Subversion Repositories Applications.wikini

Rev

Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
63 aurelien 1 
<?php
2 
/*
3 
login.php
4 
Copyright 2010  Florian SCHMITT
5 
All rights reserved.
6 
Redistribution and use in source and binary forms, with or without
7 
modification, are permitted provided that the following conditions
8 
are met:
9 
1. Redistributions of source code must retain the above copyright
10 
notice, this list of conditions and the following disclaimer.
11 
2. Redistributions in binary form must reproduce the above copyright
12 
notice, this list of conditions and the following disclaimer in the
13 
documentation and/or other materials provided with the distribution.
14 
3. The name of the author may not be used to endorse or promote products
15 
derived from this software without specific prior written permission.
16 
 
17 
THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
18 
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19 
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20 
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
21 
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22 
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23 
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24 
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26 
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 
*/
28 
 
29 
// Lecture des parametres de l'action
30 
 
31 
// url d'inscription
32 
$signupurl = $this->GetParameter('signupurl');
33 
// si pas de pas d'url d'inscription renseignée, on utilise ParametresUtilisateur
34 
if (empty($signupurl) && $signupurl != "0") {
35 
	$signupurl = $this->href("", "ParametresUtilisateur", "");
36 
}
37 
else {
38 
	if ($this->IsWikiName($signupurl)) {
39 
		$signupurl = $this->href('', $signupurl);
40 
	}
41 
}
42 
 
43 
// url du profil
44 
$profileurl = $this->GetParameter('profileurl');
45 
 
46 
$incomingurl = 'http'.((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'
47 
    || $_SERVER['SERVER_PORT'] == 443) ? 's' : '').'://'.
48 
		(($_SERVER['SERVER_PORT']!='80') ? $_SERVER['HTTP_HOST'].':'.$_SERVER['SERVER_PORT'].$_SERVER['SCRIPT_NAME'] :
49 
		$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME']).
50 
		(($_SERVER['QUERY_STRING']>' ') ? '?'.$_SERVER['QUERY_STRING'] : '');
51 
 
52 
$userpage = $this->GetParameter("userpage");
53 
 
54 
// si pas d'url de page de sortie renseignée, on retourne sur la page courante
55 
if (empty($userpage)) {
56 
	$userpage = $incomingurl;
57 
 
58 
	// si l'url de sortie contient le passage de parametres de déconnexion, on l'efface
59 
	if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "logout") {
60 
		$userpage = str_replace('&action=logout', '', $userpage);
61 
	}
62 
}
63 
else {
64 
	if ($this->IsWikiName($userpage)) {
65 
		$userpage = $this->href('', $userpage);
66 
	}
67 
}
68 
 
69 
// classes css pour l'action et pour les boutons
70 
$class = $this->GetParameter("class");
71 
$btnclass = $this->GetParameter("btnclass");
72 
 
73 
// template par défaut
74 
$template = $this->GetParameter("template");
75 
if (empty($template) || !file_exists('tools/login/presentation/templates/'.$template) ) {
76 
	$template = "default.tpl.html";
77 
}
78 
 
79 
$error = '';
80 
$PageMenuUser = '';
81 
 
82 
// on initialise la valeur vide si elle n'existe pas
83 
if (!isset($_REQUEST["action"])) $_REQUEST["action"] = '';
84 
 
85 
// cas de la déconnexion
86 
if ($_REQUEST["action"] == "logout") {
87 
	$this->LogoutUser();
88 
 
89 
	if($this->config['use_sso']) {
90 
		require_once('tools/login/libs/identificationsso.class.php');
91 
		$sso = new identificationSso($this);
92 
		$sso->deconnecterUtilisateur(str_replace('&action=logout', '', $incomingurl));
93 
	}
94 
 
95 
	$this->SetMessage("Vous &ecirc;tes maintenant d&eacute;connect&eacute; !");
96 
	$this->Redirect(str_replace('&action=logout', '', str_replace('&action=logout', '', $incomingurl)));
97 
	exit;
98 
}
99 
 
100 
// cas de l'identification
101 
if ($_REQUEST["action"] == "login") {
102 
 
103 
	// login sso
104 
	if($this->config['use_sso']) {
105 
		// identification.php analyse les cookies, header etc... afin de déterminer la présence d'un jeton
106 
		require_once('tools/login/libs/identificationsso.class.php');
107 
		$sso = new identificationSso($this);
108 
		$sso->connecterUtilisateur($_POST["name"], $_POST["password"], $_POST['incomingurl']);
109 
	} else {
110 
	// login normal
111 
		// si l'utilisateur existe, on vérifie son mot de passe
112 
		if (isset($_POST["name"]) && $existingUser = $this->LoadUser($_POST["name"])) {
113 
			// si le mot de passe est bon, on créée le cookie et on redirige sur la bonne page
114 
			if ($existingUser["password"] == md5($_POST["password"])) {
115 
				$this->SetUser($existingUser, $_POST["remember"]);
116 
				// si l'on veut utiliser la page d'accueil correspondant au nom d'utilisateur
117 
				if ( $userpage=='user' && $this->LoadPage($_POST["name"]) ) {
118 
					$this->Redirect($this->href('', $_POST["name"], ''));
119 
				}
120 
				// on va sur la page d'ou on s'est identifie sinon
121 
				else {
122 
					$this->Redirect($_POST['incomingurl']);
123 
				}
124 
			}
125 
			// on affiche une erreur sur le mot de passe sinon
126 
			else {
127 
				$this->SetMessage("Identification impossible : mauvais mot de passe.");
128 
				$this->Redirect($_POST['incomingurl']);
129 
			}
130 
		}
131 
		// on affiche une erreur sur le NomWiki sinon
132 
		else {
133 
			$this->SetMessage("Identification impossible : NomWiki non reconnu.");
134 
			$this->Redirect($_POST['incomingurl']);
135 
		}
136 
	}
137 
}
138 
 
139 
if($this->config['use_sso']) {
140 
	require_once('tools/login/libs/identificationsso.class.php');
141 
	$sso = new identificationSso($this);
142 
	$sso->recupererIdentiteConnectee();
143 
}
144 
 
145 
// cas d'une personne connectée déjà
146 
if ($user = $this->GetUser()) {
147 
	$connected = true;
148 
	if ($this->LoadPage("PageMenuUser")) {
149 
		$PageMenuUser .= $this->Format("{{include page=\"PageMenuUser\"}}");
150 
	}
151 
 
152 
	// si pas de pas d'url de profil renseignée, on utilise ParametresUtilisateur
153 
	if (empty($profileurl)) {
154 
		$profileurl = $this->href("", "ParametresUtilisateur", "");
155 
	}
156 
	elseif ($profileurl=='WikiName') {
157 
		$profileurl = $this->href("edit", $user['name'], "");
158 
	}
159 
	else {
160 
		if ($this->IsWikiName($profileurl)) {
161 
			$profileurl = $this->href('', $profileurl);
162 
		}
163 
	}
164 
}
165 
// cas d'une personne non connectée
166 
else {
167 
	$connected = false;
168 
	// si l'authentification passe mais la session n'est pas créée, on a un problème de cookie
169 
	if ($_REQUEST['action'] == 'checklogged') {
170 
		$error = 'Vous devez accepter les cookies pour pouvoir vous connecter.';
171 
	}
172 
}
173 
 
174 
// on affiche le template
175 
if (!class_exists('SquelettePhp')) include_once('tools/login/libs/squelettephp.class.php');
176 
$squel = new SquelettePhp('tools/login/presentation/templates/'.$template);
177 
$squel->set(array(
178 
	"connected" => $connected,
179 
	"user" => ((isset($user["name"])) ? $user["name"] : ((isset($_POST["name"])) ? $_POST["name"] : '' )),
180 
	"incomingurl" => $incomingurl,
181 
	"signupurl" => $signupurl,
182 
	"profileurl" => $profileurl,
183 
	"userpage" => $userpage,
184 
	"PageMenuUser" => $PageMenuUser,
185 
	"btnclass" => $btnclass,
186 
	"error" => $error
187 
));
188 
 
189 
$output = (!empty($class)) ? '<div class="'.$class.'">'."\n".$squel->analyser()."\n".'</div>'."\n" : $squel->analyser() ;
190 
 
191 
echo $output;
192 
?>