0337d704 |
1 | <?php |
2 | /*************************************************************************** |
3 | * Copyright (C) 2003-2004 Polytechnique.org * |
4 | * http://opensource.polytechnique.org/ * |
5 | * * |
6 | * This program is free software; you can redistribute it and/or modify * |
7 | * it under the terms of the GNU General Public License as published by * |
8 | * the Free Software Foundation; either version 2 of the License, or * |
9 | * (at your option) any later version. * |
10 | * * |
11 | * This program is distributed in the hope that it will be useful, * |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * |
14 | * GNU General Public License for more details. * |
15 | * * |
16 | * You should have received a copy of the GNU General Public License * |
17 | * along with this program; if not, write to the Free Software * |
18 | * Foundation, Inc., * |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * |
20 | ***************************************************************************/ |
21 | |
22 | require_once("xorg.inc.php"); |
23 | new_admin_page('admin/utilisateurs.tpl'); |
24 | require_once("emails.inc.php"); |
25 | require_once("user.func.inc.php"); |
26 | |
27 | if (Session::has('suid')) { |
28 | $page->kill("déjà en SUID !!!"); |
29 | } |
30 | |
31 | if (Env::has('user_id')) { |
32 | $login = get_user_login(Env::getInt('user_id')); |
33 | } elseif (Env::has('login')) { |
34 | $login = get_user_login(Env::get('login')); |
35 | } else { |
36 | $login = false; |
37 | } |
38 | |
39 | if(Env::has('logs_button') && $login) { |
40 | header("Location: logger.php?loguser=$login&year=".date('Y')."&month=".date('m')); |
41 | } |
42 | |
43 | if (Env::has('ax_button') && $login) { |
44 | header("Location: synchro_ax.php?user=$login"); |
45 | } |
46 | |
47 | if(Env::has('suid_button') && $login) { |
48 | $_SESSION['log']->log("suid_start", "login by ".Session::get('forlife')); |
49 | $_SESSION['suid'] = $_SESSION; |
50 | $r = $globals->xdb->query("SELECT id FROM aliases WHERE alias={?}", $login); |
51 | if($uid = $r->fetchOneCell()) { |
52 | start_connexion($uid,true); |
53 | header("Location: ../"); |
54 | } |
55 | } |
56 | |
57 | if ($login) { |
58 | $r = $globals->xdb->query("SELECT *, a.alias AS forlife |
59 | FROM auth_user_md5 AS u |
60 | INNER JOIN aliases AS a ON ( a.id = u.user_id AND a.alias={?} AND type!='homonyme' )", $login); |
61 | $mr = $r->fetchOneAssoc(); |
62 | |
63 | $redirect = new Redirect($mr['user_id']); |
64 | |
65 | // Check if there was a submission |
66 | foreach($_POST as $key => $val) { |
67 | switch ($key) { |
68 | case "add_fwd": |
69 | $email = trim(Env::get('email')); |
70 | if (!isvalid_email_redirection($email)) { |
71 | $page->trig("invalid email $email"); |
72 | } else { |
73 | $redirect->add_email($email); |
74 | $page->trig("Ajout de $email effectué"); |
75 | } |
76 | break; |
77 | |
78 | case "del_fwd": |
79 | if (!empty($val)) { |
80 | $redirect->delete_email($val); |
81 | } |
82 | break; |
83 | |
84 | case "del_alias": |
85 | if (!empty($val)) { |
86 | $globals->xdb->execute("DELETE FROM aliases WHERE id={?} AND alias={?} |
87 | AND type!='a_vie' AND type!='homonyme'", $mr['user_id'], $val); |
88 | fix_bestalias($nr['user_id']); |
89 | $page->trig($val." a été supprimé"); |
90 | } |
91 | break; |
92 | |
93 | case "add_alias": |
94 | $globals->xdb->execute("INSERT INTO aliases (id,alias,type) VALUES ({?}, {?}, 'alias')", |
95 | $mr['user_id'], Env::get('email')); |
96 | break; |
97 | |
98 | case "best": |
99 | // 'bestalias' is the first bit of the set : 1 |
100 | // 255 is the max for flags (8 sets max) |
101 | $globals->xdb->execute("UPDATE aliases SET flags= flags & (255 - 1) WHERE id={?}", $mr['user_id']); |
102 | $globals->xdb->execute("UPDATE aliases |
103 | SET flags= flags | 1 |
104 | WHERE id={?} AND alias={?}", $mr['user_id'], $val); |
105 | break; |
106 | |
107 | |
108 | // Editer un profil |
109 | case "u_edit": |
110 | $pass_md5B = Env::get('newpass_clair') != "********" ? md5(Env::get('newpass_clair')) : Env::get('passw'); |
111 | $naiss = Env::get('naissanceN'); |
112 | $perms = Env::get('permsN'); |
113 | $prenm = Env::get('prenomN'); |
114 | $nom = Env::get('nomN'); |
115 | $promo = Env::getInt('promoN'); |
116 | $nom = Env::get('nomN'); |
117 | $comm = Env::get('commentN'); |
118 | |
119 | $query = "UPDATE auth_user_md5 SET |
120 | naissance = '$naiss', |
121 | password = '$pass_md5B', |
122 | perms = '$perms', |
123 | prenom = '".addslashes($prenm)."', |
124 | nom = '".addslashes($nom)."', |
125 | promo = $promo, |
126 | comment = '".addslashes($comm)."' |
127 | WHERE user_id = '{$mr['user_id']}'"; |
128 | if ($globals->xdb->execute($query)) { |
129 | user_reindex($mr['user_id']); |
130 | |
131 | require_once("diogenes/diogenes.hermes.inc.php"); |
132 | $mailer = new HermesMailer(); |
133 | $mailer->setFrom("webmaster@polytechnique.org"); |
134 | $mailer->addTo("web@polytechnique.org"); |
135 | $mailer->setSubject("INTERVENTION ADMIN (".Session::get('forlife').")"); |
136 | $mailer->setTxtBody(preg_replace("/[ \t]+/", ' ', $query)); |
137 | $mailer->send(); |
138 | |
139 | $page->trig("updaté correctement."); |
140 | } |
141 | if (Env::get('nomusageN') != $mr['nom_usage']) { |
142 | require_once('nomusage.inc.php'); |
143 | set_new_usage($mr['user_id'], Env::get('nomusageN'), make_username(Env::get('prenomN'), Env::get('nomusageN'))); |
144 | } |
145 | $r = $globals->xdb->query("SELECT *, a.alias AS forlife |
146 | FROM auth_user_md5 AS u |
147 | INNER JOIN aliases AS a ON (u.user_id=a.id) |
148 | WHERE user_id = {?}", $mr['user_id']); |
149 | $mr = $r->fetchOneAssoc(); |
150 | break; |
151 | |
152 | // DELETE FROM auth_user_md5 |
153 | case "u_kill": |
154 | user_clear_all_subs($mr['user_id']); |
155 | $page->trig("'{$mr['user_id']}' a été désinscrit !"); |
156 | require_once("diogenes/diogenes.hermes.inc.php"); |
157 | $mailer = new HermesMailer(); |
158 | $mailer->setFrom("webmaster@polytechnique.org"); |
159 | $mailer->addTo("web@polytechnique.org"); |
160 | $mailer->setSubject("INTERVENTION ADMIN (".Session::get('forlife').")"); |
161 | $mailer->setTxtBody("\nUtilisateur $login effacé"); |
162 | $mailer->send(); |
163 | break; |
164 | } |
165 | } |
166 | |
167 | $res = $globals->xdb->query("SELECT UNIX_TIMESTAMP(start), host |
168 | FROM logger.sessions |
169 | WHERE uid={?} AND suid=0 |
170 | ORDER BY start DESC |
171 | LIMIT 1", $mr['user_id']); |
172 | list($lastlogin,$host) = $res->fetchOneRow(); |
173 | $page->assign('lastlogin', $lastlogin); |
174 | $page->assign('host', $host); |
175 | |
176 | $page->assign('aliases', $globals->xdb->iterator( |
177 | "SELECT alias, type='a_vie' AS for_life,FIND_IN_SET('bestalias',flags) AS best,expire |
178 | FROM aliases |
179 | WHERE id = {?} AND type!='homonyme' |
180 | ORDER BY type!= 'a_vie'", $mr["user_id"])); |
181 | $page->assign('xorgmails', $xorgmails); |
182 | $page->assign('email_panne', $email_panne); |
183 | $page->assign('emails',$redirect->emails); |
184 | |
185 | $page->assign('mr',$mr); |
186 | } |
187 | |
188 | $page->run(); |
189 | |
190 | // vim:set et sws=4 sts=4 sw=4: |
191 | ?> |