projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Adds XSRF protection to the Carnet module.
[platal.git] / include / user.func.inc.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2008 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 // {{{ function user_clear_all_subs()
23 /** kills the inscription of a user.
24 * we still keep his birthdate, adresses, and personnal stuff
25 * kills the entreprises, mentor, emails and lists subscription stuff
26 */
27 function user_clear_all_subs($user_id, $really_del=true)
28 {
29 // keep datas in : aliases, adresses, tels, applis_ins, binets_ins, contacts, groupesx_ins, homonymes, identification_ax, photo
30 // delete in : auth_user_md5, auth_user_quick, competences_ins, emails, entreprises, langues_ins, mentor,
31 // mentor_pays, mentor_secteurs, newsletter_ins, perte_pass, requests, user_changes, virtual_redirect, watch_sub
32 // + delete maillists
33
34 global $globals;
35 $uid = intval($user_id);
36 $res = XDB::query("SELECT alias FROM aliases WHERE type='a_vie' AND id={?}", $uid);
37 $alias = $res->fetchOneCell();
38
39 $tables_to_clear = array('uid' => array('competences_ins', 'entreprises', 'langues_ins', 'mentor_pays',
40 'mentor_secteurs', 'mentor', 'perte_pass', 'watch_sub'),
41 'user_id' => array('requests', 'user_changes'));
42
43 if ($really_del) {
44 array_push($tables_to_clear['uid'], 'emails', 'groupex.membres', 'contacts', 'adresses', 'tels',
45 'photo', 'perte_pass', 'langues_ins', 'forums.abos', 'forums.profils');
46 array_push($tables_to_clear['user_id'], 'newsletter_ins', 'auth_user_quick', 'binets_ins');
47 $tables_to_clear['id'] = array('aliases');
48 $tables_to_clear['contact'] = array('contacts');
49 XDB::execute("UPDATE auth_user_md5
50 SET date_ins = 0, promo_sortie = 0, nom_usage = '', password = '', perms = 'pending',
51 nationalite = '', cv = '', section = 0, date = 0, smtppass = '', mail_storage = ''
52 WHERE user_id = {?}", $uid);
53 XDB::execute("DELETE virtual.* FROM virtual INNER JOIN virtual_redirect AS r USING(vid) WHERE redirect = {?}",
54 $alias.'@'.$globals->mail->domain);
55 XDB::execute("DELETE virtual.* FROM virtual INNER JOIN virtual_redirect AS r USING(vid) WHERE redirect = {?}",
56 $alias.'@'.$globals->mail->domain2);
57 } else {
58 XDB::execute("UPDATE auth_user_md5 SET password='',smtppass='' WHERE user_id={?}", $uid);
59 XDB::execute("UPDATE auth_user_quick SET watch_flags='' WHERE user_id={?}", $uid);
60 }
61
62 XDB::execute("DELETE FROM virtual_redirect WHERE redirect = {?}", $alias.'@'.$globals->mail->domain);
63 XDB::execute("DELETE FROM virtual_redirect WHERE redirect = {?}", $alias.'@'.$globals->mail->domain2);
64
65 foreach ($tables_to_clear as $key=>&$tables) {
66 foreach ($tables as $table) {
67 XDB::execute("DELETE FROM $table WHERE $key={?}", $uid);
68 }
69 }
70
71 $mmlist = new MMList(S::v('uid'), S::v('password'));
72 $mmlist->kill($alias, $really_del);
73
74 // Deactivates, when available, the Google Apps account of the user.
75 if ($globals->mailstorage->googleapps_domain) {
76 require_once 'googleapps.inc.php';
77 if (GoogleAppsAccount::account_status($uid)) {
78 $account = new GoogleAppsAccount($uid, $alias);
79 $account->suspend();
80 }
81 }
82 }
83
84 // }}}
85 // {{{ function get_user_login()
86
87 // Defaut callback to call when a login is not found
88 function _default_user_callback($login)
89 {
90 global $page;
91 $page->trig("Il n'y a pas d'utilisateur avec l'identifiant : $login");
92 return;
93 }
94
95 function _silent_user_callback($login)
96 {
97 return;
98 }
99
100 function get_user_login($data, $get_forlife = false, $callback = '_default_user_callback')
101 {
102 global $globals, $page;
103
104 if (is_numeric($data)) {
105 $res = XDB::query("SELECT alias FROM aliases WHERE type='a_vie' AND id={?}", $data);
106 if ($res->numRows()) {
107 return $res->fetchOneCell();
108 } else {
109 call_user_func($callback, $data);
110 return false;
111 }
112 }
113
114 $data = trim(strtolower($data));
115
116 if (strstr($data, '@')===false) {
117 $data = $data.'@'.$globals->mail->domain;
118 }
119
120 list($mbox, $fqdn) = explode('@', $data);
121 if ($fqdn == $globals->mail->domain || $fqdn == $globals->mail->domain2) {
122
123 $res = XDB::query("SELECT a.alias
124 FROM aliases AS a
125 INNER JOIN aliases AS b ON (a.id = b.id AND b.type IN ('alias', 'a_vie') AND b.alias={?})
126 WHERE a.type = 'a_vie'", $mbox);
127 if ($res->numRows()) {
128 return $get_forlife ? $res->fetchOneCell() : $mbox;
129 }
130
131 if (preg_match('/^(.*)\.([0-9]{4})$/u', $mbox, $matches)) {
132 $res = XDB::query("SELECT a.alias
133 FROM aliases AS a
134 INNER JOIN aliases AS b ON (a.id = b.id AND b.type IN ('alias', 'a_vie') AND b.alias={?})
135 INNER JOIN auth_user_md5 AS u ON (a.id = u.user_id AND promo = {?})
136 WHERE a.type = 'a_vie'", $matches[1], $matches[2]);
137 if ($res->numRows() == 1) {
138 return $res->fetchOneCell();
139 }
140 }
141 call_user_func($callback, $data);
142 return false;
143
144 } elseif ($fqdn == $globals->mail->alias_dom || $fqdn == $globals->mail->alias_dom2) {
145
146 $res = XDB::query("SELECT redirect
147 FROM virtual_redirect
148 INNER JOIN virtual USING(vid)
149 WHERE alias={?}", $mbox.'@'.$globals->mail->alias_dom);
150 if ($redir = $res->fetchOneCell()) {
151 list($alias) = explode('@', $redir);
152 } else {
153 call_user_func($callback, $data);
154 $alias = false;
155 }
156 return $alias;
157 } else {
158
159 $res = XDB::query("SELECT alias
160 FROM aliases AS a
161 INNER JOIN emails AS e ON e.uid=a.id
162 WHERE e.email={?} AND a.type='a_vie'", $data);
163 switch ($i = $res->numRows()) {
164 case 0:
165 call_user_func($callback, $data);
166 return false;
167
168 case 1:
169 return $res->fetchOneCell();
170
171 default:
172 if (S::has_perms()) {
173 $aliases = $res->fetchColumn();
174 $page->trig("Il y a $i utilisateurs avec cette adresse mail : ".join(', ', $aliases));
175 } else {
176 $res->free();
177 }
178 }
179 }
180
181 return false;
182 }
183
184 // }}}
185 // {{{ function get_user_forlife()
186
187 function get_user_forlife($data, $callback = '_default_user_callback')
188 {
189 return get_user_login($data, true, $callback);
190 }
191
192 // }}}
193 // {{{ function get_users_forlife_list()
194
195 function get_users_forlife_list($members, $strict = false, $callback = '_default_user_callback')
196 {
197 if (!is_array($members)) {
198 if (strlen(trim($members)) == 0) {
199 return null;
200 }
201 $members = explode(' ', $members);
202 }
203 if ($members) {
204 $list = array();
205 foreach ($members as $i => $alias) {
206 if (($login = get_user_forlife($alias, $callback)) !== false) {
207 $list[$i] = $login;
208 } else if(!$strict) {
209 $list[$i] = $alias;
210 }
211 }
212 return $list;
213 }
214 return null;
215 }
216
217 // }}}
218 // {{{ function has_user_right()
219 function has_user_right($pub, $view = 'private') {
220 if ($pub == $view) return true;
221 // all infos available for private
222 if ($view == 'private') return true;
223 // public infos available for all
224 if ($pub == 'public') return true;
225 // here we have view = ax or public, and pub = ax or private, and pub != view
226 return false;
227 }
228 // }}}
229 // {{{ function get_not_registered_user()
230
231 function get_not_registered_user($login, $iterator = false)
232 {
233 global $globals;
234 @list($login, $domain) = explode('@', $login);
235 if ($domain && $domain != $globals->mail->domain && $domain != $globals->mail->domain2) {
236 return null;
237 }
238 @list($prenom, $nom, $promo) = explode('.', $login);
239 $where = 'REPLACE(REPLACE(REPLACE(nom, " ", ""), "-", ""), "\'", "") LIKE CONCAT("%", {?}, "%")
240 AND REPLACE(REPLACE(REPLACE(prenom, " ", ""), "-", ""), "\'", "") LIKE CONCAT("%", {?}, "%")';
241 if ($promo) {
242 if (preg_match('/^[0-9]{2}$/', $promo)) {
243 $where .= 'AND MOD(promo, 100) = {?}';
244 } elseif (preg_match('/^[0-9]{4}$/', $promo)) {
245 $where .= 'AND promo = {?}';
246 }
247 }
248 $sql = "SELECT user_id, nom, prenom, promo
249 FROM auth_user_md5
250 WHERE $where
251 ORDER BY promo, nom, prenom";
252 if ($iterator) {
253 return XDB::iterator($sql, $nom, $prenom, $promo);
254 } else {
255 $res = XDB::query($sql, $nom, $prenom, $promo);
256 return $res->fetchAllAssoc();
257 }
258 }
259
260 // }}}
261 // {{{ function get_user_details_pro()
262
263 function get_user_details_pro($uid, $view = 'private')
264 {
265 $sql = "SELECT e.entreprise, s.label as secteur , ss.label as sous_secteur , f.fonction_fr as fonction,
266 e.poste, e.adr1, e.adr2, e.adr3, e.postcode, e.city, e.entrid,
267 gp.pays AS countrytxt, gr.name AS region, e.tel, e.fax, e.mobile, e.entrid,
268 e.pub, e.adr_pub, e.tel_pub, e.email, e.email_pub, e.web
269 FROM entreprises AS e
270 LEFT JOIN emploi_secteur AS s ON(e.secteur = s.id)
271 LEFT JOIN emploi_ss_secteur AS ss ON(e.ss_secteur = ss.id AND e.secteur = ss.secteur)
272 LEFT JOIN fonctions_def AS f ON(e.fonction = f.id)
273 LEFT JOIN geoloc_pays AS gp ON (gp.a2 = e.country)
274 LEFT JOIN geoloc_region AS gr ON (gr.a2 = e.country and gr.region = e.region)
275 WHERE e.uid = {?}
276 ORDER BY e.entrid";
277 $res = XDB::query($sql, $uid);
278 $all_pro = $res->fetchAllAssoc();
279 foreach ($all_pro as $i => $pro) {
280 if (!has_user_right($pro['pub'], $view))
281 unset($all_pro[$i]);
282 else {
283 if (!has_user_right($pro['adr_pub'], $view)) {
284 if ($pro['adr1'] == '' &&
285 $pro['adr2'] == '' &&
286 $pro['adr3'] == '' &&
287 $pro['postcode'] == '' &&
288 $pro['city'] == '' &&
289 $pro['countrytxt'] == '' &&
290 $pro['region'] == '') {
291 $all_pro[$i]['adr_pub'] = $view;
292 } else {
293 $all_pro[$i]['adr1'] = '';
294 $all_pro[$i]['adr2'] = '';
295 $all_pro[$i]['adr3'] = '';
296 $all_pro[$i]['postcode'] = '';
297 $all_pro[$i]['city'] = '';
298 $all_pro[$i]['countrytxt'] = '';
299 $all_pro[$i]['region'] = '';
300 }
301 }
302 if (!has_user_right($pro['tel_pub'], $view)) {
303 // if no tel was defined, then the viewer will be able to write it
304 if ($pro['tel'] == '' &&
305 $pro['fax'] == '' &&
306 $pro['mobile'] == '') {
307 $all_pro[$i]['tel_pub'] = $view;
308 } else {
309 $all_pro[$i]['tel'] = '';
310 $all_pro[$i]['fax'] = '';
311 $all_pro[$i]['mobile'] = '';
312 }
313 }
314 if (!has_user_right($pro['email_pub'], $view)) {
315 if ($pro['email'] == '')
316 $all_pro[$i]['email_pub'] = $view;
317 else
318 $all_pro[$i]['email'] = '';
319 }
320 if ($all_pro[$i]['adr1'] == '' &&
321 $all_pro[$i]['adr2'] == '' &&
322 $all_pro[$i]['adr3'] == '' &&
323 $all_pro[$i]['postcode'] == '' &&
324 $all_pro[$i]['city'] == '' &&
325 $all_pro[$i]['countrytxt'] == '' &&
326 $all_pro[$i]['region'] == '' &&
327 $all_pro[$i]['entreprise'] == '' &&
328 $all_pro[$i]['fonction'] == '' &&
329 $all_pro[$i]['secteur'] == '' &&
330 $all_pro[$i]['poste'] == '' &&
331 $all_pro[$i]['tel'] == '' &&
332 $all_pro[$i]['fax'] == '' &&
333 $all_pro[$i]['mobile'] == '' &&
334 $all_pro[$i]['email'] == '')
335 unset($all_pro[$i]);
336 }
337 }
338 if (!count($all_pro)) return false;
339 return $all_pro;
340 }
341
342 // }}}
343 // {{{ function get_user_details_adr()
344
345 function get_user_details_adr($uid, $view = 'private') {
346 $sql = "SELECT a.adrid, a.adr1,a.adr2,a.adr3,a.postcode,a.city,
347 gp.pays AS countrytxt,a.region, a.regiontxt,
348 FIND_IN_SET('active', a.statut) AS active, a.adrid,
349 FIND_IN_SET('res-secondaire', a.statut) AS secondaire,
350 a.pub, gp.display
351 FROM adresses AS a
352 LEFT JOIN geoloc_pays AS gp ON (gp.a2=a.country)
353 WHERE uid= {?} AND NOT FIND_IN_SET('pro',a.statut)
354 ORDER BY NOT FIND_IN_SET('active',a.statut), FIND_IN_SET('temporaire',a.statut), FIND_IN_SET('res-secondaire',a.statut)";
355 $res = XDB::query($sql, $uid);
356 $all_adr = $res->fetchAllAssoc();
357 $adrid_index = array();
358 foreach ($all_adr as $i => $adr) {
359 if (!has_user_right($adr['pub'], $view))
360 unset($all_adr[$i]);
361 else
362 $adrid_index[$adr['adrid']] = $i;
363 }
364
365 $sql = "SELECT t.adrid, t.tel_pub, t.tel_type, t.tel, t.telid
366 FROM tels AS t
367 INNER JOIN adresses AS a ON (a.uid = t.uid) AND (a.adrid = t.adrid)
368 WHERE t.uid = {?} AND NOT FIND_IN_SET('pro',a.statut)
369 ORDER BY t.adrid, t.tel_type DESC, t.telid";
370 $restel = XDB::iterator($sql, $uid);
371 while ($nexttel = $restel->next()) {
372 if (has_user_right($nexttel['tel_pub'], $view)) {
373 $adrid = $nexttel['adrid'];
374 unset($nexttel['adrid']);
375 if (isset($adrid_index[$adrid])) {
376 if (!isset($all_adr[$adrid_index[$adrid]]['tels']))
377 $all_adr[$adrid_index[$adrid]]['tels'] = array($nexttel);
378 else
379 $all_adr[$adrid_index[$adrid]]['tels'][] = $nexttel;
380 }
381 }
382 }
383 return $all_adr;
384 }
385
386 // }}}
387 // {{{ function get_user_details()
388
389 function &get_user_details($login, $from_uid = '', $view = 'private')
390 {
391 $reqsql = "SELECT u.user_id, u.promo, u.promo_sortie, u.prenom, u.nom, u.nom_usage, u.date, u.cv,
392 u.perms IN ('admin','user','disabled') AS inscrit, FIND_IN_SET('femme', u.flags) AS sexe, u.deces != 0 AS dcd, u.deces,
393 q.profile_nick AS nickname, q.profile_from_ax, q.profile_mobile AS mobile, q.profile_web AS web, q.profile_freetext AS freetext,
394 q.profile_mobile_pub AS mobile_pub, q.profile_web_pub AS web_pub, q.profile_freetext_pub AS freetext_pub,
395 q.profile_medals_pub AS medals_pub,
396 IF(gp.nat='',gp.pays,gp.nat) AS nationalite, gp.a2 AS iso3166,
397 a.alias AS forlife, a2.alias AS bestalias,
398 c.uid IS NOT NULL AS is_contact,
399 s.text AS section, p.x, p.y, p.pub AS photo_pub,
400 u.matricule_ax,
401 m.expertise != '' AS is_referent,
402 (COUNT(e.email) > 0 OR FIND_IN_SET('googleapps', u.mail_storage) > 0) AS actif
403 FROM auth_user_md5 AS u
404 INNER JOIN auth_user_quick AS q USING(user_id)
405 INNER JOIN aliases AS a ON (u.user_id=a.id AND a.type='a_vie')
406 INNER JOIN aliases AS a2 ON (u.user_id=a2.id AND FIND_IN_SET('bestalias',a2.flags))
407 LEFT JOIN contacts AS c ON (c.uid = {?} and c.contact = u.user_id)
408 LEFT JOIN geoloc_pays AS gp ON (gp.a2 = u.nationalite)
409 INNER JOIN sections AS s ON (s.id = u.section)
410 LEFT JOIN photo AS p ON (p.uid = u.user_id)
411 LEFT JOIN mentor AS m ON (m.uid = u.user_id)
412 LEFT JOIN emails AS e ON (e.uid = u.user_id AND e.flags='active')
413 WHERE a.alias = {?}
414 GROUP BY u.user_id";
415 $res = XDB::query($reqsql, $from_uid, $login);
416 $user = $res->fetchOneAssoc();
417 $uid = $user['user_id'];
418 // hide orange status, cv, nickname, section
419 if (!has_user_right('private', $view)) {
420 $user['promo_sortie'] = $user['promo'] + 3;
421 $user['cv'] = '';
422 $user['nickname'] = '';
423 $user['section'] = '';
424 }
425 // hide mobile
426 if (!has_user_right($user['mobile_pub'], $view)) {
427 if ($user['mobile'] == '')
428 $user['mobile_pub'] = $view;
429 else
430 $user['mobile'] = '';
431 }
432 // hide web
433 if (!has_user_right($user['web_pub'], $view)) {
434 if ($user['web'] == '')
435 $user['web_pub'] = $view;
436 else
437 $user['web'] = '';
438 }
439 // hide freetext
440 if (!has_user_right($user['freetext_pub'], $view)) {
441 if ($user['freetext'] == '')
442 $user['freetext_pub'] = $view;
443 else
444 $user['freetext'] = '';
445 }
446
447 $user['adr_pro'] = get_user_details_pro($uid, $view);
448 $user['adr'] = get_user_details_adr($uid, $view);
449
450 if (has_user_right('private', $view)) {
451 $sql = "SELECT text
452 FROM binets_ins
453 LEFT JOIN binets_def ON binets_ins.binet_id = binets_def.id
454 WHERE user_id = {?}";
455 $res = XDB::query($sql, $uid);
456 $user['binets'] = $res->fetchColumn();
457 $user['binets_join'] = join(', ', $user['binets']);
458
459 $res = XDB::iterRow("SELECT a.diminutif, a.nom, a.site
460 FROM groupex.asso AS a
461 LEFT JOIN groupex.membres AS m ON (m.asso_id = a.id)
462 WHERE m.uid = {?} AND (a.cat = 'GroupesX' OR a.cat = 'Institutions')
463 AND pub = 'public'", $uid);
464 $user['gpxs'] = Array();
465 $user['gpxs_name'] = Array();
466 while (list($gxd, $gxt, $gxu) = $res->next()) {
467 if (!$gxu) {
468 $gxu = 'http://www.polytechnique.net/' . $gxd;
469 }
470 $user['gpxs'][] = '<span title="' . pl_entities($gxt) . "\"><a href=\"$gxu\">$gxd</a></span>";
471 $user['gpxs_name'][] = $gxt;
472 }
473 $user['gpxs_join'] = join(', ', $user['gpxs']);
474 }
475
476 $res = XDB::iterRow("SELECT applis_def.text, applis_def.url, applis_ins.type
477 FROM applis_ins
478 INNER JOIN applis_def ON applis_def.id = applis_ins.aid
479 WHERE uid={?}
480 ORDER BY ordre", $uid);
481
482 $user['applis_fmt'] = Array();
483 $user['formation'] = Array();
484 while (list($txt, $url, $type) = $res->next()) {
485 $user['formation'][] = $txt." ".$type;
486 require_once('applis.func.inc.php');
487 $user['applis_fmt'][] = applis_fmt($type, $txt, $url);
488 }
489 $user['applis_join'] = join(', ', $user['applis_fmt']);
490
491 if (has_user_right($user['medals_pub'], $view)) {
492 $res = XDB::iterator("SELECT m.id, m.text AS medal, m.type, s.gid, g.text AS grade
493 FROM profile_medals_sub AS s
494 INNER JOIN profile_medals AS m ON ( s.mid = m.id )
495 LEFT JOIN profile_medals_grades AS g ON ( s.mid = g.mid AND s.gid = g.gid )
496 WHERE s.uid = {?}", $uid);
497 $user['medals'] = Array();
498 while ($tmp = $res->next()) {
499 $user['medals'][] = $tmp;
500 }
501 }
502
503 return $user;
504 }
505 // }}}
506 // {{{ function add_user_address()
507 function add_user_address($uid, $adrid, $adr) {
508 XDB::execute(
509 "INSERT INTO adresses (`uid`, `adrid`, `adr1`, `adr2`, `adr3`, `postcode`, `city`, `country`, `datemaj`, `pub`) (
510 SELECT u.user_id, {?}, {?}, {?}, {?}, {?}, {?}, gp.a2, NOW(), {?}
511 FROM auth_user_md5 AS u
512 LEFT JOIN geoloc_pays AS gp ON (gp.pays LIKE {?} OR gp.country LIKE {?} OR gp.a2 LIKE {?})
513 WHERE u.user_id = {?}
514 LIMIT 1)",
515 $adrid, $adr['adr1'], $adr['adr2'], $adr['adr3'], $adr['postcode'], $adr['city'], $adr['pub'], $adr['countrytxt'], $adr['countrytxt'], $adr['countrytxt'], $uid);
516 if (isset($adr['tels']) && is_array($adr['tels'])) {
517 $telid = 0;
518 foreach ($adr['tels'] as $tel) if ($tel['tel']) {
519 add_user_tel($uid, $adrid, $telid, $tel);
520 $telid ++;
521 }
522 }
523 }
524 // }}}
525 // {{{ function update_user_address()
526 function update_user_address($uid, $adrid, $adr) {
527 // update address
528 XDB::execute(
529 "UPDATE adresses AS a LEFT JOIN geoloc_pays AS gp ON (gp.pays = {?})
530 SET `adr1` = {?}, `adr2` = {?}, `adr3` = {?},
531 `postcode` = {?}, `city` = {?}, a.`country` = gp.a2, `datemaj` = NOW(), `pub` = {?}
532 WHERE adrid = {?} AND uid = {?}",
533 $adr['country_txt'],
534 $adr['adr1'], $adr['adr2'], $adr['adr3'],
535 $adr['postcode'], $adr['city'], $adr['pub'], $adrid, $uid);
536 if (isset($adr['tels']) && is_array($adr['tels'])) {
537 $res = XDB::query("SELECT telid FROM tels WHERE uid = {?} AND adrid = {?} ORDER BY telid", $uid, $adrid);
538 $telids = $res->fetchColumn();
539 foreach ($adr['tels'] as $tel) {
540 if (isset($tel['telid']) && isset($tel['remove']) && $tel['remove']) {
541 remove_user_tel($uid, $adrid, $tel['telid']);
542 if (isset($telids[$tel['telid']])) unset($telids[$tel['telid']]);
543 } else if (isset($tel['telid'])) {
544 update_user_tel($uid, $adrid, $tel['telid'], $tel);
545 } else {
546 for ($telid = 0; isset($telids[$telid]) && ($telids[$telid] == $telid); $telid++);
547 add_user_tel($uid, $adrid, $telid, $tel);
548 }
549 }
550 }
551 }
552 // }}}
553 // {{{ function remove_user_address()
554 function remove_user_address($uid, $adrid) {
555 XDB::execute("DELETE FROM adresses WHERE adrid = {?} AND uid = {?}", $adrid, $uid);
556 XDB::execute("DELETE FROM tels WHERE adrid = {?} AND uid = {?}", $adrid, $uid);
557 }
558 // }}}
559 // {{{ function add_user_tel()
560 function add_user_tel($uid, $adrid, $telid, $tel) {
561 XDB::execute(
562 "INSERT INTO tels SET uid = {?}, adrid = {?}, telid = {?}, tel = {?}, tel_type = {?}, tel_pub = {?}",
563 $uid, $adrid, $telid, $tel['tel'], $tel['tel_type'], $tel['tel_pub']);
564 }
565 // }}}
566 // {{{ function update_user_tel()
567 function update_user_tel($uid, $adrid, $telid, $tel) {
568 XDB::execute(
569 "UPDATE tels SET tel = {?}, tel_type = {?}, tel_pub = {?}
570 WHERE telid = {?} AND adrid = {?} AND uid = {?}",
571 $tel['tel'], $tel['tel_type'], $tel['tel_pub'],
572 $telid, $adrid, $uid);
573 }
574 // }}}
575 // {{{ function remove_user_tel()
576 function remove_user_tel($uid, $adrid, $telid) {
577 XDB::execute("DELETE FROM tels WHERE telid = {?} AND adrid = {?} AND uid = {?}",
578 $telid, $adrid, $uid);
579 }
580 // }}}
581 // {{{ function add_user_pro()
582 function add_user_pro($uid, $entrid, $pro) {
583 XDB::execute(
584 "INSERT INTO entreprises (`uid`, `entrid`, `entreprise`, `poste`, `secteur`, `ss_secteur`, `fonction`,
585 `adr1`, `adr2`, `adr3`, `postcode`, `city`, `country`, `region`, `tel`, `fax`, `mobile`, `email`, `web`, `pub`, `adr_pub`, `tel_pub`, `email_pub`)
586 SELECT u.user_id, {?}, {?}, {?}, s.id, ss.id, f.id,
587 {?}, {?}, {?}, {?}, {?}, gp.a2, gr.region, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}
588 FROM auth_user_md5 AS u
589 LEFT JOIN emploi_secteur AS s ON(s.label LIKE {?})
590 LEFT JOIN emploi_ss_secteur AS ss ON(s.id = ss.secteur AND ss.label LIKE {?})
591 LEFT JOIN fonctions_def AS f ON(f.fonction_fr LIKE {?} OR f.fonction_en LIKE {?})
592 LEFT JOIN geoloc_pays AS gp ON (gp.country LIKE {?} OR gp.pays LIKE {?})
593 LEFT JOIN geoloc_region AS gr ON (gr.a2 = gp.a2 AND gr.name LIKE {?})
594 WHERE u.user_id = {?}
595 LIMIT 1",
596 $entrid, $pro['entreprise'], $pro['poste'],
597 $pro['adr1'], $pro['adr2'], $pro['adr3'], $pro['postcode'], $pro['city'], $pro['tel'], $pro['fax'], $pro['mobile'], $pro['email'], $pro['web'], $pro['pub'], $pro['adr_pub'], $pro['tel_pub'], $pro['email_pub'],
598 $pro['secteur'], $pro['sous_secteur'], $pro['fonction'], $pro['fonction'],
599 $pro['countrytxt'], $pro['countrytxt'], $pro['region'],
600 $uid);
601 }
602 // }}}
603 // {{{ function update_user_pro()
604 function update_user_pro($uid, $entrid, $pro) {
605 $join = "";
606 $set = "";
607 $args_join = array();
608 $args_set = array();
609
610 $join .= "LEFT JOIN emploi_secteur AS s ON(s.label LIKE {?})
611 LEFT JOIN emploi_ss_secteur AS ss ON(s.id = ss.secteur AND ss.label LIKE {?})
612 LEFT JOIN fonctions_def AS f ON(f.fonction_fr LIKE {?} OR f.fonction_en LIKE {?})";
613 $args_join[] = $pro['secteur'];
614 $args_join[] = $pro['sous_secteur'];
615 $args_join[] = $pro['fonction'];
616 $args_join[] = $pro['fonction'];
617 $set .= ", e.`entreprise` = {?}, e.`secteur` = s.id, e.`ss_secteur` = ss.id, e.`fonction` = f.id, e.`poste`= {?}, e.`web` = {?}, e.`pub` = {?}";
618 $args_set[] = $pro['entreprise'];
619 $args_set[] = $pro['poste'];
620 $args_set[] = $pro['web'];
621 $args_set[] = $pro['pub'];
622
623 if (isset($pro['adr1'])) {
624 $join .= "LEFT JOIN geoloc_pays AS gp ON (gp.country LIKE {?} OR gp.pays LIKE {?})
625 LEFT JOIN geoloc_region AS gr ON (gr.a2 = gp.a2 AND gr.name LIKE {?})";
626 $args_join[] = $pro['countrytxt'];
627 $args_join[] = $pro['countrytxt'];
628 $args_join[] = $pro['region'];
629 $set .= ", e.`adr1` = {?}, e.`adr2` = {?}, e.`adr3` = {?}, e.`postcode` = {?}, e.`city` = {?}, e.`country` = gp.a2, e.`region` = gr.region, e.`adr_pub` = {?}";
630 $args_set[] = $pro['adr1'];
631 $args_set[] = $pro['adr2'];
632 $args_set[] = $pro['adr3'];
633 $args_set[] = $pro['postcode'];
634 $args_set[] = $pro['city'];
635 $args_set[] = $pro['adr_pub'];
636 }
637
638 if (isset($pro['tel'])) {
639 $set .= ", e.`tel` = {?}, e.`fax` = {?}, e.`mobile` = {?}, e.tel_pub = {?}";
640 $args_set[] = $pro['tel'];
641 $args_set[] = $pro['fax'];
642 $args_set[] = $pro['mobile'];
643 $args_set[] = $pro['tel_pub'];
644 }
645 if (isset($pro['email'])) {
646 $set .= ", e.`email` = {?}, e.`email_pub` = {?}";
647 $args_set[] = $pro['email'];
648 $args_set[] = $pro['email_pub'];
649 }
650 $query = "UPDATE entreprises AS e ".$join." SET ".substr($set,1)." WHERE e.uid = {?} AND e.entrid = {?}";
651 $args_where = array($uid, $entrid);
652 $args = array_merge(array($query), $args_join, $args_set, $args_where);
653 call_user_func_array(array('XDB', 'execute'), $args);
654 }
655 // }}}
656 // {{{ function remove_user_pro()
657 function remove_user_pro($uid, $entrid) {
658 XDB::execute("DELETE FROM entreprises WHERE entrid = {?} AND uid = {?}", $entrid, $uid);
659 }
660 // }}}
661 // {{{ function set_user_details()
662 function set_user_details_addresses($uid, $adrs) {
663 $res = XDB::query("SELECT adrid FROM adresses WHERE uid = {?} AND adrid >= 1 ORDER BY adrid", $uid);
664 $adrids = $res->fetchColumn();
665 foreach ($adrs as $adr) {
666 if (isset($adr['adrid']) && isset($adr['remove']) && $adr['remove']) {
667 remove_user_address($uid, $adr['adrid']);
668 if (isset($adrids[$adr['adrid']])) unset($adrids[$adr['adrid']]);
669 } else if (isset($adr['adrid'])) {
670 update_user_address($uid, $adr['adrid'], $adr);
671 } else {
672 for ($adrid = 1; isset($adrids[$adrid-1]) && ($adrids[$adrid-1] == $adrid); $adrid++);
673 add_user_address($uid, $adrid, $adr);
674 $adrids[$adrid-1] = $adrid;
675 }
676 }
677 require_once 'geoloc.inc.php';
678 localize_addresses($uid);
679 }
680 // }}}
681 // {{{ function set_user_details_pro()
682
683 function set_user_details_pro($uid, $pros)
684 {
685 $res = XDB::query("SELECT entrid FROM entreprises WHERE uid = {?} ORDER BY entrid", $uid);
686 $entrids = $res->fetchColumn();
687 foreach ($pros as $pro) {
688 if (isset($pro['entrid']) && isset($pro['remove']) && $pro['remove']) {
689 remove_user_pro($uid, $pro['entrid']);
690 if (isset($entrids[$pro['entrid']])) unset($entrids[$pro['entrid']]);
691 } else if (isset($pro['entrid'])) {
692 update_user_pro($uid, $pro['entrid'], $pro);
693 } else {
694 for ($entrid = 0; isset($entrids[$entrid]) && ($entrids[$entrid] == $entrid); $entrid++);
695 add_user_pro($uid, $entrid, $pro);
696 }
697 }
698 }
699
700 // }}}
701 // {{{ function set_user_details()
702 function set_user_details($uid, $details) {
703 if (isset($details['nom_usage'])) {
704 XDB::execute("UPDATE auth_user_md5 SET nom_usage = {?} WHERE user_id = {?}", strtoupper($details['nom_usage']), $uid);
705 }
706 if (isset($details['mobile'])) {
707 XDB::execute("UPDATE auth_user_quick SET profile_mobile = {?} WHERE user_id = {?}", $details['mobile'], $uid);
708 }
709 if (isset($details['nationalite'])) {
710 XDB::execute(
711 "UPDATE auth_user_md5 AS u
712 INNER JOIN geoloc_pays AS gp
713 SET u.nationalite = gp.a2
714 WHERE (gp.a2 = {?} OR gp.nat = {?})
715 AND u.user_id = {?}", $details['nationalite'], $details['nationalite'], $uid);
716 }
717 if (isset($details['adr']) && is_array($details['adr']))
718 set_user_details_addresses($uid, $details['adr']);
719 if (isset($details['adr_pro']) && is_array($details['adr_pro']))
720 set_user_details_pro($uid, $details['adr_pro']);
721 if (isset($details['binets']) && is_array($details['binets'])) {
722 XDB::execute("DELETE FROM binets_ins WHERE user_id = {?}", $uid);
723 foreach ($details['binets'] as $binet)
724 XDB::execute(
725 "INSERT INTO binets_ins (`user_id`, `binet_id`)
726 SELECT {?}, id FROM binets_def WHERE text = {?} LIMIT 1",
727 $uid, $binet);
728 }
729 if (isset($details['gpxs']) && is_array($details['gpxs'])) {
730 XDB::execute("DELETE FROM groupesx_ins WHERE user_id = {?}", $uid);
731 foreach ($details['gpxs'] as $groupex) {
732 if (preg_match('/<a href="[^"]*">([^<]+)</a>/u', $groupex, $a)) $groupex = $a[1];
733 XDB::execute(
734 "INSERT INTO groupesx_ins (`user_id`, `binet_id`)
735 SELECT {?}, id FROM groupesx_def WHERE text = {?} LIMIT 1",
736 $uid, $groupex);
737 }
738 }
739 // applis
740 // medals
741 }
742 // }}}
743 // {{{ function _user_reindex
744
745 function _user_reindex($uid, $keys, $muls, $pubs)
746 {
747 foreach ($keys as $i => $key) {
748 if ($key == '') {
749 continue;
750 }
751 $toks = preg_split('/[ \'\-]+/', $key);
752 $token = "";
753 $first = 5;
754 while ($toks) {
755 $token = strtolower(replace_accent(array_pop($toks) . $token));
756 $score = ($toks ? 0 : 10 + $first) * $muls[$i];
757 XDB::execute("REPLACE INTO search_name (token, uid, soundex, score, flags)
758 VALUES ({?}, {?}, {?}, {?}, {?})",
759 $token, $uid, soundex_fr($token), $score, $pubs[$i] ? 'public' : '');
760 $first = 0;
761 }
762 }
763 $res = XDB::query("SELECT nom_ini, nom, nom_usage, prenom_ini, prenom, promo, matricule
764 FROM auth_user_md5
765 WHERE user_id = {?}", $uid);
766 if (!$res->numRows()) {
767 unset($res);
768 return;
769 }
770 $array = $res->fetchOneRow();
771 $promo = intval(array_pop($array));
772 $mat = array_shift($array);
773 array_walk($array, 'soundex_fr');
774 XDB::execute("REPLACE INTO recherche_soundex
775 SET matricule = {?}, nom1_soundex = {?}, nom2_soundex= {?}, nom3_soundex = {?},
776 prenom1_soundex = {?}, prenom2_soundex= {?}, promo = {?}",
777 $mat, $array[0], $array[1], $array[2], $array[3], $array[4], $promo);
778 unset($res);
779 unset($array);
780 }
781
782 // }}}
783 // {{{ function user_reindex
784
785 function user_reindex($uid) {
786 XDB::execute("DELETE FROM search_name WHERE uid={?}", $uid);
787 $res = XDB::query("SELECT prenom, nom, nom_usage, profile_nick FROM auth_user_md5 INNER JOIN auth_user_quick USING(user_id) WHERE auth_user_md5.user_id = {?}", $uid);
788 if ($res->numRows()) {
789 _user_reindex($uid, $res->fetchOneRow(), array(1,1,1,0.2), array(true, true, true, false));
790 } else { // not in auth_user_quick => still "pending"
791 $res = XDB::query("SELECT prenom, nom, nom_usage FROM auth_user_md5 WHERE auth_user_md5.user_id = {?}", $uid);
792 if ($res->numRows()) {
793 _user_reindex($uid, $res->fetchOneRow(), array(1,1,1), array(true, true, true));
794 }
795 }
796 }
797
798 // }}}
799 // {{{ function set_new_usage()
800
801 function set_new_usage($uid, $usage, $alias=false)
802 {
803 XDB::execute("UPDATE auth_user_md5 set nom_usage={?} WHERE user_id={?}",$usage ,$uid);
804 XDB::execute("DELETE FROM aliases WHERE FIND_IN_SET('usage',flags) AND id={?}", $uid);
805 if ($alias && $usage) {
806 XDB::execute("UPDATE aliases SET flags=flags & 255-1 WHERE id={?}", $uid);
807 XDB::execute("INSERT INTO aliases VALUES({?}, 'alias', 'usage,bestalias', {?}, null)",
808 $alias, $uid);
809 }
810 $r = XDB::query("SELECT alias FROM aliases WHERE FIND_IN_SET('bestalias', flags) AND id = {?}", $uid);
811 if ($r->numRows() == "") {
812 XDB::execute("UPDATE aliases SET flags = 1 | flags WHERE id = {?} LIMIT 1", $uid);
813 $r = XDB::query("SELECT alias FROM aliases WHERE FIND_IN_SET('bestalias', flags) AND id = {?}", $uid);
814 }
815 user_reindex($uid);
816 return $r->fetchOneCell();
817 }
818
819 // }}}
820 // {{{ function get_X_mat
821 function get_X_mat($ourmat)
822 {
823 if (!preg_match('/^[0-9]{8}$/', $ourmat)) {
824 // le matricule de notre base doit comporter 8 chiffres
825 return 0;
826 }
827
828 $year = intval(substr($ourmat, 0, 4));
829 $rang = intval(substr($ourmat, 5, 3));
830 if ($year < 1996) {
831 return;
832 } elseif ($year < 2000) {
833 $year = intval(substr(1900 - $year, 1, 3));
834 return sprintf('%02u0%03u', $year, $rang);
835 } else {
836 $year = intval(substr(1900 - $year, 1, 3));
837 return sprintf('%03u%03u', $year, $rang);
838 }
839 }
840
841 // }}}
842
843
844 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
845 ?>
plat/al