本文整理汇总了PHP中S::assert_xsrf_token方法的典型用法代码示例。如果您正苦于以下问题:PHP S::assert_xsrf_token方法的具体用法?PHP S::assert_xsrf_token怎么用?PHP S::assert_xsrf_token使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类S的用法示例。
在下文中一共展示了S::assert_xsrf_token方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: handler_issues_promo
function handler_issues_promo($page, $action = '')
{
$page->changeTpl('fusionax/promo_issues.tpl');
if ($action == 'edit') {
S::assert_xsrf_token();
$issues = XDB::rawIterRow('SELECT p.pid, pd.directory_name, pd.promo, pm.entry_year_ax, pe.entry_year, pe.grad_year
FROM profile_merge_issues AS pm
INNER JOIN profiles AS p ON (pm.pid = p.pid)
INNER JOIN profile_display AS pd ON (pd.pid = p.pid)
INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET(\'primary\', pe.flags))
WHERE FIND_IN_SET(\'promo\', pm.issues)
ORDER BY pd.directory_name');
while (list($pid, $name, $promo, $deathAX, $deathXorgEntry, $deathXorgGrad) = $issues->next()) {
$choiceXorg = Post::has('XORG_' . $pid);
if (!(Post::has('display_' . $pid) && Post::has('entry_' . $pid) && Post::has('grad_' . $pid))) {
continue;
}
$display = Post::i('display_' . $pid);
$entry = Post::i('entry_' . $pid);
$grad = Post::i('grad_' . $pid);
if (!($grad <= $entry + 5 && $grad >= $entry + 3 && ($display >= $entry && $display <= $grad - 3))) {
$page->trigError("La promotion de {$name} n'a pas été corrigée.");
continue;
}
XDB::execute('UPDATE profile_display
SET promo = {?}
WHERE pid = {?}', 'X' . $display, $pid);
XDB::execute('UPDATE profile_education
SET entry_year = {?}, grad_year = {?}
WHERE pid = {?} AND FIND_IN_SET(\'primary\', flags)', $entry, $grad, $pid);
$page->trigSuccess("La promotion de {$name} a bien été corrigée.");
}
}
$issues = XDB::rawFetchAllAssoc('SELECT p.pid, p.hrpid, pd.directory_name, pd.promo, pm.entry_year_ax, pe.entry_year, pe.grad_year
FROM profile_merge_issues AS pm
INNER JOIN profiles AS p ON (pm.pid = p.pid)
INNER JOIN profile_display AS pd ON (pd.pid = p.pid)
INNER JOIN profile_education AS pe ON (pe.pid = p.pid AND FIND_IN_SET(\'primary\', pe.flags))
WHERE FIND_IN_SET(\'promo\', pm.issues)
ORDER BY pd.directory_name');
$page->assign('issues', $issues);
$page->assign('total', count($issues));
}示例2: handler_admin_nl_sync
public function handler_admin_nl_sync($page)
{
global $globals;
$nl = $this->getNl();
if (!$nl) {
return PL_FORBIDDEN;
}
if (Env::has('add_users')) {
S::assert_xsrf_token();
$nl->bulkSubscribe(array_keys(Env::v('add_users')));
$page->trigSuccess('Ajouts réalisés avec succès.');
}
// TODO(x2006barrois): remove raw SQL query.
$uids = XDB::fetchColumn('SELECT DISTINCT(g.uid)
FROM group_members AS g
WHERE g.asso_id = {?} AND NOT EXISTS (SELECT ni.*
FROM newsletter_ins AS ni
INNER JOIN newsletters AS n ON (ni.nlid = n.id)
WHERE g.uid = ni.uid AND n.group_id = g.asso_id)', $globals->asso('id'));
$users = User::getBulkUsersWithUIDs($uids);
usort($users, 'User::compareDirectoryName');
$page->setTitle('Synchronisation de la newsletter');
$page->changeTpl('newsletter/sync.tpl');
$page->assign('users', $users);
}示例3: handler_ajax_modify
function handler_ajax_modify($page)
{
S::assert_xsrf_token();
if (!S::user()->hasRights(Group::from('qdj'), Rights::admin())) {
return PL_FORBIDDEN;
}
$qdj = new QDJ(Json::i('id'));
$page->jsonAssign('success', false);
if (Json::has('date')) {
$date = Json::t('date');
if (!$date) {
$qdj->date(false);
$page->jsonAssign('success', true);
} else {
try {
$qdj->date(new FrankizDateTime($date));
$page->jsonAssign('success', true);
} catch (Exception $e) {
}
}
} else {
if (Json::has('delete')) {
if (Json::b('delete')) {
$qdj->delete();
$page->jsonAssign('success', true);
}
}
}
return PL_JSON;
}示例4: handler_ajax_todo_clear
function handler_ajax_todo_clear($page)
{
S::assert_xsrf_token();
XDB::execute('DELETE FROM todo
WHERE uid = {?} AND checked = 1', S::user()->id());
if (XDB::affectedRows() != 1) {
$page->jsonAssign('error', "Impossible de nettoyer la liste des tâches");
}
return PL_JSON;
}示例5: handler_remove
function handler_remove($page, $id = null)
{
S::assert_xsrf_token();
$val = ValidateFilter::fromId($id, false);
if ($val === false) {
$page->trigError("This item doesn't exist");
return;
}
$val->select(ValidateSelect::validate());
if ($val->writer()->id() != S::user()->id()) {
throw new Exception("Invalid crendentials");
}
S::logger()->log('proposal/remove', array('type' => $val->type(), 'writer' => $val->writer()->id(), 'group' => $val->group()->id(), 'created' => $val->created()->toDb(), 'item' => $val->itemToDb()));
$val->item()->sendmailcancel(S::user());
$val->clean();
pl_redirect(Env::v('url'));
}示例6: HandleAction
public function HandleAction($action)
{
switch ($action) {
case 'suscribe':
S::assert_xsrf_token();
$subs = array_keys(Post::v('sub_ml'));
$res = XDB::iterRow("SELECT sub, domain\n FROM register_subs\n WHERE uid = {?} AND type = 'list'\n ORDER BY domain", S::i('uid'));
while (list($sub, $domain) = $res->next()) {
if (array_shift($subs) == "{$sub}@{$domain}") {
MailingList::subscribeTo($sub, $domain);
}
}
$this->UpdateOnYes();
pl_redirect('lists');
break;
case 'dismiss':
$this->UpdateOnDismiss();
break;
case 'no':
$this->UpdateOnNo();
break;
}
}示例7: handler_aaliases
function handler_aaliases($page, $alias = null)
{
global $globals;
require_once 'emails.inc.php';
$page->setTitle('Administration - Aliases');
if (Post::has('new_alias')) {
pl_redirect('admin/aliases/' . Post::t('new_alias') . '@' . $globals->mail->domain);
}
// If no alias, list them all.
if (is_null($alias)) {
$page->changeTpl('lists/admin_aliases.tpl');
$page->assign('aliases', array_merge(iterate_list_alias($globals->mail->domain), iterate_list_alias($globals->mail->domain2)));
return;
}
list($local_part, $domain) = explode('@', $alias);
if (!($globals->mail->domain == $domain || $globals->mail->domain2 == $domain) || !preg_match("/^[a-zA-Z0-9\\-\\.]*\$/", $local_part)) {
$page->trigErrorRedirect('Le nom de l\'alias est erroné.', $globals->asso('diminutif') . 'admin/aliases');
}
// Now we can perform the action.
if (Post::has('del_alias')) {
S::assert_xsrf_token();
delete_list_alias($local_part, $domain);
$page->trigSuccessRedirect($alias . ' supprimé.', 'admin/aliases');
}
if (Post::has('add_member')) {
S::assert_xsrf_token();
if (add_to_list_alias(Post::t('add_member'), $local_part, $domain)) {
$page->trigSuccess('Ajout réussit.');
} else {
$page->trigError('Ajout infructueux.');
}
}
if (Get::has('del_member')) {
S::assert_xsrf_token();
if (delete_from_list_alias(Get::t('del_member'), $local_part, $domain)) {
$page->trigSuccess('Suppression réussie.');
} else {
$page->trigError('Suppression infructueuse.');
}
}
$page->changeTpl('lists/admin_edit_alias.tpl');
$page->assign('members', list_alias_members($local_part, $domain));
$page->assign('alias', $alias);
}示例8: handler_password
function handler_password($page)
{
global $globals;
if (Post::has('pwhash') && Post::t('pwhash')) {
S::assert_xsrf_token();
S::set('password', $password = Post::t('pwhash'));
XDB::execute('UPDATE accounts
SET password = {?}
WHERE uid={?}', $password, S::i('uid'));
// If GoogleApps is enabled, and the user did choose to use synchronized passwords,
// updates the Google Apps password as well.
if ($globals->mailstorage->googleapps_domain) {
require_once 'googleapps.inc.php';
$account = new GoogleAppsAccount(S::user());
if ($account->active() && $account->sync_password) {
$account->set_password($password);
}
}
S::logger()->log('passwd');
Platal::session()->setAccessCookie(true);
$page->changeTpl('platal/password.success.tpl');
$page->run();
}
$page->changeTpl('platal/password.tpl');
$page->setTitle('Mon mot de passe');
$page->assign('do_auth', 0);
}示例9: handler_public
function handler_public($page, $hruid = null)
{
$page->changeTpl('marketing/public.tpl');
// Retrieves the user info, and checks the user is not yet registered.
$user = User::getSilent($hruid);
if (!$user || !$user->hasProfile()) {
return PL_NOT_FOUND;
}
if ($user->state != 'pending') {
$page->kill('Cet utilisateur est déjà inscrit');
}
// Displays the page, and handles the eventual user actions.
$page->assign('full_name', $user->fullName());
$page->assign('promo', $user->promo());
if (Post::has('valide')) {
S::assert_xsrf_token();
$email = trim(Post::v('mail'));
require_once 'emails.inc.php';
if (!isvalid_email_redirection($email, $user)) {
$page->trigError('Email invalide !');
} else {
// On cherche les marketings précédents sur cette adresse
// email, en se restreignant au dernier mois
if (Marketing::get($user->id(), $email, true)) {
$page->assign('already', true);
} else {
$page->assign('ok', true);
check_email($email, "Une adresse surveillée est proposée au marketing par " . S::user()->login());
$market = new Marketing($user->id(), $email, 'default', null, Post::v('origine'), S::v('uid'), Post::v('origine') == 'user' ? Post::v('personal_notes') : null);
$market->add();
}
}
} else {
global $globals;
require_once 'marketing.inc.php';
$sender = User::getSilent(S::v('uid'));
$perso_signature = 'Cordialement,<br />-- <br />' . $sender->fullName();
$market = new AnnuaireMarketing(null, true);
$text = $market->getText(array('sexe' => $user->isFemale(), 'forlife_email' => $user->hruid . "@" . $user->mainEmailDomain(), 'forlife_email2' => $user->hruid . "@" . $user->alternateEmailDomain()));
$text = str_replace('%%hash%%', '', $text);
$text = str_replace('%%personal_notes%%', '<em id="personal_notes_display"></em>', $text);
$text = str_replace('%%sender%%', '<span id="sender">' . $perso_signature . '</span>', $text);
$page->assign('text', nl2br($text));
$page->assign('perso_signature', $perso_signature);
$page->assign('mail_part', 'escaped_html');
}
}示例10: handler_edit
function handler_edit($page)
{
global $globals;
$user = S::user();
if (empty($user)) {
return PL_NOT_FOUND;
}
if ($user->type != 'xnet') {
pl_redirect('index');
}
$page->changeTpl('xnet/edit.tpl');
if (Post::has('change')) {
S::assert_xsrf_token();
// Convert user status to X
if (!Post::blank('login_X')) {
$forlife = $this->changeLogin($page, $user, Post::t('login_X'));
if ($forlife) {
pl_redirect('index');
}
}
require_once 'emails.inc.php';
require_once 'name.func.inc.php';
// Update user info
$lastname = capitalize_name(Post::t('lastname'));
$firstname = capitalize_name(Post::t('firstname'));
$full_name = build_full_name($firstname, $lastname);
$directory_name = build_directory_name($firstname, $lastname);
$sort_name = build_sort_name($firstname, $lastname);
XDB::query('UPDATE accounts
SET full_name = {?}, directory_name = {?}, sort_name = {?}, display_name = {?},
firstname = {?}, lastname = {?}, sex = {?}
WHERE uid = {?}', $full_name, $directory_name, $sort_name, Post::t('display_name'), Post::t('firstname'), Post::t('lastname'), Post::t('sex') == 'male' ? 'male' : 'female', $user->id());
// Updates email.
$new_email = strtolower(Post::t('email'));
if (require_email_update($user, $new_email)) {
XDB::query('UPDATE accounts
SET email = {?}
WHERE uid = {?}', $new_email, $user->id());
$listClient = new MMList(S::user());
$listClient->change_user_email($user->forlifeEmail(), $new_email);
update_alias_user($user->forlifeEmail(), $new_email);
}
$user = User::getWithUID($user->id());
S::set('user', $user);
$page->trigSuccess('Données mises à jour.');
}
$page->addJsLink('password.js');
$page->assign('user', $user);
}示例11: handler_acreate
function handler_acreate($page)
{
if (!$this->get_lists_domain()) {
return PL_NOT_FOUND;
}
$page->changeTpl('xnetlists/alias-create.tpl');
if (!Post::has('submit')) {
return;
} else {
S::assert_xsrf_token();
}
if (!Post::has('liste')) {
$page->trigError('Le champs « adresse souhaitée » est vide.');
return;
}
$list = Post::v('liste');
if (!preg_match("/^[a-zA-Z0-9\\-\\.]*\$/", $list)) {
$page->trigError('Le nom de l\'alias ne doit contenir que des lettres,' . ' chiffres, tirets et points.');
return;
}
require_once 'emails.inc.php';
$lists_domain = $this->get_lists_domain();
if (list_exist($list, $lists_domain)) {
$page->trigError('Cet alias est déjà pris.');
return;
}
add_to_list_alias(S::i('uid'), $list, $lists_domain);
pl_redirect('alias/admin/' . $list . '@' . $lists_domain);
}示例12: handler_admin_user
function handler_admin_user($page, $user = null)
{
require_once 'emails.inc.php';
require_once 'googleapps.inc.php';
$page->changeTpl('googleapps/admin.user.tpl');
$page->setTitle('Administration Google Apps');
$page->assign('googleapps_admin', GoogleAppsAccount::is_administrator(S::v('uid')));
if (!$user && Post::has('login')) {
$user = Post::v('login');
}
$user = User::get($user);
if ($user) {
$account = new GoogleAppsAccount($user);
// Apply requested actions.
if (Post::has('suspend') && $account->active() && !$account->pending_update_suspension) {
S::assert_xsrf_token();
$account->suspend();
$page->trigSuccess('Le compte est en cours de suspension.');
} else {
if (Post::has('unsuspend') && $account->suspended() && !$account->pending_update_suspension) {
S::assert_xsrf_token();
$account->do_unsuspend();
$page->trigSuccess('Le compte est en cours de réactivation.');
} else {
if (Post::has('forcesync') && $account->active() && $account->sync_password) {
$account->set_password($user->password());
$page->trigSuccess('Le mot de passe est en cours de synchronisation.');
} else {
if (Post::has('sync') && $account->active()) {
$account->set_password($user->password());
$account->set_password_sync(true);
} else {
if (Post::has('nosync') && $account->active()) {
$account->set_password_sync(false);
}
}
}
}
}
// Displays basic account information.
$page->assign('account', $account);
$page->assign('admin_account', GoogleAppsAccount::is_administrator($user->id()));
$page->assign('googleapps_storage', Email::is_active_storage($user, 'googleapps'));
$page->assign('user', $user->id());
// Retrieves user's pending requests.
$res = XDB::iterator("SELECT q_id, q_recipient_id, p_status, j_type, UNIX_TIMESTAMP(p_entry_date) AS p_entry_date\n FROM gapps_queue\n WHERE q_recipient_id = {?}\n ORDER BY p_entry_date DESC", $user->id());
$page->assign('requests', $res);
}
}示例13: handler_trust
function handler_trust($page)
{
$this->load('openid.inc.php');
$server = new OpenId();
$user = S::user();
// Initializes the OpenId environment from the request.
if (!$server->Initialize() || !$server->IsAuthorizationRequest()) {
$page->kill("Ta requête OpenID a échoué, merci de réessayer.");
}
// Prepares the SREG data, if any is required.
$sreg_response = $server->GetSRegDataForRequest($user);
// Asks the user about her trust level of the current request, if not
// done yet.
if (!Post::has('trust_accept') && !Post::has('trust_cancel')) {
$page->changeTpl('openid/trust.tpl');
$page->assign('openid_query', $server->GetQueryStringForRequest());
$page->assign('relying_party', $server->GetEndpoint());
$page->assign('sreg_data', $sreg_response->contents());
return;
}
// Interprets the form results, and updates the user whitelist.
S::assert_xsrf_token();
$trusted = $server->UpdateEndpointTrust($user, Post::b('trust_accept') && !Post::b('trust_cancel'), Post::b('trust_always'));
// Finally answers the request.
if ($server->IsUserAuthorized($user) && $trusted) {
$server->AnswerRequest(true, Post::b('trust_sreg') ? $sreg_response : null);
} else {
$server->AnswerRequest(false);
}
}示例14: handler_admin
function handler_admin($page, $eid = null, $item_id = null)
{
global $globals;
$this->load('xnetevents.inc.php');
$evt = get_event_detail($eid, $item_id);
if (!$evt) {
return PL_NOT_FOUND;
}
$page->changeTpl('xnetevents/admin.tpl');
if (!$evt['show_participants'] && !may_update()) {
return PL_FORBIDDEN;
}
if (may_update() && Post::v('adm')) {
S::assert_xsrf_token();
$member = User::getSilent(Post::v('mail'));
if (!$member) {
$page->trigError("Membre introuvable");
}
// change the price paid by a participant
if (Env::v('adm') == 'prix' && $member) {
$amount = strtr(Env::v('montant'), ',', '.');
XDB::execute("UPDATE group_event_participants\n SET paid = paid + {?}\n WHERE uid = {?} AND eid = {?} AND nb > 0\n ORDER BY item_id ASC\n LIMIT 1", $amount, $member->uid, $evt['eid']);
subscribe_lists_event($member->uid, $evt['short_name'], 1, $amount);
}
// change the number of personns coming with a participant
if (Env::v('adm') == 'nbs' && $member) {
$res = XDB::query("SELECT SUM(paid)\n FROM group_event_participants\n WHERE uid = {?} AND eid = {?}", $member->uid, $evt['eid']);
$paid = $res->fetchOneCell();
// Ensure we have an integer
if ($paid == null) {
$paid = 0;
}
$nbs = Post::v('nb', array());
$paid_inserted = false;
foreach ($nbs as $id => $nb) {
$nb = max(intval($nb), 0);
if (!$paid_inserted && $nb > 0) {
$item_paid = $paid;
$paid_inserted = true;
} else {
$item_paid = 0;
}
XDB::execute('INSERT INTO group_event_participants (eid, uid, item_id, nb, flags, paid)
VALUES ({?}, {?}, {?}, {?}, {?}, {?})
ON DUPLICATE KEY UPDATE nb = VALUES(nb), flags = VALUES(flags), paid = VALUES(paid)', $evt['eid'], $member->uid, $id, $nb, '', $item_paid);
}
$res = XDB::query('SELECT COUNT(uid) AS cnt, SUM(nb) AS nb
FROM group_event_participants
WHERE uid = {?} AND eid = {?}
GROUP BY uid', $member->uid, $evt['eid']);
$u = $res->fetchOneAssoc();
if ($paid == 0 && Post::v('cancel')) {
XDB::execute("DELETE FROM group_event_participants\n WHERE uid = {?} AND eid = {?}", $member->uid, $evt['eid']);
$u = 0;
subscribe_lists_event($member->uid, $evt['short_name'], -1, $paid);
} else {
$u = $u['cnt'] ? $u['nb'] : null;
subscribe_lists_event($member->uid, $evt['short_name'], $u > 0 ? 1 : 0, $paid);
}
}
$evt = get_event_detail($eid, $item_id);
}
$page->assign_by_ref('evt', $evt);
$page->assign('tout', is_null($item_id));
if (count($evt['moments'])) {
$page->assign('moments', $evt['moments']);
}
if ($evt['paiement_id']) {
$infos = User::getBulkUsersWithUIDs(XDB::fetchAllAssoc('SELECT t.uid, t.amount
FROM payment_transactions AS t
LEFT JOIN group_event_participants AS ep ON(ep.uid = t.uid AND ep.eid = {?})
WHERE t.status = "confirmed" AND t.ref = {?} AND ep.uid IS NULL', $evt['eid'], $evt['paiement_id']), 'uid', 'user');
$page->assign('oublis', count($infos));
$page->assign('oubliinscription', $infos);
}
$absents = User::getBulkUsersFromDB('SELECT p.uid
FROM group_event_participants AS p
LEFT JOIN group_event_participants AS p2 ON (p2.uid = p.uid
AND p2.eid = p.eid
AND p2.nb != 0)
WHERE p.eid = {?} AND p2.eid IS NULL
GROUP BY p.uid', $evt['eid']);
$ofs = Env::i('offset');
$part = get_event_participants($evt, $item_id, UserFilter::sortByName(), NB_PER_PAGE, $ofs * NB_PER_PAGE);
$nbp = ceil($evt['user_count'] / NB_PER_PAGE);
if ($nbp > 1) {
$links = array();
if ($ofs) {
$links['précédent'] = $ofs - 1;
}
for ($i = 1; $i <= $nbp; $i++) {
$links[(string) $i] = $i - 1;
}
if ($ofs < $nbp - 1) {
$links['suivant'] = $ofs + 1;
}
$page->assign('links', $links);
}
$page->assign('absents', $absents);
$page->assign('participants', $part);
//.........这里部分代码省略.........
示例15: handler_phd
function handler_phd($page, $promo = null, $validate = false)
{
$page->changeTpl('admin/phd.tpl');
$eduDegrees = DirEnum::getOptions(DirEnum::EDUDEGREES);
$eduDegrees = array_flip($eduDegrees);
// get the list of the years when phd students are supposed to finish but have not yet been flagged as completed
$promo_list = XDB::fetchColumn('SELECT DISTINCT(grad_year)
FROM profile_education
WHERE FIND_IN_SET(\'primary\', flags) AND NOT FIND_IN_SET(\'completed\', flags) AND degreeid = {?}
ORDER BY grad_year', $eduDegrees[Profile::DEGREE_D]);
// case when no promo was selected that is the admin/phd page
if (is_null($promo)) {
$page->assign('promo_list', $promo_list);
$page->assign('nothing', count($promo_list) == 0);
return;
}
// case when we want to add a list and we have data, that is admin/phd/bulk/validate
if ($promo == "bulk" && Post::has('people')) {
S::assert_xsrf_token();
$lines = explode("\n", Post::t('people'));
$separator = Env::t('separator');
foreach ($lines as $line) {
$infos = explode($separator, $line);
if (sizeof($infos) !== 2) {
$page->trigError("La ligne {$line} n'a pas été ajoutée : mauvais nombre de champs.");
continue;
}
$infos = array_map('trim', $infos);
// $info[0] is prenom.nom or hrid. We first try the hrid case, then we try over the possible promos.
// We trigger an error if the search was unsuccessful.
$user = User::getSilent($infos[0]);
if (is_null($user)) {
foreach ($promo_list as $promo_possible) {
$user = User::getSilent($infos[0] . '.d' . $promo_possible);
if (!is_null($user)) {
break;
}
}
if (is_null($user)) {
$page->trigError("La ligne {$line} n'a pas été ajoutée : aucun compte trouvé.");
continue;
}
}
if ($user->type !== 'phd') {
$page->trigError("La ligne {$line} n'a pas été ajoutée : le compte n'est pas celui d'un doctorant.");
continue;
}
$grad_year = $infos[1];
if (!$grad_year) {
$page->trigError("La ligne {$line} n'a pas été ajoutée : année de soutenance vide.");
continue;
}
$profile = $user->profile();
// We have the pid, we now need the id that completes the PK in profile_education.
$res = XDB::fetchOneCell('SELECT pe.id
FROM profile_education AS pe
WHERE FIND_IN_SET(\'primary\', pe.flags) AND NOT FIND_IN_SET(\'completed\', pe.flags)
AND pe.pid = {?}', $profile->id());
if (!$res) {
$page->trigError("Le profil " . $profile->hrid() . " a déjà une année de soutenance indiquée.");
continue;
}
// When we are here, we have the pid, id for profile_education table, and $grad_year. Time to UPDATE !
XDB::execute('UPDATE profile_education
SET flags = CONCAT(flags, \',completed\'), grad_year = {?}
WHERE pid = {?} AND id = {?}', $grad_year, $profile->id(), $res);
XDB::execute('UPDATE profile_display
SET promo = {?}
WHERE pid = {?}', 'D' . $grad_year, $profile->id());
$page->trigSuccess("Promotion de " . $profile->fullName() . " validée.");
}
$errors = $page->nb_errs();
if ($errors == 0) {
$page->trigSuccess("L'opération a été effectuée avec succès.");
} else {
$page->trigSuccess('L\'opération a été effectuée avec succès, sauf pour ' . ($errors == 1 ? 'l\'erreur signalée' : "les {$errors} erreurs signalées") . ' ci-dessus.');
}
} elseif ($validate) {
S::assert_xsrf_token();
$list = XDB::iterator('SELECT pe.pid, pd.directory_name
FROM profile_education AS pe
INNER JOIN profile_display AS pd ON (pe.pid = pd.pid)
WHERE FIND_IN_SET(\'primary\', pe.flags) AND NOT FIND_IN_SET(\'completed\', pe.flags)
AND pe.degreeid = {?} AND pe.grad_year = {?}', $eduDegrees[Profile::DEGREE_D], $promo);
while ($res = $list->next()) {
$pid = $res['pid'];
$name = $res['directory_name'];
if (Post::b('completed_' . $pid)) {
$grad_year = Post::t('grad_year_' . $pid);
XDB::execute('UPDATE profile_education
SET flags = CONCAT(flags, \',completed\'), grad_year = {?}
WHERE FIND_IN_SET(\'primary\', flags) AND pid = {?}', $grad_year, $pid);
XDB::execute('UPDATE profile_display
SET promo = {?}
WHERE pid = {?}', 'D' . $grad_year, $pid);
$page->trigSuccess("Promotion de {$name} validée.");
}
}
}
// case we are on a graduation year page, e.g. admin/phd/2007 or admin/phd/2007/validate
//.........这里部分代码省略.........