projects
/
platal.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Don't send transition data if new_pass === old_pass.
[platal.git]
/
classes
/
xorgsession.php
diff --git
a/classes/xorgsession.php
b/classes/xorgsession.php
index
229df76
..
05c2207
100644
(file)
--- a/
classes/xorgsession.php
+++ b/
classes/xorgsession.php
@@
-24,14
+24,10
@@
class XorgSession extends PlSession
public function __construct()
{
parent::__construct();
public function __construct()
{
parent::__construct();
- S::bootstrap('perms_backup', new PlFlagSet());
}
public function startAvailableAuth()
{
}
public function startAvailableAuth()
{
- if (!(S::v('perms') instanceof PlFlagSet)) {
- S::set('perms', S::v('perms_backup'));
- }
if (!S::logged()) {
$cookie = $this->tryCookie();
if ($cookie == 0) {
if (!S::logged()) {
$cookie = $this->tryCookie();
if ($cookie == 0) {
@@
-83,7
+79,8
@@
class XorgSession extends PlSession
if (list($uid, $password) = $res->fetchOneRow()) {
require_once 'secure_hash.inc.php';
$expected_response = hash_encrypt("$uname:$password:" . S::v('challenge'));
if (list($uid, $password) = $res->fetchOneRow()) {
require_once 'secure_hash.inc.php';
$expected_response = hash_encrypt("$uname:$password:" . S::v('challenge'));
- if ($response != $expected_response) {
+ if ($response != $expected_response && Env::has('xorpass')
+ && !preg_match('/^0*$/', Env::v('xorpass'))) {
$new_password = hash_xor(Env::v('xorpass'), $password);
$expected_response = hash_encrypt("$uname:$new_password:" . S::v('challenge'));
if ($response == $expected_response) {
$new_password = hash_xor(Env::v('xorpass'), $password);
$expected_response = hash_encrypt("$uname:$new_password:" . S::v('challenge'));
if ($response == $expected_response) {
@@
-91,6
+88,7
@@
class XorgSession extends PlSession
SET password = {?}
WHERE user_id = {?}',
$new_password, $uid);
SET password = {?}
WHERE user_id = {?}',
$new_password, $uid);
+ /* TODO: update GApps password here!!! */
}
}
if ($response != $expected_response) {
}
}
if ($response != $expected_response) {
@@
-223,10
+221,10
@@
class XorgSession extends PlSession
$logger = S::logger($uid);
setcookie('ORGuid', $uid, (time() + 25920000), '/', '', 0);
$logger = S::logger($uid);
setcookie('ORGuid', $uid, (time() + 25920000), '/', '', 0);
- if (S::i('auth_by_cookie') ==
S::i('uid')
|| Post::v('remember', 'false') == 'true') {
+ if (S::i('auth_by_cookie') ==
$uid
|| Post::v('remember', 'false') == 'true') {
$cookie = hash_encrypt($sess['password']);
setcookie('ORGaccess', $cookie, (time() + 25920000), '/', '', 0);
$cookie = hash_encrypt($sess['password']);
setcookie('ORGaccess', $cookie, (time() + 25920000), '/', '', 0);
- if ($logger) {
+ if ($logger
&& S::i('auth_by_cookie') != $uid
) {
$logger->log("cookie_on");
}
} else {
$logger->log("cookie_on");
}
} else {
@@
-243,6
+241,9
@@
class XorgSession extends PlSession
$this->setSkin();
$this->updateNbNotifs();
check_redirect();
$this->setSkin();
$this->updateNbNotifs();
check_redirect();
+
+ // We should not have to use this private data anymore
+ S::kill('auth_by_cookie');
return true;
}
return true;
}
@@
-299,7
+300,6
@@
class XorgSession extends PlSession
$flags = new PlFlagSet();
if ($perm == 'disabled' || $perm == 'ext') {
S::set('perms', $flags);
$flags = new PlFlagSet();
if ($perm == 'disabled' || $perm == 'ext') {
S::set('perms', $flags);
- S::set('perms_backup', $flags);
return;
}
$flags->addFlag(PERMS_USER);
return;
}
$flags->addFlag(PERMS_USER);
@@
-307,7
+307,6
@@
class XorgSession extends PlSession
$flags->addFlag(PERMS_ADMIN);
}
S::set('perms', $flags);
$flags->addFlag(PERMS_ADMIN);
}
S::set('perms', $flags);
- S::set('perms_backup', $flags);
}
public function setSkin()
}
public function setSkin()
@@
-323,6
+322,11
@@
class XorgSession extends PlSession
}
}
}
}
+ public function loggedLevel()
+ {
+ return AUTH_COOKIE;
+ }
+
public function sureLevel()
{
return AUTH_MDP;
public function sureLevel()
{
return AUTH_MDP;