<?php
/***************************************************************************
- * Copyright (C) 2003-2006 Polytechnique.org *
+ * Copyright (C) 2003-2009 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
return array(
'%grp/events' => $this->make_hook('events', AUTH_MDP),
'%grp/events/sub' => $this->make_hook('sub', AUTH_MDP),
- '%grp/events/csv' => $this->make_hook('csv', AUTH_MDP),
- '%grp/events/ical' => $this->make_hook('ical', AUTH_MDP),
- '%grp/events/edit' => $this->make_hook('edit', AUTH_MDP),
- '%grp/events/admin' => $this->make_hook('admin', AUTH_MDP),
+ '%grp/events/csv' => $this->make_hook('csv', AUTH_MDP, 'user', NO_HTTPS),
+ '%grp/events/ical' => $this->make_hook('ical', AUTH_MDP, 'user', NO_HTTPS),
+ '%grp/events/edit' => $this->make_hook('edit', AUTH_MDP, 'groupadmin'),
+ '%grp/events/admin' => $this->make_hook('admin', AUTH_MDP, 'groupmember'),
);
}
{
global $globals;
- if ($archive == 'archive') {
- $archive = true;
- new_groupadmin_page('xnetevents/index.tpl');
- } else {
- $archive = false;
- new_group_open_page('xnetevents/index.tpl');
- }
-
+ $page->changeTpl('xnetevents/index.tpl');
$action = null;
+ $archive = ($archive == 'archive' && may_update());
+
if (Post::has('del')) {
$action = 'del';
$eid = Post::v('del');
if (!is_null($action)) {
if (!may_update()) {
- return PL_NOT_ALLOWED;
+ return PL_FORBIDDEN;
}
+ S::assert_xsrf_token();
$res = XDB::query("SELECT asso_id, short_name FROM groupex.evenements
WHERE eid = {?} AND asso_id = {?}",
$tmp = $res->fetchOneRow();
if (!$tmp) {
- return PL_NOT_ALLOWED;
+ return PL_FORBIDDEN;
}
}
XDB::execute("DELETE FROM requests
WHERE type = 'paiements' AND data LIKE {?}",
PayReq::same_event($eid, $globals->asso('id')));
+ $globals->updateNbValid();
}
if ($action == 'archive') {
}
$page->assign('archive', $archive);
- $page->assign('admin', may_update());
-
$evenements = XDB::iterator(
- "SELECT e.*, LEFT(10, e.debut) AS debut_day, LEFT(10, e.fin) AS fin_day,
+ "SELECT e.*, LEFT(10, e.debut) AS first_day, LEFT(10, e.fin) AS last_day,
IF(e.deadline_inscription, e.deadline_inscription >= LEFT(NOW(), 10),
1) AS inscr_open, e.deadline_inscription,
u.nom, u.prenom, u.promo, a.alias,
- MAX(ep.nb) AS inscrit, MAX(ep.paid) AS paid
+ MAX(ep.nb) IS NOT NULL AS inscrit, MAX(ep.paid) AS paid
FROM groupex.evenements AS e
INNER JOIN x4dat.auth_user_md5 AS u ON u.user_id = e.organisateur_uid
INNER JOIN x4dat.aliases AS a ON (a.type = 'a_vie' AND a.id = u.user_id)
LEFT JOIN groupex.evenements_participants AS ep ON (ep.eid = e.eid AND ep.uid = {?})
WHERE asso_id = {?}
AND archive = " . ($archive ? "1 " : "0 ")
- . (is_member() || may_update() ? "" : " AND accept_nonmembre != 0 ")
. "GROUP BY e.eid
ORDER BY inscr_open DESC, debut DESC", S::v('uid'), $globals->asso('id'));
$evts = array();
+ $undisplayed_events = 0;
+ $this->load('xnetevents.inc.php');
while ($e = $evenements->next()) {
+ if (!is_member() && !may_update() && !$e['accept_nonmembre']) {
+ $undisplayed_events ++;
+ continue;
+ }
+
$e['show_participants'] = ($e['show_participants'] && (is_member() || may_update()));
$res = XDB::query(
- "SELECT titre, details, montant, ei.item_id, nb
+ "SELECT titre, details, montant, ei.item_id, nb, ep.paid
FROM groupex.evenements_items AS ei
LEFT JOIN groupex.evenements_participants AS ep
ON (ep.eid = ei.eid AND ep.item_id = ei.item_id AND uid = {?})
$e['moments'] = $res->fetchAllAssoc();
$e['topay'] = 0;
+ $e['paid'] = $e['moments'][0]['paid'];
foreach ($e['moments'] as $m) {
$e['topay'] += $m['nb'] * $m['montant'];
}
$e['paid'] += trim($p);
}
+ make_event_date($e);
+
+ if (Env::has('updated') && $e['eid'] == Env::i('updated')) {
+ $page->assign('updated', $e);
+ }
$evts[] = $e;
}
$page->assign('evenements', $evts);
- $page->assign('is_member', is_member());
+ $page->assign('undisplayed_events', $undisplayed_events);
}
function handler_sub(&$page, $eid = null)
{
- require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php';
-
- new_group_open_page('xnetevents/subscribe.tpl');
+ $this->load('xnetevents.inc.php');
+ $page->changeTpl('xnetevents/subscribe.tpl');
$evt = get_event_detail($eid);
- if (!$evt) {
+ if (is_null($evt)) {
return PL_NOT_FOUND;
}
+ if ($evt === false) {
+ global $globals, $platal;
+ $url = $globals->asso('sub_url');
+ if (empty($url)) {
+ $url = $platal->ns . 'subscribe';
+ }
+ $page->kill('Cet événement est reservé aux membres du groupe ' . $globals->asso('nom') .
+ '. Pour devenir membre, rends-toi sur la page de <a href="' . $url . '">demande d\'inscripton</a>.');
+ }
if (!$evt['inscr_open']) {
- $page->kill('Les inscriptions pour cet événement sont closes');
+ $page->kill('Les inscriptions pour cet événement sont closes');
}
if (!$evt['accept_nonmembre'] && !is_member() && !may_update()) {
- $page->kill('Cet événement est fermé aux non-membres du groupe');
+ $page->kill('Cet événement est fermé aux non-membres du groupe');
}
+ global $globals;
+ $res = XDB::query("SELECT stamp FROM requests
+ WHERE type = 'paiements' AND data LIKE {?}",
+ PayReq::same_event($evt['eid'], $globals->asso('id')));
+ $page->assign('validation', $res->numRows());
$page->assign('event', $evt);
if (!Post::has('submit')) {
return;
+ } else {
+ S::assert_xsrf_token();
}
$moments = Post::v('moment', array());
if (!isset($pers[$j]) || !is_numeric($pers[$j])
|| $pers[$j] < 0)
{
- $page->trig('Tu dois choisir un nombre d\'invités correct !');
+ $page->trigError('Tu dois choisir un nombre d\'invités correct !');
return;
}
$subs[$j] = 1 + $pers[$j];
}
// impossible to unsubscribe if you already paid sthing
- if (array_sum($subs) && $evt['paid'] != 0) {
- $page->trig("Impossible de te désinscrire complètement ".
- "parce que tu as fait un paiement par ".
- "chèque ou par liquide. Contacte un ".
- "administrateur du groupe si tu es sûr de ".
- "ne pas venir");
+ if (!array_sum($subs) && $evt['paid'] != 0) {
+ $page->trigError("Impossible de te désinscrire complètement ".
+ "parce que tu as fait un paiement par ".
+ "chèque ou par liquide. Contacte un ".
+ "administrateur du groupe si tu es sûr de ".
+ "ne pas venir");
return;
}
// update actual inscriptions
+ $updated = false;
+ $total = 0;
+ $paid = $evt['paid'] ? $evt['paid'] : 0;
+ $telepaid= $evt['telepaid'] ? $evt['telepaid'] : 0;
foreach ($subs as $j => $nb) {
- if ($nb > 0) {
+ if ($nb >= 0) {
XDB::execute(
"REPLACE INTO groupex.evenements_participants
- VALUES ({?}, {?}, {?}, {?}, {?})",
- $eid, S::v('uid'), $j, $nb, $evt['paid']);
- $page->assign('updated', true);
+ VALUES ({?}, {?}, {?}, {?}, {?}, {?})",
+ $eid, S::v('uid'), $j, $nb, Env::has('notify_payment') ? 'notify_payment' : '',
+ $j == 1 ? $paid - $telepaid : 0);
+ $updated = $eid;
} else {
XDB::execute(
"DELETE FROM groupex.evenements_participants
WHERE eid = {?} AND uid = {?} AND item_id = {?}",
- $eid, S::v("uid"), $j);
- $page->assign('updated', true);
+ $eid, S::v("uid"), $j);
+ $updated = $eid;
}
+ $total += $nb;
+ }
+ if ($updated !== false) {
+ $page->trigSuccess('Ton inscription à l\'événement a été mise à jour avec succès.');
+ subscribe_lists_event($total, S::i('uid'), $evt);
}
-
$page->assign('event', get_event_detail($eid));
}
function handler_csv(&$page, $eid = null, $item_id = null)
{
- require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php';
+ $this->load('xnetevents.inc.php');
if (!is_numeric($item_id)) {
$item_id = null;
return PL_NOT_FOUND;
}
- header('Content-type: text/x-csv; encoding=iso-8859-1');
+ header('Content-type: text/x-csv; encoding=UTF-8');
header('Pragma: ');
header('Cache-Control: ');
$page->assign('admin', $admin);
$page->assign('moments', $evt['moments']);
$page->assign('money', $evt['money']);
+ $page->assign('telepayment', $evt['paiement_id']);
$page->assign('tout', !Env::v('item_id', false));
}
{
global $globals;
- require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php';
+ $this->load('xnetevents.inc.php');
$evt = get_event_detail($eid);
if (!$evt) {
- return PL_NOT_FOUND;
+ return PL_FORBIDDEN;
}
$evt['debut'] = preg_replace('/(\d+)-(\d+)-(\d+) (\d+):(\d+):(\d+)/', "\\1\\2\\3T\\4\\5\\6", $evt['debut']);
$evt['fin'] = preg_replace('/(\d+)-(\d+)-(\d+) (\d+):(\d+):(\d+)/', "\\1\\2\\3T\\4\\5\\6", $evt['fin']);
}
$page->register_function('display_ical', 'display_ical');
$page->assign_by_ref('e', $evt);
-
+
header('Content-Type: text/calendar; charset=utf-8');
}
// check the event is in our group
if (!is_null($eid)) {
- $res = XDB::query("SELECT short_name, asso_id
+ $res = XDB::query("SELECT short_name
FROM groupex.evenements
- WHERE eid = {?}", $eid);
- $infos = $res->fetchOneAssoc();
- if ($infos['asso_id'] != $globals->asso('id')) {
- return PL_NOT_ALLOWED;
+ WHERE eid = {?} AND asso_id = {?}",
+ $eid, $globals->asso('id'));
+ if ($res->numRows()) {
+ $infos = $res->fetchOneAssoc();
+ } else {
+ return PL_FORBIDDEN;
}
}
- new_groupadmin_page('xnetevents/edit.tpl');
+ $page->changeTpl('xnetevents/edit.tpl');
- $moments = range(1, 4);
+ $moments = range(1, 4);
+ $error = false;
$page->assign('moments', $moments);
if (Post::v('intitule')) {
- require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php';
- $short_name = event_change_shortname($page, $infos['short_name'],
- Env::v('short_name', ''));
+ S::assert_xsrf_token();
+ $this->load('xnetevents.inc.php');
+ $short_name = event_change_shortname($page, $eid,
+ $infos['short_name'],
+ Env::v('short_name', ''));
+ if ($short_name != Env::v('short_name')) {
+ $error = true;
+ }
$evt = array(
'eid' => $eid,
'asso_id' => $globals->asso('id'),
// if new event, get its id
if (!$eid) {
- $eid = mysql_insert_id();
+ $eid = XDB::insertId();
}
$nb_moments = 0;
$eid, $i, Post::v('titre'.$i),
Post::v('details'.$i), $montant);
} else {
- XDB::execute("DELETE FROM groupex.evenements_items
+ XDB::execute("DELETE FROM groupex.evenements_items
WHERE eid = {?} AND item_id = {?}", $eid, $i);
}
}
-
// request for a new payment
if (Post::v('paiement_id') == -1 && $money_defaut >= 0) {
require_once 'validations.inc.php';
- $p = new PayReq(S::v('uid'),
+ $p = new PayReq(S::user(),
Post::v('intitule')." - ".$globals->asso('nom'),
Post::v('site'), $money_defaut,
Post::v('confirmation'), 0, 999,
$globals->asso('id'), $eid);
- $p->submit();
+ if ($p->accept()) {
+ $p->submit();
+ } else {
+ $page->assign('paiement_message', Post::v('confirmation'));
+ $page->assign('paiement_site', Post::v('site'));
+ $error = true;
+ }
}
// events with no sub-event: add a sub-event with no name
if ($nb_moments == 0) {
XDB::execute("INSERT INTO groupex.evenements_items
- VALUES ({?}, {?}, '', '', 0)", $eid, 1);
+ VALUES ({?}, {?}, '', '', 0)", $eid, 1);
}
- pl_redirect('events');
+ if (!$error) {
+ pl_redirect('events');
+ }
}
// get a list of all the payment for this asso
PayReq::same_event($eid, $globals->asso('id')));
$stamp = $res->fetchOneCell();
if ($stamp) {
- $evt['paiement_id'] = -2;
+ $evt['paiement_id'] = -2;
$evt['paiement_req'] = $stamp;
}
$page->assign('evt', $evt);
{
global $globals;
- require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php';
+ $this->load('xnetevents.inc.php');
$evt = get_event_detail($eid, $item_id);
if (!$evt) {
return PL_NOT_FOUND;
}
- if ($evt['show_participants']) {
- new_group_page('xnetevents/admin.tpl');
- } else {
- new_groupadmin_page('xnetevents/admin.tpl');
+ $page->changeTpl('xnetevents/admin.tpl');
+ if (!$evt['show_participants'] && !may_update()) {
+ return PL_FORBIDDEN;
}
if (may_update() && Post::v('adm')) {
+ S::assert_xsrf_token();
+
$member = get_infos(Post::v('mail'));
if (!$member) {
- $page->trig("Membre introuvable");
+ $page->trigError("Membre introuvable");
}
// change the price paid by a participant
if (Env::v('adm') == 'prix' && $member) {
XDB::execute("UPDATE groupex.evenements_participants
SET paid = IF(paid + {?} > 0, paid + {?}, 0)
- WHERE uid = {?} AND eid = {?}",
+ WHERE uid = {?} AND eid = {?} AND item_id = 1",
strtr(Env::v('montant'), ',', '.'),
strtr(Env::v('montant'), ',', '.'),
$member['uid'], $evt['eid']);
foreach ($nbs as $id => $nb) {
$nb = max(intval($nb), 0);
-
- if ($nb) {
- XDB::execute("REPLACE INTO groupex.evenements_participants
- VALUES ({?}, {?}, {?}, {?}, {?})",
- $evt['eid'], $member['uid'], $id, $nb, $paid);
- } else {
- XDB::execute("DELETE FROM groupex.evenements_participants
- WHERE uid = {?} AND eid = {?} AND item_id = {?}",
- $member['uid'], $evt['eid'], $id);
- }
+ XDB::execute("REPLACE INTO groupex.evenements_participants
+ VALUES ({?}, {?}, {?}, {?}, {?}, {?})",
+ $evt['eid'], $member['uid'], $id, $nb, '', $id == 1 ? $paid : 0);
}
- $res = XDB::query("SELECT uid
+ $res = XDB::query("SELECT COUNT(uid) AS cnt, SUM(nb) AS nb
FROM groupex.evenements_participants
- WHERE uid = {?} AND eid = {?}",
+ WHERE uid = {?} AND eid = {?}
+ GROUP BY uid",
$member['uid'], $evt['eid']);
- $u = $res->fetchOneCell();
+ $u = $res->fetchOneAssoc();
+ $u = $u['cnt'] ? $u['nb'] : null;
subscribe_lists_event($u, $member['uid'], $evt);
}
$evt = get_event_detail($eid, $item_id);
}
- $page->assign('admin', may_update());
- $page->assign('evt', $evt);
+ $page->assign_by_ref('evt', $evt);
$page->assign('tout', is_null($item_id));
if (count($evt['moments'])) {
INNER JOIN groupex.evenements AS e ON (ep.eid = e.eid)
LEFT JOIN groupex.membres AS m ON ( ep.uid = m.uid AND e.asso_id = m.asso_id)
LEFT JOIN auth_user_md5 AS u ON ( u.user_id = ep.uid )
- WHERE ep.eid = {?} '.$whereitemid.'
+ WHERE ep.eid = {?} '.$whereitemid . '
GROUP BY UPPER(SUBSTRING(IF(u.nom IS NULL,m.nom,u.nom), 1, 1))', $evt['eid']);
$alphabet = array();
ksort($alphabet);
$page->assign('alphabet', $alphabet);
- $ofs = Env::i('offset');
- $tot = Env::v('initiale') ? $tot : $nb_tot;
- $nbp = intval(($tot-1)/NB_PER_PAGE);
- $links = array();
- if ($ofs) {
- $links['précédent'] = $ofs-1;
- }
- for ($i = 0; $i <= $nbp; $i++) {
- $links[(string)($i+1)] = $i;
- }
- if ($ofs < $nbp) {
- $links['suivant'] = $ofs+1;
- }
- if (count($links)>1) {
- $page->assign('links', $links);
- }
-
if ($evt['paiement_id']) {
$res = XDB::iterator(
"SELECT IF(u.nom_usage<>'', u.nom_usage, u.nom) AS nom, u.prenom,
$page->assign('oubliinscription', $res);
}
- $page->assign('participants',
+ $absents = XDB::iterator("SELECT p.uid,
+ IF(m.origine = 'X', IF(u.nom_usage != '', u.nom_usage, u.nom), m.nom) AS nom,
+ IF(m.origine = 'X', u.prenom, u.prenom) AS prenom,
+ IF(m.origine = 'X', u.promo, m.origine) AS promo,
+ IF(m.origine = 'X', FIND_IN_SET('femme', u.flags), m.sexe) AS sexe,
+ IF(m.origine = 'X', a.alias, m.email) AS email
+ FROM groupex.evenements_participants AS p
+ INNER JOIN groupex.membres AS m USING(uid)
+ LEFT JOIN groupex.evenements_participants AS p2 ON (p2.uid = m.uid AND p2.eid = p.eid
+ AND p2.nb != 0)
+ LEFT JOIN auth_user_md5 AS u ON (u.user_id = m.uid)
+ LEFT JOIN aliases AS a ON (a.id = u.user_id AND a.type = 'a_vie')
+ WHERE p.eid = {?} AND p2.eid IS NULL
+ " . (Env::v('initiale') ? " AND IF(u.nom IS NULL, m.nom,
+ IF(u.nom_usage<>'', u.nom_usage, u.nom)) LIKE '" . Env::v('initiale') . "%'"
+ : "") . "
+ GROUP BY m.uid
+ ORDER BY nom, prenom, promo", $evt['eid']);
+
+ $ofs = Env::i('offset');
+ $tot = (Env::v('initiale') ? $tot : $nb_tot);
+ $nbp = ceil($tot / NB_PER_PAGE);
+ if ($nbp > 1) {
+ $links = array();
+ if ($ofs) {
+ $links['précédent'] = $ofs - 1;
+ }
+ for ($i = 1 ; $i <= $nbp; $i++) {
+ $links[(string)$i] = $i - 1;
+ }
+ if ($ofs < $nbp) {
+ $links['suivant'] = $ofs+1;
+ }
+ $page->assign('links', $links);
+ }
+
+
+ $page->assign('absents', $absents);
+ $page->assign('participants',
get_event_participants($evt, $item_id, $tri,
"LIMIT ".($ofs*NB_PER_PAGE).", ".NB_PER_PAGE));
}
}
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
?>