[platal.git] / modules / platal.php

<?php
/***************************************************************************
 *  Copyright (C) 2003-2006 Polytechnique.org                              *
 *  http://opensource.polytechnique.org/                                   *
 *                                                                         *
 *  This program is free software; you can redistribute it and/or modify   *
 *  it under the terms of the GNU General Public License as published by   *
 *  the Free Software Foundation; either version 2 of the License, or      *
 *  (at your option) any later version.                                    *
 *                                                                         *
 *  This program is distributed in the hope that it will be useful,        *
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
 *  GNU General Public License for more details.                           *
 *                                                                         *
 *  You should have received a copy of the GNU General Public License      *
 *  along with this program; if not, write to the Free Software            *
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 ***************************************************************************/

class PlatalModule extends PLModule
{
    function handlers()
    {
        return array(
            'preferences' => $this->make_hook('prefs', AUTH_COOKIE),
            'password'    => $this->make_hook('password', AUTH_MDP),
            'tmpPWD'      => $this->make_hook('tmpPWD', AUTH_PUBLIC),
            'skin'        => $this->make_hook('skin', AUTH_COOKIE),
        );
    }

    function handler_prefs(&$page)
    {
        global $globals;

        $page->changeTpl('preferences.tpl');
        $page->assign('xorg_title','Polytechnique.org - Mes pr�f�rences');

        if (Env::has('mail_fmt')) {
            $fmt = Env::get('mail_fmt');
            if ($fmt != 'texte') $fmt = 'html';
            $globals->xdb->execute("UPDATE auth_user_quick
                                       SET core_mail_fmt = '$fmt'
                                     WHERE user_id = {?}",
                                     Session::getInt('uid'));
            $_SESSION['mail_fmt'] = $fmt;
            redirect('preferences');
        }

        if (Env::has('rss')) {
            if (Env::getBool('rss')) {
                $_SESSION['core_rss_hash'] = rand_url_id(16);
                $globals->xdb->execute('UPDATE  auth_user_quick
                                           SET  core_rss_hash={?} WHERE user_id={?}',
                                       Session::get('core_rss_hash'),
                                       Session::getInt('uid'));
            } else {
                $globals->xdb->execute('UPDATE  auth_user_quick
                                           SET  core_rss_hash="" WHERE user_id={?}',
                                       Session::getInt('uid'));
                Session::kill('core_rss_hash');
            }
            redirect('preferences');
        }

        $page->assign('prefs', $globals->hook->prefs());

        return PL_OK;
    }

    function handler_password(&$page)
    {
        global $globals;

        if (Post::has('response2'))  {
            require_once 'secure_hash.inc.php';

            $_SESSION['password'] = $password = Post::get('response2');

            $globals->xdb->execute('UPDATE  auth_user_md5 
                                       SET  password={?}
                                     WHERE  user_id={?}', $password,
                                     Session::getInt('uid'));

            $log =& Session::getMixed('log');
            $log->log('passwd', '');

            if (Cookie::get('ORGaccess')) {
                setcookie('ORGaccess', hash_encrypt($password), (time()+25920000), '/', '' ,0);
            }

            $page->changeTpl('motdepasse.success.tpl');
            $page->run();
        }

        $page->changeTpl('motdepasse.tpl');
        $page->addJsLink('javascript/motdepasse.js');
        $page->assign('xorg_title','Polytechnique.org - Mon mot de passe');

        return PL_OK;
    }

    function handler_tmpPWD(&$page, $certif = null)
    {
        global $globals;

        $globals->xdb->execute('DELETE FROM perte_pass
                                      WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created');

        $res   = $globals->xdb->query('SELECT uid FROM perte_pass WHERE certificat={?}', $certif);
        $ligne = $res->fetchOneAssoc();
        if (!$ligne) {
            $page->changeTpl('index.tpl');
            $page->kill("Cette adresse n'existe pas ou n'existe plus sur le serveur.");
        }

        $uid = $ligne["uid"];
        if (Post::has('response2')) {
            $password = Post::get('response2');
            $logger   = new DiogenesCoreLogger($uid);
            $globals->xdb->query('UPDATE  auth_user_md5 SET password={?}
                                   WHERE  user_id={?} AND perms IN("admin","user")',
                                 $password, $uid);
            $globals->xdb->query('DELETE FROM perte_pass WHERE certificat={?}', $certif);
            $logger->log("passwd","");
            $page->changeTpl('tmpPWD.success.tpl');
        } else {
            $page->changeTpl('motdepasse.tpl');
            $page->addJsLink('javascript/motdepasse.js');
        }

        return PL_OK;
    }

    function handler_skin(&$page)
    {
        global $globals;

        if (!$globals->skin->enable) {
            redirect('./');
        }

        $page->changeTpl('skins.tpl');
        $page->assign('xorg_title','Polytechnique.org - Skins');

        if (Env::has('newskin'))  {  // formulaire soumis, traitons les donn�es envoy�es
            $globals->xdb->execute('UPDATE auth_user_quick
                                       SET skin={?} WHERE user_id={?}',
                                    Env::getInt('newskin'),
                                    Session::getInt('uid'));
            set_skin();
        }

        $sql = "SELECT s.*,auteur,count(*) AS nb
                  FROM skins AS s
             LEFT JOIN auth_user_quick AS a ON s.id=a.skin
                 WHERE skin_tpl != '' AND ext != ''
              GROUP BY id ORDER BY s.date DESC";
        $page->assign_by_ref('skins', $globals->xdb->iterator($sql));
        return PL_OK;
    }
}

?>
Commit	Line	Data
e59506eb	1	<?php
	2	/***************************************************************************
	3	* Copyright (C) 2003-2006 Polytechnique.org *
	4	* http://opensource.polytechnique.org/ *
	5	* *
	6	* This program is free software; you can redistribute it and/or modify *
	7	* it under the terms of the GNU General Public License as published by *
	8	* the Free Software Foundation; either version 2 of the License, or *
	9	* (at your option) any later version. *
	10	* *
	11	* This program is distributed in the hope that it will be useful, *
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
	14	* GNU General Public License for more details. *
	15	* *
	16	* You should have received a copy of the GNU General Public License *
	17	* along with this program; if not, write to the Free Software *
	18	* Foundation, Inc., *
	19	* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
	20	***************************************************************************/
	21
	22	class PlatalModule extends PLModule
	23	{
	24	function handlers()
	25	{
	26	return array(
	27	'preferences' => $this->make_hook('prefs', AUTH_COOKIE),
7c77c3ee	28	'password' => $this->make_hook('password', AUTH_MDP),
6c49d0af	29	'tmpPWD' => $this->make_hook('tmpPWD', AUTH_PUBLIC),
9bae6004	30	'skin' => $this->make_hook('skin', AUTH_COOKIE),
e59506eb	31	);
	32	}
	33
	34	function handler_prefs(&$page)
	35	{
	36	global $globals;
	37
	38	$page->changeTpl('preferences.tpl');
	39	$page->assign('xorg_title','Polytechnique.org - Mes pr�f�rences');
	40
	41	if (Env::has('mail_fmt')) {
	42	$fmt = Env::get('mail_fmt');
	43	if ($fmt != 'texte') $fmt = 'html';
	44	$globals->xdb->execute("UPDATE auth_user_quick
	45	SET core_mail_fmt = '$fmt'
	46	WHERE user_id = {?}",
	47	Session::getInt('uid'));
	48	$_SESSION['mail_fmt'] = $fmt;
	49	redirect('preferences');
	50	}
	51
	52	if (Env::has('rss')) {
	53	if (Env::getBool('rss')) {
	54	$_SESSION['core_rss_hash'] = rand_url_id(16);
	55	$globals->xdb->execute('UPDATE auth_user_quick
	56	SET core_rss_hash={?} WHERE user_id={?}',
	57	Session::get('core_rss_hash'),
	58	Session::getInt('uid'));
	59	} else {
	60	$globals->xdb->execute('UPDATE auth_user_quick
	61	SET core_rss_hash="" WHERE user_id={?}',
	62	Session::getInt('uid'));
	63	Session::kill('core_rss_hash');
	64	}
	65	redirect('preferences');
	66	}
	67
	68	$page->assign('prefs', $globals->hook->prefs());
a2558f2b	69
a2558f2b	70	return PL_OK;
e59506eb	71	}
9bae6004	72
7c77c3ee	73	function handler_password(&$page)
	74	{
	75	global $globals;
	76
	77	if (Post::has('response2')) {
	78	require_once 'secure_hash.inc.php';
	79
	80	$_SESSION['password'] = $password = Post::get('response2');
	81
	82	$globals->xdb->execute('UPDATE auth_user_md5
	83	SET password={?}
	84	WHERE user_id={?}', $password,
	85	Session::getInt('uid'));
	86
	87	$log =& Session::getMixed('log');
	88	$log->log('passwd', '');
	89
	90	if (Cookie::get('ORGaccess')) {
	91	setcookie('ORGaccess', hash_encrypt($password), (time()+25920000), '/', '' ,0);
	92	}
	93
	94	$page->changeTpl('motdepasse.success.tpl');
	95	$page->run();
	96	}
	97
	98	$page->changeTpl('motdepasse.tpl');
	99	$page->addJsLink('javascript/motdepasse.js');
	100	$page->assign('xorg_title','Polytechnique.org - Mon mot de passe');
	101
	102	return PL_OK;
	103	}
	104
6c49d0af	105	function handler_tmpPWD(&$page, $certif = null)
	106	{
	107	global $globals;
	108
	109	$globals->xdb->execute('DELETE FROM perte_pass
	110	WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created');
	111
	112	$res = $globals->xdb->query('SELECT uid FROM perte_pass WHERE certificat={?}', $certif);
	113	$ligne = $res->fetchOneAssoc();
	114	if (!$ligne) {
	115	$page->changeTpl('index.tpl');
	116	$page->kill("Cette adresse n'existe pas ou n'existe plus sur le serveur.");
	117	}
	118
	119	$uid = $ligne["uid"];
	120	if (Post::has('response2')) {
	121	$password = Post::get('response2');
	122	$logger = new DiogenesCoreLogger($uid);
	123	$globals->xdb->query('UPDATE auth_user_md5 SET password={?}
	124	WHERE user_id={?} AND perms IN("admin","user")',
	125	$password, $uid);
	126	$globals->xdb->query('DELETE FROM perte_pass WHERE certificat={?}', $certif);
	127	$logger->log("passwd","");
	128	$page->changeTpl('tmpPWD.success.tpl');
	129	} else {
	130	$page->changeTpl('motdepasse.tpl');
	131	$page->addJsLink('javascript/motdepasse.js');
	132	}
	133
	134	return PL_OK;
	135	}
	136
9bae6004	137	function handler_skin(&$page)
	138	{
	139	global $globals;
	140
	141	if (!$globals->skin->enable) {
f09cee18	142	redirect('./');
9bae6004	143	}
f09cee18	144
f09cee18	145	$page->changeTpl('skins.tpl');
9bae6004	146	$page->assign('xorg_title','Polytechnique.org - Skins');
	147
	148	if (Env::has('newskin')) { // formulaire soumis, traitons les donn�es envoy�es
	149	$globals->xdb->execute('UPDATE auth_user_quick
	150	SET skin={?} WHERE user_id={?}',
	151	Env::getInt('newskin'),
	152	Session::getInt('uid'));
	153	set_skin();
	154	}
	155
	156	$sql = "SELECT s.,auteur,count() AS nb
	157	FROM skins AS s
	158	LEFT JOIN auth_user_quick AS a ON s.id=a.skin
	159	WHERE skin_tpl != '' AND ext != ''
	160	GROUP BY id ORDER BY s.date DESC";
	161	$page->assign_by_ref('skins', $globals->xdb->iterator($sql));
	162	return PL_OK;
	163	}
e59506eb	164	}
	165
	166	?>