X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fxorgsession.php;h=449f544e02c779c689525154b56f68ebe6ffb234;hb=a415be4f1460f3702f9c07667caae34b7489d429;hp=c9ac0b7e49a81f5909b08b2ab6b5894537f3cd90;hpb=edc5509597a4a1710d603831517958b526fd4751;p=platal.git diff --git a/classes/xorgsession.php b/classes/xorgsession.php index c9ac0b7..449f544 100644 --- a/classes/xorgsession.php +++ b/classes/xorgsession.php @@ -47,19 +47,19 @@ class XorgSession extends PlSession private function tryCookie() { S::kill('auth_by_cookie'); - if (Cookie::v('ORGaccess') == '' || !Cookie::has('ORGuid')) { + if (Cookie::v('access') == '' || !Cookie::has('uid')) { return -1; } $res = XDB::query('SELECT user_id, password FROM auth_user_md5 WHERE user_id = {?} AND perms IN(\'admin\', \'user\')', - Cookie::i('ORGuid')); + Cookie::i('uid')); if ($res->numRows() != 0) { list($uid, $password) = $res->fetchOneRow(); require_once 'secure_hash.inc.php'; $expected_value = hash_encrypt($password); - if ($expected_value == Cookie::v('ORGaccess')) { + if ($expected_value == Cookie::v('access')) { S::set('auth_by_cookie', $uid); return 0; } else { @@ -102,11 +102,17 @@ class XorgSession extends PlSession } } if ($response != $expected_response) { + if (!S::logged()) { + Platal::page()->trigError('Mot de passe ou nom d\'utilisateur invalide'); + } else { + Platal::page()->trigError('Mot de passe invalide'); + } S::logger($uid)->log('auth_fail', 'bad password'); return null; } return $uid; } + Platal::page()->trigError('Mot de passe ou nom d\'utilisateur invalide'); return null; } @@ -176,12 +182,10 @@ class XorgSession extends PlSession if (!S::has('suid')) { if (Post::has('domain')) { if (($domain = Post::v('domain', 'login')) == 'alias') { - setcookie('ORGdomain', "alias", (time() + 25920000), '/', '', 0); + Cookie::set('domain', 'alias', 300); } else { - setcookie('ORGdomain', '', (time() - 3600), '/', '', 0); + Cookie::kill('domain'); } - // pour que la modification soit effective dans le reste de la page - $_COOKIE['ORGdomain'] = $domain; } } S::kill('challenge'); @@ -199,7 +203,6 @@ class XorgSession extends PlSession } if ($level == AUTH_SUID) { S::set('auth', AUTH_MDP); - unset($_SESSION['log']); } // Retrieves main user properties. @@ -229,17 +232,12 @@ class XorgSession extends PlSession } else { $logger = S::logger($uid); $logger->saveLastSession(); - setcookie('ORGuid', $uid, (time() + 25920000), '/', '', 0); + Cookie::set('uid', $uid, 300); if (S::i('auth_by_cookie') == $uid || Post::v('remember', 'false') == 'true') { - $cookie = hash_encrypt($sess['password']); - setcookie('ORGaccess', $cookie, (time() + 25920000), '/', '', 0); - if (S::i('auth_by_cookie') != $uid) { - $logger->log("cookie_on"); - } + $this->setAccessCookie(false, S::i('auth_by_cookie') != $uid); } else { - setcookie('ORGaccess', '', time() - 3600, '/', '', 0); - $logger->log("cookie_off"); + $this->killAccessCookie(); } } @@ -306,7 +304,7 @@ class XorgSession extends PlSession return null; } - public function makePerms($perm) + protected function makePerms($perm, $is_admin) { $flags = new PlFlagSet(); if ($perm == 'disabled' || $perm == 'ext') { @@ -349,6 +347,29 @@ class XorgSession extends PlSession $n = select_notifs(false, S::i('uid'), S::v('watch_last'), false); S::set('notifs', $n->numRows()); } + + public function setAccessCookie($replace = false, $log = true) { + if (S::has('suid') || ($replace && !Cookie::blank('access'))) { + return; + } + require_once('secure_hash.inc.php'); + Cookie::set('access', hash_encrypt(S::v('password')), 300, true); + if ($log) { + S::logger()->log('cookie_on'); + } + } + + public function killAccessCookie($log = true) { + Cookie::kill('access'); + if ($log) { + S::logger()->log('cookie_off'); + } + } + + public function killLoginFormCookies() { + Cookie::kill('uid'); + Cookie::kill('domain'); + } } // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: