<?php
/***************************************************************************
- * Copyright (C) 2003-2007 Polytechnique.org *
+ * Copyright (C) 2003-2009 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
{
$val = iconv('UTF-8', $charset, $val);
$to_hash .= $val;
- return '&' . $name . '=' . $val;
+ return '&' . $name . '=' . urlencode($val);
}
function gpex_make($chlg, $privkey, $datafields, $charset)
$personnal_data = $res->fetchOneAssoc();
foreach ($fieldarr as $val) {
- /* on verifie qu'on n'a pas demandé une variable inexistante ! */
- if (S::has($val)) {
+ // Determine the requested value, and add it to the answer.
+ if ($val == 'perms') {
+ $params .= gpex_prepare_param($val, S::has_perms() ? 'admin' : 'user', $tohash, $charset);
+ } else if ($val == 'forlife') {
+ $params .= gpex_prepare_param($val, S::v('hruid'), $tohash, $charset);
+ } else if (S::has($val)) {
$params .= gpex_prepare_param($val, S::v($val), $tohash, $charset);
} else if (isset($personnal_data[$val])) {
$params .= gpex_prepare_param($val, $personnal_data[$val], $tohash, $charset);
if (isset($_GET['group'])) {
$res = XDB::query("SELECT perms
FROM groupex.membres
- INNER JOIN groupex.asso ON(id = asso_id)
+ INNER JOIN groupex.asso ON(id = asso_id)
WHERE uid = {?} AND diminutif = {?}",
S::v('uid'), $_GET['group']);
$perms = $res->fetchOneCell();
} else {
// if no group asked, return main rights
- $perms = Session::has_perms()?'admin':'membre';
+ $perms = S::has_perms() ? 'admin' : 'membre';
}
$params .= gpex_prepare_param($val, $perms, $tohash, $charset);
}