Garradin: Check-in [12a00549c1]

Overview

Comment:	Merge avec trunk
Downloads:	Tarball \| ZIP archive \| SQL archive
Timelines:	family \| ancestors \| descendants \| both \| dev
Files:	files \| file ages \| folders
SHA1:	12a00549c1df5d8533f23deae5f3499caebcef41
User & Date:	bohwaz on 2019-12-17 16:02:05
Other Links:	branch diff \| manifest \| tags

Context

2020-01-06
12:15		Fusion avec trunk check-in: 451f4d7e39 user: bohwaz tags: dev
2019-12-17
16:02		Merge avec trunk check-in: 12a00549c1 user: bohwaz tags: dev
11:01		Fix: passage de paramètre de retour au plugin check-in: 449f2f6f3e user: bohwaz tags: trunk, stable
2019-09-23
21:30		Fusion des changements et correctifs effectués dans le trunk check-in: c0a510c18c user: bohwaz tags: dev

Changes

Hide Diffs Unified Diffs Ignore Whitespace Patch

Modified src/.htaccess from [2d15b5d11b] to [0f46a6ebba].

Modified src/Makefile from [7b30622c74] to [cf4731ac96].

Modified src/VERSION from [a416ca4e18] to [72f19f670a].

Modified src/config.dist.php from [1e67c15c59] to [7d9b8d58eb].

Modified src/include/data/schema.sql from [d06d0af8c9] to [ed9b40a97d].

Modified src/include/init.php from [f08b2c5f34] to [88209f2eb4].

Modified src/include/lib/Garradin/Compta/Exercices.php from [7a15675417] to [3bc6667d2a].

Modified src/include/lib/Garradin/Compta/Import.php from [2b6a446835] to [f263dfbb6d].

Modified src/include/lib/Garradin/DB.php from [ba4dc3d887] to [1f3b4719e4].

Modified src/include/lib/Garradin/Membres.php from [84b4e80ec3] to [25c189b224].

Modified src/include/lib/Garradin/Membres/Categories.php from [ab5f67e8e6] to [9c1326617e].

Modified src/include/lib/Garradin/Membres/Champs.php from [9b116040de] to [1e1a261c03].

Modified src/include/lib/Garradin/Membres/Import.php from [7b54b35f93] to [6ee80dccef].

Modified src/include/lib/Garradin/Membres/Session.php from [c1e59c0b68] to [fa679095c9].

Modified src/include/lib/Garradin/Plugin.php from [12668c1cfe] to [267ceae2a7].

Modified src/include/lib/Garradin/Recherche.php from [35a5a3057c] to [98002e1aea].

Modified src/include/lib/Garradin/Squelette.php from [8be8c4d3e2] to [f4ce828da9].

Modified src/include/lib/Garradin/Squelette_Filtres.php from [a2925f4fde] to [719077c361].

Modified src/include/lib/Garradin/Static_Cache.php from [1abb2553b4] to [73b33ffa77].

Modified src/include/lib/Garradin/Template.php from [3def9bc1cf] to [1753fedcdf].

Modified src/include/lib/Garradin/Utils.php from [c134309b5d] to [7bf98c3058].

Modified src/include/lib/dependencies.list from [bca53ee628] to [7b518732e5].

Deleted src/index.html version [008e979f23].

Added src/index.php version [3633bc3928].

Added src/sous-domaine.html version [01c1184ede].

Modified src/templates/admin/_head.tpl from [d5fc274287] to [ab1e909a41].

Modified src/templates/admin/compta/comptes/journal.tpl from [03e8b58484] to [f69dd30f9f].

Modified src/templates/admin/config/categories/modifier.tpl from [7b22c4c7fb] to [5f082eb8b5].

Modified src/templates/admin/config/index.tpl from [f4c6ed1cb3] to [6189dd4b55].

Modified src/templates/admin/config/site.tpl from [c6ae555354] to [dda2316333].

Modified src/templates/admin/membres/cotisations.tpl from [9d70dea083] to [062d322929].

Modified src/templates/admin/membres/cotisations/ajout.tpl from [433111eec2] to [6a2c71a215].

Modified src/templates/admin/membres/cotisations/index.tpl from [2f3ec3b601] to [754a0411a5].

Modified src/templates/admin/membres/fiche.tpl from [747af1b2b4] to [99f7b69c9c].

Modified src/templates/admin/membres/modifier.tpl from [8fb5353cd6] to [9ca196cbb1].

Modified src/templates/admin/membres/supprimer.tpl from [3ee78004e1] to [06cf105473].

Modified src/www/.htaccess from [da372037a9] to [5189696f0f].

Modified src/www/_route.php from [87c48a8fb1] to [fc31a0628c].

Modified src/www/admin/config/site.php from [dd99638235] to [4b2ceec322].

Modified src/www/admin/static/admin.css from [35bf143a4d] to [6c1a898bc9].

Modified src/www/admin/static/scripts/code_editor.min.js from [89cf1ff3b6] to [f838117490].

Modified src/www/admin/static/scripts/file_upload.js from [b26cec5034] to [dc9fa75b77].

Modified src/www/admin/static/scripts/global.js from [7039561d92] to [cba439a7f0].

Modified src/www/admin/static/scripts/password.js from [c16716738c] to [ae6eb9a86f].

Modified src/www/admin/static/scripts/query_builder.min.js from [652d101dbf] to [f2e9e173b4].

Modified src/www/admin/static/scripts/text_editor.min.js from [1c434850a5] to [83bda3f0af].

Modified src/www/admin/upgrade.php from [a82b7f5302] to [78af2dd31b].

︙			︙
59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160	// Configuration par défaut, si les constantes ne sont pas définies dans config.local.php // (fallback) if (!defined('Garradin\ROOT')) { define('Garradin\ROOT', dirname(__DIR__)); } ~~if (!defined('Garradin\DATA_ROOT'))~~ { ~~define('Garradin\DATA_ROOT', ROOT);~~ } ~~if (!defined('Garradin\WWW_URI'))~~ { ~~// Automagic URL discover~~ ~~$path = str_replace(ROOT . '/www', '', getcwd());~~ ~~$path = str_replace($path, '', dirname($_SERVER['SCRIPT_NAME']));~~ ~~$path = (!empty($path[0]) && $path[0] != '/') ? '/' . $path : $path;~~ ~~$path = (substr($path, -1) != '/') ? $path . '/' : $path;~~ ~~// Pour installations sans vhost~~ ~~$path = str_replace('/www', '', $path);~~ ~~define('Garradin\WWW_URI', $path);~~ } ~~if (!defined('Garradin\WWW_URL'))~~ { ~~$host = isset($_SERVER['HTTP_HOST'])~~ ~~? $_SERVER['HTTP_HOST']~~ ~~: (isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'localhost');~~ ~~define('Garradin\WWW_URL', 'http' . (!empty($_SERVER['HTTPS']) ? 's' : '') . '://' . $host . WWW_URI);~~ } ~~static $default_config = [~~ ~~'CACHE_ROOT' => DATA_ROOT . '/cache',~~ ~~'DB_FILE' => DATA_ROOT . '/association.sqlite',~~ ~~'DB_SCHEMA' => ROOT . '/include/data/schema.sql',~~ ~~'PLUGINS_ROOT' => DATA_ROOT . '/plugins',~~ ~~'PREFER_HTTPS' => false,~~ ~~'ALLOW_MODIFIED_IMPORT' => true,~~ ~~'PLUGINS_SYSTEM' => '',~~ ~~'SHOW_ERRORS' => true,~~ ~~'MAIL_ERRORS' => false,~~ ~~'ERRORS_REPORT_URL' => null,~~ ~~'ERRORS_ENABLE_LOG_VIEW'=> true,~~ ~~'USE_CRON' => false,~~ ~~'ENABLE_XSENDFILE' => false,~~ ~~'SMTP_HOST' => false,~~ ~~'SMTP_USER' => null,~~ ~~'SMTP_PASSWORD' => null,~~ ~~'SMTP_PORT' => 587,~~ ~~'SMTP_SECURITY' => 'STARTTLS',~~ ~~'ADMIN_URL' => WWW_URL . 'admin/',~~ ~~'NTP_SERVER' => 'fr.pool.ntp.org',~~ ~~'ENABLE_AUTOMATIC_BACKUPS' => true,~~ ~~'ADMIN_COLOR1' => '#9c4f15',~~ ~~'ADMIN_COLOR2' => '#d98628',~~ ]; ~~foreach ($default_config as $const => $value)~~ { ~~$const = sprintf('Garradin\\%s', $const);~~ ~~if (!defined($const))~~ { ~~define($const, $value);~~ } } ~~if (!defined('Garradin\\ADMIN_BACKGROUND_IMAGE')) {~~ ~~define('Garradin\\ADMIN_BACKGROUND_IMAGE', ADMIN_URL . 'static/gdin_bg.png');~~ } ~~const WEBSITE = 'https://garradin.eu/';~~ ~~const PLUGINS_URL = 'https://garradin.eu/plugins/list.json';~~ ~~#const DEFAULT_REPORT_URL = 'http://henga.test/report/?p=ABCD';~~ ~~const DEFAULT_REPORT_URL = null;~~ ~~// PHP devrait être assez intelligent pour chopper la TZ système mais nan~~ ~~// il sait pas faire (sauf sur Debian qui a le bon patch pour ça), donc pour~~ ~~// éviter le message d'erreur à la con on définit une timezone par défaut~~ ~~// Pour utiliser une autre timezone, il suffit de définir date.timezone dans~~ ~~// un .htaccess ou dans config.local.php~~ ~~if (!ini_get('date.timezone'))~~ { ~~if (($tz = @date_default_timezone_get()) && $tz != 'UTC')~~ { ~~ini_set('date.timezone', $tz);~~ } ~~else~~ { ~~ini_set('date.timezone', 'Europe/Paris');~~ } } /** * Auto-chargement des dépendances / class Loader { /*	< < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < <	59 60 61 62 63 64 65 66 67 68 69 70 71 72	// Configuration par défaut, si les constantes ne sont pas définies dans config.local.php // (fallback) if (!defined('Garradin\ROOT')) { define('Garradin\ROOT', dirname(__DIR__)); } /** * Auto-chargement des dépendances / class Loader { /*
︙			︙
201 202 203 204 205 206 207 208 209 210 211 212 213 214	self::$loaded[$classname] = true; require $path; } } \spl_autoload_register(['Garradin\Loader', 'load'], true); /* * Gestion des erreurs et exceptions */ class UserException extends \LogicException {	> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >	113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213	self::$loaded[$classname] = true; require $path; } } \spl_autoload_register(['Garradin\Loader', 'load'], true); if (!defined('Garradin\DATA_ROOT')) { define('Garradin\DATA_ROOT', ROOT); } if (!defined('Garradin\WWW_URI')) { $uri = \KD2\HTTP::getRootURI(ROOT); if ($uri == '/www/') { $uri = '/'; } else { readfile(ROOT . '/sous-domaine.html'); exit; } define('Garradin\WWW_URI', $uri); unset($uri); } if (!defined('Garradin\WWW_URL')) { define('Garradin\WWW_URL', \KD2\HTTP::getScheme() . '://' . \KD2\HTTP::getHost() . WWW_URI); } static $default_config = [ 'CACHE_ROOT' => DATA_ROOT . '/cache', 'DB_FILE' => DATA_ROOT . '/association.sqlite', 'DB_SCHEMA' => ROOT . '/include/data/schema.sql', 'PLUGINS_ROOT' => DATA_ROOT . '/plugins', 'PREFER_HTTPS' => false, 'ALLOW_MODIFIED_IMPORT' => true, 'PLUGINS_SYSTEM' => '', 'SHOW_ERRORS' => true, 'MAIL_ERRORS' => false, 'ERRORS_REPORT_URL' => null, 'ERRORS_ENABLE_LOG_VIEW'=> true, 'USE_CRON' => false, 'ENABLE_XSENDFILE' => false, 'SMTP_HOST' => false, 'SMTP_USER' => null, 'SMTP_PASSWORD' => null, 'SMTP_PORT' => 587, 'SMTP_SECURITY' => 'STARTTLS', 'ADMIN_URL' => WWW_URL . 'admin/', 'NTP_SERVER' => 'fr.pool.ntp.org', 'ENABLE_AUTOMATIC_BACKUPS' => true, 'ADMIN_COLOR1' => '#9c4f15', 'ADMIN_COLOR2' => '#d98628', ]; foreach ($default_config as $const => $value) { $const = sprintf('Garradin\\%s', $const); if (!defined($const)) { define($const, $value); } } if (!defined('Garradin\\ADMIN_BACKGROUND_IMAGE')) { define('Garradin\\ADMIN_BACKGROUND_IMAGE', ADMIN_URL . 'static/gdin_bg.png'); } const WEBSITE = 'https://fossil.kd2.org/garradin/'; const PLUGINS_URL = 'https://garradin.eu/plugins/list.json'; const DEFAULT_REPORT_URL = null; // PHP devrait être assez intelligent pour chopper la TZ système mais nan // il sait pas faire (sauf sur Debian qui a le bon patch pour ça), donc pour // éviter le message d'erreur à la con on définit une timezone par défaut // Pour utiliser une autre timezone, il suffit de définir date.timezone dans // un .htaccess ou dans config.local.php if (!ini_get('date.timezone')) { if (($tz = @date_default_timezone_get()) && $tz != 'UTC') { ini_set('date.timezone', $tz); } else { ini_set('date.timezone', 'Europe/Paris'); } } /* * Gestion des erreurs et exceptions */ class UserException extends \LogicException {
︙			︙
286 287 288 289 290 291 292 293 294 295 296 297 298 299	echo $e->getMessage(); } else { $tpl = Template::getInstance(); $tpl->assign('error', $e->getMessage()); $tpl->display('error.tpl'); } exit; } // Message d'erreur simple pour les erreurs de l'utilisateur	>	285 286 287 288 289 290 291 292 293 294 295 296 297 298 299	echo $e->getMessage(); } else { $tpl = Template::getInstance(); $tpl->assign('error', $e->getMessage()); $tpl->assign('admin_url', ADMIN_URL); $tpl->display('error.tpl'); } exit; } // Message d'erreur simple pour les erreurs de l'utilisateur
︙			︙

︙			︙
19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57	'Compte de débit - numéro', 'Compte de débit - libellé', 'Compte de crédit - numéro', 'Compte de crédit - libellé', 'Moyen de paiement', 'Numéro de chèque', 'Numéro de pièce', ~~'Remarques'~~ ]; protected function export($exercice) { return DB::getInstance()->iterate('SELECT journal.id, strftime(\'%d/%m/%Y\', date) AS date, (CASE cat.type WHEN 1 THEN \'Recette\' WHEN -1 THEN \'Dépense\' ELSE \'Autre\' END) AS type, (CASE cat.intitule WHEN NULL THEN \'\' ELSE cat.intitule END) AS cat, journal.libelle, montant, compte_debit, debit.libelle AS libelle_debit, compte_credit, credit.libelle AS libelle_credit, (CASE moyen_paiement WHEN NULL THEN \'\' ELSE moyen.nom END) AS moyen, numero_cheque, numero_piece, ~~remarques~~ FROM compta_journal AS journal LEFT JOIN compta_categories AS cat ON cat.id = journal.id_categorie LEFT JOIN compta_comptes AS debit ON debit.id = journal.compte_debit LEFT JOIN compta_comptes AS credit ON credit.id = journal.compte_credit LEFT JOIN compta_moyens_paiement AS moyen ON moyen.code = journal.moyen_paiement WHERE id_exercice = '.(int)$exercice.' ORDER BY journal.date; '); } protected function exportName() {	\| > \| > >	19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60	'Compte de débit - numéro', 'Compte de débit - libellé', 'Compte de crédit - numéro', 'Compte de crédit - libellé', 'Moyen de paiement', 'Numéro de chèque', 'Numéro de pièce', 'Remarques', 'Projet' ]; protected function export($exercice) { return DB::getInstance()->iterate('SELECT journal.id, strftime(\'%d/%m/%Y\', date) AS date, (CASE cat.type WHEN 1 THEN \'Recette\' WHEN -1 THEN \'Dépense\' ELSE \'Autre\' END) AS type, (CASE cat.intitule WHEN NULL THEN \'\' ELSE cat.intitule END) AS cat, journal.libelle, montant, compte_debit, debit.libelle AS libelle_debit, compte_credit, credit.libelle AS libelle_credit, (CASE moyen_paiement WHEN NULL THEN \'\' ELSE moyen.nom END) AS moyen, numero_cheque, numero_piece, remarques, projet.libelle AS projet FROM compta_journal AS journal LEFT JOIN compta_categories AS cat ON cat.id = journal.id_categorie LEFT JOIN compta_comptes AS debit ON debit.id = journal.compte_debit LEFT JOIN compta_comptes AS credit ON credit.id = journal.compte_credit LEFT JOIN compta_moyens_paiement AS moyen ON moyen.code = journal.moyen_paiement LEFT JOIN compta_projets AS projet ON projet.id = journal.id_projet WHERE id_exercice = '.(int)$exercice.' ORDER BY journal.date; '); } protected function exportName() {
︙			︙
83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101	} $db = DB::getInstance(); $db->begin(); $cats = new Categories; $journal = new Journal; ~~$columns = array_flip($this->header);~~ $liste_cats = $db->getAssoc('SELECT intitule, id FROM compta_categories;'); // Liste des moyens sous la forme nom -> code $liste_moyens = array_flip($cats->listMoyensPaiement(true)); $col = function($column) use (&$row, &$columns) { if (!isset($columns[$column])) return null; if (!isset($row[$columns[$column]])) return null;	< > > >	86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106	} $db = DB::getInstance(); $db->begin(); $cats = new Categories; $journal = new Journal; $liste_cats = $db->getAssoc('SELECT intitule, id FROM compta_categories;'); // Liste des moyens sous la forme nom -> code $liste_moyens = array_flip($cats->listMoyensPaiement(true)); // Liste associative des projets $liste_projets = $db->getAssoc('SELECT libelle, id FROM compta_projets;'); $col = function($column) use (&$row, &$columns) { if (!isset($columns[$column])) return null; if (!isset($row[$columns[$column]])) return null;
︙			︙
119 120 121 122 123 124 125 126 127 128 129 130 131 132	if ($line === 1) { if (trim($row[0]) != 'Numéro mouvement') { throw new UserException('Erreur sur la ligne ' . $line . ' : l\'entête des colonnes est absent ou incorrect.'); } continue; } if (count($row) != count($columns)) { $db->rollback();	> >	124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139	if ($line === 1) { if (trim($row[0]) != 'Numéro mouvement') { throw new UserException('Erreur sur la ligne ' . $line . ' : l\'entête des colonnes est absent ou incorrect.'); } $columns = array_flip($row); continue; } if (count($row) != count($columns)) { $db->rollback();
︙			︙
177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199	$cat = false; } if ($cat && !array_key_exists($cat, $liste_cats)) { $cat = $moyen = false; } $data = [ 'libelle' => $col('Libellé'), 'montant' => (float) $col('Montant'), 'date' => $date, 'compte_credit' => $credit, 'compte_debit' => $debit, 'numero_piece' => $col('Numéro de pièce'), 'remarques' => $col('Remarques'), ]; if ($cat) { $data['moyen_paiement'] = $moyen; $data['numero_cheque'] = $col('Numéro de chèque'); $data['id_categorie'] = $liste_cats[$cat];	> > > > > > > > > > >	184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217	$cat = false; } if ($cat && !array_key_exists($cat, $liste_cats)) { $cat = $moyen = false; } $id_projet = null; if (!empty($col('Projet'))) { if (!array_key_exists($col('Projet'), $liste_projets)) { throw new UserException(sprintf('Erreur sur la ligne %d : le projet "%s" est inconnu', $line, $col('Projet'))); } $id_projet = $liste_projets[$col('Projet')]; } $data = [ 'libelle' => $col('Libellé'), 'montant' => (float) $col('Montant'), 'date' => $date, 'compte_credit' => $credit, 'compte_debit' => $debit, 'numero_piece' => $col('Numéro de pièce'), 'remarques' => $col('Remarques'), 'id_projet' => $id_projet, ]; if ($cat) { $data['moyen_paiement'] = $moyen; $data['numero_cheque'] = $col('Numéro de chèque'); $data['id_categorie'] = $liste_cats[$cat];
︙			︙

︙			︙
11 12 13 14 15 16 17 ~~18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42~~ 43 44 45 46 47 48 49	const DROIT_AUCUN = 0; const DROIT_ACCES = 1; const DROIT_ECRITURE = 2; const DROIT_ADMIN = 9; const ITEMS_PER_PAGE = 50; ~~static protected function _getSalt($length)~~ { ~~static $str = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';~~ ~~$out = '';~~ ~~$max = strlen($str) - 1;~~ ~~for ($i = 0; $i < $length; $i++)~~ { ~~$random = Security::random_int(0, $max);~~ ~~$out .= $str[$random];~~ } ~~return $out;~~ } ~~static public function hashPassword($password)~~ { ~~// Remove NUL bytes~~ ~~// see http://blog.ircmaxell.com/2015/03/security-issue-combining-bcrypt-with.html~~ ~~$password = str_replace("\0", '', $password);~~ ~~return password_hash($password, \PASSWORD_DEFAULT);~~ } // Gestion des données /////////////////////////////////////////////////////// public function _checkFields(&$data, $check_editable = true, $check_password = true) { $champs = Config::getInstance()->get('champs_membres'); foreach ($champs->getAll() as $key=>$config)	< < < < < < < < < < < < < < < < < < < < < < < < <	11 12 13 14 15 16 17 18 19 20 21 22 23 24	const DROIT_AUCUN = 0; const DROIT_ACCES = 1; const DROIT_ECRITURE = 2; const DROIT_ADMIN = 9; const ITEMS_PER_PAGE = 50; // Gestion des données /////////////////////////////////////////////////////// public function _checkFields(&$data, $check_editable = true, $check_password = true) { $champs = Config::getInstance()->get('champs_membres'); foreach ($champs->getAll() as $key=>$config)
︙			︙
171 172 173 174 175 176 177 ~~178~~ 179 180 181 182 183 184 185	if (isset($data[$id]) && $db->test('membres', $id . ' = ? COLLATE NOCASE', $data[$id])) { throw new UserException('La valeur du champ '.$id.' est déjà utilisée par un autre membre, hors ce champ doit être unique à chaque membre.'); } if (isset($data['passe']) && trim($data['passe']) != '') { ~~$data['passe'] = ~~self~~::hashPassword($data['passe']);~~ } else { unset($data['passe']); } if (empty($data['id_categorie']))	> \|	146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161	if (isset($data[$id]) && $db->test('membres', $id . ' = ? COLLATE NOCASE', $data[$id])) { throw new UserException('La valeur du champ '.$id.' est déjà utilisée par un autre membre, hors ce champ doit être unique à chaque membre.'); } if (isset($data['passe']) && trim($data['passe']) != '') { Session::checkPasswordValidity($data['passe']); $data['passe'] = Session::hashPassword($data['passe']); } else { unset($data['passe']); } if (empty($data['id_categorie']))
︙			︙
226 227 228 229 230 231 232 ~~233~~ 234 235 236 237 238 239 240	{ throw new UserException('Ce numéro est déjà attribué à un autre membre.'); } } if (!empty($data['passe']) && trim($data['passe'])) { ~~$data['passe'] = ~~self~~::hashPassword($data['passe']);~~ } else { unset($data['passe']); } if (isset($data['id_categorie']) && empty($data['id_categorie']))	> \|	202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217	{ throw new UserException('Ce numéro est déjà attribué à un autre membre.'); } } if (!empty($data['passe']) && trim($data['passe'])) { Session::checkPasswordValidity($data['passe']); $data['passe'] = Session::hashPassword($data['passe']); } else { unset($data['passe']); } if (isset($data['id_categorie']) && empty($data['id_categorie']))
︙			︙

︙			︙
187 188 189 190 191 192 193 ~~194~~ ~~195~~ 196 197 198 199 200 201 202	} $db = DB::getInstance(); $db->begin(); $membres = new Membres; // On récupère les champs qu'on peut importer ~~$champs = Config::getInstance()->get('champs_membres'~~)->getAll(~~);~~ ~~$champs = ~~array_keys((array)~~$champs);~~ $champs[] = 'date_inscription'; //$champs[] = 'date_connexion'; //$champs[] = 'id'; //$champs[] = 'id_categorie'; $line = 0; $delim = Utils::find_csv_delim($fp);	\| > \|	187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203	} $db = DB::getInstance(); $db->begin(); $membres = new Membres; // On récupère les champs qu'on peut importer $champs_membres = Config::getInstance()->get('champs_membres'); $champs_multiples = $champs_membres->getMultiples(); $champs = $champs_membres->getKeys(); $champs[] = 'date_inscription'; //$champs[] = 'date_connexion'; //$champs[] = 'id'; //$champs[] = 'id_categorie'; $line = 0; $delim = Utils::find_csv_delim($fp);
︙			︙
237 238 239 240 241 242 243 ~~244~~ ~~245~~ 246 247 248 249 250 251 252	{ $name = trim($name); // Champs qui n'existent pas dans le schéma actuel if (!in_array($name, $champs)) continue; ~~if (trim($row[$id]) !== '')~~ ~~$data[$name] = $row[$id];~~ } if (!empty($data['numero']) && $data['numero'] > 0) { $numero = (int)$data['numero']; } else	> \| > > > \| > > > > > > > > > > > > > > >	238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272	{ $name = trim($name); // Champs qui n'existent pas dans le schéma actuel if (!in_array($name, $champs)) continue; // Ignorer les champs vides if (trim($row[$id]) === '') { continue; } $data[$name] = $row[$id]; // Restitution de la valeur binaire des champs à choix multiple if (isset($champs_multiples[$name])) { $values = explode(';', $data[$name]); $data[$name] = 0; foreach ($values as $v) { $v = trim($v); $found = array_search($v, $champs_multiples[$name]->options); if ($found) { $data[$name] \|= 0x01 << $found; } } } } if (!empty($data['numero']) && $data['numero'] > 0) { $numero = (int)$data['numero']; } else
︙			︙
289 290 291 292 293 294 295 ~~296~~ 297 298 299 300 301 302 303 304 305 306 307 308 309 310 ~~311~~ 312 313 314 315 316 ~~317~~ 318 ~~319~~	$db = DB::getInstance(); $champs = Config::getInstance()->get('champs_membres')->getKeys(); $champs = array_map([$db, 'quoteIdentifier'], $champs); $champs_sql = 'm.' . implode(', m.', $champs); $where = $list ? 'WHERE ' . $db->where('m.id', $list) : ''; ~~$res = $db->iterate('SELECT ' . $champs_sql . ', c.nom AS "Catégorie membre" FROM membres AS m~~ INNER JOIN membres_categories AS c ON m.id_categorie = c.id ' . $where . ' ORDER BY c.id;'); return [ array_keys((array) $res->current()), $res, sprintf('Export membres - %s - %s', Config::getInstance()->get('nom_asso'), date('Y-m-d')), ]; } public function toCSV(array $list = null) { list($champs, $result, $name) = $this->export($list); ~~return Utils::toCSV($name, $result, $champs);~~ } public function toODS(array $list = null) { list($champs, $result, $name) = $this->export($list); ~~return Utils::toODS($name, $result, $champs);~~ } }	\| \| \| \| > > > > > > > > > > > > > > > > > > > > > >	309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361	$db = DB::getInstance(); $champs = Config::getInstance()->get('champs_membres')->getKeys(); $champs = array_map([$db, 'quoteIdentifier'], $champs); $champs_sql = 'm.' . implode(', m.', $champs); $where = $list ? 'WHERE ' . $db->where('m.id', $list) : ''; $res = $db->iterate('SELECT ' . $champs_sql . ', c.nom AS "Catégorie membre" FROM membres AS m INNER JOIN membres_categories AS c ON m.id_categorie = c.id ' . $where . ' ORDER BY c.id;'); return [ array_keys((array) $res->current()), $res, sprintf('Export membres - %s - %s', Config::getInstance()->get('nom_asso'), date('Y-m-d')), ]; } public function toCSV(array $list = null) { list($champs, $result, $name) = $this->export($list); return Utils::toCSV($name, $result, $champs, [$this, 'exportRow']); } public function toODS(array $list = null) { list($champs, $result, $name) = $this->export($list); return Utils::toODS($name, $result, $champs, [$this, 'exportRow']); } public function exportRow(\stdClass $row) { // Pas hyper efficace, il faudrait ne pas récupérer la liste pour chaque ligne... FIXME $champs_multiples = Config::getInstance()->get('champs_membres')->getMultiples(); // convertir les champs à choix multiple de binaire vers liste séparée par des points virgules foreach ($champs_multiples as $id=>$config) { $out = []; foreach ($config->options as $b => $name) { if ($row->$id & (0x01 << $b)) { $out[] = $name; } } $row->$id = implode(';', $out); } return $row; } }

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33	<?php namespace Garradin\Membres; use Garradin\Config; use Garradin\DB; use Garradin\Utils; use Garradin\Membres; use Garradin\UserException; use const Garradin\SECRET_KEY; use const Garradin\WWW_URL; use const Garradin\ADMIN_URL; use KD2\Security; use KD2\Security_OTP; use KD2\QRCode; class Session extends \KD2\UserSession { // Personalisation de la config de UserSession protected $cookie_name = 'gdin'; protected $remember_me_cookie_name = 'gdinp'; protected $remember_me_expiry = '+3 months'; const MINIMUM_PASSWORD_LENGTH = 8; // Extension des méthodes de UserSession public function __construct() { $url = parse_url(ADMIN_URL); //throw new \Exception('lol');	> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64	<?php namespace Garradin\Membres; use Garradin\Config; use Garradin\DB; use Garradin\Utils; use Garradin\Membres; use Garradin\UserException; use Garradin\Plugin; use const Garradin\SECRET_KEY; use const Garradin\WWW_URL; use const Garradin\ADMIN_URL; use KD2\Security; use KD2\Security_OTP; use KD2\QRCode; use KD2\HTTP; class Session extends \KD2\UserSession { // Personalisation de la config de UserSession protected $cookie_name = 'gdin'; protected $remember_me_cookie_name = 'gdinp'; protected $remember_me_expiry = '+3 months'; const MINIMUM_PASSWORD_LENGTH = 8; static public function checkPasswordValidity($password) { if (strlen($password) < self::MINIMUM_PASSWORD_LENGTH) { throw new UserException(sprintf('Le mot de passe doit faire au moins %d caractères.', self::MINIMUM_PASSWORD_LENGTH)); } $session = new Session(DB::getInstance()); $session->http = new HTTP; if ($session->isPasswordCompromised($password)) { throw new UserException('Ce mot de passe figure dans une liste de mots de passe compromis. Si vous l\'avez utilisé sur d\'autres sites il est recommandé de le changer sur ces autres sites également.'); } } public function isPasswordCompromised($password) { // Vérifier s'il n'y a pas un plugin qui gère déjà cet aspect // notamment en installation mutualisée c'est plus efficace $return = ['is_compromised' => null]; $called = Plugin::fireSignal('motdepasse.compromis', ['password' => $password], $return); if ($called !== null) { return $return['is_compromised']; } return parent::isPasswordCompromised($password); } // Extension des méthodes de UserSession public function __construct() { $url = parse_url(ADMIN_URL); //throw new \Exception('lol');
︙			︙
115 116 117 118 119 120 121 ~~122~~ ~~123 124~~ ~~125~~ 126 ~~127~~ 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 ~~144~~ 145 146 147 148 149 150 151	} // Ajout de la gestion de LOCAL_LOGIN public function isLogged($disable_local_login = false) { $logged = parent::isLogged(); ~~if (!$disable_local_login && defined('\Garradin\LOCAL_LOGIN')~~ ~~~~&& is~~_i~~nt(\Garradin\LOCAL_LOGIN) &&~~ \Garradin\LOCAL_LOGIN ~~> 0)~~ {~~ ~~if (!$logged \|\| ($logged && $this->user->id != ~~\Garrad~~in~~\LOCAL_LOGIN~~))~~ { ~~$logged = $this->create(~~\Garrad~~in~~\LOCAL_LOGIN~~);~~ } } return $logged; } // Ici checkOTP utilise NTP en second recours public function checkOTP($secret, $code) { if (Security_OTP::TOTP($secret, $code)) { return true; } // Vérifier encore, mais avec le temps NTP // au cas où l'horloge du serveur n'est pas à l'heure ~~if (\Garradin\NTP_SERVER~~ && ($time = Security_OTP::getTimeFromNTP(\Garradin\NTP_SERVER)) && Security_OTP::TOTP($secret, $code, $time)) { return true; } return false;	\| > \| \| > > > > > > > \| \| \|	146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190	} // Ajout de la gestion de LOCAL_LOGIN public function isLogged($disable_local_login = false) { $logged = parent::isLogged(); if (!$disable_local_login && defined('\Garradin\LOCAL_LOGIN')) { $login_id = \Garradin\LOCAL_LOGIN; // On va chercher le premier membre avec le droit de gérer les membres if (-1 === $login_id) { $login_id = $this->db->firstColumn('SELECT id FROM membres WHERE id_categorie = (SELECT id FROM membres_categories WHERE droit_membres = ? LIMIT 1) LIMIT 1', Membres::DROIT_ADMIN); } if ($login_id > 0 && (!$logged \|\| ($logged && $this->user->id != $login_id))) { $logged = $this->create($login_id); } } return $logged; } // Ici checkOTP utilise NTP en second recours public function checkOTP($secret, $code) { if (Security_OTP::TOTP($secret, $code)) { return true; } // Vérifier encore, mais avec le temps NTP // au cas où l'horloge du serveur n'est pas à l'heure if (\Garradin\NTP_SERVER && ($time = Security_OTP::getTimeFromNTP(\Garradin\NTP_SERVER)) && Security_OTP::TOTP($secret, $code, $time)) { return true; } return false;
︙			︙
253 254 255 256 257 258 259 ~~260 261 262 263 264 265~~ 266 267 268 269 270 271 272	$password_confirm = trim($password_confirm); if (!hash_equals($password, $password_confirm)) { throw new UserException('Le mot de passe et sa vérification ne sont pas identiques.'); } i~~f (strlen~~($password) ~~< self::MINIMUM_PASSWORD_LENGTH)~~ { ~~throw new UserException(sprintf('Le mot de passe doit faire au moins %d caractères.', self::MINIMUM_PASSWORD_LENGTH));~~ } $password = ~~Membres~~::hashPassword($password); $message = "Bonjour,\n\nLe mot de passe de votre compte a bien été modifié.\n\n"; $message.= "Votre adresse email : ".$membre->email."\n"; $message.= "La demande émanait de l'adresse IP : ".Utils::getIP()."\n\n"; $message.= "Si vous n'avez pas demandé à changer votre mot de passe, merci de nous le signaler."; DB::getInstance()->update('membres', ['passe' => $password], 'id = :id', ['id' => (int)$membre->id]);	\| \| < < < \|	292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308	$password_confirm = trim($password_confirm); if (!hash_equals($password, $password_confirm)) { throw new UserException('Le mot de passe et sa vérification ne sont pas identiques.'); } self::checkPasswordValidity($password); $password = self::hashPassword($password); $message = "Bonjour,\n\nLe mot de passe de votre compte a bien été modifié.\n\n"; $message.= "Votre adresse email : ".$membre->email."\n"; $message.= "La demande émanait de l'adresse IP : ".Utils::getIP()."\n\n"; $message.= "Si vous n'avez pas demandé à changer votre mot de passe, merci de nous le signaler."; DB::getInstance()->update('membres', ['passe' => $password], 'id = :id', ['id' => (int)$membre->id]);
︙			︙
340 341 342 343 344 345 346 ~~347 348 349 350 351 352~~ 353 354 355 356 357 358 359	{ throw new \RuntimeException(sprintf('Le champ %s n\'est pas autorisé dans cette méthode.', $key)); } } if (isset($data['passe']) && trim($data['passe']) !== '') { ~~if (s~~tr~~len~~($data['passe']) ~~< self::MINIMUM_PASSWORD_LENGTH)~~ { ~~throw new UserException(sprintf('Le mot de passe doit faire au moins %d caractères.',~~ self::~~MINIMUM_~~P~~ASSWORD_LENGTH)~~); } ~~$data['passe'] = Membres::hashPassword(trim($data['passe']));~~ } else { unset($data['passe']); } if (isset($data['clef_pgp']) && trim($data['clef_pgp']) !== '')	\| \| \| \| \| <	376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394	{ throw new \RuntimeException(sprintf('Le champ %s n\'est pas autorisé dans cette méthode.', $key)); } } if (isset($data['passe']) && trim($data['passe']) !== '') { $data['passe'] = trim($data['passe']); self::checkPasswordValidity($data['passe']); $data['passe'] = self::hashPassword($data['passe']); } else { unset($data['passe']); } if (isset($data['clef_pgp']) && trim($data['clef_pgp']) !== '')
︙			︙

︙			︙
630 631 632 633 634 635 636 ~~637 638 639 640 641 642 643~~ 644 645 646 647 648 649 650	'loop_start' => &$loop_start, 'code' => &$statement_code, ]; // Appel du plugin lié à cette boucle, si ça existe $return = Plugin::fireSignal('boucle.' . $loopType, $params, $callback_return); // Si le ~~retour~~ est ~~du texte on~~ le t~~rait~~e ~~comm~~e ~~tel~~ ~~if (is_string($return))~~ { ~~return $return;~~ } ~~// Sinon si ce n'est pas true~~ ~~else~~if (!$return) { throw new \KD2\MiniSkelMarkupException("Le type de boucle '".$loopType."' est inconnu."); } if (empty($query)) { $query = 'SELECT 0 LIMIT 0;';	\| < < < < < \|	630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645	'loop_start' => &$loop_start, 'code' => &$statement_code, ]; // Appel du plugin lié à cette boucle, si ça existe $return = Plugin::fireSignal('boucle.' . $loopType, $params, $callback_return); // Si aucun plugin n'a été appelé c'est que le type de boucle n'est pas défini if (!$return) { throw new \KD2\MiniSkelMarkupException("Le type de boucle '".$loopType."' est inconnu."); } if (empty($query)) { $query = 'SELECT 0 LIMIT 0;';
︙			︙
918 919 920 921 922 923 924 ~~925 926~~ 927 928 929 930 931 ~~932 933~~ 934 935 936 937 938 939 940	{ return null; } } static public function getSource($template) { ~~if (!preg_match('!^[\w\d_-]+(?:\.[\w\d_-]+)$!i', $template)) return ~~false~~;~~ $path = file_exists(DATA_ROOT . '/www/squelettes/' . $template) ? DATA_ROOT . '/www/squelettes/' . $template : ROOT . '/www/squelettes-dist/' . $template; ~~if (!file_exists($path)) return ~~false~~;~~ return file_get_contents($path); } static public function editSource($template, $content) { if (!preg_match('!^[\w\d_-]+(?:\.[\w\d_-]+)$!i', $template))	\| \| > \| \| >	913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937	{ return null; } } static public function getSource($template) { if (!preg_match('!^[\w\d_-]+(?:\.[\w\d_-]+)$!i', $template)) { return null; } $path = file_exists(DATA_ROOT . '/www/squelettes/' . $template) ? DATA_ROOT . '/www/squelettes/' . $template : ROOT . '/www/squelettes-dist/' . $template; if (!file_exists($path)) { return null; } return file_get_contents($path); } static public function editSource($template, $content) { if (!preg_match('!^[\w\d_-]+(?:\.[\w\d_-]+)$!i', $template))
︙			︙

︙			︙
209 210 211 212 213 214 215 ~~216~~ 217 218 219 220 221 222 223 ~~224~~ 225 226 227 228 229 230 231	} // Compatibilité SPIP static public function egal_a($value, $test) { if ($value == $test) ~~return true;~~ else return false; } static public function different_de($value, $test) { if ($value != $test) ~~return true;~~ else return false; } // disponible aussi avec : \| ?{sioui, sinon} static public function choixsivide($value, $un, $deux = '') {	\| \|	209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231	} // Compatibilité SPIP static public function egal_a($value, $test) { if ($value == $test) return $value; else return false; } static public function different_de($value, $test) { if ($value != $test) return $value; else return false; } // disponible aussi avec : \| ?{sioui, sinon} static public function choixsivide($value, $un, $deux = '') {
︙			︙
327 328 329 330 331 332 333 ~~334~~ 335 336 337 338 ~~339~~ 340 341 342 343 ~~344~~ 345 346 347 348 ~~349~~ 350 351 352 353 ~~354~~ 355 356 357 358 ~~359~~ 360 361 362 363 ~~364~~ 365 366 367 368 ~~369~~ 370 371 372 373 ~~374~~ 375 376 377 378 379 380 381 382 383 384 385 386	static public function date_w3c($date) { return date(DATE_W3C, $date); } static public function et($value, $test) { ~~return ($value && $test);~~ } static public function ou($value, $test) { ~~return ($value \|\| $test);~~ } static public function xou($value, $test) { ~~return ($value XOR $test);~~ } static public function oui($value) { ~~return $value ? ~~true~~ : false;~~ } static public function non($value) { ~~return !$value ? ~~true~~ : false;~~ } static public function superieur_a($value, $test) { ~~return ($value > $test) ? true : false;~~ } static public function superieur_ou_egal_a($value, $test) { ~~return ($value >= $test) ? true : false;~~ } static public function inferieur_a($value, $test) { ~~return ($value < $test) ? true : false;~~ } static public function inferieur_ou_egal_a($value, $test) { ~~return ($value <= $test) ? true : false;~~ } static public function euros($value) { return str_replace(' ', ' ', number_format($value, (round($value) == round($value, 2) ? 0 : 2), ',', ' ')) . ' €'; } static public function taille_en_octets($value) { return Utils::format_bytes($value); } }	\| \| \| \| \| \| \| \| \|	327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386	static public function date_w3c($date) { return date(DATE_W3C, $date); } static public function et($value, $test) { return ($value && $test) ? $value : false; } static public function ou($value, $test) { return ($value \|\| $test) ? $value : false; } static public function xou($value, $test) { return ($value XOR $test) ? $value : false; } static public function oui($value) { return $value ? ' ' : false; } static public function non($value) { return !$value ? ' ' : false; } static public function superieur_a($value, $test) { return ($value > $test) ? $value : false; } static public function superieur_ou_egal_a($value, $test) { return ($value >= $test) ? $value : false; } static public function inferieur_a($value, $test) { return ($value < $test) ? $value : false; } static public function inferieur_ou_egal_a($value, $test) { return ($value <= $test) ? $value : false; } static public function euros($value) { return str_replace(' ', ' ', number_format($value, (round($value) == round($value, 2) ? 0 : 2), ',', ' ')) . ' €'; } static public function taille_en_octets($value) { return Utils::format_bytes($value); } }

︙			︙
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47	// Hash de la version pour les éléments statiques (cache) // On ne peut pas utiliser la version directement comme query string // pour les éléments statiques (genre /admin/static/admin.css?v0.9.0) // car cela dévoilerait la version de Garradin utilisée, posant un souci // en cas de faille, on cache donc la version utilisée, chaque instance // aura sa propre version ~~$this->assign('version_hash', substr(sha1(~~VERSION~~ . ROOT . SECRET_KEY), 0, 10));~~ $this->assign('www_url', WWW_URL); $this->assign('self_url', Utils::getSelfUrl()); $this->assign('self_url_no_qs', Utils::getSelfUrl(false)); $this->assign('is_logged', false);	\|	33 34 35 36 37 38 39 40 41 42 43 44 45 46 47	// Hash de la version pour les éléments statiques (cache) // On ne peut pas utiliser la version directement comme query string // pour les éléments statiques (genre /admin/static/admin.css?v0.9.0) // car cela dévoilerait la version de Garradin utilisée, posant un souci // en cas de faille, on cache donc la version utilisée, chaque instance // aura sa propre version $this->assign('version_hash', substr(sha1(garradin_version() . garradin_manifest() . ROOT . SECRET_KEY), 0, 10)); $this->assign('www_url', WWW_URL); $this->assign('self_url', Utils::getSelfUrl()); $this->assign('self_url_no_qs', Utils::getSelfUrl(false)); $this->assign('is_logged', false);
︙			︙
196 197 198 199 200 201 202 ~~203 204 205 206 207 208~~ ~~209~~ 210 ~~211 212~~ 213 214 215 216 217 218 219	} return $escape ? htmlspecialchars((string)$value, ENT_QUOTES, 'UTF-8') : $value; } protected function formatPhoneNumber($n) { ~~$n = preg_replace('![^\d\+]!', '', $n);~~ ~~if (substr($n, 0, 1) == '+')~~ { ~~$n = preg_replace('!^\+(?:1\|2[07]\|2\d{2}\|3[0-469]\|3\d{2}\|4[013-9]\|'~~ ~~. '4\d{2}\|5[1-8]\|5\d{2}\|6[0-6]\|6\d{2}\|7\d\|8[1-469]\|8\d{2}\|'~~ ~~~~. '9[0-58]\|9\d{2})!', '\\0 ',~~ $n);~~ } ~~~~elseif (preg_match('/^\d{10}$/', $n))~~ {~~ $n = preg_replace('!(\d{2})!', '\\1 ', $n); } return $n; } protected function customColors()	< \| < \| < < > \| < \| >	196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216	} return $escape ? htmlspecialchars((string)$value, ENT_QUOTES, 'UTF-8') : $value; } protected function formatPhoneNumber($n) { $country = Config::getInstance()->get('pays'); if ($country !== 'FR') { return $n; } if ('FR' === $country && $n[0] === '0' && strlen($n) === 10) { $n = preg_replace('!(\d{2})!', '\\1 ', $n); } return $n; } protected function customColors()
︙			︙
277 278 279 280 281 282 283 ~~284~~ 285 286 287 288 289 290 291	foreach ($config->options as $b => $name) { if ($v & (0x01 << $b)) $out[] = $name; } ~~return implode(', ', $out);~~ default: return htmlspecialchars($v); } } protected function formChampMembre($params) {	\|	274 275 276 277 278 279 280 281 282 283 284 285 286 287 288	foreach ($config->options as $b => $name) { if ($v & (0x01 << $b)) $out[] = $name; } return htmlspecialchars(implode(', ', $out)); default: return htmlspecialchars($v); } } protected function formChampMembre($params) {
︙			︙

︙			︙
469 470 471 472 473 474 475 ~~476 477 478~~ 479 480 481 482 483 484 485	static public function checkBIC($bic) { return preg_match('!^[A-Z]{4}[A-Z]{2}[1-9A-Z]{2}(?:[A-Z\d]{3})?$!', $bic); } static public function normalizePhoneNumber($n) { ~~$n = preg_replace('!(\+\d+)\(0\)!', '\\1', $n);~~ ~~$n =~~ preg_replace('![^\d\+]!', '', $n); ~~return $n;~~ } static public function write_ini_string($in) { $out = ''; $get_ini_line = function ($key, $value) use (&$get_ini_line) {	< \| <	469 470 471 472 473 474 475 476 477 478 479 480 481 482 483	static public function checkBIC($bic) { return preg_match('!^[A-Z]{4}[A-Z]{2}[1-9A-Z]{2}(?:[A-Z\d]{3})?$!', $bic); } static public function normalizePhoneNumber($n) { return preg_replace('![^\d\+\(\)p#,;-]!', '', trim($n)); } static public function write_ini_string($in) { $out = ''; $get_ini_line = function ($key, $value) use (&$get_ini_line) {
︙			︙
665 666 667 668 669 670 671 ~~672~~ 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 ~~700~~ 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726	array_walk($row, function (&$field) { $field = strtr($field, ['"' => '""', "\r\n" => "\n"]); }); return sprintf("\"%s\"\r\n", implode('","', $row)); } ~~static public function toCSV($name, $iterator, $header = null)~~ { header('Content-type: application/csv'); header(sprintf('Content-Disposition: attachment; filename="%s.csv"', $name)); $fp = fopen('php://output', 'w'); if ($header) { fputs($fp, self::row_to_csv($header)); } foreach ($iterator as $row) { if (!$header) { fputs($fp, self::row_to_csv(array_keys($row))); $header = true; } fputs($fp, self::row_to_csv($row)); } fclose($fp); return true; } ~~static public function toODS($name, $iterator, $header = null)~~ { header('Content-type: application/vnd.oasis.opendocument.spreadsheet'); header(sprintf('Content-Disposition: attachment; filename="%s.ods"', $name)); $ods = new ODSWriter; $ods->table_name = $name; if ($header) { $ods->add((array) $header); } foreach ($iterator as $row) { if (!$header) { $ods->add(array_keys($row)); $header = true; } $ods->add((array) $row); } $ods->output(); return true;	\| > > > > \| > > > >	663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732	array_walk($row, function (&$field) { $field = strtr($field, ['"' => '""', "\r\n" => "\n"]); }); return sprintf("\"%s\"\r\n", implode('","', $row)); } static public function toCSV($name, $iterator, $header = null, $row_map_callback = null) { header('Content-type: application/csv'); header(sprintf('Content-Disposition: attachment; filename="%s.csv"', $name)); $fp = fopen('php://output', 'w'); if ($header) { fputs($fp, self::row_to_csv($header)); } foreach ($iterator as $row) { if (!$header) { fputs($fp, self::row_to_csv(array_keys($row))); $header = true; } if (null !== $row_map_callback) { $row = call_user_func($row_map_callback, $row); } fputs($fp, self::row_to_csv($row)); } fclose($fp); return true; } static public function toODS($name, $iterator, $header = null, $row_map_callback = null) { header('Content-type: application/vnd.oasis.opendocument.spreadsheet'); header(sprintf('Content-Disposition: attachment; filename="%s.ods"', $name)); $ods = new ODSWriter; $ods->table_name = $name; if ($header) { $ods->add((array) $header); } foreach ($iterator as $row) { if (!$header) { $ods->add(array_keys($row)); $header = true; } if (null !== $row_map_callback) { $row = call_user_func($row_map_callback, $row); } $ods->add((array) $row); } $ods->output(); return true;
︙			︙

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15	<!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr"> <head> <meta charset="utf-8" /> <title>{$title}</title> <link rel="icon" type="image/png" href="{$admin_url}static/icon.png" /> <meta name="viewport" content="width=device-width, initial-scale=1.0, target-densitydpi=device-dpi" /> ~~<link rel="stylesheet" type="text/css" href="{$admin_url}static/admin.css?{$version_hash}1" media="all" />~~ {if isset($js) \|\| isset($custom_js)} <script type="text/javascript" src="{$admin_url}static/scripts/global.js?{$version_hash}"></script> {/if} {if isset($custom_js)} {foreach from=$custom_js item="js"} <script type="text/javascript" src="{$admin_url}static/scripts/{$js}?{$version_hash}"></script> {/foreach}	\|	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15	<!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr"> <head> <meta charset="utf-8" /> <title>{$title}</title> <link rel="icon" type="image/png" href="{$admin_url}static/icon.png" /> <meta name="viewport" content="width=device-width, initial-scale=1.0, target-densitydpi=device-dpi" /> <link rel="stylesheet" type="text/css" href="{$admin_url}static/admin.css?{$version_hash}" media="all" /> {if isset($js) \|\| isset($custom_js)} <script type="text/javascript" src="{$admin_url}static/scripts/global.js?{$version_hash}"></script> {/if} {if isset($custom_js)} {foreach from=$custom_js item="js"} <script type="text/javascript" src="{$admin_url}static/scripts/{$js}?{$version_hash}"></script> {/foreach}
︙			︙
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46	<link rel="stylesheet" type="text/css" href="{$admin_url}static/print.css?{$version_hash}" media="print" /> <link rel="stylesheet" type="text/css" href="{$admin_url}static/handheld.css?{$version_hash}" media="handheld,screen and (max-width:981px)" /> {if isset($config)} {custom_colors config=$config} {/if} </head> ~~<body{if !empty($body_id)} id="{$body_id}"{/if} ~~data-url="{$admin_url}"~~>~~ {if empty($is_popup)} <header class="header"> <nav class="menu"> <ul> {if !$is_logged} <li><a href="{$www_url}">← Retour au site</a></li>	\|	32 33 34 35 36 37 38 39 40 41 42 43 44 45 46	<link rel="stylesheet" type="text/css" href="{$admin_url}static/print.css?{$version_hash}" media="print" /> <link rel="stylesheet" type="text/css" href="{$admin_url}static/handheld.css?{$version_hash}" media="handheld,screen and (max-width:981px)" /> {if isset($config)} {custom_colors config=$config} {/if} </head> <body{if !empty($body_id)} id="{$body_id}"{/if}> {if empty($is_popup)} <header class="header"> <nav class="menu"> <ul> {if !$is_logged} <li><a href="{$www_url}">← Retour au site</a></li>
︙			︙

︙			︙
184 185 186 187 188 189 190 191 192 193 194 195 196 197	span.confirm, b.confirm { color: #090; } span.alert, b.alert { color: #990; } p.alert, div.alert, p.error, div.error, p.confirm, div.confirm { border: 1px solid #ccc; padding: .5em; margin-bottom: 1em; border-radius: .3em; padding-left: 3em;	> > > >	184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201	span.confirm, b.confirm { color: #090; } span.alert, b.alert { color: #990; } .alert p, .error p, .confirm p { margin-bottom: .8em; } p.alert, div.alert, p.error, div.error, p.confirm, div.confirm { border: 1px solid #ccc; padding: .5em; margin-bottom: 1em; border-radius: .3em; padding-left: 3em;
︙			︙
216 217 218 219 220 221 222 ~~223~~ 224 225 226 227 228 229 230	p.confirm::before, div.confirm::before, p.alert::before, div.alert::before, p.error::before, div.error::before { font-family: "gicon"; left: .5em; top: .2em; position: absolute; font-size: 1.5em; text-shadow: 2px 2px 5px #666; } p.confirm::before, div.confirm::before { content: "☑"; color: green; } p.alert::before, div.alert::before {	\|	220 221 222 223 224 225 226 227 228 229 230 231 232 233 234	p.confirm::before, div.confirm::before, p.alert::before, div.alert::before, p.error::before, div.error::before { font-family: "gicon"; left: .5em; top: .2em; position: absolute; font-size: 1.5em; text-shadow: 2px 2px 5px #666; } p.confirm::before, div.confirm::before { content: "☑"; color: green; } p.alert::before, div.alert::before {
︙			︙

1 2 3 4 5 6 7 8 9 10 11 12	(function () { window.g = window.garradin = { url: window.location.href.replace(/\/admin\/.?$/, ''), admin_url: window.location.href.replace(/\/admin\/.?$/, '/admin/'), ~~static_url: window.location.href.replace(/\/admin\/.*?$/, '/admin/static/')~~ }; window.$ = function(selector) { if (!selector.match(/^[.#]?[a-z0-9_-]+$/i)) { return document.querySelectorAll(selector); }	\| >	1 2 3 4 5 6 7 8 9 10 11 12 13	(function () { window.g = window.garradin = { url: window.location.href.replace(/\/admin\/.?$/, ''), admin_url: window.location.href.replace(/\/admin\/.?$/, '/admin/'), static_url: window.location.href.replace(/\/admin\/.?$/, '/admin/static/'), version: document.head.querySelector('script').src.match(/\?(.)$/)[1] }; window.$ = function(selector) { if (!selector.match(/^[.#]?[a-z0-9_-]+$/i)) { return document.querySelectorAll(selector); }
︙			︙
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38	} }; g.onload = function(callback, dom) { if (typeof dom == 'undefined') dom = true; var eventName = dom ? 'DOMContentLoaded' : 'load'; if (document.addEventListener) { document.addEventListener(eventName, callback, false); } else	\|	25 26 27 28 29 30 31 32 33 34 35 36 37 38 39	} }; g.onload = function(callback, dom) { if (typeof dom == 'undefined') dom = true; var eventName = dom ? 'DOMContentLoaded' : 'load'; if (document.addEventListener) { document.addEventListener(eventName, callback, false); } else
︙			︙
68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90	return true; }; g.script = function (file) { var script = document.createElement('script'); script.type = 'text/javascript'; ~~script.src = this.static_url + file;~~ return document.head.appendChild(script); }; g.style = function (file) { var link = document.createElement('link'); link.rel = 'stylesheet'; link.type = 'text/css'; ~~link.href = this.static_url + file;~~ return document.head.appendChild(link); }; // From KD2fw/js/xhr.js g.load = function(b,d,f,e){var a=new XMLHttpRequest();if(!a\|\|!b)return false;if(a.overrideMimeType)a.overrideMimeType('text/xml');b+=(b.indexOf('?')+1?'&':'?')+(+(new Date));a.onreadystatechange=function(){if(a.readyState!=4)return;if((s=a.status)==200){if(!d)return true;var c=a.responseText;if(f=='json'){return((j=window.JSON)&&j.parse)?j.parse(c):eval('('+c.replace(/[\n\r]/g,'')+')')}d(c)}else if(e){e(s)}};a.open('GET',b,true);a.send(null)}; g.checkUncheck = function()	\| \|	69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91	return true; }; g.script = function (file) { var script = document.createElement('script'); script.type = 'text/javascript'; script.src = this.static_url + file + '?' + this.version; return document.head.appendChild(script); }; g.style = function (file) { var link = document.createElement('link'); link.rel = 'stylesheet'; link.type = 'text/css'; link.href = this.static_url + file + '?' + this.version; return document.head.appendChild(link); }; // From KD2fw/js/xhr.js g.load = function(b,d,f,e){var a=new XMLHttpRequest();if(!a\|\|!b)return false;if(a.overrideMimeType)a.overrideMimeType('text/xml');b+=(b.indexOf('?')+1?'&':'?')+(+(new Date));a.onreadystatechange=function(){if(a.readyState!=4)return;if((s=a.status)==200){if(!d)return true;var c=a.responseText;if(f=='json'){return((j=window.JSON)&&j.parse)?j.parse(c):eval('('+c.replace(/[\n\r]/g,'')+')')}d(c)}else if(e){e(s)}};a.open('GET',b,true);a.send(null)}; g.checkUncheck = function()
︙			︙
146 147 148 149 150 151 152 ~~153~~ 154 155 156 157 158 159 160	// donc on force l'utilisation du custom datepicker de Garradin… var input = document.createElement('input'); input.setAttribute('type', 'date'); input.value = ':-)'; input.style.position = 'absolute'; input.style.visibility = 'hidden'; document.body.appendChild(input); // If input type changed or value hasn't been sanitized then // the input type date element is not supported if (input.type !== 'text' && input.value !== ':-)') { document.body.removeChild(input); */ if (document.querySelector && !document.querySelector('input[type=date]'))	\|	147 148 149 150 151 152 153 154 155 156 157 158 159 160 161	// donc on force l'utilisation du custom datepicker de Garradin… var input = document.createElement('input'); input.setAttribute('type', 'date'); input.value = ':-)'; input.style.position = 'absolute'; input.style.visibility = 'hidden'; document.body.appendChild(input); // If input type changed or value hasn't been sanitized then // the input type date element is not supported if (input.type !== 'text' && input.value !== ':-)') { document.body.removeChild(input); */ if (document.querySelector && !document.querySelector('input[type=date]'))
︙			︙
219 220 221 222 223 224 225 ~~226~~ 227 228 229 230 231 232 233	var parent = elm.parentNode; while (parent.nodeType != Node.ELEMENT_NODE \|\| parent.tagName != 'TR') { parent = parent.parentNode; } if (checked) parent.className = parent.className.replace(/ checked$\|$/, ' checked'); else parent.className = parent.className.replace(/ checked/, ''); }; if (checkBoxes[j].checked)	\|	220 221 222 223 224 225 226 227 228 229 230 231 232 233 234	var parent = elm.parentNode; while (parent.nodeType != Node.ELEMENT_NODE \|\| parent.tagName != 'TR') { parent = parent.parentNode; } if (checked) parent.className = parent.className.replace(/ checked$\|$/, ' checked'); else parent.className = parent.className.replace(/ checked/, ''); }; if (checkBoxes[j].checked)
︙			︙

︙			︙
21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40	this.select(); checkPasswordStrength(); checkPasswordMatch(); }; strength_elm = document.createElement('span'); strength_elm.className = 'password_check'; pw_elm.parentNode.appendChild(strength_elm); match_elm = document.createElement('span'); match_elm.className = 'password_check'; pw2_elm.parentNode.appendChild(match_elm); pw_elm.onkeyup = checkPasswordStrength; pw_elm.onchange = function () { checkPasswordStrength(); checkPasswordMatch(); }; pw_elm.onblur = function () { checkPasswordStrength(); checkPasswordMatch(); }; pw2_elm.onkeypress = checkPasswordMatch; pw2_elm.onblur = checkPasswordMatch;	\| \|	21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40	this.select(); checkPasswordStrength(); checkPasswordMatch(); }; strength_elm = document.createElement('span'); strength_elm.className = 'password_check'; pw_elm.parentNode.appendChild(strength_elm); match_elm = document.createElement('span'); match_elm.className = 'password_check'; pw2_elm.parentNode.appendChild(match_elm); pw_elm.onkeyup = checkPasswordStrength; pw_elm.onchange = function () { checkPasswordStrength(); checkPasswordMatch(); }; pw_elm.onblur = function () { checkPasswordStrength(); checkPasswordMatch(); }; pw2_elm.onkeypress = checkPasswordMatch; pw2_elm.onblur = checkPasswordMatch;
︙			︙
88 89 90 91 92 93 94 95 96 97 98 99 100 101 102	if (v[j].length < 4) continue; var r = new RegExp(RegExp.quote(v[j]), 'ig'); score -= pass.match(r) ? pass.match(r).length * 5 : 0; } } // award every unique letter until 5 repetitions var letters = new Object(); for (var i=0; i<pass.length; i++) { letters[pass[i]] = (letters[pass[i]] \|\| 0) + 1; score += 5.0 / letters[pass[i]]; }	\|	88 89 90 91 92 93 94 95 96 97 98 99 100 101 102	if (v[j].length < 4) continue; var r = new RegExp(RegExp.quote(v[j]), 'ig'); score -= pass.match(r) ? pass.match(r).length * 5 : 0; } } // award every unique letter until 5 repetitions var letters = new Object(); for (var i=0; i<pass.length; i++) { letters[pass[i]] = (letters[pass[i]] \|\| 0) + 1; score += 5.0 / letters[pass[i]]; }
︙			︙
148 149 150 151 152 153 154 ~~155~~ 156 157 158 159 160 161 162	{ strength_elm.className = strength_elm.className.split(' ')[0] + ' weak'; strength_elm.innerHTML = 'Sécurité : <b>mauvaise</b>'; } else { strength_elm.className = strength_elm.className.split(' ')[0] + ' fail'; ~~strength_elm.innerHTML = 'Sécurité : <b>aucune</b>';~~ } return true; } function checkPasswordMatch() {	\|	148 149 150 151 152 153 154 155 156 157 158 159 160 161 162	{ strength_elm.className = strength_elm.className.split(' ')[0] + ' weak'; strength_elm.innerHTML = 'Sécurité : <b>mauvaise</b>'; } else { strength_elm.className = strength_elm.className.split(' ')[0] + ' fail'; strength_elm.innerHTML = 'Sécurité : <b>aucune</b>'; } return true; } function checkPasswordMatch() {
︙			︙