projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
{site}.inc.php is the base for all jobs.
[platal.git] / include / xnet / session.inc.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2008 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 class XnetSession
23 {
24 public function __construct()
25 {
26 self::init();
27 }
28
29 // {{{ function init
30
31 public static function init()
32 {
33 global $globals;
34
35 S::init();
36
37 if (!S::logged() && Get::has('auth')) {
38 XnetSession::doAuthX();
39 }
40
41 if (!S::logged()) {
42 // prevent connexion to be linked to deconnexion
43 if (($i = strpos($_SERVER['REQUEST_URI'], 'exit')) !== false)
44 $returl = "http://{$_SERVER['SERVER_NAME']}".substr($_SERVER['REQUEST_URI'], 0, $i);
45 else
46 $returl = "http://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}";
47 $url = "https://www.polytechnique.org/auth-groupex";
48 $url .= "?session=" . session_id();
49 $url .= "&challenge=" . S::v('challenge');
50 $url .= "&pass=" . md5(S::v('challenge') . $globals->xnet->secret);
51 $url .= "&url=".urlencode($returl);
52 $_SESSION['loginX'] = $url;
53 }
54
55 if (S::logged() && $globals->asso()) {
56 $perms = S::v('perms');
57 $perms->rmFlag('groupadmin');
58 $perms->rmFlag('groupmember');
59 $perms->rmFlag('groupannu');
60 if (may_update()) {
61 $perms->addFlag('groupadmin');
62 $perms->addFlag('groupmember');
63 $perms->addFlag('groupannu');
64 }
65 if (is_member()) {
66 $perms->addFlag('groupmember');
67 if ($globals->asso('pub') != 'private') {
68 $perms->addFlag('groupannu');
69 }
70 }
71 if ($globals->asso('cat') == 'Promotions') {
72 $perms->addFlag('groupannu');
73 }
74 $_SESSION['perms'] = $perms;
75 }
76 }
77
78 // }}}
79 // {{{ public static function destroy()
80
81 public static function destroy() {
82 S::destroy();
83 XnetSession::init();
84 }
85
86 // }}}
87 // {{{ public static function doAuth()
88
89 /** Try to do an authentication.
90 *
91 * @param page the calling page (by reference)
92 */
93 public static function doAuth()
94 {
95 if (S::identified()) { // ok, c'est bon, on n'a rien à faire
96 return true;
97 }
98
99 if (Get::has('auth')) {
100 return XnetSession::doAuthX();
101 }
102
103 return false;
104 }
105
106 // }}}
107 // {{{ doAuthCookie
108
109 public static function doAuthCookie() {
110 return XnetSession::doAuth();
111 }
112
113 // }}}
114 // {{{ doAuthX
115
116 public static function doAuthX()
117 {
118 global $globals;
119
120 if (md5('1'.S::v('challenge').$globals->xnet->secret.Get::i('uid').'1') != Get::v('auth')) {
121 Get::kill('auth');
122 $page =& Platal::page();
123 $page->kill("Erreur d'authentification avec polytechnique.org !");
124 }
125
126 $res = XDB::query("
127 SELECT u.user_id AS uid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme,
128 a.alias AS forlife, a2.alias AS bestalias, q.core_mail_fmt AS mail_fmt, q.core_rss_hash
129 FROM auth_user_md5 AS u
130 INNER JOIN auth_user_quick AS q USING(user_id)
131 INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type='a_vie')
132 INNER JOIN aliases AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias',a2.flags))
133 WHERE u.user_id = {?} AND u.perms IN('admin','user')
134 LIMIT 1", Get::i('uid'));
135 $_SESSION = array_merge($_SESSION, $res->fetchOneAssoc());
136 $_SESSION['auth'] = AUTH_MDP;
137 require_once 'xorg/session.inc.php';
138 $_SESSION['perms'] =& XorgSession::make_perms(S::v('perms'));
139 S::kill('challenge');
140 S::kill('loginX');
141 S::kill('may_update');
142 S::kill('is_member');
143 Get::kill('auth');
144 Get::kill('uid');
145 $path = Get::v('n');
146 Get::kill('n');
147 Get::kill('PHPSESSID');
148
149 $args = array();
150 foreach($_GET as $key => $val) {
151 $args[] = urlencode($key).'='.urlencode($val);
152 }
153
154 http_redirect($globals->baseurl . '/' . $path, join('&', $args));
155 }
156
157 // }}}
158 // {{{ doSelfSuid
159
160 public static function doSelfSuid()
161 {
162 if (!S::has('suid')) {
163 $_SESSION['suid'] = $_SESSION;
164 }
165 require_once 'xorg/session.inc.php';
166 $_SESSION['perms'] =& XorgSession::make_perms('user');
167 }
168
169 // }}}
170 // {{{ killSuid
171
172 public static function killSuid()
173 {
174 if (!S::has('suid')) {
175 return;
176 }
177 $suid = S::v('suid');
178 S::kill('suid');
179 S::kill('may_update');
180 S::kill('is_member');
181 $_SESSION['perms'] = $suid['perms'];
182 }
183
184 // }}}
185 }
186
187 // }}}
188 // {{{ function may_update
189
190 /** Return administration rights for the current asso
191 * @param force Force administration rights to be read from database
192 * @param lose Force administration rights to be false
193 */
194 function may_update($force = false, $lose = false)
195 {
196 if (!isset($_SESSION['may_update'])) {
197 $_SESSION['may_update'] = array();
198 }
199 $may_update =& $_SESSION['may_update'];
200
201 global $globals;
202 $asso_id = $globals->asso('id');
203 if (!$asso_id) {
204 return false;
205 } elseif ($lose) {
206 $may_update[$asso_id] = false;
207 } elseif (S::has_perms() || (S::has('suid') && $force)) {
208 $may_update[$asso_id] = true;
209 } elseif (!isset($may_update[$asso_id]) || $force) {
210 $res = XDB::query("SELECT perms
211 FROM groupex.membres
212 WHERE uid={?} AND asso_id={?}",
213 S::v('uid'), $asso_id);
214 $may_update[$asso_id] = ($res->fetchOneCell() == 'admin');
215 }
216 return $may_update[$asso_id];
217 }
218
219 // }}}
220 // {{{ function is_member
221
222 /** Get membership informations for the current asso
223 * @param force Force membership to be read from database
224 * @param lose Force membership to be false
225 */
226 function is_member($force = false, $lose = false)
227 {
228 if (!isset($_SESSION['is_member'])) {
229 $_SESSION['is_member'] = array();
230 }
231 $is_member =& $_SESSION['is_member'];
232
233 global $globals;
234 $asso_id = $globals->asso('id');
235 if (!$asso_id) {
236 return false;
237 } elseif ($lose) {
238 $is_member[$asso_id] = false;
239 } elseif (S::has('suid') && $force) {
240 $is_member[$asso_id] = true;
241 } elseif (!isset($is_member[$asso_id]) || $force) {
242 $res = XDB::query("SELECT COUNT(*)
243 FROM groupex.membres
244 WHERE uid={?} AND asso_id={?}",
245 S::v('uid'), $asso_id);
246 $is_member[$asso_id] = ($res->fetchOneCell() == 1);
247 }
248 return $is_member[$asso_id];
249 }
250
251 // }}}
252 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
253 ?>
plat/al