+
+ function handler_login_ext($page)
+ {
+ if (!S::logged()) {
+ $page->changeTpl('xnet/login.tpl');
+ } else {
+ pl_redirect('');
+ }
+ }
+
+ function handler_register_ext($page, $hash = null)
+ {
+ XDB::execute('DELETE FROM register_pending_xnet
+ WHERE DATE_SUB(NOW(), INTERVAL 1 MONTH) > date');
+ $res = XDB::fetchOneAssoc('SELECT uid, hruid
+ FROM register_pending_xnet
+ WHERE hash = {?}',
+ $hash);
+
+ if (is_null($hash) || is_null($res)) {
+ $page->trigErrorRedirect('Cette adresse n\'existe pas ou n\'existe plus sur le serveur.', '');
+ }
+
+ if (Post::has('pwhash') && Post::t('pwhash')) {
+ XDB::query('UPDATE accounts
+ SET password = {?}, state = \'active\'
+ WHERE uid = {?} AND state = \'pending\' AND type = \'xnet\'',
+ Post::t('pwhash'), $res['uid']);
+ XDB::query('DELETE FROM register_pending_xnet
+ WHERE uid = {?}',
+ $res['uid']);
+
+ S::logger($res['uid'])->log('passwd', '');
+
+ // Try to start a session (so the user don't have to log in); we will use
+ // the password available in Post:: to authenticate the user.
+ Post::kill('wait');
+ Platal::session()->startAvailableAuth();
+
+ $page->changeTpl('xnet/register.success.tpl');
+ $page->assign('hruid', $res['hruid']);
+ } else {
+ $page->changeTpl('platal/password.tpl');
+ $page->assign('xnet', true);
+ $page->assign('hruid', $res['hruid']);
+ $page->assign('do_auth', true);
+ }
+ }
+
+ function handler_edit($page)
+ {
+ global $globals;
+
+ $user = S::user();
+ if (empty($user)) {
+ return PL_NOT_FOUND;
+ }
+ if ($user->type != 'xnet') {
+ pl_redirect('index');
+ }
+
+ $page->changeTpl('xnet/edit.tpl');
+ if (Post::has('change')) {
+ S::assert_xsrf_token();
+
+ // Convert user status to X
+ if (!Post::blank('login_X')) {
+ $forlife = $this->changeLogin($page, $user, Post::t('login_X'));
+ if ($forlife) {
+ pl_redirect('index');
+ }
+ }
+
+ // Update user info
+ XDB::query('UPDATE accounts
+ SET full_name = {?}, directory_name = {?}, display_name = {?},
+ sex = {?}, email = {?}
+ WHERE uid = {?}',
+ Post::t('full_name'), Post::t('directory_name'), Post::t('display_name'),
+ (Post::t('sex') == 'male') ? 'male' : 'female', Post::t('email'), $user->id());
+ if (XDB::affectedRows()) {
+ $user = User::getWithUID($user->id());
+ S::set('user', $user);
+ $page->trigSuccess('Données mises à jour.');
+ }
+ }
+
+ $page->addJsLink('password.js');
+ $page->assign('user', $user);
+ }
+
+ function handler_password ($page)
+ {
+ if (Post::has('pwhash') && Post::t('pwhash')) {
+ S::assert_xsrf_token();
+
+ S::set('password', $password = Post::t('pwhash'));
+ XDB::execute('UPDATE accounts
+ SET password = {?}
+ WHERE uid={?}', $password,
+ S::i('uid'));
+ S::logger()->log('passwd');
+ Platal::session()->setAccessCookie(true);
+ $page->changeTpl('platal/password.success.tpl');
+ $page->run();
+ }
+
+ $page->changeTpl('platal/password.tpl');
+ $page->assign('xnet_reset', true);
+ $page->assign('do_auth', false);
+ }