function post_queue_u_update($job)
{
global $globals;
// If the u_update job was an unsuspend request, re-adds the redirection
// to the Google Apps delivery address, provided the account is active (it might
// have been deleted between the unsuspension and the post-queue processing).
$parameters = json_decode($job['j_parameters'], true);
$username = isset($parameters['username']) ? $parameters['username'] : null;
if (!($user = User::getSilent($username))) {
return;
}
if (isset($parameters['suspended']) && $parameters['suspended'] == false) {
require_once 'emails.inc.php';
$account = new GoogleAppsAccount($user);
if ($account->active()) {
// Re-adds the email redirection (if the user did request it).
if ($account->activate_mail_redirection) {
Email::activate_storage($user, 'googleapps');
}
// Sends an email to the account owner.
$mailer = new PlMailer('googleapps/unsuspend.mail.tpl');
$mailer->assign('account', $account);
$mailer->assign('email', $user->bestEmail());
$mailer->assign('prenom', $user->displayName());
$mailer->assign('sexe', $user->isFemale());
$mailer->send();
}
}
}
public function handler_admin_nl_enable($page)
{
global $globals;
$nl = $this->getNl();
if ($nl) {
return PL_FORBIDDEN;
}
if (Post::has('title')) {
if (!S::has_xsrf_token()) {
return PL_FORBIDDEN;
}
XDB::execute('INSERT INTO newsletters
SET group_id = {?}, name = {?}', $globals->asso('id'), Post::s('title'));
$mailer = new PlMailer();
$mailer->assign('group', $globals->asso('nom'));
$mailer->assign('user', S::user());
$mailer->send();
$page->trigSuccessRedirect("La lettre d'informations du groupe " . $globals->asso('nom') . " a bien été créée", $globals->asso('shortname') . '/admin/nl');
}
$page->setTitle('Activation de la newsletter');
$page->changeTpl('newsletter/enable.tpl');
}
function send_robot_homonym(PlUser $user, $email)
{
$cc = "validation+homonyme@" . Platal::globals()->mail->domain;
$from = "\"Support Polytechnique.org\" <{$cc}>";
$body = Post::has('mailbody') ? Post::t('mailbody') : get_robot_mail_text($user, $email);
$user = User::getSilentWithUID($user->id());
$mymail = new PlMailer();
$mymail->setFrom($from);
$mymail->setSubject("Mise en place du robot {$email}@" . $user->mainEmailDomain());
$mymail->addCc($cc);
$mymail->setTxtBody($body);
$mymail->sendTo($user);
}
function handler_broken_addr($page)
{
require_once 'emails.inc.php';
$page->changeTpl('emails/broken_addr.tpl');
if (Env::has('sort_broken')) {
S::assert_xsrf_token();
$list = trim(Env::v('list'));
if ($list == '') {
$page->trigError('La liste est vide.');
} else {
$valid_emails = array();
$invalid_emails = array();
$broken_list = explode("\n", $list);
sort($broken_list);
foreach ($broken_list as $orig_email) {
$orig_email = trim($orig_email);
if ($orig_email != '') {
$email = valide_email($orig_email);
if (empty($email) || $email == '@') {
$invalid_emails[] = trim($orig_email) . ': invalid email';
} elseif (!in_array($email, $valid_emails)) {
$nb = XDB::fetchOneCell('SELECT COUNT(*)
FROM email_redirect_account
WHERE redirect = {?}', $email);
if ($nb > 0) {
$valid_emails[] = $email;
} else {
$invalid_emails[] = $orig_email . ': no such redirection';
}
}
}
}
$page->assign('valid_emails', $valid_emails);
$page->assign('invalid_emails', $invalid_emails);
}
}
if (Env::has('process_broken')) {
S::assert_xsrf_token();
$list = trim(Env::v('list'));
if ($list == '') {
$page->trigError('La liste est vide.');
} else {
require_once 'notifs.inc.php';
$broken_user_list = array();
$broken_user_email_count = array();
$broken_user_profiles = array();
$broken_list = explode("\n", $list);
sort($broken_list);
foreach ($broken_list as $email) {
$email = trim($email);
$userobj = null;
if ($user = mark_broken_email($email, true)) {
$userobj = User::getSilentWithUID($user['uid']);
}
if (is_null($userobj)) {
continue;
}
$profile = $userobj->profile();
if (is_null($profile)) {
continue;
}
if ($user['nb_mails'] > 0 && $user['notify']) {
$mail = new PlMailer('emails/broken.mail.tpl');
$mail->setTo($userobj);
$mail->assign('user', $user);
$mail->assign('email', $email);
$mail->send();
} else {
WatchProfileUpdate::register($profile, 'broken');
}
$pid = $profile->id();
if (!isset($broken_user_list[$pid])) {
$broken_user_list[$pid] = array($email);
} else {
$broken_user_list[$pid][] = $email;
}
$broken_user_email_count[$pid] = $user['nb_mails'];
$broken_user_profiles[$pid] = $profile;
}
XDB::execute('UPDATE email_redirect_account
SET broken_level = broken_level - 1
WHERE flags = \'active\' AND broken_level > 1
AND DATE_ADD(last, INTERVAL 1 MONTH) < CURDATE()');
XDB::execute('UPDATE email_redirect_account
SET broken_level = 0
WHERE flags = \'active\' AND broken_level = 1
AND DATE_ADD(last, INTERVAL 1 YEAR) < CURDATE()');
// Sort $broken_user_list with (promo, sortname, pid)
$sortable_array = array();
foreach ($broken_user_list as $pid => $mails) {
$profile = $broken_user_profiles[$pid];
$sortable_array[$pid] = array($profile->promo(), $profile->sortName(), $pid);
}
asort($sortable_array);
// Output the list of users with recently broken addresses,
// along with the count of valid redirections.
pl_cached_content_headers('text/x-csv', null, 1, 'broken.csv');
$csv = fopen('php://output', 'w');
fputcsv($csv, array('nom', 'promo', 'bounces', 'nbmails', 'url', 'corps', 'job', 'networking'), ';');
$corpsList = DirEnum::getOptions(DirEnum::CURRENTCORPS);
foreach (array_keys($sortable_array) as $pid) {
$mails = $broken_user_list[$pid];
$profile = $broken_user_profiles[$pid];
$current_corps = $profile->getCorpsName();
$jobs = $profile->getJobs();
$companies = array();
foreach ($jobs as $job) {
$companies[] = $job->company->name;
}
$networkings = $profile->getNetworking(Profile::NETWORKING_ALL);
$networking_list = array();
foreach ($networkings as $networking) {
$networking_list[] = $networking['address'];
}
fputcsv($csv, array($profile->fullName(), $profile->promo(), join(',', $mails), $broken_user_email_count[$pid], 'https://www.polytechnique.org/marketing/broken/' . $profile->hrid(), $current_corps, implode(',', $companies), implode(',', $networking_list)), ';');
}
fclose($csv);
exit;
}
}
}
/** Schedule a mailing of this NL
* If the 'send_before' field was NULL, it is set to the current time.
* @return Boolean Whether the date could be set (false if trying to schedule an already sent NL)
*/
public function scheduleMailing()
{
if ($this->state == self::STATE_NEW) {
$success = XDB::execute('UPDATE newsletter_issues
SET state = \'pending\', send_before = IFNULL(send_before, NOW())
WHERE id = {?}', $this->id);
if ($success) {
global $globals;
$mailer = new PlMailer('newsletter/notify_scheduled.mail.tpl');
$mailer->assign('issue', $this);
$mailer->assign('base', $globals->baseurl);
$mailer->send();
$this->refresh();
}
return $success;
} else {
return false;
}
}
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
require_once 'connect.db.inc.php';
require_once 'plmailer.php';
require_once 'notifs.inc.php';
ini_set('memory_limit', '128M');
$uids = XDB::query('SELECT uid
FROM watch
WHERE FIND_IN_SET(\'mail\', flags)
ORDER BY uid');
$iterator = User::iterOverUIDs($uids->fetchColumn());
while ($user = $iterator->next()) {
$watch = new Watch($user);
if ($watch->count() > 0) {
$notifs = $watch->events();
$mailer = new PlMailer('carnet/notif.mail.tpl');
$mailer->assign('sex', $user->isFemale());
$mailer->assign('yourself', $user->display_name);
$mailer->assign('week', date('W - Y'));
$mailer->assign('notifs', $notifs);
$mailer->sendTo($user);
unset($mailer);
unset($notifs);
}
unset($watch);
unset($user);
}
XDB::execute("UPDATE watch_profile\n SET ts = NOW()\n WHERE field = 'broken'");
XDB::execute('DELETE FROM watch_profile
WHERE ts < DATE_SUB(CURRENT_DATE, INTERVAL 15 DAY)');
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with this program; if not, write to the Free Software *
* Foundation, Inc., *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
require_once 'connect.db.inc.php';
require_once 'plmailer.php';
$limit = 60;
$users = XDB::fetchAllAssoc('SELECT a.uid, a.hruid, r.hash, r.group_name, r.sender_name, r.email
FROM register_pending_xnet AS r
INNER JOIN accounts AS a ON (r.uid = a.uid)
WHERE a.state = \'disabled\'
ORDER BY r.date, a.uid');
$mailer = new PlMailer('xnet/account.mail.tpl');
$mailer->addCc('*****@*****.**');
$i = 0;
foreach ($users as $user) {
$mailer->setTo($user['email']);
$mailer->assign('hash', $user['hash']);
$mailer->assign('email', $user['email']);
$mailer->assign('group', $user['group_name']);
$mailer->assign('sender_name', $user['sender_name']);
$mailer->assign('again', false);
$mailer->assign('baseurl', Platal::globals()->baseurl);
$mailer->send();
XDB::execute('UPDATE accounts
SET state = \'pending\'
WHERE uid = {?}', $user['uid']);
if ($i == $limit) {
function handler_recovery_ext($page)
{
$page->changeTpl('xnet/recovery.tpl');
if (!Post::has('login')) {
return;
}
$user = User::getSilent(Post::t('login'));
if (is_null($user)) {
$page->trigError('Le compte n\'existe pas.');
return;
}
if ($user->state != 'active') {
$page->trigError('Ton compte n\'est pas activé.');
return;
}
$page->assign('ok', true);
$hash = rand_url_id();
XDB::execute('INSERT INTO account_lost_passwords (uid, created, certificat)
VALUES ({?}, NOW(), {?})', $user->id(), $hash);
$mymail = new PlMailer('platal/password_recovery_xnet.mail.tpl');
$mymail->setTo($user);
$mymail->assign('hash', $hash);
$mymail->assign('email', Post::t('login'));
$mymail->send();
S::logger($user->id())->log('recovery', $user->bestEmail());
}
function finishRegistration($subState)
{
global $globals;
$hash = rand_url_id(12);
XDB::execute('INSERT INTO register_pending (uid, forlife, bestalias, mailorg2, password,
email, date, relance, naissance, hash, services)
VALUES ({?}, {?}, {?}, {?}, {?}, {?}, NOW(), 0, {?}, {?}, {?})
ON DUPLICATE KEY UPDATE password=VALUES(password), email=VALUES(email),
date=VALUES(date), naissance=VALUES(naissance),
hash=VALUES(hash), services=VALUES(services)', $subState->i('uid'), $subState->s('forlife'), $subState->s('bestalias'), $subState->s('emailXorg2'), $subState->s('password'), $subState->s('email'), $subState->s('birthdate'), $hash, implode(',', $subState->v('services')));
$mymail = new PlMailer('register/end.mail.tpl');
$mymail->assign('emailXorg', $subState->s('bestalias'));
$mymail->assign('to', $subState->s('email'));
$mymail->assign('baseurl', $globals->baseurl);
$mymail->assign('hash', $hash);
$mymail->assign('subject', ucfirst($globals->mail->domain) . ' : ' . $subState->s('bestalias'));
$mymail->send();
}
function handler_user($page, $login = false)
{
global $globals;
$page->changeTpl('admin/user.tpl');
$page->setTitle('Administration - Compte');
if (S::suid()) {
$page->kill("Déjà en SUID !!!");
}
// Loads the user identity using the environment.
if ($login) {
$user = User::get($login);
}
if (empty($user)) {
pl_redirect('admin/accounts');
}
$listClient = new MMList(S::user());
$login = $user->login();
$registered = $user->state != 'pending';
// Form processing
if (!empty($_POST)) {
S::assert_xsrf_token();
if (Post::has('uid') && Post::i('uid') != $user->id()) {
$page->kill('Une erreur s\'est produite');
}
}
// Handles specific requests (AX sync, su, ...).
if (Post::has('log_account')) {
pl_redirect("admin/logger?loguser={$login}&year=" . date('Y') . "&month=" . date('m'));
}
if (Post::has('su_account') && $registered) {
if (!Platal::session()->startSUID($user)) {
$page->trigError('Impossible d\'effectuer un SUID sur ' . $user->login());
} else {
pl_redirect("");
}
}
// Handles account deletion.
if (Post::has('account_deletion_confirmation')) {
$uid = $user->id();
$name = $user->fullName();
$profile = $user->profile();
if ($profile && Post::b('clear_profile')) {
$user->profile()->clear();
}
$user->clear(true);
$page->trigSuccess("L'utilisateur {$name} ({$uid}) a bien été désinscrit.");
if (Post::b('erase_account')) {
XDB::execute('DELETE FROM accounts
WHERE uid = {?}', $uid);
$page->trigSuccess("L'utilisateur {$name} ({$uid}) a été supprimé de la base de données");
}
}
// Account Form {{{
require_once 'emails.inc.php';
$to_update = array();
if (Post::has('disable_weak_access')) {
$to_update['weak_password'] = null;
} else {
if (Post::has('update_account')) {
if (!$user->hasProfile()) {
require_once 'name.func.inc.php';
$name_update = false;
$lastname = capitalize_name(Post::t('lastname'));
$firstname = capitalize_name(Post::t('firstname'));
if ($lastname != $user->lastname) {
$to_update['lastname'] = $lastname;
$name_update = true;
}
if (Post::s('type') != 'virtual' && $firstname != $user->firstname) {
$to_update['firstname'] = $firstname;
$name_update = true;
}
if ($name_update) {
if (Post::s('type') == 'virtual') {
$firstname = '';
}
$to_update['full_name'] = build_full_name($firstname, $lastname);
$to_update['directory_name'] = build_directory_name($firstname, $lastname);
$to_update['sort_name'] = build_sort_name($firstname, $lastname);
}
if (Post::s('display_name') != $user->displayName()) {
$to_update['display_name'] = Post::s('display_name');
}
}
if (Post::s('sex') != ($user->isFemale() ? 'female' : 'male')) {
$to_update['sex'] = Post::s('sex');
if ($user->hasProfile()) {
XDB::execute('UPDATE profiles
SET sex = {?}
WHERE pid = {?}', Post::s('sex'), $user->profile()->id());
}
}
if (!Post::blank('pwhash')) {
$to_update['password'] = Post::s('pwhash');
require_once 'googleapps.inc.php';
$account = new GoogleAppsAccount($user);
if ($account->active() && $account->sync_password) {
$account->set_password(Post::s('pwhash'));
}
}
if (!Post::blank('weak_password')) {
$to_update['weak_password'] = Post::s('weak_password');
}
if (Post::i('token_access', 0) != ($user->token_access ? 1 : 0)) {
$to_update['token'] = Post::i('token_access') ? rand_url_id(16) : null;
}
if (Post::i('skin') != $user->skin) {
$to_update['skin'] = Post::i('skin');
if ($to_update['skin'] == 0) {
$to_update['skin'] = null;
}
}
if (Post::s('state') != $user->state) {
$to_update['state'] = Post::s('state');
}
if (Post::i('is_admin', 0) != ($user->is_admin ? 1 : 0)) {
$to_update['is_admin'] = Post::b('is_admin');
}
if (Post::s('type') != $user->type) {
$to_update['type'] = Post::s('type');
}
if (Post::i('watch', 0) != ($user->watch ? 1 : 0)) {
$to_update['flags'] = new PlFlagset();
$to_update['flags']->addFlag('watch', Post::i('watch'));
}
if (Post::t('comment') != $user->comment) {
$to_update['comment'] = Post::blank('comment') ? null : Post::t('comment');
}
$new_email = strtolower(Post::t('email'));
if (require_email_update($user, $new_email)) {
$to_update['email'] = $new_email;
$listClient->change_user_email($user->forlifeEmail(), $new_email);
update_alias_user($user->forlifeEmail(), $new_email);
}
}
}
if (!empty($to_update)) {
$res = XDB::query('SELECT *
FROM accounts
WHERE uid = {?}', $user->id());
$oldValues = $res->fetchAllAssoc();
$oldValues = $oldValues[0];
$set = array();
$diff = array();
foreach ($to_update as $k => $value) {
$value = XDB::format('{?}', $value);
$set[] = $k . ' = ' . $value;
$diff[$k] = array($oldValues[$k], trim($value, "'"));
unset($oldValues[$k]);
}
XDB::rawExecute('UPDATE accounts
SET ' . implode(', ', $set) . '
WHERE uid = ' . XDB::format('{?}', $user->id()));
$page->trigSuccess('Données du compte mise à jour avec succès');
$user = User::getWithUID($user->id());
/* Formats the $diff and send it to the site administrators. The rules are the folowing:
* -formats: password, token, weak_password
*/
foreach (array('password', 'token', 'weak_password') as $key) {
if (isset($diff[$key])) {
$diff[$key] = array('old value', 'new value');
} else {
$oldValues[$key] = 'old value';
}
}
$mail = new PlMailer('admin/useredit.mail.tpl');
$mail->assign('admin', S::user()->hruid);
$mail->assign('hruid', $user->hruid);
$mail->assign('diff', $diff);
$mail->assign('oldValues', $oldValues);
$mail->send();
}
// }}}
// Profile form {{{
if (Post::has('add_profile') || Post::has('del_profile') || Post::has('owner')) {
if (Post::i('del_profile', 0) != 0) {
XDB::execute('DELETE FROM account_profiles
WHERE uid = {?} AND pid = {?}', $user->id(), Post::i('del_profile'));
XDB::execute('DELETE FROM profiles
WHERE pid = {?}', Post::i('del_profile'));
} else {
if (!Post::blank('new_profile')) {
$profile = Profile::get(Post::t('new_profile'));
if (!$profile) {
$page->trigError('Le profil ' . Post::t('new_profile') . ' n\'existe pas');
} else {
XDB::execute('INSERT IGNORE INTO account_profiles (uid, pid)
VALUES ({?}, {?})', $user->id(), $profile->id());
}
}
}
XDB::execute('UPDATE account_profiles
SET perms = IF(pid = {?}, CONCAT(perms, \',owner\'), REPLACE(perms, \'owner\', \'\'))
WHERE uid = {?}', Post::i('owner'), $user->id());
}
// }}}
// Email forwards form {{{
$redirect = $registered ? new Redirect($user) : null;
if (Post::has('add_fwd')) {
$email = Post::t('email');
if (!isvalid_email_redirection($email, $user)) {
$page->trigError("Email non valide: {$email}");
} else {
$redirect->add_email($email);
$page->trigSuccess("Ajout de {$email} effectué");
}
} else {
if (!Post::blank('del_fwd')) {
$redirect->delete_email(Post::t('del_fwd'));
} else {
if (!Post::blank('activate_fwd')) {
$redirect->modify_one_email(Post::t('activate_fwd'), true);
} else {
if (!Post::blank('deactivate_fwd')) {
$redirect->modify_one_email(Post::t('deactivate_fwd'), false);
} else {
if (Post::has('disable_fwd')) {
$redirect->disable();
} else {
if (Post::has('enable_fwd')) {
$redirect->enable();
} else {
if (!Post::blank('clean_fwd')) {
$redirect->clean_errors(Post::t('clean_fwd'));
}
}
}
}
}
}
}
// }}}
// Email alias form {{{
if (Post::has('add_alias')) {
// Splits new alias in user and fqdn.
$alias = Env::t('email');
if (strpos($alias, '@') !== false) {
list($alias, $domain) = explode('@', $alias);
} else {
$domain = $user->mainEmailDomain();
}
// Checks for alias' user validity.
if (!preg_match('/[-a-z0-9\\.]+/s', $alias)) {
$page->trigError("'{$alias}' n'est pas un alias valide");
}
// Eventually adds the alias to the right domain.
if ($domain == $globals->mail->alias_dom || $domain == $globals->mail->alias_dom2) {
$req = new AliasReq($user, $alias, 'Admin request', false);
if ($req->commit()) {
$page->trigSuccess("Nouvel alias '{$alias}@{$domain}' attribué.");
} else {
$page->trigError("Impossible d'ajouter l'alias '{$alias}@{$domain}', il est probablement déjà attribué.");
}
} elseif ($domain == $user->mainEmailDomain()) {
XDB::execute('INSERT INTO email_source_account (email, uid, domain, type, flags)
SELECT {?}, {?}, id, \'alias\', \'\'
FROM email_virtual_domains
WHERE name = {?}', $alias, $user->id(), $domain);
$page->trigSuccess("Nouvel alias '{$alias}' ajouté");
} else {
$page->trigError("Le domaine '{$domain}' n'est pas valide pour cet utilisateur.");
}
} else {
if (!Post::blank('del_alias')) {
$delete_alias = Post::t('del_alias');
list($email, $domain) = explode('@', $delete_alias);
XDB::execute('DELETE s
FROM email_source_account AS s
INNER JOIN email_virtual_domains AS m ON (s.domain = m.id)
INNER JOIN email_virtual_domains AS d ON (d.aliasing = m.id)
WHERE s.email = {?} AND s.uid = {?} AND d.name = {?} AND type != \'forlife\'', $email, $user->id(), $domain);
XDB::execute('UPDATE email_redirect_account AS r
INNER JOIN email_virtual_domains AS m ON (m.name = {?})
INNER JOIN email_virtual_domains AS d ON (d.aliasing = m.id)
SET r.rewrite = \'\'
WHERE r.uid = {?} AND r.rewrite = CONCAT({?}, \'@\', d.name)', $domain, $user->id(), $email);
fix_bestalias($user);
$page->trigSuccess("L'alias '{$delete_alias}' a été supprimé");
} else {
if (!Post::blank('best')) {
$best_alias = Post::t('best');
// First delete the bestalias flag from all this user's emails.
XDB::execute("UPDATE email_source_account\n SET flags = TRIM(BOTH ',' FROM REPLACE(CONCAT(',', flags, ','), ',bestalias,', ','))\n WHERE uid = {?}", $user->id());
// Then gives the bestalias flag to the given email.
list($email, $domain) = explode('@', $best_alias);
XDB::execute("UPDATE email_source_account\n SET flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'bestalias')\n WHERE uid = {?} AND email = {?}", $user->id(), $email);
// As having a non-null bestalias value is critical in
// plat/al's code, we do an a posteriori check on the
// validity of the bestalias.
fix_bestalias($user);
}
}
}
// }}}
// OpenId form {{{
if (Post::has('del_openid')) {
XDB::execute('DELETE FROM account_auth_openid
WHERE id = {?}', Post::i('del_openid'));
}
// }}}
// Forum form {{{
if (Post::has('b_edit')) {
XDB::execute("DELETE FROM forum_innd\n WHERE uid = {?}", $user->id());
if (Env::v('write_perm') != "" || Env::v('read_perm') != "" || Env::v('commentaire') != "") {
XDB::execute("INSERT INTO forum_innd\n SET ipmin = '0', ipmax = '4294967295',\n write_perm = {?}, read_perm = {?},\n comment = {?}, priority = '200', uid = {?}", Env::v('write_perm'), Env::v('read_perm'), Env::v('comment'), $user->id());
}
}
// }}}
$page->addJsLink('jquery.ui.xorg.js');
// Displays last login and last host information.
$res = XDB::query("SELECT start, host\n FROM log_sessions\n WHERE uid = {?} AND suid IS NULL\n ORDER BY start DESC\n LIMIT 1", $user->id());
list($lastlogin, $host) = $res->fetchOneRow();
$page->assign('lastlogin', $lastlogin);
$page->assign('host', $host);
// Display mailing lists
$page->assign('mlists', $listClient->get_all_user_lists($user->forlifeEmail()));
// Display active aliases.
$page->assign('virtuals', $user->emailGroupAliases());
$aliases = XDB::iterator("SELECT CONCAT(s.email, '@', d.name) AS email, (s.type = 'forlife') AS forlife,\n (s.email REGEXP '\\\\.[0-9]{2}\$') AS hundred_year,\n FIND_IN_SET('bestalias', s.flags) AS bestalias, s.expire,\n (s.type = 'alias_aux') AS alias\n FROM email_source_account AS s\n INNER JOIN email_virtual_domains AS d ON (s.domain = d.id)\n WHERE s.uid = {?}\n ORDER BY !alias, s.email", $user->id());
$page->assign('aliases', $aliases);
$page->assign('account_types', XDB::iterator('SELECT * FROM account_types ORDER BY type'));
$page->assign('skins', XDB::iterator('SELECT id, name FROM skins ORDER BY name'));
$page->assign('profiles', XDB::iterator('SELECT p.pid, p.hrpid, FIND_IN_SET(\'owner\', ap.perms) AS owner, p.ax_id
FROM account_profiles AS ap
INNER JOIN profiles AS p ON (ap.pid = p.pid)
WHERE ap.uid = {?}', $user->id()));
$page->assign('openid', XDB::iterator('SELECT id, url
FROM account_auth_openid
WHERE uid = {?}', $user->id()));
// Displays email redirection and the general profile.
if ($registered && $redirect) {
$page->assign('emails', $redirect->emails);
}
$page->assign('user', $user);
$page->assign('hasProfile', $user->hasProfile());
// Displays forum bans.
$res = XDB::query("SELECT write_perm, read_perm, comment\n FROM forum_innd\n WHERE uid = {?}", $user->id());
$bans = $res->fetchOneAssoc();
$page->assign('bans', $bans);
}
function send_warning_mail($title, $body = '')
{
global $globals;
$mailer = new PlMailer();
$mailer->setFrom("webmaster@" . $globals->mail->domain);
$mailer->addTo($globals->core->admin_email);
$mailer->setSubject("[Plat/al Security Alert] {$title}");
// Note: we can't do $session = var_export($_SESSION, true) as var_export
// doesn't handle circular dependency correctly.
ob_start();
var_dump($_SESSION);
$session = ob_get_clean();
$mailer->setTxtBody($body . "Identifiants de session :\n" . $session . "\n\n" . "Identifiants de connexion :\n" . var_export($_SERVER, true));
$mailer->send();
}
function unsubscribe(PlUser $user, $remember = false)
{
global $globals;
Group::unsubscribe($globals->asso('id'), $user->id(), $remember);
if ($globals->asso('notif_unsub')) {
$mailer = new PlMailer('xnetgrp/unsubscription-notif.mail.tpl');
$admins = $globals->asso()->iterToNotify();
while ($admin = $admins->next()) {
$mailer->addTo($admin);
}
$mailer->assign('group', $globals->asso('nom'));
$mailer->assign('user', $user);
$mailer->assign('selfdone', $user->id() == S::i('uid'));
$mailer->send();
}
$nl = Newsletter::forGroup($globals->asso('shortname'));
if (!is_null($nl)) {
$nl->unsubscribe(null, S::i('uid'));
}
$domain = $globals->asso('mail_domain');
if (!$domain) {
return true;
}
$mmlist = new MMList(S::user(), $domain);
$listes = $mmlist->get_lists($user->forlifeEmail());
$may_update = may_update();
$warning = false;
if (is_array($listes)) {
foreach ($listes as $liste) {
if ($liste['sub'] == 2) {
if ($may_update) {
$mmlist->mass_unsubscribe($liste['list'], array($user->forlifeEmail()));
} else {
$mmlist->unsubscribe($liste['list']);
}
} elseif ($liste['sub']) {
Platal::page()->trigWarning($user->fullName() . " a une" . " demande d'inscription en cours sur la" . " liste {$liste['list']}@ !");
$warning = true;
}
}
}
XDB::execute('DELETE v
FROM email_virtual AS v
INNER JOIN email_virtual_domains AS d ON (v.domain = d.id)
WHERE v.redirect = {?} AND d.name = {?}', $user->forlifeEmail(), $domain);
return !$warning;
}
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
require 'connect.db.inc.php';
$message = '';
$res = XDB::iterRow("SELECT DATE(a.registration_date), a.hruid, GROUP_CONCAT(DISTINCT r.redirect SEPARATOR ', ')\n FROM accounts AS a\n INNER JOIN account_profiles AS ap ON (ap.uid = a.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profile_display AS pd ON (ap.pid = pd.pid)\n LEFT JOIN email_source_account AS s ON (a.uid = s.uid)\n LEFT JOIN email_redirect_account AS r ON (a.uid = r.uid)\n WHERE a.registration_date > {?}\n GROUP BY a.hruid\n ORDER BY pd.promo", date("Ymd000000", strtotime('last Monday')));
if ($count = $res->total()) {
$message .= "{$count} INSCRIPTIONS CONFIRMÉES CETTE SEMAINE :\n";
while (list($date, $hruid, $email, $redirect) = $res->next()) {
$message .= "{$date}, {$hruid}, {$email}, {$redirect}\n";
}
}
$res = XDB::iterRow("SELECT r.date, a.hruid, r.email\n FROM register_pending AS r\n INNER JOIN accounts AS a ON (a.uid = r.uid)\n INNER JOIN account_profiles AS ap ON (ap.uid = a.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profile_display AS pd ON (ap.pid = pd.pid)\n WHERE r.hash != 'INSCRIT'\n GROUP BY a.hruid\n ORDER BY pd.promo");
if ($count = $res->total()) {
$message .= "\n{$count} INSCRIPTIONS NON CONFIRMÉES :\n";
while (list($date, $hruid, $email) = $res->next()) {
$message .= "{$date}, {$hruid}, {$email}\n";
}
}
$res = XDB::query('SELECT COUNT(DISTINCT uid), COUNT(*)
FROM register_marketing');
list($a, $b) = $res->fetchOneRow();
$message .= "\nINSCRIPTIONS SOLLICITÉES :\n";
$message .= " {$a} utilisateurs\n {$b} adresses email\n";
$message .= "\n\n";
$mailer = new PlMailer();
$mailer->setSubject('Rapport des inscriptions de la semaine');
$mailer->setFrom($globals->register->notif);
$mailer->addTo($globals->register->notif);
$mailer->setTxtBody($message);
$mailer->send();
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
function handler_paypal_return($page, $uid = null)
{
$page->changeTpl('payment/retour_paypal.tpl');
/* reference banque (numero de transaction) */
$no_transaction = Env::s('tx');
/* token a renvoyer pour avoir plus d'information */
$clef = Env::s('sig');
/* code retour */
$status = Env::s('st');
/* raison */
$reason = $status == 'Pending' ? Env::s('pending_reason') : Env::s('reason_code');
/* reference complete de la commande */
$fullref = str_replace('%2d', '-', Env::s('cm'));
/* montant de la transaction */
$montant = Env::s('amt');
/* devise */
if (Env::s('cc') != 'EUR') {
cb_erreur("monnaie autre que l'euro");
}
/* on extrait le code de retour */
if ($status != "Completed") {
if ($status) {
paypal_erreur("erreur lors du paiement : {$status} - {$reason}");
} else {
paypal_erreur("Paiement annulé", false);
}
}
/* on extrait les informations sur l'utilisateur */
$user = User::get($uid);
if (!$user) {
paypal_erreur("uid invalide");
}
/* on extrait la reference de la commande */
if (!preg_match('/-xorg-([0-9]+)$/', $fullref, $matches)) {
paypal_erreur("référence de commande invalide");
}
$ref = $matches[1];
$res = XDB::query('SELECT mail, text, confirmation
FROM payments
WHERE id = {?}', $ref);
if (!(list($conf_mail, $conf_title, $conf_text) = $res->fetchOneRow())) {
paypal_erreur('référence de commande inconnue');
}
/* on fait l'insertion en base de donnees */
XDB::execute("INSERT INTO payment_transactions (id, method_id, uid, ref, fullref, ts_confirmed, amount, pkey, comment, status, display)\n VALUES ({?}, 1, {?}, {?}, {?}, NOW(), {?}, {?}, {?}, 'confirmed', {?})", $no_transaction, $user->id(), $ref, $fullref, $montant, $clef, Env::v('comment'), Get::i('display'));
// We check if it is an Xnet payment and then update the related ML.
$res = XDB::query('SELECT eid, asso_id
FROM group_events
WHERE paiement_id = {?}', $ref);
if ($res->numRows() == 1) {
list($eid, $asso_id) = $res->fetchOneRow();
require_once dirname(__FILE__) . '/xnetevents/xnetevents.inc.php';
$evt = get_event_detail($eid, false, $asso_id);
subscribe_lists_event($user->id(), $evt['short_name'], 1, $montant, true);
}
/* on genere le mail de confirmation */
$conf_text = str_replace(array('<prenom>', '<nom>', '<promo>', '<montant>', '<salutation>', '<cher>', '<comment>'), array($user->firstName(), $user->lastName(), $user->promo(), $montant, $user->isFemale() ? 'Chère' : 'Cher', $user->isFemale() ? 'Chère' : 'Cher', Env::v('comment')), $conf_text);
global $globals;
$mymail = new PlMailer();
$mymail->setFrom($conf_mail);
$mymail->addCc($conf_mail);
$mymail->setSubject($conf_title);
$mymail->setWikiBody($conf_text);
$mymail->sendTo($user);
/* on envoie les details de la transaction à telepaiement@ */
$mymail = new PlMailer();
$mymail->setFrom("webmaster@" . $globals->mail->domain);
$mymail->addTo($globals->money->email);
$mymail->setSubject($conf_title);
$msg = 'utilisateur : ' . $user->login() . ' (' . $user->id() . ')' . "\n" . 'mail : ' . $user->forlifeEmail() . "\n\n" . "paiement : {$conf_title} ({$conf_mail})\n" . "reference : {$champ200}\n" . "montant : {$montant}\n\n" . "dump de REQUEST:\n" . var_export($_REQUEST, true);
$mymail->setTxtBody($msg);
$mymail->send();
$page->assign('texte', $conf_text);
$page->assign('erreur', $erreur);
}
public function commit()
{
$res = XDB::query("SELECT MAX(id) FROM payments");
$id = $res->fetchOneCell() + 1;
$ret = XDB::execute('INSERT INTO payments (id, text, url, amount_def, amount_min, amount_max, mail, confirmation, asso_id, flags, rib_id)
VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})', $id, $this->titre, $this->site, $this->montant, $this->montant_min, $this->montant_max, $this->user->bestEmail(), $this->msg_reponse, $this->asso_id, $this->public ? 'public' : '', $this->rib_id);
if ($this->asso_id && $this->evt) {
XDB::execute("UPDATE group_events\n SET paiement_id = {?}\n WHERE asso_id = {?} AND eid = {?}", $id, $this->asso_id, $this->evt);
$res = XDB::query("SELECT a.nom, a.diminutif, e.intitule\n FROM groups AS a\n INNER JOIN group_events AS e ON (a.id = e.asso_id)\n WHERE e.eid = {?}", $this->evt);
list($nom, $diminutif, $evt) = $res->fetchOneRow();
require_once dirname(__FILE__) . '/../../modules/xnetevents/xnetevents.inc.php';
$participants = get_event_participants(get_event_detail($this->evt, false, $this->asso_id), null);
foreach ($participants as $u) {
if (!$u['notify_payment']) {
continue;
}
$topay = $u['montant'] - $u['paid'];
if ($topay > 0) {
$mailer = new PlMailer('xnetevents/newpayment.mail.tpl');
$mailer->addTo($u['user']);
$mailer->assign('asso', $nom);
$mailer->assign('diminutif', $diminutif);
$mailer->assign('evt', $evt);
$mailer->assign('eid', $this->evt);
$mailer->assign('prenom', $u['user']->firstName());
$mailer->send();
}
}
}
return $ret;
}
function handler_sub($page, $eid = null)
{
$this->load('xnetevents.inc.php');
$page->changeTpl('xnetevents/subscribe.tpl');
$evt = get_event($eid);
if (is_null($evt)) {
return PL_NOT_FOUND;
}
global $globals;
if (!$evt['inscr_open']) {
$page->kill('Les inscriptions pour cet événement sont closes');
}
if (!$evt['accept_nonmembre'] && !is_member() && !may_update()) {
$url = $globals->asso('sub_url');
if (empty($url)) {
$url = $platal->ns . $globals->asso('diminutif') . "/" . 'subscribe';
}
$page->kill('Cet événement est réservé aux membres du groupe ' . $globals->asso('nom') . '. Pour devenir membre, rends-toi sur la page de <a href="' . $url . '">demande d\'inscripton</a>.');
}
$res = XDB::query("SELECT stamp\n FROM requests\n WHERE type = 'paiements' AND data LIKE {?}", PayReq::same_event($eid, $globals->asso('id')));
$page->assign('validation', $res->numRows());
$page->assign('eid', $eid);
$page->assign('event', $evt);
$items = get_event_items($eid);
$subs = get_event_subscription($eid, S::v('uid'));
if (Post::has('submit')) {
S::assert_xsrf_token();
$moments = Post::v('moment', array());
$pers = Post::v('personnes', array());
$old_subs = $subs;
$subs = array();
foreach ($moments as $j => $v) {
$subs[$j] = intval($v);
// retrieve other field when more than one person
if ($subs[$j] == 2) {
if (!isset($pers[$j]) || !is_numeric($pers[$j]) || $pers[$j] < 0) {
$page->trigError("Tu dois choisir un nombre d'invités correct !");
return;
}
$subs[$j] = $pers[$j];
}
}
// count what the user must pay, and what he manually paid
$manual_paid = 0;
foreach ($items as $item_id => $item) {
if (array_key_exists($item_id, $old_subs)) {
$manual_paid += $old_subs[$item_id]['paid'];
}
}
// impossible to unsubscribe if you already paid sthing
if (!array_sum($subs) && $manual_paid != 0) {
$page->trigError("Impossible de te désinscrire complètement " . "parce que tu as fait un paiement par " . "chèque ou par liquide. Contacte un " . "administrateur du groupe si tu es sûr de " . "ne pas venir.");
$updated = false;
} else {
// update actual inscriptions
$updated = subscribe(S::v('uid'), $eid, $subs);
}
if ($updated) {
$evt = get_event_detail($eid);
if ($evt['topay'] > 0) {
$page->trigSuccess('Ton inscription à l\'événement a été mise à jour avec succès, tu peux payer ta participation en cliquant ci-dessous');
} else {
$page->trigSuccess('Ton inscription à l\'événement a été mise à jour avec succès.');
}
if ($evt['subscription_notification'] != 'nobody') {
$mailer = new PlMailer('xnetevents/subscription-notif.mail.tpl');
if ($evt['subscription_notification'] != 'creator') {
$admins = $globals->asso()->iterAdmins();
while ($admin = $admins->next()) {
$mailer->addTo($admin);
}
}
if ($evt['subscription_notification'] != 'animator') {
$mailer->addTo($evt['organizer']);
}
$mailer->assign('group', $globals->asso('nom'));
$mailer->assign('event', $evt['intitule']);
$mailer->assign('subs', $subs);
$mailer->assign('moments', $evt['moments']);
$mailer->assign('name', S::user()->fullName('promo'));
$mailer->send();
}
}
}
$subs = get_event_subscription($eid, S::v('uid'));
// count what the user must pay
$topay = 0;
$manually_paid = 0;
foreach ($items as $item_id => $item) {
if (array_key_exists($item_id, $subs)) {
$topay += $item['montant'] * $subs[$item_id]['nb'];
$manually_paid += $subs[$item_id]['paid'];
}
}
$paid = $manually_paid + get_event_telepaid($eid, S::v('uid'));
$page->assign('moments', $items);
$page->assign('subs', $subs);
$page->assign('topay', $topay);
$page->assign('paid', $paid);
}
public function save($notify_ungeocoded = true)
{
if (!$this->isEmpty()) {
XDB::execute('INSERT IGNORE INTO profile_addresses (pid, jobid, groupid, type, id, flags, text, postalText, pub, comment,
types, formatted_address, location_type, partial_match, latitude, longitude,
southwest_latitude, southwest_longitude, northeast_latitude, northeast_longitude,
geocoding_date, geocoding_calls, postal_code_fr)
VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?},
{?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, NOW(), {?}, {?})', $this->pid, $this->jobid, $this->groupid, $this->type, $this->id, $this->flags, $this->text, $this->postalText, $this->pub, $this->comment, $this->types, $this->formatted_address, $this->location_type, $this->partial_match, $this->latitude, $this->longitude, $this->southwest_latitude, $this->southwest_longitude, $this->northeast_latitude, $this->northeast_longitude, $this->geocoding_calls, $this->postal_code_fr);
// In an ideal world there would not be any components to clean up before insertion.
// In real world, it happens that some addresses are badly removed and this query removes the leaked trash.
XDB::execute('DELETE FROM profile_addresses_components
WHERE pid = {?} AND jobid = {?} AND groupid = {?} AND type = {?} AND id = {?}', $this->pid, $this->jobid, $this->groupid, $this->type, $this->id);
if ($this->componentsIds) {
foreach (explode(',', $this->componentsIds) as $component_id) {
XDB::execute('INSERT IGNORE INTO profile_addresses_components (pid, jobid, groupid, type, id, component_id)
VALUES ({?}, {?}, {?}, {?}, {?}, {?})', $this->pid, $this->jobid, $this->groupid, $this->type, $this->id, $component_id);
}
} elseif ($notify_ungeocoded) {
// If the address was not geocoded, notifies it to the appropriate ML.
$mailer = new PlMailer('profile/no_geocoding.mail.tpl');
$mailer->assign('text', $this->text);
$mailer->assign('primary_key', $this->pid . '-' . $this->jobid . '-' . $this->groupid . '-' . $this->type . '-' . $this->id);
$mailer->send();
}
if ($this->type == self::LINK_PROFILE) {
Phone::savePhones($this->phones, $this->pid, Phone::LINK_ADDRESS, $this->id);
}
if ($this->request) {
$req = new AddressReq(S::user(), $this->toFormArray(), $this->pid, $this->jobid, $this->groupid, $this->type, $this->id);
$req->submit();
}
if ($this->pid != 0) {
self::updateBestMail($this->pid);
}
}
}
public function commit()
{
global $globals;
$email = $this->m_user->bestEmail();
XDB::execute('UPDATE email_redirect_account
SET flags = \'active\', broken_level = 2
WHERE uid = {?} AND redirect = {?}', $this->m_user->id(), $this->m_email);
if (XDB::affectedRows() > 0) {
$this->m_reactive = true;
$mailer = new PlMailer();
$mailer->setFrom('"Association Polytechnique.org" <register@' . $globals->mail->domain . '>');
$mailer->addTo($email);
$mailer->setSubject("Mise à jour de ton adresse {$email}");
$mailer->setTxtBody(wordwrap("Cher Camarade,\n\n" . "Ton adresse {$email} étant en panne et ayant été informés que ta redirection {$this->m_email}, jusqu'à présent inactive, " . "est fonctionnelle, nous venons de réactiver cette adresse.\n\n" . "N'hésite pas à aller gérer toi-même tes redirections en te rendant à la page :\n" . "https://www.polytechnique.org/emails/redirect\n" . "Si tu as perdu ton mot de passe d'accès au site, tu peux également effectuer la procédure de récupération à l'adresse :\n" . "https://www.polytechnique.org/recovery\n\n" . "-- \nTrès Cordialement,\nL'Équipe de Polytechnique.org\n"));
$mailer->send();
return true;
}
if ($this->m_user->email) {
$subject = "Ton adresse {$email} semble ne plus fonctionner";
$reason = "Nous avons été informés que ton adresse {$email} ne fonctionne plus correctement par un camarade";
} else {
$res = XDB::iterRow('SELECT redirect
FROM email_redirect_account
WHERE uid = {?} AND flags = \'broken\'', $this->m_user->id());
$redirect = array();
while (list($red) = $res->next()) {
list(, $redirect[]) = explode('@', $red);
}
$subject = "Ton adresse {$email} ne fonctionne plus";
$reason = "Ton adresse {$email} ne fonctionne plus";
if (!count($redirect)) {
$reason .= '.';
} elseif (count($redirect) == 1) {
$reason .= ' car sa redirection vers ' . $redirect[0] . ' est hors-service depuis plusieurs mois.';
} else {
$reason .= ' car ses redirections vers ' . implode(', ', $redirect) . ' sont hors-services depuis plusieurs mois.';
}
}
$body = ($this->m_user->isFemale() ? 'Chère ' : 'Cher ') . $this->m_user->displayName() . ",\n\n" . $reason . "\n\n" . "L'adresse {$this->m_email} nous a été communiquée, veux-tu que cette adresse devienne ta nouvelle " . "adresse de redirection ? Si oui, envoie nous des informations qui " . "nous permettront de nous assurer de ton identité (par exemple ta date de naissance et ta promotion).\n\n" . "-- \nTrès Cordialement,\nL'Équipe de Polytechnique.org\n";
$body = wordwrap($body, 78);
$mailer = new PlMailer();
$mailer->setFrom('"Association Polytechnique.org" <register@' . $globals->mail->domain . '>');
$mailer->addTo($this->m_email);
$mailer->setSubject($subject);
$mailer->setTxtBody($body);
return $mailer->send();
}
}
if ($profile->mainEducation() == 'X' && $data['cat'] == Group::CAT_PROMOTIONS) {
$promoGroup = $promoGroup || $data['diminutif'] == $profile->yearpromo();
}
}
$group = '';
if (count($groupx)) {
$group = $groupx[array_rand($groupx)];
} elseif (count($binets)) {
$group = $binets[array_rand($binets)];
}
$mailer->assign('group', $group);
$mailer->assign('promoGroup', $promoGroup);
//In testing phase, only send to Polytechnique.org members
if ($user->inGroup(Group::get('Polytechnique.org')->id)) {
$mailer->sendTo($user);
// We want to keep trace of the emails sent
$liste .= $user->fullName(true) . "\n";
$count_mail += 1;
}
unset($mailer);
unset($user);
}
$texte = "L'email anniversaire a bien été envoyé à {$count_mail} destinataires.\n\n" . "La liste des destinataires pour le " . date("d/m/Y") . " est la suivante :\n" . $liste;
$mailer = new PlMailer();
$mailer->addTo("*****@*****.**");
$mailer->setFrom('"Webmaster Polytechnique.org" <*****@*****.**>');
$mailer->setSubject("Envoi de l'email anniversaire");
$mailer->setTxtBody($texte);
$mailer->send();
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
private function getPlacemarkFromJson(array $data, $url)
{
// Check for geocoding status.
$status = $data['status'];
// If no result, return null.
if ($status == 'ZERO_RESULTS') {
return null;
}
// If there are results return the first one.
if ($status == 'OK') {
return $data['results'][0];
}
// Report the error.
$mailer = new PlMailer('profile/geocoding.mail.tpl');
$mailer->assign('status', $status);
$mailer->assign('url', $url);
$mailer->send();
return null;
}
public static function relance(PlUser $user, $nbx = -1)
{
global $globals;
if ($nbx < 0) {
$nbx = $globals->core->NbIns;
}
$res = XDB::fetchOneCell('SELECT r.date, r.email, r.bestalias
FROM register_pending
WHERE r.hash = \'INSCRIT\' AND uid = {?}', $user->id());
if (!$res) {
return false;
} else {
list($date, $email, $alias) = $res;
}
$hash = rand_url_id(12);
$pass = rand_pass();
$pass_encrypted = sha1($pass);
$fdate = strftime('%d %B %Y', strtotime($date));
$mymail = new PlMailer('marketing/relance.mail.tpl');
$mymail->assign('nbdix', $nbx);
$mymail->assign('fdate', $fdate);
$mymail->assign('lusername', $alias);
$mymail->assign('nveau_pass', $pass);
$mymail->assign('baseurl', $globals->baseurl);
$mymail->assign('lins_id', $hash);
$mymail->assign('lemail', $email);
$mymail->assign('subj', ucfirst($globals->mail->domain) . ' : ' . $alias);
$mymail->send();
XDB::execute('UPDATE register_pending
SET hash={?}, password={?}, relance=NOW()
WHERE uid={?}', $hash, $pass_encrypted, $user->id());
return $user->fullName();
}
function handler_end($page, $hash = null)
{
global $globals;
$_SESSION['subState'] = array('step' => 5);
// Reject registration requests from unsafe IP addresses (and remove the
// registration information from the database, to prevent IP changes).
if (check_ip('unsafe')) {
send_warning_mail('Une IP surveillée a tenté de finaliser son inscription.');
XDB::execute("DELETE FROM register_pending\n WHERE hash = {?} AND hash != 'INSCRIT'", $hash);
return PL_FORBIDDEN;
}
// Retrieve the pre-registration information using the url-provided
// authentication token.
$res = XDB::query("SELECT r.uid, p.pid, r.forlife, r.bestalias, r.mailorg2,\n r.password, r.email, r.services, r.naissance,\n ppn.lastname_initial, ppn.firstname_initial, pe.promo_year,\n pd.promo, p.sex, p.birthdate_ref, a.type, a.email AS old_account_email\n FROM register_pending AS r\n INNER JOIN accounts AS a ON (r.uid = a.uid)\n INNER JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profiles AS p ON (p.pid = ap.pid)\n INNER JOIN profile_public_names AS ppn ON (ppn.pid = p.pid)\n INNER JOIN profile_display AS pd ON (p.pid = pd.pid)\n INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n WHERE hash = {?} AND hash != 'INSCRIT' AND a.state = 'pending'", $hash);
if (!$hash || $res->numRows() == 0) {
$page->kill("<p>Cette adresse n'existe pas, ou plus, sur le serveur.</p>\n <p>Causes probables :</p>\n <ol>\n <li>Vérifie que tu visites l'adresse du dernier\n email reçu s'il y en a eu plusieurs.</li>\n <li>Tu as peut-être mal copié l'adresse reçue par\n email, vérifie-la à la main.</li>\n <li>Tu as peut-être attendu trop longtemps pour\n confirmer. Les pré-inscriptions sont annulées\n tous les 30 jours.</li>\n <li>Tu es en fait déjà inscrit.</li>\n </ol>");
}
list($uid, $pid, $forlife, $bestalias, $emailXorg2, $password, $email, $services, $birthdate, $lastname, $firstname, $yearpromo, $promo, $sex, $birthdate_ref, $type, $old_account_email) = $res->fetchOneRow();
$isX = $type == 'x';
$mail_domain = User::$sub_mail_domains[$type] . $globals->mail->domain;
// Prepare the template for display.
$page->changeTpl('register/end.tpl');
$page->assign('forlife', $forlife);
$page->assign('firstname', $firstname);
// Check if the user did enter a valid password; if not (or if none is found),
// get her an information page.
if (Post::has('response')) {
$expected_response = sha1("{$forlife}:{$password}:" . S::v('challenge'));
if (Post::v('response') != $expected_response) {
$page->trigError("Mot de passe invalide.");
S::logger($uid)->log('auth_fail', 'bad password (register/end)');
return;
}
} else {
return;
}
//
// Create the user account.
//
XDB::startTransaction();
XDB::execute("UPDATE accounts\n SET password = {?}, state = 'active',\n registration_date = NOW(), email = NULL\n WHERE uid = {?}", $password, $uid);
XDB::execute("UPDATE profiles\n SET birthdate = {?}, last_change = NOW()\n WHERE pid = {?}", $birthdate, $pid);
XDB::execute('INSERT INTO email_source_account (email, uid, type, flags, domain)
SELECT {?}, {?}, \'forlife\', \'\', id
FROM email_virtual_domains
WHERE name = {?}', $forlife, $uid, $mail_domain);
XDB::execute('INSERT INTO email_source_account (email, uid, type, flags, domain)
SELECT {?}, {?}, \'alias\', \'bestalias\', id
FROM email_virtual_domains
WHERE name = {?}', $bestalias, $uid, $mail_domain);
if ($emailXorg2) {
XDB::execute('INSERT INTO email_source_account (email, uid, type, flags, domain)
SELECT {?}, {?}, \'alias\', \'\', id
FROM email_virtual_domains
WHERE name = {?}', $emailXorg2, $uid, $mail_domain);
}
XDB::commit();
// Try to start a session (so the user don't have to log in); we will use
// the password available in Post:: to authenticate the user.
Platal::session()->start(AUTH_PASSWD);
// Add the registration email address as first and only redirection.
require_once 'emails.inc.php';
$user = User::getSilentWithUID($uid);
$redirect = new Redirect($user);
$redirect->add_email($email);
fix_bestalias($user);
// If the user was registered to some aliases and MLs, we must change
// the subscription to her forlife email.
if ($old_account_email) {
$listClient = new MMList($user);
$listClient->change_user_email($old_account_email, $user->forlifeEmail());
update_alias_user($old_account_email, $user->forlifeEmail());
}
// Subscribe the user to the services she did request at registration time.
require_once 'newsletter.inc.php';
foreach (explode(',', $services) as $service) {
switch ($service) {
case 'ax_letter':
/* This option is deprecated by 'com_letters' */
NewsLetter::forGroup(NewsLetter::GROUP_AX)->subscribe($user);
break;
case 'com_letters':
NewsLetter::forGroup(NewsLetter::GROUP_AX)->subscribe($user);
NewsLetter::forGroup(NewsLetter::GROUP_EP)->subscribe($user);
NewsLetter::forGroup(NewsLetter::GROUP_FX)->subscribe($user);
break;
case 'nl':
NewsLetter::forGroup(NewsLetter::GROUP_XORG)->subscribe($user);
break;
case 'imap':
Email::activate_storage($user, 'imap', Bogo::IMAP_DEFAULT);
break;
case 'ml_promo':
if ($isX) {
$r = XDB::query('SELECT id FROM groups WHERE diminutif = {?}', $yearpromo);
if ($r->numRows()) {
$asso_id = $r->fetchOneCell();
XDB::execute('INSERT IGNORE INTO group_members (uid, asso_id)
VALUES ({?}, {?})', $uid, $asso_id);
try {
MailingList::subscribePromo($yearpromo, $user);
} catch (Exception $e) {
PlErrorReport::report($e);
$page->trigError("L'inscription à la liste promo" . $yearpromo . " a échouée.");
}
}
}
break;
}
}
// Log the registration in the user session.
S::logger($uid)->log('inscription', $email);
XDB::execute("UPDATE register_pending\n SET hash = 'INSCRIT'\n WHERE uid = {?}", $uid);
// Congratulate our newly registered user by email.
$mymail = new PlMailer('register/success.mail.tpl');
$mymail->addTo("\"{$user->fullName()}\" <{$user->forlifeEmail()}>");
if ($isX) {
$mymail->setSubject('Bienvenue parmi les X sur le web !');
} else {
$mymail->setSubject('Bienvenue sur Polytechnique.org !');
}
$mymail->assign('forlife', $forlife);
$mymail->assign('firstname', $firstname);
$mymail->send();
// Index the user, to allow her to appear in searches.
Profile::rebuildSearchTokens($pid);
// Notify other users which were watching for her arrival.
XDB::execute('INSERT INTO contacts (uid, contact)
SELECT uid, {?}
FROM watch_nonins
WHERE ni_id = {?}', $pid, $uid);
XDB::execute('DELETE FROM watch_nonins
WHERE ni_id = {?}', $uid);
Platal::session()->updateNbNotifs();
// Forcibly register the new user on default forums.
$registeredForums = array('xorg.general', 'xorg.pa.divers', 'xorg.pa.logements');
if ($isX) {
$promoForum = 'xorg.promo.' . strtolower($promo);
$exists = XDB::fetchOneCell('SELECT COUNT(*)
FROM forums
WHERE name = {?}', $promoForum);
if ($exists == 0) {
// Notify the newsgroup admin of the promotion forum needs be created.
$promoFull = new UserFilter(new UFC_Promo('=', UserFilter::DISPLAY, $promo));
$promoRegistered = new UserFilter(new PFC_And(new UFC_Promo('=', UserFilter::DISPLAY, $promo), new UFC_Registered(true), new PFC_Not(new UFC_Dead())));
if ($promoRegistered->getTotalCount() > 0.2 * $promoFull->getTotalCount()) {
$mymail = new PlMailer('admin/forums-promo.mail.tpl');
$mymail->assign('promo', $promo);
$mymail->send();
}
} else {
$registeredForums[] = $promoForum;
}
}
foreach ($registeredForums as $forum) {
XDB::execute("INSERT INTO forum_subs (fid, uid)\n SELECT fid, {?}\n FROM forums\n WHERE name = {?}", $uid, $val);
}
// Update the global registration count stats.
$globals->updateNbIns();
//
// Update collateral data sources, and inform watchers by email.
//
// Email the referrer(s) of this new user.
$res = XDB::iterRow("SELECT sender, GROUP_CONCAT(email SEPARATOR ', ') AS mails, MAX(last) AS lastDate\n FROM register_marketing\n WHERE uid = {?}\n GROUP BY sender\n ORDER BY lastDate DESC", $uid);
XDB::execute("UPDATE register_mstats\n SET success = NOW()\n WHERE uid = {?}", $uid);
$market = array();
while (list($senderid, $maketingEmails, $lastDate) = $res->next()) {
$sender = User::getWithUID($senderid);
$market[] = " - par {$sender->fullName()} sur {$maketingEmails} (le plus récemment le {$lastDate})";
$mymail = new PlMailer('register/marketer.mail.tpl');
$mymail->setSubject("{$firstname} {$lastname} s'est inscrit à Polytechnique.org !");
$mymail->setTo($sender);
$mymail->assign('sender', $sender);
$mymail->assign('firstname', $firstname);
$mymail->assign('lastname', $lastname);
$mymail->assign('promo', $promo);
$mymail->assign('sex', $sex);
$mymail->setTxtBody(wordwrap($msg, 72));
$mymail->send();
}
// Email the plat/al administrators about the registration.
if ($globals->register->notif) {
$mymail = new PlMailer('register/registration.mail.tpl');
$mymail->setSubject("Inscription de {$firstname} {$lastname} ({$promo})");
$mymail->assign('firstname', $firstname);
$mymail->assign('lastname', $lastname);
$mymail->assign('promo', $promo);
$mymail->assign('sex', $sex);
$mymail->assign('birthdate', $birthdate);
$mymail->assign('birthdate_ref', $birthdate_ref);
$mymail->assign('forlife', $forlife);
$mymail->assign('email', $email);
$mymail->assign('logger', S::logger());
if (count($market) > 0) {
$mymail->assign('market', implode("\n", $market));
}
$mymail->setTxtBody($msg);
$mymail->send();
}
// Remove old pending marketing requests for the new user.
Marketing::clear($uid);
pl_redirect('profile/edit');
}
/**
* Clears a user.
* *always deletes in: account_lost_passwords, register_marketing,
* register_pending, register_subs, watch_nonins, watch, watch_promo, watch_group,
* *always keeps in: account_types, accounts, email_virtual, carvas,
* group_members, homonyms_list, newsletter_ins, register_mstats, email_source_account
* *deletes if $clearAll: account_auth_openid, announce_read, contacts,
* email_redirect_account, email_redirect_account, email_send_save, forum_innd, forum_profiles,
* forum_subs, gapps_accounts, gapps_nicknames, group_announces_read,
* group_member_sub_requests, reminder, requests, requests_hidden,
* email_virtual, ML
* *modifies if $clearAll: accounts
*
* Use cases:
* *$clearAll == false: when a user dies, her family still needs to keep in
* touch with the community.
* *$clearAll == true: in every other case we want the account to be fully
* deleted so that it can not be used anymore.
*/
public function clear($clearAll = true)
{
$tables = array('account_lost_passwords', 'register_marketing', 'register_pending', 'register_subs', 'watch_nonins', 'watch', 'watch_promo', 'watch_group');
foreach ($tables as $t) {
XDB::execute('DELETE FROM ' . $t . '
WHERE uid = {?}', $this->id());
}
if ($clearAll) {
global $globals;
$groupIds = XDB::iterator('SELECT asso_id
FROM group_members
WHERE uid = {?}', $this->id());
while ($groupId = $groupIds->next()) {
$group = Group::get($groupId);
if (!empty($group) && $group->notif_unsub) {
$mailer = new PlMailer('xnetgrp/unsubscription-notif.mail.tpl');
$admins = $group->iterAdmins();
while ($admin = $admins->next()) {
$mailer->addTo($admin);
}
$mailer->assign('group', $group->shortname);
$mailer->assign('user', $this);
$mailer->assign('selfdone', false);
$mailer->send();
}
}
$tables = array('account_auth_openid', 'announce_read', 'contacts', 'email_send_save', 'forum_innd', 'forum_profiles', 'forum_subs', 'group_announces_read', 'group_members', 'group_member_sub_requests', 'reminder', 'requests', 'requests_hidden');
foreach ($tables as $t) {
XDB::execute('DELETE FROM ' . $t . '
WHERE uid = {?}', $this->id());
}
XDB::execute('DELETE FROM email_redirect_account
WHERE uid = {?} AND type != \'homonym\'', $this->id());
XDB::execute('DELETE FROM email_virtual
WHERE redirect = {?}', $this->forlifeEmail());
foreach (array('gapps_accounts', 'gapps_nicknames') as $t) {
XDB::execute('DELETE FROM ' . $t . '
WHERE l_userid = {?}', $this->id());
}
XDB::execute("UPDATE accounts\n SET registration_date = 0, state = 'pending', password = NULL,\n weak_password = NULL, token = NULL, is_admin = 0\n WHERE uid = {?}", $this->id());
if ($globals->mailstorage->googleapps_domain) {
require_once 'googleapps.inc.php';
if (GoogleAppsAccount::account_status($this->id())) {
$account = new GoogleAppsAccount($this);
$account->suspend();
}
}
}
$mmlist = new MMList(S::user());
$mmlist->kill($this->forlife, $this->promo(), $clearAll);
}
}
$x_spam_flag = '';
if (preg_match('/^X-Spam-Flag: ([a-zA-Z]+), tests=bogofilter/m', substr($raw_mail, 0, $end_of_headers + 1), $matches)) {
$x_spam_flag = $matches[1];
}
if ($x_spam_flag == 'Unsure') {
$mailer = new PlMailer();
$mailer->addTo($type . '@' . $globals->mail->domain);
$mailer->setFrom('"' . $fullname . '" <web@' . $globals->mail->domain . '>');
$mailer->setTxtBody($type . ' soumis par ' . $fullname . ' via la modération de la liste ' . $list . '@' . $domain);
$mailer->addAttachment($raw_mail, 'message/rfc822', $type . '.mail', false);
$mailer->send();
}
// send feedback to the mailing list owners
if ($mlist->handleRequest($action, $mid, $reason)) {
$sent_mails += $count;
$texte = "Le message suivant :\n\n" . " Auteur: {$mail['sender']}\n" . " Sujet : « {$mail['subj']} »\n" . " Date : " . strftime("le %d %b %Y à %H:%M:%S", (int) $mail['stamp']) . "\n\n" . $append;
$mailer = new PlMailer();
$mailer->addTo("{$list}-owner@{$domain}");
$mailer->setFrom("{$list}-bounces@{$domain}");
$mailer->addHeader('Reply-To', "{$list}-owner@{$domain}");
$mailer->setSubject($subject);
$mailer->setTxtBody($texte);
$mailer->send();
}
// release the lock
XDB::execute('DELETE FROM email_list_moderate
WHERE handler = {?}', $handler);
sleep(60 * $count / $globals->lists->max_mail_per_min);
}
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
function handler_moderate($page, $liste = null)
{
if (is_null($liste)) {
return PL_NOT_FOUND;
}
$mlist = $this->prepare_list($liste);
if (!$this->is_group_admin($page)) {
$this->verify_list_owner($page, $mlist);
}
$page->changeTpl('lists/moderate.tpl');
$page->register_modifier('hdc', 'list_header_decode');
if (Env::has('sadd') || Env::has('sdel')) {
S::assert_xsrf_token();
if (Env::has('sadd')) {
// Ensure the moderated request is still active
$sub = $mlist->getPendingSubscription(Env::v('sadd'));
$mlist->handleRequest(MailingList::REQ_SUBSCRIBE, Env::v('sadd'));
$info = "validée";
}
if (Post::has('sdel')) {
// Ensure the moderated request is still active
$sub = $mlist->getPendingSubscription(Env::v('sdel'));
$mlist->handleRequest(MailingList::REQ_REJECT, Post::v('sdel'), Post::v('reason'));
$info = "refusée";
}
if ($sub) {
$mailer = new PlMailer();
$mailer->setFrom($mlist->getAddress(MailingList::KIND_BOUNCE));
$mailer->addTo($mlist->getAddress(MailingList::KIND_OWNER));
$mailer->addHeader('Reply-To', $mlist->getAddress(MailingList::KIND_OWNER));
$mailer->setSubject("L'inscription de {$sub['name']} a été {$info}");
$text = "L'inscription de {$sub['name']} à la liste " . $mlist->address . " a été {$info} par " . S::user()->fullName(true) . ".\n";
if (trim(Post::v('reason'))) {
$text .= "\nLa raison invoquée est :\n" . Post::v('reason');
}
$mailer->setTxtBody(wordwrap($text, 72));
$mailer->send();
}
if (Env::has('sadd')) {
pl_redirect('lists/moderate/' . $liste);
}
}
if (Post::has('moderate_mails') && Post::has('select_mails')) {
S::assert_xsrf_token();
$mails = array_keys(Post::v('select_mails'));
foreach ($mails as $mail) {
$this->moderate_mail($mlist, $mail);
}
} elseif (Env::has('mid')) {
if (Get::has('mid') && !Env::has('mok') && !Env::has('mdel')) {
require_once 'banana/moderate.inc.php';
$page->changeTpl('lists/moderate_mail.tpl');
$params = array('listname' => $mlist->mbox, 'domain' => $mlist->domain, 'artid' => Get::i('mid'), 'part' => Get::v('part'), 'action' => Get::v('action'));
$params['client'] = $this->prepare_client();
run_banana($page, 'ModerationBanana', $params);
$msg = file_get_contents('/etc/mailman/fr/refuse.txt');
$msg = str_replace("%(adminaddr)s", $mlist->getAddress(MailingList::KIND_OWNER), $msg);
$msg = str_replace("%(request)s", "<< SUJET DU MAIL >>", $msg);
$msg = str_replace("%(reason)s", "<< TON EXPLICATION >>", $msg);
$msg = str_replace("%(listname)s", $liste, $msg);
$page->assign('msg', $msg);
return;
}
$this->moderate_mail($mlist, Env::i('mid'));
} elseif (Env::has('sid')) {
if (list($subs, $mails) = $this->get_pending_ops($mlist)) {
foreach ($subs as $user) {
if ($user['id'] == Env::v('sid')) {
$page->changeTpl('lists/moderate_sub.tpl');
$page->assign('del_user', $user);
return;
}
}
}
}
if (list($subs, $mails) = $this->get_pending_ops($mlist)) {
foreach ($mails as $key => $mail) {
$mails[$key]['stamp'] = strftime("%Y%m%d%H%M%S", $mail['stamp']);
if ($mail['fromx']) {
$page->assign('with_fromx', true);
} else {
$page->assign('with_nonfromx', true);
}
}
$page->assign_by_ref('subs', $subs);
$page->assign_by_ref('mails', $mails);
} else {
$page->kill("La liste n'existe pas ou tu n'as pas le droit de la modérer.");
}
}
public function set_rewrite($rewrite)
{
if ($this->type != 'smtp' || $this->rewrite == $rewrite) {
return;
}
if (!$rewrite || !isvalid_email($rewrite)) {
$rewrite = '';
}
XDB::execute('UPDATE email_redirect_account
SET rewrite = {?}
WHERE uid = {?} AND redirect = {?} AND type = \'smtp\'', $rewrite, $this->user->id(), $this->email);
$this->rewrite = $rewrite;
if (!$this->allow_rewrite) {
global $globals;
if (empty($this->hash)) {
$this->hash = rand_url_id();
XDB::execute('UPDATE email_redirect_account
SET hash = {?}
WHERE uid = {?} AND redirect = {?} AND type = \'smtp\'', $this->hash, $this->user->id(), $this->email);
}
$mail = new PlMailer('emails/rewrite-in.mail.tpl');
$mail->assign('mail', $this);
$mail->assign('user', $this->user);
$mail->assign('baseurl', $globals->baseurl);
$mail->assign('sitename', $globals->core->sitename);
$mail->assign('to', $this->email);
$mail->send($this->user->isEmailFormatHtml());
}
}
while ($values = $res->next()) {
if ($values['pid'] != $pid) {
$mailer = new PlMailer('profile/notification.mail.tpl');
$mailer->addTo($user);
$mailer->assign('modifications', $modifications);
$mailer->assign('yourself', $yourself);
$mailer->assign('hrpid', $hrpid);
$mailer->assign('sex', $sex);
$mailer->assign('date', $date);
$mailer->send();
$modifications = array();
}
$pid = $values['pid'];
$sex = $values['sex'] == 'female' ? 1 : 0;
$yourself = $values['yourself'];
$user = User::getSilentWithUID($values['uid']);
$hrpid = $values['hrpid'];
$modifications[] = array('full_name' => $values['full_name'], 'field' => $values['field'], 'oldText' => $values['oldText'], 'newText' => $values['newText']);
}
$mailer = new PlMailer('profile/notification.mail.tpl');
$mailer->addTo($user);
$mailer->assign('modifications', $modifications);
$mailer->assign('yourself', $yourself);
$mailer->assign('hrpid', $hrpid);
$mailer->assign('sex', $sex);
$mailer->assign('date', $date);
$mailer->send();
XDB::execute('DELETE FROM profile_modifications
WHERE type = \'third_party\'');
}
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
} elseif ($age > 7) {
$head = "[Armageddon imminent] ";
} elseif ($age > 5) {
$head = "[Guerre nucléaire] ";
} elseif ($age > 3) {
$head = "[ET Téléphone maison] ";
} elseif ($age > 1) {
$head = "[Réveil !] ";
} elseif (!empty($nbveryold)) {
$head = "[Urgent] ";
}
if (empty($nb)) {
exit;
}
$plural = $nb == 1 ? '' : 's';
$mymail = new PlMailer();
$mymail->setFrom('validation@' . $globals->mail->domain);
$mymail->addTo('validation@' . $globals->mail->domain);
$mymail->setSubject($head . "Il y a {$nb} validation{$plural} non effectuée{$plural}");
$message = "Il y a {$nb} validation{$plural} à effectuer\n" . (empty($nbold) ? '' : "dont {$nbold} depuis le dernier mail !!!\n") . (empty($nbveryold) ? '' : "et dont *{$nbveryold}* " . ($nbveryold == 1 ? 'est' : 'sont') . ' en retard de plus de 6h !!!') . "\n" . "https://www.polytechnique.org/admin/validate\n\n" . "Par catégorie :\n";
$res = XDB::iterRow('SELECT type, count(*)
FROM requests
GROUP BY type
ORDER BY type');
while (list($type, $nb) = $res->next()) {
$message .= "- {$type} : {$nb}\n";
}
$message = wordwrap($message, 78);
$mymail->setTxtBody($message);
$mymail->send();
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
protected function sendmail($isok)
{
// Only sends email if the profile's owner exists and is registered.
if ($this->ownerIsRegistered) {
global $globals;
$mailer = new PlMailer();
$mailer->setSubject($this->_mail_subj());
$mailer->setFrom("validation+{$this->type}@{$globals->mail->domain}");
$mailer->addTo("\"{$this->profile->fullName()}\" <{$this->profileOwner->bestEmail()}>");
$mailer->addCc("validation+{$this->type}@{$globals->mail->domain}");
$body = ($this->profile->isFemale() ? "Chère camarade,\n\n" : "Cher camarade,\n\n") . $this->_mail_body($isok) . (Env::has('comm') ? "\n\n" . Env::v('comm') : '') . "\n\nCordialement,\n-- \nL'équipe de Polytechnique.org\n" . $this->_mail_ps($isok);
$mailer->setTxtBody(wordwrap($body));
$mailer->send();
}
}
function send_xnet_mails($from, $sujet, $body, $wiki, $tos, $replyto = null, $upload = null, $name = null)
{
global $globals;
$sent = array();
$mailer = new PlMailer();
$mailer->setSubject($sujet);
$mailer->setFrom($from);
if ($upload && $upload->exists()) {
$mailer->addUploadAttachment($upload, $name);
}
foreach ($tos as $user) {
if ($user instanceof User) {
$email = $user->bestEmail();
} else {
$email = $user;
}
if (!$email) {
continue;
}
if (!isset($sent[$email])) {
_send_xnet_mail($user, $body, $wiki, $mailer, $replyto);
$sent[$email] = true;
}
}
}