X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fauth.php;h=f535a8b4f11174d172e6eda9a276c169d5caec9c;hb=48ad52ee05f372465c9cab21492be3212ae96736;hp=4b218543ec9fef8998032552344198effd97f611;hpb=2b921a8064ea14cd554f03e5f561eb98e79a9246;p=platal.git diff --git a/modules/auth.php b/modules/auth.php index 4b21854..f535a8b 100644 --- a/modules/auth.php +++ b/modules/auth.php @@ -1,6 +1,6 @@ load('auth.inc.php'); $page->assign('referer', true); $gpex_pass = $_GET["pass"]; @@ -152,19 +152,20 @@ class AuthModule extends PLModule // mise à jour de l'heure et de la machine de dernier login sauf quand on est en suid $uid = S::i('uid'); if (!isset($_SESSION['suid'])) { - $logger = (isset($_SESSION['log']) && $_SESSION['log']->uid == $uid) - ? $_SESSION['log'] : new PlLogger($uid); global $platal; - S::logger()->log('connexion_auth_ext', $platal->path); + S::logger(uid)->log('connexion_auth_ext', $platal->path); } /* on parcourt les entrees de groupes_auth */ - $res = XDB::iterRow('SELECT privkey, name, datafields FROM groupesx_auth'); + $res = XDB::iterRow('SELECT privkey, name, datafields, returnurls FROM groupesx_auth'); - while (list($privkey,$name,$datafields) = $res->next()) { + while (list($privkey,$name,$datafields,$returnurls) = $res->next()) { if (md5($gpex_challenge.$privkey) == $gpex_pass) { - $returl = $gpex_url . gpex_make_params($gpex_challenge, $privkey, $datafields, $charset); - http_redirect($returl); + $returnurls = trim($returnurls); + if (empty($returnurls) || @preg_match($returnurls, $gpex_url)) { + $returl = $gpex_url . gpex_make_params($gpex_challenge, $privkey, $datafields, $charset); + http_redirect($returl); + } } } @@ -180,6 +181,7 @@ class AuthModule extends PLModule $table_editor->describe('name','nom',true); $table_editor->describe('privkey','clé privée',false); $table_editor->describe('datafields','champs renvoyés',true); + $table_editor->describe('returnurls','urls de retour',true); $table_editor->apply($page, $action, $id); } }