Beispiel #1
0
 function handler_admin($page)
 {
     $page->changeTpl('xnet/admin.tpl');
     if (Get::has('del')) {
         $res = XDB::query('SELECT id, nom, mail_domain
                                        FROM groups WHERE diminutif={?}', Get::v('del'));
         list($id, $nom, $domain) = $res->fetchOneRow();
         $page->assign('nom', $nom);
         if ($id && Post::has('del')) {
             S::assert_xsrf_token();
             XDB::query('DELETE FROM group_members WHERE asso_id={?}', $id);
             $page->trigSuccess('membres supprimés');
             if ($domain) {
                 XDB::execute('DELETE  v
                                 FROM  email_virtual         AS v
                           INNER JOIN  email_virtual_domains AS d ON (v.domain = d.id)
                                WHERE  d.name = {?}', $domain);
                 XDB::execute('DELETE FROM  email_virtual_domains
                                     WHERE  name = {?}', $domain);
                 $page->trigSuccess('suppression des alias mails');
                 $mmlist = new MMList(S::v('uid'), S::v('password'), $domain);
                 if ($listes = $mmlist->get_lists()) {
                     foreach ($listes as $l) {
                         $mmlist->delete_list($l['list'], true);
                     }
                     $page->trigSuccess('mail lists surpprimées');
                 }
             }
             XDB::query('DELETE FROM groups WHERE id={?}', $id);
             $page->trigSuccess("Groupe {$nom} supprimé");
             Get::kill('del');
         }
         if (!$id) {
             Get::kill('del');
         }
     }
     if (Post::has('diminutif') && Post::v('diminutif') != "") {
         S::assert_xsrf_token();
         $res = XDB::query('SELECT  COUNT(*)
                              FROM  groups
                             WHERE  diminutif = {?}', Post::v('diminutif'));
         if ($res->fetchOneCell() == 0) {
             XDB::execute('INSERT INTO  groups (id, diminutif)
                                VALUES  (NULL, {?})', Post::v('diminutif'));
             pl_redirect(Post::v('diminutif') . '/edit');
         } else {
             $page->trigError('Le diminutif demandé est déjà pris.');
         }
     }
     $res = XDB::query('SELECT  nom, diminutif
                          FROM  groups
                      ORDER BY  nom');
     $page->assign('assos', $res->fetchAllAssoc());
 }
Beispiel #2
0
 function show($area = null)
 {
     global $page, $fs, $db, $proj, $user, $conf;
     $perpage = '20';
     if (isset($user->infos['tasks_perpage'])) {
         $perpage = $user->infos['tasks_perpage'];
     }
     $pagenum = max(1, Get::num('pagenum', 1));
     $offset = $perpage * ($pagenum - 1);
     // Get the visibility state of all columns
     $visible = explode(' ', trim($proj->id ? $proj->prefs['visible_columns'] : $fs->prefs['visible_columns']));
     if (!is_array($visible) || !count($visible) || !$visible[0]) {
         $visible = array('id');
     }
     list($tasks, $id_list) = Backend::get_task_list($_GET, $visible, $offset, $perpage);
     $page->assign('tasks', $tasks);
     $page->assign('offset', $offset);
     $page->assign('perpage', $perpage);
     $page->assign('pagenum', $pagenum);
     $page->assign('visible', $visible);
     // List of task IDs for next/previous links
     $_SESSION['tasklist'] = $id_list;
     $page->assign('total', count($id_list));
     // Javascript replacement
     if (Get::val('toggleadvanced')) {
         $advanced_search = intval(!Req::val('advancedsearch'));
         Flyspray::setCookie('advancedsearch', $advanced_search, time() + 60 * 60 * 24 * 30);
         $_COOKIE['advancedsearch'] = $advanced_search;
     }
     // Update check {{{
     if (Get::has('hideupdatemsg')) {
         unset($_SESSION['latest_version']);
     } else {
         if ($conf['general']['update_check'] && $user->perms('is_admin') && $fs->prefs['last_update_check'] < time() - 60 * 60 * 24 * 3) {
             if (!isset($_SESSION['latest_version'])) {
                 $latest = Flyspray::remote_request('http://flyspray.org/version.txt', GET_CONTENTS);
                 //if for some silly reason we get and empty response, we use the actual version
                 $_SESSION['latest_version'] = empty($latest) ? $fs->version : $latest;
                 $db->x->execParam('UPDATE {prefs} SET pref_value = ? WHERE pref_name = ?', array(time(), 'last_update_check'));
             }
         }
     }
     if (isset($_SESSION['latest_version']) && version_compare($fs->version, $_SESSION['latest_version'], '<')) {
         $page->assign('updatemsg', true);
     }
     // }}}
     $page->setTitle($fs->prefs['page_title'] . $proj->prefs['project_title'] . ': ' . L('tasklist'));
     $page->pushTpl('index.tpl');
 }
Beispiel #3
0
 protected function doAuth($level)
 {
     if (S::identified()) {
         // Nothing to do there
         return User::getSilentWithValues(null, array('uid' => S::i('uid')));
     }
     if (!Get::has('auth')) {
         return null;
     }
     global $globals;
     if (md5('1' . S::v('challenge') . $globals->xnet->secret . Get::i('uid') . '1') != Get::v('auth')) {
         return null;
     }
     Get::kill('auth');
     S::set('auth', AUTH_PASSWD);
     return User::getSilentWithValues(null, array('uid' => Get::i('uid')));
 }
Beispiel #4
0
 function handler_panel($page)
 {
     $page->changeTpl('carnet/panel.tpl');
     if (Get::has('read')) {
         XDB::execute('UPDATE  watch
                          SET  last = FROM_UNIXTIME({?})
                        WHERE  uid = {?}', Get::i('read'), S::i('uid'));
         S::user()->invalidWatchCache();
         Platal::session()->updateNbNotifs();
         pl_redirect('carnet/panel');
     }
     require_once 'notifs.inc.php';
     $page->assign('now', time());
     $user = S::user();
     $notifs = Watch::getEvents($user, time() - 7 * 86400);
     $page->assign('notifs', $notifs);
     $page->assign('today', date('Y-m-d'));
     $this->_add_rss_link($page);
 }
Beispiel #5
0
/** Check the validity of the current Wats4U SSO request.
 *
 * Dispatches the request to the appropriate protocol checker.
 *
 * Uses Get::
 *
 * @returns: boolean, whether the current HTTP request is a valid Wats4U request.
 */
function wats4u_sso_check()
{
    global $globals;
    $version = Get::s('version');
    switch ($version) {
        case "1.0":
            if (!Get::has('url') || !Get::has('challenge') || !Get::has('pass') || !Get::has('session')) {
                return false;
            }
            $return_url = Get::s('url');
            $challenge = Get::s('challenge');
            $pass = Get::s('pass');
            $shared_key = $globals->wats4u->shared_key;
            $valid_return_url_prefix = $globals->wats4u->return_url_prefix;
            return wats4u_sso_v1_check($return_url, $challenge, $pass, $shared_key, $valid_return_url_prefix);
        default:
            return false;
    }
}
Beispiel #6
0
 function handler_nl_show($page, $nid = 'last')
 {
     $page->changeTpl('newsletter/show.tpl');
     $nl = $this->getNl();
     if (!$nl) {
         return PL_NOT_FOUND;
     }
     try {
         $issue = $nl->getIssue($nid);
         $user =& S::user();
         if (Get::has('text')) {
             $issue->toText($page, $user);
         } else {
             $issue->toHtml($page, $user);
         }
         if (Post::has('send')) {
             $issue->sendTo($user);
         }
     } catch (MailNotFound $e) {
         return PL_NOT_FOUND;
     }
 }
Beispiel #7
0
    header('Pragma: public');
    header('Content-Length: ' . strlen($result));
    ob_clean();
    flush();
    // finally send out our data
    printf("%s", $result);
}
// } }}
// Javascript replacement
if (Get::val('toggleadvanced')) {
    $advanced_search = intval(!Req::val('advancedsearch'));
    Flyspray::setCookie('advancedsearch', $advanced_search, time() + 60 * 60 * 24 * 30);
    $_COOKIE['advancedsearch'] = $advanced_search;
}
// Update check {{{
if (Get::has('hideupdatemsg')) {
    unset($_SESSION['latest_version']);
} else {
    if ($conf['general']['update_check'] && $user->perms('is_admin') && $fs->prefs['last_update_check'] < time() - 60 * 60 * 24 * 3) {
        if (!isset($_SESSION['latest_version'])) {
            $latest = Flyspray::remote_request('http://flyspray.org/version.txt', GET_CONTENTS);
            //if for some silly reason we get and empty response, we use the actual version
            $_SESSION['latest_version'] = empty($latest) ? $fs->version : $latest;
            $db->Query('UPDATE {prefs} SET pref_value = ? WHERE pref_name = ?', array(time(), 'last_update_check'));
        }
    }
}
if (isset($_SESSION['latest_version']) && version_compare($fs->version, $_SESSION['latest_version'], '<')) {
    $page->assign('updatemsg', true);
}
// }}}
Beispiel #8
0
 /**
  * @return BaseProcessor
  */
 function BaseProcessor()
 {
     if (!Session::has(ACCOUNT_ID)) {
         $this->SetError(1);
     }
     $accountId = Session::val(ACCOUNT_ID);
     $this->sArray = Session::val(SARRAY, array());
     $this->settings =& Settings::CreateInstance();
     if (!$this->settings || !$this->settings->isLoad) {
         $this->SetError(3);
     }
     if ($accountId) {
         if (Get::has(CHANGE_ACCID)) {
             $oldaccount =& Account::LoadFromDb(Session::val(ACCOUNT_ID, -1));
             $accountId = Get::val(CHANGE_ACCID);
             if (!isset($_SESSION['attachtempdir'])) {
                 $_SESSION['attachtempdir'] = md5(session_id());
             }
             $fs =& new FileSystem(INI_DIR . '/temp', $oldaccount->Email, $oldaccount->Id);
             $attfolder =& new Folder($oldaccount->Id, -1, $_SESSION['attachtempdir']);
             $fs->DeleteDir($attfolder);
             unset($fs, $attfolder);
             $this->sArray[ACCOUNT_ID] = $accountId;
             $this->account =& Account::LoadFromDb($accountId);
             if (!$this->account || $this->account->IdUser != $oldaccount->IdUser) {
                 $this->account = null;
             } else {
                 $_SESSION[ACCOUNT_ID] = $accountId;
                 unset($_SESSION[SARRAY]);
                 $this->sArray = array();
             }
         } else {
             $this->sArray[ACCOUNT_ID] = $accountId;
             $this->account =& Account::LoadFromDb($accountId);
         }
         if (!$this->account) {
             $this->SetError(2);
         }
     } else {
         $this->SetError(1);
     }
     if (!isset($this->sArray[ACCOUNT_ID]) || $this->sArray[ACCOUNT_ID] != $accountId) {
         $this->sArray[EDIT_ACCOUNT_ID] = $accountId;
     }
     $this->processor =& new MailProcessor($this->account);
     if (!$this->processor->DbStorage || !$this->processor->DbStorage->Connect()) {
         $this->SetError(5);
     }
     $this->db =& $this->processor->DbStorage;
     $this->accounts =& $this->GetAccounts();
     $skins =& FileSystem::GetSkinsList();
     $hasDefSettingsSkin = false;
     $normalSkin = false;
     foreach ($skins as $skinName) {
         if ($skinName == $this->settings->DefaultSkin) {
             $hasDefSettingsSkin = true;
         }
         if ($skinName == $this->account->DefaultSkin) {
             $normalSkin = true;
             break;
         }
     }
     if (!$normalSkin) {
         $this->account->DefaultSkin = $hasDefSettingsSkin ? $this->settings->DefaultSkin : ($this->account->DefaultSkin = $skins[0]);
     }
     $_SESSION[ATTACH_DIR] = Session::val(ATTACH_DIR, md5(session_id()));
     if (isset($this->sArray[SCREEN])) {
         $screen = Get::val(SCREEN, $this->sArray[SCREEN]);
         $this->sArray[SCREEN] = $screen;
         if ($this->account->AllowChangeSettings == false && ($screen == SET_ACCOUNT_PROF || $screen == SET_ACCOUNT_ADDACC)) {
             $this->sArray[SCREEN] = SCREEN_MAILBOX;
         }
         if (!$this->settings->AllowContacts && $screen == SCREEN_CONTACTS) {
             $this->sArray[SCREEN] = SCREEN_MAILBOX;
         }
     } else {
         $this->sArray[SCREEN] = Get::val(SCREEN, SCREEN_MAILBOX);
     }
     if (isset($this->sArray[FOLDER_ID])) {
         $this->sArray[FOLDER_ID] = Get::val(FOLDER_ID, $this->sArray[FOLDER_ID]);
     } else {
         $this->sArray[FOLDER_ID] = Get::val(FOLDER_ID, -1);
     }
     if (Get::has(FOLDER_ID) || Get::has(SCREEN)) {
         if (isset($this->sArray[SEARCH_ARRAY])) {
             unset($this->sArray[SEARCH_ARRAY]);
         }
     }
     if (Session::has(GOTOFOLDER)) {
         $this->sArray[GOTOFOLDER] = Session::val(GOTOFOLDER, '');
         unset($_SESSION[GOTOFOLDER]);
     }
     if (isset($this->sArray[PAGE])) {
         $this->sArray[PAGE] = Get::val(PAGE, $this->sArray[PAGE]);
     } else {
         $this->sArray[PAGE] = 1;
     }
     if (Get::has(S_GETMODE)) {
         $this->sArray[SEARCH_ARRAY][S_TEXT] = Get::val(S_GETMODE, 'mini') == 'mini' ? Post::val('smallLookFor', '') : Post::val('bigLookFor', '');
         if (!empty($this->sArray[SEARCH_ARRAY][S_TEXT])) {
             $this->sArray[SEARCH_ARRAY][S_FOLDER] = Post::val('qfolder', -2);
             $this->sArray[SEARCH_ARRAY][S_MODE] = Post::val('qmmode', 'onlyheaders');
             $this->sArray[FOLDER_ID] = $this->sArray[SEARCH_ARRAY][S_FOLDER];
             $this->sArray[PAGE] = 1;
         } else {
             if (Post::val('qfolder', -2) < 1) {
                 $this->sArray[FOLDER_ID] = -1;
             }
             unset($this->sArray[SEARCH_ARRAY]);
             $this->sArray[PAGE] = 1;
         }
     }
     if (Get::has(S_GETMODECONTACT)) {
         $this->sArray[SEARCH_ARRAY][S_TEXT] = Get::val(S_GETMODECONTACT, 'mini') == 'mini' ? Post::val('smallLookFor', '') : Post::val('bigLookFor', '');
         $this->sArray[CONTACT_ID] = Post::val(CONTACT_ID, -1);
         $this->sArray[CONTACT_PAGE] = 1;
     }
     if (isset($this->sArray[SEARCH_ARRAY][S_FOLDER])) {
         $this->sArray[FOLDER_ID] = $this->sArray[SEARCH_ARRAY][S_FOLDER];
     }
     if (isset($this->sArray[EDIT_ACCOUNT_ID])) {
         $this->sArray[EDIT_ACCOUNT_ID] = Get::val(EDIT_ACCOUNT_ID, $this->sArray[EDIT_ACCOUNT_ID]);
     } else {
         $this->sArray[EDIT_ACCOUNT_ID] = $accountId;
     }
     if (Get::has(EDIT_ACCOUNT_ID)) {
         $this->sArray[SCREEN] = $this->sArray[SCREEN] == SET_ACCOUNT_ADDACC ? SET_ACCOUNT_PROF : $this->sArray[SCREEN];
     }
     $this->sArray[CONTACT_PAGE] = isset($this->sArray[CONTACT_PAGE]) ? Get::val(CONTACT_PAGE, $this->sArray[CONTACT_PAGE]) : Get::val(CONTACT_PAGE, 1);
     $this->sArray[CONTACT_ORD] = isset($this->sArray[CONTACT_ORD]) ? Get::val(CONTACT_ORD, $this->sArray[CONTACT_ORD]) : Get::val(CONTACT_ORD, 0);
     if (isset($this->sArray[CONTACT_FLD])) {
         if (Get::val(CONTACT_FLD, $this->sArray[CONTACT_FLD]) != $this->sArray[CONTACT_FLD]) {
             $this->sArray[CONTACT_ORD] = 0;
         }
         $this->sArray[CONTACT_FLD] = Get::val(CONTACT_FLD, $this->sArray[CONTACT_FLD]);
     } else {
         $this->sArray[CONTACT_FLD] = Get::val(CONTACT_FLD, 0);
     }
     if (isset($_COOKIE['wm_vert_resizer']) || isset($_COOKIE['wm_horiz_resizer']) || isset($_COOKIE['wm_hide_folders'])) {
         if (isset($_COOKIE['wm_vert_resizer']) && strlen($_COOKIE['wm_vert_resizer']) > 0) {
             $this->account->VertResizer = (int) $_COOKIE['wm_vert_resizer'];
             setcookie('wm_vert_resizer', '0', time() - 24 * 3600);
         }
         if (isset($_COOKIE['wm_horiz_resizer']) && strlen($_COOKIE['wm_horiz_resizer']) > 0) {
             $this->account->HorizResizer = (int) $_COOKIE['wm_horiz_resizer'];
             setcookie('wm_horiz_resizer', '0', time() - 24 * 3600);
         }
         if (isset($_COOKIE['wm_hide_folders']) && strlen($_COOKIE['wm_hide_folders']) > 0) {
             $this->account->HideFolders = (bool) $_COOKIE['wm_hide_folders'];
             setcookie('wm_hide_folders', '0', time() - 24 * 3600);
         }
         $this->account->Update();
     }
     $this->FillData();
     $this->UpdateSession();
 }
    /**
     * @param PageBuilder $pageBuilder
     * @return ContactsPanel
     */
    function CNewMessagePanel(&$pagebuilder)
    {
        $this->Type = Post::val('mtype', 'mes');
        $this->To = '';
        $this->_pagebuilder =& $pagebuilder;
        $this->_proc =& $pagebuilder->_proc;
        $this->From = $this->_getFromEmail();
        $this->_pagebuilder->_top->AddOnResize('ResizeElements(\'all\');');
        if ($this->_proc->account->AllowDhtmlEditor) {
            $editorResize = 'HTMLEditor.Resize(width - 1, height - 2);';
            $editorReplace = 'HTMLEditor.Replace();';
        } else {
            $editorResize = '
						plainEditor.style.height = (height - 1) + "px";
						plainEditor.style.width = (width - 2) + "px";
					';
            $editorReplace = '';
        }
        $this->inputs = '';
        $contacts = null;
        if (Post::has('contacts') && is_array(Post::val('contacts'))) {
            $contactsArray = array_keys(Post::val('contacts'));
            $contacts =& $this->_proc->db->LoadContactsById($contactsArray);
        }
        if (Post::has('groupid')) {
            $group =& $this->_proc->db->SelectGroupById(Post::val('groupid', -1));
            $contacts =& $this->_proc->db->SelectAddressGroupContacts(Post::val('groupid', -1));
        }
        if ($contacts) {
            foreach ($contacts->Instance() as $contact) {
                if (!$contact->Email) {
                    continue;
                }
                $this->To .= $contact->Name ? '"' . $contact->Name . '" <' . $contact->Email . '>, ' : $contact->Email . ',';
            }
            $this->To = trim(trim($this->To), ',');
        }
        if (Post::has('mailto')) {
            $this->To = Post::val('mailto', '');
        }
        if (Get::has('to')) {
            $this->To = (string) trim(Get::val('to', ''));
        }
        $message = null;
        $isHtml = $this->_proc->account->AllowDhtmlEditor;
        $this->attacmentsHtml = '';
        $this->_pagebuilder->AddJSText('
			
var bcc, bcc_mode, bcc_mode_switcher;

var plainCont = null;
var plainEditor = null;
var HTMLEditor = null;
var EditAreaUrl = "edit-area.php";
var prevWidth = 0;
var prevHeight = 0;
var rowIndex = 0;

function ResizeElements(mode) 
{
	var width = GetWidth();
	if (width < 684)
		width = 684;
	width = width - 40;
	var height = Math.ceil(width/3);
	
	if (prevWidth != width && prevHeight != height) {
		prevWidth = width;
		prevHeight = height;
		if (plainCont != null) {
			plainCont.style.height = height + "px";
			plainCont.style.width = width + "px";
			' . $editorResize . '
		}
	}
}

function WriteEmails(str, field)
{
	var mailInput;
	if (field == 2) {
		mailInput = document.getElementById("toCC");
	} else if (field == 3) {
		mailInput = document.getElementById("toBCC");
	} else {
		mailInput = document.getElementById("toemail");
	}
	if (mailInput) {
		mailInput.value = (mailInput.value == "") ? str : mailInput.value + ", " + str;
		mailInput.focus();
	}
}

function LoadAttachmentHandler(attachObj)
{
	var attachtable = document.getElementById("attachmentTable");
	if (attachObj)
	{
		var imageLink = GetFileParams(attachObj.FileName);
		var tr = attachtable.insertRow(rowIndex++);
		tr.id = "tr_" + attachObj.TempName;
		var td = tr.insertCell(0);
		td.className = "wm_attachment";
		var innerHtml = \'<img src="./images/icons/\' + imageLink.image + \'" />\';
		innerHtml += \'<input type="hidden" name="attachments[\' + attachObj.TempName + \']" value="\' + attachObj.FileName + \'">\';
		innerHtml += HtmlEncode(attachObj.FileName) + \' (\' + GetFriendlySize(attachObj.Size) + \') <a href="#" id="\' + attachObj.TempName + \'" onclick="return  DeleteAttach(this.id);">' . JS_LANG_Delete . '</a>\';
		td.innerHTML = innerHtml;
	}
}

function ChangeBCCMode()
{
	if (bcc_mode == "hide") {
		bcc_mode = "show";
		bcc.className = "";
		bcc_mode_switcher.innerHTML = Lang.HideBCC;
	} else {
		bcc_mode = "hide";
		bcc.className = "wm_hide";
		bcc_mode_switcher.innerHTML = Lang.ShowBCC;
	}
	' . $editorReplace . '
	return false;
}

function UpdateIdUid(id, uid)
{
	var idf = document.getElementById("m_id");
	var uidf = document.getElementById("m_uid");
	if (idf && uidf) {
		idf.value = id;
		uidf.value = uid;
	}
}

var Rep_m, Err_m;
var hiddensaveiframe;
var pop3Pr = ' . ($pagebuilder->_proc->account->MailProtocol == MAILPROTOCOL_POP3 ? 'true' : 'false') . ';
function DoSaveButton()
{
	if (pop3Pr)
	{ 
		if (!hiddensaveiframe) {
			hiddensaveiframe = CreateChildWithAttrs(document.body, "iframe", [["name", "hiddensaveiframe"], ["class", "wm_hide"]]);
		}
	}
	
	var form = document.getElementById("messageForm");
	form.action = "' . ACTIONFILE . '?action=save&req=message";
	form.target = (pop3Pr) ? "hiddensaveiframe" : "";

	if (submitSaveMessage()) {
		form.submit();
	}
}

function DoSendButton()
{
	var toemail = document.getElementById("toemail");
	var ccemail = document.getElementById("toCC");
	var bccemail = document.getElementById("toBCC");
	var subject = document.getElementById("subject");
	var mailIsCorrect = false;
	
	if ((toemail && toemail.value.length > 3) || (ccemail && ccemail.value.length > 3) || (bccemail && bccemail.value.length > 3)) { 
		mailIsCorrect = true;
	}
	
	if (mailIsCorrect) {
		if (subject && subject.value.length < 1 && !confirm(Lang.ConfirmEmptySubject)) {
			return false;
		}
		
		var form = document.getElementById("messageForm");
		form.action = "' . ACTIONFILE . '?action=send&req=message";
		form.target = "";
		if (submitSaveMessage()) {
			form.submit();
		}
	} else {
		alert(Lang.WarningToBlank);
	}
}

function DeleteAttach(idline)
{
	var trtable = document.getElementById("tr_" + idline);
	if (trtable)
	{
		trtable.className = "wm_hide";
		CleanNode(trtable);
	}
	return false;
}

function ShowPictures()
{
	var showPictureTable = document.getElementById("showpicturestable");

	if (HTMLEditor) {
		var temp = HTMLEditor.GetText().ReplaceStr("wmx_src", "src");
		temp = temp.ReplaceStr("wmx_background", "background");
		HTMLEditor.SetHtml(temp);
		if (showPictureTable) {
			showPictureTable.className = "wm_hide";
		}
		HTMLEditor.Replace();
	}
}

');
        $this->_pagebuilder->AddInitText('

bcc_mode = "hide";
bcc = document.getElementById("bcc");
bcc_mode_switcher = document.getElementById("bcc_mode_switcher");

plainEditor = document.getElementById("editor_area");
plainCont = document.getElementById("editor_cont");

Rep_m = new CReport("Rep_m");
Rep_m.Build();

Err_m = new CError("Err_m", "' . ConvertUtils::ClearJavaScriptString($this->_pagebuilder->SkinName(), '"') . '");
Err_m.Build();
');
        $m_id = -1;
        $m_uid = '';
        if (Post::has('m_id')) {
            $mes_id = Post::val('m_id');
            $mes_uid = Post::val('m_uid');
            $folder_id = Post::val('f_id');
            $folder_name = Post::val('f_name');
            $folder_name = 'defaultname';
            $mes_charset = Post::val('charset', -1);
            $message = new GetMessageBase($this->_proc->account, $mes_id, $mes_uid, $folder_id, $folder_name, $mes_charset);
            $m_id = (int) $mes_id;
            $m_uid = $mes_uid;
        }
        $this->inputs = '<input type="hidden" id="m_id" name="m_id" value="' . ConvertUtils::AttributeQuote($m_id) . '"><input type="hidden" id="m_uid" name="m_uid" value="' . ConvertUtils::AttributeQuote($m_uid) . '">';
        $withSignature = false;
        switch ($this->_proc->account->SignatureOptions) {
            case SIGNATURE_OPTION_AddToAll:
                $withSignature = true;
                break;
            case SIGNATURE_OPTION_AddToNewOnly:
                $withSignature = $this->Type == 'mes';
                break;
            default:
            case SIGNATURE_OPTION_DontAdd:
                $withSignature = false;
                break;
        }
        if ($message) {
            if ($this->Type != 'forward' && $this->Type != 'reply' && $this->Type != 'replytoall') {
                $withSignature = false;
            }
            $this->_pagebuilder->AddInitText('SetPriority(' . $message->msg->GetPriorityStatus() . ');');
            switch ($this->Type) {
                default:
                    $this->To = $message->PrintTo(true);
                    $this->CC = $message->PrintCC(true);
                    $this->BCC = '';
                    $this->Subject = $message->PrintSubject(true);
                    break;
                case 'forward':
                    $this->To = '';
                    $this->CC = '';
                    $this->BCC = '';
                    $this->Subject = JS_LANG_Fwd . ': ' . $message->PrintSubject(true);
                    break;
                case 'reply':
                    $replyto = trim($message->PrintReplyTo(true));
                    $this->To = strlen($replyto) > 0 ? $replyto : $message->PrintFrom(true);
                    $this->CC = '';
                    $this->BCC = '';
                    $this->Subject = JS_LANG_Re . ': ' . $message->PrintSubject(true);
                    break;
                case 'replytoall':
                    $emailCollection =& $message->msg->GetAllRecipients(false, true);
                    $temp = '';
                    if ($emailCollection) {
                        foreach ($emailCollection->Instance() as $value) {
                            $email =& $value;
                            if ($email->Email != $this->_proc->account->Email) {
                                $temp .= $email->Email . ', ';
                            }
                        }
                    }
                    $this->To = trim(trim($temp), ',');
                    $this->CC = '';
                    $this->BCC = '';
                    $this->Subject = JS_LANG_Re . ': ' . $message->PrintSubject(true);
                    break;
            }
            if ($this->_proc->account->AllowDhtmlEditor) {
                switch ($this->Type) {
                    case 'forward':
                    case 'reply':
                    case 'replytoall':
                        if ($message->account->ViewMode == VIEW_MODE_PREVIEW_PANE_NO_IMG || $message->account->ViewMode == VIEW_MODE_WITHOUT_PREVIEW_PANE_NO_IMG) {
                            $isHtml = true;
                            $this->Body = ConvertUtils::HtmlBodyWithoutImages($message->msg->GetRelpyAsHtml(true));
                            if (isset($GLOBALS[GL_WITHIMG]) && $GLOBALS[GL_WITHIMG]) {
                                $GLOBALS[GL_WITHIMG] = false;
                                $this->isSafety = false;
                            }
                        } else {
                            $isHtml = true;
                            $this->Body = ConvertUtils::HtmlBodyWithoutImages($message->msg->GetRelpyAsHtml(true));
                        }
                        break;
                    default:
                        if ($message->account->ViewMode == VIEW_MODE_PREVIEW_PANE_NO_IMG || $message->account->ViewMode == VIEW_MODE_WITHOUT_PREVIEW_PANE_NO_IMG) {
                            if ($message->msg->HasHtmlText()) {
                                $isHtml = true;
                                $this->Body = ConvertUtils::HtmlBodyWithoutImages($message->msg->GetCensoredHtmlWithImageLinks(true));
                                if (isset($GLOBALS[GL_WITHIMG]) && $GLOBALS[GL_WITHIMG]) {
                                    $GLOBALS[GL_WITHIMG] = false;
                                    $this->isSafety = false;
                                }
                            } elseif ($message->msg->HasPlainText()) {
                                $isHtml = false;
                                $this->Body = $message->msg->GetNotCensoredTextBody(true);
                            }
                        } else {
                            if ($message->msg->HasHtmlText()) {
                                $isHtml = true;
                                $this->Body = $message->msg->GetCensoredHtmlWithImageLinks(true);
                            } elseif ($message->msg->HasPlainText()) {
                                $isHtml = false;
                                $this->Body = $message->msg->GetNotCensoredTextBody(true);
                            }
                        }
                        break;
                }
            } else {
                $isHtml = false;
                switch ($this->Type) {
                    case 'forward':
                    case 'reply':
                    case 'replytoall':
                        $this->Body = $message->msg->GetRelpyAsPlain(true);
                        break;
                    default:
                        $this->Body = $message->msg->GetNotCensoredTextBody(true);
                        break;
                }
            }
            if ($message->HasAttachments() && $this->Type != 'reply' && $this->Type != 'replytoall') {
                $attachments =& $message->msg->Attachments;
                if ($attachments != null && $attachments->Count() > 0) {
                    foreach (array_keys($attachments->Instance()) as $key) {
                        $attachment =& $attachments->Get($key);
                        $tempname = $message->msg->IdMsg . '-' . $key . '_' . $attachment->GetTempName();
                        //$filename = ConvertUtils::ConvertEncoding($attachment->GetFilenameFromMime(), $GLOBALS[MailInputCharset], $message->account->GetUserCharset());
                        $filename = ConvertUtils::WMHtmlSpecialChars($attachment->GetFilenameFromMime());
                        $filesize = GetFriendlySize(strlen($attachment->MimePart->GetBinaryBody()));
                        $fs =& new FileSystem(INI_DIR . '/temp', $message->account->Email, $message->account->Id);
                        $attfolder =& new Folder($message->account->Id, -1, Session::val('attachtempdir', md5(session_id())));
                        $fs->SaveAttach($attachment, $attfolder, $tempname);
                        $this->attacmentsHtml .= '
<tr id="tr_' . ConvertUtils::AttributeQuote($tempname) . '"><td class="wm_attachment"><img src="./images/icons/' . GetAttachImg($filename) . '" />
<input type="hidden" name="attachments[' . ConvertUtils::AttributeQuote($tempname) . ']" value="' . ConvertUtils::AttributeQuote($filename) . '"> ' . $filename . '
 (' . $filesize . ') 						
<a href="#" id="' . ConvertUtils::AttributeQuote($tempname) . '" onClick="return  DeleteAttach(this.id);">' . JS_LANG_Delete . '</a></td></tr>';
                    }
                }
            }
        } else {
            $this->_pagebuilder->AddInitText('SetPriority(3);');
        }
        $signature = '';
        if ($withSignature) {
            if ($this->_proc->account->AllowDhtmlEditor) {
                $signature = $this->_proc->account->SignatureType == 0 ? nl2br($this->_proc->account->Signature) : $this->_proc->account->Signature;
                $signature = $isHtml ? $signature : strip_tags(nl2br($signature));
            } else {
                $signature = $this->_proc->account->SignatureType == 0 ? strip_tags($this->_proc->account->Signature) : strip_tags($this->_proc->account->Signature);
            }
        }
        $this->Body = $signature . $this->Body;
        if ($this->_proc->account->AllowDhtmlEditor) {
            $this->_pagebuilder->AddJSFile('class.html-editor.js');
            $setText = $isHtml ? 'HTMLEditor.SetHtml(mess);' : 'HTMLEditor.SetText(mess);';
            $this->_pagebuilder->AddJSText('
		function submitSaveMessage()
		{
			var hiddenkey = document.getElementById("ishtml");
			
			if (HTMLEditor._htmlMode) {
				plainEditor.value = HTMLEditor.GetText();
				hiddenkey.value = "1";
			} else {
				hiddenkey.value = "0";
			}
			if (bcc_mode == "hide")
			{
				document.getElementById("toBCC").value = "";
			}
			return true;
		}
		
		function EditAreaLoadHandler() { HTMLEditor.LoadEditArea();	}
		function CreateLinkHandler(url) { HTMLEditor.CreateLinkFromWindow(url); }
		function DesignModeOnHandler(rer) {
			HTMLEditor.Show();
			var mess = "' . ConvertUtils::ReBuildStringToJavaScript($this->Body, '"') . '";
			if (mess.length == 0) {
				mess = "<br />";
			}
			' . $setText . '
		}
				');
            $this->_pagebuilder->AddInitText('
		HTMLEditor = new CHtmlEditorField(true);
		HTMLEditor.SetPlainEditor(plainEditor, document.getElementById("mode_switcher"));
		HTMLEditor.Show();');
        } else {
            $this->_pagebuilder->AddJSText('
		function submitSaveMessage()
		{
			var hiddenkey = document.getElementById("ishtml");
			hiddenkey.value = "0";
			if (bcc_mode == "hide") {
				document.getElementById("toBCC").value = "";
			}
			return true;
		}
				');
        }
    }
Beispiel #10
0
foreach ($modes as $mode) {
    require_once BASEDIR . '/scripts/' . $mode . '.php';
}
$do = Req::val('do');
// Any "do" mode that accepts a task_id or id field should be added here.
if (Req::num('task_id')) {
    $project_id = $db->x->GetOne('SELECT  project_id
                                 FROM  {tasks}
                                WHERE task_id = ?', null, Req::num('task_id'));
    $do = Filters::enum($do, array('details', 'depends', 'editcomment'));
} else {
    if ($do == 'admin' && Get::has('switch') && Get::val('project') != '0') {
        $do = 'pm';
    } elseif ($do == 'pm' && Get::has('switch') && Get::val('project') == '0') {
        $do = 'admin';
    } elseif (Get::has('switch') && $do == 'details') {
        $do = 'index';
    }
    if ($do && class_exists('FlysprayDo' . ucfirst($do)) && !call_user_func(array('FlysprayDo' . ucfirst($do), 'is_projectlevel'))) {
        $project_id = 0;
    }
}
if (!isset($project_id)) {
    // Determine which project we want to see
    if (($project_id = Cookie::val('flyspray_project')) == '') {
        $project_id = $fs->prefs['default_project'];
    }
    $project_id = Req::val('project', Req::val('project_id', $project_id));
}
$proj = new Project($project_id);
// reset do for default project level entry page
Beispiel #11
0
 function handler_index($page, $action = null)
 {
     require_once 'emails.inc.php';
     require_once 'googleapps.inc.php';
     $page->changeTpl('googleapps/index.tpl');
     $page->setTitle('Compte Google Apps');
     $user = S::user();
     $account = new GoogleAppsAccount($user);
     // Fills up the 'is Google Apps redirection active' variable.
     $redirect_active = false;
     $redirect_unique = true;
     $gapps_email = '';
     if ($account->active()) {
         $redirect = new Redirect($user);
         foreach ($redirect->emails as $email) {
             if ($email->type == 'googleapps') {
                 $gapps_email = $email->email;
                 $redirect_active = $email->active;
                 $redirect_unique = !$redirect->other_active($email->email);
             }
         }
     }
     $page->assign('redirect_active', $redirect_active);
     $page->assign('redirect_unique', $redirect_unique);
     // Updates the Google Apps account as required.
     if ($action) {
         if ($action == 'password' && Post::has('pwsync')) {
             S::assert_xsrf_token();
             if (Post::v('pwsync') == 'sync') {
                 $account->set_password_sync(true);
                 $account->set_password($user->password());
             } else {
                 $account->set_password_sync(false);
             }
         } elseif ($action == 'password' && Post::has('pwhash') && Post::t('pwhash') && !$account->sync_password) {
             S::assert_xsrf_token();
             $account->set_password(Post::t('pwhash'));
         }
         if ($action == 'suspend' && Post::has('suspend') && $account->active()) {
             S::assert_xsrf_token();
             if ($account->pending_update_suspension) {
                 $page->trigWarning("Ton compte est déjà en cours de désactivation.");
             } else {
                 if (!$redirect_active || $redirect->modify_one_email($gapps_email, false) == SUCCESS) {
                     $account->suspend();
                     $page->trigSuccess("Ton compte Google Apps est dorénavant désactivé.");
                 } else {
                     $page->trigError("Ton compte Google Apps est ta seule adresse de redirection. Ton compte ne peux pas être désactivé.");
                 }
             }
         } elseif ($action == 'unsuspend' && Post::has('unsuspend') && $account->suspended()) {
             $account->unsuspend(Post::b('redirect_mails', true));
             $page->trigSuccess("Ta demande de réactivation a bien été prise en compte.");
         }
         if ($action == 'create') {
             $page->assign('has_password_sync', Get::has('password_sync'));
             $page->assign('password_sync', Get::b('password_sync', true));
         }
         if ($action == 'create' && Post::has('password_sync') && Post::has('redirect_mails')) {
             S::assert_xsrf_token();
             $password_sync = Post::b('password_sync');
             $redirect_mails = Post::b('redirect_mails');
             if ($password_sync) {
                 $password = $user->password();
             } else {
                 $password = Post::t('pwhash');
             }
             $account->create($password_sync, $password, $redirect_mails);
             $page->trigSuccess("La demande de création de ton compte Google Apps a bien été enregistrée.");
         }
     }
     $page->assign('account', $account);
 }
Beispiel #12
0
 function val($key, $default = null)
 {
     return Get::has($key) ? $_GET[$key] : $default;
 }
Beispiel #13
0
 function handler_register($page, $hash = null)
 {
     $page->forceSkin('register');
     $alert = array();
     $alert_details = '';
     $subState = new PlDict(S::v('subState', array()));
     if (!$subState->has('step')) {
         $subState->set('step', 0);
     }
     if (!$subState->has('backs')) {
         $subState->set('backs', new PlDict());
     }
     if (Get::has('back') && Get::i('back') < $subState->i('step')) {
         $subState->set('step', max(0, Get::i('back')));
         $subState->v('backs')->set($subState->v('backs')->count() + 1, $subState->dict());
         $subState->v('backs')->kill('backs');
         if ($subState->v('backs')->count() == 3) {
             $alert[] = "Tentative d'inscription très hésitante";
             $alert_details .= "\n   * Retours en arrières : 3.";
         }
     }
     if ($hash) {
         $res = XDB::query("SELECT  a.uid, a.hruid, ppn.lastname_initial AS lastname, ppn.firstname_initial AS firstname, p.xorg_id AS xorgid,\n                                       pd.promo, pe.promo_year AS yearpromo, pde.degree AS edu_type,\n                                       p.birthdate_ref AS birthdateRef, FIND_IN_SET('watch', a.flags) AS watch, m.hash, a.type, a.comment\n                                 FROM  register_marketing AS m\n                           INNER JOIN  accounts           AS a   ON (m.uid = a.uid)\n                           INNER JOIN  account_profiles   AS ap  ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n                           INNER JOIN  profiles           AS p   ON (p.pid = ap.pid)\n                           INNER JOIN  profile_display    AS pd  ON (p.pid = pd.pid)\n                           INNER JOIN  profile_education  AS pe  ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n                           INNER JOIN  profile_education_degree_enum AS pde ON (pde.id = pe.degreeid)\n                           INNER JOIN  profile_public_names AS ppn ON (ppn.pid = p.pid)\n                                WHERE  m.hash = {?} AND a.state = 'pending'", $hash);
         if ($res->numRows() == 1) {
             $subState->merge($res->fetchOneRow());
             $subState->set('main_mail_domain', User::$sub_mail_domains[$subState->v('type')]);
             XDB::execute('INSERT INTO  register_mstats (uid, sender, success)
                                SELECT  m.uid, m.sender, 0
                                  FROM  register_marketing AS m
                                 WHERE  m.hash
               ON DUPLICATE KEY UPDATE  sender = VALUES(sender), success = VALUES(success)', $subState->s('hash'));
         }
     }
     switch ($subState->i('step')) {
         case 0:
             $wp = new PlWikiPage('Reference.Charte');
             $wp->buildCache();
             if (Post::has('step1')) {
                 $subState->set('step', 1);
                 if ($subState->has('hash')) {
                     $subState->set('step', 3);
                     $this->load('register.inc.php');
                     createAliases($subState);
                 }
             }
             break;
         case 1:
             if (Post::has('yearpromo')) {
                 $edu_type = Post::t('edu_type');
                 $yearpromo = Post::i('yearpromo');
                 $promo = Profile::$cycle_prefixes[$edu_type] . $yearpromo;
                 $res = XDB::query("SELECT  COUNT(*)\n                                         FROM  accounts         AS a\n                                   INNER JOIN  account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n                                   INNER JOIN  profiles         AS p  ON (p.pid = ap.pid)\n                                   INNER JOIN  profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n                                        WHERE  a.state = 'pending' AND p.deathdate IS NULL AND pe.promo_year = {?}", $yearpromo);
                 if (!$res->fetchOneCell()) {
                     $error = 'La promotion saisie est incorrecte ou tous les camarades de cette promotion sont inscrits !';
                 } else {
                     $subState->set('step', 2);
                     $subState->set('promo', $promo);
                     $subState->set('yearpromo', $yearpromo);
                     $subState->set('edu_type', $edu_type);
                     if ($edu_type == Profile::DEGREE_X) {
                         if ($yearpromo >= 1996 && $yearpromo < 2000) {
                             $subState->set('schoolid', $yearpromo % 100 * 10 . '???');
                             $subState->set('schoolid_exemple', $yearpromo % 100 * 10000 + 532);
                             $subState->set('schoolid_exemple_ev2', ($yearpromo + 1) % 100 * 10000 + 532);
                         } elseif ($yearpromo >= 2000) {
                             $subState->set('schoolid', 100 + $yearpromo % 100 . '???');
                             $subState->set('schoolid_exemple', (100 + $yearpromo % 100) * 1000 + 532);
                             $subState->set('schoolid_exemple_ev2', (100 + ($yearpromo + 1) % 100) * 1000 + 532);
                         }
                     }
                 }
             }
             break;
         case 2:
             if (count($_POST)) {
                 $this->load('register.inc.php');
                 $subState->set('firstname', Post::t('firstname'));
                 $subState->set('lastname', Post::t('lastname'));
                 if (Post::has('schoolid')) {
                     $subState->set('schoolid', Post::i('schoolid'));
                 }
                 $error = checkNewUser($subState);
                 if ($error !== true) {
                     break;
                 }
                 $error = createAliases($subState);
                 if ($error === true) {
                     unset($error);
                     $subState->set('step', 3);
                 }
             }
             break;
         case 3:
             if (count($_POST)) {
                 $this->load('register.inc.php');
                 // Validate the email address format and domain.
                 require_once 'emails.inc.php';
                 $user = User::get($subState->s('uid'));
                 if (!isvalid_email(Post::v('email'))) {
                     $error[] = "Le champ 'Email' n'est pas valide.";
                 } elseif (!isvalid_email_redirection(Post::v('email'), $user)) {
                     $error[] = $subState->s('forlife') . ' doit renvoyer vers un email existant ' . 'valide, en particulier, il ne peut pas être renvoyé vers lui-même.';
                 }
                 // Validate the birthday format and range.
                 $birth = Post::t('birthdate');
                 if (!preg_match('@^[0-3]?\\d/[01]?\\d/(19|20)?\\d{2}$@', $birth)) {
                     $error[] = "La 'Date de naissance' n'est pas correcte.";
                 } else {
                     $birth = explode('/', $birth, 3);
                     for ($i = 0; $i < 3; ++$i) {
                         $birth[$i] = intval($birth[$i]);
                     }
                     if ($birth[2] < 100) {
                         $birth[2] += 1900;
                     }
                     $year = $birth[2];
                     $ref_year = substr($subState->v('birthdateRef'), 0, 4);
                     if (abs($ref_year - $year) > 2) {
                         $error[] = "La 'Date de naissance' n'est pas correcte.";
                         $alert[] = "Date de naissance incorrecte à l'inscription";
                         $alert_details .= "\n   * Date de naissance renseignée : " . Post::t('birthdate');
                         if ($subState->v('birthdateRef') == '0000-00-00') {
                             $alert_details .= ' (date inconnue)';
                         } else {
                             $alert_details .= ' (date connue : ' . $subState->v('birthdateRef') . ')';
                         }
                         $subState->set('wrong_birthdate', $birth);
                     }
                 }
                 // Register the optional services requested by the user.
                 $services = array();
                 foreach (array('com_letters', 'imap', 'ml_promo', 'nl') as $service) {
                     if (Post::b($service)) {
                         $services[] = $service;
                     }
                 }
                 $subState->set('services', $services);
                 // Validate the password.
                 if (!Post::v('pwhash', false)) {
                     $error[] = "Le mot de passe n'est pas valide.";
                 }
                 // Check if the given email is known as dangerous.
                 $res = XDB::query("SELECT  state, description\n                                         FROM  email_watch\n                                        WHERE  email = {?} AND state != 'safe'", Post::v('email'));
                 $bannedEmail = false;
                 if ($res->numRows()) {
                     list($state, $description) = $res->fetchOneRow();
                     $alert[] = "Email surveillé proposé à l'inscription";
                     $alert_details .= "\n   * Email surveillé : " . Post::v('email');
                     $subState->set('email_desc', $description);
                     if ($state == 'dangerous') {
                         $bannedEmail = true;
                     }
                 }
                 if ($subState->i('watch') != 0) {
                     $alert[] = "Inscription d'un utilisateur surveillé";
                     $alert_details .= "\n   * Commentaire pour la surveillance : " . $subState->v('comment');
                 }
                 if ($bannedIp = check_ip('unsafe')) {
                     unset($error);
                 }
                 if (isset($error)) {
                     $error = join('<br />', $error);
                 } else {
                     $subState->set('birthdate', sprintf("%04d-%02d-%02d", intval($birth[2]), intval($birth[1]), intval($birth[0])));
                     $subState->set('email', Post::t('email'));
                     $subState->set('password', Post::t('pwhash'));
                     // Update the current alert if the birthdate is incorrect,
                     // or if the IP address of the user has been banned.
                     if ($subState->s('birthdateRef') != '0000-00-00' && $subState->s('birthdateRef') != $subState->s('birthdate')) {
                         $alert[] = "Date de naissance incorrecte à l'inscription";
                         $alert_details .= "\n   * Date de naissance renseignée : " . Post::t('birthdate');
                         if ($subState->v('birthdateRef') == '0000-00-00') {
                             $alert_details .= ' (date inconnue)';
                         } else {
                             $alert_details .= ' (date connue : ' . $subState->v('birthdateRef') . ')';
                         }
                     }
                     if ($bannedIp) {
                         $alert[] = "Tentative d'inscription depuis une IP surveillée";
                         $alert_details .= "\n   * IP surveillée : " . $_SESSION['check_ip'];
                     }
                     // Prevent banned user from actually registering; save the current state for others.
                     if ($bannedEmail || $bannedIp) {
                         global $globals;
                         $error = "Une erreur s'est produite lors de l'inscription." . " Merci de contacter <a href='mailto:register@{$globals->mail->domain}>" . " register@{$globals->mail->domain}</a>" . " pour nous faire part de cette erreur.";
                     } else {
                         $subState->set('step', 4);
                         if ($subState->v('backs')->count() >= 3) {
                             $alert[] = "Fin d'une inscription hésitante";
                             $alert_details .= "\n   * Nombre de retours en arrière : " . $subState->v('backs')->count();
                         }
                         finishRegistration($subState);
                     }
                 }
             }
             break;
     }
     $_SESSION['subState'] = $subState->dict();
     if (count($alert)) {
         $alert_details = "Détails des alertes :" . $alert_details . "\n\n";
         $alert_details .= 'Compte concerné : ' . $subState->s('forlife') . ' (redirection vers : ' . ($subState->s('email') == '' ? Post::t('email') : $subState->s('email')) . ")\n\n\n";
         send_warning_mail(implode(' - ', $alert), $alert_details);
     }
     $page->changeTpl('register/step' . $subState->i('step') . '.tpl');
     if (isset($error)) {
         $page->trigError($error);
     }
 }
Beispiel #14
0
    }
    return new League\OAuth2\Client\Provider\Vkontakte(array('clientId' => $conf['oauth']['vkontakte_id'], 'clientSecret' => $conf['oauth']['vkontakte_secret'], 'redirectUri' => $conf['oauth']['vkontakte_redirect']));
});
if (!isset($_SESSION['return_to'])) {
    $_SESSION['return_to'] = base64_decode(Get::val('return_to', ''));
    $_SESSION['return_to'] = $_SESSION['return_to'] ?: $baseurl;
}
$provider = isset($_SESSION['oauth_provider']) ? $_SESSION['oauth_provider'] : 'none';
$provider = strtolower(Get::val('provider', $provider));
unset($_SESSION['oauth_provider']);
$active_oauths = explode(' ', $fs->prefs['active_oauths']);
if (!in_array($provider, $active_oauths)) {
    Flyspray::show_error(26);
}
$obj = $providers[$provider]();
if (!Get::has('code') && !Post::has('username')) {
    // get authorization code
    header('Location: ' . $obj->getAuthorizationUrl());
    exit;
}
if (isset($_SESSION['oauth_token'])) {
    $token = unserialize($_SESSION['oauth_token']);
    unset($_SESSION['oauth_token']);
} else {
    // Try to get an access token
    try {
        $token = $obj->getAccessToken('authorization_code', array('code' => $_GET['code']));
    } catch (\League\OAuth2\Client\Exception\IDPException $e) {
        throw new Exception($e->getMessage());
    }
}
Beispiel #15
0
 function handler_xnet_payment($page, $pid = null)
 {
     global $globals;
     $perms = S::v('perms');
     if (is_null($pid)) {
         if (!(S::identified() && $perms->hasFlag('groupadmin'))) {
             return PL_FORBIDDEN;
         }
     } else {
         if (!(S::identified() && $perms->hasFlag('groupmember'))) {
             $res = XDB::query("SELECT  1\n                                     FROM  group_events AS e\n                               INNER JOIN  group_event_participants AS ep ON (ep.eid = e.eid AND ep.uid = {?})\n                                    WHERE  e.paiement_id = {?} AND e.asso_id = {?}", S::i('uid'), $pid, $globals->asso('id'));
             $public = XDB::query("SELECT  1\n                                        FROM  payments     AS p\n                                  INNER JOIN  group_events AS g ON (g.paiement_id = p.id)\n                                       WHERE  g.asso_id = {?} AND p.id = {?} AND FIND_IN_SET('public', p.flags)", $globals->asso('id'), $pid);
             if ($res->numRows() == 0 && $public->numRows() == 0) {
                 return PL_FORBIDDEN;
             }
         }
     }
     if (!is_null($pid)) {
         return $this->handler_payment($page, $pid);
     }
     $page->changeTpl('payment/xnet.tpl');
     $res = XDB::query("SELECT  id, text, url\n                   FROM  payments\n                  WHERE  asso_id = {?} AND NOT FIND_IN_SET('old', flags)\n               ORDER BY  id DESC", $globals->asso('id'));
     $tit = $res->fetchAllAssoc();
     $page->assign('titles', $tit);
     $trans = array();
     $event = array();
     if (may_update()) {
         static $orders = array('ts_confirmed' => 'p', 'directory_name' => 'a', 'promo' => 'pd', 'comment' => 'p', 'amount' => 'p');
         if (Get::has('order_id') && Get::has('order') && array_key_exists(Get::v('order'), $orders)) {
             $order_id = Get::i('order_id');
             $order = Get::v('order');
             $ordering = ' ORDER BY ' . $orders[$order] . '.' . $order;
             if (Get::has('order_inv') && Get::i('order_inv') == 1) {
                 $ordering .= ' DESC';
                 $page->assign('order_inv', 0);
             } else {
                 $page->assign('order_inv', 1);
             }
             $page->assign('order_id', $order_id);
             $page->assign('order', $order);
             $page->assign('anchor', 'legend_' . $order_id);
         } else {
             $order_id = false;
             $ordering = '';
             $page->assign('order', false);
         }
     } else {
         $ordering = '';
         $page->assign('order', false);
     }
     foreach ($tit as $foo) {
         $pid = $foo['id'];
         if (may_update()) {
             $res = XDB::query('SELECT  p.uid, IF(p.ts_confirmed = \'0000-00-00\', 0, p.ts_confirmed) AS date, p.comment, p.amount
                                  FROM  payment_transactions AS p
                            INNER JOIN  accounts             AS a  ON (a.uid = p.uid)
                             LEFT JOIN  account_profiles     AS ap ON (ap.uid = p.uid AND FIND_IN_SET(\'owner\', ap.perms))
                             LEFT JOIN  profile_display      AS pd ON (ap.pid = pd.pid)
                                 WHERE  p.ref = {?}' . ($order_id == $pid ? $ordering : ''), $pid);
             $trans[$pid] = User::getBulkUsersWithUIDs($res->fetchAllAssoc(), 'uid', 'user');
             $sum = 0;
             foreach ($trans[$pid] as $i => $t) {
                 $sum += $t['amount'];
                 $trans[$pid][$i]['amount'] = $t['amount'];
             }
             $trans[$pid][] = array('limit' => true, 'amount' => $sum);
         }
         $res = XDB::iterRow("SELECT  e.eid, e.short_name, e.intitule, ep.nb, ei.montant, ep.paid\n                                   FROM  group_events             AS e\n                              LEFT JOIN  group_event_participants AS ep ON (ep.eid = e.eid AND ep.uid = {?})\n                             INNER JOIN  group_event_items        AS ei ON (ep.eid = ei.eid AND ep.item_id = ei.item_id)\n                                  WHERE  e.paiement_id = {?}", S::v('uid'), $pid);
         $event[$pid] = array();
         $event[$pid]['paid'] = 0;
         if ($res->total()) {
             $event[$pid]['topay'] = 0;
             while (list($eid, $shortname, $title, $nb, $montant, $paid) = $res->next()) {
                 $event[$pid]['topay'] += $nb * $montant;
                 $event[$pid]['eid'] = $eid;
                 $event[$pid]['shortname'] = $shortname;
                 $event[$pid]['title'] = $title;
                 $event[$pid]['ins'] = !is_null($nb);
                 $event[$pid]['paid'] = $paid;
             }
         }
         $res = XDB::query('SELECT  SUM(amount) AS sum_amount
                              FROM  payment_transactions
                             WHERE  ref = {?} AND uid = {?}', $pid, S::v('uid'));
         $event[$pid]['paid'] = $res->fetchOneCell();
     }
     $page->register_modifier('decode_comment', 'decode_comment');
     $page->assign('trans', $trans);
     $page->assign('event', $event);
 }
Beispiel #16
0
 function handler_exit($page, $level = null)
 {
     if (S::suid()) {
         $old = S::user()->login();
         S::logger()->log('suid_stop', $old . " by " . S::suid('hruid'));
         Platal::session()->stopSUID();
         $target = S::s('suid_startpage');
         S::kill('suid_startpage');
         if (!empty($target)) {
             http_redirect($target);
         }
         pl_redirect('admin/user/' . $old);
     }
     if ($level == 'forget' || $level == 'forgetall') {
         Platal::session()->killAccessCookie();
     }
     if ($level == 'forgetuid' || $level == 'forgetall') {
         Platal::session()->killLoginFormCookies();
     }
     if (S::logged()) {
         S::logger()->log('deconnexion', @$_SERVER['HTTP_REFERER']);
         Platal::session()->destroy();
     }
     if (Get::has('redirect')) {
         http_redirect(rawurldecode(Get::v('redirect')));
     } else {
         $page->changeTpl('platal/exit.tpl');
     }
 }
Beispiel #17
0
<?php

/*
    This script is the AJAX callback that performs a search
    for users, and returns true if the user_name is not given.
*/
define('IN_FS', true);
header('Content-type: text/html; charset=utf-8');
require_once '../../header.php';
$baseurl = dirname(dirname($baseurl)) . '/';
if (Get::has('name')) {
    $searchterm = strtolower(Get::val('name'));
}
// Get the list of users from the global groups above
$get_users = $db->x->getRow('  SELECT  count(u.user_name) AS anz_u_user, 
                                   count(r.user_name) AS anz_r_user 
                             FROM  {users} u
                        LEFT JOIN  {registrations} r ON u.user_name = r.user_name
                            WHERE  Lower(u.user_name) = ? 
                                   OR
                                   Lower(r.user_name) = ?', null, array($searchterm, $searchterm));
if ($get_users) {
    if ($get_users['anz_u_user'] > '0' || $get_users['anz_r_user'] > '0') {
        $html = 'false|' . eL('usernametaken');
    } else {
        $html = 'true';
    }
}
echo $html;
Beispiel #18
0
 function handler_aaliases($page, $alias = null)
 {
     global $globals;
     require_once 'emails.inc.php';
     $page->setTitle('Administration - Aliases');
     if (Post::has('new_alias')) {
         pl_redirect('admin/aliases/' . Post::t('new_alias') . '@' . $globals->mail->domain);
     }
     // If no alias, list them all.
     if (is_null($alias)) {
         $page->changeTpl('lists/admin_aliases.tpl');
         $page->assign('aliases', array_merge(iterate_list_alias($globals->mail->domain), iterate_list_alias($globals->mail->domain2)));
         return;
     }
     list($local_part, $domain) = explode('@', $alias);
     if (!($globals->mail->domain == $domain || $globals->mail->domain2 == $domain) || !preg_match("/^[a-zA-Z0-9\\-\\.]*\$/", $local_part)) {
         $page->trigErrorRedirect('Le nom de l\'alias est erroné.', $globals->asso('diminutif') . 'admin/aliases');
     }
     // Now we can perform the action.
     if (Post::has('del_alias')) {
         S::assert_xsrf_token();
         delete_list_alias($local_part, $domain);
         $page->trigSuccessRedirect($alias . ' supprimé.', 'admin/aliases');
     }
     if (Post::has('add_member')) {
         S::assert_xsrf_token();
         if (add_to_list_alias(Post::t('add_member'), $local_part, $domain)) {
             $page->trigSuccess('Ajout réussit.');
         } else {
             $page->trigError('Ajout infructueux.');
         }
     }
     if (Get::has('del_member')) {
         S::assert_xsrf_token();
         if (delete_from_list_alias(Get::t('del_member'), $local_part, $domain)) {
             $page->trigSuccess('Suppression réussie.');
         } else {
             $page->trigError('Suppression infructueuse.');
         }
     }
     $page->changeTpl('lists/admin_edit_alias.tpl');
     $page->assign('members', list_alias_members($local_part, $domain));
     $page->assign('alias', $alias);
 }
Beispiel #19
0
//PROJECT GRAPH
if (Get::has('project_id') && Get::val('graph', 'project') == 'project') {
    $today = date('Y-m-d');
    $thirtyone_days = date('U', strtotime("-31 day", strtotime($today)));
    $sixtyone_days = date('U', strtotime("-61 day", strtotime($today)));
    //look 30 + days and if found scale
    $projectCheck = Project::getActivityProjectCount($sixtyone_days, $thirtyone_days, Get::num('project_id'));
    if ($projectCheck > 0) {
        $data = Project::getDayActivityByProject($sixtyone_days, date('U', strtotime(date('Y-m-d'))), Get::num('project_id'));
    } else {
        $data = Project::getDayActivityByProject($thirtyone_days, date('U', strtotime(date('Y-m-d'))), Get::num('project_id'));
    }
    $data = implode(',', $data);
    //User Graph
} else {
    if (Get::has('user_id') && Get::has('project_id') && Get::val('graph') == 'user') {
        $today = date('Y-m-d');
        $thirtyone_days = date('U', strtotime("-31 day", strtotime($today)));
        $sixtyone_days = date('U', strtotime("-61 day", strtotime($today)));
        //look 30 + days and if found scale
        $projectCheck = Project::getActivityProjectCount($sixtyone_days, $thirtyone_days, Get::num('project_id'));
        if ($projectCheck > 0) {
            $data = User::getDayActivityByUser($sixtyone_days, date('U', strtotime(date('Y-m-d'))), Get::num('project_id'), Get::num('user_id'));
        } else {
            $data = User::getDayActivityByUser($thirtyone_days, date('U', strtotime(date('Y-m-d'))), Get::num('project_id'), Get::num('user_id'));
        }
        $data = implode(',', $data);
    } else {
        $data = '';
    }
}
Beispiel #20
0
 function handler_lists($page, $order_by = null, $order = null)
 {
     require_once 'emails.inc.php';
     if (!$this->get_lists_domain()) {
         return PL_NOT_FOUND;
     }
     $page->changeTpl('xnetlists/index.tpl');
     if (Get::has('del')) {
         S::assert_xsrf_token();
         $mlist = $this->prepare_list(Get::v('del'));
         $mlist->unsubscribe();
         pl_redirect('lists');
     }
     if (Get::has('add')) {
         S::assert_xsrf_token();
         $mlist = $this->prepare_list(Get::v('add'));
         $mlist->subscribe();
         pl_redirect('lists');
     }
     if (Post::has('del_alias') && may_update()) {
         S::assert_xsrf_token();
         $alias = Post::t('del_alias');
         list($local_part, ) = explode('@', $alias);
         delete_list_alias($local_part, $this->get_lists_domain());
         $page->trigSuccess($alias . ' supprimé&nbsp;!');
     }
     $client = $this->prepare_client();
     $listes = $client->get_lists();
     // Default ordering is by ascending names.
     if (is_null($order_by) || is_null($order) || !in_array($order_by, array('list', 'desc', 'nbsub')) || !in_array($order, array('asc', 'desc'))) {
         $order_by = 'list';
         $order = 'asc';
     }
     $compare = function ($a, $b) use($order_by, $order) {
         switch ($order_by) {
             case 'desc':
                 $a[$order_by] = replace_accent($a[$order_by]);
                 $b[$order_by] = replace_accent($b[$order_by]);
             case 'list':
                 $res = strcasecmp($a[$order_by], $b[$order_by]);
                 break;
             case 'nbsub':
                 $res = $a[$order_by] - $b[$order_by];
                 break;
             default:
                 $res = 0;
         }
         if ($order == 'asc') {
             return $res;
         }
         return $res * -1;
     };
     usort($listes, $compare);
     $page->assign('listes', $listes);
     $page->assign('order_by', $order_by);
     $page->assign('order', $order);
     $page->assign('aliases', iterate_list_alias($this->get_lists_domain()));
     $page->assign('may_update', may_update());
     if (S::suid()) {
         $page->trigWarning("Attention&nbsp;: l'affichage des listes de diffusion ne tient pas compte de l'option « Voir le site comme&hellip; ».");
     }
     global $globals;
     if (count($listes) > 0 && !$globals->asso('has_ml')) {
         XDB::execute("UPDATE  groups\n                             SET  flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'has_ml')\n                           WHERE  id = {?}", $globals->asso('id'));
     }
 }