<?php
/***************************************************************************
- * Copyright (C) 2003-2006 Polytechnique.org *
+ * Copyright (C) 2003-2008 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
return array(
'%grp/events' => $this->make_hook('events', AUTH_MDP),
'%grp/events/sub' => $this->make_hook('sub', AUTH_MDP),
- '%grp/events/csv' => $this->make_hook('csv', AUTH_MDP),
- '%grp/events/ical' => $this->make_hook('ical', AUTH_MDP),
- '%grp/events/edit' => $this->make_hook('edit', AUTH_MDP),
- '%grp/events/admin' => $this->make_hook('admin', AUTH_MDP),
+ '%grp/events/csv' => $this->make_hook('csv', AUTH_MDP, 'user', NO_HTTPS),
+ '%grp/events/ical' => $this->make_hook('ical', AUTH_MDP, 'user', NO_HTTPS),
+ '%grp/events/edit' => $this->make_hook('edit', AUTH_MDP, 'groupadmin'),
+ '%grp/events/admin' => $this->make_hook('admin', AUTH_MDP, 'groupmember'),
);
}
{
global $globals;
- if ($archive == 'archive') {
- $archive = true;
- new_groupadmin_page('xnetevents/index.tpl');
- } else {
- $archive = false;
- new_group_open_page('xnetevents/index.tpl');
- }
-
+ $page->changeTpl('xnetevents/index.tpl');
$action = null;
+ $archive = ($archive == 'archive' && may_update());
+
if (Post::has('del')) {
$action = 'del';
$eid = Post::v('del');
if (!may_update()) {
return PL_FORBIDDEN;
}
+ S::assert_xsrf_token();
$res = XDB::query("SELECT asso_id, short_name FROM groupex.evenements
WHERE eid = {?} AND asso_id = {?}",
XDB::execute("DELETE FROM requests
WHERE type = 'paiements' AND data LIKE {?}",
PayReq::same_event($eid, $globals->asso('id')));
+ $globals->updateNbValid();
}
if ($action == 'archive') {
WHERE eid = {?} AND asso_id = {?}",
$eid, $globals->asso('id'));
}
-
+
$page->assign('archive', $archive);
$evenements = XDB::iterator(
"SELECT e.*, LEFT(10, e.debut) AS debut_day, LEFT(10, e.fin) AS fin_day,
LEFT JOIN groupex.evenements_participants AS ep ON (ep.eid = e.eid AND ep.uid = {?})
WHERE asso_id = {?}
AND archive = " . ($archive ? "1 " : "0 ")
- . (is_member() || may_update() ? "" : " AND accept_nonmembre != 0 ")
. "GROUP BY e.eid
ORDER BY inscr_open DESC, debut DESC", S::v('uid'), $globals->asso('id'));
$evts = array();
+ $undisplayed_events = 0;
while ($e = $evenements->next()) {
+ if (!is_member() && !may_update() && !$e['accept_nonmembre']) {
+ $undisplayed_events ++;
+ continue;
+ }
+
$e['show_participants'] = ($e['show_participants'] && (is_member() || may_update()));
$res = XDB::query(
"SELECT titre, details, montant, ei.item_id, nb, ep.paid
}
$evts[] = $e;
}
-
+
$page->assign('evenements', $evts);
+ $page->assign('undisplayed_events', $undisplayed_events);
}
function handler_sub(&$page, $eid = null)
{
- require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php';
-
- new_group_open_page('xnetevents/subscribe.tpl');
+ $this->load('xnetevents.inc.php');
+ $page->changeTpl('xnetevents/subscribe.tpl');
$evt = get_event_detail($eid);
- if (!$evt) {
+ if (is_null($evt)) {
return PL_NOT_FOUND;
}
+ if ($evt === false) {
+ global $globals, $platal;
+ $url = $globals->asso('sub_url');
+ if (empty($url)) {
+ $url = $platal->ns . 'subscribe';
+ }
+ $page->kill('Cet événement est reservé aux membres du groupe ' . $globals->asso('nom') .
+ '. Pour devenir membre, rends-toi sur la page de <a href="' . $url . '">demande d\'inscripton</a>.');
+ }
if (!$evt['inscr_open']) {
- $page->kill('Les inscriptions pour cet événement sont closes');
+ $page->kill('Les inscriptions pour cet événement sont closes');
}
if (!$evt['accept_nonmembre'] && !is_member() && !may_update()) {
- $page->kill('Cet événement est fermé aux non-membres du groupe');
+ $page->kill('Cet événement est fermé aux non-membres du groupe');
}
+ global $globals;
+ $res = XDB::query("SELECT stamp FROM requests
+ WHERE type = 'paiements' AND data LIKE {?}",
+ PayReq::same_event($evt['eid'], $globals->asso('id')));
+ $page->assign('validation', $res->numRows());
$page->assign('event', $evt);
if (!Post::has('submit')) {
return;
+ } else {
+ S::assert_xsrf_token();
}
$moments = Post::v('moment', array());
if (!isset($pers[$j]) || !is_numeric($pers[$j])
|| $pers[$j] < 0)
{
- $page->trig('Tu dois choisir un nombre d\'invités correct !');
+ $page->trigError('Tu dois choisir un nombre d\'invités correct !');
return;
}
$subs[$j] = 1 + $pers[$j];
// impossible to unsubscribe if you already paid sthing
if (!array_sum($subs) && $evt['paid'] != 0) {
- $page->trig("Impossible de te désinscrire complètement ".
- "parce que tu as fait un paiement par ".
- "chèque ou par liquide. Contacte un ".
- "administrateur du groupe si tu es sûr de ".
- "ne pas venir");
+ $page->trigError("Impossible de te désinscrire complètement ".
+ "parce que tu as fait un paiement par ".
+ "chèque ou par liquide. Contacte un ".
+ "administrateur du groupe si tu es sûr de ".
+ "ne pas venir");
return;
}
// update actual inscriptions
$updated = false;
$total = 0;
+ $paid = $evt['paid'] ? $evt['paid'] : 0;
+ $telepaid= $evt['telepaid'] ? $evt['telepaid'] : 0;
foreach ($subs as $j => $nb) {
if ($nb >= 0) {
XDB::execute(
"REPLACE INTO groupex.evenements_participants
- VALUES ({?}, {?}, {?}, {?}, {?})",
- $eid, S::v('uid'), $j, $nb, $evt['paid']);
+ VALUES ({?}, {?}, {?}, {?}, {?}, {?})",
+ $eid, S::v('uid'), $j, $nb, Env::has('notify_payment') ? 'notify_payment' : '',
+ $j == 1 ? $paid - $telepaid : 0);
$updated = $eid;
} else {
XDB::execute(
"DELETE FROM groupex.evenements_participants
WHERE eid = {?} AND uid = {?} AND item_id = {?}",
- $eid, S::v("uid"), $j);
+ $eid, S::v("uid"), $j);
$updated = $eid;
}
$total += $nb;
function handler_csv(&$page, $eid = null, $item_id = null)
{
- require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php';
+ $this->load('xnetevents.inc.php');
if (!is_numeric($item_id)) {
$item_id = null;
return PL_NOT_FOUND;
}
- header('Content-type: text/x-csv; encoding=iso-8859-1');
+ header('Content-type: text/x-csv; encoding=UTF-8');
header('Pragma: ');
header('Cache-Control: ');
$page->assign('admin', $admin);
$page->assign('moments', $evt['moments']);
$page->assign('money', $evt['money']);
+ $page->assign('telepayment', $evt['paiement_id']);
$page->assign('tout', !Env::v('item_id', false));
}
{
global $globals;
- require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php';
+ $this->load('xnetevents.inc.php');
$evt = get_event_detail($eid);
if (!$evt) {
return PL_FORBIDDEN;
}
$page->register_function('display_ical', 'display_ical');
$page->assign_by_ref('e', $evt);
-
+
header('Content-Type: text/calendar; charset=utf-8');
}
}
}
- new_groupadmin_page('xnetevents/edit.tpl');
+ $page->changeTpl('xnetevents/edit.tpl');
$moments = range(1, 4);
$error = false;
$page->assign('moments', $moments);
if (Post::v('intitule')) {
- require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php';
- $short_name = event_change_shortname($page, $infos['short_name'],
+ S::assert_xsrf_token();
+
+ $this->load('xnetevents.inc.php');
+ $short_name = event_change_shortname($page, $eid,
+ $infos['short_name'],
Env::v('short_name', ''));
if ($short_name != Env::v('short_name')) {
$error = true;
$eid, $i, Post::v('titre'.$i),
Post::v('details'.$i), $montant);
} else {
- XDB::execute("DELETE FROM groupex.evenements_items
+ XDB::execute("DELETE FROM groupex.evenements_items
WHERE eid = {?} AND item_id = {?}", $eid, $i);
}
}
// request for a new payment
if (Post::v('paiement_id') == -1 && $money_defaut >= 0) {
require_once 'validations.inc.php';
- $p = new PayReq(S::v('uid'),
+ $p = new PayReq(S::user(),
Post::v('intitule')." - ".$globals->asso('nom'),
Post::v('site'), $money_defaut,
Post::v('confirmation'), 0, 999,
$globals->asso('id'), $eid);
- $p->submit();
+ if ($p->accept()) {
+ $p->submit();
+ } else {
+ $page->assign('paiement_message', Post::v('confirmation'));
+ $page->assign('paiement_site', Post::v('site'));
+ $error = true;
+ }
}
// events with no sub-event: add a sub-event with no name
if ($nb_moments == 0) {
XDB::execute("INSERT INTO groupex.evenements_items
- VALUES ({?}, {?}, '', '', 0)", $eid, 1);
+ VALUES ({?}, {?}, '', '', 0)", $eid, 1);
}
if (!$error) {
{
global $globals;
- require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php';
+ $this->load('xnetevents.inc.php');
$evt = get_event_detail($eid, $item_id);
if (!$evt) {
return PL_NOT_FOUND;
}
- if ($evt['show_participants']) {
- new_group_page('xnetevents/admin.tpl');
- } else {
- new_groupadmin_page('xnetevents/admin.tpl');
+ $page->changeTpl('xnetevents/admin.tpl');
+ if (!$evt['show_participants'] && !may_update()) {
+ return PL_FORBIDDEN;
}
if (may_update() && Post::v('adm')) {
+ S::assert_xsrf_token();
+
$member = get_infos(Post::v('mail'));
if (!$member) {
- $page->trig("Membre introuvable");
+ $page->trigError("Membre introuvable");
}
// change the price paid by a participant
if (Env::v('adm') == 'prix' && $member) {
XDB::execute("UPDATE groupex.evenements_participants
SET paid = IF(paid + {?} > 0, paid + {?}, 0)
- WHERE uid = {?} AND eid = {?}",
+ WHERE uid = {?} AND eid = {?} AND item_id = 1",
strtr(Env::v('montant'), ',', '.'),
strtr(Env::v('montant'), ',', '.'),
$member['uid'], $evt['eid']);
foreach ($nbs as $id => $nb) {
$nb = max(intval($nb), 0);
XDB::execute("REPLACE INTO groupex.evenements_participants
- VALUES ({?}, {?}, {?}, {?}, {?})",
- $evt['eid'], $member['uid'], $id, $nb, $paid);
+ VALUES ({?}, {?}, {?}, {?}, {?}, {?})",
+ $evt['eid'], $member['uid'], $id, $nb, '', $id == 1 ? $paid : 0);
}
$res = XDB::query("SELECT COUNT(uid) AS cnt, SUM(nb) AS nb
GROUP BY uid",
$member['uid'], $evt['eid']);
$u = $res->fetchOneAssoc();
- $u = $u['cnt'] ? null : $u['nb'];
+ $u = $u['cnt'] ? $u['nb'] : null;
subscribe_lists_event($u, $member['uid'], $evt);
}
$evt = get_event_detail($eid, $item_id);
}
- $page->assign('evt', $evt);
+ $page->assign_by_ref('evt', $evt);
$page->assign('tout', is_null($item_id));
if (count($evt['moments'])) {
INNER JOIN groupex.evenements AS e ON (ep.eid = e.eid)
LEFT JOIN groupex.membres AS m ON ( ep.uid = m.uid AND e.asso_id = m.asso_id)
LEFT JOIN auth_user_md5 AS u ON ( u.user_id = ep.uid )
- WHERE ep.eid = {?} '.$whereitemid.'
+ WHERE ep.eid = {?} '.$whereitemid . '
GROUP BY UPPER(SUBSTRING(IF(u.nom IS NULL,m.nom,u.nom), 1, 1))', $evt['eid']);
$alphabet = array();
ksort($alphabet);
$page->assign('alphabet', $alphabet);
+ if ($evt['paiement_id']) {
+ $res = XDB::iterator(
+ "SELECT IF(u.nom_usage<>'', u.nom_usage, u.nom) AS nom, u.prenom,
+ u.promo, a.alias AS email, t.montant
+ FROM {$globals->money->mpay_tprefix}transactions AS t
+ INNER JOIN auth_user_md5 AS u ON(t.uid = u.user_id)
+ INNER JOIN aliases AS a ON (a.id = t.uid AND a.type='a_vie' )
+ LEFT JOIN groupex.evenements_participants AS ep ON(ep.uid = t.uid AND ep.eid = {?})
+ WHERE t.ref = {?} AND ep.uid IS NULL",
+ $evt['eid'], $evt['paiement_id']);
+ $page->assign('oublis', $res->total());
+ $page->assign('oubliinscription', $res);
+ }
+
+ $absents = XDB::iterator("SELECT p.uid,
+ IF(m.origine = 'X', IF(u.nom_usage != '', u.nom_usage, u.nom), m.nom) AS nom,
+ IF(m.origine = 'X', u.prenom, u.prenom) AS prenom,
+ IF(m.origine = 'X', u.promo, m.origine) AS promo,
+ IF(m.origine = 'X', FIND_IN_SET('femme', u.flags), m.sexe) AS sexe,
+ IF(m.origine = 'X', a.alias, m.email) AS email
+ FROM groupex.evenements_participants AS p
+ INNER JOIN groupex.membres AS m USING(uid)
+ LEFT JOIN groupex.evenements_participants AS p2 ON (p2.uid = m.uid AND p2.eid = p.eid
+ AND p2.nb != 0)
+ LEFT JOIN auth_user_md5 AS u ON (u.user_id = m.uid)
+ LEFT JOIN aliases AS a ON (a.id = u.user_id AND a.type = 'a_vie')
+ WHERE p.eid = {?} AND p2.eid IS NULL
+ " . (Env::v('initiale') ? " AND IF(u.nom IS NULL, m.nom,
+ IF(u.nom_usage<>'', u.nom_usage, u.nom)) LIKE '" . Env::v('initiale') . "%'"
+ : "") . "
+ GROUP BY m.uid
+ ORDER BY nom, prenom, promo", $evt['eid']);
+
$ofs = Env::i('offset');
- $tot = Env::v('initiale') ? $tot : $nb_tot;
+ $tot = (Env::v('initiale') ? $tot : $nb_tot) - $absents->total();
$nbp = intval(($tot-1)/NB_PER_PAGE);
$links = array();
if ($ofs) {
- $links['précédent'] = $ofs-1;
+ $links['précédent'] = $ofs-1;
}
for ($i = 0; $i <= $nbp; $i++) {
$links[(string)($i+1)] = $i;
$page->assign('links', $links);
}
- if ($evt['paiement_id']) {
- $res = XDB::iterator(
- "SELECT IF(u.nom_usage<>'', u.nom_usage, u.nom) AS nom, u.prenom,
- u.promo, a.alias AS email, t.montant
- FROM {$globals->money->mpay_tprefix}transactions AS t
- INNER JOIN auth_user_md5 AS u ON(t.uid = u.user_id)
- INNER JOIN aliases AS a ON (a.id = t.uid AND a.type='a_vie' )
- LEFT JOIN groupex.evenements_participants AS ep ON(ep.uid = t.uid AND ep.eid = {?})
- WHERE t.ref = {?} AND ep.uid IS NULL",
- $evt['eid'], $evt['paiement_id']);
- $page->assign('oublis', $res->total());
- $page->assign('oubliinscription', $res);
- }
- $page->assign('participants',
+ $page->assign('absents', $absents);
+ $page->assign('participants',
get_event_participants($evt, $item_id, $tri,
"LIMIT ".($ofs*NB_PER_PAGE).", ".NB_PER_PAGE));
}
}
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
?>