Commit | Line | Data |
---|---|---|
bd4be95d | 1 | <?php |
2 | /*************************************************************************** | |
5e1513f6 | 3 | * Copyright (C) 2003-2011 Polytechnique.org * |
bd4be95d | 4 | * http://opensource.polytechnique.org/ * |
5 | * * | |
6 | * This program is free software; you can redistribute it and/or modify * | |
7 | * it under the terms of the GNU General Public License as published by * | |
8 | * the Free Software Foundation; either version 2 of the License, or * | |
9 | * (at your option) any later version. * | |
10 | * * | |
11 | * This program is distributed in the hope that it will be useful, * | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * | |
14 | * GNU General Public License for more details. * | |
15 | * * | |
16 | * You should have received a copy of the GNU General Public License * | |
17 | * along with this program; if not, write to the Free Software * | |
18 | * Foundation, Inc., * | |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * | |
20 | ***************************************************************************/ | |
21 | ||
22 | class XnetModule extends PLModule | |
23 | { | |
24 | function handlers() | |
25 | { | |
26 | return array( | |
020c8ed0 SJ |
27 | 'index' => $this->make_hook('index', AUTH_PUBLIC), |
28 | 'exit' => $this->make_hook('exit', AUTH_PUBLIC), | |
71fe935c | 29 | |
020c8ed0 SJ |
30 | 'admin' => $this->make_hook('admin', AUTH_MDP, 'admin'), |
31 | 'groups' => $this->make_hook('groups', AUTH_PUBLIC), | |
32 | 'groupes.php' => $this->make_hook('groups2', AUTH_PUBLIC), | |
33 | 'plan' => $this->make_hook('plan', AUTH_PUBLIC), | |
34 | 'photo' => $this->make_hook('photo', AUTH_MDP), | |
35 | 'autologin' => $this->make_hook('autologin', AUTH_MDP), | |
3c64137d | 36 | 'login/ext' => $this->make_hook('login_ext', AUTH_PUBLIC), |
b80cbf0d | 37 | 'register/ext' => $this->make_hook('register_ext', AUTH_PUBLIC), |
f15d1307 | 38 | 'edit' => $this->make_hook('edit', AUTH_MDP, 'user'), |
6d69b527 FB |
39 | |
40 | 'Xnet' => $this->make_wiki_hook(), | |
bd4be95d | 41 | ); |
42 | } | |
43 | ||
26ba053e | 44 | function handler_photo($page, $x = null) |
deb09f59 | 45 | { |
706f830d | 46 | if (!$x || !($profile = Profile::get($x))) { |
deb09f59 | 47 | return PL_NOT_FOUND; |
48 | } | |
49 | ||
706f830d | 50 | // Retrieve the photo and its mime type. |
470d14f6 | 51 | $photo = $profile->getPhoto(true, true); |
deb09f59 | 52 | |
706f830d FB |
53 | // Display the photo, or a default one when not available. |
54 | $photo->send(); | |
deb09f59 | 55 | } |
eaf30d86 | 56 | |
26ba053e | 57 | function handler_index($page) |
bd4be95d | 58 | { |
d83a1b04 | 59 | $page->nomenu = true; |
bd4be95d | 60 | $page->changeTpl('xnet/index.tpl'); |
bd4be95d | 61 | } |
badfc7ee | 62 | |
26ba053e | 63 | function handler_exit($page) |
71fe935c | 64 | { |
ab694eb5 FB |
65 | Platal::session()->stopSUID(); |
66 | Platal::session()->destroy(); | |
b8e265bf | 67 | $page->changeTpl('xnet/deconnexion.tpl'); |
71fe935c | 68 | } |
69 | ||
26ba053e | 70 | function handler_admin($page) |
d55888e6 | 71 | { |
1490093c | 72 | $page->changeTpl('xnet/admin.tpl'); |
d55888e6 | 73 | |
74 | if (Get::has('del')) { | |
08cce2ff | 75 | $res = XDB::query('SELECT id, nom, mail_domain |
eb41eda9 | 76 | FROM groups WHERE diminutif={?}', |
5e2307dc | 77 | Get::v('del')); |
d55888e6 | 78 | list($id, $nom, $domain) = $res->fetchOneRow(); |
79 | $page->assign('nom', $nom); | |
40d428d8 VZ |
80 | if ($id && Post::has('del')) { |
81 | S::assert_xsrf_token(); | |
82 | ||
eb41eda9 | 83 | XDB::query('DELETE FROM group_members WHERE asso_id={?}', $id); |
a7d35093 | 84 | $page->trigSuccess('membres supprimés'); |
d55888e6 | 85 | |
86 | if ($domain) { | |
831aa467 SJ |
87 | XDB::execute('DELETE v |
88 | FROM email_virtual AS v | |
89 | INNER JOIN email_virtual_domains AS d ON (v.domain = d.id) | |
90 | WHERE d.name = {?}', | |
91 | $domain); | |
92 | XDB::execute('DELETE FROM email_virtual_domains | |
93 | WHERE name = {?}', $domain); | |
a7d35093 | 94 | $page->trigSuccess('suppression des alias mails'); |
d55888e6 | 95 | |
9bb8bf21 | 96 | $mmlist = new MMList(S::v('uid'), S::v('password'), $domain); |
97 | if ($listes = $mmlist->get_lists()) { | |
d55888e6 | 98 | foreach ($listes as $l) { |
9bb8bf21 | 99 | $mmlist->delete_list($l['list'], true); |
d55888e6 | 100 | } |
a7d35093 | 101 | $page->trigSuccess('mail lists surpprimées'); |
d55888e6 | 102 | } |
103 | } | |
104 | ||
eb41eda9 | 105 | XDB::query('DELETE FROM groups WHERE id={?}', $id); |
a7d35093 | 106 | $page->trigSuccess("Groupe $nom supprimé"); |
d55888e6 | 107 | Get::kill('del'); |
108 | } | |
109 | if (!$id) { | |
110 | Get::kill('del'); | |
111 | } | |
112 | } | |
113 | ||
8d11b755 | 114 | if (Post::has('diminutif') && Post::v('diminutif') != "") { |
40d428d8 VZ |
115 | S::assert_xsrf_token(); |
116 | ||
3af5a31e | 117 | $res = XDB::query('SELECT COUNT(*) |
eb41eda9 | 118 | FROM groups |
3af5a31e SJ |
119 | WHERE diminutif = {?}', |
120 | Post::v('diminutif')); | |
121 | ||
122 | if ($res->fetchOneCell() == 0) { | |
eb41eda9 | 123 | XDB::execute('INSERT INTO groups (id, diminutif) |
3af5a31e SJ |
124 | VALUES (NULL, {?})', |
125 | Post::v('diminutif')); | |
fc4714d6 | 126 | pl_redirect(Post::v('diminutif') . '/edit'); |
3af5a31e SJ |
127 | } else { |
128 | $page->trigError('Le diminutif demandé est déjà pris.'); | |
129 | } | |
d55888e6 | 130 | } |
131 | ||
3af5a31e | 132 | $res = XDB::query('SELECT nom, diminutif |
eb41eda9 | 133 | FROM groups |
3af5a31e | 134 | ORDER BY nom'); |
d55888e6 | 135 | $page->assign('assos', $res->fetchAllAssoc()); |
136 | } | |
137 | ||
26ba053e | 138 | function handler_plan($page) |
71fe935c | 139 | { |
71fe935c | 140 | $page->changeTpl('xnet/plan.tpl'); |
141 | ||
142 | $page->setType('plan'); | |
143 | ||
08cce2ff | 144 | $res = XDB::iterator( |
e1406965 FB |
145 | 'SELECT dom.id, dom.nom as domnom, groups.diminutif, groups.nom |
146 | FROM group_dom AS dom | |
147 | INNER JOIN groups ON dom.id = groups.dom | |
148 | WHERE FIND_IN_SET("GroupesX", dom.cat) AND FIND_IN_SET("GroupesX", groups.cat) | |
149 | ORDER BY dom.nom, groups.nom'); | |
71fe935c | 150 | $groupesx = array(); |
151 | while ($tmp = $res->next()) { $groupesx[$tmp['id']][] = $tmp; } | |
152 | $page->assign('groupesx', $groupesx); | |
153 | ||
08cce2ff | 154 | $res = XDB::iterator( |
e1406965 FB |
155 | 'SELECT dom.id, dom.nom as domnom, groups.diminutif, groups.nom |
156 | FROM group_dom AS dom | |
157 | INNER JOIN groups ON dom.id = groups.dom | |
158 | WHERE FIND_IN_SET("Binets", dom.cat) AND FIND_IN_SET("Binets", groups.cat) | |
159 | ORDER BY dom.nom, groups.nom'); | |
71fe935c | 160 | $binets = array(); |
161 | while ($tmp = $res->next()) { $binets[$tmp['id']][] = $tmp; } | |
162 | $page->assign('binets', $binets); | |
163 | ||
08cce2ff | 164 | $res = XDB::iterator( |
e1406965 | 165 | 'SELECT diminutif, nom |
eb41eda9 | 166 | FROM groups |
71fe935c | 167 | WHERE cat LIKE "%Promotions%" |
168 | ORDER BY diminutif'); | |
169 | $page->assign('promos', $res); | |
170 | ||
08cce2ff | 171 | $res = XDB::iterator( |
e1406965 | 172 | 'SELECT diminutif, nom |
eb41eda9 | 173 | FROM groups |
71fe935c | 174 | WHERE FIND_IN_SET("Institutions", cat) |
175 | ORDER BY diminutif'); | |
176 | $page->assign('inst', $res); | |
045a1522 | 177 | } |
0e02493e | 178 | |
26ba053e | 179 | function handler_groups2($page) |
0e02493e | 180 | { |
26ba053e | 181 | $this->handler_groups($page, Get::v('cat'), Get::v('dom')); |
0e02493e | 182 | } |
183 | ||
26ba053e | 184 | function handler_groups($page, $cat = null, $dom = null) |
0e02493e | 185 | { |
0e02493e | 186 | if (!$cat) { |
26ba053e | 187 | $this->handler_index($page); |
0e02493e | 188 | } |
189 | ||
a953f7e7 | 190 | $cat = mb_strtolower($cat); |
0e02493e | 191 | |
192 | $page->changeTpl('xnet/groupes.tpl'); | |
193 | $page->assign('cat', $cat); | |
194 | $page->assign('dom', $dom); | |
195 | ||
aab2ffdd | 196 | $res = XDB::query("SELECT id,nom |
eb41eda9 | 197 | FROM group_dom |
00112b2e VZ |
198 | WHERE FIND_IN_SET({?}, cat) |
199 | ORDER BY nom", $cat); | |
0e02493e | 200 | $doms = $res->fetchAllAssoc(); |
201 | $page->assign('doms', $doms); | |
202 | ||
203 | if (empty($doms)) { | |
00112b2e | 204 | $res = XDB::query("SELECT diminutif, nom, site |
eb41eda9 | 205 | FROM groups |
00112b2e VZ |
206 | WHERE FIND_IN_SET({?}, cat) |
207 | ORDER BY nom", $cat); | |
f0430dc7 | 208 | $page->assign('gps', $res->fetchAllAssoc()); |
0e02493e | 209 | } elseif (!is_null($dom)) { |
00112b2e | 210 | $res = XDB::query("SELECT diminutif, nom, site |
eb41eda9 | 211 | FROM groups |
00112b2e VZ |
212 | WHERE FIND_IN_SET({?}, cat) AND dom={?} |
213 | ORDER BY nom", $cat, $dom); | |
f0430dc7 | 214 | $page->assign('gps', $res->fetchAllAssoc()); |
0e02493e | 215 | } |
0e02493e | 216 | |
0e02493e | 217 | $page->setType($cat); |
218 | } | |
eaf30d86 | 219 | |
26ba053e | 220 | function handler_autologin($page) |
4a8a1e0a | 221 | { |
8c5c6d64 | 222 | $allkeys = func_get_args(); |
223 | unset($allkeys[0]); | |
224 | $url = join('/',$allkeys); | |
3cb500d5 | 225 | pl_content_headers("text/javascript"); |
8c5c6d64 | 226 | echo '$.ajax({ url: "'.$url.'?forceXml=1", dataType: "xml", success: function(xml) { $("body",xml).insertBefore("body"); $("body:eq(1)").remove(); }});'; |
4a8a1e0a | 227 | exit; |
228 | } | |
f15d1307 | 229 | |
3c64137d SJ |
230 | function handler_login_ext($page) |
231 | { | |
232 | if (!S::logged()) { | |
233 | $page->changeTpl('xnet/login.tpl'); | |
234 | } else { | |
235 | pl_redirect(''); | |
236 | } | |
237 | } | |
238 | ||
b80cbf0d SJ |
239 | function handler_register_ext($page, $hash = null) |
240 | { | |
241 | XDB::execute('DELETE FROM register_pending_xnet | |
242 | WHERE DATE_SUB(NOW(), INTERVAL 1 MONTH) > date'); | |
243 | $res = XDB::fetchOneAssoc('SELECT uid, hruid | |
244 | FROM register_pending_xnet | |
245 | WHERE hash = {?}', | |
246 | $hash); | |
247 | ||
248 | if (is_null($hash) || is_null($res)) { | |
249 | $page->trigErrorRedirect('Cette adresse n\'existe pas ou n\'existe plus sur le serveur.', ''); | |
250 | } | |
251 | ||
252 | if (Post::has('pwhash') && Post::t('pwhash')) { | |
253 | XDB::query('UPDATE accounts | |
254 | SET password = {?}, state = \'active\' | |
255 | WHERE uid = {?} AND state = \'pending\' AND type = \'xnet\'', | |
256 | Post::t('pwhash'), $res['uid']); | |
257 | XDB::query('DELETE FROM register_pending_xnet | |
258 | WHERE uid = {?}', | |
259 | $res['uid']); | |
260 | ||
261 | S::logger($res['uid'])->log('passwd', ''); | |
30439e34 SJ |
262 | |
263 | // Try to start a session (so the user don't have to log in); we will use | |
264 | // the password available in Post:: to authenticate the user. | |
265 | Post::kill('wait'); | |
266 | Platal::session()->startAvailableAuth(); | |
267 | ||
b80cbf0d SJ |
268 | $page->changeTpl('xnet/register.success.tpl'); |
269 | $page->assign('hruid', $res['hruid']); | |
270 | } else { | |
271 | $page->changeTpl('platal/password.tpl'); | |
272 | $page->assign('xnet', true); | |
30439e34 | 273 | $page->assign('hruid', $res['hruid']); |
b80cbf0d SJ |
274 | } |
275 | } | |
276 | ||
f15d1307 SJ |
277 | function handler_edit(&$page) |
278 | { | |
279 | global $globals; | |
280 | ||
281 | $user = S::user(); | |
282 | if (empty($user)) { | |
283 | return PL_NOT_FOUND; | |
284 | } | |
285 | if ($user->type != 'xnet') { | |
286 | pl_redirect('index'); | |
287 | } | |
288 | ||
289 | $page->changeTpl('xnet/edit.tpl'); | |
290 | if (Post::has('change')) { | |
291 | S::assert_xsrf_token(); | |
292 | ||
9a7f3d8e SJ |
293 | if ($user->groupCount() == 0 && Post::t('delete') == 'OUI') { |
294 | XDB::execute('DELETE FROM accounts | |
295 | WHERE uid = {?}', | |
296 | $user->id()); | |
297 | pl_redirect('index'); | |
298 | } | |
299 | ||
f15d1307 SJ |
300 | // Convert user status to X |
301 | if (!Post::blank('login_X')) { | |
302 | $forlife = $this->changeLogin($page, $user, Post::t('login_X')); | |
303 | if ($forlife) { | |
304 | pl_redirect('index'); | |
305 | } | |
306 | } | |
307 | ||
308 | // Update user info | |
309 | XDB::query('UPDATE accounts | |
310 | SET full_name = {?}, directory_name = {?}, display_name = {?}, | |
311 | sex = {?}, email = {?} | |
312 | WHERE uid = {?}', | |
313 | Post::t('full_name'), Post::t('directory_name'), Post::t('display_name'), | |
314 | (Post::t('sex') == 'male') ? 'male' : 'female', Post::t('email'), $user->id()); | |
315 | // If user is of type xnet and new password is given. | |
316 | if (!Post::blank('pwhash')) { | |
317 | XDB::query('UPDATE accounts | |
318 | SET password = {?} | |
319 | WHERE uid = {?}', | |
320 | Post::t('pwhash'), $user->id()); | |
321 | } | |
322 | if (XDB::affectedRows()) { | |
323 | $page->trigSuccess('Données mises à jour.'); | |
324 | } | |
325 | } | |
326 | ||
327 | $page->addJsLink('password.js'); | |
328 | $page->assign('user', $user); | |
329 | } | |
bd4be95d | 330 | } |
331 | ||
a7de4ef7 | 332 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: |
bd4be95d | 333 | ?> |