| 1 | <?php |
| 2 | /*************************************************************************** |
| 3 | * Copyright (C) 2003-2004 Polytechnique.org * |
| 4 | * http://opensource.polytechnique.org/ * |
| 5 | * * |
| 6 | * This program is free software; you can redistribute it and/or modify * |
| 7 | * it under the terms of the GNU General Public License as published by * |
| 8 | * the Free Software Foundation; either version 2 of the License, or * |
| 9 | * (at your option) any later version. * |
| 10 | * * |
| 11 | * This program is distributed in the hope that it will be useful, * |
| 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * |
| 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * |
| 14 | * GNU General Public License for more details. * |
| 15 | * * |
| 16 | * You should have received a copy of the GNU General Public License * |
| 17 | * along with this program; if not, write to the Free Software * |
| 18 | * Foundation, Inc., * |
| 19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * |
| 20 | ***************************************************************************/ |
| 21 | |
| 22 | require_once("xorg.inc.php"); |
| 23 | new_admin_page('admin/utilisateurs.tpl'); |
| 24 | $page->assign('xorg_title','Polytechnique.org - Administration - Edit/Su/Log'); |
| 25 | require_once("emails.inc.php"); |
| 26 | require_once("user.func.inc.php"); |
| 27 | |
| 28 | if (Session::has('suid')) { |
| 29 | $page->kill("déjà en SUID !!!"); |
| 30 | } |
| 31 | |
| 32 | if (Env::has('user_id')) { |
| 33 | $login = get_user_login(Env::getInt('user_id')); |
| 34 | } elseif (Env::has('login')) { |
| 35 | $login = get_user_login(Env::get('login')); |
| 36 | } else { |
| 37 | $login = false; |
| 38 | } |
| 39 | |
| 40 | if(Env::has('logs_button') && $login) { |
| 41 | redirect("logger.php?loguser=$login&year=".date('Y')."&month=".date('m')); |
| 42 | } |
| 43 | |
| 44 | if (Env::has('ax_button') && $login) { |
| 45 | redirect("synchro_ax.php?user=$login"); |
| 46 | } |
| 47 | |
| 48 | if(Env::has('suid_button') && $login) { |
| 49 | $_SESSION['log']->log("suid_start", "login by ".Session::get('forlife')); |
| 50 | $_SESSION['suid'] = $_SESSION; |
| 51 | $r = $globals->xdb->query("SELECT id FROM aliases WHERE alias={?}", $login); |
| 52 | if($uid = $r->fetchOneCell()) { |
| 53 | start_connexion($uid,true); |
| 54 | redirect("../"); |
| 55 | } |
| 56 | } |
| 57 | |
| 58 | if ($login) { |
| 59 | $r = $globals->xdb->query("SELECT *, a.alias AS forlife |
| 60 | FROM auth_user_md5 AS u |
| 61 | INNER JOIN aliases AS a ON ( a.id = u.user_id AND a.alias={?} AND type!='homonyme' )", $login); |
| 62 | $mr = $r->fetchOneAssoc(); |
| 63 | |
| 64 | $redirect = new Redirect($mr['user_id']); |
| 65 | |
| 66 | // Check if there was a submission |
| 67 | foreach($_POST as $key => $val) { |
| 68 | switch ($key) { |
| 69 | case "add_fwd": |
| 70 | $email = trim(Env::get('email')); |
| 71 | if (!isvalid_email_redirection($email)) { |
| 72 | $page->trig("invalid email $email"); |
| 73 | } else { |
| 74 | $redirect->add_email($email); |
| 75 | $page->trig("Ajout de $email effectué"); |
| 76 | } |
| 77 | break; |
| 78 | |
| 79 | case "del_fwd": |
| 80 | if (!empty($val)) { |
| 81 | $redirect->delete_email($val); |
| 82 | } |
| 83 | break; |
| 84 | |
| 85 | case "del_alias": |
| 86 | if (!empty($val)) { |
| 87 | $globals->xdb->execute("DELETE FROM aliases WHERE id={?} AND alias={?} |
| 88 | AND type!='a_vie' AND type!='homonyme'", $mr['user_id'], $val); |
| 89 | fix_bestalias($mr['user_id']); |
| 90 | $page->trig($val." a été supprimé"); |
| 91 | } |
| 92 | break; |
| 93 | |
| 94 | case "add_alias": |
| 95 | $globals->xdb->execute("INSERT INTO aliases (id,alias,type) VALUES ({?}, {?}, 'alias')", |
| 96 | $mr['user_id'], Env::get('email')); |
| 97 | break; |
| 98 | |
| 99 | case "best": |
| 100 | // 'bestalias' is the first bit of the set : 1 |
| 101 | // 255 is the max for flags (8 sets max) |
| 102 | $globals->xdb->execute("UPDATE aliases SET flags= flags & (255 - 1) WHERE id={?}", $mr['user_id']); |
| 103 | $globals->xdb->execute("UPDATE aliases |
| 104 | SET flags= flags | 1 |
| 105 | WHERE id={?} AND alias={?}", $mr['user_id'], $val); |
| 106 | break; |
| 107 | |
| 108 | |
| 109 | // Editer un profil |
| 110 | case "u_edit": |
| 111 | $pass_md5B = Env::get('newpass_clair') != "********" ? md5(Env::get('newpass_clair')) : Env::get('passw'); |
| 112 | $naiss = Env::get('naissanceN'); |
| 113 | $perms = Env::get('permsN'); |
| 114 | $prenm = Env::get('prenomN'); |
| 115 | $nom = Env::get('nomN'); |
| 116 | $promo = Env::getInt('promoN'); |
| 117 | $nom = Env::get('nomN'); |
| 118 | $comm = Env::get('commentN'); |
| 119 | |
| 120 | $query = "UPDATE auth_user_md5 SET |
| 121 | naissance = '$naiss', |
| 122 | password = '$pass_md5B', |
| 123 | perms = '$perms', |
| 124 | prenom = '".addslashes($prenm)."', |
| 125 | nom = '".addslashes($nom)."', |
| 126 | promo = $promo, |
| 127 | comment = '".addslashes($comm)."' |
| 128 | WHERE user_id = '{$mr['user_id']}'"; |
| 129 | if ($globals->xdb->execute($query)) { |
| 130 | user_reindex($mr['user_id']); |
| 131 | |
| 132 | require_once("diogenes/diogenes.hermes.inc.php"); |
| 133 | $mailer = new HermesMailer(); |
| 134 | $mailer->setFrom("webmaster@polytechnique.org"); |
| 135 | $mailer->addTo("web@polytechnique.org"); |
| 136 | $mailer->setSubject("INTERVENTION de ".Session::get('forlife')); |
| 137 | $mailer->setTxtBody(preg_replace("/[ \t]+/", ' ', $query)); |
| 138 | $mailer->send(); |
| 139 | |
| 140 | $page->trig("updaté correctement."); |
| 141 | } |
| 142 | if (Env::get('nomusageN') != $mr['nom_usage']) { |
| 143 | require_once('nomusage.inc.php'); |
| 144 | set_new_usage($mr['user_id'], Env::get('nomusageN'), make_username(Env::get('prenomN'), Env::get('nomusageN'))); |
| 145 | } |
| 146 | $r = $globals->xdb->query("SELECT *, a.alias AS forlife |
| 147 | FROM auth_user_md5 AS u |
| 148 | INNER JOIN aliases AS a ON (u.user_id=a.id) |
| 149 | WHERE user_id = {?}", $mr['user_id']); |
| 150 | $mr = $r->fetchOneAssoc(); |
| 151 | break; |
| 152 | |
| 153 | // DELETE FROM auth_user_md5 |
| 154 | case "u_kill": |
| 155 | user_clear_all_subs($mr['user_id']); |
| 156 | $page->trig("'{$mr['user_id']}' a été désinscrit !"); |
| 157 | require_once("diogenes/diogenes.hermes.inc.php"); |
| 158 | $mailer = new HermesMailer(); |
| 159 | $mailer->setFrom("webmaster@polytechnique.org"); |
| 160 | $mailer->addTo("web@polytechnique.org"); |
| 161 | $mailer->setSubject("INTERVENTION de ".Session::get('forlife')); |
| 162 | $mailer->setTxtBody("\nUtilisateur $login effacé"); |
| 163 | $mailer->send(); |
| 164 | break; |
| 165 | } |
| 166 | } |
| 167 | |
| 168 | $res = $globals->xdb->query("SELECT UNIX_TIMESTAMP(start), host |
| 169 | FROM logger.sessions |
| 170 | WHERE uid={?} AND suid=0 |
| 171 | ORDER BY start DESC |
| 172 | LIMIT 1", $mr['user_id']); |
| 173 | list($lastlogin,$host) = $res->fetchOneRow(); |
| 174 | $page->assign('lastlogin', $lastlogin); |
| 175 | $page->assign('host', $host); |
| 176 | |
| 177 | $page->assign('aliases', $globals->xdb->iterator( |
| 178 | "SELECT alias, type='a_vie' AS for_life,FIND_IN_SET('bestalias',flags) AS best,expire |
| 179 | FROM aliases |
| 180 | WHERE id = {?} AND type!='homonyme' |
| 181 | ORDER BY type!= 'a_vie'", $mr["user_id"])); |
| 182 | $page->assign('xorgmails', $xorgmails); |
| 183 | $page->assign('email_panne', $email_panne); |
| 184 | $page->assign('emails',$redirect->emails); |
| 185 | |
| 186 | $page->assign('mr',$mr); |
| 187 | } |
| 188 | |
| 189 | $page->run(); |
| 190 | |
| 191 | // vim:set et sws=4 sts=4 sw=4: |
| 192 | ?> |