From b4758b2dec4b00dbc78a80fdf93135afb8df475d Mon Sep 17 00:00:00 2001
From: Benjamin Renard <brenard@easter-eggs.com>
Date: Wed, 10 Mar 2010 19:07:58 +0100
Subject: [PATCH] LSsession : Added getLSauthObject() and used it. Modify
 logout procedure to use LSauth::logout() method.

---
 .../includes/class/class.LSsession.php        | 91 ++++++++++++-------
 1 file changed, 58 insertions(+), 33 deletions(-)

diff --git a/public_html/includes/class/class.LSsession.php b/public_html/includes/class/class.LSsession.php
index 168196e5..3a64b4b6 100644
--- a/public_html/includes/class/class.LSsession.php
+++ b/public_html/includes/class/class.LSsession.php
@@ -83,6 +83,9 @@ class LSsession {
 
   // L'objet de l'utilisateur connecté
   private static $LSuserObject = NULL;
+  
+  // The LSauht object of the session
+  private static $LSauthObject = false;
 
  /**
   * Include un fichier PHP
@@ -485,25 +488,9 @@ class LSsession {
   public static function startLSsession() {
     if (!self :: initialize()) {
       return;
-    }   
-
-    // Déconnexion
-    if (isset($_GET['LSsession_logout'])||isset($_GET['LSsession_recoverPassword'])) {
-      session_destroy();
-      
-      if (is_array($_SESSION['LSsession']['tmp_file'])) {
-        self :: $tmp_file = $_SESSION['LSsession']['tmp_file'];
-      }
-      self :: deleteTmpFile();
-      unset($_SESSION['LSsession']);
     }
     
-    // Récupération de mot de passe
-    if (isset($_GET['recoveryHash'])) {
-      $_POST['LSsession_user'] = 'a determiner plus tard';
-    }
-    
-    if(isset($_SESSION['LSsession']['dn'])) {
+    if(isset($_SESSION['LSsession']['dn']) && !isset($_GET['LSsession_recoverPassword'])) {
       // Session existante
       self :: $topDn        = $_SESSION['LSsession']['topDn'];
       self :: $dn           = $_SESSION['LSsession']['dn'];
@@ -512,6 +499,23 @@ class LSsession {
       self :: $tmp_file     = $_SESSION['LSsession']['tmp_file'];
       self :: $authParams   = $_SESSION['LSsession']['authParams'];
       
+      if (isset($_GET['LSsession_logout'])) {
+        $authObj = self :: getLSauthObject();
+        if ($authObj) {
+          $authObj -> logout();
+        }
+        session_destroy();
+        
+        if (is_array($_SESSION['LSsession']['tmp_file'])) {
+          self :: $tmp_file = $_SESSION['LSsession']['tmp_file'];
+        }
+        self :: deleteTmpFile();
+        unset($_SESSION['LSsession']);
+        
+        self :: redirect('index.php');
+        return;
+      }
+      
       if ( self :: cacheLSprofiles() && !isset($_REQUEST['LSsession_refresh']) ) {
         self :: setLdapServer(self :: $ldapServerId);
         self :: $LSprofiles   = $_SESSION['LSsession']['LSprofiles'];
@@ -553,6 +557,9 @@ class LSsession {
       
     }
     else {
+      if (isset($_GET['LSsession_recoverPassword'])) {
+        session_destroy();
+      }
       // Session inexistante
       if (isset($_POST['LSsession_ldapserver'])) {
         self :: setLdapServer($_POST['LSsession_ldapserver']);
@@ -580,24 +587,12 @@ class LSsession {
                                    );
         }
         else {
-          if (self :: loadLSauth()) {
-            if (isset(self :: $ldapServer['LSauth']['method'])) {
-              $LSauthClass = 'LSauth'.self :: $ldapServer['LSauth']['method'];
-              if (!self :: loadLSauth(self :: $ldapServer['LSauth']['method'])) {
-                LSerror :: addErrorCode('LSsession_08',self :: $ldapServer['LSauth']['method']);
-                $LSauthClass = 'LSauth';
-              }
-            }
-            else {
-              $LSauthClass = 'LSauth';
-            }
-            
-            $authObj = new $LSauthClass();
-            self :: $authParams = $authObj->params;
+          $authObj=self :: getLSauthObject();
+          if ($authObj) {
             if ($authObj -> getPostData()) {
               $LSuserObject = $authObj -> authenticate();
               if ($LSuserObject) {
-                // Authentification réussi
+                // Authentication successful
                 self :: $LSuserObject = $LSuserObject;
                 self :: $dn = $LSuserObject->getValue('dn');
                 self :: $rdn = $LSuserObject->getValue('rdn');
@@ -614,6 +609,7 @@ class LSsession {
       else {
         LSerror :: addErrorCode('LSsession_09');
       }
+      
       if (self :: $ldapServerId) {
         $GLOBALS['Smarty'] -> assign('ldapServerId',self :: $ldapServerId);
       }
@@ -631,6 +627,32 @@ class LSsession {
       return;
     }
   }
+
+  /**
+   * Get LSauthObject
+   * 
+   * @retval LSauth object or false
+   **/
+  private static function getLSauthObject() {
+    if (!self :: $LSauthObject) {
+      if (self :: loadLSauth()) {
+        if (isset(self :: $ldapServer['LSauth']['method'])) {
+          $LSauthClass = 'LSauth'.self :: $ldapServer['LSauth']['method'];
+          if (!self :: loadLSauth(self :: $ldapServer['LSauth']['method'])) {
+            LSerror :: addErrorCode('LSsession_08',self :: $ldapServer['LSauth']['method']);
+            $LSauthClass = 'LSauth';
+          }
+        }
+        else {
+          $LSauthClass = 'LSauth';
+        }
+        
+        self :: $LSauthObject = new $LSauthClass();
+        self :: $authParams = self :: $LSauthObject->params;
+      }
+    }
+    return self :: $LSauthObject;
+  }     
   
   /**
    * Do recover password
@@ -652,13 +674,16 @@ class LSsession {
         );
         $result = $authobject -> listObjects($filter,self :: $topDn);
       }
-      else {
+      elseif (!empty($username)) {
         $result = $authobject -> searchObject(
                     $username,
                     self :: $topDn,
                     self :: $ldapServer['authObjectFilter']
                   );
       }
+      else {
+        return $recoveryPasswordInfos;
+      }
       
       $nbresult=count($result);