f59bc2fb |
1 | <?php |
2 | /*************************************************************************** |
5ddeb07c |
3 | * Copyright (C) 2003-2007 Polytechnique.org * |
f59bc2fb |
4 | * http://opensource.polytechnique.org/ * |
5 | * * |
6 | * This program is free software; you can redistribute it and/or modify * |
7 | * it under the terms of the GNU General Public License as published by * |
8 | * the Free Software Foundation; either version 2 of the License, or * |
9 | * (at your option) any later version. * |
10 | * * |
11 | * This program is distributed in the hope that it will be useful, * |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * |
14 | * GNU General Public License for more details. * |
15 | * * |
16 | * You should have received a copy of the GNU General Public License * |
17 | * along with this program; if not, write to the Free Software * |
18 | * Foundation, Inc., * |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * |
20 | ***************************************************************************/ |
21 | |
22 | class RegisterModule extends PLModule |
23 | { |
24 | function handlers() |
25 | { |
26 | return array( |
20d90835 |
27 | 'register' => $this->make_hook('register', AUTH_PUBLIC), |
28 | 'register/end' => $this->make_hook('end', AUTH_PUBLIC), |
2b6d403c |
29 | 'register/end.php' => $this->make_hook('end_old', AUTH_PUBLIC), |
f59bc2fb |
30 | 'register/success' => $this->make_hook('success', AUTH_MDP), |
31 | ); |
32 | } |
33 | |
20d90835 |
34 | function handler_register(&$page, $hash = null) |
f59bc2fb |
35 | { |
5480a216 |
36 | $alert = null; |
cab08090 |
37 | $sub_state = S::v('sub_state', Array()); |
f59bc2fb |
38 | if (!isset($sub_state['step'])) { |
39 | $sub_state['step'] = 0; |
40 | } |
2efe5355 |
41 | if (!isset($sub_state['backs'])) { |
42 | $sub_state['backs'] = array(); |
43 | } |
5e2307dc |
44 | if (Get::has('back') && Get::i('back') < $sub_state['step']) { |
45 | $sub_state['step'] = max(0,Get::i('back')); |
2efe5355 |
46 | $state = $sub_state; |
47 | unset($state['backs']); |
48 | $sub_state['backs'][] = $state; |
49 | if (count($sub_state['backs']) == 3) { |
50 | $alert .= "Tentative d'inscription tres hesitante - "; |
51 | } |
f59bc2fb |
52 | } |
53 | |
2b6d403c |
54 | // Compatibility with old sources, keep it atm |
55 | if (!$hash && Env::has('hash')) { |
5e2307dc |
56 | $hash = Env::v('hash'); |
2b6d403c |
57 | } |
58 | |
20d90835 |
59 | if ($hash) { |
08cce2ff |
60 | $res = XDB::query( |
ecc734a5 |
61 | "SELECT m.uid, u.promo, u.nom, u.prenom, u.matricule, u.naissance_ini, FIND_IN_SET('watch', u.flags) |
f59bc2fb |
62 | FROM register_marketing AS m |
63 | INNER JOIN auth_user_md5 AS u ON u.user_id = m.uid |
20d90835 |
64 | WHERE m.hash={?}", $hash); |
ecc734a5 |
65 | if (list($uid, $promo, $nom, $prenom, $ourmat, $naiss, $watch) = $res->fetchOneRow()) { |
f59bc2fb |
66 | $sub_state['uid'] = $uid; |
20d90835 |
67 | $sub_state['hash'] = $hash; |
f59bc2fb |
68 | $sub_state['promo'] = $promo; |
69 | $sub_state['nom'] = $nom; |
70 | $sub_state['prenom'] = $prenom; |
71 | $sub_state['ourmat'] = $ourmat; |
ecc734a5 |
72 | $sub_state['watch'] = $watch; |
73 | $sub_state['naissance_ini'] = $naiss; |
f59bc2fb |
74 | |
08cce2ff |
75 | XDB::execute( |
f59bc2fb |
76 | "REPLACE INTO register_mstats (uid,sender,success) |
77 | SELECT m.uid, m.sender, 0 |
78 | FROM register_marketing AS m |
79 | WHERE m.hash", $sub_state['hash']); |
80 | } |
81 | } |
82 | |
83 | switch ($sub_state['step']) { |
84 | case 0: |
ab694f12 |
85 | require_once('wiki.inc.php'); |
af3f07c5 |
86 | wiki_require_page('Reference.Charte'); |
f59bc2fb |
87 | if (Post::has('step1')) { |
88 | $sub_state['step'] = 1; |
89 | if (isset($sub_state['hash'])) { |
90 | $sub_state['step'] = 3; |
433336f3 |
91 | require_once(dirname(__FILE__) . '/register/register.inc.php'); |
f59bc2fb |
92 | create_aliases($sub_state); |
93 | } |
94 | } |
95 | break; |
96 | |
97 | case 1: |
98 | if (Post::has('promo')) { |
5e2307dc |
99 | $promo = Post::i('promo'); |
a41bf2f8 |
100 | $res = XDB::query("SELECT COUNT(*) |
101 | FROM auth_user_md5 |
102 | WHERE perms='pending' AND deces = '0000-00-00' |
103 | AND promo = {?}", |
104 | $promo); |
105 | if (!$res->fetchOneCell()) { |
106 | $err = "La promotion saisie est incorrecte ou tous les camardes de cette promo sont inscrits !"; |
f59bc2fb |
107 | } else { |
108 | $sub_state['step'] = 2; |
109 | $sub_state['promo'] = $promo; |
110 | if ($promo >= 1996 && $promo<2000) { |
111 | $sub_state['mat'] = ($promo % 100)*10 . '???'; |
112 | } elseif($promo >= 2000) { |
113 | $sub_state['mat'] = 100 + ($promo % 100) . '???'; |
114 | } |
115 | } |
116 | } |
117 | break; |
118 | |
119 | case 2: |
120 | if (count($_POST)) { |
433336f3 |
121 | require_once(dirname(__FILE__) . '/register/register.inc.php'); |
5e2307dc |
122 | $sub_state['prenom'] = Post::v('prenom'); |
123 | $sub_state['nom'] = Post::v('nom'); |
124 | $sub_state['mat'] = Post::v('mat'); |
f59bc2fb |
125 | $err = check_new_user($sub_state); |
126 | |
127 | if ($err !== true) { break; } |
128 | $err = create_aliases($sub_state); |
129 | if ($err === true) { |
130 | unset($err); |
131 | $sub_state['step'] = 3; |
132 | } |
133 | } |
134 | break; |
135 | |
136 | case 3: |
137 | if (count($_POST)) { |
433336f3 |
138 | require_once(dirname(__FILE__) . '/register/register.inc.php'); |
5e2307dc |
139 | if (!isvalid_email(Post::v('email'))) { |
f59bc2fb |
140 | $err[] = "Le champ 'E-mail' n'est pas valide."; |
5e2307dc |
141 | } elseif (!isvalid_email_redirection(Post::v('email'))) { |
f59bc2fb |
142 | $err[] = $sub_state['forlife']." doit renvoyer vers un email existant ". |
a7de4ef7 |
143 | "valide, en particulier, il ne peut pas être renvoyé vers lui-même."; |
f59bc2fb |
144 | } |
1970c12b |
145 | $birth = trim(Env::v('naissance')); |
35cd1be1 |
146 | if (!preg_match('/^[0-3][0-9][01][0-9][12][90][0-9][0-9]$/', $birth)) { |
f59bc2fb |
147 | $err[] = "La 'Date de naissance' n'est pas correcte."; |
35cd1be1 |
148 | } else { |
149 | $year = (int)substr($birth, 4, 4); |
150 | $promo = (int)$sub_state['promo']; |
151 | if ($year > $promo - 15 || $year < $promo - 30) { |
152 | $err[] = "La 'Date de naissance' n'est pas correcte."; |
5480a216 |
153 | $alert = "Date de naissance incorrecte a l'inscription - "; |
fb5d164e |
154 | $sub_state['wrong_naissance'] = $birth; |
35cd1be1 |
155 | } |
f59bc2fb |
156 | } |
157 | |
bf273d6a |
158 | // Check if the given email is known as dangerous |
159 | $res = Xdb::iterRow("SELECT w.state, w.description, a.alias |
160 | FROM emails AS e |
161 | INNER JOIN emails_watch AS w ON (e.email = w.email AND w.state != 'safe') |
162 | INNER JOIN aliases AS a ON (e.uid = a.id AND a.type = 'a_vie') |
163 | WHERE e.email = {?} |
164 | ORDER BY a.alias", Post::v('email')); |
165 | $aliases = array(); |
166 | while(list($gstate, $gdescription, $alias) = $res->next()) { |
167 | $state = $gstate; |
168 | $description = $gdescription; |
169 | $aliases[] = $alias; |
170 | } |
171 | if (count($aliases) != 0) { |
5480a216 |
172 | $alert .= "Email surveille propose a l'inscription - "; |
173 | } |
0be07aa6 |
174 | if ($sub_state['watch']) { |
175 | $alter .= "Inscription d'un utilisateur surveillé - "; |
176 | } |
5480a216 |
177 | |
178 | if (check_ip('unsafe')) { |
179 | unset($err); |
bf273d6a |
180 | } |
181 | |
f59bc2fb |
182 | if (isset($err)) { |
183 | $err = join('<br />', $err); |
184 | } else { |
f59bc2fb |
185 | $sub_state['naissance'] = sprintf("%s-%s-%s", |
186 | substr($birth,4,4), |
187 | substr($birth,2,2), |
188 | substr($birth,0,2)); |
ecc734a5 |
189 | if ($sub_state['naissance_ini'] != '0000-00-00' && $sub_state['naissance'] != $sub_state['naissance_ini']) { |
190 | $alert .= "Date de naissance incorrecte à l'inscription - "; |
191 | } |
5e2307dc |
192 | $sub_state['email'] = Post::v('email'); |
5480a216 |
193 | if (check_ip('unsafe')) { |
194 | $err = "Une erreur s'est produite lors de l'inscription." |
fb5d164e |
195 | . " Merci de contacter <a href='mailto:register@polytechnique.org'>register@polytechnique.org</a>" |
5480a216 |
196 | . " pour nous faire part de cette erreur"; |
197 | $alert .= "Tentative d'inscription depuis une IP surveillee"; |
198 | } else { |
199 | $sub_state['step'] = 4; |
9fc2d0d2 |
200 | if (count($sub_state['backs']) >= 3) { |
a7de4ef7 |
201 | $alert .= "Fin d'une inscription hésitante"; |
2efe5355 |
202 | } |
5480a216 |
203 | finish_ins($sub_state); |
204 | } |
bf273d6a |
205 | } |
f59bc2fb |
206 | } |
207 | break; |
208 | } |
209 | |
210 | $_SESSION['sub_state'] = $sub_state; |
5480a216 |
211 | if ($alert) { |
212 | send_warning_mail($alert); |
213 | } |
a41bf2f8 |
214 | $page->changeTpl('register/step'.intval($sub_state['step']).'.tpl'); |
f59bc2fb |
215 | if (isset($err)) { |
216 | $page->trig($err); |
217 | } |
f59bc2fb |
218 | } |
219 | |
2b6d403c |
220 | function handler_end_old(&$page) |
221 | { |
5e2307dc |
222 | return $this->handler_end($page, Env::v('hash')); |
2b6d403c |
223 | } |
224 | |
f59bc2fb |
225 | function handler_end(&$page, $hash = null) |
226 | { |
227 | global $globals; |
228 | |
ecc734a5 |
229 | |
f59bc2fb |
230 | $page->changeTpl('register/end.tpl'); |
a41bf2f8 |
231 | $_SESSION['sub_state'] = array('step' => 5); |
ecc734a5 |
232 | |
233 | if (check_ip('unsafe')) { |
234 | send_warning_mail('Une IP surveillée a tenté de finaliser son inscription'); |
235 | XDB::execute('DELETE FROM register_pending |
236 | WHERE hash = {?} AND hash != \'INSCRIT\'', $hash); |
237 | return PL_FORBIDDEN; |
238 | } |
239 | |
f59bc2fb |
240 | require_once('user.func.inc.php'); |
241 | |
242 | if ($hash) { |
08cce2ff |
243 | $res = XDB::query( |
f59bc2fb |
244 | "SELECT r.uid, r.forlife, r.bestalias, r.mailorg2, |
245 | r.password, r.email, r.naissance, u.nom, u.prenom, |
ecc734a5 |
246 | u.promo, FIND_IN_SET('femme', u.flags), u.naissance_ini |
f59bc2fb |
247 | FROM register_pending AS r |
248 | INNER JOIN auth_user_md5 AS u ON r.uid = u.user_id |
20d90835 |
249 | WHERE hash={?} AND hash!='INSCRIT'", $hash); |
f59bc2fb |
250 | } |
251 | |
252 | if (!$hash || !list($uid, $forlife, $bestalias, $mailorg2, $password, $email, |
ecc734a5 |
253 | $naissance, $nom, $prenom, $promo, $femme, $naiss_ini) = $res->fetchOneRow()) |
f59bc2fb |
254 | { |
255 | $page->kill("<p>Cette adresse n'existe pas, ou plus, sur le serveur.</p> |
256 | <p>Causes probables :</p> |
257 | <ol> |
a7de4ef7 |
258 | <li>Vérifie que tu visites l'adresse du dernier |
259 | e-mail reçu s'il y en a eu plusieurs.</li> |
260 | <li>Tu as peut-être mal copié l'adresse reçue par |
261 | mail, vérifie-la à la main.</li> |
262 | <li>Tu as peut-être attendu trop longtemps pour |
263 | confirmer. Les pré-inscriptions sont annulées |
f59bc2fb |
264 | tous les 30 jours.</li> |
a7de4ef7 |
265 | <li>Tu es en fait déjà inscrit.</li> |
f59bc2fb |
266 | </ol>"); |
267 | } |
268 | |
269 | |
270 | |
271 | /***********************************************************/ |
272 | /****************** REALLY CREATE ACCOUNT ******************/ |
273 | /***********************************************************/ |
274 | |
08cce2ff |
275 | XDB::execute('UPDATE auth_user_md5 |
f59bc2fb |
276 | SET password={?}, perms="user", |
277 | date=NOW(), naissance={?}, date_ins = NOW() |
278 | WHERE user_id={?}', $password, $naissance, $uid); |
08cce2ff |
279 | XDB::execute('REPLACE INTO auth_user_quick (user_id) VALUES ({?})', $uid); |
280 | XDB::execute('INSERT INTO aliases (id,alias,type) |
f59bc2fb |
281 | VALUES ({?}, {?}, "a_vie")', $uid, |
282 | $forlife); |
08cce2ff |
283 | XDB::execute('INSERT INTO aliases (id,alias,type,flags) |
f59bc2fb |
284 | VALUES ({?}, {?}, "alias", "bestalias")', |
285 | $uid, $bestalias); |
286 | if ($mailorg2) { |
08cce2ff |
287 | XDB::execute('INSERT INTO aliases (id,alias,type) |
f59bc2fb |
288 | VALUES ({?}, {?}, "alias")', $uid, |
289 | $mailorg2); |
290 | } |
291 | |
292 | require_once('emails.inc.php'); |
293 | $redirect = new Redirect($uid); |
294 | $redirect->add_email($email); |
295 | |
296 | // on cree un objet logger et on log l'inscription |
c4271d38 |
297 | $logger = new CoreLogger($uid); |
f59bc2fb |
298 | $logger->log('inscription', $email); |
299 | |
08cce2ff |
300 | XDB::execute('UPDATE register_pending SET hash="INSCRIT" WHERE uid={?}', $uid); |
f59bc2fb |
301 | |
8d8f7607 |
302 | global $platal; |
303 | $platal->on_subscribe($forlife, $uid, $promo, $password); |
f59bc2fb |
304 | |
1e33266a |
305 | $mymail = new PlMailer('register/inscription.reussie.tpl'); |
f59bc2fb |
306 | $mymail->assign('forlife', $forlife); |
307 | $mymail->assign('prenom', $prenom); |
308 | $mymail->send(); |
309 | |
ecc734a5 |
310 | if (!start_connexion($uid, false)) { |
5480a216 |
311 | return PL_FORBIDDEN; |
312 | } |
f59bc2fb |
313 | $_SESSION['auth'] = AUTH_MDP; |
314 | |
315 | /***********************************************************/ |
a7de4ef7 |
316 | /************* envoi d'un mail au démarcheur ***************/ |
f59bc2fb |
317 | /***********************************************************/ |
08cce2ff |
318 | $res = XDB::iterRow( |
f59bc2fb |
319 | "SELECT DISTINCT sa.alias, IF(s.nom_usage,s.nom_usage,s.nom) AS nom, |
d5ca3059 |
320 | s.prenom, FIND_IN_SET('femme', s.flags) AS femme |
f59bc2fb |
321 | FROM register_marketing AS m |
322 | INNER JOIN auth_user_md5 AS s ON ( m.sender = s.user_id ) |
323 | INNER JOIN aliases AS sa ON ( sa.id = m.sender |
324 | AND FIND_IN_SET('bestalias', sa.flags) ) |
325 | WHERE m.uid = {?}", $uid); |
08cce2ff |
326 | XDB::execute("UPDATE register_mstats SET success=NOW() WHERE uid={?}", $uid); |
f59bc2fb |
327 | |
328 | while (list($salias, $snom, $sprenom, $sfemme) = $res->next()) { |
1e33266a |
329 | $mymail = new PlMailer(); |
a7de4ef7 |
330 | $mymail->setSubject("$prenom $nom s'est inscrit à Polytechnique.org !"); |
f59bc2fb |
331 | $mymail->setFrom('"Marketing Polytechnique.org" <register@polytechnique.org>'); |
332 | $mymail->addTo("\"$sprenom $snom\" <$salias@{$globals->mail->domain}>"); |
a7de4ef7 |
333 | $msg = ($sfemme?'Chère':'Cher')." $sprenom,\n\n" |
ecc734a5 |
334 | . "Nous t'écrivons pour t'informer que $prenom $nom (X$promo), " |
a7de4ef7 |
335 | . "que tu avais incité".($femme?'e':'')." à s'inscrire à Polytechnique.org, " |
336 | . "vient à l'instant de terminer son inscription.\n\n" |
337 | . "Merci de ta participation active à la reconnaissance de ce site !!!\n\n" |
f59bc2fb |
338 | . "Bien cordialement,\n" |
a7de4ef7 |
339 | . "L'équipe Polytechnique.org"; |
f59bc2fb |
340 | $mymail->setTxtBody(wordwrap($msg, 72)); |
341 | $mymail->send(); |
342 | } |
5f5f0eb5 |
343 | |
344 | /**** send a mail to X.org administrators ****/ |
9812efa0 |
345 | if ($globals->register->notif) { |
346 | $mymail = new PlMailer(); |
347 | $mymail->setSubject("Inscription de $prenom $nom (X$promo)"); |
348 | $mymail->setFrom('"Webmaster Polytechnique.org" <web@polytechnique.org>'); |
349 | $mymail->addTo($globals->register->notif); |
a7de4ef7 |
350 | $msg = "$prenom $nom (X$promo) a terminé son inscription avec les données suivantes :\n" |
9812efa0 |
351 | . " - nom : $nom\n" |
352 | . " - prenom : $prenom\n" |
353 | . " - promo : $promo\n" |
ecc734a5 |
354 | . " - naissance : $naissance (date connue : $naiss_ini)\n" |
9812efa0 |
355 | . " - forlife : $forlife\n" |
356 | . " - email : $email\n" |
5f5f0eb5 |
357 | . " - sexe : $femme\n" |
358 | . " - ip : " . (@$_SERVER['HTTP_X_FORWARDED_FOR'] ? $_SERVER['HTTP_X_FORWARDED_FOR'] |
359 | : $_SERVER['REMOTE_ADDR']) . "\n" |
360 | . " - proxy : " . (@$_SERVER['HTTP_X_FORWARDED_FOR'] ? $_SERVER['REMOTE_ADDR'] : "") . "\n"; |
9812efa0 |
361 | $mymail->setTxtBody($msg); |
362 | $mymail->send(); |
363 | } |
f59bc2fb |
364 | |
e654517d |
365 | Marketing::clear($uid); |
f59bc2fb |
366 | |
8b00e0e0 |
367 | pl_redirect('register/success'); |
f59bc2fb |
368 | $page->assign('uid', $uid); |
f59bc2fb |
369 | } |
370 | |
371 | function handler_success(&$page) |
372 | { |
f59bc2fb |
373 | $page->changeTpl('register/success.tpl'); |
374 | |
a41bf2f8 |
375 | $_SESSION['sub_state'] = array('step' => 5); |
f59bc2fb |
376 | if (Env::has('response2')) { |
5e2307dc |
377 | $_SESSION['password'] = $password = Post::v('response2'); |
f59bc2fb |
378 | |
08cce2ff |
379 | XDB::execute('UPDATE auth_user_md5 SET password={?} |
f59bc2fb |
380 | WHERE user_id={?}', $password, |
cab08090 |
381 | S::v('uid')); |
f59bc2fb |
382 | |
714bc242 |
383 | $log = S::v('log'); |
f59bc2fb |
384 | $log->log('passwd', ''); |
385 | |
5e2307dc |
386 | if (Cookie::v('ORGaccess')) { |
f59bc2fb |
387 | require_once('secure_hash.inc.php'); |
388 | setcookie('ORGaccess', hash_encrypt($password), (time()+25920000), '/', '' ,0); |
389 | } |
390 | |
391 | $page->assign('mdpok', true); |
392 | } |
393 | |
0baf0741 |
394 | $res = XDB::iterRow("SELECT sub, domain |
395 | FROM register_subs |
396 | WHERE uid = {?} AND type = 'list' |
397 | ORDER BY domain", |
398 | S::i('uid')); |
399 | $current_domain = null; |
400 | $lists = array(); |
401 | while (list($sub, $domain) = $res->next()) { |
402 | if ($current_domain != $domain) { |
403 | $current_domain = $domain; |
404 | $client = new MMList(S::v('uid'), S::v('password'), $domain); |
405 | } |
406 | list($details, ) = $client->get_members($sub); |
407 | $lists["$sub@$domain"] = $details; |
408 | } |
409 | $page->assign_by_ref('lists', $lists); |
410 | |
c99ef281 |
411 | $page->addJsLink('motdepasse.js'); |
f59bc2fb |
412 | } |
413 | } |
414 | |
a7de4ef7 |
415 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: |
f59bc2fb |
416 | ?> |