public static function fromExport(array $export)
{
$export = new PlDict($export);
if (!$export->has('type')) {
throw new Exception("Missing type in export");
}
$type = $export->s('type');
$desc = $export->s('order') == 'desc';
switch ($type) {
case 'promo':
return new UFO_Promo($export->v('grade'), $desc);
case 'name':
return new UFO_Name($desc);
case 'score':
case 'registration':
case 'birthday':
case 'profile_update':
case 'death':
case 'uid':
case 'hruid':
case 'pid':
case 'hrpid':
case 'is_admin':
$class = 'UFO_' . str_replace('_', '', $type);
return new $class($desc);
default:
throw new Exception("Unknown order field: {$type}");
}
}
public function fillFromExport($export)
{
$export = new PlDict($export);
if (!$export->has('type')) {
throw new Exception("Missing 'type' field in export.");
}
if ($export->s('type') != self::TYPE_UFB) {
throw new Exception("Unknown type '{$type}' in export.");
}
$this->ufc = UserFilterCondition::fromExport($export->v('condition'));
$this->env = $export->v('env', array());
}
function smarty_function_profile($params, $smarty)
{
$params = new PlDict($params);
$with_promo = $params->b('promo', false) || $params->b('cat', false);
$with_sex = $params->b('sex', true);
$with_link = $params->b('link', true);
$with_dir = $params->b('directory', true);
$with_groupperms = $params->b('groupperms', true);
$raw = $params->b('raw', false);
$user = $params->v('user');
$profile = $params->v('profile');
if (is_int($user) || ctype_digit($user)) {
$user = User::getWithUID($user);
}
if ($with_dir) {
$name = pl_entities($user->directoryName());
} else {
$name = pl_entities($user->fullName());
}
if ($with_promo) {
$promo = $user->category();
if ($promo) {
$name .= ' (' . pl_entities($promo) . ')';
}
}
if ($raw) {
return $name;
}
if ($with_sex && $user->isFemale()) {
$name = '•' . $name;
}
if ($with_link) {
if (is_null($profile)) {
$profile = $user->profile();
}
if ($profile) {
$name = '<a href="profile/' . $profile->hrid() . '" class="popup2">' . $name . '</a>';
}
}
if ($profile && $profile->isDead()) {
$name .= ' †';
} else {
if ($user->lost) {
$name .= ' <a href="https://www.polytechnique.org/marketing/broken/' . $user->hruid . '"><img src="images/icons/error.gif" alt="Patte cassée" /></a>';
}
}
if ($with_groupperms && $user instanceof User && $user->group_perms == 'admin' && !empty($name)) {
$name = '<strong>' . $name . '</strong>';
}
return $name;
}
public function vote(SurveyVote $vote, PlDict $answers)
{
if ($this->flags->hasFlag('noanswer')) {
if ($answers->has($this->qid)) {
throw new Exception("Des réponses ont été données à une question n'en attendant pas");
}
return null;
}
$answer = $vote->getAnswer($this);
if (is_null($answer)) {
return null;
}
if (!$this->buildAnswer($answer, $answers)) {
return $answer;
}
if ($this->flags->hasFlag('mandatory') && is_null($answer->answer)) {
$answer->inError = 'Tu dois répondre à cette question';
}
return $answer;
}
public static function fromExport(array $export)
{
$export = new PlDict($export);
if (!$export->has('conditions')) {
throw new Exception("Cannot build a user filter without conditions");
}
$cond = UserFilterCondition::fromExport($export->v('conditions'));
$sorts = null;
if ($export->has('sorts')) {
$sorts = array();
foreach ($export->v('sorts') as $sort) {
$sorts[] = UserFilterOrder::fromExport($sort);
}
}
return new UserFilter($cond, $sorts);
}
function smarty_function_display_education($params, $smarty)
{
$params = new PlDict($params);
$edu = $params->v('edu');
return display_education($edu->school_short == '' ? $edu->school : $edu->school_short, $edu->school_url, $edu->degree_short, $edu->grad_year, $edu->field, $edu->program, $params->b('full'));
}
/** Static method performing all input validation on the payload.
* @param PlDict $payload The payload to validate
* @return array Errors discovered when validating input
*/
public static function validatePayload(PlDict $payload)
{
$errors = array();
if (!$payload->has('fields')) {
$errors[] = self::ERROR_MISSING_FIELDS;
}
if (!$payload->has('criteria')) {
$errors[] = self::ERROR_MISSING_CRITERIA;
}
if ($payload->has('amount') && $payload->i('amount', -1) < 0) {
$errors[] = self::ERROR_MALFORMED_AMOUNT;
}
if (!is_array($payload->v('order', array()))) {
$errors[] = self::ERROR_MALFORMED_ORDER;
}
return $errors;
}
function handler_register($page, $hash = null)
{
$page->forceSkin('register');
$alert = array();
$alert_details = '';
$subState = new PlDict(S::v('subState', array()));
if (!$subState->has('step')) {
$subState->set('step', 0);
}
if (!$subState->has('backs')) {
$subState->set('backs', new PlDict());
}
if (Get::has('back') && Get::i('back') < $subState->i('step')) {
$subState->set('step', max(0, Get::i('back')));
$subState->v('backs')->set($subState->v('backs')->count() + 1, $subState->dict());
$subState->v('backs')->kill('backs');
if ($subState->v('backs')->count() == 3) {
$alert[] = "Tentative d'inscription très hésitante";
$alert_details .= "\n * Retours en arrières : 3.";
}
}
if ($hash) {
$res = XDB::query("SELECT a.uid, a.hruid, ppn.lastname_initial AS lastname, ppn.firstname_initial AS firstname, p.xorg_id AS xorgid,\n pd.promo, pe.promo_year AS yearpromo, pde.degree AS edu_type,\n p.birthdate_ref AS birthdateRef, FIND_IN_SET('watch', a.flags) AS watch, m.hash, a.type, a.comment\n FROM register_marketing AS m\n INNER JOIN accounts AS a ON (m.uid = a.uid)\n INNER JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profiles AS p ON (p.pid = ap.pid)\n INNER JOIN profile_display AS pd ON (p.pid = pd.pid)\n INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n INNER JOIN profile_education_degree_enum AS pde ON (pde.id = pe.degreeid)\n INNER JOIN profile_public_names AS ppn ON (ppn.pid = p.pid)\n WHERE m.hash = {?} AND a.state = 'pending'", $hash);
if ($res->numRows() == 1) {
$subState->merge($res->fetchOneRow());
$subState->set('main_mail_domain', User::$sub_mail_domains[$subState->v('type')]);
XDB::execute('INSERT INTO register_mstats (uid, sender, success)
SELECT m.uid, m.sender, 0
FROM register_marketing AS m
WHERE m.hash
ON DUPLICATE KEY UPDATE sender = VALUES(sender), success = VALUES(success)', $subState->s('hash'));
}
}
switch ($subState->i('step')) {
case 0:
$wp = new PlWikiPage('Reference.Charte');
$wp->buildCache();
if (Post::has('step1')) {
$subState->set('step', 1);
if ($subState->has('hash')) {
$subState->set('step', 3);
$this->load('register.inc.php');
createAliases($subState);
}
}
break;
case 1:
if (Post::has('yearpromo')) {
$edu_type = Post::t('edu_type');
$yearpromo = Post::i('yearpromo');
$promo = Profile::$cycle_prefixes[$edu_type] . $yearpromo;
$res = XDB::query("SELECT COUNT(*)\n FROM accounts AS a\n INNER JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profiles AS p ON (p.pid = ap.pid)\n INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n WHERE a.state = 'pending' AND p.deathdate IS NULL AND pe.promo_year = {?}", $yearpromo);
if (!$res->fetchOneCell()) {
$error = 'La promotion saisie est incorrecte ou tous les camarades de cette promotion sont inscrits !';
} else {
$subState->set('step', 2);
$subState->set('promo', $promo);
$subState->set('yearpromo', $yearpromo);
$subState->set('edu_type', $edu_type);
if ($edu_type == Profile::DEGREE_X) {
if ($yearpromo >= 1996 && $yearpromo < 2000) {
$subState->set('schoolid', $yearpromo % 100 * 10 . '???');
$subState->set('schoolid_exemple', $yearpromo % 100 * 10000 + 532);
$subState->set('schoolid_exemple_ev2', ($yearpromo + 1) % 100 * 10000 + 532);
} elseif ($yearpromo >= 2000) {
$subState->set('schoolid', 100 + $yearpromo % 100 . '???');
$subState->set('schoolid_exemple', (100 + $yearpromo % 100) * 1000 + 532);
$subState->set('schoolid_exemple_ev2', (100 + ($yearpromo + 1) % 100) * 1000 + 532);
}
}
}
}
break;
case 2:
if (count($_POST)) {
$this->load('register.inc.php');
$subState->set('firstname', Post::t('firstname'));
$subState->set('lastname', Post::t('lastname'));
if (Post::has('schoolid')) {
$subState->set('schoolid', Post::i('schoolid'));
}
$error = checkNewUser($subState);
if ($error !== true) {
break;
}
$error = createAliases($subState);
if ($error === true) {
unset($error);
$subState->set('step', 3);
}
}
break;
case 3:
if (count($_POST)) {
$this->load('register.inc.php');
// Validate the email address format and domain.
require_once 'emails.inc.php';
$user = User::get($subState->s('uid'));
if (!isvalid_email(Post::v('email'))) {
$error[] = "Le champ 'Email' n'est pas valide.";
} elseif (!isvalid_email_redirection(Post::v('email'), $user)) {
$error[] = $subState->s('forlife') . ' doit renvoyer vers un email existant ' . 'valide, en particulier, il ne peut pas être renvoyé vers lui-même.';
}
// Validate the birthday format and range.
$birth = Post::t('birthdate');
if (!preg_match('@^[0-3]?\\d/[01]?\\d/(19|20)?\\d{2}$@', $birth)) {
$error[] = "La 'Date de naissance' n'est pas correcte.";
} else {
$birth = explode('/', $birth, 3);
for ($i = 0; $i < 3; ++$i) {
$birth[$i] = intval($birth[$i]);
}
if ($birth[2] < 100) {
$birth[2] += 1900;
}
$year = $birth[2];
$ref_year = substr($subState->v('birthdateRef'), 0, 4);
if (abs($ref_year - $year) > 2) {
$error[] = "La 'Date de naissance' n'est pas correcte.";
$alert[] = "Date de naissance incorrecte à l'inscription";
$alert_details .= "\n * Date de naissance renseignée : " . Post::t('birthdate');
if ($subState->v('birthdateRef') == '0000-00-00') {
$alert_details .= ' (date inconnue)';
} else {
$alert_details .= ' (date connue : ' . $subState->v('birthdateRef') . ')';
}
$subState->set('wrong_birthdate', $birth);
}
}
// Register the optional services requested by the user.
$services = array();
foreach (array('com_letters', 'imap', 'ml_promo', 'nl') as $service) {
if (Post::b($service)) {
$services[] = $service;
}
}
$subState->set('services', $services);
// Validate the password.
if (!Post::v('pwhash', false)) {
$error[] = "Le mot de passe n'est pas valide.";
}
// Check if the given email is known as dangerous.
$res = XDB::query("SELECT state, description\n FROM email_watch\n WHERE email = {?} AND state != 'safe'", Post::v('email'));
$bannedEmail = false;
if ($res->numRows()) {
list($state, $description) = $res->fetchOneRow();
$alert[] = "Email surveillé proposé à l'inscription";
$alert_details .= "\n * Email surveillé : " . Post::v('email');
$subState->set('email_desc', $description);
if ($state == 'dangerous') {
$bannedEmail = true;
}
}
if ($subState->i('watch') != 0) {
$alert[] = "Inscription d'un utilisateur surveillé";
$alert_details .= "\n * Commentaire pour la surveillance : " . $subState->v('comment');
}
if ($bannedIp = check_ip('unsafe')) {
unset($error);
}
if (isset($error)) {
$error = join('<br />', $error);
} else {
$subState->set('birthdate', sprintf("%04d-%02d-%02d", intval($birth[2]), intval($birth[1]), intval($birth[0])));
$subState->set('email', Post::t('email'));
$subState->set('password', Post::t('pwhash'));
// Update the current alert if the birthdate is incorrect,
// or if the IP address of the user has been banned.
if ($subState->s('birthdateRef') != '0000-00-00' && $subState->s('birthdateRef') != $subState->s('birthdate')) {
$alert[] = "Date de naissance incorrecte à l'inscription";
$alert_details .= "\n * Date de naissance renseignée : " . Post::t('birthdate');
if ($subState->v('birthdateRef') == '0000-00-00') {
$alert_details .= ' (date inconnue)';
} else {
$alert_details .= ' (date connue : ' . $subState->v('birthdateRef') . ')';
}
}
if ($bannedIp) {
$alert[] = "Tentative d'inscription depuis une IP surveillée";
$alert_details .= "\n * IP surveillée : " . $_SESSION['check_ip'];
}
// Prevent banned user from actually registering; save the current state for others.
if ($bannedEmail || $bannedIp) {
global $globals;
$error = "Une erreur s'est produite lors de l'inscription." . " Merci de contacter <a href='mailto:register@{$globals->mail->domain}>" . " register@{$globals->mail->domain}</a>" . " pour nous faire part de cette erreur.";
} else {
$subState->set('step', 4);
if ($subState->v('backs')->count() >= 3) {
$alert[] = "Fin d'une inscription hésitante";
$alert_details .= "\n * Nombre de retours en arrière : " . $subState->v('backs')->count();
}
finishRegistration($subState);
}
}
}
break;
}
$_SESSION['subState'] = $subState->dict();
if (count($alert)) {
$alert_details = "Détails des alertes :" . $alert_details . "\n\n";
$alert_details .= 'Compte concerné : ' . $subState->s('forlife') . ' (redirection vers : ' . ($subState->s('email') == '' ? Post::t('email') : $subState->s('email')) . ")\n\n\n";
send_warning_mail(implode(' - ', $alert), $alert_details);
}
$page->changeTpl('register/step' . $subState->i('step') . '.tpl');
if (isset($error)) {
$page->trigError($error);
}
}
public static function fromExport(array $export)
{
$export = new PlDict($export);
if (!$export->has('type')) {
throw new Exception("Missing type in export");
}
$type = $export->s('type');
$cond = null;
switch ($type) {
case 'and':
case 'or':
case 'not':
case 'true':
case 'false':
$class = 'pfc_' . $type;
$cond = new $class();
break;
case 'host':
if ($export->has('ip')) {
$cond = new UFC_Ip($export->s('ip'));
}
break;
case 'comment':
if ($export->has('text') && $export->s('comparison') == self::OP_CONTAINS) {
$cond = new UFC_Comment($export->s('text'));
}
break;
case 'promo':
if ($export->has('promo') && self::isNumericComparison($export->s('comparison'))) {
$cond = new UFC_Promo($export->s('comparison'), $export->s('grade', UserFilter::DISPLAY), $export->s('promo'));
}
break;
case 'lastname':
case 'name':
case 'firstname':
case 'nickname':
case 'pseudonym':
if ($export->has('text')) {
$flag = self::xdbWildcardFromComparison($export->s('comparison'));
if ($export->b('search_in_variants')) {
$flag |= UFC_Name::VARIANTS;
}
if ($export->b('search_in_particle')) {
$flag |= UFC_Name::PARTICLE;
}
$cond = new UFC_Name($type, $export->s('text'), $flag);
}
break;
case 'account_type':
case 'account_perm':
case 'hrpid':
case 'hruid':
$values = $export->v('values', array());
$class = 'ufc_' . str_replace('_', '', $type);
$cond = new $class($values);
break;
case 'school_id':
$values = $export->v('values', array());
$school_type = $export->s('school_type');
$cond = new UFC_SchoolId($school_type, $values);
break;
case 'has_profile':
case 'has_email_redirect':
case 'has_valid_email':
$class = 'ufc_' . str_replace('_', '', $type);
$cond = new $class();
break;
default:
throw new Exception("Unknown condition type: {$type}");
}
if (is_null($cond)) {
throw new Exception("Unsupported {$type} definition");
}
if ($cond instanceof PFC_NChildren) {
$children = $export->v('children', array());
foreach ($children as $child) {
$cond->addChild(self::fromExport($child));
}
} else {
if ($cond instanceof PFC_OneChild) {
if ($export->has('child')) {
$cond->setChild(self::fromExport($export->v('child')));
}
}
}
return $cond;
}