Add TLSA record form in ns/

exe.php

@@ -1,14 +0,0 @@
-<?php
-
-exec("touch /var/lib/knot/zones/chouquette.atope.art.zone", $output);
-var_dump($output);
-/*
-exec("/usr/sbin/knotc conf-begin", $output);
-var_dump($output);
-exec("/usr/sbin/knotc conf-abort");
-if(function_exists('exec')) {
-    echo "exec is enabled";
-} else {
-    echo "exec is disabled";
-}
-*/

inc/form/form.ns.inc.php

@@ -43,4 +43,4 @@
 
 <label for="domain">Domaine</label>
 <br>
-<input id="domain" placeholder="monsite.atope.art." name="domain" type="text">
+<input id="domain" placeholder="exemple." name="domain" type="text">

inc/ns.inc.php

@@ -42,6 +42,7 @@ function nsListUserZones($username) {
     $zone = NULL;
 
   $i = 0;
+  $zones = NULL;
 
   while ($zone != NULL) {
     $zones[$i] = $zone;

inc/pages.inc.php

@@ -34,6 +34,9 @@ switch (SERVICE) {
       case "sshfp":
         $page['title'] = "Enregistrement SSHFP";
       break;
+      case "tlsa":
+        $page['title'] = "Enregistrement TLSA";
+      break;
       case "zone":
         $page['title'] = "Ajouter une zone";
       break;

niver.log

@@ -100,3 +100,9 @@
  stdout:
  stderr: useradd: cannot lock /etc/passwd; try again later.
  
+
+2021-05-17 13:09:55 pale enabled SFTP on their account
+ status: exit code: 1
+ stdout:
+ stderr: useradd: cannot lock /etc/passwd; try again later.
+ 

ns/index.php

@@ -21,10 +21,7 @@
   <dd>
     Associer du texte à un domaine
   </dd>
-  <dt><a class="nsButton" href="caa">Enregistrement <abbr title="Certification Authority Authorization">CAA</abbr></a></dt>
-  <dd>
-    Indiquer les seules autorités de certifications autorisée à signer les domaines
-  </dd>
+
   <dt><a class="nsButton" href="srv">Enregistrement SRV</a></dt>
   <dd>
     Indiquer un serveur pour un domaine
@@ -37,11 +34,15 @@
   <dd>
     Indiquer les empreintes de clés <abbr title="Secure SHell">SSH</abbr> d'un domaine
   </dd>
-  <!--
   <dt><a class="nsButton" href="tlsa">Enregistrement <abbr title="Transport Layer Security Association">TLSA</abbr></a></dt>
   <dd>
     Mettre en place <abbr title="DNS-based Authentication of Named Entities">DANE</abbr> en indiquant l'empreinte d'un certificat <abbr title="Transport Layer Security">TLS</abbr>
   </dd>
+  <dt><a class="nsButton" href="caa">Enregistrement <abbr title="Certification Authority Authorization">CAA</abbr></a></dt>
+  <dd>
+    Indiquer les seules autorités de certifications autorisée à signer les domaines
+  </dd>
+  <!--
   <dt><a class="nsButton" href="loc">Enregistrement LOC</a></dt>
   <dd>
     Indiquer la localisation physique d'un domaine

ns/sshfp.php

@@ -42,10 +42,10 @@ if (nsCommonRequirements()
 
   $values = nsParseCommonRequirements();
 
-  if (!($_POST['algo'] === 1 OR $_POST['algo'] === 3 OR $_POST['algo'] === 4))
+  if (!($_POST['algo'] === "1" OR $_POST['algo'] === "3" OR $_POST['algo'] === "4"))
     exit("ERROR: Wrong value for algo");
 
-  if (!($_POST['type'] === 2))
+  if (!($_POST['type'] === "2"))
     exit("ERROR: Wrong value for type");
 
   if (!(preg_match("/^[a-z0-9]{64}$/", $_POST['fp'])))

ns/tlsa.php

@@ -0,0 +1,78 @@
+<?php include "../top.inc.php"; ?>
+
+<form method="post">
+
+  <?php require "../inc/form/form.ns.inc.php"; ?>
+
+  <br>
+  <label for="use">Utilisation</label>
+  <br>
+  <select required="" name="use" id="use">
+    <option value="" selected="" disabled="">-</option>
+    <option value="0">0 (PKIX-TA, <abbr title="also known as">aka<abbr> CA constraint)</option>
+    <option value="1">1 (PKIX-EE, <abbr title="also known as">aka<abbr> Service certificate constraint)</option>
+    <option value="2">2 (DANE-TA, <abbr title="also known as">aka<abbr> Trust Anchor Assertion)</option>
+    <option value="3">3 (DANE-EE, <abbr title="also known as">aka<abbr> Domain issued certificate)</option>
+  </select>
+  <br>
+
+  <label for="selector">Selecteur</label>
+  <br>
+  <select required="" name="selector" id="selector">
+    <option value="" selected="" disabled="">-</option>
+    <option value="0">0 (le certificat entier doit correspondre)</option>
+    <option value="1">1 (la clé publique du certificat doit correspondre)</option>
+  </select>
+  <br>
+
+  <label for="type">Type de correspondance</label>
+  <br>
+  <select required="" name="type" id="type">
+    <option value="" selected="" disabled="">-</option>
+    <option value="0">0 (certificat entier)</option>
+    <option value="1">1 (SHA-256)</option>
+    <option value="2">2 (SHA-512)</option>
+  </select>
+  <br>
+
+  <label for="content">Contenu</label>
+  <br>
+  <input id="content" minlenght="3" maxlength="1024" pattern="^[a-zA-Z0-9.-]{3,1024}$" placeholder="gjioerjgioer" name="content" type="text">
+  <br>
+  <input value="Valider" type="submit">
+</form>
+
+<?php
+
+if (nsCommonRequirements()
+    AND isset($_POST['use'])
+    AND isset($_POST['selector'])
+    AND isset($_POST['type'])
+    AND isset($_POST['content'])
+  ) {
+
+  $values = nsParseCommonRequirements();
+
+  if (!($_POST['use'] >= 0 AND $_POST['use'] <= 3))
+    exit("ERROR: Wrong value for use");
+
+  if (!($_POST['selector'] === "0" OR $_POST['selector'] === "1"))
+    exit("ERROR: Wrong value for selector");
+
+  if (!($_POST['type'] >= 0 OR $_POST['type'] <= 2))
+    exit("ERROR: Wrong value for type");
+
+  if (!(preg_match("/^[a-zA-Z0-9.-]{1,1024}$/", $_POST['content'])))
+    exit("ERROR: Wrong value for content");
+
+  exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
+  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " IN TLSA " . $_POST['use'] . " " . $_POST['selector'] .  " " . $_POST['type'] . " " . $_POST['content']);
+  exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
+  echo "Enregistrement ajouté";
+}
+
+
+
+?>
+
+<?php include "../bottom.inc.php"; ?>

reg/ds.php

@@ -36,9 +36,9 @@
     <option value="8">8 (RSASHA256)</option>
     <option value="10" disabled="">10 (RSASHA512)</option>
     <option value="12" disabled="">12 (ECC-GOST)</option>
-    <option value="13" selected="">13 (ECDSAP256SHA256)</option>
+    <option value="13">13 (ECDSAP256SHA256)</option>
     <option value="14">14 (ECDSAP384SHA384)</option>
-    <option value="15">15 (ED25519)</option>
+    <option value="15" selected="">15 (ED25519)</option>
     <option value="16">16 (ED448)</option>
   </select>
   <br>

reg/ns.php

@@ -43,12 +43,9 @@ if (isset($_POST['domain']) AND isset($_POST['action']) AND isset($_POST['ns'])
 
   $suffix = regGetSuffix($_POST['domain']);
 
-  exec(KNOTC_PATH . " zone-begin " . $suffix, $output);
-  var_dump($output);
-  exec(KNOTC_PATH . " zone-" . $action . "set " . $suffix . " " . $_POST['domain'] . " 86400 NS " . $_POST['ns'], $output);
-  var_dump($output);
-  exec(KNOTC_PATH . " zone-commit " . $suffix, $output);
-  var_dump($output);
+  exec(KNOTC_PATH . " zone-begin " . $suffix);
+  exec(KNOTC_PATH . " zone-" . $action . "set " . $suffix . " " . $_POST['domain'] . " 86400 NS " . $_POST['ns']);
+  exec(KNOTC_PATH . " zone-commit " . $suffix);
   echo "Enregistrement NS ajouté";
 }
 

reg/register.php

@@ -5,124 +5,126 @@ Doit être composé uniquement de lettres latines non accentuées, au moins 4
 <br>
 <br>
 <form method="post">
-  <input id="subdomain" pattern="<?= SUBDOMAIN_REGEX ?>" required="" placeholder="niver" name="subdomain" type="text">
-  .
-  <select required="" id="label" name="suffix">
-    <option selected="" value="atope.art.">atope.art.</option>
-    <optgroup label="Organisations">
-      <option value="asso.atope.art.">asso.atope.art.</option>
-      <option value="org.atope.art.">org.atope.art.</option>
-    </optgroup>
-    <optgroup label="Personnels">
-      <option value="perso.atope.art.">perso.atope.art.</option>
-      <option value="blog.atope.art.">blog.atope.art.</option>
-      <option value="me.atope.art.">me.atope.art.</option>
-    </optgroup>
-    <optgroup label="Connaissance">
-      <option value="edu.atope.art.">edu.atope.art.</option>
-      <option value="info.atope.art.">info.atope.art.</option>
-      <option value="wiki.atope.art.">wiki.atope.art.</option>
-      <option value="sci.atope.art.">sci.atope.art.</option>
-    </optgroup>
-    <optgroup label="Politique">
-      <option value="pol.atope.art.">pol.atope.art.</option>
-      <option value="libre.atope.art.">libre.atope.art.</option>
-      <option value="fem.atope.art.">fem.atope.art.</option>
-      <option value="eco.atope.art.">eco.atope.art.</option>
-      <option value="veg.atope.art.">veg.atope.art.</option>
-      <option value="bio.atope.art.">bio.atope.art.</option>
-      <option value="anar.atope.art.">anar.atope.art.</option>
-      <option value="ancom.atope.art.">ancom.atope.art.</option>
-      <option value="acab.atope.art.">acab.atope.art.</option>
-      <option value="handi.atope.art.">handi.atope.art.</option>
-    </optgroup>
-    <optgroup label="LGBT+">
-      <option value="queer.atope.art.">queer.atope.art.</option>
-      <option value="gay.atope.art.">gay.atope.art.</option>
-      <option value="enby.atope.art.">enby.atope.art.</option>
-      <option value="trans.atope.art.">trans.atope.art.</option>
-    </optgroup>
-    <optgroup label="Technologie">
-      <option value="net.atope.art.">net.atope.art.</option>
-      <option value="tech.atope.art.">tech.atope.art.</option>
-      <option value="io.atope.art.">io.atope.art.</option>
-      <option value="sec.atope.art.">sec.atope.art.</option>
-      <option value="cyber.atope.art.">cyber.atope.art.</option>
-      <option value="dev.atope.art.">dev.atope.art.</option>
-      <option value="geek.atope.art.">geek.atope.art.</option>
-      <option value="fs.atope.art.">fs.atope.art.</option>
-      <option value="ht.atope.art.">ht.atope.art.</option>
-      <option value="hyper.atope.art.">hyper.atope.art.</option>
-      <option value="git.atope.art.">git.atope.art.</option>
-      <option value="forge.atope.art.">forge.atope.art.</option>
-      <option value="code.atope.art.">code.atope.art.</option>
-      <option value="lab.atope.art.">lab.atope.art.</option>
-      <option value="labs.atope.art.">labs.atope.art.</option>
-      <option value="gemini.atope.art.">gemini.atope.art.</option>
-      <option value="gmi.atope.art.">gmi.atope.art.</option>
-      <option value="gemlog.atope.art.">gemlog.atope.art.</option>
-      <option value="mail.atope.art.">mail.atope.art.</option>
-      <option value="ynh.atope.art.">ynh.atope.art.</option>
-      <option value="yuno.atope.art.">yuno.atope.art.</option>
-      <option value="sys.atope.art.">sys.atope.art.</option>
-    </optgroup>
-    <optgroup label="Fédiverse">
-      <option value="fed.atope.art.">fed.atope.art.</option>
-      <option value="fedi.atope.art.">fedi.atope.art.</option>
-      <option value="soc.atope.art.">soc.atope.art.</option>
-      <option value="masto.atope.art.">masto.atope.art.</option>
-      <option value="plero.atope.art.">plero.atope.art.</option>
-      <option value="pix.atope.art.">pix.atope.art.</option>
-      <option value="mobi.atope.art.">mobi.atope.art.</option>
-    </optgroup>
-    <optgroup label="Arts">
-      <option value="art.atope.art.">art.atope.art.</option>
-      <option value="music.atope.art.">music.atope.art.</option>
-      <option value="video.atope.art.">video.atope.art.</option>
-      <option value="draw.atope.art.">draw.atope.art.</option>
-      <option value="audio.atope.art.">audio.atope.art.</option>
-      <option value="ink.atope.art.">ink.atope.art.</option>
-    </optgroup>
-    <optgroup label="Neurodiversité">
-      <option value="na.atope.art.">na.atope.art.</option>
-      <option value="psy.atope.art.">psy.atope.art.</option>
-      <option value="neuro.atope.art.">neuro.atope.art.</option>
-      <option value="auti.atope.art.">auti.atope.art.</option>
-      <option value="plur.atope.art.">plur.atope.art.</option>
-    </optgroup>
-    <optgroup label="Couleurs">
-      <option value="blue.atope.art.">blue.atope.art.</option>
-      <option value="red.atope.art.">red.atope.art.</option>
-      <option value="pink.atope.art.">pink.atope.art.</option>
-      <option value="green.atope.art.">green.atope.art.</option>
-      <option value="black.atope.art.">black.atope.art.</option>
-    </optgroup>
-    <optgroup label="Communauté">
-      <option value="city.atope.art.">city.atope.art.</option>
-      <option value="town.atope.art.">town.atope.art.</option>
-      <option value="cafe.atope.art.">cafe.atope.art.</option>
-      <option value="home.atope.art.">home.atope.art.</option>
-      <option value="forum.atope.art.">forum.atope.art.</option>
-    </optgroup>
-    <optgroup label="Divers">
-      <option value="dream.atope.art.">dream.atope.art.</option>
-      <option value="space.atope.art.">space.atope.art.</option>
-      <option value="forest.atope.art.">forest.atope.art.</option>
-      <option value="rain.atope.art.">rain.atope.art.</option>
-      <option value="snow.atope.art.">snow.atope.art.</option>
-      <option value="sun.atope.art.">sun.atope.art.</option>
-      <option value="earth.atope.art.">earth.atope.art.</option>
-      <option value="world.atope.art.">world.atope.art.</option>
-      <option value="soft.atope.art.">soft.atope.art.</option>
-      <option value="cute.atope.art.">cute.atope.art.</option>
-      <option value="cutie.atope.art.">cutie.atope.art.</option>
-      <option value="fun.atope.art.">fun.atope.art.</option>
-      <option value="play.atope.art.">play.atope.art.</option>
-      <option value="game.atope.art.">game.atope.art.</option>
-    </optgroup>
-
-  </select>
-
+  <fieldset>
+    <legend>Domaine</legend>
+    <input id="subdomain" pattern="<?= SUBDOMAIN_REGEX ?>" required="" placeholder="niver" name="subdomain" type="text">
+    .
+    <select required="" id="label" name="suffix">
+      <option selected="" value="atope.art.">atope.art.</option>
+      <optgroup label="Organisations">
+        <option value="asso.atope.art.">asso.atope.art.</option>
+        <option value="org.atope.art.">org.atope.art.</option>
+      </optgroup>
+      <optgroup label="Personnels">
+        <option value="perso.atope.art.">perso.atope.art.</option>
+        <option value="blog.atope.art.">blog.atope.art.</option>
+        <option value="me.atope.art.">me.atope.art.</option>
+      </optgroup>
+      <optgroup label="Connaissance">
+        <option value="edu.atope.art.">edu.atope.art.</option>
+        <option value="info.atope.art.">info.atope.art.</option>
+        <option value="wiki.atope.art.">wiki.atope.art.</option>
+        <option value="sci.atope.art.">sci.atope.art.</option>
+      </optgroup>
+      <optgroup label="Politique">
+        <option value="pol.atope.art.">pol.atope.art.</option>
+        <option value="libre.atope.art.">libre.atope.art.</option>
+        <option value="fem.atope.art.">fem.atope.art.</option>
+        <option value="eco.atope.art.">eco.atope.art.</option>
+        <option value="veg.atope.art.">veg.atope.art.</option>
+        <option value="bio.atope.art.">bio.atope.art.</option>
+        <option value="anar.atope.art.">anar.atope.art.</option>
+        <option value="ancom.atope.art.">ancom.atope.art.</option>
+        <option value="acab.atope.art.">acab.atope.art.</option>
+        <option value="handi.atope.art.">handi.atope.art.</option>
+      </optgroup>
+      <optgroup label="LGBT+">
+        <option value="queer.atope.art.">queer.atope.art.</option>
+        <option value="gay.atope.art.">gay.atope.art.</option>
+        <option value="enby.atope.art.">enby.atope.art.</option>
+        <option value="trans.atope.art.">trans.atope.art.</option>
+      </optgroup>
+      <optgroup label="Technologie">
+        <option value="net.atope.art.">net.atope.art.</option>
+        <option value="tech.atope.art.">tech.atope.art.</option>
+        <option value="io.atope.art.">io.atope.art.</option>
+        <option value="sec.atope.art.">sec.atope.art.</option>
+        <option value="cyber.atope.art.">cyber.atope.art.</option>
+        <option value="dev.atope.art.">dev.atope.art.</option>
+        <option value="geek.atope.art.">geek.atope.art.</option>
+        <option value="fs.atope.art.">fs.atope.art.</option>
+        <option value="ht.atope.art.">ht.atope.art.</option>
+        <option value="hyper.atope.art.">hyper.atope.art.</option>
+        <option value="git.atope.art.">git.atope.art.</option>
+        <option value="forge.atope.art.">forge.atope.art.</option>
+        <option value="code.atope.art.">code.atope.art.</option>
+        <option value="lab.atope.art.">lab.atope.art.</option>
+        <option value="labs.atope.art.">labs.atope.art.</option>
+        <option value="gemini.atope.art.">gemini.atope.art.</option>
+        <option value="gmi.atope.art.">gmi.atope.art.</option>
+        <option value="gemlog.atope.art.">gemlog.atope.art.</option>
+        <option value="mail.atope.art.">mail.atope.art.</option>
+        <option value="ynh.atope.art.">ynh.atope.art.</option>
+        <option value="yuno.atope.art.">yuno.atope.art.</option>
+        <option value="sys.atope.art.">sys.atope.art.</option>
+      </optgroup>
+      <optgroup label="Fédiverse">
+        <option value="fed.atope.art.">fed.atope.art.</option>
+        <option value="fedi.atope.art.">fedi.atope.art.</option>
+        <option value="soc.atope.art.">soc.atope.art.</option>
+        <option value="masto.atope.art.">masto.atope.art.</option>
+        <option value="plero.atope.art.">plero.atope.art.</option>
+        <option value="pix.atope.art.">pix.atope.art.</option>
+        <option value="mobi.atope.art.">mobi.atope.art.</option>
+      </optgroup>
+      <optgroup label="Arts">
+        <option value="art.atope.art.">art.atope.art.</option>
+        <option value="music.atope.art.">music.atope.art.</option>
+        <option value="video.atope.art.">video.atope.art.</option>
+        <option value="draw.atope.art.">draw.atope.art.</option>
+        <option value="audio.atope.art.">audio.atope.art.</option>
+        <option value="ink.atope.art.">ink.atope.art.</option>
+      </optgroup>
+      <optgroup label="Neurodiversité">
+        <option value="na.atope.art.">na.atope.art.</option>
+        <option value="psy.atope.art.">psy.atope.art.</option>
+        <option value="neuro.atope.art.">neuro.atope.art.</option>
+        <option value="auti.atope.art.">auti.atope.art.</option>
+        <option value="plur.atope.art.">plur.atope.art.</option>
+      </optgroup>
+      <optgroup label="Couleurs">
+        <option value="blue.atope.art.">blue.atope.art.</option>
+        <option value="red.atope.art.">red.atope.art.</option>
+        <option value="pink.atope.art.">pink.atope.art.</option>
+        <option value="green.atope.art.">green.atope.art.</option>
+        <option value="black.atope.art.">black.atope.art.</option>
+      </optgroup>
+      <optgroup label="Communauté">
+        <option value="city.atope.art.">city.atope.art.</option>
+        <option value="town.atope.art.">town.atope.art.</option>
+        <option value="cafe.atope.art.">cafe.atope.art.</option>
+        <option value="home.atope.art.">home.atope.art.</option>
+        <option value="forum.atope.art.">forum.atope.art.</option>
+      </optgroup>
+      <optgroup label="Divers">
+        <option value="dream.atope.art.">dream.atope.art.</option>
+        <option value="space.atope.art.">space.atope.art.</option>
+        <option value="forest.atope.art.">forest.atope.art.</option>
+        <option value="rain.atope.art.">rain.atope.art.</option>
+        <option value="snow.atope.art.">snow.atope.art.</option>
+        <option value="sun.atope.art.">sun.atope.art.</option>
+        <option value="earth.atope.art.">earth.atope.art.</option>
+        <option value="world.atope.art.">world.atope.art.</option>
+        <option value="soft.atope.art.">soft.atope.art.</option>
+        <option value="cute.atope.art.">cute.atope.art.</option>
+        <option value="cutie.atope.art.">cutie.atope.art.</option>
+        <option value="fun.atope.art.">fun.atope.art.</option>
+        <option value="play.atope.art.">play.atope.art.</option>
+        <option value="game.atope.art.">game.atope.art.</option>
+      </optgroup>
+
+    </select>
+  </fieldset>
   <br>
   <input value="Valider" type="submit">
 </form>

top.inc.php

@@ -2,6 +2,8 @@
 if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
   exit("This file is meant to be included.");
 
+// Définition de constantes
+
 define("USERNAME_REGEX", "^[a-z]{4,32}$");
 define("PASSWORD_REGEX", "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])[a-zA-Z0-9]{8,1024}|.{10,1024}$");
 define("SUBDOMAIN_REGEX", "^[a-z]{4,63}$");
@@ -25,6 +27,17 @@ define("HT_PATH", "/srv/ht");
 define("SERVICE", substr(dirname($_SERVER['PHP_SELF']), strlen(PREFIX) + 1));
 define("PAGE", basename($_SERVER['PHP_SELF'], '.php'));
 
+define("THEME", array(
+  'htColor' => "#FF0000",
+  'regColor' => "#DA03E5",
+  'authColor' => "#00FF00",
+  'nsColor' => "#00c4c4",
+  'lightColor' => '#FFFFFF',
+  'darkColor' => '#2a2a2a',
+));
+
+// Initialisation de la session (avec des cookies)
+
 session_start([
   'name' => 'niver',
   'sid_length' => 64,
@@ -39,44 +52,49 @@ session_start([
   'use_only_cookies' => true,
 ]);
 
+// Redirige vers la page de connexion si pas connecté·e
 if (SERVICE != "auth" AND !isset($_SESSION['username'])) {
   header('Location: ' . PREFIX . '/auth/login?redir=' . SERVICE . "/" . PAGE, true, 302);
   exit;
 }
 
+// Enlève .php de l'URL (si jamais)
 if (substr($_SERVER['REQUEST_URI'], -4) == ".php") {
   header("Location: " . PREFIX . "/" . SERVICE . "/" . PAGE, true, 301); // 301 Moved Permanently
   exit;
 }
 
-$theme = array(
-  'htColor' => "#FF0000",
-  'regColor' => "#DA03E5",
-  'authColor' => "#00FF00",
-  'nsColor' => "#00c4c4",
-  'lightColor' => '#FFFFFF',
-  'darkColor' => '#2a2a2a',
-);
-
+// Fonctions utiles partout
 require "inc/all.inc.php";
 require "inc/format.inc.php";
+// Fonctions specifiques à un service
 require "inc/ht.inc.php";
 require "inc/ns.inc.php";
-require "inc/pages.inc.php";
 require "inc/reg.inc.php";
+// Définitions des titres de pages
+require "inc/pages.inc.php";
+
+// Compilation du Less vers le CSS
 
 require_once 'lessphp/lib/Less/Autoloader.php';
 Less_Autoloader::register();
 
+// Liste les fichiers dans le dossier less/
 $relativeLessFiles = array_diff(scandir(ROOT_PATH . "/less"), array('..', '.'));
+// Remplace les clés par les valeurs, et les valeurs par les clés
 $relativeLessFiles = array_flip($relativeLessFiles);
 
+// Transforme les chemins relatifs en chemins absolus
 foreach ($relativeLessFiles as $relativeLessFile => $nothing) {
   $absoluteLessFiles[ROOT_PATH . "/less/" . $relativeLessFile] = "";
 }
 
-$options = array('cache_dir' => ROOT_PATH . '/css/', 'compress' => true);
-$cssFileName = Less_Cache::Get($absoluteLessFiles, $options, $theme);
+// Génère un seul fichier CSS minimifié dans css/ à partir des sources dans less/
+$options = array(
+  'cache_dir' => ROOT_PATH . '/css/',
+  'compress' => true
+);
+$cssFileName = Less_Cache::Get($absoluteLessFiles, $options, THEME);
 
 ?>
 <!DOCTYPE html>