<?php
/***************************************************************************
- * Copyright (C) 2003-2006 Polytechnique.org *
+ * Copyright (C) 2003-2008 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
'emails/broken' => $this->make_hook('broken', AUTH_COOKIE),
'emails/redirect' => $this->make_hook('redirect', AUTH_MDP),
'emails/send' => $this->make_hook('send', AUTH_MDP),
+ 'emails/antispam/submit' => $this->make_hook('submit', AUTH_COOKIE),
+ 'emails/test' => $this->make_hook('test', AUTH_COOKIE, 'user', NO_AUTH),
- 'admin/emails/duplicated' => $this->make_hook('duplicated', AUTH_MDP, 'admin')
+ 'emails/imap/in' => $this->make_hook('imap_in', AUTH_PUBLIC),
+
+ 'admin/emails/duplicated' => $this->make_hook('duplicated', AUTH_MDP, 'admin'),
+ 'admin/emails/watch' => $this->make_hook('duplicated', AUTH_MDP, 'admin'),
+ 'admin/emails/lost' => $this->make_hook('lost', AUTH_MDP, 'admin'),
);
}
function handler_emails(&$page, $action = null, $email = null)
{
global $globals;
+ require_once 'emails.inc.php';
$page->changeTpl('emails/index.tpl');
- $page->assign('xorg_title','Polytechnique.org - Mes emails');
+ $page->assign('pl_title','Polytechnique.org - Mes emails');
$uid = S::v('uid');
if ($action == 'best' && $email) {
+ if (!S::has_xsrf_token()) {
+ return PL_FORBIDDEN;
+ }
+
// bestalias is the first bit : 1
// there will be maximum 8 bits in flags : 255
XDB::execute("UPDATE aliases SET flags=flags & (255 - 1) WHERE id={?}", $uid);
$uid, $email);
}
- // on regarde si on a affaire à un homonyme
+ // on regarde si on a affaire à un homonyme
$sql = "SELECT alias, (type='a_vie') AS a_vie,
(alias REGEXP '\\\\.[0-9]{2}$') AS cent_ans,
FIND_IN_SET('bestalias',flags) AS best, expire
ORDER BY LENGTH(alias)";
$page->assign('aliases', XDB::iterator($sql, $uid));
- $homonyme = XDB::query("SELECT alias FROM aliases INNER JOIN homonymes ON (id = homonyme_id) WHERE user_id = {?} AND type = 'homonyme'", $uid);
- $page->assign('homonyme', $homonyme->fetchOneCell());
-
- $sql = "SELECT email
- FROM emails
- WHERE uid = {?} AND FIND_IN_SET('active', flags)";
- $page->assign('mails', XDB::iterator($sql, $uid));
+ $homonyme = XDB::query("SELECT alias FROM aliases INNER JOIN homonymes ON (id = homonyme_id) WHERE user_id = {?} AND type = 'homonyme'", $uid);
+ $page->assign('homonyme', $homonyme->fetchOneCell());
+ // Affichage des redirections de l'utilisateur.
+ $redirect = new Redirect($uid);
+ $page->assign('mails', $redirect->active_emails());
// on regarde si l'utilisateur a un alias et si oui on l'affiche !
$forlife = S::v('forlife');
"SELECT alias
FROM virtual AS v
INNER JOIN virtual_redirect AS vr USING(vid)
- WHERE (redirect={?} OR redirect={?})
+ WHERE (redirect={?} OR redirect={?})
AND alias LIKE '%@{$globals->mail->alias_dom}'",
$forlife.'@'.$globals->mail->domain, $forlife.'@'.$globals->mail->domain2);
$page->assign('melix', $res->fetchOneCell());
global $globals;
$page->changeTpl('emails/alias.tpl');
- $page->assign('xorg_title','Polytechnique.org - Alias melix.net');
+ $page->assign('pl_title','Polytechnique.org - Alias melix.net');
$uid = S::v('uid');
$forlife = S::v('forlife');
$page->assign('demande', AliasReq::get_request($uid));
- if ($action == 'suppr' && $value) {
+ if ($action == 'delete' && $value) {
+ S::assert_xsrf_token();
+
//Suppression d'un alias
XDB::execute(
'DELETE virtual, virtual_redirect
$forlife.'@'.$globals->mail->domain, $forlife.'@'.$globals->mail->domain2);
}
- //Récupération des alias éventuellement existants
+ //Récupération des alias éventuellement existants
$res = XDB::query(
"SELECT alias, emails_alias_pub
FROM auth_user_quick, virtual
INNER JOIN virtual_redirect USING(vid)
WHERE ( redirect={?} OR redirect= {?} )
- AND alias LIKE '%@{$globals->mail->alias_dom}' AND user_id = {?}",
+ AND alias LIKE '%@{$globals->mail->alias_dom}' AND user_id = {?}",
$forlife.'@'.$globals->mail->domain,
$forlife.'@'.$globals->mail->domain2, S::v('uid'));
list($alias, $visibility) = $res->fetchOneRow();
$page->assign('actuel', $alias);
- if ($action == 'ask' && Env::has('alias') and Env::has('raison')) {
- //Si l'utilisateur vient de faire une damande
+ if ($action == 'ask' && Env::has('alias') && Env::has('raison')) {
+ S::assert_xsrf_token();
+ //Si l'utilisateur vient de faire une damande
$alias = Env::v('alias');
$raison = Env::v('raison');
$public = (Env::v('public', 'off') == 'on')?"public":"private";
$page->assign('r_public', true);
}
- //Quelques vérifications sur l'alias (caractères spéciaux)
+ //Quelques vérifications sur l'alias (caractères spéciaux)
if (!preg_match( "/^[a-zA-Z0-9\-.]{3,20}$/", $alias)) {
- $page->trig("L'adresse demandée n'est pas valide.
- Vérifie qu'elle comporte entre 3 et 20 caractères
- et qu'elle ne contient que des lettres non accentuées,
- des chiffres ou les caractères - et .");
+ $page->trigError("L'adresse demandée n'est pas valide."
+ . " Vérifie qu'elle comporte entre 3 et 20 caractères"
+ . " et qu'elle ne contient que des lettres non accentuées,"
+ . " des chiffres ou les caractères - et .");
return;
} else {
- //vérifier que l'alias n'est pas déja pris
+ //vérifier que l'alias n'est pas déja pris
$res = XDB::query('SELECT COUNT(*) FROM virtual WHERE alias={?}',
$alias.'@'.$globals->mail->alias_dom);
if ($res->fetchOneCell() > 0) {
- $page->trig("L'alias $alias@{$globals->mail->alias_dom} a déja été attribué.
+ $page->trigError("L'alias $alias@{$globals->mail->alias_dom} a déja été attribué.
Tu ne peux donc pas l'obtenir.");
return;
}
- //vérifier que l'alias n'est pas déja en demande
+ //vérifier que l'alias n'est pas déja en demande
$it = new ValidateIterator ();
while($req = $it->next()) {
- if ($req->type == "alias" and $req->alias == $alias) {
- $page->trig("L'alias $alias@{$globals->mail->alias_dom} a déja été demandé.
+ if ($req->type == "alias" and $req->alias == $alias . '@' . $globals->mail->alias_dom) {
+ $page->trigError("L'alias $alias@{$globals->mail->alias_dom} a déja été demandé.
Tu ne peux donc pas l'obtenir pour l'instant.");
return ;
}
}
- //Insertion de la demande dans la base, écrase les requêtes précédente
+ //Insertion de la demande dans la base, écrase les requêtes précédente
$myalias = new AliasReq($uid, $alias, $raison, $public);
$myalias->submit();
$page->assign('success',$alias);
return;
}
- }
- elseif ($action == 'set'
- && ($value == 'public' || $value == 'private'))
- {
+ } elseif ($action == 'set' && ($value == 'public' || $value == 'private')) {
+ if (!S::has_xsrf_token()) {
+ return PL_FORBIDDEN;
+ }
+
if ($value == 'public') {
XDB::execute("UPDATE auth_user_quick SET emails_alias_pub = 'public'
WHERE user_id = {?}", S::v('uid'));
$redirect = new Redirect(S::v('uid'));
+ // FS#703 : $_GET is urldecoded twice, hence
+ // + (the data) => %2B (in the url) => + (first decoding) => ' ' (second decoding)
+ // Since there can be no spaces in emails, we can fix this with :
+ $email = str_replace(' ', '+', $email);
+
if ($action == 'remove' && $email) {
$retour = $redirect->delete_email($email);
$page->assign('retour', $retour);
}
-
- if ($action == 'active' && $email) {
- $redirect->modify_one_email($email, true);
- }
-
- if ($action == 'inactive' && $email) {
- $redirect->modify_one_email($email, false);
- }
-
- if ($action == 'rewrite' && $email) {
- $rewrite = @func_get_arg(3);
- $redirect->modify_one_email_redirect($email, $rewrite);
- }
-
+
+ if ($action == 'active' && $email) {
+ $redirect->modify_one_email($email, true);
+ }
+
+ if ($action == 'inactive' && $email) {
+ $redirect->modify_one_email($email, false);
+ }
+
+ if ($action == 'rewrite' && $email) {
+ $rewrite = @func_get_arg(3);
+ $redirect->modify_one_email_redirect($email, $rewrite);
+ }
+
if (Env::has('emailop')) {
+ S::assert_xsrf_token();
+
$actifs = Env::v('emails_actifs', Array());
print_r(Env::v('emails_rewrite'));
if (Env::v('emailop') == "ajouter" && Env::has('email')) {
FROM virtual
INNER JOIN virtual_redirect USING(vid)
WHERE (redirect={?} OR redirect={?})
- AND alias LIKE '%@{$globals->mail->alias_dom}'",
+ AND alias LIKE '%@{$globals->mail->alias_dom}'",
$forlife.'@'.$globals->mail->domain, $forlife.'@'.$globals->mail->domain2);
$melix = $res->fetchOneCell();
if ($melix) {
FROM aliases
WHERE id={?} AND (type='a_vie' OR type='alias')
ORDER BY !FIND_IN_SET('usage',flags), LENGTH(alias)", $uid);
+
$page->assign('alias', $res->fetchAllAssoc());
$page->assign('emails',$redirect->emails);
+
+ require_once 'googleapps.inc.php';
+ $page->assign('googleapps', GoogleAppsAccount::account_status($uid));
}
function handler_antispam(&$page, $statut_filtre = null)
{
require_once 'emails.inc.php';
+ require_once('wiki.inc.php');
+ wiki_require_page('Xorg.Antispam');
$page->changeTpl('emails/antispam.tpl');
$bogo = new Bogo(S::v('uid'));
if (isset($statut_filtre)) {
- $bogo->change(S::v('uid'), $statut_filtre + 0);
+ $bogo->change($statut_filtre + 0);
}
$page->assign('filtre',$bogo->level());
}
+ function handler_submit(&$page)
+ {
+ require_once('wiki.inc.php');
+ wiki_require_page('Xorg.Mails');
+ $page->changeTpl('emails/submit_spam.tpl');
+
+ if (Post::has('send_email')) {
+ S::assert_xsrf_token();
+
+ $upload = PlUpload::get($_FILES['mail'], S::v('forlife'), 'spam.submit', true);
+ if (!$upload) {
+ $page->trigError('Une erreur a été rencontrée lors du transfert du fichier');
+ return;
+ }
+ $mime = $upload->contentType();
+ if ($mime != 'text/x-mail' && $mime != 'message/rfc822') {
+ $upload->clear();
+ $page->trigError('Le fichier ne contient pas un mail complet');
+ return;
+ }
+ global $globals;
+ $box = Post::v('type') . '@' . $globals->mail->domain;
+ $mailer = new PlMailer();
+ $mailer->addTo($box);
+ $mailer->setFrom('"' . S::v('prenom') . ' ' . S::v('nom') . '" <web@' . $globals->mail->domain . '>');
+ $mailer->setTxtBody(Post::v('type') . ' soumis par ' . S::v('forlife') . ' via le web');
+ $mailer->addUploadAttachment($upload, Post::v('type') . '.mail');
+ $mailer->send();
+ $page->trigSuccess('Le message a été transmis à ' . $box);
+ $upload->clear();
+ }
+ }
+
function handler_send(&$page)
{
global $globals;
-
$page->changeTpl('emails/send.tpl');
+ $page->addJsLink('ajax.js');
- $page->assign('xorg_title','Polytechnique.org - Envoyer un email');
+ $page->assign('pl_title','Polytechnique.org - Envoyer un email');
// action si on recoit un formulaire
- if (Env::v('submit') == 'Envoyer')
- {
+ if (Post::has('save')) {
+ if (!S::has_xsrf_token()) {
+ return PL_FORBIDDEN;
+ }
+
+ unset($_POST['save']);
+ if (trim(preg_replace('/-- .*/', '', Post::v('contenu'))) != "") {
+ $_POST['to_contacts'] = explode(';', @$_POST['to_contacts']);
+ $_POST['cc_contacts'] = explode(';', @$_POST['cc_contacts']);
+ $data = serialize($_POST);
+ XDB::execute("REPLACE INTO email_send_save
+ VALUES ({?}, {?})", S::i('uid'), $data);
+ }
+ exit;
+ } else if (Env::v('submit') == 'Envoyer') {
+ S::assert_xsrf_token();
+
function getEmails($aliases)
{
if (!is_array($aliases)) {
return join(', ', $ret);
}
- $to2 = getEmails(Env::v('to_contacts'));
- $cc2 = getEmails(Env::v('cc_contacts'));
- $txt = str_replace('^M', '', Env::v('contenu'));
- $to = Env::v('to');
- $subj = Env::v('sujet');
- $from = Env::v('from');
- $cc = Env::v('cc');
- $bcc = Env::v('bcc');
-
- if (empty($to) && empty($cc) && empty($to2)) {
- $page->trig("Indique au moins un destinataire.");
- } else {
- $mymail = new PlMailer();
- $mymail->setFrom($from);
- $mymail->setSubject($subj);
- if (!empty($to)) { $mymail->addTo($to); }
- if (!empty($cc)) { $mymail->addCc($cc); }
- if (!empty($bcc)) { $mymail->addBcc($bcc); }
- if (!empty($to2)) { $mymail->addTo($to2); }
- if (!empty($cc2)) { $mymail->addCc($cc2); }
- if (isset($_FILES['uploaded'])) {
- $mymail->addAttachment($_FILES['uploaded']['tmp_name'],
- $_FILES['uploaded']['type'],
- $_FILES['uploaded']['name']);
+ $error = false;
+ foreach ($_FILES as &$file) {
+ if ($file['name'] && !PlUpload::get($file, S::v('forlife'), 'emails.send', false)) {
+ $page->trigError(PlUpload::$lastError);
+ $error = true;
+ break;
}
- $mymail->setTxtBody(wordwrap($txt,72,"\n"));
- if ($mymail->send()) {
- $page->trig("Ton mail a bien été envoyé.");
- $_REQUEST = array('bcc' => S::v('bestalias').'@'.$globals->mail->domain);
+ }
+
+ if (!$error) {
+ XDB::execute("DELETE FROM email_send_save
+ WHERE uid = {?}", S::i('uid'));
+
+ $to2 = getEmails(Env::v('to_contacts'));
+ $cc2 = getEmails(Env::v('cc_contacts'));
+ $txt = str_replace('^M', '', Env::v('contenu'));
+ $to = Env::v('to');
+ $subj = Env::v('sujet');
+ $from = Env::v('from');
+ $cc = trim(Env::v('cc'));
+ $bcc = trim(Env::v('bcc'));
+
+ if (empty($to) && empty($cc) && empty($to2) && empty($bcc) && empty($cc2)) {
+ $page->trigError("Indique au moins un destinataire.");
+ $page->assign('uploaded_f', PlUpload::listFilenames(S::v('forlife'), 'emails.send'));
} else {
- $page->trig("Erreur lors de l'envoi du courriel, réessaye.");
+ $mymail = new PlMailer();
+ $mymail->setFrom($from);
+ $mymail->setSubject($subj);
+ if (!empty($to)) { $mymail->addTo($to); }
+ if (!empty($cc)) { $mymail->addCc($cc); }
+ if (!empty($bcc)) { $mymail->addBcc($bcc); }
+ if (!empty($to2)) { $mymail->addTo($to2); }
+ if (!empty($cc2)) { $mymail->addCc($cc2); }
+ $files =& PlUpload::listFiles(S::v('forlife'), 'emails.send');
+ foreach ($files as $name=>&$upload) {
+ $mymail->addUploadAttachment($upload, $name);
+ }
+ if (Env::v('nowiki')) {
+ $mymail->setTxtBody(wordwrap($txt, 78, "\n"));
+ } else {
+ $mymail->setWikiBody($txt);
+ }
+ if ($mymail->send()) {
+ $page->trigSuccess("Ton mail a bien été envoyé.");
+ $_REQUEST = array('bcc' => S::v('bestalias').'@'.$globals->mail->domain);
+ PlUpload::clear(S::v('forlife'), 'emails.send');
+ } else {
+ $page->trigError("Erreur lors de l'envoi du courriel, réessaye.");
+ $page->assign('uploaded_f', PlUpload::listFilenames(S::v('forlife'), 'emails.send'));
+ }
}
}
} else {
- $_REQUEST['bcc'] = S::v('bestalias').'@'.$globals->mail->domain;
+ $res = XDB::query("SELECT data
+ FROM email_send_save
+ WHERE uid = {?}", S::i('uid'));
+ if ($res->numRows() == 0) {
+ PlUpload::clear(S::v('forlife'), 'emails.send');
+ $_REQUEST['bcc'] = S::v('bestalias').'@'.$globals->mail->domain;
+ } else {
+ $data = unserialize($res->fetchOneCell());
+ $_REQUEST = array_merge($_REQUEST, $data);
+ }
}
$res = XDB::query(
WHERE c.uid = {?}
ORDER BY u.nom, u.prenom", S::v('uid'));
$page->assign('contacts', $res->fetchAllAssoc());
+ $page->assign('maxsize', ini_get('upload_max_filesize') . 'o');
+ }
+
+ function handler_test(&$page, $forlife = null)
+ {
+ global $globals;
+ require_once 'emails.inc.php';
+
+ if (!S::has_xsrf_token()) {
+ return PL_FORBIDDEN;
+ }
+ if (!S::has_perms() || !$forlife) {
+ $forlife = S::v('bestalias');
+ }
+
+ $res = XDB::query("SELECT FIND_IN_SET('femme', u.flags), prenom, user_id
+ FROM auth_user_md5 AS u
+ INNER JOIN aliases AS a ON (a.id = u.user_id)
+ WHERE a.alias = {?}", $forlife);
+ list($sexe, $prenom, $uid) = $res->fetchOneRow();
+ $redirect = new Redirect($uid);
+
+ $mailer = new PlMailer('emails/test.mail.tpl');
+ $mailer->assign('email', $forlife . '@' . $globals->mail->domain);
+ $mailer->assign('redirects', $redirect->active_emails());
+ $mailer->assign('sexe', $sexe);
+ $mailer->assign('prenom', $prenom);
+ $mailer->send();
+ exit;
+ }
+
+ function handler_imap_in(&$page, $hash = null, $login = null)
+ {
+ $page->changeTpl('emails/imap_register.tpl');
+ $id = null;
+ if (!empty($hash) || !empty($login)) {
+ $req = XDB::query("SELECT u.prenom, FIND_IN_SET('femme', u.flags) AS sexe, a.id
+ FROM aliases AS a
+ INNER JOIN newsletter_ins AS ni ON (a.id = ni.user_id)
+ INNER JOIN auth_user_md5 AS u ON (u.user_id = a.id)
+ WHERE a.alias = {?} AND ni.hash = {?}", $login, $hash);
+ list($prenom, $sexe, $id) = $req->fetchOneRow();
+ }
+
+ require_once('emails.inc.php');
+ $page->assign('ok', false);
+ if (S::logged() && (is_null($id) || $id == S::i('uid'))) {
+ $storage = new EmailStorage(S::i('uid'), 'imap');
+ $storage->activate();
+ $page->assign('ok', true);
+ $page->assign('prenom', S::v('prenom'));
+ $page->assign('sexe', S::v('femme'));
+ } else if (!S::logged() && $id) {
+ $storage = new EmailStorage($id, 'imap');
+ $storage->activate();
+ $page->assign('ok', true);
+ $page->assign('prenom', $prenom);
+ $page->assign('sexe', $sexe);
+ }
}
function handler_broken(&$page, $warn = null, $email = null)
{
require_once 'emails.inc.php';
+ require_once('wiki.inc.php');
+ wiki_require_page('Xorg.PatteCassée');
global $globals;
$page->changeTpl('emails/broken.tpl');
if ($warn == 'warn' && $email) {
+ S::assert_xsrf_token();
+
$email = valide_email($email);
- // vérifications d'usage
+ // vérifications d'usage
$sel = XDB::query(
"SELECT e.uid, a.alias
FROM emails AS e
- INNER JOIN auth_user_md5 AS u ON e.uid = u.user_id
INNER JOIN aliases AS a ON (e.uid = a.id AND type!='homonyme'
AND FIND_IN_SET('bestalias',a.flags))
WHERE e.email={?}", $email);
// envoi du mail
$message = "Bonjour !
-Ce mail a été généré automatiquement par le service de patte cassée de
+Ce mail a été généré automatiquement par le service de patte cassée de
Polytechnique.org car un autre utilisateur, ".S::v('prenom').' '.S::v('nom').",
-nous a signalé qu'en t'envoyant un mail, il avait reçu un message d'erreur
+nous a signalé qu'en t'envoyant un mail, il avait reçu un message d'erreur
indiquant que ton adresse de redirection $email
ne fonctionnait plus !
-Nous te suggérons de vérifier cette adresse, et le cas échéant de mettre
-à jour sur le site <{$globals->baseurl}/emails> tes adresses
+Nous te suggérons de vérifier cette adresse, et le cas échéant de mettre
+à jour sur le site <{$globals->baseurl}/emails> tes adresses
de redirection...
-Pour plus de rensignements sur le service de patte cassée, n'hésites pas à
+Pour plus de renseignements sur le service de patte cassée, n'hésite pas à
consulter la page <{$globals->baseurl}/emails/broken>.
-A bientôt sur Polytechnique.org !
-L'équipe d'administration <support@polytechnique.org>";
+À bientôt sur Polytechnique.org !
+L'équipe d'administration <support@" . $globals->mail->domain . '>';
$mail = new PlMailer();
- $mail->setFrom('"Polytechnique.org" <support@polytechnique.org>');
- $mail->addTo("$dest@polytechnique.org");
+ $mail->setFrom('"Polytechnique.org" <support@' . $globals->mail->domain . '>');
+ $mail->addTo("$dest@" . $globals->mail->domain);
$mail->setSubject("Une de tes adresse de redirection Polytechnique.org ne marche plus !!");
$mail->setTxtBody($message);
$mail->send();
- $page->trig("Mail envoyé ! :o)");
+ $page->trigSuccess("Mail envoyé !");
}
} elseif (Post::has('email')) {
+ S::assert_xsrf_token();
+
$email = valide_email(Post::v('email'));
list(,$fqdn) = explode('@', $email);
$fqdn = strtolower($fqdn);
- if ($fqdn == 'polytechnique.org' || $fqdn == 'melix.org'
- || $fqdn == 'm4x.org' || $fqdn == 'melix.net')
- {
+ if ($fqdn == 'polytechnique.org' || $fqdn == 'melix.org' || $fqdn == 'm4x.org' || $fqdn == 'melix.net') {
$page->assign('neuneu', true);
} else {
$page->assign('email',$email);
$sel = XDB::query(
- "SELECT e1.uid, e1.panne != 0 AS panne, count(e2.uid) AS nb_mails,
- u.nom, u.prenom, u.promo
+ "SELECT e1.uid, e1.panne != 0 AS panne,
+ (count(e2.uid) + IF(FIND_IN_SET('googleapps', u.mail_storage), 1, 0)) AS nb_mails,
+ u.nom, u.prenom, u.promo, a.alias AS forlife
FROM emails as e1
- LEFT JOIN emails as e2 ON(e1.uid = e2.uid
+ LEFT JOIN emails as e2 ON(e1.uid = e2.uid
AND FIND_IN_SET('active', e2.flags)
AND e1.email != e2.email)
INNER JOIN auth_user_md5 as u ON(e1.uid = u.user_id)
+ INNER JOIN aliases AS a ON (a.id = e1.uid AND a.type = 'a_vie')
WHERE e1.email = {?}
GROUP BY e1.uid", $email);
if ($x = $sel->fetchOneAssoc()) {
- // on écrit dans la base que l'adresse est cassée
+ // on écrit dans la base que l'adresse est cassée
if (!$x['panne']) {
XDB::execute("UPDATE emails
SET panne=NOW(),
} else {
XDB::execute("UPDATE emails
SET panne_level = 1
- WHERE email = {?} AND panne_level = 0");
+ WHERE email = {?} AND panne_level = 0", $email);
}
$page->assign_by_ref('x', $x);
}
$page->changeTpl('emails/duplicated.tpl');
$states = array('pending' => 'En attente...',
- 'safe' => 'Pas d\'inquiétude',
+ 'safe' => 'Pas d\'inquiétude',
'unsafe' => 'Recherches en cours',
'dangerous' => 'Usurpations par cette adresse');
$page->assign('states', $states);
+ if (Post::has('action')) {
+ S::assert_xsrf_token();
+ }
switch (Post::v('action')) {
- case 'create':
+ case 'create':
if (trim(Post::v('emailN')) != '') {
Xdb::execute('INSERT IGNORE INTO emails_watch (email, state, detection, last, uid, description)
VALUES ({?}, {?}, CURDATE(), NOW(), {?}, {?})',
};
break;
- case 'edit':
+ case 'edit':
Xdb::execute('UPDATE emails_watch
SET state = {?}, last = NOW(), uid = {?}, description = {?}
WHERE email = {?}', Post::v('stateN'), S::i('uid'), Post::v('descriptionN'), Post::v('emailN'));
break;
- default:
+ default:
if ($action == 'delete' && !is_null($email)) {
Xdb::execute('DELETE FROM emails_watch WHERE email = {?}', $email);
}
$sql = "SELECT w.detection, w.state, w.last, w.description,
a1.alias AS edit, a2.alias AS forlife
FROM emails_watch AS w
- LEFT JOIN aliases AS a1 ON (a1.id = w.uid AND a1.type = 'a_vie')
+ LEFT JOIN aliases AS a1 ON (a1.id = w.uid AND a1.type = 'a_vie')
LEFT JOIN emails AS e ON (w.email = e.email)
LEFT JOIN aliases AS a2 ON (a2.id = e.uid AND a2.type = 'a_vie')
WHERE w.email = {?}
$page->assign('doublon', $props);
}
}
+ function handler_lost(&$page, $action = 'list', $email = null)
+ {
+ $page->changeTpl('emails/lost.tpl');
+
+ $page->assign('lost_emails', XDB::iterator('
+ SELECT u.user_id, a.alias
+ FROM auth_user_md5 AS u
+ INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type = "a_vie")
+ LEFT JOIN emails AS e ON (u.user_id=e.uid AND FIND_IN_SET("active",e.flags))
+ WHERE e.uid IS NULL AND
+ FIND_IN_SET("googleapps", u.mail_storage) = 0 AND
+ u.deces = 0
+ ORDER BY u.promo DESC, u.nom, u.prenom'));
+ }
}
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
?>
projects / platal.git / blobdiff