projects / platal.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Moving to GitHub.
[platal.git] / modules / platal.php
CommitLineData
e59506eb 1<?php
2/***************************************************************************
c441aabe 3 * Copyright (C) 2003-2014 Polytechnique.org *
e59506eb 4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
5de0b7e1 22function bugize($list)
23{
bd5dad64 24 $list = preg_split('/,/', $list, -1, PREG_SPLIT_NO_EMPTY);
5de0b7e1 25 $ans = array();
26
27 foreach ($list as $bug) {
28 $clean = str_replace('#', '', $bug);
29 $ans[] = "<a href='http://trackers.polytechnique.org/task/$clean'>$bug</a>";
30 }
31
32 return join(',', $ans);
33}
34
35
e59506eb 36class PlatalModule extends PLModule
37{
38 function handlers()
39 {
40 return array(
bfe9f4c7
SJ		 41 'index' => $this->make_hook('index', AUTH_PUBLIC),
42 'cacert.pem' => $this->make_hook('cacert', AUTH_PUBLIC),
43 'changelog' => $this->make_hook('changelog', AUTH_PUBLIC),
5de0b7e1 44
4da0b8d7 45 // Preferences thingies
bfe9f4c7
SJ		 46 'prefs' => $this->make_hook('prefs', AUTH_COOKIE, 'user,groups'),
47 'prefs/rss' => $this->make_hook('prefs_rss', AUTH_COOKIE, 'user'),
48 'prefs/webredirect' => $this->make_hook('webredir', AUTH_PASSWD, 'mail'),
49 'prefs/skin' => $this->make_hook('skin', AUTH_COOKIE, 'user'),
40279e62 50 'prefs/email' => $this->make_hook('prefs_email', AUTH_COOKIE, 'mail'),
4da0b8d7 51
52 // password related thingies
bfe9f4c7
SJ		 53 'password' => $this->make_hook('password', AUTH_PASSWD, 'user,groups'),
54 'password/smtp' => $this->make_hook('smtppass', AUTH_PASSWD, 'mail'),
55 'tmpPWD' => $this->make_hook('tmpPWD', AUTH_PUBLIC),
56 'recovery' => $this->make_hook('recovery', AUTH_PUBLIC),
a88f005d
RB		 57 'recovery/ext' => $this->make_hook('recovery_ext', AUTH_PUBLIC),
58 'register/ext' => $this->make_hook('register_ext', AUTH_PUBLIC),
bfe9f4c7
SJ		 59 'exit' => $this->make_hook('exit', AUTH_PUBLIC),
60 'review' => $this->make_hook('review', AUTH_PUBLIC),
61 'deconnexion.php' => $this->make_hook('exit', AUTH_PUBLIC),
ff949e76
RB		 62
63 'error' => $this->make_hook('test_error', AUTH_COOKIE),
e59506eb 64 );
65 }
66
26ba053e 67 function handler_index($page)
c9178c75 68 {
ab66bf7f 69 // Include X-XRDS-Location response-header for Yadis discovery
78507d96 70 global $globals;
34d91db6 71 header('X-XRDS-Location: ' . $globals->baseurl . '/openid/xrds');
ab66bf7f
AA		 72
73 // Redirect to the suitable page
cab08090 74 if (S::logged()) {
8b00e0e0 75 pl_redirect('events');
ddb64990 76 } else if (!@$GLOBALS['IS_XNET_SITE']) {
78d4079a 77 $this->handler_review($page);
c9178c75 78 }
c9178c75 79 }
80
26ba053e 81 function handler_cacert($page)
5de0b7e1 82 {
3cb500d5
VZ		 83 pl_cached_content_headers("application/x-x509-ca-cert");
84 readfile("/etc/ssl/xorgCA/cacert.pem");
5de0b7e1 85 exit;
86 }
87
26ba053e 88 function handler_changelog($page, $core = null)
5de0b7e1 89 {
8b1f8e12 90 $page->changeTpl('platal/changeLog.tpl');
5de0b7e1 91
78d4079a
FB		 92 function formatChangeLog($file) {
93 $clog = pl_entities(file_get_contents($file));
94 $clog = preg_replace('/===+\s*/', '</pre><hr /><pre>', $clog);
95 // url catch only (not all wiki syntax)
96 $clog = preg_replace(array(
97 '/((?:https?|ftp):\/\/(?:\.*,*[\w@~%$£µ&i#\-+=_\/\?;])*)/ui',
98 '/(\s|^)www\.((?:\.*,*[\w@~%$£µ&i#\-+=_\/\?;])*)/iu',
99 '/(?:mailto:)?([a-z0-9.\-+_]+@([\-.+_]?[a-z0-9])+)/i'),
100 array(
101 '<a href="\\0">\\0</a>',
102 '\\1<a href="http://www.\\2">www.\\2</a>',
103 '<a href="mailto:\\0">\\0</a>'),
104 $clog);
2bb9e576 105 $clog = preg_replace('!(#[0-9]+(,[0-9]+)*)!e', 'bugize("\1")', $clog);
78d4079a
FB		 106 $clog = preg_replace('!vim:.*$!', '', $clog);
107 return preg_replace("!(<hr />(\\s|\n)*)?<pre>(\s|\n)*</pre>((\\s|\n)*<hr />)?!m", "", "<pre>$clog</pre>");
108 }
109 if ($core != 'core') {
110 $page->assign('core', false);
111 $page->assign('ChangeLog', formatChangeLog(dirname(__FILE__).'/../ChangeLog'));
112 } else {
113 $page->assign('core', true);
114 $page->assign('ChangeLog', formatChangeLog(dirname(__FILE__).'/../core/ChangeLog'));
115 }
5de0b7e1 116 }
117
7927d719 118 function __set_rss_state($state)
119 {
7927d719 120 if ($state) {
19be891e
FB		 121 if (!S::user()->token) {
122 S::user()->token = rand_url_id(16);
123 S::set('token', S::user()->token);
124 XDB::execute('UPDATE accounts
125 SET token = {?}
126 WHERE uid = {?}', S::user()->token, S::i('uid'));
127 }
7927d719 128 } else {
31e01c97 129 S::kill('token');
19be891e 130 S::user()->token = null;
31e01c97
FB		 131 XDB::execute('UPDATE accounts
132 SET token = NULL
133 WHERE uid = {?}', S::i('uid'));
7927d719 134 }
135 }
136
26ba053e 137 function handler_prefs($page)
e59506eb 138 {
8b1f8e12 139 $page->changeTpl('platal/preferences.tpl');
46f272fe 140 $page->setTitle('Mes préférences');
e59506eb 141
31e01c97 142 if (Post::has('email_format')) {
19be891e 143 S::assert_xsrf_token();
31e01c97 144 $fmt = Post::s('email_format');
8d308ee4 145 S::user()->setEmailFormat($fmt);
e59506eb 146 }
147
bee33d93 148 if (Post::has('rss')) {
19be891e
FB		 149 S::assert_xsrf_token();
150 $this->__set_rss_state(Post::s('rss') == 'on');
e59506eb 151 }
e59506eb 152 }
9bae6004 153
26ba053e 154 function handler_webredir($page)
bce2f8eb 155 {
8b1f8e12 156 $page->changeTpl('platal/webredirect.tpl');
46f272fe 157 $page->setTitle('Redirection de page WEB');
bce2f8eb 158
c1e98576
FB		 159 if (Env::v('submit') == 'Valider' && !Env::blank('url')) {
160 if (Env::blank('url')) {
161 $page->trigError('URL invalide');
162 } else {
163 $url = Env::t('url');
00ba8a74
SJ		 164 XDB::execute('INSERT INTO carvas (uid, url)
165 VALUES ({?}, {?})
166 ON DUPLICATE KEY UPDATE url = VALUES(url)',
c1e98576
FB		 167 S::i('uid'), $url);
168 S::logger()->log('carva_add', 'http://' . $url);
169 $page->trigSuccess("Redirection activée vers <a href='http://$url'>$url</a>");
170 }
171 } elseif (Env::v('submit') == 'Supprimer') {
172 XDB::execute('DELETE FROM carvas
173 WHERE uid = {?}', S::i('uid'));
bce2f8eb 174 Post::kill('url');
c1e98576 175 S::logger()->log('carva_del');
a7d35093 176 $page->trigSuccess('Redirection supprimée');
bce2f8eb 177 }
178
c1e98576
FB		 179 $url = XDB::fetchOneCell('SELECT url
180 FROM carvas
181 WHERE uid = {?}', S::i('uid'));
182 $page->assign('carva', $url);
e67b4436
VZ		 183
184 # FIXME: this code is not multi-domain compatible. We should decide how
185 # carva will extend to users not in the main domain.
c0436d0b
SJ		 186 $best = XDB::fetchOneCell('SELECT email
187 FROM email_source_account
188 WHERE uid = {?} AND FIND_IN_SET(\'bestalias\', flags)',
189 S::user()->id());
190 $page->assign('bestalias', $best);
bce2f8eb 191 }
192
26ba053e 193 function handler_prefs_rss($page)
7927d719 194 {
8b1f8e12 195 $page->changeTpl('platal/filrss.tpl');
7927d719 196
5e2307dc 197 $page->assign('goback', Env::v('referer', 'login'));
7927d719 198
5e2307dc 199 if (Env::v('act_rss') == 'Activer') {
7927d719 200 $this->__set_rss_state(true);
a7d35093 201 $page->trigSuccess("Ton Fil RSS est activé.");
7927d719 202 }
7927d719 203 }
204
40279e62
SJ		 205 function handler_prefs_email($page)
206 {
207 $page->changeTpl('platal/email_preferences.tpl');
208
209 if (Post::has('submit')) {
210 S::assert_xsrf_token();
211
212 $from_email = Post::t('from_email');
213 $from_format = Post::v('from_format');
214
215 // Checks email.
216 $email_regex = '/^[a-z0-9.\-+_\$]+@([\-.+_]?[a-z0-9])+$/i';
217 if (!preg_match($email_regex, $from_email)) {
218 $full_regex = '/^[^<]*<[a-z0-9.\-+_\$]+@([\-.+_]?[a-z0-9])+>$/i';
219 if (!preg_match($full_regex, $from_email)) {
220 $page->trigError("L'adresse email est erronée.");
221 $error = true;
222 $page->assign('from_email', $from_email);
223 $page->assign('from_format', $from_format);
224 $page->assign('error', true);
225 return;
226 }
227 }
228
229 // Saves data.
230 XDB::execute('UPDATE accounts
231 SET from_email = {?}, from_format = {?}
232 WHERE uid = {?}',
233 $from_email, ($from_format == 'html' ? 'html' : 'text'), S::user()->id());
234 $page->trigSuccess('Données enregistrées.');
235 }
236
237 $data = XDB::fetchOneAssoc('SELECT from_email, from_format
238 FROM accounts
239 WHERE uid = {?}',
240 S::user()->id());
241 $page->assign('from_email', $data['from_email']);
242 $page->assign('from_format', $data['from_format']);
243 $page->assign('error', false);
244 }
245
26ba053e 246 function handler_password($page)
7c77c3ee 247 {
84270653
VZ		 248 global $globals;
249
81b5a6c9 250 if (Post::has('pwhash') && Post::t('pwhash')) {
40d428d8 251 S::assert_xsrf_token();
7c77c3ee 252
81b5a6c9 253 S::set('password', $password = Post::t('pwhash'));
31e01c97
FB		 254 XDB::execute('UPDATE accounts
255 SET password = {?}
256 WHERE uid={?}', $password,
257 S::i('uid'));
7c77c3ee 258
84270653
VZ		 259 // If GoogleApps is enabled, and the user did choose to use synchronized passwords,
260 // updates the Google Apps password as well.
261 if ($globals->mailstorage->googleapps_domain) {
262 require_once 'googleapps.inc.php';
d56cb887 263 $account = new GoogleAppsAccount(S::user());
f5c4bf30 264 if ($account->active() && $account->sync_password) {
84270653
VZ		 265 $account->set_password($password);
266 }
267 }
268
604dfd58
FB		 269 S::logger()->log('passwd');
270 Platal::session()->setAccessCookie(true);
7c77c3ee 271
4baa7323 272 $page->changeTpl('platal/password.success.tpl');
7c77c3ee 273 $page->run();
274 }
275
4baa7323 276 $page->changeTpl('platal/password.tpl');
46f272fe 277 $page->setTitle('Mon mot de passe');
a9ec9298 278 $page->assign('do_auth', 0);
7c77c3ee 279 }
280
26ba053e 281 function handler_smtppass($page)
1a5da857 282 {
8b1f8e12 283 $page->changeTpl('platal/acces_smtp.tpl');
46f272fe 284 $page->setTitle('Acces SMTP/NNTP');
eaf30d86 285
8f201b69
FB		 286 $wp = new PlWikiPage('Xorg.SMTPSécurisé');
287 $wp->buildCache();
288 $wp = new PlWikiPage('Xorg.NNTPSécurisé');
289 $wp->buildCache();
1a5da857 290
31e01c97 291 $uid = S::i('uid');
5e2307dc 292 $pass = Env::v('smtppass1');
1a5da857 293
eaf30d86 294 if (Env::v('op') == "Valider" && strlen($pass) >= 6
31e01c97 295 && Env::v('smtppass1') == Env::v('smtppass2')) {
0511895d
FB		 296 XDB::execute('UPDATE accounts
297 SET weak_password = {?}
298 WHERE uid = {?}', $pass, $uid);
a7d35093 299 $page->trigSuccess('Mot de passe enregistré');
732e5855 300 S::logger()->log("passwd_ssl");
5e2307dc 301 } elseif (Env::v('op') == "Supprimer") {
0511895d
FB		 302 XDB::execute('UPDATE accounts
303 SET weak_password = NULL
304 WHERE uid = {?}', $uid);
a7d35093 305 $page->trigSuccess('Compte SMTP et NNTP supprimé');
732e5855 306 S::logger()->log("passwd_del");
1a5da857 307 }
308
0511895d
FB		 309 $res = XDB::query("SELECT weak_password IS NOT NULL
310 FROM accounts
311 WHERE uid = {?}", $uid);
1a5da857 312 $page->assign('actif', $res->fetchOneCell());
1a5da857 313 }
314
26ba053e 315 function handler_recovery($page)
8858cfc1 316 {
317 global $globals;
318
8b1f8e12 319 $page->changeTpl('platal/recovery.tpl');
8858cfc1 320
321 if (!Env::has('login') || !Env::has('birth')) {
fd8f77de 322 return;
8858cfc1 323 }
324
cf5cf754 325 if (!preg_match('/^[0-3][0-9][0-1][0-9][1][9]([0-9]{2})$/', Env::v('birth'))) {
a7d35093 326 $page->trigError('Date de naissance incorrecte ou incohérente');
c9110c6c 327 return;
8858cfc1 328 }
c9110c6c 329
330 $birth = sprintf('%s-%s-%s',
5e2307dc 331 substr(Env::v('birth'), 4, 4),
332 substr(Env::v('birth'), 2, 2),
333 substr(Env::v('birth'), 0, 2));
8858cfc1 334
5e2307dc 335 $mailorg = strtok(Env::v('login'), '@');
8858cfc1 336
6846791e
FB		 337 $profile = Profile::get(Env::t('login'));
338 if (is_null($profile) || $profile->birthdate != $birth) {
339 $page->trigError('Les informations que tu as rentrées ne permettent pas de récupérer ton mot de passe.<br />'.
340 'Si tu as un homonyme, utilise prenom.nom.promo comme login');
341 return;
342 }
8c28edc9 343
6846791e
FB		 344 $user = $profile->owner();
345 if ($user->state != 'active') {
346 $page->trigError('Ton compte n\'est pas activé.');
347 return;
348 }
349
c0436d0b 350 if ($user->lost) {
6846791e
FB		 351 $page->assign('no_addr', true);
352 return;
353 }
8858cfc1 354
6846791e
FB		 355 $page->assign('ok', true);
356
c0436d0b 357 $url = rand_url_id();
06f4daf9 358 XDB::execute('INSERT INTO account_lost_passwords (certificat,uid,created)
6846791e 359 VALUES ({?},{?},NOW())', $url, $user->id());
c0436d0b
SJ		 360 $to = XDB::fetchOneCell('SELECT redirect
361 FROM email_redirect_account
362 WHERE uid = {?} AND redirect = {?}',
363 $user->id(), Post::t('email'));
364 if (is_null($to)) {
365 $emails = XDB::fetchColumn('SELECT redirect
366 FROM email_redirect_account
367 WHERE uid = {?} AND flags = \'inactive\' AND type = \'smtp\'',
368 $user->id());
369 $inactives_to = implode(', ', $emails);
6846791e
FB		 370 }
371 $mymail = new PlMailer();
372 $mymail->setFrom('"Gestion des mots de passe" <support+password@' . $globals->mail->domain . '>');
c0436d0b
SJ		 373 if (is_null($to)) {
374 $mymail->addTo($user);
f1aff348
SJ		 375 $log_to = $user->bestEmail();
376 if (!is_null($inactives_to)) {
377 $log_to = $inactives_to . ', ' . $log_to;
378 $mymail->addTo($inactives_to);
379 }
c0436d0b
SJ		 380 } else {
381 $mymail->addTo($to);
f1aff348 382 $log_to = $to;
c0436d0b 383 }
e46cf8c4 384 $mymail->setSubject("Ton certificat d'authentification");
6846791e 385 $mymail->setTxtBody("Visite la page suivante qui expire dans six heures :
8858cfc1 386{$globals->baseurl}/tmpPWD/$url
387
e887e90d 388Si en cliquant dessus tu n'y arrives pas, copie intégralement l'adresse dans la barre de ton navigateur. Si tu n'as pas utilisé ce lien dans six heures, tu peux tout simplement recommencer cette procédure.
8858cfc1 389
eaf30d86 390--
8858cfc1 391Polytechnique.org
3bf63218 392\"Le portail des élèves & anciens élèves de l'École polytechnique\"
8858cfc1 393
471882e8
SJ		 394Email envoyé à ".Env::v('login') . (is_null($to) ? '' : '
395Adresse de secours : ' . $to));
6846791e 396 $mymail->send();
8858cfc1 397
f1aff348 398 S::logger($user->id())->log('recovery', $log_to);
8858cfc1 399 }
400
a88f005d
RB		 401 function handler_recovery_ext($page)
402 {
403 $page->changeTpl('xnet/recovery.tpl');
404
405 if (!Post::has('login')) {
406 return;
407 }
408
409 $user = User::getSilent(Post::t('login'));
410 if (is_null($user)) {
411 $page->trigError('Le compte n\'existe pas.');
412 return;
413 }
414 if ($user->state != 'active') {
415 $page->trigError('Ton compte n\'est pas activé.');
416 return;
417 }
418
419 $page->assign('ok', true);
420
421 $hash = rand_url_id();
422 XDB::execute('INSERT INTO account_lost_passwords (uid, created, certificat)
423 VALUES ({?}, NOW(), {?})',
424 $user->id(), $hash);
425
23906784 426 $mymail = new PlMailer('platal/password_recovery_xnet.mail.tpl');
1bbba0f6 427 $mymail->setTo($user);
23906784
RB		 428 $mymail->assign('hash', $hash);
429 $mymail->assign('email', Post::t('login'));
a88f005d
RB		 430 $mymail->send();
431
432 S::logger($user->id())->log('recovery', $user->bestEmail());
433 }
434
26ba053e 435 function handler_tmpPWD($page, $certif = null)
6c49d0af 436 {
84270653 437 global $globals;
06f4daf9 438 XDB::execute('DELETE FROM account_lost_passwords
31e01c97 439 WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created');
6c49d0af 440
81b5a6c9 441 if (Post::has('pwhash') && Post::t('pwhash')) {
aba13e87
SJ		 442 $uid = XDB::fetchOneCell('SELECT uid
443 FROM accounts
444 WHERE hruid = {?}',
445 Post::t('username'));
81b5a6c9 446 $password = Post::t('pwhash');
31e01c97 447 XDB::query('UPDATE accounts
aba13e87 448 SET password = {?}
31e01c97
FB		 449 WHERE uid = {?} AND state = \'active\'',
450 $password, $uid);
06f4daf9 451 XDB::query('DELETE FROM account_lost_passwords
aba13e87 452 WHERE certificat = {?}', $certif);
84270653
VZ		 453
454 // If GoogleApps is enabled, and the user did choose to use synchronized passwords,
455 // updates the Google Apps password as well.
456 if ($globals->mailstorage->googleapps_domain) {
457 require_once 'googleapps.inc.php';
d56cb887 458 $account = new GoogleAppsAccount(User::getSilent($uid));
f5c4bf30 459 if ($account->active() && $account->sync_password) {
84270653
VZ		 460 $account->set_password($password);
461 }
462 }
463
cf40e1ae 464 S::logger($uid)->log("passwd", "");
30439e34
SJ		 465
466 // Try to start a session (so the user don't have to log in); we will use
467 // the password available in Post:: to authenticate the user.
bfe9f4c7 468 Platal::session()->start(AUTH_PASSWD);
30439e34 469
8b1f8e12 470 $page->changeTpl('platal/tmpPWD.success.tpl');
6c49d0af 471 } else {
aba13e87
SJ		 472 $res = XDB::query('SELECT uid
473 FROM account_lost_passwords
474 WHERE certificat = {?}', $certif);
475 $ligne = $res->fetchOneAssoc();
476 if (!$ligne) {
477 $page->changeTpl('platal/index.tpl');
478 $page->kill("Cette adresse n'existe pas ou n'existe plus sur le serveur.");
479 }
480
30439e34
SJ		 481 $hruid = XDB::fetchOneCell('SELECT hruid
482 FROM accounts
483 WHERE uid = {?}',
aba13e87 484 $ligne['uid']);
4baa7323 485 $page->changeTpl('platal/password.tpl');
30439e34 486 $page->assign('hruid', $hruid);
a9ec9298 487 $page->assign('do_auth', 1);
6c49d0af 488 }
6c49d0af 489 }
490
a88f005d
RB		 491 function handler_register_ext($page, $hash = null)
492 {
493 XDB::execute('DELETE FROM register_pending_xnet
494 WHERE DATE_SUB(NOW(), INTERVAL 1 MONTH) > date');
23906784 495 $res = XDB::fetchOneAssoc('SELECT uid, hruid, email
a88f005d
RB		 496 FROM register_pending_xnet
497 WHERE hash = {?}',
498 $hash);
499
500 if (is_null($hash) || is_null($res)) {
501 $page->trigErrorRedirect('Cette adresse n\'existe pas ou n\'existe plus sur le serveur.', '');
502 }
503
504 if (Post::has('pwhash') && Post::t('pwhash')) {
23906784 505 XDB::startTransaction();
a88f005d
RB		 506 XDB::query('UPDATE accounts
507 SET password = {?}, state = \'active\', registration_date = NOW()
508 WHERE uid = {?} AND state = \'pending\' AND type = \'xnet\'',
509 Post::t('pwhash'), $res['uid']);
510 XDB::query('DELETE FROM register_pending_xnet
511 WHERE uid = {?}',
23906784
RB		 512 $res['uid']);
513 XDB::commit();
a88f005d
RB		 514
515 S::logger($res['uid'])->log('passwd', '');
516
517 // Try to start a session (so the user don't have to log in); we will use
518 // the password available in Post:: to authenticate the user.
519 Post::kill('wait');
520 Platal::session()->startAvailableAuth();
521
522 $page->changeTpl('xnet/register.success.tpl');
523 $page->assign('email', $res['email']);
524 } else {
525 $page->changeTpl('platal/password.tpl');
526 $page->assign('xnet', true);
527 $page->assign('hruid', $res['hruid']);
528 $page->assign('do_auth', 1);
529 }
530 }
531
26ba053e 532 function handler_skin($page)
9bae6004 533 {
534 global $globals;
535
8b1f8e12 536 $page->changeTpl('platal/skins.tpl');
46f272fe 537 $page->setTitle('Skins');
9bae6004 538
a7de4ef7 539 if (Env::has('newskin')) { // formulaire soumis, traitons les données envoyées
31e01c97
FB		 540 XDB::execute('UPDATE accounts
541 SET skin = {?}
542 WHERE uid = {?}',
543 Env::i('newskin'), S::i('uid'));
92e6a287 544 S::kill('skin');
47fa97fe 545 Platal::session()->setSkin();
9bae6004 546 }
547
31e01c97
FB		 548 $res = XDB::query('SELECT id
549 FROM skins
550 WHERE skin_tpl = {?}', S::v('skin'));
92e6a287 551 $page->assign('skin_id', $res->fetchOneCell());
552
31e01c97
FB		 553 $sql = 'SELECT s.*, auteur, COUNT(*) AS nb
554 FROM skins AS s
555 LEFT JOIN accounts AS a ON (a.skin = s.id)
556 WHERE skin_tpl != \'\' AND ext != \'\'
557 GROUP BY id ORDER BY s.date DESC';
a3afa47c 558 $page->assign('skins', XDB::iterator($sql));
9bae6004 559 }
4da0b8d7 560
26ba053e 561 function handler_exit($page, $level = null)
5de0b7e1 562 {
0c02607e 563 if (S::suid()) {
20b087ff
FB		 564 $old = S::user()->login();
565 S::logger()->log('suid_stop', $old . " by " . S::suid('hruid'));
47fa97fe 566 Platal::session()->stopSUID();
20b087ff
FB		 567 $target = S::s('suid_startpage');
568 S::kill('suid_startpage');
569 if (!empty($target)) {
570 http_redirect($target);
571 }
572 pl_redirect('admin/user/' . $old);
5de0b7e1 573 }
574
575 if ($level == 'forget' || $level == 'forgetall') {
604dfd58 576 Platal::session()->killAccessCookie();
5de0b7e1 577 }
578
579 if ($level == 'forgetuid' || $level == 'forgetall') {
604dfd58 580 Platal::session()->killLoginFormCookies();
5de0b7e1 581 }
582
130b8708 583 if (S::logged()) {
59bec5bc
FB		 584 S::logger()->log('deconnexion', @$_SERVER['HTTP_REFERER']);
585 Platal::session()->destroy();
130b8708 586 }
5de0b7e1 587
588 if (Get::has('redirect')) {
5e2307dc 589 http_redirect(rawurldecode(Get::v('redirect')));
5de0b7e1 590 } else {
8b1f8e12 591 $page->changeTpl('platal/exit.tpl');
5de0b7e1 592 }
5de0b7e1 593 }
ddb64990 594
26ba053e 595 function handler_review($page, $action = null, $mode = null)
ddb64990 596 {
78507d96
AA		 597 // Include X-XRDS-Location response-header for Yadis discovery
598 global $globals;
34d91db6 599 header('X-XRDS-Location: ' . $globals->baseurl . '/openid/xrds');
78507d96 600
460d8f55 601 $this->load('review.inc.php');
ddb64990
FB		 602 $dom = 'Review';
603 if (@$GLOBALS['IS_XNET_SITE']) {
604 $dom .= 'Xnet';
605 }
8f201b69
FB		 606 $wp = new PlWikiPage($dom . '.Admin');
607 $conf = explode('%0a', $wp->getField('text'));
6d20fb1d 608 $wiz = new PlWizard('Tour d\'horizon', PlPage::getCoreTpl('plwizard.tpl'), true);
ddb64990
FB		 609 foreach ($conf as $line) {
610 $list = preg_split('/\s*[*|]\s*/', $line, -1, PREG_SPLIT_NO_EMPTY);
611 $wiz->addPage('ReviewPage', $list[0], $list[1]);
612 }
613 $wiz->apply($page, 'review', $action, $mode);
614 }
ff949e76 615
e42b6614 616 function handler_test_error($page, $mode = null)
ff949e76 617 {
e42b6614
RB		 618 if ($mode == 'js') {
619 $page->changeTpl('platal/error.tpl');
620 } else {
621 throw new Exception("Blih");
622 }
ff949e76 623 }
e59506eb 624}
625
448c8cdc 626// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
e59506eb 627?>
plat/al