projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Migrates the validation architecture to an User-based model, instead of the deprecate...
[platal.git] / modules / events.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2008 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 class EventsModule extends PLModule
23 {
24 function handlers()
25 {
26 return array(
27 'events' => $this->make_hook('ev', AUTH_COOKIE),
28 'rss' => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS),
29 'events/preview' => $this->make_hook('preview', AUTH_PUBLIC, 'user', NO_AUTH),
30 'events/photo' => $this->make_hook('photo', AUTH_PUBLIC),
31 'events/submit' => $this->make_hook('ev_submit', AUTH_MDP),
32 'admin/events' => $this->make_hook('admin_events', AUTH_MDP, 'admin'),
33
34 'ajax/tips' => $this->make_hook('tips', AUTH_COOKIE, 'user', NO_AUTH),
35 'admin/tips' => $this->make_hook('admin_tips', AUTH_MDP, 'admin'),
36 );
37 }
38
39 private function get_tips($exclude = null)
40 {
41 global $globals;
42 // Add a new special tip when changing plat/al version
43 if ($globals->version != S::v('last_version') && is_null($exclude)) {
44 XDB::execute('UPDATE auth_user_quick
45 SET last_version = {?}
46 WHERE user_id = {?}',
47 $globals->version, S::i('uid'));
48 return array('id' => 0,
49 'titre' => 'Bienvenue sur la nouvelle version du site !',
50 'text' => 'Le site a été mis à jour depuis ta dernière visite vers la version ' . $globals->version
51 . '.<br /> Nous t\'invitons à <a href="review">faire un tour d\'horizon des '
52 . 'nouveautés</a>.<br /><br />'
53 . 'Tu peux également retrouver ces informations sur <a href="banana/xorg.m4x.innovation">'
54 . 'les forums</a>, ou sur <a href="changelog">la liste exhaustive des modifications</a>.',
55 'priorite' => 255,
56 'promo_min' => 0,
57 'promo_max' => 0,
58 'state' => 'active',
59 'special' => true);
60 }
61
62 $exclude = is_null($exclude) ? '' : ' AND id != ' . intval($exclude) . ' ';
63 $priority = rand(0, 510);
64 do {
65 $priority = (int)($priority/2);
66 $res = XDB::query("SELECT *
67 FROM tips
68 WHERE (peremption = '0000-00-00' OR peremption > CURDATE())
69 AND (promo_min = 0 OR promo_min <= {?})
70 AND (promo_max = 0 OR promo_max >= {?})
71 AND (priorite >= {?})
72 AND (state = 'active')
73 $exclude
74 ORDER BY RAND()
75 LIMIT 1",
76 S::i('promo'), S::i('promo'), $priority);
77 } while ($priority && !$res->numRows());
78 if (!$res->numRows()) {
79 return null;
80 }
81 return $res->fetchOneAssoc();
82 }
83
84 private function upload_image(PlPage &$page, PlUpload &$upload)
85 {
86 if (@!$_FILES['image']['tmp_name'] && !Env::v('image_url')) {
87 return true;
88 }
89 if (!$upload->upload($_FILES['image']) && !$upload->download(Env::v('image_url'))) {
90 $page->trigError('Impossible de télécharger l\'image');
91 return false;
92 } elseif (!$upload->isType('image')) {
93 $page->trigError('Le fichier n\'est pas une image valide au format JPEG, GIF ou PNG.');
94 $upload->rm();
95 return false;
96 } elseif (!$upload->resizeImage(200, 300, 100, 100, 32284)) {
97 $page->trigError('Impossible de retraiter l\'image');
98 return false;
99 }
100 return true;
101 }
102
103 function handler_ev(&$page, $action = 'list', $eid = null, $pound = null)
104 {
105 $page->changeTpl('events/index.tpl');
106 $page->addJsLink('ajax.js');
107 $page->assign('tips', $this->get_tips());
108
109 $res = XDB::query('SELECT date, naissance FROM auth_user_md5
110 WHERE user_id={?}', S::v('uid'));
111 list($date, $naissance) = $res->fetchOneRow();
112
113 // incitation à mettre à jour la fiche
114
115 $d2 = mktime(0, 0, 0, substr($date, 5, 2), substr($date, 8, 2),
116 substr($date, 0, 4));
117 if( (time() - $d2) > 60 * 60 * 24 * 400 ) {
118 // si fiche date de + de 400j;
119 $page->assign('fiche_incitation', $date);
120 }
121
122 // Souhaite bon anniversaire
123
124 if (substr($naissance, 5) == date('m-d')) {
125 $page->assign('birthday', date('Y') - substr($naissance, 0, 4));
126 }
127
128 // incitation à mettre une photo
129
130 $res = XDB::query('SELECT COUNT(*) FROM photo
131 WHERE uid={?}', S::v('uid'));
132 $page->assign('photo_incitation', $res->fetchOneCell() == 0);
133
134 // Incitation à se géolocaliser
135 require_once 'geoloc.inc.php';
136 $res = localize_addresses(S::v('uid', -1));
137 $page->assign('geoloc_incitation', count($res));
138
139 // ajout du lien RSS
140 if (S::rssActivated()) {
141 $page->setRssLink('Polytechnique.org :: News',
142 '/rss/'.S::v('forlife') .'/'.S::v('core_rss_hash').'/rss.xml');
143 }
144
145 // cache les evenements lus et raffiche les evenements a relire
146 if ($action == 'read' && $eid) {
147 XDB::execute('DELETE ev.*
148 FROM evenements_vus AS ev
149 INNER JOIN evenements AS e ON e.id = ev.evt_id
150 WHERE peremption < NOW()');
151 XDB::execute('REPLACE INTO evenements_vus VALUES({?},{?})',
152 $eid, S::v('uid'));
153 pl_redirect('events#'.$pound);
154 }
155
156 if ($action == 'unread' && $eid) {
157 XDB::execute('DELETE FROM evenements_vus
158 WHERE evt_id = {?} AND user_id = {?}',
159 $eid, S::v('uid'));
160 pl_redirect('events#newsid'.$eid);
161 }
162
163 $array = array();
164 $it = XDB::iterator("SELECT e.id,e.titre,e.texte,e.post_id,a.user_id,a.nom,a.prenom,a.promo,l.alias AS forlife,
165 p.x, p.y, p.attach IS NOT NULL AS img, FIND_IN_SET('wiki', e.flags) AS wiki,
166 FIND_IN_SET('important', e.flags) AS important,
167 e.creation_date > DATE_SUB(CURDATE(), INTERVAL 2 DAY) AS news,
168 e.peremption < DATE_ADD(CURDATE(), INTERVAL 2 DAY) AS end,
169 ev.user_id IS NULL AS nonlu
170 FROM evenements AS e
171 LEFT JOIN evenements_photo AS p ON (e.id = p.eid)
172 INNER JOIN auth_user_md5 AS a ON e.user_id=a.user_id
173 INNER JOIN aliases AS l ON ( a.user_id=l.id AND l.type='a_vie' )
174 LEFT JOIN evenements_vus AS ev ON (e.id = ev.evt_id AND ev.user_id = {?})
175 WHERE FIND_IN_SET('valide', e.flags) AND peremption >= NOW()
176 AND (e.promo_min = 0 || e.promo_min <= {?})
177 AND (e.promo_max = 0 || e.promo_max >= {?})
178 ORDER BY important DESC, news DESC, end DESC, e.peremption, e.creation_date DESC",
179 S::i('uid'), S::i('promo'), S::i('promo'));
180 $cats = array('important', 'news', 'end', 'body');
181 $body = $it->next();
182 foreach ($cats as $cat) {
183 $data = array();
184 if (!$body) {
185 continue;
186 }
187 do {
188 if ($cat == 'body' || $body[$cat]) {
189 $data[] = $body;
190 } else {
191 break;
192 }
193 $body = $it->next();
194 } while ($body);
195 if (!empty($data)) {
196 $array[$cat] = $data;
197 }
198 }
199 $page->assign_by_ref('events', $array);
200 }
201
202 function handler_photo(&$page, $eid = null, $valid = null)
203 {
204 if ($eid && $eid != 'valid') {
205 $res = XDB::query("SELECT * FROM evenements_photo WHERE eid = {?}", $eid);
206 if ($res->numRows()) {
207 $photo = $res->fetchOneAssoc();
208 header('Content-Type: image/' . $photo['attachmime']);
209 echo $photo['attach'];
210 exit;
211 }
212 } elseif ($eid == 'valid') {
213 require_once 'validations.inc.php';
214 $valid = Validate::get_request_by_id($valid);
215 if ($valid && $valid->img) {
216 header('Content-Type: image/' . $valid->imgtype);
217 echo $valid->img;
218 exit;
219 }
220 } else {
221 $upload = new PlUpload(S::user()->login(), 'event');
222 if ($upload->exists() && $upload->isType('image')) {
223 header('Content-Type: ' . $upload->contentType());
224 echo $upload->getContents();
225 exit;
226 }
227 }
228 global $globals;
229 header('Content-Type: image/png');
230 echo file_get_contents($globals->spoolroot . '/htdocs/images/logo.png');
231 exit;
232 }
233
234 function handler_rss(&$page, $user = null, $hash = null)
235 {
236 $this->load('feed.inc.php');
237 $feed = new EventFeed();
238 return $feed->run($page, $user, $hash);
239 }
240
241 function handler_preview(&$page)
242 {
243 $page->changeTpl('events/preview.tpl', NO_SKIN);
244 $texte = Get::v('texte');
245 if (!is_utf8($texte)) {
246 $texte = utf8_encode($texte);
247 }
248 $titre = Get::v('titre');
249 if (!is_utf8($titre)) {
250 $titre = utf8_encode($titre);
251 }
252 $page->assign('texte', $texte);
253 $page->assign('titre', $titre);
254 header('Content-Type: text/html; charset=utf-8');
255 }
256
257 function handler_ev_submit(&$page)
258 {
259 $page->changeTpl('events/submit.tpl');
260 $page->addJsLink('ajax.js');
261
262 $wp = new PlWikiPage('Xorg.Annonce');
263 $wp->buildCache();
264
265 $titre = Post::v('titre');
266 $texte = Post::v('texte');
267 $promo_min = Post::i('promo_min');
268 $promo_max = Post::i('promo_max');
269 $peremption = Post::i('peremption');
270 $valid_mesg = Post::v('valid_mesg');
271 $action = Post::v('action');
272 $upload = new PlUpload(S::user()->login(), 'event');
273 $this->upload_image($page, $upload);
274
275 if (($promo_min > $promo_max && $promo_max != 0)||
276 ($promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020)) ||
277 ($promo_max != 0 && ($promo_max <= 1900 || $promo_max >= 2020)))
278 {
279 $page->trigError("L'intervalle de promotions n'est pas valide");
280 $action = null;
281 }
282
283 $page->assign('titre', $titre);
284 $page->assign('texte', $texte);
285 $page->assign('promo_min', $promo_min);
286 $page->assign('promo_max', $promo_max);
287 $page->assign('peremption', $peremption);
288 $page->assign('valid_mesg', $valid_mesg);
289 $page->assign('action', strtolower($action));
290 $page->assign_by_ref('upload', $upload);
291
292 if ($action == 'Supprimer l\'image') {
293 $upload->rm();
294 $page->assign('action', false);
295 } elseif ($action && (!trim($texte) || !trim($titre))) {
296 $page->trigError("L'article doit avoir un titre et un contenu");
297 } elseif ($action) {
298 S::assert_xsrf_token();
299
300 require_once 'validations.inc.php';
301 $evtreq = new EvtReq($titre, $texte, $promo_min, $promo_max,
302 $peremption, $valid_mesg, S::user(), $upload);
303 $evtreq->submit();
304 $page->assign('ok', true);
305 } elseif (!Env::v('preview')) {
306 $upload->rm();
307 }
308 }
309
310 function handler_tips(&$page, $tips = null)
311 {
312 header('Content-Type: text/html; charset="UTF-8"');
313 $page->changeTpl('include/tips.tpl', NO_SKIN);
314 $page->assign('tips', $this->get_tips($tips));
315 }
316
317 function handler_admin_tips(&$page, $action = 'list', $id = null)
318 {
319 $page->setTitle('Administration - Astuces');
320 $page->assign('title', 'Gestion des Astuces');
321 $table_editor = new PLTableEditor('admin/tips', 'tips', 'id');
322 $table_editor->describe('peremption', 'date de péremption', true);
323 $table_editor->describe('promo_min', 'promo. min (0 aucune)', false);
324 $table_editor->describe('promo_max', 'promo. max (0 aucune)', false);
325 $table_editor->describe('titre', 'titre', true);
326 $table_editor->describe('state', 'actif', true);
327 $table_editor->describe('text', 'texte (html) de l\'astuce', false);
328 $table_editor->describe('priorite', '0<=priorité<=255', true);
329 $table_editor->list_on_edit(false);
330 $table_editor->apply($page, $action, $id);
331 if (($action == 'edit' && !is_null($id)) || $action == 'update') {
332 $page->changeTpl('events/admin_tips.tpl');
333 }
334 }
335
336 function handler_admin_events(&$page, $action = 'list', $eid = null)
337 {
338 $page->changeTpl('events/admin.tpl');
339 $page->addJsLink('ajax.js');
340 $page->setTitle('Administration - Evenements');
341 $page->register_modifier('hde', 'html_entity_decode');
342
343 $arch = $action == 'archives';
344 $page->assign('action', $action);
345
346 $upload = new PlUpload(S::user()->login(), 'event');
347 if ((Env::has('preview') || Post::v('action') == "Proposer") && $eid) {
348 $action = 'edit';
349 $this->upload_image($page, $upload);
350 }
351
352 if (Post::v('action') == 'Pas d\'image' && $eid) {
353 S::assert_xsrf_token();
354 $upload->rm();
355 XDB::execute("DELETE FROM evenements_photo WHERE eid = {?}", $eid);
356 $action = 'edit';
357 } elseif (Post::v('action') == 'Supprimer l\'image' && $eid) {
358 S::assert_xsrf_token();
359 $upload->rm();
360 $action = 'edit';
361 } elseif (Post::v('action') == "Proposer" && $eid) {
362 S::assert_xsrf_token();
363 $promo_min = Post::i('promo_min');
364 $promo_max = Post::i('promo_max');
365 if (($promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020)) ||
366 ($promo_max != 0 && ($promo_max <= 1900 || $promo_max >= 2020 || $promo_max < $promo_min)))
367 {
368 $page->trigError("L'intervalle de promotions $promo_min -> $promo_max n'est pas valide");
369 $action = 'edit';
370 } else {
371 $res = XDB::query('SELECT flags FROM evenements WHERE id = {?}', $eid);
372 $flags = new PlFlagSet($res->fetchOneCell());
373 $flags->addFlag('wiki');
374 if (Post::v('important')) {
375 $flags->addFlag('important');
376 } else {
377 $flags->rmFlag('important');
378 }
379
380 XDB::execute('UPDATE evenements
381 SET creation_date = creation_date,
382 titre={?}, texte={?}, peremption={?}, promo_min={?}, promo_max={?},
383 flags = {?}
384 WHERE id = {?}',
385 Post::v('titre'), Post::v('texte'), Post::v('peremption'),
386 Post::v('promo_min'), Post::v('promo_max'),
387 $flags, $eid);
388 if ($upload->exists() && list($x, $y, $type) = $upload->imageInfo()) {
389 XDB::execute('REPLACE INTO evenements_photo
390 SET eid = {?}, attachmime = {?}, x = {?}, y = {?}, attach = {?}',
391 $eid, $type, $x, $y, $upload->getContents());
392 $upload->rm();
393 }
394 }
395 }
396
397 if ($action == 'edit') {
398 $res = XDB::query('SELECT titre, texte, peremption, promo_min, promo_max, FIND_IN_SET(\'important\', flags),
399 attach IS NOT NULL
400 FROM evenements AS e
401 LEFT JOIN evenements_photo AS p ON(e.id = p.eid)
402 WHERE id={?}', $eid);
403 list($titre, $texte, $peremption, $promo_min, $promo_max, $important, $img) = $res->fetchOneRow();
404 $page->assign('titre',$titre);
405 $page->assign('texte',$texte);
406 $page->assign('promo_min',$promo_min);
407 $page->assign('promo_max',$promo_max);
408 $page->assign('peremption',$peremption);
409 $page->assign('important', $important);
410 $page->assign('eid', $eid);
411 $page->assign('img', $img);
412 $page->assign_by_ref('upload', $upload);
413
414 $select = "";
415 for ($i = 1 ; $i < 30 ; $i++) {
416 $p_stamp=date("Ymd",time()+3600*24*$i);
417 $year=substr($p_stamp,0,4);
418 $month=substr($p_stamp,4,2);
419 $day=substr($p_stamp,6,2);
420
421 $select .= "<option value=\"$p_stamp\""
422 . (($p_stamp == strtr($peremption, array("-" => ""))) ? " selected" : "")
423 . "> $day / $month / $year</option>\n";
424 }
425 $page->assign('select',$select);
426 } else {
427 switch ($action) {
428 case 'delete':
429 S::assert_xsrf_token();
430 XDB::execute('DELETE from evenements
431 WHERE id = {?}', $eid);
432 break;
433
434 case "archive":
435 S::assert_xsrf_token();
436 XDB::execute('UPDATE evenements
437 SET creation_date = creation_date, flags = CONCAT(flags,",archive")
438 WHERE id = {?}', $eid);
439 break;
440
441 case "unarchive":
442 S::assert_xsrf_token();
443 XDB::execute('UPDATE evenements
444 SET creation_date = creation_date, flags = REPLACE(flags,"archive","")
445 WHERE id = {?}', $eid);
446 $action = 'archives';
447 $arch = true;
448 break;
449
450 case "valid":
451 S::assert_xsrf_token();
452 XDB::execute('UPDATE evenements
453 SET creation_date = creation_date, flags = CONCAT(flags,",valide")
454 WHERE id = {?}', $eid);
455 break;
456
457 case "unvalid":
458 S::assert_xsrf_token();
459 XDB::execute('UPDATE evenements
460 SET creation_date = creation_date, flags = REPLACE(flags,"valide", "")
461 WHERE id = {?}', $eid);
462 break;
463 }
464
465 $pid = ($eid && $action == 'preview') ? $eid : -1;
466 $sql = "SELECT e.id, e.titre, e.texte,e.id = $pid AS preview,
467 DATE_FORMAT(e.creation_date,'%d/%m/%Y %T') AS creation_date,
468 DATE_FORMAT(e.peremption,'%d/%m/%Y') AS peremption,
469 e.promo_min, e.promo_max,
470 FIND_IN_SET('valide', e.flags) AS fvalide,
471 FIND_IN_SET('archive', e.flags) AS farch,
472 u.promo, u.nom, u.prenom, a.alias AS forlife,
473 FIND_IN_SET('wiki', e.flags) AS wiki
474 FROM evenements AS e
475 INNER JOIN auth_user_md5 AS u ON(e.user_id = u.user_id)
476 INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type='a_vie')
477 WHERE ".($arch ? "" : "!")."FIND_IN_SET('archive',e.flags)
478 ORDER BY FIND_IN_SET('valide',e.flags), e.peremption DESC";
479 $page->assign('evs', XDB::iterator($sql));
480 }
481 $page->assign('arch', $arch);
482 $page->assign('admin_evts', true);
483 }
484 }
485
486 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
487 ?>
plat/al