Add a generic hash capability to the newsletter.

[platal.git] / modules / payment.php

diff --git a/modules/payment.php b/modules/payment.php
index 6cd2b14..11926f9 100644 (file)
--- a/modules/payment.php
+++ b/modules/payment.php
@@ -1,6 +1,6 @@
 <?php
 /***************************************************************************
- *  Copyright (C) 2003-2007 Polytechnique.org                              *
+ *  Copyright (C) 2003-2008 Polytechnique.org                              *
  *  http://opensource.polytechnique.org/                                   *
  *                                                                         *
  *  This program is free software; you can redistribute it and/or modify   *
@@ -71,6 +71,16 @@ function cle_accept($d1,$d2,$d3,$d4,$d5)
     return $alpha{$n-1}.$m1.$m2.$m3.$m4;
 }
 
+/* decode the comment */
+function comment_decode($comment) {
+    $comment = urldecode($comment);
+    if (is_utf8($comment)) {
+        return $comment;
+    } else {
+        return utf8_encode($comment);
+    }
+}
+
 
 class PaymentModule extends PLModule
 {
@@ -80,8 +90,8 @@ class PaymentModule extends PLModule
             'payment'               => $this->make_hook('payment', AUTH_MDP),
             'payment/cyber_return'  => $this->make_hook('cyber_return',  AUTH_PUBLIC),
             'payment/paypal_return' => $this->make_hook('paypal_return',  AUTH_PUBLIC),
-            '%grp/paiement'              => $this->make_hook('xnet_payment', AUTH_MDP, 'groupmember'),
-            '%grp/payment'               => $this->make_hook('xnet_payment', AUTH_MDP, 'groupmember'),
+            '%grp/paiement'              => $this->make_hook('xnet_payment', AUTH_MDP),
+            '%grp/payment'               => $this->make_hook('xnet_payment', AUTH_MDP),
             '%grp/payment/cyber_return'  => $this->make_hook('cyber_return', AUTH_PUBLIC),
             '%grp/payment/paypal_return' => $this->make_hook('paypal_return', AUTH_PUBLIC),
             'admin/payments'        => $this->make_hook('admin', AUTH_MDP, 'admin'),
@@ -218,6 +228,7 @@ class PaymentModule extends PLModule
         $conf_text = str_replace("<salutation>",$femme ? "Chère" : "Cher",$conf_text);
         $conf_text = str_replace("<cher>",$femme ? "Chère" : "Cher",$conf_text);
 
+        global $globals;
         $mymail = new PlMailer();
         $mymail->setFrom($conf_mail);
         $mymail->addTo("\"$prenom $nom\" <$forlife@" . $globals->mail->domain . '>');
@@ -307,6 +318,7 @@ class PaymentModule extends PLModule
         $conf_text = str_replace("<salutation>",$femme ? "Chère" : "Cher",$conf_text);
         $conf_text = str_replace("<cher>",$femme ? "Chère" : "Cher",$conf_text);
 
+        global $globals;
         $mymail = new PlMailer();
         $mymail->setFrom($conf_mail);
         $mymail->addTo("\"$prenom $nom\" <$forlife@" . $globals->mail->domain . '>');
@@ -338,6 +350,21 @@ class PaymentModule extends PLModule
     {
         global $globals;
 
+        $perms = S::v('perms');
+        if (!$perms->hasFlag('groupmember')) {
+            if (is_null($pid)) {
+                return PL_FORBIDDEN;
+            }
+            $res = XDB::query("SELECT  1
+                                 FROM  groupex.evenements AS e
+                           INNER JOIN  groupex.evenements_participants AS ep ON (ep.eid = e.eid AND uid = {?})
+                                WHERE  e.paiement_id = {?} AND e.asso_id = {?}",
+                              S::i('uid'), $pid, $globals->asso('id'));
+            if ($res->numRows() == 0) {
+                return PL_FORBIDDEN;
+            }
+        }
+
         if (!is_null($pid)) {
             return  $this->handler_payment($page, $pid);
         }
@@ -433,6 +460,7 @@ class PaymentModule extends PLModule
                 $event[$pid]['paid'] += trim($p);
             }
         }
+        $page->register_modifier('decode_comment', 'decode_comment');
         $page->assign('trans', $trans);
         $page->assign('event', $event);
     }