public function __construct(PlWizard $wiz)
{
parent::__construct($wiz);
$this->settings['addresses'] = new ProfileSettingAddresses();
$this->watched['addresses'] = true;
Platal::page()->assign('geocoding_removal', true);
}
function require_email_update(User $user, $new_email)
{
Platal::assert(!is_null($user), 'User cannot be null.');
$is_new = !$user->checkPerms(User::PERM_MAIL) && $new_email != strtolower($user->email);
if ($new_email && $is_new) {
$already = XDB::fetchOneCell('SELECT hruid
FROM accounts
WHERE email = {?} AND uid != {?}', $new_email, $user->id());
if ($already) {
Platal::page()->trigError("L'email ne peut pas être utilisé pour ce compte car il correspond déjà au compte : " . $already . ". Si l'utilisateur courant et cette personne ne sont en fait qu'une " . "seul et même personne, ou en cas de problème, contacter : contact@polytechnique.org");
return false;
}
}
return $is_new;
}
function paypal_erreur($text, $send = true)
{
global $erreur, $globals;
if ($erreur) {
return;
}
$erreur = $text;
if (!$send) {
return;
}
$mymail = new PlMailer();
$mymail->addTo($globals->money->email);
$mymail->setFrom("webmaster@" . $globals->mail->domain);
$mymail->setSubject("erreur lors d'un télépaiement (PayPal)");
$mymail->setTxtBody("raison de l'erreur : " . $text . "\n" . "paiement : {$conf_title} \n\n" . "dump de REQUEST :\n" . var_export($_REQUEST, true));
$mymail->send();
Platal::page()->trigError($text);
}
function init_igoogle_html($template, $auth = AUTH_PUBLIC)
{
$page =& Platal::page();
$page->changeTpl('gadgets/ig-skin.tpl', NO_SKIN);
$page->register_modifier('escape_html', 'escape_html');
$page->default_modifiers = array('@escape_html');
header('Accept-Charset: utf-8');
// Adds external JavaScript libraries provided by iGoogle to the page.
if (Env::has('libs')) {
$libs = preg_split('/,/', Env::s('libs'), -1, PREG_SPLIT_NO_EMPTY);
foreach ($libs as $lib) {
if (preg_match('@^[a-z0-9/._-]+$@i', $lib) && !preg_match('@([.][.])|([.]/)|(//)@', $lib)) {
$page->append('gadget_js', 'https://www.google.com/ig/f/' . $lib);
}
}
}
// Redirects the user to the login pagin if required.
if ($auth > S::v('auth', AUTH_PUBLIC)) {
$page->assign('gadget_tpl', 'gadgets/ig-login.tpl');
return false;
}
$page->assign('gadget_tpl', $template);
return true;
}
$edu_degree = $res->next();
while ($edu_degree['0'] == $eduid) {
$html .= ',' . $edu_degree['1'];
$edu_degree = $res->next();
}
}
$html .= ']';
if ($edu_degree) {
$html .= ",\n";
}
}
return $html;
}
Platal::page()->register_function('education_degree', 'education_degree');
/** affiche tous les types possibles de diplômes
*/
function education_degree_all()
{
$res = XDB::query("SELECT id\n FROM profile_education_degree_enum\n ORDER BY id");
return implode(',', $res->fetchColumn());
}
Platal::page()->register_function('education_degree_all', 'education_degree_all');
/** affiche les noms de tous les diplômes possibles
*/
function education_degree_name()
{
$res = XDB::query("SELECT degree\n FROM profile_education_degree_enum\n ORDER BY id");
return '"' . implode('","', $res->fetchColumn()) . '"';
}
Platal::page()->register_function('education_degree_name', 'education_degree_name');
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
public function __construct(PlWizard $wiz)
{
parent::__construct($wiz);
$this->settings['search_names'] = new ProfileSettingSearchNames();
$this->settings['nationality1'] = $this->settings['nationality2'] = $this->settings['nationality3'] = $this->settings['promo_display'] = $this->settings['profile_title'] = null;
$this->settings['email_directory'] = new ProfileSettingEmail();
$this->settings['email_directory_new'] = new ProfileSettingEmailDirectory();
$this->settings['tels'] = new ProfileSettingPhones();
$this->settings['edus'] = new ProfileSettingEdu();
$this->settings['main_edus'] = new ProfileSettingMainEdu();
$this->settings['promo'] = new ProfileSettingPromo();
$this->settings['networking'] = new ProfileSettingNetworking();
$this->settings['hobbies'] = new ProfileSettingHobby();
$this->watched = array('tels' => true, 'networking' => true, 'edus' => true, 'nationality1' => true, 'nationality2' => true, 'nationality3' => true, 'search_names' => true);
/* Some fields editable under condition */
if (!S::user()->isMe($this->owner)) {
$this->settings['deathdate'] = new ProfileSettingDate(true);
$this->settings['birthdate'] = new ProfileSettingDate(true);
$this->settings['birthdate_ref'] = new ProfileSettingDate(true);
$this->settings['axfreetext'] = null;
} else {
$this->settings['yourself'] = null;
$this->settings['birthdate'] = new ProfileSettingDate();
}
if (S::user()->checkPerms('directory_private') || S::user()->isMyProfile($this->owner)) {
$this->settings['freetext'] = null;
$this->settings['freetext_pub'] = $this->settings['photo_pub'] = new ProfileSettingPub();
$this->watched['freetext'] = true;
}
Platal::page()->assign('is_registered', $this->owner->perms ? true : false);
}
function form_prepare()
{
Platal::page()->assign('formulaire', 1);
}
/**
* to validate a form
*/
public function handle_form()
{
if (is_null($this->item)) {
return false;
}
// edit informations
if (Env::has('edit')) {
if ($this->item->handle_editor()) {
$this->update();
Platal::page()->assign('msg', 'Requête mise à jour');
return true;
}
return false;
}
// add a comment
if (Env::has('add_comm')) {
if (!strlen(Env::t('comm'))) {
return false;
}
$this->item->add_comment(S::user()->displayName(), Env::v('comm'));
$this->item->sendmailcomment($this->writer);
$this->update();
Platal::page()->assign('msg', 'Commentaire ajouté');
return true;
}
if (Env::has('accept')) {
if ($this->commit()) {
Platal::page()->assign('msg', 'Email de validation envoyé');
return true;
} else {
Platal::page()->assign('msg', 'Erreur lors de la validation');
return false;
}
}
if (Env::has('delete')) {
if (!Env::v('ans')) {
Platal::page()->assign('msg', 'Pas de motivation pour le refus !!!');
return false;
} else {
if ($this->item->delete()) {
$this->item->sendmailfinal(false);
$this->clean();
Platal::page()->assign('msg', 'Email de refus envoyé');
return true;
} else {
Platal::page()->assign('msg', 'Erreur lors de la suppression des données');
return false;
}
}
}
return false;
}
private function securityChecks()
{
$mail_subject = array();
if (check_account()) {
$mail_subject[] = 'Connexion d\'un utilisateur surveillé';
}
if (check_ip('unsafe')) {
$mail_subject[] = 'Une IP surveillee a tente de se connecter';
if (check_ip('ban')) {
send_warning_mail(implode(' - ', $mail_subject));
$this->destroy();
Platal::page()->kill('Une erreur est survenue lors de la procédure d\'authentification. ' . 'Merci de contacter au plus vite ' . '<a href="mailto:support@polytechnique.org">support@polytechnique.org</a>');
return false;
}
}
if (count($mail_subject)) {
send_warning_mail(implode(' - ', $mail_subject));
}
}
public function addMentorFilter($type)
{
$this->requireProfiles();
switch ($type) {
case self::MENTOR:
$this->pms['pm'] = 'profile_mentor';
return 'pm';
case self::MENTOR_EXPERTISE:
$this->pms['pme'] = 'profile_mentor';
return 'pme';
case self::MENTOR_COUNTRY:
$this->pms['pmc'] = 'profile_mentor_country';
return 'pmc';
case self::MENTOR_TERM:
$this->pms['pmt'] = 'profile_mentor_term';
$this->mjtr = true;
return 'mjtr';
default:
Platal::page()->killError("Undefined mentor filter.");
}
}
public function process(&$global_success)
{
$global_success = true;
$this->fetchData();
foreach ($this->settings as $field => &$setting) {
$success = false;
if (!is_null($setting)) {
$this->values[$field] = $setting->value($this, $field, Post::v($field, ''), $success);
} else {
$success = true;
$this->values[$field] = Post::v($field, '');
}
$this->errors[$field] = !$success;
$global_success = $global_success && $success;
}
if ($global_success) {
if ($this->checkChanges()) {
/* Save changes atomically to avoid inconsistent state
* in case of error.
*/
if (!XDB::runTransaction(array($this, 'saveData'))) {
$global_success = false;
return PlWizard::CURRENT_PAGE;
}
$this->markChange();
}
// XXX: removes this code once all merge related issues have been fixed.
static $issues = array(0 => array('name', 'promo', 'phone', 'education'), 1 => array('address'), 2 => array('job'));
if (isset($issues[Post::i('valid_page')])) {
foreach ($issues[Post::i('valid_page')] as $issue) {
XDB::execute("UPDATE profile_merge_issues\n SET issues = REPLACE(issues, {?}, '')\n WHERE pid = {?}", $issue, $this->pid());
}
}
return Post::has('next_page') ? PlWizard::NEXT_PAGE : PlWizard::CURRENT_PAGE;
}
$text = "Certains champs n'ont pas pu être validés, merci de corriger les informations " . (S::user()->isMe($this->owner) ? "de ton profil et de revalider ta demande." : "du profil et de revalider ta demande.");
Platal::page()->trigError($text);
return PlWizard::CURRENT_PAGE;
}
function unsubscribe(PlUser $user, $remember = false)
{
global $globals;
Group::unsubscribe($globals->asso('id'), $user->id(), $remember);
if ($globals->asso('notif_unsub')) {
$mailer = new PlMailer('xnetgrp/unsubscription-notif.mail.tpl');
$admins = $globals->asso()->iterToNotify();
while ($admin = $admins->next()) {
$mailer->addTo($admin);
}
$mailer->assign('group', $globals->asso('nom'));
$mailer->assign('user', $user);
$mailer->assign('selfdone', $user->id() == S::i('uid'));
$mailer->send();
}
$nl = Newsletter::forGroup($globals->asso('shortname'));
if (!is_null($nl)) {
$nl->unsubscribe(null, S::i('uid'));
}
$domain = $globals->asso('mail_domain');
if (!$domain) {
return true;
}
$mmlist = new MMList(S::user(), $domain);
$listes = $mmlist->get_lists($user->forlifeEmail());
$may_update = may_update();
$warning = false;
if (is_array($listes)) {
foreach ($listes as $liste) {
if ($liste['sub'] == 2) {
if ($may_update) {
$mmlist->mass_unsubscribe($liste['list'], array($user->forlifeEmail()));
} else {
$mmlist->unsubscribe($liste['list']);
}
} elseif ($liste['sub']) {
Platal::page()->trigWarning($user->fullName() . " a une" . " demande d'inscription en cours sur la" . " liste {$liste['list']}@ !");
$warning = true;
}
}
}
XDB::execute('DELETE v
FROM email_virtual AS v
INNER JOIN email_virtual_domains AS d ON (v.domain = d.id)
WHERE v.redirect = {?} AND d.name = {?}', $user->forlifeEmail(), $domain);
return !$warning;
}
protected function buildUFC(UserFilterBuilder $ufb)
{
$r = $s = $this->val;
/** Admin: Email, IP
*/
if (S::admin() && strpos($s, '@') !== false) {
return new UFC_Email($s);
} else {
if (S::admin() && preg_match('/[0-9]+\\.([0-9]+|%)\\.([0-9]+|%)\\.([0-9]+|%)/', $s)) {
return new UFC_Ip($s);
}
}
$conds = new PFC_And();
/** Name
*/
$s = preg_replace('!\\d+!', ' ', $s);
$strings = preg_split("![^a-z%]+!i", $s, -1, PREG_SPLIT_NO_EMPTY);
foreach ($strings as $key => $string) {
if (strlen($string) < 2) {
unset($strings[$key]);
}
}
if (count($strings) > 5) {
Platal::page()->trigWarning("Tu as indiqué trop d'éléments dans ta recherche, seuls les 5 premiers seront pris en compte");
$strings = array_slice($strings, 0, 5);
}
if (count($strings)) {
if (S::user() != null && S::user()->checkPerms('directory_private')) {
$flags = array();
} else {
$flags = array('public');
}
$exact = $ufb->b('exact');
$conds->addChild(new UFC_NameTokens($strings, $flags, $ufb->b('with_soundex'), $exact));
$ufb->addOrder(new UFO_Score());
}
/** Promo ranges
*/
$s = preg_replace('! *- *!', '-', $r);
$s = preg_replace('!([<>]) *!', ' \\1', $s);
$s = preg_replace('![^0-9xmd\\-><]!i', ' ', $s);
$s = preg_replace('![<>\\-] !', '', $s);
$ranges = preg_split('! +!', strtolower($s), -1, PREG_SPLIT_NO_EMPTY);
$grades = array('' => UserFilter::GRADE_ING, 'x' => UserFilter::GRADE_ING, 'm' => UserFilter::GRADE_MST, 'd' => UserFilter::GRADE_PHD);
foreach ($ranges as $r) {
if (preg_match('!^([xmd]?)(\\d{4})$!', $r, $matches)) {
$conds->addChild(new UFC_Promo('=', $grades[$matches[1]], $matches[2]));
} elseif (preg_match('!^([xmd]?)(\\d{4})-\\1(\\d{4})$!', $r, $matches)) {
$p1 = min(intval($matches[2]), intval($matches[3]));
$p2 = max(intval($matches[2]), intval($matches[3]));
$conds->addChild(new PFC_And(new UFC_Promo('>=', $grades[$matches[1]], $p1), new UFC_Promo('<=', $grades[$matches[1]], $p2)));
} elseif (preg_match('!^<([xmd]?)(\\d{4})!', $r, $matches)) {
$conds->addChild(new UFC_Promo('<=', $grades[$matches[1]], $matches[2]));
} elseif (preg_match('!^>([xmd]?)(\\d{4})!', $r, $matches)) {
$conds->addChild(new UFC_Promo('>=', $grades[$matches[1]], $matches[2]));
}
}
/** Phone number
*/
$t = preg_replace('!([xmd]?\\d{4}-|>|<|)[xmd]?\\d{4}!i', '', $s);
$t = preg_replace('![<>\\- ]!', '', $t);
if (strlen($t) > 4) {
$conds->addChild(new UFC_Phone($t));
}
return $conds;
}
/** Check whether a password is valid
* login_type can be uid, alias (for an email alias), hruid
*/
private function checkPassword($login, $response, $login_type = 'uid')
{
if ($login_type == 'alias') {
list($forlife, $domain) = explode('@', $login, 2);
$res = XDB::query('SELECT s.uid
FROM studies AS s
LEFT JOIN formations AS f ON (f.formation_id = s.formation_id AND f.domain = {?})
WHERE s.forlife = {?}', $domain, $forlife);
$login = $res->fetchOneCell();
$login_type = 'uid';
}
$res = XDB::query("SELECT uid, password, hruid\n FROM account\n WHERE {$login_type} = {?} AND state = 'active'", $login);
if (list($uid, $password, $hruid) = $res->fetchOneRow()) {
if (hash_compare($password, $response)) {
if (!S::logged()) {
Platal::page()->trigError('Mot de passe ou nom d\'utilisateur invalide');
} else {
Platal::page()->trigError('Mot de passe invalide');
}
S::logger($uid)->log('auth_fail', 'bad password');
return null;
}
return $uid;
}
Platal::page()->trigError('Mot de passe ou nom d\'utilisateur invalide');
return null;
}
public function __construct(PlWizard $wiz)
{
parent::__construct($wiz);
if (S::user()->checkPerms(User::PERM_DIRECTORY_PRIVATE)) {
$this->settings['cv'] = null;
}
$this->settings['corps'] = new ProfileSettingCorps();
$this->settings['jobs'] = new ProfileSettingJob();
$this->watched = array('cv' => true, 'jobs' => true, 'corps' => true);
Platal::page()->assign('geocoding_removal', true);
}
public function format()
{
$this->text = trim($this->text);
$this->phones = Phone::formatFormArray($this->phones, $this->error, $this->pub);
if ($this->removed == 1) {
if (!S::user()->checkPerms('directory_private') && Phone::hasPrivate($this->phones)) {
Platal::page()->trigWarning("L'adresse ne peut être supprimée car elle contient des informations pour lesquelles vous n'avez le droit d'édition.");
} else {
$this->text = '';
return true;
}
}
$this->formatPostalAddress();
if ($this->changed == 1) {
$gmapsGeocoder = new GMapsGeocoder();
$gmapsGeocoder->getGeocodedAddress($this);
$componants = array();
foreach ($this->components as $component) {
$componants[] = Geocoder::getComponentId($component);
}
$this->componentsIds = implode(',', $componants);
}
if ($this->componentsIds == '') {
$this->latitude = null;
$this->longitude = null;
}
return true;
}
public function value(ProfilePage $page, $field, $value, &$success)
{
$success = true;
if (is_null($value)) {
$value = array();
$res = XDB::iterRow("SELECT m.country, gc.country\n FROM profile_mentor_country AS m\n INNER JOIN geoloc_countries AS gc ON (m.country = gc.iso_3166_1_a2)\n WHERE m.pid = {?}", $page->pid());
while (list($id, $name) = $res->next()) {
$value[$id] = $name;
}
} else {
if (!is_array($value)) {
$value = array();
} else {
if (count($value) > 10) {
Platal::page()->trigError("Le nombre de secteurs d'expertise est limité à 10");
$success = false;
}
}
}
ksort($value);
return $value;
}
public static function _default_user_callback($login, $results)
{
$result_count = count($results);
if ($result_count == 0 || !S::admin()) {
Platal::page()->trigError("Il n'y a pas d'utilisateur avec l'identifiant : {$login}");
} else {
Platal::page()->trigError("Il y a {$result_count} utilisateurs avec cet identifiant : " . join(', ', $results));
}
}
public function trig($msg)
{
Platal::page()->trigError($msg);
return true;
}
protected function action_updateProfile()
{
global $globals;
$page =& Platal::page();
$colors = glob(dirname(__FILE__) . '/../../htdocs/images/banana/m2*.gif');
foreach ($colors as $key => $path) {
$path = basename($path, '.gif');
$colors[$key] = substr($path, 2);
}
$page->assign('colors', $colors);
if (Post::has('action') && Post::v('action') == 'Enregistrer') {
S::assert_xsrf_token();
$flags = new PlFlagSet();
if (Post::b('bananadisplay')) {
$flags->addFlag('threads');
}
if (Post::b('bananaupdate')) {
$flags->addFlag('automaj');
}
if (Post::b('bananaxface')) {
$flags->addFlag('xface');
}
$unread = Post::s('unread');
$read = Post::s('read');
if (!in_array($unread, $colors) || !in_array($read, $colors)) {
$page->trigError('Le choix de type pour l\'arborescence est invalide');
} else {
$last_seen = XDB::query('SELECT last_seen
FROM forum_profiles
WHERE uid = {?}', $this->user->id());
if ($last_seen->numRows() > 0) {
$last_seen = $last_seen->fetchOneCell();
} else {
$last_seen = '0000-00-00';
}
XDB::execute('INSERT INTO forum_profiles (uid, sig, mail, name, flags, tree_unread, tree_read, last_seen)
VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})
ON DUPLICATE KEY UPDATE sig = VALUES(sig), mail = VALUES(mail), name = VALUES(name), flags = VALUES(flags),
tree_unread = VALUES(tree_unread), tree_read = VALUES(tree_read), last_seen = VALUES(last_seen)', $this->user->id(), Post::v('bananasig'), Post::v('bananamail'), Post::v('banananame'), $flags, $unread, $read, $last_seen);
$page->trigSuccess('Ton profil a été mis à jour');
}
}
$infos = $this->fetchProfile();
$page->assign('nom', $infos['name']);
$page->assign('mail', $infos['mail']);
$page->assign('sig', $infos['sig']);
$page->assign('disp', $infos['threads']);
$page->assign('maj', $infos['maj']);
$page->assign('xface', $infos['xface']);
$page->assign('unread', $infos['tree_unread']);
$page->assign('read', $infos['tree_read']);
return null;
}
/** If not already done, fetches data for the given field
* @param $field One of the Profile::FETCH_*
* @return A ProfileField, or null
*/
private function getProfileField($field)
{
if (!array_key_exists($field, ProfileField::$fields)) {
Platal::page()->kill("Invalid field: {$field}");
}
if ($this->fetched($field)) {
return null;
} else {
$this->fetched_fields = $this->fetched_fields | $field;
}
$cls = ProfileField::$fields[$field];
return ProfileField::getForPID($cls, $this->id(), $this->visibility);
}
protected function prepare()
{
$tpl = parent::prepare();
global $wiz;
$wiz = new PlWizard('Banana', PlPage::getCoreTpl('plwizard.tpl'), true, false);
foreach ($this->pages as $name => &$mpage) {
$wiz->addPage($this->handler, $mpage['text'], $name);
}
$wiz->apply(Platal::page(), $this->base, $this->page);
return $tpl;
}
/** Sent this issue to all valid recipients
* @return Number of issues sent
*/
public function sendToAll()
{
$this->fetchArticles();
XDB::execute('UPDATE newsletter_issues
SET state = \'sent\', date=CURDATE()
WHERE id = {?}', $this->id);
// Every minute, select BATCH_SIZE users who:
// * are subscribed to the newsletter
// * have not yet been mailed this issue of the newsletter
// * have a valid email address
// ... and send them the current issue.
// Once a mail is sent, newsletter_ins is updated to prevent selecting again the same user a minute later.
$ufc = new PFC_And($this->getRecipientsUFC(), new UFC_NLSubscribed($this->nl->id, $this->id), new UFC_HasValidEmail());
$uf = new UserFilter($ufc, array(new UFO_IsAdmin(true), new UFO_Uid()));
$limit = new PlLimit(self::BATCH_SIZE);
$global_sent = array();
while (true) {
$sent = array();
$users = $uf->getUsers($limit);
if (count($users) == 0) {
break;
}
foreach ($users as $user) {
if (array_key_exists($user->id(), $global_sent)) {
// Such a condition may happen if an user:
// 1. was mailed the issue,
// 2. unsubscribed the newsletter,
// 3. subscribed again before the sending was done.
// Such a case is reported by mail to people who monitor the website.
// If you are reading this comment because of such a mail and the lines above explain what happened,
// you only need to reset the state of the issue to "pending".
// A cron script will then restart the mailing from where it stopped and only the problematic user will reveive the issue twice.
Platal::page()->kill('Sending the same newsletter issue ' . $this->id . ' to user ' . $user->id() . ' twice, something must be wrong.');
}
$sent[] = $user->id();
$global_sent[$user->id()] = true;
$this->sendTo($user, $hash);
}
XDB::execute("UPDATE newsletter_ins\n SET last = {?}\n WHERE nlid = {?} AND uid IN {?}", $this->id, $this->nl->id, $sent);
sleep(60);
}
return count($global_sent);
}
protected function trigSuccess($msg)
{
Platal::page()->trigSuccess($msg);
}
private function assertType($type)
{
if ($type != self::JOBID && $type != self::JOBNAME && $type != self::JOBACRONYM) {
Platal::page()->killError("Type de recherche non valide.");
}
}
