[platal.git] / modules / auth / auth.inc.php

<?php
/***************************************************************************
 *  Copyright (C) 2003-2007 Polytechnique.org                              *
 *  http://opensource.polytechnique.org/                                   *
 *                                                                         *
 *  This program is free software; you can redistribute it and/or modify   *
 *  it under the terms of the GNU General Public License as published by   *
 *  the Free Software Foundation; either version 2 of the License, or      *
 *  (at your option) any later version.                                    *
 *                                                                         *
 *  This program is distributed in the hope that it will be useful,        *
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
 *  GNU General Public License for more details.                           *
 *                                                                         *
 *  You should have received a copy of the GNU General Public License      *
 *  along with this program; if not, write to the Free Software            *
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 ***************************************************************************/

function gpex_make($chlg, $privkey, $datafields)
{
    $tohash   = "1$chlg$privkey";
    $params   = "";
    $fieldarr = explode(",",$datafields);

    $res = XDB::query("SELECT matricule, matricule_ax, promo,
                                        promo_sortie, flags, deces, nom,
                                        prenom, nationalite, section,
                                        naissance
                                   FROM auth_user_md5 WHERE user_id = {?}",
                                S::v('uid'));
    $personnal_data = $res->fetchOneAssoc();

    foreach ($fieldarr as $val) {
        /* on verifie qu'on n'a pas demandÃ© une variable inexistante ! */
        if (S::has($val)) {
            $tohash .= S::v($val);
            $params .= "&$val=".S::v($val);
        } else if (isset($personnal_data[$val])) {
            $tohash .= $personnal_data[$val];
            $params .= "&$val=".$personnal_data[$val];
        } else if ($val == 'username') {
            $res = XDB::query("SELECT alias FROM aliases
                                          WHERE id = {?} AND FIND_IN_SET('bestalias', flags)",
                                        S::v('uid'));
            $min_username = $res->fetchOneCell();
            $tohash      .= $min_username;
            $params      .= "&$val=".$min_username;
        } else if ($val == 'grpauth') {
        	if (isset($_GET['group'])) {
	        	$res = XDB::query("SELECT perms FROM groupex.membres
					INNER JOIN groupex.asso ON(id = asso_id) 
					WHERE uid = {?} AND diminutif = {?}", S::v('uid'), $_GET['group']);
				$perms = $res->fetchOneCell();
			} else {
				// if no group asked, return main rights
				$perms = Session::has_perms()?'admin':'membre';
			}
			$tohash .= $perms;
			$params .= "&$val=".$perms;
        }
    }
    $tohash .= "1";
    $auth = md5($tohash);
    return array($auth, "&auth=".$auth.$params);
}

/* cree le champs "auth" renvoye au Groupe X */
function gpex_make_auth($chlg, $privkey, $datafields) {
	list ($auth, $param) = gpex_make($chlg, $privkey, $datafields);
	return $auth;
}

/* cree les parametres de l'URL de retour avec les champs demandes */
function gpex_make_params($chlg, $privkey, $datafields) {
	list ($auth, $param) = gpex_make($chlg, $privkey, $datafields);
	return $param;
}

// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
?>
Commit	Line	Data
0337d704	1	<?php
0337d704	2	/***************************************************************************
5ddeb07c	3	* Copyright (C) 2003-2007 Polytechnique.org *
0337d704	4	* http://opensource.polytechnique.org/ *
	5	* *
	6	* This program is free software; you can redistribute it and/or modify *
	7	* it under the terms of the GNU General Public License as published by *
	8	* the Free Software Foundation; either version 2 of the License, or *
	9	* (at your option) any later version. *
	10	* *
	11	* This program is distributed in the hope that it will be useful, *
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
	14	* GNU General Public License for more details. *
	15	* *
	16	* You should have received a copy of the GNU General Public License *
	17	* along with this program; if not, write to the Free Software *
	18	* Foundation, Inc., *
	19	* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
	20	***************************************************************************/
	21
9881e0b2	22	function gpex_make($chlg, $privkey, $datafields)
9881e0b2	23	{
0337d704	24	$tohash = "1$chlg$privkey";
9881e0b2	25	$params = "";
9881e0b2	26	$fieldarr = explode(",",$datafields);
0337d704	27
08cce2ff	28	$res = XDB::query("SELECT matricule, matricule_ax, promo,
5d292fd8	29	promo_sortie, flags, deces, nom,
	30	prenom, nationalite, section,
	31	naissance
	32	FROM auth_user_md5 WHERE user_id = {?}",
cab08090	33	S::v('uid'));
9f3acd20	34	$personnal_data = $res->fetchOneAssoc();
5d292fd8	35
5d292fd8	36	foreach ($fieldarr as $val) {
a7de4ef7	37	/* on verifie qu'on n'a pas demandÃ© une variable inexistante ! */
cab08090	38	if (S::has($val)) {
cab08090	39	$tohash .= S::v($val);
37448723	40	$params .= "&$val=".S::v($val);
9f3acd20	41	} else if (isset($personnal_data[$val])) {
9f3acd20	42	$tohash .= $personnal_data[$val];
37448723	43	$params .= "&$val=".$personnal_data[$val];
0337d704	44	} else if ($val == 'username') {
08cce2ff	45	$res = XDB::query("SELECT alias FROM aliases
5d292fd8	46	WHERE id = {?} AND FIND_IN_SET('bestalias', flags)",
cab08090	47	S::v('uid'));
0337d704	48	$min_username = $res->fetchOneCell();
0337d704	49	$tohash .= $min_username;
9881e0b2	50	$params .= "&$val=".$min_username;
b49f3f40	51	} else if ($val == 'grpauth') {
	52	if (isset($_GET['group'])) {
	53	$res = XDB::query("SELECT perms FROM groupex.membres
	54	INNER JOIN groupex.asso ON(id = asso_id)
	55	WHERE uid = {?} AND diminutif = {?}", S::v('uid'), $_GET['group']);
	56	$perms = $res->fetchOneCell();
	57	} else {
	58	// if no group asked, return main rights
	59	$perms = Session::has_perms()?'admin':'membre';
	60	}
9881e0b2	61	$tohash .= $perms;
9881e0b2	62	$params .= "&$val=".$perms;
5d292fd8	63	}
0337d704	64	}
0337d704	65	$tohash .= "1";
9881e0b2	66	$auth = md5($tohash);
	67	return array($auth, "&auth=".$auth.$params);
	68	}
	69
	70	/* cree le champs "auth" renvoye au Groupe X */
	71	function gpex_make_auth($chlg, $privkey, $datafields) {
	72	list ($auth, $param) = gpex_make($chlg, $privkey, $datafields);
	73	return $auth;
0337d704	74	}
	75
	76	/* cree les parametres de l'URL de retour avec les champs demandes */
	77	function gpex_make_params($chlg, $privkey, $datafields) {
9881e0b2	78	list ($auth, $param) = gpex_make($chlg, $privkey, $datafields);
9881e0b2	79	return $param;
0337d704	80	}
0337d704	81
a7de4ef7	82	// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
0337d704	83	?>