X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fplatal.php;h=11b6b85420208307c70c9019fc39238a5509d775;hb=5ae3e9a9b7e095956904a2bedbc0845af88434f0;hp=3ebcd991fc168c11a1371cfd80e1386f14ad9fc5;hpb=d53c12097f4e82ad4657de86f199699973dee29f;p=platal.git diff --git a/modules/platal.php b/modules/platal.php index 3ebcd99..11b6b85 100644 --- a/modules/platal.php +++ b/modules/platal.php @@ -178,11 +178,11 @@ class PlatalModule extends PLModule # FIXME: this code is not multi-domain compatible. We should decide how # carva will extend to users not in the main domain. - $res = XDB::query("SELECT alias - FROM aliases - WHERE uid = {?} AND FIND_IN_SET('bestalias', flags)", - S::user()->id()); - $page->assign('bestalias', $res->fetchOneCell()); + $best = XDB::fetchOneCell('SELECT email + FROM email_source_account + WHERE uid = {?} AND FIND_IN_SET(\'bestalias\', flags)', + S::user()->id()); + $page->assign('bestalias', $best); } function handler_prefs_rss($page) @@ -229,6 +229,7 @@ class PlatalModule extends PLModule $page->changeTpl('platal/password.tpl'); $page->setTitle('Mon mot de passe'); + $page->assign('do_auth', false); } function handler_smtppass($page) @@ -275,7 +276,7 @@ class PlatalModule extends PLModule return; } - if (!ereg('[0-3][0-9][0-1][0-9][1][9]([0-9]{2})', Env::v('birth'))) { + if (!preg_match('/^[0-3][0-9][0-1][0-9][1][9]([0-9]{2})$/', Env::v('birth'))) { $page->trigError('Date de naissance incorrecte ou incohérente'); return; } @@ -300,35 +301,35 @@ class PlatalModule extends PLModule return; } - $res = XDB::query("SELECT COUNT(*) - FROM emails - WHERE uid = {?} AND flags != 'panne' AND flags != 'filter'", $user->id()); - $count = intval($res->fetchOneCell()); - if ($count == 0) { + if ($user->lost) { $page->assign('no_addr', true); return; } $page->assign('ok', true); - $url = rand_url_id(); + $url = rand_url_id(); XDB::execute('INSERT INTO account_lost_passwords (certificat,uid,created) VALUES ({?},{?},NOW())', $url, $user->id()); - $res = XDB::query('SELECT email - FROM emails - WHERE uid = {?} AND email = {?}', - $user->id(), Post::v('email')); - if ($res->numRows()) { - $mails = $res->fetchOneCell(); - } else { - $res = XDB::query("SELECT email - FROM emails - WHERE uid = {?} AND NOT FIND_IN_SET('filter', flags)", $user->id()); - $mails = implode(', ', $res->fetchColumn()); + $to = XDB::fetchOneCell('SELECT redirect + FROM email_redirect_account + WHERE uid = {?} AND redirect = {?}', + $user->id(), Post::t('email')); + if (is_null($to)) { + $emails = XDB::fetchColumn('SELECT redirect + FROM email_redirect_account + WHERE uid = {?} AND flags = \'inactive\' AND type = \'smtp\'', + $user->id()); + $inactives_to = implode(', ', $emails); } $mymail = new PlMailer(); $mymail->setFrom('"Gestion des mots de passe" mail->domain . '>'); - $mymail->addTo($mails); + if (is_null($to)) { + $mymail->addTo($user); + $mymail->addTo($inactives_to); + } else { + $mymail->addTo($to); + } $mymail->setSubject("Ton certificat d'authentification"); $mymail->setTxtBody("Visite la page suivante qui expire dans six heures : {$globals->baseurl}/tmpPWD/$url @@ -343,8 +344,7 @@ Email envoyé à ".Env::v('login') . (Post::has('email') ? " Adresse de secours : " . Post::v('email') : "")); $mymail->send(); - // on cree un objet logger et on log l'evenement - S::logger($user->id())->log('recovery', $mails); + S::logger($user->id())->log('recovery', is_null($to) ? $inactives_to . ', ' . $user->bestEmail() : $to); } function handler_tmpPWD($page, $certif = null) @@ -383,9 +383,20 @@ Adresse de secours : " . Post::v('email') : "")); } S::logger($uid)->log("passwd", ""); + + // Try to start a session (so the user don't have to log in); we will use + // the password available in Post:: to authenticate the user. + Platal::session()->start(AUTH_MDP); + $page->changeTpl('platal/tmpPWD.success.tpl'); } else { + $hruid = XDB::fetchOneCell('SELECT hruid + FROM accounts + WHERE uid = {?}', + $uid); $page->changeTpl('platal/password.tpl'); + $page->assign('hruid', $hruid); + $page->assign('do_auth', true); } }