public static function fetchById($id)
{
$res = XDB::fetchOneAssoc('SELECT id, shortname, name, url,
has_directory, has_bulkmail,
default_sharing_level, api_uid
FROM profile_partnersharing_enum
WHERE id = {?}', $id);
if ($res == null) {
return null;
} else {
return new PartnerSharing($res);
}
}
function handler_picture_token(PlPage $page, $size, $token)
{
XDB::rawExecute('DELETE FROM profile_photo_tokens
WHERE expires <= NOW()');
$pid = XDB::fetchOneCell('SELECT pid
FROM profile_photo_tokens
WHERE token = {?}', $token);
if ($pid != null) {
$res = XDB::fetchOneAssoc('SELECT attach, attachmime, x, y, last_update
FROM profile_photos
WHERE pid = {?}', $pid);
$photo = PlImage::fromData($res['attach'], 'image/' . $res['attachmime'], $res['x'], $res['y'], $res['last_update']);
$photo->send();
} else {
return PL_NOT_FOUND;
}
}
function get_event_detail($eid, $item_id = false, $asso_id = null)
{
global $globals;
if (is_null($asso_id)) {
$asso_id = $globals->asso('id');
}
if (!$item_id) {
$where = '';
$group_by = 'e.eid';
} else {
$where = XDB::format(' AND ei.item_id = {?}', $item_id);
$group_by = 'ei.item_id';
}
$evt = XDB::fetchOneAssoc('SELECT SUM(nb) AS nb_tot, COUNT(DISTINCT ep.uid) AS nb, e.*, SUM(IF(nb > 0, 1, 0)) AS user_count,
IF(e.deadline_inscription,
e.deadline_inscription >= LEFT(NOW(), 10),
1) AS inscr_open,
LEFT(e.debut, 10) AS first_day, LEFT(e.fin, 10) AS last_day,
LEFT(NOW(), 10) AS now,
ei.titre, e.subscription_notification
FROM group_events AS e
INNER JOIN group_event_items AS ei ON (e.eid = ei.eid)
LEFT JOIN group_event_participants AS ep ON(e.eid = ep.eid AND ei.item_id = ep.item_id)
WHERE (e.eid = {?} OR e.short_name = {?}) AND e.asso_id = {?}' . $where . '
GROUP BY ' . $group_by, $eid, $eid, $asso_id);
if (!$evt) {
return null;
}
if ($GLOBALS['IS_XNET_SITE'] && $evt['accept_nonmembre'] == 0 && !is_member() && !may_update()) {
return false;
}
if (!$item_id) {
/* Don't try to be to smart here, in case we're getting the global summary, we cannot have
* a general formula to estimate the total number of comers since 'moments' may (or may not be)
* disjuncted. As a consequence, we can only provides the number of user having fullfiled the
* registration procedure.
*/
$evt['user_count'] = $evt['nb_tot'] = $evt['nb'];
$evt['titre'] = '';
$evt['item_id'] = 0;
$evt['csv_name'] = urlencode($evt['intitule']);
} else {
$evt['csv_name'] = urlencode($evt['intitule'] . '.' . $evt['titre']);
}
$evt['moments'] = XDB::fetchAllAssoc('SELECT titre, details, montant, ei.item_id, nb,
ep.paid, FIND_IN_SET(\'notify_payment\', ep.flags) AS notify_payment
FROM group_event_items AS ei
LEFT JOIN group_event_participants AS ep ON (ep.eid = ei.eid AND ep.item_id = ei.item_id
AND uid = {?})
WHERE ei.eid = {?}', S::i('uid'), $evt['eid']);
$evt['topay'] = 0;
$evt['paid'] = 0;
$evt['notify_payment'] = false;
foreach ($evt['moments'] as $m) {
$evt['topay'] += $m['nb'] * $m['montant'];
if ($m['montant']) {
$evt['money'] = true;
}
$evt['paid'] += $m['paid'];
$evt['notify_payment'] = $evt['notify_payment'] || $m['notify_payment'];
}
$montant = XDB::fetchOneCell('SELECT SUM(amount) AS sum_amount
FROM payment_transactions AS t
WHERE status = "confirmed" AND ref = {?} AND uid = {?}', $evt['paiement_id'], S::v('uid'));
$evt['telepaid'] = $montant;
$evt['paid'] += $montant;
$evt['organizer'] = User::getSilent($evt['uid']);
$evt['date'] = make_event_date($evt['debut'], $evt['fin']);
$evt['show_participants'] = $evt['show_participants'] && $GLOBALS['IS_XNET_SITE'] && (is_member() || may_update());
return $evt;
}
function handler_register_ext($page, $hash = null)
{
XDB::execute('DELETE FROM register_pending_xnet
WHERE DATE_SUB(NOW(), INTERVAL 1 MONTH) > date');
$res = XDB::fetchOneAssoc('SELECT uid, hruid, email
FROM register_pending_xnet
WHERE hash = {?}', $hash);
if (is_null($hash) || is_null($res)) {
$page->trigErrorRedirect('Cette adresse n\'existe pas ou n\'existe plus sur le serveur.', '');
}
if (Post::has('pwhash') && Post::t('pwhash')) {
XDB::startTransaction();
XDB::query('UPDATE accounts
SET password = {?}, state = \'active\', registration_date = NOW()
WHERE uid = {?} AND state = \'pending\' AND type = \'xnet\'', Post::t('pwhash'), $res['uid']);
XDB::query('DELETE FROM register_pending_xnet
WHERE uid = {?}', $res['uid']);
XDB::commit();
S::logger($res['uid'])->log('passwd', '');
// Try to start a session (so the user don't have to log in); we will use
// the password available in Post:: to authenticate the user.
Post::kill('wait');
Platal::session()->startAvailableAuth();
$page->changeTpl('xnet/register.success.tpl');
$page->assign('email', $res['email']);
} else {
$page->changeTpl('platal/password.tpl');
$page->assign('xnet', true);
$page->assign('hruid', $res['hruid']);
$page->assign('do_auth', 1);
}
}
/** Get watch informations
*/
private function fetchWatchData()
{
if (isset($this->watch_actions)) {
return;
}
$watch = XDB::fetchOneAssoc('SELECT flags AS watch_flags, actions AS watch_actions,
UNIX_TIMESTAMP(last) AS watch_last
FROM watch
WHERE uid = {?}', $this->id());
$watch['watch_flags'] = new PlFlagSet($watch['watch_flags']);
$watch['watch_actions'] = new PlFlagSet($watch['watch_actions']);
$watch['watch_promos'] = XDB::fetchColumn('SELECT promo
FROM watch_promo
WHERE uid = {?}', $this->id());
$watch['watch_groups'] = XDB::fetchColumn("SELECT w.groupid\n FROM watch_group AS w\n INNER JOIN groups AS g ON (w.groupid = g.id AND NOT FIND_IN_SET('private', pub))\n WHERE w.uid = {?}", $this->id());
$watch['watch_users'] = XDB::fetchColumn('SELECT ni_id
FROM watch_nonins
WHERE uid = {?}', $this->id());
$this->fillFromArray($watch);
}
function handler_admin_name($page, $hruid = null)
{
$page->changeTpl('admin/admin_name.tpl');
if (Post::has('id')) {
$user = User::get(Post::t('id'));
if (is_null($user)) {
$page->trigError("L'identifiant donné ne correspond à personne ou est ambigu.");
exit;
}
pl_redirect('admin/name/' . $user->hruid);
}
$user = User::getSilent($hruid);
if (!is_null($user)) {
require_once 'name.func.inc.php';
if ($user->hasProfile()) {
$name_types = array('lastname_main' => 'Nom patronymique', 'lastname_marital' => 'Nom marital', 'lastname_ordinary' => 'Nom usuel', 'firstname_main' => 'Prénom', 'firstname_ordinary' => 'Prénom usuel', 'pseudonym' => 'Pseudonyme');
$names = XDB::fetchOneAssoc('SELECT lastname_main, lastname_marital, lastname_ordinary,
firstname_main, firstname_ordinary, pseudonym
FROM profile_public_names
WHERE pid = {?}', $user->profile()->id());
} else {
$name_types = array('lastname' => 'Nom', 'firstname' => 'Prénom');
$names = XDB::fetchOneAssoc('SELECT lastname, firstname
FROM accounts
WHERE uid = {?}', $user->id());
}
if (Post::has('correct')) {
$new_names = array();
$update = true;
foreach ($name_types as $key => $fullname) {
$new_names[$key] = Post::t($key);
if (mb_strtolower($new_names[$key]) != mb_strtolower($names[$key])) {
$update = false;
}
}
if ($update) {
if ($user->hasProfile()) {
update_public_names($user->profile()->id(), $new_names);
update_display_names($user->profile(), $new_names);
} else {
$new_names['full_name'] = build_full_name($new_names['firstname'], $new_names['lastname']);
$new_names['directory_name'] = build_directory_name($new_names['firstname'], $new_names['lastname']);
$new_names['sort_name'] = build_sort_name($new_names['firstname'], $new_names['lastname']);
XDB::execute('UPDATE accounts
SET lastname = {?}, firstname = {?}, full_name = {?},
directory_name = {?}, sort_name = {?}
WHERE uid = {?}', $new_names['lastname'], $new_names['firstname'], $new_names['full_name'], $new_names['directory_name'], $new_names['sort_name'], $user->id());
}
$page->trigSuccess('Mise à jour réussie.');
} else {
$page->trigError('Seuls des changements de casse sont autorisés ici.');
}
}
if ($user->hasProfile()) {
$names = XDB::fetchOneAssoc('SELECT lastname_main, lastname_marital, lastname_ordinary,
firstname_main, firstname_ordinary, pseudonym
FROM profile_public_names
WHERE pid = {?}', $user->profile()->id());
} else {
$names = XDB::fetchOneAssoc('SELECT lastname, firstname
FROM accounts
WHERE uid = {?}', $user->id());
}
foreach ($names as $key => $name) {
$names[$key] = array('value' => $name, 'standard' => capitalize_name($name));
$names[$key]['different'] = $names[$key]['value'] != $names[$key]['standard'];
}
$page->assign('uid', $user->id());
$page->assign('hruid', $user->hruid);
$page->assign('names', $names);
$page->assign('name_types', $name_types);
}
}
/**
* Upate the denormalized flag which is used to mark the best mail to use
* when sending postal mail
*
* Call with $fake to true to only get which address would be selected,
* without updating anything in the database.
* Returns an array describing the selected profile address
*/
public static function updateBestMail($pid, $fake = false)
{
if (!$fake) {
XDB::execute("UPDATE profile_addresses\n SET flags = REPLACE(flags, 'dn_best_mail', '')\n WHERE pid = {?}", $pid);
}
/* Following order is selected to find the best mail:
* * Use addresses without the deliveryIssue flag if possible.
* * Among these, use addresses flagged as "current".
* * If there is no such addresses or several ones, prefer those
* without "secondary" flag.
* * If there are still several addresses in the selection, try not
* to select the ones with "job" type.
*/
$best_mail = XDB::fetchOneAssoc("SELECT pid, jobid, groupid, type, id, flags\n FROM profile_addresses\n WHERE FIND_IN_SET('mail', flags) AND pid = {?}\n ORDER BY FIND_IN_SET('deliveryIssue', flags),\n NOT FIND_IN_SET('current', flags),\n FIND_IN_SET('secondary', flags), type = 'job'\n LIMIT 1", $pid);
if (!$fake && $best_mail) {
XDB::execute("UPDATE profile_addresses\n SET flags = CONCAT(flags, ',dn_best_mail')\n WHERE pid = {?} AND jobid = {?} AND groupid = {?} AND type = {?} AND id = {?}", $best_mail['pid'], $best_mail['jobid'], $best_mail['groupid'], $best_mail['type'], $best_mail['id']);
}
return $best_mail;
}
public function save(ProfilePage $page, $field, $value)
{
require_once 'name.func.inc.php';
$old = XDB::fetchOneAssoc('SELECT lastname_main, lastname_marital, lastname_ordinary,
firstname_main, firstname_ordinary, pseudonym
FROM profile_public_names
WHERE pid = {?}', $page->pid());
if ($has_diff = $this->diff($page->pid(), $old, $value['public_names'])) {
$new_names = new NamesReq(S::user(), $page->profile, $value['public_names'], $old);
$new_names->submit();
Platal::page()->assign('validation', true);
Platal::page()->trigWarning('La demande de modification des noms a bien été prise en compte.' . ' Un email sera envoyé dès que ces changements auront été effectués.');
}
XDB::execute('DELETE FROM profile_private_names
WHERE pid = {?}', $page->pid());
$values = array();
$nickname = $lastname = $firstname = 0;
if (isset($value['private_names'])) {
foreach ($value['private_names'] as $name) {
$values[] = XDB::format('({?}, {?}, {?}, {?})', $page->pid(), $name['type'], ${$name}['type']++, $name['name']);
}
}
if (count($values)) {
XDB::rawExecute('INSERT INTO profile_private_names (pid, type, id, name)
VALUES ' . implode(',', $values));
}
if ($has_diff) {
update_display_names($page->profile, $old, $value['private_names']);
} else {
update_display_names($page->profile, $value['public_names'], isset($value['private_names']) ? $value['private_names'] : null);
}
}
public function getPhoto($fallback = true, $data = false)
{
if ($this->has_photo) {
if ($data && ($this->photo == null || $this->photo->mimeType == null)) {
$res = XDB::fetchOneAssoc('SELECT attach, attachmime, x, y, last_update
FROM profile_photos
WHERE pid = {?}', $this->pid);
$this->photo = PlImage::fromData($res['attach'], 'image/' . $res['attachmime'], $res['x'], $res['y'], $res['last_update']);
} else {
if ($this->photo == null) {
$this->photo = PlImage::fromData(null, null, $this->photo_width, $this->photo_height);
}
}
return $this->photo;
} else {
if ($fallback) {
if ($this->mainEducation() == 'X') {
return PlImage::fromFile(dirname(__FILE__) . '/../htdocs/images/none_x.png', 'image/png');
}
return PlImage::fromFile(dirname(__FILE__) . '/../htdocs/images/none_md.png', 'image/png');
}
}
return null;
}
function handler_send($page)
{
$page->changeTpl('emails/send.tpl');
$page->setTitle('Envoyer un email');
// action si on recoit un formulaire
if (Post::has('save')) {
if (!S::has_xsrf_token()) {
return PL_FORBIDDEN;
}
unset($_POST['save']);
if (trim(preg_replace('/-- .*/', '', Post::v('contenu'))) != "") {
Post::set('to_contacts', explode(';', Post::s('to_contacts')));
Post::set('cc_contacts', explode(';', Post::s('cc_contacts')));
$data = serialize($_POST);
XDB::execute('INSERT INTO email_send_save (uid, data)
VALUES ({?}, {?})
ON DUPLICATE KEY UPDATE data = VALUES(data)', S::user()->id('uid'), $data);
}
exit;
} else {
if (Env::v('submit') == 'Envoyer') {
S::assert_xsrf_token();
function getEmails($aliases)
{
if (!is_array($aliases)) {
return null;
}
$uf = new UserFilter(new UFC_Hrpid($aliases));
$users = $uf->iterUsers();
$ret = array();
while ($user = $users->next()) {
$ret[] = $user->forlife;
}
return join(', ', $ret);
}
$error = false;
foreach ($_FILES as &$file) {
if ($file['name'] && !PlUpload::get($file, S::user()->login(), 'emails.send', false)) {
$page->trigError(PlUpload::$lastError);
$error = true;
break;
}
}
if (!$error) {
XDB::execute("DELETE FROM email_send_save\n WHERE uid = {?}", S::user()->id());
$to2 = getEmails(Env::v('to_contacts'));
$cc2 = getEmails(Env::v('cc_contacts'));
$txt = str_replace('^M', '', Env::v('contenu'));
$to = str_replace(';', ',', Env::t('to'));
$subj = Env::t('sujet');
$from = Env::t('from');
$cc = str_replace(';', ',', Env::t('cc'));
$bcc = str_replace(';', ',', Env::t('bcc'));
$email_regex = '/^[a-z0-9.\\-+_\\$]+@([\\-.+_]?[a-z0-9])+$/i';
foreach (explode(',', $to . ',' . $cc . ',' . $bcc) as $email) {
$email = trim($email);
if ($email != '' && !preg_match($email_regex, $email)) {
$page->trigError("L'adresse email " . $email . ' est erronée.');
$error = true;
}
}
if (empty($to) && empty($cc) && empty($to2) && empty($bcc) && empty($cc2)) {
$page->trigError("Indique au moins un destinataire.");
$error = true;
}
if ($error) {
$page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send'));
} else {
$mymail = new PlMailer();
$mymail->setFrom($from);
$mymail->setSubject($subj);
if (!empty($to)) {
$mymail->addTo($to);
}
if (!empty($cc)) {
$mymail->addCc($cc);
}
if (!empty($bcc)) {
$mymail->addBcc($bcc);
}
if (!empty($to2)) {
$mymail->addTo($to2);
}
if (!empty($cc2)) {
$mymail->addCc($cc2);
}
$files =& PlUpload::listFiles(S::user()->login(), 'emails.send');
foreach ($files as $name => &$upload) {
$mymail->addUploadAttachment($upload, $name);
}
if (Env::v('wiki') == 'text') {
$mymail->setTxtBody(wordwrap($txt, 78, "\n"));
} else {
$mymail->setWikiBody($txt);
}
if ($mymail->send()) {
$page->trigSuccess("Ton email a bien été envoyé.");
$_REQUEST = array('bcc' => S::user()->bestEmail());
PlUpload::clear(S::user()->login(), 'emails.send');
} else {
$page->trigError("Erreur lors de l'envoi du courriel, réessaye.");
$page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send'));
}
}
}
} else {
$res = XDB::query("SELECT data\n FROM email_send_save\n WHERE uid = {?}", S::i('uid'));
if ($res->numRows() == 0) {
PlUpload::clear(S::user()->login(), 'emails.send');
$_REQUEST['bcc'] = S::user()->bestEmail();
} else {
$data = unserialize($res->fetchOneCell());
$_REQUEST = array_merge($_REQUEST, $data);
}
}
}
$uf = new UserFilter(new PFC_And(new UFC_Contact(S::user()), new UFC_Registered()), UserFilter::sortByName());
$contacts = $uf->getProfiles();
$page->assign('contacts', $contacts);
$page->assign('maxsize', ini_get('upload_max_filesize') . 'o');
$page->assign('user', S::user());
$preferences = XDB::fetchOneAssoc('SELECT from_email, from_format
FROM accounts
WHERE uid = {?}', S::user()->id());
if ($preferences['from_email'] == '') {
$preferences['from_email'] = '"' . S::user()->fullName() . '" <' . S::user()->bestEmail() . '>';
}
$page->assign('preferences', $preferences);
}
public function __construct(User $user)
{
if (!$user) {
return;
}
$this->user =& $user;
$res = XDB::fetchOneAssoc('SELECT COUNT(DISTINCT(action)) AS action_count, COUNT(redirect) AS redirect_count, action
FROM email_redirect_account
WHERE uid = {?} AND (type = \'smtp\' OR type = \'googleapps\') AND flags = \'active\'
GROUP BY uid', $user->id());
if ($res['redirect_count'] == 0) {
return;
}
$this->single_redirection = $res['redirect_count'] == 1;
$this->redirections = XDB::fetchAllAssoc('SELECT IF(type = \'googleapps\', type, redirect) AS redirect, type, action
FROM email_redirect_account
WHERE uid = {?} AND (type = \'smtp\' OR type = \'googleapps\')
ORDER BY type, redirect', $user->id());
foreach ($this->redirections as &$redirection) {
$redirection['filter'] = array_search($redirection['action'], self::$states);
}
if ($res['action_count'] == 1) {
$this->state = array_search($res['action'], self::$states);
$this->single_state = true;
} else {
$this->single_state = $this->state = false;
}
}
#!/usr/bin/php5
<?php
require_once 'connect.db.inc.php';
require_once '../../include/name.func.inc.php';
$pids = XDB::fetchOneRow("SELECT pid\n FROM profile_public_names\n WHERE firstname_ordinary = '0' OR lastname_marital = '0' OR lastname_ordinary = '0'");
XDB::execute("UPDATE profile_public_names\n SET firstname_ordinary = ''\n WHERE firstname_ordinary = '0'");
XDB::execute("UPDATE profile_public_names\n SET lastname_ordinary = ''\n WHERE lastname_ordinary = '0'");
XDB::execute("UPDATE profile_public_names\n SET lastname_ordinary = ''\n WHERE lastname_ordinary = '0'");
foreach ($pids as $pid) {
$profile = Profile::get($pid);
$item = XDB::fetchOneAssoc('SELECT *
FROM profile_public_names
WHERE pid = {?}', $pid);
update_display_names($profile, $item);
}
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
private function again($uid)
{
$data = XDB::fetchOneAssoc('SELECT hash, group_name, sender_name, email
FROM register_pending_xnet
WHERE uid = {?}', $uid);
XDB::execute('UPDATE register_pending_xnet
SET last_date = NOW()
WHERE uid = {?}', $uid);
$mailer = new PlMailer('xnet/account.mail.tpl');
$mailer->addCc('*****@*****.**');
$mailer->setTo($data['email']);
$mailer->assign('hash', $data['hash']);
$mailer->assign('email', $data['email']);
$mailer->assign('group', $data['group_name']);
$mailer->assign('sender_name', $data['sender_name']);
$mailer->assign('again', true);
$mailer->assign('baseurl', Platal::globals()->xnet->xorg_baseurl);
$mailer->send();
}
