public function handle_editor()
{
$this->question = Env::t('question', '');
$this->answer1 = Env::t('answer1', '');
$this->answer2 = Env::t('answer2', '');
return true;
}
public function handle_editor()
{
$this->title = Env::t('title', '');
$this->description = Env::t('description', '');
try {
$this->begin = new FrankizDateTime(Env::t('begin', $this->begin));
$this->end = new FrankizDateTime(Env::t('end', $this->end));
} catch (Exception $e) {
return false;
}
return true;
}
function fillFields($json = false)
{
$fields = array('free' => '', 'hruid' => '', 'firstname' => '', 'lastname' => '', 'nickname' => '', 'cellphone' => '', 'nationalities' => '', 'promo' => '', 'studies' => '', 'sports' => '', 'courses' => '', 'binets' => '', 'frees' => '', 'room' => '', 'phone' => '', 'ip' => '', 'gender' => '');
foreach (array_keys($fields) as $field) {
if ($json) {
$fields[$field] = isset($json->{$field}) && trim($json->{$field}) != '' ? trim($json->{$field}) : false;
} else {
$fields[$field] = Env::t($field, '') != '' ? Env::t($field, '') : false;
}
}
return $fields;
}
public function handle_editor()
{
$this->title = Env::t('title', '');
$this->content = Env::t('news_content', '');
$this->begin = new FrankizDateTime(Env::t('begin'));
$this->end = new FrankizDateTime(Env::t('end'));
if (Env::has('image')) {
$image = new ImageFilter(new PFC_And(new IFC_Id(Env::i('image')), new IFC_Temp()));
$image = $image->get(true);
if (!$image) {
throw new Exception("This image doesn't exist anymore");
}
$image->select(FrankizImageSelect::caste());
$image->label($this->title);
$image->caste($this->target);
$this->image($image);
}
return true;
}
public function handler_qdj($page)
{
$int = QDJ::interval();
$date_min = mktime(1, 0, 0, floor(($int['date_min']->format('n') - 1) / 2) * 2 + 1, 1, $int['date_min']->format('Y'));
$date_max = mktime(1, 0, 0, floor(($int['date_max']->format('n') + 1) / 2) * 2 + 1, 1, $int['date_max']->format('Y'));
$date = $date_min;
$begin_dates = array();
$end_dates = array();
while ($date < $date_max) {
$begin_dates[] = $date;
$date = strtotime('+2 months', $date);
$end_dates[] = strtotime('-1 day', $date);
}
$page->assign('results', $this->fetch_scores($begin_dates, $end_dates, Env::t('period', count($begin_dates) - 1)));
$page->assign('end_date', $end_dates);
$page->assign('begin_date', $begin_dates);
$page->assign('group_qdj', Group::from('qdj'));
$page->addCssLink('visualize.css');
$page->addCssLink('qdj.css');
$page->assign('title', "Classement QDJ");
$page->changeTpl('qdj/qdj.tpl');
}
function handler_links_admin($page)
{
if (!S::user()->perms()->hasFlag('admin')) {
return PL_FORBIDDEN;
}
$collec = Link::all();
$collec->select(LinkSelect::all());
$results = $collec->split('ns');
if (Env::has('modify')) {
$id = Env::i('id');
$link = $collec->get($id);
if ($link !== false) {
if (Env::has('image')) {
try {
$group = Group::from('partnership');
$group->select();
$image = new FrankizImage();
$image->insert();
$image->label($link->label());
$image->caste($group->caste('everybody'));
$image->image(FrankizUpload::v('image'));
$link->image($image);
} catch (Exception $e) {
$page->assign('err', $e->getMessage());
}
}
$link->label(Env::t('label'));
$link->link(Env::t('link'));
$link->description(Env::t('description'));
$link->comment(Env::t('comment'));
} else {
$err = 'Le lien modifié n\'existe plus.';
$page->assign('err', $err);
}
}
$page->addCssLink('links.css');
$page->assign('links', $results);
$page->assign('title', 'Administrer les liens');
$page->changeTpl('links/admin_links.tpl');
}
function handler_send($page)
{
$page->changeTpl('emails/send.tpl');
$page->setTitle('Envoyer un email');
// action si on recoit un formulaire
if (Post::has('save')) {
if (!S::has_xsrf_token()) {
return PL_FORBIDDEN;
}
unset($_POST['save']);
if (trim(preg_replace('/-- .*/', '', Post::v('contenu'))) != "") {
Post::set('to_contacts', explode(';', Post::s('to_contacts')));
Post::set('cc_contacts', explode(';', Post::s('cc_contacts')));
$data = serialize($_POST);
XDB::execute('INSERT INTO email_send_save (uid, data)
VALUES ({?}, {?})
ON DUPLICATE KEY UPDATE data = VALUES(data)', S::user()->id('uid'), $data);
}
exit;
} else {
if (Env::v('submit') == 'Envoyer') {
S::assert_xsrf_token();
function getEmails($aliases)
{
if (!is_array($aliases)) {
return null;
}
$uf = new UserFilter(new UFC_Hrpid($aliases));
$users = $uf->iterUsers();
$ret = array();
while ($user = $users->next()) {
$ret[] = $user->forlife;
}
return join(', ', $ret);
}
$error = false;
foreach ($_FILES as &$file) {
if ($file['name'] && !PlUpload::get($file, S::user()->login(), 'emails.send', false)) {
$page->trigError(PlUpload::$lastError);
$error = true;
break;
}
}
if (!$error) {
XDB::execute("DELETE FROM email_send_save\n WHERE uid = {?}", S::user()->id());
$to2 = getEmails(Env::v('to_contacts'));
$cc2 = getEmails(Env::v('cc_contacts'));
$txt = str_replace('^M', '', Env::v('contenu'));
$to = str_replace(';', ',', Env::t('to'));
$subj = Env::t('sujet');
$from = Env::t('from');
$cc = str_replace(';', ',', Env::t('cc'));
$bcc = str_replace(';', ',', Env::t('bcc'));
$email_regex = '/^[a-z0-9.\\-+_\\$]+@([\\-.+_]?[a-z0-9])+$/i';
foreach (explode(',', $to . ',' . $cc . ',' . $bcc) as $email) {
$email = trim($email);
if ($email != '' && !preg_match($email_regex, $email)) {
$page->trigError("L'adresse email " . $email . ' est erronée.');
$error = true;
}
}
if (empty($to) && empty($cc) && empty($to2) && empty($bcc) && empty($cc2)) {
$page->trigError("Indique au moins un destinataire.");
$error = true;
}
if ($error) {
$page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send'));
} else {
$mymail = new PlMailer();
$mymail->setFrom($from);
$mymail->setSubject($subj);
if (!empty($to)) {
$mymail->addTo($to);
}
if (!empty($cc)) {
$mymail->addCc($cc);
}
if (!empty($bcc)) {
$mymail->addBcc($bcc);
}
if (!empty($to2)) {
$mymail->addTo($to2);
}
if (!empty($cc2)) {
$mymail->addCc($cc2);
}
$files =& PlUpload::listFiles(S::user()->login(), 'emails.send');
foreach ($files as $name => &$upload) {
$mymail->addUploadAttachment($upload, $name);
}
if (Env::v('wiki') == 'text') {
$mymail->setTxtBody(wordwrap($txt, 78, "\n"));
} else {
$mymail->setWikiBody($txt);
}
if ($mymail->send()) {
$page->trigSuccess("Ton email a bien été envoyé.");
$_REQUEST = array('bcc' => S::user()->bestEmail());
PlUpload::clear(S::user()->login(), 'emails.send');
} else {
$page->trigError("Erreur lors de l'envoi du courriel, réessaye.");
$page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send'));
}
}
}
} else {
$res = XDB::query("SELECT data\n FROM email_send_save\n WHERE uid = {?}", S::i('uid'));
if ($res->numRows() == 0) {
PlUpload::clear(S::user()->login(), 'emails.send');
$_REQUEST['bcc'] = S::user()->bestEmail();
} else {
$data = unserialize($res->fetchOneCell());
$_REQUEST = array_merge($_REQUEST, $data);
}
}
}
$uf = new UserFilter(new PFC_And(new UFC_Contact(S::user()), new UFC_Registered()), UserFilter::sortByName());
$contacts = $uf->getProfiles();
$page->assign('contacts', $contacts);
$page->assign('maxsize', ini_get('upload_max_filesize') . 'o');
$page->assign('user', S::user());
$preferences = XDB::fetchOneAssoc('SELECT from_email, from_format
FROM accounts
WHERE uid = {?}', S::user()->id());
if ($preferences['from_email'] == '') {
$preferences['from_email'] = '"' . S::user()->fullName() . '" <' . S::user()->bestEmail() . '>';
}
$page->assign('preferences', $preferences);
}
function handler_admin($page, $nid = false)
{
$news = News::fromId($nid);
if ($news !== false) {
$news->select(NewsSelect::news());
if (S::user()->hasRights($news->target()->group(), Rights::admin()) || S::user()->isWeb()) {
if (Env::has('modify') || Env::has('delete')) {
S::assert_xsrf_token();
}
if (Env::has('modify')) {
$news->title(Env::t('title'));
$news->content(Env::t('news_content'));
$news->begin(new FrankizDateTime(Env::t('begin')));
$news->end(new FrankizDateTime(Env::t('end')));
if (Env::has('reappear')) {
$news->removeReadFlags();
}
if (Env::has('image')) {
$image = new ImageFilter(new PFC_And(new IFC_Id(Env::i('image')), new IFC_Temp()));
$image = $image->get(true);
if (!$image) {
throw new Exception("This image doesn't exist anymore");
}
$image->select(FrankizImageSelect::caste());
$image->label($news->title());
$image->caste($news->target());
$news->image($image);
}
$page->assign('msg', "L'annonce a été modifiée.");
}
if (Env::has('delete')) {
$news->delete();
$page->assign('delete', true);
}
}
}
$page->assign('news', $news);
$page->assign('isEdition', true);
$page->assign('title', "Modifier l'annonce");
$page->addCssLink('validate.css');
$page->changeTpl('news/admin.tpl');
}
function handler_aadmin($page, $lfull = null)
{
if (!$this->get_lists_domain() || is_null($lfull)) {
return PL_NOT_FOUND;
}
$page->changeTpl('xnetlists/alias-admin.tpl');
require_once 'emails.inc.php';
list($local_part, $domain) = explode('@', $lfull);
if ($this->get_lists_domain() != $domain || !preg_match("/^[a-zA-Z0-9\\-\\.]*\$/", $local_part)) {
global $globals;
$page->trigErrorRedirect('Le nom de l\'alias est erroné.', $globals->asso('diminutif') . '/lists');
}
if (Env::has('add_member')) {
S::assert_xsrf_token();
if (add_to_list_alias(Env::t('add_member'), $local_part, $domain)) {
$page->trigSuccess('Ajout réussi.');
} else {
$page->trigError('Ajout infructueux.');
}
}
if (Env::has('del_member')) {
S::assert_xsrf_token();
if (delete_from_list_alias(Env::t('del_member'), $local_part, $domain)) {
$page->trigSuccess('Suppression réussie.');
} else {
$page->trigError('Suppression infructueuse.');
}
}
$page->assign('members', list_alias_members($local_part, $domain));
}
protected function handle_editor()
{
$this->titre = Env::v('pay_titre');
$this->site = Env::v('pay_site');
$this->montant = Env::t('pay_montant');
$this->montant_min = Env::i('pay_montant_min');
$this->montant_max = Env::i('pay_montant_max');
$this->msg_reponse = Env::v('pay_msg_reponse');
$this->public = Env::v('pay_public') == 'yes';
$this->rib_id = Env::v('pay_rib_id');
if ($this->rib_id) {
$res = XDB::query("SELECT owner FROM payment_bankaccounts WHERE id = {?}", $this->rib_id);
$this->rib_nom = $res->fetchOneCell();
} else {
$this->rib_nom = null;
}
return true;
}
function handler_phd($page, $promo = null, $validate = false)
{
$page->changeTpl('admin/phd.tpl');
$eduDegrees = DirEnum::getOptions(DirEnum::EDUDEGREES);
$eduDegrees = array_flip($eduDegrees);
// get the list of the years when phd students are supposed to finish but have not yet been flagged as completed
$promo_list = XDB::fetchColumn('SELECT DISTINCT(grad_year)
FROM profile_education
WHERE FIND_IN_SET(\'primary\', flags) AND NOT FIND_IN_SET(\'completed\', flags) AND degreeid = {?}
ORDER BY grad_year', $eduDegrees[Profile::DEGREE_D]);
// case when no promo was selected that is the admin/phd page
if (is_null($promo)) {
$page->assign('promo_list', $promo_list);
$page->assign('nothing', count($promo_list) == 0);
return;
}
// case when we want to add a list and we have data, that is admin/phd/bulk/validate
if ($promo == "bulk" && Post::has('people')) {
S::assert_xsrf_token();
$lines = explode("\n", Post::t('people'));
$separator = Env::t('separator');
foreach ($lines as $line) {
$infos = explode($separator, $line);
if (sizeof($infos) !== 2) {
$page->trigError("La ligne {$line} n'a pas été ajoutée : mauvais nombre de champs.");
continue;
}
$infos = array_map('trim', $infos);
// $info[0] is prenom.nom or hrid. We first try the hrid case, then we try over the possible promos.
// We trigger an error if the search was unsuccessful.
$user = User::getSilent($infos[0]);
if (is_null($user)) {
foreach ($promo_list as $promo_possible) {
$user = User::getSilent($infos[0] . '.d' . $promo_possible);
if (!is_null($user)) {
break;
}
}
if (is_null($user)) {
$page->trigError("La ligne {$line} n'a pas été ajoutée : aucun compte trouvé.");
continue;
}
}
if ($user->type !== 'phd') {
$page->trigError("La ligne {$line} n'a pas été ajoutée : le compte n'est pas celui d'un doctorant.");
continue;
}
$grad_year = $infos[1];
if (!$grad_year) {
$page->trigError("La ligne {$line} n'a pas été ajoutée : année de soutenance vide.");
continue;
}
$profile = $user->profile();
// We have the pid, we now need the id that completes the PK in profile_education.
$res = XDB::fetchOneCell('SELECT pe.id
FROM profile_education AS pe
WHERE FIND_IN_SET(\'primary\', pe.flags) AND NOT FIND_IN_SET(\'completed\', pe.flags)
AND pe.pid = {?}', $profile->id());
if (!$res) {
$page->trigError("Le profil " . $profile->hrid() . " a déjà une année de soutenance indiquée.");
continue;
}
// When we are here, we have the pid, id for profile_education table, and $grad_year. Time to UPDATE !
XDB::execute('UPDATE profile_education
SET flags = CONCAT(flags, \',completed\'), grad_year = {?}
WHERE pid = {?} AND id = {?}', $grad_year, $profile->id(), $res);
XDB::execute('UPDATE profile_display
SET promo = {?}
WHERE pid = {?}', 'D' . $grad_year, $profile->id());
$page->trigSuccess("Promotion de " . $profile->fullName() . " validée.");
}
$errors = $page->nb_errs();
if ($errors == 0) {
$page->trigSuccess("L'opération a été effectuée avec succès.");
} else {
$page->trigSuccess('L\'opération a été effectuée avec succès, sauf pour ' . ($errors == 1 ? 'l\'erreur signalée' : "les {$errors} erreurs signalées") . ' ci-dessus.');
}
} elseif ($validate) {
S::assert_xsrf_token();
$list = XDB::iterator('SELECT pe.pid, pd.directory_name
FROM profile_education AS pe
INNER JOIN profile_display AS pd ON (pe.pid = pd.pid)
WHERE FIND_IN_SET(\'primary\', pe.flags) AND NOT FIND_IN_SET(\'completed\', pe.flags)
AND pe.degreeid = {?} AND pe.grad_year = {?}', $eduDegrees[Profile::DEGREE_D], $promo);
while ($res = $list->next()) {
$pid = $res['pid'];
$name = $res['directory_name'];
if (Post::b('completed_' . $pid)) {
$grad_year = Post::t('grad_year_' . $pid);
XDB::execute('UPDATE profile_education
SET flags = CONCAT(flags, \',completed\'), grad_year = {?}
WHERE FIND_IN_SET(\'primary\', flags) AND pid = {?}', $grad_year, $pid);
XDB::execute('UPDATE profile_display
SET promo = {?}
WHERE pid = {?}', 'D' . $grad_year, $pid);
$page->trigSuccess("Promotion de {$name} validée.");
}
}
}
// case we are on a graduation year page, e.g. admin/phd/2007 or admin/phd/2007/validate
$list = XDB::iterator('SELECT pe.pid, pd.directory_name
FROM profile_education AS pe
INNER JOIN profile_display AS pd ON (pe.pid = pd.pid)
WHERE FIND_IN_SET(\'primary\', pe.flags) AND NOT FIND_IN_SET(\'completed\', pe.flags)
AND pe.degreeid = {?} AND pe.grad_year = {?}
ORDER BY pd.directory_name', $eduDegrees[Profile::DEGREE_D], $promo);
$page->assign('list', $list);
$page->assign('promo', $promo);
}
public function handle_editor()
{
$this->reason = Env::t('reason', '');
return true;
}
function handler_group_admin($page, $group = null)
{
$group = Group::fromId($group);
if ($group && (S::user()->hasRights($group, Rights::admin()) || S::user()->isWeb())) {
$group->select(GroupSelect::see());
$page->assign('group', $group);
if (Env::has('name') && Env::t('name') != '' && S::user()->isAdmin()) {
S::logger()->log("groups/admin", array("gid" => $group->id(), "old_name" => $group->name(), "new_name" => Env::t('name')));
$group->name(Env::t('name'));
}
if (Env::has('update') && S::user()->isAdmin()) {
$group->external(Env::has('external'));
$group->leavable(Env::has('leavable'));
$group->visible(Env::has('visible'));
}
if (Env::has('label')) {
$group->label(Env::t('label'));
}
if (Env::has('update')) {
$group->description(Env::t('description'));
$group->web(Env::t('web'));
$group->wikix(Env::t('wikix'));
$group->mail(Env::t('mail'));
}
if (Env::has('image')) {
$image = new ImageFilter(new PFC_And(new IFC_Id(Env::i('image')), new IFC_Temp()));
$image = $image->get(true);
if (!$image) {
throw new Exception("This image doesn't exist anymore");
}
$image->select(FrankizImageSelect::caste());
$image->label($group->label());
$image->caste($group->caste(Rights::everybody()));
$group->image($image);
}
if (S::user()->isWeb()) {
$nss = XDB::fetchColumn('SELECT ns FROM groups GROUP BY ns');
$page->assign('nss', $nss);
if (Env::has('ns')) {
S::logger()->log("groups/admin", array("gid" => $group->id(), "old_ns" => $group->ns(), "new_ns" => Env::t('ns')));
$group->ns(Env::t('ns'));
}
}
$promos = S::user()->castes()->groups()->filter('ns', Group::NS_PROMO);
$page->assign('promos', $promos);
$page->assign('title', 'Administration de "' . $group->label() . '"');
$page->addCssLink('groups.css');
$page->changeTpl('groups/admin.tpl');
} else {
$page->assign('title', "Ce groupe n'existe pas ou vous n'en êtes pas administrateur");
$page->changeTpl('groups/no_group.tpl');
}
}
function handler_admin_member_new_ajax($page)
{
pl_content_headers("text/html");
$page->changeTpl('xnetgrp/membres-new-search.tpl', NO_SKIN);
$users = array();
$same_email = false;
if (Env::has('login')) {
$user = User::getSilent(Env::t('login'));
if ($user && $user->state != 'pending') {
$users = array($user->id() => $user);
$same_email = true;
}
}
if (empty($users)) {
list($lastname, $firstname) = str_replace(array('-', ' ', "'"), '%', array(Env::t('nom'), Env::t('prenom')));
$cond = new PFC_And();
if (!empty($lastname)) {
$cond->addChild(new UFC_NameTokens($lastname, array(), false, false, Profile::LASTNAME));
}
if (!empty($firstname)) {
$cond->addChild(new UFC_NameTokens($firstname, array(), false, false, Profile::FIRSTNAME));
}
if (Env::t('promo')) {
$cond->addChild(new UFC_Promo('=', UserFilter::DISPLAY, Env::t('promo')));
}
$uf = new UserFilter($cond);
$users = $uf->getUsers(new PlLimit(30));
if ($uf->getTotalCount() > 30) {
$page->assign('too_many', true);
$users = array();
}
}
$page->assign('users', $users);
$page->assign('same_email', $same_email);
}
protected function handle_editor()
{
foreach (array('name', 'acronym', 'url', 'email', 'SIREN', 'NAF_code', 'tel', 'fax', 'address') as $field) {
$this->{$field} = Env::t($field) == '' ? null : Env::t($field);
}
foreach (array('AX_code', 'holdingid') as $field) {
$this->{$field} = Env::i($field) == 0 ? null : Env::i($field);
}
return true;
}
public function handler_recovery($page)
{
global $globals;
$page->addCssLink('profile.css');
$page->changeTpl('profile/recovery.tpl');
$page->assign('title', 'Nouveau mot de passe');
// Step 1 : Ask the email
$page->assign('step', 'ask');
// Step 2 : Send the recovery mail
if (Env::t('mail', '') != '') {
// TODO: Accept forlife too
list($forlife, $domain) = explode('@', Env::t('mail'), 2);
$uf = new UserFilter(new UFC_Forlife($forlife, $domain));
$user = $uf->get(true);
if (!$user) {
$page->assign('error', 'true');
return;
}
$user->select(UserSelect::base());
$page->assign('email', Env::t('mail'));
$mail = new FrankizMailer('profile/recovery.mail.tpl');
$hash = rand_url_id();
$user->hash($hash);
$mail->assign('hash', $hash);
$mail->assign('uid', $user->id());
$mail->SetFrom($globals->mails->web, 'Les Webmestres de Frankiz');
$mail->AddAddress($user->bestEmail(), $user->displayName());
$mail->subject('[Frankiz] Changement de mot de passe');
$mail->Send($user->isEmailFormatHtml());
$page->assign('step', 'mail');
}
// Step 2 : Send a new password
if (Env::v('hash', '') != '' && Env::v('uid', '') != '') {
$user = new User(Env::v('uid'));
$user->select(UserSelect::base());
if (Env::v('hash') == $user->hash()) {
// TODO: log the session opening
$mail = new FrankizMailer('profile/recovery_new.mail.tpl');
$new = rand_url_id();
$user->hash('');
$user->password($new);
$mail->assign('new_password', $new);
$mail->SetFrom($globals->mails->web, 'Les Webmestres de Frankiz');
$mail->AddAddress($user->bestEmail(), $user->displayName());
$mail->subject('[Frankiz] Nouveau mot de passe');
$mail->Send($user->isEmailFormatHtml());
$page->assign('step', 'password');
} else {
$page->assign('step', 'expired');
}
}
}
function handler_qdj($page)
{
$question = Env::t('quest');
$answer1 = Env::t('ans1');
$answer2 = Env::t('ans2');
if (Env::has('send')) {
if ($question == '' || $answer1 == '' || $answer2 == '') {
$page->assign('msg', 'Il manque des informations.');
} else {
$qv = new QDJValidate($question, $answer1, $answer2);
$v = new Validate(array('writer' => S::user(), 'group' => Group::from('qdj'), 'item' => $qv, 'type' => 'qdj'));
$v->insert();
$page->assign('envoye', true);
}
}
$page->addCssLink('validate.css');
$page->assign('title', 'Proposition d\'une qdj');
$page->changeTpl('validate/prop.qdj.tpl');
}
function handler_participants($page, $id)
{
$act = new ActivityInstanceFilter(new PFC_AND(new AIFC_CanBeSeen(S::user()), new AIFC_Id($id)));
$act = $act->get(true);
if ($act === false) {
throw new Exception("Invalid credentials");
}
$act->select(ActivityInstanceSelect::all());
if (Env::has('mail')) {
S::assert_xsrf_token();
if (Env::t('mail_body') != '' && s::user()->id() == $act->writer()->id()) {
$mail = new FrankizMailer();
$mail->subject('[Mail groupé] Activité ' . $act->title() . ' du ' . $act->date() . ' à ' . $act->hour_begin());
$mail->body(Env::t('mail_body'));
$mail->setFrom(S::user()->bestEmail(), S::user()->displayName());
$mail->toUserFilter(new UserFilter(new UFC_ActivityInstance($act->id())));
$mail->sendLater(false);
} else {
$page->assign('msg', 'Votre mail n\'est pas rempli.');
}
}
$page->assign('user', s::user());
$page->assign('id', $id);
$page->assign('activity', $act);
$page->assign('title', 'Participants à une activité');
$page->addCssLink('activity.css');
$page->changeTpl('activity/participants.tpl');
}
function handler_admin($page, $id = null, $action = null)
{
$page->assign('title', "Administration de l'authentification externe");
$page->assign('remoterights_available', implode(',', Remote::availableRights()));
// Find remote
$remote = null;
if ($id == 'new') {
$remote = new Remote();
$remote->insert();
} elseif (Remote::isId($id)) {
$remote = new Remote($id);
// Delete a remote
if ($action == 'delete') {
$remote->delete();
$remote = null;
}
}
if (!empty($remote)) {
$remote->select(RemoteSelect::groups());
if (Env::has('change_remote')) {
$remote->site(Env::t('site'));
$remote->label(Env::t('label'));
$remote->privkey(Env::t('privkey'));
$rights = explode(',', Env::t('rights'));
foreach ($rights as $k => $v) {
$rights[$k] = strtolower(trim($v));
}
$rights = array_intersect($rights, Remote::availableRights());
$remote->rights(new PlFlagSet(implode(',', $rights)));
$groups = new Collection('Group');
$groups_fields = array('binets', 'frees');
foreach ($groups_fields as $field) {
foreach (explode(';', Env::t($field)) as $gid) {
$gid = trim($gid);
if ($gid) {
$groups->add(new Group($gid));
}
}
}
$groups->select(GroupSelect::base());
$remote->groups($groups);
}
$page->assign('remote', $remote);
$page->changeTpl('remote/admin.tpl');
} else {
$remotes = Remote::selectAll(RemoteSelect::groups());
$page->assign('remotes', $remotes);
$page->changeTpl('remote/list.tpl');
}
}
function handler_recovery($page)
{
global $globals;
$page->changeTpl('platal/recovery.tpl');
if (!Env::has('login') || !Env::has('birth')) {
return;
}
if (!preg_match('/^[0-3][0-9][0-1][0-9][1][9]([0-9]{2})$/', Env::v('birth'))) {
$page->trigError('Date de naissance incorrecte ou incohérente');
return;
}
$birth = sprintf('%s-%s-%s', substr(Env::v('birth'), 4, 4), substr(Env::v('birth'), 2, 2), substr(Env::v('birth'), 0, 2));
$mailorg = strtok(Env::v('login'), '@');
$profile = Profile::get(Env::t('login'));
if (is_null($profile) || $profile->birthdate != $birth) {
$page->trigError('Les informations que tu as rentrées ne permettent pas de récupérer ton mot de passe.<br />' . 'Si tu as un homonyme, utilise prenom.nom.promo comme login');
return;
}
$user = $profile->owner();
if ($user->state != 'active') {
$page->trigError('Ton compte n\'est pas activé.');
return;
}
if ($user->lost) {
$page->assign('no_addr', true);
return;
}
$page->assign('ok', true);
$url = rand_url_id();
XDB::execute('INSERT INTO account_lost_passwords (certificat,uid,created)
VALUES ({?},{?},NOW())', $url, $user->id());
$to = XDB::fetchOneCell('SELECT redirect
FROM email_redirect_account
WHERE uid = {?} AND redirect = {?}', $user->id(), Post::t('email'));
if (is_null($to)) {
$emails = XDB::fetchColumn('SELECT redirect
FROM email_redirect_account
WHERE uid = {?} AND flags = \'inactive\' AND type = \'smtp\'', $user->id());
$inactives_to = implode(', ', $emails);
}
$mymail = new PlMailer();
$mymail->setFrom('"Gestion des mots de passe" <support+password@' . $globals->mail->domain . '>');
if (is_null($to)) {
$mymail->addTo($user);
$log_to = $user->bestEmail();
if (!is_null($inactives_to)) {
$log_to = $inactives_to . ', ' . $log_to;
$mymail->addTo($inactives_to);
}
} else {
$mymail->addTo($to);
$log_to = $to;
}
$mymail->setSubject("Ton certificat d'authentification");
$mymail->setTxtBody("Visite la page suivante qui expire dans six heures :\n{$globals->baseurl}/tmpPWD/{$url}\n\nSi en cliquant dessus tu n'y arrives pas, copie intégralement l'adresse dans la barre de ton navigateur. Si tu n'as pas utilisé ce lien dans six heures, tu peux tout simplement recommencer cette procédure.\n\n--\nPolytechnique.org\n\"Le portail des élèves & anciens élèves de l'École polytechnique\"\n\nEmail envoyé à " . Env::v('login') . (is_null($to) ? '' : '
Adresse de secours : ' . $to));
$mymail->send();
S::logger($user->id())->log('recovery', $log_to);
}
/**
* to validate a form
*/
public function handle_form()
{
if (is_null($this->item)) {
return false;
}
// edit informations
if (Env::has('edit')) {
if ($this->item->handle_editor()) {
$this->update();
Platal::page()->assign('msg', 'Requête mise à jour');
return true;
}
return false;
}
// add a comment
if (Env::has('add_comm')) {
if (!strlen(Env::t('comm'))) {
return false;
}
$this->item->add_comment(S::user()->displayName(), Env::v('comm'));
$this->item->sendmailcomment($this->writer);
$this->update();
Platal::page()->assign('msg', 'Commentaire ajouté');
return true;
}
if (Env::has('accept')) {
if ($this->commit()) {
Platal::page()->assign('msg', 'Email de validation envoyé');
return true;
} else {
Platal::page()->assign('msg', 'Erreur lors de la validation');
return false;
}
}
if (Env::has('delete')) {
if (!Env::v('ans')) {
Platal::page()->assign('msg', 'Pas de motivation pour le refus !!!');
return false;
} else {
if ($this->item->delete()) {
$this->item->sendmailfinal(false);
$this->clean();
Platal::page()->assign('msg', 'Email de refus envoyé');
return true;
} else {
Platal::page()->assign('msg', 'Erreur lors de la suppression des données');
return false;
}
}
}
return false;
}
public function t($key, $def = '')
{
if ($this->fake_env) {
return $this->fake_env->t($key, $def);
} else {
return Env::t($this->envprefix . $key, $def);
}
}
function handler_admin($page, $liste = null)
{
global $globals;
if (is_null($liste)) {
return PL_NOT_FOUND;
}
$mlist = $this->prepare_list($liste);
$this->is_group_admin($page);
if (!$this->is_group_admin($page)) {
$this->verify_list_owner($page, $mlist);
}
$page->changeTpl('lists/admin.tpl');
if (Env::has('send_mark')) {
S::assert_xsrf_token();
$actions = Env::v('mk_action');
$uids = Env::v('mk_uid');
$mails = Env::v('mk_email');
foreach ($actions as $key => $action) {
switch ($action) {
case 'none':
break;
case 'marketu':
case 'markets':
require_once 'emails.inc.php';
$user = User::get($uids[$key]);
$mail = valide_email($mails[$key]);
if (isvalid_email_redirection($mail, $user)) {
$from = $action == 'marketu' ? 'user' : 'staff';
$market = Marketing::get($uids[$key], $mail);
if (!$market) {
$market = new Marketing($uids[$key], $mail, 'list', $mlist->address, $from, S::v('uid'));
$market->add();
break;
}
}
default:
XDB::execute('INSERT IGNORE INTO register_subs (uid, type, sub, domain)
VALUES ({?}, \'list\', {?}, {?})', $uids[$key], $mlist->mbox, $mlist->domain);
}
}
}
if (Env::has('add_member') || isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) {
S::assert_xsrf_token();
if (isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) {
$upload =& PlUpload::get($_FILES['add_member_file'], S::user()->login(), 'list.addmember', true);
if (!$upload) {
$page->trigError("Une erreur s'est produite lors du téléchargement du fichier.");
} else {
$logins = $upload->getContents();
}
} else {
$logins = Env::v('add_member');
}
$logins = preg_split("/[; ,\r\n\\|]+/", $logins);
$members = User::getBulkForlifeEmailsFromEmail($logins);
$unfound = array_diff_key($logins, $members);
// Make sure we send a list (array_values) of unique (array_unique)
// emails.
$members = array_values(array_unique($members));
$arr = $mlist->subscribeBulk($members);
$successes = array();
if (is_array($arr)) {
foreach ($arr as $addr) {
$successes[] = $addr[1];
$page->trigSuccess("{$addr[0]} inscrit.");
}
}
$already = array_diff($members, $successes);
if (is_array($already)) {
foreach ($already as $item) {
$page->trigWarning($item . ' est déjà inscrit.');
}
}
if (is_array($unfound)) {
foreach ($unfound as $item) {
if (trim($item) != '') {
$page->trigError($item . " ne correspond pas à un compte existant et n'est pas une adresse email.");
}
}
}
}
if (Env::has('del_member')) {
S::assert_xsrf_token();
if (strpos(Env::v('del_member'), '@') === false) {
if ($del_member = User::getSilent(Env::t('del_member'))) {
$mlist->unsubscribeBulk(array($del_member->forlifeEmail()));
}
} else {
$mlist->unsubscribeBulk(array(Env::v('del_member')));
}
pl_redirect('lists/admin/' . $liste);
}
if (Env::has('add_owner')) {
S::assert_xsrf_token();
$owners = User::getBulkForlifeEmailsFromEmail(Env::v('add_owner'));
if ($owners) {
foreach ($owners as $forlife_email) {
if ($mlist->addOwner($forlife_email)) {
$page->trigSuccess($login . " ajouté aux modérateurs.");
}
}
}
}
if (Env::has('del_owner')) {
S::assert_xsrf_token();
if (strpos(Env::v('del_owner'), '@') === false) {
if ($del_owner = User::getSilent(Env::t('del_owner'))) {
$mlist->removeOwner($del_owner->forlifeEmail());
} else {
// Shit happens, and a non-email could be set as the owner
$mlist->removeOwner(Env::v('del_owner'));
}
} else {
$mlist->removeOwner(Env::v('del_owner'));
}
pl_redirect('lists/admin/' . $liste);
}
if (list($det, $mem, $own) = $mlist->getMembers()) {
global $list_unregistered;
if ($list_unregistered) {
$page->assign_by_ref('unregistered', $list_unregistered);
}
$membres = list_sort_members($mem, @$tri_promo);
$moderos = list_sort_owners($own, @$tri_promo);
$page->assign_by_ref('details', $det);
$page->assign_by_ref('members', $membres);
$page->assign_by_ref('owners', $moderos);
$page->assign('np_m', count($mem));
} else {
$page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer.<br />" . " Si tu penses qu'il s'agit d'une erreur, " . "<a href='mailto:support@polytechnique.org'>contact le support</a>.");
}
}
function handler_laf($page, $id = 0)
{
if (Env::has('trouve') && Env::has('obj')) {
if (S::logged()) {
XDB::execute("INSERT INTO laf\n SET uid = {?}, found = NOW(), description = {?}, context = {?}", S::user()->id(), Env::t('obj'), Env::t('desc'));
$page->assign('message', 'Pense à supprimer l\'objet une fois rendu à son propriétaire.');
require_once 'banana/hooks.inc.php';
$body = 'L\'objet ' . Env::t('obj') . ' a été retrouvé';
if (Env::t('desc') != '') {
$body .= ' dans les circonstances suivantes : ' . Env::t('desc');
}
$body .= '.\\n\\n' . S::user()->displayName() . '\\n\\n\\n' . 'Ceci est un message automatique, merci de le signaler sur frankiz une fois l\'objet rendu.';
send_message('br.pa', 'pong ' . Env::t('obj'), $body);
} else {
$page->assign('not_logged', 'true');
}
}
if (Env::has('perdu') && Env::has('obj')) {
if (S::logged()) {
XDB::execute("INSERT INTO laf\n SET uid = {?}, lost = NOW(), description = {?}, context = {?}", S::user()->id(), Env::t('obj'), Env::t('desc'));
$page->assign('message', 'Pense à supprimer l\'objet dès que celui-ci est retrouvé.');
require_once 'banana/hooks.inc.php';
$body = 'L\'objet ' . Env::t('obj') . ' a été perdu';
if (Env::t('desc') != '') {
$body .= ' dans les circonstances suivantes : ' . Env::t('desc');
}
$body .= '.\\n\\n' . S::user()->displayName() . '\\n\\n\\n' . 'Ceci est un message automatique, merci de le signaler sur frankiz une fois l\'objet retrouvé.';
send_message('br.pa', 'ping ' . Env::t('obj'), $body);
} else {
$page->assign('not_logged', 'true');
}
}
if (Env::has('pong')) {
$this->manage_pong($page, $id);
}
if (Env::has('del_pong')) {
if (S::logged()) {
$res = XDB::query("SELECT * FROM laf WHERE oid = {?}", $id)->fetchAllRow();
$res = $res[0];
if (S::user()->id() == $res[1]) {
XDB::execute("UPDATE laf SET lost = NOW() WHERE oid = {?}", $id);
$page->assign('message', 'L\'objet a été supprimé de la base.');
} else {
$page->assign('message', 'Seul celui qui a trouvé l\'objet peut le supprimer de la liste.');
}
} else {
$page->assign('no-logged', 'true');
}
}
if (Env::has('ping')) {
if (S::logged()) {
$this->manage_ping($page, $id);
} else {
$page->assign('not_logged', 'true');
}
}
if (Env::has('del_ping')) {
if (S::logged()) {
$res = XDB::query("SELECT * FROM laf WHERE oid = {?}", $id)->fetchAllRow();
$res = $res[0];
if (S::user()->id() == $res[1]) {
XDB::execute("UPDATE laf SET found = NOW() WHERE oid = {?}", $id);
$page->assign('message', 'L\'objet a été supprimé de la base.');
} else {
$page->assign('message', 'Seul celui qui a perdu l\'objet peut le supprimer de la liste.');
}
} else {
$page->assign('not_logged', 'true');
}
}
if (Env::has('ping_obj')) {
$res = XDB::query("SELECT * FROM laf WHERE ISNULL(found) \n \t\t\t\tAND description " . XDB::formatWildcards(XDB::WILDCARD_CONTAINS, Env::t('ping_obj')) . "\n \t\t\t\tOR context " . XDB::formatWildcards(XDB::WILDCARD_CONTAINS, Env::t('ping_obj')) . "\n \t\t\t\tORDER BY lost DESC LIMIT 30");
$lost = $res->fetchAllRow();
$page->assign('query', 'ping');
} else {
$res = XDB::query("SELECT * FROM laf WHERE ISNULL(found) ORDER BY lost DESC LIMIT 30");
$lost = $res->fetchAllRow();
}
if (Env::has('pong_obj')) {
$res = XDB::query("SELECT *\n FROM laf\n WHERE ISNULL(lost)\n \t\t\t\t AND description " . XDB::formatWildcards(XDB::WILDCARD_CONTAINS, Env::t('pong_obj')) . "\n \t\t\t\t OR context " . XDB::formatWildcards(XDB::WILDCARD_CONTAINS, Env::t('pong_obj')) . "\n \t\t\t\t ORDER BY found\n \t\t\t DESC LIMIT 30");
$found = $res->fetchAllRow();
$page->assign('query', 'pong');
} else {
$res = XDB::query("SELECT * FROM laf WHERE ISNULL(lost) ORDER BY found DESC LIMIT 30");
$found = $res->fetchAllRow();
}
$page->addCssLink('laf.css');
$page->assign('uid', s::user()->id());
$page->assign('title', 'Objets Trouvés');
$page->assign('lost', $lost);
$page->assign('found', $found);
$page->changeTpl('lostandfound/laf.tpl');
}
public function handle_editor()
{
$this->subject = Env::t('subject');
$this->body = Env::t('mail_body');
return true;
}
/**
* $model: The way of presenting the results: minifiche, trombi, geoloc.
* $byletter: Show only names beginning with this letter
*/
function handler_quick($page, $model = null, $byletter = null)
{
global $globals;
if (Env::has('quick') || $model == 'geoloc') {
$quick = Env::t('quick');
if (S::logged() && !Env::has('page')) {
S::logger()->log('search', 'quick=' . $quick);
}
if ($quick == '') {
$page->trigWarning('Aucun critère de recherche n\'est spécifié.');
$page->changeTpl('search/index.tpl');
$page->setTitle('Annuaire');
$page->assign('formulaire', 1);
return;
}
$list = 'profile|prf|fiche|fic|referent|ref|mentor';
if (S::admin()) {
$list .= '|admin|adm|ax';
}
$suffixes = array_keys(DirEnum::getOptions(DirEnum::ACCOUNTTYPES));
$suffixes = implode('|', $suffixes);
if (preg_match('/^(' . $list . '):([-a-z]+(\\.[-a-z]+(\\.(?:[md]?\\d{2,4}|' . $suffixes . '))?)?)$/', replace_accent($quick), $matches)) {
$login = $matches[2];
switch ($matches[1]) {
case 'admin':
case 'adm':
$base = 'admin/user/';
break;
case 'ax':
$base = 'profile/ax/';
break;
case 'profile':
case 'prf':
case 'fiche':
case 'fic':
$base = 'profile/';
break;
case 'referent':
case 'ref':
case 'mentor':
$base = 'referent/';
break;
}
$user = User::getSilent($login);
if ($user) {
pl_redirect($base . $user->login());
}
Get::set('quick', $login);
} elseif (strpos($quick, 'doc:') === 0) {
$url = 'Docs/Recherche?';
$url .= 'action=search&q=' . urlencode(substr($quick, 4));
$url .= '&group=' . urlencode('-Equipe,-Main,-PmWiki,-Site,-Review');
pl_redirect($url);
} elseif (strpos($quick, 'trombi:') === 0) {
$promo = substr($quick, 7);
$res = XDB::query("SELECT diminutif\n FROM groups\n WHERE cat = 'Promotions' AND diminutif = {?}", $promo);
if ($res->numRows() == 0) {
$page->trigWarning("La promotion demandée n'est pas valide: {$promo}");
} else {
http_redirect('http://www.polytechnique.net/login/' . $promo . '/annuaire/trombi');
}
}
$page->assign('formulaire', 0);
require_once 'userset.inc.php';
$view = new QuickSearchSet();
$view->addMod('minifiche', 'Mini-fiches', true, array('with_score' => true, 'starts_with' => $byletter));
$view->addMod('map', 'Planisphère');
if (S::logged() && !Env::i('nonins')) {
$view->addMod('trombi', 'Trombinoscope', false, array('with_promo' => true, 'with_score' => true));
}
$view->apply('search', $page, $model);
$nb_tot = $view->count();
$page->assign('search_results_nb', $nb_tot);
if (!S::logged() && $nb_tot > $globals->search->public_max) {
$page->trigError('Votre recherche a généré trop de résultats pour un affichage public.');
} elseif ($nb_tot > $globals->search->private_max) {
$page->trigError('Recherche trop générale. Une <a href="search/adv">recherche avancée</a> permet de préciser la recherche.');
} elseif (empty($nb_tot)) {
$page->trigError('Il n\'existe personne correspondant à ces critères dans la base !');
}
} else {
$page->assign('formulaire', 1);
}
$page->changeTpl('search/index.tpl');
$page->setTitle('Annuaire');
}
