| 1 | <?php |
| 2 | /*************************************************************************** |
| 3 | * Copyright (C) 2003-2007 Polytechnique.org * |
| 4 | * http://opensource.polytechnique.org/ * |
| 5 | * * |
| 6 | * This program is free software; you can redistribute it and/or modify * |
| 7 | * it under the terms of the GNU General Public License as published by * |
| 8 | * the Free Software Foundation; either version 2 of the License, or * |
| 9 | * (at your option) any later version. * |
| 10 | * * |
| 11 | * This program is distributed in the hope that it will be useful, * |
| 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * |
| 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * |
| 14 | * GNU General Public License for more details. * |
| 15 | * * |
| 16 | * You should have received a copy of the GNU General Public License * |
| 17 | * along with this program; if not, write to the Free Software * |
| 18 | * Foundation, Inc., * |
| 19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * |
| 20 | ***************************************************************************/ |
| 21 | |
| 22 | class AXLetterModule extends PLModule |
| 23 | { |
| 24 | function handlers() |
| 25 | { |
| 26 | return array( |
| 27 | 'ax' => $this->make_hook('index', AUTH_COOKIE), |
| 28 | 'ax/out' => $this->make_hook('out', AUTH_PUBLIC), |
| 29 | 'ax/show' => $this->make_hook('show', AUTH_COOKIE), |
| 30 | 'ax/edit' => $this->make_hook('submit', AUTH_MDP), |
| 31 | 'ax/edit/cancel' => $this->make_hook('cancel', AUTH_MDP), |
| 32 | 'ax/edit/valid' => $this->make_hook('valid', AUTH_MDP), |
| 33 | 'admin/axletter' => $this->make_hook('admin', AUTH_MDP, 'admin'), |
| 34 | ); |
| 35 | } |
| 36 | |
| 37 | function handler_out(&$page, $hash = null) |
| 38 | { |
| 39 | if (!$hash) { |
| 40 | if (!S::logged()) { |
| 41 | return PL_DO_AUTH; |
| 42 | } else { |
| 43 | return $this->handler_index($page, 'out'); |
| 44 | } |
| 45 | } |
| 46 | require_once dirname(__FILE__) . '/axletter/axletter.inc.php'; |
| 47 | $page->changeTpl('axletter/unsubscribe.tpl'); |
| 48 | $page->assign('success', AXLetter::unsubscribe($hash, true)); |
| 49 | } |
| 50 | |
| 51 | function handler_index(&$page, $action = null) |
| 52 | { |
| 53 | require_once dirname(__FILE__) . '/axletter/axletter.inc.php'; |
| 54 | |
| 55 | $page->changeTpl('axletter/index.tpl'); |
| 56 | $page->assign('xorg_title','Polytechnique.org - Envois de l\'AX'); |
| 57 | |
| 58 | switch ($action) { |
| 59 | case 'in': AXLetter::subscribe(); break; |
| 60 | case 'out': AXLetter::unsubscribe(); break; |
| 61 | } |
| 62 | |
| 63 | $perm = AXLetter::hasPerms(); |
| 64 | if ($perm) { |
| 65 | $res = XDB::query("SELECT * FROM axletter_ins"); |
| 66 | $page->assign('count', $res->numRows()); |
| 67 | $page->assign('new', AXLetter::awaiting()); |
| 68 | } |
| 69 | $page->assign('axs', AXLetter::subscriptionState()); |
| 70 | $page->assign('ax_list', AXLetter::listSent()); |
| 71 | $page->assign('ax_rights', $perm); |
| 72 | } |
| 73 | |
| 74 | function handler_submit(&$page, $action = null) |
| 75 | { |
| 76 | require_once dirname(__FILE__) . '/axletter/axletter.inc.php'; |
| 77 | if (!AXLetter::hasPerms()) { |
| 78 | return PL_FORBIDDEN; |
| 79 | } |
| 80 | |
| 81 | $page->changeTpl('axletter/edit.tpl'); |
| 82 | |
| 83 | $saved = Post::i('saved'); |
| 84 | $new = false; |
| 85 | $id = Post::i('id'); |
| 86 | $shortname = trim(Post::v('shortname')); |
| 87 | $subject = trim(Post::v('subject')); |
| 88 | $title = trim(Post::v('title')); |
| 89 | $body = rtrim(Post::v('body')); |
| 90 | $signature = trim(Post::v('signature')); |
| 91 | $promo_min = Post::i('promo_min'); |
| 92 | $promo_max = Post::i('promo_max'); |
| 93 | $echeance = Post::has('echeance_date') ? Post::v('echeance_date') . ' ' . Post::v('echeance_time') |
| 94 | : Post::v('echeance'); |
| 95 | $echeance_date = Post::v('echeance_date'); |
| 96 | $echeance_time = Post::v('echeance_time'); |
| 97 | |
| 98 | if (!$id) { |
| 99 | $res = XDB::query("SELECT * FROM axletter WHERE FIND_IN_SET('new', bits)"); |
| 100 | if ($res->numRows()) { |
| 101 | extract($res->fetchOneAssoc(), EXTR_OVERWRITE); |
| 102 | $saved = true; |
| 103 | } else { |
| 104 | XDB::execute("INSERT INTO axletter SET id = NULL"); |
| 105 | $id = XDB::insertId(); |
| 106 | } |
| 107 | if (!$echeance || $echeance == '0000-00-00 00:00:00') { |
| 108 | $saved = false; |
| 109 | $new = true; |
| 110 | } |
| 111 | } elseif (Post::has('valid')) { |
| 112 | if (!$subject && $title) { |
| 113 | $subject = $title; |
| 114 | } |
| 115 | if (!$title && $subject) { |
| 116 | $title = $subject; |
| 117 | } |
| 118 | if (!$subject || !$title || !$body) { |
| 119 | $page->trig("L'article doit avoir un sujet et un contenu"); |
| 120 | Post::kill('valid'); |
| 121 | } |
| 122 | if (($promo_min > $promo_max && $promo_max != 0)|| |
| 123 | ($promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020)) || |
| 124 | ($promo_max != 0 && ($promo_max <= 1900 || $promo_max >= 2020))) |
| 125 | { |
| 126 | $page->trig("L'intervalle de promotions n'est pas valide"); |
| 127 | Post::kill('valid'); |
| 128 | } |
| 129 | if (empty($shortname)) { |
| 130 | $page->trig("L'annonce doit avoir un nom raccourci pour simplifier la navigation dans les archives"); |
| 131 | Post::kill('valid'); |
| 132 | } elseif (!preg_match('/^[a-z][-a-z0-9]*[a-z0-9]$/', $shortname)) { |
| 133 | $page->trig("Le nom raccourci n'est pas valide, il doit comporter au moins 2 caractères et n'être composé " |
| 134 | . "que de chiffres, lettres et tirets"); |
| 135 | Post::kill('valid'); |
| 136 | } elseif ($shortname != Post::v('old_shortname')) { |
| 137 | $res = XDB::query("SELECT id FROM axletter WHERE shortname = {?}", $shortname); |
| 138 | if ($res->numRows() && $res->fetchOneCell() != $id) { |
| 139 | $page->trig("Le nom $shortname est déjà utilisé, merci d'en choisir un autre"); |
| 140 | $shortname = Post::v('old_shortname'); |
| 141 | if (empty($shortname)) { |
| 142 | Post::kill('valid'); |
| 143 | } |
| 144 | } |
| 145 | } |
| 146 | |
| 147 | switch (@Post::v('valid')) { |
| 148 | case 'Aperçu': |
| 149 | require_once dirname(__FILE__) . '/axletter/axletter.inc.php'; |
| 150 | $al = new AXLetter(array($id, $shortname, $subject, $title, $body, $signature, |
| 151 | $promo_min, $promo_max, $echeance, 0, 'new')); |
| 152 | $al->toHtml($page, S::v('prenom'), S::v('nom'), S::v('femme')); |
| 153 | break; |
| 154 | |
| 155 | case 'Confirmer': |
| 156 | XDB::execute("REPLACE INTO axletter |
| 157 | SET id = {?}, shortname = {?}, subject = {?}, title = {?}, body = {?}, |
| 158 | signature = {?}, promo_min = {?}, promo_max = {?}, echeance = {?}", |
| 159 | $id, $shortname, $subject, $title, $body, $signature, $promo_min, $promo_max, $echeance); |
| 160 | if (!$saved) { |
| 161 | $mailer = new PlMailer(); |
| 162 | $mailer->setFrom("support@polytechnique.org"); |
| 163 | $mailer->setSubject("Un nouveau projet de mail de l'AX vient d'être proposé"); |
| 164 | $mailer->setTxtBody("Un nouveau mail vient d'être rédigé en prévision d'un envoi prochain. Vous pouvez " |
| 165 | . "le modifier jusqu'à ce qu'il soit verrouillé pour l'envoi\n\n" |
| 166 | . "Le sujet du mail : $subject\n" |
| 167 | . "L'échéance d'envoi est fixée à $echeance.\n" |
| 168 | . "Le mail pourra néanmoins partir avant cette échéance si un administrateur de " |
| 169 | . "Polytechnique.org le valide.\n\n" |
| 170 | . "Pour modifier, valider ou annuler le mail :\n" |
| 171 | . "https://www.polytechnique.org/ax/edit\n" |
| 172 | . "-- \n" |
| 173 | . "Association Polytechnique.org\n"); |
| 174 | $res = XDB::iterRow("SELECT IF(u.nom_usage != '', u.nom_usage, u.nom) AS nom, |
| 175 | u.prenom, a.alias AS bestalias |
| 176 | FROM axletter_rights AS ar |
| 177 | INNER JOIN auth_user_md5 AS u USING(user_id) |
| 178 | INNER JOIN aliases AS a ON (u.user_id = a.id |
| 179 | AND FIND_IN_SET('bestalias', a.flags))"); |
| 180 | global $globals; |
| 181 | while (list($nom, $prenom, $alias) = $res->next()) { |
| 182 | $mailer->addTo("$nom $prenom <$alias@{$globals->mail->domain}>"); |
| 183 | } |
| 184 | $mailer->send(); |
| 185 | } |
| 186 | $saved = true; |
| 187 | $echeance_date = null; |
| 188 | $echeance_time = null; |
| 189 | pl_redirect('ax'); |
| 190 | break; |
| 191 | } |
| 192 | } |
| 193 | $page->assign('id', $id); |
| 194 | $page->assign('shortname', $shortname); |
| 195 | $page->assign('subject', $subject); |
| 196 | $page->assign('title', $title); |
| 197 | $page->assign('body', $body); |
| 198 | $page->assign('signature', $signature); |
| 199 | $page->assign('promo_min', $promo_min); |
| 200 | $page->assign('promo_max', $promo_max); |
| 201 | $page->assign('echeance', $echeance); |
| 202 | $page->assign('echeance_date', $echeance_date); |
| 203 | $page->assign('echeance_time', $echeance_time); |
| 204 | $page->assign('saved', $saved); |
| 205 | $page->assign('new', $new); |
| 206 | $page->assign('is_xorg', S::has_perms()); |
| 207 | |
| 208 | if (!$saved) { |
| 209 | $select = ''; |
| 210 | for ($i = 0 ; $i < 24 ; $i++) { |
| 211 | $stamp = sprintf('%02d:00:00', $i); |
| 212 | if ($stamp == $echeance_time) { |
| 213 | $sel = ' selected="selected"'; |
| 214 | } else { |
| 215 | $sel = ''; |
| 216 | } |
| 217 | $select .= "<option value=\"$stamp\"$sel>{$i}h</option>\n"; |
| 218 | } |
| 219 | $page->assign('echeance_time', $select); |
| 220 | } |
| 221 | } |
| 222 | |
| 223 | function handler_cancel(&$page, $force = null) |
| 224 | { |
| 225 | require_once dirname(__FILE__) . '/axletter/axletter.inc.php'; |
| 226 | if (!AXLetter::hasPerms()) { |
| 227 | return PL_FORBIDDEN; |
| 228 | } |
| 229 | |
| 230 | $url = parse_url($_SERVER['HTTP_REFERER']); |
| 231 | if ($force != 'force' && trim($url['path'], '/') != 'ax/edit') { |
| 232 | return PL_FORBIDDEN; |
| 233 | } |
| 234 | |
| 235 | $al = AXLetter::awaiting(); |
| 236 | if (!$alg) { |
| 237 | $page->kill("Aucune lettre en attente"); |
| 238 | return; |
| 239 | } |
| 240 | if (!$al->invalid()) { |
| 241 | $page->kill("Une erreur est survenue lors de l'annulation de l'envoi"); |
| 242 | return; |
| 243 | } |
| 244 | |
| 245 | $page->kill("L'envoi de l'annonce {$al->title()} est annulé"); |
| 246 | } |
| 247 | |
| 248 | function handler_valid(&$page, $force = null) |
| 249 | { |
| 250 | require_once dirname(__FILE__) . '/axletter/axletter.inc.php'; |
| 251 | if (!AXLetter::hasPerms()) { |
| 252 | return PL_FORBIDDEN; |
| 253 | } |
| 254 | |
| 255 | $url = parse_url($_SERVER['HTTP_REFERER']); |
| 256 | if ($force != 'force' && trim($url['path'], '/') != 'ax/edit') { |
| 257 | return PL_FORBIDDEN; |
| 258 | } |
| 259 | |
| 260 | $al = AXLetter::awaiting(); |
| 261 | if (!$al) { |
| 262 | $page->kill("Aucune lettre en attente"); |
| 263 | return; |
| 264 | } |
| 265 | if (!$al->valid()) { |
| 266 | $page->kill("Une erreur est survenue lors de la validation de l'envoi"); |
| 267 | return; |
| 268 | } |
| 269 | |
| 270 | $page->kill("L'envoi de l'annonce aura lieu dans l'heure qui vient."); |
| 271 | } |
| 272 | |
| 273 | function handler_show(&$page, $nid = 'last') |
| 274 | { |
| 275 | require_once dirname(__FILE__) . '/axletter/axletter.inc.php'; |
| 276 | $page->changeTpl('axletter/show.tpl'); |
| 277 | |
| 278 | $nl = new AXLetter($nid); |
| 279 | if (Get::has('text')) { |
| 280 | $nl->toText($page, S::v('prenom'), S::v('nom'), S::v('femme')); |
| 281 | } else { |
| 282 | $nl->toHtml($page, S::v('prenom'), S::v('nom'), S::v('femme')); |
| 283 | } |
| 284 | if (Post::has('send')) { |
| 285 | $nl->sendTo(S::v('prenom'), S::v('nom'), |
| 286 | S::v('bestalias'), S::v('femme'), |
| 287 | S::v('mail_fmt') != 'texte'); |
| 288 | } |
| 289 | } |
| 290 | |
| 291 | function handler_admin(&$page, $action = null, $uid = null) |
| 292 | { |
| 293 | require_once dirname(__FILE__) . '/axletter/axletter.inc.php'; |
| 294 | if (Post::has('action')) { |
| 295 | $action = Post::v('action'); |
| 296 | $uid = Post::v('uid'); |
| 297 | } |
| 298 | if ($uid) { |
| 299 | $uids = preg_split('/ *[,;\: ] */', $uid); |
| 300 | foreach ($uids as $uid) { |
| 301 | switch ($action) { |
| 302 | case 'add': |
| 303 | $res = AXLetter::grantPerms($uid); |
| 304 | break; |
| 305 | case 'del'; |
| 306 | $res = AXLetter::revokePerms($uid); |
| 307 | break; |
| 308 | } |
| 309 | if (!$res) { |
| 310 | $page->trig("Personne ne oorrespond à l'identifiant '$uid'"); |
| 311 | } |
| 312 | } |
| 313 | } |
| 314 | |
| 315 | $page->changeTpl('axletter/admin.tpl'); |
| 316 | $res = XDB::iterator("SELECT IF(u.nom_usage != '', u.nom_usage, u.nom) AS nom, |
| 317 | u.prenom, u.promo, a.alias AS forlife |
| 318 | FROM axletter_rights AS ar |
| 319 | INNER JOIN auth_user_md5 AS u USING(user_id) |
| 320 | INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type = 'a_vie')"); |
| 321 | $page->assign('admins', $res); |
| 322 | |
| 323 | $importer = new CSVImporter('axletter_ins'); |
| 324 | $importer->registerFunction('user_id', 'email vers Id X.org', array($this, 'idFromMail')); |
| 325 | $importer->forceValue('hash', array($this, 'createHash')); |
| 326 | $importer->apply($page, "admin/axletter", array('user_id', 'email', 'prenom', 'nom', 'promo', 'flag', 'hash')); |
| 327 | } |
| 328 | |
| 329 | function idFromMail($line, $key) |
| 330 | { |
| 331 | static $field; |
| 332 | global $globals; |
| 333 | if (!isset($field)) { |
| 334 | $field = array('email', 'mail', 'login', 'bestalias', 'forlife', 'flag'); |
| 335 | foreach ($field as $fld) { |
| 336 | if (isset($line[$fld])) { |
| 337 | $field = $fld; |
| 338 | break; |
| 339 | } |
| 340 | } |
| 341 | } |
| 342 | $email = $line[$field]; |
| 343 | if (strpos($email, '@') === false) { |
| 344 | $user = $email; |
| 345 | $domain = $globals->mail->domain2; |
| 346 | } else { |
| 347 | list($user, $domain) = explode('@', $email); |
| 348 | } |
| 349 | if ($domain != $globals->mail->domain && $domain != $globals->mail->domain2 |
| 350 | && $domain != $globals->mail->alias_dom && $domain != $globals->mail->alias_dom2) { |
| 351 | $res = XDB::query("SELECT uid FROM emails WHERE email = {?}", $email); |
| 352 | if ($res->numRows() == 1) { |
| 353 | return $res->fetchOneCell(); |
| 354 | } |
| 355 | return '0'; |
| 356 | } |
| 357 | list($user) = explode('+', $user); |
| 358 | list($user) = explode('_', $user); |
| 359 | if ($domain == $globals->mail->alias_dom || $domain == $globals->mail->alias_dom2) { |
| 360 | $res = XDB::query("SELECT a.id |
| 361 | FROM virtual AS v |
| 362 | INNER JOIN virtual_redirect AS r USING(vid) |
| 363 | INNER JOIN aliases AS a ON (a.type = 'a_vie' |
| 364 | AND r.redirect = CONCAT(a.alias, '@{$globals->mail->domain2}')) |
| 365 | WHERE v.alias = CONCAT({?}, '@{$globals->mail->alias_dom}')", $user); |
| 366 | $id = $res->fetchOneCell(); |
| 367 | return $id ? $id : '0'; |
| 368 | } |
| 369 | $res = XDB::query("SELECT id FROM aliases WHERE alias = {?}", $user); |
| 370 | $id = $res->fetchOneCell(); |
| 371 | return $id ? $id : '0'; |
| 372 | } |
| 373 | |
| 374 | function createHash($line, $key) |
| 375 | { |
| 376 | $hash = implode(time(), $line) . rand(); |
| 377 | $hash = md5($hash); |
| 378 | return $hash; |
| 379 | } |
| 380 | } |
| 381 | |
| 382 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: |
| 383 | ?> |