/** Ensure the current user owns the given MailingList.
*/
protected function verify_list_owner($page, $mlist)
{
if (list(, , $owners) = $mlist->getMembers()) {
if (!(in_array(S::user()->forlifeEmail(), $owners) || S::admin())) {
$page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer.");
}
} else {
$page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer.<br />" . " Si tu penses qu'il s'agit d'une erreur, " . "<a href='mailto:support@polytechnique.org'>contact le support</a>.");
}
}
public function save(ProfilePage $page, $field, $value)
{
$deletePrivate = S::user()->isMe($page->owner) || S::admin();
Phone::deletePhones($page->pid(), Phone::LINK_ADDRESS, null, $deletePrivate);
Address::deleteAddresses($page->pid(), Address::LINK_PROFILE, null, null, $deletePrivate);
AddressReq::purge_requests($page->pid(), 0, 0, Address::LINK_PROFILE);
Address::saveFromArray($value, $page->pid(), Address::LINK_PROFILE, null, $deletePrivate);
if (S::user()->isMe($page->owner) && count($value) > 1) {
Platal::page()->trigWarning('Attention, tu as plusieurs adresses sur ton profil. Pense à supprimer celles qui sont obsolètes.');
}
}
public function __construct(User $user, $params = null)
{
$this->user =& $user;
global $globals;
Banana::$msgedit_canattach = false;
Banana::$spool_root = $globals->spoolroot . '/spool/banana/';
array_push(Banana::$msgparse_headers, 'x-org-id', 'x-org-mail');
Banana::$nntp_host = self::buildURL($user->login());
if (S::admin()) {
Banana::$msgshow_mimeparts[] = 'source';
}
Banana::$debug_nntp = $globals->debug & DEBUG_BT;
Banana::$debug_smarty = $globals->debug & DEBUG_SMARTY;
Banana::$feed_active = S::hasAuthToken();
parent::__construct($params, 'NNTP', 'PlatalBananaPage');
if (@$params['action'] == 'profile') {
Banana::$action = 'profile';
}
}
function __construct(User $user, $params = null)
{
global $globals;
$this->user =& $user;
Banana::$spool_root = $globals->spoolroot . '/spool/banana/';
Banana::$spool_boxlist = false;
Banana::$msgedit_canattach = true;
Banana::$debug_mbox = $globals->debug & DEBUG_BT;
Banana::$debug_smarty = $globals->debug & DEBUG_SMARTY;
Banana::$mbox_helper = $globals->spoolroot . '/banana/mbox-helper/mbox-helper';
Banana::$feed_updateOnDemand = true;
if (S::admin()) {
Banana::$msgshow_mimeparts[] = 'source';
}
array_push(Banana::$msgparse_headers, 'x-org-id', 'x-org-mail');
Banana::$feed_active = S::hasAuthToken();
MLBanana::$listname = $params['listname'];
MLBanana::$domain = $params['domain'];
$params['group'] = $params['listname'] . '@' . $params['domain'];
parent::__construct($params, 'MLArchive', 'PlatalBananaMLPage');
}
function handler_validate($page, $action = 'list', $id = null)
{
$page->changeTpl('admin/validation.tpl');
$page->setTitle('Administration - Valider une demande');
$page->addCssLink('nl.Polytechnique.org.css');
if ($action == 'edit' && !is_null($id)) {
$page->assign('preview_id', $id);
} else {
$page->assign('preview_id', null);
}
if (Env::has('uid') && Env::has('type') && Env::has('stamp')) {
S::assert_xsrf_token();
$req = Validate::get_typed_request(Env::v('uid'), Env::v('type'), Env::v('stamp'));
if ($req) {
$req->handle_formu();
} else {
$page->trigWarning('La validation a déjà été effectuée.');
}
}
$r = XDB::iterator('SHOW COLUMNS FROM requests_answers');
while (($a = $r->next()) && $a['Field'] != 'category') {
}
$categories = explode(',', str_replace("'", '', substr($a['Type'], 5, -1)));
sort($categories);
$page->assign('categories', $categories);
$hidden = array();
$res = XDB::query('SELECT hidden_requests
FROM requests_hidden
WHERE uid = {?}', S::v('uid'));
$hide_requests = $res->fetchOneCell();
if (Post::has('hide')) {
$hide = array();
foreach ($categories as $cat) {
if (!Post::v($cat)) {
$hidden[$cat] = 1;
$hide[] = $cat;
}
}
$hide_requests = join(',', $hide);
XDB::query('INSERT INTO requests_hidden (uid, hidden_requests)
VALUES ({?}, {?})
ON DUPLICATE KEY UPDATE hidden_requests = VALUES(hidden_requests)', S::v('uid'), $hide_requests);
} elseif ($hide_requests) {
foreach (explode(',', $hide_requests) as $hide_type) {
$hidden[$hide_type] = true;
}
}
$page->assign('hide_requests', $hidden);
// Update the count of item to validate here... useful in development configuration
// where several copies of the site use the same DB, but not the same "dynamic configuration"
global $globals;
$globals->updateNbValid();
$page->assign('vit', Validate::iterate());
$page->assign('isAdmin', S::admin());
}
public function save(ProfilePage $page, $field, $value)
{
$deletePrivate = S::user()->isMe($page->owner) || S::admin();
XDB::execute('DELETE FROM pj, pjt
USING profile_job AS pj
LEFT JOIN profile_job_term AS pjt ON (pj.pid = pjt.pid AND pj.id = pjt.jid)
WHERE pj.pid = {?}' . ($deletePrivate ? '' : ' AND pj.pub IN (\'public\', \'ax\')'), $page->pid());
Address::deleteAddresses($page->pid(), Address::LINK_JOB, null, null, $deletePrivate);
Phone::deletePhones($page->pid(), Phone::LINK_JOB, null, $deletePrivate);
$previous_requests = EntrReq::get_typed_requests($page->pid(), 'entreprise');
foreach ($previous_requests as $request) {
$request->clean();
}
$terms_values = array();
foreach ($value as $id => &$job) {
if (($job['pub'] != 'private' || $deletePrivate) && (isset($job['name']) && $job['name'])) {
if (isset($job['jobid']) && $job['jobid']) {
XDB::execute('INSERT INTO profile_job (pid, id, description, email, entry_year,
url, pub, email_pub, jobid)
VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})', $page->pid(), $id, $job['description'], $job['w_email'], $job['w_entry_year'], $job['w_url'], $job['pub'], $job['w_email_pub'], $job['jobid']);
} else {
XDB::execute('INSERT INTO profile_job (pid, id, description, email, entry_year,
url, pub, email_pub)
VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})', $page->pid(), $id, $job['description'], $job['w_email'], $job['w_entry_year'], $job['w_url'], $job['pub'], $job['w_email_pub']);
$request = new EntrReq(S::user(), $page->profile, $id, $job['name'], $job['hq_acronym'], $job['hq_url'], $job['hq_email'], $job['hq_fixed'], $job['hq_fax'], $job['hq_address']);
$request->submit();
sleep(1);
}
$address = new Address(array_merge($job['w_address'], array('pid' => $page->pid(), 'id' => $id, 'type' => Address::LINK_JOB)));
$address->save();
Phone::savePhones($job['w_phone'], $page->pid(), Phone::LINK_JOB, $id);
if (isset($job['terms'])) {
foreach ($job['terms'] as $term) {
$terms_values[] = XDB::format('({?}, {?}, {?}, {?})', $page->pid(), $id, $term['jtid'], "original");
}
}
}
}
if (count($terms_values) > 0) {
XDB::rawExecute('INSERT INTO profile_job_term (pid, jid, jtid, computed)
VALUES ' . implode(', ', $terms_values) . '
ON DUPLICATE KEY UPDATE computed = VALUES(computed)');
}
if (S::user()->isMe($page->owner) && count($value) > 1) {
Platal::page()->trigWarning('Attention, tu as plusieurs emplois sur ton profil. Pense à supprimer ceux qui sont obsolètes.');
}
}
protected function _saveData()
{
if ($this->changed['nationality1'] || $this->changed['nationality2'] || $this->changed['nationality3'] || $this->changed['birthdate'] || $this->changed['freetext'] || $this->changed['freetext_pub'] || $this->changed['axfreetext'] || $this->changed['email_directory'] || $this->changed['profile_title']) {
if ($this->values['nationality3'] == "") {
$this->values['nationality3'] = NULL;
}
if ($this->values['nationality2'] == "") {
$this->values['nationality2'] = $this->values['nationality3'];
$this->values['nationality3'] = NULL;
}
if ($this->values['nationality1'] == "") {
$this->values['nationality1'] = $this->values['nationality2'];
$this->values['nationality2'] = $this->values['nationality3'];
$this->values['nationality3'] = NULL;
}
if ($this->values['nationality1'] == $this->values['nationality2'] && $this->values['nationality2'] == $this->values['nationality3']) {
$this->values['nationality2'] = NULL;
$this->values['nationality3'] = NULL;
} else {
if ($this->values['nationality1'] == $this->values['nationality2']) {
$this->values['nationality2'] = $this->values['nationality3'];
$this->values['nationality3'] = NULL;
} else {
if ($this->values['nationality2'] == $this->values['nationality3'] || $this->values['nationality1'] == $this->values['nationality3']) {
$this->values['nationality3'] = NULL;
}
}
}
$new_email = $this->values['email_directory'] == "*****@*****.**" ? $this->values['email_directory_new'] : $this->values['email_directory'];
if ($new_email == "") {
$new_email = NULL;
}
XDB::execute("UPDATE profiles\n SET nationality1 = {?}, nationality2 = {?}, nationality3 = {?}, birthdate = {?},\n freetext = {?}, freetext_pub = {?}, axfreetext = {?}, email_directory = {?}, title = {?}\n WHERE pid = {?}", $this->values['nationality1'], $this->values['nationality2'], $this->values['nationality3'], ProfileSettingDate::toSQLDate($this->values['birthdate']), $this->values['freetext'], $this->values['freetext_pub'], $this->values['axfreetext'], $new_email, $this->values['profile_title'], $this->pid());
}
if ($this->changed['photo_pub']) {
XDB::execute("UPDATE profile_photos\n SET pub = {?}\n WHERE pid = {?}", $this->values['photo_pub'], $this->pid());
}
if (S::user()->isMe($this->owner) && $this->changed['yourself']) {
if ($this->owner) {
XDB::execute('UPDATE accounts
SET display_name = {?}
WHERE uid = {?}', $this->values['yourself'], $this->owner->id());
}
XDB::execute('UPDATE profile_display
SET yourself = {?}
WHERE pid = {?}', $this->values['yourself'], $this->pid());
}
if ($this->changed['promo_display']) {
if ($this->values['promo_display'][0] == $this->profile->mainEducation()) {
$yearpromo = intval(substr($this->values['promo_display'], 1, 4));
if ($this->profile->mainEducation() == 'X' && $yearpromo >= $this->profile->entry_year || $this->profile->mainEducation() != 'X' && $yearpromo >= $this->profile->entry_year + $this->profile->mainEducationDuration()) {
XDB::execute('UPDATE profile_display
SET promo = {?}
WHERE pid = {?}', $this->values['promo_display'], $this->pid());
XDB::execute('UPDATE profile_education
SET promo_year = {?}
WHERE pid = {?} AND FIND_IN_SET(\'primary\', flags)', $yearpromo, $this->pid());
}
}
}
if ($this->changed['birthdate_ref'] && S::admin() && !$this->owner->perms) {
XDB::execute('UPDATE profiles
SET birthdate_ref = {?}
WHERE pid = {?}', ProfileSettingDate::toSQLDate($this->values['birthdate_ref']), $this->pid());
}
if (!S::user()->isMe($this->owner) && $this->changed['deathdate']) {
XDB::execute('UPDATE profiles
SET deathdate = {?}, deathdate_rec = NOW()
WHERE pid = {?} AND deathdate_rec IS NULL', ProfileSettingDate::toSQLDate($this->values['deathdate']), $this->pid());
if (XDB::affectedRows() > 0) {
$this->profile->clear();
if ($this->owner) {
$this->owner->clear(true);
}
} else {
/* deathdate_rec was not NULL, this is just an update of the death date
*/
XDB::execute('UPDATE profiles
SET deathdate = {?}
WHERE pid = {?}', ProfileSettingDate::toSQLDate($this->values['deathdate']), $this->pid());
}
}
}
function handler_profile($page, $id = null)
{
// Checks if the identifier corresponds to an actual profile. Numeric
// identifiers canonly be user by logged users.
if (is_null($id)) {
return PL_NOT_FOUND;
}
// Determines the access level at which the profile will be displayed.
// Note: VIEW_HIDDEN can NOT be selected. The admins who want to read
// information need to use the "edit profile" pages instead.
if (Env::v('view') == 'public') {
$view = Visibility::VIEW_PUBLIC;
} else {
if (Env::v('view') == 'ax') {
$view = Visibility::VIEW_AX;
} else {
$view = Visibility::VIEW_PRIVATE;
}
}
$visibility = Visibility::defaultForRead($view);
// Display pending picture
if (S::logged() && Env::v('modif') == 'new') {
$page->assign('with_pending_pic', true);
}
$pid = !is_numeric($id) || S::admin() ? Profile::getPID($id) : null;
if (is_null($pid)) {
$owner = User::getSilent($id);
if ($owner) {
$profile = $owner->profile(true, Profile::FETCH_ALL, $visibility);
if ($profile) {
$pid = $profile->id();
}
}
} else {
// Fetches profile's and profile's owner information and redirects to
// marketing if the owner has not subscribed and the requirer has logged in.
$profile = Profile::get($pid, Profile::FETCH_ALL, $visibility);
$owner = $profile->owner();
}
if (is_null($pid)) {
if (S::logged()) {
$page->kill($id . " inconnu dans l'annuaire.");
}
return PL_NOT_FOUND;
}
// Now that we know this is an existing profile, we can switch to the
// appropriate template.
$page->changeTpl('profile/profile.tpl', SIMPLE);
// Profile view are logged.
if (S::logged()) {
S::logger()->log('view_profile', $profile->hrid());
}
// Sets the title of the html page.
$page->setTitle($profile->fullName());
// Determines and displays the virtual alias.
if (!is_null($owner) && $profile->isVisible($profile->alias_pub)) {
$page->assign('virtualalias', $owner->emailAlias());
}
$page->assign_by_ref('profile', $profile);
$page->assign_by_ref('owner', $owner);
$page->assign('view', $visibility);
$page->assign('logged', S::logged());
header('Last-Modified: ' . date('r', strtotime($profile->last_change)));
}
/** Handles form validation.
*/
public function handle_formu()
{
if ($this->requireAdmin && !S::admin()) {
$this->trigError('Vous n\'avez pas les permissions nécessaires pour valider cette demande.');
return false;
}
if (Env::has('delete')) {
$this->clean();
$this->trigSuccess('Requête supprimée.');
return true;
}
// Data updates.
if (Env::has('edit')) {
if ($this->handle_editor()) {
$this->update();
$this->trigSuccess('Requête mise à jour.');
return true;
}
return false;
}
// Comment addition.
if (Env::has('hold') && Env::has('comm')) {
$formid = Env::i('formid');
foreach ($this->comments as $comment) {
if ($comment[2] === $formid) {
return true;
}
}
if (!strlen(trim(Env::v('comm')))) {
return true;
}
$this->comments[] = array(S::user()->login(), Env::v('comm'), $formid);
// Sends email to our hotline.
global $globals;
$mailer = new PlMailer();
$mailer->setSubject("Commentaires de validation {$this->type}");
$mailer->setFrom("validation+{$this->type}@{$globals->mail->domain}");
$mailer->addTo($globals->core->admin_email);
$body = "Validation {$this->type} pour {$this->user->login()}\n\n" . S::user()->login() . " a ajouté le commentaire :\n\n" . Env::v('comm') . "\n\n" . "cf la discussion sur : " . $globals->baseurl . "/admin/validate";
$mailer->setTxtBody(wordwrap($body));
$mailer->send();
$this->update();
$this->trigSuccess('Commentaire ajouté.');
return true;
}
if (Env::has('accept')) {
if ($this->commit()) {
$this->sendmail(true);
$this->clean();
$this->trigSuccess('Email de validation envoyé');
return true;
} else {
$this->trigError('Erreur lors de la validation');
return false;
}
}
if (Env::has('refuse')) {
if (Env::v('comm')) {
$this->sendmail(false);
$this->clean();
$this->trigSuccess('Email de refus envoyé.');
return true;
} else {
$this->trigError('Pas de motivation pour le refus !!!');
}
}
return false;
}
private function useMenu()
{
global $globals;
$menu = array();
$sub = array();
$sub['tous les groupes'] = 'plan';
$sub['documentation'] = 'Xnet';
if (S::user()->type == 'xnet') {
$sub['mon compte'] = 'edit';
$sub['mes préférences'] = $globals->xnet->xorg_baseurl . 'prefs';
}
$sub['signaler un bug'] = array('href' => 'send_bug/' . $_SERVER['REQUEST_URI'], 'class' => 'popup_840x600');
$menu["no_title"] = $sub;
$perms = S::v('perms');
$dim = $globals->asso('diminutif');
if (S::logged() && $globals->asso()) {
$sub = array();
$sub['présentation'] = "login/{$dim}/";
if ($perms->hasFlag('groupannu')) {
$sub['annuaire du groupe'] = "{$dim}/annuaire";
$sub['trombinoscope'] = "{$dim}/trombi";
}
if ($globals->asso('forum')) {
$sub['forum'] = "{$dim}/forum";
}
if ($perms->hasFlag('groupmember')) {
if ($globals->asso('mail_domain')) {
$sub['listes de diffusion'] = "{$dim}/lists";
}
if ($globals->asso('has_nl')) {
$sub['newsletter'] = "{$dim}/nl";
}
}
$sub['événement'] = "{$dim}/events";
if ($perms->hasFlag('groupadmin')) {
$sub['télépaiement'] = "{$dim}/payment";
}
$menu[$globals->asso('nom')] = $sub;
}
if ($globals->asso() && is_object($perms) && $perms->hasFlag('groupadmin')) {
$sub = array();
$sub['modifier l\'accueil'] = "{$dim}/edit";
$sub['gérer les annonces'] = "{$dim}/admin/announces";
if ($globals->asso('mail_domain')) {
if (!$globals->asso('disable_mails')) {
$sub['envoyer un mail'] = "{$dim}/mail";
}
$sub['créer une liste'] = "{$dim}/lists/create";
$sub['créer un alias'] = "{$dim}/alias/create";
}
if (!$globals->asso('has_nl')) {
$sub['créer la newsletter'] = "{$dim}/admin/nl/enable";
}
if (S::admin()) {
$sub['gérer les groupes'] = array('href' => 'admin', 'style' => 'color: gray;');
$sub['clear cache'] = array('href' => 'purge_cache?token=' . S::v('xsrf_token'), 'style' => 'color: gray;');
}
$menu['Administrer'] = $sub;
} elseif (S::admin()) {
$sub = array();
$sub['gérer les groupes'] = 'admin';
$sub['clear cache'] = 'purge_cache?token=' . S::v('xsrf_token');
$menu['Administrer'] = $sub;
}
$this->assign('menu', $menu);
}
function gpex_make($chlg, $privkey, $datafields, $charset)
{
$tohash = "1{$chlg}{$privkey}";
$params = "";
$fieldarr = explode(',', $datafields);
$user =& S::user();
if ($user->hasProfile()) {
/* Transition table for authentification. */
$personnal_data = $user->profile()->data();
$personnal_data['full_promo'] = $personnal_data['promo'];
$personnal_data['promo'] = $personnal_data['entry_year'];
$personnal_data['matricule'] = $personnal_data['xorg_id'];
$personnal_data['matricule_ax'] = $personnal_data['ax_id'];
$personnal_data['promo_sortie'] = $personnal_data['grad_year'];
$personnal_data['nationalite'] = $personnal_data['nationality1'];
$personnal_data['naissance'] = $personnal_data['birthdate'];
$personnal_data['deces'] = $personnal_data['deathdate'];
$personnal_data['nom'] = $personnal_data['lastname'];
$personnal_data['prenom'] = $personnal_data['firstname'];
$personnal_data['flags'] = $user->profile()->isFemale() ? 'femme' : '';
} else {
// Missing fields: promo, entry_year, grad_year, ax_id, xorg_id, forlife
$personnal_data = array('lastname' => $user->lastname, 'firstname' => $user->firstname, 'sex' => $user->gender);
}
foreach ($fieldarr as $val) {
// Determine the requested value, and add it to the answer.
if ($val == 'perms') {
$params .= gpex_prepare_param($val, S::admin() ? 'admin' : 'user', $tohash, $charset);
} else {
if ($val == 'forlife') {
$params .= gpex_prepare_param($val, S::v('hruid'), $tohash, $charset);
} else {
if (S::has($val)) {
$params .= gpex_prepare_param($val, S::v($val), $tohash, $charset);
} else {
if (isset($personnal_data[$val])) {
$params .= gpex_prepare_param($val, $personnal_data[$val], $tohash, $charset);
} else {
if ($val == 'username') {
$min_username = XDB::fetchOneCell('SELECT email
FROM email_source_account
WHERE uid = {?} AND FIND_IN_SET(\'bestalias\', flags)', S::i('uid'));
$params .= gpex_prepare_param($val, is_null($min_username) ? '' : $min_username, $tohash, $charset);
} else {
if ($val == 'grpauth') {
if (isset($_GET['group'])) {
$res = XDB::query("SELECT perms\n FROM group_members\n INNER JOIN groups ON(id = asso_id)\n WHERE uid = {?} AND diminutif = {?}", S::v('uid'), $_GET['group']);
$perms = $res->fetchOneCell();
} else {
// if no group asked, return main rights
$perms = S::admin() ? 'admin' : 'membre';
}
$params .= gpex_prepare_param($val, $perms, $tohash, $charset);
} else {
$params .= gpex_prepare_param($val, '', $tohash, $charset);
}
}
}
}
}
}
}
$tohash .= "1";
$auth = md5($tohash);
return array($auth, "&auth=" . $auth . $params);
}
function handler_edit($page)
{
global $globals;
$page->changeTpl('xnetgrp/edit.tpl');
$error = false;
if (S::admin()) {
$domains = XDB::iterator('SELECT *
FROM group_dom
ORDER BY nom');
$page->assign('domains', $domains);
$page->assign('super', true);
}
if (Post::has('submit')) {
S::assert_xsrf_token();
$flags = new PlFlagSet('wiki_desc');
$flags->addFlag('notif_unsub', Post::i('notif_unsub') == 1);
$site = Post::t('site');
if ($site && $site != "http://") {
$scheme = parse_url($site, PHP_URL_SCHEME);
if (!$scheme) {
$site = "http://" . $site;
}
} else {
$site = "";
}
$notify_all = Post::v('notify_all') ? true : false;
if (!$notify_all) {
$to_notify = array();
$uf = new UserFilter(new UFC_Group($globals->asso('id'), true));
$uids = $uf->getIds();
foreach ($uids as $uid) {
if (Post::b('to_notify_' . $uid)) {
$to_notify[] = $uid;
}
}
if (count($to_notify) == 0) {
$notify_all = true;
$page->trigWarning("Aucun animateur n'ayant été selectionné pour recevoir les demandes d'inscriptions, tous le seront.");
}
}
$flags->addFlag('notify_all', $notify_all);
if (S::admin()) {
$page->assign('super', true);
if (Post::v('mail_domain') && strstr(Post::v('mail_domain'), '.') === false) {
$page->trigError('Le domaine doit être un FQDN (aucune modification effectuée) !!!');
$error = true;
}
if (Post::t('nom') == '' || Post::t('diminutif') == '') {
$page->trigError('Ni le nom ni le diminutif du groupe ne peuvent être vide.');
$error = true;
}
if ($error) {
$page->assign('nom', Post::t('nom'));
$page->assign('diminutif', Post::t('diminutif'));
$page->assign('mail_domain', Post::t('mail_domain'));
$page->assign('cat', Post::v('cat'));
$page->assign('dom', Post::v('dom'));
$page->assign('ax', Post::v('ax'));
$page->assign('axDate', Post::t('axDate'));
$page->assign('site', $site);
$page->assign('resp', Post::t('resp'));
$page->assign('mail', Post::t('mail'));
$page->assign('phone', Post::t('phone'));
$page->assign('fax', Post::t('fax'));
$page->assign('address', Post::t('address'));
$page->assign('forum', Post::t('forum'));
$page->assign('inscriptible', Post::v('inscriptible'));
$page->assign('sub_url', Post::t('sub_url'));
$page->assign('unsub_url', Post::t('unsub_url'));
$page->assign('welcome_msg', Post::t('welcome_msg'));
$page->assign('pub', Post::v('pub'));
$page->assign('notif_unsub', Post::i('notif_unsub'));
$page->assign('descr', Post::t('descr'));
$page->assign('disable_mails', Post::b('disable_mails'));
$page->assign('status', Post::v('status'));
$page->assign('error', $error);
return;
}
$axDate = make_datetime(Post::v('axDate'));
if (Post::t('axDate') != '') {
$axDate = make_datetime(Post::v('axDate'))->format('Y-m-d');
} else {
$axDate = null;
}
XDB::execute("UPDATE groups\n SET nom={?}, diminutif={?}, cat={?}, dom={?},\n descr={?}, site={?}, mail={?}, resp={?},\n forum={?}, mail_domain={?}, ax={?}, axDate = {?}, pub={?},\n sub_url={?}, inscriptible={?}, unsub_url={?},\n flags = {?}, welcome_msg = {?}, disable_mails = {?},\n status = {?}\n WHERE id={?}", Post::v('nom'), Post::v('diminutif'), Post::v('cat'), Post::i('dom') == 0 ? null : Post::i('dom'), Post::v('descr'), $site, Post::v('mail'), Post::v('resp'), Post::v('forum'), Post::v('mail_domain'), Post::has('ax'), $axDate, Post::v('pub'), Post::v('sub_url'), Post::v('inscriptible'), Post::v('unsub_url'), $flags, Post::t('welcome_msg'), Post::b('disable_mails'), Post::v('status'), $globals->asso('id'));
if (Post::v('mail_domain')) {
XDB::execute('INSERT IGNORE INTO email_virtual_domains (name)
VALUES ({?})', Post::t('mail_domain'));
XDB::execute('UPDATE email_virtual_domains
SET aliasing = id
WHERE name = {?}', Post::t('mail_domain'));
}
} else {
XDB::execute("UPDATE groups\n SET descr={?}, site={?}, mail={?}, resp={?},\n forum={?}, pub= {?}, sub_url={?},\n unsub_url = {?}, flags = {?}, welcome_msg = {?},\n status = {?}\n WHERE id={?}", Post::v('descr'), $site, Post::v('mail'), Post::v('resp'), Post::v('forum'), Post::v('pub'), Post::v('sub_url'), Post::v('unsub_url'), $flags, Post::t('welcome_msg'), Post::v('status'), $globals->asso('id'));
}
Phone::deletePhones(0, Phone::LINK_GROUP, $globals->asso('id'));
$phone = new Phone(array('link_type' => 'group', 'link_id' => $globals->asso('id'), 'id' => 0, 'type' => 'fixed', 'display' => Post::v('phone'), 'pub' => 'public'));
$fax = new Phone(array('link_type' => 'group', 'link_id' => $globals->asso('id'), 'id' => 1, 'type' => 'fax', 'display' => Post::v('fax'), 'pub' => 'public'));
$phone->save();
$fax->save();
Address::deleteAddresses(null, Address::LINK_GROUP, null, $globals->asso('id'));
$address = new Address(array('groupid' => $globals->asso('id'), 'type' => Address::LINK_GROUP, 'text' => Post::v('address')));
$address->save();
if ($_FILES['logo']['name']) {
$upload = PlUpload::get($_FILES['logo'], $globals->asso('id'), 'asso.logo', true);
if (!$upload) {
$page->trigError("Impossible de télécharger le logo.");
} else {
XDB::execute('UPDATE groups
SET logo = {?}, logo_mime = {?}
WHERE id = {?}', $upload->getContents(), $upload->contentType(), $globals->asso('id'));
$upload->rm();
}
}
XDB::execute("UPDATE group_members\n SET flags = ''\n WHERE asso_id = {?}", $globals->asso('id'));
if (!$notify_all) {
XDB::execute("UPDATE group_members\n SET flags = 'notify'\n WHERE asso_id = {?} AND uid IN {?}", $globals->asso('id'), $to_notify);
}
pl_redirect('../' . Post::v('diminutif', $globals->asso('diminutif')) . '/edit');
}
$uf = new UserFilter(new UFC_Group($globals->asso('id'), true, UFC_Group::NOTIFIED));
$page->assign('notified', $uf->getUsers());
$uf = new UserFilter(new UFC_Group($globals->asso('id'), true, UFC_Group::UNNOTIFIED));
$page->assign('unnotified', $uf->getUsers());
$page->assign('error', $error);
$page->assign('cat', $globals->asso('cat'));
$page->assign('dom', $globals->asso('dom'));
$page->assign('ax', $globals->asso('ax'));
$page->assign('inscriptible', $globals->asso('inscriptible'));
$page->assign('pub', $globals->asso('pub'));
$page->assign('notif_unsub', $globals->asso('notif_unsub'));
$page->assign('notify_all', $globals->asso('notify_all'));
$page->assign('disable_mails', $globals->asso('disable_mails'));
$page->assign('status', $globals->asso('status'));
}
function kill_sessions()
{
assert(S::admin());
shell_exec('sudo -u root ' . dirname(dirname(__FILE__)) . '/bin/kill_sessions.sh');
}
protected function buildUFC(UserFilterBuilder $ufb)
{
$r = $s = $this->val;
/** Admin: Email, IP
*/
if (S::admin() && strpos($s, '@') !== false) {
return new UFC_Email($s);
} else {
if (S::admin() && preg_match('/[0-9]+\\.([0-9]+|%)\\.([0-9]+|%)\\.([0-9]+|%)/', $s)) {
return new UFC_Ip($s);
}
}
$conds = new PFC_And();
/** Name
*/
$s = preg_replace('!\\d+!', ' ', $s);
$strings = preg_split("![^a-z%]+!i", $s, -1, PREG_SPLIT_NO_EMPTY);
foreach ($strings as $key => $string) {
if (strlen($string) < 2) {
unset($strings[$key]);
}
}
if (count($strings) > 5) {
Platal::page()->trigWarning("Tu as indiqué trop d'éléments dans ta recherche, seuls les 5 premiers seront pris en compte");
$strings = array_slice($strings, 0, 5);
}
if (count($strings)) {
if (S::user() != null && S::user()->checkPerms('directory_private')) {
$flags = array();
} else {
$flags = array('public');
}
$exact = $ufb->b('exact');
$conds->addChild(new UFC_NameTokens($strings, $flags, $ufb->b('with_soundex'), $exact));
$ufb->addOrder(new UFO_Score());
}
/** Promo ranges
*/
$s = preg_replace('! *- *!', '-', $r);
$s = preg_replace('!([<>]) *!', ' \\1', $s);
$s = preg_replace('![^0-9xmd\\-><]!i', ' ', $s);
$s = preg_replace('![<>\\-] !', '', $s);
$ranges = preg_split('! +!', strtolower($s), -1, PREG_SPLIT_NO_EMPTY);
$grades = array('' => UserFilter::GRADE_ING, 'x' => UserFilter::GRADE_ING, 'm' => UserFilter::GRADE_MST, 'd' => UserFilter::GRADE_PHD);
foreach ($ranges as $r) {
if (preg_match('!^([xmd]?)(\\d{4})$!', $r, $matches)) {
$conds->addChild(new UFC_Promo('=', $grades[$matches[1]], $matches[2]));
} elseif (preg_match('!^([xmd]?)(\\d{4})-\\1(\\d{4})$!', $r, $matches)) {
$p1 = min(intval($matches[2]), intval($matches[3]));
$p2 = max(intval($matches[2]), intval($matches[3]));
$conds->addChild(new PFC_And(new UFC_Promo('>=', $grades[$matches[1]], $p1), new UFC_Promo('<=', $grades[$matches[1]], $p2)));
} elseif (preg_match('!^<([xmd]?)(\\d{4})!', $r, $matches)) {
$conds->addChild(new UFC_Promo('<=', $grades[$matches[1]], $matches[2]));
} elseif (preg_match('!^>([xmd]?)(\\d{4})!', $r, $matches)) {
$conds->addChild(new UFC_Promo('>=', $grades[$matches[1]], $matches[2]));
}
}
/** Phone number
*/
$t = preg_replace('!([xmd]?\\d{4}-|>|<|)[xmd]?\\d{4}!i', '', $s);
$t = preg_replace('![<>\\- ]!', '', $t);
if (strlen($t) > 4) {
$conds->addChild(new UFC_Phone($t));
}
return $conds;
}
public static function _default_user_callback($login, $results)
{
$result_count = count($results);
if ($result_count == 0 || !S::admin()) {
Platal::page()->trigError("Il n'y a pas d'utilisateur avec l'identifiant : {$login}");
} else {
Platal::page()->trigError("Il y a {$result_count} utilisateurs avec cet identifiant : " . join(', ', $results));
}
}
function check_surveyPerms($page, $survey, $silent = false, $admin_allowed = true)
{
$this->load('survey.inc.php');
if ($survey->isMode(Survey::MODE_ALL)) {
// if the survey is not reserved to alumni
return true;
}
if (!S::logged()) {
return false;
}
$profile = S::user()->profile();
if (!$profile) {
return false;
}
// checks promotion
$allowed = false;
foreach ($profile->yearspromo() as $p) {
if ($survey->checkPromo($p)) {
$allowed = true;
break;
}
}
if ($allowed) {
return true;
}
if (S::admin() && $admin_allowed) {
if (!$silent) {
$page->trigWarning('Tu as accès à ce sondage car tu es administrateur du site.');
}
return true;
}
if (!$silent) {
$page->kill("Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions.");
}
return false;
}
public function save(ProfilePage $page, $field, $value)
{
Phone::deletePhones($page->pid(), Phone::LINK_PROFILE, null, S::user()->isMe($page->owner) || S::admin());
Phone::savePhones($value, $page->pid(), Phone::LINK_PROFILE);
}
function hook_checkcancel($_headers)
{
return $_headers['x-org-id'] == S::v('hruid') or S::admin();
}
public static function get_allowed_storages(User $user)
{
global $globals;
$storages = array();
// Google Apps storage is available for users with valid Google Apps account.
require_once 'googleapps.inc.php';
if ($user->checkPerms('gapps') && $globals->mailstorage->googleapps_domain && GoogleAppsAccount::account_status($user->id()) == 'active') {
$storages[] = 'googleapps';
}
// IMAP storage is always visible to administrators, and is allowed for
// everyone when the service is marked as 'active'.
if ($globals->mailstorage->imap_active || S::admin()) {
$storages[] = 'imap';
}
return $storages;
}
function make_Organization()
{
global $globals;
$perms = S::v('perms');
$group = $globals->asso('nom');
if (S::admin()) {
return "Administrateur de Polytechnique.org";
} else {
if ($group && $perms->hasFlag('groupadmin')) {
return "Animateur de {$group}";
} else {
if ($group && $perms->hasFlag('groupmember')) {
return "Membre de {$group}";
}
}
}
return "Utilisateur de Polytechnique.org";
}
function handler_test($page, $hruid = null)
{
require_once 'emails.inc.php';
if (!S::has_xsrf_token()) {
return PL_FORBIDDEN;
}
// Retrieves the User object for the test email recipient.
if (S::admin() && $hruid) {
$user = User::getSilent($hruid);
} else {
$user = S::user();
}
if (!$user) {
return PL_NOT_FOUND;
}
// Sends the test email.
$redirect = new Redirect($user);
$mailer = new PlMailer('emails/test.mail.tpl');
$mailer->assign('email', $user->bestEmail());
$mailer->assign('redirects', $redirect->active_emails());
$mailer->assign('display_name', $user->displayName());
$mailer->assign('sexe', $user->isFemale());
$mailer->send($user->isEmailFormatHtml());
exit;
}
/** Return administration rights for the current asso
* @param force Force administration rights to be read from database
* @param lose Force administration rights to be false
*/
function may_update($force = false, $lose = false)
{
if (!isset($_SESSION['may_update'])) {
$_SESSION['may_update'] = array();
}
$may_update =& $_SESSION['may_update'];
global $globals;
$asso_id = $globals->asso('id');
if (!$asso_id) {
return false;
} elseif ($lose) {
$may_update[$asso_id] = false;
} elseif (S::admin() || S::suid() && $force) {
$may_update[$asso_id] = true;
} elseif (!isset($may_update[$asso_id]) || $force) {
$res = XDB::query("SELECT perms\n FROM group_members\n WHERE uid={?} AND asso_id={?}", S::v('uid'), $asso_id);
$may_update[$asso_id] = $res->fetchOneCell() == 'admin';
}
return $may_update[$asso_id];
}
/** $model is the way of presenting the results: minifiche, trombi, geoloc.
*/
function handler_advanced($page, $model = null, $byletter = null)
{
global $globals;
$page->addJsLink('jquery.ui.xorg.js');
$page->addJsLink('search.js');
$page->assign('advanced', 1);
$networks = DirEnum::getOptions(DirEnum::NETWORKS);
$networks[-1] = 'Tous types';
$networks[0] = '-';
ksort($networks);
$page->assign('networking_types', $networks);
$origin_corps_list = DirEnum::getOptions(DirEnum::ORIGINCORPS);
$current_corps_list = DirEnum::getOptions(DirEnum::CURRENTCORPS);
$corps_rank_list = DirEnum::getOptions(DirEnum::CORPSRANKS);
$origin_corps_list[0] = '-';
$current_corps_list[0] = '-';
$corps_rank_list[0] = '-';
ksort($origin_corps_list);
ksort($current_corps_list);
ksort($corps_rank_list);
$page->assign('origin_corps_list', $origin_corps_list);
$page->assign('current_corps_list', $current_corps_list);
$page->assign('corps_rank_list', $corps_rank_list);
if (!Env::has('rechercher') && $model != 'geoloc') {
$this->form_prepare();
} else {
if (!Env::has('page')) {
S::logger()->log('search', 'adv=' . var_export($_GET, true));
}
require_once 'userset.inc.php';
// Enable X.org fields for X.org admins, and AX fields for AX secretaries.
$view = new AdvancedSearchSet(S::admin(), S::user()->checkPerms(User::PERM_EDIT_DIRECTORY));
if (!$view->isValid()) {
$this->form_prepare();
$page->trigError('Recherche invalide.');
} else {
$view->addMod('minifiche', 'Mini-fiches', true, array('starts_with' => $byletter));
$view->addMod('trombi', 'Trombinoscope', false, array('with_promo' => true));
$view->addMod('map', 'Planisphère');
if (S::user()->checkPerms(User::PERM_EDIT_DIRECTORY) || S::admin()) {
$view->addMod('addresses', 'Adresses postales', false);
}
$view->apply('search/adv', $page, $model);
$nb_tot = $view->count();
if ($nb_tot > $globals->search->private_max) {
$this->form_prepare();
if ($model != 'addresses' && (S::user()->checkPerms(User::PERM_EDIT_DIRECTORY) || S::admin())) {
$page->assign('suggestAddresses', true);
}
$page->trigError('Recherche trop générale.');
} else {
if ($nb_tot == 0) {
$this->form_prepare();
$page->trigError('Il n\'existe personne correspondant à ces critères dans la base !');
}
}
}
}
$page->changeTpl('search/index.tpl', $model == 'mini' ? SIMPLE : SKINNED);
$page->assign('public_directory', 0);
}