projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
droits admin quand aucun groupe demande lors de l'authentification distante
[platal.git] / modules / auth / auth.inc.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2007 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 function gpex_make($chlg, $privkey, $datafields)
23 {
24 $tohash = "1$chlg$privkey";
25 $params = "";
26 $fieldarr = explode(",",$datafields);
27
28 $res = XDB::query("SELECT matricule, matricule_ax, promo,
29 promo_sortie, flags, deces, nom,
30 prenom, nationalite, section,
31 naissance
32 FROM auth_user_md5 WHERE user_id = {?}",
33 S::v('uid'));
34 $personnal_data = $res->fetchOneAssoc();
35
36 foreach ($fieldarr as $val) {
37 /* on verifie qu'on n'a pas demandé une variable inexistante ! */
38 if (S::has($val)) {
39 $tohash .= S::v($val);
40 $params .= "&$val=".S::v($val);
41 } else if (isset($personnal_data[$val])) {
42 $tohash .= $personnal_data[$val];
43 $params .= "&$val=".$personnal_data[$val];
44 } else if ($val == 'username') {
45 $res = XDB::query("SELECT alias FROM aliases
46 WHERE id = {?} AND FIND_IN_SET('bestalias', flags)",
47 S::v('uid'));
48 $min_username = $res->fetchOneCell();
49 $tohash .= $min_username;
50 $params .= "&$val=".$min_username;
51 } else if ($val == 'grpauth') {
52 if (isset($_GET['group'])) {
53 $res = XDB::query("SELECT perms FROM groupex.membres
54 INNER JOIN groupex.asso ON(id = asso_id)
55 WHERE uid = {?} AND diminutif = {?}", S::v('uid'), $_GET['group']);
56 $perms = $res->fetchOneCell();
57 } else {
58 // if no group asked, return main rights
59 $perms = Session::has_perms()?'admin':'membre';
60 }
61 $tohash .= $perms;
62 $params .= "&$val=".$perms;
63 }
64 }
65 $tohash .= "1";
66 $auth = md5($tohash);
67 return array($auth, "&auth=".$auth.$params);
68 }
69
70 /* cree le champs "auth" renvoye au Groupe X */
71 function gpex_make_auth($chlg, $privkey, $datafields) {
72 list ($auth, $param) = gpex_make($chlg, $privkey, $datafields);
73 return $auth;
74 }
75
76 /* cree les parametres de l'URL de retour avec les champs demandes */
77 function gpex_make_params($chlg, $privkey, $datafields) {
78 list ($auth, $param) = gpex_make($chlg, $privkey, $datafields);
79 return $param;
80 }
81
82 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
83 ?>
plat/al