X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fplatal.php;h=866d7c28f0c0d2f363122a09a61e4841e2a18b82;hb=47595f9a4a4f4ee903e6ac02d64b9b5b5b6bf191;hp=f766817d9d84497507b9ccec2c12d01b7167d6b6;hpb=5777e7fc2bb449626888ed48a842c6012131061d;p=platal.git diff --git a/classes/platal.php b/classes/platal.php index f766817..866d7c2 100644 --- a/classes/platal.php +++ b/classes/platal.php @@ -1,6 +1,6 @@ init(); + $sessionclass = PL_SESSION_CLASS; + $session = new $sessionclass(); + if (!$session->startAvailableAuth()) { + Platal::page()->trigError("Données d'authentification invalides."); + } + $modules = func_get_args(); + if (isset($modules[0]) && is_array($modules[0])) { + $modules = $modules[0]; + } $this->path = trim(Get::_get('n', null), '/'); $this->__mods = array(); @@ -42,12 +60,17 @@ class Platal array_unshift($modules, 'core'); foreach ($modules as $module) { + $module = strtolower($module); $this->__mods[$module] = $m = PLModule::factory($module); - $this->__hooks += $m->handlers(); + $this->__hooks = $m->handlers() + $this->__hooks; + } + + if ($globals->mode == '') { + pl_redirect('index.html'); } } - function pl_self($n = null) + public function pl_self($n = null) { if (is_null($n)) return $this->path; @@ -61,7 +84,7 @@ class Platal return join('/', array_slice($this->argv, 0, $n)); } - function find_hook() + protected function find_hook() { $p = $this->path; @@ -82,13 +105,14 @@ class Platal return null; } + $this->https = ($hook['type'] & NO_HTTPS) ? false : true; $this->argv = explode('/', substr($this->path, strlen($p))); $this->argv[0] = $p; return $hook; } - function find_nearest_key($key, &$array) + protected function find_nearest_key($key, array &$array) { $keys = array_keys($array); if (in_array($key, $keys)) { @@ -109,24 +133,27 @@ class Platal continue; } $lev = levenshtein($key, $k); - if ((!isset($val) || $lev < $val) && $lev <= (strlen($k)*2)/3) { + + if ((!isset($val) || $lev < $val) + && ($lev <= strlen($k)/2 || strpos($k, $key) !== false || strpos($key, $k) !== false)) { $val = $lev; $best = $k; } } if (!isset($best) && $has_end) { return "#final#"; - } else { + } else if (isset($best)) { return $best; } return null; } - function near_hook() + public function near_hook() { $hooks = array(); + $leafs = array(); foreach ($this->__hooks as $hook=>$handler) { - if (!empty($handler['perms']) && $handler['perms'] != S::v('perms')) { + if (!$this->check_perms($handler['perms'])) { continue; } $parts = split('/', $hook); @@ -135,11 +162,20 @@ class Platal if (!isset($place[$part])) { $place[$part] = array(); } - $place =& $place[$part]; + $place =& $place[$part]; + } + $leaf = $parts[count($parts)-1]; + if (!isset($leafs[$leaf])) { + $leafs[$leaf] = $hook; + } else if (is_array($leafs[$leaf])) { + $leafs[$leaf][] = $hook; + } else { + $leafs[$leaf] = array($hook, $leafs[$leaf]); } $place["#final#"] = array(); } + // search for the nearest full path $p = split('/', $this->path); $place =& $hooks; $link = ''; @@ -151,7 +187,8 @@ class Platal } if ($key == "#final#") { if (!array_key_exists($link, $this->__hooks)) { - return null; + $link = ''; + break; } $key = $k; $ended = true; @@ -163,45 +200,82 @@ class Platal $link .= $key; $place =& $place[$key]; } else { - return null; + $link = ''; + break; } } - if ($link != $this->path) { + if ($link == $this->path) { + $link = ''; + } + if ($link && levenshtein($link, $this->path) < strlen($link)/3) { return $link; } - return null; + + // search for missing namespace (the given name is a leaf) + $leaf = array_shift($p); + $args = count($p) ? '/' . implode('/', $p) : ''; + if (isset($leafs[$leaf]) && !is_array($leafs[$leaf]) && $leafs[$leaf] != $this->path) { + return $leafs[$leaf] . $args; + } + unset($val); + $best = null; + foreach ($leafs as $k=>&$path) { + if (is_array($path)) { + continue; + } + $lev = levenshtein($leaf, $k); + + if ((!isset($val) || $lev < $val) + && ($lev <= strlen($k)/2 || strpos($k, $leaf) !== false || strpos($leaf, $k) !== false)) { + $val = $lev; + $best = $path; + } + } + return $best == null ? ( $link ? $link : null ) : $best . $args; + } + + protected function check_perms($perms) + { + if (!$perms) { // No perms, no check + return true; + } + $s_perms = S::v('perms'); + return $s_perms->hasFlagCombination($perms); } - function call_hook(&$page) + private function call_hook(PlPage &$page) { $hook = $this->find_hook(); if (empty($hook)) { return PL_NOT_FOUND; } + global $globals, $session; + if ($this->https && !@$_SERVER['HTTPS'] && $globals->core->secure_domain) { + http_redirect('https://' . $globals->core->secure_domain . $_SERVER['REQUEST_URI']); + } - $args = $this->argv; - $args[0] = &$page; + $args = $this->argv; + $args[0] =& $page; if ($hook['auth'] > S::v('auth', AUTH_PUBLIC)) { - if ($hook['type'] == DO_AUTH) { - global $globals; - - if (!call_user_func(array($globals->session, 'doAuth'))) { + if ($hook['type'] & DO_AUTH) { + if (!$session->start($hook['auth'])) { $this->force_login($page); } } else { return PL_FORBIDDEN; } } - - if (!empty($hook['perms']) && $hook['perms'] != S::v('perms')) { - return PL_FORBIDDEN; + if ($hook['auth'] != AUTH_PUBLIC && !$this->check_perms($hook['perms'])) { + if (self::notAllowed()) { + return PL_FORBIDDEN; + } } $val = call_user_func_array($hook['hook'], $args); if ($val == PL_DO_AUTH) { // The handler need a better auth with the current args - if (!call_user_func(array($globals->session, 'doAuth'))) { + if (!$session->start($session->loggedLevel())) { $this->force_login($page); } $val = call_user_func_array($hook['hook'], $args); @@ -209,23 +283,13 @@ class Platal return $val; } - function force_login(&$page) - { - if (S::logged()) { - $page->changeTpl('core/password_prompt_logged.tpl'); - $page->addJsLink('do_challenge_response_logged.js'); - } else { - $page->changeTpl('core/password_prompt.tpl'); - $page->addJsLink('do_challenge_response.js'); - } - $page->run(); - } + /** Show the authentication form. + */ + abstract public function force_login(PlPage& $page); - function run() + public function run() { - global $page; - - new_skinned_page('platal/index.tpl'); + $page =& self::page(); if (empty($this->path)) { $this->path = 'index'; @@ -246,15 +310,74 @@ class Platal $page->run(); } - function on_subscribe($forlife, $uid, $promo, $pass) + public function error403() { - $args = func_get_args(); - foreach ($this->__mods as $mod) { - if (!is_callable($mod, 'on_subscribe')) - continue; - call_user_func_array(array($mod, 'on_subscribe'), $args); + $page =& self::page(); + + $this->__mods['core']->handler_403($page); + $page->assign('platal', $this); + $page->run(); + } + + public function error404() + { + $page =& self::page(); + + $this->__mods['core']->handler_404($page); + $page->assign('platal', $this); + $page->run(); + } + + public static function notAllowed() + { + if (S::admin()) { + self::page()->trigWarning('Tu accèdes à cette page car tu es administrateur du site.'); + return false; + } else { + return true; } } + + public static function load($modname, $include = null) + { + global $platal; + $modname = strtolower($modname); + if (isset($platal->__mods[$modname])) { + if (is_null($include)) { + return; + } + $platal->__mods[$modname]->load($include); + } else { + if (is_null($include)) { + require_once PLModule::path($modname) . '.php'; + } else { + require_once PLModule::path($modname) . '/' . $include; + } + } + } + + static public function &page() + { + global $platal; + if (is_null(self::$_page)) { + $pageclass = PL_PAGE_CLASS; + self::$_page = new $pageclass(); + } + return self::$_page; + } + + static public function &session() + { + global $session; + return $session; + } + + static public function &globals() + { + global $globals; + return $globals; + } } +// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: ?>