X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=include%2Fxorg%2Fsession.inc.php;h=3e368e43b9a636091d84ec93bfe41786148b85ef;hb=7674ad0547292059134711708eb3068150f47054;hp=96695644b838cb6e661df5b7577eefff728e90a7;hpb=0be07aa610451e9c9e6f45425cae68eac31dbd7e;p=platal.git diff --git a/include/xorg/session.inc.php b/include/xorg/session.inc.php index 9669564..3e368e4 100644 --- a/include/xorg/session.inc.php +++ b/include/xorg/session.inc.php @@ -25,7 +25,7 @@ class XorgSession { // {{{ public static function init - public static function init() + public static function init() { S::init(); if (!S::has('uid')) { @@ -158,6 +158,7 @@ class XorgSession * @param page the calling page (by reference) */ public static function doAuthCookie() + { if (S::logged()) { return true; @@ -175,6 +176,22 @@ class XorgSession } // }}} + // {{{ public static function make_perms() + + public static function &make_perms($perm) + { + $flags = new FlagSet(); + if ($perm == 'disabled' || $perm == 'ext') { + return $flags; + } + $flags->addFlag(PERMS_USER); + if ($perm == 'admin') { + $flags->addFlag(PERMS_ADMIN); + } + return $flags; + } + + // }}} } // {{{ function try_cookie() @@ -222,26 +239,31 @@ function try_cookie() function start_connexion ($uid, $identified) { $res = XDB::query(" - SELECT u.user_id AS uid, prenom, nom, perms, promo, matricule, password, FIND_IN_SET('femme', u.flags) AS femme, - UNIX_TIMESTAMP(s.start) AS lastlogin, s.host, a.alias AS forlife, a2.alias AS bestalias, + SELECT u.user_id AS uid, prenom, prenom_ini, nom, nom_ini, nom_usage, perms, promo, promo_sortie, + matricule, password, FIND_IN_SET('femme', u.flags) AS femme, + a.alias AS forlife, a2.alias AS bestalias, q.core_mail_fmt AS mail_fmt, UNIX_TIMESTAMP(q.banana_last) AS banana_last, q.watch_last, q.core_rss_hash, - FIND_IN_SET('watch', u.flags) AS watch_account + FIND_IN_SET('watch', u.flags) AS watch_account, q.last_version FROM auth_user_md5 AS u INNER JOIN auth_user_quick AS q USING(user_id) INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type='a_vie') INNER JOIN aliases AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias',a2.flags)) - LEFT JOIN logger.sessions AS s ON (s.uid=u.user_id AND s.suid=0) - WHERE u.user_id = {?} AND u.perms IN('admin','user') - ORDER BY s.start DESC - LIMIT 1", $uid); + WHERE u.user_id = {?} AND u.perms IN('admin','user')", $uid); $sess = $res->fetchOneAssoc(); + $res = XDB::query("SELECT UNIX_TIMESTAMP(s.start) AS lastlogin, s.host + FROM logger.sessions AS s + WHERE s.uid = {?} AND s.suid = 0 + ORDER BY s.start DESC + LIMIT 1", $uid); + if ($res->numRows()) { + $sess = array_merge($sess, $res->fetchOneAssoc()); + } $suid = S::v('suid'); if ($suid) { - $logger = new CoreLogger($uid, $suid); + $logger = new CoreLogger($uid, $suid['uid']); $logger->log("suid_start", S::v('forlife')." by {$suid['uid']}"); $sess['suid'] = $suid; - $sess['perms'] = $_SESSION['perms']; } else { $logger = S::v('log', new CoreLogger($uid)); $logger->log("connexion", Env::v('n')); @@ -251,6 +273,7 @@ function start_connexion ($uid, $identified) $_SESSION = array_merge($_SESSION, $sess); $_SESSION['log'] = $logger; $_SESSION['auth'] = ($identified ? AUTH_MDP : AUTH_COOKIE); + $_SESSION['perms'] =& XorgSession::make_perms($_SESSION['perms']); $mail_subject = null; if (check_account()) { $mail_subject = "Connexion d'un utilisateur surveillé"; @@ -260,13 +283,23 @@ function start_connexion ($uid, $identified) $mail_subject .= ' - '; } $mail_subject .= "Une IP surveillee a tente de se connecter"; - send_warning_mail($mail_subject); if (check_ip('ban')) { + send_warning_mail($mail_subject); $_SESSION = array(); + $_SESSION['perms'] = new FlagSet(); global $page; + $newpage = false; + if (!$page) { + require_once 'xorg.inc.php'; + new_skinned_page('platal/index.tpl'); + $newpage = true; + } $page->trig("Une erreur est survenue lors de la procédure d'authentification. " ."Merci de contacter au plus vite " ."support@polytechnique.org"); + if ($newpage) { + $page->run(); + } return false; } }