<?php
/***************************************************************************
- * Copyright (C) 2003-2008 Polytechnique.org *
+ * Copyright (C) 2003-2009 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
function handlers()
{
return array(
- 'index' => $this->make_hook('index', AUTH_PUBLIC),
- 'cacert.pem' => $this->make_hook('cacert', AUTH_PUBLIC),
- 'changelog' => $this->make_hook('changelog', AUTH_PUBLIC),
+ 'index' => $this->make_hook('index', AUTH_PUBLIC),
+ 'cacert.pem' => $this->make_hook('cacert', AUTH_PUBLIC),
+ 'changelog' => $this->make_hook('changelog', AUTH_PUBLIC),
// Preferences thingies
- 'prefs' => $this->make_hook('prefs', AUTH_COOKIE),
- 'prefs/rss' => $this->make_hook('prefs_rss', AUTH_COOKIE),
- 'prefs/webredirect'
- => $this->make_hook('webredir', AUTH_MDP),
- 'prefs/skin' => $this->make_hook('skin', AUTH_COOKIE),
+ 'prefs' => $this->make_hook('prefs', AUTH_COOKIE),
+ 'prefs/rss' => $this->make_hook('prefs_rss', AUTH_COOKIE),
+ 'prefs/webredirect' => $this->make_hook('webredir', AUTH_MDP),
+ 'prefs/skin' => $this->make_hook('skin', AUTH_COOKIE),
// password related thingies
- 'password' => $this->make_hook('password', AUTH_MDP),
- 'tmpPWD' => $this->make_hook('tmpPWD', AUTH_PUBLIC),
- 'password/smtp' => $this->make_hook('smtppass', AUTH_MDP),
- 'recovery' => $this->make_hook('recovery', AUTH_PUBLIC),
- 'exit' => $this->make_hook('exit', AUTH_PUBLIC),
- 'review' => $this->make_hook('review', AUTH_PUBLIC),
- 'deconnexion.php' => $this->make_hook('exit', AUTH_PUBLIC),
+ 'password' => $this->make_hook('password', AUTH_MDP),
+ 'tmpPWD' => $this->make_hook('tmpPWD', AUTH_PUBLIC),
+ 'password/smtp' => $this->make_hook('smtppass', AUTH_MDP),
+ 'recovery' => $this->make_hook('recovery', AUTH_PUBLIC),
+ 'exit' => $this->make_hook('exit', AUTH_PUBLIC),
+ 'review' => $this->make_hook('review', AUTH_PUBLIC),
+ 'deconnexion.php' => $this->make_hook('exit', AUTH_PUBLIC),
);
}
function handler_index(&$page)
{
+ // Include X-XRDS-Location response-header for Yadis discovery
+ global $globals;
+ header('X-XRDS-Location: ' . $globals->baseurl . '/openid/xrds');
+
+ // Redirect to the suitable page
if (S::logged()) {
pl_redirect('events');
} else if (!@$GLOBALS['IS_XNET_SITE']) {
function handler_cacert(&$page)
{
- $data = file_get_contents("/etc/ssl/xorgCA/cacert.pem","r");
- header("Pragma:");
- header("Set-Cookie:");
- header("Cache-Control:");
- header("Expires:");
- header("Content-Type: application/x-x509-ca-cert");
- header("Content-Length: ".strlen($data));
- echo $data;
+ pl_cached_content_headers("application/x-x509-ca-cert");
+ readfile("/etc/ssl/xorgCA/cacert.pem");
exit;
}
$page->changeTpl('platal/changeLog.tpl');
$clog = pl_entities(file_get_contents(dirname(__FILE__).'/../ChangeLog'));
- $clog = preg_replace('/=+\s*/', '</pre><hr /><pre>', $clog);
+ $clog = preg_replace('/===+\s*/', '</pre><hr /><pre>', $clog);
// url catch only (not all wiki syntax)
$clog = preg_replace(array(
'/((?:https?|ftp):\/\/(?:\.*,*[\w@~%$£µ&i#\-+=_\/\?;])*)/ui',
if (Post::has('rss')) {
$this->__set_rss_state(Post::b('rss'));
}
+
+ # FIXME: this code is not multi-domain compatible. We should decide how
+ # carva will extend to users not in the main domain.
+ $res = XDB::query("SELECT alias
+ FROM aliases
+ WHERE id = {?} AND FIND_IN_SET('bestalias', flags)",
+ S::user()->id());
+ $page->assign('bestalias', $res->fetchOneCell());
}
function handler_webredir(&$page)
WHERE user_id = {?}',
S::v('uid'));
$page->assign('carva', $res->fetchOneCell());
+
+ # FIXME: this code is not multi-domain compatible. We should decide how
+ # carva will extend to users not in the main domain.
+ $res = XDB::query("SELECT alias
+ FROM aliases
+ WHERE id = {?} AND FIND_IN_SET('bestalias', flags)",
+ S::user()->id());
+ $page->assign('bestalias', $res->fetchOneCell());
}
function handler_prefs_rss(&$page)
// updates the Google Apps password as well.
if ($globals->mailstorage->googleapps_domain) {
require_once 'googleapps.inc.php';
- $account = new GoogleAppsAccount(S::v('uid'), S::v('forlife'));
+ $account = new GoogleAppsAccount(S::user());
if ($account->active() && $account->sync_password) {
$account->set_password($password);
}
}
- $log =& S::v('log');
- S::logger()->log('passwd', '');
-
- if (Cookie::v('ORGaccess')) {
- setcookie('ORGaccess', hash_encrypt($password), (time()+25920000), '/', '' ,0);
- }
+ S::logger()->log('passwd');
+ Platal::session()->setAccessCookie(true);
$page->changeTpl('platal/motdepasse.success.tpl');
$page->run();
if ($res->numRows()) {
$mails = $res->fetchOneCell();
} else {
- $res = XDB::query('SELECT email
+ $user = User::getSilent($uid);
+ $mails = $user->bestEmail();
+ $res = XDB::query("SELECT email
FROM emails
- WHERE uid = {?} AND NOT FIND_IN_SET("filter", flags)', $uid);
- $mails = implode(', ', $res->fetchColumn());
+ WHERE uid = {?} AND NOT FIND_IN_SET('filter', flags)
+ AND NOT FIND_IN_SET('active', flags)",
+ $uid);
+ if ($res->numRows() > 0) {
+ $mails .= ', ' . implode(', ', $res->fetchColumn());
+ }
}
$mymail = new PlMailer();
$mymail->setFrom('"Gestion des mots de passe" <support+password@' . $globals->mail->domain . '>');
--
Polytechnique.org
-\"Le portail des élèves & anciens élèves de l'Ecole polytechnique\"
+\"Le portail des élèves & anciens élèves de l'École polytechnique\"
Email envoyé à ".Env::v('login') . (Post::has('email') ? "
Adresse de secours : " . Post::v('email') : ""));
$mymail->send();
// on cree un objet logger et on log l'evenement
- $logger = $_SESSION['log'] = new PlLogger($uid);
- S::logger()->log('recovery', $mails);
+ S::logger($uid)->log('recovery', $mails);
} else {
$page->trigError('Les informations que tu as rentrées ne permettent pas de récupérer ton mot de passe.<br />'.
'Si tu as un homonyme, utilise prenom.nom.promo comme login');
// updates the Google Apps password as well.
if ($globals->mailstorage->googleapps_domain) {
require_once 'googleapps.inc.php';
- $account = new GoogleAppsAccount($uid);
+ $account = new GoogleAppsAccount(User::getSilent($uid));
if ($account->active() && $account->sync_password) {
$account->set_password($password);
}
}
- $logger = new PlLogger($uid);
- S::logger()->log("passwd","");
+ S::logger($uid)->log("passwd", "");
$page->changeTpl('platal/tmpPWD.success.tpl');
} else {
$page->changeTpl('platal/motdepasse.tpl');
function handler_exit(&$page, $level = null)
{
if (S::has('suid')) {
- $a4l = S::v('forlife');
$suid = S::v('suid');
$log = S::v('log');
- S::logger()->log("suid_stop", S::v('forlife') . " by " . $suid['forlife']);
+ S::logger()->log("suid_stop", S::user()->login() . " by " . $suid['hruid']);
Platal::session()->stopSUID();
- pl_redirect('admin/user/' . $a4l);
+ pl_redirect('admin/user/' . S::user()->login());
}
if ($level == 'forget' || $level == 'forgetall') {
- setcookie('ORGaccess', '', time() - 3600, '/', '', 0);
- Cookie::kill('ORGaccess');
- if (isset($_SESSION['log']))
- S::logger()->log("cookie_off");
+ Platal::session()->killAccessCookie();
}
if ($level == 'forgetuid' || $level == 'forgetall') {
- setcookie('ORGuid', '', time() - 3600, '/', '', 0);
- Cookie::kill('ORGuid');
- setcookie('ORGdomain', '', time() - 3600, '/', '', 0);
- Cookie::kill('ORGdomain');
+ Platal::session()->killLoginFormCookies();
}
- if (isset($_SESSION['log'])) {
- $ref = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
- S::logger()->log('deconnexion',$ref);
+ if (S::logged()) {
+ S::logger()->log('deconnexion', @$_SERVER['HTTP_REFERER']);
+ Platal::session()->destroy();
}
- Platal::session()->destroy();
if (Get::has('redirect')) {
http_redirect(rawurldecode(Get::v('redirect')));
function handler_review(&$page, $action = null, $mode = null)
{
+ // Include X-XRDS-Location response-header for Yadis discovery
+ global $globals;
+ header('X-XRDS-Location: ' . $globals->baseurl . '/openid/xrds');
+
$this->load('review.inc.php');
$dom = 'Review';
if (@$GLOBALS['IS_XNET_SITE']) {