projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Non significant spaces suck.
[platal.git] / modules / register.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2007 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 class RegisterModule extends PLModule
23 {
24 function handlers()
25 {
26 return array(
27 'register' => $this->make_hook('register', AUTH_PUBLIC),
28 'register/end' => $this->make_hook('end', AUTH_PUBLIC),
29 'register/end.php' => $this->make_hook('end_old', AUTH_PUBLIC),
30 'register/success' => $this->make_hook('success', AUTH_MDP),
31 );
32 }
33
34 function handler_register(&$page, $hash = null)
35 {
36 $alert = null;
37 $sub_state = S::v('sub_state', Array());
38 if (!isset($sub_state['step'])) {
39 $sub_state['step'] = 0;
40 }
41 if (!isset($sub_state['backs'])) {
42 $sub_state['backs'] = array();
43 }
44 if (Get::has('back') && Get::i('back') < $sub_state['step']) {
45 $sub_state['step'] = max(0,Get::i('back'));
46 $state = $sub_state;
47 unset($state['backs']);
48 $sub_state['backs'][] = $state;
49 if (count($sub_state['backs']) == 3) {
50 $alert .= "Tentative d'inscription tres hesitante - ";
51 }
52 }
53
54 // Compatibility with old sources, keep it atm
55 if (!$hash && Env::has('hash')) {
56 $hash = Env::v('hash');
57 }
58
59 if ($hash) {
60 $res = XDB::query(
61 "SELECT m.uid, u.promo, u.nom, u.prenom, u.matricule, u.naissance_ini, FIND_IN_SET('watch', u.flags)
62 FROM register_marketing AS m
63 INNER JOIN auth_user_md5 AS u ON u.user_id = m.uid
64 WHERE m.hash={?}", $hash);
65 if (list($uid, $promo, $nom, $prenom, $ourmat, $naiss, $watch) = $res->fetchOneRow()) {
66 $sub_state['uid'] = $uid;
67 $sub_state['hash'] = $hash;
68 $sub_state['promo'] = $promo;
69 $sub_state['nom'] = $nom;
70 $sub_state['prenom'] = $prenom;
71 $sub_state['ourmat'] = $ourmat;
72 $sub_state['watch'] = $watch;
73 $sub_state['naissance_ini'] = $naiss;
74
75 XDB::execute(
76 "REPLACE INTO register_mstats (uid,sender,success)
77 SELECT m.uid, m.sender, 0
78 FROM register_marketing AS m
79 WHERE m.hash", $sub_state['hash']);
80 }
81 }
82
83 switch ($sub_state['step']) {
84 case 0:
85 require_once('wiki.inc.php');
86 wiki_require_page('Reference.Charte');
87 if (Post::has('step1')) {
88 $sub_state['step'] = 1;
89 if (isset($sub_state['hash'])) {
90 $sub_state['step'] = 3;
91 require_once(dirname(__FILE__) . '/register/register.inc.php');
92 create_aliases($sub_state);
93 }
94 }
95 break;
96
97 case 1:
98 if (Post::has('promo')) {
99 $promo = Post::i('promo');
100 $res = XDB::query("SELECT COUNT(*)
101 FROM auth_user_md5
102 WHERE perms='pending' AND deces = '0000-00-00'
103 AND promo = {?}",
104 $promo);
105 if (!$res->fetchOneCell()) {
106 $err = "La promotion saisie est incorrecte ou tous les camardes de cette promo sont inscrits !";
107 } else {
108 $sub_state['step'] = 2;
109 $sub_state['promo'] = $promo;
110 if ($promo >= 1996 && $promo<2000) {
111 $sub_state['mat'] = ($promo % 100)*10 . '???';
112 } elseif($promo >= 2000) {
113 $sub_state['mat'] = 100 + ($promo % 100) . '???';
114 }
115 }
116 }
117 break;
118
119 case 2:
120 if (count($_POST)) {
121 require_once(dirname(__FILE__) . '/register/register.inc.php');
122 $sub_state['prenom'] = Post::v('prenom');
123 $sub_state['nom'] = Post::v('nom');
124 $sub_state['mat'] = Post::v('mat');
125 $err = check_new_user($sub_state);
126
127 if ($err !== true) { break; }
128 $err = create_aliases($sub_state);
129 if ($err === true) {
130 unset($err);
131 $sub_state['step'] = 3;
132 }
133 }
134 break;
135
136 case 3:
137 if (count($_POST)) {
138 require_once(dirname(__FILE__) . '/register/register.inc.php');
139 if (!isvalid_email(Post::v('email'))) {
140 $err[] = "Le champ 'E-mail' n'est pas valide.";
141 } elseif (!isvalid_email_redirection(Post::v('email'))) {
142 $err[] = $sub_state['forlife']." doit renvoyer vers un email existant ".
143 "valide, en particulier, il ne peut pas être renvoyé vers lui-même.";
144 }
145 $birth = trim(Env::v('naissance'));
146 if (!preg_match('/^[0-3][0-9][01][0-9][12][90][0-9][0-9]$/', $birth)) {
147 $err[] = "La 'Date de naissance' n'est pas correcte.";
148 } else {
149 $year = (int)substr($birth, 4, 4);
150 $promo = (int)$sub_state['promo'];
151 if ($year > $promo - 15 || $year < $promo - 30) {
152 $err[] = "La 'Date de naissance' n'est pas correcte.";
153 $alert = "Date de naissance incorrecte a l'inscription - ";
154 $sub_state['wrong_naissance'] = $birth;
155 }
156 }
157
158 // Check if the given email is known as dangerous
159 $res = Xdb::iterRow("SELECT w.state, w.description, a.alias
160 FROM emails AS e
161 INNER JOIN emails_watch AS w ON (e.email = w.email AND w.state != 'safe')
162 INNER JOIN aliases AS a ON (e.uid = a.id AND a.type = 'a_vie')
163 WHERE e.email = {?}
164 ORDER BY a.alias", Post::v('email'));
165 $aliases = array();
166 while(list($gstate, $gdescription, $alias) = $res->next()) {
167 $state = $gstate;
168 $description = $gdescription;
169 $aliases[] = $alias;
170 }
171 if (count($aliases) != 0) {
172 $alert .= "Email surveille propose a l'inscription - ";
173 }
174 if ($sub_state['watch']) {
175 $alter .= "Inscription d'un utilisateur surveillé - ";
176 }
177
178 if (check_ip('unsafe')) {
179 unset($err);
180 }
181
182 if (isset($err)) {
183 $err = join('<br />', $err);
184 } else {
185 $sub_state['naissance'] = sprintf("%s-%s-%s",
186 substr($birth,4,4),
187 substr($birth,2,2),
188 substr($birth,0,2));
189 if ($sub_state['naissance_ini'] != '0000-00-00' && $sub_state['naissance'] != $sub_state['naissance_ini']) {
190 $alert .= "Date de naissance incorrecte à l'inscription - ";
191 }
192 $sub_state['email'] = Post::v('email');
193 if (check_ip('unsafe')) {
194 $err = "Une erreur s'est produite lors de l'inscription."
195 . " Merci de contacter <a href='mailto:register@{$globals->mail->domain}>"
196 . " register@{$globals->mail->domain}</a>"
197 . " pour nous faire part de cette erreur";
198 $alert .= "Tentative d'inscription depuis une IP surveillee";
199 } else {
200 $sub_state['step'] = 4;
201 if (count($sub_state['backs']) >= 3) {
202 $alert .= "Fin d'une inscription hésitante";
203 }
204 finish_ins($sub_state);
205 }
206 }
207 }
208 break;
209 }
210
211 $_SESSION['sub_state'] = $sub_state;
212 if ($alert) {
213 send_warning_mail($alert);
214 }
215 $page->changeTpl('register/step'.intval($sub_state['step']).'.tpl');
216 if (isset($err)) {
217 $page->trig($err);
218 }
219 }
220
221 function handler_end_old(&$page)
222 {
223 return $this->handler_end($page, Env::v('hash'));
224 }
225
226 function handler_end(&$page, $hash = null)
227 {
228 global $globals;
229
230
231 $page->changeTpl('register/end.tpl');
232 $_SESSION['sub_state'] = array('step' => 5);
233
234 if (check_ip('unsafe')) {
235 send_warning_mail('Une IP surveillée a tenté de finaliser son inscription');
236 XDB::execute('DELETE FROM register_pending
237 WHERE hash = {?} AND hash != \'INSCRIT\'', $hash);
238 return PL_FORBIDDEN;
239 }
240
241 require_once('user.func.inc.php');
242
243 if ($hash) {
244 $res = XDB::query(
245 "SELECT r.uid, r.forlife, r.bestalias, r.mailorg2,
246 r.password, r.email, r.naissance, u.nom, u.prenom,
247 u.promo, FIND_IN_SET('femme', u.flags), u.naissance_ini
248 FROM register_pending AS r
249 INNER JOIN auth_user_md5 AS u ON r.uid = u.user_id
250 WHERE hash={?} AND hash!='INSCRIT'", $hash);
251 }
252
253 if (!$hash || !list($uid, $forlife, $bestalias, $mailorg2, $password, $email,
254 $naissance, $nom, $prenom, $promo, $femme, $naiss_ini) = $res->fetchOneRow())
255 {
256 $page->kill("<p>Cette adresse n'existe pas, ou plus, sur le serveur.</p>
257 <p>Causes probables :</p>
258 <ol>
259 <li>Vérifie que tu visites l'adresse du dernier
260 e-mail reçu s'il y en a eu plusieurs.</li>
261 <li>Tu as peut-être mal copié l'adresse reçue par
262 mail, vérifie-la à la main.</li>
263 <li>Tu as peut-être attendu trop longtemps pour
264 confirmer. Les pré-inscriptions sont annulées
265 tous les 30 jours.</li>
266 <li>Tu es en fait déjà inscrit.</li>
267 </ol>");
268 }
269
270
271
272 /***********************************************************/
273 /****************** REALLY CREATE ACCOUNT ******************/
274 /***********************************************************/
275
276 XDB::execute('UPDATE auth_user_md5
277 SET password={?}, perms="user",
278 date=NOW(), naissance={?}, date_ins = NOW()
279 WHERE user_id={?}', $password, $naissance, $uid);
280 XDB::execute('REPLACE INTO auth_user_quick (user_id) VALUES ({?})', $uid);
281 XDB::execute('INSERT INTO aliases (id,alias,type)
282 VALUES ({?}, {?}, "a_vie")', $uid,
283 $forlife);
284 XDB::execute('INSERT INTO aliases (id,alias,type,flags)
285 VALUES ({?}, {?}, "alias", "bestalias")',
286 $uid, $bestalias);
287 if ($mailorg2) {
288 XDB::execute('INSERT INTO aliases (id,alias,type)
289 VALUES ({?}, {?}, "alias")', $uid,
290 $mailorg2);
291 }
292
293 require_once('emails.inc.php');
294 $redirect = new Redirect($uid);
295 $redirect->add_email($email);
296
297 // on cree un objet logger et on log l'inscription
298 $logger = new CoreLogger($uid);
299 $logger->log('inscription', $email);
300
301 XDB::execute('UPDATE register_pending SET hash="INSCRIT" WHERE uid={?}', $uid);
302
303 global $platal;
304 $platal->on_subscribe($forlife, $uid, $promo, $password);
305
306 $mymail = new PlMailer('register/inscription.reussie.tpl');
307 $mymail->assign('forlife', $forlife);
308 $mymail->assign('prenom', $prenom);
309 $mymail->send();
310
311 require_once('user.func.inc.php');
312 user_reindex($uid);
313
314 if (!start_connexion($uid, false)) {
315 return PL_FORBIDDEN;
316 }
317 $_SESSION['auth'] = AUTH_MDP;
318
319 /***********************************************************/
320 /************* envoi d'un mail au démarcheur ***************/
321 /***********************************************************/
322 $res = XDB::iterRow(
323 "SELECT DISTINCT sa.alias, IF(s.nom_usage,s.nom_usage,s.nom) AS nom,
324 s.prenom, FIND_IN_SET('femme', s.flags) AS femme
325 FROM register_marketing AS m
326 INNER JOIN auth_user_md5 AS s ON ( m.sender = s.user_id )
327 INNER JOIN aliases AS sa ON ( sa.id = m.sender
328 AND FIND_IN_SET('bestalias', sa.flags) )
329 WHERE m.uid = {?}", $uid);
330 XDB::execute("UPDATE register_mstats SET success=NOW() WHERE uid={?}", $uid);
331
332 while (list($salias, $snom, $sprenom, $sfemme) = $res->next()) {
333 $mymail = new PlMailer();
334 $mymail->setSubject("$prenom $nom s'est inscrit à Polytechnique.org !");
335 $mymail->setFrom('"Marketing Polytechnique.org" <register@' . $globals->mail->domain . '>');
336 $mymail->addTo("\"$sprenom $snom\" <$salias@{$globals->mail->domain}>");
337 $msg = ($sfemme?'Chère':'Cher')." $sprenom,\n\n"
338 . "Nous t'écrivons pour t'informer que $prenom $nom (X$promo), "
339 . "que tu avais incité".($femme?'e':'')." à s'inscrire à Polytechnique.org, "
340 . "vient à l'instant de terminer son inscription.\n\n"
341 . "Merci de ta participation active à la reconnaissance de ce site !!!\n\n"
342 . "Bien cordialement,\n"
343 . "L'équipe Polytechnique.org";
344 $mymail->setTxtBody(wordwrap($msg, 72));
345 $mymail->send();
346 }
347
348 /**** send a mail to X.org administrators ****/
349 if ($globals->register->notif) {
350 $mymail = new PlMailer();
351 $mymail->setSubject("Inscription de $prenom $nom (X$promo)");
352 $mymail->setFrom('"Webmaster Polytechnique.org" <web@' . $globals->mail->domain . '>');
353 $mymail->addTo($globals->register->notif);
354 $msg = "$prenom $nom (X$promo) a terminé son inscription avec les données suivantes :\n"
355 . " - nom : $nom\n"
356 . " - prenom : $prenom\n"
357 . " - promo : $promo\n"
358 . " - naissance : $naissance (date connue : $naiss_ini)\n"
359 . " - forlife : $forlife\n"
360 . " - email : $email\n"
361 . " - sexe : $femme\n"
362 . " - ip : {$logger->ip} ({$logger->host})\n"
363 . ($logger->proxy_ip ? " - proxy : {$logger->proxy_ip} ({$logger->proxy_host})\n" : "");
364 $mymail->setTxtBody($msg);
365 $mymail->send();
366 }
367
368 Marketing::clear($uid);
369
370 pl_redirect('register/success');
371 $page->assign('uid', $uid);
372 }
373
374 function handler_success(&$page)
375 {
376 $page->changeTpl('register/success.tpl');
377
378 $_SESSION['sub_state'] = array('step' => 5);
379 if (Env::has('response2')) {
380 $_SESSION['password'] = $password = Post::v('response2');
381
382 XDB::execute('UPDATE auth_user_md5 SET password={?}
383 WHERE user_id={?}', $password,
384 S::v('uid'));
385
386 $log = S::v('log');
387 $log->log('passwd', '');
388
389 if (Cookie::v('ORGaccess')) {
390 require_once('secure_hash.inc.php');
391 setcookie('ORGaccess', hash_encrypt($password), (time()+25920000), '/', '' ,0);
392 }
393
394 $page->assign('mdpok', true);
395 }
396
397 $res = XDB::iterRow("SELECT sub, domain
398 FROM register_subs
399 WHERE uid = {?} AND type = 'list'
400 ORDER BY domain",
401 S::i('uid'));
402 $current_domain = null;
403 $lists = array();
404 while (list($sub, $domain) = $res->next()) {
405 if ($current_domain != $domain) {
406 $current_domain = $domain;
407 $client = new MMList(S::v('uid'), S::v('password'), $domain);
408 }
409 list($details, ) = $client->get_members($sub);
410 $lists["$sub@$domain"] = $details;
411 }
412 $page->assign_by_ref('lists', $lists);
413
414 $page->addJsLink('motdepasse.js');
415 }
416 }
417
418 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
419 ?>
plat/al