f59bc2fb |
1 | <?php |
2 | /*************************************************************************** |
5ddeb07c |
3 | * Copyright (C) 2003-2007 Polytechnique.org * |
f59bc2fb |
4 | * http://opensource.polytechnique.org/ * |
5 | * * |
6 | * This program is free software; you can redistribute it and/or modify * |
7 | * it under the terms of the GNU General Public License as published by * |
8 | * the Free Software Foundation; either version 2 of the License, or * |
9 | * (at your option) any later version. * |
10 | * * |
11 | * This program is distributed in the hope that it will be useful, * |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * |
14 | * GNU General Public License for more details. * |
15 | * * |
16 | * You should have received a copy of the GNU General Public License * |
17 | * along with this program; if not, write to the Free Software * |
18 | * Foundation, Inc., * |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * |
20 | ***************************************************************************/ |
21 | |
22 | class RegisterModule extends PLModule |
23 | { |
24 | function handlers() |
25 | { |
26 | return array( |
20d90835 |
27 | 'register' => $this->make_hook('register', AUTH_PUBLIC), |
28 | 'register/end' => $this->make_hook('end', AUTH_PUBLIC), |
2b6d403c |
29 | 'register/end.php' => $this->make_hook('end_old', AUTH_PUBLIC), |
f59bc2fb |
30 | 'register/success' => $this->make_hook('success', AUTH_MDP), |
31 | ); |
32 | } |
33 | |
20d90835 |
34 | function handler_register(&$page, $hash = null) |
f59bc2fb |
35 | { |
5480a216 |
36 | $alert = null; |
cab08090 |
37 | $sub_state = S::v('sub_state', Array()); |
f59bc2fb |
38 | if (!isset($sub_state['step'])) { |
39 | $sub_state['step'] = 0; |
40 | } |
5e2307dc |
41 | if (Get::has('back') && Get::i('back') < $sub_state['step']) { |
42 | $sub_state['step'] = max(0,Get::i('back')); |
f59bc2fb |
43 | } |
44 | |
2b6d403c |
45 | // Compatibility with old sources, keep it atm |
46 | if (!$hash && Env::has('hash')) { |
5e2307dc |
47 | $hash = Env::v('hash'); |
2b6d403c |
48 | } |
49 | |
20d90835 |
50 | if ($hash) { |
08cce2ff |
51 | $res = XDB::query( |
f59bc2fb |
52 | "SELECT m.uid, u.promo, u.nom, u.prenom, u.matricule |
53 | FROM register_marketing AS m |
54 | INNER JOIN auth_user_md5 AS u ON u.user_id = m.uid |
20d90835 |
55 | WHERE m.hash={?}", $hash); |
f59bc2fb |
56 | if (list($uid, $promo, $nom, $prenom, $ourmat) = $res->fetchOneRow()) { |
57 | $sub_state['uid'] = $uid; |
20d90835 |
58 | $sub_state['hash'] = $hash; |
f59bc2fb |
59 | $sub_state['promo'] = $promo; |
60 | $sub_state['nom'] = $nom; |
61 | $sub_state['prenom'] = $prenom; |
62 | $sub_state['ourmat'] = $ourmat; |
63 | |
08cce2ff |
64 | XDB::execute( |
f59bc2fb |
65 | "REPLACE INTO register_mstats (uid,sender,success) |
66 | SELECT m.uid, m.sender, 0 |
67 | FROM register_marketing AS m |
68 | WHERE m.hash", $sub_state['hash']); |
69 | } |
70 | } |
71 | |
72 | switch ($sub_state['step']) { |
73 | case 0: |
ab694f12 |
74 | require_once('wiki.inc.php'); |
af3f07c5 |
75 | wiki_require_page('Reference.Charte'); |
f59bc2fb |
76 | if (Post::has('step1')) { |
77 | $sub_state['step'] = 1; |
78 | if (isset($sub_state['hash'])) { |
79 | $sub_state['step'] = 3; |
433336f3 |
80 | require_once(dirname(__FILE__) . '/register/register.inc.php'); |
f59bc2fb |
81 | create_aliases($sub_state); |
82 | } |
83 | } |
84 | break; |
85 | |
86 | case 1: |
87 | if (Post::has('promo')) { |
5e2307dc |
88 | $promo = Post::i('promo'); |
a41bf2f8 |
89 | $res = XDB::query("SELECT COUNT(*) |
90 | FROM auth_user_md5 |
91 | WHERE perms='pending' AND deces = '0000-00-00' |
92 | AND promo = {?}", |
93 | $promo); |
94 | if (!$res->fetchOneCell()) { |
95 | $err = "La promotion saisie est incorrecte ou tous les camardes de cette promo sont inscrits !"; |
f59bc2fb |
96 | } else { |
97 | $sub_state['step'] = 2; |
98 | $sub_state['promo'] = $promo; |
99 | if ($promo >= 1996 && $promo<2000) { |
100 | $sub_state['mat'] = ($promo % 100)*10 . '???'; |
101 | } elseif($promo >= 2000) { |
102 | $sub_state['mat'] = 100 + ($promo % 100) . '???'; |
103 | } |
104 | } |
105 | } |
106 | break; |
107 | |
108 | case 2: |
109 | if (count($_POST)) { |
433336f3 |
110 | require_once(dirname(__FILE__) . '/register/register.inc.php'); |
5e2307dc |
111 | $sub_state['prenom'] = Post::v('prenom'); |
112 | $sub_state['nom'] = Post::v('nom'); |
113 | $sub_state['mat'] = Post::v('mat'); |
f59bc2fb |
114 | $err = check_new_user($sub_state); |
115 | |
116 | if ($err !== true) { break; } |
117 | $err = create_aliases($sub_state); |
118 | if ($err === true) { |
119 | unset($err); |
120 | $sub_state['step'] = 3; |
121 | } |
122 | } |
123 | break; |
124 | |
125 | case 3: |
126 | if (count($_POST)) { |
433336f3 |
127 | require_once(dirname(__FILE__) . '/register/register.inc.php'); |
5e2307dc |
128 | if (!isvalid_email(Post::v('email'))) { |
f59bc2fb |
129 | $err[] = "Le champ 'E-mail' n'est pas valide."; |
5e2307dc |
130 | } elseif (!isvalid_email_redirection(Post::v('email'))) { |
f59bc2fb |
131 | $err[] = $sub_state['forlife']." doit renvoyer vers un email existant ". |
20d90835 |
132 | "valide, en particulier, il ne peut pas être renvoyé vers lui-même."; |
f59bc2fb |
133 | } |
1970c12b |
134 | $birth = trim(Env::v('naissance')); |
35cd1be1 |
135 | if (!preg_match('/^[0-3][0-9][01][0-9][12][90][0-9][0-9]$/', $birth)) { |
f59bc2fb |
136 | $err[] = "La 'Date de naissance' n'est pas correcte."; |
35cd1be1 |
137 | } else { |
138 | $year = (int)substr($birth, 4, 4); |
139 | $promo = (int)$sub_state['promo']; |
140 | if ($year > $promo - 15 || $year < $promo - 30) { |
141 | $err[] = "La 'Date de naissance' n'est pas correcte."; |
5480a216 |
142 | $alert = "Date de naissance incorrecte a l'inscription - "; |
35cd1be1 |
143 | } |
f59bc2fb |
144 | } |
145 | |
bf273d6a |
146 | // Check if the given email is known as dangerous |
147 | $res = Xdb::iterRow("SELECT w.state, w.description, a.alias |
148 | FROM emails AS e |
149 | INNER JOIN emails_watch AS w ON (e.email = w.email AND w.state != 'safe') |
150 | INNER JOIN aliases AS a ON (e.uid = a.id AND a.type = 'a_vie') |
151 | WHERE e.email = {?} |
152 | ORDER BY a.alias", Post::v('email')); |
153 | $aliases = array(); |
154 | while(list($gstate, $gdescription, $alias) = $res->next()) { |
155 | $state = $gstate; |
156 | $description = $gdescription; |
157 | $aliases[] = $alias; |
158 | } |
159 | if (count($aliases) != 0) { |
5480a216 |
160 | $alert .= "Email surveille propose a l'inscription - "; |
161 | } |
162 | |
163 | if (check_ip('unsafe')) { |
164 | unset($err); |
bf273d6a |
165 | } |
166 | |
f59bc2fb |
167 | if (isset($err)) { |
168 | $err = join('<br />', $err); |
169 | } else { |
f59bc2fb |
170 | $sub_state['naissance'] = sprintf("%s-%s-%s", |
171 | substr($birth,4,4), |
172 | substr($birth,2,2), |
173 | substr($birth,0,2)); |
5e2307dc |
174 | $sub_state['email'] = Post::v('email'); |
5480a216 |
175 | if (check_ip('unsafe')) { |
176 | $err = "Une erreur s'est produite lors de l'inscription." |
177 | . " Merci de contacter <a href='register@polytechnique.org'>register@polytechnique.org</a>" |
178 | . " pour nous faire part de cette erreur"; |
179 | $alert .= "Tentative d'inscription depuis une IP surveillee"; |
180 | } else { |
181 | $sub_state['step'] = 4; |
182 | finish_ins($sub_state); |
183 | } |
bf273d6a |
184 | } |
f59bc2fb |
185 | } |
186 | break; |
187 | } |
188 | |
189 | $_SESSION['sub_state'] = $sub_state; |
5480a216 |
190 | if ($alert) { |
191 | send_warning_mail($alert); |
192 | } |
a41bf2f8 |
193 | $page->changeTpl('register/step'.intval($sub_state['step']).'.tpl'); |
f59bc2fb |
194 | if (isset($err)) { |
195 | $page->trig($err); |
196 | } |
f59bc2fb |
197 | } |
198 | |
2b6d403c |
199 | function handler_end_old(&$page) |
200 | { |
5e2307dc |
201 | return $this->handler_end($page, Env::v('hash')); |
2b6d403c |
202 | } |
203 | |
f59bc2fb |
204 | function handler_end(&$page, $hash = null) |
205 | { |
206 | global $globals; |
207 | |
208 | $page->changeTpl('register/end.tpl'); |
a41bf2f8 |
209 | $_SESSION['sub_state'] = array('step' => 5); |
f59bc2fb |
210 | require_once('user.func.inc.php'); |
211 | |
212 | if ($hash) { |
08cce2ff |
213 | $res = XDB::query( |
f59bc2fb |
214 | "SELECT r.uid, r.forlife, r.bestalias, r.mailorg2, |
215 | r.password, r.email, r.naissance, u.nom, u.prenom, |
216 | u.promo, u.flags |
217 | FROM register_pending AS r |
218 | INNER JOIN auth_user_md5 AS u ON r.uid = u.user_id |
20d90835 |
219 | WHERE hash={?} AND hash!='INSCRIT'", $hash); |
f59bc2fb |
220 | } |
221 | |
222 | if (!$hash || !list($uid, $forlife, $bestalias, $mailorg2, $password, $email, |
223 | $naissance, $nom, $prenom, $promo, $femme) = $res->fetchOneRow()) |
224 | { |
225 | $page->kill("<p>Cette adresse n'existe pas, ou plus, sur le serveur.</p> |
226 | <p>Causes probables :</p> |
227 | <ol> |
20d90835 |
228 | <li>Vérifie que tu visites l'adresse du dernier |
229 | e-mail reçu s'il y en a eu plusieurs.</li> |
230 | <li>Tu as peut-être mal copié l'adresse reçue par |
231 | mail, vérifie-la à la main.</li> |
232 | <li>Tu as peut-être attendu trop longtemps pour |
233 | confirmer. Les pré-inscriptions sont annulées |
f59bc2fb |
234 | tous les 30 jours.</li> |
20d90835 |
235 | <li>Tu es en fait déjà inscrit.</li> |
f59bc2fb |
236 | </ol>"); |
237 | } |
238 | |
239 | |
240 | |
241 | /***********************************************************/ |
242 | /****************** REALLY CREATE ACCOUNT ******************/ |
243 | /***********************************************************/ |
244 | |
08cce2ff |
245 | XDB::execute('UPDATE auth_user_md5 |
f59bc2fb |
246 | SET password={?}, perms="user", |
247 | date=NOW(), naissance={?}, date_ins = NOW() |
248 | WHERE user_id={?}', $password, $naissance, $uid); |
08cce2ff |
249 | XDB::execute('REPLACE INTO auth_user_quick (user_id) VALUES ({?})', $uid); |
250 | XDB::execute('INSERT INTO aliases (id,alias,type) |
f59bc2fb |
251 | VALUES ({?}, {?}, "a_vie")', $uid, |
252 | $forlife); |
08cce2ff |
253 | XDB::execute('INSERT INTO aliases (id,alias,type,flags) |
f59bc2fb |
254 | VALUES ({?}, {?}, "alias", "bestalias")', |
255 | $uid, $bestalias); |
256 | if ($mailorg2) { |
08cce2ff |
257 | XDB::execute('INSERT INTO aliases (id,alias,type) |
f59bc2fb |
258 | VALUES ({?}, {?}, "alias")', $uid, |
259 | $mailorg2); |
260 | } |
261 | |
262 | require_once('emails.inc.php'); |
263 | $redirect = new Redirect($uid); |
264 | $redirect->add_email($email); |
265 | |
266 | // on cree un objet logger et on log l'inscription |
c4271d38 |
267 | $logger = new CoreLogger($uid); |
f59bc2fb |
268 | $logger->log('inscription', $email); |
269 | |
08cce2ff |
270 | XDB::execute('UPDATE register_pending SET hash="INSCRIT" WHERE uid={?}', $uid); |
f59bc2fb |
271 | |
8d8f7607 |
272 | global $platal; |
273 | $platal->on_subscribe($forlife, $uid, $promo, $password); |
f59bc2fb |
274 | |
1e33266a |
275 | $mymail = new PlMailer('register/inscription.reussie.tpl'); |
f59bc2fb |
276 | $mymail->assign('forlife', $forlife); |
277 | $mymail->assign('prenom', $prenom); |
278 | $mymail->send(); |
279 | |
5480a216 |
280 | if (!start_connexion($uid,false)) { |
281 | return PL_FORBIDDEN; |
282 | } |
f59bc2fb |
283 | $_SESSION['auth'] = AUTH_MDP; |
284 | |
285 | /***********************************************************/ |
20d90835 |
286 | /************* envoi d'un mail au démarcheur ***************/ |
f59bc2fb |
287 | /***********************************************************/ |
08cce2ff |
288 | $res = XDB::iterRow( |
f59bc2fb |
289 | "SELECT DISTINCT sa.alias, IF(s.nom_usage,s.nom_usage,s.nom) AS nom, |
d5ca3059 |
290 | s.prenom, FIND_IN_SET('femme', s.flags) AS femme |
f59bc2fb |
291 | FROM register_marketing AS m |
292 | INNER JOIN auth_user_md5 AS s ON ( m.sender = s.user_id ) |
293 | INNER JOIN aliases AS sa ON ( sa.id = m.sender |
294 | AND FIND_IN_SET('bestalias', sa.flags) ) |
295 | WHERE m.uid = {?}", $uid); |
08cce2ff |
296 | XDB::execute("UPDATE register_mstats SET success=NOW() WHERE uid={?}", $uid); |
f59bc2fb |
297 | |
298 | while (list($salias, $snom, $sprenom, $sfemme) = $res->next()) { |
1e33266a |
299 | $mymail = new PlMailer(); |
20d90835 |
300 | $mymail->setSubject("$prenom $nom s'est inscrit à Polytechnique.org !"); |
f59bc2fb |
301 | $mymail->setFrom('"Marketing Polytechnique.org" <register@polytechnique.org>'); |
302 | $mymail->addTo("\"$sprenom $snom\" <$salias@{$globals->mail->domain}>"); |
d5ca3059 |
303 | $msg = ($sfemme?'Chère':'Cher')." $sprenom,\n\n" |
20d90835 |
304 | . "Nous t'écrivons pour t'informer que {$prenom} {$nom} (X{$promo}), " |
305 | . "que tu avais incité".($femme?'e':'')." à s'inscrire à Polytechnique.org, " |
306 | . "vient à l'instant de terminer son inscription.\n\n" |
307 | . "Merci de ta participation active à la reconnaissance de ce site !!!\n\n" |
f59bc2fb |
308 | . "Bien cordialement,\n" |
20d90835 |
309 | . "L'équipe Polytechnique.org"; |
f59bc2fb |
310 | $mymail->setTxtBody(wordwrap($msg, 72)); |
311 | $mymail->send(); |
312 | } |
313 | |
08cce2ff |
314 | XDB::execute("DELETE FROM register_marketing WHERE uid = {?}", $uid); |
f59bc2fb |
315 | |
8b00e0e0 |
316 | pl_redirect('register/success'); |
f59bc2fb |
317 | $page->assign('uid', $uid); |
f59bc2fb |
318 | } |
319 | |
320 | function handler_success(&$page) |
321 | { |
f59bc2fb |
322 | $page->changeTpl('register/success.tpl'); |
323 | |
a41bf2f8 |
324 | $_SESSION['sub_state'] = array('step' => 5); |
f59bc2fb |
325 | if (Env::has('response2')) { |
5e2307dc |
326 | $_SESSION['password'] = $password = Post::v('response2'); |
f59bc2fb |
327 | |
08cce2ff |
328 | XDB::execute('UPDATE auth_user_md5 SET password={?} |
f59bc2fb |
329 | WHERE user_id={?}', $password, |
cab08090 |
330 | S::v('uid')); |
f59bc2fb |
331 | |
cab08090 |
332 | $log =& S::v('log'); |
f59bc2fb |
333 | $log->log('passwd', ''); |
334 | |
5e2307dc |
335 | if (Cookie::v('ORGaccess')) { |
f59bc2fb |
336 | require_once('secure_hash.inc.php'); |
337 | setcookie('ORGaccess', hash_encrypt($password), (time()+25920000), '/', '' ,0); |
338 | } |
339 | |
340 | $page->assign('mdpok', true); |
341 | } |
342 | |
c99ef281 |
343 | $page->addJsLink('motdepasse.js'); |
f59bc2fb |
344 | } |
345 | } |
346 | |
347 | ?> |