function informer_auteur($bof)
{
	include_spip('inc/json');
	include_spip('formulaires/login');
	include_spip('inc/auth');
	$login = strval(_request('var_login'));
	$row = auth_informer_login($login);
	if ($row AND is_array($row))
		unset($row['id_auteur']);
	else {
		// generer de fausses infos, mais credibles, pour eviter une attaque
		// http://core.spip.org/issues/1758

		include_spip('inc/securiser_action');
		$fauxalea1 = md5('fauxalea'.secret_du_site().$login.floor(date('U')/86400));
		$fauxalea2 = md5('fauxalea'.secret_du_site().$login.ceil(date('U')/86400));

		$row = array('login' => $login,
		 'cnx' => 0,
		 'logo' => "",
		 'alea_actuel' => substr_replace($fauxalea1,'.',24,0),
		 'alea_futur' => substr_replace($fauxalea2,'.',24,0)
		);
	}

	return json_export($row);
}
function previsu_cle_temporaire($date = null)
{
    include_spip('inc/securiser_action');
    if (!$date) {
        $date = date('Y-m-d H');
    }
    $url = self();
    $cle = md5($url . $date . secret_du_site());
    return $cle;
}
function informer_auteur($bof)
{
    include_spip('inc/json');
    include_spip('formulaires/login');
    include_spip('inc/auth');
    $login = strval(_request('var_login'));
    $row = auth_informer_login($login);
    if ($row and is_array($row)) {
        unset($row['id_auteur']);
    } else {
        if (defined('_AUTORISER_AUTH_FAIBLE') and _AUTORISER_AUTH_FAIBLE) {
            $row = array();
        } else {
            include_spip('inc/securiser_action');
            $fauxalea1 = md5('fauxalea' . secret_du_site() . $login . floor(date('U') / 86400));
            $fauxalea2 = md5('fauxalea' . secret_du_site() . $login . ceil(date('U') / 86400));
            $row = array('login' => $login, 'cnx' => 0, 'logo' => "", 'alea_actuel' => substr_replace($fauxalea1, '.', 24, 0), 'alea_futur' => substr_replace($fauxalea2, '.', 24, 0));
        }
    }
    return json_export($row);
}
Example #4
0
/**
 * Calculer une signature valable pour une action et pour le site
 * http://doc.spip.org/@calculer_cle_action
 *
 * @param string $action
 * @return string
 */
function calculer_cle_action($action)
{
    if (function_exists('sha1')) {
        return sha1($action . secret_du_site());
    } else {
        return md5($action . secret_du_site());
    }
}