<?php
/***************************************************************************
- * Copyright (C) 2003-2011 Polytechnique.org *
+ * Copyright (C) 2003-2014 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
function handlers()
{
return array(
- 'index' => $this->make_hook('index', AUTH_PUBLIC),
- 'cacert.pem' => $this->make_hook('cacert', AUTH_PUBLIC),
- 'changelog' => $this->make_hook('changelog', AUTH_PUBLIC),
+ 'index' => $this->make_hook('index', AUTH_PUBLIC),
+ 'cacert.pem' => $this->make_hook('cacert', AUTH_PUBLIC),
+ 'changelog' => $this->make_hook('changelog', AUTH_PUBLIC),
// Preferences thingies
- 'prefs' => $this->make_hook('prefs', AUTH_COOKIE, 'user,groups'),
- 'prefs/rss' => $this->make_hook('prefs_rss', AUTH_COOKIE, 'user'),
- 'prefs/webredirect' => $this->make_hook('webredir', AUTH_MDP, 'mail'),
- 'prefs/skin' => $this->make_hook('skin', AUTH_COOKIE, 'user'),
+ 'prefs' => $this->make_hook('prefs', AUTH_COOKIE, 'user,groups'),
+ 'prefs/rss' => $this->make_hook('prefs_rss', AUTH_COOKIE, 'user'),
+ 'prefs/webredirect' => $this->make_hook('webredir', AUTH_PASSWD, 'mail'),
+ 'prefs/skin' => $this->make_hook('skin', AUTH_COOKIE, 'user'),
+ 'prefs/email' => $this->make_hook('prefs_email', AUTH_COOKIE, 'mail'),
// password related thingies
- 'password' => $this->make_hook('password', AUTH_MDP, 'user,groups'),
- 'tmpPWD' => $this->make_hook('tmpPWD', AUTH_PUBLIC),
- 'password/smtp' => $this->make_hook('smtppass', AUTH_MDP, 'mail'),
- 'recovery' => $this->make_hook('recovery', AUTH_PUBLIC),
+ 'password' => $this->make_hook('password', AUTH_PASSWD, 'user,groups'),
+ 'password/smtp' => $this->make_hook('smtppass', AUTH_PASSWD, 'mail'),
+ 'tmpPWD' => $this->make_hook('tmpPWD', AUTH_PUBLIC),
+ 'recovery' => $this->make_hook('recovery', AUTH_PUBLIC),
'recovery/ext' => $this->make_hook('recovery_ext', AUTH_PUBLIC),
'register/ext' => $this->make_hook('register_ext', AUTH_PUBLIC),
- 'exit' => $this->make_hook('exit', AUTH_PUBLIC),
- 'review' => $this->make_hook('review', AUTH_PUBLIC),
- 'deconnexion.php' => $this->make_hook('exit', AUTH_PUBLIC),
+ 'exit' => $this->make_hook('exit', AUTH_PUBLIC),
+ 'review' => $this->make_hook('review', AUTH_PUBLIC),
+ 'deconnexion.php' => $this->make_hook('exit', AUTH_PUBLIC),
+
+ 'error' => $this->make_hook('test_error', AUTH_COOKIE),
);
}
}
}
+ function handler_prefs_email($page)
+ {
+ $page->changeTpl('platal/email_preferences.tpl');
+
+ if (Post::has('submit')) {
+ S::assert_xsrf_token();
+
+ $from_email = Post::t('from_email');
+ $from_format = Post::v('from_format');
+
+ // Checks email.
+ $email_regex = '/^[a-z0-9.\-+_\$]+@([\-.+_]?[a-z0-9])+$/i';
+ if (!preg_match($email_regex, $from_email)) {
+ $full_regex = '/^[^<]*<[a-z0-9.\-+_\$]+@([\-.+_]?[a-z0-9])+>$/i';
+ if (!preg_match($full_regex, $from_email)) {
+ $page->trigError("L'adresse email est erronée.");
+ $error = true;
+ $page->assign('from_email', $from_email);
+ $page->assign('from_format', $from_format);
+ $page->assign('error', true);
+ return;
+ }
+ }
+
+ // Saves data.
+ XDB::execute('UPDATE accounts
+ SET from_email = {?}, from_format = {?}
+ WHERE uid = {?}',
+ $from_email, ($from_format == 'html' ? 'html' : 'text'), S::user()->id());
+ $page->trigSuccess('Données enregistrées.');
+ }
+
+ $data = XDB::fetchOneAssoc('SELECT from_email, from_format
+ FROM accounts
+ WHERE uid = {?}',
+ S::user()->id());
+ $page->assign('from_email', $data['from_email']);
+ $page->assign('from_format', $data['from_format']);
+ $page->assign('error', false);
+ }
+
function handler_password($page)
{
global $globals;
$mymail->setFrom('"Gestion des mots de passe" <support+password@' . $globals->mail->domain . '>');
if (is_null($to)) {
$mymail->addTo($user);
- $mymail->addTo($inactives_to);
+ $log_to = $user->bestEmail();
+ if (!is_null($inactives_to)) {
+ $log_to = $inactives_to . ', ' . $log_to;
+ $mymail->addTo($inactives_to);
+ }
} else {
$mymail->addTo($to);
+ $log_to = $to;
}
$mymail->setSubject("Ton certificat d'authentification");
$mymail->setTxtBody("Visite la page suivante qui expire dans six heures :
Adresse de secours : ' . $to));
$mymail->send();
- S::logger($user->id())->log('recovery', is_null($to) ? $inactives_to . ', ' . $user->bestEmail() : $to);
+ S::logger($user->id())->log('recovery', $log_to);
}
function handler_recovery_ext($page)
$user->id(), $hash);
$mymail = new PlMailer('platal/password_recovery_xnet.mail.tpl');
- $mymail->addTo($user);
+ $mymail->setTo($user);
$mymail->assign('hash', $hash);
$mymail->assign('email', Post::t('login'));
$mymail->send();
XDB::execute('DELETE FROM account_lost_passwords
WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created');
- $res = XDB::query('SELECT uid
- FROM account_lost_passwords WHERE certificat={?}', $certif);
- $ligne = $res->fetchOneAssoc();
- if (!$ligne) {
- $page->changeTpl('platal/index.tpl');
- $page->kill("Cette adresse n'existe pas ou n'existe plus sur le serveur.");
- }
-
- $uid = $ligne["uid"];
if (Post::has('pwhash') && Post::t('pwhash')) {
+ $uid = XDB::fetchOneCell('SELECT uid
+ FROM accounts
+ WHERE hruid = {?}',
+ Post::t('username'));
$password = Post::t('pwhash');
XDB::query('UPDATE accounts
- SET password={?}
+ SET password = {?}
WHERE uid = {?} AND state = \'active\'',
$password, $uid);
XDB::query('DELETE FROM account_lost_passwords
- WHERE certificat={?}', $certif);
+ WHERE certificat = {?}', $certif);
// If GoogleApps is enabled, and the user did choose to use synchronized passwords,
// updates the Google Apps password as well.
// Try to start a session (so the user don't have to log in); we will use
// the password available in Post:: to authenticate the user.
- Platal::session()->start(AUTH_MDP);
+ Platal::session()->start(AUTH_PASSWD);
$page->changeTpl('platal/tmpPWD.success.tpl');
} else {
+ $res = XDB::query('SELECT uid
+ FROM account_lost_passwords
+ WHERE certificat = {?}', $certif);
+ $ligne = $res->fetchOneAssoc();
+ if (!$ligne) {
+ $page->changeTpl('platal/index.tpl');
+ $page->kill("Cette adresse n'existe pas ou n'existe plus sur le serveur.");
+ }
+
$hruid = XDB::fetchOneCell('SELECT hruid
FROM accounts
WHERE uid = {?}',
- $uid);
+ $ligne['uid']);
$page->changeTpl('platal/password.tpl');
$page->assign('hruid', $hruid);
$page->assign('do_auth', 1);
}
$wiz->apply($page, 'review', $action, $mode);
}
+
+ function handler_test_error($page, $mode = null)
+ {
+ if ($mode == 'js') {
+ $page->changeTpl('platal/error.tpl');
+ } else {
+ throw new Exception("Blih");
+ }
+ }
}
-// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
?>
projects / platal.git / blobdiff