| 1 | <?php |
| 2 | /*************************************************************************** |
| 3 | * Copyright (C) 2003-2014 Polytechnique.org * |
| 4 | * http://opensource.polytechnique.org/ * |
| 5 | * * |
| 6 | * This program is free software; you can redistribute it and/or modify * |
| 7 | * it under the terms of the GNU General Public License as published by * |
| 8 | * the Free Software Foundation; either version 2 of the License, or * |
| 9 | * (at your option) any later version. * |
| 10 | * * |
| 11 | * This program is distributed in the hope that it will be useful, * |
| 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * |
| 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * |
| 14 | * GNU General Public License for more details. * |
| 15 | * * |
| 16 | * You should have received a copy of the GNU General Public License * |
| 17 | * along with this program; if not, write to the Free Software * |
| 18 | * Foundation, Inc., * |
| 19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * |
| 20 | ***************************************************************************/ |
| 21 | |
| 22 | class ListsModule extends PLModule |
| 23 | { |
| 24 | function handlers() |
| 25 | { |
| 26 | return array( |
| 27 | 'lists' => $this->make_hook('lists', AUTH_PASSWD, 'user'), |
| 28 | 'lists/ajax' => $this->make_hook('ajax', AUTH_PASSWD, 'user', NO_AUTH), |
| 29 | 'lists/create' => $this->make_hook('create', AUTH_PASSWD, 'lists'), |
| 30 | |
| 31 | 'lists/members' => $this->make_hook('members', AUTH_COOKIE, 'user'), |
| 32 | 'lists/csv' => $this->make_hook('csv', AUTH_COOKIE, 'user'), |
| 33 | 'lists/annu' => $this->make_hook('annu', AUTH_COOKIE, 'user'), |
| 34 | 'lists/archives' => $this->make_hook('archives', AUTH_COOKIE, 'user'), |
| 35 | 'lists/archives/rss' => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS), |
| 36 | |
| 37 | 'lists/moderate' => $this->make_hook('moderate', AUTH_PASSWD, 'user'), |
| 38 | 'lists/admin' => $this->make_hook('admin', AUTH_PASSWD, 'user'), |
| 39 | 'lists/options' => $this->make_hook('options', AUTH_PASSWD, 'user'), |
| 40 | 'lists/delete' => $this->make_hook('delete', AUTH_PASSWD, 'user'), |
| 41 | |
| 42 | 'lists/soptions' => $this->make_hook('soptions', AUTH_PASSWD, 'user'), |
| 43 | 'lists/check' => $this->make_hook('check', AUTH_PASSWD, 'user'), |
| 44 | 'admin/lists' => $this->make_hook('admin_all', AUTH_PASSWD, 'admin'), |
| 45 | 'admin/aliases' => $this->make_hook('aaliases', AUTH_PASSWD, 'admin') |
| 46 | ); |
| 47 | } |
| 48 | |
| 49 | protected function prepare_client($user = null) |
| 50 | { |
| 51 | if (is_null($user)) { |
| 52 | $user = S::user(); |
| 53 | } |
| 54 | |
| 55 | $domain = $this->get_lists_domain(); |
| 56 | |
| 57 | return new MMList($user, $domain); |
| 58 | } |
| 59 | |
| 60 | protected function get_lists_domain() |
| 61 | { |
| 62 | global $globals; |
| 63 | return $globals->mail->domain; |
| 64 | } |
| 65 | |
| 66 | /** Prepare a MailingList from its mailbox |
| 67 | */ |
| 68 | protected function prepare_list($mbox) |
| 69 | { |
| 70 | // Required: modules/xnetlists.php uses it too. |
| 71 | Platal::load('lists', 'lists.inc.php'); |
| 72 | |
| 73 | return new MailingList($mbox, $this->get_lists_domain()); |
| 74 | } |
| 75 | |
| 76 | /** Ensure the current user is an administrator of the group. |
| 77 | */ |
| 78 | protected function is_group_admin($page) |
| 79 | { |
| 80 | $force_rights = false; |
| 81 | if ($GLOBALS['IS_XNET_SITE']) { |
| 82 | $perms = S::v('perms'); |
| 83 | if (is_object($perms) && $perms->hasFlag('groupadmin')) { |
| 84 | $force_rights = true; |
| 85 | } |
| 86 | } |
| 87 | $page->assign('group_admin', $force_rights); |
| 88 | |
| 89 | return $force_rights; |
| 90 | } |
| 91 | |
| 92 | /** Ensure the current user owns the given MailingList. |
| 93 | */ |
| 94 | protected function verify_list_owner($page, $mlist) |
| 95 | { |
| 96 | if (list(, , $owners) = $mlist->getMembers()) { |
| 97 | if (!(in_array(S::user()->forlifeEmail(), $owners) || S::admin())) { |
| 98 | $page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer."); |
| 99 | } |
| 100 | } else { |
| 101 | $page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer.<br />" |
| 102 | . " Si tu penses qu'il s'agit d'une erreur, " |
| 103 | . "<a href='mailto:support@polytechnique.org'>contact le support</a>."); |
| 104 | } |
| 105 | } |
| 106 | |
| 107 | /** Fetch pending operations on a MailingList instance. |
| 108 | */ |
| 109 | protected function get_pending_ops($mlist) |
| 110 | { |
| 111 | list($subs, $mails) = $mlist->getPendingOps(); |
| 112 | $res = XDB::query("SELECT mid |
| 113 | FROM email_list_moderate |
| 114 | WHERE ml = {?} AND domain = {?}", |
| 115 | $mlist->mbox, $mlist->domain); |
| 116 | $mids = $res->fetchColumn(); |
| 117 | foreach ($mails as $key => $mail) { |
| 118 | if (in_array($mail['id'], $mids)) { |
| 119 | unset($mails[$key]); |
| 120 | } |
| 121 | } |
| 122 | return array($subs, $mails); |
| 123 | } |
| 124 | |
| 125 | function handler_lists($page) |
| 126 | { |
| 127 | |
| 128 | function filter_owner($list) |
| 129 | { |
| 130 | return $list['own']; |
| 131 | } |
| 132 | |
| 133 | function filter_member($list) |
| 134 | { |
| 135 | return $list['sub']; |
| 136 | } |
| 137 | |
| 138 | $page->changeTpl('lists/index.tpl'); |
| 139 | $page->setTitle('Listes de diffusion'); |
| 140 | |
| 141 | |
| 142 | if (Get::has('del')) { |
| 143 | S::assert_xsrf_token(); |
| 144 | $mlist = $this->prepare_list(Get::v('del')); |
| 145 | $mlist->unsubscribe(); |
| 146 | pl_redirect('lists'); |
| 147 | } |
| 148 | if (Get::has('add')) { |
| 149 | S::assert_xsrf_token(); |
| 150 | $mlist = $this->prepare_list(Get::v('add')); |
| 151 | $mlist->subscribe(); |
| 152 | pl_redirect('lists'); |
| 153 | } |
| 154 | if (Post::has('promo_add')) { |
| 155 | S::assert_xsrf_token(); |
| 156 | |
| 157 | $promo = Post::i('promo_add'); |
| 158 | if ($promo >= 1900 and $promo < 2100) { |
| 159 | $mlist = MailingList::promo($promo); |
| 160 | $mlist->subscribe(); |
| 161 | } else { |
| 162 | $page->trigError("promo incorrecte, il faut une promo sur 4 chiffres."); |
| 163 | } |
| 164 | } |
| 165 | |
| 166 | $client = $this->prepare_client(); |
| 167 | if (!is_null($listes = $client->get_lists())) { |
| 168 | $owner = array_filter($listes, 'filter_owner'); |
| 169 | $listes = array_diff_key($listes, $owner); |
| 170 | $member = array_filter($listes, 'filter_member'); |
| 171 | $listes = array_diff_key($listes, $member); |
| 172 | foreach ($owner as $key => $liste) { |
| 173 | $mlist = $this->prepare_list($liste['list']); |
| 174 | list($subs, $mails) = $this->get_pending_ops($mlist); |
| 175 | $owner[$key]['subscriptions'] = $subs; |
| 176 | $owner[$key]['mails'] = $mails; |
| 177 | } |
| 178 | $page->register_modifier('hdc', 'list_header_decode'); |
| 179 | $page->assign_by_ref('owner', $owner); |
| 180 | $page->assign_by_ref('member', $member); |
| 181 | $page->assign_by_ref('public', $listes); |
| 182 | } |
| 183 | } |
| 184 | |
| 185 | function handler_ajax($page, $list = null) |
| 186 | { |
| 187 | pl_content_headers("text/html"); |
| 188 | $page->changeTpl('lists/liste.inc.tpl', NO_SKIN); |
| 189 | S::assert_xsrf_token(); |
| 190 | |
| 191 | $mlist = $this->prepare_list($list); |
| 192 | if (Get::has('unsubscribe')) { |
| 193 | $mlist->unsubscribe(); |
| 194 | } |
| 195 | if (Get::has('subscribe')) { |
| 196 | $mlist->subscribe(); |
| 197 | } |
| 198 | if (Get::has('sadd')) { |
| 199 | $mlist->handleRequest(MailingList::REQ_SUBSCRIBE, Get::v('sadd')); |
| 200 | } |
| 201 | if (Get::has('mid')) { |
| 202 | $this->moderate_mail($mlist, Get::i('mid')); |
| 203 | } |
| 204 | |
| 205 | list($liste, $members, $owners) = $mlist->getMembers(); |
| 206 | if ($liste['own']) { |
| 207 | list($subs, $mails) = $this->get_pending_ops($mlist); |
| 208 | $liste['subscriptions'] = $subs; |
| 209 | $liste['mails'] = $mails; |
| 210 | } |
| 211 | $page->register_modifier('hdc', 'list_header_decode'); |
| 212 | $page->assign_by_ref('liste', $liste); |
| 213 | } |
| 214 | |
| 215 | function handler_create($page) |
| 216 | { |
| 217 | global $globals; |
| 218 | |
| 219 | $page->changeTpl('lists/create.tpl'); |
| 220 | |
| 221 | $user_promo = S::user()->profile()->yearPromo(); |
| 222 | $year = date('Y'); |
| 223 | $month = date('m'); |
| 224 | // scolar year starts in september |
| 225 | $scolarmonth = ($year - $user_promo) * 12 + ($month - 8); |
| 226 | $young_promo = $very_young_promo = 0; |
| 227 | // binet are accessible only in april in the first year and until |
| 228 | // march of the 5th year |
| 229 | if ($scolarmonth >= 8 && $scolarmonth < 56) { |
| 230 | $young_promo = 1; |
| 231 | } |
| 232 | // PSC aliases are accesible only between september and june of the second |
| 233 | // year of scolarity |
| 234 | if ($scolarmonth >= 12 && $scolarmonth < 22) { |
| 235 | $very_young_promo = 1; |
| 236 | } |
| 237 | $page->assign('young_promo', $young_promo); |
| 238 | $page->assign('very_young_promo', $very_young_promo); |
| 239 | |
| 240 | $owners = preg_split("/[\s]+/", Post::v('owners'), -1, PREG_SPLIT_NO_EMPTY); |
| 241 | $members = preg_split("/[\s]+/", Post::v('members'), -1, PREG_SPLIT_NO_EMPTY); |
| 242 | |
| 243 | // click on validate button 'add_owner_sub' or type <enter> |
| 244 | if (Post::has('add_owner_sub') && Post::has('add_owner')) { |
| 245 | // if we want to add an owner and then type <enter>, then both |
| 246 | // add_owner_sub and add_owner are filled. |
| 247 | $oforlifes = User::getBulkForlifeEmails(Post::v('add_owner'), true); |
| 248 | $mforlifes = User::getBulkForlifeEmails(Post::v('add_member'), true); |
| 249 | if (!is_null($oforlifes)) { |
| 250 | $owners = array_merge($owners, $oforlifes); |
| 251 | } |
| 252 | // if we want to add a member and then type <enter>, then |
| 253 | // add_owner_sub is filled, whereas add_owner is empty. |
| 254 | if (!is_null($mforlifes)) { |
| 255 | $members = array_merge($members, $mforlifes); |
| 256 | } |
| 257 | } |
| 258 | |
| 259 | // click on validate button 'add_member_sub' |
| 260 | if (Post::has('add_member_sub') && Post::has('add_member')) { |
| 261 | $forlifes = User::getBulkForlifeEmails(Post::v('add_member'), true); |
| 262 | if (!is_null($forlifes)) { |
| 263 | $members = array_merge($members, $forlifes); |
| 264 | } |
| 265 | } |
| 266 | if (Post::has('add_member_sub') && isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) { |
| 267 | $upload =& PlUpload::get($_FILES['add_member_file'], S::user()->login(), 'list.addmember', true); |
| 268 | if (!$upload) { |
| 269 | $page->trigError('Une erreur s\'est produite lors du téléchargement du fichier'); |
| 270 | } else { |
| 271 | $forlifes = User::getBulkForlifeEmails($upload->getContents(), true); |
| 272 | if (!is_null($forlifes)) { |
| 273 | $members = array_merge($members, $forlifes); |
| 274 | } |
| 275 | } |
| 276 | } |
| 277 | |
| 278 | ksort($owners); |
| 279 | $owners = array_unique($owners); |
| 280 | ksort($members); |
| 281 | $members = array_unique($members); |
| 282 | |
| 283 | $page->assign('owners', join("\n", $owners)); |
| 284 | $page->assign('members', join("\n", $members)); |
| 285 | |
| 286 | if (!Post::has('submit')) { |
| 287 | return; |
| 288 | } else { |
| 289 | S::assert_xsrf_token(); |
| 290 | } |
| 291 | |
| 292 | $asso = Post::t('asso'); |
| 293 | $list = strtolower(Post::t('liste')); |
| 294 | |
| 295 | if (empty($list)) { |
| 296 | $page->trigError('Le champ « adresse souhaitée » est vide.'); |
| 297 | } |
| 298 | if (!preg_match("/^[a-zA-Z0-9\-]*$/", $list)) { |
| 299 | $page->trigError('Le nom de la liste ne doit contenir que des lettres non accentuées, chiffres et tirets.'); |
| 300 | } |
| 301 | |
| 302 | if (($asso == 'binet') || ($asso == 'alias')) { |
| 303 | $promo = Post::i('promo'); |
| 304 | $domain = $promo . '.' . $globals->mail->domain; |
| 305 | |
| 306 | if (($promo < 1921) || ($promo > date('Y'))) { |
| 307 | $page->trigError('La promotion est mal renseignée, elle doit être du type : 2004.'); |
| 308 | } |
| 309 | |
| 310 | } elseif ($asso == 'groupex') { |
| 311 | $domain = XDB::fetchOneCell('SELECT mail_domain |
| 312 | FROM groups |
| 313 | WHERE nom = {?}', |
| 314 | Post::t('groupex_name')); |
| 315 | |
| 316 | if (!$domain) { |
| 317 | $page->trigError('Il n\'y a aucun groupe de ce nom sur Polytechnique.net.'); |
| 318 | } |
| 319 | } else { |
| 320 | $domain = $globals->mail->domain; |
| 321 | } |
| 322 | |
| 323 | require_once 'emails.inc.php'; |
| 324 | if (list_exist($list, $domain)) { |
| 325 | $page->trigError("L'« adresse souhaitée » est déjà prise."); |
| 326 | } |
| 327 | |
| 328 | if (!Post::t('desc')) { |
| 329 | $page->trigError('Le sujet est vide.'); |
| 330 | } |
| 331 | |
| 332 | if (!count($owners)) { |
| 333 | $page->trigError('Il n\'y a pas de gestionnaire.'); |
| 334 | } |
| 335 | |
| 336 | if (count($members) < 4) { |
| 337 | $page->trigError('Il n\'y a pas assez de membres.'); |
| 338 | } |
| 339 | |
| 340 | if (!$page->nb_errs()) { |
| 341 | $page->trigSuccess('Demande de création envoyée !'); |
| 342 | $page->assign('created', true); |
| 343 | $req = new ListeReq(S::user(), $asso, $list, $domain, |
| 344 | Post::t('desc'), Post::i('advertise'), |
| 345 | Post::i('modlevel'), Post::i('inslevel'), |
| 346 | $owners, $members); |
| 347 | $req->submit(); |
| 348 | } |
| 349 | } |
| 350 | |
| 351 | function handler_members($page, $liste = null) |
| 352 | { |
| 353 | if (is_null($liste)) { |
| 354 | return PL_NOT_FOUND; |
| 355 | } |
| 356 | |
| 357 | $mlist = $this->prepare_list($liste); |
| 358 | $this->is_group_admin($page); |
| 359 | |
| 360 | $page->changeTpl('lists/members.tpl'); |
| 361 | |
| 362 | if (Get::has('del')) { |
| 363 | S::assert_xsrf_token(); |
| 364 | $mlist->unsubscribe(); |
| 365 | pl_redirect('lists/members/' . $liste); |
| 366 | } |
| 367 | |
| 368 | if (Get::has('add')) { |
| 369 | S::assert_xsrf_token(); |
| 370 | $mlist->subscribe(); |
| 371 | pl_redirect('lists/members/' . $liste); |
| 372 | } |
| 373 | |
| 374 | $members = $mlist->getMembers(); |
| 375 | |
| 376 | $tri_promo = !Env::b('alpha'); |
| 377 | |
| 378 | if (list($det,$mem,$own) = $members) { |
| 379 | $membres = list_sort_members($mem, $tri_promo); |
| 380 | $moderos = list_sort_owners($own, $tri_promo); |
| 381 | |
| 382 | $page->assign_by_ref('details', $det); |
| 383 | $page->assign_by_ref('members', $membres); |
| 384 | $page->assign_by_ref('owners', $moderos); |
| 385 | $page->assign('nb_m', count($mem)); |
| 386 | } else { |
| 387 | $page->kill("La liste n'existe pas ou tu n'as pas le droit d'en voir les détails."); |
| 388 | } |
| 389 | } |
| 390 | |
| 391 | function handler_csv(PlPage $page, $liste = null) |
| 392 | { |
| 393 | if (is_null($liste)) { |
| 394 | return PL_NOT_FOUND; |
| 395 | } |
| 396 | $this->is_group_admin($page); |
| 397 | |
| 398 | $mlist = $this->prepare_list($liste); |
| 399 | $members = $mlist->getMembers(); |
| 400 | $list = list_fetch_basic_info(list_extract_members($members[1])); |
| 401 | pl_cached_content_headers('text/x-csv', 'iso-8859-1', 1); |
| 402 | |
| 403 | echo utf8_decode("Nom;Prénom;Promotion\n"); |
| 404 | echo utf8_decode(implode("\n", $list)); |
| 405 | exit(); |
| 406 | } |
| 407 | |
| 408 | function handler_annu($page, $liste = null, $action = null, $subaction = null) |
| 409 | { |
| 410 | if (is_null($liste)) { |
| 411 | return PL_NOT_FOUND; |
| 412 | } |
| 413 | |
| 414 | $this->is_group_admin($page); |
| 415 | |
| 416 | $mlist = $this->prepare_list($liste); |
| 417 | |
| 418 | if (Get::has('del')) { |
| 419 | S::assert_xsrf_token(); |
| 420 | $mlist->unsubscribe(); |
| 421 | pl_redirect('lists/annu/'.$liste); |
| 422 | } |
| 423 | if (Get::has('add')) { |
| 424 | S::assert_xsrf_token(); |
| 425 | $mlist->subscribe(); |
| 426 | pl_redirect('lists/annu/'.$liste); |
| 427 | } |
| 428 | |
| 429 | $owners = $mlist->getOwners(); |
| 430 | if (!is_array($owners)) { |
| 431 | $page->kill("La liste n'existe pas ou tu n'as pas le droit d'en voir les détails."); |
| 432 | } |
| 433 | |
| 434 | list(,$members) = $mlist->getMembers(); |
| 435 | |
| 436 | if ($action == 'moderators') { |
| 437 | $users = $owners; |
| 438 | $show_moderators = true; |
| 439 | $action = $subaction; |
| 440 | $subaction = ''; |
| 441 | } else { |
| 442 | $show_moderators = false; |
| 443 | $users = array(); |
| 444 | foreach ($members as $m) { |
| 445 | $users[] = $m[1]; |
| 446 | } |
| 447 | } |
| 448 | |
| 449 | require_once 'userset.inc.php'; |
| 450 | $view = new UserArraySet($users); |
| 451 | $view->addMod('trombi', 'Trombinoscope', false, array('with_promo' => true)); |
| 452 | $view->addMod('listmember', 'Annuaire', true); |
| 453 | if (empty($GLOBALS['IS_XNET_SITE'])) { |
| 454 | $view->addMod('minifiche', 'Mini-fiches', false); |
| 455 | } |
| 456 | $view->addMod('map', 'Planisphère'); |
| 457 | $view->apply("lists/annu/$liste", $page, $action, $subaction); |
| 458 | |
| 459 | $page->changeTpl('lists/annu.tpl'); |
| 460 | $page->assign_by_ref('details', $owners[0]); |
| 461 | $page->assign('show_moderators', $show_moderators); |
| 462 | } |
| 463 | |
| 464 | function handler_archives($page, $liste = null, $action = null, $artid = null) |
| 465 | { |
| 466 | global $globals; |
| 467 | |
| 468 | if (is_null($liste)) { |
| 469 | return PL_NOT_FOUND; |
| 470 | } |
| 471 | |
| 472 | $this->is_group_admin($page); |
| 473 | |
| 474 | $mlist = $this->prepare_list($liste); |
| 475 | |
| 476 | $page->changeTpl('lists/archives.tpl'); |
| 477 | |
| 478 | if (list($det) = $mlist->getMembers()) { |
| 479 | if (substr($liste,0,5) != 'promo' && ($det['ins'] || $det['priv']) |
| 480 | && !$det['own'] && ($det['sub'] < 2)) { |
| 481 | $page->kill("La liste n'existe pas ou tu n'as pas le droit de la consulter."); |
| 482 | } |
| 483 | $get = Array('listname' => $mlist->mbox, 'domain' => $mlist->domain); |
| 484 | if (Post::has('updateall')) { |
| 485 | $get['updateall'] = Post::v('updateall'); |
| 486 | } |
| 487 | require_once 'banana/ml.inc.php'; |
| 488 | get_banana_params($get, null, $action, $artid); |
| 489 | run_banana($page, 'MLBanana', $get); |
| 490 | } else { |
| 491 | $page->kill("La liste n'existe pas ou tu n'as pas le droit de la consulter."); |
| 492 | } |
| 493 | } |
| 494 | |
| 495 | function handler_rss($page, $liste = null, $alias = null, $hash = null) |
| 496 | { |
| 497 | if (!$liste) { |
| 498 | return PL_NOT_FOUND; |
| 499 | } |
| 500 | $user = Platal::session()->tokenAuth($alias, $hash); |
| 501 | if (is_null($user)) { |
| 502 | return PL_FORBIDDEN; |
| 503 | } |
| 504 | |
| 505 | $mlist = $this->prepare_list($liste); |
| 506 | |
| 507 | if (list($det) = $mlist->getMembers()) { |
| 508 | if (substr($liste,0,5) != 'promo' && ($det['ins'] || $det['priv']) |
| 509 | && !$det['own'] && ($det['sub'] < 2)) { |
| 510 | exit; |
| 511 | } |
| 512 | require_once('banana/ml.inc.php'); |
| 513 | $banana = new MLBanana($user, Array( |
| 514 | 'listname' => $mlist->mbox, |
| 515 | 'domain' => $mlist->domain, |
| 516 | 'action' => 'rss2')); |
| 517 | $banana->run(); |
| 518 | } |
| 519 | exit; |
| 520 | } |
| 521 | |
| 522 | /** Register a moderation decision. |
| 523 | * @param $mlist MailingList: the mailing list being moderated |
| 524 | * @param $mid int: the message being moderated |
| 525 | */ |
| 526 | protected function moderate_mail($mlist, $mid) |
| 527 | { |
| 528 | if (Env::has('mok')) { |
| 529 | $action = 'accept'; |
| 530 | } elseif (Env::has('mno')) { |
| 531 | $action = 'refuse'; |
| 532 | } elseif (Env::has('mdel')) { |
| 533 | $action = 'delete'; |
| 534 | } else { |
| 535 | return false; |
| 536 | } |
| 537 | Get::kill('mid'); |
| 538 | return XDB::execute("INSERT IGNORE INTO email_list_moderate |
| 539 | VALUES ({?}, {?}, {?}, {?}, {?}, NOW(), {?}, NULL)", |
| 540 | $mlist->mbox, $mlist->domain, $mid, S::i('uid'), $action, Post::v('reason')); |
| 541 | } |
| 542 | |
| 543 | function handler_moderate($page, $liste = null) |
| 544 | { |
| 545 | if (is_null($liste)) { |
| 546 | return PL_NOT_FOUND; |
| 547 | } |
| 548 | |
| 549 | $mlist = $this->prepare_list($liste); |
| 550 | if (!$this->is_group_admin($page)) { |
| 551 | $this->verify_list_owner($page, $mlist); |
| 552 | } |
| 553 | |
| 554 | $page->changeTpl('lists/moderate.tpl'); |
| 555 | |
| 556 | $page->register_modifier('hdc', 'list_header_decode'); |
| 557 | |
| 558 | if (Env::has('sadd') || Env::has('sdel')) { |
| 559 | S::assert_xsrf_token(); |
| 560 | |
| 561 | if (Env::has('sadd')) { |
| 562 | // Ensure the moderated request is still active |
| 563 | $sub = $mlist->getPendingSubscription(Env::v('sadd')); |
| 564 | |
| 565 | $mlist->handleRequest(MailingList::REQ_SUBSCRIBE, Env::v('sadd')); |
| 566 | $info = "validée"; |
| 567 | } |
| 568 | if (Post::has('sdel')) { |
| 569 | // Ensure the moderated request is still active |
| 570 | $sub = $mlist->getPendingSubscription(Env::v('sdel')); |
| 571 | |
| 572 | $mlist->handleRequest(MailingList::REQ_REJECT, Post::v('sdel'), Post::v('reason')); |
| 573 | $info = "refusée"; |
| 574 | } |
| 575 | if ($sub) { |
| 576 | $mailer = new PlMailer(); |
| 577 | $mailer->setFrom($mlist->getAddress(MailingList::KIND_BOUNCE)); |
| 578 | $mailer->addTo($mlist->getAddress(MailingList::KIND_OWNER)); |
| 579 | $mailer->addHeader('Reply-To', $mlist->getAddress(MailingList::KIND_OWNER)); |
| 580 | $mailer->setSubject("L'inscription de {$sub['name']} a été $info"); |
| 581 | $text = "L'inscription de {$sub['name']} à la liste " . $mlist->address ." a été $info par " . S::user()->fullName(true) . ".\n"; |
| 582 | if (trim(Post::v('reason'))) { |
| 583 | $text .= "\nLa raison invoquée est :\n" . Post::v('reason'); |
| 584 | } |
| 585 | $mailer->setTxtBody(wordwrap($text, 72)); |
| 586 | $mailer->send(); |
| 587 | } |
| 588 | if (Env::has('sadd')) { |
| 589 | pl_redirect('lists/moderate/'.$liste); |
| 590 | } |
| 591 | } |
| 592 | |
| 593 | if (Post::has('moderate_mails') && Post::has('select_mails')) { |
| 594 | S::assert_xsrf_token(); |
| 595 | |
| 596 | $mails = array_keys(Post::v('select_mails')); |
| 597 | foreach($mails as $mail) { |
| 598 | $this->moderate_mail($mlist, $mail); |
| 599 | } |
| 600 | } elseif (Env::has('mid')) { |
| 601 | if (Get::has('mid') && !Env::has('mok') && !Env::has('mdel')) { |
| 602 | require_once 'banana/moderate.inc.php'; |
| 603 | |
| 604 | $page->changeTpl('lists/moderate_mail.tpl'); |
| 605 | $params = array( |
| 606 | 'listname' => $mlist->mbox, |
| 607 | 'domain' => $mlist->domain, |
| 608 | 'artid' => Get::i('mid'), |
| 609 | 'part' => Get::v('part'), |
| 610 | 'action' => Get::v('action')); |
| 611 | $params['client'] = $this->prepare_client(); |
| 612 | run_banana($page, 'ModerationBanana', $params); |
| 613 | |
| 614 | $msg = file_get_contents('/etc/mailman/fr/refuse.txt'); |
| 615 | $msg = str_replace("%(adminaddr)s", $mlist->getAddress(MailingList::KIND_OWNER), $msg); |
| 616 | $msg = str_replace("%(request)s", "<< SUJET DU MAIL >>", $msg); |
| 617 | $msg = str_replace("%(reason)s", "<< TON EXPLICATION >>", $msg); |
| 618 | $msg = str_replace("%(listname)s", $liste, $msg); |
| 619 | $page->assign('msg', $msg); |
| 620 | return; |
| 621 | } |
| 622 | |
| 623 | $this->moderate_mail($mlist, Env::i('mid')); |
| 624 | } elseif (Env::has('sid')) { |
| 625 | if (list($subs,$mails) = $this->get_pending_ops($mlist)) { |
| 626 | foreach($subs as $user) { |
| 627 | if ($user['id'] == Env::v('sid')) { |
| 628 | $page->changeTpl('lists/moderate_sub.tpl'); |
| 629 | $page->assign('del_user', $user); |
| 630 | return; |
| 631 | } |
| 632 | } |
| 633 | } |
| 634 | |
| 635 | } |
| 636 | |
| 637 | if (list($subs,$mails) = $this->get_pending_ops($mlist)) { |
| 638 | foreach ($mails as $key=>$mail) { |
| 639 | $mails[$key]['stamp'] = strftime("%Y%m%d%H%M%S", $mail['stamp']); |
| 640 | if ($mail['fromx']) { |
| 641 | $page->assign('with_fromx', true); |
| 642 | } else { |
| 643 | $page->assign('with_nonfromx', true); |
| 644 | } |
| 645 | } |
| 646 | $page->assign_by_ref('subs', $subs); |
| 647 | $page->assign_by_ref('mails', $mails); |
| 648 | } else { |
| 649 | $page->kill("La liste n'existe pas ou tu n'as pas le droit de la modérer."); |
| 650 | } |
| 651 | } |
| 652 | |
| 653 | static public function no_login_callback($login) |
| 654 | { |
| 655 | global $list_unregistered; |
| 656 | |
| 657 | $users = User::getPendingAccounts($login, true); |
| 658 | if ($users && $users->total()) { |
| 659 | if (!isset($list_unregistered)) { |
| 660 | $list_unregistered = array(); |
| 661 | } |
| 662 | $list_unregistered[$login] = $users; |
| 663 | } else { |
| 664 | list($name, $domain) = @explode('@', $login); |
| 665 | if (User::isMainMailDomain($domain)) { |
| 666 | User::_default_user_callback($login); |
| 667 | } |
| 668 | } |
| 669 | } |
| 670 | |
| 671 | function handler_admin($page, $liste = null) |
| 672 | { |
| 673 | global $globals; |
| 674 | |
| 675 | if (is_null($liste)) { |
| 676 | return PL_NOT_FOUND; |
| 677 | } |
| 678 | |
| 679 | $mlist = $this->prepare_list($liste); |
| 680 | $this->is_group_admin($page); |
| 681 | if (!$this->is_group_admin($page)) { |
| 682 | $this->verify_list_owner($page, $mlist); |
| 683 | } |
| 684 | |
| 685 | $page->changeTpl('lists/admin.tpl'); |
| 686 | |
| 687 | if (Env::has('send_mark')) { |
| 688 | S::assert_xsrf_token(); |
| 689 | |
| 690 | $actions = Env::v('mk_action'); |
| 691 | $uids = Env::v('mk_uid'); |
| 692 | $mails = Env::v('mk_email'); |
| 693 | foreach ($actions as $key=>$action) { |
| 694 | switch ($action) { |
| 695 | case 'none': |
| 696 | break; |
| 697 | |
| 698 | case 'marketu': case 'markets': |
| 699 | require_once 'emails.inc.php'; |
| 700 | $user = User::get($uids[$key]); |
| 701 | $mail = valide_email($mails[$key]); |
| 702 | if (isvalid_email_redirection($mail, $user)) { |
| 703 | $from = ($action == 'marketu') ? 'user' : 'staff'; |
| 704 | $market = Marketing::get($uids[$key], $mail); |
| 705 | if (!$market) { |
| 706 | $market = new Marketing($uids[$key], $mail, 'list', $mlist->address, $from, S::v('uid')); |
| 707 | $market->add(); |
| 708 | break; |
| 709 | } |
| 710 | } |
| 711 | |
| 712 | default: |
| 713 | XDB::execute('INSERT IGNORE INTO register_subs (uid, type, sub, domain) |
| 714 | VALUES ({?}, \'list\', {?}, {?})', |
| 715 | $uids[$key], $mlist->mbox, $mlist->domain); |
| 716 | } |
| 717 | } |
| 718 | } |
| 719 | |
| 720 | if (Env::has('add_member') || |
| 721 | isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) { |
| 722 | S::assert_xsrf_token(); |
| 723 | |
| 724 | if (isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) { |
| 725 | $upload =& PlUpload::get($_FILES['add_member_file'], S::user()->login(), 'list.addmember', true); |
| 726 | if (!$upload) { |
| 727 | $page->trigError("Une erreur s'est produite lors du téléchargement du fichier."); |
| 728 | } else { |
| 729 | $logins = $upload->getContents(); |
| 730 | } |
| 731 | } else { |
| 732 | $logins = Env::v('add_member'); |
| 733 | } |
| 734 | |
| 735 | $logins = preg_split("/[; ,\r\n\|]+/", $logins); |
| 736 | $members = User::getBulkForlifeEmails($logins, |
| 737 | true, |
| 738 | array('ListsModule', 'no_login_callback')); |
| 739 | $unfound = array_diff_key($logins, $members); |
| 740 | |
| 741 | // Make sure we send a list (array_values) of unique (array_unique) |
| 742 | // emails. |
| 743 | $members = array_values(array_unique($members)); |
| 744 | |
| 745 | $arr = $mlist->subscribeBulk($members); |
| 746 | |
| 747 | $successes = array(); |
| 748 | if (is_array($arr)) { |
| 749 | foreach($arr as $addr) { |
| 750 | $successes[] = $addr[1]; |
| 751 | $page->trigSuccess("{$addr[0]} inscrit."); |
| 752 | } |
| 753 | } |
| 754 | |
| 755 | $already = array_diff($members, $successes); |
| 756 | if (is_array($already)) { |
| 757 | foreach ($already as $item) { |
| 758 | $page->trigWarning($item . ' est déjà inscrit.'); |
| 759 | } |
| 760 | } |
| 761 | |
| 762 | if (is_array($unfound)) { |
| 763 | foreach ($unfound as $item) { |
| 764 | if (trim($item) != '') { |
| 765 | $page->trigError($item . " ne correspond pas à un compte existant et n'est pas une adresse email."); |
| 766 | } |
| 767 | } |
| 768 | } |
| 769 | } |
| 770 | |
| 771 | if (Env::has('del_member')) { |
| 772 | S::assert_xsrf_token(); |
| 773 | |
| 774 | if ($del_member = User::getSilent(Env::t('del_member'))) { |
| 775 | $mlist->unsubscribeBulk(array($del_member->forlifeEmail())); |
| 776 | } |
| 777 | pl_redirect('lists/admin/'.$liste); |
| 778 | } |
| 779 | |
| 780 | if (Env::has('add_owner')) { |
| 781 | S::assert_xsrf_token(); |
| 782 | |
| 783 | $owners = User::getBulkForlifeEmails(Env::v('add_owner'), false, array('ListsModule', 'no_login_callback')); |
| 784 | if ($owners) { |
| 785 | foreach ($owners as $forlife_email) { |
| 786 | if ($mlist->addOwner($forlife_email)) { |
| 787 | $page->trigSuccess($login ." ajouté aux modérateurs."); |
| 788 | } |
| 789 | } |
| 790 | } |
| 791 | } |
| 792 | |
| 793 | if (Env::has('del_owner')) { |
| 794 | S::assert_xsrf_token(); |
| 795 | |
| 796 | if ($del_owner = User::getSilent(Env::t('del_owner'))) { |
| 797 | $mlist->removeOwner($del_owner->forlifeEmail()); |
| 798 | } |
| 799 | pl_redirect('lists/admin/'.$liste); |
| 800 | } |
| 801 | |
| 802 | if (list($det,$mem,$own) = $mlist->getMembers()) { |
| 803 | global $list_unregistered; |
| 804 | if ($list_unregistered) { |
| 805 | $page->assign_by_ref('unregistered', $list_unregistered); |
| 806 | } |
| 807 | $membres = list_sort_members($mem, @$tri_promo); |
| 808 | $moderos = list_sort_owners($own, @$tri_promo); |
| 809 | |
| 810 | $page->assign_by_ref('details', $det); |
| 811 | $page->assign_by_ref('members', $membres); |
| 812 | $page->assign_by_ref('owners', $moderos); |
| 813 | $page->assign('np_m', count($mem)); |
| 814 | } else { |
| 815 | $page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer.<br />" |
| 816 | . " Si tu penses qu'il s'agit d'une erreur, " |
| 817 | . "<a href='mailto:support@polytechnique.org'>contact le support</a>."); |
| 818 | } |
| 819 | } |
| 820 | |
| 821 | function handler_options($page, $liste = null) |
| 822 | { |
| 823 | if (is_null($liste)) { |
| 824 | return PL_NOT_FOUND; |
| 825 | } |
| 826 | |
| 827 | $mlist = $this->prepare_list($liste); |
| 828 | if (!$this->is_group_admin($page)) { |
| 829 | $this->verify_list_owner($page, $mlist); |
| 830 | } |
| 831 | |
| 832 | $page->changeTpl('lists/options.tpl'); |
| 833 | |
| 834 | if (Post::has('submit')) { |
| 835 | S::assert_xsrf_token(); |
| 836 | |
| 837 | $values = $_POST; |
| 838 | $values = array_map('utf8_decode', $values); |
| 839 | $spamlevel = intval($values['bogo_level']); |
| 840 | $unsurelevel = intval($values['unsure_level']); |
| 841 | if ($spamlevel == 0) { |
| 842 | $unsurelevel = 0; |
| 843 | } |
| 844 | if ($spamlevel > 3 || $spamlevel < 0 || $unsurelevel < 0 || $unsurelevel > 1) { |
| 845 | $page->trigError("Réglage de l'antispam non valide"); |
| 846 | } else { |
| 847 | $mlist->setBogoLevel(($spamlevel << 1) + $unsurelevel); |
| 848 | } |
| 849 | switch($values['moderate']) { |
| 850 | case '0': |
| 851 | $values['generic_nonmember_action'] = 0; |
| 852 | $values['default_member_moderation'] = 0; |
| 853 | break; |
| 854 | case '1': |
| 855 | $values['generic_nonmember_action'] = 1; |
| 856 | $values['default_member_moderation'] = 0; |
| 857 | break; |
| 858 | case '2': |
| 859 | $values['generic_nonmember_action'] = 1; |
| 860 | $values['default_member_moderation'] = 1; |
| 861 | break; |
| 862 | } |
| 863 | unset($values['submit'], $values['bogo_level'], $values['moderate']); |
| 864 | $values['send_goodbye_msg'] = !empty($values['send_goodbye_msg']); |
| 865 | $values['admin_notify_mchanges'] = !empty($values['admin_notify_mchanges']); |
| 866 | $values['subscribe_policy'] = empty($values['subscribe_policy']) ? 0 : 2; |
| 867 | if (isset($values['subject_prefix'])) { |
| 868 | $values['subject_prefix'] = trim($values['subject_prefix']).' '; |
| 869 | } |
| 870 | $mlist->setOwnerOptions($values); |
| 871 | } elseif (isvalid_email(Post::v('atn_add'))) { |
| 872 | S::assert_xsrf_token(); |
| 873 | $mlist->whitelistAdd(Post::v('atn_add')); |
| 874 | } elseif (Get::has('atn_del')) { |
| 875 | S::assert_xsrf_token(); |
| 876 | $mlist->whitelistRemove(Post::v('atn_del')); |
| 877 | pl_redirect('lists/options/'.$liste); |
| 878 | } |
| 879 | |
| 880 | if (list($details, $options) = $mlist->getOwnerOptions()) { |
| 881 | $page->assign_by_ref('details', $details); |
| 882 | $page->assign_by_ref('options', $options); |
| 883 | $bogo_level = intval($mlist->getBogoLevel()); |
| 884 | $page->assign('unsure_level', $bogo_level & 1); |
| 885 | $page->assign('bogo_level', $bogo_level >> 1); |
| 886 | } else { |
| 887 | $page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer"); |
| 888 | } |
| 889 | } |
| 890 | |
| 891 | function handler_delete($page, $liste = null) |
| 892 | { |
| 893 | global $globals; |
| 894 | if (is_null($liste)) { |
| 895 | return PL_NOT_FOUND; |
| 896 | } |
| 897 | |
| 898 | $mlist = $this->prepare_list($liste); |
| 899 | if (!$this->is_group_admin($page)) { |
| 900 | $this->verify_list_owner($page, $mlist); |
| 901 | } |
| 902 | |
| 903 | $page->changeTpl('lists/delete.tpl'); |
| 904 | if (Post::v('valid') == 'OUI') { |
| 905 | S::assert_xsrf_token(); |
| 906 | |
| 907 | if ($mlist->delete(Post::b('del_archive'))) { |
| 908 | require_once 'emails.inc.php'; |
| 909 | |
| 910 | delete_list($mlist->mbox, $mlist->domain); |
| 911 | $page->assign('deleted', true); |
| 912 | $page->trigSuccess('La liste a été détruite !'); |
| 913 | } else { |
| 914 | $page->kill('Une erreur est survenue lors de la suppression de la liste.<br />' |
| 915 | . 'Contact les administrateurs du site pour régler le problème : ' |
| 916 | . '<a href="mailto:support@polytechnique.org">support@polytechnique.org</a>.'); |
| 917 | } |
| 918 | } elseif (list($details, $options) = $mlist->getOwnerOptions()) { |
| 919 | if (!$details['own']) { |
| 920 | $page->trigWarning('Tu n\'es pas administrateur de la liste, mais du site.'); |
| 921 | } |
| 922 | $page->assign_by_ref('details', $details); |
| 923 | $page->assign_by_ref('options', $options); |
| 924 | $page->assign('bogo_level', $mlist->getBogoLevel()); |
| 925 | } else { |
| 926 | $page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer."); |
| 927 | } |
| 928 | } |
| 929 | |
| 930 | function handler_soptions($page, $liste = null) |
| 931 | { |
| 932 | if (is_null($liste)) { |
| 933 | return PL_NOT_FOUND; |
| 934 | } |
| 935 | |
| 936 | $mlist = $this->prepare_list($liste); |
| 937 | if (!$this->is_group_admin($page)) { |
| 938 | $this->verify_list_owner($page, $mlist); |
| 939 | } |
| 940 | |
| 941 | $page->changeTpl('lists/soptions.tpl'); |
| 942 | |
| 943 | if (Post::has('submit')) { |
| 944 | S::assert_xsrf_token(); |
| 945 | |
| 946 | $values = $_POST; |
| 947 | $values = array_map('utf8_decode', $values); |
| 948 | unset($values['submit']); |
| 949 | $values['advertised'] = empty($values['advertised']) ? false : true; |
| 950 | $values['archive'] = empty($values['archive']) ? false : true; |
| 951 | $mlist->setAdminOptions($values); |
| 952 | } |
| 953 | |
| 954 | if (list($details, $options) = $mlist->getAdminOptions()) { |
| 955 | $page->assign_by_ref('details', $details); |
| 956 | $page->assign_by_ref('options', $options); |
| 957 | } else { |
| 958 | $page->kill("La liste n'existe pas."); |
| 959 | } |
| 960 | } |
| 961 | |
| 962 | function handler_check($page, $liste = null) |
| 963 | { |
| 964 | if (is_null($liste)) { |
| 965 | return PL_NOT_FOUND; |
| 966 | } |
| 967 | |
| 968 | $mlist = $this->prepare_list($liste); |
| 969 | if (!$this->is_group_admin($page)) { |
| 970 | $this->verify_list_owner($page, $mlist); |
| 971 | } |
| 972 | |
| 973 | $page->changeTpl('lists/check.tpl'); |
| 974 | |
| 975 | if (Post::has('correct')) { |
| 976 | S::assert_xsrf_token(); |
| 977 | $mlist->checkOptions(true); |
| 978 | } |
| 979 | |
| 980 | if (list($details, $options) = $mlist->checkOptions()) { |
| 981 | $page->assign_by_ref('details', $details); |
| 982 | $page->assign_by_ref('options', $options); |
| 983 | } else { |
| 984 | $page->kill("La liste n'existe pas."); |
| 985 | } |
| 986 | } |
| 987 | |
| 988 | function handler_admin_all($page) |
| 989 | { |
| 990 | $page->changeTpl('lists/admin_all.tpl'); |
| 991 | $page->setTitle('Administration - Mailing lists'); |
| 992 | |
| 993 | $client = $this->prepare_client(); |
| 994 | $listes = $client->get_all_lists(); |
| 995 | $page->assign_by_ref('listes', $listes); |
| 996 | } |
| 997 | |
| 998 | function handler_aaliases($page, $alias = null) |
| 999 | { |
| 1000 | global $globals; |
| 1001 | require_once 'emails.inc.php'; |
| 1002 | $page->setTitle('Administration - Aliases'); |
| 1003 | |
| 1004 | if (Post::has('new_alias')) { |
| 1005 | pl_redirect('admin/aliases/' . Post::t('new_alias') . '@' . $globals->mail->domain); |
| 1006 | } |
| 1007 | |
| 1008 | // If no alias, list them all. |
| 1009 | if (is_null($alias)) { |
| 1010 | $page->changeTpl('lists/admin_aliases.tpl'); |
| 1011 | $page->assign('aliases', array_merge(iterate_list_alias($globals->mail->domain), iterate_list_alias($globals->mail->domain2))); |
| 1012 | return; |
| 1013 | } |
| 1014 | |
| 1015 | list($local_part, $domain) = explode('@', $alias); |
| 1016 | if (!($globals->mail->domain == $domain || $globals->mail->domain2 == $domain) |
| 1017 | || !preg_match("/^[a-zA-Z0-9\-\.]*$/", $local_part)) { |
| 1018 | $page->trigErrorRedirect('Le nom de l\'alias est erroné.', $globals->asso('diminutif') . 'admin/aliases'); |
| 1019 | } |
| 1020 | |
| 1021 | // Now we can perform the action. |
| 1022 | if (Post::has('del_alias')) { |
| 1023 | S::assert_xsrf_token(); |
| 1024 | |
| 1025 | delete_list_alias($local_part, $domain); |
| 1026 | $page->trigSuccessRedirect($alias . ' supprimé.', 'admin/aliases'); |
| 1027 | } |
| 1028 | |
| 1029 | if (Post::has('add_member')) { |
| 1030 | S::assert_xsrf_token(); |
| 1031 | |
| 1032 | if (add_to_list_alias(Post::t('add_member'), $local_part, $domain)) { |
| 1033 | $page->trigSuccess('Ajout réussit.'); |
| 1034 | } else { |
| 1035 | $page->trigError('Ajout infructueux.'); |
| 1036 | } |
| 1037 | } |
| 1038 | |
| 1039 | if (Get::has('del_member')) { |
| 1040 | S::assert_xsrf_token(); |
| 1041 | |
| 1042 | if (delete_from_list_alias(Get::t('del_member'), $local_part, $domain)) { |
| 1043 | $page->trigSuccess('Suppression réussie.'); |
| 1044 | } else { |
| 1045 | $page->trigError('Suppression infructueuse.'); |
| 1046 | } |
| 1047 | } |
| 1048 | |
| 1049 | $page->changeTpl('lists/admin_edit_alias.tpl'); |
| 1050 | $page->assign('members', list_alias_members($local_part, $domain)); |
| 1051 | $page->assign('alias', $alias); |
| 1052 | } |
| 1053 | } |
| 1054 | |
| 1055 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8: |
| 1056 | ?> |