From d5783b5c5775f8f70926b232d085553636349659 Mon Sep 17 00:00:00 2001
From: Alan Garcia <a.garcia@nnx.com>
Date: Fri, 4 Mar 2011 12:29:37 +0000
Subject: [PATCH] Corrige un bug Ajoute le "retour en arriere" lorsqu'on usurpe
 un compte utilisateur.

---
 bureau/admin/adm_login.php | 24 ++++++++++++++++++++++++
 bureau/admin/head.php      |  8 ++++++++
 bureau/class/m_mem.php     |  1 +
 install/mysql.sql          |  2 +-
 4 files changed, 34 insertions(+), 1 deletion(-)

diff --git a/bureau/admin/adm_login.php b/bureau/admin/adm_login.php
index b8614ae5..7439186c 100644
--- a/bureau/admin/adm_login.php
+++ b/bureau/admin/adm_login.php
@@ -29,6 +29,29 @@
 */
 require_once("../class/config.php");
 
+// If we just want to return to our previous session
+$oldid=intval($_COOKIE['oldid']);
+if ($oldid) {
+  setcookie('oldid','',0,'/admin/');
+
+  $db->query("select lastip from membres where uid='$oldid';");
+  $db->next_record();
+  if ($db->f("lastip") != getenv("REMOTE_ADDR") ) {
+    die('Error : bad IP address');
+  }
+
+	if (!$mem->setid($oldid))
+	{
+    $oldid=null;
+		$error=$err->errstr();
+		include("index.php");
+		exit();
+	}
+  $oldid=null;
+	include_once("main.php");
+	exit();
+}
+
 if (!$admin->enabled) {
 	__("This page is restricted to authorized staff");
 	exit();
@@ -52,6 +75,7 @@ if (!$r=$admin->get($id))
 }
 else
 {
+  setcookie('oldid',$cuid,0,'/admin/');
 	if (!$mem->setid($id))
 	{
 		$error=$err->errstr();
diff --git a/bureau/admin/head.php b/bureau/admin/head.php
index cdc425f2..8b697a3c 100644
--- a/bureau/admin/head.php
+++ b/bureau/admin/head.php
@@ -43,6 +43,14 @@ if (!$charset) $charset="iso-8859-1";
 <link href="js/jquery_ui/css/smoothness/jquery-ui-1.8.6.custom.css" rel="stylesheet" type="text/css" />
 </head>
 <body>
+<?
+$oldid=intval($_COOKIE['oldid']);
+if ($oldid && $oldid!=$cuid) {
+  echo "<div align=center><p class='error'>";
+  __("Invited session. Clic <a href='adm_login.php'>here</a> to return to your previous session.");
+  echo "</p></div>";
+}
+?>
 <div id="global">
 <table>
 <tr>
diff --git a/bureau/class/m_mem.php b/bureau/class/m_mem.php
index 25fe639a..87d0ddb6 100644
--- a/bureau/class/m_mem.php
+++ b/bureau/class/m_mem.php
@@ -250,6 +250,7 @@ class m_mem {
     $err->log("mem","del_session");
     $_COOKIE["session"]=addslashes($_COOKIE["session"]);
     setcookie("session","",0,"/");
+    setcookie("oldid","",0,"/admin/");
     if ($_COOKIE["session"]=="") {
       $err->error=0;
       return true;
diff --git a/install/mysql.sql b/install/mysql.sql
index 27542b22..17fbcff2 100644
--- a/install/mysql.sql
+++ b/install/mysql.sql
@@ -256,7 +256,7 @@ CREATE TABLE IF NOT EXISTS sub_domaines (
   valeur varchar(255) default NULL,
   type varchar(30) NOT NULL default 'LOCAL',
   web_action enum ('OK','UPDATE','DELETE') NOT NULL default 'UPDATE',
-  dns_result varchar(255) not null default '',
+  web_result varchar(255) not null default '',
   enable enum ('ENABLED', 'ENABLE', 'DISABLED', 'DISABLE') NOT NULL DEFAULT 'ENABLED',
   PRIMARY KEY  (compte,domaine,sub,type)
 --  ,FOREIGN KEY (type) REFERENCES (domaines_type)