[platal.git] / modules / events.php

<?php
/***************************************************************************
 *  Copyright (C) 2003-2008 Polytechnique.org                              *
 *  http://opensource.polytechnique.org/                                   *
 *                                                                         *
 *  This program is free software; you can redistribute it and/or modify   *
 *  it under the terms of the GNU General Public License as published by   *
 *  the Free Software Foundation; either version 2 of the License, or      *
 *  (at your option) any later version.                                    *
 *                                                                         *
 *  This program is distributed in the hope that it will be useful,        *
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
 *  GNU General Public License for more details.                           *
 *                                                                         *
 *  You should have received a copy of the GNU General Public License      *
 *  along with this program; if not, write to the Free Software            *
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 ***************************************************************************/

class EventsModule extends PLModule
{
    function handlers()
    {
        return array(
            'events'         => $this->make_hook('ev',        AUTH_COOKIE),
            'rss'            => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS),
            'events/preview' => $this->make_hook('preview', AUTH_PUBLIC, 'user', NO_AUTH),
            'events/photo'   => $this->make_hook('photo', AUTH_PUBLIC),
            'events/submit'  => $this->make_hook('ev_submit', AUTH_MDP),
            'admin/events'   => $this->make_hook('admin_events',     AUTH_MDP, 'admin'),

            'ajax/tips'      => $this->make_hook('tips',      AUTH_COOKIE, 'user', NO_AUTH),
            'admin/tips'     => $this->make_hook('admin_tips', AUTH_MDP, 'admin'),
        );
    }

    private function get_tips($exclude = null)
    {
        global $globals;
        // Add a new special tip when changing plat/al version
        if ($globals->version != S::v('last_version') && is_null($exclude)) {
            XDB::execute('UPDATE auth_user_quick
                             SET last_version = {?}
                           WHERE user_id = {?}',
                           $globals->version, S::i('uid'));
            return array('id' => 0,
                         'titre' => 'Bienvenue sur la nouvelle version du site !',
                         'text' => 'Le site a été mis à jour depuis ta dernière visite vers la version ' . $globals->version
                                   . '.<br /> Nous t\'invitons à <a href="review">faire un tour d\'horizon des '
                                   . 'nouveautés</a>.<br /><br />'
                                   . 'Tu peux également retrouver ces informations sur <a href="banana/xorg.m4x.innovation">'
                                   . 'les forums</a>, ou sur <a href="changelog">la liste exhaustive des modifications</a>.',
                         'priorite' => 255,
                         'promo_min' => 0,
                         'promo_max' => 0,
                         'state'     => 'active',
                         'special'   => true);
        }

        $exclude  = is_null($exclude) ? '' : ' AND id != ' . intval($exclude) . ' ';
        $priority = rand(0, 510);
        do {
            $priority = (int)($priority/2);
            $res = XDB::query("SELECT  *
                                 FROM  tips
                                WHERE  (peremption = '0000-00-00' OR peremption > CURDATE())
                                       AND (promo_min = 0 OR promo_min <= {?})
                                       AND (promo_max = 0 OR promo_max >= {?})
                                       AND (priorite >= {?})
                                       AND (state = 'active')
                                       $exclude
                             ORDER BY  RAND()
                                LIMIT  1",
                              S::i('promo'), S::i('promo'), $priority);
        } while ($priority && !$res->numRows());
        if (!$res->numRows()) {
            return null;
        }
        return $res->fetchOneAssoc();
    }

    private function upload_image(PlPage &$page, PlUpload &$upload)
    {
        if (@!$_FILES['image']['tmp_name'] && !Env::v('image_url')) {
            return true;
        }
        if (!$upload->upload($_FILES['image'])  && !$upload->download(Env::v('image_url'))) {
            $page->trigError('Impossible de télécharger l\'image');
            return false;
        } elseif (!$upload->isType('image')) {
            $page->trigError('Le fichier n\'est pas une image valide au format JPEG, GIF ou PNG.');
            $upload->rm();
            return false;
        } elseif (!$upload->resizeImage(200, 300, 100, 100, 32284)) {
            $page->trigError('Impossible de retraiter l\'image');
            return false;
        }
        return true;
    }

    function handler_ev(&$page, $action = 'list', $eid = null, $pound = null)
    {
        $page->changeTpl('events/index.tpl');
        $page->addJsLink('ajax.js');
        $page->assign('tips', $this->get_tips());

        $res = XDB::query('SELECT date, naissance FROM auth_user_md5
                            WHERE user_id={?}', S::v('uid'));
        list($date, $naissance) = $res->fetchOneRow();

        // incitation à mettre à jour la fiche

        $d2  = mktime(0, 0, 0, substr($date, 5, 2), substr($date, 8, 2),
                      substr($date, 0, 4));
        if( (time() - $d2) > 60 * 60 * 24 * 400 ) {
            // si fiche date de + de 400j;
            $page->assign('fiche_incitation', $date);
        }

        // Souhaite bon anniversaire

        if (substr($naissance, 5) == date('m-d')) {
            $page->assign('birthday', date('Y') - substr($naissance, 0, 4));
        }

        // incitation à mettre une photo

        $res = XDB::query('SELECT COUNT(*) FROM photo
                            WHERE uid={?}', S::v('uid'));
        $page->assign('photo_incitation', $res->fetchOneCell() == 0);

        // Incitation à se géolocaliser
        require_once 'geoloc.inc.php';
        $res = localize_addresses(S::v('uid', -1));
        $page->assign('geoloc_incitation', count($res));

        // ajout du lien RSS
        if (S::rssActivated()) {
            $page->setRssLink('Polytechnique.org :: News',
                              '/rss/'.S::v('forlife') .'/'.S::v('core_rss_hash').'/rss.xml');
        }

        // cache les evenements lus et raffiche les evenements a relire
        if ($action == 'read' && $eid) {
            XDB::execute('DELETE evenements_vus.*
                            FROM evenements_vus AS ev
                      INNER JOIN evenements AS e ON e.id = ev.evt_id
                           WHERE peremption < NOW()');
            XDB::execute('REPLACE INTO evenements_vus VALUES({?},{?})',
                $eid, S::v('uid'));
            pl_redirect('events#'.$pound);
        }

        if ($action == 'unread' && $eid) {
            XDB::execute('DELETE FROM evenements_vus
                           WHERE evt_id = {?} AND user_id = {?}',
                                   $eid, S::v('uid'));
            pl_redirect('events#newsid'.$eid);
        }

        $array = array();
        $it = XDB::iterator("SELECT  e.id,e.titre,e.texte,e.post_id,a.user_id,a.nom,a.prenom,a.promo,l.alias AS forlife,
                                     p.x, p.y, p.attach IS NOT NULL AS img, FIND_IN_SET('wiki', e.flags) AS wiki,
                                     FIND_IN_SET('important', e.flags) AS important,
                                     e.creation_date > DATE_SUB(CURDATE(), INTERVAL 2 DAY) AS news,
                                     e.peremption < DATE_ADD(CURDATE(), INTERVAL 2 DAY) AS end,
                                     ev.user_id IS NULL AS nonlu
                               FROM  evenements       AS e
                          LEFT JOIN  evenements_photo AS p ON (e.id = p.eid)
                         INNER JOIN  auth_user_md5    AS a ON e.user_id=a.user_id
                         INNER JOIN  aliases          AS l ON ( a.user_id=l.id AND l.type='a_vie' )
                          LEFT JOIN  evenements_vus AS ev ON (e.id = ev.evt_id AND ev.user_id = {?})
                              WHERE  FIND_IN_SET('valide', e.flags) AND peremption >= NOW()
                                     AND (e.promo_min = 0 || e.promo_min <= {?})
                                     AND (e.promo_max = 0 || e.promo_max >= {?})
                           ORDER BY  important DESC, news DESC, end DESC, e.peremption, e.creation_date DESC",
                            S::i('uid'), S::i('promo'), S::i('promo'));
        $cats = array('important', 'news', 'end', 'body');
        $body  = $it->next();
        foreach ($cats as $cat) {
            $data = array();
            if (!$body) {
                continue;
            }
            do {
                if ($cat == 'body' || $body[$cat]) {
                    $data[] = $body;
                } else {
                    break;
                }
                $body = $it->next();
            } while ($body);
            if (!empty($data)) {
                $array[$cat] = $data;
            }
        }
        $page->assign_by_ref('events', $array);
    }

    function handler_photo(&$page, $eid = null, $valid = null)
    {
        if ($eid && $eid != 'valid') {
            $res = XDB::query("SELECT * FROM evenements_photo WHERE eid = {?}", $eid);
            if ($res->numRows()) {
                $photo = $res->fetchOneAssoc();
                header('Content-Type: image/' . $photo['attachmime']);
                echo $photo['attach'];
                exit;
            }
        } elseif ($eid == 'valid') {
            require_once 'validations.inc.php';
            $valid = Validate::get_request_by_id($valid);
            if ($valid && $valid->img) {
                header('Content-Type: image/' . $valid->imgtype);
                echo $valid->img;
                exit;
            }
        } else {
            $upload = new PlUpload(S::v('forlife'), 'event');
            if ($upload->exists() && $upload->isType('image')) {
                header('Content-Type: ' . $upload->contentType());
                echo $upload->getContents();
                exit;
            }
        }
        global $globals;
        header('Content-Type: image/png');
        echo file_get_contents($globals->spoolroot . '/htdocs/images/logo.png');
        exit;
    }

    function handler_rss(&$page, $user = null, $hash = null)
    {
        require_once 'rss.inc.php';

        $uid = init_rss('events/rss.tpl', $user, $hash);

        $rss = XDB::iterator(
                'SELECT  e.id, e.titre, e.texte, e.creation_date, e.post_id, p.attachmime IS NOT NULL AS photo,
                         IF(u2.nom_usage = "", u2.nom, u2.nom_usage) AS nom, u2.prenom, u2.promo,
                         FIND_IN_SET(\'wiki\', e.flags) AS wiki
                   FROM  auth_user_md5   AS u
             INNER JOIN  evenements      AS e ON ( (e.promo_min = 0 || e.promo_min <= u.promo)
                                                 AND (e.promo_max = 0 || e.promo_max >= u.promo) )
              LEFT JOIN  evenements_photo AS p ON (p.eid = e.id)
             INNER JOIN  auth_user_md5   AS u2 ON (u2.user_id = e.user_id)
                  WHERE  u.user_id = {?} AND FIND_IN_SET("valide", e.flags)
                                         AND peremption >= NOW()', $uid);
        $page->assign('rss', $rss);
    }

    function handler_preview(&$page)
    {
        $page->changeTpl('events/preview.tpl', NO_SKIN);
        $texte = Get::v('texte');
        if (!is_utf8($texte)) {
            $texte = utf8_encode($texte);
        }
        $titre = Get::v('titre');
        if (!is_utf8($titre)) {
            $titre = utf8_encode($titre);
        }
        $page->assign('texte', $texte);
        $page->assign('titre', $titre);
        header('Content-Type: text/html; charset=utf-8');
    }

    function handler_ev_submit(&$page)
    {
        $page->changeTpl('events/submit.tpl');
        $page->addJsLink('ajax.js');

        $wp = new PlWikiPage('Xorg.Annonce');
        $wp->buildCache();

        $titre      = Post::v('titre');
        $texte      = Post::v('texte');
        $promo_min  = Post::i('promo_min');
        $promo_max  = Post::i('promo_max');
        $peremption = Post::i('peremption');
        $valid_mesg = Post::v('valid_mesg');
        $action     = Post::v('action');
        $upload     = new PlUpload(S::v('forlife'), 'event');
        $this->upload_image($page, $upload);

        if (($promo_min > $promo_max && $promo_max != 0)||
            ($promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020)) ||
            ($promo_max != 0 && ($promo_max <= 1900 || $promo_max >= 2020)))
        {
            $page->trigError("L'intervalle de promotions n'est pas valide");
            $action = null;
        }

        $page->assign('titre', $titre);
        $page->assign('texte', $texte);
        $page->assign('promo_min', $promo_min);
        $page->assign('promo_max', $promo_max);
        $page->assign('peremption', $peremption);
        $page->assign('valid_mesg', $valid_mesg);
        $page->assign('action', strtolower($action));
        $page->assign_by_ref('upload', $upload);

        if ($action == 'Supprimer l\'image') {
            $upload->rm();
            $page->assign('action', false);
        } elseif ($action && (!trim($texte) || !trim($titre))) {
            $page->trigError("L'article doit avoir un titre et un contenu");
        } elseif ($action) {
            S::assert_xsrf_token();

            require_once 'validations.inc.php';
            $evtreq = new EvtReq($titre, $texte, $promo_min, $promo_max,
                                 $peremption, $valid_mesg, S::v('uid'), $upload);
            $evtreq->submit();
            $page->assign('ok', true);
        } elseif (!Env::v('preview')) {
            $upload->rm();
        }
    }

    function handler_tips(&$page, $tips = null)
    {
        header('Content-Type: text/html; charset="UTF-8"');
        $page->changeTpl('include/tips.tpl', NO_SKIN);
        $page->assign('tips', $this->get_tips($tips));
    }

    function handler_admin_tips(&$page, $action = 'list', $id = null)
    {
        $page->setTitle('Polytechnique.org - Administration - Astuces');
        $page->assign('title', 'Gestion des Astuces');
        $table_editor = new PLTableEditor('admin/tips', 'tips', 'id');
        $table_editor->describe('peremption', 'date de péremption', true);
        $table_editor->describe('promo_min', 'promo. min (0 aucune)', false);
        $table_editor->describe('promo_max', 'promo. max (0 aucune)', false);
        $table_editor->describe('titre', 'titre', true);
        $table_editor->describe('state', 'actif', true);
        $table_editor->describe('text', 'texte (html) de l\'astuce', false);
        $table_editor->describe('priorite', '0<=priorité<=255', true);
        $table_editor->list_on_edit(false);
        $table_editor->apply($page, $action, $id);
        if (($action == 'edit' && !is_null($id)) || $action == 'update') {
            $page->changeTpl('events/admin_tips.tpl');
        }
    }

    function handler_admin_events(&$page, $action = 'list', $eid = null)
    {
        $page->changeTpl('events/admin.tpl');
        $page->addJsLink('ajax.js');
        $page->setTitle('Polytechnique.org - Administration - Evenements');
        $page->register_modifier('hde', 'html_entity_decode');

        $arch = $action == 'archives';
        $page->assign('action', $action);

        $upload = new PlUpload(S::v('forlife'), 'event');
        if ((Env::has('preview') || Post::v('action') == "Proposer") && $eid) {
            $action = 'edit';
            $this->upload_image($page, $upload);
        }

        if (Post::v('action') == 'Pas d\'image' && $eid) {
            S::assert_xsrf_token();
            $upload->rm();
            XDB::execute("DELETE FROM evenements_photo WHERE eid = {?}", $eid);
            $action = 'edit';
        } elseif (Post::v('action') == 'Supprimer l\'image' && $eid) {
            S::assert_xsrf_token();
            $upload->rm();
            $action = 'edit';
        } elseif (Post::v('action') == "Proposer" && $eid) {
            S::assert_xsrf_token();
            $promo_min = Post::i('promo_min');
            $promo_max = Post::i('promo_max');
            if (($promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020)) ||
                ($promo_max != 0 && ($promo_max <= 1900 || $promo_max >= 2020 || $promo_max < $promo_min)))
            {
                $page->trigError("L'intervalle de promotions $promo_min -> $promo_max n'est pas valide");
                $action = 'edit';
            } else {
                $res = XDB::query('SELECT flags FROM evenements WHERE id = {?}', $eid);
                $flags = new PlFlagSet($res->fetchOneCell());
                $flags->addFlag('wiki');
                if (Post::v('important')) {
                    $flags->addFlag('important');
                } else {
                    $flags->rmFlag('important');
                }

                XDB::execute('UPDATE evenements
                                 SET creation_date = creation_date,
                                     titre={?}, texte={?}, peremption={?}, promo_min={?}, promo_max={?},
                                     flags = {?}
                               WHERE id = {?}',
                              Post::v('titre'), Post::v('texte'), Post::v('peremption'),
                              Post::v('promo_min'), Post::v('promo_max'),
                              $flags, $eid);
                if ($upload->exists() && list($x, $y, $type) = $upload->imageInfo()) {
                    XDB::execute('REPLACE INTO  evenements_photo
                                           SET  eid = {?}, attachmime = {?}, x = {?}, y = {?}, attach = {?}',
                                 $eid, $type, $x, $y, $upload->getContents());
                    $upload->rm();
                }
            }
        }

        if ($action == 'edit') {
            $res = XDB::query('SELECT titre, texte, peremption, promo_min, promo_max, FIND_IN_SET(\'important\', flags),
                                      attach IS NOT NULL
                                 FROM evenements       AS e
                            LEFT JOIN evenements_photo AS p ON(e.id = p.eid)
                                WHERE id={?}', $eid);
            list($titre, $texte, $peremption, $promo_min, $promo_max, $important, $img) = $res->fetchOneRow();
            $page->assign('titre',$titre);
            $page->assign('texte',$texte);
            $page->assign('promo_min',$promo_min);
            $page->assign('promo_max',$promo_max);
            $page->assign('peremption',$peremption);
            $page->assign('important', $important);
            $page->assign('eid', $eid);
            $page->assign('img', $img);
            $page->assign_by_ref('upload', $upload);

            $select = "";
            for ($i = 1 ; $i < 30 ; $i++) {
                $p_stamp=date("Ymd",time()+3600*24*$i);
                $year=substr($p_stamp,0,4);
                $month=substr($p_stamp,4,2);
                $day=substr($p_stamp,6,2);

                $select .= "<option value=\"$p_stamp\""
                        . (($p_stamp == strtr($peremption, array("-" => ""))) ? " selected" : "")
                        . "> $day / $month / $year</option>\n";
            }
            $page->assign('select',$select);
        } else {
            switch ($action) {
                case 'delete':
                    S::assert_xsrf_token();
                    XDB::execute('DELETE from evenements
                                   WHERE id = {?}', $eid);
                    break;

                case "archive":
                    S::assert_xsrf_token();
                    XDB::execute('UPDATE evenements
                                     SET creation_date = creation_date, flags = CONCAT(flags,",archive")
                                   WHERE id = {?}', $eid);
                    break;

                case "unarchive":
                    S::assert_xsrf_token();
                    XDB::execute('UPDATE evenements
                                     SET creation_date = creation_date, flags = REPLACE(flags,"archive","")
                                   WHERE id = {?}', $eid);
                    $action = 'archives';
                    $arch   = true;
                    break;

                case "valid":
                    S::assert_xsrf_token();
                    XDB::execute('UPDATE evenements
                                     SET creation_date = creation_date, flags = CONCAT(flags,",valide")
                                   WHERE id = {?}', $eid);
                    break;

                case "unvalid":
                    S::assert_xsrf_token();
                    XDB::execute('UPDATE evenements
                                     SET creation_date = creation_date, flags = REPLACE(flags,"valide", "")
                                   WHERE id = {?}', $eid);
                    break;
            }

            $pid = ($eid && $action == 'preview') ? $eid : -1;
            $sql = "SELECT  e.id, e.titre, e.texte,e.id = $pid AS preview,
                            DATE_FORMAT(e.creation_date,'%d/%m/%Y %T') AS creation_date,
                            DATE_FORMAT(e.peremption,'%d/%m/%Y') AS peremption,
                            e.promo_min, e.promo_max,
                            FIND_IN_SET('valide', e.flags) AS fvalide,
                            FIND_IN_SET('archive', e.flags) AS farch,
                            u.promo, u.nom, u.prenom, a.alias AS forlife,
                            FIND_IN_SET('wiki', e.flags) AS wiki
                      FROM  evenements    AS e
                INNER JOIN  auth_user_md5 AS u ON(e.user_id = u.user_id)
                INNER JOIN  aliases AS a ON (u.user_id = a.id AND a.type='a_vie')
                     WHERE  ".($arch ? "" : "!")."FIND_IN_SET('archive',e.flags)
                  ORDER BY  FIND_IN_SET('valide',e.flags), e.peremption DESC";
            $page->assign('evs', XDB::iterator($sql));
        }
        $page->assign('arch', $arch);
        $page->assign('admin_evts', true);
    }
}

// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
?>
Commit	Line	Data
74e0093f	1	<?php
74e0093f	2	/***************************************************************************
179afa7f	3	* Copyright (C) 2003-2008 Polytechnique.org *
74e0093f	4	* http://opensource.polytechnique.org/ *
	5	* *
	6	* This program is free software; you can redistribute it and/or modify *
	7	* it under the terms of the GNU General Public License as published by *
	8	* the Free Software Foundation; either version 2 of the License, or *
	9	* (at your option) any later version. *
	10	* *
	11	* This program is distributed in the hope that it will be useful, *
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
	14	* GNU General Public License for more details. *
	15	* *
	16	* You should have received a copy of the GNU General Public License *
	17	* along with this program; if not, write to the Free Software *
	18	* Foundation, Inc., *
	19	* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
	20	***************************************************************************/
	21
	22	class EventsModule extends PLModule
	23	{
	24	function handlers()
	25	{
	26	return array(
1a828cd4	27	'events' => $this->make_hook('ev', AUTH_COOKIE),
8fc4efa3	28	'rss' => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS),
9ed396c0	29	'events/preview' => $this->make_hook('preview', AUTH_PUBLIC, 'user', NO_AUTH),
f62bd784	30	'events/photo' => $this->make_hook('photo', AUTH_PUBLIC),
1a828cd4	31	'events/submit' => $this->make_hook('ev_submit', AUTH_MDP),
92423144	32	'admin/events' => $this->make_hook('admin_events', AUTH_MDP, 'admin'),
b829e258	33
9ed396c0	34	'ajax/tips' => $this->make_hook('tips', AUTH_COOKIE, 'user', NO_AUTH),
dc767839	35	'admin/tips' => $this->make_hook('admin_tips', AUTH_MDP, 'admin'),
74e0093f	36	);
	37	}
	38
02838718	39	private function get_tips($exclude = null)
dc767839	40	{
6ce5dee4	41	global $globals;
6ce5dee4	42	// Add a new special tip when changing plat/al version
908db125	43	if ($globals->version != S::v('last_version') && is_null($exclude)) {
6ce5dee4	44	XDB::execute('UPDATE auth_user_quick
	45	SET last_version = {?}
	46	WHERE user_id = {?}',
	47	$globals->version, S::i('uid'));
	48	return array('id' => 0,
	49	'titre' => 'Bienvenue sur la nouvelle version du site !',
	50	'text' => 'Le site a été mis à jour depuis ta dernière visite vers la version ' . $globals->version
44837f02 FB	51	. '.<br /> Nous t\'invitons à <a href="review">faire un tour d\'horizon des '
	52	. 'nouveautés</a>.<br /><br />'
	53	. 'Tu peux également retrouver ces informations sur <a href="banana/xorg.m4x.innovation">'
661e78f7	54	. 'les forums</a>, ou sur <a href="changelog">la liste exhaustive des modifications</a>.',
6ce5dee4	55	'priorite' => 255,
	56	'promo_min' => 0,
	57	'promo_max' => 0,
	58	'state' => 'active',
	59	'special' => true);
908db125	60	}
6ce5dee4	61
73279cf8	62	$exclude = is_null($exclude) ? '' : ' AND id != ' . intval($exclude) . ' ';
dc767839	63	$priority = rand(0, 510);
	64	do {
	65	$priority = (int)($priority/2);
	66	$res = XDB::query("SELECT *
	67	FROM tips
	68	WHERE (peremption = '0000-00-00' OR peremption > CURDATE())
	69	AND (promo_min = 0 OR promo_min <= {?})
	70	AND (promo_max = 0 OR promo_max >= {?})
	71	AND (priorite >= {?})
5d617d8d	72	AND (state = 'active')
dc767839	73	$exclude
	74	ORDER BY RAND()
	75	LIMIT 1",
	76	S::i('promo'), S::i('promo'), $priority);
	77	} while ($priority && !$res->numRows());
	78	if (!$res->numRows()) {
	79	return null;
eaf30d86	80	}
dc767839	81	return $res->fetchOneAssoc();
	82	}
	83
04334c61	84	private function upload_image(PlPage &$page, PlUpload &$upload)
02838718	85	{
	86	if (@!$_FILES['image']['tmp_name'] && !Env::v('image_url')) {
	87	return true;
	88	}
	89	if (!$upload->upload($_FILES['image']) && !$upload->download(Env::v('image_url'))) {
a7d35093	90	$page->trigError('Impossible de télécharger l\'image');
02838718	91	return false;
02838718	92	} elseif (!$upload->isType('image')) {
a7d35093	93	$page->trigError('Le fichier n\'est pas une image valide au format JPEG, GIF ou PNG.');
02838718	94	$upload->rm();
	95	return false;
	96	} elseif (!$upload->resizeImage(200, 300, 100, 100, 32284)) {
a7d35093	97	$page->trigError('Impossible de retraiter l\'image');
02838718	98	return false;
	99	}
	100	return true;
	101	}
	102
096f0dca	103	function handler_ev(&$page, $action = 'list', $eid = null, $pound = null)
1a828cd4	104	{
8b1f8e12	105	$page->changeTpl('events/index.tpl');
dc767839	106	$page->addJsLink('ajax.js');
	107	$page->assign('tips', $this->get_tips());
	108
08cce2ff	109	$res = XDB::query('SELECT date, naissance FROM auth_user_md5
d0e45ced	110	WHERE user_id={?}', S::v('uid'));
1a828cd4	111	list($date, $naissance) = $res->fetchOneRow();
1a828cd4	112
a7de4ef7	113	// incitation à mettre à jour la fiche
1a828cd4	114
	115	$d2 = mktime(0, 0, 0, substr($date, 5, 2), substr($date, 8, 2),
	116	substr($date, 0, 4));
	117	if( (time() - $d2) > 60 * 60 * 24 * 400 ) {
	118	// si fiche date de + de 400j;
	119	$page->assign('fiche_incitation', $date);
	120	}
	121
	122	// Souhaite bon anniversaire
	123
	124	if (substr($naissance, 5) == date('m-d')) {
	125	$page->assign('birthday', date('Y') - substr($naissance, 0, 4));
	126	}
	127
a7de4ef7	128	// incitation à mettre une photo
1a828cd4	129
08cce2ff	130	$res = XDB::query('SELECT COUNT(*) FROM photo
d0e45ced	131	WHERE uid={?}', S::v('uid'));
1a828cd4	132	$page->assign('photo_incitation', $res->fetchOneCell() == 0);
1a828cd4	133
a7de4ef7	134	// Incitation à se géolocaliser
1a828cd4	135	require_once 'geoloc.inc.php';
cab08090	136	$res = localize_addresses(S::v('uid', -1));
1a828cd4	137	$page->assign('geoloc_incitation', count($res));
1a828cd4	138
1a828cd4	139	// ajout du lien RSS
0279e18d	140	if (S::rssActivated()) {
162370e7	141	$page->setRssLink('Polytechnique.org :: News',
162370e7	142	'/rss/'.S::v('forlife') .'/'.S::v('core_rss_hash').'/rss.xml');
1a828cd4	143	}
	144
	145	// cache les evenements lus et raffiche les evenements a relire
4e61caea	146	if ($action == 'read' && $eid) {
eadff9f9	147	XDB::execute('DELETE evenements_vus.*
eaf30d86	148	FROM evenements_vus AS ev
eadff9f9	149	INNER JOIN evenements AS e ON e.id = ev.evt_id
eadff9f9	150	WHERE peremption < NOW()');
08cce2ff	151	XDB::execute('REPLACE INTO evenements_vus VALUES({?},{?})',
096f0dca	152	$eid, S::v('uid'));
096f0dca	153	pl_redirect('events#'.$pound);
1a828cd4	154	}
1a828cd4	155
4e61caea	156	if ($action == 'unread' && $eid) {
08cce2ff	157	XDB::execute('DELETE FROM evenements_vus
eadff9f9	158	WHERE evt_id = {?} AND user_id = {?}',
4e61caea	159	$eid, S::v('uid'));
096f0dca	160	pl_redirect('events#newsid'.$eid);
1a828cd4	161	}
1a828cd4	162
d0e45ced	163	$array = array();
c321aa99 FB	164	$it = XDB::iterator("SELECT e.id,e.titre,e.texte,e.post_id,a.user_id,a.nom,a.prenom,a.promo,l.alias AS forlife,
	165	p.x, p.y, p.attach IS NOT NULL AS img, FIND_IN_SET('wiki', e.flags) AS wiki,
	166	FIND_IN_SET('important', e.flags) AS important,
	167	e.creation_date > DATE_SUB(CURDATE(), INTERVAL 2 DAY) AS news,
	168	e.peremption < DATE_ADD(CURDATE(), INTERVAL 2 DAY) AS end,
	169	ev.user_id IS NULL AS nonlu
	170	FROM evenements AS e
	171	LEFT JOIN evenements_photo AS p ON (e.id = p.eid)
	172	INNER JOIN auth_user_md5 AS a ON e.user_id=a.user_id
	173	INNER JOIN aliases AS l ON ( a.user_id=l.id AND l.type='a_vie' )
	174	LEFT JOIN evenements_vus AS ev ON (e.id = ev.evt_id AND ev.user_id = {?})
	175	WHERE FIND_IN_SET('valide', e.flags) AND peremption >= NOW()
	176	AND (e.promo_min = 0 \|\| e.promo_min <= {?})
	177	AND (e.promo_max = 0 \|\| e.promo_max >= {?})
	178	ORDER BY important DESC, news DESC, end DESC, e.peremption, e.creation_date DESC",
	179	S::i('uid'), S::i('promo'), S::i('promo'));
	180	$cats = array('important', 'news', 'end', 'body');
	181	$body = $it->next();
	182	foreach ($cats as $cat) {
	183	$data = array();
	184	if (!$body) {
	185	continue;
	186	}
	187	do {
	188	if ($cat == 'body' \|\| $body[$cat]) {
	189	$data[] = $body;
	190	} else {
	191	break;
	192	}
	193	$body = $it->next();
	194	} while ($body);
	195	if (!empty($data)) {
	196	$array[$cat] = $data;
	197	}
	198	}
d0e45ced	199	$page->assign_by_ref('events', $array);
1a828cd4	200	}
1a828cd4	201
02838718	202	function handler_photo(&$page, $eid = null, $valid = null)
	203	{
	204	if ($eid && $eid != 'valid') {
	205	$res = XDB::query("SELECT * FROM evenements_photo WHERE eid = {?}", $eid);
	206	if ($res->numRows()) {
	207	$photo = $res->fetchOneAssoc();
	208	header('Content-Type: image/' . $photo['attachmime']);
	209	echo $photo['attach'];
	210	exit;
	211	}
	212	} elseif ($eid == 'valid') {
	213	require_once 'validations.inc.php';
	214	$valid = Validate::get_request_by_id($valid);
	215	if ($valid && $valid->img) {
	216	header('Content-Type: image/' . $valid->imgtype);
	217	echo $valid->img;
	218	exit;
	219	}
	220	} else {
	221	$upload = new PlUpload(S::v('forlife'), 'event');
	222	if ($upload->exists() && $upload->isType('image')) {
	223	header('Content-Type: ' . $upload->contentType());
	224	echo $upload->getContents();
	225	exit;
	226	}
	227	}
	228	global $globals;
	229	header('Content-Type: image/png');
	230	echo file_get_contents($globals->spoolroot . '/htdocs/images/logo.png');
	231	exit;
	232	}
	233
d1c97e42	234	function handler_rss(&$page, $user = null, $hash = null)
eaf30d86	235	{
d1c97e42	236	require_once 'rss.inc.php';
eaf30d86	237
8b1f8e12	238	$uid = init_rss('events/rss.tpl', $user, $hash);
eaf30d86	239
d1c97e42	240	$rss = XDB::iterator(
f62bd784	241	'SELECT e.id, e.titre, e.texte, e.creation_date, e.post_id, p.attachmime IS NOT NULL AS photo,
a9a7a9dd FB	242	IF(u2.nom_usage = "", u2.nom, u2.nom_usage) AS nom, u2.prenom, u2.promo,
a9a7a9dd FB	243	FIND_IN_SET(\'wiki\', e.flags) AS wiki
d1c97e42	244	FROM auth_user_md5 AS u
	245	INNER JOIN evenements AS e ON ( (e.promo_min = 0 \|\| e.promo_min <= u.promo)
	246	AND (e.promo_max = 0 \|\| e.promo_max >= u.promo) )
f62bd784	247	LEFT JOIN evenements_photo AS p ON (p.eid = e.id)
d1c97e42	248	INNER JOIN auth_user_md5 AS u2 ON (u2.user_id = e.user_id)
010268b2	249	WHERE u.user_id = {?} AND FIND_IN_SET("valide", e.flags)
d1c97e42	250	AND peremption >= NOW()', $uid);
d1c97e42	251	$page->assign('rss', $rss);
db3bd146	252	}
	253
	254	function handler_preview(&$page)
	255	{
db3bd146	256	$page->changeTpl('events/preview.tpl', NO_SKIN);
	257	$texte = Get::v('texte');
	258	if (!is_utf8($texte)) {
	259	$texte = utf8_encode($texte);
	260	}
db3bd146	261	$titre = Get::v('titre');
	262	if (!is_utf8($titre)) {
	263	$titre = utf8_encode($titre);
	264	}
794feea7	265	$page->assign('texte', $texte);
db3bd146	266	$page->assign('titre', $titre);
	267	header('Content-Type: text/html; charset=utf-8');
	268	}
d1c97e42	269
1a828cd4	270	function handler_ev_submit(&$page)
74e0093f	271	{
8b1f8e12	272	$page->changeTpl('events/submit.tpl');
db3bd146	273	$page->addJsLink('ajax.js');
eaf30d86	274
8f201b69 FB	275	$wp = new PlWikiPage('Xorg.Annonce');
8f201b69 FB	276	$wp->buildCache();
74e0093f	277
5e2307dc	278	$titre = Post::v('titre');
	279	$texte = Post::v('texte');
	280	$promo_min = Post::i('promo_min');
	281	$promo_max = Post::i('promo_max');
	282	$peremption = Post::i('peremption');
	283	$valid_mesg = Post::v('valid_mesg');
	284	$action = Post::v('action');
02838718	285	$upload = new PlUpload(S::v('forlife'), 'event');
02838718	286	$this->upload_image($page, $upload);
74e0093f	287
d1c97e42	288	if (($promo_min > $promo_max && $promo_max != 0)\|\|
2086ab7f	289	($promo_min != 0 && ($promo_min <= 1900 \|\| $promo_min >= 2020)) \|\|
	290	($promo_max != 0 && ($promo_max <= 1900 \|\| $promo_max >= 2020)))
	291	{
a7d35093	292	$page->trigError("L'intervalle de promotions n'est pas valide");
2086ab7f	293	$action = null;
	294	}
	295
74e0093f	296	$page->assign('titre', $titre);
	297	$page->assign('texte', $texte);
	298	$page->assign('promo_min', $promo_min);
	299	$page->assign('promo_max', $promo_max);
	300	$page->assign('peremption', $peremption);
	301	$page->assign('valid_mesg', $valid_mesg);
	302	$page->assign('action', strtolower($action));
02838718	303	$page->assign_by_ref('upload', $upload);
74e0093f	304
02838718	305	if ($action == 'Supprimer l\'image') {
	306	$upload->rm();
	307	$page->assign('action', false);
	308	} elseif ($action && (!trim($texte) \|\| !trim($titre))) {
a7d35093	309	$page->trigError("L'article doit avoir un titre et un contenu");
db3bd146	310	} elseif ($action) {
7b642046 VZ	311	S::assert_xsrf_token();
7b642046 VZ	312
74e0093f	313	require_once 'validations.inc.php';
74e0093f	314	$evtreq = new EvtReq($titre, $texte, $promo_min, $promo_max,
02838718	315	$peremption, $valid_mesg, S::v('uid'), $upload);
74e0093f	316	$evtreq->submit();
74e0093f	317	$page->assign('ok', true);
02838718	318	} elseif (!Env::v('preview')) {
02838718	319	$upload->rm();
74e0093f	320	}
74e0093f	321	}
b829e258	322
dc767839	323	function handler_tips(&$page, $tips = null)
dc767839	324	{
493b6abe	325	header('Content-Type: text/html; charset="UTF-8"');
dc767839	326	$page->changeTpl('include/tips.tpl', NO_SKIN);
	327	$page->assign('tips', $this->get_tips($tips));
	328	}
	329
	330	function handler_admin_tips(&$page, $action = 'list', $id = null)
	331	{
143ba7c9	332	$page->setTitle('Polytechnique.org - Administration - Astuces');
dc767839	333	$page->assign('title', 'Gestion des Astuces');
dc767839	334	$table_editor = new PLTableEditor('admin/tips', 'tips', 'id');
a7de4ef7	335	$table_editor->describe('peremption', 'date de péremption', true);
dc767839	336	$table_editor->describe('promo_min', 'promo. min (0 aucune)', false);
	337	$table_editor->describe('promo_max', 'promo. max (0 aucune)', false);
	338	$table_editor->describe('titre', 'titre', true);
5d617d8d	339	$table_editor->describe('state', 'actif', true);
dc767839	340	$table_editor->describe('text', 'texte (html) de l\'astuce', false);
a7de4ef7	341	$table_editor->describe('priorite', '0<=priorité<=255', true);
3851b0a6	342	$table_editor->list_on_edit(false);
dc767839	343	$table_editor->apply($page, $action, $id);
3851b0a6	344	if (($action == 'edit' && !is_null($id)) \|\| $action == 'update') {
3032cbd8	345	$page->changeTpl('events/admin_tips.tpl');
3032cbd8	346	}
dc767839	347	}
dc767839	348
eaf30d86	349	function handler_admin_events(&$page, $action = 'list', $eid = null)
506a46ed	350	{
e2efba7d	351	$page->changeTpl('events/admin.tpl');
db3bd146	352	$page->addJsLink('ajax.js');
143ba7c9	353	$page->setTitle('Polytechnique.org - Administration - Evenements');
506a46ed	354	$page->register_modifier('hde', 'html_entity_decode');
	355
	356	$arch = $action == 'archives';
	357	$page->assign('action', $action);
02838718	358
	359	$upload = new PlUpload(S::v('forlife'), 'event');
	360	if ((Env::has('preview') \|\| Post::v('action') == "Proposer") && $eid) {
	361	$action = 'edit';
	362	$this->upload_image($page, $upload);
	363	}
	364
	365	if (Post::v('action') == 'Pas d\'image' && $eid) {
7b642046	366	S::assert_xsrf_token();
02838718	367	$upload->rm();
	368	XDB::execute("DELETE FROM evenements_photo WHERE eid = {?}", $eid);
	369	$action = 'edit';
	370	} elseif (Post::v('action') == 'Supprimer l\'image' && $eid) {
7b642046	371	S::assert_xsrf_token();
02838718	372	$upload->rm();
	373	$action = 'edit';
	374	} elseif (Post::v('action') == "Proposer" && $eid) {
7b642046	375	S::assert_xsrf_token();
2086ab7f	376	$promo_min = Post::i('promo_min');
2086ab7f	377	$promo_max = Post::i('promo_max');
1b602af5	378	if (($promo_min != 0 && ($promo_min <= 1900 \|\| $promo_min >= 2020)) \|\|
1b602af5	379	($promo_max != 0 && ($promo_max <= 1900 \|\| $promo_max >= 2020 \|\| $promo_max < $promo_min)))
2086ab7f	380	{
a7d35093	381	$page->trigError("L'intervalle de promotions $promo_min -> $promo_max n'est pas valide");
2086ab7f	382	$action = 'edit';
2086ab7f	383	} else {
9ed396c0	384	$res = XDB::query('SELECT flags FROM evenements WHERE id = {?}', $eid);
113f6de8	385	$flags = new PlFlagSet($res->fetchOneCell());
794feea7	386	$flags->addFlag('wiki');
9ed396c0	387	if (Post::v('important')) {
	388	$flags->addFlag('important');
	389	} else {
	390	$flags->rmFlag('important');
eaf30d86	391	}
794feea7	392
2086ab7f	393	XDB::execute('UPDATE evenements
eaf30d86	394	SET creation_date = creation_date,
9ed396c0	395	titre={?}, texte={?}, peremption={?}, promo_min={?}, promo_max={?},
9ed396c0	396	flags = {?}
eaf30d86	397	WHERE id = {?}',
2086ab7f	398	Post::v('titre'), Post::v('texte'), Post::v('peremption'),
9ed396c0	399	Post::v('promo_min'), Post::v('promo_max'),
77e786e1	400	$flags, $eid);
02838718	401	if ($upload->exists() && list($x, $y, $type) = $upload->imageInfo()) {
	402	XDB::execute('REPLACE INTO evenements_photo
	403	SET eid = {?}, attachmime = {?}, x = {?}, y = {?}, attach = {?}',
	404	$eid, $type, $x, $y, $upload->getContents());
	405	$upload->rm();
	406	}
eaf30d86	407	}
92423144	408	}
506a46ed	409
506a46ed	410	if ($action == 'edit') {
02838718	411	$res = XDB::query('SELECT titre, texte, peremption, promo_min, promo_max, FIND_IN_SET(\'important\', flags),
	412	attach IS NOT NULL
	413	FROM evenements AS e
	414	LEFT JOIN evenements_photo AS p ON(e.id = p.eid)
506a46ed	415	WHERE id={?}', $eid);
02838718	416	list($titre, $texte, $peremption, $promo_min, $promo_max, $important, $img) = $res->fetchOneRow();
506a46ed	417	$page->assign('titre',$titre);
	418	$page->assign('texte',$texte);
	419	$page->assign('promo_min',$promo_min);
	420	$page->assign('promo_max',$promo_max);
	421	$page->assign('peremption',$peremption);
9ed396c0	422	$page->assign('important', $important);
02838718	423	$page->assign('eid', $eid);
	424	$page->assign('img', $img);
	425	$page->assign_by_ref('upload', $upload);
506a46ed	426
	427	$select = "";
	428	for ($i = 1 ; $i < 30 ; $i++) {
	429	$p_stamp=date("Ymd",time()+360024$i);
	430	$year=substr($p_stamp,0,4);
	431	$month=substr($p_stamp,4,2);
	432	$day=substr($p_stamp,6,2);
	433
eaf30d86	434	$select .= "<option value=\"$p_stamp\""
506a46ed	435	. (($p_stamp == strtr($peremption, array("-" => ""))) ? " selected" : "")
	436	. "> $day / $month / $year</option>\n";
	437	}
	438	$page->assign('select',$select);
	439	} else {
	440	switch ($action) {
	441	case 'delete':
7b642046	442	S::assert_xsrf_token();
506a46ed	443	XDB::execute('DELETE from evenements
	444	WHERE id = {?}', $eid);
	445	break;
	446
	447	case "archive":
7b642046	448	S::assert_xsrf_token();
506a46ed	449	XDB::execute('UPDATE evenements
	450	SET creation_date = creation_date, flags = CONCAT(flags,",archive")
	451	WHERE id = {?}', $eid);
	452	break;
	453
	454	case "unarchive":
7b642046	455	S::assert_xsrf_token();
506a46ed	456	XDB::execute('UPDATE evenements
	457	SET creation_date = creation_date, flags = REPLACE(flags,"archive","")
	458	WHERE id = {?}', $eid);
	459	$action = 'archives';
	460	$arch = true;
	461	break;
	462
	463	case "valid":
7b642046	464	S::assert_xsrf_token();
506a46ed	465	XDB::execute('UPDATE evenements
	466	SET creation_date = creation_date, flags = CONCAT(flags,",valide")
	467	WHERE id = {?}', $eid);
	468	break;
	469
	470	case "unvalid":
7b642046	471	S::assert_xsrf_token();
506a46ed	472	XDB::execute('UPDATE evenements
	473	SET creation_date = creation_date, flags = REPLACE(flags,"valide", "")
	474	WHERE id = {?}', $eid);
	475	break;
	476	}
	477
	478	$pid = ($eid && $action == 'preview') ? $eid : -1;
	479	$sql = "SELECT e.id, e.titre, e.texte,e.id = $pid AS preview,
92423144	480	DATE_FORMAT(e.creation_date,'%d/%m/%Y %T') AS creation_date,
	481	DATE_FORMAT(e.peremption,'%d/%m/%Y') AS peremption,
	482	e.promo_min, e.promo_max,
	483	FIND_IN_SET('valide', e.flags) AS fvalide,
	484	FIND_IN_SET('archive', e.flags) AS farch,
794feea7	485	u.promo, u.nom, u.prenom, a.alias AS forlife,
c321aa99	486	FIND_IN_SET('wiki', e.flags) AS wiki
92423144	487	FROM evenements AS e
	488	INNER JOIN auth_user_md5 AS u ON(e.user_id = u.user_id)
	489	INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type='a_vie')
	490	WHERE ".($arch ? "" : "!")."FIND_IN_SET('archive',e.flags)
506a46ed	491	ORDER BY FIND_IN_SET('valide',e.flags), e.peremption DESC";
92423144	492	$page->assign('evs', XDB::iterator($sql));
92423144	493	}
506a46ed	494	$page->assign('arch', $arch);
9ed396c0	495	$page->assign('admin_evts', true);
eaf30d86	496	}
74e0093f	497	}
74e0093f	498
a7de4ef7	499	// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
74e0093f	500	?>