From aa5f19ae21be7b92cce04a4a259e4d9395d1893f Mon Sep 17 00:00:00 2001 From: x2000habouzit Date: Sun, 1 Oct 2006 12:17:33 +0000 Subject: [PATCH] coding rules, some undefined vars + fix for #472 git-svn-id: svn+ssh://murphy/home/svn/platal/trunk@937 839d8a87-29fc-0310-9880-83ba4fa771e5 --- ChangeLog | 3 +++ classes/platal.php | 2 +- include/platal.inc.php | 12 +++++++++++- include/xorg/session.inc.php | 15 +++++++++------ 4 files changed, 24 insertions(+), 8 deletions(-) diff --git a/ChangeLog b/ChangeLog index 0edfa2f..3c3ab88 100644 --- a/ChangeLog +++ b/ChangeLog @@ -18,6 +18,9 @@ Bug/Wish: From 0.9.11 branch: + * Core: + - #472: Fix problem with auth when using the cookie. -MC + * Geoloc: - #469: Google Maps link works for the USA -FRU diff --git a/classes/platal.php b/classes/platal.php index 27b75a5..1a317f3 100644 --- a/classes/platal.php +++ b/classes/platal.php @@ -111,7 +111,7 @@ class Platal function force_login(&$page) { - if (S::logged() and !$new_name) { + if (S::logged()) { $page->changeTpl('password_prompt_logged.tpl'); $page->addJsLink('do_challenge_response_logged.js'); } else { diff --git a/include/platal.inc.php b/include/platal.inc.php index bc09f8e..701dfbf 100644 --- a/include/platal.inc.php +++ b/include/platal.inc.php @@ -72,6 +72,16 @@ function pl_error_handler($errno, $errstr, $errfile, $errline) ""; } +function pl_dump_env() +{ + echo "
";
+    echo "\nSESSION: "; var_export($_SESSION);
+    echo "\nPOST:    "; var_export($_POST);
+    echo "\nGET:     "; var_export($_GET);
+    echo "\nCOOKIES: "; var_export($_COOKIES);
+    echo "
"; +} + function pl_print_errors() { print join("\n", $GLOBALS['pl_errors']); @@ -79,7 +89,7 @@ function pl_print_errors() set_error_handler('pl_error_handler', E_ALL | E_STRICT); register_shutdown_function('pl_print_errors'); - +register_shutdown_function('pl_dump_env'); function pl_url($path, $query = null, $fragment = null) { diff --git a/include/xorg/session.inc.php b/include/xorg/session.inc.php index 8d73093..45905b5 100644 --- a/include/xorg/session.inc.php +++ b/include/xorg/session.inc.php @@ -73,6 +73,7 @@ class XorgSession } } else { $login = $uname; + $redirect = false; } $field = (!$redirect && preg_match('/^\d*$/', $uname)) ? 'id' : 'alias'; @@ -85,13 +86,14 @@ class XorgSession $logger =& S::v('log'); if (list($uid, $password) = $res->fetchOneRow()) { require_once('secure_hash.inc.php'); - $expected_response=hash_encrypt("$uname:$password:".S::v('challenge')); + $expected_response = hash_encrypt("$uname:$password:".S::v('challenge')); // le password de la base est peut-ĂȘtre encore encodĂ© en md5 if (Env::v('response') != $expected_response) { $new_password = hash_xor(Env::v('xorpass'), $password); $expected_response = hash_encrypt("$uname:$new_password:".S::v('challenge')); if (Env::v('response') == $expected_response) { - XDB::execute("UPDATE auth_user_md5 SET password = {?} WHERE user_id = {?}", $new_password, $uid); + XDB::execute("UPDATE auth_user_md5 SET password = {?} WHERE user_id = {?}", + $new_password, $uid); } } if (Env::v('response') == $expected_response) { @@ -174,9 +176,10 @@ function try_cookie() } $res = @XDB::query( - "SELECT user_id,password FROM auth_user_md5 WHERE user_id = {?} AND perms IN('admin','user')", - Cookie::i('ORGuid') - ); + "SELECT user_id,password FROM auth_user_md5 + WHERE user_id = {?} AND perms IN('admin','user')", + Cookie::i('ORGuid')); + if ($res->numRows() != 0) { list($uid, $password) = $res->fetchOneRow(); require_once('secure_hash.inc.php'); @@ -228,7 +231,7 @@ function start_connexion ($uid, $identified) setcookie('ORGuid', $uid, (time()+25920000), '/', '', 0); } - $_SESSION = $sess; + $_SESSION = array_merge($_SESSION, $sess); $_SESSION['log'] = $logger; $_SESSION['auth'] = ($identified ? AUTH_MDP : AUTH_COOKIE); set_skin(); -- 2.1.4