private function load_skin()
{
global $globals;
//Force h4ck3s (reloaded)
/*
$gf = new GroupFilter((Group::isId('h4ck3s')) ? new GFC_Id('h4ck3s') : new GFC_Name('h4ck3s'));
$group = $gf->get(true);
if(!S::user()->hasRights($group, new Rights('member')) && !isSmartphone()){
S::set('skin', 'default.h4ck3s');
}
*/
if (!S::has('skin') || S::v('skin') == "") {
if (Cookie::has('skin')) {
$skin = Cookie::v('skin');
} else {
$skin = isSmartphone() ? $globals->smartphone_skin : $globals->skin;
}
S::set('skin', $skin);
} else {
$skin = S::v('skin');
if (S::v('auth') >= AUTH_COOKIE && Cookie::v('skin') != $skin) {
Cookie::set('skin', $skin, 300);
}
}
return $skin;
}
function handler_exit($page, $level = null)
{
global $globals;
if (S::has('suid')) {
Platal::session()->stopSUID();
pl_redirect('/');
}
Platal::session()->destroy();
http_redirect($globals->baseurl_http);
$page->changeTpl('exit.tpl');
}
private static function init($type)
{
if (Platal::globals()->cacheEnabled() && S::has('__DE_' . $type)) {
self::$enumerations[$type] = S::v('__DE_' . $type);
} else {
$cls = "DE_" . ucfirst($type);
$obj = new $cls();
self::$enumerations[$type] = $obj;
if (Platal::globals()->cacheEnabled() && $obj->capabilities & DirEnumeration::SAVE_IN_SESSION) {
S::set('__DE_' . $type, $obj);
}
}
}
function handler_su($page, $uid = null)
{
if (S::has('suid')) {
$page->kill("Déjà en SUID !!!");
}
if ($uid === null) {
throw new Exception("You forgot to pass the uid you want to impersonate");
}
$user = new UserFilter(new UFC_Uid($uid));
$user = $user->get(true);
if ($user !== false) {
$user->select(UserSelect::login());
if (!Platal::session()->startSUID($user)) {
$page->trigError('Impossible d\'effectuer un SUID sur ' . $uid);
} else {
S::logger()->log('admin/su', array('uid' => $user->id()));
pl_redirect('home');
}
} else {
throw new Exception("Impossible de faire un SUID sur " . $uid);
}
}
public function setSkin()
{
if (S::logged() && (!S::has('skin') || S::suid())) {
$res = XDB::query('SELECT skin_tpl
FROM accounts AS a
INNER JOIN skins AS s on (a.skin = s.id)
WHERE a.uid = {?} AND skin_tpl != \'\'', S::i('uid'));
S::set('skin', $res->fetchOneCell());
}
}
function handler_edit($page, $action = 'show', $qid = 'root')
{
$this->load('survey.inc.php');
$action = Post::v('survey_action', $action);
$qid = Post::v('survey_qid', $qid);
if (Post::has('survey_cancel')) {
// after cancelling changes, shows the survey
if (S::has('survey')) {
$action = 'show';
} else {
// unless no editing has been done at all (shows to the surveys index page)
return $this->handler_index($page);
}
}
$page->assign('survey_editmode', true);
if (S::has('survey_id')) {
// if 'survey_id' is in session, it means we are modifying a survey in admin mode
$page->assign('survey_updatemode', true);
}
if ($action == 'show' && !S::has('survey')) {
$action = 'new';
}
if ($action == 'question') {
// {{{ modifies an existing question
if (Post::has('survey_submit')) {
// if the form has been submitted, makes the modifications
$survey = unserialize(S::v('survey'));
$args = Post::v('survey_question');
if (!$survey->editQuestion($qid, $args)) {
// update the survey object structure
return $this->show_error($page, '', 'survey/edit');
}
$this->show_survey($page, $survey);
$this->store_session($survey);
} else {
// if a form has not been submitted, shows modification form
$survey = unserialize(S::v('survey'));
$current = $survey->toArray($qid);
// gets the current parameters of the question
if ($current == null) {
return $this->show_error($page, '', 'survey/edit');
}
$this->show_form($page, $action, $qid, $current['type'], $current);
}
// }}}
} elseif ($action == 'new') {
// {{{ create a new survey : actually store the root question
if (Post::has('survey_submit')) {
// if the form has been submitted, creates the survey
$this->clear_session();
$survey = new Survey(Post::v('survey_question'));
// creates the object structure
$this->show_survey($page, $survey);
$this->store_session($survey);
} else {
$this->clear_session();
$this->show_form($page, $action, 'root', 'newsurvey');
}
// }}}
} elseif ($action == 'add') {
// {{{ adds a new question
if (Post::has('survey_submit')) {
// if the form has been submitted, adds the question
$survey = unserialize(S::v('survey'));
if (!$survey->addQuestion($qid, $survey->factory(Post::v('survey_type'), Post::v('survey_question')))) {
return $this->show_error($page, '', 'survey/edit');
}
$this->show_survey($page, $survey);
$this->store_session($survey);
} else {
$this->show_form($page, $action, $qid);
}
// }}}
} elseif ($action == 'del') {
// {{{ deletes a question
if (Post::has('survey_submit')) {
// if a confirmation has been sent, deletes the question
$survey = unserialize(S::v('survey'));
if (!$survey->delQuestion(Post::v('survey_qid'))) {
// deletes the node in the survey object structure
return $this->show_error($page, '', 'survey/edit');
}
$this->show_survey($page, $survey);
$this->store_session($survey);
} else {
// if user has not confirmed, shows a confirmation form
$survey = unserialize(S::v('survey'));
$current = $survey->toArray($qid);
// needed to get the title of the question to delete (more user-friendly than an id)
if ($current == null) {
return $this->show_error($page, '', 'survey/edit');
}
$this->show_confirm($page, 'Êtes-vous certain de vouloir supprimer la question intitulé "' . $current['question'] . '" ? ' . 'Attention, cela supprimera en même temps toutes les questions qui dépendent de celle-ci.', 'edit', array('action' => 'del', 'qid' => $qid));
}
// }}}
} elseif ($action == 'show') {
// {{{ simply shows the survey in its current state
$this->show_survey($page, unserialize(S::v('survey')));
// }}}
} elseif ($action == 'valid') {
// {{{ validates the proposition, i.e stores the proposition in the database
// but an admin will still need to validate the survey before it is activated
if (Post::has('survey_submit')) {
// needs a confirmation before storing the proposition
$survey = unserialize(S::v('survey'));
if (S::has('survey_id')) {
// if 'survey_id' is in session, we are modifying an existing survey (in admin mode) instead of proposing a new one
$link = S::has('survey_validate') ? 'admin/validate' : 'survey/admin';
if ($survey->updateSurvey()) {
// updates the database according the new survey object structure
$this->show_success($page, "Les modifications sur le sondage ont bien été enregistrées.", $link);
} else {
$this->show_error($page, '', $link);
}
} else {
// if no 'survey_id' is in session, we are indeed proposing a new survey
if ($survey->proposeSurvey()) {
// stores the survey object structure in database
$this->show_success($page, "Votre proposition de sondage a bien été enregistrée,\n elle est en attente de validation par un administrateur du site.", 'survey');
} else {
$this->show_error($page, '', 'survey');
}
}
$this->clear_session();
} else {
// asks for a confirmation if it has not been sent
$survey = unserialize(S::v('survey'));
$errors = $survey->checkSyntax();
if (!is_null($errors)) {
$this->show_error($page, "", 'survey/edit', $errors);
} else {
if (S::has('survey_id')) {
$this->show_confirm($page, "Veuillez confirmer l'enregistrement des modifications apportées à ce sondage.", 'edit', array('action' => 'valid'));
} else {
$this->show_confirm($page, "Veuillez confirmer l'envoi de cette proposition de sondage.", 'edit', array('action' => 'valid'));
}
}
}
// }}}
} elseif ($action == 'cancel') {
// {{{ cancels the creation/modification of a survey
if (Post::has('survey_submit')) {
// needs a confirmation
if (S::has('survey_id')) {
// only possible when modifying a survey in admin mode
if (S::has('survey_validate')) {
// if a link has been supplied, uses it
$this->clear_session();
return $this->show_success($page, "Les modifications effectuées ont été annulées", 'admin/validate');
} else {
// else shows the admin index
$this->clear_session();
return $this->handler_admin($page);
}
} else {
$this->clear_session();
return $this->handler_index($page);
// else shows the 'normal' index
}
} else {
// asks for a confirmation if it has not been sent
$this->show_confirm($page, "Êtes-vous certain de vouloir annuler totalement l'édition de ce sondage ? Attention, " . "toutes les données éditées jusque là seront définitivement perdues.", 'edit', array('action' => $action));
}
}
// }}}
}
public static function getSilentWithValues($login, $values)
{
global $globals;
if ($login == 0) {
// If the anonymous_user is already in session
if (S::has('anonymous_user')) {
return S::v('anonymous_user');
}
$uid = IPAddress::getInstance()->is_x_internal() ? $globals->anonymous->internal : $globals->anonymous->external;
S::set('newuid', $uid);
try {
$u = new User($uid);
$u->select(UserSelect::login());
} catch (Exception $e) {
S::kill('newuid');
throw $e;
}
S::kill('newuid');
S::set('anonymous_user', $u);
return $u;
}
throw new Exception('DEPRECATED call to getSilentWithValues()');
}
function gpex_make($chlg, $privkey, $datafields, $charset)
{
$tohash = "1{$chlg}{$privkey}";
$params = "";
$fieldarr = explode(',', $datafields);
$user =& S::user();
if ($user->hasProfile()) {
/* Transition table for authentification. */
$personnal_data = $user->profile()->data();
$personnal_data['full_promo'] = $personnal_data['promo'];
$personnal_data['promo'] = $personnal_data['entry_year'];
$personnal_data['matricule'] = $personnal_data['xorg_id'];
$personnal_data['matricule_ax'] = $personnal_data['ax_id'];
$personnal_data['promo_sortie'] = $personnal_data['grad_year'];
$personnal_data['nationalite'] = $personnal_data['nationality1'];
$personnal_data['naissance'] = $personnal_data['birthdate'];
$personnal_data['deces'] = $personnal_data['deathdate'];
$personnal_data['nom'] = $personnal_data['lastname'];
$personnal_data['prenom'] = $personnal_data['firstname'];
$personnal_data['flags'] = $user->profile()->isFemale() ? 'femme' : '';
} else {
// Missing fields: promo, entry_year, grad_year, ax_id, xorg_id, forlife
$personnal_data = array('lastname' => $user->lastname, 'firstname' => $user->firstname, 'sex' => $user->gender);
}
foreach ($fieldarr as $val) {
// Determine the requested value, and add it to the answer.
if ($val == 'perms') {
$params .= gpex_prepare_param($val, S::admin() ? 'admin' : 'user', $tohash, $charset);
} else {
if ($val == 'forlife') {
$params .= gpex_prepare_param($val, S::v('hruid'), $tohash, $charset);
} else {
if (S::has($val)) {
$params .= gpex_prepare_param($val, S::v($val), $tohash, $charset);
} else {
if (isset($personnal_data[$val])) {
$params .= gpex_prepare_param($val, $personnal_data[$val], $tohash, $charset);
} else {
if ($val == 'username') {
$min_username = XDB::fetchOneCell('SELECT email
FROM email_source_account
WHERE uid = {?} AND FIND_IN_SET(\'bestalias\', flags)', S::i('uid'));
$params .= gpex_prepare_param($val, is_null($min_username) ? '' : $min_username, $tohash, $charset);
} else {
if ($val == 'grpauth') {
if (isset($_GET['group'])) {
$res = XDB::query("SELECT perms\n FROM group_members\n INNER JOIN groups ON(id = asso_id)\n WHERE uid = {?} AND diminutif = {?}", S::v('uid'), $_GET['group']);
$perms = $res->fetchOneCell();
} else {
// if no group asked, return main rights
$perms = S::admin() ? 'admin' : 'membre';
}
$params .= gpex_prepare_param($val, $perms, $tohash, $charset);
} else {
$params .= gpex_prepare_param($val, '', $tohash, $charset);
}
}
}
}
}
}
}
$tohash .= "1";
$auth = md5($tohash);
return array($auth, "&auth=" . $auth . $params);
}
/** Start a session as user $user
*/
protected function startSessionAs($user, $level)
{
/* Session data and required data mismatch */
if (!is_null(S::v('user')) && S::v('user')->id() != $user->id() || S::has('uid') && S::i('uid') != $user->id()) {
return false;
} else {
if (S::has('uid')) {
return true;
}
}
/* If we want to do a SUID */
if ($level == AUTH_SUID) {
S::set('auth', AUTH_MDP);
}
S::set('user', $user);
S::set('uid', $user->id());
if (!isSmartphone()) {
S::set('skin', $user->skin());
}
if (!S::suid()) {
if (Post::v('remember', 'false') == 'on') {
$this->setAccessCookie(false);
}
S::logger()->saveLastSession();
} else {
S::logger()->log("suid_start", S::v('hruid') . ' by ' . S::suid('hruid'));
}
// Set session perms from User perms
S::set('perms', $user->perms());
/* Clean temp var 'cookie_uid' */
S::kill('cookie_uid');
return true;
}