<?php
/***************************************************************************
- * Copyright (C) 2003-2007 Polytechnique.org *
+ * Copyright (C) 2003-2008 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
'lists/create' => $this->make_hook('create', AUTH_MDP),
'lists/members' => $this->make_hook('members', AUTH_COOKIE),
- 'lists/trombi' => $this->make_hook('trombi', AUTH_COOKIE),
+ 'lists/csv' => $this->make_hook('csv', AUTH_COOKIE),
+ 'lists/annu' => $this->make_hook('annu', AUTH_COOKIE),
'lists/archives' => $this->make_hook('archives', AUTH_COOKIE),
- 'lists/archives/rss' => $this->make_hook('rss', AUTH_PUBLIC),
+ 'lists/archives/rss' => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS),
'lists/moderate' => $this->make_hook('moderate', AUTH_MDP),
'lists/admin' => $this->make_hook('admin', AUTH_MDP),
);
}
- function on_subscribe($forlife, $uid, $promo, $password)
- {
- $this->prepare_client(null);
- $this->client->subscribe("promo$promo");
- }
-
function prepare_client(&$page)
{
global $globals;
- require_once dirname(__FILE__).'/lists/lists.inc.php';
+ $this->load('lists.inc.php');
$this->client = new MMList(S::v('uid'), S::v('password'));
return $globals->mail->domain;
}
+ function get_pending_ops($domain, $list)
+ {
+ list($subs,$mails) = $this->client->get_pending_ops($list);
+ $res = XDB::query("SELECT mid
+ FROM ml_moderate
+ WHERE ml = {?} AND domain = {?}",
+ $list, $domain);
+ $mids = $res->fetchColumn();
+ foreach ($mails as $key=>$mail) {
+ if (in_array($mail['id'], $mids)) {
+ unset($mails[$key]);
+ }
+ }
+ return array($subs, $mails);
+ }
+
function handler_lists(&$page)
{
function filter_owner($list)
return $list['sub'];
}
- $this->prepare_client($page);
+ $domain = $this->prepare_client($page);
$page->changeTpl('lists/index.tpl');
$page->addJsLink('ajax.js');
- $page->assign('xorg_title','Polytechnique.org - Listes de diffusion');
+ $page->setTitle('Listes de diffusion');
if (Get::has('del')) {
+ S::assert_xsrf_token();
$this->client->unsubscribe(Get::v('del'));
pl_redirect('lists');
}
if (Get::has('add')) {
+ S::assert_xsrf_token();
$this->client->subscribe(Get::v('add'));
pl_redirect('lists');
}
if (Post::has('promo_add')) {
+ S::assert_xsrf_token();
+
$promo = Post::i('promo_add');
if ($promo >= 1900 and $promo < 2100) {
$this->client->subscribe("promo$promo");
} else {
- $page->trig("promo incorrecte, il faut une promo sur 4 chiffres.");
+ $page->trigSuccess("promo incorrecte, il faut une promo sur 4 chiffres.");
}
}
+
$listes = $this->client->get_lists();
$owner = array_filter($listes, 'filter_owner');
$listes = array_diff_key($listes, $owner);
$member = array_filter($listes, 'filter_member');
$listes = array_diff_key($listes, $member);
foreach ($owner as $key=>$liste) {
- list($subs,$mails) = $this->client->get_pending_ops($liste['list']);
+ list($subs,$mails) = $this->get_pending_ops($domain, $liste['list']);
$owner[$key]['subscriptions'] = $subs;
$owner[$key]['mails'] = $mails;
}
header('Content-Type: text/html; charset="UTF-8"');
$domain = $this->prepare_client($page);
$page->changeTpl('lists/liste.inc.tpl', NO_SKIN);
+ S::assert_xsrf_token();
+
if (Get::has('unsubscribe')) {
$this->client->unsubscribe($list);
}
list($liste, $members, $owners) = $this->client->get_members($list);
if ($liste['own']) {
- list($subs,$mails) = $this->client->get_pending_ops($list);
+ list($subs,$mails) = $this->get_pending_ops($domain, $list);
$liste['subscriptions'] = $subs;
$liste['mails'] = $mails;
}
function handler_create(&$page)
{
+ global $globals;
+
$page->changeTpl('lists/create.tpl');
+ $user_promo = S::i('promo');
+ $year = date('Y');
+ $month = date('m');
+ $young_promo = $very_young_promo = 0;
+ if ((($year > $user_promo) && ($month > 3)) && ($year < $user_promo + 5)) {
+ $young_promo = 1;
+ }
+ if ((($year > $user_promo) && ($month > 7)) && (($year < $user_promo + 1) && ($month < 8))) {
+ $very_young_promo = 1;
+ }
+ $page->assign('young_promo', $young_promo);
+ $page->assign('very_young_promo', $very_young_promo);
+
$owners = preg_split("/[\s]+/", Post::v('owners'), -1, PREG_SPLIT_NO_EMPTY);
$members = preg_split("/[\s]+/", Post::v('members'), -1, PREG_SPLIT_NO_EMPTY);
// click on validate button 'add_owner_sub' or type <enter>
if (Post::has('add_owner_sub') && Post::has('add_owner')) {
- require_once('user.func.inc.php');
// if we want to add an owner and then type <enter>, then both
// add_owner_sub and add_owner are filled.
- $oforlifes = get_users_forlife_list(Post::v('add_owner'), true);
- $mforlifes = get_users_forlife_list(Post::v('add_member'), true);
+ $oforlifes = User::getBulkForlifeEmails(Post::v('add_owner'), true);
+ $mforlifes = User::getBulkForlifeEmails(Post::v('add_member'), true);
if (!is_null($oforlifes)) {
$owners = array_merge($owners, $oforlifes);
}
// click on validate button 'add_member_sub'
if (Post::has('add_member_sub') && Post::has('add_member')) {
- require_once('user.func.inc.php');
- $forlifes = get_users_forlife_list(Post::v('add_member'), true);
+ $forlifes = User::getBulkForlifeEmails(Post::v('add_member'), true);
if (!is_null($forlifes)) {
$members = array_merge($members, $forlifes);
}
}
+ if (Post::has('add_member_sub') && isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) {
+ $upload =& PlUpload::get($_FILES['add_member_file'], S::user()->login(), 'list.addmember', true);
+ if (!$upload) {
+ $page->trigError('Une erreur s\'est produite lors du téléchargement du fichier');
+ } else {
+ $forlifes = User::getBulkForlifeEmails($upload->getContents(), true);
+ if (!is_null($forlifes)) {
+ $members = array_merge($members, $forlifes);
+ }
+ }
+ }
ksort($owners);
$owners = array_unique($owners);
ksort($members);
$members = array_unique($members);
- $page->assign('owners', join(' ', $owners));
- $page->assign('members', join(' ', $members));
+ $page->assign('owners', join("\n", $owners));
+ $page->assign('members', join("\n", $members));
if (!Post::has('submit')) {
return;
+ } else {
+ S::assert_xsrf_token();
}
+ $asso = Post::v('asso');
$liste = Post::v('liste');
if (empty($liste)) {
- $page->trig('champs «addresse souhaitée» vide');
+ $page->trigError('Le champ «adresse souhaitée» est vide.');
}
if (!preg_match("/^[a-zA-Z0-9\-]*$/", $liste)) {
- $page->trig('le nom de la liste ne doit contenir que des lettres non accentuées, chiffres et tirets');
+ $page->trigError('Le nom de la liste ne doit contenir que des lettres non accentuées, chiffres et tirets.');
+ }
+
+ if (($asso == "binet") || ($asso == "alias")) {
+ $promo = Post::i('promo');
+ $domain = $promo . '.' . $globals->mail->domain;
+
+ if (($promo < 1921) || ($promo > date('Y'))) {
+ $page->trigError('La promotion est mal renseignée, elle doit être du type : 2004.');
+ }
+
+ $new = $liste . '@' . $domain;
+ $res = XDB::query('SELECT COUNT(*) FROM x4dat.virtual WHERE alias={?}', $new);
+
+ } else {
+ if ($asso == "groupex") {
+ $groupex_name = Post::v('groupex_name');
+
+ $res_groupe = XDB::query('SELECT mail_domain FROM groupex.asso WHERE nom={?}', $groupex_name);
+ $domain = $res_groupe->fetchOneCell();
+
+ if (!$domain) {
+ $page->trigError('Il n\'y a aucun groupe de ce nom sur Polytechnique.net.');
+ }
+
+ $new = $liste . '@' . $domain;
+ $res = XDB::query('SELECT COUNT(*) FROM x4dat.virtual WHERE alias={?}', $new);
+ } else {
+ $res = XDB::query("SELECT COUNT(*) FROM aliases WHERE alias={?}", $liste);
+ $domain = $globals->mail->domain;
+ }
}
- $res = XDB::query("SELECT COUNT(*) FROM aliases WHERE alias={?}", $liste);
- $n = $res->fetchOneCell();
+ $n = $res->fetchOneCell();
if ($n) {
- $page->trig('cet alias est déjà pris');
+ $page->trigError('L\'«adresse souhaitée» est déjà prise.');
}
- if (!Post::v(desc)) {
- $page->trig('le sujet est vide');
+ if (!Post::v('desc')) {
+ $page->trigError('Le sujet est vide.');
}
if (!count($owners)) {
- $page->trig('pas de gestionnaire');
+ $page->trigError('Il n\'y a pas de gestionnaire.');
}
if (count($members)<4) {
- $page->trig('pas assez de membres');
+ $page->trigError('Il n\'y a pas assez de membres.');
}
if (!$page->nb_errs()) {
$page->assign('created', true);
require_once 'validations.inc.php';
- $req = new ListeReq(S::v('uid'), $liste,
+ $req = new ListeReq(S::user(), $asso, $liste, $domain,
Post::v('desc'), Post::i('advertise'),
Post::i('modlevel'), Post::i('inslevel'),
$owners, $members);
$page->changeTpl('lists/members.tpl');
if (Get::has('del')) {
+ S::assert_xsrf_token();
$this->client->unsubscribe($liste);
pl_redirect('lists/members/'.$liste);
}
if (Get::has('add')) {
+ S::assert_xsrf_token();
$this->client->subscribe($liste);
pl_redirect('lists/members/'.$liste);
}
}
}
- function compare($a, $b)
+ function handler_csv(PlPage &$page, $liste = null)
{
- if ($a['promo'] == $b['promo']) {
- if ($a['nom'] == $b['nom']) {
- return strcmp($a['prenom'], $b['prenom']);
- }
- return strcmp($a['nom'], $b['nom']);
+ if (is_null($liste)) {
+ return PL_NOT_FOUND;
}
- return $a['promo'] - $b['promo'];
- }
+ $this->prepare_client($page);
+ $members = $this->client->get_members($liste);
+ $list = list_fetch_names(list_extract_members($members[1]));
+ header('Content-Type: text/x-csv; charset=utf-8;');
+ header('Pragma: ');
+ header('Cache-Control: ');
- function _get_list($offset, $limit)
- {
- global $platal;
- list($total, $members) = $this->client->get_members_limit($platal->argv[1], $offset, $limit);
-
- $membres = Array();
- foreach ($members as $member) {
- list($m) = explode('@',$member[1]);
- $res = XDB::query("SELECT prenom,if (nom_usage='', nom, nom_usage) AS nom,
- promo, a.alias AS forlife
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON u.user_id = a.id
- INNER JOIN photo AS p ON p.uid = u.user_id
- WHERE a.alias = {?}", $m);
- if ($tmp = $res->fetchOneAssoc()) {
- $membres[$tmp['nom']] = $tmp;
- } else {
- $total--;
- }
+ echo "email,nom,prenom,promo\n";
+ foreach ($list as $member) {
+ echo @$member['email'] . ',' . @$member['nom'] . ',' . @$member['prenom'] . ',' . @$member['promo'] . "\n";
}
- uasort($membres, array($this, 'compare'));
- return array($total, $membres);
+ exit;
}
- function handler_trombi(&$page, $liste = null)
+ function handler_annu(&$page, $liste = null, $action = null, $subaction = null)
{
if (is_null($liste)) {
return PL_NOT_FOUND;
$this->prepare_client($page);
- $page->changeTpl('lists/trombi.tpl');
-
if (Get::has('del')) {
+ S::assert_xsrf_token();
$this->client->unsubscribe($liste);
- pl_redirect('lists/trombi/'.$liste);
+ pl_redirect('lists/annu/'.$liste);
}
if (Get::has('add')) {
+ S::assert_xsrf_token();
$this->client->subscribe($liste);
- pl_redirect('lists/trombi/'.$liste);
+ pl_redirect('lists/annu/'.$liste);
}
$owners = $this->client->get_owners($liste);
-
- if (is_array($owners)) {
- $moderos = list_sort_owners($owners[1]);
-
- $page->assign_by_ref('details', $owners[0]);
- $page->assign_by_ref('owners', $moderos);
-
- $trombi = new Trombi(array(&$this, '_get_list'));
- $page->assign('trombi', $trombi);
- } else {
+ if (!is_array($owners)) {
$page->kill("La liste n'existe pas ou tu n'as pas le droit d'en voir les détails");
}
+
+ global $platal;
+ list(,$members) = $this->client->get_members($liste);
+ $users = array();
+ foreach ($members as $m) {
+ $users[] = $m[1];
+ }
+ require_once 'userset.inc.php';
+ $view = new ArraySet($users);
+ $view->addMod('trombi', 'Trombinoscope', true, array('with_promo' => true));
+ if (empty($GLOBALS['IS_XNET_SITE'])) {
+ $view->addMod('minifiche', 'Mini-fiches', false);
+ }
+ $view->addMod('geoloc', 'Planisphère');
+ $view->apply("lists/annu/$liste", $page, $action, $subaction);
+ if ($action == 'geoloc' && $subaction) {
+ return;
+ }
+
+ $page->changeTpl('lists/annu.tpl');
+ $moderos = list_sort_owners($owners[1]);
+ $page->assign_by_ref('details', $owners[0]);
+ $page->assign_by_ref('owners', $moderos);
}
function handler_archives(&$page, $liste = null, $action = null, $artid = null)
if (list($det) = $this->client->get_members($liste)) {
if (substr($liste,0,5) != 'promo' && ($det['ins'] || $det['priv'])
&& !$det['own'] && ($det['sub'] < 2)) {
- $page->kill("La liste n'existe pas ou tu n'as pas le droit de la consulter");
+ $page->kill("La liste n'existe pas ou tu n'as pas le droit de la consulter.");
}
$get = Array('listname' => $liste, 'domain' => $domain);
if (Post::has('updateall')) {
get_banana_params($get, null, $action, $artid);
run_banana($page, 'MLBanana', $get);
} else {
- $page->kill("La liste n'existe pas ou tu n'as pas le droit de la consulter");
+ $page->kill("La liste n'existe pas ou tu n'as pas le droit de la consulter.");
}
}
if (list($det) = $this->client->get_members($liste)) {
if (substr($liste,0,5) != 'promo' && ($det['ins'] || $det['priv'])
&& !$det['own'] && ($det['sub'] < 2)) {
- exit;
+ exit;
}
require_once('banana/ml.inc.php');
- $banana = new MLBanana(S::v('forlife'), Array('listname' => $liste, 'domain' => $domain, 'action' => 'rss2'));
+ $banana = new MLBanana(S::user(), Array('listname' => $liste, 'domain' => $domain, 'action' => 'rss2'));
$banana->run();
}
exit;
function moderate_mail($domain, $liste, $mid)
{
- $mail = $this->client->get_pending_mail($liste, $mid);
- $reason = '';
-
- $prenom = S::v('prenom');
- $nom = S::v('nom');
-
if (Env::has('mok')) {
- $action = 1; /** 2 = ACCEPT **/
- $subject = "Message accepté";
- $append .= "a été accepté par $prenom $nom.\n";
+ $action = 'accept';
} elseif (Env::has('mno')) {
- $action = 2; /** 2 = REJECT **/
- $subject = "Message refusé";
- $reason = Post::v('reason');
- $append = "a été refusé par $prenom $nom avec la raison :\n\n"
- . $reason;
+ $action = 'refuse';
} elseif (Env::has('mdel')) {
- $action = 3; /** 3 = DISCARD **/
- $subject = "Message supprimé";
- $append = "a été supprimé par $prenom $nom.\n\n"
- . "Rappel: il ne faut utiliser cette opération "
- . "que dans le cas de spams ou de virus !\n";
- }
-
- if (isset($action) && $this->client->handle_request($liste, $mid, $action, $reason)) {
- $texte = "le message suivant :\n\n"
- ." Auteur: {$mail['sender']}\n"
- ." Sujet : « {$mail['subj']} »\n"
- ." Date : ".strftime("le %d %b %Y à %H:%M:%S", (int)$mail['stamp'])."\n\n"
- .$append;
- $mailer = new PlMailer();
- $mailer->addTo("$liste-owner@{$domain}");
- $mailer->setFrom("$liste-bounces@{$domain}");
- $mailer->addHeader('Reply-To', "$liste-owner@{$domain}");
- $mailer->setSubject($subject);
- $mailer->setTxtBody(wordwrap($texte,72));
- $mailer->send();
- Get::kill('mid');
- }
-
- return $mail;
+ $action = 'delete';
+ } else {
+ return false;
+ }
+ Get::kill('mid');
+ return XDB::execute("INSERT IGNORE INTO ml_moderate
+ VALUES ({?}, {?}, {?}, {?}, {?}, NOW(), {?}, NULL)",
+ $liste, $domain, $mid, S::i('uid'), $action, Post::v('reason'));
}
function handler_moderate(&$page, $liste = null)
$page->register_modifier('hdc', 'list_header_decode');
if (Env::has('sadd') || Env::has('sdel')) {
+ S::assert_xsrf_token();
+
if (Env::has('sadd')) { /* 4 = SUBSCRIBE */
$sub = $this->client->get_pending_sub($liste, Env::v('sadd'));
$this->client->handle_request($liste,Env::v('sadd'),4,'');
}
if (Post::has('sdel')) { /* 2 = REJECT */
$sub = $this->client->get_pending_sub($liste, Env::v('sdel'));
- $this->client->handle_request($liste, Post::v('sdel'), 2, Post::v('reason'));
+ $this->client->handle_request($liste, Post::v('sdel'), 2, utf8_decode(Post::v('reason')));
$info = "refusée";
}
if ($sub) {
}
if (Env::has('sadd')) {
pl_redirect('lists/moderate/'.$liste);
- }
+ }
}
if (Post::has('moderate_mails') && Post::has('select_mails')) {
+ S::assert_xsrf_token();
+
$mails = array_keys(Post::v('select_mails'));
foreach($mails as $mail) {
$this->moderate_mail($domain, $liste, $mail);
$mail = $this->moderate_mail($domain, $liste, Env::i('mid'));
} elseif (Env::has('sid')) {
- if (list($subs,$mails) = $this->client->get_pending_ops($liste)) {
+ if (list($subs,$mails) = $this->get_pending_ops($domain, $liste)) {
foreach($subs as $user) {
if ($user['id'] == Env::v('sid')) {
$page->changeTpl('lists/moderate_sub.tpl');
}
- if (list($subs,$mails) = $this->client->get_pending_ops($liste)) {
+ if (list($subs,$mails) = $this->get_pending_ops($domain, $liste)) {
foreach ($mails as $key=>$mail) {
$mails[$key]['stamp'] = strftime("%Y%m%d%H%M%S", $mail['stamp']);
+ if ($mail['fromx']) {
+ $page->assign('with_fromx', true);
+ } else {
+ $page->assign('with_nonfromx', true);
+ }
}
$page->assign_by_ref('subs', $subs);
$page->assign_by_ref('mails', $mails);
static public function no_login_callback($login)
{
require_once 'user.func.inc.php';
- global $list_unregistered;
+ global $list_unregistered, $globals;
$users = get_not_registered_user($login, true);
- if ($users->total()) {
+ if ($users && $users->total()) {
if (!isset($list_unregistered)) {
$list_unregistered = array();
}
$list_unregistered[$login] = $users;
} else {
- _default_user_callback($login);
+ list($name, $dom) = @explode('@', $login);
+ if ($dom == $globals->mail->domain || $dom == $globals->mail->domain2) {
+ User::_default_user_callback($login);
+ }
}
}
$page->changeTpl('lists/admin.tpl');
if (Env::has('send_mark')) {
+ S::assert_xsrf_token();
+
$actions = Env::v('mk_action');
$uids = Env::v('mk_uid');
$mails = Env::v('mk_email');
}
if (Env::has('add_member')) {
- require_once('user.func.inc.php');
- $members = get_users_forlife_list(Env::v('add_member'), false, array('ListsModule', 'no_login_callback'));
+ S::assert_xsrf_token();
+
+ $members = User::getBulkForlifeEmails(Env::v('add_member'),
+ false,
+ array('ListsModule', 'no_login_callback'));
$arr = $this->client->mass_subscribe($liste, $members);
if (is_array($arr)) {
foreach($arr as $addr) {
- $page->trig("{$addr[0]} inscrit.");
+ $page->trigSuccess("{$addr[0]} inscrit.");
+ }
+ }
+ }
+
+ if (isset($_FILES['add_member_file']) && $_FILES['add_member_file']['tmp_name']) {
+ S::assert_xsrf_token();
+
+ $upload =& PlUpload::get($_FILES['add_member_file'], S::user()->login(), 'list.addmember', true);
+ if (!$upload) {
+ $page->trigError('Une erreur s\'est produite lors du téléchargement du fichier');
+ } else {
+ $members = User::getBulkForlifeEmails($upload->getContents(),
+ false,
+ array('ListsModule', 'no_login_callback'));
+ $arr = $this->client->mass_subscribe($liste, $members);
+ if (is_array($arr)) {
+ foreach($arr as $addr) {
+ $page->trigSuccess("{$addr[0]} inscrit.");
+ }
}
}
}
if (Env::has('del_member')) {
+ S::assert_xsrf_token();
+
if (strpos(Env::v('del_member'), '@') === false) {
$this->client->mass_unsubscribe(
$liste, array(Env::v('del_member').'@'.$globals->mail->domain));
}
if (Env::has('add_owner')) {
- require_once('user.func.inc.php');
- $owners = get_users_forlife_list(Env::v('add_owner'), false, array('ListsModule', 'no_login_callback'));
+ S::assert_xsrf_token();
+
+ $owners = User::getBulkForlifeEmails(Env::v('add_owner'), false, array('ListsModule', 'no_login_callback'));
if ($owners) {
foreach ($owners as $login) {
if ($this->client->add_owner($liste, $login)) {
- $page->trig($alias." ajouté aux modérateurs.");
+ $page->trigSuccess($login ." ajouté aux modérateurs.");
}
}
}
}
if (Env::has('del_owner')) {
+ S::assert_xsrf_token();
+
if (strpos(Env::v('del_owner'), '@') === false) {
$this->client->del_owner($liste, Env::v('del_owner').'@'.$globals->mail->domain);
} else {
$page->changeTpl('lists/options.tpl');
if (Post::has('submit')) {
+ S::assert_xsrf_token();
+
$values = $_POST;
$values = array_map('utf8_decode', $values);
- $this->client->set_bogo_level($liste, intval($values['bogo_level']));
+ $spamlevel = intval($values['bogo_level']);
+ $unsurelevel = intval($values['unsure_level']);
+ if ($spamlevel == 0) {
+ $unsurelevel = 0;
+ }
+ if ($spamlevel > 3 || $spamlevel < 0 || $unsurelevel < 0 || $unsurelevel > 1) {
+ $page->trigError("Réglage de l'antispam non valide");
+ } else {
+ $this->client->set_bogo_level($liste, ($spamlevel << 1) + $unsurelevel);
+ }
switch($values['moderate']) {
case '0':
$values['generic_nonmember_action'] = 0;
}
$this->client->set_owner_options($liste, $values);
} elseif (isvalid_email(Post::v('atn_add'))) {
+ S::assert_xsrf_token();
$this->client->add_to_wl($liste, Post::v('atn_add'));
} elseif (Get::has('atn_del')) {
+ S::assert_xsrf_token();
$this->client->del_from_wl($liste, Get::v('atn_del'));
pl_redirect('lists/options/'.$liste);
}
if (list($details,$options) = $this->client->get_owner_options($liste)) {
$page->assign_by_ref('details', $details);
$page->assign_by_ref('options', $options);
- $page->assign('bogo_level', $this->client->get_bogo_level($liste));
+ $bogo_level = intval($this->client->get_bogo_level($liste));
+ $page->assign('unsure_level', $bogo_level & 1);
+ $page->assign('bogo_level', $bogo_level >> 1);
} else {
$page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer");
}
$page->changeTpl('lists/delete.tpl');
if (Post::v('valid') == 'OUI') {
+ S::assert_xsrf_token();
+
if ($this->client->delete_list($liste, Post::b('del_archive'))) {
- foreach (array('', '-owner', '-admin', '-bounces') as $app) {
+ foreach (array('', '-owner', '-admin', '-bounces', '-unsubscribe') as $app) {
XDB::execute("DELETE FROM $table
WHERE type={?} AND alias={?}",
$type, $liste.$app.$domain);
}
$page->assign('deleted', true);
+ $page->trigSuccess('La liste a été détruite !');
} else {
$page->kill('Une erreur est survenue lors de la suppression de la liste.<br />'
. 'Contact les administrateurs du site pour régler le problème : '
. '<a href="mailto:support@polytechnique.org">support@polytechnique.org</a>');
}
} elseif (list($details,$options) = $this->client->get_owner_options($liste)) {
+ if (!$details['own']) {
+ $page->trigWarning('Tu n\'es pas administrateur de la liste, mais du site.');
+ }
$page->assign_by_ref('details', $details);
$page->assign_by_ref('options', $options);
$page->assign('bogo_level', $this->client->get_bogo_level($liste));
$page->changeTpl('lists/soptions.tpl');
if (Post::has('submit')) {
+ S::assert_xsrf_token();
+
$values = $_POST;
$values = array_map('utf8_decode', $values);
unset($values['submit']);
$page->changeTpl('lists/check.tpl');
if (Post::has('correct')) {
+ S::assert_xsrf_token();
$this->client->check_options($liste, true);
}
function handler_admin_all(&$page) {
$page->changeTpl('lists/admin_all.tpl');
- $page->assign('xorg_title','Polytechnique.org - Administration - Mailing lists');
+ $page->setTitle('Administration - Mailing lists');
$client = new MMList(S::v('uid'), S::v('password'));
$listes = $client->get_all_lists();