X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fregister.php;h=77dff4d4467cdea02260d2f4004b00925cd59866;hb=1490093c909c086ce8eba3c0f5c24b62ef20cfb3;hp=b15c9cb5179a185c14ccb3b9337b6cc03cd0e31b;hpb=7f54d35cba90063f7aed6984d5995eb8b3134abc;p=platal.git
diff --git a/modules/register.php b/modules/register.php
index b15c9cb..77dff4d 100644
--- a/modules/register.php
+++ b/modules/register.php
@@ -1,6 +1,6 @@
fetchOneRow()) {
+ if (list($uid, $promo, $nom, $prenom, $ourmat, $watch) = $res->fetchOneRow()) {
$sub_state['uid'] = $uid;
$sub_state['hash'] = $hash;
$sub_state['promo'] = $promo;
$sub_state['nom'] = $nom;
$sub_state['prenom'] = $prenom;
$sub_state['ourmat'] = $ourmat;
+ $sub_state['watch'] = $watch;
XDB::execute(
"REPLACE INTO register_mstats (uid,sender,success)
@@ -70,11 +81,13 @@ class RegisterModule extends PLModule
switch ($sub_state['step']) {
case 0:
+ require_once('wiki.inc.php');
+ wiki_require_page('Reference.Charte');
if (Post::has('step1')) {
$sub_state['step'] = 1;
if (isset($sub_state['hash'])) {
$sub_state['step'] = 3;
- require_once('register.inc.php');
+ require_once(dirname(__FILE__) . '/register/register.inc.php');
create_aliases($sub_state);
}
}
@@ -83,8 +96,13 @@ class RegisterModule extends PLModule
case 1:
if (Post::has('promo')) {
$promo = Post::i('promo');
- if ($promo < 1900 || $promo > date('Y')) {
- $err = "La promotion saisie est incorrecte !";
+ $res = XDB::query("SELECT COUNT(*)
+ FROM auth_user_md5
+ WHERE perms='pending' AND deces = '0000-00-00'
+ AND promo = {?}",
+ $promo);
+ if (!$res->fetchOneCell()) {
+ $err = "La promotion saisie est incorrecte ou tous les camardes de cette promo sont inscrits !";
} else {
$sub_state['step'] = 2;
$sub_state['promo'] = $promo;
@@ -99,7 +117,7 @@ class RegisterModule extends PLModule
case 2:
if (count($_POST)) {
- require_once('register.inc.php');
+ require_once(dirname(__FILE__) . '/register/register.inc.php');
$sub_state['prenom'] = Post::v('prenom');
$sub_state['nom'] = Post::v('nom');
$sub_state['mat'] = Post::v('mat');
@@ -116,14 +134,14 @@ class RegisterModule extends PLModule
case 3:
if (count($_POST)) {
- require_once('register.inc.php');
+ require_once(dirname(__FILE__) . '/register/register.inc.php');
if (!isvalid_email(Post::v('email'))) {
$err[] = "Le champ 'E-mail' n'est pas valide.";
} elseif (!isvalid_email_redirection(Post::v('email'))) {
$err[] = $sub_state['forlife']." doit renvoyer vers un email existant ".
- "valide, en particulier, il ne peut pas être renvoyé vers lui-même.";
+ "valide, en particulier, il ne peut pas être renvoyé vers lui-même.";
}
- $birth = Env::v('naissance');
+ $birth = trim(Env::v('naissance'));
if (!preg_match('/^[0-3][0-9][01][0-9][12][90][0-9][0-9]$/', $birth)) {
$err[] = "La 'Date de naissance' n'est pas correcte.";
} else {
@@ -131,21 +149,34 @@ class RegisterModule extends PLModule
$promo = (int)$sub_state['promo'];
if ($year > $promo - 15 || $year < $promo - 30) {
$err[] = "La 'Date de naissance' n'est pas correcte.";
-
- require_once("diogenes/diogenes.hermes.inc.php");
- $mailer = new HermesMailer();
- $mailer->setFrom("webmaster@polytechnique.org");
- $mailer->addTo("hotliners@polytechnique.org");
- $mailer->setSubject("ERREUR LORS DE L'INSCRIPTION de "
- . $sub_state['prenom'] . ' ' . $sub_state['nom'] . '(' . $promo . ')');
- $mailer->setTxtBody(
- "Date de naissance proposée $birth"
- . "\n\nIndentifiants :\n" . var_export($sub_state, true)
- . "\n\nInformations de connexion :\n" . var_export($_SERVER, true));
- $mailer->send();
+ $alert = "Date de naissance incorrecte a l'inscription - ";
}
}
+ // Check if the given email is known as dangerous
+ $res = Xdb::iterRow("SELECT w.state, w.description, a.alias
+ FROM emails AS e
+ INNER JOIN emails_watch AS w ON (e.email = w.email AND w.state != 'safe')
+ INNER JOIN aliases AS a ON (e.uid = a.id AND a.type = 'a_vie')
+ WHERE e.email = {?}
+ ORDER BY a.alias", Post::v('email'));
+ $aliases = array();
+ while(list($gstate, $gdescription, $alias) = $res->next()) {
+ $state = $gstate;
+ $description = $gdescription;
+ $aliases[] = $alias;
+ }
+ if (count($aliases) != 0) {
+ $alert .= "Email surveille propose a l'inscription - ";
+ }
+ if ($sub_state['watch']) {
+ $alter .= "Inscription d'un utilisateur surveillé - ";
+ }
+
+ if (check_ip('unsafe')) {
+ unset($err);
+ }
+
if (isset($err)) {
$err = join('
', $err);
} else {
@@ -154,15 +185,28 @@ class RegisterModule extends PLModule
substr($birth,2,2),
substr($birth,0,2));
$sub_state['email'] = Post::v('email');
- $sub_state['step'] = 4;
- finish_ins($sub_state);
+ if (check_ip('unsafe')) {
+ $err = "Une erreur s'est produite lors de l'inscription."
+ . " Merci de contacter register@polytechnique.org"
+ . " pour nous faire part de cette erreur";
+ $alert .= "Tentative d'inscription depuis une IP surveillee";
+ } else {
+ $sub_state['step'] = 4;
+ if (count($sub_state['backs']) >= 3) {
+ $alert .= "Fin d'une inscription hésitante";
+ }
+ finish_ins($sub_state);
+ }
}
}
break;
}
$_SESSION['sub_state'] = $sub_state;
- $page->changeTpl('register/step'.intval($sub_state['step']).'.tpl', SIMPLE);
+ if ($alert) {
+ send_warning_mail($alert);
+ }
+ $page->changeTpl('register/step'.intval($sub_state['step']).'.tpl');
if (isset($err)) {
$page->trig($err);
}
@@ -178,7 +222,7 @@ class RegisterModule extends PLModule
global $globals;
$page->changeTpl('register/end.tpl');
-
+ $_SESSION['sub_state'] = array('step' => 5);
require_once('user.func.inc.php');
if ($hash) {
@@ -197,14 +241,14 @@ class RegisterModule extends PLModule
$page->kill("
Cette adresse n'existe pas, ou plus, sur le serveur.
Causes probables :