConfirmEmail() {
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?> <?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>
@@ -238,6 +238,6 @@ else if (isset($_SESSION["user_id"])) { ?>
</form> </form>
<?php } ?> <?php } ?>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>
<?php } ?> <?php } ?>

28
server_files/deconnexion.php
View File

@@ -1,14 +1,14 @@
<?php <?php
include 'config.php'; require_once 'config.php';
unset($_SESSION["user_id"]); unset($_SESSION["user_id"]);
session_destroy(); session_destroy();
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<h2>Déconnexion réussie !</h2> <h2>Déconnexion réussie !</h2>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>

8
server_files/equipe.php
View File

@@ -1,6 +1,6 @@
<?php <?php
include "config.php"; require_once "config.php";
$trigram = htmlspecialchars($_GET["trigram"]); $trigram = htmlspecialchars($_GET["trigram"]);
@@ -60,7 +60,7 @@ if (isset($_POST["select"])) {
} }
if ($team_data === false) if ($team_data === false)
include "404.php"; require_once "404.php";
$tournament_data = $DB->query("SELECT `name`, `date_start` FROM `tournaments` WHERE `id` = '" . $team_data["tournament"] . "' AND `year` = '$YEAR';")->fetch(); $tournament_data = $DB->query("SELECT `name`, `date_start` FROM `tournaments` WHERE `id` = '" . $team_data["tournament"] . "' AND `year` = '$YEAR';")->fetch();
@@ -74,7 +74,7 @@ if ($team_data["final_selection"]) {
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<h2>Informations sur l'équipe</h2> <h2>Informations sur l'équipe</h2>
@@ -170,4 +170,4 @@ if (!$team_data["final_selection"]) { ?>
</form> </form>
<?php } ?> <?php } ?>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>

6
server_files/index.php
View File

@@ -1,10 +1,10 @@
<?php <?php
include 'config.php'; require_once 'config.php';
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<div class="container-fluid"> <div class="container-fluid">
@@ -111,4 +111,4 @@ include 'config.php';
</div> </div>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>

10
server_files/informations.php
View File

@@ -1,16 +1,16 @@
<?php <?php
include "config.php"; require_once "config.php";
if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ORGANIZER" && $_SESSION["role"] != "ADMIN") { if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ORGANIZER" && $_SESSION["role"] != "ADMIN") {
include "403.php"; require_once "403.php";
} }
$id = $_GET["id"]; $id = $_GET["id"];
$user_data = $DB->query("SELECT * FROM `users` WHERE `id` = $id;")->fetch(); $user_data = $DB->query("SELECT * FROM `users` WHERE `id` = $id;")->fetch();
if ($user_data === false) { if ($user_data === false) {
include "404.php"; require_once "404.php";
} }
$team_data = false; $team_data = false;
@@ -22,7 +22,7 @@ $tournaments_req = $DB->query("SELECT `tournament`, `name` FROM `organizers` JOI
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<h1><?= $user_data["first_name"] . " " . $user_data["surname"] ?></h1> <h1><?= $user_data["first_name"] . " " . $user_data["surname"] ?></h1>
@@ -93,4 +93,4 @@ elseif ($user_data["role"] == "PARTICIPANT" || $user_data["role"] == "ENCADRANT"
} }
} ?> } ?>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>

6
server_files/inscription.php
View File

@@ -1,6 +1,6 @@
<?php <?php
include 'config.php'; require_once 'config.php';
if (isset($_POST["submitted"])) { if (isset($_POST["submitted"])) {
$error_message = register(); $error_message = register();
@@ -130,7 +130,7 @@ function register() {
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?> <?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>
@@ -276,6 +276,6 @@ function register() {
selectRole(); selectRole();
</script> </script>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>
<?php } ?> <?php } ?>

646
server_files/mon_compte.php
View File

@@ -1,323 +1,323 @@
<?php <?php
include 'config.php'; require_once 'config.php';
if (isset($_POST["submitted"])) { if (isset($_POST["submitted"])) {
$error_message = updateAccount(); $error_message = updateAccount();
} elseif (isset($_POST["submitted_password"])) { } elseif (isset($_POST["submitted_password"])) {
$error_message = updatePassword(); $error_message = updatePassword();
} }
if (isset($_SESSION["user_id"])) { if (isset($_SESSION["user_id"])) {
$result = $DB->query("SELECT * FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "';"); $result = $DB->query("SELECT * FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "';");
$user_data = $result->fetch(); $user_data = $result->fetch();
} }
function updateAccount() function updateAccount()
{ {
global $DB, $URL_BASE, $MAIL_ADDRESS; global $DB, $URL_BASE, $MAIL_ADDRESS;
if (!isset($_SESSION["user_id"])) if (!isset($_SESSION["user_id"]))
return "Vous n'êtes pas connecté."; return "Vous n'êtes pas connecté.";
$ID = $_SESSION["user_id"]; $ID = $_SESSION["user_id"];
$surname = htmlspecialchars($_POST["surname"]); $surname = htmlspecialchars($_POST["surname"]);
if (isset($surname) && $surname != "") if (isset($surname) && $surname != "")
$DB->prepare("UPDATE `users` SET `surname` = ? WHERE `id` = ?;")->execute([$surname, $ID]); $DB->prepare("UPDATE `users` SET `surname` = ? WHERE `id` = ?;")->execute([$surname, $ID]);
$first_name = htmlspecialchars($_POST["firstname"]); $first_name = htmlspecialchars($_POST["firstname"]);
if (isset($first_name) && $first_name != "") if (isset($first_name) && $first_name != "")
$DB->prepare("UPDATE `users` SET `first_name` = ? WHERE `id` = ?;")->execute([$first_name, $ID]); $DB->prepare("UPDATE `users` SET `first_name` = ? WHERE `id` = ?;")->execute([$first_name, $ID]);
$birth_date = htmlspecialchars($_POST["birth_date"]); $birth_date = htmlspecialchars($_POST["birth_date"]);
if (isset($birth_date) && $birth_date != "") if (isset($birth_date) && $birth_date != "")
$DB->prepare("UPDATE `users` SET `birth_date` = ? WHERE `id` = ?;")->execute([$birth_date, $ID]); $DB->prepare("UPDATE `users` SET `birth_date` = ? WHERE `id` = ?;")->execute([$birth_date, $ID]);
if (isset($_POST["gender"])) { if (isset($_POST["gender"])) {
$gender = htmlspecialchars($_POST["gender"]); $gender = htmlspecialchars($_POST["gender"]);
if (isset($gender) && ($gender == "M" || $gender == "F")) if (isset($gender) && ($gender == "M" || $gender == "F"))
$DB->prepare("UPDATE `users` SET `gender` = ? WHERE `id` = ?;")->execute([$gender, $ID]); $DB->prepare("UPDATE `users` SET `gender` = ? WHERE `id` = ?;")->execute([$gender, $ID]);
} }
$address = htmlspecialchars($_POST["address"]); $address = htmlspecialchars($_POST["address"]);
if (isset($address) && $address != "") if (isset($address) && $address != "")
$DB->prepare("UPDATE `users` SET `address` = ? WHERE `id` = ?;")->execute([$address, $ID]); $DB->prepare("UPDATE `users` SET `address` = ? WHERE `id` = ?;")->execute([$address, $ID]);
$postal_code = htmlspecialchars($_POST["postal_code"]); $postal_code = htmlspecialchars($_POST["postal_code"]);
if (isset($postal_code) && $postal_code != "") if (isset($postal_code) && $postal_code != "")
$DB->prepare("UPDATE `users` SET `postal_code` = ? WHERE `id` = ?;")->execute([$postal_code, $ID]); $DB->prepare("UPDATE `users` SET `postal_code` = ? WHERE `id` = ?;")->execute([$postal_code, $ID]);
$city = htmlspecialchars($_POST["city"]); $city = htmlspecialchars($_POST["city"]);
if (isset($city) && $city != "") if (isset($city) && $city != "")
$DB->prepare("UPDATE `users` SET `city` = ? WHERE `id` = ?;")->execute([$city, $ID]); $DB->prepare("UPDATE `users` SET `city` = ? WHERE `id` = ?;")->execute([$city, $ID]);
$country = htmlspecialchars($_POST["country"]); $country = htmlspecialchars($_POST["country"]);
if (isset($country) && $country != "") if (isset($country) && $country != "")
$DB->prepare("UPDATE `users` SET `country` = ? WHERE `id` = ?;")->execute([$country, $ID]); $DB->prepare("UPDATE `users` SET `country` = ? WHERE `id` = ?;")->execute([$country, $ID]);
$phone_number = htmlspecialchars($_POST["phone_number"]); $phone_number = htmlspecialchars($_POST["phone_number"]);
if (isset($phone_number) && $phone_number != "") if (isset($phone_number) && $phone_number != "")
$DB->prepare("UPDATE `users` SET `phone_number` = ? WHERE `id` = ?;")->execute([$phone_number, $ID]); $DB->prepare("UPDATE `users` SET `phone_number` = ? WHERE `id` = ?;")->execute([$phone_number, $ID]);
if (isset($_POST["school"])) { if (isset($_POST["school"])) {
$school = htmlspecialchars($_POST["school"]); $school = htmlspecialchars($_POST["school"]);
if (isset($school) && $school != "") if (isset($school) && $school != "")
$DB->prepare("UPDATE `users` SET `school` = ? WHERE `id` = ?;")->execute([$school, $ID]); $DB->prepare("UPDATE `users` SET `school` = ? WHERE `id` = ?;")->execute([$school, $ID]);
} }
if (isset($_POST["class"])) { if (isset($_POST["class"])) {
$class = htmlspecialchars($_POST["class"]); $class = htmlspecialchars($_POST["class"]);
if (isset($class) && ($class == "terminale" || $class == "premiere" || $class == "seconde")) if (isset($class) && ($class == "terminale" || $class == "premiere" || $class == "seconde"))
$DB->prepare("UPDATE `users` SET `class` = ? WHERE `id` = ?;")->execute([strtoupper($class), $ID]); $DB->prepare("UPDATE `users` SET `class` = ? WHERE `id` = ?;")->execute([strtoupper($class), $ID]);
} }
if (isset($_POST["responsible_name"])) { if (isset($_POST["responsible_name"])) {
$responsible_name = htmlspecialchars($_POST["responsible_name"]); $responsible_name = htmlspecialchars($_POST["responsible_name"]);
if (isset($responsible_name) && $responsible_name != "") if (isset($responsible_name) && $responsible_name != "")
$DB->prepare("UPDATE `users` SET `responsible_name` = ? WHERE `id` = ?;")->execute([$responsible_name, $ID]); $DB->prepare("UPDATE `users` SET `responsible_name` = ? WHERE `id` = ?;")->execute([$responsible_name, $ID]);
} }
if (isset($_POST["responsible_phone"])) { if (isset($_POST["responsible_phone"])) {
$responsible_phone = htmlspecialchars($_POST["responsible_phone"]); $responsible_phone = htmlspecialchars($_POST["responsible_phone"]);
if (isset($responsible_phone) && $responsible_phone != "") if (isset($responsible_phone) && $responsible_phone != "")
$DB->prepare("UPDATE `users` SET `responsible_phone` = ? WHERE `id` = ?;")->execute([$responsible_phone, $ID]); $DB->prepare("UPDATE `users` SET `responsible_phone` = ? WHERE `id` = ?;")->execute([$responsible_phone, $ID]);
} }
if (isset($_POST["responsible_email"])) { if (isset($_POST["responsible_email"])) {
$responsible_email = htmlspecialchars($_POST["responsible_email"]); $responsible_email = htmlspecialchars($_POST["responsible_email"]);
if (isset($responsible_email) && $responsible_email != "") if (isset($responsible_email) && $responsible_email != "")
$DB->prepare("UPDATE `users` SET `responsible_email` = ? WHERE `id` = ?;")->execute([$responsible_email, $ID]); $DB->prepare("UPDATE `users` SET `responsible_email` = ? WHERE `id` = ?;")->execute([$responsible_email, $ID]);
} }
if (isset($_POST["description"])) { if (isset($_POST["description"])) {
$description = htmlspecialchars($_POST["description"]); $description = htmlspecialchars($_POST["description"]);
if (isset($description) && $description != "") if (isset($description) && $description != "")
$DB->prepare("UPDATE `users` SET `description` = ? WHERE `id` = ?;")->execute([$description, $ID]); $DB->prepare("UPDATE `users` SET `description` = ? WHERE `id` = ?;")->execute([$description, $ID]);
} }
$email = htmlspecialchars($_POST["email"]); $email = htmlspecialchars($_POST["email"]);
if (isset($email) && $email != "" && filter_var($email, FILTER_VALIDATE_EMAIL)) { if (isset($email) && $email != "" && filter_var($email, FILTER_VALIDATE_EMAIL)) {
$confirm_email_uid = uniqid(); $confirm_email_uid = uniqid();
$DB->prepare("UPDATE `users` SET `email` = ?, `confirm_email` = ? WHERE `id` = ?;")->execute([$email, $confirm_email_uid, $ID]); $DB->prepare("UPDATE `users` SET `email` = ?, `confirm_email` = ? WHERE `id` = ?;")->execute([$email, $confirm_email_uid, $ID]);
$msg = "Vous venez de changer votre adresse mail. Veuillez désormais confirmer votre adresse mail en cliquant ici : $URL_BASE/confirmer_mail/$confirm_email_uid"; $msg = "Vous venez de changer votre adresse mail. Veuillez désormais confirmer votre adresse mail en cliquant ici : $URL_BASE/confirmer_mail/$confirm_email_uid";
mail($email, "Changement d'adresse mail - TFJM²", $msg, "From: $MAIL_ADDRESS\r\n"); mail($email, "Changement d'adresse mail - TFJM²", $msg, "From: $MAIL_ADDRESS\r\n");
} }
return false; return false;
} }
function updatePassword() function updatePassword()
{ {
global $DB, $YEAR; global $DB, $YEAR;
$old = htmlspecialchars($_POST["old_password"]); $old = htmlspecialchars($_POST["old_password"]);
$new = htmlspecialchars($_POST["new_password"]); $new = htmlspecialchars($_POST["new_password"]);
$confirm = htmlspecialchars($_POST["confirm_password"]); $confirm = htmlspecialchars($_POST["confirm_password"]);
$result = $DB->query("SELECT `pwd_hash` FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "' AND `year` = '$YEAR';"); $result = $DB->query("SELECT `pwd_hash` FROM `users` WHERE `id` = '" . $_SESSION["user_id"] . "' AND `year` = '$YEAR';");
if (($data = $result->fetch()) === FALSE) if (($data = $result->fetch()) === FALSE)
return "Le compte n'existe pas."; return "Le compte n'existe pas.";
if (!password_verify($old, $data["pwd_hash"])) if (!password_verify($old, $data["pwd_hash"]))
return "L'ancien mot de passe est incorrect."; return "L'ancien mot de passe est incorrect.";
if (strlen($new) < 8) if (strlen($new) < 8)
return "Le mot de passe doit comporter au moins 8 caractères."; return "Le mot de passe doit comporter au moins 8 caractères.";
if ($new != $confirm) if ($new != $confirm)
return "Les deux mots de passe sont différents."; return "Les deux mots de passe sont différents.";
$hash = password_hash($new, PASSWORD_BCRYPT); $hash = password_hash($new, PASSWORD_BCRYPT);
$DB->prepare("UPDATE `users` SET `pwd_hash` = ? WHERE `id` = ?;")->execute([$hash, $_SESSION["user_id"]]); $DB->prepare("UPDATE `users` SET `pwd_hash` = ? WHERE `id` = ?;")->execute([$hash, $_SESSION["user_id"]]);
return false; return false;
} }
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<?php if (!isset($_SESSION["user_id"])) { <?php if (!isset($_SESSION["user_id"])) {
echo "<h2>Vous devez être connecté pour afficher cette page.</h2>"; echo "<h2>Vous devez être connecté pour afficher cette page.</h2>";
include "footer.php"; require_once "footer.php";
return; return;
} ?> } ?>
<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?> <?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>
<?php <?php
if (isset($error_message) && $error_message === FALSE) { if (isset($error_message) && $error_message === FALSE) {
?> ?>
<h2>Votre compte a bien été mis à jour !</h2> <h2>Votre compte a bien été mis à jour !</h2>
<?php <?php
if (isset($email) && filter_var($email, FILTER_VALIDATE_EMAIL)) { if (isset($email) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo "Votre adresse mail a bien été changée. Veuillez vérifier votre boîte mail pour valider votre nouvelle adresse, vous en aurez besoin pour vous reconnecter."; echo "Votre adresse mail a bien été changée. Veuillez vérifier votre boîte mail pour valider votre nouvelle adresse, vous en aurez besoin pour vous reconnecter.";
} }
?> ?>
<?php } ?> <?php } ?>
<form method="POST"> <form method="POST">
<input type="hidden" name="submitted" value="true"/> <input type="hidden" name="submitted" value="true"/>
<table style="width: 100%"> <table style="width: 100%">
<tr> <tr>
<td style="width: 30%"><label for="email">E-mail :</label></td> <td style="width: 30%"><label for="email">E-mail :</label></td>
<td style="width: 70%"><?php echo $user_data["email"] ?></td> <td style="width: 70%"><?php echo $user_data["email"] ?></td>
</tr> </tr>
<tr> <tr>
<td colspan="2"><input style="width: 100%" type="email" id="email" name="email"/></td> <td colspan="2"><input style="width: 100%" type="email" id="email" name="email"/></td>
</tr> </tr>
<tr> <tr>
<td><label for="surname">Nom :</label></td> <td><label for="surname">Nom :</label></td>
<td><?php echo $user_data["surname"] ?></td> <td><?php echo $user_data["surname"] ?></td>
</tr> </tr>
<tr> <tr>
<td colspan="2"><input style="width: 100%" type="text" id="surname" name="surname"/></td> <td colspan="2"><input style="width: 100%" type="text" id="surname" name="surname"/></td>
</tr> </tr>
<tr> <tr>
<td><label for="firstname">Prénom :</label></td> <td><label for="firstname">Prénom :</label></td>
<td><?php echo $user_data["first_name"] ?></td> <td><?php echo $user_data["first_name"] ?></td>
</tr> </tr>
<tr> <tr>
<td colspan="2"><input style="width: 100%" type="text" id="firstname" name="firstname"/></td> <td colspan="2"><input style="width: 100%" type="text" id="firstname" name="firstname"/></td>
</tr> </tr>
<tr> <tr>
<td><label for="birth_date">Date de naissance :</label></td> <td><label for="birth_date">Date de naissance :</label></td>
<td><?php echo echo_date($user_data["birth_date"]) ?></td> <td><?php echo echo_date($user_data["birth_date"]) ?></td>
</tr> </tr>
<tr> <tr>
<td colspan="2"><input style="width: 100%" type="date" id="birth_date" name="birth_date"/></td> <td colspan="2"><input style="width: 100%" type="date" id="birth_date" name="birth_date"/></td>
</tr> </tr>
<tr> <tr>
<td><label for="gender">Sexe :</label></td> <td><label for="gender">Sexe :</label></td>
<td><input type="radio" id="male" name="gender" value="M" <?php if ($user_data["gender"] == "M") echo "checked" ?> /><label for="male">Homme</label> <td><input type="radio" id="male" name="gender" value="M" <?php if ($user_data["gender"] == "M") echo "checked" ?> /><label for="male">Homme</label>
<input type="radio" id="female" name="gender" value="F" <?php if ($user_data["gender"] == "F") echo "checked" ?> /><label for="female">Femme</label></td> <input type="radio" id="female" name="gender" value="F" <?php if ($user_data["gender"] == "F") echo "checked" ?> /><label for="female">Femme</label></td>
</tr> </tr>
<tr> <tr>
<td><label for="address">Adresse :</label></td> <td><label for="address">Adresse :</label></td>
<td><?php echo $user_data["address"] ?></td> <td><?php echo $user_data["address"] ?></td>
</tr> </tr>
<tr> <tr>
<td colspan="2"><input style="width: 100%" type="text" id="address" name="address"/></td> <td colspan="2"><input style="width: 100%" type="text" id="address" name="address"/></td>
</tr> </tr>
<tr> <tr>
<td><label for="postal_code">Code postal :</label></td> <td><label for="postal_code">Code postal :</label></td>
<td><?php echo $user_data["postal_code"] ?></td> <td><?php echo $user_data["postal_code"] ?></td>
</tr> </tr>
<tr> <tr>
<td colspan="2"><input style="width: 100%" type="number" id="postal_code" name="postal_code" min="1000" max="95999"/></td> <td colspan="2"><input style="width: 100%" type="number" id="postal_code" name="postal_code" min="1000" max="95999"/></td>
</tr> </tr>
<tr> <tr>
<td><label for="city">Ville :</label></td> <td><label for="city">Ville :</label></td>
<td><?php echo $user_data["city"] ?></td> <td><?php echo $user_data["city"] ?></td>
</tr> </tr>
<tr> <tr>
<td colspan="2"><input style="width: 100%" type="text" id="city" name="city"/></td> <td colspan="2"><input style="width: 100%" type="text" id="city" name="city"/></td>
</tr> </tr>
<tr> <tr>
<td><label for="country">Pays :</label></td> <td><label for="country">Pays :</label></td>
<td><?php echo $user_data["country"] ?></td> <td><?php echo $user_data["country"] ?></td>
</tr> </tr>
<tr> <tr>
<td colspan="2"><input style="width: 100%" type="text" id="country" name="country"/></td> <td colspan="2"><input style="width: 100%" type="text" id="country" name="country"/></td>
</tr> </tr>
<tr> <tr>
<td><label for="phone_number">Numéro de téléphone :</label></td> <td><label for="phone_number">Numéro de téléphone :</label></td>
<td><?php echo $user_data["phone_number"] ?></td> <td><?php echo $user_data["phone_number"] ?></td>
</tr> </tr>
<tr> <tr>
<td colspan="2"><input style="width: 100%" type="text" id="phone_number" name="phone_number"/></td> <td colspan="2"><input style="width: 100%" type="text" id="phone_number" name="phone_number"/></td>
</tr> </tr>
<?php if ($user_data["role"] == "PARTICIPANT") { ?> <?php if ($user_data["role"] == "PARTICIPANT") { ?>
<tr> <tr>
<td><label for="school">Établissement dans lequel l'élève étudie :</label></td> <td><label for="school">Établissement dans lequel l'élève étudie :</label></td>
<td><?php echo $user_data["school"] ?></td> <td><?php echo $user_data["school"] ?></td>
</tr> </tr>
<tr> <tr>
<td colspan="2"><input style="width: 100%" type="text" id="school" name="school"/></td> <td colspan="2"><input style="width: 100%" type="text" id="school" name="school"/></td>
</tr> </tr>
<tr> <tr>
<td><label for="class">Classe :</label></td> <td><label for="class">Classe :</label></td>
<td><select style="width: 100%" id="class" name="class"> <td><select style="width: 100%" id="class" name="class">
<option value="terminale" <?php if ($user_data["class"] == "terminale") echo "selected" ?>>Terminale</option> <option value="terminale" <?php if ($user_data["class"] == "terminale") echo "selected" ?>>Terminale</option>
<option value="premiere" <?php if ($user_data["class"] == "premiere") echo "selected" ?>>Première</option> <option value="premiere" <?php if ($user_data["class"] == "premiere") echo "selected" ?>>Première</option>
<option value="seconde" <?php if ($user_data["class"] == "seconde") echo "selected" ?>>Seconde ou inférieur</option> <option value="seconde" <?php if ($user_data["class"] == "seconde") echo "selected" ?>>Seconde ou inférieur</option>
</select></td> </select></td>
</tr> </tr>
<tr> <tr>
<td> <td>
<label for="responsible_name">Nom du responsable légal :</label> <label for="responsible_name">Nom du responsable légal :</label>
</td> </td>
<td> <td>
<?php echo $user_data["responsible_name"] ?> <?php echo $user_data["responsible_name"] ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<input style="width: 100%;" type="text" id="responsible_name" name="responsible_name" /> <input style="width: 100%;" type="text" id="responsible_name" name="responsible_name" />
</td> </td>
</tr> </tr>
<tr> <tr>
<td> <td>
<label for="responsible_phone">Téléphone du responsable légal :</label> <label for="responsible_phone">Téléphone du responsable légal :</label>
</td> </td>
<td> <td>
<?php echo $user_data["responsible_phone"] ?> <?php echo $user_data["responsible_phone"] ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<input style="width: 100%" type="text" id="responsible_phone" name="responsible_phone" /> <input style="width: 100%" type="text" id="responsible_phone" name="responsible_phone" />
</td> </td>
</tr> </tr>
<tr> <tr>
<td> <td>
<label for="responsible_email">Email du responsable légal :</label> <label for="responsible_email">Email du responsable légal :</label>
</td> </td>
<td> <td>
<?php echo $user_data["responsible_email"] ?> <?php echo $user_data["responsible_email"] ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<input style="width: 100%" type="email" id="responsible_email" name="responsible_email" /> <input style="width: 100%" type="email" id="responsible_email" name="responsible_email" />
</td> </td>
</tr> </tr>
<?php } else { ?> <?php } else { ?>
<tr> <tr>
<td><label for="description">Description :</label></td> <td><label for="description">Description :</label></td>
<td><textarea style="width: 100%" id="description" name="description"><?php echo $user_data["description"] ?></textarea></td> <td><textarea style="width: 100%" id="description" name="description"><?php echo $user_data["description"] ?></textarea></td>
</tr> </tr>
<?php } ?> <?php } ?>
<tr> <tr>
<td colspan="2"><input type="submit" style="width: 100%" value="Mettre à jour mes données"/></td> <td colspan="2"><input type="submit" style="width: 100%" value="Mettre à jour mes données"/></td>
</tr> </tr>
</table> </table>
</form> </form>
<div style="padding: 20px"></div> <div style="padding: 20px"></div>
<form method="POST"> <form method="POST">
<input type="hidden" name="submitted_password" value="true"/> <input type="hidden" name="submitted_password" value="true"/>
<table style="width: 100%"> <table style="width: 100%">
<tr> <tr>
<td style="width: 30%"><label for="old_password">Ancien mot de passe :</label></td> <td style="width: 30%"><label for="old_password">Ancien mot de passe :</label></td>
<td style="width: 70%"><input style="width: 100%" type="password" id="old_password" name="old_password"/></td> <td style="width: 70%"><input style="width: 100%" type="password" id="old_password" name="old_password"/></td>
</tr> </tr>
<tr> <tr>
<td><label for="new_password">Nouveau mot de passe :</label></td> <td><label for="new_password">Nouveau mot de passe :</label></td>
<td><input style="width: 100%" type="password" id="new_password" name="new_password"/></td> <td><input style="width: 100%" type="password" id="new_password" name="new_password"/></td>
</tr> </tr>
<tr> <tr>
<td><label for="confirm_password">Confirmer le mot de passe :</label></td> <td><label for="confirm_password">Confirmer le mot de passe :</label></td>
<td><input style="width: 100%" type="password" id="confirm_password" name="confirm_password"/></td> <td><input style="width: 100%" type="password" id="confirm_password" name="confirm_password"/></td>
</tr> </tr>
<tr> <tr>
<td colspan="2"><input type="submit" style="width: 100%" value="Mettre à jour mon mot de passe"/></td> <td colspan="2"><input type="submit" style="width: 100%" value="Mettre à jour mon mot de passe"/></td>
</tr> </tr>
</table> </table>
</form> </form>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>

8
server_files/mon_equipe.php
View File

@@ -1,6 +1,6 @@
<?php <?php
include 'config.php'; require_once 'config.php';
if (isset($_POST["leave_team"])) { if (isset($_POST["leave_team"])) {
for ($i = 1; $i <= ($_SESSION["role"] == "PARTICIPANT" ? 6 : 2); ++$i) for ($i = 1; $i <= ($_SESSION["role"] == "PARTICIPANT" ? 6 : 2); ++$i)
@@ -191,11 +191,11 @@ function checkCanValidate()
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<?php if (!isset($_SESSION["user_id"]) || !isset($_SESSION["team_id"]) || $_SESSION["team_id"] == NULL) { <?php if (!isset($_SESSION["user_id"]) || !isset($_SESSION["team_id"]) || $_SESSION["team_id"] == NULL) {
echo "<h2>Vous devez être dans une équipe pour afficher cette page.</h2>"; echo "<h2>Vous devez être dans une équipe pour afficher cette page.</h2>";
include "footer.php"; require_once "footer.php";
return; return;
} ?> } ?>
@@ -364,4 +364,4 @@ Code d'accès : <strong><?php echo $team_data["access_code"] ?></strong><br/>
<?php } ?> <?php } ?>
<?php } ?> <?php } ?>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>

186
server_files/rejoindre_equipe.php
View File

@@ -1,93 +1,93 @@
<?php <?php
include 'config.php'; require_once 'config.php';
if (isset($_POST["submitted"])) { if (isset($_POST["submitted"])) {
$error_message = joinTeam(); $error_message = joinTeam();
} }
function joinTeam() { function joinTeam() {
global $DB, $YEAR, $MAIL_ADDRESS, $access_code, $data; global $DB, $YEAR, $MAIL_ADDRESS, $access_code, $data;
if ($_SESSION["team_id"] != NULL) if ($_SESSION["team_id"] != NULL)
return "Vous êtes déjà dans une équipe."; return "Vous êtes déjà dans une équipe.";
$access_code = htmlspecialchars($_POST["access_code"]); $access_code = htmlspecialchars($_POST["access_code"]);
if (!isset($access_code) || strlen($access_code) != 6) if (!isset($access_code) || strlen($access_code) != 6)
return "Le code d'accès doit comporter 6 caractères."; return "Le code d'accès doit comporter 6 caractères.";
$result = $DB->query("SELECT * FROM `teams` WHERE `access_code` = '" . $access_code . "' AND `year` = '$YEAR';"); $result = $DB->query("SELECT * FROM `teams` WHERE `access_code` = '" . $access_code . "' AND `year` = '$YEAR';");
if (($data = $result->fetch()) === FALSE) if (($data = $result->fetch()) === FALSE)
return "Ce code d'accès est invalide."; return "Ce code d'accès est invalide.";
if ($_SESSION["role"] != "PARTICIPANT" && $_SESSION["role"] != "ENCADRANT") if ($_SESSION["role"] != "PARTICIPANT" && $_SESSION["role"] != "ENCADRANT")
return "Seuls les participants et les encadrants peuvent rejoindre une équipe."; return "Seuls les participants et les encadrants peuvent rejoindre une équipe.";
if ($data["validation_status"] != "NOT_READY") if ($data["validation_status"] != "NOT_READY")
return "Cette équipe est déjà en cours de validation ou validée, vous ne pouvez pas la rejoindre."; return "Cette équipe est déjà en cours de validation ou validée, vous ne pouvez pas la rejoindre.";
for ($i = 1; $i <= $_SESSION["role"] == "PARTICIPANT" ? 6 : 2; ++$i) { for ($i = 1; $i <= $_SESSION["role"] == "PARTICIPANT" ? 6 : 2; ++$i) {
if ($data[strtolower($_SESSION["role"]) . "_" . strval($i)] == NULL) if ($data[strtolower($_SESSION["role"]) . "_" . strval($i)] == NULL)
break; break;
} }
if ($_SESSION["role"] == "PARTICIPANT" && $i == 7 || $_SESSION["role"] == "ENCADRANT" && $i == 3) if ($_SESSION["role"] == "PARTICIPANT" && $i == 7 || $_SESSION["role"] == "ENCADRANT" && $i == 3)
return "Il n'y a plus de place pour vous dans l'équipe."; return "Il n'y a plus de place pour vous dans l'équipe.";
$DB->prepare("UPDATE `users` SET `team_id` = ? WHERE `id` = " . $_SESSION["user_id"] . ";")->execute([$data["id"]]); $DB->prepare("UPDATE `users` SET `team_id` = ? WHERE `id` = " . $_SESSION["user_id"] . ";")->execute([$data["id"]]);
/** @noinspection SqlResolve */ /** @noinspection SqlResolve */
$DB->prepare("UPDATE `teams` SET `" . strtolower($_SESSION["role"]) . "_" . strval($i) . "` = ? WHERE `id` = " . $data["id"] . ";")->execute([$_SESSION["user_id"]]); $DB->prepare("UPDATE `teams` SET `" . strtolower($_SESSION["role"]) . "_" . strval($i) . "` = ? WHERE `id` = " . $data["id"] . ";")->execute([$_SESSION["user_id"]]);
$_SESSION["team_id"] = $data["id"]; $_SESSION["team_id"] = $data["id"];
$_SESSION["team_validation_status"] = $data["validation_status"]; $_SESSION["team_validation_status"] = $data["validation_status"];
$msg = "Bonjour " . $_SESSION["first_name"] . " " . $_SESSION["surname"] . ",\r\n\r\n"; $msg = "Bonjour " . $_SESSION["first_name"] . " " . $_SESSION["surname"] . ",\r\n\r\n";
$msg .= "Vous venez de rejoindre l'équipe « " . $data["name"] . " » (" . $data["trigram"] . ") pour le TFJM² de " . $data["name"] . " et nous vous en remercions.\r\n\r\n"; $msg .= "Vous venez de rejoindre l'équipe « " . $data["name"] . " » (" . $data["trigram"] . ") pour le TFJM² de " . $data["name"] . " et nous vous en remercions.\r\n\r\n";
$msg .= "Cordialement,\r\n\r\nL'organisation du TFJM² $YEAR"; $msg .= "Cordialement,\r\n\r\nL'organisation du TFJM² $YEAR";
mail($_SESSION["email"], "Équipe rejointe TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n"); mail($_SESSION["email"], "Équipe rejointe TFJM² $YEAR", $msg, "From: $MAIL_ADDRESS\r\n");
return false; return false;
} }
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<?php <?php
if (!isset($_SESSION["role"]) or ($_SESSION["role"] != "PARTICIPANT" && $_SESSION["role"] != "ENCADRANT")) { if (!isset($_SESSION["role"]) or ($_SESSION["role"] != "PARTICIPANT" && $_SESSION["role"] != "ENCADRANT")) {
?> ?>
<h2>Vous devez être participant ou encadrant pour pouvoir rejoindre une équipe.</h2> <h2>Vous devez être participant ou encadrant pour pouvoir rejoindre une équipe.</h2>
<?php } else if (isset($access_code)) { ?> <?php } else if (isset($access_code)) { ?>
Vous avez bien rejoint l'équipe <?php echo $data["name"] ?> ! Vous avez bien rejoint l'équipe <?php echo $data["name"] ?> !
<?php } else if ($_SESSION["team_id"] != NULL) { ?> <?php } else if ($_SESSION["team_id"] != NULL) { ?>
<h2>Vous êtes déjà dans une équipe.</h2> <h2>Vous êtes déjà dans une équipe.</h2>
<?php } else { ?> <?php } else { ?>
<?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?> <?php if (isset($error_message) && $error_message) echo "<h2>Erreur : " . $error_message . "</h2>"; ?>
<form method="POST"> <form method="POST">
<input type="hidden" name="submitted" value="true" /> <input type="hidden" name="submitted" value="true" />
<table style="width: 100%;"> <table style="width: 100%;">
<tbody> <tbody>
<tr> <tr>
<td style="width: 30%;"> <td style="width: 30%;">
<label for="access_code">Code d'accès :</label> <label for="access_code">Code d'accès :</label>
</td> </td>
<td style="width: 70%;"> <td style="width: 70%;">
<input style="width: 100%;" type="text" id="access_code" name="access_code" /> <input style="width: 100%;" type="text" id="access_code" name="access_code" />
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<input style="width: 100%;" type="submit" value="Rejoindre l'équipe" /> <input style="width: 100%;" type="submit" value="Rejoindre l'équipe" />
</td> </td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</form> </form>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>
<?php } ?> <?php } ?>

8
server_files/solutions.php
View File

@@ -1,9 +1,9 @@
<?php <?php
include 'config.php'; require_once 'config.php';
if (!isset($_SESSION["team_id"])) if (!isset($_SESSION["team_id"]))
include "403.php"; require_once "403.php";
if (isset($_POST["send_solution"])) { if (isset($_POST["send_solution"])) {
$error_message = saveSolution(); $error_message = saveSolution();
@@ -60,7 +60,7 @@ function saveSolution() {
?> ?>
<?php include 'header.php' ?> <?php require_once 'header.php' ?>
<?php if (isset($error_message)) { <?php if (isset($error_message)) {
if ($error_message !== false) { if ($error_message !== false) {
@@ -120,4 +120,4 @@ while (($data = $solutions_req->fetch()) !== false) {
} }
?> ?>
<?php include 'footer.php' ?> <?php require_once 'footer.php' ?>

8
server_files/solutions_orga.php
View File

@@ -1,9 +1,9 @@
<?php include 'config.php'; ?> <?php require_once 'config.php'; ?>
<?php <?php
if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ADMIN" && $_SESSION["role"] != "ORGANIZER") if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ADMIN" && $_SESSION["role"] != "ORGANIZER")
include "403.php"; require_once "403.php";
if (isset($_POST["download_zip"])) { if (isset($_POST["download_zip"])) {
$id = $_POST["tournament"]; $id = $_POST["tournament"];
@@ -43,7 +43,7 @@ if (isset($_POST["download_zip"])) {
?> ?>
<?php include 'header.php'; ?> <?php require_once 'header.php'; ?>
<?php <?php
@@ -78,4 +78,4 @@ while (($data_tournament = $req->fetch()) !== false) {
?> ?>
<?php include 'footer.php'; ?> <?php require_once 'footer.php'; ?>

10
server_files/syntheses.php
View File

@@ -1,9 +1,9 @@
<?php <?php
include 'config.php'; require_once 'config.php';
if (!isset($_SESSION["team_id"])) if (!isset($_SESSION["team_id"]))
include "403.php"; require_once "403.php";
if (isset($_POST["send_synthese"])) { if (isset($_POST["send_synthese"])) {
$error_message = saveSynthese(); $error_message = saveSynthese();
@@ -56,12 +56,12 @@ function saveSynthese() {
?> ?>
<?php include 'header.php' ?> <?php require_once 'header.php' ?>
<?php <?php
if (date("yyyy-mm-dd") < $tournament_data["date_solutions"]) { if (date("yyyy-mm-dd") < $tournament_data["date_solutions"]) {
echo "<h3>Il est trop tôt pour se préoccuper des notes de synthèse, attendez le tirage des poules.</h3>"; echo "<h3>Il est trop tôt pour se préoccuper des notes de synthèse, attendez le tirage des poules.</h3>";
include "footer.php"; require_once "footer.php";
} }
if (isset($error_message)) { if (isset($error_message)) {
@@ -120,4 +120,4 @@ while (($data = $syntheses_req->fetch()) !== false) {
} }
?> ?>
<?php include 'footer.php' ?> <?php require_once 'footer.php' ?>

8
server_files/syntheses_orga.php
View File

@@ -1,9 +1,9 @@
<?php include 'config.php'; ?> <?php require_once 'config.php'; ?>
<?php <?php
if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ADMIN" && $_SESSION["role"] != "ORGANIZER") if (!isset($_SESSION["role"]) || $_SESSION["role"] != "ADMIN" && $_SESSION["role"] != "ORGANIZER")
include "403.php"; require_once "403.php";
if (isset($_POST["download_zip"])) { if (isset($_POST["download_zip"])) {
$id = $_POST["tournament"]; $id = $_POST["tournament"];
@@ -43,7 +43,7 @@ if (isset($_POST["download_zip"])) {
?> ?>
<?php include 'header.php'; ?> <?php require_once 'header.php'; ?>
<?php <?php
@@ -77,4 +77,4 @@ while (($data_tournament = $req->fetch()) !== false) {
} }
?> ?>
<?php include 'footer.php'; ?> <?php require_once 'footer.php'; ?>

10
server_files/tournoi.php
View File

@@ -1,6 +1,6 @@
<?php <?php
include 'config.php'; require_once 'config.php';
$tournament_name = htmlspecialchars($_GET["nom"]); $tournament_name = htmlspecialchars($_GET["nom"]);
@@ -9,7 +9,7 @@ $response->execute([$tournament_name]);
$data = $response->fetch(); $data = $response->fetch();
if ($data === false) if ($data === false)
include "404.php"; require_once "404.php";
$orgas_req = $DB->query("SELECT `users`.`id` AS `id`, `surname`, `first_name` FROM `users` JOIN `organizers` ON `users`.`id` = `organizer` WHERE `tournament` = " . $data["id"] . ";"); $orgas_req = $DB->query("SELECT `users`.`id` AS `id`, `surname`, `first_name` FROM `users` JOIN `organizers` ON `users`.`id` = `organizer` WHERE `tournament` = " . $data["id"] . ";");
$orgas = []; $orgas = [];
@@ -20,7 +20,7 @@ while (($orga_data = $orgas_req->fetch()) !== false) {
} }
if (isset($_GET["modifier"]) && $_SESSION["role"] != "ADMIN" && !in_array($_SESSION["user_id"], $orgas_id)) if (isset($_GET["modifier"]) && $_SESSION["role"] != "ADMIN" && !in_array($_SESSION["user_id"], $orgas_id))
include "403.php"; require_once "403.php";
if (isset($_POST["edit_tournament"])) { if (isset($_POST["edit_tournament"])) {
$error_message = updateTournament(); $error_message = updateTournament();
@@ -130,7 +130,7 @@ function updateTournament() {
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<h2>Tournoi de <?php echo $data["name"] ?></h2> <h2>Tournoi de <?php echo $data["name"] ?></h2>
@@ -356,4 +356,4 @@ else {
} }
?> ?>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>

6
server_files/tournois.php
View File

@@ -1,6 +1,6 @@
<?php <?php
include 'config.php'; require_once 'config.php';
$response = $DB->query("SELECT `name`, `date_start`, `date_end`, `date_inscription`, `date_solutions`, `size` FROM `tournaments` $response = $DB->query("SELECT `name`, `date_start`, `date_end`, `date_inscription`, `date_solutions`, `size` FROM `tournaments`
WHERE `year` = '$YEAR' AND `final` = false ORDER BY `date_start`, `name`;"); WHERE `year` = '$YEAR' AND `final` = false ORDER BY `date_start`, `name`;");
@@ -8,7 +8,7 @@ $final_data = $DB->query("SELECT `name`, `date_start`, `date_end`, `date_solutio
?> ?>
<?php include "header.php" ?> <?php require_once "header.php" ?>
<h2>Liste des tournois</h2> <h2>Liste des tournois</h2>
@@ -55,4 +55,4 @@ $final_data = $DB->query("SELECT `name`, `date_start`, `date_end`, `date_solutio
</tfoot> </tfoot>
</table> </table>
<?php include "footer.php" ?> <?php require_once "footer.php" ?>

4
server_files/view_file.php
View File

@@ -1,6 +1,6 @@
<?php <?php
include "config.php"; require_once "config.php";
if (!isset($_GET["file_id"])) { if (!isset($_GET["file_id"])) {
header("Location: $URL_BASE"); header("Location: $URL_BASE");
@@ -54,7 +54,7 @@ if ($data !== false) {
} }
} }
else { else {
include_once "404.php"; require_once_once "404.php";
http_response_code(404); http_response_code(404);
exit(); exit();
} }