/** This function will add an attribute to a <a> tag if
 *     the current path matches the argument
 * @param $path     The path to write in the href attribute
 * @param $iftrue   The attribute to add if current path is $path
 * @param $iffalse  The attribute to add otherwise (defaults to '')
 */
function smarty_function_path_to_href_attribute($params, &$smarty)
{
    $on = isset($params['iftrue']) ? $params['iftrue'] : 'on';
    $off = isset($params['iffalse']) ? $params['iffalse'] : '';
    if (trim($params['path'], '/') == trim(Get::v('n'), '/')) {
        $attribute = $on;
    } else {
        $attribute = $off;
    }
    $attribute = $attribute == '' ? '' : ' ' . $attribute;
    return 'href="' . $params['path'] . '" class="link' . $attribute . '"';
}
Exemplo n.º 2
0
 protected function doAuth($level)
 {
     if (S::identified()) {
         // Nothing to do there
         return User::getSilentWithValues(null, array('uid' => S::i('uid')));
     }
     if (!Get::has('auth')) {
         return null;
     }
     global $globals;
     if (md5('1' . S::v('challenge') . $globals->xnet->secret . Get::i('uid') . '1') != Get::v('auth')) {
         return null;
     }
     Get::kill('auth');
     S::set('auth', AUTH_PASSWD);
     return User::getSilentWithValues(null, array('uid' => Get::i('uid')));
 }
Exemplo n.º 3
0
function get_banana_params(array &$get, $group = null, $action = null, $artid = null)
{
    if ($group == 'forums') {
        $group = null;
    } else {
        if ($group == 'thread') {
            $group = S::v('banana_group');
        } else {
            if ($group == 'message') {
                $action = 'read';
                $group = S::v('banana_group');
                $artid = S::i('banana_artid');
            } else {
                if ($action == 'message') {
                    $action = 'read';
                    $artid = S::i('banana_artid');
                } else {
                    if ($group == 'subscribe' || $group == 'subscription') {
                        $group = null;
                        $action = null;
                        $get['action'] = 'subscribe';
                    } else {
                        if ($group == 'profile') {
                            $group = null;
                            $action = null;
                            $get['action'] = 'profile';
                        }
                    }
                }
            }
        }
    }
    if (!is_null($group)) {
        $get['group'] = $group;
    }
    if (!is_null($action)) {
        if ($action == 'new') {
            $get['action'] = 'new';
        } elseif (!is_null($artid)) {
            $get['artid'] = $artid;
            if ($action == 'reply') {
                $get['action'] = 'new';
            } elseif ($action == 'cancel') {
                $get['action'] = $action;
            } elseif ($action == 'from') {
                $get['first'] = $artid;
                unset($get['artid']);
            } elseif ($action == 'read') {
                $get['part'] = @$_GET['part'];
            } elseif ($action == 'source') {
                $get['part'] = 'source';
            } elseif ($action == 'xface') {
                $get['part'] = 'xface';
            } elseif ($action) {
                $get['part'] = str_replace('.', '/', $action);
            }
            if (Get::v('action') == 'showext') {
                $get['action'] = 'showext';
            }
        }
    }
}
Exemplo n.º 4
0
 function handler_moderate($page, $liste = null)
 {
     if (is_null($liste)) {
         return PL_NOT_FOUND;
     }
     $mlist = $this->prepare_list($liste);
     if (!$this->is_group_admin($page)) {
         $this->verify_list_owner($page, $mlist);
     }
     $page->changeTpl('lists/moderate.tpl');
     $page->register_modifier('hdc', 'list_header_decode');
     if (Env::has('sadd') || Env::has('sdel')) {
         S::assert_xsrf_token();
         if (Env::has('sadd')) {
             // Ensure the moderated request is still active
             $sub = $mlist->getPendingSubscription(Env::v('sadd'));
             $mlist->handleRequest(MailingList::REQ_SUBSCRIBE, Env::v('sadd'));
             $info = "validée";
         }
         if (Post::has('sdel')) {
             // Ensure the moderated request is still active
             $sub = $mlist->getPendingSubscription(Env::v('sdel'));
             $mlist->handleRequest(MailingList::REQ_REJECT, Post::v('sdel'), Post::v('reason'));
             $info = "refusée";
         }
         if ($sub) {
             $mailer = new PlMailer();
             $mailer->setFrom($mlist->getAddress(MailingList::KIND_BOUNCE));
             $mailer->addTo($mlist->getAddress(MailingList::KIND_OWNER));
             $mailer->addHeader('Reply-To', $mlist->getAddress(MailingList::KIND_OWNER));
             $mailer->setSubject("L'inscription de {$sub['name']} a été {$info}");
             $text = "L'inscription de {$sub['name']} à la liste " . $mlist->address . " a été {$info} par " . S::user()->fullName(true) . ".\n";
             if (trim(Post::v('reason'))) {
                 $text .= "\nLa raison invoquée est :\n" . Post::v('reason');
             }
             $mailer->setTxtBody(wordwrap($text, 72));
             $mailer->send();
         }
         if (Env::has('sadd')) {
             pl_redirect('lists/moderate/' . $liste);
         }
     }
     if (Post::has('moderate_mails') && Post::has('select_mails')) {
         S::assert_xsrf_token();
         $mails = array_keys(Post::v('select_mails'));
         foreach ($mails as $mail) {
             $this->moderate_mail($mlist, $mail);
         }
     } elseif (Env::has('mid')) {
         if (Get::has('mid') && !Env::has('mok') && !Env::has('mdel')) {
             require_once 'banana/moderate.inc.php';
             $page->changeTpl('lists/moderate_mail.tpl');
             $params = array('listname' => $mlist->mbox, 'domain' => $mlist->domain, 'artid' => Get::i('mid'), 'part' => Get::v('part'), 'action' => Get::v('action'));
             $params['client'] = $this->prepare_client();
             run_banana($page, 'ModerationBanana', $params);
             $msg = file_get_contents('/etc/mailman/fr/refuse.txt');
             $msg = str_replace("%(adminaddr)s", $mlist->getAddress(MailingList::KIND_OWNER), $msg);
             $msg = str_replace("%(request)s", "<< SUJET DU MAIL >>", $msg);
             $msg = str_replace("%(reason)s", "<< TON EXPLICATION >>", $msg);
             $msg = str_replace("%(listname)s", $liste, $msg);
             $page->assign('msg', $msg);
             return;
         }
         $this->moderate_mail($mlist, Env::i('mid'));
     } elseif (Env::has('sid')) {
         if (list($subs, $mails) = $this->get_pending_ops($mlist)) {
             foreach ($subs as $user) {
                 if ($user['id'] == Env::v('sid')) {
                     $page->changeTpl('lists/moderate_sub.tpl');
                     $page->assign('del_user', $user);
                     return;
                 }
             }
         }
     }
     if (list($subs, $mails) = $this->get_pending_ops($mlist)) {
         foreach ($mails as $key => $mail) {
             $mails[$key]['stamp'] = strftime("%Y%m%d%H%M%S", $mail['stamp']);
             if ($mail['fromx']) {
                 $page->assign('with_fromx', true);
             } else {
                 $page->assign('with_nonfromx', true);
             }
         }
         $page->assign_by_ref('subs', $subs);
         $page->assign_by_ref('mails', $mails);
     } else {
         $page->kill("La liste n'existe pas ou tu n'as pas le droit de la modérer.");
     }
 }
Exemplo n.º 5
0
 function handler_exit($page, $level = null)
 {
     if (S::suid()) {
         $old = S::user()->login();
         S::logger()->log('suid_stop', $old . " by " . S::suid('hruid'));
         Platal::session()->stopSUID();
         $target = S::s('suid_startpage');
         S::kill('suid_startpage');
         if (!empty($target)) {
             http_redirect($target);
         }
         pl_redirect('admin/user/' . $old);
     }
     if ($level == 'forget' || $level == 'forgetall') {
         Platal::session()->killAccessCookie();
     }
     if ($level == 'forgetuid' || $level == 'forgetall') {
         Platal::session()->killLoginFormCookies();
     }
     if (S::logged()) {
         S::logger()->log('deconnexion', @$_SERVER['HTTP_REFERER']);
         Platal::session()->destroy();
     }
     if (Get::has('redirect')) {
         http_redirect(rawurldecode(Get::v('redirect')));
     } else {
         $page->changeTpl('platal/exit.tpl');
     }
 }
Exemplo n.º 6
0
 function handler_preview($page)
 {
     $page->changeTpl('events/preview.tpl', NO_SKIN);
     $texte = Get::v('texte');
     if (!is_utf8($texte)) {
         $texte = utf8_encode($texte);
     }
     $titre = Get::v('titre');
     if (!is_utf8($titre)) {
         $titre = utf8_encode($titre);
     }
     $page->assign('texte', $texte);
     $page->assign('titre', $titre);
     pl_content_headers("text/html");
 }
Exemplo n.º 7
0
 function handler_xnet_payment($page, $pid = null)
 {
     global $globals;
     $perms = S::v('perms');
     if (is_null($pid)) {
         if (!(S::identified() && $perms->hasFlag('groupadmin'))) {
             return PL_FORBIDDEN;
         }
     } else {
         if (!(S::identified() && $perms->hasFlag('groupmember'))) {
             $res = XDB::query("SELECT  1\n                                     FROM  group_events AS e\n                               INNER JOIN  group_event_participants AS ep ON (ep.eid = e.eid AND ep.uid = {?})\n                                    WHERE  e.paiement_id = {?} AND e.asso_id = {?}", S::i('uid'), $pid, $globals->asso('id'));
             $public = XDB::query("SELECT  1\n                                        FROM  payments     AS p\n                                  INNER JOIN  group_events AS g ON (g.paiement_id = p.id)\n                                       WHERE  g.asso_id = {?} AND p.id = {?} AND FIND_IN_SET('public', p.flags)", $globals->asso('id'), $pid);
             if ($res->numRows() == 0 && $public->numRows() == 0) {
                 return PL_FORBIDDEN;
             }
         }
     }
     if (!is_null($pid)) {
         return $this->handler_payment($page, $pid);
     }
     $page->changeTpl('payment/xnet.tpl');
     $res = XDB::query("SELECT  id, text, url\n                   FROM  payments\n                  WHERE  asso_id = {?} AND NOT FIND_IN_SET('old', flags)\n               ORDER BY  id DESC", $globals->asso('id'));
     $tit = $res->fetchAllAssoc();
     $page->assign('titles', $tit);
     $trans = array();
     $event = array();
     if (may_update()) {
         static $orders = array('ts_confirmed' => 'p', 'directory_name' => 'a', 'promo' => 'pd', 'comment' => 'p', 'amount' => 'p');
         if (Get::has('order_id') && Get::has('order') && array_key_exists(Get::v('order'), $orders)) {
             $order_id = Get::i('order_id');
             $order = Get::v('order');
             $ordering = ' ORDER BY ' . $orders[$order] . '.' . $order;
             if (Get::has('order_inv') && Get::i('order_inv') == 1) {
                 $ordering .= ' DESC';
                 $page->assign('order_inv', 0);
             } else {
                 $page->assign('order_inv', 1);
             }
             $page->assign('order_id', $order_id);
             $page->assign('order', $order);
             $page->assign('anchor', 'legend_' . $order_id);
         } else {
             $order_id = false;
             $ordering = '';
             $page->assign('order', false);
         }
     } else {
         $ordering = '';
         $page->assign('order', false);
     }
     foreach ($tit as $foo) {
         $pid = $foo['id'];
         if (may_update()) {
             $res = XDB::query('SELECT  p.uid, IF(p.ts_confirmed = \'0000-00-00\', 0, p.ts_confirmed) AS date, p.comment, p.amount
                                  FROM  payment_transactions AS p
                            INNER JOIN  accounts             AS a  ON (a.uid = p.uid)
                             LEFT JOIN  account_profiles     AS ap ON (ap.uid = p.uid AND FIND_IN_SET(\'owner\', ap.perms))
                             LEFT JOIN  profile_display      AS pd ON (ap.pid = pd.pid)
                                 WHERE  p.ref = {?}' . ($order_id == $pid ? $ordering : ''), $pid);
             $trans[$pid] = User::getBulkUsersWithUIDs($res->fetchAllAssoc(), 'uid', 'user');
             $sum = 0;
             foreach ($trans[$pid] as $i => $t) {
                 $sum += $t['amount'];
                 $trans[$pid][$i]['amount'] = $t['amount'];
             }
             $trans[$pid][] = array('limit' => true, 'amount' => $sum);
         }
         $res = XDB::iterRow("SELECT  e.eid, e.short_name, e.intitule, ep.nb, ei.montant, ep.paid\n                                   FROM  group_events             AS e\n                              LEFT JOIN  group_event_participants AS ep ON (ep.eid = e.eid AND ep.uid = {?})\n                             INNER JOIN  group_event_items        AS ei ON (ep.eid = ei.eid AND ep.item_id = ei.item_id)\n                                  WHERE  e.paiement_id = {?}", S::v('uid'), $pid);
         $event[$pid] = array();
         $event[$pid]['paid'] = 0;
         if ($res->total()) {
             $event[$pid]['topay'] = 0;
             while (list($eid, $shortname, $title, $nb, $montant, $paid) = $res->next()) {
                 $event[$pid]['topay'] += $nb * $montant;
                 $event[$pid]['eid'] = $eid;
                 $event[$pid]['shortname'] = $shortname;
                 $event[$pid]['title'] = $title;
                 $event[$pid]['ins'] = !is_null($nb);
                 $event[$pid]['paid'] = $paid;
             }
         }
         $res = XDB::query('SELECT  SUM(amount) AS sum_amount
                              FROM  payment_transactions
                             WHERE  ref = {?} AND uid = {?}', $pid, S::v('uid'));
         $event[$pid]['paid'] = $res->fetchOneCell();
     }
     $page->register_modifier('decode_comment', 'decode_comment');
     $page->assign('trans', $trans);
     $page->assign('event', $event);
 }
Exemplo n.º 8
0
 function handler_groups2($page)
 {
     $this->handler_groups($page, Get::v('cat'), Get::v('dom'));
 }
Exemplo n.º 9
0
 function handler_lists($page, $order_by = null, $order = null)
 {
     require_once 'emails.inc.php';
     if (!$this->get_lists_domain()) {
         return PL_NOT_FOUND;
     }
     $page->changeTpl('xnetlists/index.tpl');
     if (Get::has('del')) {
         S::assert_xsrf_token();
         $mlist = $this->prepare_list(Get::v('del'));
         $mlist->unsubscribe();
         pl_redirect('lists');
     }
     if (Get::has('add')) {
         S::assert_xsrf_token();
         $mlist = $this->prepare_list(Get::v('add'));
         $mlist->subscribe();
         pl_redirect('lists');
     }
     if (Post::has('del_alias') && may_update()) {
         S::assert_xsrf_token();
         $alias = Post::t('del_alias');
         list($local_part, ) = explode('@', $alias);
         delete_list_alias($local_part, $this->get_lists_domain());
         $page->trigSuccess($alias . ' supprimé&nbsp;!');
     }
     $client = $this->prepare_client();
     $listes = $client->get_lists();
     // Default ordering is by ascending names.
     if (is_null($order_by) || is_null($order) || !in_array($order_by, array('list', 'desc', 'nbsub')) || !in_array($order, array('asc', 'desc'))) {
         $order_by = 'list';
         $order = 'asc';
     }
     $compare = function ($a, $b) use($order_by, $order) {
         switch ($order_by) {
             case 'desc':
                 $a[$order_by] = replace_accent($a[$order_by]);
                 $b[$order_by] = replace_accent($b[$order_by]);
             case 'list':
                 $res = strcasecmp($a[$order_by], $b[$order_by]);
                 break;
             case 'nbsub':
                 $res = $a[$order_by] - $b[$order_by];
                 break;
             default:
                 $res = 0;
         }
         if ($order == 'asc') {
             return $res;
         }
         return $res * -1;
     };
     usort($listes, $compare);
     $page->assign('listes', $listes);
     $page->assign('order_by', $order_by);
     $page->assign('order', $order);
     $page->assign('aliases', iterate_list_alias($this->get_lists_domain()));
     $page->assign('may_update', may_update());
     if (S::suid()) {
         $page->trigWarning("Attention&nbsp;: l'affichage des listes de diffusion ne tient pas compte de l'option « Voir le site comme&hellip; ».");
     }
     global $globals;
     if (count($listes) > 0 && !$globals->asso('has_ml')) {
         XDB::execute("UPDATE  groups\n                             SET  flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'has_ml')\n                           WHERE  id = {?}", $globals->asso('id'));
     }
 }