X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fplatal.php;h=715ba789d93ce7285b5bd64adca72e4feaa1e09a;hb=3a2985f931bdbbae9d1c689263a1dc15d9b3b7dc;hp=3ebcd991fc168c11a1371cfd80e1386f14ad9fc5;hpb=46ca73eadbd598ee219bdc48724e14c8c08b40ef;p=platal.git

diff --git a/modules/platal.php b/modules/platal.php
index 3ebcd99..715ba78 100644
--- a/modules/platal.php
+++ b/modules/platal.php
@@ -21,7 +21,7 @@
 
 function bugize($list)
 {
-    $list = preg_split('/,/', Env::s('libs'), -1, PREG_SPLIT_NO_EMPTY);
+    $list = preg_split('/,/', $list, -1, PREG_SPLIT_NO_EMPTY);
     $ans  = array();
 
     foreach ($list as $bug) {
@@ -178,11 +178,11 @@ class PlatalModule extends PLModule
 
         # FIXME: this code is not multi-domain compatible. We should decide how
         # carva will extend to users not in the main domain.
-        $res = XDB::query("SELECT  alias
-                             FROM  aliases
-                            WHERE  uid = {?} AND FIND_IN_SET('bestalias', flags)",
-                          S::user()->id());
-        $page->assign('bestalias', $res->fetchOneCell());
+        $best = XDB::fetchOneCell('SELECT  email
+                                     FROM  email_source_account
+                                    WHERE  uid = {?} AND FIND_IN_SET(\'bestalias\', flags)',
+                                  S::user()->id());
+        $page->assign('bestalias', $best);
     }
 
     function handler_prefs_rss($page)
@@ -229,6 +229,7 @@ class PlatalModule extends PLModule
 
         $page->changeTpl('platal/password.tpl');
         $page->setTitle('Mon mot de passe');
+        $page->assign('do_auth', 0);
     }
 
     function handler_smtppass($page)
@@ -275,7 +276,7 @@ class PlatalModule extends PLModule
             return;
         }
 
-        if (!ereg('[0-3][0-9][0-1][0-9][1][9]([0-9]{2})', Env::v('birth'))) {
+        if (!preg_match('/^[0-3][0-9][0-1][0-9][1][9]([0-9]{2})$/', Env::v('birth'))) {
             $page->trigError('Date de naissance incorrecte ou incohÃ©rente');
             return;
         }
@@ -300,35 +301,35 @@ class PlatalModule extends PLModule
             return;
         }
 
-        $res = XDB::query("SELECT  COUNT(*)
-                             FROM  emails
-                            WHERE  uid = {?} AND flags != 'panne' AND flags != 'filter'", $user->id());
-        $count = intval($res->fetchOneCell());
-        if ($count == 0) {
+        if ($user->lost) {
             $page->assign('no_addr', true);
             return;
         }
 
         $page->assign('ok', true);
 
-        $url   = rand_url_id();
+        $url = rand_url_id();
         XDB::execute('INSERT INTO  account_lost_passwords (certificat,uid,created)
                            VALUES  ({?},{?},NOW())', $url, $user->id());
-        $res   = XDB::query('SELECT  email
-                               FROM  emails
-                              WHERE  uid = {?} AND email = {?}',
-                            $user->id(), Post::v('email'));
-        if ($res->numRows()) {
-            $mails = $res->fetchOneCell();
-        } else {
-            $res   = XDB::query("SELECT  email
-                                   FROM  emails
-                                  WHERE  uid = {?} AND NOT FIND_IN_SET('filter', flags)", $user->id());
-            $mails = implode(', ', $res->fetchColumn());
+        $to = XDB::fetchOneCell('SELECT  redirect
+                                   FROM  email_redirect_account
+                                  WHERE  uid = {?} AND redirect = {?}',
+                                $user->id(), Post::t('email'));
+        if (is_null($to)) {
+            $emails = XDB::fetchColumn('SELECT  redirect
+                                          FROM  email_redirect_account
+                                         WHERE  uid = {?} AND flags = \'inactive\' AND type = \'smtp\'',
+                                       $user->id());
+            $inactives_to = implode(', ', $emails);
         }
         $mymail = new PlMailer();
         $mymail->setFrom('"Gestion des mots de passe" <support+password@' . $globals->mail->domain . '>');
-        $mymail->addTo($mails);
+        if (is_null($to)) {
+            $mymail->addTo($user);
+            $mymail->addTo($inactives_to);
+        } else {
+            $mymail->addTo($to);
+        }
         $mymail->setSubject("Ton certificat d'authentification");
         $mymail->setTxtBody("Visite la page suivante qui expire dans six heures :
 {$globals->baseurl}/tmpPWD/$url
@@ -339,12 +340,11 @@ Si en cliquant dessus tu n'y arrives pas, copie intÃ©gralement l'adresse dans la
 Polytechnique.org
 \"Le portail des Ã©lÃ¨ves & anciens Ã©lÃ¨ves de l'Ãcole polytechnique\"
 
-Email envoyÃ© Ã  ".Env::v('login') . (Post::has('email') ? "
-Adresse de secours : " . Post::v('email') : ""));
+Email envoyÃ© Ã  ".Env::v('login') . (is_null($to) ? '' : '
+Adresse de secours : ' . $to));
         $mymail->send();
 
-        // on cree un objet logger et on log l'evenement
-        S::logger($user->id())->log('recovery', $mails);
+        S::logger($user->id())->log('recovery', is_null($to) ? $inactives_to . ', ' . $user->bestEmail() : $to);
     }
 
     function handler_tmpPWD($page, $certif = null)
@@ -383,9 +383,20 @@ Adresse de secours : " . Post::v('email') : ""));
             }
 
             S::logger($uid)->log("passwd", "");
+
+            // Try to start a session (so the user don't have to log in); we will use
+            // the password available in Post:: to authenticate the user.
+            Platal::session()->start(AUTH_MDP);
+
             $page->changeTpl('platal/tmpPWD.success.tpl');
         } else {
+            $hruid = XDB::fetchOneCell('SELECT  hruid
+                                          FROM  accounts
+                                         WHERE  uid = {?}',
+                                       $uid);
             $page->changeTpl('platal/password.tpl');
+            $page->assign('hruid', $hruid);
+            $page->assign('do_auth', 1);
         }
     }