[auf_bulletin.git] / signaler.php

<?php
/**
 * Fichier pour le signalement d'une page
 *
 * PHP versions 4 et 5
 *
 * LODEL - Logiciel d'Edition ELectronique.
 *
 * Copyright (c) 2001-2002, Ghislain Picard, Marin Dacos
 * Copyright (c) 2003, Ghislain Picard, Marin Dacos, Luc Santeramo, Nicolas Nutten, Anne Gentil-Beccot
 * Copyright (c) 2004, Ghislain Picard, Marin Dacos, Luc Santeramo, Anne Gentil-Beccot, Bruno Cénou
 * Copyright (c) 2005, Ghislain Picard, Marin Dacos, Luc Santeramo, Gautier Poupeau, Jean Lamy, Bruno Cénou
 * Copyright (c) 2006, Marin Dacos, Luc Santeramo, Bruno Cénou, Jean Lamy, Mikaël Cixous, Sophie Malafosse
 * Copyright (c) 2007, Marin Dacos, Bruno Cénou, Sophie Malafosse, Pierre-Alain Mignot
 * Copyright (c) 2008, Marin Dacos, Bruno Cénou, Pierre-Alain Mignot, Inès Secondat de Montesquieu, Jean-François Rivière
 * Copyright (c) 2009, Marin Dacos, Bruno Cénou, Pierre-Alain Mignot, Inès Secondat de Montesquieu, Jean-François Rivière
 *
 * Home page: http://www.lodel.org
 *
 * E-Mail: lodel@lodel.org
 *
 * All Rights Reserved
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 *
 * @author Ghislain Picard
 * @author Jean Lamy
 * @author Pierre-Alain Mignot
 * @copyright 2001-2002, Ghislain Picard, Marin Dacos
 * @copyright 2003, Ghislain Picard, Marin Dacos, Luc Santeramo, Nicolas Nutten, Anne Gentil-Beccot
 * @copyright 2004, Ghislain Picard, Marin Dacos, Luc Santeramo, Anne Gentil-Beccot, Bruno Cénou
 * @copyright 2005, Ghislain Picard, Marin Dacos, Luc Santeramo, Gautier Poupeau, Jean Lamy, Bruno Cénou
 * @copyright 2006, Marin Dacos, Luc Santeramo, Bruno Cénou, Jean Lamy, Mikaël Cixous, Sophie Malafosse
 * @copyright 2007, Marin Dacos, Bruno Cénou, Sophie Malafosse, Pierre-Alain Mignot
 * @copyright 2008, Marin Dacos, Bruno Cénou, Pierre-Alain Mignot, Inès Secondat de Montesquieu, Jean-François Rivière
 * @copyright 2009, Marin Dacos, Bruno Cénou, Pierre-Alain Mignot, Inès Secondat de Montesquieu, Jean-François Rivière
 * @licence http://www.gnu.org/copyleft/gpl.html
 * @version CVS:$Id:
 * @package lodel/source
 */

require 'siteconfig.php';

try
{
    //gestion de l'authentification
    include 'auth.php';
    authenticate();
    // record the url if logged
    if (C::get('visitor', 'lodeluser')) {
        recordurl();
    }
    $context =& C::getC();
    $context['signaler_recaptcha'] = C::get('signaler_recaptcha', 'cfg');
    $context['recaptcha_publickey'] = C::get('recaptcha_publickey', 'cfg');
    include 'recaptchalib.php';
    
    // identifié ? accès à tous les documents
    $critere = C::get('rights', 'lodeluser') > LEVEL_VISITOR ? '' : "AND #_TP_entities.status>0 AND #_TP_types.status>0";
    function_exists("filtered_mysql_fetch_assoc") || include_once 'filterfunc.php';
    $id = C::get('id');
    $site = C::get('site', 'cfg');
    defined('INC_CONNECT') || include 'connect.php';
    global $db;
    $result = $db->Execute(lq("
        SELECT #_TP_textes.*, #_TP_entities.*,type 
            FROM #_entitiestypesjoin_ JOIN #_TP_textes ON #_TP_entities.id = #_TP_textes.identity 
            WHERE #_TP_entities.id='$id' 
            $critere")) 
        or trigger_error("SQL ERROR :<br />".$GLOBALS['db']->ErrorMsg(), E_USER_ERROR);
        
    if ($result->RecordCount() < 1) {
        $result->Close();
        $context['notfound'] = 1;
        View::getView()->render('signaler');
        return;
    }
    
    $context = array_merge($context, filtered_mysql_fetch_assoc($context, $result));
    $result->Close();
    // send
    if (isset($context['envoi'])) {
        if($context['signaler_recaptcha'] === true) {
            // recaptcha
            $resp = recaptcha_check_answer (C::get('recaptcha_privatekey', 'cfg'),
                            $_SERVER["REMOTE_ADDR"],
                            $_POST["recaptcha_challenge_field"],
                            $_POST["recaptcha_response_field"]);
            
            if (!$resp->is_valid) {
                $context['recaptcha_error'] = $resp->error;
                C::set('nocache', true);
                View::getView()->render('signaler');
                exit;
            }
        }
        // validation
        do {
	    $err = false;
            // on vérifie que les mails fournies sont correctes
            if (empty($context['to']) || !preg_match("/^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/", $context['to'])) {
                $err = $context['error_to'] = 1;
            }
            if (empty($context['from']) || !preg_match("/^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/", $context['from'])) {
                $err = $context['error_from'] = 1;
            }
    
            if ($err) {
                break;
            }
            $row = $db->getRow(lq("SELECT url FROM #_MTP_sites WHERE name='{$site}'"));
            $context['subject'] = 'Un article de ' . $context['options']['metadonneessite']['titresite'] . " sur {$row['url']} signalé par ";
            if(!empty($context['nom_expediteur']))
                $context['subject'] .= $context['nom_expediteur'];
            else
                $context['subject'] .= "un ami (" . $context['from'] . ").";
    
	    class_exists('View') || include 'View.php'; // should be included by the autoload

            ob_start();
            $GLOBALS['nodesk'] = true; // on veut pas le desk pour la génération du mail !
            // on utilise pas le cache pour le mail généré !!
            C::set('nocache', true);
            insert_template($context, 'signaler-mail');
            $content = ob_get_clean();
            
            // envoie le mail
            if (true !== send_mail ($context['to'], $content, $context['subject'], $context['from'], $context['nom_expediteur'])) {
                $context['error_mail']=1;
                break;
            }
            header ('location: '. makeurlwithid($id, 'index'));
            return;
        } while (0);
    }
    
    View::getView()->renderCached('signaler');
}
catch(LodelException $e)
{
	echo $e->getContent();
	exit();
}
?>
Commit	Line	Data
314c311a	1	<?php
	2	/**
	3	* Fichier pour le signalement d'une page
	4	*
	5	* PHP versions 4 et 5
	6	*
	7	* LODEL - Logiciel d'Edition ELectronique.
	8	*
	9	* Copyright (c) 2001-2002, Ghislain Picard, Marin Dacos
	10	* Copyright (c) 2003, Ghislain Picard, Marin Dacos, Luc Santeramo, Nicolas Nutten, Anne Gentil-Beccot
	11	* Copyright (c) 2004, Ghislain Picard, Marin Dacos, Luc Santeramo, Anne Gentil-Beccot, Bruno Cénou
	12	* Copyright (c) 2005, Ghislain Picard, Marin Dacos, Luc Santeramo, Gautier Poupeau, Jean Lamy, Bruno Cénou
	13	* Copyright (c) 2006, Marin Dacos, Luc Santeramo, Bruno Cénou, Jean Lamy, Mikaël Cixous, Sophie Malafosse
	14	* Copyright (c) 2007, Marin Dacos, Bruno Cénou, Sophie Malafosse, Pierre-Alain Mignot
	15	* Copyright (c) 2008, Marin Dacos, Bruno Cénou, Pierre-Alain Mignot, Inès Secondat de Montesquieu, Jean-François Rivière
	16	* Copyright (c) 2009, Marin Dacos, Bruno Cénou, Pierre-Alain Mignot, Inès Secondat de Montesquieu, Jean-François Rivière
	17	*
	18	* Home page: http://www.lodel.org
	19	*
	20	* E-Mail: lodel@lodel.org
	21	*
	22	* All Rights Reserved
	23	*
	24	* This program is free software; you can redistribute it and/or modify
	25	* it under the terms of the GNU General Public License as published by
	26	* the Free Software Foundation; either version 2 of the License, or
	27	* (at your option) any later version.
	28	*
	29	* This program is distributed in the hope that it will be useful,
	30	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	31	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	32	* GNU General Public License for more details.
	33	*
	34	* You should have received a copy of the GNU General Public License
	35	* along with this program; if not, write to the Free Software
	36	* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
	37	*
	38	* @author Ghislain Picard
	39	* @author Jean Lamy
	40	* @author Pierre-Alain Mignot
	41	* @copyright 2001-2002, Ghislain Picard, Marin Dacos
	42	* @copyright 2003, Ghislain Picard, Marin Dacos, Luc Santeramo, Nicolas Nutten, Anne Gentil-Beccot
	43	* @copyright 2004, Ghislain Picard, Marin Dacos, Luc Santeramo, Anne Gentil-Beccot, Bruno Cénou
	44	* @copyright 2005, Ghislain Picard, Marin Dacos, Luc Santeramo, Gautier Poupeau, Jean Lamy, Bruno Cénou
	45	* @copyright 2006, Marin Dacos, Luc Santeramo, Bruno Cénou, Jean Lamy, Mikaël Cixous, Sophie Malafosse
	46	* @copyright 2007, Marin Dacos, Bruno Cénou, Sophie Malafosse, Pierre-Alain Mignot
	47	* @copyright 2008, Marin Dacos, Bruno Cénou, Pierre-Alain Mignot, Inès Secondat de Montesquieu, Jean-François Rivière
	48	* @copyright 2009, Marin Dacos, Bruno Cénou, Pierre-Alain Mignot, Inès Secondat de Montesquieu, Jean-François Rivière
	49	* @licence http://www.gnu.org/copyleft/gpl.html
	50	* @version CVS:$Id:
	51	* @package lodel/source
	52	*/
	53
	54	require 'siteconfig.php';
	55
	56	try
	57	{
	58	//gestion de l'authentification
	59	include 'auth.php';
	60	authenticate();
	61	// record the url if logged
	62	if (C::get('visitor', 'lodeluser')) {
	63	recordurl();
	64	}
65	$context =& C::getC();
66	$context['signaler_recaptcha'] = C::get('signaler_recaptcha', 'cfg');
67	$context['recaptcha_publickey'] = C::get('recaptcha_publickey', 'cfg');
68	include 'recaptchalib.php';
69
70	// identifié ? accès à tous les documents
71	$critere = C::get('rights', 'lodeluser') > LEVEL_VISITOR ? '' : "AND #_TP_entities.status>0 AND #_TP_types.status>0";
72	function_exists("filtered_mysql_fetch_assoc") \|\| include_once 'filterfunc.php';
73	$id = C::get('id');
74	$site = C::get('site', 'cfg');
75	defined('INC_CONNECT') \|\| include 'connect.php';
76	global $db;
77	$result = $db->Execute(lq("
78	SELECT #_TP_textes., #_TP_entities.,type
79	FROM #_entitiestypesjoin_ JOIN #_TP_textes ON #_TP_entities.id = #_TP_textes.identity
80	WHERE #_TP_entities.id='$id'
81	$critere"))
82	or trigger_error("SQL ERROR :<br />".$GLOBALS['db']->ErrorMsg(), E_USER_ERROR);
83
84	if ($result->RecordCount() < 1) {
85	$result->Close();
86	$context['notfound'] = 1;
87	View::getView()->render('signaler');
88	return;
89	}
90
91	$context = array_merge($context, filtered_mysql_fetch_assoc($context, $result));
92	$result->Close();
93	// send
94	if (isset($context['envoi'])) {
95	if($context['signaler_recaptcha'] === true) {
96	// recaptcha
97	$resp = recaptcha_check_answer (C::get('recaptcha_privatekey', 'cfg'),
98	$_SERVER["REMOTE_ADDR"],
99	$_POST["recaptcha_challenge_field"],
100	$_POST["recaptcha_response_field"]);
101
102	if (!$resp->is_valid) {
103	$context['recaptcha_error'] = $resp->error;
104	C::set('nocache', true);
105	View::getView()->render('signaler');
106	exit;
107	}
108	}
109	// validation
110	do {
111	$err = false;
112	// on vérifie que les mails fournies sont correctes
113	if (empty($context['to']) \|\| !preg_match("/^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/", $context['to'])) {
114	$err = $context['error_to'] = 1;
115	}
116	if (empty($context['from']) \|\| !preg_match("/^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/", $context['from'])) {
117	$err = $context['error_from'] = 1;
118	}
119
120	if ($err) {
121	break;
122	}
123	$row = $db->getRow(lq("SELECT url FROM #_MTP_sites WHERE name='{$site}'"));
124	$context['subject'] = 'Un article de ' . $context['options']['metadonneessite']['titresite'] . " sur {$row['url']} signalé par ";
125	if(!empty($context['nom_expediteur']))
126	$context['subject'] .= $context['nom_expediteur'];
127	else
128	$context['subject'] .= "un ami (" . $context['from'] . ").";
129
130	class_exists('View') \|\| include 'View.php'; // should be included by the autoload
131
132	ob_start();
133	$GLOBALS['nodesk'] = true; // on veut pas le desk pour la génération du mail !
134	// on utilise pas le cache pour le mail généré !!
135	C::set('nocache', true);
136	insert_template($context, 'signaler-mail');
137	$content = ob_get_clean();
138
139	// envoie le mail
140	if (true !== send_mail ($context['to'], $content, $context['subject'], $context['from'], $context['nom_expediteur'])) {
141	$context['error_mail']=1;
142	break;
143	}
144	header ('location: '. makeurlwithid($id, 'index'));
145	return;
146	} while (0);
147	}
148
149	View::getView()->renderCached('signaler');
150	}
151	catch(LodelException $e)
152	{
153	echo $e->getContent();
154	exit();
155	}
156	?>