public function __construct(User $_user, Profile $_profile, array $_public_names, array $_old_public_names) { parent::__construct($_user, $_profile, true, 'usage'); $this->public_names = $_public_names; $this->old_public_names = $_old_public_names; if (!is_null($this->profileOwner)) { require_once 'name.func.inc.php'; $this->new_alias = build_email_alias($this->public_names); $this->old_alias = XDB::fetchOneCell('SELECT email FROM email_source_account WHERE uid = {?} AND type = \'alias\' AND FIND_IN_SET(\'usage\', flags)', $this->profileOwner->id()); if ($this->old_alias == $this->new_alias) { $this->old_alias = $this->new_alias = null; } else { $used = XDB::fetchOneCell('SELECT COUNT(uid) FROM email_source_account WHERE email = {?} AND type != \'alias_aux\'', $this->new_alias); if (!$used) { // Check against homonyms $used = XDB::fetchOneCell('SELECT COUNT(email) FROM email_source_other WHERE email = {?}', $this->new_alias); } if ($used) { $this->new_alias = null; } } } }
function strongCheckId($subState) { $subState->set('xorgid', Profile::getXorgId($subState->i('schoolid'))); if (!$subState->v('xorgid')) { return 'Le matricule est incorrect.'; } $uf = new UserFilter(new PFC_And(new UFC_SchoolId('xorg', $subState->i('xorgid')), new PFC_Not(new UFC_Dead()), new PFC_Not(new UFC_Registered(true)))); $profile = $uf->getProfile(); if (is_null($profile)) { $max_promo_year = XDB::fetchOneCell("SELECT MAX(promo_year)\n FROM profile_education\n WHERE FIND_IN_SET(flags, 'primary')\n AND eduid = (\n SELECT id\n FROM profile_education_enum\n WHERE abbreviation='X'\n )\n AND degreeid = (\n SELECT id\n FROM profile_education_degree_enum\n WHERE abbreviation = 'Ing.'\n )"); if ($subState->i('yearpromo') > $max_promo_year) { return "Ta promo n'est pas encore dans l'annuaire, réessaie dans quelques semaines."; } return "Cherche ton nom dans l'annuaire public. Si tu te trouves, tu es déjà inscrit ou ton matricule est incorrect ! Sinon envoie-nous un email à support@polytechnique.org"; } if ($profile->promo() != $subState->s('promo')) { return 'Le matricule est incorrect.'; } if (!$profile->compareNames($subState->s('firstname'), $subState->s('lastname'))) { return "Erreur dans l'identification. Réessaie, il y a une erreur quelque part !"; } $subState->set('lastname', $profile->lastName()); $subState->set('firstname', $profile->firstName()); $subState->set('uid', $profile->owner()->id()); $subState->set('watch', $profile->owner()->watch); $subState->set('comment', $profile->owner()->comment); $subState->set('birthdateRef', $profile->__get('birthdate_ref')); return true; }
public static function countNonGeocoded($pid) { $count = XDB::fetchOneCell('SELECT COUNT(*) FROM profile_addresses AS pa WHERE pid = {?} AND type = \'home\' AND NOT EXISTS (SELECT * FROM profile_addresses_components AS pc WHERE pa.pid = pc.pid AND pa.jobid = pc.jobid AND pa.groupid = pc.groupid AND pa.type = pc.type AND pa.id = pc.id)', $pid); return $count; }
function check_email($email, $message) { $res = XDB::fetchOneCell('SELECT COUNT(*) FROM email_watch WHERE state != \'safe\' AND email = {?}', $email); if ($res) { send_warning_mail($message); return true; } return false; }
private static function ListMergeIssues(Profile $profile) { if (Platal::globals()->merge->state != 'done') { return null; } $flags = XDB::fetchOneCell('SELECT issues FROM profile_merge_issues WHERE pid = {?}', $profile->id()); if (!$flags) { return null; } return new PlFlagSet($flags); }
public function medal_name() { $name = XDB::fetchOneCell('SELECT text FROM profile_medal_enum WHERE id = {?}', $this->mid); $grade = XDB::fetchOneCell('SELECT text FROM profile_medal_grade_enum WHERE mid = {?} AND gid = {?}', $this->mid, $this->gid); if (is_null($grade)) { return $name; } return $name . ' (' . $grade . ')'; }
public function __construct(User $user, $hruid, $email, $group, $dim) { parent::__construct($user, false, 'account'); $this->hruid = $hruid; $this->email = $email; $this->group = $group; $this->dim = $dim; $this->uid = XDB::fetchOneCell('SELECT uid FROM accounts WHERE hruid = {?}', $hruid); $this->groups = XDB::fetchAllAssoc('SELECT g.nom, g.diminutif FROM groups AS g INNER JOIN group_members AS m ON (g.id = m.asso_id) WHERE m.uid = {?} ORDER BY g.nom', $this->uid); }
function handler_picture_token(PlPage $page, $size, $token) { XDB::rawExecute('DELETE FROM profile_photo_tokens WHERE expires <= NOW()'); $pid = XDB::fetchOneCell('SELECT pid FROM profile_photo_tokens WHERE token = {?}', $token); if ($pid != null) { $res = XDB::fetchOneAssoc('SELECT attach, attachmime, x, y, last_update FROM profile_photos WHERE pid = {?}', $pid); $photo = PlImage::fromData($res['attach'], 'image/' . $res['attachmime'], $res['x'], $res['y'], $res['last_update']); $photo->send(); } else { return PL_NOT_FOUND; } }
function handler_admin_url($page) { $page->changeTpl('urlshortener/admin.tpl'); if (!Post::has('url')) { return; } $url = Post::t('url'); $alias = Post::t('alias'); $url_regex = '{^(https?|ftp)://[a-zA-Z0-9._%#+/?=&~-]+$}i'; if (strlen($url) > 255 || !preg_match($url_regex, $url)) { $page->trigError("L'url donnée n'est pas valide."); return; } $page->assign('url', $url); if ($alias != '') { if (!preg_match('/^[a-zA-Z0-9\\-\\/]+$/i', $alias)) { $page->trigError("L'alias proposé n'est pas valide."); return; } if (preg_match('/^a\\//i', $alias)) { $page->trigError("L'alias commence par le préfixe 'a/' qui est réservé et donc non autorisé."); return; } $page->assign('alias', $alias); $used = XDB::fetchOneCell('SELECT COUNT(*) FROM url_shortener WHERE alias = {?}', $alias); if ($used != 0) { $page->trigError("L'alias proposé est déjà utilisé."); return; } } else { do { $alias = 'a/' . rand_token(6); $used = XDB::fetchOneCell('SELECT COUNT(*) FROM url_shortener WHERE alias = {?}', $alias); } while ($used != 0); $page->assign('alias', $alias); } XDB::execute('INSERT INTO url_shortener (url, alias) VALUES ({?}, {?})', $url, $alias); $page->trigSuccess("L'url « " . $url . ' » est maintenant accessible depuis « http://u.w4x.org/' . $alias . ' ».'); }
while ($nickname = $res->next()) { // Checks that the requested nickname doesn't look like a regular forlife; // we might run in troubler later if we don't keep the two repos. If we need // to add a forlife-looking nickname at some point, we'll do it manually. if (!preg_match('/^[-a-z]+\\.[-a-z]+\\.\\d{4}$/', $nickname['nickname'])) { $pending_tasks = XDB::fetchOneCell("SELECT COUNT(*)\n FROM gapps_queue\n WHERE q_recipient_id = {?} AND p_status = 'idle' AND j_type = 'n_create' AND j_parameters = {?}", $nickname['id'], json_encode($nickname)); if ($pending_tasks == 0) { XDB::execute("INSERT INTO gapps_queue\n SET q_recipient_id = {?}, p_entry_date = NOW(), p_notbefore_date = NOW(),\n p_priority = 'offline', j_type = 'n_create', j_parameters = {?}", $nickname['id'], json_encode($nickname)); } } } /* Checks that all nicknames in GoogleApps are also aliases on plat/al side. Deletes the invalid ones. */ $res = XDB::iterator("SELECT g.l_userid AS id, g.g_nickname AS nickname\n FROM gapps_nicknames AS g\n LEFT JOIN email_source_account AS s ON (s.uid = g.l_userid AND s.type = 'alias' AND s.email = g.g_nickname)\n WHERE g.l_userid IS NOT NULL AND s.email IS NULL"); while ($nickname = $res->next()) { $pending_tasks = XDB::fetchOneCell("SELECT COUNT(*)\n FROM gapps_queue\n WHERE q_recipient_id = {?} AND p_status = 'idle' AND j_type = 'n_delete' AND j_parameters = {?}", $nickname['id'], json_encode($nickname)); if ($pending_tasks == 0) { XDB::execute("INSERT INTO gapps_queue\n SET q_recipient_id = {?}, p_entry_date = NOW(), p_notbefore_date = NOW(),\n p_priority = 'offline', j_type = 'n_delete', j_parameters = {?}", $nickname['id'], json_encode($nickname)); } } /* Retrieves successful job queues for post-queue processing. */ $res = XDB::iterator("SELECT q_id, q_recipient_id, j_type, j_parameters\n FROM gapps_queue\n WHERE p_status = 'success' AND q_recipient_id IS NOT NULL"); while ($job = $res->next()) { if ($job['j_type'] == 'u_create') { post_queue_u_create($job); } else { if ($job['j_type'] == 'u_update') { post_queue_u_update($job); } } }
public function mergeIn(User $newuser) { if ($this->profile()) { // Don't disable user with profile in this way. global $globals; Platal::page()->trigError('Impossible de fusionner les comptes ' . $this->hruid . ' et ' . $newuser->hruid . '. Contacte support@' . $globals->mail->domain . '.'); return false; } if ($this->forlifeEmail()) { // If the new user is not registered and does not have already an email address, // we need to give him the old user's email address if he has any. if (!$newuser->perms) { XDB::execute('UPDATE accounts SET email = {?} WHERE uid = {?} AND email IS NULL', $this->forlifeEmail(), $newuser->id()); // Reftech new user so its forlifeEmail will be correct. $newuser = self::getSilentWithUID($newuser->id()); } // Change email used in mailing lists. if ($this->forlifeEmail() != $newuser->forlifeEmail()) { // The super user is the user who has the right to do the modification. $super_user = S::user(); // group mailing lists $group_domains = XDB::fetchColumn('SELECT g.mail_domain FROM groups AS g INNER JOIN group_members AS gm ON(g.id = gm.asso_id) WHERE g.mail_domain != \'\' AND gm.uid = {?}', $this->id()); foreach ($group_domains as $mail_domain) { $mmlist = new MMList($super_user, $mail_domain); $mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail()); } // main domain lists $mmlist = new MMList($super_user); $mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail()); } } // Updates user in following tables. foreach (array('group_announces', 'payment_transactions', 'log_sessions', 'group_events') as $table) { XDB::execute('UPDATE ' . $table . ' SET uid = {?} WHERE uid = {?}', $newuser->id(), $this->id()); } // Merges user in following tables, ie updates when possible, then deletes remaining occurences of the old user. foreach (array('group_announces_read', 'group_event_participants', 'group_member_sub_requests', 'group_members', 'email_redirect_account') as $table) { XDB::execute('UPDATE IGNORE ' . $table . ' SET uid = {?} WHERE uid = {?}', $newuser->id(), $this->id()); XDB::execute('DELETE FROM ' . $table . ' WHERE uid = {?}', $this->id()); } // Eventually updates last session id and deletes old user's accounts entry. $lastSession = XDB::fetchOneCell('SELECT id FROM log_sessions WHERE uid = {?} ORDER BY start DESC LIMIT 1', $newuser->id()); XDB::execute('UPDATE log_last_sessions SET id = {?} WHERE uid = {?}', $lastSession, $newuser->id()); XDB::execute('DELETE FROM accounts WHERE uid = {?}', $this->id()); return true; }
function select_if_homonym(PlUser $user) { return XDB::fetchOneCell('SELECT email FROM email_source_account WHERE uid = {?} AND expire IS NOT NULL', $user->id()); }
function handler_broken($page, $uid = null) { $page->changeTpl('marketing/broken.tpl'); if (is_null($uid)) { return PL_NOT_FOUND; } $user = User::get($uid); if (!$user) { return PL_NOT_FOUND; } elseif ($user->login() == S::user()->login()) { pl_redirect('emails/redirect'); } $res = XDB::query('SELECT p.deathdate IS NULL AS alive, r.last, IF(r.type = \'googleapps\', \'googleapps\', r.redirect) AS active_email FROM accounts AS a LEFT JOIN email_redirect_account AS r ON (a.uid = r.uid AND r.type IN (\'smtp\', \'googleapps\') AND r.flags = \'active\') LEFT JOIN account_profiles AS ap ON (ap.uid = r.uid AND FIND_IN_SET(\'owner\', ap.perms)) LEFT JOIN profiles AS p ON (p.pid = ap.pid) WHERE a.uid = {?} ORDER BY r.broken_level, r.last', $user->id()); if (!$res->numRows()) { return PL_NOT_FOUND; } $user->addProperties($res->fetchOneAssoc()); $page->assign('user', $user); $email = null; require_once 'emails.inc.php'; if (Post::has('mail')) { $email = valide_email(Post::v('mail')); } if (Post::has('valide') && isvalid_email_redirection($email, $user)) { S::assert_xsrf_token(); // security stuff check_email($email, "Proposition d'une adresse surveillee pour " . $user->login() . " par " . S::user()->login()); $state = XDB::fetchOneCell('SELECT flags FROM email_redirect_account WHERE redirect = {?} AND uid = {?}', $email, $user->id()); if ($state == 'broken') { $page->trigWarning("L'adresse que tu as fournie est l'adresse actuelle de {$user->fullName()} et est en panne."); } elseif ($state == 'active') { $page->trigWarning("L'adresse que tu as fournie est l'adresse actuelle de {$user->fullName()}"); } elseif ($user->email && !Post::t('comment')) { $page->trigError("Il faut que tu ajoutes un commentaire à ta proposition pour justifier le " . "besoin de changer la redirection de {$user->fullName()}."); } else { $valid = new BrokenReq(S::user(), $user, $email, trim(Post::v('comment'))); $valid->submit(); $page->assign('sent', true); } } elseif ($email) { $page->trigError("L'adresse proposée n'est pas une adresse acceptable pour une redirection."); } }
/** Compute the conditions to use for the current request. * @return A PlFilterCondition instance (actually a PFC_And) */ protected function getCond() { $cond = new PFC_And(); foreach ($this->criteria as $criterion => $value) { switch ($criterion) { // ENUM fields case WSRequestCriteria::SCHOOL: // Useless criterion: we don't need to check on origin school if (WSRequestCriteria::$choices_enum[$criterion][$value]) { $cond->addChild(new PFC_True()); } else { $cond->addChild(new PFC_False()); } break; case WSRequestCriteria::DIPLOMA: $diploma = WSRequestCriteria::$choices_enum[$criterion][$value]; $id_X = XDB::fetchOneCell('SELECT id FROM profile_education_enum WHERE abbreviation = {?}', 'X'); $cond->addChildren(array(new UFC_EducationSchool($id_X), new UFC_EducationDegree($diploma))); break; // TEXT fields // TEXT fields case WSRequestCriteria::FIRSTNAME: case WSRequestCriteria::LASTNAME: $cond->addChild(new UFC_NameTokens($value, UFC_NameTokens::FLAG_PUBLIC, false, false, $criterion)); break; case WSRequestCriteria::PROMOTION: $cond->addChild(new PFC_Or(new UFC_Promo(UserFilter::OP_EQUALS, UserFilter::GRADE_ING, $value), new UFC_Promo(UserFilter::OP_EQUALS, UserFilter::GRADE_MST, $value), new UFC_Promo(UserFilter::OP_EQUALS, UserFilter::GRADE_PHD, $value))); break; case WSRequestCriteria::ALT_DIPLOMA: $cond->addChild(new UFC_EducationDegree(DirEnum::getIds(DirEnum::EDUDEGREES, $value))); break; case WSRequestCriteria::DIPLOMA_FIELD: $cond->addChild(new UFC_EducationField(DirEnum::getIds(DirEnum::EDUFIELDS, $value))); break; case WSRequestCriteria::CITY: $cond->addChild(new UFC_AddressField($value, UFC_AddressField::FIELD_LOCALITY, UFC_Address::TYPE_HOME, UFC_Address::FLAG_CURRENT)); break; case WSRequestCriteria::COUNTRY: $cond->addChild(new UFC_AddressField($value, UFC_AddressField::FIELD_COUNTRY, UFC_Address::TYPE_HOME, UFC_Address::FLAG_CURRENT)); break; case WSRequestCriteria::ZIPCODE: $cond->addChild(new UFC_AddressField($value, UFC_AddressField::FIELD_ZIPCODE, UFC_Address::TYPE_HOME, UFC_Address::FLAG_CURRENT)); break; case WSRequestCriteria::JOB_ANY_COUNTRY: $cond->addChild(new UFC_AddressField($value, UFC_AddressField::FIELD_COUNTRY, UFC_Address::TYPE_PRO, UFC_Address::FLAG_ANY)); break; case WSRequestCriteria::JOB_CURRENT_CITY: $cond->addChild(new UFC_AddressField($value, UFC_AddressField::FIELD_LOCALITY, UFC_Address::TYPE_PRO, UFC_Address::FLAG_ANY)); break; case WSRequestCriteria::JOB_ANY_COMPANY: case WSRequestCriteria::JOB_CURRENT_COMPANY: $cond->addChild(new UFC_Job_Company(UFC_Job_Company::JOBNAME, $value)); break; case WSRequestCriteria::JOB_ANY_SECTOR: case WSRequestCriteria::JOB_CURRENT_SECTOR: case WSRequestCriteria::JOB_CURRENT_TITLE: $cond->addChild(new UFC_Job_Terms(DirEnum::getIds(DirEnum::JOBTERMS, $value))); break; // LIST fields // LIST fields case WSRequestCriteria::HOBBIES: $subcond = new PFC_Or(); foreach ($value as $val) { $subcond->addChild(new UFC_Comment($value)); } $cond->addChild($subcond); break; case WSRequestCriteria::JOB_COMPETENCIES: case WSRequestCriteria::JOB_RESUME: case WSRequestCriteria::PROFESSIONAL_PROJECT: $subcond = new PFC_Or(); foreach ($value as $val) { $subcond->addChild(new UFC_Job_Description($value, UserFilter::JOB_USERDEFINED)); } $cond->addChild($subcond); break; case WSRequestCriteria::NOT_UID: $cond->addChild(new PFC_Not(new UFC_PartnerSharingID($this->partner->id, $value))); break; default: break; } } return $cond; }
function fill_email_combobox(PlPage $page, array $retrieve, $user = null) { require_once 'emails.inc.php'; if (is_null($user)) { $user = S::user(); } /* Always refetch the profile. */ $profile = $user->profile(true); $emails = array(); if (in_array('source', $retrieve)) { $emails['Emails polytechniciens'] = XDB::fetchColumn('SELECT CONCAT(s.email, \'@\', d.name) FROM email_source_account AS s INNER JOIN email_virtual_domains AS m ON (s.domain = m.id) INNER JOIN email_virtual_domains AS d ON (d.aliasing = m.id) WHERE s.uid = {?} ORDER BY s.email, d.name', $user->id()); } if (in_array('redirect', $retrieve)) { $redirect = new Redirect($user); $emails['Redirections'] = array(); foreach ($redirect->emails as $redirect_it) { if ($redirect_it->is_redirection()) { $emails['Redirections'][] = $redirect_it->email; } } } if ($profile) { if (in_array('job', $retrieve)) { $emails['Emails professionels'] = XDB::fetchColumn('SELECT email FROM profile_job WHERE pid = {?} AND email IS NOT NULL AND email != \'\'', $profile->id()); } if ($profile->email_directory) { if (in_array('directory', $retrieve)) { foreach ($emails as &$email_list) { foreach ($email_list as $key => $email) { if ($profile->email_directory == $email) { unset($email_list[$key]); } } } $emails['Email annuaire AX'] = array($profile->email_directory); } elseif (in_array('stripped_directory', $retrieve)) { if (User::isForeignEmailAddress($profile->email_directory)) { $is_redirect = XDB::fetchOneCell('SELECT COUNT(*) FROM email_redirect_account WHERE uid = {?} AND redirect = {?}', $user->id(), $profile->email_directory); if ($is_redirect == 0) { $emails['Email annuaire AX'] = array($profile->email_directory); } } } } if (isset($emails['Emails professionels']) && isset($emails['Redirections'])) { $intersect = array_intersect($emails['Emails professionels'], $emails['Redirections']); foreach ($intersect as $key => $email) { unset($emails['Emails professionels'][$key]); } } } $emails_count = 0; foreach ($emails as $email_list) { $emails_count += count($email_list); } $page->assign('emails_count', $emails_count); $page->assign('email_lists', $emails); }
public static function is_active_storage(User $user, $storage) { if (!in_array($storage, self::get_allowed_storages($user))) { return false; } $res = XDB::fetchOneCell('SELECT COUNT(*) FROM email_redirect_account WHERE uid = {?} AND type = {?} AND flags = \'active\'', $user->id(), $storage); return !is_null($res) && $res > 0; }
/** Send this issue to the given user, reusing an existing hash if provided. * @p $user User to whom the issue should be mailed * @p $hash Optional hash to use in the 'unsubscribe' link; if null, another one will be generated. */ public function sendTo($user, $hash = null) { global $globals; // Don't send email to users without an address // Note: this would never happen when using sendToAll if (!$user->bestEmail()) { return; } $this->fetchArticles(); if (is_null($hash)) { $hash = XDB::fetchOneCell("SELECT hash\n FROM newsletter_ins\n WHERE uid = {?} AND nlid = {?}", $user->id(), $this->nl->id); } if (is_null($hash)) { $hash = self::createHash(array($user->displayName(), $user->fullName(), $user->isFemale(), $user->isEmailFormatHtml(), rand(), "X.org rulez")); XDB::execute("UPDATE newsletter_ins as ni\n SET ni.hash = {?}\n WHERE ni.uid = {?} AND ni.nlid = {?}", $hash, $user->id(), $this->nl->id); } $mailer = new PlMailer($this->nl->tplFile()); $this->assignData($mailer); $mailer->assign('is_mail', true); $mailer->assign('user', $user); $mailer->assign('prefix', null); $mailer->assign('hash', $hash); if (!empty($this->reply_to)) { $mailer->addHeader('Reply-To', $this->reply_to); } // Add mailing list headers // Note: "Precedence: bulk" is known to cause issues on some clients $mailer->addHeader('Precedence', 'list'); // RFC 2919 header $mailer->addHeader('List-Id', $this->nl->group . ' <' . $this->nl->group . '.newsletter.' . $globals->mail->domain . '>'); // RFC 2369 headers $listurl = $this->nl->fullUrl(); $mailer->addHeader('List-Unsubscribe', '<' . $listurl . '/out/nohash/' . $this->id . '>'); $mailer->addHeader('List-Subscribe', '<' . $listurl . '/in/nohash/' . $this->id . '>'); $mailer->addHeader('List-Archive', '<' . $listurl . '>'); $mailer->addHeader('List-Help', '<' . $listurl . '>'); $mailer->addHeader('List-Owner', '<mailto:support@' . $globals->mail->domain . '>'); $mailer->sendTo($user); }
public static function getPID($login) { if ($login instanceof PlUser) { return XDB::fetchOneCell('SELECT pid FROM account_profiles WHERE uid = {?} AND FIND_IN_SET(\'owner\', perms)', $login->id()); } else { if (ctype_digit($login)) { return XDB::fetchOneCell('SELECT pid FROM profiles WHERE pid = {?}', $login); } else { return XDB::fetchOneCell('SELECT pid FROM profiles WHERE hrpid = {?}', $login); } } }
function handler_broken_addr($page) { require_once 'emails.inc.php'; $page->changeTpl('emails/broken_addr.tpl'); if (Env::has('sort_broken')) { S::assert_xsrf_token(); $list = trim(Env::v('list')); if ($list == '') { $page->trigError('La liste est vide.'); } else { $valid_emails = array(); $invalid_emails = array(); $broken_list = explode("\n", $list); sort($broken_list); foreach ($broken_list as $orig_email) { $orig_email = trim($orig_email); if ($orig_email != '') { $email = valide_email($orig_email); if (empty($email) || $email == '@') { $invalid_emails[] = trim($orig_email) . ': invalid email'; } elseif (!in_array($email, $valid_emails)) { $nb = XDB::fetchOneCell('SELECT COUNT(*) FROM email_redirect_account WHERE redirect = {?}', $email); if ($nb > 0) { $valid_emails[] = $email; } else { $invalid_emails[] = $orig_email . ': no such redirection'; } } } } $page->assign('valid_emails', $valid_emails); $page->assign('invalid_emails', $invalid_emails); } } if (Env::has('process_broken')) { S::assert_xsrf_token(); $list = trim(Env::v('list')); if ($list == '') { $page->trigError('La liste est vide.'); } else { require_once 'notifs.inc.php'; $broken_user_list = array(); $broken_user_email_count = array(); $broken_user_profiles = array(); $broken_list = explode("\n", $list); sort($broken_list); foreach ($broken_list as $email) { $email = trim($email); $userobj = null; if ($user = mark_broken_email($email, true)) { $userobj = User::getSilentWithUID($user['uid']); } if (is_null($userobj)) { continue; } $profile = $userobj->profile(); if (is_null($profile)) { continue; } if ($user['nb_mails'] > 0 && $user['notify']) { $mail = new PlMailer('emails/broken.mail.tpl'); $mail->setTo($userobj); $mail->assign('user', $user); $mail->assign('email', $email); $mail->send(); } else { WatchProfileUpdate::register($profile, 'broken'); } $pid = $profile->id(); if (!isset($broken_user_list[$pid])) { $broken_user_list[$pid] = array($email); } else { $broken_user_list[$pid][] = $email; } $broken_user_email_count[$pid] = $user['nb_mails']; $broken_user_profiles[$pid] = $profile; } XDB::execute('UPDATE email_redirect_account SET broken_level = broken_level - 1 WHERE flags = \'active\' AND broken_level > 1 AND DATE_ADD(last, INTERVAL 1 MONTH) < CURDATE()'); XDB::execute('UPDATE email_redirect_account SET broken_level = 0 WHERE flags = \'active\' AND broken_level = 1 AND DATE_ADD(last, INTERVAL 1 YEAR) < CURDATE()'); // Sort $broken_user_list with (promo, sortname, pid) $sortable_array = array(); foreach ($broken_user_list as $pid => $mails) { $profile = $broken_user_profiles[$pid]; $sortable_array[$pid] = array($profile->promo(), $profile->sortName(), $pid); } asort($sortable_array); // Output the list of users with recently broken addresses, // along with the count of valid redirections. pl_cached_content_headers('text/x-csv', null, 1, 'broken.csv'); $csv = fopen('php://output', 'w'); fputcsv($csv, array('nom', 'promo', 'bounces', 'nbmails', 'url', 'corps', 'job', 'networking'), ';'); $corpsList = DirEnum::getOptions(DirEnum::CURRENTCORPS); foreach (array_keys($sortable_array) as $pid) { $mails = $broken_user_list[$pid]; $profile = $broken_user_profiles[$pid]; $current_corps = $profile->getCorpsName(); $jobs = $profile->getJobs(); $companies = array(); foreach ($jobs as $job) { $companies[] = $job->company->name; } $networkings = $profile->getNetworking(Profile::NETWORKING_ALL); $networking_list = array(); foreach ($networkings as $networking) { $networking_list[] = $networking['address']; } fputcsv($csv, array($profile->fullName(), $profile->promo(), join(',', $mails), $broken_user_email_count[$pid], 'https://www.polytechnique.org/marketing/broken/' . $profile->hrid(), $current_corps, implode(',', $companies), implode(',', $networking_list)), ';'); } fclose($csv); exit; } } }
private function getPIDList($pids = null, PlLimit $limit) { $this->requireProfiles(); $this->buildQuery(); $lim = $limit->getSql(); $cond = ''; if (!is_null($pids)) { $cond = XDB::format(' AND p.pid IN {?}', $pids); } $fetched = XDB::rawFetchColumn('SELECT SQL_CALC_FOUND_ROWS p.pid ' . $this->query . $cond . ' GROUP BY p.pid ' . $this->orderby . ' ' . $lim); $this->lastprofilecount = (int) XDB::fetchOneCell('SELECT FOUND_ROWS()'); return $fetched; }
function handler_tmpPWD($page, $certif = null) { global $globals; XDB::execute('DELETE FROM account_lost_passwords WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created'); if (Post::has('pwhash') && Post::t('pwhash')) { $uid = XDB::fetchOneCell('SELECT uid FROM accounts WHERE hruid = {?}', Post::t('username')); $password = Post::t('pwhash'); XDB::query('UPDATE accounts SET password = {?} WHERE uid = {?} AND state = \'active\'', $password, $uid); XDB::query('DELETE FROM account_lost_passwords WHERE certificat = {?}', $certif); // If GoogleApps is enabled, and the user did choose to use synchronized passwords, // updates the Google Apps password as well. if ($globals->mailstorage->googleapps_domain) { require_once 'googleapps.inc.php'; $account = new GoogleAppsAccount(User::getSilent($uid)); if ($account->active() && $account->sync_password) { $account->set_password($password); } } S::logger($uid)->log("passwd", ""); // Try to start a session (so the user don't have to log in); we will use // the password available in Post:: to authenticate the user. Platal::session()->start(AUTH_PASSWD); $page->changeTpl('platal/tmpPWD.success.tpl'); } else { $res = XDB::query('SELECT uid FROM account_lost_passwords WHERE certificat = {?}', $certif); $ligne = $res->fetchOneAssoc(); if (!$ligne) { $page->changeTpl('platal/index.tpl'); $page->kill("Cette adresse n'existe pas ou n'existe plus sur le serveur."); } $hruid = XDB::fetchOneCell('SELECT hruid FROM accounts WHERE uid = {?}', $ligne['uid']); $page->changeTpl('platal/password.tpl'); $page->assign('hruid', $hruid); $page->assign('do_auth', 1); } }
public function getTotalCount() { if (is_null($this->lastcount)) { $schema = $this->schema(); $as = $schema['as']; $id = $schema['id']; $this->buildQuery(); return (int) XDB::fetchOneCell("SELECT COUNT(DISTINCT {$as}.{$id}) {$this->query}"); } else { return $this->lastcount; } }
function handler_create($page) { global $globals; $page->changeTpl('lists/create.tpl'); $user_promo = S::user()->profile()->yearPromo(); $year = date('Y'); $month = date('m'); // scolar year starts in september $scolarmonth = ($year - $user_promo) * 12 + ($month - 8); $young_promo = $very_young_promo = 0; // binet are accessible only in april in the first year and until // march of the 5th year if ($scolarmonth >= 8 && $scolarmonth < 56) { $young_promo = 1; } // PSC aliases are accesible only between september and june of the second // year of scolarity if ($scolarmonth >= 12 && $scolarmonth < 22) { $very_young_promo = 1; } $page->assign('young_promo', $young_promo); $page->assign('very_young_promo', $very_young_promo); $owners = preg_split("/[\\s]+/", Post::v('owners'), -1, PREG_SPLIT_NO_EMPTY); $members = preg_split("/[\\s]+/", Post::v('members'), -1, PREG_SPLIT_NO_EMPTY); // click on validate button 'add_owner_sub' or type <enter> if (Post::has('add_owner_sub') && Post::has('add_owner')) { // if we want to add an owner and then type <enter>, then both // add_owner_sub and add_owner are filled. $oforlifes = User::getBulkForlifeEmailsFromEmail(Post::v('add_owner')); $mforlifes = User::getBulkForlifeEmailsFromEmail(Post::v('add_member')); if (!is_null($oforlifes)) { $owners = array_merge($owners, $oforlifes); } // if we want to add a member and then type <enter>, then // add_owner_sub is filled, whereas add_owner is empty. if (!is_null($mforlifes)) { $members = array_merge($members, $mforlifes); } } // click on validate button 'add_member_sub' if (Post::has('add_member_sub') && Post::has('add_member')) { $forlifes = User::getBulkForlifeEmailsFromEmail(Post::v('add_member')); if (!is_null($forlifes)) { $members = array_merge($members, $forlifes); } } if (Post::has('add_member_sub') && isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) { $upload =& PlUpload::get($_FILES['add_member_file'], S::user()->login(), 'list.addmember', true); if (!$upload) { $page->trigError('Une erreur s\'est produite lors du téléchargement du fichier'); } else { $forlifes = User::getBulkForlifeEmailsFromEmail($upload->getContents()); if (!is_null($forlifes)) { $members = array_merge($members, $forlifes); } } } ksort($owners); $owners = array_unique($owners); ksort($members); $members = array_unique($members); $page->assign('owners', join("\n", $owners)); $page->assign('members', join("\n", $members)); if (!Post::has('submit')) { return; } else { S::assert_xsrf_token(); } $asso = Post::t('asso'); $list = strtolower(Post::t('liste')); if (empty($list)) { $page->trigError('Le champ « adresse souhaitée » est vide.'); } if (!preg_match("/^[a-zA-Z0-9\\-]*\$/", $list)) { $page->trigError('Le nom de la liste ne doit contenir que des lettres non accentuées, chiffres et tirets.'); } if ($asso == 'binet' || $asso == 'alias') { $promo = Post::i('promo'); $domain = $promo . '.' . $globals->mail->domain; if ($promo < 1921 || $promo > date('Y')) { $page->trigError('La promotion est mal renseignée, elle doit être du type : 2004.'); } } elseif ($asso == 'groupex') { $domain = XDB::fetchOneCell('SELECT mail_domain FROM groups WHERE nom = {?}', Post::t('groupex_name')); if (!$domain) { $page->trigError('Il n\'y a aucun groupe de ce nom sur Polytechnique.net.'); } } else { $domain = $globals->mail->domain; } require_once 'emails.inc.php'; if (list_exist($list, $domain)) { $page->trigError("L'« adresse souhaitée » est déjà prise."); } if (!Post::t('desc')) { $page->trigError('Le sujet est vide.'); } if (!count($owners)) { $page->trigError('Il n\'y a pas de gestionnaire.'); } if (count($members) < 4) { $page->trigError('Il n\'y a pas assez de membres.'); } if (!$page->nb_errs()) { $page->trigSuccess('Demande de création envoyée !'); $page->assign('created', true); $req = new ListeReq(S::user(), $asso, $list, $domain, Post::t('desc'), Post::i('advertise'), Post::i('modlevel'), Post::i('inslevel'), $owners, $members); $req->submit(); } }
/** * Returns the password of the User * * @param string $password If specified, update the password in the database * @param boolean $encrypt Encrypt the password * @return string database password hash */ public function password($password = null, $encrypt = true) { if ($password != null) { $this->password = $encrypt ? hash_encrypt($password) : $password; XDB::execute('UPDATE account SET password = {?} WHERE uid = {?}', $this->password, $this->id()); } return XDB::fetchOneCell('SELECT password FROM account WHERE uid = {?}', $this->id()); }
private function getGroup(PlPage $page, $group) { $groupid = XDB::fetchOneCell("SELECT id\n FROM groups\n WHERE (nom = {?} OR diminutif = {?}) AND NOT FIND_IN_SET('private', pub)", $group, $group); if (is_null($groupid)) { $search = XDB::formatWildcards(XDB::WILDCARD_CONTAINS, $group); $res = XDB::query('SELECT id FROM groups WHERE (nom ' . $search . ' OR diminutif ' . $search . ") AND NOT FIND_IN_SET('private', pub)", $search, $search); if ($res->numRows() == 1) { $groupid = $res->fetchOneCell(); } } return $groupid; }
function handler_add_secondary_edu($page) { $page->changeTpl('admin/add_secondary_edu.tpl'); if (!(Post::has('verify') || Post::has('add'))) { return; } elseif (!Post::has('people')) { $page->trigWarning("Aucune information n'a été fournie."); return; } require_once 'name.func.inc.php'; $lines = explode("\n", Post::t('people')); $separator = Post::t('separator'); $degree = Post::v('degree'); $promotion = Post::i('promotion'); $schoolsList = array_flip(DirEnum::getOptions(DirEnum::EDUSCHOOLS)); $degreesList = array_flip(DirEnum::getOptions(DirEnum::EDUDEGREES)); $edu_id = $schoolsList[Profile::EDU_X]; $degree_id = $degreesList[$degree]; $res = array('incomplete' => array(), 'empty' => array(), 'multiple' => array(), 'already' => array(), 'new' => array()); $old_pids = array(); $new_pids = array(); foreach ($lines as $line) { $line = trim($line); $line_array = explode($separator, $line); array_walk($line_array, 'trim'); if (count($line_array) != 3) { $page->trigError("La ligne « {$line} » est incomplète."); $res['incomplete'][] = $line; continue; } $cond = new PFC_And(new UFC_NameTokens(split_name_for_search($line_array[0]), array(), false, false, Profile::LASTNAME)); $cond->addChild(new UFC_NameTokens(split_name_for_search($line_array[1]), array(), false, false, Profile::FIRSTNAME)); $cond->addChild(new UFC_Promo('=', UserFilter::DISPLAY, $line_array[2])); $uf = new UserFilter($cond); $pid = $uf->getPIDs(); $count = count($pid); if ($count == 0) { $page->trigError("La ligne « {$line} » ne correspond à aucun profil existant."); $res['empty'][] = $line; continue; } elseif ($count > 1) { $page->trigError("La ligne « {$line} » correspond à plusieurs profils existant."); $res['multiple'][] = $line; continue; } else { $count = XDB::fetchOneCell('SELECT COUNT(*) AS count FROM profile_education WHERE pid = {?} AND eduid = {?} AND degreeid = {?}', $pid, $edu_id, $degree_id); if ($count == 1) { $res['already'][] = $line; $old_pids[] = $pid[0]; } else { $res['new'][] = $line; $new_pids[] = $pid[0]; } } } $display = array(); foreach ($res as $type => $res_type) { if (count($res_type) > 0) { $display = array_merge($display, array('--------------------' . $type . ':'), $res_type); } } $page->assign('people', implode("\n", $display)); $page->assign('promotion', $promotion); $page->assign('degree', $degree); if (Post::has('add')) { $entry_year = $promotion - Profile::educationDuration($degree); if (Post::b('force_addition')) { $pids = array_unique(array_merge($old_pids, $new_pids)); } else { $pids = array_unique($new_pids); // Updates years. if (count($old_pids)) { XDB::execute('UPDATE profile_education SET entry_year = {?}, grad_year = {?}, promo_year = {?} WHERE pid IN {?} AND eduid = {?} AND degreeid = {?}', $entry_year, $promotion, $promotion, $old_pids, $edu_id, $degree_id); } } // Precomputes values common to all users. $select = XDB::format('MAX(id) + 1, pid, {?}, {?}, {?}, {?}, {?}, \'secondary\'', $edu_id, $degree_id, $entry_year, $promotion, $promotion); XDB::startTransaction(); foreach ($pids as $pid) { XDB::execute('INSERT INTO profile_education (id, pid, eduid, degreeid, entry_year, grad_year, promo_year, flags) SELECT ' . $select . ' FROM profile_education WHERE pid = {?} GROUP BY pid', $pid); } XDB::commit(); } }
function get_event_participants(&$evt, $item_id, array $tri = array(), $limit = null, $offset = 0) { global $globals; $eid = $evt['eid']; $money = $evt['money'] && function_exists('may_update') && may_update(); $pay_id = $evt['paiement_id']; $append = $item_id ? XDB::format(' AND ep.item_id = {?}', $item_id) : ''; $query = XDB::fetchAllAssoc('uid', 'SELECT ep.uid, SUM(ep.paid) AS paid, SUM(ep.nb) AS nb, FIND_IN_SET(\'notify_payment\', ep.flags) AS notify_payment FROM group_event_participants AS ep WHERE ep.eid = {?} AND nb > 0 ' . $append . ' GROUP BY ep.uid', $eid); $uf = new UserFilter(new PFC_True(), $tri); $users = User::getBulkUsersWithUIDs($uf->filter(array_keys($query), new PlLimit($limit, $offset))); $tab = array(); foreach ($users as $user) { $uid = $user->id(); $tab[$uid] = $query[$uid]; $tab[$uid]['user'] = $user; } if ($item_id) { return $tab; } $evt['adminpaid'] = 0; $evt['telepaid'] = 0; $evt['topay'] = 0; $evt['paid'] = 0; foreach ($tab as $uid => &$u) { $u['adminpaid'] = (double) $u['paid']; $u['montant'] = 0; if ($money && $pay_id) { $montant = XDB::fetchOneCell('SELECT SUM(amount) FROM payment_transactions AS t WHERE status = "confirmed" AND ref = {?} AND uid = {?}', $pay_id, $uid); $u['paid'] += $montant; } $u['telepayment'] = $u['paid'] - $u['adminpaid']; $res_ = XDB::iterator('SELECT ep.nb, ep.item_id, ei.montant FROM group_event_participants AS ep INNER JOIN group_event_items AS ei ON (ei.eid = ep.eid AND ei.item_id = ep.item_id) WHERE ep.eid = {?} AND ep.uid = {?}', $eid, $uid); while ($i = $res_->next()) { $u[$i['item_id']] = $i['nb']; $u['montant'] += $i['montant'] * $i['nb']; } $evt['telepaid'] += $u['telepayment']; $evt['adminpaid'] += $u['adminpaid']; $evt['paid'] += $u['paid']; $evt['topay'] += $u['montant']; } return $tab; }
private static function fix_notification($group_id) { $count = XDB::fetchOneCell("SELECT COUNT(uid)\n FROM group_members\n WHERE asso_id = {?} AND perms = 'admin' AND FIND_IN_SET('notify', flags)", $group_id); if ($count == 0) { XDB::execute("UPDATE groups\n SET flags = IF(flags = '', 'notify_all', CONCAT(flags, ',', 'notify_all'))\n WHERE id = {?}", $group_id); } }
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * * GNU General Public License for more details. * * * * You should have received a copy of the GNU General Public License * * along with this program; if not, write to the Free Software * * Foundation, Inc., * * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * ***************************************************************************/ require_once 'xorg.inc.php'; $platal = new Xorg('core'); global $globals; $path = ltrim($platal->pl_self(), '/'); @(list($username, $path) = explode('/', $path, 2)); if ($username && !is_null($user = User::getSilent($username))) { $url = XDB::fetchOneCell('SELECT url FROM carvas WHERE uid = {?}', $user->id()); if ($url) { $url = preg_replace('@/+$@', '', $url); if ($path) { http_redirect("http://{$url}/{$path}"); } else { http_redirect("http://{$url}"); } } } header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found'); ?> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html> <head>
function handler_issues($page, $action = '') { static $issueList = array('name' => 'noms', 'phone' => 'téléphones', 'education' => 'formations', 'address' => 'adresses', 'job' => 'emplois'); static $typeList = array('name' => 'general', 'phone' => 'general', 'education' => 'general', 'address' => 'adresses', 'job' => 'emploi'); if (!array_key_exists($action, $issueList)) { pl_redirect('fusionax'); } else { $total = XDB::fetchOneCell('SELECT COUNT(*) FROM profile_merge_issues WHERE FIND_IN_SET({?}, issues)', $action); if ($total == 0) { pl_redirect('fusionax'); } $issues = XDB::fetchAllAssoc('SELECT p.hrpid, pd.directory_name, pd.promo FROM profile_merge_issues AS pm INNER JOIN profiles AS p ON (pm.pid = p.pid) INNER JOIN profile_display AS pd ON (pd.pid = p.pid) WHERE FIND_IN_SET({?}, pm.issues) ORDER BY pd.directory_name LIMIT 100', $action); $page->changeTpl('fusionax/other_issues.tpl'); $page->assign('issues', $issues); $page->assign('issue', $issueList[$action]); $page->assign('type', $typeList[$action]); $page->assign('total', $total); } }