X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fregister.php;h=389d664feb28ad33817956b6a9727769b41cd818;hb=29b12e6ef20d42ac06842bf65fb47277bcc91a4d;hp=52f789227a8d9f6aff75244cd336d8541db29698;hpb=cab0809050d58f8484608e91f7555ebd69dcb451;p=platal.git
diff --git a/modules/register.php b/modules/register.php
index 52f7892..389d664 100644
--- a/modules/register.php
+++ b/modules/register.php
@@ -1,6 +1,6 @@
fetchOneRow()) {
+ if (list($uid, $promo, $nom, $prenom, $ourmat, $watch) = $res->fetchOneRow()) {
$sub_state['uid'] = $uid;
$sub_state['hash'] = $hash;
$sub_state['promo'] = $promo;
$sub_state['nom'] = $nom;
$sub_state['prenom'] = $prenom;
$sub_state['ourmat'] = $ourmat;
+ $sub_state['watch'] = $watch;
XDB::execute(
"REPLACE INTO register_mstats (uid,sender,success)
@@ -70,11 +81,13 @@ class RegisterModule extends PLModule
switch ($sub_state['step']) {
case 0:
+ require_once('wiki.inc.php');
+ wiki_require_page('Reference.Charte');
if (Post::has('step1')) {
$sub_state['step'] = 1;
if (isset($sub_state['hash'])) {
$sub_state['step'] = 3;
- require_once('register.inc.php');
+ require_once(dirname(__FILE__) . '/register/register.inc.php');
create_aliases($sub_state);
}
}
@@ -82,9 +95,14 @@ class RegisterModule extends PLModule
case 1:
if (Post::has('promo')) {
- $promo = Post::getInt('promo');
- if ($promo < 1900 || $promo > date('Y')) {
- $err = "La promotion saisie est incorrecte !";
+ $promo = Post::i('promo');
+ $res = XDB::query("SELECT COUNT(*)
+ FROM auth_user_md5
+ WHERE perms='pending' AND deces = '0000-00-00'
+ AND promo = {?}",
+ $promo);
+ if (!$res->fetchOneCell()) {
+ $err = "La promotion saisie est incorrecte ou tous les camardes de cette promo sont inscrits !";
} else {
$sub_state['step'] = 2;
$sub_state['promo'] = $promo;
@@ -99,10 +117,10 @@ class RegisterModule extends PLModule
case 2:
if (count($_POST)) {
- require_once('register.inc.php');
- $sub_state['prenom'] = Post::get('prenom');
- $sub_state['nom'] = Post::get('nom');
- $sub_state['mat'] = Post::get('mat');
+ require_once(dirname(__FILE__) . '/register/register.inc.php');
+ $sub_state['prenom'] = Post::v('prenom');
+ $sub_state['nom'] = Post::v('nom');
+ $sub_state['mat'] = Post::v('mat');
$err = check_new_user($sub_state);
if ($err !== true) { break; }
@@ -116,38 +134,79 @@ class RegisterModule extends PLModule
case 3:
if (count($_POST)) {
- require_once('register.inc.php');
- if (!isvalid_email(Post::get('email'))) {
+ require_once(dirname(__FILE__) . '/register/register.inc.php');
+ if (!isvalid_email(Post::v('email'))) {
$err[] = "Le champ 'E-mail' n'est pas valide.";
- } elseif (!isvalid_email_redirection(Post::get('email'))) {
+ } elseif (!isvalid_email_redirection(Post::v('email'))) {
$err[] = $sub_state['forlife']." doit renvoyer vers un email existant ".
- "valide, en particulier, il ne peut pas être renvoyé vers lui-même.";
+ "valide, en particulier, il ne peut pas être renvoyé vers lui-même.";
}
- if (!preg_match('/^[0-3][0-9][01][0-9][12][90][0-9][0-9]$/',
- Post::get('naissance')))
- {
+ $birth = trim(Env::v('naissance'));
+ if (!preg_match('/^[0-3][0-9][01][0-9][12][90][0-9][0-9]$/', $birth)) {
$err[] = "La 'Date de naissance' n'est pas correcte.";
+ } else {
+ $year = (int)substr($birth, 4, 4);
+ $promo = (int)$sub_state['promo'];
+ if ($year > $promo - 15 || $year < $promo - 30) {
+ $err[] = "La 'Date de naissance' n'est pas correcte.";
+ $alert = "Date de naissance incorrecte a l'inscription - ";
+ }
+ }
+
+ // Check if the given email is known as dangerous
+ $res = Xdb::iterRow("SELECT w.state, w.description, a.alias
+ FROM emails AS e
+ INNER JOIN emails_watch AS w ON (e.email = w.email AND w.state != 'safe')
+ INNER JOIN aliases AS a ON (e.uid = a.id AND a.type = 'a_vie')
+ WHERE e.email = {?}
+ ORDER BY a.alias", Post::v('email'));
+ $aliases = array();
+ while(list($gstate, $gdescription, $alias) = $res->next()) {
+ $state = $gstate;
+ $description = $gdescription;
+ $aliases[] = $alias;
+ }
+ if (count($aliases) != 0) {
+ $alert .= "Email surveille propose a l'inscription - ";
+ }
+ if ($sub_state['watch']) {
+ $alter .= "Inscription d'un utilisateur surveillé - ";
+ }
+
+ if (check_ip('unsafe')) {
+ unset($err);
}
if (isset($err)) {
$err = join('
', $err);
} else {
- $birth = Env::get('naissance');
$sub_state['naissance'] = sprintf("%s-%s-%s",
substr($birth,4,4),
substr($birth,2,2),
substr($birth,0,2));
- $sub_state['email'] = Post::get('email');
- $sub_state['step'] = 4;
- finish_ins($sub_state);
+ $sub_state['email'] = Post::v('email');
+ if (check_ip('unsafe')) {
+ $err = "Une erreur s'est produite lors de l'inscription."
+ . " Merci de contacter register@polytechnique.org"
+ . " pour nous faire part de cette erreur";
+ $alert .= "Tentative d'inscription depuis une IP surveillee";
+ } else {
+ $sub_state['step'] = 4;
+ if (count($sub_state['backs']) >= 3) {
+ $alert .= "Fin d'une inscription hésitante";
+ }
+ finish_ins($sub_state);
+ }
}
}
break;
}
$_SESSION['sub_state'] = $sub_state;
+ if ($alert) {
+ send_warning_mail($alert);
+ }
$page->changeTpl('register/step'.intval($sub_state['step']).'.tpl');
- $page->assign('simple', true);
if (isset($err)) {
$page->trig($err);
}
@@ -155,7 +214,7 @@ class RegisterModule extends PLModule
function handler_end_old(&$page)
{
- return $this->handler_end($page, Env::get('hash'));
+ return $this->handler_end($page, Env::v('hash'));
}
function handler_end(&$page, $hash = null)
@@ -163,7 +222,7 @@ class RegisterModule extends PLModule
global $globals;
$page->changeTpl('register/end.tpl');
-
+ $_SESSION['sub_state'] = array('step' => 5);
require_once('user.func.inc.php');
if ($hash) {
@@ -182,14 +241,14 @@ class RegisterModule extends PLModule
$page->kill("
Cette adresse n'existe pas, ou plus, sur le serveur.
Causes probables :