projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge remote branch 'origin/platal-1.0.0'
[platal.git] / modules / xnetgrp.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2010 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22
23 class XnetGrpModule extends PLModule
24 {
25 function handlers()
26 {
27 return array(
28 '%grp' => $this->make_hook('index', AUTH_PUBLIC),
29 '%grp/asso.php' => $this->make_hook('index', AUTH_PUBLIC),
30 '%grp/logo' => $this->make_hook('logo', AUTH_PUBLIC),
31 '%grp/site' => $this->make_hook('site', AUTH_PUBLIC),
32 '%grp/edit' => $this->make_hook('edit', AUTH_MDP, 'groupadmin'),
33 '%grp/mail' => $this->make_hook('mail', AUTH_MDP, 'groupadmin'),
34 '%grp/forum' => $this->make_hook('forum', AUTH_MDP, 'groupmember'),
35 '%grp/annuaire' => $this->make_hook('annuaire', AUTH_MDP, 'groupannu'),
36 '%grp/annuaire/vcard' => $this->make_hook('vcard', AUTH_MDP, 'groupmember:groupannu'),
37 '%grp/annuaire/csv' => $this->make_hook('csv', AUTH_MDP, 'groupmember:groupannu'),
38 '%grp/trombi' => $this->make_hook('trombi', AUTH_MDP, 'groupannu'),
39 '%grp/geoloc' => $this->make_hook('geoloc', AUTH_MDP, 'groupannu'),
40 '%grp/subscribe' => $this->make_hook('subscribe', AUTH_MDP),
41 '%grp/subscribe/valid' => $this->make_hook('subscribe_valid', AUTH_MDP, 'groupadmin'),
42 '%grp/unsubscribe' => $this->make_hook('unsubscribe', AUTH_MDP, 'groupmember'),
43
44 '%grp/change_rights' => $this->make_hook('change_rights', AUTH_MDP),
45 '%grp/admin/annuaire' => $this->make_hook('admin_annuaire', AUTH_MDP, 'groupadmin'),
46 '%grp/member' => $this->make_hook('admin_member', AUTH_MDP, 'groupadmin'),
47 '%grp/member/new' => $this->make_hook('admin_member_new', AUTH_MDP, 'groupadmin'),
48 '%grp/member/new/ajax' => $this->make_hook('admin_member_new_ajax', AUTH_MDP, 'user', NO_AUTH),
49 '%grp/member/del' => $this->make_hook('admin_member_del', AUTH_MDP, 'groupadmin'),
50
51 '%grp/rss' => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS),
52 '%grp/announce/new' => $this->make_hook('edit_announce', AUTH_MDP, 'groupadmin'),
53 '%grp/announce/edit' => $this->make_hook('edit_announce', AUTH_MDP, 'groupadmin'),
54 '%grp/announce/photo' => $this->make_hook('photo_announce', AUTH_PUBLIC),
55 '%grp/admin/announces' => $this->make_hook('admin_announce', AUTH_MDP, 'groupadmin'),
56 );
57 }
58
59 function handler_index(&$page, $arg = null)
60 {
61 global $globals, $platal;
62 if (!is_null($arg)) {
63 return PL_NOT_FOUND;
64 }
65 $page->changeTpl('xnetgrp/asso.tpl');
66
67 if (S::logged()) {
68 if (Env::has('read')) {
69 XDB::query('DELETE r.*
70 FROM group_announces_read AS r
71 INNER JOIN group_announces AS a ON (a.id = r.announce_id)
72 WHERE expiration < CURRENT_DATE()');
73 XDB::query('INSERT INTO group_announces_read
74 VALUES ({?}, {?})',
75 Env::i('read'), S::i('uid'));
76 pl_redirect("");
77 }
78 if (Env::has('unread')) {
79 XDB::query('DELETE FROM group_announces_read
80 WHERE announce_id = {?} AND uid = {?}',
81 Env::i('unread'), S::i('uid'));
82 pl_redirect("#art" . Env::i('unread'));
83 }
84
85 /* TODO: refines this filter on promotions by using userfilter. */
86 $user = S::user();
87 if ($user->hasProfile()) {
88 $promo = XDB::format('{?}', $user->profile()->entry_year);
89 $minCondition = ' OR promo_min <= ' . $promo;
90 $maxCondition = ' OR promo_max >= ' . $promo;
91 } else {
92 $minCondition = '';
93 $maxCondition = '';
94 }
95 $arts = XDB::iterator('SELECT a.*, FIND_IN_SET(\'photo\', a.flags) AS photo
96 FROM group_announces AS a
97 LEFT JOIN group_announces_read AS r ON (r.uid = {?} AND r.announce_id = a.id)
98 WHERE asso_id = {?} AND expiration >= CURRENT_DATE()
99 AND (promo_min = 0' . $minCondition . ')
100 AND (promo_max = 0' . $maxCondition . ')
101 AND r.announce_id IS NULL
102 ORDER BY a.expiration',
103 S::i('uid'), $globals->asso('id'));
104 $index = XDB::iterator('SELECT a.id, a.titre, r.uid IS NULL AS nonlu
105 FROM group_announces AS a
106 LEFT JOIN group_announces_read AS r ON (a.id = r.announce_id AND r.uid = {?})
107 WHERE asso_id = {?} AND expiration >= CURRENT_DATE()
108 AND (promo_min = 0' . $minCondition . ')
109 AND (promo_max = 0' . $maxCondition . ')
110 ORDER BY a.expiration',
111 S::i('uid'), $globals->asso('id'));
112 $page->assign('article_index', $index);
113 } else {
114 $arts = XDB::iterator("SELECT *, FIND_IN_SET('photo', flags) AS photo
115 FROM group_announces
116 WHERE asso_id = {?} AND expiration >= CURRENT_DATE()
117 AND FIND_IN_SET('public', flags)",
118 $globals->asso('id'));
119 }
120 if (may_update()) {
121 $subs_valid = XDB::query("SELECT uid
122 FROM group_member_sub_requests
123 WHERE asso_id = {?}",
124 $globals->asso('id'));
125 $page->assign('requests', $subs_valid->numRows());
126 }
127
128 if (!S::hasAuthToken()) {
129 $page->setRssLink("Polytechnique.net :: {$globals->asso("nom")} :: News publiques",
130 $platal->ns . "rss/rss.xml");
131 } else {
132 $page->setRssLink("Polytechnique.net :: {$globals->asso("nom")} :: News",
133 $platal->ns . 'rss/'.S::v('hruid') .'/'.S::v('token').'/rss.xml');
134 }
135
136 $page->assign('articles', $arts);
137 }
138
139 function handler_logo(&$page)
140 {
141 global $globals;
142 $globals->asso()->getLogo()->send();
143 }
144
145 function handler_site(&$page)
146 {
147 global $globals;
148 $site = $globals->asso('site');
149 if (!$site) {
150 $page->trigError('Le groupe n\'a pas de site web.');
151 return $this->handler_index($page);
152 }
153 http_redirect($site);
154 exit;
155 }
156
157 function handler_edit(&$page)
158 {
159 global $globals;
160 $page->changeTpl('xnetgrp/edit.tpl');
161
162 if (Post::has('submit')) {
163 S::assert_xsrf_token();
164
165 $flags = new PlFlagSet('wiki_desc');
166 $flags->addFlag('notif_unsub', Post::i('notif_unsub') == 1);
167 $site = Post::t('site');
168 if ($site && ($site != "http://")) {
169 $scheme = parse_url($site, PHP_URL_SCHEME);
170 if (!$scheme) {
171 $site = "http://" . $site;
172 }
173 } else {
174 $site = "";
175 }
176 if (S::admin()) {
177 $page->assign('super', true);
178
179 if (Post::v('mail_domain') && (strstr(Post::v('mail_domain'), '.') === false)) {
180 $page->trigError('Le domaine doit être un FQDN (aucune modification effectuée)&nbsp;!!!');
181 return;
182 }
183 if (Post::t('nom') == '' || Post::t('diminutif') == '') {
184 $page->trigError('Ni le nom ni le diminutif du groupe ne peuvent être vide.');
185 return;
186 }
187 XDB::execute(
188 "UPDATE groups
189 SET nom={?}, diminutif={?}, cat={?}, dom={?},
190 descr={?}, site={?}, mail={?}, resp={?},
191 forum={?}, mail_domain={?}, ax={?}, pub={?},
192 sub_url={?}, inscriptible={?}, unsub_url={?},
193 flags={?}
194 WHERE id={?}",
195 Post::v('nom'), Post::v('diminutif'),
196 Post::v('cat'), Post::i('dom'),
197 Post::v('descr'), $site,
198 Post::v('mail'), Post::v('resp'),
199 Post::v('forum'), Post::v('mail_domain'),
200 Post::has('ax'), Post::v('pub'),
201 Post::v('sub_url'), Post::v('inscriptible'),
202 Post::v('unsub_url'), $flags, $globals->asso('id'));
203 if (Post::v('mail_domain')) {
204 XDB::execute('INSERT IGNORE INTO virtual_domains (domain) VALUES({?})',
205 Post::v('mail_domain'));
206 }
207 } else {
208 XDB::execute(
209 "UPDATE groups
210 SET descr={?}, site={?}, mail={?}, resp={?},
211 forum={?}, pub= {?}, sub_url={?},
212 unsub_url={?},flags={?}
213 WHERE id={?}",
214 Post::v('descr'), $site,
215 Post::v('mail'), Post::v('resp'),
216 Post::v('forum'), Post::v('pub'),
217 Post::v('sub_url'), Post::v('unsub_url'),
218 $flags, $globals->asso('id'));
219 }
220
221
222 if ($_FILES['logo']['name']) {
223 $upload = PlUpload::get($_FILES['logo'], $globals->asso('id'), 'asso.logo', true);
224 if (!$upload) {
225 $page->trigError("Impossible de télécharger le logo.");
226 } else {
227 XDB::execute('UPDATE groups
228 SET logo = {?}, logo_mime = {?}
229 WHERE id = {?}', $upload->getContents(), $upload->contentType(),
230 $globals->asso('id'));
231 $upload->rm();
232 }
233 }
234
235 pl_redirect('../' . Post::v('diminutif', $globals->asso('diminutif')) . '/edit');
236 }
237
238 if (S::admin()) {
239 $dom = XDB::iterator('SELECT *
240 FROM group_dom
241 ORDER BY nom');
242 $page->assign('dom', $dom);
243 $page->assign('super', true);
244 }
245 }
246
247 function handler_mail(&$page)
248 {
249 global $globals;
250
251 $page->changeTpl('xnetgrp/mail.tpl');
252 $mmlist = new MMList(S::v('uid'), S::v('password'),
253 $globals->asso('mail_domain'));
254 $page->assign('listes', $mmlist->get_lists());
255 $page->assign('user', S::user());
256 $page->addJsLink('ajax.js');
257
258 if (Post::has('send')) {
259 S::assert_xsrf_token();
260 $from = Post::v('from');
261 $sujet = Post::v('sujet');
262 $body = Post::v('body');
263
264 $mls = array_keys(Env::v('ml', array()));
265 $mbr = array_keys(Env::v('membres', array()));
266
267 $this->load('mail.inc.php');
268 set_time_limit(120);
269 $tos = get_all_redirects($mbr, $mls, $mmlist);
270
271 $upload = PlUpload::get($_FILES['uploaded'], S::user()->login(), 'xnet.emails', true);
272 if (!$upload && @$_FILES['uploaded']['name'] && PlUpload::$lastError != null) {
273 $page->trigError(PlUpload::$lastError);
274 return;
275 }
276
277 send_xnet_mails($from, $sujet, $body, Env::v('wiki'), $tos, Post::v('replyto'), $upload, @$_FILES['uploaded']['name']);
278 if ($upload) {
279 $upload->rm();
280 }
281 $page->killSuccess("Email envoyé&nbsp;!");
282 $page->assign('sent', true);
283 }
284 }
285
286 function handler_forum(&$page, $group = null, $artid = null)
287 {
288 global $globals;
289 $page->changeTpl('xnetgrp/forum.tpl');
290 if (!$globals->asso('forum')) {
291 return PL_NOT_FOUND;
292 }
293 require_once 'banana/forum.inc.php';
294 $get = array();
295 get_banana_params($get, $globals->asso('forum'), $group, $artid);
296 run_banana($page, 'ForumsBanana', $get);
297 }
298
299 function handler_annuaire(&$page, $action = null, $subaction = null)
300 {
301 global $globals;
302
303 if ($action == 'trombi') {
304 __autoload('userset');
305 if ($action == 'trombi') {
306 $view = new ProfileSet(new UFC_Group($globals->asso('id')));
307 } else {
308 $view = new UserSet(new UFC_Group($globals->asso('id')));
309 }
310 $view->addMod('trombi', 'Trombinoscope');
311 $view->apply('annuaire', $page, $action, $subaction);
312 $page->changeTpl('xnetgrp/annuaire.tpl');
313 $count = XDB::fetchOneCell('SELECT COUNT(*)
314 FROM group_members
315 WHERE asso_id = {?}',
316 $globals->asso('id'));
317 $page->assign('nb_tot', $count);
318 return;
319 }
320
321 $page->changeTpl('xnetgrp/annuaire.tpl');
322 $sort = Env::s('order', 'directory_name');
323 $ofs = Env::i('offset');
324 if ($ofs < 0) {
325 $ofs = 0;
326 }
327
328 $sdesc = $sort{0} == '-';
329 $sf = $sdesc ? substr($sort, 1) : $sort;
330 if ($sf == 'promo') {
331 $se = new UFO_Promo(null, $sdesc);
332 } else {
333 $se = new UFO_Name($sf, null, null, $sdesc);
334 }
335
336 if (Env::b('admin')) {
337 $uf = $globals->asso()->getAdminsFilter(null, $se);
338 } else {
339 $uf = $globals->asso()->getMembersFilter(null, $se);
340 }
341 $users = $uf->getUsers(new PlLimit(NB_PER_PAGE, $ofs * NB_PER_PAGE));
342 $count = $uf->getTotalCount();
343
344 $page->assign('nb_tot', $count);
345 $page->assign('pages', floor(($count + NB_PER_PAGE - 1) / NB_PER_PAGE));
346 $page->assign('current', $ofs);
347 $page->assign('order', $sort);
348 $page->assign('users', $users);
349 $page->assign('only_admin', Env::b('admin'));
350 }
351
352 function handler_trombi(&$page)
353 {
354 pl_redirect('annuaire/trombi');
355 }
356
357 function handler_geoloc(&$page)
358 {
359 pl_redirect('annuaire/geoloc');
360 }
361
362 function handler_vcard(&$page, $photos = null)
363 {
364 global $globals;
365 $vcard = new VCard($photos == 'photos', 'Membre du groupe ' . $globals->asso('nom'));
366 $vcard->addProfiles($globals->asso()->getMembersFilter()->getProfiles());
367 $vcard->show();
368 }
369
370 function handler_csv(&$page, $filename = null)
371 {
372 global $globals;
373 if (is_null($filename)) {
374 $filename = $globals->asso('diminutif') . '.csv';
375 }
376 $users = $globals->asso()->getMembersFilter(null, new UFO_Name('directory_name'))->getUsers();
377 pl_content_headers("text/x-csv");
378 $page->changeTpl('xnetgrp/annuaire-csv.tpl', NO_SKIN);
379 $page->assign('users', $users);
380 }
381
382 private function removeSubscriptionRequest($uid)
383 {
384 global $globals;
385 XDB::execute("DELETE FROM group_member_sub_requests
386 WHERE asso_id = {?} AND uid = {?}",
387 $globals->asso('id'), $uid);
388 }
389
390 private function validSubscription(User &$user)
391 {
392 global $globals;
393 $this->removeSubscriptionRequest($user->id());
394 XDB::execute("INSERT IGNORE INTO group_members (asso_id, uid)
395 VALUES ({?}, {?})",
396 $globals->asso('id'), $user->id());
397 if (XDB::affectedRows() == 1) {
398 $mailer = new PlMailer();
399 $mailer->addTo($user->forlifeEmail());
400 $mailer->setFrom('"' . S::user()->fullName() . '" <' . S::user()->forlifeEmail() . '>');
401 $mailer->setSubject('[' . $globals->asso('nom') . '] Demande d\'inscription');
402 $message = ($user->isFemale() ? 'Chère' : 'Cher') . " Camarade,\n"
403 . "\n"
404 . " Suite à ta demande d'adhésion à " . $globals->asso('nom') . ",\n"
405 . "j'ai le plaisir de t'annoncer que ton inscription a été validée !\n"
406 . "\n"
407 . "Bien cordialement,\n"
408 . "-- \n"
409 . S::user()->fullName() . '.';
410 $mailer->setTxtBody($message);
411 $mailer->send();
412 }
413 }
414
415 function handler_subscribe(&$page, $u = null)
416 {
417 global $globals;
418 $page->changeTpl('xnetgrp/inscrire.tpl');
419
420 if (!$globals->asso('inscriptible'))
421 $page->kill("Il n'est pas possible de s'inscire en ligne à ce "
422 ."groupe. Essaie de joindre le contact indiqué "
423 ."sur la page de présentation.");
424
425 if (!is_null($u) && may_update()) {
426 $user = User::get($u);
427 if (!$user) {
428 return PL_NOT_FOUND;
429 } else {
430 $page->assign('user', $user);
431 }
432
433 // Retrieves the subscription status, and the reason.
434 $res = XDB::query("SELECT reason
435 FROM group_member_sub_requests
436 WHERE asso_id = {?} AND uid = {?}",
437 $globals->asso('id'), $user->id());
438 $reason = ($res->numRows() ? $res->fetchOneCell() : null);
439
440 $res = XDB::query("SELECT COUNT(*)
441 FROM group_members
442 WHERE asso_id = {?} AND uid = {?}",
443 $globals->asso('id'), $user->id());
444 $already_member = ($res->fetchOneCell() > 0);
445
446 // Handles the membership request.
447 if ($already_member) {
448 $this->removeSubscriptionRequest($user->id());
449 $page->kill($user->fullName() . ' est déjà membre du groupe&nbsp;!');
450 } elseif (Env::has('accept')) {
451 S::assert_xsrf_token();
452
453 $this->validSubscription($user);
454 pl_redirect("member/" . $user->login());
455 } elseif (Env::has('refuse')) {
456 S::assert_xsrf_token();
457
458 $this->removeSubscriptionRequest($user->id());
459 $mailer = new PlMailer();
460 $mailer->addTo($user->forlifeEmail());
461 $mailer->setFrom('"' . S::user()->fullName() . '" <' . S::user()->forlifeEmail() . '>');
462 $mailer->setSubject('['.$globals->asso('nom').'] Demande d\'inscription annulée');
463 $mailer->setTxtBody(Env::v('motif'));
464 $mailer->send();
465 $page->killSuccess("La demande de {$user->fullName()} a bien été refusée.");
466 } else {
467 $page->assign('show_form', true);
468 $page->assign('reason', $reason);
469 }
470 return;
471 }
472
473 if (is_member()) {
474 $page->kill("Tu es déjà membre&nbsp;!");
475 return;
476 }
477
478 $res = XDB::query("SELECT uid
479 FROM group_member_sub_requests
480 WHERE uid = {?} AND asso_id = {?}",
481 S::i('uid'), $globals->asso('id'));
482 if ($res->numRows() != 0) {
483 $page->kill("Tu as déjà demandé ton inscription à ce groupe. Cette demande est actuellement en attente de validation.");
484 return;
485 }
486
487 if (Post::has('inscrire')) {
488 S::assert_xsrf_token();
489
490 XDB::execute("INSERT INTO group_member_sub_requests (asso_id, uid, ts, reason)
491 VALUES ({?}, {?}, NOW(), {?})",
492 $globals->asso('id'), S::i('uid'), Post::v('message'));
493 $uf = New UserFilter(New UFC_Group($globals->asso('id'), true));
494 $admins = $uf->iterUsers();
495 $admin = $admins->next();
496 $to = $admin->bestalias;
497 while ($admin = $admins->next()) {
498 $to .= ', ' . $admin->bestalias;
499 }
500
501 $append = "\n"
502 . "-- \n"
503 . "Ce message a été envoyé suite à la demande d'inscription de\n"
504 . S::user()->fullName() . ' (X' . S::v('promo') . ")\n"
505 . "Via le site www.polytechnique.net. Tu peux choisir de valider ou\n"
506 . "de refuser sa demande d'inscription depuis la page :\n"
507 . "http://www.polytechnique.net/" . $globals->asso("diminutif") . "/subscribe/" . S::user()->login() . "\n"
508 . "\n"
509 . "En cas de problème, contacter l'équipe de Polytechnique.org\n"
510 . "à l'adresse : support@polytechnique.org\n";
511
512 if (!$to) {
513 $to = ($globals->asso('mail') != '') ? $globals->asso('mail') . ', ' : '';
514 $to .= 'support@polytechnique.org';
515 $append = "\n-- \nLe groupe ".$globals->asso("nom")
516 ." n'a pas d'administrateur, l'équipe de"
517 ." Polytechnique.org a été prévenue et va rapidement"
518 ." résoudre ce problème.\n";
519 }
520
521 $mailer = new PlMailer();
522 $mailer->addTo($to);
523 $mailer->setFrom('"' . S::user()->fullName() . '" <' . S::user()->forlifeEmail() . '>');
524 $mailer->setSubject('['.$globals->asso('nom').'] Demande d\'inscription');
525 $mailer->setTxtBody(Post::v('message').$append);
526 $mailer->send();
527 }
528 }
529
530 function handler_subscribe_valid(&$page)
531 {
532 global $globals;
533
534 if (Post::has('valid')) {
535 S::assert_xsrf_token();
536 $subs = Post::v('subs');
537 if (is_array($subs)) {
538 $users = array();
539 foreach ($subs as $hruid => $val) {
540 if ($val == '1') {
541 $user = User::get($hruid);
542 if ($user) {
543 $this->validSubscription($user);
544 }
545 }
546 }
547 }
548 }
549
550 $it = XDB::iterator('SELECT s.uid, a.hruid, s.ts AS date
551 FROM group_member_sub_requests AS s
552 INNER JOIN accounts AS a ON(s.uid = a.uid)
553 WHERE s.asso_id = {?}
554 ORDER BY s.ts', $globals->asso('id'));
555 $page->changeTpl('xnetgrp/subscribe-valid.tpl');
556 $page->assign('valid', $it);
557 }
558
559 function handler_change_rights(&$page)
560 {
561 if (Env::has('right') && (may_update() || S::suid())) {
562 switch (Env::v('right')) {
563 case 'admin':
564 Platal::session()->stopSUID();
565 break;
566 case 'anim':
567 Platal::session()->doSelfSuid();
568 may_update(true);
569 is_member(true);
570 break;
571 case 'member':
572 Platal::session()->doSelfSuid();
573 may_update(false, true);
574 is_member(true);
575 break;
576 case 'logged':
577 Platal::session()->doSelfSuid();
578 may_update(false, true);
579 is_member(false, true);
580 break;
581 }
582 }
583 http_redirect($_SERVER['HTTP_REFERER']);
584 }
585
586 function handler_admin_annuaire(&$page)
587 {
588 global $globals;
589
590 $this->load('mail.inc.php');
591 $page->changeTpl('xnetgrp/annuaire-admin.tpl');
592 $user = S::user();
593 $mmlist = new MMList($user, $globals->asso('mail_domain'));
594 $lists = $mmlist->get_lists();
595 if (!$lists) $lists = array();
596 $listes = array_map(create_function('$arr', 'return $arr["list"];'), $lists);
597
598 $subscribers = array();
599
600 foreach ($listes as $list) {
601 list(,$members) = $mmlist->get_members($list);
602 $mails = array_map(create_function('$arr', 'return $arr[1];'), $members);
603 $subscribers = array_unique(array_merge($subscribers, $mails));
604 }
605
606 $not_in_group_x = array();
607 $not_in_group_ext = array();
608
609 foreach ($subscribers as $mail) {
610 $uf = new UserFilter(new PFC_And(new UFC_Group($globals->asso('id')),
611 new UFC_Email($mail)));
612 if ($uf->getTotalCount() == 0) {
613 if (User::isForeignEmailAddress($mail)) {
614 $not_in_group_ext[] = $mail;
615 } else {
616 $not_in_group_x[] = $mail;
617 }
618 }
619 }
620
621 $page->assign('not_in_group_ext', $not_in_group_ext);
622 $page->assign('not_in_group_x', $not_in_group_x);
623 $page->assign('lists', $lists);
624 }
625
626 function handler_admin_member_new(&$page, $email = null)
627 {
628 global $globals;
629
630 $page->changeTpl('xnetgrp/membres-add.tpl');
631 $page->addJsLink('ajax.js');
632
633 if (is_null($email)) {
634 return;
635 }
636
637 S::assert_xsrf_token();
638
639 // Finds or creates account
640 if (!User::isForeignEmailAddress($email)) {
641 // standard x account
642 $user = User::get($email);
643 } else if (!isvalid_email($email)) {
644 // email might not be a regular email but an alias or a hruid
645 $user = User::get($email);
646 if (!$user) {
647 // need a valid email address
648 $page->trigError("«&nbsp;<strong>$email</strong>&nbsp;» n'est pas une adresse email valide.");
649 return;
650 }
651 } else if (Env::v('x') && Env::i('userid')) {
652 // user is an x but might not yet be registered
653 $user = User::getWithUID(Env::i('userid'));
654 if (!$user) {
655 $page->trigError("Utilisateur invalide");
656 return;
657 }
658 // add email for marketing if unknown
659 if ($user->state == 'pending' && Env::v('market')) {
660 $market = Marketing::get($user->uid, $email);
661 if (!$market) {
662 $market = new Marketing($user->uid, $email, 'group', $globals->asso('nom'),
663 Env::v('market_from'), S::v('uid'));
664 $market->add();
665 }
666 }
667 } else {
668 // user is not an x
669 $hruid = strtolower(str_replace('@','.',$email).'.ext');
670 // might already exists (in another group for example)
671 $user = User::get($hruid);
672 if (empty($user)) {
673 // creates new account: build names from email address
674 $display_name = ucwords(strtolower(substr($hruid, strpos('.', $hruid))));
675 $full_name = ucwords(strtolower(str_replace('.', ' ',substr($email, strpos('@', $email)))));
676 XDB::execute("INSERT INTO accounts (hruid, display_name, full_name, email, type)
677 VALUES({?}, {?}, {?}, {?}, 'xnet')",
678 $hruid, $display_name, $full_name, $email);
679 $user = User::get($hruid);
680 }
681 }
682 if ($user) {
683 XDB::execute("REPLACE INTO group_members (uid, asso_id)
684 VALUES ({?}, {?})",
685 $user->id(), $globals->asso('id'));
686 $this->removeSubscriptionRequest($user->id());
687 pl_redirect("member/" . $user->login());
688 }
689 }
690
691 function handler_admin_member_new_ajax(&$page)
692 {
693 pl_content_headers("text/html");
694 $page->changeTpl('xnetgrp/membres-new-search.tpl', NO_SKIN);
695 $users = array();
696 if (Env::has('login')) {
697 $user = User::getSilent(Env::t('login'));
698 if ($user && $user->state != 'pending') {
699 $users = array($user);
700 }
701 }
702 if (empty($users)) {
703 list($nom, $prenom) = str_replace(array('-', ' ', "'"), '%', array(Env::t('nom'), Env::t('prenom')));
704 $cond = new PFC_And(new PFC_Not(new UFC_Registered()));
705 if (!empty($nom)) {
706 $cond->addChild(new UFC_Name(Profile::LASTNAME, $nom, UFC_Name::CONTAINS));
707 }
708 if (!empty($prenom)) {
709 $cond->addChild(new UFC_Name(Profile::FIRSTNAME, $prenom, UFC_Name::CONTAINS));
710 }
711 if (Env::i('promo')) {
712 $cond->addChild(new UFC_Promo('=', UserFilter::GRADE_ING, Env::i('promo')));
713 }
714 $uf = new UserFilter($cond);
715 $users = $uf->getUsers(new PlLimit(30));
716 if ($uf->getTotalCount() > 30) {
717 $page->assign('too_many', true);
718 $users = array();
719 }
720 }
721 $page->assign('users', $users);
722 }
723
724 function unsubscribe(PlUser &$user)
725 {
726 global $globals;
727 XDB::execute("DELETE FROM group_members
728 WHERE uid = {?} AND asso_id = {?}",
729 $user->id(), $globals->asso('id'));
730
731 if ($globals->asso('notif_unsub')) {
732 $mailer = new PlMailer('xnetgrp/unsubscription-notif.mail.tpl');
733 $admins = $globals->asso()->iterAdmins();
734 while ($admin = $admins->next()) {
735 $mailer->addTo($admin);
736 }
737 $mailer->assign('group', $globals->asso('nom'));
738 $mailer->assign('user', $user);
739 $mailer->assign('selfdone', $user->id() == S::i('uid'));
740 $mailer->send();
741 }
742
743 $domain = $globals->asso('mail_domain');
744 if (!$domain) {
745 return true;
746 }
747
748 $mmlist = new MMList($user, $domain);
749 $listes = $mmlist->get_lists($user->forlifeEmail());
750
751 $may_update = may_update();
752 $warning = false;
753 if (is_array($listes)) {
754 foreach ($listes as $liste) {
755 if ($liste['sub'] == 2) {
756 if ($may_update) {
757 $mmlist->mass_unsubscribe($liste['list'], Array($user->forlifeEmail()));
758 } else {
759 $mmlist->unsubscribe($liste['list']);
760 }
761 } elseif ($liste['sub']) {
762 Platal::page()->trigWarning($user->fullName() . " a une"
763 ." demande d'inscription en cours sur la"
764 ." liste {$liste['list']}@ !");
765 $warning = true;
766 }
767 }
768 }
769
770 XDB::execute("DELETE FROM virtual_redirect
771 USING virtual_redirect
772 INNER JOIN virtual USING(vid)
773 WHERE redirect={?} AND alias LIKE {?}",
774 $user->forlifeEmail(), '%@'.$domain);
775 return !$warning;
776 }
777
778 function handler_unsubscribe(&$page)
779 {
780 $page->changeTpl('xnetgrp/membres-del.tpl');
781 $user = S::user();
782 $uid = S::user()->id();
783 if (empty($uid)) {
784 return PL_NOT_FOUND;
785 }
786 $page->assign('self', true);
787 $page->assign('user', $uid);
788
789 if (!Post::has('confirm')) {
790 return;
791 } else {
792 S::assert_xsrf_token();
793 }
794
795 if ($this->unsubscribe($user)) {
796 $page->trigSuccess('Vous avez été désinscrit du groupe avec succès.');
797 } else {
798 $page->trigWarning('Vous avez été désinscrit du groupe, mais des erreurs se sont produites lors des désinscriptions des alias et des listes de diffusion.');
799 }
800 $page->assign('is_member', is_member(true));
801 }
802
803 function handler_admin_member_del(&$page, $user = null)
804 {
805 $page->changeTpl('xnetgrp/membres-del.tpl');
806 $user = User::getSilent($user);
807 if (empty($user)) {
808 return PL_NOT_FOUND;
809 }
810 $page->assign('user', $user);
811
812 if (!Post::has('confirm')) {
813 return;
814 } else {
815 S::assert_xsrf_token();
816 }
817
818 if ($this->unsubscribe($user)) {
819 $page->trigSuccess("{$user->fullName()} a été désinscrit du groupe&nbsp;!");
820 } else {
821 $page->trigWarning("{$user->fullName()} a été désinscrit du groupe, mais des erreurs subsistent&nbsp;!");
822 }
823 }
824
825 private function changeLogin(PlPage &$page, PlUser &$user, MMList &$mmlist, $login)
826 {
827 // Search the uid of the user...
828 $xuser = User::getSilent($login);
829 if (!$xuser) {
830 $accounts = User::getPendingAccounts($login);
831 if (!$accounts) {
832 $page->trigError("L'identifiant $login ne correspond à aucun X.");
833 return false;
834 } else if (count($accounts) > 1) {
835 $page->trigError("L'identifiant $login correspond à plusieurs camarades.");
836 return false;
837 }
838 $xuser = User::getSilent($accounts[0]['uid']);
839 $sub = false;
840 }
841
842 if (!$xuser) {
843 return false;
844 }
845
846 $user->mergeIn($xuser);
847
848 return $xuser->login();
849 }
850
851 function handler_admin_member(&$page, $user)
852 {
853 global $globals;
854
855 $page->changeTpl('xnetgrp/membres-edit.tpl');
856
857 $user = User::getSilent($user);
858 if (empty($user)) {
859 return PL_NOT_FOUND;
860 }
861
862 $mmlist = new MMList($user, $globals->asso('mail_domain'));
863
864 if (Post::has('change')) {
865 S::assert_xsrf_token();
866
867 // Convert user status to X
868 if (!Post::blank('login_X')) {
869 $forlife = $this->changeLogin($page, $user, $mmlist, Post::t('login_X'));
870 if ($forlife) {
871 pl_redirect('member/' . $forlife);
872 }
873 }
874
875 // Update user info
876 $email_changed = (!$user->profile() && strtolower($user->forlifeEmail()) != strtolower(Post::v('email')));
877 $from_email = $user->forlifeEmail();
878 if (!$user->profile()) {
879 XDB::query('UPDATE accounts
880 SET full_name = {?}, directory_name = {?}, display_name = {?}, sex = {?}, email = {?}, type = {?}
881 WHERE uid = {?}',
882 Post::t('full_name'), Post::t('directory_name'), Post::t('display_name'), (Post::v('sex') == 'male')?'male':'female', Post::v('email'), (Post::v('type') == 'xnet')?'xnet':'virtual',
883 $user->id());
884 if (XDB::affectedRows()) {
885 $page->trigSuccess('Données de l\'utilisateur mise à jour.');
886 }
887 }
888
889 // Update group params for user
890 $perms = Post::v('group_perms');
891 $comm = Post::t('comm');
892 if ($user->group_perms != $perms || $user->group_comm != $comm) {
893 XDB::query('UPDATE group_members
894 SET perms = {?}, comm = {?}
895 WHERE uid = {?} AND asso_id = {?}',
896 ($perms == 'admin') ? 'admin' : 'membre', $comm,
897 $user->id(), $globals->asso('id'));
898 if ($perms != $user->group_perms) {
899 $page->trigSuccess('Permissions modifiées&nbsp;!');
900 }
901 if ($comm != $user->group_comm) {
902 $page->trigSuccess('Commentaire mis à jour.');
903 }
904 }
905
906 // Gets user info again as they might have change
907 $user = User::getSilent($user->id());
908
909 // Update ML subscriptions
910 foreach (Env::v('ml1', array()) as $ml => $state) {
911 $ask = empty($_REQUEST['ml2'][$ml]) ? 0 : 2;
912 if ($ask == $state) {
913 if ($state && $email_changed) {
914 $mmlist->replace_email($ml, $from_email, $user->forlifeEmail());
915 $page->trigSuccess("L'abonnement de {$user->fullName()} à $ml@ a été mis à jour.");
916 }
917 continue;
918 }
919 if ($state == '1') {
920 $page->trigWarning("{$user->fullName()} a "
921 ."actuellement une demande d'inscription en "
922 ."cours sur <strong>$ml@</strong> !!!");
923 } elseif ($ask) {
924 $mmlist->mass_subscribe($ml, Array($user->forlifeEmail()));
925 $page->trigSuccess("{$user->fullName()} a été abonné à $ml@.");
926 } else {
927 if ($email_changed) {
928 $mmlist->mass_unsubscribe($ml, Array($from_email));
929 } else {
930 $mmlist->mass_unsubscribe($ml, Array($user->forlifeEmail()));
931 }
932 $page->trigSuccess("{$user->fullName()} a été désabonné de $ml@.");
933 }
934 }
935
936 // Change subscriptioin to aliases
937 foreach (Env::v('ml3', array()) as $ml => $state) {
938 $ask = !empty($_REQUEST['ml4'][$ml]);
939 if($state == $ask) {
940 if ($state && $email_changed) {
941 XDB::query("UPDATE virtual_redirect AS vr, virtual AS v
942 SET vr.redirect = {?}
943 WHERE vr.vid = v.vid AND v.alias = {?} AND vr.redirect = {?}",
944 $user->forlifeEmail(), $ml, $from_email);
945 $page->trigSuccess("L'abonnement de {$user->fullName()} à $ml a été mis à jour.");
946 }
947 } else if($ask) {
948 XDB::query("INSERT INTO virtual_redirect (vid,redirect)
949 SELECT vid,{?} FROM virtual WHERE alias={?}",
950 $user->forlifeEmail(), $ml);
951 $page->trigSuccess("{$user->fullName()} a été abonné à $ml.");
952 } else {
953 XDB::query("DELETE FROM virtual_redirect
954 USING virtual_redirect
955 INNER JOIN virtual USING(vid)
956 WHERE redirect={?} AND alias={?}",
957 $from_email, $ml);
958 $page->trigSuccess("{$user->fullName()} a été désabonné de $ml.");
959 }
960 }
961 }
962
963 $page->assign('user', $user);
964 $page->assign('listes', $mmlist->get_lists($user->forlifeEmail()));
965 $page->assign('alias', $user->emailAliases($globals->asso('mail_domain'), 'user', true));
966 }
967
968 function handler_rss(&$page, $user = null, $hash = null)
969 {
970 global $globals;
971 $page->assign('asso', $globals->asso());
972
973 $this->load('feed.inc.php');
974 $feed = new XnetGrpEventFeed();
975 return $feed->run($page, $user, $hash, false);
976 }
977
978 private function upload_image(PlPage &$page, PlUpload &$upload)
979 {
980 if (@!$_FILES['image']['tmp_name'] && !Env::v('image_url')) {
981 return true;
982 }
983 if (!$upload->upload($_FILES['image']) && !$upload->download(Env::v('image_url'))) {
984 $page->trigError('Impossible de télécharger l\'image');
985 return false;
986 } elseif (!$upload->isType('image')) {
987 $page->trigError('Le fichier n\'est pas une image valide au format JPEG, GIF ou PNG.');
988 $upload->rm();
989 return false;
990 } elseif (!$upload->resizeImage(200, 300, 100, 100, 32284)) {
991 $page->trigError('Impossible de retraiter l\'image');
992 return false;
993 }
994 return true;
995 }
996
997 function handler_photo_announce(&$page, $eid = null) {
998 if ($eid) {
999 $res = XDB::query('SELECT *
1000 FROM group_announces_photo
1001 WHERE eid = {?}', $eid);
1002 if ($res->numRows()) {
1003 $photo = $res->fetchOneAssoc();
1004 pl_cached_dynamic_content_headers("image/" . $photo['attachmime']);
1005 echo $photo['attach'];
1006 exit;
1007 }
1008 } else {
1009 $upload = new PlUpload(S::user()->login(), 'xnetannounce');
1010 if ($upload->exists() && $upload->isType('image')) {
1011 pl_cached_dynamic_content_headers($upload->contentType());
1012 echo $upload->getContents();
1013 exit;
1014 }
1015 }
1016 global $globals;
1017 pl_cached_dynamic_content_headers("image/png");
1018 echo file_get_contents($globals->spoolroot . '/htdocs/images/logo.png');
1019 exit;
1020 }
1021
1022 function handler_edit_announce(&$page, $aid = null)
1023 {
1024 global $globals, $platal;
1025 $page->changeTpl('xnetgrp/announce-edit.tpl');
1026 $page->assign('new', is_null($aid));
1027 $art = array();
1028
1029 if (Post::v('valid') == 'Visualiser' || Post::v('valid') == 'Enregistrer'
1030 || Post::v('valid') == 'Supprimer l\'image' || Post::v('valid') == 'Pas d\'image') {
1031 S::assert_xsrf_token();
1032
1033 if (!is_null($aid)) {
1034 $art['id'] = $aid;
1035 }
1036 $art['titre'] = Post::v('titre');
1037 $art['texte'] = Post::v('texte');
1038 $art['contacts'] = Post::v('contacts');
1039 $art['promo_min'] = Post::i('promo_min');
1040 $art['promo_max'] = Post::i('promo_max');
1041 $art['nom'] = S::v('nom');
1042 $art['prenom'] = S::v('prenom');
1043 $art['promo'] = S::v('promo');
1044 $art['hruid'] = S::user()->login();
1045 $art['uid'] = S::user()->id();
1046 $art['expiration'] = Post::v('expiration');
1047 $art['public'] = Post::has('public');
1048 $art['xorg'] = Post::has('xorg');
1049 $art['nl'] = Post::has('nl');
1050 $art['event'] = Post::v('event');
1051 $upload = new PlUpload(S::user()->login(), 'xnetannounce');
1052 $this->upload_image($page, $upload);
1053
1054 $art['contact_html'] = $art['contacts'];
1055 if ($art['event']) {
1056 $art['contact_html'] .= "\n{$globals->baseurl}/{$platal->ns}events/sub/{$art['event']}";
1057 }
1058
1059 if (!$art['public'] &&
1060 (($art['promo_min'] > $art['promo_max'] && $art['promo_max'] != 0) ||
1061 ($art['promo_min'] != 0 && ($art['promo_min'] <= 1900 || $art['promo_min'] >= 2020)) ||
1062 ($art['promo_max'] != 0 && ($art['promo_max'] <= 1900 || $art['promo_max'] >= 2020))))
1063 {
1064 $page->trigError("L'intervalle de promotions est invalide.");
1065 Post::kill('valid');
1066 }
1067
1068 if (!trim($art['titre']) || !trim($art['texte'])) {
1069 $page->trigError("L'article doit avoir un titre et un contenu.");
1070 Post::kill('valid');
1071 }
1072
1073 if (Post::v('valid') == 'Supprimer l\'image') {
1074 $upload->rm();
1075 Post::kill('valid');
1076 }
1077 $art['photo'] = $upload->exists() || Post::i('photo');
1078 if (Post::v('valid') == 'Pas d\'image' && !is_null($aid)) {
1079 XDB::query('DELETE FROM group_announces_photo
1080 WHERE eid = {?}', $aid);
1081 $upload->rm();
1082 Post::kill('valid');
1083 $art['photo'] = false;
1084 }
1085 }
1086
1087 if (Post::v('valid') == 'Enregistrer') {
1088 $promo_min = ($art['public'] ? 0 : $art['promo_min']);
1089 $promo_max = ($art['public'] ? 0 : $art['promo_max']);
1090 $flags = new PlFlagSet();
1091 if ($art['public']) {
1092 $flags->addFlag('public');
1093 }
1094 if ($art['photo']) {
1095 $flags->addFlag('photo');
1096 }
1097 if (is_null($aid)) {
1098 $fulltext = $art['texte'];
1099 if (!empty($art['contact_html'])) {
1100 $fulltext .= "\n\n'''Contacts :'''\\\\\n" . $art['contact_html'];
1101 }
1102 $post = null;/*
1103 if ($globals->asso('forum')) {
1104 require_once 'banana/forum.inc.php';
1105 $banana = new ForumsBanana(S::user());
1106 $post = $banana->post($globals->asso('forum'), null,
1107 $art['titre'], MiniWiki::wikiToText($fulltext, false, 0, 80));
1108 }*/
1109 XDB::query('INSERT INTO group_announces (uid, asso_id, create_date, titre, texte, contacts,
1110 expiration, promo_min, promo_max, flags, post_id)
1111 VALUES ({?}, {?}, NOW(), {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})',
1112 S::i('uid'), $globals->asso('id'), $art['titre'], $art['texte'], $art['contact_html'],
1113 $art['expiration'], $promo_min, $promo_max, $flags, $post);
1114 $aid = XDB::insertId();
1115 if ($art['photo']) {
1116 list($imgx, $imgy, $imgtype) = $upload->imageInfo();
1117 XDB::execute('INSERT INTO group_announces_photo
1118 SET eid = {?}, attachmime = {?}, x = {?}, y = {?}, attach = {?}',
1119 $aid, $imgtype, $imgx, $imgy, $upload->getContents());
1120 }
1121 if ($art['xorg']) {
1122 require_once('validations.inc.php');
1123 $article = new EvtReq("[{$globals->asso('nom')}] " . $art['titre'], $fulltext,
1124 $art['promo_min'], $art['promo_max'], $art['expiration'], "", S::user(),
1125 $upload);
1126 $article->submit();
1127 $page->trigWarning("L'affichage sur la page d'accueil de Polytechnique.org est en attente de validation.");
1128 } else if ($upload && $upload->exists()) {
1129 $upload->rm();
1130 }
1131 if ($art['nl']) {
1132 require_once('validations.inc.php');
1133 $article = new NLReq(S::user(), $globals->asso('nom') . " : " .$art['titre'],
1134 $art['texte'], $art['contact_html']);
1135 $article->submit();
1136 $page->trigWarning("La parution dans la Lettre Mensuelle est en attente de validation.");
1137 }
1138 } else {
1139 XDB::query('UPDATE group_announces
1140 SET titre = {?}, texte = {?}, contacts = {?}, expiration = {?},
1141 promo_min = {?}, promo_max = {?}, flags = {?}
1142 WHERE id = {?} AND asso_id = {?}',
1143 $art['titre'], $art['texte'], $art['contacts'], $art['expiration'],
1144 $promo_min, $promo_max, $flags,
1145 $art['id'], $globals->asso('id'));
1146 if ($art['photo'] && $upload->exists()) {
1147 list($imgx, $imgy, $imgtype) = $upload->imageInfo();
1148 XDB::execute("REPLACE INTO group_announces_photo
1149 SET eid = {?}, attachmime = {?}, x = {?}, y = {?}, attach = {?}",
1150 $aid, $imgtype, $imgx, $imgy, $upload->getContents());
1151 $upload->rm();
1152 }
1153 }
1154 }
1155 if (Post::v('valid') == 'Enregistrer' || Post::v('valid') == 'Annuler') {
1156 pl_redirect("");
1157 }
1158
1159 if (empty($art) && !is_null($aid)) {
1160 $res = XDB::query("SELECT *, FIND_IN_SET('public', flags) AS public,
1161 FIND_IN_SET('photo', flags) AS photo
1162 FROM group_announces
1163 WHERE asso_id = {?} AND id = {?}",
1164 $globals->asso('id'), $aid);
1165 if ($res->numRows()) {
1166 $art = $res->fetchOneAssoc();
1167 $art['contact_html'] = $art['contacts'];
1168 } else {
1169 $page->kill("Aucun article correspond à l'identifiant indiqué.");
1170 }
1171 }
1172
1173 if (is_null($aid)) {
1174 $events = XDB::iterator("SELECT *
1175 FROM group_events
1176 WHERE asso_id = {?} AND archive = 0",
1177 $globals->asso('id'));
1178 if ($events->total()) {
1179 $page->assign('events', $events);
1180 }
1181 }
1182
1183 $art['contact_html'] = @MiniWiki::WikiToHTML($art['contact_html']);
1184 $page->assign('art', $art);
1185 $page->assign_by_ref('upload', $upload);
1186 }
1187
1188 function handler_admin_announce(&$page)
1189 {
1190 global $globals;
1191 $page->changeTpl('xnetgrp/announce-admin.tpl');
1192
1193 if (Env::has('del')) {
1194 S::assert_xsrf_token();
1195 XDB::execute('DELETE FROM group_announces
1196 WHERE id = {?} AND asso_id = {?}',
1197 Env::i('del'), $globals->asso('id'));
1198 }
1199 $res = XDB::iterator('SELECT id, titre, expiration, expiration < CURRENT_DATE() AS perime
1200 FROM group_announces
1201 WHERE asso_id = {?}
1202 ORDER BY expiration DESC',
1203 $globals->asso('id'));
1204 $page->assign('articles', $res);
1205 }
1206 }
1207
1208 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
1209 ?>
plat/al