font-weight: bold;
}
+td#perso {
+ vertical-align: top;
+}
+
+td#perso ul {
+ font-weight: bold;
+ font-size: 90%;
+}
+
td#search {
+ vertical-align: top;
text-align: right;
}
+/***************************************************************************
+ ***************************************************************************/
+
img { vertical-align: middle; }
a:link {
XnetGlobals::init();
XnetSession::init();
+// {{{ function _new_page()
+
+function _new_page($type, $tpl_name, $min_auth, $admin=false)
+{
+ global $page,$globals;
+ require_once("xorg/page.inc.php");
+ if (!empty($admin)) {
+ $page = new XnetAdmin($tpl_name, $type);
+ } else switch($min_auth) {
+ case AUTH_PUBLIC:
+ $page = new XnetPage($tpl_name, $type);
+ break;
+
+ case AUTH_MDP:
+ $page = new XnetAuth($tpl_name, $type);
+ }
+
+ $page->assign('xorg_tpl', $tpl_name);
+}
+
+// }}}
+// {{{ function new_skinned_page()
+
+function new_skinned_page($tpl_name, $min_auth)
+{
+ _new_page(SKINNED, $tpl_name, $min_auth);
+}
+
+// }}}
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker:
?>
function XnetPage($tpl, $type=SKINNED)
{
$this->PlatalPage($tpl, $type);
+ if (Get::has('auth')) {
+ $_SESSION['session']->doAuthX($this);
+ }
}
// }}}
}
// }}}
+// {{{ class XnetAuth
+
+/** Une classe pour les pages nécessitant l'authentification.
+ * (equivalent de controlauthentification.inc.php)
+ */
+class XnetAuth extends XnetPage
+{
+ // {{{ function XnetAuth()
+
+ function XnetAuth($tpl, $type=SKINNED)
+ {
+ $this->XnetPage($tpl, $type);
+ }
+
+ // }}}
+ // {{{ function doAuth()
+
+ function doAuth()
+ {
+ $_SESSION['session']->doAuth($this);
+ }
+
+ // }}}
+}
+
+// }}}
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker:
?>
class XnetSession extends DiogenesCoreSession
{
- // {{{ function XorgSession()
+ // {{{ function XnetSession()
function XnetSession()
{
$this->DiogenesCoreSession();
- if (!Session::has('uid')) {
- try_cookie();
- }
}
// }}}
// {{{ function init
function init() {
+ global $globals;
+
@session_start();
if (!Session::has('session')) {
$_SESSION['session'] = new XnetSession;
}
+ if (!logged()) {
+ $returl = "http://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}";
+ $url = "https://www.polytechnique.org/auth-groupex.php";
+ $url .= "?session=" . session_id();
+ $url .= "&challenge=" . $_SESSION['session']->challenge;
+ $url .= "&pass=" . md5($_SESSION['session']->challenge . $globals->xnet->secret);
+ $url .= "&url=".urlencode($returl);
+ $_SESSION['session']->loginX = $url;
+ }
}
// }}}
}
// }}}
+ // {{{ function doAuth()
+
+ /** Try to do an authentication.
+ *
+ * @param page the calling page (by reference)
+ */
+ function doAuth(&$page)
+ {
+ global $globals;
+ if (identified()) { // ok, c'est bon, on n'a rien à faire
+ return true;
+ }
+
+ if (Get::has('auth')) {
+ return $this->doAuthX($page);
+ } elseif (Post::has('challenge') && Post::has('username') && Post::has('response')) {
+ return $this->doAuthOther($page);
+ } else {
+ $this->doLogin($page);
+ }
+ }
+
+ // }}}
+ // {{{ doAuthX
+
+ function doAuthX(&$page) {
+ global $globals;
+
+ if (md5('1'.$this->challenge.$globals->xnet->secret.Get::getInt('uid').'1') != Get::get('auth')) {
+ $page->kill("Erreur d'authentification avec polytechnique.org !");
+ }
+
+ $res = $globals->xdb->query("
+ SELECT u.user_id AS uid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme,
+ a.alias AS forlife, a2.alias AS bestalias, q.core_mail_fmt AS mail_fmt, q.core_rss_hash
+ FROM auth_user_md5 AS u
+ INNER JOIN auth_user_quick AS q USING(user_id)
+ INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type='a_vie')
+ INNER JOIN aliases AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias',a2.flags))
+ WHERE u.user_id = {?} AND u.perms IN('admin','user')
+ LIMIT 1", Get::getInt('uid'));
+ $_SESSION = array_merge($_SESSION, $res->fetchOneAssoc());
+ $_SESSION['auth'] = AUTH_MDP;
+ unset($this->challenge);
+ unset($this->loginX);
+ }
+
+ // }}}
+ // {{{ doAuthOther
+
+ function doAuthOther(&$page) {
+ if (Post::has('challenge') && Post::has('username') && Post::has('response')) {
+ $username = Post::get('username');
+ }
+ $this->doLogin($page);
+ }
+
+ // }}}
+ // {{{ doLogin
+
+ function doLogin(&$page) {
+ $page->addJsLink('javascript/md5.js');
+ $page->addJsLink('javascript/do_challenge_response.js');
+ $page->assign("xorg_tpl", "xnet/login.tpl");
+ $page->run();
+ }
+
+ // }}}
}
// }}}
ORDER BY s.start DESC
LIMIT 1", $uid);
$sess = $res->fetchOneAssoc();
- echo mysql_error();
$suid = Session::getMixed('suid');
if ($suid) {
--- /dev/null
+{***************************************************************************
+ * Copyright (C) 2003-2004 Polytechnique.org *
+ * http://opensource.polytechnique.org/ *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., *
+ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
+ ***************************************************************************}
+
+<h1>
+ Accès à Polytechnique.net
+</h1>
+
+<noscript>
+ <p class="erreur">
+ Ton navigateur n'accepte pas le javaScript !!
+ </p>
+ <p>
+ Cette forme de script web est nécessaire pour l'utilisation du site.
+ Pour en savoir plus, regarde la <a href="faq.php#connect">FAQ</a>.
+ </p>
+</noscript>
+
+<table style="width: 100%;">
+ <tr>
+ <th style="width: 50%;">
+ Accès pour les Polytechniciens
+ </th>
+ <th>
+ Accès pour les extérieurs
+ </th>
+ </tr>
+ <tr>
+ <td>
+ Il suffit de suivre <strong><a href="{$smarty.session.session->loginX}">ce lien</a></strong> qui va te rediriger vers
+ <a href="https://www.polytechnique.org/">Polytechnique.org</a>
+ </td>
+ <td>
+ <form action="{$smarty.server.REQUEST_URI}" method="post" id="login" onsubmit="doChallengeResponse(); return false;">
+ <table class="bicol" cellpadding="4" summary="Formulaire de login">
+ <tr>
+ <th colspan="2">Connexion</th>
+ <input type="hidden" name="remember" value="" />
+ <input type="hidden" name="domain" value="" />
+ </tr>
+ <tr>
+ <td class="titre">
+ Login
+ </td>
+ <td>
+ <input type="text" name="username" size="20" maxlength="50" value="" />
+ </td>
+ </tr>
+ <tr>
+ <td class="titre">
+ Mot de passe:
+ </td>
+ <td>
+ <input type="password" name="password" size="10" maxlength="10" />
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2">
+ <input type="submit" name="submitbtn" value="Envoyer" />
+ </td>
+ </tr>
+ </table>
+ </form>
+
+ (Activer obligatoirement le <strong>javascript</strong>)
+ {if $smarty.request.response}<!-- failed login code //-->
+ <div class="erreur">
+ Erreur d'identification. Essaie à nouveau !
+ </div>
+ {/if}
+ </td>
+ </tr>
+</table>
+
+<!-- Set up the form with the challenge value and an empty reply value //-->
+<form action="{$smarty.server.REQUEST_URI}" method="post" id="loginsub">
+ <div>
+ <input type="hidden" name="challenge" value="{$smarty.session.session->challenge}" />
+ <input type="hidden" name="response" value="" />
+ <input type="hidden" name="username" value="" />
+ <input type="hidden" name="remember" value="" />
+ <input type="hidden" name="domain" value="" />
+ </div>
+</form>
+
+{literal}
+<script type="text/javascript">
+ <!--
+ // Activate the appropriate input form field.
+ if (document.forms.login.username.value == '') {
+ document.forms.login.username.focus();
+ } else {
+ document.forms.login.password.focus();
+ }
+ // -->
+</script>
+{/literal}
+
+{* vim:set et sw=2 sts=2 sws=2: *}
<td>
<img src="{rel}/images/logo_{$type}.png" alt="Logo {$type}" width="106" height="96" />
</td>
- <td>
+ <td colspan="2">
<img src="{rel}/images/texte_{$type}.jpg" alt="{$type}" width="490" height="96" />
</td>
</tr>
<tr>
- <td colspan="3">
+ <td colspan="4">
{include file="skin/common.content.tpl"}
</td>
</tr>
- <tr><td colspan="
3"><img src="{rel}/images/barre.png" alt="----------" width="765" /></td></tr>
+ <tr><td colspan="
4"><img src="{rel}/images/barre.png" alt="----------" width="765" /></td></tr>
<tr>
- <td colspan="3">
-<strong>IF LOGGED PRINT LIST OF ASSOCES</strong> OR <strong>TODO : IF NOT LOGGED PRINT LOGIN</strong>
+ <td colspan="3" id="perso">
+ {only_public}
+ <strong>Se connecter en tant que:</strong>
+ <ul>
+ <li><a href="{$smarty.session.session->loginX}">polytechnicien</a></li>
+ <li><a href="">extérieur</a></li>
+ </ul>
+ {/only_public}
</td>
- </tr>
-
- <tr>
- <td colspan="3" id="search">
+ <td id="search">
<form method="get" action="{rel}/recherche.php">
<div>
<a href="{rel}/agenda.php" title="Informations"><img src="{rel}/images/infos.png" alt="infos" /></a>
</td>
</tr>
- <tr><td colspan="
3"><img src="{rel}/images/barre.png" alt="----------" width="765" /></td></tr>
+ <tr><td colspan="
4"><img src="{rel}/images/barre.png" alt="----------" width="765" /></td></tr>
<tr>
- <td colspan="3" id="credits">
+ <td colspan="4" id="credits">
<a href="{rel}/index.php">page d'accueil</a> -
<a href="{rel}/plan.php">liste des associations</a> -
<a href="{rel}/services.php">services proposés</a> -
projects / platal.git / commitdiff