+ S::assert_xsrf_token();
+ }
+
+ $promo_sortie = Env::i('promo_sortie');
+
+ if ($promo_sortie < 1000 || $promo_sortie > 9999) {
+ $page->trigError('L\'année de sortie doit être un nombre de quatre chiffres');
+ }
+ elseif ($promo_sortie < $promo + 3) {
+ $page->trigError('Trop tôt');
+ }
+ elseif ($promo_sortie == $promo_sortie_old) {
+ $page->trigWarning('Tu appartiens déjà à la promotion correspondante à cette année de sortie.');
+ }
+ elseif ($promo_sortie == $promo + 3) {
+ XDB::execute(
+ "UPDATE auth_user_md5 set promo_sortie={?}
+ WHERE user_id={?}", $promo_sortie, S::v('uid'));
+ $page->trigSuccess('Ton statut "orange" a été supprimé.');
+ $page->assign('promo_sortie_old', $promo_sortie);
+ }
+ else {
+ $page->assign('promo_sortie', $promo_sortie);
+
+ if (Env::has('submit')) {
+ $myorange = new OrangeReq(S::v('uid'),
+ $promo_sortie);
+ $myorange->submit();
+ $page->assign('myorange', $myorange);
+ }
+ }
+ }
+
+ function handler_referent(&$page, $x = null)
+ {
+ require_once 'user.func.inc.php';
+
+ if (is_null($x)) {
+ return PL_NOT_FOUND;
+ }
+
+ $page->changeTpl('profile/fiche_referent.tpl', SIMPLE);
+
+ $res = XDB::query(
+ "SELECT prenom, nom, user_id, promo, cv, a.alias AS bestalias
+ FROM auth_user_md5 AS u
+ INNER JOIN aliases AS a ON (u.user_id=a.id
+ AND FIND_IN_SET('bestalias', a.flags))
+ INNER JOIN aliases AS a1 ON (u.user_id=a1.id
+ AND a1.alias = {?}
+ AND a1.type!='homonyme')", $x);
+
+ if ($res->numRows() != 1) {
+ return PL_NOT_FOUND;
+ }
+
+ list($prenom, $nom, $user_id, $promo, $cv, $bestalias) = $res->fetchOneRow();
+
+ $page->assign('prenom', $prenom);
+ $page->assign('nom', $nom);
+ $page->assign('promo', $promo);
+ $page->assign('cv', MiniWiki::WikiToHTML($cv, true));
+ $page->assign('bestalias', $bestalias);
+ $page->assign('adr_pro', get_user_details_pro($user_id));
+
+ ///// recuperations infos referent
+
+ //expertise
+ $res = XDB::query("SELECT expertise FROM mentor WHERE uid = {?}", $user_id);
+ $page->assign('expertise', $res->fetchOneCell());
+
+ //secteurs
+ $secteurs = $ss_secteurs = Array();
+ $res = XDB::iterRow(
+ "SELECT s.label, ss.label
+ FROM mentor_secteurs AS m
+ LEFT JOIN emploi_secteur AS s ON(m.secteur = s.id)
+ LEFT JOIN emploi_ss_secteur AS ss ON(m.secteur = ss.secteur AND m.ss_secteur = ss.id)
+ WHERE uid = {?}", $user_id);
+ while (list($sec, $ssec) = $res->next()) {
+ $secteurs[] = $sec;
+ $ss_secteurs[] = $ssec;
+ }
+ $page->assign_by_ref('secteurs', $secteurs);
+ $page->assign_by_ref('ss_secteurs', $ss_secteurs);
+
+ //pays
+ $res = XDB::query(
+ "SELECT gp.pays
+ FROM mentor_pays AS m
+ LEFT JOIN geoloc_pays AS gp ON(m.pid = gp.a2)
+ WHERE uid = {?}", $user_id);
+ $page->assign('pays', $res->fetchColumn());
+
+ $page->addJsLink('close_on_esc.js');
+ }
+
+ function handler_ref_search(&$page, $action = null, $subaction = null)
+ {
+ $wp = new PlWikiPage('Docs.Emploi');
+ $wp->buildCache();
+
+ $page->setTitle('Conseil Pro');
+
+ //recuperation des noms de secteurs
+ $res = XDB::iterRow("SELECT id, label FROM emploi_secteur");
+ $secteurs[''] = '';
+ while (list($tmp_id, $tmp_label) = $res->next()) {
+ $secteurs[$tmp_id] = $tmp_label;
+ }
+ $page->assign_by_ref('secteurs', $secteurs);
+
+ // nb de mentors
+ $res = XDB::query("SELECT count(*) FROM mentor");
+ $page->assign('mentors_number', $res->fetchOneCell());
+
+ // On vient d'un formulaire
+ $where = array();
+ $pays_sel = XDB::escape(Env::v('pays_sel'));
+ $secteur_sel = XDB::escape(Env::v('secteur'));
+ $ss_secteur_sel = XDB::escape(Env::v('ss_secteur'));
+ $expertise_champ = XDB::escape(Env::v('expertise'));
+
+ if ($pays_sel != "''") {
+ $where[] = "mp.pid = $pays_sel";
+ }
+ if ($secteur_sel != "''") {
+ $where[] = "ms.secteur = $secteur_sel";
+ if ($ss_secteur_sel != "''") {
+ $where[] = "ms.ss_secteur = $ss_secteur_sel";
+ }
+ }
+ if ($expertise_champ != "''") {
+ $where[] = "MATCH(m.expertise) AGAINST($expertise_champ)";
+ }
+
+ if ($where) {
+ $where = join(' AND ', $where);
+
+ $set = new UserSet("INNER JOIN mentor AS m ON (m.uid = u.user_id)
+ LEFT JOIN mentor_pays AS mp ON (mp.uid = m.uid)
+ LEFT JOIN mentor_secteurs AS ms ON (ms.uid = m.uid)",
+ $where);
+ $set->addMod('mentor', 'Référents');
+ $set->apply('referent/search', $page, $action, $subaction);
+ if ($set->count() > 100) {
+ $page->assign('recherche_trop_large', true);
+ }
+ }
+ $page->changeTpl('profile/referent.tpl');
+ }
+
+ function handler_ref_sect(&$page, $sect)
+ {
+ header('Content-Type: text/html; charset=utf-8');
+ $page->changeTpl('include/field.select.tpl', NO_SKIN);
+ $page->assign('onchange', 'setSSecteurs()');
+ $page->assign('id', 'ssect_field');
+ $page->assign('name', 'ss_secteur');
+ $it = XDB::iterator("SELECT id,label AS field
+ FROM emploi_ss_secteur
+ WHERE secteur = {?}", $sect);
+ $page->assign('list', $it);
+ }
+
+ function handler_ref_country(&$page, $sect, $ssect = '')
+ {
+ header('Content-Type: text/html; charset=utf-8');
+ $page->changeTpl('include/field.select.tpl', NO_SKIN);
+ $page->assign('name', 'pays_sel');
+ $where = ($ssect ? ' AND ms.ss_secteur = {?}' : '');
+ $it = XDB::iterator("SELECT a2 AS id, pays AS field
+ FROM geoloc_pays AS g
+ INNER JOIN mentor_pays AS mp ON (mp.pid = g.a2)
+ INNER JOIN mentor_secteurs AS ms ON (ms.uid = mp.uid)
+ WHERE ms.secteur = {?} $where
+ GROUP BY a2
+ ORDER BY pays", $sect, $ssect);
+ $page->assign('list', $it);
+ }
+
+ function handler_p_usage(&$page)
+ {
+ $page->changeTpl('profile/nomusage.tpl');
+
+ require_once 'validations.inc.php';
+
+ $res = XDB::query(
+ "SELECT u.nom, u.nom_usage, u.flags, e.alias
+ FROM auth_user_md5 AS u
+ LEFT JOIN aliases AS e ON(u.user_id = e.id
+ AND FIND_IN_SET('usage', e.flags))
+ WHERE user_id={?}", S::v('uid'));
+
+ list($nom, $usage_old, $flags, $alias_old) = $res->fetchOneRow();
+ $flags = new PlFlagSet($flags);
+ $page->assign('usage_old', $usage_old);
+ $page->assign('alias_old', $alias_old);
+
+ $nom_usage = replace_accent(trim(Env::v('nom_usage')));
+ $nom_usage = strtoupper($nom_usage);
+ $page->assign('usage_req', $nom_usage);
+
+ if (Env::has('submit') && ($nom_usage != $usage_old)) {
+ S::assert_xsrf_token();
+
+ // on vient de recevoir une requete, differente de l'ancien nom d'usage
+ if ($nom_usage == $nom) {
+ $page->assign('same', true);
+ } else { // le nom de mariage est distinct du nom à l'X
+ // on calcule l'alias pour l'afficher
+ $reason = Env::v('reason');
+ if ($reason == 'other') {
+ $reason = Env::v('other_reason');
+ }
+ $myusage = new UsageReq(S::v('uid'), $nom_usage, $reason);
+ $myusage->submit();
+ $page->assign('myusage', $myusage);
+ }
+ }
+ }
+
+ function handler_xnet(&$page)
+ {
+ $page->changeTpl('profile/groupesx.tpl');
+ $page->setTitle('Promo, Groupes X, Binets');
+
+ $req = XDB::query('
+ SELECT m.asso_id, a.nom, diminutif, a.logo IS NOT NULL AS has_logo,
+ COUNT(e.eid) AS events, mail_domain AS lists
+ FROM groupex.membres AS m
+ INNER JOIN groupex.asso AS a ON(m.asso_id = a.id)
+ LEFT JOIN groupex.evenements AS e ON(e.asso_id = m.asso_id AND e.archive = 0)
+ WHERE uid = {?} GROUP BY m.asso_id ORDER BY a.nom', S::i('uid'));
+ $page->assign('assos', $req->fetchAllAssoc());
+ }
+
+ function handler_vcard(&$page, $x = null)
+ {
+ if (is_null($x)) {
+ return PL_NOT_FOUND;
+ }
+
+ global $globals;
+
+ if (substr($x, -4) == '.vcf') {
+ $x = substr($x, 0, strlen($x) - 4);
+ }
+
+ $vcard = new VCard();
+ $vcard->addUser($x);
+ $vcard->show();
+ }
+
+ function handler_admin_trombino(&$page, $uid = null, $action = null) {
+ $page->changeTpl('profile/admin_trombino.tpl');
+ $page->setTitle('Administration - Trombino');
+ $page->assign('uid', $uid);
+
+ $q = XDB::query(
+ "SELECT a.alias,promo
+ FROM auth_user_md5 AS u
+ INNER JOIN aliases AS a ON ( u.user_id = a.id AND type='a_vie' )
+ WHERE user_id = {?}", $uid);
+ list($forlife, $promo) = $q->fetchOneRow();
+
+ switch ($action) {
+ case "original":
+ header("Content-type: image/jpeg");
+ readfile("/home/web/trombino/photos".$promo."/".$forlife.".jpg");
+ exit;
+ break;
+
+ case "new":
+ S::assert_xsrf_token();
+
+ $data = file_get_contents($_FILES['userfile']['tmp_name']);
+ list($x, $y) = getimagesize($_FILES['userfile']['tmp_name']);
+ $mimetype = substr($_FILES['userfile']['type'], 6);
+ unlink($_FILES['userfile']['tmp_name']);
+ XDB::execute(
+ "REPLACE INTO photo SET uid={?}, attachmime = {?}, attach={?}, x={?}, y={?}",
+ $uid, $mimetype, $data, $x, $y);
+ break;
+
+ case "delete":
+ S::assert_xsrf_token();
+
+ XDB::execute('DELETE FROM photo WHERE uid = {?}', $uid);
+ break;