X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Femail.php;h=a9929633094c79a166e119ea72efc752d7c78ad8;hb=91ebb7ff6485f03fcccfdf2142e997e44ee399b2;hp=59b08cc098f35b54492ebdff4a5e92e9b19e4d3f;hpb=7727ffc74dd19bc3dd2d7b5c2b44e892c2e63f5d;p=platal.git diff --git a/modules/email.php b/modules/email.php index 59b08cc..a992963 100644 --- a/modules/email.php +++ b/modules/email.php @@ -1,6 +1,6 @@ $this->make_hook('redirect', AUTH_MDP), 'emails/send' => $this->make_hook('send', AUTH_MDP), 'emails/antispam/submit' => $this->make_hook('submit', AUTH_COOKIE), + 'emails/test' => $this->make_hook('test', AUTH_COOKIE, 'user', NO_AUTH), + + 'emails/imap/in' => $this->make_hook('imap_in', AUTH_PUBLIC), 'admin/emails/duplicated' => $this->make_hook('duplicated', AUTH_MDP, 'admin'), - 'admin/emails/lost' => $this->make_hook('lost', AUTH_MDP, 'admin'), + 'admin/emails/watch' => $this->make_hook('duplicated', AUTH_MDP, 'admin'), + 'admin/emails/lost' => $this->make_hook('lost', AUTH_MDP, 'admin'), ); } function handler_emails(&$page, $action = null, $email = null) { global $globals; + require_once 'emails.inc.php'; $page->changeTpl('emails/index.tpl'); - $page->assign('xorg_title','Polytechnique.org - Mes emails'); + $page->assign('pl_title','Polytechnique.org - Mes emails'); $uid = S::v('uid'); if ($action == 'best' && $email) { + if (!S::has_xsrf_token()) { + return PL_FORBIDDEN; + } + // bestalias is the first bit : 1 // there will be maximum 8 bits in flags : 255 XDB::execute("UPDATE aliases SET flags=flags & (255 - 1) WHERE id={?}", $uid); @@ -63,14 +72,12 @@ class EmailModule extends PLModule ORDER BY LENGTH(alias)"; $page->assign('aliases', XDB::iterator($sql, $uid)); - $homonyme = XDB::query("SELECT alias FROM aliases INNER JOIN homonymes ON (id = homonyme_id) WHERE user_id = {?} AND type = 'homonyme'", $uid); - $page->assign('homonyme', $homonyme->fetchOneCell()); - - $sql = "SELECT email - FROM emails - WHERE uid = {?} AND FIND_IN_SET('active', flags)"; - $page->assign('mails', XDB::iterator($sql, $uid)); + $homonyme = XDB::query("SELECT alias FROM aliases INNER JOIN homonymes ON (id = homonyme_id) WHERE user_id = {?} AND type = 'homonyme'", $uid); + $page->assign('homonyme', $homonyme->fetchOneCell()); + // Affichage des redirections de l'utilisateur. + $redirect = new Redirect($uid); + $page->assign('mails', $redirect->active_emails()); // on regarde si l'utilisateur a un alias et si oui on l'affiche ! $forlife = S::v('forlife'); @@ -78,7 +85,7 @@ class EmailModule extends PLModule "SELECT alias FROM virtual AS v INNER JOIN virtual_redirect AS vr USING(vid) - WHERE (redirect={?} OR redirect={?}) + WHERE (redirect={?} OR redirect={?}) AND alias LIKE '%@{$globals->mail->alias_dom}'", $forlife.'@'.$globals->mail->domain, $forlife.'@'.$globals->mail->domain2); $page->assign('melix', $res->fetchOneCell()); @@ -91,7 +98,7 @@ class EmailModule extends PLModule global $globals; $page->changeTpl('emails/alias.tpl'); - $page->assign('xorg_title','Polytechnique.org - Alias melix.net'); + $page->assign('pl_title','Polytechnique.org - Alias melix.net'); $uid = S::v('uid'); $forlife = S::v('forlife'); @@ -99,6 +106,8 @@ class EmailModule extends PLModule $page->assign('demande', AliasReq::get_request($uid)); if ($action == 'delete' && $value) { + S::assert_xsrf_token(); + //Suppression d'un alias XDB::execute( 'DELETE virtual, virtual_redirect @@ -114,15 +123,16 @@ class EmailModule extends PLModule FROM auth_user_quick, virtual INNER JOIN virtual_redirect USING(vid) WHERE ( redirect={?} OR redirect= {?} ) - AND alias LIKE '%@{$globals->mail->alias_dom}' AND user_id = {?}", + AND alias LIKE '%@{$globals->mail->alias_dom}' AND user_id = {?}", $forlife.'@'.$globals->mail->domain, $forlife.'@'.$globals->mail->domain2, S::v('uid')); list($alias, $visibility) = $res->fetchOneRow(); $page->assign('actuel', $alias); - if ($action == 'ask' && Env::has('alias') and Env::has('raison')) { - //Si l'utilisateur vient de faire une damande + if ($action == 'ask' && Env::has('alias') && Env::has('raison')) { + S::assert_xsrf_token(); + //Si l'utilisateur vient de faire une damande $alias = Env::v('alias'); $raison = Env::v('raison'); $public = (Env::v('public', 'off') == 'on')?"public":"private"; @@ -135,17 +145,17 @@ class EmailModule extends PLModule //Quelques vérifications sur l'alias (caractères spéciaux) if (!preg_match( "/^[a-zA-Z0-9\-.]{3,20}$/", $alias)) { - $page->trig("L'adresse demandée n'est pas valide. - Vérifie qu'elle comporte entre 3 et 20 caractères - et qu'elle ne contient que des lettres non accentuées, - des chiffres ou les caractères - et ."); + $page->trigError("L'adresse demandée n'est pas valide." + . " Vérifie qu'elle comporte entre 3 et 20 caractères" + . " et qu'elle ne contient que des lettres non accentuées," + . " des chiffres ou les caractères - et ."); return; } else { //vérifier que l'alias n'est pas déja pris $res = XDB::query('SELECT COUNT(*) FROM virtual WHERE alias={?}', $alias.'@'.$globals->mail->alias_dom); if ($res->fetchOneCell() > 0) { - $page->trig("L'alias $alias@{$globals->mail->alias_dom} a déja été attribué. + $page->trigError("L'alias $alias@{$globals->mail->alias_dom} a déja été attribué. Tu ne peux donc pas l'obtenir."); return; } @@ -153,8 +163,8 @@ class EmailModule extends PLModule //vérifier que l'alias n'est pas déja en demande $it = new ValidateIterator (); while($req = $it->next()) { - if ($req->type == "alias" and $req->alias == $alias) { - $page->trig("L'alias $alias@{$globals->mail->alias_dom} a déja été demandé. + if ($req->type == "alias" and $req->alias == $alias . '@' . $globals->mail->alias_dom) { + $page->trigError("L'alias $alias@{$globals->mail->alias_dom} a déja été demandé. Tu ne peux donc pas l'obtenir pour l'instant."); return ; } @@ -166,10 +176,11 @@ class EmailModule extends PLModule $page->assign('success',$alias); return; } - } - elseif ($action == 'set' - && ($value == 'public' || $value == 'private')) - { + } elseif ($action == 'set' && ($value == 'public' || $value == 'private')) { + if (!S::has_xsrf_token()) { + return PL_FORBIDDEN; + } + if ($value == 'public') { XDB::execute("UPDATE auth_user_quick SET emails_alias_pub = 'public' WHERE user_id = {?}", S::v('uid')); @@ -199,25 +210,32 @@ class EmailModule extends PLModule $redirect = new Redirect(S::v('uid')); + // FS#703 : $_GET is urldecoded twice, hence + // + (the data) => %2B (in the url) => + (first decoding) => ' ' (second decoding) + // Since there can be no spaces in emails, we can fix this with : + $email = str_replace(' ', '+', $email); + if ($action == 'remove' && $email) { $retour = $redirect->delete_email($email); $page->assign('retour', $retour); } - - if ($action == 'active' && $email) { - $redirect->modify_one_email($email, true); - } - - if ($action == 'inactive' && $email) { - $redirect->modify_one_email($email, false); - } - - if ($action == 'rewrite' && $email) { - $rewrite = @func_get_arg(3); - $redirect->modify_one_email_redirect($email, $rewrite); - } - + + if ($action == 'active' && $email) { + $redirect->modify_one_email($email, true); + } + + if ($action == 'inactive' && $email) { + $redirect->modify_one_email($email, false); + } + + if ($action == 'rewrite' && $email) { + $rewrite = @func_get_arg(3); + $redirect->modify_one_email_redirect($email, $rewrite); + } + if (Env::has('emailop')) { + S::assert_xsrf_token(); + $actifs = Env::v('emails_actifs', Array()); print_r(Env::v('emails_rewrite')); if (Env::v('emailop') == "ajouter" && Env::has('email')) { @@ -235,7 +253,7 @@ class EmailModule extends PLModule FROM virtual INNER JOIN virtual_redirect USING(vid) WHERE (redirect={?} OR redirect={?}) - AND alias LIKE '%@{$globals->mail->alias_dom}'", + AND alias LIKE '%@{$globals->mail->alias_dom}'", $forlife.'@'.$globals->mail->domain, $forlife.'@'.$globals->mail->domain2); $melix = $res->fetchOneCell(); if ($melix) { @@ -248,8 +266,12 @@ class EmailModule extends PLModule FROM aliases WHERE id={?} AND (type='a_vie' OR type='alias') ORDER BY !FIND_IN_SET('usage',flags), LENGTH(alias)", $uid); + $page->assign('alias', $res->fetchAllAssoc()); $page->assign('emails',$redirect->emails); + + require_once 'googleapps.inc.php'; + $page->assign('googleapps', GoogleAppsAccount::account_status($uid)); } function handler_antispam(&$page, $statut_filtre = null) @@ -262,7 +284,7 @@ class EmailModule extends PLModule $bogo = new Bogo(S::v('uid')); if (isset($statut_filtre)) { - $bogo->change(S::v('uid'), $statut_filtre + 0); + $bogo->change($statut_filtre + 0); } $page->assign('filtre',$bogo->level()); } @@ -274,14 +296,17 @@ class EmailModule extends PLModule $page->changeTpl('emails/submit_spam.tpl'); if (Post::has('send_email')) { - $upload = $_FILES['mail']['tmp_name']; - if (!is_uploaded_file($upload)) { - $page->trig('Une erreur a été rencontrée lors du transfert du fichier'); + S::assert_xsrf_token(); + + $upload = PlUpload::get($_FILES['mail'], S::v('forlife'), 'spam.submit', true); + if (!$upload) { + $page->trigError('Une erreur a été rencontrée lors du transfert du fichier'); return; } - $mime = trim(mime_content_type($upload)); + $mime = $upload->contentType(); if ($mime != 'text/x-mail' && $mime != 'message/rfc822') { - $page->trig('Le fichier ne contient pas un mail complet'); + $upload->clear(); + $page->trigError('Le fichier ne contient pas un mail complet'); return; } global $globals; @@ -290,24 +315,39 @@ class EmailModule extends PLModule $mailer->addTo($box); $mailer->setFrom('"' . S::v('prenom') . ' ' . S::v('nom') . '" mail->domain . '>'); $mailer->setTxtBody(Post::v('type') . ' soumis par ' . S::v('forlife') . ' via le web'); - $mailer->addAttachment($upload, 'message/rfc822', $_FILES['mail']['name']); + $mailer->addUploadAttachment($upload, Post::v('type') . '.mail'); $mailer->send(); - $page->trig('Le message a été transmis à ' . $box); + $page->trigSuccess('Le message a été transmis à ' . $box); + $upload->clear(); } } function handler_send(&$page) { global $globals; - $page->changeTpl('emails/send.tpl'); $page->addJsLink('ajax.js'); - $page->assign('xorg_title','Polytechnique.org - Envoyer un email'); + $page->assign('pl_title','Polytechnique.org - Envoyer un email'); // action si on recoit un formulaire - if (Env::v('submit') == 'Envoyer') - { + if (Post::has('save')) { + if (!S::has_xsrf_token()) { + return PL_FORBIDDEN; + } + + unset($_POST['save']); + if (trim(preg_replace('/-- .*/', '', Post::v('contenu'))) != "") { + $_POST['to_contacts'] = explode(';', @$_POST['to_contacts']); + $_POST['cc_contacts'] = explode(';', @$_POST['cc_contacts']); + $data = serialize($_POST); + XDB::execute("REPLACE INTO email_send_save + VALUES ({?}, {?})", S::i('uid'), $data); + } + exit; + } else if (Env::v('submit') == 'Envoyer') { + S::assert_xsrf_token(); + function getEmails($aliases) { if (!is_array($aliases)) { @@ -321,54 +361,70 @@ class EmailModule extends PLModule return join(', ', $ret); } + $error = false; foreach ($_FILES as &$file) { if ($file['name'] && !PlUpload::get($file, S::v('forlife'), 'emails.send', false)) { - $page->trig("Impossible de télécharger '" . pl_entities($file['name']) . "'"); + $page->trigError(PlUpload::$lastError); + $error = true; + break; } } - $to2 = getEmails(Env::v('to_contacts')); - $cc2 = getEmails(Env::v('cc_contacts')); - $txt = str_replace('^M', '', Env::v('contenu')); - $to = Env::v('to'); - $subj = Env::v('sujet'); - $from = Env::v('from'); - $cc = trim(Env::v('cc')); - $bcc = trim(Env::v('bcc')); - - if (empty($to) && empty($cc) && empty($to2) && empty($bcc) && empty($cc2)) { - $page->trig("Indique au moins un destinataire."); - $page->assign('uploaded_f', PlUpload::listFilenames(S::v('forlife'), 'emails.send')); - } else { - $mymail = new PlMailer(); - $mymail->setFrom($from); - $mymail->setSubject($subj); - if (!empty($to)) { $mymail->addTo($to); } - if (!empty($cc)) { $mymail->addCc($cc); } - if (!empty($bcc)) { $mymail->addBcc($bcc); } - if (!empty($to2)) { $mymail->addTo($to2); } - if (!empty($cc2)) { $mymail->addCc($cc2); } - $files =& PlUpload::listFiles(S::v('forlife'), 'emails.send'); - foreach ($files as $name=>&$upload) { - $mymail->addUploadAttachment($upload, $name); - } - if (Env::v('nowiki')) { - $mymail->setTxtBody(wordwrap($txt, 78, "\n")); - } else { - $mymail->setWikiBody($txt); - } - if ($mymail->send()) { - $page->trig("Ton mail a bien été envoyé."); - $_REQUEST = array('bcc' => S::v('bestalias').'@'.$globals->mail->domain); - PlUpload::clear(S::v('forlife'), 'emails.send'); - } else { - $page->trig("Erreur lors de l'envoi du courriel, réessaye."); + if (!$error) { + XDB::execute("DELETE FROM email_send_save + WHERE uid = {?}", S::i('uid')); + + $to2 = getEmails(Env::v('to_contacts')); + $cc2 = getEmails(Env::v('cc_contacts')); + $txt = str_replace('^M', '', Env::v('contenu')); + $to = Env::v('to'); + $subj = Env::v('sujet'); + $from = Env::v('from'); + $cc = trim(Env::v('cc')); + $bcc = trim(Env::v('bcc')); + + if (empty($to) && empty($cc) && empty($to2) && empty($bcc) && empty($cc2)) { + $page->trigError("Indique au moins un destinataire."); $page->assign('uploaded_f', PlUpload::listFilenames(S::v('forlife'), 'emails.send')); + } else { + $mymail = new PlMailer(); + $mymail->setFrom($from); + $mymail->setSubject($subj); + if (!empty($to)) { $mymail->addTo($to); } + if (!empty($cc)) { $mymail->addCc($cc); } + if (!empty($bcc)) { $mymail->addBcc($bcc); } + if (!empty($to2)) { $mymail->addTo($to2); } + if (!empty($cc2)) { $mymail->addCc($cc2); } + $files =& PlUpload::listFiles(S::v('forlife'), 'emails.send'); + foreach ($files as $name=>&$upload) { + $mymail->addUploadAttachment($upload, $name); + } + if (Env::v('nowiki')) { + $mymail->setTxtBody(wordwrap($txt, 78, "\n")); + } else { + $mymail->setWikiBody($txt); + } + if ($mymail->send()) { + $page->trigSuccess("Ton mail a bien été envoyé."); + $_REQUEST = array('bcc' => S::v('bestalias').'@'.$globals->mail->domain); + PlUpload::clear(S::v('forlife'), 'emails.send'); + } else { + $page->trigError("Erreur lors de l'envoi du courriel, réessaye."); + $page->assign('uploaded_f', PlUpload::listFilenames(S::v('forlife'), 'emails.send')); + } } } } else { - PlUpload::clear(S::v('forlife'), 'emails.send'); - $_REQUEST['bcc'] = S::v('bestalias').'@'.$globals->mail->domain; + $res = XDB::query("SELECT data + FROM email_send_save + WHERE uid = {?}", S::i('uid')); + if ($res->numRows() == 0) { + PlUpload::clear(S::v('forlife'), 'emails.send'); + $_REQUEST['bcc'] = S::v('bestalias').'@'.$globals->mail->domain; + } else { + $data = unserialize($res->fetchOneCell()); + $_REQUEST = array_merge($_REQUEST, $data); + } } $res = XDB::query( @@ -379,7 +435,65 @@ class EmailModule extends PLModule WHERE c.uid = {?} ORDER BY u.nom, u.prenom", S::v('uid')); $page->assign('contacts', $res->fetchAllAssoc()); - $page->assign('maxsize', ini_get('post_max_size') . 'o'); + $page->assign('maxsize', ini_get('upload_max_filesize') . 'o'); + } + + function handler_test(&$page, $forlife = null) + { + global $globals; + require_once 'emails.inc.php'; + + if (!S::has_xsrf_token()) { + return PL_FORBIDDEN; + } + if (!S::has_perms() || !$forlife) { + $forlife = S::v('bestalias'); + } + + $res = XDB::query("SELECT FIND_IN_SET('femme', u.flags), prenom, user_id + FROM auth_user_md5 AS u + INNER JOIN aliases AS a ON (a.id = u.user_id) + WHERE a.alias = {?}", $forlife); + list($sexe, $prenom, $uid) = $res->fetchOneRow(); + $redirect = new Redirect($uid); + + $mailer = new PlMailer('emails/test.mail.tpl'); + $mailer->assign('email', $forlife . '@' . $globals->mail->domain); + $mailer->assign('redirects', $redirect->active_emails()); + $mailer->assign('sexe', $sexe); + $mailer->assign('prenom', $prenom); + $mailer->send(); + exit; + } + + function handler_imap_in(&$page, $hash = null, $login = null) + { + $page->changeTpl('emails/imap_register.tpl'); + $id = null; + if (!empty($hash) || !empty($login)) { + $req = XDB::query("SELECT u.prenom, FIND_IN_SET('femme', u.flags) AS sexe, a.id + FROM aliases AS a + INNER JOIN newsletter_ins AS ni ON (a.id = ni.user_id) + INNER JOIN auth_user_md5 AS u ON (u.user_id = a.id) + WHERE a.alias = {?} AND ni.hash = {?}", $login, $hash); + list($prenom, $sexe, $id) = $req->fetchOneRow(); + } + + require_once('emails.inc.php'); + $page->assign('ok', false); + if (S::logged() && (is_null($id) || $id == S::i('uid'))) { + $storage = new EmailStorage(S::i('uid'), 'imap'); + $storage->activate(); + $page->assign('ok', true); + $page->assign('prenom', S::v('prenom')); + $page->assign('sexe', S::v('femme')); + } else if (!S::logged() && $id) { + $storage = new EmailStorage($id, 'imap'); + $storage->activate(); + $page->assign('ok', true); + $page->assign('prenom', $prenom); + $page->assign('sexe', $sexe); + } } function handler_broken(&$page, $warn = null, $email = null) @@ -393,12 +507,13 @@ class EmailModule extends PLModule $page->changeTpl('emails/broken.tpl'); if ($warn == 'warn' && $email) { + S::assert_xsrf_token(); + $email = valide_email($email); // vérifications d'usage $sel = XDB::query( "SELECT e.uid, a.alias FROM emails AS e - INNER JOIN auth_user_md5 AS u ON e.uid = u.user_id INNER JOIN aliases AS a ON (e.uid = a.id AND type!='homonyme' AND FIND_IN_SET('bestalias',a.flags)) WHERE e.email={?}", $email); @@ -417,37 +532,38 @@ Nous te suggérons de vérifier cette adresse, et le cas échéant de mettre à jour sur le site <{$globals->baseurl}/emails> tes adresses de redirection... -Pour plus de rensignements sur le service de patte cassée, n'hésites pas à +Pour plus de renseignements sur le service de patte cassée, n'hésite pas à consulter la page <{$globals->baseurl}/emails/broken>. -A bientôt sur Polytechnique.org ! -L'équipe d'administration "; +À bientôt sur Polytechnique.org ! +L'équipe d'administration mail->domain . '>'; $mail = new PlMailer(); - $mail->setFrom('"Polytechnique.org" '); - $mail->addTo("$dest@polytechnique.org"); + $mail->setFrom('"Polytechnique.org" mail->domain . '>'); + $mail->addTo("$dest@" . $globals->mail->domain); $mail->setSubject("Une de tes adresse de redirection Polytechnique.org ne marche plus !!"); $mail->setTxtBody($message); $mail->send(); - $page->trig("Mail envoyé ! :o)"); + $page->trigSuccess("Mail envoyé !"); } } elseif (Post::has('email')) { + S::assert_xsrf_token(); + $email = valide_email(Post::v('email')); list(,$fqdn) = explode('@', $email); $fqdn = strtolower($fqdn); - if ($fqdn == 'polytechnique.org' || $fqdn == 'melix.org' - || $fqdn == 'm4x.org' || $fqdn == 'melix.net') - { + if ($fqdn == 'polytechnique.org' || $fqdn == 'melix.org' || $fqdn == 'm4x.org' || $fqdn == 'melix.net') { $page->assign('neuneu', true); } else { $page->assign('email',$email); $sel = XDB::query( - "SELECT e1.uid, e1.panne != 0 AS panne, count(e2.uid) AS nb_mails, + "SELECT e1.uid, e1.panne != 0 AS panne, + (count(e2.uid) + IF(FIND_IN_SET('googleapps', u.mail_storage), 1, 0)) AS nb_mails, u.nom, u.prenom, u.promo, a.alias AS forlife FROM emails as e1 - LEFT JOIN emails as e2 ON(e1.uid = e2.uid + LEFT JOIN emails as e2 ON(e1.uid = e2.uid AND FIND_IN_SET('active', e2.flags) AND e1.email != e2.email) INNER JOIN auth_user_md5 as u ON(e1.uid = u.user_id) @@ -483,8 +599,11 @@ L'équipe d'administration "; 'dangerous' => 'Usurpations par cette adresse'); $page->assign('states', $states); + if (Post::has('action')) { + S::assert_xsrf_token(); + } switch (Post::v('action')) { - case 'create': + case 'create': if (trim(Post::v('emailN')) != '') { Xdb::execute('INSERT IGNORE INTO emails_watch (email, state, detection, last, uid, description) VALUES ({?}, {?}, CURDATE(), NOW(), {?}, {?})', @@ -492,13 +611,13 @@ L'équipe d'administration "; }; break; - case 'edit': + case 'edit': Xdb::execute('UPDATE emails_watch SET state = {?}, last = NOW(), uid = {?}, description = {?} WHERE email = {?}', Post::v('stateN'), S::i('uid'), Post::v('descriptionN'), Post::v('emailN')); break; - default: + default: if ($action == 'delete' && !is_null($email)) { Xdb::execute('DELETE FROM emails_watch WHERE email = {?}', $email); } @@ -539,7 +658,7 @@ L'équipe d'administration "; $sql = "SELECT w.detection, w.state, w.last, w.description, a1.alias AS edit, a2.alias AS forlife FROM emails_watch AS w - LEFT JOIN aliases AS a1 ON (a1.id = w.uid AND a1.type = 'a_vie') + LEFT JOIN aliases AS a1 ON (a1.id = w.uid AND a1.type = 'a_vie') LEFT JOIN emails AS e ON (w.email = e.email) LEFT JOIN aliases AS a2 ON (a2.id = e.uid AND a2.type = 'a_vie') WHERE w.email = {?} @@ -566,14 +685,16 @@ L'équipe d'administration "; function handler_lost(&$page, $action = 'list', $email = null) { $page->changeTpl('emails/lost.tpl'); - + $page->assign('lost_emails', XDB::iterator(' - SELECT u.user_id, a.alias - FROM auth_user_md5 AS u - INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type = "a_vie") - LEFT JOIN emails AS e ON (u.user_id=e.uid AND FIND_IN_SET("active",e.flags)) - WHERE e.uid IS NULL AND u.deces = 0 - ORDER BY u.promo DESC, u.nom, u.prenom')); + SELECT u.user_id, a.alias + FROM auth_user_md5 AS u + INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type = "a_vie") + LEFT JOIN emails AS e ON (u.user_id=e.uid AND FIND_IN_SET("active",e.flags)) + WHERE e.uid IS NULL AND + FIND_IN_SET("googleapps", u.mail_storage) = 0 AND + u.deces = 0 + ORDER BY u.promo DESC, u.nom, u.prenom')); } }