<?php
/***************************************************************************
- * Copyright (C) 2003-2008 Polytechnique.org *
+ * Copyright (C) 2003-2009 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
function handlers()
{
return array(
- 'index' => $this->make_hook('index', AUTH_PUBLIC),
- 'exit' => $this->make_hook('exit', AUTH_PUBLIC),
-
- 'admin' => $this->make_hook('admin', AUTH_MDP, 'admin'),
- 'groups' => $this->make_hook('groups', AUTH_PUBLIC),
- 'groupes.php' => $this->make_hook('groups2', AUTH_PUBLIC),
- 'plan' => $this->make_hook('plan', AUTH_PUBLIC),
- 'photo' => $this->make_hook('photo', AUTH_MDP),
- 'autologin' => $this->make_hook('autologin', AUTH_MDP),
+ 'index' => $this->make_hook('index', AUTH_PUBLIC),
+ 'exit' => $this->make_hook('exit', AUTH_PUBLIC),
+
+ 'admin' => $this->make_hook('admin', AUTH_MDP, 'admin'),
+ 'groups' => $this->make_hook('groups', AUTH_PUBLIC),
+ 'groupes.php' => $this->make_hook('groups2', AUTH_PUBLIC),
+ 'plan' => $this->make_hook('plan', AUTH_PUBLIC),
+ 'photo' => $this->make_hook('photo', AUTH_MDP),
+ 'autologin' => $this->make_hook('autologin', AUTH_MDP),
);
}
function handler_exit(&$page)
{
- XnetSession::killSuid();
- XnetSession::destroy();
+ Platal::session()->stopSUID();
+ Platal::session()->destroy();
$page->changeTpl('xnet/deconnexion.tpl');
}
list($id, $nom, $domain) = $res->fetchOneRow();
$page->assign('nom', $nom);
if ($id && Post::has('del')) {
+ S::assert_xsrf_token();
+
XDB::query('DELETE FROM groupex.membres WHERE asso_id={?}', $id);
- $page->trig('membres supprimés');
+ $page->trigSuccess('membres supprimés');
if ($domain) {
XDB::query('DELETE FROM virtual_domains WHERE domain={?}', $domain);
XDB::query('DELETE FROM virtual, virtual_redirect
USING virtual INNER JOIN virtual_redirect USING (vid)
WHERE alias LIKE {?}', '%@'.$domain);
- $page->trig('suppression des alias mails');
+ $page->trigSuccess('suppression des alias mails');
$mmlist = new MMList(S::v('uid'), S::v('password'), $domain);
if ($listes = $mmlist->get_lists()) {
foreach ($listes as $l) {
$mmlist->delete_list($l['list'], true);
}
- $page->trig('mail lists surpprimées');
+ $page->trigSuccess('mail lists surpprimées');
}
}
XDB::query('DELETE FROM groupex.asso WHERE id={?}', $id);
- $page->trig("Groupe $nom supprimé");
+ $page->trigSuccess("Groupe $nom supprimé");
Get::kill('del');
}
if (!$id) {
}
if (Post::has('diminutif')) {
- XDB::query('INSERT INTO groupex.asso (id,diminutif)
- VALUES(NULL,{?})', Post::v('diminutif'));
- pl_redirect('../'.Post::v('diminutif').'/edit');
+ S::assert_xsrf_token();
+
+ $res = XDB::query('SELECT COUNT(*)
+ FROM groupex.asso
+ WHERE diminutif = {?}',
+ Post::v('diminutif'));
+
+ if ($res->fetchOneCell() == 0) {
+ XDB::execute('INSERT INTO groupex.asso (id, diminutif)
+ VALUES (NULL, {?})',
+ Post::v('diminutif'));
+ pl_redirect('../' . Post::v('diminutif') . '/edit');
+ } else {
+ $page->trigError('Le diminutif demandé est déjà pris.');
+ }
}
- $res = XDB::query('SELECT nom,diminutif FROM groupex.asso ORDER by NOM');
+ $res = XDB::query('SELECT nom, diminutif
+ FROM groupex.asso
+ ORDER BY nom');
$page->assign('assos', $res->fetchAllAssoc());
}