From d68646f12bec6f842a0ee92819bf507f13d383d7 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Rapha=C3=ABl=20Barrois?= <raphael.barrois@polytechnique.org>
Date: Thu, 11 Aug 2011 00:02:38 +0200
Subject: [PATCH] Minor code updates on handler_groupex.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Signed-off-by: Raphaël Barrois <raphael.barrois@polytechnique.org>
---
 modules/auth.php | 25 +++++++++++++++++--------
 1 file changed, 17 insertions(+), 8 deletions(-)

diff --git a/modules/auth.php b/modules/auth.php
index 73d9760..d973cd5 100644
--- a/modules/auth.php
+++ b/modules/auth.php
@@ -109,24 +109,33 @@ class AuthModule extends PLModule
         return $this->handler_groupex($page, 'iso-8859-1');
     }
 
+    /** Handles the 'auth-groupe-x' authentication.
+     * Expects the following GET parameters:
+     * - pass: the 'password' for the authentication
+     * - challenge: the authentication challenge
+     * - url: the return URL
+     * - session: the remote PHP session ID
+     */
     function handler_groupex($page, $charset = 'utf8')
     {
         $this->load('auth.inc.php');
         $page->assign('referer', true);
 
-        $gpex_pass = $_GET["pass"];
-        $gpex_url  = urldecode($_GET["url"]);
-        if (strpos($gpex_url, '?') === false) {
-            $gpex_url .= "?PHPSESSID=" . $_GET["session"];
-        } else {
-            $gpex_url .= "&PHPSESSID=" . $_GET["session"];
+        $gpex_pass = Get::s('pass');
+        $gpex_url  = urldecode(Get::s('url'));
+        if (Get::has('session')) {
+            if (strpos($gpex_url, '?') === false) {
+                $gpex_url .= "?PHPSESSID=" . Get::s('session');
+            } else {
+                $gpex_url .= "&PHPSESSID=" . Get::s('session');
+            }
         }
 
         // Normalize the return URL.
         if (!preg_match("/^(http|https):\/\/.*/",$gpex_url)) {
             $gpex_url = "http://$gpex_url";
         }
-        $gpex_challenge = $_GET["challenge"];
+        $gpex_challenge = Get::s('challenge');
 
         // Update the last login information (unless the user is in SUID).
         $uid = S::i('uid');
@@ -137,7 +146,7 @@ class AuthModule extends PLModule
 
         // Iterate over the auth token to find which one did sign the request.
         $res = XDB::iterRow('SELECT privkey, name, datafields, returnurls FROM group_auth');
-        while (list($privkey,$name,$datafields,$returnurls) = $res->next()) {
+        while (list($privkey, $name, $datafields, $returnurls) = $res->next()) {
             if (md5($gpex_challenge.$privkey) == $gpex_pass) {
                 $returnurls = trim($returnurls);
                 // We check that the return url matches a per-key regexp to prevent
-- 
2.1.4