X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fregister.php;h=7fea99343bd02556a121ebe95cd4446b6938e8a7;hb=01ab5780ddaab6adf864c576205905ac37dfbe65;hp=389d664feb28ad33817956b6a9727769b41cd818;hpb=5f5f0eb548c40e4bf0619d3b917c7f6a58fba5e1;p=platal.git diff --git a/modules/register.php b/modules/register.php index 389d664..7fea993 100644 --- a/modules/register.php +++ b/modules/register.php @@ -1,6 +1,6 @@ $this->make_hook('end', AUTH_PUBLIC), 'register/end.php' => $this->make_hook('end_old', AUTH_PUBLIC), 'register/success' => $this->make_hook('success', AUTH_MDP), + 'register/save' => $this->make_hook('save', AUTH_MDP), ); } @@ -48,7 +49,7 @@ class RegisterModule extends PLModule $sub_state['backs'][] = $state; if (count($sub_state['backs']) == 3) { $alert .= "Tentative d'inscription tres hesitante - "; - } + } } // Compatibility with old sources, keep it atm @@ -58,11 +59,11 @@ class RegisterModule extends PLModule if ($hash) { $res = XDB::query( - "SELECT m.uid, u.promo, u.nom, u.prenom, u.matricule, FIND_IN_SET('watch', u.flags) + "SELECT m.uid, u.promo, u.nom, u.prenom, u.matricule, u.naissance_ini, FIND_IN_SET('watch', u.flags) FROM register_marketing AS m INNER JOIN auth_user_md5 AS u ON u.user_id = m.uid WHERE m.hash={?}", $hash); - if (list($uid, $promo, $nom, $prenom, $ourmat, $watch) = $res->fetchOneRow()) { + if (list($uid, $promo, $nom, $prenom, $ourmat, $naiss, $watch) = $res->fetchOneRow()) { $sub_state['uid'] = $uid; $sub_state['hash'] = $hash; $sub_state['promo'] = $promo; @@ -70,6 +71,7 @@ class RegisterModule extends PLModule $sub_state['prenom'] = $prenom; $sub_state['ourmat'] = $ourmat; $sub_state['watch'] = $watch; + $sub_state['naissance_ini'] = $naiss; XDB::execute( "REPLACE INTO register_mstats (uid,sender,success) @@ -142,32 +144,35 @@ class RegisterModule extends PLModule "valide, en particulier, il ne peut pas être renvoyé vers lui-même."; } $birth = trim(Env::v('naissance')); - if (!preg_match('/^[0-3][0-9][01][0-9][12][90][0-9][0-9]$/', $birth)) { + if (!preg_match('@^[0-3]?\d/[01]?\d/(19|20)?\d{2}$@', $birth)) { $err[] = "La 'Date de naissance' n'est pas correcte."; } else { - $year = (int)substr($birth, 4, 4); + $birth = explode('/', $birth, 3); + for ($i = 0; $i < 3; $i++) + $birth[$i] = intval($birth[$i]); + if ($birth[2] < 100) $birth[2] += 1900; + $year = $birth[2]; $promo = (int)$sub_state['promo']; if ($year > $promo - 15 || $year < $promo - 30) { $err[] = "La 'Date de naissance' n'est pas correcte."; $alert = "Date de naissance incorrecte a l'inscription - "; + $sub_state['wrong_naissance'] = $birth; } } // Check if the given email is known as dangerous - $res = Xdb::iterRow("SELECT w.state, w.description, a.alias - FROM emails AS e - INNER JOIN emails_watch AS w ON (e.email = w.email AND w.state != 'safe') - INNER JOIN aliases AS a ON (e.uid = a.id AND a.type = 'a_vie') - WHERE e.email = {?} - ORDER BY a.alias", Post::v('email')); - $aliases = array(); - while(list($gstate, $gdescription, $alias) = $res->next()) { - $state = $gstate; - $description = $gdescription; - $aliases[] = $alias; - } - if (count($aliases) != 0) { + $res = XDB::query("SELECT w.state, w.description + FROM emails_watch AS w + WHERE w.email = {?} AND w.state != 'safe'", + Post::v('email')); + $email_banned = false; + if ($res->numRows()) { + list($state, $description) = $res->fetchOneRow(); $alert .= "Email surveille propose a l'inscription - "; + $sub_state['email_desc'] = $description; + if ($state == 'dangerous') { + $email_banned = true; + } } if ($sub_state['watch']) { $alter .= "Inscription d'un utilisateur surveillé - "; @@ -180,16 +185,22 @@ class RegisterModule extends PLModule if (isset($err)) { $err = join('
', $err); } else { - $sub_state['naissance'] = sprintf("%s-%s-%s", - substr($birth,4,4), - substr($birth,2,2), - substr($birth,0,2)); + $sub_state['naissance'] = sprintf("%04d-%02d-%02d", + intval($birth[2]), intval($birth[1]), intval($birth[0])); + if ($sub_state['naissance_ini'] != '0000-00-00' && $sub_state['naissance'] != $sub_state['naissance_ini']) { + $alert .= "Date de naissance incorrecte à l'inscription - "; + } $sub_state['email'] = Post::v('email'); - if (check_ip('unsafe')) { + $ip_banned = check_ip('unsafe'); + if ($ip_banned) { + $alert .= "Tentative d'inscription depuis une IP surveillee"; + } + if ($email_banned || $ip_banned) { + global $globals; $err = "Une erreur s'est produite lors de l'inscription." - . " Merci de contacter register@polytechnique.org" + . " Merci de contacter = 3) { @@ -221,22 +232,31 @@ class RegisterModule extends PLModule { global $globals; + $page->changeTpl('register/end.tpl'); $_SESSION['sub_state'] = array('step' => 5); + + if (check_ip('unsafe')) { + send_warning_mail('Une IP surveillée a tenté de finaliser son inscription'); + XDB::execute('DELETE FROM register_pending + WHERE hash = {?} AND hash != \'INSCRIT\'', $hash); + return PL_FORBIDDEN; + } + require_once('user.func.inc.php'); if ($hash) { $res = XDB::query( "SELECT r.uid, r.forlife, r.bestalias, r.mailorg2, r.password, r.email, r.naissance, u.nom, u.prenom, - u.promo, u.flags + u.promo, FIND_IN_SET('femme', u.flags), u.naissance_ini FROM register_pending AS r INNER JOIN auth_user_md5 AS u ON r.uid = u.user_id WHERE hash={?} AND hash!='INSCRIT'", $hash); } if (!$hash || !list($uid, $forlife, $bestalias, $mailorg2, $password, $email, - $naissance, $nom, $prenom, $promo, $femme) = $res->fetchOneRow()) + $naissance, $nom, $prenom, $promo, $femme, $naiss_ini) = $res->fetchOneRow()) { $page->kill("

Cette adresse n'existe pas, ou plus, sur le serveur.

Causes probables :

@@ -293,7 +313,13 @@ class RegisterModule extends PLModule $mymail->assign('prenom', $prenom); $mymail->send(); - if (!start_connexion($uid,false)) { + require_once('user.func.inc.php'); + user_reindex($uid); + + // update number of subscribers (perms has changed) + update_NbIns(); + + if (!start_connexion($uid, false)) { return PL_FORBIDDEN; } $_SESSION['auth'] = AUTH_MDP; @@ -302,22 +328,26 @@ class RegisterModule extends PLModule /************* envoi d'un mail au démarcheur ***************/ /***********************************************************/ $res = XDB::iterRow( - "SELECT DISTINCT sa.alias, IF(s.nom_usage,s.nom_usage,s.nom) AS nom, - s.prenom, FIND_IN_SET('femme', s.flags) AS femme + "SELECT sa.alias, IF(s.nom_usage,s.nom_usage,s.nom) AS nom, + s.prenom, FIND_IN_SET('femme', s.flags) AS femme, + GROUP_CONCAT(m.email) AS mails, MAX(m.last) AS dateDernier FROM register_marketing AS m INNER JOIN auth_user_md5 AS s ON ( m.sender = s.user_id ) INNER JOIN aliases AS sa ON ( sa.id = m.sender AND FIND_IN_SET('bestalias', sa.flags) ) - WHERE m.uid = {?}", $uid); + WHERE m.uid = {?} + GROUP BY m.sender", $uid); XDB::execute("UPDATE register_mstats SET success=NOW() WHERE uid={?}", $uid); - while (list($salias, $snom, $sprenom, $sfemme) = $res->next()) { + $market = array(); + while (list($salias, $snom, $sprenom, $sfemme, $mails, $dateDernier) = $res->next()) { + $market[] = " - par $snom $sprenom sur $mails (le plus récemment le $dateDernier)"; $mymail = new PlMailer(); $mymail->setSubject("$prenom $nom s'est inscrit à Polytechnique.org !"); - $mymail->setFrom('"Marketing Polytechnique.org" '); + $mymail->setFrom('"Marketing Polytechnique.org" mail->domain . '>'); $mymail->addTo("\"$sprenom $snom\" <$salias@{$globals->mail->domain}>"); $msg = ($sfemme?'Chère':'Cher')." $sprenom,\n\n" - . "Nous t'écrivons pour t'informer que {$prenom} {$nom} (X{$promo}), " + . "Nous t'écrivons pour t'informer que $prenom $nom (X$promo), " . "que tu avais incité".($femme?'e':'')." à s'inscrire à Polytechnique.org, " . "vient à l'instant de terminer son inscription.\n\n" . "Merci de ta participation active à la reconnaissance de ce site !!!\n\n" @@ -331,24 +361,31 @@ class RegisterModule extends PLModule if ($globals->register->notif) { $mymail = new PlMailer(); $mymail->setSubject("Inscription de $prenom $nom (X$promo)"); - $mymail->setFrom('"Webmaster Polytechnique.org" '); + $mymail->setFrom('"Webmaster Polytechnique.org" mail->domain . '>'); $mymail->addTo($globals->register->notif); + $mymail->addHeader('Reply-To', $globals->register->notif); $msg = "$prenom $nom (X$promo) a terminé son inscription avec les données suivantes :\n" . " - nom : $nom\n" . " - prenom : $prenom\n" . " - promo : $promo\n" - . " - naissance : $naissance\n" + . " - naissance : $naissance (date connue : $naiss_ini)\n" . " - forlife : $forlife\n" . " - email : $email\n" . " - sexe : $femme\n" - . " - ip : " . (@$_SERVER['HTTP_X_FORWARDED_FOR'] ? $_SERVER['HTTP_X_FORWARDED_FOR'] - : $_SERVER['REMOTE_ADDR']) . "\n" - . " - proxy : " . (@$_SERVER['HTTP_X_FORWARDED_FOR'] ? $_SERVER['REMOTE_ADDR'] : "") . "\n"; + . " - ip : {$logger->ip} ({$logger->host})\n" + . ($logger->proxy_ip ? " - proxy : {$logger->proxy_ip} ({$logger->proxy_host})\n" : "") + . "\n\n"; + if (count($market) > 0) { + $msg .= "Les marketings suivants avaient été effectués :\n" + . implode("\n", $market); + } else { + $msg .= "$prenom $nom n'a jamais reçu de mail de marketing."; + } $mymail->setTxtBody($msg); - $mymail->send(); + $mymail->send(); } - XDB::execute("DELETE FROM register_marketing WHERE uid = {?}", $uid); + Marketing::clear($uid); pl_redirect('register/success'); $page->assign('uid', $uid); @@ -356,6 +393,7 @@ class RegisterModule extends PLModule function handler_success(&$page) { + global $globals; $page->changeTpl('register/success.tpl'); $_SESSION['sub_state'] = array('step' => 5); @@ -366,7 +404,18 @@ class RegisterModule extends PLModule WHERE user_id={?}', $password, S::v('uid')); - $log =& S::v('log'); + // If GoogleApps is enabled, and the user did choose to use synchronized passwords, + // and if the (stupid) user has decided to user /register/success another time, + // updates the Google Apps password as well. + if ($globals->mailstorage->googleapps_domain) { + require_once 'googleapps.inc.php'; + $account = new GoogleAppsAccount(S::v('uid'), S::v('forlife')); + if ($account->active() && $account->sync_password) { + $account->set_password($password); + } + } + + $log = S::v('log'); $log->log('passwd', ''); if (Cookie::v('ORGaccess')) { @@ -377,8 +426,75 @@ class RegisterModule extends PLModule $page->assign('mdpok', true); } + $res = XDB::iterRow("SELECT sub, domain + FROM register_subs + WHERE uid = {?} AND type = 'list' + ORDER BY domain", + S::i('uid')); + $current_domain = null; + $lists = array(); + while (list($sub, $domain) = $res->next()) { + if ($current_domain != $domain) { + $current_domain = $domain; + $client = new MMList(S::v('uid'), S::v('password'), $domain); + } + list($details, ) = $client->get_members($sub); + $lists["$sub@$domain"] = $details; + } + $page->assign_by_ref('lists', $lists); + $page->addJsLink('motdepasse.js'); } + + function handler_save(&$page) + { + global $globals; + + // Finish registration procedure + if (Post::v('register_from_ax_question')) { + XDB::execute('UPDATE auth_user_quick + SET profile_from_ax = 1 + WHERE user_id = {?}', + S::v('uid')); + } + if (Post::v('add_to_nl')) { + require_once 'newsletter.inc.php'; + NewsLetter::subscribe(); + } + if (Post::v('add_to_ax')) { + require_once dirname(__FILE__) . '/axletter/axletter.inc.php'; + AXLetter::subscribe(); + } + if (Post::v('add_to_promo')) { + $r = XDB::query('SELECT id FROM groupex.asso WHERE diminutif = {?}', + S::v('promo')); + $asso_id = $r->fetchOneCell(); + XDB::execute('REPLACE INTO groupex.membres (uid,asso_id) + VALUES ({?}, {?})', + S::v('uid'), $asso_id); + $mmlist = new MMList(S::v('uid'), S::v('password')); + $mmlist->subscribe("promo".S::v('promo')); + } + if (Post::v('sub_ml')) { + $subs = array_keys(Post::v('sub_ml')); + $current_domain = null; + foreach ($subs as $list) { + list($sub, $domain) = explode('@', $list); + if ($domain != $current_domain) { + $current_domain = $domain; + $client = new MMList(S::v('uid'), S::v('password'), $domain); + } + $client->subscribe($sub); + } + } + if (Post::v('imap')) { + require_once 'emails.inc.php'; + $storage = new EmailStorage(S::v('uid'), 'imap'); + $storage->activate(); + } + + pl_redirect('profile/edit'); + } } // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: