[platal.git] / modules / carnet.php

<?php
/***************************************************************************
 *  Copyright (C) 2003-2009 Polytechnique.org                              *
 *  http://opensource.polytechnique.org/                                   *
 *                                                                         *
 *  This program is free software; you can redistribute it and/or modify   *
 *  it under the terms of the GNU General Public License as published by   *
 *  the Free Software Foundation; either version 2 of the License, or      *
 *  (at your option) any later version.                                    *
 *                                                                         *
 *  This program is distributed in the hope that it will be useful,        *
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
 *  GNU General Public License for more details.                           *
 *                                                                         *
 *  You should have received a copy of the GNU General Public License      *
 *  along with this program; if not, write to the Free Software            *
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 ***************************************************************************/

class CarnetModule extends PLModule
{
    function handlers()
    {
        return array(
            'carnet'                => $this->make_hook('index',    AUTH_COOKIE),
            'carnet/panel'          => $this->make_hook('panel',    AUTH_COOKIE),
            'carnet/notifs'         => $this->make_hook('notifs',   AUTH_COOKIE),

            'carnet/contacts'       => $this->make_hook('contacts', AUTH_COOKIE),
            'carnet/contacts/pdf'   => $this->make_hook('pdf',      AUTH_COOKIE, 'user', NO_HTTPS),
            'carnet/contacts/ical'  => $this->make_hook('ical',     AUTH_PUBLIC, 'user', NO_HTTPS),
            'carnet/contacts/vcard' => $this->make_hook('vcard',    AUTH_COOKIE, 'user', NO_HTTPS),

            'carnet/rss'            => $this->make_hook('rss',      AUTH_PUBLIC, 'user', NO_HTTPS),
        );
    }

    function _add_rss_link(&$page)
    {
        if (!S::hasAuthToken()) {
            return;
        }
        $page->setRssLink('Polytechnique.org :: Carnet',
                          '/carnet/rss/'.S::v('hruid').'/'.S::v('token').'/rss.xml');
    }

    function handler_index(&$page)
    {
        $page->changeTpl('carnet/index.tpl');
        $page->setTitle('Mon carnet');
        $this->_add_rss_link($page);
    }

    function handler_panel(&$page)
    {
        $page->changeTpl('carnet/panel.tpl');

        if (Get::has('read')) {
            S::set('watch_last', Get::v('read'));
            Platal::session()->updateNbNotifs();
            pl_redirect('carnet/panel');
        }

        require_once 'notifs.inc.php';

        $page->assign('now',date('YmdHis'));
        $notifs = new Notifs(S::v('uid'), true);

        $page->assign('notifs', $notifs);
        $page->assign('today', date('Y-m-d'));
        $this->_add_rss_link($page);
    }

    private function getSinglePromotion(PlPage &$page, $promo)
    {
        if (!ctype_digit($promo) || $promo < 1920 || $promo > date('Y')) {
            $page->trigError('Promotion invalide : ' . $promo);
            return null;
        }
        return (int)$promo;
    }

    private function getPromo(PlPage &$page, $promo)
    {
        if (strpos($promo, '-') === false) {
            $promo = $this->getSinglePromotion($page, $promo);
            if (!$promo) {
                return null;
            } else {
                return array($promo);
            }
        }

        list($promo1, $promo2) = explode('-', $promo);
        $promo1 = $this->getSinglePromotion($page, $promo1);
        if (!$promo1) {
            return null;
        }
        $promo2 = $this->getSinglePromotion($page, $promo2);
        if (!$promo2) {
            return null;
        }
        if ($promo1 > $promo2) {
            $page->trigError("Intervale non valide : " . $promo);
            return null;
        }
        $array = array();
        for ($i = $promo1 ; $i <= $promo2 ; ++$i) {
            $array[] = $i;
        }
        return $array;
    }

    private function addPromo(PlPage &$page, $promo)
    {
        $promos = $this->getPromo($page, $promo);
        if (!$promos || count($promos) == 0) {
            return;
        }
        $to_add = array();
        foreach ($promos as $promo) {
            $to_add[] = XDB::format('({?}, {?})', S::i('uid'), $promo);
        }
        XDB::execute('INSERT IGNORE INTO  watch_promo (uid, promo)
                                  VALUES  ' . implode(', ', $to_add));
    }

    private function delPromo(PlPage &$page, $promo)
    {
        $promos = $this->getPromo($page, $promo);
        if (!$promos || count($promos) == 0) {
            return;
        }
        $to_delete = array();
        foreach ($promos as $promo) {
            $to_delete[] = XDB::format('{?}', $promo);
        }
        XDB::execute('DELETE FROM  watch_promo
                            WHERE  ' . XDB::format('uid = {?}', S::i('uid')) . '
                                   AND promo IN (' . implode(', ', $to_delete) . ')');
    }

    public function addNonRegistered(PlPage &$page, PlUser &$user)
    {
        XDB::execute('INSERT IGNORE INTO  watch_nonins (uid, ni_id)
                                  VALUES  ({?}, {?})', S::i('uid'), $user->id());
    }

    public function delNonRegistered(PlPage &$page, PlUser &$user)
    {
        XDB::execute('DELETE FROM  watch_nonins
                            WHERE  uid = {?} AND ni_id = {?}',
                    S::i('uid'), $user->id());
    }

    public function handler_notifs(&$page, $action = null, $arg = null)
    {
        $page->changeTpl('carnet/notifs.tpl');

        if ($action) {
            S::assert_xsrf_token();
            switch ($action) {
              case 'add_promo':
                $this->addPromo($page, $arg);
                break;

              case 'del_promo':
                $this->delPromo($page, $arg);
                break;

              case 'del_nonins':
                $user = User::get($arg);
                if ($user) {
                    $this->delNonRegistered($page, $user);
                }
                break;

              case 'add_nonins':
                $user = User::get($arg);
                if ($user) {
                    $this->addNonRegistered($page, $user);
                }
                break;
            }
        }

        if (Env::has('subs')) {
            S::assert_xsrf_token();
            $flags = new PlFlagSet();
            foreach (Env::v('sub') as $key=>$value) {
                $flags->addFlag($key, $value);
            }
            XDB::execute('UPDATE  watch
                             SET  actions = {?}
                           WHERE  uid = {?}', $flags, S::i('uid'));
        }

        if (Env::has('flags_contacts')) {
            S::assert_xsrf_token();
            XDB::execute('UPDATE  watch
                             SET  ' . XDB::changeFlag('flags', 'contacts', Env::b('contacts')) . '
                           WHERE  uid = {?}', S::i('uid'));
        }

        if (Env::has('flags_mail')) {
            S::assert_xsrf_token();
            XDB::execute('UPDATE  watch
                             SET  ' . XDB::changeFlag('flags', 'mail', Env::b('mail')) . '
                           WHERE  uid = {?}', S::i('uid'));
        }

        $user = S::user();
        $nonins = new UserFilter(new UFC_WatchRegistration($user));

        $promo = XDB::fetchColumn('SELECT  promo
                                     FROM  watch_promo
                                    WHERE  uid = {?}
                                 ORDER BY  promo', S::i('uid'));
        $page->assign('promo_count', count($promo));
        $ranges = array();
        $range_start  = null;
        $range_end    = null;
        foreach ($promo as $p) {
            if (is_null($range_start)) {
                $range_start = $range_end = $p;
            } else if ($p != $range_end + 1) {
                $ranges[] = array($range_start, $range_end);
                $range_start = $range_end = $p;
            } else {
                $range_end = $p;
            }
        }
        $ranges[] = array($range_start, $range_end);
        $page->assign('promo_ranges', $ranges);
        $page->assign('nonins', $nonins->getUsers());

        list($flags, $actions) = XDB::fetchOneRow('SELECT  flags, actions
                                                     FROM  watch
                                                    WHERE  uid = {?}', S::i('uid'));
        $flags = new PlFlagSet($flags);
        $actions = new PlFlagSet($actions);
        $page->assign('flags', $flags);
        $page->assign('actions', $actions);
    }

    function handler_contacts(&$page, $action = null, $subaction = null, $ssaction = null)
    {
        $page->setTitle('Mes contacts');
        $this->_add_rss_link($page);

        $uid  = S::v('uid');
        $user = Env::v('user');

        // For XSRF protection, checks both the normal xsrf token, and the special RSS token.
        // It allows direct linking to contact adding in the RSS feed.
        if (Env::v('action') && Env::v('token') !== S::v('token')) {
            S::assert_xsrf_token();
        }
        switch (Env::v('action')) {
            case 'retirer':
                if (($user = User::get(Env::v('user')))) {
                    if (XDB::execute("DELETE FROM  contacts
                                            WHERE  uid = {?} AND contact = {?}", $uid, $user->id())) {
                        $page->trigSuccess("Contact retiré !");
                    }
                }
                break;

            case 'ajouter':
                if (($user = User::get(Env::v('user')))) {
                    if (XDB::execute("REPLACE INTO  contacts (uid, contact)
                                            VALUES  ({?}, {?})", $uid, $user->id())) {
                        $page->trigSuccess('Contact ajouté !');
                    } else {
                        $page->trigWarning('Contact déjà dans la liste !');
                    }
                }
                break;
        }

        $search = false;
        if ($action == 'search') {
            $action = $subaction;
            $subaction = $ssaction;
            $search = true;
        }
        if ($search && trim(Env::v('quick'))) {
            require_once 'userset.inc.php';
            $base = 'carnet/contacts/search';

            Platal::load('search', 'classes.inc.php');
            ThrowError::$throwHook = array($this, 'searchErrorHandler');
            $view = new SearchSet(true, false, "INNER JOIN contacts AS c2 ON (u.user_id = c2.contact)", "c2.uid = $uid");
        } else {
            $base = 'carnet/contacts';
            $view = new UserSet("INNER JOIN contacts AS c2 ON (u.user_id = c2.contact)", " c2.uid = $uid ");
        }
        $view->addMod('minifiche', 'Mini-fiches', true);
        $view->addMod('trombi', 'Trombinoscope', false, array('with_admin' => false, 'with_promo' => true));
        $view->addMod('geoloc', 'Planisphère', false, array('with_annu' => 'carnet/contacts/search'));
        $view->apply($base, $page, $action, $subaction);
        if ($action != 'geoloc' || ($search && !$ssaction) || (!$search && !$subaction)) {
            $page->changeTpl('carnet/mescontacts.tpl');
        }
    }

    function handler_pdf(&$page, $arg0 = null, $arg1 = null)
    {
        $this->load('contacts.pdf.inc.php');
        require_once 'user.func.inc.php';

        Platal::session()->close();

        $sql = "SELECT  a.alias
                  FROM  aliases       AS a
            INNER JOIN  auth_user_md5 AS u ON ( a.id = u.user_id )
            INNER JOIN  contacts      AS c ON ( a.id = c.contact )
                 WHERE  c.uid = {?} AND a.type='a_vie'";
        if ($arg0 == 'promo') {
            $sql .= ' ORDER BY  u.promo, u.nom, u.prenom';
        } else {
            $sql .= ' ORDER BY  u.nom, u.prenom, u.promo';
        }

        $citer = XDB::iterRow($sql, S::v('uid'));
        $pdf   = new ContactsPDF();

        while (list($alias) = $citer->next()) {
            $user = get_user_details($alias);
            foreach ($user as &$value) {
                if (is_utf8($value)) {
                    $value = utf8_decode($value);
                }
            }
            $pdf = ContactsPDF::addContact($pdf, $user, $arg0 == 'photos' || $arg1 == 'photos');
        }
        $pdf->Output();

        exit;
    }

    function handler_rss(&$page, $user = null, $hash = null)
    {
        $this->load('feed.inc.php');
        $feed = new CarnetFeed();
        return $feed->run($page, $user, $hash);
    }

    function handler_ical(&$page, $alias = null, $hash = null)
    {
        $user = Platal::session()->tokenAuth($alias, $hash);
        if (is_null($user)) {
            if (S::logged()) {
                $user == S::user();
            } else {
                return PL_FORBIDDEN;
            }
        }

        require_once 'ical.inc.php';
        $page->changeTpl('carnet/calendar.tpl', NO_SKIN);
        $page->register_function('display_ical', 'display_ical');

        $res = XDB::iterRow(
                'SELECT u.prenom,
                        IF(u.nom_usage = \'\',u.nom,u.nom_usage) AS nom,
                        u.promo,
                        u.naissance,
                        DATE_ADD(u.naissance, INTERVAL 1 DAY) AS end,
                        u.date_ins,
                        u.hruid
                   FROM contacts      AS c
             INNER JOIN auth_user_md5 AS u ON (u.user_id = c.contact)
             INNER JOIN aliases       AS a ON (u.user_id = a.id AND a.type = \'a_vie\')
                  WHERE c.uid = {?}', $user->id());

        $annivs = Array();
        while (list($prenom, $nom, $promo, $naissance, $end, $ts, $hruid) = $res->next()) {
            $naissance = str_replace('-', '', $naissance);
            $end       = str_replace('-', '', $end);
            $annivs[] = array(
                'timestamp' => strtotime($ts),
                'date'      => $naissance,
                'tomorrow'  => $end,
                'hruid'     => $hruid,
                'summary'   => 'Anniversaire de '.$prenom
                                .' '.$nom.' - x '.$promo,
            );
        }
        $page->assign('events', $annivs);

        header('Content-Type: text/calendar; charset=utf-8');
    }

    function handler_vcard(&$page, $photos = null)
    {
        $res = XDB::query('SELECT contact
                             FROM contacts
                            WHERE uid = {?}', S::v('uid'));
        $vcard = new VCard($photos == 'photos');
        $vcard->addUsers($res->fetchColumn());
        $vcard->show();
    }
}

// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
?>
Commit	Line	Data
0337d704	1	<?php
0337d704	2	/***************************************************************************
8d84c630	3	* Copyright (C) 2003-2009 Polytechnique.org *
0337d704	4	* http://opensource.polytechnique.org/ *
	5	* *
	6	* This program is free software; you can redistribute it and/or modify *
	7	* it under the terms of the GNU General Public License as published by *
	8	* the Free Software Foundation; either version 2 of the License, or *
	9	* (at your option) any later version. *
	10	* *
	11	* This program is distributed in the hope that it will be useful, *
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
	14	* GNU General Public License for more details. *
	15	* *
	16	* You should have received a copy of the GNU General Public License *
	17	* along with this program; if not, write to the Free Software *
	18	* Foundation, Inc., *
	19	* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
	20	***************************************************************************/
	21
c9f82d49	22	class CarnetModule extends PLModule
	23	{
	24	function handlers()
	25	{
	26	return array(
5e193297	27	'carnet' => $this->make_hook('index', AUTH_COOKIE),
	28	'carnet/panel' => $this->make_hook('panel', AUTH_COOKIE),
	29	'carnet/notifs' => $this->make_hook('notifs', AUTH_COOKIE),
fc12cbd1	30
5e193297	31	'carnet/contacts' => $this->make_hook('contacts', AUTH_COOKIE),
8fc4efa3	32	'carnet/contacts/pdf' => $this->make_hook('pdf', AUTH_COOKIE, 'user', NO_HTTPS),
	33	'carnet/contacts/ical' => $this->make_hook('ical', AUTH_PUBLIC, 'user', NO_HTTPS),
	34	'carnet/contacts/vcard' => $this->make_hook('vcard', AUTH_COOKIE, 'user', NO_HTTPS),
b48a0758	35
8fc4efa3	36	'carnet/rss' => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS),
c9f82d49	37	);
c9f82d49	38	}
0337d704	39
fc12cbd1	40	function _add_rss_link(&$page)
fc12cbd1	41	{
84fc72ff	42	if (!S::hasAuthToken()) {
fc12cbd1	43	return;
fd8f77de	44	}
162370e7	45	$page->setRssLink('Polytechnique.org :: Carnet',
84fc72ff	46	'/carnet/rss/'.S::v('hruid').'/'.S::v('token').'/rss.xml');
fc12cbd1	47	}
fc12cbd1	48
b48a0758	49	function handler_index(&$page)
	50	{
	51	$page->changeTpl('carnet/index.tpl');
46f272fe	52	$page->setTitle('Mon carnet');
b48a0758	53	$this->_add_rss_link($page);
b48a0758	54	}
b48a0758	55
fc12cbd1	56	function handler_panel(&$page)
	57	{
	58	$page->changeTpl('carnet/panel.tpl');
	59
	60	if (Get::has('read')) {
ebfdf077 FB	61	S::set('watch_last', Get::v('read'));
ebfdf077 FB	62	Platal::session()->updateNbNotifs();
8b00e0e0	63	pl_redirect('carnet/panel');
fc12cbd1	64	}
	65
	66	require_once 'notifs.inc.php';
	67
	68	$page->assign('now',date('YmdHis'));
cab08090	69	$notifs = new Notifs(S::v('uid'), true);
fc12cbd1	70
	71	$page->assign('notifs', $notifs);
	72	$page->assign('today', date('Y-m-d'));
	73	$this->_add_rss_link($page);
fc12cbd1	74	}
fc12cbd1	75
4e7bf1e0	76	private function getSinglePromotion(PlPage &$page, $promo)
b48a0758	77	{
4e7bf1e0 FB	78	if (!ctype_digit($promo) \|\| $promo < 1920 \|\| $promo > date('Y')) {
	79	$page->trigError('Promotion invalide : ' . $promo);
	80	return null;
	81	}
	82	return (int)$promo;
	83	}
	84
	85	private function getPromo(PlPage &$page, $promo)
	86	{
	87	if (strpos($promo, '-') === false) {
	88	$promo = $this->getSinglePromotion($page, $promo);
	89	if (!$promo) {
	90	return null;
b48a0758	91	} else {
4e7bf1e0	92	return array($promo);
b48a0758	93	}
b48a0758	94	}
4e7bf1e0 FB	95
	96	list($promo1, $promo2) = explode('-', $promo);
	97	$promo1 = $this->getSinglePromotion($page, $promo1);
	98	if (!$promo1) {
	99	return null;
	100	}
	101	$promo2 = $this->getSinglePromotion($page, $promo2);
	102	if (!$promo2) {
	103	return null;
	104	}
	105	if ($promo1 > $promo2) {
	106	$page->trigError("Intervale non valide : " . $promo);
	107	return null;
	108	}
	109	$array = array();
	110	for ($i = $promo1 ; $i <= $promo2 ; ++$i) {
	111	$array[] = $i;
	112	}
	113	return $array;
b48a0758	114	}
b48a0758	115
4e7bf1e0	116	private function addPromo(PlPage &$page, $promo)
b48a0758	117	{
4e7bf1e0 FB	118	$promos = $this->getPromo($page, $promo);
	119	if (!$promos \|\| count($promos) == 0) {
	120	return;
	121	}
	122	$to_add = array();
	123	foreach ($promos as $promo) {
	124	$to_add[] = XDB::format('({?}, {?})', S::i('uid'), $promo);
	125	}
	126	XDB::execute('INSERT IGNORE INTO watch_promo (uid, promo)
	127	VALUES ' . implode(', ', $to_add));
	128	}
b48a0758	129
4e7bf1e0 FB	130	private function delPromo(PlPage &$page, $promo)
	131	{
	132	$promos = $this->getPromo($page, $promo);
	133	if (!$promos \|\| count($promos) == 0) {
	134	return;
	135	}
	136	$to_delete = array();
	137	foreach ($promos as $promo) {
	138	$to_delete[] = XDB::format('{?}', $promo);
	139	}
	140	XDB::execute('DELETE FROM watch_promo
	141	WHERE ' . XDB::format('uid = {?}', S::i('uid')) . '
	142	AND promo IN (' . implode(', ', $to_delete) . ')');
	143	}
	144
	145	public function addNonRegistered(PlPage &$page, PlUser &$user)
	146	{
	147	XDB::execute('INSERT IGNORE INTO watch_nonins (uid, ni_id)
	148	VALUES ({?}, {?})', S::i('uid'), $user->id());
	149	}
b48a0758	150
4e7bf1e0 FB	151	public function delNonRegistered(PlPage &$page, PlUser &$user)
	152	{
	153	XDB::execute('DELETE FROM watch_nonins
	154	WHERE uid = {?} AND ni_id = {?}',
	155	S::i('uid'), $user->id());
	156	}
b48a0758	157
4e7bf1e0 FB	158	public function handler_notifs(&$page, $action = null, $arg = null)
	159	{
	160	$page->changeTpl('carnet/notifs.tpl');
b48a0758	161
40d428d8 VZ	162	if ($action) {
40d428d8 VZ	163	S::assert_xsrf_token();
4e7bf1e0 FB	164	switch ($action) {
	165	case 'add_promo':
	166	$this->addPromo($page, $arg);
	167	break;
b48a0758	168
4e7bf1e0 FB	169	case 'del_promo':
	170	$this->delPromo($page, $arg);
	171	break;
b48a0758	172
4e7bf1e0 FB	173	case 'del_nonins':
	174	$user = User::get($arg);
	175	if ($user) {
	176	$this->delNonRegistered($page, $user);
	177	}
	178	break;
	179
	180	case 'add_nonins':
	181	$user = User::get($arg);
	182	if ($user) {
	183	$this->addNonRegistered($page, $user);
	184	}
	185	break;
	186	}
b48a0758	187	}
b48a0758	188
40d428d8 VZ	189	if (Env::has('subs')) {
40d428d8 VZ	190	S::assert_xsrf_token();
4e7bf1e0 FB	191	$flags = new PlFlagSet();
	192	foreach (Env::v('sub') as $key=>$value) {
	193	$flags->addFlag($key, $value);
	194	}
	195	XDB::execute('UPDATE watch
	196	SET actions = {?}
	197	WHERE uid = {?}', $flags, S::i('uid'));
e6bf9216 VZ	198	}
e6bf9216 VZ	199
40d428d8 VZ	200	if (Env::has('flags_contacts')) {
40d428d8 VZ	201	S::assert_xsrf_token();
4e7bf1e0 FB	202	XDB::execute('UPDATE watch
4e7bf1e0 FB	203	SET ' . XDB::changeFlag('flags', 'contacts', Env::b('contacts')) . '
7e735012	204	WHERE uid = {?}', S::i('uid'));
b48a0758	205	}
e6bf9216	206
40d428d8 VZ	207	if (Env::has('flags_mail')) {
40d428d8 VZ	208	S::assert_xsrf_token();
4e7bf1e0 FB	209	XDB::execute('UPDATE watch
4e7bf1e0 FB	210	SET ' . XDB::changeFlag('flags', 'mail', Env::b('mail')) . '
7e735012	211	WHERE uid = {?}', S::i('uid'));
4e7bf1e0 FB	212	}
	213
	214	$user = S::user();
	215	$nonins = new UserFilter(new UFC_WatchRegistration($user));
	216
	217	$promo = XDB::fetchColumn('SELECT promo
	218	FROM watch_promo
	219	WHERE uid = {?}
	220	ORDER BY promo', S::i('uid'));
	221	$page->assign('promo_count', count($promo));
	222	$ranges = array();
	223	$range_start = null;
	224	$range_end = null;
	225	foreach ($promo as $p) {
	226	if (is_null($range_start)) {
	227	$range_start = $range_end = $p;
	228	} else if ($p != $range_end + 1) {
	229	$ranges[] = array($range_start, $range_end);
	230	$range_start = $range_end = $p;
	231	} else {
	232	$range_end = $p;
	233	}
b48a0758	234	}
4e7bf1e0 FB	235	$ranges[] = array($range_start, $range_end);
	236	$page->assign('promo_ranges', $ranges);
	237	$page->assign('nonins', $nonins->getUsers());
b48a0758	238
4e7bf1e0 FB	239	list($flags, $actions) = XDB::fetchOneRow('SELECT flags, actions
	240	FROM watch
	241	WHERE uid = {?}', S::i('uid'));
	242	$flags = new PlFlagSet($flags);
	243	$actions = new PlFlagSet($actions);
	244	$page->assign('flags', $flags);
	245	$page->assign('actions', $actions);
b48a0758	246	}
b48a0758	247
a2aa8436	248	function handler_contacts(&$page, $action = null, $subaction = null, $ssaction = null)
b48a0758	249	{
46f272fe	250	$page->setTitle('Mes contacts');
59a61432	251	$this->_add_rss_link($page);
b48a0758	252
cab08090	253	$uid = S::v('uid');
5e2307dc	254	$user = Env::v('user');
b48a0758	255
e6bf9216 VZ	256	// For XSRF protection, checks both the normal xsrf token, and the special RSS token.
e6bf9216 VZ	257	// It allows direct linking to contact adding in the RSS feed.
84fc72ff	258	if (Env::v('action') && Env::v('token') !== S::v('token')) {
40d428d8 VZ	259	S::assert_xsrf_token();
	260	}
	261	switch (Env::v('action')) {
	262	case 'retirer':
d6460651 VZ	263	if (($user = User::get(Env::v('user')))) {
	264	if (XDB::execute("DELETE FROM contacts
	265	WHERE uid = {?} AND contact = {?}", $uid, $user->id())) {
a7d35093	266	$page->trigSuccess("Contact retiré !");
b48a0758	267	}
	268	}
	269	break;
	270
40d428d8	271	case 'ajouter':
d6460651 VZ	272	if (($user = User::get(Env::v('user')))) {
	273	if (XDB::execute("REPLACE INTO contacts (uid, contact)
	274	VALUES ({?}, {?})", $uid, $user->id())) {
a7d35093	275	$page->trigSuccess('Contact ajouté !');
b48a0758	276	} else {
a7d35093	277	$page->trigWarning('Contact déjà dans la liste !');
b48a0758	278	}
b48a0758	279	}
d6460651	280	break;
b48a0758	281	}
b48a0758	282
a2aa8436	283	$search = false;
	284	if ($action == 'search') {
	285	$action = $subaction;
	286	$subaction = $ssaction;
	287	$search = true;
	288	}
	289	if ($search && trim(Env::v('quick'))) {
	290	require_once 'userset.inc.php';
	291	$base = 'carnet/contacts/search';
3b2f9d11	292
adb07f6f	293	Platal::load('search', 'classes.inc.php');
3b2f9d11	294	ThrowError::$throwHook = array($this, 'searchErrorHandler');
3b2f9d11	295	$view = new SearchSet(true, false, "INNER JOIN contacts AS c2 ON (u.user_id = c2.contact)", "c2.uid = $uid");
a2aa8436	296	} else {
	297	$base = 'carnet/contacts';
	298	$view = new UserSet("INNER JOIN contacts AS c2 ON (u.user_id = c2.contact)", " c2.uid = $uid ");
	299	}
1fae7605	300	$view->addMod('minifiche', 'Mini-fiches', true);
8c4a0c30	301	$view->addMod('trombi', 'Trombinoscope', false, array('with_admin' => false, 'with_promo' => true));
a2aa8436	302	$view->addMod('geoloc', 'Planisphère', false, array('with_annu' => 'carnet/contacts/search'));
	303	$view->apply($base, $page, $action, $subaction);
	304	if ($action != 'geoloc' \|\| ($search && !$ssaction) \|\| (!$search && !$subaction)) {
8c4a0c30	305	$page->changeTpl('carnet/mescontacts.tpl');
b48a0758	306	}
b48a0758	307	}
	308
	309	function handler_pdf(&$page, $arg0 = null, $arg1 = null)
	310	{
460d8f55	311	$this->load('contacts.pdf.inc.php');
b48a0758	312	require_once 'user.func.inc.php';
b48a0758	313
732e5855	314	Platal::session()->close();
b48a0758	315
	316	$sql = "SELECT a.alias
	317	FROM aliases AS a
	318	INNER JOIN auth_user_md5 AS u ON ( a.id = u.user_id )
	319	INNER JOIN contacts AS c ON ( a.id = c.contact )
	320	WHERE c.uid = {?} AND a.type='a_vie'";
	321	if ($arg0 == 'promo') {
	322	$sql .= ' ORDER BY u.promo, u.nom, u.prenom';
	323	} else {
	324	$sql .= ' ORDER BY u.nom, u.prenom, u.promo';
	325	}
	326
cab08090	327	$citer = XDB::iterRow($sql, S::v('uid'));
b48a0758	328	$pdf = new ContactsPDF();
	329
	330	while (list($alias) = $citer->next()) {
	331	$user = get_user_details($alias);
ac73e294	332	foreach ($user as &$value) {
	333	if (is_utf8($value)) {
	334	$value = utf8_decode($value);
	335	}
	336	}
93c099e1	337	$pdf = ContactsPDF::addContact($pdf, $user, $arg0 == 'photos' \|\| $arg1 == 'photos');
b48a0758	338	}
	339	$pdf->Output();
	340
	341	exit;
	342	}
	343
c9f82d49	344	function handler_rss(&$page, $user = null, $hash = null)
c9f82d49	345	{
460d8f55	346	$this->load('feed.inc.php');
4e9a7a6d FB	347	$feed = new CarnetFeed();
4e9a7a6d FB	348	return $feed->run($page, $user, $hash);
c9f82d49	349	}
fbfb06dc	350
963c0b2e	351	function handler_ical(&$page, $alias = null, $hash = null)
fbfb06dc	352	{
f3e66b56 FB	353	$user = Platal::session()->tokenAuth($alias, $hash);
	354	if (is_null($user)) {
	355	if (S::logged()) {
	356	$user == S::user();
	357	} else {
	358	return PL_FORBIDDEN;
963c0b2e	359	}
963c0b2e	360	}
5406bb88	361
99544d53	362	require_once 'ical.inc.php';
801fcad8	363	$page->changeTpl('carnet/calendar.tpl', NO_SKIN);
3585b0c8	364	$page->register_function('display_ical', 'display_ical');
fbfb06dc	365
f3b3f363	366	$res = XDB::iterRow(
	367	'SELECT u.prenom,
	368	IF(u.nom_usage = \'\',u.nom,u.nom_usage) AS nom,
	369	u.promo,
	370	u.naissance,
	371	DATE_ADD(u.naissance, INTERVAL 1 DAY) AS end,
	372	u.date_ins,
5406bb88	373	u.hruid
f3b3f363	374	FROM contacts AS c
	375	INNER JOIN auth_user_md5 AS u ON (u.user_id = c.contact)
	376	INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type = \'a_vie\')
f3e66b56	377	WHERE c.uid = {?}', $user->id());
f3b3f363	378
f3b3f363	379	$annivs = Array();
5406bb88	380	while (list($prenom, $nom, $promo, $naissance, $end, $ts, $hruid) = $res->next()) {
f3b3f363	381	$naissance = str_replace('-', '', $naissance);
	382	$end = str_replace('-', '', $end);
	383	$annivs[] = array(
	384	'timestamp' => strtotime($ts),
	385	'date' => $naissance,
	386	'tomorrow' => $end,
5406bb88	387	'hruid' => $hruid,
f3b3f363	388	'summary' => 'Anniversaire de '.$prenom
	389	.' '.$nom.' - x '.$promo,
	390	);
fbfb06dc	391	}
f3b3f363	392	$page->assign('events', $annivs);
fbfb06dc	393
fbfb06dc	394	header('Content-Type: text/calendar; charset=utf-8');
fbfb06dc	395	}
5e193297	396
917c4d11	397	function handler_vcard(&$page, $photos = null)
5e193297	398	{
	399	$res = XDB::query('SELECT contact
	400	FROM contacts
	401	WHERE uid = {?}', S::v('uid'));
5d42c993 FB	402	$vcard = new VCard($photos == 'photos');
	403	$vcard->addUsers($res->fetchColumn());
	404	$vcard->show();
5e193297	405	}
4da0b8d7	406	}
c9f82d49	407
a7de4ef7	408	// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
c9f82d49	409	?>