<?php
/***************************************************************************
- * Copyright (C) 2003-2007 Polytechnique.org *
+ * Copyright (C) 2003-2008 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
{
$page->changeTpl('marketing/index.tpl');
- $page->assign('xorg_title','Polytechnique.org - Marketing');
+ $page->setTitle('Marketing');
// Quelques statistiques
$page->assign('nbInsMarkOK', $res->fetchOneCell());
}
- function handler_private(&$page, $uid = null,
+ function handler_private(&$page, $hruid = null,
$action = null, $value = null)
{
+ global $globals;
$page->changeTpl('marketing/private.tpl');
- if (is_null($uid)) {
+ $user = User::getSilent($hruid);
+ if (!$user) {
return PL_NOT_FOUND;
}
- $page->assign('path', 'marketing/private/'.$uid);
-
- $res = XDB::query("SELECT nom, prenom, promo, matricule
- FROM auth_user_md5
- WHERE user_id={?} AND perms='pending'", $uid);
-
- if (list($nom, $prenom, $promo, $matricule) = $res->fetchOneRow()) {
- require_once('user.func.inc.php');
- $matricule_X = get_X_mat($matricule);
- $page->assign('nom', $nom);
- $page->assign('prenom', $prenom);
- $page->assign('promo', $promo);
- $page->assign('matricule', $matricule);
- $page->assign('matricule_X',$matricule_X);
- } else {
- $page->kill('uid invalide');
+ // Retrieves marketed user details.
+ $res = XDB::query(
+ "SELECT matricule
+ FROM auth_user_md5
+ WHERE user_id = {?} AND perms = 'pending'", $user->id());
+ if (!($matricule = $res->fetchOneCell())) {
+ $page->kill("Cet utilisateur est déjà inscrit au site.");
}
+ require_once('user.func.inc.php');
+ $matricule = $res->fetchOneCell();
+ $matricule_X = get_X_mat($matricule);
+
+ $page->assign('full_name', $user->fullName());
+ $page->assign('promo', $user->promo());
+ $page->assign('matricule', $matricule);
+ $page->assign('matricule_X',$matricule_X);
+
+ // Applies in-parameter action to the user.
if ($action == 'del') {
- Marketing::clear($uid, $value);
+ S::assert_xsrf_token();
+ Marketing::clear($user->id(), $value);
}
if ($action == 'rel') {
- $market = Marketing::get($uid, $value);
+ $market = Marketing::get($user->id(), $value);
if ($market == null) {
- $page->trig("Aucun marketing n'a été effectué vers $value");
+ $page->trigWarning("Aucun marketing n'a été effectué vers $value");
} else {
$to = $market->user['to'];
$title = $market->getTitle();
}
if ($action == 'relforce') {
- $market = Marketing::get($uid, Post::v('to'));
+ S::assert_xsrf_token();
+
+ $market = Marketing::get($user->id(), Post::v('to'));
if (is_null($market)) {
- $market = new Marketing($uid, Post::v('to'), 'default', null, 'staff');
+ $market = new Marketing($user->id(), Post::v('to'), 'default', null, 'staff');
}
$market->send(Post::v('title'), Post::v('message'));
- $page->trig("Mail envoyé");
+ $page->trigSuccess("Email envoyé");
}
if ($action == 'insrel') {
- if (Marketing::relance($uid)) {
- $page->trig('relance faite');
+ S::assert_xsrf_token();
+ if (Marketing::relance($user->id())) {
+ $page->trigSuccess('relance faite');
}
}
if ($action == 'add' && Post::has('email') && Post::has('type')) {
- $market = new Marketing($uid, Post::v('email'), 'default', null, Post::v('type'), S::v('uid'));
+ $market = new Marketing($user->id(), Post::v('email'), 'default', null, Post::v('type'), S::v('uid'));
$market->add(false);
}
+ // Retrieves and display the existing marketing attempts.
$res = XDB::iterator(
"SELECT r.*, a.alias
FROM register_marketing AS r
INNER JOIN aliases AS a ON (r.sender=a.id AND a.type = 'a_vie')
WHERE uid={?}
- ORDER BY date", $uid);
+ ORDER BY date", $user->id());
$page->assign('addr', $res);
$res = XDB::query("SELECT date, relance FROM register_pending
- WHERE uid = {?}", $uid);
+ WHERE uid = {?}", $user->id());
if (list($pending, $relance) = $res->fetchOneRow()) {
$page->assign('pending', $pending);
$page->assign('relance', $relance);
}
+
+ $page->assign('path', 'marketing/private/' . $user->login());
}
function handler_broken(&$page, $uid = null)
{
- require_once('user.func.inc.php');
$page->changeTpl('marketing/broken.tpl');
if (is_null($uid)) {
return PL_NOT_FOUND;
}
- $forlife = get_user_forlife($uid);
- if (!$forlife) {
+
+ $user = User::get($uid);
+ if (!$user) {
return PL_NOT_FOUND;
- } elseif ($forlife == S::v('forlife')) {
+ } elseif ($user->login() == S::user()->login()) {
pl_redirect('emails/redirect');
}
- $res = Xdb::query("SELECT u.nom, u.prenom, u.promo, FIND_IN_SET('femme', u.flags) AS sexe,
- a.alias AS forlife, b.alias AS bestalias, e.email, e.last
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type = 'a_vie')
- INNER JOIN aliases AS b ON (b.id = u.user_id AND FIND_IN_SET('bestalias', b.flags))
- LEFT JOIN emails AS e ON (e.flags = 'active' AND e.uid = u.user_id)
- WHERE a.alias = {?}
- ORDER BY e.panne_level, e.last", $forlife);
+ $res = XDB::query(
+ "SELECT u.deces = '0000-00-00' AS alive, e.last,
+ IF(e.email IS NOT NULL, e.email, IF(FIND_IN_SET('googleapps', u.mail_storage), 'googleapps', NULL)) AS email
+ FROM auth_user_md5 AS u
+ LEFT JOIN emails AS e ON (e.flags = 'active' AND e.uid = u.user_id)
+ WHERE u.user_id = {?}
+ ORDER BY e.panne_level, e.last", $user->id());
if (!$res->numRows()) {
return PL_NOT_FOUND;
}
- $user = $res->fetchOneAssoc();
+ $user->addProperties($res->fetchOneAssoc());
$page->assign('user', $user);
$email = null;
+ require_once 'emails.inc.php';
if (Post::has('mail')) {
- require_once 'emails.inc.php';
$email = valide_email(Post::v('mail'));
}
if (Post::has('valide') && isvalid_email_redirection($email)) {
+ S::assert_xsrf_token();
+
// security stuff
- check_email($email, "Proposition d'une adresse surveillee pour " . $user['forlife'] . " par " . S::v('forlife'));
- $res = XDB::query("SELECT state
- FROM emails AS e
- INNER JOIN aliases AS a ON (a.id = e.uid)
- WHERE e.email = {?} AND a.alias = {?}", $email, $user['forlife']);
+ check_email($email, "Proposition d'une adresse surveillee pour " . $user->login() . " par " . S::user()->login());
+ $res = XDB::query("SELECT flags
+ FROM emails
+ WHERE email = {?} AND uid = {?}", $email, $user->id());
$state = $res->numRows() ? $res->fetchOneCell() : null;
if ($state == 'panne') {
- $page->trig("L'adresse que tu as fournie est l'adresse actuelle de {$user['prenom']} et est en panne.");
+ $page->trigWarning("L'adresse que tu as fournie est l'adresse actuelle de {$user->fullName()} et est en panne.");
} elseif ($state == 'active') {
- $page->trig("L'adresse que tu as fournie est l'adresse actuelle de {$user['prenom']}");
- } elseif ($user['email'] && !trim(Post::v('comment'))) {
- $page->trig("Il faut que tu ajoutes un commentaire à ta proposition pour justifier le "
- ."besoin de changer la redirection de " . $user['prenom']);
+ $page->trigWarning("L'adresse que tu as fournie est l'adresse actuelle de {$user->fullName()}");
+ } elseif ($user->email && !trim(Post::v('comment'))) {
+ $page->trigError("Il faut que tu ajoutes un commentaire à ta proposition pour justifier le "
+ . "besoin de changer la redirection de {$user->fullName()}.");
} else {
require_once 'validations.inc.php';
- $valid = new BrokenReq(S::i('uid'), $user, $email, trim(Post::v('comment')));
+ $valid = new BrokenReq(S::user(), $user, $email, trim(Post::v('comment')));
$valid->submit();
$page->assign('sent', true);
}
} elseif ($email) {
- $page->trig("L'adresse proposée n'est pas une adresse acceptable pour une redirection");
+ $page->trigError("L'adresse proposée n'est pas une adresse acceptable pour une redirection");
}
}
$page->assign('nonins', XDB::iterator($sql, $promo));
}
- function handler_public(&$page, $uid = null)
+ function handler_public(&$page, $hruid = null)
{
$page->changeTpl('marketing/public.tpl');
- if (is_null($uid)) {
+ // Retrieves the user info, and checks the user is not yet registered.
+ $user = User::getSilent($hruid);
+ if (!$user) {
return PL_NOT_FOUND;
}
- $res = XDB::query("SELECT nom, prenom, promo FROM auth_user_md5
- WHERE user_id={?} AND perms='pending'", $uid);
+ $res = XDB::query(
+ "SELECT COUNT(*)
+ FROM auth_user_md5
+ WHERE user_id = {?} AND perms = 'pending'", $user->id());
+ if (!$res->fetchOneCell()) {
+ $page->kill("Cet utilisateur est déjà inscrit au site.");
+ }
+
+ // Displays the page, and handles the eventual user actions.
+ $page->assign('full_name', $user->fullName());
+ $page->assign('promo', $user->promo());
- if (list($nom, $prenom, $promo) = $res->fetchOneRow()) {
- $page->assign('prenom', $prenom);
- $page->assign('nom', $nom);
- $page->assign('promo', $promo);
+ if (Post::has('valide')) {
+ S::assert_xsrf_token();
+ $email = trim(Post::v('mail'));
- if (Post::has('valide')) {
- require_once('xorg.misc.inc.php');
- $email = trim(Post::v('mail'));
+ require_once 'emails.inc.php';
+ if (!isvalid_email_redirection($email)) {
+ $page->trigError("Email invalide !");
+ } else {
+ // On cherche les marketings précédents sur cette adresse
+ // email, en se restreignant au dernier mois
- if (!isvalid_email_redirection($email)) {
- $page->trig("Email invalide !");
+ if (Marketing::get($user->id(), $email, true)) {
+ $page->assign('already', true);
} else {
- // On cherche les marketings précédents sur cette adresse
- // email, en se restreignant au dernier mois
-
- if (Marketing::get($uid, $email, true)) {
- $page->assign('already', true);
- } else {
- $page->assign('ok', true);
- check_email($email, "Une adresse surveillée est proposée au marketing par " . S::v('forlife'));
- $market = new Marketing($uid, $email, 'default', null, Post::v('origine'), S::v('uid'));
- $market->add();
- }
+ $page->assign('ok', true);
+ check_email($email, "Une adresse surveillée est proposée au marketing par " . S::user()->login());
+ $market = new Marketing($user->id(), $email, 'default', null, Post::v('origine'), S::v('uid'));
+ $market->add();
}
}
}