X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fregister.php;h=6d1da670f6b91183b877c5762942dba39abb03d6;hb=b9fe731c528c8018002cb98b7d442acff611c710;hp=35491458de95664a3117b3c403b7091847e43f10;hpb=a7de4ef724d1a3b0bf978a50ce7cc9d23412c7a0;p=platal.git diff --git a/modules/register.php b/modules/register.php index 3549145..6d1da67 100644 --- a/modules/register.php +++ b/modules/register.php @@ -1,6 +1,6 @@ $this->make_hook('end', AUTH_PUBLIC), 'register/end.php' => $this->make_hook('end_old', AUTH_PUBLIC), 'register/success' => $this->make_hook('success', AUTH_MDP), + 'register/save' => $this->make_hook('save', AUTH_MDP), ); } @@ -48,7 +49,7 @@ class RegisterModule extends PLModule $sub_state['backs'][] = $state; if (count($sub_state['backs']) == 3) { $alert .= "Tentative d'inscription tres hesitante - "; - } + } } // Compatibility with old sources, keep it atm @@ -58,17 +59,19 @@ class RegisterModule extends PLModule if ($hash) { $res = XDB::query( - "SELECT m.uid, u.promo, u.nom, u.prenom, u.matricule + "SELECT m.uid, u.promo, u.nom, u.prenom, u.matricule, u.naissance_ini, FIND_IN_SET('watch', u.flags) FROM register_marketing AS m INNER JOIN auth_user_md5 AS u ON u.user_id = m.uid WHERE m.hash={?}", $hash); - if (list($uid, $promo, $nom, $prenom, $ourmat) = $res->fetchOneRow()) { + if (list($uid, $promo, $nom, $prenom, $ourmat, $naiss, $watch) = $res->fetchOneRow()) { $sub_state['uid'] = $uid; $sub_state['hash'] = $hash; $sub_state['promo'] = $promo; $sub_state['nom'] = $nom; $sub_state['prenom'] = $prenom; $sub_state['ourmat'] = $ourmat; + $sub_state['watch'] = $watch; + $sub_state['naissance_ini'] = $naiss; XDB::execute( "REPLACE INTO register_mstats (uid,sender,success) @@ -141,14 +144,19 @@ class RegisterModule extends PLModule "valide, en particulier, il ne peut pas être renvoyé vers lui-même."; } $birth = trim(Env::v('naissance')); - if (!preg_match('/^[0-3][0-9][01][0-9][12][90][0-9][0-9]$/', $birth)) { + if (!preg_match('@^[0-3]?\d/[01]?\d/(19|20)?\d{2}$@', $birth)) { $err[] = "La 'Date de naissance' n'est pas correcte."; } else { - $year = (int)substr($birth, 4, 4); + $birth = explode('/', $birth, 3); + for ($i = 0; $i < 3; $i++) + $birth[$i] = intval($birth[$i]); + if ($birth[2] < 100) $birth[2] += 1900; + $year = $birth[2]; $promo = (int)$sub_state['promo']; if ($year > $promo - 15 || $year < $promo - 30) { $err[] = "La 'Date de naissance' n'est pas correcte."; $alert = "Date de naissance incorrecte a l'inscription - "; + $sub_state['wrong_naissance'] = $birth; } } @@ -168,6 +176,9 @@ class RegisterModule extends PLModule if (count($aliases) != 0) { $alert .= "Email surveille propose a l'inscription - "; } + if ($sub_state['watch']) { + $alter .= "Inscription d'un utilisateur surveillé - "; + } if (check_ip('unsafe')) { unset($err); @@ -176,14 +187,16 @@ class RegisterModule extends PLModule if (isset($err)) { $err = join('
', $err); } else { - $sub_state['naissance'] = sprintf("%s-%s-%s", - substr($birth,4,4), - substr($birth,2,2), - substr($birth,0,2)); + $sub_state['naissance'] = sprintf("%04d-%02d-%02d", + intval($birth[2]), intval($birth[1]), intval($birth[0])); + if ($sub_state['naissance_ini'] != '0000-00-00' && $sub_state['naissance'] != $sub_state['naissance_ini']) { + $alert .= "Date de naissance incorrecte à l'inscription - "; + } $sub_state['email'] = Post::v('email'); if (check_ip('unsafe')) { $err = "Une erreur s'est produite lors de l'inscription." - . " Merci de contacter register@polytechnique.org" + . " Merci de contacter changeTpl('register/end.tpl'); $_SESSION['sub_state'] = array('step' => 5); + + if (check_ip('unsafe')) { + send_warning_mail('Une IP surveillée a tenté de finaliser son inscription'); + XDB::execute('DELETE FROM register_pending + WHERE hash = {?} AND hash != \'INSCRIT\'', $hash); + return PL_FORBIDDEN; + } + require_once('user.func.inc.php'); if ($hash) { $res = XDB::query( "SELECT r.uid, r.forlife, r.bestalias, r.mailorg2, r.password, r.email, r.naissance, u.nom, u.prenom, - u.promo, u.flags + u.promo, FIND_IN_SET('femme', u.flags), u.naissance_ini FROM register_pending AS r INNER JOIN auth_user_md5 AS u ON r.uid = u.user_id WHERE hash={?} AND hash!='INSCRIT'", $hash); } if (!$hash || !list($uid, $forlife, $bestalias, $mailorg2, $password, $email, - $naissance, $nom, $prenom, $promo, $femme) = $res->fetchOneRow()) + $naissance, $nom, $prenom, $promo, $femme, $naiss_ini) = $res->fetchOneRow()) { $page->kill("

Cette adresse n'existe pas, ou plus, sur le serveur.

Causes probables :

@@ -289,7 +311,13 @@ class RegisterModule extends PLModule $mymail->assign('prenom', $prenom); $mymail->send(); - if (!start_connexion($uid,false)) { + require_once('user.func.inc.php'); + user_reindex($uid); + + // update number of subscribers (perms has changed) + update_NbIns(); + + if (!start_connexion($uid, false)) { return PL_FORBIDDEN; } $_SESSION['auth'] = AUTH_MDP; @@ -298,22 +326,26 @@ class RegisterModule extends PLModule /************* envoi d'un mail au démarcheur ***************/ /***********************************************************/ $res = XDB::iterRow( - "SELECT DISTINCT sa.alias, IF(s.nom_usage,s.nom_usage,s.nom) AS nom, - s.prenom, FIND_IN_SET('femme', s.flags) AS femme + "SELECT sa.alias, IF(s.nom_usage,s.nom_usage,s.nom) AS nom, + s.prenom, FIND_IN_SET('femme', s.flags) AS femme, + GROUP_CONCAT(m.email) AS mails FROM register_marketing AS m INNER JOIN auth_user_md5 AS s ON ( m.sender = s.user_id ) INNER JOIN aliases AS sa ON ( sa.id = m.sender AND FIND_IN_SET('bestalias', sa.flags) ) - WHERE m.uid = {?}", $uid); + WHERE m.uid = {?} + GROUP BY m.sender", $uid); XDB::execute("UPDATE register_mstats SET success=NOW() WHERE uid={?}", $uid); - while (list($salias, $snom, $sprenom, $sfemme) = $res->next()) { + $market = array(); + while (list($salias, $snom, $sprenom, $sfemme, $mails) = $res->next()) { + $market[] = " - par $snom $sprenom sur $mails"; $mymail = new PlMailer(); $mymail->setSubject("$prenom $nom s'est inscrit à Polytechnique.org !"); - $mymail->setFrom('"Marketing Polytechnique.org" '); + $mymail->setFrom('"Marketing Polytechnique.org" mail->domain . '>'); $mymail->addTo("\"$sprenom $snom\" <$salias@{$globals->mail->domain}>"); $msg = ($sfemme?'Chère':'Cher')." $sprenom,\n\n" - . "Nous t'écrivons pour t'informer que {$prenom} {$nom} (X{$promo}), " + . "Nous t'écrivons pour t'informer que $prenom $nom (X$promo), " . "que tu avais incité".($femme?'e':'')." à s'inscrire à Polytechnique.org, " . "vient à l'instant de terminer son inscription.\n\n" . "Merci de ta participation active à la reconnaissance de ce site !!!\n\n" @@ -322,24 +354,31 @@ class RegisterModule extends PLModule $mymail->setTxtBody(wordwrap($msg, 72)); $mymail->send(); } + + /**** send a mail to X.org administrators ****/ if ($globals->register->notif) { $mymail = new PlMailer(); $mymail->setSubject("Inscription de $prenom $nom (X$promo)"); - $mymail->setFrom('"Webmaster Polytechnique.org" '); + $mymail->setFrom('"Webmaster Polytechnique.org" mail->domain . '>'); $mymail->addTo($globals->register->notif); $msg = "$prenom $nom (X$promo) a terminé son inscription avec les données suivantes :\n" . " - nom : $nom\n" . " - prenom : $prenom\n" . " - promo : $promo\n" - . " - naissance : $naissance\n" + . " - naissance : $naissance (date connue : $naiss_ini)\n" . " - forlife : $forlife\n" . " - email : $email\n" - . " - sexe : $femme\n"; + . " - sexe : $femme\n" + . " - ip : {$logger->ip} ({$logger->host})\n" + . ($logger->proxy_ip ? " - proxy : {$logger->proxy_ip} ({$logger->proxy_host})\n" : "") + . "\n\n" + . "Les marketings suivants avaient été effectués :\n" + . implode("\n", $market); $mymail->setTxtBody($msg); - $mymail->send(); + $mymail->send(); } - XDB::execute("DELETE FROM register_marketing WHERE uid = {?}", $uid); + Marketing::clear($uid); pl_redirect('register/success'); $page->assign('uid', $uid); @@ -357,7 +396,7 @@ class RegisterModule extends PLModule WHERE user_id={?}', $password, S::v('uid')); - $log =& S::v('log'); + $log = S::v('log'); $log->log('passwd', ''); if (Cookie::v('ORGaccess')) { @@ -368,8 +407,75 @@ class RegisterModule extends PLModule $page->assign('mdpok', true); } + $res = XDB::iterRow("SELECT sub, domain + FROM register_subs + WHERE uid = {?} AND type = 'list' + ORDER BY domain", + S::i('uid')); + $current_domain = null; + $lists = array(); + while (list($sub, $domain) = $res->next()) { + if ($current_domain != $domain) { + $current_domain = $domain; + $client = new MMList(S::v('uid'), S::v('password'), $domain); + } + list($details, ) = $client->get_members($sub); + $lists["$sub@$domain"] = $details; + } + $page->assign_by_ref('lists', $lists); + $page->addJsLink('motdepasse.js'); } + + function handler_save(&$page) + { + global $globals; + + // Finish registration procedure + if (Post::v('register_from_ax_question')) { + XDB::execute('UPDATE auth_user_quick + SET profile_from_ax = 1 + WHERE user_id = {?}', + S::v('uid')); + } + if (Post::v('add_to_nl')) { + require_once 'newsletter.inc.php'; + NewsLetter::subscribe(); + } + if (Post::v('add_to_ax')) { + require_once dirname(__FILE__) . '/axletter/axletter.inc.php'; + AXLetter::subscribe(); + } + if (Post::v('add_to_promo')) { + $r = XDB::query('SELECT id FROM groupex.asso WHERE diminutif = {?}', + S::v('promo')); + $asso_id = $r->fetchOneCell(); + XDB::execute('REPLACE INTO groupex.membres (uid,asso_id) + VALUES ({?}, {?})', + S::v('uid'), $asso_id); + $mmlist = new MMList(S::v('uid'), S::v('password')); + $mmlist->subscribe("promo".S::v('promo')); + } + if (Post::v('sub_ml')) { + $subs = array_keys(Post::v('sub_ml')); + $current_domain = null; + foreach ($subs as $list) { + list($sub, $domain) = explode('@', $list); + if ($domain != $current_domain) { + $current_domain = $domain; + $client = new MMList(S::v('uid'), S::v('password'), $domain); + } + $client->subscribe($sub); + } + } + if (Post::v('imap')) { + require_once 'emails.inc.php'; + $storage = new MailStorageIMAP(S::v('uid')); + $storage->enable(); + } + + pl_redirect('profile/edit'); + } } // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: