X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fxnet.php;h=d3c9c4e112d8c9883dd13a656eb3042a0debf315;hb=d7610c358d074c78e1e8dc25fe0cf0e5e7e1c55e;hp=e43cd55fe6246d4b877d223364c1f57b49b7eccc;hpb=a1d792172431297cb927aa3291ef132f372bd168;p=platal.git diff --git a/modules/xnet.php b/modules/xnet.php index e43cd55..d3c9c4e 100644 --- a/modules/xnet.php +++ b/modules/xnet.php @@ -1,6 +1,6 @@ $this->make_hook('index', AUTH_PUBLIC), - 'login' => $this->make_hook('login', AUTH_MDP), 'exit' => $this->make_hook('exit', AUTH_PUBLIC), 'admin' => $this->make_hook('admin', AUTH_MDP, 'admin'), 'groups' => $this->make_hook('groups', AUTH_PUBLIC), 'groupes.php' => $this->make_hook('groups2', AUTH_PUBLIC), 'plan' => $this->make_hook('plan', AUTH_PUBLIC), + 'photo' => $this->make_hook('photo', AUTH_MDP), + 'autologin' => $this->make_hook('autologin', AUTH_MDP), ); } - function handler_index(&$page) + function handler_photo(&$page, $x = null) { - $page->nomenu = true; - $page->changeTpl('xnet/index.tpl'); + if (is_null($x)) { + return PL_NOT_FOUND; + } + + $res = XDB::query("SELECT attachmime, attach + FROM aliases + INNER JOIN photo ON(id = uid) + WHERE alias = {?}", $x); + + if ((list($type, $data) = $res->fetchOneRow())) { + Header("Content-type: image/$type"); + echo $data; + } else { + Header('Content-type: image/png'); + echo file_get_contents(dirname(__FILE__).'/../htdocs/images/none.png'); + } + exit; } - function handler_login(&$page) + function handler_index(&$page) { - $allkeys = func_get_args(); - unset($allkeys[0]); - $url = join('/',$allkeys); - pl_redirect($url); + $page->nomenu = true; + $page->changeTpl('xnet/index.tpl'); } function handler_exit(&$page) { - XnetSession::destroy(); + Platal::session()->stopSUID(); + Platal::session()->destroy(); $page->changeTpl('xnet/deconnexion.tpl'); } function handler_admin(&$page) { - new_admin_page('xnet/admin.tpl'); + $page->changeTpl('xnet/admin.tpl'); if (Get::has('del')) { $res = XDB::query('SELECT id, nom, mail_domain @@ -66,27 +81,29 @@ class XnetModule extends PLModule list($id, $nom, $domain) = $res->fetchOneRow(); $page->assign('nom', $nom); if ($id && Post::has('del')) { + S::assert_xsrf_token(); + XDB::query('DELETE FROM groupex.membres WHERE asso_id={?}', $id); - $page->trig('membres supprimés'); + $page->trigSuccess('membres supprimés'); if ($domain) { XDB::query('DELETE FROM virtual_domains WHERE domain={?}', $domain); XDB::query('DELETE FROM virtual, virtual_redirect USING virtual INNER JOIN virtual_redirect USING (vid) WHERE alias LIKE {?}', '%@'.$domain); - $page->trig('suppression des alias mails'); + $page->trigSuccess('suppression des alias mails'); $mmlist = new MMList(S::v('uid'), S::v('password'), $domain); if ($listes = $mmlist->get_lists()) { foreach ($listes as $l) { $mmlist->delete_list($l['list'], true); } - $page->trig('mail lists surpprimées'); + $page->trigSuccess('mail lists surpprimées'); } } XDB::query('DELETE FROM groupex.asso WHERE id={?}', $id); - $page->trig("Groupe $nom supprimé"); + $page->trigSuccess("Groupe $nom supprimé"); Get::kill('del'); } if (!$id) { @@ -95,6 +112,8 @@ class XnetModule extends PLModule } if (Post::has('diminutif')) { + S::assert_xsrf_token(); + XDB::query('INSERT INTO groupex.asso (id,diminutif) VALUES(NULL,{?})', Post::v('diminutif')); pl_redirect('../'.Post::v('diminutif').'/edit'); @@ -182,6 +201,17 @@ class XnetModule extends PLModule $page->setType($cat); } + + function handler_autologin(&$page) + { + $allkeys = func_get_args(); + unset($allkeys[0]); + $url = join('/',$allkeys); + header("Content-type: text/javascript; charset=utf-8"); + echo '$.ajax({ url: "'.$url.'?forceXml=1", dataType: "xml", success: function(xml) { $("body",xml).insertBefore("body"); $("body:eq(1)").remove(); }});'; + exit; + } } +// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: ?>