New:
+ * Core:
+ - Auto-redirect HTML pages to HTTPS -FRU
+
* Search:
- Shortcuts to open profiles or search in documentation -FRU
################################################################################
# definitions
-VERSION := $(shell grep VERSION ChangeLog | head -1 | sed -e "s/VERSION //;s/\t.*//;s/ .*//")
+VERSNUM := $(shell grep VERSION ChangeLog | head -1 | sed -e "s/VERSION //;s/ .*//")
+VERSTAG := $(shell grep VERSION ChangeLog | head -1 | grep 'XX' > /dev/null 2> /dev/null && echo 'beta')
+VERSION = $(VERSNUM)$(VERSTAG)
PKG_NAME = platal
PKG_DIST = $(PKG_NAME)-$(VERSION)
private $__mods;
private $__hooks;
+ protected $https;
+
public $ns;
public $path;
public $argv;
return null;
}
+ $this->https = ($hook['type'] & NO_HTTPS) ? false : true;
$this->argv = explode('/', substr($this->path, strlen($p)));
$this->argv[0] = $p;
if (empty($hook)) {
return PL_NOT_FOUND;
}
+ global $globals;
+ if ($this->https && !$_SERVER['HTTPS'] && $globals->core->secure_domain) {
+ http_redirect('https://' . $globals->core->secure_domain . $_SERVER['REQUEST_URI']);
+ }
$args = $this->argv;
$args[0] = &$page;
if ($hook['auth'] > S::v('auth', AUTH_PUBLIC)) {
- if ($hook['type'] == DO_AUTH) {
- global $globals;
-
+ if ($hook['type'] & DO_AUTH) {
if (!call_user_func(array($globals->session, 'doAuth'))) {
$this->force_login($page);
}
}
$val = call_user_func_array($hook['hook'], $args);
- if ($val == PL_DO_AUTH) {
- global $globals;
+ if ($val & PL_DO_AUTH) {
// The handler need a better auth with the current args
if (!call_user_func(array($globals->session, 'doAuth'))) {
$this->force_login($page);
* right is an atomic right permission (like 'admin', 'user', 'groupadmin', 'groupmember'...)
*
* If type is set to NO_AUTH, the system will return 403 instead of asking auth data
- * this is useful for Ajax handlers
+ * this is useful for Ajax handler
+ * If type is not set to NO_SKIN, the system will consider redirecting the user to https
*/
public function make_hook($fun, $auth, $perms = 'user', $type = DO_AUTH)
{
*/
class PlWizard
{
- const FIRST_PAGE = "bt_first";
- const NEXT_PAGE = "bt_next";
- const CURRENT_PAGE = "bt_current";
- const PREVIOUS_PAGE = "bt_previous";
- const LAST_PAGE = "bt_last";
+ const FIRST_PAGE = 'bt_first';
+ const NEXT_PAGE = 'bt_next';
+ const CURRENT_PAGE = 'bt_current';
+ const PREVIOUS_PAGE = 'bt_previous';
+ const LAST_PAGE = 'bt_last';
protected $name;
protected $layout;
return new $page($this);
}
- public function apply(PlatalPage &$smarty, $baseurl)
+ public function apply(PlatalPage &$smarty, $baseurl, $pgid = null)
{
$curpage =& $_SESSION[$this->name . '_page'];
} else {
$curpage = 0;
}
+ if ($this->stateless && (in_array($pgid, $this->lookup) || isset($this->pages[$pgid]))) {
+ $curpage = $pgid;
+ }
// Prepare the page
$page = $this->getPage($curpage);
protected function find_hook()
{
$ans = parent::find_hook();
+ $this->https = false;
if ($ans && $this->ns) {
$this->path = $this->ns . substr($this->path, 5);
$this->argv[0] = $this->ns . substr($this->argv[0], 5);
require_once dirname(__FILE__).'/../include/xorg.inc.php';
+global $globals;
list($username, $path) = preg_split('/\//', $_SERVER["REQUEST_URI"], 2, PREG_SPLIT_NO_EMPTY);
$res = XDB::query(
- "SELECT redirecturl
- FROM auth_user_quick AS a
- INNER JOIN aliases AS al ON (al.id = a.user_id AND (al.type='a_vie' OR al.type='alias'))
- WHERE al.alias = {?}", $username);
+ "SELECT redirecturl
+ FROM auth_user_quick AS a
+ INNER JOIN aliases AS al ON (al.id = a.user_id AND (al.type='a_vie' OR al.type='alias'))
+ LEFT JOIN virtuals_redirect AS vr ON (vr.redirect LIKE CONCAT(al.alias, '@%')
+ INNER JOIN virtuals AS v ON (v.vid = vr.vid)
+ WHERE al.alias = {?} OR v.alias = CONCAT({?}, '@', {?})
+ GROUP BY redirecturl", $username, $username, $globals->mail->alias_dom);
if ($url = $res->fetchOneCell()) {
$url = preg_replace('@/+$@', '', $url);
define('NO_AUTH', 0);
define('DO_AUTH', 1);
+define('NO_HTTPS', 2);
define('DEBUG_BT', 1);
define('DEBUG_VALID', 2);
function handlers()
{
return array(
- 'bandeau/icone.png' => $this->make_hook('icone',AUTH_PUBLIC),
- 'bandeau' => $this->make_hook('html', AUTH_PUBLIC),
- 'bandeau.css' => $this->make_hook('css', AUTH_PUBLIC),
+ 'bandeau/icone.png' => $this->make_hook('icone',AUTH_PUBLIC, 'user', NO_HTTPS),
+ 'bandeau' => $this->make_hook('html', AUTH_PUBLIC, 'user', NO_HTTPS),
+ 'bandeau.css' => $this->make_hook('css', AUTH_PUBLIC, 'user', NO_HTTPS),
);
}
'carnet/notifs' => $this->make_hook('notifs', AUTH_COOKIE),
'carnet/contacts' => $this->make_hook('contacts', AUTH_COOKIE),
- 'carnet/contacts/pdf' => $this->make_hook('pdf', AUTH_COOKIE),
- 'carnet/contacts/ical' => $this->make_hook('ical', AUTH_PUBLIC),
- 'carnet/contacts/vcard' => $this->make_hook('vcard', AUTH_COOKIE),
+ 'carnet/contacts/pdf' => $this->make_hook('pdf', AUTH_COOKIE, 'user', NO_HTTPS),
+ 'carnet/contacts/ical' => $this->make_hook('ical', AUTH_PUBLIC, 'user', NO_HTTPS),
+ 'carnet/contacts/vcard' => $this->make_hook('vcard', AUTH_COOKIE, 'user', NO_HTTPS),
- 'carnet/rss' => $this->make_hook('rss', AUTH_PUBLIC),
+ 'carnet/rss' => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS),
);
}
{
return array(
'events' => $this->make_hook('ev', AUTH_COOKIE),
- 'rss' => $this->make_hook('rss', AUTH_PUBLIC),
+ 'rss' => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS),
'events/preview' => $this->make_hook('preview', AUTH_PUBLIC, 'user', NO_AUTH),
'events/photo' => $this->make_hook('photo', AUTH_PUBLIC),
'events/submit' => $this->make_hook('ev_submit', AUTH_MDP),
'lists/members' => $this->make_hook('members', AUTH_COOKIE),
'lists/annu' => $this->make_hook('annu', AUTH_COOKIE),
'lists/archives' => $this->make_hook('archives', AUTH_COOKIE),
- 'lists/archives/rss' => $this->make_hook('rss', AUTH_PUBLIC),
+ 'lists/archives/rss' => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS),
'lists/moderate' => $this->make_hook('moderate', AUTH_MDP),
'lists/admin' => $this->make_hook('admin', AUTH_MDP),
'groupes-x' => $this->make_hook('xnet', AUTH_COOKIE),
- 'vcard' => $this->make_hook('vcard', AUTH_COOKIE),
+ 'vcard' => $this->make_hook('vcard', AUTH_COOKIE, 'user', NO_HTTPS),
'admin/binets' => $this->make_hook('admin_binets', AUTH_MDP, 'admin'),
'admin/medals' => $this->make_hook('admin_medals', AUTH_MDP, 'admin'),
'admin/formations' => $this->make_hook('admin_formations', AUTH_MDP, 'admin'),
return array(
'%grp/events' => $this->make_hook('events', AUTH_MDP),
'%grp/events/sub' => $this->make_hook('sub', AUTH_MDP),
- '%grp/events/csv' => $this->make_hook('csv', AUTH_MDP),
- '%grp/events/ical' => $this->make_hook('ical', AUTH_MDP),
+ '%grp/events/csv' => $this->make_hook('csv', AUTH_MDP, 'user', NO_HTTPS),
+ '%grp/events/ical' => $this->make_hook('ical', AUTH_MDP, 'user', NO_HTTPS),
'%grp/events/edit' => $this->make_hook('edit', AUTH_MDP, 'groupadmin'),
'%grp/events/admin' => $this->make_hook('admin', AUTH_MDP, 'groupmember'),
);
'%grp/member/new'
=> $this->make_hook('admin_member_new', AUTH_MDP, 'groupadmin'),
'%grp/member/new/ajax'
- => $this->make_hook('admin_member_new_ajax', AUTH_MDP, 'user', NO_AUTH),
+ => $this->make_hook('admin_member_new_ajax', AUTH_MDP, 'user', NO_AUTH),
'%grp/member/del'
=> $this->make_hook('admin_member_del', AUTH_MDP, 'groupadmin'),
- '%grp/rss' => $this->make_hook('rss', AUTH_PUBLIC),
+ '%grp/rss' => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS),
'%grp/announce/new' => $this->make_hook('edit_announce', AUTH_MDP, 'groupadmin'),
'%grp/announce/edit' => $this->make_hook('edit_announce', AUTH_MDP, 'groupadmin'),
'%grp/admin/announces' => $this->make_hook('admin_announce', AUTH_MDP, 'groupadmin'),
projects / platal.git / commitdiff