projects / platal.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Better checks on image type for photos:
[platal.git] / modules / profile.php
CommitLineData
7d8b17cb 1<?php
2/***************************************************************************
5ddeb07c 3 * Copyright (C) 2003-2007 Polytechnique.org *
7d8b17cb 4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22class ProfileModule extends PLModule
23{
24 function handlers()
25 {
26 return array(
28e16d4d 27 'photo' => $this->make_hook('photo', AUTH_PUBLIC),
28 'photo/change' => $this->make_hook('photo_change', AUTH_MDP),
e49018a7 29
e8599c21 30 'fiche.php' => $this->make_hook('fiche', AUTH_PUBLIC),
31 'profile' => $this->make_hook('profile', AUTH_PUBLIC),
9643d877 32 'profile/private' => $this->make_hook('profile', AUTH_COOKIE),
2f678da1 33 'profile/edit' => $this->make_hook('p_edit', AUTH_MDP),
28e16d4d 34 'profile/orange' => $this->make_hook('p_orange', AUTH_MDP),
28e16d4d 35 'profile/usage' => $this->make_hook('p_usage', AUTH_MDP),
e49018a7 36
2f678da1 37 'referent' => $this->make_hook('referent', AUTH_COOKIE),
38 'referent/search' => $this->make_hook('ref_search', AUTH_COOKIE),
39
28e16d4d 40 'trombi' => $this->make_hook('trombi', AUTH_COOKIE),
a1d79217 41 'groupes-x' => $this->make_hook('xnet', AUTH_COOKIE),
926f16d7 42
28e16d4d 43 'vcard' => $this->make_hook('vcard', AUTH_COOKIE),
92423144 44 'admin/binets' => $this->make_hook('admin_binets', AUTH_MDP, 'admin'),
45 'admin/medals' => $this->make_hook('admin_medals', AUTH_MDP, 'admin'),
46 'admin/formations' => $this->make_hook('admin_formations', AUTH_MDP, 'admin'),
47 'admin/groupes-x' => $this->make_hook('admin_groupesx', AUTH_MDP, 'admin'),
48 'admin/trombino' => $this->make_hook('admin_trombino', AUTH_MDP, 'admin'),
49
7d8b17cb 50 );
51 }
52
e8599c21 53 /* XXX COMPAT */
54 function handler_fiche(&$page)
55 {
5e2307dc 56 return $this->handler_profile($page, Env::v('user'));
e8599c21 57 }
58
59
7d8b17cb 60 function _trombi_getlist($offset, $limit)
61 {
7d8b17cb 62 $where = ( $this->promo > 0 ? "WHERE promo='{$this->promo}'" : "" );
63
08cce2ff 64 $res = XDB::query(
7d8b17cb 65 "SELECT COUNT(*)
66 FROM auth_user_md5 AS u
67 RIGHT JOIN photo AS p ON u.user_id=p.uid
68 $where");
69 $pnb = $res->fetchOneCell();
70
08cce2ff 71 $res = XDB::query(
2f678da1 72 "SELECT promo, user_id, a.alias AS forlife,
73 IF (nom_usage='', nom, nom_usage) AS nom, prenom
7d8b17cb 74 FROM photo AS p
75 INNER JOIN auth_user_md5 AS u ON u.user_id=p.uid
76 INNER JOIN aliases AS a ON ( u.user_id=a.id AND a.type='a_vie' )
77 $where
2f678da1 78 ORDER BY promo, nom, prenom LIMIT {?}, {?}", $offset*$limit, $limit);
7d8b17cb 79
80 return array($pnb, $res->fetchAllAssoc());
81 }
82
adbdf493 83 function handler_photo(&$page, $x = null, $req = null)
84 {
85 if (is_null($x)) {
86 return PL_NOT_FOUND;
87 }
88
08cce2ff 89 $res = XDB::query("SELECT id, pub FROM aliases
adbdf493 90 LEFT JOIN photo ON(id = uid)
91 WHERE alias = {?}", $x);
92 list($uid, $photo_pub) = $res->fetchOneRow();
93
cab08090 94 if ($req && S::logged()) {
adbdf493 95 include 'validations.inc.php';
96 $myphoto = PhotoReq::get_request($uid);
97 Header('Content-type: image/'.$myphoto->mimetype);
98 echo $myphoto->data;
99 } else {
08cce2ff 100 $res = XDB::query(
adbdf493 101 "SELECT attachmime, attach
102 FROM photo
103 WHERE uid={?}", $uid);
104
2f678da1 105 if ((list($type, $data) = $res->fetchOneRow())
cab08090 106 && ($photo_pub == 'public' || S::logged())) {
adbdf493 107 Header("Content-type: image/$type");
108 echo $data;
109 } else {
110 Header('Content-type: image/png');
fb9a56cb 111 echo file_get_contents(dirname(__FILE__).'/../htdocs/images/none.png');
adbdf493 112 }
113 }
114 exit;
115 }
116
fb9a56cb 117 function handler_photo_change(&$page)
118 {
8b1f8e12 119 $page->changeTpl('profile/trombino.tpl');
fb9a56cb 120
121 require_once('validations.inc.php');
122
cab08090 123 $trombi_x = '/home/web/trombino/photos'.S::v('promo')
124 .'/'.S::v('forlife').'.jpg';
fb9a56cb 125
126 if (Env::has('upload')) {
eef2d586 127 if (isset($_FILES['userfile']['tmp_name']) && !is_uploaded_file($_FILES['userfile']['tmp_name'])) {
5fe7ec44 128 $page->trig('Une erreur s\'est produite lors du transfert du fichier');
eef2d586 129 } elseif (strpos(trim(mime_content_type($_FILES['userfile']['tmp_name'])), 'image/') !== 0) {
130 $page->trig('Le fichier que tu as transmis n\'est pas une image.');
131 } else {
5fe7ec44 132 $file = is_uploaded_file($_FILES['userfile']['tmp_name'])
133 ? $_FILES['userfile']['tmp_name']
134 : Env::v('photo');
135 if ($data = file_get_contents($file)) {
136 $myphoto = new PhotoReq(S::v('uid'), $data);
eef2d586 137 if ($myphoto->isValid()) {
138 $myphoto->submit();
139 }
5fe7ec44 140 } else {
141 $page->trig('Fichier inexistant ou vide');
fb9a56cb 142 }
fb9a56cb 143 }
144 } elseif (Env::has('trombi')) {
cab08090 145 $myphoto = new PhotoReq(S::v('uid'),
fb9a56cb 146 file_get_contents($trombi_x));
eef2d586 147 if ($myphoto->isValid()) {
fb9a56cb 148 $myphoto->commit();
149 $myphoto->clean();
150 }
5e2307dc 151 } elseif (Env::v('suppr')) {
08cce2ff 152 XDB::execute('DELETE FROM photo WHERE uid = {?}',
cab08090 153 S::v('uid'));
08cce2ff 154 XDB::execute('DELETE FROM requests
fb9a56cb 155 WHERE user_id = {?} AND type="photo"',
cab08090 156 S::v('uid'));
5e2307dc 157 } elseif (Env::v('cancel')) {
08cce2ff 158 $sql = XDB::query('DELETE FROM requests
fb9a56cb 159 WHERE user_id={?} AND type="photo"',
cab08090 160 S::v('uid'));
fb9a56cb 161 }
162
08cce2ff 163 $sql = XDB::query('SELECT COUNT(*) FROM requests
fb9a56cb 164 WHERE user_id={?} AND type="photo"',
cab08090 165 S::v('uid'));
fb9a56cb 166 $page->assign('submited', $sql->fetchOneCell());
167 $page->assign('has_trombi_x', file_exists($trombi_x));
fb9a56cb 168 }
169
e8599c21 170 function handler_profile(&$page, $x = null)
171 {
172 if (is_null($x)) {
173 return PL_NOT_FOUND;
174 }
175
176 global $globals;
177 require_once 'user.func.inc.php';
178
b13048df 179 $page->changeTpl('profile/profile.tpl', SIMPLE);
e8599c21 180
181 $view = 'private';
5e2307dc 182 if (!S::logged() || Env::v('view') == 'public') $view = 'public';
183 if (S::logged() && Env::v('view') == 'ax') $view = 'ax';
e8599c21 184
185 if (is_numeric($x)) {
08cce2ff 186 $res = XDB::query(
e8599c21 187 "SELECT alias
188 FROM aliases AS a
189 INNER JOIN auth_user_md5 AS u ON (a.id=u.user_id AND a.type='a_vie')
190 WHERE matricule={?}", $x);
191 $login = $res->fetchOneCell();
192 } else {
193 $login = get_user_forlife($x);
194 }
195
196 if (empty($login)) {
924b4ba7 197 if (preg_match('/([-a-z]+)\.([-a-z]+)\.([0-9]{4})/i', $x, $matches)) {
198 $matches = str_replace('-', '_', $matches);
199 $res = XDB::query("SELECT user_id
200 FROM auth_user_md5
201 WHERE prenom LIKE {?} AND nom LIKE {?} AND promo = {?}
202 AND perms = 'pending'",
203 $matches[1], $matches[2], $matches[3]);
204 if ($res->numRows() == 1) {
205 $uid = $res->fetchOneCell();
206 pl_redirect('marketing/public/' . $uid);
207 }
208 }
e8599c21 209 return PL_NOT_FOUND;
210 }
211
5e2307dc 212 $new = Env::v('modif') == 'new';
cab08090 213 $user = get_user_details($login, S::v('uid'), $view);
25412aa4 214 require_once('url_catcher.inc.php');
215 $user['freetext'] = url_catcher($user['freetext'], false);
e8599c21 216 $title = $user['prenom'] . ' ' . empty($user['nom_usage']) ? $user['nom'] : $user['nom_usage'];
217 $page->assign('xorg_title', $title);
218
219 // photo
220
7da8ef90 221 $photo = 'photo/'.$user['forlife'].($new ? '/req' : '');
e8599c21 222
2f678da1 223 if (!isset($user['y']) and !isset($user['x'])) {
e8599c21 224 list($user['x'], $user['y']) = getimagesize("images/none.png");
225 }
2f678da1 226 if (!isset($user['y']) or $user['y'] < 1) $user['y']=1;
227 if (!isset($user['x']) or $user['x'] < 1) $user['x']=1;
228 if ($user['x'] > 240) {
e8599c21 229 $user['y'] = (integer)($user['y']*240/$user['x']);
230 $user['x'] = 240;
231 }
2f678da1 232 if ($user['y'] > 300) {
e8599c21 233 $user['x'] = (integer)($user['x']*300/$user['y']);
234 $user['y'] = 300;
235 }
2f678da1 236 if ($user['x'] < 160) {
e8599c21 237 $user['y'] = (integer)($user['y']*160/$user['x']);
238 $user['x'] = 160;
239 }
240
241 $page->assign('logged', has_user_right('private', $view));
242 if (!has_user_right($user['photo_pub'], $view)) {
243 $photo = "";
244 }
245
246 $page->assign_by_ref('x', $user);
247 $page->assign('photo_url', $photo);
248 // alias virtual
08cce2ff 249 $res = XDB::query(
e8599c21 250 "SELECT alias
251 FROM virtual
252 INNER JOIN virtual_redirect USING(vid)
253 INNER JOIN auth_user_quick ON ( user_id = {?} AND emails_alias_pub = 'public' )
254 WHERE ( redirect={?} OR redirect={?} )
255 AND alias LIKE '%@{$globals->mail->alias_dom}'",
cab08090 256 S::v('uid'),
e8599c21 257 $user['forlife'].'@'.$globals->mail->domain,
258 $user['forlife'].'@'.$globals->mail->domain2);
259 $page->assign('virtualalias', $res->fetchOneCell());
260
c99ef281 261 $page->addJsLink('close_on_esc.js');
e8599c21 262 }
263
2f678da1 264 function handler_p_edit(&$page, $opened_tab = 'general')
265 {
266 global $globals;
267
8b1f8e12 268 $page->changeTpl('profile/edit.tpl');
2f678da1 269
c99ef281 270 $page->addCssLink('profil.css');
2f678da1 271 $page->assign('xorg_title', 'Polytechnique.org - Mon Profil');
272
273 require_once 'tabs.inc.php';
274 require_once 'profil.func.inc.php';
275 require_once 'synchro_ax.inc.php';
276
3845b131 277 if (Post::v('register_from_ax_question')) {
278 XDB::execute('UPDATE auth_user_quick
2f678da1 279 SET profile_from_ax = 1
280 WHERE user_id = {?}',
cab08090 281 S::v('uid'));
2f678da1 282 }
3845b131 283 if (Post::v('add_to_nl')) {
284 require_once 'newsletter.inc.php';
285 subscribe_nl();
286 }
287 if (Post::v('add_to_promo')) {
288 $r = XDB::query('SELECT id FROM groupex.asso WHERE diminutif = {?}',
289 S::v('promo'));
290 $asso_id = $r->fetchOneCell();
291 XDB::execute('REPLACE INTO groupex.membres (uid,asso_id)
292 VALUES ({?}, {?})',
293 S::v('uid'), $asso_id);
9bb8bf21 294 $mmlist = new MMList(S::v('uid'), S::v('password'));
295 $mmlist->subscribe("promo".S::v('promo'));
3845b131 296 }
2f678da1 297
298 if (is_ax_key_missing()) {
299 $page->assign('no_private_key', true);
300 }
301
5e2307dc 302 if (Env::v('synchro_ax') == 'confirm' && !is_ax_key_missing()) {
cab08090 303 ax_synchronize(S::v('bestalias'), S::v('uid'));
a7de4ef7 304 $page->trig('Ton profil a été synchronisé avec celui du site polytechniciens.com');
2f678da1 305 }
306
307 // pour tous les tabs, la date de naissance pour verifier
308 // quelle est bien rentree et la date.
08cce2ff 309 $res = XDB::query(
2f678da1 310 "SELECT naissance, DATE_FORMAT(date, '%d.%m.%Y')
311 FROM auth_user_md5
cab08090 312 WHERE user_id={?}", S::v('uid'));
2f678da1 313 list($naissance, $date_modif_profil) = $res->fetchOneRow();
314
a7de4ef7 315 // lorsqu'on n'a pas la date de naissance en base de données
2f678da1 316 if (!$naissance) {
a7de4ef7 317 // la date de naissance n'existait pas et vient d'être soumise dans la variable
2f678da1 318 if (Env::has('birth')) {
319 //en cas d'erreur :
5e2307dc 320 if (!ereg('[0-3][0-9][0-1][0-9][1][9]([0-9]{2})', Env::v('birth'))) {
2f678da1 321 $page->assign('etat_naissance', 'query');
a7de4ef7 322 $page->trig('Date de naissance incorrecte ou incohérente.');
fd8f77de 323 return;
2f678da1 324 }
325
326 //sinon
5e2307dc 327 $birth = sprintf("%s-%s-%s", substr(Env::v('birth'), 4, 4),
328 substr(Env::v('birth'), 2, 2),
329 substr(Env::v('birth'), 0, 2));
08cce2ff 330 XDB::execute("UPDATE auth_user_md5
2f678da1 331 SET naissance={?}
332 WHERE user_id={?}", $birth,
cab08090 333 S::v('uid'));
2f678da1 334 $page->assign('etat_naissance', 'ok');
fd8f77de 335 return;
2f678da1 336 }
337
338 $page->assign('etat_naissance', 'query');
fd8f77de 339 return; // on affiche le formulaire pour naissance
2f678da1 340 }
341
342 //doit-on faire un update ?
343 if (Env::has('modifier') || Env::has('suivant')) {
344 require_once "profil/get_{$opened_tab}.inc.php";
345 require_once "profil/verif_{$opened_tab}.inc.php";
346
347 if($page->nb_errs()) {
348 require_once "profil/assign_{$opened_tab}.inc.php";
349 $page->assign('onglet', $opened_tab);
8b1f8e12 350 $page->assign('onglet_tpl', "profile/$opened_tab.tpl");
fd8f77de 351 return;
2f678da1 352 }
353
354 $date=date("Y-m-j");//nouvelle date de mise a jour
355
356 //On sauvegarde l'uid pour l'AX
357 /* on sauvegarde les changements dans user_changes :
a7de4ef7 358 * on a juste besoin d'insérer le user_id de la personne dans la table
2f678da1 359 */
08cce2ff 360 XDB::execute('REPLACE INTO user_changes SET user_id={?}',
cab08090 361 S::v('uid'));
2f678da1 362
cab08090 363 if (!S::has('suid')) {
2f678da1 364 require_once 'notifs.inc.php';
cab08090 365 register_watch_op(S::v('uid'), WATCH_FICHE);
2f678da1 366 }
367
368 // mise a jour des champs relatifs au tab ouvert
369 require_once "profil/update_{$opened_tab}.inc.php";
370
5ee95138 371 $log =& $_SESSION['log'];
2f678da1 372 $log->log('profil', $opened_tab);
373 $page->assign('etat_update', 'ok');
374 }
375
376 if (Env::has('suivant')) {
8b00e0e0 377 pl_redirect('profile/edit/' . get_next_tab($opened_tab));
2f678da1 378 }
379
380 require_once "profil/get_{$opened_tab}.inc.php";
381 require_once "profil/verif_{$opened_tab}.inc.php";
382 require_once "profil/assign_{$opened_tab}.inc.php";
383
384 $page->assign('onglet', $opened_tab);
8b1f8e12 385 $page->assign('onglet_tpl', "profile/$opened_tab.tpl");
2f678da1 386
fd8f77de 387 return;
2f678da1 388 }
389
9b0fa329 390 function handler_p_orange(&$page)
391 {
8b1f8e12 392 $page->changeTpl('profile/orange.tpl');
9b0fa329 393
394 require_once 'validations.inc.php';
395 require_once 'xorg.misc.inc.php';
396
08cce2ff 397 $res = XDB::query(
2f678da1 398 "SELECT u.promo, u.promo_sortie
9b0fa329 399 FROM auth_user_md5 AS u
cab08090 400 WHERE user_id={?}", S::v('uid'));
9b0fa329 401
2f678da1 402 list($promo, $promo_sortie_old) = $res->fetchOneRow();
9b0fa329 403 $page->assign('promo_sortie_old', $promo_sortie_old);
404 $page->assign('promo', $promo);
405
406 if (!Env::has('promo_sortie')) {
fd8f77de 407 return;
9b0fa329 408 }
409
5e2307dc 410 $promo_sortie = Env::i('promo_sortie');
9b0fa329 411
412 if ($promo_sortie < 1000 || $promo_sortie > 9999) {
a7de4ef7 413 $page->trig('L\'année de sortie doit être un nombre de quatre chiffres');
9b0fa329 414 }
415 elseif ($promo_sortie < $promo + 3) {
a7de4ef7 416 $page->trig('Trop tôt');
9b0fa329 417 }
418 elseif ($promo_sortie == $promo_sortie_old) {
a7de4ef7 419 $page->trig('Tu appartiens déjà à la promotion correspondante à cette année de sortie.');
9b0fa329 420 }
421 elseif ($promo_sortie == $promo + 3) {
08cce2ff 422 XDB::execute(
9b0fa329 423 "UPDATE auth_user_md5 set promo_sortie={?}
cab08090 424 WHERE user_id={?}", $promo_sortie, S::v('uid'));
a7de4ef7 425 $page->trig('Ton statut "orange" a été supprimé.');
9b0fa329 426 $page->assign('promo_sortie_old', $promo_sortie);
427 }
428 else {
429 $page->assign('promo_sortie', $promo_sortie);
430
431 if (Env::has('submit')) {
cab08090 432 $myorange = new OrangeReq(S::v('uid'),
9b0fa329 433 $promo_sortie);
434 $myorange->submit();
435 $page->assign('myorange', $myorange);
436 }
437 }
9b0fa329 438 }
439
2f678da1 440 function handler_referent(&$page, $x = null)
28e16d4d 441 {
28e16d4d 442 require_once 'user.func.inc.php';
443
444 if (is_null($x)) {
445 return PL_NOT_FOUND;
446 }
447
8b1f8e12 448 $page->changeTpl('profile/fiche_referent.tpl', SIMPLE);
28e16d4d 449
08cce2ff 450 $res = XDB::query(
28e16d4d 451 "SELECT prenom, nom, user_id, promo, cv, a.alias AS bestalias
452 FROM auth_user_md5 AS u
2f678da1 453 INNER JOIN aliases AS a ON (u.user_id=a.id
454 AND FIND_IN_SET('bestalias', a.flags))
28e16d4d 455 INNER JOIN aliases AS a1 ON (u.user_id=a1.id
456 AND a1.alias = {?}
457 AND a1.type!='homonyme')", $x);
458
459 if ($res->numRows() != 1) {
460 return PL_NOT_FOUND;
461 }
462
463 list($prenom, $nom, $user_id, $promo, $cv, $bestalias) = $res->fetchOneRow();
464
465 $page->assign('prenom', $prenom);
466 $page->assign('nom', $nom);
467 $page->assign('promo', $promo);
468 $page->assign('cv', $cv);
469 $page->assign('bestalias', $bestalias);
470 $page->assign('adr_pro', get_user_details_pro($user_id));
471
472 ///// recuperations infos referent
473
474 //expertise
08cce2ff 475 $res = XDB::query("SELECT expertise FROM mentor WHERE uid = {?}", $user_id);
28e16d4d 476 $page->assign('expertise', $res->fetchOneCell());
477
478 //secteurs
479 $secteurs = $ss_secteurs = Array();
08cce2ff 480 $res = XDB::iterRow(
28e16d4d 481 "SELECT s.label, ss.label
482 FROM mentor_secteurs AS m
483 LEFT JOIN emploi_secteur AS s ON(m.secteur = s.id)
484 LEFT JOIN emploi_ss_secteur AS ss ON(m.secteur = ss.secteur AND m.ss_secteur = ss.id)
485 WHERE uid = {?}", $user_id);
486 while (list($sec, $ssec) = $res->next()) {
487 $secteurs[] = $sec;
488 $ss_secteurs[] = $ssec;
489 }
490 $page->assign_by_ref('secteurs', $secteurs);
491 $page->assign_by_ref('ss_secteurs', $ss_secteurs);
492
493 //pays
08cce2ff 494 $res = XDB::query(
28e16d4d 495 "SELECT gp.pays
496 FROM mentor_pays AS m
497 LEFT JOIN geoloc_pays AS gp ON(m.pid = gp.a2)
498 WHERE uid = {?}", $user_id);
499 $page->assign('pays', $res->fetchColumn());
500
c99ef281 501 $page->addJsLink('close_on_esc.js');
28e16d4d 502 }
503
2f678da1 504 function handler_ref_search(&$page)
505 {
8b1f8e12 506 $page->changeTpl('profile/referent.tpl');
2f678da1 507
508 $page->assign('xorg_title', 'Polytechnique.org - Conseil Pro');
509
5e2307dc 510 $secteur_sel = Post::v('secteur');
511 $ss_secteur_sel = Post::v('ss_secteur');
512 $pays_sel = Post::v('pays', '00');
513 $expertise_champ = Post::v('expertise');
2f678da1 514
515 $page->assign('pays_sel', $pays_sel);
516 $page->assign('expertise_champ', $expertise_champ);
517 $page->assign('secteur_sel', $secteur_sel);
518 $page->assign('ss_secteur_sel', $ss_secteur_sel);
519
520 //recuperation des noms de secteurs
08cce2ff 521 $res = XDB::iterRow("SELECT id, label FROM emploi_secteur");
2f678da1 522 $secteurs[''] = '';
523 while (list($tmp_id, $tmp_label) = $res->next()) {
524 $secteurs[$tmp_id] = $tmp_label;
525 }
526 $page->assign_by_ref('secteurs', $secteurs);
527
528 //on recupere les sous-secteurs si necessaire
529 $ss_secteurs[''] = '';
530 if (!empty($secteur_sel)) {
08cce2ff 531 $res = XDB::iterRow("SELECT id, label FROM emploi_ss_secteur
2f678da1 532 WHERE secteur = {?}", $secteur_sel);
533 while (list($tmp_id, $tmp_label) = $res->next()) {
534 $ss_secteurs[$tmp_id] = $tmp_label;
535 }
536 }
537 $page->assign_by_ref('ss_secteurs', $ss_secteurs);
538
539 //recuperation des noms de pays
08cce2ff 540 $res = XDB::iterRow("SELECT a2, pays FROM geoloc_pays
2f678da1 541 WHERE pays <> '' ORDER BY pays");
542 $pays['00'] = '';
543 while (list($tmp_id, $tmp_label) = $res->next()) {
544 $pays[$tmp_id] = $tmp_label;
545 }
546 $page->assign_by_ref('pays', $pays);
547
548 // nb de mentors
08cce2ff 549 $res = XDB::query("SELECT count(*) FROM mentor");
2f678da1 550 $page->assign('mentors_number', $res->fetchOneCell());
551
552 if (!Env::has('Chercher')) {
fd8f77de 553 return;
2f678da1 554 }
555
556 // On vient d'un formulaire
557 $where = array();
558
559 if ($pays_sel != '00') {
560 $where[] = "mp.pid = '".addslashes($pays_sel)."'";
561 }
562 if ($secteur_sel) {
563 $where[] = "ms.secteur = '".addslashes($secteur_sel)."'";
564 if ($ss_secteur_sel) {
565 $where[] = "ms.ss_secteur = '".addslashes($ss_secteur_sel)."'";
566 }
567 }
568 if ($expertise_champ) {
569 $where[] = "MATCH(m.expertise) AGAINST('".addslashes($expertise_champ)."')";
570 }
571
572 if ($where) {
573 $where = join(' AND ', $where);
574
575 $sql = "SELECT m.uid, a.prenom, a.nom, a.promo,
576 l.alias AS bestalias, m.expertise, mp.pid,
577 ms.secteur, ms.ss_secteur
578 FROM mentor AS m
579 LEFT JOIN auth_user_md5 AS a ON(m.uid = a.user_id)
580 INNER JOIN aliases AS l ON (a.user_id=l.id AND
581 FIND_IN_SET('bestalias', l.flags))
582 LEFT JOIN mentor_pays AS mp ON(m.uid = mp.uid)
583 LEFT JOIN mentor_secteurs AS ms ON(m.uid = ms.uid)
584 WHERE $where
585 GROUP BY uid
586 ORDER BY RAND({?})";
cab08090 587 $res = XDB::iterator($sql, S::v('uid'));
2f678da1 588
589 if ($res->total() == 0) {
590 $page->assign('recherche_trop_large', true);
fd8f77de 591 return;
2f678da1 592 }
593
594 $nb_max_res_total = 100;
595 $nb_max_res_ppage = 10;
596
5e2307dc 597 $curpage = Env::i('curpage', 1);
2f678da1 598 $personnes = array();
599 $i = 0;
600
601 while (($pers = $res->next()) && count($personnes) < $nb_max_res_total) {
602 $the_page = intval($i / $nb_max_res_ppage) + 1;
603 if ($the_page == $curpage) {
604 $personnes[] = $pers;
605 }
606 $i ++;
607 }
608
609 $page->assign('personnes', $personnes);
610 $page->assign('curpage', $curpage);
611 $page->assign('nb_pages_total',
612 intval($res->total() / $nb_max_res_ppage) + 1);
613 }
2f678da1 614 }
615
926f16d7 616 function handler_p_usage(&$page)
617 {
8b1f8e12 618 $page->changeTpl('profile/nomusage.tpl');
926f16d7 619
620 require_once 'validations.inc.php';
621 require_once 'xorg.misc.inc.php';
622
08cce2ff 623 $res = XDB::query(
2f678da1 624 "SELECT u.nom, u.nom_usage, u.flags, e.alias
926f16d7 625 FROM auth_user_md5 AS u
2f678da1 626 LEFT JOIN aliases AS e ON(u.user_id = e.id
627 AND FIND_IN_SET('usage', e.flags))
cab08090 628 WHERE user_id={?}", S::v('uid'));
926f16d7 629
2f678da1 630 list($nom, $usage_old, $flags, $alias_old) = $res->fetchOneRow();
926f16d7 631 $flags = new flagset($flags);
632 $page->assign('usage_old', $usage_old);
633 $page->assign('alias_old', $alias_old);
634
5e2307dc 635 $nom_usage = replace_accent(trim(Env::v('nom_usage')));
926f16d7 636 $nom_usage = strtoupper($nom_usage);
637 $page->assign('usage_req', $nom_usage);
638
639 if (Env::has('submit') && ($nom_usage != $usage_old)) {
640 // on vient de recevoir une requete, differente de l'ancien nom d'usage
641 if ($nom_usage == $nom) {
642 $page->assign('same', true);
a7de4ef7 643 } else { // le nom de mariage est distinct du nom à l'X
926f16d7 644 // on calcule l'alias pour l'afficher
5e2307dc 645 $reason = Env::v('reason');
926f16d7 646 if ($reason == 'other') {
5e2307dc 647 $reason = Env::v('other_reason');
926f16d7 648 }
cab08090 649 $myusage = new UsageReq(S::v('uid'), $nom_usage, $reason);
926f16d7 650 $myusage->submit();
651 $page->assign('myusage', $myusage);
652 }
653 }
926f16d7 654 }
655
7d8b17cb 656 function handler_trombi(&$page, $promo = null)
657 {
8b1f8e12 658 $page->changeTpl('profile/trombipromo.tpl');
2f678da1 659 $page->assign('xorg_title', 'Polytechnique.org - Trombi Promo');
7d8b17cb 660
661 if (is_null($promo)) {
fd8f77de 662 return;
7d8b17cb 663 }
664
665 $this->promo = $promo = intval($promo);
666
9fe6c39d 667 if ($promo >= 1900 && ($promo < intval(date('Y')) || ($promo == intval(date('Y')) && intval(date('m')) >= 9))
cab08090 668 || ($promo == -1 && S::has_perms()))
7d8b17cb 669 {
670 $trombi = new Trombi(array($this, '_trombi_getlist'));
671 $trombi->hidePromo();
672 $trombi->setAdmin();
673 $page->assign_by_ref('trombi', $trombi);
674 } else {
675 $page->trig('Promotion incorrecte (saisir au format YYYY). Recommence.');
676 }
7d8b17cb 677 }
e49018a7 678
a1d79217 679 function handler_xnet(&$page)
680 {
8b1f8e12 681 $page->changeTpl('profile/groupesx.tpl');
a1d79217 682 $page->assign('xorg_title', 'Polytechnique.org - Promo, Groupes X, Binets');
683
684 $req = XDB::query('
46e1d3ba 685 SELECT m.asso_id, a.nom, diminutif, a.logo IS NOT NULL AS has_logo,
686 COUNT(e.eid) AS events, mail_domain AS lists
687 FROM groupex.membres AS m
688 INNER JOIN groupex.asso AS a ON(m.asso_id = a.id)
689 LEFT JOIN groupex.evenements AS e ON(e.asso_id = m.asso_id AND e.archive = 0)
690 WHERE uid = {?} GROUP BY m.asso_id ORDER BY a.nom', S::i('uid'));
a1d79217 691 $page->assign('assos', $req->fetchAllAssoc());
692 }
693
e49018a7 694 function handler_vcard(&$page, $x = null)
695 {
696 if (is_null($x)) {
697 return PL_NOT_FOUND;
698 }
699
700 global $globals;
701
702 if (substr($x, -4) == '.vcf') {
703 $x = substr($x, 0, strlen($x) - 4);
704 }
705
5e193297 706 require_once('vcard.inc.php');
707 $vcard = new VCard($x);
708 $vcard->do_page($page);
e49018a7 709 }
92423144 710
711 function handler_admin_trombino(&$page, $uid = null, $action = null) {
8b1f8e12 712 $page->changeTpl('profile/admin_trombino.tpl');
92423144 713 $page->assign('xorg_title','Polytechnique.org - Administration - Trombino');
714 $page->assign('uid', $uid);
715
716 $q = XDB::query(
717 "SELECT a.alias,promo
718 FROM auth_user_md5 AS u
719 INNER JOIN aliases AS a ON ( u.user_id = a.id AND type='a_vie' )
720 WHERE user_id = {?}", $uid);
721 list($forlife, $promo) = $q->fetchOneRow();
722
723 switch ($action) {
724
725 case "original":
726 header("Content-type: image/jpeg");
727 readfile("/home/web/trombino/photos".$promo."/".$forlife.".jpg");
728 exit;
729 break;
730
731 case "new":
732 $data = file_get_contents($_FILES['userfile']['tmp_name']);
733 list($x, $y) = getimagesize($_FILES['userfile']['tmp_name']);
734 $mimetype = substr($_FILES['userfile']['type'], 6);
735 unlink($_FILES['userfile']['tmp_name']);
736 XDB::execute(
737 "REPLACE INTO photo SET uid={?}, attachmime = {?}, attach={?}, x={?}, y={?}",
738 $uid, $mimetype, $data, $x, $y);
739 break;
740
741 case "delete":
742 XDB::execute('DELETE FROM photo WHERE uid = {?}', $uid);
743 break;
744 }
745
746 $page->assign('forlife', $forlife);
747 }
748 function handler_admin_binets(&$page, $action = 'list', $id = null) {
92423144 749 $page->assign('xorg_title','Polytechnique.org - Administration - Binets');
750 $page->assign('title', 'Gestion des binets');
751 $table_editor = new PLTableEditor('admin/binets', 'binets_def', 'id');
752 $table_editor->add_join_table('binets_ins','binet_id',true);
a7de4ef7 753 $table_editor->describe('text','intitulé',true);
92423144 754 $table_editor->apply($page, $action, $id);
755 }
756 function handler_admin_formations(&$page, $action = 'list', $id = null) {
92423144 757 $page->assign('xorg_title','Polytechnique.org - Administration - Formations');
758 $page->assign('title', 'Gestion des formations');
759 $table_editor = new PLTableEditor('admin/formations','applis_def','id');
760 $table_editor->add_join_table('applis_ins','aid',true);
a7de4ef7 761 $table_editor->describe('text','intitulé',true);
92423144 762 $table_editor->describe('url','site web',false);
763 $table_editor->apply($page, $action, $id);
764 }
765 function handler_admin_groupesx(&$page, $action = 'list', $id = null) {
92423144 766 $page->assign('xorg_title','Polytechnique.org - Administration - Groupes X');
767 $page->assign('title', 'Gestion des Groupes X');
768 $table_editor = new PLTableEditor('admin/groupes-x','groupesx_def','id');
769 $table_editor->add_join_table('groupesx_ins','gid',true);
a7de4ef7 770 $table_editor->describe('text','intitulé',true);
92423144 771 $table_editor->describe('url','site web',false);
772 $table_editor->apply($page, $action, $id);
773 }
774 function handler_admin_medals(&$page, $action = 'list', $id = null) {
92423144 775 $page->assign('xorg_title','Polytechnique.org - Administration - Distinctions');
776 $page->assign('title', 'Gestion des Distinctions');
777 $table_editor = new PLTableEditor('admin/medals','profile_medals','id');
a7de4ef7 778 $table_editor->describe('text', 'intitulé', true);
92423144 779 $table_editor->describe('img', 'nom de l\'image', false);
d02b8359 780 $table_editor->describe('flags', 'valider', true);
92423144 781 $table_editor->apply($page, $action, $id);
782 if ($id && $action == 'edit') {
8b1f8e12 783 $page->changeTpl('profile/admin_decos.tpl');
92423144 784
785 $mid = $id;
786
787 if (Post::v('act') == 'del') {
788 XDB::execute('DELETE FROM profile_medals_grades WHERE mid={?} AND gid={?}', $mid, Post::i('gid'));
789 } elseif (Post::v('act') == 'new') {
790 XDB::execute('INSERT INTO profile_medals_grades (mid,gid) VALUES({?},{?})',
791 $mid, max(array_keys(Post::v('grades', array(0))))+1);
792 } else {
793 foreach (Post::v('grades', array()) as $gid=>$text) {
794 XDB::execute('UPDATE profile_medals_grades SET pos={?}, text={?} WHERE gid={?}', $_POST['pos'][$gid], $text, $gid);
795 }
796 }
797 $res = XDB::iterator('SELECT gid, text, pos FROM profile_medals_grades WHERE mid={?} ORDER BY pos', $mid);
798 $page->assign('grades', $res);
799 }
800 }
7d8b17cb 801}
802
a7de4ef7 803// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
7d8b17cb 804?>
plat/al