public function __construct(User $_user, Profile $_profile, array $_public_names, array $_old_public_names)
{
parent::__construct($_user, $_profile, true, 'usage');
$this->public_names = $_public_names;
$this->old_public_names = $_old_public_names;
if (!is_null($this->profileOwner)) {
require_once 'name.func.inc.php';
$this->new_alias = build_email_alias($this->public_names);
$this->old_alias = XDB::fetchOneCell('SELECT email
FROM email_source_account
WHERE uid = {?} AND type = \'alias\' AND FIND_IN_SET(\'usage\', flags)', $this->profileOwner->id());
if ($this->old_alias == $this->new_alias) {
$this->old_alias = $this->new_alias = null;
} else {
$used = XDB::fetchOneCell('SELECT COUNT(uid)
FROM email_source_account
WHERE email = {?} AND type != \'alias_aux\'', $this->new_alias);
if (!$used) {
// Check against homonyms
$used = XDB::fetchOneCell('SELECT COUNT(email)
FROM email_source_other
WHERE email = {?}', $this->new_alias);
}
if ($used) {
$this->new_alias = null;
}
}
}
}
function strongCheckId($subState)
{
$subState->set('xorgid', Profile::getXorgId($subState->i('schoolid')));
if (!$subState->v('xorgid')) {
return 'Le matricule est incorrect.';
}
$uf = new UserFilter(new PFC_And(new UFC_SchoolId('xorg', $subState->i('xorgid')), new PFC_Not(new UFC_Dead()), new PFC_Not(new UFC_Registered(true))));
$profile = $uf->getProfile();
if (is_null($profile)) {
$max_promo_year = XDB::fetchOneCell("SELECT MAX(promo_year)\n FROM profile_education\n WHERE FIND_IN_SET(flags, 'primary')\n AND eduid = (\n SELECT id\n FROM profile_education_enum\n WHERE abbreviation='X'\n )\n AND degreeid = (\n SELECT id\n FROM profile_education_degree_enum\n WHERE abbreviation = 'Ing.'\n )");
if ($subState->i('yearpromo') > $max_promo_year) {
return "Ta promo n'est pas encore dans l'annuaire, réessaie dans quelques semaines.";
}
return "Cherche ton nom dans l'annuaire public. Si tu te trouves, tu es déjà inscrit ou ton matricule est incorrect ! Sinon envoie-nous un email à support@polytechnique.org";
}
if ($profile->promo() != $subState->s('promo')) {
return 'Le matricule est incorrect.';
}
if (!$profile->compareNames($subState->s('firstname'), $subState->s('lastname'))) {
return "Erreur dans l'identification. Réessaie, il y a une erreur quelque part !";
}
$subState->set('lastname', $profile->lastName());
$subState->set('firstname', $profile->firstName());
$subState->set('uid', $profile->owner()->id());
$subState->set('watch', $profile->owner()->watch);
$subState->set('comment', $profile->owner()->comment);
$subState->set('birthdateRef', $profile->__get('birthdate_ref'));
return true;
}
public static function countNonGeocoded($pid)
{
$count = XDB::fetchOneCell('SELECT COUNT(*)
FROM profile_addresses AS pa
WHERE pid = {?} AND type = \'home\'
AND NOT EXISTS (SELECT *
FROM profile_addresses_components AS pc
WHERE pa.pid = pc.pid AND pa.jobid = pc.jobid AND pa.groupid = pc.groupid
AND pa.type = pc.type AND pa.id = pc.id)', $pid);
return $count;
}
function check_email($email, $message)
{
$res = XDB::fetchOneCell('SELECT COUNT(*)
FROM email_watch
WHERE state != \'safe\' AND email = {?}', $email);
if ($res) {
send_warning_mail($message);
return true;
}
return false;
}
private static function ListMergeIssues(Profile $profile)
{
if (Platal::globals()->merge->state != 'done') {
return null;
}
$flags = XDB::fetchOneCell('SELECT issues
FROM profile_merge_issues
WHERE pid = {?}', $profile->id());
if (!$flags) {
return null;
}
return new PlFlagSet($flags);
}
public function medal_name()
{
$name = XDB::fetchOneCell('SELECT text
FROM profile_medal_enum
WHERE id = {?}', $this->mid);
$grade = XDB::fetchOneCell('SELECT text
FROM profile_medal_grade_enum
WHERE mid = {?} AND gid = {?}', $this->mid, $this->gid);
if (is_null($grade)) {
return $name;
}
return $name . ' (' . $grade . ')';
}
public function __construct(User $user, $hruid, $email, $group, $dim)
{
parent::__construct($user, false, 'account');
$this->hruid = $hruid;
$this->email = $email;
$this->group = $group;
$this->dim = $dim;
$this->uid = XDB::fetchOneCell('SELECT uid
FROM accounts
WHERE hruid = {?}', $hruid);
$this->groups = XDB::fetchAllAssoc('SELECT g.nom, g.diminutif
FROM groups AS g
INNER JOIN group_members AS m ON (g.id = m.asso_id)
WHERE m.uid = {?}
ORDER BY g.nom', $this->uid);
}
function handler_picture_token(PlPage $page, $size, $token)
{
XDB::rawExecute('DELETE FROM profile_photo_tokens
WHERE expires <= NOW()');
$pid = XDB::fetchOneCell('SELECT pid
FROM profile_photo_tokens
WHERE token = {?}', $token);
if ($pid != null) {
$res = XDB::fetchOneAssoc('SELECT attach, attachmime, x, y, last_update
FROM profile_photos
WHERE pid = {?}', $pid);
$photo = PlImage::fromData($res['attach'], 'image/' . $res['attachmime'], $res['x'], $res['y'], $res['last_update']);
$photo->send();
} else {
return PL_NOT_FOUND;
}
}
function handler_admin_url($page)
{
$page->changeTpl('urlshortener/admin.tpl');
if (!Post::has('url')) {
return;
}
$url = Post::t('url');
$alias = Post::t('alias');
$url_regex = '{^(https?|ftp)://[a-zA-Z0-9._%#+/?=&~-]+$}i';
if (strlen($url) > 255 || !preg_match($url_regex, $url)) {
$page->trigError("L'url donnée n'est pas valide.");
return;
}
$page->assign('url', $url);
if ($alias != '') {
if (!preg_match('/^[a-zA-Z0-9\\-\\/]+$/i', $alias)) {
$page->trigError("L'alias proposé n'est pas valide.");
return;
}
if (preg_match('/^a\\//i', $alias)) {
$page->trigError("L'alias commence par le préfixe 'a/' qui est réservé et donc non autorisé.");
return;
}
$page->assign('alias', $alias);
$used = XDB::fetchOneCell('SELECT COUNT(*)
FROM url_shortener
WHERE alias = {?}', $alias);
if ($used != 0) {
$page->trigError("L'alias proposé est déjà utilisé.");
return;
}
} else {
do {
$alias = 'a/' . rand_token(6);
$used = XDB::fetchOneCell('SELECT COUNT(*)
FROM url_shortener
WHERE alias = {?}', $alias);
} while ($used != 0);
$page->assign('alias', $alias);
}
XDB::execute('INSERT INTO url_shortener (url, alias)
VALUES ({?}, {?})', $url, $alias);
$page->trigSuccess("L'url « " . $url . ' » est maintenant accessible depuis « http://u.w4x.org/' . $alias . ' ».');
}
while ($nickname = $res->next()) {
// Checks that the requested nickname doesn't look like a regular forlife;
// we might run in troubler later if we don't keep the two repos. If we need
// to add a forlife-looking nickname at some point, we'll do it manually.
if (!preg_match('/^[-a-z]+\\.[-a-z]+\\.\\d{4}$/', $nickname['nickname'])) {
$pending_tasks = XDB::fetchOneCell("SELECT COUNT(*)\n FROM gapps_queue\n WHERE q_recipient_id = {?} AND p_status = 'idle' AND j_type = 'n_create' AND j_parameters = {?}", $nickname['id'], json_encode($nickname));
if ($pending_tasks == 0) {
XDB::execute("INSERT INTO gapps_queue\n SET q_recipient_id = {?}, p_entry_date = NOW(), p_notbefore_date = NOW(),\n p_priority = 'offline', j_type = 'n_create', j_parameters = {?}", $nickname['id'], json_encode($nickname));
}
}
}
/* Checks that all nicknames in GoogleApps are also aliases on plat/al side.
Deletes the invalid ones. */
$res = XDB::iterator("SELECT g.l_userid AS id, g.g_nickname AS nickname\n FROM gapps_nicknames AS g\n LEFT JOIN email_source_account AS s ON (s.uid = g.l_userid AND s.type = 'alias' AND s.email = g.g_nickname)\n WHERE g.l_userid IS NOT NULL AND s.email IS NULL");
while ($nickname = $res->next()) {
$pending_tasks = XDB::fetchOneCell("SELECT COUNT(*)\n FROM gapps_queue\n WHERE q_recipient_id = {?} AND p_status = 'idle' AND j_type = 'n_delete' AND j_parameters = {?}", $nickname['id'], json_encode($nickname));
if ($pending_tasks == 0) {
XDB::execute("INSERT INTO gapps_queue\n SET q_recipient_id = {?}, p_entry_date = NOW(), p_notbefore_date = NOW(),\n p_priority = 'offline', j_type = 'n_delete', j_parameters = {?}", $nickname['id'], json_encode($nickname));
}
}
/* Retrieves successful job queues for post-queue processing. */
$res = XDB::iterator("SELECT q_id, q_recipient_id, j_type, j_parameters\n FROM gapps_queue\n WHERE p_status = 'success' AND q_recipient_id IS NOT NULL");
while ($job = $res->next()) {
if ($job['j_type'] == 'u_create') {
post_queue_u_create($job);
} else {
if ($job['j_type'] == 'u_update') {
post_queue_u_update($job);
}
}
}
public function mergeIn(User $newuser)
{
if ($this->profile()) {
// Don't disable user with profile in this way.
global $globals;
Platal::page()->trigError('Impossible de fusionner les comptes ' . $this->hruid . ' et ' . $newuser->hruid . '. Contacte support@' . $globals->mail->domain . '.');
return false;
}
if ($this->forlifeEmail()) {
// If the new user is not registered and does not have already an email address,
// we need to give him the old user's email address if he has any.
if (!$newuser->perms) {
XDB::execute('UPDATE accounts
SET email = {?}
WHERE uid = {?} AND email IS NULL', $this->forlifeEmail(), $newuser->id());
// Reftech new user so its forlifeEmail will be correct.
$newuser = self::getSilentWithUID($newuser->id());
}
// Change email used in mailing lists.
if ($this->forlifeEmail() != $newuser->forlifeEmail()) {
// The super user is the user who has the right to do the modification.
$super_user = S::user();
// group mailing lists
$group_domains = XDB::fetchColumn('SELECT g.mail_domain
FROM groups AS g
INNER JOIN group_members AS gm ON(g.id = gm.asso_id)
WHERE g.mail_domain != \'\' AND gm.uid = {?}', $this->id());
foreach ($group_domains as $mail_domain) {
$mmlist = new MMList($super_user, $mail_domain);
$mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail());
}
// main domain lists
$mmlist = new MMList($super_user);
$mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail());
}
}
// Updates user in following tables.
foreach (array('group_announces', 'payment_transactions', 'log_sessions', 'group_events') as $table) {
XDB::execute('UPDATE ' . $table . '
SET uid = {?}
WHERE uid = {?}', $newuser->id(), $this->id());
}
// Merges user in following tables, ie updates when possible, then deletes remaining occurences of the old user.
foreach (array('group_announces_read', 'group_event_participants', 'group_member_sub_requests', 'group_members', 'email_redirect_account') as $table) {
XDB::execute('UPDATE IGNORE ' . $table . '
SET uid = {?}
WHERE uid = {?}', $newuser->id(), $this->id());
XDB::execute('DELETE FROM ' . $table . '
WHERE uid = {?}', $this->id());
}
// Eventually updates last session id and deletes old user's accounts entry.
$lastSession = XDB::fetchOneCell('SELECT id
FROM log_sessions
WHERE uid = {?}
ORDER BY start DESC
LIMIT 1', $newuser->id());
XDB::execute('UPDATE log_last_sessions
SET id = {?}
WHERE uid = {?}', $lastSession, $newuser->id());
XDB::execute('DELETE FROM accounts
WHERE uid = {?}', $this->id());
return true;
}
function select_if_homonym(PlUser $user)
{
return XDB::fetchOneCell('SELECT email
FROM email_source_account
WHERE uid = {?} AND expire IS NOT NULL', $user->id());
}
function handler_broken($page, $uid = null)
{
$page->changeTpl('marketing/broken.tpl');
if (is_null($uid)) {
return PL_NOT_FOUND;
}
$user = User::get($uid);
if (!$user) {
return PL_NOT_FOUND;
} elseif ($user->login() == S::user()->login()) {
pl_redirect('emails/redirect');
}
$res = XDB::query('SELECT p.deathdate IS NULL AS alive, r.last, IF(r.type = \'googleapps\', \'googleapps\', r.redirect) AS active_email
FROM accounts AS a
LEFT JOIN email_redirect_account AS r ON (a.uid = r.uid AND r.type IN (\'smtp\', \'googleapps\') AND r.flags = \'active\')
LEFT JOIN account_profiles AS ap ON (ap.uid = r.uid AND FIND_IN_SET(\'owner\', ap.perms))
LEFT JOIN profiles AS p ON (p.pid = ap.pid)
WHERE a.uid = {?}
ORDER BY r.broken_level, r.last', $user->id());
if (!$res->numRows()) {
return PL_NOT_FOUND;
}
$user->addProperties($res->fetchOneAssoc());
$page->assign('user', $user);
$email = null;
require_once 'emails.inc.php';
if (Post::has('mail')) {
$email = valide_email(Post::v('mail'));
}
if (Post::has('valide') && isvalid_email_redirection($email, $user)) {
S::assert_xsrf_token();
// security stuff
check_email($email, "Proposition d'une adresse surveillee pour " . $user->login() . " par " . S::user()->login());
$state = XDB::fetchOneCell('SELECT flags
FROM email_redirect_account
WHERE redirect = {?} AND uid = {?}', $email, $user->id());
if ($state == 'broken') {
$page->trigWarning("L'adresse que tu as fournie est l'adresse actuelle de {$user->fullName()} et est en panne.");
} elseif ($state == 'active') {
$page->trigWarning("L'adresse que tu as fournie est l'adresse actuelle de {$user->fullName()}");
} elseif ($user->email && !Post::t('comment')) {
$page->trigError("Il faut que tu ajoutes un commentaire à ta proposition pour justifier le " . "besoin de changer la redirection de {$user->fullName()}.");
} else {
$valid = new BrokenReq(S::user(), $user, $email, trim(Post::v('comment')));
$valid->submit();
$page->assign('sent', true);
}
} elseif ($email) {
$page->trigError("L'adresse proposée n'est pas une adresse acceptable pour une redirection.");
}
}
/** Compute the conditions to use for the current request.
* @return A PlFilterCondition instance (actually a PFC_And)
*/
protected function getCond()
{
$cond = new PFC_And();
foreach ($this->criteria as $criterion => $value) {
switch ($criterion) {
// ENUM fields
case WSRequestCriteria::SCHOOL:
// Useless criterion: we don't need to check on origin school
if (WSRequestCriteria::$choices_enum[$criterion][$value]) {
$cond->addChild(new PFC_True());
} else {
$cond->addChild(new PFC_False());
}
break;
case WSRequestCriteria::DIPLOMA:
$diploma = WSRequestCriteria::$choices_enum[$criterion][$value];
$id_X = XDB::fetchOneCell('SELECT id
FROM profile_education_enum
WHERE abbreviation = {?}', 'X');
$cond->addChildren(array(new UFC_EducationSchool($id_X), new UFC_EducationDegree($diploma)));
break;
// TEXT fields
// TEXT fields
case WSRequestCriteria::FIRSTNAME:
case WSRequestCriteria::LASTNAME:
$cond->addChild(new UFC_NameTokens($value, UFC_NameTokens::FLAG_PUBLIC, false, false, $criterion));
break;
case WSRequestCriteria::PROMOTION:
$cond->addChild(new PFC_Or(new UFC_Promo(UserFilter::OP_EQUALS, UserFilter::GRADE_ING, $value), new UFC_Promo(UserFilter::OP_EQUALS, UserFilter::GRADE_MST, $value), new UFC_Promo(UserFilter::OP_EQUALS, UserFilter::GRADE_PHD, $value)));
break;
case WSRequestCriteria::ALT_DIPLOMA:
$cond->addChild(new UFC_EducationDegree(DirEnum::getIds(DirEnum::EDUDEGREES, $value)));
break;
case WSRequestCriteria::DIPLOMA_FIELD:
$cond->addChild(new UFC_EducationField(DirEnum::getIds(DirEnum::EDUFIELDS, $value)));
break;
case WSRequestCriteria::CITY:
$cond->addChild(new UFC_AddressField($value, UFC_AddressField::FIELD_LOCALITY, UFC_Address::TYPE_HOME, UFC_Address::FLAG_CURRENT));
break;
case WSRequestCriteria::COUNTRY:
$cond->addChild(new UFC_AddressField($value, UFC_AddressField::FIELD_COUNTRY, UFC_Address::TYPE_HOME, UFC_Address::FLAG_CURRENT));
break;
case WSRequestCriteria::ZIPCODE:
$cond->addChild(new UFC_AddressField($value, UFC_AddressField::FIELD_ZIPCODE, UFC_Address::TYPE_HOME, UFC_Address::FLAG_CURRENT));
break;
case WSRequestCriteria::JOB_ANY_COUNTRY:
$cond->addChild(new UFC_AddressField($value, UFC_AddressField::FIELD_COUNTRY, UFC_Address::TYPE_PRO, UFC_Address::FLAG_ANY));
break;
case WSRequestCriteria::JOB_CURRENT_CITY:
$cond->addChild(new UFC_AddressField($value, UFC_AddressField::FIELD_LOCALITY, UFC_Address::TYPE_PRO, UFC_Address::FLAG_ANY));
break;
case WSRequestCriteria::JOB_ANY_COMPANY:
case WSRequestCriteria::JOB_CURRENT_COMPANY:
$cond->addChild(new UFC_Job_Company(UFC_Job_Company::JOBNAME, $value));
break;
case WSRequestCriteria::JOB_ANY_SECTOR:
case WSRequestCriteria::JOB_CURRENT_SECTOR:
case WSRequestCriteria::JOB_CURRENT_TITLE:
$cond->addChild(new UFC_Job_Terms(DirEnum::getIds(DirEnum::JOBTERMS, $value)));
break;
// LIST fields
// LIST fields
case WSRequestCriteria::HOBBIES:
$subcond = new PFC_Or();
foreach ($value as $val) {
$subcond->addChild(new UFC_Comment($value));
}
$cond->addChild($subcond);
break;
case WSRequestCriteria::JOB_COMPETENCIES:
case WSRequestCriteria::JOB_RESUME:
case WSRequestCriteria::PROFESSIONAL_PROJECT:
$subcond = new PFC_Or();
foreach ($value as $val) {
$subcond->addChild(new UFC_Job_Description($value, UserFilter::JOB_USERDEFINED));
}
$cond->addChild($subcond);
break;
case WSRequestCriteria::NOT_UID:
$cond->addChild(new PFC_Not(new UFC_PartnerSharingID($this->partner->id, $value)));
break;
default:
break;
}
}
return $cond;
}
function fill_email_combobox(PlPage $page, array $retrieve, $user = null)
{
require_once 'emails.inc.php';
if (is_null($user)) {
$user = S::user();
}
/* Always refetch the profile. */
$profile = $user->profile(true);
$emails = array();
if (in_array('source', $retrieve)) {
$emails['Emails polytechniciens'] = XDB::fetchColumn('SELECT CONCAT(s.email, \'@\', d.name)
FROM email_source_account AS s
INNER JOIN email_virtual_domains AS m ON (s.domain = m.id)
INNER JOIN email_virtual_domains AS d ON (d.aliasing = m.id)
WHERE s.uid = {?}
ORDER BY s.email, d.name', $user->id());
}
if (in_array('redirect', $retrieve)) {
$redirect = new Redirect($user);
$emails['Redirections'] = array();
foreach ($redirect->emails as $redirect_it) {
if ($redirect_it->is_redirection()) {
$emails['Redirections'][] = $redirect_it->email;
}
}
}
if ($profile) {
if (in_array('job', $retrieve)) {
$emails['Emails professionels'] = XDB::fetchColumn('SELECT email
FROM profile_job
WHERE pid = {?} AND email IS NOT NULL AND email != \'\'', $profile->id());
}
if ($profile->email_directory) {
if (in_array('directory', $retrieve)) {
foreach ($emails as &$email_list) {
foreach ($email_list as $key => $email) {
if ($profile->email_directory == $email) {
unset($email_list[$key]);
}
}
}
$emails['Email annuaire AX'] = array($profile->email_directory);
} elseif (in_array('stripped_directory', $retrieve)) {
if (User::isForeignEmailAddress($profile->email_directory)) {
$is_redirect = XDB::fetchOneCell('SELECT COUNT(*)
FROM email_redirect_account
WHERE uid = {?} AND redirect = {?}', $user->id(), $profile->email_directory);
if ($is_redirect == 0) {
$emails['Email annuaire AX'] = array($profile->email_directory);
}
}
}
}
if (isset($emails['Emails professionels']) && isset($emails['Redirections'])) {
$intersect = array_intersect($emails['Emails professionels'], $emails['Redirections']);
foreach ($intersect as $key => $email) {
unset($emails['Emails professionels'][$key]);
}
}
}
$emails_count = 0;
foreach ($emails as $email_list) {
$emails_count += count($email_list);
}
$page->assign('emails_count', $emails_count);
$page->assign('email_lists', $emails);
}
public static function is_active_storage(User $user, $storage)
{
if (!in_array($storage, self::get_allowed_storages($user))) {
return false;
}
$res = XDB::fetchOneCell('SELECT COUNT(*)
FROM email_redirect_account
WHERE uid = {?} AND type = {?} AND flags = \'active\'', $user->id(), $storage);
return !is_null($res) && $res > 0;
}
/** Send this issue to the given user, reusing an existing hash if provided.
* @p $user User to whom the issue should be mailed
* @p $hash Optional hash to use in the 'unsubscribe' link; if null, another one will be generated.
*/
public function sendTo($user, $hash = null)
{
global $globals;
// Don't send email to users without an address
// Note: this would never happen when using sendToAll
if (!$user->bestEmail()) {
return;
}
$this->fetchArticles();
if (is_null($hash)) {
$hash = XDB::fetchOneCell("SELECT hash\n FROM newsletter_ins\n WHERE uid = {?} AND nlid = {?}", $user->id(), $this->nl->id);
}
if (is_null($hash)) {
$hash = self::createHash(array($user->displayName(), $user->fullName(), $user->isFemale(), $user->isEmailFormatHtml(), rand(), "X.org rulez"));
XDB::execute("UPDATE newsletter_ins as ni\n SET ni.hash = {?}\n WHERE ni.uid = {?} AND ni.nlid = {?}", $hash, $user->id(), $this->nl->id);
}
$mailer = new PlMailer($this->nl->tplFile());
$this->assignData($mailer);
$mailer->assign('is_mail', true);
$mailer->assign('user', $user);
$mailer->assign('prefix', null);
$mailer->assign('hash', $hash);
if (!empty($this->reply_to)) {
$mailer->addHeader('Reply-To', $this->reply_to);
}
// Add mailing list headers
// Note: "Precedence: bulk" is known to cause issues on some clients
$mailer->addHeader('Precedence', 'list');
// RFC 2919 header
$mailer->addHeader('List-Id', $this->nl->group . ' <' . $this->nl->group . '.newsletter.' . $globals->mail->domain . '>');
// RFC 2369 headers
$listurl = $this->nl->fullUrl();
$mailer->addHeader('List-Unsubscribe', '<' . $listurl . '/out/nohash/' . $this->id . '>');
$mailer->addHeader('List-Subscribe', '<' . $listurl . '/in/nohash/' . $this->id . '>');
$mailer->addHeader('List-Archive', '<' . $listurl . '>');
$mailer->addHeader('List-Help', '<' . $listurl . '>');
$mailer->addHeader('List-Owner', '<mailto:support@' . $globals->mail->domain . '>');
$mailer->sendTo($user);
}
public static function getPID($login)
{
if ($login instanceof PlUser) {
return XDB::fetchOneCell('SELECT pid
FROM account_profiles
WHERE uid = {?} AND FIND_IN_SET(\'owner\', perms)', $login->id());
} else {
if (ctype_digit($login)) {
return XDB::fetchOneCell('SELECT pid
FROM profiles
WHERE pid = {?}', $login);
} else {
return XDB::fetchOneCell('SELECT pid
FROM profiles
WHERE hrpid = {?}', $login);
}
}
}
function handler_broken_addr($page)
{
require_once 'emails.inc.php';
$page->changeTpl('emails/broken_addr.tpl');
if (Env::has('sort_broken')) {
S::assert_xsrf_token();
$list = trim(Env::v('list'));
if ($list == '') {
$page->trigError('La liste est vide.');
} else {
$valid_emails = array();
$invalid_emails = array();
$broken_list = explode("\n", $list);
sort($broken_list);
foreach ($broken_list as $orig_email) {
$orig_email = trim($orig_email);
if ($orig_email != '') {
$email = valide_email($orig_email);
if (empty($email) || $email == '@') {
$invalid_emails[] = trim($orig_email) . ': invalid email';
} elseif (!in_array($email, $valid_emails)) {
$nb = XDB::fetchOneCell('SELECT COUNT(*)
FROM email_redirect_account
WHERE redirect = {?}', $email);
if ($nb > 0) {
$valid_emails[] = $email;
} else {
$invalid_emails[] = $orig_email . ': no such redirection';
}
}
}
}
$page->assign('valid_emails', $valid_emails);
$page->assign('invalid_emails', $invalid_emails);
}
}
if (Env::has('process_broken')) {
S::assert_xsrf_token();
$list = trim(Env::v('list'));
if ($list == '') {
$page->trigError('La liste est vide.');
} else {
require_once 'notifs.inc.php';
$broken_user_list = array();
$broken_user_email_count = array();
$broken_user_profiles = array();
$broken_list = explode("\n", $list);
sort($broken_list);
foreach ($broken_list as $email) {
$email = trim($email);
$userobj = null;
if ($user = mark_broken_email($email, true)) {
$userobj = User::getSilentWithUID($user['uid']);
}
if (is_null($userobj)) {
continue;
}
$profile = $userobj->profile();
if (is_null($profile)) {
continue;
}
if ($user['nb_mails'] > 0 && $user['notify']) {
$mail = new PlMailer('emails/broken.mail.tpl');
$mail->setTo($userobj);
$mail->assign('user', $user);
$mail->assign('email', $email);
$mail->send();
} else {
WatchProfileUpdate::register($profile, 'broken');
}
$pid = $profile->id();
if (!isset($broken_user_list[$pid])) {
$broken_user_list[$pid] = array($email);
} else {
$broken_user_list[$pid][] = $email;
}
$broken_user_email_count[$pid] = $user['nb_mails'];
$broken_user_profiles[$pid] = $profile;
}
XDB::execute('UPDATE email_redirect_account
SET broken_level = broken_level - 1
WHERE flags = \'active\' AND broken_level > 1
AND DATE_ADD(last, INTERVAL 1 MONTH) < CURDATE()');
XDB::execute('UPDATE email_redirect_account
SET broken_level = 0
WHERE flags = \'active\' AND broken_level = 1
AND DATE_ADD(last, INTERVAL 1 YEAR) < CURDATE()');
// Sort $broken_user_list with (promo, sortname, pid)
$sortable_array = array();
foreach ($broken_user_list as $pid => $mails) {
$profile = $broken_user_profiles[$pid];
$sortable_array[$pid] = array($profile->promo(), $profile->sortName(), $pid);
}
asort($sortable_array);
// Output the list of users with recently broken addresses,
// along with the count of valid redirections.
pl_cached_content_headers('text/x-csv', null, 1, 'broken.csv');
$csv = fopen('php://output', 'w');
fputcsv($csv, array('nom', 'promo', 'bounces', 'nbmails', 'url', 'corps', 'job', 'networking'), ';');
$corpsList = DirEnum::getOptions(DirEnum::CURRENTCORPS);
foreach (array_keys($sortable_array) as $pid) {
$mails = $broken_user_list[$pid];
$profile = $broken_user_profiles[$pid];
$current_corps = $profile->getCorpsName();
$jobs = $profile->getJobs();
$companies = array();
foreach ($jobs as $job) {
$companies[] = $job->company->name;
}
$networkings = $profile->getNetworking(Profile::NETWORKING_ALL);
$networking_list = array();
foreach ($networkings as $networking) {
$networking_list[] = $networking['address'];
}
fputcsv($csv, array($profile->fullName(), $profile->promo(), join(',', $mails), $broken_user_email_count[$pid], 'https://www.polytechnique.org/marketing/broken/' . $profile->hrid(), $current_corps, implode(',', $companies), implode(',', $networking_list)), ';');
}
fclose($csv);
exit;
}
}
}
private function getPIDList($pids = null, PlLimit $limit)
{
$this->requireProfiles();
$this->buildQuery();
$lim = $limit->getSql();
$cond = '';
if (!is_null($pids)) {
$cond = XDB::format(' AND p.pid IN {?}', $pids);
}
$fetched = XDB::rawFetchColumn('SELECT SQL_CALC_FOUND_ROWS p.pid
' . $this->query . $cond . '
GROUP BY p.pid
' . $this->orderby . '
' . $lim);
$this->lastprofilecount = (int) XDB::fetchOneCell('SELECT FOUND_ROWS()');
return $fetched;
}
function handler_tmpPWD($page, $certif = null)
{
global $globals;
XDB::execute('DELETE FROM account_lost_passwords
WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created');
if (Post::has('pwhash') && Post::t('pwhash')) {
$uid = XDB::fetchOneCell('SELECT uid
FROM accounts
WHERE hruid = {?}', Post::t('username'));
$password = Post::t('pwhash');
XDB::query('UPDATE accounts
SET password = {?}
WHERE uid = {?} AND state = \'active\'', $password, $uid);
XDB::query('DELETE FROM account_lost_passwords
WHERE certificat = {?}', $certif);
// If GoogleApps is enabled, and the user did choose to use synchronized passwords,
// updates the Google Apps password as well.
if ($globals->mailstorage->googleapps_domain) {
require_once 'googleapps.inc.php';
$account = new GoogleAppsAccount(User::getSilent($uid));
if ($account->active() && $account->sync_password) {
$account->set_password($password);
}
}
S::logger($uid)->log("passwd", "");
// Try to start a session (so the user don't have to log in); we will use
// the password available in Post:: to authenticate the user.
Platal::session()->start(AUTH_PASSWD);
$page->changeTpl('platal/tmpPWD.success.tpl');
} else {
$res = XDB::query('SELECT uid
FROM account_lost_passwords
WHERE certificat = {?}', $certif);
$ligne = $res->fetchOneAssoc();
if (!$ligne) {
$page->changeTpl('platal/index.tpl');
$page->kill("Cette adresse n'existe pas ou n'existe plus sur le serveur.");
}
$hruid = XDB::fetchOneCell('SELECT hruid
FROM accounts
WHERE uid = {?}', $ligne['uid']);
$page->changeTpl('platal/password.tpl');
$page->assign('hruid', $hruid);
$page->assign('do_auth', 1);
}
}
public function getTotalCount()
{
if (is_null($this->lastcount)) {
$schema = $this->schema();
$as = $schema['as'];
$id = $schema['id'];
$this->buildQuery();
return (int) XDB::fetchOneCell("SELECT COUNT(DISTINCT {$as}.{$id}) {$this->query}");
} else {
return $this->lastcount;
}
}
function handler_create($page)
{
global $globals;
$page->changeTpl('lists/create.tpl');
$user_promo = S::user()->profile()->yearPromo();
$year = date('Y');
$month = date('m');
// scolar year starts in september
$scolarmonth = ($year - $user_promo) * 12 + ($month - 8);
$young_promo = $very_young_promo = 0;
// binet are accessible only in april in the first year and until
// march of the 5th year
if ($scolarmonth >= 8 && $scolarmonth < 56) {
$young_promo = 1;
}
// PSC aliases are accesible only between september and june of the second
// year of scolarity
if ($scolarmonth >= 12 && $scolarmonth < 22) {
$very_young_promo = 1;
}
$page->assign('young_promo', $young_promo);
$page->assign('very_young_promo', $very_young_promo);
$owners = preg_split("/[\\s]+/", Post::v('owners'), -1, PREG_SPLIT_NO_EMPTY);
$members = preg_split("/[\\s]+/", Post::v('members'), -1, PREG_SPLIT_NO_EMPTY);
// click on validate button 'add_owner_sub' or type <enter>
if (Post::has('add_owner_sub') && Post::has('add_owner')) {
// if we want to add an owner and then type <enter>, then both
// add_owner_sub and add_owner are filled.
$oforlifes = User::getBulkForlifeEmailsFromEmail(Post::v('add_owner'));
$mforlifes = User::getBulkForlifeEmailsFromEmail(Post::v('add_member'));
if (!is_null($oforlifes)) {
$owners = array_merge($owners, $oforlifes);
}
// if we want to add a member and then type <enter>, then
// add_owner_sub is filled, whereas add_owner is empty.
if (!is_null($mforlifes)) {
$members = array_merge($members, $mforlifes);
}
}
// click on validate button 'add_member_sub'
if (Post::has('add_member_sub') && Post::has('add_member')) {
$forlifes = User::getBulkForlifeEmailsFromEmail(Post::v('add_member'));
if (!is_null($forlifes)) {
$members = array_merge($members, $forlifes);
}
}
if (Post::has('add_member_sub') && isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) {
$upload =& PlUpload::get($_FILES['add_member_file'], S::user()->login(), 'list.addmember', true);
if (!$upload) {
$page->trigError('Une erreur s\'est produite lors du téléchargement du fichier');
} else {
$forlifes = User::getBulkForlifeEmailsFromEmail($upload->getContents());
if (!is_null($forlifes)) {
$members = array_merge($members, $forlifes);
}
}
}
ksort($owners);
$owners = array_unique($owners);
ksort($members);
$members = array_unique($members);
$page->assign('owners', join("\n", $owners));
$page->assign('members', join("\n", $members));
if (!Post::has('submit')) {
return;
} else {
S::assert_xsrf_token();
}
$asso = Post::t('asso');
$list = strtolower(Post::t('liste'));
if (empty($list)) {
$page->trigError('Le champ « adresse souhaitée » est vide.');
}
if (!preg_match("/^[a-zA-Z0-9\\-]*\$/", $list)) {
$page->trigError('Le nom de la liste ne doit contenir que des lettres non accentuées, chiffres et tirets.');
}
if ($asso == 'binet' || $asso == 'alias') {
$promo = Post::i('promo');
$domain = $promo . '.' . $globals->mail->domain;
if ($promo < 1921 || $promo > date('Y')) {
$page->trigError('La promotion est mal renseignée, elle doit être du type : 2004.');
}
} elseif ($asso == 'groupex') {
$domain = XDB::fetchOneCell('SELECT mail_domain
FROM groups
WHERE nom = {?}', Post::t('groupex_name'));
if (!$domain) {
$page->trigError('Il n\'y a aucun groupe de ce nom sur Polytechnique.net.');
}
} else {
$domain = $globals->mail->domain;
}
require_once 'emails.inc.php';
if (list_exist($list, $domain)) {
$page->trigError("L'« adresse souhaitée » est déjà prise.");
}
if (!Post::t('desc')) {
$page->trigError('Le sujet est vide.');
}
if (!count($owners)) {
$page->trigError('Il n\'y a pas de gestionnaire.');
}
if (count($members) < 4) {
$page->trigError('Il n\'y a pas assez de membres.');
}
if (!$page->nb_errs()) {
$page->trigSuccess('Demande de création envoyée !');
$page->assign('created', true);
$req = new ListeReq(S::user(), $asso, $list, $domain, Post::t('desc'), Post::i('advertise'), Post::i('modlevel'), Post::i('inslevel'), $owners, $members);
$req->submit();
}
}
/**
* Returns the password of the User
*
* @param string $password If specified, update the password in the database
* @param boolean $encrypt Encrypt the password
* @return string database password hash
*/
public function password($password = null, $encrypt = true)
{
if ($password != null) {
$this->password = $encrypt ? hash_encrypt($password) : $password;
XDB::execute('UPDATE account SET password = {?} WHERE uid = {?}', $this->password, $this->id());
}
return XDB::fetchOneCell('SELECT password FROM account WHERE uid = {?}', $this->id());
}
private function getGroup(PlPage $page, $group)
{
$groupid = XDB::fetchOneCell("SELECT id\n FROM groups\n WHERE (nom = {?} OR diminutif = {?}) AND NOT FIND_IN_SET('private', pub)", $group, $group);
if (is_null($groupid)) {
$search = XDB::formatWildcards(XDB::WILDCARD_CONTAINS, $group);
$res = XDB::query('SELECT id
FROM groups
WHERE (nom ' . $search . ' OR diminutif ' . $search . ") AND NOT FIND_IN_SET('private', pub)", $search, $search);
if ($res->numRows() == 1) {
$groupid = $res->fetchOneCell();
}
}
return $groupid;
}
function handler_add_secondary_edu($page)
{
$page->changeTpl('admin/add_secondary_edu.tpl');
if (!(Post::has('verify') || Post::has('add'))) {
return;
} elseif (!Post::has('people')) {
$page->trigWarning("Aucune information n'a été fournie.");
return;
}
require_once 'name.func.inc.php';
$lines = explode("\n", Post::t('people'));
$separator = Post::t('separator');
$degree = Post::v('degree');
$promotion = Post::i('promotion');
$schoolsList = array_flip(DirEnum::getOptions(DirEnum::EDUSCHOOLS));
$degreesList = array_flip(DirEnum::getOptions(DirEnum::EDUDEGREES));
$edu_id = $schoolsList[Profile::EDU_X];
$degree_id = $degreesList[$degree];
$res = array('incomplete' => array(), 'empty' => array(), 'multiple' => array(), 'already' => array(), 'new' => array());
$old_pids = array();
$new_pids = array();
foreach ($lines as $line) {
$line = trim($line);
$line_array = explode($separator, $line);
array_walk($line_array, 'trim');
if (count($line_array) != 3) {
$page->trigError("La ligne « {$line} » est incomplète.");
$res['incomplete'][] = $line;
continue;
}
$cond = new PFC_And(new UFC_NameTokens(split_name_for_search($line_array[0]), array(), false, false, Profile::LASTNAME));
$cond->addChild(new UFC_NameTokens(split_name_for_search($line_array[1]), array(), false, false, Profile::FIRSTNAME));
$cond->addChild(new UFC_Promo('=', UserFilter::DISPLAY, $line_array[2]));
$uf = new UserFilter($cond);
$pid = $uf->getPIDs();
$count = count($pid);
if ($count == 0) {
$page->trigError("La ligne « {$line} » ne correspond à aucun profil existant.");
$res['empty'][] = $line;
continue;
} elseif ($count > 1) {
$page->trigError("La ligne « {$line} » correspond à plusieurs profils existant.");
$res['multiple'][] = $line;
continue;
} else {
$count = XDB::fetchOneCell('SELECT COUNT(*) AS count
FROM profile_education
WHERE pid = {?} AND eduid = {?} AND degreeid = {?}', $pid, $edu_id, $degree_id);
if ($count == 1) {
$res['already'][] = $line;
$old_pids[] = $pid[0];
} else {
$res['new'][] = $line;
$new_pids[] = $pid[0];
}
}
}
$display = array();
foreach ($res as $type => $res_type) {
if (count($res_type) > 0) {
$display = array_merge($display, array('--------------------' . $type . ':'), $res_type);
}
}
$page->assign('people', implode("\n", $display));
$page->assign('promotion', $promotion);
$page->assign('degree', $degree);
if (Post::has('add')) {
$entry_year = $promotion - Profile::educationDuration($degree);
if (Post::b('force_addition')) {
$pids = array_unique(array_merge($old_pids, $new_pids));
} else {
$pids = array_unique($new_pids);
// Updates years.
if (count($old_pids)) {
XDB::execute('UPDATE profile_education
SET entry_year = {?}, grad_year = {?}, promo_year = {?}
WHERE pid IN {?} AND eduid = {?} AND degreeid = {?}', $entry_year, $promotion, $promotion, $old_pids, $edu_id, $degree_id);
}
}
// Precomputes values common to all users.
$select = XDB::format('MAX(id) + 1, pid, {?}, {?}, {?}, {?}, {?}, \'secondary\'', $edu_id, $degree_id, $entry_year, $promotion, $promotion);
XDB::startTransaction();
foreach ($pids as $pid) {
XDB::execute('INSERT INTO profile_education (id, pid, eduid, degreeid, entry_year, grad_year, promo_year, flags)
SELECT ' . $select . '
FROM profile_education
WHERE pid = {?}
GROUP BY pid', $pid);
}
XDB::commit();
}
}
function get_event_participants(&$evt, $item_id, array $tri = array(), $limit = null, $offset = 0)
{
global $globals;
$eid = $evt['eid'];
$money = $evt['money'] && function_exists('may_update') && may_update();
$pay_id = $evt['paiement_id'];
$append = $item_id ? XDB::format(' AND ep.item_id = {?}', $item_id) : '';
$query = XDB::fetchAllAssoc('uid', 'SELECT ep.uid, SUM(ep.paid) AS paid, SUM(ep.nb) AS nb,
FIND_IN_SET(\'notify_payment\', ep.flags) AS notify_payment
FROM group_event_participants AS ep
WHERE ep.eid = {?} AND nb > 0 ' . $append . '
GROUP BY ep.uid', $eid);
$uf = new UserFilter(new PFC_True(), $tri);
$users = User::getBulkUsersWithUIDs($uf->filter(array_keys($query), new PlLimit($limit, $offset)));
$tab = array();
foreach ($users as $user) {
$uid = $user->id();
$tab[$uid] = $query[$uid];
$tab[$uid]['user'] = $user;
}
if ($item_id) {
return $tab;
}
$evt['adminpaid'] = 0;
$evt['telepaid'] = 0;
$evt['topay'] = 0;
$evt['paid'] = 0;
foreach ($tab as $uid => &$u) {
$u['adminpaid'] = (double) $u['paid'];
$u['montant'] = 0;
if ($money && $pay_id) {
$montant = XDB::fetchOneCell('SELECT SUM(amount)
FROM payment_transactions AS t
WHERE status = "confirmed" AND ref = {?} AND uid = {?}', $pay_id, $uid);
$u['paid'] += $montant;
}
$u['telepayment'] = $u['paid'] - $u['adminpaid'];
$res_ = XDB::iterator('SELECT ep.nb, ep.item_id, ei.montant
FROM group_event_participants AS ep
INNER JOIN group_event_items AS ei ON (ei.eid = ep.eid AND ei.item_id = ep.item_id)
WHERE ep.eid = {?} AND ep.uid = {?}', $eid, $uid);
while ($i = $res_->next()) {
$u[$i['item_id']] = $i['nb'];
$u['montant'] += $i['montant'] * $i['nb'];
}
$evt['telepaid'] += $u['telepayment'];
$evt['adminpaid'] += $u['adminpaid'];
$evt['paid'] += $u['paid'];
$evt['topay'] += $u['montant'];
}
return $tab;
}
private static function fix_notification($group_id)
{
$count = XDB::fetchOneCell("SELECT COUNT(uid)\n FROM group_members\n WHERE asso_id = {?} AND perms = 'admin' AND FIND_IN_SET('notify', flags)", $group_id);
if ($count == 0) {
XDB::execute("UPDATE groups\n SET flags = IF(flags = '', 'notify_all', CONCAT(flags, ',', 'notify_all'))\n WHERE id = {?}", $group_id);
}
}
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with this program; if not, write to the Free Software *
* Foundation, Inc., *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
require_once 'xorg.inc.php';
$platal = new Xorg('core');
global $globals;
$path = ltrim($platal->pl_self(), '/');
@(list($username, $path) = explode('/', $path, 2));
if ($username && !is_null($user = User::getSilent($username))) {
$url = XDB::fetchOneCell('SELECT url
FROM carvas
WHERE uid = {?}', $user->id());
if ($url) {
$url = preg_replace('@/+$@', '', $url);
if ($path) {
http_redirect("http://{$url}/{$path}");
} else {
http_redirect("http://{$url}");
}
}
}
header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found');
?>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head>
function handler_issues($page, $action = '')
{
static $issueList = array('name' => 'noms', 'phone' => 'téléphones', 'education' => 'formations', 'address' => 'adresses', 'job' => 'emplois');
static $typeList = array('name' => 'general', 'phone' => 'general', 'education' => 'general', 'address' => 'adresses', 'job' => 'emploi');
if (!array_key_exists($action, $issueList)) {
pl_redirect('fusionax');
} else {
$total = XDB::fetchOneCell('SELECT COUNT(*)
FROM profile_merge_issues
WHERE FIND_IN_SET({?}, issues)', $action);
if ($total == 0) {
pl_redirect('fusionax');
}
$issues = XDB::fetchAllAssoc('SELECT p.hrpid, pd.directory_name, pd.promo
FROM profile_merge_issues AS pm
INNER JOIN profiles AS p ON (pm.pid = p.pid)
INNER JOIN profile_display AS pd ON (pd.pid = p.pid)
WHERE FIND_IN_SET({?}, pm.issues)
ORDER BY pd.directory_name
LIMIT 100', $action);
$page->changeTpl('fusionax/other_issues.tpl');
$page->assign('issues', $issues);
$page->assign('issue', $issueList[$action]);
$page->assign('type', $typeList[$action]);
$page->assign('total', $total);
}
}
