Improves satistics display, adds info about x, m, d.

[platal.git] / modules / auth.php

diff --git a/modules/auth.php b/modules/auth.php
index 2c39af9..88a1e9d 100644 (file)
--- a/modules/auth.php
+++ b/modules/auth.php
@@ -36,14 +36,14 @@ class AuthModule extends PLModule
         );
     }
 
-    function handler_chall(&$page)
+    function handler_chall($page)
     {
         $_SESSION["chall"] = uniqid(rand(), 1);
         echo $_SESSION["chall"] . "\n" . session_id();
         exit;
     }
 
-    function handler_econf(&$page)
+    function handler_econf($page)
     {
         global $globals;
 
@@ -51,7 +51,7 @@ class AuthModule extends PLModule
 
         $res = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n\n<membres>\n\n";
 
-        if (S::v('chall') && $_GET['PASS'] == md5(S::v('chall').$cle)) {
+        if (S::v('chall') && Get::s('PASS') == md5(S::v('chall').$cle)) {
             $list = new MMList(User::getWithUID(10154), "x-econfiance.polytechnique.org");
             $members = $list->get_members('membres');
             if (is_array($members)) {
@@ -76,7 +76,7 @@ class AuthModule extends PLModule
         exit;
     }
 
-    function handler_manageurs(&$page)
+    function handler_manageurs($page)
     {
         global $globals;
 
@@ -99,17 +99,17 @@ class AuthModule extends PLModule
         exit;
     }
 
-    function handler_redirect(&$page)
+    function handler_redirect($page)
     {
         http_redirect(Env::v('dest', '/'));
     }
 
-    function handler_groupex_old(&$page)
+    function handler_groupex_old($page)
     {
         return $this->handler_groupex($page, 'iso-8859-1');
     }
 
-    function handler_groupex(&$page, $charset = 'utf8')
+    function handler_groupex($page, $charset = 'utf8')
     {
         $this->load('auth.inc.php');
         $page->assign('referer', true);
@@ -145,6 +145,10 @@ class AuthModule extends PLModule
                 // the user to the real GroupeX website, which defeats the attack).
                 if (empty($returnurls) || @preg_match($returnurls, $gpex_url)) {
                     $returl = $gpex_url . gpex_make_params($gpex_challenge, $privkey, $datafields, $charset);
+                    XDB::execute('UPDATE  group_auth
+                                     SET  last_used = DATE(NOW())
+                                   WHERE  name = {?}',
+                                 $name);
                     http_redirect($returl);
                 } else if (S::admin()) {
                     $page->kill("La requête d'authentification a échouée (url de retour invalide).");
@@ -157,7 +161,7 @@ class AuthModule extends PLModule
         pl_redirect('/');
     }
 
-    function handler_admin_authgroupesx(&$page, $action = 'list', $id = null)
+    function handler_admin_authgroupesx($page, $action = 'list', $id = null)
     {
         $page->setTitle('Administration - Auth groupes X');
         $page->assign('title', 'Gestion de l\'authentification centralisée');
@@ -166,6 +170,7 @@ class AuthModule extends PLModule
         $table_editor->describe('privkey','clé privée',false);
         $table_editor->describe('datafields','champs renvoyés',true);
         $table_editor->describe('returnurls','urls de retour',true);
+        $table_editor->describe('last_used', 'dernière utilisation', true);
         $table_editor->apply($page, $action, $id);
     }
 }