<?php
/***************************************************************************
- * Copyright (C) 2003-2008 Polytechnique.org *
+ * Copyright (C) 2003-2009 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
global $globals;
// Add a new special tip when changing plat/al version
if ($globals->version != S::v('last_version') && is_null($exclude)) {
- XDB::execute('UPDATE auth_user_quick
+ XDB::execute('UPDATE accounts
SET last_version = {?}
- WHERE user_id = {?}',
+ WHERE uid = {?}',
$globals->version, S::i('uid'));
return array('id' => 0,
'titre' => 'Bienvenue sur la nouvelle version du site !',
'special' => true);
}
- $exclude = is_null($exclude) ? '' : ' AND id != ' . $exclude . ' ';
+ $exclude = is_null($exclude) ? '' : ' AND id != ' . intval($exclude) . ' ';
$priority = rand(0, 510);
do {
$priority = (int)($priority/2);
$page->addJsLink('ajax.js');
$page->assign('tips', $this->get_tips());
- $res = XDB::query('SELECT date, naissance FROM auth_user_md5
- WHERE user_id={?}', S::v('uid'));
- list($date, $naissance) = $res->fetchOneRow();
-
- // incitation à mettre à jour la fiche
-
- $d2 = mktime(0, 0, 0, substr($date, 5, 2), substr($date, 8, 2),
- substr($date, 0, 4));
- if( (time() - $d2) > 60 * 60 * 24 * 400 ) {
- // si fiche date de + de 400j;
- $page->assign('fiche_incitation', $date);
- }
-
- // Souhaite bon anniversaire
-
- if (substr($naissance, 5) == date('m-d')) {
- $page->assign('birthday', date('Y') - substr($naissance, 0, 4));
+ // Profile update (appears when profile is > 400d old), and birthday
+ // oneboxes.
+ $user = S::user();
+ $profile = $user->profile();
+ if (!is_null($profile)) {
+ if (strtotime($profile->last_change) < time() - (400 * 86400)) {
+ $page->assign('fiche_incitation', $profile->last_change);
+ }
+ if ($profile->next_birthday == date('Y-m-d')) {
+ $birthyear = (int)date('Y', strtotime($profile->birthdate));
+ $curyear = (int)date('Y');
+ $page->assign('birthday', $curyear - $birthyear);
+ }
}
- // incitation à mettre une photo
-
- $res = XDB::query('SELECT COUNT(*) FROM photo
- WHERE uid={?}', S::v('uid'));
+ // No-photo onebox.
+ $res = XDB::query("SELECT COUNT(*)
+ FROM photo
+ WHERE uid = {?}",
+ S::user()->id());
$page->assign('photo_incitation', $res->fetchOneCell() == 0);
- // Incitation à se géolocaliser
- require_once 'geoloc.inc.php';
- $res = localize_addresses(S::v('uid', -1));
- $page->assign('geoloc_incitation', count($res));
+ // Geo-location onebox.
+ require_once "geocoding.inc.php";
+ $page->assign('geoloc_incitation', Geocoder::countNonGeocoded(S::user()->id()));
- // ajout du lien RSS
- if (S::rssActivated()) {
+ // Direct link to the RSS feed, when available.
+ if (S::hasAuthToken()) {
$page->setRssLink('Polytechnique.org :: News',
- '/rss/'.S::v('forlife') .'/'.S::v('core_rss_hash').'/rss.xml');
+ '/rss/'.S::v('hruid') .'/'.S::v('token').'/rss.xml');
}
- // cache les evenements lus et raffiche les evenements a relire
+ // Hide the read event, and reload the page to get to the next event.
if ($action == 'read' && $eid) {
- XDB::execute('DELETE evenements_vus.*
+ XDB::execute('DELETE ev.*
FROM evenements_vus AS ev
INNER JOIN evenements AS e ON e.id = ev.evt_id
WHERE peremption < NOW()');
pl_redirect('events#'.$pound);
}
+ // Unhide the requested event, and reload the page to display it.
if ($action == 'unread' && $eid) {
XDB::execute('DELETE FROM evenements_vus
WHERE evt_id = {?} AND user_id = {?}',
pl_redirect('events#newsid'.$eid);
}
+ // Fetch the events to display, along with their metadata.
$array = array();
- $it = XDB::iterator("SELECT e.id,e.titre,e.texte,e.post_id,a.user_id,a.nom,a.prenom,a.promo,l.alias AS forlife,
+ $it = XDB::iterator("SELECT e.id, e.titre, e.texte, e.post_id, e.user_id,
p.x, p.y, p.attach IS NOT NULL AS img, FIND_IN_SET('wiki', e.flags) AS wiki,
FIND_IN_SET('important', e.flags) AS important,
e.creation_date > DATE_SUB(CURDATE(), INTERVAL 2 DAY) AS news,
e.peremption < DATE_ADD(CURDATE(), INTERVAL 2 DAY) AS end,
- ev.user_id IS NULL AS nonlu
+ ev.user_id IS NULL AS nonlu, e.promo_min, e.promo_max
FROM evenements AS e
- LEFT JOIN evenements_photo AS p ON (e.id = p.eid)
- INNER JOIN auth_user_md5 AS a ON e.user_id=a.user_id
- INNER JOIN aliases AS l ON ( a.user_id=l.id AND l.type='a_vie' )
- LEFT JOIN evenements_vus AS ev ON (e.id = ev.evt_id AND ev.user_id = {?})
+ LEFT JOIN evenements_photo AS p ON (e.id = p.eid)
+ LEFT JOIN evenements_vus AS ev ON (e.id = ev.evt_id AND ev.user_id = {?})
WHERE FIND_IN_SET('valide', e.flags) AND peremption >= NOW()
- AND (e.promo_min = 0 || e.promo_min <= {?})
- AND (e.promo_max = 0 || e.promo_max >= {?})
ORDER BY important DESC, news DESC, end DESC, e.peremption, e.creation_date DESC",
- S::i('uid'), S::i('promo'), S::i('promo'));
+ S::i('uid'));
$cats = array('important', 'news', 'end', 'body');
- $body = $it->next();
+
+ $this->load('feed.inc.php');
+ $user = S::user();
+ $body = EventFeed::nextEvent($it, $user);
foreach ($cats as $cat) {
$data = array();
if (!$body) {
} else {
break;
}
- $body = $it->next();
+ $body = EventFeed::nextEvent($it, $user);
} while ($body);
if (!empty($data)) {
$array[$cat] = $data;
}
}
+
$page->assign_by_ref('events', $array);
}
exit;
}
} else {
- $upload = new PlUpload(S::v('forlife'), 'event');
+ $upload = new PlUpload(S::user()->login(), 'event');
if ($upload->exists() && $upload->isType('image')) {
header('Content-Type: ' . $upload->contentType());
echo $upload->getContents();
function handler_rss(&$page, $user = null, $hash = null)
{
- require_once 'rss.inc.php';
-
- $uid = init_rss('events/rss.tpl', $user, $hash);
-
- $rss = XDB::iterator(
- 'SELECT e.id, e.titre, e.texte, e.creation_date, e.post_id, p.attachmime IS NOT NULL AS photo,
- IF(u2.nom_usage = "", u2.nom, u2.nom_usage) AS nom, u2.prenom, u2.promo,
- FIND_IN_SET(\'wiki\', e.flags) AS wiki
- FROM auth_user_md5 AS u
- INNER JOIN evenements AS e ON ( (e.promo_min = 0 || e.promo_min <= u.promo)
- AND (e.promo_max = 0 || e.promo_max >= u.promo) )
- LEFT JOIN evenements_photo AS p ON (p.eid = e.id)
- INNER JOIN auth_user_md5 AS u2 ON (u2.user_id = e.user_id)
- WHERE u.user_id = {?} AND FIND_IN_SET("valide", e.flags)
- AND peremption >= NOW()', $uid);
- $page->assign('rss', $rss);
+ $this->load('feed.inc.php');
+ $feed = new EventFeed();
+ return $feed->run($page, $user, $hash);
}
function handler_preview(&$page)
$page->changeTpl('events/submit.tpl');
$page->addJsLink('ajax.js');
- require_once('wiki.inc.php');
- wiki_require_page('Xorg.Annonce');
+ $wp = new PlWikiPage('Xorg.Annonce');
+ $wp->buildCache();
$titre = Post::v('titre');
$texte = Post::v('texte');
$peremption = Post::i('peremption');
$valid_mesg = Post::v('valid_mesg');
$action = Post::v('action');
- $upload = new PlUpload(S::v('forlife'), 'event');
+ $upload = new PlUpload(S::user()->login(), 'event');
$this->upload_image($page, $upload);
if (($promo_min > $promo_max && $promo_max != 0)||
} elseif ($action && (!trim($texte) || !trim($titre))) {
$page->trigError("L'article doit avoir un titre et un contenu");
} elseif ($action) {
+ S::assert_xsrf_token();
+
require_once 'validations.inc.php';
$evtreq = new EvtReq($titre, $texte, $promo_min, $promo_max,
- $peremption, $valid_mesg, S::v('uid'), $upload);
+ $peremption, $valid_mesg, S::user(), $upload);
$evtreq->submit();
$page->assign('ok', true);
} elseif (!Env::v('preview')) {
function handler_admin_tips(&$page, $action = 'list', $id = null)
{
- $page->setTitle('Polytechnique.org - Administration - Astuces');
+ $page->setTitle('Administration - Astuces');
$page->assign('title', 'Gestion des Astuces');
$table_editor = new PLTableEditor('admin/tips', 'tips', 'id');
$table_editor->describe('peremption', 'date de péremption', true);
{
$page->changeTpl('events/admin.tpl');
$page->addJsLink('ajax.js');
- $page->setTitle('Polytechnique.org - Administration - Evenements');
+ $page->setTitle('Administration - Evenements');
$page->register_modifier('hde', 'html_entity_decode');
$arch = $action == 'archives';
$page->assign('action', $action);
- $upload = new PlUpload(S::v('forlife'), 'event');
+ $upload = new PlUpload(S::user()->login(), 'event');
if ((Env::has('preview') || Post::v('action') == "Proposer") && $eid) {
$action = 'edit';
$this->upload_image($page, $upload);
}
if (Post::v('action') == 'Pas d\'image' && $eid) {
+ S::assert_xsrf_token();
$upload->rm();
XDB::execute("DELETE FROM evenements_photo WHERE eid = {?}", $eid);
$action = 'edit';
} elseif (Post::v('action') == 'Supprimer l\'image' && $eid) {
+ S::assert_xsrf_token();
$upload->rm();
$action = 'edit';
} elseif (Post::v('action') == "Proposer" && $eid) {
+ S::assert_xsrf_token();
$promo_min = Post::i('promo_min');
$promo_max = Post::i('promo_max');
if (($promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020)) ||
} else {
switch ($action) {
case 'delete':
+ S::assert_xsrf_token();
XDB::execute('DELETE from evenements
WHERE id = {?}', $eid);
break;
case "archive":
+ S::assert_xsrf_token();
XDB::execute('UPDATE evenements
SET creation_date = creation_date, flags = CONCAT(flags,",archive")
WHERE id = {?}', $eid);
break;
case "unarchive":
+ S::assert_xsrf_token();
XDB::execute('UPDATE evenements
SET creation_date = creation_date, flags = REPLACE(flags,"archive","")
WHERE id = {?}', $eid);
break;
case "valid":
+ S::assert_xsrf_token();
XDB::execute('UPDATE evenements
SET creation_date = creation_date, flags = CONCAT(flags,",valide")
WHERE id = {?}', $eid);
break;
case "unvalid":
+ S::assert_xsrf_token();
XDB::execute('UPDATE evenements
SET creation_date = creation_date, flags = REPLACE(flags,"valide", "")
WHERE id = {?}', $eid);
}
$pid = ($eid && $action == 'preview') ? $eid : -1;
- $sql = "SELECT e.id, e.titre, e.texte,e.id = $pid AS preview,
+ $sql = "SELECT e.id, e.titre, e.texte,e.id = $pid AS preview, e.user_id,
DATE_FORMAT(e.creation_date,'%d/%m/%Y %T') AS creation_date,
DATE_FORMAT(e.peremption,'%d/%m/%Y') AS peremption,
e.promo_min, e.promo_max,
FIND_IN_SET('valide', e.flags) AS fvalide,
FIND_IN_SET('archive', e.flags) AS farch,
- u.promo, u.nom, u.prenom, a.alias AS forlife,
FIND_IN_SET('wiki', e.flags) AS wiki
FROM evenements AS e
- INNER JOIN auth_user_md5 AS u ON(e.user_id = u.user_id)
- INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type='a_vie')
WHERE ".($arch ? "" : "!")."FIND_IN_SET('archive',e.flags)
ORDER BY FIND_IN_SET('valide',e.flags), e.peremption DESC";
$page->assign('evs', XDB::iterator($sql));
projects / platal.git / blobdiff