X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=htdocs%2Fauth-groupex.php;h=84144eaa7e2fa3fabee0ca489ee752c82876af03;hb=b62f88580b5d5a12e804094ddc46033b62a8dbff;hp=4c785982a8dd110e7d0e62f8fa5bcc9f128fbcf3;hpb=0337d704b62718d7c77106c0e4c4e26fb02beacf;p=platal.git

diff --git a/htdocs/auth-groupex.php b/htdocs/auth-groupex.php
index 4c78598..84144ea 100644
--- a/htdocs/auth-groupex.php
+++ b/htdocs/auth-groupex.php
@@ -1,6 +1,6 @@
 <?php
 /***************************************************************************
- *  Copyright (C) 2003-2004 Polytechnique.org                              *
+ *  Copyright (C) 2003-2006 Polytechnique.org                              *
  *  http://opensource.polytechnique.org/                                   *
  *                                                                         *
  *  This program is free software; you can redistribute it and/or modify   *
@@ -43,14 +43,19 @@ if (!isset($_SESSION['suid'])) {
 /* cree le champs "auth" renvoye au Groupe X */
 function gpex_make_auth($chlg, $privkey, $datafields) {
     global $globals;
-    $fieldarr = split(",",$datafields);
+    $fieldarr = explode(",",$datafields);
     $tohash   = "1$chlg$privkey";
 
+    $res = $globals->xdb->query("SELECT matricule,matricule_ax,promo,promo_sortie,flags,deces,nom,prenom,nationalite,section,naissance FROM auth_user_md5 WHERE user_id = {?}", Session::getInt('uid'));
+    $personnal_data = $res->fetchOneAssoc();
+    
     while (list(,$val) = each($fieldarr)) {
         /* on verifie qu'on n'a pas demandé une
            variable inexistante ! */
         if (isset($_SESSION[$val])) {
             $tohash .= $_SESSION[$val];
+        } else if (isset($personnal_data[$val])) {
+            $tohash .= $personnal_data[$val];
         } else if ($val == 'username') {
             $res = $globals->xdb->query("SELECT alias FROM aliases WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", Session::getInt('uid'));
             $min_username = $res->fetchOneCell();
@@ -65,10 +70,16 @@ function gpex_make_auth($chlg, $privkey, $datafields) {
 function gpex_make_params($chlg, $privkey, $datafields) {
     global $globals;
     $params   = "&auth=".gpex_make_auth($chlg, $privkey, $datafields);
-    $fieldarr = split(",",$datafields);
+    
+    $res = $globals->xdb->query("SELECT matricule,matricule_ax,promo,promo_sortie,flags,deces,nom,prenom,nationalite,section,naissance FROM auth_user_md5 WHERE user_id = {?}", Session::getInt('uid'));
+    $personnal_data = $res->fetchOneAssoc();
+    
+    $fieldarr = explode(",",$datafields);
     while (list(,$val) = each($fieldarr)) {
         if (isset($_SESSION[$val])) {
             $params .= "&$val=".$_SESSION[$val];
+        } else if (isset($personnal_data[$val])) {
+            $params .= "&$val=".$personnal_data[$val];
         } else if ($val == 'username') {
             $res = $globals->xdb->query("SELECT alias FROM aliases WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", Session::getInt('uid'));
             $min_username = $res->fetchOneCell();
@@ -84,13 +95,11 @@ $res = $globals->xdb->iterRow('select privkey,name,datafields from groupesx_auth
 while (list($privkey,$name,$datafields) = $res->next()) {
     if (md5($gpex_challenge.$privkey) == $gpex_pass) {
         $returl = $gpex_url.gpex_make_params($gpex_challenge,$privkey,$datafields);
-        header("Location:$returl");
-        exit(0);
+        redirect($returl);
     }
 }
 
 /* si on n'a pas trouvé, on renvoit sur x.org */
-header("Location:https://www.polytechnique.org/");
-exit(0);
+redirect('https://www.polytechnique.org/');
 
 ?>