public static function fetchById($id) { $res = XDB::fetchOneAssoc('SELECT id, shortname, name, url, has_directory, has_bulkmail, default_sharing_level, api_uid FROM profile_partnersharing_enum WHERE id = {?}', $id); if ($res == null) { return null; } else { return new PartnerSharing($res); } }
function handler_picture_token(PlPage $page, $size, $token) { XDB::rawExecute('DELETE FROM profile_photo_tokens WHERE expires <= NOW()'); $pid = XDB::fetchOneCell('SELECT pid FROM profile_photo_tokens WHERE token = {?}', $token); if ($pid != null) { $res = XDB::fetchOneAssoc('SELECT attach, attachmime, x, y, last_update FROM profile_photos WHERE pid = {?}', $pid); $photo = PlImage::fromData($res['attach'], 'image/' . $res['attachmime'], $res['x'], $res['y'], $res['last_update']); $photo->send(); } else { return PL_NOT_FOUND; } }
function get_event_detail($eid, $item_id = false, $asso_id = null) { global $globals; if (is_null($asso_id)) { $asso_id = $globals->asso('id'); } if (!$item_id) { $where = ''; $group_by = 'e.eid'; } else { $where = XDB::format(' AND ei.item_id = {?}', $item_id); $group_by = 'ei.item_id'; } $evt = XDB::fetchOneAssoc('SELECT SUM(nb) AS nb_tot, COUNT(DISTINCT ep.uid) AS nb, e.*, SUM(IF(nb > 0, 1, 0)) AS user_count, IF(e.deadline_inscription, e.deadline_inscription >= LEFT(NOW(), 10), 1) AS inscr_open, LEFT(e.debut, 10) AS first_day, LEFT(e.fin, 10) AS last_day, LEFT(NOW(), 10) AS now, ei.titre, e.subscription_notification FROM group_events AS e INNER JOIN group_event_items AS ei ON (e.eid = ei.eid) LEFT JOIN group_event_participants AS ep ON(e.eid = ep.eid AND ei.item_id = ep.item_id) WHERE (e.eid = {?} OR e.short_name = {?}) AND e.asso_id = {?}' . $where . ' GROUP BY ' . $group_by, $eid, $eid, $asso_id); if (!$evt) { return null; } if ($GLOBALS['IS_XNET_SITE'] && $evt['accept_nonmembre'] == 0 && !is_member() && !may_update()) { return false; } if (!$item_id) { /* Don't try to be to smart here, in case we're getting the global summary, we cannot have * a general formula to estimate the total number of comers since 'moments' may (or may not be) * disjuncted. As a consequence, we can only provides the number of user having fullfiled the * registration procedure. */ $evt['user_count'] = $evt['nb_tot'] = $evt['nb']; $evt['titre'] = ''; $evt['item_id'] = 0; $evt['csv_name'] = urlencode($evt['intitule']); } else { $evt['csv_name'] = urlencode($evt['intitule'] . '.' . $evt['titre']); } $evt['moments'] = XDB::fetchAllAssoc('SELECT titre, details, montant, ei.item_id, nb, ep.paid, FIND_IN_SET(\'notify_payment\', ep.flags) AS notify_payment FROM group_event_items AS ei LEFT JOIN group_event_participants AS ep ON (ep.eid = ei.eid AND ep.item_id = ei.item_id AND uid = {?}) WHERE ei.eid = {?}', S::i('uid'), $evt['eid']); $evt['topay'] = 0; $evt['paid'] = 0; $evt['notify_payment'] = false; foreach ($evt['moments'] as $m) { $evt['topay'] += $m['nb'] * $m['montant']; if ($m['montant']) { $evt['money'] = true; } $evt['paid'] += $m['paid']; $evt['notify_payment'] = $evt['notify_payment'] || $m['notify_payment']; } $montant = XDB::fetchOneCell('SELECT SUM(amount) AS sum_amount FROM payment_transactions AS t WHERE status = "confirmed" AND ref = {?} AND uid = {?}', $evt['paiement_id'], S::v('uid')); $evt['telepaid'] = $montant; $evt['paid'] += $montant; $evt['organizer'] = User::getSilent($evt['uid']); $evt['date'] = make_event_date($evt['debut'], $evt['fin']); $evt['show_participants'] = $evt['show_participants'] && $GLOBALS['IS_XNET_SITE'] && (is_member() || may_update()); return $evt; }
function handler_register_ext($page, $hash = null) { XDB::execute('DELETE FROM register_pending_xnet WHERE DATE_SUB(NOW(), INTERVAL 1 MONTH) > date'); $res = XDB::fetchOneAssoc('SELECT uid, hruid, email FROM register_pending_xnet WHERE hash = {?}', $hash); if (is_null($hash) || is_null($res)) { $page->trigErrorRedirect('Cette adresse n\'existe pas ou n\'existe plus sur le serveur.', ''); } if (Post::has('pwhash') && Post::t('pwhash')) { XDB::startTransaction(); XDB::query('UPDATE accounts SET password = {?}, state = \'active\', registration_date = NOW() WHERE uid = {?} AND state = \'pending\' AND type = \'xnet\'', Post::t('pwhash'), $res['uid']); XDB::query('DELETE FROM register_pending_xnet WHERE uid = {?}', $res['uid']); XDB::commit(); S::logger($res['uid'])->log('passwd', ''); // Try to start a session (so the user don't have to log in); we will use // the password available in Post:: to authenticate the user. Post::kill('wait'); Platal::session()->startAvailableAuth(); $page->changeTpl('xnet/register.success.tpl'); $page->assign('email', $res['email']); } else { $page->changeTpl('platal/password.tpl'); $page->assign('xnet', true); $page->assign('hruid', $res['hruid']); $page->assign('do_auth', 1); } }
/** Get watch informations */ private function fetchWatchData() { if (isset($this->watch_actions)) { return; } $watch = XDB::fetchOneAssoc('SELECT flags AS watch_flags, actions AS watch_actions, UNIX_TIMESTAMP(last) AS watch_last FROM watch WHERE uid = {?}', $this->id()); $watch['watch_flags'] = new PlFlagSet($watch['watch_flags']); $watch['watch_actions'] = new PlFlagSet($watch['watch_actions']); $watch['watch_promos'] = XDB::fetchColumn('SELECT promo FROM watch_promo WHERE uid = {?}', $this->id()); $watch['watch_groups'] = XDB::fetchColumn("SELECT w.groupid\n FROM watch_group AS w\n INNER JOIN groups AS g ON (w.groupid = g.id AND NOT FIND_IN_SET('private', pub))\n WHERE w.uid = {?}", $this->id()); $watch['watch_users'] = XDB::fetchColumn('SELECT ni_id FROM watch_nonins WHERE uid = {?}', $this->id()); $this->fillFromArray($watch); }
function handler_admin_name($page, $hruid = null) { $page->changeTpl('admin/admin_name.tpl'); if (Post::has('id')) { $user = User::get(Post::t('id')); if (is_null($user)) { $page->trigError("L'identifiant donné ne correspond à personne ou est ambigu."); exit; } pl_redirect('admin/name/' . $user->hruid); } $user = User::getSilent($hruid); if (!is_null($user)) { require_once 'name.func.inc.php'; if ($user->hasProfile()) { $name_types = array('lastname_main' => 'Nom patronymique', 'lastname_marital' => 'Nom marital', 'lastname_ordinary' => 'Nom usuel', 'firstname_main' => 'Prénom', 'firstname_ordinary' => 'Prénom usuel', 'pseudonym' => 'Pseudonyme'); $names = XDB::fetchOneAssoc('SELECT lastname_main, lastname_marital, lastname_ordinary, firstname_main, firstname_ordinary, pseudonym FROM profile_public_names WHERE pid = {?}', $user->profile()->id()); } else { $name_types = array('lastname' => 'Nom', 'firstname' => 'Prénom'); $names = XDB::fetchOneAssoc('SELECT lastname, firstname FROM accounts WHERE uid = {?}', $user->id()); } if (Post::has('correct')) { $new_names = array(); $update = true; foreach ($name_types as $key => $fullname) { $new_names[$key] = Post::t($key); if (mb_strtolower($new_names[$key]) != mb_strtolower($names[$key])) { $update = false; } } if ($update) { if ($user->hasProfile()) { update_public_names($user->profile()->id(), $new_names); update_display_names($user->profile(), $new_names); } else { $new_names['full_name'] = build_full_name($new_names['firstname'], $new_names['lastname']); $new_names['directory_name'] = build_directory_name($new_names['firstname'], $new_names['lastname']); $new_names['sort_name'] = build_sort_name($new_names['firstname'], $new_names['lastname']); XDB::execute('UPDATE accounts SET lastname = {?}, firstname = {?}, full_name = {?}, directory_name = {?}, sort_name = {?} WHERE uid = {?}', $new_names['lastname'], $new_names['firstname'], $new_names['full_name'], $new_names['directory_name'], $new_names['sort_name'], $user->id()); } $page->trigSuccess('Mise à jour réussie.'); } else { $page->trigError('Seuls des changements de casse sont autorisés ici.'); } } if ($user->hasProfile()) { $names = XDB::fetchOneAssoc('SELECT lastname_main, lastname_marital, lastname_ordinary, firstname_main, firstname_ordinary, pseudonym FROM profile_public_names WHERE pid = {?}', $user->profile()->id()); } else { $names = XDB::fetchOneAssoc('SELECT lastname, firstname FROM accounts WHERE uid = {?}', $user->id()); } foreach ($names as $key => $name) { $names[$key] = array('value' => $name, 'standard' => capitalize_name($name)); $names[$key]['different'] = $names[$key]['value'] != $names[$key]['standard']; } $page->assign('uid', $user->id()); $page->assign('hruid', $user->hruid); $page->assign('names', $names); $page->assign('name_types', $name_types); } }
/** * Upate the denormalized flag which is used to mark the best mail to use * when sending postal mail * * Call with $fake to true to only get which address would be selected, * without updating anything in the database. * Returns an array describing the selected profile address */ public static function updateBestMail($pid, $fake = false) { if (!$fake) { XDB::execute("UPDATE profile_addresses\n SET flags = REPLACE(flags, 'dn_best_mail', '')\n WHERE pid = {?}", $pid); } /* Following order is selected to find the best mail: * * Use addresses without the deliveryIssue flag if possible. * * Among these, use addresses flagged as "current". * * If there is no such addresses or several ones, prefer those * without "secondary" flag. * * If there are still several addresses in the selection, try not * to select the ones with "job" type. */ $best_mail = XDB::fetchOneAssoc("SELECT pid, jobid, groupid, type, id, flags\n FROM profile_addresses\n WHERE FIND_IN_SET('mail', flags) AND pid = {?}\n ORDER BY FIND_IN_SET('deliveryIssue', flags),\n NOT FIND_IN_SET('current', flags),\n FIND_IN_SET('secondary', flags), type = 'job'\n LIMIT 1", $pid); if (!$fake && $best_mail) { XDB::execute("UPDATE profile_addresses\n SET flags = CONCAT(flags, ',dn_best_mail')\n WHERE pid = {?} AND jobid = {?} AND groupid = {?} AND type = {?} AND id = {?}", $best_mail['pid'], $best_mail['jobid'], $best_mail['groupid'], $best_mail['type'], $best_mail['id']); } return $best_mail; }
public function save(ProfilePage $page, $field, $value) { require_once 'name.func.inc.php'; $old = XDB::fetchOneAssoc('SELECT lastname_main, lastname_marital, lastname_ordinary, firstname_main, firstname_ordinary, pseudonym FROM profile_public_names WHERE pid = {?}', $page->pid()); if ($has_diff = $this->diff($page->pid(), $old, $value['public_names'])) { $new_names = new NamesReq(S::user(), $page->profile, $value['public_names'], $old); $new_names->submit(); Platal::page()->assign('validation', true); Platal::page()->trigWarning('La demande de modification des noms a bien été prise en compte.' . ' Un email sera envoyé dès que ces changements auront été effectués.'); } XDB::execute('DELETE FROM profile_private_names WHERE pid = {?}', $page->pid()); $values = array(); $nickname = $lastname = $firstname = 0; if (isset($value['private_names'])) { foreach ($value['private_names'] as $name) { $values[] = XDB::format('({?}, {?}, {?}, {?})', $page->pid(), $name['type'], ${$name}['type']++, $name['name']); } } if (count($values)) { XDB::rawExecute('INSERT INTO profile_private_names (pid, type, id, name) VALUES ' . implode(',', $values)); } if ($has_diff) { update_display_names($page->profile, $old, $value['private_names']); } else { update_display_names($page->profile, $value['public_names'], isset($value['private_names']) ? $value['private_names'] : null); } }
public function getPhoto($fallback = true, $data = false) { if ($this->has_photo) { if ($data && ($this->photo == null || $this->photo->mimeType == null)) { $res = XDB::fetchOneAssoc('SELECT attach, attachmime, x, y, last_update FROM profile_photos WHERE pid = {?}', $this->pid); $this->photo = PlImage::fromData($res['attach'], 'image/' . $res['attachmime'], $res['x'], $res['y'], $res['last_update']); } else { if ($this->photo == null) { $this->photo = PlImage::fromData(null, null, $this->photo_width, $this->photo_height); } } return $this->photo; } else { if ($fallback) { if ($this->mainEducation() == 'X') { return PlImage::fromFile(dirname(__FILE__) . '/../htdocs/images/none_x.png', 'image/png'); } return PlImage::fromFile(dirname(__FILE__) . '/../htdocs/images/none_md.png', 'image/png'); } } return null; }
function handler_send($page) { $page->changeTpl('emails/send.tpl'); $page->setTitle('Envoyer un email'); // action si on recoit un formulaire if (Post::has('save')) { if (!S::has_xsrf_token()) { return PL_FORBIDDEN; } unset($_POST['save']); if (trim(preg_replace('/-- .*/', '', Post::v('contenu'))) != "") { Post::set('to_contacts', explode(';', Post::s('to_contacts'))); Post::set('cc_contacts', explode(';', Post::s('cc_contacts'))); $data = serialize($_POST); XDB::execute('INSERT INTO email_send_save (uid, data) VALUES ({?}, {?}) ON DUPLICATE KEY UPDATE data = VALUES(data)', S::user()->id('uid'), $data); } exit; } else { if (Env::v('submit') == 'Envoyer') { S::assert_xsrf_token(); function getEmails($aliases) { if (!is_array($aliases)) { return null; } $uf = new UserFilter(new UFC_Hrpid($aliases)); $users = $uf->iterUsers(); $ret = array(); while ($user = $users->next()) { $ret[] = $user->forlife; } return join(', ', $ret); } $error = false; foreach ($_FILES as &$file) { if ($file['name'] && !PlUpload::get($file, S::user()->login(), 'emails.send', false)) { $page->trigError(PlUpload::$lastError); $error = true; break; } } if (!$error) { XDB::execute("DELETE FROM email_send_save\n WHERE uid = {?}", S::user()->id()); $to2 = getEmails(Env::v('to_contacts')); $cc2 = getEmails(Env::v('cc_contacts')); $txt = str_replace('^M', '', Env::v('contenu')); $to = str_replace(';', ',', Env::t('to')); $subj = Env::t('sujet'); $from = Env::t('from'); $cc = str_replace(';', ',', Env::t('cc')); $bcc = str_replace(';', ',', Env::t('bcc')); $email_regex = '/^[a-z0-9.\\-+_\\$]+@([\\-.+_]?[a-z0-9])+$/i'; foreach (explode(',', $to . ',' . $cc . ',' . $bcc) as $email) { $email = trim($email); if ($email != '' && !preg_match($email_regex, $email)) { $page->trigError("L'adresse email " . $email . ' est erronée.'); $error = true; } } if (empty($to) && empty($cc) && empty($to2) && empty($bcc) && empty($cc2)) { $page->trigError("Indique au moins un destinataire."); $error = true; } if ($error) { $page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send')); } else { $mymail = new PlMailer(); $mymail->setFrom($from); $mymail->setSubject($subj); if (!empty($to)) { $mymail->addTo($to); } if (!empty($cc)) { $mymail->addCc($cc); } if (!empty($bcc)) { $mymail->addBcc($bcc); } if (!empty($to2)) { $mymail->addTo($to2); } if (!empty($cc2)) { $mymail->addCc($cc2); } $files =& PlUpload::listFiles(S::user()->login(), 'emails.send'); foreach ($files as $name => &$upload) { $mymail->addUploadAttachment($upload, $name); } if (Env::v('wiki') == 'text') { $mymail->setTxtBody(wordwrap($txt, 78, "\n")); } else { $mymail->setWikiBody($txt); } if ($mymail->send()) { $page->trigSuccess("Ton email a bien été envoyé."); $_REQUEST = array('bcc' => S::user()->bestEmail()); PlUpload::clear(S::user()->login(), 'emails.send'); } else { $page->trigError("Erreur lors de l'envoi du courriel, réessaye."); $page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send')); } } } } else { $res = XDB::query("SELECT data\n FROM email_send_save\n WHERE uid = {?}", S::i('uid')); if ($res->numRows() == 0) { PlUpload::clear(S::user()->login(), 'emails.send'); $_REQUEST['bcc'] = S::user()->bestEmail(); } else { $data = unserialize($res->fetchOneCell()); $_REQUEST = array_merge($_REQUEST, $data); } } } $uf = new UserFilter(new PFC_And(new UFC_Contact(S::user()), new UFC_Registered()), UserFilter::sortByName()); $contacts = $uf->getProfiles(); $page->assign('contacts', $contacts); $page->assign('maxsize', ini_get('upload_max_filesize') . 'o'); $page->assign('user', S::user()); $preferences = XDB::fetchOneAssoc('SELECT from_email, from_format FROM accounts WHERE uid = {?}', S::user()->id()); if ($preferences['from_email'] == '') { $preferences['from_email'] = '"' . S::user()->fullName() . '" <' . S::user()->bestEmail() . '>'; } $page->assign('preferences', $preferences); }
public function __construct(User $user) { if (!$user) { return; } $this->user =& $user; $res = XDB::fetchOneAssoc('SELECT COUNT(DISTINCT(action)) AS action_count, COUNT(redirect) AS redirect_count, action FROM email_redirect_account WHERE uid = {?} AND (type = \'smtp\' OR type = \'googleapps\') AND flags = \'active\' GROUP BY uid', $user->id()); if ($res['redirect_count'] == 0) { return; } $this->single_redirection = $res['redirect_count'] == 1; $this->redirections = XDB::fetchAllAssoc('SELECT IF(type = \'googleapps\', type, redirect) AS redirect, type, action FROM email_redirect_account WHERE uid = {?} AND (type = \'smtp\' OR type = \'googleapps\') ORDER BY type, redirect', $user->id()); foreach ($this->redirections as &$redirection) { $redirection['filter'] = array_search($redirection['action'], self::$states); } if ($res['action_count'] == 1) { $this->state = array_search($res['action'], self::$states); $this->single_state = true; } else { $this->single_state = $this->state = false; } }
#!/usr/bin/php5 <?php require_once 'connect.db.inc.php'; require_once '../../include/name.func.inc.php'; $pids = XDB::fetchOneRow("SELECT pid\n FROM profile_public_names\n WHERE firstname_ordinary = '0' OR lastname_marital = '0' OR lastname_ordinary = '0'"); XDB::execute("UPDATE profile_public_names\n SET firstname_ordinary = ''\n WHERE firstname_ordinary = '0'"); XDB::execute("UPDATE profile_public_names\n SET lastname_ordinary = ''\n WHERE lastname_ordinary = '0'"); XDB::execute("UPDATE profile_public_names\n SET lastname_ordinary = ''\n WHERE lastname_ordinary = '0'"); foreach ($pids as $pid) { $profile = Profile::get($pid); $item = XDB::fetchOneAssoc('SELECT * FROM profile_public_names WHERE pid = {?}', $pid); update_display_names($profile, $item); } // vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
private function again($uid) { $data = XDB::fetchOneAssoc('SELECT hash, group_name, sender_name, email FROM register_pending_xnet WHERE uid = {?}', $uid); XDB::execute('UPDATE register_pending_xnet SET last_date = NOW() WHERE uid = {?}', $uid); $mailer = new PlMailer('xnet/account.mail.tpl'); $mailer->addCc('*****@*****.**'); $mailer->setTo($data['email']); $mailer->assign('hash', $data['hash']); $mailer->assign('email', $data['email']); $mailer->assign('group', $data['group_name']); $mailer->assign('sender_name', $data['sender_name']); $mailer->assign('again', true); $mailer->assign('baseurl', Platal::globals()->xnet->xorg_baseurl); $mailer->send(); }