git-archimport-id: opensource@polytechnique.org--2005/platal--mainline--0.9--patch-137
require_once("xorg.inc.php");
new_skinned_page('confbanana.tpl', AUTH_MDP);
-if (!(isset($_POST["action"]) && isset($_POST["banananame"]) &&
- isset($_POST["bananasig"]) && isset($_POST["bananadisplay"]) &&
- isset($_POST["bananamail"]) && isset($_POST["bananaupdate"])
- && $_POST["action"]=="OK" ))
+if (!(Post::has('action') && Post::has('banananame') && Post::has('bananasig') && Post::has('bananadisplay')
+ && Post::has('bananamail') && Post::has('bananaupdate') && Post::get('action')=="OK" ))
{
-
$req = $globals->db->query("
SELECT nom,mail,sig,if(FIND_IN_SET('threads',flags),'1','0'),
IF(FIND_IN_SET('automaj',flags),'1','0')
FROM forums.profils
- WHERE uid='{$_SESSION['uid']}'");
- if (!(list($nom,$mail,$sig,$disp,$maj)=mysql_fetch_row($req))) {
- $nom = $_SESSION["prenom"]." ".$_SESSION["nom"];
- $mail = $_SESSION["forlife"]."@polytechnique.org";
- $sig = $nom." ({$_SESSION['promo']})";
- $disp=0;
- $maj=0;
+ WHERE uid=".Session::getInt('uid'));
+ if (!(list($nom,$mail,$sig,$disp,$maj) = mysql_fetch_row($req))) {
+ $nom = Session::get('prenom').' '.Session::get('nom');
+ $mail = Session::get('forlife').'@'.$globals->mail->domain;
+ $sig = $nom.' ('.Session::getInt('promo').')';
+ $disp = 0;
+ $maj = 0;
}
- $page->assign('nom', $nom);
+ $page->assign('nom' , $nom);
$page->assign('mail', $mail);
- $page->assign('sig', $sig);
+ $page->assign('sig' , $sig);
$page->assign('disp', $disp);
- $page->assign('maj', $maj);
+ $page->assign('maj' , $maj);
} else {
- mysql_query("REPLACE INTO forums.profils (uid,sig,mail,nom,flags)
- VALUES ('{$_SESSION['uid']}','{$_POST['bananasig']}',
- '{$_POST['bananamail']}','{$_POST['banananame']}',
- '".($_POST['bananadisplay']?"threads":"").","
- .($_POST['bananaupdate']?"automaj":"")."')");
+ mysql_query("REPLACE INTO forums.profils (uid,sig,mail,nom,flags)
+ VALUES (".Session::getInt('uid').", '".Post::get('bananasig')."', '".Post::get('bananamail')."',
+ '".Post::get('banananame')."', '".(Post::getBool('bananadisplay') ? 'threads' : '').
+ ",".(Post::getBool('bananaupdate') ? 'automaj' : '')."')");
}
$page->run();
require_once("xorg.inc.php");
new_skinned_page('emails.tpl',AUTH_COOKIE);
-if(isset($_POST['best'])) {
- $globals->db->query("UPDATE aliases SET flags='' WHERE flags='bestalias' AND id='{$_SESSION["uid"]}'");
- $globals->db->query("UPDATE aliases SET flags='epouse' WHERE flags='epouse,bestalias' AND id='{$_SESSION["uid"]}'");
+$uid = Session::getInt('uid');
+
+if (Post::has('best')) {
+ $globals->db->query("UPDATE aliases SET flags='' WHERE flags='bestalias' AND id=$uid");
+ $globals->db->query("UPDATE aliases SET flags='epouse' WHERE flags='epouse,bestalias' AND id=$uid");
$globals->db->query("UPDATE aliases
SET flags=CONCAT(flags,',','bestalias')
- WHERE id='{$_SESSION["uid"]}' AND alias='{$_POST['best']}'");
+ WHERE id=$uid AND alias='".Post::get('best')."'");
}
// on regarde si on a affaire à un homonyme
$sql = "SELECT alias, (type='a_vie') AS a_vie, FIND_IN_SET('bestalias',flags) AS best, expire
FROM aliases
- WHERE id='{$_SESSION['uid']}' AND type!='homonyme'
+ WHERE id=$uid AND type!='homonyme'
ORDER BY LENGTH(alias)";
$page->mysql_assign($sql, 'aliases');
$sql = "SELECT email
FROM emails
- WHERE uid = {$_SESSION["uid"]} AND FIND_IN_SET('active', flags)";
+ WHERE uid = $uid AND FIND_IN_SET('active', flags)";
$page->mysql_assign($sql, 'mails', 'nb_mails');
// on regarde si l'utilisateur a un alias et si oui on l'affiche !
+$forlife = Session::get('forlife');
$sql = "SELECT alias
FROM virtual AS v
INNER JOIN virtual_redirect AS vr USING(vid)
- WHERE ( redirect='{$_SESSION['forlife']}@{$globals->mail->domain}'
- OR redirect='{$_SESSION['forlife']}@{$globals->mail->domain2}' )
+ WHERE ( redirect='$forlife@{$globals->mail->domain}'
+ OR redirect='$forlife@{$globals->mail->domain2}' )
AND alias LIKE '%@{$globals->mail->alias_dom}'";
$result = $globals->db->query($sql);
if ($result && list($aliases) = mysql_fetch_row($result)) {
$message = "Bonjour !
Ce mail a été généré automatiquement par le service de patte cassée de
-Polytechnique.org car un autre utilisateur, {$_SESSION['prenom']} {$_SESSION['nom']},
+Polytechnique.org car un autre utilisateur, ".Session::get('prenom').' '.Session::get('nom').",
nous a signalé qu'en t'envoyant un mail, il avait reçu un message d'erreur
indiquant que ton adresse de redirection $email
ne fonctionnait plus !
if ($x = mysql_fetch_assoc($sel)) {
// on écrit dans la base que l'adresse est cassée
if (!$x['panne']) {
- $globals->db->query("UPDATE emails SET panne='".date("Y-m-d")."' WHERE email = '".$email."'");
+ $globals->db->query("UPDATE emails SET panne='".date('Y-m-d')."' WHERE email = '$email'");
}
$page->assign_by_ref('x', $x);
}
require_once("xorg.inc.php");
new_skinned_page('evenements.tpl', AUTH_MDP);
-if (isset($_POST['titre'])) {$titre = stripslashes($_POST['titre']);}
-else {$titre = "";}
-
-if (isset($_POST['texte'])) {$texte = stripslashes($_POST['texte']);}
-else {$texte = "";}
-
-if (isset($_POST['promo_min'])) {$promo_min = $_POST['promo_min'];}
-else {$promo_min = 0;}
-
-if (isset($_POST['promo_max'])) {$promo_max = $_POST['promo_max'];}
-else {$promo_max = 0;}
-
-if (isset($_POST['peremption'])) {$peremption = $_POST['peremption'];}
-else {$peremption = 0;}
-
-if (isset($_POST['validation_message'])) {$validation_message = stripslashes($_POST['validation_message']);}
-else {$validation_message = "";}
-
-if (isset($_POST['action'])) { $action = $_POST['action']; } else $action = "" ;
+$titre = stripslashes(Post::get('titre'));
+$texte = stripslashes(Post::get('texte'));
+$promo_min = Post::getInt('promo_min');
+$promo_max = Post::getInt('promo_max');
+$peremption = Post::getInt('peremption');
+$validation_message = Post::get('validation_message');
+$action = Post::get('action');
$page->assign('titre', $titre);
$page->assign('texte', $texte);
$page->assign('action', strtolower($action));
if ($action=="Confirmer") {
- $sql = "INSERT INTO evenements set user_id = {$_SESSION['uid']}"
- .", creation_date = NULL"
- .", titre = '".addslashes($titre)."'"
- .", texte = '".addslashes($texte)."'"
- .", peremption = '".$peremption."'"
- .", promo_min = '$promo_min', promo_max = '$promo_max'"
- .", validation_message = '".addslashes($validation_message)."'"
- .", validation_date = 0";
+ $sql = "INSERT INTO evenements
+ SET user_id = ".Session::getInt('uid').", creation_date = NULL, titre = '".addslashes($titre)."',
+ texte = '".addslashes($texte)."', peremption = '".$peremption."', promo_min = '$promo_min',
+ promo_max = '$promo_max', validation_message = '".addslashes($validation_message)."', validation_date = 0";
if ($res = $globals->db->query($sql)) {
require_once("validations.inc.php");
- $evtreq = new evtreq(mysql_insert_id(),$titre,$texte,$promo_min,
- $promo_max,$peremption,$validation_message,$_SESSION['uid']);
+ $evtreq = new evtreq(mysql_insert_id(), $titre, $texte, $promo_min,
+ $promo_max, $peremption, $validation_message, Session::getInt('uid'));
$evtreq->submit();
$page->assign('ok', true);
}
require_once("xorg.inc.php");
new_simple_page('fiche_referent.tpl',AUTH_COOKIE);
-if (!isset($_REQUEST['user'])) {
+if (!Env::has('user')) {
exit;
}
$reqsql = "SELECT prenom, nom, user_id, promo, cv, a.alias AS bestalias
FROM auth_user_md5 AS u
INNER JOIN aliases AS a ON (u.user_id=a.id AND FIND_IN_SET('bestalias',a.flags))
- INNER JOIN aliases AS a1 ON (u.user_id=a1.id AND a1.alias = '{$_REQUEST['user']}' AND a1.type!='homonyme')";
+ INNER JOIN aliases AS a1 ON (u.user_id=a1.id AND a1.alias = '".Env::get('user')."' AND a1.type!='homonyme')";
$result = $globals->db->query($reqsql);
if (mysql_num_rows($result)!=1) {
exit;
require_once('xorg.inc.php');
new_skinned_page('login.tpl', AUTH_COOKIE);
-//require_once("db_connect.inc.php");
-//require_once("controlpermanent.inc.php");
-//require_once("appel.inc.php");
-//require_once("validations.inc.php");
-
-// getdata.php3 - by Florian Dittmer <dittmer@gmx.net>
-// Example php script to demonstrate the direct passing of binary data
-// to the user. More infos at http://www.phpbuilder.com
-// Syntax: getdata.php3?id=<id>
-
-function url($url) {
- $chemins = Array('.', '..', '/');
- foreach ($chemins as $ch)
- if (file_exists("$ch/login.php") || file_exists("$ch/public/login.php"))
- return "$ch/$url";
- return "";
-}
-
-if(isset($_REQUEST['x'])) {
- if(isset($_REQUEST['req']) && $_REQUEST['req']="true") {
- include 'validations.inc.php';
- $myphoto = PhotoReq::get_unique_request($_REQUEST['x']);
- Header("Content-type: image/".$myphoto->mimetype);
+if (Env::has('x')) {
+ if (Env::get('req') == "true") {
+ include 'validations.inc.php';
+ $myphoto = PhotoReq::get_unique_request(Env::get('x'));
+ Header('Content-type: image/'.$myphoto->mimetype);
echo $myphoto->data;
} else {
- if(preg_match('/^\d*$/',$_REQUEST['x'])) {
- $result = $globals->db->query("SELECT attachmime, attach FROM photo WHERE uid = '{$_REQUEST['x']}'");
+ if(preg_match('/^\d*$/', Env::get('x'))) {
+ $result = $globals->db->query('SELECT attachmime, attach FROM photo WHERE uid = '.Env::getInt('x'));
} else {
$sql = "SELECT attachmime, attach
FROM photo AS p
INNER JOIN aliases AS a ON p.uid=a.id
- WHERE alias='{$_REQUEST['x']}'";
+ WHERE alias='".Env::get('x')."'";
$result = $globals->db->query($sql);
}
Header( "Content-type: image/$type");
echo $data;
} else {
- Header( "Content-type: image/png");
- echo file_get_contents(dirname(__FILE__)."/images/none.png");
+ Header( 'Content-type: image/png');
+ echo file_get_contents(dirname(__FILE__).'/images/none.png');
}
}
}
// OUI, alors changeons le mot de passe
$password = Post::get('response2');
$sql = "UPDATE auth_user_md5 SET password='$password' WHERE user_id=".Session::getInt('uid');
+ $log =& Session::getMixed('log');
$globals->db->query($sql);
- $_SESSION['log']->log('passwd', '');
+ $log->log('passwd', '');
new_skinned_page('motdepassemd5.success.tpl', AUTH_MDP);
$page->run();
}
//on met a jour $opened_tab et $new_tab qui sont le tab du POST et le tab demande
// Tout d'abord, quel est le tab actuel ?
// si on vient d'un POST, old_tab etait le tab courant
-if(isset($_REQUEST['old_tab']) && isset($tabname_array[$_REQUEST['old_tab']])) // on verifie que la valeur postee existe bien
- $opened_tab = $_REQUEST['old_tab'];
-$new_tab = isset($_REQUEST['suivant']) ? get_next_tab($opened_tab) : $opened_tab;
+if (Env::has('old_tab') && isset($tabname_array[Env::get('old_tab')])) {
+ // on verifie que la valeur postee existe bien
+ $opened_tab = Env::get('old_tab');
+}
+$new_tab = Env::has('suivant') ? get_next_tab($opened_tab) : $opened_tab;
// pour tous les tabs, on recupere les bits car on a besoin de tous les bits pour en mettre a jour un, la date d naissance pour verifier
// quelle est bien rentree et la date.
FIND_IN_SET('web_public', bits), FIND_IN_SET('libre_public', bits),
naissance, DATE_FORMAT(date,'%d.%m.%Y')
FROM auth_user_md5
- WHERE user_id=".$_SESSION['uid'];
+ WHERE user_id=".Session::getInt('uid');
$result = $globals->db->query($sql);
list($mobile_public, $mobile_ax,$web_public, $libre_public, $naissance, $date_modif_profil) = mysql_fetch_row($result);
// lorsqu'on n'a pas la date de naissance en base de données
if (!$naissance) {
// la date de naissance n'existait pas et vient d'être soumise dans la variable
- // $_REQUEST['birth']
- if (isset($_REQUEST['birth'])) {
+ if (Env::has('birth')) {
//en cas d'erreur :
- if (!ereg("[0-3][0-9][0-1][0-9][1][9]([0-9]{2})", $_REQUEST['birth'])) {
- $page->assign('etat_naissance','query');
- $page->trig_run("Date de naissance incorrecte ou incohérente.");
+ if (!ereg('[0-3][0-9][0-1][0-9][1][9]([0-9]{2})', Env::get('birth'))) {
+ $page->assign('etat_naissance', 'query');
+ $page->trig_run('Date de naissance incorrecte ou incohérente.');
}
//sinon
- $birth = sprintf("%s-%s-%s", substr($_REQUEST["birth"],4,4), substr($_REQUEST["birth"],2,2), substr($_REQUEST["birth"],0,2));
- $globals->db->query("UPDATE auth_user_md5 SET naissance='$birth' WHERE user_id=".$_SESSION['uid']);
+ $birth = sprintf("%s-%s-%s", substr(Env::get('birth'),4,4), substr(Env::get('birth'),2,2), substr(Env::get('birth'),0,2));
+ $globals->db->query("UPDATE auth_user_md5 SET naissance='$birth' WHERE user_id=".Session::getInt('uid'));
$page->assign('etat_naissance','ok');
$page->run();
} else {
}
//doit-on faire un update ?
-if (isset($_REQUEST['modifier']) || isset($_REQUEST['suivant'])) {
+if (Env::has('modifier') || Env::has('suivant')) {
require_once("profil/get_{$opened_tab}.inc.php");
require_once("profil/verif_{$opened_tab}.inc.php");
/* on sauvegarde les changements dans user_changes :
* on a juste besoin d'insérer le user_id de la personne dans la table
*/
- $globals->db->query("replace into user_changes set user_id='{$_SESSION['uid']}'");
+ $globals->db->query('REPLACE INTO user_changes SET user_id='.Session::getInt('uid'));
//Mise a jour des bits
// bits : set('mobile_public','mobile_ax','web_public','libre_public')
if ($web_public) $bits_reply .= 'web_public,';
if ($libre_public) $bits_reply .= 'libre_public,';
if (!empty($bits_reply)) $bits_reply = substr($bits_reply, 0, -1);
- $sql = "UPDATE auth_user_md5 set bits = '$bits_reply' WHERE user_id={$_SESSION['uid']}";
+ $sql = "UPDATE auth_user_md5 set bits = '$bits_reply' WHERE user_id=".Session::getInt('uid'));
$globals->db->query($sql);
- if(empty($_SESSION['suid'])) {
+ if (!Session::has('suid')) {
require_once('notifs.inc.php');
- register_watch_op($_SESSION['uid'],WATCH_FICHE);
+ register_watch_op(Session::getInt('uid'), WATCH_FICHE);
}
// mise a jour des champs relatifs au tab ouvert
require_once("profil/update_{$opened_tab}.inc.php");
-
- $_SESSION['log']->log("profil",$opened_tab);
- $page->assign('etat_update','ok');
+
+ $log =& Session::getMixed('log');
+ $log->log('profil', $opened_tab);
+ $page->assign('etat_update', 'ok');
}
require_once("profil/get_{$new_tab}.inc.php");
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
-require_once("xorg.inc.php");
+require_once('xorg.inc.php');
new_skinned_page('recovery.tpl', AUTH_PUBLIC);
-if (isset($_REQUEST['login']) and isset($_REQUEST['birth'])) {
- if (!ereg("[0-3][0-9][0-1][0-9][1][9]([0-9]{2})", $_REQUEST['birth'])) {
- $page->trig_run("Date de naissance incorrecte ou incohérente");
+if (Env::has('login') and Env::has('birth')) {
+ if (!ereg('[0-3][0-9][0-1][0-9][1][9]([0-9]{2})', Env::get('birth'))) {
+ $page->trig_run('Date de naissance incorrecte ou incohérente');
}
- $birth = sprintf("%s-%s-%s", substr($_REQUEST["birth"],4,4), substr($_REQUEST["birth"],2,2), substr($_REQUEST["birth"],0,2));
+ $birth = sprintf('%s-%s-%s', substr(Env::get('birth'),4,4), substr(Env::get('birth'),2,2), substr(Env::get('birth'),0,2));
- $mailorg=strtok($_REQUEST['login'],"@");
+ $mailorg = strtok(Env::get('login', '@');
// paragraphe rajouté : si la date de naissance dans la base n'existe pas, on l'update
// avec celle fournie ici en espérant que c'est la bonne
if ($naissance == $birth) {
$page->assign('ok', true);
- $url=rand_url_id();
- $stamp=date("Y-m-d H:i:s");
- $sql="INSERT INTO perte_pass (certificat,uid,created) VALUES ('$url',$uid,'$stamp')";
+ $url = rand_url_id();
+ $stamp = date('Y-m-d H:i:s');
+ $sql = "INSERT INTO perte_pass (certificat,uid,created) VALUES ('$url',$uid,'$stamp')";
$globals->db->query($sql);
--
Polytechnique.org
-\"Le portail des élèves & anciens élèves de l'Ecole polytechnique\"".((!empty($_POST["email"])) ? "
+\"Le portail des élèves & anciens élèves de l'Ecole polytechnique\"".(Post::has('email')) ? "
-Adresse de secours : {$_POST['email']}" : "")."
+Adresse de secours : ".Post::get('email') : "")."
-Mail envoyé à {$_REQUEST['login']}");
+Mail envoyé à ".Env::get('login'));
$mymail->send();
// on cree un objet logger et on log l'evenement
- $logger = $_SESSION['log'] = (isset($logger) ? $logger : new DiogenesCoreLogger($uid));
- $logger->log("recovery",$emails);
+ $logger = $_SESSION['log'] = new DiogenesCoreLogger($uid);
+ $logger->log('recovery', $emails);
} else {
- $page->trig("Pas de résultat correspondant aux champs entrés dans notre base de données.");
+ $page->trig('Pas de résultat correspondant aux champs entrés dans notre base de données.');
}
}
projects / platal.git / commitdiff