public function __construct()
{
global $globals;
parent::__construct();
// Set the default page
$this->changeTpl('platal/index.tpl');
if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false) {
$this->addJsLink('json2.js');
}
$this->addJsLink('jquery.xorg.js');
$this->addJsLink('overlib.js');
$this->addJsLink('core.js');
$this->addJsLink('xorg.js');
if ($globals->core->sentry_js_dsn) {
$this->addJsLink('raven.min.js');
}
$this->setTitle('le site des élèves et anciens élèves de l\'École polytechnique');
if (S::logged() && S::user()->checkPerms('admin')) {
$types = array(S::user()->type);
$perms = DirEnum::getOptions(DirEnum::ACCOUNTTYPES);
ksort($perms);
foreach ($perms as $type => $perm) {
if (!empty($perm) && $type != $types[0]) {
$types[] = $type;
}
}
$this->assign('account_types_list', $types);
$skins = DirEnum::getOptions(DirEnum::SKINS);
asort($skins);
$this->assign('skin_list', $skins);
}
}
public static function assign_json_to_map(PlPage $page, $pids = null)
{
if (!is_null($pids)) {
$where = XDB::format(' AND pa.pid IN {?}', $pids);
} else {
$where = '';
}
if (!S::logged() || !S::user()->checkPerms('directory_ax')) {
$where .= " AND pa.pub = 'public'";
$name_publicity = 'public';
} else {
if (!S::user()->checkPerms('directory_private')) {
$where .= " AND pa.pub = 'ax'";
$name_publicity = 'public';
} else {
$name_publicity = 'private';
}
}
$data = XDB::rawFetchAllAssoc('SELECT pa.latitude, pa.longitude, GROUP_CONCAT(DISTINCT p.hrpid SEPARATOR \',\') AS hrpid,
GROUP_CONCAT(pd.promo SEPARATOR \',\') AS promo,
GROUP_CONCAT(DISTINCT pd.' . $name_publicity . '_name, \' (\', pd.promo, \')\' SEPARATOR \', \') AS name,
GROUP_CONCAT(DISTINCT pa.pid SEPARATOR \',\') AS pid
FROM profile_addresses AS pa
INNER JOIN profiles AS p ON (pa.pid = p.pid)
INNER JOIN profile_display AS pd ON (pd.pid = pa.pid)
WHERE pa.type = \'home\' AND p.deathdate IS NULL AND pa.latitude IS NOT NULL AND pa.longitude IS NOT NULL' . $where . '
GROUP BY pa.latitude, pa.longitude');
$page->jsonAssign('data', $data);
}
function handler_news($page, $id = false)
{
if (S::logged()) {
$this->handler_news_new($page, $id);
} else {
$this->handler_news_current($page, $id);
}
}
function handler_out($page, $hash = null, $issue_id = null)
{
$hash = $hash == 'nohash' ? null : $hash;
if (!$hash) {
if (!S::logged()) {
return PL_DO_AUTH;
}
}
return $this->handler_nl($page, 'out', $hash, $issue_id);
}
public function force_login(PlPage $page)
{
header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
if (S::logged()) {
$page->changeTpl('core/password_prompt_logged.tpl');
} else {
$page->changeTpl('core/password_prompt.tpl');
}
$page->assign_by_ref('platal', $this);
$page->run();
}
public static function defaultForEdit($max_level = null)
{
if (!S::logged()) {
$vis = self::get(self::VIEW_NONE);
} else {
$vis = S::user()->editVisibility();
}
if ($max_level != null) {
return $vis->restrict($max_level);
} else {
return $vis;
}
}
public function startAvailableAuth()
{
if (!S::logged() && Get::has('auth')) {
if (!$this->start(AUTH_PASSWD)) {
return false;
}
}
global $globals;
if (!S::logged() && $globals->xnet->auth_baseurl) {
// prevent connection to be linked to disconnection
if (($i = strpos($_SERVER['REQUEST_URI'], 'exit')) !== false) {
$returl = "http://{$_SERVER['SERVER_NAME']}" . substr($_SERVER['REQUEST_URI'], 0, $i);
} else {
$returl = "http://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}";
}
$url = $globals->xnet->auth_baseurl;
$url .= "?session=" . session_id();
$url .= "&challenge=" . S::v('challenge');
$url .= "&pass="******"&url=" . urlencode($returl);
S::set('loginX', $url);
}
if (S::logged() && $globals->asso()) {
$perms = S::v('perms');
$perms->rmFlag('groupadmin');
$perms->rmFlag('groupmember');
$perms->rmFlag('groupannu');
if (may_update()) {
$perms->addFlag('groupadmin');
$perms->addFlag('groupmember');
$perms->addFlag('groupannu');
}
if (is_member()) {
$perms->addFlag('groupmember');
if ($globals->asso('pub') != 'private') {
$perms->addFlag('groupannu');
}
} else {
if ($globals->asso('pub') == 'public') {
$perms->addFlag('groupannu');
}
}
if ($globals->asso('cat') == 'Promotions') {
$perms->addFlag('groupannu');
}
S::set('perms', $perms);
}
return true;
}
function smarty_function_poison($params, $smarty)
{
if (S::logged()) {
return '';
}
$count = isset($params['count']) ? $params['count'] : 20;
$seed = isset($params['seed']) ? $params['seed'] : date('r');
Platal::load('poison', 'poison.inc.php');
$emails = get_poison_emails($seed, $count);
$str = "<textarea>";
foreach ($emails as $email) {
$str .= "<a href=\"mailto:{$email}\">{$email}</a> ";
}
return $str . '</textarea>';
}
function handler_sso($page)
{
$this->load('sso.inc.php');
// First, perform security checks.
if (!wats4u_sso_check()) {
return PL_BAD_REQUEST;
}
global $globals;
if (!S::logged()) {
// Request auth.
$page->assign('external_auth', true);
$page->assign('ext_url', $globals->wats4u->public_url);
$page->setTitle('Authentification');
$page->setDefaultSkin('group_login');
$page->assign('group', null);
return PL_DO_AUTH;
}
if (!S::user()->checkPerms(PERMS_USER)) {
// External (X.net) account
return PL_FORBIDDEN;
}
// Update the last login information (unless the user is in SUID).
$uid = S::i('uid');
if (!S::suid()) {
global $platal;
S::logger($uid)->log('connexion_wats4u', $platal->path . ' ' . urldecode($_GET['url']));
}
// If we logged in specifically for this 'external_auth' request
// and didn't want to "keep access to services", we kill the session
// just before returning.
// See classes/xorgsession.php:startSessionAs
if (S::b('external_auth_exit')) {
S::logger()->log('deconnexion', @$_SERVER['HTTP_REFERER']);
Platal::session()->killAccessCookie();
Platal::session()->destroy();
}
// Compute return URL
$full_return = wats4u_sso_build_return_url(S::user());
if ($full_return === "") {
// Something went wrong
$page->kill("Erreur dans le traitement de la requête Wats4U.");
}
http_redirect($full_return);
}
function handler_ig_search($page)
{
if (Env::has('quick') && Env::s('quick') != '') {
global $globals;
require_once 'userset.inc.php';
$view = new QuickSearchSet();
$view->addMod('gadget', 'Gadget', true);
$view->apply(null, $page);
$nb_tot = $view->count();
$page->assign('result_count', $nb_tot);
if (!S::logged() && $nb_tot > $globals->search->public_max) {
$page->assign('error', 'Votre recherche a généré trop de résultats pour un affichage public.');
} elseif ($nb_tot > $globals->search->private_max) {
$page->assign('error', 'Recherche trop générale.');
} elseif (empty($nb_tot)) {
$page->assign('error', 'Il n\'existe personne correspondant à ces critères dans la base !');
} else {
$page->assign('error', false);
}
}
require_once 'gadgets/gadgets.inc.php';
init_igoogle_html('gadgets/ig-search.tpl', AUTH_PUBLIC);
}
function check_surveyPerms($page, $survey, $silent = false, $admin_allowed = true)
{
$this->load('survey.inc.php');
if ($survey->isMode(Survey::MODE_ALL)) {
// if the survey is not reserved to alumni
return true;
}
if (!S::logged()) {
return false;
}
$profile = S::user()->profile();
if (!$profile) {
return false;
}
// checks promotion
$allowed = false;
foreach ($profile->yearspromo() as $p) {
if ($survey->checkPromo($p)) {
$allowed = true;
break;
}
}
if ($allowed) {
return true;
}
if (S::admin() && $admin_allowed) {
if (!$silent) {
$page->trigWarning('Tu as accès à ce sondage car tu es administrateur du site.');
}
return true;
}
if (!$silent) {
$page->kill("Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions.");
}
return false;
}
function handler_openid($page, $login = null)
{
$this->load('openid.inc.php');
$requested_user = User::getSilent($login);
$server = new OpenId();
// Spec §4.1.2: if "openid.mode" is absent, we SHOULD assume that
// the request is not an OpenId message.
if (!$server->IsOpenIdRequest()) {
if ($requested_user) {
$server->RenderDiscoveryPage($page, $requested_user);
return;
} else {
pl_redirect('Xorg/OpenId');
}
exit;
}
// Initializes the OpenId environment from the request.
$server->Initialize();
// In modes 'checkid_immediate' and 'checkid_setup', we need to check
// by ourselves that we want to allow the user to be authenticated.
// Otherwise it can simply be forwarded to the Server object.
if ($server->IsAuthorizationRequest()) {
$authorized = S::logged() && $server->IsUserAuthorized(S::user()) && $server->IsEndpointTrusted(S::user());
if ($authorized) {
// TODO(vzanotti): SReg requests are currently not honored if
// the website is already trusted. We may want to redirect SReg
// requests to /openid/trust, to allow the user to choose.
$server->AnswerRequest(true);
} else {
if ($server->IsImmediateRequest()) {
$server->AnswerRequest(false);
} else {
// The user is currently not authorized to get her authorization
// request approved. Two possibilities:
// * the endpoint is not yet trusted => redirect to openid/trust
// * the user is not logged in => log in the user.
//
// The second case requires a special handling when the request
// was POSTed, as our current log in mechanism does not preserve
// POST arguments.
$openid_args = $server->GetQueryStringForRequest();
if (S::logged()) {
pl_redirect('openid/trust', $openid_args);
} else {
if (Post::has('openid_mode')) {
pl_redirect('openid', $openid_args);
} else {
return PL_DO_AUTH;
}
}
}
}
} else {
$server->HandleRequest();
}
// All requests should have been answered at this point. The best here
// is to get the user back to a safe page.
pl_redirect('');
}
function handler_skin($page)
{
if (Env::v('skin', '') != '') {
S::set('skin', Env::v('skin'));
if (S::logged()) {
S::user()->skin(Env::v('skin'));
}
}
$res = XDB::query('SELECT s.name, s.label, s.description, COUNT(a.skin) frequency
FROM skins AS s
LEFT JOIN account AS a ON a.skin = s.name
WHERE s.visibility = 1
GROUP BY s.name
ORDER BY frequency DESC');
$skins = $res->fetchAllAssoc();
$total = 0;
foreach ($skins as $skin) {
$total += $skin['frequency'];
}
$page->assign('total', $total);
$page->assign('skinsList', $skins);
$page->assign('title', "Modification de l'habillage");
$page->addCssLink('profile.css');
$page->changeTpl("profile/skins.tpl");
}
private function useMenu()
{
global $globals;
$menu = array();
$sub = array();
$sub['tous les groupes'] = 'plan';
$sub['documentation'] = 'Xnet';
if (S::user()->type == 'xnet') {
$sub['mon compte'] = 'edit';
$sub['mes préférences'] = $globals->xnet->xorg_baseurl . 'prefs';
}
$sub['signaler un bug'] = array('href' => 'send_bug/' . $_SERVER['REQUEST_URI'], 'class' => 'popup_840x600');
$menu["no_title"] = $sub;
$perms = S::v('perms');
$dim = $globals->asso('diminutif');
if (S::logged() && $globals->asso()) {
$sub = array();
$sub['présentation'] = "login/{$dim}/";
if ($perms->hasFlag('groupannu')) {
$sub['annuaire du groupe'] = "{$dim}/annuaire";
$sub['trombinoscope'] = "{$dim}/trombi";
}
if ($globals->asso('forum')) {
$sub['forum'] = "{$dim}/forum";
}
if ($perms->hasFlag('groupmember')) {
if ($globals->asso('mail_domain')) {
$sub['listes de diffusion'] = "{$dim}/lists";
}
if ($globals->asso('has_nl')) {
$sub['newsletter'] = "{$dim}/nl";
}
}
$sub['événement'] = "{$dim}/events";
if ($perms->hasFlag('groupadmin')) {
$sub['télépaiement'] = "{$dim}/payment";
}
$menu[$globals->asso('nom')] = $sub;
}
if ($globals->asso() && is_object($perms) && $perms->hasFlag('groupadmin')) {
$sub = array();
$sub['modifier l\'accueil'] = "{$dim}/edit";
$sub['gérer les annonces'] = "{$dim}/admin/announces";
if ($globals->asso('mail_domain')) {
if (!$globals->asso('disable_mails')) {
$sub['envoyer un mail'] = "{$dim}/mail";
}
$sub['créer une liste'] = "{$dim}/lists/create";
$sub['créer un alias'] = "{$dim}/alias/create";
}
if (!$globals->asso('has_nl')) {
$sub['créer la newsletter'] = "{$dim}/admin/nl/enable";
}
if (S::admin()) {
$sub['gérer les groupes'] = array('href' => 'admin', 'style' => 'color: gray;');
$sub['clear cache'] = array('href' => 'purge_cache?token=' . S::v('xsrf_token'), 'style' => 'color: gray;');
}
$menu['Administrer'] = $sub;
} elseif (S::admin()) {
$sub = array();
$sub['gérer les groupes'] = 'admin';
$sub['clear cache'] = 'purge_cache?token=' . S::v('xsrf_token');
$menu['Administrer'] = $sub;
}
$this->assign('menu', $menu);
}
function manage_ping($page, $id)
{
if (S::logged()) {
$res = XDB::query("SELECT uid, description FROM laf WHERE oid = {?}", $id)->fetchOneAssoc();
$user = new User($res['uid']);
$user->select(array(User::SELECT_BASE => array()));
$message = 'Un message a été envoyé à ' . $user->displayName() . ' (' . $user->bestEmail() . ') pour lui signaler que tu as retrouvé son objet.';
$page->assign('message', $message);
$mail = new FrankizMailer("lostandfound/mail.tpl");
$mail->assign('object', $res);
$mail->assign('user', S::user());
$mail->assign('type', 'ping');
$mail->SetFrom(S::user()->bestEmail(), S::user()->displayName());
$mail->AddAddress($user->bestEmail(), $user->displayName());
$mail->subject('[Frankiz] Objet perdu');
$mail->send(false);
} else {
$page->assign('not_logged', 'true');
}
}
public function run()
{
$skin = $this->load_skin();
$this->assign('skin', S::v('skin'));
$user = S::user();
$this->assign('user', $user);
$this->assign('logged', !is_null($user) && S::logged());
// Remote IP
$this->assign('remip', IPAddress::getInstance());
$this->assign('MiniModules_COL_FLOAT', FrankizMiniModule::get(S::user()->minimodules(FrankizMiniModule::COL_FLOAT)));
$this->addCssLink(FrankizMiniModule::batchCss());
// Enable JSON loading of the module only
if (Env::has('solo')) {
$this->jsonAssign('content', $this->raw());
$this->jsonAssign('title', $this->get_template_vars('title'));
$this->jsonAssign('pl_css', $this->get_template_vars('pl_css'));
$this->jsonAssign('pl_js', $this->get_template_vars('pl_js'));
$this->runJSon();
} else {
$this->assign('quick_validate', array());
if (S::user()->castes(Rights::admin())->count() > 0) {
$validate_filter = new ValidateFilter(new VFC_User(S::user()));
$validates = $validate_filter->get()->select(ValidateSelect::quick());
$quick_validate = $validates->split('group');
$this->assign('quick_validate', $quick_validate);
}
$request_filter = new ValidateFilter(new VFC_Writer(S::user()));
$requests = $request_filter->get()->select(ValidateSelect::quick());
$this->assign('self_url', pl_self());
$this->assign('quick_requests', $requests);
$this->_run(self::getTplPath('frankiz.tpl'));
}
}
/** Check whether a password is valid
* login_type can be uid, alias (for an email alias), hruid
*/
private function checkPassword($login, $response, $login_type = 'uid')
{
if ($login_type == 'alias') {
list($forlife, $domain) = explode('@', $login, 2);
$res = XDB::query('SELECT s.uid
FROM studies AS s
LEFT JOIN formations AS f ON (f.formation_id = s.formation_id AND f.domain = {?})
WHERE s.forlife = {?}', $domain, $forlife);
$login = $res->fetchOneCell();
$login_type = 'uid';
}
$res = XDB::query("SELECT uid, password, hruid\n FROM account\n WHERE {$login_type} = {?} AND state = 'active'", $login);
if (list($uid, $password, $hruid) = $res->fetchOneRow()) {
if (hash_compare($password, $response)) {
if (!S::logged()) {
Platal::page()->trigError('Mot de passe ou nom d\'utilisateur invalide');
} else {
Platal::page()->trigError('Mot de passe invalide');
}
S::logger($uid)->log('auth_fail', 'bad password');
return null;
}
return $uid;
}
Platal::page()->trigError('Mot de passe ou nom d\'utilisateur invalide');
return null;
}
function handler_index($page, $arg = null)
{
global $globals, $platal;
if (!is_null($arg)) {
return PL_NOT_FOUND;
}
$page->changeTpl('xnetgrp/asso.tpl');
if (S::logged()) {
if (Env::has('read')) {
XDB::query('DELETE r.*
FROM group_announces_read AS r
INNER JOIN group_announces AS a ON (a.id = r.announce_id)
WHERE expiration < CURRENT_DATE()');
XDB::query('INSERT INTO group_announces_read
VALUES ({?}, {?})', Env::i('read'), S::i('uid'));
pl_redirect("");
}
if (Env::has('unread')) {
XDB::query('DELETE FROM group_announces_read
WHERE announce_id = {?} AND uid = {?}', Env::i('unread'), S::i('uid'));
pl_redirect("#art" . Env::i('unread'));
}
/* TODO: refines this filter on promotions by using userfilter. */
$user = S::user();
if ($user->hasProfile()) {
$promo = XDB::format('{?}', $user->profile()->entry_year);
$minCondition = ' OR promo_min <= ' . $promo;
$maxCondition = ' OR promo_max >= ' . $promo;
} else {
$minCondition = '';
$maxCondition = '';
}
$arts = XDB::iterator('SELECT a.*, FIND_IN_SET(\'photo\', a.flags) AS photo
FROM group_announces AS a
LEFT JOIN group_announces_read AS r ON (r.uid = {?} AND r.announce_id = a.id)
WHERE asso_id = {?} AND expiration >= CURRENT_DATE()
AND (promo_min = 0' . $minCondition . ')
AND (promo_max = 0' . $maxCondition . ')
AND r.announce_id IS NULL
ORDER BY a.expiration', S::i('uid'), $globals->asso('id'));
$index = XDB::iterator('SELECT a.id, a.titre, r.uid IS NULL AS nonlu
FROM group_announces AS a
LEFT JOIN group_announces_read AS r ON (a.id = r.announce_id AND r.uid = {?})
WHERE asso_id = {?} AND expiration >= CURRENT_DATE()
AND (promo_min = 0' . $minCondition . ')
AND (promo_max = 0' . $maxCondition . ')
ORDER BY a.expiration', S::i('uid'), $globals->asso('id'));
$page->assign('article_index', $index);
} else {
$arts = XDB::iterator("SELECT *, FIND_IN_SET('photo', flags) AS photo\n FROM group_announces\n WHERE asso_id = {?} AND expiration >= CURRENT_DATE()\n AND FIND_IN_SET('public', flags)", $globals->asso('id'));
$payments = XDB::fetchAllAssoc("SELECT id, text\n FROM payments\n WHERE asso_id = {?} AND NOT FIND_IN_SET('old', flags) AND FIND_IN_SET('public', flags)\n ORDER BY id DESC", $globals->asso('id'));
$page->assign('payments', $payments);
}
if (may_update()) {
$subs_valid = XDB::query("SELECT uid\n FROM group_member_sub_requests\n WHERE asso_id = {?}", $globals->asso('id'));
$page->assign('requests', $subs_valid->numRows());
}
if (!S::hasAuthToken()) {
$page->setRssLink("Polytechnique.net :: {$globals->asso("nom")} :: News publiques", $platal->ns . "rss/rss.xml");
} else {
$page->setRssLink("Polytechnique.net :: {$globals->asso("nom")} :: News", $platal->ns . 'rss/' . S::v('hruid') . '/' . S::user()->token . '/rss.xml');
}
$page->assign('articles', $arts);
}
function handler_exit($page, $level = null)
{
if (S::suid()) {
$old = S::user()->login();
S::logger()->log('suid_stop', $old . " by " . S::suid('hruid'));
Platal::session()->stopSUID();
$target = S::s('suid_startpage');
S::kill('suid_startpage');
if (!empty($target)) {
http_redirect($target);
}
pl_redirect('admin/user/' . $old);
}
if ($level == 'forget' || $level == 'forgetall') {
Platal::session()->killAccessCookie();
}
if ($level == 'forgetuid' || $level == 'forgetall') {
Platal::session()->killLoginFormCookies();
}
if (S::logged()) {
S::logger()->log('deconnexion', @$_SERVER['HTTP_REFERER']);
Platal::session()->destroy();
}
if (Get::has('redirect')) {
http_redirect(rawurldecode(Get::v('redirect')));
} else {
$page->changeTpl('platal/exit.tpl');
}
}
function handler_referent($page, $pf)
{
$page->changeTpl('profile/fiche_referent.tpl', SIMPLE);
$pf = Profile::get($pf);
if (!$pf) {
return PL_NOT_FOUND;
}
// Referent view are logged.
if (S::logged()) {
S::logger()->log('view_referent', $pf->hrid());
}
$page->assign_by_ref('profile', $pf);
// Retrieves referents' countries.
$res = XDB::query("SELECT gc.country\n FROM profile_mentor_country AS m\n LEFT JOIN geoloc_countries AS gc ON (m.country = gc.iso_3166_1_a2)\n WHERE pid = {?}", $pf->id());
$page->assign('pays', $res->fetchColumn());
}
function handler_imap_in($page, $hash = null, $login = null)
{
$page->changeTpl('emails/imap_register.tpl');
$user = null;
if (!empty($hash) || !empty($login)) {
$user = User::getSilent($login);
if ($user) {
$req = XDB::query('SELECT 1
FROM newsletter_ins
WHERE uid = {?} AND hash = {?}', $user->id(), $hash);
if ($req->numRows() == 0) {
$user = null;
}
}
}
require_once 'emails.inc.php';
$page->assign('ok', false);
if (S::logged() && (is_null($user) || $user->id() == S::i('uid'))) {
Email::activate_storage(S::user(), 'imap', Bogo::IMAP_DEFAULT);
$page->assign('ok', true);
$page->assign('yourself', S::user()->displayName());
$page->assign('sexe', S::user()->isFemale());
} else {
if (!S::logged() && $user) {
Email::activate_storage($user, 'imap', Bogo::IMAP_DEFAULT);
$page->assign('ok', true);
$page->assign('yourself', $user->displayName());
$page->assign('sexe', $user->isFemale());
}
}
}
public function setSkin()
{
if (S::logged() && (!S::has('skin') || S::suid())) {
$res = XDB::query('SELECT skin_tpl
FROM accounts AS a
INNER JOIN skins AS s on (a.skin = s.id)
WHERE a.uid = {?} AND skin_tpl != \'\'', S::i('uid'));
S::set('skin', $res->fetchOneCell());
}
}
function handler_payment($page, $ref = -1)
{
$page->changeTpl('payment/payment.tpl');
$page->setTitle('Télépaiement');
$this->load('money.inc.php');
$meth = new PayMethod(Env::i('methode', -1));
$pay = new Payment($ref);
if (!$pay->flags->hasflag('public') && (!S::user() || !S::logged())) {
$page->kill("Vous n'avez pas les permissions nécessaires pour accéder à cette page.");
} else {
$page->assign('public', true);
}
if ($pay->flags->hasflag('old')) {
$page->kill('La transaction selectionnée est périmée.');
}
if (Env::has('montant')) {
$pay->amount_def = Env::v('montant');
}
$val = Post::v('amount') != 0 ? Post::v('amount') : $pay->amount_def;
if (($error = $pay->check($val)) !== true) {
$page->trigError($error);
}
if (Post::has('op') && Post::v('op', 'select') == 'submit') {
if (S::logged()) {
$user = S::user();
} else {
$user = User::getSilent(Post::t('login'));
}
if (is_null($user)) {
$page->trigError("L'identifiant est erroné.");
$page->assign('login_error', true);
$page->assign('login', Post::t('login'));
} else {
$pay->init($val, $meth);
$pay->prepareform($user);
$page->assign('full_name', $user->fullName(true));
$page->assign('sex', $user->isFemale());
}
} elseif (S::logged()) {
$res = XDB::iterator('SELECT ts_confirmed, amount
FROM payment_transactions
WHERE uid = {?} AND ref = {?}
ORDER BY ts_confirmed DESC', S::v('uid', -1), $pay->id);
if ($res->total()) {
$page->assign('transactions', $res);
}
// Only if $id = -1, meaning only for donation the site's association
if ($ref == -1) {
$biggest_donations = XDB::fetchAllAssoc('SELECT IF(p.display,
IF(ap.pid IS NOT NULL, CONCAT(a.full_name, \' (\', pd.promo, \')\'), a.full_name),
\'XXXX\') AS name, p.amount, p.ts_confirmed
FROM payment_transactions AS p
INNER JOIN accounts AS a ON (a.uid = p.uid)
LEFT JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET(\'owner\', ap.perms))
LEFT JOIN profile_display AS pd ON (ap.pid = pd.pid)
WHERE p.ref = {?}
ORDER BY LENGTH(p.amount) DESC, p.amount DESC, name
LIMIT 10', $pay->id);
$donations = XDB::fetchAllAssoc('(SELECT SUM(amount) AS amount, YEAR(ts_confirmed) AS year, MONTH(ts_confirmed) AS month, ts_confirmed
FROM payment_transactions
WHERE ref = {?} AND YEAR(ts_confirmed) = YEAR(CURDATE())
GROUP BY month)
UNION
(SELECT SUM(amount) AS amount, YEAR(ts_confirmed) AS year, 0 AS month, ts_confirmed
FROM payment_transactions
WHERE ref = {?} AND YEAR(ts_confirmed) < YEAR(CURDATE())
GROUP BY year)
ORDER BY year DESC, month DESC', $pay->id, $pay->id);
$page->assign('biggest_donations', $biggest_donations);
$page->assign('donations', $donations);
$page->assign('donation', true);
}
}
$val = floor($val * 100) / 100;
$page->assign('amount', $val);
$page->assign('comment', Env::v('comment'));
$page->assign('meth', $meth);
$page->assign('pay', $pay);
$page->assign('evtlink', $pay->event());
}
public function __construct(PlFilterCondition $cond = null)
{
if (!S::logged()) {
Env::kill('with_soundex');
}
parent::__construct(new UFB_QuickSearch(), $cond);
}
function handler_referent($page, $action = null, $subaction = null)
{
global $globals;
$wp = new PlWikiPage('Docs.Emploi');
$wp->buildCache();
$page->setTitle('Emploi et Carrières');
$page->addJsLink('jquery.ui.xorg.js');
// Count mentors
$res = XDB::query("SELECT count(distinct pid) FROM profile_mentor_term");
$page->assign('mentors_number', $res->fetchOneCell());
// Search for mentors matching filters
require_once 'ufbuilder.inc.php';
$ufb = new UFB_MentorSearch();
if (!$ufb->isEmpty()) {
// Search query is logged
if (S::logged() && !Env::has('page')) {
S::logger()->log('search_referent', 'adv=' . var_export($_GET, true));
}
require_once 'userset.inc.php';
$ufc = $ufb->getUFC();
$set = new ProfileSet($ufc);
$set->addMod('mentor', 'Référents');
$set->apply('referent/search', $page, $action, $subaction);
$nb_tot = $set->count();
if ($nb_tot > $globals->search->private_max) {
$this->form_prepare();
$page->trigError('Recherche trop générale.');
$page->assign('plset_count', 0);
} else {
if ($nb_tot == 0) {
$this->form_prepare();
$page->trigError('Il n\'existe personne correspondant à ces critères dans la base.');
}
}
}
$page->changeTpl('search/referent.tpl');
}
