[platal.git] / htdocs / admin / utilisateurs.php

<?php
/***************************************************************************
 *  Copyright (C) 2003-2004 Polytechnique.org                              *
 *  http://opensource.polytechnique.org/                                   *
 *                                                                         *
 *  This program is free software; you can redistribute it and/or modify   *
 *  it under the terms of the GNU General Public License as published by   *
 *  the Free Software Foundation; either version 2 of the License, or      *
 *  (at your option) any later version.                                    *
 *                                                                         *
 *  This program is distributed in the hope that it will be useful,        *
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
 *  GNU General Public License for more details.                           *
 *                                                                         *
 *  You should have received a copy of the GNU General Public License      *
 *  along with this program; if not, write to the Free Software            *
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 ***************************************************************************/

require_once("xorg.inc.php");
new_admin_page('admin/utilisateurs.tpl');
$page->assign('xorg_title','Polytechnique.org - Administration - Edit/Su/Log');
require_once("emails.inc.php");
require_once("user.func.inc.php");

if (Session::has('suid')) {
    $page->kill("d�j� en SUID !!!");
}

if (Env::has('user_id')) {
    $login = get_user_login(Env::getInt('user_id'));
} elseif (Env::has('login')) {
    $login = get_user_login(Env::get('login'));
} else {
    $login = false;
}

if(Env::has('logs_button') && $login) {
    header("Location: logger.php?loguser=$login&year=".date('Y')."&month=".date('m'));
}

if (Env::has('ax_button') && $login) {
    header("Location: synchro_ax.php?user=$login");
}

if(Env::has('suid_button') && $login) {
    $_SESSION['log']->log("suid_start", "login by ".Session::get('forlife'));
    $_SESSION['suid'] = $_SESSION;
    $r = $globals->xdb->query("SELECT id FROM aliases WHERE alias={?}", $login);
    if($uid = $r->fetchOneCell()) {
	start_connexion($uid,true);
	header("Location: ../");
    }
}

if ($login) {
    $r  = $globals->xdb->query("SELECT  *, a.alias AS forlife
                                  FROM  auth_user_md5 AS u
                            INNER JOIN  aliases       AS a ON ( a.id = u.user_id AND a.alias={?} AND type!='homonyme' )", $login);
    $mr = $r->fetchOneAssoc();

    $redirect = new Redirect($mr['user_id']);

    // Check if there was a submission
    foreach($_POST as $key => $val) {
	switch ($key) {
	    case "add_fwd":
		$email = trim(Env::get('email'));
		if (!isvalid_email_redirection($email)) {
                    $page->trig("invalid email $email");
		} else {
                    $redirect->add_email($email);
                    $page->trig("Ajout de $email effectu�");
                }
		break;

	    case "del_fwd":
		if (!empty($val)) {
                    $redirect->delete_email($val);
                }
		break;

	    case "del_alias":
		if (!empty($val)) {
                    $globals->xdb->execute("DELETE FROM aliases WHERE id={?} AND alias={?}
                            AND type!='a_vie' AND type!='homonyme'", $mr['user_id'], $val);
                    fix_bestalias($nr['user_id']);
                    $page->trig($val." a �t� supprim�");
                }
		break;

	    case "add_alias":
		$globals->xdb->execute("INSERT INTO  aliases (id,alias,type) VALUES  ({?}, {?}, 'alias')",
                        $mr['user_id'], Env::get('email'));
		break;

	    case "best":
                // 'bestalias' is the first bit of the set : 1
                // 255 is the max for flags (8 sets max)
		$globals->xdb->execute("UPDATE  aliases SET flags= flags & (255 - 1) WHERE id={?}", $mr['user_id']);
		$globals->xdb->execute("UPDATE  aliases
                                           SET  flags= flags | 1
                                        WHERE  id={?} AND alias={?}", $mr['user_id'], $val);
		break;


	    // Editer un profil
	    case "u_edit":
		$pass_md5B = Env::get('newpass_clair') != "********" ? md5(Env::get('newpass_clair')) : Env::get('passw');
                $naiss = Env::get('naissanceN');
                $perms = Env::get('permsN');
                $prenm = Env::get('prenomN');
                $nom   = Env::get('nomN');
                $promo = Env::getInt('promoN');
                $nom   = Env::get('nomN');
                $comm  = Env::get('commentN');

		$query = "UPDATE auth_user_md5 SET
			    naissance = '$naiss',
			    password  = '$pass_md5B',
			    perms     = '$perms',
			    prenom    = '".addslashes($prenm)."',
			    nom       = '".addslashes($nom)."',
			    promo     = $promo,
			    comment   = '".addslashes($comm)."'
			  WHERE user_id = '{$mr['user_id']}'";
		if ($globals->xdb->execute($query)) {
                    user_reindex($mr['user_id']);

                    require_once("diogenes/diogenes.hermes.inc.php");
                    $mailer = new HermesMailer();
                    $mailer->setFrom("webmaster@polytechnique.org");
                    $mailer->addTo("web@polytechnique.org");
                    $mailer->setSubject("INTERVENTION ADMIN (".Session::get('forlife').")");
                    $mailer->setTxtBody(preg_replace("/[ \t]+/", ' ', $query));
                    $mailer->send();

                    $page->trig("updat� correctement.");
                }
                if (Env::get('nomusageN') != $mr['nom_usage']) {
                    require_once('nomusage.inc.php');
                    set_new_usage($mr['user_id'], Env::get('nomusageN'), make_username(Env::get('prenomN'), Env::get('nomusageN')));
                }
		$r  = $globals->xdb->query("SELECT  *, a.alias AS forlife
                                              FROM  auth_user_md5 AS u
                                        INNER JOIN  aliases       AS a ON (u.user_id=a.id)
                                             WHERE  user_id = {?}", $mr['user_id']);
                $mr = $r->fetchOneAssoc();
		break;

            // DELETE FROM auth_user_md5
	    case "u_kill":
		user_clear_all_subs($mr['user_id']);
                $page->trig("'{$mr['user_id']}' a �t� d�sinscrit !");
		require_once("diogenes/diogenes.hermes.inc.php");
		$mailer = new HermesMailer();
		$mailer->setFrom("webmaster@polytechnique.org");
		$mailer->addTo("web@polytechnique.org");
		$mailer->setSubject("INTERVENTION ADMIN (".Session::get('forlife').")");
		$mailer->setTxtBody("\nUtilisateur $login effac�");
		$mailer->send();
		break;
	}
    }

    $res = $globals->xdb->query("SELECT  UNIX_TIMESTAMP(start), host
			           FROM  logger.sessions
				  WHERE  uid={?} AND suid=0
			       ORDER BY  start DESC
				  LIMIT  1", $mr['user_id']);
    list($lastlogin,$host) = $res->fetchOneRow();
    $page->assign('lastlogin', $lastlogin);
    $page->assign('host', $host);

    $page->assign('aliases', $globals->xdb->iterator(
                "SELECT  alias, type='a_vie' AS for_life,FIND_IN_SET('bestalias',flags) AS best,expire
                   FROM  aliases
                  WHERE  id = {?} AND type!='homonyme'
	       ORDER BY  type!= 'a_vie'", $mr["user_id"]));
    $page->assign('xorgmails', $xorgmails);
    $page->assign('email_panne', $email_panne);    
    $page->assign('emails',$redirect->emails);

    $page->assign('mr',$mr);
}

$page->run();

// vim:set et sws=4 sts=4 sw=4:
?>
Commit	Line	Data
0337d704	1	<?php
	2	/***************************************************************************
	3	* Copyright (C) 2003-2004 Polytechnique.org *
	4	* http://opensource.polytechnique.org/ *
	5	* *
	6	* This program is free software; you can redistribute it and/or modify *
	7	* it under the terms of the GNU General Public License as published by *
	8	* the Free Software Foundation; either version 2 of the License, or *
	9	* (at your option) any later version. *
	10	* *
	11	* This program is distributed in the hope that it will be useful, *
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
	14	* GNU General Public License for more details. *
	15	* *
	16	* You should have received a copy of the GNU General Public License *
	17	* along with this program; if not, write to the Free Software *
	18	* Foundation, Inc., *
	19	* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
	20	***************************************************************************/
	21
	22	require_once("xorg.inc.php");
	23	new_admin_page('admin/utilisateurs.tpl');
d9a33f98	24	$page->assign('xorg_title','Polytechnique.org - Administration - Edit/Su/Log');
0337d704	25	require_once("emails.inc.php");
	26	require_once("user.func.inc.php");
	27
	28	if (Session::has('suid')) {
	29	$page->kill("d�j� en SUID !!!");
	30	}
	31
	32	if (Env::has('user_id')) {
	33	$login = get_user_login(Env::getInt('user_id'));
	34	} elseif (Env::has('login')) {
	35	$login = get_user_login(Env::get('login'));
	36	} else {
	37	$login = false;
	38	}
	39
	40	if(Env::has('logs_button') && $login) {
	41	header("Location: logger.php?loguser=$login&year=".date('Y')."&month=".date('m'));
	42	}
	43
	44	if (Env::has('ax_button') && $login) {
	45	header("Location: synchro_ax.php?user=$login");
	46	}
	47
	48	if(Env::has('suid_button') && $login) {
	49	$_SESSION['log']->log("suid_start", "login by ".Session::get('forlife'));
	50	$_SESSION['suid'] = $_SESSION;
	51	$r = $globals->xdb->query("SELECT id FROM aliases WHERE alias={?}", $login);
	52	if($uid = $r->fetchOneCell()) {
	53	start_connexion($uid,true);
	54	header("Location: ../");
	55	}
	56	}
	57
	58	if ($login) {
	59	$r = $globals->xdb->query("SELECT *, a.alias AS forlife
	60	FROM auth_user_md5 AS u
	61	INNER JOIN aliases AS a ON ( a.id = u.user_id AND a.alias={?} AND type!='homonyme' )", $login);
	62	$mr = $r->fetchOneAssoc();
	63
	64	$redirect = new Redirect($mr['user_id']);
	65
	66	// Check if there was a submission
	67	foreach($_POST as $key => $val) {
	68	switch ($key) {
	69	case "add_fwd":
	70	$email = trim(Env::get('email'));
	71	if (!isvalid_email_redirection($email)) {
	72	$page->trig("invalid email $email");
	73	} else {
	74	$redirect->add_email($email);
	75	$page->trig("Ajout de $email effectu�");
	76	}
	77	break;
	78
	79	case "del_fwd":
	80	if (!empty($val)) {
	81	$redirect->delete_email($val);
	82	}
	83	break;
	84
	85	case "del_alias":
	86	if (!empty($val)) {
	87	$globals->xdb->execute("DELETE FROM aliases WHERE id={?} AND alias={?}
	88	AND type!='a_vie' AND type!='homonyme'", $mr['user_id'], $val);
89	fix_bestalias($nr['user_id']);
90	$page->trig($val." a �t� supprim�");
91	}
92	break;
93
94	case "add_alias":
95	$globals->xdb->execute("INSERT INTO aliases (id,alias,type) VALUES ({?}, {?}, 'alias')",
96	$mr['user_id'], Env::get('email'));
97	break;
98
99	case "best":
100	// 'bestalias' is the first bit of the set : 1
101	// 255 is the max for flags (8 sets max)
102	$globals->xdb->execute("UPDATE aliases SET flags= flags & (255 - 1) WHERE id={?}", $mr['user_id']);
103	$globals->xdb->execute("UPDATE aliases
104	SET flags= flags \| 1
105	WHERE id={?} AND alias={?}", $mr['user_id'], $val);
106	break;
107
108
109	// Editer un profil
110	case "u_edit":
111	$pass_md5B = Env::get('newpass_clair') != "********" ? md5(Env::get('newpass_clair')) : Env::get('passw');
112	$naiss = Env::get('naissanceN');
113	$perms = Env::get('permsN');
114	$prenm = Env::get('prenomN');
115	$nom = Env::get('nomN');
116	$promo = Env::getInt('promoN');
117	$nom = Env::get('nomN');
118	$comm = Env::get('commentN');
119
120	$query = "UPDATE auth_user_md5 SET
121	naissance = '$naiss',
122	password = '$pass_md5B',
123	perms = '$perms',
124	prenom = '".addslashes($prenm)."',
125	nom = '".addslashes($nom)."',
126	promo = $promo,
127	comment = '".addslashes($comm)."'
128	WHERE user_id = '{$mr['user_id']}'";
129	if ($globals->xdb->execute($query)) {
130	user_reindex($mr['user_id']);
131
132	require_once("diogenes/diogenes.hermes.inc.php");
133	$mailer = new HermesMailer();
134	$mailer->setFrom("webmaster@polytechnique.org");
135	$mailer->addTo("web@polytechnique.org");
136	$mailer->setSubject("INTERVENTION ADMIN (".Session::get('forlife').")");
137	$mailer->setTxtBody(preg_replace("/[ \t]+/", ' ', $query));
138	$mailer->send();
139
140	$page->trig("updat� correctement.");
141	}
142	if (Env::get('nomusageN') != $mr['nom_usage']) {
143	require_once('nomusage.inc.php');
144	set_new_usage($mr['user_id'], Env::get('nomusageN'), make_username(Env::get('prenomN'), Env::get('nomusageN')));
145	}
146	$r = $globals->xdb->query("SELECT *, a.alias AS forlife
147	FROM auth_user_md5 AS u
148	INNER JOIN aliases AS a ON (u.user_id=a.id)
149	WHERE user_id = {?}", $mr['user_id']);
150	$mr = $r->fetchOneAssoc();
151	break;
152
153	// DELETE FROM auth_user_md5
154	case "u_kill":
155	user_clear_all_subs($mr['user_id']);
156	$page->trig("'{$mr['user_id']}' a �t� d�sinscrit !");
157	require_once("diogenes/diogenes.hermes.inc.php");
158	$mailer = new HermesMailer();
159	$mailer->setFrom("webmaster@polytechnique.org");
160	$mailer->addTo("web@polytechnique.org");
161	$mailer->setSubject("INTERVENTION ADMIN (".Session::get('forlife').")");
162	$mailer->setTxtBody("\nUtilisateur $login effac�");
163	$mailer->send();
164	break;
165	}
166	}
167
168	$res = $globals->xdb->query("SELECT UNIX_TIMESTAMP(start), host
169	FROM logger.sessions
170	WHERE uid={?} AND suid=0
171	ORDER BY start DESC
172	LIMIT 1", $mr['user_id']);
173	list($lastlogin,$host) = $res->fetchOneRow();
174	$page->assign('lastlogin', $lastlogin);
175	$page->assign('host', $host);
176
177	$page->assign('aliases', $globals->xdb->iterator(
178	"SELECT alias, type='a_vie' AS for_life,FIND_IN_SET('bestalias',flags) AS best,expire
179	FROM aliases
180	WHERE id = {?} AND type!='homonyme'
181	ORDER BY type!= 'a_vie'", $mr["user_id"]));
182	$page->assign('xorgmails', $xorgmails);
183	$page->assign('email_panne', $email_panne);
184	$page->assign('emails',$redirect->emails);
185
186	$page->assign('mr',$mr);
187	}
188
189	$page->run();
190
191	// vim:set et sws=4 sts=4 sw=4:
192	?>