/** Ensure the current user owns the given MailingList. */ protected function verify_list_owner($page, $mlist) { if (list(, , $owners) = $mlist->getMembers()) { if (!(in_array(S::user()->forlifeEmail(), $owners) || S::admin())) { $page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer."); } } else { $page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer.<br />" . " Si tu penses qu'il s'agit d'une erreur, " . "<a href='mailto:support@polytechnique.org'>contact le support</a>."); } }
public function save(ProfilePage $page, $field, $value) { $deletePrivate = S::user()->isMe($page->owner) || S::admin(); Phone::deletePhones($page->pid(), Phone::LINK_ADDRESS, null, $deletePrivate); Address::deleteAddresses($page->pid(), Address::LINK_PROFILE, null, null, $deletePrivate); AddressReq::purge_requests($page->pid(), 0, 0, Address::LINK_PROFILE); Address::saveFromArray($value, $page->pid(), Address::LINK_PROFILE, null, $deletePrivate); if (S::user()->isMe($page->owner) && count($value) > 1) { Platal::page()->trigWarning('Attention, tu as plusieurs adresses sur ton profil. Pense à supprimer celles qui sont obsolètes.'); } }
public function __construct(User $user, $params = null) { $this->user =& $user; global $globals; Banana::$msgedit_canattach = false; Banana::$spool_root = $globals->spoolroot . '/spool/banana/'; array_push(Banana::$msgparse_headers, 'x-org-id', 'x-org-mail'); Banana::$nntp_host = self::buildURL($user->login()); if (S::admin()) { Banana::$msgshow_mimeparts[] = 'source'; } Banana::$debug_nntp = $globals->debug & DEBUG_BT; Banana::$debug_smarty = $globals->debug & DEBUG_SMARTY; Banana::$feed_active = S::hasAuthToken(); parent::__construct($params, 'NNTP', 'PlatalBananaPage'); if (@$params['action'] == 'profile') { Banana::$action = 'profile'; } }
function __construct(User $user, $params = null) { global $globals; $this->user =& $user; Banana::$spool_root = $globals->spoolroot . '/spool/banana/'; Banana::$spool_boxlist = false; Banana::$msgedit_canattach = true; Banana::$debug_mbox = $globals->debug & DEBUG_BT; Banana::$debug_smarty = $globals->debug & DEBUG_SMARTY; Banana::$mbox_helper = $globals->spoolroot . '/banana/mbox-helper/mbox-helper'; Banana::$feed_updateOnDemand = true; if (S::admin()) { Banana::$msgshow_mimeparts[] = 'source'; } array_push(Banana::$msgparse_headers, 'x-org-id', 'x-org-mail'); Banana::$feed_active = S::hasAuthToken(); MLBanana::$listname = $params['listname']; MLBanana::$domain = $params['domain']; $params['group'] = $params['listname'] . '@' . $params['domain']; parent::__construct($params, 'MLArchive', 'PlatalBananaMLPage'); }
function handler_validate($page, $action = 'list', $id = null) { $page->changeTpl('admin/validation.tpl'); $page->setTitle('Administration - Valider une demande'); $page->addCssLink('nl.Polytechnique.org.css'); if ($action == 'edit' && !is_null($id)) { $page->assign('preview_id', $id); } else { $page->assign('preview_id', null); } if (Env::has('uid') && Env::has('type') && Env::has('stamp')) { S::assert_xsrf_token(); $req = Validate::get_typed_request(Env::v('uid'), Env::v('type'), Env::v('stamp')); if ($req) { $req->handle_formu(); } else { $page->trigWarning('La validation a déjà été effectuée.'); } } $r = XDB::iterator('SHOW COLUMNS FROM requests_answers'); while (($a = $r->next()) && $a['Field'] != 'category') { } $categories = explode(',', str_replace("'", '', substr($a['Type'], 5, -1))); sort($categories); $page->assign('categories', $categories); $hidden = array(); $res = XDB::query('SELECT hidden_requests FROM requests_hidden WHERE uid = {?}', S::v('uid')); $hide_requests = $res->fetchOneCell(); if (Post::has('hide')) { $hide = array(); foreach ($categories as $cat) { if (!Post::v($cat)) { $hidden[$cat] = 1; $hide[] = $cat; } } $hide_requests = join(',', $hide); XDB::query('INSERT INTO requests_hidden (uid, hidden_requests) VALUES ({?}, {?}) ON DUPLICATE KEY UPDATE hidden_requests = VALUES(hidden_requests)', S::v('uid'), $hide_requests); } elseif ($hide_requests) { foreach (explode(',', $hide_requests) as $hide_type) { $hidden[$hide_type] = true; } } $page->assign('hide_requests', $hidden); // Update the count of item to validate here... useful in development configuration // where several copies of the site use the same DB, but not the same "dynamic configuration" global $globals; $globals->updateNbValid(); $page->assign('vit', Validate::iterate()); $page->assign('isAdmin', S::admin()); }
public function save(ProfilePage $page, $field, $value) { $deletePrivate = S::user()->isMe($page->owner) || S::admin(); XDB::execute('DELETE FROM pj, pjt USING profile_job AS pj LEFT JOIN profile_job_term AS pjt ON (pj.pid = pjt.pid AND pj.id = pjt.jid) WHERE pj.pid = {?}' . ($deletePrivate ? '' : ' AND pj.pub IN (\'public\', \'ax\')'), $page->pid()); Address::deleteAddresses($page->pid(), Address::LINK_JOB, null, null, $deletePrivate); Phone::deletePhones($page->pid(), Phone::LINK_JOB, null, $deletePrivate); $previous_requests = EntrReq::get_typed_requests($page->pid(), 'entreprise'); foreach ($previous_requests as $request) { $request->clean(); } $terms_values = array(); foreach ($value as $id => &$job) { if (($job['pub'] != 'private' || $deletePrivate) && (isset($job['name']) && $job['name'])) { if (isset($job['jobid']) && $job['jobid']) { XDB::execute('INSERT INTO profile_job (pid, id, description, email, entry_year, url, pub, email_pub, jobid) VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})', $page->pid(), $id, $job['description'], $job['w_email'], $job['w_entry_year'], $job['w_url'], $job['pub'], $job['w_email_pub'], $job['jobid']); } else { XDB::execute('INSERT INTO profile_job (pid, id, description, email, entry_year, url, pub, email_pub) VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})', $page->pid(), $id, $job['description'], $job['w_email'], $job['w_entry_year'], $job['w_url'], $job['pub'], $job['w_email_pub']); $request = new EntrReq(S::user(), $page->profile, $id, $job['name'], $job['hq_acronym'], $job['hq_url'], $job['hq_email'], $job['hq_fixed'], $job['hq_fax'], $job['hq_address']); $request->submit(); sleep(1); } $address = new Address(array_merge($job['w_address'], array('pid' => $page->pid(), 'id' => $id, 'type' => Address::LINK_JOB))); $address->save(); Phone::savePhones($job['w_phone'], $page->pid(), Phone::LINK_JOB, $id); if (isset($job['terms'])) { foreach ($job['terms'] as $term) { $terms_values[] = XDB::format('({?}, {?}, {?}, {?})', $page->pid(), $id, $term['jtid'], "original"); } } } } if (count($terms_values) > 0) { XDB::rawExecute('INSERT INTO profile_job_term (pid, jid, jtid, computed) VALUES ' . implode(', ', $terms_values) . ' ON DUPLICATE KEY UPDATE computed = VALUES(computed)'); } if (S::user()->isMe($page->owner) && count($value) > 1) { Platal::page()->trigWarning('Attention, tu as plusieurs emplois sur ton profil. Pense à supprimer ceux qui sont obsolètes.'); } }
protected function _saveData() { if ($this->changed['nationality1'] || $this->changed['nationality2'] || $this->changed['nationality3'] || $this->changed['birthdate'] || $this->changed['freetext'] || $this->changed['freetext_pub'] || $this->changed['axfreetext'] || $this->changed['email_directory'] || $this->changed['profile_title']) { if ($this->values['nationality3'] == "") { $this->values['nationality3'] = NULL; } if ($this->values['nationality2'] == "") { $this->values['nationality2'] = $this->values['nationality3']; $this->values['nationality3'] = NULL; } if ($this->values['nationality1'] == "") { $this->values['nationality1'] = $this->values['nationality2']; $this->values['nationality2'] = $this->values['nationality3']; $this->values['nationality3'] = NULL; } if ($this->values['nationality1'] == $this->values['nationality2'] && $this->values['nationality2'] == $this->values['nationality3']) { $this->values['nationality2'] = NULL; $this->values['nationality3'] = NULL; } else { if ($this->values['nationality1'] == $this->values['nationality2']) { $this->values['nationality2'] = $this->values['nationality3']; $this->values['nationality3'] = NULL; } else { if ($this->values['nationality2'] == $this->values['nationality3'] || $this->values['nationality1'] == $this->values['nationality3']) { $this->values['nationality3'] = NULL; } } } $new_email = $this->values['email_directory'] == "*****@*****.**" ? $this->values['email_directory_new'] : $this->values['email_directory']; if ($new_email == "") { $new_email = NULL; } XDB::execute("UPDATE profiles\n SET nationality1 = {?}, nationality2 = {?}, nationality3 = {?}, birthdate = {?},\n freetext = {?}, freetext_pub = {?}, axfreetext = {?}, email_directory = {?}, title = {?}\n WHERE pid = {?}", $this->values['nationality1'], $this->values['nationality2'], $this->values['nationality3'], ProfileSettingDate::toSQLDate($this->values['birthdate']), $this->values['freetext'], $this->values['freetext_pub'], $this->values['axfreetext'], $new_email, $this->values['profile_title'], $this->pid()); } if ($this->changed['photo_pub']) { XDB::execute("UPDATE profile_photos\n SET pub = {?}\n WHERE pid = {?}", $this->values['photo_pub'], $this->pid()); } if (S::user()->isMe($this->owner) && $this->changed['yourself']) { if ($this->owner) { XDB::execute('UPDATE accounts SET display_name = {?} WHERE uid = {?}', $this->values['yourself'], $this->owner->id()); } XDB::execute('UPDATE profile_display SET yourself = {?} WHERE pid = {?}', $this->values['yourself'], $this->pid()); } if ($this->changed['promo_display']) { if ($this->values['promo_display'][0] == $this->profile->mainEducation()) { $yearpromo = intval(substr($this->values['promo_display'], 1, 4)); if ($this->profile->mainEducation() == 'X' && $yearpromo >= $this->profile->entry_year || $this->profile->mainEducation() != 'X' && $yearpromo >= $this->profile->entry_year + $this->profile->mainEducationDuration()) { XDB::execute('UPDATE profile_display SET promo = {?} WHERE pid = {?}', $this->values['promo_display'], $this->pid()); XDB::execute('UPDATE profile_education SET promo_year = {?} WHERE pid = {?} AND FIND_IN_SET(\'primary\', flags)', $yearpromo, $this->pid()); } } } if ($this->changed['birthdate_ref'] && S::admin() && !$this->owner->perms) { XDB::execute('UPDATE profiles SET birthdate_ref = {?} WHERE pid = {?}', ProfileSettingDate::toSQLDate($this->values['birthdate_ref']), $this->pid()); } if (!S::user()->isMe($this->owner) && $this->changed['deathdate']) { XDB::execute('UPDATE profiles SET deathdate = {?}, deathdate_rec = NOW() WHERE pid = {?} AND deathdate_rec IS NULL', ProfileSettingDate::toSQLDate($this->values['deathdate']), $this->pid()); if (XDB::affectedRows() > 0) { $this->profile->clear(); if ($this->owner) { $this->owner->clear(true); } } else { /* deathdate_rec was not NULL, this is just an update of the death date */ XDB::execute('UPDATE profiles SET deathdate = {?} WHERE pid = {?}', ProfileSettingDate::toSQLDate($this->values['deathdate']), $this->pid()); } } }
function handler_profile($page, $id = null) { // Checks if the identifier corresponds to an actual profile. Numeric // identifiers canonly be user by logged users. if (is_null($id)) { return PL_NOT_FOUND; } // Determines the access level at which the profile will be displayed. // Note: VIEW_HIDDEN can NOT be selected. The admins who want to read // information need to use the "edit profile" pages instead. if (Env::v('view') == 'public') { $view = Visibility::VIEW_PUBLIC; } else { if (Env::v('view') == 'ax') { $view = Visibility::VIEW_AX; } else { $view = Visibility::VIEW_PRIVATE; } } $visibility = Visibility::defaultForRead($view); // Display pending picture if (S::logged() && Env::v('modif') == 'new') { $page->assign('with_pending_pic', true); } $pid = !is_numeric($id) || S::admin() ? Profile::getPID($id) : null; if (is_null($pid)) { $owner = User::getSilent($id); if ($owner) { $profile = $owner->profile(true, Profile::FETCH_ALL, $visibility); if ($profile) { $pid = $profile->id(); } } } else { // Fetches profile's and profile's owner information and redirects to // marketing if the owner has not subscribed and the requirer has logged in. $profile = Profile::get($pid, Profile::FETCH_ALL, $visibility); $owner = $profile->owner(); } if (is_null($pid)) { if (S::logged()) { $page->kill($id . " inconnu dans l'annuaire."); } return PL_NOT_FOUND; } // Now that we know this is an existing profile, we can switch to the // appropriate template. $page->changeTpl('profile/profile.tpl', SIMPLE); // Profile view are logged. if (S::logged()) { S::logger()->log('view_profile', $profile->hrid()); } // Sets the title of the html page. $page->setTitle($profile->fullName()); // Determines and displays the virtual alias. if (!is_null($owner) && $profile->isVisible($profile->alias_pub)) { $page->assign('virtualalias', $owner->emailAlias()); } $page->assign_by_ref('profile', $profile); $page->assign_by_ref('owner', $owner); $page->assign('view', $visibility); $page->assign('logged', S::logged()); header('Last-Modified: ' . date('r', strtotime($profile->last_change))); }
/** Handles form validation. */ public function handle_formu() { if ($this->requireAdmin && !S::admin()) { $this->trigError('Vous n\'avez pas les permissions nécessaires pour valider cette demande.'); return false; } if (Env::has('delete')) { $this->clean(); $this->trigSuccess('Requête supprimée.'); return true; } // Data updates. if (Env::has('edit')) { if ($this->handle_editor()) { $this->update(); $this->trigSuccess('Requête mise à jour.'); return true; } return false; } // Comment addition. if (Env::has('hold') && Env::has('comm')) { $formid = Env::i('formid'); foreach ($this->comments as $comment) { if ($comment[2] === $formid) { return true; } } if (!strlen(trim(Env::v('comm')))) { return true; } $this->comments[] = array(S::user()->login(), Env::v('comm'), $formid); // Sends email to our hotline. global $globals; $mailer = new PlMailer(); $mailer->setSubject("Commentaires de validation {$this->type}"); $mailer->setFrom("validation+{$this->type}@{$globals->mail->domain}"); $mailer->addTo($globals->core->admin_email); $body = "Validation {$this->type} pour {$this->user->login()}\n\n" . S::user()->login() . " a ajouté le commentaire :\n\n" . Env::v('comm') . "\n\n" . "cf la discussion sur : " . $globals->baseurl . "/admin/validate"; $mailer->setTxtBody(wordwrap($body)); $mailer->send(); $this->update(); $this->trigSuccess('Commentaire ajouté.'); return true; } if (Env::has('accept')) { if ($this->commit()) { $this->sendmail(true); $this->clean(); $this->trigSuccess('Email de validation envoyé'); return true; } else { $this->trigError('Erreur lors de la validation'); return false; } } if (Env::has('refuse')) { if (Env::v('comm')) { $this->sendmail(false); $this->clean(); $this->trigSuccess('Email de refus envoyé.'); return true; } else { $this->trigError('Pas de motivation pour le refus !!!'); } } return false; }
private function useMenu() { global $globals; $menu = array(); $sub = array(); $sub['tous les groupes'] = 'plan'; $sub['documentation'] = 'Xnet'; if (S::user()->type == 'xnet') { $sub['mon compte'] = 'edit'; $sub['mes préférences'] = $globals->xnet->xorg_baseurl . 'prefs'; } $sub['signaler un bug'] = array('href' => 'send_bug/' . $_SERVER['REQUEST_URI'], 'class' => 'popup_840x600'); $menu["no_title"] = $sub; $perms = S::v('perms'); $dim = $globals->asso('diminutif'); if (S::logged() && $globals->asso()) { $sub = array(); $sub['présentation'] = "login/{$dim}/"; if ($perms->hasFlag('groupannu')) { $sub['annuaire du groupe'] = "{$dim}/annuaire"; $sub['trombinoscope'] = "{$dim}/trombi"; } if ($globals->asso('forum')) { $sub['forum'] = "{$dim}/forum"; } if ($perms->hasFlag('groupmember')) { if ($globals->asso('mail_domain')) { $sub['listes de diffusion'] = "{$dim}/lists"; } if ($globals->asso('has_nl')) { $sub['newsletter'] = "{$dim}/nl"; } } $sub['événement'] = "{$dim}/events"; if ($perms->hasFlag('groupadmin')) { $sub['télépaiement'] = "{$dim}/payment"; } $menu[$globals->asso('nom')] = $sub; } if ($globals->asso() && is_object($perms) && $perms->hasFlag('groupadmin')) { $sub = array(); $sub['modifier l\'accueil'] = "{$dim}/edit"; $sub['gérer les annonces'] = "{$dim}/admin/announces"; if ($globals->asso('mail_domain')) { if (!$globals->asso('disable_mails')) { $sub['envoyer un mail'] = "{$dim}/mail"; } $sub['créer une liste'] = "{$dim}/lists/create"; $sub['créer un alias'] = "{$dim}/alias/create"; } if (!$globals->asso('has_nl')) { $sub['créer la newsletter'] = "{$dim}/admin/nl/enable"; } if (S::admin()) { $sub['gérer les groupes'] = array('href' => 'admin', 'style' => 'color: gray;'); $sub['clear cache'] = array('href' => 'purge_cache?token=' . S::v('xsrf_token'), 'style' => 'color: gray;'); } $menu['Administrer'] = $sub; } elseif (S::admin()) { $sub = array(); $sub['gérer les groupes'] = 'admin'; $sub['clear cache'] = 'purge_cache?token=' . S::v('xsrf_token'); $menu['Administrer'] = $sub; } $this->assign('menu', $menu); }
function gpex_make($chlg, $privkey, $datafields, $charset) { $tohash = "1{$chlg}{$privkey}"; $params = ""; $fieldarr = explode(',', $datafields); $user =& S::user(); if ($user->hasProfile()) { /* Transition table for authentification. */ $personnal_data = $user->profile()->data(); $personnal_data['full_promo'] = $personnal_data['promo']; $personnal_data['promo'] = $personnal_data['entry_year']; $personnal_data['matricule'] = $personnal_data['xorg_id']; $personnal_data['matricule_ax'] = $personnal_data['ax_id']; $personnal_data['promo_sortie'] = $personnal_data['grad_year']; $personnal_data['nationalite'] = $personnal_data['nationality1']; $personnal_data['naissance'] = $personnal_data['birthdate']; $personnal_data['deces'] = $personnal_data['deathdate']; $personnal_data['nom'] = $personnal_data['lastname']; $personnal_data['prenom'] = $personnal_data['firstname']; $personnal_data['flags'] = $user->profile()->isFemale() ? 'femme' : ''; } else { // Missing fields: promo, entry_year, grad_year, ax_id, xorg_id, forlife $personnal_data = array('lastname' => $user->lastname, 'firstname' => $user->firstname, 'sex' => $user->gender); } foreach ($fieldarr as $val) { // Determine the requested value, and add it to the answer. if ($val == 'perms') { $params .= gpex_prepare_param($val, S::admin() ? 'admin' : 'user', $tohash, $charset); } else { if ($val == 'forlife') { $params .= gpex_prepare_param($val, S::v('hruid'), $tohash, $charset); } else { if (S::has($val)) { $params .= gpex_prepare_param($val, S::v($val), $tohash, $charset); } else { if (isset($personnal_data[$val])) { $params .= gpex_prepare_param($val, $personnal_data[$val], $tohash, $charset); } else { if ($val == 'username') { $min_username = XDB::fetchOneCell('SELECT email FROM email_source_account WHERE uid = {?} AND FIND_IN_SET(\'bestalias\', flags)', S::i('uid')); $params .= gpex_prepare_param($val, is_null($min_username) ? '' : $min_username, $tohash, $charset); } else { if ($val == 'grpauth') { if (isset($_GET['group'])) { $res = XDB::query("SELECT perms\n FROM group_members\n INNER JOIN groups ON(id = asso_id)\n WHERE uid = {?} AND diminutif = {?}", S::v('uid'), $_GET['group']); $perms = $res->fetchOneCell(); } else { // if no group asked, return main rights $perms = S::admin() ? 'admin' : 'membre'; } $params .= gpex_prepare_param($val, $perms, $tohash, $charset); } else { $params .= gpex_prepare_param($val, '', $tohash, $charset); } } } } } } } $tohash .= "1"; $auth = md5($tohash); return array($auth, "&auth=" . $auth . $params); }
function handler_edit($page) { global $globals; $page->changeTpl('xnetgrp/edit.tpl'); $error = false; if (S::admin()) { $domains = XDB::iterator('SELECT * FROM group_dom ORDER BY nom'); $page->assign('domains', $domains); $page->assign('super', true); } if (Post::has('submit')) { S::assert_xsrf_token(); $flags = new PlFlagSet('wiki_desc'); $flags->addFlag('notif_unsub', Post::i('notif_unsub') == 1); $site = Post::t('site'); if ($site && $site != "http://") { $scheme = parse_url($site, PHP_URL_SCHEME); if (!$scheme) { $site = "http://" . $site; } } else { $site = ""; } $notify_all = Post::v('notify_all') ? true : false; if (!$notify_all) { $to_notify = array(); $uf = new UserFilter(new UFC_Group($globals->asso('id'), true)); $uids = $uf->getIds(); foreach ($uids as $uid) { if (Post::b('to_notify_' . $uid)) { $to_notify[] = $uid; } } if (count($to_notify) == 0) { $notify_all = true; $page->trigWarning("Aucun animateur n'ayant été selectionné pour recevoir les demandes d'inscriptions, tous le seront."); } } $flags->addFlag('notify_all', $notify_all); if (S::admin()) { $page->assign('super', true); if (Post::v('mail_domain') && strstr(Post::v('mail_domain'), '.') === false) { $page->trigError('Le domaine doit être un FQDN (aucune modification effectuée) !!!'); $error = true; } if (Post::t('nom') == '' || Post::t('diminutif') == '') { $page->trigError('Ni le nom ni le diminutif du groupe ne peuvent être vide.'); $error = true; } if ($error) { $page->assign('nom', Post::t('nom')); $page->assign('diminutif', Post::t('diminutif')); $page->assign('mail_domain', Post::t('mail_domain')); $page->assign('cat', Post::v('cat')); $page->assign('dom', Post::v('dom')); $page->assign('ax', Post::v('ax')); $page->assign('axDate', Post::t('axDate')); $page->assign('site', $site); $page->assign('resp', Post::t('resp')); $page->assign('mail', Post::t('mail')); $page->assign('phone', Post::t('phone')); $page->assign('fax', Post::t('fax')); $page->assign('address', Post::t('address')); $page->assign('forum', Post::t('forum')); $page->assign('inscriptible', Post::v('inscriptible')); $page->assign('sub_url', Post::t('sub_url')); $page->assign('unsub_url', Post::t('unsub_url')); $page->assign('welcome_msg', Post::t('welcome_msg')); $page->assign('pub', Post::v('pub')); $page->assign('notif_unsub', Post::i('notif_unsub')); $page->assign('descr', Post::t('descr')); $page->assign('disable_mails', Post::b('disable_mails')); $page->assign('status', Post::v('status')); $page->assign('error', $error); return; } $axDate = make_datetime(Post::v('axDate')); if (Post::t('axDate') != '') { $axDate = make_datetime(Post::v('axDate'))->format('Y-m-d'); } else { $axDate = null; } XDB::execute("UPDATE groups\n SET nom={?}, diminutif={?}, cat={?}, dom={?},\n descr={?}, site={?}, mail={?}, resp={?},\n forum={?}, mail_domain={?}, ax={?}, axDate = {?}, pub={?},\n sub_url={?}, inscriptible={?}, unsub_url={?},\n flags = {?}, welcome_msg = {?}, disable_mails = {?},\n status = {?}\n WHERE id={?}", Post::v('nom'), Post::v('diminutif'), Post::v('cat'), Post::i('dom') == 0 ? null : Post::i('dom'), Post::v('descr'), $site, Post::v('mail'), Post::v('resp'), Post::v('forum'), Post::v('mail_domain'), Post::has('ax'), $axDate, Post::v('pub'), Post::v('sub_url'), Post::v('inscriptible'), Post::v('unsub_url'), $flags, Post::t('welcome_msg'), Post::b('disable_mails'), Post::v('status'), $globals->asso('id')); if (Post::v('mail_domain')) { XDB::execute('INSERT IGNORE INTO email_virtual_domains (name) VALUES ({?})', Post::t('mail_domain')); XDB::execute('UPDATE email_virtual_domains SET aliasing = id WHERE name = {?}', Post::t('mail_domain')); } } else { XDB::execute("UPDATE groups\n SET descr={?}, site={?}, mail={?}, resp={?},\n forum={?}, pub= {?}, sub_url={?},\n unsub_url = {?}, flags = {?}, welcome_msg = {?},\n status = {?}\n WHERE id={?}", Post::v('descr'), $site, Post::v('mail'), Post::v('resp'), Post::v('forum'), Post::v('pub'), Post::v('sub_url'), Post::v('unsub_url'), $flags, Post::t('welcome_msg'), Post::v('status'), $globals->asso('id')); } Phone::deletePhones(0, Phone::LINK_GROUP, $globals->asso('id')); $phone = new Phone(array('link_type' => 'group', 'link_id' => $globals->asso('id'), 'id' => 0, 'type' => 'fixed', 'display' => Post::v('phone'), 'pub' => 'public')); $fax = new Phone(array('link_type' => 'group', 'link_id' => $globals->asso('id'), 'id' => 1, 'type' => 'fax', 'display' => Post::v('fax'), 'pub' => 'public')); $phone->save(); $fax->save(); Address::deleteAddresses(null, Address::LINK_GROUP, null, $globals->asso('id')); $address = new Address(array('groupid' => $globals->asso('id'), 'type' => Address::LINK_GROUP, 'text' => Post::v('address'))); $address->save(); if ($_FILES['logo']['name']) { $upload = PlUpload::get($_FILES['logo'], $globals->asso('id'), 'asso.logo', true); if (!$upload) { $page->trigError("Impossible de télécharger le logo."); } else { XDB::execute('UPDATE groups SET logo = {?}, logo_mime = {?} WHERE id = {?}', $upload->getContents(), $upload->contentType(), $globals->asso('id')); $upload->rm(); } } XDB::execute("UPDATE group_members\n SET flags = ''\n WHERE asso_id = {?}", $globals->asso('id')); if (!$notify_all) { XDB::execute("UPDATE group_members\n SET flags = 'notify'\n WHERE asso_id = {?} AND uid IN {?}", $globals->asso('id'), $to_notify); } pl_redirect('../' . Post::v('diminutif', $globals->asso('diminutif')) . '/edit'); } $uf = new UserFilter(new UFC_Group($globals->asso('id'), true, UFC_Group::NOTIFIED)); $page->assign('notified', $uf->getUsers()); $uf = new UserFilter(new UFC_Group($globals->asso('id'), true, UFC_Group::UNNOTIFIED)); $page->assign('unnotified', $uf->getUsers()); $page->assign('error', $error); $page->assign('cat', $globals->asso('cat')); $page->assign('dom', $globals->asso('dom')); $page->assign('ax', $globals->asso('ax')); $page->assign('inscriptible', $globals->asso('inscriptible')); $page->assign('pub', $globals->asso('pub')); $page->assign('notif_unsub', $globals->asso('notif_unsub')); $page->assign('notify_all', $globals->asso('notify_all')); $page->assign('disable_mails', $globals->asso('disable_mails')); $page->assign('status', $globals->asso('status')); }
function kill_sessions() { assert(S::admin()); shell_exec('sudo -u root ' . dirname(dirname(__FILE__)) . '/bin/kill_sessions.sh'); }
protected function buildUFC(UserFilterBuilder $ufb) { $r = $s = $this->val; /** Admin: Email, IP */ if (S::admin() && strpos($s, '@') !== false) { return new UFC_Email($s); } else { if (S::admin() && preg_match('/[0-9]+\\.([0-9]+|%)\\.([0-9]+|%)\\.([0-9]+|%)/', $s)) { return new UFC_Ip($s); } } $conds = new PFC_And(); /** Name */ $s = preg_replace('!\\d+!', ' ', $s); $strings = preg_split("![^a-z%]+!i", $s, -1, PREG_SPLIT_NO_EMPTY); foreach ($strings as $key => $string) { if (strlen($string) < 2) { unset($strings[$key]); } } if (count($strings) > 5) { Platal::page()->trigWarning("Tu as indiqué trop d'éléments dans ta recherche, seuls les 5 premiers seront pris en compte"); $strings = array_slice($strings, 0, 5); } if (count($strings)) { if (S::user() != null && S::user()->checkPerms('directory_private')) { $flags = array(); } else { $flags = array('public'); } $exact = $ufb->b('exact'); $conds->addChild(new UFC_NameTokens($strings, $flags, $ufb->b('with_soundex'), $exact)); $ufb->addOrder(new UFO_Score()); } /** Promo ranges */ $s = preg_replace('! *- *!', '-', $r); $s = preg_replace('!([<>]) *!', ' \\1', $s); $s = preg_replace('![^0-9xmd\\-><]!i', ' ', $s); $s = preg_replace('![<>\\-] !', '', $s); $ranges = preg_split('! +!', strtolower($s), -1, PREG_SPLIT_NO_EMPTY); $grades = array('' => UserFilter::GRADE_ING, 'x' => UserFilter::GRADE_ING, 'm' => UserFilter::GRADE_MST, 'd' => UserFilter::GRADE_PHD); foreach ($ranges as $r) { if (preg_match('!^([xmd]?)(\\d{4})$!', $r, $matches)) { $conds->addChild(new UFC_Promo('=', $grades[$matches[1]], $matches[2])); } elseif (preg_match('!^([xmd]?)(\\d{4})-\\1(\\d{4})$!', $r, $matches)) { $p1 = min(intval($matches[2]), intval($matches[3])); $p2 = max(intval($matches[2]), intval($matches[3])); $conds->addChild(new PFC_And(new UFC_Promo('>=', $grades[$matches[1]], $p1), new UFC_Promo('<=', $grades[$matches[1]], $p2))); } elseif (preg_match('!^<([xmd]?)(\\d{4})!', $r, $matches)) { $conds->addChild(new UFC_Promo('<=', $grades[$matches[1]], $matches[2])); } elseif (preg_match('!^>([xmd]?)(\\d{4})!', $r, $matches)) { $conds->addChild(new UFC_Promo('>=', $grades[$matches[1]], $matches[2])); } } /** Phone number */ $t = preg_replace('!([xmd]?\\d{4}-|>|<|)[xmd]?\\d{4}!i', '', $s); $t = preg_replace('![<>\\- ]!', '', $t); if (strlen($t) > 4) { $conds->addChild(new UFC_Phone($t)); } return $conds; }
public static function _default_user_callback($login, $results) { $result_count = count($results); if ($result_count == 0 || !S::admin()) { Platal::page()->trigError("Il n'y a pas d'utilisateur avec l'identifiant : {$login}"); } else { Platal::page()->trigError("Il y a {$result_count} utilisateurs avec cet identifiant : " . join(', ', $results)); } }
function check_surveyPerms($page, $survey, $silent = false, $admin_allowed = true) { $this->load('survey.inc.php'); if ($survey->isMode(Survey::MODE_ALL)) { // if the survey is not reserved to alumni return true; } if (!S::logged()) { return false; } $profile = S::user()->profile(); if (!$profile) { return false; } // checks promotion $allowed = false; foreach ($profile->yearspromo() as $p) { if ($survey->checkPromo($p)) { $allowed = true; break; } } if ($allowed) { return true; } if (S::admin() && $admin_allowed) { if (!$silent) { $page->trigWarning('Tu as accès à ce sondage car tu es administrateur du site.'); } return true; } if (!$silent) { $page->kill("Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions."); } return false; }
public function save(ProfilePage $page, $field, $value) { Phone::deletePhones($page->pid(), Phone::LINK_PROFILE, null, S::user()->isMe($page->owner) || S::admin()); Phone::savePhones($value, $page->pid(), Phone::LINK_PROFILE); }
function hook_checkcancel($_headers) { return $_headers['x-org-id'] == S::v('hruid') or S::admin(); }
public static function get_allowed_storages(User $user) { global $globals; $storages = array(); // Google Apps storage is available for users with valid Google Apps account. require_once 'googleapps.inc.php'; if ($user->checkPerms('gapps') && $globals->mailstorage->googleapps_domain && GoogleAppsAccount::account_status($user->id()) == 'active') { $storages[] = 'googleapps'; } // IMAP storage is always visible to administrators, and is allowed for // everyone when the service is marked as 'active'. if ($globals->mailstorage->imap_active || S::admin()) { $storages[] = 'imap'; } return $storages; }
function make_Organization() { global $globals; $perms = S::v('perms'); $group = $globals->asso('nom'); if (S::admin()) { return "Administrateur de Polytechnique.org"; } else { if ($group && $perms->hasFlag('groupadmin')) { return "Animateur de {$group}"; } else { if ($group && $perms->hasFlag('groupmember')) { return "Membre de {$group}"; } } } return "Utilisateur de Polytechnique.org"; }
function handler_test($page, $hruid = null) { require_once 'emails.inc.php'; if (!S::has_xsrf_token()) { return PL_FORBIDDEN; } // Retrieves the User object for the test email recipient. if (S::admin() && $hruid) { $user = User::getSilent($hruid); } else { $user = S::user(); } if (!$user) { return PL_NOT_FOUND; } // Sends the test email. $redirect = new Redirect($user); $mailer = new PlMailer('emails/test.mail.tpl'); $mailer->assign('email', $user->bestEmail()); $mailer->assign('redirects', $redirect->active_emails()); $mailer->assign('display_name', $user->displayName()); $mailer->assign('sexe', $user->isFemale()); $mailer->send($user->isEmailFormatHtml()); exit; }
/** Return administration rights for the current asso * @param force Force administration rights to be read from database * @param lose Force administration rights to be false */ function may_update($force = false, $lose = false) { if (!isset($_SESSION['may_update'])) { $_SESSION['may_update'] = array(); } $may_update =& $_SESSION['may_update']; global $globals; $asso_id = $globals->asso('id'); if (!$asso_id) { return false; } elseif ($lose) { $may_update[$asso_id] = false; } elseif (S::admin() || S::suid() && $force) { $may_update[$asso_id] = true; } elseif (!isset($may_update[$asso_id]) || $force) { $res = XDB::query("SELECT perms\n FROM group_members\n WHERE uid={?} AND asso_id={?}", S::v('uid'), $asso_id); $may_update[$asso_id] = $res->fetchOneCell() == 'admin'; } return $may_update[$asso_id]; }
/** $model is the way of presenting the results: minifiche, trombi, geoloc. */ function handler_advanced($page, $model = null, $byletter = null) { global $globals; $page->addJsLink('jquery.ui.xorg.js'); $page->addJsLink('search.js'); $page->assign('advanced', 1); $networks = DirEnum::getOptions(DirEnum::NETWORKS); $networks[-1] = 'Tous types'; $networks[0] = '-'; ksort($networks); $page->assign('networking_types', $networks); $origin_corps_list = DirEnum::getOptions(DirEnum::ORIGINCORPS); $current_corps_list = DirEnum::getOptions(DirEnum::CURRENTCORPS); $corps_rank_list = DirEnum::getOptions(DirEnum::CORPSRANKS); $origin_corps_list[0] = '-'; $current_corps_list[0] = '-'; $corps_rank_list[0] = '-'; ksort($origin_corps_list); ksort($current_corps_list); ksort($corps_rank_list); $page->assign('origin_corps_list', $origin_corps_list); $page->assign('current_corps_list', $current_corps_list); $page->assign('corps_rank_list', $corps_rank_list); if (!Env::has('rechercher') && $model != 'geoloc') { $this->form_prepare(); } else { if (!Env::has('page')) { S::logger()->log('search', 'adv=' . var_export($_GET, true)); } require_once 'userset.inc.php'; // Enable X.org fields for X.org admins, and AX fields for AX secretaries. $view = new AdvancedSearchSet(S::admin(), S::user()->checkPerms(User::PERM_EDIT_DIRECTORY)); if (!$view->isValid()) { $this->form_prepare(); $page->trigError('Recherche invalide.'); } else { $view->addMod('minifiche', 'Mini-fiches', true, array('starts_with' => $byletter)); $view->addMod('trombi', 'Trombinoscope', false, array('with_promo' => true)); $view->addMod('map', 'Planisphère'); if (S::user()->checkPerms(User::PERM_EDIT_DIRECTORY) || S::admin()) { $view->addMod('addresses', 'Adresses postales', false); } $view->apply('search/adv', $page, $model); $nb_tot = $view->count(); if ($nb_tot > $globals->search->private_max) { $this->form_prepare(); if ($model != 'addresses' && (S::user()->checkPerms(User::PERM_EDIT_DIRECTORY) || S::admin())) { $page->assign('suggestAddresses', true); } $page->trigError('Recherche trop générale.'); } else { if ($nb_tot == 0) { $this->form_prepare(); $page->trigError('Il n\'existe personne correspondant à ces critères dans la base !'); } } } } $page->changeTpl('search/index.tpl', $model == 'mini' ? SIMPLE : SKINNED); $page->assign('public_directory', 0); }