<?php
/***************************************************************************
- * Copyright (C) 2003-2008 Polytechnique.org *
+ * Copyright (C) 2003-2009 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
-require_once dirname(__FILE__).'/lists.php';
+Platal::load('lists');
class XnetListsModule extends ListsModule
{
function handlers()
{
return array(
- '%grp/lists' => $this->make_hook('lists', AUTH_MDP, 'groupmember'),
- '%grp/lists/create' => $this->make_hook('create', AUTH_MDP, 'groupmember'),
+ '%grp/lists' => $this->make_hook('lists', AUTH_MDP, 'groupmember'),
+ '%grp/lists/create' => $this->make_hook('create', AUTH_MDP, 'groupmember'),
- '%grp/lists/members' => $this->make_hook('members', AUTH_COOKIE),
- '%grp/lists/annu' => $this->make_hook('annu', AUTH_COOKIE),
- '%grp/lists/archives' => $this->make_hook('archives', AUTH_COOKIE),
- '%grp/lists/archives/rss' => $this->make_hook('rss', AUTH_PUBLIC),
+ '%grp/lists/members' => $this->make_hook('members', AUTH_COOKIE),
+ '%grp/lists/csv' => $this->make_hook('csv', AUTH_COOKIE),
+ '%grp/lists/annu' => $this->make_hook('annu', AUTH_COOKIE),
+ '%grp/lists/archives' => $this->make_hook('archives', AUTH_COOKIE),
+ '%grp/lists/archives/rss' => $this->make_hook('rss', AUTH_PUBLIC),
- '%grp/lists/moderate' => $this->make_hook('moderate', AUTH_MDP),
- '%grp/lists/admin' => $this->make_hook('admin', AUTH_MDP),
- '%grp/lists/options' => $this->make_hook('options', AUTH_MDP),
- '%grp/lists/delete' => $this->make_hook('delete', AUTH_MDP),
+ '%grp/lists/moderate' => $this->make_hook('moderate', AUTH_MDP),
+ '%grp/lists/admin' => $this->make_hook('admin', AUTH_MDP),
+ '%grp/lists/options' => $this->make_hook('options', AUTH_MDP),
+ '%grp/lists/delete' => $this->make_hook('delete', AUTH_MDP),
- '%grp/lists/soptions' => $this->make_hook('soptions', AUTH_MDP),
- '%grp/lists/check' => $this->make_hook('check', AUTH_MDP),
- '%grp/lists/sync' => $this->make_hook('sync', AUTH_MDP),
+ '%grp/lists/soptions' => $this->make_hook('soptions', AUTH_MDP),
+ '%grp/lists/check' => $this->make_hook('check', AUTH_MDP),
+ '%grp/lists/sync' => $this->make_hook('sync', AUTH_MDP),
- '%grp/alias/admin' => $this->make_hook('aadmin', AUTH_MDP, 'groupadmin'),
- '%grp/alias/create' => $this->make_hook('acreate', AUTH_MDP, 'groupadmin'),
+ '%grp/alias/admin' => $this->make_hook('aadmin', AUTH_MDP, 'groupadmin'),
+ '%grp/alias/create' => $this->make_hook('acreate', AUTH_MDP, 'groupadmin'),
/* hack: lists uses that */
- 'profile' => $this->make_hook('profile', AUTH_PUBLIC),
+ 'profile' => $this->make_hook('profile', AUTH_PUBLIC),
);
}
function prepare_client(&$page)
{
global $globals;
-
- require_once dirname(__FILE__).'/lists/lists.inc.php';
+ Platal::load('lists', 'lists.inc.php');
$this->client = new MMList(S::v('uid'), S::v('password'),
$globals->asso('mail_domain'));
$page->changeTpl('xnetlists/index.tpl');
if (Get::has('del')) {
+ S::assert_xsrf_token();
$this->client->unsubscribe(Get::v('del'));
pl_redirect('lists');
}
if (Get::has('add')) {
+ S::assert_xsrf_token();
$this->client->subscribe(Get::v('add'));
pl_redirect('lists');
}
if (Post::has('del_alias') && may_update()) {
+ S::assert_xsrf_token();
+
$alias = Post::v('del_alias');
// prevent group admin from erasing aliases from other groups
$alias = substr($alias, 0, strpos($alias, '@')).'@'.$globals->asso('mail_domain');
}
$listes = $this->client->get_lists();
- $page->assign('listes',$listes);
+ $page->assign('listes', $listes);
$alias = XDB::iterator(
'SELECT alias,type
$page->assign('alias', $alias);
$page->assign('may_update', may_update());
+
+ if (count($listes) > 0 && !$globals->asso('has_ml')) {
+ XDB::execute("UPDATE groupex.asso
+ SET flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'has_ml')
+ WHERE id = {?}",
+ $globals->asso('id'));
+ }
}
function handler_create(&$page)
if (!Post::has('submit')) {
return;
+ } else {
+ S::assert_xsrf_token();
}
if (!Post::has('liste')) {
$ret = $this->client->create_list(
$liste, utf8_decode(Post::v('desc')), Post::v('advertise'),
Post::v('modlevel'), Post::v('inslevel'),
- array(S::v('forlife')), array(S::v('forlife')));
+ array(S::user()->forlifeEmail()), array(S::user()->forlifeEmail()));
$dom = strtolower($globals->asso("mail_domain"));
$red = $dom.'_'.$liste;
VALUES ({?}, {?})', XDB::insertId(),
$red . $mdir . '@listes.polytechnique.org');
}
+
+ XDB::execute("UPDATE groupex.asso
+ SET flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'has_ml')
+ WHERE id = {?}",
+ $globals->asso('id'));
+
pl_redirect('lists/admin/'.$liste);
}
$page->changeTpl('xnetlists/sync.tpl');
if (Env::has('add')) {
+ S::assert_xsrf_token();
$this->client->mass_subscribe($liste, array_keys(Env::v('add')));
}
$page->changeTpl('xnetlists/alias-admin.tpl');
if (Env::has('add_member')) {
+ S::assert_xsrf_token();
+
$add = Env::v('add_member');
if (strstr($add, '@')) {
list($mbox,$dom) = explode('@', strtolower($add));
}
if (Env::has('del_member')) {
+ S::assert_xsrf_token();
XDB::query(
"DELETE FROM x4dat.virtual_redirect
USING x4dat.virtual_redirect
if (!Post::has('submit')) {
return;
+ } else {
+ S::assert_xsrf_token();
}
if (!Post::has('liste')) {