From: Pierre Habouzit (MadCoder Date: Wed, 15 Dec 2004 15:10:07 +0000 (+0000) Subject: 3 tons of code refactoring X-Git-Tag: xorg/old~653 X-Git-Url: http://git.polytechnique.org/?a=commitdiff_plain;h=8c92257cc8227868f36f1ec841f0e4feafcc977b;p=platal.git 3 tons of code refactoring note for anaxagore : there is coding rules. and they say we indent php with 4 spaces. update Env::getMixed to return a ref and to return null if not set. git-archimport-id: opensource@polytechnique.org--2005/platal--mainline--0.9--patch-95 --- diff --git a/include/emails.inc.php b/include/emails.inc.php index 7081cdc..566b5d4 100644 --- a/include/emails.inc.php +++ b/include/emails.inc.php @@ -163,7 +163,7 @@ class Email $globals->db->query("UPDATE emails SET flags = CONCAT_WS(',',flags,'active') WHERE uid=$uid AND email='{$this->email}'"); - $_SESSION['log']->log("email_on",$this->email.($uid!=$_SESSION['uid'] ? "(admin on $uid)" : "")); + $_SESSION['log']->log("email_on",$this->email.($uid!=Session::getInt('uid') ? "(admin on $uid)" : "")); $this->active = true; } } @@ -179,7 +179,7 @@ class Email $globals->db->query("UPDATE emails SET flags ='$flags' WHERE uid=$uid AND email='{$this->email}'"); - $_SESSION['log']->log("email_off",$this->email.($uid!=$_SESSION['uid'] ? "(admin on $uid)" : "") ); + $_SESSION['log']->log("email_off",$this->email.($uid!=Session::getInt('uid') ? "(admin on $uid)" : "") ); $this->active = false; } } @@ -252,7 +252,7 @@ class Redirect if (!$this->other_active($email)) return ERROR_INACTIVE_REDIRECTION; $globals->db->query("DELETE FROM emails WHERE uid={$this->uid} AND email='$email'"); - $_SESSION['log']->log('email_del',$email.($this->uid!=$_SESSION['uid'] ? " (admin on {$this->uid})" : "")); + $_SESSION['log']->log('email_del',$email.($this->uid!=Session::getInt('uid') ? " (admin on {$this->uid})" : "")); foreach ($this->emails as $i=>$mail) { if ($email==$mail->email) { unset($this->emails[$i]); @@ -284,8 +284,8 @@ class Redirect $mtic = 1; } $globals->db->query("REPLACE INTO emails (uid,email,flags) VALUES({$this->uid},'$email','$flags')"); - if (isset($_SESSION['log'])) { // may be absent --> step4.php - $_SESSION['log']->log('email_add',$email.($this->uid!=$_SESSION['uid'] ? " (admin on {$this->uid})" : "")); + if ($logger = Session::getMixed('log', null)) { // may be absent --> step4.php + $logger->log('email_add',$email.($this->uid!=Session::getInt('uid') ? " (admin on {$this->uid})" : "")); } foreach ($this->emails as $mail) { if ($mail->email == $email_stripped) { diff --git a/include/exalead/exalead.parser.inc.php b/include/exalead/exalead.parser.inc.php index 6256660..5a2eb6c 100644 --- a/include/exalead/exalead.parser.inc.php +++ b/include/exalead/exalead.parser.inc.php @@ -3,413 +3,413 @@ require_once('exalead.class.php'); function convert_url($string){ - return str_replace('+', '%2B', $string); + return str_replace('+', '%2B', $string); } class Exalead{ - var $parserId; - - var $data; - - var $currentGroup; - var $currentCategory; - var $currentSpelling; - var $currentHit; - var $currentHitField; - var $currentHitGroup; - var $currentHitCategory; - var $currentAction; - var $currentTextSegment; - var $currentQuery; - var $currentQueryTerm; - var $currentQueryParameter; - var $currentKeyword; - - //url de base du produit Exalead - var $base_cgi = ''; - -/**** Constructeur *********/ - - - function Exalead($base_cgi = ''){ - $this->data = new ExaleadData(); - $this->currentGroup = new ExaleadGroup(); - $this->currentCategory = new ExaleadCategory(); - $this->currentSpelling = new ExaleadSpelling(); - $this->currentHit = new ExaleadHit(); - $this->currentHitField = new ExaleadHitField(); - $this->currentHitGroup = new ExaleadHitGroup(); - $this->currentHitCategory = new ExaleadHitCategory(); - $this->currentAction = new ExaleadAction(); - $this->currentTextSegment = new ExaleadTextSegment(); - $this->currentQuery = new ExaleadQuery(); - $this->currentQueryTerm = new ExaleadQueryTerm(); - $this->currentQueryParameter = new ExaleadQueryParameter(); - $this->currentKeyword = new ExaleadKeyword(); - - //url de base du produit Exalead - $this->base_cgi = $base_cgi; - } - -/**** Fonctions d'interface avec le cgi d'Exalead Corporate ******/ - - function set_base_cgi($base_cgi){ - $this->base_cgi = $base_cgi; - } - - //retourne vrai si une requete a été faite, faux sinon - function query($varname = 'query'){ - if(!empty($_REQUEST[$varname])){ - - $this->first_query(stripslashes($_REQUEST[$varname])); - return true; - } - elseif(isset($_GET['_C'])){ - - $this->handle_get(); - return true; - } - return false; - } - - //a appeller pour faire la premiere requete - function first_query($query, $offset = 0){ - if(empty($this->base_cgi)) return false; - - $query_exa = $this->base_cgi."?_q=".urlencode($query)."&_f=xml2"; - if($offset > 0){ - $query_exa .= "&_s=".$offset; - } - - $xml_response = file_get_contents($query_exa); - $this->parse($xml_response); - } - - function handle_get(){ - if(empty($this->base_cgi)) return false; - if(empty($_GET['_C'])) return false;// _C est le contexte Exalead - $query_exa = $this->base_cgi.'/_C='.str_replace(' ', '%20', $_GET['_C']).'&_f=xml2'; - if(!empty($_GET['_s'])){ - $query_exa .= "&_s=".$_GET['_s']; - } - $xml_response = file_get_contents($query_exa); - $this->parse($xml_response); - } - -/******** Fonctions annexes relatives au parser ********/ - - function createParser(){ - $this->parserId = xml_parser_create(); - xml_set_element_handler($this->parserId, array(&$this, "startElement"), array(&$this, "endElement")); - xml_set_character_data_handler($this->parserId, array(&$this, "parsePCData")); - } - - function setElementHandler($stratElement, $endElement){ - } - - function freeParser(){ - xml_parser_free($this->parserId); - } - - function parseString($string){ - if (!xml_parse($this->parserId, $string, true)) { - die(sprintf("XML error: %s at line %d", - xml_error_string(xml_get_error_code($this->parserId)), - xml_get_current_line_number($this->parserId))); - } - } - - - -/******** Méthode qui lance le parser ***********/ - - function parse($string){ - $this->createParser(); - $this->parseString($string); - $this->freeParser(); - } - -/********* fonctions spécifiques à chaque balise ******/ - -//Ces méthodes peuvent être surchargées - - function startQuery(&$attrs){ - $this->currentQuery->query = utf8_decode($attrs['QUERY']); - $this->currentQuery->context = $attrs['CONTEXT']; - $this->currentQuery->time = $attrs['TIME']; - if(isset($attrs['INTERRUPTED'])) $this->currentQuery->interrupted = $attrs['INTERRUPTED']; - if(isset($attrs['BROWSED'])) $this->currentQuery->browsed = $attrs['BROWSED']; - } - - function StartQueryTerm(&$attrs){ - $this->currentQueryTerm->level = $attrs['LEVEL']; - $this->currentQueryTerm->regexp = utf8_decode($attrs['REGEXP']); - } - - function startQueryParameter(&$attrs){ - $this->currentQueryParameter->name = $attrs['NAME']; - if(isset($attrs['VALUE'])) $this->currentQueryParameter->value = utf8_decode($attrs['VALUE']); - } - - function startKeyword(&$attrs){ - if(isset($attrs['NAME'])) $this->currentKeyword->name = $attrs['NAME']; - $this->currentKeyword->display = utf8_decode( $attrs['DISPLAY'] ); - $this->currentKeyword->count = $attrs['COUNT']; - $this->currentKeyword->automatic = $attrs['AUTOMATIC']; - if(isset($attrs['REFINEHREF'])) $this->currentKeyword->refine_href = convert_url($attrs['REFINEHREF']); - if(isset($attrs['EXCLUDEHREF'])) $this->currentKeyword->exclude_href = $attrs['EXCLUDEHREF']; - if(isset($attrs['RESETHREF'])) $this->currentKeyword->reset_href = $attrs['RESETHREF']; - } - - function startHits(&$attrs){ - $this->data->nmatches = $attrs['NMATCHES']; - $this->data->nhits = $attrs['NHITS']; - if(isset($attrs['INTERRUPTED'])) $this->data->interrupted = $attrs['INTERRUPTED']; - $this->data->last = $attrs['LAST']; - $this->data->end = $attrs['END']; - $this->data->start = $attrs['START']; - } - - function startHit(&$attrs){ - $this->currentHit->url = $attrs['URL']; - $this->currentHit->score = $attrs['SCORE']; - } - - function startHitGroup(&$attrs){ - $this->currentHitGroup->title = utf8_decode($attrs['TITLE']); - $this->currentHitGroup->gid = $attrs['GID']; - } - - function startHitCategory(&$attrs){ - $this->currentHitCategory->name = $attrs['NAME']; - $this->currentHitCategory->display = utf8_decode($attrs['DISPLAY']); - $this->currentHitCategory->cref = $attrs['CREF']; - $this->currentHitCategory->gid = $attrs['GID']; - if(isset($attrs['BROWSEHREF'])) $this->currentHitCategory->browsehref = $attrs['BROWSEHREF']; - } - - function startAction(&$attrs){ - $this->currentAction->display = $attrs['DISPLAY']; - $this->currentAction->kind = $attrs['KIND']; - if(isset($attrs['EXECHREF']))$this->currentAction->execHref = $attrs['EXECHREF']; - } - - function startHitField(&$attrs){ - $this->currentHitField->name = $attrs['NAME']; - if(isset($attrs['VALUE'])) $this->currentHitField->value = utf8_decode($attrs['VALUE']); - } - - function startTextSeg(&$attrs){ - $this->currentTextSegment->setHighlighted($attrs['HIGHLIGHTED']); - } - function startTextCut(&$attrs){} - - function startSpellingSuggestionVariant(&$attrs){ - $this->currentSpelling->setDisplay($attrs['DISPLAY']); - $this->currentSpelling->setQueryHref($attrs['QUERY']); - } - - function startGroup(&$attrs){ - $this->currentGroup->setTitle(utf8_decode($attrs['TITLE'])); - $this->currentGroup->setClipped($attrs['CLIPPED']); - $this->currentGroup->setCount($attrs['COUNT']); - $this->currentGroup->setBrowsed($attrs['BROWSED']); - if(isset($attrs['CLIPHREF'])) $this->currentGroup->setClipHref($attrs['CLIPHREF']); - if(isset($attrs['RESETHREF'])) $this->currentGroup->setResetHref($attrs['RESETHREF']); - } - - function startCategory(&$attrs){ - $this->currentCategory->name = $attrs['NAME']; - $this->currentCategory->display = utf8_decode($attrs['DISPLAY']); - $this->currentCategory->count = $attrs['COUNT']; - $this->currentCategory->automatic = $attrs['AUTOMATIC']; - if(isset($attrs['REFINEHREF'])) $this->currentCategory->refine_href = convert_url($attrs['REFINEHREF']); - //if(isset($attrs['REFINEHREF'])) $this->currentCategory->refine_href = $attrs['REFINEHREF']; - if(isset($attrs['EXCLUDEHREF'])) $this->currentCategory->exclude_href = $attrs['EXCLUDEHREF']; - if(isset($attrs['RESETHREF'])) $this->currentCategory->reset_href = $attrs['RESETHREF']; - $this->currentCategory->cref = $attrs['CREF']; - $this->currentCategory->gid = $attrs['GID']; - $this->currentCategory->gcount = $attrs['GCOUNT']; - } - - function startSearch(&$attrs){} - - function startElement($parser, $name, $attrs) { - //echo "start $name
"; - //recupération des paramètres de query - if($name == 'QUERY'){ - $this->startQuery($attrs); - } - elseif($name == 'QUERYTERM'){ - $this->startQueryTerm($attrs); - } - elseif($name == 'QUERYPARAMETER'){ - $this->startQueryParameter($attrs); - } - //gestion des mots-clés - elseif($name == 'KEYWORD'){ - $this->startKeyword($attrs); - } - //gestion des resultats - elseif($name == 'HITS'){ - $this->startHits($attrs); - } - elseif($name == 'HIT'){ - $this->startHit($attrs); - } - elseif($name == 'HITFIELD'){ - $this->startHitField($attrs); - } - elseif($name == 'HITGROUP'){ - $this->startHitGroup($attrs); - } - elseif($name == 'HITCATEGORY'){ - $this->startHitCategory($attrs); - } - elseif($name == 'ACTION'){ - $this->startAction($attrs); - } - elseif($name == 'TEXTSEG'){ - $this->startTextSeg($attrs); - } - elseif($name == 'TEXTCUT'){ - $this->startTextCut($attrs); - } - //gestion suggestions d'orthographe - elseif($name == 'SPELLINGSUGGESTIONVARIANT'){ - $this->startSpellingSuggestionVariant($attrs); - } - //gestion des categories pour raffiner - elseif($name == 'GROUP'){ - $this->startGroup($attrs); - } - elseif($name == 'CATEGORY'){ - $this->startCategory($attrs); - } - elseif($name == 'SEARCH'){ - $this->startSearch($attrs); - } - } - - function endQuery(){ - $this->data->query = $this->currentQuery; - $this->currentQuery->clear(); - } - function endQueryTerm(){ - $this->currentQuery->addTerm($this->currentQueryTerm); - $this->currentQueryTerm->clear(); - } - function endQueryParameter(){ - $this->currentQuery->addParameter($this->currentQueryParameter); - $this->currentQueryParameter->clear(); - } - function endKeyword(){ - $this->data->addKeyword($this->currentKeyword); - $this->currentKeyword->clear(); - } - function endHits(){ - } - function endHit(){ - $this->data->addHit($this->currentHit); - $this->currentHit->clear(); - } - function endHitGroup(){ - $this->currentHit->addHitGroup($this->currentHitGroup); - $this->currentHitGroup->clear(); - } - function endHitCategory(){ - $this->currentHitGroup->addHitCategory($this->currentHitCategory); - $this->currentHitCategory->clear(); - } - function endAction(){ - $this->currentHit->addAction($this->currentAction); - $this->currentAction->clear(); - } - function endHitField(){ - $this->currentHit->addHitField($this->currentHitField); - $this->currentHitField->clear(); - } - function endTextSeg(){ - $this->currentHitField->addTextSegment($this->currentTextSegment); - $this->currentTextSegment->clear(); - } - function endTextCut(){ - $this->currentHitField->setHasTextCut(true); - } - function endSpellingSuggestionVariant(){ - $this->data->addSpelling($this->currentSpelling); - $this->currentSpelling->clear(); - } - function endGroup(){ - $this->data->addGroup($this->currentGroup); - $this->currentGroup->clear(); - } - function endCategory(){ - $this->currentGroup->addCategory($this->currentCategory); - $this->currentCategory->clear(); - } - function endSearch(){ - } - - - function endElement($parser, $name) { - //echo "end $name
"; - if($name == 'QUERY'){ - $this->endQuery(); - } - elseif($name == 'QUERYTERM'){ - $this->endQueryTerm(); - } - elseif($name == 'QUERYPARAMETER'){ - $this->endQueryParameter(); - } - elseif($name == 'KEYWORD'){ - $this->endKeyword(); - } - elseif($name == 'HITS'){ - $this->endHits(); - } - elseif($name == 'HIT'){ - $this->endHit(); - } - elseif($name == 'HITFIELD'){ - $this->endHitField(); - } - elseif($name == 'HITGROUP'){ - $this->endHitGroup(); - } - elseif($name == 'HITCATEGORY'){ - $this->endHitCategory(); - } - elseif($name == 'ACTION'){ - $this->endAction(); - } - elseif($name == 'TEXTSEG'){ - $this->endTextSeg(); - } - elseif($name == 'TEXTCUT'){ - $this->endTextCut(); - } - //gestion suggestions d'orthographe - elseif($name == 'SPELLINGSUGGESTIONVARIANT'){ - $this->endSpellingSuggestionVariant(); - } - //gestion des categories pour raffiner - elseif($name == 'GROUP'){ - $this->endGroup(); - } - elseif($name == 'CATEGORY'){ - $this->endCategory(); - } - elseif($name == 'SEARCH'){ - $this->endSearch(); - } - } - - function parsePCData($parser, $text){ - $this->currentTextSegment->append(utf8_decode($text)); - } + var $parserId; + + var $data; + + var $currentGroup; + var $currentCategory; + var $currentSpelling; + var $currentHit; + var $currentHitField; + var $currentHitGroup; + var $currentHitCategory; + var $currentAction; + var $currentTextSegment; + var $currentQuery; + var $currentQueryTerm; + var $currentQueryParameter; + var $currentKeyword; + + //url de base du produit Exalead + var $base_cgi = ''; + + /**** Constructeur *********/ + + + function Exalead($base_cgi = ''){ + $this->data = new ExaleadData(); + $this->currentGroup = new ExaleadGroup(); + $this->currentCategory = new ExaleadCategory(); + $this->currentSpelling = new ExaleadSpelling(); + $this->currentHit = new ExaleadHit(); + $this->currentHitField = new ExaleadHitField(); + $this->currentHitGroup = new ExaleadHitGroup(); + $this->currentHitCategory = new ExaleadHitCategory(); + $this->currentAction = new ExaleadAction(); + $this->currentTextSegment = new ExaleadTextSegment(); + $this->currentQuery = new ExaleadQuery(); + $this->currentQueryTerm = new ExaleadQueryTerm(); + $this->currentQueryParameter = new ExaleadQueryParameter(); + $this->currentKeyword = new ExaleadKeyword(); + + //url de base du produit Exalead + $this->base_cgi = $base_cgi; + } + + /**** Fonctions d'interface avec le cgi d'Exalead Corporate ******/ + + function set_base_cgi($base_cgi){ + $this->base_cgi = $base_cgi; + } + + //retourne vrai si une requete a été faite, faux sinon + function query($varname = 'query'){ + if(!empty($_REQUEST[$varname])){ + + $this->first_query(stripslashes($_REQUEST[$varname])); + return true; + } + elseif(isset($_GET['_C'])){ + + $this->handle_get(); + return true; + } + return false; + } + + //a appeller pour faire la premiere requete + function first_query($query, $offset = 0){ + if(empty($this->base_cgi)) return false; + + $query_exa = $this->base_cgi."?_q=".urlencode($query)."&_f=xml2"; + if($offset > 0){ + $query_exa .= "&_s=".$offset; + } + + $xml_response = file_get_contents($query_exa); + $this->parse($xml_response); + } + + function handle_get(){ + if(empty($this->base_cgi)) return false; + if(empty($_GET['_C'])) return false;// _C est le contexte Exalead + $query_exa = $this->base_cgi.'/_C='.str_replace(' ', '%20', $_GET['_C']).'&_f=xml2'; + if(!empty($_GET['_s'])){ + $query_exa .= "&_s=".$_GET['_s']; + } + $xml_response = file_get_contents($query_exa); + $this->parse($xml_response); + } + + /******** Fonctions annexes relatives au parser ********/ + + function createParser(){ + $this->parserId = xml_parser_create(); + xml_set_element_handler($this->parserId, array(&$this, "startElement"), array(&$this, "endElement")); + xml_set_character_data_handler($this->parserId, array(&$this, "parsePCData")); + } + + function setElementHandler($stratElement, $endElement){ + } + + function freeParser(){ + xml_parser_free($this->parserId); + } + + function parseString($string){ + if (!xml_parse($this->parserId, $string, true)) { + die(sprintf("XML error: %s at line %d", + xml_error_string(xml_get_error_code($this->parserId)), + xml_get_current_line_number($this->parserId))); + } + } + + + + /******** Méthode qui lance le parser ***********/ + + function parse($string){ + $this->createParser(); + $this->parseString($string); + $this->freeParser(); + } + + /********* fonctions spécifiques à chaque balise ******/ + + //Ces méthodes peuvent être surchargées + + function startQuery(&$attrs){ + $this->currentQuery->query = utf8_decode($attrs['QUERY']); + $this->currentQuery->context = $attrs['CONTEXT']; + $this->currentQuery->time = $attrs['TIME']; + if(isset($attrs['INTERRUPTED'])) $this->currentQuery->interrupted = $attrs['INTERRUPTED']; + if(isset($attrs['BROWSED'])) $this->currentQuery->browsed = $attrs['BROWSED']; + } + + function StartQueryTerm(&$attrs){ + $this->currentQueryTerm->level = $attrs['LEVEL']; + $this->currentQueryTerm->regexp = utf8_decode($attrs['REGEXP']); + } + + function startQueryParameter(&$attrs){ + $this->currentQueryParameter->name = $attrs['NAME']; + if(isset($attrs['VALUE'])) $this->currentQueryParameter->value = utf8_decode($attrs['VALUE']); + } + + function startKeyword(&$attrs){ + if(isset($attrs['NAME'])) $this->currentKeyword->name = $attrs['NAME']; + $this->currentKeyword->display = utf8_decode( $attrs['DISPLAY'] ); + $this->currentKeyword->count = $attrs['COUNT']; + $this->currentKeyword->automatic = $attrs['AUTOMATIC']; + if(isset($attrs['REFINEHREF'])) $this->currentKeyword->refine_href = convert_url($attrs['REFINEHREF']); + if(isset($attrs['EXCLUDEHREF'])) $this->currentKeyword->exclude_href = $attrs['EXCLUDEHREF']; + if(isset($attrs['RESETHREF'])) $this->currentKeyword->reset_href = $attrs['RESETHREF']; + } + + function startHits(&$attrs){ + $this->data->nmatches = $attrs['NMATCHES']; + $this->data->nhits = $attrs['NHITS']; + if(isset($attrs['INTERRUPTED'])) $this->data->interrupted = $attrs['INTERRUPTED']; + $this->data->last = $attrs['LAST']; + $this->data->end = $attrs['END']; + $this->data->start = $attrs['START']; + } + + function startHit(&$attrs){ + $this->currentHit->url = $attrs['URL']; + $this->currentHit->score = $attrs['SCORE']; + } + + function startHitGroup(&$attrs){ + $this->currentHitGroup->title = utf8_decode($attrs['TITLE']); + $this->currentHitGroup->gid = $attrs['GID']; + } + + function startHitCategory(&$attrs){ + $this->currentHitCategory->name = $attrs['NAME']; + $this->currentHitCategory->display = utf8_decode($attrs['DISPLAY']); + $this->currentHitCategory->cref = $attrs['CREF']; + $this->currentHitCategory->gid = $attrs['GID']; + if(isset($attrs['BROWSEHREF'])) $this->currentHitCategory->browsehref = $attrs['BROWSEHREF']; + } + + function startAction(&$attrs){ + $this->currentAction->display = $attrs['DISPLAY']; + $this->currentAction->kind = $attrs['KIND']; + if(isset($attrs['EXECHREF']))$this->currentAction->execHref = $attrs['EXECHREF']; + } + + function startHitField(&$attrs){ + $this->currentHitField->name = $attrs['NAME']; + if(isset($attrs['VALUE'])) $this->currentHitField->value = utf8_decode($attrs['VALUE']); + } + + function startTextSeg(&$attrs){ + $this->currentTextSegment->setHighlighted($attrs['HIGHLIGHTED']); + } + function startTextCut(&$attrs){} + + function startSpellingSuggestionVariant(&$attrs){ + $this->currentSpelling->setDisplay($attrs['DISPLAY']); + $this->currentSpelling->setQueryHref($attrs['QUERY']); + } + + function startGroup(&$attrs){ + $this->currentGroup->setTitle(utf8_decode($attrs['TITLE'])); + $this->currentGroup->setClipped($attrs['CLIPPED']); + $this->currentGroup->setCount($attrs['COUNT']); + $this->currentGroup->setBrowsed($attrs['BROWSED']); + if(isset($attrs['CLIPHREF'])) $this->currentGroup->setClipHref($attrs['CLIPHREF']); + if(isset($attrs['RESETHREF'])) $this->currentGroup->setResetHref($attrs['RESETHREF']); + } + + function startCategory(&$attrs){ + $this->currentCategory->name = $attrs['NAME']; + $this->currentCategory->display = utf8_decode($attrs['DISPLAY']); + $this->currentCategory->count = $attrs['COUNT']; + $this->currentCategory->automatic = $attrs['AUTOMATIC']; + if(isset($attrs['REFINEHREF'])) $this->currentCategory->refine_href = convert_url($attrs['REFINEHREF']); + //if(isset($attrs['REFINEHREF'])) $this->currentCategory->refine_href = $attrs['REFINEHREF']; + if(isset($attrs['EXCLUDEHREF'])) $this->currentCategory->exclude_href = $attrs['EXCLUDEHREF']; + if(isset($attrs['RESETHREF'])) $this->currentCategory->reset_href = $attrs['RESETHREF']; + $this->currentCategory->cref = $attrs['CREF']; + $this->currentCategory->gid = $attrs['GID']; + $this->currentCategory->gcount = $attrs['GCOUNT']; + } + + function startSearch(&$attrs){} + + function startElement($parser, $name, $attrs) { + //echo "start $name
"; + //recupération des paramètres de query + if($name == 'QUERY'){ + $this->startQuery($attrs); + } + elseif($name == 'QUERYTERM'){ + $this->startQueryTerm($attrs); + } + elseif($name == 'QUERYPARAMETER'){ + $this->startQueryParameter($attrs); + } + //gestion des mots-clés + elseif($name == 'KEYWORD'){ + $this->startKeyword($attrs); + } + //gestion des resultats + elseif($name == 'HITS'){ + $this->startHits($attrs); + } + elseif($name == 'HIT'){ + $this->startHit($attrs); + } + elseif($name == 'HITFIELD'){ + $this->startHitField($attrs); + } + elseif($name == 'HITGROUP'){ + $this->startHitGroup($attrs); + } + elseif($name == 'HITCATEGORY'){ + $this->startHitCategory($attrs); + } + elseif($name == 'ACTION'){ + $this->startAction($attrs); + } + elseif($name == 'TEXTSEG'){ + $this->startTextSeg($attrs); + } + elseif($name == 'TEXTCUT'){ + $this->startTextCut($attrs); + } + //gestion suggestions d'orthographe + elseif($name == 'SPELLINGSUGGESTIONVARIANT'){ + $this->startSpellingSuggestionVariant($attrs); + } + //gestion des categories pour raffiner + elseif($name == 'GROUP'){ + $this->startGroup($attrs); + } + elseif($name == 'CATEGORY'){ + $this->startCategory($attrs); + } + elseif($name == 'SEARCH'){ + $this->startSearch($attrs); + } + } + + function endQuery(){ + $this->data->query = $this->currentQuery; + $this->currentQuery->clear(); + } + function endQueryTerm(){ + $this->currentQuery->addTerm($this->currentQueryTerm); + $this->currentQueryTerm->clear(); + } + function endQueryParameter(){ + $this->currentQuery->addParameter($this->currentQueryParameter); + $this->currentQueryParameter->clear(); + } + function endKeyword(){ + $this->data->addKeyword($this->currentKeyword); + $this->currentKeyword->clear(); + } + function endHits(){ + } + function endHit(){ + $this->data->addHit($this->currentHit); + $this->currentHit->clear(); + } + function endHitGroup(){ + $this->currentHit->addHitGroup($this->currentHitGroup); + $this->currentHitGroup->clear(); + } + function endHitCategory(){ + $this->currentHitGroup->addHitCategory($this->currentHitCategory); + $this->currentHitCategory->clear(); + } + function endAction(){ + $this->currentHit->addAction($this->currentAction); + $this->currentAction->clear(); + } + function endHitField(){ + $this->currentHit->addHitField($this->currentHitField); + $this->currentHitField->clear(); + } + function endTextSeg(){ + $this->currentHitField->addTextSegment($this->currentTextSegment); + $this->currentTextSegment->clear(); + } + function endTextCut(){ + $this->currentHitField->setHasTextCut(true); + } + function endSpellingSuggestionVariant(){ + $this->data->addSpelling($this->currentSpelling); + $this->currentSpelling->clear(); + } + function endGroup(){ + $this->data->addGroup($this->currentGroup); + $this->currentGroup->clear(); + } + function endCategory(){ + $this->currentGroup->addCategory($this->currentCategory); + $this->currentCategory->clear(); + } + function endSearch(){ + } + + + function endElement($parser, $name) { + //echo "end $name
"; + if($name == 'QUERY'){ + $this->endQuery(); + } + elseif($name == 'QUERYTERM'){ + $this->endQueryTerm(); + } + elseif($name == 'QUERYPARAMETER'){ + $this->endQueryParameter(); + } + elseif($name == 'KEYWORD'){ + $this->endKeyword(); + } + elseif($name == 'HITS'){ + $this->endHits(); + } + elseif($name == 'HIT'){ + $this->endHit(); + } + elseif($name == 'HITFIELD'){ + $this->endHitField(); + } + elseif($name == 'HITGROUP'){ + $this->endHitGroup(); + } + elseif($name == 'HITCATEGORY'){ + $this->endHitCategory(); + } + elseif($name == 'ACTION'){ + $this->endAction(); + } + elseif($name == 'TEXTSEG'){ + $this->endTextSeg(); + } + elseif($name == 'TEXTCUT'){ + $this->endTextCut(); + } + //gestion suggestions d'orthographe + elseif($name == 'SPELLINGSUGGESTIONVARIANT'){ + $this->endSpellingSuggestionVariant(); + } + //gestion des categories pour raffiner + elseif($name == 'GROUP'){ + $this->endGroup(); + } + elseif($name == 'CATEGORY'){ + $this->endCategory(); + } + elseif($name == 'SEARCH'){ + $this->endSearch(); + } + } + + function parsePCData($parser, $text){ + $this->currentTextSegment->append(utf8_decode($text)); + } } diff --git a/include/identification.inc.php b/include/identification.inc.php index cc3c9e3..bbb20ba 100644 --- a/include/identification.inc.php +++ b/include/identification.inc.php @@ -27,7 +27,7 @@ function sortie_id($err) { $page->trig_run($err); } -$promo = intval($_REQUEST["promo"]); +$promo = Env::getInt('promo'); if ($promo<1900 || $promo>2100) { sortie_id("La promotion doit comporter 4 chiffres."); } @@ -53,7 +53,7 @@ $chaine = strlen($chaine2) > strlen($chaine1) ? $chaine2 : $chaine1; // c'est parti pour l'identification, les champs étant corrects if ($promo > 1995) { - if (strlen($_REQUEST["matricule"]) != 6) { + if (strlen(Env::get('matricule')) != 6) { sortie_id("Le matricule qu'il faut que tu rentres doit comporter 6 chiffres."); } @@ -62,18 +62,18 @@ if ($promo > 1995) { * (i.e. le numéro de promotion sauf pour les étrangers voie 2) et XXX le numéro d'entrée cette année-là */ - $matrcondense = $_REQUEST["matricule"]; - $rangentree = intval(substr($_REQUEST["matricule"], 3, 3)); - $anneeimmatric = intval(substr($_REQUEST["matricule"],0,3)); + $matrcondense = Env::get('matricule'); + $rangentree = intval(substr($matrcondense, 3, 3)); + $anneeimmatric = intval(substr($matrcondense, 0, 3)); if($anneeimmatric > 950) $anneeimmatric/=10; if ($anneeimmatric < 96) { sortie_id("ton matricule est incorrect"); } elseif ($anneeimmatric < 100) { // jusqu'à la promo 99 c'est 9?0XXX - $year = 1900 + intval(substr($_REQUEST["matricule"], 0, 2)); + $year = 1900 + intval(substr($matrcondense, 0, 2)); } elseif($anneeimmatric < 200) { // depuis les 2000 c'est 10?XXX - $year = 2000 + intval(substr($_REQUEST["matricule"], 1, 2)); + $year = 2000 + intval(substr($matrcondense, 1, 2)); } else { sortie_id("la gestion des promotions >= 2100 n'est pas prête !"); } diff --git a/include/money/cyberpaiement.inc.php b/include/money/cyberpaiement.inc.php index 37452f7..c52bd20 100644 --- a/include/money/cyberpaiement.inc.php +++ b/include/money/cyberpaiement.inc.php @@ -41,8 +41,10 @@ class CyberPayment global $globals; $roboturl = str_replace("https://","http://",$globals->baseurl) - ."/paiement/cyberpaiement_retour.php?uid={$_SESSION['uid']}&CHAMPBPX"; - if (! isset($_COOKIE[session_name()])) { + ."/paiement/cyberpaiement_retour.php?uid=" + .Session::getInt('uid') + ."&CHAMPBPX"; + if (Cookie::has(session_name())) { $returnurl .= "?".SID; } @@ -50,7 +52,7 @@ class CyberPayment $prefix = ($pay->flags->hasflag('unique')) ? str_pad("",15,"0") : rand_url_id(); $fullref = substr("$prefix-xorg-{$pay->id}",-15); - $e = $_SESSION['sexe'] ? 'e' : ''; + $e = Session::getBool('sexe') ? 'e' : ''; return << diff --git a/include/newsletter.inc.php b/include/newsletter.inc.php index bb21ea0..ab35a13 100644 --- a/include/newsletter.inc.php +++ b/include/newsletter.inc.php @@ -467,7 +467,7 @@ function get_nl_list() function get_nl_state() { global $globals; - $res = $globals->db->query("SELECT pref FROM newsletter_ins WHERE user_id={$_SESSION['uid']}"); + $res = $globals->db->query("SELECT pref FROM newsletter_ins WHERE user_id=".Session::getInt('uid')); if (!(list($st) = mysql_fetch_row($res))) { $st = false; } @@ -478,13 +478,13 @@ function get_nl_state() function unsubscribe_nl() { global $globals; - $globals->db->query("DELETE FROM newsletter_ins WHERE user_id={$_SESSION['uid']}"); + $globals->db->query("DELETE FROM newsletter_ins WHERE user_id=".Session::getInt('uid')); } function subscribe_nl($html=true, $uid=-1) { global $globals; - $user = $uid == -1 ? $_SESSION['uid'] : $uid; + $user = ($uid == -1) ? Session::getInt('uid') : $uid; $format = $html ? 'html' : 'text'; $globals->db->query("REPLACE INTO newsletter_ins (user_id,last,pref) SELECT '$user', MAX(id), '$format' diff --git a/include/notifs.inc.php b/include/notifs.inc.php index 6c8bf45..5f7da36 100644 --- a/include/notifs.inc.php +++ b/include/notifs.inc.php @@ -47,10 +47,11 @@ function register_watch_op($uid,$cid,$date='',$info='') { function getNbNotifs() { global $globals; - if(!isset($_SESSION['uid'])) return 0; - $uid = $_SESSION['uid']; - - $watchlast = isset($_SESSION['watch_last']) ? $_SESSION['watch_last'] : 0; + if (!Session::has('uid')) { + return 0; + } + $uid = Session::getInt('uid', -1); + $watchlast = Session::getInt('watch_last'); $res = $globals->db->query(" ( @@ -296,7 +297,7 @@ class WatchSub { global $globals; $this->_data = Array(); $globals->db->query("DELETE FROM watch_sub WHERE uid='{$this->_uid}'"); - foreach($_REQUEST[$ind] as $key=>$val) { + foreach(Env::getMixed($ind) as $key=>$val) { $globals->db->query("INSERT INTO watch_sub SELECT '{$this->_uid}',id FROM watch_cat diff --git a/include/profil.func.inc.php b/include/profil.func.inc.php index fb61e2f..96b6fb8 100644 --- a/include/profil.func.inc.php +++ b/include/profil.func.inc.php @@ -23,26 +23,26 @@ require_once('applis.func.inc.php'); function replace_ifset(&$var,$req) { - if (isset($_REQUEST[$req])){ - $var = stripslashes($_REQUEST[$req]); - } + if (Env::has($req)){ + $var = stripslashes(Env::get($req)); + } } function replace_ifset_i(&$var,$req,$i) { - if (isset($_REQUEST[$req][$i])){ - $var[$i] = stripslashes($_REQUEST[$req][$i]); - } + if (isset($_REQUEST[$req][$i])){ + $var[$i] = stripslashes($_REQUEST[$req][$i]); + } } function replace_ifset_i_j(&$var,$req,$i,$j) { - if (isset($_REQUEST[$req][$j])){ - $var[$i] = stripslashes($_REQUEST[$req][$j]); - } + if (isset($_REQUEST[$req][$j])){ + $var[$i] = stripslashes($_REQUEST[$req][$j]); + } } //pour rentrer qqchose dans la base function put_in_db($string){ - return trim(addslashes($string)); + return trim(addslashes($string)); } ?> diff --git a/include/profil/assign_poly.inc.php b/include/profil/assign_poly.inc.php index 85e7c9f..f9f7cf6 100644 --- a/include/profil/assign_poly.inc.php +++ b/include/profil/assign_poly.inc.php @@ -20,15 +20,15 @@ ***************************************************************************/ +$uid = Session::getInt('uid'); + $page->mysql_assign("SELECT text,id FROM binets_ins, binets_def - WHERE binets_def.id=binets_ins.binet_id AND - user_id='{$_SESSION['uid']}'", 'binets'); + WHERE binets_def.id=binets_ins.binet_id AND user_id=$uid", 'binets'); $page->mysql_assign("SELECT text,id FROM groupesx_ins, groupesx_def - WHERE groupesx_def.id=groupesx_ins.gid AND - guid='{$_SESSION['uid']}'", 'groupesx'); + WHERE groupesx_def.id=groupesx_ins.gid AND guid=$uid", 'groupesx'); $page->assign('section', $section); ?> diff --git a/include/search.classes.inc.php b/include/search.classes.inc.php index de3ffe3..8dbc7f9 100644 --- a/include/search.classes.inc.php +++ b/include/search.classes.inc.php @@ -129,7 +129,7 @@ class SField * on met une chaîne vide si le champ n'a pas été complété */ function get_request() { - $this->value = (isset($_REQUEST[$this->fieldFormName])) ? trim($_REQUEST[$this->fieldFormName]) : ''; + $this->value = trim(Env::get($this->fieldFormName)); } // }}} diff --git a/include/select_user.inc.php b/include/select_user.inc.php index d63c0b2..0bcc6bb 100644 --- a/include/select_user.inc.php +++ b/include/select_user.inc.php @@ -19,44 +19,27 @@ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * ***************************************************************************/ -if(empty($_REQUEST["xmat"]) || empty($_REQUEST["submit"])) { - if (empty($_REQUEST["xmat"]) && (empty($_REQUEST["prenomR"]) || empty($_REQUEST["nomR"]))) { +if (!Env::has("xmat") || !Env::has("submit")) { + if ( !Env::has("xmat") && (!Env::has("prenomR") || !Env::has("nomR")) ) { new_admin_page('marketing/utilisateurs_recherche.tpl'); $page->run(); } - if (!empty($_REQUEST["xmat"])) { - // on a un matricule, on affiche juste l'entrée correspondante - $where = "matricule={$_REQUEST['xmat']}"; + if (Env::has("xmat")) { + $where = "matricule=".Env::getInt('xmat'); } else { - // on n'a pas le matricule, essayer de le trouver moi-meme, de le proposer - // et de reafficher le formulaire avec les propositions de matricules - - // suppression accents et passage en majuscules des champs entrés - $nomUS=replace_accent($_REQUEST["nomR"]); - $nomup=strtoupper($nomUS); - $nomup=str_replace("\'","'",$nomup); - $prenomUS=replace_accent($_REQUEST["prenomR"]); - $prenomup=strtoupper($prenomUS); - $prenomup=str_replace("\'","'",$prenomup); + $nom = Env::get('nomR'); + $prenom = Env::get('prenomR'); // calcul de la plus longue chaine servant à l'identification - $chaine1=strtok($nomup," -'"); - $chaine2=strtok(" -'"); - if ( strlen($chaine2) > strlen($chaine1) ) { - $chaine = $chaine2; - } else { - $chaine = $chaine1; - } + $chaine1 = strtok($nom," -'"); + $chaine2 = strtok(" -'"); + $chaine = ( strlen($chaine2) > strlen($chaine1) ) ? $chaine2 : $chaine1; - if(strlen($_REQUEST["promoR"])==4) { - $rq="AND promo=".$_REQUEST["promoR"]; - } else { - $rq=""; - } + $rq = strlen(Env::get("promoR")==4 ? "AND promo=".Env::getInt("promoR") : ""; - $where = "prenom LIKE '%{$_REQUEST['prenomR']}%' AND nom LIKE '%$chaine%' $rq ORDER BY promo,nom"; - } // a-t-on xmat + $where = "prenom LIKE '%$prenom%' AND nom LIKE '%$chaine%' $rq ORDER BY promo,nom"; + } $sql = "SELECT matricule,matricule_ax,promo,nom,prenom,comment,appli,flags,last_known_email,deces,user_id FROM auth_user_md5 diff --git a/include/texify.inc.php b/include/texify.inc.php index 5e5c724..e6df11d 100644 --- a/include/texify.inc.php +++ b/include/texify.inc.php @@ -32,7 +32,7 @@ function tex_to_pdf($texte) { global $pdf_tmp_dir; set_time_limit(300); // timeout de 5 minutes au cas où le texte serait gros // et pdflatex lent - $pdf_tmp_dir=('/tmp/mescontacts_'.$_SESSION['forlife']); + $pdf_tmp_dir=('/tmp/mescontacts_'.Session::get('forlife')); // fonction pour effacer le rep temporaire function clean_tmp_dir() { global $pdf_tmp_dir; diff --git a/include/user.func.inc.php b/include/user.func.inc.php index 68abbe2..c1a673e 100644 --- a/include/user.func.inc.php +++ b/include/user.func.inc.php @@ -61,7 +61,7 @@ function user_clear_all_subs($user_id, $really_del=true) include_once('lists.inc.php'); if (function_exists(lists_xmlrpc)) { - $client =& lists_xmlrpc($_SESSION['uid'], $_SESSION['password']); + $client =& lists_xmlrpc(Session::getInt('id'), Session::get('password')); $client->kill($alias, $really_del); } } diff --git a/include/validations/aliases.inc.php b/include/validations/aliases.inc.php index b0d3fa3..cb54d58 100644 --- a/include/validations/aliases.inc.php +++ b/include/validations/aliases.inc.php @@ -84,7 +84,7 @@ class AliasReq extends Validate function handle_formu() { - if (empty($_REQUEST['submit']) || ($_REQUEST['submit']!="Accepter" && $_REQUEST['submit']!="Refuser")) { + if (Env::get('submit'] != "Accepter" && Env::get('submit') != "Refuser") { return false; } @@ -93,12 +93,12 @@ class AliasReq extends Validate $mymail->assign('alias', $this->alias); $mymail->assign('bestalias', $this->bestalias); - if ($_REQUEST['submit']=="Accepter") { + if (Env::get('submit') == "Accepter") { $mymail->assign('answer', 'yes'); $this->commit() ; } else { $mymail->assign('answer', 'no'); - $mymail->assign('motif', stripslashes($_REQUEST['motif'])); + $mymail->assign('motif', stripslashes(Env::get('motif'))); } $mymail->send(); //Suppression de la demande diff --git a/include/validations/epouses.inc.php b/include/validations/epouses.inc.php index 41ae4a7..4793f3e 100644 --- a/include/validations/epouses.inc.php +++ b/include/validations/epouses.inc.php @@ -78,9 +78,7 @@ class EpouseReq extends Validate function handle_formu() { - if (empty($_REQUEST['submit']) - || ($_REQUEST['submit']!="Accepter" && $_REQUEST['submit']!="Refuser")) - { + if (Env::get('submit') != "Accepter" && Env::get('submit') != "Refuser") { return false; } @@ -88,7 +86,7 @@ class EpouseReq extends Validate $mymail = new XOrgMailer('valid.epouses.tpl'); $mymail->assign('forlife', $this->forlife); - if ($_REQUEST['submit']=="Accepter") { + if (Env::get('submit') == "Accepter") { $mymail->assign('answer','yes'); if ($this->oldepouse) { $mymail->assign('oldepouse',$this->oldalias); @@ -97,8 +95,6 @@ class EpouseReq extends Validate $this->commit(); } else { // c'était donc Refuser $mymail->assign('answer','no'); - if (isset($_REQUEST["motif"])) - $_REQUEST["motif"] = stripslashes($_REQUEST["motif"]); } $mymail->send(); diff --git a/include/validations/evts.inc.php b/include/validations/evts.inc.php index d0d3c79..d6e1c95 100644 --- a/include/validations/evts.inc.php +++ b/include/validations/evts.inc.php @@ -82,32 +82,32 @@ class EvtReq extends Validate function handle_formu() { global $globals; - if (isset($_POST['action'])) { + if (Post::has('action')) { require_once("xorg.mailer.inc.php"); $mymail = new XOrgMailer('valid.evts.tpl'); $mymail->assign('bestalias',$this->bestalias); $mymail->assign('titre',$this->titre); - if ($_REQUEST['action']=="Valider") { + $uid = Session::getInt('uid'); + + if (Env::get('action') == "Valider") { $globals->db->query("UPDATE evenements - SET creation_date = creation_date, validation_user_id = {$_SESSION['uid']}, + SET creation_date = creation_date, validation_user_id = $uid, validation_date = NULL, flags = CONCAT(flags,',valide') WHERE id='{$this->evtid}' LIMIT 1"); $mymail->assign('answer','yes'); - } - if ($_REQUEST['action']=="Invalider") { + $mymail->send(); + } elseif (Env::get('action') == "Invalider") { $globals->db->query("UPDATE evenements - SET creation_date = creation_date, validation_user_id = {$_SESSION['uid']}, + SET creation_date = creation_date, validation_user_id = $uid, validation_date = NULL, flags = REPLACE(flags,'valide','') WHERE id='{$this->evtid}' LIMIT 1"); $mymail->assign('answer', 'no'); - } - if ($_REQUEST['action']=="Supprimer") { - $globals->db->query("DELETE from evenements WHERE id='{$this->evtid}' LIMIT 1"); - } - if ($_POST['action'] != "Supprimer") { $mymail->send(); + } elseif (Env::get('action') == "Supprimer") { + $globals->db->query("DELETE from evenements WHERE id='{$this->evtid}' LIMIT 1"); } + $this->clean(); } return ""; diff --git a/include/validations/listes.inc.php b/include/validations/listes.inc.php index 46acf8c..cf60730 100644 --- a/include/validations/listes.inc.php +++ b/include/validations/listes.inc.php @@ -81,9 +81,7 @@ class ListeReq extends Validate function handle_formu() { - if (empty($_REQUEST['submit']) - || ($_REQUEST['submit']!="Accepter" && $_REQUEST['submit']!="Refuser")) - { + if (Env::get('submit') != "Accepter" && Env::get('submit') != "Refuser") { return false; } @@ -91,9 +89,9 @@ class ListeReq extends Validate $mymail = new XOrgMailer('valid.liste.tpl'); $mymail->assign('alias', $this->liste); $mymail->assign('bestalias', $this->bestalias); - $mymail->assign('motif', stripslashes($_REQUEST['motif'])); + $mymail->assign('motif', stripslashes(Env::get('motif'))); - if ($_REQUEST['submit']=="Accepter") { + if (Env::get('submit') == "Accepter") { $mymail->assign('answer', 'yes'); if (!$this->commit()) { return 'problème'; @@ -115,11 +113,9 @@ class ListeReq extends Validate { global $globals; require_once('xml-rpc-client.inc.php'); - $res = $globals->db->query("SELECT password FROM auth_user_md5 WHERE user_id={$_SESSION['uid']}"); - list($pass) = mysql_fetch_row($res); - mysql_free_result($res); + require_once('lists.inc.php'); - $client = new xmlrpc_client("http://{$_SESSION['uid']}:$pass@localhost:4949/polytechnique.org"); + $client =& lists_xmlrpc(Session::getInt('uid'), Session::get('password')); $ret = $client->create_list($this->liste, $this->desc, $this->advertise, $this->modlevel, $this->inslevel, $this->owners, $this->members); diff --git a/include/validations/photos.inc.php b/include/validations/photos.inc.php index 0a43000..2541da7 100644 --- a/include/validations/photos.inc.php +++ b/include/validations/photos.inc.php @@ -111,9 +111,7 @@ class PhotoReq extends Validate function handle_formu () { - if (empty($_REQUEST['submit']) - || ($_REQUEST['submit']!="Accepter" && $_REQUEST['submit']!="Refuser")) - { + if (Session::get('submit') != "Accepter" && Session::get('submit') != "Refuser") { return false; } @@ -121,7 +119,7 @@ class PhotoReq extends Validate $mymail = new XOrgMailer('valid.photos.tpl'); $mymail->assign('bestalias', $this->bestalias); - if ($_REQUEST['submit']=="Accepter") { + if (Session::get('submit') == "Accepter") { $mymail->assign('answer','yes'); $this->commit(); } else { diff --git a/include/xorg/env.inc.php b/include/xorg/env.inc.php index f47bce8..26ae14e 100644 --- a/include/xorg/env.inc.php +++ b/include/xorg/env.inc.php @@ -55,9 +55,9 @@ class Env } // }}} - // {{{ function getMixed + // {{{ function &getMixed - function getMixed($key, $default='') + function &getMixed($key, $default=null) { return Env::_get($key, $default); } @@ -119,9 +119,9 @@ class Post } // }}} - // {{{ function getMixed + // {{{ function &getMixed - function getMixed($key, $default='') + function &getMixed($key, $default=null) { return Post::_get($key, $default); } @@ -183,9 +183,9 @@ class Get } // }}} - // {{{ function getMixed + // {{{ function &getMixed - function getMixed($key, $default='') + function &getMixed($key, $default=null) { return Get::_get($key, $default); } @@ -247,9 +247,9 @@ class Session } // }}} - // {{{ function getMixed + // {{{ function &getMixed - function getMixed($key, $default='') + function &getMixed($key, $default=null) { return Session::_get($key, $default); } @@ -311,9 +311,9 @@ class Cookie } // }}} - // {{{ function getMixed + // {{{ function &getMixed - function getMixed($key, $default='') + function &getMixed($key, $default=null) { return Cookie::_get($key, $default); } diff --git a/include/xorg/session.inc.php b/include/xorg/session.inc.php index 95c346c..9fd487a 100644 --- a/include/xorg/session.inc.php +++ b/include/xorg/session.inc.php @@ -31,7 +31,7 @@ class XorgSession extends DiogenesCoreSession function XorgSession() { $this->DiogenesCoreSession(); - if (empty($_SESSION['uid'])) { + if (!Session::has('uid')) { try_cookie(); } set_skin(); @@ -42,7 +42,7 @@ class XorgSession extends DiogenesCoreSession function init() { @session_start(); - if (empty($_SESSION['session'])) { + if (!Session::has('session')) { $_SESSION['session'] = new XorgSession; } } @@ -61,31 +61,37 @@ class XorgSession extends DiogenesCoreSession return true; } - if (isset($_REQUEST['username']) and isset($_REQUEST['response']) - and isset($_SESSION['session']->challenge)) + if (Session::has('session')) { + $session =& Session::getMixed('session'); + } + + if (Env::has('username') && Env::has('response') && isset($session->challenge)) { // si on vient de recevoir une identification par passwordpromptscreen.tpl // ou passwordpromptscreenlogged.tpl - $field = preg_match('/^\d*$/', $_REQUEST['username']) ? 'id' : 'alias'; + $uname = Env::get('username'); + $field = preg_match('/^\d*$/', $uname) ? 'id' : 'alias'; $res = @$globals->db->query( "SELECT u.user_id,u.password FROM auth_user_md5 AS u INNER JOIN aliases AS a ON ( a.id=u.user_id AND type!='homonyme' ) - WHERE a.$field='{$_REQUEST['username']}' AND u.perms IN('admin','user')"); + WHERE a.$field='$uname' AND u.perms IN('admin','user')"); + + $logger =& Session::getMixed('log'); if (list($uid,$password)=mysql_fetch_row($res)) { - $expected_response=md5("{$_REQUEST['username']}:$password:{$_SESSION['session']->challenge}"); - if ($_REQUEST['response'] == $expected_response) { - unset($_SESSION['session']->challenge); - if (isset($_SESSION['log'])) { - $_SESSION['log']->log('auth_ok'); + $expected_response=md5("$uname:$password:{$session->challenge}"); + if (Env::get('response') == $expected_response) { + unset($session->challenge); + if ($logger) { + $logger->log('auth_ok'); } start_connexion($uid, true); return true; - } elseif (isset($_SESSION['log'])) { - $_SESSION['log']->log('auth_fail','bad password'); + } elseif ($logger) { + $logger->log('auth_fail','bad password'); } - } elseif (isset($_SESSION['log'])) { - $_SESSION['log']->log('auth_fail','bad login'); + } elseif ($logger) { + $logger->log('auth_fail','bad login'); } mysql_free_result($res); @@ -109,7 +115,7 @@ class XorgSession extends DiogenesCoreSession } // on vient de recevoir une demande d'auth, on passe la main a doAuth - if (isset($_REQUEST['username']) and isset($_REQUEST['response'])) { + if (Env::has('username') and Env::has('response')) { return $this->doAuth($page); } @@ -197,11 +203,9 @@ function check_perms() * @return BOOL */ -function has_perms($auth_array=array()) +function has_perms() { - return logged() - && ( (!empty($auth_array) && in_array($_SESSION['uid'], $auth_array)) - || ($_SESSION['perms']==PERMS_ADMIN) ); + return logged() && Session::get('perms')==PERMS_ADMIN; } // }}} @@ -214,7 +218,7 @@ function has_perms($auth_array=array()) */ function logged () { - return(isset($_SESSION['auth']) and ($_SESSION['auth']>=AUTH_COOKIE)); + return Session::get('auth', AUTH_PUBLIC) >= AUTH_COOKIE; } // }}} @@ -228,7 +232,7 @@ function logged () */ function identified () { - return(isset($_SESSION['auth']) and $_SESSION['auth']>=AUTH_MDP); + return Session::get('auth', AUTH_PUBLIC) >= AUTH_MDP; } // }}} @@ -241,22 +245,24 @@ function identified () function try_cookie() { global $globals; - if (!isset($_COOKIE['ORGaccess']) or $_COOKIE['ORGaccess'] == '' or !isset($_COOKIE['ORGuid'])) { + if (Cookie::get('ORGaccess') == '' or !Cookie::has('ORGuid')) { return -1; } - $res = @$globals->db->query( "SELECT user_id,password FROM auth_user_md5 WHERE user_id='{$_COOKIE['ORGuid']}' AND perms IN('admin','user')"); + $res = @$globals->db->query( "SELECT user_id,password FROM auth_user_md5 WHERE user_id=" + .Cookie::getInt('ORGuid')." AND perms IN('admin','user')"); if (@mysql_num_rows($res) != 0) { list($uid,$password)=mysql_fetch_row($res); mysql_free_result($res); $expected_value=md5($password); - if ($expected_value == $_COOKIE['ORGaccess']) { + if ($expected_value == Cookie::get('ORGaccess')) { start_connexion($uid, false); return 0; } else { return 1; } } + return -2; } @@ -287,26 +293,16 @@ function start_connexion ($uid, $identified) $bestalias, $password, $femme) = mysql_fetch_row($result); mysql_free_result($result); - // on garde le logger si il existe (pour ne pas casser les sessions lors d'une - // authentification avec le cookie - // on vérifie que c'est bien un logger de l'utilisateur en question - if (isset($_SESSION['log']) && $_SESSION['log']->uid==$uid) { - $logger = $_SESSION['log']; - } - - // on vide la session pour effacer les valeurs précédentes (notamment de skin) - // qui peuvent être celles de quelqu'un d'autre ou celle par defaut - $suid = isset($_SESSION['suid']) ? $_SESSION['suid'] : null; + $suid = Session::getMixed('suid'); + if ($suid) { $logger = new DiogenesCoreLogger($uid,$suid); - $logger->log("suid_start","{$_SESSION['forlife']} by {$_SESSION['suid']}"); - $_SESSION = Array('suid'=>$_SESSION['suid'], 'log'=>$logger); + $logger->log("suid_start",Session::get('forlife')." by {$suid['uid']}"); + $_SESSION = Array('suid'=>$suid, 'log'=>$logger); } else { - $_SESSION = Array(); - $_SESSION['log'] = (isset($logger) ? $logger : new DiogenesCoreLogger($uid)); - if (empty($logger)) { - $_SESSION['log']->log("connexion",$_SERVER['PHP_SELF']); - } + $logger = Session::getMixed('log', new DiogenesCoreLogger($uid)); + $_SESSION = Array('log' => $logger); + $logger->log("connexion",$_SERVER['PHP_SELF']); setcookie('ORGuid',$uid,(time()+25920000),'/','',0); } @@ -337,10 +333,11 @@ function set_skin() { global $globals; if (logged() && $globals->skin->enable) { + $uid = Session::getInt('uid'); $result = $globals->db->query("SELECT skin,skin_tpl FROM auth_user_quick AS a INNER JOIN skins AS s ON a.skin=s.id - WHERE user_id='{$_SESSION['uid']}' AND skin_tpl != ''"); + WHERE user_id=$uid AND skin_tpl != ''"); if (!(list($_SESSION['skin_id'], $_SESSION['skin']) = mysql_fetch_row($result))) { $_SESSION['skin'] = $globals->skin->def_tpl; $_SESSION['skin_id'] = $globals->skin->def_id; diff --git a/templates/mails/valid.alias.tpl b/templates/mails/valid.alias.tpl index b81e686..6ae3854 100644 --- a/templates/mails/valid.alias.tpl +++ b/templates/mails/valid.alias.tpl @@ -35,7 +35,7 @@ L' Cher(e) camarade, La demande que tu avais faite pour les alias {$alias}@melix.net et {$alias}@melix.org a été refusée pour la raison suivante : -{$motif} +{$motif|stripslashes} Cordialement, L'équipe X.org diff --git a/templates/mails/valid.epouses.tpl b/templates/mails/valid.epouses.tpl index b10a5a9..1015aa9 100644 --- a/templates/mails/valid.epouses.tpl +++ b/templates/mails/valid.epouses.tpl @@ -40,7 +40,7 @@ Ch La demande de changement de nom de mariage que tu avais faite a été refusée. {if $smarty.request.motif} La raison de ce refus est : -{$smarty.request.motif} +{$smarty.request.motif|stripslashes} {/if} Cordialement, diff --git a/templates/mails/valid.liste.tpl b/templates/mails/valid.liste.tpl index 3664c83..6593d6f 100644 --- a/templates/mails/valid.liste.tpl +++ b/templates/mails/valid.liste.tpl @@ -29,7 +29,7 @@ Cher(e) camarade, La mailing list {$alias} que tu avais demandée vient d'être créée. {if $motif} Informations complémentaires: -{$motif} +{$motif|stripslashes} {/if} Cordialement, @@ -39,7 +39,7 @@ Cher(e) camarade, La demande que tu avais faite pour la mailing list {$alias} a été refusée. La raison de ce refus est : -{$motif} +{$motif|stripslashes} Cordialement, L'équipe X.org diff --git a/templates/mails/valid.photos.tpl b/templates/mails/valid.photos.tpl index ae5be5f..abd863d 100644 --- a/templates/mails/valid.photos.tpl +++ b/templates/mails/valid.photos.tpl @@ -35,7 +35,7 @@ Cher(e) camarade, La demande de changement de photo que tu avais faite a été refusée. La raison de ce refus est : -{$smarty.request.motif} +{$smarty.request.motif|stripslashes} Cordialement, L'équipe X.org