- $page->addJsLink('ui.core.js');
- $page->addJsLink('ui.tabs.js');
-
-
- // Processes admin requests, if any.
- foreach($_POST as $key => $val) {
- S::assert_xsrf_token();
-
- switch ($key) {
- // Email redirection actions.
- case "add_fwd":
- $email = trim(Env::v('email'));
- if (!isvalid_email_redirection($email)) {
- $page->trigError("Email non valide: $email");
- } else {
- $redirect->add_email($email);
- $page->trigSuccess("Ajout de $email effectué");
- }
- break;
-
- case "del_fwd":
- if (!empty($val)) {
- $redirect->delete_email($val);
- }
- break;
-
- case "activate_fwd":
- if (!empty($val)) {
- $redirect->modify_one_email($val, true);
- }
- break;
- case "deactivate_fwd":
- if (!empty($val)) {
- $redirect->modify_one_email($val, false);
- }
- break;
- case "disable_fwd":
- $redirect->disable();
- break;
- case "enable_fwd":
- $redirect->enable();
- break;
- case "clean_fwd":
- if (!empty($val)) {
- $redirect->clean_errors($val);
- }
- break;
-
- // Alias actions.
- case "add_alias":
- global $globals;
-
- // Splits new alias in user and fqdn.
- $alias = trim(Env::v('email'));
- if (strpos($alias, '@') !== false) {
- list($alias, $domain) = explode('@', $alias);
- } else {
- $domain = $globals->mail->domain;
- }
-
- // Checks for alias' user validity.
- if (!preg_match('/[-a-z0-9\.]+/s', $alias)) {
- $page->trigError("'$alias' n'est pas un alias valide");
- }
-
- // Eventually adds the alias to the right domain.
- if ($domain == $globals->mail->alias_dom || $domain == $globals->mail->alias_dom2) {
- $req = new AliasReq($user, $alias, 'Admin request', false);
- if ($req->commit()) {
- $page->trigSuccess("Nouvel alias '$alias@$domain' attribué");
- } else {
- $page->trigError("Impossible d'ajouter l'alias '$alias@$domain', il est probablement déjà attribué");
- }
- } elseif ($domain == $globals->mail->domain || $domain == $globals->mail->domain2) {
- $res = XDB::execute("INSERT INTO aliases (id,alias,type) VALUES ({?}, {?}, 'alias')",
- $user->id(), $alias);
- if ($res) {
- $page->trigSuccess("Nouvel alias '$alias' ajouté");
- } else {
- $page->trigError("Impossible d'ajouter l'alias '$alias', il est probablement déjà attribué");
- }
- } else {
- $page->trigError("Le domaine '$domain' n'est pas valide");
- }
- break;
-
- case "del_alias":
- if (!empty($val)) {
- XDB::execute("DELETE FROM aliases
- WHERE id = {?} AND alias = {?} AND
- type NOT IN ('a_vie', 'homonyme')",
- $user->id(), $val);
- XDB::execute("UPDATE emails
- SET rewrite = ''
- WHERE uid = {?} AND rewrite LIKE CONCAT({?}, '@%')",
- $user->id(), $val);
- fix_bestalias($user);
- $page->trigSuccess("L'alias '$val' a été supprimé");
- }
- break;
-
- case "best":
- XDB::execute("UPDATE aliases
- SET flags = TRIM(BOTH ',' FROM REPLACE(CONCAT(',', flags, ','), ',bestalias,', ','))
- WHERE id = {?}", $user->id());
- XDB::execute("UPDATE aliases
- SET flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'bestalias')
- WHERE id = {?} AND alias = {?}", $user->id(), $val);
-
- // As having a non-null bestalias value is critical in
- // plat/al's code, we do an a posteriori check on the
- // validity of the bestalias.
- fix_bestalias($user);
- break;
-
- // Profile edition.
- case "u_edit":
- // Loads new values from environment.
- $pass_encrypted = Env::v('newpass_clair') != "********" ? sha1(Env::v('newpass_clair')) : Env::v('passw');
- $naiss = Env::v('naissanceN');
- $deces = Env::v('decesN');
- $perms = Env::v('permsN');
- $prenom = Env::v('prenomN');
- $nom = Env::v('nomN');
- $nomusage = Env::v('nomusageN');
- $promo = Env::i('promoN');
- $sexe = Env::v('sexeN');
- $comm = trim(Env::v('commentN'));
- $watch = Env::v('watchN');
-
- $flags = ($sexe ? 'femme' : '');
- if ($watch) {
- $flags .= ($flags ? ',watch' : 'watch');
- }
- if ($watch && !$comm) {
- $page->trigError("Il est nécessaire de mettre un commentaire pour surveiller un compte");
- break;
- }
-
- // Fetches fields to watch for changes.
- $watch_query = "SELECT naissance, deces, password, perms, nom_usage,
- prenom, nom, flags, promo, comment
- FROM auth_user_md5
- WHERE user_id = {?}";
- $old_fields = XDB::query($watch_query, $user->id())->fetchOneAssoc();
-
- // If user was newly banned, we need to ensure her php session
- // is killed. This hack is ugly (and largely overkill); it should
- // however suits our needs.
- if ($perms == 'disabled' && $old_fields['perms'] != 'disabled') {
- kill_sessions();
- }
-
- // Updates the user profile with the new values.
- $res = XDB::execute("UPDATE auth_user_md5
- SET naissance = {?}, deces = {?}, password = {?},
- perms = {?}, prenom = {?}, nom = {?}, nom_usage = {?},
- flags = {?}, promo = {?}, comment = {?}
- WHERE user_id = {?}",
- $naiss, $deces, $pass_encrypted,
- $perms, $prenom, $nom, $nomusage,
- $flags, $promo, $comm, $user->id());
- if ($res) {
- require_once("user.func.inc.php");
- user_reindex($user->id());
- $new_fields = XDB::query($watch_query, $user->id())->fetchOneAssoc();
-
- $mailer = new PlMailer("admin/useredit.mail.tpl");
- $mailer->assign("admin", S::user()->login());
- $mailer->assign("user", $user->login());
- $mailer->assign('old', $old_fields);
- $mailer->assign('new', $new_fields);
- $mailer->send();
-
- $globals->updateNbIns();
- $page->trigSuccess("Update was successful.");
- } else {
- $page->trigError("Update failed, please double check your values.");
- }
-
- // Checks for changes, and updates other tables of plat/al.
- if (Env::v('nomusageN') != $mr['nom_usage']) {
- set_new_usage($user->id(), Env::v('nomusageN'), make_username(Env::v('prenomN'), Env::v('nomusageN')));
- }
- if (Env::v('decesN') != $mr['deces']) {
- require_once 'notifs.inc.php';
- register_watch_op($user->id(), WATCH_DEATH, $mr['deces']);
- user_clear_all_subs($user->id(), false);
- }
-
- // Eventually updates the Google Apps account.
- if ($globals->mailstorage->googleapps_domain) {
- // If the user did choose to use synchronized passwords,
- // and the password was changed, updates the Google Apps
- // password as well.
- if (Env::v('newpass_clair') != "********") {
- require_once 'googleapps.inc.php';
- $account = new GoogleAppsAccount($user);
- if ($account->active() && $account->sync_password) {
- $account->set_password($pass_encrypted);
- }
- }
-
- // If the update did disable the user account, disables
- // the Google Apps account as well.
- if ($new_fields['perms'] == 'disabled' && $new_fields['perms'] != $old_fields['perms']) {
- require_once 'googleapps.inc.php';
- $account = new GoogleAppsAccount($user);
- $account->suspend();
- }
- }
-