<?php
/***************************************************************************
- * Copyright (C) 2003-2004 Polytechnique.org *
+ * Copyright (C) 2003-2006 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
/* cree le champs "auth" renvoye au Groupe X */
function gpex_make_auth($chlg, $privkey, $datafields) {
global $globals;
- $fieldarr = split(",",$datafields);
+ $fieldarr = explode(",",$datafields);
$tohash = "1$chlg$privkey";
+ $res = $globals->xdb->query("SELECT matricule,matricule_ax,promo,promo_sortie,flags,deces,nom,prenom,nationalite,section,naissance FROM auth_user_md5 WHERE user_id = {?}", Session::getInt('uid'));
+ $personnal_data = $res->fetchOneAssoc();
+
while (list(,$val) = each($fieldarr)) {
/* on verifie qu'on n'a pas demandé une
variable inexistante ! */
if (isset($_SESSION[$val])) {
$tohash .= $_SESSION[$val];
+ } else if (isset($personnal_data[$val])) {
+ $tohash .= $personnal_data[$val];
} else if ($val == 'username') {
$res = $globals->xdb->query("SELECT alias FROM aliases WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", Session::getInt('uid'));
$min_username = $res->fetchOneCell();
function gpex_make_params($chlg, $privkey, $datafields) {
global $globals;
$params = "&auth=".gpex_make_auth($chlg, $privkey, $datafields);
- $fieldarr = split(",",$datafields);
+
+ $res = $globals->xdb->query("SELECT matricule,matricule_ax,promo,promo_sortie,flags,deces,nom,prenom,nationalite,section,naissance FROM auth_user_md5 WHERE user_id = {?}", Session::getInt('uid'));
+ $personnal_data = $res->fetchOneAssoc();
+
+ $fieldarr = explode(",",$datafields);
while (list(,$val) = each($fieldarr)) {
if (isset($_SESSION[$val])) {
$params .= "&$val=".$_SESSION[$val];
+ } else if (isset($personnal_data[$val])) {
+ $params .= "&$val=".$personnal_data[$val];
} else if ($val == 'username') {
$res = $globals->xdb->query("SELECT alias FROM aliases WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", Session::getInt('uid'));
$min_username = $res->fetchOneCell();
while (list($privkey,$name,$datafields) = $res->next()) {
if (md5($gpex_challenge.$privkey) == $gpex_pass) {
$returl = $gpex_url.gpex_make_params($gpex_challenge,$privkey,$datafields);
- header("Location:$returl");
- exit(0);
+ redirect($returl);
}
}
/* si on n'a pas trouvé, on renvoit sur x.org */
-header("Location:https://www.polytechnique.org/");
-exit(0);
+redirect('https://www.polytechnique.org/');
?>