build: core conf banana wiki openid medals jquery
+check:
+ @find . -name '*.php' -exec php -l {} ";" | grep -v 'No syntax errors detected'
+
q:
@echo -e "Code statistics\n"
@sloccount $(filter-out wiki/ spool/, $(wildcard */)) 2> /dev/null | egrep '^[a-z]*:'
################################################################################
-.PHONY: build dist clean core wiki build-wiki banana htdocs/images/banana htdocs/css/banana.css include/banana/banana.inc.php http*
+.PHONY: build dist clean core wiki build-wiki banana htdocs/images/banana htdocs/css/banana.css include/banana/banana.inc.php http* check
public function updateNbIns()
{
$res = XDB::query("SELECT COUNT(*)
- FROM auth_user_md5
- WHERE perms IN ('admin','user') AND deces=0");
+ FROM accounts
+ WHERE state = 'active'");
$cnt = $res->fetchOneCell();
$this->changeDynamicConfig(array('NbIns' => $cnt));
}
$this->session = $this->writeSession($uid, $suid);
// retrieve available actions
- $res = XDB::iterRow("SELECT id, text FROM logger.actions");
-
- while (list($action_id, $action_text) = $res->next()) {
- $this->actions[$action_text] = $action_id;
- }
+ $this->actions = XDB::fetchAllAssoc('text', 'SELECT id, text
+ FROM logger.actions');
}
/** Creates a new session entry in database and return its ID.
$proxy = 'proxy';
}
- XDB::execute("INSERT INTO logger.sessions
- SET uid={?}, host={?}, ip={?}, forward_ip={?}, forward_host={?}, browser={?}, suid={?}, flags={?}",
+ XDB::execute("INSERT INTO logger.sessions
+ SET uid={?}, host={?}, ip={?}, forward_ip={?}, forward_host={?}, browser={?}, suid={?}, flags={?}",
$uid, $host, ip_to_uint($ip), ip_to_uint($forward_ip), $forward_host, $browser, $suid, $proxy);
if ($forward_ip) {
$this->proxy_ip = $ip;
public function log($action, $data = null)
{
if (isset($this->actions[$action])) {
- XDB::execute("INSERT INTO logger.events
- SET session={?}, action={?}, data={?}",
+ XDB::execute("INSERT INTO logger.events
+ SET session={?}, action={?}, data={?}",
$this->session, $this->actions[$action], $data);
} else {
trigger_error("PlLogger: unknown action, $action", E_USER_WARNING);
--- /dev/null
+<?php
+/***************************************************************************
+ * Copyright (C) 2003-2008 Polytechnique.org *
+ * http://opensource.polytechnique.org/ *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., *
+ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
+ ***************************************************************************/
+
+class Profile
+{
+ private $pid;
+ private $hrpid;
+ private $data = array();
+
+ private function __construct($login)
+ {
+ if ($login instanceof PlUser) {
+ $res = XDB::query('SELECT p.pid, p.hrpid
+ FROM account_profiles AS ap
+ INNER JOIN profiles AS p ON (p.pid = ap.pid)
+ WHERE ap.uid = {?} AND FIND_IN_SET(\'owner\', ap.perms)',
+ $login->id());
+ } else if (is_numeric($login)) {
+ $res = XDB::query('SELECT p.pid, p.hrpid
+ FROM profiles AS p
+ WHERE p.pid = {?}',
+ $login);
+ } else {
+ $res = XDB::query('SELECT p.pid, p.hrpid
+ FROM profiles AS p
+ WHERE p.hrpid = {?}',
+ $login);
+ }
+ if ($res->numRows() != 1) {
+ throw new UserNotFoundException();
+ }
+ list($this->pid, $this->hrpid) = $res->fetchOneRow();
+ }
+
+ public function id()
+ {
+ return $this->pid;
+ }
+
+ public function hrid()
+ {
+ return $this->hrpid;
+ }
+
+ public function promo()
+ {
+ return $this->promo;
+ }
+
+ /** Print a name with the given formatting:
+ * %s = • for women
+ * %f = firstname
+ * %l = lastname
+ * %F = fullname
+ * %S = shortname
+ * %p = promo
+ */
+ public function name($format)
+ {
+ return str_replace(array('%s', '%f', '%l', '%F', '%S', '%p'),
+ array($this->isFemale() ? '•' : '',
+ $this->first_name, $this->last_name,
+ $this->full_name, $this->short_name,
+ $this->promo), $format);
+ }
+
+ public function fullName($with_promo = false)
+ {
+ if ($with_promo) {
+ return $this->full_name . ' (' . $this->promo . ')';
+ }
+ return $this->full_name;
+ }
+
+ public function shortName($with_promo = false)
+ {
+ if ($with_promo) {
+ return $this->short_name . ' (' . $this->promo . ')';
+ }
+ return $this->short_name;
+ }
+
+ public function firstName()
+ {
+ return $this->first_name;
+ }
+
+ public function lastName()
+ {
+ return $this->last_name;
+ }
+
+ public function isFemale()
+ {
+ return $this->sex == PlUser::GENDER_FEMALE;
+ }
+
+ public function data()
+ {
+ $this->first_name;
+ return $this->data;
+ }
+
+ public function __get($name)
+ {
+ if (property_exists($this, $name)) {
+ return $this->$name;
+ }
+
+ if (empty($this->data)) {
+ // XXX: Temporary, use data from auth_user_md5 (waiting for data from newdirectory
+ $this->data = XDB::fetchOneAssoc('SELECT p.*, u.prenom AS first_name,
+ IF(u.nom_usage != "", u.nom_usage, u.nom) AS last_name,
+ u.promo AS promo,
+ CONCAT(u.prenom, " ", u.nom) AS short_name,
+ IF(u.nom_usage != "",
+ CONCAT(u.nom_usage, " (", u.nom, "),", u.prenom),
+ CONCAT(u.nom, ", ", u.prenom)) AS full_name
+ FROM profiles AS p
+ INNER JOIN auth_user_md5 AS u ON (u.user_id = p.pid)
+ WHERE p.pid = {?}',
+ $this->id());
+ }
+ if (isset($this->data[$name])) {
+ return $this->data[$name];
+ }
+
+ return null;
+ }
+
+ public function __isset($name)
+ {
+ return property_exists($this, $name) || isset($this->data[$name]);
+ }
+
+
+ public function owner()
+ {
+ return User::getSilent($this);
+ }
+
+ /** Return the profile associated with the given login.
+ */
+ public static function get($login) {
+ try {
+ return new Profile($login);
+ } catch (UserNotFoundException $e) {
+ return null;
+ }
+ }
+}
+
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
+?>
class User extends PlUser
{
+ private $_profile_fetched = false;
+ private $_profile = null;
+
// Implementation of the login to uid method.
protected function getLogin($login)
{
global $globals;
+ if ($login instanceof Profile) {
+ $this->_profile = $login;
+ $this->_profile_fetched = true;
+ $res = XDB::query('SELECT ap.uid
+ FROM account_profiles AS ap
+ WHERE ap.pid = {?} AND FIND_IN_SET(\'owner\', perms)',
+ $login->id());
+ if ($res->numRows()) {
+ return $res->fetchOneCell();
+ }
+ throw new UserNotFoundException();
+ }
+
// If $data is an integer, fetches directly the result.
if (is_numeric($login)) {
- $res = XDB::query("SELECT user_id FROM auth_user_md5 WHERE user_id = {?}", $login);
+ $res = XDB::query('SELECT a.uid
+ FROM accounts AS a
+ WHERE a.uid = {?}', $login);
if ($res->numRows()) {
return $res->fetchOneCell();
}
}
// Checks whether $login is a valid hruid or not.
- $res = XDB::query("SELECT user_id FROM auth_user_md5 WHERE hruid = {?}", $login);
+ $res = XDB::query('SELECT a.uid
+ FROM accounts AS a
+ WHERE a.hruid = {?}', $login);
if ($res->numRows()) {
return $res->fetchOneCell();
}
// Checks if $login is a valid alias on the main domains.
list($mbox, $fqdn) = explode('@', $login);
if ($fqdn == $globals->mail->domain || $fqdn == $globals->mail->domain2) {
- $res = XDB::query("SELECT u.user_id
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie'))
- WHERE a.alias = {?}", $mbox);
+ $res = XDB::query('SELECT a.uid
+ FROM accounts AS a
+ INNER JOIN aliases AS al ON (al.id = a.uid AND al.type IN (\'alias\', \'a_vie\'))
+ WHERE al.alias = {?}', $mbox);
if ($res->numRows()) {
return $res->fetchOneCell();
}
+ /** TODO: implements this by inspecting the profile.
if (preg_match('/^(.*)\.([0-9]{4})$/u', $mbox, $matches)) {
- $res = XDB::query("SELECT u.user_id
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie'))
- WHERE a.alias = {?} AND u.promo = {?}", $matches[1], $matches[2]);
+ $res = XDB::query('SELECT a.uid
+ FROM accounts AS a
+ INNER JOIN aliases AS al ON (al.id = a.uid AND al.type IN ('alias', 'a_vie'))
+ WHERE al.alias = {?} AND a.promo = {?}', $matches[1], $matches[2]);
if ($res->numRows() == 1) {
return $res->fetchOneCell();
}
- }
+ }*/
throw new UserNotFoundException();
}
if ($redir = $res->fetchOneCell()) {
// We now have a valid alias, which has to be translated to an hruid.
list($alias, $alias_fqdn) = explode('@', $redir);
- $res = XDB::query("SELECT u.user_id
- FROM auth_user_md5 AS u
- LEFT JOIN aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie'))
- WHERE a.alias = {?}", $alias);
+ $res = XDB::query("SELECT a.uid
+ FROM accounts AS a
+ LEFT JOIN aliases AS al ON (al.id = a.uid AND al.type IN ('alias', 'a_vie'))
+ WHERE al.alias = {?}", $alias);
if ($res->numRows()) {
return $res->fetchOneCell();
}
}
// Otherwise, we do suppose $login is an email redirection.
- $res = XDB::query("SELECT u.user_id
- FROM auth_user_md5 AS u
- LEFT JOIN emails AS e ON (e.uid = u.user_id)
+ $res = XDB::query("SELECT a.uid
+ FROM accounts AS a
+ LEFT JOIN emails AS e ON (e.uid = a.uid)
WHERE e.email = {?}", $login);
if ($res->numRows() == 1) {
return $res->fetchOneCell();
}
global $globals;
- $res = XDB::query("SELECT u.hruid, d.promo,
+ /** TODO: promo stuff again */
+ /** TODO: fix perms field to fit new perms system */
+ $res = XDB::query("SELECT a.hruid, d.promo,
CONCAT(af.alias, '@{$globals->mail->domain}') AS forlife,
CONCAT(ab.alias, '@{$globals->mail->domain}') AS bestalias,
- CONCAT(u.prenom, ' ', IF(u.nom_usage <> '', u.nom_usage, u.nom)) AS full_name,
- IF(u.prenom != '', u.prenom, u.nom) AS display_name,
- FIND_IN_SET('femme', u.flags) AS gender,
- q.core_mail_fmt AS email_format,
- u.perms
- FROM auth_user_md5 AS u
- INNER JOIN profile_display AS d ON (d.pid = u.user_id)
- LEFT JOIN auth_user_quick AS q ON (q.user_id = u.user_id)
- LEFT JOIN aliases AS af ON (af.id = u.user_id AND af.type = 'a_vie')
- LEFT JOIN aliases AS ab ON (ab.id = u.user_id AND FIND_IN_SET('bestalias', ab.flags))
- WHERE u.user_id = {?}", $this->user_id);
+ a.full_name, a.display_name, a.sex = 'female' AS gender,
+ IF(a.state = 'active', at.perms, '') AS perms,
+ a.email_format, a.is_admin
+ FROM accounts AS a
+ INNER JOIN account_types AS at ON (at.type = a.type)
+ INNER JOIN profile_display AS d ON (d.pid = a.uid)
+ LEFT JOIN aliases AS af ON (af.id = a.uid AND af.type = 'a_vie')
+ LEFT JOIN aliases AS ab ON (ab.id = a.uid AND FIND_IN_SET('bestalias', ab.flags))
+ WHERE a.uid = {?}", $this->user_id);
$this->fillFromArray($res->fetchOneAssoc());
}
if (isset($values['mail_fmt'])) {
$values['email_format'] = $values['mail_fmt'];
}
- if (isset($values['email_format'])) {
- $values['email_format'] = ($values['email_format'] ? self::FORMAT_HTML : self::FORMAT_TEXT);
- }
parent::fillFromArray($values);
}
if ($this->perms === null) {
$this->loadMainFields();
}
- $this->perm_flags = self::makePerms($this->perms);
+ $this->perm_flags = self::makePerms($this->perms, $this->is_admin);
}
- // Return the password of the user
+ // We do not want to store the password in the object.
+ // So, fetch it 'on demand'
public function password()
{
- return XDB::fetchOneCell('SELECT u.password
- FROM auth_user_md5 AS u
- WHERE u.user_id = {?}', $this->id());
+ return XDB::fetchOneCell('SELECT a.password
+ FROM accounts AS a
+ WHERE a.uid = {?}', $this->id());
}
- // Return permission flags for a given permission level.
- public static function makePerms($perms)
+ /** Return the main profile attached with this account if any.
+ */
+ public function profile()
{
- $flags = new PlFlagSet();
- if (is_null($flags) || $perms == 'disabled' || $perms == 'ext') {
- return $flags;
+ if (!$this->_profile_fetched) {
+ $this->_profile_fetched = true;
+ $this->_profile = Profile::get($this);
}
+ return $this->_profile;
+ }
+
+ /** Return true if the user has an associated profile.
+ */
+ public function hasProfile()
+ {
+ return !is_null($this->profile());
+ }
+
+ /** Get the email alias of the user.
+ */
+ public function emailAlias()
+ {
+ global $globals;
+ return XDB::fetchOneCell("SELECT v.alias
+ FROM virtual AS v
+ INNER JOIN virtual_redirect AS vr ON (v.vid = vr.vid)
+ WHERE (vr.redirect = {?} OR vr.redirect = {?})
+ AND alias LIKE '%@{$globals->mail->alias_dom}'",
+ $this->forlifeEmail(), $this->m4xForlifeEmail(), $this->id());
+ }
+
+ /** Get the alternative forlife email
+ * TODO: remove this uber-ugly hack. The issue is that you need to remove
+ * all @m4x.org addresses in virtual_redirect first.
+ * XXX: This is juste to make code more readable, to be remove as soon as possible
+ */
+ public function m4xForlifeEmail()
+ {
+ global $globals;
+ trigger_error('USING M4X FORLIFE', E_USER_NOTICE);
+ return $this->login() . '@' . $globals->mail->domain2;
+ }
+
+ // Return permission flags for a given permission level.
+ public static function makePerms($perms, $is_admin)
+ {
+ $flags = new PlFlagSet($perms);
$flags->addFlag(PERMS_USER);
- if ($perms == 'admin') {
+ if ($is_admin) {
$flags->addFlag(PERMS_ADMIN);
}
return $flags;
protected function doAuth($level)
{
if (S::identified()) { // ok, c'est bon, on n'a rien à faire
- return S::i('uid');
+ return User::getSilentWithValues(null, array('user_id' => S::i('uid')));
}
if (!Get::has('auth')) {
return null;
}
Get::kill('auth');
S::set('auth', AUTH_MDP);
- return Get::i('uid');
+ return User::getSilentWithValues(null, array('user_id' => Get::i('uid')));
}
protected function startSessionAs($user, $level)
{
- if ($level == -1) {
+ if ($level == AUTH_SUID) {
S::set('auth', AUTH_MDP);
}
- $res = XDB::query("SELECT u.user_id AS uid, u.hruid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme,
- q.core_mail_fmt AS mail_fmt, q.core_rss_hash
- FROM auth_user_md5 AS u
- INNER JOIN auth_user_quick AS q USING(user_id)
- WHERE u.user_id = {?} AND u.perms IN('admin', 'user')
- LIMIT 1", $user);
+ $res = XDB::query("SELECT a.uid, a.display_name, a.full_name,
+ a.sex = 'female' AS femme,
+ a.email_format, a.token,
+ at.perms, a.is_admin
+ FROM accounts AS a
+ INNER JOIN account_types AS at ON (at.type = a.type)
+ WHERE a.uid = {?} AND a.state = 'active'
+ LIMIT 1", $user->id());
$sess = $res->fetchOneAssoc();
- $perms = $sess['perms'];
- unset($sess['perms']);
$_SESSION = array_merge($_SESSION, $sess);
- S::set('perms', User::makePerms($perms));
+ $this->makePerms(S::s('perms'), S::b('is_admin'));
S::kill('challenge');
S::kill('loginX');
S::kill('may_update');
public function doSelfSuid()
{
- if (!$this->startSUID(S::i('uid'))) {
+ $user =& S::user();
+ if (!$this->startSUID($user)) {
return false;
}
S::set('perms', User::makePerms('user'));
public function stopSUID()
{
- $suid = S::v('suid');
+ $perms = S::suid('perms');
if (!parent::stopSUID()) {
return false;
}
- S::kill('suid');
S::kill('may_update');
S::kill('is_member');
- S::set('perms', $suid['perms']);
+ S::set('perms', $perms);
return true;
}
}
return false;
} elseif ($lose) {
$may_update[$asso_id] = false;
- } elseif (S::has_perms() || (S::has('suid') && $force)) {
+ } elseif (S::admin() || (S::suid() && $force)) {
$may_update[$asso_id] = true;
} elseif (!isset($may_update[$asso_id]) || $force) {
$res = XDB::query("SELECT perms
return false;
} elseif ($lose) {
$is_member[$asso_id] = false;
- } elseif (S::has('suid') && $force) {
+ } elseif (S::suid() && $force) {
$is_member[$asso_id] = true;
} elseif (!isset($is_member[$asso_id]) || $force) {
$res = XDB::query("SELECT COUNT(*)
return -1;
}
- $res = XDB::query('SELECT user_id, password
- FROM auth_user_md5
- WHERE user_id = {?} AND perms IN(\'admin\', \'user\')',
+ $res = XDB::query('SELECT uid, password
+ FROM accounts
+ WHERE uid = {?} AND state = \'active\'',
Cookie::i('uid'));
if ($res->numRows() != 0) {
list($uid, $password) = $res->fetchOneRow();
- require_once 'secure_hash.inc.php';
- $expected_value = hash_encrypt($password);
+ $expected_value = sha1($password);
if ($expected_value == Cookie::v('access')) {
S::set('auth_by_cookie', $uid);
return 0;
private function checkPassword($uname, $login, $response, $login_type)
{
- $res = XDB::query('SELECT u.user_id, u.password
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id = u.user_id AND type != \'homonyme\')
- WHERE a.' . $login_type . ' = {?} AND u.perms IN(\'admin\', \'user\')',
+ $res = XDB::query('SELECT a.uid, a.password
+ FROM accounts AS a
+ INNER JOIN aliases AS l ON (l.id = a.uid AND l.type != \'homonyme\')
+ WHERE l.' . $login_type . ' = {?} AND a.state = \'active\'',
$login);
if (list($uid, $password) = $res->fetchOneRow()) {
- require_once 'secure_hash.inc.php';
- $expected_response = hash_encrypt("$uname:$password:" . S::v('challenge'));
- if ($response != $expected_response && Env::has('xorpass')
- && !preg_match('/^0*$/', Env::v('xorpass'))) {
- $new_password = hash_xor(Env::v('xorpass'), $password);
- $expected_response = hash_encrypt("$uname:$new_password:" . S::v('challenge'));
- if ($response == $expected_response) {
- XDB::execute('UPDATE auth_user_md5
- SET password = {?}
- WHERE user_id = {?}',
- $new_password, $uid);
-
- // Update the GoogleApps password as well, if required.
- global $globals;
- if ($globals->mailstorage->googleapps_domain) {
- require_once 'googleapps.inc.php';
- $user = User::getSilent($uid);
- $account = new GoogleAppsAccount($user);
- if ($account->active() && $account->sync_password) {
- $account->set_password($new_password);
- }
- }
- }
- }
+ $expected_response = sha1("$uname:$password:" . S::v('challenge'));
+ /* XXX: Deprecates len(password) > 10 conversion */
if ($response != $expected_response) {
if (!S::logged()) {
Platal::page()->trigError('Mot de passe ou nom d\'utilisateur invalide');
if (!S::logged()) {
S::set('auth', AUTH_COOKIE);
}
- return S::i('auth_by_cookie');
+ return User::getSilentWithValues(null, array('user_id' => S::i('auth_by_cookie')));
}
/** We come from an authentication form.
*/
- if (S::has('suid')) {
- $suid = S::v('suid');
- $login = $uname = $suid['uid'];
+ if (S::suid()) {
+ $login = $uname = S::suid('uid');
$redirect = false;
} else {
$uname = Env::v('username');
}
$uid = $this->checkPassword($uname, $login, Post::v('response'), (!$redirect && is_numeric($uname)) ? 'id' : 'alias');
- if (!is_null($uid) && S::has('suid')) {
- $suid = S::v('suid');
- if ($suid['uid'] == $uid) {
+ if (!is_null($uid) && S::suid()) {
+ if (S::suid('uid') == $uid) {
$uid = S::i('uid');
} else {
$uid = null;
}
if (!is_null($uid)) {
S::set('auth', AUTH_MDP);
- if (!S::has('suid')) {
+ if (!S::suid()) {
if (Post::has('domain')) {
if (($domain = Post::v('domain', 'login')) == 'alias') {
Cookie::set('domain', 'alias', 300);
S::kill('challenge');
S::logger($uid)->log('auth_ok');
}
- return $uid;
+ return User::getSilentWithValues(null, array('user_id' => $uid));
}
- protected function startSessionAs($uid, $level)
+ protected function startSessionAs($user, $level)
{
- if ((!is_null(S::v('user')) && S::i('user') != $uid) || (S::has('uid') && S::i('uid') != $uid)) {
+ if ((!is_null(S::v('user')) && S::v('user')->id() != $user->id())
+ || (S::has('uid') && S::i('uid') != $user->id())) {
return false;
} else if (S::has('uid')) {
return true;
}
// Retrieves main user properties.
- $res = XDB::query("SELECT u.user_id AS uid, u.hruid, prenom, prenom_ini, nom, nom_ini, nom_usage, perms, promo, promo_sortie,
- matricule, password, FIND_IN_SET('femme', u.flags) AS femme,
- q.core_mail_fmt AS mail_fmt, UNIX_TIMESTAMP(q.banana_last) AS banana_last, q.watch_last, q.core_rss_hash,
- FIND_IN_SET('watch', u.flags) AS watch_account, q.last_version, g.g_account_name IS NOT NULL AS googleapps,
- UNIX_TIMESTAMP(s.start) AS lastlogin, s.host
- FROM auth_user_md5 AS u
- INNER JOIN auth_user_quick AS q USING(user_id)
- LEFT JOIN gapps_accounts AS g ON (u.user_id = g.l_userid AND g.g_status = 'active')
- LEFT JOIN logger.last_sessions AS ls ON (ls.uid = u.user_id)
+ /** TODO: Move needed informations to account tables */
+ /** TODO: Currently suppressed data are matricule, promo */
+ /** TODO: Use the User object to fetch all this */
+ $res = XDB::query("SELECT a.uid, a.hruid, a.display_name, a.full_name,
+ a.sex = 'female' AS femme, a.email_format,
+ a.token, FIND_IN_SET('watch', a.flags) AS watch_account,
+ UNIX_TIMESTAMP(fp.last_seen) AS banana_last, w.last AS watch_last,
+ a.last_version, g.g_account_name IS NOT NULL AS googleapps,
+ UNIX_TIMESTAMP(s.start) AS lastlogin, s.host,
+ a.is_admin, at.perms
+ FROM accounts AS a
+ INNER JOIN account_types AS at ON(a.type = at.type)
+ INNER JOIN watch AS w ON(w.uid = a.uid)
+ LEFT JOIN forum_profiles AS fp ON(fp.uid = a.uid)
+ LEFT JOIN gapps_accounts AS g ON(a.uid = g.l_userid AND g.g_status = 'active')
+ LEFT JOIN logger.last_sessions AS ls ON (ls.uid = a.uid)
LEFT JOIN logger.sessions AS s ON(s.id = ls.id)
- WHERE u.user_id = {?} AND u.perms IN('admin', 'user')", $uid);
+ WHERE a.uid = {?} AND a.state = 'active'", $user->id());
$sess = $res->fetchOneAssoc();
$perms = $sess['perms'];
unset($sess['perms']);
$_SESSION = array_merge($_SESSION, $sess);
// Starts the session's logger, and sets up the permanent cookie.
- if (S::has('suid')) {
- $suid = S::v('suid');
- $logger = S::logger($uid);
- $logger->log("suid_start", S::v('hruid') . " by " . $suid['hruid']);
+ if (S::suid()) {
+ S::logger()->log("suid_start", S::v('hruid') . ' by ' . S::suid('hruid'));
} else {
- $logger = S::logger($uid);
- $logger->saveLastSession();
- Cookie::set('uid', $uid, 300);
+ S::logger()->saveLastSession();
+ Cookie::set('uid', $user->id(), 300);
- if (S::i('auth_by_cookie') == $uid || Post::v('remember', 'false') == 'true') {
- $this->setAccessCookie(false, S::i('auth_by_cookie') != $uid);
+ if (S::i('auth_by_cookie') == $user->id() || Post::v('remember', 'false') == 'true') {
+ $this->setAccessCookie(false, S::i('auth_by_cookie') != $user->id());
} else {
$this->killAccessCookie();
}
}
// Finalizes the session setup.
- S::set('perms', User::makePerms($perms));
+ $this->makePerms($perms, S::b('is_admin'));
$this->securityChecks();
$this->setSkin();
$this->updateNbNotifs();
public function tokenAuth($login, $token)
{
- $res = XDB::query('SELECT u.hruid
- FROM aliases AS a
- INNER JOIN auth_user_md5 AS u ON (a.id = u.user_id AND u.perms IN ("admin", "user"))
- INNER JOIN auth_user_quick AS q ON (a.id = q.user_id AND q.core_rss_hash = {?})
- WHERE a.alias = {?} AND a.type != "homonyme"', $token, $login);
+ $res = XDB::query('SELECT a.uid AS user_id, a.hruid
+ FROM aliases AS l
+ INNER JOIN accounts AS a ON (l.id = a.uid AND a.state = \'active\')
+ WHERE a.token = {?} AND l.alias = {?} AND l.type != \'homonyme\'',
+ $token, $login);
if ($res->numRows() == 1) {
- $data = $res->fetchOneAssoc();
- return new User($data['hruid'], $data);
+ return new User(null, $res->fetchOneAssoc());
}
return null;
}
protected function makePerms($perm, $is_admin)
{
- $flags = new PlFlagSet();
- if ($perm == 'disabled' || $perm == 'ext') {
- S::set('perms', $flags);
- return;
- }
- $flags->addFlag(PERMS_USER);
- if ($perm == 'admin') {
- $flags->addFlag(PERMS_ADMIN);
- }
- S::set('perms', $flags);
+ S::set('perms', User::makePerms($perm, $is_admin));
}
public function setSkin()
{
- if (S::logged() && (!S::has('skin') || S::has('suid'))) {
- $uid = S::v('uid');
- $res = XDB::query("SELECT skin_tpl
- FROM auth_user_quick AS a
- INNER JOIN skins AS s ON a.skin = s.id
- WHERE user_id = {?} AND skin_tpl != ''", $uid);
+ if (S::logged() && (!S::has('skin') || S::suid())) {
+ $res = XDB::query('SELECT skin_tpl
+ FROM accounts AS a
+ INNER JOIN skins AS s on (a.skin = s.id)
+ WHERE a.uid = {?} AND skin_tpl != \'\'', S::i('uid'));
S::set('skin', $res->fetchOneCell());
}
}
}
public function setAccessCookie($replace = false, $log = true) {
- if (S::has('suid') || ($replace && !Cookie::blank('access'))) {
+ if (S::suid() || ($replace && !Cookie::blank('access'))) {
return;
}
- require_once('secure_hash.inc.php');
- Cookie::set('access', hash_encrypt(S::v('password')), 300, true);
+ Cookie::set('access', sha1(S::v('password')), 300, true);
if ($log) {
S::logger()->log('cookie_on');
}
web_user = "***"
web_pass = "***"
-table_prefix = "banana_"
spool_root = "/var/spool/banana"
mbox_helper = "/usr/bin/banana-mbox-helper"
require_once 'xorg.inc.php';
-new Xorg('core');
+$platal = new Xorg('core');
global $globals;
-list($username, $path) = preg_split('/\//', $_SERVER["REQUEST_URI"], 2, PREG_SPLIT_NO_EMPTY);
-$res = XDB::query(
- "SELECT redirecturl
- FROM auth_user_quick AS a
- INNER JOIN aliases AS al ON (al.id = a.user_id AND (al.type='a_vie' OR al.type='alias'))
- WHERE al.alias = {?}
- GROUP BY redirecturl", $username);
+$path = ltrim($platal->pl_self(), '/');
+@list($username, $path) = explode('/', $path, 2);
-if ($url = $res->fetchOneCell()) {
- $url = preg_replace('@/+$@', '', $url);
- if ($path) {
- http_redirect("http://$url/$path");
- } else {
- http_redirect("http://$url");
+if ($username && !is_null($user = User::getSilent($username))) {
+ $url = XDB::fetchOneCell('SELECT url
+ FROM carvas
+ WHERE uid = {?}', $user->id());
+ if ($url) {
+ $url = preg_replace('@/+$@', '', $url);
+ if ($path) {
+ http_redirect("http://$url/$path");
+ } else {
+ http_redirect("http://$url");
+ }
}
}
-header("HTTP/1.0 404 Not Found");
-
+header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found');
?>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
}
Banana::$debug_nntp = ($globals->debug & DEBUG_BT);
Banana::$debug_smarty = ($globals->debug & DEBUG_SMARTY);
- if (!S::v('core_rss_hash')) {
- Banana::$feed_active = false;
- }
+ Banana::$feed_active = S::hasAuthToken();
+
parent::__construct($params, 'NNTP', 'PlatalBananaPage');
if (@$params['action'] == 'profile') {
Banana::$action = 'profile';
}
}
+ private function fetchProfile()
+ {
+ // Get user profile from SQL
+ $req = XDB::query("SELECT name, mail, sig,
+ FIND_IN_SET('threads',flags) AS threads,
+ FIND_IN_SET('automaj',flags) AS maj,
+ FIND_IN_SET('xface', flags) AS xface,
+ tree_unread, tree_read
+ FROM forum_profiles
+ WHERE uid = {?}", $this->user->id());
+ if ($req->numRows()) {
+ $infos = $req->fetchOneAssoc();
+ } else {
+ $infos = array();
+ }
+ if (empty($infos['name'])) {
+ $infos = array('name' => $this->user->fullName(),
+ 'mail' => $this->user->forlifeEmail(),
+ 'sig' => $this->user->displayName(),
+ 'threads' => false,
+ 'maj' => true,
+ 'xface' => false,
+ 'tree_unread' => 'o',
+ 'tree_read' => 'dg' );
+ }
+ return $infos;
+ }
+
public function run()
{
global $platal, $globals;
$time = null;
if (!is_null($this->params) && isset($this->params['updateall'])) {
$time = intval($this->params['updateall']);
- $_SESSION['banana_last'] = $time;
+ S::set('banana_last', $time);
}
- // Get user profile from SQL
- $req = XDB::query("SELECT nom, mail, sig,
- FIND_IN_SET('threads',flags), FIND_IN_SET('automaj',flags),
- tree_unread, tree_read
- FROM {$globals->banana->table_prefix}profils
- WHERE uid={?}", S::i('uid'));
- if (!(list($nom, $mail, $sig, $disp, $maj, $unread, $read) = $req->fetchOneRow())) {
- $nom = S::v('prenom')." ".S::v('nom');
- $mail = $this->user->forlifeEmail();
- $sig = $nom." (".S::v('promo').")";
- $disp = 0;
- $maj = 1;
- $unread = 'o';
- $read = 'dg';
- }
- if ($maj) {
+ $infos = $this->fetchProfile();
+ if ($infos['maj']) {
$time = time();
}
// Build user profile
- $req = XDB::query("
- SELECT nom
- FROM {$globals->banana->table_prefix}abos
- LEFT JOIN {$globals->banana->table_prefix}list ON list.fid=abos.fid
- WHERE uid={?}", S::i('uid'));
- Banana::$profile['headers']['From'] = "$nom <$mail>";
+ $req = XDB::query("SELECT name
+ FROM forum_subs AS fs
+ LEFT JOIN forums AS f ON (f.fid = fs.fid)
+ WHERE uid={?}", $this->user->id());
+ Banana::$profile['headers']['From'] = $infos['name'] . ' <' . $infos['mail'] . '>';
Banana::$profile['headers']['Organization'] = make_Organization();
- Banana::$profile['signature'] = $sig;
- Banana::$profile['display'] = $disp;
- Banana::$profile['autoup'] = $maj;
+ Banana::$profile['signature'] = $infos['sig'];
+ Banana::$profile['display'] = $infos['threads'];
+ Banana::$profile['autoup'] = $infos['maj'];
Banana::$profile['lastnews'] = S::v('banana_last');
Banana::$profile['subscribe'] = $req->fetchColumn();
- Banana::$tree_unread = $unread;
- Banana::$tree_read = $read;
+ Banana::$tree_unread = $infos['tree_unread'];
+ Banana::$tree_read = $infos['tree_read'];
// Update the "unread limit"
if (!is_null($time)) {
- XDB::execute("UPDATE auth_user_quick
- SET banana_last = FROM_UNIXTIME({?})
- WHERE user_id={?}",
- $time, S::i('uid'));
+ XDB::execute('UPDATE forum_profiles
+ SET last_seen = FROM_UNIXTIME({?})
+ WHERE uid = {?}',
+ $time, $this->user->id());
+ if (XDB::affectedRows() == 0) {
+ XDB::execute('INSERT INTO forum_profiles (uid, last_seen)
+ VALUES ({?}, FROM_UNIXTIME({?}))',
+ $this->user->id(), $time);
+ }
}
if (!empty($GLOBALS['IS_XNET_SITE'])) {
public function post($dest, $reply, $subject, $body)
{
global $globals;
- $res = XDB::query('SELECT nom, prenom, promo
- FROM auth_user_md5 AS u
- WHERE u.user_id = {?}', $this->user->id());
- list($nom, $prenom, $promo) = $res->fetchOneRow();
- Banana::$profile['headers']['From'] = "$prenom $nom ($promo) <{$this->user->bestEmail()}>";
+ Banana::$profile['headers']['From'] = $this->user->fullName() . ' <' . $this->user->bestEmail() . '>';
Banana::$profile['headers']['Organization'] = make_Organization();
return parent::post($dest, $reply, $subject, $body);
}
protected function action_saveSubs($groups)
{
global $globals;
- $uid = S::v('uid');
+ $uid = $this->user->id();
Banana::$profile['subscribe'] = array();
- XDB::execute("DELETE FROM {$globals->banana->table_prefix}abos WHERE uid={?}", $uid);
+ XDB::execute('DELETE FROM forum_subs
+ WHERE uid = {?}', $this->user->id());
if (!count($groups)) {
return true;
}
- $req = XDB::iterRow("SELECT fid,nom FROM {$globals->banana->table_prefix}list");
- $fids = array();
- while (list($fid,$fnom) = $req->next()) {
- $fids[$fnom] = $fid;
- }
-
+ $fids = XDB::fetchAllAssoc('name', 'SELECT fid, name
+ FROM forums');
$diff = array_diff($groups, array_keys($fids));
foreach ($diff as $g) {
- XDB::execute("INSERT INTO {$globals->banana->table_prefix}list (nom) VALUES ({?})", $g);
+ XDB::execute('INSERT INTO forums (name)
+ VALUES ({?})', $g);
$fids[$g] = XDB::insertId();
}
foreach ($groups as $g) {
- XDB::execute("INSERT INTO {$globals->banana->table_prefix}abos (fid,uid) VALUES ({?},{?})",
+ XDB::execute('INSERT INTO forum_subs (fid, uid)
+ VALUES ({?}, {?})',
$fids[$g], $uid);
Banana::$profile['subscribe'][] = $g;
}
protected function action_updateProfile()
{
global $globals;
- $page = Platal::page();
+ $page =& Platal::page();
$colors = glob(dirname(__FILE__) . '/../../htdocs/images/banana/m2*.gif');
foreach ($colors as $key=>$path) {
if (Post::has('action') && Post::v('action') == 'Enregistrer') {
S::assert_xsrf_token();
- $flags = new FlagSet();
+ $flags = new PlFlagSet();
if (Post::b('bananadisplay')) {
$flags->addFlag('threads');
}
$read = Post::s('read');
if (!in_array($unread, $colors) || !in_array($read, $colors)) {
$page->trigError('Le choix de type pour l\'arborescence est invalide');
- } elseif (XDB::execute("REPLACE INTO forums.profils (uid, sig, mail, nom, flags, tree_unread, tree_read)
- VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?})",
- S::v('uid'), Post::v('bananasig'),
- Post::v('bananamail'), Post::v('banananame'),
- $flags, $unread, $read)) {
- $page->trigSuccess("Ton profil a été enregistré avec succès.");
} else {
- $page->trigError("Une erreur s'est produite lors de l'enregistrement de ton profil");
+ $last_seen = XDB::query('SELECT last_seen
+ FROM forum_profiles
+ WHERE uid = {?}', $this->user->id());
+ if ($last_seen->numRows() > 0) {
+ $last_seen = $last_seen->fetchOneCell();
+ } else {
+ $last_seen = '0000-00-00';
+ }
+ XDB::execute('REPLACE INTO forum_profiles (uid, sig, mail, name, flags, tree_unread, tree_read, last_seen)
+ VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})',
+ $this->user->id(), Post::v('bananasig'),
+ Post::v('bananamail'), Post::v('banananame'),
+ $flags, $unread, $read, $last_seen);
+ $page->trigSuccess('Ton profil a été mis à jour');
}
}
- $req = XDB::query("
- SELECT nom, mail, sig,
- FIND_IN_SET('threads', flags),
- FIND_IN_SET('automaj', flags),
- FIND_IN_SET('xface', flags),
- tree_unread,
- tree_read
- FROM forums.profils
- WHERE uid = {?}", S::v('uid'));
- if (!(list($nom, $mail, $sig, $disp, $maj, $xface, $unread, $read) = $req->fetchOneRow())) {
- $nom = S::v('prenom').' '.S::v('nom');
- $mail = S::user()->forlifeEmail();
- $sig = $nom.' ('.S::v('promo').')';
- $disp = 0;
- $maj = 0;
- $xface = 0;
- $unread = 'o';
- $read = 'dg';
- }
- $page->assign('nom' , $nom);
- $page->assign('mail', $mail);
- $page->assign('sig', $sig);
- $page->assign('disp', $disp);
- $page->assign('maj', $maj);
- $page->assign('xface', $xface);
- $page->assign('unread', $unread);
- $page->assign('read', $read);
+ $infos = $this->fetchProfile();
+ $page->assign('nom' , $infos['name']);
+ $page->assign('mail', $infos['mail']);
+ $page->assign('sig', $infos['sig']);
+ $page->assign('disp', $infos['threads']);
+ $page->assign('maj', $infos['maj']);
+ $page->assign('xface', $infos['xface']);
+ $page->assign('unread', $infos['tree_unread']);
+ $page->assign('read', $infos['tree_read']);
return null;
}
}
} else {
$group = '';
}
- return '/rss/' . $group . S::v('hruid') . '/' . S::v('core_rss_hash') . '/rss.xml';
+ return '/rss/' . $group . S::v('hruid') . '/' . S::s('token') . '/rss.xml';
}
function hook_platalMessageLink($params)
function hook_getXFace($headers)
{
- $login = @$headers['x-org-id'];
- if (!$login) {
- @list($login, ) = explode('@', $headers['x-org-mail']);
+ $login = null;
+ foreach (array('x-org-id', 'x-org-mail') as $key) {
+ if (isset($headers[$key])) {
+ $login = $headers[$key];
+ break;
+ }
}
- if (!$login) {
+ if (is_null($login)) {
+ // No login, fallback to default handler
return false;
}
if (isset($headers['x-face'])) {
- $res = XDB::query("SELECT p.uid
- FROM forums.profils AS p
- INNER JOIN aliases AS a ON (p.uid = a.id)
- WHERE FIND_IN_SET('xface', p.flags) AND a.alias = {?}",
- $login);
+ $user = User::getSilent($login);
+ $res = XDB::query('SELECT pf.uid
+ FROM forum_profiles AS pf
+ WHERE pf.uid = {?} AND FIND_IN_SET(\'xface\', pf.flags)',
+ $user->id());
if ($res->numRows()) {
+ // User wants his xface to be showed, fallback to default handler
return false;
}
}
function run_banana(&$page, $class, array $args)
{
- $banana = new $class(S::user(), $args);
+ $user =& S::user();
+ $banana = new $class($user, $args);
$page->assign('banana', $banana->run());
$page->addCssInline($banana->css());
$page->addCssLink('banana.css');
Banana::$msgshow_mimeparts[] = 'source';
}
array_push(Banana::$msgparse_headers, 'x-org-id', 'x-org-mail');
- if (!S::v('core_rss_hash')) {
- Banana::$feed_active = false;
- }
+ Banana::$feed_active = S::hasAuthToken();
MLBanana::$listname = $params['listname'];
MLBanana::$domain = $params['domain'];
Banana::$msgedit_headers['X-Org-Mail'] = $this->user->forlifeEmail();
// Tree color
- $req = XDB::query("SELECT tree_unread, tree_read
- FROM {$globals->banana->table_prefix}profils
- WHERE uid={?}", S::i('uid'));
+ $req = XDB::query('SELECT tree_unread, tree_read
+ FROM forum_profiles
+ WHERE uid= {?}', $this->user->id());
if (!(list($unread, $read) = $req->fetchOneRow())) {
$unread = 'o';
$read = 'dg';
// Retrieves the current list of actives storages.
private function get_storages()
{
- $res = XDB::query("SELECT mail_storage
- FROM auth_user_md5
- WHERE user_id = {?}", $this->user->id());
- return new PlFlagSet($res->fetchOneCell());
+ return new PlFlagSet(XDB::fetchOneCell('SELECT storage
+ FROM email_options
+ WHERE uid = {?}',
+ $this->user->id()));
}
// Updates the list of active storages.
private function set_storages($storages)
{
- XDB::execute("UPDATE auth_user_md5
- SET mail_storage = {?}
- WHERE user_id = {?}", $storages, $this->user->id());
+ XDB::execute("UPDATE email_options
+ SET storage = {?}
+ WHERE uid = {?}", $storages, $this->user->id());
}
// Returns the list of allowed storages for the @p user.
}
// Sends the 'account created' email to the user, with basic documentation.
- $res = XDB::query(
- "SELECT FIND_IN_SET('femme', u.flags), prenom
- FROM auth_user_md5 AS u
- WHERE u.user_id = {?}", $user->id());
- list($sexe, $prenom) = $res->fetchOneRow();
-
$mailer = new PlMailer('googleapps/create.mail.tpl');
$mailer->assign('account', $account);
$mailer->assign('email', $user->bestEmail());
$mailer->assign('googleapps_domain', $globals->mailstorage->googleapps_domain);
- $mailer->assign('prenom', $prenom);
- $mailer->assign('sexe', $sexe);
+ $mailer->assign('prenom', $user->displayName());
+ $mailer->assign('sexe', $user->isFemale());
$mailer->send();
}
}
// Sends an email to the account owner.
- $res = XDB::query(
- "SELECT FIND_IN_SET('femme', u.flags), prenom
- FROM auth_user_md5 AS u
- WHERE u.user_id = {?}", $user->id());
- list($sexe, $prenom) = $res->fetchOneRow();
-
$mailer = new PlMailer('googleapps/unsuspend.mail.tpl');
$mailer->assign('account', $account);
$mailer->assign('email', $user->bestEmail());
- $mailer->assign('prenom', $prenom);
- $mailer->assign('sexe', $sexe);
+ $mailer->assign('prenom', $user->displayName());
+ $mailer->assign('sexe', $user->isFemale());
$mailer->send();
}
}
if ($this->sync_password) {
$res = XDB::query(
"SELECT password
- FROM auth_user_md5
- WHERE user_id = {?}", $this->user->id());
+ FROM accounts
+ WHERE uid = {?}", $this->user->id());
$password = ($res->numRows() > 0 ? $res->fetchOneCell() : false);
} else {
$password = false;
if (!$this->pending_create) {
// Retrieves information on the new account.
+ // TODO: retreive first_name and last_name from the profile.
$res = XDB::query(
"SELECT nom, nom_usage, prenom
FROM auth_user_md5
return false;
}
- require_once('secure_hash.inc.php');
$hash = rand_url_id(12);
$pass = rand_pass();
- $pass_encrypted = hash_encrypt($pass);
+ $pass_encrypted = sha1($pass);
$fdate = strftime('%d %B %Y', strtotime($date));
$mymail = new PlMailer('marketing/relance.mail.tpl');
return $mail ? $this->_title_mail : $this->_title;
}
- public function head($prenom = null, $nom = null, $sexe = null, $type = 'text')
+ public function head($user = null, $type = 'text')
{
- if (is_null($prenom)) {
+ if (is_null($user)) {
return $this->_head;
} else {
$head = $this->_head;
- $head = str_replace('<cher>', $sexe ? 'Chère' : 'Cher', $head);
- $head = str_replace('<prenom>', $prenom, $head);
- $head = str_replace('<nom>', $nom, $head);
+ $head = str_replace('<cher>', $user->isFemale() ? 'Chère' : 'Cher', $head);
+ $head = str_replace('<prenom>', $user->displayName(), $head);
+ $head = str_replace('<nom>', '', $head);
return format_text($head, $type, 2, 64);
}
}
}
}
- public function toText(&$page, $prenom, $nom, $sexe)
+ public function toText(&$page, $user)
{
$this->css($page);
$page->assign('is_mail', false);
$page->assign('mail_part', 'text');
- $page->assign('prenom', $prenom);
- $page->assign('nom', $nom);
- $page->assign('sexe', $sexe);
+ $page->assign('user', $user);
$this->assignData($page);
}
- public function toHtml(&$page, $prenom, $nom, $sexe)
+ public function toHtml(&$page, $user)
{
$this->css($page);
$page->assign('prefix', $this->_prefix . '/' . $this->id());
$page->assign('is_mail', false);
$page->assign('mail_part', 'html');
- $page->assign('prenom', $prenom);
- $page->assign('nom', $nom);
- $page->assign('sexe', $sexe);
+ $page->assign('user', $user);
$this->assignData($page);
}
return $hash;
}
- public function sendTo($hruid, $email, $prenom, $nom, $sexe, $html, $hash = 0)
+ public function sendTo($user, $hash = null)
{
- // If $email is not a real email address, tries to compute it up from
- // the hruid. Otherwise, we suppose that caller will have used a valid
- // and canonical email address.
- if (strpos($email, '@') === false) {
- if (!($user = User::getSilent($email))) {
- Platal::page()->trigError("'$email' is neither a valid email address nor a valid login; did not send the email.");
- }
- $email = $user->bestEmail();
+ if (is_null($hash)) {
+ $hash = XDB::fetchOneCell("SELECT hash
+ FROM {$this->_subscriptionTable}
+ WHERE user_id = {?}", $user->id());
}
-
- if ($hruid && (is_null($hash) || $hash == 0)) {
- $hash = $this->createHash(array($email, $prenom, $nom, $sexe, $html, rand(), "X.org rulez"));
- XDB::query("UPDATE {$this->_subscriptionTable} as ni
- INNER JOIN auth_user_md5 AS u USING (user_id)
- SET ni.hash = {?}
- WHERE ni.user_id != 0 AND u.hruid = {?}",
- $hash, $hruid);
+ if (is_null($hash)) {
+ $hash = $this->createHash(array($user->displayName(), $user->fullName(),
+ $user->isFemale(), $user->isEmailFormatHtml(),
+ rand(), "X.org rulez"));
+ XDB::execute("UPDATE {$this->_subscriptionTable} as ni
+ SET ni.hash = {?}
+ WHERE ni.user_id != {?}",
+ $hash, $user->id());
}
$mailer = new PlMailer($this->_tpl);
$this->assignData($mailer);
$mailer->assign('is_mail', true);
- $mailer->assign('prenom', $prenom);
- $mailer->assign('nom', $nom);
- $mailer->assign('sexe', $sexe);
+ $mailer->assign('user', $user);
$mailer->assign('prefix', null);
$mailer->assign('hash', $hash);
- $mailer->assign('email', $email);
- $mailer->assign('alias', $hruid);
- $mailer->addTo("\"$prenom $nom\" <$email>");
- $mailer->send($html);
+ $mailer->addTo('"' . $user->fullName() . '" <' . $user->bestEmail() . '>');
+ $mailer->send($user->isEmailFormatHtml());
}
protected function getAllRecipients()
{
global $globals;
- return "SELECT u.user_id, u.hruid, CONCAT(a.alias, '@{$globals->mail->domain}'),
- u.prenom, IF(u.nom_usage='', u.nom, u.nom_usage),
- FIND_IN_SET('femme', u.flags),
- q.core_mail_fmt AS pref, ni.hash AS hash
+ return "SELECT a.uid, a.hruid, a.display_name, a.full_name, a.email_format,
+ ni.hash AS hash
FROM {$this->_subscriptionTable} AS ni
- INNER JOIN auth_user_md5 AS u USING(user_id)
- INNER JOIN auth_user_quick AS q ON(q.user_id = u.user_id)
- INNER JOIN aliases AS a ON(u.user_id=a.id AND FIND_IN_SET('bestalias',a.flags))
- LEFT JOIN emails AS e ON(e.uid=u.user_id AND e.flags='active')
+ INNER JOIN accounts AS a ON (ni.user_id = a.uid)
+ LEFT JOIN email_options AS eo ON (eo.uid = a.uid)
+ LEFT JOIN emails AS e ON (e.uid = a.uid AND e.flags='active')
WHERE ni.last < {?} AND ({$this->subscriptionWhere()}) AND
- (e.email IS NOT NULL OR FIND_IN_SET('googleapps', u.mail_storage))
- GROUP BY u.user_id";
+ (e.email IS NOT NULL OR FIND_IN_SET('googleapps', eo.storage))
+ GROUP BY a.uid";
}
public function sendToAll()
{
$this->setSent();
- $query = $this->getAllRecipients() . " LIMIT {?}";
+ $query = XDB::format($this->getAllRecipients(), $this->id()) . ' LIMIT 60';
while (true) {
- $res = XDB::iterRow($query, $this->_id, 60);
+ $res = XDB::iterRow($query);
if (!$res->total()) {
return;
}
- $sent = array();
- while (list($uid, $hruid, $email, $prenom, $nom, $sexe, $fmt, $hash) = $res->next()) {
- $sent[] = "(user_id='$uid'" . (!$uid ? " AND email='$email')": ')');
- $this->sendTo($hruid, $email, $prenom, $nom, $sexe, $fmt=='html', $hash);
+ while ($infos = $res->next()) {
+ $user = User::getSilentWithValues(null, $infos);
+ $sent[] = XDB::format('user_id = {?}', $user->id());
+ $this->sendTo($user, $hash);
}
XDB::execute("UPDATE {$this->_subscriptionTable}
SET last = {?}
function inscription_notifs_base($uid)
{
- XDB::execute('REPLACE INTO watch_sub (uid,cid) SELECT {?},id FROM watch_cat', $uid);
+ XDB::execute('REPLACE INTO watch_sub (uid, cid)
+ SELECT {?}, id
+ FROM watch_cat', $uid);
}
// }}}
function register_watch_op($uid, $cid, $date='', $info='')
{
+ // XXX
+ // TODO: Find out whether uid is a user or a profile!!!
+ // XXX
if (empty($date)) {
$date = date('Y-m-d');
- };
- XDB::execute('REPLACE INTO watch_ops (uid,cid,known,date,info)
+ }
+ XDB::execute('REPLACE INTO watch_ops (uid, cid, known, date, info)
VALUES ({?}, {?}, NOW(), {?}, {?})',
$uid, $cid, $date, $info);
if($cid == WATCH_FICHE) {
if ($info) {
register_profile_update($uid, $info);
}
- XDB::execute('UPDATE auth_user_md5 SET DATE=NOW() WHERE user_id={?}', $uid);
+ XDB::execute('UPDATE profiles
+ SET last_change = NOW()
+ WHERE pid = {?}', $uid);
} elseif($cid == WATCH_INSCR) {
XDB::execute('REPLACE INTO contacts (uid,contact)
- SELECT uid,ni_id
+ SELECT uid, ni_id
FROM watch_nonins
- WHERE ni_id={?}', $uid);
- XDB::execute('DELETE FROM watch_nonins WHERE ni_id={?}', $uid);
+ WHERE ni_id = {?}', $uid);
+ XDB::execute('DELETE FROM watch_nonins
+ WHERE ni_id = {?}', $uid);
}
Platal::session()->updateNbNotifs();
}
}
if($up) {
- XDB::execute('UPDATE auth_user_quick SET watch_last=NOW() WHERE user_id={?}', $uid);
+ XDB::execute('UPDATE watch
+ SET last = NOW()
+ WHERE uid = {?}', $uid);
}
}
}
$this->_promos = new PromoNotifs($uid);
$this->_nonins = new NoninsNotifs($uid);
$this->_subs = new WatchSub($uid);
- $res = XDB::query("SELECT FIND_IN_SET('contacts',watch_flags),FIND_IN_SET('mail',watch_flags)
- FROM auth_user_quick
- WHERE user_id={?}", $uid);
- list($this->watch_contacts,$this->watch_mail) = $res->fetchOneRow();
+ $res = XDB::query('SELECT FIND_IN_SET(\'contacts\', flags),
+ FIND_IN_SET(\'mail\', flags)
+ FROM watch
+ WHERE uid = {?}', $uid);
+ list($this->watch_contacts, $this->watch_mail) = $res->fetchOneRow();
- $res = XDB::iterator("SELECT * FROM watch_cat");
- while($tmp = $res->next()) {
- $this->_cats[$tmp['id']] = $tmp;
- }
+ $this->_cats = XDB::fetchAllAssoc('id', 'SELECT * FROM watch_cat');
}
public function saveFlags()
{
- $flags = "";
- if ($this->watch_contacts)
- $flags = "contacts";
- if ($this->watch_mail)
- $flags .= ($flags ? ',' : '')."mail";
- XDB::execute('UPDATE auth_user_quick SET watch_flags={?} WHERE user_id={?}',
- $flags, $this->_uid);
+ $flags = new PlFlagSet();
+ $flags->addFlag('contacts', $this->watch_contacts);
+ $flags->addFlag('mail', $this->watch_mail);
+ XDB::execute('UPDATE watch
+ SET flags = {?}
+ WHERE uid = {?}',
+ $flags, $this->_uid);
}
public function cats()
public function add($p)
{
XDB::execute('INSERT INTO watch_nonins (uid,ni_id) VALUES({?},{?})', $this->_uid, $p);
- $res = XDB::query('SELECT prenom,IF(nom_usage="",nom,nom_usage) AS nom,promo,user_id
+ $res = XDB::query('SELECT prenom, IF(nom_usage="",nom,nom_usage) AS nom,promo,user_id
FROM auth_user_md5
WHERE user_id={?}', $p);
$this->_data["$p"] = $res->fetchOneAssoc();
+++ /dev/null
-<?php
-/***************************************************************************
- * Copyright (C) 2003-2008 Polytechnique.org *
- * http://opensource.polytechnique.org/ *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the Free Software *
- * Foundation, Inc., *
- * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
- ***************************************************************************/
-
-function init_rss($template, $alias, $hash, $require_uid = true)
-{
- $page =& Platal::page();
- $page->changeTpl($template, NO_SKIN);
- $user = Platal::session()->tokenAuth($alias, $hash);
- if (is_null($user)) {
- if ($require_uid) {
- exit;
- } else {
- $user = null;
- }
- }
-
- if ($template) {
- $page->assign('rss_hash', $hash);
- header('Content-Type: application/rss+xml; charset=utf8');
- }
- return is_null($user) ? null : $user->id();
-}
-
-// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
-?>
+++ /dev/null
-<?php
-/***************************************************************************
- * Copyright (C) 2003-2008 Polytechnique.org *
- * http://opensource.polytechnique.org/ *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the Free Software *
- * Foundation, Inc., *
- * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
- ***************************************************************************/
-
-function hash_encrypt($s) {
- return sha1($s);
-}
-
-function hash_xor($a, $b) {
- $c = "";
- $i = strlen($a);
- $j = strlen($b);
- if ($i < $j) {
- $d = $a; $a = $b; $b = $d;
- $k = $i; $i = $j; $j = $k;
- }
- for ($k = 0; $k < $j; $k++)
- $c .= dechex(hexdec($a{$k}) ^ hexdec($b{$k}));
- for (; $k < $i; $k++)
- $c .= $a{$k};
- return $c;
-}
-// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
-?>
if ($really_del) {
array_push($tables_to_clear['uid'], 'emails', 'groupex.membres', 'contacts', 'adresses', 'profile_phones',
- 'photo', 'perte_pass', 'langues_ins', 'forums.abos', 'forums.profils');
+ 'photo', 'perte_pass', 'langues_ins', 'forum_subs', 'forum_profiles');
array_push($tables_to_clear['user_id'], 'newsletter_ins', 'auth_user_quick', 'binets_ins');
$tables_to_clear['id'] = array('aliases');
$tables_to_clear['contact'] = array('contacts');
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
-// {{{ class AliasReq
-
+// class AliasReq {{{1
class AliasReq extends Validate
{
- // {{{ properties
-
+ // properties {{{2
public $alias;
public $raison;
public $unique = true;
- public $old='';
- public $public='private';
+ public $old = '';
+ public $public = 'private';
public $rules = "Interdire ce qui peut nous servir (virus@, postmaster@, ...),
les alias vulgaires, et les prenom.nom (sauf si c'est pour l'utilisateur prenom.nom).
Pas de contrainte pour les tirets ou les points, en revanche le souligné (_) est interdit";
- // }}}
- // {{{ constructor
-
+ // constructor {{{2
public function __construct(User &$_user, $_alias, $_raison, $_public, $_stamp=0)
{
global $globals;
$this->alias = $_alias.'@'.$globals->mail->alias_dom;
$this->raison = $_raison;
$this->public = $_public;
-
- $res = XDB::query("
- SELECT v.alias
- FROM virtual_redirect AS vr
- INNER JOIN virtual AS v ON (v.vid=vr.vid AND v.alias LIKE '%@{$globals->mail->alias_dom}')
- WHERE vr.redirect = {?} OR vr.redirect = {?}",
- $this->user->forlifeEmail(),
- // TODO: remove this über-ugly hack. The issue is that you need
- // to remove all @m4x.org addresses in virtual_redirect first.
- $this->user->login() . '@' . $globals->mail->domain2);
- $this->old = $res->fetchOneCell();
+ $this->old = $user->emailAlias();
if (empty($this->old)) {
unset($this->old);
}
}
- // }}}
- // {{{ function get_request()
-
+ // function get_request() {{{2
static public function get_request($uid)
{
return parent::get_typed_request($uid, 'alias');
}
- // }}}
- // {{{ function formu()
-
+ // function formu() {{{2
public function formu()
{
return 'include/form.valid.aliases.tpl';
}
- // }}}
- // {{{ function _mail_subj
-
+ // function _mail_subj {{{2
protected function _mail_subj()
{
return "[Polytechnique.org/MELIX] Demande de l'alias {$this->alias}";
}
- // }}}
- // {{{ function _mail_body
-
+ // function _mail_body {{{2
protected function _mail_body($isok)
{
if ($isok) {
- return " L'adresse email {$this->alias} que tu avais demandée vient d'être créée, tu peux désormais l'utiliser à ta convenance.".(($this->public == 'public')?" A ta demande, cette adresse apparaît maintenant sur ta fiche.":"");
+ return " L'adresse email {$this->alias} que tu avais demandée vient d'être créée, tu peux désormais l'utiliser à ta convenance."
+ . ($this->public == 'public' ? ' A ta demande, cette adresse apparaît maintenant sur ta fiche.' : '');
} else {
return " La demande que tu avais faite pour l'alias {$this->alias} a été refusée.";
}
}
- // }}}
- // {{{ function shorter_domain
-
- private function shorter_domain()
+ // function commit() {{{2
+ public function commit()
{
- global $globals;
-
- $mail = $globals->mail;
-
- if (empty($mail->domain2) || strlen($mail->domain2) > strlen($mail->domain)) {
- return $mail->domain;
- } else {
- return $mail->domain2;
+ if ($this->user->hasProfile()) {
+ XDB::execute('UPDATE profiles
+ SET alias_pub = {?}
+ WHERE pid = {?}',
+ $this->public, $this->user->profile()->id());
}
- }
-
- // }}}
- // {{{ function commit()
-
- public function commit ()
- {
- XDB::execute("UPDATE auth_user_quick SET emails_alias_pub = {?} WHERE user_id = {?}",
- $this->public, $this->user->id());
if ($this->old) {
- return XDB::execute("UPDATE virtual SET alias = {?} WHERE alias = {?}",
+ return XDB::execute('UPDATE virtual
+ SET alias = {?}
+ WHERE alias = {?}',
$this->alias, $this->old);
} else {
- XDB::execute("INSERT INTO virtual SET alias = {?},type='user'", $this->alias);
+ XDB::execute('INSERT INTO virtual
+ SET alias = {?}, type=\'user\'',
+ $this->alias);
$vid = XDB::insertId();
- return XDB::query("INSERT INTO virtual_redirect (vid,redirect) VALUES ({?}, {?})",
- $vid, $this->user->forlifeEmail());
+ return XDB::execute('INSERT INTO virtual_redirect (vid, redirect)
+ VALUES ({?}, {?})',
+ $vid, $this->user->forlifeEmail());
}
}
-
- // }}}
}
-// }}}
-
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
?>
public function commit()
{
- require_once('homonymes.inc.php');
-
- switch_bestalias($this->user->id(), $this->loginbis);
+ Platal::load('admin', 'homonyms.inc.php');
+ switch_bestalias($this->user, $this->loginbis);
if (!$this->warning) {
XDB::execute("UPDATE aliases SET type = 'homonyme', expire = NOW() WHERE alias = {?}", $this->loginbis);
XDB::execute("REPLACE INTO homonymes (homonyme_id, user_id) VALUES({?}, {?})", $this->user->id(), $this->user->id());
return 1;
}
- $list = new MMList(S::user()->id(), S::v('password'), $this->domain);
+ $list = new MMList(S::user()->id(), $this->domain);
$ret = $list->create_list($this->liste, utf8_decode($this->desc), $this->advertise,
$this->modlevel, $this->inslevel,
$this->owners, $this->members);
public function addUser($user)
{
- $user = User::getSilent($user);
+ $user = Profile::get($user);
if ($user) {
$this->user_list[] = $user;
$this->count++;
{
global $globals;
$login = $entry['value'];
- $user = get_user_details($login->login());
+ $user = get_user_details($login->hrid());
if (empty($user['nom_usage'])) {
$entry = new PlVCardEntry($user['prenom'], $user['nom'], null, null, @$user['nickname']);
// Melix
$res = XDB::query(
"SELECT alias
- FROM virtual
- INNER JOIN virtual_redirect USING(vid)
+ FROM virtual AS v
+ INNER JOIN virtual_redirect AS vr ON (v.vid = vr.vid)
INNER JOIN auth_user_quick ON ( user_id = {?} AND emails_alias_pub = 'public' )
WHERE ( redirect={?} OR redirect={?} )
AND alias LIKE '%@{$globals->mail->alias_dom}'",
function doPlatalLink($link, $text)
{
if (strlen(trim($text)) == 0) {
- $res = XDB::query("SELECT u.nom, u.prenom, u.promo, q.profile_nick AS surnom
- FROM auth_user_md5 AS u
- INNER JOIN auth_user_quick AS q USING(user_id)
- INNER JOIN aliases AS a ON u.user_id = a.id
- WHERE a.alias = {?}", $link);
- $row = $res->fetchOneAssoc();
- $text = $row['prenom'] . ' ' . $row['nom'] . ' X' . $row['promo'];
- if ($row['surnom']) {
- $text .= ' (alias ' . $row['surnom'] . ')';
- }
+ $user = User::get($link);
+ $text = $user->fullName();
}
return '<a href="profile/' . $link . '" class="popup2">' . $text . '</a>';
}
{
return array(
'phpinfo' => $this->make_hook('phpinfo', AUTH_MDP, 'admin'),
+ 'get_rights' => $this->make_hook('get_rights', AUTH_MDP, 'admin'),
'admin' => $this->make_hook('default', AUTH_MDP, 'admin'),
'admin/ax-xorg' => $this->make_hook('ax_xorg', AUTH_MDP, 'admin'),
'admin/dead-but-active' => $this->make_hook('dead_but_active', AUTH_MDP, 'admin'),
exit;
}
+ function handler_get_rights(&$page, $level)
+ {
+ if (S::suid()) {
+ $page->kill('Déjà en SUID');
+ }
+ $user =& S::user();
+ Platal::session()->startSUID($user, $level);
+
+ pl_redirect('/');
+ }
+
function handler_default(&$page)
{
$page->changeTpl('admin/index.tpl');
$page->setTitle('Administration - Edit/Su/Log');
require_once("emails.inc.php");
- if (S::has('suid')) {
+ if (S::suid()) {
$page->kill("Déjà en SUID !!!");
}
}
if(Env::has('suid_button') && $registered) {
- S::logger()->log("suid_start", "login on " . $user->login());
- if (!Platal::session()->startSUID($user->id())) {
+ if (!Platal::session()->startSUID($user)) {
$page->trigError('Impossible d\'effectuer un SUID sur ' . $user->id());
} else {
pl_redirect("");
// Profile edition.
case "u_edit":
// Loads new values from environment.
- require_once('secure_hash.inc.php');
- $pass_encrypted = Env::v('newpass_clair') != "********" ? hash_encrypt(Env::v('newpass_clair')) : Env::v('passw');
+ $pass_encrypted = Env::v('newpass_clair') != "********" ? sha1(Env::v('newpass_clair')) : Env::v('passw');
$naiss = Env::v('naissanceN');
$deces = Env::v('decesN');
$perms = Env::v('permsN');
// Forum ban update.
case "b_edit":
- XDB::execute("DELETE FROM forums.innd WHERE uid = {?}", $user->id());
+ XDB::execute("DELETE FROM forum_innd WHERE uid = {?}", $user->id());
if (Env::v('write_perm') != "" || Env::v('read_perm') != "" || Env::v('commentaire') != "" ) {
- XDB::execute("INSERT INTO forums.innd
+ XDB::execute("INSERT INTO forum_innd
SET ipmin = '0', ipmax = '4294967295',
write_perm = {?}, read_perm = {?},
comment = {?}, priority = '200', uid = {?}",
// Displays forum bans.
$res = XDB::query("SELECT write_perm, read_perm, comment
- FROM forums.innd
+ FROM forum_innd
WHERE uid = {?}", $user->id());
$bans = $res->fetchOneAssoc();
$page->assign('bans', $bans);
{
$page->changeTpl('admin/homonymes.tpl');
$page->setTitle('Administration - Homonymes');
- require_once("homonymes.inc.php");
+ $this->load("homonyms.inc.php");
if ($target) {
- if (! list($prenom,$nom,$forlife,$loginbis) = select_if_homonyme($target)) {
- $target=0;
+ $user = User::getSilent($target);
+ if (!$user || !($loginbis = select_if_homonyme($user))) {
+ $target = 0;
} else {
- $page->assign('nom',$nom);
- $page->assign('prenom',$prenom);
- $page->assign('forlife',$forlife);
+ $page->assign('user', $user);
$page->assign('loginbis',$loginbis);
}
}
case 'mail':
S::assert_xsrf_token();
- send_warning_homonyme($prenom, $nom, $forlife, $loginbis);
- switch_bestalias($target, $loginbis);
+ send_warning_homonyme($user, $loginbis);
+ switch_bestalias($user, $loginbis);
$op = 'list';
- $page->trigSuccess('Email envoyé à ' . $forlife . '.');
+ $page->trigSuccess('Email envoyé à ' . $user->forlifeEmail() . '.');
break;
case 'correct':
S::assert_xsrf_token();
- switch_bestalias($target, $loginbis);
- XDB::execute("UPDATE aliases SET type='homonyme',expire=NOW() WHERE alias={?}", $loginbis);
- XDB::execute("REPLACE INTO homonymes (homonyme_id,user_id) VALUES({?},{?})", $target, $target);
- send_robot_homonyme($prenom, $nom, $forlife, $loginbis);
+ switch_bestalias($user, $loginbis);
+ XDB::execute("UPDATE aliases
+ SET type = 'homonyme', expire=NOW()
+ WHERE alias = {?}", $loginbis);
+ XDB::execute("REPLACE INTO homonymes (homonyme_id,user_id)
+ VALUES ({?}, {?})", $target, $target);
+ send_robot_homonyme($user, $loginbis);
$op = 'list';
- $page->trigSuccess('Email envoyé à ' . $forlife . ', alias supprimé.');
+ $page->trigSuccess('Email envoyé à ' . $user->forlifeEmail() . ', alias supprimé.');
break;
}
}
if ($op == 'list') {
$res = XDB::iterator(
- "SELECT a.alias AS homonyme,s.id AS user_id,s.alias AS forlife,
- promo,prenom,nom,
- IF(h.homonyme_id=s.id, a.expire, NULL) AS expire,
- IF(h.homonyme_id=s.id, a.type, NULL) AS type
+ "SELECT a.alias AS homonyme, s.alias AS forlife,
+ IF(h.homonyme_id = s.id, a.expire, NULL) AS expire,
+ IF(h.homonyme_id = s.id, a.type, NULL) AS type,
+ ac.uid AS user_id
FROM aliases AS a
LEFT JOIN homonymes AS h ON (h.homonyme_id = a.id)
INNER JOIN aliases AS s ON (s.id = h.user_id AND s.type='a_vie')
- INNER JOIN auth_user_md5 AS u ON (s.id=u.user_id)
- WHERE a.type='homonyme' OR a.expire!=''
- ORDER BY a.alias,promo");
+ INNER JOIN accounts AS ac ON (ac.uid = a.id)
+ WHERE a.type = 'homonyme' OR a.expire != ''
+ ORDER BY a.alias, forlife");
$hnymes = Array();
while ($tab = $res->next()) {
$hnymes[$tab['homonyme']][] = $tab;
}
}
- function handler_ax_xorg(&$page) {
+ function handler_ax_xorg(&$page)
+ {
$page->changeTpl('admin/ax-xorg.tpl');
$page->setTitle('Administration - AX/X.org');
// liste des différences
$res = XDB::query(
- 'SELECT u.promo,u.nom AS nom,u.prenom AS prenom,ia.nom AS nomax,ia.prenom AS prenomax,u.matricule AS mat,ia.matricule_ax AS matax
+ 'SELECT u.promo,u.nom AS nom, u.prenom AS prenom, ia.nom AS nomax,
+ ia.prenom AS prenomax, u.matricule AS mat, ia.matricule_ax AS matax
FROM auth_user_md5 AS u
INNER JOIN identification_ax AS ia ON u.matricule_ax = ia.matricule_ax
WHERE (SOUNDEX(u.nom) != SOUNDEX(ia.nom) AND SOUNDEX(CONCAT(ia.particule,u.nom)) != SOUNDEX(ia.nom)
$page->assign('plus', $res->fetchAllAssoc());
}
- function handler_deaths(&$page, $promo = 0, $validate = false) {
+ function handler_deaths(&$page, $promo = 0, $validate = false)
+ {
$page->changeTpl('admin/deces_promo.tpl');
$page->setTitle('Administration - Deces');
$page->assign('decedes', $res);
}
- function handler_dead_but_active(&$page) {
+ function handler_dead_but_active(&$page)
+ {
$page->changeTpl('admin/dead_but_active.tpl');
$page->setTitle('Administration - Décédés');
$page->assign('dead', $res);
}
- function handler_synchro_ax(&$page, $login = null, $action = null) {
+ function handler_synchro_ax(&$page, $login = null, $action = null)
+ {
$page->changeTpl('admin/synchro_ax.tpl');
$page->setTitle('Administration - Synchro AX');
} else if (Env::has('user')) {
$user = User::get(Env::v('user'));
} else if (Env::has('mat')) {
- $res = XDB::query("SELECT user_id FROM auth_user_md5 WHERE matricule = {?}", Env::i('mat'));
+ $res = XDB::query("SELECT user_id
+ FROM auth_user_md5
+ WHERE matricule = {?}",
+ Env::i('mat'));
$user = User::get($res->fetchOneCell());
} else {
return;
$page->assign('vit', new ValidateIterator());
}
- function handler_validate_answers(&$page, $action = 'list', $id = null) {
+ function handler_validate_answers(&$page, $action = 'list', $id = null)
+ {
$page->setTitle('Administration - Réponses automatiques de validation');
$page->assign('title', 'Gestion des réponses automatiques');
$table_editor = new PLTableEditor('admin/validate/answers','requests_answers','id');
$table_editor->describe('answer','texte',false);
$table_editor->apply($page, $action, $id);
}
- function handler_skins(&$page, $action = 'list', $id = null) {
+
+ function handler_skins(&$page, $action = 'list', $id = null)
+ {
$page->setTitle('Administration - Skins');
$page->assign('title', 'Gestion des skins');
$table_editor = new PLTableEditor('admin/skins','skins','id');
$table_editor->apply($page, $action, $id);
}
- function handler_postfix_blacklist(&$page, $action = 'list', $id = null) {
+ function handler_postfix_blacklist(&$page, $action = 'list', $id = null)
+ {
$page->setTitle('Administration - Postfix : Blacklist');
$page->assign('title', 'Blacklist de postfix');
$table_editor = new PLTableEditor('admin/postfix/blacklist','postfix_blacklist','email', true);
$table_editor->describe('email','email',true);
$table_editor->apply($page, $action, $id);
}
- function handler_postfix_whitelist(&$page, $action = 'list', $id = null) {
+
+ function handler_postfix_whitelist(&$page, $action = 'list', $id = null)
+ {
$page->setTitle('Administration - Postfix : Whitelist');
$page->assign('title', 'Whitelist de postfix');
$table_editor = new PLTableEditor('admin/postfix/whitelist','postfix_whitelist','email', true);
$table_editor->describe('email','email',true);
$table_editor->apply($page, $action, $id);
}
- function handler_mx_broken(&$page, $action = 'list', $id = null) {
+
+ function handler_mx_broken(&$page, $action = 'list', $id = null)
+ {
$page->setTitle('Administration - MX Défaillants');
$page->assign('title', 'MX Défaillant');
$table_editor = new PLTableEditor('admin/mx/broken', 'mx_watch', 'host', true);
$table_editor->describe('text', 'Description du problème', false);
$table_editor->apply($page, $action, $id);
}
- function handler_logger_actions(&$page, $action = 'list', $id = null) {
+
+ function handler_logger_actions(&$page, $action = 'list', $id = null)
+ {
$page->setTitle('Administration - Actions');
$page->assign('title', 'Gestion des actions de logger');
$table_editor = new PLTableEditor('admin/logger/actions','logger.actions','id');
$table_editor->describe('description','description',true);
$table_editor->apply($page, $action, $id);
}
+
function handler_downtime(&$page, $action = 'list', $id = null) {
$page->setTitle('Administration - Coupures');
$page->assign('title', 'Gestion des coupures');
function handler_wiki(&$page, $action = 'list', $wikipage = null, $wikipage2 = null)
{
- if (S::v('core_rss_hash')) {
+ if (S::hasAuthToken()) {
$page->setRssLink('Changement Récents',
- '/Site/AllRecentChanges?action=rss&user=' . S::v('hruid') . '&hash=' . S::v('core_rss_hash'));
+ '/Site/AllRecentChanges?action=rss&user=' . S::v('hruid') . '&hash=' . S::v('token'));
}
// update wiki perms
$sql = "SELECT w.ip, IF(s.ip IS NULL,
IF(w.ip = s2.ip, s2.host, s2.forward_host),
IF(w.ip = s.ip, s.host, s.forward_host)),
- w.mask, w.detection, w.state, u.hruid
+ w.mask, w.detection, w.state, a.hruid
FROM ip_watch AS w
LEFT JOIN logger.sessions AS s ON (s.ip = w.ip)
LEFT JOIN logger.sessions AS s2 ON (s2.forward_ip = w.ip)
- LEFT JOIN auth_user_md5 AS u ON (u.user_id = s.uid)
- GROUP BY w.ip, u.hruid
- ORDER BY w.state, w.ip, u.hruid";
+ LEFT JOIN accounts AS a ON (a.uid = s.uid)
+ GROUP BY w.ip, a.hruid
+ ORDER BY w.state, w.ip, a.hruid";
$it = Xdb::iterRow($sql);
$table = array();
$page->assign('table', $table);
} elseif ($action == 'edit') {
$sql = "SELECT w.detection, w.state, w.last, w.description, w.mask,
- u1.hruid AS edit, u2.hruid AS hruid, s.host
+ a1.hruid AS edit, a2.hruid AS hruid, s.host
FROM ip_watch AS w
- LEFT JOIN auth_user_md5 AS u1 ON (u1.user_id = w.uid)
+ LEFT JOIN accounts AS a1 ON (a1.uid = w.uid)
LEFT JOIN logger.sessions AS s ON (w.ip = s.ip)
- LEFT JOIN auth_user_md5 AS u2 ON (u2.user_id = s.uid)
+ LEFT JOIN accounts AS a2 ON (a2.uid = s.uid)
WHERE w.ip = {?}
- GROUP BY u2.hruid
- ORDER BY u2.hruid";
+ GROUP BY a2.hruid
+ ORDER BY a2.hruid";
$it = Xdb::iterRow($sql, ip_to_uint($ip));
$props = array();
function handler_accounts(&$page)
{
$page->changeTpl('admin/accounts.tpl');
- $page->assign('disabled', XDB::iterator('SELECT u.nom, u.prenom, u.promo, u.comment, u.hruid
- FROM auth_user_md5 AS u
- WHERE perms = \'disabled\'
- ORDER BY nom, prenom'));
- $page->assign('admins', XDB::iterator('SELECT u.nom, u.prenom, u.promo, u.hruid
- FROM auth_user_md5 AS u
- WHERE perms = \'admin\'
- ORDER BY nom, prenom'));
+ $page->assign('disabled', XDB::iterator('SELECT a.hruid, FIND_IN_SET(\'watch\', a.flags) AS watch,
+ a.state = \'disabled\' AS disabled, a.comment
+ FROM accounts AS a
+ WHERE a.state = \'disabled\' OR FIND_IN_SET(\'watch\', a.flags)
+ ORDER BY a.hruid'));
+ $page->assign('admins', XDB::iterator('SELECT a.hruid
+ FROM accounts AS a
+ WHERE a.is_admin
+ ORDER BY a.hruid'));
}
}
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
-function select_if_homonyme($uid) {
- $res = XDB::query("SELECT prenom,nom,a.alias AS forlife,h.alias AS loginbis
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id=u.user_id AND a.type='a_vie')
- INNER JOIN aliases AS h ON (h.id=u.user_id AND h.expire!='')
- WHERE user_id = {?}", $uid);
- return $res->fetchOneRow();
+function select_if_homonyme(PlUser &$user) {
+ return XDB::fetchOneCell("SELECT a.alias
+ FROM aliases AS a
+ WHERE a.id = {?} AND a.expire != ''",
+ $user->id());
}
-function send_warning_homonyme($prenom, $nom, $forlife, $loginbis) {
+function send_warning_homonyme(PlUser &$user, $loginbis) {
global $globals;
$cc = "support+homonyme@" . $globals->mail->domain;
$FROM = "\"Support Polytechnique.org\" <$cc>";
$mymail = new PlMailer();
$mymail->setFrom($FROM);
- $mymail->setSubject("Dans 2 semaines, suppression de $loginbis@" . $globals->mail->domain);
- $mymail->addTo("$prenom $nom <$forlife@" . $globals->mail->domain . '>');
$mymail->addCc($cc);
+ $mymail->setSubject("Dans 2 semaines, suppression de $loginbis@" . $globals->mail->domain);
$mymail->setTxtBody(Env::v('mailbody'));
- $mymail->send();
+ $mymail->sendTo($user);
}
-function send_robot_homonyme($prenom, $nom, $forlife, $loginbis) {
+function send_robot_homonyme(PlUser &$user, $loginbis) {
global $globals;
$cc = "support+homonyme@" . $globals->mail->domain;
$FROM = "\"Support Polytechnique.org\" <$cc>";
$mymail = new PlMailer();
$mymail->setFrom($FROM);
$mymail->setSubject("Mise en place du robot $loginbis@" . $globals->mail->domain);
- $mymail->addTo("$prenom $nom <$forlife@" . $globals->mail->domain . '>');
$mymail->addCc($cc);
$mymail->setTxtBody(Env::v('mailbody'));
- $mymail->send();
+ $mymail->sendTo($user);
}
-function switch_bestalias($uid, $loginbis) {
+function switch_bestalias(PlUser &$user, $loginbis) {
// check if loginbis was the bestalias
- $res = XDB::query("SELECT alias FROM aliases WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", $uid);
- $bestalias = $res->fetchOneCell();
- if ($bestalias && $bestalias != $loginbis) return false;
+ $bestailas = XDB::fetchOneCell("SELECT alias
+ FROM aliases
+ WHERE id = {?} AND FIND_IN_SET('bestalias', flags)",
+ $user->id());
+ if ($bestalias && $bestalias != $loginbis) {
+ return false;
+ }
// select the shortest alias still alive
- $res = XDB::query("SELECT alias FROM aliases WHERE id = {?} AND alias != {?} AND expire IS NULL ORDER BY LENGTH(alias) LIMIT 1", $uid, $loginbis);
- $newbest = $res->fetchOneCell();
+ $newbest = XDB::fetchOneCell("SELECT alias
+ FROM aliases
+ WHERE id = {?} AND alias != {?} AND expire IS NULL
+ ORDER BY LENGTH(alias)
+ LIMIT 1", $user->id(), $loginbis);
// change the bestalias flag
- XDB::execute("UPDATE aliases SET flags = (flags & (255 - 1)) | IF(alias = {?}, 1, 0) WHERE id = {?}", $newbest, $uid);
-
+ XDB::execute("UPDATE aliases
+ SET flags = (flags & (255 - 1)) | IF(alias = {?}, 1, 0)
+ WHERE id = {?}", $newbest, $user->id());
return $newbest;
}
$cle = $globals->core->econfiance;
- if (S::v('chall') && $_GET['PASS'] == md5(S::v('chall').$cle)) {
-
- $res = XDB::query("SELECT password FROM auth_user_md5 WHERE user_id=10154");
- $pass = $res->fetchOneCell();
+ $res = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n\n<membres>\n\n";
- $list = new MMList(10154, $pass, "x-econfiance.polytechnique.org");
+ if (S::v('chall') && $_GET['PASS'] == md5(S::v('chall').$cle)) {
+ $list = new MMList(User::getWithUID(10154), "x-econfiance.polytechnique.org");
$members = $list->get_members('membres');
if (is_array($members)) {
$membres = Array();
foreach($members[1] as $member) {
- if (preg_match('/^([^.]*.[^.]*.(\d\d\d\d))@polytechnique.org$/',
- $member[1], $matches))
- {
- $membres[] = "a.alias='{$matches[1]}'";
+ $user = User::getSilent($member[1]);
+ if ($user && $user->hasProfile()) {
+ $profile = $user->profile();
+ $res .= "<membre>\n";
+ $res .= "\t<nom>" . $profile->lastName() . "</nom>\n";
+ $res .= "\t<prenom>" . $profile->firstName() . "</prenom>\n";
+ $res .= "\t<email>" . $user->forlifeEmail() . "</email>\n";
+ $res .= "</membre>\n\n";
}
}
}
-
- $where = join(' OR ',$membres);
-
- $all = XDB::iterRow(
- "SELECT u.prenom,u.nom,a.alias
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON ( u.user_id = a.id AND a.type!='homonyme' )
- WHERE $where
- ORDER BY nom");
-
- $res = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n\n<membres>\n\n";
-
- while (list ($prenom1,$nom1,$email1) = $all->next()) {
- $res .= "<membre>\n";
- $res .= "\t<nom>$nom1</nom>\n";
- $res .= "\t<prenom>$prenom1</prenom>\n";
- $res .= "\t<email>$email1</email>\n";
- $res .= "</membre>\n\n";
- }
-
$res .= "</membres>\n\n";
header('Content-Type: text/xml; charset="UTF-8"');
// mise à jour de l'heure et de la machine de dernier login sauf quand on est en suid
$uid = S::i('uid');
- if (!isset($_SESSION['suid'])) {
+ if (!S::suid()) {
global $platal;
- S::logger(uid)->log('connexion_auth_ext', $platal->path);
+ S::logger($uid)->log('connexion_auth_ext', $platal->path);
}
/* on parcourt les entrees de groupes_auth */
$params = "";
$fieldarr = explode(',', $datafields);
- $res = XDB::query("SELECT matricule, matricule_ax, promo,
- promo_sortie, flags, deces, nom,
- prenom, nationalite, section,
- naissance
- FROM auth_user_md5 WHERE user_id = {?}",
- S::v('uid'));
- $personnal_data = $res->fetchOneAssoc();
+ $user =& S::user();
+ if ($user->hasProfile()) {
+ // XXX: Transition table for auth.
+ $personnal_data = $user->profile()->data();
+ $personnal_data['matricule'] = $personnal_data['xorg_id'];
+ $personnal_data['matricule_ax'] = $personnal_data['ax_id'];
+ $personnal_data['promo_sortie'] = $personnal_data['promo'] + 3; // FIXME: Hum, not that good
+ $personnal_data['nationalite'] = $personnal_data['nationality1'];
+ $personnal_data['naissance'] = $personnal_data['birthdate'];
+ $personnal_data['deces'] = $personnal_data['deathdate'];
+ $personnal_data['flags'] = $user->profile()->isFemale() ? 'femme' : '';
+ } else {
+ $personnal_data = array();
+ }
foreach ($fieldarr as $val) {
// Determine the requested value, and add it to the answer.
} else if (isset($personnal_data[$val])) {
$params .= gpex_prepare_param($val, $personnal_data[$val], $tohash, $charset);
} else if ($val == 'username') {
- $res = XDB::query("SELECT alias FROM aliases
+ $res = XDB::query("SELECT alias
+ FROM aliases
WHERE id = {?} AND FIND_IN_SET('bestalias', flags)",
- S::v('uid'));
+ S::i('uid'));
$min_username = $res->fetchOneCell();
$params .= gpex_prepare_param($val, $min_username, $tohash, $charset);
} else if ($val == 'grpauth') {
$perms = S::has_perms() ? 'admin' : 'membre';
}
$params .= gpex_prepare_param($val, $perms, $tohash, $charset);
+ } else {
+ $params .= gpex_prepare_param($val, '', $tohash, $charset);
}
}
$tohash .= "1";
$page->changeTpl('axletter/show.tpl');
$nl = new AXLetter($nid);
+ $user =& S::user();
if (Get::has('text')) {
- $nl->toText($page, S::v('prenom'), S::v('nom'), S::v('femme'));
+ $nl->toText($page, $user);
} else {
- $nl->toHtml($page, S::v('prenom'), S::v('nom'), S::v('femme'));
+ $nl->toHtml($page, $user);
}
if (Post::has('send')) {
- $nl->sendTo(S::user()->login(), S::user()->bestEmail(),
- S::v('prenom'), S::v('nom'),
- S::v('femme'), S::v('mail_fmt') != 'texte');
+ $nl->sendTo($user);
}
}
function _add_rss_link(&$page)
{
- if (!S::has('core_rss_hash')) {
+ if (!S::hasAuthToken()) {
return;
}
$page->setRssLink('Polytechnique.org :: Carnet',
- '/carnet/rss/'.S::v('hruid').'/'.S::v('core_rss_hash').'/rss.xml');
+ '/carnet/rss/'.S::v('hruid').'/'.S::v('token').'/rss.xml');
}
function handler_index(&$page)
// For XSRF protection, checks both the normal xsrf token, and the special RSS token.
// It allows direct linking to contact adding in the RSS feed.
- if (Env::v('action') && Env::v('token') !== S::v('core_rss_hash')) {
+ if (Env::v('action') && Env::v('token') !== S::v('token')) {
S::assert_xsrf_token();
}
switch (Env::v('action')) {
function handler_ical(&$page, $alias = null, $hash = null)
{
- require_once 'rss.inc.php';
- $uid = init_rss(null, $alias, $hash, false);
- if (S::logged()) {
- if (!$uid) {
- $uid = S::i('uid');
- } else if ($uid != S::i('uid')) {
- send_warning_email("Récupération d\'un autre utilisateur ($uid)");
+ $user = Platal::session()->tokenAuth($alias, $hash);
+ if (is_null($user)) {
+ if (S::logged()) {
+ $user == S::user();
+ } else {
+ return PL_FORBIDDEN;
}
- } else if (!$uid) {
- exit;
}
require_once 'ical.inc.php';
FROM contacts AS c
INNER JOIN auth_user_md5 AS u ON (u.user_id = c.contact)
INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type = \'a_vie\')
- WHERE c.uid = {?}', $uid);
+ WHERE c.uid = {?}', $user->id());
$annivs = Array();
while (list($prenom, $nom, $promo, $naissance, $end, $ts, $hruid) = $res->next()) {
FROM virtual
INNER JOIN virtual_redirect USING (vid)
WHERE alias = {?} AND (redirect = {?} OR redirect = {?})",
- $value, $user->forlifeEmail(),
- // TODO: remove this über-ugly hack. The issue is that you need
- // to remove all @m4x.org addresses in virtual_redirect first.
- $user->login() . '@' . $globals->mail->domain2);
+ $value, $user->forlifeEmail(), $user->m4xForlifeEmail());
}
// Fetch existing @alias_dom aliases.
- $res = XDB::query(
- "SELECT alias, emails_alias_pub
- FROM auth_user_quick, virtual
- INNER JOIN virtual_redirect USING(vid)
- WHERE (redirect = {?} OR redirect = {?})
- AND alias LIKE '%@{$globals->mail->alias_dom}' AND user_id = {?}",
- $user->forlifeEmail(),
- // TODO: remove this über-ugly hack. The issue is that you need
- // to remove all @m4x.org addresses in virtual_redirect first.
- $user->login() . '@' . $globals->mail->domain2, $user->id());
- list($alias, $visibility) = $res->fetchOneRow();
- $page->assign('actuel', $alias);
+ $alias = $user->emailAlias();
+ $visibility = $user->hasProfile() && $user->profile()->alias_pub;
if ($action == 'ask' && Env::has('alias') && Env::has('raison')) {
S::assert_xsrf_token();
//Si l'utilisateur vient de faire une damande
$alias = Env::v('alias');
$raison = Env::v('raison');
- $public = (Env::v('public', 'off') == 'on')?"public":"private";
+ $public = (Env::v('public', 'off') == 'on') ? 'public' : 'private';
$page->assign('r_alias', $alias);
$page->assign('r_raison', $raison);
}
//Quelques vérifications sur l'alias (caractères spéciaux)
- if (!preg_match( "/^[a-zA-Z0-9\-.]{3,20}$/", $alias)) {
+ if (!preg_match("/^[a-zA-Z0-9\-.]{3,20}$/", $alias)) {
$page->trigError("L'adresse demandée n'est pas valide."
. " Vérifie qu'elle comporte entre 3 et 20 caractères"
. " et qu'elle ne contient que des lettres non accentuées,"
. " des chiffres ou les caractères - et .");
return;
} else {
+ $alias_mail = $alias.'@'.$globals->mail->alias_dom;
+
//vérifier que l'alias n'est pas déja pris
- $res = XDB::query('SELECT COUNT(*) FROM virtual WHERE alias={?}',
- $alias.'@'.$globals->mail->alias_dom);
+ $res = XDB::query('SELECT COUNT(*)
+ FROM virtual
+ WHERE alias={?}',
+ $alias_mail);
if ($res->fetchOneCell() > 0) {
- $page->trigError("L'alias $alias@{$globals->mail->alias_dom} a déja été attribué.
- Tu ne peux donc pas l'obtenir.");
+ $page->trigError("L'alias $alias_mail a déja été attribué.
+ Tu ne peux donc pas l'obtenir.");
return;
}
//vérifier que l'alias n'est pas déja en demande
- $it = new ValidateIterator ();
+ $it = new ValidateIterator();
while($req = $it->next()) {
- if ($req->type == "alias" and $req->alias == $alias . '@' . $globals->mail->alias_dom) {
- $page->trigError("L'alias $alias@{$globals->mail->alias_dom} a déja été demandé.
+ if ($req->type == 'alias' and $req->alias == $alias_mail) {
+ $page->trigError("L'alias $alias_mail a déja été demandé.
Tu ne peux donc pas l'obtenir pour l'instant.");
return ;
}
return PL_FORBIDDEN;
}
- if ($value == 'public') {
- XDB::execute("UPDATE auth_user_quick SET emails_alias_pub = 'public'
- WHERE user_id = {?}", $user->id());
- } else {
- XDB::execute("UPDATE auth_user_quick SET emails_alias_pub = 'private'
- WHERE user_id = {?}", $user->id());
+ if ($user->hasProfile()) {
+ XDB::execute("UPDATE profiles
+ SET alias_pub = {?}
+ WHERE pid = {?}",
+ $value, $user->profile()->id());
}
-
- $visibility = $value;
+ $visibility = ($value == 'public');
}
- $page->assign('mail_public', ($visibility == 'public'));
+ $page->assign('actuel', $alias);
+ $page->assign('user', $user);
+ $page->assign('mail_public', $visibility);
}
function handler_redirect(&$page, $action = null, $email = null)
}
$res = XDB::query(
- "SELECT u.prenom, u.nom, u.promo, a.alias as forlife
- FROM auth_user_md5 AS u
- INNER JOIN contacts AS c ON (u.user_id = c.contact)
- INNER JOIN aliases AS a ON (u.user_id=a.id AND FIND_IN_SET('bestalias',a.flags))
+ "SELECT ac.full_name, a.alias as forlife
+ FROM accounts AS ac
+ INNER JOIN contacts AS c ON (ac.uid = c.contact)
+ INNER JOIN aliases AS a ON (ac.uid = a.id AND FIND_IN_SET('bestalias', a.flags))
WHERE c.uid = {?}
- ORDER BY u.nom, u.prenom", S::v('uid'));
+ ORDER BY ac.full_name", S::i('uid'));
$page->assign('contacts', $res->fetchAllAssoc());
$page->assign('maxsize', ini_get('upload_max_filesize') . 'o');
$page->assign('user', S::user());
$email = valide_email($email);
// vérifications d'usage
- $sel = XDB::query("SELECT uid FROM emails WHERE email = {?}", $email);
- if (($uid = $sel->fetchOneCell())) {
- $dest = User::getSilent($uid);
-
- // envoi du mail
- $message = "Bonjour !
-
-Cet email a été généré automatiquement par le service de patte cassée de
-Polytechnique.org car un autre utilisateur, " . S::user()->fullName() . ",
-nous a signalé qu'en t'envoyant un email, il avait reçu un message d'erreur
-indiquant que ton adresse de redirection $email
-ne fonctionnait plus !
-
-Nous te suggérons de vérifier cette adresse, et le cas échéant de mettre
-à jour sur le site <{$globals->baseurl}/emails> tes adresses
-de redirection...
-
-Pour plus de renseignements sur le service de patte cassée, n'hésite pas à
-consulter la page <{$globals->baseurl}/emails/broken>.
-
-
-À bientôt sur Polytechnique.org !
-L'équipe d'administration <support@" . $globals->mail->domain . '>';
-
- $mail = new PlMailer();
- $mail->setFrom('"Polytechnique.org" <support@' . $globals->mail->domain . '>');
- $mail->addTo($dest->bestEmail());
- $mail->setSubject("Une de tes adresse de redirection Polytechnique.org ne marche plus !!");
- $mail->setTxtBody($message);
- $mail->send();
+ $uid = XDB::fetchOneCell("SELECT uid
+ FROM emails
+ WHERE email = {?}", $email);
+ if ($uid) {
+ $dest = User::getWithUID($uid);
+
+ $mail = new PlMailer('emails/broken-web.mail.tpl');
+ $mail->assign('email', $email);
+ $mail->assign('request', S::user());
+ $mail->sendTo($dest);
$page->trigSuccess("Email envoyé !");
}
} elseif (Post::has('email')) {
$page->assign('neuneu', true);
} else {
$page->assign('email',$email);
- $sel = XDB::query(
- "SELECT e1.uid, e1.panne != 0 AS panne,
- (count(e2.uid) + IF(FIND_IN_SET('googleapps', u.mail_storage), 1, 0)) AS nb_mails,
- u.nom, u.prenom, u.promo, u.hruid
- FROM emails as e1
- LEFT JOIN emails as e2 ON(e1.uid = e2.uid
+ $x = XDB::fetchOneAssoc("SELECT e1.uid, e1.panne != 0 AS panne,
+ (count(e2.uid) + IF(FIND_IN_SET('googleapps', eo.storage), 1, 0)) AS nb_mails
+ FROM emails as e1
+ INNER JOIN email_options AS eo ON (eo.uid = e1.uid)
+ LEFT JOIN emails as e2 ON(e1.uid = e2.uid
AND FIND_IN_SET('active', e2.flags)
AND e1.email != e2.email)
- INNER JOIN auth_user_md5 as u ON(e1.uid = u.user_id)
- WHERE e1.email = {?}
- GROUP BY e1.uid", $email);
- if ($x = $sel->fetchOneAssoc()) {
+ WHERE e1.email = {?}
+ GROUP BY e1.uid", $email);
+ if ($x) {
// on écrit dans la base que l'adresse est cassée
if (!$x['panne']) {
- XDB::execute("UPDATE emails
- SET panne=NOW(),
- last=NOW(),
- panne_level = 1
- WHERE email = {?}", $email);
+ XDB::execute("UPDATE emails
+ SET panne=NOW(), last=NOW(), panne_level = 1
+ WHERE email = {?}", $email);
} else {
- XDB::execute("UPDATE emails
- SET panne_level = 1
- WHERE email = {?} AND panne_level = 0", $email);
+ XDB::execute("UPDATE emails
+ SET panne_level = 1
+ WHERE email = {?} AND panne_level = 0", $email);
}
+ $x['user'] = User::getWithUID($x['uid']);
$page->assign_by_ref('x', $x);
}
}
$page->assign('doublon', $props);
}
}
+
function handler_lost(&$page, $action = 'list', $email = null)
{
$page->changeTpl('emails/lost.tpl');
- $page->assign('lost_emails', XDB::iterator("
- SELECT u.user_id, u.hruid
- FROM auth_user_md5 AS u
- LEFT JOIN emails AS e ON (u.user_id = e.uid AND FIND_IN_SET('active', e.flags))
- WHERE e.uid IS NULL AND FIND_IN_SET('googleapps', u.mail_storage) = 0 AND
- u.deces = 0 AND u.perms IN ('user', 'admin', 'disabled')
- ORDER BY u.promo DESC, u.nom, u.prenom"));
+ // TODO: Order by promo.
+ $page->assign('lost_emails',
+ XDB::iterator("SELECT a.uid, a.hruid
+ FROM accounts AS a
+ INNER JOIN email_options AS eo ON (eo.uid = a.uid)
+ LEFT JOIN emails AS e ON (a.uid = e.uid AND FIND_IN_SET('active', e.flags))
+ WHERE e.uid IS NULL AND FIND_IN_SET('googleapps', eo.storage) = 0 AND
+ a.state = 'active'
+ ORDER BY a.hruid"));
}
}
$page->assign('geoloc_incitation', count($res));
// Direct link to the RSS feed, when available.
- if (S::rssActivated()) {
+ if (S::hasAuthToken()) {
$page->setRssLink('Polytechnique.org :: News',
- '/rss/'.S::v('hruid') .'/'.S::v('core_rss_hash').'/rss.xml');
+ '/rss/'.S::v('hruid') .'/'.S::v('token').'/rss.xml');
}
// Hide the read event, and reload the page to get to the next event.
{
if (is_null($file)) {
if (is_null($hash)) {
- exit;
+ return PL_FORBIDDEN;
}
$this->handler_rss($page, null, $group, $alias, $hash);
}
- require_once('rss.inc.php');
- $uid = init_rss(null, $alias, $hash);
- if (!$uid) {
- exit;
+ $user = Platal::session()->tokenAuth($alias, $hash);
+ if (is_null($user)) {
+ return PL_FORBIDDEN;
}
- $res = XDB::query("SELECT id AS uid, alias AS forlife
- FROM aliases
- WHERE type = 'a_vie' AND id = {?}", $uid);
- $row = $res->fetchOneAssoc();
- $_SESSION = array_merge($row, $_SESSION);
require_once 'banana/forum.inc.php';
- $banana = new ForumsBanana(S::user(), array('group' => $group, 'action' => 'rss2'));
+ $banana = new ForumsBanana($user, array('group' => $group, 'action' => 'rss2'));
$banana->run();
exit;
}
{
$page->setTitle('Administration - Bannissements des forums');
$page->assign('title', 'Gestion des mises au ban');
- $table_editor = new PLTableEditor('admin/forums','forums.innd','id_innd');
+ $table_editor = new PLTableEditor('admin/forums','forum_innd','id_innd');
$table_editor->add_sort_field('priority', true, true);
$table_editor->describe('read_perm','lecture',true);
$table_editor->describe('write_perm','écriture',true);
);
}
- function prepare_client(&$page)
+ function prepare_client(&$page, $user = null)
{
global $globals;
$this->load('lists.inc.php');
+ if (is_null($user)) {
+ $user = S::user();
+ }
- $this->client = new MMList(S::v('uid'), S::v('password'));
+ $this->client = new MMList($user);
return $globals->mail->domain;
}
function handler_rss(&$page, $liste = null, $alias = null, $hash = null)
{
- require_once('rss.inc.php');
- $uid = init_rss(null, $alias, $hash);
- if (!$uid || !$liste) {
- exit;
+ if (!$liste) {
+ return PL_NOT_FOUND;
+ }
+ $user = Platal::session()->tokenAuth($alias, $hash);
+ if (is_null($user)) {
+ return PL_FORBIDDEN;
}
- $res = XDB::query("SELECT user_id AS uid, password, alias AS forlife
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type = 'a_vie')
- WHERE u.user_id = {?}", $uid);
- $row = $res->fetchOneAssoc();
- $_SESSION = array_merge($row, $_SESSION);
-
- $domain = $this->prepare_client($page);
+ $domain = $this->prepare_client($page, $user);
if (list($det) = $this->client->get_members($liste)) {
if (substr($liste,0,5) != 'promo' && ($det['ins'] || $det['priv'])
&& !$det['own'] && ($det['sub'] < 2)) {
exit;
}
require_once('banana/ml.inc.php');
- $banana = new MLBanana(S::user(), Array('listname' => $liste, 'domain' => $domain, 'action' => 'rss2'));
+ $banana = new MLBanana($user, Array('listname' => $liste, 'domain' => $domain, 'action' => 'rss2'));
$banana->run();
}
exit;
}
}
- function handler_admin_all(&$page) {
+ function handler_admin_all(&$page)
+ {
$page->changeTpl('lists/admin_all.tpl');
$page->setTitle('Administration - Mailing lists');
- $client = new MMList(S::v('uid'), S::v('password'));
- $listes = $client->get_all_lists();
+ $this->prepare_client($page);
+ $listes = $this->client->get_all_lists();
$page->assign_by_ref('listes', $listes);
}
}
require_once 'newsletter.inc.php';
$nl = new NewsLetter($nid);
+ $user =& S::user();
if (Get::has('text')) {
- $nl->toText($page, S::v('prenom'), S::v('nom'), S::v('femme'));
+ $nl->toText($page, $user);
} else {
- $nl->toHtml($page, S::v('prenom'), S::v('nom'), S::v('femme'));
+ $nl->toHtml($page, $user);
}
if (Post::has('send')) {
- $res = XDB::query("SELECT hash FROM newsletter_ins WHERE user_id = {?}", S::i('uid'));
- $nl->sendTo(S::user()->login(), S::user()->bestEmail(),
- S::v('prenom'), S::v('nom'),
- S::v('femme'), S::v('mail_fmt') != 'texte',
- $res->fetchOneCell());
+ $nl->sendTo($user);
}
}
if (S::logged()) {
pl_redirect('events');
} else if (!@$GLOBALS['IS_XNET_SITE']) {
- pl_redirect('review');
+ $this->handler_review($page);
}
}
exit;
}
- function handler_changelog(&$page)
+ function handler_changelog(&$page, $core = null)
{
$page->changeTpl('platal/changeLog.tpl');
- $clog = pl_entities(file_get_contents(dirname(__FILE__).'/../ChangeLog'));
- $clog = preg_replace('/===+\s*/', '</pre><hr /><pre>', $clog);
- // url catch only (not all wiki syntax)
- $clog = preg_replace(array(
- '/((?:https?|ftp):\/\/(?:\.*,*[\w@~%$£µ&i#\-+=_\/\?;])*)/ui',
- '/(\s|^)www\.((?:\.*,*[\w@~%$£µ&i#\-+=_\/\?;])*)/iu',
- '/(?:mailto:)?([a-z0-9.\-+_]+@([\-.+_]?[a-z0-9])+)/i'),
- array(
- '<a href="\\0">\\0</a>',
- '\\1<a href="http://www.\\2">www.\\2</a>',
- '<a href="mailto:\\0">\\0</a>'),
- $clog);
- $clog = preg_replace('!(#[0-9]+(,[0-9]+)*)!e', 'bugize("\1")', $clog);
- $clog = preg_replace('!vim:.*$!', '', $clog);
- $clog = preg_replace("!(<hr />(\\s|\n)*)?<pre>(\s|\n)*</pre>((\\s|\n)*<hr />)?!m", "", "<pre>$clog</pre>");
- $page->assign('ChangeLog', $clog);
+ function formatChangeLog($file) {
+ $clog = pl_entities(file_get_contents($file));
+ $clog = preg_replace('/===+\s*/', '</pre><hr /><pre>', $clog);
+ // url catch only (not all wiki syntax)
+ $clog = preg_replace(array(
+ '/((?:https?|ftp):\/\/(?:\.*,*[\w@~%$£µ&i#\-+=_\/\?;])*)/ui',
+ '/(\s|^)www\.((?:\.*,*[\w@~%$£µ&i#\-+=_\/\?;])*)/iu',
+ '/(?:mailto:)?([a-z0-9.\-+_]+@([\-.+_]?[a-z0-9])+)/i'),
+ array(
+ '<a href="\\0">\\0</a>',
+ '\\1<a href="http://www.\\2">www.\\2</a>',
+ '<a href="mailto:\\0">\\0</a>'),
+ $clog);
+ $clog = preg_replace('!(#[0-9]+(,[0-9]+)*)!e', 'bugize("\1")', $clog);
+ $clog = preg_replace('!vim:.*$!', '', $clog);
+ return preg_replace("!(<hr />(\\s|\n)*)?<pre>(\s|\n)*</pre>((\\s|\n)*<hr />)?!m", "", "<pre>$clog</pre>");
+ }
+ if ($core != 'core') {
+ $page->assign('core', false);
+ $page->assign('ChangeLog', formatChangeLog(dirname(__FILE__).'/../ChangeLog'));
+ } else {
+ $page->assign('core', true);
+ $page->assign('ChangeLog', formatChangeLog(dirname(__FILE__).'/../core/ChangeLog'));
+ }
}
function __set_rss_state($state)
{
if ($state) {
- $_SESSION['core_rss_hash'] = rand_url_id(16);
- XDB::execute('UPDATE auth_user_quick
- SET core_rss_hash={?} WHERE user_id={?}',
- S::v('core_rss_hash'), S::v('uid'));
+ S::set('token', rand_url_id(16));
+ XDB::execute('UPDATE accounts
+ SET token = {?}
+ WHERE uid = {?}', S::s('token'), S::i('uid'));
} else {
- XDB::execute('UPDATE auth_user_quick
- SET core_rss_hash="" WHERE user_id={?}',
- S::v('uid'));
- S::kill('core_rss_hash');
+ S::kill('token');
+ XDB::execute('UPDATE accounts
+ SET token = NULL
+ WHERE uid = {?}', S::i('uid'));
}
}
$page->changeTpl('platal/preferences.tpl');
$page->setTitle('Mes préférences');
- if (Post::has('mail_fmt')) {
- $fmt = Post::v('mail_fmt');
- if ($fmt != 'texte') $fmt = 'html';
- XDB::execute("UPDATE auth_user_quick
- SET core_mail_fmt = '$fmt'
- WHERE user_id = {?}",
- S::v('uid'));
- $_SESSION['mail_fmt'] = $fmt;
+ if (Post::has('email_format')) {
+ $fmt = Post::s('email_format');
+ XDB::execute("UPDATE accounts
+ SET email_format = {?}
+ WHERE uid = {?}",
+ $fmt, S::v('uid'));
+ S::set('email_format', $fmt);
}
if (Post::has('rss')) {
function handler_webredir(&$page)
{
$page->changeTpl('platal/webredirect.tpl');
-
$page->setTitle('Redirection de page WEB');
- $log =& S::v('log');
- $url = Env::v('url');
-
- if (Env::v('submit') == 'Valider' and Env::has('url')) {
- XDB::execute('UPDATE auth_user_quick
- SET redirecturl = {?} WHERE user_id = {?}',
- $url, S::v('uid'));
- S::logger()->log('carva_add', 'http://'.Env::v('url'));
- $page->trigSuccess("Redirection activée vers <a href='http://$url'>$url</a>");
- } elseif (Env::v('submit') == "Supprimer") {
- XDB::execute("UPDATE auth_user_quick
- SET redirecturl = ''
- WHERE user_id = {?}",
- S::v('uid'));
- S::logger()->log("carva_del", $url);
+ if (Env::v('submit') == 'Valider' && !Env::blank('url')) {
+ if (Env::blank('url')) {
+ $page->trigError('URL invalide');
+ } else {
+ $url = Env::t('url');
+ XDB::execute('REPLACE INTO carvas (uid, url)
+ VALUES ({?}, {?})',
+ S::i('uid'), $url);
+ S::logger()->log('carva_add', 'http://' . $url);
+ $page->trigSuccess("Redirection activée vers <a href='http://$url'>$url</a>");
+ }
+ } elseif (Env::v('submit') == 'Supprimer') {
+ XDB::execute('DELETE FROM carvas
+ WHERE uid = {?}', S::i('uid'));
Post::kill('url');
+ S::logger()->log('carva_del');
$page->trigSuccess('Redirection supprimée');
}
- $res = XDB::query('SELECT redirecturl
- FROM auth_user_quick
- WHERE user_id = {?}',
- S::v('uid'));
- $page->assign('carva', $res->fetchOneCell());
+ $url = XDB::fetchOneCell('SELECT url
+ FROM carvas
+ WHERE uid = {?}', S::i('uid'));
+ $page->assign('carva', $url);
# FIXME: this code is not multi-domain compatible. We should decide how
# carva will extend to users not in the main domain.
global $globals;
if (Post::has('response2')) {
- require_once 'secure_hash.inc.php';
S::assert_xsrf_token();
- $_SESSION['password'] = $password = Post::v('response2');
-
- XDB::execute('UPDATE auth_user_md5
- SET password={?}
- WHERE user_id={?}', $password,
- S::v('uid'));
+ S::set('password', $password = Post::v('response2'));
+ XDB::execute('UPDATE accounts
+ SET password = {?}
+ WHERE uid={?}', $password,
+ S::i('uid'));
// If GoogleApps is enabled, and the user did choose to use synchronized passwords,
// updates the Google Apps password as well.
$wp = new PlWikiPage('Xorg.NNTPSécurisé');
$wp->buildCache();
- $uid = S::v('uid');
+ $uid = S::i('uid');
$pass = Env::v('smtppass1');
- $log = S::v('log');
if (Env::v('op') == "Valider" && strlen($pass) >= 6
- && Env::v('smtppass1') == Env::v('smtppass2'))
- {
- XDB::execute('UPDATE auth_user_md5 SET smtppass = {?}
- WHERE user_id = {?}', $pass, $uid);
+ && Env::v('smtppass1') == Env::v('smtppass2')) {
+ XDB::execute('UPDATE accounts
+ SET weak_password = {?}
+ WHERE uid = {?}', $pass, $uid);
$page->trigSuccess('Mot de passe enregistré');
S::logger()->log("passwd_ssl");
} elseif (Env::v('op') == "Supprimer") {
- XDB::execute('UPDATE auth_user_md5 SET smtppass = ""
- WHERE user_id = {?}', $uid);
+ XDB::execute('UPDATE accounts
+ SET weak_password = NULL
+ WHERE uid = {?}', $uid);
$page->trigSuccess('Compte SMTP et NNTP supprimé');
S::logger()->log("passwd_del");
}
- $res = XDB::query("SELECT IF(smtppass != '', 'actif', '')
- FROM auth_user_md5
- WHERE user_id = {?}", $uid);
+ $res = XDB::query("SELECT weak_password IS NOT NULL
+ FROM accounts
+ WHERE uid = {?}", $uid);
$page->assign('actif', $res->fetchOneCell());
}
$mailorg = strtok(Env::v('login'), '@');
- // paragraphe rajouté : si la date de naissance dans la base n'existe pas, on l'update
- // avec celle fournie ici en espérant que c'est la bonne
-
+ // XXX: recovery requires usage of profile data.
$res = XDB::query(
"SELECT user_id, naissance
FROM auth_user_md5 AS u
function handler_tmpPWD(&$page, $certif = null)
{
global $globals;
- XDB::execute('DELETE FROM perte_pass
- WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created');
+ // XXX: recovery requires data from the profile
+ XDB::execute('DELETE FROM perte_pass
+ WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created');
- $res = XDB::query('SELECT uid FROM perte_pass WHERE certificat={?}', $certif);
+ $res = XDB::query('SELECT uid
+ FROM perte_pass WHERE certificat={?}', $certif);
$ligne = $res->fetchOneAssoc();
if (!$ligne) {
$page->changeTpl('platal/index.tpl');
$uid = $ligne["uid"];
if (Post::has('response2')) {
$password = Post::v('response2');
- XDB::query('UPDATE auth_user_md5 SET password={?}
- WHERE user_id={?} AND perms IN("admin","user")',
- $password, $uid);
- XDB::query('DELETE FROM perte_pass WHERE certificat={?}', $certif);
+ XDB::query('UPDATE accounts
+ SET password={?}
+ WHERE uid = {?} AND state = \'active\'',
+ $password, $uid);
+ XDB::query('DELETE FROM perte_pass
+ WHERE certificat={?}', $certif);
// If GoogleApps is enabled, and the user did choose to use synchronized passwords,
// updates the Google Apps password as well.
$page->setTitle('Skins');
if (Env::has('newskin')) { // formulaire soumis, traitons les données envoyées
- XDB::execute('UPDATE auth_user_quick
- SET skin={?} WHERE user_id={?}',
- Env::i('newskin'), S::v('uid'));
+ XDB::execute('UPDATE accounts
+ SET skin = {?}
+ WHERE uid = {?}',
+ Env::i('newskin'), S::i('uid'));
S::kill('skin');
Platal::session()->setSkin();
}
- $res = XDB::query('SELECT id FROM skins WHERE skin_tpl={?}', S::v('skin'));
+ $res = XDB::query('SELECT id
+ FROM skins
+ WHERE skin_tpl = {?}', S::v('skin'));
$page->assign('skin_id', $res->fetchOneCell());
- $sql = "SELECT s.*,auteur,count(*) AS nb
- FROM skins AS s
- LEFT JOIN auth_user_quick AS a ON s.id=a.skin
- WHERE skin_tpl != '' AND ext != ''
- GROUP BY id ORDER BY s.date DESC";
+ $sql = 'SELECT s.*, auteur, COUNT(*) AS nb
+ FROM skins AS s
+ LEFT JOIN accounts AS a ON (a.skin = s.id)
+ WHERE skin_tpl != \'\' AND ext != \'\'
+ GROUP BY id ORDER BY s.date DESC';
$page->assign('skins', XDB::iterator($sql));
}
function handler_exit(&$page, $level = null)
{
- if (S::has('suid')) {
- $suid = S::v('suid');
- $log = S::v('log');
- S::logger()->log("suid_stop", S::user()->login() . " by " . $suid['hruid']);
+ if (S::suid()) {
+ S::logger()->log('suid_stop', S::user()->login() . " by " . S::suid('hruid'));
Platal::session()->stopSUID();
pl_redirect('admin/user/' . S::user()->login());
}
// Update the last modification date
XDB::execute('REPLACE INTO user_changes
SET user_id = {?}', S::v('uid'));
- if (!S::has('suid')) {
+ if (!S::suid()) {
register_watch_op(S::i('uid'), WATCH_FICHE);
}
global $platal;
$p_for = 'xorg.promo.x' . $promo;
$cible = array('xorg.general', 'xorg.pa.divers', 'xorg.pa.logements', $p_for);
foreach ($cible as $val) {
- XDB::execute("INSERT INTO forums.abos (fid,uid)
- SELECT fid, {?} FROM forums.list WHERE nom={?}", $uid, $val);
+ XDB::execute('INSERT INTO forum_subs (fid,uid)
+ SELECT fid, {?}
+ FROM forum
+ WHERE name = {?}', $uid, $val);
if (XDB::affectedRows() == 0 && $val == $p_for) {
$res = XDB::query("SELECT SUM(perms IN ('admin','user') AND deces = 0), COUNT(*)
FROM auth_user_md5
{
global $globals;
extract($sub_state);
- require_once('secure_hash.inc.php');
$pass = rand_pass();
- $pass_encrypted = hash_encrypt($pass);
+ $pass_encrypted = sha1($pass);
$hash = rand_url_id(12);
XDB::execute('UPDATE auth_user_md5 SET last_known_email={?} WHERE matricule = {?}', $email, $mat);
function handler_graph_evo(&$page, $jours = 365)
{
- define('DUREEJOUR',24*3600);
+ define('DUREEJOUR', 24 * 3600);
//recupere le nombre d'inscriptions par jour sur la plage concernée
- $res = XDB::iterRow(
- "SELECT IF( date_ins>DATE_SUB(NOW(),INTERVAL $jours DAY),
- TO_DAYS(date_ins)-TO_DAYS(NOW()),
- ".(-($jours+1)).") AS jour,
- COUNT(user_id) AS nb
- FROM auth_user_md5
- WHERE perms IN ('admin','user') AND deces = 0
- GROUP BY jour");
+ // FIXME: don't count dead peaple
+ $res = XDB::iterRow('SELECT IF(registration_date > DATE_SUB(NOW(), INTERVAL {?} DAY),
+ TO_DAYS(registration_date) - TO_DAYS(NOW()),
+ -{?}) AS jour,
+ COUNT(uid) AS nb
+ FROM accounts
+ WHERE state = \'active\'
+ GROUP BY jour', (int)$jours, 1 + (int)$jours);
//genere des donnees compatibles avec GNUPLOT
$inscrits='';
$depart = 1930;
//recupere le nombre d'inscriptions par jour sur la plage concernée
- $res = XDB::iterRow(
- "SELECT promo, SUM(perms IN ('admin', 'user')) / COUNT(*) * 100
- FROM auth_user_md5
- WHERE promo >= $depart AND deces = 0
- GROUP BY promo");
+ // XXX: Manage dead peaple...
+ $res = XDB::iterRow("SELECT pe.entry_year AS promo, SUM(state = 'active') / COUNT(*) * 100
+ FROM accounts AS a
+ INNER JOIN account_profiles AS ap ON (ap.uid = a.uid AND FIND_IN_SET('owner', ap.perms))
+ INNER JOIN profile_education AS pe ON (pe.uid = ap.pid AND FIND_IN_SET('primary', pe.flags))
+ WHERE pe.entry_year >= {?}
+ GROUP BY promo", $depart);
//genere des donnees compatibles avec GNUPLOT
$inscrits='';
} else {
//nombre de jours sur le graph
$jours = 365;
- define('DUREEJOUR',24*3600);
- $res = XDB::query(
- "SELECT min(TO_DAYS(date_ins)-TO_DAYS(now()))
- FROM auth_user_md5
- WHERE promo = {?} AND perms IN ('admin', 'user') AND deces = 0",
- $promo);
+ define('DUREEJOUR', 24 * 3600);
+
+ // XXX: And promo again \o/
+ $res = XDB::query("SELECT MIN(TO_DAYS(a.registration_date) - TO_DAYS(NOW()))
+ FROM accounts AS a
+ INNER JOIN account_profiles AS ap ON (ap.uid = a.uid AND FIND_IN_SET('owner', ap.perms))
+ INNER JOIN profile_education AS pe ON (pe.uid = ap.pid AND FIND_IN_SET('primary', pe.flags))
+ WHERE pe.entry_year = {?} AND a.state = 'active'", (int)$promo);
$jours = -$res->fetchOneCell();
//recupere le nombre d'inscriptions par jour sur la plage concernée
- $res = XDB::iterRow(
- "SELECT IF( date_ins>DATE_SUB(NOW(),INTERVAL $jours DAY),
- TO_DAYS(date_ins)-TO_DAYS(NOW()),
- ".(-($jours+1)).") AS jour,
- COUNT(user_id) AS nb
- FROM auth_user_md5
- WHERE promo = {?} AND perms IN ('admin','user') AND deces = 0
- GROUP BY jour", $promo);
+ $res = XDB::iterRow("SELECT IF(a.registration_date > DATE_SUB(NOW(), INTERVAL {?} DAY),
+ TO_DAYS(a.registration_date) - TO_DAYS(NOW()),
+ -{?}) AS jour,
+ COUNT(a.uid) AS nb
+ FROM accounts AS a
+ INNER JOIN account_profiles AS ap ON (ap.uid = a.uid AND FIND_IN_SET('owner', ap.perms))
+ INNER JOIN profile_education AS pe ON (pe.uid = ap.pid AND FIND_IN_SET('primary', pe.flags))
+ WHERE pe.entry_year = {?} AND a.state = 'active'
+ GROUP BY jour", (int)$jours, 1 + (int)$jours, (int)$promo);
//genere des donnees compatibles avec GNUPLOT
$inscrits='';
{
$page->changeTpl('stats/nb_by_promo.tpl');
- $res = XDB::iterRow(
- "SELECT promo,COUNT(*)
- FROM auth_user_md5
- WHERE promo > 1900 AND perms IN ('admin','user') AND deces = 0
- GROUP BY promo
- ORDER BY promo");
+ $res = XDB::iterRow('SELECT pe.entry_year AS promo, COUNT(*)
+ FROM accounts AS a
+ INNER JOIN account_profiles AS ap ON (ap.uid = a.uid AND FIND_IN_SET(\'owner\', ap.perms))
+ INNER JOIN profile_education AS pe ON (pe.uid = ap.pid AND FIND_IN_SET(\'primary\', pe.flags))
+ WHERE pe.entry_year >= 1900 AND a.state = \'active\'
+ GROUP BY promo
+ ORDER BY promo');
$max=0; $min=3000;
while (list($p,$nb) = $res->next()) {
$time = ' AND e.stamp > DATE_SUB(CURDATE(), INTERVAL 1 ' . strtoupper($period) . ')';
break;
}
+ // XXX: Need to be port to profile stuff
$rows = XDB::iterator("SELECT IF(u.nom_usage != '', u.nom_usage, u.nom) AS nom,
u.prenom, u.promo, e.data AS forlife, COUNT(*) AS count
FROM logger.events AS e
$page->assign('requests', $subs_valid->numRows());
}
- if (!S::has('core_rss_hash')) {
+ if (!S::hasAuthToken()) {
$page->setRssLink("Polytechnique.net :: {$globals->asso("nom")} :: News publiques",
$platal->ns . "rss/rss.xml");
} else {
$page->setRssLink("Polytechnique.net :: {$globals->asso("nom")} :: News",
- $platal->ns . 'rss/'.S::v('hruid') .'/'.S::v('core_rss_hash').'/rss.xml');
+ $platal->ns . 'rss/'.S::v('hruid') .'/'.S::v('token').'/rss.xml');
}
$page->assign('articles', $arts);
function handler_change_rights(&$page)
{
- if (Env::has('right') && (may_update() || S::has('suid'))) {
+ if (Env::has('right') && (may_update() || S::suid())) {
switch (Env::v('right')) {
case 'admin':
Platal::session()->stopSUID();
);
}
- function prepare_client(&$page)
+ function prepare_client(&$page, $user = null)
{
global $globals;
Platal::load('lists', 'lists.inc.php');
- $this->client = new MMList(S::v('uid'), S::v('password'),
- $globals->asso('mail_domain'));
+ if (is_null($user)) {
+ $user =& S::user();
+ }
+ $this->client = new MMList($user, $globals->asso('mail_domain'));
$page->assign('asso', $globals->asso());
$page->setType($globals->asso('cat'));
+++ /dev/null
-<?php
-/***************************************************************************
- * Copyright (C) 2003-2008 Polytechnique.org *
- * http://opensource.polytechnique.org/ *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the Free Software *
- * Foundation, Inc., *
- * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
- ***************************************************************************/
-
-function smarty_insert_getName()
-{
- $uid = Cookie::v('uid', -1);
- if ($uid < 0) {
- return "";
- }
- $res = XDB::query("SELECT prenom FROM auth_user_md5 WHERE user_id={?}", $uid);
- return $res->fetchOneCell();
-}
-
-// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
-?>
{* *}
{**************************************************************************}
-<h1>Comptes désactivés</h1>
+<h1>{$disabled->total()} Comptes désactivés ou surveillés</h1>
<table class="bicol">
- <tr><th>Nom</th><th>Commentaire</th></tr>
+ <tr><th>Nom</th><th>Disabled</th><th>Surveillé</th><th>Commentaire</th></tr>
{iterate from=$disabled item=user}
<tr class="{cycle values="pair,impair"}">
<td>
- <a href="admin/user/{$user.hruid}">{$user.prenom} {$user.nom} ({$user.promo})</a>
+ <a href="admin/user/{$user.hruid}">{$user.hruid}</a>
+ </td>
+ <td>
+ <input type="checkbox" disabled="disabled" {if $user.disabled}checked="checked"{/if} />
+ </td>
+ <td>
+ <input type="checkbox" disabled="disabled" {if $user.watch}checked="checked"{/if} />
</td>
<td>
{$user.comment|default='(none)'}
{/iterate}
</table>
-<h1>Administrateurs du site</h1>
+<h1>{$admins->total()} Administrateurs du site</h1>
<table class="tinybicol">
<tr><th>Utilisateur</th></tr>
{iterate from=$admins item=user}
<tr class="{cycle values="pair,impair"}">
<td>
- <a href="admin/user/{$user.hruid}">{$user.prenom} {$user.nom} ({$user.promo})</a>
+ <a href="admin/user/{$user.hruid}">{$user.hruid}</a>
</td>
</tr>
{/iterate}
<tr>
<td>
<textarea cols="80" rows="20" name="mailbody">
-{$prenom},
+{$user->displayName()},
Comme nous t'en avons informé par email il y a quelques temps,
pour respecter nos engagements en terme d'adresses email devinables,
tu te verras bientôt retirer l'alias {$loginbis}@{#globals.mail.domain#} pour
-ne garder que {$forlife}@{#globals.mail.domain#}.
+ne garder que {$user->forlifeEmail()}.
Toute personne qui écrira à {$loginbis}@{#globals.mail.domain#} recevra la
réponse d'un robot qui l'informera que {$loginbis}@{#globals.mail.domain#}
<tr>
<td>
<textarea cols="80" rows="20" name="mailbody">
-{$prenom},
+{$user->displayName()},
Comme nous t'en avons informé par email il y a quelques temps,
nous t'avons retiré de façon définitive l'adresse
{/literal}
<p class="center">
- <a href="Site/AllRecentChanges?action=rss&user={$smarty.session.hruid}&hash={$smarty.session.core_rss_hash}" style="display:block;float:right" title="Changements">{icon name=feed title='fil rss'}</a>
+ <a href="Site/AllRecentChanges?action=rss&user={$smarty.session.hruid}&hash={$smarty.session.token}" style="display:block;float:right" title="Changements">{icon name=feed title='fil rss'}</a>
{icon name=magnifier} <a href="Site/AllRecentChanges">Voir les changements récents</a>
</p>
{$am->title()}
====================================================================
-{$am->head($prenom, $nom, $sexe, 'text')}
+{$am->head($user, 'text')}
{$am->body('text')}
{/if}
<div class='ax_mail'>
<div class="title">{$am->title()}</div>
- <div class="intro">{$am->head($prenom, $nom, $sexe, 'html')|smarty:nodefaults}</div>
+ <div class="intro">{$am->head($user, 'html')|smarty:nodefaults}</div>
<div class="body">{$am->body('html')|smarty:nodefaults}</div>
<div class="signature">{$am->signature('html')|smarty:nodefaults}</div>
<div class="foot1">
<table class="bicol">
<tr>
<th colspan="2">
- {if $smarty.session.core_rss_hash}
- <a href="carnet/rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml" style="display:block;float:right" title="Notifications">
+ {if $smarty.session.token}
+ <a href="carnet/rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml" style="display:block;float:right" title="Notifications">
{icon name=feed title='fil rss'}
</a>
{else}
</li>
<li>
{icon name=calendar_view_day title='Anniversaires'}
- <a href="carnet/contacts/ical/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/anniv-x.ics" title="Anniversaires">
+ <a href="carnet/contacts/ical/{$smarty.session.hruid}/{$smarty.session.token}/anniv-x.ics" title="Anniversaires">
Le calendrier des anniversaires
</a>
</li>
</p>
<div class="right">
-{if $smarty.session.core_rss_hash}
-<a href="carnet/rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml" title="Notifications">{icon name=feed title='fil rss'}</a>
+{if $smarty.session.token}
+<a href="carnet/rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml" title="Notifications">{icon name=feed title='fil rss'}</a>
{/if}
</div>
Accès réservé aux polytechniciens
</h1>
{/if}
-{if $smarty.session.auth ge AUTH_COOKIE}
-<p>
-<strong>Merci de rentrer ton mot de passe pour démarrer une connexion au site.</strong>
-Si tu n'es pas {insert name="getName"}, change le login ci-dessous, ou rends-toi sur
-<a href="register/">la page d'inscription</a>.
-</p>
-{/if}
<form action="{$smarty.server.REQUEST_URI}" method="post" id="login" onsubmit="doChallengeResponse(); return false;" style="display: none">
<table class="bicol" cellpadding="4" summary="Formulaire de login">
{if $actuel}
{javascript name=ajax}
+ {if $user->hasProfile()}
<table class="flags">
<tr>
<td class="orange">
</td>
</tr>
</table>
-
+ {/if}
{else}
<p>
Pour plus de <strong>convivialité</strong> dans l'utilisation de tes emails, tu peux choisir une adresse
<tr>
<td><input type="text" name="alias" value="{$r_alias}" />@{#globals.mail.alias_dom#} et @{#globals.mail.alias_dom2#}</td>
</tr>
+ {if $user->hasProfile()}
<tr>
<td>
<table class="flags" summary="Flags" cellpadding="0" cellspacing="0">
</table>
</td>
</tr>
+ {/if}
<tr>
<td>Brève explication :</td>
</tr>
--- /dev/null
+{**************************************************************************}
+{* *}
+{* Copyright (C) 2003-2008 Polytechnique.org *}
+{* http://opensource.polytechnique.org/ *}
+{* *}
+{* This program is free software; you can redistribute it and/or modify *}
+{* it under the terms of the GNU General Public License as published by *}
+{* the Free Software Foundation; either version 2 of the License, or *}
+{* (at your option) any later version. *}
+{* *}
+{* This program is distributed in the hope that it will be useful, *}
+{* but WITHOUT ANY WARRANTY; without even the implied warranty of *}
+{* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *}
+{* GNU General Public License for more details. *}
+{* *}
+{* You should have received a copy of the GNU General Public License *}
+{* along with this program; if not, write to the Free Software *}
+{* Foundation, Inc., *}
+{* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *}
+{* *}
+{**************************************************************************}
+
+{config_load file="mails.conf" section="emails_broken"}
+{if $mail_part eq 'head'}
+{from full=#from#}
+{subject text=#subject#}
+{elseif $mail_part eq 'wiki'}
+Bonjour !
+
+Cet email a été généré automatiquement par le service de patte cassée de
+Polytechnique.org car un autre utilisateur, {$request->fullName()},
+nous a signalé qu'en t'envoyant un email, il avait reçu un message d'erreur
+indiquant que ton adresse de redirection {$email}
+ne fonctionnait plus !
+
+Nous te suggérons de vérifier cette adresse, et le cas échéant de mettre
+à jour tes adresses de redirection [[{$globals->baseurl}/emails|sur le site]].
+
+Pour plus de renseignements sur le service de patte cassée, n'hésite pas à
+consulter [[{$globals->baseurl}/emails/broken|la documentation sur le site]].
+
+
+À bientôt sur Polytechnique.org !\\
+[[support@{$globals->mail->domain}|L'équipe d'administration]]
+{/if}
+
+{* vim:set et sw=2 sts=2 sws=2 enc=utf-8: *}
{elseif $x}
<h2>Patte Cassée</h2>
<p>
- Désolé, mais ton correspondant, {$x.prenom} {$x.nom} (X{$x.promo}),
+ Désolé, mais ton correspondant, {$x.user->fullName()},
n'a actuellement <span class="erreur">aucune adresse email de redirection
active autre que celle que tu viens de rentrer.</span>
Nous t'invitons à prendre contact avec lui autrement que par email,
<p>
<small>{icon name=information title="Envoi d'email"} Pour envoyer un email, tu peux soit le faire depuis l'interface
- ci-dessous, soit utiliser <a href="Xorg/SMTPSecurise">notre serveur d'envoi SMTP<a>.</small>
+ ci-dessous, soit utiliser <a href="Xorg/SMTPSecurise">notre serveur d'envoi SMTP</a>.</small>
</p>
<form action="emails/send" method="post" enctype="multipart/form-data" id="form_mail" onsubmit="return check(this);">
{foreach key=key item=contact from=$contacts}
{if in_array($contact.forlife, $smarty.request.to_contacts)}
<option value="{$contact.forlife}">
- {$contact.prenom} {$contact.nom} (X{$contact.promo})
+ {$contact.full_name}
</option>
{/if}
{/foreach}
{foreach key=key item=contact from=$contacts}
{if in_array($contact.forlife, $smarty.request.cc_contacts)}
<option value="{$contact.forlife}">
- {$contact.prenom} {$contact.nom} (X{$contact.promo})
+ {$contact.full_name}
</option>
{/if}
{/foreach}
{foreach item=contact from=$contacts}
{if !in_array($contact.forlife, $smarty.request.to_contacts) && !in_array($contact.forlife, $smarty.request.cc_contacts)}
<option value="{$contact.forlife}">
- {$contact.prenom} {$contact.nom} (X{$contact.promo})
+ {$contact.full_name}
</option>
{/if}
{/foreach}
{else}
<h1 id='pagetop'>
-Bienvenue {$smarty.session.yourself_name}{if $birthday}
+Bienvenue {$smarty.session.display_name}{if $birthday}
et joyeux anniversaire de la part de toute l'équipe !
{else},
{/if}
<tr class="pair" style="height: 18px">
<td class="half titre" style="height: 18px; padding-top: 1px; padding-bottom: 1px;">
{if $smarty.foreach.events.first}
- {if $smarty.session.core_rss_hash}
- <a href="rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml" style="display:block;float:right" title="Annonces">
+ {if $smarty.session.token}
+ <a href="rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml" style="display:block;float:right" title="Annonces">
{icon name=feed title='fil rss'}
</a>
{else}
{if !$has_evts}
<tr>
<td class="half">
- {if $smarty.session.core_rss_hash}
- <a href="rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml" style="display:block;float:right" title="Annonces">
+ {if $smarty.session.token}
+ <a href="rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml" style="display:block;float:right" title="Annonces">
{icon name=feed title='fil rss'}
</a>
{else}
{$nl->title()}
====================================================================
-{$nl->head($prenom, $nom, $sexe, 'text')}
+{$nl->head($user, 'text')}
{foreach from=$nl->_arts key=cid item=arts name=cats}
--------------------------------------------------------------------
{foreach from=$arts item=art}
-{$art->toText($hash, $alias)}
+{$art->toText($hash, $user->login())}
{/foreach}
{/foreach}
{/if}
<div class='nl'>
<div class="title">{$nl->title()}</div>
- <div class="intro">{$nl->head($prenom, $nom, $sexe, 'html')|smarty:nodefaults}</div>
+ <div class="intro">{$nl->head($user, 'html')|smarty:nodefaults}</div>
<a id="top_lnk"></a>
{foreach from=$nl->_arts key=cid item=arts name=cats}
<div class="lnk">
{$nl->_cats[$cid]}
</h1>
{foreach from=$arts item=art}
- {$art->toHtml($hash, $alias)|smarty:nodefaults}
+ {$art->toHtml($hash, $user->login())|smarty:nodefaults}
<div class="top_lnk"><a href="{$prefix}#top_lnk">Revenir au sommaire</a></div>
{/foreach}
{/foreach}
{* *}
{**************************************************************************}
<h1>ChangeLog</h1>
+{if !$core}
<p>Voici la liste des modifications faites sur <a href="http://opensource.polytechnique.org/platal/">plat/al</a>, le support libre de ce site.</p>
+
+<p>Cette version utilise <a href="changelog/core">plat/al-core {$globals->coreVersion}</a>.</p>
+{else}
+<p>Voici la liste des modifications faites sur la bibliothèque plat/al-core.</p>
+{/if}
+
{$ChangeLog|smarty:nodefaults}
{* vim:set et sw=2 sts=2 sws=2 enc=utf-8: *}
<h1>Fil RSS</h1>
-{if !$smarty.session.core_rss_hash}
+{if !$smarty.session.token}
<p>
Tu viens de cliquer sur le lien d'activation des fils RSS. Les fils RSS du site
ne sont pas activés dans tes préférences.
<ul>
<li>
Anonces sur la page d'entrée :
- <a href="rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml" title="Annonces">{icon name=feed title='fil rss'}</a>
+ <a href="rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml" title="Annonces">{icon name=feed title='fil rss'}</a>
</li>
<li>
Ton carnet polytechnicien :
- <a href="carnet/rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml" title="Notifications">{icon name=feed title='fil rss'}</a>
+ <a href="carnet/rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml" title="Notifications">{icon name=feed title='fil rss'}</a>
</li>
</ul>
<p>
</tr>
<tr class="impair">
<td class="half">
- {if $smarty.session.mail_fmt eq html}
+ {if $smarty.session.email_format eq html}
<h3>
- <a href="javascript:dynpostkv('prefs', 'mail_fmt', 'texte')">Recevoir les emails en format texte</a>
+ <a href="javascript:dynpostkv('prefs', 'email_format', 'text')">Recevoir les emails en format texte</a>
</h3>
<div class='explication'>
Tu recois tous les emails envoyés par le site
</div>
{else}
<h3>
- <a href="javascript:dynpostkv('prefs', 'mail_fmt', 'html')">Recevoir les emails en HTML</a>
+ <a href="javascript:dynpostkv('prefs', 'email_format', 'html')">Recevoir les emails en HTML</a>
</h3>
<div class='explication'>
Tu recois tous les emails envoyés par le site
</td>
<td class="half">
<h3>
- {if $smarty.session.core_rss_hash}
+ {if $smarty.session.token}
<a href="javascript:dynpostkv('prefs', 'rss', 0)">Désactiver les fils rss</a>
{else}
<a href="javascript:dynpostkv('prefs', 'rss', 1)">Activer les fils rss</a>
<h1>
Mise en place de la redirection
</h1>
-<p>
-{if $carva}
- Actuellement, les adresses
- <a href="http://www.carva.org/{$bestalias}">http://www.carva.org/{$bestalias}</a> et
- <a href="http://www.carva.org/{$smarty.session.hruid}">http://www.carva.org/{$smarty.session.hruid}</a>
- sont redirigées sur <a href="http://{$carva}">http://{$carva}</a>
-{else}
- La redirection n'est pas utilisée ...
-{/if}
-</p>
<p>
- Pour modifier cette redirection remplis le champ suivant et clique sur <strong>Valider</strong>.
+ Pour modifier ta redirection remplis le champ suivant et clique sur <strong>Valider</strong>.
{if $carva}
Si tu veux annuler ta redirection, clique sur <strong>Supprimer</strong>.
{/if}
<table class="tinybicol">
<tr>
<th>
- {if $smarty.session.core_rss_hash}
- <a href='{$platal->ns}rss/{$smarty.session.hruid}/{$smarty.session.core_rss_hash}/rss.xml' style="display:block;float:right">
+ {if $smarty.session.token}
+ <a href='{$platal->ns}rss/{$smarty.session.hruid}/{$smarty.session.token}/rss.xml' style="display:block;float:right">
{icon name=feed title='fil rss'}
</a>
{else}
--- /dev/null
+CREATE TABLE accounts (
+ # Account identifier and type
+ uid int(6) not null auto_increment,
+ hruid varchar(255) not NULL,
+
+ # Account type and state
+ type varchar(16) default null,
+ is_admin bool default false,
+ state enum('pending', 'active', 'disabled') not null default 'pending',
+
+ # Access
+ password char(40) default null,
+ token varchar(32) default null,
+ weak_password varchar(256) default null,
+ registration_date datetime not null,
+
+ # Administrative tools
+ flags set('watch') not null default '',
+ comment varchar(255) default null,
+
+ # User settings
+ full_name varchar(255) default null,
+ display_name varchar(255) default null,
+ sex enum('female', 'male') not null default 'male',
+ email_format enum('text', 'html') not null default 'html',
+ skin varchar(32) default null,
+ last_version varchar(16) not null,
+
+ primary key uid (uid),
+ unique key hruid (hruid),
+ key full_name (full_name),
+ key state (state),
+ key type (type)
+);
+
+CREATE TABLE account_types (
+ type varchar(16) not null,
+ perms set('mail', 'groups', 'forums', 'list', 'search', 'portal') default '',
+
+ primary key type (type)
+);
+
+CREATE TABLE account_profiles (
+ uid int(6) not null,
+ pid int(6) not null,
+ perms set('owner') not null default '',
+
+ primary key id (uid, pid),
+ key uid (uid),
+ key pid (pid)
+);
+
+# vim:set syntax=mysql:
--- /dev/null
+create table profiles (
+ # Profile identifiers
+ pid int(6) not null auto_increment,
+ hrpid varchar(255) not null,
+
+ # Who is this?
+ xorg_id int(8) not null,
+ ax_id varchar(8) default null,
+
+ # Some singletons
+ # birthdate and birthdate given by reference directory (library, school...)
+ birthdate date default null,
+ birthdate_ref date default null,
+ deathdate date default null,
+
+ sex enum('female', 'male') not null default 'male',
+ section tinyint(2) unsigned default null,
+ cv text default null,
+ freetext mediumtext default null,
+ freetext_pub enum('private', 'public') not null default 'private',
+ medals_pub enum('private', 'public') not null default 'private',
+ alias_pub enum('private', 'public') not null default 'private',
+
+ nationality1 char(2) default null,
+ nationality2 char(2) default null,
+ nationality3 char(2) default null,
+
+ # Last modification date (for notifications)
+ last_change date not null,
+
+ primary key pid (pid),
+ unique key hrpid (hrpid),
+ unique key xorg_id (xorg_id),
+ key ax_id (ax_id),
+ key nationality1 (nationality1),
+ key nationality2 (nationality2),
+ key nationality3 (nationality3)
+);
+
+# vim:set syntax=mysql:
--- /dev/null
+# Move forums tables to x4dat
+#RENAME forums.list
+# TO x4dat.forums;
+#RENAME forums.abos
+# TO x4dat.forum_subs;
+#RENAME forums.innd
+# TO x4dat.forum_innd;
+#RENAME forums.porfils
+# TO x4dat.forum_profiles;
+#DROP DATABASE forums;
+
+## Dev version of previous line
+# (non destructive)
+CREATE TABLE x4dat.forums
+ LIKE forums.list;
+INSERT INTO x4dat.forums
+ SELECT *
+ FROM forums.list;
+
+CREATE TABLE x4dat.forum_subs
+ LIKE forums.abos;
+INSERT INTO x4dat.forum_subs
+ SELECT *
+ FROM forums.abos;
+
+CREATE TABLE x4dat.forum_innd
+ LIKE forums.innd;
+INSERT INTO x4dat.forum_innd
+ SELECT *
+ FROM forums.innd;
+
+CREATE TABLE x4dat.forum_profiles
+ LIKE forums.profils;
+INSERT INTO x4dat.forum_profiles
+ SELECT *
+ FROM forums.profils;
+
+
+# Conform to naming convention.
+ ALTER TABLE forums
+CHANGE COLUMN nom name VARCHAR(64) NOT NULL;
+
+ ALTER TABLE forum_profiles
+CHANGE COLUMN nom name VARCHAR(64) NOT NULL,
+ ADD COLUMN last_seen TIMESTAMP NOT NULL DEFAULT '0000-00-00';
+
+# vim:set syntax=mysql:
--- /dev/null
+create table watch (
+ uid int(6) not null,
+ flags set('contacts', 'mail') not null default 'contacts',
+ last timestamp not null default '0000-00-00',
+
+ primary key uid (uid),
+ key flags (flags)
+);
+
+# vim:set syntax=mysql:
--- /dev/null
+create table carvas (
+ uid int(6) not null,
+ url varchar(255) not null,
+
+ primary key uid (uid)
+);
+
+# vim:set syntax=mysql:
--- /dev/null
+create table email_options (
+ uid int(6) not null,
+ storage set('imap', 'googleapps') not null default '',
+
+ primary key uid (uid)
+);
+
+# vim:set syntax=mysql:
--- /dev/null
+# Create a type 'X' with all permissions
+insert into account_types
+ values ('x', 'mail,groups,forums,list,search,portal');
+
+# Insert all existing accounts
+insert into accounts
+ select u.user_id AS uid, hruid AS hruid, 'x' AS type,
+ perms = 'admin' AS is_admin,
+ IF(perms = 'admin' or perms = 'user', 'active', perms) AS state,
+ IF(LENGTH(password) = 40, password, NULL) AS password,
+ IF(LENGTH(q.core_rss_hash) > 0, q.core_rss_hash, NULL) AS token,
+ IF(LENGTH(smtppass) = 0, NULL, smtppass) AS weak_password,
+ date_ins AS registration_date,
+ IF(FIND_IN_SET('watch', flags), 'watch', '') AS flags,
+ IF(LENGTH(comment) > 0, comment, NULL) AS comment,
+ CONCAT(prenom, ' ', IF (nom_usage != '' and nom_usage IS NOT NULL, nom_usage, nom)) AS full_name,
+ prenom AS display_name,
+ IF(FIND_IN_SET('femme', flags), 'female', 'male') AS sex,
+ IF(q.core_mail_fmt = 'html', 'html', 'text') AS email_format,
+ q.skin AS skin,
+ q.last_version AS last_version
+ from auth_user_md5 as u
+ left join auth_user_quick as q on (q.user_id = u.user_id)
+ where hruid is not null;
+
+# Insert carnet-relative data
+insert into watch
+ select user_id as uid, watch_flags as flags, watch_last as last
+ from auth_user_quick;
+
+# Insert carvas
+insert into carvas
+ select user_id, redirecturl
+ from auth_user_quick
+ where LENGTH(redirecturl) > 0;
+
+# Insert all existing profiles
+insert into profiles
+ select u.user_id AS pid, u.hruid AS hrpid, u.matricule AS xorg_id,
+ u.matricule_ax AS ax_id, u.naissance AS birthdate, u.naissance_ini AS birthdate_ref,
+ IF(u.deces = 0, NULL, u.deces) AS deathdate,
+ IF(FIND_IN_SET('femme', flags), 'female', 'male') AS sex,
+ IF(u.section = 0, NULL, u.section) AS section,
+ IF(LENGTH(u.cv) > 0, u.cv, NULL) AS cv,
+ IF(LENGTH(q.profile_freetext) > 0, q.profile_freetext, NULL) AS freetext,
+ IF(q.profile_freetext_pub = 'public', 'public', 'private') AS freetext_pub,
+ IF(q.profile_medals_pub = 'public', 'public', 'private') AS medals_pub,
+ IF(q.emails_alias_pub = 'public', 'public', 'private') AS alias_pub,
+ u.nationalite AS nationality1, u.nationalite2 AS nationality2,
+ u.nationalite3 AS nationality3, u.date AS last_change
+ from auth_user_md5 AS u
+ left join auth_user_quick AS q ON (u.user_id = q.user_id)
+ where u.hruid is not null;
+
+# Add associations account <-> profile
+insert into account_profiles
+ select user_id AS uid, user_id AS pid, 'owner' AS perms
+ from auth_user_md5
+ where hruid is not null;
+
+# Update banana last_seen timetamp
+ update forum_profiles as fp
+inner join auth_user_quick as q ON (q.user_id = fp.uid)
+ set fp.uid = fp.uid, fp.tree_unread = fp.tree_unread, fp.tree_read = fp.tree_read,
+ fp.last_seen = q.banana_last;
+
+insert ignore into forum_profiles (uid, last_seen)
+ select user_id as uid, banana_last as last_seen
+ from auth_user_quick
+ where banana_last >= DATE_SUB(NOW(), INTERVAL 6 MONTH);
+
+# Mail storage has been moved out of account settings
+insert into email_options
+ select user_id as uid, mail_storage as storage
+ from auth_user_md5;
+
+# vim:set syntax=mysql:
--- /dev/null
+DataBase upgrade:
+-----------------
+
+* Activate forums database drop
+
+
+Configuration changes:
+----------------------
+
+[Banana]
+* table_prefix deprecated
+
+
+Affected services:
+------------------
+
+News:
+* authentication must use account + account_types with weakpass.
+* forums base dropped and moved to forum_ namespace.
+
+
+Email:
+* auth_user_md5.smtppass -> accounts.weak_password. This password is NULL when empty, but a check must be added for empty passwords.
+* auth_user_md5.mail_storage -> email_options.storage