176 lines
5.7 KiB
PHP
176 lines
5.7 KiB
PHP
<?php
|
|
require('include.php');
|
|
init(true, false);
|
|
|
|
if((empty($_GET['de']) OR empty($_GET['a'])) AND empty($_GET['all'])) //If we didn't get the right arguments
|
|
{
|
|
header('location: index.php');
|
|
exit();
|
|
}
|
|
|
|
$a = (int) $_GET['a'];
|
|
if($a != $_SESSION['id'] AND $_SESSION['admin'] != 1) //We can only validate what other people owe to us !
|
|
{
|
|
header('location: message.php?id=9');
|
|
exit();
|
|
}
|
|
|
|
if(empty($_GET['valide'])) //Validation page to be sure the user didn't click by mistake
|
|
{
|
|
$_SESSION['token_validation'] = sha1(uniqid(rand(), true)); //We generate a token and store it in a session variable
|
|
$_SESSION['token_validation_time'] = time(); //We also store the time at which the token has been generated
|
|
|
|
$lien = 'valider_paiements.php?valide=1&date='.$_GET['date'].'&a='.$a.'&token='.$_SESSION['token_validation'];
|
|
if(!empty($_GET['all']))
|
|
$lien .= '&all=1';
|
|
if(!empty($_GET['de']))
|
|
$lien .= '&de='.(int)$_GET['de'];
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="fr">
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<title>Bouffe@Ulm</title>
|
|
<link rel="stylesheet" media="screen" type="text/css" href="design.css" />
|
|
<link rel="icon" href="favicon.ico" />
|
|
</head>
|
|
<body>
|
|
<h1>Validation du remboursement des dettes</h1>
|
|
<p><a href="<?php echo $lien;?>">Confirmer le remboursement</a> ou <a href="index.php">Retour</a></p>
|
|
</body>
|
|
</html>
|
|
<?php
|
|
exit();
|
|
}
|
|
|
|
function inserer_paiement($donnees_depense, $de_paiement, $a_paiement) //Function to insert a regulation between A and B
|
|
{
|
|
if ($de_paiement == $a_paiement) return 1;
|
|
global $bdd;
|
|
// We count the number of payment not created during a simplification turn
|
|
// (created by this page, not rbmt_admin.php
|
|
$paiement_existe_req = $bdd->prepare('SELECT *,COUNT(*) AS nbre_paiement FROM paiements WHERE id_depense=:id_depense AND de=:de');
|
|
$paiement_existe_req->bindValue(':id_depense', $donnees_depense['id']);
|
|
$paiement_existe_req->bindValue(':de', $de_paiement);
|
|
$paiement_existe_req->execute();
|
|
|
|
$deja_paye = 0;
|
|
while($paiement_existe = $paiement_existe_req->fetch())
|
|
{
|
|
$deja_paye += $paiement_existe['montant'];
|
|
}
|
|
|
|
$montant = $donnees_depense['montant']/(substr_count($donnees_depense['copains'], ',') + 1 + $donnees_depense['invites']) - $deja_paye;
|
|
|
|
if($paiement_existe['nbre_paiement'] == 0)
|
|
$req = $bdd->prepare('INSERT INTO paiements(id, de, a, id_depense, date, montant) VALUES("", :de, :a, :id_depense, :date, :montant)');
|
|
else
|
|
$req = $bdd->prepare('UPDATE paiements SET montant=:montant, date=:date WHERE de=:de AND a=:a AND id_depense=:id_depense AND rbmt=0');
|
|
|
|
$req->bindValue(':de', $de_paiement);
|
|
$req->bindValue(':a', $a_paiement);
|
|
$req->bindValue(':id_depense', $donnees_depense['id']);
|
|
$req->bindValue(':date', time());
|
|
|
|
$req->bindValue(':montant', $montant);
|
|
$req->execute();
|
|
return 1;
|
|
}
|
|
|
|
function bornes_mois($num_mois,$annee) //Function to get the limit of dates to make the queries
|
|
{
|
|
$debut_mois = mktime(0, 0, 0,$num_mois, 1, $annee);
|
|
$dernier_jour = array(
|
|
1=>31,
|
|
2=>28+date('L'),
|
|
3=>31,
|
|
4=>30,
|
|
5=>31,
|
|
6=>30,
|
|
7=>31,
|
|
8=>31,
|
|
9=>30,
|
|
10=>31,
|
|
11=>30,
|
|
12=>31);
|
|
$fin_mois = mktime(23, 59, 59, $num_mois, $dernier_jour[$num_mois], $annee);
|
|
$bornes = array($debut_mois, $fin_mois);
|
|
return $bornes;
|
|
}
|
|
|
|
if(!empty($_GET['token']) && $_GET['token'] == $_SESSION['token_validation'] && $_SESSION['token_validation_time'] > time() - (15*60) AND strpos($_SERVER['HTTP_REFERER'], 'http://'.$CONFIG['base_url'].'/index.php') == 0) // Check wether the token is valid or not
|
|
{
|
|
if(!empty($_GET['all']))
|
|
{
|
|
//Validate everything for a
|
|
|
|
$req = $bdd->prepare('SELECT id, de, copains, montant, invites FROM depenses WHERE de=:a AND date>:debut_mois AND date<:fin_mois');
|
|
$req->bindValue(':a', $a);
|
|
}
|
|
else
|
|
{
|
|
$de = (int) $_GET['de'];
|
|
|
|
//Validate everything between a and de
|
|
$req = $bdd->prepare('SELECT id, de, copains, montant, invites FROM depenses WHERE (copains LIKE "%,'.$de.',%" OR copains LIKE "%,'.$de.'" OR copains LIKE "'.$de.',%" OR copains LIKE "'.$de.'") AND de=:a AND date>:debut_mois AND date<:fin_mois');
|
|
$req->bindValue(':a', $a);
|
|
}
|
|
|
|
if($_GET['date'] == 'now') //Bind date bounds
|
|
{
|
|
$bornes = bornes_mois(date('n'),date('Y'));
|
|
$req->bindValue(':debut_mois', $bornes[0]);
|
|
$req->bindValue(':fin_mois', $bornes[1]);
|
|
}
|
|
elseif($_GET['date'] == 'all')
|
|
{
|
|
$bornes = bornes_mois(date('n'),date('Y'));
|
|
$bornes[0] = 0;
|
|
$req->bindValue(':debut_mois', $bornes[0]);
|
|
$req->bindValue(':fin_mois', $bornes[1]);
|
|
}
|
|
else
|
|
{
|
|
header('location: index.php');
|
|
exit();
|
|
}
|
|
$req->execute();
|
|
|
|
while($donnees = $req->fetch())
|
|
{
|
|
if(!empty($de) && $de != $a)
|
|
{
|
|
inserer_paiement($donnees, $de, $a);
|
|
}
|
|
else
|
|
{
|
|
//For all the people who participate...
|
|
$participants = explode(',', $donnees['copains']);
|
|
foreach($participants as $participant)
|
|
{
|
|
echo $participant . ',' .$a . '<br/>';
|
|
if ($participant != $a) inserer_paiement($donnees, $participant, $a);
|
|
}
|
|
}
|
|
}
|
|
|
|
//And don't forget to validate everything I owe to others
|
|
$req_me = $bdd->prepare('SELECT id, copains, de, montant, invites FROM depenses WHERE de=:de AND (copains LIKE "%,'.$a.',%" OR copains LIKE "%,'.$a.'" OR copains LIKE "'.$a.',%" OR copains LIKE "'.$a.'") AND date>:debut_mois AND date<:fin_mois');
|
|
$req_me->bindValue(':de', $de);
|
|
$req_me->bindValue(':debut_mois', $bornes[0]);
|
|
$req_me->bindValue(':fin_mois', $bornes[1]);
|
|
$req_me->execute();
|
|
while($donnees_me = $req_me->fetch())
|
|
{
|
|
inserer_paiement($donnees_me, $a, $donnees_me['de']);
|
|
}
|
|
header('location: message.php?id=11');
|
|
exit();
|
|
}
|
|
else //If not valid, go back to index.php
|
|
{
|
|
header('location: index.php');
|
|
exit();
|
|
}
|
|
?>
|