Merge branch '97-confidential-issue' into 'preprod'

97 confidential issue See merge request Guinness/don!2

Merge branch '97-confidential-issue' into 'preprod'
97 confidential issue See merge request Guinness/don!2
4e25af86 · Guinness · 53445ca8 · cd2461a7 · 4e25af86 · 4e25af86
Commit 4e25af86 authored Oct 14, 2019 by Guinness
5 changed files
--- a/app/controller/campaign.php
+++ b/app/controller/campaign.php
@@ -4,6 +4,7 @@ namespace Controller;
 use LQDN\Command\UserUpdateTotalCommand;
 use LQDN\Command\UserCreateCommand;
 use LQDN\Command\DonationCreateCommand;
+use LQDN\Exception\InvalidEmailException;

 class Campaign extends Controller
 {
@@ -122,8 +123,13 @@ class Campaign extends Controller
                $cumul_id = $user['cumul'];
            } else {
                // The user does not exist, so let's create it
-                $result = $db->query("INSERT INTO users (pseudo, email, hash)
-					VALUES ('".$f3->get('pseudo')."', '$email', '$hash')");
+                try {
+                    $f3->get('container')['command_handler']->handle(new UserCreateCommand($email, $hash, $f3->get('pseudo'), 0, 0));
+                } catch (InvalidEmailException $e) {
+                    $f3->set("error", _("Email Invalide"));
+                    $f3->error("403");
+                }
+
                $user_id = $db->lastInsertId();
            }
        }

--- a/db/migrations/20181025132655_add_commentaire.php
+++ b/db/migrations/20181025132655_add_commentaire.php
@@ -28,7 +28,7 @@ class AddCommentaire extends AbstractMigration
    public function change()
    {
        $table = $this->table('contreparties');
-        $table->addColumn('commentaire', 'string')
+        $table->addColumn('commentaire', 'string', array('default' => ''))
            ->update();
    }
 }
--- a/db/schema.sql
+++ b/db/schema.sql
@@ -83,7 +83,7 @@ DROP TABLE IF EXISTS `contreparties`;
 /*!40101 SET character_set_client = utf8 */;
 CREATE TABLE `contreparties` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
-  `datec` datetime NOT NULL,
+  `datec` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
  `user_id` int(10) unsigned NOT NULL,
  `quoi` varchar(255) NOT NULL,
  `taille` int(10) unsigned NOT NULL,
@@ -105,22 +105,22 @@ DROP TABLE IF EXISTS `dons`;
 CREATE TABLE `dons` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `status` tinyint(3) unsigned NOT NULL,
-  `datec` datetime NOT NULL,
+  `datec` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
  `somme` int(10) unsigned NOT NULL,
  `lang` varchar(5) CHARACTER SET latin1 NOT NULL DEFAULT 'en_US',
-  `cadeau` tinyint(3) unsigned NOT NULL,
-  `abo` tinyint(4) NOT NULL,
-  `taille` int(10) unsigned NOT NULL,
-  `public` int(10) unsigned NOT NULL,
-  `pdf` varchar(32) CHARACTER SET latin1 NOT NULL,
-  `decimale` int(10) unsigned NOT NULL,
-  `datee` datetime NOT NULL,
+  `cadeau` tinyint(3) unsigned NOT NULL DEFAULT 0,
+  `abo` tinyint(4) NOT NULL DEFAULT 0,
+  `taille` int(10) unsigned NOT NULL DEFAULT 0,
+  `public` int(10) unsigned NOT NULL DEFAULT 0,
+  `pdf` varchar(32) CHARACTER SET latin1 NOT NULL DEFAULT '',
+  `decimale` int(10) unsigned NOT NULL DEFAULT 0,
+  `datee` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
  `mailsent` tinyint(4) DEFAULT '0',
  `color` varchar(7) CHARACTER SET latin1 DEFAULT NULL,
-  `pi_x` int(11) DEFAULT NULL,
-  `pi_y` int(11) DEFAULT NULL,
-  `hash` varchar(64) DEFAULT NULL,
-  `taille_h` int(10) unsigned NOT NULL,
+  `pi_x` int(11) DEFAULT NULL DEFAULT 0,
+  `pi_y` int(11) DEFAULT NULL DEFAULT 0,
+  `hash` varchar(64) DEFAULT NULL DEFAULT "",
+  `taille_h` int(10) unsigned NOT NULL DEFAULT 0,
  `fdnn_user` bigint(20) NOT NULL DEFAULT '0',
  `color_2` varchar(7) DEFAULT '',
  `cumul` int(11) DEFAULT '0',
@@ -193,13 +193,13 @@ CREATE TABLE `users` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `email` varchar(255) DEFAULT NULL,
  `hash` varchar(64) CHARACTER SET latin1 NOT NULL,
-  `total` int(10) unsigned NOT NULL,
-  `cumul` int(10) unsigned NOT NULL,
-  `pseudo` varchar(255) NOT NULL,
+  `total` int(10) unsigned  NOT NULL DEFAULT 0,
+  `cumul` int(10) unsigned NOT NULL DEFAULT 0,
+  `pseudo` varchar(255) NOT NULL DEFAULT "",
  `identifier` varchar(50) DEFAULT NULL,
  `expiration` datetime DEFAULT NULL,
  `status` int(11) DEFAULT NULL,
-  `commentaire` text,
+  `commentaire` text DEFAULT '',
  PRIMARY KEY (`id`),
  KEY `email` (`email`)
 ) ENGINE=InnoDB AUTO_INCREMENT=15494 DEFAULT CHARSET=utf8 COMMENT='Les donateurs';

--- a/src/LQDN/Exception/InvalidEmailException.php
+++ b/src/LQDN/Exception/InvalidEmailException.php
+<?php
+
+namespace LQDN\Exception;
+
+class InvalidEmailException extends \RuntimeException
+{
+}
--- a/src/LQDN/Handler/UserHandler.php
+++ b/src/LQDN/Handler/UserHandler.php
@@ -8,6 +8,14 @@ use LQDN\Command\UserUpdateTotalCommand;
 use LQDN\Command\UserUpdateCumulCommand;
 use LQDN\Command\UserCreateCommand;
 use LQDN\Command\AdminUpdateTotalUsersCommand;
+use LQDN\Exception\InvalidEmailException;
+
+function checkEmail($email)
+{
+    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
+        throw new InvalidEmailException();
+    }
+}

 class UserHandler
 {
@@ -25,6 +33,7 @@ class UserHandler
     */
    public function handleUserUpdateByAdminCommand(UserUpdateByAdminCommand $command)
    {
+        checkEmail($command->getEmail());
        $this->connection->executeUpdate('UPDATE users SET pseudo = :username, email = :email, commentaire = :comment, cumul = :cumul, total = :total WHERE id = :id', [
            'username' => $command->getUsername(),
            'email' => $command->getEmail(),
@@ -42,6 +51,7 @@ class UserHandler
     */
    public function handleUserCreateCommand(UserCreateCommand $command)
    {
+        checkEmail($command->getEmail());
        $this->connection->executeUpdate('INSERT INTO users(email, hash, pseudo, total, cumul) VALUES (:email, :hash, :pseudo, :total, :cumul)', [
            'email'=> $command->getEmail(),
            'hash'=> $command->getHash(),