modules/auth/auth.inc.php

   1 <?php
   2 /***************************************************************************
   3  *  Copyright (C) 2003-2010 Polytechnique.org                              *
   4  *  http://opensource.polytechnique.org/                                   *
   5  *                                                                         *
   6  *  This program is free software; you can redistribute it and/or modify   *
   7  *  it under the terms of the GNU General Public License as published by   *
   8  *  the Free Software Foundation; either version 2 of the License, or      *
   9  *  (at your option) any later version.                                    *
  10  *                                                                         *
  11  *  This program is distributed in the hope that it will be useful,        *
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
  14  *  GNU General Public License for more details.                           *
  15  *                                                                         *
  16  *  You should have received a copy of the GNU General Public License      *
  17  *  along with this program; if not, write to the Free Software            *
  18  *  Foundation, Inc.,                                                      *
  19  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
  20  ***************************************************************************/
  21
  22 function gpex_prepare_param($name, $val, &$to_hash,  $charset)
  23 {
  24     $val = iconv('UTF-8', $charset, $val);
  25     $to_hash .= $val;
  26     return '&' . $name . '=' . urlencode($val);
  27 }
  28
  29 function gpex_make($chlg, $privkey, $datafields, $charset)
  30 {
  31     $tohash   = "1$chlg$privkey";
  32     $params   = "";
  33     $fieldarr = explode(',', $datafields);
  34
  35     $user =& S::user();
  36     if ($user->hasProfile()) {
  37         /* Transition table for authentification. */
  38         $personnal_data = $user->profile()->data();
  39         $personnal_data['matricule'] = $personnal_data['xorg_id'];
  40         $personnal_data['matricule_ax'] = $personnal_data['ax_id'];
  41         $personnal_data['promo_sortie'] = $personnal_data['promo'] + 3; // FIXME: Hum, not that good
  42         $personnal_data['nationalite'] = $personnal_data['nationality1'];
  43         $personnal_data['naissance'] = $personnal_data['birthdate'];
  44         $personnal_data['deces'] = $personnal_data['deathdate'];
  45         $personnal_data['nom'] = $personnal_data['lastname'];
  46         $personnal_data['prenom'] = $personnal_data['firstname'];
  47         $personnal_data['flags'] = $user->profile()->isFemale() ? 'femme' : '';
  48     } else {
  49         $personnal_data = array();
  50     }
  51
  52     foreach ($fieldarr as $val) {
  53         // Determine the requested value, and add it to the answer.
  54         if ($val == 'perms') {
  55             $params .= gpex_prepare_param($val, S::admin() ? 'admin' : 'user', $tohash, $charset);
  56         } else if ($val == 'forlife') {
  57             $params .= gpex_prepare_param($val, S::v('hruid'), $tohash, $charset);
  58         } else if (S::has($val)) {
  59             $params .= gpex_prepare_param($val, S::v($val), $tohash, $charset);
  60         } else if (isset($personnal_data[$val])) {
  61             $params .= gpex_prepare_param($val, $personnal_data[$val], $tohash, $charset);
  62         } else if ($val == 'username') {
  63             $res = XDB::query("SELECT  alias
  64                                  FROM  aliases
  65                                 WHERE  uid = {?} AND FIND_IN_SET('bestalias', flags)",
  66                               S::i('uid'));
  67             $min_username = $res->fetchOneCell();
  68             $params      .= gpex_prepare_param($val, $min_username, $tohash, $charset);
  69         } else if ($val == 'grpauth') {
  70             if (isset($_GET['group'])) {
  71                 $res = XDB::query("SELECT  perms
  72                                      FROM  group_members
  73                                INNER JOIN  groups ON(id = asso_id)
  74                                     WHERE  uid = {?} AND diminutif = {?}",
  75                                   S::v('uid'), $_GET['group']);
  76                 $perms = $res->fetchOneCell();
  77             } else {
  78                 // if no group asked, return main rights
  79                 $perms = S::admin() ? 'admin' : 'membre';
  80             }
  81             $params .= gpex_prepare_param($val, $perms, $tohash, $charset);
  82         } else {
  83             $params .= gpex_prepare_param($val, '', $tohash, $charset);
  84         }
  85     }
  86     $tohash .= "1";
  87     $auth = md5($tohash);
  88     return array($auth, "&auth=" . $auth . $params);
  89 }
  90
  91 /* cree les parametres de l'URL de retour avec les champs demandes */
  92 function gpex_make_params($chlg, $privkey, $datafields, $charset)
  93 {
  94     list ($auth, $param) = gpex_make($chlg, $privkey, $datafields, $charset);
  95     return $param;
  96 }
  97
  98 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
  99 ?>