Admin can login to access private pages (such as add courses)

Question.class.php

@@ -121,6 +121,11 @@ class Question
     $this->getNormalId();
   }
 
+  public function getAddedTime()
+  {
+    return $this->added_time;
+  }
+
   public function getId()
   {
     return $this->id;
@@ -143,6 +148,11 @@ class Question
     return $this->validated;
   }
 
+  public function isValidation()
+  {
+    return $this->id == md5($this->added_time.$this->validator) && $this->validator != $this->writer;
+  }
+
   public function getCourse()
   {
     return Course::getCourse($this->course);
@@ -185,6 +195,28 @@ class Question
     $this->writer = $writer->getId();
   }
 
+  public function convert()
+  {
+    foreach (Course::getCourses() as $c)
+    {
+      if ($c->getCode() == $this->course)
+      {
+        $this->course = $c->getId();
+        return $c->getId();
+      }
+    }
+    return $this->course;
+    /*foreach (User::getUsers() as $u)
+    {
+      if ($u->getEmail() == $this->validator)
+      {
+        $this->validator = $u->getId();
+        return $u->getId();
+      }
+    }
+    return $this->validator;*/
+  }
+
   public function setAnswer($answers)
   {
     if ($this->answers != $answers)

QuestionsFile.class.php

@@ -47,6 +47,11 @@ class QuestionsFile
     $this->tmp[$question->getId()] = $question;
   }
 
+  public function del_question($question)
+  {
+    unset($this->tmp[$question->getId()]);
+  }
+
   /**
    * Get a question from its unique identifiant
    */
@@ -67,6 +72,28 @@ class QuestionsFile
     return NULL;
   }
 
+  public function get_ids()
+  {
+    $ret = array();
+
+    $qs = $this->treeXML->getElementsByTagName("question");
+    foreach($qs as $q)
+      $ret[] = $q->getAttribute("xml:id");
+
+    return $ret;
+  }
+
+  public function get_questions()
+  {
+    $ret = array();
+
+    $qs = $this->treeXML->getElementsByTagName("question");
+    foreach($qs as $q)
+      $ret[] = new Question($q);
+
+    return $ret;
+  }
+
   /**
    * Write changes into the real file
    */
@@ -84,8 +111,15 @@ class QuestionsFile
     $this->treeXML->formatOutput   = true;
     $this->treeXML->save($this->filename);
   }
-
-
 }
 
+/*
+$file = new QuestionsFile("questions.xml");
+foreach ($file->get_ids() as $id)
+{
+  $q = $file->get_question($id);
+  echo $q->convert()."<br>";
+}
+$file->save();
+//*/
 ?>

User.class.php

@@ -8,6 +8,7 @@ class User
   private $email;
   private $registerdate;
   private $validated = false;
+  private $admin = false;
 
   public function __construct($node = null)
   {
@@ -17,6 +18,8 @@ class User
       $this->registerdate = $node->getAttribute("registerdate");
       if (intval($node->getAttribute("validated")))
         $this->validated = true;
+      if (intval($node->getAttribute("admin")))
+        $this->admin = true;
       $this->username = $node->getAttribute("username");
       $this->password = $node->getAttribute("password");
       $this->email = $node->getAttribute("email");
@@ -31,7 +34,7 @@ class User
     $u->email = $email;
     $u->username = $username;
     if (isset($password))
-      $this->password = getPassword($username, $password);
+      $u->password = $u->getPassword($username, $password);
 
     return $u;
   }
@@ -78,9 +81,12 @@ class User
     $treeXML = new DOMDocument('1.0', 'UTF-8');
     
     if (@$treeXML->load($filename))
-      return new User($treeXML->getElementById($id));
+    {
-    else
+      $u = $treeXML->getElementById($id);
-      return null;
+      if (!empty($u))
+        return new User($u);
+    }
+    return null;
   }
 
   public static function setUsers($users, $filename = "users.xml")
@@ -102,17 +108,17 @@ class User
 
     $qnode->setAttribute("xml:id", $this->id);
     $qnode->setAttribute("username", $this->username);
-    $qnode->setAttribute("password", intval($this->password));
+    $qnode->setAttribute("password", $this->password);
     $qnode->setAttribute("email", $this->email);
     $qnode->setAttribute("registerdate", $this->registerdate);
-    $qnode->setAttribute("validated", $this->validated);
+    $qnode->setAttribute("validated", intval($this->validated));
 
     return $qnode;
   }
 
   public function canConnect($password)
   {
-    $hash = getPassword($this->username, $password);
+    $hash = $this->getPassword($this->username, $password);
 
     return ($hash == $this->password);
   }
@@ -146,6 +152,11 @@ class User
   {
     return $this->validated;
   }
+
+  public function isAdmin()
+  {
+    return $this->admin;
+  }
 }
 
 /*
@@ -158,6 +169,14 @@ User::setUsers($us);
 /*
 $us = User::getUsers();
 
+$u = User::new_User("ircquizz@p0m.fr", "nemunaire", "u6tn84");
+$us[] = $u;
+
+User::setUsers($us);
+//*/
+/*
+$us = User::getUsers();
+
 $u = User::new_User("bertrand@cournaud.fr", "Cccompany");
 $us[] = $u;
 

addCourse.php

@@ -3,8 +3,10 @@ include ("header.html");
 
 require_once("Course.class.php");
 
-//if (empty($_SESSION["connected"]))
+session_start();
-//  die("<h2>Vous devez être connecté pour accédé à cette partie</h2>");
+
+if (empty($_SESSION["connected"]))
+  die("<h2>Vous devez être connecté pour accédé à cette partie</h2>");
 
 if (isset($_POST["send"]))
 {
@@ -50,7 +52,7 @@ else
       <article id="ajoutCours">
         <h2>Ajouter un cours</h2>
           <form method="post" action="addCourse.php">
-            <label for="fullname">Nom complet :</label> <input type="text" name="fullname" id="fullname" maxlength="32"><br><br>
+            <label for="fullname">Nom complet :</label> <input type="text" name="fullname" id="fullname" maxlength="64"><br><br>
 
             <label for="code">Code :</label> <input type="text" name="code" id="code" maxlength="10"><br>
             Par exemple : CODO pour Compression de données<br><br>
@@ -66,9 +68,7 @@ else
 <?php
 $cs = Course::getCourses();
 foreach($cs as $c)
-{
   echo $c->getName()." (".$c->getCode()." dans ".$c->getBranch().") <a href=\"addCourse.php?del=".$c->getId()."\">Supprimer</a><br>";
-}
 ?>
       </article>
     </section>

changeQuestion.php

@@ -20,7 +20,9 @@ else
   echo"Dernière chance pour changer d'avis";
 ?></h2>
         <p>
-          <strong>Proposée par :</strong> <a href="mailto:<?php echo $question->get_writer()->getEmail(); ?>"><?php echo $question->get_writer()->getUsername(); ?></a><br><br>
+         <?php
+           if ($question->get_writer() != null)
+           {?><strong>Proposée par :</strong> <a href="mailto:<?php echo $question->get_writer()->getEmail(); ?>"><?php echo $question->get_writer()->getUsername(); ?></a><br><br><?php } ?>
           <strong>Cours concerné :</strong> <?php echo $question->getCourse()->getName(); ?><br><br>
           <strong>Question posée :</strong> <?php echo $question->getQuestion(); ?><br><br>
           <strong>Réponses valides exhaustives :</strong>
@@ -41,7 +43,7 @@ else
         <h2>Modifier la question ...</h2>
           <form method="post" action="questions.php">
             <input type="hidden" name="id" value=<?php echo $question->getId(); ?>>
-            <input type="hidden" name="email" value=<?php echo $question->get_writer()->getEmail(); ?>>
+            <input type="hidden" name="email" value="<?php if ($question->get_writer() != null) echo $question->get_writer()->getEmail(); else echo "bot@nemunai.re" ?>">
             <label for="course">De quelle matière s'agit-il ?</label><br>
             <select name="course" id="course">
 <?php

confirmation.php

@@ -3,6 +3,8 @@
 include("Question.class.php");
 include("QuestionsFile.class.php");
 
+session_start();
+
 @$id = $_POST['id'];
 
 $fileQ = new QuestionsFile("questions.xml");
@@ -10,18 +12,36 @@ $question = $fileQ->get_question($id);
 
 if (!empty($question))
 {
-  $src_mail = $question->get_validator()->getEmail();
+  if ($question->get_writer() != null)
+    $src_mail = $question->get_writer()->getEmail();
+  else
+    $src_mail = "";
 
   //Build email list
   $users = User::getValidatedUsers();
   $nbUsers = count($users);
 
-  //Pick a random email
+  if (isset($_GET["norandom"]) && !empty($_SESSION["connected"]))
-  do
   {
-    $random = rand(1, $nbUsers)-1;
+    for ($random = 0; $random < $nbUsers; $random++)
+    {
+      if ($question->get_validator()->getEmail() == $users[$random]->getEmail())
+        break;
+    }
   }
-  while ($src_mail == $users[$random]->getEmail());
+  else
+  {
+    //Pick a random email
+    do
+    {
+      $random = rand(1, $nbUsers)-1;
+    }
+    while ($src_mail == $users[$random]->getEmail() || $question->get_validator()->getEmail() == $users[$random]->getEmail());
+  }
+
+
+  if (!isset($users[$random]))
+    die("Impossible de trouver d'utilisateur compatible, veuillez en informer l'administrateur");
 
   $question->set_validator($users[$random]);
 

login.php

@@ -0,0 +1,67 @@
+<?php
+include ("header.html");
+
+session_start();
+
+require_once("User.class.php");
+
+if (empty($_SESSION["connected"]))
+{
+  if (!empty($_POST["username"]) && !empty($_POST["password"]))
+  {
+    $us = User::getUsers();
+
+    foreach($us as $u)
+    {
+      if (strtolower($u->getUsername()) == strtolower($_POST["username"]) && $u->canConnect($_POST["password"]))
+      {
+        $_SESSION["connected"] = true;
+        $_SESSION["who"] = $u->getUsername();
+        die("Vous êtes maintenant connectés !");
+      }
+    }
+    die("Nom d'utilisateur ou mot de passe incorrect.");
+  }
+  else
+  {
+?>
+    <section id="introduction">
+      <article id="login">
+        <h2>Se connecter</h2>
+        <form method="post" action="login.php">
+          <label for="username">Nom d'utilisateur :</label> <input type="text" name="username" id="username" maxlength="32"><br><br>
+
+          <label for="password">Mot de passe :</label> <input type="password" name="password" id="password" maxlength="64"><br><br>
+
+          <input type="submit" name="send" value="Se connecter">
+        </form>
+      </article>
+    </section>
+<?php
+  }
+}
+else
+{
+  if (!empty($_POST["deco"]))
+  {
+    session_destroy();
+    echo "<h2>Vous êtes maintenant déconnecté. À bientôt !</h2>";
+  }
+  else
+  {
+?>
+    <section id="introduction">
+      <article id="login">
+        <h2>Bienvenue <?php echo $_SESSION["who"]; ?></h2>
+        <form method="post" action="login.php">
+          <input type="submit" name="deco" value="Se déconnecter">
+        </form>
+      </article>
+    </section>
+<?php
+  }
+}
+include ("footer.html");
+?>
+  </body>
+</html>

questions.php

@@ -14,7 +14,7 @@ function isInUsersList($mail)
 
   foreach($us as $u)
   {
-    if ($u->getEmail() == $mail && $u->isValidated())
+    if ($u->getEmail() == $mail/* && $u->isValidated()*/)
       return $u;
   }
 

style.css

@@ -112,6 +112,11 @@ footer
     padding-bottom: 50px;
 }
 
+table tbody tr:hover
+{
+    background: #F5F7FF;
+}
+
 footer a
 {
     color: black;
@@ -156,3 +161,17 @@ form.invalidation input
     float: right;
     margin-right: 30px;
 }
+
+.tooltip
+{
+    background: #CCCC00;
+    border-radius: 10px;
+    display: none;
+    padding: 5px;
+    position: absolute;
+    text-align: center;
+}
+tbody tr:hover .tooltip
+{
+    display: block;
+}

thanksRefused.php

@@ -11,7 +11,7 @@ if (isset($_POST['id']))
   $file = new QuestionsFile("questions.xml");
   $question = $file->get_question($id);
 
-  if (!isset($question) || $question->isValidated())
+  if (!isset($question) || $question->isValidated() || !$question->isValidation())
     echo 'Votre question à déjà été validée, merci de ne pas vous acharner.';
   else
   {

thanksValidation.php

@@ -13,6 +13,8 @@ if (isset($_POST['id']))
 
   if (!isset($question) || $question->isValidated())
     echo 'Votre question à déjà été validée, merci de ne pas vous acharner.';
+  else if (!$question->isValidation())
+    echo 'Cette question n\'est pas dans une phase de validation. Impossible de la valider.';
   else
   {
     $question->validated();

validation.php

@@ -29,6 +29,8 @@ else
            foreach($question->getAnswer() as $a)
              echo "<li>".$a."</li>";
            echo "</ul>";
+if ($question->isValidation())
+{
 ?>
         <form method="post"
               class="invalidation"
@@ -43,7 +45,7 @@ else
           <input type="submit" value="Valider la question">
         </form>
         <span style="clear: both; display: block;"></span>
-<?php } ?>
+<?php } else echo "<strong>La question n'est pas ou plus dans une phase de validation.</strong>"; } ?>
       </article>
     </section>
 <?php include('footer.html') ?>