function handler_admin($page)
{
$page->changeTpl('xnet/admin.tpl');
if (Get::has('del')) {
$res = XDB::query('SELECT id, nom, mail_domain
FROM groups WHERE diminutif={?}', Get::v('del'));
list($id, $nom, $domain) = $res->fetchOneRow();
$page->assign('nom', $nom);
if ($id && Post::has('del')) {
S::assert_xsrf_token();
XDB::query('DELETE FROM group_members WHERE asso_id={?}', $id);
$page->trigSuccess('membres supprimés');
if ($domain) {
XDB::execute('DELETE v
FROM email_virtual AS v
INNER JOIN email_virtual_domains AS d ON (v.domain = d.id)
WHERE d.name = {?}', $domain);
XDB::execute('DELETE FROM email_virtual_domains
WHERE name = {?}', $domain);
$page->trigSuccess('suppression des alias mails');
$mmlist = new MMList(S::v('uid'), S::v('password'), $domain);
if ($listes = $mmlist->get_lists()) {
foreach ($listes as $l) {
$mmlist->delete_list($l['list'], true);
}
$page->trigSuccess('mail lists surpprimées');
}
}
XDB::query('DELETE FROM groups WHERE id={?}', $id);
$page->trigSuccess("Groupe {$nom} supprimé");
Get::kill('del');
}
if (!$id) {
Get::kill('del');
}
}
if (Post::has('diminutif') && Post::v('diminutif') != "") {
S::assert_xsrf_token();
$res = XDB::query('SELECT COUNT(*)
FROM groups
WHERE diminutif = {?}', Post::v('diminutif'));
if ($res->fetchOneCell() == 0) {
XDB::execute('INSERT INTO groups (id, diminutif)
VALUES (NULL, {?})', Post::v('diminutif'));
pl_redirect(Post::v('diminutif') . '/edit');
} else {
$page->trigError('Le diminutif demandé est déjà pris.');
}
}
$res = XDB::query('SELECT nom, diminutif
FROM groups
ORDER BY nom');
$page->assign('assos', $res->fetchAllAssoc());
}
function show($area = null)
{
global $page, $fs, $db, $proj, $user, $conf;
$perpage = '20';
if (isset($user->infos['tasks_perpage'])) {
$perpage = $user->infos['tasks_perpage'];
}
$pagenum = max(1, Get::num('pagenum', 1));
$offset = $perpage * ($pagenum - 1);
// Get the visibility state of all columns
$visible = explode(' ', trim($proj->id ? $proj->prefs['visible_columns'] : $fs->prefs['visible_columns']));
if (!is_array($visible) || !count($visible) || !$visible[0]) {
$visible = array('id');
}
list($tasks, $id_list) = Backend::get_task_list($_GET, $visible, $offset, $perpage);
$page->assign('tasks', $tasks);
$page->assign('offset', $offset);
$page->assign('perpage', $perpage);
$page->assign('pagenum', $pagenum);
$page->assign('visible', $visible);
// List of task IDs for next/previous links
$_SESSION['tasklist'] = $id_list;
$page->assign('total', count($id_list));
// Javascript replacement
if (Get::val('toggleadvanced')) {
$advanced_search = intval(!Req::val('advancedsearch'));
Flyspray::setCookie('advancedsearch', $advanced_search, time() + 60 * 60 * 24 * 30);
$_COOKIE['advancedsearch'] = $advanced_search;
}
// Update check {{{
if (Get::has('hideupdatemsg')) {
unset($_SESSION['latest_version']);
} else {
if ($conf['general']['update_check'] && $user->perms('is_admin') && $fs->prefs['last_update_check'] < time() - 60 * 60 * 24 * 3) {
if (!isset($_SESSION['latest_version'])) {
$latest = Flyspray::remote_request('http://flyspray.org/version.txt', GET_CONTENTS);
//if for some silly reason we get and empty response, we use the actual version
$_SESSION['latest_version'] = empty($latest) ? $fs->version : $latest;
$db->x->execParam('UPDATE {prefs} SET pref_value = ? WHERE pref_name = ?', array(time(), 'last_update_check'));
}
}
}
if (isset($_SESSION['latest_version']) && version_compare($fs->version, $_SESSION['latest_version'], '<')) {
$page->assign('updatemsg', true);
}
// }}}
$page->setTitle($fs->prefs['page_title'] . $proj->prefs['project_title'] . ': ' . L('tasklist'));
$page->pushTpl('index.tpl');
}
protected function doAuth($level)
{
if (S::identified()) {
// Nothing to do there
return User::getSilentWithValues(null, array('uid' => S::i('uid')));
}
if (!Get::has('auth')) {
return null;
}
global $globals;
if (md5('1' . S::v('challenge') . $globals->xnet->secret . Get::i('uid') . '1') != Get::v('auth')) {
return null;
}
Get::kill('auth');
S::set('auth', AUTH_PASSWD);
return User::getSilentWithValues(null, array('uid' => Get::i('uid')));
}
function handler_panel($page)
{
$page->changeTpl('carnet/panel.tpl');
if (Get::has('read')) {
XDB::execute('UPDATE watch
SET last = FROM_UNIXTIME({?})
WHERE uid = {?}', Get::i('read'), S::i('uid'));
S::user()->invalidWatchCache();
Platal::session()->updateNbNotifs();
pl_redirect('carnet/panel');
}
require_once 'notifs.inc.php';
$page->assign('now', time());
$user = S::user();
$notifs = Watch::getEvents($user, time() - 7 * 86400);
$page->assign('notifs', $notifs);
$page->assign('today', date('Y-m-d'));
$this->_add_rss_link($page);
}
/** Check the validity of the current Wats4U SSO request.
*
* Dispatches the request to the appropriate protocol checker.
*
* Uses Get::
*
* @returns: boolean, whether the current HTTP request is a valid Wats4U request.
*/
function wats4u_sso_check()
{
global $globals;
$version = Get::s('version');
switch ($version) {
case "1.0":
if (!Get::has('url') || !Get::has('challenge') || !Get::has('pass') || !Get::has('session')) {
return false;
}
$return_url = Get::s('url');
$challenge = Get::s('challenge');
$pass = Get::s('pass');
$shared_key = $globals->wats4u->shared_key;
$valid_return_url_prefix = $globals->wats4u->return_url_prefix;
return wats4u_sso_v1_check($return_url, $challenge, $pass, $shared_key, $valid_return_url_prefix);
default:
return false;
}
}
function handler_nl_show($page, $nid = 'last')
{
$page->changeTpl('newsletter/show.tpl');
$nl = $this->getNl();
if (!$nl) {
return PL_NOT_FOUND;
}
try {
$issue = $nl->getIssue($nid);
$user =& S::user();
if (Get::has('text')) {
$issue->toText($page, $user);
} else {
$issue->toHtml($page, $user);
}
if (Post::has('send')) {
$issue->sendTo($user);
}
} catch (MailNotFound $e) {
return PL_NOT_FOUND;
}
}
header('Pragma: public');
header('Content-Length: ' . strlen($result));
ob_clean();
flush();
// finally send out our data
printf("%s", $result);
}
// } }}
// Javascript replacement
if (Get::val('toggleadvanced')) {
$advanced_search = intval(!Req::val('advancedsearch'));
Flyspray::setCookie('advancedsearch', $advanced_search, time() + 60 * 60 * 24 * 30);
$_COOKIE['advancedsearch'] = $advanced_search;
}
// Update check {{{
if (Get::has('hideupdatemsg')) {
unset($_SESSION['latest_version']);
} else {
if ($conf['general']['update_check'] && $user->perms('is_admin') && $fs->prefs['last_update_check'] < time() - 60 * 60 * 24 * 3) {
if (!isset($_SESSION['latest_version'])) {
$latest = Flyspray::remote_request('http://flyspray.org/version.txt', GET_CONTENTS);
//if for some silly reason we get and empty response, we use the actual version
$_SESSION['latest_version'] = empty($latest) ? $fs->version : $latest;
$db->Query('UPDATE {prefs} SET pref_value = ? WHERE pref_name = ?', array(time(), 'last_update_check'));
}
}
}
if (isset($_SESSION['latest_version']) && version_compare($fs->version, $_SESSION['latest_version'], '<')) {
$page->assign('updatemsg', true);
}
// }}}
/**
* @return BaseProcessor
*/
function BaseProcessor()
{
if (!Session::has(ACCOUNT_ID)) {
$this->SetError(1);
}
$accountId = Session::val(ACCOUNT_ID);
$this->sArray = Session::val(SARRAY, array());
$this->settings =& Settings::CreateInstance();
if (!$this->settings || !$this->settings->isLoad) {
$this->SetError(3);
}
if ($accountId) {
if (Get::has(CHANGE_ACCID)) {
$oldaccount =& Account::LoadFromDb(Session::val(ACCOUNT_ID, -1));
$accountId = Get::val(CHANGE_ACCID);
if (!isset($_SESSION['attachtempdir'])) {
$_SESSION['attachtempdir'] = md5(session_id());
}
$fs =& new FileSystem(INI_DIR . '/temp', $oldaccount->Email, $oldaccount->Id);
$attfolder =& new Folder($oldaccount->Id, -1, $_SESSION['attachtempdir']);
$fs->DeleteDir($attfolder);
unset($fs, $attfolder);
$this->sArray[ACCOUNT_ID] = $accountId;
$this->account =& Account::LoadFromDb($accountId);
if (!$this->account || $this->account->IdUser != $oldaccount->IdUser) {
$this->account = null;
} else {
$_SESSION[ACCOUNT_ID] = $accountId;
unset($_SESSION[SARRAY]);
$this->sArray = array();
}
} else {
$this->sArray[ACCOUNT_ID] = $accountId;
$this->account =& Account::LoadFromDb($accountId);
}
if (!$this->account) {
$this->SetError(2);
}
} else {
$this->SetError(1);
}
if (!isset($this->sArray[ACCOUNT_ID]) || $this->sArray[ACCOUNT_ID] != $accountId) {
$this->sArray[EDIT_ACCOUNT_ID] = $accountId;
}
$this->processor =& new MailProcessor($this->account);
if (!$this->processor->DbStorage || !$this->processor->DbStorage->Connect()) {
$this->SetError(5);
}
$this->db =& $this->processor->DbStorage;
$this->accounts =& $this->GetAccounts();
$skins =& FileSystem::GetSkinsList();
$hasDefSettingsSkin = false;
$normalSkin = false;
foreach ($skins as $skinName) {
if ($skinName == $this->settings->DefaultSkin) {
$hasDefSettingsSkin = true;
}
if ($skinName == $this->account->DefaultSkin) {
$normalSkin = true;
break;
}
}
if (!$normalSkin) {
$this->account->DefaultSkin = $hasDefSettingsSkin ? $this->settings->DefaultSkin : ($this->account->DefaultSkin = $skins[0]);
}
$_SESSION[ATTACH_DIR] = Session::val(ATTACH_DIR, md5(session_id()));
if (isset($this->sArray[SCREEN])) {
$screen = Get::val(SCREEN, $this->sArray[SCREEN]);
$this->sArray[SCREEN] = $screen;
if ($this->account->AllowChangeSettings == false && ($screen == SET_ACCOUNT_PROF || $screen == SET_ACCOUNT_ADDACC)) {
$this->sArray[SCREEN] = SCREEN_MAILBOX;
}
if (!$this->settings->AllowContacts && $screen == SCREEN_CONTACTS) {
$this->sArray[SCREEN] = SCREEN_MAILBOX;
}
} else {
$this->sArray[SCREEN] = Get::val(SCREEN, SCREEN_MAILBOX);
}
if (isset($this->sArray[FOLDER_ID])) {
$this->sArray[FOLDER_ID] = Get::val(FOLDER_ID, $this->sArray[FOLDER_ID]);
} else {
$this->sArray[FOLDER_ID] = Get::val(FOLDER_ID, -1);
}
if (Get::has(FOLDER_ID) || Get::has(SCREEN)) {
if (isset($this->sArray[SEARCH_ARRAY])) {
unset($this->sArray[SEARCH_ARRAY]);
}
}
if (Session::has(GOTOFOLDER)) {
$this->sArray[GOTOFOLDER] = Session::val(GOTOFOLDER, '');
unset($_SESSION[GOTOFOLDER]);
}
if (isset($this->sArray[PAGE])) {
$this->sArray[PAGE] = Get::val(PAGE, $this->sArray[PAGE]);
} else {
$this->sArray[PAGE] = 1;
}
if (Get::has(S_GETMODE)) {
$this->sArray[SEARCH_ARRAY][S_TEXT] = Get::val(S_GETMODE, 'mini') == 'mini' ? Post::val('smallLookFor', '') : Post::val('bigLookFor', '');
if (!empty($this->sArray[SEARCH_ARRAY][S_TEXT])) {
$this->sArray[SEARCH_ARRAY][S_FOLDER] = Post::val('qfolder', -2);
$this->sArray[SEARCH_ARRAY][S_MODE] = Post::val('qmmode', 'onlyheaders');
$this->sArray[FOLDER_ID] = $this->sArray[SEARCH_ARRAY][S_FOLDER];
$this->sArray[PAGE] = 1;
} else {
if (Post::val('qfolder', -2) < 1) {
$this->sArray[FOLDER_ID] = -1;
}
unset($this->sArray[SEARCH_ARRAY]);
$this->sArray[PAGE] = 1;
}
}
if (Get::has(S_GETMODECONTACT)) {
$this->sArray[SEARCH_ARRAY][S_TEXT] = Get::val(S_GETMODECONTACT, 'mini') == 'mini' ? Post::val('smallLookFor', '') : Post::val('bigLookFor', '');
$this->sArray[CONTACT_ID] = Post::val(CONTACT_ID, -1);
$this->sArray[CONTACT_PAGE] = 1;
}
if (isset($this->sArray[SEARCH_ARRAY][S_FOLDER])) {
$this->sArray[FOLDER_ID] = $this->sArray[SEARCH_ARRAY][S_FOLDER];
}
if (isset($this->sArray[EDIT_ACCOUNT_ID])) {
$this->sArray[EDIT_ACCOUNT_ID] = Get::val(EDIT_ACCOUNT_ID, $this->sArray[EDIT_ACCOUNT_ID]);
} else {
$this->sArray[EDIT_ACCOUNT_ID] = $accountId;
}
if (Get::has(EDIT_ACCOUNT_ID)) {
$this->sArray[SCREEN] = $this->sArray[SCREEN] == SET_ACCOUNT_ADDACC ? SET_ACCOUNT_PROF : $this->sArray[SCREEN];
}
$this->sArray[CONTACT_PAGE] = isset($this->sArray[CONTACT_PAGE]) ? Get::val(CONTACT_PAGE, $this->sArray[CONTACT_PAGE]) : Get::val(CONTACT_PAGE, 1);
$this->sArray[CONTACT_ORD] = isset($this->sArray[CONTACT_ORD]) ? Get::val(CONTACT_ORD, $this->sArray[CONTACT_ORD]) : Get::val(CONTACT_ORD, 0);
if (isset($this->sArray[CONTACT_FLD])) {
if (Get::val(CONTACT_FLD, $this->sArray[CONTACT_FLD]) != $this->sArray[CONTACT_FLD]) {
$this->sArray[CONTACT_ORD] = 0;
}
$this->sArray[CONTACT_FLD] = Get::val(CONTACT_FLD, $this->sArray[CONTACT_FLD]);
} else {
$this->sArray[CONTACT_FLD] = Get::val(CONTACT_FLD, 0);
}
if (isset($_COOKIE['wm_vert_resizer']) || isset($_COOKIE['wm_horiz_resizer']) || isset($_COOKIE['wm_hide_folders'])) {
if (isset($_COOKIE['wm_vert_resizer']) && strlen($_COOKIE['wm_vert_resizer']) > 0) {
$this->account->VertResizer = (int) $_COOKIE['wm_vert_resizer'];
setcookie('wm_vert_resizer', '0', time() - 24 * 3600);
}
if (isset($_COOKIE['wm_horiz_resizer']) && strlen($_COOKIE['wm_horiz_resizer']) > 0) {
$this->account->HorizResizer = (int) $_COOKIE['wm_horiz_resizer'];
setcookie('wm_horiz_resizer', '0', time() - 24 * 3600);
}
if (isset($_COOKIE['wm_hide_folders']) && strlen($_COOKIE['wm_hide_folders']) > 0) {
$this->account->HideFolders = (bool) $_COOKIE['wm_hide_folders'];
setcookie('wm_hide_folders', '0', time() - 24 * 3600);
}
$this->account->Update();
}
$this->FillData();
$this->UpdateSession();
}
/**
* @param PageBuilder $pageBuilder
* @return ContactsPanel
*/
function CNewMessagePanel(&$pagebuilder)
{
$this->Type = Post::val('mtype', 'mes');
$this->To = '';
$this->_pagebuilder =& $pagebuilder;
$this->_proc =& $pagebuilder->_proc;
$this->From = $this->_getFromEmail();
$this->_pagebuilder->_top->AddOnResize('ResizeElements(\'all\');');
if ($this->_proc->account->AllowDhtmlEditor) {
$editorResize = 'HTMLEditor.Resize(width - 1, height - 2);';
$editorReplace = 'HTMLEditor.Replace();';
} else {
$editorResize = '
plainEditor.style.height = (height - 1) + "px";
plainEditor.style.width = (width - 2) + "px";
';
$editorReplace = '';
}
$this->inputs = '';
$contacts = null;
if (Post::has('contacts') && is_array(Post::val('contacts'))) {
$contactsArray = array_keys(Post::val('contacts'));
$contacts =& $this->_proc->db->LoadContactsById($contactsArray);
}
if (Post::has('groupid')) {
$group =& $this->_proc->db->SelectGroupById(Post::val('groupid', -1));
$contacts =& $this->_proc->db->SelectAddressGroupContacts(Post::val('groupid', -1));
}
if ($contacts) {
foreach ($contacts->Instance() as $contact) {
if (!$contact->Email) {
continue;
}
$this->To .= $contact->Name ? '"' . $contact->Name . '" <' . $contact->Email . '>, ' : $contact->Email . ',';
}
$this->To = trim(trim($this->To), ',');
}
if (Post::has('mailto')) {
$this->To = Post::val('mailto', '');
}
if (Get::has('to')) {
$this->To = (string) trim(Get::val('to', ''));
}
$message = null;
$isHtml = $this->_proc->account->AllowDhtmlEditor;
$this->attacmentsHtml = '';
$this->_pagebuilder->AddJSText('
var bcc, bcc_mode, bcc_mode_switcher;
var plainCont = null;
var plainEditor = null;
var HTMLEditor = null;
var EditAreaUrl = "edit-area.php";
var prevWidth = 0;
var prevHeight = 0;
var rowIndex = 0;
function ResizeElements(mode)
{
var width = GetWidth();
if (width < 684)
width = 684;
width = width - 40;
var height = Math.ceil(width/3);
if (prevWidth != width && prevHeight != height) {
prevWidth = width;
prevHeight = height;
if (plainCont != null) {
plainCont.style.height = height + "px";
plainCont.style.width = width + "px";
' . $editorResize . '
}
}
}
function WriteEmails(str, field)
{
var mailInput;
if (field == 2) {
mailInput = document.getElementById("toCC");
} else if (field == 3) {
mailInput = document.getElementById("toBCC");
} else {
mailInput = document.getElementById("toemail");
}
if (mailInput) {
mailInput.value = (mailInput.value == "") ? str : mailInput.value + ", " + str;
mailInput.focus();
}
}
function LoadAttachmentHandler(attachObj)
{
var attachtable = document.getElementById("attachmentTable");
if (attachObj)
{
var imageLink = GetFileParams(attachObj.FileName);
var tr = attachtable.insertRow(rowIndex++);
tr.id = "tr_" + attachObj.TempName;
var td = tr.insertCell(0);
td.className = "wm_attachment";
var innerHtml = \'<img src="./images/icons/\' + imageLink.image + \'" />\';
innerHtml += \'<input type="hidden" name="attachments[\' + attachObj.TempName + \']" value="\' + attachObj.FileName + \'">\';
innerHtml += HtmlEncode(attachObj.FileName) + \' (\' + GetFriendlySize(attachObj.Size) + \') <a href="#" id="\' + attachObj.TempName + \'" onclick="return DeleteAttach(this.id);">' . JS_LANG_Delete . '</a>\';
td.innerHTML = innerHtml;
}
}
function ChangeBCCMode()
{
if (bcc_mode == "hide") {
bcc_mode = "show";
bcc.className = "";
bcc_mode_switcher.innerHTML = Lang.HideBCC;
} else {
bcc_mode = "hide";
bcc.className = "wm_hide";
bcc_mode_switcher.innerHTML = Lang.ShowBCC;
}
' . $editorReplace . '
return false;
}
function UpdateIdUid(id, uid)
{
var idf = document.getElementById("m_id");
var uidf = document.getElementById("m_uid");
if (idf && uidf) {
idf.value = id;
uidf.value = uid;
}
}
var Rep_m, Err_m;
var hiddensaveiframe;
var pop3Pr = ' . ($pagebuilder->_proc->account->MailProtocol == MAILPROTOCOL_POP3 ? 'true' : 'false') . ';
function DoSaveButton()
{
if (pop3Pr)
{
if (!hiddensaveiframe) {
hiddensaveiframe = CreateChildWithAttrs(document.body, "iframe", [["name", "hiddensaveiframe"], ["class", "wm_hide"]]);
}
}
var form = document.getElementById("messageForm");
form.action = "' . ACTIONFILE . '?action=save&req=message";
form.target = (pop3Pr) ? "hiddensaveiframe" : "";
if (submitSaveMessage()) {
form.submit();
}
}
function DoSendButton()
{
var toemail = document.getElementById("toemail");
var ccemail = document.getElementById("toCC");
var bccemail = document.getElementById("toBCC");
var subject = document.getElementById("subject");
var mailIsCorrect = false;
if ((toemail && toemail.value.length > 3) || (ccemail && ccemail.value.length > 3) || (bccemail && bccemail.value.length > 3)) {
mailIsCorrect = true;
}
if (mailIsCorrect) {
if (subject && subject.value.length < 1 && !confirm(Lang.ConfirmEmptySubject)) {
return false;
}
var form = document.getElementById("messageForm");
form.action = "' . ACTIONFILE . '?action=send&req=message";
form.target = "";
if (submitSaveMessage()) {
form.submit();
}
} else {
alert(Lang.WarningToBlank);
}
}
function DeleteAttach(idline)
{
var trtable = document.getElementById("tr_" + idline);
if (trtable)
{
trtable.className = "wm_hide";
CleanNode(trtable);
}
return false;
}
function ShowPictures()
{
var showPictureTable = document.getElementById("showpicturestable");
if (HTMLEditor) {
var temp = HTMLEditor.GetText().ReplaceStr("wmx_src", "src");
temp = temp.ReplaceStr("wmx_background", "background");
HTMLEditor.SetHtml(temp);
if (showPictureTable) {
showPictureTable.className = "wm_hide";
}
HTMLEditor.Replace();
}
}
');
$this->_pagebuilder->AddInitText('
bcc_mode = "hide";
bcc = document.getElementById("bcc");
bcc_mode_switcher = document.getElementById("bcc_mode_switcher");
plainEditor = document.getElementById("editor_area");
plainCont = document.getElementById("editor_cont");
Rep_m = new CReport("Rep_m");
Rep_m.Build();
Err_m = new CError("Err_m", "' . ConvertUtils::ClearJavaScriptString($this->_pagebuilder->SkinName(), '"') . '");
Err_m.Build();
');
$m_id = -1;
$m_uid = '';
if (Post::has('m_id')) {
$mes_id = Post::val('m_id');
$mes_uid = Post::val('m_uid');
$folder_id = Post::val('f_id');
$folder_name = Post::val('f_name');
$folder_name = 'defaultname';
$mes_charset = Post::val('charset', -1);
$message = new GetMessageBase($this->_proc->account, $mes_id, $mes_uid, $folder_id, $folder_name, $mes_charset);
$m_id = (int) $mes_id;
$m_uid = $mes_uid;
}
$this->inputs = '<input type="hidden" id="m_id" name="m_id" value="' . ConvertUtils::AttributeQuote($m_id) . '"><input type="hidden" id="m_uid" name="m_uid" value="' . ConvertUtils::AttributeQuote($m_uid) . '">';
$withSignature = false;
switch ($this->_proc->account->SignatureOptions) {
case SIGNATURE_OPTION_AddToAll:
$withSignature = true;
break;
case SIGNATURE_OPTION_AddToNewOnly:
$withSignature = $this->Type == 'mes';
break;
default:
case SIGNATURE_OPTION_DontAdd:
$withSignature = false;
break;
}
if ($message) {
if ($this->Type != 'forward' && $this->Type != 'reply' && $this->Type != 'replytoall') {
$withSignature = false;
}
$this->_pagebuilder->AddInitText('SetPriority(' . $message->msg->GetPriorityStatus() . ');');
switch ($this->Type) {
default:
$this->To = $message->PrintTo(true);
$this->CC = $message->PrintCC(true);
$this->BCC = '';
$this->Subject = $message->PrintSubject(true);
break;
case 'forward':
$this->To = '';
$this->CC = '';
$this->BCC = '';
$this->Subject = JS_LANG_Fwd . ': ' . $message->PrintSubject(true);
break;
case 'reply':
$replyto = trim($message->PrintReplyTo(true));
$this->To = strlen($replyto) > 0 ? $replyto : $message->PrintFrom(true);
$this->CC = '';
$this->BCC = '';
$this->Subject = JS_LANG_Re . ': ' . $message->PrintSubject(true);
break;
case 'replytoall':
$emailCollection =& $message->msg->GetAllRecipients(false, true);
$temp = '';
if ($emailCollection) {
foreach ($emailCollection->Instance() as $value) {
$email =& $value;
if ($email->Email != $this->_proc->account->Email) {
$temp .= $email->Email . ', ';
}
}
}
$this->To = trim(trim($temp), ',');
$this->CC = '';
$this->BCC = '';
$this->Subject = JS_LANG_Re . ': ' . $message->PrintSubject(true);
break;
}
if ($this->_proc->account->AllowDhtmlEditor) {
switch ($this->Type) {
case 'forward':
case 'reply':
case 'replytoall':
if ($message->account->ViewMode == VIEW_MODE_PREVIEW_PANE_NO_IMG || $message->account->ViewMode == VIEW_MODE_WITHOUT_PREVIEW_PANE_NO_IMG) {
$isHtml = true;
$this->Body = ConvertUtils::HtmlBodyWithoutImages($message->msg->GetRelpyAsHtml(true));
if (isset($GLOBALS[GL_WITHIMG]) && $GLOBALS[GL_WITHIMG]) {
$GLOBALS[GL_WITHIMG] = false;
$this->isSafety = false;
}
} else {
$isHtml = true;
$this->Body = ConvertUtils::HtmlBodyWithoutImages($message->msg->GetRelpyAsHtml(true));
}
break;
default:
if ($message->account->ViewMode == VIEW_MODE_PREVIEW_PANE_NO_IMG || $message->account->ViewMode == VIEW_MODE_WITHOUT_PREVIEW_PANE_NO_IMG) {
if ($message->msg->HasHtmlText()) {
$isHtml = true;
$this->Body = ConvertUtils::HtmlBodyWithoutImages($message->msg->GetCensoredHtmlWithImageLinks(true));
if (isset($GLOBALS[GL_WITHIMG]) && $GLOBALS[GL_WITHIMG]) {
$GLOBALS[GL_WITHIMG] = false;
$this->isSafety = false;
}
} elseif ($message->msg->HasPlainText()) {
$isHtml = false;
$this->Body = $message->msg->GetNotCensoredTextBody(true);
}
} else {
if ($message->msg->HasHtmlText()) {
$isHtml = true;
$this->Body = $message->msg->GetCensoredHtmlWithImageLinks(true);
} elseif ($message->msg->HasPlainText()) {
$isHtml = false;
$this->Body = $message->msg->GetNotCensoredTextBody(true);
}
}
break;
}
} else {
$isHtml = false;
switch ($this->Type) {
case 'forward':
case 'reply':
case 'replytoall':
$this->Body = $message->msg->GetRelpyAsPlain(true);
break;
default:
$this->Body = $message->msg->GetNotCensoredTextBody(true);
break;
}
}
if ($message->HasAttachments() && $this->Type != 'reply' && $this->Type != 'replytoall') {
$attachments =& $message->msg->Attachments;
if ($attachments != null && $attachments->Count() > 0) {
foreach (array_keys($attachments->Instance()) as $key) {
$attachment =& $attachments->Get($key);
$tempname = $message->msg->IdMsg . '-' . $key . '_' . $attachment->GetTempName();
//$filename = ConvertUtils::ConvertEncoding($attachment->GetFilenameFromMime(), $GLOBALS[MailInputCharset], $message->account->GetUserCharset());
$filename = ConvertUtils::WMHtmlSpecialChars($attachment->GetFilenameFromMime());
$filesize = GetFriendlySize(strlen($attachment->MimePart->GetBinaryBody()));
$fs =& new FileSystem(INI_DIR . '/temp', $message->account->Email, $message->account->Id);
$attfolder =& new Folder($message->account->Id, -1, Session::val('attachtempdir', md5(session_id())));
$fs->SaveAttach($attachment, $attfolder, $tempname);
$this->attacmentsHtml .= '
<tr id="tr_' . ConvertUtils::AttributeQuote($tempname) . '"><td class="wm_attachment"><img src="./images/icons/' . GetAttachImg($filename) . '" />
<input type="hidden" name="attachments[' . ConvertUtils::AttributeQuote($tempname) . ']" value="' . ConvertUtils::AttributeQuote($filename) . '"> ' . $filename . '
(' . $filesize . ')
<a href="#" id="' . ConvertUtils::AttributeQuote($tempname) . '" onClick="return DeleteAttach(this.id);">' . JS_LANG_Delete . '</a></td></tr>';
}
}
}
} else {
$this->_pagebuilder->AddInitText('SetPriority(3);');
}
$signature = '';
if ($withSignature) {
if ($this->_proc->account->AllowDhtmlEditor) {
$signature = $this->_proc->account->SignatureType == 0 ? nl2br($this->_proc->account->Signature) : $this->_proc->account->Signature;
$signature = $isHtml ? $signature : strip_tags(nl2br($signature));
} else {
$signature = $this->_proc->account->SignatureType == 0 ? strip_tags($this->_proc->account->Signature) : strip_tags($this->_proc->account->Signature);
}
}
$this->Body = $signature . $this->Body;
if ($this->_proc->account->AllowDhtmlEditor) {
$this->_pagebuilder->AddJSFile('class.html-editor.js');
$setText = $isHtml ? 'HTMLEditor.SetHtml(mess);' : 'HTMLEditor.SetText(mess);';
$this->_pagebuilder->AddJSText('
function submitSaveMessage()
{
var hiddenkey = document.getElementById("ishtml");
if (HTMLEditor._htmlMode) {
plainEditor.value = HTMLEditor.GetText();
hiddenkey.value = "1";
} else {
hiddenkey.value = "0";
}
if (bcc_mode == "hide")
{
document.getElementById("toBCC").value = "";
}
return true;
}
function EditAreaLoadHandler() { HTMLEditor.LoadEditArea(); }
function CreateLinkHandler(url) { HTMLEditor.CreateLinkFromWindow(url); }
function DesignModeOnHandler(rer) {
HTMLEditor.Show();
var mess = "' . ConvertUtils::ReBuildStringToJavaScript($this->Body, '"') . '";
if (mess.length == 0) {
mess = "<br />";
}
' . $setText . '
}
');
$this->_pagebuilder->AddInitText('
HTMLEditor = new CHtmlEditorField(true);
HTMLEditor.SetPlainEditor(plainEditor, document.getElementById("mode_switcher"));
HTMLEditor.Show();');
} else {
$this->_pagebuilder->AddJSText('
function submitSaveMessage()
{
var hiddenkey = document.getElementById("ishtml");
hiddenkey.value = "0";
if (bcc_mode == "hide") {
document.getElementById("toBCC").value = "";
}
return true;
}
');
}
}
foreach ($modes as $mode) {
require_once BASEDIR . '/scripts/' . $mode . '.php';
}
$do = Req::val('do');
// Any "do" mode that accepts a task_id or id field should be added here.
if (Req::num('task_id')) {
$project_id = $db->x->GetOne('SELECT project_id
FROM {tasks}
WHERE task_id = ?', null, Req::num('task_id'));
$do = Filters::enum($do, array('details', 'depends', 'editcomment'));
} else {
if ($do == 'admin' && Get::has('switch') && Get::val('project') != '0') {
$do = 'pm';
} elseif ($do == 'pm' && Get::has('switch') && Get::val('project') == '0') {
$do = 'admin';
} elseif (Get::has('switch') && $do == 'details') {
$do = 'index';
}
if ($do && class_exists('FlysprayDo' . ucfirst($do)) && !call_user_func(array('FlysprayDo' . ucfirst($do), 'is_projectlevel'))) {
$project_id = 0;
}
}
if (!isset($project_id)) {
// Determine which project we want to see
if (($project_id = Cookie::val('flyspray_project')) == '') {
$project_id = $fs->prefs['default_project'];
}
$project_id = Req::val('project', Req::val('project_id', $project_id));
}
$proj = new Project($project_id);
// reset do for default project level entry page
function handler_index($page, $action = null)
{
require_once 'emails.inc.php';
require_once 'googleapps.inc.php';
$page->changeTpl('googleapps/index.tpl');
$page->setTitle('Compte Google Apps');
$user = S::user();
$account = new GoogleAppsAccount($user);
// Fills up the 'is Google Apps redirection active' variable.
$redirect_active = false;
$redirect_unique = true;
$gapps_email = '';
if ($account->active()) {
$redirect = new Redirect($user);
foreach ($redirect->emails as $email) {
if ($email->type == 'googleapps') {
$gapps_email = $email->email;
$redirect_active = $email->active;
$redirect_unique = !$redirect->other_active($email->email);
}
}
}
$page->assign('redirect_active', $redirect_active);
$page->assign('redirect_unique', $redirect_unique);
// Updates the Google Apps account as required.
if ($action) {
if ($action == 'password' && Post::has('pwsync')) {
S::assert_xsrf_token();
if (Post::v('pwsync') == 'sync') {
$account->set_password_sync(true);
$account->set_password($user->password());
} else {
$account->set_password_sync(false);
}
} elseif ($action == 'password' && Post::has('pwhash') && Post::t('pwhash') && !$account->sync_password) {
S::assert_xsrf_token();
$account->set_password(Post::t('pwhash'));
}
if ($action == 'suspend' && Post::has('suspend') && $account->active()) {
S::assert_xsrf_token();
if ($account->pending_update_suspension) {
$page->trigWarning("Ton compte est déjà en cours de désactivation.");
} else {
if (!$redirect_active || $redirect->modify_one_email($gapps_email, false) == SUCCESS) {
$account->suspend();
$page->trigSuccess("Ton compte Google Apps est dorénavant désactivé.");
} else {
$page->trigError("Ton compte Google Apps est ta seule adresse de redirection. Ton compte ne peux pas être désactivé.");
}
}
} elseif ($action == 'unsuspend' && Post::has('unsuspend') && $account->suspended()) {
$account->unsuspend(Post::b('redirect_mails', true));
$page->trigSuccess("Ta demande de réactivation a bien été prise en compte.");
}
if ($action == 'create') {
$page->assign('has_password_sync', Get::has('password_sync'));
$page->assign('password_sync', Get::b('password_sync', true));
}
if ($action == 'create' && Post::has('password_sync') && Post::has('redirect_mails')) {
S::assert_xsrf_token();
$password_sync = Post::b('password_sync');
$redirect_mails = Post::b('redirect_mails');
if ($password_sync) {
$password = $user->password();
} else {
$password = Post::t('pwhash');
}
$account->create($password_sync, $password, $redirect_mails);
$page->trigSuccess("La demande de création de ton compte Google Apps a bien été enregistrée.");
}
}
$page->assign('account', $account);
}
function val($key, $default = null)
{
return Get::has($key) ? $_GET[$key] : $default;
}
function handler_register($page, $hash = null)
{
$page->forceSkin('register');
$alert = array();
$alert_details = '';
$subState = new PlDict(S::v('subState', array()));
if (!$subState->has('step')) {
$subState->set('step', 0);
}
if (!$subState->has('backs')) {
$subState->set('backs', new PlDict());
}
if (Get::has('back') && Get::i('back') < $subState->i('step')) {
$subState->set('step', max(0, Get::i('back')));
$subState->v('backs')->set($subState->v('backs')->count() + 1, $subState->dict());
$subState->v('backs')->kill('backs');
if ($subState->v('backs')->count() == 3) {
$alert[] = "Tentative d'inscription très hésitante";
$alert_details .= "\n * Retours en arrières : 3.";
}
}
if ($hash) {
$res = XDB::query("SELECT a.uid, a.hruid, ppn.lastname_initial AS lastname, ppn.firstname_initial AS firstname, p.xorg_id AS xorgid,\n pd.promo, pe.promo_year AS yearpromo, pde.degree AS edu_type,\n p.birthdate_ref AS birthdateRef, FIND_IN_SET('watch', a.flags) AS watch, m.hash, a.type, a.comment\n FROM register_marketing AS m\n INNER JOIN accounts AS a ON (m.uid = a.uid)\n INNER JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profiles AS p ON (p.pid = ap.pid)\n INNER JOIN profile_display AS pd ON (p.pid = pd.pid)\n INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n INNER JOIN profile_education_degree_enum AS pde ON (pde.id = pe.degreeid)\n INNER JOIN profile_public_names AS ppn ON (ppn.pid = p.pid)\n WHERE m.hash = {?} AND a.state = 'pending'", $hash);
if ($res->numRows() == 1) {
$subState->merge($res->fetchOneRow());
$subState->set('main_mail_domain', User::$sub_mail_domains[$subState->v('type')]);
XDB::execute('INSERT INTO register_mstats (uid, sender, success)
SELECT m.uid, m.sender, 0
FROM register_marketing AS m
WHERE m.hash
ON DUPLICATE KEY UPDATE sender = VALUES(sender), success = VALUES(success)', $subState->s('hash'));
}
}
switch ($subState->i('step')) {
case 0:
$wp = new PlWikiPage('Reference.Charte');
$wp->buildCache();
if (Post::has('step1')) {
$subState->set('step', 1);
if ($subState->has('hash')) {
$subState->set('step', 3);
$this->load('register.inc.php');
createAliases($subState);
}
}
break;
case 1:
if (Post::has('yearpromo')) {
$edu_type = Post::t('edu_type');
$yearpromo = Post::i('yearpromo');
$promo = Profile::$cycle_prefixes[$edu_type] . $yearpromo;
$res = XDB::query("SELECT COUNT(*)\n FROM accounts AS a\n INNER JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profiles AS p ON (p.pid = ap.pid)\n INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n WHERE a.state = 'pending' AND p.deathdate IS NULL AND pe.promo_year = {?}", $yearpromo);
if (!$res->fetchOneCell()) {
$error = 'La promotion saisie est incorrecte ou tous les camarades de cette promotion sont inscrits !';
} else {
$subState->set('step', 2);
$subState->set('promo', $promo);
$subState->set('yearpromo', $yearpromo);
$subState->set('edu_type', $edu_type);
if ($edu_type == Profile::DEGREE_X) {
if ($yearpromo >= 1996 && $yearpromo < 2000) {
$subState->set('schoolid', $yearpromo % 100 * 10 . '???');
$subState->set('schoolid_exemple', $yearpromo % 100 * 10000 + 532);
$subState->set('schoolid_exemple_ev2', ($yearpromo + 1) % 100 * 10000 + 532);
} elseif ($yearpromo >= 2000) {
$subState->set('schoolid', 100 + $yearpromo % 100 . '???');
$subState->set('schoolid_exemple', (100 + $yearpromo % 100) * 1000 + 532);
$subState->set('schoolid_exemple_ev2', (100 + ($yearpromo + 1) % 100) * 1000 + 532);
}
}
}
}
break;
case 2:
if (count($_POST)) {
$this->load('register.inc.php');
$subState->set('firstname', Post::t('firstname'));
$subState->set('lastname', Post::t('lastname'));
if (Post::has('schoolid')) {
$subState->set('schoolid', Post::i('schoolid'));
}
$error = checkNewUser($subState);
if ($error !== true) {
break;
}
$error = createAliases($subState);
if ($error === true) {
unset($error);
$subState->set('step', 3);
}
}
break;
case 3:
if (count($_POST)) {
$this->load('register.inc.php');
// Validate the email address format and domain.
require_once 'emails.inc.php';
$user = User::get($subState->s('uid'));
if (!isvalid_email(Post::v('email'))) {
$error[] = "Le champ 'Email' n'est pas valide.";
} elseif (!isvalid_email_redirection(Post::v('email'), $user)) {
$error[] = $subState->s('forlife') . ' doit renvoyer vers un email existant ' . 'valide, en particulier, il ne peut pas être renvoyé vers lui-même.';
}
// Validate the birthday format and range.
$birth = Post::t('birthdate');
if (!preg_match('@^[0-3]?\\d/[01]?\\d/(19|20)?\\d{2}$@', $birth)) {
$error[] = "La 'Date de naissance' n'est pas correcte.";
} else {
$birth = explode('/', $birth, 3);
for ($i = 0; $i < 3; ++$i) {
$birth[$i] = intval($birth[$i]);
}
if ($birth[2] < 100) {
$birth[2] += 1900;
}
$year = $birth[2];
$ref_year = substr($subState->v('birthdateRef'), 0, 4);
if (abs($ref_year - $year) > 2) {
$error[] = "La 'Date de naissance' n'est pas correcte.";
$alert[] = "Date de naissance incorrecte à l'inscription";
$alert_details .= "\n * Date de naissance renseignée : " . Post::t('birthdate');
if ($subState->v('birthdateRef') == '0000-00-00') {
$alert_details .= ' (date inconnue)';
} else {
$alert_details .= ' (date connue : ' . $subState->v('birthdateRef') . ')';
}
$subState->set('wrong_birthdate', $birth);
}
}
// Register the optional services requested by the user.
$services = array();
foreach (array('com_letters', 'imap', 'ml_promo', 'nl') as $service) {
if (Post::b($service)) {
$services[] = $service;
}
}
$subState->set('services', $services);
// Validate the password.
if (!Post::v('pwhash', false)) {
$error[] = "Le mot de passe n'est pas valide.";
}
// Check if the given email is known as dangerous.
$res = XDB::query("SELECT state, description\n FROM email_watch\n WHERE email = {?} AND state != 'safe'", Post::v('email'));
$bannedEmail = false;
if ($res->numRows()) {
list($state, $description) = $res->fetchOneRow();
$alert[] = "Email surveillé proposé à l'inscription";
$alert_details .= "\n * Email surveillé : " . Post::v('email');
$subState->set('email_desc', $description);
if ($state == 'dangerous') {
$bannedEmail = true;
}
}
if ($subState->i('watch') != 0) {
$alert[] = "Inscription d'un utilisateur surveillé";
$alert_details .= "\n * Commentaire pour la surveillance : " . $subState->v('comment');
}
if ($bannedIp = check_ip('unsafe')) {
unset($error);
}
if (isset($error)) {
$error = join('<br />', $error);
} else {
$subState->set('birthdate', sprintf("%04d-%02d-%02d", intval($birth[2]), intval($birth[1]), intval($birth[0])));
$subState->set('email', Post::t('email'));
$subState->set('password', Post::t('pwhash'));
// Update the current alert if the birthdate is incorrect,
// or if the IP address of the user has been banned.
if ($subState->s('birthdateRef') != '0000-00-00' && $subState->s('birthdateRef') != $subState->s('birthdate')) {
$alert[] = "Date de naissance incorrecte à l'inscription";
$alert_details .= "\n * Date de naissance renseignée : " . Post::t('birthdate');
if ($subState->v('birthdateRef') == '0000-00-00') {
$alert_details .= ' (date inconnue)';
} else {
$alert_details .= ' (date connue : ' . $subState->v('birthdateRef') . ')';
}
}
if ($bannedIp) {
$alert[] = "Tentative d'inscription depuis une IP surveillée";
$alert_details .= "\n * IP surveillée : " . $_SESSION['check_ip'];
}
// Prevent banned user from actually registering; save the current state for others.
if ($bannedEmail || $bannedIp) {
global $globals;
$error = "Une erreur s'est produite lors de l'inscription." . " Merci de contacter <a href='mailto:register@{$globals->mail->domain}>" . " register@{$globals->mail->domain}</a>" . " pour nous faire part de cette erreur.";
} else {
$subState->set('step', 4);
if ($subState->v('backs')->count() >= 3) {
$alert[] = "Fin d'une inscription hésitante";
$alert_details .= "\n * Nombre de retours en arrière : " . $subState->v('backs')->count();
}
finishRegistration($subState);
}
}
}
break;
}
$_SESSION['subState'] = $subState->dict();
if (count($alert)) {
$alert_details = "Détails des alertes :" . $alert_details . "\n\n";
$alert_details .= 'Compte concerné : ' . $subState->s('forlife') . ' (redirection vers : ' . ($subState->s('email') == '' ? Post::t('email') : $subState->s('email')) . ")\n\n\n";
send_warning_mail(implode(' - ', $alert), $alert_details);
}
$page->changeTpl('register/step' . $subState->i('step') . '.tpl');
if (isset($error)) {
$page->trigError($error);
}
}
}
return new League\OAuth2\Client\Provider\Vkontakte(array('clientId' => $conf['oauth']['vkontakte_id'], 'clientSecret' => $conf['oauth']['vkontakte_secret'], 'redirectUri' => $conf['oauth']['vkontakte_redirect']));
});
if (!isset($_SESSION['return_to'])) {
$_SESSION['return_to'] = base64_decode(Get::val('return_to', ''));
$_SESSION['return_to'] = $_SESSION['return_to'] ?: $baseurl;
}
$provider = isset($_SESSION['oauth_provider']) ? $_SESSION['oauth_provider'] : 'none';
$provider = strtolower(Get::val('provider', $provider));
unset($_SESSION['oauth_provider']);
$active_oauths = explode(' ', $fs->prefs['active_oauths']);
if (!in_array($provider, $active_oauths)) {
Flyspray::show_error(26);
}
$obj = $providers[$provider]();
if (!Get::has('code') && !Post::has('username')) {
// get authorization code
header('Location: ' . $obj->getAuthorizationUrl());
exit;
}
if (isset($_SESSION['oauth_token'])) {
$token = unserialize($_SESSION['oauth_token']);
unset($_SESSION['oauth_token']);
} else {
// Try to get an access token
try {
$token = $obj->getAccessToken('authorization_code', array('code' => $_GET['code']));
} catch (\League\OAuth2\Client\Exception\IDPException $e) {
throw new Exception($e->getMessage());
}
}
function handler_xnet_payment($page, $pid = null)
{
global $globals;
$perms = S::v('perms');
if (is_null($pid)) {
if (!(S::identified() && $perms->hasFlag('groupadmin'))) {
return PL_FORBIDDEN;
}
} else {
if (!(S::identified() && $perms->hasFlag('groupmember'))) {
$res = XDB::query("SELECT 1\n FROM group_events AS e\n INNER JOIN group_event_participants AS ep ON (ep.eid = e.eid AND ep.uid = {?})\n WHERE e.paiement_id = {?} AND e.asso_id = {?}", S::i('uid'), $pid, $globals->asso('id'));
$public = XDB::query("SELECT 1\n FROM payments AS p\n INNER JOIN group_events AS g ON (g.paiement_id = p.id)\n WHERE g.asso_id = {?} AND p.id = {?} AND FIND_IN_SET('public', p.flags)", $globals->asso('id'), $pid);
if ($res->numRows() == 0 && $public->numRows() == 0) {
return PL_FORBIDDEN;
}
}
}
if (!is_null($pid)) {
return $this->handler_payment($page, $pid);
}
$page->changeTpl('payment/xnet.tpl');
$res = XDB::query("SELECT id, text, url\n FROM payments\n WHERE asso_id = {?} AND NOT FIND_IN_SET('old', flags)\n ORDER BY id DESC", $globals->asso('id'));
$tit = $res->fetchAllAssoc();
$page->assign('titles', $tit);
$trans = array();
$event = array();
if (may_update()) {
static $orders = array('ts_confirmed' => 'p', 'directory_name' => 'a', 'promo' => 'pd', 'comment' => 'p', 'amount' => 'p');
if (Get::has('order_id') && Get::has('order') && array_key_exists(Get::v('order'), $orders)) {
$order_id = Get::i('order_id');
$order = Get::v('order');
$ordering = ' ORDER BY ' . $orders[$order] . '.' . $order;
if (Get::has('order_inv') && Get::i('order_inv') == 1) {
$ordering .= ' DESC';
$page->assign('order_inv', 0);
} else {
$page->assign('order_inv', 1);
}
$page->assign('order_id', $order_id);
$page->assign('order', $order);
$page->assign('anchor', 'legend_' . $order_id);
} else {
$order_id = false;
$ordering = '';
$page->assign('order', false);
}
} else {
$ordering = '';
$page->assign('order', false);
}
foreach ($tit as $foo) {
$pid = $foo['id'];
if (may_update()) {
$res = XDB::query('SELECT p.uid, IF(p.ts_confirmed = \'0000-00-00\', 0, p.ts_confirmed) AS date, p.comment, p.amount
FROM payment_transactions AS p
INNER JOIN accounts AS a ON (a.uid = p.uid)
LEFT JOIN account_profiles AS ap ON (ap.uid = p.uid AND FIND_IN_SET(\'owner\', ap.perms))
LEFT JOIN profile_display AS pd ON (ap.pid = pd.pid)
WHERE p.ref = {?}' . ($order_id == $pid ? $ordering : ''), $pid);
$trans[$pid] = User::getBulkUsersWithUIDs($res->fetchAllAssoc(), 'uid', 'user');
$sum = 0;
foreach ($trans[$pid] as $i => $t) {
$sum += $t['amount'];
$trans[$pid][$i]['amount'] = $t['amount'];
}
$trans[$pid][] = array('limit' => true, 'amount' => $sum);
}
$res = XDB::iterRow("SELECT e.eid, e.short_name, e.intitule, ep.nb, ei.montant, ep.paid\n FROM group_events AS e\n LEFT JOIN group_event_participants AS ep ON (ep.eid = e.eid AND ep.uid = {?})\n INNER JOIN group_event_items AS ei ON (ep.eid = ei.eid AND ep.item_id = ei.item_id)\n WHERE e.paiement_id = {?}", S::v('uid'), $pid);
$event[$pid] = array();
$event[$pid]['paid'] = 0;
if ($res->total()) {
$event[$pid]['topay'] = 0;
while (list($eid, $shortname, $title, $nb, $montant, $paid) = $res->next()) {
$event[$pid]['topay'] += $nb * $montant;
$event[$pid]['eid'] = $eid;
$event[$pid]['shortname'] = $shortname;
$event[$pid]['title'] = $title;
$event[$pid]['ins'] = !is_null($nb);
$event[$pid]['paid'] = $paid;
}
}
$res = XDB::query('SELECT SUM(amount) AS sum_amount
FROM payment_transactions
WHERE ref = {?} AND uid = {?}', $pid, S::v('uid'));
$event[$pid]['paid'] = $res->fetchOneCell();
}
$page->register_modifier('decode_comment', 'decode_comment');
$page->assign('trans', $trans);
$page->assign('event', $event);
}
function handler_exit($page, $level = null)
{
if (S::suid()) {
$old = S::user()->login();
S::logger()->log('suid_stop', $old . " by " . S::suid('hruid'));
Platal::session()->stopSUID();
$target = S::s('suid_startpage');
S::kill('suid_startpage');
if (!empty($target)) {
http_redirect($target);
}
pl_redirect('admin/user/' . $old);
}
if ($level == 'forget' || $level == 'forgetall') {
Platal::session()->killAccessCookie();
}
if ($level == 'forgetuid' || $level == 'forgetall') {
Platal::session()->killLoginFormCookies();
}
if (S::logged()) {
S::logger()->log('deconnexion', @$_SERVER['HTTP_REFERER']);
Platal::session()->destroy();
}
if (Get::has('redirect')) {
http_redirect(rawurldecode(Get::v('redirect')));
} else {
$page->changeTpl('platal/exit.tpl');
}
}
<?php
/*
This script is the AJAX callback that performs a search
for users, and returns true if the user_name is not given.
*/
define('IN_FS', true);
header('Content-type: text/html; charset=utf-8');
require_once '../../header.php';
$baseurl = dirname(dirname($baseurl)) . '/';
if (Get::has('name')) {
$searchterm = strtolower(Get::val('name'));
}
// Get the list of users from the global groups above
$get_users = $db->x->getRow(' SELECT count(u.user_name) AS anz_u_user,
count(r.user_name) AS anz_r_user
FROM {users} u
LEFT JOIN {registrations} r ON u.user_name = r.user_name
WHERE Lower(u.user_name) = ?
OR
Lower(r.user_name) = ?', null, array($searchterm, $searchterm));
if ($get_users) {
if ($get_users['anz_u_user'] > '0' || $get_users['anz_r_user'] > '0') {
$html = 'false|' . eL('usernametaken');
} else {
$html = 'true';
}
}
echo $html;
function handler_aaliases($page, $alias = null)
{
global $globals;
require_once 'emails.inc.php';
$page->setTitle('Administration - Aliases');
if (Post::has('new_alias')) {
pl_redirect('admin/aliases/' . Post::t('new_alias') . '@' . $globals->mail->domain);
}
// If no alias, list them all.
if (is_null($alias)) {
$page->changeTpl('lists/admin_aliases.tpl');
$page->assign('aliases', array_merge(iterate_list_alias($globals->mail->domain), iterate_list_alias($globals->mail->domain2)));
return;
}
list($local_part, $domain) = explode('@', $alias);
if (!($globals->mail->domain == $domain || $globals->mail->domain2 == $domain) || !preg_match("/^[a-zA-Z0-9\\-\\.]*\$/", $local_part)) {
$page->trigErrorRedirect('Le nom de l\'alias est erroné.', $globals->asso('diminutif') . 'admin/aliases');
}
// Now we can perform the action.
if (Post::has('del_alias')) {
S::assert_xsrf_token();
delete_list_alias($local_part, $domain);
$page->trigSuccessRedirect($alias . ' supprimé.', 'admin/aliases');
}
if (Post::has('add_member')) {
S::assert_xsrf_token();
if (add_to_list_alias(Post::t('add_member'), $local_part, $domain)) {
$page->trigSuccess('Ajout réussit.');
} else {
$page->trigError('Ajout infructueux.');
}
}
if (Get::has('del_member')) {
S::assert_xsrf_token();
if (delete_from_list_alias(Get::t('del_member'), $local_part, $domain)) {
$page->trigSuccess('Suppression réussie.');
} else {
$page->trigError('Suppression infructueuse.');
}
}
$page->changeTpl('lists/admin_edit_alias.tpl');
$page->assign('members', list_alias_members($local_part, $domain));
$page->assign('alias', $alias);
}
//PROJECT GRAPH
if (Get::has('project_id') && Get::val('graph', 'project') == 'project') {
$today = date('Y-m-d');
$thirtyone_days = date('U', strtotime("-31 day", strtotime($today)));
$sixtyone_days = date('U', strtotime("-61 day", strtotime($today)));
//look 30 + days and if found scale
$projectCheck = Project::getActivityProjectCount($sixtyone_days, $thirtyone_days, Get::num('project_id'));
if ($projectCheck > 0) {
$data = Project::getDayActivityByProject($sixtyone_days, date('U', strtotime(date('Y-m-d'))), Get::num('project_id'));
} else {
$data = Project::getDayActivityByProject($thirtyone_days, date('U', strtotime(date('Y-m-d'))), Get::num('project_id'));
}
$data = implode(',', $data);
//User Graph
} else {
if (Get::has('user_id') && Get::has('project_id') && Get::val('graph') == 'user') {
$today = date('Y-m-d');
$thirtyone_days = date('U', strtotime("-31 day", strtotime($today)));
$sixtyone_days = date('U', strtotime("-61 day", strtotime($today)));
//look 30 + days and if found scale
$projectCheck = Project::getActivityProjectCount($sixtyone_days, $thirtyone_days, Get::num('project_id'));
if ($projectCheck > 0) {
$data = User::getDayActivityByUser($sixtyone_days, date('U', strtotime(date('Y-m-d'))), Get::num('project_id'), Get::num('user_id'));
} else {
$data = User::getDayActivityByUser($thirtyone_days, date('U', strtotime(date('Y-m-d'))), Get::num('project_id'), Get::num('user_id'));
}
$data = implode(',', $data);
} else {
$data = '';
}
}
function handler_lists($page, $order_by = null, $order = null)
{
require_once 'emails.inc.php';
if (!$this->get_lists_domain()) {
return PL_NOT_FOUND;
}
$page->changeTpl('xnetlists/index.tpl');
if (Get::has('del')) {
S::assert_xsrf_token();
$mlist = $this->prepare_list(Get::v('del'));
$mlist->unsubscribe();
pl_redirect('lists');
}
if (Get::has('add')) {
S::assert_xsrf_token();
$mlist = $this->prepare_list(Get::v('add'));
$mlist->subscribe();
pl_redirect('lists');
}
if (Post::has('del_alias') && may_update()) {
S::assert_xsrf_token();
$alias = Post::t('del_alias');
list($local_part, ) = explode('@', $alias);
delete_list_alias($local_part, $this->get_lists_domain());
$page->trigSuccess($alias . ' supprimé !');
}
$client = $this->prepare_client();
$listes = $client->get_lists();
// Default ordering is by ascending names.
if (is_null($order_by) || is_null($order) || !in_array($order_by, array('list', 'desc', 'nbsub')) || !in_array($order, array('asc', 'desc'))) {
$order_by = 'list';
$order = 'asc';
}
$compare = function ($a, $b) use($order_by, $order) {
switch ($order_by) {
case 'desc':
$a[$order_by] = replace_accent($a[$order_by]);
$b[$order_by] = replace_accent($b[$order_by]);
case 'list':
$res = strcasecmp($a[$order_by], $b[$order_by]);
break;
case 'nbsub':
$res = $a[$order_by] - $b[$order_by];
break;
default:
$res = 0;
}
if ($order == 'asc') {
return $res;
}
return $res * -1;
};
usort($listes, $compare);
$page->assign('listes', $listes);
$page->assign('order_by', $order_by);
$page->assign('order', $order);
$page->assign('aliases', iterate_list_alias($this->get_lists_domain()));
$page->assign('may_update', may_update());
if (S::suid()) {
$page->trigWarning("Attention : l'affichage des listes de diffusion ne tient pas compte de l'option « Voir le site comme… ».");
}
global $globals;
if (count($listes) > 0 && !$globals->asso('has_ml')) {
XDB::execute("UPDATE groups\n SET flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'has_ml')\n WHERE id = {?}", $globals->asso('id'));
}
}