git-archimport-id: opensource@polytechnique.org--2005/platal--mainline--0.9--patch-99
require_once("xorg.inc.php");
new_admin_page('admin/admin_trombino.tpl');
-$q = $globals->db->query("SELECT a.alias,promo
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON ( u.user_id = a.id AND type='a_vie' )
- WHERE user_id = '{$_REQUEST['uid']}'");
+$uid = Env::getInt('uid');
+$q = $globals->db->query("SELECT a.alias,promo
+ FROM auth_user_md5 AS u
+ INNER JOIN aliases AS a ON ( u.user_id = a.id AND type='a_vie' )
+ WHERE user_id = $uid");
list($forlife, $promo) = mysql_fetch_row($q);
-if (isset($_REQUEST["action"])) {
- switch ($_REQUEST["action"]) {
+switch (Env::get('action')) {
case "ecole":
header("Content-type: image/jpeg");
break;
case "valider":
- $handle = fopen ($_FILES['userfile']['tmp_name'], "r");
- $data = fread ($handle, filesize ($_FILES['userfile']['tmp_name']));
- fclose ($handle);
+ $data = file_get_contents($_FILES['userfile']['tmp_name']);
list($x, $y) = getimagesize($_FILES['userfile']['tmp_name']);
$mimetype = substr($_FILES['userfile']['type'], 6);
unlink($_FILES['userfile']['tmp_name']);
- $globals->db->query(
- "REPLACE INTO photo
- SET uid='".$_REQUEST["uid"]."',
- attachmime = '".$mimetype."',
- attach='".addslashes($data)."',
- x='".$x."', y='".$y."'");
+ $globals->db->query("REPLACE INTO photo
+ SET uid=$uid, attachmime = '$mimetype',
+ attach='".addslashes($data)."', x=$x, y=$y");
break;
case "supprimer":
- $globals->db->query("DELETE FROM photo WHERE uid = '".$_REQUEST["uid"]."'");
+ $globals->db->query("DELETE FROM photo WHERE uid = $uid");
break;
- }
}
$page->assign('forlife', $forlife);
require_once("xorg.inc.php");
new_admin_page('admin/deces_promo.tpl');
-$promo = ( isset($_REQUEST["promo"]) ? $_REQUEST["promo"] : 0 );
-if(isset($_REQUEST['sub10'])) $promo -= 10;
-if(isset($_REQUEST['sub01'])) $promo --;
-if(isset($_REQUEST['add01'])) $promo ++;
-if(isset($_REQUEST['add10'])) $promo += 10;
+$promo = Env::getInt('promo');
+if (Env::has('sub10')) $promo -= 10;
+if (Env::has('sub01')) $promo -= 1;
+if (Env::has('add01')) $promo += 1;
+if (Env::has('add10')) $promo += 10;
$page->assign('promo',$promo);
-if (isset($_REQUEST["valider"]) && $_REQUEST["valider"] == "Valider") {
+if (Env::get('valider') == "Valider") {
$res = $globals->db->query("SELECT user_id,matricule,deces FROM auth_user_md5 WHERE promo = $promo");
while (list($uid,$mat,$deces) = mysql_fetch_row($res)) {
- if($_REQUEST[$mat] == $deces) continue;
- $globals->db->query("UPDATE auth_user_md5 SET deces='{$_REQUEST[$mat]}' WHERE matricule = '$mat'");
+ $val = Env::get($mat);
+ if($val == $deces) continue;
+ $globals->db->query("UPDATE auth_user_md5 SET deces='$val' WHERE matricule = '$mat'");
if($deces=='0000-00-00' or empty($deces)) {
require_once('notifs.inc.php');
- register_watch_op($uid,WATCH_DEATH,$_REQUEST[$mat]);
+ register_watch_op($uid, WATCH_DEATH, $val);
require_once('user.func.inc.php');
user_clear_all_subs($uid, false); // by default, dead ppl do not loose their email
}
require_once("xorg.inc.php");
new_admin_page('admin/evenements.tpl');
-$arch = isset($_REQUEST['arch']) ? $_REQUEST['arch'] : 0;
-
+$arch = Env::get('arch', 0);
+$evid = Post::getInt('evt_id');
$page->assign('arch', $arch);
-$action = isset($_POST['action']) ? $_POST['action'] : "";
-
-switch($action) {
+switch(Post::get('action')) {
case "Proposer":
$req = "UPDATE evenements
- SET titre='{$_POST['titre']}', texte='{$_POST['texte']}', peremption='{$_POST['peremption']}',
- promo_min = {$_POST['promo_min']}, promo_max = {$_POST['promo_max']}
- WHERE id = {$_POST['evt_id']}
+ SET titre='".Post::get('titre')."', texte='".Post::get('texte')."', peremption='".Post::get('peremption')."',
+ promo_min = ".Post::get('promo_min').", promo_max = ".Post::get('promo_max')."
+ WHERE id = $evid
LIMIT 1";
$result = $globals->db->query ($req);
break;
// le 'creation_date = creation_date' est indispensable pour que
// creation_date conserve sa valeur.
$req="UPDATE evenements
- SET creation_date = creation_date, validation_user_id ='{$_SESSION['uid']}',
+ SET creation_date = creation_date, validation_user_id = ".Session::getInt('uid').",
validation_date = NULL, flags = CONCAT(flags,',valide')
- WHERE id ='{$_POST['evt_id']}'
+ WHERE id = $evid
LIMIT 1";
$result = $globals->db->query ($req);
break;
// le 'creation_date = creation_date' est indispensable pour que
// creation_date conserve sa valeur.
$req="UPDATE evenements
- SET creation_date = creation_date, validation_user_id = ".$_SESSION['uid'].",
+ SET creation_date = creation_date, validation_user_id = ".Session::getInt('uid').",
validation_date = NULL, flags = REPLACE(flags, 'valide','')
- WHERE id = ".$_POST['evt_id']."
+ WHERE id = $evid
LIMIT 1";
$result = $globals->db->query ($req);
break;
case "Supprimer":
- $req="DELETE from evenements WHERE id = ".$_POST['evt_id']." LIMIT 1";
+ $req="DELETE from evenements WHERE id = $evid LIMIT 1";
$result = $globals->db->query ($req);
break;
case "Archiver":
- $req="UPDATE evenements SET flags = CONCAT(flags,',archive')WHERE id = ".$_POST['evt_id']." LIMIT 1";
+ $req="UPDATE evenements SET flags = CONCAT(flags,',archive') WHERE id = $evid LIMIT 1";
$result = $globals->db->query ($req);
break;
case "Desarchiver":
- $req="UPDATE evenements SET flags = REPLACE(flags,'archive','')WHERE id = ".$_POST['evt_id']." LIMIT 1";
+ $req="UPDATE evenements SET flags = REPLACE(flags,'archive','') WHERE id = $evid LIMIT 1";
$result = $globals->db->query ($req);
break;
case "Editer":
- $evt_req = $globals->db->query("SELECT titre, texte, peremption, promo_min, promo_max, validation_message FROM evenements WHERE id=".$_POST["evt_id"]);
+ $evt_req = $globals->db->query("SELECT titre, texte, peremption, promo_min, promo_max, validation_message FROM evenements WHERE id= $evid");
list($titre, $texte, $peremption, $promo_min, $promo_max, $validation_message) = mysql_fetch_row($evt_req) ;
$page->assign('mode', 'edit');
$page->assign('titre',$titre);
new_admin_page('admin/homonymes.tpl');
require_once("diogenes.hermes.inc.php");
-$op = isset($_REQUEST['op']) ? $_REQUEST['op'] : 'list';
+$op = Env::get('op', 'list');
+$target = Env::getInt('target');
-
-$target = isset($_REQUEST['target']) ? $_REQUEST['target'] : 0;
if ($target) {
$res = $globals->db->query("SELECT prenom,nom,a.alias AS forlife,h.alias AS loginbis
FROM auth_user_md5 AS u
INNER JOIN aliases AS a ON (a.id=u.user_id AND a.type='a_vie')
INNER JOIN aliases AS h ON (h.id=u.user_id AND h.expire!='')
- WHERE user_id='$target'");
+ WHERE user_id = $target");
if (! list($prenom,$nom,$forlife,$loginbis) = mysql_fetch_row($res)) {
$target=0;
} else {
$mymail->setSubject("Dans 2 semaines, suppression de $loginbis@polytechnique.org");
$mymail->addTo("$prenom $nom <$forlife@polytechnique.org>");
$mymail->addCc($cc);
- $mymail->setTxtBody(stripslashes($_REQUEST['mailbody']));
+ $mymail->setTxtBody(stripslashes(Env::get('mailbody')));
$mymail->send();
$op = 'list';
break;
$mymail->setSubject("Mise en place du robot $loginbis@polytechnique.org");
$mymail->addTo("$prenom $nom <$forlife@polytechnique.org>");
$mymail->addCc($cc);
- $mymail->setTxtBody(stripslashes($_REQUEST['mailbody']));
+ $mymail->setTxtBody(stripslashes(Env::get('mailbody')));
$mymail->send();
$op = 'list';
break;
require_once("xorg.inc.php");
new_admin_page('admin/lists.tpl');
require_once('xml-rpc-client.inc.php');
+require_once('lists.inc.php');
-$res = $globals->db->query("SELECT password FROM auth_user_md5 WHERE user_id={$_SESSION['uid']}");
-list($pass) = mysql_fetch_row($res);
-mysql_free_result($res);
-
-$client = new xmlrpc_client("http://{$_SESSION['uid']}:$pass@localhost:4949/polytechnique.org");
+$client =& lists_xmlrpc(Session::getInt('uid'), Session::get('password'));
$listes = $client->get_all_lists();
$page->assign_by_ref('listes',$listes);
$page->run();
new_admin_page('logger-view.tpl');
require_once('diogenes.logger-view.inc.php');
-if(empty($_REQUEST['logauth'])) $_REQUEST['logauth']='native';
+if (!Env::has('logauth')) {
+ $_REQUEST['logauth'] = 'native';
+}
$logview = new DiogenesLoggerView;
$logview->run($page);
new_admin_page('admin/newsletter.tpl');
require_once("newsletter.inc.php");
-if(isset($_GET['new'])) {
+if(Get::has('new')) {
insert_new_nl();
header("Location: newsletter.php");
}
-$page->assign_by_ref('nl_list',get_nl_slist());
+$page->assign_by_ref('nl_list', get_nl_slist());
$page->run();
?>
new_admin_page('admin/newsletter_edit.tpl', 'newsletter/head.tpl');
require_once("newsletter.inc.php");
-$nid = empty($_GET['nid']) ? 'last' : $_GET['nid'];
-$nl = new NewsLetter($nid);
-if(isset($_GET['del_aid'])) {
- $nl->delArticle($_GET['del_aid']);
+$nid = Get::get('nid', 'last');
+$nl = new NewsLetter($nid);
+
+if(Get::has('del_aid')) {
+ $nl->delArticle(Get::get('del_aid'));
header("Location: ?nid=$nid");
}
-if(isset($_POST['update'])) {
- $nl->_title = $_POST['title'];
- $nl->_date = $_POST['date'];
- $nl->_head = $_POST['head'];
+if(Post::get('update')) {
+ $nl->_title = Post::get('title');
+ $nl->_date = Post::get('date');
+ $nl->_head = Post::get('head');
$nl->save();
}
-if(isset($_POST['save'])) {
- $eaid = $_GET['edit_aid'];
- $art = new NLArticle($_POST['title'], $_POST['body'], $_POST['append'], $eaid, $_POST['cid'], $_POST['pos']);
+if(Post::get('save')) {
+ $art = new NLArticle(Post::get('title'), Post::get('body'), Post::get('append'),
+ Get::get('edit_aid'), Post::get('cid'), Post::get('pos'));
$nl->saveArticle($art);
header("Location: ?nid=$nid");
}
-if(isset($_GET['edit_aid'])) {
- $eaid = $_GET['edit_aid'];
- if(isset($_POST['aid'])) {
- $art = new NLArticle($_POST['title'], $_POST['body'], $_POST['append'],
- $eaid, $_POST['cid'], $_POST['pos']);
- } elseif($eaid<0) {
- $art = new NLArticle();
+if(Get::has('edit_aid')) {
+ $eaid = Get::get('edit_aid');
+ if(Post::has('aid')) {
+ $art = new NLArticle(Post::get('title'), Post::get('body'), Post::get('append'),
+ $eaid, Post::get('cid'), Post::get('pos'));
} else {
- $art = $nl->getArt($_GET['edit_aid']);
+ $art = $eaid<0 ? new NLArticle() : $nl->getArt($eaid);
}
$page->assign('art', $art);
}
new_admin_page('admin/postfix_delayed.tpl');
-if (isset($_REQUEST["del"])) {
- mysql_query("UPDATE postfix_mailseen SET release = 'del' WHERE crc = '".$_REQUEST["crc"]."'");
- $page->assign('res', $_REQUEST["crc"]." verra tous ses mails supprimés !");
-} else if (isset($_REQUEST["ok"])) {
- mysql_query("UPDATE postfix_mailseen SET release = 'ok' WHERE crc = '".$_REQUEST["crc"]."'");
- $page->assign('res', $_REQUEST["crc"]." a le droit de passer !");
+if (Env::has('del')) {
+ $crc = Env::get('crc');
+ mysql_query("UPDATE postfix_mailseen SET release = 'del' WHERE crc = '$crc'");
+ $page->assign('res', $crc." verra tous ses mails supprimés !");
+} elseif (Env::has('ok')) {
+ $crc = Env::get('crc');
+ mysql_query("UPDATE postfix_mailseen SET release = 'ok' WHERE crc = '$crc'");
+ $page->assign('res', $crc." a le droit de passer !");
}
$sql = "SELECT crc, nb, update_time, create_time,
require_once("emails.inc.php");
require_once("user.func.inc.php");
-if (isset($_SESSION['suid'])) {
+if (Session::has('suid')) {
$page->kill("déjà en SUID !!!");
}
-if (!empty($_REQUEST['user_id'])) {
- $login = get_user_login($_REQUEST['user_id']);
-} elseif (isset($_REQUEST['login'])) {
- $login = get_user_login($_REQUEST['login']);
+if (Env::has('user_id')) {
+ $login = get_user_login(Env::getInt('user_id'));
+} elseif (Env::has('login')) {
+ $login = get_user_login(Env::get('login'));
} else {
$login = false;
}
-if(isset($_REQUEST['logs_button']) && $login) {
+if(Env::has('logs_button') && $login) {
header("Location: logger.php?loguser=$login&year=".date('Y')."&month=".date('m'));
}
-if(isset($_REQUEST['suid_button']) and $login and !isset($_SESSION['suid'])) {
- $_SESSION['log']->log("suid_start", "login by ".$_SESSION['forlife']);
+if(Env::has('suid_button') && $login) {
+ $_SESSION['log']->log("suid_start", "login by ".Session::get('forlife'));
$_SESSION['suid'] = $_SESSION;
$r = $globals->db->query("SELECT id FROM aliases WHERE alias='$login'");
if(list($uid) = mysql_fetch_row($r)) {
foreach($_POST as $key => $val) {
switch ($key) {
case "add_fwd":
- $email = trim($_REQUEST['email']);
+ $email = trim(Env::get('email'));
if (!isvalid_email_redirection($email)) {
$page->trig("invalid email $email");
} else {
case "del_alias":
if (!empty($val)) {
- $globals->db->query("DELETE FROM aliases WHERE id='{$_REQUEST['user_id']}' AND alias='$val'
+ $globals->db->query("DELETE FROM aliases WHERE id='{$mr['user_id']}' AND alias='$val'
AND type!='a_vie' AND type!='homonyme'");
- fix_bestalias($_REQUEST['user_id']);
+ fix_bestalias($nr['user_id']);
$page->trig($val." a été supprimé");
}
break;
case "add_alias":
$globals->db->query("INSERT INTO aliases (id,alias,type)
- VALUES ('{$_REQUEST['user_id']}','{$_REQUEST['email']}','alias')");
+ VALUES ('{$mr['user_id']}','".Env::get('email')."','alias')");
break;
case "best":
- $globals->db->query("UPDATE aliases SET flags='' WHERE flags='bestalias' AND id='{$_REQUEST['user_id']}'");
- $globals->db->query("UPDATE aliases SET flags='epouse' WHERE flags='epouse,bestalias' AND id='{$_REQUEST['user_id']}'");
+ $globals->db->query("UPDATE aliases SET flags='' WHERE flags='bestalias' AND id='{$mr['user_id']}'");
+ $globals->db->query("UPDATE aliases SET flags='epouse' WHERE flags='epouse,bestalias' AND id='{$mr['user_id']}'");
$globals->db->query("UPDATE aliases
SET flags=CONCAT(flags,',','bestalias')
- WHERE id='{$_REQUEST['user_id']}' AND alias='$val'");
+ WHERE id='{$mr['user_id']}' AND alias='$val'");
break;
// Editer un profil
case "u_edit":
- $pass_md5B = $_REQUEST['newpass_clair'] != "********" ? md5($_REQUEST['newpass_clair']) : $_REQUEST['passw'];
+ $pass_md5B = Env::get('newpass_clair') != "********" ? md5(Env::get('newpass_clair')) : Env::get('passw');
+ $naiss = Env::get('naissanceN');
+ $perms = Env::get('permsN');
+ $prenm = Env::get('prenomN');
+ $nom = Env::get('nomN');
+ $promo = Env::getInt('promo');
+ $nom = Env::get('nomN');
+ $comm = Env::get('commentN');
$query = "UPDATE auth_user_md5 SET
- naissance='{$_REQUEST['naissanceN']}',
- password='$pass_md5B',
- perms='{$_REQUEST['permsN']}',
- prenom='{$_REQUEST['prenomN']}',
- nom='{$_REQUEST['nomN']}',
- promo='{$_REQUEST['promoN']}',
- comment='{$_REQUEST['commentN']}'
- WHERE user_id='{$_REQUEST['user_id']}'";
+ naissance = '$naiss',
+ password = '$pass_md5B',
+ perms = '$perms',
+ prenom = '$prenm',
+ nom = '$nom',
+ promo = $promo,
+ comment = '$comm'
+ WHERE user_id = '{$mr['user_id']}'";
if ($globals->db->query($query)) {
// FIXME: recherche
system('echo 1 > /tmp/flag_recherche');
$mailer = new HermesMailer();
$mailer->setFrom("webmaster@polytechnique.org");
$mailer->addTo("web@polytechnique.org");
- $mailer->setSubject("INTERVENTION ADMIN ({$_SESSION['forlife']})");
+ $mailer->setSubject("INTERVENTION ADMIN (".Session::get('forlife']).")");
$mailer->setTxtBody(preg_replace("/[ \t]+/", ' ', $query));
$mailer->send();
$r = $globals->db->query("SELECT *, a.alias AS forlife
FROM auth_user_md5 AS u
INNER JOIN aliases AS a ON (u.user_id=a.id)
- WHERE user_id = {$_REQUEST['user_id']}");
+ WHERE user_id = {$mr['user_id']}");
$mr = mysql_fetch_assoc($r);
mysql_free_result($r);
break;
// DELETE FROM auth_user_md5
case "u_kill":
- user_clear_all_subs($_REQUEST['user_id']);
- $page->trig("'{$_REQUEST['user_id']}' a été désinscrit !");
+ user_clear_all_subs($mr['user_id']);
+ $page->trig("'{$mr['user_id']}' a été désinscrit !");
require_once("diogenes.hermes.inc.php");
$mailer = new HermesMailer();
$mailer->setFrom("webmaster@polytechnique.org");
$mailer->addTo("web@polytechnique.org");
- $mailer->setSubject("INTERVENTION ADMIN ({$_SESSION['forlife']})");
+ $mailer->setSubject("INTERVENTION ADMIN (".Session::get('forlife']).")");
$mailer->setTxtBody("\nUtilisateur $login effacé");
$mailer->send();
break;
require_once("validations.inc.php");
new_admin_page('admin/valider.tpl');
-if(isset($_REQUEST["uid"]) and isset($_REQUEST["type"])
- and isset($_REQUEST["stamp"])) {
- $req = Validate::get_request($_REQUEST["uid"],$_REQUEST['type'],$_REQUEST["stamp"]);
- if($req)
+if(Env::has('uid') && Env::has('type') && Env::has('stamp')) {
+ $req = Validate::get_request(Env::get('uid'), Env::get('type'), Env::get('stamp'));
+ if($req) {
$page->assign('mail', $req->handle_formu());
+ }
}
$it = new ValidateIterator ();
projects / platal.git / commitdiff