xdrm-brackets
/
NxTIC
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Correction temporaire des sessions + login ok

This commit is contained in:
xdrm-brackets 2016-04-13 13:36:49 +02:00
parent 08a2ad3602
commit aac1494528
14 changed files with 71 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
automate.php
View File

@ -66,18 +66,18 @@
var_dump( $contact ); var_dump( $contact );
} }
// parseCallLog(); parseCallLog();
debug(); debug();
$api = new client(); // $api = new client();
$response = $api->send('generate-network-chart-data', array( // $response = $api->send('generate-network-chart-data', array(
'@token'=> '48e701d4e72e4e35bc37c9a800b49d5400734d7b' // '@token'=> '48e701d4e72e4e35bc37c9a800b49d5400734d7b'
)); // ));
var_dump($response); // var_dump($response);
?> ?>

2
config/modules.json
View File

@ -38,7 +38,7 @@
"network_render": { "network_render": {
"description": "Renvoie le contenu du svg representant un graphique de type #network avec les donnees recues.", "description": "Renvoie le contenu du svg representant un graphique de type #network avec les donnees recues.",
"permissions": ["admin"], "permissions": [],
"parameters": { "parameters": {
"dataset": { "description": "Dataset au bon format pour un graphique de type #network." } "dataset": { "description": "Dataset au bon format pour un graphique de type #network." }
} }

2
css/layout.css
View File

@ -1,2 +1,2 @@
body{font-family:'Open Sans';font-size:15px}#WRAPPER{display:block;position:fixed;top:0;left:0;width:100%;height:100%;background-color:#e8e8e8;overflow-x:hidden;overflow-y:auto;z-index:1}#WRAPPER>#HEADER{display:block;position:fixed;top:0;left:0;width:100%;height:calc( 4em - 1px );border-bottom:1px solid #cfcfcf;background-color:#fff;z-index:9}#WRAPPER>#MENU-SIDE{display:block;position:fixed;top:4em;left:0;width:15em;height:calc( 100% - 4em );box-shadow:2px 1px 3px #ddd;background-color:#32323a;transition:all .3s;z-index:10}#WRAPPER>#CONTAINER{display:flex;position:absolute;top:4em;left:15em;width:calc( 100% - 15em - 2*1em );min-height:calc( 100% - 4em - 2*1em );padding:1em;flex-direction:row;justify-content:space-between;overflow-x:none;overflow-y:auto}#LOGIN{display:flex;position:fixed;top:0;left:-100%;width:100%;height:100%;flex-direction:row;flex-wrap:nowrap;justify-content:space-around;align-items:center;background-color:#32323a;transition:left .3s ease-in-out;z-index:101}#LOGIN.active{left:0}#LOGIN>#login-icon{width:35em;height:10em;background:url("/f/svg/icon/st") center center no-repeat;background-size:auto 100%}#LOGIN>#login-form{display:block}#LOGIN>#login-form>input[type='text'],#LOGIN>#login-form>input[type='password'],#LOGIN>#login-form>input[type='submit']{display:flex;width:20em;margin:2em 0;padding:1em 2em;flex-direction:column;justify-content:space-around;flex-wrap:nowrap;align-items:middle;border-radius:5px;border:1px solid #6b6b6b;background-color:#32323a;color:#fff;font-weight:bold;letter-spacing:.07em;transition:border .2s ease-in-out;cursor:default}#LOGIN>#login-form>input[type='text']:hover,#LOGIN>#login-form>input[type='text']:focus,#LOGIN>#login-form>input[type='password']:hover,#LOGIN>#login-form>input[type='password']:focus,#LOGIN>#login-form>input[type='submit']:hover,#LOGIN>#login-form>input[type='submit']:focus{border-color:#53d192}#LOGIN>#login-form>input[type='submit']{margin:2em auto;border:0;background-color:#53d192;color:#fff;font-weight:bold;cursor:pointer}#LOGIN>#login-form>input[type='submit']:hover{background-color:#33be79;box-shadow:0 0 1em #1a1a1f}#LOGIN>#login-form>#lost-password{color:#ddd;cursor:pointer}#LOGIN>#login-form>#lost-password:hover{color:#53d192;text-decoration:underline}#LOGIN>#login-close{display:block;position:absolute;top:2em;right:2em;min-width:2em;height:2em;background:url("/f/svg/back/st/container/ffffff") right center no-repeat;background-size:1em;color:#fff;padding-right:2em;line-height:2em;font-weight:bold;cursor:pointer} body{font-family:'Open Sans';font-size:15px}#WRAPPER{display:block;position:fixed;top:0;left:0;width:100%;height:100%;background-color:#e8e8e8;overflow-x:hidden;overflow-y:auto;z-index:1}#WRAPPER>#HEADER{display:block;position:fixed;top:0;left:0;width:100%;height:calc( 4em - 1px );border-bottom:1px solid #cfcfcf;background-color:#fff;z-index:9}#WRAPPER>#MENU-SIDE{display:block;position:fixed;top:4em;left:0;width:15em;height:calc( 100% - 4em );box-shadow:2px 1px 3px #ddd;background-color:#32323a;transition:all .3s;z-index:10}#WRAPPER>#CONTAINER{display:flex;position:absolute;top:4em;left:15em;width:calc( 100% - 15em - 2*1em );min-height:calc( 100% - 4em - 2*1em );padding:1em;flex-direction:row;justify-content:space-between;overflow-x:none;overflow-y:auto}#LOGIN{display:flex;position:fixed;top:0;left:-100%;width:100%;height:100%;flex-direction:row;flex-wrap:nowrap;justify-content:space-around;align-items:center;background-color:#32323a;transition:left .3s ease-in-out;z-index:101}#LOGIN.active{left:0}#LOGIN>#login-icon{width:35em;height:10em;background:url("/f/svg/icon/st") center center no-repeat;background-size:auto 100%}#LOGIN>#login-form{display:block}#LOGIN>#login-form>input[type='text'],#LOGIN>#login-form>input[type='password'],#LOGIN>#login-form>input[type='submit']{display:flex;width:20em;margin:2em 0;padding:1em 2em;flex-direction:column;justify-content:space-around;flex-wrap:nowrap;align-items:middle;border-radius:5px;border:1px solid #6b6b6b;background-color:#32323a;color:#fff;font-weight:bold;letter-spacing:.07em;transition:border .2s ease-in-out;cursor:default}#LOGIN>#login-form>input[type='text']:hover,#LOGIN>#login-form>input[type='text']:focus,#LOGIN>#login-form>input[type='password']:hover,#LOGIN>#login-form>input[type='password']:focus,#LOGIN>#login-form>input[type='submit']:hover,#LOGIN>#login-form>input[type='submit']:focus{border-color:#53d192}#LOGIN>#login-form>input[type='submit']{width:100%;margin:2em 0;border:0;background-color:#53d192;color:#fff;font-weight:bold;cursor:pointer}#LOGIN>#login-form>input[type='submit']:hover{background-color:#33be79;box-shadow:0 0 1em #1a1a1f}#LOGIN>#login-form>#lost-password{color:#ddd;cursor:pointer}#LOGIN>#login-form>#lost-password:hover{color:#53d192;text-decoration:underline}#LOGIN>#login-close{display:block;position:absolute;top:2em;right:2em;min-width:2em;height:2em;background:url("/f/svg/back/st/container/ffffff") right center no-repeat;background-size:1em;color:#fff;padding-right:2em;line-height:2em;font-weight:bold;cursor:pointer}
/*# sourceMappingURL=layout.css.map */ /*# sourceMappingURL=layout.css.map */

2
css/layout.css.map
View File

@ -1,6 +1,6 @@
{ {
"version": 3, "version": 3,
"mappings": "AAEA,IAAI,CAEH,WAAW,CAAE,WAAW,CACxB,SAAS,CAAE,IAAI,CAKhB,QAAQ,CACP,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,KAAK,CACd,GAAG,CAAE,CAAC,CACN,IAAI,CAAE,CAAC,CACP,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,IAAI,CAEb,gBAAgB,CCfE,OAAO,CDiBzB,UAAU,CAAE,MAAM,CAClB,UAAU,CAAE,IAAI,CAEhB,OAAO,CAAE,CAAC,CAKV,gBAAW,CACV,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,KAAK,CACd,GAAG,CAAE,CAAC,CACN,IAAI,CAAE,CAAC,CACP,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,iBAA+B,CAExC,aAAa,CAAE,iBAA+B,CAE9C,gBAAgB,CClCC,IAAO,CDoCxB,OAAO,CAAE,CAAC,CAQX,mBAAc,CACb,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,KAAK,CACd,GAAG,CChCY,GAAG,CDiClB,IAAI,CAAE,CAAC,CACP,KAAK,CCnCU,IAAI,CDoCnB,MAAM,CAAE,kBAAgC,CAEzC,UAAU,CAAE,gBAAgB,CAE5B,gBAAgB,CCjDA,OAAO,CDmDvB,UAAU,CAAE,OAAO,CAEnB,OAAO,CAAE,EAAE,CAMZ,mBAAc,CACb,OAAO,CAAE,IAAI,CACb,QAAQ,CAAE,QAAQ,CACjB,GAAG,CCpDY,GAAG,CDqDlB,IAAI,CCtDW,IAAI,CDuDnB,KAAK,CAAE,2BAA0C,CACjD,UAAU,CAAE,0BAAwC,CACrD,OAAO,CAAE,GAAG,CAGZ,cAAc,CAAE,GAAG,CACnB,eAAe,CAAE,aAAa,CAE9B,UAAU,CAAE,IAAI,CAChB,UAAU,CAAE,IAAI,CASlB,MAAM,CACL,OAAO,CAAE,IAAI,CACb,QAAQ,CAAE,KAAK,CACd,GAAG,CAAE,CAAC,CACN,IAAI,CAAE,KAAK,CACX,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,IAAI,CAQb,cAAc,CAAE,GAAG,CACnB,SAAS,CAAE,MAAM,CACjB,eAAe,CAAE,YAAY,CAC7B,WAAW,CAAE,MAAM,CAGnB,gBAAgB,CCtGC,OAAO,CDwGxB,UAAU,CAAE,oBAAoB,CAEhC,OAAO,CAAE,GAAG,CAfZ,aAAQ,CACP,IAAI,CAAE,CAAC,CAoBR,kBAAe,CACd,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,IAAI,CAEZ,UAAU,CAAE,6CAA6C,CACzD,eAAe,CAAE,SAAS,CAK3B,kBAAe,CACd,OAAO,CAAE,KAAK,CAId,uHAEwB,CACvB,OAAO,CAAE,IAAI,CACZ,KAAK,CAAE,IAAI,CAEZ,MAAM,CAAE,KAAK,CACb,OAAO,CAAE,OAAO,CAGhB,cAAc,CAAE,MAAM,CACtB,eAAe,CAAE,YAAY,CAC7B,SAAS,CAAE,MAAM,CACjB,WAAW,CAAE,MAAM,CAGnB,aAAa,CAAE,GAAG,CAClB,MAAM,CAAE,iBAAgC,CAExC,gBAAgB,CClJD,OAAO,CDoJtB,KAAK,CCjJU,IAAO,CDkJtB,WAAW,CAAE,IAAI,CACjB,cAAc,CAAE,KAAK,CAErB,UAAU,CAAE,sBAAsB,CAElC,MAAM,CAAE,OAAO,CAGf,mRACO,CACN,YAAY,CClKG,OAAO,CDyKxB,uCAAwB,CACvB,MAAM,CAAE,QAAQ,CAEhB,MAAM,CAAE,CAAC,CAET,gBAAgB,CC9KA,OAAO,CDgLvB,KAAK,CC1KU,IAAO,CD2KtB,WAAW,CAAE,IAAI,CAEjB,MAAM,CAAE,OAAO,CAGf,6CAAO,CACN,gBAAgB,CAAE,OAA6B,CAC/C,UAAU,CAAE,eAA4B,CAU1C,iCAAkB,CACjB,KAAK,CC9LU,IAAO,CDgMtB,MAAM,CAAE,OAAO,CAGf,uCAAO,CACN,KAAK,CCzMU,OAAO,CD0MtB,eAAe,CAAE,SAAS,CAO7B,mBAAgB,CACf,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,QAAQ,CACjB,GAAG,CAAE,GAAG,CACR,KAAK,CAAE,GAAG,CACV,SAAS,CAAE,GAAG,CACd,MAAM,CAAE,GAAG,CAEZ,UAAU,CAAE,6DAA6D,CACzE,eAAe,CAAE,GAAG,CAEpB,KAAK,CAAE,IAAI,CACX,aAAa,CAAE,GAAG,CAClB,WAAW,CAAE,GAAG,CAChB,WAAW,CAAE,IAAI,CAEjB,MAAM,CAAE,OAAO", "mappings": "AAEA,IAAI,CAEH,WAAW,CAAE,WAAW,CACxB,SAAS,CAAE,IAAI,CAKhB,QAAQ,CACP,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,KAAK,CACd,GAAG,CAAE,CAAC,CACN,IAAI,CAAE,CAAC,CACP,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,IAAI,CAEb,gBAAgB,CCfE,OAAO,CDiBzB,UAAU,CAAE,MAAM,CAClB,UAAU,CAAE,IAAI,CAEhB,OAAO,CAAE,CAAC,CAKV,gBAAW,CACV,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,KAAK,CACd,GAAG,CAAE,CAAC,CACN,IAAI,CAAE,CAAC,CACP,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,iBAA+B,CAExC,aAAa,CAAE,iBAA+B,CAE9C,gBAAgB,CClCC,IAAO,CDoCxB,OAAO,CAAE,CAAC,CAQX,mBAAc,CACb,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,KAAK,CACd,GAAG,CChCY,GAAG,CDiClB,IAAI,CAAE,CAAC,CACP,KAAK,CCnCU,IAAI,CDoCnB,MAAM,CAAE,kBAAgC,CAEzC,UAAU,CAAE,gBAAgB,CAE5B,gBAAgB,CCjDA,OAAO,CDmDvB,UAAU,CAAE,OAAO,CAEnB,OAAO,CAAE,EAAE,CAMZ,mBAAc,CACb,OAAO,CAAE,IAAI,CACb,QAAQ,CAAE,QAAQ,CACjB,GAAG,CCpDY,GAAG,CDqDlB,IAAI,CCtDW,IAAI,CDuDnB,KAAK,CAAE,2BAA0C,CACjD,UAAU,CAAE,0BAAwC,CACrD,OAAO,CAAE,GAAG,CAGZ,cAAc,CAAE,GAAG,CACnB,eAAe,CAAE,aAAa,CAE9B,UAAU,CAAE,IAAI,CAChB,UAAU,CAAE,IAAI,CASlB,MAAM,CACL,OAAO,CAAE,IAAI,CACb,QAAQ,CAAE,KAAK,CACd,GAAG,CAAE,CAAC,CACN,IAAI,CAAE,KAAK,CACX,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,IAAI,CAQb,cAAc,CAAE,GAAG,CACnB,SAAS,CAAE,MAAM,CACjB,eAAe,CAAE,YAAY,CAC7B,WAAW,CAAE,MAAM,CAGnB,gBAAgB,CCtGC,OAAO,CDwGxB,UAAU,CAAE,oBAAoB,CAEhC,OAAO,CAAE,GAAG,CAfZ,aAAQ,CACP,IAAI,CAAE,CAAC,CAoBR,kBAAe,CACd,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,IAAI,CAEZ,UAAU,CAAE,6CAA6C,CACzD,eAAe,CAAE,SAAS,CAK3B,kBAAe,CACd,OAAO,CAAE,KAAK,CAId,uHAEwB,CACvB,OAAO,CAAE,IAAI,CACZ,KAAK,CAAE,IAAI,CAEZ,MAAM,CAAE,KAAK,CACb,OAAO,CAAE,OAAO,CAGhB,cAAc,CAAE,MAAM,CACtB,eAAe,CAAE,YAAY,CAC7B,SAAS,CAAE,MAAM,CACjB,WAAW,CAAE,MAAM,CAGnB,aAAa,CAAE,GAAG,CAClB,MAAM,CAAE,iBAAgC,CAExC,gBAAgB,CClJD,OAAO,CDoJtB,KAAK,CCjJU,IAAO,CDkJtB,WAAW,CAAE,IAAI,CACjB,cAAc,CAAE,KAAK,CAErB,UAAU,CAAE,sBAAsB,CAElC,MAAM,CAAE,OAAO,CAGf,mRACO,CACN,YAAY,CClKG,OAAO,CDyKxB,uCAAwB,CACvB,KAAK,CAAE,IAAI,CACX,MAAM,CAAE,KAAK,CAEb,MAAM,CAAE,CAAC,CAET,gBAAgB,CC/KA,OAAO,CDiLvB,KAAK,CC3KU,IAAO,CD4KtB,WAAW,CAAE,IAAI,CAEjB,MAAM,CAAE,OAAO,CAGf,6CAAO,CACN,gBAAgB,CAAE,OAA6B,CAC/C,UAAU,CAAE,eAA4B,CAU1C,iCAAkB,CACjB,KAAK,CC/LU,IAAO,CDiMtB,MAAM,CAAE,OAAO,CAGf,uCAAO,CACN,KAAK,CC1MU,OAAO,CD2MtB,eAAe,CAAE,SAAS,CAO7B,mBAAgB,CACf,OAAO,CAAE,KAAK,CACd,QAAQ,CAAE,QAAQ,CACjB,GAAG,CAAE,GAAG,CACR,KAAK,CAAE,GAAG,CACV,SAAS,CAAE,GAAG,CACd,MAAM,CAAE,GAAG,CAEZ,UAAU,CAAE,6DAA6D,CACzE,eAAe,CAAE,GAAG,CAEpB,KAAK,CAAE,IAAI,CACX,aAAa,CAAE,GAAG,CAClB,WAAW,CAAE,GAAG,CAChB,WAAW,CAAE,IAAI,CAEjB,MAAM,CAAE,OAAO",
"sources": ["layout.scss","constants.scss"], "sources": ["layout.scss","constants.scss"],
"names": [], "names": [],
"file": "layout.css" "file": "layout.css"

3
css/layout.scss
View File

@ -174,7 +174,8 @@ body{
/* (2.2) Bouton de connexion */ /* (2.2) Bouton de connexion */
& > input[type='submit']{ & > input[type='submit']{
margin: 2em auto; width: 100%;
margin: 2em 0;
border: 0; border: 0;

31
index.php
View File

@ -17,13 +17,18 @@
/*******************************************/ /*******************************************/
/* [1] Gestion des utilisateurs
/* [x] Gestion des utilisateurs
=========================================================*/ =========================================================*/
/* (1) Valeurs par defaut */ /* (1) Valeurs par defaut */
if( !isset($_SESSION['userid']) ) $_SESSION['userid'] = null; if( !isset($_SESSION['userid']) ) $_SESSION['userid'] = null;
if( !isset($_SESSION['username']) ) $_SESSION['username'] = null; if( !isset($_SESSION['username']) ) $_SESSION['username'] = null;
if( !isset($_SESSION['permission']) ) $_SESSION['permission'] = array(); if( !isset($_SESSION['permission']) ) $_SESSION['permission'] = array();
/* (2) Gestion de la connection */ /* (2) Gestion de la connection */
$login_vars = isset($_POST['login']) && Database::check('varchar(255)', $_POST['login']); $login_vars = isset($_POST['login']) && Database::check('varchar(255)', $_POST['login']);
$login_vars = $login_vars && isset($_POST['password']) && Database::check('text', $_POST['password']); $login_vars = $login_vars && isset($_POST['password']) && Database::check('text', $_POST['password']);
@ -33,27 +38,28 @@
// Si les parametres de connection, on essaie de connecter // Si les parametres de connection, on essaie de connecter
if( $login_vars ){ if( $login_vars ){
$login = new ModuleRequest('users/login', array( $login = new ModuleRequest('users/login', array( 'login' => $_POST['login'], 'password' => $_POST['password'] ));
'login' => $_POST['login'],
'password' => $_POST['password']
));
$login_ans = $login->dispatch(); $login_ans = $login->dispatch();
// Si aucune erreur, on dit qu'on vient de se connecter // Si aucune erreur, on dit qu'on vient de se connecter
if( $login_ans->error == ManagerError::Success ) if( $login_ans->error == ManagerError::Success )
$_SESSION['login_status'] = 'logged'; $_SESSION['login_status'] = 'logged';
else // Si on n'a pas les bonnes donnees
// Si on n'a pas les bonnes donnees
else
$_SESSION['login_status'] = 'error'; $_SESSION['login_status'] = 'error';
} }
/* (3) Gestion de le deconnexion */
/* [0] On initialise le routeur /* [0] On initialise le routeur
===================================================*/ ===================================================*/
$R = new Router( $_GET['url'] ); $R = new Router( $_GET['url'] );
// var_dump($R);
/* [1] On cree les regles de routage /* [1] On cree les regles de routage
===================================================*/ ===================================================*/
@ -70,9 +76,11 @@
// nomPage/arg1/arg2 -> inclusion de la page // nomPage/arg1/arg2 -> inclusion de la page
$R->get('(?:'.implode('|', $views).')(?:/[\w-]+)*/?', function(){ include __ROOT__.'/view.php'; }); $R->get('(?:'.implode('|', $views).')(?:/[\w-]+)*/?', function(){ include __ROOT__.'/view.php'; });
// Dispatcher // Dispatcher
$R->get('f(?:/([\w-]+))*/?', function(){ new ResourceDispatcher($_GET['url'], true); }); $R->get('f(?:/([\w-]+))*/?', function(){ new ResourceDispatcher($_GET['url'], true); });
// Api // Api
$R->post('api/?', function(){ $R->post('api/?', function(){
$request = ModuleRequest::fromPost($_POST); $request = ModuleRequest::fromPost($_POST);
@ -81,11 +89,14 @@
echo $answer->serialize(); echo $answer->serialize();
}); });
// N'importe -> page d'accueil // N'importe -> page d'accueil
$R->get('.+', function(){ header('Location: /dashboard/'); }); $R->get('.+', function(){ header('Location: /dashboard/'); });
$R->post('.+', function(){ header('Location: /dashboard/'); });
/* [3] On lance le routeur /* [3] On lance le routeur
===================================================*/ ===================================================*/
$R->run(); $R->run();

2
manager/ResourceDispatcher.php
View File

@ -255,7 +255,7 @@
///////////// SI FICHIER JS //////////// ///////////// SI FICHIER JS ////////////
//////////////////////////////////////// ////////////////////////////////////////
if( $this->flags['extension'] == 'js' ) if( $this->flags['extension'] == 'js' )
$content = 'var js_access_token = "'. substr($_SESSION['session_token'], 0, 40) .'";' . "\n\n" . $content; $content = 'var js_access_token = "'. substr(session_id(), 0, 23) .'";' . "\n\n" . $content;

2
manager/repo/token.php
View File

@ -135,7 +135,7 @@
$token_used = true; $token_used = true;
// tant qu'un token a deja la meme valeur // tant qu'un token a deja la meme valeur
while( $token_used ){ while( $token_used ){
$token = sessionManager::secure_sha1(uniqid()); $token = sessionManager::sha1(uniqid());
// Verification dans la BDD // Verification dans la BDD
$check = Database::getPDO()->prepare("SELECT id_token FROM api_token WHERE token = :token"); $check = Database::getPDO()->prepare("SELECT id_token FROM api_token WHERE token = :token");

22
manager/sessionManager.php
View File

@ -11,7 +11,7 @@
/*************************/ /*************************/
/* SECURE SHA1 ALGORITHM */ /* SECURE SHA1 ALGORITHM */
/*************************/ /*************************/
public static function secure_sha1($data){ public static function sha1($data){
return sha1( '">\[..|{@#))'.sha1($data.'_)Q@#((%*_$%(@#') ); return sha1( '">\[..|{@#))'.sha1($data.'_)Q@#((%*_$%(@#') );
} }
@ -29,7 +29,7 @@
session_id( $session_id ); session_id( $session_id );
// Precaution: on met a jour le cookie // Precaution: on met a jour le cookie
setcookie( 'PHPSESSID', session_id(), time()+60*30 ); setcookie( 'PHPSESSID', session_id(), time()+60*30, '/');
// On redemarre la session avec le bon id session // On redemarre la session avec le bon id session
\session_start(); \session_start();
@ -44,33 +44,37 @@
/* GENERE UN TOKEN */ /* GENERE UN TOKEN */
/*******************/ /*******************/
private static function update_token(){ private static function update_token(){
$token = self::$prefix.self::secure_sha1(uniqid()); $token = self::$prefix.self::sha1(uniqid());
// On definit le token en session // On definit le token en session
$_SESSION['session_token'] = $token; $_SESSION['session_token'] = $token;
// On definit le token en cookie // On definit le token en cookie
$_COOKIE['session_token'] = $_SESSION['session_token']; $_COOKIE['session_token'] = $_SESSION['session_token'];
setcookie( 'session_token', $_COOKIE['session_token'], time()+60*30 ); setcookie( 'session_token', $_COOKIE['session_token'], time()+60*30, '/');
} }
/************/ /************/
/* AMORCEUR */ /* AMORCEUR */
/************/ /************/
public static function session_start(){ public static function session_start(){
\session_start();
return;
/* [1] Génération et Gestion des donnees a utiliser /* [1] Génération et Gestion des donnees a utiliser
==============================================================*/ ==============================================================*/
// On genere le hash a partir des donnees personnelles // On genere le hash a partir des donnees personnelles
self::$prefix = self::secure_sha1( $_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'] ); self::$prefix = self::sha1( $_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'] );
// On cree un id session associe a ces donnees personnelles // On cree un id session associe aux donnees personnelles
$sessid = substr(self::$prefix,0,5) . substr(self::secure_sha1(uniqid()),0,24); $sessid = substr(self::$prefix,0,5) . substr(self::sha1(uniqid()),0,24);
// On genere un token pour l'execution suivante // On genere un token pour l'execution suivante
$token = self::$prefix.self::secure_sha1(uniqid()); $token = self::$prefix.self::sha1(uniqid());
// On definit/recupere le token // On definit/recupere le token
$session_token = (isset($_COOKIE['session_token'])) ? $_COOKIE['session_token'] : null; $session_token = (isset($_COOKIE['session_token'])) ? $_COOKIE['session_token'] : null;

4
phpunit/tests/Database_check.php
View File

@ -185,7 +185,7 @@
/* [5] Mot de passe /* [5] Mot de passe
=========================================================*/ =========================================================*/
public function testPasswordSizeEqCorrect(){ public function testPasswordSizeEqCorrect(){
$password_hash = \manager\sessionManager::secure_sha1('monmotdepasse'); $password_hash = \manager\sessionManager::sha1('monmotdepasse');
$this->assertEquals( 40, strlen($password_hash) ); $this->assertEquals( 40, strlen($password_hash) );
$this->assertTrue( \manager\Database::check('user.password', $password_hash) ); $this->assertTrue( \manager\Database::check('user.password', $password_hash) );
@ -199,7 +199,7 @@
} }
public function testPasswordSizeSupIncorrect(){ public function testPasswordSizeSupIncorrect(){
$password_hash = \manager\sessionManager::secure_sha1('monmotdepasse').'a'; $password_hash = \manager\sessionManager::sha1('monmotdepasse').'a';
$this->assertGreaterThan( 40, strlen($password_hash) ); $this->assertGreaterThan( 40, strlen($password_hash) );
$this->assertFalse( \manager\Database::check('user.password', $password_hash) ); $this->assertFalse( \manager\Database::check('user.password', $password_hash) );

2
phpunit/tests/sessionManager.php
View File

@ -7,7 +7,7 @@
=========================================================*/ =========================================================*/
public function testSecureSHA1(){ public function testSecureSHA1(){
$plain = 'montexteclair'; $plain = 'montexteclair';
$hash = \manager\sessionManager::secure_sha1($plain); $hash = \manager\sessionManager::sha1($plain);
// Verification desuiee // Verification desuiee
$this->assertEquals(40, strlen($hash) ); $this->assertEquals(40, strlen($hash) );

9
receiver.php Normal file
View File

@ -0,0 +1,9 @@
<?php define('__ROOT__', dirname(__FILE__) );
require_once __ROOT__.'/manager/autoloader.php';
use \manager\sessionManager;
var_dump(session_id());
?>

16
view.php
View File

@ -36,14 +36,17 @@
<?php if( connected() ) echo "<div id='LOGIN'>"; <?php if( connected() ) echo "<div id='LOGIN'>";
else echo "<div id='LOGIN' class='active'>"; ?> else echo "<div id='LOGIN' class='active'>"; ?>
<?php var_dump(session_id()); ?> <?php //var_dump(session_id()); ?>
<div id='login-icon'></div> <div id='login-icon'></div>
<div id='login-close'>Accéder à la plateforme</div> <div id='login-close'>Accéder à la plateforme</div>
<form method='POST' action='/' id='login-form'> <form method='POST' action='' id='login-form'>
<input type='text' placeholder='Identifiant ou adresse mail' id='login-login'> <input type='text' placeholder='Identifiant ou adresse mail' name='login' id='login-login'>
<input type='password' placeholder='Mot de passe' id='login-password'> <input type='password' placeholder='Mot de passe' name='password' id='login-password'>
<input type='submit' value='Connexion' id='login-submit'> <input type='submit' value='Connexion' id='login-submit'>
<!-- Si on a de mauvais logins -->
<?php if( $_SESSION['login_status'] == 'error '){ echo "<span id='login-error'>Votre identifiant/mot de passe est incorrect.</span>"; } ?>
<span id='lost-password'>Mot de passe oublié ?</span> <span id='lost-password'>Mot de passe oublié ?</span>
</form> </form>
@ -90,6 +93,9 @@
<span data-link='analytics' ><?= ResourceDispatcher::getResource('f/svg/analytics/st/menu-side'); ?>Statistiques</span> <span data-link='analytics' ><?= ResourceDispatcher::getResource('f/svg/analytics/st/menu-side'); ?>Statistiques</span>
<span data-link='charts' class='sep'><?= ResourceDispatcher::getResource('f/svg/charts/st/menu-side'); ?>Visualisation</span> <span data-link='charts' class='sep'><?= ResourceDispatcher::getResource('f/svg/charts/st/menu-side'); ?>Visualisation</span>
<div class='sub'>
<span data-sublink='network'>Reseau</span>
</div>
<?php if( permission('admin') ){ ?> <?php if( permission('admin') ){ ?>

2
view/charts.php
View File

@ -39,7 +39,7 @@ $render = $answer->get('render');
?> ?>
<section> <section data-sublink='network'>
<h6>CERCLE DES RELATIONS</h6> <h6>CERCLE DES RELATIONS</h6>
<?= $render; ?> <?= $render; ?>
</section> </section>