public function prepare(PlPage $page, $id)
{
$wp = new PlWikiPage((@$GLOBALS['IS_XNET_SITE'] ? 'ReviewXnet' : 'Review') . '.' . ucfirst($id));
$wp->buildCache();
$page->assign('cacheExists', $wp->cacheFilename());
$page->assign('article', $wp->name);
}
function handler_index($page, $action = '', $subaction = '')
{
global $globals;
if (!$this->isDeltaTenEnabled(S::user(), Profile::DELTATEN_YOUNG)) {
$page->killError("Ta promotion ne participe pas à l'opération N N-10.");
}
if ($this->isDeltaTenEnabled(S::user(), Profile::DELTATEN_OLD)) {
$profile = S::user()->profile();
if ($profile->getDeltatenMessage()) {
$page->trigSuccess("Tu participes bien à l'opération N N-10 en tant qu'ancien.");
} else {
$page->trigWarning("Tu ne participes pas encore à l'opération N N-10 en tant qu'ancien.");
}
}
$page->setTitle("Opération N N-10");
$page->assign('deltaten_promo_old', S::user()->profile()->yearpromo() - 10);
$wp = new PlWikiPage('Docs.Deltaten');
$wp->buildCache();
require_once 'ufbuilder.inc.php';
$ufb = new UFB_DeltaTenSearch();
$page->addJsLink('search.js');
if (!$ufb->isEmpty()) {
require_once 'userset.inc.php';
$ufc = $ufb->getUFC();
if (!$ufc instanceof PFC_And) {
$ufc = new PFC_And($ufc);
}
$ufc->addChild(new UFC_DeltaTen());
$ufc->addChild(new UFC_Promo('=', UserFilter::GRADE_ING, S::user()->profile()->yearpromo() - 10));
$set = new ProfileSet($ufc);
$set->addMod('minifiche', 'Opération N N-10');
$set->apply('deltaten/search', $page, $action, $subaction);
$nb_tot = $set->count();
if ($nb_tot > $globals->search->private_max) {
$page->assign('formulaire', 1);
$page->trigError('Recherche trop générale.');
$page->assign('plset_count', 0);
} else {
if ($nb_tot == 0) {
$page->assign('formulaire', 1);
$page->trigError("Il n'existe personne correspondant à ces critères dans la base.");
}
}
}
$page->changeTpl('deltaten/index.tpl');
}
function handler_coml_submit($page)
{
$page->changeTpl('comletter/submit.tpl');
$nl = $this->getNl();
if (!$nl) {
return PL_NOT_FOUND;
}
$wp = new PlWikiPage('Xorg.LettreCommunaute');
$wp->buildCache();
if (Post::has('see') || Post::has('valid') && (!trim(Post::v('title')) || !trim(Post::v('body')))) {
if (!Post::has('see')) {
$page->trigError("L'article doit avoir un titre et un contenu");
}
$art = new ComLArticle(Post::v('title'), Post::v('body'), Post::v('append'));
$page->assign('art', $art);
} elseif (Post::has('valid')) {
$art = new ComLReq(S::user(), Post::v('title'), Post::v('body'), Post::v('append'));
$art->submit();
$page->assign('submited', true);
}
$page->addCssLink($nl->cssFile());
}
function handler_review($page, $action = null, $mode = null)
{
// Include X-XRDS-Location response-header for Yadis discovery
global $globals;
header('X-XRDS-Location: ' . $globals->baseurl . '/openid/xrds');
$this->load('review.inc.php');
$dom = 'Review';
if (@$GLOBALS['IS_XNET_SITE']) {
$dom .= 'Xnet';
}
$wp = new PlWikiPage($dom . '.Admin');
$conf = explode('%0a', $wp->getField('text'));
$wiz = new PlWizard('Tour d\'horizon', PlPage::getCoreTpl('plwizard.tpl'), true);
foreach ($conf as $line) {
$list = preg_split('/\\s*[*|]\\s*/', $line, -1, PREG_SPLIT_NO_EMPTY);
$wiz->addPage('ReviewPage', $list[0], $list[1]);
}
$wiz->apply($page, 'review', $action, $mode);
}
function handler_wiki($page, $action = 'list', $wikipage = null, $wikipage2 = null)
{
if (S::hasAuthToken()) {
$page->setRssLink('Changement Récents', '/Site/AllRecentChanges?action=rss&user='******'hruid') . '&hash=' . S::user()->token);
}
// update wiki perms
if ($action == 'update') {
S::assert_xsrf_token();
$perms_read = Post::v('read');
$perms_edit = Post::v('edit');
if ($perms_read || $perms_edit) {
foreach ($_POST as $wiki_page => $val) {
if ($val == 'on') {
$wp = new PlWikiPage(str_replace(array('_', '/'), '.', $wiki_page));
if ($wp->setPerms($perms_read ? $perms_read : $wp->readPerms(), $perms_edit ? $perms_edit : $wp->writePerms())) {
$page->trigSuccess("Permission de la page {$wiki_page} mises à jour");
} else {
$page->trigError("Impossible de mettre les permissions de la page {$wiki_page} à jour");
}
}
}
}
} else {
if ($action != 'list' && !empty($wikipage)) {
$wp = new PlWikiPage($wikipage);
S::assert_xsrf_token();
if ($action == 'delete') {
if ($wp->delete()) {
$page->trigSuccess("La page " . $wikipage . " a été supprimée.");
} else {
$page->trigError("Impossible de supprimer la page " . $wikipage . ".");
}
} else {
if ($action == 'rename' && !empty($wikipage2) && $wikipage != $wikipage2) {
if ($changedLinks = $wp->rename($wikipage2)) {
$s = 'La page <em>' . $wikipage . '</em> a été déplacée en <em>' . $wikipage2 . '</em>.';
if (is_numeric($changedLinks)) {
$s .= $changedLinks . ' lien' . ($changedLinks > 1 ? 's ont été modifiés.' : ' a été modifié.');
}
$page->trigSuccess($s);
} else {
$page->trigError("Impossible de déplacer la page " . $wikipage);
}
}
}
}
}
$perms = PlWikiPage::permOptions();
// list wiki pages and their perms
$wiki_pages = PlWikiPage::listPages();
ksort($wiki_pages);
$wiki_tree = array();
foreach ($wiki_pages as $file => $desc) {
list($cat, $name) = explode('.', $file);
if (!isset($wiki_tree[$cat])) {
$wiki_tree[$cat] = array();
}
$wiki_tree[$cat][$name] = $desc;
}
$page->changeTpl('admin/wiki.tpl');
$page->assign('wiki_pages', $wiki_tree);
$page->assign('perms_opts', $perms);
}
function handler_broken($page, $warn = null, $email = null)
{
require_once 'emails.inc.php';
$wp = new PlWikiPage('Xorg.PatteCassée');
$wp->buildCache();
global $globals;
$page->changeTpl('emails/broken.tpl');
if ($warn == 'warn' && $email) {
S::assert_xsrf_token();
// Usual verifications.
$email = valide_email($email);
$uid = XDB::fetchOneCell('SELECT uid
FROM email_redirect_account
WHERE redirect = {?}', $email);
if ($uid) {
$dest = User::getWithUID($uid);
$active = XDB::fetchOneCell('SELECT flags
FROM email_redirect_account
WHERE redirect = {?} AND uid = {?}', $email, $uid) == 'active';
$mail = new PlMailer('emails/broken-web.mail.tpl');
$mail->assign('email', $email);
$mail->assign('request', S::user());
$mail->sendTo($dest);
$page->trigSuccess('Email envoyé !');
}
} elseif (Post::has('email')) {
S::assert_xsrf_token();
$email = Post::t('email');
if (!User::isForeignEmailAddress($email)) {
$page->assign('neuneu', true);
} else {
$user = mark_broken_email($email);
$page->assign('user', $user);
$page->assign('email', $email);
}
}
}
function handler_ev_submit($page)
{
$page->changeTpl('events/submit.tpl');
$wp = new PlWikiPage('Xorg.Annonce');
$wp->buildCache();
$titre = Post::v('titre');
$texte = Post::v('texte');
$promo_min = Post::i('promo_min');
$promo_max = Post::i('promo_max');
$expiration = Post::i('expiration');
$valid_mesg = Post::v('valid_mesg');
$action = Post::v('action');
$upload = new PlUpload(S::user()->login(), 'event');
$this->upload_image($page, $upload);
if ($promo_min > $promo_max && $promo_max != 0 || $promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020) || $promo_max != 0 && ($promo_max <= 1900 || $promo_max >= 2020)) {
$page->trigError("L'intervalle de promotions n'est pas valide");
$action = null;
}
$page->assign('titre', $titre);
$page->assign('texte', $texte);
$page->assign('promo_min', $promo_min);
$page->assign('promo_max', $promo_max);
$page->assign('expiration', $expiration);
$page->assign('valid_mesg', $valid_mesg);
$page->assign('action', strtolower($action));
$page->assign_by_ref('upload', $upload);
if ($action == 'Supprimer l\'image') {
$upload->rm();
$page->assign('action', false);
} elseif ($action && (!trim($texte) || !trim($titre))) {
$page->trigError("L'article doit avoir un titre et un contenu");
} elseif ($action) {
S::assert_xsrf_token();
$evtreq = new EvtReq($titre, $texte, $promo_min, $promo_max, $expiration, $valid_mesg, S::user(), $upload);
$evtreq->submit();
$page->assign('ok', true);
} elseif (!Env::v('preview')) {
$upload->rm();
}
}
function handler_register($page, $hash = null)
{
$page->forceSkin('register');
$alert = array();
$alert_details = '';
$subState = new PlDict(S::v('subState', array()));
if (!$subState->has('step')) {
$subState->set('step', 0);
}
if (!$subState->has('backs')) {
$subState->set('backs', new PlDict());
}
if (Get::has('back') && Get::i('back') < $subState->i('step')) {
$subState->set('step', max(0, Get::i('back')));
$subState->v('backs')->set($subState->v('backs')->count() + 1, $subState->dict());
$subState->v('backs')->kill('backs');
if ($subState->v('backs')->count() == 3) {
$alert[] = "Tentative d'inscription très hésitante";
$alert_details .= "\n * Retours en arrières : 3.";
}
}
if ($hash) {
$res = XDB::query("SELECT a.uid, a.hruid, ppn.lastname_initial AS lastname, ppn.firstname_initial AS firstname, p.xorg_id AS xorgid,\n pd.promo, pe.promo_year AS yearpromo, pde.degree AS edu_type,\n p.birthdate_ref AS birthdateRef, FIND_IN_SET('watch', a.flags) AS watch, m.hash, a.type, a.comment\n FROM register_marketing AS m\n INNER JOIN accounts AS a ON (m.uid = a.uid)\n INNER JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profiles AS p ON (p.pid = ap.pid)\n INNER JOIN profile_display AS pd ON (p.pid = pd.pid)\n INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n INNER JOIN profile_education_degree_enum AS pde ON (pde.id = pe.degreeid)\n INNER JOIN profile_public_names AS ppn ON (ppn.pid = p.pid)\n WHERE m.hash = {?} AND a.state = 'pending'", $hash);
if ($res->numRows() == 1) {
$subState->merge($res->fetchOneRow());
$subState->set('main_mail_domain', User::$sub_mail_domains[$subState->v('type')]);
XDB::execute('INSERT INTO register_mstats (uid, sender, success)
SELECT m.uid, m.sender, 0
FROM register_marketing AS m
WHERE m.hash
ON DUPLICATE KEY UPDATE sender = VALUES(sender), success = VALUES(success)', $subState->s('hash'));
}
}
switch ($subState->i('step')) {
case 0:
$wp = new PlWikiPage('Reference.Charte');
$wp->buildCache();
if (Post::has('step1')) {
$subState->set('step', 1);
if ($subState->has('hash')) {
$subState->set('step', 3);
$this->load('register.inc.php');
createAliases($subState);
}
}
break;
case 1:
if (Post::has('yearpromo')) {
$edu_type = Post::t('edu_type');
$yearpromo = Post::i('yearpromo');
$promo = Profile::$cycle_prefixes[$edu_type] . $yearpromo;
$res = XDB::query("SELECT COUNT(*)\n FROM accounts AS a\n INNER JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profiles AS p ON (p.pid = ap.pid)\n INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n WHERE a.state = 'pending' AND p.deathdate IS NULL AND pe.promo_year = {?}", $yearpromo);
if (!$res->fetchOneCell()) {
$error = 'La promotion saisie est incorrecte ou tous les camarades de cette promotion sont inscrits !';
} else {
$subState->set('step', 2);
$subState->set('promo', $promo);
$subState->set('yearpromo', $yearpromo);
$subState->set('edu_type', $edu_type);
if ($edu_type == Profile::DEGREE_X) {
if ($yearpromo >= 1996 && $yearpromo < 2000) {
$subState->set('schoolid', $yearpromo % 100 * 10 . '???');
$subState->set('schoolid_exemple', $yearpromo % 100 * 10000 + 532);
$subState->set('schoolid_exemple_ev2', ($yearpromo + 1) % 100 * 10000 + 532);
} elseif ($yearpromo >= 2000) {
$subState->set('schoolid', 100 + $yearpromo % 100 . '???');
$subState->set('schoolid_exemple', (100 + $yearpromo % 100) * 1000 + 532);
$subState->set('schoolid_exemple_ev2', (100 + ($yearpromo + 1) % 100) * 1000 + 532);
}
}
}
}
break;
case 2:
if (count($_POST)) {
$this->load('register.inc.php');
$subState->set('firstname', Post::t('firstname'));
$subState->set('lastname', Post::t('lastname'));
if (Post::has('schoolid')) {
$subState->set('schoolid', Post::i('schoolid'));
}
$error = checkNewUser($subState);
if ($error !== true) {
break;
}
$error = createAliases($subState);
if ($error === true) {
unset($error);
$subState->set('step', 3);
}
}
break;
case 3:
if (count($_POST)) {
$this->load('register.inc.php');
// Validate the email address format and domain.
require_once 'emails.inc.php';
$user = User::get($subState->s('uid'));
if (!isvalid_email(Post::v('email'))) {
$error[] = "Le champ 'Email' n'est pas valide.";
} elseif (!isvalid_email_redirection(Post::v('email'), $user)) {
$error[] = $subState->s('forlife') . ' doit renvoyer vers un email existant ' . 'valide, en particulier, il ne peut pas être renvoyé vers lui-même.';
}
// Validate the birthday format and range.
$birth = Post::t('birthdate');
if (!preg_match('@^[0-3]?\\d/[01]?\\d/(19|20)?\\d{2}$@', $birth)) {
$error[] = "La 'Date de naissance' n'est pas correcte.";
} else {
$birth = explode('/', $birth, 3);
for ($i = 0; $i < 3; ++$i) {
$birth[$i] = intval($birth[$i]);
}
if ($birth[2] < 100) {
$birth[2] += 1900;
}
$year = $birth[2];
$ref_year = substr($subState->v('birthdateRef'), 0, 4);
if (abs($ref_year - $year) > 2) {
$error[] = "La 'Date de naissance' n'est pas correcte.";
$alert[] = "Date de naissance incorrecte à l'inscription";
$alert_details .= "\n * Date de naissance renseignée : " . Post::t('birthdate');
if ($subState->v('birthdateRef') == '0000-00-00') {
$alert_details .= ' (date inconnue)';
} else {
$alert_details .= ' (date connue : ' . $subState->v('birthdateRef') . ')';
}
$subState->set('wrong_birthdate', $birth);
}
}
// Register the optional services requested by the user.
$services = array();
foreach (array('com_letters', 'imap', 'ml_promo', 'nl') as $service) {
if (Post::b($service)) {
$services[] = $service;
}
}
$subState->set('services', $services);
// Validate the password.
if (!Post::v('pwhash', false)) {
$error[] = "Le mot de passe n'est pas valide.";
}
// Check if the given email is known as dangerous.
$res = XDB::query("SELECT state, description\n FROM email_watch\n WHERE email = {?} AND state != 'safe'", Post::v('email'));
$bannedEmail = false;
if ($res->numRows()) {
list($state, $description) = $res->fetchOneRow();
$alert[] = "Email surveillé proposé à l'inscription";
$alert_details .= "\n * Email surveillé : " . Post::v('email');
$subState->set('email_desc', $description);
if ($state == 'dangerous') {
$bannedEmail = true;
}
}
if ($subState->i('watch') != 0) {
$alert[] = "Inscription d'un utilisateur surveillé";
$alert_details .= "\n * Commentaire pour la surveillance : " . $subState->v('comment');
}
if ($bannedIp = check_ip('unsafe')) {
unset($error);
}
if (isset($error)) {
$error = join('<br />', $error);
} else {
$subState->set('birthdate', sprintf("%04d-%02d-%02d", intval($birth[2]), intval($birth[1]), intval($birth[0])));
$subState->set('email', Post::t('email'));
$subState->set('password', Post::t('pwhash'));
// Update the current alert if the birthdate is incorrect,
// or if the IP address of the user has been banned.
if ($subState->s('birthdateRef') != '0000-00-00' && $subState->s('birthdateRef') != $subState->s('birthdate')) {
$alert[] = "Date de naissance incorrecte à l'inscription";
$alert_details .= "\n * Date de naissance renseignée : " . Post::t('birthdate');
if ($subState->v('birthdateRef') == '0000-00-00') {
$alert_details .= ' (date inconnue)';
} else {
$alert_details .= ' (date connue : ' . $subState->v('birthdateRef') . ')';
}
}
if ($bannedIp) {
$alert[] = "Tentative d'inscription depuis une IP surveillée";
$alert_details .= "\n * IP surveillée : " . $_SESSION['check_ip'];
}
// Prevent banned user from actually registering; save the current state for others.
if ($bannedEmail || $bannedIp) {
global $globals;
$error = "Une erreur s'est produite lors de l'inscription." . " Merci de contacter <a href='mailto:register@{$globals->mail->domain}>" . " register@{$globals->mail->domain}</a>" . " pour nous faire part de cette erreur.";
} else {
$subState->set('step', 4);
if ($subState->v('backs')->count() >= 3) {
$alert[] = "Fin d'une inscription hésitante";
$alert_details .= "\n * Nombre de retours en arrière : " . $subState->v('backs')->count();
}
finishRegistration($subState);
}
}
}
break;
}
$_SESSION['subState'] = $subState->dict();
if (count($alert)) {
$alert_details = "Détails des alertes :" . $alert_details . "\n\n";
$alert_details .= 'Compte concerné : ' . $subState->s('forlife') . ' (redirection vers : ' . ($subState->s('email') == '' ? Post::t('email') : $subState->s('email')) . ")\n\n\n";
send_warning_mail(implode(' - ', $alert), $alert_details);
}
$page->changeTpl('register/step' . $subState->i('step') . '.tpl');
if (isset($error)) {
$page->trigError($error);
}
}
function handler_referent($page, $action = null, $subaction = null)
{
global $globals;
$wp = new PlWikiPage('Docs.Emploi');
$wp->buildCache();
$page->setTitle('Emploi et Carrières');
$page->addJsLink('jquery.ui.xorg.js');
// Count mentors
$res = XDB::query("SELECT count(distinct pid) FROM profile_mentor_term");
$page->assign('mentors_number', $res->fetchOneCell());
// Search for mentors matching filters
require_once 'ufbuilder.inc.php';
$ufb = new UFB_MentorSearch();
if (!$ufb->isEmpty()) {
// Search query is logged
if (S::logged() && !Env::has('page')) {
S::logger()->log('search_referent', 'adv=' . var_export($_GET, true));
}
require_once 'userset.inc.php';
$ufc = $ufb->getUFC();
$set = new ProfileSet($ufc);
$set->addMod('mentor', 'Référents');
$set->apply('referent/search', $page, $action, $subaction);
$nb_tot = $set->count();
if ($nb_tot > $globals->search->private_max) {
$this->form_prepare();
$page->trigError('Recherche trop générale.');
$page->assign('plset_count', 0);
} else {
if ($nb_tot == 0) {
$this->form_prepare();
$page->trigError('Il n\'existe personne correspondant à ces critères dans la base.');
}
}
}
$page->changeTpl('search/referent.tpl');
}
