X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fxnetsession.php;h=bf87156a452f8ff9a4b33ea038baf4c56dd44e39;hb=bf0e2a48bcd7b971d1afb6ce60bdd7a95b34000a;hp=6f44dbdfff79b49c122f58905f80fa5dfa45ff65;hpb=866bd5351ad9e3dd9e5603d078fd19825487d976;p=platal.git

diff --git a/classes/xnetsession.php b/classes/xnetsession.php
index 6f44dbd..bf87156 100644
--- a/classes/xnetsession.php
+++ b/classes/xnetsession.php
@@ -1,6 +1,6 @@
 <?php
 /***************************************************************************
- *  Copyright (C) 2003-2008 Polytechnique.org                              *
+ *  Copyright (C) 2003-2010 Polytechnique.org                              *
  *  http://opensource.polytechnique.org/                                   *
  *                                                                         *
  *  This program is free software; you can redistribute it and/or modify   *
@@ -76,7 +76,7 @@ class XnetSession extends XorgSession
     protected function doAuth($level)
     {
         if (S::identified()) { // ok, c'est bon, on n'a rien à faire
-            return S::i('uid');
+            return User::getSilentWithValues(null, array('user_id' => S::i('uid')));
         }
         if (!Get::has('auth')) {
             return null;
@@ -87,25 +87,25 @@ class XnetSession extends XorgSession
         }
         Get::kill('auth');
         S::set('auth', AUTH_MDP);
-        return Get::i('uid');
+        return User::getSilentWithValues(null, array('user_id' => Get::i('uid')));
     }
 
     protected function startSessionAs($user, $level)
     {
-        if ($level == -1) {
+        if ($level == AUTH_SUID) {
             S::set('auth', AUTH_MDP);
         }
-        $res  = XDB::query("SELECT  u.user_id AS uid, u.hruid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme,
-                                    q.core_mail_fmt AS mail_fmt, q.core_rss_hash
-                              FROM  auth_user_md5   AS u
-                        INNER JOIN  auth_user_quick AS q  USING(user_id)
-                             WHERE  u.user_id = {?} AND u.perms IN('admin', 'user')
-                             LIMIT  1", $user);
+        $res  = XDB::query("SELECT  a.uid, a.hruid, a.display_name, a.full_name,
+                                    a.sex = 'female' AS femme,
+                                    a.email_format, a.token,
+                                    at.perms, a.is_admin
+                              FROM  accounts AS a
+                        INNER JOIN  account_types AS at ON (at.type = a.type)
+                             WHERE  a.uid = {?} AND a.state = 'active'
+                             LIMIT  1", $user->id());
         $sess = $res->fetchOneAssoc();
-        $perms = $sess['perms'];
-        unset($sess['perms']);
         $_SESSION = array_merge($_SESSION, $sess);
-        S::set('perms', User::makePerms($perms));
+        $this->makePerms(S::s('perms'), S::b('is_admin'));
         S::kill('challenge');
         S::kill('loginX');
         S::kill('may_update');
@@ -166,7 +166,7 @@ function may_update($force = false, $lose = false)
         $may_update[$asso_id] = true;
     } elseif (!isset($may_update[$asso_id]) || $force) {
         $res = XDB::query("SELECT  perms
-                             FROM  groupex.membres
+                             FROM  group_members
                             WHERE  uid={?} AND asso_id={?}",
                           S::v('uid'), $asso_id);
         $may_update[$asso_id] = ($res->fetchOneCell() == 'admin');
@@ -198,7 +198,7 @@ function is_member($force = false, $lose = false)
         $is_member[$asso_id] = true;
     } elseif (!isset($is_member[$asso_id]) || $force) {
         $res = XDB::query("SELECT  COUNT(*)
-                             FROM  groupex.membres
+                             FROM  group_members
                             WHERE  uid={?} AND asso_id={?}",
                 S::v('uid'), $asso_id);
         $is_member[$asso_id] = ($res->fetchOneCell() == 1);