public function handler_admin_nl_enable($page) { global $globals; $nl = $this->getNl(); if ($nl) { return PL_FORBIDDEN; } if (Post::has('title')) { if (!S::has_xsrf_token()) { return PL_FORBIDDEN; } XDB::execute('INSERT INTO newsletters SET group_id = {?}, name = {?}', $globals->asso('id'), Post::s('title')); $mailer = new PlMailer(); $mailer->assign('group', $globals->asso('nom')); $mailer->assign('user', S::user()); $mailer->send(); $page->trigSuccessRedirect("La lettre d'informations du groupe " . $globals->asso('nom') . " a bien été créée", $globals->asso('shortname') . '/admin/nl'); } $page->setTitle('Activation de la newsletter'); $page->changeTpl('newsletter/enable.tpl'); }
function handler_admin_nl_edit($page, $nid = 'last', $aid = null, $action = 'edit') { $page->changeTpl('newsletter/edit.tpl'); $page->addCssLink('nl.Polytechnique.org.css'); $page->setTitle('Administration - Newsletter : Édition'); $nl = $this->getNl(); if (!$nl) { return PL_NOT_FOUND; } try { $issue = $nl->getIssue($nid, false); } catch (MailNotFound $e) { return PL_NOT_FOUND; } $ufb = $nl->getSubscribersUFB(); $ufb_keepenv = false; // Will be set to True if there were invalid modification to the UFB. // Convert NLIssue error messages to human-readable errors $error_msgs = array(NLIssue::ERROR_INVALID_REPLY_TO => "L'adresse de réponse est invalide.", NLIssue::ERROR_INVALID_SHORTNAME => "Le nom court est invalide ou vide.", NLIssue::ERROR_INVALID_UFC => "Le filtre des destinataires est invalide.", NLIssue::ERROR_TOO_LONG_UFC => "Le nombre de matricules AX renseigné est trop élevé.", NLIssue::ERROR_SQL_SAVE => "Une erreur est survenue en tentant de sauvegarder la lettre, merci de réessayer."); // Update the current issue if ($aid == 'update' && Post::has('submit')) { // Save common fields $issue->title = Post::s('title'); $issue->title_mail = Post::s('title_mail'); $issue->head = Post::s('head'); $issue->signature = Post::s('signature'); $issue->reply_to = Post::s('reply_to'); if ($issue->isEditable()) { // Date and shortname may only be modified for pending NLs, otherwise all links get broken. $issue->date = Post::s('date'); $issue->shortname = strlen(Post::blank('shortname')) ? null : Post::s('shortname'); $issue->sufb->updateFromEnv($ufb->getEnv()); if ($nl->automaticMailingEnabled()) { $issue->send_before = preg_replace('/^(\\d\\d\\d\\d)(\\d\\d)(\\d\\d)$/', '\\1-\\2-\\3', Post::v('send_before_date')) . ' ' . Post::i('send_before_time_Hour') . ':00:00'; } } $errors = $issue->save(); if (count($errors)) { foreach ($errors as $error_code) { $page->trigError($error_msgs[$error_code]); } } } // Delete an article if ($action == 'delete') { $issue->delArticle($aid); pl_redirect($nl->adminPrefix(true, false) . "/edit/{$nid}"); } // Save an article if (Post::v('save')) { $art = new NLArticle(Post::v('title'), Post::v('body'), Post::v('append'), $aid, Post::v('cid'), Post::v('pos')); $issue->saveArticle($art); pl_redirect($nl->adminPrefix(true, false) . "/edit/{$nid}"); } // Edit an article if ($action == 'edit' && $aid != 'update') { $eaid = $aid; if (Post::has('title')) { $art = new NLArticle(Post::v('title'), Post::v('body'), Post::v('append'), $eaid, Post::v('cid'), Post::v('pos')); } else { $art = $eaid == 'new' ? new NLArticle() : $issue->getArt($eaid); } if ($art && !$art->check()) { $page->trigError("Cet article est trop long."); } $page->assign('art', $art); } // Check blacklisted IPs if ($aid == 'blacklist_check') { global $globals; $ips_to_check = array(); $blacklist_host_resolution_count = 0; foreach ($issue->arts as $key => $articles) { foreach ($articles as $article) { $article_ips = $article->getLinkIps($blacklist_host_resolution_count); if (!empty($article_ips)) { $ips_to_check[$article->title()] = $article_ips; } } } $page->assign('ips_to_check', $ips_to_check); if ($blacklist_host_resolution_count >= $globals->mail->blacklist_host_resolution_limit) { $page->trigError("Toutes les url et adresses emails de la lettre" . " n'ont pas été prises en compte car la" . " limite du nombre de résolutions DNS" . " autorisée a été atteinte."); } } if ($issue->state == NLIssue::STATE_SENT) { $page->trigWarning("Cette lettre a déjà été envoyée ; il est recommandé de limiter les modifications au maximum (orthographe, adresses web et mail)."); } $ufb->setEnv($issue->sufb->getEnv()); $page->assign_by_ref('nl', $nl); $page->assign_by_ref('issue', $issue); }
protected function action_updateProfile() { global $globals; $page =& Platal::page(); $colors = glob(dirname(__FILE__) . '/../../htdocs/images/banana/m2*.gif'); foreach ($colors as $key => $path) { $path = basename($path, '.gif'); $colors[$key] = substr($path, 2); } $page->assign('colors', $colors); if (Post::has('action') && Post::v('action') == 'Enregistrer') { S::assert_xsrf_token(); $flags = new PlFlagSet(); if (Post::b('bananadisplay')) { $flags->addFlag('threads'); } if (Post::b('bananaupdate')) { $flags->addFlag('automaj'); } if (Post::b('bananaxface')) { $flags->addFlag('xface'); } $unread = Post::s('unread'); $read = Post::s('read'); if (!in_array($unread, $colors) || !in_array($read, $colors)) { $page->trigError('Le choix de type pour l\'arborescence est invalide'); } else { $last_seen = XDB::query('SELECT last_seen FROM forum_profiles WHERE uid = {?}', $this->user->id()); if ($last_seen->numRows() > 0) { $last_seen = $last_seen->fetchOneCell(); } else { $last_seen = '0000-00-00'; } XDB::execute('INSERT INTO forum_profiles (uid, sig, mail, name, flags, tree_unread, tree_read, last_seen) VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}) ON DUPLICATE KEY UPDATE sig = VALUES(sig), mail = VALUES(mail), name = VALUES(name), flags = VALUES(flags), tree_unread = VALUES(tree_unread), tree_read = VALUES(tree_read), last_seen = VALUES(last_seen)', $this->user->id(), Post::v('bananasig'), Post::v('bananamail'), Post::v('banananame'), $flags, $unread, $read, $last_seen); $page->trigSuccess('Ton profil a été mis à jour'); } } $infos = $this->fetchProfile(); $page->assign('nom', $infos['name']); $page->assign('mail', $infos['mail']); $page->assign('sig', $infos['sig']); $page->assign('disp', $infos['threads']); $page->assign('maj', $infos['maj']); $page->assign('xface', $infos['xface']); $page->assign('unread', $infos['tree_unread']); $page->assign('read', $infos['tree_read']); return null; }
function handler_prefs($page) { $page->changeTpl('platal/preferences.tpl'); $page->setTitle('Mes préférences'); if (Post::has('email_format')) { S::assert_xsrf_token(); $fmt = Post::s('email_format'); S::user()->setEmailFormat($fmt); } if (Post::has('rss')) { S::assert_xsrf_token(); $this->__set_rss_state(Post::s('rss') == 'on'); } }
function handler_accounts(PlPage $page) { $page->changeTpl('admin/accounts.tpl'); $page->setTitle('Administration - Comptes'); if (Post::has('create_account')) { S::assert_xsrf_token(); $firstname = Post::t('firstname'); $lastname = mb_strtoupper(Post::t('lastname')); $sex = Post::s('sex'); $email = Post::t('email'); $type = Post::s('type'); if (!$type) { $page->trigError("Empty account type"); } elseif (!isvalid_email($email)) { $page->trigError("Invalid email address: {$email}"); } elseif (strlen(Post::s('pwhash')) != 40) { $page->trigError("Invalid password hash"); } else { $login = PlUser::makeHrid($firstname, $lastname, $type); $full_name = $firstname . ' ' . $lastname; $directory_name = $lastname . ' ' . $firstname; XDB::execute("INSERT INTO accounts (hruid, type, state, password,\n registration_date, email, full_name,\n display_name, sex, directory_name,\n lastname, firstname)\n VALUES ({?}, {?}, 'active', {?}, NOW(), {?}, {?}, {?}, {?}, {?}, {?}, {?})", $login, $type, Post::s('pwhash'), $email, $full_name, $full_name, $sex, $directory_name, $lastname, $firstname); } } $uf = new UserFilter(new UFC_AccountType('ax', 'school', 'fx')); $page->assign('users', $uf->iterUsers()); }
function handler_send($page) { $page->changeTpl('emails/send.tpl'); $page->setTitle('Envoyer un email'); // action si on recoit un formulaire if (Post::has('save')) { if (!S::has_xsrf_token()) { return PL_FORBIDDEN; } unset($_POST['save']); if (trim(preg_replace('/-- .*/', '', Post::v('contenu'))) != "") { Post::set('to_contacts', explode(';', Post::s('to_contacts'))); Post::set('cc_contacts', explode(';', Post::s('cc_contacts'))); $data = serialize($_POST); XDB::execute('INSERT INTO email_send_save (uid, data) VALUES ({?}, {?}) ON DUPLICATE KEY UPDATE data = VALUES(data)', S::user()->id('uid'), $data); } exit; } else { if (Env::v('submit') == 'Envoyer') { S::assert_xsrf_token(); function getEmails($aliases) { if (!is_array($aliases)) { return null; } $uf = new UserFilter(new UFC_Hrpid($aliases)); $users = $uf->iterUsers(); $ret = array(); while ($user = $users->next()) { $ret[] = $user->forlife; } return join(', ', $ret); } $error = false; foreach ($_FILES as &$file) { if ($file['name'] && !PlUpload::get($file, S::user()->login(), 'emails.send', false)) { $page->trigError(PlUpload::$lastError); $error = true; break; } } if (!$error) { XDB::execute("DELETE FROM email_send_save\n WHERE uid = {?}", S::user()->id()); $to2 = getEmails(Env::v('to_contacts')); $cc2 = getEmails(Env::v('cc_contacts')); $txt = str_replace('^M', '', Env::v('contenu')); $to = str_replace(';', ',', Env::t('to')); $subj = Env::t('sujet'); $from = Env::t('from'); $cc = str_replace(';', ',', Env::t('cc')); $bcc = str_replace(';', ',', Env::t('bcc')); $email_regex = '/^[a-z0-9.\\-+_\\$]+@([\\-.+_]?[a-z0-9])+$/i'; foreach (explode(',', $to . ',' . $cc . ',' . $bcc) as $email) { $email = trim($email); if ($email != '' && !preg_match($email_regex, $email)) { $page->trigError("L'adresse email " . $email . ' est erronée.'); $error = true; } } if (empty($to) && empty($cc) && empty($to2) && empty($bcc) && empty($cc2)) { $page->trigError("Indique au moins un destinataire."); $error = true; } if ($error) { $page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send')); } else { $mymail = new PlMailer(); $mymail->setFrom($from); $mymail->setSubject($subj); if (!empty($to)) { $mymail->addTo($to); } if (!empty($cc)) { $mymail->addCc($cc); } if (!empty($bcc)) { $mymail->addBcc($bcc); } if (!empty($to2)) { $mymail->addTo($to2); } if (!empty($cc2)) { $mymail->addCc($cc2); } $files =& PlUpload::listFiles(S::user()->login(), 'emails.send'); foreach ($files as $name => &$upload) { $mymail->addUploadAttachment($upload, $name); } if (Env::v('wiki') == 'text') { $mymail->setTxtBody(wordwrap($txt, 78, "\n")); } else { $mymail->setWikiBody($txt); } if ($mymail->send()) { $page->trigSuccess("Ton email a bien été envoyé."); $_REQUEST = array('bcc' => S::user()->bestEmail()); PlUpload::clear(S::user()->login(), 'emails.send'); } else { $page->trigError("Erreur lors de l'envoi du courriel, réessaye."); $page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send')); } } } } else { $res = XDB::query("SELECT data\n FROM email_send_save\n WHERE uid = {?}", S::i('uid')); if ($res->numRows() == 0) { PlUpload::clear(S::user()->login(), 'emails.send'); $_REQUEST['bcc'] = S::user()->bestEmail(); } else { $data = unserialize($res->fetchOneCell()); $_REQUEST = array_merge($_REQUEST, $data); } } } $uf = new UserFilter(new PFC_And(new UFC_Contact(S::user()), new UFC_Registered()), UserFilter::sortByName()); $contacts = $uf->getProfiles(); $page->assign('contacts', $contacts); $page->assign('maxsize', ini_get('upload_max_filesize') . 'o'); $page->assign('user', S::user()); $preferences = XDB::fetchOneAssoc('SELECT from_email, from_format FROM accounts WHERE uid = {?}', S::user()->id()); if ($preferences['from_email'] == '') { $preferences['from_email'] = '"' . S::user()->fullName() . '" <' . S::user()->bestEmail() . '>'; } $page->assign('preferences', $preferences); }
public function handler_licenses_final($page, $no_reason = false) { $softwares = License::getSoftwares(); $keys = array(); if (Post::has('disagree') || !$no_reason && !Post::has('resend') && (!Post::has('reason') || Post::v('reason') == "") || !Post::has('software') || !in_array(Post::v('software'), array_keys($softwares))) { $this->handler_licenses($page); } else { $page->changeTpl('licenses/licenses_final.tpl'); $page->assign('title', "Demande de licence pour {$softwares[Post::v('software')]}"); $page->assign('software', Post::s('software')); $page->assign('software_name', $softwares[Post::s('software')]); if (($key = License::adminKey(Post::s('software'))) && License::hasRights(S::user())) { $key->give(S::user()); $page->assign('direct', true); } elseif (Post::has('resend')) { $l = License::fetch(array('id' => Post::i('id'))); if ($l[0]->uid() == S::user()->id()) { License::send($l); } else { die("La license n'appartient pas à l'utilisateur courant"); } $page->assign('direct', true); } else { $lv = new LicensesValidate(Post::s('software'), Post::s('reason')); $v = new Validate(array('writer' => S::user(), 'group' => Group::from('licenses'), 'item' => $lv, 'type' => 'licenses')); $v->insert(); $page->assign('direct', false); } } }
function handler_admin_member($page, $user) { global $globals; $user = User::getSilent($user); if (empty($user)) { return PL_NOT_FOUND; } if (!$user->inGroup($globals->asso('id'))) { pl_redirect('annuaire'); } $page->changeTpl('xnetgrp/membres-edit.tpl'); $page->addJsLink('xnet_members.js'); $mmlist = new MMList(S::user(), $globals->asso('mail_domain')); if (Post::has('change')) { S::assert_xsrf_token(); require_once 'emails.inc.php'; require_once 'name.func.inc.php'; // Convert user status to X if (!Post::blank('x')) { $forlife = $this->changeLogin($page, $user, Post::i('userid'), Post::b('broken'), Post::b('marketing'), Post::v('marketing_from')); if ($forlife) { pl_redirect('member/' . $forlife); } } // Update user info if ($user->type == 'virtual' || $user->type == 'xnet' && !$user->perms) { $lastname = capitalize_name(Post::t('lastname')); if (Post::s('type') != 'virtual') { $firstname = capitalize_name(Post::t('firstname')); } else { $firstname = ''; } $full_name = build_full_name($firstname, $lastname); $directory_name = build_directory_name($firstname, $lastname); $sort_name = build_sort_name($firstname, $lastname); XDB::query('UPDATE accounts SET full_name = {?}, directory_name = {?}, sort_name = {?}, display_name = {?}, firstname = {?}, lastname = {?}, sex = {?}, type = {?} WHERE uid = {?}', $full_name, $directory_name, $sort_name, Post::t('display_name'), $firstname, $lastname, Post::t('sex') == 'male' ? 'male' : 'female', Post::t('type') == 'xnet' ? 'xnet' : 'virtual', $user->id()); } // Updates email. $new_email = strtolower(Post::t('email')); if (($user->type == 'virtual' || $user->type == 'xnet' && !$user->perms) && require_email_update($user, $new_email)) { XDB::query('UPDATE accounts SET email = {?} WHERE uid = {?}', $new_email, $user->id()); if ($user->forlifeEmail()) { $listClient = new MMList(S::user()); $listClient->change_user_email($user->forlifeEmail(), $new_email); update_alias_user($user->forlifeEmail(), $new_email); } $user = User::getWithUID($user->id()); } if (XDB::affectedRows()) { $page->trigSuccess('Données de l\'utilisateur mises à jour.'); } if ($user->type == 'xnet' && !$user->perms) { if (Post::b('suggest')) { $request = new AccountReq(S::user(), $user->hruid, Post::t('email'), $globals->asso('nom'), $globals->asso('diminutif')); $request->submit(); $page->trigSuccess('Le compte va bientôt être activé.'); } if (Post::b('again')) { $this->again($user->id()); $page->trigSuccess('Relance effectuée avec succès.'); } } // Update group params for user $perms = Post::v('group_perms'); $comm = Post::t('comm'); $position = Post::t('group_position') == '' ? null : Post::v('group_position'); if ($user->group_perms != $perms || $user->group_comm != $comm || $user->group_position != $position) { XDB::query('UPDATE group_members SET perms = {?}, comm = {?}, position = {?} WHERE uid = {?} AND asso_id = {?}', $perms == 'admin' ? 'admin' : 'membre', $comm, $position, $user->id(), $globals->asso('id')); if (XDB::affectedRows()) { if ($perms != $user->group_perms) { $page->trigSuccess('Permissions modifiées !'); } if ($comm != $user->group_comm) { $page->trigSuccess('Commentaire mis à jour.'); } if ($position != $user->group_position) { $page->trigSuccess('Poste mis à jour.'); } } } // Gets user info again as they might have change $user = User::getSilent($user->id()); // Update ML subscriptions foreach (Env::v('ml1', array()) as $ml => $state) { $ask = empty($_REQUEST['ml2'][$ml]) ? 0 : 2; if ($ask == $state) { continue; } if ($state == '1') { $page->trigWarning("{$user->fullName()} a " . "actuellement une demande d'inscription en " . "cours sur <strong>{$ml}@</strong> !!!"); } elseif ($ask) { $mmlist->mass_subscribe($ml, array($user->forlifeEmail())); $page->trigSuccess("{$user->fullName()} a été abonné à {$ml}@."); } else { $mmlist->mass_unsubscribe($ml, array($user->forlifeEmail())); $page->trigSuccess("{$user->fullName()} a été désabonné de {$ml}@."); } } // Change subscriptioin to aliases foreach (Env::v('ml3', array()) as $ml => $state) { require_once 'emails.inc.php'; $ask = !empty($_REQUEST['ml4'][$ml]); list($local_part, ) = explode('@', $ml); if ($ask == $state) { continue; } if ($ask) { add_to_list_alias($user->id(), $local_part, $globals->asso('mail_domain')); $page->trigSuccess("{$user->fullName()} a été abonné à {$ml}."); } else { delete_from_list_alias($user->id(), $local_part, $globals->asso('mail_domain')); $page->trigSuccess("{$user->fullName()} a été désabonné de {$ml}."); } } if ($globals->asso('has_nl')) { $nl = NewsLetter::forGroup($globals->asso('shortname')); // Updates group's newsletter subscription. if (Post::i('newsletter') == 1) { $nl->subscribe($user); } else { $nl->unsubscribe(null, $user->id()); } } } $res = XDB::rawFetchAllAssoc('SHOW COLUMNS FROM group_members LIKE \'position\''); $positions = str_replace(array('enum(', ')', '\''), '', $res[0]['Type']); if ($globals->asso('has_nl')) { $nl = NewsLetter::forGroup($globals->asso('shortname')); $nl_registered = $nl->subscriptionState($user); } else { $nl_registered = false; } $page->assign('user', $user); $page->assign('suggest', $this->suggest($user)); $page->assign('listes', $mmlist->get_lists($user->forlifeEmail())); $page->assign('alias', $user->emailGroupAliases($globals->asso('mail_domain'))); $page->assign('positions', explode(',', $positions)); $page->assign('nl_registered', $nl_registered); $page->assign('pending_xnet_account', XDB::fetchOneCell('SELECT 1 FROM register_pending_xnet WHERE uid = {?}', $user->id())); }