Example #1
0
 function handler_recovery_ext($page)
 {
     $page->changeTpl('xnet/recovery.tpl');
     if (!Post::has('login')) {
         return;
     }
     $user = User::getSilent(Post::t('login'));
     if (is_null($user)) {
         $page->trigError('Le compte n\'existe pas.');
         return;
     }
     if ($user->state != 'active') {
         $page->trigError('Ton compte n\'est pas activé.');
         return;
     }
     $page->assign('ok', true);
     $hash = rand_url_id();
     XDB::execute('INSERT INTO  account_lost_passwords (uid, created, certificat)
                        VALUES  ({?}, NOW(), {?})', $user->id(), $hash);
     $mymail = new PlMailer('platal/password_recovery_xnet.mail.tpl');
     $mymail->setTo($user);
     $mymail->assign('hash', $hash);
     $mymail->assign('email', Post::t('login'));
     $mymail->send();
     S::logger($user->id())->log('recovery', $user->bestEmail());
 }
Example #2
0
 function handler_broken_addr($page)
 {
     require_once 'emails.inc.php';
     $page->changeTpl('emails/broken_addr.tpl');
     if (Env::has('sort_broken')) {
         S::assert_xsrf_token();
         $list = trim(Env::v('list'));
         if ($list == '') {
             $page->trigError('La liste est vide.');
         } else {
             $valid_emails = array();
             $invalid_emails = array();
             $broken_list = explode("\n", $list);
             sort($broken_list);
             foreach ($broken_list as $orig_email) {
                 $orig_email = trim($orig_email);
                 if ($orig_email != '') {
                     $email = valide_email($orig_email);
                     if (empty($email) || $email == '@') {
                         $invalid_emails[] = trim($orig_email) . ': invalid email';
                     } elseif (!in_array($email, $valid_emails)) {
                         $nb = XDB::fetchOneCell('SELECT  COUNT(*)
                                                    FROM  email_redirect_account
                                                   WHERE  redirect = {?}', $email);
                         if ($nb > 0) {
                             $valid_emails[] = $email;
                         } else {
                             $invalid_emails[] = $orig_email . ': no such redirection';
                         }
                     }
                 }
             }
             $page->assign('valid_emails', $valid_emails);
             $page->assign('invalid_emails', $invalid_emails);
         }
     }
     if (Env::has('process_broken')) {
         S::assert_xsrf_token();
         $list = trim(Env::v('list'));
         if ($list == '') {
             $page->trigError('La liste est vide.');
         } else {
             require_once 'notifs.inc.php';
             $broken_user_list = array();
             $broken_user_email_count = array();
             $broken_user_profiles = array();
             $broken_list = explode("\n", $list);
             sort($broken_list);
             foreach ($broken_list as $email) {
                 $email = trim($email);
                 $userobj = null;
                 if ($user = mark_broken_email($email, true)) {
                     $userobj = User::getSilentWithUID($user['uid']);
                 }
                 if (is_null($userobj)) {
                     continue;
                 }
                 $profile = $userobj->profile();
                 if (is_null($profile)) {
                     continue;
                 }
                 if ($user['nb_mails'] > 0 && $user['notify']) {
                     $mail = new PlMailer('emails/broken.mail.tpl');
                     $mail->setTo($userobj);
                     $mail->assign('user', $user);
                     $mail->assign('email', $email);
                     $mail->send();
                 } else {
                     WatchProfileUpdate::register($profile, 'broken');
                 }
                 $pid = $profile->id();
                 if (!isset($broken_user_list[$pid])) {
                     $broken_user_list[$pid] = array($email);
                 } else {
                     $broken_user_list[$pid][] = $email;
                 }
                 $broken_user_email_count[$pid] = $user['nb_mails'];
                 $broken_user_profiles[$pid] = $profile;
             }
             XDB::execute('UPDATE  email_redirect_account
                              SET  broken_level = broken_level - 1
                            WHERE  flags = \'active\' AND broken_level > 1
                                   AND DATE_ADD(last, INTERVAL 1 MONTH) < CURDATE()');
             XDB::execute('UPDATE  email_redirect_account
                              SET  broken_level = 0
                            WHERE  flags = \'active\' AND broken_level = 1
                                   AND DATE_ADD(last, INTERVAL 1 YEAR) < CURDATE()');
             // Sort $broken_user_list with (promo, sortname, pid)
             $sortable_array = array();
             foreach ($broken_user_list as $pid => $mails) {
                 $profile = $broken_user_profiles[$pid];
                 $sortable_array[$pid] = array($profile->promo(), $profile->sortName(), $pid);
             }
             asort($sortable_array);
             // Output the list of users with recently broken addresses,
             // along with the count of valid redirections.
             pl_cached_content_headers('text/x-csv', null, 1, 'broken.csv');
             $csv = fopen('php://output', 'w');
             fputcsv($csv, array('nom', 'promo', 'bounces', 'nbmails', 'url', 'corps', 'job', 'networking'), ';');
             $corpsList = DirEnum::getOptions(DirEnum::CURRENTCORPS);
             foreach (array_keys($sortable_array) as $pid) {
                 $mails = $broken_user_list[$pid];
                 $profile = $broken_user_profiles[$pid];
                 $current_corps = $profile->getCorpsName();
                 $jobs = $profile->getJobs();
                 $companies = array();
                 foreach ($jobs as $job) {
                     $companies[] = $job->company->name;
                 }
                 $networkings = $profile->getNetworking(Profile::NETWORKING_ALL);
                 $networking_list = array();
                 foreach ($networkings as $networking) {
                     $networking_list[] = $networking['address'];
                 }
                 fputcsv($csv, array($profile->fullName(), $profile->promo(), join(',', $mails), $broken_user_email_count[$pid], 'https://www.polytechnique.org/marketing/broken/' . $profile->hrid(), $current_corps, implode(',', $companies), implode(',', $networking_list)), ';');
             }
             fclose($csv);
             exit;
         }
     }
 }
Example #3
0
 private function again($uid)
 {
     $data = XDB::fetchOneAssoc('SELECT  hash, group_name, sender_name, email
                                   FROM  register_pending_xnet
                                  WHERE  uid = {?}', $uid);
     XDB::execute('UPDATE  register_pending_xnet
                      SET  last_date = NOW()
                    WHERE  uid = {?}', $uid);
     $mailer = new PlMailer('xnet/account.mail.tpl');
     $mailer->addCc('*****@*****.**');
     $mailer->setTo($data['email']);
     $mailer->assign('hash', $data['hash']);
     $mailer->assign('email', $data['email']);
     $mailer->assign('group', $data['group_name']);
     $mailer->assign('sender_name', $data['sender_name']);
     $mailer->assign('again', true);
     $mailer->assign('baseurl', Platal::globals()->xnet->xorg_baseurl);
     $mailer->send();
 }
Example #4
0
 function handler_end($page, $hash = null)
 {
     global $globals;
     $_SESSION['subState'] = array('step' => 5);
     // Reject registration requests from unsafe IP addresses (and remove the
     // registration information from the database, to prevent IP changes).
     if (check_ip('unsafe')) {
         send_warning_mail('Une IP surveillée a tenté de finaliser son inscription.');
         XDB::execute("DELETE FROM  register_pending\n                                WHERE  hash = {?} AND hash != 'INSCRIT'", $hash);
         return PL_FORBIDDEN;
     }
     // Retrieve the pre-registration information using the url-provided
     // authentication token.
     $res = XDB::query("SELECT  r.uid, p.pid, r.forlife, r.bestalias, r.mailorg2,\n                                   r.password, r.email, r.services, r.naissance,\n                                   ppn.lastname_initial, ppn.firstname_initial, pe.promo_year,\n                                   pd.promo, p.sex, p.birthdate_ref, a.type, a.email AS old_account_email\n                             FROM  register_pending AS r\n                       INNER JOIN  accounts         AS a   ON (r.uid = a.uid)\n                       INNER JOIN  account_profiles AS ap  ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n                       INNER JOIN  profiles         AS p   ON (p.pid = ap.pid)\n                       INNER JOIN  profile_public_names AS ppn ON (ppn.pid = p.pid)\n                       INNER JOIN  profile_display  AS pd  ON (p.pid = pd.pid)\n                       INNER JOIN  profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n                            WHERE  hash = {?} AND hash != 'INSCRIT' AND a.state = 'pending'", $hash);
     if (!$hash || $res->numRows() == 0) {
         $page->kill("<p>Cette adresse n'existe pas, ou plus, sur le serveur.</p>\n                         <p>Causes probables&nbsp;:</p>\n                         <ol>\n                           <li>Vérifie que tu visites l'adresse du dernier\n                               email reçu s'il y en a eu plusieurs.</li>\n                           <li>Tu as peut-être mal copié l'adresse reçue par\n                               email, vérifie-la à la main.</li>\n                           <li>Tu as peut-être attendu trop longtemps pour\n                               confirmer. Les pré-inscriptions sont annulées\n                               tous les 30 jours.</li>\n                           <li>Tu es en fait déjà inscrit.</li>\n                        </ol>");
     }
     list($uid, $pid, $forlife, $bestalias, $emailXorg2, $password, $email, $services, $birthdate, $lastname, $firstname, $yearpromo, $promo, $sex, $birthdate_ref, $type, $old_account_email) = $res->fetchOneRow();
     $isX = $type == 'x';
     $mail_domain = User::$sub_mail_domains[$type] . $globals->mail->domain;
     // Prepare the template for display.
     $page->changeTpl('register/end.tpl');
     $page->assign('forlife', $forlife);
     $page->assign('firstname', $firstname);
     // Check if the user did enter a valid password; if not (or if none is found),
     // get her an information page.
     if (Post::has('response')) {
         $expected_response = sha1("{$forlife}:{$password}:" . S::v('challenge'));
         if (Post::v('response') != $expected_response) {
             $page->trigError("Mot de passe invalide.");
             S::logger($uid)->log('auth_fail', 'bad password (register/end)');
             return;
         }
     } else {
         return;
     }
     //
     // Create the user account.
     //
     XDB::startTransaction();
     XDB::execute("UPDATE  accounts\n                         SET  password = {?}, state = 'active',\n                              registration_date = NOW(), email = NULL\n                       WHERE  uid = {?}", $password, $uid);
     XDB::execute("UPDATE  profiles\n                         SET  birthdate = {?}, last_change = NOW()\n                       WHERE  pid = {?}", $birthdate, $pid);
     XDB::execute('INSERT INTO  email_source_account (email, uid, type, flags, domain)
                        SELECT  {?}, {?}, \'forlife\', \'\', id
                          FROM  email_virtual_domains
                         WHERE  name = {?}', $forlife, $uid, $mail_domain);
     XDB::execute('INSERT INTO  email_source_account (email, uid, type, flags, domain)
                        SELECT  {?}, {?}, \'alias\', \'bestalias\', id
                          FROM  email_virtual_domains
                         WHERE  name = {?}', $bestalias, $uid, $mail_domain);
     if ($emailXorg2) {
         XDB::execute('INSERT INTO  email_source_account (email, uid, type, flags, domain)
                            SELECT  {?}, {?}, \'alias\', \'\', id
                              FROM  email_virtual_domains
                             WHERE  name = {?}', $emailXorg2, $uid, $mail_domain);
     }
     XDB::commit();
     // Try to start a session (so the user don't have to log in); we will use
     // the password available in Post:: to authenticate the user.
     Platal::session()->start(AUTH_PASSWD);
     // Add the registration email address as first and only redirection.
     require_once 'emails.inc.php';
     $user = User::getSilentWithUID($uid);
     $redirect = new Redirect($user);
     $redirect->add_email($email);
     fix_bestalias($user);
     // If the user was registered to some aliases and MLs, we must change
     // the subscription to her forlife email.
     if ($old_account_email) {
         $listClient = new MMList($user);
         $listClient->change_user_email($old_account_email, $user->forlifeEmail());
         update_alias_user($old_account_email, $user->forlifeEmail());
     }
     // Subscribe the user to the services she did request at registration time.
     require_once 'newsletter.inc.php';
     foreach (explode(',', $services) as $service) {
         switch ($service) {
             case 'ax_letter':
                 /* This option is deprecated by 'com_letters' */
                 NewsLetter::forGroup(NewsLetter::GROUP_AX)->subscribe($user);
                 break;
             case 'com_letters':
                 NewsLetter::forGroup(NewsLetter::GROUP_AX)->subscribe($user);
                 NewsLetter::forGroup(NewsLetter::GROUP_EP)->subscribe($user);
                 NewsLetter::forGroup(NewsLetter::GROUP_FX)->subscribe($user);
                 break;
             case 'nl':
                 NewsLetter::forGroup(NewsLetter::GROUP_XORG)->subscribe($user);
                 break;
             case 'imap':
                 Email::activate_storage($user, 'imap', Bogo::IMAP_DEFAULT);
                 break;
             case 'ml_promo':
                 if ($isX) {
                     $r = XDB::query('SELECT id FROM groups WHERE diminutif = {?}', $yearpromo);
                     if ($r->numRows()) {
                         $asso_id = $r->fetchOneCell();
                         XDB::execute('INSERT IGNORE INTO  group_members (uid, asso_id)
                                                   VALUES  ({?}, {?})', $uid, $asso_id);
                         try {
                             MailingList::subscribePromo($yearpromo, $user);
                         } catch (Exception $e) {
                             PlErrorReport::report($e);
                             $page->trigError("L'inscription à la liste promo" . $yearpromo . " a échouée.");
                         }
                     }
                 }
                 break;
         }
     }
     // Log the registration in the user session.
     S::logger($uid)->log('inscription', $email);
     XDB::execute("UPDATE  register_pending\n                         SET  hash = 'INSCRIT'\n                       WHERE  uid = {?}", $uid);
     // Congratulate our newly registered user by email.
     $mymail = new PlMailer('register/success.mail.tpl');
     $mymail->addTo("\"{$user->fullName()}\" <{$user->forlifeEmail()}>");
     if ($isX) {
         $mymail->setSubject('Bienvenue parmi les X sur le web !');
     } else {
         $mymail->setSubject('Bienvenue sur Polytechnique.org !');
     }
     $mymail->assign('forlife', $forlife);
     $mymail->assign('firstname', $firstname);
     $mymail->send();
     // Index the user, to allow her to appear in searches.
     Profile::rebuildSearchTokens($pid);
     // Notify other users which were watching for her arrival.
     XDB::execute('INSERT INTO  contacts (uid, contact)
                        SELECT  uid, {?}
                          FROM  watch_nonins
                         WHERE  ni_id = {?}', $pid, $uid);
     XDB::execute('DELETE FROM  watch_nonins
                         WHERE  ni_id = {?}', $uid);
     Platal::session()->updateNbNotifs();
     // Forcibly register the new user on default forums.
     $registeredForums = array('xorg.general', 'xorg.pa.divers', 'xorg.pa.logements');
     if ($isX) {
         $promoForum = 'xorg.promo.' . strtolower($promo);
         $exists = XDB::fetchOneCell('SELECT  COUNT(*)
                                        FROM  forums
                                       WHERE  name = {?}', $promoForum);
         if ($exists == 0) {
             // Notify the newsgroup admin of the promotion forum needs be created.
             $promoFull = new UserFilter(new UFC_Promo('=', UserFilter::DISPLAY, $promo));
             $promoRegistered = new UserFilter(new PFC_And(new UFC_Promo('=', UserFilter::DISPLAY, $promo), new UFC_Registered(true), new PFC_Not(new UFC_Dead())));
             if ($promoRegistered->getTotalCount() > 0.2 * $promoFull->getTotalCount()) {
                 $mymail = new PlMailer('admin/forums-promo.mail.tpl');
                 $mymail->assign('promo', $promo);
                 $mymail->send();
             }
         } else {
             $registeredForums[] = $promoForum;
         }
     }
     foreach ($registeredForums as $forum) {
         XDB::execute("INSERT INTO  forum_subs (fid, uid)\n                               SELECT  fid, {?}\n                                 FROM  forums\n                                WHERE  name = {?}", $uid, $val);
     }
     // Update the global registration count stats.
     $globals->updateNbIns();
     //
     // Update collateral data sources, and inform watchers by email.
     //
     // Email the referrer(s) of this new user.
     $res = XDB::iterRow("SELECT  sender, GROUP_CONCAT(email SEPARATOR ', ') AS mails, MAX(last) AS lastDate\n                               FROM  register_marketing\n                              WHERE  uid = {?}\n                           GROUP BY  sender\n                           ORDER BY  lastDate DESC", $uid);
     XDB::execute("UPDATE  register_mstats\n                         SET  success = NOW()\n                       WHERE  uid = {?}", $uid);
     $market = array();
     while (list($senderid, $maketingEmails, $lastDate) = $res->next()) {
         $sender = User::getWithUID($senderid);
         $market[] = " - par {$sender->fullName()} sur {$maketingEmails} (le plus récemment le {$lastDate})";
         $mymail = new PlMailer('register/marketer.mail.tpl');
         $mymail->setSubject("{$firstname} {$lastname} s'est inscrit à Polytechnique.org !");
         $mymail->setTo($sender);
         $mymail->assign('sender', $sender);
         $mymail->assign('firstname', $firstname);
         $mymail->assign('lastname', $lastname);
         $mymail->assign('promo', $promo);
         $mymail->assign('sex', $sex);
         $mymail->setTxtBody(wordwrap($msg, 72));
         $mymail->send();
     }
     // Email the plat/al administrators about the registration.
     if ($globals->register->notif) {
         $mymail = new PlMailer('register/registration.mail.tpl');
         $mymail->setSubject("Inscription de {$firstname} {$lastname} ({$promo})");
         $mymail->assign('firstname', $firstname);
         $mymail->assign('lastname', $lastname);
         $mymail->assign('promo', $promo);
         $mymail->assign('sex', $sex);
         $mymail->assign('birthdate', $birthdate);
         $mymail->assign('birthdate_ref', $birthdate_ref);
         $mymail->assign('forlife', $forlife);
         $mymail->assign('email', $email);
         $mymail->assign('logger', S::logger());
         if (count($market) > 0) {
             $mymail->assign('market', implode("\n", $market));
         }
         $mymail->setTxtBody($msg);
         $mymail->send();
     }
     // Remove old pending marketing requests for the new user.
     Marketing::clear($uid);
     pl_redirect('profile/edit');
 }
Example #5
0
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 ***************************************************************************/
require_once 'connect.db.inc.php';
require_once 'plmailer.php';
$limit = 60;
$users = XDB::fetchAllAssoc('SELECT  a.uid, a.hruid, r.hash, r.group_name, r.sender_name, r.email
                               FROM  register_pending_xnet AS r
                         INNER JOIN  accounts              AS a ON (r.uid = a.uid)
                              WHERE  a.state = \'disabled\'
                           ORDER BY  r.date, a.uid');
$mailer = new PlMailer('xnet/account.mail.tpl');
$mailer->addCc('*****@*****.**');
$i = 0;
foreach ($users as $user) {
    $mailer->setTo($user['email']);
    $mailer->assign('hash', $user['hash']);
    $mailer->assign('email', $user['email']);
    $mailer->assign('group', $user['group_name']);
    $mailer->assign('sender_name', $user['sender_name']);
    $mailer->assign('again', false);
    $mailer->assign('baseurl', Platal::globals()->baseurl);
    $mailer->send();
    XDB::execute('UPDATE  accounts
                     SET  state = \'pending\'
                   WHERE  uid = {?}', $user['uid']);
    if ($i == $limit) {
        $i = 0;
        sleep(60);
    } else {
        ++$i;