Correction temporaire des sessions + login ok

This commit is contained in:
xdrm-brackets 2016-04-13 13:36:49 +02:00
parent 08a2ad3602
commit aac1494528
14 changed files with 71 additions and 40 deletions

View File

@ -66,18 +66,18 @@
var_dump( $contact ); var_dump( $contact );
} }
// parseCallLog(); parseCallLog();
debug(); debug();
$api = new client(); // $api = new client();
$response = $api->send('generate-network-chart-data', array( // $response = $api->send('generate-network-chart-data', array(
'@token'=> '48e701d4e72e4e35bc37c9a800b49d5400734d7b' // '@token'=> '48e701d4e72e4e35bc37c9a800b49d5400734d7b'
)); // ));
var_dump($response); // var_dump($response);
?> ?>

View File

@ -38,7 +38,7 @@
"network_render": { "network_render": {
"description": "Renvoie le contenu du svg representant un graphique de type #network avec les donnees recues.", "description": "Renvoie le contenu du svg representant un graphique de type #network avec les donnees recues.",
"permissions": ["admin"], "permissions": [],
"parameters": { "parameters": {
"dataset": { "description": "Dataset au bon format pour un graphique de type #network." } "dataset": { "description": "Dataset au bon format pour un graphique de type #network." }
} }

View File

@ -1,2 +1,2 @@
body{font-family:'Open Sans';font-size:15px}#WRAPPER{display:block;position:fixed;top:0;left:0;width:100%;height:100%;background-color:#e8e8e8;overflow-x:hidden;overflow-y:auto;z-index:1}#WRAPPER>#HEADER{display:block;position:fixed;top:0;left:0;width:100%;height:calc( 4em - 1px );border-bottom:1px solid #cfcfcf;background-color:#fff;z-index:9}#WRAPPER>#MENU-SIDE{display:block;position:fixed;top:4em;left:0;width:15em;height:calc( 100% - 4em );box-shadow:2px 1px 3px #ddd;background-color:#32323a;transition:all .3s;z-index:10}#WRAPPER>#CONTAINER{display:flex;position:absolute;top:4em;left:15em;width:calc( 100% - 15em - 2*1em );min-height:calc( 100% - 4em - 2*1em );padding:1em;flex-direction:row;justify-content:space-between;overflow-x:none;overflow-y:auto}#LOGIN{display:flex;position:fixed;top:0;left:-100%;width:100%;height:100%;flex-direction:row;flex-wrap:nowrap;justify-content:space-around;align-items:center;background-color:#32323a;transition:left .3s ease-in-out;z-index:101}#LOGIN.active{left:0}#LOGIN>#login-icon{width:35em;height:10em;background:url("/f/svg/icon/st") center center no-repeat;background-size:auto 100%}#LOGIN>#login-form{display:block}#LOGIN>#login-form>input[type='text'],#LOGIN>#login-form>input[type='password'],#LOGIN>#login-form>input[type='submit']{display:flex;width:20em;margin:2em 0;padding:1em 2em;flex-direction:column;justify-content:space-around;flex-wrap:nowrap;align-items:middle;border-radius:5px;border:1px solid #6b6b6b;background-color:#32323a;color:#fff;font-weight:bold;letter-spacing:.07em;transition:border .2s ease-in-out;cursor:default}#LOGIN>#login-form>input[type='text']:hover,#LOGIN>#login-form>input[type='text']:focus,#LOGIN>#login-form>input[type='password']:hover,#LOGIN>#login-form>input[type='password']:focus,#LOGIN>#login-form>input[type='submit']:hover,#LOGIN>#login-form>input[type='submit']:focus{border-color:#53d192}#LOGIN>#login-form>input[type='submit']{margin:2em auto;border:0;background-color:#53d192;color:#fff;font-weight:bold;cursor:pointer}#LOGIN>#login-form>input[type='submit']:hover{background-color:#33be79;box-shadow:0 0 1em #1a1a1f}#LOGIN>#login-form>#lost-password{color:#ddd;cursor:pointer}#LOGIN>#login-form>#lost-password:hover{color:#53d192;text-decoration:underline}#LOGIN>#login-close{display:block;position:absolute;top:2em;right:2em;min-width:2em;height:2em;background:url("/f/svg/back/st/container/ffffff") right center no-repeat;background-size:1em;color:#fff;padding-right:2em;line-height:2em;font-weight:bold;cursor:pointer} body{font-family:'Open Sans';font-size:15px}#WRAPPER{display:block;position:fixed;top:0;left:0;width:100%;height:100%;background-color:#e8e8e8;overflow-x:hidden;overflow-y:auto;z-index:1}#WRAPPER>#HEADER{display:block;position:fixed;top:0;left:0;width:100%;height:calc( 4em - 1px );border-bottom:1px solid #cfcfcf;background-color:#fff;z-index:9}#WRAPPER>#MENU-SIDE{display:block;position:fixed;top:4em;left:0;width:15em;height:calc( 100% - 4em );box-shadow:2px 1px 3px #ddd;background-color:#32323a;transition:all .3s;z-index:10}#WRAPPER>#CONTAINER{display:flex;position:absolute;top:4em;left:15em;width:calc( 100% - 15em - 2*1em );min-height:calc( 100% - 4em - 2*1em );padding:1em;flex-direction:row;justify-content:space-between;overflow-x:none;overflow-y:auto}#LOGIN{display:flex;position:fixed;top:0;left:-100%;width:100%;height:100%;flex-direction:row;flex-wrap:nowrap;justify-content:space-around;align-items:center;background-color:#32323a;transition:left .3s ease-in-out;z-index:101}#LOGIN.active{left:0}#LOGIN>#login-icon{width:35em;height:10em;background:url("/f/svg/icon/st") center center no-repeat;background-size:auto 100%}#LOGIN>#login-form{display:block}#LOGIN>#login-form>input[type='text'],#LOGIN>#login-form>input[type='password'],#LOGIN>#login-form>input[type='submit']{display:flex;width:20em;margin:2em 0;padding:1em 2em;flex-direction:column;justify-content:space-around;flex-wrap:nowrap;align-items:middle;border-radius:5px;border:1px solid #6b6b6b;background-color:#32323a;color:#fff;font-weight:bold;letter-spacing:.07em;transition:border .2s ease-in-out;cursor:default}#LOGIN>#login-form>input[type='text']:hover,#LOGIN>#login-form>input[type='text']:focus,#LOGIN>#login-form>input[type='password']:hover,#LOGIN>#login-form>input[type='password']:focus,#LOGIN>#login-form>input[type='submit']:hover,#LOGIN>#login-form>input[type='submit']:focus{border-color:#53d192}#LOGIN>#login-form>input[type='submit']{width:100%;margin:2em 0;border:0;background-color:#53d192;color:#fff;font-weight:bold;cursor:pointer}#LOGIN>#login-form>input[type='submit']:hover{background-color:#33be79;box-shadow:0 0 1em #1a1a1f}#LOGIN>#login-form>#lost-password{color:#ddd;cursor:pointer}#LOGIN>#login-form>#lost-password:hover{color:#53d192;text-decoration:underline}#LOGIN>#login-close{display:block;position:absolute;top:2em;right:2em;min-width:2em;height:2em;background:url("/f/svg/back/st/container/ffffff") right center no-repeat;background-size:1em;color:#fff;padding-right:2em;line-height:2em;font-weight:bold;cursor:pointer}
/*# sourceMappingURL=layout.css.map */ /*# sourceMappingURL=layout.css.map */

View File

@ -1,6 +1,6 @@
{ {
"version": 3, "version": 3,
"mappings": "AAEA,IAAI,CAEH,WAAW,CAAE,WAAW,CACxB,SAAS,CAAE,IAAI,CAKhB,QAAQ,CACP,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,KAAK,CACd,GAAG,CAAE,CAAC,CACN,IAAI,CAAE,CAAC,CACP,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,IAAI,CAEb,gBAAgB,CCfE,OAAO,CDiBzB,UAAU,CAAE,MAAM,CAClB,UAAU,CAAE,IAAI,CAEhB,OAAO,CAAE,CAAC,CAKV,gBAAW,CACV,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,KAAK,CACd,GAAG,CAAE,CAAC,CACN,IAAI,CAAE,CAAC,CACP,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,iBAA+B,CAExC,aAAa,CAAE,iBAA+B,CAE9C,gBAAgB,CClCC,IAAO,CDoCxB,OAAO,CAAE,CAAC,CAQX,mBAAc,CACb,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,KAAK,CACd,GAAG,CChCY,GAAG,CDiClB,IAAI,CAAE,CAAC,CACP,KAAK,CCnCU,IAAI,CDoCnB,MAAM,CAAE,kBAAgC,CAEzC,UAAU,CAAE,gBAAgB,CAE5B,gBAAgB,CCjDA,OAAO,CDmDvB,UAAU,CAAE,OAAO,CAEnB,OAAO,CAAE,EAAE,CAMZ,mBAAc,CACb,OAAO,CAAE,IAAI,CACb,QAAQ,CAAE,QAAQ,CACjB,GAAG,CCpDY,GAAG,CDqDlB,IAAI,CCtDW,IAAI,CDuDnB,KAAK,CAAE,2BAA0C,CACjD,UAAU,CAAE,0BAAwC,CACrD,OAAO,CAAE,GAAG,CAGZ,cAAc,CAAE,GAAG,CACnB,eAAe,CAAE,aAAa,CAE9B,UAAU,CAAE,IAAI,CAChB,UAAU,CAAE,IAAI,CASlB,MAAM,CACL,OAAO,CAAE,IAAI,CACb,QAAQ,CAAE,KAAK,CACd,GAAG,CAAE,CAAC,CACN,IAAI,CAAE,KAAK,CACX,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,IAAI,CAQb,cAAc,CAAE,GAAG,CACnB,SAAS,CAAE,MAAM,CACjB,eAAe,CAAE,YAAY,CAC7B,WAAW,CAAE,MAAM,CAGnB,gBAAgB,CCtGC,OAAO,CDwGxB,UAAU,CAAE,oBAAoB,CAEhC,OAAO,CAAE,GAAG,CAfZ,aAAQ,CACP,IAAI,CAAE,CAAC,CAoBR,kBAAe,CACd,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,IAAI,CAEZ,UAAU,CAAE,6CAA6C,CACzD,eAAe,CAAE,SAAS,CAK3B,kBAAe,CACd,OAAO,CAAE,KAAK,CAId,uHAEwB,CACvB,OAAO,CAAE,IAAI,CACZ,KAAK,CAAE,IAAI,CAEZ,MAAM,CAAE,KAAK,CACb,OAAO,CAAE,OAAO,CAGhB,cAAc,CAAE,MAAM,CACtB,eAAe,CAAE,YAAY,CAC7B,SAAS,CAAE,MAAM,CACjB,WAAW,CAAE,MAAM,CAGnB,aAAa,CAAE,GAAG,CAClB,MAAM,CAAE,iBAAgC,CAExC,gBAAgB,CClJD,OAAO,CDoJtB,KAAK,CCjJU,IAAO,CDkJtB,WAAW,CAAE,IAAI,CACjB,cAAc,CAAE,KAAK,CAErB,UAAU,CAAE,sBAAsB,CAElC,MAAM,CAAE,OAAO,CAGf,mRACO,CACN,YAAY,CClKG,OAAO,CDyKxB,uCAAwB,CACvB,MAAM,CAAE,QAAQ,CAEhB,MAAM,CAAE,CAAC,CAET,gBAAgB,CC9KA,OAAO,CDgLvB,KAAK,CC1KU,IAAO,CD2KtB,WAAW,CAAE,IAAI,CAEjB,MAAM,CAAE,OAAO,CAGf,6CAAO,CACN,gBAAgB,CAAE,OAA6B,CAC/C,UAAU,CAAE,eAA4B,CAU1C,iCAAkB,CACjB,KAAK,CC9LU,IAAO,CDgMtB,MAAM,CAAE,OAAO,CAGf,uCAAO,CACN,KAAK,CCzMU,OAAO,CD0MtB,eAAe,CAAE,SAAS,CAO7B,mBAAgB,CACf,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,QAAQ,CACjB,GAAG,CAAE,GAAG,CACR,KAAK,CAAE,GAAG,CACV,SAAS,CAAE,GAAG,CACd,MAAM,CAAE,GAAG,CAEZ,UAAU,CAAE,6DAA6D,CACzE,eAAe,CAAE,GAAG,CAEpB,KAAK,CAAE,IAAI,CACX,aAAa,CAAE,GAAG,CAClB,WAAW,CAAE,GAAG,CAChB,WAAW,CAAE,IAAI,CAEjB,MAAM,CAAE,OAAO", "mappings": "AAEA,IAAI,CAEH,WAAW,CAAE,WAAW,CACxB,SAAS,CAAE,IAAI,CAKhB,QAAQ,CACP,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,KAAK,CACd,GAAG,CAAE,CAAC,CACN,IAAI,CAAE,CAAC,CACP,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,IAAI,CAEb,gBAAgB,CCfE,OAAO,CDiBzB,UAAU,CAAE,MAAM,CAClB,UAAU,CAAE,IAAI,CAEhB,OAAO,CAAE,CAAC,CAKV,gBAAW,CACV,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,KAAK,CACd,GAAG,CAAE,CAAC,CACN,IAAI,CAAE,CAAC,CACP,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,iBAA+B,CAExC,aAAa,CAAE,iBAA+B,CAE9C,gBAAgB,CClCC,IAAO,CDoCxB,OAAO,CAAE,CAAC,CAQX,mBAAc,CACb,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,KAAK,CACd,GAAG,CChCY,GAAG,CDiClB,IAAI,CAAE,CAAC,CACP,KAAK,CCnCU,IAAI,CDoCnB,MAAM,CAAE,kBAAgC,CAEzC,UAAU,CAAE,gBAAgB,CAE5B,gBAAgB,CCjDA,OAAO,CDmDvB,UAAU,CAAE,OAAO,CAEnB,OAAO,CAAE,EAAE,CAMZ,mBAAc,CACb,OAAO,CAAE,IAAI,CACb,QAAQ,CAAE,QAAQ,CACjB,GAAG,CCpDY,GAAG,CDqDlB,IAAI,CCtDW,IAAI,CDuDnB,KAAK,CAAE,2BAA0C,CACjD,UAAU,CAAE,0BAAwC,CACrD,OAAO,CAAE,GAAG,CAGZ,cAAc,CAAE,GAAG,CACnB,eAAe,CAAE,aAAa,CAE9B,UAAU,CAAE,IAAI,CAChB,UAAU,CAAE,IAAI,CASlB,MAAM,CACL,OAAO,CAAE,IAAI,CACb,QAAQ,CAAE,KAAK,CACd,GAAG,CAAE,CAAC,CACN,IAAI,CAAE,KAAK,CACX,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,IAAI,CAQb,cAAc,CAAE,GAAG,CACnB,SAAS,CAAE,MAAM,CACjB,eAAe,CAAE,YAAY,CAC7B,WAAW,CAAE,MAAM,CAGnB,gBAAgB,CCtGC,OAAO,CDwGxB,UAAU,CAAE,oBAAoB,CAEhC,OAAO,CAAE,GAAG,CAfZ,aAAQ,CACP,IAAI,CAAE,CAAC,CAoBR,kBAAe,CACd,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,IAAI,CAEZ,UAAU,CAAE,6CAA6C,CACzD,eAAe,CAAE,SAAS,CAK3B,kBAAe,CACd,OAAO,CAAE,KAAK,CAId,uHAEwB,CACvB,OAAO,CAAE,IAAI,CACZ,KAAK,CAAE,IAAI,CAEZ,MAAM,CAAE,KAAK,CACb,OAAO,CAAE,OAAO,CAGhB,cAAc,CAAE,MAAM,CACtB,eAAe,CAAE,YAAY,CAC7B,SAAS,CAAE,MAAM,CACjB,WAAW,CAAE,MAAM,CAGnB,aAAa,CAAE,GAAG,CAClB,MAAM,CAAE,iBAAgC,CAExC,gBAAgB,CClJD,OAAO,CDoJtB,KAAK,CCjJU,IAAO,CDkJtB,WAAW,CAAE,IAAI,CACjB,cAAc,CAAE,KAAK,CAErB,UAAU,CAAE,sBAAsB,CAElC,MAAM,CAAE,OAAO,CAGf,mRACO,CACN,YAAY,CClKG,OAAO,CDyKxB,uCAAwB,CACvB,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,KAAK,CAEb,MAAM,CAAE,CAAC,CAET,gBAAgB,CC/KA,OAAO,CDiLvB,KAAK,CC3KU,IAAO,CD4KtB,WAAW,CAAE,IAAI,CAEjB,MAAM,CAAE,OAAO,CAGf,6CAAO,CACN,gBAAgB,CAAE,OAA6B,CAC/C,UAAU,CAAE,eAA4B,CAU1C,iCAAkB,CACjB,KAAK,CC/LU,IAAO,CDiMtB,MAAM,CAAE,OAAO,CAGf,uCAAO,CACN,KAAK,CC1MU,OAAO,CD2MtB,eAAe,CAAE,SAAS,CAO7B,mBAAgB,CACf,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,QAAQ,CACjB,GAAG,CAAE,GAAG,CACR,KAAK,CAAE,GAAG,CACV,SAAS,CAAE,GAAG,CACd,MAAM,CAAE,GAAG,CAEZ,UAAU,CAAE,6DAA6D,CACzE,eAAe,CAAE,GAAG,CAEpB,KAAK,CAAE,IAAI,CACX,aAAa,CAAE,GAAG,CAClB,WAAW,CAAE,GAAG,CAChB,WAAW,CAAE,IAAI,CAEjB,MAAM,CAAE,OAAO",
"sources": ["layout.scss","constants.scss"], "sources": ["layout.scss","constants.scss"],
"names": [], "names": [],
"file": "layout.css" "file": "layout.css"

View File

@ -174,7 +174,8 @@ body{
/* (2.2) Bouton de connexion */ /* (2.2) Bouton de connexion */
& > input[type='submit']{ & > input[type='submit']{
margin: 2em auto; width: 100%;
margin: 2em 0;
border: 0; border: 0;

View File

@ -17,13 +17,18 @@
/*******************************************/ /*******************************************/
/* [1] Gestion des utilisateurs
/* [x] Gestion des utilisateurs
=========================================================*/ =========================================================*/
/* (1) Valeurs par defaut */ /* (1) Valeurs par defaut */
if( !isset($_SESSION['userid']) ) $_SESSION['userid'] = null; if( !isset($_SESSION['userid']) ) $_SESSION['userid'] = null;
if( !isset($_SESSION['username']) ) $_SESSION['username'] = null; if( !isset($_SESSION['username']) ) $_SESSION['username'] = null;
if( !isset($_SESSION['permission']) ) $_SESSION['permission'] = array(); if( !isset($_SESSION['permission']) ) $_SESSION['permission'] = array();
/* (2) Gestion de la connection */ /* (2) Gestion de la connection */
$login_vars = isset($_POST['login']) && Database::check('varchar(255)', $_POST['login']); $login_vars = isset($_POST['login']) && Database::check('varchar(255)', $_POST['login']);
$login_vars = $login_vars && isset($_POST['password']) && Database::check('text', $_POST['password']); $login_vars = $login_vars && isset($_POST['password']) && Database::check('text', $_POST['password']);
@ -33,27 +38,28 @@
// Si les parametres de connection, on essaie de connecter // Si les parametres de connection, on essaie de connecter
if( $login_vars ){ if( $login_vars ){
$login = new ModuleRequest('users/login', array( $login = new ModuleRequest('users/login', array( 'login' => $_POST['login'], 'password' => $_POST['password'] ));
'login' => $_POST['login'],
'password' => $_POST['password']
));
$login_ans = $login->dispatch(); $login_ans = $login->dispatch();
// Si aucune erreur, on dit qu'on vient de se connecter // Si aucune erreur, on dit qu'on vient de se connecter
if( $login_ans->error == ManagerError::Success ) if( $login_ans->error == ManagerError::Success )
$_SESSION['login_status'] = 'logged'; $_SESSION['login_status'] = 'logged';
else // Si on n'a pas les bonnes donnees
// Si on n'a pas les bonnes donnees
else
$_SESSION['login_status'] = 'error'; $_SESSION['login_status'] = 'error';
} }
/* (3) Gestion de le deconnexion */
/* [0] On initialise le routeur /* [0] On initialise le routeur
===================================================*/ ===================================================*/
$R = new Router( $_GET['url'] ); $R = new Router( $_GET['url'] );
// var_dump($R);
/* [1] On cree les regles de routage /* [1] On cree les regles de routage
===================================================*/ ===================================================*/
@ -70,9 +76,11 @@
// nomPage/arg1/arg2 -> inclusion de la page // nomPage/arg1/arg2 -> inclusion de la page
$R->get('(?:'.implode('|', $views).')(?:/[\w-]+)*/?', function(){ include __ROOT__.'/view.php'; }); $R->get('(?:'.implode('|', $views).')(?:/[\w-]+)*/?', function(){ include __ROOT__.'/view.php'; });
// Dispatcher // Dispatcher
$R->get('f(?:/([\w-]+))*/?', function(){ new ResourceDispatcher($_GET['url'], true); }); $R->get('f(?:/([\w-]+))*/?', function(){ new ResourceDispatcher($_GET['url'], true); });
// Api // Api
$R->post('api/?', function(){ $R->post('api/?', function(){
$request = ModuleRequest::fromPost($_POST); $request = ModuleRequest::fromPost($_POST);
@ -81,8 +89,11 @@
echo $answer->serialize(); echo $answer->serialize();
}); });
// N'importe -> page d'accueil // N'importe -> page d'accueil
$R->get('.+', function(){ header('Location: /dashboard/'); }); $R->get('.+', function(){ header('Location: /dashboard/'); });
$R->post('.+', function(){ header('Location: /dashboard/'); });

View File

@ -255,7 +255,7 @@
///////////// SI FICHIER JS //////////// ///////////// SI FICHIER JS ////////////
//////////////////////////////////////// ////////////////////////////////////////
if( $this->flags['extension'] == 'js' ) if( $this->flags['extension'] == 'js' )
$content = 'var js_access_token = "'. substr($_SESSION['session_token'], 0, 40) .'";' . "\n\n" . $content; $content = 'var js_access_token = "'. substr(session_id(), 0, 23) .'";' . "\n\n" . $content;

View File

@ -135,7 +135,7 @@
$token_used = true; $token_used = true;
// tant qu'un token a deja la meme valeur // tant qu'un token a deja la meme valeur
while( $token_used ){ while( $token_used ){
$token = sessionManager::secure_sha1(uniqid()); $token = sessionManager::sha1(uniqid());
// Verification dans la BDD // Verification dans la BDD
$check = Database::getPDO()->prepare("SELECT id_token FROM api_token WHERE token = :token"); $check = Database::getPDO()->prepare("SELECT id_token FROM api_token WHERE token = :token");

View File

@ -11,7 +11,7 @@
/*************************/ /*************************/
/* SECURE SHA1 ALGORITHM */ /* SECURE SHA1 ALGORITHM */
/*************************/ /*************************/
public static function secure_sha1($data){ public static function sha1($data){
return sha1( '">\[..|{@#))'.sha1($data.'_)Q@#((%*_$%(@#') ); return sha1( '">\[..|{@#))'.sha1($data.'_)Q@#((%*_$%(@#') );
} }
@ -29,7 +29,7 @@
session_id( $session_id ); session_id( $session_id );
// Precaution: on met a jour le cookie // Precaution: on met a jour le cookie
setcookie( 'PHPSESSID', session_id(), time()+60*30 ); setcookie( 'PHPSESSID', session_id(), time()+60*30, '/');
// On redemarre la session avec le bon id session // On redemarre la session avec le bon id session
\session_start(); \session_start();
@ -44,30 +44,34 @@
/* GENERE UN TOKEN */ /* GENERE UN TOKEN */
/*******************/ /*******************/
private static function update_token(){ private static function update_token(){
$token = self::$prefix.self::secure_sha1(uniqid()); $token = self::$prefix.self::sha1(uniqid());
// On definit le token en session // On definit le token en session
$_SESSION['session_token'] = $token; $_SESSION['session_token'] = $token;
// On definit le token en cookie // On definit le token en cookie
$_COOKIE['session_token'] = $_SESSION['session_token']; $_COOKIE['session_token'] = $_SESSION['session_token'];
setcookie( 'session_token', $_COOKIE['session_token'], time()+60*30 ); setcookie( 'session_token', $_COOKIE['session_token'], time()+60*30, '/');
} }
/************/ /************/
/* AMORCEUR */ /* AMORCEUR */
/************/ /************/
public static function session_start(){ public static function session_start(){
\session_start();
return;
/* [1] Génération et Gestion des donnees a utiliser /* [1] Génération et Gestion des donnees a utiliser
==============================================================*/ ==============================================================*/
// On genere le hash a partir des donnees personnelles // On genere le hash a partir des donnees personnelles
self::$prefix = self::secure_sha1( $_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'] ); self::$prefix = self::sha1( $_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'] );
// On cree un id session associe a ces donnees personnelles // On cree un id session associe aux donnees personnelles
$sessid = substr(self::$prefix,0,5) . substr(self::secure_sha1(uniqid()),0,24); $sessid = substr(self::$prefix,0,5) . substr(self::sha1(uniqid()),0,24);
// On genere un token pour l'execution suivante // On genere un token pour l'execution suivante
$token = self::$prefix.self::secure_sha1(uniqid()); $token = self::$prefix.self::sha1(uniqid());
// On definit/recupere le token // On definit/recupere le token
$session_token = (isset($_COOKIE['session_token'])) ? $_COOKIE['session_token'] : null; $session_token = (isset($_COOKIE['session_token'])) ? $_COOKIE['session_token'] : null;

View File

@ -185,7 +185,7 @@
/* [5] Mot de passe /* [5] Mot de passe
=========================================================*/ =========================================================*/
public function testPasswordSizeEqCorrect(){ public function testPasswordSizeEqCorrect(){
$password_hash = \manager\sessionManager::secure_sha1('monmotdepasse'); $password_hash = \manager\sessionManager::sha1('monmotdepasse');
$this->assertEquals( 40, strlen($password_hash) ); $this->assertEquals( 40, strlen($password_hash) );
$this->assertTrue( \manager\Database::check('user.password', $password_hash) ); $this->assertTrue( \manager\Database::check('user.password', $password_hash) );
@ -199,7 +199,7 @@
} }
public function testPasswordSizeSupIncorrect(){ public function testPasswordSizeSupIncorrect(){
$password_hash = \manager\sessionManager::secure_sha1('monmotdepasse').'a'; $password_hash = \manager\sessionManager::sha1('monmotdepasse').'a';
$this->assertGreaterThan( 40, strlen($password_hash) ); $this->assertGreaterThan( 40, strlen($password_hash) );
$this->assertFalse( \manager\Database::check('user.password', $password_hash) ); $this->assertFalse( \manager\Database::check('user.password', $password_hash) );

View File

@ -7,7 +7,7 @@
=========================================================*/ =========================================================*/
public function testSecureSHA1(){ public function testSecureSHA1(){
$plain = 'montexteclair'; $plain = 'montexteclair';
$hash = \manager\sessionManager::secure_sha1($plain); $hash = \manager\sessionManager::sha1($plain);
// Verification desuiee // Verification desuiee
$this->assertEquals(40, strlen($hash) ); $this->assertEquals(40, strlen($hash) );

9
receiver.php Normal file
View File

@ -0,0 +1,9 @@
<?php define('__ROOT__', dirname(__FILE__) );
require_once __ROOT__.'/manager/autoloader.php';
use \manager\sessionManager;
var_dump(session_id());
?>

View File

@ -36,15 +36,18 @@
<?php if( connected() ) echo "<div id='LOGIN'>"; <?php if( connected() ) echo "<div id='LOGIN'>";
else echo "<div id='LOGIN' class='active'>"; ?> else echo "<div id='LOGIN' class='active'>"; ?>
<?php var_dump(session_id()); ?> <?php //var_dump(session_id()); ?>
<div id='login-icon'></div> <div id='login-icon'></div>
<div id='login-close'>Accéder à la plateforme</div> <div id='login-close'>Accéder à la plateforme</div>
<form method='POST' action='/' id='login-form'> <form method='POST' action='' id='login-form'>
<input type='text' placeholder='Identifiant ou adresse mail' id='login-login'> <input type='text' placeholder='Identifiant ou adresse mail' name='login' id='login-login'>
<input type='password' placeholder='Mot de passe' id='login-password'> <input type='password' placeholder='Mot de passe' name='password' id='login-password'>
<input type='submit' value='Connexion' id='login-submit'> <input type='submit' value='Connexion' id='login-submit'>
<!-- Si on a de mauvais logins -->
<?php if( $_SESSION['login_status'] == 'error '){ echo "<span id='login-error'>Votre identifiant/mot de passe est incorrect.</span>"; } ?>
<span id='lost-password'>Mot de passe oublié ?</span> <span id='lost-password'>Mot de passe oublié ?</span>
</form> </form>
</div> </div>
@ -90,6 +93,9 @@
<span data-link='analytics' ><?= ResourceDispatcher::getResource('f/svg/analytics/st/menu-side'); ?>Statistiques</span> <span data-link='analytics' ><?= ResourceDispatcher::getResource('f/svg/analytics/st/menu-side'); ?>Statistiques</span>
<span data-link='charts' class='sep'><?= ResourceDispatcher::getResource('f/svg/charts/st/menu-side'); ?>Visualisation</span> <span data-link='charts' class='sep'><?= ResourceDispatcher::getResource('f/svg/charts/st/menu-side'); ?>Visualisation</span>
<div class='sub'>
<span data-sublink='network'>Reseau</span>
</div>
<?php if( permission('admin') ){ ?> <?php if( permission('admin') ){ ?>

View File

@ -39,7 +39,7 @@ $render = $answer->get('render');
?> ?>
<section> <section data-sublink='network'>
<h6>CERCLE DES RELATIONS</h6> <h6>CERCLE DES RELATIONS</h6>
<?= $render; ?> <?= $render; ?>
</section> </section>