X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fprofile.php;h=f32a683f20b5d6e9036fbf4a5507d232db994c5c;hb=2ce6d1a63b8a0943937aac9ee21a71ccb35b7c96;hp=49a7f59843d272547f33a3f9cc5ea9fbc8e80ea2;hpb=7da8ef908e09ae0738f26838656abcb3f4c8d2ad;p=platal.git diff --git a/modules/profile.php b/modules/profile.php index 49a7f59..f32a683 100644 --- a/modules/profile.php +++ b/modules/profile.php @@ -29,6 +29,7 @@ class ProfileModule extends PLModule 'fiche.php' => $this->make_hook('fiche', AUTH_PUBLIC), 'profile' => $this->make_hook('profile', AUTH_PUBLIC), + 'profile/private' => $this->make_hook('profile', AUTH_COOKIE), 'profile/edit' => $this->make_hook('p_edit', AUTH_MDP), 'profile/orange' => $this->make_hook('p_orange', AUTH_MDP), 'profile/usage' => $this->make_hook('p_usage', AUTH_MDP), @@ -39,13 +40,19 @@ class ProfileModule extends PLModule 'trombi' => $this->make_hook('trombi', AUTH_COOKIE), 'vcard' => $this->make_hook('vcard', AUTH_COOKIE), + 'admin/binets' => $this->make_hook('admin_binets', AUTH_MDP, 'admin'), + 'admin/medals' => $this->make_hook('admin_medals', AUTH_MDP, 'admin'), + 'admin/formations' => $this->make_hook('admin_formations', AUTH_MDP, 'admin'), + 'admin/groupes-x' => $this->make_hook('admin_groupesx', AUTH_MDP, 'admin'), + 'admin/trombino' => $this->make_hook('admin_trombino', AUTH_MDP, 'admin'), + ); } /* XXX COMPAT */ function handler_fiche(&$page) { - return $this->handler_profile($page, Env::get('user')); + return $this->handler_profile($page, Env::v('user')); } @@ -118,7 +125,7 @@ class ProfileModule extends PLModule if (Env::has('upload')) { $file = isset($_FILES['userfile']['tmp_name']) ? $_FILES['userfile']['tmp_name'] - : Env::get('photo'); + : Env::v('photo'); if ($data = file_get_contents($file)) { if ($myphoto = new PhotoReq(S::v('uid'), $data)) { $myphoto->submit(); @@ -133,13 +140,13 @@ class ProfileModule extends PLModule $myphoto->commit(); $myphoto->clean(); } - } elseif (Env::get('suppr')) { + } elseif (Env::v('suppr')) { XDB::execute('DELETE FROM photo WHERE uid = {?}', S::v('uid')); XDB::execute('DELETE FROM requests WHERE user_id = {?} AND type="photo"', S::v('uid')); - } elseif (Env::get('cancel')) { + } elseif (Env::v('cancel')) { $sql = XDB::query('DELETE FROM requests WHERE user_id={?} AND type="photo"', S::v('uid')); @@ -161,12 +168,11 @@ class ProfileModule extends PLModule global $globals; require_once 'user.func.inc.php'; - $page->changeTpl('fiche.tpl'); - $page->assign('simple', true); + $page->changeTpl('fiche.tpl', SIMPLE); $view = 'private'; - if (!S::logged() || Env::get('view') == 'public') $view = 'public'; - if (S::logged() && Env::get('view') == 'ax') $view = 'ax'; + if (!S::logged() || Env::v('view') == 'public') $view = 'public'; + if (S::logged() && Env::v('view') == 'ax') $view = 'ax'; if (is_numeric($x)) { $res = XDB::query( @@ -183,8 +189,10 @@ class ProfileModule extends PLModule return PL_NOT_FOUND; } - $new = Env::get('modif') == 'new'; + $new = Env::v('modif') == 'new'; $user = get_user_details($login, S::v('uid'), $view); + $user['freetext'] = preg_replace('/((?:https?|ftp):\/\/(?:&|\.*,*[a-z@0-9~%$£µ&i#\-+=_\/\?])*)/i', + '\\0', $user['freetext']); $title = $user['prenom'] . ' ' . empty($user['nom_usage']) ? $user['nom'] : $user['nom_usage']; $page->assign('xorg_title', $title); @@ -230,7 +238,7 @@ class ProfileModule extends PLModule $user['forlife'].'@'.$globals->mail->domain2); $page->assign('virtualalias', $res->fetchOneCell()); - $page->addJsLink('javascript/close_on_esc.js'); + $page->addJsLink('close_on_esc.js'); } function handler_p_edit(&$page, $opened_tab = 'general') @@ -239,25 +247,40 @@ class ProfileModule extends PLModule $page->changeTpl('profil.tpl'); - $page->addCssLink('css/profil.css'); + $page->addCssLink('profil.css'); $page->assign('xorg_title', 'Polytechnique.org - Mon Profil'); require_once 'tabs.inc.php'; require_once 'profil.func.inc.php'; require_once 'synchro_ax.inc.php'; - if (Post::has('register_from_ax_question')) { - XDB::query('UPDATE auth_user_quick + if (Post::v('register_from_ax_question')) { + XDB::execute('UPDATE auth_user_quick SET profile_from_ax = 1 WHERE user_id = {?}', S::v('uid')); } + if (Post::v('add_to_nl')) { + require_once 'newsletter.inc.php'; + subscribe_nl(); + } + if (Post::v('add_to_promo')) { + $r = XDB::query('SELECT id FROM groupex.asso WHERE diminutif = {?}', + S::v('promo')); + $asso_id = $r->fetchOneCell(); + XDB::execute('REPLACE INTO groupex.membres (uid,asso_id) + VALUES ({?}, {?})', + S::v('uid'), $asso_id); + require_once 'lists.inc.php'; + $client =& lists_xmlrpc(S::v('uid'), S::v('password')); + $client->subscribe("promo".S::v('promo')); + } if (is_ax_key_missing()) { $page->assign('no_private_key', true); } - if (Env::get('synchro_ax') == 'confirm' && !is_ax_key_missing()) { + if (Env::v('synchro_ax') == 'confirm' && !is_ax_key_missing()) { ax_synchronize(S::v('bestalias'), S::v('uid')); $page->trig('Ton profil a été synchronisé avec celui du site polytechniciens.com'); } @@ -275,16 +298,16 @@ class ProfileModule extends PLModule // la date de naissance n'existait pas et vient d'être soumise dans la variable if (Env::has('birth')) { //en cas d'erreur : - if (!ereg('[0-3][0-9][0-1][0-9][1][9]([0-9]{2})', Env::get('birth'))) { + if (!ereg('[0-3][0-9][0-1][0-9][1][9]([0-9]{2})', Env::v('birth'))) { $page->assign('etat_naissance', 'query'); $page->trig('Date de naissance incorrecte ou incohérente.'); return; } //sinon - $birth = sprintf("%s-%s-%s", substr(Env::get('birth'), 4, 4), - substr(Env::get('birth'), 2, 2), - substr(Env::get('birth'), 0, 2)); + $birth = sprintf("%s-%s-%s", substr(Env::v('birth'), 4, 4), + substr(Env::v('birth'), 2, 2), + substr(Env::v('birth'), 0, 2)); XDB::execute("UPDATE auth_user_md5 SET naissance={?} WHERE user_id={?}", $birth, @@ -332,8 +355,7 @@ class ProfileModule extends PLModule } if (Env::has('suivant')) { - redirect($globals->baseurl . '/profile/edit/' . - get_next_tab($opened_tab)); + pl_redirect('profile/edit/' . get_next_tab($opened_tab)); } require_once "profil/get_{$opened_tab}.inc.php"; @@ -366,7 +388,7 @@ class ProfileModule extends PLModule return; } - $promo_sortie = Env::getInt('promo_sortie'); + $promo_sortie = Env::i('promo_sortie'); if ($promo_sortie < 1000 || $promo_sortie > 9999) { $page->trig('L\'année de sortie doit être un nombre de quatre chiffres'); @@ -404,8 +426,7 @@ class ProfileModule extends PLModule return PL_NOT_FOUND; } - $page->changeTpl('fiche_referent.tpl'); - $page->assign('simple', true); + $page->changeTpl('fiche_referent.tpl', SIMPLE); $res = XDB::query( "SELECT prenom, nom, user_id, promo, cv, a.alias AS bestalias @@ -458,7 +479,7 @@ class ProfileModule extends PLModule WHERE uid = {?}", $user_id); $page->assign('pays', $res->fetchColumn()); - $page->addJsLink('javascript/close_on_esc.js'); + $page->addJsLink('close_on_esc.js'); } function handler_ref_search(&$page) @@ -467,10 +488,10 @@ class ProfileModule extends PLModule $page->assign('xorg_title', 'Polytechnique.org - Conseil Pro'); - $secteur_sel = Post::get('secteur'); - $ss_secteur_sel = Post::get('ss_secteur'); - $pays_sel = Post::get('pays', '00'); - $expertise_champ = Post::get('expertise'); + $secteur_sel = Post::v('secteur'); + $ss_secteur_sel = Post::v('ss_secteur'); + $pays_sel = Post::v('pays', '00'); + $expertise_champ = Post::v('expertise'); $page->assign('pays_sel', $pays_sel); $page->assign('expertise_champ', $expertise_champ); @@ -554,7 +575,7 @@ class ProfileModule extends PLModule $nb_max_res_total = 100; $nb_max_res_ppage = 10; - $curpage = Env::getInt('curpage', 1); + $curpage = Env::i('curpage', 1); $personnes = array(); $i = 0; @@ -592,7 +613,7 @@ class ProfileModule extends PLModule $page->assign('usage_old', $usage_old); $page->assign('alias_old', $alias_old); - $nom_usage = replace_accent(trim(Env::get('nom_usage'))); + $nom_usage = replace_accent(trim(Env::v('nom_usage'))); $nom_usage = strtoupper($nom_usage); $page->assign('usage_req', $nom_usage); @@ -602,9 +623,9 @@ class ProfileModule extends PLModule $page->assign('same', true); } else { // le nom de mariage est distinct du nom à l'X // on calcule l'alias pour l'afficher - $reason = Env::get('reason'); + $reason = Env::v('reason'); if ($reason == 'other') { - $reason = Env::get('other_reason'); + $reason = Env::v('other_reason'); } $myusage = new UsageReq(S::v('uid'), $nom_usage, $reason); $myusage->submit(); @@ -626,7 +647,7 @@ class ProfileModule extends PLModule $this->promo = $promo = intval($promo); - if ($promo >= 1900 && $promo < intval(date('Y')) + if ($promo >= 1900 && ($promo < intval(date('Y')) || ($promo == intval(date('Y')) && intval(date('m')) >= 9)) || ($promo == -1 && S::has_perms())) { $trombi = new Trombi(array($this, '_trombi_getlist')); @@ -638,14 +659,32 @@ class ProfileModule extends PLModule } } + function vcard_escape($text) + { + return preg_replace('/[,;]/', '\\\\$0', $text); + } + function format_adr($params, &$smarty) { // $adr1, $adr2, $adr3, $postcode, $city, $region, $country extract($params['adr']); - $adr = $adr1; + $adr = trim($adr1); $adr = trim("$adr\n$adr2"); $adr = trim("$adr\n$adr3"); - return quoted_printable_encode(";;$adr;$city;$region;$postcode;$country"); + return $this->vcard_text_encode(';;' + . $this->vcard_escape($adr) . ';' + . $this->vcard_escape($city) . ';' + . $this->vcard_escape($region) . ';' + . $this->vcard_escape($postcode) . ';' + . $this->vcard_escape($country), false); + } + + function vcard_text_encode($text, $escape = true) + { + if ($escape) { + $text = $this->vcard_escape($text); + } + return str_replace("\n", "\\n", $text); //implode('\n', explode("\n", $text)); } function handler_vcard(&$page, $x = null) @@ -660,15 +699,19 @@ class ProfileModule extends PLModule $x = substr($x, 0, strlen($x) - 4); } - new_nonhtml_page('vcard.tpl', AUTH_COOKIE); + $page->changeTpl('vcard.tpl', NO_SKIN); require_once 'xorg.misc.inc.php'; require_once 'user.func.inc.php'; - $page->register_modifier('qp_enc', 'quoted_printable_encode'); + $page->register_modifier('vcard_enc', array($this, 'vcard_text_encode')); $page->register_function('format_adr', array($this, 'format_adr')); $login = get_user_forlife($x); $user = get_user_details($login); + + if (strlen(trim($user['freetext']))) { + $user['freetext'] = html_entity_decode($user['freetext']); + } // alias virtual $res = XDB::query( @@ -683,14 +726,113 @@ class ProfileModule extends PLModule $user['forlife'].'@'.$globals->mail->domain2); $user['virtualalias'] = $res->fetchOneCell(); - - $page->assign_by_ref('vcard', $user); + + // get photo + $res = XDB::query( + "SELECT attach, attachmime + FROM photo AS p + INNER JOIN aliases AS a ON (a.id = p.uid AND a.type = 'a_vie') + WHERE a.alias = {?}", $login); + if ($res->numRows()) { + $user['photo'] = $res->fetchOneAssoc(); + } + $page->assign('users', array($user)); header("Pragma: "); header("Cache-Control: "); - header("Content-type: text/x-vcard\n"); - header("Content-Transfer-Encoding: Quoted-Printable\n"); + header("Content-type: text/x-vcard; charset=iso-8859-15"); + header("Content-Transfer-Encoding: 8bit"); + } + + function handler_admin_trombino(&$page, $uid = null, $action = null) { + $page->changeTpl('admin/admin_trombino.tpl'); + $page->assign('xorg_title','Polytechnique.org - Administration - Trombino'); + $page->assign('uid', $uid); + + $q = XDB::query( + "SELECT a.alias,promo + FROM auth_user_md5 AS u + INNER JOIN aliases AS a ON ( u.user_id = a.id AND type='a_vie' ) + WHERE user_id = {?}", $uid); + list($forlife, $promo) = $q->fetchOneRow(); + + switch ($action) { + + case "original": + header("Content-type: image/jpeg"); + readfile("/home/web/trombino/photos".$promo."/".$forlife.".jpg"); + exit; + break; + + case "new": + $data = file_get_contents($_FILES['userfile']['tmp_name']); + list($x, $y) = getimagesize($_FILES['userfile']['tmp_name']); + $mimetype = substr($_FILES['userfile']['type'], 6); + unlink($_FILES['userfile']['tmp_name']); + XDB::execute( + "REPLACE INTO photo SET uid={?}, attachmime = {?}, attach={?}, x={?}, y={?}", + $uid, $mimetype, $data, $x, $y); + break; + + case "delete": + XDB::execute('DELETE FROM photo WHERE uid = {?}', $uid); + break; + } + + $page->assign('forlife', $forlife); } + function handler_admin_binets(&$page, $action = 'list', $id = null) { + $page->assign('xorg_title','Polytechnique.org - Administration - Binets'); + $page->assign('title', 'Gestion des binets'); + $table_editor = new PLTableEditor('admin/binets', 'binets_def', 'id'); + $table_editor->add_join_table('binets_ins','binet_id',true); + $table_editor->describe('text','intitulé',true); + $table_editor->apply($page, $action, $id); + } + function handler_admin_formations(&$page, $action = 'list', $id = null) { + $page->assign('xorg_title','Polytechnique.org - Administration - Formations'); + $page->assign('title', 'Gestion des formations'); + $table_editor = new PLTableEditor('admin/formations','applis_def','id'); + $table_editor->add_join_table('applis_ins','aid',true); + $table_editor->describe('text','intitulé',true); + $table_editor->describe('url','site web',false); + $table_editor->apply($page, $action, $id); + } + function handler_admin_groupesx(&$page, $action = 'list', $id = null) { + $page->assign('xorg_title','Polytechnique.org - Administration - Groupes X'); + $page->assign('title', 'Gestion des Groupes X'); + $table_editor = new PLTableEditor('admin/groupes-x','groupesx_def','id'); + $table_editor->add_join_table('groupesx_ins','gid',true); + $table_editor->describe('text','intitulé',true); + $table_editor->describe('url','site web',false); + $table_editor->apply($page, $action, $id); + } + function handler_admin_medals(&$page, $action = 'list', $id = null) { + $page->assign('xorg_title','Polytechnique.org - Administration - Distinctions'); + $page->assign('title', 'Gestion des Distinctions'); + $table_editor = new PLTableEditor('admin/medals','profile_medals','id'); + $table_editor->describe('text', 'intitulé', true); + $table_editor->describe('img', 'nom de l\'image', false); + $table_editor->apply($page, $action, $id); + if ($id && $action == 'edit') { + $page->changeTpl('admin/gerer_decos.tpl'); + + $mid = $id; + + if (Post::v('act') == 'del') { + XDB::execute('DELETE FROM profile_medals_grades WHERE mid={?} AND gid={?}', $mid, Post::i('gid')); + } elseif (Post::v('act') == 'new') { + XDB::execute('INSERT INTO profile_medals_grades (mid,gid) VALUES({?},{?})', + $mid, max(array_keys(Post::v('grades', array(0))))+1); + } else { + foreach (Post::v('grades', array()) as $gid=>$text) { + XDB::execute('UPDATE profile_medals_grades SET pos={?}, text={?} WHERE gid={?}', $_POST['pos'][$gid], $text, $gid); + } + } + $res = XDB::iterator('SELECT gid, text, pos FROM profile_medals_grades WHERE mid={?} ORDER BY pos', $mid); + $page->assign('grades', $res); + } + } } ?>