/** This function will add an attribute to a <a> tag if
* the current path matches the argument
* @param $path The path to write in the href attribute
* @param $iftrue The attribute to add if current path is $path
* @param $iffalse The attribute to add otherwise (defaults to '')
*/
function smarty_function_path_to_href_attribute($params, &$smarty)
{
$on = isset($params['iftrue']) ? $params['iftrue'] : 'on';
$off = isset($params['iffalse']) ? $params['iffalse'] : '';
if (trim($params['path'], '/') == trim(Get::v('n'), '/')) {
$attribute = $on;
} else {
$attribute = $off;
}
$attribute = $attribute == '' ? '' : ' ' . $attribute;
return 'href="' . $params['path'] . '" class="link' . $attribute . '"';
}
protected function doAuth($level)
{
if (S::identified()) {
// Nothing to do there
return User::getSilentWithValues(null, array('uid' => S::i('uid')));
}
if (!Get::has('auth')) {
return null;
}
global $globals;
if (md5('1' . S::v('challenge') . $globals->xnet->secret . Get::i('uid') . '1') != Get::v('auth')) {
return null;
}
Get::kill('auth');
S::set('auth', AUTH_PASSWD);
return User::getSilentWithValues(null, array('uid' => Get::i('uid')));
}
function get_banana_params(array &$get, $group = null, $action = null, $artid = null)
{
if ($group == 'forums') {
$group = null;
} else {
if ($group == 'thread') {
$group = S::v('banana_group');
} else {
if ($group == 'message') {
$action = 'read';
$group = S::v('banana_group');
$artid = S::i('banana_artid');
} else {
if ($action == 'message') {
$action = 'read';
$artid = S::i('banana_artid');
} else {
if ($group == 'subscribe' || $group == 'subscription') {
$group = null;
$action = null;
$get['action'] = 'subscribe';
} else {
if ($group == 'profile') {
$group = null;
$action = null;
$get['action'] = 'profile';
}
}
}
}
}
}
if (!is_null($group)) {
$get['group'] = $group;
}
if (!is_null($action)) {
if ($action == 'new') {
$get['action'] = 'new';
} elseif (!is_null($artid)) {
$get['artid'] = $artid;
if ($action == 'reply') {
$get['action'] = 'new';
} elseif ($action == 'cancel') {
$get['action'] = $action;
} elseif ($action == 'from') {
$get['first'] = $artid;
unset($get['artid']);
} elseif ($action == 'read') {
$get['part'] = @$_GET['part'];
} elseif ($action == 'source') {
$get['part'] = 'source';
} elseif ($action == 'xface') {
$get['part'] = 'xface';
} elseif ($action) {
$get['part'] = str_replace('.', '/', $action);
}
if (Get::v('action') == 'showext') {
$get['action'] = 'showext';
}
}
}
}
function handler_moderate($page, $liste = null)
{
if (is_null($liste)) {
return PL_NOT_FOUND;
}
$mlist = $this->prepare_list($liste);
if (!$this->is_group_admin($page)) {
$this->verify_list_owner($page, $mlist);
}
$page->changeTpl('lists/moderate.tpl');
$page->register_modifier('hdc', 'list_header_decode');
if (Env::has('sadd') || Env::has('sdel')) {
S::assert_xsrf_token();
if (Env::has('sadd')) {
// Ensure the moderated request is still active
$sub = $mlist->getPendingSubscription(Env::v('sadd'));
$mlist->handleRequest(MailingList::REQ_SUBSCRIBE, Env::v('sadd'));
$info = "validée";
}
if (Post::has('sdel')) {
// Ensure the moderated request is still active
$sub = $mlist->getPendingSubscription(Env::v('sdel'));
$mlist->handleRequest(MailingList::REQ_REJECT, Post::v('sdel'), Post::v('reason'));
$info = "refusée";
}
if ($sub) {
$mailer = new PlMailer();
$mailer->setFrom($mlist->getAddress(MailingList::KIND_BOUNCE));
$mailer->addTo($mlist->getAddress(MailingList::KIND_OWNER));
$mailer->addHeader('Reply-To', $mlist->getAddress(MailingList::KIND_OWNER));
$mailer->setSubject("L'inscription de {$sub['name']} a été {$info}");
$text = "L'inscription de {$sub['name']} à la liste " . $mlist->address . " a été {$info} par " . S::user()->fullName(true) . ".\n";
if (trim(Post::v('reason'))) {
$text .= "\nLa raison invoquée est :\n" . Post::v('reason');
}
$mailer->setTxtBody(wordwrap($text, 72));
$mailer->send();
}
if (Env::has('sadd')) {
pl_redirect('lists/moderate/' . $liste);
}
}
if (Post::has('moderate_mails') && Post::has('select_mails')) {
S::assert_xsrf_token();
$mails = array_keys(Post::v('select_mails'));
foreach ($mails as $mail) {
$this->moderate_mail($mlist, $mail);
}
} elseif (Env::has('mid')) {
if (Get::has('mid') && !Env::has('mok') && !Env::has('mdel')) {
require_once 'banana/moderate.inc.php';
$page->changeTpl('lists/moderate_mail.tpl');
$params = array('listname' => $mlist->mbox, 'domain' => $mlist->domain, 'artid' => Get::i('mid'), 'part' => Get::v('part'), 'action' => Get::v('action'));
$params['client'] = $this->prepare_client();
run_banana($page, 'ModerationBanana', $params);
$msg = file_get_contents('/etc/mailman/fr/refuse.txt');
$msg = str_replace("%(adminaddr)s", $mlist->getAddress(MailingList::KIND_OWNER), $msg);
$msg = str_replace("%(request)s", "<< SUJET DU MAIL >>", $msg);
$msg = str_replace("%(reason)s", "<< TON EXPLICATION >>", $msg);
$msg = str_replace("%(listname)s", $liste, $msg);
$page->assign('msg', $msg);
return;
}
$this->moderate_mail($mlist, Env::i('mid'));
} elseif (Env::has('sid')) {
if (list($subs, $mails) = $this->get_pending_ops($mlist)) {
foreach ($subs as $user) {
if ($user['id'] == Env::v('sid')) {
$page->changeTpl('lists/moderate_sub.tpl');
$page->assign('del_user', $user);
return;
}
}
}
}
if (list($subs, $mails) = $this->get_pending_ops($mlist)) {
foreach ($mails as $key => $mail) {
$mails[$key]['stamp'] = strftime("%Y%m%d%H%M%S", $mail['stamp']);
if ($mail['fromx']) {
$page->assign('with_fromx', true);
} else {
$page->assign('with_nonfromx', true);
}
}
$page->assign_by_ref('subs', $subs);
$page->assign_by_ref('mails', $mails);
} else {
$page->kill("La liste n'existe pas ou tu n'as pas le droit de la modérer.");
}
}
function handler_exit($page, $level = null)
{
if (S::suid()) {
$old = S::user()->login();
S::logger()->log('suid_stop', $old . " by " . S::suid('hruid'));
Platal::session()->stopSUID();
$target = S::s('suid_startpage');
S::kill('suid_startpage');
if (!empty($target)) {
http_redirect($target);
}
pl_redirect('admin/user/' . $old);
}
if ($level == 'forget' || $level == 'forgetall') {
Platal::session()->killAccessCookie();
}
if ($level == 'forgetuid' || $level == 'forgetall') {
Platal::session()->killLoginFormCookies();
}
if (S::logged()) {
S::logger()->log('deconnexion', @$_SERVER['HTTP_REFERER']);
Platal::session()->destroy();
}
if (Get::has('redirect')) {
http_redirect(rawurldecode(Get::v('redirect')));
} else {
$page->changeTpl('platal/exit.tpl');
}
}
function handler_preview($page)
{
$page->changeTpl('events/preview.tpl', NO_SKIN);
$texte = Get::v('texte');
if (!is_utf8($texte)) {
$texte = utf8_encode($texte);
}
$titre = Get::v('titre');
if (!is_utf8($titre)) {
$titre = utf8_encode($titre);
}
$page->assign('texte', $texte);
$page->assign('titre', $titre);
pl_content_headers("text/html");
}
function handler_xnet_payment($page, $pid = null)
{
global $globals;
$perms = S::v('perms');
if (is_null($pid)) {
if (!(S::identified() && $perms->hasFlag('groupadmin'))) {
return PL_FORBIDDEN;
}
} else {
if (!(S::identified() && $perms->hasFlag('groupmember'))) {
$res = XDB::query("SELECT 1\n FROM group_events AS e\n INNER JOIN group_event_participants AS ep ON (ep.eid = e.eid AND ep.uid = {?})\n WHERE e.paiement_id = {?} AND e.asso_id = {?}", S::i('uid'), $pid, $globals->asso('id'));
$public = XDB::query("SELECT 1\n FROM payments AS p\n INNER JOIN group_events AS g ON (g.paiement_id = p.id)\n WHERE g.asso_id = {?} AND p.id = {?} AND FIND_IN_SET('public', p.flags)", $globals->asso('id'), $pid);
if ($res->numRows() == 0 && $public->numRows() == 0) {
return PL_FORBIDDEN;
}
}
}
if (!is_null($pid)) {
return $this->handler_payment($page, $pid);
}
$page->changeTpl('payment/xnet.tpl');
$res = XDB::query("SELECT id, text, url\n FROM payments\n WHERE asso_id = {?} AND NOT FIND_IN_SET('old', flags)\n ORDER BY id DESC", $globals->asso('id'));
$tit = $res->fetchAllAssoc();
$page->assign('titles', $tit);
$trans = array();
$event = array();
if (may_update()) {
static $orders = array('ts_confirmed' => 'p', 'directory_name' => 'a', 'promo' => 'pd', 'comment' => 'p', 'amount' => 'p');
if (Get::has('order_id') && Get::has('order') && array_key_exists(Get::v('order'), $orders)) {
$order_id = Get::i('order_id');
$order = Get::v('order');
$ordering = ' ORDER BY ' . $orders[$order] . '.' . $order;
if (Get::has('order_inv') && Get::i('order_inv') == 1) {
$ordering .= ' DESC';
$page->assign('order_inv', 0);
} else {
$page->assign('order_inv', 1);
}
$page->assign('order_id', $order_id);
$page->assign('order', $order);
$page->assign('anchor', 'legend_' . $order_id);
} else {
$order_id = false;
$ordering = '';
$page->assign('order', false);
}
} else {
$ordering = '';
$page->assign('order', false);
}
foreach ($tit as $foo) {
$pid = $foo['id'];
if (may_update()) {
$res = XDB::query('SELECT p.uid, IF(p.ts_confirmed = \'0000-00-00\', 0, p.ts_confirmed) AS date, p.comment, p.amount
FROM payment_transactions AS p
INNER JOIN accounts AS a ON (a.uid = p.uid)
LEFT JOIN account_profiles AS ap ON (ap.uid = p.uid AND FIND_IN_SET(\'owner\', ap.perms))
LEFT JOIN profile_display AS pd ON (ap.pid = pd.pid)
WHERE p.ref = {?}' . ($order_id == $pid ? $ordering : ''), $pid);
$trans[$pid] = User::getBulkUsersWithUIDs($res->fetchAllAssoc(), 'uid', 'user');
$sum = 0;
foreach ($trans[$pid] as $i => $t) {
$sum += $t['amount'];
$trans[$pid][$i]['amount'] = $t['amount'];
}
$trans[$pid][] = array('limit' => true, 'amount' => $sum);
}
$res = XDB::iterRow("SELECT e.eid, e.short_name, e.intitule, ep.nb, ei.montant, ep.paid\n FROM group_events AS e\n LEFT JOIN group_event_participants AS ep ON (ep.eid = e.eid AND ep.uid = {?})\n INNER JOIN group_event_items AS ei ON (ep.eid = ei.eid AND ep.item_id = ei.item_id)\n WHERE e.paiement_id = {?}", S::v('uid'), $pid);
$event[$pid] = array();
$event[$pid]['paid'] = 0;
if ($res->total()) {
$event[$pid]['topay'] = 0;
while (list($eid, $shortname, $title, $nb, $montant, $paid) = $res->next()) {
$event[$pid]['topay'] += $nb * $montant;
$event[$pid]['eid'] = $eid;
$event[$pid]['shortname'] = $shortname;
$event[$pid]['title'] = $title;
$event[$pid]['ins'] = !is_null($nb);
$event[$pid]['paid'] = $paid;
}
}
$res = XDB::query('SELECT SUM(amount) AS sum_amount
FROM payment_transactions
WHERE ref = {?} AND uid = {?}', $pid, S::v('uid'));
$event[$pid]['paid'] = $res->fetchOneCell();
}
$page->register_modifier('decode_comment', 'decode_comment');
$page->assign('trans', $trans);
$page->assign('event', $event);
}
function handler_groups2($page)
{
$this->handler_groups($page, Get::v('cat'), Get::v('dom'));
}
function handler_lists($page, $order_by = null, $order = null)
{
require_once 'emails.inc.php';
if (!$this->get_lists_domain()) {
return PL_NOT_FOUND;
}
$page->changeTpl('xnetlists/index.tpl');
if (Get::has('del')) {
S::assert_xsrf_token();
$mlist = $this->prepare_list(Get::v('del'));
$mlist->unsubscribe();
pl_redirect('lists');
}
if (Get::has('add')) {
S::assert_xsrf_token();
$mlist = $this->prepare_list(Get::v('add'));
$mlist->subscribe();
pl_redirect('lists');
}
if (Post::has('del_alias') && may_update()) {
S::assert_xsrf_token();
$alias = Post::t('del_alias');
list($local_part, ) = explode('@', $alias);
delete_list_alias($local_part, $this->get_lists_domain());
$page->trigSuccess($alias . ' supprimé !');
}
$client = $this->prepare_client();
$listes = $client->get_lists();
// Default ordering is by ascending names.
if (is_null($order_by) || is_null($order) || !in_array($order_by, array('list', 'desc', 'nbsub')) || !in_array($order, array('asc', 'desc'))) {
$order_by = 'list';
$order = 'asc';
}
$compare = function ($a, $b) use($order_by, $order) {
switch ($order_by) {
case 'desc':
$a[$order_by] = replace_accent($a[$order_by]);
$b[$order_by] = replace_accent($b[$order_by]);
case 'list':
$res = strcasecmp($a[$order_by], $b[$order_by]);
break;
case 'nbsub':
$res = $a[$order_by] - $b[$order_by];
break;
default:
$res = 0;
}
if ($order == 'asc') {
return $res;
}
return $res * -1;
};
usort($listes, $compare);
$page->assign('listes', $listes);
$page->assign('order_by', $order_by);
$page->assign('order', $order);
$page->assign('aliases', iterate_list_alias($this->get_lists_domain()));
$page->assign('may_update', may_update());
if (S::suid()) {
$page->trigWarning("Attention : l'affichage des listes de diffusion ne tient pas compte de l'option « Voir le site comme… ».");
}
global $globals;
if (count($listes) > 0 && !$globals->asso('has_ml')) {
XDB::execute("UPDATE groups\n SET flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'has_ml')\n WHERE id = {?}", $globals->asso('id'));
}
}