2 /***************************************************************************
3 * Copyright (C) 2003-2008 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
26 public static function init()
33 // prevent connexion to be linked to deconnexion
34 if (($i = strpos($_SERVER['REQUEST_URI'], 'exit')) !== false
)
35 $returl = "http://{$_SERVER['SERVER_NAME']}".substr($_SERVER['REQUEST_URI'], 0, $i);
37 $returl = "http://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}";
38 $url = "https://www.polytechnique.org/auth-groupex";
39 $url .= "?session=" . session_id();
40 $url .= "&challenge=" . S
::v('challenge');
41 $url .= "&pass=" . md5(S
::v('challenge') . $globals->xnet
->secret
);
42 $url .= "&url=".urlencode($returl);
43 $_SESSION['loginX'] = $url;
46 if (S
::logged() && $globals->asso()) {
47 $perms = S
::v('perms');
48 $perms->rmFlag('groupadmin');
49 $perms->rmFlag('groupmember');
50 $perms->rmFlag('groupannu');
52 $perms->addFlag('groupadmin');
53 $perms->addFlag('groupmember');
54 $perms->addFlag('groupannu');
57 $perms->addFlag('groupmember');
58 if ($globals->asso('pub') != 'private') {
59 $perms->addFlag('groupannu');
62 if ($globals->asso('cat') == 'Promotions') {
63 $perms->addFlag('groupannu');
65 $_SESSION['perms'] = $perms;
70 // {{{ public static function destroy()
72 public static function destroy() {
78 // {{{ public static function doAuth()
80 /** Try to do an authentication.
82 * @param page the calling page (by reference)
84 public static function doAuth()
86 if (S
::identified()) { // ok, c'est bon, on n'a rien à faire
90 if (Get
::has('auth')) {
91 return XnetSession
::doAuthX();
100 public static function doAuthCookie() {
101 return XnetSession
::doAuth();
107 public static function doAuthX()
109 global $globals, $page;
111 // Checks the SSO control token value.
112 if (md5('1'.S
::v('challenge').$globals->xnet
->secret
.Get
::i('uid').'1') != Get
::v('auth')) {
115 require_once 'xnet.inc.php';
116 new_skinned_page('platal/index.tpl');
118 $page->kill("Erreur d'authentification avec polytechnique.org !");
121 // Fetches user's data.
123 SELECT u.user_id AS uid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme,
124 u.hruid, CONCAT(a.alias, '@{$globals->mail->domain}') AS forlife, CONCAT(a2.alias, '@{$globals->mail->domain}') AS bestalias,
125 q.core_mail_fmt AS mail_fmt, q.core_rss_hash
126 FROM auth_user_md5 AS u
127 INNER JOIN auth_user_quick AS q USING(user_id)
128 INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type = 'a_vie')
129 INNER JOIN aliases AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias', a2.flags))
130 WHERE u.user_id = {?} AND u.perms IN('admin','user')
131 LIMIT 1", Get
::i('uid'));
133 // Sets up the session, using fetched data and Xorg's permission system.
134 $_SESSION = array_merge($_SESSION, $res->fetchOneAssoc());
135 $_SESSION['auth'] = AUTH_MDP
;
136 require_once 'xorg/session.inc.php';
137 $_SESSION['perms'] =& XorgSession
::make_perms(S
::v('perms'));
139 // Removes session values which are of no interest in Xnet context.
140 S
::kill('challenge');
142 S
::kill('may_update');
143 S
::kill('is_member');
145 // Builds the Xnet destination URL, and redirects the user.
150 Get
::kill('PHPSESSID');
153 foreach($_GET as $key => $val) {
154 $args[] = urlencode($key).'='.urlencode($val);
157 http_redirect($globals->baseurl
. '/' . $path, join('&', $args));
163 public static function doSelfSuid()
165 if (!S
::has('suid')) {
166 $_SESSION['suid'] = $_SESSION;
168 require_once 'xorg/session.inc.php';
169 $_SESSION['perms'] =& XorgSession
::make_perms('user');
175 public static function killSuid()
177 if (!S
::has('suid')) {
180 $suid = S
::v('suid');
182 S
::kill('may_update');
183 S
::kill('is_member');
184 $_SESSION['perms'] = $suid['perms'];
191 // {{{ function may_update
193 /** Return administration rights for the current asso
194 * @param force Force administration rights to be read from database
195 * @param lose Force administration rights to be false
197 function may_update($force = false
, $lose = false
)
199 if (!isset($_SESSION['may_update'])) {
200 $_SESSION['may_update'] = array();
202 $may_update =& $_SESSION['may_update'];
205 $asso_id = $globals->asso('id');
209 $may_update[$asso_id] = false
;
210 } elseif (S
::has_perms() ||
(S
::has('suid') && $force)) {
211 $may_update[$asso_id] = true
;
212 } elseif (!isset($may_update[$asso_id]) ||
$force) {
213 $res = XDB
::query("SELECT perms
215 WHERE uid={?} AND asso_id={?}",
216 S
::v('uid'), $asso_id);
217 $may_update[$asso_id] = ($res->fetchOneCell() == 'admin');
219 return $may_update[$asso_id];
223 // {{{ function is_member
225 /** Get membership informations for the current asso
226 * @param force Force membership to be read from database
227 * @param lose Force membership to be false
229 function is_member($force = false
, $lose = false
)
231 if (!isset($_SESSION['is_member'])) {
232 $_SESSION['is_member'] = array();
234 $is_member =& $_SESSION['is_member'];
237 $asso_id = $globals->asso('id');
241 $is_member[$asso_id] = false
;
242 } elseif (S
::has('suid') && $force) {
243 $is_member[$asso_id] = true
;
244 } elseif (!isset($is_member[$asso_id]) ||
$force) {
245 $res = XDB
::query("SELECT COUNT(*)
247 WHERE uid={?} AND asso_id={?}",
248 S
::v('uid'), $asso_id);
249 $is_member[$asso_id] = ($res->fetchOneCell() == 1);
251 return $is_member[$asso_id];
255 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: