Example #1
0
 protected function handle_editor()
 {
     if (isset($_FILES['userfile'])) {
         $upload =& PlUpload::get($_FILES['userfile'], S::user()->login(), 'photo');
         if (!$upload) {
             $this->trigError('Une erreur est survenue lors du téléchargement du fichier.');
             return false;
         }
         $this->read($upload);
         return $this->valid;
     }
     return false;
 }
Example #2
0
 protected function handle_editor()
 {
     $this->titre = Env::v('titre');
     $this->texte = Env::v('texte');
     $this->pmin = Env::i('promo_min');
     $this->pmax = Env::i('promo_max');
     $this->expiration = Env::v('expiration');
     if (@$_FILES['image']['tmp_name']) {
         $upload = PlUpload::get($_FILES['image'], S::user()->login(), 'event');
         if (!$upload) {
             $this->trigError("Impossible de télécharger le fichier");
         } elseif (!$upload->isType('image')) {
             $page->trigError('Le fichier n\'est pas une image valide au format JPEG, GIF ou PNG');
             $upload->rm();
         } elseif (!$upload->resizeImage(200, 300, 100, 100, 32284)) {
             $page->trigError('Impossible de retraiter l\'image');
         } else {
             $this->readImage($upload);
         }
     }
     return true;
 }
Example #3
0
 function handler_admin($page, $liste = null)
 {
     global $globals;
     if (is_null($liste)) {
         return PL_NOT_FOUND;
     }
     $mlist = $this->prepare_list($liste);
     $this->is_group_admin($page);
     if (!$this->is_group_admin($page)) {
         $this->verify_list_owner($page, $mlist);
     }
     $page->changeTpl('lists/admin.tpl');
     if (Env::has('send_mark')) {
         S::assert_xsrf_token();
         $actions = Env::v('mk_action');
         $uids = Env::v('mk_uid');
         $mails = Env::v('mk_email');
         foreach ($actions as $key => $action) {
             switch ($action) {
                 case 'none':
                     break;
                 case 'marketu':
                 case 'markets':
                     require_once 'emails.inc.php';
                     $user = User::get($uids[$key]);
                     $mail = valide_email($mails[$key]);
                     if (isvalid_email_redirection($mail, $user)) {
                         $from = $action == 'marketu' ? 'user' : 'staff';
                         $market = Marketing::get($uids[$key], $mail);
                         if (!$market) {
                             $market = new Marketing($uids[$key], $mail, 'list', $mlist->address, $from, S::v('uid'));
                             $market->add();
                             break;
                         }
                     }
                 default:
                     XDB::execute('INSERT IGNORE INTO  register_subs (uid, type, sub, domain)
                                           VALUES  ({?}, \'list\', {?}, {?})', $uids[$key], $mlist->mbox, $mlist->domain);
             }
         }
     }
     if (Env::has('add_member') || isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) {
         S::assert_xsrf_token();
         if (isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) {
             $upload =& PlUpload::get($_FILES['add_member_file'], S::user()->login(), 'list.addmember', true);
             if (!$upload) {
                 $page->trigError("Une erreur s'est produite lors du téléchargement du fichier.");
             } else {
                 $logins = $upload->getContents();
             }
         } else {
             $logins = Env::v('add_member');
         }
         $logins = preg_split("/[; ,\r\n\\|]+/", $logins);
         $members = User::getBulkForlifeEmailsFromEmail($logins);
         $unfound = array_diff_key($logins, $members);
         // Make sure we send a list (array_values) of unique (array_unique)
         // emails.
         $members = array_values(array_unique($members));
         $arr = $mlist->subscribeBulk($members);
         $successes = array();
         if (is_array($arr)) {
             foreach ($arr as $addr) {
                 $successes[] = $addr[1];
                 $page->trigSuccess("{$addr[0]} inscrit.");
             }
         }
         $already = array_diff($members, $successes);
         if (is_array($already)) {
             foreach ($already as $item) {
                 $page->trigWarning($item . ' est déjà inscrit.');
             }
         }
         if (is_array($unfound)) {
             foreach ($unfound as $item) {
                 if (trim($item) != '') {
                     $page->trigError($item . " ne correspond pas à un compte existant et n'est pas une adresse email.");
                 }
             }
         }
     }
     if (Env::has('del_member')) {
         S::assert_xsrf_token();
         if (strpos(Env::v('del_member'), '@') === false) {
             if ($del_member = User::getSilent(Env::t('del_member'))) {
                 $mlist->unsubscribeBulk(array($del_member->forlifeEmail()));
             }
         } else {
             $mlist->unsubscribeBulk(array(Env::v('del_member')));
         }
         pl_redirect('lists/admin/' . $liste);
     }
     if (Env::has('add_owner')) {
         S::assert_xsrf_token();
         $owners = User::getBulkForlifeEmailsFromEmail(Env::v('add_owner'));
         if ($owners) {
             foreach ($owners as $forlife_email) {
                 if ($mlist->addOwner($forlife_email)) {
                     $page->trigSuccess($login . " ajouté aux modérateurs.");
                 }
             }
         }
     }
     if (Env::has('del_owner')) {
         S::assert_xsrf_token();
         if (strpos(Env::v('del_owner'), '@') === false) {
             if ($del_owner = User::getSilent(Env::t('del_owner'))) {
                 $mlist->removeOwner($del_owner->forlifeEmail());
             } else {
                 // Shit happens, and a non-email could be set as the owner
                 $mlist->removeOwner(Env::v('del_owner'));
             }
         } else {
             $mlist->removeOwner(Env::v('del_owner'));
         }
         pl_redirect('lists/admin/' . $liste);
     }
     if (list($det, $mem, $own) = $mlist->getMembers()) {
         global $list_unregistered;
         if ($list_unregistered) {
             $page->assign_by_ref('unregistered', $list_unregistered);
         }
         $membres = list_sort_members($mem, @$tri_promo);
         $moderos = list_sort_owners($own, @$tri_promo);
         $page->assign_by_ref('details', $det);
         $page->assign_by_ref('members', $membres);
         $page->assign_by_ref('owners', $moderos);
         $page->assign('np_m', count($mem));
     } else {
         $page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer.<br />" . " Si tu penses qu'il s'agit d'une erreur, " . "<a href='mailto:support@polytechnique.org'>contact le support</a>.");
     }
 }
Example #4
0
 function handler_send($page)
 {
     $page->changeTpl('emails/send.tpl');
     $page->setTitle('Envoyer un email');
     // action si on recoit un formulaire
     if (Post::has('save')) {
         if (!S::has_xsrf_token()) {
             return PL_FORBIDDEN;
         }
         unset($_POST['save']);
         if (trim(preg_replace('/-- .*/', '', Post::v('contenu'))) != "") {
             Post::set('to_contacts', explode(';', Post::s('to_contacts')));
             Post::set('cc_contacts', explode(';', Post::s('cc_contacts')));
             $data = serialize($_POST);
             XDB::execute('INSERT INTO  email_send_save (uid, data)
                                VALUES  ({?}, {?})
               ON DUPLICATE KEY UPDATE  data = VALUES(data)', S::user()->id('uid'), $data);
         }
         exit;
     } else {
         if (Env::v('submit') == 'Envoyer') {
             S::assert_xsrf_token();
             function getEmails($aliases)
             {
                 if (!is_array($aliases)) {
                     return null;
                 }
                 $uf = new UserFilter(new UFC_Hrpid($aliases));
                 $users = $uf->iterUsers();
                 $ret = array();
                 while ($user = $users->next()) {
                     $ret[] = $user->forlife;
                 }
                 return join(', ', $ret);
             }
             $error = false;
             foreach ($_FILES as &$file) {
                 if ($file['name'] && !PlUpload::get($file, S::user()->login(), 'emails.send', false)) {
                     $page->trigError(PlUpload::$lastError);
                     $error = true;
                     break;
                 }
             }
             if (!$error) {
                 XDB::execute("DELETE FROM  email_send_save\n                                    WHERE  uid = {?}", S::user()->id());
                 $to2 = getEmails(Env::v('to_contacts'));
                 $cc2 = getEmails(Env::v('cc_contacts'));
                 $txt = str_replace('^M', '', Env::v('contenu'));
                 $to = str_replace(';', ',', Env::t('to'));
                 $subj = Env::t('sujet');
                 $from = Env::t('from');
                 $cc = str_replace(';', ',', Env::t('cc'));
                 $bcc = str_replace(';', ',', Env::t('bcc'));
                 $email_regex = '/^[a-z0-9.\\-+_\\$]+@([\\-.+_]?[a-z0-9])+$/i';
                 foreach (explode(',', $to . ',' . $cc . ',' . $bcc) as $email) {
                     $email = trim($email);
                     if ($email != '' && !preg_match($email_regex, $email)) {
                         $page->trigError("L'adresse email " . $email . ' est erronée.');
                         $error = true;
                     }
                 }
                 if (empty($to) && empty($cc) && empty($to2) && empty($bcc) && empty($cc2)) {
                     $page->trigError("Indique au moins un destinataire.");
                     $error = true;
                 }
                 if ($error) {
                     $page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send'));
                 } else {
                     $mymail = new PlMailer();
                     $mymail->setFrom($from);
                     $mymail->setSubject($subj);
                     if (!empty($to)) {
                         $mymail->addTo($to);
                     }
                     if (!empty($cc)) {
                         $mymail->addCc($cc);
                     }
                     if (!empty($bcc)) {
                         $mymail->addBcc($bcc);
                     }
                     if (!empty($to2)) {
                         $mymail->addTo($to2);
                     }
                     if (!empty($cc2)) {
                         $mymail->addCc($cc2);
                     }
                     $files =& PlUpload::listFiles(S::user()->login(), 'emails.send');
                     foreach ($files as $name => &$upload) {
                         $mymail->addUploadAttachment($upload, $name);
                     }
                     if (Env::v('wiki') == 'text') {
                         $mymail->setTxtBody(wordwrap($txt, 78, "\n"));
                     } else {
                         $mymail->setWikiBody($txt);
                     }
                     if ($mymail->send()) {
                         $page->trigSuccess("Ton email a bien été envoyé.");
                         $_REQUEST = array('bcc' => S::user()->bestEmail());
                         PlUpload::clear(S::user()->login(), 'emails.send');
                     } else {
                         $page->trigError("Erreur lors de l'envoi du courriel, réessaye.");
                         $page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send'));
                     }
                 }
             }
         } else {
             $res = XDB::query("SELECT  data\n                                 FROM  email_send_save\n                                WHERE  uid = {?}", S::i('uid'));
             if ($res->numRows() == 0) {
                 PlUpload::clear(S::user()->login(), 'emails.send');
                 $_REQUEST['bcc'] = S::user()->bestEmail();
             } else {
                 $data = unserialize($res->fetchOneCell());
                 $_REQUEST = array_merge($_REQUEST, $data);
             }
         }
     }
     $uf = new UserFilter(new PFC_And(new UFC_Contact(S::user()), new UFC_Registered()), UserFilter::sortByName());
     $contacts = $uf->getProfiles();
     $page->assign('contacts', $contacts);
     $page->assign('maxsize', ini_get('upload_max_filesize') . 'o');
     $page->assign('user', S::user());
     $preferences = XDB::fetchOneAssoc('SELECT  from_email, from_format
                                          FROM  accounts
                                         WHERE  uid = {?}', S::user()->id());
     if ($preferences['from_email'] == '') {
         $preferences['from_email'] = '"' . S::user()->fullName() . '" <' . S::user()->bestEmail() . '>';
     }
     $page->assign('preferences', $preferences);
 }
Example #5
0
 function handler_photo($page, $eid = null, $valid = null)
 {
     if ($eid && $eid != 'valid') {
         $res = XDB::query("SELECT * FROM announce_photos WHERE eid = {?}", $eid);
         if ($res->numRows()) {
             $photo = $res->fetchOneAssoc();
             pl_cached_dynamic_content_headers("image/" . $photo['attachmime']);
             echo $photo['attach'];
             exit;
         }
     } elseif ($eid == 'valid') {
         $valid = Validate::get_request_by_id($valid);
         if ($valid && $valid->img) {
             pl_cached_dynamic_content_headers("image/" . $valid->imgtype);
             echo $valid->img;
             exit;
         }
     } else {
         $upload = new PlUpload(S::user()->login(), 'event');
         if ($upload->exists() && $upload->isType('image')) {
             pl_cached_dynamic_content_headers($upload->contentType());
             echo $upload->getContents();
             exit;
         }
     }
     global $globals;
     pl_cached_dynamic_content_headers("image/png");
     echo file_get_contents($globals->spoolroot . '/htdocs/images/logo.png');
     exit;
 }
Example #6
0
 function handler_photo_announce($page, $eid = null)
 {
     if ($eid) {
         $res = XDB::query('SELECT  *
                              FROM  group_announces_photo
                             WHERE  eid = {?}', $eid);
         if ($res->numRows()) {
             $photo = $res->fetchOneAssoc();
             pl_cached_dynamic_content_headers("image/" . $photo['attachmime']);
             echo $photo['attach'];
             exit;
         }
     } else {
         $upload = new PlUpload(S::user()->login(), 'xnetannounce');
         if ($upload->exists() && $upload->isType('image')) {
             pl_cached_dynamic_content_headers($upload->contentType());
             echo $upload->getContents();
             exit;
         }
     }
     global $globals;
     pl_cached_dynamic_content_headers("image/png");
     echo file_get_contents($globals->spoolroot . '/htdocs/images/logo.png');
     exit;
 }
Example #7
0
 function handler_photo_change($page, $hrpid = null)
 {
     global $globals;
     $profile = $this->findProfile($hrpid);
     if (!$profile instanceof Profile && ($profile == PL_NOT_FOUND || $profile == PL_FORBIDDEN)) {
         return $profile;
     }
     if (is_null($hrpid)) {
         pl_redirect('photo/change/' . $profile->hrid());
     }
     $page->changeTpl('profile/trombino.tpl');
     $page->assign('hrpid', $profile->hrid());
     $trombi_x = '/home/web/trombino/photos' . $profile->promo() . '/' . $profile->hrid() . '.jpg';
     if (Env::has('upload')) {
         S::assert_xsrf_token();
         $upload = new PlUpload($profile->hrid(), 'photo');
         if (!$upload->upload($_FILES['userfile']) && !$upload->download(Env::v('photo'))) {
             $page->trigError('Une erreur est survenue lors du téléchargement du fichier');
         } else {
             $myphoto = new PhotoReq(S::user(), $profile, $upload);
             if ($myphoto->isValid()) {
                 $myphoto->submit();
             }
         }
     } elseif (Env::has('trombi')) {
         S::assert_xsrf_token();
         $upload = new PlUpload($profile->hrid(), 'photo');
         if ($upload->copyFrom($trombi_x)) {
             $myphoto = new PhotoReq(S::user(), $profile, $upload);
             if ($myphoto->isValid()) {
                 $myphoto->commit();
                 $myphoto->clean();
             }
         }
     } elseif (Env::v('suppr')) {
         S::assert_xsrf_token();
         XDB::execute('DELETE FROM  profile_photos
                             WHERE  pid = {?}', $profile->id());
         XDB::execute("DELETE FROM  requests\n                                WHERE  pid = {?} AND type = 'photo'", $profile->id());
         $globals->updateNbValid();
         $page->trigSuccess("Ta photo a bien été supprimée. Elle ne sera plus visible sur le site dans au plus une heure.");
     } elseif (Env::v('cancel')) {
         S::assert_xsrf_token();
         $sql = XDB::query("DELETE FROM  requests\n                                     WHERE  pid = {?} AND type = 'photo'", $profile->id());
         $globals->updateNbValid();
     }
     $sql = XDB::query("SELECT  COUNT(*)\n                             FROM  requests\n                            WHERE  pid = {?} AND type = 'photo'", $profile->id());
     $page->assign('submited', $sql->fetchOneCell());
     $page->assign('has_trombi_x', file_exists($trombi_x));
 }