function handlers()
{
return array(
- 'carnet' => $this->make_hook('index', AUTH_COOKIE),
- 'carnet/panel' => $this->make_hook('panel', AUTH_COOKIE),
- 'carnet/notifs' => $this->make_hook('notifs', AUTH_COOKIE),
-
- 'carnet/contacts' => $this->make_hook('contacts', AUTH_COOKIE),
- 'carnet/contacts/pdf' => $this->make_hook('pdf', AUTH_COOKIE),
- 'carnet/contacts/vcard' => $this->make_hook('vcard', AUTH_COOKIE),
- 'carnet/contacts/ical' => $this->make_hook('ical', AUTH_PUBLIC, 'user', NO_HTTPS),
- 'carnet/contacts/csv' => $this->make_hook('csv', AUTH_PUBLIC, 'user', NO_HTTPS),
- 'carnet/contacts/csv/birthday' => $this->make_hook('csv_birthday', AUTH_PUBLIC, 'user', NO_HTTPS),
-
- 'carnet/rss' => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS),
+ 'carnet' => $this->make_hook('index', AUTH_COOKIE, 'directory_private'),
+ 'carnet/panel' => $this->make_hook('panel', AUTH_COOKIE, 'directory_private'),
+ 'carnet/notifs' => $this->make_hook('notifs', AUTH_COOKIE, 'directory_private'),
+
+ 'carnet/contacts' => $this->make_hook('contacts', AUTH_COOKIE, 'directory_private'),
+ 'carnet/contacts/pdf' => $this->make_hook('pdf', AUTH_COOKIE, 'directory_private'),
+ 'carnet/contacts/vcard' => $this->make_hook('vcard', AUTH_COOKIE, 'directory_private'),
+ 'carnet/contacts/ical' => $this->make_hook('ical', AUTH_PUBLIC, 'directory_private', NO_HTTPS),
+ 'carnet/contacts/csv' => $this->make_hook('csv', AUTH_PUBLIC, 'directory_private', NO_HTTPS),
+ 'carnet/contacts/csv/birthday' => $this->make_hook('csv_birthday', AUTH_PUBLIC, 'directory_private', NO_HTTPS),
+
+ 'carnet/rss' => $this->make_hook('rss', AUTH_PUBLIC, 'directory_private', NO_HTTPS),
);
}
return;
}
$page->setRssLink('Polytechnique.org :: Carnet',
- '/carnet/rss/'.S::v('hruid').'/'.S::v('token').'/rss.xml');
+ '/carnet/rss/' . S::v('hruid') . '/' . S::user()->token . '/rss.xml');
}
function handler_index(&$page)
SET last = FROM_UNIXTIME({?})
WHERE uid = {?}',
Get::i('read'), S::i('uid'));
- S::set('watch_last', Get::i('read'));
+ S::user()->invalidWatchCache();
Platal::session()->updateNbNotifs();
pl_redirect('carnet/panel');
}
}
XDB::execute('INSERT IGNORE INTO watch_promo (uid, promo)
VALUES ' . implode(', ', $to_add));
+ S::user()->invalidWatchCache();
+ Platal::session()->updateNbNotifs();
}
private function delPromo(PlPage &$page, $promo)
XDB::execute('DELETE FROM watch_promo
WHERE ' . XDB::format('uid = {?}', S::i('uid')) . '
AND promo IN (' . implode(', ', $to_delete) . ')');
+ S::user()->invalidWatchCache();
+ Platal::session()->updateNbNotifs();
}
public function addNonRegistered(PlPage &$page, PlUser &$user)
{
XDB::execute('INSERT IGNORE INTO watch_nonins (uid, ni_id)
VALUES ({?}, {?})', S::i('uid'), $user->id());
+ S::user()->invalidWatchCache();
+ Platal::session()->updateNbNotifs();
}
public function delNonRegistered(PlPage &$page, PlUser &$user)
XDB::execute('DELETE FROM watch_nonins
WHERE uid = {?} AND ni_id = {?}',
S::i('uid'), $user->id());
+ S::user()->invalidWatchCache();
+ Platal::session()->updateNbNotifs();
}
public function handler_notifs(&$page, $action = null, $arg = null)
XDB::execute('UPDATE watch
SET actions = {?}
WHERE uid = {?}', $flags, S::i('uid'));
+ S::user()->invalidWatchCache();
+ Platal::session()->updateNbNotifs();
}
if (Env::has('flags_contacts')) {
XDB::execute('UPDATE watch
SET ' . XDB::changeFlag('flags', 'contacts', Env::b('contacts')) . '
WHERE uid = {?}', S::i('uid'));
+ S::user()->invalidWatchCache();
+ Platal::session()->updateNbNotifs();
}
if (Env::has('flags_mail')) {
XDB::execute('UPDATE watch
SET ' . XDB::changeFlag('flags', 'mail', Env::b('mail')) . '
WHERE uid = {?}', S::i('uid'));
+ S::user()->invalidWatchCache();
+ Platal::session()->updateNbNotifs();
}
$user = S::user();
// For XSRF protection, checks both the normal xsrf token, and the special RSS token.
// It allows direct linking to contact adding in the RSS feed.
- if (Env::v('action') && Env::v('token') !== S::v('token')) {
+ if (Env::v('action') && Env::v('token') !== S::user()->token) {
S::assert_xsrf_token();
}
switch (Env::v('action')) {
case 'ajouter':
if (($contact = User::get(Env::v('user')))) {
- if (XDB::execute("REPLACE INTO contacts (uid, contact)
- VALUES ({?}, {?})",
- $uid, $contact->id())) {
+ XDB::execute('INSERT IGNORE INTO contacts (uid, contact)
+ VALUES ({?}, {?})',
+ $uid, $contact->id());
+ if (XDB::affectedRows() > 0) {
Platal::session()->updateNbNotifs();
$page->trigSuccess('Contact ajouté !');
} else {
}
if ($search && trim(Env::v('quick'))) {
$base = 'carnet/contacts/search';
- $view = new SearchSet(true, false, new UFC_Contact($user));
+ $view = new QuickSearchSet(new UFC_Contact($user));
} else {
$base = 'carnet/contacts';
$view = new ProfileSet(new UFC_Contact($user));
$user = Platal::session()->tokenAuth($alias, $hash);
if (is_null($user)) {
if (S::logged()) {
- $user == S::user();
+ $user = S::user();
} else {
return PL_FORBIDDEN;
}
$user = Platal::session()->tokenAuth($alias, $hash);
if (is_null($user)) {
if (S::logged()) {
- $user == S::user();
+ $user = S::user();
} else {
return PL_FORBIDDEN;
}
$user = Platal::session()->tokenAuth($alias, $hash);
if (is_null($user)) {
if (S::logged()) {
- $user == S::user();
+ $user = S::user();
} else {
return PL_FORBIDDEN;
}
projects / platal.git / blobdiff