return Session::v('auth', AUTH_PUBLIC) >= AUTH_MDP;
}
+ public static function rssActivated()
+ {
+ return Session::has('core_rss_hash') && Session::v('core_rss_hash');
+ }
+
// Anti-XSRF protections.
public static function has_xsrf_token()
{
}
}
- public static function rssActivated()
+ // In-session User object.
+ private static $user = null;
+ public static function &user()
{
- return Session::has('core_rss_hash') && Session::v('core_rss_hash');
+ if (!isset(self::$user)) {
+ self::$user = User::getWithValues(
+ Session::i('uid'),
+ $_SESSION,
+ array('User', '_silent_user_callback'));
+ }
+ return self::$user;
}
}
{
global $globals, $page;
+ // Checks the SSO control token value.
if (md5('1'.S::v('challenge').$globals->xnet->secret.Get::i('uid').'1') != Get::v('auth')) {
Get::kill('auth');
if (!$page) {
$page->kill("Erreur d'authentification avec polytechnique.org !");
}
+ // Fetches user's data.
$res = XDB::query("
SELECT u.user_id AS uid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme,
- u.hruid, a.alias AS forlife, a2.alias AS bestalias, q.core_mail_fmt AS mail_fmt, q.core_rss_hash
+ u.hruid, CONCAT(a.alias, '@{$globals->mail->domain}') AS forlife, CONCAT(a2.alias, '@{$globals->mail->domain}') AS bestalias,
+ q.core_mail_fmt AS mail_fmt, q.core_rss_hash
FROM auth_user_md5 AS u
INNER JOIN auth_user_quick AS q USING(user_id)
INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type = 'a_vie')
INNER JOIN aliases AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias', a2.flags))
WHERE u.user_id = {?} AND u.perms IN('admin','user')
LIMIT 1", Get::i('uid'));
+
+ // Sets up the session, using fetched data and Xorg's permission system.
$_SESSION = array_merge($_SESSION, $res->fetchOneAssoc());
$_SESSION['auth'] = AUTH_MDP;
require_once 'xorg/session.inc.php';
$_SESSION['perms'] =& XorgSession::make_perms(S::v('perms'));
+
+ // Removes session values which are of no interest in Xnet context.
S::kill('challenge');
S::kill('loginX');
S::kill('may_update');
S::kill('is_member');
+
+ // Builds the Xnet destination URL, and redirects the user.
Get::kill('auth');
Get::kill('uid');
$path = Get::v('n');
*/
function start_connexion ($uid, $identified)
{
+ global $globals;
+
+ // Fetches user's data.
$res = XDB::query("
SELECT u.user_id AS uid, prenom, prenom_ini, nom, nom_ini, nom_usage, perms, promo, promo_sortie,
matricule, password, FIND_IN_SET('femme', u.flags) AS femme,
- u.hruid, a.alias AS forlife, a2.alias AS bestalias,
+ u.hruid, CONCAT(a.alias, '@{$globals->mail->domain}') AS forlife, CONCAT(a2.alias, '@{$globals->mail->domain}') AS bestalias,
q.core_mail_fmt AS mail_fmt, UNIX_TIMESTAMP(q.banana_last) AS banana_last, q.watch_last, q.core_rss_hash,
FIND_IN_SET('watch', u.flags) AS watch_account, q.last_version
FROM auth_user_md5 AS u
INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type = 'a_vie')
INNER JOIN aliases AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias', a2.flags))
WHERE u.user_id = {?} AND u.perms IN('admin','user')", $uid);
+
+ // Fetches last connection information.
$sess = $res->fetchOneAssoc();
$res = XDB::query("SELECT UNIX_TIMESTAMP(s.start) AS lastlogin, s.host
FROM logger.sessions AS s
if ($res->numRows()) {
$sess = array_merge($sess, $res->fetchOneAssoc());
}
- $suid = S::v('suid');
+ // Sets up special environment for suid sessions, and sets up the logger.
+ $suid = S::v('suid');
if ($suid) {
$logger = new CoreLogger($uid, $suid['uid']);
$logger->log("suid_start", S::v('hruid') . " by {$suid['uid']}");
setcookie('ORGuid', $uid, (time()+25920000), '/', '', 0);
}
+ // Finally sets up the PHP session.
$_SESSION = array_merge($_SESSION, $sess);
$_SESSION['log'] = $logger;
$_SESSION['auth'] = ($identified ? AUTH_MDP : AUTH_COOKIE);
$_SESSION['perms'] =& XorgSession::make_perms($_SESSION['perms']);
+
+ // Checks for watched users / ip addresses.
$mail_subject = null;
if (check_account()) {
$mail_subject = "Connexion d'un utilisateur surveillé";
if ($mail_subject) {
send_warning_mail($mail_subject);
}
+
+ // Miscellaneous environment setup.
set_skin();
update_NbNotifs();
check_redirect();
projects / platal.git / commitdiff