<?php
/***************************************************************************
- * Copyright (C) 2003-2008 Polytechnique.org *
+ * Copyright (C) 2003-2010 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
function handlers()
{
return array(
- 'emails' => $this->make_hook('emails', AUTH_COOKIE),
- 'emails/alias' => $this->make_hook('alias', AUTH_MDP),
- 'emails/antispam' => $this->make_hook('antispam', AUTH_MDP),
- 'emails/broken' => $this->make_hook('broken', AUTH_COOKIE),
- 'emails/redirect' => $this->make_hook('redirect', AUTH_MDP),
- 'emails/send' => $this->make_hook('send', AUTH_MDP),
- 'emails/antispam/submit' => $this->make_hook('submit', AUTH_COOKIE),
- 'emails/test' => $this->make_hook('test', AUTH_COOKIE, 'user', NO_AUTH),
-
- 'admin/emails/duplicated' => $this->make_hook('duplicated', AUTH_MDP, 'admin'),
- 'admin/emails/watch' => $this->make_hook('duplicated', AUTH_MDP, 'admin'),
- 'admin/emails/lost' => $this->make_hook('lost', AUTH_MDP, 'admin'),
+ 'emails' => $this->make_hook('emails', AUTH_COOKIE),
+ 'emails/alias' => $this->make_hook('alias', AUTH_MDP),
+ 'emails/antispam' => $this->make_hook('antispam', AUTH_MDP),
+ 'emails/broken' => $this->make_hook('broken', AUTH_COOKIE),
+ 'emails/redirect' => $this->make_hook('redirect', AUTH_MDP),
+ 'emails/send' => $this->make_hook('send', AUTH_MDP),
+ 'emails/antispam/submit' => $this->make_hook('submit', AUTH_COOKIE),
+ 'emails/test' => $this->make_hook('test', AUTH_COOKIE, 'user', NO_AUTH),
+
+ 'emails/rewrite/in' => $this->make_hook('rewrite_in', AUTH_PUBLIC),
+ 'emails/rewrite/out' => $this->make_hook('rewrite_out', AUTH_PUBLIC),
+
+ 'emails/imap/in' => $this->make_hook('imap_in', AUTH_PUBLIC),
+
+ 'admin/emails/duplicated' => $this->make_hook('duplicated', AUTH_MDP, 'admin'),
+ 'admin/emails/watch' => $this->make_hook('duplicated', AUTH_MDP, 'admin'),
+ 'admin/emails/lost' => $this->make_hook('lost', AUTH_MDP, 'admin'),
+ 'admin/emails/broken' => $this->make_hook('broken_addr', AUTH_MDP, 'admin'),
);
}
function handler_emails(&$page, $action = null, $email = null)
{
global $globals;
+ require_once 'emails.inc.php';
$page->changeTpl('emails/index.tpl');
- $page->assign('xorg_title','Polytechnique.org - Mes emails');
+ $page->setTitle('Mes emails');
- $uid = S::v('uid');
+ $user = S::user();
+ // Apply the bestalias change request.
if ($action == 'best' && $email) {
- // bestalias is the first bit : 1
- // there will be maximum 8 bits in flags : 255
- XDB::execute("UPDATE aliases SET flags=flags & (255 - 1) WHERE id={?}", $uid);
- XDB::execute("UPDATE aliases SET flags=flags | 1 WHERE id={?} AND alias={?}",
- $uid, $email);
+ if (!S::has_xsrf_token()) {
+ return PL_FORBIDDEN;
+ }
+
+ XDB::execute("UPDATE aliases
+ SET flags = TRIM(BOTH ',' FROM REPLACE(CONCAT(',', flags, ','), ',bestalias,', ','))
+ WHERE uid = {?}", $user->id());
+ XDB::execute("UPDATE aliases
+ SET flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'bestalias')
+ WHERE uid = {?} AND alias = {?}", $user->id(), $email);
+
+ // As having a non-null bestalias value is critical in
+ // plat/al's code, we do an a posteriori check on the
+ // validity of the bestalias.
+ fix_bestalias($user);
}
- // on regarde si on a affaire à un homonyme
+ // Fetch and display aliases.
$sql = "SELECT alias, (type='a_vie') AS a_vie,
(alias REGEXP '\\\\.[0-9]{2}$') AS cent_ans,
FIND_IN_SET('bestalias',flags) AS best, expire
FROM aliases
- WHERE id = {?} AND type!='homonyme'
+ WHERE uid = {?} AND type!='homonyme'
ORDER BY LENGTH(alias)";
- $page->assign('aliases', XDB::iterator($sql, $uid));
-
- $homonyme = XDB::query("SELECT alias FROM aliases INNER JOIN homonymes ON (id = homonyme_id) WHERE user_id = {?} AND type = 'homonyme'", $uid);
- $page->assign('homonyme', $homonyme->fetchOneCell());
-
- // Affichage des redirections de l'utilisateur.
- $sql = "SELECT email
- FROM emails
- WHERE uid = {?} AND FIND_IN_SET('active', flags)";
- $page->assign('mails', XDB::iterator($sql, $uid));
-
- // Affichage des backends actifs de stockage des emails.
- $sql = "SELECT mail_storage
- FROM auth_user_md5
- WHERE user_id = {?}";
- $storages = XDB::query($sql, $uid)->fetchOneCell();
- $page->assign('storage', explode(',', $storages));
-
- // on regarde si l'utilisateur a un alias et si oui on l'affiche !
- $forlife = S::v('forlife');
+ $page->assign('aliases', XDB::iterator($sql, $user->id()));
+
+ // Check for homonyms.
+ $page->assign('homonyme', $user->homonyme);
+
+ // Display active redirections.
+ $redirect = new Redirect($user);
+ $page->assign('mails', $redirect->active_emails());
+
+ // Display, when available, the @alias_dom email alias.
$res = XDB::query(
"SELECT alias
FROM virtual AS v
INNER JOIN virtual_redirect AS vr USING(vid)
WHERE (redirect={?} OR redirect={?})
AND alias LIKE '%@{$globals->mail->alias_dom}'",
- $forlife.'@'.$globals->mail->domain, $forlife.'@'.$globals->mail->domain2);
+ $user->forlifeEmail(),
+ // TODO: remove this über-ugly hack. The issue is that you need
+ // to remove all @m4x.org addresses in virtual_redirect first.
+ $user->login() . '@' . $globals->mail->domain2);
$page->assign('melix', $res->fetchOneCell());
}
global $globals;
$page->changeTpl('emails/alias.tpl');
- $page->assign('xorg_title','Polytechnique.org - Alias melix.net');
-
- $uid = S::v('uid');
- $forlife = S::v('forlife');
+ $page->setTitle('Alias melix.net');
- $page->assign('demande', AliasReq::get_request($uid));
+ $user = S::user();
+ $page->assign('demande', AliasReq::get_request($user->id()));
+ // Remove the email alias.
if ($action == 'delete' && $value) {
- //Suppression d'un alias
+ S::assert_xsrf_token();
+
XDB::execute(
- 'DELETE virtual, virtual_redirect
- FROM virtual
- INNER JOIN virtual_redirect USING (vid)
- WHERE alias = {?} AND (redirect = {?} OR redirect = {?})', $value,
- $forlife.'@'.$globals->mail->domain, $forlife.'@'.$globals->mail->domain2);
+ "DELETE virtual, virtual_redirect
+ FROM virtual
+ INNER JOIN virtual_redirect USING (vid)
+ WHERE alias = {?} AND (redirect = {?} OR redirect = {?})",
+ $value, $user->forlifeEmail(), $user->m4xForlifeEmail());
}
- //Récupération des alias éventuellement existants
- $res = XDB::query(
- "SELECT alias, emails_alias_pub
- FROM auth_user_quick, virtual
- INNER JOIN virtual_redirect USING(vid)
- WHERE ( redirect={?} OR redirect= {?} )
- AND alias LIKE '%@{$globals->mail->alias_dom}' AND user_id = {?}",
- $forlife.'@'.$globals->mail->domain,
- $forlife.'@'.$globals->mail->domain2, S::v('uid'));
- list($alias, $visibility) = $res->fetchOneRow();
+ // Fetch existing @alias_dom aliases.
+ $alias = $user->emailAlias();
+ $visibility = $user->hasProfile() && $user->profile()->alias_pub;
$page->assign('actuel', $alias);
+ $page->assign('user', $user);
+ $page->assign('mail_public', $visibility);
- if ($action == 'ask' && Env::has('alias') and Env::has('raison')) {
- //Si l'utilisateur vient de faire une damande
+ if ($action == 'ask' && Env::has('alias') && Env::has('raison')) {
+ S::assert_xsrf_token();
+ //Si l'utilisateur vient de faire une damande
$alias = Env::v('alias');
$raison = Env::v('raison');
- $public = (Env::v('public', 'off') == 'on')?"public":"private";
+ $public = (Env::v('public', 'off') == 'on') ? 'public' : 'private';
$page->assign('r_alias', $alias);
$page->assign('r_raison', $raison);
}
//Quelques vérifications sur l'alias (caractères spéciaux)
- if (!preg_match( "/^[a-zA-Z0-9\-.]{3,20}$/", $alias)) {
- $page->trig("L'adresse demandée n'est pas valide.
- Vérifie qu'elle comporte entre 3 et 20 caractères
- et qu'elle ne contient que des lettres non accentuées,
- des chiffres ou les caractères - et .");
+ if (!preg_match("/^[a-zA-Z0-9\-.]{3,20}$/", $alias)) {
+ $page->trigError("L'adresse demandée n'est pas valide."
+ . " Vérifie qu'elle comporte entre 3 et 20 caractères"
+ . " et qu'elle ne contient que des lettres non accentuées,"
+ . " des chiffres ou les caractères - et .");
return;
} else {
+ $alias_mail = $alias.'@'.$globals->mail->alias_dom;
+
//vérifier que l'alias n'est pas déja pris
- $res = XDB::query('SELECT COUNT(*) FROM virtual WHERE alias={?}',
- $alias.'@'.$globals->mail->alias_dom);
+ $res = XDB::query('SELECT COUNT(*)
+ FROM virtual
+ WHERE alias={?}',
+ $alias_mail);
if ($res->fetchOneCell() > 0) {
- $page->trig("L'alias $alias@{$globals->mail->alias_dom} a déja été attribué.
- Tu ne peux donc pas l'obtenir.");
+ $page->trigError("L'alias $alias_mail a déja été attribué.
+ Tu ne peux donc pas l'obtenir.");
return;
}
//vérifier que l'alias n'est pas déja en demande
- $it = new ValidateIterator ();
+ $it = new ValidateIterator();
while($req = $it->next()) {
- if ($req->type == "alias" and $req->alias == $alias . '@' . $globals->mail->alias_dom) {
- $page->trig("L'alias $alias@{$globals->mail->alias_dom} a déja été demandé.
+ if ($req->type == 'alias' and $req->alias == $alias_mail) {
+ $page->trigError("L'alias $alias_mail a déja été demandé.
Tu ne peux donc pas l'obtenir pour l'instant.");
return ;
}
}
//Insertion de la demande dans la base, écrase les requêtes précédente
- $myalias = new AliasReq($uid, $alias, $raison, $public);
+ $myalias = new AliasReq($user, $alias, $raison, $public);
$myalias->submit();
$page->assign('success',$alias);
return;
}
- }
- elseif ($action == 'set'
- && ($value == 'public' || $value == 'private'))
- {
- if ($value == 'public') {
- XDB::execute("UPDATE auth_user_quick SET emails_alias_pub = 'public'
- WHERE user_id = {?}", S::v('uid'));
- } else {
- XDB::execute("UPDATE auth_user_quick SET emails_alias_pub = 'private'
- WHERE user_id = {?}", S::v('uid'));
+ } elseif ($action == 'set' && ($value == 'public' || $value == 'private')) {
+ if (!S::has_xsrf_token()) {
+ return PL_FORBIDDEN;
}
- $visibility = $value;
+ if ($user->hasProfile()) {
+ XDB::execute("UPDATE profiles
+ SET alias_pub = {?}
+ WHERE pid = {?}",
+ $value, $user->profile()->id());
+ }
+ $visibility = ($value == 'public');
+ exit;
}
- $page->assign('mail_public', ($visibility == 'public'));
+ $page->assign('actuel', $alias);
+ $page->assign('user', $user);
+ $page->assign('mail_public', $visibility);
}
function handler_redirect(&$page, $action = null, $email = null)
$page->changeTpl('emails/redirect.tpl');
- $uid = S::v('uid');
- $forlife = S::v('forlife');
+ $user = S::user();
+ $page->assign_by_ref('user', $user);
+ $page->assign('eleve', $user->promo() >= date("Y") - 5);
- $page->assign('eleve', S::i('promo') >= date("Y") - 5);
-
- $redirect = new Redirect(S::v('uid'));
+ $redirect = new Redirect($user);
// FS#703 : $_GET is urldecoded twice, hence
// + (the data) => %2B (in the url) => + (first decoding) => ' ' (second decoding)
// Since there can be no spaces in emails, we can fix this with :
$email = str_replace(' ', '+', $email);
+ // Apply email redirection change requests.
+ $result = SUCCESS;
if ($action == 'remove' && $email) {
- $retour = $redirect->delete_email($email);
- $page->assign('retour', $retour);
+ $result = $redirect->delete_email($email);
}
if ($action == 'active' && $email) {
$redirect->modify_one_email_redirect($email, $rewrite);
}
- if ($action == 'storage' && $email == 'imap') {
- $storage = new MailStorageIMAP(S::v('uid'));
- $subaction = @func_get_arg(3);
- if ($subaction == 'active') {
- $storage->enable();
- }
- if ($subaction == 'inactive') {
- $storage->disable();
- }
- }
-
if (Env::has('emailop')) {
+ S::assert_xsrf_token();
+
$actifs = Env::v('emails_actifs', Array());
print_r(Env::v('emails_rewrite'));
if (Env::v('emailop') == "ajouter" && Env::has('email')) {
- $page->assign('retour', $redirect->add_email(Env::v('email')));
+ $error_email = false;
+ $new_email = Env::v('email');
+ if ($new_email == "new@example.org") {
+ $new_email = Env::v('email_new');
+ }
+ $result = $redirect->add_email($new_email);
+ if ($result == ERROR_INVALID_EMAIL) {
+ $error_email = true;
+ $page->assign('email', $new_email);
+ }
+ $page->assign('retour', $result);
+ $page->assign('error_email', $error_email);
} elseif (empty($actifs)) {
- $page->assign('retour', ERROR_INACTIVE_REDIRECTION);
+ $result = ERROR_INACTIVE_REDIRECTION;
} elseif (is_array($actifs)) {
- $page->assign('retour', $redirect->modify_email($actifs,
- Env::v('emails_rewrite',Array())));
+ $result = $redirect->modify_email($actifs, Env::v('emails_rewrite', Array()));
}
}
+ switch ($result) {
+ case ERROR_INACTIVE_REDIRECTION:
+ $page->trigError('Tu ne peux pas avoir aucune adresse de redirection active, sinon ton adresse '
+ . $user->forlifeEmail() . ' ne fonctionnerait plus.');
+ break;
+ case ERROR_INVALID_EMAIL:
+ $page->trigError('Erreur : l\'email n\'est pas valide.');
+ break;
+ case ERROR_LOOP_EMAIL:
+ $page->trigError('Erreur : ' . $user->forlifeEmail()
+ . ' ne doit pas être renvoyé vers lui-même, ni vers son équivalent en '
+ . $globals->mail->domain2 . ' ni vers polytechnique.edu.');
+ break;
+ }
+
+ // Fetch the @alias_dom email alias, if any.
$res = XDB::query(
"SELECT alias
FROM virtual
INNER JOIN virtual_redirect USING(vid)
WHERE (redirect={?} OR redirect={?})
AND alias LIKE '%@{$globals->mail->alias_dom}'",
- $forlife.'@'.$globals->mail->domain, $forlife.'@'.$globals->mail->domain2);
+ $user->forlifeEmail(),
+ // TODO: remove this über-ugly hack. The issue is that you need
+ // to remove all @m4x.org addresses in virtual_redirect first.
+ $user->login() . '@' . $globals->mail->domain2);
$melix = $res->fetchOneCell();
if ($melix) {
list($melix) = explode('@', $melix);
$page->assign('melix',$melix);
}
+ // Fetch existing email aliases.
$res = XDB::query(
"SELECT alias,expire
FROM aliases
- WHERE id={?} AND (type='a_vie' OR type='alias')
- ORDER BY !FIND_IN_SET('usage',flags), LENGTH(alias)", $uid);
-
+ WHERE uid={?} AND (type='a_vie' OR type='alias')
+ ORDER BY !FIND_IN_SET('usage',flags), LENGTH(alias)", $user->id());
$page->assign('alias', $res->fetchAllAssoc());
- $page->assign('emails',$redirect->emails);
+ $page->assign('emails', $redirect->emails);
- $res = XDB::query(
- "SELECT mail_storage
- FROM auth_user_md5
- WHERE user_id = {?}", $uid);
- $page->assign('storage', explode(',', $res->fetchOneCell()));
+ // Display GoogleApps acount information.
+ require_once 'googleapps.inc.php';
+ $page->assign('googleapps', GoogleAppsAccount::account_status($user->id()));
+
+ require_once 'emails.combobox.inc.php';
+ fill_email_combobox($page);
}
function handler_antispam(&$page, $statut_filtre = null)
{
require_once 'emails.inc.php';
- require_once('wiki.inc.php');
- wiki_require_page('Xorg.Antispam');
+ $wp = new PlWikiPage('Xorg.Antispam');
+ $wp->buildCache();
$page->changeTpl('emails/antispam.tpl');
- $bogo = new Bogo(S::v('uid'));
+ $user = S::user();
+ $bogo = new Bogo($user);
if (isset($statut_filtre)) {
- $bogo->change(S::v('uid'), $statut_filtre + 0);
+ $bogo->change($statut_filtre + 0);
}
- $page->assign('filtre',$bogo->level());
+ $page->assign('filtre', $bogo->level());
}
function handler_submit(&$page)
{
- require_once('wiki.inc.php');
- wiki_require_page('Xorg.Mails');
+ $wp = new PlWikiPage('Xorg.Mails');
+ $wp->buildCache();
$page->changeTpl('emails/submit_spam.tpl');
if (Post::has('send_email')) {
- $upload = PlUpload::get($_FILES['mail'], S::v('forlife'), 'spam.submit', true);
+ S::assert_xsrf_token();
+
+ $upload = PlUpload::get($_FILES['mail'], S::user()->login(), 'spam.submit', true);
if (!$upload) {
- $page->trig('Une erreur a été rencontrée lors du transfert du fichier');
+ $page->trigError('Une erreur a été rencontrée lors du transfert du fichier');
return;
}
$mime = $upload->contentType();
if ($mime != 'text/x-mail' && $mime != 'message/rfc822') {
$upload->clear();
- $page->trig('Le fichier ne contient pas un mail complet');
+ $page->trigError('Le fichier ne contient pas un email complet');
return;
}
+ $type = (Post::v('type') == 'spam' ? 'spam' : 'nonspam');
+
global $globals;
- $box = Post::v('type') . '@' . $globals->mail->domain;
+ $box = $type . '@' . $globals->mail->domain;
$mailer = new PlMailer();
$mailer->addTo($box);
- $mailer->setFrom('"' . S::v('prenom') . ' ' . S::v('nom') . '" <web@' . $globals->mail->domain . '>');
- $mailer->setTxtBody(Post::v('type') . ' soumis par ' . S::v('forlife') . ' via le web');
- $mailer->addUploadAttachment($upload, Post::v('type') . '.mail');
+ $mailer->setFrom('"' . S::user()->fullName() . '" <web@' . $globals->mail->domain . '>');
+ $mailer->setTxtBody($type . ' soumis par ' . S::user()->login() . ' via le web');
+ $mailer->addUploadAttachment($upload, $type . '.mail');
$mailer->send();
- $page->trig('Le message a été transmis à ' . $box);
+ $page->trigSuccess('Le message a été transmis à ' . $box);
$upload->clear();
}
}
function handler_send(&$page)
{
- global $globals;
$page->changeTpl('emails/send.tpl');
$page->addJsLink('ajax.js');
- $page->assign('xorg_title','Polytechnique.org - Envoyer un email');
+ $page->setTitle('Envoyer un email');
// action si on recoit un formulaire
if (Post::has('save')) {
+ if (!S::has_xsrf_token()) {
+ return PL_FORBIDDEN;
+ }
+
unset($_POST['save']);
if (trim(preg_replace('/-- .*/', '', Post::v('contenu'))) != "") {
$_POST['to_contacts'] = explode(';', @$_POST['to_contacts']);
$_POST['cc_contacts'] = explode(';', @$_POST['cc_contacts']);
$data = serialize($_POST);
XDB::execute("REPLACE INTO email_send_save
- VALUES ({?}, {?})", S::i('uid'), $data);
+ VALUES ({?}, {?})",
+ S::user()->id('uid'), $data);
}
exit;
} else if (Env::v('submit') == 'Envoyer') {
+ S::assert_xsrf_token();
+
function getEmails($aliases)
{
if (!is_array($aliases)) {
return null;
}
- $rel = Env::v('contacts');
+ $uf = new UserFilter(new UFC_Hrpid($aliases));
+ $users = $uf->iterUsers();
$ret = array();
- foreach ($aliases as $alias) {
- $ret[$alias] = $rel[$alias];
+ while ($user = $users->next()) {
+ $ret[] = $user->forlife;
}
return join(', ', $ret);
}
$error = false;
foreach ($_FILES as &$file) {
- if ($file['name'] && !PlUpload::get($file, S::v('forlife'), 'emails.send', false)) {
- $page->trig(PlUpload::$lastError);
+ if ($file['name'] && !PlUpload::get($file, S::user()->login(), 'emails.send', false)) {
+ $page->trigError(PlUpload::$lastError);
$error = true;
break;
}
if (!$error) {
XDB::execute("DELETE FROM email_send_save
- WHERE uid = {?}", S::i('uid'));
+ WHERE uid = {?}",
+ S::user()->id());
$to2 = getEmails(Env::v('to_contacts'));
$cc2 = getEmails(Env::v('cc_contacts'));
$txt = str_replace('^M', '', Env::v('contenu'));
- $to = Env::v('to');
- $subj = Env::v('sujet');
- $from = Env::v('from');
- $cc = trim(Env::v('cc'));
- $bcc = trim(Env::v('bcc'));
-
+ $to = str_replace(';', ',', Env::t('to'));
+ $subj = Env::t('sujet');
+ $from = Env::t('from');
+ $cc = str_replace(';', ',', Env::t('cc'));
+ $bcc = str_replace(';', ',', Env::t('bcc'));
+
+ $email_regex = '/^[a-z0-9.\-+_\$]+@([\-.+_]?[a-z0-9])+$/i';
+ foreach (explode(',', $to . ',' . $cc . ',' . $bcc) as $email) {
+ $email = trim($email);
+ if ($email != '' && !preg_match($email_regex, $email)) {
+ $page->trigError("L'adresse email " . $email . ' est erronée.');
+ $error = true;
+ }
+ }
if (empty($to) && empty($cc) && empty($to2) && empty($bcc) && empty($cc2)) {
- $page->trig("Indique au moins un destinataire.");
- $page->assign('uploaded_f', PlUpload::listFilenames(S::v('forlife'), 'emails.send'));
+ $page->trigError("Indique au moins un destinataire.");
+ $error = true;
+ }
+
+ if ($error) {
+ $page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send'));
} else {
$mymail = new PlMailer();
$mymail->setFrom($from);
if (!empty($bcc)) { $mymail->addBcc($bcc); }
if (!empty($to2)) { $mymail->addTo($to2); }
if (!empty($cc2)) { $mymail->addCc($cc2); }
- $files =& PlUpload::listFiles(S::v('forlife'), 'emails.send');
+ $files =& PlUpload::listFiles(S::user()->login(), 'emails.send');
foreach ($files as $name=>&$upload) {
$mymail->addUploadAttachment($upload, $name);
}
$mymail->setWikiBody($txt);
}
if ($mymail->send()) {
- $page->trig("Ton mail a bien été envoyé.");
- $_REQUEST = array('bcc' => S::v('bestalias').'@'.$globals->mail->domain);
- PlUpload::clear(S::v('forlife'), 'emails.send');
+ $page->trigSuccess("Ton email a bien été envoyé.");
+ $_REQUEST = array('bcc' => S::user()->bestEmail());
+ PlUpload::clear(S::user()->login(), 'emails.send');
} else {
- $page->trig("Erreur lors de l'envoi du courriel, réessaye.");
- $page->assign('uploaded_f', PlUpload::listFilenames(S::v('forlife'), 'emails.send'));
+ $page->trigError("Erreur lors de l'envoi du courriel, réessaye.");
+ $page->assign('uploaded_f', PlUpload::listFilenames(S::user()->login(), 'emails.send'));
}
}
}
FROM email_send_save
WHERE uid = {?}", S::i('uid'));
if ($res->numRows() == 0) {
- PlUpload::clear(S::v('forlife'), 'emails.send');
- $_REQUEST['bcc'] = S::v('bestalias').'@'.$globals->mail->domain;
+ PlUpload::clear(S::user()->login(), 'emails.send');
+ $_REQUEST['bcc'] = S::user()->bestEmail();
} else {
$data = unserialize($res->fetchOneCell());
$_REQUEST = array_merge($_REQUEST, $data);
}
}
- $res = XDB::query(
- "SELECT u.prenom, u.nom, u.promo, a.alias as forlife
- FROM auth_user_md5 AS u
- INNER JOIN contacts AS c ON (u.user_id = c.contact)
- INNER JOIN aliases AS a ON (u.user_id=a.id AND FIND_IN_SET('bestalias',a.flags))
- WHERE c.uid = {?}
- ORDER BY u.nom, u.prenom", S::v('uid'));
- $page->assign('contacts', $res->fetchAllAssoc());
+ $uf = new UserFilter(new PFC_And(new UFC_Contact(S::user()),
+ new UFC_Registered()),
+ UserFilter::sortByName());
+ $contacts = $uf->getProfiles();
+ $page->assign('contacts', $contacts);
$page->assign('maxsize', ini_get('upload_max_filesize') . 'o');
+ $page->assign('user', S::user());
}
- function handler_test(&$page, $forlife = null)
+ function handler_test(&$page, $hruid = null)
{
- global $globals;
- if (!S::has_perms() || !$forlife) {
- $forlife = S::v('bestalias');
+ require_once 'emails.inc.php';
+
+ if (!S::has_xsrf_token()) {
+ return PL_FORBIDDEN;
}
+
+ // Retrieves the User object for the test email recipient.
+ if (S::admin() && $hruid) {
+ $user = User::getSilent($hruid);
+ } else {
+ $user = S::user();
+ }
+ if (!$user) {
+ return PL_NOT_FOUND;
+ }
+
+ // Sends the test email.
+ $redirect = new Redirect($user);
+
$mailer = new PlMailer('emails/test.mail.tpl');
- $mailer->assign('email', $forlife . '@' . $globals->mail->domain);
- $iterator = XDB::iterator("SELECT email
- FROM emails AS e
- INNER JOIN aliases AS a ON (e.uid = a.id)
- WHERE FIND_IN_SET('active', e.flags) AND a.alias = {?}",
- $forlife);
- $mailer->assign('redirects', $iterator);
- $res = XDB::query("SELECT FIND_IN_SET('femme', u.flags), prenom
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id = u.user_id)
- WHERE a.alias = {?}", $forlife);
- list($sexe, $prenom) = $res->fetchOneRow();
- $mailer->assign('sexe', $sexe);
- $mailer->assign('prenom', $prenom);
- $mailer->send();
+ $mailer->assign('email', $user->bestEmail());
+ $mailer->assign('redirects', $redirect->active_emails());
+ $mailer->assign('display_name', $user->displayName());
+ $mailer->assign('sexe', $user->isFemale());
+ $mailer->send($user->isEmailFormatHtml());
exit;
}
+ function handler_rewrite_in(&$page, $mail, $hash)
+ {
+ $page->changeTpl('emails/rewrite.tpl');
+ $page->assign('option', 'in');
+ if (empty($mail) || empty($hash)) {
+ return PL_NOT_FOUND;
+ }
+ $pos = strrpos($mail, '_');
+ if ($pos === false) {
+ return PL_NOT_FOUND;
+ }
+ $mail{$pos} = '@';
+ $res = XDB::query("SELECT COUNT(*)
+ FROM emails
+ WHERE email = {?} AND hash = {?}",
+ $mail, $hash);
+ $count = intval($res->fetchOneCell());
+ if ($count > 0) {
+ XDB::query("UPDATE emails
+ SET allow_rewrite = true, hash = NULL
+ WHERE email = {?} AND hash = {?}",
+ $mail, $hash);
+ $page->trigSuccess("Réécriture activée pour l'adresse " . $mail);
+ return;
+ }
+ return PL_NOT_FOUND;
+ }
+
+ function handler_rewrite_out(&$page, $mail, $hash)
+ {
+ $page->changeTpl('emails/rewrite.tpl');
+ $page->assign('option', 'out');
+ if (empty($mail) || empty($hash)) {
+ return PL_NOT_FOUND;
+ }
+ $pos = strrpos($mail, '_');
+ if ($pos === false) {
+ return PL_NOT_FOUND;
+ }
+ $mail{$pos} = '@';
+ $res = XDB::query("SELECT COUNT(*)
+ FROM emails
+ WHERE email = {?} AND hash = {?}",
+ $mail, $hash);
+ $count = intval($res->fetchOneCell());
+ if ($count > 0) {
+ global $globals;
+ $res = XDB::query("SELECT e.email, e.rewrite, a.alias
+ FROM emails AS e
+ INNER JOIN aliases AS a ON (a.uid = e.uid AND a.type = 'a_vie')
+ WHERE e.email = {?} AND e.hash = {?}",
+ $mail, $hash);
+ XDB::query("UPDATE emails
+ SET allow_rewrite = false, hash = NULL
+ WHERE email = {?} AND hash = {?}",
+ $mail, $hash);
+ list($mail, $rewrite, $forlife) = $res->fetchOneRow();
+ $mail = new PlMailer();
+ $mail->setFrom("webmaster@" . $globals->mail->domain);
+ $mail->addTo("support@" . $globals->mail->domain);
+ $mail->setSubject("Tentative de détournement de correspondance via le rewrite");
+ $mail->setTxtBody("$forlife a tenté un rewrite de $mail vers $rewrite. Cette demande a été rejetée via le web");
+ $mail->send();
+ $page->trigWarning("Un mail d'alerte a été envoyé à l'équipe de " . $globals->core->sitename);
+ return;
+ }
+ return PL_NOT_FOUND;
+ }
+
+ function handler_imap_in(&$page, $hash = null, $login = null)
+ {
+ $page->changeTpl('emails/imap_register.tpl');
+ $user = null;
+ if (!empty($hash) || !empty($login)) {
+ $user = User::getSilent($login);
+ if ($user) {
+ $req = XDB::query('SELECT 1
+ FROM newsletter_ins
+ WHERE uid = {?} AND hash = {?}',
+ $user->id(), $hash);
+ if ($req->numRows() == 0) {
+ $user = null;
+ }
+ }
+ }
+
+ require_once('emails.inc.php');
+ $page->assign('ok', false);
+ if (S::logged() && (is_null($user) || $user->id() == S::i('uid'))) {
+ $storage = new EmailStorage(S::user(), 'imap');
+ $storage->activate();
+ $page->assign('ok', true);
+ $page->assign('prenom', S::v('prenom'));
+ $page->assign('sexe', S::v('femme'));
+ } else if (!S::logged() && $user) {
+ $storage = new EmailStorage($user, 'imap');
+ $storage->activate();
+ $page->assign('ok', true);
+ $page->assign('prenom', $user->displayName());
+ $page->assign('sexe', $user->isFemale());
+ }
+ }
+
function handler_broken(&$page, $warn = null, $email = null)
{
require_once 'emails.inc.php';
- require_once('wiki.inc.php');
- wiki_require_page('Xorg.PatteCassée');
+ $wp = new PlWikiPage('Xorg.PatteCassée');
+ $wp->buildCache();
global $globals;
$page->changeTpl('emails/broken.tpl');
if ($warn == 'warn' && $email) {
+ S::assert_xsrf_token();
+
$email = valide_email($email);
// vérifications d'usage
- $sel = XDB::query(
- "SELECT e.uid, a.alias
- FROM emails AS e
- INNER JOIN auth_user_md5 AS u ON e.uid = u.user_id
- INNER JOIN aliases AS a ON (e.uid = a.id AND type!='homonyme'
- AND FIND_IN_SET('bestalias',a.flags))
- WHERE e.email={?}", $email);
-
- if (list($uid, $dest) = $sel->fetchOneRow()) {
- // envoi du mail
- $message = "Bonjour !
-
-Ce mail a été généré automatiquement par le service de patte cassée de
-Polytechnique.org car un autre utilisateur, ".S::v('prenom').' '.S::v('nom').",
-nous a signalé qu'en t'envoyant un mail, il avait reçu un message d'erreur
-indiquant que ton adresse de redirection $email
-ne fonctionnait plus !
-
-Nous te suggérons de vérifier cette adresse, et le cas échéant de mettre
-à jour sur le site <{$globals->baseurl}/emails> tes adresses
-de redirection...
-
-Pour plus de rensignements sur le service de patte cassée, n'hésites pas à
-consulter la page <{$globals->baseurl}/emails/broken>.
-
-
-A bientôt sur Polytechnique.org !
-L'équipe d'administration <support@" . $globals->mail->domain . '>';
-
- $mail = new PlMailer();
- $mail->setFrom('"Polytechnique.org" <support@' . $globals->mail->domain . '>');
- $mail->addTo("$dest@" . $globals->mail->domain);
- $mail->setSubject("Une de tes adresse de redirection Polytechnique.org ne marche plus !!");
- $mail->setTxtBody($message);
- $mail->send();
- $page->trig("Mail envoyé ! :o)");
+ $uid = XDB::fetchOneCell("SELECT uid
+ FROM emails
+ WHERE email = {?}", $email);
+ if ($uid) {
+ $dest = User::getWithUID($uid);
+
+ $mail = new PlMailer('emails/broken-web.mail.tpl');
+ $mail->assign('email', $email);
+ $mail->assign('request', S::user());
+ $mail->sendTo($dest);
+ $page->trigSuccess('Email envoyé !');
}
} elseif (Post::has('email')) {
+ S::assert_xsrf_token();
+
$email = valide_email(Post::v('email'));
list(,$fqdn) = explode('@', $email);
$fqdn = strtolower($fqdn);
- if ($fqdn == 'polytechnique.org' || $fqdn == 'melix.org'
- || $fqdn == 'm4x.org' || $fqdn == 'melix.net')
- {
+ if ($fqdn == 'polytechnique.org' || $fqdn == 'melix.org' || $fqdn == 'm4x.org' || $fqdn == 'melix.net') {
$page->assign('neuneu', true);
} else {
$page->assign('email',$email);
- $sel = XDB::query(
- "SELECT e1.uid, e1.panne != 0 AS panne, count(e2.uid) AS nb_mails,
- u.nom, u.prenom, u.promo, a.alias AS forlife
- FROM emails as e1
- LEFT JOIN emails as e2 ON(e1.uid = e2.uid
+ $x = XDB::fetchOneAssoc("SELECT e1.uid, e1.panne != 0 AS panne,
+ (count(e2.uid) + IF(FIND_IN_SET('googleapps', eo.storage), 1, 0)) AS nb_mails
+ FROM emails as e1
+ INNER JOIN email_options AS eo ON (eo.uid = e1.uid)
+ LEFT JOIN emails as e2 ON(e1.uid = e2.uid
AND FIND_IN_SET('active', e2.flags)
AND e1.email != e2.email)
- INNER JOIN auth_user_md5 as u ON(e1.uid = u.user_id)
- INNER JOIN aliases AS a ON (a.id = e1.uid AND a.type = 'a_vie')
- WHERE e1.email = {?}
- GROUP BY e1.uid", $email);
- if ($x = $sel->fetchOneAssoc()) {
+ WHERE e1.email = {?}
+ GROUP BY e1.uid", $email);
+ if ($x) {
// on écrit dans la base que l'adresse est cassée
if (!$x['panne']) {
- XDB::execute("UPDATE emails
- SET panne=NOW(),
- last=NOW(),
- panne_level = 1
- WHERE email = {?}", $email);
+ XDB::execute("UPDATE emails
+ SET panne=NOW(), last=NOW(), panne_level = 1
+ WHERE email = {?}", $email);
} else {
- XDB::execute("UPDATE emails
- SET panne_level = 1
- WHERE email = {?} AND panne_level = 0", $email);
+ XDB::execute("UPDATE emails
+ SET panne_level = 1
+ WHERE email = {?} AND panne_level = 0", $email);
}
+ $x['user'] = User::getWithUID($x['uid']);
$page->assign_by_ref('x', $x);
}
}
'dangerous' => 'Usurpations par cette adresse');
$page->assign('states', $states);
+ if (Post::has('action')) {
+ S::assert_xsrf_token();
+ }
switch (Post::v('action')) {
- case 'create':
+ case 'create':
if (trim(Post::v('emailN')) != '') {
- Xdb::execute('INSERT IGNORE INTO emails_watch (email, state, detection, last, uid, description)
+ Xdb::execute('INSERT IGNORE INTO email_watch (email, state, detection, last, uid, description)
VALUES ({?}, {?}, CURDATE(), NOW(), {?}, {?})',
trim(Post::v('emailN')), Post::v('stateN'), S::i('uid'), Post::v('descriptionN'));
};
break;
- case 'edit':
- Xdb::execute('UPDATE emails_watch
+ case 'edit':
+ Xdb::execute('UPDATE email_watch
SET state = {?}, last = NOW(), uid = {?}, description = {?}
WHERE email = {?}', Post::v('stateN'), S::i('uid'), Post::v('descriptionN'), Post::v('emailN'));
break;
- default:
+ default:
if ($action == 'delete' && !is_null($email)) {
- Xdb::execute('DELETE FROM emails_watch WHERE email = {?}', $email);
+ Xdb::execute('DELETE FROM email_watch WHERE email = {?}', $email);
}
}
if ($action != 'create' && $action != 'edit') {
if ($action == 'list') {
$sql = "SELECT w.email, w.detection, w.state, a.alias AS forlife
- FROM emails_watch AS w
+ FROM email_watch AS w
LEFT JOIN emails AS e USING(email)
- LEFT JOIN aliases AS a ON (a.id = e.uid AND a.type = 'a_vie')
+ LEFT JOIN aliases AS a ON (a.uid = e.uid AND a.type = 'a_vie')
ORDER BY w.state, w.email, a.alias";
$it = Xdb::iterRow($sql);
} elseif ($action == 'edit') {
$sql = "SELECT w.detection, w.state, w.last, w.description,
a1.alias AS edit, a2.alias AS forlife
- FROM emails_watch AS w
- LEFT JOIN aliases AS a1 ON (a1.id = w.uid AND a1.type = 'a_vie')
+ FROM email_watch AS w
+ LEFT JOIN aliases AS a1 ON (a1.uid = w.uid AND a1.type = 'a_vie')
LEFT JOIN emails AS e ON (w.email = e.email)
- LEFT JOIN aliases AS a2 ON (a2.id = e.uid AND a2.type = 'a_vie')
+ LEFT JOIN aliases AS a2 ON (a2.uid = e.uid AND a2.type = 'a_vie')
WHERE w.email = {?}
ORDER BY a2.alias";
$it = Xdb::iterRow($sql, $email);
$page->assign('doublon', $props);
}
}
+
function handler_lost(&$page, $action = 'list', $email = null)
{
$page->changeTpl('emails/lost.tpl');
- $page->assign('lost_emails', XDB::iterator('
- SELECT u.user_id, a.alias
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type = "a_vie")
- LEFT JOIN emails AS e ON (u.user_id=e.uid AND FIND_IN_SET("active",e.flags))
- WHERE e.uid IS NULL AND u.deces = 0
- ORDER BY u.promo DESC, u.nom, u.prenom'));
+ // TODO: Order by promo.
+ $page->assign('lost_emails',
+ XDB::iterator("SELECT a.uid, a.hruid
+ FROM accounts AS a
+ INNER JOIN email_options AS eo ON (eo.uid = a.uid)
+ LEFT JOIN emails AS e ON (a.uid = e.uid AND FIND_IN_SET('active', e.flags))
+ WHERE e.uid IS NULL AND FIND_IN_SET('googleapps', eo.storage) = 0 AND
+ a.state = 'active'
+ ORDER BY a.hruid"));
+ }
+
+ function handler_broken_addr(&$page)
+ {
+ require_once 'emails.inc.php';
+ $page->changeTpl('emails/broken_addr.tpl');
+
+ if (Env::has('sort_broken')) {
+ S::assert_xsrf_token();
+
+ $list = trim(Env::v('list'));
+ if ($list == '') {
+ $page->trigError('La liste est vide.');
+ } else {
+ $valid_emails = array();
+ $invalid_emails = array();
+ $broken_list = explode("\n", $list);
+ sort($broken_list);
+ foreach ($broken_list as $orig_email) {
+ $orig_email = trim($orig_email);
+ if ($orig_email != '') {
+ $email = valide_email($orig_email);
+ if (empty($email) || $email == '@') {
+ $invalid_emails[] = trim($orig_email) . ': invalid email';
+ } elseif (!in_array($email, $valid_emails)) {
+ $res = XDB::query('SELECT COUNT(*)
+ FROM emails
+ WHERE email = {?}', $email);
+ if ($res->fetchOneCell() > 0) {
+ $valid_emails[] = $email;
+ } else {
+ $invalid_emails[] = "$orig_email: no such redirection";
+ }
+ }
+ }
+ }
+
+ $page->assign('valid_emails', $valid_emails);
+ $page->assign('invalid_emails', $invalid_emails);
+ }
+ }
+
+ if (Env::has('process_broken')) {
+ S::assert_xsrf_token();
+
+ $list = trim(Env::v('list'));
+ if ($list == '') {
+ $page->trigError('La liste est vide.');
+ } else {
+ global $platal;
+
+ $broken_user_list = array();
+ $broken_list = explode("\n", $list);
+ sort($broken_list);
+ foreach ($broken_list as $orig_email) {
+ $email = valide_email(trim($orig_email));
+ if (empty($email) || $email == '@') {
+ continue;
+ }
+
+ $sel = XDB::query(
+ "SELECT e1.uid, e1.panne != 0 AS panne, count(e2.uid) AS nb_mails,
+ acc.full_name, a.alias
+ FROM emails AS e1
+ LEFT JOIN emails AS e2 ON (e1.uid = e2.uid AND FIND_IN_SET('active', e2.flags)
+ AND e1.email != e2.email)
+ INNER JOIN accounts AS acc ON (e1.uid = acc.uid)
+ INNER JOIN aliases AS a ON (acc.uid = a.uid AND FIND_IN_SET('bestalias', a.flags))
+ WHERE e1.email = {?}
+ GROUP BY e1.uid", $email);
+
+ if ($x = $sel->fetchOneAssoc()) {
+ if (!$x['panne']) {
+ XDB::execute('UPDATE emails
+ SET panne=NOW(), last=NOW(), panne_level = 1
+ WHERE email = {?}',
+ $email);
+ } else {
+ XDB::execute('UPDATE emails
+ SET last = CURDATE(), panne_level = panne_level + 1
+ WHERE email = {?}
+ AND DATE_ADD(last, INTERVAL 14 DAY) < CURDATE()',
+ $email);
+ }
+
+ if (!empty($x['nb_mails'])) {
+ $mail = new PlMailer('emails/broken.mail.tpl');
+ $mail->addTo("\"{$x['full_name']}\" <{$x['alias']}@"
+ . $globals->mail->domain . '>');
+ $mail->assign('x', $x);
+ $mail->assign('email', $email);
+ $mail->send();
+ }
+
+ if (!isset($broken_user_list[$x['alias']])) {
+ $broken_user_list[$x['alias']] = array($email);
+ } else {
+ $broken_user_list[$x['alias']][] = $email;
+ }
+ }
+ }
+
+ XDB::execute("UPDATE emails
+ SET panne_level = panne_level - 1
+ WHERE flags = 'active' AND panne_level > 1
+ AND DATE_ADD(last, INTERVAL 1 MONTH) < CURDATE()");
+ XDB::execute("UPDATE emails
+ SET panne_level = 0
+ WHERE flags = 'active' AND panne_level = 1
+ AND DATE_ADD(last, INTERVAL 1 YEAR) < CURDATE()");
+
+ // Output the list of users with recently broken addresses,
+ // along with the count of valid redirections.
+ require_once 'notifs.inc.php';
+ pl_content_headers("text/x-csv");
+
+ $csv = fopen('php://output', 'w');
+ fputcsv($csv, array('nom', 'promo', 'alias', 'bounce', 'nbmails', 'url'), ';');
+ foreach ($broken_user_list as $alias => $mails) {
+ $sel = Xdb::query(
+ "SELECT acc.uid, count(e.email) AS nb_mails,
+ IFNULL(pd.public_name, acc.full_name) AS fullname,
+ IFNULL(pd.promo, 0) AS promo
+ FROM aliases AS a
+ INNER JOIN accounts AS acc ON (a.uid = acc.uid)
+ LEFT JOIN emails AS e ON (e.uid = acc.uid
+ AND FIND_IN_SET('active', e.flags) AND e.panne = 0)
+ LEFT JOIN account_profiles AS ap ON (acc.uid = ap.uid AND FIND_IN_SET('owner', ap.perms))
+ LEFT JOIN profile_display AS pd ON (pd.pid = ap.pid)
+ WHERE a.alias = {?}
+ GROUP BY acc.uid", $alias);
+
+ if ($x = $sel->fetchOneAssoc()) {
+ if ($x['nb_mails'] == 0) {
+ $user = User::getSilentWithUID($x['uid']);
+ $profile = $user->profile();
+ WatchProfileUpdate::register($profile, 'broken');
+ }
+ fputcsv($csv, array($x['fullname'], $x['promo'], $alias,
+ join(',', $mails), $x['nb_mails'],
+ 'https://www.polytechnique.org/marketing/broken/' . $alias), ';');
+ }
+ }
+ fclose($csv);
+ exit;
+ }
+ }
}
}