'plan' => $this->make_hook('plan', AUTH_PUBLIC),
'photo' => $this->make_hook('photo', AUTH_MDP),
'autologin' => $this->make_hook('autologin', AUTH_MDP),
+ 'login/ext' => $this->make_hook('login_ext', AUTH_PUBLIC),
+ 'register/ext' => $this->make_hook('register_ext', AUTH_PUBLIC),
'edit' => $this->make_hook('edit', AUTH_MDP, 'user'),
+ 'password' => $this->make_hook('password', AUTH_MDP, 'user'),
'Xnet' => $this->make_wiki_hook(),
);
}
- function handler_photo(&$page, $x = null)
+ function handler_photo($page, $x = null)
{
if (!$x || !($profile = Profile::get($x))) {
return PL_NOT_FOUND;
$photo->send();
}
- function handler_index(&$page)
+ function handler_index($page)
{
$page->nomenu = true;
$page->changeTpl('xnet/index.tpl');
}
- function handler_exit(&$page)
+ function handler_exit($page)
{
Platal::session()->stopSUID();
Platal::session()->destroy();
$page->changeTpl('xnet/deconnexion.tpl');
}
- function handler_admin(&$page)
+ function handler_admin($page)
{
$page->changeTpl('xnet/admin.tpl');
$page->trigSuccess('membres supprimés');
if ($domain) {
- XDB::query('DELETE FROM virtual_domains WHERE domain={?}', $domain);
- XDB::query('DELETE FROM virtual, virtual_redirect
- USING virtual INNER JOIN virtual_redirect USING (vid)
- WHERE alias LIKE {?}', '%@'.$domain);
+ XDB::execute('DELETE v
+ FROM email_virtual AS v
+ INNER JOIN email_virtual_domains AS d ON (v.domain = d.id)
+ WHERE d.name = {?}',
+ $domain);
+ XDB::execute('DELETE FROM email_virtual_domains
+ WHERE name = {?}', $domain);
$page->trigSuccess('suppression des alias mails');
$mmlist = new MMList(S::v('uid'), S::v('password'), $domain);
$page->assign('assos', $res->fetchAllAssoc());
}
- function handler_plan(&$page)
+ function handler_plan($page)
{
$page->changeTpl('xnet/plan.tpl');
$page->assign('inst', $res);
}
- function handler_groups2(&$page)
+ function handler_groups2($page)
{
- $this->handler_groups(&$page, Get::v('cat'), Get::v('dom'));
+ $this->handler_groups($page, Get::v('cat'), Get::v('dom'));
}
- function handler_groups(&$page, $cat = null, $dom = null)
+ function handler_groups($page, $cat = null, $dom = null)
{
if (!$cat) {
- $this->handler_index(&$page);
+ $this->handler_index($page);
}
$cat = mb_strtolower($cat);
$page->setType($cat);
}
- function handler_autologin(&$page)
+ function handler_autologin($page)
{
$allkeys = func_get_args();
unset($allkeys[0]);
exit;
}
- function handler_edit(&$page)
+ function handler_login_ext($page)
+ {
+ if (!S::logged()) {
+ $page->changeTpl('xnet/login.tpl');
+ } else {
+ pl_redirect('');
+ }
+ }
+
+ function handler_register_ext($page, $hash = null)
+ {
+ XDB::execute('DELETE FROM register_pending_xnet
+ WHERE DATE_SUB(NOW(), INTERVAL 1 MONTH) > date');
+ $res = XDB::fetchOneAssoc('SELECT uid, hruid
+ FROM register_pending_xnet
+ WHERE hash = {?}',
+ $hash);
+
+ if (is_null($hash) || is_null($res)) {
+ $page->trigErrorRedirect('Cette adresse n\'existe pas ou n\'existe plus sur le serveur.', '');
+ }
+
+ if (Post::has('pwhash') && Post::t('pwhash')) {
+ XDB::query('UPDATE accounts
+ SET password = {?}, state = \'active\'
+ WHERE uid = {?} AND state = \'pending\' AND type = \'xnet\'',
+ Post::t('pwhash'), $res['uid']);
+ XDB::query('DELETE FROM register_pending_xnet
+ WHERE uid = {?}',
+ $res['uid']);
+
+ S::logger($res['uid'])->log('passwd', '');
+
+ // Try to start a session (so the user don't have to log in); we will use
+ // the password available in Post:: to authenticate the user.
+ Post::kill('wait');
+ Platal::session()->startAvailableAuth();
+
+ $page->changeTpl('xnet/register.success.tpl');
+ $page->assign('hruid', $res['hruid']);
+ } else {
+ $page->changeTpl('platal/password.tpl');
+ $page->assign('xnet', true);
+ $page->assign('hruid', $res['hruid']);
+ $page->assign('do_auth', true);
+ }
+ }
+
+ function handler_edit($page)
{
global $globals;
if (Post::has('change')) {
S::assert_xsrf_token();
- if ($user->groupCount() == 0 && Post::t('delete') == 'OUI') {
- XDB::execute('DELETE FROM accounts
- WHERE uid = {?}',
- $user->id());
- pl_redirect('index');
- }
-
// Convert user status to X
if (!Post::blank('login_X')) {
$forlife = $this->changeLogin($page, $user, Post::t('login_X'));
WHERE uid = {?}',
Post::t('full_name'), Post::t('directory_name'), Post::t('display_name'),
(Post::t('sex') == 'male') ? 'male' : 'female', Post::t('email'), $user->id());
- // If user is of type xnet and new password is given.
- if (!Post::blank('pwhash')) {
- XDB::query('UPDATE accounts
- SET password = {?}
- WHERE uid = {?}',
- Post::t('pwhash'), $user->id());
- }
if (XDB::affectedRows()) {
+ $user = User::getWithUID($user->id());
+ S::set('user', $user);
$page->trigSuccess('Données mises à jour.');
}
}
$page->addJsLink('password.js');
$page->assign('user', $user);
}
+
+ function handler_password ($page)
+ {
+ if (Post::has('pwhash') && Post::t('pwhash')) {
+ S::assert_xsrf_token();
+
+ S::set('password', $password = Post::t('pwhash'));
+ XDB::execute('UPDATE accounts
+ SET password = {?}
+ WHERE uid={?}', $password,
+ S::i('uid'));
+ S::logger()->log('passwd');
+ Platal::session()->setAccessCookie(true);
+ $page->changeTpl('platal/password.success.tpl');
+ $page->run();
+ }
+
+ $page->changeTpl('platal/password.tpl');
+ $page->assign('xnet_reset', true);
+ $page->assign('do_auth', false);
+ }
}
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: