protected function handle_editor() { if (isset($_FILES['userfile'])) { $upload =& PlUpload::get($_FILES['userfile'], S::user()->login(), 'photo'); if (!$upload) { $this->trigError('Une erreur est survenue lors du téléchargement du fichier.'); return false; } $this->read($upload); return $this->valid; } return false; }
protected function handle_editor() { $this->titre = Env::v('titre'); $this->texte = Env::v('texte'); $this->pmin = Env::i('promo_min'); $this->pmax = Env::i('promo_max'); $this->expiration = Env::v('expiration'); if (@$_FILES['image']['tmp_name']) { $upload = PlUpload::get($_FILES['image'], S::user()->login(), 'event'); if (!$upload) { $this->trigError("Impossible de télécharger le fichier"); } elseif (!$upload->isType('image')) { $page->trigError('Le fichier n\'est pas une image valide au format JPEG, GIF ou PNG'); $upload->rm(); } elseif (!$upload->resizeImage(200, 300, 100, 100, 32284)) { $page->trigError('Impossible de retraiter l\'image'); } else { $this->readImage($upload); } } return true; }
function handler_admin($page, $liste = null) { global $globals; if (is_null($liste)) { return PL_NOT_FOUND; } $mlist = $this->prepare_list($liste); $this->is_group_admin($page); if (!$this->is_group_admin($page)) { $this->verify_list_owner($page, $mlist); } $page->changeTpl('lists/admin.tpl'); if (Env::has('send_mark')) { S::assert_xsrf_token(); $actions = Env::v('mk_action'); $uids = Env::v('mk_uid'); $mails = Env::v('mk_email'); foreach ($actions as $key => $action) { switch ($action) { case 'none': break; case 'marketu': case 'markets': require_once 'emails.inc.php'; $user = User::get($uids[$key]); $mail = valide_email($mails[$key]); if (isvalid_email_redirection($mail, $user)) { $from = $action == 'marketu' ? 'user' : 'staff'; $market = Marketing::get($uids[$key], $mail); if (!$market) { $market = new Marketing($uids[$key], $mail, 'list', $mlist->address, $from, S::v('uid')); $market->add(); break; } } default: XDB::execute('INSERT IGNORE INTO register_subs (uid, type, sub, domain) VALUES ({?}, \'list\', {?}, {?})', $uids[$key], $mlist->mbox, $mlist->domain); } } } if (Env::has('add_member') || isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) { S::assert_xsrf_token(); if (isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) { $upload =& PlUpload::get($_FILES['add_member_file'], S::user()->login(), 'list.addmember', true); if (!$upload) { $page->trigError("Une erreur s'est produite lors du téléchargement du fichier."); } else { $logins = $upload->getContents(); } } else { $logins = Env::v('add_member'); } $logins = preg_split("/[; ,\r\n\\|]+/", $logins); $members = User::getBulkForlifeEmailsFromEmail($logins); $unfound = array_diff_key($logins, $members); // Make sure we send a list (array_values) of unique (array_unique) // emails. $members = array_values(array_unique($members)); $arr = $mlist->subscribeBulk($members); $successes = array(); if (is_array($arr)) { foreach ($arr as $addr) { $successes[] = $addr[1]; $page->trigSuccess("{$addr[0]} inscrit."); } } $already = array_diff($members, $successes); if (is_array($already)) { foreach ($already as $item) { $page->trigWarning($item . ' est déjà inscrit.'); } } if (is_array($unfound)) { foreach ($unfound as $item) { if (trim($item) != '') { $page->trigError($item . " ne correspond pas à un compte existant et n'est pas une adresse email."); } } } } if (Env::has('del_member')) { S::assert_xsrf_token(); if (strpos(Env::v('del_member'), '@') === false) { if ($del_member = User::getSilent(Env::t('del_member'))) { $mlist->unsubscribeBulk(array($del_member->forlifeEmail())); } } else { $mlist->unsubscribeBulk(array(Env::v('del_member'))); } pl_redirect('lists/admin/' . $liste); } if (Env::has('add_owner')) { S::assert_xsrf_token(); $owners = User::getBulkForlifeEmailsFromEmail(Env::v('add_owner')); if ($owners) { foreach ($owners as $forlife_email) { if ($mlist->addOwner($forlife_email)) { $page->trigSuccess($login . " ajouté aux modérateurs."); } } } } if (Env::has('del_owner')) { S::assert_xsrf_token(); if (strpos(Env::v('del_owner'), '@') === false) { if ($del_owner = User::getSilent(Env::t('del_owner'))) { $mlist->removeOwner($del_owner->forlifeEmail()); } else { // Shit happens, and a non-email could be set as the owner $mlist->removeOwner(Env::v('del_owner')); } } else { $mlist->removeOwner(Env::v('del_owner')); } pl_redirect('lists/admin/' . $liste); } if (list($det, $mem, $own) = $mlist->getMembers()) { global $list_unregistered; if ($list_unregistered) { $page->assign_by_ref('unregistered', $list_unregistered); } $membres = list_sort_members($mem, @$tri_promo); $moderos = list_sort_owners($own, @$tri_promo); $page->assign_by_ref('details', $det); $page->assign_by_ref('members', $membres); $page->assign_by_ref('owners', $moderos); $page->assign('np_m', count($mem)); } else { $page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer.<br />" . " Si tu penses qu'il s'agit d'une erreur, " . "<a href='mailto:support@polytechnique.org'>contact le support</a>."); } }
function handler_send($page) { $page->changeTpl('emails/send.tpl'); $page->setTitle('Envoyer un email'); // action si on recoit un formulaire if (Post::has('save')) { if (!S::has_xsrf_token()) { return PL_FORBIDDEN; } unset($_POST['save']); if (trim(preg_replace('/-- .*/', '', Post::v('contenu'))) != "") { Post::set('to_contacts', explode(';', Post::s('to_contacts'))); Post::set('cc_contacts', explode(';', Post::s('cc_contacts'))); $data = serialize($_POST); XDB::execute('INSERT INTO email_send_save (uid, data) VALUES ({?}, {?}) ON DUPLICATE KEY UPDATE data = VALUES(data)', S::user()->id('uid'), $data); } exit; } else { if (Env::v('submit') == 'Envoyer') { S::assert_xsrf_token(); function getEmails($aliases) { if (!is_array($aliases)) { return null; } $uf = new UserFilter(new UFC_Hrpid($aliases)); $users = $uf->iterUsers(); $ret = array(); while ($user = $users->next()) { $ret[] = $user->forlife; } return join(', ', $ret); } $error = false; foreach ($_FILES as &$file) { if ($file['name'] && !PlUpload::get($file, S::user()->login(), 'emails.send', false)) { $page->trigError(PlUpload::$lastError); $error = true; break; } } if (!$error) { XDB::execute("DELETE FROM email_send_save\n WHERE uid = {?}", S::user()->id()); $to2 = getEmails(Env::v('to_contacts')); $cc2 = getEmails(Env::v('cc_contacts')); $txt = str_replace('^M', '', Env::v('contenu')); $to = str_replace(';', ',', Env::t('to')); $subj = Env::t('sujet'); $from = Env::t('from'); $cc = str_replace(';', ',', Env::t('cc')); $bcc = str_replace(';', ',', Env::t('bcc')); $email_regex = '/^[a-z0-9.\\-+_\\$]+@([\\-.+_]?[a-z0-9])+$/i'; foreach (explode(',', $to . ',' . $cc . ',' . $bcc) as $email) { $email = trim($email); if ($email != '' && !preg_match($email_regex, $email)) { $page->trigError("L'adresse email " . $email . ' est erronée.'); $error = true; } } if (empty($to) && empty($cc) && empty($to2) && empty($bcc) && empty($cc2)) { $page->trigError("Indique au moins un destinataire."); $error = true; } if ($error) { $page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send')); } else { $mymail = new PlMailer(); $mymail->setFrom($from); $mymail->setSubject($subj); if (!empty($to)) { $mymail->addTo($to); } if (!empty($cc)) { $mymail->addCc($cc); } if (!empty($bcc)) { $mymail->addBcc($bcc); } if (!empty($to2)) { $mymail->addTo($to2); } if (!empty($cc2)) { $mymail->addCc($cc2); } $files =& PlUpload::listFiles(S::user()->login(), 'emails.send'); foreach ($files as $name => &$upload) { $mymail->addUploadAttachment($upload, $name); } if (Env::v('wiki') == 'text') { $mymail->setTxtBody(wordwrap($txt, 78, "\n")); } else { $mymail->setWikiBody($txt); } if ($mymail->send()) { $page->trigSuccess("Ton email a bien été envoyé."); $_REQUEST = array('bcc' => S::user()->bestEmail()); PlUpload::clear(S::user()->login(), 'emails.send'); } else { $page->trigError("Erreur lors de l'envoi du courriel, réessaye."); $page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send')); } } } } else { $res = XDB::query("SELECT data\n FROM email_send_save\n WHERE uid = {?}", S::i('uid')); if ($res->numRows() == 0) { PlUpload::clear(S::user()->login(), 'emails.send'); $_REQUEST['bcc'] = S::user()->bestEmail(); } else { $data = unserialize($res->fetchOneCell()); $_REQUEST = array_merge($_REQUEST, $data); } } } $uf = new UserFilter(new PFC_And(new UFC_Contact(S::user()), new UFC_Registered()), UserFilter::sortByName()); $contacts = $uf->getProfiles(); $page->assign('contacts', $contacts); $page->assign('maxsize', ini_get('upload_max_filesize') . 'o'); $page->assign('user', S::user()); $preferences = XDB::fetchOneAssoc('SELECT from_email, from_format FROM accounts WHERE uid = {?}', S::user()->id()); if ($preferences['from_email'] == '') { $preferences['from_email'] = '"' . S::user()->fullName() . '" <' . S::user()->bestEmail() . '>'; } $page->assign('preferences', $preferences); }
function handler_mail($page) { global $globals; if ($globals->asso('disable_mails')) { return PL_FORBIDDEN; } $page->changeTpl('xnetgrp/mail.tpl'); $mmlist = new MMList(S::user(), $globals->asso('mail_domain')); $page->assign('listes', $mmlist->get_lists()); $page->assign('user', S::user()); if (Post::has('send')) { S::assert_xsrf_token(); $from = Post::v('from'); $sujet = Post::v('sujet'); $body = Post::v('body'); $mls = array_keys(Env::v('ml', array())); $mbr = array_keys(Env::v('membres', array())); $this->load('mail.inc.php'); set_time_limit(120); $tos = get_all_redirects($mbr, $mls, $mmlist); $upload = PlUpload::get($_FILES['uploaded'], S::user()->login(), 'xnet.emails', true); if (!$upload && @$_FILES['uploaded']['name'] && PlUpload::$lastError != null) { $page->trigError(PlUpload::$lastError); return; } send_xnet_mails($from, $sujet, $body, Env::v('wiki'), $tos, Post::v('replyto'), $upload, @$_FILES['uploaded']['name']); if ($upload) { $upload->rm(); } $page->killSuccess("Email envoyé !"); $page->assign('sent', true); } }