'plan' => $this->make_hook('plan', AUTH_PUBLIC),
'photo' => $this->make_hook('photo', AUTH_MDP),
'autologin' => $this->make_hook('autologin', AUTH_MDP),
+ 'login/ext' => $this->make_hook('login_ext', AUTH_PUBLIC),
+ 'register/ext' => $this->make_hook('register_ext', AUTH_PUBLIC),
'edit' => $this->make_hook('edit', AUTH_MDP, 'user'),
+ 'password' => $this->make_hook('password', AUTH_MDP, 'user'),
'Xnet' => $this->make_wiki_hook(),
);
exit;
}
- function handler_edit(&$page)
+ function handler_login_ext($page)
+ {
+ if (!S::logged()) {
+ $page->changeTpl('xnet/login.tpl');
+ } else {
+ pl_redirect('');
+ }
+ }
+
+ function handler_register_ext($page, $hash = null)
+ {
+ XDB::execute('DELETE FROM register_pending_xnet
+ WHERE DATE_SUB(NOW(), INTERVAL 1 MONTH) > date');
+ $res = XDB::fetchOneAssoc('SELECT uid, hruid
+ FROM register_pending_xnet
+ WHERE hash = {?}',
+ $hash);
+
+ if (is_null($hash) || is_null($res)) {
+ $page->trigErrorRedirect('Cette adresse n\'existe pas ou n\'existe plus sur le serveur.', '');
+ }
+
+ if (Post::has('pwhash') && Post::t('pwhash')) {
+ XDB::query('UPDATE accounts
+ SET password = {?}, state = \'active\'
+ WHERE uid = {?} AND state = \'pending\' AND type = \'xnet\'',
+ Post::t('pwhash'), $res['uid']);
+ XDB::query('DELETE FROM register_pending_xnet
+ WHERE uid = {?}',
+ $res['uid']);
+
+ S::logger($res['uid'])->log('passwd', '');
+
+ // Try to start a session (so the user don't have to log in); we will use
+ // the password available in Post:: to authenticate the user.
+ Post::kill('wait');
+ Platal::session()->startAvailableAuth();
+
+ $page->changeTpl('xnet/register.success.tpl');
+ $page->assign('hruid', $res['hruid']);
+ } else {
+ $page->changeTpl('platal/password.tpl');
+ $page->assign('xnet', true);
+ $page->assign('hruid', $res['hruid']);
+ $page->assign('do_auth', true);
+ }
+ }
+
+ function handler_edit($page)
{
global $globals;
if (Post::has('change')) {
S::assert_xsrf_token();
- if ($user->groupCount() == 0 && Post::t('delete') == 'OUI') {
- XDB::execute('DELETE FROM accounts
- WHERE uid = {?}',
- $user->id());
- pl_redirect('index');
- }
-
// Convert user status to X
if (!Post::blank('login_X')) {
$forlife = $this->changeLogin($page, $user, Post::t('login_X'));
WHERE uid = {?}',
Post::t('full_name'), Post::t('directory_name'), Post::t('display_name'),
(Post::t('sex') == 'male') ? 'male' : 'female', Post::t('email'), $user->id());
- // If user is of type xnet and new password is given.
- if (!Post::blank('pwhash')) {
- XDB::query('UPDATE accounts
- SET password = {?}
- WHERE uid = {?}',
- Post::t('pwhash'), $user->id());
- }
if (XDB::affectedRows()) {
+ $user = User::getWithUID($user->id());
+ S::set('user', $user);
$page->trigSuccess('Données mises à jour.');
}
}
$page->addJsLink('password.js');
$page->assign('user', $user);
}
+
+ function handler_password ($page)
+ {
+ if (Post::has('pwhash') && Post::t('pwhash')) {
+ S::assert_xsrf_token();
+
+ S::set('password', $password = Post::t('pwhash'));
+ XDB::execute('UPDATE accounts
+ SET password = {?}
+ WHERE uid={?}', $password,
+ S::i('uid'));
+ S::logger()->log('passwd');
+ Platal::session()->setAccessCookie(true);
+ $page->changeTpl('platal/password.success.tpl');
+ $page->run();
+ }
+
+ $page->changeTpl('platal/password.tpl');
+ $page->assign('xnet_reset', true);
+ $page->assign('do_auth', false);
+ }
}
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
projects / platal.git / blobdiff