X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fprofile.php;h=97c5ddfa0119af87bff6d144dddf162a7a608c86;hb=5b2c99878fc75a6acffb2239e284f2cb1782142c;hp=7ae3acfed4263ad8c2c0d4c05fff731e0391bc7e;hpb=70c65f3afd13138f80bcda7b2fdb5f4e4b3efd22;p=platal.git diff --git a/modules/profile.php b/modules/profile.php index 7ae3acf..97c5ddf 100644 --- a/modules/profile.php +++ b/modules/profile.php @@ -1,6 +1,6 @@ $this->make_hook('medal', AUTH_PUBLIC), 'profile/name_info' => $this->make_hook('name_info', AUTH_PUBLIC), 'profile/orange' => $this->make_hook('p_orange', AUTH_MDP), - 'profile/usage' => $this->make_hook('p_usage', AUTH_MDP), 'referent' => $this->make_hook('referent', AUTH_COOKIE), 'emploi' => $this->make_hook('ref_search', AUTH_COOKIE), @@ -73,6 +72,7 @@ class ProfileModule extends PLModule 'admin/fonctions' => $this->make_hook('admin_fonctions', AUTH_MDP, 'admin'), 'admin/corps_enum' => $this->make_hook('admin_corps_enum', AUTH_MDP, 'admin'), 'admin/corps_rank' => $this->make_hook('admin_corps_rank', AUTH_MDP, 'admin'), + 'admin/names' => $this->make_hook('admin_names', AUTH_MDP, 'admin'), ); } @@ -147,7 +147,7 @@ class ProfileModule extends PLModule $res = XDB::iterator("SELECT name, explanations, FIND_IN_SET('public', flags) AS public, FIND_IN_SET('has_particle', flags) AS has_particle - FROM profile_name_search_enum + FROM profile_name_enum WHERE NOT FIND_IN_SET('not_displayed', flags) ORDER BY NOT FIND_IN_SET('public', flags)"); $page->assign('types', $res); @@ -238,8 +238,11 @@ class ProfileModule extends PLModule return PL_NOT_FOUND; } - $login = S::logged() ? User::get($x) : User::getSilent($x); + $login = (!is_numeric($x) || S::has_perms()) ? Profile::get($x) : null; if (!$login) { + if (S::logged()) { + $page->trigError($x . ' inconnu dans l\'annuaire'); + } return PL_NOT_FOUND; } @@ -259,30 +262,29 @@ class ProfileModule extends PLModule // Determines is the user is registered, and fetches the user infos in // the appropriate way. - $res = XDB::query("SELECT perms IN ('admin','user','disabled') - FROM auth_user_md5 - WHERE user_id = {?}", $login->id()); - if ($res->fetchOneCell()) { + $owner = $login->owner(); + if (!$owner || $owner->state != 'pending') { $new = Env::v('modif') == 'new'; - $user = get_user_details($login->login(), S::v('uid'), $view); + // XXX: Deprecated... + $user = get_user_details($login->hrid(), S::i('uid'), $view); } else { $new = false; $user = array(); if (S::logged()) { - pl_redirect('marketing/public/' . $login->login()); + pl_redirect('marketing/public/' . $owner->login()); } } // Profile view are logged. if (S::logged()) { - S::logger()->log('view_profile', $login->login()); + S::logger()->log('view_profile', $login->hrid()); } // Sets the title of the html page. $page->setTitle($login->fullName()); // Prepares the display of the user's mugshot. - $photo = 'photo/' . $login->login() . ($new ? '/req' : ''); + $photo = 'photo/' . $login->hrid() . ($new ? '/req' : ''); if (!isset($user['photo_pub']) || !has_user_right($user['photo_pub'], $view)) { $photo = ""; } @@ -308,24 +310,15 @@ class ProfileModule extends PLModule // Determines and displays the virtual alias. global $globals; - $res = XDB::query( - "SELECT alias - FROM virtual - INNER JOIN virtual_redirect USING (vid) - INNER JOIN auth_user_quick ON (user_id = {?} AND emails_alias_pub = 'public') - WHERE (redirect={?} OR redirect={?}) - AND alias LIKE '%@{$globals->mail->alias_dom}'", - $login->id(), - $login->forlifeEmail(), - // TODO(vzanotti): get ride of all @m4x.org addresses in the - // virtual redirect base, and remove this über-ugly hack. - $login->login() . '@' . $globals->mail->domain2); - $page->assign('virtualalias', $res->fetchOneCell()); + $owner = $login->owner(); + if ($owner) { + $page->assign('virtualalias', $owner->emailAlias()); + } // Adds miscellaneous properties to the display. // Adds the global user property array to the display. $page->assign_by_ref('x', $user); - $page->assign_by_ref('user', $login); + $page->assign_by_ref('user', $owner); $page->assign('logged', has_user_right('private', $view)); $page->assign('view', $view); @@ -337,33 +330,34 @@ class ProfileModule extends PLModule function handler_ax(&$page, $user = null) { - $user = User::get($user); + $user = Profile::get($user); if (!$user) { return PL_NOT_FOUND; } - - $res = XDB::query("SELECT matricule_ax - FROM auth_user_md5 - WHERE user_id = {?}", $user->id()); - $mat = $res->fetchOneCell(); - if (!intval($mat)) { - $page->kill("Le matricule AX de {$user->login()} est inconnu"); + if (!$user->ax_id) { + $page->kill("Le matricule AX de {$user->hrid()} est inconnu"); } - http_redirect("http://www.polytechniciens.com/?page=AX_FICHE_ANCIEN&anc_id=$mat"); + http_redirect("http://www.polytechniciens.com/?page=AX_FICHE_ANCIEN&anc_id=" . $user->ax_id); } - function handler_p_edit(&$page, $opened_tab = null, $mode = null) + function handler_p_edit(&$page, $user = null, $opened_tab = null, $mode = null) { global $globals; - // AX Synchronization - require_once 'synchro_ax.inc.php'; - if (is_ax_key_missing()) { - $page->assign('no_private_key', true); - } - if (Env::v('synchro_ax') == 'confirm' && !is_ax_key_missing()) { - ax_synchronize(S::user()->login(), S::v('uid')); - $page->trigSuccess('Ton profil a été synchronisé avec celui du site polytechniciens.com'); + if (is_null($user)) { + $user = S::user(); + if (!$user->hasProfile()) { + return PL_NOT_FOUND; + } else { + pl_redirect('profile/edit/' . $user->profile()->hrid()); + } + } else { + $user = Profile::get($user); + if (!$user) { + return PL_NOT_FOUND; + } else if (!S::user()->canEdit($user) && Platal::notAllowed()) { + return PL_FORBIDDEN; + } } // Build the page @@ -372,7 +366,9 @@ class ProfileModule extends PLModule $page->addJsLink('grades.js'); $page->addJsLink('profile.js'); $page->addJsLink('jquery.autocomplete.js'); - $wiz = new PlWizard('Profil', PlPage::getCoreTpl('plwizard.tpl'), true, true); + $wiz = new PlWizard('Profil', PlPage::getCoreTpl('plwizard.tpl'), true, true, false); + $wiz->addUserData('profile', $user); + $wiz->addUserData('owner', $user->owner()); $this->load('page.inc.php'); $wiz->addPage('ProfileGeneral', 'Général', 'general'); $wiz->addPage('ProfileAddresses', 'Adresses personnelles', 'adresses'); @@ -381,13 +377,9 @@ class ProfileModule extends PLModule $wiz->addPage('ProfileJobs', 'Informations professionnelles', 'emploi'); $wiz->addPage('ProfileSkills', 'Compétences diverses', 'skill'); $wiz->addPage('ProfileMentor', 'Mentoring', 'mentor'); - $wiz->apply($page, 'profile/edit', $opened_tab, $mode); + $wiz->apply($page, 'profile/edit/' . $user->hrid(), $opened_tab, $mode); - // Misc checks - $res = XDB::query("SELECT user_id - FROM auth_user_md5 - WHERE user_id = {?} AND naissance = '0000-00-00'", S::i('uid')); - if ($res->numRows()) { + if (!$user->birthdate) { $page->trigWarning("Ta date de naissance n'est pas renseignée, ce qui t'empêcheras de réaliser" . " la procédure de récupération de mot de passe si un jour tu le perdais."); } @@ -433,12 +425,12 @@ class ProfileModule extends PLModule $page->assign('medal_list', $mlist); } - function handler_ajax_address(&$page, $adid) + function handler_ajax_address(&$page, $id) { header('Content-Type: text/html; charset=utf-8'); $page->changeTpl('profile/adresses.address.tpl', NO_SKIN); - $page->assign('i', $adid); - $page->assign('adr', array()); + $page->assign('i', $id); + $page->assign('address', array()); } function handler_ajax_tel(&$page, $prefid, $prefname, $telid) @@ -544,7 +536,7 @@ class ProfileModule extends PLModule header('Content-Type: text/html; charset=utf-8'); $page->changeTpl('profile/general.searchname.tpl', NO_SKIN); $res = XDB::query("SELECT id, name, FIND_IN_SET('public', flags) AS pub - FROM profile_name_search_enum + FROM profile_name_enum WHERE NOT FIND_IN_SET('not_displayed', flags) AND NOT FIND_IN_SET('always_displayed', flags)"); $page->assign('sn_type_list', $res->fetchAllAssoc()); @@ -556,26 +548,22 @@ class ProfileModule extends PLModule header('Content-Type: text/html; charset=utf-8'); $page->changeTpl('profile/general.buildnames.tpl', NO_SKIN); require_once 'name.func.inc.php'; - $page->assign('names', build_names_display($data)); + $page->assign('names', build_javascript_names($data)); } - function handler_p_orange(&$page) + function handler_p_orange(&$page, $pid = null) { $page->changeTpl('profile/orange.tpl'); require_once 'validations.inc.php'; - - $res = XDB::query("SELECT e.entry_year, e.grad_year, d.promo, FIND_IN_SET('femme', u.flags) AS sexe - FROM auth_user_md5 AS u - INNER JOIN profile_display AS d ON (d.pid = u.user_id) - INNER JOIN profile_education AS e ON (e.uid = u.user_id AND FIND_IN_SET('primary', e.flags)) - WHERE u.user_id = {?}", S::v('uid')); - - list($promo, $promo_sortie_old, $promo_display, $sexe) = $res->fetchOneRow(); - $page->assign('promo_sortie_old', $promo_sortie_old); - $page->assign('promo', $promo); - $page->assign('promo_display', $promo_display); - $page->assign('sexe', $sexe); + $profile = Profile::get($pid); + if (is_null($profile)) { + return PL_NOT_FOUND; + } + $page->assign('promo_sortie_old', $profile->grad_year); + $page->assign('promo', $profile->entry_year); + $page->assign('promo_display', $profile->promo()); + $page->assign('sexe', $profile->isFemale()); if (!Env::has('promo_sortie')) { return; @@ -584,24 +572,21 @@ class ProfileModule extends PLModule } $promo_sortie = Env::i('promo_sortie'); - + $promo = $profile->entry_year; if ($promo_sortie < 1000 || $promo_sortie > 9999) { $page->trigError('L\'année de sortie doit être un nombre de quatre chiffres.'); - } - elseif ($promo_sortie < $promo + 3) { + } elseif ($promo_sortie < $promo + 3) { $page->trigError('Trop tôt !'); - } - elseif ($promo_sortie == $promo_sortie_old) { + } elseif ($promo_sortie == $promo_sortie_old) { $page->trigWarning('Tu appartiens déjà à la promotion correspondante à cette année de sortie.'); - } - elseif ($promo_sortie == $promo + 3) { - XDB::execute("UPDATE profile_education + } elseif ($promo_sortie == $promo + 3) { + XDB::execute('UPDATE profile_education SET grad_year = {?} - WHERE uid = {?} AND FIND_IN_SET('primary', flags)", $promo_sortie, S::v('uid')); - $page->trigSuccess('Ton statut "orange" a été supprimé.'); - $page->assign('promo_sortie_old', $promo_sortie); - } - else { + WHERE uid = {?} AND FIND_IN_SET(\'primary\', flags)', + $promo_sortie, $profile->id()); + $page->trigSuccess('Ton statut "orange" a été supprimé.'); + $page->assign('promo_sortie_old', $promo_sortie); + } else { $page->assign('promo_sortie', $promo_sortie); if (Env::has('submit')) { @@ -612,37 +597,36 @@ class ProfileModule extends PLModule } } - function handler_referent(&$page, $x = null) + function handler_referent(&$page, $user) { require_once 'user.func.inc.php'; $page->changeTpl('profile/fiche_referent.tpl', SIMPLE); - $user = User::get($x); - if ($user == null) { + $user = Profile::get($user); + if (!$user) { return PL_NOT_FOUND; } - $res = XDB::query("SELECT cv FROM auth_user_md5 WHERE user_id = {?}", $user->id()); - $cv = $res->fetchOneCell(); - $page->assign_by_ref('user', $user); - $page->assign('cv', MiniWiki::WikiToHTML($cv, true)); - $page->assign('adr_pro', get_user_details_pro($user->id())); + $page->assign('cv', MiniWiki::WikiToHTML($user->cv, true)); + //TODO: waiting for job refactoring to be done + //$page->assign('adr_pro', get_user_details_pro($user->id())); ///// recuperations infos referent //expertise - $res = XDB::query("SELECT expertise FROM profile_mentor WHERE uid = {?}", $user->id()); + $res = XDB::query('SELECT expertise + FROM profile_mentor + WHERE uid = {?}', $user->id()); $page->assign('expertise', $res->fetchOneCell()); //secteurs $secteurs = $ss_secteurs = Array(); - $res = XDB::iterRow( - "SELECT s.name AS label, ss.name AS label - FROM profile_mentor_sector AS m - LEFT JOIN profile_job_sector_enum AS s ON(m.sectorid = s.id) - LEFT JOIN profile_job_subsector_enum AS ss ON(m.sectorid = ss.sectorid AND m.subsectorid = ss.id) - WHERE uid = {?}", $user->id()); + $res = XDB::iterRow('SELECT s.name AS label, ss.name AS label + FROM profile_mentor_sector AS m + LEFT JOIN profile_job_sector_enum AS s ON(m.sectorid = s.id) + LEFT JOIN profile_job_subsector_enum AS ss ON(m.sectorid = ss.sectorid AND m.subsectorid = ss.id) + WHERE uid = {?}', $user->id()); while (list($sec, $ssec) = $res->next()) { $secteurs[] = $sec; $ss_secteurs[] = $ssec; @@ -650,11 +634,11 @@ class ProfileModule extends PLModule $page->assign_by_ref('secteurs', $secteurs); $page->assign_by_ref('ss_secteurs', $ss_secteurs); - //pays + // Countries. $res = XDB::query( - "SELECT gp.pays + "SELECT gc.countryFR FROM profile_mentor_country AS m - LEFT JOIN geoloc_pays AS gp ON (m.country = gp.a2) + LEFT JOIN geoloc_countries AS gc ON (m.country = gc.iso_3166_1_a2) WHERE uid = {?}", $user->id()); $page->assign('pays', $res->fetchColumn()); @@ -735,59 +719,16 @@ class ProfileModule extends PLModule $page->changeTpl('include/field.select.tpl', NO_SKIN); $page->assign('name', 'pays_sel'); $where = ($ssect ? ' AND ms.subsectorid = {?}' : ''); - $it = XDB::iterator("SELECT a2 AS id, pays AS field - FROM geoloc_pays AS g - INNER JOIN profile_mentor_country AS mp ON (mp.country = g.a2) + $it = XDB::iterator("SELECT gc.iso_3166_1_a2 AS id, gc.countryFR AS field + FROM geoloc_countries AS gc + INNER JOIN profile_mentor_country AS mp ON (mp.country = gc.iso_3166_1_a2) INNER JOIN profile_mentor_sector AS ms ON (ms.uid = mp.uid) - WHERE ms.sectorid = {?} $where - GROUP BY a2 - ORDER BY pays", $sect, $ssect); + WHERE ms.sectorid = {?} " . $where . " + GROUP BY iso_3166_1_a2 + ORDER BY countryFR", $sect, $ssect); $page->assign('list', $it); } - function handler_p_usage(&$page) - { - $page->changeTpl('profile/nomusage.tpl'); - - require_once 'validations.inc.php'; - - $res = XDB::query( - "SELECT u.nom, u.nom_usage, u.flags, e.alias - FROM auth_user_md5 AS u - LEFT JOIN aliases AS e ON(u.user_id = e.id - AND FIND_IN_SET('usage', e.flags)) - WHERE user_id={?}", S::v('uid')); - - list($nom, $usage_old, $flags, $alias_old) = $res->fetchOneRow(); - $flags = new PlFlagSet($flags); - $page->assign('usage_old', $usage_old); - $page->assign('alias_old', $alias_old); - - $nom_usage = replace_accent(trim(Env::v('nom_usage'))); - $nom_usage = strtoupper($nom_usage); - $page->assign('usage_req', $nom_usage); - - if (Env::has('submit') && ($nom_usage != $usage_old)) { - S::assert_xsrf_token(); - - // on vient de recevoir une requete, differente de l'ancien nom d'usage - if ($nom_usage == $nom) { - $page->trigWarning('Le nom d\'usage que tu demandes est identique à ton nom à l\'X, ' - . 'aucune modification n\'a donc été effectuée.'); - $page->assign('same', true); - } else { // le nom de mariage est distinct du nom à l'X - // on calcule l'alias pour l'afficher - $reason = Env::v('reason'); - if ($reason == 'other') { - $reason = Env::v('other_reason'); - } - $myusage = new UsageReq(S::user(), $nom_usage, $reason); - $myusage->submit(); - $page->assign('myusage', $myusage); - } - } - } - function handler_xnet(&$page) { $page->changeTpl('profile/groupesx.tpl'); @@ -856,6 +797,17 @@ class ProfileModule extends PLModule break; } } + function handler_admin_names(&$page, $action = 'list', $id = null) { + $page->setTitle('Administration - Types de noms'); + $page->assign('title', 'Gestion des types de noms'); + $table_editor = new PLTableEditor('admin/names', 'profile_name_enum', 'id', true); + $table_editor->describe('name', 'Nom', true); + $table_editor->describe('explanations', 'Explications', true); + $table_editor->describe('type', 'Type', true); + $table_editor->describe('flags', 'Flags', true); + $table_editor->describe('score', 'Score', true); + $table_editor->apply($page, $action, $id); + } function handler_admin_binets(&$page, $action = 'list', $id = null) { $page->setTitle('Administration - Binets'); $page->assign('title', 'Gestion des binets');