X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fplatal.php;h=2c9596d87dc4c31d0150cefb7c2ccb298b761f2e;hb=06f4daf9ceb56712582d81330896848a1a262894;hp=f123ba75a096c67657139624a436a0778ea52c12;hpb=3f95a7bd17cd6cd7b218f12787276a485f496f1d;p=platal.git diff --git a/modules/platal.php b/modules/platal.php index f123ba7..2c9596d 100644 --- a/modules/platal.php +++ b/modules/platal.php @@ -1,6 +1,6 @@ $this->make_hook('index', AUTH_PUBLIC), - 'cacert.pem' => $this->make_hook('cacert', AUTH_PUBLIC), - 'changelog' => $this->make_hook('changelog', AUTH_PUBLIC), + 'index' => $this->make_hook('index', AUTH_PUBLIC), + 'cacert.pem' => $this->make_hook('cacert', AUTH_PUBLIC), + 'changelog' => $this->make_hook('changelog', AUTH_PUBLIC), // Preferences thingies - 'prefs' => $this->make_hook('prefs', AUTH_COOKIE), - 'prefs/rss' => $this->make_hook('prefs_rss', AUTH_COOKIE), - 'prefs/webredirect' - => $this->make_hook('webredir', AUTH_MDP), - 'prefs/skin' => $this->make_hook('skin', AUTH_COOKIE), + 'prefs' => $this->make_hook('prefs', AUTH_COOKIE), + 'prefs/rss' => $this->make_hook('prefs_rss', AUTH_COOKIE), + 'prefs/webredirect' => $this->make_hook('webredir', AUTH_MDP), + 'prefs/skin' => $this->make_hook('skin', AUTH_COOKIE), // password related thingies - 'password' => $this->make_hook('password', AUTH_MDP), - 'tmpPWD' => $this->make_hook('tmpPWD', AUTH_PUBLIC), - 'password/smtp' => $this->make_hook('smtppass', AUTH_MDP), - 'recovery' => $this->make_hook('recovery', AUTH_PUBLIC), - 'exit' => $this->make_hook('exit', AUTH_PUBLIC), - 'review' => $this->make_hook('review', AUTH_PUBLIC), - 'deconnexion.php' => $this->make_hook('exit', AUTH_PUBLIC), + 'password' => $this->make_hook('password', AUTH_MDP), + 'tmpPWD' => $this->make_hook('tmpPWD', AUTH_PUBLIC), + 'password/smtp' => $this->make_hook('smtppass', AUTH_MDP), + 'recovery' => $this->make_hook('recovery', AUTH_PUBLIC), + 'exit' => $this->make_hook('exit', AUTH_PUBLIC), + 'review' => $this->make_hook('review', AUTH_PUBLIC), + 'deconnexion.php' => $this->make_hook('exit', AUTH_PUBLIC), ); } @@ -64,7 +63,7 @@ class PlatalModule extends PLModule { // Include X-XRDS-Location response-header for Yadis discovery global $globals; - header('X-XRDS-Location: ' . $globals->baseurl . '/openid/idp_xrds'); + header('X-XRDS-Location: ' . $globals->baseurl . '/openid/xrds'); // Redirect to the suitable page if (S::logged()) { @@ -76,14 +75,8 @@ class PlatalModule extends PLModule function handler_cacert(&$page) { - $data = file_get_contents("/etc/ssl/xorgCA/cacert.pem","r"); - header("Pragma:"); - header("Set-Cookie:"); - header("Cache-Control:"); - header("Expires:"); - header("Content-Type: application/x-x509-ca-cert"); - header("Content-Length: ".strlen($data)); - echo $data; + pl_cached_content_headers("application/x-x509-ca-cert"); + readfile("/etc/ssl/xorgCA/cacert.pem"); exit; } @@ -325,7 +318,7 @@ class PlatalModule extends PLModule $page->assign('ok', true); $url = rand_url_id(); - XDB::execute('INSERT INTO perte_pass (certificat,uid,created) + XDB::execute('INSERT INTO account_lost_passwords (certificat,uid,created) VALUES ({?},{?},NOW())', $url, $user->id()); $res = XDB::query('SELECT email FROM emails @@ -334,15 +327,15 @@ class PlatalModule extends PLModule if ($res->numRows()) { $mails = $res->fetchOneCell(); } else { - $res = XDB::query('SELECT email + $res = XDB::query("SELECT email FROM emails - WHERE uid = {?} AND NOT FIND_IN_SET("filter", flags)', $user->id()); + WHERE uid = {?} AND NOT FIND_IN_SET('filter', flags)", $user->id()); $mails = implode(', ', $res->fetchColumn()); } $mymail = new PlMailer(); $mymail->setFrom('"Gestion des mots de passe" mail->domain . '>'); $mymail->addTo($mails); - $mymail->setSubject('Ton certificat d\'authentification'); + $mymail->setSubject("Ton certificat d'authentification"); $mymail->setTxtBody("Visite la page suivante qui expire dans six heures : {$globals->baseurl}/tmpPWD/$url @@ -350,7 +343,7 @@ Si en cliquant dessus tu n'y arrives pas, copie intégralement l'adresse dans la -- Polytechnique.org -\"Le portail des élèves & anciens élèves de l'Ecole polytechnique\" +\"Le portail des élèves & anciens élèves de l'École polytechnique\" Email envoyé à ".Env::v('login') . (Post::has('email') ? " Adresse de secours : " . Post::v('email') : "")); @@ -364,11 +357,11 @@ Adresse de secours : " . Post::v('email') : "")); { global $globals; // XXX: recovery requires data from the profile - XDB::execute('DELETE FROM perte_pass + XDB::execute('DELETE FROM account_lost_passwords WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created'); $res = XDB::query('SELECT uid - FROM perte_pass WHERE certificat={?}', $certif); + FROM account_lost_passwords WHERE certificat={?}', $certif); $ligne = $res->fetchOneAssoc(); if (!$ligne) { $page->changeTpl('platal/index.tpl'); @@ -382,7 +375,7 @@ Adresse de secours : " . Post::v('email') : "")); SET password={?} WHERE uid = {?} AND state = \'active\'', $password, $uid); - XDB::query('DELETE FROM perte_pass + XDB::query('DELETE FROM account_lost_passwords WHERE certificat={?}', $certif); // If GoogleApps is enabled, and the user did choose to use synchronized passwords, @@ -464,7 +457,7 @@ Adresse de secours : " . Post::v('email') : "")); { // Include X-XRDS-Location response-header for Yadis discovery global $globals; - header('X-XRDS-Location: ' . $globals->baseurl . '/openid/idp_xrds'); + header('X-XRDS-Location: ' . $globals->baseurl . '/openid/xrds'); $this->load('review.inc.php'); $dom = 'Review';