* Foundation, Inc., *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************
- $Id: utilisateurs.php,v 1.15 2004-09-02 17:43:14 x2000habouzit Exp $
+ $Id: utilisateurs.php,v 1.16 2004-09-02 19:39:20 x2000habouzit Exp $
***************************************************************************/
require("auto.prepend.inc.php");
/*
* SUID
*/
-if(isset($_REQUEST['suid_button']) and isset($_REQUEST['login'])
- and !isset($_SESSION['suid']) // pas de su imbriqués
- ) {
- $res = @$globals->db->query( "SELECT user_id,prenom,nom,promo,perms FROM auth_user_md5 WHERE username='{$_REQUEST['login']}'");
- if(@mysql_num_rows($res) != 0) {
- list($uid,$prenom,$nom,$promo,$perms)=mysql_fetch_row($res);
- // on déplace le log de l'admin dans slog, et on crée un log de suid en log
- // on loggue le démarrage de la session suid pour l'admin et l'utilisateur
- $log_data = $_REQUEST['login']." by ".$_SESSION['username'];
- $_SESSION['log']->log("suid_start",$log_data);
- $_SESSION['slog'] = $_SESSION['log'];
- $_SESSION['log'] = new DiogenesCoreLogger($uid,$_SESSION['uid']);
- $_SESSION['log']->log("suid_start",$log_data);
- // on modifie les variables de session suffisantes pour faire un su
- // rem : la skin n'est pas modifiée
- $_SESSION['suid'] = $_SESSION['uid'];
- $_SESSION['username'] = $_REQUEST['login'];
- $_SESSION['perms'] = $perms;
- $_SESSION['uid'] = $uid;
- $_SESSION['prenom'] = $prenom;
- $_SESSION['nom'] = $nom;
- $_SESSION['promo'] = $promo;
- }
+if(isset($_REQUEST['suid_button']) and isset($_REQUEST['login']) and !isset($_SESSION['suid'])) {
+ $log_data = $_REQUEST['login']." by ".$_SESSION['forlife'];
+ $_SESSION['log']->log("suid_start",$log_data);
+ $_SESSION['slog'] = $_SESSION['log'];
+ $_SESSION['suid'] = $_SESSION['uid'];
+ start_connexion($_SESSION['uid'],true);
header("Location: ../");
}
background: #ffc0cb;
width: 100%;
font-weight: bold;
- position: fixed;
}
#suid td { padding: 2px; }
#suid a { color: red; }
}
/* vim: set et ts=4 sts=4 sw=4: */
-/* $Id: default.css,v 1.37 2004-08-31 22:21:05 x2000habouzit Exp $ */
+/* $Id: default.css,v 1.38 2004-09-02 19:39:20 x2000habouzit Exp $ */
* Foundation, Inc., *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************
- $Id: exit.php,v 1.5 2004-09-02 18:37:14 x2000habouzit Exp $
+ $Id: exit.php,v 1.6 2004-09-02 19:39:19 x2000habouzit Exp $
***************************************************************************/
require("auto.prepend.inc.php");
new_skinned_page('index.tpl',AUTH_MDP);
if (isset($_SESSION['suid'])) {
- $res = @$globals->db->query( "SELECT prenom,nom,promo,perms FROM auth_user_md5 WHERE user_id='{$_SESSION['suid']}'");
- if(@mysql_num_rows($res) != 0) {
- list($prenom,$nom,$promo,$perms)=mysql_fetch_row($res);
- // on rétablit les loggers
- // on loggue la fermeture de la session de su
- $log_data = "{$_SESSION['prenom']} {$_SESSION['nom']} {$_SESSION['promo']} by $prenom $nom $promo";
- $_SESSION['log']->log("suid_stop",$log_data);
- $_SESSION['log'] = $_SESSION['slog'];
- unset($_SESSION['slog']);
- $_SESSION['log']->log("suid_stop",$log_data);
- // on remet en place les variables de sessions modifiées par le su
- $_SESSION['uid'] = $_SESSION['suid'];
- unset($_SESSION['suid']);
- $_SESSION['prenom'] = $prenom;
- $_SESSION['nom'] = $nom;
- $_SESSION['promo'] = $promo;
- $_SESSION['perms'] = $perms;
- }
+ $suid = $_SESSION['suid'];
+ $log_data = "{$_SESSION['forlife']} by $suid}";
+ $_SESSION['log']->log("suid_stop",$log_data);
+ $_SESSION['log'] = $_SESSION['slog'];
+ unset($_SESSION['suid']);
+ unset($_SESSION['slog']);
+ start_connexion($suid,true);
}
header("Location: login.php");
* Foundation, Inc., *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************
- $Id: insert.password.inc.php,v 1.3 2004-09-02 18:23:02 x2000habouzit Exp $
+ $Id: insert.password.inc.php,v 1.4 2004-09-02 19:39:20 x2000habouzit Exp $
***************************************************************************/
function smarty_insert_getName() {
}
function smarty_insert_getUsername() {
+ global $globals;
if(isset($_COOKIE['ORGuid'])) $id = $_COOKIE['ORGuid'];
if(isset($_SESSION['uid'])) $id = $_SESSION['uid'];
if(empty($id)) return "";
- $res = $globals->db->query("SELECT alias FROM auth_user_md5 WHERE id='$id' AND type='a_vie'");
+ $res = $globals->db->query("SELECT alias FROM aliases WHERE id='$id' AND type='a_vie'");
if(list($uname) = mysql_fetch_row($res)) {
mysql_free_result($res);
return $uname;
* Foundation, Inc., *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************
- $Id: xorg.session.inc.php,v 1.22 2004-09-02 19:03:19 x2000habouzit Exp $
+ $Id: xorg.session.inc.php,v 1.23 2004-09-02 19:39:20 x2000habouzit Exp $
***************************************************************************/
require("diogenes.core.session.inc.php");
{
// si on vient de recevoir une identification par passwordpromptscreen.tpl
// ou passwordpromptscreenlogged.tpl
+ $field = preg_match('/^\d*$/', $_REQUEST['username']) ? 'id' : 'alias';
$res = @$globals->db->query( "SELECT u.user_id,u.password
FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON ( a.id=u.user_id AND a.alias='{$_REQUEST['username']}' )");
+ INNER JOIN aliases AS a ON ( a.id=u.user_id AND a.$field='{$_REQUEST['username']}' )");
if(@mysql_num_rows($res) != 0) {
list($uid,$password)=mysql_fetch_row($res);
mysql_free_result($res);
*/
function start_connexion ($uid, $identified) {
global $globals;
- $result=$globals->db->query("SELECT prenom, nom, perms, promo, matricule, UNIX_TIMESTAMP(s.start) AS lastlogin, s.host
- FROM auth_user_md5 AS u
- LEFT JOIN logger.sessions AS s ON(s.uid=u.user_id AND s.suid=0)
- WHERE user_id=$uid
- ORDER BY s.start DESC
- LIMIT 1");
- list($prenom, $nom, $perms, $promo, $matricule, $lastlogin, $host) = mysql_fetch_row($result);
+ $result=$globals->db->query("
+ SELECT prenom, nom, perms, promo, matricule, UNIX_TIMESTAMP(s.start) AS lastlogin, s.host, a.alias
+ FROM auth_user_md5 AS u
+ INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type='a_vie')
+ LEFT JOIN logger.sessions AS s ON (s.uid=u.user_id AND s.suid=0)
+ WHERE user_id=$uid
+ ORDER BY s.start DESC
+ LIMIT 1");
+ list($prenom, $nom, $perms, $promo, $matricule, $lastlogin, $host, $forlife) = mysql_fetch_row($result);
mysql_free_result($result);
// on garde le logger si il existe (pour ne pas casser les sessions lors d'une
// authentification avec le cookie
$logger = $_SESSION['log'];
// on vide la session pour effacer les valeurs précédentes (notamment de skin)
// qui peuvent être celles de quelqu'un d'autre ou celle par defaut
- $_SESSION = array();
+ $_SESSION = isset($_SESSION['suid']) ? Array('suid'=>$_SESSION['suid'], 'slog'=>$_SESSION['slog']) : array();
$_SESSION['lastlogin'] = $lastlogin;
$_SESSION['host'] = $host;
$_SESSION['auth'] = ($identified ? AUTH_MDP : AUTH_COOKIE);
$_SESSION['nom'] = $nom;
$_SESSION['perms'] = $perms;
$_SESSION['promo'] = $promo;
+ $_SESSION['forlife'] = $forlife;
$res = $globals->db->query("SELECT flags FROM identification WHERE matricule = '$matricule' AND FIND_IN_SET(flags, 'femme')");
$_SESSION['femme'] = mysql_num_rows($res) > 0;
mysql_free_result($res);
// on récupère le logger si il existe, sinon, on logge la connexion
$_SESSION['log'] = (isset($logger) ? $logger : new DiogenesCoreLogger($uid));
- if(empty($logger))
+ if(empty($logger) && empty($_SESSION['suid']))
$_SESSION['log']->log("connexion",$_SERVER['PHP_SELF']);
// le login est stocké pour un an
setcookie('ORGuid',$uid,(time()+25920000),'/','',0);
* Foundation, Inc., *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************
- $Id: default.tpl,v 1.15 2004-09-02 18:46:49 x2000habouzit Exp $
+ $Id: default.tpl,v 1.16 2004-09-02 19:39:21 x2000habouzit Exp $
***************************************************************************}
<?xml version="1.0" encoding="iso-8859-1"?>
<tr>
<td>
{dynamic}
- {$smarty.session.suid} ({$smarty.session.user_id})
+ {$smarty.session.suid} ({$smarty.session.forlife})
{/dynamic}
[<a href="{"exit.php"|url}">exit</a>]
</td>
* Foundation, Inc., *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************
- $Id: noIE.tpl,v 1.3 2004-09-02 18:46:49 x2000habouzit Exp $
+ $Id: noIE.tpl,v 1.4 2004-09-02 19:39:21 x2000habouzit Exp $
***************************************************************************}
<?xml version="1.0" encoding="iso-8859-1"?>
{if $smarty.session.suid}
<div id="suid">
{dynamic}
- {$smarty.session.suid} ({$smarty.session.user_id})
+ {$smarty.session.suid} ({$smarty.session.forlife})
{/dynamic}
[<a href="{"exit.php"|url}">exit</a>]
</div>
* Foundation, Inc., *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************
- $Id: sharky.tpl,v 1.5 2004-09-02 18:46:49 x2000habouzit Exp $
+ $Id: sharky.tpl,v 1.6 2004-09-02 19:39:21 x2000habouzit Exp $
***************************************************************************}
<?xml version="1.0" encoding="iso-8859-1"?>
<tr>
<td>
{dynamic}
- {$smarty.session.suid} ({$smarty.session.user_id})
+ {$smarty.session.suid} ({$smarty.session.forlife})
{/dynamic}
[<a href="{"exit.php"|url}">exit</a>]
</td>
projects / platal.git / commitdiff