<?php
/***************************************************************************
- * Copyright (C) 2003-2006 Polytechnique.org *
+ * Copyright (C) 2003-2014 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
function handlers()
{
return array(
- 'events' => $this->make_hook('ev', AUTH_COOKIE),
- 'send_bug' => $this->make_hook('bug', AUTH_COOKIE),
- 'events/submit' => $this->make_hook('ev_submit', AUTH_MDP),
- 'admin/events' => $this->make_hook('admin_events', AUTH_MDP, 'admin'),
-
- 'ajax/tips' => $this->make_hook('tips', AUTH_COOKIE, '', NO_AUTH),
- 'admin/tips' => $this->make_hook('admin_tips', AUTH_MDP, 'admin'),
-
- 'nl' => $this->make_hook('nl', AUTH_COOKIE),
- 'nl/show' => $this->make_hook('nl_show', AUTH_COOKIE),
- 'nl/submit' => $this->make_hook('nl_submit', AUTH_COOKIE),
- 'admin/newsletter' => $this->make_hook('admin_nl', AUTH_MDP, 'admin'),
- 'admin/newsletter/categories' => $this->make_hook('admin_nl_cat', AUTH_MDP, 'admin'),
- 'admin/newsletter/edit' => $this->make_hook('admin_nl_edit', AUTH_MDP, 'admin'),
+ 'events' => $this->make_hook('ev', AUTH_COOKIE, 'user'),
+ 'events/preview' => $this->make_hook('preview', AUTH_PUBLIC, 'user', NO_AUTH),
+ 'events/photo' => $this->make_hook('photo', AUTH_PUBLIC),
+ 'events/submit' => $this->make_hook('ev_submit', AUTH_PASSWD, 'user'),
+ 'admin/events' => $this->make_hook('admin_events', AUTH_PASSWD, 'admin'),
+ 'rss' => $this->make_token_hook('rss', AUTH_COOKIE, 'user'),
+
+ 'ajax/tips' => $this->make_hook('tips', AUTH_COOKIE, 'user', NO_AUTH),
+ 'admin/tips' => $this->make_hook('admin_tips', AUTH_PASSWD, 'admin'),
);
}
- function on_subscribe($forlife, $uid, $promo, $password)
+ private function get_tips($exclude = null)
{
- require_once 'newsletter.inc.php';
- subscribe_nl($uid);
- }
+ global $globals;
+ // Add a new special tip when changing plat/al version
+ if ($globals->version != S::user()->last_version && is_null($exclude)) {
+ XDB::execute('UPDATE accounts
+ SET last_version = {?}
+ WHERE uid = {?}',
+ $globals->version, S::i('uid'));
+ return array('id' => 0,
+ 'titre' => 'Bienvenue sur la nouvelle version du site !',
+ 'text' => 'Le site a été mis à jour depuis ta dernière visite vers la version ' . $globals->version
+ . '.<br /> Nous t\'invitons à <a href="review">faire un tour d\'horizon des '
+ . 'nouveautés</a>.<br /><br />'
+ . 'Tu peux également retrouver ces informations sur <a href="banana/xorg.m4x.innovation">'
+ . 'les forums</a>, ou sur <a href="changelog">la liste exhaustive des modifications</a>.',
+ 'priorite' => 255,
+ 'promo_min' => 0,
+ 'promo_max' => 0,
+ 'state' => 'active',
+ 'special' => true);
+ }
- function get_tips($exclude = null)
- {
- $exclude = is_null($exclude) ? '' : ' AND id != ' . $exclude . ' ';
+ $exclude = is_null($exclude) ? '' : ' AND id != ' . intval($exclude) . ' ';
$priority = rand(0, 510);
do {
$priority = (int)($priority/2);
$res = XDB::query("SELECT *
- FROM tips
- WHERE (peremption = '0000-00-00' OR peremption > CURDATE())
+ FROM reminder_tips
+ WHERE (expiration = '0000-00-00' OR expiration > CURDATE())
AND (promo_min = 0 OR promo_min <= {?})
AND (promo_max = 0 OR promo_max >= {?})
- AND (priorite >= {?})
+ AND (priority >= {?})
AND (state = 'active')
$exclude
ORDER BY RAND()
} while ($priority && !$res->numRows());
if (!$res->numRows()) {
return null;
- }
+ }
return $res->fetchOneAssoc();
}
- function handler_bug(&$page)
+ private function upload_image(PlPage $page, PlUpload $upload)
{
- $page->changeTpl('bug.tpl',SIMPLE);
- $page->addJsLink('close_on_esc.js');
- if (Env::has('send')) {
- $page->assign('bug_sent',1);
- $mymail = new PlMailer();
- $mymail->setFrom('"'.S::v('prenom').' '.S::v('nom').'" <'.S::v('bestalias').'@polytechnique.org>');
- $mymail->addTo('support+platal@polytechnique.org');
- $mymail->setSubject('Plat/al '.Env::v('task_type').' : '.Env::v('item_summary'));
- $mymail->setTxtBody(Env::v('detailed_desc'));
- $mymail->send();
+ if (@!$_FILES['image']['tmp_name'] && !Env::v('image_url')) {
+ return true;
+ }
+ if (!$upload->upload($_FILES['image']) && !$upload->download(Env::v('image_url'))) {
+ $page->trigError('Impossible de télécharger l\'image');
+ return false;
+ } elseif (!$upload->isType('image')) {
+ $page->trigError('Le fichier n\'est pas une image valide au format JPEG, GIF ou PNG.');
+ $upload->rm();
+ return false;
+ } elseif (!$upload->resizeImage(200, 300, 100, 100, 32284)) {
+ $page->trigError('Impossible de retraiter l\'image');
+ return false;
}
+ return true;
}
- function handler_ev(&$page, $action = 'list', $eid = null, $pound = null)
+ function handler_ev($page, $action = 'list', $eid = null, $pound = null)
{
- $page->changeTpl('login.tpl');
- $page->addJsLink('ajax.js');
- $page->assign('tips', $this->get_tips());
+ $page->changeTpl('events/index.tpl');
- $res = XDB::query('SELECT date, naissance FROM auth_user_md5
- WHERE user_id={?}', S::v('uid'));
- list($date, $naissance) = $res->fetchOneRow();
+ $user = S::user();
- // incitation à mettre à jour la fiche
+ /** XXX: Tips and reminder only for user with 'email' permission.
+ * We can do better in the future by storing a userfilter
+ * with the tip/reminder.
+ */
+ if ($user->checkPerms(User::PERM_MAIL)) {
+ $page->assign('tips', $this->get_tips());
- $d2 = mktime(0, 0, 0, substr($date, 5, 2), substr($date, 8, 2),
- substr($date, 0, 4));
- if( (time() - $d2) > 60 * 60 * 24 * 400 ) {
- // si fiche date de + de 400j;
- $page->assign('fiche_incitation', $date);
}
- // Souhaite bon anniversaire
-
- if (substr($naissance, 5) == date('m-d')) {
- $page->assign('birthday', date('Y') - substr($naissance, 0, 4));
+ // Adds a reminder onebox to the page.
+ require_once 'reminder.inc.php';
+ if (($reminder = Reminder::GetCandidateReminder($user))) {
+ $reminder->Prepare($page);
}
- // incitation à mettre une photo
-
- $res = XDB::query('SELECT COUNT(*) FROM photo
- WHERE uid={?}', S::v('uid'));
- $page->assign('photo_incitation', $res->fetchOneCell() == 0);
-
- // Incitation à se géolocaliser
- require_once 'geoloc.inc.php';
- $res = localize_addresses(S::v('uid', -1));
- $page->assign('geoloc_incitation', count($res));
+ // Wishes "Happy birthday" when required
+ $profile = $user->profile();
+ if (!is_null($profile)) {
+ if ($profile->next_birthday == date('Y-m-d')) {
+ $birthyear = (int)date('Y', strtotime($profile->birthdate));
+ $curyear = (int)date('Y');
+ $page->assign('birthday', $curyear - $birthyear);
+ }
+ }
- // ajout du lien RSS
- if (S::has('core_rss_hash')) {
+ // Direct link to the RSS feed, when available.
+ if (S::hasAuthToken()) {
$page->setRssLink('Polytechnique.org :: News',
- '/rss/'.S::v('forlife') .'/'.S::v('core_rss_hash').'/rss.xml');
+ '/rss/' . S::v('hruid') . '/' . S::user()->token . '/rss.xml');
}
- // cache les evenements lus et raffiche les evenements a relire
+ // Hide the read event, and reload the page to get to the next event.
if ($action == 'read' && $eid) {
- XDB::execute('DELETE evenements_vus.*
- FROM evenements_vus AS ev
- INNER JOIN evenements AS e ON e.id = ev.evt_id
- WHERE peremption < NOW()');
- XDB::execute('REPLACE INTO evenements_vus VALUES({?},{?})',
- $eid, S::v('uid'));
+ XDB::execute('DELETE ev.*
+ FROM announce_read AS ev
+ INNER JOIN announces AS e ON e.id = ev.evt_id
+ WHERE expiration < NOW()');
+ XDB::execute('INSERT IGNORE INTO announce_read (evt_id, uid)
+ VALUES ({?}, {?})',
+ $eid, S::v('uid'));
pl_redirect('events#'.$pound);
}
+ // Unhide the requested event, and reload the page to display it.
if ($action == 'unread' && $eid) {
- XDB::execute('DELETE FROM evenements_vus
- WHERE evt_id = {?} AND user_id = {?}',
+ XDB::execute('DELETE FROM announce_read
+ WHERE evt_id = {?} AND uid = {?}',
$eid, S::v('uid'));
pl_redirect('events#newsid'.$eid);
}
- // affichage des evenements
- // annonces promos triées par présence d'une limite sur les promos
- // puis par dates croissantes d'expiration
- $promo = S::v('promo');
- $sql = "SELECT e.id,e.titre,e.texte,a.user_id,a.nom,a.prenom,a.promo,l.alias AS forlife
- FROM evenements AS e
- INNER JOIN auth_user_md5 AS a ON e.user_id=a.user_id
- INNER JOIN aliases AS l ON ( a.user_id=l.id AND l.type='a_vie' )
- LEFT JOIN evenements_vus AS ev ON (e.id = ev.evt_id AND ev.user_id = {?})
- WHERE FIND_IN_SET(e.flags, 'valide') AND peremption >= NOW()
- AND (e.promo_min = 0 || e.promo_min <= {?})
- AND (e.promo_max = 0 || e.promo_max >= {?})
- AND ev.user_id IS NULL
- ORDER BY (e.promo_min != 0 AND e.promo_max != 0) DESC, e.peremption";
- $page->assign('evenement',
- XDB::iterator($sql, S::v('uid'),
- $promo, $promo)
- );
-
- $sql = "SELECT e.id,e.titre, ev.user_id IS NULL AS nonlu
- FROM evenements AS e
- LEFT JOIN evenements_vus AS ev ON (e.id = ev.evt_id AND ev.user_id = {?})
- WHERE FIND_IN_SET(e.flags, 'valide') AND peremption >= NOW()
- AND (e.promo_min = 0 || e.promo_min <= {?})
- AND (e.promo_max = 0 || e.promo_max >= {?})
- ORDER BY (e.promo_min != 0 AND e.promo_max != 0) DESC, e.peremption";
- $page->assign('evenement_summary',
- XDB::iterator($sql, S::v('uid'),
- $promo, $promo)
- );
+ // Fetch the events to display, along with their metadata.
+ $array = array();
+ $it = XDB::iterator("SELECT e.id, e.titre, e.texte, e.post_id, e.uid,
+ p.x, p.y, p.attach IS NOT NULL AS img, FIND_IN_SET('wiki', e.flags) AS wiki,
+ FIND_IN_SET('important', e.flags) AS important,
+ e.creation_date > DATE_SUB(CURDATE(), INTERVAL 2 DAY) AS news,
+ e.expiration < DATE_ADD(CURDATE(), INTERVAL 2 DAY) AS end,
+ ev.uid IS NULL AS nonlu, e.promo_min, e.promo_max
+ FROM announces AS e
+ LEFT JOIN announce_photos AS p ON (e.id = p.eid)
+ LEFT JOIN announce_read AS ev ON (e.id = ev.evt_id AND ev.uid = {?})
+ WHERE FIND_IN_SET('valide', e.flags) AND expiration >= NOW()
+ ORDER BY important DESC, news DESC, end DESC, e.expiration, e.creation_date DESC",
+ S::i('uid'));
+ $cats = array('important', 'news', 'end', 'body');
+
+ $this->load('feed.inc.php');
+ $user = S::user();
+ $body = EventFeed::nextEvent($it, $user);
+ foreach ($cats as $cat) {
+ $data = array();
+ if (!$body) {
+ continue;
+ }
+ do {
+ if ($cat == 'body' || $body[$cat]) {
+ $data[] = $body;
+ } else {
+ break;
+ }
+ $body = EventFeed::nextEvent($it, $user);
+ } while ($body);
+ if (!empty($data)) {
+ $array[$cat] = $data;
+ }
+ }
+
+ $page->assign_by_ref('events', $array);
+ }
+
+ function handler_photo($page, $eid = null, $valid = null)
+ {
+ if ($eid && $eid != 'valid') {
+ $res = XDB::query("SELECT * FROM announce_photos WHERE eid = {?}", $eid);
+ if ($res->numRows()) {
+ $photo = $res->fetchOneAssoc();
+ pl_cached_dynamic_content_headers("image/" . $photo['attachmime']);
+ echo $photo['attach'];
+ exit;
+ }
+ } elseif ($eid == 'valid') {
+ $valid = Validate::get_request_by_id($valid);
+ if ($valid && $valid->img) {
+ pl_cached_dynamic_content_headers("image/" . $valid->imgtype);
+ echo $valid->img;
+ exit;
+ }
+ } else {
+ $upload = new PlUpload(S::user()->login(), 'event');
+ if ($upload->exists() && $upload->isType('image')) {
+ pl_cached_dynamic_content_headers($upload->contentType());
+ echo $upload->getContents();
+ exit;
+ }
+ }
+ global $globals;
+ pl_cached_dynamic_content_headers("image/png");
+ echo file_get_contents($globals->spoolroot . '/htdocs/images/logo.png');
+ exit;
+ }
+
+ function handler_rss(PlPage $page, PlUser $user)
+ {
+ $this->load('feed.inc.php');
+ $feed = new EventFeed();
+ return $feed->run($page, $user);
+ }
+
+ function handler_preview($page)
+ {
+ $page->changeTpl('events/preview.tpl', NO_SKIN);
+ $texte = Get::v('texte');
+ if (!is_utf8($texte)) {
+ $texte = utf8_encode($texte);
+ }
+ $titre = Get::v('titre');
+ if (!is_utf8($titre)) {
+ $titre = utf8_encode($titre);
+ }
+ $page->assign('texte', $texte);
+ $page->assign('titre', $titre);
+ pl_content_headers("text/html");
}
- function handler_ev_submit(&$page)
+ function handler_ev_submit($page)
{
- $page->changeTpl('evenements.tpl');
+ $page->changeTpl('events/submit.tpl');
+
+ $wp = new PlWikiPage('Xorg.Annonce');
+ $wp->buildCache();
$titre = Post::v('titre');
$texte = Post::v('texte');
$promo_min = Post::i('promo_min');
$promo_max = Post::i('promo_max');
- $peremption = Post::i('peremption');
+ $expiration = Post::i('expiration');
$valid_mesg = Post::v('valid_mesg');
$action = Post::v('action');
+ $upload = new PlUpload(S::user()->login(), 'event');
+ $this->upload_image($page, $upload);
- if ($promo_min > $promo_max ||
+ if (($promo_min > $promo_max && $promo_max != 0)||
($promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020)) ||
($promo_max != 0 && ($promo_max <= 1900 || $promo_max >= 2020)))
{
- $page->trig("L'intervalle de promotions n'est pas valide");
+ $page->trigError("L'intervalle de promotions n'est pas valide");
$action = null;
}
- require_once('url_catcher.inc.php');
- $texte_catch_url = url_catcher($texte);
-
$page->assign('titre', $titre);
$page->assign('texte', $texte);
- $page->assign('texte_html', $texte_catch_url);
$page->assign('promo_min', $promo_min);
$page->assign('promo_max', $promo_max);
- $page->assign('peremption', $peremption);
+ $page->assign('expiration', $expiration);
$page->assign('valid_mesg', $valid_mesg);
$page->assign('action', strtolower($action));
+ $page->assign_by_ref('upload', $upload);
+
+ if ($action == 'Supprimer l\'image') {
+ $upload->rm();
+ $page->assign('action', false);
+ } elseif ($action && (!trim($texte) || !trim($titre))) {
+ $page->trigError("L'article doit avoir un titre et un contenu");
+ } elseif ($action) {
+ S::assert_xsrf_token();
- if ($action == 'Confirmer') {
- $texte = $texte_catch_url;
- require_once 'validations.inc.php';
$evtreq = new EvtReq($titre, $texte, $promo_min, $promo_max,
- $peremption, $valid_mesg, S::v('uid'));
+ $expiration, $valid_mesg, S::user(), $upload);
$evtreq->submit();
$page->assign('ok', true);
+ } elseif (!Env::v('preview')) {
+ $upload->rm();
}
-
- $select = '';
- for ($i = 1 ; $i < 30 ; $i++) {
- $time = time() + 3600 * 24 * $i;
- $p_stamp = date('Ymd', $time);
- $year = date('Y', $time);
- $month = date('m', $time);
- $day = date('d', $time);
-
- $select .= "<option value=\"$p_stamp\"";
- if ($p_stamp == strtr($peremption, array("-" => ""))) {
- $select .= " selected='selected'";
- }
- $select .= "> $day / $month / $year</option>\n";
- }
- $page->assign('select',$select);
}
- function handler_tips(&$page, $tips = null)
+ function handler_tips($page, $tips = null)
{
+ pl_content_headers("text/html");
$page->changeTpl('include/tips.tpl', NO_SKIN);
$page->assign('tips', $this->get_tips($tips));
}
- function handler_admin_tips(&$page, $action = 'list', $id = null)
+ function handler_admin_tips($page, $action = 'list', $id = null)
{
- $page->assign('xorg_title', 'Polytechnique.org - Administration - Astuces');
+ $page->setTitle('Administration - Astuces');
$page->assign('title', 'Gestion des Astuces');
- $table_editor = new PLTableEditor('admin/tips', 'tips', 'id');
- $table_editor->describe('peremption', 'date de péremption', true);
- $table_editor->describe('promo_min', 'promo. min (0 aucune)', false);
- $table_editor->describe('promo_max', 'promo. max (0 aucune)', false);
- $table_editor->describe('titre', 'titre', true);
+ $table_editor = new PLTableEditor('admin/tips', 'reminder_tips', 'id');
+ $table_editor->describe('expiration', 'date de péremption', true);
+ $table_editor->describe('promo_min', 'promo. min (0 aucune)', false, true);
+ $table_editor->describe('promo_max', 'promo. max (0 aucune)', false, true);
+ $table_editor->describe('title', 'titre', true);
$table_editor->describe('state', 'actif', true);
- $table_editor->describe('text', 'texte (html) de l\'astuce', false);
- $table_editor->describe('priorite', 'priorité (0=min, 256=max)', false);
+ $table_editor->describe('text', 'texte (html) de l\'astuce', false, true);
+ $table_editor->describe('priority', '0<=priorité<=255', true);
+ $table_editor->list_on_edit(false);
$table_editor->apply($page, $action, $id);
- }
-
- function handler_nl(&$page, $action = null)
- {
- require_once 'newsletter.inc.php';
-
- $page->changeTpl('newsletter/index.tpl');
- $page->assign('xorg_title','Polytechnique.org - Lettres mensuelles');
-
- switch ($action) {
- case 'out': unsubscribe_nl(); break;
- case 'in': subscribe_nl(); break;
- default: ;
- }
-
- $page->assign('nls', get_nl_state());
- $page->assign('nl_list', get_nl_list());
- }
-
- function handler_nl_show(&$page, $nid = 'last')
- {
- $page->changeTpl('newsletter/show.tpl');
-
- require_once 'newsletter.inc.php';
-
- $nl = new NewsLetter($nid);
- $page->assign_by_ref('nl', $nl);
-
- if (Post::has('send')) {
- $nl->sendTo(S::v('prenom'), S::v('nom'),
- S::v('bestalias'), S::v('femme'),
- S::v('mail_fmt') != 'texte');
- }
- }
-
- function handler_nl_submit(&$page)
- {
- $page->changeTpl('newsletter/submit.tpl');
-
- require_once 'newsletter.inc.php';
-
- if (Post::has('see')) {
- $art = new NLArticle(Post::v('title'), Post::v('body'), Post::v('append'));
- $page->assign('art', $art);
- } elseif (Post::has('valid')) {
- require_once('validations.inc.php');
- $art = new NLReq(S::v('uid'), Post::v('title'),
- Post::v('body'), Post::v('append'));
- $art->submit();
- $page->assign('submited', true);
+ if (($action == 'edit' && !is_null($id)) || $action == 'update') {
+ $page->changeTpl('events/admin_tips.tpl');
}
}
- function handler_admin_events(&$page, $action = 'list', $eid = null)
+ function handler_admin_events($page, $action = 'list', $eid = null)
{
- $page->changeTpl('admin/evenements.tpl');
- $page->assign('xorg_title','Polytechnique.org - Administration - Evenements');
+ $page->changeTpl('events/admin.tpl');
+ $page->setTitle('Administration - Evenements');
$page->register_modifier('hde', 'html_entity_decode');
$arch = $action == 'archives';
$page->assign('action', $action);
-
- if (Post::v('action') == "Proposer" && $eid) {
+
+ $upload = new PlUpload(S::user()->login(), 'event');
+ if ((Env::has('preview') || Post::v('action') == "Proposer") && $eid) {
+ $action = 'edit';
+ $this->upload_image($page, $upload);
+ }
+
+ if (Post::v('action') == 'Pas d\'image' && $eid) {
+ S::assert_xsrf_token();
+ $upload->rm();
+ XDB::execute("DELETE FROM announce_photos WHERE eid = {?}", $eid);
+ $action = 'edit';
+ } elseif (Post::v('action') == 'Supprimer l\'image' && $eid) {
+ S::assert_xsrf_token();
+ $upload->rm();
+ $action = 'edit';
+ } elseif (Post::v('action') == "Proposer" && $eid) {
+ S::assert_xsrf_token();
$promo_min = Post::i('promo_min');
$promo_max = Post::i('promo_max');
- if ($promo_min > $promo_max ||
- ($promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020)) ||
- ($promo_max != 0 && ($promo_max <= 1900 || $promo_max >= 2020)))
+ if (($promo_min != 0 && ($promo_min <= 1900 || $promo_min >= 2020)) ||
+ ($promo_max != 0 && ($promo_max <= 1900 || $promo_max >= 2020 || $promo_max < $promo_min)))
{
- $page->trig("L'intervalle de promotions $promo_min -> $promo_max n'est pas valide");
+ $page->trigError("L'intervalle de promotions $promo_min -> $promo_max n'est pas valide");
$action = 'edit';
} else {
- XDB::execute('UPDATE evenements
- SET titre={?}, texte={?}, peremption={?}, promo_min={?}, promo_max={?}
- WHERE id = {?}',
- Post::v('titre'), Post::v('texte'), Post::v('peremption'),
- Post::v('promo_min'), Post::v('promo_max'), $eid);
- }
+ $res = XDB::query('SELECT flags FROM announces WHERE id = {?}', $eid);
+ $flags = new PlFlagSet($res->fetchOneCell());
+ $flags->addFlag('wiki');
+ if (Post::v('important')) {
+ $flags->addFlag('important');
+ } else {
+ $flags->rmFlag('important');
+ }
+
+ XDB::execute('UPDATE announces
+ SET creation_date = creation_date,
+ titre={?}, texte={?}, expiration={?}, promo_min={?}, promo_max={?},
+ flags = {?}
+ WHERE id = {?}',
+ Post::v('titre'), Post::v('texte'), Post::v('expiration'),
+ Post::v('promo_min'), Post::v('promo_max'),
+ $flags, $eid);
+ if ($upload->exists() && list($x, $y, $type) = $upload->imageInfo()) {
+ XDB::execute('INSERT INTO announce_photos (eid, attachmime, attach, x, y)
+ VALUES ({?}, {?}, {?}, {?}, {?})
+ ON DUPLICATE KEY UPDATE attachmime = VALUES(attachmime), attach = VALUES(attach), x = VALUES(x), y = VALUES(y)',
+ $eid, $type, $upload->getContents(), $x, $y);
+ $upload->rm();
+ }
+ }
}
if ($action == 'edit') {
- $res = XDB::query('SELECT titre, texte, peremption, promo_min, promo_max
- FROM evenements
+ $res = XDB::query('SELECT titre, texte, expiration, promo_min, promo_max, FIND_IN_SET(\'important\', flags),
+ attach IS NOT NULL
+ FROM announces AS e
+ LEFT JOIN announce_photos AS p ON(e.id = p.eid)
WHERE id={?}', $eid);
- list($titre, $texte, $peremption, $promo_min, $promo_max) = $res->fetchOneRow();
+ list($titre, $texte, $expiration, $promo_min, $promo_max, $important, $img) = $res->fetchOneRow();
$page->assign('titre',$titre);
$page->assign('texte',$texte);
$page->assign('promo_min',$promo_min);
$page->assign('promo_max',$promo_max);
- $page->assign('peremption',$peremption);
+ $page->assign('expiration',$expiration);
+ $page->assign('important', $important);
+ $page->assign('eid', $eid);
+ $page->assign('img', $img);
+ $page->assign_by_ref('upload', $upload);
$select = "";
for ($i = 1 ; $i < 30 ; $i++) {
$month=substr($p_stamp,4,2);
$day=substr($p_stamp,6,2);
- $select .= "<option value=\"$p_stamp\""
- . (($p_stamp == strtr($peremption, array("-" => ""))) ? " selected" : "")
+ $select .= "<option value=\"$p_stamp\""
+ . (($p_stamp == strtr($expiration, array("-" => ""))) ? " selected" : "")
. "> $day / $month / $year</option>\n";
}
$page->assign('select',$select);
} else {
switch ($action) {
case 'delete':
- XDB::execute('DELETE from evenements
+ S::assert_xsrf_token();
+ XDB::execute('DELETE from announces
WHERE id = {?}', $eid);
break;
case "archive":
- XDB::execute('UPDATE evenements
+ S::assert_xsrf_token();
+ XDB::execute('UPDATE announces
SET creation_date = creation_date, flags = CONCAT(flags,",archive")
WHERE id = {?}', $eid);
break;
case "unarchive":
- XDB::execute('UPDATE evenements
+ S::assert_xsrf_token();
+ XDB::execute('UPDATE announces
SET creation_date = creation_date, flags = REPLACE(flags,"archive","")
WHERE id = {?}', $eid);
$action = 'archives';
break;
case "valid":
- XDB::execute('UPDATE evenements
+ S::assert_xsrf_token();
+ XDB::execute('UPDATE announces
SET creation_date = creation_date, flags = CONCAT(flags,",valide")
WHERE id = {?}', $eid);
break;
case "unvalid":
- XDB::execute('UPDATE evenements
+ S::assert_xsrf_token();
+ XDB::execute('UPDATE announces
SET creation_date = creation_date, flags = REPLACE(flags,"valide", "")
WHERE id = {?}', $eid);
break;
}
$pid = ($eid && $action == 'preview') ? $eid : -1;
- $sql = "SELECT e.id, e.titre, e.texte,e.id = $pid AS preview,
+ $sql = "SELECT e.id, e.titre, e.texte,e.id = $pid AS preview, e.uid,
DATE_FORMAT(e.creation_date,'%d/%m/%Y %T') AS creation_date,
- DATE_FORMAT(e.peremption,'%d/%m/%Y') AS peremption,
+ DATE_FORMAT(e.expiration,'%d/%m/%Y') AS expiration,
e.promo_min, e.promo_max,
FIND_IN_SET('valide', e.flags) AS fvalide,
FIND_IN_SET('archive', e.flags) AS farch,
- u.promo, u.nom, u.prenom, a.alias AS forlife
- FROM evenements AS e
- INNER JOIN auth_user_md5 AS u ON(e.user_id = u.user_id)
- INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type='a_vie')
+ FIND_IN_SET('wiki', e.flags) AS wiki
+ FROM announces AS e
WHERE ".($arch ? "" : "!")."FIND_IN_SET('archive',e.flags)
- ORDER BY FIND_IN_SET('valide',e.flags), e.peremption DESC";
+ ORDER BY FIND_IN_SET('valide',e.flags), e.expiration DESC";
$page->assign('evs', XDB::iterator($sql));
}
$page->assign('arch', $arch);
+ $page->assign('admin_evts', true);
}
-
- function handler_admin_nl(&$page, $new = false) {
- $page->changeTpl('newsletter/admin.tpl');
- $page->assign('xorg_title','Polytechnique.org - Administration - Newsletter : liste');
- require_once("newsletter.inc.php");
-
- if($new) {
- insert_new_nl();
- pl_redirect("admin/newsletter");
- }
-
- $page->assign('nl_list', get_nl_slist());
- }
-
- function handler_admin_nl_edit(&$page, $nid = 'last', $aid = null, $action = 'edit') {
- $page->changeTpl('newsletter/edit.tpl');
- $page->assign('xorg_title','Polytechnique.org - Administration - Newsletter : Edition');
- require_once("newsletter.inc.php");
-
- $nl = new NewsLetter($nid);
-
- if($action == 'delete') {
- $nl->delArticle($aid);
- pl_redirect("admin/newsletter/edit/$nid");
- }
-
- if($aid == 'update') {
- $nl->_title = Post::v('title');
- $nl->_title_mail= Post::v('title_mail');
- $nl->_date = Post::v('date');
- $nl->_head = Post::v('head');
- $nl->_shortname = strlen(Post::v('shortname')) ? Post::v('shortname') : null;
- if (preg_match('/^[-a-z0-9]*$/i', $nl->_shortname) && !is_numeric($nl->_shortname)) {
- $nl->save();
- } else {
- $page->trig('Le nom de la NL n\'est pas valide');
- pl_redirect('admin/newsletter/edit/' . $nl->_id);
- }
- }
-
- if(Post::v('save')) {
- $art = new NLArticle(Post::v('title'), Post::v('body'), Post::v('append'),
- $aid, Post::v('cid'), Post::v('pos'));
- $nl->saveArticle($art);
- pl_redirect("admin/newsletter/edit/$nid");
- }
-
- if($action == 'edit' && $aid != 'update') {
- $eaid = $aid;
- if(Post::has('title')) {
- $art = new NLArticle(Post::v('title'), Post::v('body'), Post::v('append'),
- $eaid, Post::v('cid'), Post::v('pos'));
- } else {
- $art = ($eaid == 'new') ? new NLArticle() : $nl->getArt($eaid);
- }
- $page->assign('art', $art);
- }
-
- $page->assign_by_ref('nl',$nl);
- }
- function handler_admin_nl_cat(&$page, $action = 'list', $id = null) {
- $page->assign('xorg_title','Polytechnique.org - Administration - Newsletter : Catégories');
- $page->assign('title', 'Gestion des catégories de la newsletter');
- $table_editor = new PLTableEditor('admin/newsletter/categories','newsletter_cat','cid');
- $table_editor->describe('titre','intitulé',true);
- $table_editor->describe('pos','position',true);
- $table_editor->apply($page, $action, $id);
- }
-
}
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
?>