X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fadmin.php;h=d4fb1ede37c4567be98a14f5832d7c3cd066934d;hb=12262f1306059765d8625a6752364679c8625d31;hp=1adab45aa726963009ce1240083f80e0686e6f7f;hpb=a15a353a635e9f4c2a76453e2866f7b7808e494b;p=platal.git diff --git a/modules/admin.php b/modules/admin.php index 1adab45..d4fb1ed 100644 --- a/modules/admin.php +++ b/modules/admin.php @@ -1,6 +1,6 @@ $this->make_hook('phpinfo', AUTH_MDP, 'admin'), 'get_rights' => $this->make_hook('get_rights', AUTH_COOKIE, 'admin'), + 'set_skin' => $this->make_hook('set_skin', AUTH_COOKIE, 'admin'), 'admin' => $this->make_hook('default', AUTH_MDP, 'admin'), 'admin/dead-but-active' => $this->make_hook('dead_but_active', AUTH_MDP, 'admin'), 'admin/deaths' => $this->make_hook('deaths', AUTH_MDP, 'admin'), @@ -41,7 +42,7 @@ class AdminModule extends PLModule 'admin/skins' => $this->make_hook('skins', AUTH_MDP, 'admin'), 'admin/user' => $this->make_hook('user', AUTH_MDP, 'admin'), 'admin/add_accounts' => $this->make_hook('add_accounts', AUTH_MDP, 'admin'), - 'admin/validate' => $this->make_hook('validate', AUTH_MDP, 'admin'), + 'admin/validate' => $this->make_hook('validate', AUTH_MDP, 'admin,edit_directory'), 'admin/validate/answers' => $this->make_hook('validate_answers', AUTH_MDP, 'admin'), 'admin/wiki' => $this->make_hook('wiki', AUTH_MDP, 'admin'), 'admin/ipwatch' => $this->make_hook('ipwatch', AUTH_MDP, 'admin'), @@ -49,7 +50,8 @@ class AdminModule extends PLModule 'admin/accounts' => $this->make_hook('accounts', AUTH_MDP, 'admin'), 'admin/account/watch' => $this->make_hook('account_watch', AUTH_MDP, 'admin'), 'admin/account/types' => $this->make_hook('account_types', AUTH_MDP, 'admin'), - 'admin/jobs' => $this->make_hook('jobs', AUTH_MDP, 'admin'), + 'admin/jobs' => $this->make_hook('jobs', AUTH_MDP, 'admin,edit_directory'), + 'admin/profile' => $this->make_hook('profile', AUTH_MDP, 'admin,edit_directory') ); } @@ -83,6 +85,17 @@ class AdminModule extends PLModule } } + function handler_set_skin(&$page) + { + S::assert_xsrf_token(); + S::set('skin', Post::s('change_skin')); + if (!empty($_SERVER['HTTP_REFERER'])) { + http_redirect($_SERVER['HTTP_REFERER']); + } else { + pl_redirect('/'); + } + } + function handler_default(&$page) { $page->changeTpl('admin/index.tpl'); @@ -285,10 +298,10 @@ class AdminModule extends PLModule if ($action == 'session') { // we are viewing a session - $res = XDB::query("SELECT ls.*, a.alias AS username, sa.alias AS suer + $res = XDB::query("SELECT ls.*, a.hruid AS username, sa.hruid AS suer FROM log_sessions AS ls - LEFT JOIN aliases AS a ON (a.uid = ls.uid AND a.type='a_vie') - LEFT JOIN aliases AS sa ON (sa.uid = ls.suid AND sa.type='a_vie') + INNER JOIN accounts AS a ON (a.uid = ls.uid) + LEFT JOIN accounts AS sa ON (sa.uid = ls.suid) WHERE ls.id = {?}", $arg); $page->assign('session', $a = $res->fetchOneAssoc()); @@ -304,9 +317,12 @@ class AdminModule extends PLModule } else { $loguser = $action == 'user' ? $arg : Env::v('loguser'); - $res = XDB::query('SELECT uid FROM aliases WHERE alias={?}', - $loguser); - $loguid = $res->fetchOneCell(); + if ($loguser) { + $user = User::get($loguser); + $loguid = $user->id(); + } else { + $loguid = null; + } if ($loguid) { $year = Env::i('year'); @@ -344,9 +360,9 @@ class AdminModule extends PLModule // get the requested sessions $where = $this->_makeWhere($year, $month, $day, $loguid); $select = "SELECT s.id, s.start, s.uid, - a.alias as username + a.hruid as username FROM log_sessions AS s - LEFT JOIN aliases AS a ON (a.uid = s.uid AND a.type='a_vie') + INNER JOIN accounts AS a ON (a.uid = s.uid) $where ORDER BY start DESC"; $res = XDB::iterator($select); @@ -371,7 +387,7 @@ class AdminModule extends PLModule } $page->assign_by_ref('sessions', $sessions); } else { - $page->assign('msg_nofilters', "Sélectionner une annuée et/ou un utilisateur"); + $page->assign('msg_nofilters', "Sélectionner une année et/ou un utilisateur"); } } @@ -676,6 +692,7 @@ class AdminModule extends PLModule $page->addJsLink('jquery.ui.core.js'); + $page->addJsLink('jquery.ui.widget.js'); $page->addJsLink('jquery.ui.tabs.js'); $page->addJsLink('password.js'); @@ -741,7 +758,7 @@ class AdminModule extends PLModule return false; } - array_map('trim', $infos); + $infos = array_map('trim', $infos); $hrid = self::getHrid($infos[1], $infos[0], $promo); $res1 = XDB::query('SELECT COUNT(*) FROM accounts @@ -750,7 +767,7 @@ class AdminModule extends PLModule FROM profiles WHERE hrpid = {?}', $hrid); if (is_null($hrid) || $res1->fetchOneCell() > 0 || $res2->fetchOneCell() > 0) { - $page->trigError("La ligne $infosLine n'a pas été ajoutée."); + $page->trigError("La ligne $infosLine n'a pas été ajoutée: une entrée similaire existe déjà"); return false; } $infos['hrid'] = $hrid; @@ -772,7 +789,9 @@ class AdminModule extends PLModule private static function formatBirthDate($birthDate) { - return date("Y-m-d", strtotime($birthDate)); + // strtotime believes dd/mm/yyyy to be an US date (i.e mm/dd/yyyy), and + // dd-mm-yyyy to be a normal date (i.e dd-mm-yyyy)... + return date("Y-m-d", strtotime(str_replace('/', '-', $birthDate))); } function handler_add_accounts(&$page, $action = null, $promo = null) @@ -820,8 +839,7 @@ class AdminModule extends PLModule $page->killError("La formation n'est pas reconnue:" . Env::t('edu_type') . '.'); } - XDB::execute("SET AUTOCOMMIT = 0"); - XDB::execute("START TRANSACTION"); + XDB::startTransaction(); foreach ($lines as $line) { if ($infos = self::formatNewUser($page, $line, $separator, $hrpromo, 6)) { $sex = self::formatSex($page, $infos[3], $line); @@ -862,11 +880,11 @@ class AdminModule extends PLModule XDB::execute('INSERT INTO account_profiles (uid, pid, perms) VALUES ({?}, {?}, {?})', $uid, $pid, 'owner'); - Profile::rebuildSearchTokens($pid); + Profile::rebuildSearchTokens($pid, false); } } } - XDB::execute("COMMIT"); + XDB::commit(); } else if (Env::t('add_type') == 'account') { $type = Env::t('type'); $newAccounts = array(); @@ -957,8 +975,8 @@ class AdminModule extends PLModule XDB::execute("UPDATE aliases SET type = 'homonyme', expire=NOW() WHERE alias = {?}", $loginbis); - XDB::execute("REPLACE INTO homonyms (homonyme_id, uid) - VALUES ({?}, {?})", $target, $target); + XDB::execute('INSERT IGNORE INTO homonyms (homonyme_id, uid) + VALUES ({?}, {?})', $target, $target); send_robot_homonyme($user, $loginbis); $op = 'list'; $page->trigSuccess('Email envoyé à ' . $user->forlifeEmail() . ', alias supprimé.'); @@ -1058,7 +1076,6 @@ class AdminModule extends PLModule $page->changeTpl('admin/validation.tpl'); $page->setTitle('Administration - Valider une demande'); $page->addCssLink('nl.css'); - $page->addJsLink('ajax.js'); if ($action == 'edit' && !is_null($id)) { $page->assign('preview_id', $id); @@ -1094,8 +1111,9 @@ class AdminModule extends PLModule $hide[] = $cat; } $hide_requests = join(',', $hide); - XDB::query('REPLACE INTO requests_hidden (uid, hidden_requests) - VALUES ({?}, {?})', + XDB::query('INSERT INTO requests_hidden (uid, hidden_requests) + VALUES ({?}, {?}) + ON DUPLICATE KEY UPDATE hidden_requests = VALUES(hidden_requests)', S::v('uid'), $hide_requests); } elseif ($hide_requests) { foreach (explode(',', $hide_requests) as $hide_type) @@ -1108,6 +1126,7 @@ class AdminModule extends PLModule global $globals; $globals->updateNbValid(); $page->assign('vit', Validate::iterate()); + $page->assign('isAdmin', S::admin()); } function handler_validate_answers(&$page, $action = 'list', $id = null) @@ -1198,7 +1217,7 @@ class AdminModule extends PLModule S::assert_xsrf_token(); $firstname = Post::t('firstname'); $lastname = strtoupper(Post::t('lastname')); - $sex = Post::b('sex') ? User::GENDER_FEMALE : User::GENDER_MALE; + $sex = Post::s('sex'); $email = Post::t('email'); $type = Post::s('type'); $login = PlUser::makeHrid($firstname, $lastname, $type); @@ -1465,30 +1484,36 @@ class AdminModule extends PLModule $selectedJob = Env::has('selectedJob'); Phone::deletePhones(0, Phone::LINK_COMPANY, $id); - Address::delete(null, Address::LINK_COMPANY, $id); + Address::deleteAddresses(null, Address::LINK_COMPANY, $id); if (Env::has('change')) { - XDB::execute('UPDATE profile_job - SET jobid = {?} - WHERE jobid = {?}', - Env::i('newJobId'), $id); - XDB::execute('DELETE FROM profile_job_enum - WHERE id = {?}', - $id); - - $page->trigSuccess("L'entreprise a bien été remplacée."); + if (Env::has('newJobId') && Env::i('newJobId') > 0) { + XDB::execute('UPDATE profile_job + SET jobid = {?} + WHERE jobid = {?}', + Env::i('newJobId'), $id); + XDB::execute('DELETE FROM profile_job_enum + WHERE id = {?}', + $id); + + $page->trigSuccess("L'entreprise a bien été remplacée."); + } else { + $page->trigError("L'entreprise n'a pas été remplacée car l'identifiant fourni n'est pas valide."); + } } else { XDB::execute('UPDATE profile_job_enum SET name = {?}, acronym = {?}, url = {?}, email = {?}, NAF_code = {?}, AX_code = {?}, holdingid = {?} WHERE id = {?}', Env::t('name'), Env::t('acronym'), Env::t('url'), Env::t('email'), - Env::t('NAF_code'), Env::i('AX_code'), Env::i('holdingId'), $id); + (Env::t('NAF_code') == 0 ? null : Env::t('NAF_code')), + (Env::i('AX_code') == 0 ? null : Env::t('AX_code')), + (Env::i('holdingId') == 0 ? null : Env::t('holdingId')), $id); $phone = new Phone(array('display' => Env::v('tel'), 'link_id' => $id, 'id' => 0, 'type' => 'fixed', 'link_type' => Phone::LINK_COMPANY, 'pub' => 'public')); $fax = new Phone(array('display' => Env::v('fax'), 'link_id' => $id, 'id' => 1, 'type' => 'fax', 'link_type' => Phone::LINK_COMPANY, 'pub' => 'public')); - $address = new Address(array('jobid' => $jobid, 'type' => Address::LINK_COMPANY, 'text' => Env::t('address'))); + $address = new Address(array('jobid' => $id, 'type' => Address::LINK_COMPANY, 'text' => Env::t('address'))); $phone->save(); $fax->save(); $address->save(); @@ -1516,6 +1541,37 @@ class AdminModule extends PLModule } } } + + function handler_profile(&$page) + { + $page->changeTpl('admin/profile.tpl'); + + if (Post::has('checked')) { + S::assert_xsrf_token(); + $res = XDB::iterator('SELECT DISTINCT(pm.pid), pd.public_name + FROM profile_modifications AS pm + INNER JOIN profile_display AS pd ON (pm.pid = pd.pid) + WHERE pm.type = \'self\''); + + while ($profile = $res->next()) { + if (Post::has('checked_' . $profile['pid'])) { + XDB::execute('DELETE FROM profile_modifications + WHERE type = \'self\' AND pid = {?}', $profile['pid']); + + $page->trigSuccess('Profil de ' . $profile['public_name'] . ' vérifié.'); + } + } + } + + $res = XDB::iterator('SELECT p.hrpid, pm.pid, pd.directory_name, GROUP_CONCAT(pm.field SEPARATOR \', \') AS field + FROM profile_modifications AS pm + INNER JOIN profiles AS p ON (pm.pid = p.pid) + INNER JOIN profile_display AS pd ON (pm.pid = pd.pid) + WHERE pm.type = \'self\' + GROUP BY pd.directory_name + ORDER BY pd.directory_name'); + $page->assign('updates', $res); + } } // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: