<?php
/***************************************************************************
- * Copyright (C) 2003-2009 Polytechnique.org *
+ * Copyright (C) 2003-2010 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
}
// Retrieve the photo and its mime type.
- $photo_data = null;
- $photo_type = null;
-
if ($req && S::logged()) {
include 'validations.inc.php';
$myphoto = PhotoReq::get_request($user->id());
- if ($myphoto) {
- $photo_data = $myphoto->data;
- $photo_type = $myphoto->mimetype;
- }
+ $photo = PlImage::fromData($myphoto->data, $myphoto->mimetype);
} else {
- $res = XDB::query(
- "SELECT attachmime, attach, pub
- FROM photo
- WHERE uid = {?}", $user->id());
- list($photo_type, $photo_data, $photo_pub) = $res->fetchOneRow();
- if ($photo_pub != 'public' && !S::logged()) {
- $photo_type = $photo_data = null;
- }
+ $photo = $user->profile()->getPhoto(true);
}
// Display the photo, or a default one when not available.
- if ($photo_type && $photo_data != null) {
- pl_cached_dynamic_content_headers("image/$photo_type");
- echo $photo_data;
- } else {
- pl_cached_dynamic_content_headers("image/png");
- echo file_get_contents(dirname(__FILE__).'/../htdocs/images/none.png');
- }
- exit;
+ $photo->send();
}
function handler_medal(&$page, $mid)
} elseif (Env::v('suppr')) {
S::assert_xsrf_token();
- XDB::execute('DELETE FROM photo
- WHERE uid = {?}',
- S::v('uid'));
+ XDB::execute('DELETE FROM profile_photos
+ WHERE pid = {?}',
+ S::user()->profile()->id());
XDB::execute('DELETE FROM requests
WHERE user_id = {?} AND type="photo"',
S::v('uid'));
$globals->updateNbValid();
+ $page->trigSuccess("Ta photo a bien été supprimée. Elle ne sera plus visible sur le site dans au plus une heure.");
} elseif (Env::v('cancel')) {
S::assert_xsrf_token();
return PL_NOT_FOUND;
}
- $login = S::logged() ? User::get($x) : User::getSilent($x);
+ $login = (!is_numeric($x) || S::has_perms()) ? Profile::get($x) : null;
if (!$login) {
+ if (S::logged()) {
+ $page->trigError($x . ' inconnu dans l\'annuaire');
+ }
return PL_NOT_FOUND;
}
// Determines is the user is registered, and fetches the user infos in
// the appropriate way.
- $res = XDB::query("SELECT perms IN ('admin','user','disabled')
- FROM auth_user_md5
- WHERE user_id = {?}", $login->id());
- if ($res->fetchOneCell()) {
+ $owner = $login->owner();
+ if (!$owner || $owner->state != 'pending') {
$new = Env::v('modif') == 'new';
- $user = get_user_details($login->login(), S::v('uid'), $view);
+ // XXX: Deprecated...
+ $user = get_user_details($login->hrid(), S::i('uid'), $view);
} else {
$new = false;
$user = array();
if (S::logged()) {
- pl_redirect('marketing/public/' . $login->login());
+ pl_redirect('marketing/public/' . $owner->login());
}
}
// Profile view are logged.
if (S::logged()) {
- S::logger()->log('view_profile', $login->login());
+ S::logger()->log('view_profile', $login->hrid());
}
// Sets the title of the html page.
$page->setTitle($login->fullName());
// Prepares the display of the user's mugshot.
- $photo = 'photo/' . $login->login() . ($new ? '/req' : '');
+ $photo = 'photo/' . $login->hrid() . ($new ? '/req' : '');
if (!isset($user['photo_pub']) || !has_user_right($user['photo_pub'], $view)) {
$photo = "";
}
// Determines and displays the virtual alias.
global $globals;
- $res = XDB::query(
- "SELECT alias
- FROM virtual
- INNER JOIN virtual_redirect USING (vid)
- INNER JOIN auth_user_quick ON (user_id = {?} AND emails_alias_pub = 'public')
- WHERE (redirect={?} OR redirect={?})
- AND alias LIKE '%@{$globals->mail->alias_dom}'",
- $login->id(),
- $login->forlifeEmail(),
- // TODO(vzanotti): get ride of all @m4x.org addresses in the
- // virtual redirect base, and remove this über-ugly hack.
- $login->login() . '@' . $globals->mail->domain2);
- $page->assign('virtualalias', $res->fetchOneCell());
+ $owner = $login->owner();
+ if ($owner) {
+ $page->assign('virtualalias', $owner->emailAlias());
+ }
// Adds miscellaneous properties to the display.
// Adds the global user property array to the display.
$page->assign_by_ref('x', $user);
- $page->assign_by_ref('user', $login);
+ $page->assign_by_ref('user', $owner);
$page->assign('logged', has_user_right('private', $view));
$page->assign('view', $view);
function handler_ax(&$page, $user = null)
{
- $user = User::get($user);
+ $user = Profile::get($user);
if (!$user) {
return PL_NOT_FOUND;
}
-
- $res = XDB::query("SELECT matricule_ax
- FROM auth_user_md5
- WHERE user_id = {?}", $user->id());
- $mat = $res->fetchOneCell();
- if (!intval($mat)) {
- $page->kill("Le matricule AX de {$user->login()} est inconnu");
+ if (!$user->ax_id) {
+ $page->kill("Le matricule AX de {$user->hrid()} est inconnu");
}
- http_redirect("http://www.polytechniciens.com/?page=AX_FICHE_ANCIEN&ancc_id=$mat");
+ http_redirect("http://www.polytechniciens.com/?page=AX_FICHE_ANCIEN&ancc_id=" . $user->ax_id);
}
- function handler_p_edit(&$page, $opened_tab = null, $mode = null, $success = null)
+ function handler_p_edit(&$page, $user = null, $opened_tab = null, $mode = null, $success = null)
{
global $globals;
- // AX Synchronization
- require_once 'synchro_ax.inc.php';
- if (is_ax_key_missing()) {
- $page->assign('no_private_key', true);
- }
- if (Env::v('synchro_ax') == 'confirm' && !is_ax_key_missing()) {
- ax_synchronize(S::user()->login(), S::v('uid'));
- $page->trigSuccess('Ton profil a été synchronisé avec celui du site polytechniciens.com');
+ if (is_null($user)) {
+ $user = S::user();
+ if (!$user->hasProfile()) {
+ return PL_NOT_FOUND;
+ } else {
+ pl_redirect('profile/edit/' . $user->profile()->hrid());
+ }
+ } else {
+ $user = Profile::get($user);
+ if (!$user) {
+ return PL_NOT_FOUND;
+ } else if (!S::user()->canEdit($user) && Platal::notAllowed()) {
+ return PL_FORBIDDEN;
+ }
}
// Build the page
$page->addJsLink('ajax.js');
- $page->addJsLink('education.js');
- $page->addJsLink('grades.js');
+ $page->addJsLink('education.js'); /* dynamic content */
+ $page->addJsLink('grades.js'); /* dynamic content */
$page->addJsLink('profile.js');
$page->addJsLink('jquery.autocomplete.js');
- $wiz = new PlWizard('Profil', PlPage::getCoreTpl('plwizard.tpl'), true, true);
+ $wiz = new PlWizard('Profil', PlPage::getCoreTpl('plwizard.tpl'), true, true, false);
+ $wiz->addUserData('profile', $user);
+ $wiz->addUserData('owner', $user->owner());
$this->load('page.inc.php');
$wiz->addPage('ProfileGeneral', 'Général', 'general');
$wiz->addPage('ProfileAddresses', 'Adresses personnelles', 'adresses');
$wiz->addPage('ProfileJobs', 'Informations professionnelles', 'emploi');
$wiz->addPage('ProfileSkills', 'Compétences diverses', 'skill');
$wiz->addPage('ProfileMentor', 'Mentoring', 'mentor');
- $wiz->apply($page, 'profile/edit', $opened_tab, $mode);
+ $wiz->apply($page, 'profile/edit/' . $user->hrid(), $opened_tab, $mode);
- // Misc checks
- $res = XDB::query("SELECT user_id
- FROM auth_user_md5
- WHERE user_id = {?} AND naissance = '0000-00-00'", S::i('uid'));
- if ($res->numRows()) {
+ if (!$user->birthdate) {
$page->trigWarning("Ta date de naissance n'est pas renseignée, ce qui t'empêcheras de réaliser"
. " la procédure de récupération de mot de passe si un jour tu le perdais.");
}
$page->assign('names', build_javascript_names($data));
}
- function handler_p_orange(&$page)
+ function handler_p_orange(&$page, $pid = null)
{
$page->changeTpl('profile/orange.tpl');
require_once 'validations.inc.php';
-
- $res = XDB::query("SELECT e.entry_year, e.grad_year, d.promo, FIND_IN_SET('femme', u.flags) AS sexe
- FROM auth_user_md5 AS u
- INNER JOIN profile_display AS d ON (d.pid = u.user_id)
- INNER JOIN profile_education AS e ON (e.uid = u.user_id AND FIND_IN_SET('primary', e.flags))
- WHERE u.user_id = {?}", S::v('uid'));
-
- list($promo, $promo_sortie_old, $promo_display, $sexe) = $res->fetchOneRow();
- $page->assign('promo_sortie_old', $promo_sortie_old);
- $page->assign('promo', $promo);
- $page->assign('promo_display', $promo_display);
- $page->assign('sexe', $sexe);
+ $profile = Profile::get($pid);
+ if (is_null($profile)) {
+ return PL_NOT_FOUND;
+ }
+ $page->assign('promo_sortie_old', $profile->grad_year);
+ $page->assign('promo', $profile->entry_year);
+ $page->assign('promo_display', $profile->promo());
+ $page->assign('sexe', $profile->isFemale());
if (!Env::has('promo_sortie')) {
return;
}
$promo_sortie = Env::i('promo_sortie');
-
+ $promo = $profile->entry_year;
if ($promo_sortie < 1000 || $promo_sortie > 9999) {
$page->trigError('L\'année de sortie doit être un nombre de quatre chiffres.');
- }
- elseif ($promo_sortie < $promo + 3) {
+ } elseif ($promo_sortie < $promo + 3) {
$page->trigError('Trop tôt !');
- }
- elseif ($promo_sortie == $promo_sortie_old) {
+ } elseif ($promo_sortie == $promo_sortie_old) {
$page->trigWarning('Tu appartiens déjà à la promotion correspondante à cette année de sortie.');
- }
- elseif ($promo_sortie == $promo + 3) {
- XDB::execute("UPDATE profile_education
+ } elseif ($promo_sortie == $promo + 3) {
+ XDB::execute('UPDATE profile_education
SET grad_year = {?}
- WHERE uid = {?} AND FIND_IN_SET('primary', flags)", $promo_sortie, S::v('uid'));
- $page->trigSuccess('Ton statut "orange" a été supprimé.');
- $page->assign('promo_sortie_old', $promo_sortie);
- }
- else {
+ WHERE uid = {?} AND FIND_IN_SET(\'primary\', flags)',
+ $promo_sortie, $profile->id());
+ $page->trigSuccess('Ton statut "orange" a été supprimé.');
+ $page->assign('promo_sortie_old', $promo_sortie);
+ } else {
$page->assign('promo_sortie', $promo_sortie);
if (Env::has('submit')) {
}
}
- function handler_referent(&$page, $x = null)
+ function handler_referent(&$page, $user)
{
require_once 'user.func.inc.php';
$page->changeTpl('profile/fiche_referent.tpl', SIMPLE);
- $user = User::get($x);
- if ($user == null) {
+ $user = Profile::get($user);
+ if (!$user) {
return PL_NOT_FOUND;
}
- $res = XDB::query("SELECT cv FROM auth_user_md5 WHERE user_id = {?}", $user->id());
- $cv = $res->fetchOneCell();
-
$page->assign_by_ref('user', $user);
- $page->assign('cv', MiniWiki::WikiToHTML($cv, true));
- $page->assign('adr_pro', get_user_details_pro($user->id()));
+ $page->assign('cv', MiniWiki::WikiToHTML($user->cv, true));
+ //TODO: waiting for job refactoring to be done
+ //$page->assign('adr_pro', get_user_details_pro($user->id()));
///// recuperations infos referent
//expertise
- $res = XDB::query("SELECT expertise FROM profile_mentor WHERE uid = {?}", $user->id());
+ $res = XDB::query('SELECT expertise
+ FROM profile_mentor
+ WHERE uid = {?}', $user->id());
$page->assign('expertise', $res->fetchOneCell());
// Sectors
$page->setTitle('Conseil Pro');
+ require_once "directory.enums.inc.php";
+
// Retrieval of sector names
- $res = XDB::iterRow("SELECT id, name AS label
- FROM profile_job_sector_enum");
+ $sectors = DirEnum::getOptionsArray(DirEnum::SECTORS);
$sectors[''] = '';
- while (list($tmp_id, $tmp_label) = $res->next()) {
- $sectors[$tmp_id] = $tmp_label;
- }
$page->assign_by_ref('sectors', $sectors);
// nb de mentors
$page->assign('mentors_number', $res->fetchOneCell());
// On vient d'un formulaire
- $where = array();
- $pays_sel = XDB::escape(Env::v('pays_sel'));
- $sectorSelection = XDB::escape(Env::v('sector'));
- $subSectorSelection = XDB::escape(Env::v('subSector'));
- $expertise_champ = XDB::escape(Env::v('expertise'));
-
- if ($pays_sel != "''") {
- $where[] = "mp.country = $pays_sel";
- }
- if ($sectorSelection != "''") {
- $where[] = "ms.sectorid = " . $sectorSelection;
- if ($selectedSubSector != "''") {
- $where[] = "ms.subsectorid = " . $subSectorSelection;
- }
- }
- if ($expertise_champ != "''") {
- $where[] = "MATCH(m.expertise) AGAINST($expertise_champ)";
- }
-
- if ($where) {
- $where = join(' AND ', $where);
-
- $set = new UserSet("INNER JOIN profile_mentor AS m ON (m.uid = u.user_id)
- LEFT JOIN profile_mentor_country AS mp ON (mp.uid = m.uid)
- LEFT JOIN profile_mentor_sector AS ms ON (ms.uid = m.uid)",
- $where);
+ require_once 'ufbuilder.inc.php';
+ $ufb = new UFB_MentorSearch();
+ if (!$ufb->isEmpty()) {
+ require_once 'userset.inc.php';
+ $ufc = $ufb->getUFC();
+ $set = new ProfileSet($ufc);
$set->addMod('mentor', 'Référents');
$set->apply('referent/search', $page, $action, $subaction);
if ($set->count() > 100) {
$page->assign('recherche_trop_large', true);
}
}
+
$page->changeTpl('profile/referent.tpl');
}
$req = XDB::query('
SELECT m.asso_id, a.nom, diminutif, a.logo IS NOT NULL AS has_logo,
COUNT(e.eid) AS events, mail_domain AS lists
- FROM #groupex#.membres AS m
- INNER JOIN #groupex#.asso AS a ON(m.asso_id = a.id)
- LEFT JOIN #groupex#.evenements AS e ON(e.asso_id = m.asso_id AND e.archive = 0)
+ FROM group_members AS m
+ INNER JOIN groups AS a ON(m.asso_id = a.id)
+ LEFT JOIN group_events AS e ON(e.asso_id = m.asso_id AND e.archive = 0)
WHERE uid = {?} GROUP BY m.asso_id ORDER BY a.nom', S::i('uid'));
$page->assign('assos', $req->fetchAllAssoc());
}
}
$res = XDB::query('SELECT logo, logo_mime
- FROM #groupex#.asso
+ FROM groups
WHERE id = {?}', $id);
list($logo, $logo_mime) = $res->fetchOneRow();
}
$vcard = new VCard();
- $vcard->addUser($x);
+ $vcard->addProfile(Profile::get($x));
$vcard->show();
}
switch ($action) {
case "original":
- pl_cached_content_headers("image/jpeg");
- readfile("/home/web/trombino/photos" . $user->promo() . "/" . $user->login() . ".jpg");
+ PlImage::fromFile("/home/web/trombino/photos" . $user->promo() . "/" . $user->login() . ".jpg", "image/jpeg")->send();
exit;
case "new":
$mimetype = substr($_FILES['userfile']['type'], 6);
unlink($_FILES['userfile']['tmp_name']);
XDB::execute(
- "REPLACE INTO photo SET uid={?}, attachmime = {?}, attach={?}, x={?}, y={?}",
- $user->id(), $mimetype, $data, $x, $y);
+ "REPLACE INTO profile_photos SET pid={?}, attachmime = {?}, attach={?}, x={?}, y={?}",
+ $user->profile()->id(), $mimetype, $data, $x, $y);
break;
case "delete":
S::assert_xsrf_token();
- XDB::execute('DELETE FROM photo WHERE uid = {?}', $user->id());
+ XDB::execute('DELETE FROM profile_photos WHERE pid = {?}', $user->profile()->id());
break;
}
}
projects / platal.git / blobdiff