projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
#594: Group admins can temporarily try the site without privileges
[platal.git] / modules / xnetgrp.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2006 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 function get_infos($email)
23 {
24 global $globals;
25 // look for uid instead of email if numeric
26 $field = is_numeric($email) ? 'uid' : 'email';
27
28 if ($field == 'email') {
29 $email = strtolower($email);
30 if (strpos($email, '@') === false) {
31 $email .= '@m4x.org';
32 }
33 list($mbox,$dom) = explode('@', $email);
34 }
35
36 $res = XDB::query(
37 "SELECT uid, nom, prenom, email, email AS email2, perms='admin', origine, sexe
38 FROM groupex.membres
39 WHERE $field = {?} AND asso_id = {?}", $email, $globals->asso('id'));
40
41 if ($res->numRows()) {
42 $user = $res->fetchOneAssoc();
43 if ($user['origine'] == 'X') {
44 $res = XDB::query("SELECT nom, prenom, promo, FIND_IN_SET(flags, 'femme') AS sexe
45 FROM auth_user_md5
46 WHERE user_id = {?}", $user['uid']);
47 $user = array_merge($user, $res->fetchOneAssoc());
48 }
49 return $user;
50 } elseif ($dom == 'polytechnique.org' || $dom == 'm4x.org') {
51 $res = XDB::query(
52 "SELECT user_id AS uid, u.promo,
53 IF(u.nom_usage<>'', u.nom_usage, u.nom) AS nom,
54 u.prenom, b.alias,
55 CONCAT(b.alias, '@m4x.org') AS email,
56 CONCAT(b.alias, '@polytechnique.org') AS email2,
57 m.perms='admin' AS perms, m.origine,
58 FIND_IN_SET(u.flags, 'femme') AS sexe
59 FROM auth_user_md5 AS u
60 INNER JOIN aliases AS a ON ( u.user_id = a.id AND a.type != 'homonyme' )
61 INNER JOIN aliases AS b ON ( u.user_id = b.id AND b.type = 'a_vie' )
62 INNER JOIN groupex.membres AS m ON ( m.uid = u.user_id AND asso_id={?})
63 WHERE a.alias = {?} AND u.user_id < 50000", $globals->asso('id'), $mbox);
64 return $res->fetchOneAssoc();
65 }
66
67 return null;
68 }
69
70
71 class XnetGrpModule extends PLModule
72 {
73 function handlers()
74 {
75 return array(
76 '%grp' => $this->make_hook('index', AUTH_PUBLIC),
77 '%grp/asso.php' => $this->make_hook('index', AUTH_PUBLIC),
78 '%grp/logo' => $this->make_hook('logo', AUTH_PUBLIC),
79 '%grp/edit' => $this->make_hook('edit', AUTH_MDP),
80 '%grp/mail' => $this->make_hook('mail', AUTH_MDP),
81 '%grp/annuaire' => $this->make_hook('annuaire', AUTH_MDP),
82 '%grp/annuaire/vcard' => $this->make_hook('vcard', AUTH_MDP),
83 '%grp/trombi' => $this->make_hook('trombi', AUTH_MDP),
84 '%grp/subscribe' => $this->make_hook('subscribe', AUTH_MDP),
85 '%grp/unsubscribe' => $this->make_hook('unsubscribe', AUTH_MDP),
86
87 '%grp/change_rights' => $this->make_hook('change_rights', AUTH_MDP),
88
89 '%grp/admin/annuaire'
90 => $this->make_hook('admin_annuaire', AUTH_MDP),
91
92 '%grp/member'
93 => $this->make_hook('admin_member', AUTH_MDP),
94 '%grp/member/new'
95 => $this->make_hook('admin_member_new', AUTH_MDP),
96 '%grp/member/new/ajax'
97 => $this->make_hook('admin_member_new_ajax', AUTH_MDP, '', NO_AUTH),
98 '%grp/member/del'
99 => $this->make_hook('admin_member_del', AUTH_MDP),
100
101 '%grp/rss' => $this->make_hook('rss', AUTH_PUBLIC),
102 '%grp/announce/new' => $this->make_hook('edit_announce', AUTH_MDP),
103 '%grp/announce/edit' => $this->make_hook('edit_announce', AUTH_MDP),
104 '%grp/admin/announces' => $this->make_hook('admin_announce', AUTH_MDP),
105 );
106 }
107
108 function handler_index(&$page, $arg = null)
109 {
110 global $globals, $platal;
111
112 if (!is_null($arg)) {
113 return PL_NOT_FOUND;
114 }
115
116 new_group_open_page('xnet/groupe/asso.tpl');
117
118 if (S::logged()) {
119 if (Env::has('read')) {
120 XDB::query('DELETE r.*
121 FROM groupex.announces_read AS r
122 INNER JOIN groupex.announces AS a ON a.id = r.announce_id
123 WHERE peremption < CURRENT_DATE()');
124 XDB::query('INSERT INTO groupex.announces_read
125 VALUES ({?}, {?})',
126 Env::i('read'), S::i('uid'));
127 pl_redirect("");
128 }
129 if (Env::has('unread')) {
130 XDB::query('DELETE FROM groupex.announces_read
131 WHERE announce_id={?} AND user_id={?}',
132 Env::i('unread'), S::i('uid'));
133 pl_redirect("#art" . Env::i('unread'));
134 }
135 $arts = XDB::iterator("SELECT a.*, u.nom, u.prenom, u.promo, l.alias AS forlife
136 FROM groupex.announces AS a
137 INNER JOIN auth_user_md5 AS u USING(user_id)
138 INNER JOIN aliases AS l ON (u.user_id = l.id AND l.type = 'a_vie')
139 LEFT JOIN groupex.announces_read AS r ON (r.user_id = {?} AND r.announce_id = a.id)
140 WHERE asso_id = {?} AND peremption >= CURRENT_DATE()
141 AND (promo_min = 0 OR promo_min <= {?})
142 AND (promo_max = 0 OR promo_max >= {?})
143 AND r.announce_id IS NULL
144 ORDER BY a.peremption",
145 S::i('uid'), $globals->asso('id'), S::i('promo'), S::i('promo'));
146 $index = XDB::iterator("SELECT a.id, a.titre, r.user_id IS NULL AS nonlu
147 FROM groupex.announces AS a
148 LEFT JOIN groupex.announces_read AS r ON (a.id = r.announce_id AND r.user_id = {?})
149 WHERE asso_id = {?} AND peremption >= CURRENT_DATE()
150 AND (promo_min = 0 OR promo_min <= {?})
151 AND (promo_max = 0 OR promo_max >= {?})
152 ORDER BY a.peremption",
153 S::i('uid'), $globals->asso('id'), S::i('promo'), S::i('promo'));
154 $page->assign('article_index', $index);
155 } else {
156 $arts = XDB::iterator("SELECT a.*, u.nom, u.prenom, u.promo
157 FROM groupex.announces AS a
158 INNER JOIN auth_user_md5 AS u USING(user_id)
159 WHERE asso_id = {?} AND peremption >= CURRENT_DATE()
160 AND FIND_IN_SET(a.flags, 'public')",
161 $globals->asso('id'));
162 }
163
164 if (!S::has('core_rss_hash')) {
165 $page->setRssLink("Polytechnique.net :: {$globals->asso("nom")} :: News publiques",
166 "rss/rss.xml");
167 } else {
168 $page->setRssLink("Polytechnique.net :: {$globals->asso("nom")} :: News",
169 'rss/'.S::v('forlife') .'/'.S::v('core_rss_hash').'/rss.xml');
170 }
171
172 require_once('url_catcher.inc.php');
173 $page->register_modifier('url_catcher', 'url_catcher');
174 $page->assign('articles', $arts);
175
176 $page->assign('asso', $globals->asso());
177 }
178
179 function handler_logo(&$page)
180 {
181 global $globals;
182
183 $res = XDB::query("SELECT logo, logo_mime
184 FROM groupex.asso WHERE id = {?}",
185 $globals->asso('id'));
186 list($logo, $logo_mime) = $res->fetchOneRow();
187
188 if (!empty($logo)) {
189 header("Content-type: $mime");
190 header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
191 header('Last-Modified:' . gmdate('D, d M Y H:i:s') . ' GMT');
192 header('Cache-Control: no-cache, must-revalidate');
193 header('Pragma: no-cache');
194 echo $logo;
195 } else {
196 header('Content-type: image/jpeg');
197 header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
198 header('Last-Modified:' . gmdate('D, d M Y H:i:s') . ' GMT');
199 header('Cache-Control: no-cache, must-revalidate');
200 header('Pragma: no-cache');
201 readfile(dirname(__FILE__).'/../htdocs/images/dflt_carre.jpg');
202 }
203
204 exit;
205 }
206
207 function handler_edit(&$page)
208 {
209 global $globals;
210
211 new_groupadmin_page('xnet/groupe/edit.tpl');
212
213 if (Post::has('submit')) {
214 if (S::has_perms()) {
215 if (Post::v('mail_domain') && (strstr(Post::v('mail_domain'), '.') === false)) {
216 $page->trig("le domaine doit être un FQDN (aucune modif effectuée) !!!");
217 return;
218 }
219 XDB::execute(
220 "UPDATE groupex.asso
221 SET nom={?}, diminutif={?}, cat={?}, dom={?},
222 descr={?}, site={?}, mail={?}, resp={?},
223 forum={?}, mail_domain={?}, ax={?}, pub={?},
224 sub_url={?}, inscriptible={?}, unsub_url={?}
225 WHERE id={?}",
226 Post::v('nom'), Post::v('diminutif'),
227 Post::v('cat'), Post::i('dom'),
228 Post::v('descr'), Post::v('site'),
229 Post::v('mail'), Post::v('resp'),
230 Post::v('forum'), Post::v('mail_domain'),
231 Post::has('ax'), Post::has('pub')?'private':'public',
232 Post::v('sub_url'), Post::v('inscriptible'),
233 Post::v('unsub_url'),$globals->asso('id'));
234 if (Post::v('mail_domain')) {
235 XDB::execute('INSERT INTO virtual_domains (domain) VALUES({?})',
236 Post::v('mail_domain'));
237 }
238 } else {
239 XDB::execute(
240 "UPDATE groupex.asso
241 SET descr={?}, site={?}, mail={?}, resp={?},
242 forum={?}, ax={?}, pub= {?}, sub_url={?},
243 unsub_url={?}
244 WHERE id={?}",
245 Post::v('descr'), Post::v('site'),
246 Post::v('mail'), Post::v('resp'),
247 Post::v('forum'), Post::has('ax'),
248 Post::has('pub')?'private':'public',
249 Post::v('sub_url'), Post::v('unsub_url'),
250 $globals->asso('id'));
251 }
252
253 if ($_FILES['logo']['name']) {
254 $logo = file_get_contents($_FILES['logo']['tmp_name']);
255 $mime = $_FILES['logo']['type'];
256 XDB::execute('UPDATE groupex.asso
257 SET logo={?}, logo_mime={?}
258 WHERE id={?}', $logo, $mime,
259 $globals->asso('id'));
260 }
261
262 pl_redirect('../'.Post::v('diminutif', $globals->asso('diminutif')).'/edit');
263 }
264
265 if (S::has_perms()) {
266 $dom = XDB::iterator('SELECT * FROM groupex.dom ORDER BY nom');
267 $page->assign('dom', $dom);
268 $page->assign('super', true);
269 }
270 }
271
272 function handler_mail(&$page)
273 {
274 global $globals;
275
276 new_groupadmin_page('xnet/groupe/mail.tpl');
277 $mmlist = new MMList(S::v('uid'), S::v('password'),
278 $globals->asso('mail_domain'));
279 $page->assign('listes', $mmlist->get_lists());
280
281 if (Post::has('send')) {
282 $from = Post::v('from');
283 $sujet = Post::v('sujet');
284 $body = Post::v('body');
285
286 $mls = array_keys(Env::v('ml', array()));
287 $mbr = array_keys(Env::v('membres', array()));
288
289 require_once dirname(__FILE__) . '/xnetgrp/mail.inc.php';
290 $tos = get_all_redirects($mbr, $mls, $mmlist);
291 send_xnet_mails($from, $sujet, $body, $tos, Post::v('replyto'), $_FILES['uploaded']);
292 $page->kill("Mail envoyé !");
293 $page->assign('sent', true);
294 }
295 }
296
297 function handler_annuaire(&$page)
298 {
299 global $globals;
300 new_annu_page('xnet/groupe/annuaire.tpl');
301
302 $sort = Env::v('order');
303 switch (Env::v('order')) {
304 case 'promo' : $group = 'promo'; $tri = 'promo_o DESC, nom, prenom'; break;
305 case 'promo_inv': $group = 'promo'; $tri = 'promo_o, nom, prenom'; break;
306 case 'alpha_inv': $group = 'initiale'; $tri = 'nom DESC, prenom DESC, promo'; break;
307 default : $group = 'initiale'; $tri = 'nom, prenom, promo'; $sort = 'alpha';
308 }
309 $page->assign('sort', $sort);
310
311 if ($group == 'initiale') {
312 $res = XDB::iterRow(
313 'SELECT UPPER(SUBSTRING(
314 IF(m.origine="X", IF(u.nom_usage<>"", u.nom_usage, u.nom),m.nom),
315 1, 1)) as letter, COUNT(*)
316 FROM groupex.membres AS m
317 LEFT JOIN auth_user_md5 AS u ON ( u.user_id = m.uid )
318 WHERE asso_id = {?}
319 GROUP BY letter
320 ORDER BY letter', $globals->asso('id'));
321 } else {
322 $res = XDB::iterRow(
323 'SELECT IF(m.origine="X",u.promo,
324 IF(m.origine="ext", "extérieur", "personne morale")) AS promo,
325 COUNT(*), IF(m.origine="X",u.promo,"") AS promo_o
326 FROM groupex.membres AS m
327 LEFT JOIN auth_user_md5 AS u ON ( u.user_id = m.uid )
328 WHERE asso_id = {?}
329 GROUP BY promo
330 ORDER BY promo_o DESC', $globals->asso('id'));
331 }
332 $alphabet = array();
333 $nb_tot = 0;
334 while (list($char, $nb) = $res->next()) {
335 $alphabet[] = $char;
336 $nb_tot += $nb;
337 if (Env::has($group) && $char == strtoupper(Env::v($group))) {
338 $tot = $nb;
339 }
340 }
341 $page->assign('group', $group);
342 $page->assign('request_group', Env::v($group));
343 $page->assign('only_admin', Env::has('admin'));
344 $page->assign('alphabet', $alphabet);
345 $page->assign('nb_tot', $nb_tot);
346
347 $ofs = Env::i('offset');
348 $tot = Env::v($group) ? $tot : $nb_tot;
349 $nbp = intval(($tot-1)/NB_PER_PAGE);
350 $links = array();
351 if ($ofs) {
352 $links['précédent'] = $ofs-1;
353 }
354 for ($i = 0; $i <= $nbp; $i++) {
355 $links[(string)($i+1)] = $i;
356 }
357 if ($ofs < $nbp) {
358 $links['suivant'] = $ofs+1;
359 }
360 if (count($links)>1) {
361 $page->assign('links', $links);
362 }
363
364 $ini = '';
365 if (Env::has('initiale')) {
366 $ini = 'AND IF(m.origine="X",
367 IF(u.nom_usage<>"", u.nom_usage, u.nom),
368 m.nom) LIKE "'.addslashes(Env::v('initiale')).'%"';
369 } elseif (Env::has('promo')) {
370 $ini = 'AND IF(m.origine="X", u.promo, IF(m.origine="ext", "extérieur", "personne morale")) = "'
371 .addslashes(Env::v('promo')).'"';
372 } elseif (Env::has('admin')) {
373 $ini = 'AND m.perms = "admin"';
374 }
375
376 $ann = XDB::iterator(
377 "SELECT IF(m.origine='X',IF(u.nom_usage<>'', u.nom_usage, u.nom) ,m.nom) AS nom,
378 IF(m.origine='X',u.prenom,m.prenom) AS prenom,
379 IF(m.origine='X', u.promo, IF(m.origine='ext', 'extérieur', 'personne morale')) AS promo,
380 IF(m.origine='X',u.promo,'') AS promo_o,
381 IF(m.origine='X' AND u.perms != 'pending',a.alias,m.email) AS email,
382 IF(m.origine='X',FIND_IN_SET('femme', u.flags), m.sexe) AS femme,
383 m.perms='admin' AS admin,
384 m.origine='X' AS x,
385 u.perms!='pending' AS inscrit,
386 m.uid
387 FROM groupex.membres AS m
388 LEFT JOIN auth_user_md5 AS u ON ( u.user_id = m.uid )
389 LEFT JOIN aliases AS a ON ( a.id = m.uid AND a.type='a_vie' )
390 WHERE m.asso_id = {?} $ini
391 AND (m.origine != 'X' OR u.perms != 'pending' OR m.email IS NOT NULL)
392 ORDER BY $tri
393 LIMIT {?},{?}", $globals->asso('id'), $ofs*NB_PER_PAGE, NB_PER_PAGE);
394 $page->assign('ann', $ann);
395 }
396
397 function handler_trombi(&$page, $num = 1)
398 {
399 global $globals;
400 new_annu_page('xnet/groupe/trombi.tpl');
401
402 $page->assign('urlmainsite', "https://www.polytechnique.org/");
403 $trombi = new Trombi(array($this, '_trombi_getlist'));
404 $trombi->hidePromo();
405 $trombi->setAdmin();
406 $page->assign_by_ref('trombi', $trombi);
407 }
408
409 function _trombi_getlist($offset, $limit)
410 {
411 global $globals;
412 $where = "WHERE m.asso_id= '".addslashes($globals->asso('id'))."'";
413
414 $res = XDB::query(
415 "SELECT COUNT(*)
416 FROM auth_user_md5 AS u
417 RIGHT JOIN photo AS p ON u.user_id=p.uid
418 INNER JOIN groupex.membres AS m ON (m.uid = u.user_id)
419 $where");
420 $pnb = $res->fetchOneCell();
421
422 $res = XDB::query("SELECT promo, user_id, a.alias AS forlife,
423 IF (nom_usage='', u.nom, nom_usage) AS nom, u.prenom
424 FROM photo AS p
425 INNER JOIN auth_user_md5 AS u ON u.user_id=p.uid
426 INNER JOIN aliases AS a ON ( u.user_id=a.id AND a.type='a_vie' )
427 INNER JOIN groupex.membres AS m ON (m.uid = u.user_id)
428 $where
429 ORDER BY promo, u.nom, u.prenom LIMIT {?}, {?}", $offset*$limit, $limit);
430
431 return array($pnb, $res->fetchAllAssoc());
432 }
433
434 function handler_vcard(&$page, $photos = null)
435 {
436 global $globals;
437
438 if (($globals->asso('pub') == 'public' && is_member()) || may_update()) {
439 $res = XDB::query('SELECT uid
440 FROM groupex.membres
441 WHERE asso_id = {?}', $globals->asso('id'));
442 require_once('vcard.inc.php');
443 $vcard = new VCard($res->fetchColumn(), $photos == 'photos', 'Membre du groupe ' . $globals->asso('nom'));
444 $vcard->do_page($page);
445 } else {
446 return PL_NOTALLOWED;
447 }
448 }
449
450 function handler_subscribe(&$page, $u = null)
451 {
452 global $globals;
453
454 new_group_open_page('xnet/groupe/inscrire.tpl');
455
456 if (!$globals->asso('inscriptible'))
457 $page->kill("Il n'est pas possible de s'inscire en ligne à ce "
458 ."groupe. Essaie de joindre le contact indiqué "
459 ."sur la page de présentation.");
460
461 if (!is_null($u) && may_update()) {
462 $page->assign('u', $u);
463 $res = XDB::query("SELECT nom, prenom, promo, user_id
464 FROM auth_user_md5 AS u
465 INNER JOIN aliases AS al ON (al.id = u.user_id
466 AND al.type != 'liste')
467 WHERE al.alias = {?}", $u);
468
469 if (list($nom, $prenom, $promo, $uid) = $res->fetchOneRow()) {
470 $res = XDB::query("SELECT COUNT(*)
471 FROM groupex.membres AS m
472 INNER JOIN aliases AS a ON (m.uid = a.id
473 AND a.type != 'homonyme')
474 WHERE a.alias = {?} AND m.asso_id = {?}",
475 $u, $globals->asso('id'));
476 $n = $res->fetchOneCell();
477 if ($n) {
478 $page->kill("$prenom $nom est déjà membre du groupe !");
479 return;
480 }
481 elseif (Env::has('accept'))
482 {
483 XDB::execute("INSERT INTO groupex.membres
484 VALUES ({?}, {?}, 'membre', 'X', NULL, NULL, NULL, NULL, NULL)",
485 $globals->asso('id'), $uid);
486 $mailer = new PlMailer();
487 $mailer->addTo("$u@polytechnique.org");
488 $mailer->setFrom('"'.S::v('prenom').' '.S::v('nom')
489 .'" <'.S::v('forlife').'@polytechnique.org>');
490 $mailer->setSubject('['.$globals->asso('nom').'] Demande d\'inscription');
491 $message = "Cher Camarade,\n"
492 . "\n"
493 . " Suite à ta demande d'adhésion à ".$globals->asso('nom').",\n"
494 . "j'ai le plaisir de t'annoncer que ton inscription a été validée !\n"
495 . "\n"
496 . "Bien cordialement,\n"
497 . "{$_SESSION["prenom"]} {$_SESSION["nom"]}.";
498 $mailer->setTxtBody($message);
499 $mailer->send();
500 $page->kill("$prenom $nom a bien été inscrit");
501 }
502 elseif (Env::has('refuse'))
503 {
504 $mailer = new PlMailer();
505 $mailer->addTo("$u@polytechnique.org");
506 $mailer->setFrom('"'.S::v('prenom').' '.S::v('nom')
507 .'" <'.S::v('forlife').'@polytechnique.org>');
508 $mailer->setSubject('['.$globals->asso('nom').'] Demande d\'inscription annulée');
509 $mailer->setTxtBody(Env::v('motif'));
510 $mailer->send();
511 $page->kill("la demande $prenom $nom a bien été refusée");
512 } else {
513 $page->assign('show_form', true);
514 $page->assign('prenom', $prenom);
515 $page->assign('nom', $nom);
516 $page->assign('promo', $promo);
517 $page->assign('uid', $uid);
518 }
519 return;
520 }
521 return PL_NOT_FOUND;
522 }
523
524 if (is_member()) {
525 $page->kill("tu es déjà membre !");
526 return;
527 }
528
529 if (Post::has('inscrire')) {
530 $res = XDB::query('SELECT IF(m.email IS NULL,
531 CONCAT(al.alias,"@polytechnique.org"),
532 m.email)
533 FROM groupex.membres AS m
534 INNER JOIN aliases AS al ON (al.type = "a_vie"
535 AND al.id = m.uid)
536 WHERE perms="admin" AND m.asso_id = {?}',
537 $globals->asso('id'));
538 $emails = $res->fetchColumn();
539 $to = implode(',', $emails);
540
541 $append = "\n"
542 . "-- \n"
543 . "Ce message a été envoyé suite à la demande d'inscription de\n"
544 . S::v('prenom').' '.S::v('nom').' (X'.S::v('promo').")\n"
545 . "Via le site www.polytechnique.net. Tu peux choisir de valider ou\n"
546 . "de refuser sa demande d'inscription depuis la page :\n"
547 .
548 "http://www.polytechnique.net/".$globals->asso("diminutif")."/subscribe/"
549 .S::v('forlife')."\n"
550 . "\n"
551 . "En cas de problème, contacter l'équipe de Polytechnique.org\n"
552 . "à l'adresse : support@polytechnique.org\n";
553
554 if (!$to) {
555 $to = $globals->asso("mail").", support@polytechnique.org";
556 $append = "\n-- \nLe groupe ".$globals->asso("nom")
557 ." n'a pas d'administrateur, l'équipe de"
558 ." Polytechnique.org a été prévenue et va rapidement"
559 ." résoudre ce problème.\n";
560 }
561
562 $mailer = new PlMailer();
563 $mailer->addTo($to);
564 $mailer->setFrom('"'.S::v('prenom').' '.S::v('nom')
565 .'" <'.S::v('forlife').'@polytechnique.org>');
566 $mailer->setSubject('['.$globals->asso('nom').'] Demande d\'inscription');
567 $mailer->setTxtBody(Post::v('message').$append);
568 $mailer->send();
569 }
570 }
571
572 function handler_change_rights(&$page)
573 {
574 if (Env::has('right') && (may_update() || S::has('suid'))) {
575 switch (Env::v('right')) {
576 case 'admin':
577 killSuid();
578 break;
579 case 'anim':
580 doSelfSuid();
581 may_update(true);
582 is_member(true);
583 break;
584 case 'member':
585 doSelfSuid();
586 may_update(false, true);
587 is_member(true);
588 break;
589 case 'logged':
590 doSelfSuid();
591 may_update(false, true);
592 is_member(false, true);
593 break;
594 }
595 }
596 pl_redirect("");
597 }
598
599 function handler_admin_annuaire(&$page)
600 {
601 global $globals;
602
603 require_once 'xnet/mail.inc.php';
604
605 new_groupadmin_page('xnet/groupe/annuaire-admin.tpl');
606 $mmlist = new MMList(S::v('uid'), S::v('password'),
607 $globals->asso('mail_domain'));
608 $lists = $mmlist->get_lists();
609 if (!$lists) $lists = array();
610 $listes = array_map(create_function('$arr', 'return $arr["list"];'), $lists);
611
612 $subscribers = array();
613
614 foreach ($listes as $list) {
615 list(,$members) = $mmlist->get_members($list);
616 $mails = array_map(create_function('$arr', 'return $arr[1];'), $members);
617 $subscribers = array_unique(array_merge($subscribers, $mails));
618 }
619
620 $not_in_group_x = array();
621 $not_in_group_ext = array();
622
623 foreach ($subscribers as $mail) {
624 $res = XDB::query(
625 'SELECT COUNT(*)
626 FROM groupex.membres AS m
627 LEFT JOIN auth_user_md5 AS u ON (m.uid=u.user_id AND m.uid<50000)
628 LEFT JOIN aliases AS a ON (a.id=u.user_id and a.type="a_vie")
629 WHERE asso_id = {?} AND
630 (m.email = {?} OR CONCAT(a.alias, "@polytechnique.org") = {?})',
631 $globals->asso('id'), $mail, $mail);
632 if ($res->fetchOneCell() == 0) {
633 if (strstr($mail, '@polytechnique.org') === false) {
634 $not_in_group_ext[] = $mail;
635 } else {
636 $not_in_group_x[] = $mail;
637 }
638 }
639 }
640
641 $page->assign('not_in_group_ext', $not_in_group_ext);
642 $page->assign('not_in_group_x', $not_in_group_x);
643 $page->assign('lists', $lists);
644 }
645
646 function handler_admin_member_new(&$page, $email = null)
647 {
648 global $globals;
649
650 new_groupadmin_page('xnet/groupe/membres-add.tpl');
651 $page->addJsLink('ajax.js');
652
653 if (is_null($email)) {
654 return;
655 }
656
657 list(,$fqdn) = explode('@', $email);
658 $fqdn = strtolower($fqdn);
659 $x = ($fqdn == 'polytechnique.org' || $fqdn == 'melix.org' ||
660 $fqdn == 'm4x.org' || $fqdn == 'melix.net');
661
662 if ($x) {
663 require_once 'user.func.inc.php';
664 if ($forlife = get_user_forlife($email)) {
665 XDB::execute(
666 'INSERT INTO groupex.membres (uid,asso_id,origine)
667 SELECT user_id,{?},"X"
668 FROM auth_user_md5 AS u
669 INNER JOIN aliases AS a ON (u.user_id = a.id)
670 WHERE a.alias={?}', $globals->asso('id'), $forlife);
671 pl_redirect("member/$email");
672 } else {
673 $page->trig($email." n'est pas un alias polytechnique.org valide");
674 }
675 } else {
676 if (isvalid_email($email)) {
677 if (Env::v('x') && Env::has('userid') && Env::i('userid')) {
678 $uid = Env::i('userid');
679 $res = XDB::query("SELECT *
680 FROM auth_user_md5
681 WHERE user_id = {?} AND perms = 'pending'", $uid);
682 if ($res->numRows() == 1) {
683 XDB::execute('INSERT INTO groupex.membres (uid, asso_id, origine, email)
684 VALUES ({?}, {?}, "X", {?})',
685 $uid, $globals->asso('id'), $email);
686 if (Env::v('market')) {
687 $res = XDB::query('SELECT COUNT(*)
688 FROM register_marketing
689 WHERE uid={?} AND email={?}', $uid, $email);
690 if (!$res->fetchOneCell()) {
691 XDB::execute("INSERT INTO register_marketing (uid,sender,email,date,last,nb,type,hash)
692 VALUES ({?}, {?}, {?}, NOW(), 0, 0, {?}, '')",
693 $uid, S::v('uid'), $email, Env::v('market_from'));
694 require_once('validations.inc.php');
695 $req = new MarkReq(S::v('uid'), $uid, $email, Env::v('market_from') == 'user');
696 $req->submit();
697 }
698 }
699 pl_redirect("member/$email");
700 }
701 $page->trig("Utilisateur invalide");
702 } else {
703 $res = XDB::query('SELECT MAX(uid)+1 FROM groupex.membres');
704 $uid = max(intval($res->fetchOneCell()), 50001);
705 XDB::execute('INSERT INTO groupex.membres (uid,asso_id,origine,email)
706 VALUES({?},{?},"ext",{?})', $uid,
707 $globals->asso('id'), $email);
708 pl_redirect("member/$email");
709 }
710 } else {
711 $page->trig("« <strong>$email</strong> » n'est pas une adresse mail valide");
712 }
713 }
714 }
715
716 function handler_admin_member_new_ajax(&$page)
717 {
718 header('Content-Type: text/html; charset="iso-8859-15"');
719 $page->changeTpl('xnet/groupe/membres-new-search.tpl', NO_SKIN);
720 list($nom, $prenom) = str_replace(array('-', ' ', "'"), '%', array(Env::v('nom'), Env::v('prenom')));
721 $where = "perms = 'pending'";
722 if (!empty($nom)) {
723 $where .= " AND nom LIKE '%$nom%'";
724 }
725 if (!empty($prenom)) {
726 $where .= " AND prenom LIKE '%$prenom%'";
727 }
728 if (preg_match('/^[0-9]{4}$/', Env::v('promo'))) {
729 $where .= " AND promo = " . Env::i('promo');
730 } elseif (Env::has('promo')) {
731 return;
732 }
733 $res = XDB::iterator("SELECT user_id, nom, prenom, promo
734 FROM auth_user_md5
735 WHERE $where");
736 if ($res->total() < 30) {
737 $page->assign("choix", $res);
738 }
739 }
740
741 function unsubscribe(&$user)
742 {
743 global $globals, $page;
744 XDB::execute(
745 "DELETE FROM groupex.membres WHERE uid={?} AND asso_id={?}",
746 $user['uid'], $globals->asso('id'));
747
748 $user_same_email = get_infos($user['email']);
749 $domain = $globals->asso('mail_domain');
750
751 if (!$domain || !empty($user_same_email)) {
752 return true;
753 }
754
755 $mmlist = new MMList(S::v('uid'), S::v('password'), $domain);
756 $listes = $mmlist->get_lists($user['email2']);
757
758 $may_update = may_update();
759 $warning = false;
760 foreach ($listes as $liste) {
761 if ($liste['sub'] == 2) {
762 if ($may_update) {
763 $mmlist->mass_unsubscribe($liste['list'], Array($user['email2']));
764 } else {
765 $mmlist->unsubscribe($liste['list']);
766 }
767 } elseif ($liste['sub']) {
768 $page->trig("{$user['prenom']} {$user['nom']} a une"
769 ." demande d'inscription en cours sur la"
770 ." liste {$liste['list']}@ !");
771 $warning = true;
772 }
773 }
774
775 XDB::execute(
776 "DELETE FROM virtual_redirect
777 USING virtual_redirect
778 INNER JOIN virtual USING(vid)
779 WHERE redirect={?} AND alias LIKE {?}", $user['email'], '%@'.$domain);
780 return !$warning;
781 }
782
783 function handler_unsubscribe(&$page)
784 {
785 new_group_page('xnet/groupe/membres-del.tpl');
786 $user = get_infos(S::v('forlife'));
787 if (empty($user)) {
788 return PL_NOT_FOUND;
789 }
790 $page->assign('self', true);
791 $page->assign('user', $user);
792
793 if (!Post::has('confirm')) {
794 return;
795 }
796
797 if ($this->unsubscribe($user)) {
798 $page->trig('Vous avez été désinscrit du groupe avec succès');
799 } else {
800 $page->trig('Vous avez été désinscrit du groupe, mais des erreurs se sont produites lors des désinscriptions des alias et des mailing-lists.');
801 }
802 $page->assign('is_member', is_member(true));
803 }
804
805 function handler_admin_member_del(&$page, $user = null)
806 {
807 new_groupadmin_page('xnet/groupe/membres-del.tpl');
808 $user = get_infos($user);
809 if (empty($user)) {
810 return PL_NOT_FOUND;
811 }
812 $page->assign('user', $user);
813
814 if (!Post::has('confirm')) {
815 return;
816 }
817
818 if ($this->unsubscribe($user)) {
819 $page->trig("{$user['prenom']} {$user['nom']} a été désabonné du groupe !");
820 } else {
821 $page->trig("{$user['prenom']} {$user['nom']} a été désabonné du groupe, mais des erreurs subsistent !");
822 }
823 }
824
825 function handler_admin_member(&$page, $user)
826 {
827 global $globals;
828
829 new_groupadmin_page('xnet/groupe/membres-edit.tpl');
830
831 $user = get_infos($user);
832 if (empty($user)) {
833 return PL_NOT_FOUND;
834 }
835
836 $mmlist = new MMList(S::v('uid'), S::v('password'),
837 $globals->asso('mail_domain'));
838
839 if (Post::has('change')) {
840 $email_changed = ($user['origine'] != 'X' && strtolower($user['email']) != strtolower(Post::v('email')));
841 $from_email = $user['email'];
842 if ($user['origine'] != 'X') {
843 $user['nom'] = Post::v('nom');
844 $user['prenom'] = (Post::v('origine') == 'ext') ? Post::v('prenom') : '';
845 $user['sexe'] = (Post::v('origine') == 'ext') ? Post::v('sexe') : 0;
846 $user['origine'] = Post::v('origine');
847 XDB::query('UPDATE groupex.membres
848 SET prenom={?}, nom={?}, email={?}, sexe={?}, origine={?}
849 WHERE uid={?} AND asso_id={?}',
850 $user['prenom'], $user['nom'], Post::v('email'),
851 $user['sexe'], $user['origine'], $user['uid'],
852 $globals->asso('id'));
853 $user['email'] = Post::v('email');
854 $user['email2'] = Post::v('email');
855 }
856
857 $perms = Post::i('is_admin');
858 if ($user['perms'] != $perms) {
859 XDB::query('UPDATE groupex.membres SET perms={?}
860 WHERE uid={?} AND asso_id={?}',
861 $perms ? 'admin' : 'membre',
862 $user['uid'], $globals->asso('id'));
863 $user['perms'] = $perms;
864 $page->trig('permissions modifiées');
865 }
866
867 foreach (Env::v('ml1', array()) as $ml => $state) {
868 $ask = empty($_REQUEST['ml2'][$ml]) ? 0 : 2;
869 if ($ask == $state) {
870 if ($state && $email_changed) {
871 $mmlist->replace_email($ml, $from_email, $user['email2']);
872 $page->trig("L'abonnement de {$user['prenom']} {$user['nom']} à $ml@ a été mis à jour");
873 }
874 continue;
875 }
876 if ($state == '1') {
877 $page->trig("{$user['prenom']} {$user['nom']} a "
878 ."actuellement une demande d'inscription en "
879 ."cours sur <strong>$ml@</strong> !!!");
880 } elseif ($ask) {
881 $mmlist->mass_subscribe($ml, Array($user['email2']));
882 $page->trig("{$user['prenom']} {$user['nom']} a été abonné à $ml@");
883 } else {
884 if ($email_changed) {
885 $mmlist->mass_unsubscribe($ml, Array($from_email));
886 } else {
887 $mmlist->mass_unsubscribe($ml, Array($user['email2']));
888 }
889 $page->trig("{$user['prenom']} {$user['nom']} a été désabonné de $ml@");
890 }
891 }
892
893 foreach (Env::v('ml3', array()) as $ml => $state) {
894 $ask = !empty($_REQUEST['ml4'][$ml]);
895 if($state == $ask) continue;
896 if($ask) {
897 XDB::query("INSERT INTO virtual_redirect (vid,redirect)
898 SELECT vid,{?} FROM virtual WHERE alias={?}",
899 $user['email'], $ml);
900 $page->trig("{$user['prenom']} {$user['nom']} a été abonné à $ml");
901 } else {
902 XDB::query("DELETE FROM virtual_redirect
903 USING virtual_redirect
904 INNER JOIN virtual USING(vid)
905 WHERE redirect={?} AND alias={?}",
906 $user['email'], $ml);
907 $page->trig("{$user['prenom']} {$user['nom']} a été désabonné de $ml");
908 }
909 }
910 }
911
912 $page->assign('user', $user);
913 $listes = $mmlist->get_lists($user['email2']);
914 $page->assign('listes', $listes);
915
916 $res = XDB::query(
917 'SELECT alias, redirect IS NOT NULL as sub
918 FROM virtual AS v
919 LEFT JOIN virtual_redirect AS vr ON(v.vid=vr.vid AND redirect={?})
920 WHERE alias LIKE {?} AND type="user"',
921 $user['email'], '%@'.$globals->asso('mail_domain'));
922 $page->assign('alias', $res->fetchAllAssoc());
923 }
924
925 function handler_rss(&$page, $user = null, $hash = null)
926 {
927 global $globals;
928 require_once('rss.inc.php');
929 require_once('url_catcher.inc.php');
930 $uid = init_rss('xnet/groupe/announce-rss.tpl', $user, $hash, false);
931 $page->register_modifier('url_catcher', 'url_catcher');
932
933 if ($uid) {
934 $rss = XDB::iterator("SELECT a.id, a.titre, a.texte, a.contacts, a.create_date,
935 IF(u2.nom_usage != '', u2.nom_usage, u2.nom) AS nom, u2.prenom, u2.promo
936 FROM auth_user_md5 AS u
937 INNER JOIN groupex.announces AS a ON ( (a.promo_min = 0 OR a.promo_min <= u.promo)
938 AND (a.promo_max = 0 OR a.promo_max <= u.promo))
939 INNER JOIN auth_user_md5 AS u2 ON (u2.user_id = a.user_id)
940 WHERE u.user_id = {?} AND peremption >= NOW() AND a.asso_id = {?}",
941 $uid, $globals->asso('id'));
942 } else {
943 $rss = XDB::iterator("SELECT a.id, a.titre, a.texte, a.create_date,
944 IF(u.nom_usage != '', u.nom_usage, u.nom) AS nom, u.prenom, u.promo
945 FROM groupex.announces AS a
946 INNER JOIN auth_user_md5 AS u USING(user_id)
947 WHERE FIND_IN_SET(a.flags, 'public') AND peremption >= NOW() AND a.asso_id = {?}",
948 $globals->asso('id'));
949 }
950 $page->assign('asso', $globals->asso());
951 $page->assign('rss', $rss);
952 }
953
954 function handler_edit_announce(&$page, $aid = null)
955 {
956 global $globals, $platal;
957 new_groupadmin_page('xnet/groupe/announce-edit.tpl');
958 $page->assign('new', is_null($aid));
959 $art = array();
960
961 if (Post::v('valid') == 'Visualiser' || Post::v('valid') == 'Enregistrer') {
962 if (!is_null($aid)) {
963 $art['id'] = $aid;
964 }
965 $art['titre'] = Post::v('titre');
966 $art['texte'] = Post::v('texte');
967 $art['contacts'] = Post::v('contacts');
968 $art['promo_min'] = Post::i('promo_min');
969 $art['promo_max'] = Post::i('promo_max');
970 $art['nom'] = S::v('nom');
971 $art['prenom'] = S::v('prenom');
972 $art['promo'] = S::v('promo');
973 $art['forlife'] = S::v('forlife');
974 $art['peremption'] = Post::v('peremption');
975 $art['public'] = Post::has('public');
976 $art['xorg'] = Post::has('xorg');
977 $art['nl'] = Post::has('nl');
978 $art['event'] = Post::v('event');
979
980 $art['contact_html'] = $art['contacts'];
981 if ($art['event']) {
982 $art['contact_html'] .= "\n{$globals->baseurl}/{$platal->ns}events/sub/{$art['event']}";
983 }
984
985 if (!$art['public'] &&
986 ($art['promo_min'] > $art['promo_max'] ||
987 ($art['promo_min'] != 0 && ($art['promo_min'] <= 1900 || $art['promo_min'] >= 2020)) ||
988 ($art['promo_max'] != 0 && ($art['promo_max'] <= 1900 || $art['promo_max'] >= 2020))))
989 {
990 $page->trig("L'intervalle de promotions est invalide");
991 Post::kill('valid');
992 }
993 }
994
995 if (Post::v('valid') == 'Enregistrer') {
996 $promo_min = ($art['public'] ? 0 : $art['promo_min']);
997 $promo_max = ($art['public'] ? 0 : $art['promo_max']);
998 if (is_null($aid)) {
999 XDB::query("INSERT INTO groupex.announces
1000 (user_id, asso_id, create_date, titre, texte, contacts,
1001 peremption, promo_min, promo_max, flags)
1002 VALUES ({?}, {?}, NOW(), {?}, {?}, {?}, {?}, {?}, {?}, {?})",
1003 S::i('uid'), $globals->asso('id'), $art['titre'], $art['texte'], $art['contact_html'],
1004 $art['peremption'], $promo_min, $promo_max, $art['public'] ? 'public' : '');
1005 $aid = XDB::insertId();
1006 if ($art['xorg']) {
1007 require_once('validations.inc.php');
1008 require_once('url_catcher.inc.php');
1009 $article = new EvtReq("[{$globals->asso('nom')}] " . $art['titre'],
1010 url_catcher($art['texte'] . (!empty($art['contact_html']) ? "\n\nContacts :\n" . $art['contact_html'] : "")),
1011 $art['promo_min'], $art['promo_max'], $art['peremption'], "", S::v('uid'));
1012 $article->submit();
1013 $page->trig("L'affichage sur la page d'accueil de Polytechnique.org est en attente de validation");
1014 }
1015 if ($art['nl']) {
1016 require_once('validations.inc.php');
1017 $article = new NLReq(S::v('uid'), $globals->asso('nom') . " : " .$art['titre'],
1018 $art['texte'], $art['contact_html']);
1019 $article->submit();
1020 $page->trig("La parution dans la Lettre Mensuelle est en attente de validation");
1021 }
1022 } else {
1023 XDB::query("UPDATE groupex.announces
1024 SET titre={?}, texte={?}, contacts={?}, peremption={?},
1025 promo_min={?}, promo_max={?}, flags={?}
1026 WHERE id={?} AND asso_id={?}",
1027 $art['titre'], $art['texte'], $art['contacts'], $art['peremption'],
1028 $promo_min, $promo_max, $art['public'] ? 'public' : '',
1029 $art['id'], $globals->asso('id'));
1030 }
1031 }
1032 if (Post::v('valid') == 'Enregistrer' || Post::v('valid') == 'Annuler') {
1033 pl_redirect("");
1034 }
1035
1036 if (empty($art) && !is_null($aid)) {
1037 $res = XDB::query("SELECT a.*, u.nom, u.prenom, u.promo, l.alias AS forlife,
1038 FIND_IN_SET(a.flags, 'public') AS public
1039 FROM groupex.announces AS a
1040 INNER JOIN auth_user_md5 AS u USING(user_id)
1041 INNER JOIN aliases AS l ON (l.id = u.user_id AND l.type = 'a_vie')
1042 WHERE asso_id = {?} AND a.id = {?}",
1043 $globals->asso('id'), $aid);
1044 if ($res->numRows()) {
1045 $art = $res->fetchOneAssoc();
1046 $art['contact_html'] = $art['contacts'];
1047 } else {
1048 $page->kill("Aucun article correspond à l'identifiant indiqué");
1049 }
1050 }
1051
1052 $select = '';
1053 for ($i = 1 ; $i < 30 ; $i++) {
1054 $time = time() + 3600 * 24 * $i;
1055 $p_stamp = date('Ymd', $time);
1056 $year = date('Y', $time);
1057 $month = date('m', $time);
1058 $day = date('d', $time);
1059
1060 $select .= "<option value=\"$p_stamp\"";
1061 if ($p_stamp == strtr(@$art['peremption'], array("-" => ""))) {
1062 $select .= " selected='selected'";
1063 }
1064 $select .= "> $day / $month / $year</option>\n";
1065 }
1066 $page->assign('select', $select);
1067
1068 if (is_null($aid)) {
1069 $events = XDB::iterator("SELECT *
1070 FROM groupex.evenements
1071 WHERE asso_id = {?} AND archive = 0",
1072 $globals->asso('id'));
1073 if ($events->total()) {
1074 $page->assign('events', $events);
1075 }
1076 }
1077
1078 require_once('url_catcher.inc.php');
1079 $art['contact_html'] = url_catcher($art['contact_html']);
1080 $page->assign('art', $art);
1081 }
1082
1083 function handler_admin_announce(&$page)
1084 {
1085 global $globals;
1086 new_groupadmin_page('xnet/groupe/announce-admin.tpl');
1087
1088 if (Env::has('del')) {
1089 XDB::execute("DELETE FROM groupex.announces
1090 WHERE id = {?} AND asso_id = {?}",
1091 Env::i('del'), $globals->asso('id'));
1092 }
1093 $res = XDB::iterator("SELECT a.id, a.titre, a.peremption, a.peremption < CURRENT_DATE() AS perime
1094 FROM groupex.announces AS a
1095 WHERE a.asso_id = {?}
1096 ORDER BY a.peremption DESC",
1097 $globals->asso('id'));
1098 $page->assign('articles', $res);
1099 }
1100 }
1101
1102 ?>
plat/al