From 7f1ff426fc774ff5baedc4d76df5f6bced50b720 Mon Sep 17 00:00:00 2001
From: Florent Bruneau <florent.bruneau@polytechnique.org>
Date: Tue, 30 Dec 2008 22:57:31 +0100
Subject: [PATCH] Last core, implements User::password().

Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
---
 classes/user.php                   | 14 +++++++++++---
 core                               |  2 +-
 include/validations/listes.inc.php |  2 +-
 modules/auth.php                   |  6 +-----
 modules/lists.php                  |  9 +++++----
 modules/xnetlists.php              |  8 +++++---
 6 files changed, 24 insertions(+), 17 deletions(-)

diff --git a/classes/user.php b/classes/user.php
index a26a75e..7fb56c2 100644
--- a/classes/user.php
+++ b/classes/user.php
@@ -144,9 +144,8 @@ class User extends PlUser
                                    CONCAT(af.alias, '@{$globals->mail->domain}') AS forlife,
                                    CONCAT(ab.alias, '@{$globals->mail->domain}') AS bestalias,
                                    a.full_name, a.display_name, a.sex = 'female' AS gender,
-                                   a.email_format, a.password,
-                                   IF (a.state = 'active', at.perms, '') AS perms,
-                                   a.is_admin
+                                   IF(a.state = 'active', at.perms, '') AS perms,
+                                   a.email_format, a.is_admin
                              FROM  accounts AS a
                        INNER JOIN  account_types AS at ON (at.type = a.type)
                        INNER JOIN  profile_display AS d ON (d.uid = a.uid)
@@ -206,6 +205,15 @@ class User extends PlUser
         $this->perm_flags = self::makePerms($this->perms, $this->is_admin);
     }
 
+    // We do not want to store the password in the object.
+    // So, fetch it 'on demand'
+    public function password()
+    {
+        return XDB::fetchOneCell('SELECT  a.password
+                                    FROM  accounts AS a
+                                   WHERE  a.uid = {?}', $this->id());
+    }
+
     /** Return the main profile attached with this account if any.
      */
     public function profile()
diff --git a/core b/core
index 933e1c2..35fff9b 160000
--- a/core
+++ b/core
@@ -1 +1 @@
-Subproject commit 933e1c23f280a829faf7c112164341f47957c0fb
+Subproject commit 35fff9b04585817e74f4709f36b70d959ce3224c
diff --git a/include/validations/listes.inc.php b/include/validations/listes.inc.php
index 7b803fa..1bb878e 100644
--- a/include/validations/listes.inc.php
+++ b/include/validations/listes.inc.php
@@ -139,7 +139,7 @@ class ListeReq extends Validate
             return 1;
         }
 
-        $list = new MMList(S::user()->id(), S::v('password'), $this->domain);
+        $list = new MMList(S::user()->id(), $this->domain);
         $ret = $list->create_list($this->liste, utf8_decode($this->desc), $this->advertise,
                                   $this->modlevel, $this->inslevel,
                                   $this->owners, $this->members);
diff --git a/modules/auth.php b/modules/auth.php
index 1601c58..47801ae 100644
--- a/modules/auth.php
+++ b/modules/auth.php
@@ -53,11 +53,7 @@ class AuthModule extends PLModule
         $cle = $globals->core->econfiance;
 
         if (S::v('chall') && $_GET['PASS'] == md5(S::v('chall').$cle)) {
-
-            $res  = XDB::query("SELECT password FROM auth_user_md5 WHERE user_id=10154");
-            $pass = $res->fetchOneCell();
-
-            $list = new MMList(10154, $pass, "x-econfiance.polytechnique.org");
+            $list = new MMList(User::getWithUID(10154), "x-econfiance.polytechnique.org");
             $members = $list->get_members('membres');
             if (is_array($members)) {
                 $membres = Array();
diff --git a/modules/lists.php b/modules/lists.php
index e7d5674..d1a40cf 100644
--- a/modules/lists.php
+++ b/modules/lists.php
@@ -56,7 +56,7 @@ class ListsModule extends PLModule
             $user = S::user();
         }
 
-        $this->client = new MMList($user->id(), $user->password);
+        $this->client = new MMList($user);
         return $globals->mail->domain;
     }
 
@@ -894,12 +894,13 @@ class ListsModule extends PLModule
         }
     }
 
-    function handler_admin_all(&$page) {
+    function handler_admin_all(&$page)
+    {
         $page->changeTpl('lists/admin_all.tpl');
         $page->setTitle('Administration - Mailing lists');
 
-        $client = new MMList(S::v('uid'), S::v('password'));
-        $listes = $client->get_all_lists();
+        $this->prepare_client($page);
+        $listes = $this->client->get_all_lists();
         $page->assign_by_ref('listes', $listes);
     }
 }
diff --git a/modules/xnetlists.php b/modules/xnetlists.php
index 35b0f86..4f6dcb2 100644
--- a/modules/xnetlists.php
+++ b/modules/xnetlists.php
@@ -53,13 +53,15 @@ class XnetListsModule extends ListsModule
         );
     }
 
-    function prepare_client(&$page)
+    function prepare_client(&$page, $user = null)
     {
         global $globals;
         Platal::load('lists', 'lists.inc.php');
 
-        $this->client = new MMList(S::v('uid'), S::v('password'),
-                                   $globals->asso('mail_domain'));
+        if (is_null($user)) {
+            $user =& S::user();
+        }
+        $this->client = new MMList($user, $globals->asso('mail_domain'));
 
         $page->assign('asso', $globals->asso());
         $page->setType($globals->asso('cat'));
-- 
2.1.4