<?php
$core->url->register('xorgAuth', 'Xorg', '^auth/(.*)$', array('xorgAuthentifier', 'doAuth'));
+$core->url->register('xorgLogin', 'XorgLogin', '^admin/(xorg\.php)$', array('xorgLoginPage', 'page'));
class xorgAuthWidget {
static public function widget(&$w) {
}
}
+class xorgLoginPage extends dcUrlHandlers {
+ static public function page($args) {
+ switch ($args) {
+ case 'xorg.php':
+ self::dispatchForm();
+ default:
+ self::p404();
+ }
+ }
+
+ static protected function dispatchForm() {
+ # If we have a session cookie, go to index.php
+ if (isset($_SESSION['sess_user_id']))
+ {
+ header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/admin/index.php');
+ }
+
+ # Loading locales for detected language
+ $dlang = http::getAcceptLanguage();
+ if ($dlang) {
+ l10n::set(dirname(__FILE__).'/../locales/'.$dlang.'/main');
+ }
+
+ global $core;
+ $msg = $err = null;
+ header('Content-Type: text/html; charset=UTF-8');
+ ?>
+ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+ <html xmlns="http://www.w3.org/1999/xhtml"
+ xml:lang="en" lang="en">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+ <meta http-equiv="Content-Script-Type" content="text/javascript" />
+ <meta http-equiv="Content-Style-Type" content="text/css" />
+ <meta http-equiv="Content-Language" content="en" />
+ <meta name="MSSmartTagsPreventParsing" content="TRUE" />
+ <meta name="ROBOTS" content="NOARCHIVE,NOINDEX,NOFOLLOW" />
+ <meta name="GOOGLEBOT" content="NOSNIPPET" />
+ <title><?php echo html::escapeHTML(DC_VENDOR_NAME); ?></title>
+
+ <?php
+ echo dcPage::jsLoadIE7();
+ echo dcPage::jsCommon();
+ ?>
+
+ <style type="text/css">
+ @import url(style/default.css);
+ </style>
+ <?php
+ # --BEHAVIOR-- loginPageHTMLHead
+ $core->callBehavior('loginPageHTMLHead');
+ ?>
+ </head>
+
+ <body id="dotclear-admin" class="auth">
+
+ <form action="xorg.php" method="post" id="login-screen">
+ <h1><?php echo html::escapeHTML(DC_VENDOR_NAME); ?></h1>
+
+ <?php
+ if ($err) {
+ echo '<div class="error">'.$err.'</div>';
+ }
+ if ($msg) {
+ echo '<p class="message">'.$msg.'</p>';
+ }
+
+ {
+ echo
+ '<fieldset>'.
+ '<p><a href="http://murphy.m4x.org/~x2003bruneau/dotclear/auth/Xorg?path=/~x2003bruneau/dotclear/admin/index.php">Via Polytechnique.org</a></p>' .
+ '<p><a href="http://murphy.m4x.org/~x2003bruneau/dotclear/admin/auth.php">Via le formulaire</a></p>' .
+ '</fieldset>'.
+
+ '<p>'.__('You must accept cookies in order to use the private area.').'</p>';
+
+ if ($core->auth->allowPassChange()) {
+ echo '<p><a href="auth.php?recover=1">'.__('I forgot my password').'</a></p>';
+ }
+ }
+ ?>
+ </form>
+
+ <script type="text/javascript">
+ //<![CDATA[
+ $('input[@name="user_id"]').get(0).focus();
+ //]]>
+ </script>
+
+ </body>
+ </html>
+<?php
+ exit;
+ }
+}
+
class xorgAuthentifier extends dcUrlHandlers {
static public function doAuth($args) {
global $core;
require_once dirname(__FILE__) . '/../../inc/core/class.dc.auth.php';
class xorgAuth extends dcAuth {
+ private $forceSU = false;
+
public $xorg_infos = array('forlife' => null,
'prenom' => null,
'nom' => null);
foreach ($this->xorg_infos as $key => $val) {
$this->xorg_infos[$key] = $_SESSION['auth-xorg-' . $key];
}
+ $this->user_id = $_SESSION['auth-xorg'];
}
}
public function checkUser($user_id, $pwd = null, $user_key = null) {
- return $this->callXorg();
+ return $this->callXorg() && $user_id == $this->user_id;
// echo "checking auth for " . $user_id;
- return parent::checkUser($user_id, $pwd, $user_key);
+// return parent::checkUser($user_id, $pwd, $user_key);
}
public function check($permissions, $blog_id) {
- $this->buildFromSession();
+ $this->buildFromSession();
+ return true;
// echo "Checking right to view $permissions on $blog_id";
- return parent::check($permissions, $blog_id);
+// return parent::check($permissions, $blog_id);
}
public function callXorg($path = null) {
exit;
}
+ private function acquireAdminRights() {
+ $this->forceSU = true;
+ }
+
+ private function releaseAdminRights() {
+ $this->forceSU = false;
+ }
+
+ private function createUser() {
+ global $core;
+ $this->acquireAdminRights();
+ if (!$core->userExists($_SESSION['auth-xorg'])) {
+ $cur = new cursor($this->con, 'dc_user');
+ $cur->user_id = $_SESSION['auth-xorg'];
+ $cur->user_pwd = md5(rand());
+ $cur->user_lang = 'fr';
+ $cur->user_name = $_SESSION['auth-xorg-nom'];
+ $cur->user_firstname = $_SESSION['auth-xorg-prenom'];
+ $cur->user_email = $_SESSION['auth-xorg'] . '@polytechnique.org';
+ $core->addUser($cur);
+ }
+ $this->releaseAdminRights();
+ }
+
public function returnXorg() {
if (!isset($_GET['auth'])) {
return false;
}
if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) {
unset($_GET['auth']);
- $_SESSION['auth-xorg'] = $_GET['forlife'];
+ $_SESSION['sess_user_id'] = $_SESSION['auth-xorg'] = $_GET['forlife'];
+ $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY);
+ $_SESSION['sess_blog_id'] = 'default';
+ $this->createUser();
header("Location: http://murphy.m4x.org" . $_GET['path']);
exit;
}
- $_SESSION['auth-xorg'] = null;
+ unset($_SESSION['auth-xorg']);
+ unset($_SESSION['sess_user_id']);
unset($_GET['auth']);
echo "Failed !!!";
return false;
header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/');
exit;
}
+
+ public function allowPassChange() {
+ return false;
+ }
+
+ public function userID() {
+ $this->buildFromSession();
+ return $this->user_id;
+ }
+
+ public function getPermissions() {
+ return array('default' => array('name' => 'My first blog',
+ 'url' => 'http://murphy.m4x.org/~x2003bruneau/dotclear/',
+ 'permissions' => array('usage' => true,
+ 'contentadmin' => true,
+ 'admin' => true)));
+ }
+
+ public function getInfo($n) {
+ switch ($n) {
+ case 'user_lang':
+ return "fr";
+ case 'user_default_blog':
+ return 'default';
+ case 'user_post_status':
+ return 1;
+ case 'user_tz':
+ return 'UTC';
+ }
+ echo "$n ";
+ return null;
+ }
+
+ public function isSuperAdmin() {
+ return $this->forceSU;
+ }
}
?>
projects / dotclear.git / commitdiff