uid==$uid) ? $_SESSION['log'] : new DiogenesCoreLogger($uid); $logger->log("connexion_auth_ext",$_SERVER['PHP_SELF']); } /* cree le champs "auth" renvoye au Groupe X */ function gpex_make_auth($chlg, $privkey, $datafields) { global $globals; $fieldarr = explode(",",$datafields); $tohash = "1$chlg$privkey"; $res = $globals->xdb->query("SELECT matricule,matricule_ax,promo,promo_sortie,flags,deces,nom,prenom,nationalite,section,naissance FROM auth_user_md5 WHERE user_id = {?}", Session::getInt('uid')); $personnal_data = $res->fetchOneAssoc(); while (list(,$val) = each($fieldarr)) { /* on verifie qu'on n'a pas demandé une variable inexistante ! */ if (isset($_SESSION[$val])) { $tohash .= $_SESSION[$val]; } else if (isset($personnal_data[$val])) { $tohash .= $personnal_data[$val]; } else if ($val == 'username') { $res = $globals->xdb->query("SELECT alias FROM aliases WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", Session::getInt('uid')); $min_username = $res->fetchOneCell(); $tohash .= $min_username; } } $tohash .= "1"; return md5($tohash); } /* cree les parametres de l'URL de retour avec les champs demandes */ function gpex_make_params($chlg, $privkey, $datafields) { global $globals; $params = "&auth=".gpex_make_auth($chlg, $privkey, $datafields); $res = $globals->xdb->query("SELECT matricule,matricule_ax,promo,promo_sortie,flags,deces,nom,prenom,nationalite,section,naissance FROM auth_user_md5 WHERE user_id = {?}", Session::getInt('uid')); $personnal_data = $res->fetchOneAssoc(); $fieldarr = explode(",",$datafields); while (list(,$val) = each($fieldarr)) { if (isset($_SESSION[$val])) { $params .= "&$val=".$_SESSION[$val]; } else if (isset($personnal_data[$val])) { $params .= "&$val=".$personnal_data[$val]; } else if ($val == 'username') { $res = $globals->xdb->query("SELECT alias FROM aliases WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", Session::getInt('uid')); $min_username = $res->fetchOneCell(); $params .= "&$val=".$min_username; } } return $params; } /* on parcourt les entrees de groupes_auth */ $res = $globals->xdb->iterRow('select privkey,name,datafields from groupesx_auth'); while (list($privkey,$name,$datafields) = $res->next()) { if (md5($gpex_challenge.$privkey) == $gpex_pass) { $returl = $gpex_url.gpex_make_params($gpex_challenge,$privkey,$datafields); redirect($returl); } } /* si on n'a pas trouvé, on renvoit sur x.org */ redirect('https://www.polytechnique.org/'); ?>