From cdfe0063c9b6b0fad10dd6d97ae2f25010e3620c Mon Sep 17 00:00:00 2001
From: x2001corpet <x2001corpet@839d8a87-29fc-0310-9880-83ba4fa771e5>
Date: Thu, 29 Jun 2006 05:39:31 +0000
Subject: [PATCH] fix bug d'include de javascript lorsqu'on essaie de se logger
 depuis des pages comme admin/ ou geoloc/

git-svn-id: svn+ssh://murphy/home/svn/platal/trunk@341 839d8a87-29fc-0310-9880-83ba4fa771e5
---
 htdocs/javascript/do_challenge_response.js.php     | 25 ++++++++++++++++++++++
 .../javascript/do_challenge_response_logged.js.php | 25 ++++++++++++++++++++++
 htdocs/javascript/motdepasse.js.php                | 25 ++++++++++++++++++++++
 htdocs/javascript/secure_hash.js.php               | 25 ++++++++++++++++++++++
 htdocs/motdepasse.php                              |  4 ++--
 htdocs/tmpPWD.php                                  |  2 +-
 include/xnet/session.inc.php                       |  4 ++--
 include/xorg/session.inc.php                       | 24 ++++++++++-----------
 .../javascript/do_challenge_response.js.tpl        |  4 +++-
 .../javascript/do_challenge_response_logged.js.tpl |  4 +++-
 .../javascript/motdepasse.js.tpl                   |  4 +++-
 .../javascript/secure_hash.js.tpl                  |  6 ++++--
 12 files changed, 129 insertions(+), 23 deletions(-)
 create mode 100644 htdocs/javascript/do_challenge_response.js.php
 create mode 100644 htdocs/javascript/do_challenge_response_logged.js.php
 create mode 100644 htdocs/javascript/motdepasse.js.php
 create mode 100644 htdocs/javascript/secure_hash.js.php
 rename htdocs/javascript/do_challenge_response.js => templates/javascript/do_challenge_response.js.tpl (96%)
 rename htdocs/javascript/do_challenge_response_logged.js => templates/javascript/do_challenge_response_logged.js.tpl (95%)
 rename htdocs/javascript/motdepasse.js => templates/javascript/motdepasse.js.tpl (95%)
 rename htdocs/javascript/secure_hash.js => templates/javascript/secure_hash.js.tpl (88%)

diff --git a/htdocs/javascript/do_challenge_response.js.php b/htdocs/javascript/do_challenge_response.js.php
new file mode 100644
index 0000000..dacd54f
--- /dev/null
+++ b/htdocs/javascript/do_challenge_response.js.php
@@ -0,0 +1,25 @@
+<?php
+/***************************************************************************
+ *  Copyright (C) 2003-2006 Polytechnique.org                              *
+ *  http://opensource.polytechnique.org/                                   *
+ *                                                                         *
+ *  This program is free software; you can redistribute it and/or modify   *
+ *  it under the terms of the GNU General Public License as published by   *
+ *  the Free Software Foundation; either version 2 of the License, or      *
+ *  (at your option) any later version.                                    *
+ *                                                                         *
+ *  This program is distributed in the hope that it will be useful,        *
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
+ *  GNU General Public License for more details.                           *
+ *                                                                         *
+ *  You should have received a copy of the GNU General Public License      *
+ *  along with this program; if not, write to the Free Software            *
+ *  Foundation, Inc.,                                                      *
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
+ ***************************************************************************/
+require_once("xorg.inc.php");
+new_nonhtml_page('javascript/do_challenge_response.js.tpl', AUTH_PUBLIC);
+header("Content-type: text/javascript");
+$page->run();
+?>
diff --git a/htdocs/javascript/do_challenge_response_logged.js.php b/htdocs/javascript/do_challenge_response_logged.js.php
new file mode 100644
index 0000000..122bd95
--- /dev/null
+++ b/htdocs/javascript/do_challenge_response_logged.js.php
@@ -0,0 +1,25 @@
+<?php
+/***************************************************************************
+ *  Copyright (C) 2003-2006 Polytechnique.org                              *
+ *  http://opensource.polytechnique.org/                                   *
+ *                                                                         *
+ *  This program is free software; you can redistribute it and/or modify   *
+ *  it under the terms of the GNU General Public License as published by   *
+ *  the Free Software Foundation; either version 2 of the License, or      *
+ *  (at your option) any later version.                                    *
+ *                                                                         *
+ *  This program is distributed in the hope that it will be useful,        *
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
+ *  GNU General Public License for more details.                           *
+ *                                                                         *
+ *  You should have received a copy of the GNU General Public License      *
+ *  along with this program; if not, write to the Free Software            *
+ *  Foundation, Inc.,                                                      *
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
+ ***************************************************************************/
+require_once("xorg.inc.php");
+new_nonhtml_page('javascript/do_challenge_response_logged.js.tpl', AUTH_PUBLIC);
+header("Content-type: text/javascript");
+$page->run();
+?>
diff --git a/htdocs/javascript/motdepasse.js.php b/htdocs/javascript/motdepasse.js.php
new file mode 100644
index 0000000..6a28c41
--- /dev/null
+++ b/htdocs/javascript/motdepasse.js.php
@@ -0,0 +1,25 @@
+<?php
+/***************************************************************************
+ *  Copyright (C) 2003-2006 Polytechnique.org                              *
+ *  http://opensource.polytechnique.org/                                   *
+ *                                                                         *
+ *  This program is free software; you can redistribute it and/or modify   *
+ *  it under the terms of the GNU General Public License as published by   *
+ *  the Free Software Foundation; either version 2 of the License, or      *
+ *  (at your option) any later version.                                    *
+ *                                                                         *
+ *  This program is distributed in the hope that it will be useful,        *
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
+ *  GNU General Public License for more details.                           *
+ *                                                                         *
+ *  You should have received a copy of the GNU General Public License      *
+ *  along with this program; if not, write to the Free Software            *
+ *  Foundation, Inc.,                                                      *
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
+ ***************************************************************************/
+require_once("xorg.inc.php");
+new_nonhtml_page('javascript/motdepasse.js.tpl', AUTH_PUBLIC);
+header("Content-type: text/javascript");
+$page->run();
+?>
diff --git a/htdocs/javascript/secure_hash.js.php b/htdocs/javascript/secure_hash.js.php
new file mode 100644
index 0000000..8c46ce0
--- /dev/null
+++ b/htdocs/javascript/secure_hash.js.php
@@ -0,0 +1,25 @@
+<?php
+/***************************************************************************
+ *  Copyright (C) 2003-2006 Polytechnique.org                              *
+ *  http://opensource.polytechnique.org/                                   *
+ *                                                                         *
+ *  This program is free software; you can redistribute it and/or modify   *
+ *  it under the terms of the GNU General Public License as published by   *
+ *  the Free Software Foundation; either version 2 of the License, or      *
+ *  (at your option) any later version.                                    *
+ *                                                                         *
+ *  This program is distributed in the hope that it will be useful,        *
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
+ *  GNU General Public License for more details.                           *
+ *                                                                         *
+ *  You should have received a copy of the GNU General Public License      *
+ *  along with this program; if not, write to the Free Software            *
+ *  Foundation, Inc.,                                                      *
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
+ ***************************************************************************/
+require_once("xorg.inc.php");
+new_nonhtml_page('javascript/secure_hash.js.tpl', AUTH_PUBLIC);
+header("Content-type: text/javascript");
+$page->run();
+?>
diff --git a/htdocs/motdepasse.php b/htdocs/motdepasse.php
index 1f79fb8..48a2cdf 100644
--- a/htdocs/motdepasse.php
+++ b/htdocs/motdepasse.php
@@ -25,7 +25,7 @@ if (Post::has('response2'))  {
     require_once('secure_hash.inc.php');
     if (hash_encrypt($_SESSION['password'].":".$_SESSION['session']->challenge) != Post::get('response')) {
         new_skinned_page('motdepasse.tpl', AUTH_MDP);
-        $page->addJsLink('javascript/motdepasse.js');
+        $page->addJsLink('javascript/motdepasse.js.php');
         $page->assign('xorg_title','Polytechnique.org - Mon mot de passe');
         $page->trig('Ancien mot de passe erronné');
         $page->run();
@@ -47,7 +47,7 @@ if (Post::has('response2'))  {
 }
 
 new_skinned_page('motdepasse.tpl', AUTH_MDP);
-$page->addJsLink('javascript/motdepasse.js');
+$page->addJsLink('javascript/motdepasse.js.php');
 $page->assign('xorg_title','Polytechnique.org - Mon mot de passe');
 $page->run();
 ?>
diff --git a/htdocs/tmpPWD.php b/htdocs/tmpPWD.php
index aa1b62b..7841a1e 100644
--- a/htdocs/tmpPWD.php
+++ b/htdocs/tmpPWD.php
@@ -38,7 +38,7 @@ if ($ligne = $res->fetchOneAssoc())  {
         $page->run();
     } else {
         new_skinned_page('motdepasse.tpl', AUTH_PUBLIC);
-        $page->addJsLink('javascript/motdepasse.js');
+        $page->addJsLink('javascript/motdepasse.js.php');
         $page->run();
     }
 } else {
diff --git a/include/xnet/session.inc.php b/include/xnet/session.inc.php
index 6a3e6b6..c234e3f 100644
--- a/include/xnet/session.inc.php
+++ b/include/xnet/session.inc.php
@@ -135,8 +135,8 @@ class XnetSession extends DiogenesCoreSession
     // {{{ doLogin
 
     function doLogin(&$page) {
-        $page->addJsLink('javascript/md5.js');
-        $page->addJsLink('javascript/do_challenge_response.js');
+        // login for non-x has been disabled, so don't need this js anymore
+        //$page->addJsLink('javascript/do_challenge_response.js.php');
         $page->assign("xorg_tpl", "xnet/login.tpl");
         $page->run();
     }
diff --git a/include/xorg/session.inc.php b/include/xorg/session.inc.php
index c03a39b..2ad7784 100644
--- a/include/xorg/session.inc.php
+++ b/include/xorg/session.inc.php
@@ -72,7 +72,6 @@ class XorgSession extends DiogenesCoreSession
         if (Session::has('session')) {
             $session =& Session::getMixed('session');
         }
-
         if (Env::has('username') && Env::has('response') && isset($session->challenge))
     	{
     	    // si on vient de recevoir une identification par passwordpromptscreen.tpl
@@ -184,16 +183,15 @@ class XorgSession extends DiogenesCoreSession
      */
     function doLogin(&$page, $new_name=false)
     {
-        $page->addJsLink('javascript/secure_hash.js');
-	if (logged() and !$new_name) {
-	    $page->changeTpl('password_prompt_logged.tpl');
-            $page->addJsLink('javascript/do_challenge_response_logged.js');
-	    $page->assign("xorg_tpl", "password_prompt_logged.tpl");
-	    $page->run();
-	} else {
-	    $page->changeTpl('password_prompt.tpl');
-            $page->addJsLink('javascript/do_challenge_response.js');
-	    $page->assign("xorg_tpl", "password_prompt.tpl");
+        if (logged() and !$new_name) {
+            $page->changeTpl('password_prompt_logged.tpl');
+            $page->addJsLink('javascript/do_challenge_response_logged.js.php');
+            $page->assign("xorg_tpl", "password_prompt_logged.tpl");
+            $page->run();
+        } else {
+            $page->changeTpl('password_prompt.tpl');
+            $page->addJsLink('javascript/do_challenge_response.js.php');
+            $page->assign("xorg_tpl", "password_prompt.tpl");
             
             global $globals;
             if ($globals->mail->alias_dom) {
@@ -204,8 +202,8 @@ class XorgSession extends DiogenesCoreSession
                 $page->assign("r_domain", Cookie::get('ORGdomain', 'login'));
             }
 	    $page->run();
-	}
-	exit;
+    	}
+    	exit;
     }
 
     // }}}
diff --git a/htdocs/javascript/do_challenge_response.js b/templates/javascript/do_challenge_response.js.tpl
similarity index 96%
rename from htdocs/javascript/do_challenge_response.js
rename to templates/javascript/do_challenge_response.js.tpl
index 419d1f0..b54b1ce 100644
--- a/htdocs/javascript/do_challenge_response.js
+++ b/templates/javascript/do_challenge_response.js.tpl
@@ -18,8 +18,9 @@
  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
  ***************************************************************************/
 
-document.write('<script language="javascript" src="javascript/secure_hash.js"></script>');
+document.write('<script language="javascript" src="{rel}/javascript/secure_hash.js.php"></script>');
 
+{literal}
 function correctUserName() {
     var u = document.forms.login.username;
     // login with no space
@@ -61,3 +62,4 @@ function doChallengeResponse() {
     document.forms.loginsub.submit();
 
 }
+{/literal}
\ No newline at end of file
diff --git a/htdocs/javascript/do_challenge_response_logged.js b/templates/javascript/do_challenge_response_logged.js.tpl
similarity index 95%
rename from htdocs/javascript/do_challenge_response_logged.js
rename to templates/javascript/do_challenge_response_logged.js.tpl
index 2ec3595..226d9ea 100644
--- a/htdocs/javascript/do_challenge_response_logged.js
+++ b/templates/javascript/do_challenge_response_logged.js.tpl
@@ -18,8 +18,9 @@
  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
  ***************************************************************************/
 
-document.write('<script language="javascript" src="javascript/secure_hash.js"></script>');
+document.write('<script language="javascript" src="{rel}/javascript/secure_hash.js.php"></script>');
 
+{literal}
 function readCookie(name)
 {
     var nameEQ = name + "=";
@@ -48,3 +49,4 @@ function doChallengeResponse() {
     document.forms.login.password.value = "";
     document.forms.loginsub.submit();
 }
+{/literal}
\ No newline at end of file
diff --git a/htdocs/javascript/motdepasse.js b/templates/javascript/motdepasse.js.tpl
similarity index 95%
rename from htdocs/javascript/motdepasse.js
rename to templates/javascript/motdepasse.js.tpl
index 9aac631..a08e6c3 100644
--- a/htdocs/javascript/motdepasse.js
+++ b/templates/javascript/motdepasse.js.tpl
@@ -18,8 +18,9 @@
  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
  ***************************************************************************/
 
-document.write('<script language="javascript" src="javascript/secure_hash.js"></script>');
+document.write('<script language="javascript" src="{rel}/javascript/secure_hash.js.php"></script>');
 
+{literal}
 function EnCryptedResponse() {
     pw1 = document.forms.changepass.nouveau.value;
     pw2 = document.forms.changepass.nouveau2.value;
@@ -47,3 +48,4 @@ function EnCryptedResponse() {
     document.forms.changepass2.submit();
     return true;
 }
+{/literal}
diff --git a/htdocs/javascript/secure_hash.js b/templates/javascript/secure_hash.js.tpl
similarity index 88%
rename from htdocs/javascript/secure_hash.js
rename to templates/javascript/secure_hash.js.tpl
index ebe3f6a..2ffbc55 100644
--- a/htdocs/javascript/secure_hash.js
+++ b/templates/javascript/secure_hash.js.tpl
@@ -18,9 +18,10 @@
  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
  ***************************************************************************/
 
-document.write('<script language="javascript" src="javascript/md5.js"></script>');
-document.write('<script language="javascript" src="javascript/sha1.js"></script>');
+document.write('<script language="javascript" src="{rel}/javascript/md5.js"></script>');
+document.write('<script language="javascript" src="{rel}/javascript/sha1.js"></script>');
 
+{literal}
 function hash_encrypt(a) {
     return hex_sha1(a);
 }
@@ -51,3 +52,4 @@ function hash_xor(a, b) {
         c += a.charAt(k);
     return c;
 }
+{/literal}
-- 
2.1.4