X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=include%2Fxnet%2Fsession.inc.php;h=92c189ab81bfb908efdfa0dc20b312a01ccff9bb;hb=8907f26377348b0f6f454abb2cebf363ea9cc8dd;hp=e894f9b066c5f031d8fe75bda6d2cf12dc5346b1;hpb=0337d704b62718d7c77106c0e4c4e26fb02beacf;p=platal.git diff --git a/include/xnet/session.inc.php b/include/xnet/session.inc.php index e894f9b..92c189a 100644 --- a/include/xnet/session.inc.php +++ b/include/xnet/session.inc.php @@ -1,6 +1,6 @@ DiogenesCoreSession(); - } - - // }}} - // {{{ function init - - function init() { global $globals; - @session_start(); - if (!Session::has('session')) { - $_SESSION['session'] = new XnetSession; - } - if (!logged()) { + S::init(); + + if (!S::logged()) { // prevent connexion to be linked to deconnexion - if (($i = strpos($_SERVER['REQUEST_URI'], 'deconnexion.php')) !== false) + if (($i = strpos($_SERVER['REQUEST_URI'], 'exit')) !== false) $returl = "http://{$_SERVER['SERVER_NAME']}".substr($_SERVER['REQUEST_URI'], 0, $i); else $returl = "http://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}"; - $url = "https://www.polytechnique.org/auth-groupex.php"; + $url = "https://www.polytechnique.org/auth-groupex"; $url .= "?session=" . session_id(); - $url .= "&challenge=" . $_SESSION['session']->challenge; - $url .= "&pass=" . md5($_SESSION['session']->challenge . $globals->xnet->secret); + $url .= "&challenge=" . S::v('challenge'); + $url .= "&pass=" . md5(S::v('challenge') . $globals->xnet->secret); $url .= "&url=".urlencode($returl); - $_SESSION['session']->loginX = $url; + $_SESSION['loginX'] = $url; + } + + if (S::logged() && $globals->asso()) { + $perms = S::v('perms'); + $perms->rmFlag('groupadmin'); + $perms->rmFlag('groupmember'); + $perms->rmFlag('groupannu'); + if (may_update()) { + $perms->addFlag('groupadmin'); + $perms->addFlag('groupmember'); + $perms->addFlag('groupannu'); + } + if (is_member()) { + $perms->addFlag('groupmember'); + if ($globals->asso('pub') != 'private') { + $perms->addFlag('groupannu'); + } + } + if ($globals->asso('cat') == 'Promotions') { + $perms->addFlag('groupannu'); + } + $_SESSION['perms'] = $perms; } } - + // }}} - // {{{ function destroy() - - function destroy() { - @session_destroy(); - unset($_SESSION); + // {{{ public static function destroy() + + public static function destroy() { + S::destroy(); XnetSession::init(); } - + // }}} - // {{{ function doAuth() + // {{{ public static function doAuth() /** Try to do an authentication. * * @param page the calling page (by reference) */ - function doAuth(&$page) + public static function doAuth() { - global $globals; - if (identified()) { // ok, c'est bon, on n'a rien à faire - return true; - } + if (S::identified()) { // ok, c'est bon, on n'a rien à faire + return true; + } if (Get::has('auth')) { - return $this->doAuthX($page); - } elseif (Post::has('challenge') && Post::has('username') && Post::has('response')) { - return $this->doAuthOther($page); - } else { - $this->doLogin($page); + return XnetSession::doAuthX(); } + + return false; } // }}} - // {{{ doAuthX + // {{{ doAuthCookie - function doAuthX(&$page) { - global $globals; + public static function doAuthCookie() { + return XnetSession::doAuth(); + } - if (md5('1'.$this->challenge.$globals->xnet->secret.Get::getInt('uid').'1') != Get::get('auth')) { + // }}} + // {{{ doAuthX + + public static function doAuthX() + { + global $globals, $page; + + if (md5('1'.S::v('challenge').$globals->xnet->secret.Get::i('uid').'1') != Get::v('auth')) { + Get::kill('auth'); + if (!$page) { + require_once 'xnet.inc.php'; + new_skinned_page('platal/index.tpl'); + } $page->kill("Erreur d'authentification avec polytechnique.org !"); } - $res = $globals->xdb->query(" + $res = XDB::query(" SELECT u.user_id AS uid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme, a.alias AS forlife, a2.alias AS bestalias, q.core_mail_fmt AS mail_fmt, q.core_rss_hash FROM auth_user_md5 AS u @@ -107,70 +125,123 @@ class XnetSession extends DiogenesCoreSession INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type='a_vie') INNER JOIN aliases AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias',a2.flags)) WHERE u.user_id = {?} AND u.perms IN('admin','user') - LIMIT 1", Get::getInt('uid')); + LIMIT 1", Get::i('uid')); $_SESSION = array_merge($_SESSION, $res->fetchOneAssoc()); $_SESSION['auth'] = AUTH_MDP; - unset($this->challenge); - unset($this->loginX); + require_once 'xorg/session.inc.php'; + $_SESSION['perms'] =& XorgSession::make_perms(S::v('perms')); + S::kill('challenge'); + S::kill('loginX'); + S::kill('may_update'); + S::kill('is_member'); Get::kill('auth'); Get::kill('uid'); + $path = Get::v('n'); + Get::kill('n'); + Get::kill('PHPSESSID'); + $args = array(); - foreach($_GET as $key=>$val) { + foreach($_GET as $key => $val) { $args[] = urlencode($key).'='.urlencode($val); } - header('Location: '.$_SERVER['PHP_SELF'] . '?' . join('&', $args)); + + http_redirect($globals->baseurl . '/' . $path, join('&', $args)); } // }}} - // {{{ doAuthOther + // {{{ doSelfSuid - function doAuthOther(&$page) { - if (Post::has('challenge') && Post::has('username') && Post::has('response')) { - $username = Post::get('username'); + public static function doSelfSuid() + { + if (!S::has('suid')) { + $_SESSION['suid'] = $_SESSION; } - $this->doLogin($page); + require_once 'xorg/session.inc.php'; + $_SESSION['perms'] =& XorgSession::make_perms('user'); } // }}} - // {{{ doLogin + // {{{ killSuid - function doLogin(&$page) { - $page->addJsLink('javascript/md5.js'); - $page->addJsLink('javascript/do_challenge_response.js'); - $page->assign("xorg_tpl", "xnet/login.tpl"); - $page->run(); + public static function killSuid() + { + if (!S::has('suid')) { + return; + } + $suid = S::v('suid'); + S::kill('suid'); + S::kill('may_update'); + S::kill('is_member'); + $_SESSION['perms'] = $suid['perms']; } // }}} } // }}} -// {{{ may_update +// {{{ function may_update + +/** Return administration rights for the current asso + * @param force Force administration rights to be read from database + * @param lose Force administration rights to be false + */ +function may_update($force = false, $lose = false) +{ + if (!isset($_SESSION['may_update'])) { + $_SESSION['may_update'] = array(); + } + $may_update =& $_SESSION['may_update']; -function may_update() { global $globals; - if (!$globals->asso('id')) { return false; } - if (has_perms()) { return true; } - $res = $globals->xdb->query( - "SELECT perms - FROM groupex.membres - WHERE uid={?} AND asso_id={?}", Session::getInt('uid'), $globals->asso('id')); - return $res->fetchOneCell() == 'admin'; + $asso_id = $globals->asso('id'); + if (!$asso_id) { + return false; + } elseif ($lose) { + $may_update[$asso_id] = false; + } elseif (S::has_perms() || (S::has('suid') && $force)) { + $may_update[$asso_id] = true; + } elseif (!isset($may_update[$asso_id]) || $force) { + $res = XDB::query("SELECT perms + FROM groupex.membres + WHERE uid={?} AND asso_id={?}", + S::v('uid'), $asso_id); + $may_update[$asso_id] = ($res->fetchOneCell() == 'admin'); + } + return $may_update[$asso_id]; } // }}} -// {{{ is_member +// {{{ function is_member + +/** Get membership informations for the current asso + * @param force Force membership to be read from database + * @param lose Force membership to be false + */ +function is_member($force = false, $lose = false) +{ + if (!isset($_SESSION['is_member'])) { + $_SESSION['is_member'] = array(); + } + $is_member =& $_SESSION['is_member']; -function is_member() { global $globals; - if (!$globals->asso('id')) { return false; } - $res = $globals->xdb->query( - "SELECT COUNT(*) - FROM groupex.membres - WHERE uid={?} AND asso_id={?}", Session::getInt('uid'), $globals->asso('id')); - return $res->fetchOneCell() == 1; + $asso_id = $globals->asso('id'); + if (!$asso_id) { + return false; + } elseif ($lose) { + $is_member[$asso_id] = false; + } elseif (S::has('suid') && $force) { + $is_member[$asso_id] = true; + } elseif (!isset($is_member[$asso_id]) || $force) { + $res = XDB::query("SELECT COUNT(*) + FROM groupex.membres + WHERE uid={?} AND asso_id={?}", + S::v('uid'), $asso_id); + $is_member[$asso_id] = ($res->fetchOneCell() == 1); + } + return $is_member[$asso_id]; } // }}} -// vim:set et sw=4 sts=4 sws=4 foldmethod=marker: +// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: ?>