From 577fe9cae4a8d74d7069d83c3390b9c886869d75 Mon Sep 17 00:00:00 2001
From: Okhin <okhin@okhin.fr>
Date: Thu, 15 Nov 2018 18:48:44 +0100
Subject: [PATCH] Fixing a lot of counterparts issues
---
app/controller/bank.php | 11 +++--
app/controller/campaign.php | 17 +++----
app/controller/perso.php | 93 +++++++++++++------------------------
3 files changed, 45 insertions(+), 76 deletions(-)
diff --git a/app/controller/bank.php b/app/controller/bank.php
index 86ce1a7..e6405d0 100644
--- a/app/controller/bank.php
+++ b/app/controller/bank.php
@@ -1,6 +1,9 @@
<?php
namespace Controller;
+use LQDN\Command\UserUpdateCumulCommand;
+use LQDN\Command\UserUpdateTotalCommand;
+
class Bank extends Controller
{
/* We want to ignore the sanitizing on this page */
@@ -150,13 +153,13 @@ class Bank extends Controller
$status = $res->fetch(\PDO::FETCH_ASSOC);
$status = $status['status'];
- $res = $db->query("SELECT * FROM users WHERE id='".$don['user_id']."';");
- $user = $res->fetch(\PDO::FETCH_ASSOC);
+ $user = $f3->get('container')['user_finder']->findById($don['user_id']);
$cb_log->write("Utilisation d'un utilisateur existant");
// Ajout du nouveau don au cumul actuel
if ($status!=101) {
$cb_log->write("Ajout de ".$don['somme']);
- $db->query("UPDATE users set cumul = cumul + " . $don['somme'] . ", total = total + " . $don['somme'] . " WHERE id='".$don['user_id']."'");
+ $f3->get('container')['command_handler']->handle(new UpdateUserTotalCommand($user['id'], (int) $user['total'] + $don['somme']))
+ $f3->get('container')['command_handler']->handle(new UpdateUserCumulCommand($user['id'], (int) $user['cumul'] + $don['cumul']))
}
$result = $db->query("SELECT cumul FROM users WHERE id='".$don['user_id']."'");
$cumul = $result->fetch(\PDO::FETCH_ASSOC);
@@ -199,7 +202,7 @@ Toute l'équipe de La Quadrature du Net
")."\n\n";
// Création de l'url d'administration
- $admin_url = "https://support.laquadrature.net/perso";
+ $admin_url = "https://don.laquadrature.net/perso";
foreach ($f3->get('languages') as $key => $language) {
if ($lang==$language[1]) {
$admin_url = "https://".$language[0].$f3->get('dev').".laquadrature.net/perso";
diff --git a/app/controller/campaign.php b/app/controller/campaign.php
index f8a71a4..b589886 100644
--- a/app/controller/campaign.php
+++ b/app/controller/campaign.php
@@ -1,6 +1,10 @@
<?php
namespace Controller;
+use LQDN\Command\UserUpdateTotalCommand;
+use LQDN\Command\UserCreateCommand;
+use LQDN\Command\DonationCreateCommand;
+
class Campaign extends Controller
{
/*
@@ -93,8 +97,7 @@ class Campaign extends Controller
$db = $f3->get('DB');
// Si l'utilisateur est déjà connecté, on le récupère
if ($f3->get('SESSION.user', true)) {
- $user = $db->query("SELECT * FROM users WHERE id = ".$f3->get('SESSION.id'));
- $user = $user->fetch(\PDO::FETCH_ASSOC);
+ $user = $f3->get('container')['user_finder']->findById($f3->get('SESSION.id'));
$email = $user['email'];
$user_id = $user['id'];
$cumul_id = $user['cumul'];
@@ -103,10 +106,9 @@ class Campaign extends Controller
$email = \Utils::asl($f3->get('email'));
$hash = hash('sha256', $f3->get('password'));
- $sql = "SELECT id FROM users WHERE email = '".\Utils::asl($email)."';";
- $result = $db->query($sql);
+ $user = $f3->get('container')['user_finder']->findByEmail(\Utils::asl($email));
- if ($result->fetchColumn() > 0) {
+ if (len($user) > 0) {
// We have an existing user, we should try to login with the provided password
// or 403.
$mapper = new \DB\SQL\Mapper($f3->get('DB'), 'users');
@@ -114,11 +116,6 @@ class Campaign extends Controller
$login = $auth->login($email, $hash);
if (!$login) {
$f3->error(403);
- } else {
- $result = $db->query("SELECT id, cumul FROM users WHERE email = '".\Utils::asl($email)."'");
- $user = $result->fetch(\PDO::FETCH_ASSOC);
- $user_id = $user['id'];
- $cumul_id = $user['cumul'];
}
} else {
// The user does not exist, so let's create it
diff --git a/app/controller/perso.php b/app/controller/perso.php
index 3673e7c..42c53ab 100644
--- a/app/controller/perso.php
+++ b/app/controller/perso.php
@@ -4,6 +4,11 @@ namespace Controller;
use LQDN\Command\AddressCreateCommand;
use LQDN\Command\AddressDeleteCommand;
use LQDN\Command\AddressUpdateCommand;
+use LQDN\Command\CounterpartCreateCommand;
+use LQDN\Command\CounterpartDeleteCommand;
+use LQDN\Command\UserUpdateCumulCommand;
+use LQDN\Command\UserUpdateTotalCommand;
+use LQDN\Command\UserCreateCommand;
class Perso extends Controller
{
@@ -38,41 +43,14 @@ class Perso extends Controller
{
// Chargement des informations de l'utilisateur
$db = $f3->get('DB');
- // Let's update the total first
- $total = 0;
- $total_res = $db->query("SELECT SUM(somme) as total FROM dons WHERE status in (1, 4, 101, 102) AND user_id='".$f3->get('SESSION.id')."'");
- $total_res = $total_res->fetch(\PDO::FETCH_ASSOC);
- $total = $total_res['total'];
- // While we're at it, let's remove the price of each asked contreparties
- // printed piplome is 30, pibag is 50, pishirt is 100 and hoodie is 250
- // We first need to have the number of each counterpart claimed by the
- // user
- $cumul_counterpart = $db->query("SELECT sum(if(quoi='piplome', 1, 0)) as piplomes,
- sum(if(quoi='pibag', 1, 0)) as pibags,
- sum(if(quoi='pishirt', 1, 0)) as pishirts,
- sum(if(quoi='hoodie', 1, 0)) as hoodies
- FROM contreparties
- WHERE user_id = '".$f3->get('SESSION.id')."';");
- $cumul_counterpart = $cumul_counterpart->fetch(\PDO::FETCH_ASSOC);
- foreach (['hoodies', 'pishirts', 'pibags', 'piplomes'] as $key) {
- if (!array_key_exists($key, $cumul_counterpart)) {
- $cumul_counterpart[$key] = 0;
- }
- }
- $cumul = $cumul_counterpart['hoodies'] * 250 + max(($cumul_counterpart['pishirts'] - $cumul_counterpart['hoodies']), 0) * 100 + max(($cumul_counterpart['pibags'] - $cumul_counterpart['pishirts'] - $cumul_counterpart['hoodies']), 0) * 50 + max(($cumul_counterpart['piplomes'] - $cumul_counterpart['pibags'] - $cumul_counterpart['pishirts'] - $cumul_counterpart['hoodies']), 0) * 30;
-
- $cumul = $total - $cumul;
-
- $db->query("UPDATE users SET total = '".$total."', cumul = '".$cumul."' WHERE id = '".$f3->get('SESSION.id')."'");
- $result = $db->query("SELECT id, pseudo, email, total, cumul FROM users WHERE id='".$f3->get('SESSION.id')."' ");
- $data = $result->fetch(\PDO::FETCH_ASSOC);
- $f3->set('infos', $data);
- $result = $db->query("SELECT id, pdf, decimale FROM dons WHERE user_id='".$data['id']."' and pdf!='' ");
+ $user = $f3->get('container')['user_finder']->findById($f3->get('SESSION.id'));
+ $f3->set('infos', $user);
+ $result = $db->query("SELECT id, pdf, decimale FROM dons WHERE user_id='".$user['id']."' and pdf!='' ");
$pdfs = array();
foreach ($result->fetchAll(\PDO::FETCH_ASSOC) as $row) {
$pdfs[$row['pdf']] = $row;
}
- $addresse = $f3->get('container')['address_finder']->findByUserId((int) $data['id']);
+ $addresse = $f3->get('container')['address_finder']->findByUserId((int) $user['id']);
$f3->set('adresse', $addresse);
$f3->set('pdfs', $pdfs);
}
@@ -80,25 +58,19 @@ class Perso extends Controller
public function get_contreparties($f3)
{
// Chargement des contreparties de l'utilisateur
- $db = $f3->get('DB');
- $result =$db->query("SELECT datec, status, quoi, taille, adresse_id FROM contreparties WHERE user_id='".$f3->get('SESSION.id')."' ORDER BY datec DESC");
- $data = array();
- foreach ($result->fetchAll(\PDO::FETCH_ASSOC) as $row) {
- $data[] = $row;
- }
- $f3->set('contreparties', $data);
+ $contreparties = $f3->get('container')['counterpart_finder']->findByUserId((int) $f3->get('SESSION.id'));
+ $f3->set('contreparties', $contreparties);
}
public function get_dons($f3)
{
// Chargement des dons de l'utilisateur
$db = $f3->get('DB');
- $result = $db->query("SELECT datec, somme, id, pdf, status FROM dons WHERE user_id='".$f3->get('infos.id')."' AND status IN (1,4,102) ORDER BY datec DESC");
- $data = array();
- foreach ($result->fetchAll(\PDO::FETCH_ASSOC) as $row) {
- $data[] = $row;
- }
- $f3->set('dons', $data);
+ $dons = $f3->get('container')['donation_finder']->findByUserId((int) $f3->get('SESSION.id'));
+ $dons = array_filter($dons, function ($id) {
+ return in_array((int) $id, [1, 4, 102]);
+ });
+ $f3->set('dons', $dons);
}
public function get_recurrents($f3)
@@ -115,8 +87,6 @@ class Perso extends Controller
public function login($f3, $args)
{
- $f3->clear('SESSION.error');
- $f3->clear('SESSION.message');
$f3->set('form_visible', 'login');
if ($f3->get('action')=='renew_password') {
@@ -240,8 +210,7 @@ class Perso extends Controller
if ($f3->get('email')!='') {
// On vérifie que l'adresse mail n'existe pas
$db = $f3->get('DB');
- $query = $db->query("SELECT email FROM users WHERE email='".$f3->get('email')."';");
- $result = $query->fetch(\PDO::FETCH_ASSOC);
+ $user = $f3->get('container')['user_finder']->findByEmail($f3->get('email'));
$cumul = 0;
if ($result['email']!=$f3->get('email')) {
$hash = hash('sha256', $f3->get('password'));
@@ -337,11 +306,8 @@ class Perso extends Controller
if (!$f3->exists('SESSION.user')) {
$f3->error('401');
}
- // Récupération du cumul actuel de l'utilisateur
- $db = $f3->get('DB');
- $result = $db->query("SELECT cumul FROM users WHERE id='".$f3->get('SESSION.id')."' ");
- $me = $result->fetch(\PDO::FETCH_ASSOC);
- $cumul = $me['cumul'];
+
+ $user = $f3->get('container')['user_finder']->findById($f3->get('SESSION.id'));
// Récupération des valeurs du formulaire
$adresse_id = $f3->get('adresse_id');
@@ -351,7 +317,6 @@ class Perso extends Controller
$piplome_id = intval(substr($f3->get('piplome_id'), 0, strpos($f3->get('piplome_id'), '_')));
$taille = intval($f3->get('taille'));
$taille_h = intval($f3->get('taille_h'));
- $f3->clear('SESSION.error');
switch ($quoi) {
case 'piplome':
$valeur = 30;
@@ -368,24 +333,28 @@ class Perso extends Controller
}
// Ajout d'une demande de contrepartie pour chaque contrepartie
- if ($cumul >= $valeur) {
+ if ((int) $user['cumul'] >= $valeur) {
switch ($quoi) {
case 'piplome':
- $db->query("INSERT INTO contreparties (user_id,datec,quoi,taille,adresse_id,status,commentaire) VALUES ('".$f3->get('SESSION.id')."',NOW(),'piplome','".\Utils::asl($piplome_id)."','".\Utils::asl($adresse_id)."',1, '".\Utils::asl($commentaire)."')");
+ $f3->get('container')['command_handler']->handle(new CounterpartCreateCommand(\Utils::asl($adresse_id), $f3->get('SESSION.id'), 'piplome', \Utils::asl($piplome_id), 1, date("Y-m-d H:i:s"), \Utils::asl($commentaire)));
break;
case 'pibag':
- $db->query("INSERT INTO contreparties (user_id,datec,quoi,taille,adresse_id,status,commentaire) VALUES ('".$f3->get('SESSION.id')."',NOW(),'pibag','','".\Utils::asl($adresse_id)."',1, '".\Utils::asl($commentaire)."')");
+ $f3->get('container')['command_handler']->handle(new CounterpartCreateCommand(\Utils::asl($adresse_id), $f3->get('SESSION.id'), 'pibag', '', 1, date("Y-m-d H:i:s"), \Utils::asl($commentaire)));
break;
case 'pishirt':
- $db->query("INSERT INTO contreparties (user_id,datec,quoi,taille,adresse_id,status,commentaire) VALUES ('".$f3->get('SESSION.id')."',NOW(),'pishirt','".\Utils::asl($taille)."','".\Utils::asl($adresse_id)."',1, '".\Utils::asl($commentaire)."')");
+ $f3->get('container')['command_handler']->handle(new CounterpartCreateCommand(\Utils::asl($adresse_id), $f3->get('SESSION.id'), 'pishirt', \Utils::asl($taille), 1, date("Y-m-d H:i:s"), \Utils::asl($commentaire)));
break;
case 'hoopie':
- $db->query("INSERT INTO contreparties (user_id,datec,quoi,taille,adresse_id,status,commentaire) VALUES ('".$f3->get('SESSION.id')."',NOW(),'hoodie','".\Utils::asl($taille_h)."','".\Utils::asl($adresse_id)."',1, '".\Utils::asl($commentaire)."')");
+ $f3->get('container')['command_handler']->handle(new CounterpartCreateCommand(\Utils::asl($adresse_id), $f3->get('SESSION.id'), 'hoopie', \Utils::asl($taille_h), 1, date("Y-m-d H:i:s"), \Utils::asl($commentaire)));
+ break;
}
+ // Puis diminution du cumul de la valeur des contreparties
+ $f3->get('container')['command_handler']->handle(new UserUpdateCumulCommand($user['id'], $user['cumul'] - $valeur));
+ $f3->set('SESSION.message', _("Merci, vos contreparties seront envoyées dès que possible !".$valeur));
+ } else {
+ $f3->set('SESSION.error', _("Désolé, mais vous n'avez pas cumulé suffisament de dons pour avoir un ").$quoi);
+ $f3->clear('SESSION.message');
}
- // Puis diminution du cumul de la valeur des contreparties
- $db->query("UPDATE users SET cumul = cumul - ".$valeur." WHERE id='".$f3->get('SESSION.id')."'");
- $f3->set('SESSION.message', _("Merci, vos contreparties seront envoyées dès que possible !"));
$f3->reroute('/perso');
}
--
GitLab