projects / platal.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Remove ValidateIterator, replaced by Validate::iterate().
[platal.git] / modules / admin.php
diff --git a/modules/admin.php b/modules/admin.php
index 4dfeb8a..e1e2ceb 100644 (file)
--- a/modules/admin.php
+++ b/modules/admin.php
@@ -47,6 +47,7 @@ class AdminModule extends PLModule
             'admin/ipwatch'                => $this->make_hook('ipwatch',                AUTH_MDP, 'admin'),
             'admin/icons'                  => $this->make_hook('icons',                  AUTH_MDP, 'admin'),
             'admin/accounts'               => $this->make_hook('accounts',               AUTH_MDP, 'admin'),
+            'admin/account/watch'          => $this->make_hook('account_watch',          AUTH_MDP, 'admin'),
             'admin/account/types'          => $this->make_hook('account_types',          AUTH_MDP, 'admin'),
             'admin/jobs'                   => $this->make_hook('jobs',                   AUTH_MDP, 'admin'),
         );
@@ -381,7 +382,7 @@ class AdminModule extends PLModule
             $user = User::get($login);
         }
         if (empty($user)) {
-            return;
+            pl_redirect('admin/accounts');
         }
 
         $login = $user->login();
@@ -408,6 +409,15 @@ class AdminModule extends PLModule
             }
         }
 
+        // Handles account deletion.
+        if (Post::has('account_deletion_confirmation')) {
+            $uid = $user->id();
+            $name = $user->fullName();
+            $user->profile()->clear();
+            $user->clear(true);
+            $page->trigSuccess("L'utilisateur $name ($uid) a bien été supprimé.");
+        }
+
         // Account Form {{{
         $to_update = array();
         if (Post::has('disable_weak_access')) {
@@ -433,12 +443,12 @@ class AdminModule extends PLModule
                                  Post::s('sex'), $user->profile()->id());
                 }
             }
-            if (!Post::blank('hashpass')) {
-                $to_update['password'] = Post::s('hashpass');
+            if (!Post::blank('pwhash')) {
+                $to_update['password'] = Post::s('pwhash');
                 require_once 'googleapps.inc.php';
                 $account = new GoogleAppsAccount($user);
                 if ($account->active() && $account->sync_password) {
-                    $account->set_password(Post::s('hashpass'));
+                    $account->set_password(Post::s('pwhash'));
                 }
             }
             if (!Post::blank('weak_password')) {
@@ -486,7 +496,7 @@ class AdminModule extends PLModule
                 unset($oldValues[$k]);
             }
             XDB::execute('UPDATE  accounts
-                             SET  ' . implode(', ', $set) . ' 
+                             SET  ' . implode(', ', $set) . '
                            WHERE  uid = ' . XDB::format('{?}', $user->id()));
             $page->trigSuccess('Données du compte mise à jour avec succès');
             $user = User::getWithUID($user->id());
@@ -640,6 +650,7 @@ class AdminModule extends PLModule
 
         $page->addJsLink('jquery.ui.core.js');
         $page->addJsLink('jquery.ui.tabs.js');
+        $page->addJsLink('password.js');
 
         // Displays last login and last host information.
         $res = XDB::query("SELECT  start, host
@@ -949,15 +960,19 @@ class AdminModule extends PLModule
                                   WHERE  pd.promo = {?}', $promo);
             while (list($pid, $name, $death) = $res->next()) {
                 $val = Env::v('death_' . $pid);
-                if($val == $death || empty($val)) {
+                if ($val == $death) {
                     continue;
                 }
 
+                if (empty($val)) {
+                    $val = null;
+                }
                 XDB::execute('UPDATE  profiles
                                  SET  deathdate = {?}, deathdate_rec = NOW()
                                WHERE  pid = {?}', $val, $pid);
-                $page->trigSuccess('Ajout du décès de ' . $name . ' le ' . $val . '.');
-                if($death == '0000-00-00' || empty($death)) {
+
+                $page->trigSuccess('Édition du décès de ' . $name . ' (' . ($val ? $val : 'ressuscité') . ').');
+                if ($val && ($death == '0000-00-00' || empty($death))) {
                     $profile = Profile::get($pid);
                     $profile->clear();
                     $profile->owner()->clear(false);
@@ -970,7 +985,7 @@ class AdminModule extends PLModule
                           INNER JOIN  profile_display AS pd ON (p.pid = pd.pid)
                                WHERE  pd.promo = {?}
                             ORDER BY  pd.sort_name', $promo);
-        $page->assign('decedes', $res);
+        $page->assign('profileList', $res);
     }
 
     function handler_dead_but_active(&$page)
@@ -995,13 +1010,13 @@ class AdminModule extends PLModule
     {
         $page->changeTpl('admin/validation.tpl');
         $page->setTitle('Administration - Valider une demande');
-                $page->addCssLink('nl.css');
+        $page->addCssLink('nl.css');
         $page->addJsLink('ajax.js');
-        require_once("validations.inc.php");
-
 
-        if ($action == 'edit' and !is_null($id)) {
+        if ($action == 'edit' && !is_null($id)) {
             $page->assign('preview_id', $id);
+        } else {
+            $page->assign('preview_id', null);
         }
 
         if(Env::has('uid') && Env::has('type') && Env::has('stamp')) {
@@ -1045,7 +1060,7 @@ class AdminModule extends PLModule
         // where several copies of the site use the same DB, but not the same "dynamic configuration"
         global $globals;
         $globals->updateNbValid();
-        $page->assign('vit', new ValidateIterator());
+        $page->assign('vit', Validate::iterate());
     }
 
     function handler_validate_answers(&$page, $action = 'list', $id = null)
@@ -1126,7 +1141,42 @@ class AdminModule extends PLModule
         $table_editor->apply($page, $action, $id);
     }
 
-    function handler_account_types(&$page, $action = 'list', $id = null) 
+    function handler_accounts(PlPage $page)
+    {
+        $page->changeTpl('admin/accounts.tpl');
+        $page->setTitle('Administration - Comptes');
+        $page->addJsLink('password.js');
+
+        if (Post::has('create_account')) {
+            S::assert_xsrf_token();
+            $firstname = Post::t('firstname');
+            $lastname = strtoupper(Post::t('lastname'));
+            $sex = Post::b('sex') ? User::GENDER_FEMALE : User::GENDER_MALE;
+            $email = Post::t('email');
+            $type = Post::s('type');
+            $login = PlUser::makeHrid($firstname, $lastname, $type);
+            if (!isvalid_email($email)) {
+                $page->trigError("Invalid email address: $email");
+            } else if (strlen(Post::s('pwhash')) != 40) {
+                $page->trigError("Invalid password hash");
+            } else {
+                $full_name = $firstname . ' ' . $lastname;
+                $directory_name = $lastname . ' ' . $firstname;
+                XDB::execute("INSERT INTO  accounts (hruid, type, state, password,
+                                                     registration_date, email, full_name,
+                                                     display_name, sex, directory_name)
+                                   VALUES  ({?}, {?}, 'active', {?}, NOW(), {?}, {?}, {?}, {?}, {?})",
+                             $login, $type, Post::s('pwhash'), $email, $full_name, $full_name, $sex,
+                             $directory_name);
+            }
+        }
+
+        $uf = new UserFilter(new UFC_AccountType('ax', 'school', 'fx'));
+        $page->assign('users', $uf->iterUsers());
+
+    }
+
+    function handler_account_types(&$page, $action = 'list', $id = null)
     {
         $page->setTitle('Administration - Types de comptes');
         $page->assign('title', 'Gestion des types de comptes');
@@ -1140,7 +1190,7 @@ class AdminModule extends PLModule
     {
         if (S::hasAuthToken()) {
            $page->setRssLink('Changement Récents',
-                             '/Site/AllRecentChanges?action=rss&user=' . S::v('hruid') . '&hash=' . S::v('token'));
+                             '/Site/AllRecentChanges?action=rss&user=' . S::v('hruid') . '&hash=' . S::user()->token);
         }
 
         // update wiki perms
@@ -1329,7 +1379,7 @@ class AdminModule extends PLModule
         $page->assign('icons', $icons);
     }
 
-    function handler_accounts(&$page)
+    function handler_account_watch(&$page)
     {
         $page->changeTpl('admin/accounts.tpl');
         $page->assign('disabled', XDB::iterator('SELECT  a.hruid, FIND_IN_SET(\'watch\', a.flags) AS watch,
@@ -1348,9 +1398,9 @@ class AdminModule extends PLModule
         $page->changeTpl('admin/jobs.tpl');
 
         if (Env::has('search')) {
-            $res = XDB::query("SELECT  e.id, e.name, e.acronym
-                                 FROM  profile_job_enum AS e
-                                WHERE  e.name LIKE CONCAT('% ', {?}, '%') OR e.acronym LIKE CONCAT('% ', {?}, '%')",
+            $res = XDB::query("SELECT  id, name, acronym
+                                 FROM  profile_job_enum
+                                WHERE  name LIKE CONCAT('%', {?}, '%') OR acronym LIKE CONCAT('%', {?}, '%')",
                               Env::t('job'), Env::t('job'));
 
             if ($res->numRows() <= 20) {
@@ -1364,41 +1414,22 @@ class AdminModule extends PLModule
         }
 
         if (Env::has('edit')) {
-            // TODO: use address and phone classes to update profile_job_enum and profile_phones once they are done.
-
             S::assert_xsrf_token();
             $selectedJob = Env::has('selectedJob');
 
-            XDB::execute("DELETE FROM  profile_phones
-                                WHERE  pid = {?} AND link_type = 'hq'",
-                         $id);
-            XDB::execute("DELETE FROM  profile_addresses
-                                WHERE  jobid = {?} AND type = 'hq'",
-                         $id);
-            XDB::execute('DELETE FROM  profile_job_enum
-                                WHERE  id = {?}',
-                         $id);
-
+            Phone::deletePhones(0, Phone::LINK_COMPANY, $id);
+            Address::delete(null, Address::LINK_COMPANY, $id);
             if (Env::has('change')) {
                 XDB::execute('UPDATE  profile_job
                                  SET  jobid = {?}
                                WHERE  jobid = {?}',
                              Env::i('newJobId'), $id);
+                XDB::execute('DELETE FROM  profile_job_enum
+                                    WHERE  id = {?}',
+                             $id);
 
                 $page->trigSuccess("L'entreprise a bien été remplacée.");
             } else {
-                require_once 'profil.func.inc.php';
-                require_once 'geocoding.inc.php';
-
-                $display_tel = format_display_number(Env::v('tel'), $error_tel);
-                $display_fax = format_display_number(Env::v('fax'), $error_fax);
-                $gmapsGeocoder = new GMapsGeocoder();
-                $address = array('text' => Env::t('address'));
-                $address = $gmapsGeocoder->getGeocodedAddress($address);
-                Geocoder::getAreaId($address, 'administrativeArea');
-                Geocoder::getAreaId($address, 'subAdministrativeArea');
-                Geocoder::getAreaId($address, 'locality');
-
                 XDB::execute('UPDATE  profile_job_enum
                                  SET  name = {?}, acronym = {?}, url = {?}, email = {?},
                                       NAF_code = {?}, AX_code = {?}, holdingid = {?}
@@ -1406,26 +1437,14 @@ class AdminModule extends PLModule
                              Env::t('name'), Env::t('acronym'), Env::t('url'), Env::t('email'),
                              Env::t('NAF_code'), Env::i('AX_code'), Env::i('holdingId'), $id);
 
-                XDB::execute("INSERT INTO  profile_phones (pid, link_type, link_id, tel_id, tel_type,
-                                           search_tel, display_tel, pub)
-                                   VALUES  ({?}, 'hq', 0, 0, 'fixed', {?}, {?}, 'public'),
-                                           ({?}, 'hq', 0, 1, 'fax', {?}, {?}, 'public')",
-                             $id, format_phone_number(Env::v('tel')), $display_tel,
-                             $id, format_phone_number(Env::v('fax')), $display_fax);
-
-                XDB::execute("INSERT INTO  profile_addresses (jobid, type, id, accuracy,
-                                                              text, postalText, postalCode, localityId,
-                                                              subAdministrativeAreaId, administrativeAreaId,
-                                                              countryId, latitude, longitude, updateTime,
-                                                              north, south, east, west)
-                                   VALUES  ({?}, 'hq', 0, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?},
-                                            {?}, {?}, FROM_UNIXTIME({?}), {?}, {?}, {?}, {?})",
-                             $id, $address['accuracy'], $address['text'], $address['postalText'],
-                             $address['postalCode'], $address['localityId'],
-                             $address['subAdministrativeAreaId'], $address['administrativeAreaId'],
-                             $address['countryId'], $address['latitude'], $address['longitude'],
-                             $address['updateTime'], $address['north'], $address['south'],
-                             $address['east'], $address['west']);
+                $phone = new Phone(array('display' => Env::v('tel'), 'link_id' => $id, 'id' => 0, 'type' => 'fixed',
+                                         'link_type' => Phone::LINK_COMPANY, 'pub' => 'public'));
+                $fax = new Phone(array('display' => Env::v('fax'), 'link_id' => $id, 'id' => 1, 'type' => 'fax',
+                                         'link_type' => Phone::LINK_COMPANY, 'pub' => 'public'));
+                $address = new Address(array('jobid' => $jobid, 'type' => Address::LINK_COMPANY, 'text' => Env::t('address')));
+                $phone->save();
+                $fax->save();
+                $address->save();
 
                 $page->trigSuccess("L'entreprise a bien été mise à jour.");
             }
plat/al