public function prepare(PlPage $page, $id) { $wp = new PlWikiPage((@$GLOBALS['IS_XNET_SITE'] ? 'ReviewXnet' : 'Review') . '.' . ucfirst($id)); $wp->buildCache(); $page->assign('cacheExists', $wp->cacheFilename()); $page->assign('article', $wp->name); }
function handler_index($page, $action = '', $subaction = '') { global $globals; if (!$this->isDeltaTenEnabled(S::user(), Profile::DELTATEN_YOUNG)) { $page->killError("Ta promotion ne participe pas à l'opération N N-10."); } if ($this->isDeltaTenEnabled(S::user(), Profile::DELTATEN_OLD)) { $profile = S::user()->profile(); if ($profile->getDeltatenMessage()) { $page->trigSuccess("Tu participes bien à l'opération N N-10 en tant qu'ancien."); } else { $page->trigWarning("Tu ne participes pas encore à l'opération N N-10 en tant qu'ancien."); } } $page->setTitle("Opération N N-10"); $page->assign('deltaten_promo_old', S::user()->profile()->yearpromo() - 10); $wp = new PlWikiPage('Docs.Deltaten'); $wp->buildCache(); require_once 'ufbuilder.inc.php'; $ufb = new UFB_DeltaTenSearch(); $page->addJsLink('search.js'); if (!$ufb->isEmpty()) { require_once 'userset.inc.php'; $ufc = $ufb->getUFC(); if (!$ufc instanceof PFC_And) { $ufc = new PFC_And($ufc); } $ufc->addChild(new UFC_DeltaTen()); $ufc->addChild(new UFC_Promo('=', UserFilter::GRADE_ING, S::user()->profile()->yearpromo() - 10)); $set = new ProfileSet($ufc); $set->addMod('minifiche', 'Opération N N-10'); $set->apply('deltaten/search', $page, $action, $subaction); $nb_tot = $set->count(); if ($nb_tot > $globals->search->private_max) { $page->assign('formulaire', 1); $page->trigError('Recherche trop générale.'); $page->assign('plset_count', 0); } else { if ($nb_tot == 0) { $page->assign('formulaire', 1); $page->trigError("Il n'existe personne correspondant à ces critères dans la base."); } } } $page->changeTpl('deltaten/index.tpl'); }
function handler_coml_submit($page) { $page->changeTpl('comletter/submit.tpl'); $nl = $this->getNl(); if (!$nl) { return PL_NOT_FOUND; } $wp = new PlWikiPage('Xorg.LettreCommunaute'); $wp->buildCache(); if (Post::has('see') || Post::has('valid') && (!trim(Post::v('title')) || !trim(Post::v('body')))) { if (!Post::has('see')) { $page->trigError("L'article doit avoir un titre et un contenu"); } $art = new ComLArticle(Post::v('title'), Post::v('body'), Post::v('append')); $page->assign('art', $art); } elseif (Post::has('valid')) { $art = new ComLReq(S::user(), Post::v('title'), Post::v('body'), Post::v('append')); $art->submit(); $page->assign('submited', true); } $page->addCssLink($nl->cssFile()); }
function handler_review($page, $action = null, $mode = null) { // Include X-XRDS-Location response-header for Yadis discovery global $globals; header('X-XRDS-Location: ' . $globals->baseurl . '/openid/xrds'); $this->load('review.inc.php'); $dom = 'Review'; if (@$GLOBALS['IS_XNET_SITE']) { $dom .= 'Xnet'; } $wp = new PlWikiPage($dom . '.Admin'); $conf = explode('%0a', $wp->getField('text')); $wiz = new PlWizard('Tour d\'horizon', PlPage::getCoreTpl('plwizard.tpl'), true); foreach ($conf as $line) { $list = preg_split('/\\s*[*|]\\s*/', $line, -1, PREG_SPLIT_NO_EMPTY); $wiz->addPage('ReviewPage', $list[0], $list[1]); } $wiz->apply($page, 'review', $action, $mode); }
function handler_wiki($page, $action = 'list', $wikipage = null, $wikipage2 = null) { if (S::hasAuthToken()) { $page->setRssLink('Changement Récents', '/Site/AllRecentChanges?action=rss&user='******'hruid') . '&hash=' . S::user()->token); } // update wiki perms if ($action == 'update') { S::assert_xsrf_token(); $perms_read = Post::v('read'); $perms_edit = Post::v('edit'); if ($perms_read || $perms_edit) { foreach ($_POST as $wiki_page => $val) { if ($val == 'on') { $wp = new PlWikiPage(str_replace(array('_', '/'), '.', $wiki_page)); if ($wp->setPerms($perms_read ? $perms_read : $wp->readPerms(), $perms_edit ? $perms_edit : $wp->writePerms())) { $page->trigSuccess("Permission de la page {$wiki_page} mises à jour"); } else { $page->trigError("Impossible de mettre les permissions de la page {$wiki_page} à jour"); } } } } } else { if ($action != 'list' && !empty($wikipage)) { $wp = new PlWikiPage($wikipage); S::assert_xsrf_token(); if ($action == 'delete') { if ($wp->delete()) { $page->trigSuccess("La page " . $wikipage . " a été supprimée."); } else { $page->trigError("Impossible de supprimer la page " . $wikipage . "."); } } else { if ($action == 'rename' && !empty($wikipage2) && $wikipage != $wikipage2) { if ($changedLinks = $wp->rename($wikipage2)) { $s = 'La page <em>' . $wikipage . '</em> a été déplacée en <em>' . $wikipage2 . '</em>.'; if (is_numeric($changedLinks)) { $s .= $changedLinks . ' lien' . ($changedLinks > 1 ? 's ont été modifiés.' : ' a été modifié.'); } $page->trigSuccess($s); } else { $page->trigError("Impossible de déplacer la page " . $wikipage); } } } } } $perms = PlWikiPage::permOptions(); // list wiki pages and their perms $wiki_pages = PlWikiPage::listPages(); ksort($wiki_pages); $wiki_tree = array(); foreach ($wiki_pages as $file => $desc) { list($cat, $name) = explode('.', $file); if (!isset($wiki_tree[$cat])) { $wiki_tree[$cat] = array(); } $wiki_tree[$cat][$name] = $desc; } $page->changeTpl('admin/wiki.tpl'); $page->assign('wiki_pages', $wiki_tree); $page->assign('perms_opts', $perms); }
function handler_broken($page, $warn = null, $email = null) { require_once 'emails.inc.php'; $wp = new PlWikiPage('Xorg.PatteCassée'); $wp->buildCache(); global $globals; $page->changeTpl('emails/broken.tpl'); if ($warn == 'warn' && $email) { S::assert_xsrf_token(); // Usual verifications. $email = valide_email($email); $uid = XDB::fetchOneCell('SELECT uid FROM email_redirect_account WHERE redirect = {?}', $email); if ($uid) { $dest = User::getWithUID($uid); $active = XDB::fetchOneCell('SELECT flags FROM email_redirect_account WHERE redirect = {?} AND uid = {?}', $email, $uid) == 'active'; $mail = new PlMailer('emails/broken-web.mail.tpl'); $mail->assign('email', $email); $mail->assign('request', S::user()); $mail->sendTo($dest); $page->trigSuccess('Email envoyé !'); } } elseif (Post::has('email')) { S::assert_xsrf_token(); $email = Post::t('email'); if (!User::isForeignEmailAddress($email)) { $page->assign('neuneu', true); } else { $user = mark_broken_email($email); $page->assign('user', $user); $page->assign('email', $email); } } }
function handler_ev_submit($page) { $page->changeTpl('events/submit.tpl'); $wp = new PlWikiPage('Xorg.Annonce'); $wp->buildCache(); $titre = Post::v('titre'); $texte = Post::v('texte'); $promo_min = Post::i('promo_min'); $promo_max = Post::i('promo_max'); $expiration = Post::i('expiration'); $valid_mesg = Post::v('valid_mesg'); $action = Post::v('action'); $upload = new PlUpload(S::user()->login(), 'event'); $this->upload_image($page, $upload); if ($promo_min > $promo_max && $promo_max != 0 || $promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020) || $promo_max != 0 && ($promo_max <= 1900 || $promo_max >= 2020)) { $page->trigError("L'intervalle de promotions n'est pas valide"); $action = null; } $page->assign('titre', $titre); $page->assign('texte', $texte); $page->assign('promo_min', $promo_min); $page->assign('promo_max', $promo_max); $page->assign('expiration', $expiration); $page->assign('valid_mesg', $valid_mesg); $page->assign('action', strtolower($action)); $page->assign_by_ref('upload', $upload); if ($action == 'Supprimer l\'image') { $upload->rm(); $page->assign('action', false); } elseif ($action && (!trim($texte) || !trim($titre))) { $page->trigError("L'article doit avoir un titre et un contenu"); } elseif ($action) { S::assert_xsrf_token(); $evtreq = new EvtReq($titre, $texte, $promo_min, $promo_max, $expiration, $valid_mesg, S::user(), $upload); $evtreq->submit(); $page->assign('ok', true); } elseif (!Env::v('preview')) { $upload->rm(); } }
function handler_register($page, $hash = null) { $page->forceSkin('register'); $alert = array(); $alert_details = ''; $subState = new PlDict(S::v('subState', array())); if (!$subState->has('step')) { $subState->set('step', 0); } if (!$subState->has('backs')) { $subState->set('backs', new PlDict()); } if (Get::has('back') && Get::i('back') < $subState->i('step')) { $subState->set('step', max(0, Get::i('back'))); $subState->v('backs')->set($subState->v('backs')->count() + 1, $subState->dict()); $subState->v('backs')->kill('backs'); if ($subState->v('backs')->count() == 3) { $alert[] = "Tentative d'inscription très hésitante"; $alert_details .= "\n * Retours en arrières : 3."; } } if ($hash) { $res = XDB::query("SELECT a.uid, a.hruid, ppn.lastname_initial AS lastname, ppn.firstname_initial AS firstname, p.xorg_id AS xorgid,\n pd.promo, pe.promo_year AS yearpromo, pde.degree AS edu_type,\n p.birthdate_ref AS birthdateRef, FIND_IN_SET('watch', a.flags) AS watch, m.hash, a.type, a.comment\n FROM register_marketing AS m\n INNER JOIN accounts AS a ON (m.uid = a.uid)\n INNER JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profiles AS p ON (p.pid = ap.pid)\n INNER JOIN profile_display AS pd ON (p.pid = pd.pid)\n INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n INNER JOIN profile_education_degree_enum AS pde ON (pde.id = pe.degreeid)\n INNER JOIN profile_public_names AS ppn ON (ppn.pid = p.pid)\n WHERE m.hash = {?} AND a.state = 'pending'", $hash); if ($res->numRows() == 1) { $subState->merge($res->fetchOneRow()); $subState->set('main_mail_domain', User::$sub_mail_domains[$subState->v('type')]); XDB::execute('INSERT INTO register_mstats (uid, sender, success) SELECT m.uid, m.sender, 0 FROM register_marketing AS m WHERE m.hash ON DUPLICATE KEY UPDATE sender = VALUES(sender), success = VALUES(success)', $subState->s('hash')); } } switch ($subState->i('step')) { case 0: $wp = new PlWikiPage('Reference.Charte'); $wp->buildCache(); if (Post::has('step1')) { $subState->set('step', 1); if ($subState->has('hash')) { $subState->set('step', 3); $this->load('register.inc.php'); createAliases($subState); } } break; case 1: if (Post::has('yearpromo')) { $edu_type = Post::t('edu_type'); $yearpromo = Post::i('yearpromo'); $promo = Profile::$cycle_prefixes[$edu_type] . $yearpromo; $res = XDB::query("SELECT COUNT(*)\n FROM accounts AS a\n INNER JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profiles AS p ON (p.pid = ap.pid)\n INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n WHERE a.state = 'pending' AND p.deathdate IS NULL AND pe.promo_year = {?}", $yearpromo); if (!$res->fetchOneCell()) { $error = 'La promotion saisie est incorrecte ou tous les camarades de cette promotion sont inscrits !'; } else { $subState->set('step', 2); $subState->set('promo', $promo); $subState->set('yearpromo', $yearpromo); $subState->set('edu_type', $edu_type); if ($edu_type == Profile::DEGREE_X) { if ($yearpromo >= 1996 && $yearpromo < 2000) { $subState->set('schoolid', $yearpromo % 100 * 10 . '???'); $subState->set('schoolid_exemple', $yearpromo % 100 * 10000 + 532); $subState->set('schoolid_exemple_ev2', ($yearpromo + 1) % 100 * 10000 + 532); } elseif ($yearpromo >= 2000) { $subState->set('schoolid', 100 + $yearpromo % 100 . '???'); $subState->set('schoolid_exemple', (100 + $yearpromo % 100) * 1000 + 532); $subState->set('schoolid_exemple_ev2', (100 + ($yearpromo + 1) % 100) * 1000 + 532); } } } } break; case 2: if (count($_POST)) { $this->load('register.inc.php'); $subState->set('firstname', Post::t('firstname')); $subState->set('lastname', Post::t('lastname')); if (Post::has('schoolid')) { $subState->set('schoolid', Post::i('schoolid')); } $error = checkNewUser($subState); if ($error !== true) { break; } $error = createAliases($subState); if ($error === true) { unset($error); $subState->set('step', 3); } } break; case 3: if (count($_POST)) { $this->load('register.inc.php'); // Validate the email address format and domain. require_once 'emails.inc.php'; $user = User::get($subState->s('uid')); if (!isvalid_email(Post::v('email'))) { $error[] = "Le champ 'Email' n'est pas valide."; } elseif (!isvalid_email_redirection(Post::v('email'), $user)) { $error[] = $subState->s('forlife') . ' doit renvoyer vers un email existant ' . 'valide, en particulier, il ne peut pas être renvoyé vers lui-même.'; } // Validate the birthday format and range. $birth = Post::t('birthdate'); if (!preg_match('@^[0-3]?\\d/[01]?\\d/(19|20)?\\d{2}$@', $birth)) { $error[] = "La 'Date de naissance' n'est pas correcte."; } else { $birth = explode('/', $birth, 3); for ($i = 0; $i < 3; ++$i) { $birth[$i] = intval($birth[$i]); } if ($birth[2] < 100) { $birth[2] += 1900; } $year = $birth[2]; $ref_year = substr($subState->v('birthdateRef'), 0, 4); if (abs($ref_year - $year) > 2) { $error[] = "La 'Date de naissance' n'est pas correcte."; $alert[] = "Date de naissance incorrecte à l'inscription"; $alert_details .= "\n * Date de naissance renseignée : " . Post::t('birthdate'); if ($subState->v('birthdateRef') == '0000-00-00') { $alert_details .= ' (date inconnue)'; } else { $alert_details .= ' (date connue : ' . $subState->v('birthdateRef') . ')'; } $subState->set('wrong_birthdate', $birth); } } // Register the optional services requested by the user. $services = array(); foreach (array('com_letters', 'imap', 'ml_promo', 'nl') as $service) { if (Post::b($service)) { $services[] = $service; } } $subState->set('services', $services); // Validate the password. if (!Post::v('pwhash', false)) { $error[] = "Le mot de passe n'est pas valide."; } // Check if the given email is known as dangerous. $res = XDB::query("SELECT state, description\n FROM email_watch\n WHERE email = {?} AND state != 'safe'", Post::v('email')); $bannedEmail = false; if ($res->numRows()) { list($state, $description) = $res->fetchOneRow(); $alert[] = "Email surveillé proposé à l'inscription"; $alert_details .= "\n * Email surveillé : " . Post::v('email'); $subState->set('email_desc', $description); if ($state == 'dangerous') { $bannedEmail = true; } } if ($subState->i('watch') != 0) { $alert[] = "Inscription d'un utilisateur surveillé"; $alert_details .= "\n * Commentaire pour la surveillance : " . $subState->v('comment'); } if ($bannedIp = check_ip('unsafe')) { unset($error); } if (isset($error)) { $error = join('<br />', $error); } else { $subState->set('birthdate', sprintf("%04d-%02d-%02d", intval($birth[2]), intval($birth[1]), intval($birth[0]))); $subState->set('email', Post::t('email')); $subState->set('password', Post::t('pwhash')); // Update the current alert if the birthdate is incorrect, // or if the IP address of the user has been banned. if ($subState->s('birthdateRef') != '0000-00-00' && $subState->s('birthdateRef') != $subState->s('birthdate')) { $alert[] = "Date de naissance incorrecte à l'inscription"; $alert_details .= "\n * Date de naissance renseignée : " . Post::t('birthdate'); if ($subState->v('birthdateRef') == '0000-00-00') { $alert_details .= ' (date inconnue)'; } else { $alert_details .= ' (date connue : ' . $subState->v('birthdateRef') . ')'; } } if ($bannedIp) { $alert[] = "Tentative d'inscription depuis une IP surveillée"; $alert_details .= "\n * IP surveillée : " . $_SESSION['check_ip']; } // Prevent banned user from actually registering; save the current state for others. if ($bannedEmail || $bannedIp) { global $globals; $error = "Une erreur s'est produite lors de l'inscription." . " Merci de contacter <a href='mailto:register@{$globals->mail->domain}>" . " register@{$globals->mail->domain}</a>" . " pour nous faire part de cette erreur."; } else { $subState->set('step', 4); if ($subState->v('backs')->count() >= 3) { $alert[] = "Fin d'une inscription hésitante"; $alert_details .= "\n * Nombre de retours en arrière : " . $subState->v('backs')->count(); } finishRegistration($subState); } } } break; } $_SESSION['subState'] = $subState->dict(); if (count($alert)) { $alert_details = "Détails des alertes :" . $alert_details . "\n\n"; $alert_details .= 'Compte concerné : ' . $subState->s('forlife') . ' (redirection vers : ' . ($subState->s('email') == '' ? Post::t('email') : $subState->s('email')) . ")\n\n\n"; send_warning_mail(implode(' - ', $alert), $alert_details); } $page->changeTpl('register/step' . $subState->i('step') . '.tpl'); if (isset($error)) { $page->trigError($error); } }
function handler_referent($page, $action = null, $subaction = null) { global $globals; $wp = new PlWikiPage('Docs.Emploi'); $wp->buildCache(); $page->setTitle('Emploi et Carrières'); $page->addJsLink('jquery.ui.xorg.js'); // Count mentors $res = XDB::query("SELECT count(distinct pid) FROM profile_mentor_term"); $page->assign('mentors_number', $res->fetchOneCell()); // Search for mentors matching filters require_once 'ufbuilder.inc.php'; $ufb = new UFB_MentorSearch(); if (!$ufb->isEmpty()) { // Search query is logged if (S::logged() && !Env::has('page')) { S::logger()->log('search_referent', 'adv=' . var_export($_GET, true)); } require_once 'userset.inc.php'; $ufc = $ufb->getUFC(); $set = new ProfileSet($ufc); $set->addMod('mentor', 'Référents'); $set->apply('referent/search', $page, $action, $subaction); $nb_tot = $set->count(); if ($nb_tot > $globals->search->private_max) { $this->form_prepare(); $page->trigError('Recherche trop générale.'); $page->assign('plset_count', 0); } else { if ($nb_tot == 0) { $this->form_prepare(); $page->trigError('Il n\'existe personne correspondant à ces critères dans la base.'); } } } $page->changeTpl('search/referent.tpl'); }