Admin can login to access private pages (such as add courses)
This commit is contained in:
parent
0d084a69e3
commit
ec1ed49996
@ -121,6 +121,11 @@ class Question
|
||||
$this->getNormalId();
|
||||
}
|
||||
|
||||
public function getAddedTime()
|
||||
{
|
||||
return $this->added_time;
|
||||
}
|
||||
|
||||
public function getId()
|
||||
{
|
||||
return $this->id;
|
||||
@ -143,6 +148,11 @@ class Question
|
||||
return $this->validated;
|
||||
}
|
||||
|
||||
public function isValidation()
|
||||
{
|
||||
return $this->id == md5($this->added_time.$this->validator) && $this->validator != $this->writer;
|
||||
}
|
||||
|
||||
public function getCourse()
|
||||
{
|
||||
return Course::getCourse($this->course);
|
||||
@ -185,6 +195,28 @@ class Question
|
||||
$this->writer = $writer->getId();
|
||||
}
|
||||
|
||||
public function convert()
|
||||
{
|
||||
foreach (Course::getCourses() as $c)
|
||||
{
|
||||
if ($c->getCode() == $this->course)
|
||||
{
|
||||
$this->course = $c->getId();
|
||||
return $c->getId();
|
||||
}
|
||||
}
|
||||
return $this->course;
|
||||
/*foreach (User::getUsers() as $u)
|
||||
{
|
||||
if ($u->getEmail() == $this->validator)
|
||||
{
|
||||
$this->validator = $u->getId();
|
||||
return $u->getId();
|
||||
}
|
||||
}
|
||||
return $this->validator;*/
|
||||
}
|
||||
|
||||
public function setAnswer($answers)
|
||||
{
|
||||
if ($this->answers != $answers)
|
||||
|
@ -47,6 +47,11 @@ class QuestionsFile
|
||||
$this->tmp[$question->getId()] = $question;
|
||||
}
|
||||
|
||||
public function del_question($question)
|
||||
{
|
||||
unset($this->tmp[$question->getId()]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a question from its unique identifiant
|
||||
*/
|
||||
@ -67,6 +72,28 @@ class QuestionsFile
|
||||
return NULL;
|
||||
}
|
||||
|
||||
public function get_ids()
|
||||
{
|
||||
$ret = array();
|
||||
|
||||
$qs = $this->treeXML->getElementsByTagName("question");
|
||||
foreach($qs as $q)
|
||||
$ret[] = $q->getAttribute("xml:id");
|
||||
|
||||
return $ret;
|
||||
}
|
||||
|
||||
public function get_questions()
|
||||
{
|
||||
$ret = array();
|
||||
|
||||
$qs = $this->treeXML->getElementsByTagName("question");
|
||||
foreach($qs as $q)
|
||||
$ret[] = new Question($q);
|
||||
|
||||
return $ret;
|
||||
}
|
||||
|
||||
/**
|
||||
* Write changes into the real file
|
||||
*/
|
||||
@ -84,8 +111,15 @@ class QuestionsFile
|
||||
$this->treeXML->formatOutput = true;
|
||||
$this->treeXML->save($this->filename);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
/*
|
||||
$file = new QuestionsFile("questions.xml");
|
||||
foreach ($file->get_ids() as $id)
|
||||
{
|
||||
$q = $file->get_question($id);
|
||||
echo $q->convert()."<br>";
|
||||
}
|
||||
$file->save();
|
||||
//*/
|
||||
?>
|
@ -8,6 +8,7 @@ class User
|
||||
private $email;
|
||||
private $registerdate;
|
||||
private $validated = false;
|
||||
private $admin = false;
|
||||
|
||||
public function __construct($node = null)
|
||||
{
|
||||
@ -17,6 +18,8 @@ class User
|
||||
$this->registerdate = $node->getAttribute("registerdate");
|
||||
if (intval($node->getAttribute("validated")))
|
||||
$this->validated = true;
|
||||
if (intval($node->getAttribute("admin")))
|
||||
$this->admin = true;
|
||||
$this->username = $node->getAttribute("username");
|
||||
$this->password = $node->getAttribute("password");
|
||||
$this->email = $node->getAttribute("email");
|
||||
@ -31,7 +34,7 @@ class User
|
||||
$u->email = $email;
|
||||
$u->username = $username;
|
||||
if (isset($password))
|
||||
$this->password = getPassword($username, $password);
|
||||
$u->password = $u->getPassword($username, $password);
|
||||
|
||||
return $u;
|
||||
}
|
||||
@ -78,9 +81,12 @@ class User
|
||||
$treeXML = new DOMDocument('1.0', 'UTF-8');
|
||||
|
||||
if (@$treeXML->load($filename))
|
||||
return new User($treeXML->getElementById($id));
|
||||
else
|
||||
return null;
|
||||
{
|
||||
$u = $treeXML->getElementById($id);
|
||||
if (!empty($u))
|
||||
return new User($u);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public static function setUsers($users, $filename = "users.xml")
|
||||
@ -102,17 +108,17 @@ class User
|
||||
|
||||
$qnode->setAttribute("xml:id", $this->id);
|
||||
$qnode->setAttribute("username", $this->username);
|
||||
$qnode->setAttribute("password", intval($this->password));
|
||||
$qnode->setAttribute("password", $this->password);
|
||||
$qnode->setAttribute("email", $this->email);
|
||||
$qnode->setAttribute("registerdate", $this->registerdate);
|
||||
$qnode->setAttribute("validated", $this->validated);
|
||||
$qnode->setAttribute("validated", intval($this->validated));
|
||||
|
||||
return $qnode;
|
||||
}
|
||||
|
||||
public function canConnect($password)
|
||||
{
|
||||
$hash = getPassword($this->username, $password);
|
||||
$hash = $this->getPassword($this->username, $password);
|
||||
|
||||
return ($hash == $this->password);
|
||||
}
|
||||
@ -146,6 +152,11 @@ class User
|
||||
{
|
||||
return $this->validated;
|
||||
}
|
||||
|
||||
public function isAdmin()
|
||||
{
|
||||
return $this->admin;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
@ -158,6 +169,14 @@ User::setUsers($us);
|
||||
/*
|
||||
$us = User::getUsers();
|
||||
|
||||
$u = User::new_User("ircquizz@p0m.fr", "nemunaire", "u6tn84");
|
||||
$us[] = $u;
|
||||
|
||||
User::setUsers($us);
|
||||
//*/
|
||||
/*
|
||||
$us = User::getUsers();
|
||||
|
||||
$u = User::new_User("bertrand@cournaud.fr", "Cccompany");
|
||||
$us[] = $u;
|
||||
|
||||
|
@ -3,8 +3,10 @@ include ("header.html");
|
||||
|
||||
require_once("Course.class.php");
|
||||
|
||||
//if (empty($_SESSION["connected"]))
|
||||
// die("<h2>Vous devez être connecté pour accédé à cette partie</h2>");
|
||||
session_start();
|
||||
|
||||
if (empty($_SESSION["connected"]))
|
||||
die("<h2>Vous devez être connecté pour accédé à cette partie</h2>");
|
||||
|
||||
if (isset($_POST["send"]))
|
||||
{
|
||||
@ -50,7 +52,7 @@ else
|
||||
<article id="ajoutCours">
|
||||
<h2>Ajouter un cours</h2>
|
||||
<form method="post" action="addCourse.php">
|
||||
<label for="fullname">Nom complet :</label> <input type="text" name="fullname" id="fullname" maxlength="32"><br><br>
|
||||
<label for="fullname">Nom complet :</label> <input type="text" name="fullname" id="fullname" maxlength="64"><br><br>
|
||||
|
||||
<label for="code">Code :</label> <input type="text" name="code" id="code" maxlength="10"><br>
|
||||
Par exemple : CODO pour Compression de données<br><br>
|
||||
@ -66,9 +68,7 @@ else
|
||||
<?php
|
||||
$cs = Course::getCourses();
|
||||
foreach($cs as $c)
|
||||
{
|
||||
echo $c->getName()." (".$c->getCode()." dans ".$c->getBranch().") <a href=\"addCourse.php?del=".$c->getId()."\">Supprimer</a><br>";
|
||||
}
|
||||
?>
|
||||
</article>
|
||||
</section>
|
||||
|
@ -20,7 +20,9 @@ else
|
||||
echo"Dernière chance pour changer d'avis";
|
||||
?></h2>
|
||||
<p>
|
||||
<strong>Proposée par :</strong> <a href="mailto:<?php echo $question->get_writer()->getEmail(); ?>"><?php echo $question->get_writer()->getUsername(); ?></a><br><br>
|
||||
<?php
|
||||
if ($question->get_writer() != null)
|
||||
{?><strong>Proposée par :</strong> <a href="mailto:<?php echo $question->get_writer()->getEmail(); ?>"><?php echo $question->get_writer()->getUsername(); ?></a><br><br><?php } ?>
|
||||
<strong>Cours concerné :</strong> <?php echo $question->getCourse()->getName(); ?><br><br>
|
||||
<strong>Question posée :</strong> <?php echo $question->getQuestion(); ?><br><br>
|
||||
<strong>Réponses valides exhaustives :</strong>
|
||||
@ -41,7 +43,7 @@ else
|
||||
<h2>Modifier la question ...</h2>
|
||||
<form method="post" action="questions.php">
|
||||
<input type="hidden" name="id" value=<?php echo $question->getId(); ?>>
|
||||
<input type="hidden" name="email" value=<?php echo $question->get_writer()->getEmail(); ?>>
|
||||
<input type="hidden" name="email" value="<?php if ($question->get_writer() != null) echo $question->get_writer()->getEmail(); else echo "bot@nemunai.re" ?>">
|
||||
<label for="course">De quelle matière s'agit-il ?</label><br>
|
||||
<select name="course" id="course">
|
||||
<?php
|
||||
|
@ -3,6 +3,8 @@
|
||||
include("Question.class.php");
|
||||
include("QuestionsFile.class.php");
|
||||
|
||||
session_start();
|
||||
|
||||
@$id = $_POST['id'];
|
||||
|
||||
$fileQ = new QuestionsFile("questions.xml");
|
||||
@ -10,18 +12,36 @@ $question = $fileQ->get_question($id);
|
||||
|
||||
if (!empty($question))
|
||||
{
|
||||
$src_mail = $question->get_validator()->getEmail();
|
||||
if ($question->get_writer() != null)
|
||||
$src_mail = $question->get_writer()->getEmail();
|
||||
else
|
||||
$src_mail = "";
|
||||
|
||||
//Build email list
|
||||
$users = User::getValidatedUsers();
|
||||
$nbUsers = count($users);
|
||||
|
||||
//Pick a random email
|
||||
do
|
||||
if (isset($_GET["norandom"]) && !empty($_SESSION["connected"]))
|
||||
{
|
||||
$random = rand(1, $nbUsers)-1;
|
||||
for ($random = 0; $random < $nbUsers; $random++)
|
||||
{
|
||||
if ($question->get_validator()->getEmail() == $users[$random]->getEmail())
|
||||
break;
|
||||
}
|
||||
}
|
||||
while ($src_mail == $users[$random]->getEmail());
|
||||
else
|
||||
{
|
||||
//Pick a random email
|
||||
do
|
||||
{
|
||||
$random = rand(1, $nbUsers)-1;
|
||||
}
|
||||
while ($src_mail == $users[$random]->getEmail() || $question->get_validator()->getEmail() == $users[$random]->getEmail());
|
||||
}
|
||||
|
||||
|
||||
if (!isset($users[$random]))
|
||||
die("Impossible de trouver d'utilisateur compatible, veuillez en informer l'administrateur");
|
||||
|
||||
$question->set_validator($users[$random]);
|
||||
|
||||
|
67
login.php
Normal file
67
login.php
Normal file
@ -0,0 +1,67 @@
|
||||
<?php
|
||||
include ("header.html");
|
||||
|
||||
session_start();
|
||||
|
||||
require_once("User.class.php");
|
||||
|
||||
if (empty($_SESSION["connected"]))
|
||||
{
|
||||
if (!empty($_POST["username"]) && !empty($_POST["password"]))
|
||||
{
|
||||
$us = User::getUsers();
|
||||
|
||||
foreach($us as $u)
|
||||
{
|
||||
if (strtolower($u->getUsername()) == strtolower($_POST["username"]) && $u->canConnect($_POST["password"]))
|
||||
{
|
||||
$_SESSION["connected"] = true;
|
||||
$_SESSION["who"] = $u->getUsername();
|
||||
die("Vous êtes maintenant connectés !");
|
||||
}
|
||||
}
|
||||
die("Nom d'utilisateur ou mot de passe incorrect.");
|
||||
}
|
||||
else
|
||||
{
|
||||
?>
|
||||
<section id="introduction">
|
||||
<article id="login">
|
||||
<h2>Se connecter</h2>
|
||||
<form method="post" action="login.php">
|
||||
<label for="username">Nom d'utilisateur :</label> <input type="text" name="username" id="username" maxlength="32"><br><br>
|
||||
|
||||
<label for="password">Mot de passe :</label> <input type="password" name="password" id="password" maxlength="64"><br><br>
|
||||
|
||||
<input type="submit" name="send" value="Se connecter">
|
||||
</form>
|
||||
</article>
|
||||
</section>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!empty($_POST["deco"]))
|
||||
{
|
||||
session_destroy();
|
||||
echo "<h2>Vous êtes maintenant déconnecté. À bientôt !</h2>";
|
||||
}
|
||||
else
|
||||
{
|
||||
?>
|
||||
<section id="introduction">
|
||||
<article id="login">
|
||||
<h2>Bienvenue <?php echo $_SESSION["who"]; ?></h2>
|
||||
<form method="post" action="login.php">
|
||||
<input type="submit" name="deco" value="Se déconnecter">
|
||||
</form>
|
||||
</article>
|
||||
</section>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
include ("footer.html");
|
||||
?>
|
||||
</body>
|
||||
</html>
|
@ -14,7 +14,7 @@ function isInUsersList($mail)
|
||||
|
||||
foreach($us as $u)
|
||||
{
|
||||
if ($u->getEmail() == $mail && $u->isValidated())
|
||||
if ($u->getEmail() == $mail/* && $u->isValidated()*/)
|
||||
return $u;
|
||||
}
|
||||
|
||||
|
19
style.css
19
style.css
@ -112,6 +112,11 @@ footer
|
||||
padding-bottom: 50px;
|
||||
}
|
||||
|
||||
table tbody tr:hover
|
||||
{
|
||||
background: #F5F7FF;
|
||||
}
|
||||
|
||||
footer a
|
||||
{
|
||||
color: black;
|
||||
@ -156,3 +161,17 @@ form.invalidation input
|
||||
float: right;
|
||||
margin-right: 30px;
|
||||
}
|
||||
|
||||
.tooltip
|
||||
{
|
||||
background: #CCCC00;
|
||||
border-radius: 10px;
|
||||
display: none;
|
||||
padding: 5px;
|
||||
position: absolute;
|
||||
text-align: center;
|
||||
}
|
||||
tbody tr:hover .tooltip
|
||||
{
|
||||
display: block;
|
||||
}
|
@ -11,7 +11,7 @@ if (isset($_POST['id']))
|
||||
$file = new QuestionsFile("questions.xml");
|
||||
$question = $file->get_question($id);
|
||||
|
||||
if (!isset($question) || $question->isValidated())
|
||||
if (!isset($question) || $question->isValidated() || !$question->isValidation())
|
||||
echo 'Votre question à déjà été validée, merci de ne pas vous acharner.';
|
||||
else
|
||||
{
|
||||
|
@ -13,6 +13,8 @@ if (isset($_POST['id']))
|
||||
|
||||
if (!isset($question) || $question->isValidated())
|
||||
echo 'Votre question à déjà été validée, merci de ne pas vous acharner.';
|
||||
else if (!$question->isValidation())
|
||||
echo 'Cette question n\'est pas dans une phase de validation. Impossible de la valider.';
|
||||
else
|
||||
{
|
||||
$question->validated();
|
||||
|
@ -29,6 +29,8 @@ else
|
||||
foreach($question->getAnswer() as $a)
|
||||
echo "<li>".$a."</li>";
|
||||
echo "</ul>";
|
||||
if ($question->isValidation())
|
||||
{
|
||||
?>
|
||||
<form method="post"
|
||||
class="invalidation"
|
||||
@ -43,7 +45,7 @@ else
|
||||
<input type="submit" value="Valider la question">
|
||||
</form>
|
||||
<span style="clear: both; display: block;"></span>
|
||||
<?php } ?>
|
||||
<?php } else echo "<strong>La question n'est pas ou plus dans une phase de validation.</strong>"; } ?>
|
||||
</article>
|
||||
</section>
|
||||
<?php include('footer.html') ?>
|
||||
|
Reference in New Issue
Block a user