From 0c02607ec8d2a6aebac70a050c8f6b3a58ff566e Mon Sep 17 00:00:00 2001 From: Florent Bruneau Date: Mon, 22 Dec 2008 22:44:49 +0100 Subject: [PATCH] Use S::suid(). Signed-off-by: Florent Bruneau --- classes/xnetsession.php | 9 ++++----- classes/xorgsession.php | 27 +++++++++++++++------------ core | 2 +- modules/admin.php | 3 +-- modules/auth.php | 4 ++-- modules/platal.php | 6 ++---- modules/profile/page.inc.php | 2 +- modules/xnetgrp.php | 2 +- 8 files changed, 27 insertions(+), 28 deletions(-) diff --git a/classes/xnetsession.php b/classes/xnetsession.php index 068e6b2..0ce7438 100644 --- a/classes/xnetsession.php +++ b/classes/xnetsession.php @@ -131,14 +131,13 @@ class XnetSession extends XorgSession public function stopSUID() { - $suid = S::v('suid'); + $perms = S::suid('perms'); if (!parent::stopSUID()) { return false; } - S::kill('suid'); S::kill('may_update'); S::kill('is_member'); - S::set('perms', $suid['perms']); + S::set('perms', $perms); return true; } } @@ -162,7 +161,7 @@ function may_update($force = false, $lose = false) return false; } elseif ($lose) { $may_update[$asso_id] = false; - } elseif (S::has_perms() || (S::has('suid') && $force)) { + } elseif (S::admin() || (S::suid() && $force)) { $may_update[$asso_id] = true; } elseif (!isset($may_update[$asso_id]) || $force) { $res = XDB::query("SELECT perms @@ -194,7 +193,7 @@ function is_member($force = false, $lose = false) return false; } elseif ($lose) { $is_member[$asso_id] = false; - } elseif (S::has('suid') && $force) { + } elseif (S::suid() && $force) { $is_member[$asso_id] = true; } elseif (!isset($is_member[$asso_id]) || $force) { $res = XDB::query("SELECT COUNT(*) diff --git a/classes/xorgsession.php b/classes/xorgsession.php index 90cbf75..ccae18f 100644 --- a/classes/xorgsession.php +++ b/classes/xorgsession.php @@ -120,9 +120,8 @@ class XorgSession extends PlSession /** We come from an authentication form. */ - if (S::has('suid')) { - $suid = S::v('suid'); - $login = $uname = $suid['uid']; + if (S::suid()) { + $login = $uname = S::suid('uid'); $redirect = false; } else { $uname = Env::v('username'); @@ -145,9 +144,8 @@ class XorgSession extends PlSession } $uid = $this->checkPassword($uname, $login, Post::v('response'), (!$redirect && is_numeric($uname)) ? 'id' : 'alias'); - if (!is_null($uid) && S::has('suid')) { - $suid = S::v('suid'); - if ($suid['uid'] == $uid) { + if (!is_null($uid) && S::suid()) { + if (S::suid('uid') == $uid) { $uid = S::i('uid'); } else { $uid = null; @@ -155,7 +153,7 @@ class XorgSession extends PlSession } if (!is_null($uid)) { S::set('auth', AUTH_MDP); - if (!S::has('suid')) { + if (!S::suid()) { if (Post::has('domain')) { if (($domain = Post::v('domain', 'login')) == 'alias') { Cookie::set('domain', 'alias', 300); @@ -172,6 +170,12 @@ class XorgSession extends PlSession protected function startSessionAs($user, $level) { + if (!($user instanceof User)) { + $user = User::getSilent($user); + if ($user === false) { + return false; + } + } if ((!is_null(S::v('user')) && S::i('user') != $user->id()) || (S::has('uid') && S::i('uid') != $user->id())) { return false; @@ -209,9 +213,8 @@ class XorgSession extends PlSession $_SESSION = array_merge($_SESSION, $sess); // Starts the session's logger, and sets up the permanent cookie. - if (S::has('suid')) { - $suid = S::v('suid'); - S::logger()->log("suid_start", S::v('hruid') . " by " . $suid['hruid']); + if (S::suid()) { + S::logger()->log("suid_start", S::v('hruid') . ' by ' . S::suid('hruid')); } else { S::logger()->saveLastSession(); Cookie::set('uid', $user->id(), 300); @@ -278,7 +281,7 @@ class XorgSession extends PlSession public function setSkin() { - if (S::logged() && (!S::has('skin') || S::has('suid'))) { + if (S::logged() && (!S::has('skin') || S::suid())) { $uid = S::v('uid'); $res = XDB::query('SELECT skin_tpl FROM accounts AS a @@ -307,7 +310,7 @@ class XorgSession extends PlSession } public function setAccessCookie($replace = false, $log = true) { - if (S::has('suid') || ($replace && !Cookie::blank('access'))) { + if (S::suid() || ($replace && !Cookie::blank('access'))) { return; } Cookie::set('access', sha1(S::v('password')), 300, true); diff --git a/core b/core index c1414bc..f1c8bb7 160000 --- a/core +++ b/core @@ -1 +1 @@ -Subproject commit c1414bcad94fd52d3ba4a16eafec2d4acc625f6d +Subproject commit f1c8bb75eaae934ac2dd1cbd7f8bbc10960413ee diff --git a/modules/admin.php b/modules/admin.php index 1cb33af..94945cf 100644 --- a/modules/admin.php +++ b/modules/admin.php @@ -358,7 +358,7 @@ class AdminModule extends PLModule $page->setTitle('Administration - Edit/Su/Log'); require_once("emails.inc.php"); - if (S::has('suid')) { + if (S::suid()) { $page->kill("Déjà en SUID !!!"); } @@ -388,7 +388,6 @@ class AdminModule extends PLModule } if(Env::has('suid_button') && $registered) { - S::logger()->log("suid_start", "login on " . $user->login()); if (!Platal::session()->startSUID($user->id())) { $page->trigError('Impossible d\'effectuer un SUID sur ' . $user->id()); } else { diff --git a/modules/auth.php b/modules/auth.php index e68ca82..1601c58 100644 --- a/modules/auth.php +++ b/modules/auth.php @@ -151,9 +151,9 @@ class AuthModule extends PLModule // mise à jour de l'heure et de la machine de dernier login sauf quand on est en suid $uid = S::i('uid'); - if (!isset($_SESSION['suid'])) { + if (!S::suid()) { global $platal; - S::logger(uid)->log('connexion_auth_ext', $platal->path); + S::logger($uid)->log('connexion_auth_ext', $platal->path); } /* on parcourt les entrees de groupes_auth */ diff --git a/modules/platal.php b/modules/platal.php index 852b9e6..f396e06 100644 --- a/modules/platal.php +++ b/modules/platal.php @@ -425,10 +425,8 @@ Adresse de secours : " . Post::v('email') : "")); function handler_exit(&$page, $level = null) { - if (S::has('suid')) { - $suid = S::v('suid'); - $log = S::v('log'); - S::logger()->log("suid_stop", S::user()->login() . " by " . $suid['hruid']); + if (S::suid()) { + S::logger()->log('suid_stop', S::user()->login() . " by " . S::suid('hruid')); Platal::session()->stopSUID(); pl_redirect('admin/user/' . S::user()->login()); } diff --git a/modules/profile/page.inc.php b/modules/profile/page.inc.php index 79a8664..4599857 100644 --- a/modules/profile/page.inc.php +++ b/modules/profile/page.inc.php @@ -357,7 +357,7 @@ abstract class ProfilePage implements PlWizardPage // Update the last modification date XDB::execute('REPLACE INTO user_changes SET user_id = {?}', S::v('uid')); - if (!S::has('suid')) { + if (!S::suid()) { register_watch_op(S::i('uid'), WATCH_FICHE); } global $platal; diff --git a/modules/xnetgrp.php b/modules/xnetgrp.php index bfdea5e..db33b8a 100644 --- a/modules/xnetgrp.php +++ b/modules/xnetgrp.php @@ -703,7 +703,7 @@ class XnetGrpModule extends PLModule function handler_change_rights(&$page) { - if (Env::has('right') && (may_update() || S::has('suid'))) { + if (Env::has('right') && (may_update() || S::suid())) { switch (Env::v('right')) { case 'admin': Platal::session()->stopSUID(); -- 2.1.4