X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fplatal.php;h=6a5c8b6a2e3c17b8f5890d9ecf99bb7eb8a0bbc2;hb=6f58e0613a47d9eeb5004c992e6c59b7cf9ec0ea;hp=1d5c46697f1f669d3b50ec1a68e06ed0c0139de7;hpb=47fa97fed308292ab5e7bed6f870b39f55747aa8;p=platal.git diff --git a/classes/platal.php b/classes/platal.php index 1d5c466..6a5c8b6 100644 --- a/classes/platal.php +++ b/classes/platal.php @@ -1,6 +1,6 @@ init(); $sessionclass = PL_SESSION_CLASS; $session = new $sessionclass(); if (!$session->startAvailableAuth()) { - Platal::page()->trigError('Données d\'authentification invalide.'); + Platal::page()->trigError("Données d'authentification invalides."); } $modules = func_get_args(); - if (is_array($modules[0])) { + if (isset($modules[0]) && is_array($modules[0])) { $modules = $modules[0]; } $this->path = trim(Get::_get('n', null), '/'); @@ -61,7 +62,7 @@ class Platal foreach ($modules as $module) { $module = strtolower($module); $this->__mods[$module] = $m = PLModule::factory($module); - $this->__hooks += $m->handlers(); + $this->__hooks = $m->handlers() + $this->__hooks; } if ($globals->mode == '') { @@ -249,7 +250,7 @@ class Platal return PL_NOT_FOUND; } global $globals, $session; - if ($this->https && !$_SERVER['HTTPS'] && $globals->core->secure_domain) { + if ($this->https && !@$_SERVER['HTTPS'] && $globals->core->secure_domain) { http_redirect('https://' . $globals->core->secure_domain . $_SERVER['REQUEST_URI']); } @@ -266,13 +267,15 @@ class Platal } } if ($hook['auth'] != AUTH_PUBLIC && !$this->check_perms($hook['perms'])) { - return PL_FORBIDDEN; + if (self::notAllowed()) { + return PL_FORBIDDEN; + } } $val = call_user_func_array($hook['hook'], $args); if ($val == PL_DO_AUTH) { // The handler need a better auth with the current args - if (!$session->start($hook['auth'])) { + if (!$session->start($session->loggedLevel())) { $this->force_login($page); } $val = call_user_func_array($hook['hook'], $args); @@ -280,19 +283,9 @@ class Platal return $val; } - public function force_login(PlPage &$page) - { - header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden'); - if (S::logged()) { - $page->changeTpl('core/password_prompt_logged.tpl'); - $page->addJsLink('do_challenge_response_logged.js'); - } else { - $page->changeTpl('core/password_prompt.tpl'); - $page->addJsLink('do_challenge_response.js'); - } - $page->assign('platal', $this); - $page->run(); - } + /** Show the authentication form. + */ + abstract public function force_login(PlPage& $page); public function run() { @@ -317,23 +310,58 @@ class Platal $page->run(); } - public function on_subscribe($forlife, $uid, $promo, $pass) + public function error403() { - $args = func_get_args(); - foreach ($this->__mods as $mod) { - if (!is_callable($mod, 'on_subscribe')) - continue; - call_user_func_array(array($mod, 'on_subscribe'), $args); + $page =& self::page(); + + $this->__mods['core']->handler_403($page); + $page->assign('platal', $this); + $page->run(); + } + + public function error404() + { + $page =& self::page(); + + $this->__mods['core']->handler_404($page); + $page->assign('platal', $this); + $page->run(); + } + + public static function notAllowed() + { + if (S::admin()) { + self::page()->trigWarning('Tu accèdes à cette page car tu es administrateur du site.'); + return false; + } else { + return true; + } + } + + public static function load($modname, $include = null) + { + global $platal; + $modname = strtolower($modname); + if (isset($platal->__mods[$modname])) { + if (is_null($include)) { + return; + } + $platal->__mods[$modname]->load($include); + } else { + if (is_null($include)) { + require_once PLModule::path($modname) . '.php'; + } else { + require_once PLModule::path($modname) . '/' . $include; + } } } static public function &page() { - global $platal, $page; + global $platal; if (is_null(self::$_page)) { $pageclass = PL_PAGE_CLASS; - $page = new $pageclass(); - self::$_page =& $page; + self::$_page = new $pageclass(); } return self::$_page; }