gateway.php 20.7 KB
Newer Older
Ayolo's avatar
Ayolo committed
1 2 3 4 5 6 7 8
<?php
/* Copyright 2006-2007
 * - Julien Etelain < julien at pmad dot net >
 *
 * Ce fichier fait partie du site de l'Association des Étudiants de
 * l'UTBM, http://ae.utbm.fr.
 *
 * This program is free software; you can redistribute it and/or
Ayolo's avatar
Ayolo committed
9
 * modify it under the terms of the GNU General Public License a
Ayolo's avatar
Ayolo committed
10 11 12 13 14 15 16 17 18 19 20 21 22
 * published by the Free Software Foundation; either version 2 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
 * 02111-1307, USA.
 */
23

Ayolo's avatar
Ayolo committed
24 25 26 27 28 29
$topdir = "./";
require_once($topdir. "include/site.inc.php");

$site = new site();

if ( isset($_REQUEST['topdir']) && ($_REQUEST['topdir']=="./" || $_REQUEST['topdir'] =="../" || $_REQUEST['topdir'] =="./../") )
Ayolo's avatar
perdu  
Ayolo committed
30
  $wwwtopdir = $_REQUEST['topdir'];
Ayolo's avatar
Ayolo committed
31 32 33

if ( $_REQUEST['module']=="fsearch" )
{
jlaval's avatar
jlaval committed
34
  header("Content-Type: text/html; charset=UTF-8");
35

jlaval's avatar
jlaval committed
36
  if ($_REQUEST["pattern"] == "")
Ayolo's avatar
perdu  
Ayolo committed
37
    exit();
38

39 40
  require_once($topdir. "include/cts/fsearchcache.inc.php");
  $cache = new fsearchcache ();
41
  $content = null;
42 43
  if ($cache->can_get_cached_contents ())
      $content = $cache->get_cached_contents ($site->user, $_REQUEST["pattern"]);
44

Antoine Tenart's avatar
oO  
Antoine Tenart committed
45
  if ($content == null) {
46
      require_once($topdir. "include/cts/fsearch.inc.php");
Antoine Tenart's avatar
kwain  
Antoine Tenart committed
47
      $fsearch = new fsearch ( $site, false );
jlaval's avatar
jlaval committed
48
      $content = $fsearch->buffer;
49 50
      if (!empty ($content) && strlen ($_REQUEST["pattern"]) > 4)
          $cache->set_temporarily_cached_contents($_REQUEST["pattern"], $content);
Antoine Tenart's avatar
oO  
Antoine Tenart committed
51
  }
52

Dustri's avatar
Dustri committed
53
  echo $content;
jlaval's avatar
jlaval committed
54
  exit ();
Ayolo's avatar
Ayolo committed
55 56 57
}
elseif ( $_REQUEST['module']=="explorer" )
{
Ayolo's avatar
perdu  
Ayolo committed
58
  header("Content-Type: text/html; charset=utf-8");
Ayolo's avatar
Ayolo committed
59 60 61

  require_once($topdir."include/entities/files.inc.php");
  require_once($topdir."include/entities/folder.inc.php");
62

Ayolo's avatar
Ayolo committed
63
  $folder = new dfolder($site->db);
64

Ayolo's avatar
Ayolo committed
65 66 67 68
  if ( !isset($_REQUEST["id_folder"]) || !$_REQUEST["id_folder"] )
    $folder->id = null;
  else
    $folder->load_by_id($_REQUEST["id_folder"]);
69

Ayolo's avatar
Ayolo committed
70
  $field = $_REQUEST["field"];
71

Ayolo's avatar
Ayolo committed
72 73 74 75 76 77
  if ( is_null($folder->id) )
    $sub1 = new requete($this->db,"SELECT `d_folder`.`id_folder`, ".
    "IF(`asso`.`id_asso` IS NULL,`d_folder`.`titre_folder`, `asso`.`nom_asso`) AS `titre_folder` ".
    "FROM `d_folder` ".
    "LEFT JOIN `asso` ON `asso`.`id_asso` = `d_folder`.`id_asso` ".
    "WHERE `d_folder`.`id_folder_parent` IS NULL ".
78 79
    "ORDER BY `asso`.`nom_asso`");
  else
Ayolo's avatar
Ayolo committed
80
    $sub1 = $folder->get_folders ( $site->user );
81

Ayolo's avatar
Ayolo committed
82 83 84 85 86 87
  $fd = new dfolder(null);
  while ( $row = $sub1->get_row() )
  {
    $fd->_load($row);
    echo "<li><a href=\"#\" onclick=\"zd_seldir('$field','".$fd->id."','$wwwtopdir'); return false;\"><img src=\"".$wwwtopdir."images/icons/16/folder.png\" alt=\"dossier\" /> ".htmlentities($fd->titre,ENT_COMPAT,"UTF-8")."</a><ul id=\"".$field."_".$fd->id."_cts\" style=\"display:none;\"></ul></li>";
  }
88

Ayolo's avatar
Ayolo committed
89 90 91 92 93 94 95 96 97 98 99 100 101 102
  if ( !is_null($folder->id) )
  {
    $sub2 = $folder->get_files ( $site->user);
    $fd = new dfile(null);
    while ( $row = $sub2->get_row() )
    {
      $fd->_load($row);
      $img = $wwwtopdir."images/icons/16/".$fd->get_icon_name();
      echo "<li><a href=\"#\" onclick=\"zd_selfile('$field','".$fd->id."','$wwwtopdir'); return false;\"><img src=\"$img\" alt=\"fichier\" /> ".htmlentities($fd->titre,ENT_COMPAT,"UTF-8")."</a></li>";
    }
  }
}
elseif ( $_REQUEST['module']=="usersession" )
{
Ayolo's avatar
perdu  
Ayolo committed
103 104 105 106
  /**** NOTE IMPORTANTE ****
   * En raison de ce module, les valeurs de $_SESSION["usersession"] ne peuvent être
   * considéré comme "sûres"
   */
107

Ayolo's avatar
perdu  
Ayolo committed
108 109 110
  if ( isset($_REQUEST["set"]) )
  {
    $_SESSION["usersession"][$_REQUEST["set"]]   = $_REQUEST["value"];
111 112


Ayolo's avatar
perdu  
Ayolo committed
113
    if ( $site->user->is_valid() ) // mémorise le usersession
114 115
      $site->user->set_param("usersession",$_SESSION["usersession"]);

Ayolo's avatar
Ayolo committed
116

Ayolo's avatar
perdu  
Ayolo committed
117 118
    //echo "alert('".$_REQUEST["set"]."=".$_REQUEST["set"]."');";
  }
119 120

  exit();
Ayolo's avatar
Ayolo committed
121 122 123
}
elseif ( $_REQUEST['module']=="userfield" )
{
124 125 126
  header("Content-Type: text/javascript; charset=UTF-8");
  $buffer="";

Ayolo's avatar
perdu  
Ayolo committed
127
  if ( !$site->user->is_valid() && !count($_SESSION["Comptoirs"])) exit();
Ayolo's avatar
Ayolo committed
128

Ayolo's avatar
perdu  
Ayolo committed
129
  $pattern = mysql_real_escape_string($_REQUEST["pattern"]);
Ayolo's avatar
Ayolo committed
130

Ayolo's avatar
perdu  
Ayolo committed
131 132 133 134
  $pattern = ereg_replace("(e|é|è|ê|ë|É|È|Ê|Ë)","(e|é|è|ê|ë|É|È|Ê|Ë)",$pattern);
  $pattern = ereg_replace("(a|à|â|ä|À|Â|Ä)","(a|à|â|ä|À|Â|Ä)",$pattern);
  $pattern = ereg_replace("(i|ï|î|Ï|Î)","(i|ï|î|Ï|Î)",$pattern);
  $pattern = ereg_replace("(c|ç|Ç)","(c|ç|Ç)",$pattern);
Ayolo's avatar
bleh  
Ayolo committed
135
  $pattern = ereg_replace("(o|O|ò|Ò|ô|Ô)","(o|O|ò|Ò|ô|Ô)",$pattern);
Ayolo's avatar
perdu  
Ayolo committed
136 137
  $pattern = ereg_replace("(u|ù|ü|û|Ü|Û|Ù)","(u|ù|ü|û|Ü|Û|Ù)",$pattern);
  $pattern = ereg_replace("(n|ñ|Ñ)","(n|ñ|Ñ)",$pattern);
138 139

  $req = new requete($site->db,
Ayolo's avatar
perdu  
Ayolo committed
140 141 142 143 144 145 146 147 148 149
    "SELECT `id_utilisateur`,CONCAT(`prenom_utl`,' ',`nom_utl`) " .
    "FROM `utilisateurs` " .
    "WHERE CONCAT(`prenom_utl`,' ',`nom_utl`) REGEXP '^".$pattern."' " .
    "UNION SELECT `id_utilisateur`,CONCAT(`nom_utl`,' ',`prenom_utl`) " .
    "FROM `utilisateurs` " .
    "WHERE CONCAT(`nom_utl`,' ',`prenom_utl`) REGEXP '^".$pattern."' " .
    "UNION SELECT `utilisateurs`.`id_utilisateur`,CONCAT(`surnom_utbm`,' (',`prenom_utl`,' ',`nom_utl`,')') " .
    "FROM `utl_etu_utbm` " .
    "INNER JOIN `utilisateurs` ON `utl_etu_utbm`.`id_utilisateur` = `utilisateurs`.`id_utilisateur` " .
    "WHERE `surnom_utbm`!='' AND `surnom_utbm` REGEXP '^".$pattern."' " .
150 151
    "ORDER BY 2 LIMIT 10");

Ayolo's avatar
perdu  
Ayolo committed
152 153
  if ( !$req || $req->errno != 0) // Si l'expression régulière envoyée par l'utilisateur est invalide, on évite l'erreur mysql
  {
154 155 156
    $buffer .=  "<ul>";
    $buffer .=  "<li>Recherche invalide.</li>";
    $buffer .=  "</ul>";
157
    $buffer .=  "<div class=\"clearboth\"></div>";
158 159 160
    exit();
  }

161
  $buffer .=  "<ul>";
162

Ayolo's avatar
perdu  
Ayolo committed
163 164
  while ( list($id,$email) = $req->get_row() )
  {
165
    $buffer .=  "<li><div class=\"imguser\"><img src=\"";
166

Antoine Tenart's avatar
kwain  
Antoine Tenart committed
167 168 169 170
    if (file_exists($topdir."data/matmatronch/".$id.".identity.jpg"))
      $buffer .=  $wwwtopdir."data/matmatronch/".$id.".identity.jpg";
    elseif (file_exists($topdir."data/matmatronch/".$id.".jpg"))
      $buffer .=  $wwwtopdir."data/matmatronch/".$id.".jpg";
Ayolo's avatar
Ayolo committed
171
    else
Antoine Tenart's avatar
kwain  
Antoine Tenart committed
172
      $buffer .=  $wwwtopdir."data/matmatronch/na.gif";
173

174
    $buffer .=  "\" /></div><a href=\"#\" onclick=\"userselect_set_user('$wwwtopdir','".$_REQUEST["ref"]."',$id,'".addslashes(htmlspecialchars($email))."'); return false;\">".htmlspecialchars($email)."</a></li>";
Ayolo's avatar
perdu  
Ayolo committed
175
  }
176
  $buffer .=  "</ul>";
177 178 179 180 181 182 183 184
  $buffer .=  "<div class=\"clearboth\"></div>";

  // si la requete a été trop longue on ne l'affiche pas !
  echo "if ( ".$_REQUEST['userselect_sequence']." > userselect_actual_sequence ) {\n";
  echo "  userselect_actual_sequence=".$_REQUEST['userselect_sequence'].";\n";
  echo "  var content = document.getElementById('".$_REQUEST['ref']."_result');\n";
  echo "  content.innerHTML ='".addslashes($buffer)."';\n";
  echo "}\n";
Ayolo's avatar
Ayolo committed
185 186 187
}
elseif ( $_REQUEST['module']=="userinfo" )
{
Ayolo's avatar
perdu  
Ayolo committed
188
  if ( !$site->user->is_valid() && !count($_SESSION["Comptoirs"])) exit();
189

Ayolo's avatar
perdu  
Ayolo committed
190
  $user = new utilisateur($site->db,$site->dbrw);
191
  $user->load_by_id($_REQUEST["id_utilisateur"]);
Ayolo's avatar
perdu  
Ayolo committed
192 193
  if ( $user->id < 0 )
    $user = &$site->user;
194

Antoine Tenart's avatar
kwain  
Antoine Tenart committed
195 196
  if (file_exists($topdir."data/matmatronch/".$user->id.".identity.jpg"))
    echo "<img src=\"".$wwwtopdir."data/matmatronch/".$user->id.".jpg\" alt=\"\" />\n";
Ayolo's avatar
perdu  
Ayolo committed
197
  else
Antoine Tenart's avatar
kwain  
Antoine Tenart committed
198
    echo "<img src=\"".$wwwtopdir."data/matmatronch/na.gif"."\" alt=\"\" />\n";
199

Ayolo's avatar
perdu  
Ayolo committed
200 201 202 203 204
  echo "<p class=\"nomprenom\">". $user->prenom . " " . $user->nom . "</p>";
  if ( $user->surnom )
    echo "<p class=\"surnom\">'' ". $user->surnom . " ''</p>";
  echo "<div class=\"clearboth\"></div>";
  exit();
Ayolo's avatar
Ayolo committed
205 206 207 208
}
elseif ( $_REQUEST['module']=="entinfo" )
{
  $class = $_REQUEST['class'];
209

Ayolo's avatar
Ayolo committed
210
  if ( class_exists($class) )
Ayolo's avatar
perdu  
Ayolo committed
211
    $std = new $class($site->db);
212

Ayolo's avatar
Ayolo committed
213 214 215 216
  elseif ( isset($GLOBALS["entitiescatalog"][$class][5]) && $GLOBALS["entitiescatalog"][$class][5] )
  {
    include($topdir."include/entities/".$GLOBALS["entitiescatalog"][$class][5]);
    if ( class_exists($class) )
Ayolo's avatar
perdu  
Ayolo committed
217
      $std = new $class($site->db);
Ayolo's avatar
Ayolo committed
218
  }
219

220 221 222 223
  if ($class=="utilisateur")
    $std->load_all_by_id($_REQUEST['id']);
  else
    $std->load_by_id($_REQUEST['id']);
224

Ayolo's avatar
Ayolo committed
225 226 227
  if ( !$std->is_valid() )
  {
    echo "?";
228
    exit();
Ayolo's avatar
Ayolo committed
229
  }
230

Ayolo's avatar
Ayolo committed
231
  if ( !$std->allow_user_consult($site->user) )
232 233
    exit();

Ayolo's avatar
Ayolo committed
234 235
  if ( $std->can_preview() )
    echo "<p class=\"stdpreview\"><img src=\"".$wwwtopdir.$std->get_preview()."\" alt=\"".htmlentities($std->get_display_name(),ENT_COMPAT,"UTF-8")."\" /></p>";
236

Ayolo's avatar
Ayolo committed
237 238
  echo "<p class=\"stdinfo\">".$std->get_html_extended_info()."</p>";
  echo "<div class=\"clearboth\"></div>";
239
  exit();
Ayolo's avatar
Ayolo committed
240 241

}
Feu's avatar
test  
Feu committed
242 243 244
elseif ( $_REQUEST['module']=="entdesc" )
{
  $class = $_REQUEST['class'];
245

Feu's avatar
test  
Feu committed
246
  if ( class_exists($class) )
Ayolo's avatar
perdu  
Ayolo committed
247
    $std = new $class($site->db);
248

Feu's avatar
test  
Feu committed
249 250 251 252
  elseif ( isset($GLOBALS["entitiescatalog"][$class][5]) && $GLOBALS["entitiescatalog"][$class][5] )
  {
    include($topdir."include/entities/".$GLOBALS["entitiescatalog"][$class][5]);
    if ( class_exists($class) )
Ayolo's avatar
perdu  
Ayolo committed
253
      $std = new $class($site->db);
Feu's avatar
test  
Feu committed
254
  }
255

Feu's avatar
test  
Feu committed
256
  $std->load_by_id($_REQUEST['id']);
257

Feu's avatar
test  
Feu committed
258 259 260
  if ( !$std->is_valid() )
  {
    echo "?";
261
    exit();
Feu's avatar
test  
Feu committed
262
  }
263

Feu's avatar
test  
Feu committed
264
  if ( !$std->allow_user_consult($site->user) )
265 266
    exit();

Feu's avatar
test  
Feu committed
267
  echo htmlentities($std->get_description(),ENT_NOQUOTES,"UTF-8");
268 269

  exit();
Feu's avatar
test  
Feu committed
270
}
Ayolo's avatar
Ayolo committed
271 272 273 274
elseif ( $_REQUEST['module']=="fsfield" )
{
  $class = $_REQUEST['class'];
  $field = $_REQUEST['field'];
275 276


Ayolo's avatar
Ayolo committed
277 278
  if ( !ereg("^([a-z0-9]*)$",$class) )
    exit();
279

Ayolo's avatar
Ayolo committed
280
  $std = null;
281

Ayolo's avatar
Ayolo committed
282
  if ( class_exists($class) )
Ayolo's avatar
perdu  
Ayolo committed
283
    $std = new $class($site->db);
284

Ayolo's avatar
Ayolo committed
285 286 287 288
  elseif ( isset($GLOBALS["entitiescatalog"][$class][5]) && $GLOBALS["entitiescatalog"][$class][5] )
  {
    include($topdir."include/entities/".$GLOBALS["entitiescatalog"][$class][5]);
    if ( class_exists($class) )
Ayolo's avatar
perdu  
Ayolo committed
289
      $std = new $class($site->db);
Ayolo's avatar
Ayolo committed
290 291 292
  }

  if ( is_null($std) )
293 294
    exit();

Ayolo's avatar
Ayolo committed
295
  if ( !$std->can_fsearch() )
296 297
    exit();

Ayolo's avatar
Ayolo committed
298
  if ( !$std->allow_user_consult($site->user) )
299 300
    exit();

Ayolo's avatar
Ayolo committed
301 302
  if ( $_REQUEST['pattern'] != "" )
  {
Ayolo's avatar
bleh  
Ayolo committed
303 304 305
    $conds=array();
    if(isset($_REQUEST['conds']) && !empty($_REQUEST['conds']) && is_array($_REQUEST['conds']))
      $conds=$_REQUEST['conds'];
Ayolo's avatar
bleh  
Ayolo committed
306
    $res = $std->fsearch ( $_REQUEST['pattern'], 6 , $conds);
Ayolo's avatar
Ayolo committed
307 308
    if ( !is_null($res) )
    {
Ayolo's avatar
perdu  
Ayolo committed
309 310 311 312
      $buffer = "<ul class=\"fsfield_list\">";
      foreach ( $res as $id => $name )
      {
        $buffer .= "<li>";
313

Ayolo's avatar
perdu  
Ayolo committed
314 315 316 317 318 319 320
        $std->id = $id;
        if ( $std->can_preview() )
        {
          $img = $std->get_preview();
          if ( !is_null($img) )
            $buffer .= "<div class=\"imguser\"><img src=\"".$wwwtopdir.$img."\" /></div>";
        }
321

Ayolo's avatar
perdu  
Ayolo committed
322 323 324 325 326 327 328
        $buffer .= "<a href=\"#\" onclick=\"fsfield_sel('$wwwtopdir','$field',$id,'".addslashes(htmlspecialchars($name))."','".$GLOBALS["entitiescatalog"][$class][2]."'); return false;\">";
        $buffer .= htmlspecialchars($name);
        $buffer .= "</a>";
        $buffer .= "</li>";
      }
      $buffer .=  "</ul>";
      $buffer .=  "<div class=\"clearboth\"></div>";
Ayolo's avatar
Ayolo committed
329 330 331 332 333 334
    }
    else
      $buffer="<p class=\"error\">Requête invalide</p>";
  }
  else
    $buffer="";
335 336

  echo "if ( ".$_REQUEST['sequence']." > fsfield_current_sequence['".$field."'] )\n{\n";
Ayolo's avatar
Ayolo committed
337
  echo "  fsfield_current_sequence['".$field."']=".$_REQUEST['sequence'].";\n";
Ayolo's avatar
perdu  
Ayolo committed
338 339 340 341 342
  echo "  var content = document.getElementById('".$field."_result');\n";
  echo "  content.style.zIndex = 100000;\n";
  echo "  content.style.display = 'block';\n";
  echo "  content.innerHTML ='".addslashes($buffer)."';\n";
  echo "}\n";
343

Ayolo's avatar
Ayolo committed
344 345 346 347 348 349 350
  exit();
}
elseif ( $_REQUEST['module']=="exfield" )
{
  $class = $_REQUEST['class'];
  $field = $_REQUEST['field'];
  $eclass = $_REQUEST['eclass'];
351

Ayolo's avatar
Ayolo committed
352 353
  if ( !ereg("^([a-z0-9]*)$",$class) || !ereg("^([a-z0-9]*)$",$class) )
    exit();
354

Ayolo's avatar
Ayolo committed
355 356 357
  $std = null;

  if ( class_exists($eclass) )
Ayolo's avatar
perdu  
Ayolo committed
358
    $std = new $eclass($site->db);
359

Ayolo's avatar
Ayolo committed
360 361 362 363
  elseif ( isset($GLOBALS["entitiescatalog"][$eclass][5]) && $GLOBALS["entitiescatalog"][$eclass][5] )
  {
    include($topdir."include/entities/".$GLOBALS["entitiescatalog"][$eclass][5]);
    if ( class_exists($eclass) )
Ayolo's avatar
perdu  
Ayolo committed
364
      $std = new $eclass($site->db);
Ayolo's avatar
Ayolo committed
365
  }
366

Ayolo's avatar
Ayolo committed
367
  if ( is_null($std) )
368 369
    exit();

Ayolo's avatar
Ayolo committed
370 371 372 373
  if ( $_REQUEST['eid'] == "root" )
  {
    $std = $std->get_root_element();
    if ( is_null($std) )
374
      exit();
Ayolo's avatar
Ayolo committed
375 376 377 378 379 380 381 382
  }
  else
    $std->load_by_id($_REQUEST['eid']);

  if ( !$std->is_valid() )
    exit();

  if ( !$std->allow_user_consult($site->user) )
383
    exit();
Ayolo's avatar
Ayolo committed
384 385

  $childs = $std->get_childs($site->user);
386

Ayolo's avatar
Ayolo committed
387
  if ( is_null($childs) || count($childs) == 0 )
388
    exit();
Ayolo's avatar
Ayolo committed
389 390 391 392

  foreach ( $childs as $child )
  {
    $name = $child->get_display_name();
393 394 395

    echo "<li>";

Ayolo's avatar
Ayolo committed
396 397 398 399 400 401
    echo "<a href=\"#\" onclick=\"";
    if ( get_class($child) == $class )
      echo "exfield_select('$wwwtopdir','$field','$class','".$child->id."','".addslashes(htmlspecialchars($name))."','".$GLOBALS["entitiescatalog"][$class][2]."');";
    else
      echo "exfield_explore('$wwwtopdir','$field','$class','".get_class($child)."','".$child->id."');";
    echo "return false;\">";
402

Ayolo's avatar
Ayolo committed
403 404 405
    echo "<img src=\"".$wwwtopdir."images/icons/16/".$GLOBALS["entitiescatalog"][get_class($child)][2]."\" alt=\"\" />";
    echo htmlspecialchars($name);
    echo "</a>";
406

Ayolo's avatar
Ayolo committed
407
    echo "<ul id=\"".$field."_".get_class($child)."_".$child->id."\"></ul>";
408

Ayolo's avatar
Ayolo committed
409 410 411 412 413 414
    echo "</li>";
  }


  exit();
}
gliss's avatar
gliss committed
415
elseif( $_REQUEST['module']=="tinycal" )
gliss's avatar
gliss committed
416
{
Ayolo's avatar
perdu  
Ayolo committed
417 418 419 420 421 422
  $cal = new tinycalendar($site->db);
  $cal->set_target($_REQUEST['target']);
  $cal->set_type($_REQUEST['type']);
  $cal->set_ext_topdir($_REQUEST['topdir']);
  echo $cal->html_render();
  exit();
gliss's avatar
gliss committed
423
}
424 425 426 427 428
elseif ($_REQUEST['module'] == 'eticket-ident' && isset ($_REQUEST['id_utilisateur']) && isset($_REQUEST['secret'])) {
    /* Utilisé par le logiciel de validation des etickets pour récupérer
       des infos utilisateurs si il a un lien internet */
    require_once($topdir. "include/mysql.inc.php");

jlaval's avatar
jlaval committed
429
    $req = new requete ($site->db, 'SELECT id_ticket FROM cpt_etickets WHERE secret=\''.mysql_real_escape_string($_REQUEST['secret']).'\'');
430 431 432 433 434 435
    if ($req->lines > 0) {
        $req = new requete ($site->db, 'SELECT utl.prenom_utl, utl.nom_utl, utl_utbm.surnom_utbm FROM utilisateurs AS utl LEFT JOIN utl_etu_utbm AS utl_utbm ON utl.id_utilisateur = utl_utbm.id_utilisateur WHERE utl.id_utilisateur='.intval(mysql_real_escape_string($_REQUEST['id_utilisateur'])));
        $line = $req->get_row ();
        if ($line != null) {
            echo $line['prenom_utl'] . '|^' . $line['nom_utl'] . '|^' . $line['surnom_utbm'];
        }
jlaval's avatar
jlaval committed
436 437
    } else {
        echo '0';
438
    }
jlaval's avatar
jlaval committed
439
    exit ();
440
}
Bate's avatar
Bate committed
441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482
elseif($_REQUEST['module'] == 'appli-mobile')
{
	require_once($topdir. "include/mysql.inc.php");
	if($_REQUEST['req'] == 'login')
	{
		switch ($_REQUEST["domain"])
		{
		  case "utbm" :
		    $site->user->load_by_email($_REQUEST["username"]."@utbm.fr");
		  break;
		  case "assidu" :
		    $site->user->load_by_email($_REQUEST["username"]."@assidu-utbm.fr");
		  break;
		  case "id" :
		    $site->user->load_by_id($_REQUEST["username"]);
		  break;
		  case "autre" :
		    $site->user->load_by_email($_REQUEST["username"]);
		  break;
		  case "alias" :
		    $site->user->load_by_alias($_REQUEST["username"]);
		  break;
		  case "carteae":
		    $site->user->load_by_carteae($_REQUEST["username"], true, false);
		  break;
		  default :
		    $site->user->load_by_email($_REQUEST["username"]."@utbm.fr");
		  break;
		}

		if ( !$site->user->is_valid() )
		{
		  echo "echec";
		  exit();
		}

		if ( $site->user->hash != "valid" )
		{
		  echo "utilisateur non valide";
		  exit();
		}

Bate's avatar
Bate committed
483
		if ( $site->user->is_password($_REQUEST["password"]) )
Bate's avatar
Bate committed
484 485 486
		{
		  

Bate's avatar
Bate committed
487
		  $req = new requete($site->db, "SELECT serviceident FROM `utilisateurs` WHERE id_utilisateur = ".$site->user->id."");
Bate's avatar
Bate committed
488 489 490 491 492 493
		  if($req->lines != 1)
		  {
			  echo "erreur";
			  exit();
		  }
		  list( $servident ) = $req->get_row();
494
		  if(is_null($servident) || empty($servident))
Bate's avatar
Bate committed
495 496 497 498 499 500 501 502 503 504 505 506
		  {
			  $site->user->gen_serviceident();
			  $req = new requete($site->db, "SELECT serviceident FROM `utilisateurs` WHERE id_utilisateur = ".$site->user->id."");
			  if($req->lines != 1)
			  {
				  echo "erreur";
				  exit();
			  }
			  list( $servident ) = $req->get_row();
			  
		  }

Bate's avatar
Bate committed
507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538
		  echo $site->user->id."\n";
		  echo $servident."\n";
		  exit();
		}
		echo "erreur";
		exit();
	}
	if(!isset($_REQUEST['serviceident']) || !isset($_REQUEST['id']))
	{
		echo "identifiant non valide";
		exit();
	}
	$site->user->load_by_service_ident($_REQUEST['id'],$_REQUEST['serviceident']);
	if ( !$site->user->is_valid() )
	{
		echo "identifiant non valide";
		exit();
	}

	if($_REQUEST['req'] == 'montant')
	{
		if(!$site->user->ae)
		{
			echo "utilisateur non ae";
			exit();
		}
		echo $site->user->montant_compte;
		exit();

	}
	elseif($_REQUEST['req'] == 'comptoir')
	{
Bate's avatar
Bate committed
539
	    $req = new requete ($site->dbrw,
Bate's avatar
Bate committed
540 541 542 543 544 545
		   "UPDATE `cpt_tracking` SET `closed_time`='".date("Y-m-d H:i:s")."'
		    WHERE `activity_time` <= '".date("Y-m-d H:i:s",time()-intval(ini_get("session.gc_maxlifetime")))."'
		    AND `closed_time` IS NULL");


	    // 2- On récupère les infos sur les bars ouverts
Bate's avatar
Bate committed
546
	    $req = new requete ($site->dbrw,
Bate's avatar
Bate committed
547 548 549 550 551 552 553 554 555 556
		   "SELECT MAX(activity_time),id_comptoir
		    FROM `cpt_tracking`
		    WHERE `activity_time` > '".date("Y-m-d H:i:s",time()-intval(ini_get("session.gc_maxlifetime")))."'
		    AND `closed_time` IS NULL
		    GROUP BY id_comptoir");

	    while ( list($act,$id) = $req->get_row() )
	      $activity[$id]=strtotime($act);

	    // 3- On récupère les infos sur tous les bars
Bate's avatar
Bate committed
557
	    $req = new requete ($site->dbrw,
Bate's avatar
Bate committed
558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584
		   "SELECT id_comptoir, nom_cpt
		    FROM cpt_comptoir
		    WHERE type_cpt='0'
		    AND id_comptoir != '4'
		    AND id_comptoir != '8'
		    AND id_comptoir != '13'
		    ORDER BY nom_cpt");
	    $list='';
	    $i=0;
	    while ( list($id,$nom) = $req->get_row() )
	    {
	      $i++;
	      $led = 2;
	      $descled = "ouvert";

	      if ( !isset($activity[$id]) )
	      {
		$led = 0;
	      }
	      elseif ( time()-$activity[$id] > 600 )
	      {
		$led = 1;
	      }
	      echo "$nom:$led\n";
	    }
	    exit();

Bate's avatar
Bate committed
585 586 587 588
	}
	elseif($_REQUEST['req'] == 'com')
	{
		
Bate's avatar
Bate committed
589
	    $req = new requete ($site->db, "SELECT * FROM message_com WHERE id_utilisateur = ".$site->user->id." AND date > '".date("Y-m-d H:i:s",time()-30)."' ");
590
	    if($req->lines != 0 && !$site->user->is_in_group("root"))
Bate's avatar
Bate committed
591 592 593 594 595 596
	    {
		    echo "Pas de spam";
		    exit();
	    }
	    $req = new requete ($site->db, "SELECT COUNT(*) FROM message_com WHERE id_utilisateur = ".$site->user->id." AND date > '".date("Y-m-d H:i:s",time()-3600)."' ");
	    list( $nb_message ) = $req->get_row();
597
	    if($nb_message > 30 && !$site->user->is_in_group("root"))
Bate's avatar
Bate committed
598 599 600 601
	    {
		    echo "Quota excédé";
		    exit();
	    }
Bate's avatar
LOL  
Bate committed
602 603 604 605 606
	    if($site->user->is_in_group("root"))
              $req = new requete ($site->dbrw,
		    "INSERT INTO message_com (id_utilisateur, message) VALUES (".$site->user->id.", '".mysql_real_escape_string($_REQUEST['mess'])."')");
	    else
	      $req = new requete ($site->dbrw,
Bate's avatar
Bate committed
607
		    "INSERT INTO message_com (id_utilisateur, message) VALUES (".$site->user->id.", '".mysql_real_escape_string(htmlentities($_REQUEST['mess'],ENT_QUOTES,"UTF-8"))."')");
Bate's avatar
Bate committed
608 609
	    echo "Ok";
	    exit();
Bate's avatar
Bate committed
610

Bate's avatar
Bate committed
611 612 613
	}
	exit();
}
Bate's avatar
Bate committed
614
elseif($_REQUEST['module'] == 'ecrancom' &&  $_REQUEST['secret'] == "messageForTheLulz"  )
Bate's avatar
Bate committed
615 616
{

Bate's avatar
Bate committed
617
	require_once($topdir. "include/mysql.inc.php");
Bate's avatar
Bate committed
618 619 620
	$req = new requete ($site->dbrw,
		   "SELECT MAX(activity_time)
		    FROM `cpt_tracking`
Bate's avatar
Bate committed
621
		    WHERE id_comptoir = 2");
Bate's avatar
Bate committed
622 623 624
	list( $activity ) = $req->get_row();
	$activity = time()-strtotime($activity);

Bate's avatar
Bate committed
625 626
	$son = "";
	if(rand(0,2) < 1)
Bate's avatar
Bate committed
627
		$son = "sncf.ogg";
Bate's avatar
Bate committed
628
	else
Bate's avatar
Bate committed
629
		$son = "msn.ogg";
Bate's avatar
Bate committed
630

Bate's avatar
Bate committed
631
	/*if($activity > 600 && $activity < 607)
Bate's avatar
Bate committed
632
	{
Bate's avatar
Bate committed
633
		echo "Le lion\nlion.mp3\nEH OH!\nON PICOLE!";
Bate's avatar
Bate committed
634 635 636 637
		exit();
	}
	if($activity > intval(ini_get("session.gc_maxlifetime")) && $activity < (intval(ini_get("session.gc_maxlifetime"))+7))
	{
Bate's avatar
Bate committed
638
		echo "Le lion\nlion.mp3\nNOOOON!\n Le foyer est fermé :'-(";
Bate's avatar
Bate committed
639
		exit();
Bate's avatar
Bate committed
640
	}*/
Bate's avatar
Bate committed
641
	
Bate's avatar
Bate committed
642

Bate's avatar
Bate committed
643 644 645 646 647 648
	$req = new requete($site->db, "SELECT id_message,".
		"IF(utl_etu_utbm.surnom_utbm!='' AND utl_etu_utbm.surnom_utbm IS NOT NULL,utl_etu_utbm.surnom_utbm, CONCAT(`utilisateurs`.`prenom_utl`,' ',`utilisateurs`.`nom_utl`)) as `nom_utilisateur`, ".
		"message FROM `message_com` 
		JOIN utilisateurs ON utilisateurs.id_utilisateur = message_com.id_utilisateur
		LEFT JOIN utl_etu_utbm ON utilisateurs.id_utilisateur = utl_etu_utbm.id_utilisateur
		WHERE vu = 0 ORDER BY id_message LIMIT 1");
Bate's avatar
Bate committed
649 650 651 652 653 654 655 656
	if($req->lines != 1)
	{
		exit();
	}
	list( $id_message, $nom_utilisateur, $message ) = $req->get_row();

	$req = new requete($site->dbrw, "UPDATE `message_com` SET vu = 1 WHERE id_message = $id_message");

Bate's avatar
Bate committed
657
	echo "$nom_utilisateur\n$son\n$message";
Bate's avatar
Bate committed
658 659
	exit();
}
gliss's avatar
gliss committed
660

Ayolo's avatar
Ayolo committed
661
if ( $_REQUEST['class'] == "calendar" )
Ayolo's avatar
bleh  
Ayolo committed
662 663 664 665 666 667
{
  if(isset($_REQUEST['subclass']) && !empty($_REQUEST['subclass']))
    $subclass=$_REQUEST['subclass'];
  else
    $subclass='';
  if(isset($_REQUEST['id_box']) && !empty($_REQUEST['id_box']))
Ayolo's avatar
bleh  
Ayolo committed
668
    $cts = new calendar($site->db,null,$subclass,$_REQUEST['id_box']);
Ayolo's avatar
bleh  
Ayolo committed
669 670 671
  else
    $cts = new calendar($site->db);
}
Ayolo's avatar
Ayolo committed
672
else
673
  $cts = new contents();
Ayolo's avatar
Ayolo committed
674 675 676

echo $cts->html_render();

gliss's avatar
gliss committed
677 678


Ayolo's avatar
Ayolo committed
679
?>