function handler_send($page) { $page->changeTpl('emails/send.tpl'); $page->setTitle('Envoyer un email'); // action si on recoit un formulaire if (Post::has('save')) { if (!S::has_xsrf_token()) { return PL_FORBIDDEN; } unset($_POST['save']); if (trim(preg_replace('/-- .*/', '', Post::v('contenu'))) != "") { Post::set('to_contacts', explode(';', Post::s('to_contacts'))); Post::set('cc_contacts', explode(';', Post::s('cc_contacts'))); $data = serialize($_POST); XDB::execute('INSERT INTO email_send_save (uid, data) VALUES ({?}, {?}) ON DUPLICATE KEY UPDATE data = VALUES(data)', S::user()->id('uid'), $data); } exit; } else { if (Env::v('submit') == 'Envoyer') { S::assert_xsrf_token(); function getEmails($aliases) { if (!is_array($aliases)) { return null; } $uf = new UserFilter(new UFC_Hrpid($aliases)); $users = $uf->iterUsers(); $ret = array(); while ($user = $users->next()) { $ret[] = $user->forlife; } return join(', ', $ret); } $error = false; foreach ($_FILES as &$file) { if ($file['name'] && !PlUpload::get($file, S::user()->login(), 'emails.send', false)) { $page->trigError(PlUpload::$lastError); $error = true; break; } } if (!$error) { XDB::execute("DELETE FROM email_send_save\n WHERE uid = {?}", S::user()->id()); $to2 = getEmails(Env::v('to_contacts')); $cc2 = getEmails(Env::v('cc_contacts')); $txt = str_replace('^M', '', Env::v('contenu')); $to = str_replace(';', ',', Env::t('to')); $subj = Env::t('sujet'); $from = Env::t('from'); $cc = str_replace(';', ',', Env::t('cc')); $bcc = str_replace(';', ',', Env::t('bcc')); $email_regex = '/^[a-z0-9.\\-+_\\$]+@([\\-.+_]?[a-z0-9])+$/i'; foreach (explode(',', $to . ',' . $cc . ',' . $bcc) as $email) { $email = trim($email); if ($email != '' && !preg_match($email_regex, $email)) { $page->trigError("L'adresse email " . $email . ' est erronée.'); $error = true; } } if (empty($to) && empty($cc) && empty($to2) && empty($bcc) && empty($cc2)) { $page->trigError("Indique au moins un destinataire."); $error = true; } if ($error) { $page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send')); } else { $mymail = new PlMailer(); $mymail->setFrom($from); $mymail->setSubject($subj); if (!empty($to)) { $mymail->addTo($to); } if (!empty($cc)) { $mymail->addCc($cc); } if (!empty($bcc)) { $mymail->addBcc($bcc); } if (!empty($to2)) { $mymail->addTo($to2); } if (!empty($cc2)) { $mymail->addCc($cc2); } $files =& PlUpload::listFiles(S::user()->login(), 'emails.send'); foreach ($files as $name => &$upload) { $mymail->addUploadAttachment($upload, $name); } if (Env::v('wiki') == 'text') { $mymail->setTxtBody(wordwrap($txt, 78, "\n")); } else { $mymail->setWikiBody($txt); } if ($mymail->send()) { $page->trigSuccess("Ton email a bien été envoyé."); $_REQUEST = array('bcc' => S::user()->bestEmail()); PlUpload::clear(S::user()->login(), 'emails.send'); } else { $page->trigError("Erreur lors de l'envoi du courriel, réessaye."); $page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send')); } } } } else { $res = XDB::query("SELECT data\n FROM email_send_save\n WHERE uid = {?}", S::i('uid')); if ($res->numRows() == 0) { PlUpload::clear(S::user()->login(), 'emails.send'); $_REQUEST['bcc'] = S::user()->bestEmail(); } else { $data = unserialize($res->fetchOneCell()); $_REQUEST = array_merge($_REQUEST, $data); } } } $uf = new UserFilter(new PFC_And(new UFC_Contact(S::user()), new UFC_Registered()), UserFilter::sortByName()); $contacts = $uf->getProfiles(); $page->assign('contacts', $contacts); $page->assign('maxsize', ini_get('upload_max_filesize') . 'o'); $page->assign('user', S::user()); $preferences = XDB::fetchOneAssoc('SELECT from_email, from_format FROM accounts WHERE uid = {?}', S::user()->id()); if ($preferences['from_email'] == '') { $preferences['from_email'] = '"' . S::user()->fullName() . '" <' . S::user()->bestEmail() . '>'; } $page->assign('preferences', $preferences); }
function handler_paypal_return($page, $uid = null) { $page->changeTpl('payment/retour_paypal.tpl'); /* reference banque (numero de transaction) */ $no_transaction = Env::s('tx'); /* token a renvoyer pour avoir plus d'information */ $clef = Env::s('sig'); /* code retour */ $status = Env::s('st'); /* raison */ $reason = $status == 'Pending' ? Env::s('pending_reason') : Env::s('reason_code'); /* reference complete de la commande */ $fullref = str_replace('%2d', '-', Env::s('cm')); /* montant de la transaction */ $montant = Env::s('amt'); /* devise */ if (Env::s('cc') != 'EUR') { cb_erreur("monnaie autre que l'euro"); } /* on extrait le code de retour */ if ($status != "Completed") { if ($status) { paypal_erreur("erreur lors du paiement : {$status} - {$reason}"); } else { paypal_erreur("Paiement annulé", false); } } /* on extrait les informations sur l'utilisateur */ $user = User::get($uid); if (!$user) { paypal_erreur("uid invalide"); } /* on extrait la reference de la commande */ if (!preg_match('/-xorg-([0-9]+)$/', $fullref, $matches)) { paypal_erreur("référence de commande invalide"); } $ref = $matches[1]; $res = XDB::query('SELECT mail, text, confirmation FROM payments WHERE id = {?}', $ref); if (!(list($conf_mail, $conf_title, $conf_text) = $res->fetchOneRow())) { paypal_erreur('référence de commande inconnue'); } /* on fait l'insertion en base de donnees */ XDB::execute("INSERT INTO payment_transactions (id, method_id, uid, ref, fullref, ts_confirmed, amount, pkey, comment, status, display)\n VALUES ({?}, 1, {?}, {?}, {?}, NOW(), {?}, {?}, {?}, 'confirmed', {?})", $no_transaction, $user->id(), $ref, $fullref, $montant, $clef, Env::v('comment'), Get::i('display')); // We check if it is an Xnet payment and then update the related ML. $res = XDB::query('SELECT eid, asso_id FROM group_events WHERE paiement_id = {?}', $ref); if ($res->numRows() == 1) { list($eid, $asso_id) = $res->fetchOneRow(); require_once dirname(__FILE__) . '/xnetevents/xnetevents.inc.php'; $evt = get_event_detail($eid, false, $asso_id); subscribe_lists_event($user->id(), $evt['short_name'], 1, $montant, true); } /* on genere le mail de confirmation */ $conf_text = str_replace(array('<prenom>', '<nom>', '<promo>', '<montant>', '<salutation>', '<cher>', '<comment>'), array($user->firstName(), $user->lastName(), $user->promo(), $montant, $user->isFemale() ? 'Chère' : 'Cher', $user->isFemale() ? 'Chère' : 'Cher', Env::v('comment')), $conf_text); global $globals; $mymail = new PlMailer(); $mymail->setFrom($conf_mail); $mymail->addCc($conf_mail); $mymail->setSubject($conf_title); $mymail->setWikiBody($conf_text); $mymail->sendTo($user); /* on envoie les details de la transaction à telepaiement@ */ $mymail = new PlMailer(); $mymail->setFrom("webmaster@" . $globals->mail->domain); $mymail->addTo($globals->money->email); $mymail->setSubject($conf_title); $msg = 'utilisateur : ' . $user->login() . ' (' . $user->id() . ')' . "\n" . 'mail : ' . $user->forlifeEmail() . "\n\n" . "paiement : {$conf_title} ({$conf_mail})\n" . "reference : {$champ200}\n" . "montant : {$montant}\n\n" . "dump de REQUEST:\n" . var_export($_REQUEST, true); $mymail->setTxtBody($msg); $mymail->send(); $page->assign('texte', $conf_text); $page->assign('erreur', $erreur); }