2 /***************************************************************************
3 * Copyright (C) 2003-2008 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
24 public static function init()
27 if (empty($_SESSION['challenge'])) {
28 $_SESSION['challenge'] = sha1(uniqid(rand(), true
));
30 if (empty($_SESSION['xsrf_token'])) {
31 $_SESSION['xsrf_token'] = rand_url_id();
33 if (!isset($_SESSION['perms']) ||
!($_SESSION['perms'] instanceof FlagSet
)) {
34 $_SESSION['perms'] = new FlagSet();
38 public static function destroy()
44 public static function has($key)
46 return isset($_SESSION[$key]);
49 public static function kill($key)
51 unset($_SESSION[$key]);
54 public static function v($key, $default = null
)
56 return isset($_SESSION[$key]) ?
$_SESSION[$key] : $default;
59 public static function s($key, $default = '')
61 return (string)Session
::v($key, $default);
64 public static function i($key, $default = 0)
66 $i = Session
::v($key, $default);
67 return is_numeric($i) ?
intval($i) : $default;
70 public static function l(array $keys)
72 return array_map(array('Session', 'v'), $keys);
75 public static function has_perms()
77 return Session
::logged() && Session
::v('perms')->hasFlag(PERMS_ADMIN
);
80 public static function has_xsrf_token()
82 return Session
::has('xsrf_token') && Session
::v('xsrf_token') == Env
::v('token');
85 public static function logged()
87 return Session
::v('auth', AUTH_PUBLIC
) >= AUTH_COOKIE
;
90 public static function identified()
92 return Session
::v('auth', AUTH_PUBLIC
) >= AUTH_MDP
;
96 // {{{ function check_perms()
98 /** verifie si un utilisateur a les droits pour voir une page
99 ** si ce n'est pas le cas, on affiche une erreur
102 function check_perms()
105 if (!S
::has_perms()) {
106 if ($_SESSION['log']) {
107 $_SESSION['log']->log("noperms",$_SERVER['PHP_SELF']);
109 $page->kill("Tu n'as pas les permissions nécessaires pour accéder à cette page.");
115 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: