[platal.git] / modules / register.php

<?php
/***************************************************************************
 *  Copyright (C) 2003-2009 Polytechnique.org                              *
 *  http://opensource.polytechnique.org/                                   *
 *                                                                         *
 *  This program is free software; you can redistribute it and/or modify   *
 *  it under the terms of the GNU General Public License as published by   *
 *  the Free Software Foundation; either version 2 of the License, or      *
 *  (at your option) any later version.                                    *
 *                                                                         *
 *  This program is distributed in the hope that it will be useful,        *
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
 *  GNU General Public License for more details.                           *
 *                                                                         *
 *  You should have received a copy of the GNU General Public License      *
 *  along with this program; if not, write to the Free Software            *
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 ***************************************************************************/

class RegisterModule extends PLModule
{
    function handlers()
    {
        return array(
            'register'         => $this->make_hook('register', AUTH_PUBLIC),
            'register/end'     => $this->make_hook('end',      AUTH_PUBLIC),
            'register/end.php' => $this->make_hook('end_old',  AUTH_PUBLIC),
            'register/success' => $this->make_hook('success',  AUTH_MDP),
            'register/save'    => $this->make_hook('save',     AUTH_MDP),
        );
    }

    function handler_register(&$page, $hash = null)
    {
        $alert     = null;
        $sub_state = S::v('sub_state', Array());
        if (!isset($sub_state['step'])) {
            $sub_state['step'] = 0;
        }
        if (!isset($sub_state['backs'])) {
            $sub_state['backs'] = array();
        }
        if (Get::has('back') && Get::i('back') < $sub_state['step']) {
            $sub_state['step'] = max(0,Get::i('back'));
            $state = $sub_state;
            unset($state['backs']);
            $sub_state['backs'][] = $state;
            if (count($sub_state['backs']) == 3) {
                $alert .= "Tentative d'inscription tres hesitante - ";
            }
        }

        // Compatibility with old sources, keep it atm
        if (!$hash && Env::has('hash')) {
            $hash = Env::v('hash');
        }

        if ($hash) {
            $res = XDB::query(
                    "SELECT  m.uid, u.promo, u.nom, u.prenom, u.matricule, u.naissance_ini, FIND_IN_SET('watch', u.flags)
                       FROM  register_marketing AS m
                 INNER JOIN  auth_user_md5      AS u ON u.user_id = m.uid
                      WHERE  m.hash={?}", $hash);
            if (list($uid, $promo, $nom, $prenom, $ourmat, $naiss, $watch) = $res->fetchOneRow()) {
                $sub_state['uid']    = $uid;
                $sub_state['hash']   = $hash;
                $sub_state['promo']  = $promo;
                $sub_state['nom']    = $nom;
                $sub_state['prenom'] = $prenom;
                $sub_state['ourmat'] = $ourmat;
                $sub_state['watch']  = $watch;
                $sub_state['naissance_ini'] = $naiss;

                XDB::execute(
                        "REPLACE INTO  register_mstats (uid,sender,success)
                               SELECT  m.uid, m.sender, 0
                                 FROM  register_marketing AS m
                                WHERE  m.hash", $sub_state['hash']);
            }
        }

        switch ($sub_state['step']) {
            case 0:
                $wp = new PlWikiPage('Reference.Charte');
                $wp->buildCache();
                if (Post::has('step1')) {
                    $sub_state['step'] = 1;
                    if (isset($sub_state['hash'])) {
                        $sub_state['step'] = 3;
                        $this->load('register.inc.php');
                        create_aliases($sub_state);
                    }
                }
                break;

            case 1:
                if (Post::has('promo')) {
                    $promo = Post::i('promo');
                    $res = XDB::query("SELECT COUNT(*)
                                         FROM auth_user_md5
                                        WHERE  perms='pending' AND deces = '0000-00-00'
                                               AND promo = {?}",
                                      $promo);
                    if (!$res->fetchOneCell()) {
                        $err = "La promotion saisie est incorrecte ou tous les camardes de cette promo sont inscrits !";
                    } else {
                        $sub_state['step']  = 2;
                        $sub_state['promo'] = $promo;
                        if ($promo >= 1996 && $promo<2000) {
                            $sub_state['mat'] = ($promo % 100)*10 . '???';
                        } elseif($promo >= 2000) {
                            $sub_state['mat'] = 100 + ($promo % 100) . '???';
                        }
                    }
                }
                break;

            case 2:
                if (count($_POST)) {
                    $this->load('register.inc.php');
                    $sub_state['prenom'] = Post::v('prenom');
                    $sub_state['nom']    = Post::v('nom');
                    $sub_state['mat']    = Post::v('mat');
                    $err = check_new_user($sub_state);

                    if ($err !== true) { break; }
                    $err = create_aliases($sub_state);
                    if ($err === true) {
                        unset($err);
                        $sub_state['step'] = 3;
                    }
                }
                break;

            case 3:
                if (count($_POST)) {
                    $this->load('register.inc.php');
                    require_once 'emails.inc.php';
                    if (!isvalid_email(Post::v('email'))) {
                        $err[] = "Le champ 'E-mail' n'est pas valide.";
                    } elseif (!isvalid_email_redirection(Post::v('email'))) {
                        $err[] = $sub_state['forlife']." doit renvoyer vers un email existant ".
                            "valide, en particulier, il ne peut pas être renvoyé vers lui-même.";
                    }
                    $birth = trim(Env::v('naissance'));
                    if (!preg_match('@^[0-3]?\d/[01]?\d/(19|20)?\d{2}$@', $birth)) {
                        $err[] = "La 'Date de naissance' n'est pas correcte.";
                    } else {
                        $birth = explode('/', $birth, 3);
                        for ($i = 0; $i < 3; $i++)
                            $birth[$i] = intval($birth[$i]);
                        if ($birth[2] < 100) $birth[2] += 1900;
                        $year  = $birth[2];
                        $promo = (int)$sub_state['promo'];
                        if ($year > $promo - 15 || $year < $promo - 30) {
                            $err[] = "La 'Date de naissance' n'est pas correcte.";
                            $alert = "Date de naissance incorrecte a l'inscription - ";
                            $sub_state['wrong_naissance'] = $birth;
                        }
                    }

                    // Check if the given email is known as dangerous
                    $res = XDB::query("SELECT  w.state, w.description
                                         FROM  emails_watch AS w
                                        WHERE  w.email = {?} AND w.state != 'safe'",
                                        Post::v('email'));
                    $email_banned = false;
                    if ($res->numRows()) {
                        list($state, $description) = $res->fetchOneRow();
                        $alert .= "Email surveille propose a l'inscription - ";
                        $sub_state['email_desc'] = $description;
                        if ($state == 'dangerous') {
                            $email_banned = true;
                        }
                    }
                    if ($sub_state['watch']) {
                        $alert .= "Inscription d'un utilisateur surveillé - ";
                    }

                    if (check_ip('unsafe')) {
                        unset($err);
                    }

                    if (isset($err)) {
                        $err = join('<br />', $err);
                    } else {
                        $sub_state['naissance'] = sprintf("%04d-%02d-%02d",
                                                          intval($birth[2]), intval($birth[1]), intval($birth[0]));
                        if ($sub_state['naissance_ini'] != '0000-00-00' && $sub_state['naissance'] != $sub_state['naissance_ini']) {
                            $alert .= "Date de naissance incorrecte à l'inscription - ";
                        }
                        $sub_state['email']     = Post::v('email');
                        $ip_banned = check_ip('unsafe');
                        if ($ip_banned) {
                            $alert .= "Tentative d'inscription depuis une IP surveillee";
                        }
                        if ($email_banned || $ip_banned) {
                            global $globals;
                            $err = "Une erreur s'est produite lors de l'inscription."
                                 . " Merci de contacter <a href='mailto:register@{$globals->mail->domain}>"
                                 . " register@{$globals->mail->domain}</a>"
                                 . " pour nous faire part de cette erreur";
                        } else {
                            $sub_state['step'] = 4;
                            if (count($sub_state['backs']) >= 3) {
                                $alert .= "Fin d'une inscription hésitante";
                            }
                            finish_ins($sub_state);
                        }
                    }
                }
                break;
        }

        $_SESSION['sub_state'] = $sub_state;
        if (!empty($alert)) {
            send_warning_mail($alert);
        }
        $page->changeTpl('register/step'.intval($sub_state['step']).'.tpl');
        if (isset($err)) {
            $page->trigError($err);
        }
    }

    function handler_end_old(&$page)
    {
        return $this->handler_end($page, Env::v('hash'));
    }

    function handler_end(&$page, $hash = null)
    {
        global $globals;


        $page->changeTpl('register/end.tpl');
        $_SESSION['sub_state'] = array('step' => 5);

        if (check_ip('unsafe')) {
            send_warning_mail('Une IP surveillée a tenté de finaliser son inscription');
            XDB::execute('DELETE FROM  register_pending
                                WHERE  hash = {?} AND hash != \'INSCRIT\'', $hash);
            return PL_FORBIDDEN;
        }

        require_once('user.func.inc.php');

        if ($hash) {
            $res = XDB::query(
                    "SELECT  r.uid, r.forlife, r.bestalias, r.mailorg2,
                             r.password, r.email, r.naissance, u.nom, u.prenom,
                             u.promo, FIND_IN_SET('femme', u.flags), u.naissance_ini
                       FROM  register_pending AS r
                 INNER JOIN  auth_user_md5    AS u ON r.uid = u.user_id
                      WHERE  hash={?} AND hash!='INSCRIT'", $hash);
        }

        if (!$hash || !list($uid, $forlife, $bestalias, $mailorg2, $password, $email,
                            $naissance, $nom, $prenom, $promo, $femme, $naiss_ini) = $res->fetchOneRow())
        {
            $page->kill("<p>Cette adresse n'existe pas, ou plus, sur le serveur.</p>
                         <p>Causes probables :</p>
                         <ol>
                           <li>Vérifie que tu visites l'adresse du dernier
                               e-mail reçu s'il y en a eu plusieurs.</li>
                           <li>Tu as peut-être mal copié l'adresse reçue par
                               mail, vérifie-la à la main.</li>
                           <li>Tu as peut-être attendu trop longtemps pour
                               confirmer.  Les pré-inscriptions sont annulées
                               tous les 30 jours.</li>
                           <li>Tu es en fait déjà inscrit.</li>
                        </ol>");
        }


        /***********************************************************/
        /****************** REALLY CREATE ACCOUNT ******************/
        /***********************************************************/

        XDB::execute('UPDATE  auth_user_md5
                                   SET  password={?}, perms="user",
                                        date=NOW(), naissance={?}, date_ins = NOW()
                                 WHERE  user_id={?}', $password, $naissance, $uid);
        XDB::execute('REPLACE INTO auth_user_quick (user_id) VALUES ({?})', $uid);
        XDB::execute('INSERT INTO aliases (id,alias,type)
                                     VALUES ({?}, {?}, "a_vie")', $uid,
                                     $forlife);
        XDB::execute('INSERT INTO aliases (id,alias,type,flags)
                                     VALUES ({?}, {?}, "alias", "bestalias")',
                                     $uid, $bestalias);
        if ($mailorg2) {
            XDB::execute('INSERT INTO aliases (id,alias,type)
                                         VALUES ({?}, {?}, "alias")', $uid,
                                         $mailorg2);
        }

        require_once('emails.inc.php');
        $user = User::getSilent($uid);
        $redirect = new Redirect($user);
        $redirect->add_email($email);

        // on cree un objet logger et on log l'inscription
        S::logger($uid)->log('inscription', $email);
        XDB::execute('UPDATE register_pending SET hash="INSCRIT" WHERE uid={?}', $uid);


        $mymail = new PlMailer('register/inscription.reussie.tpl');
        $mymail->assign('forlife', $forlife);
        $mymail->assign('prenom', $prenom);
        $mymail->send();

        // Enable search on the user
        require_once('user.func.inc.php');
        user_reindex($uid);

        // Add notification for people looking for this registration
        require_once 'notifs.inc.php';
        register_watch_op($uid, WATCH_INSCR);
        inscription_notifs_base($uid);

        // Default registration on forums
        $p_for = 'xorg.promo.x' . $promo;
        $cible = array('xorg.general', 'xorg.pa.divers', 'xorg.pa.logements', $p_for);
        foreach ($cible as $val) {
            XDB::execute("INSERT INTO  forums.abos (fid,uid)
                               SELECT  fid, {?} FROM forums.list WHERE nom={?}", $uid, $val);
            if (XDB::affectedRows() == 0 && $val == $p_for) {
                $res = XDB::query("SELECT  SUM(perms IN ('admin','user') AND deces = 0), COUNT(*)
                                     FROM  auth_user_md5
                                    WHERE  promo = {?}", $promo);
                list($effau, $effid) = $res->fetchOneRow();
                if (5 * $effau > $effid) { // + 
                    $mymail = new PlMailer('admin/forums-promo.mail.tpl');
                    $mymail->assign('promo', $promo);
                    $mymail->send();
                }
            }
        }

        // update number of subscribers (perms has changed)
        $globals->updateNbIns();

        if (!Platal::session()->startWeakSession($uid)) {
            return PL_FORBIDDEN;
        }

        /***********************************************************/
        /************* envoi d'un mail au démarcheur ***************/
        /***********************************************************/
        $res = XDB::iterRow(
                "SELECT  sa.alias, IF(s.nom_usage,s.nom_usage,s.nom) AS nom,
                         s.prenom, FIND_IN_SET('femme', s.flags) AS femme,
                         GROUP_CONCAT(m.email) AS mails, MAX(m.last) AS dateDernier
                   FROM  register_marketing AS m
             INNER JOIN  auth_user_md5      AS s  ON ( m.sender = s.user_id )
             INNER JOIN  aliases            AS sa ON ( sa.id = m.sender
                                                       AND FIND_IN_SET('bestalias', sa.flags) )
                  WHERE  m.uid = {?}
               GROUP BY  m.sender
               ORDER BY  dateDernier DESC", $uid);
        XDB::execute("UPDATE register_mstats SET success=NOW() WHERE uid={?}", $uid);

        $market = array();
        while (list($salias, $snom, $sprenom, $sfemme, $mails, $dateDernier) = $res->next()) {
            $market[] = " - par $snom $sprenom sur $mails (le plus récemment le $dateDernier)";
            $mymail = new PlMailer();
            $mymail->setSubject("$prenom $nom s'est inscrit à Polytechnique.org !");
            $mymail->setFrom('"Marketing Polytechnique.org" <register@' . $globals->mail->domain . '>');
            $mymail->addTo("\"$sprenom $snom\" <$salias@{$globals->mail->domain}>");
            $msg = ($sfemme?'Chère':'Cher')." $sprenom,\n\n"
                 . "Nous t'écrivons pour t'informer que $prenom $nom (X$promo), "
                 . "que tu avais incité".($femme?'e':'')." à s'inscrire à Polytechnique.org, "
                 . "vient à l'instant de terminer son inscription.\n\n"
                 . "Merci de ta participation active à la reconnaissance de ce site !!!\n\n"
                 . "Bien cordialement,\n"
                 . "L'équipe Polytechnique.org";
            $mymail->setTxtBody(wordwrap($msg, 72));
            $mymail->send();
        }

        /**** send a mail to X.org administrators ****/
        if ($globals->register->notif) {
            $mymail = new PlMailer();
            $mymail->setSubject("Inscription de $prenom $nom (X$promo)");
            $mymail->setFrom('"Webmaster Polytechnique.org" <web@' . $globals->mail->domain . '>');
            $mymail->addTo($globals->register->notif);
            $mymail->addHeader('Reply-To', $globals->register->notif);
            $msg = "$prenom $nom (X$promo) a terminé son inscription avec les données suivantes :\n"
                 . " - nom       : $nom\n"
                 . " - prenom    : $prenom\n"
                 . " - promo     : $promo\n"
                 . " - naissance : $naissance (date connue : $naiss_ini)\n"
                 . " - forlife   : $forlife\n"
                 . " - email     : $email\n"
                 . " - sexe      : $femme\n"
                 . " - ip        : " . S::logger()->ip . " (" . S::logger()->host . ")\n"
                 . (S::logger()->proxy_ip ? " - proxy     : " . S::logger()->proxy_ip . " (" . S::logger()->proxy_host . ")\n" : "")
                 . "\n\n";
            if (count($market) > 0) {
                $msg .= "Les marketings suivants avaient été effectués :\n"
                     . implode("\n", $market);
            } else {
                $msg .= "$prenom $nom n'a jamais reçu d'email de marketing.";
            }
            $mymail->setTxtBody($msg);
            $mymail->send();
        }

        Marketing::clear($uid);

        pl_redirect('register/success');
        $page->assign('uid', $uid);
    }

    function handler_success(&$page)
    {
        global $globals;
        $page->changeTpl('register/success.tpl');
        $page->assign('user', S::user());

        $_SESSION['sub_state'] = array('step' => 5);
        if (Env::has('response2'))  {
            $_SESSION['password'] = $password = Post::v('response2');

            XDB::execute('UPDATE auth_user_md5 SET password={?}
                                     WHERE user_id={?}', $password,
                                   S::v('uid'));

            // If GoogleApps is enabled, and the user did choose to use synchronized passwords,
            // and if the (stupid) user has decided to use /register/success another time,
            // updates the Google Apps password as well.
            if ($globals->mailstorage->googleapps_domain) {
                require_once 'googleapps.inc.php';
                $account = new GoogleAppsAccount(S::user());
                if ($account->active() && $account->sync_password) {
                    $account->set_password($password);
                }
            }

            S::logger()->log('passwd');
            Platal::session()->setAccessCookie(true);

            $page->assign('mdpok', true);
        }

        $res = XDB::iterRow("SELECT  sub, domain
                               FROM  register_subs
                              WHERE  uid = {?} AND type = 'list'
                           ORDER BY  domain",
                            S::i('uid'));
        $current_domain = null;
        $lists = array();
        while (list($sub, $domain) = $res->next()) {
            if ($current_domain != $domain) {
                $current_domain = $domain;
                $client = new MMList(S::v('uid'), S::v('password'), $domain);
            }
            list($details, ) = $client->get_members($sub);
            $lists["$sub@$domain"] = $details;
        }
        $page->assign_by_ref('lists', $lists);

        $page->addJsLink('motdepasse.js');
    }

    function handler_save(&$page)
    {
        global $globals;

        // Finish registration procedure
        if (Post::v('register_from_ax_question')) {
            XDB::execute('UPDATE auth_user_quick
                                     SET profile_from_ax = 1
                                   WHERE user_id = {?}',
                                 S::v('uid'));
        }
        if (Post::v('add_to_nl')) {
            require_once 'newsletter.inc.php';
            NewsLetter::subscribe();
        }
        if (Post::v('add_to_ax')) {
            Platal::load('axletter', 'axletter.inc.php');
            AXLetter::subscribe();
        }
        if (Post::v('add_to_promo')) {
            $r = XDB::query('SELECT id FROM groupex.asso WHERE diminutif = {?}',
                S::v('promo'));
            $asso_id = $r->fetchOneCell();
            XDB::execute('REPLACE INTO groupex.membres (uid,asso_id)
                                     VALUES ({?}, {?})',
                                 S::v('uid'), $asso_id);
            $mmlist = new MMList(S::v('uid'), S::v('password'));
            $mmlist->subscribe("promo".S::v('promo'));
        }
        if (Post::v('sub_ml')) {
            $subs = array_keys(Post::v('sub_ml'));
            $current_domain = null;
            foreach ($subs as $list) {
                list($sub, $domain) = explode('@', $list);
                if ($domain != $current_domain) {
                    $current_domain = $domain;
                    $client = new MMList(S::v('uid'), S::v('password'), $domain);
                }
                $client->subscribe($sub);
            }
        }
        if (Post::v('imap')) {
            require_once 'emails.inc.php';
            $user = S::user();
            $storage = new EmailStorage($user, 'imap');
            $storage->activate();
        }

        pl_redirect('profile/edit');
    }
}

// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
?>
Commit	Line	Data
f59bc2fb	1	<?php
f59bc2fb	2	/***************************************************************************
8d84c630	3	* Copyright (C) 2003-2009 Polytechnique.org *
f59bc2fb	4	* http://opensource.polytechnique.org/ *
	5	* *
	6	* This program is free software; you can redistribute it and/or modify *
	7	* it under the terms of the GNU General Public License as published by *
	8	* the Free Software Foundation; either version 2 of the License, or *
	9	* (at your option) any later version. *
	10	* *
	11	* This program is distributed in the hope that it will be useful, *
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
	14	* GNU General Public License for more details. *
	15	* *
	16	* You should have received a copy of the GNU General Public License *
	17	* along with this program; if not, write to the Free Software *
	18	* Foundation, Inc., *
	19	* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
	20	***************************************************************************/
	21
	22	class RegisterModule extends PLModule
	23	{
	24	function handlers()
	25	{
	26	return array(
20d90835	27	'register' => $this->make_hook('register', AUTH_PUBLIC),
20d90835	28	'register/end' => $this->make_hook('end', AUTH_PUBLIC),
2b6d403c	29	'register/end.php' => $this->make_hook('end_old', AUTH_PUBLIC),
f59bc2fb	30	'register/success' => $this->make_hook('success', AUTH_MDP),
97a0a459	31	'register/save' => $this->make_hook('save', AUTH_MDP),
f59bc2fb	32	);
	33	}
	34
20d90835	35	function handler_register(&$page, $hash = null)
f59bc2fb	36	{
5480a216	37	$alert = null;
cab08090	38	$sub_state = S::v('sub_state', Array());
f59bc2fb	39	if (!isset($sub_state['step'])) {
	40	$sub_state['step'] = 0;
	41	}
2efe5355	42	if (!isset($sub_state['backs'])) {
	43	$sub_state['backs'] = array();
	44	}
5e2307dc	45	if (Get::has('back') && Get::i('back') < $sub_state['step']) {
5e2307dc	46	$sub_state['step'] = max(0,Get::i('back'));
2efe5355	47	$state = $sub_state;
	48	unset($state['backs']);
	49	$sub_state['backs'][] = $state;
	50	if (count($sub_state['backs']) == 3) {
	51	$alert .= "Tentative d'inscription tres hesitante - ";
eaf30d86	52	}
f59bc2fb	53	}
f59bc2fb	54
2b6d403c	55	// Compatibility with old sources, keep it atm
2b6d403c	56	if (!$hash && Env::has('hash')) {
5e2307dc	57	$hash = Env::v('hash');
2b6d403c	58	}
2b6d403c	59
20d90835	60	if ($hash) {
08cce2ff	61	$res = XDB::query(
ecc734a5	62	"SELECT m.uid, u.promo, u.nom, u.prenom, u.matricule, u.naissance_ini, FIND_IN_SET('watch', u.flags)
f59bc2fb	63	FROM register_marketing AS m
f59bc2fb	64	INNER JOIN auth_user_md5 AS u ON u.user_id = m.uid
20d90835	65	WHERE m.hash={?}", $hash);
ecc734a5	66	if (list($uid, $promo, $nom, $prenom, $ourmat, $naiss, $watch) = $res->fetchOneRow()) {
f59bc2fb	67	$sub_state['uid'] = $uid;
20d90835	68	$sub_state['hash'] = $hash;
f59bc2fb	69	$sub_state['promo'] = $promo;
	70	$sub_state['nom'] = $nom;
	71	$sub_state['prenom'] = $prenom;
	72	$sub_state['ourmat'] = $ourmat;
eaf30d86	73	$sub_state['watch'] = $watch;
ecc734a5	74	$sub_state['naissance_ini'] = $naiss;
f59bc2fb	75
08cce2ff	76	XDB::execute(
f59bc2fb	77	"REPLACE INTO register_mstats (uid,sender,success)
	78	SELECT m.uid, m.sender, 0
	79	FROM register_marketing AS m
	80	WHERE m.hash", $sub_state['hash']);
	81	}
	82	}
	83
	84	switch ($sub_state['step']) {
	85	case 0:
8f201b69 FB	86	$wp = new PlWikiPage('Reference.Charte');
8f201b69 FB	87	$wp->buildCache();
f59bc2fb	88	if (Post::has('step1')) {
	89	$sub_state['step'] = 1;
	90	if (isset($sub_state['hash'])) {
	91	$sub_state['step'] = 3;
460d8f55	92	$this->load('register.inc.php');
f59bc2fb	93	create_aliases($sub_state);
	94	}
	95	}
	96	break;
	97
	98	case 1:
	99	if (Post::has('promo')) {
5e2307dc	100	$promo = Post::i('promo');
a41bf2f8	101	$res = XDB::query("SELECT COUNT(*)
	102	FROM auth_user_md5
	103	WHERE perms='pending' AND deces = '0000-00-00'
	104	AND promo = {?}",
	105	$promo);
	106	if (!$res->fetchOneCell()) {
	107	$err = "La promotion saisie est incorrecte ou tous les camardes de cette promo sont inscrits !";
f59bc2fb	108	} else {
	109	$sub_state['step'] = 2;
	110	$sub_state['promo'] = $promo;
	111	if ($promo >= 1996 && $promo<2000) {
	112	$sub_state['mat'] = ($promo % 100)*10 . '???';
	113	} elseif($promo >= 2000) {
	114	$sub_state['mat'] = 100 + ($promo % 100) . '???';
	115	}
	116	}
	117	}
	118	break;
	119
	120	case 2:
	121	if (count($_POST)) {
460d8f55	122	$this->load('register.inc.php');
5e2307dc	123	$sub_state['prenom'] = Post::v('prenom');
	124	$sub_state['nom'] = Post::v('nom');
	125	$sub_state['mat'] = Post::v('mat');
f59bc2fb	126	$err = check_new_user($sub_state);
	127
	128	if ($err !== true) { break; }
	129	$err = create_aliases($sub_state);
	130	if ($err === true) {
	131	unset($err);
	132	$sub_state['step'] = 3;
	133	}
	134	}
	135	break;
	136
	137	case 3:
	138	if (count($_POST)) {
460d8f55	139	$this->load('register.inc.php');
c6310567	140	require_once 'emails.inc.php';
5e2307dc	141	if (!isvalid_email(Post::v('email'))) {
f59bc2fb	142	$err[] = "Le champ 'E-mail' n'est pas valide.";
5e2307dc	143	} elseif (!isvalid_email_redirection(Post::v('email'))) {
f59bc2fb	144	$err[] = $sub_state['forlife']." doit renvoyer vers un email existant ".
a7de4ef7	145	"valide, en particulier, il ne peut pas être renvoyé vers lui-même.";
f59bc2fb	146	}
1970c12b	147	$birth = trim(Env::v('naissance'));
12e5d7a6	148	if (!preg_match('@^[0-3]?\d/[01]?\d/(19\|20)?\d{2}$@', $birth)) {
f59bc2fb	149	$err[] = "La 'Date de naissance' n'est pas correcte.";
35cd1be1	150	} else {
12e5d7a6	151	$birth = explode('/', $birth, 3);
7caaaf6d AA	152	for ($i = 0; $i < 3; $i++)
	153	$birth[$i] = intval($birth[$i]);
	154	if ($birth[2] < 100) $birth[2] += 1900;
	155	$year = $birth[2];
35cd1be1	156	$promo = (int)$sub_state['promo'];
	157	if ($year > $promo - 15 \|\| $year < $promo - 30) {
	158	$err[] = "La 'Date de naissance' n'est pas correcte.";
5480a216	159	$alert = "Date de naissance incorrecte a l'inscription - ";
fb5d164e	160	$sub_state['wrong_naissance'] = $birth;
35cd1be1	161	}
f59bc2fb	162	}
f59bc2fb	163
bf273d6a	164	// Check if the given email is known as dangerous
15836cdd FB	165	$res = XDB::query("SELECT w.state, w.description
	166	FROM emails_watch AS w
	167	WHERE w.email = {?} AND w.state != 'safe'",
	168	Post::v('email'));
706ed3ef	169	$email_banned = false;
15836cdd FB	170	if ($res->numRows()) {
	171	list($state, $description) = $res->fetchOneRow();
	172	$alert .= "Email surveille propose a l'inscription - ";
	173	$sub_state['email_desc'] = $description;
706ed3ef FB	174	if ($state == 'dangerous') {
	175	$email_banned = true;
	176	}
5480a216	177	}
0be07aa6	178	if ($sub_state['watch']) {
4653799f	179	$alert .= "Inscription d'un utilisateur surveillé - ";
0be07aa6	180	}
5480a216	181
	182	if (check_ip('unsafe')) {
	183	unset($err);
bf273d6a	184	}
bf273d6a	185
f59bc2fb	186	if (isset($err)) {
	187	$err = join('<br />', $err);
	188	} else {
12e5d7a6 FB	189	$sub_state['naissance'] = sprintf("%04d-%02d-%02d",
12e5d7a6 FB	190	intval($birth[2]), intval($birth[1]), intval($birth[0]));
ecc734a5	191	if ($sub_state['naissance_ini'] != '0000-00-00' && $sub_state['naissance'] != $sub_state['naissance_ini']) {
	192	$alert .= "Date de naissance incorrecte à l'inscription - ";
	193	}
5e2307dc	194	$sub_state['email'] = Post::v('email');
706ed3ef FB	195	$ip_banned = check_ip('unsafe');
	196	if ($ip_banned) {
	197	$alert .= "Tentative d'inscription depuis une IP surveillee";
	198	}
	199	if ($email_banned \|\| $ip_banned) {
115c90db	200	global $globals;
5480a216	201	$err = "Une erreur s'est produite lors de l'inscription."
1d55fe45	202	. " Merci de contacter <a href='mailto:register@{$globals->mail->domain}>"
1d55fe45	203	. " register@{$globals->mail->domain}</a>"
5480a216	204	. " pour nous faire part de cette erreur";
5480a216	205	} else {
5480a216	206	$sub_state['step'] = 4;
9fc2d0d2	207	if (count($sub_state['backs']) >= 3) {
a7de4ef7	208	$alert .= "Fin d'une inscription hésitante";
2efe5355	209	}
5480a216	210	finish_ins($sub_state);
5480a216	211	}
bf273d6a	212	}
f59bc2fb	213	}
	214	break;
	215	}
	216
	217	$_SESSION['sub_state'] = $sub_state;
4653799f	218	if (!empty($alert)) {
5480a216	219	send_warning_mail($alert);
5480a216	220	}
a41bf2f8	221	$page->changeTpl('register/step'.intval($sub_state['step']).'.tpl');
f59bc2fb	222	if (isset($err)) {
a7d35093	223	$page->trigError($err);
f59bc2fb	224	}
f59bc2fb	225	}
f59bc2fb	226
2b6d403c	227	function handler_end_old(&$page)
2b6d403c	228	{
5e2307dc	229	return $this->handler_end($page, Env::v('hash'));
2b6d403c	230	}
2b6d403c	231
f59bc2fb	232	function handler_end(&$page, $hash = null)
	233	{
	234	global $globals;
	235
ecc734a5	236
f59bc2fb	237	$page->changeTpl('register/end.tpl');
a41bf2f8	238	$_SESSION['sub_state'] = array('step' => 5);
ecc734a5	239
	240	if (check_ip('unsafe')) {
	241	send_warning_mail('Une IP surveillée a tenté de finaliser son inscription');
	242	XDB::execute('DELETE FROM register_pending
	243	WHERE hash = {?} AND hash != \'INSCRIT\'', $hash);
	244	return PL_FORBIDDEN;
	245	}
	246
f59bc2fb	247	require_once('user.func.inc.php');
	248
	249	if ($hash) {
08cce2ff	250	$res = XDB::query(
f59bc2fb	251	"SELECT r.uid, r.forlife, r.bestalias, r.mailorg2,
f59bc2fb	252	r.password, r.email, r.naissance, u.nom, u.prenom,
ecc734a5	253	u.promo, FIND_IN_SET('femme', u.flags), u.naissance_ini
f59bc2fb	254	FROM register_pending AS r
f59bc2fb	255	INNER JOIN auth_user_md5 AS u ON r.uid = u.user_id
20d90835	256	WHERE hash={?} AND hash!='INSCRIT'", $hash);
f59bc2fb	257	}
	258
	259	if (!$hash \|\| !list($uid, $forlife, $bestalias, $mailorg2, $password, $email,
ecc734a5	260	$naissance, $nom, $prenom, $promo, $femme, $naiss_ini) = $res->fetchOneRow())
f59bc2fb	261	{
	262	$page->kill("<p>Cette adresse n'existe pas, ou plus, sur le serveur.</p>
	263	<p>Causes probables :</p>
	264	<ol>
a7de4ef7	265	<li>Vérifie que tu visites l'adresse du dernier
	266	e-mail reçu s'il y en a eu plusieurs.</li>
	267	<li>Tu as peut-être mal copié l'adresse reçue par
	268	mail, vérifie-la à la main.</li>
	269	<li>Tu as peut-être attendu trop longtemps pour
	270	confirmer. Les pré-inscriptions sont annulées
f59bc2fb	271	tous les 30 jours.</li>
a7de4ef7	272	<li>Tu es en fait déjà inscrit.</li>
f59bc2fb	273	</ol>");
	274	}
	275
	276
	277
	278	/***********************************************************/
	279	/**************** REALLY CREATE ACCOUNT ****************/
	280	/***********************************************************/
	281
08cce2ff	282	XDB::execute('UPDATE auth_user_md5
f59bc2fb	283	SET password={?}, perms="user",
	284	date=NOW(), naissance={?}, date_ins = NOW()
	285	WHERE user_id={?}', $password, $naissance, $uid);
08cce2ff	286	XDB::execute('REPLACE INTO auth_user_quick (user_id) VALUES ({?})', $uid);
08cce2ff	287	XDB::execute('INSERT INTO aliases (id,alias,type)
f59bc2fb	288	VALUES ({?}, {?}, "a_vie")', $uid,
f59bc2fb	289	$forlife);
08cce2ff	290	XDB::execute('INSERT INTO aliases (id,alias,type,flags)
f59bc2fb	291	VALUES ({?}, {?}, "alias", "bestalias")',
	292	$uid, $bestalias);
	293	if ($mailorg2) {
08cce2ff	294	XDB::execute('INSERT INTO aliases (id,alias,type)
f59bc2fb	295	VALUES ({?}, {?}, "alias")', $uid,
	296	$mailorg2);
	297	}
	298
	299	require_once('emails.inc.php');
12a587df VZ	300	$user = User::getSilent($uid);
12a587df VZ	301	$redirect = new Redirect($user);
f59bc2fb	302	$redirect->add_email($email);
	303
	304	// on cree un objet logger et on log l'inscription
03c0a3a7	305	S::logger($uid)->log('inscription', $email);
08cce2ff	306	XDB::execute('UPDATE register_pending SET hash="INSCRIT" WHERE uid={?}', $uid);
f59bc2fb	307
f59bc2fb	308
1e33266a	309	$mymail = new PlMailer('register/inscription.reussie.tpl');
f59bc2fb	310	$mymail->assign('forlife', $forlife);
	311	$mymail->assign('prenom', $prenom);
	312	$mymail->send();
	313
03c0a3a7	314	// Enable search on the user
2a54eb4d	315	require_once('user.func.inc.php');
	316	user_reindex($uid);
	317
03c0a3a7 FB	318	// Add notification for people looking for this registration
	319	require_once 'notifs.inc.php';
	320	register_watch_op($uid, WATCH_INSCR);
	321	inscription_notifs_base($uid);
	322
	323	// Default registration on forums
	324	$p_for = 'xorg.promo.x' . $promo;
	325	$cible = array('xorg.general', 'xorg.pa.divers', 'xorg.pa.logements', $p_for);
	326	foreach ($cible as $val) {
	327	XDB::execute("INSERT INTO forums.abos (fid,uid)
	328	SELECT fid, {?} FROM forums.list WHERE nom={?}", $uid, $val);
	329	if (XDB::affectedRows() == 0 && $val == $p_for) {
	330	$res = XDB::query("SELECT SUM(perms IN ('admin','user') AND deces = 0), COUNT(*)
	331	FROM auth_user_md5
	332	WHERE promo = {?}", $promo);
	333	list($effau, $effid) = $res->fetchOneRow();
	334	if (5 * $effau > $effid) { // +
	335	$mymail = new PlMailer('admin/forums-promo.mail.tpl');
	336	$mymail->assign('promo', $promo);
	337	$mymail->send();
	338	}
	339	}
	340	}
	341
b5dd6f2f	342	// update number of subscribers (perms has changed)
ebfdf077	343	$globals->updateNbIns();
b5dd6f2f	344
edc55095	345	if (!Platal::session()->startWeakSession($uid)) {
5480a216	346	return PL_FORBIDDEN;
5480a216	347	}
f59bc2fb	348
f59bc2fb	349	/***********************************************************/
a7de4ef7	350	/*********** envoi d'un mail au démarcheur *************/
f59bc2fb	351	/***********************************************************/
08cce2ff	352	$res = XDB::iterRow(
ebb129a4 FB	353	"SELECT sa.alias, IF(s.nom_usage,s.nom_usage,s.nom) AS nom,
ebb129a4 FB	354	s.prenom, FIND_IN_SET('femme', s.flags) AS femme,
381a3df0	355	GROUP_CONCAT(m.email) AS mails, MAX(m.last) AS dateDernier
f59bc2fb	356	FROM register_marketing AS m
	357	INNER JOIN auth_user_md5 AS s ON ( m.sender = s.user_id )
	358	INNER JOIN aliases AS sa ON ( sa.id = m.sender
	359	AND FIND_IN_SET('bestalias', sa.flags) )
ebb129a4	360	WHERE m.uid = {?}
38acbdf3 BFPC	361	GROUP BY m.sender
38acbdf3 BFPC	362	ORDER BY dateDernier DESC", $uid);
08cce2ff	363	XDB::execute("UPDATE register_mstats SET success=NOW() WHERE uid={?}", $uid);
f59bc2fb	364
ebb129a4	365	$market = array();
381a3df0 OLF	366	while (list($salias, $snom, $sprenom, $sfemme, $mails, $dateDernier) = $res->next()) {
381a3df0 OLF	367	$market[] = " - par $snom $sprenom sur $mails (le plus récemment le $dateDernier)";
1e33266a	368	$mymail = new PlMailer();
a7de4ef7	369	$mymail->setSubject("$prenom $nom s'est inscrit à Polytechnique.org !");
1d55fe45	370	$mymail->setFrom('"Marketing Polytechnique.org" <register@' . $globals->mail->domain . '>');
f59bc2fb	371	$mymail->addTo("\"$sprenom $snom\" <$salias@{$globals->mail->domain}>");
a7de4ef7	372	$msg = ($sfemme?'Chère':'Cher')." $sprenom,\n\n"
ecc734a5	373	. "Nous t'écrivons pour t'informer que $prenom $nom (X$promo), "
a7de4ef7	374	. "que tu avais incité".($femme?'e':'')." à s'inscrire à Polytechnique.org, "
	375	. "vient à l'instant de terminer son inscription.\n\n"
	376	. "Merci de ta participation active à la reconnaissance de ce site !!!\n\n"
f59bc2fb	377	. "Bien cordialement,\n"
a7de4ef7	378	. "L'équipe Polytechnique.org";
f59bc2fb	379	$mymail->setTxtBody(wordwrap($msg, 72));
	380	$mymail->send();
	381	}
5f5f0eb5	382
5f5f0eb5	383	/** send a mail to X.org administrators **/
9812efa0	384	if ($globals->register->notif) {
	385	$mymail = new PlMailer();
	386	$mymail->setSubject("Inscription de $prenom $nom (X$promo)");
1d55fe45	387	$mymail->setFrom('"Webmaster Polytechnique.org" <web@' . $globals->mail->domain . '>');
9812efa0	388	$mymail->addTo($globals->register->notif);
280c6e4d	389	$mymail->addHeader('Reply-To', $globals->register->notif);
a7de4ef7	390	$msg = "$prenom $nom (X$promo) a terminé son inscription avec les données suivantes :\n"
9812efa0	391	. " - nom : $nom\n"
	392	. " - prenom : $prenom\n"
	393	. " - promo : $promo\n"
ecc734a5	394	. " - naissance : $naissance (date connue : $naiss_ini)\n"
9812efa0	395	. " - forlife : $forlife\n"
9812efa0	396	. " - email : $email\n"
5f5f0eb5	397	. " - sexe : $femme\n"
edc55095 FB	398	. " - ip : " . S::logger()->ip . " (" . S::logger()->host . ")\n"
edc55095 FB	399	. (S::logger()->proxy_ip ? " - proxy : " . S::logger()->proxy_ip . " (" . S::logger()->proxy_host . ")\n" : "")
defff1aa SJ	400	. "\n\n";
	401	if (count($market) > 0) {
	402	$msg .= "Les marketings suivants avaient été effectués :\n"
	403	. implode("\n", $market);
	404	} else {
8f794f88	405	$msg .= "$prenom $nom n'a jamais reçu d'email de marketing.";
defff1aa	406	}
9812efa0	407	$mymail->setTxtBody($msg);
eaf30d86	408	$mymail->send();
9812efa0	409	}
f59bc2fb	410
e654517d	411	Marketing::clear($uid);
f59bc2fb	412
8b00e0e0	413	pl_redirect('register/success');
f59bc2fb	414	$page->assign('uid', $uid);
f59bc2fb	415	}
	416
	417	function handler_success(&$page)
	418	{
84270653	419	global $globals;
f59bc2fb	420	$page->changeTpl('register/success.tpl');
7912097e	421	$page->assign('user', S::user());
f59bc2fb	422
a41bf2f8	423	$_SESSION['sub_state'] = array('step' => 5);
f59bc2fb	424	if (Env::has('response2')) {
5e2307dc	425	$_SESSION['password'] = $password = Post::v('response2');
f59bc2fb	426
08cce2ff	427	XDB::execute('UPDATE auth_user_md5 SET password={?}
f59bc2fb	428	WHERE user_id={?}', $password,
cab08090	429	S::v('uid'));
f59bc2fb	430
84270653	431	// If GoogleApps is enabled, and the user did choose to use synchronized passwords,
d56cb887	432	// and if the (stupid) user has decided to use /register/success another time,
84270653 VZ	433	// updates the Google Apps password as well.
	434	if ($globals->mailstorage->googleapps_domain) {
	435	require_once 'googleapps.inc.php';
d56cb887	436	$account = new GoogleAppsAccount(S::user());
f5c4bf30	437	if ($account->active() && $account->sync_password) {
84270653 VZ	438	$account->set_password($password);
	439	}
	440	}
	441
604dfd58 FB	442	S::logger()->log('passwd');
604dfd58 FB	443	Platal::session()->setAccessCookie(true);
f59bc2fb	444
	445	$page->assign('mdpok', true);
	446	}
	447
0baf0741	448	$res = XDB::iterRow("SELECT sub, domain
	449	FROM register_subs
	450	WHERE uid = {?} AND type = 'list'
	451	ORDER BY domain",
	452	S::i('uid'));
	453	$current_domain = null;
	454	$lists = array();
	455	while (list($sub, $domain) = $res->next()) {
	456	if ($current_domain != $domain) {
	457	$current_domain = $domain;
	458	$client = new MMList(S::v('uid'), S::v('password'), $domain);
	459	}
	460	list($details, ) = $client->get_members($sub);
	461	$lists["$sub@$domain"] = $details;
	462	}
	463	$page->assign_by_ref('lists', $lists);
	464
c99ef281	465	$page->addJsLink('motdepasse.js');
f59bc2fb	466	}
97a0a459 FB	467
	468	function handler_save(&$page)
	469	{
	470	global $globals;
	471
	472	// Finish registration procedure
	473	if (Post::v('register_from_ax_question')) {
	474	XDB::execute('UPDATE auth_user_quick
	475	SET profile_from_ax = 1
	476	WHERE user_id = {?}',
	477	S::v('uid'));
	478	}
	479	if (Post::v('add_to_nl')) {
	480	require_once 'newsletter.inc.php';
	481	NewsLetter::subscribe();
	482	}
	483	if (Post::v('add_to_ax')) {
adb07f6f	484	Platal::load('axletter', 'axletter.inc.php');
97a0a459 FB	485	AXLetter::subscribe();
	486	}
	487	if (Post::v('add_to_promo')) {
	488	$r = XDB::query('SELECT id FROM groupex.asso WHERE diminutif = {?}',
	489	S::v('promo'));
	490	$asso_id = $r->fetchOneCell();
	491	XDB::execute('REPLACE INTO groupex.membres (uid,asso_id)
	492	VALUES ({?}, {?})',
	493	S::v('uid'), $asso_id);
	494	$mmlist = new MMList(S::v('uid'), S::v('password'));
	495	$mmlist->subscribe("promo".S::v('promo'));
	496	}
	497	if (Post::v('sub_ml')) {
	498	$subs = array_keys(Post::v('sub_ml'));
	499	$current_domain = null;
	500	foreach ($subs as $list) {
	501	list($sub, $domain) = explode('@', $list);
	502	if ($domain != $current_domain) {
	503	$current_domain = $domain;
	504	$client = new MMList(S::v('uid'), S::v('password'), $domain);
	505	}
	506	$client->subscribe($sub);
	507	}
	508	}
b9fe731c VZ	509	if (Post::v('imap')) {
b9fe731c VZ	510	require_once 'emails.inc.php';
edc55095 FB	511	$user = S::user();
edc55095 FB	512	$storage = new EmailStorage($user, 'imap');
94c6c788	513	$storage->activate();
b9fe731c	514	}
97a0a459 FB	515
	516	pl_redirect('profile/edit');
	517	}
f59bc2fb	518	}
f59bc2fb	519
a7de4ef7	520	// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
f59bc2fb	521	?>