function handler_coml_remaining($page) { pl_content_headers('text/html'); $page->changeTpl('newsletter/remaining.tpl', NO_SKIN); $article = new ComLArticle('', Post::t('body'), ''); $rest = $article->remain(); $page->assign('too_long', $rest['remaining_lines'] < 0); $page->assign('last_line', $rest['remaining_lines'] == 0); $page->assign('remaining', $rest['remaining_lines'] == 0 ? $rest['remaining_characters_for_last_line'] : $rest['remaining_lines']); }
function handler_map_url($page) { pl_content_headers('text/plain'); if (Post::has('text')) { $address = new Address(array('text' => Post::t('text'))); $gmapsGeocoder = new GMapsGeocoder(); $gmapsGeocoder->getGeocodedAddress($address); echo GMapsGeocoder::buildStaticMapURL($address->latitude, $address->longitude, Post::t('color')); } exit; }
function send_robot_homonym(PlUser $user, $email) { $cc = "validation+homonyme@" . Platal::globals()->mail->domain; $from = "\"Support Polytechnique.org\" <{$cc}>"; $body = Post::has('mailbody') ? Post::t('mailbody') : get_robot_mail_text($user, $email); $user = User::getSilentWithUID($user->id()); $mymail = new PlMailer(); $mymail->setFrom($from); $mymail->setSubject("Mise en place du robot {$email}@" . $user->mainEmailDomain()); $mymail->addCc($cc); $mymail->setTxtBody($body); $mymail->sendTo($user); }
function handler_admin_url($page) { $page->changeTpl('urlshortener/admin.tpl'); if (!Post::has('url')) { return; } $url = Post::t('url'); $alias = Post::t('alias'); $url_regex = '{^(https?|ftp)://[a-zA-Z0-9._%#+/?=&~-]+$}i'; if (strlen($url) > 255 || !preg_match($url_regex, $url)) { $page->trigError("L'url donnée n'est pas valide."); return; } $page->assign('url', $url); if ($alias != '') { if (!preg_match('/^[a-zA-Z0-9\\-\\/]+$/i', $alias)) { $page->trigError("L'alias proposé n'est pas valide."); return; } if (preg_match('/^a\\//i', $alias)) { $page->trigError("L'alias commence par le préfixe 'a/' qui est réservé et donc non autorisé."); return; } $page->assign('alias', $alias); $used = XDB::fetchOneCell('SELECT COUNT(*) FROM url_shortener WHERE alias = {?}', $alias); if ($used != 0) { $page->trigError("L'alias proposé est déjà utilisé."); return; } } else { do { $alias = 'a/' . rand_token(6); $used = XDB::fetchOneCell('SELECT COUNT(*) FROM url_shortener WHERE alias = {?}', $alias); } while ($used != 0); $page->assign('alias', $alias); } XDB::execute('INSERT INTO url_shortener (url, alias) VALUES ({?}, {?})', $url, $alias); $page->trigSuccess("L'url « " . $url . ' » est maintenant accessible depuis « http://u.w4x.org/' . $alias . ' ».'); }
protected function handle_editor() { global $globals; if (Env::has('listname')) { $this->liste = Post::t('listname'); } if (Env::has('domainname')) { $this->domain = Post::t('domainname'); } if (Env::has('assotype')) { $this->asso = Post::t('assotype'); } if (!$this->asso) { $this->domain = $globals->mail->domain; } foreach ($this->owners as $key => &$email) { $email = Post::t('owners_' . $key); } foreach ($this->members as $key => &$email) { $email = Post::t('members_' . $key); } return true; }
function handler_aaliases($page, $alias = null) { global $globals; require_once 'emails.inc.php'; $page->setTitle('Administration - Aliases'); if (Post::has('new_alias')) { pl_redirect('admin/aliases/' . Post::t('new_alias') . '@' . $globals->mail->domain); } // If no alias, list them all. if (is_null($alias)) { $page->changeTpl('lists/admin_aliases.tpl'); $page->assign('aliases', array_merge(iterate_list_alias($globals->mail->domain), iterate_list_alias($globals->mail->domain2))); return; } list($local_part, $domain) = explode('@', $alias); if (!($globals->mail->domain == $domain || $globals->mail->domain2 == $domain) || !preg_match("/^[a-zA-Z0-9\\-\\.]*\$/", $local_part)) { $page->trigErrorRedirect('Le nom de l\'alias est erroné.', $globals->asso('diminutif') . 'admin/aliases'); } // Now we can perform the action. if (Post::has('del_alias')) { S::assert_xsrf_token(); delete_list_alias($local_part, $domain); $page->trigSuccessRedirect($alias . ' supprimé.', 'admin/aliases'); } if (Post::has('add_member')) { S::assert_xsrf_token(); if (add_to_list_alias(Post::t('add_member'), $local_part, $domain)) { $page->trigSuccess('Ajout réussit.'); } else { $page->trigError('Ajout infructueux.'); } } if (Get::has('del_member')) { S::assert_xsrf_token(); if (delete_from_list_alias(Get::t('del_member'), $local_part, $domain)) { $page->trigSuccess('Suppression réussie.'); } else { $page->trigError('Suppression infructueuse.'); } } $page->changeTpl('lists/admin_edit_alias.tpl'); $page->assign('members', list_alias_members($local_part, $domain)); $page->assign('alias', $alias); }
function handler_broken($page, $uid = null) { $page->changeTpl('marketing/broken.tpl'); if (is_null($uid)) { return PL_NOT_FOUND; } $user = User::get($uid); if (!$user) { return PL_NOT_FOUND; } elseif ($user->login() == S::user()->login()) { pl_redirect('emails/redirect'); } $res = XDB::query('SELECT p.deathdate IS NULL AS alive, r.last, IF(r.type = \'googleapps\', \'googleapps\', r.redirect) AS active_email FROM accounts AS a LEFT JOIN email_redirect_account AS r ON (a.uid = r.uid AND r.type IN (\'smtp\', \'googleapps\') AND r.flags = \'active\') LEFT JOIN account_profiles AS ap ON (ap.uid = r.uid AND FIND_IN_SET(\'owner\', ap.perms)) LEFT JOIN profiles AS p ON (p.pid = ap.pid) WHERE a.uid = {?} ORDER BY r.broken_level, r.last', $user->id()); if (!$res->numRows()) { return PL_NOT_FOUND; } $user->addProperties($res->fetchOneAssoc()); $page->assign('user', $user); $email = null; require_once 'emails.inc.php'; if (Post::has('mail')) { $email = valide_email(Post::v('mail')); } if (Post::has('valide') && isvalid_email_redirection($email, $user)) { S::assert_xsrf_token(); // security stuff check_email($email, "Proposition d'une adresse surveillee pour " . $user->login() . " par " . S::user()->login()); $state = XDB::fetchOneCell('SELECT flags FROM email_redirect_account WHERE redirect = {?} AND uid = {?}', $email, $user->id()); if ($state == 'broken') { $page->trigWarning("L'adresse que tu as fournie est l'adresse actuelle de {$user->fullName()} et est en panne."); } elseif ($state == 'active') { $page->trigWarning("L'adresse que tu as fournie est l'adresse actuelle de {$user->fullName()}"); } elseif ($user->email && !Post::t('comment')) { $page->trigError("Il faut que tu ajoutes un commentaire à ta proposition pour justifier le " . "besoin de changer la redirection de {$user->fullName()}."); } else { $valid = new BrokenReq(S::user(), $user, $email, trim(Post::v('comment'))); $valid->submit(); $page->assign('sent', true); } } elseif ($email) { $page->trigError("L'adresse proposée n'est pas une adresse acceptable pour une redirection."); } }
function handler_register_ext($page, $hash = null) { XDB::execute('DELETE FROM register_pending_xnet WHERE DATE_SUB(NOW(), INTERVAL 1 MONTH) > date'); $res = XDB::fetchOneAssoc('SELECT uid, hruid, email FROM register_pending_xnet WHERE hash = {?}', $hash); if (is_null($hash) || is_null($res)) { $page->trigErrorRedirect('Cette adresse n\'existe pas ou n\'existe plus sur le serveur.', ''); } if (Post::has('pwhash') && Post::t('pwhash')) { XDB::startTransaction(); XDB::query('UPDATE accounts SET password = {?}, state = \'active\', registration_date = NOW() WHERE uid = {?} AND state = \'pending\' AND type = \'xnet\'', Post::t('pwhash'), $res['uid']); XDB::query('DELETE FROM register_pending_xnet WHERE uid = {?}', $res['uid']); XDB::commit(); S::logger($res['uid'])->log('passwd', ''); // Try to start a session (so the user don't have to log in); we will use // the password available in Post:: to authenticate the user. Post::kill('wait'); Platal::session()->startAvailableAuth(); $page->changeTpl('xnet/register.success.tpl'); $page->assign('email', $res['email']); } else { $page->changeTpl('platal/password.tpl'); $page->assign('xnet', true); $page->assign('hruid', $res['hruid']); $page->assign('do_auth', 1); } }
function handler_index($page, $action = null) { require_once 'emails.inc.php'; require_once 'googleapps.inc.php'; $page->changeTpl('googleapps/index.tpl'); $page->setTitle('Compte Google Apps'); $user = S::user(); $account = new GoogleAppsAccount($user); // Fills up the 'is Google Apps redirection active' variable. $redirect_active = false; $redirect_unique = true; $gapps_email = ''; if ($account->active()) { $redirect = new Redirect($user); foreach ($redirect->emails as $email) { if ($email->type == 'googleapps') { $gapps_email = $email->email; $redirect_active = $email->active; $redirect_unique = !$redirect->other_active($email->email); } } } $page->assign('redirect_active', $redirect_active); $page->assign('redirect_unique', $redirect_unique); // Updates the Google Apps account as required. if ($action) { if ($action == 'password' && Post::has('pwsync')) { S::assert_xsrf_token(); if (Post::v('pwsync') == 'sync') { $account->set_password_sync(true); $account->set_password($user->password()); } else { $account->set_password_sync(false); } } elseif ($action == 'password' && Post::has('pwhash') && Post::t('pwhash') && !$account->sync_password) { S::assert_xsrf_token(); $account->set_password(Post::t('pwhash')); } if ($action == 'suspend' && Post::has('suspend') && $account->active()) { S::assert_xsrf_token(); if ($account->pending_update_suspension) { $page->trigWarning("Ton compte est déjà en cours de désactivation."); } else { if (!$redirect_active || $redirect->modify_one_email($gapps_email, false) == SUCCESS) { $account->suspend(); $page->trigSuccess("Ton compte Google Apps est dorénavant désactivé."); } else { $page->trigError("Ton compte Google Apps est ta seule adresse de redirection. Ton compte ne peux pas être désactivé."); } } } elseif ($action == 'unsuspend' && Post::has('unsuspend') && $account->suspended()) { $account->unsuspend(Post::b('redirect_mails', true)); $page->trigSuccess("Ta demande de réactivation a bien été prise en compte."); } if ($action == 'create') { $page->assign('has_password_sync', Get::has('password_sync')); $page->assign('password_sync', Get::b('password_sync', true)); } if ($action == 'create' && Post::has('password_sync') && Post::has('redirect_mails')) { S::assert_xsrf_token(); $password_sync = Post::b('password_sync'); $redirect_mails = Post::b('redirect_mails'); if ($password_sync) { $password = $user->password(); } else { $password = Post::t('pwhash'); } $account->create($password_sync, $password, $redirect_mails); $page->trigSuccess("La demande de création de ton compte Google Apps a bien été enregistrée."); } } $page->assign('account', $account); }
function handler_admin_name($page, $hruid = null) { $page->changeTpl('admin/admin_name.tpl'); if (Post::has('id')) { $user = User::get(Post::t('id')); if (is_null($user)) { $page->trigError("L'identifiant donné ne correspond à personne ou est ambigu."); exit; } pl_redirect('admin/name/' . $user->hruid); } $user = User::getSilent($hruid); if (!is_null($user)) { require_once 'name.func.inc.php'; if ($user->hasProfile()) { $name_types = array('lastname_main' => 'Nom patronymique', 'lastname_marital' => 'Nom marital', 'lastname_ordinary' => 'Nom usuel', 'firstname_main' => 'Prénom', 'firstname_ordinary' => 'Prénom usuel', 'pseudonym' => 'Pseudonyme'); $names = XDB::fetchOneAssoc('SELECT lastname_main, lastname_marital, lastname_ordinary, firstname_main, firstname_ordinary, pseudonym FROM profile_public_names WHERE pid = {?}', $user->profile()->id()); } else { $name_types = array('lastname' => 'Nom', 'firstname' => 'Prénom'); $names = XDB::fetchOneAssoc('SELECT lastname, firstname FROM accounts WHERE uid = {?}', $user->id()); } if (Post::has('correct')) { $new_names = array(); $update = true; foreach ($name_types as $key => $fullname) { $new_names[$key] = Post::t($key); if (mb_strtolower($new_names[$key]) != mb_strtolower($names[$key])) { $update = false; } } if ($update) { if ($user->hasProfile()) { update_public_names($user->profile()->id(), $new_names); update_display_names($user->profile(), $new_names); } else { $new_names['full_name'] = build_full_name($new_names['firstname'], $new_names['lastname']); $new_names['directory_name'] = build_directory_name($new_names['firstname'], $new_names['lastname']); $new_names['sort_name'] = build_sort_name($new_names['firstname'], $new_names['lastname']); XDB::execute('UPDATE accounts SET lastname = {?}, firstname = {?}, full_name = {?}, directory_name = {?}, sort_name = {?} WHERE uid = {?}', $new_names['lastname'], $new_names['firstname'], $new_names['full_name'], $new_names['directory_name'], $new_names['sort_name'], $user->id()); } $page->trigSuccess('Mise à jour réussie.'); } else { $page->trigError('Seuls des changements de casse sont autorisés ici.'); } } if ($user->hasProfile()) { $names = XDB::fetchOneAssoc('SELECT lastname_main, lastname_marital, lastname_ordinary, firstname_main, firstname_ordinary, pseudonym FROM profile_public_names WHERE pid = {?}', $user->profile()->id()); } else { $names = XDB::fetchOneAssoc('SELECT lastname, firstname FROM accounts WHERE uid = {?}', $user->id()); } foreach ($names as $key => $name) { $names[$key] = array('value' => $name, 'standard' => capitalize_name($name)); $names[$key]['different'] = $names[$key]['value'] != $names[$key]['standard']; } $page->assign('uid', $user->id()); $page->assign('hruid', $user->hruid); $page->assign('names', $names); $page->assign('name_types', $name_types); } }
function handler_broken($page, $warn = null, $email = null) { require_once 'emails.inc.php'; $wp = new PlWikiPage('Xorg.PatteCassée'); $wp->buildCache(); global $globals; $page->changeTpl('emails/broken.tpl'); if ($warn == 'warn' && $email) { S::assert_xsrf_token(); // Usual verifications. $email = valide_email($email); $uid = XDB::fetchOneCell('SELECT uid FROM email_redirect_account WHERE redirect = {?}', $email); if ($uid) { $dest = User::getWithUID($uid); $active = XDB::fetchOneCell('SELECT flags FROM email_redirect_account WHERE redirect = {?} AND uid = {?}', $email, $uid) == 'active'; $mail = new PlMailer('emails/broken-web.mail.tpl'); $mail->assign('email', $email); $mail->assign('request', S::user()); $mail->sendTo($dest); $page->trigSuccess('Email envoyé !'); } } elseif (Post::has('email')) { S::assert_xsrf_token(); $email = Post::t('email'); if (!User::isForeignEmailAddress($email)) { $page->assign('neuneu', true); } else { $user = mark_broken_email($email); $page->assign('user', $user); $page->assign('email', $email); } } }
function handler_register($page, $hash = null) { $page->forceSkin('register'); $alert = array(); $alert_details = ''; $subState = new PlDict(S::v('subState', array())); if (!$subState->has('step')) { $subState->set('step', 0); } if (!$subState->has('backs')) { $subState->set('backs', new PlDict()); } if (Get::has('back') && Get::i('back') < $subState->i('step')) { $subState->set('step', max(0, Get::i('back'))); $subState->v('backs')->set($subState->v('backs')->count() + 1, $subState->dict()); $subState->v('backs')->kill('backs'); if ($subState->v('backs')->count() == 3) { $alert[] = "Tentative d'inscription très hésitante"; $alert_details .= "\n * Retours en arrières : 3."; } } if ($hash) { $res = XDB::query("SELECT a.uid, a.hruid, ppn.lastname_initial AS lastname, ppn.firstname_initial AS firstname, p.xorg_id AS xorgid,\n pd.promo, pe.promo_year AS yearpromo, pde.degree AS edu_type,\n p.birthdate_ref AS birthdateRef, FIND_IN_SET('watch', a.flags) AS watch, m.hash, a.type, a.comment\n FROM register_marketing AS m\n INNER JOIN accounts AS a ON (m.uid = a.uid)\n INNER JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profiles AS p ON (p.pid = ap.pid)\n INNER JOIN profile_display AS pd ON (p.pid = pd.pid)\n INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n INNER JOIN profile_education_degree_enum AS pde ON (pde.id = pe.degreeid)\n INNER JOIN profile_public_names AS ppn ON (ppn.pid = p.pid)\n WHERE m.hash = {?} AND a.state = 'pending'", $hash); if ($res->numRows() == 1) { $subState->merge($res->fetchOneRow()); $subState->set('main_mail_domain', User::$sub_mail_domains[$subState->v('type')]); XDB::execute('INSERT INTO register_mstats (uid, sender, success) SELECT m.uid, m.sender, 0 FROM register_marketing AS m WHERE m.hash ON DUPLICATE KEY UPDATE sender = VALUES(sender), success = VALUES(success)', $subState->s('hash')); } } switch ($subState->i('step')) { case 0: $wp = new PlWikiPage('Reference.Charte'); $wp->buildCache(); if (Post::has('step1')) { $subState->set('step', 1); if ($subState->has('hash')) { $subState->set('step', 3); $this->load('register.inc.php'); createAliases($subState); } } break; case 1: if (Post::has('yearpromo')) { $edu_type = Post::t('edu_type'); $yearpromo = Post::i('yearpromo'); $promo = Profile::$cycle_prefixes[$edu_type] . $yearpromo; $res = XDB::query("SELECT COUNT(*)\n FROM accounts AS a\n INNER JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))\n INNER JOIN profiles AS p ON (p.pid = ap.pid)\n INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET('primary', pe.flags))\n WHERE a.state = 'pending' AND p.deathdate IS NULL AND pe.promo_year = {?}", $yearpromo); if (!$res->fetchOneCell()) { $error = 'La promotion saisie est incorrecte ou tous les camarades de cette promotion sont inscrits !'; } else { $subState->set('step', 2); $subState->set('promo', $promo); $subState->set('yearpromo', $yearpromo); $subState->set('edu_type', $edu_type); if ($edu_type == Profile::DEGREE_X) { if ($yearpromo >= 1996 && $yearpromo < 2000) { $subState->set('schoolid', $yearpromo % 100 * 10 . '???'); $subState->set('schoolid_exemple', $yearpromo % 100 * 10000 + 532); $subState->set('schoolid_exemple_ev2', ($yearpromo + 1) % 100 * 10000 + 532); } elseif ($yearpromo >= 2000) { $subState->set('schoolid', 100 + $yearpromo % 100 . '???'); $subState->set('schoolid_exemple', (100 + $yearpromo % 100) * 1000 + 532); $subState->set('schoolid_exemple_ev2', (100 + ($yearpromo + 1) % 100) * 1000 + 532); } } } } break; case 2: if (count($_POST)) { $this->load('register.inc.php'); $subState->set('firstname', Post::t('firstname')); $subState->set('lastname', Post::t('lastname')); if (Post::has('schoolid')) { $subState->set('schoolid', Post::i('schoolid')); } $error = checkNewUser($subState); if ($error !== true) { break; } $error = createAliases($subState); if ($error === true) { unset($error); $subState->set('step', 3); } } break; case 3: if (count($_POST)) { $this->load('register.inc.php'); // Validate the email address format and domain. require_once 'emails.inc.php'; $user = User::get($subState->s('uid')); if (!isvalid_email(Post::v('email'))) { $error[] = "Le champ 'Email' n'est pas valide."; } elseif (!isvalid_email_redirection(Post::v('email'), $user)) { $error[] = $subState->s('forlife') . ' doit renvoyer vers un email existant ' . 'valide, en particulier, il ne peut pas être renvoyé vers lui-même.'; } // Validate the birthday format and range. $birth = Post::t('birthdate'); if (!preg_match('@^[0-3]?\\d/[01]?\\d/(19|20)?\\d{2}$@', $birth)) { $error[] = "La 'Date de naissance' n'est pas correcte."; } else { $birth = explode('/', $birth, 3); for ($i = 0; $i < 3; ++$i) { $birth[$i] = intval($birth[$i]); } if ($birth[2] < 100) { $birth[2] += 1900; } $year = $birth[2]; $ref_year = substr($subState->v('birthdateRef'), 0, 4); if (abs($ref_year - $year) > 2) { $error[] = "La 'Date de naissance' n'est pas correcte."; $alert[] = "Date de naissance incorrecte à l'inscription"; $alert_details .= "\n * Date de naissance renseignée : " . Post::t('birthdate'); if ($subState->v('birthdateRef') == '0000-00-00') { $alert_details .= ' (date inconnue)'; } else { $alert_details .= ' (date connue : ' . $subState->v('birthdateRef') . ')'; } $subState->set('wrong_birthdate', $birth); } } // Register the optional services requested by the user. $services = array(); foreach (array('com_letters', 'imap', 'ml_promo', 'nl') as $service) { if (Post::b($service)) { $services[] = $service; } } $subState->set('services', $services); // Validate the password. if (!Post::v('pwhash', false)) { $error[] = "Le mot de passe n'est pas valide."; } // Check if the given email is known as dangerous. $res = XDB::query("SELECT state, description\n FROM email_watch\n WHERE email = {?} AND state != 'safe'", Post::v('email')); $bannedEmail = false; if ($res->numRows()) { list($state, $description) = $res->fetchOneRow(); $alert[] = "Email surveillé proposé à l'inscription"; $alert_details .= "\n * Email surveillé : " . Post::v('email'); $subState->set('email_desc', $description); if ($state == 'dangerous') { $bannedEmail = true; } } if ($subState->i('watch') != 0) { $alert[] = "Inscription d'un utilisateur surveillé"; $alert_details .= "\n * Commentaire pour la surveillance : " . $subState->v('comment'); } if ($bannedIp = check_ip('unsafe')) { unset($error); } if (isset($error)) { $error = join('<br />', $error); } else { $subState->set('birthdate', sprintf("%04d-%02d-%02d", intval($birth[2]), intval($birth[1]), intval($birth[0]))); $subState->set('email', Post::t('email')); $subState->set('password', Post::t('pwhash')); // Update the current alert if the birthdate is incorrect, // or if the IP address of the user has been banned. if ($subState->s('birthdateRef') != '0000-00-00' && $subState->s('birthdateRef') != $subState->s('birthdate')) { $alert[] = "Date de naissance incorrecte à l'inscription"; $alert_details .= "\n * Date de naissance renseignée : " . Post::t('birthdate'); if ($subState->v('birthdateRef') == '0000-00-00') { $alert_details .= ' (date inconnue)'; } else { $alert_details .= ' (date connue : ' . $subState->v('birthdateRef') . ')'; } } if ($bannedIp) { $alert[] = "Tentative d'inscription depuis une IP surveillée"; $alert_details .= "\n * IP surveillée : " . $_SESSION['check_ip']; } // Prevent banned user from actually registering; save the current state for others. if ($bannedEmail || $bannedIp) { global $globals; $error = "Une erreur s'est produite lors de l'inscription." . " Merci de contacter <a href='mailto:register@{$globals->mail->domain}>" . " register@{$globals->mail->domain}</a>" . " pour nous faire part de cette erreur."; } else { $subState->set('step', 4); if ($subState->v('backs')->count() >= 3) { $alert[] = "Fin d'une inscription hésitante"; $alert_details .= "\n * Nombre de retours en arrière : " . $subState->v('backs')->count(); } finishRegistration($subState); } } } break; } $_SESSION['subState'] = $subState->dict(); if (count($alert)) { $alert_details = "Détails des alertes :" . $alert_details . "\n\n"; $alert_details .= 'Compte concerné : ' . $subState->s('forlife') . ' (redirection vers : ' . ($subState->s('email') == '' ? Post::t('email') : $subState->s('email')) . ")\n\n\n"; send_warning_mail(implode(' - ', $alert), $alert_details); } $page->changeTpl('register/step' . $subState->i('step') . '.tpl'); if (isset($error)) { $page->trigError($error); } }
function handler_admin_member($page, $user) { global $globals; $user = User::getSilent($user); if (empty($user)) { return PL_NOT_FOUND; } if (!$user->inGroup($globals->asso('id'))) { pl_redirect('annuaire'); } $page->changeTpl('xnetgrp/membres-edit.tpl'); $page->addJsLink('xnet_members.js'); $mmlist = new MMList(S::user(), $globals->asso('mail_domain')); if (Post::has('change')) { S::assert_xsrf_token(); require_once 'emails.inc.php'; require_once 'name.func.inc.php'; // Convert user status to X if (!Post::blank('x')) { $forlife = $this->changeLogin($page, $user, Post::i('userid'), Post::b('broken'), Post::b('marketing'), Post::v('marketing_from')); if ($forlife) { pl_redirect('member/' . $forlife); } } // Update user info if ($user->type == 'virtual' || $user->type == 'xnet' && !$user->perms) { $lastname = capitalize_name(Post::t('lastname')); if (Post::s('type') != 'virtual') { $firstname = capitalize_name(Post::t('firstname')); } else { $firstname = ''; } $full_name = build_full_name($firstname, $lastname); $directory_name = build_directory_name($firstname, $lastname); $sort_name = build_sort_name($firstname, $lastname); XDB::query('UPDATE accounts SET full_name = {?}, directory_name = {?}, sort_name = {?}, display_name = {?}, firstname = {?}, lastname = {?}, sex = {?}, type = {?} WHERE uid = {?}', $full_name, $directory_name, $sort_name, Post::t('display_name'), $firstname, $lastname, Post::t('sex') == 'male' ? 'male' : 'female', Post::t('type') == 'xnet' ? 'xnet' : 'virtual', $user->id()); } // Updates email. $new_email = strtolower(Post::t('email')); if (($user->type == 'virtual' || $user->type == 'xnet' && !$user->perms) && require_email_update($user, $new_email)) { XDB::query('UPDATE accounts SET email = {?} WHERE uid = {?}', $new_email, $user->id()); if ($user->forlifeEmail()) { $listClient = new MMList(S::user()); $listClient->change_user_email($user->forlifeEmail(), $new_email); update_alias_user($user->forlifeEmail(), $new_email); } $user = User::getWithUID($user->id()); } if (XDB::affectedRows()) { $page->trigSuccess('Données de l\'utilisateur mises à jour.'); } if ($user->type == 'xnet' && !$user->perms) { if (Post::b('suggest')) { $request = new AccountReq(S::user(), $user->hruid, Post::t('email'), $globals->asso('nom'), $globals->asso('diminutif')); $request->submit(); $page->trigSuccess('Le compte va bientôt être activé.'); } if (Post::b('again')) { $this->again($user->id()); $page->trigSuccess('Relance effectuée avec succès.'); } } // Update group params for user $perms = Post::v('group_perms'); $comm = Post::t('comm'); $position = Post::t('group_position') == '' ? null : Post::v('group_position'); if ($user->group_perms != $perms || $user->group_comm != $comm || $user->group_position != $position) { XDB::query('UPDATE group_members SET perms = {?}, comm = {?}, position = {?} WHERE uid = {?} AND asso_id = {?}', $perms == 'admin' ? 'admin' : 'membre', $comm, $position, $user->id(), $globals->asso('id')); if (XDB::affectedRows()) { if ($perms != $user->group_perms) { $page->trigSuccess('Permissions modifiées !'); } if ($comm != $user->group_comm) { $page->trigSuccess('Commentaire mis à jour.'); } if ($position != $user->group_position) { $page->trigSuccess('Poste mis à jour.'); } } } // Gets user info again as they might have change $user = User::getSilent($user->id()); // Update ML subscriptions foreach (Env::v('ml1', array()) as $ml => $state) { $ask = empty($_REQUEST['ml2'][$ml]) ? 0 : 2; if ($ask == $state) { continue; } if ($state == '1') { $page->trigWarning("{$user->fullName()} a " . "actuellement une demande d'inscription en " . "cours sur <strong>{$ml}@</strong> !!!"); } elseif ($ask) { $mmlist->mass_subscribe($ml, array($user->forlifeEmail())); $page->trigSuccess("{$user->fullName()} a été abonné à {$ml}@."); } else { $mmlist->mass_unsubscribe($ml, array($user->forlifeEmail())); $page->trigSuccess("{$user->fullName()} a été désabonné de {$ml}@."); } } // Change subscriptioin to aliases foreach (Env::v('ml3', array()) as $ml => $state) { require_once 'emails.inc.php'; $ask = !empty($_REQUEST['ml4'][$ml]); list($local_part, ) = explode('@', $ml); if ($ask == $state) { continue; } if ($ask) { add_to_list_alias($user->id(), $local_part, $globals->asso('mail_domain')); $page->trigSuccess("{$user->fullName()} a été abonné à {$ml}."); } else { delete_from_list_alias($user->id(), $local_part, $globals->asso('mail_domain')); $page->trigSuccess("{$user->fullName()} a été désabonné de {$ml}."); } } if ($globals->asso('has_nl')) { $nl = NewsLetter::forGroup($globals->asso('shortname')); // Updates group's newsletter subscription. if (Post::i('newsletter') == 1) { $nl->subscribe($user); } else { $nl->unsubscribe(null, $user->id()); } } } $res = XDB::rawFetchAllAssoc('SHOW COLUMNS FROM group_members LIKE \'position\''); $positions = str_replace(array('enum(', ')', '\''), '', $res[0]['Type']); if ($globals->asso('has_nl')) { $nl = NewsLetter::forGroup($globals->asso('shortname')); $nl_registered = $nl->subscriptionState($user); } else { $nl_registered = false; } $page->assign('user', $user); $page->assign('suggest', $this->suggest($user)); $page->assign('listes', $mmlist->get_lists($user->forlifeEmail())); $page->assign('alias', $user->emailGroupAliases($globals->asso('mail_domain'))); $page->assign('positions', explode(',', $positions)); $page->assign('nl_registered', $nl_registered); $page->assign('pending_xnet_account', XDB::fetchOneCell('SELECT 1 FROM register_pending_xnet WHERE uid = {?}', $user->id())); }
function handler_payment($page, $ref = -1) { $page->changeTpl('payment/payment.tpl'); $page->setTitle('Télépaiement'); $this->load('money.inc.php'); $meth = new PayMethod(Env::i('methode', -1)); $pay = new Payment($ref); if (!$pay->flags->hasflag('public') && (!S::user() || !S::logged())) { $page->kill("Vous n'avez pas les permissions nécessaires pour accéder à cette page."); } else { $page->assign('public', true); } if ($pay->flags->hasflag('old')) { $page->kill('La transaction selectionnée est périmée.'); } if (Env::has('montant')) { $pay->amount_def = Env::v('montant'); } $val = Post::v('amount') != 0 ? Post::v('amount') : $pay->amount_def; if (($error = $pay->check($val)) !== true) { $page->trigError($error); } if (Post::has('op') && Post::v('op', 'select') == 'submit') { if (S::logged()) { $user = S::user(); } else { $user = User::getSilent(Post::t('login')); } if (is_null($user)) { $page->trigError("L'identifiant est erroné."); $page->assign('login_error', true); $page->assign('login', Post::t('login')); } else { $pay->init($val, $meth); $pay->prepareform($user); $page->assign('full_name', $user->fullName(true)); $page->assign('sex', $user->isFemale()); } } elseif (S::logged()) { $res = XDB::iterator('SELECT ts_confirmed, amount FROM payment_transactions WHERE uid = {?} AND ref = {?} ORDER BY ts_confirmed DESC', S::v('uid', -1), $pay->id); if ($res->total()) { $page->assign('transactions', $res); } // Only if $id = -1, meaning only for donation the site's association if ($ref == -1) { $biggest_donations = XDB::fetchAllAssoc('SELECT IF(p.display, IF(ap.pid IS NOT NULL, CONCAT(a.full_name, \' (\', pd.promo, \')\'), a.full_name), \'XXXX\') AS name, p.amount, p.ts_confirmed FROM payment_transactions AS p INNER JOIN accounts AS a ON (a.uid = p.uid) LEFT JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET(\'owner\', ap.perms)) LEFT JOIN profile_display AS pd ON (ap.pid = pd.pid) WHERE p.ref = {?} ORDER BY LENGTH(p.amount) DESC, p.amount DESC, name LIMIT 10', $pay->id); $donations = XDB::fetchAllAssoc('(SELECT SUM(amount) AS amount, YEAR(ts_confirmed) AS year, MONTH(ts_confirmed) AS month, ts_confirmed FROM payment_transactions WHERE ref = {?} AND YEAR(ts_confirmed) = YEAR(CURDATE()) GROUP BY month) UNION (SELECT SUM(amount) AS amount, YEAR(ts_confirmed) AS year, 0 AS month, ts_confirmed FROM payment_transactions WHERE ref = {?} AND YEAR(ts_confirmed) < YEAR(CURDATE()) GROUP BY year) ORDER BY year DESC, month DESC', $pay->id, $pay->id); $page->assign('biggest_donations', $biggest_donations); $page->assign('donations', $donations); $page->assign('donation', true); } } $val = floor($val * 100) / 100; $page->assign('amount', $val); $page->assign('comment', Env::v('comment')); $page->assign('meth', $meth); $page->assign('pay', $pay); $page->assign('evtlink', $pay->event()); }
function handler_edit($page) { global $globals; $user = S::user(); if (empty($user)) { return PL_NOT_FOUND; } if ($user->type != 'xnet') { pl_redirect('index'); } $page->changeTpl('xnet/edit.tpl'); if (Post::has('change')) { S::assert_xsrf_token(); // Convert user status to X if (!Post::blank('login_X')) { $forlife = $this->changeLogin($page, $user, Post::t('login_X')); if ($forlife) { pl_redirect('index'); } } require_once 'emails.inc.php'; require_once 'name.func.inc.php'; // Update user info $lastname = capitalize_name(Post::t('lastname')); $firstname = capitalize_name(Post::t('firstname')); $full_name = build_full_name($firstname, $lastname); $directory_name = build_directory_name($firstname, $lastname); $sort_name = build_sort_name($firstname, $lastname); XDB::query('UPDATE accounts SET full_name = {?}, directory_name = {?}, sort_name = {?}, display_name = {?}, firstname = {?}, lastname = {?}, sex = {?} WHERE uid = {?}', $full_name, $directory_name, $sort_name, Post::t('display_name'), Post::t('firstname'), Post::t('lastname'), Post::t('sex') == 'male' ? 'male' : 'female', $user->id()); // Updates email. $new_email = strtolower(Post::t('email')); if (require_email_update($user, $new_email)) { XDB::query('UPDATE accounts SET email = {?} WHERE uid = {?}', $new_email, $user->id()); $listClient = new MMList(S::user()); $listClient->change_user_email($user->forlifeEmail(), $new_email); update_alias_user($user->forlifeEmail(), $new_email); } $user = User::getWithUID($user->id()); S::set('user', $user); $page->trigSuccess('Données mises à jour.'); } $page->addJsLink('password.js'); $page->assign('user', $user); }
function handler_create($page) { if (!$this->get_lists_domain()) { return PL_NOT_FOUND; } $page->changeTpl('xnetlists/create.tpl'); if (!Post::has('submit')) { return; } else { S::assert_xsrf_token(); } if (!Post::has('liste') || !Post::t('liste')) { $page->trigError('Le champs « adresse souhaitée » est vide.'); return; } $list = strtolower(Post::t('liste')); if (!preg_match("/^[a-zA-Z0-9\\-]*\$/", $list)) { $page->trigError('le nom de la liste ne doit contenir que des lettres non accentuées, chiffres et tirets'); return; } require_once 'emails.inc.php'; if (list_exist($list, $this->get_lists_domain())) { $page->trigError('Cet alias est déjà pris.'); return; } if (!Post::t('desc')) { $page->trigError('Le sujet est vide.'); return; } $mlist = $this->prepare_list($list); $success = MailingList::create($mlist->mbox, $mlist->domain, S::user(), Post::t('desc'), Post::t('advertise'), Post::t('modlevel'), Post::t('inslevel'), array(S::user()->forlifeEmail()), array(S::user()->forlifeEmail())); if (!$success) { $page->kill("Un problème est survenu, contacter " . "<a href='mailto:support@m4x.org'>support@m4x.org</a>"); return; } create_list($mlist->mbox, $mlist->domain); global $globals; XDB::execute("UPDATE groups\n SET flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'has_ml')\n WHERE id = {?}", $globals->asso('id')); pl_redirect('lists/admin/' . $list); }