/**
* Fonction permettant de vérifier si le formulaire d'inscription est correct et ne contient pas d'erreurs.
* @return array : un tableau contenant tous les messages d'erreurs liés au formulaire ou un booléen true si l'inscription
* s'est bien passée.
*/
function isValidBis()
{
$tabReturn = array("Retour" => false, "Error" => array());
$ini = getConfigFile();
$userName = strtolower($_POST['userName']);
$mdp = $_POST['mdp'];
$email = $_POST['email'];
$emailConfirm = $_POST['emailConfirm'];
$mdpConfirm = $_POST['mdpConfirm'];
if (strlen($userName) < $ini['CONSTANTE']['size_user_name']) {
$tabReturn['Error'][] = "Votre nom d'utilisateur est trop court, 6 caractères minimum ! <br>";
}
if (strlen($mdp) < $ini['CONSTANTE']['size_user_mdp']) {
$tabReturn['Error'][] = "Votre mot de passe est trop court, 5 caractères minimum ! <br>";
}
if ($mdp != $mdpConfirm) {
$tabReturn['Error'][] = "Les mots de passe ne correspondent pas ! <br>";
}
if ($email != $emailConfirm) {
$tabReturn['Error'][] = "Les adresses mail ne correspondent pas ! <br>";
}
$um = new UserManager(connexionDb());
$tabUser = $um->getAllUser();
$validUserName = true;
$validUserMail = true;
$champValid = true;
foreach ($tabUser as $userTest) {
if ($userName == strtolower($userTest->getUserName())) {
$validUserName = false;
}
if ($email == $userTest->getEmail()) {
$validUserMail = false;
}
}
if (!$validUserMail) {
$tabReturn['Error'][] = "Cette adresse mail est déjà utilisée, veuillez en choisir une autre ! <br>";
}
if (!$validUserName) {
$tabReturn['Error'][] = "Ce login est déjà pris, veuillez en choisir en autre ! <br>";
}
if (!champsEmailValable($email)) {
$tabReturn['Error'][] = "Votre adresse mail contient des caractères indésirables !<br>";
$champValid = false;
}
if (!champsLoginValable($userName)) {
$tabReturn['Error'][] = "Votre nom d'utilisateur contient des caractères indésirables !<br>";
$champValid = false;
}
if (!champsMdpValable($mdp)) {
$tabReturn['Error'][] = "Votre mot de passe contient des caractères indésirables !<br>";
$champValid = false;
}
if ($validUserMail and $validUserName and $champValid) {
$tabReturn['Retour'] = true;
}
return $tabReturn;
}
/**
* Fonction gérant l'action faite par le leader du groupe sur un des autres membres du groupe. Soit il le vire du groupe,
* soit il le nomme leader.
* @return bool : true si tout se passe bien, false si il y a une erreur.
*/
function gererActionMembre()
{
$um = new UserManager(connexionDb());
$tabUser = $um->getAllUser();
$trueId = 0;
foreach ($tabUser as $elem) {
$id = $elem->getId();
if (isset($_POST['supprimerMembre' . $id . ''])) {
formGererActionGroupe('supprimer', $id);
return true;
}
if (isset($_POST['nommerLead' . $id . ''])) {
formGererActionGroupe('lead', $id);
return true;
}
}
return false;
}
/**
* Fonction renvoyant l'id de l'ami que l'on essaye de supprimer.
* @return int : l'id de l'ami que l'on veut supprimer.
*/
function gererPost()
{
$um = new UserManager(connexionDb());
$tabUser = $um->getAllUser();
$trueId = 0;
foreach ($tabUser as $elem) {
$id = $elem->getId();
if (isset($_POST['supprimerAmi' . $id . ''])) {
$trueId = $id;
}
}
return $trueId;
}
public function doWebSpread()
{
global $_W, $_GPC;
$op = empty($_GPC['op']) ? 'leaflet' : $_GPC['op'];
if ($op == 'delete') {
$ret = pdo_query("DELETE FROM " . tablename(self::$t_channel) . " WHERE weid=:weid AND channel=:channel", array(":weid" => $_W['weid'], ":channel" => intval($_GPC['channel'])));
message("删除成功", referer(), "success");
} else {
if ($op == 'leaflet') {
$mylist = pdo_fetchall("SELECT * FROM " . tablename(self::$t_channel) . " WHERE weid=:weid", array(":weid" => $_W['weid']));
} else {
if ($op == 'active') {
$channel = intval($_GPC['channel']);
$item = pdo_fetch("SELECT * FROM " . tablename(self::$t_channel) . " WHERE weid=:weid AND active=1", array(":weid" => $_W['weid']));
// 若为激活新频道,则清空QR缓存
if (!empty($item) and $item['channel'] != $channel) {
// $this->clearQRCache($item['channel']);
pdo_update(self::$t_channel, array('active' => 0));
pdo_update(self::$t_channel, array('createtime' => time()), array('weid' => $_W['weid'], 'channel' => $item['channel']));
pdo_update(self::$t_channel, array('createtime' => time(), 'active' => 1), array('weid' => $_W['weid'], 'channel' => $channel));
message('重新设定当前活跃传单成功', referer(), 'success');
}
message('设定当前活跃传单成功', referer(), 'success');
} else {
if ($op == 'post') {
load()->func('tpl');
$item = array();
if (!empty($_GPC['channel'])) {
$item = pdo_fetch("SELECT * FROM " . tablename(self::$t_channel) . " WHERE weid=:weid AND channel=:channel", array(":weid" => $_W['weid'], ":channel" => $_GPC['channel']));
}
$item = WechatUtil::decode_channel_param($item, $item['bgparam']);
if (checksubmit('submit')) {
$path_parts = explode('.', $_GPC['bg']);
$suffix = end($path_parts);
if (strcasecmp('jpg', $suffix) != 0) {
message('传单背景图必须是jpg格式。不支持png等其他格式。', referer(), 'error');
}
if (strpos($_GPC['bg'], 'http://') === FALSE) {
// valid
} else {
message('传单背景图必须从本地上传,不能使用网络图片。您可以先将网络图片保存到本地,然后再上传。', referer(), 'error');
}
$bgparam = WechatUtil::encode_channel_param($_GPC);
if (!empty($_GPC['channel'])) {
pdo_update(self::$t_channel, array('createtime' => time(), 'title' => $_GPC['title'], 'thumb' => $_GPC['thumb'], 'bg' => $_GPC['bg'], 'bgparam' => $bgparam, 'desc' => $_GPC['desc'], 'url' => $_GPC['url'], 'click_credit' => $_GPC['click_credit'], 'sub_click_credit' => $_GPC['sub_click_credit'], 'newbie_credit' => $_GPC['newbie_credit'], 'weid' => $_W['weid']), array('channel' => $_GPC['channel']));
// 清空QR缓存
$this->clearQRCache($_GPC['channel']);
message('更新传单成功', referer(), 'success');
} else {
$list_count = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename(self::$t_channel) . " WHERE weid=:weid", array(":weid" => $_W['weid']));
$active = $list_count == 0;
pdo_insert(self::$t_channel, array('title' => $_GPC['title'], 'createtime' => time(), 'thumb' => $_GPC['thumb'], 'bg' => $_GPC['bg'], 'bgparam' => $bgparam, 'active' => $active, 'desc' => $_GPC['desc'], 'url' => $_GPC['url'], 'click_credit' => $_GPC['click_credit'], 'sub_click_credit' => $_GPC['sub_click_credit'], 'newbie_credit' => $_GPC['newbie_credit'], 'weid' => $_W['weid']));
message('新建传单成功', referer(), 'success');
}
}
} else {
if ($op == 'log' or $op == 'qualitylog') {
$pindex = max(1, intval($_GPC['page']));
$psize = 20;
$mgr = new UserManager('');
$keyword = $_GPC['keyword'];
if ($op == 'qualitylog') {
$mylist = $mgr->getQualityUser($pindex, $psize, $keyword);
$total = $mgr->getQualityUserCount($keyword);
} else {
if ($op == 'log') {
$mylist = $mgr->getAllUser($pindex, $psize, $keyword);
$total = $mgr->getAllUserCount($keyword);
}
}
$pager = pagination($total, $pindex, $psize);
} else {
if ($op == 'user') {
// 下线详情+二级下线详情
$from_user = $_GPC['from_user'];
$uplevel = pdo_fetch("SELECT * FROM " . tablename(self::$t_follow) . " WHERE weid=:weid AND follower=:follower", array(":weid" => $_W['weid'], ":follower" => $from_user));
$fans = WechatUtil::fans_search($from_user, array('avatar', 'nickname', 'createtime', 'credit1'));
$mgr = new UserManager('');
$mylist = $mgr->getFollowList($from_user);
$mylist2 = $mgr->getFollowList2($mylist);
} else {
if ('black_remove' == $op) {
$from_user = $_GPC['from_user'];
pdo_delete(self::$t_black, array('from_user' => $from_user, 'weid' => $_W['weid']));
message('删除成功', $this->createWebUrl('Spread', array('op' => 'black')), 'success');
} else {
if ('black' == $op) {
if (!empty($_GPC['from_user'])) {
$from_user = $_GPC['from_user'];
$b = pdo_fetch("SELECT * FROM " . tablename(self::$t_black) . " WHERE from_user=:f AND weid=:w LIMIT 1", array(':f' => $from_user, ':w' => $_W['weid']));
if (empty($b)) {
pdo_insert(self::$t_black, array('from_user' => $from_user, 'weid' => $_W['weid'], 'access_time' => time()));
}
message('添加黑名单成功', referer(), 'success');
}
$list = pdo_fetchall("SELECT * FROM " . tablename(self::$t_black) . " WHERE weid=:w", array(':w' => $_W['weid']));
} else {
message('error!', '', 'error');
}
}
}
}
}
}
}
}
include $this->template('spread');
}
/**
* Fonction vérifiant l'identité du membre et le connectant si il possède la bonne identité.
* @return array : tableau de message d'erreur dans le cas où ses informations sont fausses, si il est banni ou encore
* si il ne s'est pas activé.
*/
function doConnect()
{
$tabRetour = array();
$mdp = $_POST['mdp'];
$userName = $_POST['userName'];
$manager = new UserManager(connexionDb());
$tabUser = $manager->getAllUser();
$userToConnect = new User(array("UserName" => $userName, "Mdp" => $mdp));
$userFound = $manager->getUserByUserName($userName);
/**
* Je vérifie sur le user est dans la base de donnée et existe bel et bien
*/
$echec = false;
if ($userFound->getId() != NULL) {
foreach ($tabUser as $elem) {
//$mdp == hash("sha256", $elem->getMdp());
//password_verify($mdp, $elem->getMdp())
if ($userName == $elem->getUserName() && hash("sha256", $userToConnect->getMdp() . $userFound->getSalt()) == $elem->getMdp()) {
$echec = false;
$userToConnect = $elem;
$id = $elem->getId();
break;
} else {
$echec = true;
}
}
} else {
$echec = true;
}
/**
* Je vérifie que le user n'a pas besoin de s'activer avant de se connecter, l'user pouvant avoir
* deux code (inscription et mdp oublié), je vérifie que c'est bien le code d'inscription
*/
$needActi = false;
$banni = false;
if (isset($id)) {
$acManager = new ActivationManager(connexionDb());
$act = $acManager->getActivationByLibelleAndId("Inscription", $id);
if (isset($act) && $act->getCode() != NULL) {
$needActi = true;
} else {
$needActi = false;
}
}
$userToConnect = $manager->getUserById($userToConnect->getId());
if ($echec == true) {
$tabRetour['Error'] = "<div class='alert alert-danger' role='alert'>Erreur lors de la connexion, veuillez rééssayer avec le bon login ou mot de passe !</div>";
} else {
if ($userToConnect->getDroit()[0]->getId() == 6) {
$tabRetour['Error'] = "<div class='alert alert-danger' role='alert'>Vous êtes banni, impossible de vous connecter !</div>";
$banni = true;
} else {
if ($needActi == true) {
$tabRetour['Activation'] = "<div class='alert alert-danger' role='alert'>Vous devez activer votre compte avant la connexion !</div>";
} else {
$user = $manager->getUserById($id);
$manager->updateUserConnect($user);
//$_SESSION['User'] = $user;
setSessionUser($user);
echo "Bienvenue sur EveryDayIdea !";
}
}
}
$tabRetour['Retour'] = !$echec;
$tabRetour['Valide'] = !$needActi;
$tabRetour['Banni'] = !$banni;
return $tabRetour;
}
