X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=include%2Fxorg%2Fsession.inc.php;h=b3f66bfe6324c6c3a92b9c4c012325da931e8193;hb=113f6de8c1546c1d1caf6e6b48f5e10ea85fd211;hp=a5383b32ceffb31b5d2c0d427766445ea898cc2b;hpb=6ce5dee4a8ab767a1a8606eee566d1ae94441275;p=platal.git

diff --git a/include/xorg/session.inc.php b/include/xorg/session.inc.php
index a5383b3..b3f66bf 100644
--- a/include/xorg/session.inc.php
+++ b/include/xorg/session.inc.php
@@ -1,6 +1,6 @@
 <?php
 /***************************************************************************
- *  Copyright (C) 2003-2007 Polytechnique.org                              *
+ *  Copyright (C) 2003-2008 Polytechnique.org                              *
  *  http://opensource.polytechnique.org/                                   *
  *                                                                         *
  *  This program is free software; you can redistribute it and/or modify   *
@@ -25,7 +25,7 @@ class XorgSession
 {
     // {{{ public static function init
 
-    public static function init() 
+    public static function init()
     {
         S::init();
         if (!S::has('uid')) {
@@ -158,6 +158,7 @@ class XorgSession
      * @param page the calling page (by reference)
      */
     public static function doAuthCookie()
+
     {
         if (S::logged()) {
             return true;
@@ -175,6 +176,22 @@ class XorgSession
     }
 
     // }}}
+    // {{{ public static function make_perms()
+
+    public static function &make_perms($perm)
+    {
+        $flags = new PlFlagSet();
+        if ($perm == 'disabled' || $perm == 'ext') {
+            return $flags;
+        }
+        $flags->addFlag(PERMS_USER);
+        if ($perm == 'admin') {
+            $flags->addFlag(PERMS_ADMIN);
+        }
+        return $flags;
+    }
+
+    // }}}
 }
 
 // {{{ function try_cookie()
@@ -222,28 +239,33 @@ function try_cookie()
 function start_connexion ($uid, $identified)
 {
     $res  = XDB::query("
-    SELECT  u.user_id AS uid, prenom, nom, perms, promo, matricule, password, FIND_IN_SET('femme', u.flags) AS femme,
-                UNIX_TIMESTAMP(s.start) AS lastlogin, s.host, a.alias AS forlife, a2.alias AS bestalias,
+        SELECT  u.user_id AS uid, prenom, prenom_ini, nom, nom_ini, nom_usage, perms, promo, promo_sortie,
+                matricule, password, FIND_IN_SET('femme', u.flags) AS femme,
+                a.alias AS forlife, a2.alias AS bestalias,
                 q.core_mail_fmt AS mail_fmt, UNIX_TIMESTAMP(q.banana_last) AS banana_last, q.watch_last, q.core_rss_hash,
                 FIND_IN_SET('watch', u.flags) AS watch_account, q.last_version
           FROM  auth_user_md5   AS u
     INNER JOIN  auth_user_quick AS q  USING(user_id)
     INNER JOIN  aliases         AS a  ON (u.user_id = a.id AND a.type='a_vie')
     INNER JOIN  aliases         AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias',a2.flags))
-     LEFT JOIN  logger.sessions AS s  ON (s.uid=u.user_id AND s.suid=0)
-         WHERE  u.user_id = {?} AND u.perms IN('admin','user')
-      ORDER BY  s.start DESC
-         LIMIT  1", $uid);
+         WHERE  u.user_id = {?} AND u.perms IN('admin','user')", $uid);
     $sess = $res->fetchOneAssoc();
+    $res = XDB::query("SELECT  UNIX_TIMESTAMP(s.start) AS lastlogin, s.host
+                         FROM  logger.sessions AS s
+                        WHERE  s.uid = {?} AND s.suid = 0
+                     ORDER BY  s.start DESC
+                        LIMIT  1", $uid);
+    if ($res->numRows()) {
+        $sess = array_merge($sess, $res->fetchOneAssoc());
+    }
     $suid = S::v('suid');
 
     if ($suid) {
-        $logger = new CoreLogger($uid, $suid);
+        $logger = new PlLogger($uid, $suid['uid']);
         $logger->log("suid_start", S::v('forlife')." by {$suid['uid']}");
         $sess['suid'] = $suid;
-        $sess['perms'] = $_SESSION['perms'];
     } else {
-        $logger = S::v('log', new CoreLogger($uid));
+        $logger = S::v('log', new PlLogger($uid));
         $logger->log("connexion", Env::v('n'));
         setcookie('ORGuid', $uid, (time()+25920000), '/', '', 0);
     }
@@ -251,6 +273,7 @@ function start_connexion ($uid, $identified)
     $_SESSION         = array_merge($_SESSION, $sess);
     $_SESSION['log']  = $logger;
     $_SESSION['auth'] = ($identified ? AUTH_MDP : AUTH_COOKIE);
+    $_SESSION['perms'] =& XorgSession::make_perms($_SESSION['perms']);
     $mail_subject = null;
     if (check_account()) {
         $mail_subject = "Connexion d'un utilisateur surveillé";
@@ -260,13 +283,23 @@ function start_connexion ($uid, $identified)
             $mail_subject .= ' - ';
         }
         $mail_subject .= "Une IP surveillee a tente de se connecter";
-        send_warning_mail($mail_subject);
         if (check_ip('ban')) {
+            send_warning_mail($mail_subject);
             $_SESSION = array();
+            $_SESSION['perms'] = new PlFlagSet();
             global $page;
-            $page->trig("Une erreur est survenue lors de la procédure d'authentification. "
+            $newpage = false;
+            if (!$page) {
+                require_once 'xorg.inc.php';
+                new_skinned_page('platal/index.tpl');
+                $newpage = true;
+            }
+            $page->trigError("Une erreur est survenue lors de la procédure d'authentification. "
                        ."Merci de contacter au plus vite "
                        ."<a href='mailto:support@polytechnique.org'>support@polytechnique.org</a>");
+            if ($newpage) {
+                $page->run();
+            }
             return false;
         }
     }
@@ -274,6 +307,7 @@ function start_connexion ($uid, $identified)
         send_warning_mail($mail_subject);
     }
     set_skin();
+    update_NbNotifs();
     check_redirect();
     return true;
 }
@@ -283,13 +317,13 @@ function start_connexion ($uid, $identified)
 function set_skin()
 {
     global $globals;
-    if (S::logged() && !S::has('skin')) {
+    if (S::logged() && (!S::has('skin') || S::has('suid'))) {
         $uid = S::v('uid');
-    $res = XDB::query("SELECT  skin_tpl
-                             FROM  auth_user_quick AS a
-                       INNER JOIN  skins           AS s ON a.skin = s.id
-                            WHERE  user_id = {?} AND skin_tpl != ''", $uid);
-    if ($_SESSION['skin'] = $res->fetchOneCell()) {
+        $res = XDB::query("SELECT  skin_tpl
+                          FROM  auth_user_quick AS a
+                          INNER JOIN  skins           AS s ON a.skin = s.id
+                          WHERE  user_id = {?} AND skin_tpl != ''", $uid);
+        if ($_SESSION['skin'] = $res->fetchOneCell()) {
             return;
         }
     }