X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fauth.php;h=ca07e3229fd1ebeb617eabb3285b211c33ed4e4e;hb=032b244ed3fd10b934697f2636fc9a4574822408;hp=28463d6654782ce36192d8f6eabdddde29e31d92;hpb=7c5842f36aef50ec20bb16cc383027192652626d;p=platal.git

diff --git a/modules/auth.php b/modules/auth.php
index 28463d6..ca07e32 100644
--- a/modules/auth.php
+++ b/modules/auth.php
@@ -1,6 +1,6 @@
 <?php
 /***************************************************************************
- *  Copyright (C) 2003-2006 Polytechnique.org                              *
+ *  Copyright (C) 2003-2008 Polytechnique.org                              *
  *  http://opensource.polytechnique.org/                                   *
  *                                                                         *
  *  This program is free software; you can redistribute it and/or modify   *
@@ -27,13 +27,14 @@ class AuthModule extends PLModule
             'groupex/donne-chall.php'
                                 => $this->make_hook('chall',      AUTH_PUBLIC),
             'groupex/export-econfiance.php'
-                                => $this->make_hook('econf',      AUTH_PUBLIC),
+                                => $this->make_hook('econf',      AUTH_PUBLIC, 'user', NO_HTTPS),
 
             'webservices/manageurs.php'
-                                => $this->make_hook('manageurs',  AUTH_PUBLIC),
+                                => $this->make_hook('manageurs',  AUTH_PUBLIC, 'user', NO_HTTPS),
 
             'auth-redirect.php' => $this->make_hook('redirect',   AUTH_COOKIE),
-            'auth-groupex.php'  => $this->make_hook('groupex',    AUTH_COOKIE),
+            'auth-groupex.php'  => $this->make_hook('groupex_old',    AUTH_COOKIE),
+            'auth-groupex'      => $this->make_hook('groupex',    AUTH_COOKIE),
             'admin/auth-groupes-x'         => $this->make_hook('admin_authgroupesx', AUTH_MDP, 'admin'),
         );
     }
@@ -78,7 +79,7 @@ class AuthModule extends PLModule
                       WHERE  $where
                    ORDER BY  nom");
 
-            $res = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n\n<membres>\n\n";
+            $res = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n\n<membres>\n\n";
 
             while (list ($prenom1,$nom1,$email1) = $all->next()) {
                     $res .= "<membre>\n";
@@ -90,7 +91,7 @@ class AuthModule extends PLModule
 
             $res .= "</membres>\n\n";
 
-			header('Content-Type: text/xml; charset="ISO-8859-1"');
+            header('Content-Type: text/xml; charset="UTF-8"');
             echo $res;
         }
         exit;
@@ -109,7 +110,7 @@ class AuthModule extends PLModule
             xmlrpc_server_register_method($server, 'get_annuaire_infos', 'get_annuaire_infos');
             xmlrpc_server_register_method($server, 'get_nouveau_infos', 'get_nouveau_infos');
 
-            $request  = $GLOBALS['HTTP_RAW_POST_DATA'];
+            $request  = @$GLOBALS['HTTP_RAW_POST_DATA'];
             $response = xmlrpc_server_call_method($server, $request, null);
             header('Content-Type: text/xml');
             print $response;
@@ -124,9 +125,15 @@ class AuthModule extends PLModule
         http_redirect(Env::v('dest', '/'));
     }
 
-    function handler_groupex(&$page)
+    function handler_groupex_old(&$page)
+    {
+        return $this->handler_groupex($page, 'iso-8859-1');
+    }
+
+    function handler_groupex(&$page, $charset = 'utf8')
     {
         require_once dirname(__FILE__).'/auth/auth.inc.php';
+        $page->assign('referer', true);
 
         $gpex_pass = $_GET["pass"];
         $gpex_url  = urldecode($_GET["url"]);
@@ -137,11 +144,13 @@ class AuthModule extends PLModule
         }
 
         /* a-t-on besoin d'ajouter le http:// ? */
-        if (!preg_match("/^(http|https):\/\/.*/",$gpex_url))
+        if (!preg_match("/^(http|https):\/\/.*/",$gpex_url)) {
             $gpex_url = "http://$gpex_url";
+        }
         $gpex_challenge = $_GET["challenge"];
 
-        // mise à jour de l'heure et de la machine de dernier login sauf quand on est en suid
+        // mise à jour de l'heure et de la machine de dernier login sauf quand on est en suid
+        $uid = S::i('uid');
         if (!isset($_SESSION['suid'])) {
             $logger = (isset($_SESSION['log']) && $_SESSION['log']->uid == $uid)
                             ? $_SESSION['log'] : new CoreLogger($uid);
@@ -150,27 +159,30 @@ class AuthModule extends PLModule
         }
 
         /* on parcourt les entrees de groupes_auth */
-        $res = XDB::iterRow('select privkey,name,datafields from groupesx_auth');
+        $res = XDB::iterRow('SELECT privkey, name, datafields FROM groupesx_auth');
 
         while (list($privkey,$name,$datafields) = $res->next()) {
             if (md5($gpex_challenge.$privkey) == $gpex_pass) {
-                $returl = $gpex_url.gpex_make_params($gpex_challenge,$privkey,$datafields);
+                $returl = $gpex_url . gpex_make_params($gpex_challenge, $privkey, $datafields, $charset);
                 http_redirect($returl);
             }
         }
 
-        /* si on n'a pas trouvé, on renvoit sur x.org */
+        /* si on n'a pas trouvé, on renvoit sur x.org */
         http_redirect('https://www.polytechnique.org/');
     }
-    function handler_admin_authgroupesx(&$page, $action = 'list', $id = null) {
+
+    function handler_admin_authgroupesx(&$page, $action = 'list', $id = null)
+    {
         $page->assign('xorg_title','Polytechnique.org - Administration - Auth groupes X');
-        $page->assign('title', 'Gestion de l\'authentification centralisée');
+        $page->assign('title', 'Gestion de l\'authentification centralisée');
         $table_editor = new PLTableEditor('admin/auth-groupes-x','groupesx_auth','id');
         $table_editor->describe('name','nom',true);
-        $table_editor->describe('privkey','clé privée',false);
-        $table_editor->describe('datafields','champs renvoyés',true);
+        $table_editor->describe('privkey','clé privée',false);
+        $table_editor->describe('datafields','champs renvoyés',true);
         $table_editor->apply($page, $action, $id);
-    }  
+    }
 }
 
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
 ?>