[platal.git] / include / xorg / session.inc.php

<?php
/***************************************************************************
 *  Copyright (C) 2003-2004 Polytechnique.org                              *
 *  http://opensource.polytechnique.org/                                   *
 *                                                                         *
 *  This program is free software; you can redistribute it and/or modify   *
 *  it under the terms of the GNU General Public License as published by   *
 *  the Free Software Foundation; either version 2 of the License, or      *
 *  (at your option) any later version.                                    *
 *                                                                         *
 *  This program is distributed in the hope that it will be useful,        *
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
 *  GNU General Public License for more details.                           *
 *                                                                         *
 *  You should have received a copy of the GNU General Public License      *
 *  along with this program; if not, write to the Free Software            *
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 ***************************************************************************/

require_once('platal/session.inc.php');

// {{{ class XorgSession

class XorgSession extends DiogenesCoreSession
{
    // {{{ function XorgSession()

    function XorgSession()
    {
	$this->DiogenesCoreSession();
	if (!Session::has('uid')) {
	    try_cookie();
        }
	set_skin();
    }

    // }}}
    // {{{ function init
    
    function init() {
        @session_start();
        if (!Session::has('session')) {
            $_SESSION['session'] = new XorgSession;
        }
    }
    
    // }}}
    // {{{ function destroy()
    
    function destroy() {
        @session_destroy();
        unset($_SESSION);
        XorgSession::init();
    }
    
    // }}}
    // {{{ function doAuth()

    /** Try to do an authentication.
     *
     * @param page the calling page (by reference)
     */
    function doAuth(&$page,$new_name=false)
    {
	global $globals;
	if (identified()) { // ok, c'est bon, on n'a rien � faire
	    return true;
	}

        if (Session::has('session')) {
            $session =& Session::getMixed('session');
        }

        if (Env::has('username') && Env::has('response') && isset($session->challenge))
	{
	    // si on vient de recevoir une identification par passwordpromptscreen.tpl
	    // ou passwordpromptscreenlogged.tpl
            $uname = Env::get('username');
            
            if (Env::get('domain') == "alias") {
            
                $res = $globals->xdb->query(
                    "SELECT redirect
                       FROM virtual
                 INNER JOIN virtual_redirect USING(vid)
                      WHERE alias LIKE {?}", $uname."@".$globals->mail->alias_dom);
                $redirect = $res->fetchOneCell();
                if ($redirect) {
                    $login = substr($redirect, 0, strpos($redirect, '@'));
                } else {
                    $login = "";
                }
            } else {
                $login = $uname;
            }

	    $field = (!$redirect && preg_match('/^\d*$/', $uname)) ? 'id' : 'alias';
	    $res   = $globals->xdb->query(
                    "SELECT  u.user_id, u.password
                       FROM  auth_user_md5 AS u
                 INNER JOIN  aliases       AS a ON ( a.id=u.user_id AND type!='homonyme' )
                      WHERE  a.$field = {?} AND u.perms IN('admin','user')", $login);

            $logger =& Session::getMixed('log');

	    if (list($uid, $password) = $res->fetchOneRow()) {
		$expected_response=md5("$uname:$password:{$session->challenge}");
		if (Env::get('response') == $expected_response) {
                    if (Env::has('domain')) {
                        if (($domain = Env::get('domain', 'login')) == 'alias') {
                            setcookie('ORGdomain', "alias", (time()+25920000), '/', '', 0);
                        } else {
                            setcookie('ORGdomain', '', (time()-3600), '/', '', 0);
                        }
                        // pour que la modification soit effective dans le reste de la page
                        $_COOKIE['ORGdomain'] = $domain;
                    }

		    unset($session->challenge);
		    if ($logger) {
			$logger->log('auth_ok');
                    }
		    start_connexion($uid, true);
                    if (Env::get('remember', 'false') == 'true') {
                        $cookie = md5(Session::get('password'));
                        setcookie('ORGaccess',$cookie,(time()+25920000),'/','',0);
                        if ($logger) {
                            $logger->log("cookie_on");
                        }
                    } else {
                        setcookie('ORGaccess', '', time() - 3600, '/', '', 0);
                        
                        if ($logger) {
                            $logger->log("cookie_off");
                        }
                    }
		    return true;
		} elseif ($logger) {
                    $logger->log('auth_fail','bad password');
                }
	    } elseif ($logger) {
                $logger->log('auth_fail','bad login');
            }
	}
        $this->doLogin($page,$new_name);
    }

    // }}}
    // {{{ function doAuthCookie()

    /** Try to do a cookie-based authentication.
     *
     * @param page the calling page (by reference)
     */
    function doAuthCookie(&$page)
    {
	if (logged()) {
	    return;
        }

	if (Env::has('username') and Env::has('response')) {
	    return $this->doAuth($page);
        }

	if ($r = try_cookie()) {
	    return $this->doAuth($page,($r>0));
        }
    }

    // }}}
    // {{{ function doLogin()

    /** Display login screen.
     */
    function doLogin(&$page, $new_name=false)
    {
        $page->addJsLink('javascript/md5.js');
	if (logged() and !$new_name) {
	    $page->changeTpl('password_prompt_logged.tpl');
            $page->addJsLink('javascript/do_challenge_response_logged.js');
	    $page->assign("xorg_tpl", "password_prompt_logged.tpl");
	    $page->run();
	} else {
	    $page->changeTpl('password_prompt.tpl');
            $page->addJsLink('javascript/do_challenge_response.js');
	    $page->assign("xorg_tpl", "password_prompt.tpl");
            
            global $globals;
            if ($globals->mail->alias_dom) {
                $page->assign("domains", Array(
                    $globals->mail->domain."/".$globals->mail->domain2,
                    $globals->mail->alias_dom."/".$globals->mail->alias_dom2));
                $page->assign("domains_value", Array("login", "alias"));
                $page->assign("r_domain", Cookie::get('ORGdomain', 'login'));
            }
	    $page->run();
	}
	exit;
    }

    // }}}
    // {{{ function getUserId()
    
    function getUserId($auth,$username)
    {
	global $globals;
	$res = $globals->xdb->query("SELECT id FROM aliases WHERE alias = {?}",$username);
        return $res->fetchOneCell();
    }

    // }}}
    // {{{ function getUsername()

    function getUsername($auth,$uid)
    {
	global $globals;
        $res = $globals->xdb->query("SELECT alias FROM aliases WHERE id = {?} AND type='a_vie'", $uid);
        return $res->fetchOneCell();
    }

    // }}}
}

// }}}
// {{{ function try_cookie()

/** r�alise la r�cup�ration de $_SESSION pour qqn avec cookie
 * @return  int     0 if all OK, -1 if no cookie, 1 if cookie with bad hash,
 *                  -2 should not happen
 */
function try_cookie()
{
    global $globals;
    if (Cookie::get('ORGaccess') == '' or !Cookie::has('ORGuid')) {
	return -1;
    }

    $res = @$globals->xdb->query(
            "SELECT user_id,password FROM auth_user_md5 WHERE user_id = {?} AND perms IN('admin','user')",
            Cookie::getInt('ORGuid')
    );
    if ($res->numRows() != 0) {
	list($uid, $password) = $res->fetchOneRow();
	$expected_value       = md5($password);
	if ($expected_value == Cookie::get('ORGaccess')) {
	    start_connexion($uid, false);
	    return 0;
	} else {
            return 1;
        }
    }

    return -2;
}

// }}}
// {{{ function start_connexion()

/** place les variables de session d�pendants de auth_user_md5
 * et met � jour les dates de derni�re connexion si n�cessaire
 * @return void
 * @see controlpermanent.inc.php controlauthentication.inc.php
 */
function start_connexion ($uid, $identified)
{
    global $globals;
    $res  = $globals->xdb->query("
	SELECT  u.user_id AS uid, prenom, nom, perms, promo, matricule, password, FIND_IN_SET('femme', u.flags) AS femme,
                UNIX_TIMESTAMP(s.start) AS lastlogin, s.host, a.alias AS forlife, a2.alias AS bestalias,
                q.core_mail_fmt AS mail_fmt, UNIX_TIMESTAMP(q.banana_last) AS banana_last, q.watch_last, q.core_rss_hash
          FROM  auth_user_md5   AS u
    INNER JOIN  auth_user_quick AS q  USING(user_id)
    INNER JOIN	aliases         AS a  ON (u.user_id = a.id AND a.type='a_vie')
    INNER JOIN  aliases		AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias',a2.flags))
     LEFT JOIN  logger.sessions AS s  ON (s.uid=u.user_id AND s.suid=0)
         WHERE  u.user_id = {?} AND u.perms IN('admin','user')
      ORDER BY  s.start DESC
         LIMIT  1", $uid);
    $sess = $res->fetchOneAssoc();
    $suid = Session::getMixed('suid');
    
    if ($suid) {
	$logger = new DiogenesCoreLogger($uid, $suid);
	$logger->log("suid_start", Session::get('forlife')." by {$suid['uid']}");
        $sess['suid'] = $suid;
    } else {
        $logger = Session::getMixed('log', new DiogenesCoreLogger($uid));
        $logger->log("connexion", $_SERVER['PHP_SELF']);
        setcookie('ORGuid', $uid, (time()+25920000), '/', '', 0);
    }

    $_SESSION         = $sess;
    $_SESSION['log']  = $logger;
    $_SESSION['auth'] = ($identified ? AUTH_MDP : AUTH_COOKIE);
    set_skin();
}

// }}}
// {{{ function set_skin()

function set_skin()
{
    global $globals;
    if (logged() && $globals->skin->enable) {
        $uid = Session::getInt('uid');
	$res = $globals->xdb->query("SELECT  skin,skin_tpl
	                               FROM  auth_user_quick AS a
				 INNER JOIN  skins           AS s ON a.skin=s.id
			              WHERE  user_id = {?} AND skin_tpl != ''", $uid);
	if (list($_SESSION['skin_id'], $_SESSION['skin']) = $res->fetchOneRow()) {
            return;
        }
    }
    if ($globals->skin->enable) {
        $_SESSION['skin'] = $globals->skin->def_tpl;
        $_SESSION['skin_id'] = $globals->skin->def_id;
    } else {
        $_SESSION['skin'] = 'default.tpl';
        $_SESSION['skin_id'] = -1;
    }
}

// }}}

// vim:set et sw=4 sts=4 sws=4 foldmethod=marker:
?>
Commit	Line	Data
0337d704	1	<?php
	2	/***************************************************************************
	3	* Copyright (C) 2003-2004 Polytechnique.org *
	4	* http://opensource.polytechnique.org/ *
	5	* *
	6	* This program is free software; you can redistribute it and/or modify *
	7	* it under the terms of the GNU General Public License as published by *
	8	* the Free Software Foundation; either version 2 of the License, or *
	9	* (at your option) any later version. *
	10	* *
	11	* This program is distributed in the hope that it will be useful, *
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
	14	* GNU General Public License for more details. *
	15	* *
	16	* You should have received a copy of the GNU General Public License *
	17	* along with this program; if not, write to the Free Software *
	18	* Foundation, Inc., *
	19	* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
	20	***************************************************************************/
	21
	22	require_once('platal/session.inc.php');
	23
	24	// {{{ class XorgSession
	25
	26	class XorgSession extends DiogenesCoreSession
	27	{
	28	// {{{ function XorgSession()
	29
	30	function XorgSession()
	31	{
	32	$this->DiogenesCoreSession();
	33	if (!Session::has('uid')) {
	34	try_cookie();
	35	}
	36	set_skin();
	37	}
	38
	39	// }}}
	40	// {{{ function init
	41
	42	function init() {
	43	@session_start();
	44	if (!Session::has('session')) {
	45	$_SESSION['session'] = new XorgSession;
	46	}
	47	}
	48
	49	// }}}
	50	// {{{ function destroy()
	51
	52	function destroy() {
	53	@session_destroy();
	54	unset($_SESSION);
	55	XorgSession::init();
	56	}
	57
	58	// }}}
	59	// {{{ function doAuth()
	60
	61	/** Try to do an authentication.
	62	*
	63	* @param page the calling page (by reference)
	64	*/
65	function doAuth(&$page,$new_name=false)
66	{
67	global $globals;
68	if (identified()) { // ok, c'est bon, on n'a rien � faire
69	return true;
70	}
71
72	if (Session::has('session')) {
73	$session =& Session::getMixed('session');
74	}
75
76	if (Env::has('username') && Env::has('response') && isset($session->challenge))
77	{
78	// si on vient de recevoir une identification par passwordpromptscreen.tpl
79	// ou passwordpromptscreenlogged.tpl
80	$uname = Env::get('username');
81
82	if (Env::get('domain') == "alias") {
83
84	$res = $globals->xdb->query(
85	"SELECT redirect
86	FROM virtual
87	INNER JOIN virtual_redirect USING(vid)
88	WHERE alias LIKE {?}", $uname."@".$globals->mail->alias_dom);
89	$redirect = $res->fetchOneCell();
90	if ($redirect) {
91	$login = substr($redirect, 0, strpos($redirect, '@'));
92	} else {
93	$login = "";
94	}
95	} else {
96	$login = $uname;
97	}
98
99	$field = (!$redirect && preg_match('/^\d*$/', $uname)) ? 'id' : 'alias';
100	$res = $globals->xdb->query(
101	"SELECT u.user_id, u.password
102	FROM auth_user_md5 AS u
103	INNER JOIN aliases AS a ON ( a.id=u.user_id AND type!='homonyme' )
104	WHERE a.$field = {?} AND u.perms IN('admin','user')", $login);
105
106	$logger =& Session::getMixed('log');
107
108	if (list($uid, $password) = $res->fetchOneRow()) {
109	$expected_response=md5("$uname:$password:{$session->challenge}");
110	if (Env::get('response') == $expected_response) {
111	if (Env::has('domain')) {
112	if (($domain = Env::get('domain', 'login')) == 'alias') {
113	setcookie('ORGdomain', "alias", (time()+25920000), '/', '', 0);
114	} else {
115	setcookie('ORGdomain', '', (time()-3600), '/', '', 0);
116	}
117	// pour que la modification soit effective dans le reste de la page
118	$_COOKIE['ORGdomain'] = $domain;
119	}
120
121	unset($session->challenge);
122	if ($logger) {
123	$logger->log('auth_ok');
124	}
125	start_connexion($uid, true);
126	if (Env::get('remember', 'false') == 'true') {
127	$cookie = md5(Session::get('password'));
128	setcookie('ORGaccess',$cookie,(time()+25920000),'/','',0);
129	if ($logger) {
130	$logger->log("cookie_on");
131	}
132	} else {
133	setcookie('ORGaccess', '', time() - 3600, '/', '', 0);
134
135	if ($logger) {
136	$logger->log("cookie_off");
137	}
138	}
139	return true;
140	} elseif ($logger) {
141	$logger->log('auth_fail','bad password');
142	}
143	} elseif ($logger) {
144	$logger->log('auth_fail','bad login');
145	}
146	}
147	$this->doLogin($page,$new_name);
148	}
149
150	// }}}
151	// {{{ function doAuthCookie()
152
153	/** Try to do a cookie-based authentication.
154	*
155	* @param page the calling page (by reference)
156	*/
157	function doAuthCookie(&$page)
158	{
159	if (logged()) {
160	return;
161	}
162
163	if (Env::has('username') and Env::has('response')) {
164	return $this->doAuth($page);
165	}
166
167	if ($r = try_cookie()) {
168	return $this->doAuth($page,($r>0));
169	}
170	}
171
172	// }}}
173	// {{{ function doLogin()
174
175	/** Display login screen.
176	*/
177	function doLogin(&$page, $new_name=false)
178	{
179	$page->addJsLink('javascript/md5.js');
180	if (logged() and !$new_name) {
181	$page->changeTpl('password_prompt_logged.tpl');
182	$page->addJsLink('javascript/do_challenge_response_logged.js');
183	$page->assign("xorg_tpl", "password_prompt_logged.tpl");
184	$page->run();
185	} else {
186	$page->changeTpl('password_prompt.tpl');
187	$page->addJsLink('javascript/do_challenge_response.js');
188	$page->assign("xorg_tpl", "password_prompt.tpl");
189
190	global $globals;
191	if ($globals->mail->alias_dom) {
192	$page->assign("domains", Array(
193	$globals->mail->domain."/".$globals->mail->domain2,
194	$globals->mail->alias_dom."/".$globals->mail->alias_dom2));
195	$page->assign("domains_value", Array("login", "alias"));
196	$page->assign("r_domain", Cookie::get('ORGdomain', 'login'));
197	}
198	$page->run();
199	}
200	exit;
201	}
202
203	// }}}
204	// {{{ function getUserId()
205
206	function getUserId($auth,$username)
207	{
208	global $globals;
209	$res = $globals->xdb->query("SELECT id FROM aliases WHERE alias = {?}",$username);
210	return $res->fetchOneCell();
211	}
212
213	// }}}
214	// {{{ function getUsername()
215
216	function getUsername($auth,$uid)
217	{
218	global $globals;
219	$res = $globals->xdb->query("SELECT alias FROM aliases WHERE id = {?} AND type='a_vie'", $uid);
220	return $res->fetchOneCell();
221	}
222
223	// }}}
224	}
225
226	// }}}
227	// {{{ function try_cookie()
228
229	/** r�alise la r�cup�ration de $_SESSION pour qqn avec cookie
230	* @return int 0 if all OK, -1 if no cookie, 1 if cookie with bad hash,
231	* -2 should not happen
232	*/
233	function try_cookie()
234	{
235	global $globals;
236	if (Cookie::get('ORGaccess') == '' or !Cookie::has('ORGuid')) {
237	return -1;
238	}
239
240	$res = @$globals->xdb->query(
241	"SELECT user_id,password FROM auth_user_md5 WHERE user_id = {?} AND perms IN('admin','user')",
242	Cookie::getInt('ORGuid')
243	);
244	if ($res->numRows() != 0) {
245	list($uid, $password) = $res->fetchOneRow();
246	$expected_value = md5($password);
247	if ($expected_value == Cookie::get('ORGaccess')) {
248	start_connexion($uid, false);
249	return 0;
250	} else {
251	return 1;
252	}
253	}
254
255	return -2;
256	}
257
258	// }}}
259	// {{{ function start_connexion()
260
261	/** place les variables de session d�pendants de auth_user_md5
262	* et met � jour les dates de derni�re connexion si n�cessaire
263	* @return void
264	* @see controlpermanent.inc.php controlauthentication.inc.php
265	*/
266	function start_connexion ($uid, $identified)
267	{
268	global $globals;
269	$res = $globals->xdb->query("
270	SELECT u.user_id AS uid, prenom, nom, perms, promo, matricule, password, FIND_IN_SET('femme', u.flags) AS femme,
271	UNIX_TIMESTAMP(s.start) AS lastlogin, s.host, a.alias AS forlife, a2.alias AS bestalias,
272	q.core_mail_fmt AS mail_fmt, UNIX_TIMESTAMP(q.banana_last) AS banana_last, q.watch_last, q.core_rss_hash
273	FROM auth_user_md5 AS u
274	INNER JOIN auth_user_quick AS q USING(user_id)
275	INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type='a_vie')
276	INNER JOIN aliases AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias',a2.flags))
277	LEFT JOIN logger.sessions AS s ON (s.uid=u.user_id AND s.suid=0)
278	WHERE u.user_id = {?} AND u.perms IN('admin','user')
279	ORDER BY s.start DESC
280	LIMIT 1", $uid);
281	$sess = $res->fetchOneAssoc();
282	$suid = Session::getMixed('suid');
283
284	if ($suid) {
285	$logger = new DiogenesCoreLogger($uid, $suid);
286	$logger->log("suid_start", Session::get('forlife')." by {$suid['uid']}");
287	$sess['suid'] = $suid;
288	} else {
289	$logger = Session::getMixed('log', new DiogenesCoreLogger($uid));
290	$logger->log("connexion", $_SERVER['PHP_SELF']);
291	setcookie('ORGuid', $uid, (time()+25920000), '/', '', 0);
292	}
293
294	$_SESSION = $sess;
295	$_SESSION['log'] = $logger;
296	$_SESSION['auth'] = ($identified ? AUTH_MDP : AUTH_COOKIE);
297	set_skin();
298	}
299
300	// }}}
301	// {{{ function set_skin()
302
303	function set_skin()
304	{
305	global $globals;
306	if (logged() && $globals->skin->enable) {
307	$uid = Session::getInt('uid');
308	$res = $globals->xdb->query("SELECT skin,skin_tpl
309	FROM auth_user_quick AS a
310	INNER JOIN skins AS s ON a.skin=s.id
311	WHERE user_id = {?} AND skin_tpl != ''", $uid);
312	if (list($_SESSION['skin_id'], $_SESSION['skin']) = $res->fetchOneRow()) {
313	return;
314	}
315	}
316	if ($globals->skin->enable) {
317	$_SESSION['skin'] = $globals->skin->def_tpl;
318	$_SESSION['skin_id'] = $globals->skin->def_id;
319	} else {
320	$_SESSION['skin'] = 'default.tpl';
321	$_SESSION['skin_id'] = -1;
322	}
323	}
324
325	// }}}
326
327	// vim:set et sw=4 sts=4 sws=4 foldmethod=marker:
328	?>