X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fxorgsession.php;h=f7573377379b6f2fb8e6d1869c06d4b0bd5f572d;hb=5b2c99878fc75a6acffb2239e284f2cb1782142c;hp=61490d1ea42c1808c81910804d5c898b33dbda4f;hpb=384712208a260ae1b5b7e90ac95f0df84ffbe8af;p=platal.git diff --git a/classes/xorgsession.php b/classes/xorgsession.php index 61490d1..f757337 100644 --- a/classes/xorgsession.php +++ b/classes/xorgsession.php @@ -1,6 +1,6 @@ tryCookie(); - if ($cookie == 0) { - return $this->start(AUTH_COOKIE); - } else if ($cookie == 1 || $cookie == -2) { + switch ($this->tryCookie()) { + case self::COOKIE_SUCCESS: + if (!$this->start(AUTH_COOKIE)) { + return false; + } + break; + + case self::INVALID_USER: + case self::INVALID_COOKIE: return false; } } @@ -48,7 +58,7 @@ class XorgSession extends PlSession { S::kill('auth_by_cookie'); if (Cookie::v('access') == '' || !Cookie::has('uid')) { - return -1; + return self::NO_COOKIE; } $res = XDB::query('SELECT uid, password @@ -57,15 +67,14 @@ class XorgSession extends PlSession Cookie::i('uid')); if ($res->numRows() != 0) { list($uid, $password) = $res->fetchOneRow(); - $expected_value = sha1($password); - if ($expected_value == Cookie::v('access')) { + if (sha1($password) == Cookie::v('access')) { S::set('auth_by_cookie', $uid); - return 0; + return self::COOKIE_SUCCESS; } else { - return 1; + return self::INVALID_COOKIE; } } - return -2; + return self::INVALID_USER; } private function checkPassword($uname, $login, $response, $login_type) @@ -185,10 +194,10 @@ class XorgSession extends PlSession /** TODO: Move needed informations to account tables */ /** TODO: Currently suppressed data are matricule, promo */ /** TODO: Use the User object to fetch all this */ - $res = XDB::query("SELECT a.uid, a.hruid, a.display_name, a.full_name, a.password, + $res = XDB::query("SELECT a.uid, a.hruid, a.display_name, a.full_name, a.sex = 'female' AS femme, a.email_format, a.token, FIND_IN_SET('watch', a.flags) AS watch_account, - UNIX_TIMESTAMP(fp.last_seen) AS banana_last, w.last AS watch_last, + UNIX_TIMESTAMP(fp.last_seen) AS banana_last, UNIX_TIMESTAMP(w.last) AS watch_last, a.last_version, g.g_account_name IS NOT NULL AS googleapps, UNIX_TIMESTAMP(s.start) AS lastlogin, s.host, a.is_admin, at.perms @@ -233,6 +242,21 @@ class XorgSession extends PlSession return true; } + /** Start a session without authentication data for the given user. + * This is used to identify the user after his registration, to be + * removed after rewriting registration procedure. + * XXX: Temporary + */ + public function startWeakSession($user) + { + if (!$this->startSessionAs($user, AUTH_MDP)) { + $this->destroy(); + return false; + } + S::set('auth', AUTH_MDP); + return true; + } + private function securityChecks() { $mail_subject = array(); @@ -298,15 +322,16 @@ class XorgSession extends PlSession public function updateNbNotifs() { require_once 'notifs.inc.php'; - $n = select_notifs(false, S::i('uid'), S::v('watch_last'), false); - S::set('notifs', $n->numRows()); + $user = S::user(); + $n = Watch::getCount($user); + S::set('notifs', $n); } public function setAccessCookie($replace = false, $log = true) { if (S::suid() || ($replace && !Cookie::blank('access'))) { return; } - Cookie::set('access', sha1(S::v('password')), 300, true); + Cookie::set('access', sha1(S::user()->password()), 300, true); if ($log) { S::logger()->log('cookie_on'); }