<?php
/***************************************************************************
- * Copyright (C) 2003-2006 Polytechnique.org *
+ * Copyright (C) 2003-2008 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
-require_once dirname(__FILE__).'/lists.php';
+Platal::load('lists');
class XnetListsModule extends ListsModule
{
function handlers()
{
return array(
- '%grp/lists' => $this->make_hook('lists', AUTH_MDP),
- '%grp/lists/create' => $this->make_hook('create', AUTH_MDP),
+ '%grp/lists' => $this->make_hook('lists', AUTH_MDP, 'groupmember'),
+ '%grp/lists/create' => $this->make_hook('create', AUTH_MDP, 'groupmember'),
'%grp/lists/members' => $this->make_hook('members', AUTH_COOKIE),
+ '%grp/lists/annu' => $this->make_hook('annu', AUTH_COOKIE),
'%grp/lists/archives' => $this->make_hook('archives', AUTH_COOKIE),
+ '%grp/lists/archives/rss' => $this->make_hook('rss', AUTH_PUBLIC),
'%grp/lists/moderate' => $this->make_hook('moderate', AUTH_MDP),
'%grp/lists/admin' => $this->make_hook('admin', AUTH_MDP),
'%grp/lists/check' => $this->make_hook('check', AUTH_MDP),
'%grp/lists/sync' => $this->make_hook('sync', AUTH_MDP),
- '%grp/alias/admin' => $this->make_hook('aadmin', AUTH_MDP),
- '%grp/alias/create' => $this->make_hook('acreate', AUTH_MDP),
+ '%grp/alias/admin' => $this->make_hook('aadmin', AUTH_MDP, 'groupadmin'),
+ '%grp/alias/create' => $this->make_hook('acreate', AUTH_MDP, 'groupadmin'),
/* hack: lists uses that */
'profile' => $this->make_hook('profile', AUTH_PUBLIC),
function prepare_client(&$page)
{
global $globals;
+ Platal::load('lists', 'lists.inc.php');
- require_once 'lists.inc.php';
+ $this->client = new MMList(S::v('uid'), S::v('password'),
+ $globals->asso('mail_domain'));
- $this->client =& lists_xmlrpc(S::v('uid'), S::v('password'),
- $globals->asso('mail_domain'));
-
- $page->useMenu();
$page->assign('asso', $globals->asso());
$page->setType($globals->asso('cat'));
+
+ return $globals->asso('mail_domain');
}
function handler_lists(&$page)
{
global $globals;
+ if (!$globals->asso('mail_domain')) {
+ return PL_NOT_FOUND;
+ }
$this->prepare_client($page);
-
$page->changeTpl('xnetlists/index.tpl');
if (Get::has('del')) {
- $this->client->unsubscribe(Get::get('del'));
+ S::assert_xsrf_token();
+ $this->client->unsubscribe(Get::v('del'));
pl_redirect('lists');
}
if (Get::has('add')) {
- $this->client->subscribe(Get::get('add'));
+ S::assert_xsrf_token();
+ $this->client->subscribe(Get::v('add'));
pl_redirect('lists');
}
if (Post::has('del_alias') && may_update()) {
- $alias = Post::get('del_alias');
+ S::assert_xsrf_token();
+
+ $alias = Post::v('del_alias');
// prevent group admin from erasing aliases from other groups
$alias = substr($alias, 0, strpos($alias, '@')).'@'.$globals->asso('mail_domain');
XDB::query(
- 'DELETE FROM x4dat.virtual_redirect, x4dat.virtual
+ 'DELETE FROM r, v
USING x4dat.virtual AS v
- LEFT JOIN x4dat.virtual_redirect USING(vid)
+ LEFT JOIN x4dat.virtual_redirect AS r USING(vid)
WHERE v.alias={?}', $alias);
- $page->trig(Post::get('del_alias')." supprimé !");
+ $page->trigSuccess(Post::v('del_alias')." supprimé !");
}
$listes = $this->client->get_lists();
{
global $globals;
+ if (!$globals->asso('mail_domain')) {
+ return PL_NOT_FOUND;
+ }
$this->prepare_client($page);
-
$page->changeTpl('xnetlists/create.tpl');
- $page->assign('force_list_super', may_update());
if (!Post::has('submit')) {
return;
+ } else {
+ S::assert_xsrf_token();
}
if (!Post::has('liste')) {
- $page->trig('champs «addresse souhaitée» vide');
+ $page->trigError('champs «adresse souhaitée» vide');
return;
}
- $liste = Post::get('liste');
+ $liste = strtolower(Post::v('liste'));
if (!preg_match("/^[a-zA-Z0-9\-]*$/", $liste)) {
- $page->trig('le nom de la liste ne doit contenir que des lettres, chiffres et tirets');
+ $page->trigError('le nom de la liste ne doit contenir que des lettres non accentuées, chiffres et tirets');
return;
}
$new = $liste.'@'.$globals->asso('mail_domain');
- $res = XDB::query('SELECT COUNT(*) FROM x4dat.virtual WHERE alias={?}', $new);
- $n = $res->fetchOneCell();
+ $res = XDB::query('SELECT alias FROM x4dat.virtual WHERE alias={?}', $new);
- if ($n) {
- $page->trig('cet alias est déjà pris');
+ if ($res->numRows()) {
+ $page->trigError('cet alias est déjà pris');
return;
}
- if (!Post::get('desc')) {
- $page->trig('le sujet est vide');
+ if (!Post::v('desc')) {
+ $page->trigError('le sujet est vide');
return;
}
- require_once 'lists.inc.php';
$ret = $this->client->create_list(
- $liste, Post::get('desc'), Post::get('advertise'),
- Post::get('modlevel'), Post::get('inslevel'),
- array(S::v('forlife')), array());
+ $liste, utf8_decode(Post::v('desc')), Post::v('advertise'),
+ Post::v('modlevel'), Post::v('inslevel'),
+ array(S::user()->forlifeEmail()), array(S::user()->forlifeEmail()));
$dom = strtolower($globals->asso("mail_domain"));
$red = $dom.'_'.$liste;
if (!$ret) {
- $page->kill("Un problème est survenu, contacter "
+ $page->kill("Un problème est survenu, contacter "
."<a href='mailto:support@m4x.org'>support@m4x.org</a>");
return;
}
- XDB::execute('INSERT INTO x4dat.virtual (alias,type)
- VALUES({?},{?})', $liste.'@'.$dom, 'list');
- XDB::execute('INSERT INTO x4dat.virtual_redirect (vid,redirect)
- VALUES ({?}, {?})', mysql_insert_id(),
- "$red+post@listes.polytechnique.org");
- XDB::execute('INSERT INTO x4dat.virtual (alias,type)
- VALUES({?},{?})', $liste.'-owner@'.$dom, 'list');
- XDB::execute('INSERT INTO x4dat.virtual_redirect (vid,redirect)
- VALUES ({?}, {?})', mysql_insert_id(),
- "$red+owner@listes.polytechnique.org");
- XDB::execute('INSERT INTO x4dat.virtual (alias,type)
- VALUES({?},{?})', $liste.'-admin@'.$dom, 'list');
- XDB::execute('INSERT INTO x4dat.virtual_redirect (vid,redirect)
- VALUES ({?}, {?})', mysql_insert_id(),
- "$red+admin@listes.polytechnique.org");
- XDB::execute('INSERT INTO x4dat.virtual (alias,type)
- VALUES({?},{?})', $liste.'-bounces@'.$dom, 'list');
- XDB::execute('INSERT INTO x4dat.virtual_redirect (vid,redirect)
- VALUES ({?}, {?})', mysql_insert_id(),
- "$red+bounces@listes.polytechnique.org");
-
+ foreach (array('', 'owner', 'admin', 'bounces', 'unsubscribe') as $app) {
+ $mdir = $app == '' ? '+post' : '+' . $app;
+ if (!empty($app)) {
+ $app = '-' . $app;
+ }
+ XDB::execute('INSERT INTO x4dat.virtual (alias,type)
+ VALUES({?},{?})', $liste. $app . '@'.$dom, 'list');
+ XDB::execute('INSERT INTO x4dat.virtual_redirect (vid,redirect)
+ VALUES ({?}, {?})', XDB::insertId(),
+ $red . $mdir . '@listes.polytechnique.org');
+ }
pl_redirect('lists/admin/'.$liste);
}
{
global $globals;
+ if (!$globals->asso('mail_domain')) {
+ return PL_NOT_FOUND;
+ }
$this->prepare_client($page);
-
$page->changeTpl('xnetlists/sync.tpl');
if (Env::has('add')) {
- $this->client->mass_subscribe($liste, array_keys(Env::getMixed('add')));
+ S::assert_xsrf_token();
+ $this->client->mass_subscribe($liste, array_keys(Env::v('add')));
}
list(,$members) = $this->client->get_members($liste);
$mails = array_map(create_function('$arr', 'return $arr[1];'), $members);
- $subscribers = array_unique(array_merge($subscribers, $mails));
+ $subscribers = array_unique($mails);
$not_in_group_x = array();
$not_in_group_ext = array();
$ann = XDB::iterator(
"SELECT if (m.origine='X',if (u.nom_usage<>'', u.nom_usage, u.nom) ,m.nom) AS nom,
if (m.origine='X',u.prenom,m.prenom) AS prenom,
- if (m.origine='X',u.promo,'extérieur') AS promo,
- if (m.origine='X',CONCAT(a.alias, '@polytechnique.org'),m.email) AS email,
+ if (m.origine='X',u.promo,'extérieur') AS promo,
+ if (m.origine='X',CONCAT(a.alias, '@{$globals->mail->domain}'),m.email) AS email,
if (m.origine='X',FIND_IN_SET('femme', u.flags),0) AS femme,
m.perms='admin' AS admin,
m.origine='X' AS x
FROM groupex.membres AS m
LEFT JOIN auth_user_md5 AS u ON ( u.user_id = m.uid )
LEFT JOIN aliases AS a ON ( a.id = m.uid AND a.type='a_vie' )
- WHERE m.asso_id = {?}", $globals->asso('id'));
+ WHERE m.asso_id = {?}
+ ORDER BY promo, nom, prenom", $globals->asso('id'));
$not_in_list = array();
while ($tmp = $ann->next()) {
- if (!in_array($tmp['email'], $subscribers)) {
+ if (!in_array(strtolower($tmp['email']), $subscribers)) {
$not_in_list[] = $tmp;
}
}
function handler_aadmin(&$page, $lfull = null)
{
- if (is_null($lfull)) {
+ global $globals;
+
+ if (!$globals->asso('mail_domain') || is_null($lfull)) {
return PL_NOT_FOUND;
}
-
- new_groupadmin_page('xnet/groupe/alias-admin.tpl');
+ $page->changeTpl('xnetlists/alias-admin.tpl');
if (Env::has('add_member')) {
- $add = Env::get('add_member');
+ S::assert_xsrf_token();
+
+ $add = Env::v('add_member');
if (strstr($add, '@')) {
list($mbox,$dom) = explode('@', strtolower($add));
} else {
SELECT vid, {?}
FROM x4dat.virtual
WHERE alias={?}", "$alias@m4x.org", $lfull);
- $page->trig("$alias@m4x.org ajouté");
+ $page->trigSuccess("$alias@m4x.org ajouté");
} else {
- $page->trig("$mbox@polytechnique.org n'existe pas.");
+ $page->trigError("$mbox@{$globals->mail->domain} n'existe pas.");
}
} else {
XDB::query(
SELECT vid,{?}
FROM x4dat.virtual
WHERE alias={?}", "$mbox@$dom", $lfull);
- $page->trig("$mbox@$dom ajouté");
+ $page->trigSuccess("$mbox@$dom ajouté");
}
}
if (Env::has('del_member')) {
+ S::assert_xsrf_token();
XDB::query(
"DELETE FROM x4dat.virtual_redirect
USING x4dat.virtual_redirect
INNER JOIN x4dat.virtual USING(vid)
- WHERE redirect={?} AND alias={?}", Env::get('del_member'), $lfull);
+ WHERE redirect={?} AND alias={?}", Env::v('del_member'), $lfull);
pl_redirect('alias/admin/'.$lfull);
}
- $res = XDB::iterator(
- "SELECT redirect
- FROM x4dat.virtual_redirect AS vr
- INNER JOIN x4dat.virtual AS v USING(vid)
- WHERE v.alias={?}
- ORDER BY redirect", $lfull);
+ global $globals;
+ $res = XDB::iterator("SELECT IF(r.login IS NULL, m.nom, IF(u.nom_usage != '', u.nom_usage, u.nom)) AS nom,
+ IF(r.login IS NULL, m.prenom, u.prenom) AS prenom,
+ IF(r.login IS NULL, 'extérieur', u.promo) AS promo,
+ m.perms = 'admin' AS admin, r.redirect, r.login AS alias
+ FROM (SELECT redirect AS redirect,
+ IF(SUBSTRING_INDEX(redirect, '@', -1) IN ({?}, {?}),
+ SUBSTRING_INDEX(redirect, '@', 1), NULL) AS login
+ FROM x4dat.virtual_redirect AS vr
+ INNER JOIN x4dat.virtual AS v USING(vid)
+ WHERE v.alias = {?}
+ ORDER BY redirect) AS r
+ LEFT JOIN aliases AS a ON (r.login IS NOT NULL AND r.login = a.alias)
+ LEFT JOIN auth_user_md5 AS u ON (u.user_id = a.id)
+ LEFT JOIN groupex.membres AS m ON (m.asso_id = {?} AND IF(r.login IS NULL, m.email = r.redirect, m.uid = u.user_id))",
+ $globals->mail->domain, $globals->mail->domain2,
+ $lfull, $globals->asso('id'));
$page->assign('mem', $res);
}
{
global $globals;
- new_groupadmin_page('xnet/groupe/alias-create.tpl');
+ if (!$globals->asso('mail_domain')) {
+ return PL_NOT_FOUND;
+ }
+ $page->changeTpl('xnetlists/alias-create.tpl');
if (!Post::has('submit')) {
return;
+ } else {
+ S::assert_xsrf_token();
}
if (!Post::has('liste')) {
- $page->trig('champs «addresse souhaitée» vide');
+ $page->trigError('champs «adresse souhaitée» vide');
return;
}
- $liste = Post::get('liste');
+ $liste = Post::v('liste');
if (!preg_match("/^[a-zA-Z0-9\-\.]*$/", $liste)) {
- $page->trig('le nom de l\'alias ne doit contenir que des lettres,'
- .' chiffres, tirets et points');
+ $page->trigError('le nom de l\'alias ne doit contenir que des lettres,'
+ .' chiffres, tirets et points');
return;
}
$res = XDB::query('SELECT COUNT(*) FROM x4dat.virtual WHERE alias={?}', $new);
$n = $res->fetchOneCell();
if ($n) {
- $page->trig('cet alias est déjà pris');
+ $page->trigError('cet alias est déjà pris');
return;
}
}
}
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
?>