build: core conf banana wiki openid medals jquery
+check:
+ @find . -name '*.php' -exec php -l {} ";" | grep -v 'No syntax errors detected'
+
q:
@echo -e "Code statistics\n"
@sloccount $(filter-out wiki/ spool/, $(wildcard */)) 2> /dev/null | egrep '^[a-z]*:'
JQUERY_PLUGINS=color
JQUERY_PLUGINS_PATHES=$(addprefix htdocs/javascript/jquery.,$(addsuffix .js,$(JQUERY_PLUGINS)))
-jquery: htdocs/javascript/jquery.js htdocs/javascript/jquery.autocomplete.js $(JQUERY_PLUGINS_PATHES)
+JQUERY_UI=core tabs
+JQUERY_UI_PATHES=$(addprefix htdocs/javascript/ui.,$(addsuffix .js,$(JQUERY_UI)))
+
+jquery: htdocs/javascript/jquery.js htdocs/javascript/jquery.autocomplete.js $(JQUERY_PLUGINS_PATHES) $(JQUERY_UI_PATHES)
htdocs/javascript/jquery.js: DOWNLOAD_SRC = http://jquery.com/src/jquery-latest.min.js
htdocs/javascript/jquery.js:
$(JQUERY_PLUGINS_PATHES):
@$(download)
+$(JQUERY_UI_PATHES): DOWNLOAD_SRC = http://ui.jquery.com/latest/ui/$(@F)
+$(JQUERY_UI_PATHES):
+ @$(download)
+
################################################################################
-.PHONY: build dist clean core wiki build-wiki banana htdocs/images/banana htdocs/css/banana.css include/banana/banana.inc.php http*
+.PHONY: build dist clean core wiki build-wiki banana htdocs/images/banana htdocs/css/banana.css include/banana/banana.inc.php http* check
public function updateNbIns()
{
$res = XDB::query("SELECT COUNT(*)
- FROM auth_user_md5
- WHERE perms IN ('admin','user') AND deces=0");
+ FROM accounts
+ WHERE state = 'active'");
$cnt = $res->fetchOneCell();
$this->changeDynamicConfig(array('NbIns' => $cnt));
}
$this->session = $this->writeSession($uid, $suid);
// retrieve available actions
- $res = XDB::iterRow("SELECT id, text FROM logger.actions");
-
- while (list($action_id, $action_text) = $res->next()) {
- $this->actions[$action_text] = $action_id;
- }
+ $this->actions = XDB::fetchAllAssoc('text', 'SELECT id, text
+ FROM logger.actions');
}
/** Creates a new session entry in database and return its ID.
$proxy = 'proxy';
}
- XDB::execute("INSERT INTO logger.sessions
- SET uid={?}, host={?}, ip={?}, forward_ip={?}, forward_host={?}, browser={?}, suid={?}, flags={?}",
+ XDB::execute("INSERT INTO logger.sessions
+ SET uid={?}, host={?}, ip={?}, forward_ip={?}, forward_host={?}, browser={?}, suid={?}, flags={?}",
$uid, $host, ip_to_uint($ip), ip_to_uint($forward_ip), $forward_host, $browser, $suid, $proxy);
if ($forward_ip) {
$this->proxy_ip = $ip;
public function log($action, $data = null)
{
if (isset($this->actions[$action])) {
- XDB::execute("INSERT INTO logger.events
- SET session={?}, action={?}, data={?}",
+ XDB::execute("INSERT INTO logger.events
+ SET session={?}, action={?}, data={?}",
$this->session, $this->actions[$action], $data);
} else {
trigger_error("PlLogger: unknown action, $action", E_USER_WARNING);
--- /dev/null
+<?php
+/***************************************************************************
+ * Copyright (C) 2003-2008 Polytechnique.org *
+ * http://opensource.polytechnique.org/ *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., *
+ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
+ ***************************************************************************/
+
+class Profile
+{
+ private $pid;
+ private $hrpid;
+ private $data = array();
+
+ private function __construct($login)
+ {
+ if ($login instanceof PlUser) {
+ $from = 'account_profiles AS ap
+ INNER JOIN profiles AS p ON (p.pid = ap.pid)';
+ $where = XDB::format('ap.uid = {?} AND FIND_IN_SET(\'owner\', ap.perms)', $login->id());
+ } else if (is_numeric($login)) {
+ $from = 'profiles AS p';
+ $where = XDB::format('p.pid = {?}', $login);
+ } else {
+ $from = 'profiles AS p';
+ $where = XDB::format('p.hrpid = {?}', $login);
+ }
+ $res = XDB::query('SELECT p.*, pe.entry_year, pe.grad_year,
+ pns_f.name AS firstname, pns_l.name AS lastname, pns_n.name AS nickname,
+ IF(pns_uf.name IS NULL, pns_f.name, pns_uf.name) AS firstname_usual,
+ IF(pns_ul.name IS NULL, pns_l.name, pns_ul.name) AS lastname_usual,
+ pd.promo AS promo, pd.short_name, pd.directory_name AS full_name
+ FROM ' . $from . '
+ INNER JOIN profile_display AS pd ON (pd.pid = p.pid)
+ INNER JOIN profile_education AS pe ON (pe.uid = p.pid AND FIND_IN_SET(\'primary\', pe.flags))
+ INNER JOIN profile_name AS pns_f ON (pns_f.pid = p.pid AND pns_f.typeid = ' . self::getNameTypeId('Nom patronymique', true) . ')
+ INNER JOIN profile_name AS pns_l ON (pns_l.pid = p.pid AND pns_l.typeid = ' . self::getNameTypeId('Prénom', true) . ')
+ LEFT JOIN profile_name AS pns_uf ON (pns_uf.pid = p.pid AND pns_uf.typeid = ' . self::getNameTypeId('Prénom usuel', true) . ')
+ LEFT JOIN profile_name AS pns_ul ON (pns_ul.pid = p.pid AND pns_ul.typeid = ' . self::getNameTypeId('Nom usuel', true) . ')
+ LEFT JOIN profile_name aS pns_n ON (pns_n.pid = p.pid AND pns_n.typeid = ' . self::getNameTypeId('Surnom', true) . ')
+ WHERE ' . $where);
+ if ($res->numRows() != 1) {
+ __autoload('PlUser');
+ throw new UserNotFoundException();
+ }
+ $this->data = $res->fetchOneAssoc();
+ $this->pid = $this->data['pid'];
+ $this->hrpid = $this->data['hrpid'];
+ }
+
+ public function id()
+ {
+ return $this->pid;
+ }
+
+ public function hrid()
+ {
+ return $this->hrpid;
+ }
+
+ public function promo()
+ {
+ return $this->promo;
+ }
+
+ /** Print a name with the given formatting:
+ * %s = • for women
+ * %f = firstname
+ * %l = lastname
+ * %F = fullname
+ * %S = shortname
+ * %p = promo
+ */
+ public function name($format)
+ {
+ return str_replace(array('%s', '%f', '%l', '%F', '%S', '%p'),
+ array($this->isFemale() ? '•' : '',
+ $this->first_name, $this->last_name,
+ $this->full_name, $this->short_name,
+ $this->promo), $format);
+ }
+
+ public function fullName($with_promo = false)
+ {
+ if ($with_promo) {
+ return $this->full_name . ' (' . $this->promo . ')';
+ }
+ return $this->full_name;
+ }
+
+ public function shortName($with_promo = false)
+ {
+ if ($with_promo) {
+ return $this->short_name . ' (' . $this->promo . ')';
+ }
+ return $this->short_name;
+ }
+
+ public function firstName()
+ {
+ return $this->first_name;
+ }
+
+ public function lastName()
+ {
+ return $this->last_name;
+ }
+
+ public function isFemale()
+ {
+ return $this->sex == PlUser::GENDER_FEMALE;
+ }
+
+ public function data()
+ {
+ $this->first_name;
+ return $this->data;
+ }
+
+ public function __get($name)
+ {
+ if (property_exists($this, $name)) {
+ return $this->$name;
+ }
+
+ if (isset($this->data[$name])) {
+ return $this->data[$name];
+ }
+
+ return null;
+ }
+
+ public function __isset($name)
+ {
+ return property_exists($this, $name) || isset($this->data[$name]);
+ }
+
+
+ public function owner()
+ {
+ return User::getSilent($this);
+ }
+
+ /** Return the profile associated with the given login.
+ */
+ public static function get($login)
+ {
+ try {
+ return new Profile($login);
+ } catch (UserNotFoundException $e) {
+ /* Let say we can identify a profile using the identifiers of its owner.
+ */
+ if (!($login instanceof PlUser)) {
+ $user = User::getSilent($login);
+ if ($user && $user->hasProfile()) {
+ return $user->profile();
+ }
+ }
+ return null;
+ }
+ }
+
+ public static function getNameTypeId($type, $for_sql = false)
+ {
+ if (!S::has('name_types')) {
+ $table = XDB::fetchAllAssoc('name', 'SELECT id, name
+ FROM profile_name_enum');
+ S::set('name_types', $table);
+ } else {
+ $table = S::v('name_types');
+ }
+ if ($for_sql) {
+ return XDB::escape($table[$type]);
+ } else {
+ return $table[$type];
+ }
+ }
+}
+
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
+?>
<?php
/***************************************************************************
- * Copyright (C) 2003-2009 Polytechnique.org *
+ * Copyright (C) 2003-2008 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
class User extends PlUser
{
+ private $_profile_fetched = false;
+ private $_profile = null;
+
// Implementation of the login to uid method.
protected function getLogin($login)
{
global $globals;
+ if ($login instanceof User) {
+ $machin->id();
+ }
+
+ if ($login instanceof Profile) {
+ $this->_profile = $login;
+ $this->_profile_fetched = true;
+ $res = XDB::query('SELECT ap.uid
+ FROM account_profiles AS ap
+ WHERE ap.pid = {?} AND FIND_IN_SET(\'owner\', perms)',
+ $login->id());
+ if ($res->numRows()) {
+ return $res->fetchOneCell();
+ }
+ throw new UserNotFoundException();
+ }
+
// If $data is an integer, fetches directly the result.
if (is_numeric($login)) {
- $res = XDB::query("SELECT user_id FROM auth_user_md5 WHERE user_id = {?}", $login);
+ $res = XDB::query('SELECT a.uid
+ FROM accounts AS a
+ WHERE a.uid = {?}', $login);
if ($res->numRows()) {
return $res->fetchOneCell();
}
}
// Checks whether $login is a valid hruid or not.
- $res = XDB::query("SELECT user_id FROM auth_user_md5 WHERE hruid = {?}", $login);
+ $res = XDB::query('SELECT a.uid
+ FROM accounts AS a
+ WHERE a.hruid = {?}', $login);
if ($res->numRows()) {
return $res->fetchOneCell();
}
// Checks if $login is a valid alias on the main domains.
list($mbox, $fqdn) = explode('@', $login);
if ($fqdn == $globals->mail->domain || $fqdn == $globals->mail->domain2) {
- $res = XDB::query("SELECT u.user_id
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie'))
- WHERE a.alias = {?}", $mbox);
+ $res = XDB::query('SELECT a.uid
+ FROM accounts AS a
+ INNER JOIN aliases AS al ON (al.id = a.uid AND al.type IN (\'alias\', \'a_vie\'))
+ WHERE al.alias = {?}', $mbox);
if ($res->numRows()) {
return $res->fetchOneCell();
}
+ /** TODO: implements this by inspecting the profile.
if (preg_match('/^(.*)\.([0-9]{4})$/u', $mbox, $matches)) {
- $res = XDB::query("SELECT u.user_id
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie'))
- WHERE a.alias = {?} AND u.promo = {?}", $matches[1], $matches[2]);
+ $res = XDB::query('SELECT a.uid
+ FROM accounts AS a
+ INNER JOIN aliases AS al ON (al.id = a.uid AND al.type IN ('alias', 'a_vie'))
+ WHERE al.alias = {?} AND a.promo = {?}', $matches[1], $matches[2]);
if ($res->numRows() == 1) {
return $res->fetchOneCell();
}
- }
+ }*/
throw new UserNotFoundException();
}
if ($redir = $res->fetchOneCell()) {
// We now have a valid alias, which has to be translated to an hruid.
list($alias, $alias_fqdn) = explode('@', $redir);
- $res = XDB::query("SELECT u.user_id
- FROM auth_user_md5 AS u
- LEFT JOIN aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie'))
- WHERE a.alias = {?}", $alias);
+ $res = XDB::query("SELECT a.uid
+ FROM accounts AS a
+ LEFT JOIN aliases AS al ON (al.id = a.uid AND al.type IN ('alias', 'a_vie'))
+ WHERE al.alias = {?}", $alias);
if ($res->numRows()) {
return $res->fetchOneCell();
}
throw new UserNotFoundException();
}
+ // Looks for an account with the given email.
+ $res = XDB::query('SELECT a.uid
+ FROM accounts AS a
+ WHERE a.email = {?}', $login);
+ if ($res->numRows() == 1) {
+ return $res->fetchOneCell();
+ }
+
// Otherwise, we do suppose $login is an email redirection.
- $res = XDB::query("SELECT u.user_id
- FROM auth_user_md5 AS u
- LEFT JOIN emails AS e ON (e.uid = u.user_id)
+ $res = XDB::query("SELECT a.uid
+ FROM accounts AS a
+ LEFT JOIN emails AS e ON (e.uid = a.uid)
WHERE e.email = {?}", $login);
if ($res->numRows() == 1) {
return $res->fetchOneCell();
throw new UserNotFoundException($res->fetchColumn(1));
}
+ protected static function loadMainFieldsFromUIDs(array $uids, $sorted = null)
+ {
+ global $globals;
+ $joins = '';
+ $orderby = '';
+ $fields = array();
+ if (!is_null($sorted)) {
+ $order = array();
+ $with_ap = false;
+ $with_pd = false;
+ foreach (explode(',', $sorted) as $part) {
+ $desc = ($part[0] == '-');
+ if ($desc) {
+ $part = substr($desc, 1);
+ }
+ switch ($part) {
+ case 'promo':
+ $with_pd = true;
+ $with_ap = true;
+ $part = 'IF (pd.promo IS NULL, \'ext\', pd.promo)';
+ break;
+ case 'full_name':
+ $part = 'a.full_name';
+ break;
+ case 'display_name':
+ $part = 'a.display_name';
+ break;
+ default:
+ $part = null;
+ }
+ if (!is_null($part)) {
+ if ($desc) {
+ $part .= ' DESC';
+ }
+ $order[] = $part;
+ }
+ }
+ if (count($order) > 0) {
+ if ($with_ap) {
+ $joins .= "LEFT JOIN account_profiles AS ap ON (ap.uid = a.uid AND FIND_IN_SET('owner', ap.perms))\n";
+ }
+ if ($with_pd) {
+ $joins .= "LEFT JOIN profile_display AS pd ON (pd.pid = ap.pid)\n";
+ }
+ $orderby = 'ORDER BY ' . implode(', ', $order);
+ }
+ }
+ if ($globals->asso('id')) {
+ $joins .= XDB::format("LEFT JOIN groupex.membres AS gpm ON (gpm.uid = a.uid AND gpm.asso_id = {?})\n", $globals->asso('id'));
+ $fields[] = 'gpm.perms AS group_perms';
+ }
+ if (count($fields) > 0) {
+ $fields = ', ' . implode(', ', $fields);
+ } else {
+ $fields = '';
+ }
+ $uids = array_map(array('XDB', 'escape'), $uids);
+ return XDB::iterator('SELECT a.uid, a.hruid, a.registration_date,
+ CONCAT(af.alias, \'@' . $globals->mail->domain . '\') AS forlife,
+ CONCAT(ab.alias, \'@' . $globals->mail->domain . '\') AS bestalias,
+ a.full_name, a.display_name, a.sex = \'female\' AS gender,
+ IF(a.state = \'active\', at.perms, \'\') AS perms,
+ a.email_format, a.is_admin, a.state, a.type, a.skin,
+ FIND_IN_SET(\'watch\', a.flags) AS watch, a.comment,
+ a.weak_password IS NOT NULL AS weak_access,
+ a.token IS NOT NULL AS token_access ' . $fields . '
+ FROM accounts AS a
+ INNER JOIN account_types AS at ON (at.type = a.type)
+ LEFT JOIN aliases AS af ON (af.id = a.uid AND af.type = \'a_vie\')
+ LEFT JOIN aliases AS ab ON (ab.id = a.uid AND FIND_IN_SET(\'bestalias\', ab.flags))
+ ' . $joins . '
+ WHERE a.uid IN (' . implode(', ', $uids) . ')
+ ' . $orderby);
+ }
+
// Implementation of the data loader.
protected function loadMainFields()
{
if ($this->hruid !== null && $this->forlife !== null
&& $this->bestalias !== null && $this->display_name !== null
- && $this->full_name !== null && $this->promo !== null && $this->perms !== null
+ && $this->full_name !== null && $this->perms !== null
&& $this->gender !== null && $this->email_format !== null) {
return;
}
-
- global $globals;
- $res = XDB::query("SELECT u.hruid, d.promo,
- CONCAT(af.alias, '@{$globals->mail->domain}') AS forlife,
- CONCAT(ab.alias, '@{$globals->mail->domain}') AS bestalias,
- CONCAT(u.prenom, ' ', IF(u.nom_usage <> '', u.nom_usage, u.nom)) AS full_name,
- IF(u.prenom != '', u.prenom, u.nom) AS display_name,
- FIND_IN_SET('femme', u.flags) AS gender,
- q.core_mail_fmt AS email_format,
- u.perms
- FROM auth_user_md5 AS u
- INNER JOIN profile_display AS d ON (d.pid = u.user_id)
- LEFT JOIN auth_user_quick AS q ON (q.user_id = u.user_id)
- LEFT JOIN aliases AS af ON (af.id = u.user_id AND af.type = 'a_vie')
- LEFT JOIN aliases AS ab ON (ab.id = u.user_id AND FIND_IN_SET('bestalias', ab.flags))
- WHERE u.user_id = {?}", $this->user_id);
- $this->fillFromArray($res->fetchOneAssoc());
+ $this->fillFromArray(self::loadMainFieldsFromUIDs(array($this->user_id))->next());
}
// Specialization of the fillFromArray method, to implement hacks to enable
if (isset($values['mail_fmt'])) {
$values['email_format'] = $values['mail_fmt'];
}
- if (isset($values['email_format'])) {
- $values['email_format'] = ($values['email_format'] ? self::FORMAT_HTML : self::FORMAT_TEXT);
- }
parent::fillFromArray($values);
}
if ($this->perms === null) {
$this->loadMainFields();
}
- $this->perm_flags = self::makePerms($this->perms);
+ $this->perm_flags = self::makePerms($this->perms, $this->is_admin);
}
- // Return the password of the user
+ // We do not want to store the password in the object.
+ // So, fetch it 'on demand'
public function password()
{
- return XDB::fetchOneCell('SELECT u.password
- FROM auth_user_md5 AS u
- WHERE u.user_id = {?}', $this->id());
+ return XDB::fetchOneCell('SELECT a.password
+ FROM accounts AS a
+ WHERE a.uid = {?}', $this->id());
}
- // Return permission flags for a given permission level.
- public static function makePerms($perms)
+ /** Overload PlUser::promo(): there no promo defined for a user in the current
+ * schema. The promo is a field from the profile.
+ */
+ public function promo()
+ {
+ if (!$this->hasProfile()) {
+ return '';
+ }
+ return $this->profile()->promo();
+ }
+
+ /** Return the main profile attached with this account if any.
+ */
+ public function profile()
+ {
+ if (!$this->_profile_fetched) {
+ $this->_profile_fetched = true;
+ $this->_profile = Profile::get($this);
+ }
+ return $this->_profile;
+ }
+
+ /** Return true if the user has an associated profile.
+ */
+ public function hasProfile()
+ {
+ return !is_null($this->profile());
+ }
+
+ /** Check if the user can edit to given profile.
+ */
+ public function canEdit(Profile $profile)
+ {
+ // XXX: Check permissions (e.g. secretary permission)
+ // and flags from the profile
+ return XDB::fetchOneCell('SELECT pid
+ FROM account_profiles
+ WHERE uid = {?} AND pid = {?}',
+ $this->id(), $profile->id());
+ }
+
+ /** Get the email alias of the user.
+ */
+ public function emailAlias()
+ {
+ global $globals;
+ $data = $this->emailAliases($globals->mail->alias_dom);
+ if (count($data) > 0) {
+ return array_pop($data);
+ }
+ return null;
+ }
+
+ /** Get all the aliases the user belongs to.
+ */
+ public function emailAliases($domain = null)
{
- $flags = new PlFlagSet();
- if (is_null($flags) || $perms == 'disabled' || $perms == 'ext') {
- return $flags;
+ $where = '';
+ if (!is_null($domain)) {
+ $where = XDB::format(' AND alias LIKE CONCAT("%@", {?})', $domain);
}
+ return XDB::fetchColumn('SELECT v.alias
+ FROM virtual AS v
+ INNER JOIN virtual_redirect AS vr ON (v.vid = vr.vid)
+ WHERE (vr.redirect = {?} OR vr.redirect = {?})
+ ' . $where,
+ $this->forlifeEmail(), $this->m4xForlifeEmail());
+ }
+
+ /** Get the alternative forlife email
+ * TODO: remove this uber-ugly hack. The issue is that you need to remove
+ * all @m4x.org addresses in virtual_redirect first.
+ * XXX: This is juste to make code more readable, to be remove as soon as possible
+ */
+ public function m4xForlifeEmail()
+ {
+ global $globals;
+ trigger_error('USING M4X FORLIFE', E_USER_NOTICE);
+ return $this->login() . '@' . $globals->mail->domain2;
+ }
+
+ // Return permission flags for a given permission level.
+ public static function makePerms($perms, $is_admin)
+ {
+ $flags = new PlFlagSet($perms);
$flags->addFlag(PERMS_USER);
- if ($perms == 'admin') {
+ if ($is_admin) {
$flags->addFlag(PERMS_ADMIN);
}
return $flags;
$dom != $globals->mail->alias_dom &&
$dom != $globals->mail->alias_dom2;
}
+
+ // Fetch a set of users from a list of UIDs
+ public static function getBuildUsersWithUIDs(array $uids, $sortby = null)
+ {
+ $fields = self::loadMainFieldsFromUIDs($uids, $sortby);
+ $users = array();
+ while (($list = $fields->next())) {
+ $users[] = User::getSilentWithValues(null, $list);
+ }
+ return $users;
+ }
}
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
protected function doAuth($level)
{
if (S::identified()) { // ok, c'est bon, on n'a rien à faire
- return S::i('uid');
+ return User::getSilentWithValues(null, array('user_id' => S::i('uid')));
}
if (!Get::has('auth')) {
return null;
}
Get::kill('auth');
S::set('auth', AUTH_MDP);
- return Get::i('uid');
+ return User::getSilentWithValues(null, array('user_id' => Get::i('uid')));
}
protected function startSessionAs($user, $level)
{
- if ($level == -1) {
+ if ($level == AUTH_SUID) {
S::set('auth', AUTH_MDP);
}
- $res = XDB::query("SELECT u.user_id AS uid, u.hruid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme,
- q.core_mail_fmt AS mail_fmt, q.core_rss_hash
- FROM auth_user_md5 AS u
- INNER JOIN auth_user_quick AS q USING(user_id)
- WHERE u.user_id = {?} AND u.perms IN('admin', 'user')
- LIMIT 1", $user);
+ $res = XDB::query("SELECT a.uid, a.display_name, a.full_name,
+ a.sex = 'female' AS femme,
+ a.email_format, a.token,
+ at.perms, a.is_admin
+ FROM accounts AS a
+ INNER JOIN account_types AS at ON (at.type = a.type)
+ WHERE a.uid = {?} AND a.state = 'active'
+ LIMIT 1", $user->id());
$sess = $res->fetchOneAssoc();
- $perms = $sess['perms'];
- unset($sess['perms']);
$_SESSION = array_merge($_SESSION, $sess);
- S::set('perms', User::makePerms($perms));
+ $this->makePerms(S::s('perms'), S::b('is_admin'));
S::kill('challenge');
S::kill('loginX');
S::kill('may_update');
public function doSelfSuid()
{
- if (!$this->startSUID(S::i('uid'))) {
+ $user =& S::user();
+ if (!$this->startSUID($user)) {
return false;
}
S::set('perms', User::makePerms('user'));
public function stopSUID()
{
- $suid = S::v('suid');
+ $perms = S::suid('perms');
if (!parent::stopSUID()) {
return false;
}
- S::kill('suid');
S::kill('may_update');
S::kill('is_member');
- S::set('perms', $suid['perms']);
+ S::set('perms', $perms);
return true;
}
}
return false;
} elseif ($lose) {
$may_update[$asso_id] = false;
- } elseif (S::has_perms() || (S::has('suid') && $force)) {
+ } elseif (S::admin() || (S::suid() && $force)) {
$may_update[$asso_id] = true;
} elseif (!isset($may_update[$asso_id]) || $force) {
$res = XDB::query("SELECT perms
return false;
} elseif ($lose) {
$is_member[$asso_id] = false;
- } elseif (S::has('suid') && $force) {
+ } elseif (S::suid() && $force) {
$is_member[$asso_id] = true;
} elseif (!isset($is_member[$asso_id]) || $force) {
$res = XDB::query("SELECT COUNT(*)
class XorgSession extends PlSession
{
+ const INVALID_USER = -2;
+ const NO_COOKIE = -1;
+ const COOKIE_SUCCESS = 0;
+ const INVALID_COOKIE = 1;
+
public function __construct()
{
parent::__construct();
public function startAvailableAuth()
{
if (!S::logged()) {
- $cookie = $this->tryCookie();
- if ($cookie == 0) {
- return $this->start(AUTH_COOKIE);
- } else if ($cookie == 1 || $cookie == -2) {
+ switch ($this->tryCookie()) {
+ case self::COOKIE_SUCCESS:
+ if (!$this->start(AUTH_COOKIE)) {
+ return false;
+ }
+ break;
+
+ case self::INVALID_USER:
+ case self::INVALID_COOKIE:
return false;
}
}
{
S::kill('auth_by_cookie');
if (Cookie::v('access') == '' || !Cookie::has('uid')) {
- return -1;
+ return self::NO_COOKIE;
}
- $res = XDB::query('SELECT user_id, password
- FROM auth_user_md5
- WHERE user_id = {?} AND perms IN(\'admin\', \'user\')',
+ $res = XDB::query('SELECT uid, password
+ FROM accounts
+ WHERE uid = {?} AND state = \'active\'',
Cookie::i('uid'));
if ($res->numRows() != 0) {
list($uid, $password) = $res->fetchOneRow();
- require_once 'secure_hash.inc.php';
- $expected_value = hash_encrypt($password);
- if ($expected_value == Cookie::v('access')) {
+ if (sha1($password) == Cookie::v('access')) {
S::set('auth_by_cookie', $uid);
- return 0;
+ return self::COOKIE_SUCCESS;
} else {
- return 1;
+ return self::INVALID_COOKIE;
}
}
- return -2;
+ return self::INVALID_USER;
}
private function checkPassword($uname, $login, $response, $login_type)
{
- $res = XDB::query('SELECT u.user_id, u.password
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id = u.user_id AND type != \'homonyme\')
- WHERE a.' . $login_type . ' = {?} AND u.perms IN(\'admin\', \'user\')',
+ $res = XDB::query('SELECT a.uid, a.password
+ FROM accounts AS a
+ INNER JOIN aliases AS l ON (l.id = a.uid AND l.type != \'homonyme\')
+ WHERE l.' . $login_type . ' = {?} AND a.state = \'active\'',
$login);
if (list($uid, $password) = $res->fetchOneRow()) {
- require_once 'secure_hash.inc.php';
- $expected_response = hash_encrypt("$uname:$password:" . S::v('challenge'));
- if ($response != $expected_response && Env::has('xorpass')
- && !preg_match('/^0*$/', Env::v('xorpass'))) {
- $new_password = hash_xor(Env::v('xorpass'), $password);
- $expected_response = hash_encrypt("$uname:$new_password:" . S::v('challenge'));
- if ($response == $expected_response) {
- XDB::execute('UPDATE auth_user_md5
- SET password = {?}
- WHERE user_id = {?}',
- $new_password, $uid);
-
- // Update the GoogleApps password as well, if required.
- global $globals;
- if ($globals->mailstorage->googleapps_domain) {
- require_once 'googleapps.inc.php';
- $user = User::getSilent($uid);
- $account = new GoogleAppsAccount($user);
- if ($account->active() && $account->sync_password) {
- $account->set_password($new_password);
- }
- }
- }
- }
+ $expected_response = sha1("$uname:$password:" . S::v('challenge'));
+ /* XXX: Deprecates len(password) > 10 conversion */
if ($response != $expected_response) {
if (!S::logged()) {
Platal::page()->trigError('Mot de passe ou nom d\'utilisateur invalide');
if (!S::logged()) {
S::set('auth', AUTH_COOKIE);
}
- return S::i('auth_by_cookie');
+ return User::getSilentWithValues(null, array('user_id' => S::i('auth_by_cookie')));
}
/** We come from an authentication form.
*/
- if (S::has('suid')) {
- $suid = S::v('suid');
- $login = $uname = $suid['uid'];
+ if (S::suid()) {
+ $login = $uname = S::suid('uid');
$redirect = false;
} else {
$uname = Env::v('username');
}
$uid = $this->checkPassword($uname, $login, Post::v('response'), (!$redirect && is_numeric($uname)) ? 'id' : 'alias');
- if (!is_null($uid) && S::has('suid')) {
- $suid = S::v('suid');
- if ($suid['uid'] == $uid) {
+ if (!is_null($uid) && S::suid()) {
+ if (S::suid('uid') == $uid) {
$uid = S::i('uid');
} else {
$uid = null;
}
if (!is_null($uid)) {
S::set('auth', AUTH_MDP);
- if (!S::has('suid')) {
+ if (!S::suid()) {
if (Post::has('domain')) {
if (($domain = Post::v('domain', 'login')) == 'alias') {
Cookie::set('domain', 'alias', 300);
S::kill('challenge');
S::logger($uid)->log('auth_ok');
}
- return $uid;
+ return User::getSilentWithValues(null, array('user_id' => $uid));
}
- protected function startSessionAs($uid, $level)
+ protected function startSessionAs($user, $level)
{
- if ((!is_null(S::v('user')) && S::i('user') != $uid) || (S::has('uid') && S::i('uid') != $uid)) {
+ if ((!is_null(S::v('user')) && S::v('user')->id() != $user->id())
+ || (S::has('uid') && S::i('uid') != $user->id())) {
return false;
} else if (S::has('uid')) {
return true;
}
// Retrieves main user properties.
- $res = XDB::query("SELECT u.user_id AS uid, u.hruid, prenom, prenom_ini, nom, nom_ini, nom_usage, perms, promo, promo_sortie,
- matricule, password, FIND_IN_SET('femme', u.flags) AS femme,
- q.core_mail_fmt AS mail_fmt, UNIX_TIMESTAMP(q.banana_last) AS banana_last, q.watch_last, q.core_rss_hash,
- FIND_IN_SET('watch', u.flags) AS watch_account, q.last_version, g.g_account_name IS NOT NULL AS googleapps,
- UNIX_TIMESTAMP(s.start) AS lastlogin, s.host
- FROM auth_user_md5 AS u
- INNER JOIN auth_user_quick AS q USING(user_id)
- LEFT JOIN gapps_accounts AS g ON (u.user_id = g.l_userid AND g.g_status = 'active')
- LEFT JOIN logger.last_sessions AS ls ON (ls.uid = u.user_id)
+ /** TODO: Move needed informations to account tables */
+ /** TODO: Currently suppressed data are matricule, promo */
+ /** TODO: Use the User object to fetch all this */
+ $res = XDB::query("SELECT a.uid, a.hruid, a.display_name, a.full_name,
+ a.sex = 'female' AS femme, a.email_format,
+ a.token, FIND_IN_SET('watch', a.flags) AS watch_account,
+ UNIX_TIMESTAMP(fp.last_seen) AS banana_last, w.last AS watch_last,
+ a.last_version, g.g_account_name IS NOT NULL AS googleapps,
+ UNIX_TIMESTAMP(s.start) AS lastlogin, s.host,
+ a.is_admin, at.perms
+ FROM accounts AS a
+ INNER JOIN account_types AS at ON(a.type = at.type)
+ INNER JOIN watch AS w ON(w.uid = a.uid)
+ LEFT JOIN forum_profiles AS fp ON(fp.uid = a.uid)
+ LEFT JOIN gapps_accounts AS g ON(a.uid = g.l_userid AND g.g_status = 'active')
+ LEFT JOIN logger.last_sessions AS ls ON (ls.uid = a.uid)
LEFT JOIN logger.sessions AS s ON(s.id = ls.id)
- WHERE u.user_id = {?} AND u.perms IN('admin', 'user')", $uid);
+ WHERE a.uid = {?} AND a.state = 'active'", $user->id());
$sess = $res->fetchOneAssoc();
$perms = $sess['perms'];
unset($sess['perms']);
$_SESSION = array_merge($_SESSION, $sess);
// Starts the session's logger, and sets up the permanent cookie.
- if (S::has('suid')) {
- $suid = S::v('suid');
- $logger = S::logger($uid);
- $logger->log("suid_start", S::v('hruid') . " by " . $suid['hruid']);
+ if (S::suid()) {
+ S::logger()->log("suid_start", S::v('hruid') . ' by ' . S::suid('hruid'));
} else {
- $logger = S::logger($uid);
- $logger->saveLastSession();
- Cookie::set('uid', $uid, 300);
+ S::logger()->saveLastSession();
+ Cookie::set('uid', $user->id(), 300);
- if (S::i('auth_by_cookie') == $uid || Post::v('remember', 'false') == 'true') {
- $this->setAccessCookie(false, S::i('auth_by_cookie') != $uid);
+ if (S::i('auth_by_cookie') == $user->id() || Post::v('remember', 'false') == 'true') {
+ $this->setAccessCookie(false, S::i('auth_by_cookie') != $user->id());
} else {
$this->killAccessCookie();
}
}
// Finalizes the session setup.
- S::set('perms', User::makePerms($perms));
+ $this->makePerms($perms, S::b('is_admin'));
$this->securityChecks();
$this->setSkin();
$this->updateNbNotifs();
public function tokenAuth($login, $token)
{
- $res = XDB::query('SELECT u.hruid
- FROM aliases AS a
- INNER JOIN auth_user_md5 AS u ON (a.id = u.user_id AND u.perms IN ("admin", "user"))
- INNER JOIN auth_user_quick AS q ON (a.id = q.user_id AND q.core_rss_hash = {?})
- WHERE a.alias = {?} AND a.type != "homonyme"', $token, $login);
+ $res = XDB::query('SELECT a.uid AS user_id, a.hruid
+ FROM aliases AS l
+ INNER JOIN accounts AS a ON (l.id = a.uid AND a.state = \'active\')
+ WHERE a.token = {?} AND l.alias = {?} AND l.type != \'homonyme\'',
+ $token, $login);
if ($res->numRows() == 1) {
- $data = $res->fetchOneAssoc();
- return new User($data['hruid'], $data);
+ return new User(null, $res->fetchOneAssoc());
}
return null;
}
protected function makePerms($perm, $is_admin)
{
- $flags = new PlFlagSet();
- if ($perm == 'disabled' || $perm == 'ext') {
- S::set('perms', $flags);
- return;
- }
- $flags->addFlag(PERMS_USER);
- if ($perm == 'admin') {
- $flags->addFlag(PERMS_ADMIN);
- }
- S::set('perms', $flags);
+ S::set('perms', User::makePerms($perm, $is_admin));
}
public function setSkin()
{
- if (S::logged() && (!S::has('skin') || S::has('suid'))) {
- $uid = S::v('uid');
- $res = XDB::query("SELECT skin_tpl
- FROM auth_user_quick AS a
- INNER JOIN skins AS s ON a.skin = s.id
- WHERE user_id = {?} AND skin_tpl != ''", $uid);
+ if (S::logged() && (!S::has('skin') || S::suid())) {
+ $res = XDB::query('SELECT skin_tpl
+ FROM accounts AS a
+ INNER JOIN skins AS s on (a.skin = s.id)
+ WHERE a.uid = {?} AND skin_tpl != \'\'', S::i('uid'));
S::set('skin', $res->fetchOneCell());
}
}
}
public function setAccessCookie($replace = false, $log = true) {
- if (S::has('suid') || ($replace && !Cookie::blank('access'))) {
+ if (S::suid() || ($replace && !Cookie::blank('access'))) {
return;
}
- require_once('secure_hash.inc.php');
- Cookie::set('access', hash_encrypt(S::v('password')), 300, true);
+ Cookie::set('access', sha1(S::user()->password()), 300, true);
if ($log) {
S::logger()->log('cookie_on');
}
web_user = "***"
web_pass = "***"
-table_prefix = "banana_"
spool_root = "/var/spool/banana"
mbox_helper = "/usr/bin/banana-mbox-helper"
display: none;
}
+.ui-tabs-hide { display: none; }
+
/* vim: set et ts=4 sts=4 sw=4: */
[ onglets des profils ]
*******************************************************************************/
-.wizard {
+.wizard, .ui-tabs-nav {
+ margin: 0;
+ padding: 0;
margin-left: -16px;
+ clear: both;
}
-.wizard .wiz_header {
+.wizard .wiz_header, .ui-tabs-nav {
height: 32px;
width: 100%;
background: url('../images/skins/wiz_background.png') top right repeat-x;
margin-bottom: 1em;
+ text-align: left;
}
-.wizard .wiz_header .wiz_tab {
+.wizard .wiz_header .wiz_tab, .ui-tabs-nav li {
background: url('../images/skins/wiz_normal.png') #aaa top left repeat-x;
height: 100%;
text-align: center;
font-size: 75%;
border-right: 1px solid #888;
+ float: left;
+ vertical-align: middle;
}
-.wizard .wiz_header .wiz_tab:hover {
+.ui-tabs-nav li {
+ margin: 0;
+ padding: 0;
+ list-style-type: none;
+}
+
+.wizard .wiz_header .wiz_tab:hover, .ui-tabs-nav li:hover {
background: url('../images/skins/wiz_hover.png') #777 top left repeat-x;
color: #fff;
}
-.wizard .wiz_header .active, .wizard .wiz_header .active:hover {
+.wizard .wiz_header .active, .wizard .wiz_header .active:hover, li.ui-tabs-selected {
background: url('../images/skins/wiz_active.png') #444 top left repeat-x;
color: #fff;
}
-.wizard .wiz_header a {
+.wizard .wiz_header a, .ui-tabs-nav a {
color: #000;
text-decoration: none;
}
-.wizard .wiz_header a.active {
+.wizard .wiz_header a.active, .ui-tabs-selected a {
color: #fff;
}
-.wizard .wiz_content {
+.wizard .wiz_content, .ui-tabs-panel {
margin-left: 16px;
+ clear: both;
}
.flags .texte {
# jQuery and its plugins are downloaded by the Makefile
/jquery.*js
+/ui.*js
require_once 'xorg.inc.php';
-new Xorg('core');
+$platal = new Xorg('core');
global $globals;
-list($username, $path) = preg_split('/\//', $_SERVER["REQUEST_URI"], 2, PREG_SPLIT_NO_EMPTY);
-$res = XDB::query(
- "SELECT redirecturl
- FROM auth_user_quick AS a
- INNER JOIN aliases AS al ON (al.id = a.user_id AND (al.type='a_vie' OR al.type='alias'))
- WHERE al.alias = {?}
- GROUP BY redirecturl", $username);
+$path = ltrim($platal->pl_self(), '/');
+@list($username, $path) = explode('/', $path, 2);
-if ($url = $res->fetchOneCell()) {
- $url = preg_replace('@/+$@', '', $url);
- if ($path) {
- http_redirect("http://$url/$path");
- } else {
- http_redirect("http://$url");
+if ($username && !is_null($user = User::getSilent($username))) {
+ $url = XDB::fetchOneCell('SELECT url
+ FROM carvas
+ WHERE uid = {?}', $user->id());
+ if ($url) {
+ $url = preg_replace('@/+$@', '', $url);
+ if ($path) {
+ http_redirect("http://$url/$path");
+ } else {
+ http_redirect("http://$url");
+ }
}
}
-header("HTTP/1.0 404 Not Found");
-
+header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found');
?>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
}
Banana::$debug_nntp = ($globals->debug & DEBUG_BT);
Banana::$debug_smarty = ($globals->debug & DEBUG_SMARTY);
- if (!S::v('core_rss_hash')) {
- Banana::$feed_active = false;
- }
+ Banana::$feed_active = S::hasAuthToken();
+
parent::__construct($params, 'NNTP', 'PlatalBananaPage');
if (@$params['action'] == 'profile') {
Banana::$action = 'profile';
}
}
+ private function fetchProfile()
+ {
+ // Get user profile from SQL
+ $req = XDB::query("SELECT name, mail, sig,
+ FIND_IN_SET('threads',flags) AS threads,
+ FIND_IN_SET('automaj',flags) AS maj,
+ FIND_IN_SET('xface', flags) AS xface,
+ tree_unread, tree_read
+ FROM forum_profiles
+ WHERE uid = {?}", $this->user->id());
+ if ($req->numRows()) {
+ $infos = $req->fetchOneAssoc();
+ } else {
+ $infos = array();
+ }
+ if (empty($infos['name'])) {
+ $infos = array('name' => $this->user->fullName(),
+ 'mail' => $this->user->forlifeEmail(),
+ 'sig' => $this->user->displayName(),
+ 'threads' => false,
+ 'maj' => true,
+ 'xface' => false,
+ 'tree_unread' => 'o',
+ 'tree_read' => 'dg' );
+ }
+ return $infos;
+ }
+
public function run()
{
global $platal, $globals;
$time = null;
if (!is_null($this->params) && isset($this->params['updateall'])) {
$time = intval($this->params['updateall']);
- $_SESSION['banana_last'] = $time;
+ S::set('banana_last', $time);
}
- // Get user profile from SQL
- $req = XDB::query("SELECT nom, mail, sig,
- FIND_IN_SET('threads',flags), FIND_IN_SET('automaj',flags),
- tree_unread, tree_read
- FROM {$globals->banana->table_prefix}profils
- WHERE uid={?}", S::i('uid'));
- if (!(list($nom, $mail, $sig, $disp, $maj, $unread, $read) = $req->fetchOneRow())) {
- $nom = S::v('prenom')." ".S::v('nom');
- $mail = $this->user->forlifeEmail();
- $sig = $nom." (".S::v('promo').")";
- $disp = 0;
- $maj = 1;
- $unread = 'o';
- $read = 'dg';
- }
- if ($maj) {
+ $infos = $this->fetchProfile();
+ if ($infos['maj']) {
$time = time();
}
// Build user profile
- $req = XDB::query("
- SELECT nom
- FROM {$globals->banana->table_prefix}abos
- LEFT JOIN {$globals->banana->table_prefix}list ON list.fid=abos.fid
- WHERE uid={?}", S::i('uid'));
- Banana::$profile['headers']['From'] = "$nom <$mail>";
+ $req = XDB::query("SELECT name
+ FROM forum_subs AS fs
+ LEFT JOIN forums AS f ON (f.fid = fs.fid)
+ WHERE uid={?}", $this->user->id());
+ Banana::$profile['headers']['From'] = $infos['name'] . ' <' . $infos['mail'] . '>';
Banana::$profile['headers']['Organization'] = make_Organization();
- Banana::$profile['signature'] = $sig;
- Banana::$profile['display'] = $disp;
- Banana::$profile['autoup'] = $maj;
+ Banana::$profile['signature'] = $infos['sig'];
+ Banana::$profile['display'] = $infos['threads'];
+ Banana::$profile['autoup'] = $infos['maj'];
Banana::$profile['lastnews'] = S::v('banana_last');
Banana::$profile['subscribe'] = $req->fetchColumn();
- Banana::$tree_unread = $unread;
- Banana::$tree_read = $read;
+ Banana::$tree_unread = $infos['tree_unread'];
+ Banana::$tree_read = $infos['tree_read'];
// Update the "unread limit"
if (!is_null($time)) {
- XDB::execute("UPDATE auth_user_quick
- SET banana_last = FROM_UNIXTIME({?})
- WHERE user_id={?}",
- $time, S::i('uid'));
+ XDB::execute('UPDATE forum_profiles
+ SET last_seen = FROM_UNIXTIME({?})
+ WHERE uid = {?}',
+ $time, $this->user->id());
+ if (XDB::affectedRows() == 0) {
+ XDB::execute('INSERT INTO forum_profiles (uid, last_seen)
+ VALUES ({?}, FROM_UNIXTIME({?}))',
+ $this->user->id(), $time);
+ }
}
if (!empty($GLOBALS['IS_XNET_SITE'])) {
public function post($dest, $reply, $subject, $body)
{
global $globals;
- $res = XDB::query('SELECT nom, prenom, promo
- FROM auth_user_md5 AS u
- WHERE u.user_id = {?}', $this->user->id());
- list($nom, $prenom, $promo) = $res->fetchOneRow();
- Banana::$profile['headers']['From'] = "$prenom $nom ($promo) <{$this->user->bestEmail()}>";
+ Banana::$profile['headers']['From'] = $this->user->fullName() . ' <' . $this->user->bestEmail() . '>';
Banana::$profile['headers']['Organization'] = make_Organization();
return parent::post($dest, $reply, $subject, $body);
}
protected function action_saveSubs($groups)
{
global $globals;
- $uid = S::v('uid');
+ $uid = $this->user->id();
Banana::$profile['subscribe'] = array();
- XDB::execute("DELETE FROM {$globals->banana->table_prefix}abos WHERE uid={?}", $uid);
+ XDB::execute('DELETE FROM forum_subs
+ WHERE uid = {?}', $this->user->id());
if (!count($groups)) {
return true;
}
- $req = XDB::iterRow("SELECT fid,nom FROM {$globals->banana->table_prefix}list");
- $fids = array();
- while (list($fid,$fnom) = $req->next()) {
- $fids[$fnom] = $fid;
- }
-
+ $fids = XDB::fetchAllAssoc('name', 'SELECT fid, name
+ FROM forums');
$diff = array_diff($groups, array_keys($fids));
foreach ($diff as $g) {
- XDB::execute("INSERT INTO {$globals->banana->table_prefix}list (nom) VALUES ({?})", $g);
+ XDB::execute('INSERT INTO forums (name)
+ VALUES ({?})', $g);
$fids[$g] = XDB::insertId();
}
foreach ($groups as $g) {
- XDB::execute("INSERT INTO {$globals->banana->table_prefix}abos (fid,uid) VALUES ({?},{?})",
+ XDB::execute('INSERT INTO forum_subs (fid, uid)
+ VALUES ({?}, {?})',
$fids[$g], $uid);
Banana::$profile['subscribe'][] = $g;
}
protected function action_updateProfile()
{
global $globals;
- $page = Platal::page();
+ $page =& Platal::page();
$colors = glob(dirname(__FILE__) . '/../../htdocs/images/banana/m2*.gif');
foreach ($colors as $key=>$path) {
if (Post::has('action') && Post::v('action') == 'Enregistrer') {
S::assert_xsrf_token();
- $flags = new FlagSet();
+ $flags = new PlFlagSet();
if (Post::b('bananadisplay')) {
$flags->addFlag('threads');
}
$read = Post::s('read');
if (!in_array($unread, $colors) || !in_array($read, $colors)) {
$page->trigError('Le choix de type pour l\'arborescence est invalide');
- } elseif (XDB::execute("REPLACE INTO forums.profils (uid, sig, mail, nom, flags, tree_unread, tree_read)
- VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?})",
- S::v('uid'), Post::v('bananasig'),
- Post::v('bananamail'), Post::v('banananame'),
- $flags, $unread, $read)) {
- $page->trigSuccess("Ton profil a été enregistré avec succès.");
} else {
- $page->trigError("Une erreur s'est produite lors de l'enregistrement de ton profil");
+ $last_seen = XDB::query('SELECT last_seen
+ FROM forum_profiles
+ WHERE uid = {?}', $this->user->id());
+ if ($last_seen->numRows() > 0) {
+ $last_seen = $last_seen->fetchOneCell();
+ } else {
+ $last_seen = '0000-00-00';
+ }
+ XDB::execute('REPLACE INTO forum_profiles (uid, sig, mail, name, flags, tree_unread, tree_read, last_seen)
+ VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})',
+ $this->user->id(), Post::v('bananasig'),
+ Post::v('bananamail'), Post::v('banananame'),
+ $flags, $unread, $read, $last_seen);
+ $page->trigSuccess('Ton profil a été mis à jour');
}
}
- $req = XDB::query("
- SELECT nom, mail, sig,
- FIND_IN_SET('threads', flags),
- FIND_IN_SET('automaj', flags),
- FIND_IN_SET('xface', flags),
- tree_unread,
- tree_read
- FROM forums.profils
- WHERE uid = {?}", S::v('uid'));
- if (!(list($nom, $mail, $sig, $disp, $maj, $xface, $unread, $read) = $req->fetchOneRow())) {
- $nom = S::v('prenom').' '.S::v('nom');
- $mail = S::user()->forlifeEmail();
- $sig = $nom.' ('.S::v('promo').')';
- $disp = 0;
- $maj = 0;
- $xface = 0;
- $unread = 'o';
- $read = 'dg';
- }
- $page->assign('nom' , $nom);
- $page->assign('mail', $mail);
- $page->assign('sig', $sig);
- $page->assign('disp', $disp);
- $page->assign('maj', $maj);
- $page->assign('xface', $xface);
- $page->assign('unread', $unread);
- $page->assign('read', $read);
+ $infos = $this->fetchProfile();
+ $page->assign('nom' , $infos['name']);
+ $page->assign('mail', $infos['mail']);
+ $page->assign('sig', $infos['sig']);
+ $page->assign('disp', $infos['threads']);
+ $page->assign('maj', $infos['maj']);
+ $page->assign('xface', $infos['xface']);
+ $page->assign('unread', $infos['tree_unread']);
+ $page->assign('read', $infos['tree_read']);
return null;
}
}
} else {
$group = '';
}
- return '/rss/' . $group . S::v('hruid') . '/' . S::v('core_rss_hash') . '/rss.xml';
+ return '/rss/' . $group . S::v('hruid') . '/' . S::s('token') . '/rss.xml';
}
function hook_platalMessageLink($params)
function hook_getXFace($headers)
{
- $login = @$headers['x-org-id'];
- if (!$login) {
- @list($login, ) = explode('@', $headers['x-org-mail']);
+ $login = null;
+ foreach (array('x-org-id', 'x-org-mail') as $key) {
+ if (isset($headers[$key])) {
+ $login = $headers[$key];
+ break;
+ }
}
- if (!$login) {
+ if (is_null($login)) {
+ // No login, fallback to default handler
return false;
}
if (isset($headers['x-face'])) {
- $res = XDB::query("SELECT p.uid
- FROM forums.profils AS p
- INNER JOIN aliases AS a ON (p.uid = a.id)
- WHERE FIND_IN_SET('xface', p.flags) AND a.alias = {?}",
- $login);
+ $user = User::getSilent($login);
+ $res = XDB::query('SELECT pf.uid
+ FROM forum_profiles AS pf
+ WHERE pf.uid = {?} AND FIND_IN_SET(\'xface\', pf.flags)',
+ $user->id());
if ($res->numRows()) {
+ // User wants his xface to be showed, fallback to default handler
return false;
}
}
function run_banana(&$page, $class, array $args)
{
- $banana = new $class(S::user(), $args);
+ $user =& S::user();
+ $banana = new $class($user, $args);
$page->assign('banana', $banana->run());
$page->addCssInline($banana->css());
$page->addCssLink('banana.css');
Banana::$msgshow_mimeparts[] = 'source';
}
array_push(Banana::$msgparse_headers, 'x-org-id', 'x-org-mail');
- if (!S::v('core_rss_hash')) {
- Banana::$feed_active = false;
- }
+ Banana::$feed_active = S::hasAuthToken();
MLBanana::$listname = $params['listname'];
MLBanana::$domain = $params['domain'];
Banana::$msgedit_headers['X-Org-Mail'] = $this->user->forlifeEmail();
// Tree color
- $req = XDB::query("SELECT tree_unread, tree_read
- FROM {$globals->banana->table_prefix}profils
- WHERE uid={?}", S::i('uid'));
+ $req = XDB::query('SELECT tree_unread, tree_read
+ FROM forum_profiles
+ WHERE uid= {?}', $this->user->id());
if (!(list($unread, $read) = $req->fetchOneRow())) {
$unread = 'o';
$read = 'dg';
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
-function fill_email_combobox(PlPage& $page)
+function fill_email_combobox(PlPage& $page, $user = null, $profile = null)
{
global $globals;
- $user = S::user();
+ if (is_null($user) && is_null($profile)) {
+ $user = S::user();
+ $profile = $user->profile();
+ }
$email_type = "directory";
- $res = XDB::query(
- "SELECT email_directory
- FROM profile_directory
- WHERE uid = {?}", $user->id());
- $email_directory = $res->fetchOneCell();
- if ($email_directory) {
- $page->assign('email_directory', $email_directory);
- list($alias, $domain) = explode('@', $email_directory);
- } else {
- $page->assign('email_directory', '');
- $email_type = NULL;
- $alias = $domain = '';
+ if ($profile) {
+ $res = XDB::query(
+ "SELECT email_directory
+ FROM profile_directory
+ WHERE uid = {?}", $profile->id());
+ $email_directory = $res->fetchOneCell();
+ if ($email_directory) {
+ $page->assign('email_directory', $email_directory);
+ list($alias, $domain) = explode('@', $email_directory);
+ } else {
+ $page->assign('email_directory', '');
+ $email_type = NULL;
+ $alias = $domain = '';
+ }
}
- $res = XDB::query(
- "SELECT alias
- FROM virtual
- INNER JOIN virtual_redirect USING(vid)
- WHERE (redirect = {?} OR redirect = {?})
- AND alias LIKE '%@{$globals->mail->alias_dom}'",
- $user->forlifeEmail(),
- // TODO: remove this über-ugly hack. The issue is that you need
- // to remove all @m4x.org addresses in virtual_redirect first.
- $user->login() . '@' . $globals->mail->domain2);
- $melix = $res->fetchOneCell();
- if ($melix) {
- list($melix) = explode('@', $melix);
- $page->assign('melix', $melix);
- if (($domain == $globals->mail->alias_dom) || ($domain == $globals->mail->alias_dom2)) {
- $email_type = "melix";
+ if ($user) {
+ $melix = $user->emailAlias();
+ if ($melix) {
+ list($melix) = explode('@', $melix);
+ $page->assign('melix', $melix);
+ if (($domain == $globals->mail->alias_dom) || ($domain == $globals->mail->alias_dom2)) {
+ $email_type = "melix";
+ }
}
- }
- $res = XDB::query(
- "SELECT alias
- FROM aliases
- WHERE id={?} AND (type='a_vie' OR type='alias')", $user->id());
- $res = $res->fetchAllAssoc();
- $page->assign('list_email_X', $res);
- if (($domain == $globals->mail->domain) || ($domain == $globals->mail->domain2)) {
- foreach ($res as $res_it) {
- if ($alias == $res_it['alias']) {
- $email_type = "X";
+ $res = XDB::query(
+ "SELECT alias
+ FROM aliases
+ WHERE id={?} AND (type='a_vie' OR type='alias')", $user->id());
+ $res = $res->fetchAllAssoc();
+ $page->assign('list_email_X', $res);
+ if (($domain == $globals->mail->domain) || ($domain == $globals->mail->domain2)) {
+ foreach ($res as $res_it) {
+ if ($alias == $res_it['alias']) {
+ $email_type = "X";
+ }
}
}
- }
- require_once 'emails.inc.php';
- $redirect = new Redirect($user);
- $redir = array();
- foreach ($redirect->emails as $redirect_it) {
- if ($redirect_it instanceof EmailRedirection) {
- $redir[] = $redirect_it->email;
- if ($email_directory == $redirect_it->email) {
- $email_type = "redir";
+ require_once 'emails.inc.php';
+ $redirect = new Redirect($user);
+ $redir = array();
+ foreach ($redirect->emails as $redirect_it) {
+ if ($redirect_it instanceof EmailRedirection) {
+ $redir[] = $redirect_it->email;
+ if ($email_directory == $redirect_it->email) {
+ $email_type = "redir";
+ }
}
}
- }
- $page->assign('list_email_redir', $redir);
+ $page->assign('list_email_redir', $redir);
- $res = XDB::query(
- "SELECT email
- FROM profile_job
- WHERE uid = {?}", $user->id());
- $res = $res->fetchAllAssoc();
- $pro = array();
- foreach ($res as $res_it) {
- if ($res_it['email'] != '') {
- $pro[] = $res_it['email'];
- if ($email_directory == $res_it['email']) {
- $email_type = "pro";
+ $res = XDB::query(
+ "SELECT email
+ FROM profile_job
+ WHERE uid = {?}", $user->id());
+ $res = $res->fetchAllAssoc();
+ $pro = array();
+ foreach ($res as $res_it) {
+ if ($res_it['email'] != '') {
+ $pro[] = $res_it['email'];
+ if ($email_directory == $res_it['email']) {
+ $email_type = "pro";
+ }
}
}
- }
- $page->assign('list_email_pro', $pro);
+ $page->assign('list_email_pro', $pro);
+ $page->assign('email_type', $email_type);
- $page->assign('email_type', $email_type);
+ } else {
+ $page->assign('list_email_X', array());
+ $page->assign('list_email_redir', array());
+ $page->assign('list_email_pro', array());
+ }
}
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
// Retrieves the current list of actives storages.
private function get_storages()
{
- $res = XDB::query("SELECT mail_storage
- FROM auth_user_md5
- WHERE user_id = {?}", $this->user->id());
- return new PlFlagSet($res->fetchOneCell());
+ return new PlFlagSet(XDB::fetchOneCell('SELECT storage
+ FROM email_options
+ WHERE uid = {?}',
+ $this->user->id()));
}
// Updates the list of active storages.
private function set_storages($storages)
{
- XDB::execute("UPDATE auth_user_md5
- SET mail_storage = {?}
- WHERE user_id = {?}", $storages, $this->user->id());
+ XDB::execute("UPDATE email_options
+ SET storage = {?}
+ WHERE uid = {?}", $storages, $this->user->id());
}
// Returns the list of allowed storages for the @p user.
}
// Sends the 'account created' email to the user, with basic documentation.
- $res = XDB::query(
- "SELECT FIND_IN_SET('femme', u.flags), prenom
- FROM auth_user_md5 AS u
- WHERE u.user_id = {?}", $user->id());
- list($sexe, $prenom) = $res->fetchOneRow();
-
$mailer = new PlMailer('googleapps/create.mail.tpl');
$mailer->assign('account', $account);
$mailer->assign('email', $user->bestEmail());
$mailer->assign('googleapps_domain', $globals->mailstorage->googleapps_domain);
- $mailer->assign('prenom', $prenom);
- $mailer->assign('sexe', $sexe);
+ $mailer->assign('prenom', $user->displayName());
+ $mailer->assign('sexe', $user->isFemale());
$mailer->send();
}
}
// Sends an email to the account owner.
- $res = XDB::query(
- "SELECT FIND_IN_SET('femme', u.flags), prenom
- FROM auth_user_md5 AS u
- WHERE u.user_id = {?}", $user->id());
- list($sexe, $prenom) = $res->fetchOneRow();
-
$mailer = new PlMailer('googleapps/unsuspend.mail.tpl');
$mailer->assign('account', $account);
$mailer->assign('email', $user->bestEmail());
- $mailer->assign('prenom', $prenom);
- $mailer->assign('sexe', $sexe);
+ $mailer->assign('prenom', $user->displayName());
+ $mailer->assign('sexe', $user->isFemale());
$mailer->send();
}
}
if ($this->sync_password) {
$res = XDB::query(
"SELECT password
- FROM auth_user_md5
- WHERE user_id = {?}", $this->user->id());
+ FROM accounts
+ WHERE uid = {?}", $this->user->id());
$password = ($res->numRows() > 0 ? $res->fetchOneCell() : false);
} else {
$password = false;
if (!$this->pending_create) {
// Retrieves information on the new account.
+ // TODO: retreive first_name and last_name from the profile.
$res = XDB::query(
"SELECT nom, nom_usage, prenom
FROM auth_user_md5
return false;
}
- require_once('secure_hash.inc.php');
$hash = rand_url_id(12);
$pass = rand_pass();
- $pass_encrypted = hash_encrypt($pass);
+ $pass_encrypted = sha1($pass);
$fdate = strftime('%d %B %Y', strtotime($date));
$mymail = new PlMailer('marketing/relance.mail.tpl');
return $mail ? $this->_title_mail : $this->_title;
}
- public function head($prenom = null, $nom = null, $sexe = null, $type = 'text')
+ public function head($user = null, $type = 'text')
{
- if (is_null($prenom)) {
+ if (is_null($user)) {
return $this->_head;
} else {
$head = $this->_head;
- $head = str_replace('<cher>', $sexe ? 'Chère' : 'Cher', $head);
- $head = str_replace('<prenom>', $prenom, $head);
- $head = str_replace('<nom>', $nom, $head);
+ $head = str_replace('<cher>', $user->isFemale() ? 'Chère' : 'Cher', $head);
+ $head = str_replace('<prenom>', $user->displayName(), $head);
+ $head = str_replace('<nom>', '', $head);
return format_text($head, $type, 2, 64);
}
}
}
}
- public function toText(&$page, $prenom, $nom, $sexe)
+ public function toText(&$page, $user)
{
$this->css($page);
$page->assign('is_mail', false);
$page->assign('mail_part', 'text');
- $page->assign('prenom', $prenom);
- $page->assign('nom', $nom);
- $page->assign('sexe', $sexe);
+ $page->assign('user', $user);
$this->assignData($page);
}
- public function toHtml(&$page, $prenom, $nom, $sexe)
+ public function toHtml(&$page, $user)
{
$this->css($page);
$page->assign('prefix', $this->_prefix . '/' . $this->id());
$page->assign('is_mail', false);
$page->assign('mail_part', 'html');
- $page->assign('prenom', $prenom);
- $page->assign('nom', $nom);
- $page->assign('sexe', $sexe);
+ $page->assign('user', $user);
$this->assignData($page);
}
return $hash;
}
- public function sendTo($hruid, $email, $prenom, $nom, $sexe, $html, $hash = 0)
+ public function sendTo($user, $hash = null)
{
- // If $email is not a real email address, tries to compute it up from
- // the hruid. Otherwise, we suppose that caller will have used a valid
- // and canonical email address.
- if (strpos($email, '@') === false) {
- if (!($user = User::getSilent($email))) {
- Platal::page()->trigError("'$email' is neither a valid email address nor a valid login; did not send the email.");
- }
- $email = $user->bestEmail();
+ if (is_null($hash)) {
+ $hash = XDB::fetchOneCell("SELECT hash
+ FROM {$this->_subscriptionTable}
+ WHERE user_id = {?}", $user->id());
}
-
- if ($hruid && (is_null($hash) || $hash == 0)) {
- $hash = $this->createHash(array($email, $prenom, $nom, $sexe, $html, rand(), "X.org rulez"));
- XDB::query("UPDATE {$this->_subscriptionTable} as ni
- INNER JOIN auth_user_md5 AS u USING (user_id)
- SET ni.hash = {?}
- WHERE ni.user_id != 0 AND u.hruid = {?}",
- $hash, $hruid);
+ if (is_null($hash)) {
+ $hash = $this->createHash(array($user->displayName(), $user->fullName(),
+ $user->isFemale(), $user->isEmailFormatHtml(),
+ rand(), "X.org rulez"));
+ XDB::execute("UPDATE {$this->_subscriptionTable} as ni
+ SET ni.hash = {?}
+ WHERE ni.user_id != {?}",
+ $hash, $user->id());
}
$mailer = new PlMailer($this->_tpl);
$this->assignData($mailer);
$mailer->assign('is_mail', true);
- $mailer->assign('prenom', $prenom);
- $mailer->assign('nom', $nom);
- $mailer->assign('sexe', $sexe);
+ $mailer->assign('user', $user);
$mailer->assign('prefix', null);
$mailer->assign('hash', $hash);
- $mailer->assign('email', $email);
- $mailer->assign('alias', $hruid);
- $mailer->addTo("\"$prenom $nom\" <$email>");
- $mailer->send($html);
+ $mailer->addTo('"' . $user->fullName() . '" <' . $user->bestEmail() . '>');
+ $mailer->send($user->isEmailFormatHtml());
}
protected function getAllRecipients()
{
global $globals;
- return "SELECT u.user_id, u.hruid, CONCAT(a.alias, '@{$globals->mail->domain}'),
- u.prenom, IF(u.nom_usage='', u.nom, u.nom_usage),
- FIND_IN_SET('femme', u.flags),
- q.core_mail_fmt AS pref, ni.hash AS hash
+ return "SELECT a.uid, a.hruid, a.display_name, a.full_name, a.email_format,
+ ni.hash AS hash
FROM {$this->_subscriptionTable} AS ni
- INNER JOIN auth_user_md5 AS u USING(user_id)
- INNER JOIN auth_user_quick AS q ON(q.user_id = u.user_id)
- INNER JOIN aliases AS a ON(u.user_id=a.id AND FIND_IN_SET('bestalias',a.flags))
- LEFT JOIN emails AS e ON(e.uid=u.user_id AND e.flags='active')
+ INNER JOIN accounts AS a ON (ni.user_id = a.uid)
+ LEFT JOIN email_options AS eo ON (eo.uid = a.uid)
+ LEFT JOIN emails AS e ON (e.uid = a.uid AND e.flags='active')
WHERE ni.last < {?} AND ({$this->subscriptionWhere()}) AND
- (e.email IS NOT NULL OR FIND_IN_SET('googleapps', u.mail_storage))
- GROUP BY u.user_id";
+ (e.email IS NOT NULL OR FIND_IN_SET('googleapps', eo.storage))
+ GROUP BY a.uid";
}
public function sendToAll()
{
$this->setSent();
- $query = $this->getAllRecipients() . " LIMIT {?}";
+ $query = XDB::format($this->getAllRecipients(), $this->id()) . ' LIMIT 60';
while (true) {
- $res = XDB::iterRow($query, $this->_id, 60);
+ $res = XDB::iterRow($query);
if (!$res->total()) {
return;
}
- $sent = array();
- while (list($uid, $hruid, $email, $prenom, $nom, $sexe, $fmt, $hash) = $res->next()) {
- $sent[] = "(user_id='$uid'" . (!$uid ? " AND email='$email')": ')');
- $this->sendTo($hruid, $email, $prenom, $nom, $sexe, $fmt=='html', $hash);
+ while ($infos = $res->next()) {
+ $user = User::getSilentWithValues(null, $infos);
+ $sent[] = XDB::format('user_id = {?}', $user->id());
+ $this->sendTo($user, $hash);
}
XDB::execute("UPDATE {$this->_subscriptionTable}
SET last = {?}
function inscription_notifs_base($uid)
{
- XDB::execute('REPLACE INTO watch_sub (uid,cid) SELECT {?},id FROM watch_cat', $uid);
+ XDB::execute('REPLACE INTO watch_sub (uid, cid)
+ SELECT {?}, id
+ FROM watch_cat', $uid);
}
// }}}
function register_watch_op($uid, $cid, $date='', $info='')
{
+ // XXX
+ // TODO: Find out whether uid is a user or a profile!!!
+ // XXX
if (empty($date)) {
$date = date('Y-m-d');
- };
- XDB::execute('REPLACE INTO watch_ops (uid,cid,known,date,info)
+ }
+ XDB::execute('REPLACE INTO watch_ops (uid, cid, known, date, info)
VALUES ({?}, {?}, NOW(), {?}, {?})',
$uid, $cid, $date, $info);
if($cid == WATCH_FICHE) {
if ($info) {
register_profile_update($uid, $info);
}
- XDB::execute('UPDATE auth_user_md5 SET DATE=NOW() WHERE user_id={?}', $uid);
+ XDB::execute('UPDATE profiles
+ SET last_change = NOW()
+ WHERE pid = {?}', $uid);
} elseif($cid == WATCH_INSCR) {
XDB::execute('REPLACE INTO contacts (uid,contact)
- SELECT uid,ni_id
+ SELECT uid, ni_id
FROM watch_nonins
- WHERE ni_id={?}', $uid);
- XDB::execute('DELETE FROM watch_nonins WHERE ni_id={?}', $uid);
+ WHERE ni_id = {?}', $uid);
+ XDB::execute('DELETE FROM watch_nonins
+ WHERE ni_id = {?}', $uid);
}
Platal::session()->updateNbNotifs();
}
}
if($up) {
- XDB::execute('UPDATE auth_user_quick SET watch_last=NOW() WHERE user_id={?}', $uid);
+ XDB::execute('UPDATE watch
+ SET last = NOW()
+ WHERE uid = {?}', $uid);
}
}
}
$this->_promos = new PromoNotifs($uid);
$this->_nonins = new NoninsNotifs($uid);
$this->_subs = new WatchSub($uid);
- $res = XDB::query("SELECT FIND_IN_SET('contacts',watch_flags),FIND_IN_SET('mail',watch_flags)
- FROM auth_user_quick
- WHERE user_id={?}", $uid);
- list($this->watch_contacts,$this->watch_mail) = $res->fetchOneRow();
+ $res = XDB::query('SELECT FIND_IN_SET(\'contacts\', flags),
+ FIND_IN_SET(\'mail\', flags)
+ FROM watch
+ WHERE uid = {?}', $uid);
+ list($this->watch_contacts, $this->watch_mail) = $res->fetchOneRow();
- $res = XDB::iterator("SELECT * FROM watch_cat");
- while($tmp = $res->next()) {
- $this->_cats[$tmp['id']] = $tmp;
- }
+ $this->_cats = XDB::fetchAllAssoc('id', 'SELECT * FROM watch_cat');
}
public function saveFlags()
{
- $flags = "";
- if ($this->watch_contacts)
- $flags = "contacts";
- if ($this->watch_mail)
- $flags .= ($flags ? ',' : '')."mail";
- XDB::execute('UPDATE auth_user_quick SET watch_flags={?} WHERE user_id={?}',
- $flags, $this->_uid);
+ $flags = new PlFlagSet();
+ $flags->addFlag('contacts', $this->watch_contacts);
+ $flags->addFlag('mail', $this->watch_mail);
+ XDB::execute('UPDATE watch
+ SET flags = {?}
+ WHERE uid = {?}',
+ $flags, $this->_uid);
}
public function cats()
public function add($p)
{
XDB::execute('INSERT INTO watch_nonins (uid,ni_id) VALUES({?},{?})', $this->_uid, $p);
- $res = XDB::query('SELECT prenom,IF(nom_usage="",nom,nom_usage) AS nom,promo,user_id
+ $res = XDB::query('SELECT prenom, IF(nom_usage="",nom,nom_usage) AS nom,promo,user_id
FROM auth_user_md5
WHERE user_id={?}', $p);
$this->_data["$p"] = $res->fetchOneAssoc();
+++ /dev/null
-<?php
-/***************************************************************************
- * Copyright (C) 2003-2009 Polytechnique.org *
- * http://opensource.polytechnique.org/ *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the Free Software *
- * Foundation, Inc., *
- * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
- ***************************************************************************/
-
-function hash_encrypt($s) {
- return sha1($s);
-}
-
-function hash_xor($a, $b) {
- $c = "";
- $i = strlen($a);
- $j = strlen($b);
- if ($i < $j) {
- $d = $a; $a = $b; $b = $d;
- $k = $i; $i = $j; $j = $k;
- }
- for ($k = 0; $k < $j; $k++)
- $c .= dechex(hexdec($a{$k}) ^ hexdec($b{$k}));
- for (; $k < $i; $k++)
- $c .= $a{$k};
- return $c;
-}
-// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
-?>
if ($really_del) {
array_push($tables_to_clear['uid'], 'emails', 'groupex.membres', 'contacts', 'adresses', 'profile_phones',
- 'photo', 'perte_pass', 'langues_ins', 'forums.abos', 'forums.profils');
+ 'photo', 'perte_pass', 'langues_ins', 'forum_subs', 'forum_profiles');
array_push($tables_to_clear['user_id'], 'newsletter_ins', 'auth_user_quick', 'binets_ins');
$tables_to_clear['id'] = array('aliases');
$tables_to_clear['contact'] = array('contacts');
$this->stamp = date('YmdHis');
$this->unique = $_unique;
$this->type = $_type;
- $res = XDB::query("SELECT promo
- FROM profile_display
- WHERE pid={?}", $this->user->id());
- $this->promo = $res->fetchOneCell();
+ $this->promo = $this->user->promo();
}
// }}}
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
-// {{{ class AliasReq
-
+// class AliasReq {{{1
class AliasReq extends Validate
{
- // {{{ properties
-
+ // properties {{{2
public $alias;
public $raison;
public $unique = true;
- public $old='';
- public $public='private';
+ public $old = '';
+ public $public = 'private';
public $rules = "Interdire ce qui peut nous servir (virus@, postmaster@, ...),
les alias vulgaires, et les prenom.nom (sauf si c'est pour l'utilisateur prenom.nom).
Pas de contrainte pour les tirets ou les points, en revanche le souligné (_) est interdit";
- // }}}
- // {{{ constructor
-
+ // constructor {{{2
public function __construct(User &$_user, $_alias, $_raison, $_public, $_stamp=0)
{
global $globals;
$this->alias = $_alias.'@'.$globals->mail->alias_dom;
$this->raison = $_raison;
$this->public = $_public;
-
- $res = XDB::query("
- SELECT v.alias
- FROM virtual_redirect AS vr
- INNER JOIN virtual AS v ON (v.vid=vr.vid AND v.alias LIKE '%@{$globals->mail->alias_dom}')
- WHERE vr.redirect = {?} OR vr.redirect = {?}",
- $this->user->forlifeEmail(),
- // TODO: remove this über-ugly hack. The issue is that you need
- // to remove all @m4x.org addresses in virtual_redirect first.
- $this->user->login() . '@' . $globals->mail->domain2);
- $this->old = $res->fetchOneCell();
+ $this->old = $user->emailAlias();
if (empty($this->old)) {
unset($this->old);
}
}
- // }}}
- // {{{ function get_request()
-
+ // function get_request() {{{2
static public function get_request($uid)
{
return parent::get_typed_request($uid, 'alias');
}
- // }}}
- // {{{ function formu()
-
+ // function formu() {{{2
public function formu()
{
return 'include/form.valid.aliases.tpl';
}
- // }}}
- // {{{ function _mail_subj
-
+ // function _mail_subj {{{2
protected function _mail_subj()
{
return "[Polytechnique.org/MELIX] Demande de l'alias {$this->alias}";
}
- // }}}
- // {{{ function _mail_body
-
+ // function _mail_body {{{2
protected function _mail_body($isok)
{
if ($isok) {
- return " L'adresse email {$this->alias} que tu avais demandée vient d'être créée, tu peux désormais l'utiliser à ta convenance.".(($this->public == 'public')?" A ta demande, cette adresse apparaît maintenant sur ta fiche.":"");
+ return " L'adresse email {$this->alias} que tu avais demandée vient d'être créée, tu peux désormais l'utiliser à ta convenance."
+ . ($this->public == 'public' ? ' A ta demande, cette adresse apparaît maintenant sur ta fiche.' : '');
} else {
return " La demande que tu avais faite pour l'alias {$this->alias} a été refusée.";
}
}
- // }}}
- // {{{ function shorter_domain
-
- private function shorter_domain()
+ // function commit() {{{2
+ public function commit()
{
- global $globals;
-
- $mail = $globals->mail;
-
- if (empty($mail->domain2) || strlen($mail->domain2) > strlen($mail->domain)) {
- return $mail->domain;
- } else {
- return $mail->domain2;
+ if ($this->user->hasProfile()) {
+ XDB::execute('UPDATE profiles
+ SET alias_pub = {?}
+ WHERE pid = {?}',
+ $this->public, $this->user->profile()->id());
}
- }
-
- // }}}
- // {{{ function commit()
-
- public function commit ()
- {
- XDB::execute("UPDATE auth_user_quick SET emails_alias_pub = {?} WHERE user_id = {?}",
- $this->public, $this->user->id());
if ($this->old) {
- return XDB::execute("UPDATE virtual SET alias = {?} WHERE alias = {?}",
+ return XDB::execute('UPDATE virtual
+ SET alias = {?}
+ WHERE alias = {?}',
$this->alias, $this->old);
} else {
- XDB::execute("INSERT INTO virtual SET alias = {?},type='user'", $this->alias);
+ XDB::execute('INSERT INTO virtual
+ SET alias = {?}, type=\'user\'',
+ $this->alias);
$vid = XDB::insertId();
- return XDB::query("INSERT INTO virtual_redirect (vid,redirect) VALUES ({?}, {?})",
- $vid, $this->user->forlifeEmail());
+ return XDB::execute('INSERT INTO virtual_redirect (vid, redirect)
+ VALUES ({?}, {?})',
+ $vid, $this->user->forlifeEmail());
}
}
-
- // }}}
}
-// }}}
-
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
?>
public function commit()
{
- require_once('homonymes.inc.php');
-
- switch_bestalias($this->user->id(), $this->loginbis);
+ Platal::load('admin', 'homonyms.inc.php');
+ switch_bestalias($this->user, $this->loginbis);
if (!$this->warning) {
XDB::execute("UPDATE aliases SET type = 'homonyme', expire = NOW() WHERE alias = {?}", $this->loginbis);
XDB::execute("REPLACE INTO homonymes (homonyme_id, user_id) VALUES({?}, {?})", $this->user->id(), $this->user->id());
return 1;
}
- $list = new MMList(S::user()->id(), S::v('password'), $this->domain);
+ $list = new MMList(S::user()->id(), $this->domain);
$ret = $list->create_list($this->liste, utf8_decode($this->desc), $this->advertise,
$this->modlevel, $this->inslevel,
$this->owners, $this->members);
public function addUser($user)
{
- $user = User::getSilent($user);
+ $user = Profile::get($user);
if ($user) {
$this->user_list[] = $user;
$this->count++;
{
global $globals;
$login = $entry['value'];
- $user = get_user_details($login->login());
+ $user = get_user_details($login->hrid());
if (empty($user['nom_usage'])) {
$entry = new PlVCardEntry($user['prenom'], $user['nom'], null, null, @$user['nickname']);
// Melix
$res = XDB::query(
"SELECT alias
- FROM virtual
- INNER JOIN virtual_redirect USING(vid)
+ FROM virtual AS v
+ INNER JOIN virtual_redirect AS vr ON (v.vid = vr.vid)
INNER JOIN auth_user_quick ON ( user_id = {?} AND emails_alias_pub = 'public' )
WHERE ( redirect={?} OR redirect={?} )
AND alias LIKE '%@{$globals->mail->alias_dom}'",
function doPlatalLink($link, $text)
{
if (strlen(trim($text)) == 0) {
- $res = XDB::query("SELECT u.nom, u.prenom, u.promo, q.profile_nick AS surnom
- FROM auth_user_md5 AS u
- INNER JOIN auth_user_quick AS q USING(user_id)
- INNER JOIN aliases AS a ON u.user_id = a.id
- WHERE a.alias = {?}", $link);
- $row = $res->fetchOneAssoc();
- $text = $row['prenom'] . ' ' . $row['nom'] . ' X' . $row['promo'];
- if ($row['surnom']) {
- $text .= ' (alias ' . $row['surnom'] . ')';
- }
+ $user = User::get($link);
+ $text = $user->fullName();
}
return '<a href="profile/' . $link . '" class="popup2">' . $text . '</a>';
}
{
return array(
'phpinfo' => $this->make_hook('phpinfo', AUTH_MDP, 'admin'),
+ 'get_rights' => $this->make_hook('get_rights', AUTH_MDP, 'admin'),
'admin' => $this->make_hook('default', AUTH_MDP, 'admin'),
'admin/ax-xorg' => $this->make_hook('ax_xorg', AUTH_MDP, 'admin'),
'admin/dead-but-active' => $this->make_hook('dead_but_active', AUTH_MDP, 'admin'),
'admin/ipwatch' => $this->make_hook('ipwatch', AUTH_MDP, 'admin'),
'admin/icons' => $this->make_hook('icons', AUTH_MDP, 'admin'),
'admin/accounts' => $this->make_hook('accounts', AUTH_MDP, 'admin'),
+ 'admin/account/types' => $this->make_hook('account_types', AUTH_MDP, 'admin'),
);
}
exit;
}
+ function handler_get_rights(&$page, $level)
+ {
+ if (S::suid()) {
+ $page->kill('Déjà en SUID');
+ }
+ $user =& S::user();
+ Platal::session()->startSUID($user, $level);
+
+ pl_redirect('/');
+ }
+
function handler_default(&$page)
{
$page->changeTpl('admin/index.tpl');
{
global $globals;
$page->changeTpl('admin/utilisateurs.tpl');
- $page->setTitle('Administration - Edit/Su/Log');
- require_once("emails.inc.php");
+ $page->setTitle('Administration - Compte');
- if (S::has('suid')) {
+ if (S::suid()) {
$page->kill("Déjà en SUID !!!");
}
// Loads the user identity using the environment.
- if ($login) {
- $user = User::get($login);
- } else if (Env::has('user_id')) {
- $user = User::get(Env::i('user_id'));
- } else if (Env::has('login')) {
- $user = User::get(Env::v('login'));
- }
+ $user = User::get($login);
+ $login = $user->login();
+ $registered = ($user->state != 'pending');
- if ($user) {
- $login = $user->login();
- $registered = ($user->forlifeEmail() != null);
- } else {
- return;
+ // Form processing
+ if (!empty($_POST)) {
+ S::assert_xsrf_token();
+ if (Post::has('uid') && Post::i('uid') != $user->id()) {
+ $page->kill('Une erreur s\'est produite');
+ }
}
// Handles specific requests (AX sync, su, ...).
- if(Env::has('logs_button') && $registered) {
+ if(Post::has('logs_account')) {
pl_redirect("admin/logger?loguser=$login&year=".date('Y')."&month=".date('m'));
}
- if (Env::has('ax_button') && $registered) {
- pl_redirect("admin/synchro_ax/" . $user->login());
- }
-
- if(Env::has('suid_button') && $registered) {
- S::logger()->log("suid_start", "login on " . $user->login());
- if (!Platal::session()->startSUID($user->id())) {
- $page->trigError('Impossible d\'effectuer un SUID sur ' . $user->id());
+ if(Post::has('su_button') && $registered) {
+ if (!Platal::session()->startSUID($user)) {
+ $page->trigError('Impossible d\'effectuer un SUID sur ' . $user->login());
} else {
pl_redirect("");
}
}
- // Fetches user data.
- $userinfo_query = "SELECT *, FIND_IN_SET('watch', flags) AS watch, FIND_IN_SET('femme', flags) AS sexe,
- (year(naissance) > promo - 15 or year(naissance) < promo - 25) AS naiss_err
- FROM auth_user_md5
- WHERE user_id = {?}";
- $mr = XDB::query($userinfo_query, $user->id())->fetchOneAssoc();
- $redirect = ($registered ? new Redirect($user) : null);
-
- // Processes admin requests, if any.
- foreach($_POST as $key => $val) {
- S::assert_xsrf_token();
-
- switch ($key) {
- // Email redirection actions.
- case "add_fwd":
- $email = trim(Env::v('email'));
- if (!isvalid_email_redirection($email)) {
- $page->trigError("Email non valide: $email");
- } else {
- $redirect->add_email($email);
- $page->trigSuccess("Ajout de $email effectué");
- }
- break;
-
- case "del_fwd":
- if (!empty($val)) {
- $redirect->delete_email($val);
- }
- break;
-
- case "activate_fwd":
- if (!empty($val)) {
- $redirect->modify_one_email($val, true);
- }
- break;
- case "deactivate_fwd":
- if (!empty($val)) {
- $redirect->modify_one_email($val, false);
- }
- break;
- case "disable_fwd":
- $redirect->disable();
- break;
- case "enable_fwd":
- $redirect->enable();
- break;
- case "clean_fwd":
- if (!empty($val)) {
- $redirect->clean_errors($val);
- }
- break;
-
- // Alias actions.
- case "add_alias":
- global $globals;
-
- // Splits new alias in user and fqdn.
- $alias = trim(Env::v('email'));
- if (strpos($alias, '@') !== false) {
- list($alias, $domain) = explode('@', $alias);
- } else {
- $domain = $globals->mail->domain;
- }
-
- // Checks for alias' user validity.
- if (!preg_match('/[-a-z0-9\.]+/s', $alias)) {
- $page->trigError("'$alias' n'est pas un alias valide");
- }
-
- // Eventually adds the alias to the right domain.
- if ($domain == $globals->mail->alias_dom || $domain == $globals->mail->alias_dom2) {
- $req = new AliasReq($user, $alias, 'Admin request', false);
- if ($req->commit()) {
- $page->trigSuccess("Nouvel alias '$alias@$domain' attribué");
- } else {
- $page->trigError("Impossible d'ajouter l'alias '$alias@$domain', il est probablement déjà attribué");
- }
- } elseif ($domain == $globals->mail->domain || $domain == $globals->mail->domain2) {
- $res = XDB::execute("INSERT INTO aliases (id,alias,type) VALUES ({?}, {?}, 'alias')",
- $user->id(), $alias);
- if ($res) {
- $page->trigSuccess("Nouvel alias '$alias' ajouté");
- } else {
- $page->trigError("Impossible d'ajouter l'alias '$alias', il est probablement déjà attribué");
- }
- } else {
- $page->trigError("Le domaine '$domain' n'est pas valide");
- }
- break;
-
- case "del_alias":
- if (!empty($val)) {
- XDB::execute("DELETE FROM aliases
- WHERE id = {?} AND alias = {?} AND
- type NOT IN ('a_vie', 'homonyme')",
- $user->id(), $val);
- XDB::execute("UPDATE emails
- SET rewrite = ''
- WHERE uid = {?} AND rewrite LIKE CONCAT({?}, '@%')",
- $user->id(), $val);
- fix_bestalias($user);
- $page->trigSuccess("L'alias '$val' a été supprimé");
- }
- break;
-
- case "best":
- XDB::execute("UPDATE aliases
- SET flags = TRIM(BOTH ',' FROM REPLACE(CONCAT(',', flags, ','), ',bestalias,', ','))
- WHERE id = {?}", $user->id());
- XDB::execute("UPDATE aliases
- SET flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'bestalias')
- WHERE id = {?} AND alias = {?}", $user->id(), $val);
-
- // As having a non-null bestalias value is critical in
- // plat/al's code, we do an a posteriori check on the
- // validity of the bestalias.
- fix_bestalias($user);
- break;
-
- // Profile edition.
- case "u_edit":
- // Loads new values from environment.
- require_once('secure_hash.inc.php');
- $pass_encrypted = Env::v('newpass_clair') != "********" ? hash_encrypt(Env::v('newpass_clair')) : Env::v('passw');
- $naiss = Env::v('naissanceN');
- $deces = Env::v('decesN');
- $perms = Env::v('permsN');
- $prenom = Env::v('prenomN');
- $nom = Env::v('nomN');
- $nomusage = Env::v('nomusageN');
- $promo = Env::i('promoN');
- $sexe = Env::v('sexeN');
- $comm = trim(Env::v('commentN'));
- $watch = Env::v('watchN');
-
- $flags = ($sexe ? 'femme' : '');
- if ($watch) {
- $flags .= ($flags ? ',watch' : 'watch');
- }
- if ($watch && !$comm) {
- $page->trigError("Il est nécessaire de mettre un commentaire pour surveiller un compte");
- break;
- }
-
- // Fetches fields to watch for changes.
- $watch_query = "SELECT naissance, deces, password, perms, nom_usage,
- prenom, nom, flags, promo, comment
- FROM auth_user_md5
- WHERE user_id = {?}";
- $old_fields = XDB::query($watch_query, $user->id())->fetchOneAssoc();
-
- // If user was newly banned, we need to ensure her php session
- // is killed. This hack is ugly (and largely overkill); it should
- // however suits our needs.
- if ($perms == 'disabled' && $old_fields['perms'] != 'disabled') {
- kill_sessions();
- }
-
- // Updates the user profile with the new values.
- $res = XDB::execute("UPDATE auth_user_md5
- SET naissance = {?}, deces = {?}, password = {?},
- perms = {?}, prenom = {?}, nom = {?}, nom_usage = {?},
- flags = {?}, promo = {?}, comment = {?}
- WHERE user_id = {?}",
- $naiss, $deces, $pass_encrypted,
- $perms, $prenom, $nom, $nomusage,
- $flags, $promo, $comm, $user->id());
- if ($res) {
- require_once("user.func.inc.php");
- user_reindex($user->id());
- $new_fields = XDB::query($watch_query, $user->id())->fetchOneAssoc();
-
- $mailer = new PlMailer("admin/useredit.mail.tpl");
- $mailer->assign("admin", S::user()->login());
- $mailer->assign("user", $user->login());
- $mailer->assign('old', $old_fields);
- $mailer->assign('new', $new_fields);
- $mailer->send();
-
- $globals->updateNbIns();
- $page->trigSuccess("Update was successful.");
- } else {
- $page->trigError("Update failed, please double check your values.");
- }
-
- // Checks for changes, and updates other tables of plat/al.
- if (Env::v('nomusageN') != $mr['nom_usage']) {
- set_new_usage($user->id(), Env::v('nomusageN'), make_username(Env::v('prenomN'), Env::v('nomusageN')));
- }
- if (Env::v('decesN') != $mr['deces']) {
- require_once 'notifs.inc.php';
- register_watch_op($user->id(), WATCH_DEATH, $mr['deces']);
- user_clear_all_subs($user->id(), false);
- }
-
- // Eventually updates the Google Apps account.
- if ($globals->mailstorage->googleapps_domain) {
- // If the user did choose to use synchronized passwords,
- // and the password was changed, updates the Google Apps
- // password as well.
- if (Env::v('newpass_clair') != "********") {
- require_once 'googleapps.inc.php';
- $account = new GoogleAppsAccount($user);
- if ($account->active() && $account->sync_password) {
- $account->set_password($pass_encrypted);
- }
- }
+ // Account Form {{{
+ $to_update = array();
+ if (Post::has('disable_weak_access')) {
+ $to_update['weak_password'] = null;
+ } else if (Post::has('update_account')) {
+ if (Post::s('full_name') != $user->fullName()) {
+ // XXX: Update profile if a profile is associated
+ $to_update['full_name'] = Post::s('full_name');
+ }
+ if (Post::s('display_name') != $user->displayName()) {
+ // XXX: Update profile if a profile is associated
+ $to_update['display_name'] = Post::s('display_name');
+ }
+ if (Post::s('sex') != ($user->isFemale() ? 'female' : 'male')) {
+ $to_update['sex'] = Post::s('sex');
+ }
+ if (!Post::blank('hashpass')) {
+ $to_update['password'] = Post::s('hashpass');
+ }
+ if (!Post::blank('weak_password')) {
+ $to_update['weak_password'] = Post::s('weak_password');
+ }
+ if (Post::i('token_access', 0) != ($user->token_access ? 1 : 0)) {
+ $to_update['token'] = Post::i('token_access') ? rand_url_id(16) : null;
+ }
+ if (Post::i('skin', 0) != $user->skin) {
+ $to_update['skin'] = Post::i('skin', 0);
+ if ($to_update['skin'] == 0) {
+ $to_update['skin'] = null;
+ }
+ }
+ if (Post::s('state') != $user->state) {
+ $to_update['state'] = Post::s('state');
+ }
+ if (Post::i('is_admin', 0) != ($user->is_admin ? 1 : 0)) {
+ $to_update['is_admin'] = Post::b('is_admin');
+ }
+ if (Post::s('type') != $user->type) {
+ $to_update['type'] = Post::s('type');
+ }
+ if (Post::i('watch', 0) != ($user->watch ? 1 : 0)) {
+ $to_update['flags'] = new PlFlagset();
+ $to_update['flags']->addFlag('watch', Post::i('watch'));
+ }
+ if (Post::t('comment') != $user->comment) {
+ $to_update['comment'] = Post::blank('comment') ? null : Post::t('comment');
+ }
+ }
+ if (!empty($to_update)) {
+ $set = array();
+ foreach ($to_update as $k => $value) {
+ $set[] = XDB::format($k . ' = {?}', $value);
+ }
+ XDB::execute('UPDATE accounts
+ SET ' . implode(', ', $set) . '
+ WHERE uid = ' . XDB::format('{?}', $user->id()));
+ $page->trigSuccess('Données du compte mise à jour avec succès');
+ $user = User::getWithUID($user->id());
+ }
+ // }}}
+
+ // Profile form {{{
+ if (Post::has('add_profile') || Post::has('del_profile') || Post::has('owner')) {
+ if (Post::i('del_profile', 0) != 0) {
+ XDB::execute('DELETE FROM account_profiles
+ WHERE uid = {?} AND pid = {?}',
+ $user->id(), Post::i('del_profile'));
+ } else if (!Post::blank('new_profile')) {
+ $profile = Profile::get(Post::t('new_profile'));
+ if (!$profile) {
+ $page->trigError('Le profil ' . Post::t('new_profile') . ' n\'existe pas');
+ } else {
+ XDB::execute('INSERT IGNORE INTO account_profiles (uid, pid)
+ VALUES ({?}, {?})',
+ $user->id(), $profile->id());
+ }
+ }
+ XDB::execute('UPDATE account_profiles
+ SET perms = IF(pid = {?}, CONCAT(perms, \',owner\'), REPLACE(perms, \'owner\', \'\'))
+ WHERE uid = {?}',
+ Post::i('owner'), $user->id());
+ }
+ // }}}
- // If the update did disable the user account, disables
- // the Google Apps account as well.
- if ($new_fields['perms'] == 'disabled' && $new_fields['perms'] != $old_fields['perms']) {
- require_once 'googleapps.inc.php';
- $account = new GoogleAppsAccount($user);
- $account->suspend();
- }
- }
+ // Email forwards form {{{
+ require_once("emails.inc.php");
+ $redirect = ($registered ? new Redirect($user) : null);
+ if (Post::has('add_fwd')) {
+ $email = Post::t('email');
+ if (!isvalid_email_redirection($email)) {
+ $page->trigError("Email non valide: $email");
+ } else {
+ $redirect->add_email($email);
+ $page->trigSuccess("Ajout de $email effectué");
+ }
+ } else if (!Post::blank('del_fwd')) {
+ $redirect->delete_email(Post::t('del_fwd'));
+ } else if (!Post::blank('activate_fwd')) {
+ $redirect->modify_one_email(Post::t('activate_fwd', true));
+ } else if (!Post::blank('deactivate_fwd')) {
+ $redirect->modify_one_email(Post::t('deactivate_fwd', false));
+ } else if (Post::has('disable_fwd')) {
+ $redirect->disable();
+ } else if (Post::has('enable_fwd')) {
+ $redirect->enable();
+ } else if (!Post::blank('clean_fwd')) {
+ $redirect->clean_errors(Post::t('clean_fwd'));
+ }
+ // }}}
+
+ // Email alias form {{{
+ if (Post::has('add_alias')) {
+ // Splits new alias in user and fqdn.
+ $alias = Env::t('email');
+ if (strpos($alias, '@') !== false) {
+ list($alias, $domain) = explode('@', $alias);
+ } else {
+ $domain = $globals->mail->domain;
+ }
+ // Checks for alias' user validity.
+ if (!preg_match('/[-a-z0-9\.]+/s', $alias)) {
+ $page->trigError("'$alias' n'est pas un alias valide");
+ }
- // Reloads the user profile, to ensure the latest version will
- // be served to the administrator.
- $mr = XDB::query($userinfo_query, $user->id())->fetchOneAssoc();
+ // Eventually adds the alias to the right domain.
+ if ($domain == $globals->mail->alias_dom || $domain == $globals->mail->alias_dom2) {
+ $req = new AliasReq($user, $alias, 'Admin request', false);
+ if ($req->commit()) {
+ $page->trigSuccess("Nouvel alias '$alias@$domain' attribué");
+ } else {
+ $page->trigError("Impossible d'ajouter l'alias '$alias@$domain', il est probablement déjà attribué");
+ }
+ } elseif ($domain == $globals->mail->domain || $domain == $globals->mail->domain2) {
+ $res = XDB::execute("INSERT INTO aliases (id, alias, type)
+ VALUES ({?}, {?}, 'alias')",
+ $user->id(), $alias);
+ $page->trigSuccess("Nouvel alias '$alias' ajouté");
+ } else {
+ $page->trigError("Le domaine '$domain' n'est pas valide");
+ }
+ } else if (!Post::blank('del_alias')) {
+ XDB::execute("DELETE FROM aliases
+ WHERE id = {?} AND alias = {?} AND
+ type NOT IN ('a_vie', 'homonyme')",
+ $user->id(), $val);
+ XDB::execute("UPDATE emails
+ SET rewrite = ''
+ WHERE uid = {?} AND rewrite LIKE CONCAT({?}, '@%')",
+ $user->id(), $val);
+ fix_bestalias($user);
+ $page->trigSuccess("L'alias '$val' a été supprimé");
+ } else if (!Post::blank('best')) {
+ XDB::execute("UPDATE aliases
+ SET flags = TRIM(BOTH ',' FROM REPLACE(CONCAT(',', flags, ','), ',bestalias,', ','))
+ WHERE id = {?}", $user->id());
+ XDB::execute("UPDATE aliases
+ SET flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'bestalias')
+ WHERE id = {?} AND alias = {?}", $user->id(), $val);
+ // As having a non-null bestalias value is critical in
+ // plat/al's code, we do an a posteriori check on the
+ // validity of the bestalias.
+ fix_bestalias($user);
+ }
+ // }}}
+
+ // Forum form {{{
+ if (Post::has('b_edit')) {
+ XDB::execute("DELETE FROM forum_innd
+ WHERE uid = {?}", $user->id());
+ if (Env::v('write_perm') != "" || Env::v('read_perm') != "" || Env::v('commentaire') != "" ) {
+ XDB::execute("INSERT INTO forum_innd
+ SET ipmin = '0', ipmax = '4294967295',
+ write_perm = {?}, read_perm = {?},
+ comment = {?}, priority = '200', uid = {?}",
+ Env::v('write_perm'), Env::v('read_perm'), Env::v('comment'), $user->id());
+ }
+ }
+ // }}}
- break;
- // User re-registration.
- case "u_kill":
- require_once('user.func.inc.php');
- user_clear_all_subs($user->id());
- $globals->updateNbIns();
- $page->trigSuccess("'" . $user->id() . "' a été désinscrit !");
-
- $mailer = new PlMailer("admin/useredit.mail.tpl");
- $mailer->assign("admin", S::user()->login());
- $mailer->assign("user", $user->login());
- $mailer->assign("deletion", true);
- $mailer->send();
- break;
+ $page->addJsLink('ui.core.js');
+ $page->addJsLink('ui.tabs.js');
- // Forum ban update.
- case "b_edit":
- XDB::execute("DELETE FROM forums.innd WHERE uid = {?}", $user->id());
- if (Env::v('write_perm') != "" || Env::v('read_perm') != "" || Env::v('commentaire') != "" ) {
- XDB::execute("INSERT INTO forums.innd
- SET ipmin = '0', ipmax = '4294967295',
- write_perm = {?}, read_perm = {?},
- comment = {?}, priority = '200', uid = {?}",
- Env::v('write_perm'), Env::v('read_perm'), Env::v('comment'), $user->id());
- }
- break;
- }
- }
// Displays last login and last host information.
$res = XDB::query("SELECT start, host
$page->assign('host', $host);
// Display active aliases.
- $page->assign('virtuals', XDB::iterator(
- "SELECT alias
- FROM virtual
- INNER JOIN virtual_redirect USING (vid)
- WHERE type = 'user' AND (redirect = {?} OR redirect = {?})",
- $user->forlifeEmail(),
- // TODO: remove this über-ugly hack. The issue is that you need
- // to remove all @m4x.org addresses in virtual_redirect first.
- $user->login() . '@' . $globals->mail->domain2));
-
- $page->assign('aliases', XDB::iterator(
- "SELECT alias, type='a_vie' AS for_life,FIND_IN_SET('bestalias',flags) AS best,expire
- FROM aliases
- WHERE id = {?} AND type != 'homonyme'
- ORDER BY type != 'a_vie'", $user->id()));
+ $page->assign('virtuals', $user->emailAliases());
+ $page->assign('aliases', XDB::iterator("SELECT alias, type='a_vie' AS for_life,
+ FIND_IN_SET('bestalias',flags) AS best, expire
+ FROM aliases
+ WHERE id = {?} AND type != 'homonyme'
+ ORDER BY type != 'a_vie'", $user->id()));
+ $page->assign('account_types', XDB::iterator('SELECT * FROM account_types ORDER BY type'));
+ $page->assign('skins', XDB::iterator('SELECT id, name FROM skins ORDER BY name'));
+ $page->assign('profiles', XDB::iterator('SELECT p.pid, p.hrpid, FIND_IN_SET(\'owner\', ap.perms) AS owner
+ FROM account_profiles AS ap
+ INNER JOIN profiles AS p ON (ap.pid = p.pid)
+ WHERE ap.uid = {?}', $user->id()));
// Displays email redirection and the general profile.
if ($registered && $redirect) {
// Displays forum bans.
$res = XDB::query("SELECT write_perm, read_perm, comment
- FROM forums.innd
+ FROM forum_innd
WHERE uid = {?}", $user->id());
$bans = $res->fetchOneAssoc();
$page->assign('bans', $bans);
{
$page->changeTpl('admin/homonymes.tpl');
$page->setTitle('Administration - Homonymes');
- require_once("homonymes.inc.php");
+ $this->load("homonyms.inc.php");
if ($target) {
- if (! list($prenom,$nom,$forlife,$loginbis) = select_if_homonyme($target)) {
- $target=0;
+ $user = User::getSilent($target);
+ if (!$user || !($loginbis = select_if_homonyme($user))) {
+ $target = 0;
} else {
- $page->assign('nom',$nom);
- $page->assign('prenom',$prenom);
- $page->assign('forlife',$forlife);
+ $page->assign('user', $user);
$page->assign('loginbis',$loginbis);
}
}
case 'mail':
S::assert_xsrf_token();
- send_warning_homonyme($prenom, $nom, $forlife, $loginbis);
- switch_bestalias($target, $loginbis);
+ send_warning_homonyme($user, $loginbis);
+ switch_bestalias($user, $loginbis);
$op = 'list';
- $page->trigSuccess('Email envoyé à ' . $forlife . '.');
+ $page->trigSuccess('Email envoyé à ' . $user->forlifeEmail() . '.');
break;
case 'correct':
S::assert_xsrf_token();
- switch_bestalias($target, $loginbis);
- XDB::execute("UPDATE aliases SET type='homonyme',expire=NOW() WHERE alias={?}", $loginbis);
- XDB::execute("REPLACE INTO homonymes (homonyme_id,user_id) VALUES({?},{?})", $target, $target);
- send_robot_homonyme($prenom, $nom, $forlife, $loginbis);
+ switch_bestalias($user, $loginbis);
+ XDB::execute("UPDATE aliases
+ SET type = 'homonyme', expire=NOW()
+ WHERE alias = {?}", $loginbis);
+ XDB::execute("REPLACE INTO homonymes (homonyme_id,user_id)
+ VALUES ({?}, {?})", $target, $target);
+ send_robot_homonyme($user, $loginbis);
$op = 'list';
- $page->trigSuccess('Email envoyé à ' . $forlife . ', alias supprimé.');
+ $page->trigSuccess('Email envoyé à ' . $user->forlifeEmail() . ', alias supprimé.');
break;
}
}
if ($op == 'list') {
$res = XDB::iterator(
- "SELECT a.alias AS homonyme,s.id AS user_id,s.alias AS forlife,
- promo,prenom,nom,
- IF(h.homonyme_id=s.id, a.expire, NULL) AS expire,
- IF(h.homonyme_id=s.id, a.type, NULL) AS type
+ "SELECT a.alias AS homonyme, s.alias AS forlife,
+ IF(h.homonyme_id = s.id, a.expire, NULL) AS expire,
+ IF(h.homonyme_id = s.id, a.type, NULL) AS type,
+ ac.uid AS user_id
FROM aliases AS a
LEFT JOIN homonymes AS h ON (h.homonyme_id = a.id)
INNER JOIN aliases AS s ON (s.id = h.user_id AND s.type='a_vie')
- INNER JOIN auth_user_md5 AS u ON (s.id=u.user_id)
- WHERE a.type='homonyme' OR a.expire!=''
- ORDER BY a.alias,promo");
+ INNER JOIN accounts AS ac ON (ac.uid = a.id)
+ WHERE a.type = 'homonyme' OR a.expire != ''
+ ORDER BY a.alias, forlife");
$hnymes = Array();
while ($tab = $res->next()) {
$hnymes[$tab['homonyme']][] = $tab;
}
}
- function handler_ax_xorg(&$page) {
- $page->changeTpl('admin/ax-xorg.tpl');
- $page->setTitle('Administration - AX/X.org');
-
- // liste des différences
- $res = XDB::query(
- 'SELECT u.promo,u.nom AS nom,u.prenom AS prenom,ia.nom AS nomax,ia.prenom AS prenomax,u.matricule AS mat,ia.matricule_ax AS matax
- FROM auth_user_md5 AS u
- INNER JOIN identification_ax AS ia ON u.matricule_ax = ia.matricule_ax
- WHERE (SOUNDEX(u.nom) != SOUNDEX(ia.nom) AND SOUNDEX(CONCAT(ia.particule,u.nom)) != SOUNDEX(ia.nom)
- AND SOUNDEX(u.nom) != SOUNDEX(ia.nom_patro) AND SOUNDEX(CONCAT(ia.particule,u.nom)) != SOUNDEX(ia.nom_patro))
- OR u.prenom != ia.prenom OR (u.promo != ia.promo AND u.promo != ia.promo+1 AND u.promo != ia.promo-1)
- ORDER BY u.promo,u.nom,u.prenom');
- $page->assign('diffs', $res->fetchAllAssoc());
-
- // gens à l'ax mais pas chez nous
- $res = XDB::query(
- 'SELECT ia.promo,ia.nom,ia.nom_patro,ia.prenom
- FROM identification_ax as ia
- LEFT JOIN auth_user_md5 AS u ON u.matricule_ax = ia.matricule_ax
- WHERE u.nom IS NULL');
- $page->assign('mank', $res->fetchAllAssoc());
-
- // gens chez nous et pas à l'ax
- $res = XDB::query('SELECT promo,nom,prenom FROM auth_user_md5 WHERE matricule_ax IS NULL');
- $page->assign('plus', $res->fetchAllAssoc());
- }
-
- function handler_deaths(&$page, $promo = 0, $validate = false) {
+ function handler_deaths(&$page, $promo = 0, $validate = false)
+ {
$page->changeTpl('admin/deces_promo.tpl');
$page->setTitle('Administration - Deces');
$page->assign('decedes', $res);
}
- function handler_dead_but_active(&$page) {
+ function handler_dead_but_active(&$page)
+ {
$page->changeTpl('admin/dead_but_active.tpl');
$page->setTitle('Administration - Décédés');
$page->assign('dead', $res);
}
- function handler_synchro_ax(&$page, $login = null, $action = null) {
- $page->changeTpl('admin/synchro_ax.tpl');
- $page->setTitle('Administration - Synchro AX');
-
- // Checks for synchronization requirements.
- require_once('synchro_ax.inc.php');
- if (is_ax_key_missing()) {
- $page->assign('no_private_key', true);
- $page->run();
- }
-
- // Determines user identity using environment.
- if ($login) {
- $user = User::get($login);
- } else if (Env::has('user')) {
- $user = User::get(Env::v('user'));
- } else if (Env::has('mat')) {
- $res = XDB::query("SELECT user_id FROM auth_user_md5 WHERE matricule = {?}", Env::i('mat'));
- $user = User::get($res->fetchOneCell());
- } else {
- return;
- }
-
- // Finally synchronizes the AX and plat/al information.
- if ($action == 'import') {
- ax_synchronize($user->login(), S::v('uid'));
- }
-
- require_once 'profil.func.inc.php';
- $userxorg = get_user_details($user->login(), S::v('uid'), 'ax');
- $userax = get_user_ax($userxorg['matricule_ax']);
- $diff = diff_user_details($userax, $userxorg, 'ax');
-
- $page->assign('x', $userxorg);
- $page->assign('diff', $diff);
- }
-
function handler_validate(&$page, $action = 'list', $id = null)
{
$page->changeTpl('admin/valider.tpl');
$page->assign('vit', new ValidateIterator());
}
- function handler_validate_answers(&$page, $action = 'list', $id = null) {
+ function handler_validate_answers(&$page, $action = 'list', $id = null)
+ {
$page->setTitle('Administration - Réponses automatiques de validation');
$page->assign('title', 'Gestion des réponses automatiques');
$table_editor = new PLTableEditor('admin/validate/answers','requests_answers','id');
$table_editor->describe('answer','texte',false);
$table_editor->apply($page, $action, $id);
}
- function handler_skins(&$page, $action = 'list', $id = null) {
+
+ function handler_skins(&$page, $action = 'list', $id = null)
+ {
$page->setTitle('Administration - Skins');
$page->assign('title', 'Gestion des skins');
$table_editor = new PLTableEditor('admin/skins','skins','id');
$table_editor->apply($page, $action, $id);
}
- function handler_postfix_blacklist(&$page, $action = 'list', $id = null) {
+ function handler_postfix_blacklist(&$page, $action = 'list', $id = null)
+ {
$page->setTitle('Administration - Postfix : Blacklist');
$page->assign('title', 'Blacklist de postfix');
$table_editor = new PLTableEditor('admin/postfix/blacklist','postfix_blacklist','email', true);
$table_editor->describe('email','email',true);
$table_editor->apply($page, $action, $id);
}
- function handler_postfix_whitelist(&$page, $action = 'list', $id = null) {
+
+ function handler_postfix_whitelist(&$page, $action = 'list', $id = null)
+ {
$page->setTitle('Administration - Postfix : Whitelist');
$page->assign('title', 'Whitelist de postfix');
$table_editor = new PLTableEditor('admin/postfix/whitelist','postfix_whitelist','email', true);
$table_editor->describe('email','email',true);
$table_editor->apply($page, $action, $id);
}
- function handler_mx_broken(&$page, $action = 'list', $id = null) {
+
+ function handler_mx_broken(&$page, $action = 'list', $id = null)
+ {
$page->setTitle('Administration - MX Défaillants');
$page->assign('title', 'MX Défaillant');
$table_editor = new PLTableEditor('admin/mx/broken', 'mx_watch', 'host', true);
$table_editor->describe('text', 'Description du problème', false);
$table_editor->apply($page, $action, $id);
}
- function handler_logger_actions(&$page, $action = 'list', $id = null) {
+
+ function handler_logger_actions(&$page, $action = 'list', $id = null)
+ {
$page->setTitle('Administration - Actions');
$page->assign('title', 'Gestion des actions de logger');
$table_editor = new PLTableEditor('admin/logger/actions','logger.actions','id');
$table_editor->describe('description','description',true);
$table_editor->apply($page, $action, $id);
}
- function handler_downtime(&$page, $action = 'list', $id = null) {
+
+ function handler_downtime(&$page, $action = 'list', $id = null)
+ {
$page->setTitle('Administration - Coupures');
$page->assign('title', 'Gestion des coupures');
$table_editor = new PLTableEditor('admin/downtime','coupures','id');
$table_editor->apply($page, $action, $id);
}
+ function handler_account_types(&$page, $action = 'list', $id = null)
+ {
+ $page->setTitle('Administration - Types de comptes');
+ $page->assign('title', 'Gestion des types de comptes');
+ $table_editor = new PLTableEditor('admin/account/types', 'account_types', 'type', true);
+ $table_editor->describe('type', 'Catégorie', true);
+ $table_editor->describe('perms', 'Permissions associées', true);
+ $table_editor->apply($page, $action, $id);
+ }
+
function handler_wiki(&$page, $action = 'list', $wikipage = null, $wikipage2 = null)
{
- if (S::v('core_rss_hash')) {
+ if (S::hasAuthToken()) {
$page->setRssLink('Changement Récents',
- '/Site/AllRecentChanges?action=rss&user=' . S::v('hruid') . '&hash=' . S::v('core_rss_hash'));
+ '/Site/AllRecentChanges?action=rss&user=' . S::v('hruid') . '&hash=' . S::v('token'));
}
// update wiki perms
}
$page->changeTpl('admin/wiki.tpl');
- $page->addJsLink('jquery.js');
$page->assign('wiki_pages', $wiki_tree);
$page->assign('perms_opts', $perms);
}
$sql = "SELECT w.ip, IF(s.ip IS NULL,
IF(w.ip = s2.ip, s2.host, s2.forward_host),
IF(w.ip = s.ip, s.host, s.forward_host)),
- w.mask, w.detection, w.state, u.hruid
+ w.mask, w.detection, w.state, a.hruid
FROM ip_watch AS w
LEFT JOIN logger.sessions AS s ON (s.ip = w.ip)
LEFT JOIN logger.sessions AS s2 ON (s2.forward_ip = w.ip)
- LEFT JOIN auth_user_md5 AS u ON (u.user_id = s.uid)
- GROUP BY w.ip, u.hruid
- ORDER BY w.state, w.ip, u.hruid";
+ LEFT JOIN accounts AS a ON (a.uid = s.uid)
+ GROUP BY w.ip, a.hruid
+ ORDER BY w.state, w.ip, a.hruid";
$it = Xdb::iterRow($sql);
$table = array();
$page->assign('table', $table);
} elseif ($action == 'edit') {
$sql = "SELECT w.detection, w.state, w.last, w.description, w.mask,
- u1.hruid AS edit, u2.hruid AS hruid, s.host
+ a1.hruid AS edit, a2.hruid AS hruid, s.host
FROM ip_watch AS w
- LEFT JOIN auth_user_md5 AS u1 ON (u1.user_id = w.uid)
+ LEFT JOIN accounts AS a1 ON (a1.uid = w.uid)
LEFT JOIN logger.sessions AS s ON (w.ip = s.ip)
- LEFT JOIN auth_user_md5 AS u2 ON (u2.user_id = s.uid)
+ LEFT JOIN accounts AS a2 ON (a2.uid = s.uid)
WHERE w.ip = {?}
- GROUP BY u2.hruid
- ORDER BY u2.hruid";
+ GROUP BY a2.hruid
+ ORDER BY a2.hruid";
$it = Xdb::iterRow($sql, ip_to_uint($ip));
$props = array();
function handler_accounts(&$page)
{
$page->changeTpl('admin/accounts.tpl');
- $page->assign('disabled', XDB::iterator('SELECT u.nom, u.prenom, u.promo, u.comment, u.hruid
- FROM auth_user_md5 AS u
- WHERE perms = \'disabled\'
- ORDER BY nom, prenom'));
- $page->assign('admins', XDB::iterator('SELECT u.nom, u.prenom, u.promo, u.hruid
- FROM auth_user_md5 AS u
- WHERE perms = \'admin\'
- ORDER BY nom, prenom'));
+ $page->assign('disabled', XDB::iterator('SELECT a.hruid, FIND_IN_SET(\'watch\', a.flags) AS watch,
+ a.state = \'disabled\' AS disabled, a.comment
+ FROM accounts AS a
+ WHERE a.state = \'disabled\' OR FIND_IN_SET(\'watch\', a.flags)
+ ORDER BY a.hruid'));
+ $page->assign('admins', XDB::iterator('SELECT a.hruid
+ FROM accounts AS a
+ WHERE a.is_admin
+ ORDER BY a.hruid'));
}
}
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
-function select_if_homonyme($uid) {
- $res = XDB::query("SELECT prenom,nom,a.alias AS forlife,h.alias AS loginbis
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id=u.user_id AND a.type='a_vie')
- INNER JOIN aliases AS h ON (h.id=u.user_id AND h.expire!='')
- WHERE user_id = {?}", $uid);
- return $res->fetchOneRow();
+function select_if_homonyme(PlUser &$user) {
+ return XDB::fetchOneCell("SELECT a.alias
+ FROM aliases AS a
+ WHERE a.id = {?} AND a.expire != ''",
+ $user->id());
}
-function send_warning_homonyme($prenom, $nom, $forlife, $loginbis) {
+function send_warning_homonyme(PlUser &$user, $loginbis) {
global $globals;
$cc = "support+homonyme@" . $globals->mail->domain;
$FROM = "\"Support Polytechnique.org\" <$cc>";
$mymail = new PlMailer();
$mymail->setFrom($FROM);
- $mymail->setSubject("Dans 2 semaines, suppression de $loginbis@" . $globals->mail->domain);
- $mymail->addTo("$prenom $nom <$forlife@" . $globals->mail->domain . '>');
$mymail->addCc($cc);
+ $mymail->setSubject("Dans 2 semaines, suppression de $loginbis@" . $globals->mail->domain);
$mymail->setTxtBody(Env::v('mailbody'));
- $mymail->send();
+ $mymail->sendTo($user);
}
-function send_robot_homonyme($prenom, $nom, $forlife, $loginbis) {
+function send_robot_homonyme(PlUser &$user, $loginbis) {
global $globals;
$cc = "support+homonyme@" . $globals->mail->domain;
$FROM = "\"Support Polytechnique.org\" <$cc>";
$mymail = new PlMailer();
$mymail->setFrom($FROM);
$mymail->setSubject("Mise en place du robot $loginbis@" . $globals->mail->domain);
- $mymail->addTo("$prenom $nom <$forlife@" . $globals->mail->domain . '>');
$mymail->addCc($cc);
$mymail->setTxtBody(Env::v('mailbody'));
- $mymail->send();
+ $mymail->sendTo($user);
}
-function switch_bestalias($uid, $loginbis) {
+function switch_bestalias(PlUser &$user, $loginbis) {
// check if loginbis was the bestalias
- $res = XDB::query("SELECT alias FROM aliases WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", $uid);
- $bestalias = $res->fetchOneCell();
- if ($bestalias && $bestalias != $loginbis) return false;
+ $bestailas = XDB::fetchOneCell("SELECT alias
+ FROM aliases
+ WHERE id = {?} AND FIND_IN_SET('bestalias', flags)",
+ $user->id());
+ if ($bestalias && $bestalias != $loginbis) {
+ return false;
+ }
// select the shortest alias still alive
- $res = XDB::query("SELECT alias FROM aliases WHERE id = {?} AND alias != {?} AND expire IS NULL ORDER BY LENGTH(alias) LIMIT 1", $uid, $loginbis);
- $newbest = $res->fetchOneCell();
+ $newbest = XDB::fetchOneCell("SELECT alias
+ FROM aliases
+ WHERE id = {?} AND alias != {?} AND expire IS NULL
+ ORDER BY LENGTH(alias)
+ LIMIT 1", $user->id(), $loginbis);
// change the bestalias flag
- XDB::execute("UPDATE aliases SET flags = (flags & (255 - 1)) | IF(alias = {?}, 1, 0) WHERE id = {?}", $newbest, $uid);
-
+ XDB::execute("UPDATE aliases
+ SET flags = (flags & (255 - 1)) | IF(alias = {?}, 1, 0)
+ WHERE id = {?}", $newbest, $user->id());
return $newbest;
}
$cle = $globals->core->econfiance;
- if (S::v('chall') && $_GET['PASS'] == md5(S::v('chall').$cle)) {
-
- $res = XDB::query("SELECT password FROM auth_user_md5 WHERE user_id=10154");
- $pass = $res->fetchOneCell();
+ $res = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n\n<membres>\n\n";
- $list = new MMList(10154, $pass, "x-econfiance.polytechnique.org");
+ if (S::v('chall') && $_GET['PASS'] == md5(S::v('chall').$cle)) {
+ $list = new MMList(User::getWithUID(10154), "x-econfiance.polytechnique.org");
$members = $list->get_members('membres');
if (is_array($members)) {
$membres = Array();
foreach($members[1] as $member) {
- if (preg_match('/^([^.]*.[^.]*.(\d\d\d\d))@polytechnique.org$/',
- $member[1], $matches))
- {
- $membres[] = "a.alias='{$matches[1]}'";
+ $user = User::getSilent($member[1]);
+ if ($user && $user->hasProfile()) {
+ $profile = $user->profile();
+ $res .= "<membre>\n";
+ $res .= "\t<nom>" . $profile->lastName() . "</nom>\n";
+ $res .= "\t<prenom>" . $profile->firstName() . "</prenom>\n";
+ $res .= "\t<email>" . $user->forlifeEmail() . "</email>\n";
+ $res .= "</membre>\n\n";
}
}
}
-
- $where = join(' OR ',$membres);
-
- $all = XDB::iterRow(
- "SELECT u.prenom,u.nom,a.alias
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON ( u.user_id = a.id AND a.type!='homonyme' )
- WHERE $where
- ORDER BY nom");
-
- $res = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n\n<membres>\n\n";
-
- while (list ($prenom1,$nom1,$email1) = $all->next()) {
- $res .= "<membre>\n";
- $res .= "\t<nom>$nom1</nom>\n";
- $res .= "\t<prenom>$prenom1</prenom>\n";
- $res .= "\t<email>$email1</email>\n";
- $res .= "</membre>\n\n";
- }
-
$res .= "</membres>\n\n";
header('Content-Type: text/xml; charset="UTF-8"');
// mise à jour de l'heure et de la machine de dernier login sauf quand on est en suid
$uid = S::i('uid');
- if (!isset($_SESSION['suid'])) {
+ if (!S::suid()) {
global $platal;
- S::logger(uid)->log('connexion_auth_ext', $platal->path);
+ S::logger($uid)->log('connexion_auth_ext', $platal->path);
}
/* on parcourt les entrees de groupes_auth */
$params = "";
$fieldarr = explode(',', $datafields);
- $res = XDB::query("SELECT matricule, matricule_ax, promo,
- promo_sortie, flags, deces, nom,
- prenom, nationalite, section,
- naissance
- FROM auth_user_md5 WHERE user_id = {?}",
- S::v('uid'));
- $personnal_data = $res->fetchOneAssoc();
+ $user =& S::user();
+ if ($user->hasProfile()) {
+ // XXX: Transition table for auth.
+ $personnal_data = $user->profile()->data();
+ $personnal_data['matricule'] = $personnal_data['xorg_id'];
+ $personnal_data['matricule_ax'] = $personnal_data['ax_id'];
+ $personnal_data['promo_sortie'] = $personnal_data['promo'] + 3; // FIXME: Hum, not that good
+ $personnal_data['nationalite'] = $personnal_data['nationality1'];
+ $personnal_data['naissance'] = $personnal_data['birthdate'];
+ $personnal_data['deces'] = $personnal_data['deathdate'];
+ $personnal_data['flags'] = $user->profile()->isFemale() ? 'femme' : '';
+ } else {
+ $personnal_data = array();
+ }
foreach ($fieldarr as $val) {
// Determine the requested value, and add it to the answer.
} else if (isset($personnal_data[$val])) {
$params .= gpex_prepare_param($val, $personnal_data[$val], $tohash, $charset);
} else if ($val == 'username') {
- $res = XDB::query("SELECT alias FROM aliases
+ $res = XDB::query("SELECT alias
+ FROM aliases
WHERE id = {?} AND FIND_IN_SET('bestalias', flags)",
- S::v('uid'));
+ S::i('uid'));
$min_username = $res->fetchOneCell();
$params .= gpex_prepare_param($val, $min_username, $tohash, $charset);
} else if ($val == 'grpauth') {
$perms = S::has_perms() ? 'admin' : 'membre';
}
$params .= gpex_prepare_param($val, $perms, $tohash, $charset);
+ } else {
+ $params .= gpex_prepare_param($val, '', $tohash, $charset);
}
}
$tohash .= "1";
$page->changeTpl('axletter/show.tpl');
$nl = new AXLetter($nid);
+ $user =& S::user();
if (Get::has('text')) {
- $nl->toText($page, S::v('prenom'), S::v('nom'), S::v('femme'));
+ $nl->toText($page, $user);
} else {
- $nl->toHtml($page, S::v('prenom'), S::v('nom'), S::v('femme'));
+ $nl->toHtml($page, $user);
}
if (Post::has('send')) {
- $nl->sendTo(S::user()->login(), S::user()->bestEmail(),
- S::v('prenom'), S::v('nom'),
- S::v('femme'), S::v('mail_fmt') != 'texte');
+ $nl->sendTo($user);
}
}
function _add_rss_link(&$page)
{
- if (!S::has('core_rss_hash')) {
+ if (!S::hasAuthToken()) {
return;
}
$page->setRssLink('Polytechnique.org :: Carnet',
- '/carnet/rss/'.S::v('hruid').'/'.S::v('core_rss_hash').'/rss.xml');
+ '/carnet/rss/'.S::v('hruid').'/'.S::v('token').'/rss.xml');
}
function handler_index(&$page)
// For XSRF protection, checks both the normal xsrf token, and the special RSS token.
// It allows direct linking to contact adding in the RSS feed.
- if (Env::v('action') && Env::v('token') !== S::v('core_rss_hash')) {
+ if (Env::v('action') && Env::v('token') !== S::v('token')) {
S::assert_xsrf_token();
}
switch (Env::v('action')) {
function handler_ical(&$page, $alias = null, $hash = null)
{
- require_once 'rss.inc.php';
- $uid = init_rss(null, $alias, $hash, false);
- if (S::logged()) {
- if (!$uid) {
- $uid = S::i('uid');
- } else if ($uid != S::i('uid')) {
- send_warning_email("Récupération d\'un autre utilisateur ($uid)");
+ $user = Platal::session()->tokenAuth($alias, $hash);
+ if (is_null($user)) {
+ if (S::logged()) {
+ $user == S::user();
+ } else {
+ return PL_FORBIDDEN;
}
- } else if (!$uid) {
- exit;
}
require_once 'ical.inc.php';
FROM contacts AS c
INNER JOIN auth_user_md5 AS u ON (u.user_id = c.contact)
INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type = \'a_vie\')
- WHERE c.uid = {?}', $uid);
+ WHERE c.uid = {?}', $user->id());
$annivs = Array();
while (list($prenom, $nom, $promo, $naissance, $end, $ts, $hruid) = $res->next()) {
FROM virtual
INNER JOIN virtual_redirect USING (vid)
WHERE alias = {?} AND (redirect = {?} OR redirect = {?})",
- $value, $user->forlifeEmail(),
- // TODO: remove this über-ugly hack. The issue is that you need
- // to remove all @m4x.org addresses in virtual_redirect first.
- $user->login() . '@' . $globals->mail->domain2);
+ $value, $user->forlifeEmail(), $user->m4xForlifeEmail());
}
// Fetch existing @alias_dom aliases.
- $res = XDB::query(
- "SELECT alias, emails_alias_pub
- FROM auth_user_quick, virtual
- INNER JOIN virtual_redirect USING(vid)
- WHERE (redirect = {?} OR redirect = {?})
- AND alias LIKE '%@{$globals->mail->alias_dom}' AND user_id = {?}",
- $user->forlifeEmail(),
- // TODO: remove this über-ugly hack. The issue is that you need
- // to remove all @m4x.org addresses in virtual_redirect first.
- $user->login() . '@' . $globals->mail->domain2, $user->id());
- list($alias, $visibility) = $res->fetchOneRow();
- $page->assign('actuel', $alias);
+ $alias = $user->emailAlias();
+ $visibility = $user->hasProfile() && $user->profile()->alias_pub;
if ($action == 'ask' && Env::has('alias') && Env::has('raison')) {
S::assert_xsrf_token();
//Si l'utilisateur vient de faire une damande
$alias = Env::v('alias');
$raison = Env::v('raison');
- $public = (Env::v('public', 'off') == 'on')?"public":"private";
+ $public = (Env::v('public', 'off') == 'on') ? 'public' : 'private';
$page->assign('r_alias', $alias);
$page->assign('r_raison', $raison);
}
//Quelques vérifications sur l'alias (caractères spéciaux)
- if (!preg_match( "/^[a-zA-Z0-9\-.]{3,20}$/", $alias)) {
+ if (!preg_match("/^[a-zA-Z0-9\-.]{3,20}$/", $alias)) {
$page->trigError("L'adresse demandée n'est pas valide."
. " Vérifie qu'elle comporte entre 3 et 20 caractères"
. " et qu'elle ne contient que des lettres non accentuées,"
. " des chiffres ou les caractères - et .");
return;
} else {
+ $alias_mail = $alias.'@'.$globals->mail->alias_dom;
+
//vérifier que l'alias n'est pas déja pris
- $res = XDB::query('SELECT COUNT(*) FROM virtual WHERE alias={?}',
- $alias.'@'.$globals->mail->alias_dom);
+ $res = XDB::query('SELECT COUNT(*)
+ FROM virtual
+ WHERE alias={?}',
+ $alias_mail);
if ($res->fetchOneCell() > 0) {
- $page->trigError("L'alias $alias@{$globals->mail->alias_dom} a déja été attribué.
- Tu ne peux donc pas l'obtenir.");
+ $page->trigError("L'alias $alias_mail a déja été attribué.
+ Tu ne peux donc pas l'obtenir.");
return;
}
//vérifier que l'alias n'est pas déja en demande
- $it = new ValidateIterator ();
+ $it = new ValidateIterator();
while($req = $it->next()) {
- if ($req->type == "alias" and $req->alias == $alias . '@' . $globals->mail->alias_dom) {
- $page->trigError("L'alias $alias@{$globals->mail->alias_dom} a déja été demandé.
+ if ($req->type == 'alias' and $req->alias == $alias_mail) {
+ $page->trigError("L'alias $alias_mail a déja été demandé.
Tu ne peux donc pas l'obtenir pour l'instant.");
return ;
}
return PL_FORBIDDEN;
}
- if ($value == 'public') {
- XDB::execute("UPDATE auth_user_quick SET emails_alias_pub = 'public'
- WHERE user_id = {?}", $user->id());
- } else {
- XDB::execute("UPDATE auth_user_quick SET emails_alias_pub = 'private'
- WHERE user_id = {?}", $user->id());
+ if ($user->hasProfile()) {
+ XDB::execute("UPDATE profiles
+ SET alias_pub = {?}
+ WHERE pid = {?}",
+ $value, $user->profile()->id());
}
-
- $visibility = $value;
+ $visibility = ($value == 'public');
}
- $page->assign('mail_public', ($visibility == 'public'));
+ $page->assign('actuel', $alias);
+ $page->assign('user', $user);
+ $page->assign('mail_public', $visibility);
}
function handler_redirect(&$page, $action = null, $email = null)
}
$res = XDB::query(
- "SELECT u.prenom, u.nom, u.promo, a.alias as forlife
- FROM auth_user_md5 AS u
- INNER JOIN contacts AS c ON (u.user_id = c.contact)
- INNER JOIN aliases AS a ON (u.user_id=a.id AND FIND_IN_SET('bestalias',a.flags))
+ "SELECT ac.full_name, a.alias as forlife
+ FROM accounts AS ac
+ INNER JOIN contacts AS c ON (ac.uid = c.contact)
+ INNER JOIN aliases AS a ON (ac.uid = a.id AND FIND_IN_SET('bestalias', a.flags))
WHERE c.uid = {?}
- ORDER BY u.nom, u.prenom", S::v('uid'));
+ ORDER BY ac.full_name", S::i('uid'));
$page->assign('contacts', $res->fetchAllAssoc());
$page->assign('maxsize', ini_get('upload_max_filesize') . 'o');
$page->assign('user', S::user());
$email = valide_email($email);
// vérifications d'usage
- $sel = XDB::query("SELECT uid FROM emails WHERE email = {?}", $email);
- if (($uid = $sel->fetchOneCell())) {
- $dest = User::getSilent($uid);
-
- // envoi du mail
- $message = "Bonjour !
-
-Cet email a été généré automatiquement par le service de patte cassée de
-Polytechnique.org car un autre utilisateur, " . S::user()->fullName() . ",
-nous a signalé qu'en t'envoyant un email, il avait reçu un message d'erreur
-indiquant que ton adresse de redirection $email
-ne fonctionnait plus !
-
-Nous te suggérons de vérifier cette adresse, et le cas échéant de mettre
-à jour sur le site <{$globals->baseurl}/emails> tes adresses
-de redirection...
-
-Pour plus de renseignements sur le service de patte cassée, n'hésite pas à
-consulter la page <{$globals->baseurl}/emails/broken>.
-
-
-À bientôt sur Polytechnique.org !
-L'équipe d'administration <support@" . $globals->mail->domain . '>';
-
- $mail = new PlMailer();
- $mail->setFrom('"Polytechnique.org" <support@' . $globals->mail->domain . '>');
- $mail->addTo($dest->bestEmail());
- $mail->setSubject("Une de tes adresse de redirection Polytechnique.org ne marche plus !!");
- $mail->setTxtBody($message);
- $mail->send();
+ $uid = XDB::fetchOneCell("SELECT uid
+ FROM emails
+ WHERE email = {?}", $email);
+ if ($uid) {
+ $dest = User::getWithUID($uid);
+
+ $mail = new PlMailer('emails/broken-web.mail.tpl');
+ $mail->assign('email', $email);
+ $mail->assign('request', S::user());
+ $mail->sendTo($dest);
$page->trigSuccess("Email envoyé !");
}
} elseif (Post::has('email')) {
$page->assign('neuneu', true);
} else {
$page->assign('email',$email);
- $sel = XDB::query(
- "SELECT e1.uid, e1.panne != 0 AS panne,
- (count(e2.uid) + IF(FIND_IN_SET('googleapps', u.mail_storage), 1, 0)) AS nb_mails,
- u.nom, u.prenom, u.promo, u.hruid
- FROM emails as e1
- LEFT JOIN emails as e2 ON(e1.uid = e2.uid
+ $x = XDB::fetchOneAssoc("SELECT e1.uid, e1.panne != 0 AS panne,
+ (count(e2.uid) + IF(FIND_IN_SET('googleapps', eo.storage), 1, 0)) AS nb_mails
+ FROM emails as e1
+ INNER JOIN email_options AS eo ON (eo.uid = e1.uid)
+ LEFT JOIN emails as e2 ON(e1.uid = e2.uid
AND FIND_IN_SET('active', e2.flags)
AND e1.email != e2.email)
- INNER JOIN auth_user_md5 as u ON(e1.uid = u.user_id)
- WHERE e1.email = {?}
- GROUP BY e1.uid", $email);
- if ($x = $sel->fetchOneAssoc()) {
+ WHERE e1.email = {?}
+ GROUP BY e1.uid", $email);
+ if ($x) {
// on écrit dans la base que l'adresse est cassée
if (!$x['panne']) {
- XDB::execute("UPDATE emails
- SET panne=NOW(),
- last=NOW(),
- panne_level = 1
- WHERE email = {?}", $email);
+ XDB::execute("UPDATE emails
+ SET panne=NOW(), last=NOW(), panne_level = 1
+ WHERE email = {?}", $email);
} else {
- XDB::execute("UPDATE emails
- SET panne_level = 1
- WHERE email = {?} AND panne_level = 0", $email);
+ XDB::execute("UPDATE emails
+ SET panne_level = 1
+ WHERE email = {?} AND panne_level = 0", $email);
}
+ $x['user'] = User::getWithUID($x['uid']);
$page->assign_by_ref('x', $x);
}
}
$page->assign('doublon', $props);
}
}
+
function handler_lost(&$page, $action = 'list', $email = null)
{
$page->changeTpl('emails/lost.tpl');
- $page->assign('lost_emails', XDB::iterator("
- SELECT u.user_id, u.hruid
- FROM auth_user_md5 AS u
- LEFT JOIN emails AS e ON (u.user_id = e.uid AND FIND_IN_SET('active', e.flags))
- WHERE e.uid IS NULL AND FIND_IN_SET('googleapps', u.mail_storage) = 0 AND
- u.deces = 0 AND u.perms IN ('user', 'admin', 'disabled')
- ORDER BY u.promo DESC, u.nom, u.prenom"));
+ // TODO: Order by promo.
+ $page->assign('lost_emails',
+ XDB::iterator("SELECT a.uid, a.hruid
+ FROM accounts AS a
+ INNER JOIN email_options AS eo ON (eo.uid = a.uid)
+ LEFT JOIN emails AS e ON (a.uid = e.uid AND FIND_IN_SET('active', e.flags))
+ WHERE e.uid IS NULL AND FIND_IN_SET('googleapps', eo.storage) = 0 AND
+ a.state = 'active'
+ ORDER BY a.hruid"));
}
}
$page->assign('geoloc_incitation', count($res));
// Direct link to the RSS feed, when available.
- if (S::rssActivated()) {
+ if (S::hasAuthToken()) {
$page->setRssLink('Polytechnique.org :: News',
- '/rss/'.S::v('hruid') .'/'.S::v('core_rss_hash').'/rss.xml');
+ '/rss/'.S::v('hruid') .'/'.S::v('token').'/rss.xml');
}
// Hide the read event, and reload the page to get to the next event.
{
if (is_null($file)) {
if (is_null($hash)) {
- exit;
+ return PL_FORBIDDEN;
}
$this->handler_rss($page, null, $group, $alias, $hash);
}
- require_once('rss.inc.php');
- $uid = init_rss(null, $alias, $hash);
- if (!$uid) {
- exit;
+ $user = Platal::session()->tokenAuth($alias, $hash);
+ if (is_null($user)) {
+ return PL_FORBIDDEN;
}
- $res = XDB::query("SELECT id AS uid, alias AS forlife
- FROM aliases
- WHERE type = 'a_vie' AND id = {?}", $uid);
- $row = $res->fetchOneAssoc();
- $_SESSION = array_merge($row, $_SESSION);
require_once 'banana/forum.inc.php';
- $banana = new ForumsBanana(S::user(), array('group' => $group, 'action' => 'rss2'));
+ $banana = new ForumsBanana($user, array('group' => $group, 'action' => 'rss2'));
$banana->run();
exit;
}
{
$page->setTitle('Administration - Bannissements des forums');
$page->assign('title', 'Gestion des mises au ban');
- $table_editor = new PLTableEditor('admin/forums','forums.innd','id_innd');
+ $table_editor = new PLTableEditor('admin/forums','forum_innd','id_innd');
$table_editor->add_sort_field('priority', true, true);
$table_editor->describe('read_perm','lecture',true);
$table_editor->describe('write_perm','écriture',true);
$table_editor->describe('comment','commentaire',true);
$table_editor->apply($page, $action, $id);
$page->changeTpl('forums/admin.tpl');
- $page->addJsLink('jquery.js');
}
static function run_banana(&$page, $params = null)
if ($action == 'index') {
$page->changeTpl('fusionax/import.tpl');
- $page->addJsLink('jquery.js');
if (isset($globals->fusionax) && isset($globals->fusionax->LastUpdate)) {
$page->assign(
'lastimport',
$globals = Platal::globals();
$nbToLink = 100;
- $page->addJsLink('jquery.js');
$page->assign('xorg_title', 'Polytechnique.org - Fusion - Mise en correspondance simple');
if ($part == 'missingInAX') {
// locate all persons from this database that are not in AX's
);
}
- function prepare_client(&$page)
+ function prepare_client(&$page, $user = null)
{
global $globals;
$this->load('lists.inc.php');
+ if (is_null($user)) {
+ $user = S::user();
+ }
- $this->client = new MMList(S::v('uid'), S::v('password'));
+ $this->client = new MMList($user);
return $globals->mail->domain;
}
function handler_rss(&$page, $liste = null, $alias = null, $hash = null)
{
- require_once('rss.inc.php');
- $uid = init_rss(null, $alias, $hash);
- if (!$uid || !$liste) {
- exit;
+ if (!$liste) {
+ return PL_NOT_FOUND;
+ }
+ $user = Platal::session()->tokenAuth($alias, $hash);
+ if (is_null($user)) {
+ return PL_FORBIDDEN;
}
- $res = XDB::query("SELECT user_id AS uid, password, alias AS forlife
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type = 'a_vie')
- WHERE u.user_id = {?}", $uid);
- $row = $res->fetchOneAssoc();
- $_SESSION = array_merge($row, $_SESSION);
-
- $domain = $this->prepare_client($page);
+ $domain = $this->prepare_client($page, $user);
if (list($det) = $this->client->get_members($liste)) {
if (substr($liste,0,5) != 'promo' && ($det['ins'] || $det['priv'])
&& !$det['own'] && ($det['sub'] < 2)) {
exit;
}
require_once('banana/ml.inc.php');
- $banana = new MLBanana(S::user(), Array('listname' => $liste, 'domain' => $domain, 'action' => 'rss2'));
+ $banana = new MLBanana($user, Array('listname' => $liste, 'domain' => $domain, 'action' => 'rss2'));
$banana->run();
}
exit;
}
}
- function handler_admin_all(&$page) {
+ function handler_admin_all(&$page)
+ {
$page->changeTpl('lists/admin_all.tpl');
$page->setTitle('Administration - Mailing lists');
- $client = new MMList(S::v('uid'), S::v('password'));
- $listes = $client->get_all_lists();
+ $this->prepare_client($page);
+ $listes = $this->client->get_all_lists();
$page->assign_by_ref('listes', $listes);
}
}
// {{{ function list_sort_owners
-function list_sort_owners(&$members, $tri_promo = true) {
+function list_sort_owners(&$members, $tri_promo = true)
+{
global $globals;
$membres = Array();
foreach($members as $mem) {
- list($m, $dom) = explode('@', $mem);
- $info = list_fetch_name($mem);
- if (!isset($info['uid']) || is_null($info['uid'])) {
+ $user = User::getSilent($mem);
+ if (!$user) {
$membres[0][] = array('l' => $mem, 'p' => (!$tri_promo ? 'inconnue' : null));
} else {
- $uid = $info['uid'];
- $nom = $info['nom'];
- $prenom = $info['prenom'];
- $promo = $info['promo'];
- $broken = $info['lost'];
+ $uid = $user->id();
+ $nom = $user->fullName(); # XXX: Get a notion of 'last name' here, I want to sort user by lastnames
+ $promo = $user->promo();
+ if (!$promo) {
+ $promo = 'non-X';
+ }
+ $broken = false; # XXX: fill it with the good value if the user has no valid email
$key = $tri_promo ? ($promo != 'non-X' ? $promo : 0) : strtoupper(@$nom{0});
if ($tri_promo) {
$promo = null;
}
- $membres[$key][$nom.$m] = Array('n' => "$prenom $nom", 'l' => $m, 'p' => $promo, 'x' => $uid, 'b' => $broken);
+ $membres[$key][$nom.$m] = Array('n' => $nom, 'l' => $m, 'p' => $promo, 'x' => $uid, 'b' => $broken);
}
}
}
// }}}
-// {{{ function list_fetch_names
-
-function list_fetch_name($member)
-{
- global $globals;
- list($m, $dom) = explode('@', $member);
- if ($dom == $globals->mail->domain || $dom == $globals->mail->domain2) {
- $res = XDB::query('SELECT u.user_id AS uid, prenom AS prenom, IF(nom_usage="", nom, nom_usage) AS nom,
- promo AS promo,
- (e.uid IS NULL AND FIND_IN_SET("googleapps", u.mail_storage) = 0) AS lost
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON u.user_id = a.id
- LEFT JOIN emails AS e ON (e.flags = "active" AND e.uid = u.user_id)
- WHERE a.alias = {?}
- GROUP BY u.user_id', $m);
- } else {
- $res = XDB::query('SELECT m2.uid AS uid,
- IF(m2.origine="X", u.prenom, m1.prenom) AS prenom,
- IF(m2.origine="X", u.nom, m1.nom) AS nom,
- IF(m2.origine="X", u.promo, "non-X") AS promo,
- 0 AS lost
- FROM groupex.membres AS m1
- LEFT JOIN groupex.membres AS m2 ON(m1.email=m2.email AND m2.asso_id={?})
- LEFT JOIN auth_user_md5 AS u ON(m2.origine = "X" AND m2.uid = u.user_id)
- WHERE m1.email={?}', $globals->asso('id'), $member);
- }
- if ($res->numRows() == 0) {
- return array('email' => $member);
- } else {
- return array_merge(array('email' => $member), $res->fetchOneAssoc());
- }
-}
function list_fetch_names($members)
{
$res = array();
foreach ($members as $member) {
- $res[] = list_fetch_name($member);
+ $user = User::getSilent($member);
+ if (!$user) {
+ $res[] = $member;
+ } else {
+ $res[] = $user->fullName();
+ }
}
return $res;
}
require_once 'newsletter.inc.php';
$nl = new NewsLetter($nid);
+ $user =& S::user();
if (Get::has('text')) {
- $nl->toText($page, S::v('prenom'), S::v('nom'), S::v('femme'));
+ $nl->toText($page, $user);
} else {
- $nl->toHtml($page, S::v('prenom'), S::v('nom'), S::v('femme'));
+ $nl->toHtml($page, $user);
}
if (Post::has('send')) {
- $res = XDB::query("SELECT hash FROM newsletter_ins WHERE user_id = {?}", S::i('uid'));
- $nl->sendTo(S::user()->login(), S::user()->bestEmail(),
- S::v('prenom'), S::v('nom'),
- S::v('femme'), S::v('mail_fmt') != 'texte',
- $res->fetchOneCell());
+ $nl->sendTo($user);
}
}
if (S::logged()) {
pl_redirect('events');
} else if (!@$GLOBALS['IS_XNET_SITE']) {
- pl_redirect('review');
+ $this->handler_review($page);
}
}
exit;
}
- function handler_changelog(&$page)
+ function handler_changelog(&$page, $core = null)
{
$page->changeTpl('platal/changeLog.tpl');
- $clog = pl_entities(file_get_contents(dirname(__FILE__).'/../ChangeLog'));
- $clog = preg_replace('/===+\s*/', '</pre><hr /><pre>', $clog);
- // url catch only (not all wiki syntax)
- $clog = preg_replace(array(
- '/((?:https?|ftp):\/\/(?:\.*,*[\w@~%$£µ&i#\-+=_\/\?;])*)/ui',
- '/(\s|^)www\.((?:\.*,*[\w@~%$£µ&i#\-+=_\/\?;])*)/iu',
- '/(?:mailto:)?([a-z0-9.\-+_]+@([\-.+_]?[a-z0-9])+)/i'),
- array(
- '<a href="\\0">\\0</a>',
- '\\1<a href="http://www.\\2">www.\\2</a>',
- '<a href="mailto:\\0">\\0</a>'),
- $clog);
- $clog = preg_replace('!(#[0-9]+(,[0-9]+)*)!e', 'bugize("\1")', $clog);
- $clog = preg_replace('!vim:.*$!', '', $clog);
- $clog = preg_replace("!(<hr />(\\s|\n)*)?<pre>(\s|\n)*</pre>((\\s|\n)*<hr />)?!m", "", "<pre>$clog</pre>");
- $page->assign('ChangeLog', $clog);
+ function formatChangeLog($file) {
+ $clog = pl_entities(file_get_contents($file));
+ $clog = preg_replace('/===+\s*/', '</pre><hr /><pre>', $clog);
+ // url catch only (not all wiki syntax)
+ $clog = preg_replace(array(
+ '/((?:https?|ftp):\/\/(?:\.*,*[\w@~%$£µ&i#\-+=_\/\?;])*)/ui',
+ '/(\s|^)www\.((?:\.*,*[\w@~%$£µ&i#\-+=_\/\?;])*)/iu',
+ '/(?:mailto:)?([a-z0-9.\-+_]+@([\-.+_]?[a-z0-9])+)/i'),
+ array(
+ '<a href="\\0">\\0</a>',
+ '\\1<a href="http://www.\\2">www.\\2</a>',
+ '<a href="mailto:\\0">\\0</a>'),
+ $clog);
+ $clog = preg_replace('!(#[0-9]+(,[0-9]+)*)!e', 'bugize("\1")', $clog);
+ $clog = preg_replace('!vim:.*$!', '', $clog);
+ return preg_replace("!(<hr />(\\s|\n)*)?<pre>(\s|\n)*</pre>((\\s|\n)*<hr />)?!m", "", "<pre>$clog</pre>");
+ }
+ if ($core != 'core') {
+ $page->assign('core', false);
+ $page->assign('ChangeLog', formatChangeLog(dirname(__FILE__).'/../ChangeLog'));
+ } else {
+ $page->assign('core', true);
+ $page->assign('ChangeLog', formatChangeLog(dirname(__FILE__).'/../core/ChangeLog'));
+ }
}
function __set_rss_state($state)
{
if ($state) {
- $_SESSION['core_rss_hash'] = rand_url_id(16);
- XDB::execute('UPDATE auth_user_quick
- SET core_rss_hash={?} WHERE user_id={?}',
- S::v('core_rss_hash'), S::v('uid'));
+ S::set('token', rand_url_id(16));
+ XDB::execute('UPDATE accounts
+ SET token = {?}
+ WHERE uid = {?}', S::s('token'), S::i('uid'));
} else {
- XDB::execute('UPDATE auth_user_quick
- SET core_rss_hash="" WHERE user_id={?}',
- S::v('uid'));
- S::kill('core_rss_hash');
+ S::kill('token');
+ XDB::execute('UPDATE accounts
+ SET token = NULL
+ WHERE uid = {?}', S::i('uid'));
}
}
$page->changeTpl('platal/preferences.tpl');
$page->setTitle('Mes préférences');
- if (Post::has('mail_fmt')) {
- $fmt = Post::v('mail_fmt');
- if ($fmt != 'texte') $fmt = 'html';
- XDB::execute("UPDATE auth_user_quick
- SET core_mail_fmt = '$fmt'
- WHERE user_id = {?}",
- S::v('uid'));
- $_SESSION['mail_fmt'] = $fmt;
+ if (Post::has('email_format')) {
+ $fmt = Post::s('email_format');
+ XDB::execute("UPDATE accounts
+ SET email_format = {?}
+ WHERE uid = {?}",
+ $fmt, S::v('uid'));
+ S::set('email_format', $fmt);
}
if (Post::has('rss')) {
function handler_webredir(&$page)
{
$page->changeTpl('platal/webredirect.tpl');
-
$page->setTitle('Redirection de page WEB');
- $log =& S::v('log');
- $url = Env::v('url');
-
- if (Env::v('submit') == 'Valider' and Env::has('url')) {
- XDB::execute('UPDATE auth_user_quick
- SET redirecturl = {?} WHERE user_id = {?}',
- $url, S::v('uid'));
- S::logger()->log('carva_add', 'http://'.Env::v('url'));
- $page->trigSuccess("Redirection activée vers <a href='http://$url'>$url</a>");
- } elseif (Env::v('submit') == "Supprimer") {
- XDB::execute("UPDATE auth_user_quick
- SET redirecturl = ''
- WHERE user_id = {?}",
- S::v('uid'));
- S::logger()->log("carva_del", $url);
+ if (Env::v('submit') == 'Valider' && !Env::blank('url')) {
+ if (Env::blank('url')) {
+ $page->trigError('URL invalide');
+ } else {
+ $url = Env::t('url');
+ XDB::execute('REPLACE INTO carvas (uid, url)
+ VALUES ({?}, {?})',
+ S::i('uid'), $url);
+ S::logger()->log('carva_add', 'http://' . $url);
+ $page->trigSuccess("Redirection activée vers <a href='http://$url'>$url</a>");
+ }
+ } elseif (Env::v('submit') == 'Supprimer') {
+ XDB::execute('DELETE FROM carvas
+ WHERE uid = {?}', S::i('uid'));
Post::kill('url');
+ S::logger()->log('carva_del');
$page->trigSuccess('Redirection supprimée');
}
- $res = XDB::query('SELECT redirecturl
- FROM auth_user_quick
- WHERE user_id = {?}',
- S::v('uid'));
- $page->assign('carva', $res->fetchOneCell());
+ $url = XDB::fetchOneCell('SELECT url
+ FROM carvas
+ WHERE uid = {?}', S::i('uid'));
+ $page->assign('carva', $url);
# FIXME: this code is not multi-domain compatible. We should decide how
# carva will extend to users not in the main domain.
global $globals;
if (Post::has('response2')) {
- require_once 'secure_hash.inc.php';
S::assert_xsrf_token();
- $_SESSION['password'] = $password = Post::v('response2');
-
- XDB::execute('UPDATE auth_user_md5
- SET password={?}
- WHERE user_id={?}', $password,
- S::v('uid'));
+ S::set('password', $password = Post::v('response2'));
+ XDB::execute('UPDATE accounts
+ SET password = {?}
+ WHERE uid={?}', $password,
+ S::i('uid'));
// If GoogleApps is enabled, and the user did choose to use synchronized passwords,
// updates the Google Apps password as well.
$wp = new PlWikiPage('Xorg.NNTPSécurisé');
$wp->buildCache();
- $uid = S::v('uid');
+ $uid = S::i('uid');
$pass = Env::v('smtppass1');
- $log = S::v('log');
if (Env::v('op') == "Valider" && strlen($pass) >= 6
- && Env::v('smtppass1') == Env::v('smtppass2'))
- {
- XDB::execute('UPDATE auth_user_md5 SET smtppass = {?}
- WHERE user_id = {?}', $pass, $uid);
+ && Env::v('smtppass1') == Env::v('smtppass2')) {
+ XDB::execute('UPDATE accounts
+ SET weak_password = {?}
+ WHERE uid = {?}', $pass, $uid);
$page->trigSuccess('Mot de passe enregistré');
S::logger()->log("passwd_ssl");
} elseif (Env::v('op') == "Supprimer") {
- XDB::execute('UPDATE auth_user_md5 SET smtppass = ""
- WHERE user_id = {?}', $uid);
+ XDB::execute('UPDATE accounts
+ SET weak_password = NULL
+ WHERE uid = {?}', $uid);
$page->trigSuccess('Compte SMTP et NNTP supprimé');
S::logger()->log("passwd_del");
}
- $res = XDB::query("SELECT IF(smtppass != '', 'actif', '')
- FROM auth_user_md5
- WHERE user_id = {?}", $uid);
+ $res = XDB::query("SELECT weak_password IS NOT NULL
+ FROM accounts
+ WHERE uid = {?}", $uid);
$page->assign('actif', $res->fetchOneCell());
}
$mailorg = strtok(Env::v('login'), '@');
- // paragraphe rajouté : si la date de naissance dans la base n'existe pas, on l'update
- // avec celle fournie ici en espérant que c'est la bonne
-
+ // XXX: recovery requires usage of profile data.
$res = XDB::query(
"SELECT user_id, naissance
FROM auth_user_md5 AS u
function handler_tmpPWD(&$page, $certif = null)
{
global $globals;
- XDB::execute('DELETE FROM perte_pass
- WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created');
+ // XXX: recovery requires data from the profile
+ XDB::execute('DELETE FROM perte_pass
+ WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created');
- $res = XDB::query('SELECT uid FROM perte_pass WHERE certificat={?}', $certif);
+ $res = XDB::query('SELECT uid
+ FROM perte_pass WHERE certificat={?}', $certif);
$ligne = $res->fetchOneAssoc();
if (!$ligne) {
$page->changeTpl('platal/index.tpl');
$uid = $ligne["uid"];
if (Post::has('response2')) {
$password = Post::v('response2');
- XDB::query('UPDATE auth_user_md5 SET password={?}
- WHERE user_id={?} AND perms IN("admin","user")',
- $password, $uid);
- XDB::query('DELETE FROM perte_pass WHERE certificat={?}', $certif);
+ XDB::query('UPDATE accounts
+ SET password={?}
+ WHERE uid = {?} AND state = \'active\'',
+ $password, $uid);
+ XDB::query('DELETE FROM perte_pass
+ WHERE certificat={?}', $certif);
// If GoogleApps is enabled, and the user did choose to use synchronized passwords,
// updates the Google Apps password as well.
$page->setTitle('Skins');
if (Env::has('newskin')) { // formulaire soumis, traitons les données envoyées
- XDB::execute('UPDATE auth_user_quick
- SET skin={?} WHERE user_id={?}',
- Env::i('newskin'), S::v('uid'));
+ XDB::execute('UPDATE accounts
+ SET skin = {?}
+ WHERE uid = {?}',
+ Env::i('newskin'), S::i('uid'));
S::kill('skin');
Platal::session()->setSkin();
}
- $res = XDB::query('SELECT id FROM skins WHERE skin_tpl={?}', S::v('skin'));
+ $res = XDB::query('SELECT id
+ FROM skins
+ WHERE skin_tpl = {?}', S::v('skin'));
$page->assign('skin_id', $res->fetchOneCell());
- $sql = "SELECT s.*,auteur,count(*) AS nb
- FROM skins AS s
- LEFT JOIN auth_user_quick AS a ON s.id=a.skin
- WHERE skin_tpl != '' AND ext != ''
- GROUP BY id ORDER BY s.date DESC";
+ $sql = 'SELECT s.*, auteur, COUNT(*) AS nb
+ FROM skins AS s
+ LEFT JOIN accounts AS a ON (a.skin = s.id)
+ WHERE skin_tpl != \'\' AND ext != \'\'
+ GROUP BY id ORDER BY s.date DESC';
$page->assign('skins', XDB::iterator($sql));
}
function handler_exit(&$page, $level = null)
{
- if (S::has('suid')) {
- $suid = S::v('suid');
- $log = S::v('log');
- S::logger()->log("suid_stop", S::user()->login() . " by " . $suid['hruid']);
+ if (S::suid()) {
+ S::logger()->log('suid_stop', S::user()->login() . " by " . S::suid('hruid'));
Platal::session()->stopSUID();
pl_redirect('admin/user/' . S::user()->login());
}
return PL_NOT_FOUND;
}
- $login = S::logged() ? User::get($x) : User::getSilent($x);
+ $login = (!is_numeric($x) || S::has_perms()) ? Profile::get($x) : null;
if (!$login) {
+ if (S::logged()) {
+ $page->trigError($x . ' inconnu dans l\'annuaire');
+ }
return PL_NOT_FOUND;
}
WHERE user_id = {?}", $login->id());
if ($res->fetchOneCell()) {
$new = Env::v('modif') == 'new';
- $user = get_user_details($login->login(), S::v('uid'), $view);
+ $user = get_user_details($login->hrid(), S::v('uid'), $view);
} else {
$new = false;
$user = array();
if (S::logged()) {
- pl_redirect('marketing/public/' . $login->login());
+ pl_redirect('marketing/public/' . $login->hrid());
}
}
// Profile view are logged.
if (S::logged()) {
- S::logger()->log('view_profile', $login->login());
+ S::logger()->log('view_profile', $login->hrid());
}
// Sets the title of the html page.
$page->setTitle($login->fullName());
// Prepares the display of the user's mugshot.
- $photo = 'photo/' . $login->login() . ($new ? '/req' : '');
+ $photo = 'photo/' . $login->hrid() . ($new ? '/req' : '');
if (!isset($user['photo_pub']) || !has_user_right($user['photo_pub'], $view)) {
$photo = "";
}
// Determines and displays the virtual alias.
global $globals;
- $res = XDB::query(
- "SELECT alias
- FROM virtual
- INNER JOIN virtual_redirect USING (vid)
- INNER JOIN auth_user_quick ON (user_id = {?} AND emails_alias_pub = 'public')
- WHERE (redirect={?} OR redirect={?})
- AND alias LIKE '%@{$globals->mail->alias_dom}'",
- $login->id(),
- $login->forlifeEmail(),
- // TODO(vzanotti): get ride of all @m4x.org addresses in the
- // virtual redirect base, and remove this über-ugly hack.
- $login->login() . '@' . $globals->mail->domain2);
- $page->assign('virtualalias', $res->fetchOneCell());
+ $owner = $login->owner();
+ if ($owner) {
+ $page->assign('virtualalias', $owner->emailAlias());
+ }
// Adds miscellaneous properties to the display.
// Adds the global user property array to the display.
$page->assign_by_ref('x', $user);
- $page->assign_by_ref('user', $login);
+ $page->assign_by_ref('user', $owner);
$page->assign('logged', has_user_right('private', $view));
$page->assign('view', $view);
http_redirect("http://www.polytechniciens.com/?page=AX_FICHE_ANCIEN&anc_id=$mat");
}
- function handler_p_edit(&$page, $opened_tab = null, $mode = null)
+ function handler_p_edit(&$page, $user = null, $opened_tab = null, $mode = null)
{
global $globals;
+ if (is_null($user)) {
+ $user = S::user();
+ if (!$user->hasProfile()) {
+ return PL_NOT_FOUND;
+ } else {
+ pl_redirect('profile/edit/' . $user->profile()->hrid());
+ }
+ } else {
+ $user = Profile::get($user);
+ if (!$user) {
+ return PL_NOT_FOUND;
+ } else if (!S::user()->canEdit($user) && Platal::notAllowed()) {
+ return PL_FORBIDDEN;
+ }
+ }
+
// AX Synchronization
require_once 'synchro_ax.inc.php';
if (is_ax_key_missing()) {
$page->addJsLink('grades.js');
$page->addJsLink('profile.js');
$page->addJsLink('jquery.autocomplete.js');
- $wiz = new PlWizard('Profil', PlPage::getCoreTpl('plwizard.tpl'), true, true);
+ $wiz = new PlWizard('Profil', PlPage::getCoreTpl('plwizard.tpl'), true, true, false);
+ $wiz->addUserData('profile', $user);
+ $wiz->addUserData('owner', $user->owner());
$this->load('page.inc.php');
$wiz->addPage('ProfileGeneral', 'Général', 'general');
$wiz->addPage('ProfileAddresses', 'Adresses personnelles', 'adresses');
$wiz->addPage('ProfileJobs', 'Informations professionnelles', 'emploi');
$wiz->addPage('ProfileSkills', 'Compétences diverses', 'skill');
$wiz->addPage('ProfileMentor', 'Mentoring', 'mentor');
- $wiz->apply($page, 'profile/edit', $opened_tab, $mode);
+ $wiz->apply($page, 'profile/edit/' . $user->hrid(), $opened_tab, $mode);
// Misc checks
$res = XDB::query("SELECT user_id
return $value;
}
- private function saveTel($adrid, $telid, array &$tel)
- {
- XDB::execute("INSERT INTO profile_phones (uid, link_type, link_id, tel_id, tel_type,
- search_tel, display_tel, pub)
- VALUES ({?}, 'address', {?}, {?}, {?},
- {?}, {?}, {?})",
- S::i('uid'), $adrid, $telid, $tel['type'],
- format_phone_number($tel['tel']), $tel['tel'], $tel['pub']);
- }
-
- private function saveAddress($adrid, array &$address)
+ private function saveAddress($pid, $adrid, array &$address)
{
$flags = new PlFlagSet();
- if ($address['secondaire']) {
- $flags->addFlag('res-secondaire');
- }
- if ($address['mail']) {
- $flags->addFlag('courrier');
- }
- if ($address['temporary']) {
- $flags->addFlag('temporaire');
- }
- if ($address['current']) {
- $flags->addFlag('active');
- }
- if ($address['checked']) {
- $flags->addFlag('coord-checked');
- }
+ $flags->addFlag('res-secondaire', $address['secondaire']);
+ $flags->addFlag('courrier', $address['mail']);
+ $flags->addFlag('temporaire', $address['temporary']);
+ $flags->addFlag('active', $address['current']);
+ $flags->addFlag('coord-checked', $address['checked']);
XDB::execute("INSERT INTO adresses (adr1, adr2, adr3,
postcode, city, cityid,
country, region, regiontxt,
$address['postcode'], $address['city'], $address['cityid'],
$address['country'], $address['region'], $address['regiontxt'],
$address['pub'], $address['datemaj'], $flags,
- S::i('uid'), $adrid, $address['precise_lat'], $address['precise_lon'], $address['comment']);
+ $pid, $adrid, $address['precise_lat'], $address['precise_lon'], $address['comment']);
}
public function save(ProfilePage &$page, $field, $value)
{
XDB::execute("DELETE FROM adresses
WHERE uid = {?}",
- S::i('uid'));
+ $page->pid());
XDB::execute("DELETE FROM profile_phones
WHERE uid = {?} AND link_type = 'address'",
- S::i('uid'));
+ $page->pid());
foreach ($value as $adrid=>&$address) {
- $this->saveAddress($adrid, $address);
+ $this->saveAddress($page->pid(), $adrid, $address);
$profiletel = new ProfilePhones('address', $adrid);
- $profiletel->saveTels('tel', $address['tel']);
+ $profiletel->saveTels($page->pid(), 'tel', $address['tel']);
}
}
}
INNER JOIN geoloc_pays AS gp ON(gp.a2 = a.country)
WHERE uid = {?} AND NOT FIND_IN_SET('pro', statut)
ORDER BY adrid",
- S::i('uid'));
+ $this->pid());
if ($res->numRows() == 0) {
$this->values['addresses'] = array();
} else {
FROM profile_phones
WHERE uid = {?} AND link_type = 'address'
ORDER BY link_id",
- S::i('uid'));
+ $this->pid());
$i = 0;
$adrNb = count($this->values['addresses']);
while ($tel = $res->next()) {
FROM profile_medals_sub AS s
INNER JOIN profile_medals AS m ON ( s.mid = m.id )
WHERE s.uid = {?}",
- S::i('uid'));
+ $page->pid());
$value = array();
while (list($id, $grade) = $res->next()) {
$value[$id] = array('grade' => $grade,
if ($val['valid']) {
XDB::execute("DELETE FROM profile_medals_sub
WHERE uid = {?} AND mid = {?}",
- S::i('uid'), $id);
+ $page->pid(), $id);
} else {
$req = MedalReq::get_request(S::i('uid'), $id);
if ($req) {
protected function _fetchData()
{
- $res = XDB::query("SELECT profile_medals_pub
- FROM auth_user_quick
- WHERE user_id = {?}",
- S::i('uid'));
+ $res = XDB::query("SELECT medals_pub
+ FROM profiles
+ WHERE pid = {?}",
+ $this->pid());
$this->values['medals_pub'] = $res->fetchOneCell();
}
protected function _saveData()
{
if ($this->changed['medals_pub']) {
- XDB::execute("UPDATE auth_user_quick
- SET profile_medals_pub = {?}
- WHERE user_id = {?}",
- $this->values['medals_pub'], S::i('uid'));
+ XDB::execute("UPDATE profiles
+ SET medals_pub = {?}
+ WHERE pid = {?}",
+ $this->values['medals_pub'], $this->pid());
}
}
private $private_name_end;
private $search_names;
- private function matchWord($old, $new, $newLen) {
+ private function matchWord($old, $new, $newLen)
+ {
return ($i = strpos($old, $new)) !== false
&& ($i == 0 || $old{$i-1} == ' ')
&& ($i + $newLen == strlen($old) || $old{$i + $newLen} == ' ');
INNER JOIN profile_name_enum AS e ON (e.id = sn.typeid)
WHERE sn.pid = {?} AND NOT FIND_IN_SET('not_displayed', e.flags)
ORDER BY NOT FIND_IN_SET('always_displayed', e.flags), e.id, sn.name",
- S::v('uid'));
+ $page->pid());
$sn_types = XDB::iterator("SELECT id, type, name,
FIND_IN_SET('has_particle', flags) AS has_particle
while ($sn_type = $sn_types->next()) {
if ($sn_type['id'] == $sn['typeid']) {
$value[] = $sn;
- $sn = $sn_all->next();
+ if ($sn) {
+ $sn = $sn_all->next();
+ }
} else {
$value[] = array('typeid' => $sn_type['id'],
'type' => $sn_type['type'],
INNER JOIN profile_name_enum AS e ON (e.id = s.typeid)
WHERE s.pid = {?} AND e.type LIKE '%ini'
ORDER BY e.type = 'firstname_ini'",
- S::i('uid'));
+ $page->pid());
$res = $res->fetchAllAssoc();
$initial = array();
$initial['lastname'] = $res[0]['particle'] . $res[0]['name'];
USING profile_name AS s
INNER JOIN profile_name_enum AS e ON (s.typeid = e.id)
WHERE s.pid = {?} AND NOT FIND_IN_SET('not_displayed', e.flags)",
- S::i('uid'));
+ $page->pid());
$has_new = set_alias_names($this->search_names, $sn_old);
// Only requires validation if modification in public names
class ProfileEdu implements ProfileSetting
{
- public function __construct(){}
+ public function __construct() {
+ }
static function sortByGradYear($line1, $line2) {
$a = (int) $line1['grad_year'];
$success = true;
if (is_null($value) || !is_array($value)) {
$value = array();
- $res = XDB::iterator("SELECT eduid, degreeid, fieldid, grad_year, program
- FROM profile_education
- WHERE uid = {?} AND !FIND_IN_SET('primary', flags)
- ORDER BY id",
- S::v('uid'));
- while($edu = $res->next()) {
- $value[] = $edu;
- }
+ $value = XDB::fetchAllAssoc("SELECT eduid, degreeid, fieldid, grad_year, program
+ FROM profile_education
+ WHERE uid = {?} AND !FIND_IN_SET('primary', flags)
+ ORDER BY id",
+ $page->pid());
} else {
$i = 0;
foreach ($value as $key=>&$edu) {
{
XDB::execute("DELETE FROM profile_education
WHERE uid = {?} AND !FIND_IN_SET('primary', flags)",
- S::i('uid'));
+ $page->pid());
foreach ($value as $eduid=>&$edu) {
if ($edu['eduid'] != '') {
XDB::execute("INSERT INTO profile_education
SET id = {?}, uid = {?}, eduid = {?}, degreeid = {?},
fieldid = {?}, grad_year = {?}, program = {?}",
- $eduid, S::i('uid'), $edu['eduid'], $edu['degreeid'],
+ $eduid, $page->pid(), $edu['eduid'], $edu['degreeid'],
$edu['fieldid'], $edu['grad_year'], $edu['program']);
}
}
public function value(ProfilePage &$page, $field, $value, &$success)
{
if (is_null($value)) {
- $value = array();
- $res = XDB::iterator("SELECT n.address, n.network_type AS type, n.pub, m.name
- FROM profile_networking AS n
- INNER JOIN profile_networking_enum AS m ON (n.network_type = m.network_type)
- WHERE n.uid = {?}",
- S::i('uid'));
- while($network = $res->next()) {
- $value[] = $network;
- }
+ $value = XDB::fetchAllAssoc("SELECT n.address, n.network_type AS type, n.pub, m.name
+ FROM profile_networking AS n
+ INNER JOIN profile_networking_enum AS m ON (n.network_type = m.network_type)
+ WHERE n.uid = {?}",
+ $page->pid());
}
if (!is_array($value)) {
$value = array();
}
- $res = XDB::iterator("SELECT filter, network_type AS type
- FROM profile_networking_enum;");
- $filters = array();
- while($filter = $res->next()) {
- $filters[$filter['type']] = $filter['filter'];
- }
+ $filters = XDB::fetchAllAssoc('type', 'SELECT filter, network_type AS type
+ FROM profile_networking_enum;');
$success = true;
foreach($value as $i=>&$network) {
if (!trim($network['address'])) {
{
XDB::execute("DELETE FROM profile_networking
WHERE uid = {?}",
- S::i('uid'));
+ $page->pid());
if (!count($value)) {
return;
}
foreach ($value as $id=>$network) {
XDB::execute("INSERT INTO profile_networking (uid, nwid, network_type, address, pub)
VALUES ({?}, {?}, {?}, {?}, {?})",
- S::i('uid'), $id, $network['type'], $network['address'], $network['pub']);
+ $page->pid(), $id, $network['type'], $network['address'], $network['pub']);
}
}
}
parent::__construct($wiz);
$this->settings['search_names']
= new ProfileSearchNames();
- $this->settings['naissance']
- = new ProfileDate();
+ $this->settings['birthdate'] = new ProfileDate();
$this->settings['freetext_pub']
= $this->settings['photo_pub']
= new ProfilePub();
$this->settings['freetext']
- = $this->settings['nationalite']
- = $this->settings['nationalite2']
- = $this->settings['nationalite3']
+ = $this->settings['nationality1']
+ = $this->settings['nationality2']
+ = $this->settings['nationality3']
= $this->settings['yourself']
= $this->settings['promo']
= null;
$this->settings['edus'] = new ProfileEdu();
$this->watched= array('freetext' => true, 'tels' => true,
'networking' => true, 'edus' => true,
- 'nationalite' => true, 'nationalite2' => true,
- 'nationalite3' => true, 'search_names' => true);
+ 'nationality1' => true, 'nationality2' => true,
+ 'nationality3' => true, 'search_names' => true);
}
protected function _fetchData()
{
// Checkout all data...
$res = XDB::query("SELECT p.promo, e.entry_year AS entry_year, e.grad_year AS grad_year,
- u.nationalite, u.nationalite2, u.nationalite3, u.naissance,
+ pr.nationality1, pr.nationality2, pr.nationality3, pr.birthdate,
t.display_tel as mobile, t.pub as mobile_pub,
d.email_directory as email_directory,
- q.profile_freetext as freetext, q.profile_freetext_pub as freetext_pub,
- q.profile_from_ax as synchro_ax, u.matricule_ax, p.yourself
- FROM auth_user_md5 AS u
- INNER JOIN auth_user_quick AS q ON (u.user_id = q.user_id)
- INNER JOIN profile_display AS p ON (p.pid = u.user_id)
- INNER JOIN profile_education AS e ON (e.uid = u.user_id AND FIND_IN_SET('primary', e.flags))
- LEFT JOIN profile_phones AS t ON (u.user_id = t.uid AND link_type = 'user')
- LEFT JOIN profile_directory AS d ON (d.uid = u.user_id)
- WHERE u.user_id = {?}", S::v('uid', -1));
+ pr.freetext, pr.freetext_pub as freetext_pub
+ FROM profiles AS pr
+ INNER JOIN profile_display AS p ON (p.pid = pr.pid)
+ INNER JOIN profile_education AS e ON (e.uid = pr.pid AND FIND_IN_SET('primary', e.flags))
+ LEFT JOIN profile_phones AS t ON (t.uid = pr.pid AND link_type = 'user')
+ LEFT JOIN profile_directory AS d ON (d.uid = pr.pid)
+ WHERE pr.pid = {?}", $this->pid());
$this->values = $res->fetchOneAssoc();
+ if ($this->owner) {
+ $this->values['yourself'] = $this->owner->displayName();
+ }
// Retreive photo informations
$res = XDB::query("SELECT pub
FROM photo
- WHERE uid = {?}", S::v('uid'));
+ WHERE uid = {?}", $this->pid());
$this->values['photo_pub'] = $res->fetchOneCell();
- $res = XDB::query("SELECT COUNT(*)
- FROM requests
- WHERE type='photo' AND user_id = {?}",
- S::v('uid'));
- $this->values['nouvellephoto'] = $res->fetchOneCell();
+ if ($this->owner) {
+ $res = XDB::query("SELECT COUNT(*)
+ FROM requests
+ WHERE type='photo' AND user_id = {?}",
+ $this->owner->id());
+ $this->values['nouvellephoto'] = $res->fetchOneCell();
+ } else {
+ $this->values['nouvellephoto'] = 0;
+ }
// Proposes choice for promotion
if ($this->values['entry_year'] != $this->values['grad_year'] - 3) {
protected function _saveData()
{
- if ($this->changed['nationalite'] || $this->changed['nationalite2'] || $this->changed['nationalite3']
- || $this->changed['naissance']) {
- if ($this->values['nationalite3'] == "") {
- $this->values['nationalite3'] = NULL;
+ if ($this->changed['nationality1'] || $this->changed['nationality2'] || $this->changed['nationality3']
+ || $this->changed['birthdate'] || $this->changed['freetext'] || $this->changed['freetext_pub']) {
+ if ($this->values['nationality3'] == "") {
+ $this->values['nationality3'] = NULL;
}
- if ($this->values['nationalite2'] == "") {
- $this->values['nationalite2'] = $this->values['nationalite3'];
- $this->values['nationalite3'] = NULL;
+ if ($this->values['nationality2'] == "") {
+ $this->values['nationality2'] = $this->values['nationality3'];
+ $this->values['nationality3'] = NULL;
}
- if ($this->values['nationalite'] == "") {
- $this->values['nationalite'] = $this->values['nationalite2'];
- $this->values['nationalite2'] = $this->values['nationalite3'];
- $this->values['nationalite3'] = NULL;
+ if ($this->values['nationality1'] == "") {
+ $this->values['nationality1'] = $this->values['nationality2'];
+ $this->values['nationality2'] = $this->values['nationality3'];
+ $this->values['nationality3'] = NULL;
}
- XDB::execute("UPDATE auth_user_md5
- SET nationalite = {?}, nationalite2 = {?}, nationalite3 = {?}, naissance={?}
+ XDB::execute("UPDATE profiles
+ SET nationality1 = {?}, nationality2 = {?}, nationality3 = {?}, birthdate = {?},
+ freetext = {?}, freetext_pub = {?}
WHERE user_id = {?}",
- $this->values['nationalite'], $this->values['nationalite2'], $this->values['nationalite3'],
- preg_replace('@(\d{2})/(\d{2})/(\d{4})@', '\3-\2-\1', $this->values['naissance']),
- S::v('uid'));
- }
- if ($this->changed['freetext'] || $this->changed['freetext_pub'] || $this->changed['synchro_ax']) {
- XDB::execute("UPDATE auth_user_quick
- SET profile_freetext={?}, profile_freetext_pub={?}, profile_from_ax = {?}
- WHERE user_id = {?}",
- $this->values['freetext'], $this->values['freetext_pub'],
- $this->values['synchro_ax'], S::v('uid'));
+ $this->values['nationality1'], $this->values['nationality2'], $this->values['nationality3'],
+ preg_replace('@(\d{2})/(\d{2})/(\d{4})@', '\3-\2-\1', $this->values['birthdate']),
+ $this->values['freetext'], $this->values['freetext_pub'],
+ $this->pid());
}
if ($this->changed['email_directory']) {
$new_email = ($this->values['email_directory'] == "new@example.org") ?
}
XDB::execute("REPLACE INTO profile_directory (uid, email_directory)
VALUES ({?}, {?})",
- S::v('uid'), $new_email);
+ $this->pid(), $new_email);
}
if ($this->changed['photo_pub']) {
XDB::execute("UPDATE photo
SET pub = {?}
WHERE uid = {?}",
- $this->values['photo_pub'], S::v('uid'));
+ $this->values['photo_pub'], $this->pid());
}
if ($this->changed['yourself']) {
- XDB::execute("UPDATE profile_display
- SET yourself = {?}
- WHERE pid = {?}",
- $this->values['yourself'], S::v('uid'));
+ XDB::execute('UPDATE accounts
+ SET display_name = {?}
+ WHERE pid = {?}', $this->pid());
}
if ($this->changed['promo']) {
XDB::execute("UPDATE profile_display
SET promo = {?}
WHERE pid = {?}",
- $this->values['promo'], S::v('uid'));
+ $this->values['promo'], $this->pid());
}
}
{
require_once "education.func.inc.php";
- $res = XDB::iterator("SELECT id, field
- FROM profile_education_field_enum
- ORDER BY field");
+ $res = XDB::query("SELECT id, field
+ FROM profile_education_field_enum
+ ORDER BY field");
$page->assign('edu_fields', $res->fetchAllAssoc());
require_once "emails.combobox.inc.php";
- fill_email_combobox($page);
+ fill_email_combobox($page, $this->owner, $this->profile);
- $res = XDB::iterator("SELECT nw.network_type AS type, nw.name
- FROM profile_networking_enum AS nw
- ORDER BY name");
+ $res = XDB::query("SELECT nw.network_type AS type, nw.name
+ FROM profile_networking_enum AS nw
+ ORDER BY name");
$page->assign('network_list', $res->fetchAllAssoc());
$res = XDB::query("SELECT public_name, private_name
FROM profile_display
WHERE pid = {?}",
- S::v('uid'));
+ $this->pid());
$res = $res->fetchOneRow();
$page->assign('public_name', $res[0]);
$page->assign('private_name', $res[1]);
$success = true;
if (is_null($value)) {
$res = XDB::query("SELECT section
- FROM auth_user_md5
- WHERE user_id = {?}",
- S::i('uid'));
+ FROM profiles
+ WHERE pid = {?}",
+ $page->pid());
return intval($res->fetchOneCell());
}
return intval($value);
public function save(ProfilePage &$page, $field, $value)
{
- XDB::execute("UPDATE auth_user_md5
+ XDB::execute("UPDATE profiles
SET section = {?}
- WHERE user_id = {?}",
- $value, S::i('uid'));
+ WHERE pid = {?}",
+ $value, $page->pid());
}
}
FROM {$this->table}_def AS g
INNER JOIN {$this->table}_ins AS i ON (i.{$this->group_field} = g.id)
WHERE i.{$this->user_field} = {?}",
- S::i('uid'));
+ $page->pid());
while (list($gid, $text) = $res->next()) {
$value[intval($gid)] = $text;
}
{
XDB::execute("DELETE FROM {$this->table}_ins
WHERE {$this->user_field} = {?}",
- S::i('uid'));
+ $page->pid());
if (!count($value)) {
return;
}
$insert = array();
foreach ($value as $id=>$text) {
- $insert[] = '(' . S::i('uid') . ", $id)";
+ $insert[] = XDB::format('({?}, {?})', $page->pid(), $id);
}
XDB::execute("INSERT INTO {$this->table}_ins ({$this->user_field}, {$this->group_field})
VALUES " . implode(',', $insert));
FROM groupex.asso AS a
INNER JOIN groupex.membres AS m ON (m.asso_id = a.id)
WHERE m.uid = {?} AND (a.cat = 'GroupesX' OR a.cat = 'Institutions')",
- S::i('uid')));
+ $this->pid()));
$page->assign('listgroups', XDB::iterator("SELECT a.nom, a.diminutif, a.sub_url,
IF (a.cat = 'Institutions', a.cat, d.nom) AS dom
FROM groupex.asso AS a
WHERE a.inscriptible != 0
AND (a.cat = 'GroupesX' OR a.cat = 'Institutions')
ORDER BY a.cat, a.dom, a.nom"));
+ # XXX: FIXME: promo_sortie
$page->assign('old', (int)date('Y') >= S::i('promo_sortie'));
}
}
{
// Checkout the CV
$res = XDB::query("SELECT cv
- FROM auth_user_md5
- WHERE user_id = {?}",
- S::i('uid'));
+ FROM profiles
+ WHERE pid = {?}",
+ $this->pid());
$this->values['cv'] = $res->fetchOneCell();
// Checkout the corps
rankid AS rank, corps_pub AS pub
FROM profile_corps
WHERE uid = {?}",
- S::i('uid'));
+ $this->pid());
$this->values['corps'] = $res->fetchOneAssoc();
// Build the jobs tree
LEFT JOIN geoloc_pays AS gp ON (gp.a2 = e.country)
LEFT JOIN profile_job_subsubsector_enum AS s ON (s.id = j.subsubsectorid)
WHERE j.uid = {?}
- ORDER BY entrid", S::i('uid'));
+ ORDER BY entrid", $this->pid());
$this->values['jobs'] = array();
while (list($id, $name, $function, $secteur, $ss_secteur, $sss_secteur, $description,
$w_adr1, $w_adr2, $w_adr3, $w_postcode, $w_city, $w_cityid,
FROM profile_phones
WHERE uid = {?} AND link_type = 'pro'
ORDER BY link_id",
- S::i('uid'));
+ $this->pid());
$i = 0;
$jobNb = count($this->values['jobs']);
while ($tel = $res->next()) {
protected function _saveData()
{
if ($this->changed['cv']) {
- XDB::execute("UPDATE auth_user_md5
+ XDB::execute("UPDATE profiles
SET cv = {?}
- WHERE user_id = {?}",
- $this->values['cv'], S::i('uid'));
+ WHERE pid = {?}",
+ $this->values['cv'], $this->pid());
}
if ($this->changed['corps']) {
rankid = {?}, corps_pub = {?}
WHERE uid = {?}",
$this->values['corps']['original'], $this->values['corps']['current'],
- $this->values['corps']['rank'], $this->values['corps']['pub'], S::i('uid'));
+ $this->values['corps']['rank'], $this->values['corps']['pub'], $this->pid());
}
}
public function _prepare(PlPage &$page, $id)
{
require_once "emails.combobox.inc.php";
- fill_email_combobox($page);
+ fill_email_combobox($page, $this->owner, $this->profile);
$res = XDB::query("SELECT id, name AS label
FROM profile_job_sector_enum");
INNER JOIN profile_job_sector_enum AS s ON (m.sectorid = s.id)
INNER JOIN profile_job_subsector_enum AS ss ON (s.id = ss.sectorid AND m.subsectorid = ss.id)
WHERE m.uid = {?}",
- S::i('uid'));
+ $page->pid());
while (list($s, $ss, $ssname) = $res->next()) {
if (!isset($value[$s])) {
$value[$s] = array($ss => $ssname);
XDB::execute("DELETE FROM profile_mentor_sector
WHERE uid = {?}",
- S::i('uid'));
+ $page->pid());
if (!count($value)) {
return;
}
foreach ($sect as $sid=>&$name) {
XDB::execute("INSERT INTO profile_mentor_sector (uid, sectorid, subsectorid)
VALUES ({?}, {?}, {?})",
- S::i('uid'), $id, $sid);
+ $page->pid(), $id, $sid);
}
}
}
FROM profile_mentor_country AS m
INNER JOIN geoloc_pays AS p ON (m.country = p.a2)
WHERE m.uid = {?}",
- S::i('uid'));
+ $page->pid());
while (list($id, $name) = $res->next()) {
$value[$id] = $name;
}
{
XDB::execute("DELETE FROM profile_mentor_country
WHERE uid = {?}",
- S::i('uid'));
+ $page->pid());
foreach ($value as $id=>&$name) {
XDB::execute("INSERT INTO profile_mentor_country (uid, country)
VALUES ({?}, {?})",
- S::i('uid'), $id);
+ $page->pid(), $id);
}
}
}
$res = XDB::query("SELECT expertise
FROM mentor
WHERE uid = {?}",
- S::i('uid'));
+ $this->pid());
$this->values['expertise'] = $res->fetchOneCell();
}
if (empty($expertise)) {
XDB::execute("DELETE FROM mentor
WHERE uid = {?}",
- S::i('uid'));
+ $this->pid());
$this->values['expertise'] = null;
} else {
XDB::execute("REPLACE INTO mentor (uid, expertise)
VALUES ({?}, {?})",
- S::i('uid'), $expertise);
+ $this->pid(), $expertise);
$this->values['expertise'] = $expertise;
}
}
{
private $tel;
private $pub;
- protected $id;
protected $link_type;
protected $link_id;
- public function __construct($type, $link_id, $id = 0)
+ public function __construct($type, $link_id)
{
- if ($id != 0) {
- $this->id = $id;
- } else {
- $this->id = S::i('uid');
- }
$this->tel = new ProfileTel();
$this->pub = new ProfilePub();
$this->link_type = $type;
FROM profile_phones AS t
WHERE t.uid = {?} AND t.link_type = {?}
ORDER BY t.tel_id",
- $this->id, $this->link_type);
+ $page->pid(), $this->link_type);
$value = $res->fetchAllAssoc();
}
foreach ($value as $key=>&$phone) {
return $value;
}
- private function saveTel($telid, array &$phone)
+ private function saveTel($pid, $telid, array &$phone)
{
if ($phone['tel'] != '') {
XDB::execute("INSERT INTO profile_phones (uid, link_type, link_id, tel_id, tel_type,
search_tel, display_tel, pub, comment)
VALUES ({?}, {?}, {?}, {?}, {?},
{?}, {?}, {?}, {?})",
- $this->id, $this->link_type, $this->link_id, $telid, $phone['type'],
+ $pid, $this->link_type, $this->link_id, $telid, $phone['type'],
format_phone_number($phone['tel']), $phone['tel'], $phone['pub'], $phone['comment']);
}
}
{
XDB::execute("DELETE FROM profile_phones
WHERE uid = {?} AND link_type = {?} AND link_id = {?}",
- $this->id, $this->link_type, $this->link_id);
- $this->saveTels($field, $value);
+ $page->pid(), $this->link_type, $this->link_id);
+ $this->saveTels($page->pid(), $field, $value);
}
//Only saves phones without a delete operation
- public function saveTels($field, $value)
+ public function saveTels($pid, $field, $value)
{
foreach ($value as $telid=>&$phone) {
- $this->saveTel($telid, $phone);
+ $this->saveTel($pid, $telid, $phone);
}
}
}
public $orig = array();
public $values = array();
+ public $profile = null;
+ public $owner = null;
public function __construct(PlWizard &$wiz)
{
$this->wizard =& $wiz;
+ $this->profile = $this->wizard->getUserData('profile');
+ $this->owner = $this->wizard->getUserData('owner');
}
protected function _fetchData()
$setting->save($this, $field, $this->values[$field]);
}
if ($this->changed[$field] && @$this->watched[$field]) {
- register_profile_update(S::i('uid'), $field);
+ register_profile_update($this->pid(), $field);
}
}
$this->_saveData();
// Update the last modification date
XDB::execute('REPLACE INTO user_changes
- SET user_id = {?}', S::v('uid'));
- if (!S::has('suid')) {
- register_watch_op(S::i('uid'), WATCH_FICHE);
+ SET user_id = {?}', $this->pid());
+ if (!S::suid()) {
+ register_watch_op($this->pid(), WATCH_FICHE);
}
global $platal;
- S::logger()->log('profil', $platal->pl_self(1));
+ S::logger()->log('profil', $platal->pl_self(2));
}
protected function checkChanges()
return 'profile/base.tpl';
}
+ public function pid()
+ {
+ return $this->profile->id();
+ }
+
+ public function hrpid()
+ {
+ return $this->profile->hrpid();
+ }
+
protected function _prepare(PlPage &$page, $id)
{
}
$page->assign($field, $value);
}
$this->_prepare($page, $id);
+ $page->assign('profile', $this->profile);
+ $page->assign('owner', $this->owner);
$page->assign('profile_page', $this->pg_template);
$page->assign('errors', $this->errors);
}
FROM {$this->table}_def AS s
INNER JOIN {$this->table}_ins AS i ON(s.id = i.{$this->skill_field})
WHERE i.uid = {?}",
- S::i('uid'));
+ $page->pid());
while (list($sid, $text, $level) = $res->next()) {
$value[$sid] = array('text' => $text, 'level' => $level);
}
{
XDB::execute("DELETE FROM {$this->table}_ins
WHERE uid = {?}",
- S::i('uid'));
+ $page->pid());
if (!count($value)) {
return;
}
foreach ($value as $id=>&$skill) {
XDB::execute("INSERT INTO {$this->table}_ins (uid, {$this->skill_field}, level)
VALUES ({?}, {?}, {?})",
- S::i('uid'), $id, $skill['level']);
+ $page->pid(), $id, $skill['level']);
}
}
}
$p_for = 'xorg.promo.x' . $promo;
$cible = array('xorg.general', 'xorg.pa.divers', 'xorg.pa.logements', $p_for);
foreach ($cible as $val) {
- XDB::execute("INSERT INTO forums.abos (fid,uid)
- SELECT fid, {?} FROM forums.list WHERE nom={?}", $uid, $val);
+ XDB::execute('INSERT INTO forum_subs (fid,uid)
+ SELECT fid, {?}
+ FROM forum
+ WHERE name = {?}', $uid, $val);
if (XDB::affectedRows() == 0 && $val == $p_for) {
$res = XDB::query("SELECT SUM(perms IN ('admin','user') AND deces = 0), COUNT(*)
FROM auth_user_md5
{
global $globals;
extract($sub_state);
- require_once('secure_hash.inc.php');
$pass = rand_pass();
- $pass_encrypted = hash_encrypt($pass);
+ $pass_encrypted = sha1($pass);
$hash = rand_url_id(12);
XDB::execute('UPDATE auth_user_md5 SET last_known_email={?} WHERE matricule = {?}', $email, $mat);
function handler_graph_evo(&$page, $jours = 365)
{
- define('DUREEJOUR',24*3600);
+ define('DUREEJOUR', 24 * 3600);
//recupere le nombre d'inscriptions par jour sur la plage concernée
- $res = XDB::iterRow(
- "SELECT IF( date_ins>DATE_SUB(NOW(),INTERVAL $jours DAY),
- TO_DAYS(date_ins)-TO_DAYS(NOW()),
- ".(-($jours+1)).") AS jour,
- COUNT(user_id) AS nb
- FROM auth_user_md5
- WHERE perms IN ('admin','user') AND deces = 0
- GROUP BY jour");
+ // FIXME: don't count dead peaple
+ $res = XDB::iterRow('SELECT IF(registration_date > DATE_SUB(NOW(), INTERVAL {?} DAY),
+ TO_DAYS(registration_date) - TO_DAYS(NOW()),
+ -{?}) AS jour,
+ COUNT(uid) AS nb
+ FROM accounts
+ WHERE state = \'active\'
+ GROUP BY jour', (int)$jours, 1 + (int)$jours);
//genere des donnees compatibles avec GNUPLOT
$inscrits='';
$depart = 1930;
//recupere le nombre d'inscriptions par jour sur la plage concernée
- $res = XDB::iterRow(
- "SELECT promo, SUM(perms IN ('admin', 'user')) / COUNT(*) * 100
- FROM auth_user_md5
- WHERE promo >= $depart AND deces = 0
- GROUP BY promo");
+ // XXX: Manage dead peaple...
+ $res = XDB::iterRow("SELECT pe.entry_year AS promo, SUM(state = 'active') / COUNT(*) * 100
+ FROM accounts AS a
+ INNER JOIN account_profiles AS ap ON (ap.uid = a.uid AND FIND_IN_SET('owner', ap.perms))
+ INNER JOIN profile_education AS pe ON (pe.uid = ap.pid AND FIND_IN_SET('primary', pe.flags))
+ WHERE pe.entry_year >= {?}
+ GROUP BY promo", $depart);
//genere des donnees compatibles avec GNUPLOT
$inscrits='';
} else {
//nombre de jours sur le graph
$jours = 365;
- define('DUREEJOUR',24*3600);
- $res = XDB::query(
- "SELECT min(TO_DAYS(date_ins)-TO_DAYS(now()))
- FROM auth_user_md5
- WHERE promo = {?} AND perms IN ('admin', 'user') AND deces = 0",
- $promo);
+ define('DUREEJOUR', 24 * 3600);
+
+ // XXX: And promo again \o/
+ $res = XDB::query("SELECT MIN(TO_DAYS(a.registration_date) - TO_DAYS(NOW()))
+ FROM accounts AS a
+ INNER JOIN account_profiles AS ap ON (ap.uid = a.uid AND FIND_IN_SET('owner', ap.perms))
+ INNER JOIN profile_education AS pe ON (pe.uid = ap.pid AND FIND_IN_SET('primary', pe.flags))
+ WHERE pe.entry_year = {?} AND a.state = 'active'", (int)$promo);
$jours = -$res->fetchOneCell();
//recupere le nombre d'inscriptions par jour sur la plage concernée
- $res = XDB::iterRow(
- "SELECT IF( date_ins>DATE_SUB(NOW(),INTERVAL $jours DAY),
- TO_DAYS(date_ins)-TO_DAYS(NOW()),
- ".(-($jours+1)).") AS jour,
- COUNT(user_id) AS nb
- FROM auth_user_md5
- WHERE promo = {?} AND perms IN ('admin','user') AND deces = 0
- GROUP BY jour", $promo);
+ $res = XDB::iterRow("SELECT IF(a.registration_date > DATE_SUB(NOW(), INTERVAL {?} DAY),
+ TO_DAYS(a.registration_date) - TO_DAYS(NOW()),
+ -{?}) AS jour,
+ COUNT(a.uid) AS nb
+ FROM accounts AS a
+ INNER JOIN account_profiles AS ap ON (ap.uid = a.uid AND FIND_IN_SET('owner', ap.perms))
+ INNER JOIN profile_education AS pe ON (pe.uid = ap.pid AND FIND_IN_SET('primary', pe.flags))
+ WHERE pe.entry_year = {?} AND a.state = 'active'
+ GROUP BY jour", (int)$jours, 1 + (int)$jours, (int)$promo);
//genere des donnees compatibles avec GNUPLOT
$inscrits='';
{
$page->changeTpl('stats/nb_by_promo.tpl');
- $res = XDB::iterRow(
- "SELECT promo,COUNT(*)
- FROM auth_user_md5
- WHERE promo > 1900 AND perms IN ('admin','user') AND deces = 0
- GROUP BY promo
- ORDER BY promo");
+ $res = XDB::iterRow('SELECT pe.entry_year AS promo, COUNT(*)
+ FROM accounts AS a
+ INNER JOIN account_profiles AS ap ON (ap.uid = a.uid AND FIND_IN_SET(\'owner\', ap.perms))
+ INNER JOIN profile_education AS pe ON (pe.uid = ap.pid AND FIND_IN_SET(\'primary\', pe.flags))
+ WHERE pe.entry_year >= 1900 AND a.state = \'active\'
+ GROUP BY promo
+ ORDER BY promo');
$max=0; $min=3000;
while (list($p,$nb) = $res->next()) {
$time = ' AND e.stamp > DATE_SUB(CURDATE(), INTERVAL 1 ' . strtoupper($period) . ')';
break;
}
+ // XXX: Need to be port to profile stuff
$rows = XDB::iterator("SELECT IF(u.nom_usage != '', u.nom_usage, u.nom) AS nom,
u.prenom, u.promo, e.data AS forlife, COUNT(*) AS count
FROM logger.events AS e
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
-function get_infos($email)
-{
- global $globals;
- // look for uid instead of email if numeric
- $field = is_numeric($email) ? 'uid' : 'email';
-
- if ($field == 'email') {
- $email = strtolower($email);
- if (strpos($email, '@') === false) {
- $email .= '@m4x.org';
- }
- list($mbox,$dom) = explode('@', $email);
- }
-
- $res = XDB::query(
- "SELECT uid, nom, prenom, email, email AS email2, perms='admin', origine, comm, sexe
- FROM groupex.membres
- WHERE $field = {?} AND asso_id = {?}", $email, $globals->asso('id'));
-
- if ($res->numRows()) {
- $user = $res->fetchOneAssoc();
- if ($user['origine'] == 'X') {
- $res = XDB::query("SELECT nom, prenom, promo, FIND_IN_SET('femme', flags) AS sexe
- FROM auth_user_md5
- WHERE user_id = {?}", $user['uid']);
- $user = array_merge($user, $res->fetchOneAssoc());
- }
- return $user;
- } elseif ($dom == 'polytechnique.org' || $dom == 'm4x.org') {
- $res = XDB::query(
- "SELECT user_id AS uid, u.promo,
- IF(u.nom_usage<>'', u.nom_usage, u.nom) AS nom,
- u.prenom, b.alias,
- CONCAT(b.alias, '@m4x.org') AS email,
- CONCAT(b.alias, '@polytechnique.org') AS email2,
- m.perms = 'admin' AS perms, m.origine, m.comm,
- FIND_IN_SET('femme', u.flags) AS sexe
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON ( u.user_id = a.id AND a.type != 'homonyme' )
- INNER JOIN aliases AS b ON ( u.user_id = b.id AND b.type = 'a_vie' )
- LEFT JOIN groupex.membres AS m ON ( m.uid = u.user_id AND asso_id={?})
- WHERE a.alias = {?} AND u.user_id < 50000", $globals->asso('id'), $mbox);
- return $res->fetchOneAssoc();
- }
-
- return null;
-}
-
class XnetGrpModule extends PLModule
{
$page->assign('requests', $subs_valid->numRows());
}
- if (!S::has('core_rss_hash')) {
+ if (!S::hasAuthToken()) {
$page->setRssLink("Polytechnique.net :: {$globals->asso("nom")} :: News publiques",
$platal->ns . "rss/rss.xml");
} else {
$page->setRssLink("Polytechnique.net :: {$globals->asso("nom")} :: News",
- $platal->ns . 'rss/'.S::v('hruid') .'/'.S::v('core_rss_hash').'/rss.xml');
+ $platal->ns . 'rss/'.S::v('hruid') .'/'.S::v('token').'/rss.xml');
}
$page->assign('articles', $arts);
function handler_change_rights(&$page)
{
- if (Env::has('right') && (may_update() || S::has('suid'))) {
+ if (Env::has('right') && (may_update() || S::suid())) {
switch (Env::v('right')) {
case 'admin':
Platal::session()->stopSUID();
}
}
- function unsubscribe(&$user)
+ function unsubscribe(PlUser &$user)
{
global $globals;
- XDB::execute(
- "DELETE FROM groupex.membres WHERE uid={?} AND asso_id={?}",
- $user['uid'], $globals->asso('id'));
+ XDB::execute("DELETE FROM groupex.membres
+ WHERE uid = {?} AND asso_id = {?}",
+ $user->id(), $globals->asso('id'));
if ($globals->asso('notif_unsub')) {
$mailer = new PlMailer('xnetgrp/unsubscription-notif.mail.tpl');
- $res = XDB::iterRow("SELECT a.alias, u.prenom, IF(u.nom_usage != '', u.nom_usage, u.nom) AS nom
- FROM groupex.membres AS m
- INNER JOIN aliases AS a ON (m.uid = a.id AND FIND_IN_SET('bestalias', a.flags))
- INNER JOIn auth_user_md5 AS u ON (u.user_id = a.id)
- WHERE m.asso_id = {?} AND m.perms = 'admin'",
- $globals->asso('id'));
- while (list($alias, $prenom, $nom) = $res->next()) {
- $mailer->addTo("\"$prenom $nom\" <$alias@{$globals->mail->domain}>");
+ $uids = XDB::fetchColumn('SELECT uid
+ FROM groupex.membres
+ WHERE perms = \'admin\' AND asso_id = {?}',
+ $globals->asso('id'));
+ $users = User::getBuildUsersWithUIDs($uids);
+ foreach ($users as $user) {
+ $mailer->addTo($user);
}
$mailer->assign('group', $globals->asso('nom'));
- $mailer->assign('prenom', $user['prenom']);
- $mailer->assign('nom', $user['nom']);
- $mailer->assign('mail', $user['email2']);
- $mailer->assign('selfdone', $user['uid'] == S::i('uid'));
+ $mailer->assign('user', $user);
+ $mailer->assign('selfdone', $user->id() == S::i('uid'));
$mailer->send();
}
- $user_same_email = get_infos($user['email']);
$domain = $globals->asso('mail_domain');
-
- if (!$domain || (!empty($user_same_email) && $user_same_email['uid'] != $user['uid'])) {
+ if (!$domain) {
return true;
}
- $mmlist = new MMList(S::v('uid'), S::v('password'), $domain);
- $listes = $mmlist->get_lists($user['email2']);
+ $mmlist = new MMList($user, $domain);
+ $listes = $mmlist->get_lists($user->forlifeEmail());
$may_update = may_update();
$warning = false;
foreach ($listes as $liste) {
if ($liste['sub'] == 2) {
if ($may_update) {
- $mmlist->mass_unsubscribe($liste['list'], Array($user['email2']));
+ $mmlist->mass_unsubscribe($liste['list'], Array($user->forlifeEmail()));
} else {
$mmlist->unsubscribe($liste['list']);
}
} elseif ($liste['sub']) {
- Platal::page()->trigWarning("{$user['prenom']} {$user['nom']} a une"
+ Platal::page()->trigWarning($user->fullName() . " a une"
." demande d'inscription en cours sur la"
." liste {$liste['list']}@ !");
$warning = true;
}
}
- XDB::execute(
- "DELETE FROM virtual_redirect
- USING virtual_redirect
- INNER JOIN virtual USING(vid)
- WHERE redirect={?} AND alias LIKE {?}", $user['email'], '%@'.$domain);
+ XDB::execute("DELETE FROM virtual_redirect
+ USING virtual_redirect
+ INNER JOIN virtual USING(vid)
+ WHERE redirect={?} AND alias LIKE {?}",
+ $user->forlifeEmail(), '%@'.$domain);
return !$warning;
}
function handler_unsubscribe(&$page)
{
$page->changeTpl('xnetgrp/membres-del.tpl');
- $user = get_infos(S::user()->id());
+ $user = S::user()->id();
if (empty($user)) {
return PL_NOT_FOUND;
}
function handler_admin_member_del(&$page, $user = null)
{
$page->changeTpl('xnetgrp/membres-del.tpl');
- $user = get_infos($user);
+ $user = User::getSilent($user);
if (empty($user)) {
return PL_NOT_FOUND;
}
}
if ($this->unsubscribe($user)) {
- $page->trigSuccess("{$user['prenom']} {$user['nom']} a été désabonné du groupe !");
+ $page->trigSuccess("{$user->fullName()} a été désinscrit du groupe !");
} else {
- $page->trigWarning("{$user['prenom']} {$user['nom']} a été désabonné du groupe, mais des erreurs subsistent !");
+ $page->trigWarning("{$user->fullName()} a été désinscrit du groupe, mais des erreurs subsistent !");
}
}
- private function changeLogin(PlPage &$page, array &$user, MMList &$mmlist, $login)
+ private function changeLogin(PlPage &$page, PlUser &$user, MMList &$mmlist, $login)
{
require_once 'user.func.inc.php';
// Search the uid of the user...
$page->changeTpl('xnetgrp/membres-edit.tpl');
- $user = get_infos($user);
+ $user = User::getSilent($user);
if (empty($user)) {
return PL_NOT_FOUND;
}
- $mmlist = new MMList(S::v('uid'), S::v('password'),
- $globals->asso('mail_domain'));
+ $mmlist = new MMList($user, $globals->asso('mail_domain'));
if (Post::has('change')) {
S::assert_xsrf_token();
// Convert user status to X
- if ($user['origine'] == 'ext' && trim(Post::v('login_X'))) {
- $forlife = $this->changeLogin($page, $user, $mmlist, trim(Post::v('login_X')));
+ if (Post::blank('login_X')) {
+ // TODO: Rewrite changeLogin!!!
+ $forlife = $this->changeLogin($page, $user, $mmlist, Post::t('login_X'));
if ($forlife) {
pl_redirect('member/' . $forlife);
}
<?php
/***************************************************************************
- * Copyright (C) 2003-2009 Polytechnique.org *
+ * Copyright (C) 2003-2008 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
);
}
- function prepare_client(&$page)
+ function prepare_client(&$page, $user = null)
{
global $globals;
Platal::load('lists', 'lists.inc.php');
- $this->client = new MMList(S::v('uid'), S::v('password'),
- $globals->asso('mail_domain'));
+ if (is_null($user)) {
+ $user =& S::user();
+ }
+ $this->client = new MMList($user, $globals->asso('mail_domain'));
$page->assign('asso', $globals->asso());
$page->setType($globals->asso('cat'));
$not_in_group_x = array();
$not_in_group_ext = array();
- $ann = XDB::iterator(
- "SELECT if (m.origine='X',if (u.nom_usage<>'', u.nom_usage, u.nom) ,m.nom) AS nom,
- if (m.origine='X',u.prenom,m.prenom) AS prenom,
- if (m.origine='X',u.promo,'extérieur') AS promo,
- if (m.origine='X',CONCAT(a.alias, '@{$globals->mail->domain}'),m.email) AS email,
- if (m.origine='X',FIND_IN_SET('femme', u.flags),0) AS femme,
- m.perms='admin' AS admin,
- m.origine='X' AS x
- FROM groupex.membres AS m
- LEFT JOIN auth_user_md5 AS u ON ( u.user_id = m.uid )
- LEFT JOIN aliases AS a ON ( a.id = m.uid AND a.type='a_vie' )
- WHERE m.asso_id = {?}
- ORDER BY promo, nom, prenom", $globals->asso('id'));
-
+ $ann = XDB::fetchColumn('SELECT uid
+ FROM groupex.membres
+ WHERE asso_id = {?}', $globals->asso('id'));
+ $users = User::getBuildUsersWithUIDs($ann, 'promo,full_name');
$not_in_list = array();
-
- while ($tmp = $ann->next()) {
- if (!in_array(strtolower($tmp['email']), $subscribers)) {
- $not_in_list[] = $tmp;
+ foreach ($users as $user) {
+ if (!in_array(strtolower($user->forlifeEmail()), $subscribers)) {
+ $not_in_list[] = $user;
}
}
if (Env::has('add_member')) {
S::assert_xsrf_token();
- $add = Env::v('add_member');
- if (strstr($add, '@')) {
- list($mbox,$dom) = explode('@', strtolower($add));
- } else {
- $mbox = $add;
- $dom = 'm4x.org';
+ $add = Env::t('add_member');
+ $user = User::getSilent($add);
+ if ($user) {
+ $add = $user->forlifeEmail();
+ } else if (!User::isForeignEmailAddress($add)) {
+ $add = null;
}
- if ($dom == 'polytechnique.org' || $dom == 'm4x.org') {
- $res = XDB::query(
- "SELECT a.alias, b.alias
- FROM x4dat.aliases AS a
- LEFT JOIN x4dat.aliases AS b ON (a.id=b.id AND b.type = 'a_vie')
- WHERE a.alias={?} AND a.type!='homonyme'", $mbox);
- if (list($alias, $blias) = $res->fetchOneRow()) {
- $alias = empty($blias) ? $alias : $blias;
- XDB::query(
- "INSERT INTO x4dat.virtual_redirect (vid,redirect)
- SELECT vid, {?}
- FROM x4dat.virtual
- WHERE alias={?}", "$alias@m4x.org", $lfull);
- $page->trigSuccess("$alias@m4x.org ajouté");
- } else {
- $page->trigError("$mbox@{$globals->mail->domain} n'existe pas.");
- }
+ if (!empty($add)) {
+ XDB::execute('INSERT INTO x4dat.virtual_redirect (vid, redirect)
+ SELECT vid, {?},
+ FROM x4dat.virtual
+ WHERE alias = {?}', strtolower($add), $lfull);
+ $page->trigSuccess($add . ' ajouté.');
} else {
- XDB::query(
- "INSERT INTO x4dat.virtual_redirect (vid,redirect)
- SELECT vid,{?}
- FROM x4dat.virtual
- WHERE alias={?}", "$mbox@$dom", $lfull);
- $page->trigSuccess("$mbox@$dom ajouté");
+ $page->trigError($add . ' n\'existe pas.');
}
}
}
global $globals;
- $res = XDB::iterator("SELECT IF(r.login IS NULL, m.nom, IF(u.nom_usage != '', u.nom_usage, u.nom)) AS nom,
- IF(r.login IS NULL, m.prenom, u.prenom) AS prenom,
- IF(r.login IS NULL, 'extérieur', u.promo) AS promo,
- m.perms = 'admin' AS admin, r.redirect, r.login AS alias
- FROM (SELECT redirect AS redirect,
- IF(SUBSTRING_INDEX(redirect, '@', -1) IN ({?}, {?}),
- SUBSTRING_INDEX(redirect, '@', 1), NULL) AS login
- FROM x4dat.virtual_redirect AS vr
- INNER JOIN x4dat.virtual AS v USING(vid)
- WHERE v.alias = {?}
- ORDER BY redirect) AS r
- LEFT JOIN aliases AS a ON (r.login IS NOT NULL AND r.login = a.alias)
- LEFT JOIN auth_user_md5 AS u ON (u.user_id = a.id)
- LEFT JOIN groupex.membres AS m ON (m.asso_id = {?} AND IF(r.login IS NULL, m.email = r.redirect, m.uid = u.user_id))",
- $globals->mail->domain, $globals->mail->domain2,
- $lfull, $globals->asso('id'));
- $page->assign('mem', $res);
+ $emails = XDB::fetchColumn('SELECT redirect
+ FROM virtual_redirect AS vr
+ INNER JOIN virtual AS v USING(vid)
+ WHERE v.alias = {?}
+ ORDER BY redirect', $lfull);
+ $mem = array();
+ foreach ($emails as $email) {
+ $user = User::getSilent($email);
+ if ($user) {
+ $mem[] = array('user' => $user, 'email' => $email);
+ } else {
+ $mem[] = array('email' => $email);
+ }
+ }
+ $page->assign('mem', $mem);
}
function handler_acreate(&$page)
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
-function init_rss($template, $alias, $hash, $require_uid = true)
+function smarty_function_profile($params, &$smarty)
{
- $page =& Platal::page();
- $page->changeTpl($template, NO_SKIN);
- $user = Platal::session()->tokenAuth($alias, $hash);
- if (is_null($user)) {
- if ($require_uid) {
- exit;
- } else {
- $user = null;
+ $with_promo = isset($params['with_promo']) ? $params['with_promo'] : false;
+ $with_sex = isset($params['with_sex']) ? $params['with_sex'] : true;
+ $with_link = isset($params['with_link']) ? $params['with_link'] : true;
+ $with_groupperms = isset($params['with_groupperms']) ? $params['with_groupperms'] : true;
+ $user = $params['user'];
+
+ $name = pl_entities($user->fullName());
+ if ($with_sex && $user->isFemale()) {
+ $name = '•' . $name;
+ }
+ if ($with_promo) {
+ $promo = $user->promo();
+ if ($promo) {
+ $name .= ' (' . pl_entities($promo) . ')';
}
}
-
- if ($template) {
- $page->assign('rss_hash', $hash);
- header('Content-Type: application/rss+xml; charset=utf8');
+ if ($with_link) {
+ $profile = ($user instanceof Profile) ? $user : $user->profile();
+ if ($profile) {
+ $name = '<a href="profile/' . $profile->hrid() . '" class="popup2">' . $name . '</a>';
+ }
+ }
+ if ($with_groupperms && $user instanceof User && $user->group_perms == 'admin') {
+ $name = '<strong>' . $name . '</strong>';
}
- return is_null($user) ? null : $user->id();
+ return $name;
}
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
+++ /dev/null
-<?php
-/***************************************************************************
- * Copyright (C) 2003-2009 Polytechnique.org *
- * http://opensource.polytechnique.org/ *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the Free Software *
- * Foundation, Inc., *
- * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
- ***************************************************************************/
-
-function smarty_insert_getName()
-{
- $uid = Cookie::v('uid', -1);
- if ($uid < 0) {
- return "";
- }
- $res = XDB::query("SELECT prenom FROM auth_user_md5 WHERE user_id={?}", $uid);
- return $res->fetchOneCell();
-}
-
-// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
-?>
{* *}
{**************************************************************************}
-<h1>Comptes désactivés</h1>
+<h1>{$disabled->total()} Comptes désactivés ou surveillés</h1>
<table class="bicol">
- <tr><th>Nom</th><th>Commentaire</th></tr>
+ <tr><th>Nom</th><th>Disabled</th><th>Surveillé</th><th>Commentaire</th></tr>
{iterate from=$disabled item=user}
<tr class="{cycle values="pair,impair"}">
<td>
- <a href="admin/user/{$user.hruid}">{$user.prenom} {$user.nom} ({$user.promo})</a>
+ <a href="admin/user/{$user.hruid}">{$user.hruid}</a>
+ </td>
+ <td>
+ <input type="checkbox" disabled="disabled" {if $user.disabled}checked="checked"{/if} />
+ </td>
+ <td>
+ <input type="checkbox" disabled="disabled" {if $user.watch}checked="checked"{/if} />
</td>
<td>
{$user.comment|default='(none)'}
{/iterate}
</table>
-<h1>Administrateurs du site</h1>
+<h1>{$admins->total()} Administrateurs du site</h1>
<table class="tinybicol">
<tr><th>Utilisateur</th></tr>
{iterate from=$admins item=user}
<tr class="{cycle values="pair,impair"}">
<td>
- <a href="admin/user/{$user.hruid}">{$user.prenom} {$user.nom} ({$user.promo})</a>
+ <a href="admin/user/{$user.hruid}">{$user.hruid}</a>
</td>
</tr>
{/iterate}
</table>
</form>
-<script type='text/javascript' src='javascript/jquery.js'></script>
<script type="text/javascript">//<![CDATA[
{literal}
$('input.deathDate').change(
<tr>
<td>
<textarea cols="80" rows="20" name="mailbody">
-{$prenom},
+{$user->displayName()},
Comme nous t'en avons informé par email il y a quelques temps,
pour respecter nos engagements en terme d'adresses email devinables,
tu te verras bientôt retirer l'alias {$loginbis}@{#globals.mail.domain#} pour
-ne garder que {$forlife}@{#globals.mail.domain#}.
+ne garder que {$user->forlifeEmail()}.
Toute personne qui écrira à {$loginbis}@{#globals.mail.domain#} recevra la
réponse d'un robot qui l'informera que {$loginbis}@{#globals.mail.domain#}
<tr>
<td>
<textarea cols="80" rows="20" name="mailbody">
-{$prenom},
+{$user->displayName()},
Comme nous t'en avons informé par email il y a quelques temps,
nous t'avons retiré de façon définitive l'adresse
{**************************************************************************}
-<h1>
- Gestion des utilisateurs
-</h1>
-
-
{if $smarty.post.u_kill_conf}
<form method="post" action="admin/user">
{xsrf_token_field}
<input type="submit" name="u_kill" value="continuer" />
</div>
</form>
-{else}
-
-<form method="post" action="admin/user">
- {xsrf_token_field}
- <table class="tinybicol" cellspacing="0" cellpadding="2">
- <tr>
- <th>
- Administrer
- </th>
- </tr>
- {if !$smarty.request.login && !$mr.hruid}
- <tr class="pair">
- <td class="center">
- Il est possible d'entrer ici n'importe quelle adresse email : redirection, melix, ou alias.
- </td>
- </tr>
- {/if}
- <tr>
- <td class="center">
- <input type="text" name="login" size="40" maxlength="255" value="{$smarty.request.login|default:$mr.hruid}" />
- </td>
- </tr>
- <tr>
- <td class="center">
- <input type="hidden" name="hashpass" value="" />
- <input type="submit" name="select" value=" edit " />
- <input type="submit" name="suid_button" value=" su " />
- <input type="submit" name="ax_button" value=" AX " />
- <input type="submit" name="logs_button" value=" logs " />
- </td>
- </tr>
- </table>
-</form>
-
-{if $mr}
-
-<p class="smaller">
-Dernière connexion le <strong>{$lastlogin|date_format:"%d %B %Y, %T"}</strong>
-depuis <strong>{$host}</strong>.
-</p>
-
+{elseif $user}
{literal}
+
<script type="text/javascript">
//<![CDATA[
function doEditUser() {
document.forms.alias.submit();
}
+function del_profile(pid) {
+ document.forms.profiles.del_profile.value = pid;
+ document.forms.profiles.submit();
+}
+
function del_fwd(fwd) {
document.forms.fwds.del_fwd.value = fwd;
document.forms.fwds.submit();
document.forms.bans.read_perm.value = "!xorg.*";
}
+$(document).ready(function() {
+ $('#tabs > ul').tabs();
+ $('.ui-tabs-nav li').width('33%')
+ .click(function() { $(this).children('a').click() });
+});
+
// ]]>
</script>
{/literal}
-<form id="auth" method="post" action="admin/user">
+<div id="tabs">
+<ul>
+ <li><a href="{$platal->pl_self()}#account"><span >Compte</span></a></li>
+ <li><a href="{$platal->pl_self()}#emails"><span>Emails</span></a></li>
+ <li><a href="{$platal->pl_self()}#forums"><span>Forums</span></a></li>
+</ul>
+
+<div id="account">
+<form id="auth" method="post" action="admin/user/{$user->login()}#account">
{xsrf_token_field}
- <table cellspacing="0" cellpadding="2" class="tinybicol">
+ <h1>Informations sur le compte</h1>
+ <p class="smaller">
+ Dernière connexion le <strong>{$lastlogin|date_format:"%d %B %Y, %T"}</strong>
+ depuis <strong>{$host}</strong>.
+ </p>
+
+ <table class="tinybicol">
<tr>
<th colspan="2">
<div style="float: right; text-align: right">
- Matricule = {$mr.matricule}<br />
- Matricule AX = {$mr.matricule_ax}
+ Inscrit le {$user->registration_date|date_format}
</div>
<div style="float: left; text-align: left">
- UID = {$mr.user_id}<br />
- Inscription = {$mr.date_ins|date_format}
+ {icon name=user_gray} {$mr.hruid} (uid {$user->id()})
</div>
- <input type="hidden" name="user_id" value="{$mr.user_id}" />
+ <input type="hidden" name="uid" value="{$user->id()}" />
</th>
</tr>
- <tr class="pair">
- <td class="titre">
- Mot de passe
+ <tr>
+ <td class="titre">Nom complet</td>
+ <td><input type="text" name="full_name" maxlength="255" value="{$user->fullName()}" /></td>
+ </tr>
+ <tr>
+ <td class="titre">Nom affiché</td>
+ <td><input type="text" name="display_name" maxlength="255" value="{$user->displayName()}" /></td>
+ </tr>
+ <tr>
+ <td class="titre">Sexe</td>
+ <td>
+ <label>femme <input type="radio" name="sex" value="female" {if $user->isFemale()}checked="checked"{/if} /></label>
+ <label><input type="radio" name="sex" value="male" {if !$user->isFemale()}checked="checked"{/if} /> homme</label>
</td>
+ </tr>
+ <tr class="impair">
+ <td class="titre">Mot de passe</td>
<td>
<div style="float: left">
- <input type="text" name="newpass_clair" size="10" maxlength="10" value="********" />
- <input type="hidden" name="passw" size="32" maxlength="32" value="{$mr.password}" />
+ <input type="text" name="newpass_clair" size="10" maxlength="255" value="********" />
<input type="hidden" name="hashpass" value="" />
</div>
<div style="float: left; margin-top: 5px;">
</div>
</td>
</tr>
+ <tr class="impair">
+ <td class="titre">Mot de passe SMTP</td>
+ <td>
+ <div style="float: left">
+ <input type="password" name="weak_password" size="10" maxlength="256" value="" />
+ {if $user->weak_access}
+ <input type="submit" name="disable_weak_access" value="Supprimer" />
+ {/if}
+ </div>
+ </td>
+ </tr>
+ <tr class="impair">
+ <td class="titre">Accès RSS</td>
+ <td>
+ <label>
+ <input type="checkbox" name="token_access" {if $user->token_access}checked="checked"{/if} value="1" />
+ activer l'accès
+ </label>
+ </td>
+ </tr>
+ <tr class="impair">
+ <td class="titre">Skin</td>
+ <td>
+ <select name="skin">
+ <option value="" {if !$user->skin}selected="selected"{/if}>Aucune (défaut du système)</option>
+ {iterate from=$skins item=skin}
+ <option value="{$skin.id}" {if $user->skin eq $skin.id}selected="selected"{/if}>{$skin.name}</option>
+ {/iterate}
+ </select>
+ </td>
+ </tr>
+ <tr class="pair">
+ <td class="titre">Etat du compte</td>
+ <td>
+ <select name="state">
+ <option value="pending" {if $user->state eq 'pending'}selected="selected"{/if}>pending (Non-inscrit)</option>
+ <option value="active" {if $user->state eq 'active'}selected="selected"{/if}>active (Inscrit, peut se logguer)</option>
+ <option value="disabled" {if $user->state eq 'disabled'}selected="selected"{/if}>disabled (Inscrit, accès interdit)</option>
+ </select><br />
+ <label>
+ <input type="checkbox" name="is_admin" value="1" {if $user->is_admin}checked="checked"{/if} />
+ administrateur du site
+ </label>
+ </td>
+ </tr>
+ <tr class="pair">
+ <td class="titre">Type de compte</td>
+ <td>
+ <select name="type">
+ {iterate from=$account_types item=type}
+ <option value="{$type.type}" {if $user->type eq $type.type}selected="selected"{/if}>{$type.type} ({$type.perms})</option>
+ {/iterate}
+ </select>
+ <a href="admin/account/types">{icon name=wrench title=Gérer} gérer</a>
+ </td>
+ </tr>
+ <tr class="pair">
+ <td class="titre">
+ Surveillance
+ </td>
+ <td>
+ <label><input type="checkbox" name="watch" {if $user->watch}checked="checked"{/if} value="1" />
+ Surveiller l'activité de ce compte</label><br />
+ <span class="smaller">Cette option permet d'avoir des logs complets de l'activité
+ du compte via le logger, et d'être alerté lors des connexions de l'utilisateur.</span>
+ </td>
+ </tr>
+ <tr class="pair">
+ <td class="titre">
+ Commentaire
+ </td>
+ <td>
+ <input type="text" name="comment" size="40" maxlength="64" value="{$user->comment}" />
+ </td>
+ </tr>
+ </table>
+ <div class="center">
+ <input type="submit" name="update_account" value="Mettre à jour" /><br />
+ <input type="submit" name="su_account" value="Prendre l'identité" />
+ <input type="submit" name="log_account" value="Consulter les logs" />
+ </div>
+</form>
+
+<h1>Fiches associées au compte</h1>
+
+<form id="profiles" method="post" action="admin/user/{$user->login()}#account">
+ {xsrf_token_field}
+ <table class="tinybicol">
+ <tr>
+ <th></th>
+ <th>Identifiant de la fiche</th>
+ <th></th>
+ </tr>
+ {iterate from=$profiles item=profile}
+ <tr>
+ <td><input type="radio" name="owner" value="{$profile.pid}" {if $profile.owner}checked="checked"{/if}
+ onclick="this.form.submit()" /></td>
+ <td>{$profile.hrpid}</td>
+ <td class="right">
+ <a href="profile/edit/{$profile.hrpid}">{icon name=user_edit}</a>
+ <a href="profile/{$profile.hrpid}" class="popup2">{icon name=user_suit}</a>
+ <a href="javascript:del_profile({$profile.pid})">{icon name=cross}</a>
+ </td>
+ </tr>
+ {/iterate}
+ <tr>
+ <td>
+ <input type="radio" name="owner" value="0" onclick="this.form.submit()" />
+ </td>
+ <td>None</td>
+ <td></td>
+ </tr>
+ <tr class="pair">
+ <td colspan="3">
+ <input type="hidden" name="del_profile" value="" />
+ <input type="text" maxlength="64" name="new_profile" />
+ <input type="submit" name="add_profile" value="Ajouter" />
+ </td>
+ </tr>
+ </table>
+</form>
+
+</div>
+
+<!--
+ <h1>Informations sur la fiche</h1>
+ <table cellspacing="0" cellpadding="2" class="tinybicol">
+ <tr>
+ <th colspan="2">
+ <div style="float: right; text-align: right">
+ Matricule = {$mr.matricule}<br />
+ Matricule AX = {$mr.matricule_ax}
+ </div>
+ <div style="float: left; text-align: left">
+ UID = {$mr.user_id}<br />
+ Inscription = {$mr.date_ins|date_format}
+ </div>
+ <input type="hidden" name="user_id" value="{$mr.user_id}" />
+ </th>
+ </tr>
<tr class="pair">
<td class="titre">
Nom
<input type="text" name="promoN" size="4" maxlength="4" value="{$mr.promo}" />
</td>
</tr>
- <tr class="impair">
- <td class="titre">
- Surveillance
- </td>
- <td>
- <label><input type="checkbox" name="watchN" {if $mr.watch}checked="checked"{/if} />
- Surveiller l'activité de ce compte</label><br />
- <span class="smaller">Cette option permet d'avoir des logs complets de l'activité
- du compte via le logger, et d'être alerté lors des connexions de l'utilisateur.</span>
- </td>
- </tr>
- <tr class="impair">
- <td class="titre">
- Commentaire
- </td>
- <td>
- <input type="text" name="commentN" size="40" maxlength="64" value="{$mr.comment}" />
- </td>
- </tr>
{if $mr.perms eq 'pending'}
<tr class="center">
<td colspan="2">
Ne pas utiliser [Désinscrire] si le but est d'exclure la personne.
Pour ceci changer ses permissions en 'disabled'.
</p>
-<form id="alias" method="post" action="admin/user">
+-->
+
+<div id="emails">
+<h1>Gestion de l'adresse X.org {$user->login()}</h1>
+
+<form id="alias" method="post" action="admin/user/{$user->login()}#emails">
{xsrf_token_field}
<table class="tinybicol" cellpadding="2" cellspacing="0">
<tr>
<th class="alias" colspan="3">
- Alias email
+ Alias email de l'utilisateur
</th>
</tr>
{iterate from=$aliases item=a}
<td>garanti à vie*</td>
{else}
<td class="action">
- <a href="javascript:del_alias('{$a.alias}')">delete</a>
+ <a href="javascript:del_alias('{$a.alias}')">{icon name=cross}</a>
</td>
{/if}
</tr>
{/iterate}
- {iterate from=$virtuals item=virtual}
- <tr class="{cycle values="impair,pair"}">
- <td></td>
- <td>{$virtual.alias}</td>
- <td></td>
- </tr>
- {/iterate}
<tr class="{cycle values="impair,pair"}">
<td colspan="2" class="detail">
<input type="text" name="email" size="29" maxlength="60" value="" />
<input type="submit" name="add_alias" value="Ajouter" />
</td>
</tr>
- </table>
-</form>
-
-<p><strong>* à ne modifier qu'avec l'accord express de l'utilisateur !!!</strong></p>
-
-<form id="bans" method="post" action="admin/user">
- {xsrf_token_field}
- <table cellspacing="0" cellpadding="2" class="tinybicol">
- <tr>
- <th colspan="4">
- Permissions sur les forums
- </th>
- </tr>
- <tr class="impair">
- <td class="titre">
- Poster
- </td>
- <td>
- <input type="text" name="write_perm" size="32" maxlength="255" value="{$bans.write_perm}" />
- </td>
- <td class="action">
- <a href="javascript:ban_write()">Bannir</a>
- </td>
- </tr>
- <tr class="pair">
- <td class="titre">
- Lire
- </td>
- <td>
- <input type="text" name="read_perm" size="32" maxlength="255" value="{$bans.read_perm}" />
- </td>
- <td class="action">
- <a href="javascript:ban_read()">Bannir</a>
- </td>
- </tr>
- <tr class="impair">
- <td class="titre">
- Commentaire
- </td>
- <td colspan="2">
- <input type="text" name="comment" size="40" maxlength="255" value="{$bans.comment}" />
- </td>
- </tr>
- <tr class="center">
- <td colspan="3">
- <input type="hidden" name="user_id" value="{$mr.user_id}" />
- <input type="submit" name="b_edit" value="Modifier" />
+ <tr class="{cycle values="impair,pair"}">
+ <td colspan="3" class="desc">
+ <strong>* à ne modifier qu'avec l'accord express de l'utilisateur !!!</strong>
</td>
</tr>
</table>
</form>
-{javascript name="ajax"}
-{test_email hruid=$user->login()}
+<br />
-<form id="fwds" method="post" action="admin/user#fwds">
+<form id="fwds" method="post" action="admin/user/{$user->login()}#emails">
{xsrf_token_field}
<table class="bicol" cellpadding="2" cellspacing="0">
<tr>
</td>
<td class="action">
{if $mail->is_removable()}
- <a href="javascript:del_fwd('{$mail->email}')">delete</a>
+ <a href="javascript:del_fwd('{$mail->email}')">{icon name=cross}</a>
{/if}
</td>
</tr>
</table>
</form>
-{/if}
+{javascript name="ajax"}
+{test_email hruid=$user->login()}
+
+<h1>Autres adresses de l'utilisateur</h1>
+
+<table class="tinybicol">
+ <th>Virtual aliases auquel l'utilisateur appartient</th>
+ {foreach from=$virtuals item=virtual}
+ <tr class="{cycle values="impair,pair"}">
+ <td>{$virtual}</td>
+ </tr>
+ {/foreach}
+</table>
+
+</div>
+
+<div id="forums">
+
+<h1>Gestion de l'accès au forums de {$user->login()}</h1>
+
+<form id="bans" method="post" action="admin/user/{$user->login()}#forums">
+ {xsrf_token_field}
+ <table cellspacing="0" cellpadding="2" class="tinybicol">
+ <tr>
+ <th colspan="4">
+ Permissions sur les forums
+ </th>
+ </tr>
+ <tr class="impair">
+ <td class="titre">
+ Poster
+ </td>
+ <td>
+ <input type="text" name="write_perm" size="32" maxlength="255" value="{$bans.write_perm}" />
+ </td>
+ <td class="action">
+ <a href="javascript:ban_write()">Bannir</a>
+ </td>
+ </tr>
+ <tr class="pair">
+ <td class="titre">
+ Lire
+ </td>
+ <td>
+ <input type="text" name="read_perm" size="32" maxlength="255" value="{$bans.read_perm}" />
+ </td>
+ <td class="action">
+ <a href="javascript:ban_read()">Bannir</a>
+ </td>
+ </tr>
+ <tr class="impair">
+ <td class="titre">
+ Commentaire
+ </td>
+ <td colspan="2">
+ <input type="text" name="comment" size="40" maxlength="255" value="{$bans.comment}" />
+ </td>
+ </tr>
+ <tr class="center">
+ <td colspan="3">
+ <input type="hidden" name="user_id" value="{$mr.user_id}" />
+ <input type="submit" name="b_edit" value="Modifier" />
+ </td>
+ </tr>
+ </table>
+</form>
+</div>
+
+
{/if}
{/if}
{/literal}
<p class="center">
- <a href="Site/AllRecentChanges?action=rss&user={$smarty.session.hruid}&hash={$smarty.session.core_rss_hash}" style="display:block;float:right" title="Changements">{icon name=feed title='fil rss'}</a>
+ <a href="Site/AllRecentChanges?action=rss&user={$smarty.session.hruid}&hash={$smarty.session.token}" style="display:block;float:right" title="Changements">{icon name=feed title='fil rss'}</a>
{icon name=magnifier} <a href="Site/AllRecentChanges">Voir les changements récents</a>
</p>
{$am->title()}
====================================================================
-{$am->head($prenom, $nom, $sexe, 'text')}
+{$am->head($user, 'text')}
{$am->body('text')}
{/if}
<div class='ax_mail'>
<div class="title">{$am->title()}</div>
- <div class="intro">{$am->head($prenom, $nom, $sexe, 'html')|smarty:nodefaults}</div>
+ <div class="intro">{$am->head($user, 'html')|smarty:nodefaults}</div>
<div class="body">{$am->body('html')|smarty:nodefaults}</div>
<div class="signature">{$am->signature('html')|smarty:nodefaults}</div>
<div class="foot1">
<table class="bicol">
<tr>
<th colspan="2">
- {if $smarty.session.core_rss_hash}
- <a href="carnet/rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml" style="display:block;float:right" title="Notifications">
+ {if $smarty.session.token}
+ <a href="carnet/rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml" style="display:block;float:right" title="Notifications">
{icon name=feed title='fil rss'}
</a>
{else}
</li>
<li>
{icon name=calendar_view_day title='Anniversaires'}
- <a href="carnet/contacts/ical/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/anniv-x.ics" title="Anniversaires">
+ <a href="carnet/contacts/ical/{$smarty.session.hruid}/{$smarty.session.token}/anniv-x.ics" title="Anniversaires">
Le calendrier des anniversaires
</a>
</li>
</p>
<div class="right">
-{if $smarty.session.core_rss_hash}
-<a href="carnet/rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml" title="Notifications">{icon name=feed title='fil rss'}</a>
+{if $smarty.session.token}
+<a href="carnet/rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml" title="Notifications">{icon name=feed title='fil rss'}</a>
{/if}
</div>
Accès réservé aux polytechniciens
</h1>
{/if}
-{if $smarty.session.auth ge AUTH_COOKIE}
-<p>
-<strong>Merci de rentrer ton mot de passe pour démarrer une connexion au site.</strong>
-Si tu n'es pas {insert name="getName"}, change le login ci-dessous, ou rends-toi sur
-<a href="register/">la page d'inscription</a>.
-</p>
-{/if}
<form action="{$smarty.server.REQUEST_URI}" method="post" id="login" onsubmit="doChallengeResponse(); return false;" style="display: none">
<table class="bicol" cellpadding="4" summary="Formulaire de login">
{if $actuel}
{javascript name=ajax}
+ {if $user->hasProfile()}
<table class="flags">
<tr>
<td class="orange">
</td>
</tr>
</table>
-
+ {/if}
{else}
<p>
Pour plus de <strong>convivialité</strong> dans l'utilisation de tes emails, tu peux choisir une adresse
<tr>
<td><input type="text" name="alias" value="{$r_alias}" />@{#globals.mail.alias_dom#} et @{#globals.mail.alias_dom2#}</td>
</tr>
+ {if $user->hasProfile()}
<tr>
<td>
<table class="flags" summary="Flags" cellpadding="0" cellspacing="0">
</table>
</td>
</tr>
+ {/if}
<tr>
<td>Brève explication :</td>
</tr>
--- /dev/null
+{**************************************************************************}
+{* *}
+{* Copyright (C) 2003-2009 Polytechnique.org *}
+{* http://opensource.polytechnique.org/ *}
+{* *}
+{* This program is free software; you can redistribute it and/or modify *}
+{* it under the terms of the GNU General Public License as published by *}
+{* the Free Software Foundation; either version 2 of the License, or *}
+{* (at your option) any later version. *}
+{* *}
+{* This program is distributed in the hope that it will be useful, *}
+{* but WITHOUT ANY WARRANTY; without even the implied warranty of *}
+{* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *}
+{* GNU General Public License for more details. *}
+{* *}
+{* You should have received a copy of the GNU General Public License *}
+{* along with this program; if not, write to the Free Software *}
+{* Foundation, Inc., *}
+{* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *}
+{* *}
+{**************************************************************************}
+
+{config_load file="mails.conf" section="emails_broken"}
+{if $mail_part eq 'head'}
+{from full=#from#}
+{subject text=#subject#}
+{elseif $mail_part eq 'wiki'}
+Bonjour !
+
+Cet email a été généré automatiquement par le service de patte cassée de
+Polytechnique.org car un autre utilisateur, {$request->fullName()},
+nous a signalé qu'en t'envoyant un email, il avait reçu un message d'erreur
+indiquant que ton adresse de redirection {$email}
+ne fonctionnait plus !
+
+Nous te suggérons de vérifier cette adresse, et le cas échéant de mettre
+à jour tes adresses de redirection [[{$globals->baseurl}/emails|sur le site]].
+
+Pour plus de renseignements sur le service de patte cassée, n'hésite pas à
+consulter [[{$globals->baseurl}/emails/broken|la documentation sur le site]].
+
+
+À bientôt sur Polytechnique.org !\\
+[[support@{$globals->mail->domain}|L'équipe d'administration]]
+{/if}
+
+{* vim:set et sw=2 sts=2 sws=2 enc=utf-8: *}
{elseif $x}
<h2>Patte Cassée</h2>
<p>
- Désolé, mais ton correspondant, {$x.prenom} {$x.nom} (X{$x.promo}),
+ Désolé, mais ton correspondant, {$x.user->fullName()},
n'a actuellement <span class="erreur">aucune adresse email de redirection
active autre que celle que tu viens de rentrer.</span>
Nous t'invitons à prendre contact avec lui autrement que par email,
<p>
<small>{icon name=information title="Envoi d'email"} Pour envoyer un email, tu peux soit le faire depuis l'interface
- ci-dessous, soit utiliser <a href="Xorg/SMTPSecurise">notre serveur d'envoi SMTP<a>.</small>
+ ci-dessous, soit utiliser <a href="Xorg/SMTPSecurise">notre serveur d'envoi SMTP</a>.</small>
</p>
<form action="emails/send" method="post" enctype="multipart/form-data" id="form_mail" onsubmit="return check(this);">
{foreach key=key item=contact from=$contacts}
{if in_array($contact.forlife, $smarty.request.to_contacts)}
<option value="{$contact.forlife}">
- {$contact.prenom} {$contact.nom} (X{$contact.promo})
+ {$contact.full_name}
</option>
{/if}
{/foreach}
{foreach key=key item=contact from=$contacts}
{if in_array($contact.forlife, $smarty.request.cc_contacts)}
<option value="{$contact.forlife}">
- {$contact.prenom} {$contact.nom} (X{$contact.promo})
+ {$contact.full_name}
</option>
{/if}
{/foreach}
{foreach item=contact from=$contacts}
{if !in_array($contact.forlife, $smarty.request.to_contacts) && !in_array($contact.forlife, $smarty.request.cc_contacts)}
<option value="{$contact.forlife}">
- {$contact.prenom} {$contact.nom} (X{$contact.promo})
+ {$contact.full_name}
</option>
{/if}
{/foreach}
{else}
<h1 id='pagetop'>
-Bienvenue {$smarty.session.yourself_name}{if $birthday}
+Bienvenue {$smarty.session.display_name}{if $birthday}
et joyeux anniversaire de la part de toute l'équipe !
{else},
{/if}
<tr class="pair" style="height: 18px">
<td class="half titre" style="height: 18px; padding-top: 1px; padding-bottom: 1px;">
{if $smarty.foreach.events.first}
- {if $smarty.session.core_rss_hash}
- <a href="rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml" style="display:block;float:right" title="Annonces">
+ {if $smarty.session.token}
+ <a href="rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml" style="display:block;float:right" title="Annonces">
{icon name=feed title='fil rss'}
</a>
{else}
{if !$has_evts}
<tr>
<td class="half">
- {if $smarty.session.core_rss_hash}
- <a href="rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml" style="display:block;float:right" title="Annonces">
+ {if $smarty.session.token}
+ <a href="rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml" style="display:block;float:right" title="Annonces">
{icon name=feed title='fil rss'}
</a>
{else}
{$nl->title()}
====================================================================
-{$nl->head($prenom, $nom, $sexe, 'text')}
+{$nl->head($user, 'text')}
{foreach from=$nl->_arts key=cid item=arts name=cats}
--------------------------------------------------------------------
{foreach from=$arts item=art}
-{$art->toText($hash, $alias)}
+{$art->toText($hash, $user->login())}
{/foreach}
{/foreach}
{/if}
<div class='nl'>
<div class="title">{$nl->title()}</div>
- <div class="intro">{$nl->head($prenom, $nom, $sexe, 'html')|smarty:nodefaults}</div>
+ <div class="intro">{$nl->head($user, 'html')|smarty:nodefaults}</div>
<a id="top_lnk"></a>
{foreach from=$nl->_arts key=cid item=arts name=cats}
<div class="lnk">
{$nl->_cats[$cid]}
</h1>
{foreach from=$arts item=art}
- {$art->toHtml($hash, $alias)|smarty:nodefaults}
+ {$art->toHtml($hash, $user->login())|smarty:nodefaults}
<div class="top_lnk"><a href="{$prefix}#top_lnk">Revenir au sommaire</a></div>
{/foreach}
{/foreach}
{* *}
{**************************************************************************}
<h1>ChangeLog</h1>
+{if !$core}
<p>Voici la liste des modifications faites sur <a href="http://opensource.polytechnique.org/platal/">plat/al</a>, le support libre de ce site.</p>
+
+<p>Cette version utilise <a href="changelog/core">plat/al-core {$globals->coreVersion}</a>.</p>
+{else}
+<p>Voici la liste des modifications faites sur la bibliothèque plat/al-core.</p>
+{/if}
+
{$ChangeLog|smarty:nodefaults}
{* vim:set et sw=2 sts=2 sws=2 enc=utf-8: *}
<h1>Fil RSS</h1>
-{if !$smarty.session.core_rss_hash}
+{if !$smarty.session.token}
<p>
Tu viens de cliquer sur le lien d'activation des fils RSS. Les fils RSS du site
ne sont pas activés dans tes préférences.
<ul>
<li>
Anonces sur la page d'entrée :
- <a href="rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml" title="Annonces">{icon name=feed title='fil rss'}</a>
+ <a href="rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml" title="Annonces">{icon name=feed title='fil rss'}</a>
</li>
<li>
Ton carnet polytechnicien :
- <a href="carnet/rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml" title="Notifications">{icon name=feed title='fil rss'}</a>
+ <a href="carnet/rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml" title="Notifications">{icon name=feed title='fil rss'}</a>
</li>
</ul>
<p>
</tr>
<tr class="impair">
<td class="half">
- {if $smarty.session.mail_fmt eq html}
+ {if $smarty.session.email_format eq html}
<h3>
- <a href="javascript:dynpostkv('prefs', 'mail_fmt', 'texte')">Recevoir les emails en format texte</a>
+ <a href="javascript:dynpostkv('prefs', 'email_format', 'text')">Recevoir les emails en format texte</a>
</h3>
<div class='explication'>
Tu recois tous les emails envoyés par le site
</div>
{else}
<h3>
- <a href="javascript:dynpostkv('prefs', 'mail_fmt', 'html')">Recevoir les emails en HTML</a>
+ <a href="javascript:dynpostkv('prefs', 'email_format', 'html')">Recevoir les emails en HTML</a>
</h3>
<div class='explication'>
Tu recois tous les emails envoyés par le site
</td>
<td class="half">
<h3>
- {if $smarty.session.core_rss_hash}
+ {if $smarty.session.token}
<a href="javascript:dynpostkv('prefs', 'rss', 0)">Désactiver les fils rss</a>
{else}
<a href="javascript:dynpostkv('prefs', 'rss', 1)">Activer les fils rss</a>
<h1>
Mise en place de la redirection
</h1>
-<p>
-{if $carva}
- Actuellement, les adresses
- <a href="http://www.carva.org/{$bestalias}">http://www.carva.org/{$bestalias}</a> et
- <a href="http://www.carva.org/{$smarty.session.hruid}">http://www.carva.org/{$smarty.session.hruid}</a>
- sont redirigées sur <a href="http://{$carva}">http://{$carva}</a>
-{else}
- La redirection n'est pas utilisée ...
-{/if}
-</p>
<p>
- Pour modifier cette redirection remplis le champ suivant et clique sur <strong>Valider</strong>.
+ Pour modifier ta redirection remplis le champ suivant et clique sur <strong>Valider</strong>.
{if $carva}
Si tu veux annuler ta redirection, clique sur <strong>Supprimer</strong>.
{/if}
<td>
<span class="titre">Date de naissance</span>
</td>
- <td><input type="text" {if $errors.naissance}class="error"{/if} name="naissance" value="{$naissance}" /></td>
+ <td><input type="text" {if $errors.birthdate}class="error"{/if} name="birthdate" value="{$birthdate}" /></td>
</tr>
<tr>
<td>
<span class="titre">Nationalité</span>
</td>
<td>
- <select name="nationalite">
- {select_nat valeur=$nationalite pad=1}
+ <select name="nationality1">
+ {select_nat valeur=$nationality1 pad=1}
</select>
<a href="javascript:addNationality();">{icon name=add title="Ajouter une nationalité"}</a>
</td>
</tr>
- <tr id="nationalite2" {if !$nationalite2}style="display: none"{/if}>
+ <tr id="nationality2" {if !$nationality2}style="display: none"{/if}>
<td></td>
<td>
- <select name="nationalite2">
- {select_nat valeur=$nationalite2 pad=1}
+ <select name="nationality2">
+ {select_nat valeur=$nationality2 pad=1}
</select>
<a href="javascript:delNationality('2');">{icon name=cross title="Supprimer cette nationalité"}</a>
</td>
</tr>
- <tr id="nationalite3" {if !$nationalite3}style="display: none"{/if}>
+ <tr id="nationality3" {if !$nationality3}style="display: none"{/if}>
<td></td>
<td>
- <select name="nationalite3">
- {select_nat valeur=$nationalite3 pad=1}
+ <select name="nationality3">
+ {select_nat valeur=$nationality3 pad=1}
</select>
<a href="javascript:delNationality('3');">{icon name=cross title="Supprimer cette nationalité"}</a>
</td>
</tr>
</table>
-{if !$no_private_key}
-<table class="bicol" style="margin-bottom: 1em"
- summary="Profil : Informations générales">
- <tr>
- <th>
- Synchronisation avec l'AX
- </th>
- </tr>
- <tr>
- <td class="flags">
- <input type="checkbox" name="synchro_ax" {if $synchro_ax}checked="checked" {/if}/>
- {icon name="flag_orange" title="transmis à l'AX"}
- <span class="texte">
- Autoriser la synchronisation vers l'AX par des administrateurs ou des scripts automatiques.
- </span>
- </td>
- </tr>
- <tr>
- <td>
- <p>
- Le service annuaire de l'<a href='http://www.polytechniciens.com'>AX</a> met à jour l'annuaire papier à partir des informations que tu lui fournis. Tu peux choisir ici d'envoyer directement les données de ta fiche Polytechnique.org vers ta <a href="http://www.polytechniciens.com/?page=AX_FICHE_ANCIEN&anc_id={$matricule_ax}">fiche AX</a>.
- </p>
- <p>
- L'opération de synchronisation prend en compte toutes les informations que tu as marquées comme transmises à l'AX (en orange ou en vert). Elle peut alors effacer, modifier ou rajouter des informations sur ta <a href="http://www.polytechniciens.com/?page=AX_FICHE_ANCIEN&anc_id={$matricule_ax}">fiche AX</a> selon ce qui s'y trouve déjà.
- </p>
- <p class="center">
- <a href="profile/edit/general?synchro_ax=confirm" onclick="return confirm('Es-tu sûr de vouloir lancer la synchronisation ?')"><input type="button" value="Synchroniser"/></a>
- </p>
- </td>
- </tr>
-</table>
-{/if}
-
<table class="bicol" style="margin-bottom: 1em"
summary="Profil : Trombinoscope">
<tr>
<tr>
<td {if !$nouvellephoto}colspan="2"{/if} class="center" style="width: 49%">
<div class="titre">Ta photo actuelle</div>
- <img src="photo/{$smarty.session.hruid}" alt=" [ PHOTO ] " style="max-height: 250px; margin-top: 1em" />
+ <img src="photo/{$profile->hrid()}" alt=" [ PHOTO ] " style="max-height: 250px; margin-top: 1em" />
</td>
{if $nouvellephoto}
<td class="center" style="width: 49%">
<div class="titre">Photo en attente de validation</div>
<div>
- <a href="profile/{$smarty.session.hruid}?modif=new" class="popup2">
+ <a href="profile/{$profile->hrid()}?modif=new" class="popup2">
Ta fiche avec cette photo
</a>
</div>
- <img src="photo/{$smarty.session.hruid}/req" alt=" [ PHOTO ] " style="max-height: 250px; margin-top: 1em" />
+ <img src="photo/{$profile->hrid()}/req" alt=" [ PHOTO ] " style="max-height: 250px; margin-top: 1em" />
</td>
{/if}
</tr>
<table class="tinybicol">
<tr>
<th>
- {if $smarty.session.core_rss_hash}
- <a href='{$platal->ns}rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml' style="display:block;float:right">
+ {if $smarty.session.token}
+ <a href='{$platal->ns}rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml' style="display:block;float:right">
{icon name=feed title='fil rss'}
</a>
{else}
{config_load file="mails.conf" section="xnet_unsubscription"}
{if $mail_part eq 'head'}
{from full=#from#}
-{subject text="[`$group`] Désinscription de `$prenom` `$nom`"}
+{subject text="[`$group`] Désinscription de `$prenom->fullName()`"}
{elseif $mail_part eq 'wiki'}
Chers animateurs du groupe {$group},
{if $selfdone}
-{$prenom} {$nom} ({$mail}) vient de se désinscrire du groupe.
+{$user->fullName()} ({$user->forlifeEmail()}) vient de se désinscrire du groupe.
{else}
-{$prenom} {$nom} ({$mail}) vient d'être désinscrit du groupe par {$smarty.session.prenom} {$smarty.session.nom}.
+{$user->fullName()} ({$user->forlifeEmail()}) vient d'être désinscrit du groupe par {$smarty.session.user->fullName()}.
{/if}
Cordialement,\\
<h1>Membres de {$platal->argv[1]}</h1>
<table class='tinybicol'>
- {if $mem->total()}
- {iterate from=$mem item=m}
+ {if $mem|@count}
+ {foreach from=$mem item=m}
<tr>
<td>
- {if $m.nom}
+ {if $m.user}
{if $m.admin}<strong>{/if}
- {if $m.alias}<a href="https://www.polytechnique.org/profile/{$m.alias}" class="popup2">{/if}
- {$m.prenom} {$m.nom}
- {if $m.alias}</a>{/if}
+ <a href="https://www.polytechnique.org/profile/{$m.user->login()}" class="popup2">{$m.user->fullName()}</a>
{if $m.admin}</strong>{/if}
{else}
- {$m.redirect}
+ {$m.email}
{/if}
</td>
<td class="right">
+ {if $m.user}
{if $m.admin}<strong>{/if}
- {$m.promo}
+ {$m.user->promo()}
{if $m.admin}</strong>{/if}
+ {/if}
</td>
<td class="center">
- <a href='{$platal->ns}alias/admin/{$platal->argv[1]}?del_member={$m.redirect|urlencode}&token={xsrf_token}'>
+ <a href='{$platal->ns}alias/admin/{$platal->argv[1]}?del_member={$m.email|urlencode}&token={xsrf_token}'>
{icon name=delete title='retirer membre'}
</a>
</td>
</tr>
- {/iterate}
+ {/foreach}
{else}
<tr>
<td colspan="3">
{**************************************************************************}
{* *}
-{* Copyright (C) 2003-2009 Polytechnique.org *}
+{* Copyright (C) 2003-2008 Polytechnique.org *}
{* http://opensource.polytechnique.org/ *}
{* *}
{* This program is free software; you can redistribute it and/or modify *}
</tr>
{foreach from=$not_in_list item=u}
<tr>
- <td class='checkboxToggle'>{$u.nom|strtoupper} {$u.prenom}</td>
- <td class='checkboxToggle'>{$u.promo}</td>
- <td class='checkboxToggle'><input type="checkbox" class="moderate_email" name="add[{$u.email}]" id="add{$u.email}"/></td>
+ <td class='checkboxToggle'>{profile user=$u with_promo=false}</td>
+ <td class='checkboxToggle'>{$u->promo()}</td>
+ <td class='checkboxToggle'><input type="checkbox" class="moderate_email" name="add[{$u->forlifeEmail()}]" id="add{$u->forlifeEmail()}"/></td>
</tr>
{/foreach}
<tr>
--- /dev/null
+CREATE TABLE accounts (
+ # Account identifier and type
+ uid int(6) not null auto_increment,
+ hruid varchar(255) not NULL,
+
+ # Account type and state
+ type varchar(16) default null,
+ is_admin bool default false,
+ state enum('pending', 'active', 'disabled') not null default 'pending',
+
+ # Access
+ password char(40) default null,
+ token varchar(32) default null,
+ weak_password varchar(256) default null,
+ registration_date datetime not null,
+
+ # Administrative tools
+ flags set('watch') not null default '',
+ comment varchar(255) default null,
+
+ # User settings
+ email varchar(255) default null,
+ full_name varchar(255) default null,
+ display_name varchar(255) default null,
+ sex enum('female', 'male') not null default 'male',
+ email_format enum('text', 'html') not null default 'html',
+ skin varchar(32) default null,
+ last_version varchar(16) not null,
+
+ primary key uid (uid),
+ unique key hruid (hruid),
+ key full_name (full_name),
+ key state (state),
+ key type (type)
+);
+
+CREATE TABLE account_types (
+ type varchar(16) not null,
+ perms set('mail', 'groups', 'forums', 'list', 'search', 'portal') default '',
+
+ primary key type (type)
+);
+
+CREATE TABLE account_profiles (
+ uid int(6) not null,
+ pid int(6) not null,
+ perms set('owner') not null default '',
+
+ primary key id (uid, pid),
+ key uid (uid),
+ key pid (pid)
+);
+
+# vim:set syntax=mysql:
--- /dev/null
+create table profiles (
+ # Profile identifiers
+ pid int(6) not null auto_increment,
+ hrpid varchar(255) not null,
+
+ # Who is this?
+ xorg_id int(8) not null,
+ ax_id varchar(8) default null,
+
+ # Some singletons
+ # birthdate and birthdate given by reference directory (library, school...)
+ birthdate date default null,
+ birthdate_ref date default null,
+ deathdate date default null,
+
+ sex enum('female', 'male') not null default 'male',
+ section tinyint(2) unsigned default null,
+ cv text default null,
+ freetext mediumtext default null,
+ freetext_pub enum('private', 'public') not null default 'private',
+ medals_pub enum('private', 'public') not null default 'private',
+ alias_pub enum('private', 'public') not null default 'private',
+
+ nationality1 char(2) default null,
+ nationality2 char(2) default null,
+ nationality3 char(2) default null,
+
+ # Last modification date (for notifications)
+ last_change date not null,
+
+ primary key pid (pid),
+ unique key hrpid (hrpid),
+ unique key xorg_id (xorg_id),
+ key ax_id (ax_id),
+ key nationality1 (nationality1),
+ key nationality2 (nationality2),
+ key nationality3 (nationality3)
+);
+
+# vim:set syntax=mysql:
--- /dev/null
+# Move forums tables to x4dat
+#RENAME forums.list
+# TO x4dat.forums;
+#RENAME forums.abos
+# TO x4dat.forum_subs;
+#RENAME forums.innd
+# TO x4dat.forum_innd;
+#RENAME forums.porfils
+# TO x4dat.forum_profiles;
+#DROP DATABASE forums;
+
+## Dev version of previous line
+# (non destructive)
+CREATE TABLE x4dat.forums
+ LIKE forums.list;
+INSERT INTO x4dat.forums
+ SELECT *
+ FROM forums.list;
+
+CREATE TABLE x4dat.forum_subs
+ LIKE forums.abos;
+INSERT INTO x4dat.forum_subs
+ SELECT *
+ FROM forums.abos;
+
+CREATE TABLE x4dat.forum_innd
+ LIKE forums.innd;
+INSERT INTO x4dat.forum_innd
+ SELECT *
+ FROM forums.innd;
+
+CREATE TABLE x4dat.forum_profiles
+ LIKE forums.profils;
+INSERT INTO x4dat.forum_profiles
+ SELECT *
+ FROM forums.profils;
+
+
+# Conform to naming convention.
+ ALTER TABLE forums
+CHANGE COLUMN nom name VARCHAR(64) NOT NULL;
+
+ ALTER TABLE forum_profiles
+CHANGE COLUMN nom name VARCHAR(64) NOT NULL,
+ ADD COLUMN last_seen TIMESTAMP NOT NULL DEFAULT '0000-00-00';
+
+# vim:set syntax=mysql:
--- /dev/null
+create table watch (
+ uid int(6) not null,
+ flags set('contacts', 'mail') not null default 'contacts',
+ last timestamp not null default '0000-00-00',
+
+ primary key uid (uid),
+ key flags (flags)
+);
+
+# vim:set syntax=mysql:
--- /dev/null
+create table carvas (
+ uid int(6) not null,
+ url varchar(255) not null,
+
+ primary key uid (uid)
+);
+
+# vim:set syntax=mysql:
--- /dev/null
+create table email_options (
+ uid int(6) not null,
+ storage set('imap', 'googleapps') not null default '',
+
+ primary key uid (uid)
+);
+
+# vim:set syntax=mysql:
--- /dev/null
+# Create a type 'X' with all permissions
+insert into account_types
+ values ('x', 'mail,groups,forums,list,search,portal'),
+ ('xnet', 'groups');
+
+
+# Insert all existing accounts
+insert into accounts
+ select u.user_id AS uid, hruid AS hruid, 'x' AS type,
+ perms = 'admin' AS is_admin,
+ IF(perms = 'admin' or perms = 'user', 'active', perms) AS state,
+ IF(LENGTH(password) = 40, password, NULL) AS password,
+ IF(LENGTH(q.core_rss_hash) > 0, q.core_rss_hash, NULL) AS token,
+ IF(LENGTH(smtppass) = 0, NULL, smtppass) AS weak_password,
+ date_ins AS registration_date,
+ IF(FIND_IN_SET('watch', flags), 'watch', '') AS flags,
+ IF(LENGTH(comment) > 0, comment, NULL) AS comment,
+ NULL as email,
+ CONCAT(prenom, ' ', IF (nom_usage != '' and nom_usage IS NOT NULL, nom_usage, nom)) AS full_name,
+ prenom AS display_name,
+ IF(FIND_IN_SET('femme', flags), 'female', 'male') AS sex,
+ IF(q.core_mail_fmt = 'html', 'html', 'text') AS email_format,
+ q.skin AS skin,
+ q.last_version AS last_version
+ from auth_user_md5 as u
+ left join auth_user_quick as q on (q.user_id = u.user_id)
+ where hruid is not null;
+
+# Insert carnet-relative data
+insert into watch
+ select user_id as uid, watch_flags as flags, watch_last as last
+ from auth_user_quick;
+
+# Insert carvas
+insert into carvas
+ select user_id, redirecturl
+ from auth_user_quick
+ where LENGTH(redirecturl) > 0;
+
+# Insert all existing profiles
+insert into profiles
+ select u.user_id AS pid, u.hruid AS hrpid, u.matricule AS xorg_id,
+ u.matricule_ax AS ax_id, u.naissance AS birthdate, u.naissance_ini AS birthdate_ref,
+ IF(u.deces = 0, NULL, u.deces) AS deathdate,
+ IF(FIND_IN_SET('femme', flags), 'female', 'male') AS sex,
+ IF(u.section = 0, NULL, u.section) AS section,
+ IF(LENGTH(u.cv) > 0, u.cv, NULL) AS cv,
+ IF(LENGTH(q.profile_freetext) > 0, q.profile_freetext, NULL) AS freetext,
+ IF(q.profile_freetext_pub = 'public', 'public', 'private') AS freetext_pub,
+ IF(q.profile_medals_pub = 'public', 'public', 'private') AS medals_pub,
+ IF(q.emails_alias_pub = 'public', 'public', 'private') AS alias_pub,
+ u.nationalite AS nationality1, u.nationalite2 AS nationality2,
+ u.nationalite3 AS nationality3, u.date AS last_change
+ from auth_user_md5 AS u
+ left join auth_user_quick AS q ON (u.user_id = q.user_id)
+ where u.hruid is not null;
+
+# Add associations account <-> profile
+insert into account_profiles
+ select user_id AS uid, user_id AS pid, 'owner' AS perms
+ from auth_user_md5
+ where hruid is not null;
+
+# Update banana last_seen timetamp
+ update forum_profiles as fp
+inner join auth_user_quick as q ON (q.user_id = fp.uid)
+ set fp.uid = fp.uid, fp.tree_unread = fp.tree_unread, fp.tree_read = fp.tree_read,
+ fp.last_seen = q.banana_last;
+
+insert ignore into forum_profiles (uid, last_seen)
+ select user_id as uid, banana_last as last_seen
+ from auth_user_quick
+ where banana_last >= DATE_SUB(NOW(), INTERVAL 6 MONTH);
+
+# Mail storage has been moved out of account settings
+insert into email_options
+ select user_id as uid, mail_storage as storage
+ from auth_user_md5;
+
+# vim:set syntax=mysql:
--- /dev/null
+DataBase upgrade:
+-----------------
+
+* Activate forums database drop
+
+
+Configuration changes:
+----------------------
+
+[Banana]
+* table_prefix deprecated
+
+
+Affected services:
+------------------
+
+News:
+* authentication must use account + account_types with weakpass.
+* forums base dropped and moved to forum_ namespace.
+
+
+Email:
+* auth_user_md5.smtppass -> accounts.weak_password. This password is NULL when empty, but a check must be added for empty passwords.
+* auth_user_md5.mail_storage -> email_options.storage