public function handler_admin_nl_sync($page) { global $globals; $nl = $this->getNl(); if (!$nl) { return PL_FORBIDDEN; } if (Env::has('add_users')) { S::assert_xsrf_token(); $nl->bulkSubscribe(array_keys(Env::v('add_users'))); $page->trigSuccess('Ajouts réalisés avec succès.'); } // TODO(x2006barrois): remove raw SQL query. $uids = XDB::fetchColumn('SELECT DISTINCT(g.uid) FROM group_members AS g WHERE g.asso_id = {?} AND NOT EXISTS (SELECT ni.* FROM newsletter_ins AS ni INNER JOIN newsletters AS n ON (ni.nlid = n.id) WHERE g.uid = ni.uid AND n.group_id = g.asso_id)', $globals->asso('id')); $users = User::getBulkUsersWithUIDs($uids); usort($users, 'User::compareDirectoryName'); $page->setTitle('Synchronisation de la newsletter'); $page->changeTpl('newsletter/sync.tpl'); $page->assign('users', $users); }
function handler_upload($page) { $page->assign('exception', false); $page->assign('image', false); if (FrankizUpload::has('file')) { $g = Group::from('temp')->select(GroupSelect::castes()); $temp = $g->caste(Rights::everybody()); try { $upload = FrankizUpload::v('file'); $secret = uniqid(); $i = new FrankizImage(); $i->insert(); $i->caste($temp); $i->label($secret); $i->image($upload); $page->assign('image', $i); $page->assign('secret', $secret); } catch (Exception $e) { try { if ($i) { $i->delete(); } } catch (Exception $eb) { $page->assign('exception', $eb); } $page->assign('exception', $e); if ($e instanceof ImageSizeException) { $page->assign('pixels', true); } else { if ($e instanceof UploadSizeException) { $page->assign('bytes', true); } else { if ($e instanceof ImageFormatException) { $page->assign('format', true); } } } } } if (Env::has('delete')) { $image = new FrankizImage(Env::i('iid')); $image->select(FrankizImageSelect::base()); if ($image->label() == Env::s('secret')) { $image->delete(); } } $page->addCssLink('upload.css'); $page->changeTpl('images/upload.tpl', SIMPLE); }
public function handle_editor() { $this->title = Env::t('title', ''); $this->content = Env::t('news_content', ''); $this->begin = new FrankizDateTime(Env::t('begin')); $this->end = new FrankizDateTime(Env::t('end')); if (Env::has('image')) { $image = new ImageFilter(new PFC_And(new IFC_Id(Env::i('image')), new IFC_Temp())); $image = $image->get(true); if (!$image) { throw new Exception("This image doesn't exist anymore"); } $image->select(FrankizImageSelect::caste()); $image->label($this->title); $image->caste($this->target); $this->image($image); } return true; }
public function sendmailfinal($isok) { if (is_null($this->user->bestEmail())) { $this->user->select(UserSelect::base()); } $mail = new FrankizMailer('validate/mail.valid.tol.tpl'); if (Env::has("ans")) { $mail->assign('comm', Env::v('ans')); } $mail->assign('isOk', $isok); if ($isok) { $mail->Subject = '[Frankiz] Ta photo tol a été validée'; } else { $mail->Subject = '[Frankiz] Ta photo tol a été refusée'; } $mail->SetFrom($this->_mail_from_addr(), $this->_mail_from_disp()); $mail->AddAddress($this->user->bestEmail(), $this->user->displayName()); $mail->AddCC($this->_mail_from_addr(), $this->_mail_from_disp()); $mail->Send(false); }
function handler_ig_search($page) { if (Env::has('quick') && Env::s('quick') != '') { global $globals; require_once 'userset.inc.php'; $view = new QuickSearchSet(); $view->addMod('gadget', 'Gadget', true); $view->apply(null, $page); $nb_tot = $view->count(); $page->assign('result_count', $nb_tot); if (!S::logged() && $nb_tot > $globals->search->public_max) { $page->assign('error', 'Votre recherche a généré trop de résultats pour un affichage public.'); } elseif ($nb_tot > $globals->search->private_max) { $page->assign('error', 'Recherche trop générale.'); } elseif (empty($nb_tot)) { $page->assign('error', 'Il n\'existe personne correspondant à ces critères dans la base !'); } else { $page->assign('error', false); } } require_once 'gadgets/gadgets.inc.php'; init_igoogle_html('gadgets/ig-search.tpl', AUTH_PUBLIC); }
protected function handle_editor() { global $globals; if (Env::has('listname')) { $this->liste = Post::t('listname'); } if (Env::has('domainname')) { $this->domain = Post::t('domainname'); } if (Env::has('assotype')) { $this->asso = Post::t('assotype'); } if (!$this->asso) { $this->domain = $globals->mail->domain; } foreach ($this->owners as $key => &$email) { $email = Post::t('owners_' . $key); } foreach ($this->members as $key => &$email) { $email = Post::t('members_' . $key); } return true; }
function init_igoogle_html($template, $auth = AUTH_PUBLIC) { $page =& Platal::page(); $page->changeTpl('gadgets/ig-skin.tpl', NO_SKIN); $page->register_modifier('escape_html', 'escape_html'); $page->default_modifiers = array('@escape_html'); header('Accept-Charset: utf-8'); // Adds external JavaScript libraries provided by iGoogle to the page. if (Env::has('libs')) { $libs = preg_split('/,/', Env::s('libs'), -1, PREG_SPLIT_NO_EMPTY); foreach ($libs as $lib) { if (preg_match('@^[a-z0-9/._-]+$@i', $lib) && !preg_match('@([.][.])|([.]/)|(//)@', $lib)) { $page->append('gadget_js', 'https://www.google.com/ig/f/' . $lib); } } } // Redirects the user to the login pagin if required. if ($auth > S::v('auth', AUTH_PUBLIC)) { $page->assign('gadget_tpl', 'gadgets/ig-login.tpl'); return false; } $page->assign('gadget_tpl', $template); return true; }
function handler_debug($page) { global $globals; if (Env::has("reload")) { S::user()->select(UserSelect::login()); } if ($globals->debug & DEBUG_BT) { $sessions = array(); foreach ($_SESSION as $key => $val) { ob_start(); var_dump($val); $str = ob_get_clean(); $str = str_replace("\n", '', $str); $str = str_replace('{', '</span><ul><li><span>', $str); $str = str_replace('[', '</span></li><li><span>[', $str); $str = str_replace('}', '</li></span></ul>', $str); $str = preg_replace('/<span> *<\\/span>/i', '', $str); $str = preg_replace('/<li> *<\\/li>/i', '', $str); $sessions[$key] = $str; } $page->assign('session', $sessions); } $page->assign('title', 'Debug'); $page->changeTpl('admin/debug.tpl'); }
/** * to validate a form */ public function handle_form() { if (is_null($this->item)) { return false; } // edit informations if (Env::has('edit')) { if ($this->item->handle_editor()) { $this->update(); Platal::page()->assign('msg', 'Requête mise à jour'); return true; } return false; } // add a comment if (Env::has('add_comm')) { if (!strlen(Env::t('comm'))) { return false; } $this->item->add_comment(S::user()->displayName(), Env::v('comm')); $this->item->sendmailcomment($this->writer); $this->update(); Platal::page()->assign('msg', 'Commentaire ajouté'); return true; } if (Env::has('accept')) { if ($this->commit()) { Platal::page()->assign('msg', 'Email de validation envoyé'); return true; } else { Platal::page()->assign('msg', 'Erreur lors de la validation'); return false; } } if (Env::has('delete')) { if (!Env::v('ans')) { Platal::page()->assign('msg', 'Pas de motivation pour le refus !!!'); return false; } else { if ($this->item->delete()) { $this->item->sendmailfinal(false); $this->clean(); Platal::page()->assign('msg', 'Email de refus envoyé'); return true; } else { Platal::page()->assign('msg', 'Erreur lors de la suppression des données'); return false; } } } return false; }
function handler_admin($page, $liste = null) { global $globals; if (is_null($liste)) { return PL_NOT_FOUND; } $mlist = $this->prepare_list($liste); $this->is_group_admin($page); if (!$this->is_group_admin($page)) { $this->verify_list_owner($page, $mlist); } $page->changeTpl('lists/admin.tpl'); if (Env::has('send_mark')) { S::assert_xsrf_token(); $actions = Env::v('mk_action'); $uids = Env::v('mk_uid'); $mails = Env::v('mk_email'); foreach ($actions as $key => $action) { switch ($action) { case 'none': break; case 'marketu': case 'markets': require_once 'emails.inc.php'; $user = User::get($uids[$key]); $mail = valide_email($mails[$key]); if (isvalid_email_redirection($mail, $user)) { $from = $action == 'marketu' ? 'user' : 'staff'; $market = Marketing::get($uids[$key], $mail); if (!$market) { $market = new Marketing($uids[$key], $mail, 'list', $mlist->address, $from, S::v('uid')); $market->add(); break; } } default: XDB::execute('INSERT IGNORE INTO register_subs (uid, type, sub, domain) VALUES ({?}, \'list\', {?}, {?})', $uids[$key], $mlist->mbox, $mlist->domain); } } } if (Env::has('add_member') || isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) { S::assert_xsrf_token(); if (isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) { $upload =& PlUpload::get($_FILES['add_member_file'], S::user()->login(), 'list.addmember', true); if (!$upload) { $page->trigError("Une erreur s'est produite lors du téléchargement du fichier."); } else { $logins = $upload->getContents(); } } else { $logins = Env::v('add_member'); } $logins = preg_split("/[; ,\r\n\\|]+/", $logins); $members = User::getBulkForlifeEmailsFromEmail($logins); $unfound = array_diff_key($logins, $members); // Make sure we send a list (array_values) of unique (array_unique) // emails. $members = array_values(array_unique($members)); $arr = $mlist->subscribeBulk($members); $successes = array(); if (is_array($arr)) { foreach ($arr as $addr) { $successes[] = $addr[1]; $page->trigSuccess("{$addr[0]} inscrit."); } } $already = array_diff($members, $successes); if (is_array($already)) { foreach ($already as $item) { $page->trigWarning($item . ' est déjà inscrit.'); } } if (is_array($unfound)) { foreach ($unfound as $item) { if (trim($item) != '') { $page->trigError($item . " ne correspond pas à un compte existant et n'est pas une adresse email."); } } } } if (Env::has('del_member')) { S::assert_xsrf_token(); if (strpos(Env::v('del_member'), '@') === false) { if ($del_member = User::getSilent(Env::t('del_member'))) { $mlist->unsubscribeBulk(array($del_member->forlifeEmail())); } } else { $mlist->unsubscribeBulk(array(Env::v('del_member'))); } pl_redirect('lists/admin/' . $liste); } if (Env::has('add_owner')) { S::assert_xsrf_token(); $owners = User::getBulkForlifeEmailsFromEmail(Env::v('add_owner')); if ($owners) { foreach ($owners as $forlife_email) { if ($mlist->addOwner($forlife_email)) { $page->trigSuccess($login . " ajouté aux modérateurs."); } } } } if (Env::has('del_owner')) { S::assert_xsrf_token(); if (strpos(Env::v('del_owner'), '@') === false) { if ($del_owner = User::getSilent(Env::t('del_owner'))) { $mlist->removeOwner($del_owner->forlifeEmail()); } else { // Shit happens, and a non-email could be set as the owner $mlist->removeOwner(Env::v('del_owner')); } } else { $mlist->removeOwner(Env::v('del_owner')); } pl_redirect('lists/admin/' . $liste); } if (list($det, $mem, $own) = $mlist->getMembers()) { global $list_unregistered; if ($list_unregistered) { $page->assign_by_ref('unregistered', $list_unregistered); } $membres = list_sort_members($mem, @$tri_promo); $moderos = list_sort_owners($own, @$tri_promo); $page->assign_by_ref('details', $det); $page->assign_by_ref('members', $membres); $page->assign_by_ref('owners', $moderos); $page->assign('np_m', count($mem)); } else { $page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer.<br />" . " Si tu penses qu'il s'agit d'une erreur, " . "<a href='mailto:support@polytechnique.org'>contact le support</a>."); } }
public function sendmailcomment($user) { $mail = new FrankizMailer('validate/mail.comment.tpl'); $mail->assign('admin', S::user()); $mail->assign('type', $this->type); $mail->assign('user', $user->displayName()); if (Env::has('comm')) { $mail->assign('comm', Env::v('comm')); } $mail->Subject = "Commentaires de validation de type \"{$this->label()}\""; $mail->SetFrom($this->_mail_from_addr(), $this->_mail_from_disp()); $mail->AddAddress($this->_mail_from_addr(), $this->_mail_from_disp()); $mail->Send(false); }
public function sendmailfinal($isok) { if (is_null($this->writer->bestEmail())) { $this->writer->select(User::SELECT_BASE); } $mail = new FrankizMailer('validate/mail.valid.licenses.tpl'); $mail->assign('isok', $isok); $mail->assign('software_name', $this->softwareName()); if (Env::has("ans")) { $mail->assign('comm', Env::v('ans')); } if ($isok) { $mail->Subject = '[Frankiz] Ta demance de licence a été acceptée'; } else { $mail->Subject = '[Frankiz] Ta demance de licence a été refusée'; } $mail->SetFrom($this->_mail_from_addr(), $this->_mail_from_disp()); $mail->AddAddress($this->writer->bestEmail(), $this->writer->displayName()); $mail->AddCC($this->_mail_from_addr(), $this->_mail_from_disp()); $mail->Send(false); }
function handler_group_admin($page, $group = null) { $group = Group::fromId($group); if ($group && (S::user()->hasRights($group, Rights::admin()) || S::user()->isWeb())) { $group->select(GroupSelect::see()); $page->assign('group', $group); if (Env::has('name') && Env::t('name') != '' && S::user()->isAdmin()) { S::logger()->log("groups/admin", array("gid" => $group->id(), "old_name" => $group->name(), "new_name" => Env::t('name'))); $group->name(Env::t('name')); } if (Env::has('update') && S::user()->isAdmin()) { $group->external(Env::has('external')); $group->leavable(Env::has('leavable')); $group->visible(Env::has('visible')); } if (Env::has('label')) { $group->label(Env::t('label')); } if (Env::has('update')) { $group->description(Env::t('description')); $group->web(Env::t('web')); $group->wikix(Env::t('wikix')); $group->mail(Env::t('mail')); } if (Env::has('image')) { $image = new ImageFilter(new PFC_And(new IFC_Id(Env::i('image')), new IFC_Temp())); $image = $image->get(true); if (!$image) { throw new Exception("This image doesn't exist anymore"); } $image->select(FrankizImageSelect::caste()); $image->label($group->label()); $image->caste($group->caste(Rights::everybody())); $group->image($image); } if (S::user()->isWeb()) { $nss = XDB::fetchColumn('SELECT ns FROM groups GROUP BY ns'); $page->assign('nss', $nss); if (Env::has('ns')) { S::logger()->log("groups/admin", array("gid" => $group->id(), "old_ns" => $group->ns(), "new_ns" => Env::t('ns'))); $group->ns(Env::t('ns')); } } $promos = S::user()->castes()->groups()->filter('ns', Group::NS_PROMO); $page->assign('promos', $promos); $page->assign('title', 'Administration de "' . $group->label() . '"'); $page->addCssLink('groups.css'); $page->changeTpl('groups/admin.tpl'); } else { $page->assign('title', "Ce groupe n'existe pas ou vous n'en êtes pas administrateur"); $page->changeTpl('groups/no_group.tpl'); } }
function handler_admin_announce($page) { global $globals; $page->changeTpl('xnetgrp/announce-admin.tpl'); if (Env::has('del')) { S::assert_xsrf_token(); XDB::execute('DELETE FROM group_announces WHERE id = {?} AND asso_id = {?}', Env::i('del'), $globals->asso('id')); } $res = XDB::iterator('SELECT id, titre, expiration, expiration < CURRENT_DATE() AS perime FROM group_announces WHERE asso_id = {?} ORDER BY expiration DESC', $globals->asso('id')); $page->assign('articles', $res); }
function handler_feed($page) { if (Env::has('act_rss')) { $hash_rss = rand_url_id(16); S::user()->hash_rss($hash_rss); $page->assign('success', true); } if (Env::has('des_rss')) { S::user()->hash_rss(''); $page->assign('desactivated', true); } $page->assign('user', S::user()); $page->assign('title', 'Flux'); $page->addCssLink('profile.css'); $page->changeTpl('profile/feed.tpl'); }
function handler_participants($page, $id) { $act = new ActivityInstanceFilter(new PFC_AND(new AIFC_CanBeSeen(S::user()), new AIFC_Id($id))); $act = $act->get(true); if ($act === false) { throw new Exception("Invalid credentials"); } $act->select(ActivityInstanceSelect::all()); if (Env::has('mail')) { S::assert_xsrf_token(); if (Env::t('mail_body') != '' && s::user()->id() == $act->writer()->id()) { $mail = new FrankizMailer(); $mail->subject('[Mail groupé] Activité ' . $act->title() . ' du ' . $act->date() . ' à ' . $act->hour_begin()); $mail->body(Env::t('mail_body')); $mail->setFrom(S::user()->bestEmail(), S::user()->displayName()); $mail->toUserFilter(new UserFilter(new UFC_ActivityInstance($act->id()))); $mail->sendLater(false); } else { $page->assign('msg', 'Votre mail n\'est pas rempli.'); } } $page->assign('user', s::user()); $page->assign('id', $id); $page->assign('activity', $act); $page->assign('title', 'Participants à une activité'); $page->addCssLink('activity.css'); $page->changeTpl('activity/participants.tpl'); }
function handler_admin($page, $id = null, $action = null) { $page->assign('title', "Administration de l'authentification externe"); $page->assign('remoterights_available', implode(',', Remote::availableRights())); // Find remote $remote = null; if ($id == 'new') { $remote = new Remote(); $remote->insert(); } elseif (Remote::isId($id)) { $remote = new Remote($id); // Delete a remote if ($action == 'delete') { $remote->delete(); $remote = null; } } if (!empty($remote)) { $remote->select(RemoteSelect::groups()); if (Env::has('change_remote')) { $remote->site(Env::t('site')); $remote->label(Env::t('label')); $remote->privkey(Env::t('privkey')); $rights = explode(',', Env::t('rights')); foreach ($rights as $k => $v) { $rights[$k] = strtolower(trim($v)); } $rights = array_intersect($rights, Remote::availableRights()); $remote->rights(new PlFlagSet(implode(',', $rights))); $groups = new Collection('Group'); $groups_fields = array('binets', 'frees'); foreach ($groups_fields as $field) { foreach (explode(';', Env::t($field)) as $gid) { $gid = trim($gid); if ($gid) { $groups->add(new Group($gid)); } } } $groups->select(GroupSelect::base()); $remote->groups($groups); } $page->assign('remote', $remote); $page->changeTpl('remote/admin.tpl'); } else { $remotes = Remote::selectAll(RemoteSelect::groups()); $page->assign('remotes', $remotes); $page->changeTpl('remote/list.tpl'); } }
public function run() { $skin = $this->load_skin(); $this->assign('skin', S::v('skin')); $user = S::user(); $this->assign('user', $user); $this->assign('logged', !is_null($user) && S::logged()); // Remote IP $this->assign('remip', IPAddress::getInstance()); $this->assign('MiniModules_COL_FLOAT', FrankizMiniModule::get(S::user()->minimodules(FrankizMiniModule::COL_FLOAT))); $this->addCssLink(FrankizMiniModule::batchCss()); // Enable JSON loading of the module only if (Env::has('solo')) { $this->jsonAssign('content', $this->raw()); $this->jsonAssign('title', $this->get_template_vars('title')); $this->jsonAssign('pl_css', $this->get_template_vars('pl_css')); $this->jsonAssign('pl_js', $this->get_template_vars('pl_js')); $this->runJSon(); } else { $this->assign('quick_validate', array()); if (S::user()->castes(Rights::admin())->count() > 0) { $validate_filter = new ValidateFilter(new VFC_User(S::user())); $validates = $validate_filter->get()->select(ValidateSelect::quick()); $quick_validate = $validates->split('group'); $this->assign('quick_validate', $quick_validate); } $request_filter = new ValidateFilter(new VFC_Writer(S::user())); $requests = $request_filter->get()->select(ValidateSelect::quick()); $this->assign('self_url', pl_self()); $this->assign('quick_requests', $requests); $this->_run(self::getTplPath('frankiz.tpl')); } }
function handler_jobs($page, $id = -1) { $page->changeTpl('admin/jobs.tpl'); if (Env::has('search')) { $res = XDB::query("SELECT id, name, acronym\n FROM profile_job_enum\n WHERE name LIKE CONCAT('%', {?}, '%') OR acronym LIKE CONCAT('%', {?}, '%')", Env::t('job'), Env::t('job')); if ($res->numRows() <= 20) { $page->assign('jobs', $res->fetchAllAssoc()); } else { $page->trigError("Il y a trop d'entreprises correspondant à ton choix. Affine-le !"); } $page->assign('askedJob', Env::v('job')); return; } if (Env::has('edit')) { S::assert_xsrf_token(); $selectedJob = Env::has('selectedJob'); Phone::deletePhones(0, Phone::LINK_COMPANY, $id); Address::deleteAddresses(null, Address::LINK_COMPANY, $id); if (Env::has('change')) { if (Env::has('newJobId') && Env::i('newJobId') > 0) { XDB::execute('UPDATE profile_job SET jobid = {?} WHERE jobid = {?}', Env::i('newJobId'), $id); XDB::execute('DELETE FROM profile_job_enum WHERE id = {?}', $id); $page->trigSuccess("L'entreprise a bien été remplacée."); } else { $page->trigError("L'entreprise n'a pas été remplacée car l'identifiant fourni n'est pas valide."); } } else { XDB::execute('UPDATE profile_job_enum SET name = {?}, acronym = {?}, url = {?}, email = {?}, SIREN_code = {?}, NAF_code = {?}, AX_code = {?}, holdingid = {?} WHERE id = {?}', Env::t('name'), Env::t('acronym'), Env::t('url'), Env::t('email'), Env::t('SIREN') == 0 ? null : Env::t('SIREN'), Env::t('NAF_code') == 0 ? null : Env::t('NAF_code'), Env::i('AX_code') == 0 ? null : Env::t('AX_code'), Env::i('holdingId') == 0 ? null : Env::t('holdingId'), $id); $phone = new Phone(array('display' => Env::v('tel'), 'link_id' => $id, 'id' => 0, 'type' => 'fixed', 'link_type' => Phone::LINK_COMPANY, 'pub' => 'public')); $fax = new Phone(array('display' => Env::v('fax'), 'link_id' => $id, 'id' => 1, 'type' => 'fax', 'link_type' => Phone::LINK_COMPANY, 'pub' => 'public')); $address = new Address(array('jobid' => $id, 'type' => Address::LINK_COMPANY, 'text' => Env::t('address'))); $phone->save(); $fax->save(); $address->save(); $page->trigSuccess("L'entreprise a bien été mise à jour."); } } if (!Env::has('change') && $id != -1) { $res = XDB::query("SELECT e.id, e.name, e.acronym, e.url, e.email, e.SIREN_code AS SIREN, e.NAF_code, e.AX_code,\n h.id AS holdingId, h.name AS holdingName, h.acronym AS holdingAcronym,\n t.display_tel AS tel, f.display_tel AS fax, a.text AS address\n FROM profile_job_enum AS e\n LEFT JOIN profile_job_enum AS h ON (e.holdingid = h.id)\n LEFT JOIN profile_phones AS t ON (t.pid = e.id AND t.link_type = 'hq' AND t.tel_id = 0)\n LEFT JOIN profile_phones AS f ON (f.pid = e.id AND f.link_type = 'hq' AND f.tel_id = 1)\n LEFT JOIN profile_addresses AS a ON (a.jobid = e.id AND a.type = 'hq')\n WHERE e.id = {?}", $id); if ($res->numRows() == 0) { $page->trigError('Auncune entreprise ne correspond à cet identifiant.'); } else { $page->assign('selectedJob', $res->fetchOneAssoc()); } } }
function handler_laf($page, $id = 0) { if (Env::has('trouve') && Env::has('obj')) { if (S::logged()) { XDB::execute("INSERT INTO laf\n SET uid = {?}, found = NOW(), description = {?}, context = {?}", S::user()->id(), Env::t('obj'), Env::t('desc')); $page->assign('message', 'Pense à supprimer l\'objet une fois rendu à son propriétaire.'); require_once 'banana/hooks.inc.php'; $body = 'L\'objet ' . Env::t('obj') . ' a été retrouvé'; if (Env::t('desc') != '') { $body .= ' dans les circonstances suivantes : ' . Env::t('desc'); } $body .= '.\\n\\n' . S::user()->displayName() . '\\n\\n\\n' . 'Ceci est un message automatique, merci de le signaler sur frankiz une fois l\'objet rendu.'; send_message('br.pa', 'pong ' . Env::t('obj'), $body); } else { $page->assign('not_logged', 'true'); } } if (Env::has('perdu') && Env::has('obj')) { if (S::logged()) { XDB::execute("INSERT INTO laf\n SET uid = {?}, lost = NOW(), description = {?}, context = {?}", S::user()->id(), Env::t('obj'), Env::t('desc')); $page->assign('message', 'Pense à supprimer l\'objet dès que celui-ci est retrouvé.'); require_once 'banana/hooks.inc.php'; $body = 'L\'objet ' . Env::t('obj') . ' a été perdu'; if (Env::t('desc') != '') { $body .= ' dans les circonstances suivantes : ' . Env::t('desc'); } $body .= '.\\n\\n' . S::user()->displayName() . '\\n\\n\\n' . 'Ceci est un message automatique, merci de le signaler sur frankiz une fois l\'objet retrouvé.'; send_message('br.pa', 'ping ' . Env::t('obj'), $body); } else { $page->assign('not_logged', 'true'); } } if (Env::has('pong')) { $this->manage_pong($page, $id); } if (Env::has('del_pong')) { if (S::logged()) { $res = XDB::query("SELECT * FROM laf WHERE oid = {?}", $id)->fetchAllRow(); $res = $res[0]; if (S::user()->id() == $res[1]) { XDB::execute("UPDATE laf SET lost = NOW() WHERE oid = {?}", $id); $page->assign('message', 'L\'objet a été supprimé de la base.'); } else { $page->assign('message', 'Seul celui qui a trouvé l\'objet peut le supprimer de la liste.'); } } else { $page->assign('no-logged', 'true'); } } if (Env::has('ping')) { if (S::logged()) { $this->manage_ping($page, $id); } else { $page->assign('not_logged', 'true'); } } if (Env::has('del_ping')) { if (S::logged()) { $res = XDB::query("SELECT * FROM laf WHERE oid = {?}", $id)->fetchAllRow(); $res = $res[0]; if (S::user()->id() == $res[1]) { XDB::execute("UPDATE laf SET found = NOW() WHERE oid = {?}", $id); $page->assign('message', 'L\'objet a été supprimé de la base.'); } else { $page->assign('message', 'Seul celui qui a perdu l\'objet peut le supprimer de la liste.'); } } else { $page->assign('not_logged', 'true'); } } if (Env::has('ping_obj')) { $res = XDB::query("SELECT * FROM laf WHERE ISNULL(found) \n \t\t\t\tAND description " . XDB::formatWildcards(XDB::WILDCARD_CONTAINS, Env::t('ping_obj')) . "\n \t\t\t\tOR context " . XDB::formatWildcards(XDB::WILDCARD_CONTAINS, Env::t('ping_obj')) . "\n \t\t\t\tORDER BY lost DESC LIMIT 30"); $lost = $res->fetchAllRow(); $page->assign('query', 'ping'); } else { $res = XDB::query("SELECT * FROM laf WHERE ISNULL(found) ORDER BY lost DESC LIMIT 30"); $lost = $res->fetchAllRow(); } if (Env::has('pong_obj')) { $res = XDB::query("SELECT *\n FROM laf\n WHERE ISNULL(lost)\n \t\t\t\t AND description " . XDB::formatWildcards(XDB::WILDCARD_CONTAINS, Env::t('pong_obj')) . "\n \t\t\t\t OR context " . XDB::formatWildcards(XDB::WILDCARD_CONTAINS, Env::t('pong_obj')) . "\n \t\t\t\t ORDER BY found\n \t\t\t DESC LIMIT 30"); $found = $res->fetchAllRow(); $page->assign('query', 'pong'); } else { $res = XDB::query("SELECT * FROM laf WHERE ISNULL(lost) ORDER BY found DESC LIMIT 30"); $found = $res->fetchAllRow(); } $page->addCssLink('laf.css'); $page->assign('uid', s::user()->id()); $page->assign('title', 'Objets Trouvés'); $page->assign('lost', $lost); $page->assign('found', $found); $page->changeTpl('lostandfound/laf.tpl'); }
public function IsOpenIdRequest() { return Env::has('openid_mode'); }
function handler_admin($page) { $mixed = func_get_args(); array_shift($mixed); $mixed = implode('/', $mixed); if (empty($mixed)) { $wikis = Wiki::selectAll(Wiki::SELECT_BASE | Wiki::SELECT_COUNT); $page->assign('wikis', $wikis); $page->addCssLink('wiki.css'); $page->assign('title', 'Admin Wiki'); $page->changeTpl('wiki/list.tpl'); } else { if (Wiki::isId($mixed)) { $wiki = new Wiki($mixed); } else { $wiki = Wiki::from($mixed, true); // Create the Wiki if it doesn't exist } if (Env::has('newcontent')) { $wiki->update(Env::s('newcontent')); } $wiki->select(Wiki::SELECT_BASE | Wiki::SELECT_COUNT); $wiki->select(array(Wiki::SELECT_VERSION => array('versions' => array('last'), 'options' => UserSelect::base()))); $page->assign('wiki', $wiki); $page->addCssLink('wiki.css'); $page->assign('title', 'Admin Wiki: ' . $wiki->name()); $page->changeTpl('wiki/admin.tpl'); } }
function handler_skin($page) { global $globals; $page->changeTpl('platal/skins.tpl'); $page->setTitle('Skins'); if (Env::has('newskin')) { // formulaire soumis, traitons les données envoyées XDB::execute('UPDATE accounts SET skin = {?} WHERE uid = {?}', Env::i('newskin'), S::i('uid')); S::kill('skin'); Platal::session()->setSkin(); } $res = XDB::query('SELECT id FROM skins WHERE skin_tpl = {?}', S::v('skin')); $page->assign('skin_id', $res->fetchOneCell()); $sql = 'SELECT s.*, auteur, COUNT(*) AS nb FROM skins AS s LEFT JOIN accounts AS a ON (a.skin = s.id) WHERE skin_tpl != \'\' AND ext != \'\' GROUP BY id ORDER BY s.date DESC'; $page->assign('skins', XDB::iterator($sql)); }
function handler_admin_events($page, $action = 'list', $eid = null) { $page->changeTpl('events/admin.tpl'); $page->setTitle('Administration - Evenements'); $page->register_modifier('hde', 'html_entity_decode'); $arch = $action == 'archives'; $page->assign('action', $action); $upload = new PlUpload(S::user()->login(), 'event'); if ((Env::has('preview') || Post::v('action') == "Proposer") && $eid) { $action = 'edit'; $this->upload_image($page, $upload); } if (Post::v('action') == 'Pas d\'image' && $eid) { S::assert_xsrf_token(); $upload->rm(); XDB::execute("DELETE FROM announce_photos WHERE eid = {?}", $eid); $action = 'edit'; } elseif (Post::v('action') == 'Supprimer l\'image' && $eid) { S::assert_xsrf_token(); $upload->rm(); $action = 'edit'; } elseif (Post::v('action') == "Proposer" && $eid) { S::assert_xsrf_token(); $promo_min = Post::i('promo_min'); $promo_max = Post::i('promo_max'); if ($promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020) || $promo_max != 0 && ($promo_max <= 1900 || $promo_max >= 2020 || $promo_max < $promo_min)) { $page->trigError("L'intervalle de promotions {$promo_min} -> {$promo_max} n'est pas valide"); $action = 'edit'; } else { $res = XDB::query('SELECT flags FROM announces WHERE id = {?}', $eid); $flags = new PlFlagSet($res->fetchOneCell()); $flags->addFlag('wiki'); if (Post::v('important')) { $flags->addFlag('important'); } else { $flags->rmFlag('important'); } XDB::execute('UPDATE announces SET creation_date = creation_date, titre={?}, texte={?}, expiration={?}, promo_min={?}, promo_max={?}, flags = {?} WHERE id = {?}', Post::v('titre'), Post::v('texte'), Post::v('expiration'), Post::v('promo_min'), Post::v('promo_max'), $flags, $eid); if ($upload->exists() && (list($x, $y, $type) = $upload->imageInfo())) { XDB::execute('INSERT INTO announce_photos (eid, attachmime, attach, x, y) VALUES ({?}, {?}, {?}, {?}, {?}) ON DUPLICATE KEY UPDATE attachmime = VALUES(attachmime), attach = VALUES(attach), x = VALUES(x), y = VALUES(y)', $eid, $type, $upload->getContents(), $x, $y); $upload->rm(); } } } if ($action == 'edit') { $res = XDB::query('SELECT titre, texte, expiration, promo_min, promo_max, FIND_IN_SET(\'important\', flags), attach IS NOT NULL FROM announces AS e LEFT JOIN announce_photos AS p ON(e.id = p.eid) WHERE id={?}', $eid); list($titre, $texte, $expiration, $promo_min, $promo_max, $important, $img) = $res->fetchOneRow(); $page->assign('titre', $titre); $page->assign('texte', $texte); $page->assign('promo_min', $promo_min); $page->assign('promo_max', $promo_max); $page->assign('expiration', $expiration); $page->assign('important', $important); $page->assign('eid', $eid); $page->assign('img', $img); $page->assign_by_ref('upload', $upload); $select = ""; for ($i = 1; $i < 30; $i++) { $p_stamp = date("Ymd", time() + 3600 * 24 * $i); $year = substr($p_stamp, 0, 4); $month = substr($p_stamp, 4, 2); $day = substr($p_stamp, 6, 2); $select .= "<option value=\"{$p_stamp}\"" . ($p_stamp == strtr($expiration, array("-" => "")) ? " selected" : "") . "> {$day} / {$month} / {$year}</option>\n"; } $page->assign('select', $select); } else { switch ($action) { case 'delete': S::assert_xsrf_token(); XDB::execute('DELETE from announces WHERE id = {?}', $eid); break; case "archive": S::assert_xsrf_token(); XDB::execute('UPDATE announces SET creation_date = creation_date, flags = CONCAT(flags,",archive") WHERE id = {?}', $eid); break; case "unarchive": S::assert_xsrf_token(); XDB::execute('UPDATE announces SET creation_date = creation_date, flags = REPLACE(flags,"archive","") WHERE id = {?}', $eid); $action = 'archives'; $arch = true; break; case "valid": S::assert_xsrf_token(); XDB::execute('UPDATE announces SET creation_date = creation_date, flags = CONCAT(flags,",valide") WHERE id = {?}', $eid); break; case "unvalid": S::assert_xsrf_token(); XDB::execute('UPDATE announces SET creation_date = creation_date, flags = REPLACE(flags,"valide", "") WHERE id = {?}', $eid); break; } $pid = $eid && $action == 'preview' ? $eid : -1; $sql = "SELECT e.id, e.titre, e.texte,e.id = {$pid} AS preview, e.uid,\n DATE_FORMAT(e.creation_date,'%d/%m/%Y %T') AS creation_date,\n DATE_FORMAT(e.expiration,'%d/%m/%Y') AS expiration,\n e.promo_min, e.promo_max,\n FIND_IN_SET('valide', e.flags) AS fvalide,\n FIND_IN_SET('archive', e.flags) AS farch,\n FIND_IN_SET('wiki', e.flags) AS wiki\n FROM announces AS e\n WHERE " . ($arch ? "" : "!") . "FIND_IN_SET('archive',e.flags)\n ORDER BY FIND_IN_SET('valide',e.flags), e.expiration DESC"; $page->assign('evs', XDB::iterator($sql)); } $page->assign('arch', $arch); $page->assign('admin_evts', true); }
public function handler_notifs($page, $action = null, $arg = null) { $page->changeTpl('carnet/notifs.tpl'); if ($action) { S::assert_xsrf_token(); switch ($action) { case 'add_promo': $this->addPromo($page, $arg); break; case 'del_promo': $this->delPromo($page, $arg); break; case 'add_group': $this->addGroup($page, $arg); break; case 'del_group': $this->delGroup($page, $arg); break; case 'del_nonins': $user = User::get($arg); if ($user) { $this->delNonRegistered($page, $user); } break; case 'add_nonins': $user = User::get($arg); if ($user) { $this->addNonRegistered($page, $user); } break; } } if (Env::has('subs')) { S::assert_xsrf_token(); $flags = new PlFlagSet(); foreach (Env::v('sub') as $key => $value) { $flags->addFlag($key, $value); } XDB::execute('UPDATE watch SET actions = {?} WHERE uid = {?}', $flags, S::i('uid')); S::user()->invalidWatchCache(); Platal::session()->updateNbNotifs(); } if (Env::has('flags_contacts')) { S::assert_xsrf_token(); XDB::execute('UPDATE watch SET ' . XDB::changeFlag('flags', 'contacts', Env::b('contacts')) . ' WHERE uid = {?}', S::i('uid')); S::user()->invalidWatchCache(); Platal::session()->updateNbNotifs(); } if (Env::has('flags_mail')) { S::assert_xsrf_token(); XDB::execute('UPDATE watch SET ' . XDB::changeFlag('flags', 'mail', Env::b('mail')) . ' WHERE uid = {?}', S::i('uid')); S::user()->invalidWatchCache(); Platal::session()->updateNbNotifs(); } $user = S::user(); $nonins = new UserFilter(new UFC_WatchRegistration($user)); $promo = XDB::fetchColumn('SELECT promo FROM watch_promo WHERE uid = {?} ORDER BY promo', S::i('uid')); $page->assign('promo_count', count($promo)); $ranges = array(); $range_start = null; $range_end = null; foreach ($promo as $p) { if (is_null($range_start)) { $range_start = $range_end = $p; } else { if ($p != $range_end + 1) { $ranges[] = array($range_start, $range_end); $range_start = $range_end = $p; } else { $range_end = $p; } } } $ranges[] = array($range_start, $range_end); $page->assign('promo_ranges', $ranges); $page->assign('nonins', $nonins->getUsers()); $groups = XDB::fetchColumn('SELECT g.nom FROM watch_group AS w INNER JOIN groups AS g ON (g.id = w.groupid) WHERE w.uid = {?} ORDER BY g.nom', S::i('uid')); $page->assign('groups', $groups); $page->assign('groups_count', count($groups)); list($flags, $actions) = XDB::fetchOneRow('SELECT flags, actions FROM watch WHERE uid = {?}', S::i('uid')); $flags = new PlFlagSet($flags); $actions = new PlFlagSet($actions); $page->assign('flags', $flags); $page->assign('actions', $actions); }
function handler_admin($page, $nid = false) { $news = News::fromId($nid); if ($news !== false) { $news->select(NewsSelect::news()); if (S::user()->hasRights($news->target()->group(), Rights::admin()) || S::user()->isWeb()) { if (Env::has('modify') || Env::has('delete')) { S::assert_xsrf_token(); } if (Env::has('modify')) { $news->title(Env::t('title')); $news->content(Env::t('news_content')); $news->begin(new FrankizDateTime(Env::t('begin'))); $news->end(new FrankizDateTime(Env::t('end'))); if (Env::has('reappear')) { $news->removeReadFlags(); } if (Env::has('image')) { $image = new ImageFilter(new PFC_And(new IFC_Id(Env::i('image')), new IFC_Temp())); $image = $image->get(true); if (!$image) { throw new Exception("This image doesn't exist anymore"); } $image->select(FrankizImageSelect::caste()); $image->label($news->title()); $image->caste($news->target()); $news->image($image); } $page->assign('msg', "L'annonce a été modifiée."); } if (Env::has('delete')) { $news->delete(); $page->assign('delete', true); } } } $page->assign('news', $news); $page->assign('isEdition', true); $page->assign('title', "Modifier l'annonce"); $page->addCssLink('validate.css'); $page->changeTpl('news/admin.tpl'); }
/** set or update the user's subscription * * @param $uid: user's id * @param $eid: event's id * @param $subs: user's new subscription * */ function subscribe($uid, $eid, $subs = array()) { global $globals; // get items $items = get_event_items($eid); // get previous subscription $old_subs = get_event_subscription($eid, $uid); $participate = false; $updated = false; // TODO : change the way to deal with manual payment $paid = 0; foreach ($old_subs as $item_id => $s) { $paid += $s['paid']; } $paid_updated = false; // for each item of the event foreach ($items as $item_id => $details) { // check if there is an old subscription if (array_key_exists($item_id, $old_subs)) { // compares new and old subscription if ($old_subs[$item_id]['nb'] != $subs[$item_id]) { if ($subs[$item_id] != 0) { XDB::execute('INSERT INTO group_event_participants (eid, uid, item_id, nb, flags, paid) VALUES ({?}, {?}, {?}, {?}, {?}, {?}) ON DUPLICATE KEY UPDATE nb = VALUES(nb), flags = VALUES(flags), paid = VALUES(paid)', $eid, $uid, $item_id, $subs[$item_id], Env::has('notify_payment') ? 'notify_payment' : 0, !$paid_updated ? $paid : 0); $participate = true; $paid_updated = true; } else { // we do not store non-subscription to event items XDB::execute('DELETE FROM group_event_participants WHERE eid = {?} AND uid = {?} AND item_id = {?}', $eid, $uid, $item_id); } $updated = true; } } else { // if no old subscription if ($subs[$item_id] != 0) { XDB::execute('INSERT INTO group_event_participants (eid, uid, item_id, nb, flags, paid) VALUES ({?}, {?}, {?}, {?}, {?}, {?})', $eid, $uid, $item_id, $subs[$item_id], '', 0); $participate = true; $updated = true; } } } // item 0 stores whether the user participates globally or not, if he has to be notified when payment is created and his manual payment /* if (array_key_exists(0, $old_subs)) { XDB::execute('UPDATE group_event_participants SET nb = {?} WHERE eid = {?}, uid = {?}, item_id = 0', ($participate ? 1 : 0), $eid, $uid); } else { XDB::execute('INSERT INTO group_event_participants (eid, uid, item_id, nb, flags, paid) VALUES ({?}, {?}, {?}, {?}, {?}, {?})', $eid, $uid, 0, ($participate ? 1 : 0), (Env::has('notify_payment') ? 'notify_payment' : ''), 0); } */ // if subscription is updated, we have to update the event aliases if ($updated) { $short_name = get_event_detail($eid)['short_name']; subscribe_lists_event($uid, $short_name, $participate ? 1 : -1, 0); } return $updated; }
function handler_broken_addr($page) { require_once 'emails.inc.php'; $page->changeTpl('emails/broken_addr.tpl'); if (Env::has('sort_broken')) { S::assert_xsrf_token(); $list = trim(Env::v('list')); if ($list == '') { $page->trigError('La liste est vide.'); } else { $valid_emails = array(); $invalid_emails = array(); $broken_list = explode("\n", $list); sort($broken_list); foreach ($broken_list as $orig_email) { $orig_email = trim($orig_email); if ($orig_email != '') { $email = valide_email($orig_email); if (empty($email) || $email == '@') { $invalid_emails[] = trim($orig_email) . ': invalid email'; } elseif (!in_array($email, $valid_emails)) { $nb = XDB::fetchOneCell('SELECT COUNT(*) FROM email_redirect_account WHERE redirect = {?}', $email); if ($nb > 0) { $valid_emails[] = $email; } else { $invalid_emails[] = $orig_email . ': no such redirection'; } } } } $page->assign('valid_emails', $valid_emails); $page->assign('invalid_emails', $invalid_emails); } } if (Env::has('process_broken')) { S::assert_xsrf_token(); $list = trim(Env::v('list')); if ($list == '') { $page->trigError('La liste est vide.'); } else { require_once 'notifs.inc.php'; $broken_user_list = array(); $broken_user_email_count = array(); $broken_user_profiles = array(); $broken_list = explode("\n", $list); sort($broken_list); foreach ($broken_list as $email) { $email = trim($email); $userobj = null; if ($user = mark_broken_email($email, true)) { $userobj = User::getSilentWithUID($user['uid']); } if (is_null($userobj)) { continue; } $profile = $userobj->profile(); if (is_null($profile)) { continue; } if ($user['nb_mails'] > 0 && $user['notify']) { $mail = new PlMailer('emails/broken.mail.tpl'); $mail->setTo($userobj); $mail->assign('user', $user); $mail->assign('email', $email); $mail->send(); } else { WatchProfileUpdate::register($profile, 'broken'); } $pid = $profile->id(); if (!isset($broken_user_list[$pid])) { $broken_user_list[$pid] = array($email); } else { $broken_user_list[$pid][] = $email; } $broken_user_email_count[$pid] = $user['nb_mails']; $broken_user_profiles[$pid] = $profile; } XDB::execute('UPDATE email_redirect_account SET broken_level = broken_level - 1 WHERE flags = \'active\' AND broken_level > 1 AND DATE_ADD(last, INTERVAL 1 MONTH) < CURDATE()'); XDB::execute('UPDATE email_redirect_account SET broken_level = 0 WHERE flags = \'active\' AND broken_level = 1 AND DATE_ADD(last, INTERVAL 1 YEAR) < CURDATE()'); // Sort $broken_user_list with (promo, sortname, pid) $sortable_array = array(); foreach ($broken_user_list as $pid => $mails) { $profile = $broken_user_profiles[$pid]; $sortable_array[$pid] = array($profile->promo(), $profile->sortName(), $pid); } asort($sortable_array); // Output the list of users with recently broken addresses, // along with the count of valid redirections. pl_cached_content_headers('text/x-csv', null, 1, 'broken.csv'); $csv = fopen('php://output', 'w'); fputcsv($csv, array('nom', 'promo', 'bounces', 'nbmails', 'url', 'corps', 'job', 'networking'), ';'); $corpsList = DirEnum::getOptions(DirEnum::CURRENTCORPS); foreach (array_keys($sortable_array) as $pid) { $mails = $broken_user_list[$pid]; $profile = $broken_user_profiles[$pid]; $current_corps = $profile->getCorpsName(); $jobs = $profile->getJobs(); $companies = array(); foreach ($jobs as $job) { $companies[] = $job->company->name; } $networkings = $profile->getNetworking(Profile::NETWORKING_ALL); $networking_list = array(); foreach ($networkings as $networking) { $networking_list[] = $networking['address']; } fputcsv($csv, array($profile->fullName(), $profile->promo(), join(',', $mails), $broken_user_email_count[$pid], 'https://www.polytechnique.org/marketing/broken/' . $profile->hrid(), $current_corps, implode(',', $companies), implode(',', $networking_list)), ';'); } fclose($csv); exit; } } }
protected function sendmail($isok) { // Only sends email if the profile's owner exists and is registered. if ($this->ownerIsRegistered) { global $globals; $mailer = new PlMailer(); $mailer->setSubject($this->_mail_subj()); $mailer->setFrom("validation+{$this->type}@{$globals->mail->domain}"); $mailer->addTo("\"{$this->profile->fullName()}\" <{$this->profileOwner->bestEmail()}>"); $mailer->addCc("validation+{$this->type}@{$globals->mail->domain}"); $body = ($this->profile->isFemale() ? "Chère camarade,\n\n" : "Cher camarade,\n\n") . $this->_mail_body($isok) . (Env::has('comm') ? "\n\n" . Env::v('comm') : '') . "\n\nCordialement,\n-- \nL'équipe de Polytechnique.org\n" . $this->_mail_ps($isok); $mailer->setTxtBody(wordwrap($body)); $mailer->send(); } }
function handler_links_admin($page) { if (!S::user()->perms()->hasFlag('admin')) { return PL_FORBIDDEN; } $collec = Link::all(); $collec->select(LinkSelect::all()); $results = $collec->split('ns'); if (Env::has('modify')) { $id = Env::i('id'); $link = $collec->get($id); if ($link !== false) { if (Env::has('image')) { try { $group = Group::from('partnership'); $group->select(); $image = new FrankizImage(); $image->insert(); $image->label($link->label()); $image->caste($group->caste('everybody')); $image->image(FrankizUpload::v('image')); $link->image($image); } catch (Exception $e) { $page->assign('err', $e->getMessage()); } } $link->label(Env::t('label')); $link->link(Env::t('link')); $link->description(Env::t('description')); $link->comment(Env::t('comment')); } else { $err = 'Le lien modifié n\'existe plus.'; $page->assign('err', $err); } } $page->addCssLink('links.css'); $page->assign('links', $results); $page->assign('title', 'Administrer les liens'); $page->changeTpl('links/admin_links.tpl'); }