projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix photo edition by other users (Closes #1160)
[platal.git] / modules / profile.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2010 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 class ProfileModule extends PLModule
23 {
24 function handlers()
25 {
26 return array(
27 'photo' => $this->make_hook('photo', AUTH_PUBLIC),
28 'photo/change' => $this->make_hook('photo_change', AUTH_MDP),
29
30 'fiche.php' => $this->make_hook('fiche', AUTH_PUBLIC),
31 'profile' => $this->make_hook('profile', AUTH_PUBLIC),
32 'profile/private' => $this->make_hook('profile', AUTH_COOKIE),
33 'profile/ax' => $this->make_hook('ax', AUTH_COOKIE, 'admin'),
34 'profile/edit' => $this->make_hook('p_edit', AUTH_MDP),
35 'profile/ajax/address' => $this->make_hook('ajax_address', AUTH_COOKIE, 'user', NO_AUTH),
36 'profile/ajax/tel' => $this->make_hook('ajax_tel', AUTH_COOKIE, 'user', NO_AUTH),
37 'profile/ajax/edu' => $this->make_hook('ajax_edu', AUTH_COOKIE, 'user', NO_AUTH),
38 'profile/ajax/medal' => $this->make_hook('ajax_medal', AUTH_COOKIE, 'user', NO_AUTH),
39 'profile/networking' => $this->make_hook('networking', AUTH_PUBLIC),
40 'profile/ajax/job' => $this->make_hook('ajax_job', AUTH_COOKIE, 'user', NO_AUTH),
41 'profile/ajax/sector' => $this->make_hook('ajax_sector', AUTH_COOKIE, 'user', NO_AUTH),
42 'profile/ajax/sub_sector' => $this->make_hook('ajax_sub_sector', AUTH_COOKIE, 'user', NO_AUTH),
43 'profile/ajax/alternates' => $this->make_hook('ajax_alternates', AUTH_COOKIE, 'user', NO_AUTH),
44 'profile/ajax/skill' => $this->make_hook('ajax_skill', AUTH_COOKIE, 'user', NO_AUTH),
45 'profile/ajax/searchname' => $this->make_hook('ajax_searchname', AUTH_COOKIE, 'user', NO_AUTH),
46 'profile/ajax/buildnames' => $this->make_hook('ajax_buildnames', AUTH_COOKIE, 'user', NO_AUTH),
47 'javascript/education.js' => $this->make_hook('education_js', AUTH_COOKIE),
48 'javascript/grades.js' => $this->make_hook('grades_js', AUTH_COOKIE),
49 'profile/medal' => $this->make_hook('medal', AUTH_PUBLIC),
50 'profile/name_info' => $this->make_hook('name_info', AUTH_PUBLIC),
51
52 'referent' => $this->make_hook('referent', AUTH_COOKIE),
53 'emploi' => $this->make_hook('ref_search', AUTH_COOKIE),
54 'jobs' => $this->make_hook('ref_search', AUTH_COOKIE),
55 'referent/search' => $this->make_hook('ref_search', AUTH_COOKIE),
56 'referent/ssect' => $this->make_hook('ref_sect', AUTH_COOKIE, 'user', NO_AUTH),
57 'referent/country' => $this->make_hook('ref_country', AUTH_COOKIE, 'user', NO_AUTH),
58
59 'groupes-x' => $this->make_hook('xnet', AUTH_COOKIE),
60 'groupes-x/logo' => $this->make_hook('xnetlogo', AUTH_PUBLIC),
61
62 'vcard' => $this->make_hook('vcard', AUTH_COOKIE, 'user', NO_HTTPS),
63 'admin/binets' => $this->make_hook('admin_binets', AUTH_MDP, 'admin'),
64 'admin/medals' => $this->make_hook('admin_medals', AUTH_MDP, 'admin'),
65 'admin/education' => $this->make_hook('admin_education', AUTH_MDP, 'admin'),
66 'admin/education_field' => $this->make_hook('admin_education_field', AUTH_MDP, 'admin'),
67 'admin/education_degree' => $this->make_hook('admin_education_degree', AUTH_MDP, 'admin'),
68 'admin/education_degree_set' => $this->make_hook('admin_education_degree_set', AUTH_MDP, 'admin'),
69 'admin/sections' => $this->make_hook('admin_sections', AUTH_MDP, 'admin'),
70 'admin/networking' => $this->make_hook('admin_networking', AUTH_MDP, 'admin'),
71 'admin/trombino' => $this->make_hook('admin_trombino', AUTH_MDP, 'admin'),
72 'admin/sectors' => $this->make_hook('admin_sectors', AUTH_MDP, 'admin'),
73 'admin/corps_enum' => $this->make_hook('admin_corps_enum', AUTH_MDP, 'admin'),
74 'admin/corps_rank' => $this->make_hook('admin_corps_rank', AUTH_MDP, 'admin'),
75 'admin/names' => $this->make_hook('admin_names', AUTH_MDP, 'admin'),
76 );
77 }
78
79 /* XXX COMPAT */
80 function handler_fiche(&$page)
81 {
82 return $this->handler_profile($page, Env::v('user'));
83 }
84
85 function handler_photo(&$page, $x = null, $req = null)
86 {
87 if (!$x || !($profile = Profile::get($x))) {
88 return PL_NOT_FOUND;
89 }
90
91 // Retrieve the photo and its mime type.
92 if ($req && S::logged()) {
93 include 'validations.inc.php';
94 $myphoto = PhotoReq::get_request($profile->id());
95 $photo = PlImage::fromData($myphoto->data, $myphoto->mimetype);
96 } else {
97 $photo = $profile->getPhoto(true, true);
98 }
99
100 // Display the photo, or a default one when not available.
101 $photo->send();
102 }
103
104 function handler_medal(&$page, $mid)
105 {
106 $thumb = ($mid == 'thumb');
107 $mid = $thumb ? @func_get_arg(2) : $mid;
108
109 $res = XDB::query("SELECT img
110 FROM profile_medal_enum
111 WHERE id = {?}",
112 $mid);
113 $img = $thumb ?
114 dirname(__FILE__).'/../htdocs/images/medals/thumb/' . $res->fetchOneCell() :
115 dirname(__FILE__).'/../htdocs/images/medals/' . $res->fetchOneCell();
116 pl_cached_content_headers(mime_content_type($img));
117 echo file_get_contents($img);
118 exit;
119 }
120
121 function handler_name_info(&$page)
122 {
123 pl_content_headers("text/html");
124 $page->changeTpl('profile/name_info.tpl', SIMPLE);
125 $res = XDB::iterator("SELECT name, explanations,
126 FIND_IN_SET('public', flags) AS public,
127 FIND_IN_SET('has_particle', flags) AS has_particle
128 FROM profile_name_enum
129 WHERE NOT FIND_IN_SET('not_displayed', flags)
130 ORDER BY NOT FIND_IN_SET('public', flags)");
131 $page->assign('types', $res);
132 }
133
134 function handler_networking(&$page, $mid)
135 {
136 $res = XDB::query("SELECT icon
137 FROM profile_networking_enum
138 WHERE nwid = {?}",
139 $mid);
140 $img = dirname(__FILE__) . '/../htdocs/images/networking/' . $res->fetchOneCell();
141 pl_cached_content_headers(mime_content_type($img));
142 echo file_get_contents($img);
143 exit;
144 }
145
146 /** Tries to return the correct user from given hrpid
147 * Will redirect to $returnurl$hrpid if $hrpid was empty
148 */
149 private function findProfile($returnurl, $hrpid = null)
150 {
151 if (is_null($hrpid)) {
152 $user = S::user();
153 if (!$user->hasProfile()) {
154 return PL_NOT_FOUND;
155 } else {
156 pl_redirect($returnurl . $user->profile()->hrid());
157 }
158 } else {
159 $profile = Profile::get($hrpid);
160 if (!$profile) {
161 return PL_NOT_FOUND;
162 } else if (!S::user()->canEdit($profile) && Platal::notAllowed()) {
163 return PL_FORBIDDEN;
164 }
165 }
166 return $profile;
167 }
168
169 function handler_photo_change(&$page, $hrpid = null)
170 {
171 global $globals;
172 $profile = $this->findProfile('photo/change/', $hrpid);
173 if (! ($profile instanceof Profile) && ($profile == PL_NOT_FOUND || $profile == PL_FORBIDDEN)) {
174 return $profile;
175 }
176
177 $page->changeTpl('profile/trombino.tpl');
178 $page->assign('hrpid', $profile->hrid());
179
180 require_once('validations.inc.php');
181
182 $trombi_x = '/home/web/trombino/photos' . $profile->promo() . '/' . $profile->hrid() . '.jpg';
183 if (Env::has('upload')) {
184 S::assert_xsrf_token();
185
186 $upload = new PlUpload($profile->hrid(), 'photo');
187 if (!$upload->upload($_FILES['userfile']) && !$upload->download(Env::v('photo'))) {
188 $page->trigError('Une erreur est survenue lors du téléchargement du fichier');
189 } else {
190 $myphoto = new PhotoReq(S::user(), $profile, $upload);
191 if ($myphoto->isValid()) {
192 $myphoto->submit();
193 }
194 }
195 } elseif (Env::has('trombi')) {
196 S::assert_xsrf_token();
197
198 $upload = new PlUpload($profile->hrid(), 'photo');
199 if ($upload->copyFrom($trombi_x)) {
200 $myphoto = new PhotoReq(S::user(), $profile, $upload);
201 if ($myphoto->isValid()) {
202 $myphoto->commit();
203 $myphoto->clean();
204 }
205 }
206 } elseif (Env::v('suppr')) {
207 S::assert_xsrf_token();
208
209 XDB::execute('DELETE FROM profile_photos
210 WHERE pid = {?}',
211 $profile->id());
212 XDB::execute("DELETE FROM requests
213 WHERE pid = {?} AND type = 'photo'",
214 $profile->id());
215 $globals->updateNbValid();
216 $page->trigSuccess("Ta photo a bien été supprimée. Elle ne sera plus visible sur le site dans au plus une heure.");
217 } elseif (Env::v('cancel')) {
218 S::assert_xsrf_token();
219
220 $sql = XDB::query("DELETE FROM requests
221 WHERE pid = {?} AND type = 'photo'",
222 $profile->id());
223 $globals->updateNbValid();
224 }
225
226 $sql = XDB::query("SELECT COUNT(*)
227 FROM requests
228 WHERE pid = {?} AND type = 'photo'",
229 $profile->id());
230 $page->assign('submited', $sql->fetchOneCell());
231 $page->assign('has_trombi_x', file_exists($trombi_x));
232 }
233
234 function handler_profile(&$page, $id = null)
235 {
236 // Checks if the identifier corresponds to an actual profile. Numeric
237 // identifiers canonly be user by logged users.
238 if (is_null($id)) {
239 return PL_NOT_FOUND;
240 }
241 $pid = (!is_numeric($id) || S::admin()) ? Profile::getPID($id) : null;
242 if (is_null($pid)) {
243 if (S::logged()) {
244 $page->trigError($id . " inconnu dans l'annuaire.");
245 }
246 return PL_NOT_FOUND;
247 }
248
249 // Now that we know this is an existing profile, we can switch to the
250 // appropriate template.
251 $page->changeTpl('profile/profile.tpl', SIMPLE);
252
253 // Determines the access level at which the profile will be displayed.
254 if (!S::logged() || Env::v('view') == 'public') {
255 $view = 'public';
256 } else if (S::logged() && Env::v('view') == 'ax') {
257 $view = 'ax';
258 } else {
259 $view = 'private';
260 }
261
262 // Fetches profile's and profile's owner information and redirects to
263 // marketing if the owner has not subscribed and the requirer has logged in.
264 $profile = Profile::get($pid, Profile::FETCH_ALL, $view);
265 $owner = $profile->owner();
266 if (S::logged() && !is_null($owner) && $owner->state == 'pending') {
267 pl_redirect('marketing/public/' . $profile->hrid());
268 }
269
270 // Profile view are logged.
271 if (S::logged()) {
272 S::logger()->log('view_profile', $profile->hrid());
273 }
274
275 // Sets the title of the html page.
276 $page->setTitle($profile->fullName());
277
278 // Determines and displays the virtual alias.
279 if (!is_null($owner) && $profile->alias_pub == 'public') {
280 $page->assign('virtualalias', $owner->emailAlias());
281 }
282
283 $page->assign_by_ref('profile', $profile);
284 $page->assign_by_ref('owner', $owner);
285 $page->assign('view', $view);
286 $page->assign('logged', S::logged());
287
288 $page->addJsLink('close_on_esc.js');
289 header('Last-Modified: ' . date('r', strtotime($profile->last_change)));
290 }
291
292 function handler_ax(&$page, $user = null)
293 {
294 $user = Profile::get($user);
295 if (!$user) {
296 return PL_NOT_FOUND;
297 }
298 if (!$user->ax_id) {
299 $page->kill("Le matricule AX de {$user->hrid()} est inconnu");
300 }
301 http_redirect("http://www.polytechniciens.com/?page=AX_FICHE_ANCIEN&ancc_id=" . $user->ax_id);
302 }
303
304 function handler_p_edit(&$page, $hrpid = null, $opened_tab = null, $mode = null, $success = null)
305 {
306 global $globals;
307
308 $profile = $this->findProfile('profile/edit/', $hrpid);
309 if (! ($profile instanceof Profile) && ($profile == PL_NOT_FOUND || $profile == PL_FORBIDDEN)) {
310 return $profile;
311 }
312
313 // Build the page
314 $page->addJsLink('ajax.js');
315 $page->addJsLink('education.js', false); /* dynamic content */
316 $page->addJsLink('grades.js', false); /* dynamic content */
317 $page->addJsLink('profile.js');
318 $page->addJsLink('jquery.autocomplete.js');
319 $wiz = new PlWizard('Profil', PlPage::getCoreTpl('plwizard.tpl'), true, true, false);
320 $wiz->addUserData('profile', $profile);
321 $wiz->addUserData('owner', $profile->owner());
322 $this->load('page.inc.php');
323 $wiz->addPage('ProfileSettingGeneral', 'Général', 'general');
324 $wiz->addPage('ProfileSettingAddresses', 'Adresses personnelles', 'adresses');
325 $wiz->addPage('ProfileSettingGroups', 'Groupes X - Binets', 'poly');
326 $wiz->addPage('ProfileSettingDecos', 'Décorations - Medailles', 'deco');
327 $wiz->addPage('ProfileSettingJobs', 'Informations professionnelles', 'emploi');
328 $wiz->addPage('ProfileSettingSkills', 'Compétences diverses', 'skill');
329 $wiz->addPage('ProfileSettingMentor', 'Mentoring', 'mentor');
330 $wiz->apply($page, 'profile/edit/' . $profile->hrid(), $opened_tab, $mode);
331
332 if (!$profile->birthdate) {
333 $page->trigWarning("Ta date de naissance n'est pas renseignée, ce qui t'empêcheras de réaliser"
334 . " la procédure de récupération de mot de passe si un jour tu le perdais.");
335 }
336
337 $page->setTitle('Mon Profil');
338 if (isset($success) && $success) {
339 $page->trigSuccess('Ton profil a bien été mis à jour.');
340 }
341 }
342
343 function handler_education_js(&$page)
344 {
345 pl_cached_content_headers("text/javascript", "utf-8");
346 $page->changeTpl('profile/education.js.tpl', NO_SKIN);
347 require_once 'education.func.inc.php';
348 }
349
350 function handler_grades_js(&$page)
351 {
352 pl_cached_content_headers("text/javascript", "utf-8");
353 $page->changeTpl('profile/grades.js.tpl', NO_SKIN);
354 $res = XDB::iterator("SELECT *
355 FROM profile_medal_grade_enum
356 ORDER BY mid, pos");
357 $grades = array();
358 while ($tmp = $res->next()) {
359 $grades[$tmp['mid']][] = $tmp;
360 }
361 $page->assign('grades', $grades);
362
363 $res = XDB::iterator("SELECT *, FIND_IN_SET('validation', flags) AS validate
364 FROM profile_medal_enum
365 ORDER BY type, text");
366 $mlist = array();
367 while ($tmp = $res->next()) {
368 $mlist[$tmp['type']][] = $tmp;
369 }
370 $page->assign('medal_list', $mlist);
371 }
372
373 function handler_ajax_address(&$page, $id)
374 {
375 pl_content_headers("text/html");
376 $page->changeTpl('profile/adresses.address.tpl', NO_SKIN);
377 $page->assign('i', $id);
378 $page->assign('address', array());
379 }
380
381 function handler_ajax_tel(&$page, $prefid, $prefname, $telid)
382 {
383 pl_content_headers("text/html");
384 $page->changeTpl('profile/phone.tpl', NO_SKIN);
385 $page->assign('prefid', $prefid);
386 $page->assign('prefname', $prefname);
387 $page->assign('telid', $telid);
388 $page->assign('tel', array());
389 }
390
391 function handler_ajax_edu(&$page, $eduid, $class)
392 {
393 pl_content_headers("text/html");
394 $page->changeTpl('profile/general.edu.tpl', NO_SKIN);
395 $res = XDB::iterator("SELECT id, field
396 FROM profile_education_field_enum
397 ORDER BY field");
398 $page->assign('edu_fields', $res->fetchAllAssoc());
399 $page->assign('eduid', $eduid);
400 $page->assign('class', $class);
401 require_once "education.func.inc.php";
402 }
403
404 function handler_ajax_medal(&$page, $id)
405 {
406 pl_content_headers("text/html");
407 $page->changeTpl('profile/deco.medal.tpl', NO_SKIN);
408 $page->assign('id', $id);
409 $page->assign('medal', array('valid' => 0, 'grade' => 0));
410 }
411
412 function handler_ajax_job(&$page, $id)
413 {
414 pl_content_headers("text/html");
415 $page->changeTpl('profile/jobs.job.tpl', NO_SKIN);
416 $page->assign('i', $id);
417 $page->assign('job', array());
418 $page->assign('new', true);
419 $res = XDB::query("SELECT id, name AS label
420 FROM profile_job_sector_enum");
421 $page->assign('sectors', $res->fetchAllAssoc());
422 require_once "emails.combobox.inc.php";
423 fill_email_combobox($page);
424 }
425
426 function handler_ajax_sector(&$page, $id, $jobid, $jobpref, $sect, $ssect = -1)
427 {
428 pl_content_headers("text/html");
429 $res = XDB::iterator("SELECT id, name, FIND_IN_SET('optgroup', flags) AS optgroup
430 FROM profile_job_subsector_enum
431 WHERE sectorid = {?}", $sect);
432 $page->changeTpl('profile/jobs.sector.tpl', NO_SKIN);
433 $page->assign('id', $id);
434 $page->assign('subSectors', $res);
435 $page->assign('sel', $ssect);
436 if ($id != -1) {
437 $page->assign('change', 1);
438 $page->assign('jobid', $jobid);
439 $page->assign('jobpref', $jobpref);
440 }
441 }
442
443 function handler_ajax_sub_sector(&$page, $id, $ssect, $sssect = -1)
444 {
445 pl_content_headers("text/html");
446 $res = XDB::iterator("SELECT id, name
447 FROM profile_job_subsubsector_enum
448 WHERE subsectorid = {?}", $ssect);
449 $page->changeTpl('profile/jobs.sub_sector.tpl', NO_SKIN);
450 $page->assign('id', $id);
451 $page->assign('subSubSectors', $res);
452 $page->assign('sel', $sssect);
453 }
454
455 function handler_ajax_alternates(&$page, $id, $sssect)
456 {
457 pl_content_headers("text/html");
458 $res = XDB::iterator('SELECT name
459 FROM profile_job_alternates
460 WHERE subsubsectorid = {?}
461 ORDER BY id',
462 $sssect);
463 $page->changeTpl('profile/jobs.alternates.tpl', NO_SKIN);
464 $alternates = '';
465 if ($res->total() > 0) {
466 $alternate = $res->next();
467 $alternates = $alternate['name'];
468 while ($alternate = $res->next()) {
469 $alternates .= ', ' . $alternate['name'];
470 }
471 }
472 $page->assign('alternates', $alternates);
473 }
474
475 function handler_ajax_skill(&$page, $cat, $id)
476 {
477 pl_content_headers("text/html");
478 $page->changeTpl('profile/skill.skill.tpl', NO_SKIN);
479 $page->assign('cat', $cat);
480 $page->assign('id', $id);
481 if ($cat == 'competences') {
482 $page->assign('levels', array('initié' => 'initié',
483 'bonne connaissance' => 'bonne connaissance',
484 'expert' => 'expert'));
485 } else {
486 $page->assign('levels', array(1 => 'connaissance basique',
487 2 => 'maîtrise des bases',
488 3 => 'maîtrise limitée',
489 4 => 'maîtrise générale',
490 5 => 'bonne maîtrise',
491 6 => 'maîtrise complète'));
492 }
493 }
494
495 function handler_ajax_searchname(&$page, $id, $isFemale)
496 {
497 pl_content_headers("text/html");
498 $page->changeTpl('profile/general.searchname.tpl', NO_SKIN);
499 $res = XDB::query("SELECT id, name, FIND_IN_SET('public', flags) AS pub
500 FROM profile_name_enum
501 WHERE NOT FIND_IN_SET('not_displayed', flags)
502 AND NOT FIND_IN_SET('always_displayed', flags)");
503 $page->assign('sn_type_list', $res->fetchAllAssoc());
504 $page->assign('isFemale', $isFemale);
505 $page->assign('i', $id);
506 }
507
508 function handler_ajax_buildnames(&$page, $data, $isFemale)
509 {
510 pl_content_headers("text/html");
511 $page->changeTpl('profile/general.buildnames.tpl', NO_SKIN);
512 require_once 'name.func.inc.php';
513 $page->assign('names', build_javascript_names($data, $isFemale));
514 }
515
516 function handler_referent(&$page, $pf)
517 {
518 $page->changeTpl('profile/fiche_referent.tpl', SIMPLE);
519
520 $pf = Profile::get($pf);
521 if (!$pf) {
522 return PL_NOT_FOUND;
523 }
524
525 $page->assign_by_ref('profile', $pf);
526
527 ///// recuperations infos referent
528
529 // Sectors
530 $sectors = $subSectors = Array();
531 $res = XDB::iterRow(
532 "SELECT s.name AS label, ss.name AS label
533 FROM profile_mentor_sector AS m
534 LEFT JOIN profile_job_sector_enum AS s ON(m.sectorid = s.id)
535 LEFT JOIN profile_job_subsector_enum AS ss ON(m.sectorid = ss.sectorid AND m.subsectorid = ss.id)
536 WHERE pid = {?}", $pf->id());
537 while (list($sector, $subSector) = $res->next()) {
538 $sectors[] = $sector;
539 $subSectors[] = $subSector;
540 }
541 $page->assign_by_ref('sectors', $sectors);
542 $page->assign_by_ref('subSectors', $subSectors);
543
544 // Countries.
545 $res = XDB::query(
546 "SELECT gc.countryFR
547 FROM profile_mentor_country AS m
548 LEFT JOIN geoloc_countries AS gc ON (m.country = gc.iso_3166_1_a2)
549 WHERE pid = {?}", $pf->id());
550 $page->assign('pays', $res->fetchColumn());
551
552 $page->addJsLink('close_on_esc.js');
553 }
554
555 function handler_ref_search(&$page, $action = null, $subaction = null)
556 {
557 $wp = new PlWikiPage('Docs.Emploi');
558 $wp->buildCache();
559
560 $page->setTitle('Emploi et Carrières');
561
562 // Retrieval of sector names
563 $sectors = XDB::fetchAllAssoc('id', 'SELECT pjse.id, pjse.name
564 FROM profile_job_sector_enum AS pjse
565 INNER JOIN profile_mentor_sector AS pms ON (pms.sectorid = pjse.id)
566 GROUP BY pjse.id
567 ORDER BY pjse.name');
568 $page->assign_by_ref('sectors', $sectors);
569
570 // nb de mentors
571 $res = XDB::query("SELECT count(*) FROM profile_mentor");
572 $page->assign('mentors_number', $res->fetchOneCell());
573
574 // On vient d'un formulaire
575 require_once 'ufbuilder.inc.php';
576 $ufb = new UFB_MentorSearch();
577 if (!$ufb->isEmpty()) {
578 require_once 'userset.inc.php';
579 $ufc = $ufb->getUFC();
580 $set = new ProfileSet($ufc);
581 $set->addMod('mentor', 'Référents');
582 $set->apply('referent/search', $page, $action, $subaction);
583 if ($set->count() > 100) {
584 $page->assign('recherche_trop_large', true);
585 }
586 }
587
588 $page->changeTpl('profile/referent.tpl');
589 }
590
591 function handler_ref_sect(&$page, $sect)
592 {
593 pl_content_headers("text/html");
594 $page->changeTpl('include/field.select.tpl', NO_SKIN);
595 $page->assign('onchange', 'setSSectors()');
596 $page->assign('id', 'ssect_field');
597 $page->assign('name', 'subSector');
598 $it = XDB::iterator("SELECT pjsse.id, pjsse.name AS field
599 FROM profile_job_subsector_enum AS pjsse
600 INNER JOIN profile_mentor_sector AS pms ON (pms.sectorid = pjsse.sectorid AND pms.subsectorid = pjsse.id)
601 WHERE pjsse.sectorid = {?}
602 GROUP BY pjsse.id
603 ORDER BY pjsse.name", $sect);
604 $page->assign('list', $it);
605 }
606
607 function handler_ref_country(&$page, $sect, $ssect = '')
608 {
609 pl_content_headers("text/html");
610 $page->changeTpl('include/field.select.tpl', NO_SKIN);
611 $page->assign('name', 'pays_sel');
612 $where = ($ssect ? ' AND ms.subsectorid = {?}' : '');
613 $it = XDB::iterator("SELECT gc.iso_3166_1_a2 AS id, gc.countryFR AS field
614 FROM geoloc_countries AS gc
615 INNER JOIN profile_mentor_country AS mp ON (mp.country = gc.iso_3166_1_a2)
616 INNER JOIN profile_mentor_sector AS ms ON (ms.pid = mp.pid)
617 WHERE ms.sectorid = {?} " . $where . "
618 GROUP BY iso_3166_1_a2
619 ORDER BY countryFR", $sect, $ssect);
620 $page->assign('list', $it);
621 }
622
623 function handler_xnet(&$page)
624 {
625 $page->changeTpl('profile/groupesx.tpl');
626 $page->setTitle('Promo, Groupes X, Binets');
627
628 $req = XDB::query('
629 SELECT m.asso_id, a.nom, diminutif, a.logo IS NOT NULL AS has_logo,
630 COUNT(e.eid) AS events, mail_domain AS lists
631 FROM group_members AS m
632 INNER JOIN groups AS a ON(m.asso_id = a.id)
633 LEFT JOIN group_events AS e ON(e.asso_id = m.asso_id AND e.archive = 0)
634 WHERE uid = {?} GROUP BY m.asso_id ORDER BY a.nom', S::i('uid'));
635 $page->assign('assos', $req->fetchAllAssoc());
636 }
637
638 function handler_xnetlogo(&$page, $id)
639 {
640 if (is_null($id)) {
641 return PL_NOT_FOUND;
642 }
643
644 $res = XDB::query('SELECT logo, logo_mime
645 FROM groups
646 WHERE id = {?}', $id);
647 list($logo, $logo_mime) = $res->fetchOneRow();
648
649 if (!empty($logo)) {
650 pl_cached_dynamic_content_headers($logo_mime);
651 echo $logo;
652 } else {
653 pl_cached_dynamic_content_headers("image/jpeg");
654 readfile(dirname(__FILE__) . '/../htdocs/images/dflt_carre.jpg');
655 }
656
657 exit;
658 }
659
660 function handler_vcard(&$page, $x = null)
661 {
662 if (is_null($x)) {
663 return PL_NOT_FOUND;
664 }
665
666 global $globals;
667
668 if (substr($x, -4) == '.vcf') {
669 $x = substr($x, 0, strlen($x) - 4);
670 }
671
672 $vcard = new VCard();
673 $vcard->addProfile(Profile::get($x));
674 $vcard->show();
675 }
676
677 function handler_admin_trombino(&$page, $login = null, $action = null) {
678 $page->changeTpl('profile/admin_trombino.tpl');
679 $page->setTitle('Administration - Trombino');
680
681 if (!$login || !($user = User::get($login))) {
682 return PL_NOT_FOUND;
683 } else {
684 $page->assign_by_ref('user', $user);
685 }
686
687 switch ($action) {
688 case "original":
689 PlImage::fromFile("/home/web/trombino/photos" . $user->promo() . "/" . $user->login() . ".jpg", "image/jpeg")->send();
690 exit;
691
692 case "new":
693 S::assert_xsrf_token();
694
695 $data = file_get_contents($_FILES['userfile']['tmp_name']);
696 list($x, $y) = getimagesize($_FILES['userfile']['tmp_name']);
697 $mimetype = substr($_FILES['userfile']['type'], 6);
698 unlink($_FILES['userfile']['tmp_name']);
699 XDB::execute(
700 "REPLACE INTO profile_photos SET pid={?}, attachmime = {?}, attach={?}, x={?}, y={?}",
701 $user->profile()->id(), $mimetype, $data, $x, $y);
702 break;
703
704 case "delete":
705 S::assert_xsrf_token();
706
707 XDB::execute('DELETE FROM profile_photos WHERE pid = {?}', $user->profile()->id());
708 break;
709 }
710 }
711 function handler_admin_names(&$page, $action = 'list', $id = null) {
712 $page->setTitle('Administration - Types de noms');
713 $page->assign('title', 'Gestion des types de noms');
714 $table_editor = new PLTableEditor('admin/names', 'profile_name_enum', 'id', true);
715 $table_editor->describe('name', 'Nom', true);
716 $table_editor->describe('explanations', 'Explications', true);
717 $table_editor->describe('type', 'Type', true);
718 $table_editor->describe('flags', 'Flags', true);
719 $table_editor->describe('score', 'Score', true);
720 $table_editor->apply($page, $action, $id);
721 }
722 function handler_admin_binets(&$page, $action = 'list', $id = null) {
723 $page->setTitle('Administration - Binets');
724 $page->assign('title', 'Gestion des binets');
725 $table_editor = new PLTableEditor('admin/binets', 'profile_binet_enum', 'id');
726 $table_editor->add_join_table('profile_binets','binet_id',true);
727 $table_editor->describe('text','intitulé',true);
728 $table_editor->apply($page, $action, $id);
729 }
730 function handler_admin_education(&$page, $action = 'list', $id = null) {
731 $page->setTitle('Administration - Formations');
732 $page->assign('title', 'Gestion des formations');
733 $table_editor = new PLTableEditor('admin/education', 'profile_education_enum', 'id');
734 $table_editor->add_join_table('profile_education', 'eduid', true);
735 $table_editor->add_join_table('profile_education_degree', 'eduid', true);
736 $table_editor->describe('name', 'intitulé', true);
737 $table_editor->describe('url', 'site web', false);
738 $table_editor->apply($page, $action, $id);
739 }
740 function handler_admin_education_field(&$page, $action = 'list', $id = null) {
741 $page->setTitle('Administration - Domaines de formation');
742 $page->assign('title', 'Gestion des domaines de formation');
743 $table_editor = new PLTableEditor('admin/education_field', 'profile_education_field_enum', 'id', true);
744 $table_editor->add_join_table('profile_education', 'fieldid', true);
745 $table_editor->describe('field', 'domaine', true);
746 $table_editor->apply($page, $action, $id);
747 }
748 function handler_admin_education_degree(&$page, $action = 'list', $id = null) {
749 $page->setTitle('Administration - Niveau de formation');
750 $page->assign('title', 'Gestion des niveau de formation');
751 $table_editor = new PLTableEditor('admin/education_degree', 'profile_education_degree_enum', 'id', true);
752 $table_editor->add_join_table('profile_education_degree', 'degreeid', true);
753 $table_editor->add_join_table('profile_education', 'degreeid', true);
754 $table_editor->describe('degree', 'niveau', true);
755 $table_editor->apply($page, $action, $id);
756 }
757 function handler_admin_education_degree_set(&$page, $action = 'list', $id = null) {
758 $page->setTitle('Administration - Correspondances formations - niveau de formation');
759 $page->assign('title', 'Gestion des correspondances formations - niveau de formation');
760 $table_editor = new PLTableEditor('admin/education_degree_set', 'profile_education_degree', 'eduid', true);
761 $table_editor->describe('eduid', 'id formation', true);
762 $table_editor->describe('degreeid', 'id niveau', true);
763
764 // Adds fields to show the names of education
765 $table_editor->add_option_table('profile_education_enum','profile_education_enum.id = eduid');
766 $table_editor->add_option_field('profile_education_enum.name', 'edu_name', 'formation', null, 'degreeid');
767 // Adds fields to show the names of degrees
768 $table_editor->add_option_table('profile_education_degree_enum','profile_education_degree_enum.id = t.degreeid');
769 $table_editor->add_option_field('profile_education_degree_enum.degree', 'degree_name', 'niveau');
770
771 $table_editor->apply($page, $action, $id);
772 }
773 function handler_admin_sections(&$page, $action = 'list', $id = null) {
774 $page->setTitle('Administration - Sections');
775 $page->assign('title', 'Gestion des sections');
776 $table_editor = new PLTableEditor('admin/sections','profile_section_enum','id');
777 $table_editor->describe('text','intitulé',true);
778 $table_editor->apply($page, $action, $id);
779 }
780 function handler_admin_sectors(&$page, $action = 'list', $id = null) {
781 $page->setTitle('Administration - Secteurs');
782 $page->assign('title', 'Gestion des secteurs');
783 $table_editor = new PLTableEditor('admin/sectors', 'profile_job_subsubsector_enum', 'id', true);
784 $table_editor->describe('sectorid', 'id du secteur', false);
785 $table_editor->describe('subsectorid', 'id du sous-secteur', false);
786 $table_editor->describe('name', 'nom', true);
787 $table_editor->describe('flags', 'affichage', true);
788 $table_editor->apply($page, $action, $id);
789 }
790 function handler_admin_networking(&$page, $action = 'list', $id = null) {
791 $page->assign('xorg_title', 'Polytechnique.org - Administration - Networking');
792 $page->assign('title', 'Gestion des types de networking');
793 $table_editor = new PLTableEditor('admin/networking', 'profile_networking_enum', 'nwid');
794 $table_editor->describe('name', 'intitulé', true);
795 $table_editor->describe('icon', 'nom de l\'icône', false);
796 $table_editor->describe('filter', 'filtre', true);
797 $table_editor->describe('link', 'lien web', true);
798 $table_editor->apply($page, $action, $id);
799 }
800 function handler_admin_corps_enum(&$page, $action = 'list', $id = null) {
801 $page->setTitle('Administration - Corps');
802 $page->assign('title', 'Gestion des Corps');
803 $table_editor = new PLTableEditor('admin/corps_enum', 'profile_corps_enum', 'id');
804 $table_editor->describe('name', 'intitulé', true);
805 $table_editor->describe('abbreviation', 'abbréviation', true);
806 $table_editor->describe('still_exists', 'existe encore ?', true);
807 $table_editor->apply($page, $action, $id);
808 }
809 function handler_admin_corps_rank(&$page, $action = 'list', $id = null) {
810 $page->setTitle('Administration - Grade dans les Corps');
811 $page->assign('title', 'Gestion des grade dans les Corps');
812 $table_editor = new PLTableEditor('admin/corps_rank', 'profile_corps_rank_enum', 'id');
813 $table_editor->describe('name', 'intitulé', true);
814 $table_editor->describe('abbreviation', 'abbréviation', true);
815 $table_editor->apply($page, $action, $id);
816 }
817 function handler_admin_medals(&$page, $action = 'list', $id = null) {
818 $page->setTitle('Administration - Distinctions');
819 $page->assign('title', 'Gestion des Distinctions');
820 $table_editor = new PLTableEditor('admin/medals','profile_medal_enum','id');
821 $table_editor->describe('text', 'intitulé', true);
822 $table_editor->describe('img', 'nom de l\'image', false);
823 $table_editor->describe('flags', 'valider', true);
824 $table_editor->apply($page, $action, $id);
825 if ($id && $action == 'edit') {
826 $page->changeTpl('profile/admin_decos.tpl');
827
828 $mid = $id;
829
830 if (Post::v('act') == 'del') {
831 XDB::execute('DELETE FROM profile_medal_grade_enum
832 WHERE mid={?} AND gid={?}', $mid, Post::i('gid'));
833 } else {
834 foreach (Post::v('grades', array()) as $gid=>$text) {
835 if ($gid === 0) {
836 if (!empty($text)) {
837 $res = XDB::query('SELECT MAX(gid)
838 FROM profile_medal_grade_enum
839 WHERE mid = {?}', $mid);
840 $gid = $res->fetchOneCell() + 1;
841
842 XDB::execute('INSERT INTO profile_medal_grade_enum (mid, gid, text, pos)
843 VALUES ({?}, {?}, {?}, {?})',
844 $mid, $gid, $text, $_POST['pos']['0']);
845 }
846 } else {
847 XDB::execute('UPDATE profile_medal_grade_enum
848 SET pos={?}, text={?}
849 WHERE gid={?} AND mid={?}', $_POST['pos'][$gid], $text, $gid, $mid);
850 }
851 }
852 }
853 $res = XDB::iterator('SELECT gid, text, pos FROM profile_medal_grade_enum WHERE mid={?} ORDER BY pos', $mid);
854 $page->assign('grades', $res);
855 }
856 }
857 }
858
859 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
860 ?>
plat/al