projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'platal-0.9.17'
[platal.git] / modules / register.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2008 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 class RegisterModule extends PLModule
23 {
24 function handlers()
25 {
26 return array(
27 'register' => $this->make_hook('register', AUTH_PUBLIC),
28 'register/end' => $this->make_hook('end', AUTH_PUBLIC),
29 'register/end.php' => $this->make_hook('end_old', AUTH_PUBLIC),
30 'register/success' => $this->make_hook('success', AUTH_MDP),
31 'register/save' => $this->make_hook('save', AUTH_MDP),
32 );
33 }
34
35 function handler_register(&$page, $hash = null)
36 {
37 $alert = null;
38 $sub_state = S::v('sub_state', Array());
39 if (!isset($sub_state['step'])) {
40 $sub_state['step'] = 0;
41 }
42 if (!isset($sub_state['backs'])) {
43 $sub_state['backs'] = array();
44 }
45 if (Get::has('back') && Get::i('back') < $sub_state['step']) {
46 $sub_state['step'] = max(0,Get::i('back'));
47 $state = $sub_state;
48 unset($state['backs']);
49 $sub_state['backs'][] = $state;
50 if (count($sub_state['backs']) == 3) {
51 $alert .= "Tentative d'inscription tres hesitante - ";
52 }
53 }
54
55 // Compatibility with old sources, keep it atm
56 if (!$hash && Env::has('hash')) {
57 $hash = Env::v('hash');
58 }
59
60 if ($hash) {
61 $res = XDB::query(
62 "SELECT m.uid, u.promo, u.nom, u.prenom, u.matricule, u.naissance_ini, FIND_IN_SET('watch', u.flags)
63 FROM register_marketing AS m
64 INNER JOIN auth_user_md5 AS u ON u.user_id = m.uid
65 WHERE m.hash={?}", $hash);
66 if (list($uid, $promo, $nom, $prenom, $ourmat, $naiss, $watch) = $res->fetchOneRow()) {
67 $sub_state['uid'] = $uid;
68 $sub_state['hash'] = $hash;
69 $sub_state['promo'] = $promo;
70 $sub_state['nom'] = $nom;
71 $sub_state['prenom'] = $prenom;
72 $sub_state['ourmat'] = $ourmat;
73 $sub_state['watch'] = $watch;
74 $sub_state['naissance_ini'] = $naiss;
75
76 XDB::execute(
77 "REPLACE INTO register_mstats (uid,sender,success)
78 SELECT m.uid, m.sender, 0
79 FROM register_marketing AS m
80 WHERE m.hash", $sub_state['hash']);
81 }
82 }
83
84 switch ($sub_state['step']) {
85 case 0:
86 require_once('wiki.inc.php');
87 wiki_require_page('Reference.Charte');
88 if (Post::has('step1')) {
89 $sub_state['step'] = 1;
90 if (isset($sub_state['hash'])) {
91 $sub_state['step'] = 3;
92 require_once(dirname(__FILE__) . '/register/register.inc.php');
93 create_aliases($sub_state);
94 }
95 }
96 break;
97
98 case 1:
99 if (Post::has('promo')) {
100 $promo = Post::i('promo');
101 $res = XDB::query("SELECT COUNT(*)
102 FROM auth_user_md5
103 WHERE perms='pending' AND deces = '0000-00-00'
104 AND promo = {?}",
105 $promo);
106 if (!$res->fetchOneCell()) {
107 $err = "La promotion saisie est incorrecte ou tous les camardes de cette promo sont inscrits !";
108 } else {
109 $sub_state['step'] = 2;
110 $sub_state['promo'] = $promo;
111 if ($promo >= 1996 && $promo<2000) {
112 $sub_state['mat'] = ($promo % 100)*10 . '???';
113 } elseif($promo >= 2000) {
114 $sub_state['mat'] = 100 + ($promo % 100) . '???';
115 }
116 }
117 }
118 break;
119
120 case 2:
121 if (count($_POST)) {
122 require_once(dirname(__FILE__) . '/register/register.inc.php');
123 $sub_state['prenom'] = Post::v('prenom');
124 $sub_state['nom'] = Post::v('nom');
125 $sub_state['mat'] = Post::v('mat');
126 $err = check_new_user($sub_state);
127
128 if ($err !== true) { break; }
129 $err = create_aliases($sub_state);
130 if ($err === true) {
131 unset($err);
132 $sub_state['step'] = 3;
133 }
134 }
135 break;
136
137 case 3:
138 if (count($_POST)) {
139 require_once(dirname(__FILE__) . '/register/register.inc.php');
140 if (!isvalid_email(Post::v('email'))) {
141 $err[] = "Le champ 'E-mail' n'est pas valide.";
142 } elseif (!isvalid_email_redirection(Post::v('email'))) {
143 $err[] = $sub_state['forlife']." doit renvoyer vers un email existant ".
144 "valide, en particulier, il ne peut pas être renvoyé vers lui-même.";
145 }
146 $birth = trim(Env::v('naissance'));
147 if (!preg_match('@^[0-3]?\d/[01]?\d/(19|20)?\d{2}$@', $birth)) {
148 $err[] = "La 'Date de naissance' n'est pas correcte.";
149 } else {
150 $birth = explode('/', $birth, 3);
151 for ($i = 0; $i < 3; $i++)
152 $birth[$i] = intval($birth[$i]);
153 if ($birth[2] < 100) $birth[2] += 1900;
154 $year = $birth[2];
155 $promo = (int)$sub_state['promo'];
156 if ($year > $promo - 15 || $year < $promo - 30) {
157 $err[] = "La 'Date de naissance' n'est pas correcte.";
158 $alert = "Date de naissance incorrecte a l'inscription - ";
159 $sub_state['wrong_naissance'] = $birth;
160 }
161 }
162
163 // Check if the given email is known as dangerous
164 $res = XDB::query("SELECT w.state, w.description
165 FROM emails_watch AS w
166 WHERE w.email = {?} AND w.state != 'safe'",
167 Post::v('email'));
168 $email_banned = false;
169 if ($res->numRows()) {
170 list($state, $description) = $res->fetchOneRow();
171 $alert .= "Email surveille propose a l'inscription - ";
172 $sub_state['email_desc'] = $description;
173 if ($state == 'dangerous') {
174 $email_banned = true;
175 }
176 }
177 if ($sub_state['watch']) {
178 $alert .= "Inscription d'un utilisateur surveillé - ";
179 }
180
181 if (check_ip('unsafe')) {
182 unset($err);
183 }
184
185 if (isset($err)) {
186 $err = join('<br />', $err);
187 } else {
188 $sub_state['naissance'] = sprintf("%04d-%02d-%02d",
189 intval($birth[2]), intval($birth[1]), intval($birth[0]));
190 if ($sub_state['naissance_ini'] != '0000-00-00' && $sub_state['naissance'] != $sub_state['naissance_ini']) {
191 $alert .= "Date de naissance incorrecte à l'inscription - ";
192 }
193 $sub_state['email'] = Post::v('email');
194 $ip_banned = check_ip('unsafe');
195 if ($ip_banned) {
196 $alert .= "Tentative d'inscription depuis une IP surveillee";
197 }
198 if ($email_banned || $ip_banned) {
199 global $globals;
200 $err = "Une erreur s'est produite lors de l'inscription."
201 . " Merci de contacter <a href='mailto:register@{$globals->mail->domain}>"
202 . " register@{$globals->mail->domain}</a>"
203 . " pour nous faire part de cette erreur";
204 } else {
205 $sub_state['step'] = 4;
206 if (count($sub_state['backs']) >= 3) {
207 $alert .= "Fin d'une inscription hésitante";
208 }
209 finish_ins($sub_state);
210 }
211 }
212 }
213 break;
214 }
215
216 $_SESSION['sub_state'] = $sub_state;
217 if (!empty($alert)) {
218 send_warning_mail($alert);
219 }
220 $page->changeTpl('register/step'.intval($sub_state['step']).'.tpl');
221 if (isset($err)) {
222 $page->trigError($err);
223 }
224 }
225
226 function handler_end_old(&$page)
227 {
228 return $this->handler_end($page, Env::v('hash'));
229 }
230
231 function handler_end(&$page, $hash = null)
232 {
233 global $globals;
234
235
236 $page->changeTpl('register/end.tpl');
237 $_SESSION['sub_state'] = array('step' => 5);
238
239 if (check_ip('unsafe')) {
240 send_warning_mail('Une IP surveillée a tenté de finaliser son inscription');
241 XDB::execute('DELETE FROM register_pending
242 WHERE hash = {?} AND hash != \'INSCRIT\'', $hash);
243 return PL_FORBIDDEN;
244 }
245
246 require_once('user.func.inc.php');
247
248 if ($hash) {
249 $res = XDB::query(
250 "SELECT r.uid, r.forlife, r.bestalias, r.mailorg2,
251 r.password, r.email, r.naissance, u.nom, u.prenom,
252 u.promo, FIND_IN_SET('femme', u.flags), u.naissance_ini
253 FROM register_pending AS r
254 INNER JOIN auth_user_md5 AS u ON r.uid = u.user_id
255 WHERE hash={?} AND hash!='INSCRIT'", $hash);
256 }
257
258 if (!$hash || !list($uid, $forlife, $bestalias, $mailorg2, $password, $email,
259 $naissance, $nom, $prenom, $promo, $femme, $naiss_ini) = $res->fetchOneRow())
260 {
261 $page->kill("<p>Cette adresse n'existe pas, ou plus, sur le serveur.</p>
262 <p>Causes probables :</p>
263 <ol>
264 <li>Vérifie que tu visites l'adresse du dernier
265 e-mail reçu s'il y en a eu plusieurs.</li>
266 <li>Tu as peut-être mal copié l'adresse reçue par
267 mail, vérifie-la à la main.</li>
268 <li>Tu as peut-être attendu trop longtemps pour
269 confirmer. Les pré-inscriptions sont annulées
270 tous les 30 jours.</li>
271 <li>Tu es en fait déjà inscrit.</li>
272 </ol>");
273 }
274
275
276
277 /***********************************************************/
278 /****************** REALLY CREATE ACCOUNT ******************/
279 /***********************************************************/
280
281 XDB::execute('UPDATE auth_user_md5
282 SET password={?}, perms="user",
283 date=NOW(), naissance={?}, date_ins = NOW()
284 WHERE user_id={?}', $password, $naissance, $uid);
285 XDB::execute('REPLACE INTO auth_user_quick (user_id) VALUES ({?})', $uid);
286 XDB::execute('INSERT INTO aliases (id,alias,type)
287 VALUES ({?}, {?}, "a_vie")', $uid,
288 $forlife);
289 XDB::execute('INSERT INTO aliases (id,alias,type,flags)
290 VALUES ({?}, {?}, "alias", "bestalias")',
291 $uid, $bestalias);
292 if ($mailorg2) {
293 XDB::execute('INSERT INTO aliases (id,alias,type)
294 VALUES ({?}, {?}, "alias")', $uid,
295 $mailorg2);
296 }
297
298 require_once('emails.inc.php');
299 $redirect = new Redirect($uid);
300 $redirect->add_email($email);
301
302 // on cree un objet logger et on log l'inscription
303 $logger = new PlLogger($uid);
304 S::logger()->log('inscription', $email);
305
306 XDB::execute('UPDATE register_pending SET hash="INSCRIT" WHERE uid={?}', $uid);
307
308 global $platal;
309 $platal->on_subscribe($forlife, $uid, $promo, $password);
310
311 $mymail = new PlMailer('register/inscription.reussie.tpl');
312 $mymail->assign('forlife', $forlife);
313 $mymail->assign('prenom', $prenom);
314 $mymail->send();
315
316 require_once('user.func.inc.php');
317 user_reindex($uid);
318
319 // update number of subscribers (perms has changed)
320 $globals->updateNbIns();
321
322 if (!start_connexion($uid, false)) {
323 return PL_FORBIDDEN;
324 }
325 $_SESSION['auth'] = AUTH_MDP;
326
327 /***********************************************************/
328 /************* envoi d'un mail au démarcheur ***************/
329 /***********************************************************/
330 $res = XDB::iterRow(
331 "SELECT sa.alias, IF(s.nom_usage,s.nom_usage,s.nom) AS nom,
332 s.prenom, FIND_IN_SET('femme', s.flags) AS femme,
333 GROUP_CONCAT(m.email) AS mails, MAX(m.last) AS dateDernier
334 FROM register_marketing AS m
335 INNER JOIN auth_user_md5 AS s ON ( m.sender = s.user_id )
336 INNER JOIN aliases AS sa ON ( sa.id = m.sender
337 AND FIND_IN_SET('bestalias', sa.flags) )
338 WHERE m.uid = {?}
339 GROUP BY m.sender", $uid);
340 XDB::execute("UPDATE register_mstats SET success=NOW() WHERE uid={?}", $uid);
341
342 $market = array();
343 while (list($salias, $snom, $sprenom, $sfemme, $mails, $dateDernier) = $res->next()) {
344 $market[] = " - par $snom $sprenom sur $mails (le plus récemment le $dateDernier)";
345 $mymail = new PlMailer();
346 $mymail->setSubject("$prenom $nom s'est inscrit à Polytechnique.org !");
347 $mymail->setFrom('"Marketing Polytechnique.org" <register@' . $globals->mail->domain . '>');
348 $mymail->addTo("\"$sprenom $snom\" <$salias@{$globals->mail->domain}>");
349 $msg = ($sfemme?'Chère':'Cher')." $sprenom,\n\n"
350 . "Nous t'écrivons pour t'informer que $prenom $nom (X$promo), "
351 . "que tu avais incité".($femme?'e':'')." à s'inscrire à Polytechnique.org, "
352 . "vient à l'instant de terminer son inscription.\n\n"
353 . "Merci de ta participation active à la reconnaissance de ce site !!!\n\n"
354 . "Bien cordialement,\n"
355 . "L'équipe Polytechnique.org";
356 $mymail->setTxtBody(wordwrap($msg, 72));
357 $mymail->send();
358 }
359
360 /**** send a mail to X.org administrators ****/
361 if ($globals->register->notif) {
362 $mymail = new PlMailer();
363 $mymail->setSubject("Inscription de $prenom $nom (X$promo)");
364 $mymail->setFrom('"Webmaster Polytechnique.org" <web@' . $globals->mail->domain . '>');
365 $mymail->addTo($globals->register->notif);
366 $mymail->addHeader('Reply-To', $globals->register->notif);
367 $msg = "$prenom $nom (X$promo) a terminé son inscription avec les données suivantes :\n"
368 . " - nom : $nom\n"
369 . " - prenom : $prenom\n"
370 . " - promo : $promo\n"
371 . " - naissance : $naissance (date connue : $naiss_ini)\n"
372 . " - forlife : $forlife\n"
373 . " - email : $email\n"
374 . " - sexe : $femme\n"
375 . " - ip : {$logger->ip} ({$logger->host})\n"
376 . ($logger->proxy_ip ? " - proxy : {$logger->proxy_ip} ({$logger->proxy_host})\n" : "")
377 . "\n\n";
378 if (count($market) > 0) {
379 $msg .= "Les marketings suivants avaient été effectués :\n"
380 . implode("\n", $market);
381 } else {
382 $msg .= "$prenom $nom n'a jamais reçu de mail de marketing.";
383 }
384 $mymail->setTxtBody($msg);
385 $mymail->send();
386 }
387
388 Marketing::clear($uid);
389
390 pl_redirect('register/success');
391 $page->assign('uid', $uid);
392 }
393
394 function handler_success(&$page)
395 {
396 global $globals;
397 $page->changeTpl('register/success.tpl');
398
399 $_SESSION['sub_state'] = array('step' => 5);
400 if (Env::has('response2')) {
401 $_SESSION['password'] = $password = Post::v('response2');
402
403 XDB::execute('UPDATE auth_user_md5 SET password={?}
404 WHERE user_id={?}', $password,
405 S::v('uid'));
406
407 // If GoogleApps is enabled, and the user did choose to use synchronized passwords,
408 // and if the (stupid) user has decided to user /register/success another time,
409 // updates the Google Apps password as well.
410 if ($globals->mailstorage->googleapps_domain) {
411 require_once 'googleapps.inc.php';
412 $account = new GoogleAppsAccount(S::v('uid'), S::v('forlife'));
413 if ($account->active() && $account->sync_password) {
414 $account->set_password($password);
415 }
416 }
417
418 $log = S::v('log');
419 S::logger()->log('passwd', '');
420
421 if (Cookie::v('ORGaccess')) {
422 require_once('secure_hash.inc.php');
423 setcookie('ORGaccess', hash_encrypt($password), (time()+25920000), '/', '' ,0);
424 }
425
426 $page->assign('mdpok', true);
427 }
428
429 $res = XDB::iterRow("SELECT sub, domain
430 FROM register_subs
431 WHERE uid = {?} AND type = 'list'
432 ORDER BY domain",
433 S::i('uid'));
434 $current_domain = null;
435 $lists = array();
436 while (list($sub, $domain) = $res->next()) {
437 if ($current_domain != $domain) {
438 $current_domain = $domain;
439 $client = new MMList(S::v('uid'), S::v('password'), $domain);
440 }
441 list($details, ) = $client->get_members($sub);
442 $lists["$sub@$domain"] = $details;
443 }
444 $page->assign_by_ref('lists', $lists);
445
446 $page->addJsLink('motdepasse.js');
447 }
448
449 function handler_save(&$page)
450 {
451 global $globals;
452
453 // Finish registration procedure
454 if (Post::v('register_from_ax_question')) {
455 XDB::execute('UPDATE auth_user_quick
456 SET profile_from_ax = 1
457 WHERE user_id = {?}',
458 S::v('uid'));
459 }
460 if (Post::v('add_to_nl')) {
461 require_once 'newsletter.inc.php';
462 NewsLetter::subscribe();
463 }
464 if (Post::v('add_to_ax')) {
465 require_once dirname(__FILE__) . '/axletter/axletter.inc.php';
466 AXLetter::subscribe();
467 }
468 if (Post::v('add_to_promo')) {
469 $r = XDB::query('SELECT id FROM groupex.asso WHERE diminutif = {?}',
470 S::v('promo'));
471 $asso_id = $r->fetchOneCell();
472 XDB::execute('REPLACE INTO groupex.membres (uid,asso_id)
473 VALUES ({?}, {?})',
474 S::v('uid'), $asso_id);
475 $mmlist = new MMList(S::v('uid'), S::v('password'));
476 $mmlist->subscribe("promo".S::v('promo'));
477 }
478 if (Post::v('sub_ml')) {
479 $subs = array_keys(Post::v('sub_ml'));
480 $current_domain = null;
481 foreach ($subs as $list) {
482 list($sub, $domain) = explode('@', $list);
483 if ($domain != $current_domain) {
484 $current_domain = $domain;
485 $client = new MMList(S::v('uid'), S::v('password'), $domain);
486 }
487 $client->subscribe($sub);
488 }
489 }
490 if (Post::v('imap')) {
491 require_once 'emails.inc.php';
492 $storage = new EmailStorage(S::v('uid'), 'imap');
493 $storage->activate();
494 }
495
496 pl_redirect('profile/edit');
497 }
498 }
499
500 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
501 ?>
plat/al