X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fplatal.php;h=2e6570ce0a8bf35c1b78050630d8795d3dcaefcb;hb=9ec2213d47a69195843ab816c930597088ccaff4;hp=0507494f2b7c8c2cb630e8bf807f8b0168912777;hpb=08fa70684fd1332178cddb6b318151335fb4506c;p=platal.git

diff --git a/modules/platal.php b/modules/platal.php
index 0507494..2e6570c 100644
--- a/modules/platal.php
+++ b/modules/platal.php
@@ -153,7 +153,7 @@ class PlatalModule extends PLModule
                                        SET redirecturl = {?} WHERE user_id = {?}',
                                    $url, S::v('uid'));
             $log->log('carva_add', 'http://'.Env::v('url'));
-            $page->trig("Redirection activée vers <a href='http://$url'>$url</a>");
+            $page->trigSuccess("Redirection activée vers <a href='http://$url'>$url</a>");
         } elseif (Env::v('submit') == "Supprimer") {
             XDB::execute("UPDATE auth_user_quick
                                        SET redirecturl = ''
@@ -161,7 +161,7 @@ class PlatalModule extends PLModule
                                    S::v('uid'));
             $log->log("carva_del", $url);
             Post::kill('url');
-            $page->trig('Redirection supprimée');
+            $page->trigSuccess('Redirection supprimée');
         }
 
         $res = XDB::query('SELECT redirecturl
@@ -179,14 +179,17 @@ class PlatalModule extends PLModule
 
         if (Env::v('act_rss') == 'Activer') {
             $this->__set_rss_state(true);
-            $page->trig("Ton Fil RSS est activé.");
+            $page->trigSuccess("Ton Fil RSS est activé.");
         }
     }
 
     function handler_password(&$page)
     {
+        global $globals;
+
         if (Post::has('response2'))  {
             require_once 'secure_hash.inc.php';
+            S::assert_xsrf_token();
 
             $_SESSION['password'] = $password = Post::v('response2');
 
@@ -195,6 +198,16 @@ class PlatalModule extends PLModule
                            WHERE  user_id={?}', $password,
                            S::v('uid'));
 
+            // If GoogleApps is enabled, and the user did choose to use synchronized passwords,
+            // updates the Google Apps password as well.
+            if ($globals->mailstorage->googleapps_domain) {
+                require_once 'googleapps.inc.php';
+                $account = new GoogleAppsAccount(S::v('uid'), S::v('forlife'));
+                if ($account->active() && $account->sync_password) {
+                    $account->set_password($password);
+                }
+            }
+
             $log =& S::v('log');
             $log->log('passwd', '');
 
@@ -229,12 +242,12 @@ class PlatalModule extends PLModule
         {
             XDB::execute('UPDATE auth_user_md5 SET smtppass = {?}
                                      WHERE user_id = {?}', $pass, $uid);
-            $page->trig('Mot de passe enregistré');
+            $page->trigSuccess('Mot de passe enregistré');
             $log->log("passwd_ssl");
         } elseif (Env::v('op') == "Supprimer") {
             XDB::execute('UPDATE auth_user_md5 SET smtppass = ""
                                      WHERE user_id = {?}', $uid);
-            $page->trig('Compte SMTP et NNTP supprimé');
+            $page->trigSuccess('Compte SMTP et NNTP supprimé');
             $log->log("passwd_del");
         }
 
@@ -255,7 +268,7 @@ class PlatalModule extends PLModule
         }
 
         if (!ereg('[0-3][0-9][0-1][0-9][1][9]([0-9]{2})', Env::v('birth'))) {
-            $page->trig('Date de naissance incorrecte ou incohérente');
+            $page->trigError('Date de naissance incorrecte ou incohérente');
             return;
         }
 
@@ -324,13 +337,14 @@ Adresse de secours : " . Post::v('email') : ""));
             $logger = $_SESSION['log'] = new CoreLogger($uid);
             $logger->log('recovery', $mails);
         } else {
-            $page->trig('Les informations que tu as rentrées ne permettent pas de récupérer ton mot de passe.<br />'.
+            $page->trigError('Les informations que tu as rentrées ne permettent pas de récupérer ton mot de passe.<br />'.
                         'Si tu as un homonyme, utilise prenom.nom.promo comme login');
         }
     }
 
     function handler_tmpPWD(&$page, $certif = null)
     {
+        global $globals;
         XDB::execute('DELETE FROM perte_pass
                                       WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created');
 
@@ -344,11 +358,22 @@ Adresse de secours : " . Post::v('email') : ""));
         $uid = $ligne["uid"];
         if (Post::has('response2')) {
             $password = Post::v('response2');
-            $logger   = new CoreLogger($uid);
             XDB::query('UPDATE  auth_user_md5 SET password={?}
                                    WHERE  user_id={?} AND perms IN("admin","user")',
                                  $password, $uid);
             XDB::query('DELETE FROM perte_pass WHERE certificat={?}', $certif);
+
+            // If GoogleApps is enabled, and the user did choose to use synchronized passwords,
+            // updates the Google Apps password as well.
+            if ($globals->mailstorage->googleapps_domain) {
+                require_once 'googleapps.inc.php';
+                $account = new GoogleAppsAccount($uid);
+                if ($account->active() && $account->sync_password) {
+                    $account->set_password($password);
+                }
+            }
+
+            $logger = new CoreLogger($uid);
             $logger->log("passwd","");
             $page->changeTpl('platal/tmpPWD.success.tpl');
         } else {