From 40565fa2f8bd3c20646f194b36c893cb3696f3c2 Mon Sep 17 00:00:00 2001 From: Florent Bruneau Date: Sun, 21 Dec 2008 19:07:39 +0100 Subject: [PATCH] Use new cookie API. Signed-off-by: Florent Bruneau --- classes/xorgsession.php | 19 ++++++++----------- core | 2 +- modules/platal.php | 13 +++++-------- modules/register.php | 4 ++-- plugins/insert.getName.php | 2 +- plugins/insert.getUserName.php | 4 ++-- 6 files changed, 19 insertions(+), 25 deletions(-) diff --git a/classes/xorgsession.php b/classes/xorgsession.php index 91cda51..9683f31 100644 --- a/classes/xorgsession.php +++ b/classes/xorgsession.php @@ -47,19 +47,19 @@ class XorgSession extends PlSession private function tryCookie() { S::kill('auth_by_cookie'); - if (Cookie::v('ORGaccess') == '' || !Cookie::has('ORGuid')) { + if (Cookie::v('access') == '' || !Cookie::has('uid')) { return -1; } $res = XDB::query('SELECT user_id, password FROM auth_user_md5 WHERE user_id = {?} AND perms IN(\'admin\', \'user\')', - Cookie::i('ORGuid')); + Cookie::i('uid')); if ($res->numRows() != 0) { list($uid, $password) = $res->fetchOneRow(); require_once 'secure_hash.inc.php'; $expected_value = hash_encrypt($password); - if ($expected_value == Cookie::v('ORGaccess')) { + if ($expected_value == Cookie::v('access')) { S::set('auth_by_cookie', $uid); return 0; } else { @@ -176,12 +176,10 @@ class XorgSession extends PlSession if (!S::has('suid')) { if (Post::has('domain')) { if (($domain = Post::v('domain', 'login')) == 'alias') { - setcookie('ORGdomain', "alias", (time() + 25920000), '/', '', 0); + Cookie::set('domain', 'alias', 300); } else { - setcookie('ORGdomain', '', (time() - 3600), '/', '', 0); + Cookie::kill('domain'); } - // pour que la modification soit effective dans le reste de la page - $_COOKIE['ORGdomain'] = $domain; } } S::kill('challenge'); @@ -229,16 +227,15 @@ class XorgSession extends PlSession } else { $logger = S::logger($uid); $logger->saveLastSession(); - setcookie('ORGuid', $uid, (time() + 25920000), '/', '', 0); + Cookie::set('uid', $uid, 300); if (S::i('auth_by_cookie') == $uid || Post::v('remember', 'false') == 'true') { - $cookie = hash_encrypt($sess['password']); - setcookie('ORGaccess', $cookie, (time() + 25920000), '/', '', 0); + Cookie::set('access', hash_encrypt($sess['password']), 300); if (S::i('auth_by_cookie') != $uid) { $logger->log("cookie_on"); } } else { - setcookie('ORGaccess', '', time() - 3600, '/', '', 0); + Cookie::kill('access'); $logger->log("cookie_off"); } } diff --git a/core b/core index d7dfb18..f09d331 160000 --- a/core +++ b/core @@ -1 +1 @@ -Subproject commit d7dfb18e275c1ed834ea8f0f4001399b0a17ce9f +Subproject commit f09d3319de8a65f5eb11ce0e73a3dc08a72c4091 diff --git a/modules/platal.php b/modules/platal.php index cf73869..dd08d3c 100644 --- a/modules/platal.php +++ b/modules/platal.php @@ -232,8 +232,8 @@ class PlatalModule extends PLModule $log =& S::v('log'); S::logger()->log('passwd', ''); - if (Cookie::v('ORGaccess')) { - setcookie('ORGaccess', hash_encrypt($password), (time()+25920000), '/', '' ,0); + if (Cookie::v('access')) { + Cookie::set('access', sha1($password), 300); S::logger()->log('cookie_on', ''); } @@ -440,16 +440,13 @@ Adresse de secours : " . Post::v('email') : "")); } if ($level == 'forget' || $level == 'forgetall') { - setcookie('ORGaccess', '', time() - 3600, '/', '', 0); - Cookie::kill('ORGaccess'); + Cookie::kill('access'); S::logger()->log("cookie_off"); } if ($level == 'forgetuid' || $level == 'forgetall') { - setcookie('ORGuid', '', time() - 3600, '/', '', 0); - Cookie::kill('ORGuid'); - setcookie('ORGdomain', '', time() - 3600, '/', '', 0); - Cookie::kill('ORGdomain'); + Cookie::kill('uid'); + Cookie::kill('domain'); } $ref = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; diff --git a/modules/register.php b/modules/register.php index 9089244..a491174 100644 --- a/modules/register.php +++ b/modules/register.php @@ -443,9 +443,9 @@ class RegisterModule extends PLModule $log = S::v('log'); S::logger()->log('passwd', ''); - if (Cookie::v('ORGaccess')) { + if (Cookie::v('access')) { require_once('secure_hash.inc.php'); - setcookie('ORGaccess', hash_encrypt($password), (time()+25920000), '/', '' ,0); + Cookie::set('access', hash_encrypt($password), 300); S::logger()->log('cookie_on', ''); } diff --git a/plugins/insert.getName.php b/plugins/insert.getName.php index bd7ac0f..755a78e 100644 --- a/plugins/insert.getName.php +++ b/plugins/insert.getName.php @@ -21,7 +21,7 @@ function smarty_insert_getName() { - $uid = Cookie::v('ORGuid', -1); + $uid = Cookie::v('uid', -1); if ($uid < 0) { return ""; } diff --git a/plugins/insert.getUserName.php b/plugins/insert.getUserName.php index 08dd7df..70a70f7 100644 --- a/plugins/insert.getUserName.php +++ b/plugins/insert.getUserName.php @@ -23,14 +23,14 @@ function smarty_insert_getUsername() { global $globals; - $id = Cookie::i('ORGuid', -1); + $id = Cookie::i('uid', -1); $id = S::v($_SESSION['uid'], $id); if ($id<0) { return ""; } - if (Cookie::v('ORGdomain', 'login') != 'alias') { + if (Cookie::v('domain', 'login') != 'alias') { $res = XDB::query("SELECT alias FROM aliases WHERE id={?} AND (type IN ('a_vie','alias') AND FIND_IN_SET('bestalias', flags))", $id); return $res->fetchOneCell(); -- 2.1.4