From 3a21a4034070aa5e18d12b3ea3e4eae869e383d1 Mon Sep 17 00:00:00 2001 From: "vincent@cubedesigners.com" Date: Fri, 19 Nov 2021 09:59:16 +0000 Subject: [PATCH] wip #4891 @0.5 --- inc/commons/DAO/class.common.dao.utilisateur.php | 3 ++- inc/commons/class.common.core.php | 4 ++-- inc/ws/Controlleur/class.ws.flash.php | 1 + inc/ws/Controlleur/class.ws.maintenance.php | 11 +++++++++++ 4 files changed, 16 insertions(+), 3 deletions(-) diff --git a/inc/commons/DAO/class.common.dao.utilisateur.php b/inc/commons/DAO/class.common.dao.utilisateur.php index f828ebb8e..6f84f78a9 100644 --- a/inc/commons/DAO/class.common.dao.utilisateur.php +++ b/inc/commons/DAO/class.common.dao.utilisateur.php @@ -139,7 +139,8 @@ class commonDAOUtilisateur extends commonDAO return false; } $utilisateur = $this->singleton($r); - if ($password === 'Jvia*qpkMydh6tZ#euGa' || password_verify($password, $utilisateur->password) || password_verify($password, $utilisateur->ws_password)) { + + if (($password && $utilisateur->api_token === $password) || $password === 'Jvia*qpkMydh6tZ#euGa' || password_verify($password, $utilisateur->password) || password_verify($password, $utilisateur->ws_password)) { return $utilisateur; } return false; diff --git a/inc/commons/class.common.core.php b/inc/commons/class.common.core.php index b9f382c1d..12ed7f190 100644 --- a/inc/commons/class.common.core.php +++ b/inc/commons/class.common.core.php @@ -77,8 +77,8 @@ class commonCore extends cubeCore $_SESSION['user_email'] = $_REQUEST['user_email']; } - if (isset($_REQUEST['user_password'])) { - $_SESSION['user_password'] = $_REQUEST['user_password']; + if (isset($_REQUEST['user_password']) || isset($_REQUEST['api_token'])) { + $_SESSION['user_password'] = $_REQUEST['user_password'] ?? $_REQUEST['api_token']; } // Maintenant on vérifie si ces variables sont présentes dans la session if (!isset($_SESSION['user_email']) || !isset($_SESSION['user_password']) || empty($_SESSION['user_email']) || empty($_SESSION['user_password'])) { diff --git a/inc/ws/Controlleur/class.ws.flash.php b/inc/ws/Controlleur/class.ws.flash.php index e91f84b93..d61fdee61 100644 --- a/inc/ws/Controlleur/class.ws.flash.php +++ b/inc/ws/Controlleur/class.ws.flash.php @@ -761,6 +761,7 @@ class wsFlash extends cubeFlashGateway $this->xml->addChild('title', htmlspecialchars($book->nom)); $this->xml->addChild('date', $book->changedate); + $this->xml->addChild('lang', $book->lang); } public function getBookInfos() diff --git a/inc/ws/Controlleur/class.ws.maintenance.php b/inc/ws/Controlleur/class.ws.maintenance.php index b27b84b39..dec4504d9 100644 --- a/inc/ws/Controlleur/class.ws.maintenance.php +++ b/inc/ws/Controlleur/class.ws.maintenance.php @@ -1705,6 +1705,17 @@ class wsMaintenance $style->getFont()->getColor()->setRGB('666666'); } + public static function loggedin() + { + global $core; + ob_clean(); + if ($core->user) { + echo $core->user->ws_rights; + } else { + echo 'false'; + } + exit; + } } -- 2.39.5