Commit | Line | Data |
---|---|---|
bd4be95d | 1 | <?php |
2 | /*************************************************************************** | |
5e1513f6 | 3 | * Copyright (C) 2003-2011 Polytechnique.org * |
bd4be95d | 4 | * http://opensource.polytechnique.org/ * |
5 | * * | |
6 | * This program is free software; you can redistribute it and/or modify * | |
7 | * it under the terms of the GNU General Public License as published by * | |
8 | * the Free Software Foundation; either version 2 of the License, or * | |
9 | * (at your option) any later version. * | |
10 | * * | |
11 | * This program is distributed in the hope that it will be useful, * | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * | |
14 | * GNU General Public License for more details. * | |
15 | * * | |
16 | * You should have received a copy of the GNU General Public License * | |
17 | * along with this program; if not, write to the Free Software * | |
18 | * Foundation, Inc., * | |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * | |
20 | ***************************************************************************/ | |
21 | ||
22 | class XnetModule extends PLModule | |
23 | { | |
24 | function handlers() | |
25 | { | |
26 | return array( | |
020c8ed0 SJ |
27 | 'index' => $this->make_hook('index', AUTH_PUBLIC), |
28 | 'exit' => $this->make_hook('exit', AUTH_PUBLIC), | |
71fe935c | 29 | |
020c8ed0 SJ |
30 | 'admin' => $this->make_hook('admin', AUTH_MDP, 'admin'), |
31 | 'groups' => $this->make_hook('groups', AUTH_PUBLIC), | |
32 | 'groupes.php' => $this->make_hook('groups2', AUTH_PUBLIC), | |
33 | 'plan' => $this->make_hook('plan', AUTH_PUBLIC), | |
34 | 'photo' => $this->make_hook('photo', AUTH_MDP), | |
35 | 'autologin' => $this->make_hook('autologin', AUTH_MDP), | |
3c64137d | 36 | 'login/ext' => $this->make_hook('login_ext', AUTH_PUBLIC), |
b80cbf0d | 37 | 'register/ext' => $this->make_hook('register_ext', AUTH_PUBLIC), |
f15d1307 | 38 | 'edit' => $this->make_hook('edit', AUTH_MDP, 'user'), |
73f2bb48 | 39 | 'password' => $this->make_hook('password', AUTH_MDP, 'user'), |
6d69b527 FB |
40 | |
41 | 'Xnet' => $this->make_wiki_hook(), | |
bd4be95d | 42 | ); |
43 | } | |
44 | ||
26ba053e | 45 | function handler_photo($page, $x = null) |
deb09f59 | 46 | { |
706f830d | 47 | if (!$x || !($profile = Profile::get($x))) { |
deb09f59 | 48 | return PL_NOT_FOUND; |
49 | } | |
50 | ||
706f830d | 51 | // Retrieve the photo and its mime type. |
470d14f6 | 52 | $photo = $profile->getPhoto(true, true); |
deb09f59 | 53 | |
706f830d FB |
54 | // Display the photo, or a default one when not available. |
55 | $photo->send(); | |
deb09f59 | 56 | } |
eaf30d86 | 57 | |
26ba053e | 58 | function handler_index($page) |
bd4be95d | 59 | { |
d83a1b04 | 60 | $page->nomenu = true; |
bd4be95d | 61 | $page->changeTpl('xnet/index.tpl'); |
bd4be95d | 62 | } |
badfc7ee | 63 | |
26ba053e | 64 | function handler_exit($page) |
71fe935c | 65 | { |
ab694eb5 FB |
66 | Platal::session()->stopSUID(); |
67 | Platal::session()->destroy(); | |
b8e265bf | 68 | $page->changeTpl('xnet/deconnexion.tpl'); |
71fe935c | 69 | } |
70 | ||
26ba053e | 71 | function handler_admin($page) |
d55888e6 | 72 | { |
1490093c | 73 | $page->changeTpl('xnet/admin.tpl'); |
d55888e6 | 74 | |
75 | if (Get::has('del')) { | |
08cce2ff | 76 | $res = XDB::query('SELECT id, nom, mail_domain |
eb41eda9 | 77 | FROM groups WHERE diminutif={?}', |
5e2307dc | 78 | Get::v('del')); |
d55888e6 | 79 | list($id, $nom, $domain) = $res->fetchOneRow(); |
80 | $page->assign('nom', $nom); | |
40d428d8 VZ |
81 | if ($id && Post::has('del')) { |
82 | S::assert_xsrf_token(); | |
83 | ||
eb41eda9 | 84 | XDB::query('DELETE FROM group_members WHERE asso_id={?}', $id); |
a7d35093 | 85 | $page->trigSuccess('membres supprimés'); |
d55888e6 | 86 | |
87 | if ($domain) { | |
831aa467 SJ |
88 | XDB::execute('DELETE v |
89 | FROM email_virtual AS v | |
90 | INNER JOIN email_virtual_domains AS d ON (v.domain = d.id) | |
91 | WHERE d.name = {?}', | |
92 | $domain); | |
93 | XDB::execute('DELETE FROM email_virtual_domains | |
94 | WHERE name = {?}', $domain); | |
a7d35093 | 95 | $page->trigSuccess('suppression des alias mails'); |
d55888e6 | 96 | |
9bb8bf21 | 97 | $mmlist = new MMList(S::v('uid'), S::v('password'), $domain); |
98 | if ($listes = $mmlist->get_lists()) { | |
d55888e6 | 99 | foreach ($listes as $l) { |
9bb8bf21 | 100 | $mmlist->delete_list($l['list'], true); |
d55888e6 | 101 | } |
a7d35093 | 102 | $page->trigSuccess('mail lists surpprimées'); |
d55888e6 | 103 | } |
104 | } | |
105 | ||
eb41eda9 | 106 | XDB::query('DELETE FROM groups WHERE id={?}', $id); |
a7d35093 | 107 | $page->trigSuccess("Groupe $nom supprimé"); |
d55888e6 | 108 | Get::kill('del'); |
109 | } | |
110 | if (!$id) { | |
111 | Get::kill('del'); | |
112 | } | |
113 | } | |
114 | ||
8d11b755 | 115 | if (Post::has('diminutif') && Post::v('diminutif') != "") { |
40d428d8 VZ |
116 | S::assert_xsrf_token(); |
117 | ||
3af5a31e | 118 | $res = XDB::query('SELECT COUNT(*) |
eb41eda9 | 119 | FROM groups |
3af5a31e SJ |
120 | WHERE diminutif = {?}', |
121 | Post::v('diminutif')); | |
122 | ||
123 | if ($res->fetchOneCell() == 0) { | |
eb41eda9 | 124 | XDB::execute('INSERT INTO groups (id, diminutif) |
3af5a31e SJ |
125 | VALUES (NULL, {?})', |
126 | Post::v('diminutif')); | |
fc4714d6 | 127 | pl_redirect(Post::v('diminutif') . '/edit'); |
3af5a31e SJ |
128 | } else { |
129 | $page->trigError('Le diminutif demandé est déjà pris.'); | |
130 | } | |
d55888e6 | 131 | } |
132 | ||
3af5a31e | 133 | $res = XDB::query('SELECT nom, diminutif |
eb41eda9 | 134 | FROM groups |
3af5a31e | 135 | ORDER BY nom'); |
d55888e6 | 136 | $page->assign('assos', $res->fetchAllAssoc()); |
137 | } | |
138 | ||
26ba053e | 139 | function handler_plan($page) |
71fe935c | 140 | { |
71fe935c | 141 | $page->changeTpl('xnet/plan.tpl'); |
142 | ||
143 | $page->setType('plan'); | |
144 | ||
08cce2ff | 145 | $res = XDB::iterator( |
e1406965 FB |
146 | 'SELECT dom.id, dom.nom as domnom, groups.diminutif, groups.nom |
147 | FROM group_dom AS dom | |
148 | INNER JOIN groups ON dom.id = groups.dom | |
149 | WHERE FIND_IN_SET("GroupesX", dom.cat) AND FIND_IN_SET("GroupesX", groups.cat) | |
150 | ORDER BY dom.nom, groups.nom'); | |
71fe935c | 151 | $groupesx = array(); |
152 | while ($tmp = $res->next()) { $groupesx[$tmp['id']][] = $tmp; } | |
153 | $page->assign('groupesx', $groupesx); | |
154 | ||
08cce2ff | 155 | $res = XDB::iterator( |
e1406965 FB |
156 | 'SELECT dom.id, dom.nom as domnom, groups.diminutif, groups.nom |
157 | FROM group_dom AS dom | |
158 | INNER JOIN groups ON dom.id = groups.dom | |
159 | WHERE FIND_IN_SET("Binets", dom.cat) AND FIND_IN_SET("Binets", groups.cat) | |
160 | ORDER BY dom.nom, groups.nom'); | |
71fe935c | 161 | $binets = array(); |
162 | while ($tmp = $res->next()) { $binets[$tmp['id']][] = $tmp; } | |
163 | $page->assign('binets', $binets); | |
164 | ||
08cce2ff | 165 | $res = XDB::iterator( |
e1406965 | 166 | 'SELECT diminutif, nom |
eb41eda9 | 167 | FROM groups |
71fe935c | 168 | WHERE cat LIKE "%Promotions%" |
169 | ORDER BY diminutif'); | |
170 | $page->assign('promos', $res); | |
171 | ||
08cce2ff | 172 | $res = XDB::iterator( |
e1406965 | 173 | 'SELECT diminutif, nom |
eb41eda9 | 174 | FROM groups |
71fe935c | 175 | WHERE FIND_IN_SET("Institutions", cat) |
176 | ORDER BY diminutif'); | |
177 | $page->assign('inst', $res); | |
045a1522 | 178 | } |
0e02493e | 179 | |
26ba053e | 180 | function handler_groups2($page) |
0e02493e | 181 | { |
26ba053e | 182 | $this->handler_groups($page, Get::v('cat'), Get::v('dom')); |
0e02493e | 183 | } |
184 | ||
26ba053e | 185 | function handler_groups($page, $cat = null, $dom = null) |
0e02493e | 186 | { |
0e02493e | 187 | if (!$cat) { |
26ba053e | 188 | $this->handler_index($page); |
0e02493e | 189 | } |
190 | ||
a953f7e7 | 191 | $cat = mb_strtolower($cat); |
0e02493e | 192 | |
193 | $page->changeTpl('xnet/groupes.tpl'); | |
194 | $page->assign('cat', $cat); | |
195 | $page->assign('dom', $dom); | |
196 | ||
aab2ffdd | 197 | $res = XDB::query("SELECT id,nom |
eb41eda9 | 198 | FROM group_dom |
00112b2e VZ |
199 | WHERE FIND_IN_SET({?}, cat) |
200 | ORDER BY nom", $cat); | |
0e02493e | 201 | $doms = $res->fetchAllAssoc(); |
202 | $page->assign('doms', $doms); | |
203 | ||
204 | if (empty($doms)) { | |
00112b2e | 205 | $res = XDB::query("SELECT diminutif, nom, site |
eb41eda9 | 206 | FROM groups |
00112b2e VZ |
207 | WHERE FIND_IN_SET({?}, cat) |
208 | ORDER BY nom", $cat); | |
f0430dc7 | 209 | $page->assign('gps', $res->fetchAllAssoc()); |
0e02493e | 210 | } elseif (!is_null($dom)) { |
00112b2e | 211 | $res = XDB::query("SELECT diminutif, nom, site |
eb41eda9 | 212 | FROM groups |
00112b2e VZ |
213 | WHERE FIND_IN_SET({?}, cat) AND dom={?} |
214 | ORDER BY nom", $cat, $dom); | |
f0430dc7 | 215 | $page->assign('gps', $res->fetchAllAssoc()); |
0e02493e | 216 | } |
0e02493e | 217 | |
0e02493e | 218 | $page->setType($cat); |
219 | } | |
eaf30d86 | 220 | |
26ba053e | 221 | function handler_autologin($page) |
4a8a1e0a | 222 | { |
8c5c6d64 | 223 | $allkeys = func_get_args(); |
224 | unset($allkeys[0]); | |
225 | $url = join('/',$allkeys); | |
3cb500d5 | 226 | pl_content_headers("text/javascript"); |
8c5c6d64 | 227 | echo '$.ajax({ url: "'.$url.'?forceXml=1", dataType: "xml", success: function(xml) { $("body",xml).insertBefore("body"); $("body:eq(1)").remove(); }});'; |
4a8a1e0a | 228 | exit; |
229 | } | |
f15d1307 | 230 | |
3c64137d SJ |
231 | function handler_login_ext($page) |
232 | { | |
233 | if (!S::logged()) { | |
234 | $page->changeTpl('xnet/login.tpl'); | |
235 | } else { | |
236 | pl_redirect(''); | |
237 | } | |
238 | } | |
239 | ||
b80cbf0d SJ |
240 | function handler_register_ext($page, $hash = null) |
241 | { | |
242 | XDB::execute('DELETE FROM register_pending_xnet | |
243 | WHERE DATE_SUB(NOW(), INTERVAL 1 MONTH) > date'); | |
244 | $res = XDB::fetchOneAssoc('SELECT uid, hruid | |
245 | FROM register_pending_xnet | |
246 | WHERE hash = {?}', | |
247 | $hash); | |
248 | ||
249 | if (is_null($hash) || is_null($res)) { | |
250 | $page->trigErrorRedirect('Cette adresse n\'existe pas ou n\'existe plus sur le serveur.', ''); | |
251 | } | |
252 | ||
253 | if (Post::has('pwhash') && Post::t('pwhash')) { | |
254 | XDB::query('UPDATE accounts | |
255 | SET password = {?}, state = \'active\' | |
256 | WHERE uid = {?} AND state = \'pending\' AND type = \'xnet\'', | |
257 | Post::t('pwhash'), $res['uid']); | |
258 | XDB::query('DELETE FROM register_pending_xnet | |
259 | WHERE uid = {?}', | |
260 | $res['uid']); | |
261 | ||
262 | S::logger($res['uid'])->log('passwd', ''); | |
30439e34 SJ |
263 | |
264 | // Try to start a session (so the user don't have to log in); we will use | |
265 | // the password available in Post:: to authenticate the user. | |
266 | Post::kill('wait'); | |
267 | Platal::session()->startAvailableAuth(); | |
268 | ||
b80cbf0d SJ |
269 | $page->changeTpl('xnet/register.success.tpl'); |
270 | $page->assign('hruid', $res['hruid']); | |
271 | } else { | |
272 | $page->changeTpl('platal/password.tpl'); | |
273 | $page->assign('xnet', true); | |
30439e34 | 274 | $page->assign('hruid', $res['hruid']); |
73f2bb48 | 275 | $page->assign('do_auth', true); |
b80cbf0d SJ |
276 | } |
277 | } | |
278 | ||
2a1cd4ab | 279 | function handler_edit($page) |
f15d1307 SJ |
280 | { |
281 | global $globals; | |
282 | ||
283 | $user = S::user(); | |
284 | if (empty($user)) { | |
285 | return PL_NOT_FOUND; | |
286 | } | |
287 | if ($user->type != 'xnet') { | |
288 | pl_redirect('index'); | |
289 | } | |
290 | ||
291 | $page->changeTpl('xnet/edit.tpl'); | |
292 | if (Post::has('change')) { | |
293 | S::assert_xsrf_token(); | |
294 | ||
295 | // Convert user status to X | |
296 | if (!Post::blank('login_X')) { | |
297 | $forlife = $this->changeLogin($page, $user, Post::t('login_X')); | |
298 | if ($forlife) { | |
299 | pl_redirect('index'); | |
300 | } | |
301 | } | |
302 | ||
303 | // Update user info | |
304 | XDB::query('UPDATE accounts | |
305 | SET full_name = {?}, directory_name = {?}, display_name = {?}, | |
306 | sex = {?}, email = {?} | |
307 | WHERE uid = {?}', | |
308 | Post::t('full_name'), Post::t('directory_name'), Post::t('display_name'), | |
309 | (Post::t('sex') == 'male') ? 'male' : 'female', Post::t('email'), $user->id()); | |
f15d1307 | 310 | if (XDB::affectedRows()) { |
e716a2af SJ |
311 | $user = User::getWithUID($user->id()); |
312 | S::set('user', $user); | |
f15d1307 SJ |
313 | $page->trigSuccess('Données mises à jour.'); |
314 | } | |
315 | } | |
316 | ||
317 | $page->addJsLink('password.js'); | |
318 | $page->assign('user', $user); | |
319 | } | |
73f2bb48 SJ |
320 | |
321 | function handler_password ($page) | |
322 | { | |
323 | if (Post::has('pwhash') && Post::t('pwhash')) { | |
324 | S::assert_xsrf_token(); | |
325 | ||
326 | S::set('password', $password = Post::t('pwhash')); | |
327 | XDB::execute('UPDATE accounts | |
328 | SET password = {?} | |
329 | WHERE uid={?}', $password, | |
330 | S::i('uid')); | |
331 | S::logger()->log('passwd'); | |
332 | Platal::session()->setAccessCookie(true); | |
333 | $page->changeTpl('platal/password.success.tpl'); | |
334 | $page->run(); | |
335 | } | |
336 | ||
337 | $page->changeTpl('platal/password.tpl'); | |
338 | $page->assign('xnet_reset', true); | |
339 | $page->assign('do_auth', false); | |
340 | } | |
bd4be95d | 341 | } |
342 | ||
a7de4ef7 | 343 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: |
bd4be95d | 344 | ?> |