private function load_skin() { global $globals; //Force h4ck3s (reloaded) /* $gf = new GroupFilter((Group::isId('h4ck3s')) ? new GFC_Id('h4ck3s') : new GFC_Name('h4ck3s')); $group = $gf->get(true); if(!S::user()->hasRights($group, new Rights('member')) && !isSmartphone()){ S::set('skin', 'default.h4ck3s'); } */ if (!S::has('skin') || S::v('skin') == "") { if (Cookie::has('skin')) { $skin = Cookie::v('skin'); } else { $skin = isSmartphone() ? $globals->smartphone_skin : $globals->skin; } S::set('skin', $skin); } else { $skin = S::v('skin'); if (S::v('auth') >= AUTH_COOKIE && Cookie::v('skin') != $skin) { Cookie::set('skin', $skin, 300); } } return $skin; }
function handler_set_skin($page) { S::assert_xsrf_token(); S::set('skin', Post::s('change_skin')); if (!empty($_SERVER['HTTP_REFERER'])) { http_redirect($_SERVER['HTTP_REFERER']); } else { pl_redirect('/'); } }
private static function init($type) { if (Platal::globals()->cacheEnabled() && S::has('__DE_' . $type)) { self::$enumerations[$type] = S::v('__DE_' . $type); } else { $cls = "DE_" . ucfirst($type); $obj = new $cls(); self::$enumerations[$type] = $obj; if (Platal::globals()->cacheEnabled() && $obj->capabilities & DirEnumeration::SAVE_IN_SESSION) { S::set('__DE_' . $type, $obj); } } }
public function stopSUID() { $perms = S::suid('perms'); if (!parent::stopSUID()) { return false; } S::kill('may_update'); S::kill('is_member'); S::set('perms', $perms); return true; }
public function updateNbNotifs() { require_once 'notifs.inc.php'; $user = S::user(); $n = Watch::getCount($user); S::set('notifs', $n); }
function handler_password($page) { global $globals; if (Post::has('pwhash') && Post::t('pwhash')) { S::assert_xsrf_token(); S::set('password', $password = Post::t('pwhash')); XDB::execute('UPDATE accounts SET password = {?} WHERE uid={?}', $password, S::i('uid')); // If GoogleApps is enabled, and the user did choose to use synchronized passwords, // updates the Google Apps password as well. if ($globals->mailstorage->googleapps_domain) { require_once 'googleapps.inc.php'; $account = new GoogleAppsAccount(S::user()); if ($account->active() && $account->sync_password) { $account->set_password($password); } } S::logger()->log('passwd'); Platal::session()->setAccessCookie(true); $page->changeTpl('platal/password.success.tpl'); $page->run(); } $page->changeTpl('platal/password.tpl'); $page->setTitle('Mon mot de passe'); $page->assign('do_auth', 0); }
function handler_emails($page, $action = null, $email = null) { global $globals; require_once 'emails.inc.php'; $page->changeTpl('emails/index.tpl'); $page->setTitle('Mes emails'); $user = S::user(); // Apply the bestalias change request. if ($action == 'best' && $email) { if (!S::has_xsrf_token()) { return PL_FORBIDDEN; } // First delete the bestalias flag from all this user's emails. XDB::execute("UPDATE email_source_account\n SET flags = TRIM(BOTH ',' FROM REPLACE(CONCAT(',', flags, ','), ',bestalias,', ','))\n WHERE uid = {?}", $user->id()); // Then gives the bestalias flag to the given email. list($email, $domain) = explode('@', $email); XDB::execute("UPDATE email_source_account AS s\n INNER JOIN email_virtual_domains AS m ON (m.id = s.domain)\n INNER JOIN email_virtual_domains AS d ON (d.aliasing = m.id)\n SET flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'bestalias')\n WHERE s.uid = {?} AND s.email = {?} AND d.name = {?}", $user->id(), $email, $domain); XDB::execute('UPDATE accounts AS a INNER JOIN email_virtual_domains AS d ON (d.name = {?}) INNER JOIN email_virtual_domains AS m ON (d.aliasing = m.id) SET a.best_domain = d.id WHERE a.uid = {?} AND m.name = {?}', $domain, $user->id(), $user->mainEmailDomain()); // As having a non-null bestalias value is critical in // plat/al's code, we do an a posteriori check on the // validity of the bestalias. fix_bestalias($user); // Then refetch the user to update its bestalias. S::set('user', User::getWithUID(S::user()->id())); } // Fetch and display aliases. $aliases = XDB::iterator("SELECT CONCAT(s.email, '@', d.name) AS email, (s.type = 'forlife') AS forlife,\n (s.email REGEXP '\\\\.[0-9]{2}\$') AS hundred_year, s.expire,\n (FIND_IN_SET('bestalias', s.flags) AND a.best_domain = d.id) AS bestalias,\n ((s.type = 'alias_aux') AND d.aliasing = d.id) AS alias\n FROM email_source_account AS s\n INNER JOIN accounts AS a ON (s.uid = a.uid)\n INNER JOIN email_virtual_domains AS m ON (s.domain = m.id)\n INNER JOIN email_virtual_domains AS d ON (d.aliasing = m.id)\n WHERE s.uid = {?}\n ORDER BY !alias, s.email, d.name", $user->id()); $aliases_forlife = array(); $aliases_hundred = array(); $aliases_other = array(); while ($a = $aliases->next()) { if ($a['forlife']) { $aliases_forlife[] = $a; } elseif ($a['hundred_year']) { $aliases_hundred[] = $a; } else { $aliases_other[] = $a; } } $page->assign('aliases_forlife', $aliases_forlife); $page->assign('aliases_hundred', $aliases_hundred); $page->assign('aliases_other', $aliases_other); $alias = XDB::fetchOneCell('SELECT COUNT(email) FROM email_source_account WHERE uid = {?} AND type = \'alias_aux\'', $user->id()); $page->assign('alias', $alias); // Check for homonyms. $page->assign('homonyme', $user->homonyme); // Display active redirections. $redirect = new Redirect($user); $page->assign('mails', $redirect->active_emails()); // User's mail domains. $mail_domains = array($user->alternateEmailDomain()); $mail_domains[] = User::$sub_mail_domains['all'] . $globals->mail->domain; $mail_domains[] = User::$sub_mail_domains['all'] . $globals->mail->domain2; $page->assign('main_email_domain', $user->mainEmailDomain()); $page->assign('mail_domains', $mail_domains); }
public static function getSilentWithValues($login, $values) { global $globals; if ($login == 0) { // If the anonymous_user is already in session if (S::has('anonymous_user')) { return S::v('anonymous_user'); } $uid = IPAddress::getInstance()->is_x_internal() ? $globals->anonymous->internal : $globals->anonymous->external; S::set('newuid', $uid); try { $u = new User($uid); $u->select(UserSelect::login()); } catch (Exception $e) { S::kill('newuid'); throw $e; } S::kill('newuid'); S::set('anonymous_user', $u); return $u; } throw new Exception('DEPRECATED call to getSilentWithValues()'); }
function handler_skin_resmartphone($page, $url) { global $globals; S::set('skin', $globals->smartphone_skin); pl_redirect($url); exit; }
function handler_edit($page) { global $globals; $user = S::user(); if (empty($user)) { return PL_NOT_FOUND; } if ($user->type != 'xnet') { pl_redirect('index'); } $page->changeTpl('xnet/edit.tpl'); if (Post::has('change')) { S::assert_xsrf_token(); // Convert user status to X if (!Post::blank('login_X')) { $forlife = $this->changeLogin($page, $user, Post::t('login_X')); if ($forlife) { pl_redirect('index'); } } require_once 'emails.inc.php'; require_once 'name.func.inc.php'; // Update user info $lastname = capitalize_name(Post::t('lastname')); $firstname = capitalize_name(Post::t('firstname')); $full_name = build_full_name($firstname, $lastname); $directory_name = build_directory_name($firstname, $lastname); $sort_name = build_sort_name($firstname, $lastname); XDB::query('UPDATE accounts SET full_name = {?}, directory_name = {?}, sort_name = {?}, display_name = {?}, firstname = {?}, lastname = {?}, sex = {?} WHERE uid = {?}', $full_name, $directory_name, $sort_name, Post::t('display_name'), Post::t('firstname'), Post::t('lastname'), Post::t('sex') == 'male' ? 'male' : 'female', $user->id()); // Updates email. $new_email = strtolower(Post::t('email')); if (require_email_update($user, $new_email)) { XDB::query('UPDATE accounts SET email = {?} WHERE uid = {?}', $new_email, $user->id()); $listClient = new MMList(S::user()); $listClient->change_user_email($user->forlifeEmail(), $new_email); update_alias_user($user->forlifeEmail(), $new_email); } $user = User::getWithUID($user->id()); S::set('user', $user); $page->trigSuccess('Données mises à jour.'); } $page->addJsLink('password.js'); $page->assign('user', $user); }
/** Start a session as user $user */ protected function startSessionAs($user, $level) { /* Session data and required data mismatch */ if (!is_null(S::v('user')) && S::v('user')->id() != $user->id() || S::has('uid') && S::i('uid') != $user->id()) { return false; } else { if (S::has('uid')) { return true; } } /* If we want to do a SUID */ if ($level == AUTH_SUID) { S::set('auth', AUTH_MDP); } S::set('user', $user); S::set('uid', $user->id()); if (!isSmartphone()) { S::set('skin', $user->skin()); } if (!S::suid()) { if (Post::v('remember', 'false') == 'on') { $this->setAccessCookie(false); } S::logger()->saveLastSession(); } else { S::logger()->log("suid_start", S::v('hruid') . ' by ' . S::suid('hruid')); } // Set session perms from User perms S::set('perms', $user->perms()); /* Clean temp var 'cookie_uid' */ S::kill('cookie_uid'); return true; }