<?php
/***************************************************************************
- * Copyright (C) 2003-2009 Polytechnique.org *
+ * Copyright (C) 2003-2014 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
function check_email($email, $message)
{
- $res = XDB::query("SELECT state, description
- FROM emails_watch
- WHERE state != 'safe' AND email = {?}", $email);
- if ($res->numRows()) {
+ $res = XDB::fetchOneCell('SELECT COUNT(*)
+ FROM email_watch
+ WHERE state != \'safe\' AND email = {?}',
+ $email);
+ if ($res) {
send_warning_mail($message);
return true;
}
function check_account()
{
- return S::v('watch_account');
+ if (S::user()) {
+ return S::user()->watch;
+ }
+ return false;
}
function check_redirect($red = null)
}
}
-function send_warning_mail($title)
+function send_warning_mail($title, $body = '')
{
global $globals;
$mailer = new PlMailer();
$mailer->setFrom("webmaster@" . $globals->mail->domain);
$mailer->addTo($globals->core->admin_email);
$mailer->setSubject("[Plat/al Security Alert] $title");
- $mailer->setTxtBody("Identifiants de session :\n" . var_export($_SESSION, true) . "\n\n"
+ // Note: we can't do $session = var_export($_SESSION, true) as var_export
+ // doesn't handle circular dependency correctly.
+ ob_start();
+ var_dump($_SESSION);
+ $session = ob_get_clean();
+ $mailer->setTxtBody($body . "Identifiants de session :\n" . $session . "\n\n"
."Identifiants de connexion :\n" . var_export($_SERVER, true));
$mailer->send();
}
function kill_sessions()
{
- assert(S::has_perms());
+ assert(S::admin());
shell_exec('sudo -u root ' . dirname(dirname(__FILE__)) . '/bin/kill_sessions.sh');
}
-// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
?>