public function HandleAction($action)
{
switch ($action) {
case 'dismiss':
$this->UpdateOnDismiss();
break;
case 'profile':
$this->UpdateOnDismiss();
pl_redirect('profile/edit/' . $this->user->profile()->hrpid);
break;
case 'photo':
$this->UpdateOnDismiss();
pl_redirect('photo/change');
break;
case 'geoloc':
$this->UpdateOnDismiss();
pl_redirect('profile/edit/' . $this->user->profile()->hrpid . '/adresses');
break;
case 'merge':
$this->UpdateOnDismiss();
$flags = self::ListMergeIssues($this->user->profile());
if ($flags->hasFlag('job')) {
pl_redirect('profile/edit/' . $this->user->profile()->hrpid . '/emploi');
} else {
if ($flags->hasFlag('address')) {
pl_redirect('profile/edit/' . $this->user->profile()->hrpid . '/adresses');
} else {
pl_redirect('profile/edit/' . $this->user->profile()->hrpid);
}
}
break;
}
}
function handler_exit($page, $level = null)
{
global $globals;
if (S::has('suid')) {
Platal::session()->stopSUID();
pl_redirect('/');
}
Platal::session()->destroy();
http_redirect($globals->baseurl_http);
$page->changeTpl('exit.tpl');
}
public function HandleAction($action)
{
switch ($action) {
case 'yes':
$this->UpdateOnDismiss();
pl_redirect('googleapps');
break;
case 'dismiss':
$this->UpdateOnDismiss();
break;
case 'no':
$this->UpdateOnNo();
break;
}
}
function handler_remove($page, $id = null)
{
S::assert_xsrf_token();
$val = ValidateFilter::fromId($id, false);
if ($val === false) {
$page->trigError("This item doesn't exist");
return;
}
$val->select(ValidateSelect::validate());
if ($val->writer()->id() != S::user()->id()) {
throw new Exception("Invalid crendentials");
}
S::logger()->log('proposal/remove', array('type' => $val->type(), 'writer' => $val->writer()->id(), 'group' => $val->group()->id(), 'created' => $val->created()->toDb(), 'item' => $val->itemToDb()));
$val->item()->sendmailcancel(S::user());
$val->clean();
pl_redirect(Env::v('url'));
}
function handler_take($page, $sid = null)
{
$survey = SurveyFilter::fromId($sid, false);
if ($survey) {
$survey->select(Survey::SELECT_BASE | Survey::SELECT_DESCRIPTION);
if ($survey->alreadyTaken()) {
pl_redirect('surveys/see/' . $sid);
exit;
}
$survey->select(array(Survey::SELECT_DATAS => SurveyQuestion::SELECT_BASE));
} else {
throw new Exception("This survey doesn't exist");
}
$page->assign('survey', $survey);
$page->assign('title', "Sondage");
$page->addCssLink('surveys.css');
$page->changeTpl('surveys/take.tpl');
}
function handler_panel($page)
{
$page->changeTpl('carnet/panel.tpl');
if (Get::has('read')) {
XDB::execute('UPDATE watch
SET last = FROM_UNIXTIME({?})
WHERE uid = {?}', Get::i('read'), S::i('uid'));
S::user()->invalidWatchCache();
Platal::session()->updateNbNotifs();
pl_redirect('carnet/panel');
}
require_once 'notifs.inc.php';
$page->assign('now', time());
$user = S::user();
$notifs = Watch::getEvents($user, time() - 7 * 86400);
$page->assign('notifs', $notifs);
$page->assign('today', date('Y-m-d'));
$this->_add_rss_link($page);
}
function handler_su($page, $uid = null)
{
if (S::has('suid')) {
$page->kill("Déjà en SUID !!!");
}
if ($uid === null) {
throw new Exception("You forgot to pass the uid you want to impersonate");
}
$user = new UserFilter(new UFC_Uid($uid));
$user = $user->get(true);
if ($user !== false) {
$user->select(UserSelect::login());
if (!Platal::session()->startSUID($user)) {
$page->trigError('Impossible d\'effectuer un SUID sur ' . $uid);
} else {
S::logger()->log('admin/su', array('uid' => $user->id()));
pl_redirect('home');
}
} else {
throw new Exception("Impossible de faire un SUID sur " . $uid);
}
}
function handler_links_new($page)
{
if (!S::user()->perms()->hasFlag('admin')) {
return PL_FORBIDDEN;
}
$label = Env::t('label', '');
$link = Env::t('link', '');
$description = Env::t('description', '');
$comment = Env::t('comment', '');
$type = Env::t('type', '');
trace($type);
if (Env::has('create') && $label != '' && $link != '' && ($type == 'partners' || $type == 'usefuls')) {
$l = new Link();
$l->insert($type);
if (FrankizUpload::has('image') && $type == 'partners') {
try {
$group = Group::from('partnership');
$group->select(GroupSelect::castes());
$image = new FrankizImage();
$image->insert();
$image->label($label);
$image->caste($group->caste(new Rights('everybody')));
$image->image(FrankizUpload::v('image'));
$l->image($image);
} catch (Exception $e) {
$page->assign('err', $e->getMessage());
}
}
$l->label($label);
$l->link($link);
$l->description($description);
$l->comment($comment);
pl_redirect('links/' . $type);
}
$page->assign('title', 'Nouveau lien');
$page->addCssLink('links.css');
$page->changeTpl('links/new_link.tpl');
}
public function HandleAction($action)
{
switch ($action) {
case 'suscribe':
S::assert_xsrf_token();
$subs = array_keys(Post::v('sub_ml'));
$res = XDB::iterRow("SELECT sub, domain\n FROM register_subs\n WHERE uid = {?} AND type = 'list'\n ORDER BY domain", S::i('uid'));
while (list($sub, $domain) = $res->next()) {
if (array_shift($subs) == "{$sub}@{$domain}") {
MailingList::subscribeTo($sub, $domain);
}
}
$this->UpdateOnYes();
pl_redirect('lists');
break;
case 'dismiss':
$this->UpdateOnDismiss();
break;
case 'no':
$this->UpdateOnNo();
break;
}
}
function handler_admin_nl_edit($page, $nid = 'last', $aid = null, $action = 'edit')
{
$page->changeTpl('newsletter/edit.tpl');
$page->addCssLink('nl.Polytechnique.org.css');
$page->setTitle('Administration - Newsletter : Édition');
$nl = $this->getNl();
if (!$nl) {
return PL_NOT_FOUND;
}
try {
$issue = $nl->getIssue($nid, false);
} catch (MailNotFound $e) {
return PL_NOT_FOUND;
}
$ufb = $nl->getSubscribersUFB();
$ufb_keepenv = false;
// Will be set to True if there were invalid modification to the UFB.
// Convert NLIssue error messages to human-readable errors
$error_msgs = array(NLIssue::ERROR_INVALID_REPLY_TO => "L'adresse de réponse est invalide.", NLIssue::ERROR_INVALID_SHORTNAME => "Le nom court est invalide ou vide.", NLIssue::ERROR_INVALID_UFC => "Le filtre des destinataires est invalide.", NLIssue::ERROR_TOO_LONG_UFC => "Le nombre de matricules AX renseigné est trop élevé.", NLIssue::ERROR_SQL_SAVE => "Une erreur est survenue en tentant de sauvegarder la lettre, merci de réessayer.");
// Update the current issue
if ($aid == 'update' && Post::has('submit')) {
// Save common fields
$issue->title = Post::s('title');
$issue->title_mail = Post::s('title_mail');
$issue->head = Post::s('head');
$issue->signature = Post::s('signature');
$issue->reply_to = Post::s('reply_to');
if ($issue->isEditable()) {
// Date and shortname may only be modified for pending NLs, otherwise all links get broken.
$issue->date = Post::s('date');
$issue->shortname = strlen(Post::blank('shortname')) ? null : Post::s('shortname');
$issue->sufb->updateFromEnv($ufb->getEnv());
if ($nl->automaticMailingEnabled()) {
$issue->send_before = preg_replace('/^(\\d\\d\\d\\d)(\\d\\d)(\\d\\d)$/', '\\1-\\2-\\3', Post::v('send_before_date')) . ' ' . Post::i('send_before_time_Hour') . ':00:00';
}
}
$errors = $issue->save();
if (count($errors)) {
foreach ($errors as $error_code) {
$page->trigError($error_msgs[$error_code]);
}
}
}
// Delete an article
if ($action == 'delete') {
$issue->delArticle($aid);
pl_redirect($nl->adminPrefix(true, false) . "/edit/{$nid}");
}
// Save an article
if (Post::v('save')) {
$art = new NLArticle(Post::v('title'), Post::v('body'), Post::v('append'), $aid, Post::v('cid'), Post::v('pos'));
$issue->saveArticle($art);
pl_redirect($nl->adminPrefix(true, false) . "/edit/{$nid}");
}
// Edit an article
if ($action == 'edit' && $aid != 'update') {
$eaid = $aid;
if (Post::has('title')) {
$art = new NLArticle(Post::v('title'), Post::v('body'), Post::v('append'), $eaid, Post::v('cid'), Post::v('pos'));
} else {
$art = $eaid == 'new' ? new NLArticle() : $issue->getArt($eaid);
}
if ($art && !$art->check()) {
$page->trigError("Cet article est trop long.");
}
$page->assign('art', $art);
}
// Check blacklisted IPs
if ($aid == 'blacklist_check') {
global $globals;
$ips_to_check = array();
$blacklist_host_resolution_count = 0;
foreach ($issue->arts as $key => $articles) {
foreach ($articles as $article) {
$article_ips = $article->getLinkIps($blacklist_host_resolution_count);
if (!empty($article_ips)) {
$ips_to_check[$article->title()] = $article_ips;
}
}
}
$page->assign('ips_to_check', $ips_to_check);
if ($blacklist_host_resolution_count >= $globals->mail->blacklist_host_resolution_limit) {
$page->trigError("Toutes les url et adresses emails de la lettre" . " n'ont pas été prises en compte car la" . " limite du nombre de résolutions DNS" . " autorisée a été atteinte.");
}
}
if ($issue->state == NLIssue::STATE_SENT) {
$page->trigWarning("Cette lettre a déjà été envoyée ; il est recommandé de limiter les modifications au maximum (orthographe, adresses web et mail).");
}
$ufb->setEnv($issue->sufb->getEnv());
$page->assign_by_ref('nl', $nl);
$page->assign_by_ref('issue', $issue);
}
function handler_aaliases($page, $alias = null)
{
global $globals;
require_once 'emails.inc.php';
$page->setTitle('Administration - Aliases');
if (Post::has('new_alias')) {
pl_redirect('admin/aliases/' . Post::t('new_alias') . '@' . $globals->mail->domain);
}
// If no alias, list them all.
if (is_null($alias)) {
$page->changeTpl('lists/admin_aliases.tpl');
$page->assign('aliases', array_merge(iterate_list_alias($globals->mail->domain), iterate_list_alias($globals->mail->domain2)));
return;
}
list($local_part, $domain) = explode('@', $alias);
if (!($globals->mail->domain == $domain || $globals->mail->domain2 == $domain) || !preg_match("/^[a-zA-Z0-9\\-\\.]*\$/", $local_part)) {
$page->trigErrorRedirect('Le nom de l\'alias est erroné.', $globals->asso('diminutif') . 'admin/aliases');
}
// Now we can perform the action.
if (Post::has('del_alias')) {
S::assert_xsrf_token();
delete_list_alias($local_part, $domain);
$page->trigSuccessRedirect($alias . ' supprimé.', 'admin/aliases');
}
if (Post::has('add_member')) {
S::assert_xsrf_token();
if (add_to_list_alias(Post::t('add_member'), $local_part, $domain)) {
$page->trigSuccess('Ajout réussit.');
} else {
$page->trigError('Ajout infructueux.');
}
}
if (Get::has('del_member')) {
S::assert_xsrf_token();
if (delete_from_list_alias(Get::t('del_member'), $local_part, $domain)) {
$page->trigSuccess('Suppression réussie.');
} else {
$page->trigError('Suppression infructueuse.');
}
}
$page->changeTpl('lists/admin_edit_alias.tpl');
$page->assign('members', list_alias_members($local_part, $domain));
$page->assign('alias', $alias);
}
function handler_edit($page)
{
global $globals;
$user = S::user();
if (empty($user)) {
return PL_NOT_FOUND;
}
if ($user->type != 'xnet') {
pl_redirect('index');
}
$page->changeTpl('xnet/edit.tpl');
if (Post::has('change')) {
S::assert_xsrf_token();
// Convert user status to X
if (!Post::blank('login_X')) {
$forlife = $this->changeLogin($page, $user, Post::t('login_X'));
if ($forlife) {
pl_redirect('index');
}
}
require_once 'emails.inc.php';
require_once 'name.func.inc.php';
// Update user info
$lastname = capitalize_name(Post::t('lastname'));
$firstname = capitalize_name(Post::t('firstname'));
$full_name = build_full_name($firstname, $lastname);
$directory_name = build_directory_name($firstname, $lastname);
$sort_name = build_sort_name($firstname, $lastname);
XDB::query('UPDATE accounts
SET full_name = {?}, directory_name = {?}, sort_name = {?}, display_name = {?},
firstname = {?}, lastname = {?}, sex = {?}
WHERE uid = {?}', $full_name, $directory_name, $sort_name, Post::t('display_name'), Post::t('firstname'), Post::t('lastname'), Post::t('sex') == 'male' ? 'male' : 'female', $user->id());
// Updates email.
$new_email = strtolower(Post::t('email'));
if (require_email_update($user, $new_email)) {
XDB::query('UPDATE accounts
SET email = {?}
WHERE uid = {?}', $new_email, $user->id());
$listClient = new MMList(S::user());
$listClient->change_user_email($user->forlifeEmail(), $new_email);
update_alias_user($user->forlifeEmail(), $new_email);
}
$user = User::getWithUID($user->id());
S::set('user', $user);
$page->trigSuccess('Données mises à jour.');
}
$page->addJsLink('password.js');
$page->assign('user', $user);
}
function handler_exit($page, $level = null)
{
if (S::suid()) {
$old = S::user()->login();
S::logger()->log('suid_stop', $old . " by " . S::suid('hruid'));
Platal::session()->stopSUID();
$target = S::s('suid_startpage');
S::kill('suid_startpage');
if (!empty($target)) {
http_redirect($target);
}
pl_redirect('admin/user/' . $old);
}
if ($level == 'forget' || $level == 'forgetall') {
Platal::session()->killAccessCookie();
}
if ($level == 'forgetuid' || $level == 'forgetall') {
Platal::session()->killLoginFormCookies();
}
if (S::logged()) {
S::logger()->log('deconnexion', @$_SERVER['HTTP_REFERER']);
Platal::session()->destroy();
}
if (Get::has('redirect')) {
http_redirect(rawurldecode(Get::v('redirect')));
} else {
$page->changeTpl('platal/exit.tpl');
}
}
function handler_broken($page, $uid = null)
{
$page->changeTpl('marketing/broken.tpl');
if (is_null($uid)) {
return PL_NOT_FOUND;
}
$user = User::get($uid);
if (!$user) {
return PL_NOT_FOUND;
} elseif ($user->login() == S::user()->login()) {
pl_redirect('emails/redirect');
}
$res = XDB::query('SELECT p.deathdate IS NULL AS alive, r.last, IF(r.type = \'googleapps\', \'googleapps\', r.redirect) AS active_email
FROM accounts AS a
LEFT JOIN email_redirect_account AS r ON (a.uid = r.uid AND r.type IN (\'smtp\', \'googleapps\') AND r.flags = \'active\')
LEFT JOIN account_profiles AS ap ON (ap.uid = r.uid AND FIND_IN_SET(\'owner\', ap.perms))
LEFT JOIN profiles AS p ON (p.pid = ap.pid)
WHERE a.uid = {?}
ORDER BY r.broken_level, r.last', $user->id());
if (!$res->numRows()) {
return PL_NOT_FOUND;
}
$user->addProperties($res->fetchOneAssoc());
$page->assign('user', $user);
$email = null;
require_once 'emails.inc.php';
if (Post::has('mail')) {
$email = valide_email(Post::v('mail'));
}
if (Post::has('valide') && isvalid_email_redirection($email, $user)) {
S::assert_xsrf_token();
// security stuff
check_email($email, "Proposition d'une adresse surveillee pour " . $user->login() . " par " . S::user()->login());
$state = XDB::fetchOneCell('SELECT flags
FROM email_redirect_account
WHERE redirect = {?} AND uid = {?}', $email, $user->id());
if ($state == 'broken') {
$page->trigWarning("L'adresse que tu as fournie est l'adresse actuelle de {$user->fullName()} et est en panne.");
} elseif ($state == 'active') {
$page->trigWarning("L'adresse que tu as fournie est l'adresse actuelle de {$user->fullName()}");
} elseif ($user->email && !Post::t('comment')) {
$page->trigError("Il faut que tu ajoutes un commentaire à ta proposition pour justifier le " . "besoin de changer la redirection de {$user->fullName()}.");
} else {
$valid = new BrokenReq(S::user(), $user, $email, trim(Post::v('comment')));
$valid->submit();
$page->assign('sent', true);
}
} elseif ($email) {
$page->trigError("L'adresse proposée n'est pas une adresse acceptable pour une redirection.");
}
}
function handler_group_insert($page)
{
$group = new Group();
$group->insert();
$group->caste(Rights::admin())->addUser(S::user());
S::logger()->log("groups/insert", array('gid' => $group->id()));
pl_redirect('groups/admin/' . $group->id());
}
function handler_edit($page, $eid = null)
{
global $globals;
// get eid if the the given one is a short name
if (!is_null($eid) && !is_numeric($eid)) {
$res = XDB::query("SELECT eid\n FROM group_events\n WHERE asso_id = {?} AND short_name = {?}", $globals->asso('id'), $eid);
if ($res->numRows()) {
$eid = (int) $res->fetchOneCell();
}
}
// check the event is in our group
if (!is_null($eid)) {
$res = XDB::query("SELECT short_name\n FROM group_events\n WHERE eid = {?} AND asso_id = {?}", $eid, $globals->asso('id'));
if ($res->numRows()) {
$infos = $res->fetchOneAssoc();
} else {
return PL_FORBIDDEN;
}
}
$page->changeTpl('xnetevents/edit.tpl');
$moments = range(1, 4);
$error = false;
$page->assign('moments', $moments);
if (Post::v('intitule')) {
S::assert_xsrf_token();
$this->load('xnetevents.inc.php');
$short_name = event_change_shortname($page, $eid, $infos['short_name'], Env::v('short_name', ''));
if ($short_name != Env::v('short_name')) {
$error = true;
}
$evt = array('eid' => $eid, 'asso_id' => $globals->asso('id'), 'paiement_id' => Post::v('paiement_id') > 0 ? Post::v('paiement_id') : null, 'debut' => Post::v('deb_Year') . '-' . Post::v('deb_Month') . '-' . Post::v('deb_Day') . ' ' . Post::v('deb_Hour') . ':' . Post::v('deb_Minute') . ':00', 'fin' => Post::v('fin_Year') . '-' . Post::v('fin_Month') . '-' . Post::v('fin_Day') . ' ' . Post::v('fin_Hour') . ':' . Post::v('fin_Minute') . ':00', 'short_name' => $short_name);
$trivial = array('intitule', 'descriptif', 'noinvite', 'subscription_notification', 'show_participants', 'accept_nonmembre', 'uid');
foreach ($trivial as $k) {
$evt[$k] = Post::v($k);
}
if (!$eid) {
$evt['uid'] = S::v('uid');
}
if (Post::v('deadline')) {
$evt['deadline_inscription'] = Post::v('inscr_Year') . '-' . Post::v('inscr_Month') . '-' . Post::v('inscr_Day');
} else {
$evt['deadline_inscription'] = null;
}
// Store the modifications in the database
XDB::execute('INSERT INTO group_events (eid, asso_id, uid, intitule, paiement_id,
descriptif, debut, fin, show_participants,
short_name, deadline_inscription, noinvite,
accept_nonmembre, subscription_notification)
VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})
ON DUPLICATE KEY UPDATE asso_id = VALUES(asso_id), uid = VALUES(uid), intitule = VALUES(intitule),
paiement_id = VALUES(paiement_id), descriptif = VALUES(descriptif), debut = VALUES(debut),
fin = VALUES(fin), show_participants = VALUES(show_participants), short_name = VALUES(short_name),
deadline_inscription = VALUES(deadline_inscription), noinvite = VALUES(noinvite),
accept_nonmembre = VALUES(accept_nonmembre), subscription_notification = VALUES(subscription_notification)', $evt['eid'], $evt['asso_id'], $evt['uid'], $evt['intitule'], $evt['paiement_id'], $evt['descriptif'], $evt['debut'], $evt['fin'], $evt['show_participants'], $evt['short_name'], $evt['deadline_inscription'], $evt['noinvite'], $evt['accept_nonmembre'], $evt['subscription_notification']);
// if new event, get its id
if (!$eid) {
$eid = XDB::insertId();
}
foreach ($moments as $i) {
if (Post::v('titre' . $i)) {
$nb_moments++;
$montant = strtr(Post::v('montant' . $i), ',', '.');
$money_defaut += (double) $montant;
XDB::execute('INSERT INTO group_event_items (eid, item_id, titre, details, montant)
VALUES ({?}, {?}, {?}, {?}, {?})
ON DUPLICATE KEY UPDATE titre = VALUES(titre), details = VALUES(details), montant = VALUES(montant)', $eid, $i, Post::v('titre' . $i), Post::v('details' . $i), $montant);
} else {
XDB::execute('DELETE FROM group_event_items
WHERE eid = {?} AND item_id = {?}', $eid, $i);
}
}
// request for a new payment
if (Post::v('paiement_id') == -1 && $money_defaut >= 0) {
$p = new PayReq(S::user(), $globals->asso('nom') . " - " . Post::v('intitule'), Post::v('site'), $money_defaut, Post::v('confirmation'), 0, 999, $globals->asso('id'), $eid, Post::v('payment_public') == 'yes');
if ($p->accept()) {
$p->submit();
} else {
$page->assign('payment_message', Post::v('confirmation'));
$page->assign('payment_site', Post::v('site'));
$page->assign('payment_public', Post::v('payment_public') == 'yes');
$page->assign('error', true);
$error = true;
}
}
// events with no sub-event: add a sub-event with default name
if ($nb_moments == 0) {
XDB::execute("INSERT INTO group_event_items\n VALUES ({?}, {?}, 'Événement', '', 0)", $eid, 1);
}
if (!$error) {
pl_redirect('events');
}
}
// get a list of all the payment for this asso
$res = XDB::iterator("SELECT id, text\n FROM payments\n WHERE asso_id = {?} AND NOT FIND_IN_SET('old', flags)", $globals->asso('id'));
$paiements = array();
while ($a = $res->next()) {
$paiements[$a['id']] = $a['text'];
}
$page->assign('paiements', $paiements);
// when modifying an old event retreive the old datas
if ($eid) {
$res = XDB::query("SELECT eid, intitule, descriptif, debut, fin, uid,\n show_participants, paiement_id, short_name,\n deadline_inscription, noinvite, accept_nonmembre, subscription_notification\n FROM group_events\n WHERE eid = {?}", $eid);
$evt = $res->fetchOneAssoc();
// find out if there is already a request for a payment for this event
$res = XDB::query("SELECT stamp\n FROM requests\n WHERE type = 'paiements' AND data LIKE {?}", PayReq::same_event($eid, $globals->asso('id')));
$stamp = $res->fetchOneCell();
if ($stamp) {
$evt['paiement_id'] = -2;
$evt['paiement_req'] = $stamp;
}
$page->assign('evt', $evt);
// get all the different moments infos
$res = XDB::iterator("SELECT item_id, titre, details, montant\n FROM group_event_items AS ei\n INNER JOIN group_events AS e ON(e.eid = ei.eid)\n WHERE e.eid = {?}\n ORDER BY item_id", $eid);
$items = array();
while ($item = $res->next()) {
$items[$item['item_id']] = $item;
}
$page->assign('items', $items);
}
$page->assign('url_ref', $eid);
}
function handler_admin_name($page, $hruid = null)
{
$page->changeTpl('admin/admin_name.tpl');
if (Post::has('id')) {
$user = User::get(Post::t('id'));
if (is_null($user)) {
$page->trigError("L'identifiant donné ne correspond à personne ou est ambigu.");
exit;
}
pl_redirect('admin/name/' . $user->hruid);
}
$user = User::getSilent($hruid);
if (!is_null($user)) {
require_once 'name.func.inc.php';
if ($user->hasProfile()) {
$name_types = array('lastname_main' => 'Nom patronymique', 'lastname_marital' => 'Nom marital', 'lastname_ordinary' => 'Nom usuel', 'firstname_main' => 'Prénom', 'firstname_ordinary' => 'Prénom usuel', 'pseudonym' => 'Pseudonyme');
$names = XDB::fetchOneAssoc('SELECT lastname_main, lastname_marital, lastname_ordinary,
firstname_main, firstname_ordinary, pseudonym
FROM profile_public_names
WHERE pid = {?}', $user->profile()->id());
} else {
$name_types = array('lastname' => 'Nom', 'firstname' => 'Prénom');
$names = XDB::fetchOneAssoc('SELECT lastname, firstname
FROM accounts
WHERE uid = {?}', $user->id());
}
if (Post::has('correct')) {
$new_names = array();
$update = true;
foreach ($name_types as $key => $fullname) {
$new_names[$key] = Post::t($key);
if (mb_strtolower($new_names[$key]) != mb_strtolower($names[$key])) {
$update = false;
}
}
if ($update) {
if ($user->hasProfile()) {
update_public_names($user->profile()->id(), $new_names);
update_display_names($user->profile(), $new_names);
} else {
$new_names['full_name'] = build_full_name($new_names['firstname'], $new_names['lastname']);
$new_names['directory_name'] = build_directory_name($new_names['firstname'], $new_names['lastname']);
$new_names['sort_name'] = build_sort_name($new_names['firstname'], $new_names['lastname']);
XDB::execute('UPDATE accounts
SET lastname = {?}, firstname = {?}, full_name = {?},
directory_name = {?}, sort_name = {?}
WHERE uid = {?}', $new_names['lastname'], $new_names['firstname'], $new_names['full_name'], $new_names['directory_name'], $new_names['sort_name'], $user->id());
}
$page->trigSuccess('Mise à jour réussie.');
} else {
$page->trigError('Seuls des changements de casse sont autorisés ici.');
}
}
if ($user->hasProfile()) {
$names = XDB::fetchOneAssoc('SELECT lastname_main, lastname_marital, lastname_ordinary,
firstname_main, firstname_ordinary, pseudonym
FROM profile_public_names
WHERE pid = {?}', $user->profile()->id());
} else {
$names = XDB::fetchOneAssoc('SELECT lastname, firstname
FROM accounts
WHERE uid = {?}', $user->id());
}
foreach ($names as $key => $name) {
$names[$key] = array('value' => $name, 'standard' => capitalize_name($name));
$names[$key]['different'] = $names[$key]['value'] != $names[$key]['standard'];
}
$page->assign('uid', $user->id());
$page->assign('hruid', $user->hruid);
$page->assign('names', $names);
$page->assign('name_types', $name_types);
}
}
function handler_melix($page, $login = null)
{
$this->load('openid.inc.php');
global $globals;
$melix = $login ? $login . '@' . $globals->mail->alias_dom : null;
if ($melix && ($requested_user = User::getSilent($melix))) {
$server = new OpenId();
$server->RenderDiscoveryPage($page, $requested_user);
} else {
pl_redirect('Xorg/OpenId');
}
}
function handler_skin_resmartphone($page, $url)
{
global $globals;
S::set('skin', $globals->smartphone_skin);
pl_redirect($url);
exit;
}
function handler_adm_transfers($page, $action = null, $id = null)
{
// list/log all bank transfers and link them to individual transactions
if (Post::has('generate')) {
$recon_ids = array_keys(Post::v('recon_id'));
// generate a new reconcilation group ID
$res = XDB::query("SELECT MAX(recongroup_id)+1 FROM payment_reconcilations");
$recongp_id = $res->fetchOneCell();
if ($recongp_id == null) {
$recongp_id = 1;
}
// add reconcilations to group
// FIXME: should check if reconcilations are in good status
XDB::execute("UPDATE payment_reconcilations\n SET recongroup_id = {?}, status = 'closed'\n WHERE id IN {?}", $recongp_id, $recon_ids);
// create transfers
XDB::execute('INSERT INTO payment_transfers
SELECT NULL, {?}, t.ref, SUM(t.amount+t.commission), NULL, p.text, NULL
FROM payment_transactions AS t
LEFT JOIN payments AS p ON (t.ref = p.id)
LEFT JOIN groups AS g ON (p.asso_id = g.id)
WHERE t.recon_id IN {?} AND t.status = "confirmed"
GROUP BY t.ref', $recongp_id, $recon_ids);
//$res = XDB::query("SELECT * FROM payment_reconcilations WHERE id IN {?}", $recon_ids);
//$recons = $res->fetchAllAssoc();
$page->trigSuccess('Les virements ont été générés pour ' . count($recon_ids) . ' réconciliations.');
$this->handler_adm_reconcile($page);
} elseif ($action == 'delgroup') {
S::assert_xsrf_token();
XDB::execute("UPDATE payment_reconcilations\n SET status = 'transfering', recongroup_id = NULL\n WHERE recongroup_id = {?}", $id);
XDB::execute("DELETE FROM payment_transfers\n WHERE recongroup_id = {?} AND date IS NULL", $id);
$page->trigSuccess("Les virements non réalisés ont été supprimé du groupe " . $id . ".");
$this->handler_adm_reconcile($page);
} elseif ($action == "confirm") {
S::assert_xsrf_token();
$account_id = XDB::fetchOneCell('SELECT rib_id
FROM payments AS p
LEFT JOIN payment_transfers AS t ON (t.payment_id = p.id)
WHERE t.id = {?}', $id);
XDB::execute('UPDATE payment_transfers
SET date = NOW(), account_id = {?}
WHERE id = {?}', $account_id, $id);
$page->trigSuccess('Virement ' . $id . ' confirmé.');
$this->handler_adm_reconcile($page);
} else {
pl_redirect('admin/reconcile');
}
}
function handler_p_edit($page, $hrpid = null, $opened_tab = null, $mode = null, $success = null)
{
global $globals;
if (in_array($hrpid, array('general', 'adresses', 'emploi', 'poly', 'deco', 'mentor', 'deltaten'))) {
$aux = $opened_tab;
$opened_tab = $hrpid;
$hrpid = $aux;
$url_error = true;
} else {
$url_error = false;
}
$profile = $this->findProfile($hrpid);
if (!$profile instanceof Profile && ($profile == PL_NOT_FOUND || $profile == PL_FORBIDDEN)) {
return $profile;
}
if (is_null($hrpid) || $url_error) {
pl_redirect('profile/edit/' . $profile->hrid() . (is_null($opened_tab) ? '' : '/' . $opened_tab));
}
// Build the page
$page->addJsLink('jquery.ui.xorg.js');
$page->addJsLink('education.js', true, false);
/* dynamic content */
$page->addJsLink('grades.js', true, false);
/* dynamic content */
$page->addJsLink('profile.js');
$wiz = new PlWizard('Profil', PlPage::getCoreTpl('plwizard.tpl'), true, true, false);
$wiz->addUserData('profile', $profile);
$wiz->addUserData('owner', $profile->owner());
$this->load('page.inc.php');
$wiz->addPage('ProfilePageGeneral', 'Général', 'general');
$wiz->addPage('ProfilePageAddresses', 'Adresses personnelles', 'adresses');
$wiz->addPage('ProfilePageJobs', 'Informations professionnelles', 'emploi');
$viewPrivate = S::user()->checkPerms(User::PERM_DIRECTORY_PRIVATE);
if ($viewPrivate) {
$wiz->addPage('ProfilePageGroups', 'Groupes X - Binets', 'poly');
}
$wiz->addPage('ProfilePageDecos', 'Décorations - Medailles', 'deco');
if ($viewPrivate) {
$wiz->addPage('ProfilePageMentor', 'Mentoring', 'mentor');
}
if ($viewPrivate && $profile->isDeltatenEnabled(Profile::DELTATEN_OLD)) {
$wiz->addPage('ProfilePageDeltaten', 'Opération N N-10', 'deltaten');
}
$wiz->apply($page, 'profile/edit/' . $profile->hrid(), $opened_tab, $mode);
if (!$profile->birthdate) {
$page->trigWarning("Ta date de naissance n'est pas renseignée, ce qui t'empêcheras de réaliser" . " la procédure de récupération de mot de passe si un jour tu le perdais.");
}
$page->setTitle('Mon Profil');
$page->assign('hrpid', $profile->hrid());
$page->assign('viewPrivate', $viewPrivate);
$page->assign('isMe', S::user()->isMyProfile($profile));
if (isset($success) && $success) {
$page->trigSuccess('Ton profil a bien été mis à jour.');
}
}
function handler_ev($page, $action = 'list', $eid = null, $pound = null)
{
$page->changeTpl('events/index.tpl');
$user = S::user();
/** XXX: Tips and reminder only for user with 'email' permission.
* We can do better in the future by storing a userfilter
* with the tip/reminder.
*/
if ($user->checkPerms(User::PERM_MAIL)) {
$page->assign('tips', $this->get_tips());
}
// Adds a reminder onebox to the page.
require_once 'reminder.inc.php';
if ($reminder = Reminder::GetCandidateReminder($user)) {
$reminder->Prepare($page);
}
// Wishes "Happy birthday" when required
$profile = $user->profile();
if (!is_null($profile)) {
if ($profile->next_birthday == date('Y-m-d')) {
$birthyear = (int) date('Y', strtotime($profile->birthdate));
$curyear = (int) date('Y');
$page->assign('birthday', $curyear - $birthyear);
}
}
// Direct link to the RSS feed, when available.
if (S::hasAuthToken()) {
$page->setRssLink('Polytechnique.org :: News', '/rss/' . S::v('hruid') . '/' . S::user()->token . '/rss.xml');
}
// Hide the read event, and reload the page to get to the next event.
if ($action == 'read' && $eid) {
XDB::execute('DELETE ev.*
FROM announce_read AS ev
INNER JOIN announces AS e ON e.id = ev.evt_id
WHERE expiration < NOW()');
XDB::execute('INSERT IGNORE INTO announce_read (evt_id, uid)
VALUES ({?}, {?})', $eid, S::v('uid'));
pl_redirect('events#' . $pound);
}
// Unhide the requested event, and reload the page to display it.
if ($action == 'unread' && $eid) {
XDB::execute('DELETE FROM announce_read
WHERE evt_id = {?} AND uid = {?}', $eid, S::v('uid'));
pl_redirect('events#newsid' . $eid);
}
// Fetch the events to display, along with their metadata.
$array = array();
$it = XDB::iterator("SELECT e.id, e.titre, e.texte, e.post_id, e.uid,\n p.x, p.y, p.attach IS NOT NULL AS img, FIND_IN_SET('wiki', e.flags) AS wiki,\n FIND_IN_SET('important', e.flags) AS important,\n e.creation_date > DATE_SUB(CURDATE(), INTERVAL 2 DAY) AS news,\n e.expiration < DATE_ADD(CURDATE(), INTERVAL 2 DAY) AS end,\n ev.uid IS NULL AS nonlu, e.promo_min, e.promo_max\n FROM announces AS e\n LEFT JOIN announce_photos AS p ON (e.id = p.eid)\n LEFT JOIN announce_read AS ev ON (e.id = ev.evt_id AND ev.uid = {?})\n WHERE FIND_IN_SET('valide', e.flags) AND expiration >= NOW()\n ORDER BY important DESC, news DESC, end DESC, e.expiration, e.creation_date DESC", S::i('uid'));
$cats = array('important', 'news', 'end', 'body');
$this->load('feed.inc.php');
$user = S::user();
$body = EventFeed::nextEvent($it, $user);
foreach ($cats as $cat) {
$data = array();
if (!$body) {
continue;
}
do {
if ($cat == 'body' || $body[$cat]) {
$data[] = $body;
} else {
break;
}
$body = EventFeed::nextEvent($it, $user);
} while ($body);
if (!empty($data)) {
$array[$cat] = $data;
}
}
$page->assign_by_ref('events', $array);
}
function handler_end($page, $hash = null)
{
global $globals;
$_SESSION['subState'] = array('step' => 5);
// Reject registration requests from unsafe IP addresses (and remove the
// registration information from the database, to prevent IP changes).
if (check_ip('unsafe')) {
send_warning_mail('Une IP surveillée a tenté de finaliser son inscription.');
XDB::execute("DELETE FROM register_pending\n WHERE hash = {?} AND hash != 'INSCRIT'", $hash);
return PL_FORBIDDEN;
}
// Retrieve the pre-registration information using the url-provided
// authentication token.
$res = XDB::query("SELECT r.uid, p.pid, r.forlife, r.bestalias, r.mailorg2,\n r.password, r.email, r.services, r.naissance,\n ppn.lastname_initial, ppn.firstname_initial, pe.promo_year,\n pd.promo, p.sex, p.birthdate_ref, a.type, a.email AS old_account_email\n FROM register_pending AS r\n INNER JOIN accounts AS a ON (r.uid = a.uid)\n INNER JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profiles AS p ON (p.pid = ap.pid)\n INNER JOIN profile_public_names AS ppn ON (ppn.pid = p.pid)\n INNER JOIN profile_display AS pd ON (p.pid = pd.pid)\n INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n WHERE hash = {?} AND hash != 'INSCRIT' AND a.state = 'pending'", $hash);
if (!$hash || $res->numRows() == 0) {
$page->kill("<p>Cette adresse n'existe pas, ou plus, sur le serveur.</p>\n <p>Causes probables :</p>\n <ol>\n <li>Vérifie que tu visites l'adresse du dernier\n email reçu s'il y en a eu plusieurs.</li>\n <li>Tu as peut-être mal copié l'adresse reçue par\n email, vérifie-la à la main.</li>\n <li>Tu as peut-être attendu trop longtemps pour\n confirmer. Les pré-inscriptions sont annulées\n tous les 30 jours.</li>\n <li>Tu es en fait déjà inscrit.</li>\n </ol>");
}
list($uid, $pid, $forlife, $bestalias, $emailXorg2, $password, $email, $services, $birthdate, $lastname, $firstname, $yearpromo, $promo, $sex, $birthdate_ref, $type, $old_account_email) = $res->fetchOneRow();
$isX = $type == 'x';
$mail_domain = User::$sub_mail_domains[$type] . $globals->mail->domain;
// Prepare the template for display.
$page->changeTpl('register/end.tpl');
$page->assign('forlife', $forlife);
$page->assign('firstname', $firstname);
// Check if the user did enter a valid password; if not (or if none is found),
// get her an information page.
if (Post::has('response')) {
$expected_response = sha1("{$forlife}:{$password}:" . S::v('challenge'));
if (Post::v('response') != $expected_response) {
$page->trigError("Mot de passe invalide.");
S::logger($uid)->log('auth_fail', 'bad password (register/end)');
return;
}
} else {
return;
}
//
// Create the user account.
//
XDB::startTransaction();
XDB::execute("UPDATE accounts\n SET password = {?}, state = 'active',\n registration_date = NOW(), email = NULL\n WHERE uid = {?}", $password, $uid);
XDB::execute("UPDATE profiles\n SET birthdate = {?}, last_change = NOW()\n WHERE pid = {?}", $birthdate, $pid);
XDB::execute('INSERT INTO email_source_account (email, uid, type, flags, domain)
SELECT {?}, {?}, \'forlife\', \'\', id
FROM email_virtual_domains
WHERE name = {?}', $forlife, $uid, $mail_domain);
XDB::execute('INSERT INTO email_source_account (email, uid, type, flags, domain)
SELECT {?}, {?}, \'alias\', \'bestalias\', id
FROM email_virtual_domains
WHERE name = {?}', $bestalias, $uid, $mail_domain);
if ($emailXorg2) {
XDB::execute('INSERT INTO email_source_account (email, uid, type, flags, domain)
SELECT {?}, {?}, \'alias\', \'\', id
FROM email_virtual_domains
WHERE name = {?}', $emailXorg2, $uid, $mail_domain);
}
XDB::commit();
// Try to start a session (so the user don't have to log in); we will use
// the password available in Post:: to authenticate the user.
Platal::session()->start(AUTH_PASSWD);
// Add the registration email address as first and only redirection.
require_once 'emails.inc.php';
$user = User::getSilentWithUID($uid);
$redirect = new Redirect($user);
$redirect->add_email($email);
fix_bestalias($user);
// If the user was registered to some aliases and MLs, we must change
// the subscription to her forlife email.
if ($old_account_email) {
$listClient = new MMList($user);
$listClient->change_user_email($old_account_email, $user->forlifeEmail());
update_alias_user($old_account_email, $user->forlifeEmail());
}
// Subscribe the user to the services she did request at registration time.
require_once 'newsletter.inc.php';
foreach (explode(',', $services) as $service) {
switch ($service) {
case 'ax_letter':
/* This option is deprecated by 'com_letters' */
NewsLetter::forGroup(NewsLetter::GROUP_AX)->subscribe($user);
break;
case 'com_letters':
NewsLetter::forGroup(NewsLetter::GROUP_AX)->subscribe($user);
NewsLetter::forGroup(NewsLetter::GROUP_EP)->subscribe($user);
NewsLetter::forGroup(NewsLetter::GROUP_FX)->subscribe($user);
break;
case 'nl':
NewsLetter::forGroup(NewsLetter::GROUP_XORG)->subscribe($user);
break;
case 'imap':
Email::activate_storage($user, 'imap', Bogo::IMAP_DEFAULT);
break;
case 'ml_promo':
if ($isX) {
$r = XDB::query('SELECT id FROM groups WHERE diminutif = {?}', $yearpromo);
if ($r->numRows()) {
$asso_id = $r->fetchOneCell();
XDB::execute('INSERT IGNORE INTO group_members (uid, asso_id)
VALUES ({?}, {?})', $uid, $asso_id);
try {
MailingList::subscribePromo($yearpromo, $user);
} catch (Exception $e) {
PlErrorReport::report($e);
$page->trigError("L'inscription à la liste promo" . $yearpromo . " a échouée.");
}
}
}
break;
}
}
// Log the registration in the user session.
S::logger($uid)->log('inscription', $email);
XDB::execute("UPDATE register_pending\n SET hash = 'INSCRIT'\n WHERE uid = {?}", $uid);
// Congratulate our newly registered user by email.
$mymail = new PlMailer('register/success.mail.tpl');
$mymail->addTo("\"{$user->fullName()}\" <{$user->forlifeEmail()}>");
if ($isX) {
$mymail->setSubject('Bienvenue parmi les X sur le web !');
} else {
$mymail->setSubject('Bienvenue sur Polytechnique.org !');
}
$mymail->assign('forlife', $forlife);
$mymail->assign('firstname', $firstname);
$mymail->send();
// Index the user, to allow her to appear in searches.
Profile::rebuildSearchTokens($pid);
// Notify other users which were watching for her arrival.
XDB::execute('INSERT INTO contacts (uid, contact)
SELECT uid, {?}
FROM watch_nonins
WHERE ni_id = {?}', $pid, $uid);
XDB::execute('DELETE FROM watch_nonins
WHERE ni_id = {?}', $uid);
Platal::session()->updateNbNotifs();
// Forcibly register the new user on default forums.
$registeredForums = array('xorg.general', 'xorg.pa.divers', 'xorg.pa.logements');
if ($isX) {
$promoForum = 'xorg.promo.' . strtolower($promo);
$exists = XDB::fetchOneCell('SELECT COUNT(*)
FROM forums
WHERE name = {?}', $promoForum);
if ($exists == 0) {
// Notify the newsgroup admin of the promotion forum needs be created.
$promoFull = new UserFilter(new UFC_Promo('=', UserFilter::DISPLAY, $promo));
$promoRegistered = new UserFilter(new PFC_And(new UFC_Promo('=', UserFilter::DISPLAY, $promo), new UFC_Registered(true), new PFC_Not(new UFC_Dead())));
if ($promoRegistered->getTotalCount() > 0.2 * $promoFull->getTotalCount()) {
$mymail = new PlMailer('admin/forums-promo.mail.tpl');
$mymail->assign('promo', $promo);
$mymail->send();
}
} else {
$registeredForums[] = $promoForum;
}
}
foreach ($registeredForums as $forum) {
XDB::execute("INSERT INTO forum_subs (fid, uid)\n SELECT fid, {?}\n FROM forums\n WHERE name = {?}", $uid, $val);
}
// Update the global registration count stats.
$globals->updateNbIns();
//
// Update collateral data sources, and inform watchers by email.
//
// Email the referrer(s) of this new user.
$res = XDB::iterRow("SELECT sender, GROUP_CONCAT(email SEPARATOR ', ') AS mails, MAX(last) AS lastDate\n FROM register_marketing\n WHERE uid = {?}\n GROUP BY sender\n ORDER BY lastDate DESC", $uid);
XDB::execute("UPDATE register_mstats\n SET success = NOW()\n WHERE uid = {?}", $uid);
$market = array();
while (list($senderid, $maketingEmails, $lastDate) = $res->next()) {
$sender = User::getWithUID($senderid);
$market[] = " - par {$sender->fullName()} sur {$maketingEmails} (le plus récemment le {$lastDate})";
$mymail = new PlMailer('register/marketer.mail.tpl');
$mymail->setSubject("{$firstname} {$lastname} s'est inscrit à Polytechnique.org !");
$mymail->setTo($sender);
$mymail->assign('sender', $sender);
$mymail->assign('firstname', $firstname);
$mymail->assign('lastname', $lastname);
$mymail->assign('promo', $promo);
$mymail->assign('sex', $sex);
$mymail->setTxtBody(wordwrap($msg, 72));
$mymail->send();
}
// Email the plat/al administrators about the registration.
if ($globals->register->notif) {
$mymail = new PlMailer('register/registration.mail.tpl');
$mymail->setSubject("Inscription de {$firstname} {$lastname} ({$promo})");
$mymail->assign('firstname', $firstname);
$mymail->assign('lastname', $lastname);
$mymail->assign('promo', $promo);
$mymail->assign('sex', $sex);
$mymail->assign('birthdate', $birthdate);
$mymail->assign('birthdate_ref', $birthdate_ref);
$mymail->assign('forlife', $forlife);
$mymail->assign('email', $email);
$mymail->assign('logger', S::logger());
if (count($market) > 0) {
$mymail->assign('market', implode("\n", $market));
}
$mymail->setTxtBody($msg);
$mymail->send();
}
// Remove old pending marketing requests for the new user.
Marketing::clear($uid);
pl_redirect('profile/edit');
}
function handler_acreate($page)
{
if (!$this->get_lists_domain()) {
return PL_NOT_FOUND;
}
$page->changeTpl('xnetlists/alias-create.tpl');
if (!Post::has('submit')) {
return;
} else {
S::assert_xsrf_token();
}
if (!Post::has('liste')) {
$page->trigError('Le champs « adresse souhaitée » est vide.');
return;
}
$list = Post::v('liste');
if (!preg_match("/^[a-zA-Z0-9\\-\\.]*\$/", $list)) {
$page->trigError('Le nom de l\'alias ne doit contenir que des lettres,' . ' chiffres, tirets et points.');
return;
}
require_once 'emails.inc.php';
$lists_domain = $this->get_lists_domain();
if (list_exist($list, $lists_domain)) {
$page->trigError('Cet alias est déjà pris.');
return;
}
add_to_list_alias(S::i('uid'), $list, $lists_domain);
pl_redirect('alias/admin/' . $list . '@' . $lists_domain);
}
function handler_issues($page, $action = '')
{
static $issueList = array('name' => 'noms', 'phone' => 'téléphones', 'education' => 'formations', 'address' => 'adresses', 'job' => 'emplois');
static $typeList = array('name' => 'general', 'phone' => 'general', 'education' => 'general', 'address' => 'adresses', 'job' => 'emploi');
if (!array_key_exists($action, $issueList)) {
pl_redirect('fusionax');
} else {
$total = XDB::fetchOneCell('SELECT COUNT(*)
FROM profile_merge_issues
WHERE FIND_IN_SET({?}, issues)', $action);
if ($total == 0) {
pl_redirect('fusionax');
}
$issues = XDB::fetchAllAssoc('SELECT p.hrpid, pd.directory_name, pd.promo
FROM profile_merge_issues AS pm
INNER JOIN profiles AS p ON (pm.pid = p.pid)
INNER JOIN profile_display AS pd ON (pd.pid = p.pid)
WHERE FIND_IN_SET({?}, pm.issues)
ORDER BY pd.directory_name
LIMIT 100', $action);
$page->changeTpl('fusionax/other_issues.tpl');
$page->assign('issues', $issues);
$page->assign('issue', $issueList[$action]);
$page->assign('type', $typeList[$action]);
$page->assign('total', $total);
}
}
/**
* $model: The way of presenting the results: minifiche, trombi, geoloc.
* $byletter: Show only names beginning with this letter
*/
function handler_quick($page, $model = null, $byletter = null)
{
global $globals;
if (Env::has('quick') || $model == 'geoloc') {
$quick = Env::t('quick');
if (S::logged() && !Env::has('page')) {
S::logger()->log('search', 'quick=' . $quick);
}
if ($quick == '') {
$page->trigWarning('Aucun critère de recherche n\'est spécifié.');
$page->changeTpl('search/index.tpl');
$page->setTitle('Annuaire');
$page->assign('formulaire', 1);
return;
}
$list = 'profile|prf|fiche|fic|referent|ref|mentor';
if (S::admin()) {
$list .= '|admin|adm|ax';
}
$suffixes = array_keys(DirEnum::getOptions(DirEnum::ACCOUNTTYPES));
$suffixes = implode('|', $suffixes);
if (preg_match('/^(' . $list . '):([-a-z]+(\\.[-a-z]+(\\.(?:[md]?\\d{2,4}|' . $suffixes . '))?)?)$/', replace_accent($quick), $matches)) {
$login = $matches[2];
switch ($matches[1]) {
case 'admin':
case 'adm':
$base = 'admin/user/';
break;
case 'ax':
$base = 'profile/ax/';
break;
case 'profile':
case 'prf':
case 'fiche':
case 'fic':
$base = 'profile/';
break;
case 'referent':
case 'ref':
case 'mentor':
$base = 'referent/';
break;
}
$user = User::getSilent($login);
if ($user) {
pl_redirect($base . $user->login());
}
Get::set('quick', $login);
} elseif (strpos($quick, 'doc:') === 0) {
$url = 'Docs/Recherche?';
$url .= 'action=search&q=' . urlencode(substr($quick, 4));
$url .= '&group=' . urlencode('-Equipe,-Main,-PmWiki,-Site,-Review');
pl_redirect($url);
} elseif (strpos($quick, 'trombi:') === 0) {
$promo = substr($quick, 7);
$res = XDB::query("SELECT diminutif\n FROM groups\n WHERE cat = 'Promotions' AND diminutif = {?}", $promo);
if ($res->numRows() == 0) {
$page->trigWarning("La promotion demandée n'est pas valide: {$promo}");
} else {
http_redirect('http://www.polytechnique.net/login/' . $promo . '/annuaire/trombi');
}
}
$page->assign('formulaire', 0);
require_once 'userset.inc.php';
$view = new QuickSearchSet();
$view->addMod('minifiche', 'Mini-fiches', true, array('with_score' => true, 'starts_with' => $byletter));
$view->addMod('map', 'Planisphère');
if (S::logged() && !Env::i('nonins')) {
$view->addMod('trombi', 'Trombinoscope', false, array('with_promo' => true, 'with_score' => true));
}
$view->apply('search', $page, $model);
$nb_tot = $view->count();
$page->assign('search_results_nb', $nb_tot);
if (!S::logged() && $nb_tot > $globals->search->public_max) {
$page->trigError('Votre recherche a généré trop de résultats pour un affichage public.');
} elseif ($nb_tot > $globals->search->private_max) {
$page->trigError('Recherche trop générale. Une <a href="search/adv">recherche avancée</a> permet de préciser la recherche.');
} elseif (empty($nb_tot)) {
$page->trigError('Il n\'existe personne correspondant à ces critères dans la base !');
}
} else {
$page->assign('formulaire', 1);
}
$page->changeTpl('search/index.tpl');
$page->setTitle('Annuaire');
}
function handler_edit_announce($page, $aid = null)
{
global $globals, $platal;
$page->changeTpl('xnetgrp/announce-edit.tpl');
$page->assign('new', is_null($aid));
$art = array();
if (Post::v('valid') == 'Visualiser' || Post::v('valid') == 'Enregistrer' || Post::v('valid') == 'Supprimer l\'image' || Post::v('valid') == 'Pas d\'image') {
S::assert_xsrf_token();
if (!is_null($aid)) {
$art['id'] = $aid;
}
$art['titre'] = Post::v('titre');
$art['texte'] = Post::v('texte');
$art['contacts'] = Post::v('contacts');
$art['promo_min'] = Post::i('promo_min');
$art['promo_max'] = Post::i('promo_max');
$art['nom'] = S::v('nom');
$art['prenom'] = S::v('prenom');
$art['promo'] = S::v('promo');
$art['hruid'] = S::user()->login();
$art['uid'] = S::user()->id();
$art['expiration'] = Post::v('expiration');
$art['public'] = Post::has('public');
$art['xorg'] = Post::has('xorg');
$art['nl'] = Post::has('nl');
$art['event'] = Post::v('event');
$upload = new PlUpload(S::user()->login(), 'xnetannounce');
$this->upload_image($page, $upload);
$art['contact_html'] = $art['contacts'];
if ($art['event']) {
$art['contact_html'] .= "\n{$globals->baseurl}/{$platal->ns}events/sub/{$art['event']}";
}
if (!$art['public'] && ($art['promo_min'] > $art['promo_max'] && $art['promo_max'] != 0 || $art['promo_min'] != 0 && ($art['promo_min'] <= 1900 || $art['promo_min'] >= 2020) || $art['promo_max'] != 0 && ($art['promo_max'] <= 1900 || $art['promo_max'] >= 2020))) {
$page->trigError("L'intervalle de promotions est invalide.");
Post::kill('valid');
}
if (!trim($art['titre']) || !trim($art['texte'])) {
$page->trigError("L'article doit avoir un titre et un contenu.");
Post::kill('valid');
}
if (Post::v('valid') == 'Supprimer l\'image') {
$upload->rm();
Post::kill('valid');
}
$art['photo'] = $upload->exists() || Post::i('photo');
if (Post::v('valid') == 'Pas d\'image' && !is_null($aid)) {
XDB::query('DELETE FROM group_announces_photo
WHERE eid = {?}', $aid);
$upload->rm();
Post::kill('valid');
$art['photo'] = false;
}
}
if (Post::v('valid') == 'Enregistrer') {
$promo_min = $art['public'] ? 0 : $art['promo_min'];
$promo_max = $art['public'] ? 0 : $art['promo_max'];
$flags = new PlFlagSet();
if ($art['public']) {
$flags->addFlag('public');
}
if ($art['photo']) {
$flags->addFlag('photo');
}
if (is_null($aid)) {
$fulltext = $art['texte'];
if (!empty($art['contact_html'])) {
$fulltext .= "\n\n'''Contacts :'''\\\\\n" . $art['contact_html'];
}
$post = null;
if ($globals->asso('forum')) {
require_once 'banana/forum.inc.php';
$banana = new ForumsBanana(S::user());
$post = $banana->post($globals->asso('forum'), null, $art['titre'], MiniWiki::wikiToText($fulltext, false, 0, 80));
}
XDB::query('INSERT INTO group_announces (uid, asso_id, create_date, titre, texte, contacts,
expiration, promo_min, promo_max, flags, post_id)
VALUES ({?}, {?}, NOW(), {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})', S::i('uid'), $globals->asso('id'), $art['titre'], $art['texte'], $art['contact_html'], $art['expiration'], $promo_min, $promo_max, $flags, $post);
$aid = XDB::insertId();
if ($art['photo']) {
list($imgx, $imgy, $imgtype) = $upload->imageInfo();
XDB::execute('INSERT INTO group_announces_photo
SET eid = {?}, attachmime = {?}, x = {?}, y = {?}, attach = {?}', $aid, $imgtype, $imgx, $imgy, $upload->getContents());
}
if ($art['xorg']) {
$article = new EvtReq("[{$globals->asso('nom')}] " . $art['titre'], $fulltext, $art['promo_min'], $art['promo_max'], $art['expiration'], "", S::user(), $upload);
$article->submit();
$page->trigWarning("L'affichage sur la page d'accueil de Polytechnique.org est en attente de validation.");
} else {
if ($upload && $upload->exists()) {
$upload->rm();
}
}
if ($art['nl']) {
$article = new NLReq(S::user(), $globals->asso('nom') . " : " . $art['titre'], $art['texte'], $art['contact_html']);
$article->submit();
$page->trigWarning("La parution dans la Lettre Mensuelle est en attente de validation.");
}
} else {
XDB::query('UPDATE group_announces
SET titre = {?}, texte = {?}, contacts = {?}, expiration = {?},
promo_min = {?}, promo_max = {?}, flags = {?}
WHERE id = {?} AND asso_id = {?}', $art['titre'], $art['texte'], $art['contacts'], $art['expiration'], $promo_min, $promo_max, $flags, $art['id'], $globals->asso('id'));
if ($art['photo'] && $upload->exists()) {
list($imgx, $imgy, $imgtype) = $upload->imageInfo();
XDB::execute('INSERT INTO group_announces_photo (eid, attachmime, attach, x, y)
VALUES ({?}, {?}, {?}, {?}, {?})
ON DUPLICATE KEY UPDATE attachmime = VALUES(attachmime), attach = VALUES(attach), x = VALUES(x), y = VALUES(y)', $aid, $imgtype, $upload->getContents(), $imgx, $imgy);
$upload->rm();
}
}
}
if (Post::v('valid') == 'Enregistrer' || Post::v('valid') == 'Annuler') {
pl_redirect("");
}
if (empty($art) && !is_null($aid)) {
$res = XDB::query("SELECT *, FIND_IN_SET('public', flags) AS public,\n FIND_IN_SET('photo', flags) AS photo\n FROM group_announces\n WHERE asso_id = {?} AND id = {?}", $globals->asso('id'), $aid);
if ($res->numRows()) {
$art = $res->fetchOneAssoc();
$art['contact_html'] = $art['contacts'];
} else {
$page->kill("Aucun article correspond à l'identifiant indiqué.");
}
}
if (is_null($aid)) {
$events = XDB::iterator("SELECT *\n FROM group_events\n WHERE asso_id = {?} AND archive = 0", $globals->asso('id'));
if ($events->total()) {
$page->assign('events', $events);
}
}
$art['contact_html'] = @MiniWiki::WikiToHTML($art['contact_html']);
$page->assign('art', $art);
$page->assign_by_ref('upload', $upload);
}
