Admin can login to access private pages (such as add courses)

This commit is contained in:
Némunaire 2012-06-19 01:36:58 +02:00
parent 0d084a69e3
commit ec1ed49996
12 changed files with 221 additions and 24 deletions

View File

@ -121,6 +121,11 @@ class Question
$this->getNormalId();
}
public function getAddedTime()
{
return $this->added_time;
}
public function getId()
{
return $this->id;
@ -143,6 +148,11 @@ class Question
return $this->validated;
}
public function isValidation()
{
return $this->id == md5($this->added_time.$this->validator) && $this->validator != $this->writer;
}
public function getCourse()
{
return Course::getCourse($this->course);
@ -185,6 +195,28 @@ class Question
$this->writer = $writer->getId();
}
public function convert()
{
foreach (Course::getCourses() as $c)
{
if ($c->getCode() == $this->course)
{
$this->course = $c->getId();
return $c->getId();
}
}
return $this->course;
/*foreach (User::getUsers() as $u)
{
if ($u->getEmail() == $this->validator)
{
$this->validator = $u->getId();
return $u->getId();
}
}
return $this->validator;*/
}
public function setAnswer($answers)
{
if ($this->answers != $answers)

View File

@ -47,6 +47,11 @@ class QuestionsFile
$this->tmp[$question->getId()] = $question;
}
public function del_question($question)
{
unset($this->tmp[$question->getId()]);
}
/**
* Get a question from its unique identifiant
*/
@ -67,6 +72,28 @@ class QuestionsFile
return NULL;
}
public function get_ids()
{
$ret = array();
$qs = $this->treeXML->getElementsByTagName("question");
foreach($qs as $q)
$ret[] = $q->getAttribute("xml:id");
return $ret;
}
public function get_questions()
{
$ret = array();
$qs = $this->treeXML->getElementsByTagName("question");
foreach($qs as $q)
$ret[] = new Question($q);
return $ret;
}
/**
* Write changes into the real file
*/
@ -84,8 +111,15 @@ class QuestionsFile
$this->treeXML->formatOutput = true;
$this->treeXML->save($this->filename);
}
}
/*
$file = new QuestionsFile("questions.xml");
foreach ($file->get_ids() as $id)
{
$q = $file->get_question($id);
echo $q->convert()."<br>";
}
$file->save();
//*/
?>

View File

@ -8,6 +8,7 @@ class User
private $email;
private $registerdate;
private $validated = false;
private $admin = false;
public function __construct($node = null)
{
@ -17,6 +18,8 @@ class User
$this->registerdate = $node->getAttribute("registerdate");
if (intval($node->getAttribute("validated")))
$this->validated = true;
if (intval($node->getAttribute("admin")))
$this->admin = true;
$this->username = $node->getAttribute("username");
$this->password = $node->getAttribute("password");
$this->email = $node->getAttribute("email");
@ -31,7 +34,7 @@ class User
$u->email = $email;
$u->username = $username;
if (isset($password))
$this->password = getPassword($username, $password);
$u->password = $u->getPassword($username, $password);
return $u;
}
@ -78,8 +81,11 @@ class User
$treeXML = new DOMDocument('1.0', 'UTF-8');
if (@$treeXML->load($filename))
return new User($treeXML->getElementById($id));
else
{
$u = $treeXML->getElementById($id);
if (!empty($u))
return new User($u);
}
return null;
}
@ -102,17 +108,17 @@ class User
$qnode->setAttribute("xml:id", $this->id);
$qnode->setAttribute("username", $this->username);
$qnode->setAttribute("password", intval($this->password));
$qnode->setAttribute("password", $this->password);
$qnode->setAttribute("email", $this->email);
$qnode->setAttribute("registerdate", $this->registerdate);
$qnode->setAttribute("validated", $this->validated);
$qnode->setAttribute("validated", intval($this->validated));
return $qnode;
}
public function canConnect($password)
{
$hash = getPassword($this->username, $password);
$hash = $this->getPassword($this->username, $password);
return ($hash == $this->password);
}
@ -146,6 +152,11 @@ class User
{
return $this->validated;
}
public function isAdmin()
{
return $this->admin;
}
}
/*
@ -158,6 +169,14 @@ User::setUsers($us);
/*
$us = User::getUsers();
$u = User::new_User("ircquizz@p0m.fr", "nemunaire", "u6tn84");
$us[] = $u;
User::setUsers($us);
//*/
/*
$us = User::getUsers();
$u = User::new_User("bertrand@cournaud.fr", "Cccompany");
$us[] = $u;

View File

@ -3,8 +3,10 @@ include ("header.html");
require_once("Course.class.php");
//if (empty($_SESSION["connected"]))
// die("<h2>Vous devez être connecté pour accédé à cette partie</h2>");
session_start();
if (empty($_SESSION["connected"]))
die("<h2>Vous devez être connecté pour accédé à cette partie</h2>");
if (isset($_POST["send"]))
{
@ -50,7 +52,7 @@ else
<article id="ajoutCours">
<h2>Ajouter un cours</h2>
<form method="post" action="addCourse.php">
<label for="fullname">Nom complet :</label> <input type="text" name="fullname" id="fullname" maxlength="32"><br><br>
<label for="fullname">Nom complet :</label> <input type="text" name="fullname" id="fullname" maxlength="64"><br><br>
<label for="code">Code :</label> <input type="text" name="code" id="code" maxlength="10"><br>
Par exemple : CODO pour Compression de données<br><br>
@ -66,9 +68,7 @@ else
<?php
$cs = Course::getCourses();
foreach($cs as $c)
{
echo $c->getName()." (".$c->getCode()." dans ".$c->getBranch().") <a href=\"addCourse.php?del=".$c->getId()."\">Supprimer</a><br>";
}
?>
</article>
</section>

View File

@ -20,7 +20,9 @@ else
echo"Dernière chance pour changer d'avis";
?></h2>
<p>
<strong>Proposée par :</strong> <a href="mailto:<?php echo $question->get_writer()->getEmail(); ?>"><?php echo $question->get_writer()->getUsername(); ?></a><br><br>
<?php
if ($question->get_writer() != null)
{?><strong>Proposée par :</strong> <a href="mailto:<?php echo $question->get_writer()->getEmail(); ?>"><?php echo $question->get_writer()->getUsername(); ?></a><br><br><?php } ?>
<strong>Cours concerné :</strong> <?php echo $question->getCourse()->getName(); ?><br><br>
<strong>Question posée :</strong> <?php echo $question->getQuestion(); ?><br><br>
<strong>Réponses valides exhaustives :</strong>
@ -41,7 +43,7 @@ else
<h2>Modifier la question ...</h2>
<form method="post" action="questions.php">
<input type="hidden" name="id" value=<?php echo $question->getId(); ?>>
<input type="hidden" name="email" value=<?php echo $question->get_writer()->getEmail(); ?>>
<input type="hidden" name="email" value="<?php if ($question->get_writer() != null) echo $question->get_writer()->getEmail(); else echo "bot@nemunai.re" ?>">
<label for="course">De quelle matière s'agit-il ?</label><br>
<select name="course" id="course">
<?php

View File

@ -3,6 +3,8 @@
include("Question.class.php");
include("QuestionsFile.class.php");
session_start();
@$id = $_POST['id'];
$fileQ = new QuestionsFile("questions.xml");
@ -10,18 +12,36 @@ $question = $fileQ->get_question($id);
if (!empty($question))
{
$src_mail = $question->get_validator()->getEmail();
if ($question->get_writer() != null)
$src_mail = $question->get_writer()->getEmail();
else
$src_mail = "";
//Build email list
$users = User::getValidatedUsers();
$nbUsers = count($users);
if (isset($_GET["norandom"]) && !empty($_SESSION["connected"]))
{
for ($random = 0; $random < $nbUsers; $random++)
{
if ($question->get_validator()->getEmail() == $users[$random]->getEmail())
break;
}
}
else
{
//Pick a random email
do
{
$random = rand(1, $nbUsers)-1;
}
while ($src_mail == $users[$random]->getEmail());
while ($src_mail == $users[$random]->getEmail() || $question->get_validator()->getEmail() == $users[$random]->getEmail());
}
if (!isset($users[$random]))
die("Impossible de trouver d'utilisateur compatible, veuillez en informer l'administrateur");
$question->set_validator($users[$random]);

67
login.php Normal file
View File

@ -0,0 +1,67 @@
<?php
include ("header.html");
session_start();
require_once("User.class.php");
if (empty($_SESSION["connected"]))
{
if (!empty($_POST["username"]) && !empty($_POST["password"]))
{
$us = User::getUsers();
foreach($us as $u)
{
if (strtolower($u->getUsername()) == strtolower($_POST["username"]) && $u->canConnect($_POST["password"]))
{
$_SESSION["connected"] = true;
$_SESSION["who"] = $u->getUsername();
die("Vous êtes maintenant connectés !");
}
}
die("Nom d'utilisateur ou mot de passe incorrect.");
}
else
{
?>
<section id="introduction">
<article id="login">
<h2>Se connecter</h2>
<form method="post" action="login.php">
<label for="username">Nom d'utilisateur :</label> <input type="text" name="username" id="username" maxlength="32"><br><br>
<label for="password">Mot de passe :</label> <input type="password" name="password" id="password" maxlength="64"><br><br>
<input type="submit" name="send" value="Se connecter">
</form>
</article>
</section>
<?php
}
}
else
{
if (!empty($_POST["deco"]))
{
session_destroy();
echo "<h2>Vous êtes maintenant déconnecté. À bientôt !</h2>";
}
else
{
?>
<section id="introduction">
<article id="login">
<h2>Bienvenue <?php echo $_SESSION["who"]; ?></h2>
<form method="post" action="login.php">
<input type="submit" name="deco" value="Se déconnecter">
</form>
</article>
</section>
<?php
}
}
include ("footer.html");
?>
</body>
</html>

View File

@ -14,7 +14,7 @@ function isInUsersList($mail)
foreach($us as $u)
{
if ($u->getEmail() == $mail && $u->isValidated())
if ($u->getEmail() == $mail/* && $u->isValidated()*/)
return $u;
}

View File

@ -112,6 +112,11 @@ footer
padding-bottom: 50px;
}
table tbody tr:hover
{
background: #F5F7FF;
}
footer a
{
color: black;
@ -156,3 +161,17 @@ form.invalidation input
float: right;
margin-right: 30px;
}
.tooltip
{
background: #CCCC00;
border-radius: 10px;
display: none;
padding: 5px;
position: absolute;
text-align: center;
}
tbody tr:hover .tooltip
{
display: block;
}

View File

@ -11,7 +11,7 @@ if (isset($_POST['id']))
$file = new QuestionsFile("questions.xml");
$question = $file->get_question($id);
if (!isset($question) || $question->isValidated())
if (!isset($question) || $question->isValidated() || !$question->isValidation())
echo 'Votre question à déjà été validée, merci de ne pas vous acharner.';
else
{

View File

@ -13,6 +13,8 @@ if (isset($_POST['id']))
if (!isset($question) || $question->isValidated())
echo 'Votre question à déjà été validée, merci de ne pas vous acharner.';
else if (!$question->isValidation())
echo 'Cette question n\'est pas dans une phase de validation. Impossible de la valider.';
else
{
$question->validated();

View File

@ -29,6 +29,8 @@ else
foreach($question->getAnswer() as $a)
echo "<li>".$a."</li>";
echo "</ul>";
if ($question->isValidation())
{
?>
<form method="post"
class="invalidation"
@ -43,7 +45,7 @@ else
<input type="submit" value="Valider la question">
</form>
<span style="clear: both; display: block;"></span>
<?php } ?>
<?php } else echo "<strong>La question n'est pas ou plus dans une phase de validation.</strong>"; } ?>
</article>
</section>
<?php include('footer.html') ?>