public function __construct() { global $globals; parent::__construct(); // Set the default page $this->changeTpl('platal/index.tpl'); if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false) { $this->addJsLink('json2.js'); } $this->addJsLink('jquery.xorg.js'); $this->addJsLink('overlib.js'); $this->addJsLink('core.js'); $this->addJsLink('xorg.js'); if ($globals->core->sentry_js_dsn) { $this->addJsLink('raven.min.js'); } $this->setTitle('le site des élèves et anciens élèves de l\'École polytechnique'); if (S::logged() && S::user()->checkPerms('admin')) { $types = array(S::user()->type); $perms = DirEnum::getOptions(DirEnum::ACCOUNTTYPES); ksort($perms); foreach ($perms as $type => $perm) { if (!empty($perm) && $type != $types[0]) { $types[] = $type; } } $this->assign('account_types_list', $types); $skins = DirEnum::getOptions(DirEnum::SKINS); asort($skins); $this->assign('skin_list', $skins); } }
public static function assign_json_to_map(PlPage $page, $pids = null) { if (!is_null($pids)) { $where = XDB::format(' AND pa.pid IN {?}', $pids); } else { $where = ''; } if (!S::logged() || !S::user()->checkPerms('directory_ax')) { $where .= " AND pa.pub = 'public'"; $name_publicity = 'public'; } else { if (!S::user()->checkPerms('directory_private')) { $where .= " AND pa.pub = 'ax'"; $name_publicity = 'public'; } else { $name_publicity = 'private'; } } $data = XDB::rawFetchAllAssoc('SELECT pa.latitude, pa.longitude, GROUP_CONCAT(DISTINCT p.hrpid SEPARATOR \',\') AS hrpid, GROUP_CONCAT(pd.promo SEPARATOR \',\') AS promo, GROUP_CONCAT(DISTINCT pd.' . $name_publicity . '_name, \' (\', pd.promo, \')\' SEPARATOR \', \') AS name, GROUP_CONCAT(DISTINCT pa.pid SEPARATOR \',\') AS pid FROM profile_addresses AS pa INNER JOIN profiles AS p ON (pa.pid = p.pid) INNER JOIN profile_display AS pd ON (pd.pid = pa.pid) WHERE pa.type = \'home\' AND p.deathdate IS NULL AND pa.latitude IS NOT NULL AND pa.longitude IS NOT NULL' . $where . ' GROUP BY pa.latitude, pa.longitude'); $page->jsonAssign('data', $data); }
function handler_news($page, $id = false) { if (S::logged()) { $this->handler_news_new($page, $id); } else { $this->handler_news_current($page, $id); } }
function handler_out($page, $hash = null, $issue_id = null) { $hash = $hash == 'nohash' ? null : $hash; if (!$hash) { if (!S::logged()) { return PL_DO_AUTH; } } return $this->handler_nl($page, 'out', $hash, $issue_id); }
public function force_login(PlPage $page) { header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden'); if (S::logged()) { $page->changeTpl('core/password_prompt_logged.tpl'); } else { $page->changeTpl('core/password_prompt.tpl'); } $page->assign_by_ref('platal', $this); $page->run(); }
public static function defaultForEdit($max_level = null) { if (!S::logged()) { $vis = self::get(self::VIEW_NONE); } else { $vis = S::user()->editVisibility(); } if ($max_level != null) { return $vis->restrict($max_level); } else { return $vis; } }
public function startAvailableAuth() { if (!S::logged() && Get::has('auth')) { if (!$this->start(AUTH_PASSWD)) { return false; } } global $globals; if (!S::logged() && $globals->xnet->auth_baseurl) { // prevent connection to be linked to disconnection if (($i = strpos($_SERVER['REQUEST_URI'], 'exit')) !== false) { $returl = "http://{$_SERVER['SERVER_NAME']}" . substr($_SERVER['REQUEST_URI'], 0, $i); } else { $returl = "http://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}"; } $url = $globals->xnet->auth_baseurl; $url .= "?session=" . session_id(); $url .= "&challenge=" . S::v('challenge'); $url .= "&pass="******"&url=" . urlencode($returl); S::set('loginX', $url); } if (S::logged() && $globals->asso()) { $perms = S::v('perms'); $perms->rmFlag('groupadmin'); $perms->rmFlag('groupmember'); $perms->rmFlag('groupannu'); if (may_update()) { $perms->addFlag('groupadmin'); $perms->addFlag('groupmember'); $perms->addFlag('groupannu'); } if (is_member()) { $perms->addFlag('groupmember'); if ($globals->asso('pub') != 'private') { $perms->addFlag('groupannu'); } } else { if ($globals->asso('pub') == 'public') { $perms->addFlag('groupannu'); } } if ($globals->asso('cat') == 'Promotions') { $perms->addFlag('groupannu'); } S::set('perms', $perms); } return true; }
function smarty_function_poison($params, $smarty) { if (S::logged()) { return ''; } $count = isset($params['count']) ? $params['count'] : 20; $seed = isset($params['seed']) ? $params['seed'] : date('r'); Platal::load('poison', 'poison.inc.php'); $emails = get_poison_emails($seed, $count); $str = "<textarea>"; foreach ($emails as $email) { $str .= "<a href=\"mailto:{$email}\">{$email}</a> "; } return $str . '</textarea>'; }
function handler_sso($page) { $this->load('sso.inc.php'); // First, perform security checks. if (!wats4u_sso_check()) { return PL_BAD_REQUEST; } global $globals; if (!S::logged()) { // Request auth. $page->assign('external_auth', true); $page->assign('ext_url', $globals->wats4u->public_url); $page->setTitle('Authentification'); $page->setDefaultSkin('group_login'); $page->assign('group', null); return PL_DO_AUTH; } if (!S::user()->checkPerms(PERMS_USER)) { // External (X.net) account return PL_FORBIDDEN; } // Update the last login information (unless the user is in SUID). $uid = S::i('uid'); if (!S::suid()) { global $platal; S::logger($uid)->log('connexion_wats4u', $platal->path . ' ' . urldecode($_GET['url'])); } // If we logged in specifically for this 'external_auth' request // and didn't want to "keep access to services", we kill the session // just before returning. // See classes/xorgsession.php:startSessionAs if (S::b('external_auth_exit')) { S::logger()->log('deconnexion', @$_SERVER['HTTP_REFERER']); Platal::session()->killAccessCookie(); Platal::session()->destroy(); } // Compute return URL $full_return = wats4u_sso_build_return_url(S::user()); if ($full_return === "") { // Something went wrong $page->kill("Erreur dans le traitement de la requête Wats4U."); } http_redirect($full_return); }
function handler_ig_search($page) { if (Env::has('quick') && Env::s('quick') != '') { global $globals; require_once 'userset.inc.php'; $view = new QuickSearchSet(); $view->addMod('gadget', 'Gadget', true); $view->apply(null, $page); $nb_tot = $view->count(); $page->assign('result_count', $nb_tot); if (!S::logged() && $nb_tot > $globals->search->public_max) { $page->assign('error', 'Votre recherche a généré trop de résultats pour un affichage public.'); } elseif ($nb_tot > $globals->search->private_max) { $page->assign('error', 'Recherche trop générale.'); } elseif (empty($nb_tot)) { $page->assign('error', 'Il n\'existe personne correspondant à ces critères dans la base !'); } else { $page->assign('error', false); } } require_once 'gadgets/gadgets.inc.php'; init_igoogle_html('gadgets/ig-search.tpl', AUTH_PUBLIC); }
function check_surveyPerms($page, $survey, $silent = false, $admin_allowed = true) { $this->load('survey.inc.php'); if ($survey->isMode(Survey::MODE_ALL)) { // if the survey is not reserved to alumni return true; } if (!S::logged()) { return false; } $profile = S::user()->profile(); if (!$profile) { return false; } // checks promotion $allowed = false; foreach ($profile->yearspromo() as $p) { if ($survey->checkPromo($p)) { $allowed = true; break; } } if ($allowed) { return true; } if (S::admin() && $admin_allowed) { if (!$silent) { $page->trigWarning('Tu as accès à ce sondage car tu es administrateur du site.'); } return true; } if (!$silent) { $page->kill("Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions."); } return false; }
function handler_openid($page, $login = null) { $this->load('openid.inc.php'); $requested_user = User::getSilent($login); $server = new OpenId(); // Spec §4.1.2: if "openid.mode" is absent, we SHOULD assume that // the request is not an OpenId message. if (!$server->IsOpenIdRequest()) { if ($requested_user) { $server->RenderDiscoveryPage($page, $requested_user); return; } else { pl_redirect('Xorg/OpenId'); } exit; } // Initializes the OpenId environment from the request. $server->Initialize(); // In modes 'checkid_immediate' and 'checkid_setup', we need to check // by ourselves that we want to allow the user to be authenticated. // Otherwise it can simply be forwarded to the Server object. if ($server->IsAuthorizationRequest()) { $authorized = S::logged() && $server->IsUserAuthorized(S::user()) && $server->IsEndpointTrusted(S::user()); if ($authorized) { // TODO(vzanotti): SReg requests are currently not honored if // the website is already trusted. We may want to redirect SReg // requests to /openid/trust, to allow the user to choose. $server->AnswerRequest(true); } else { if ($server->IsImmediateRequest()) { $server->AnswerRequest(false); } else { // The user is currently not authorized to get her authorization // request approved. Two possibilities: // * the endpoint is not yet trusted => redirect to openid/trust // * the user is not logged in => log in the user. // // The second case requires a special handling when the request // was POSTed, as our current log in mechanism does not preserve // POST arguments. $openid_args = $server->GetQueryStringForRequest(); if (S::logged()) { pl_redirect('openid/trust', $openid_args); } else { if (Post::has('openid_mode')) { pl_redirect('openid', $openid_args); } else { return PL_DO_AUTH; } } } } } else { $server->HandleRequest(); } // All requests should have been answered at this point. The best here // is to get the user back to a safe page. pl_redirect(''); }
function handler_skin($page) { if (Env::v('skin', '') != '') { S::set('skin', Env::v('skin')); if (S::logged()) { S::user()->skin(Env::v('skin')); } } $res = XDB::query('SELECT s.name, s.label, s.description, COUNT(a.skin) frequency FROM skins AS s LEFT JOIN account AS a ON a.skin = s.name WHERE s.visibility = 1 GROUP BY s.name ORDER BY frequency DESC'); $skins = $res->fetchAllAssoc(); $total = 0; foreach ($skins as $skin) { $total += $skin['frequency']; } $page->assign('total', $total); $page->assign('skinsList', $skins); $page->assign('title', "Modification de l'habillage"); $page->addCssLink('profile.css'); $page->changeTpl("profile/skins.tpl"); }
private function useMenu() { global $globals; $menu = array(); $sub = array(); $sub['tous les groupes'] = 'plan'; $sub['documentation'] = 'Xnet'; if (S::user()->type == 'xnet') { $sub['mon compte'] = 'edit'; $sub['mes préférences'] = $globals->xnet->xorg_baseurl . 'prefs'; } $sub['signaler un bug'] = array('href' => 'send_bug/' . $_SERVER['REQUEST_URI'], 'class' => 'popup_840x600'); $menu["no_title"] = $sub; $perms = S::v('perms'); $dim = $globals->asso('diminutif'); if (S::logged() && $globals->asso()) { $sub = array(); $sub['présentation'] = "login/{$dim}/"; if ($perms->hasFlag('groupannu')) { $sub['annuaire du groupe'] = "{$dim}/annuaire"; $sub['trombinoscope'] = "{$dim}/trombi"; } if ($globals->asso('forum')) { $sub['forum'] = "{$dim}/forum"; } if ($perms->hasFlag('groupmember')) { if ($globals->asso('mail_domain')) { $sub['listes de diffusion'] = "{$dim}/lists"; } if ($globals->asso('has_nl')) { $sub['newsletter'] = "{$dim}/nl"; } } $sub['événement'] = "{$dim}/events"; if ($perms->hasFlag('groupadmin')) { $sub['télépaiement'] = "{$dim}/payment"; } $menu[$globals->asso('nom')] = $sub; } if ($globals->asso() && is_object($perms) && $perms->hasFlag('groupadmin')) { $sub = array(); $sub['modifier l\'accueil'] = "{$dim}/edit"; $sub['gérer les annonces'] = "{$dim}/admin/announces"; if ($globals->asso('mail_domain')) { if (!$globals->asso('disable_mails')) { $sub['envoyer un mail'] = "{$dim}/mail"; } $sub['créer une liste'] = "{$dim}/lists/create"; $sub['créer un alias'] = "{$dim}/alias/create"; } if (!$globals->asso('has_nl')) { $sub['créer la newsletter'] = "{$dim}/admin/nl/enable"; } if (S::admin()) { $sub['gérer les groupes'] = array('href' => 'admin', 'style' => 'color: gray;'); $sub['clear cache'] = array('href' => 'purge_cache?token=' . S::v('xsrf_token'), 'style' => 'color: gray;'); } $menu['Administrer'] = $sub; } elseif (S::admin()) { $sub = array(); $sub['gérer les groupes'] = 'admin'; $sub['clear cache'] = 'purge_cache?token=' . S::v('xsrf_token'); $menu['Administrer'] = $sub; } $this->assign('menu', $menu); }
function manage_ping($page, $id) { if (S::logged()) { $res = XDB::query("SELECT uid, description FROM laf WHERE oid = {?}", $id)->fetchOneAssoc(); $user = new User($res['uid']); $user->select(array(User::SELECT_BASE => array())); $message = 'Un message a été envoyé à ' . $user->displayName() . ' (' . $user->bestEmail() . ') pour lui signaler que tu as retrouvé son objet.'; $page->assign('message', $message); $mail = new FrankizMailer("lostandfound/mail.tpl"); $mail->assign('object', $res); $mail->assign('user', S::user()); $mail->assign('type', 'ping'); $mail->SetFrom(S::user()->bestEmail(), S::user()->displayName()); $mail->AddAddress($user->bestEmail(), $user->displayName()); $mail->subject('[Frankiz] Objet perdu'); $mail->send(false); } else { $page->assign('not_logged', 'true'); } }
public function run() { $skin = $this->load_skin(); $this->assign('skin', S::v('skin')); $user = S::user(); $this->assign('user', $user); $this->assign('logged', !is_null($user) && S::logged()); // Remote IP $this->assign('remip', IPAddress::getInstance()); $this->assign('MiniModules_COL_FLOAT', FrankizMiniModule::get(S::user()->minimodules(FrankizMiniModule::COL_FLOAT))); $this->addCssLink(FrankizMiniModule::batchCss()); // Enable JSON loading of the module only if (Env::has('solo')) { $this->jsonAssign('content', $this->raw()); $this->jsonAssign('title', $this->get_template_vars('title')); $this->jsonAssign('pl_css', $this->get_template_vars('pl_css')); $this->jsonAssign('pl_js', $this->get_template_vars('pl_js')); $this->runJSon(); } else { $this->assign('quick_validate', array()); if (S::user()->castes(Rights::admin())->count() > 0) { $validate_filter = new ValidateFilter(new VFC_User(S::user())); $validates = $validate_filter->get()->select(ValidateSelect::quick()); $quick_validate = $validates->split('group'); $this->assign('quick_validate', $quick_validate); } $request_filter = new ValidateFilter(new VFC_Writer(S::user())); $requests = $request_filter->get()->select(ValidateSelect::quick()); $this->assign('self_url', pl_self()); $this->assign('quick_requests', $requests); $this->_run(self::getTplPath('frankiz.tpl')); } }
/** Check whether a password is valid * login_type can be uid, alias (for an email alias), hruid */ private function checkPassword($login, $response, $login_type = 'uid') { if ($login_type == 'alias') { list($forlife, $domain) = explode('@', $login, 2); $res = XDB::query('SELECT s.uid FROM studies AS s LEFT JOIN formations AS f ON (f.formation_id = s.formation_id AND f.domain = {?}) WHERE s.forlife = {?}', $domain, $forlife); $login = $res->fetchOneCell(); $login_type = 'uid'; } $res = XDB::query("SELECT uid, password, hruid\n FROM account\n WHERE {$login_type} = {?} AND state = 'active'", $login); if (list($uid, $password, $hruid) = $res->fetchOneRow()) { if (hash_compare($password, $response)) { if (!S::logged()) { Platal::page()->trigError('Mot de passe ou nom d\'utilisateur invalide'); } else { Platal::page()->trigError('Mot de passe invalide'); } S::logger($uid)->log('auth_fail', 'bad password'); return null; } return $uid; } Platal::page()->trigError('Mot de passe ou nom d\'utilisateur invalide'); return null; }
function handler_index($page, $arg = null) { global $globals, $platal; if (!is_null($arg)) { return PL_NOT_FOUND; } $page->changeTpl('xnetgrp/asso.tpl'); if (S::logged()) { if (Env::has('read')) { XDB::query('DELETE r.* FROM group_announces_read AS r INNER JOIN group_announces AS a ON (a.id = r.announce_id) WHERE expiration < CURRENT_DATE()'); XDB::query('INSERT INTO group_announces_read VALUES ({?}, {?})', Env::i('read'), S::i('uid')); pl_redirect(""); } if (Env::has('unread')) { XDB::query('DELETE FROM group_announces_read WHERE announce_id = {?} AND uid = {?}', Env::i('unread'), S::i('uid')); pl_redirect("#art" . Env::i('unread')); } /* TODO: refines this filter on promotions by using userfilter. */ $user = S::user(); if ($user->hasProfile()) { $promo = XDB::format('{?}', $user->profile()->entry_year); $minCondition = ' OR promo_min <= ' . $promo; $maxCondition = ' OR promo_max >= ' . $promo; } else { $minCondition = ''; $maxCondition = ''; } $arts = XDB::iterator('SELECT a.*, FIND_IN_SET(\'photo\', a.flags) AS photo FROM group_announces AS a LEFT JOIN group_announces_read AS r ON (r.uid = {?} AND r.announce_id = a.id) WHERE asso_id = {?} AND expiration >= CURRENT_DATE() AND (promo_min = 0' . $minCondition . ') AND (promo_max = 0' . $maxCondition . ') AND r.announce_id IS NULL ORDER BY a.expiration', S::i('uid'), $globals->asso('id')); $index = XDB::iterator('SELECT a.id, a.titre, r.uid IS NULL AS nonlu FROM group_announces AS a LEFT JOIN group_announces_read AS r ON (a.id = r.announce_id AND r.uid = {?}) WHERE asso_id = {?} AND expiration >= CURRENT_DATE() AND (promo_min = 0' . $minCondition . ') AND (promo_max = 0' . $maxCondition . ') ORDER BY a.expiration', S::i('uid'), $globals->asso('id')); $page->assign('article_index', $index); } else { $arts = XDB::iterator("SELECT *, FIND_IN_SET('photo', flags) AS photo\n FROM group_announces\n WHERE asso_id = {?} AND expiration >= CURRENT_DATE()\n AND FIND_IN_SET('public', flags)", $globals->asso('id')); $payments = XDB::fetchAllAssoc("SELECT id, text\n FROM payments\n WHERE asso_id = {?} AND NOT FIND_IN_SET('old', flags) AND FIND_IN_SET('public', flags)\n ORDER BY id DESC", $globals->asso('id')); $page->assign('payments', $payments); } if (may_update()) { $subs_valid = XDB::query("SELECT uid\n FROM group_member_sub_requests\n WHERE asso_id = {?}", $globals->asso('id')); $page->assign('requests', $subs_valid->numRows()); } if (!S::hasAuthToken()) { $page->setRssLink("Polytechnique.net :: {$globals->asso("nom")} :: News publiques", $platal->ns . "rss/rss.xml"); } else { $page->setRssLink("Polytechnique.net :: {$globals->asso("nom")} :: News", $platal->ns . 'rss/' . S::v('hruid') . '/' . S::user()->token . '/rss.xml'); } $page->assign('articles', $arts); }
function handler_exit($page, $level = null) { if (S::suid()) { $old = S::user()->login(); S::logger()->log('suid_stop', $old . " by " . S::suid('hruid')); Platal::session()->stopSUID(); $target = S::s('suid_startpage'); S::kill('suid_startpage'); if (!empty($target)) { http_redirect($target); } pl_redirect('admin/user/' . $old); } if ($level == 'forget' || $level == 'forgetall') { Platal::session()->killAccessCookie(); } if ($level == 'forgetuid' || $level == 'forgetall') { Platal::session()->killLoginFormCookies(); } if (S::logged()) { S::logger()->log('deconnexion', @$_SERVER['HTTP_REFERER']); Platal::session()->destroy(); } if (Get::has('redirect')) { http_redirect(rawurldecode(Get::v('redirect'))); } else { $page->changeTpl('platal/exit.tpl'); } }
function handler_referent($page, $pf) { $page->changeTpl('profile/fiche_referent.tpl', SIMPLE); $pf = Profile::get($pf); if (!$pf) { return PL_NOT_FOUND; } // Referent view are logged. if (S::logged()) { S::logger()->log('view_referent', $pf->hrid()); } $page->assign_by_ref('profile', $pf); // Retrieves referents' countries. $res = XDB::query("SELECT gc.country\n FROM profile_mentor_country AS m\n LEFT JOIN geoloc_countries AS gc ON (m.country = gc.iso_3166_1_a2)\n WHERE pid = {?}", $pf->id()); $page->assign('pays', $res->fetchColumn()); }
function handler_imap_in($page, $hash = null, $login = null) { $page->changeTpl('emails/imap_register.tpl'); $user = null; if (!empty($hash) || !empty($login)) { $user = User::getSilent($login); if ($user) { $req = XDB::query('SELECT 1 FROM newsletter_ins WHERE uid = {?} AND hash = {?}', $user->id(), $hash); if ($req->numRows() == 0) { $user = null; } } } require_once 'emails.inc.php'; $page->assign('ok', false); if (S::logged() && (is_null($user) || $user->id() == S::i('uid'))) { Email::activate_storage(S::user(), 'imap', Bogo::IMAP_DEFAULT); $page->assign('ok', true); $page->assign('yourself', S::user()->displayName()); $page->assign('sexe', S::user()->isFemale()); } else { if (!S::logged() && $user) { Email::activate_storage($user, 'imap', Bogo::IMAP_DEFAULT); $page->assign('ok', true); $page->assign('yourself', $user->displayName()); $page->assign('sexe', $user->isFemale()); } } }
public function setSkin() { if (S::logged() && (!S::has('skin') || S::suid())) { $res = XDB::query('SELECT skin_tpl FROM accounts AS a INNER JOIN skins AS s on (a.skin = s.id) WHERE a.uid = {?} AND skin_tpl != \'\'', S::i('uid')); S::set('skin', $res->fetchOneCell()); } }
function handler_payment($page, $ref = -1) { $page->changeTpl('payment/payment.tpl'); $page->setTitle('Télépaiement'); $this->load('money.inc.php'); $meth = new PayMethod(Env::i('methode', -1)); $pay = new Payment($ref); if (!$pay->flags->hasflag('public') && (!S::user() || !S::logged())) { $page->kill("Vous n'avez pas les permissions nécessaires pour accéder à cette page."); } else { $page->assign('public', true); } if ($pay->flags->hasflag('old')) { $page->kill('La transaction selectionnée est périmée.'); } if (Env::has('montant')) { $pay->amount_def = Env::v('montant'); } $val = Post::v('amount') != 0 ? Post::v('amount') : $pay->amount_def; if (($error = $pay->check($val)) !== true) { $page->trigError($error); } if (Post::has('op') && Post::v('op', 'select') == 'submit') { if (S::logged()) { $user = S::user(); } else { $user = User::getSilent(Post::t('login')); } if (is_null($user)) { $page->trigError("L'identifiant est erroné."); $page->assign('login_error', true); $page->assign('login', Post::t('login')); } else { $pay->init($val, $meth); $pay->prepareform($user); $page->assign('full_name', $user->fullName(true)); $page->assign('sex', $user->isFemale()); } } elseif (S::logged()) { $res = XDB::iterator('SELECT ts_confirmed, amount FROM payment_transactions WHERE uid = {?} AND ref = {?} ORDER BY ts_confirmed DESC', S::v('uid', -1), $pay->id); if ($res->total()) { $page->assign('transactions', $res); } // Only if $id = -1, meaning only for donation the site's association if ($ref == -1) { $biggest_donations = XDB::fetchAllAssoc('SELECT IF(p.display, IF(ap.pid IS NOT NULL, CONCAT(a.full_name, \' (\', pd.promo, \')\'), a.full_name), \'XXXX\') AS name, p.amount, p.ts_confirmed FROM payment_transactions AS p INNER JOIN accounts AS a ON (a.uid = p.uid) LEFT JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET(\'owner\', ap.perms)) LEFT JOIN profile_display AS pd ON (ap.pid = pd.pid) WHERE p.ref = {?} ORDER BY LENGTH(p.amount) DESC, p.amount DESC, name LIMIT 10', $pay->id); $donations = XDB::fetchAllAssoc('(SELECT SUM(amount) AS amount, YEAR(ts_confirmed) AS year, MONTH(ts_confirmed) AS month, ts_confirmed FROM payment_transactions WHERE ref = {?} AND YEAR(ts_confirmed) = YEAR(CURDATE()) GROUP BY month) UNION (SELECT SUM(amount) AS amount, YEAR(ts_confirmed) AS year, 0 AS month, ts_confirmed FROM payment_transactions WHERE ref = {?} AND YEAR(ts_confirmed) < YEAR(CURDATE()) GROUP BY year) ORDER BY year DESC, month DESC', $pay->id, $pay->id); $page->assign('biggest_donations', $biggest_donations); $page->assign('donations', $donations); $page->assign('donation', true); } } $val = floor($val * 100) / 100; $page->assign('amount', $val); $page->assign('comment', Env::v('comment')); $page->assign('meth', $meth); $page->assign('pay', $pay); $page->assign('evtlink', $pay->event()); }
public function __construct(PlFilterCondition $cond = null) { if (!S::logged()) { Env::kill('with_soundex'); } parent::__construct(new UFB_QuickSearch(), $cond); }
function handler_referent($page, $action = null, $subaction = null) { global $globals; $wp = new PlWikiPage('Docs.Emploi'); $wp->buildCache(); $page->setTitle('Emploi et Carrières'); $page->addJsLink('jquery.ui.xorg.js'); // Count mentors $res = XDB::query("SELECT count(distinct pid) FROM profile_mentor_term"); $page->assign('mentors_number', $res->fetchOneCell()); // Search for mentors matching filters require_once 'ufbuilder.inc.php'; $ufb = new UFB_MentorSearch(); if (!$ufb->isEmpty()) { // Search query is logged if (S::logged() && !Env::has('page')) { S::logger()->log('search_referent', 'adv=' . var_export($_GET, true)); } require_once 'userset.inc.php'; $ufc = $ufb->getUFC(); $set = new ProfileSet($ufc); $set->addMod('mentor', 'Référents'); $set->apply('referent/search', $page, $action, $subaction); $nb_tot = $set->count(); if ($nb_tot > $globals->search->private_max) { $this->form_prepare(); $page->trigError('Recherche trop générale.'); $page->assign('plset_count', 0); } else { if ($nb_tot == 0) { $this->form_prepare(); $page->trigError('Il n\'existe personne correspondant à ces critères dans la base.'); } } } $page->changeTpl('search/referent.tpl'); }