function informer_auteur($bof) { include_spip('inc/json'); include_spip('formulaires/login'); include_spip('inc/auth'); $login = strval(_request('var_login')); $row = auth_informer_login($login); if ($row AND is_array($row)) unset($row['id_auteur']); else { // generer de fausses infos, mais credibles, pour eviter une attaque // http://core.spip.org/issues/1758 include_spip('inc/securiser_action'); $fauxalea1 = md5('fauxalea'.secret_du_site().$login.floor(date('U')/86400)); $fauxalea2 = md5('fauxalea'.secret_du_site().$login.ceil(date('U')/86400)); $row = array('login' => $login, 'cnx' => 0, 'logo' => "", 'alea_actuel' => substr_replace($fauxalea1,'.',24,0), 'alea_futur' => substr_replace($fauxalea2,'.',24,0) ); } return json_export($row); }
function previsu_cle_temporaire($date = null) { include_spip('inc/securiser_action'); if (!$date) { $date = date('Y-m-d H'); } $url = self(); $cle = md5($url . $date . secret_du_site()); return $cle; }
function informer_auteur($bof) { include_spip('inc/json'); include_spip('formulaires/login'); include_spip('inc/auth'); $login = strval(_request('var_login')); $row = auth_informer_login($login); if ($row and is_array($row)) { unset($row['id_auteur']); } else { if (defined('_AUTORISER_AUTH_FAIBLE') and _AUTORISER_AUTH_FAIBLE) { $row = array(); } else { include_spip('inc/securiser_action'); $fauxalea1 = md5('fauxalea' . secret_du_site() . $login . floor(date('U') / 86400)); $fauxalea2 = md5('fauxalea' . secret_du_site() . $login . ceil(date('U') / 86400)); $row = array('login' => $login, 'cnx' => 0, 'logo' => "", 'alea_actuel' => substr_replace($fauxalea1, '.', 24, 0), 'alea_futur' => substr_replace($fauxalea2, '.', 24, 0)); } } return json_export($row); }
/** * Calculer une signature valable pour une action et pour le site * http://doc.spip.org/@calculer_cle_action * * @param string $action * @return string */ function calculer_cle_action($action) { if (function_exists('sha1')) { return sha1($action . secret_du_site()); } else { return md5($action . secret_du_site()); } }