X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fplatal.php;h=e4e7aa01ff4c44b4aeafca5a25edade329c6f4c0;hb=d7610c358d074c78e1e8dc25fe0cf0e5e7e1c55e;hp=0507494f2b7c8c2cb630e8bf807f8b0168912777;hpb=a7c29df3b9bf8f3c3b23fec0f1d2feb814cb61fe;p=platal.git
diff --git a/modules/platal.php b/modules/platal.php
index 0507494..e4e7aa0 100644
--- a/modules/platal.php
+++ b/modules/platal.php
@@ -152,16 +152,16 @@ class PlatalModule extends PLModule
XDB::execute('UPDATE auth_user_quick
SET redirecturl = {?} WHERE user_id = {?}',
$url, S::v('uid'));
- $log->log('carva_add', 'http://'.Env::v('url'));
- $page->trig("Redirection activée vers $url");
+ S::logger()->log('carva_add', 'http://'.Env::v('url'));
+ $page->trigSuccess("Redirection activée vers $url");
} elseif (Env::v('submit') == "Supprimer") {
XDB::execute("UPDATE auth_user_quick
SET redirecturl = ''
WHERE user_id = {?}",
S::v('uid'));
- $log->log("carva_del", $url);
+ S::logger()->log("carva_del", $url);
Post::kill('url');
- $page->trig('Redirection supprimée');
+ $page->trigSuccess('Redirection supprimée');
}
$res = XDB::query('SELECT redirecturl
@@ -179,14 +179,17 @@ class PlatalModule extends PLModule
if (Env::v('act_rss') == 'Activer') {
$this->__set_rss_state(true);
- $page->trig("Ton Fil RSS est activé.");
+ $page->trigSuccess("Ton Fil RSS est activé.");
}
}
function handler_password(&$page)
{
+ global $globals;
+
if (Post::has('response2')) {
require_once 'secure_hash.inc.php';
+ S::assert_xsrf_token();
$_SESSION['password'] = $password = Post::v('response2');
@@ -195,8 +198,18 @@ class PlatalModule extends PLModule
WHERE user_id={?}', $password,
S::v('uid'));
+ // If GoogleApps is enabled, and the user did choose to use synchronized passwords,
+ // updates the Google Apps password as well.
+ if ($globals->mailstorage->googleapps_domain) {
+ require_once 'googleapps.inc.php';
+ $account = new GoogleAppsAccount(S::v('uid'), S::v('forlife'));
+ if ($account->active() && $account->sync_password) {
+ $account->set_password($password);
+ }
+ }
+
$log =& S::v('log');
- $log->log('passwd', '');
+ S::logger()->log('passwd', '');
if (Cookie::v('ORGaccess')) {
setcookie('ORGaccess', hash_encrypt($password), (time()+25920000), '/', '' ,0);
@@ -229,13 +242,13 @@ class PlatalModule extends PLModule
{
XDB::execute('UPDATE auth_user_md5 SET smtppass = {?}
WHERE user_id = {?}', $pass, $uid);
- $page->trig('Mot de passe enregistré');
- $log->log("passwd_ssl");
+ $page->trigSuccess('Mot de passe enregistré');
+ S::logger()->log("passwd_ssl");
} elseif (Env::v('op') == "Supprimer") {
XDB::execute('UPDATE auth_user_md5 SET smtppass = ""
WHERE user_id = {?}', $uid);
- $page->trig('Compte SMTP et NNTP supprimé');
- $log->log("passwd_del");
+ $page->trigSuccess('Compte SMTP et NNTP supprimé');
+ S::logger()->log("passwd_del");
}
$res = XDB::query("SELECT IF(smtppass != '', 'actif', '')
@@ -255,7 +268,7 @@ class PlatalModule extends PLModule
}
if (!ereg('[0-3][0-9][0-1][0-9][1][9]([0-9]{2})', Env::v('birth'))) {
- $page->trig('Date de naissance incorrecte ou incohérente');
+ $page->trigError('Date de naissance incorrecte ou incohérente');
return;
}
@@ -321,16 +334,17 @@ Adresse de secours : " . Post::v('email') : ""));
$mymail->send();
// on cree un objet logger et on log l'evenement
- $logger = $_SESSION['log'] = new CoreLogger($uid);
- $logger->log('recovery', $mails);
+ $logger = $_SESSION['log'] = new PlLogger($uid);
+ S::logger()->log('recovery', $mails);
} else {
- $page->trig('Les informations que tu as rentrées ne permettent pas de récupérer ton mot de passe.
'.
+ $page->trigError('Les informations que tu as rentrées ne permettent pas de récupérer ton mot de passe.
'.
'Si tu as un homonyme, utilise prenom.nom.promo comme login');
}
}
function handler_tmpPWD(&$page, $certif = null)
{
+ global $globals;
XDB::execute('DELETE FROM perte_pass
WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created');
@@ -344,12 +358,23 @@ Adresse de secours : " . Post::v('email') : ""));
$uid = $ligne["uid"];
if (Post::has('response2')) {
$password = Post::v('response2');
- $logger = new CoreLogger($uid);
XDB::query('UPDATE auth_user_md5 SET password={?}
WHERE user_id={?} AND perms IN("admin","user")',
$password, $uid);
XDB::query('DELETE FROM perte_pass WHERE certificat={?}', $certif);
- $logger->log("passwd","");
+
+ // If GoogleApps is enabled, and the user did choose to use synchronized passwords,
+ // updates the Google Apps password as well.
+ if ($globals->mailstorage->googleapps_domain) {
+ require_once 'googleapps.inc.php';
+ $account = new GoogleAppsAccount($uid);
+ if ($account->active() && $account->sync_password) {
+ $account->set_password($password);
+ }
+ }
+
+ $logger = new PlLogger($uid);
+ S::logger()->log("passwd","");
$page->changeTpl('platal/tmpPWD.success.tpl');
} else {
$page->changeTpl('platal/motdepasse.tpl');
@@ -369,7 +394,7 @@ Adresse de secours : " . Post::v('email') : ""));
SET skin={?} WHERE user_id={?}',
Env::i('newskin'), S::v('uid'));
S::kill('skin');
- set_skin();
+ Platal::session()->setSkin();
}
$res = XDB::query('SELECT id FROM skins WHERE skin_tpl={?}', S::v('skin'));
@@ -389,9 +414,8 @@ Adresse de secours : " . Post::v('email') : ""));
$a4l = S::v('forlife');
$suid = S::v('suid');
$log = S::v('log');
- $log->log("suid_stop", S::v('forlife') . " by " . $suid['forlife']);
- $_SESSION = $suid;
- S::kill('suid');
+ S::logger()->log("suid_stop", S::v('forlife') . " by " . $suid['forlife']);
+ Platal::session()->stopSUID();
pl_redirect('admin/user/' . $a4l);
}
@@ -399,7 +423,7 @@ Adresse de secours : " . Post::v('email') : ""));
setcookie('ORGaccess', '', time() - 3600, '/', '', 0);
Cookie::kill('ORGaccess');
if (isset($_SESSION['log']))
- $_SESSION['log']->log("cookie_off");
+ S::logger()->log("cookie_off");
}
if ($level == 'forgetuid' || $level == 'forgetall') {
@@ -411,10 +435,9 @@ Adresse de secours : " . Post::v('email') : ""));
if (isset($_SESSION['log'])) {
$ref = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
- $_SESSION['log']->log('deconnexion',$ref);
+ S::logger()->log('deconnexion',$ref);
}
-
- XorgSession::destroy();
+ Platal::session()->destroy();
if (Get::has('redirect')) {
http_redirect(rawurldecode(Get::v('redirect')));