X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fplatal.php;h=af0bf35fb6ecb46ae9632a32ab1dbacbdd520200;hb=4f970ab081dfb75e7595d98c61e1660f76edab65;hp=f6ae04e8f23a959f7782f23aab047ccc22d18796;hpb=a8b4ccb6c163277c49fb92427a7bb4ace8469660;p=platal.git diff --git a/modules/platal.php b/modules/platal.php index f6ae04e..af0bf35 100644 --- a/modules/platal.php +++ b/modules/platal.php @@ -1,6 +1,6 @@ $this->make_hook('index', AUTH_PUBLIC), - 'cacert.pem' => $this->make_hook('cacert', AUTH_PUBLIC), - 'changelog' => $this->make_hook('changelog', AUTH_PUBLIC), + 'index' => $this->make_hook('index', AUTH_PUBLIC), + 'cacert.pem' => $this->make_hook('cacert', AUTH_PUBLIC), + 'changelog' => $this->make_hook('changelog', AUTH_PUBLIC), // Preferences thingies - 'prefs' => $this->make_hook('prefs', AUTH_COOKIE), - 'prefs/rss' => $this->make_hook('prefs_rss', AUTH_COOKIE), - 'prefs/webredirect' - => $this->make_hook('webredir', AUTH_MDP), - 'prefs/skin' => $this->make_hook('skin', AUTH_COOKIE), + 'prefs' => $this->make_hook('prefs', AUTH_COOKIE), + 'prefs/rss' => $this->make_hook('prefs_rss', AUTH_COOKIE), + 'prefs/webredirect' => $this->make_hook('webredir', AUTH_MDP), + 'prefs/skin' => $this->make_hook('skin', AUTH_COOKIE), // password related thingies - 'password' => $this->make_hook('password', AUTH_MDP), - 'tmpPWD' => $this->make_hook('tmpPWD', AUTH_PUBLIC), - 'password/smtp' => $this->make_hook('smtppass', AUTH_MDP), - 'recovery' => $this->make_hook('recovery', AUTH_PUBLIC), - 'exit' => $this->make_hook('exit', AUTH_PUBLIC), - 'review' => $this->make_hook('review', AUTH_PUBLIC), - 'deconnexion.php' => $this->make_hook('exit', AUTH_PUBLIC), + 'password' => $this->make_hook('password', AUTH_MDP), + 'tmpPWD' => $this->make_hook('tmpPWD', AUTH_PUBLIC), + 'password/smtp' => $this->make_hook('smtppass', AUTH_MDP), + 'recovery' => $this->make_hook('recovery', AUTH_PUBLIC), + 'exit' => $this->make_hook('exit', AUTH_PUBLIC), + 'review' => $this->make_hook('review', AUTH_PUBLIC), + 'deconnexion.php' => $this->make_hook('exit', AUTH_PUBLIC), ); } function handler_index(&$page) { + // Include X-XRDS-Location response-header for Yadis discovery + global $globals; + header('X-XRDS-Location: ' . $globals->baseurl . '/openid/xrds'); + + // Redirect to the suitable page if (S::logged()) { pl_redirect('events'); } else if (!@$GLOBALS['IS_XNET_SITE']) { @@ -87,7 +91,7 @@ class PlatalModule extends PLModule $page->changeTpl('platal/changeLog.tpl'); $clog = pl_entities(file_get_contents(dirname(__FILE__).'/../ChangeLog')); - $clog = preg_replace('/=+\s*/', '
', $clog); + $clog = preg_replace('/===+\s*/', '
', $clog); // url catch only (not all wiki syntax) $clog = preg_replace(array( '/((?:https?|ftp):\/\/(?:\.*,*[\w@~%$£µ&i#\-+=_\/\?;])*)/ui', @@ -137,6 +141,14 @@ class PlatalModule extends PLModule if (Post::has('rss')) { $this->__set_rss_state(Post::b('rss')); } + + # FIXME: this code is not multi-domain compatible. We should decide how + # carva will extend to users not in the main domain. + $res = XDB::query("SELECT alias + FROM aliases + WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", + S::user()->id()); + $page->assign('bestalias', $res->fetchOneCell()); } function handler_webredir(&$page) @@ -169,6 +181,14 @@ class PlatalModule extends PLModule WHERE user_id = {?}', S::v('uid')); $page->assign('carva', $res->fetchOneCell()); + + # FIXME: this code is not multi-domain compatible. We should decide how + # carva will extend to users not in the main domain. + $res = XDB::query("SELECT alias + FROM aliases + WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", + S::user()->id()); + $page->assign('bestalias', $res->fetchOneCell()); } function handler_prefs_rss(&$page) @@ -208,12 +228,8 @@ class PlatalModule extends PLModule } } - $log =& S::v('log'); - S::logger()->log('passwd', ''); - - if (Cookie::v('ORGaccess')) { - setcookie('ORGaccess', hash_encrypt($password), (time()+25920000), '/', '' ,0); - } + S::logger()->log('passwd'); + Platal::session()->setAccessCookie(true); $page->changeTpl('platal/motdepasse.success.tpl'); $page->run(); @@ -335,8 +351,7 @@ Adresse de secours : " . Post::v('email') : "")); $mymail->send(); // on cree un objet logger et on log l'evenement - $logger = $_SESSION['log'] = new PlLogger($uid); - S::logger()->log('recovery', $mails); + S::logger(uid)->log('recovery', $mails); } else { $page->trigError('Les informations que tu as rentrées ne permettent pas de récupérer ton mot de passe.
'. 'Si tu as un homonyme, utilise prenom.nom.promo comme login'); @@ -374,8 +389,7 @@ Adresse de secours : " . Post::v('email') : "")); } } - $logger = new PlLogger($uid); - S::logger()->log("passwd",""); + S::logger($uid)->log("passwd", ""); $page->changeTpl('platal/tmpPWD.success.tpl'); } else { $page->changeTpl('platal/motdepasse.tpl'); @@ -412,33 +426,25 @@ Adresse de secours : " . Post::v('email') : "")); function handler_exit(&$page, $level = null) { if (S::has('suid')) { - $a4l = S::v('forlife'); $suid = S::v('suid'); $log = S::v('log'); - S::logger()->log("suid_stop", S::v('forlife') . " by " . $suid['forlife']); + S::logger()->log("suid_stop", S::user()->login() . " by " . $suid['hruid']); Platal::session()->stopSUID(); - pl_redirect('admin/user/' . $a4l); + pl_redirect('admin/user/' . S::user()->login()); } if ($level == 'forget' || $level == 'forgetall') { - setcookie('ORGaccess', '', time() - 3600, '/', '', 0); - Cookie::kill('ORGaccess'); - if (isset($_SESSION['log'])) - S::logger()->log("cookie_off"); + Platal::session()->killAccessCookie(); } if ($level == 'forgetuid' || $level == 'forgetall') { - setcookie('ORGuid', '', time() - 3600, '/', '', 0); - Cookie::kill('ORGuid'); - setcookie('ORGdomain', '', time() - 3600, '/', '', 0); - Cookie::kill('ORGdomain'); + Platal::session()->killLoginFormCookies(); } - if (isset($_SESSION['log'])) { - $ref = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; - S::logger()->log('deconnexion',$ref); + if (S::logged()) { + S::logger()->log('deconnexion', @$_SERVER['HTTP_REFERER']); + Platal::session()->destroy(); } - Platal::session()->destroy(); if (Get::has('redirect')) { http_redirect(rawurldecode(Get::v('redirect'))); @@ -449,14 +455,18 @@ Adresse de secours : " . Post::v('email') : "")); function handler_review(&$page, $action = null, $mode = null) { - require_once dirname(__FILE__) . '/platal/review.inc.php'; + // Include X-XRDS-Location response-header for Yadis discovery + global $globals; + header('X-XRDS-Location: ' . $globals->baseurl . '/openid/xrds'); + + $this->load('review.inc.php'); $dom = 'Review'; if (@$GLOBALS['IS_XNET_SITE']) { $dom .= 'Xnet'; } $wp = new PlWikiPage($dom . '.Admin'); $conf = explode('%0a', $wp->getField('text')); - $wiz = new PlWizard('Tour d\'horizon', 'core/plwizard.tpl', true); + $wiz = new PlWizard('Tour d\'horizon', PlPage::getCoreTpl('plwizard.tpl'), true); foreach ($conf as $line) { $list = preg_split('/\s*[*|]\s*/', $line, -1, PREG_SPLIT_NO_EMPTY); $wiz->addPage('ReviewPage', $list[0], $list[1]);