Esempio n. 1
 protected function handle_editor()
     $this->art->body = Env::v('nl_body');
     $this->art->title = Env::v('nl_title');
     $this->art->append = Env::v('nl_append');
     return true;
Esempio n. 2
 function prepareform($pay, $user)
     // Documentation:
     // Warning: the automatic return only works if we force the
     // users to create a paypal account. We do not use it; thus
     // the user must come back on the site.
     global $globals, $platal;
     $this->urlform = 'https://' . $globals->money->paypal_site . '/cgi-bin/webscr';
     $roboturl = str_replace("https://", "http://", $globals->baseurl) . '/' . $platal->ns . "payment/paypal_return/" . $user->id() . "?comment=" . urlencode(Env::v('comment')) . '&display=' . Post::i('display');
     $this->infos = array('commercant' => array('business' => $globals->money->paypal_compte, 'rm' => 2, 'return' => $roboturl, 'cn' => 'Commentaires', 'no_shipping' => 1, 'cbt' => empty($GLOBALS['IS_XNET_SITE']) ? 'Revenir sur' : 'Revenir sur'));
     $info_client = array('first_name' => $user->firstName(), 'last_name' => $user->lastName(), 'email' => $user->bestEmail());
     if ($user->hasProfile()) {
         $res = XDB::query("SELECT  pa.text, GROUP_CONCAT(pace2.short_name) AS city,\n                                       GROUP_CONCAT(pace3.short_name) AS zip, GROUP_CONCAT(pace1.short_name) AS country,\n                                       IF(pp1.display_tel != '', pp1.display_tel, pp2.display_tel) AS night_phone_b\n                                 FROM  profile_addresses                 AS pa\n                            LEFT JOIN  profile_phones                    AS pp1   ON ( = AND pp1.link_type = 'address' AND pp1.link_id =\n                            LEFT JOIN  profile_phones                    AS pp2   ON ( = AND pp2.link_type = 'user' AND pp2.link_id = 0)\n                            LEFT JOIN  profile_addresses_components      AS pc    ON ( = AND pa.jobid = pc.jobid AND pa.groupid = pc.groupid\n                                                                                      AND pa.type = pc.type AND =\n                            LEFT JOIN  profile_addresses_components_enum AS pace1 ON (FIND_IN_SET('country', pace1.types) AND = pc.component_id)\n                            LEFT JOIN  profile_addresses_components_enum AS pace2 ON (FIND_IN_SET('locality', pace2.types) AND = pc.component_id)\n                            LEFT JOIN  profile_addresses_components_enum AS pace3 ON (FIND_IN_SET('postal_code', pace3.types) AND = pc.component_id)\n                                WHERE = {?} AND FIND_IN_SET('current', pa.flags)\n                             GROUP BY, pa.jobid, pa.groupid,, pa.type\n                                LIMIT  1", $user->profile()->id());
         if (is_array($res)) {
             $this->infos['client'] = array_map('replace_accent', array_merge($info_client, $res->fetchOneAssoc()));
             list($this->infos['client']['address1'], $this->infos['client']['address2']) = explode("\n", Geocoder::getFirstLines($this->infos['client']['text'], $this->infos['client']['zip'], 2));
         } else {
             $this->infos['client'] = array_map('replace_accent', $info_client);
     } else {
         $this->infos['client'] = array_map('replace_accent', $info_client);
     // We build the transaction's reference
     $prefix = rand_url_id();
     $fullref = substr("{$prefix}-xorg-{$pay->id}", -15);
     $this->infos['commande'] = array('item_name' => replace_accent($pay->text), 'amount' => $this->val_number, 'currency_code' => 'EUR', 'custom' => $fullref);
     $this->infos['divers'] = array('cmd' => '_xclick');
Esempio n. 3
 public function handler_admin_nl_sync($page)
     global $globals;
     $nl = $this->getNl();
     if (!$nl) {
         return PL_FORBIDDEN;
     if (Env::has('add_users')) {
         $page->trigSuccess('Ajouts réalisés avec succès.');
     // TODO(x2006barrois): remove raw SQL query.
     $uids = XDB::fetchColumn('SELECT  DISTINCT(g.uid)
                                 FROM  group_members AS g
                                WHERE  g.asso_id = {?} AND NOT EXISTS (SELECT  ni.*
                                                                         FROM  newsletter_ins AS ni
                                                                   INNER JOIN  newsletters    AS n  ON (ni.nlid =
                                                                        WHERE  g.uid = ni.uid AND n.group_id = g.asso_id)', $globals->asso('id'));
     $users = User::getBulkUsersWithUIDs($uids);
     usort($users, 'User::compareDirectoryName');
     $page->setTitle('Synchronisation de la newsletter');
     $page->assign('users', $users);
Esempio n. 4
 function handler_ajax_get($page)
     $json = json_decode(Env::v('json'));
     $wiki = new Wiki($json->wid);
     $versions = isset($json->versions) ? $json->versions : array('last');
     try {
         $wiki->select(array(Wiki::SELECT_VERSION => array('versions' => $versions, 'options' => UserSelect::base())));
         $page->jsonAssign('wiki', $wiki->export());
     } catch (Exception $e) {
         $page->jsonAssign('error', $e->getMessage());
     return PL_JSON;
Esempio n. 5
 public function sendmailfinal($isok)
     $mail = new FrankizMailer('validate/mail.valid.mail.tpl');
     $mail->assign('comm', Env::v('ans', ''));
     $mail->assign('targetGroup', $this->formation);
     if ($isok) {
         $mail->Subject = '[Frankiz] Ton mail a été accepté';
     } else {
         $mail->Subject = '[Frankiz] Ton mail a été refusé';
         $mail->assign('text', $this->body);
     $mail->SetFrom($this->_mail_from_addr(), $this->_mail_from_disp());
     $mail->AddAddress($this->writer->bestEmail(), $this->writer->displayName());
     $mail->AddCC($this->_mail_from_addr(), $this->_mail_from_disp());
Esempio n. 6
 public function sendmailfinal($isok)
     if (is_null($this->user->bestEmail())) {
     $mail = new FrankizMailer('validate/mail.valid.tol.tpl');
     if (Env::has("ans")) {
         $mail->assign('comm', Env::v('ans'));
     $mail->assign('isOk', $isok);
     if ($isok) {
         $mail->Subject = '[Frankiz] Ta photo tol a été validée';
     } else {
         $mail->Subject = '[Frankiz] Ta photo tol a été refusée';
     $mail->SetFrom($this->_mail_from_addr(), $this->_mail_from_disp());
     $mail->AddAddress($this->user->bestEmail(), $this->user->displayName());
     $mail->AddCC($this->_mail_from_addr(), $this->_mail_from_disp());
Esempio n. 7
 protected function handle_editor()
     $this->titre = Env::v('titre');
     $this->texte = Env::v('texte');
     $this->pmin = Env::i('promo_min');
     $this->pmax = Env::i('promo_max');
     $this->expiration = Env::v('expiration');
     if (@$_FILES['image']['tmp_name']) {
         $upload = PlUpload::get($_FILES['image'], S::user()->login(), 'event');
         if (!$upload) {
             $this->trigError("Impossible de télécharger le fichier");
         } elseif (!$upload->isType('image')) {
             $page->trigError('Le fichier n\'est pas une image valide au format JPEG, GIF ou PNG');
         } elseif (!$upload->resizeImage(200, 300, 100, 100, 32284)) {
             $page->trigError('Impossible de retraiter l\'image');
         } else {
     return true;
Esempio n. 8
 function prepareform($pay, $user)
     global $globals, $platal;
     $log = S::v('log');
     // Transaction's reference computation.
     $prefix = rand_url_id();
     $fullref = substr("{$prefix}-{$pay->id}", -12);
     // FIXME : check for duplicates
     $ts = time();
     $trans_date = gmdate("YmdHis", $ts);
     $trans_id = gmdate("His", $ts);
     // FIXME : check for duplicates
     // Form's content.
     $this->urlform = "";
     $this->infos['commercant'] = array('vads_site_id' => $globals->money->cyperplus_account, 'vads_return_mode' => 'NONE', 'vads_url_return' => $pay->url ? $pay->url : $globals->baseurl . '/' . $platal->ns);
     $this->infos['client'] = array('vads_cust_email' => $user->bestEmail(), 'vads_cust_id' => $user->id(), 'vads_cust_name' => substr(self::replaceNonAlpha(replace_accent($user->shortName())), 0, 127));
     $this->infos['commande'] = array('vads_amount' => $this->val, 'vads_currency' => '978', 'vads_payment_config' => 'SINGLE', 'vads_trans_date' => $trans_date, 'vads_trans_id' => $trans_id, 'vads_order_id' => $fullref, 'vads_order_info' => substr(self::replaceNonAlpha(replace_accent(Env::v('comment'))), 0, 255), 'vads_order_info2' => Post::i('display'));
     $this->infos['divers'] = array('vads_version' => 'V2', 'vads_ctx_mode' => $globals->money->cyperplus_prod, 'vads_page_action' => 'PAYMENT', 'vads_action_mode' => 'INTERACTIVE');
     // Entry key computation.
     $all_params = array_merge($this->infos['commercant'], $this->infos['client'], $this->infos['commande'], $this->infos['divers']);
     $this->infos['divers']['signature'] = sha1(join('+', $all_params) . '+' . $globals->money->cyperplus_key);
Esempio n. 9
  * Display a JSon page containing the sub-branches of a branch in the job terms tree.
  * @param $page the Platal page
  * @param $filter filter helps to display only jobterms that are contained in jobs or in mentors
  * @param Env::i('jtid') job term id of the parent branch, if none trunk will be used
  * @param Env::v('attrfunc') the name of a javascript function that will be called when a branch
  * is chosen
  * @param Env::v('treeid') tree id that will be given as first argument of attrfunc function
  * the second argument will be the chosen job term id and the third one the chosen job's full name.
  * @param Env::v('text_filter') a string (usually ending by %) that will be used to filter
  * subbranches, keeping only the one containing this text in its title or in the title of one of
  * its subbranches.
 public static function ajaxGetBranch($page, $filter = self::ALL)
     $page->changeTpl('include/jobterms.branch.tpl', NO_SKIN);
     $subTerms = self::getSubTerms(Env::v('jtid'), $filter, Env::v('text_filter'));
     $page->assign('subTerms', $subTerms);
     switch ($filter) {
         case self::ONLY_JOBS:
             $page->assign('filter', 'camarade');
         case self::ONLY_MENTORS:
             $page->assign('filter', 'mentor');
     $page->assign('jtid', Env::v('jtid'));
     $page->assign('text_filter', Env::v('text_filter'));
     $page->assign('attrfunc', Env::v('attrfunc'));
     $page->assign('treeid', Env::v('treeid'));
Esempio n. 10
 private function upload_image(PlPage $page, PlUpload $upload)
     if (@(!$_FILES['image']['tmp_name']) && !Env::v('image_url')) {
         return true;
     if (!$upload->upload($_FILES['image']) && !$upload->download(Env::v('image_url'))) {
         $page->trigError('Impossible de télécharger l\'image');
         return false;
     } elseif (!$upload->isType('image')) {
         $page->trigError('Le fichier n\'est pas une image valide au format JPEG, GIF ou PNG.');
         return false;
     } elseif (!$upload->resizeImage(80, 100, 100, 100, 32284)) {
         $page->trigError('Impossible de retraiter l\'image');
         return false;
     return true;
Esempio n. 11
 protected function sendmail($isok)
     // Only sends email if the profile's owner exists and is registered.
     if ($this->ownerIsRegistered) {
         global $globals;
         $mailer = new PlMailer();
         $mailer->addTo("\"{$this->profile->fullName()}\" <{$this->profileOwner->bestEmail()}>");
         $body = ($this->profile->isFemale() ? "Chère camarade,\n\n" : "Cher camarade,\n\n") . $this->_mail_body($isok) . (Env::has('comm') ? "\n\n" . Env::v('comm') : '') . "\n\nCordialement,\n-- \nL'équipe de\n" . $this->_mail_ps($isok);
Esempio n. 12
  * to validate a form
 public function handle_form()
     if (is_null($this->item)) {
         return false;
     // edit informations
     if (Env::has('edit')) {
         if ($this->item->handle_editor()) {
             Platal::page()->assign('msg', 'Requête mise à jour');
             return true;
         return false;
     // add a comment
     if (Env::has('add_comm')) {
         if (!strlen(Env::t('comm'))) {
             return false;
         $this->item->add_comment(S::user()->displayName(), Env::v('comm'));
         Platal::page()->assign('msg', 'Commentaire ajouté');
         return true;
     if (Env::has('accept')) {
         if ($this->commit()) {
             Platal::page()->assign('msg', 'Email de validation envoyé');
             return true;
         } else {
             Platal::page()->assign('msg', 'Erreur lors de la validation');
             return false;
     if (Env::has('delete')) {
         if (!Env::v('ans')) {
             Platal::page()->assign('msg', 'Pas de motivation pour le refus !!!');
             return false;
         } else {
             if ($this->item->delete()) {
                 Platal::page()->assign('msg', 'Email de refus envoyé');
                 return true;
             } else {
                 Platal::page()->assign('msg', 'Erreur lors de la suppression des données');
                 return false;
     return false;
Esempio n. 13
 function handler_admin($page, $liste = null)
     global $globals;
     if (is_null($liste)) {
         return PL_NOT_FOUND;
     $mlist = $this->prepare_list($liste);
     if (!$this->is_group_admin($page)) {
         $this->verify_list_owner($page, $mlist);
     if (Env::has('send_mark')) {
         $actions = Env::v('mk_action');
         $uids = Env::v('mk_uid');
         $mails = Env::v('mk_email');
         foreach ($actions as $key => $action) {
             switch ($action) {
                 case 'none':
                 case 'marketu':
                 case 'markets':
                     require_once '';
                     $user = User::get($uids[$key]);
                     $mail = valide_email($mails[$key]);
                     if (isvalid_email_redirection($mail, $user)) {
                         $from = $action == 'marketu' ? 'user' : 'staff';
                         $market = Marketing::get($uids[$key], $mail);
                         if (!$market) {
                             $market = new Marketing($uids[$key], $mail, 'list', $mlist->address, $from, S::v('uid'));
                     XDB::execute('INSERT IGNORE INTO  register_subs (uid, type, sub, domain)
                                           VALUES  ({?}, \'list\', {?}, {?})', $uids[$key], $mlist->mbox, $mlist->domain);
     if (Env::has('add_member') || isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) {
         if (isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) {
             $upload =& PlUpload::get($_FILES['add_member_file'], S::user()->login(), 'list.addmember', true);
             if (!$upload) {
                 $page->trigError("Une erreur s'est produite lors du téléchargement du fichier.");
             } else {
                 $logins = $upload->getContents();
         } else {
             $logins = Env::v('add_member');
         $logins = preg_split("/[; ,\r\n\\|]+/", $logins);
         $members = User::getBulkForlifeEmailsFromEmail($logins);
         $unfound = array_diff_key($logins, $members);
         // Make sure we send a list (array_values) of unique (array_unique)
         // emails.
         $members = array_values(array_unique($members));
         $arr = $mlist->subscribeBulk($members);
         $successes = array();
         if (is_array($arr)) {
             foreach ($arr as $addr) {
                 $successes[] = $addr[1];
                 $page->trigSuccess("{$addr[0]} inscrit.");
         $already = array_diff($members, $successes);
         if (is_array($already)) {
             foreach ($already as $item) {
                 $page->trigWarning($item . ' est déjà inscrit.');
         if (is_array($unfound)) {
             foreach ($unfound as $item) {
                 if (trim($item) != '') {
                     $page->trigError($item . " ne correspond pas à un compte existant et n'est pas une adresse email.");
     if (Env::has('del_member')) {
         if (strpos(Env::v('del_member'), '@') === false) {
             if ($del_member = User::getSilent(Env::t('del_member'))) {
         } else {
         pl_redirect('lists/admin/' . $liste);
     if (Env::has('add_owner')) {
         $owners = User::getBulkForlifeEmailsFromEmail(Env::v('add_owner'));
         if ($owners) {
             foreach ($owners as $forlife_email) {
                 if ($mlist->addOwner($forlife_email)) {
                     $page->trigSuccess($login . " ajouté aux modérateurs.");
     if (Env::has('del_owner')) {
         if (strpos(Env::v('del_owner'), '@') === false) {
             if ($del_owner = User::getSilent(Env::t('del_owner'))) {
             } else {
                 // Shit happens, and a non-email could be set as the owner
         } else {
         pl_redirect('lists/admin/' . $liste);
     if (list($det, $mem, $own) = $mlist->getMembers()) {
         global $list_unregistered;
         if ($list_unregistered) {
             $page->assign_by_ref('unregistered', $list_unregistered);
         $membres = list_sort_members($mem, @$tri_promo);
         $moderos = list_sort_owners($own, @$tri_promo);
         $page->assign_by_ref('details', $det);
         $page->assign_by_ref('members', $membres);
         $page->assign_by_ref('owners', $moderos);
         $page->assign('np_m', count($mem));
     } else {
         $page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer.<br />" . " Si tu penses qu'il s'agit d'une erreur, " . "<a href=''>contact le support</a>.");
Esempio n. 14
 public function sendmailfinal($isok)
     if ($this->writer->bestEmail() === null) {
     $mail = new FrankizMailer('validate/mail.valid.activity.tpl');
     $mail->assign('isok', $isok);
     $mail->assign('valid_origin', $this->valid_origin);
     $mail->assign('comm', Env::v('ans', ''));
     $mail->assign('targetGroup', $this->target->group());
     $mail->assign('origin', $this->origin);
     if ($isok && !$this->valid_origin) {
         $mail->Subject = '[Frankiz] Ton activité a été validée';
     } elseif ($isok) {
         $mail->Subject = '[Frankiz] Le groupe d\'origine de ton activité a été validé';
     } else {
         $mail->Subject = '[Frankiz] Ton activité a été refusée';
     $mail->SetFrom($this->_mail_from_addr(), $this->_mail_from_disp());
     $mail->AddAddress($this->writer->bestEmail(), $this->writer->displayName());
     $mail->AddCC($this->_mail_from_addr(), $this->_mail_from_disp());
Esempio n. 15
 function handler_mail($page)
     $subject = Env::t('subject', '');
     $body = Env::t('mail_body', '');
     $no_wiki = Env::has('no_wiki');
     // Retrieve the years on_platal of each formation
     $formations = Formation::selectAll(FormationSelect::on_platal());
     if (Env::has('send')) {
         try {
             $required_fields = array('subject' => 'Il faut donner un sujet à ton mail', 'mail_body' => 'Tu ne veux pas envoyer de mail vide à tous. Si ?');
             foreach ($required_fields as $field => $msg) {
                 if (Env::v($field, '') == '') {
                     throw new Exception($msg);
             if (Env::t('origin_mail_proposal') == 'false') {
                 $origin = false;
             } else {
                 $origin = new Group(Env::i('origin_mail_proposal'));
             if ($origin !== false && !S::user()->hasRights($origin, Rights::admin())) {
                 throw new Exception("Invalid credentials for origin Group");
             if (Env::t('type_mail_proposal') == 'group') {
                 // Mail to a group
                 list($temp, $target_group) = self::target_picker_to_caste_group('mail');
                 $target = new Collection('Caste');
                 $nv = new MailValidate(array('writer' => S::user(), 'type_mail' => Env::t('type_mail_proposal'), 'origin' => $origin, 'targets' => $target, 'subject' => $subject, 'body' => $body, 'nowiki' => $no_wiki, 'formation' => $target_group));
                 $el = new Validate(array('item' => $nv, 'group' => $target_group, 'writer' => S::user(), 'type' => 'mail'));
             } elseif (Env::t('type_mail_proposal') == 'promo') {
                 // Target group is a Collection of formation groups, which validate requests
                 $target_group = new Collection('Group');
                 // Group promos by formation
                 $promos = unflatten(Env::v('promos'));
                 $promosByFormation = array();
                 foreach ($promos as $formation_promo) {
                     $formation_promo = trim($formation_promo);
                     if (!$formation_promo) {
                     if (!preg_match('/^([0-9]+)_([0-9]+)$/', $formation_promo, $matches)) {
                         throw new Exception("Oops, mauvais format de destinataire.");
                     $formid = (int) $matches[1];
                     $promo = (int) $matches[2];
                     if (isset($promosByFormation[$formid])) {
                         $promosByFormation[$formid][] = $promo;
                     } else {
                         $promosByFormation[$formid] = array($promo);
                 if (empty($promosByFormation)) {
                     throw new Exception("Il faut indiquer au moins un destinataire.");
                 foreach ($promosByFormation as $formid => $promos) {
                     // Now, $promos are the list of promos of formation $formid
                     $form = $formations->get($formid);
                     // Study group are the people the mail is sent to, array of CasteFilterCondition
                     $cfc_study_groups = array();
                     foreach ($promos as $promo) {
                         if (!$form->hasPlatalYear($promo)) {
                             throw new Exception("Mauvaise promo " . $promo . " pour " . $form->label() . ".");
                         $cfc_study_groups[] = new CFC_Group($form->getGroupForPromo($promo), Rights::restricted());
                     $target = new CasteFilter(new PFC_Or($cfc_study_groups));
                     $target = $target->get();
                     // $target_group is the group which validates this email
                     $target_group = $form->getGroup();
                     $nv = new MailValidate(array('writer' => S::user(), 'type_mail' => Env::t('type_mail_proposal'), 'origin' => $origin, 'targets' => $target, 'subject' => $subject, 'body' => $body, 'nowiki' => $no_wiki, 'formation' => $target_group));
                     $el = new Validate(array('item' => $nv, 'group' => $target_group, 'writer' => S::user(), 'type' => 'mail'));
             $page->assign('envoye', true);
         } catch (Exception $e) {
     $page->assign('subject', $subject);
     $page->assign('body', $body);
     $page->assign('nowiki', $no_wiki);
     $page->assign('formations', $formations);
     $page->assign('title', 'Envoi des mails');
Esempio n. 16
 function handler_tol_ajax_visibility($page, $usergroupid)
     $matches = array();
     // Retrieve UID and GID from path
     if (!preg_match('/[a-zA-Z-_.]*([0-9]+)-([0-9]+)/', $usergroupid, $matches)) {
         $page->jsonAssign('reason', 'Invalid ids');
         return PL_JSON;
     $uid = $matches[1];
     $gid = $matches[2];
     // Sanity checks
     if (!S::user()->isMe($uid)) {
         $page->jsonAssign('reason', 'Invalid user');
         return PL_JSON;
     $usergroups = S::user()->castes()->groups();
     $group = $usergroups->get($gid);
     if (!$group) {
         $page->jsonAssign('reason', "Invalid group");
         return PL_JSON;
     // Get new visibility from json data
     $json_data = json_decode(Env::v('json'));
     $visibid = $json_data->visibility;
     if (!$visibid) {
         $page->jsonAssign('reason', "Invalid visibility group id");
         return PL_JSON;
     $visigroup = $usergroups->get($visibid);
     if (!$visigroup) {
         $page->jsonAssign('reason', "Invalid visibility group");
         return PL_JSON;
     // Check avaibility
     if (!S::user()->groupVisibilityIsPossible($group, $visigroup)) {
         $page->jsonAssign('reason', "Not available visibility");
         return PL_JSON;
     // Now make the read call
     $colVisiGroup = S::user()->groupVisibility($group, $visigroup);
     //$page->jsonAssign('usergroupid', json_encode(array($uid, $gid, $visigroup->label(), $group->label())));
     $page->jsonAssign('usergroupid', $uid . '-' . $gid);
     list($color, $title) = User::visibilitiesColInfo($colVisiGroup);
     $page->jsonAssign('color', $color);
     $page->jsonAssign('title', $title);
     $page->jsonAssign('success', true);
     return PL_JSON;
Esempio n. 17
 public function sendmailcomment($user)
     $mail = new FrankizMailer('validate/mail.comment.tpl');
     $mail->assign('admin', S::user());
     $mail->assign('type', $this->type);
     $mail->assign('user', $user->displayName());
     if (Env::has('comm')) {
         $mail->assign('comm', Env::v('comm'));
     $mail->Subject = "Commentaires de validation de type \"{$this->label()}\"";
     $mail->SetFrom($this->_mail_from_addr(), $this->_mail_from_disp());
     $mail->AddAddress($this->_mail_from_addr(), $this->_mail_from_disp());
Esempio n. 18
 public function sendmailfinal($isok)
     if (is_null($this->writer->bestEmail())) {
     $mail = new FrankizMailer('validate/mail.valid.licenses.tpl');
     $mail->assign('isok', $isok);
     $mail->assign('software_name', $this->softwareName());
     if (Env::has("ans")) {
         $mail->assign('comm', Env::v('ans'));
     if ($isok) {
         $mail->Subject = '[Frankiz] Ta demance de licence a été acceptée';
     } else {
         $mail->Subject = '[Frankiz] Ta demance de licence a été refusée';
     $mail->SetFrom($this->_mail_from_addr(), $this->_mail_from_disp());
     $mail->AddAddress($this->writer->bestEmail(), $this->writer->displayName());
     $mail->AddCC($this->_mail_from_addr(), $this->_mail_from_disp());
Esempio n. 19
 function handler_ajax_minimodules_remove($page)
     $json = json_decode(Env::v('json'));
     $m = FrankizMiniModule::get($json->name);
     $success = S::user()->removeMinimodule($m);
     if (!$success) {
         $page->jsonAssign('error', "Impossible de désactiver le minimodule");
     return PL_JSON;
Esempio n. 20

 *  Copyright (C) 2004-2012 Binet Réseau                                   *
 *                                                   *
 *                                                                         *
 *  This program is free software; you can redistribute it and/or modify   *
 *  it under the terms of the GNU General Public License as published by   *
 *  the Free Software Foundation; either version 2 of the License, or      *
 *  (at your option) any later version.                                    *
 *                                                                         *
 *  This program is distributed in the hope that it will be useful,        *
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 *  GNU General Public License for more details.                           *
 *                                                                         *
 *  You should have received a copy of the GNU General Public License      *
 *  along with this program; if not, write to the Free Software            *
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
require_once dirname(__FILE__) . '/../include/';
$platal = new Frankiz('frankiz', 'admin', 'profile', 'tol', 'groups', 'wiki', 'images', 'news', 'activity', 'surveys', 'lostandfound', 'proposal', 'qdj', 'todo', 'links', 'licenses', 'chat', 'remote', 'rooms');
if (!($path = Env::v('n')) || ($path[0] < 'A' || $path[0] > 'Z')) {
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
Esempio n. 21
 function handler_jobs($page, $id = -1)
     if (Env::has('search')) {
         $res = XDB::query("SELECT  id, name, acronym\n                                 FROM  profile_job_enum\n                                WHERE  name LIKE CONCAT('%', {?}, '%') OR acronym LIKE CONCAT('%', {?}, '%')", Env::t('job'), Env::t('job'));
         if ($res->numRows() <= 20) {
             $page->assign('jobs', $res->fetchAllAssoc());
         } else {
             $page->trigError("Il y a trop d'entreprises correspondant à ton choix. Affine-le !");
         $page->assign('askedJob', Env::v('job'));
     if (Env::has('edit')) {
         $selectedJob = Env::has('selectedJob');
         Phone::deletePhones(0, Phone::LINK_COMPANY, $id);
         Address::deleteAddresses(null, Address::LINK_COMPANY, $id);
         if (Env::has('change')) {
             if (Env::has('newJobId') && Env::i('newJobId') > 0) {
                 XDB::execute('UPDATE  profile_job
                                  SET  jobid = {?}
                                WHERE  jobid = {?}', Env::i('newJobId'), $id);
                 XDB::execute('DELETE FROM  profile_job_enum
                                     WHERE  id = {?}', $id);
                 $page->trigSuccess("L'entreprise a bien été remplacée.");
             } else {
                 $page->trigError("L'entreprise n'a pas été remplacée car l'identifiant fourni n'est pas valide.");
         } else {
             XDB::execute('UPDATE  profile_job_enum
                              SET  name = {?}, acronym = {?}, url = {?}, email = {?},
                                   SIREN_code = {?}, NAF_code = {?}, AX_code = {?}, holdingid = {?}
                            WHERE  id = {?}', Env::t('name'), Env::t('acronym'), Env::t('url'), Env::t('email'), Env::t('SIREN') == 0 ? null : Env::t('SIREN'), Env::t('NAF_code') == 0 ? null : Env::t('NAF_code'), Env::i('AX_code') == 0 ? null : Env::t('AX_code'), Env::i('holdingId') == 0 ? null : Env::t('holdingId'), $id);
             $phone = new Phone(array('display' => Env::v('tel'), 'link_id' => $id, 'id' => 0, 'type' => 'fixed', 'link_type' => Phone::LINK_COMPANY, 'pub' => 'public'));
             $fax = new Phone(array('display' => Env::v('fax'), 'link_id' => $id, 'id' => 1, 'type' => 'fax', 'link_type' => Phone::LINK_COMPANY, 'pub' => 'public'));
             $address = new Address(array('jobid' => $id, 'type' => Address::LINK_COMPANY, 'text' => Env::t('address')));
             $page->trigSuccess("L'entreprise a bien été mise à jour.");
     if (!Env::has('change') && $id != -1) {
         $res = XDB::query("SELECT,, e.acronym, e.url,, e.SIREN_code AS SIREN, e.NAF_code, e.AX_code,\n                              AS holdingId, AS holdingName, h.acronym AS holdingAcronym,\n                                       t.display_tel AS tel, f.display_tel AS fax, a.text AS address\n                                 FROM  profile_job_enum  AS e\n                            LEFT JOIN  profile_job_enum  AS h ON (e.holdingid =\n                            LEFT JOIN  profile_phones    AS t ON ( = AND t.link_type = 'hq' AND t.tel_id = 0)\n                            LEFT JOIN  profile_phones    AS f ON ( = AND f.link_type = 'hq' AND f.tel_id = 1)\n                            LEFT JOIN  profile_addresses AS a ON (a.jobid = AND a.type = 'hq')\n                                WHERE = {?}", $id);
         if ($res->numRows() == 0) {
             $page->trigError('Auncune entreprise ne correspond à cet identifiant.');
         } else {
             $page->assign('selectedJob', $res->fetchOneAssoc());
Esempio n. 22
 function handler_ev_submit($page)
     $wp = new PlWikiPage('Xorg.Annonce');
     $titre = Post::v('titre');
     $texte = Post::v('texte');
     $promo_min = Post::i('promo_min');
     $promo_max = Post::i('promo_max');
     $expiration = Post::i('expiration');
     $valid_mesg = Post::v('valid_mesg');
     $action = Post::v('action');
     $upload = new PlUpload(S::user()->login(), 'event');
     $this->upload_image($page, $upload);
     if ($promo_min > $promo_max && $promo_max != 0 || $promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020) || $promo_max != 0 && ($promo_max <= 1900 || $promo_max >= 2020)) {
         $page->trigError("L'intervalle de promotions n'est pas valide");
         $action = null;
     $page->assign('titre', $titre);
     $page->assign('texte', $texte);
     $page->assign('promo_min', $promo_min);
     $page->assign('promo_max', $promo_max);
     $page->assign('expiration', $expiration);
     $page->assign('valid_mesg', $valid_mesg);
     $page->assign('action', strtolower($action));
     $page->assign_by_ref('upload', $upload);
     if ($action == 'Supprimer l\'image') {
         $page->assign('action', false);
     } elseif ($action && (!trim($texte) || !trim($titre))) {
         $page->trigError("L'article doit avoir un titre et un contenu");
     } elseif ($action) {
         $evtreq = new EvtReq($titre, $texte, $promo_min, $promo_max, $expiration, $valid_mesg, S::user(), $upload);
         $page->assign('ok', true);
     } elseif (!Env::v('preview')) {
Esempio n. 23
    function handler_recovery($page)
        global $globals;
        if (!Env::has('login') || !Env::has('birth')) {
        if (!preg_match('/^[0-3][0-9][0-1][0-9][1][9]([0-9]{2})$/', Env::v('birth'))) {
            $page->trigError('Date de naissance incorrecte ou incohérente');
        $birth = sprintf('%s-%s-%s', substr(Env::v('birth'), 4, 4), substr(Env::v('birth'), 2, 2), substr(Env::v('birth'), 0, 2));
        $mailorg = strtok(Env::v('login'), '@');
        $profile = Profile::get(Env::t('login'));
        if (is_null($profile) || $profile->birthdate != $birth) {
            $page->trigError('Les informations que tu as rentrées ne permettent pas de récupérer ton mot de passe.<br />' . 'Si tu as un homonyme, utilise comme login');
        $user = $profile->owner();
        if ($user->state != 'active') {
            $page->trigError('Ton compte n\'est pas activé.');
        if ($user->lost) {
            $page->assign('no_addr', true);
        $page->assign('ok', true);
        $url = rand_url_id();
        XDB::execute('INSERT INTO  account_lost_passwords (certificat,uid,created)
                           VALUES  ({?},{?},NOW())', $url, $user->id());
        $to = XDB::fetchOneCell('SELECT  redirect
                                   FROM  email_redirect_account
                                  WHERE  uid = {?} AND redirect = {?}', $user->id(), Post::t('email'));
        if (is_null($to)) {
            $emails = XDB::fetchColumn('SELECT  redirect
                                          FROM  email_redirect_account
                                         WHERE  uid = {?} AND flags = \'inactive\' AND type = \'smtp\'', $user->id());
            $inactives_to = implode(', ', $emails);
        $mymail = new PlMailer();
        $mymail->setFrom('"Gestion des mots de passe" <support+password@' . $globals->mail->domain . '>');
        if (is_null($to)) {
            $log_to = $user->bestEmail();
            if (!is_null($inactives_to)) {
                $log_to = $inactives_to . ', ' . $log_to;
        } else {
            $log_to = $to;
        $mymail->setSubject("Ton certificat d'authentification");
        $mymail->setTxtBody("Visite la page suivante qui expire dans six heures :\n{$globals->baseurl}/tmpPWD/{$url}\n\nSi en cliquant dessus tu n'y arrives pas, copie intégralement l'adresse dans la barre de ton navigateur. Si tu n'as pas utilisé ce lien dans six heures, tu peux tout simplement recommencer cette procédure.\n\n--\\n\"Le portail des élèves & anciens élèves de l'École polytechnique\"\n\nEmail envoyé à " . Env::v('login') . (is_null($to) ? '' : '
Adresse de secours : ' . $to));
        S::logger($user->id())->log('recovery', $log_to);
Esempio n. 24
 function handler_ajax_ranking($page)
     $json = json_decode(Env::v('json'));
     $period = $json->period;
     $int = QDJ::interval();
     $date_min = mktime(1, 0, 0, floor(($int['date_min']->format('n') - 1) / 2) * 2 + 1, 1, $int['date_min']->format('Y'));
     $date_max = mktime(1, 0, 0, floor(($int['date_max']->format('n') + 1) / 2) * 2 + 1, 1, $int['date_max']->format('Y'));
     $date = $date_min;
     $begin_dates = array();
     $end_dates = array();
     while ($date < $date_max) {
         $begin_dates[] = $date;
         $date = strtotime('+2 months', $date);
         $end_dates[] = strtotime('-1 day', $date);
     $page->assign('results', $this->fetch_scores($begin_dates, $end_dates, $period));
     $result = $page->fetch(FrankizPage::getTplPath('qdj/ranking.tpl'));
     $page->jsonAssign('success', true);
     $page->jsonAssign('result', $result);
     return PL_JSON;
Esempio n. 25
 function handler_contacts($page, $action = null, $subaction = null, $ssaction = null)
     $page->setTitle('Mes contacts');
     // For XSRF protection, checks both the normal xsrf token, and the special RSS token.
     // It allows direct linking to contact adding in the RSS feed.
     if (Env::v('action') && Env::v('token') !== S::user()->token) {
     switch (Env::v('action')) {
         case 'retirer':
             if ($contact = Profile::get(Env::v('user'))) {
                 $this->delRegistered($page, $contact);
         case 'ajouter':
             if ($contact = Profile::get(Env::v('user'))) {
                 $this->addRegistered($page, $contact);
     $search = false;
     $user = S::user();
     require_once '';
     if ($action == 'search') {
         $action = $subaction;
         $subaction = $ssaction;
         $search = true;
     if ($search && trim(Env::v('quick'))) {
         $base = 'carnet/contacts/search';
         $view = new QuickSearchSet(new UFC_Contact($user));
     } else {
         $base = 'carnet/contacts';
         $view = new ProfileSet(new UFC_Contact($user));
     $view->addMod('minifiche', 'Mini-fiches', true);
     $view->addMod('trombi', 'Trombinoscope', false, array('with_admin' => false, 'with_promo' => true));
     $view->addMod('map', 'Planisphère');
     $view->apply('carnet/contacts', $page, $action, $subaction);
Esempio n. 26
 function handler_paypal_return($page, $uid = null)
     /* reference banque (numero de transaction) */
     $no_transaction = Env::s('tx');
     /* token a renvoyer pour avoir plus d'information */
     $clef = Env::s('sig');
     /* code retour */
     $status = Env::s('st');
     /* raison */
     $reason = $status == 'Pending' ? Env::s('pending_reason') : Env::s('reason_code');
     /* reference complete de la commande */
     $fullref = str_replace('%2d', '-', Env::s('cm'));
     /* montant de la transaction */
     $montant = Env::s('amt');
     /* devise */
     if (Env::s('cc') != 'EUR') {
         cb_erreur("monnaie autre que l'euro");
     /* on extrait le code de retour */
     if ($status != "Completed") {
         if ($status) {
             paypal_erreur("erreur lors du paiement : {$status} - {$reason}");
         } else {
             paypal_erreur("Paiement annulé", false);
     /* on extrait les informations sur l'utilisateur */
     $user = User::get($uid);
     if (!$user) {
         paypal_erreur("uid invalide");
     /* on extrait la reference de la commande */
     if (!preg_match('/-xorg-([0-9]+)$/', $fullref, $matches)) {
         paypal_erreur("référence de commande invalide");
     $ref = $matches[1];
     $res = XDB::query('SELECT  mail, text, confirmation
                          FROM  payments
                         WHERE  id = {?}', $ref);
     if (!(list($conf_mail, $conf_title, $conf_text) = $res->fetchOneRow())) {
         paypal_erreur('référence de commande inconnue');
     /* on fait l'insertion en base de donnees */
     XDB::execute("INSERT INTO  payment_transactions (id, method_id, uid, ref, fullref, ts_confirmed, amount, pkey, comment, status, display)\n                           VALUES  ({?}, 1, {?}, {?}, {?}, NOW(), {?}, {?}, {?}, 'confirmed', {?})", $no_transaction, $user->id(), $ref, $fullref, $montant, $clef, Env::v('comment'), Get::i('display'));
     // We check if it is an Xnet payment and then update the related ML.
     $res = XDB::query('SELECT  eid, asso_id
                          FROM  group_events
                         WHERE  paiement_id = {?}', $ref);
     if ($res->numRows() == 1) {
         list($eid, $asso_id) = $res->fetchOneRow();
         require_once dirname(__FILE__) . '/xnetevents/';
         $evt = get_event_detail($eid, false, $asso_id);
         subscribe_lists_event($user->id(), $evt['short_name'], 1, $montant, true);
     /* on genere le mail de confirmation */
     $conf_text = str_replace(array('<prenom>', '<nom>', '<promo>', '<montant>', '<salutation>', '<cher>', '<comment>'), array($user->firstName(), $user->lastName(), $user->promo(), $montant, $user->isFemale() ? 'Chère' : 'Cher', $user->isFemale() ? 'Chère' : 'Cher', Env::v('comment')), $conf_text);
     global $globals;
     $mymail = new PlMailer();
     /* on envoie les details de la transaction à telepaiement@ */
     $mymail = new PlMailer();
     $mymail->setFrom("webmaster@" . $globals->mail->domain);
     $msg = 'utilisateur : ' . $user->login() . ' (' . $user->id() . ')' . "\n" . 'mail : ' . $user->forlifeEmail() . "\n\n" . "paiement : {$conf_title} ({$conf_mail})\n" . "reference : {$champ200}\n" . "montant : {$montant}\n\n" . "dump de REQUEST:\n" . var_export($_REQUEST, true);
     $page->assign('texte', $conf_text);
     $page->assign('erreur', $erreur);
Esempio n. 27
 function handler_validate($page, $gid = null, $vid = null)
     $page->assign('msg', '');
     $gf = new GroupFilter(new PFC_Or(new GFC_Id($gid), new GFC_Name($gid)));
     $group = $gf->get(true);
     if (!$group) {
         throw new Exception("This Group (' . {$gid} . ') doesn't exist");
     if (!S::user()->hasRights($group, Rights::admin())) {
         throw new Exception("You don't have the credential to validate request in this group");
     $filter = new ValidateFilter(new VFC_Group($group));
     $collec = $filter->get()->select(ValidateSelect::validate());
     if (Env::has('val_id')) {
         $el = $collec->get(Env::v('val_id'));
         if (!$el) {
             $page->assign('msg', 'La validation a déjà été effectuée.');
         } else {
             if (Env::has('accept') || Env::has('delete')) {
                 S::logger()->log('admin/validate', array('type' => $el->type(), 'writer' => $el->writer()->id(), 'group' => $el->group()->id(), 'created' => $el->created()->toDb(), 'valid' => Env::has('accept'), 'item' => $el->itemToDb()));
             if ($el->handle_form() && (Env::has('accept') || Env::has('delete'))) {
     $page->assign('validation', is_null($vid) ? 0 : $vid);
     $page->assign('isEdition', false);
     $page->assign('gid', $gid);
     $page->assign('group', $group);
     $page->assign('val', $collec);
     $page->assign('title', "Validations des requêtes");
Esempio n. 28
 function handler_broken_addr($page)
     require_once '';
     if (Env::has('sort_broken')) {
         $list = trim(Env::v('list'));
         if ($list == '') {
             $page->trigError('La liste est vide.');
         } else {
             $valid_emails = array();
             $invalid_emails = array();
             $broken_list = explode("\n", $list);
             foreach ($broken_list as $orig_email) {
                 $orig_email = trim($orig_email);
                 if ($orig_email != '') {
                     $email = valide_email($orig_email);
                     if (empty($email) || $email == '@') {
                         $invalid_emails[] = trim($orig_email) . ': invalid email';
                     } elseif (!in_array($email, $valid_emails)) {
                         $nb = XDB::fetchOneCell('SELECT  COUNT(*)
                                                    FROM  email_redirect_account
                                                   WHERE  redirect = {?}', $email);
                         if ($nb > 0) {
                             $valid_emails[] = $email;
                         } else {
                             $invalid_emails[] = $orig_email . ': no such redirection';
             $page->assign('valid_emails', $valid_emails);
             $page->assign('invalid_emails', $invalid_emails);
     if (Env::has('process_broken')) {
         $list = trim(Env::v('list'));
         if ($list == '') {
             $page->trigError('La liste est vide.');
         } else {
             require_once '';
             $broken_user_list = array();
             $broken_user_email_count = array();
             $broken_user_profiles = array();
             $broken_list = explode("\n", $list);
             foreach ($broken_list as $email) {
                 $email = trim($email);
                 $userobj = null;
                 if ($user = mark_broken_email($email, true)) {
                     $userobj = User::getSilentWithUID($user['uid']);
                 if (is_null($userobj)) {
                 $profile = $userobj->profile();
                 if (is_null($profile)) {
                 if ($user['nb_mails'] > 0 && $user['notify']) {
                     $mail = new PlMailer('emails/broken.mail.tpl');
                     $mail->assign('user', $user);
                     $mail->assign('email', $email);
                 } else {
                     WatchProfileUpdate::register($profile, 'broken');
                 $pid = $profile->id();
                 if (!isset($broken_user_list[$pid])) {
                     $broken_user_list[$pid] = array($email);
                 } else {
                     $broken_user_list[$pid][] = $email;
                 $broken_user_email_count[$pid] = $user['nb_mails'];
                 $broken_user_profiles[$pid] = $profile;
             XDB::execute('UPDATE  email_redirect_account
                              SET  broken_level = broken_level - 1
                            WHERE  flags = \'active\' AND broken_level > 1
                                   AND DATE_ADD(last, INTERVAL 1 MONTH) < CURDATE()');
             XDB::execute('UPDATE  email_redirect_account
                              SET  broken_level = 0
                            WHERE  flags = \'active\' AND broken_level = 1
                                   AND DATE_ADD(last, INTERVAL 1 YEAR) < CURDATE()');
             // Sort $broken_user_list with (promo, sortname, pid)
             $sortable_array = array();
             foreach ($broken_user_list as $pid => $mails) {
                 $profile = $broken_user_profiles[$pid];
                 $sortable_array[$pid] = array($profile->promo(), $profile->sortName(), $pid);
             // Output the list of users with recently broken addresses,
             // along with the count of valid redirections.
             pl_cached_content_headers('text/x-csv', null, 1, 'broken.csv');
             $csv = fopen('php://output', 'w');
             fputcsv($csv, array('nom', 'promo', 'bounces', 'nbmails', 'url', 'corps', 'job', 'networking'), ';');
             $corpsList = DirEnum::getOptions(DirEnum::CURRENTCORPS);
             foreach (array_keys($sortable_array) as $pid) {
                 $mails = $broken_user_list[$pid];
                 $profile = $broken_user_profiles[$pid];
                 $current_corps = $profile->getCorpsName();
                 $jobs = $profile->getJobs();
                 $companies = array();
                 foreach ($jobs as $job) {
                     $companies[] = $job->company->name;
                 $networkings = $profile->getNetworking(Profile::NETWORKING_ALL);
                 $networking_list = array();
                 foreach ($networkings as $networking) {
                     $networking_list[] = $networking['address'];
                 fputcsv($csv, array($profile->fullName(), $profile->promo(), join(',', $mails), $broken_user_email_count[$pid], '' . $profile->hrid(), $current_corps, implode(',', $companies), implode(',', $networking_list)), ';');
Esempio n. 29
 public function bounds()
     $order = Env::v('order', $this->defaultkey);
     $show_bounds = 0;
     if ($order == "name" || $order == "-name") {
         $this->bound_field = "name";
         $show_bounds = 1;
     } elseif ($order == "promo" || $order == "-promo") {
         $this->bound_field = "promo";
         $show_bounds = -1;
     if ($order[0] == '-') {
         $show_bounds = -$show_bounds;
     return $show_bounds;
Esempio n. 30
 function handler_ajax_modify($page, $type)
     $json = json_decode(Env::v('json'));
     if ($type == 'instance') {
         $id = $json->admin_id;
         $ai = new ActivityInstance($id);
         if (!S::user()->hasRights($ai->target()->group(), Rights::admin())) {
             throw new Exception("Invalid credentials");
         try {
             $begin = new FrankizDateTime($json->begin);
             $end = new FrankizDateTime($json->end);
             if ($ai->regular()) {
             } else {
                 $a = $ai->activity();
             $page->jsonAssign('success', true);
         } catch (Exception $e) {
             $page->jsonAssign('success', false);
     } else {
         if ($type == 'regular') {
             $id = $json->aid;
             $a = new Activity($id);
             if (!S::user()->hasRights($a->target()->group(), Rights::admin())) {
                 throw new Exception("Invalid credentials");
             if (preg_match('`^\\d{2}:\\d{2}:\\d{2}$`', $json->begin) && strtotime($json->begin) !== false && preg_match('`^\\d{2}:\\d{2}:\\d{2}$`', $json->end) && strtotime($json->end) !== false) {
                 $key = 'days[]';
                 $days = unflatten($json->{$key});
                 $a->days(implode(',', $days));
                 $page->jsonAssign('success', true);
             } else {
                 $page->jsonAssign('success', false);
     return PL_JSON;