X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fplatal.php;h=2ad93172685ba87f142fe22476825c0ddc23a2df;hb=9483a7c7e923556fcafbe5154910dcc53a8e3d5a;hp=f123ba75a096c67657139624a436a0778ea52c12;hpb=2f8bacc215bab9d9e3401e73004574cfb0eb4540;p=platal.git diff --git a/modules/platal.php b/modules/platal.php index f123ba7..2ad9317 100644 --- a/modules/platal.php +++ b/modules/platal.php @@ -1,6 +1,6 @@ $this->make_hook('index', AUTH_PUBLIC), - 'cacert.pem' => $this->make_hook('cacert', AUTH_PUBLIC), - 'changelog' => $this->make_hook('changelog', AUTH_PUBLIC), + 'index' => $this->make_hook('index', AUTH_PUBLIC), + 'cacert.pem' => $this->make_hook('cacert', AUTH_PUBLIC), + 'changelog' => $this->make_hook('changelog', AUTH_PUBLIC), // Preferences thingies - 'prefs' => $this->make_hook('prefs', AUTH_COOKIE), - 'prefs/rss' => $this->make_hook('prefs_rss', AUTH_COOKIE), - 'prefs/webredirect' - => $this->make_hook('webredir', AUTH_MDP), - 'prefs/skin' => $this->make_hook('skin', AUTH_COOKIE), + 'prefs' => $this->make_hook('prefs', AUTH_COOKIE), + 'prefs/rss' => $this->make_hook('prefs_rss', AUTH_COOKIE), + 'prefs/webredirect' => $this->make_hook('webredir', AUTH_MDP), + 'prefs/skin' => $this->make_hook('skin', AUTH_COOKIE), // password related thingies - 'password' => $this->make_hook('password', AUTH_MDP), - 'tmpPWD' => $this->make_hook('tmpPWD', AUTH_PUBLIC), - 'password/smtp' => $this->make_hook('smtppass', AUTH_MDP), - 'recovery' => $this->make_hook('recovery', AUTH_PUBLIC), - 'exit' => $this->make_hook('exit', AUTH_PUBLIC), - 'review' => $this->make_hook('review', AUTH_PUBLIC), - 'deconnexion.php' => $this->make_hook('exit', AUTH_PUBLIC), + 'password' => $this->make_hook('password', AUTH_MDP), + 'tmpPWD' => $this->make_hook('tmpPWD', AUTH_PUBLIC), + 'password/smtp' => $this->make_hook('smtppass', AUTH_MDP), + 'recovery' => $this->make_hook('recovery', AUTH_PUBLIC), + 'exit' => $this->make_hook('exit', AUTH_PUBLIC), + 'review' => $this->make_hook('review', AUTH_PUBLIC), + 'deconnexion.php' => $this->make_hook('exit', AUTH_PUBLIC), ); } @@ -64,7 +63,7 @@ class PlatalModule extends PLModule { // Include X-XRDS-Location response-header for Yadis discovery global $globals; - header('X-XRDS-Location: ' . $globals->baseurl . '/openid/idp_xrds'); + header('X-XRDS-Location: ' . $globals->baseurl . '/openid/xrds'); // Redirect to the suitable page if (S::logged()) { @@ -76,14 +75,8 @@ class PlatalModule extends PLModule function handler_cacert(&$page) { - $data = file_get_contents("/etc/ssl/xorgCA/cacert.pem","r"); - header("Pragma:"); - header("Set-Cookie:"); - header("Cache-Control:"); - header("Expires:"); - header("Content-Type: application/x-x509-ca-cert"); - header("Content-Length: ".strlen($data)); - echo $data; + pl_cached_content_headers("application/x-x509-ca-cert"); + readfile("/etc/ssl/xorgCA/cacert.pem"); exit; } @@ -139,10 +132,7 @@ class PlatalModule extends PLModule if (Post::has('email_format')) { $fmt = Post::s('email_format'); - XDB::execute("UPDATE accounts - SET email_format = {?} - WHERE uid = {?}", - $fmt, S::v('uid')); + S::user()->setEmailFormat($fmt); S::set('email_format', $fmt); } @@ -154,7 +144,7 @@ class PlatalModule extends PLModule # carva will extend to users not in the main domain. $res = XDB::query("SELECT alias FROM aliases - WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", + WHERE uid = {?} AND FIND_IN_SET('bestalias', flags)", S::user()->id()); $page->assign('bestalias', $res->fetchOneCell()); } @@ -192,7 +182,7 @@ class PlatalModule extends PLModule # carva will extend to users not in the main domain. $res = XDB::query("SELECT alias FROM aliases - WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", + WHERE uid = {?} AND FIND_IN_SET('bestalias', flags)", S::user()->id()); $page->assign('bestalias', $res->fetchOneCell()); } @@ -325,7 +315,7 @@ class PlatalModule extends PLModule $page->assign('ok', true); $url = rand_url_id(); - XDB::execute('INSERT INTO perte_pass (certificat,uid,created) + XDB::execute('INSERT INTO account_lost_passwords (certificat,uid,created) VALUES ({?},{?},NOW())', $url, $user->id()); $res = XDB::query('SELECT email FROM emails @@ -334,15 +324,15 @@ class PlatalModule extends PLModule if ($res->numRows()) { $mails = $res->fetchOneCell(); } else { - $res = XDB::query('SELECT email + $res = XDB::query("SELECT email FROM emails - WHERE uid = {?} AND NOT FIND_IN_SET("filter", flags)', $user->id()); + WHERE uid = {?} AND NOT FIND_IN_SET('filter', flags)", $user->id()); $mails = implode(', ', $res->fetchColumn()); } $mymail = new PlMailer(); $mymail->setFrom('"Gestion des mots de passe" mail->domain . '>'); $mymail->addTo($mails); - $mymail->setSubject('Ton certificat d\'authentification'); + $mymail->setSubject("Ton certificat d'authentification"); $mymail->setTxtBody("Visite la page suivante qui expire dans six heures : {$globals->baseurl}/tmpPWD/$url @@ -350,7 +340,7 @@ Si en cliquant dessus tu n'y arrives pas, copie intégralement l'adresse dans la -- Polytechnique.org -\"Le portail des élèves & anciens élèves de l'Ecole polytechnique\" +\"Le portail des élèves & anciens élèves de l'École polytechnique\" Email envoyé à ".Env::v('login') . (Post::has('email') ? " Adresse de secours : " . Post::v('email') : "")); @@ -364,11 +354,11 @@ Adresse de secours : " . Post::v('email') : "")); { global $globals; // XXX: recovery requires data from the profile - XDB::execute('DELETE FROM perte_pass + XDB::execute('DELETE FROM account_lost_passwords WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created'); $res = XDB::query('SELECT uid - FROM perte_pass WHERE certificat={?}', $certif); + FROM account_lost_passwords WHERE certificat={?}', $certif); $ligne = $res->fetchOneAssoc(); if (!$ligne) { $page->changeTpl('platal/index.tpl'); @@ -382,7 +372,7 @@ Adresse de secours : " . Post::v('email') : "")); SET password={?} WHERE uid = {?} AND state = \'active\'', $password, $uid); - XDB::query('DELETE FROM perte_pass + XDB::query('DELETE FROM account_lost_passwords WHERE certificat={?}', $certif); // If GoogleApps is enabled, and the user did choose to use synchronized passwords, @@ -464,7 +454,7 @@ Adresse de secours : " . Post::v('email') : "")); { // Include X-XRDS-Location response-header for Yadis discovery global $globals; - header('X-XRDS-Location: ' . $globals->baseurl . '/openid/idp_xrds'); + header('X-XRDS-Location: ' . $globals->baseurl . '/openid/xrds'); $this->load('review.inc.php'); $dom = 'Review';