From 727b055af61a7a887a1c05815d4e115f95f98b15 Mon Sep 17 00:00:00 2001
From: lutranf <lutranf@GARCLM0290.ds.givaudan.com>
Date: Thu, 31 Jul 2014 12:10:55 +0200
Subject: [PATCH] implementation of PRG + minor fixes

---
 inc/databap.php  | 16 +++++++++--
 index.php        | 72 +++++++++++++++++++++++++-----------------------
 masks/logon.html | 17 +++++++++---
 todo             |  1 -
 4 files changed, 63 insertions(+), 43 deletions(-)

diff --git a/inc/databap.php b/inc/databap.php
index 0ae9a34..cc45c32 100644
--- a/inc/databap.php
+++ b/inc/databap.php
@@ -7,8 +7,8 @@
 class Databap extends PhpObject
 {
 	//Common Constants
-	const VERSION = '1.0.0-RC3'; //Versioning: <Main_Version>.<Enhancement_Package>.<Patch>-<Release_Candidate>
-	const VERSION_DATE = '02/07/2014';
+	const VERSION = '1.0.0-RC4'; //Versioning: <Main_Version>.<Enhancement_Package>.<Patch>-<Release_Candidate>
+	const VERSION_DATE = '31/07/2014';
 	const EXPECTED_PAGE_COOKIE = 'exp_page';
 	const MAIN_SEPARATOR = ' ';
 	const DATE_FORMAT = 'd/m/Y';
@@ -1079,11 +1079,12 @@ class Databap extends PhpObject
 
 	public function getUserInfo($iUserId, $bJson=false)
 	{
+		$asUserInfo = array();
 		if($iUserId==$this->getUserId() && !empty($this->asUserInfo))
 		{
 			$asUserInfo = $this->asUserInfo;
 		}
-		else
+		elseif($iUserId > 0)
 		{
 			$asRow = $this->oMySql->selectRow(self::USER_TABLE, $iUserId);
 			$sEmail = $this->getUserOptionValue(self::OPT_EMAIL, $iUserId);
@@ -2221,6 +2222,7 @@ class Databap extends PhpObject
 	public function logMeIn($sToken, $sAction)
 	{
 		$iUserId = 0;
+		$sNameToken = '';
 		$bResetPass = true;
 		$sUserTableId = MySqlManager::getId(self::USER_TABLE);
 		
@@ -2270,6 +2272,14 @@ class Databap extends PhpObject
 			{
 				$this->resetAuthCookie();
 			}
+			
+			//Post-Redirect-Get if user manually logging from logon page
+			if($sNameToken!='')
+			{
+				header('HTTP/1.1 303 See Other');
+				header('Location: '.$_SERVER['REQUEST_URI']);
+				exit();
+			}
 		}
 
 		return ($this->getUserId()>0);
diff --git a/index.php b/index.php
index 867624a..d881959 100644
--- a/index.php
+++ b/index.php
@@ -178,29 +178,30 @@ if($bUserOk && $sAction!=Databap::EXT_ACCESS)
 			case 'css':
 				$sResult = $oDatabap->getStyleSheet();
 				break;
-		}
-		
-		//Admin actions
-		if($oDatabap->getUserClearance()==Databap::CLEARANCE_ADMIN)
-		{
-			switch($sAction)
-			{
-				case 'add_user':
-					$asInfo = explode('-', strtolower($oUser));
-					$sResult = 'User added. Id='.$oDatabap->addUser($asInfo[0], $asInfo[1], $asInfo[2], array_key_exists(3, $asInfo)?$asInfo[3]:'');
-					break;
-				case 'build_index':
-					$oDatabap->buildCompleteIndex();
-					$sResult = 'Index ok';
-					break;
-				case 'install_queries':
-					$oMySqlInstall = new MySqlManager(Settings::DB_SERVER, Settings::DB_LOGIN, Settings::DB_PASS, Settings::DB_NAME, Databap::getSqlOptions(), Settings::DB_ENC);
-					$sResult = $oMySqlInstall->getFullInstallQuery();
-					break;
-				case 'reset_chan_safe_names':
-					$sResult = $oDatabap->resetChanSafeNames();
-					break;
-			}
+			default:
+				//Admin actions
+				if($oDatabap->getUserClearance()==Databap::CLEARANCE_ADMIN)
+				{
+					switch($sAction)
+					{
+						case 'add_user':
+							$asInfo = explode('-', strtolower($oUser));
+							$sResult = 'User added. Id='.$oDatabap->addUser($asInfo[0], $asInfo[1], $asInfo[2], array_key_exists(3, $asInfo)?$asInfo[3]:'');
+							break;
+						case 'build_index':
+							$oDatabap->buildCompleteIndex();
+							$sResult = 'Index ok';
+							break;
+						case 'install_queries':
+							$oMySqlInstall = new MySqlManager(Settings::DB_SERVER, Settings::DB_LOGIN, Settings::DB_PASS, Settings::DB_NAME, Databap::getSqlOptions(), Settings::DB_ENC);
+							$sResult = $oMySqlInstall->getFullInstallQuery();
+							break;
+						case 'reset_chan_safe_names':
+							$sResult = $oDatabap->resetChanSafeNames();
+							break;
+					}
+				}
+				break;
 		}
 	}
 	//Loading a page
@@ -218,19 +219,20 @@ elseif($bUserOk && $sAction==Databap::EXT_ACCESS)
 		case 'rss': //RSS Feed
 			$sResult = $oDatabap->getRss($sCategory);
 			break;
+		default:
+			//Restricted actions
+			if($oDatabap->getUserClearance()==Databap::CLEARANCE_ADMIN)
+			{
+				switch($sPage)
+				{
+					case 'sap_blog': //Syncing SAP BW Blog with database & spreading the news on chat
+						$sResult = $oDatabap->syncSapBlog();
+						break;
+				}
+			}
+			elseif($sResult=='') $sResult = 'No Clearance';
+			break;
 	}
-
-	//Restricted actions
-	if($oDatabap->getUserClearance()==Databap::CLEARANCE_ADMIN)
-	{
-		switch($sPage)
-		{
-			case 'sap_blog': //Syncing SAP BW Blog with database & spreading the news on chat
-				$sResult = $oDatabap->syncSapBlog();
-				break;
-		}
-	}
-	elseif($sResult=='') $sResult = 'No Clearance';
 }
 elseif($sAction!='')
 {
diff --git a/masks/logon.html b/masks/logon.html
index 5f2f14d..fa87761 100755
--- a/masks/logon.html
+++ b/masks/logon.html
@@ -40,10 +40,6 @@
 					</tr>
 				</table>
 			</div>
-			<p class="logon_msg round">
-				<span class="msg_title"><i class="fa fa-inline fa-c-warning"></i><!-- TODO delete in v1.0.0 -->L'authentification a changé !</span>
-				<span class="msg_body">Nom et prénom : pas de changement, bien mettre les accents<br />Mot de passe : initialisé avec le nom de votre entreprise en minuscule</span>
-			</p>
 		</div>
 		<div id="footer">
 			<p>v[#]version[#] - Designed and powered by <a href="mailto:francois@lutran.fr" title="Envoyer un mail">Fran&ccedil;ois Lutran</a> - Databap Project under <a href="http://www.gnu.org/licenses/gpl.html" target="_blank">GPLv3 License</a>.</p>
@@ -56,6 +52,9 @@
 		//Events
 		$(window).keyup(function(e){if(e.which==13) logMeIn();});
 		$('#logon_form').addButton('ok', '', logMeIn, 'log_me_in', '');
+		
+		//Message
+		//addMessage('L\'authentification a changé !', ['Nom et prénom : pas de changement, bien mettre les accents', 'Mot de passe : initialisé avec le nom de votre entreprise en minuscule']);
 	});
 
 	//Hashing and sending auth credentials
@@ -95,5 +94,15 @@
 		}
 		else $('.feedback').text('Formulaire incomplet');
 	}
+	
+	function addMessage(sTitle, asBody)
+	{
+		$('<p>', {'class':'logon_msg round'})
+			.append($('<span>', {'class':'msg_title'})
+				.append($('<i>', {'class':'fa fa-inline fa-c-warning'}))
+				.append(sTitle))
+			.append($('<span>', {'class':'msg_body'}).html(asBody.join('<br />')))
+			.appendTo('.container');
+	}
 </script>
 </html>
\ No newline at end of file
diff --git a/todo b/todo
index dae8ddd..e3eb10d 100644
--- a/todo
+++ b/todo
@@ -10,7 +10,6 @@ Bug fix:
 - [1.0.0] Tab dans chat
 - [1.0.1] Check le document type plutot que l'extension pour les /img
 - [1.0.1] Resize .gif
-- [1.0.1] Request anti repost : POST REDIRECT GET : http://en.wikipedia.org/wiki/Post/Redirect/Get
 - Fix les "xxx se déconnecte" intempestives
 
 Améliorations