X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Flists.php;h=baed14f8e2db839c25ff7aa92b7b5f6c78852d93;hb=7380801f05494c7e0c7f2ca9854e5302401e9077;hp=eec6fa24f52ba86bf8043ffe567caebd08dd642a;hpb=b65169f172b0b06c7731cfc67aaea15081fc0d31;p=platal.git
diff --git a/modules/lists.php b/modules/lists.php
index eec6fa2..baed14f 100644
--- a/modules/lists.php
+++ b/modules/lists.php
@@ -26,25 +26,25 @@ class ListsModule extends PLModule
function handlers()
{
return array(
- 'lists' => $this->make_hook('lists', AUTH_MDP),
- 'lists/ajax' => $this->make_hook('ajax', AUTH_MDP, 'user', NO_AUTH),
- 'lists/create' => $this->make_hook('create', AUTH_MDP, 'lists'),
-
- 'lists/members' => $this->make_hook('members', AUTH_COOKIE),
- 'lists/csv' => $this->make_hook('csv', AUTH_COOKIE),
- 'lists/annu' => $this->make_hook('annu', AUTH_COOKIE),
- 'lists/archives' => $this->make_hook('archives', AUTH_COOKIE),
+ 'lists' => $this->make_hook('lists', AUTH_PASSWD, 'user'),
+ 'lists/ajax' => $this->make_hook('ajax', AUTH_PASSWD, 'user', NO_AUTH),
+ 'lists/create' => $this->make_hook('create', AUTH_PASSWD, 'lists'),
+
+ 'lists/members' => $this->make_hook('members', AUTH_COOKIE, 'user'),
+ 'lists/csv' => $this->make_hook('csv', AUTH_COOKIE, 'user'),
+ 'lists/annu' => $this->make_hook('annu', AUTH_COOKIE, 'user'),
+ 'lists/archives' => $this->make_hook('archives', AUTH_COOKIE, 'user'),
'lists/archives/rss' => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS),
- 'lists/moderate' => $this->make_hook('moderate', AUTH_MDP),
- 'lists/admin' => $this->make_hook('admin', AUTH_MDP),
- 'lists/options' => $this->make_hook('options', AUTH_MDP),
- 'lists/delete' => $this->make_hook('delete', AUTH_MDP),
+ 'lists/moderate' => $this->make_hook('moderate', AUTH_PASSWD, 'user'),
+ 'lists/admin' => $this->make_hook('admin', AUTH_PASSWD, 'user'),
+ 'lists/options' => $this->make_hook('options', AUTH_PASSWD, 'user'),
+ 'lists/delete' => $this->make_hook('delete', AUTH_PASSWD, 'user'),
- 'lists/soptions' => $this->make_hook('soptions', AUTH_MDP),
- 'lists/check' => $this->make_hook('check', AUTH_MDP),
- 'admin/lists' => $this->make_hook('admin_all', AUTH_MDP, 'admin'),
- 'admin/aliases' => $this->make_hook('aaliases', AUTH_MDP, 'admin')
+ 'lists/soptions' => $this->make_hook('soptions', AUTH_PASSWD, 'user'),
+ 'lists/check' => $this->make_hook('check', AUTH_PASSWD, 'user'),
+ 'admin/lists' => $this->make_hook('admin_all', AUTH_PASSWD, 'admin'),
+ 'admin/aliases' => $this->make_hook('aaliases', AUTH_PASSWD, 'admin')
);
}
@@ -61,6 +61,19 @@ class ListsModule extends PLModule
return $globals->mail->domain;
}
+ function verify_list_owner($page, $liste)
+ {
+ if (list(, , $owners) = $this->client->get_members($liste)) {
+ if (!(in_array(S::user()->forlifeEmail(), $owners) || S::admin())) {
+ $page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer.");
+ }
+ } else {
+ $page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer.
"
+ . " Si tu penses qu'il s'agit d'une erreur, "
+ . "contact le support.");
+ }
+ }
+
function get_pending_ops($domain, $list)
{
list($subs,$mails) = $this->client->get_pending_ops($list);
@@ -346,11 +359,11 @@ class ListsModule extends PLModule
$this->prepare_client($page);
$members = $this->client->get_members($liste);
$list = list_fetch_basic_info(list_extract_members($members[1]));
- pl_cached_content_headers('text/x-csv', 1);
+ pl_cached_content_headers('text/x-csv', 'iso-8859-1', 1);
- echo "email,nom,promo\n";
- echo implode("\n", $list);
- exit;
+ echo utf8_decode("Nom;Prénom;Promotion\n");
+ echo utf8_decode(implode("\n", $list));
+ exit();
}
function handler_annu($page, $liste = null, $action = null, $subaction = null)
@@ -377,29 +390,34 @@ class ListsModule extends PLModule
$page->kill("La liste n'existe pas ou tu n'as pas le droit d'en voir les détails.");
}
- global $platal;
list(,$members) = $this->client->get_members($liste);
- $users = array();
- foreach ($members as $m) {
- $users[] = $m[1];
+
+ if ($action == 'moderators') {
+ $users = $owners;
+ $show_moderators = true;
+ $action = $subaction;
+ $subaction = '';
+ } else {
+ $show_moderators = false;
+ $users = array();
+ foreach ($members as $m) {
+ $users[] = $m[1];
+ }
}
+
require_once 'userset.inc.php';
- $view = new ArraySet($users);
- $view->addMod('trombi', 'Trombinoscope', true, array('with_promo' => true));
+ $view = new UserArraySet($users);
+ $view->addMod('trombi', 'Trombinoscope', false, array('with_promo' => true));
+ $view->addMod('listmember', 'Annuaire', true);
if (empty($GLOBALS['IS_XNET_SITE'])) {
$view->addMod('minifiche', 'Mini-fiches', false);
}
- // TODO: Reactivate when the new map is completed.
- // $view->addMod('geoloc', 'Planisphère');
+ $view->addMod('map', 'Planisphère');
$view->apply("lists/annu/$liste", $page, $action, $subaction);
- if ($action == 'geoloc' && $subaction) {
- return;
- }
$page->changeTpl('lists/annu.tpl');
- $moderos = list_sort_owners($owners[1]);
$page->assign_by_ref('details', $owners[0]);
- $page->assign_by_ref('owners', $moderos);
+ $page->assign('show_moderators', $show_moderators);
}
function handler_archives($page, $liste = null, $action = null, $artid = null)
@@ -478,6 +496,7 @@ class ListsModule extends PLModule
}
$domain = $this->prepare_client($page);
+ $this->verify_list_owner($page, $liste);
$page->changeTpl('lists/moderate.tpl');
@@ -597,6 +616,7 @@ class ListsModule extends PLModule
}
$domain = $this->prepare_client($page);
+ $this->verify_list_owner($page, $liste);
$page->changeTpl('lists/admin.tpl');
@@ -613,8 +633,9 @@ class ListsModule extends PLModule
case 'marketu': case 'markets':
require_once 'emails.inc.php';
+ $user = User::get($uids[$key]);
$mail = valide_email($mails[$key]);
- if (isvalid_email_redirection($mail)) {
+ if (isvalid_email_redirection($mail, $user)) {
$from = ($action == 'marketu') ? 'user' : 'staff';
$market = Marketing::get($uids[$key], $mail);
if (!$market) {
@@ -638,6 +659,10 @@ class ListsModule extends PLModule
$members = User::getBulkForlifeEmails(Env::v('add_member'),
true,
array('ListsModule', 'no_login_callback'));
+ // Make sure we send a list (array_values) of unique (array_unique)
+ // emails.
+ $members = array_values(array_unique($members));
+
$arr = $this->client->mass_subscribe($liste, $members);
if (is_array($arr)) {
foreach($arr as $addr) {
@@ -656,6 +681,10 @@ class ListsModule extends PLModule
$members = User::getBulkForlifeEmails($upload->getContents(),
true,
array('ListsModule', 'no_login_callback'));
+ // Make sure we send a list (array_values) of unique (array_unique)
+ // emails.
+ $members = array_values(array_unique($members));
+
$arr = $this->client->mass_subscribe($liste, $members);
if (is_array($arr)) {
foreach($arr as $addr) {
@@ -716,7 +745,6 @@ class ListsModule extends PLModule
$page->assign_by_ref('members', $membres);
$page->assign_by_ref('owners', $moderos);
$page->assign('np_m', count($mem));
-
} else {
$page->kill("La liste n'existe pas ou tu n'as pas le droit de l'administrer.
"
. " Si tu penses qu'il s'agit d'une erreur, "
@@ -731,6 +759,7 @@ class ListsModule extends PLModule
}
$this->prepare_client($page);
+ $this->verify_list_owner($page, $liste);
$page->changeTpl('lists/options.tpl');
@@ -799,6 +828,7 @@ class ListsModule extends PLModule
}
$domain = $this->prepare_client($page);
+ $this->verify_list_owner($page, $liste);
$page->changeTpl('lists/delete.tpl');
if (Post::v('valid') == 'OUI') {
S::assert_xsrf_token();
@@ -833,6 +863,7 @@ class ListsModule extends PLModule
}
$this->prepare_client($page);
+ $this->verify_list_owner($page, $liste);
$page->changeTpl('lists/soptions.tpl');
@@ -862,6 +893,7 @@ class ListsModule extends PLModule
}
$this->prepare_client($page);
+ $this->verify_list_owner($page, $liste);
$page->changeTpl('lists/check.tpl');