X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fxnetevents.php;h=889346e0077b9b1133af4d520e64bca1f3e3b65b;hb=d2100923749766ffcf61745b0145cf82a3886716;hp=3295ca056e931b00d8b8d17da151e265b9da4ef8;hpb=8b83a166c039c798039818bda7114275dcec33f0;p=platal.git diff --git a/modules/xnetevents.php b/modules/xnetevents.php index 3295ca0..889346e 100644 --- a/modules/xnetevents.php +++ b/modules/xnetevents.php @@ -1,6 +1,6 @@ $this->make_hook('events', AUTH_MDP), '%grp/events/sub' => $this->make_hook('sub', AUTH_MDP), - '%grp/events/csv' => $this->make_hook('csv', AUTH_MDP), - '%grp/events/ical' => $this->make_hook('ical', AUTH_MDP), - '%grp/events/edit' => $this->make_hook('edit', AUTH_MDP), - '%grp/events/admin' => $this->make_hook('admin', AUTH_MDP), + '%grp/events/csv' => $this->make_hook('csv', AUTH_MDP, 'user', NO_HTTPS), + '%grp/events/ical' => $this->make_hook('ical', AUTH_MDP, 'user', NO_HTTPS), + '%grp/events/edit' => $this->make_hook('edit', AUTH_MDP, 'groupadmin'), + '%grp/events/admin' => $this->make_hook('admin', AUTH_MDP, 'groupmember'), ); } @@ -39,15 +39,10 @@ class XnetEventsModule extends PLModule { global $globals; - if ($archive == 'archive') { - $archive = true; - new_groupadmin_page('xnetevents/index.tpl'); - } else { - $archive = false; - new_group_open_page('xnetevents/index.tpl'); - } - + $page->changeTpl('xnetevents/index.tpl'); $action = null; + $archive = ($archive == 'archive' && may_update()); + if (Post::has('del')) { $action = 'del'; $eid = Post::v('del'); @@ -63,6 +58,7 @@ class XnetEventsModule extends PLModule if (!may_update()) { return PL_FORBIDDEN; } + S::assert_xsrf_token(); $res = XDB::query("SELECT asso_id, short_name FROM groupex.evenements WHERE eid = {?} AND asso_id = {?}", @@ -102,6 +98,7 @@ class XnetEventsModule extends PLModule XDB::execute("DELETE FROM requests WHERE type = 'paiements' AND data LIKE {?}", PayReq::same_event($eid, $globals->asso('id'))); + $globals->updateNbValid(); } if ($action == 'archive') { @@ -117,40 +114,41 @@ class XnetEventsModule extends PLModule WHERE eid = {?} AND asso_id = {?}", $eid, $globals->asso('id')); } - - $page->assign('archive', $archive); - $page->assign('admin', may_update()); - $evenements = XDB::iterator( - "SELECT e.*, LEFT(10, e.debut) AS debut_day, LEFT(10, e.fin) AS fin_day, - IF(e.deadline_inscription, e.deadline_inscription >= LEFT(NOW(), 10), - 1) AS inscr_open, e.deadline_inscription, - u.nom, u.prenom, u.promo, a.alias, - MAX(ep.nb) IS NOT NULL AS inscrit, MAX(ep.paid) AS paid - FROM groupex.evenements AS e - INNER JOIN x4dat.auth_user_md5 AS u ON u.user_id = e.organisateur_uid - INNER JOIN x4dat.aliases AS a ON (a.type = 'a_vie' AND a.id = u.user_id) - LEFT JOIN groupex.evenements_participants AS ep ON (ep.eid = e.eid AND ep.uid = {?}) - WHERE asso_id = {?} - AND archive = " . ($archive ? "1 " : "0 ") - . (is_member() || may_update() ? "" : " AND accept_nonmembre != 0 ") - . "GROUP BY e.eid - ORDER BY inscr_open DESC, debut DESC", S::v('uid'), $globals->asso('id')); + $page->assign('archive', $archive); + $evenements = XDB::iterator('SELECT e.*, LEFT(10, e.debut) AS first_day, LEFT(10, e.fin) AS last_day, + IF(e.deadline_inscription, + e.deadline_inscription >= LEFT(NOW(), 10), + 1) AS inscr_open, + e.deadline_inscription, + MAX(ep.nb) IS NOT NULL AS inscrit, MAX(ep.paid) AS paid + FROM groupex.evenements AS e + LEFT JOIN groupex.evenements_participants AS ep ON (ep.eid = e.eid AND ep.uid = {?}) + WHERE asso_id = {?} AND archive = {?} + GROUP BY e.eid + ORDER BY inscr_open DESC, debut DESC', + S::i('uid'), $globals->asso('id'), $archive ? 1 : 0); $evts = array(); + $undisplayed_events = 0; + $this->load('xnetevents.inc.php'); while ($e = $evenements->next()) { + if (!is_member() && !may_update() && !$e['accept_nonmembre']) { + $undisplayed_events ++; + continue; + } + $e['show_participants'] = ($e['show_participants'] && (is_member() || may_update())); - $res = XDB::query( - "SELECT titre, details, montant, ei.item_id, nb - FROM groupex.evenements_items AS ei - LEFT JOIN groupex.evenements_participants AS ep - ON (ep.eid = ei.eid AND ep.item_id = ei.item_id AND uid = {?}) - WHERE ei.eid = {?}", - S::v('uid'), $e['eid']); - $e['moments'] = $res->fetchAllAssoc(); + $e['moments'] = XDB::fetchAllAssoc('SELECT titre, details, montant, ei.item_id, nb, ep.paid + FROM groupex.evenements_items AS ei + LEFT JOIN groupex.evenements_participants AS ep + ON (ep.eid = ei.eid AND ep.item_id = ei.item_id AND ep.uid = {?}) + WHERE ei.eid = {?}', + S::i('uid'), $e['eid']); $e['topay'] = 0; + $e['paid'] = $e['moments'][0]['paid']; foreach ($e['moments'] as $m) { $e['topay'] += $m['nb'] * $m['montant']; } @@ -166,38 +164,55 @@ class XnetEventsModule extends PLModule $e['paid'] += trim($p); } + make_event_date($e); + if (Env::has('updated') && $e['eid'] == Env::i('updated')) { $page->assign('updated', $e); } $evts[] = $e; } - + $page->assign('evenements', $evts); - $page->assign('is_member', is_member()); + $page->assign('undisplayed_events', $undisplayed_events); } function handler_sub(&$page, $eid = null) { - require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php'; - - new_group_open_page('xnetevents/subscribe.tpl'); + $this->load('xnetevents.inc.php'); + $page->changeTpl('xnetevents/subscribe.tpl'); $evt = get_event_detail($eid); - if (!$evt) { + if (is_null($evt)) { return PL_NOT_FOUND; } + if ($evt === false) { + global $globals, $platal; + $url = $globals->asso('sub_url'); + if (empty($url)) { + $url = $platal->ns . 'subscribe'; + } + $page->kill('Cet événement est reservé aux membres du groupe ' . $globals->asso('nom') . + '. Pour devenir membre, rends-toi sur la page de demande d\'inscripton.'); + } if (!$evt['inscr_open']) { - $page->kill('Les inscriptions pour cet événement sont closes'); + $page->kill('Les inscriptions pour cet événement sont closes'); } if (!$evt['accept_nonmembre'] && !is_member() && !may_update()) { - $page->kill('Cet événement est fermé aux non-membres du groupe'); + $page->kill('Cet événement est fermé aux non-membres du groupe'); } + global $globals; + $res = XDB::query("SELECT stamp FROM requests + WHERE type = 'paiements' AND data LIKE {?}", + PayReq::same_event($evt['eid'], $globals->asso('id'))); + $page->assign('validation', $res->numRows()); $page->assign('event', $evt); if (!Post::has('submit')) { return; + } else { + S::assert_xsrf_token(); } $moments = Post::v('moment', array()); @@ -212,7 +227,7 @@ class XnetEventsModule extends PLModule if (!isset($pers[$j]) || !is_numeric($pers[$j]) || $pers[$j] < 0) { - $page->trig('Tu dois choisir un nombre d\'invités correct !'); + $page->trigError('Tu dois choisir un nombre d\'invités correct !'); return; } $subs[$j] = 1 + $pers[$j]; @@ -220,35 +235,39 @@ class XnetEventsModule extends PLModule } // impossible to unsubscribe if you already paid sthing - if (array_sum($subs) && $evt['paid'] != 0) { - $page->trig("Impossible de te désinscrire complètement ". - "parce que tu as fait un paiement par ". - "chèque ou par liquide. Contacte un ". - "administrateur du groupe si tu es sûr de ". - "ne pas venir"); + if (!array_sum($subs) && $evt['paid'] != 0) { + $page->trigError("Impossible de te désinscrire complètement ". + "parce que tu as fait un paiement par ". + "chèque ou par liquide. Contacte un ". + "administrateur du groupe si tu es sûr de ". + "ne pas venir"); return; } // update actual inscriptions $updated = false; $total = 0; + $paid = $evt['paid'] ? $evt['paid'] : 0; + $telepaid= $evt['telepaid'] ? $evt['telepaid'] : 0; foreach ($subs as $j => $nb) { if ($nb >= 0) { XDB::execute( "REPLACE INTO groupex.evenements_participants - VALUES ({?}, {?}, {?}, {?}, {?})", - $eid, S::v('uid'), $j, $nb, $evt['paid']); + VALUES ({?}, {?}, {?}, {?}, {?}, {?})", + $eid, S::v('uid'), $j, $nb, Env::has('notify_payment') ? 'notify_payment' : '', + $j == 1 ? $paid - $telepaid : 0); $updated = $eid; } else { XDB::execute( "DELETE FROM groupex.evenements_participants WHERE eid = {?} AND uid = {?} AND item_id = {?}", - $eid, S::v("uid"), $j); + $eid, S::v("uid"), $j); $updated = $eid; } $total += $nb; } if ($updated !== false) { + $page->trigSuccess('Ton inscription à l\'événement a été mise à jour avec succès.'); subscribe_lists_event($total, S::i('uid'), $evt); } $page->assign('event', get_event_detail($eid)); @@ -256,7 +275,7 @@ class XnetEventsModule extends PLModule function handler_csv(&$page, $eid = null, $item_id = null) { - require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php'; + $this->load('xnetevents.inc.php'); if (!is_numeric($item_id)) { $item_id = null; @@ -267,7 +286,7 @@ class XnetEventsModule extends PLModule return PL_NOT_FOUND; } - header('Content-type: text/x-csv; encoding=iso-8859-1'); + header('Content-type: text/x-csv; encoding=UTF-8'); header('Pragma: '); header('Cache-Control: '); @@ -275,7 +294,7 @@ class XnetEventsModule extends PLModule $admin = may_update(); - $tri = (Env::v('order') == 'alpha' ? 'promo, nom, prenom' : 'nom, prenom, promo'); + $tri = (Env::v('order') == 'alpha' ? UserFilter::sortByPromo() : UserFilter::sortByName()); $page->assign('participants', get_event_participants($evt, $item_id, $tri)); @@ -283,6 +302,7 @@ class XnetEventsModule extends PLModule $page->assign('admin', $admin); $page->assign('moments', $evt['moments']); $page->assign('money', $evt['money']); + $page->assign('telepayment', $evt['paiement_id']); $page->assign('tout', !Env::v('item_id', false)); } @@ -290,7 +310,7 @@ class XnetEventsModule extends PLModule { global $globals; - require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php'; + $this->load('xnetevents.inc.php'); $evt = get_event_detail($eid); if (!$evt) { return PL_FORBIDDEN; @@ -310,11 +330,11 @@ class XnetEventsModule extends PLModule $page->assign('admin', may_update()); if (may_update()) { - $page->assign('participants', get_event_participants($evt, null, 'promo, nom, prenom')); + $page->assign('participants', get_event_participants($evt, null, UserFilter::sortByPromo())); } $page->register_function('display_ical', 'display_ical'); $page->assign_by_ref('e', $evt); - + header('Content-Type: text/calendar; charset=utf-8'); } @@ -346,16 +366,22 @@ class XnetEventsModule extends PLModule } } - new_groupadmin_page('xnetevents/edit.tpl'); + $page->changeTpl('xnetevents/edit.tpl'); - $moments = range(1, 4); + $moments = range(1, 4); + $error = false; $page->assign('moments', $moments); if (Post::v('intitule')) { - require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php'; - $short_name = event_change_shortname($page, $infos['short_name'], - Env::v('short_name', '')); + S::assert_xsrf_token(); + $this->load('xnetevents.inc.php'); + $short_name = event_change_shortname($page, $eid, + $infos['short_name'], + Env::v('short_name', '')); + if ($short_name != Env::v('short_name')) { + $error = true; + } $evt = array( 'eid' => $eid, 'asso_id' => $globals->asso('id'), @@ -419,29 +445,36 @@ class XnetEventsModule extends PLModule $eid, $i, Post::v('titre'.$i), Post::v('details'.$i), $montant); } else { - XDB::execute("DELETE FROM groupex.evenements_items + XDB::execute("DELETE FROM groupex.evenements_items WHERE eid = {?} AND item_id = {?}", $eid, $i); } } - // request for a new payment if (Post::v('paiement_id') == -1 && $money_defaut >= 0) { require_once 'validations.inc.php'; - $p = new PayReq(S::v('uid'), + $p = new PayReq(S::user(), Post::v('intitule')." - ".$globals->asso('nom'), Post::v('site'), $money_defaut, Post::v('confirmation'), 0, 999, $globals->asso('id'), $eid); - $p->submit(); + if ($p->accept()) { + $p->submit(); + } else { + $page->assign('paiement_message', Post::v('confirmation')); + $page->assign('paiement_site', Post::v('site')); + $error = true; + } } // events with no sub-event: add a sub-event with no name if ($nb_moments == 0) { XDB::execute("INSERT INTO groupex.evenements_items - VALUES ({?}, {?}, '', '', 0)", $eid, 1); + VALUES ({?}, {?}, '', '', 0)", $eid, 1); } - pl_redirect('events'); + if (!$error) { + pl_redirect('events'); + } } // get a list of all the payment for this asso @@ -469,7 +502,7 @@ class XnetEventsModule extends PLModule PayReq::same_event($eid, $globals->asso('id'))); $stamp = $res->fetchOneCell(); if ($stamp) { - $evt['paiement_id'] = -2; + $evt['paiement_id'] = -2; $evt['paiement_req'] = $stamp; } $page->assign('evt', $evt); @@ -493,30 +526,31 @@ class XnetEventsModule extends PLModule { global $globals; - require_once dirname(__FILE__).'/xnetevents/xnetevents.inc.php'; + $this->load('xnetevents.inc.php'); $evt = get_event_detail($eid, $item_id); if (!$evt) { return PL_NOT_FOUND; } - if ($evt['show_participants']) { - new_group_page('xnetevents/admin.tpl'); - } else { - new_groupadmin_page('xnetevents/admin.tpl'); + $page->changeTpl('xnetevents/admin.tpl'); + if (!$evt['show_participants'] && !may_update()) { + return PL_FORBIDDEN; } if (may_update() && Post::v('adm')) { + S::assert_xsrf_token(); + $member = get_infos(Post::v('mail')); if (!$member) { - $page->trig("Membre introuvable"); + $page->trigError("Membre introuvable"); } // change the price paid by a participant if (Env::v('adm') == 'prix' && $member) { XDB::execute("UPDATE groupex.evenements_participants SET paid = IF(paid + {?} > 0, paid + {?}, 0) - WHERE uid = {?} AND eid = {?}", + WHERE uid = {?} AND eid = {?} AND item_id = 1", strtr(Env::v('montant'), ',', '.'), strtr(Env::v('montant'), ',', '.'), $member['uid'], $evt['eid']); @@ -534,12 +568,9 @@ class XnetEventsModule extends PLModule foreach ($nbs as $id => $nb) { $nb = max(intval($nb), 0); - - if ($nb) { - XDB::execute("REPLACE INTO groupex.evenements_participants - VALUES ({?}, {?}, {?}, {?}, {?})", - $evt['eid'], $member['uid'], $id, $nb, $paid); - } + XDB::execute("REPLACE INTO groupex.evenements_participants + VALUES ({?}, {?}, {?}, {?}, {?}, {?})", + $evt['eid'], $member['uid'], $id, $nb, '', $id == 1 ? $paid : 0); } $res = XDB::query("SELECT COUNT(uid) AS cnt, SUM(nb) AS nb @@ -548,81 +579,64 @@ class XnetEventsModule extends PLModule GROUP BY uid", $member['uid'], $evt['eid']); $u = $res->fetchOneAssoc(); - $u = $u['cnt'] ? null : $u['nb']; + $u = $u['cnt'] ? $u['nb'] : null; subscribe_lists_event($u, $member['uid'], $evt); } $evt = get_event_detail($eid, $item_id); } - $page->assign('admin', may_update()); - $page->assign('evt', $evt); + $page->assign_by_ref('evt', $evt); $page->assign('tout', is_null($item_id)); if (count($evt['moments'])) { $page->assign('moments', $evt['moments']); } - $tri = (Env::v('order') == 'alpha' ? 'promo, nom, prenom' : 'nom, prenom, promo'); - $whereitemid = is_null($item_id) ? '' : "AND ep.item_id = $item_id"; - $res = XDB::iterRow( - 'SELECT UPPER(SUBSTRING(IF(u.nom IS NULL, m.nom, - IF(u.nom_usage<>"", u.nom_usage, u.nom)), 1, 1)), - COUNT(DISTINCT ep.uid) - FROM groupex.evenements_participants AS ep - INNER JOIN groupex.evenements AS e ON (ep.eid = e.eid) - LEFT JOIN groupex.membres AS m ON ( ep.uid = m.uid AND e.asso_id = m.asso_id) - LEFT JOIN auth_user_md5 AS u ON ( u.user_id = ep.uid ) - WHERE ep.eid = {?} '.$whereitemid.' - GROUP BY UPPER(SUBSTRING(IF(u.nom IS NULL,m.nom,u.nom), 1, 1))', $evt['eid']); - - $alphabet = array(); - $nb_tot = 0; - while (list($char, $nb) = $res->next()) { - $alphabet[ord($char)] = $char; - $nb_tot += $nb; - if (Env::has('initiale') && $char == strtoupper(Env::v('initiale'))) { - $tot = $nb; - } - } - ksort($alphabet); - $page->assign('alphabet', $alphabet); + $page->assign('alphabet', array()); + if ($evt['paiement_id']) { + $infos = User::getBulkUsersWithUIDs( + XDB::fetchAllAssoc('SELECT t.uid, t.montant + FROM ' . $globals->money->mpay_tprefix . 'transactions AS t + LEFT JOIN groupex.evenements_participants AS ep ON(ep.uid = t.uid AND ep.eid = {?}) + WHERE t.ref = {?} AND ep.uid IS NULL', + $evt['eid'], $evt['paiement_id']), + 'uid', 'user'); + $page->assign('oublis', count($infos)); + $page->assign('oubliinscription', $infos); + } + + $absents = User::getBulkUsersFromDB('SELECT p.uid + FROM groupex.evenements_participants AS p + LEFT JOIN groupex.evenements_participants AS p2 ON (p2.uid = p.uid + AND p2.eid = p.eid + AND p2.nb != 0) + WHERE p.eid = {?} AND p2.eid IS NULL + GROUP BY p.uid', $evt['eid']); $ofs = Env::i('offset'); - $tot = Env::v('initiale') ? $tot : $nb_tot; - $nbp = intval(($tot-1)/NB_PER_PAGE); - $links = array(); - if ($ofs) { - $links['précédent'] = $ofs-1; - } - for ($i = 0; $i <= $nbp; $i++) { - $links[(string)($i+1)] = $i; - } - if ($ofs < $nbp) { - $links['suivant'] = $ofs+1; - } - if (count($links)>1) { + $tot = (Env::v('initiale') ? $tot : $nb_tot); + $nbp = ceil($tot / NB_PER_PAGE); + if ($nbp > 1) { + $links = array(); + if ($ofs) { + $links['précédent'] = $ofs - 1; + } + for ($i = 1 ; $i <= $nbp; $i++) { + $links[(string)$i] = $i - 1; + } + if ($ofs < $nbp) { + $links['suivant'] = $ofs+1; + } $page->assign('links', $links); } - if ($evt['paiement_id']) { - $res = XDB::iterator( - "SELECT IF(u.nom_usage<>'', u.nom_usage, u.nom) AS nom, u.prenom, - u.promo, a.alias AS email, t.montant - FROM {$globals->money->mpay_tprefix}transactions AS t - INNER JOIN auth_user_md5 AS u ON(t.uid = u.user_id) - INNER JOIN aliases AS a ON (a.id = t.uid AND a.type='a_vie' ) - LEFT JOIN groupex.evenements_participants AS ep ON(ep.uid = t.uid AND ep.eid = {?}) - WHERE t.ref = {?} AND ep.uid IS NULL", - $evt['eid'], $evt['paiement_id']); - $page->assign('oublis', $res->total()); - $page->assign('oubliinscription', $res); - } - - $page->assign('participants', - get_event_participants($evt, $item_id, $tri, - "LIMIT ".($ofs*NB_PER_PAGE).", ".NB_PER_PAGE)); + $page->assign('absents', $absents); + $page->assign('participants', + get_event_participants($evt, $item_id, UserFilter::sortByName(), + NB_PER_PAGE, $ofs * NB_PER_PAGE)); } } +// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: ?>