X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;ds=sidebyside;f=modules%2Fauth.php;h=88a1e9d1d5ce61b7fbfa1baf974c8819ad3015df;hb=bc7620106fd1c99496a06efaabb46330f9576153;hp=dadf0a4bd445fc06f358f0fc64c0a2df3e7851b9;hpb=eb41eda94f6b91fbff6600e23a226e994ce1d7ef;p=platal.git diff --git a/modules/auth.php b/modules/auth.php index dadf0a4..88a1e9d 100644 --- a/modules/auth.php +++ b/modules/auth.php @@ -1,6 +1,6 @@ \n\n\n\n"; - if (S::v('chall') && $_GET['PASS'] == md5(S::v('chall').$cle)) { + if (S::v('chall') && Get::s('PASS') == md5(S::v('chall').$cle)) { $list = new MMList(User::getWithUID(10154), "x-econfiance.polytechnique.org"); $members = $list->get_members('membres'); if (is_array($members)) { @@ -76,7 +76,7 @@ class AuthModule extends PLModule exit; } - function handler_manageurs(&$page) + function handler_manageurs($page) { global $globals; @@ -99,17 +99,17 @@ class AuthModule extends PLModule exit; } - function handler_redirect(&$page) + function handler_redirect($page) { http_redirect(Env::v('dest', '/')); } - function handler_groupex_old(&$page) + function handler_groupex_old($page) { return $this->handler_groupex($page, 'iso-8859-1'); } - function handler_groupex(&$page, $charset = 'utf8') + function handler_groupex($page, $charset = 'utf8') { $this->load('auth.inc.php'); $page->assign('referer', true); @@ -132,7 +132,7 @@ class AuthModule extends PLModule $uid = S::i('uid'); if (!S::suid()) { global $platal; - S::logger($uid)->log('connexion_auth_ext', $platal->path); + S::logger($uid)->log('connexion_auth_ext', $platal->path.' '.urldecode($_GET['url'])); } // Iterate over the auth token to find which one did sign the request. @@ -145,6 +145,10 @@ class AuthModule extends PLModule // the user to the real GroupeX website, which defeats the attack). if (empty($returnurls) || @preg_match($returnurls, $gpex_url)) { $returl = $gpex_url . gpex_make_params($gpex_challenge, $privkey, $datafields, $charset); + XDB::execute('UPDATE group_auth + SET last_used = DATE(NOW()) + WHERE name = {?}', + $name); http_redirect($returl); } else if (S::admin()) { $page->kill("La requête d'authentification a échouée (url de retour invalide)."); @@ -157,7 +161,7 @@ class AuthModule extends PLModule pl_redirect('/'); } - function handler_admin_authgroupesx(&$page, $action = 'list', $id = null) + function handler_admin_authgroupesx($page, $action = 'list', $id = null) { $page->setTitle('Administration - Auth groupes X'); $page->assign('title', 'Gestion de l\'authentification centralisée'); @@ -166,6 +170,7 @@ class AuthModule extends PLModule $table_editor->describe('privkey','clé privée',false); $table_editor->describe('datafields','champs renvoyés',true); $table_editor->describe('returnurls','urls de retour',true); + $table_editor->describe('last_used', 'dernière utilisation', true); $table_editor->apply($page, $action, $id); } }