<?php
/***************************************************************************
- * Copyright (C) 2003-2007 Polytechnique.org *
+ * Copyright (C) 2003-2010 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
function handlers()
{
return array(
- 'ax' => $this->make_hook('index', AUTH_COOKIE),
+ 'ax' => $this->make_hook('index', AUTH_COOKIE),
'ax/out' => $this->make_hook('out', AUTH_PUBLIC),
'ax/show' => $this->make_hook('show', AUTH_COOKIE),
'ax/edit' => $this->make_hook('submit', AUTH_MDP),
'ax/edit/cancel' => $this->make_hook('cancel', AUTH_MDP),
'ax/edit/valid' => $this->make_hook('valid', AUTH_MDP),
- 'admin/axletter' => $this->make_hook('admin', AUTH_MDP, 'admin'),
+ 'admin/axletter' => $this->make_hook('admin', AUTH_MDP, 'admin'),
);
}
- function handler_out(&$page, $hash)
+ function handler_out(&$page, $hash = null)
{
if (!$hash) {
if (!S::logged()) {
return $this->handler_index($page, 'out');
}
}
- require_once dirname(__FILE__) . '/axletter/axletter.inc.php';
+ $this->load('axletter.inc.php');
$page->changeTpl('axletter/unsubscribe.tpl');
$page->assign('success', AXLetter::unsubscribe($hash, true));
}
function handler_index(&$page, $action = null)
{
- require_once dirname(__FILE__) . '/axletter/axletter.inc.php';
+ $this->load('axletter.inc.php');
$page->changeTpl('axletter/index.tpl');
- $page->assign('xorg_title','Polytechnique.org - Envois de l\'AX');
+ $page->setTitle('Envois de l\'AX');
switch ($action) {
case 'in': AXLetter::subscribe(); break;
$perm = AXLetter::hasPerms();
if ($perm) {
+ $res = XDB::query("SELECT * FROM axletter_ins");
+ $page->assign('count', $res->numRows());
$page->assign('new', AXLetter::awaiting());
}
$page->assign('axs', AXLetter::subscriptionState());
function handler_submit(&$page, $action = null)
{
- require_once dirname(__FILE__) . '/axletter/axletter.inc.php';
+ $this->load('axletter.inc.php');
if (!AXLetter::hasPerms()) {
return PL_FORBIDDEN;
}
$page->changeTpl('axletter/edit.tpl');
- $saved = Post::i('saved');
- $new = false;
- $id = Post::i('id');
- $shortname = trim(Post::v('shortname'));
- $subject = trim(Post::v('subject'));
- $title = trim(Post::v('title'));
- $body = rtrim(Post::v('body'));
- $signature = trim(Post::v('signature'));
- $promo_min = Post::i('promo_min');
- $promo_max = Post::i('promo_max');
- $echeance = Post::has('echeance_date') ? Post::v('echeance_date') . ' ' . Post::v('echeance_time')
- : Post::v('echeance');
+ $saved = Post::i('saved');
+ $new = false;
+ $id = Post::i('id');
+ $short_name = trim(Post::v('short_name'));
+ $subject = trim(Post::v('subject'));
+ $title = trim(Post::v('title'));
+ $body = rtrim(Post::v('body'));
+ $signature = trim(Post::v('signature'));
+ $promo_min = Post::i('promo_min');
+ $promo_max = Post::i('promo_max');
+ $subset_to = preg_split("/[ ,;\:\n\r]+/", Post::v('subset_to'), -1, PREG_SPLIT_NO_EMPTY);
+ $subset = (count($subset_to) > 0);
+ $subset_rm = Post::b('subset_rm');
+ $echeance = Post::has('echeance_date') ?
+ preg_replace('/^(\d\d\d\d)(\d\d)(\d\d)$/', '\1-\2-\3', Post::v('echeance_date')) . ' ' . Post::v('echeance_time')
+ : Post::v('echeance');
$echeance_date = Post::v('echeance_date');
$echeance_time = Post::v('echeance_time');
$res = XDB::query("SELECT * FROM axletter WHERE FIND_IN_SET('new', bits)");
if ($res->numRows()) {
extract($res->fetchOneAssoc(), EXTR_OVERWRITE);
+ $subset_to = ($subset ? explode("\n", $subset) : array());
+ $subset = (count($subset_to) > 0);
$saved = true;
} else {
XDB::execute("INSERT INTO axletter SET id = NULL");
$new = true;
}
} elseif (Post::has('valid')) {
+ S::assert_xsrf_token();
+
if (!$subject && $title) {
$subject = $title;
}
$title = $subject;
}
if (!$subject || !$title || !$body) {
- $page->trig("L'article doit avoir un sujet et un contenu");
+ $page->trigError("L'article doit avoir un sujet et un contenu");
Post::kill('valid');
}
if (($promo_min > $promo_max && $promo_max != 0)||
($promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020)) ||
($promo_max != 0 && ($promo_max <= 1900 || $promo_max >= 2020)))
{
- $page->trig("L'intervalle de promotions n'est pas valide");
+ $page->trigError("L'intervalle de promotions n'est pas valide");
Post::kill('valid');
}
- if (empty($shortname)) {
- $page->trig("L'annonce doit avoir un nom raccourci pour simplifier la navigation dans les archives");
+ if (empty($short_name)) {
+ $page->trigError("L'annonce doit avoir un nom raccourci pour simplifier la navigation dans les archives");
Post::kill('valid');
- } elseif (!preg_match('/^[a-z][-a-z0-9]*[a-z0-9]$/', $shortname)) {
- $page->trig("Le nom raccourci n'est pas valide, il doit comporter au moins 2 caractères et n'être composé "
+ } elseif (!preg_match('/^[a-z][-a-z0-9]*[a-z0-9]$/', $short_name)) {
+ $page->trigError("Le nom raccourci n'est pas valide, il doit comporter au moins 2 caractères et n'être composé "
. "que de chiffres, lettres et tirets");
Post::kill('valid');
- } elseif ($shortname != Post::v('old_shortname')) {
- $res = XDB::query("SELECT id FROM axletter WHERE shortname = {?}", $shortname);
+ } elseif ($short_name != Post::v('old_short_name')) {
+ $res = XDB::query("SELECT id FROM axletter WHERE short_name = {?}", $short_name);
if ($res->numRows() && $res->fetchOneCell() != $id) {
- $page->trig("Le nom $shortname est déjà utilisé, merci d'en choisir un autre");
- $shortname = Post::v('old_shortname');
- if (empty($shortname)) {
+ $page->trigError("Le nom $short_name est déjà utilisé, merci d'en choisir un autre");
+ $short_name = Post::v('old_short_name');
+ if (empty($short_name)) {
Post::kill('valid');
}
}
}
switch (@Post::v('valid')) {
- case 'Aperçu':
- require_once dirname(__FILE__) . '/axletter/axletter.inc.php';
- $al = new AXLetter(array($id, $shortname, $subject, $title, $body, $signature,
- $promo_min, $promo_max, $echeance, 0, 'new'));
- $al->toHtml($page, S::v('prenom'), S::v('nom'), S::v('femme'));
+ case 'Vérifier les emails':
+ // Same as 'preview', but performs a test of all provided emails
+ if ($subset) {
+ require_once 'emails.inc.php';
+ $ids = ids_from_mails($subset_to);
+ $nb_error = 0;
+ foreach ($subset_to as $e) {
+ if (!array_key_exists($e, $ids)) {
+ if ($nb_error == 0) {
+ $page->trigError("Emails inconnus :");
+ }
+ $nb_error++;
+ $page->trigError($e);
+ }
+ }
+ if ($nb_error == 0) {
+ if (count($subset_to) == 1) {
+ $page->trigSuccess("L'email soumis a été reconnu avec succès.");
+ } else {
+ $page->trigSuccess("Les " . count($subset_to) . " emails soumis ont été reconnus avec succès.");
+ }
+ } else {
+ $page->trigError("Total : $nb_error erreur" . ($nb_error > 1 ? "s" : "") . " sur " . count($subset_to) . " adresses mail soumises.");
+ }
+ $page->trigSuccess("Les adresses soumises correspondent à un total de " . count(array_unique($ids)) . " camarades.");
+ }
+ // No break here, since Vérifier is a subcase of Aperçu.
+ case 'Aperçu':
+ $this->load('axletter.inc.php');
+ $al = new AXLetter(array($id, $short_name, $subject, $title, $body, $signature,
+ $promo_min, $promo_max, $subset, $subset_rm, $echeance, 0, 'new'));
+ $al->toHtml($page, S::user());
break;
case 'Confirmer':
XDB::execute("REPLACE INTO axletter
- SET id = {?}, shortname = {?}, subject = {?}, title = {?}, body = {?},
- signature = {?}, promo_min = {?}, promo_max = {?}, echeance = {?}",
- $id, $shortname, $subject, $title, $body, $signature, $promo_min, $promo_max, $echeance);
+ SET id = {?}, short_name = {?}, subject = {?}, title = {?}, body = {?},
+ signature = {?}, promo_min = {?}, promo_max = {?}, echeance = {?}, subset = {?}, subset_rm = {?}",
+ $id, $short_name, $subject, $title, $body, $signature, $promo_min, $promo_max, $echeance, $subset ? implode("\n", $subset_to) : null, $subset_rm);
+ if (!$saved) {
+ global $globals;
+ $mailer = new PlMailer();
+ $mailer->setFrom("support@" . $globals->mail->domain);
+ $mailer->setSubject("Un nouveau projet d'email de l'AX vient d'être proposé");
+ $mailer->setTxtBody("Un nouvel email vient d'être rédigé en prévision d'un envoi prochain. Vous pouvez "
+ . "le modifier jusqu'à ce qu'il soit verrouillé pour l'envoi\n\n"
+ . "Le sujet de l'email : $subject\n"
+ . "L'échéance d'envoi est fixée à $echeance.\n"
+ . "L'email pourra néanmoins partir avant cette échéance si un administrateur de "
+ . "Polytechnique.org le valide.\n\n"
+ . "Pour modifier, valider ou annuler l'email :\n"
+ . "https://www.polytechnique.org/ax/edit\n"
+ . "-- \n"
+ . "Association Polytechnique.org\n");
+ $users = User::getBulkUsersWithUIDs(XDB::fetchColumn('SELECT uid
+ FROM axletter_rights'));
+ foreach ($users as $user) {
+ $mailer->addTo($user);
+ }
+ $mailer->send();
+ }
$saved = true;
$echeance_date = null;
$echeance_time = null;
}
}
$page->assign('id', $id);
- $page->assign('shortname', $shortname);
+ $page->assign('short_name', $short_name);
$page->assign('subject', $subject);
$page->assign('title', $title);
$page->assign('body', $body);
$page->assign('signature', $signature);
$page->assign('promo_min', $promo_min);
$page->assign('promo_max', $promo_max);
+ $page->assign('subset_to', implode("\n", $subset_to));
+ $page->assign('subset', $subset);
+ $page->assign('subset_rm', $subset_rm);
$page->assign('echeance', $echeance);
$page->assign('echeance_date', $echeance_date);
$page->assign('echeance_time', $echeance_time);
$page->assign('saved', $saved);
$page->assign('new', $new);
- $page->assign('is_xorg', S::has_perms());
+ $page->assign('is_xorg', S::admin());
if (!$saved) {
$select = '';
- $time = time() + 3600 * 24 * 2;
- for ($i = 0 ; $i < 15 ; $i++) {
- $time += 3600 * 24;
- $p_stamp = date('Ymd', $time);
- $year = date('Y', $time);
- $month = date('m', $time);
- $day = date('d', $time);
-
- if ($p_stamp == $echeance_date) {
- $sel = ' selected="selected"';
- } else {
- $sel = '';
- }
- $select .= "<option value=\"$p_stamp\"$sel> $day / $month / $year</option>\n";
- }
- $page->assign('echeance_date', $select);
- $select = '';
for ($i = 0 ; $i < 24 ; $i++) {
$stamp = sprintf('%02d:00:00', $i);
if ($stamp == $echeance_time) {
$select .= "<option value=\"$stamp\"$sel>{$i}h</option>\n";
}
$page->assign('echeance_time', $select);
- }
+ }
}
function handler_cancel(&$page, $force = null)
{
- require_once dirname(__FILE__) . '/axletter/axletter.inc.php';
- if (!AXLetter::hasPerms()) {
- return PL_FORBIDDEN;
- }
-
- $url = parse_url($_SERVER['HTTP_REFERER']);
- if ($force != 'force' && trim($url['path'], '/') != 'ax/edit') {
+ $this->load('axletter.inc.php');
+ if (!AXLetter::hasPerms() || !S::has_xsrf_token()) {
return PL_FORBIDDEN;
}
$al = AXLetter::awaiting();
- if (!$alg) {
+ if (!$al) {
$page->kill("Aucune lettre en attente");
return;
}
return;
}
- $page->kill("L'envoi de l'annonce {$al->title()} est annulé");
+ $page->killSuccess("L'envoi de l'annonce {$al->title()} est annulé.");
}
function handler_valid(&$page, $force = null)
{
- require_once dirname(__FILE__) . '/axletter/axletter.inc.php';
- if (!AXLetter::hasPerms()) {
- return PL_FORBIDDEN;
- }
-
- $url = parse_url($_SERVER['HTTP_REFERER']);
- if ($force != 'force' && trim($url['path'], '/') != 'ax/edit') {
+ $this->load('axletter.inc.php');
+ if (!AXLetter::hasPerms() || !S::has_xsrf_token()) {
return PL_FORBIDDEN;
}
return;
}
- $page->kill("L'envoi de l'annonce aura lieu dans l'heure qui vient.");
+ $page->killSuccess("L'envoi de l'annonce aura lieu dans l'heure qui vient.");
}
function handler_show(&$page, $nid = 'last')
{
- require_once dirname(__FILE__) . '/axletter/axletter.inc.php';
+ $this->load('axletter.inc.php');
$page->changeTpl('axletter/show.tpl');
- $nl = new AXLetter($nid);
- if (Get::has('text')) {
- $nl->toText($page, S::v('prenom'), S::v('nom'), S::v('femme'));
- } else {
- $nl->toHtml($page, S::v('prenom'), S::v('nom'), S::v('femme'));
- }
- if (Post::has('send')) {
- $nl->sendTo(S::v('prenom'), S::v('nom'),
- S::v('bestalias'), S::v('femme'),
- S::v('mail_fmt') != 'texte');
+ try {
+ $nl = new AXLetter($nid);
+ $user =& S::user();
+ if (Get::has('text')) {
+ $nl->toText($page, $user);
+ } else {
+ $nl->toHtml($page, $user);
+ }
+ if (Post::has('send')) {
+ $nl->sendTo($user);
+ }
+ } catch (MailNotFound $e) {
+ return PL_NOT_FOUND;
}
}
function handler_admin(&$page, $action = null, $uid = null)
{
- require_once dirname(__FILE__) . '/axletter/axletter.inc.php';
+ $this->load('axletter.inc.php');
if (Post::has('action')) {
$action = Post::v('action');
$uid = Post::v('uid');
}
if ($uid) {
+ S::assert_xsrf_token();
+
$uids = preg_split('/ *[,;\: ] */', $uid);
foreach ($uids as $uid) {
switch ($action) {
break;
}
if (!$res) {
- $page->trig("Personne ne oorrespond à l'identifiant '$uid'");
+ $page->trigError("Personne ne correspond à l'identifiant '$uid'");
}
}
}
$page->changeTpl('axletter/admin.tpl');
- $res = XDB::iterator("SELECT IF(u.nom_usage != '', u.nom_usage, u.nom) AS nom,
- u.prenom, u.promo, a.alias AS forlife
- FROM axletter_rights AS ar
- INNER JOIN auth_user_md5 AS u USING(user_id)
- INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type = 'a_vie')");
- $page->assign('admins', $res);
-
+ $page->assign('admins', User::getBulkUsersWithUIDs(XDB::fetchColumn('SELECT uid
+ FROM axletter_rights')));
+
$importer = new CSVImporter('axletter_ins');
- $importer->registerFunction('user_id', 'email vers Id X.org', array($this, 'idFromMail'));
+ $importer->registerFunction('uid', 'email vers Id X.org', array($this, 'idFromMail'));
$importer->forceValue('hash', array($this, 'createHash'));
- $importer->apply($page, "admin/axletter", array('user_id', 'email', 'prenom', 'nom', 'promo', 'hash'));
+ $importer->apply($page, "admin/axletter", array('uid', 'email', 'prenom', 'nom', 'promo', 'flag', 'hash'));
}
- function idFromMail($line, $key)
+ function idFromMail($line, $key, $relation = null)
{
static $field;
+ global $globals;
if (!isset($field)) {
$field = array('email', 'mail', 'login', 'bestalias', 'forlife', 'flag');
foreach ($field as $fld) {
}
}
}
- $email = $line[$field];
- if (strpos($email, '@') === false) {
- $user = $email;
- } else {
- global $globals;
- list($user, $domain) = explode('@', $email);
- if ($domain != $globals->mail->domain && $domain != $globals->mail->domain2
- && $domain != $globals->mail->alias_dom && $domain != $globals->mail->alias_dom2) {
- return '0';
- }
- if ($domain == $globals->mail->alias_dom || $domain == $globals->mail->alias_dom2) {
- $res = XDB::query("SELECT a.id
- FROM virtual AS v
- INNER JOIN virtual_redirect AS r USING(vid)
- INNER JOIN aliases AS a ON (a.type = 'a_vie'
- AND r.redirect = CONCAT(a.alias, '@{$globals->mail->domain2}')
- WHERE v.alias = CONCAT({?}, '@{$globals->mail->alias_dom}')", $user);
- $id = $res->fetchOneCell();
- return $id ? $id : '0';
- }
- }
- $res = XDB::query("SELECT id FROM aliases WHERE alias = {?}", $user);
- $id = $res->fetchOneCell();
- return $id ? $id : '0';
+ $uf = new UserFilter(new UFC_Email($line[$field]));
+ $id = $uf->getUIDs();
+ return count($id) == 1 ? $id[0] : 0;
}
- function createHash($line, $key)
+ function createHash($line, $key, $relation)
{
- $hash = implode(time(), $line);
+ $hash = implode(time(), $line) . rand();
$hash = md5($hash);
return $hash;
}
}
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
?>
projects / platal.git / blobdiff