<?php

include_once 'app/app.php';
$customparams = loadCustomParams($c, decryptCookie($_COOKIE['oauth_consumer_key']));
$variables = array('c' => $c, 'customparams' => $customparams);
ebsco_render('basic_search.html', 'layout.html', $variables);
     $sql->execute();
     $sql->store_result();
     $sql->bind_result($result);
     $count = 0;
     while ($sql->fetch()) {
         $count++;
         $consumeridsArray['logged_in_consumerid'][$count] = $result;
     }
     if (!isset($consumeridsArray)) {
         $consumeridsArray = array();
     }
     setcookie('consumeridsArray', encryptCookie($consumeridsArray), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
     if ($c->more_results()) {
         $c->next_result();
     }
     $customparams = loadCustomParams($c, $key);
     $variables['consumeridsArray'] = $consumeridsArray;
     $variables['customparams'] = $customparams;
     ebsco_render('admin.html', 'layout.html', $variables);
 } else {
     if (isset($_COOKIE['forward_to_admin']) && decryptCookie($_COOKIE['forward_to_admin']) == "n") {
         if (isset($_POST['admin_key'])) {
             $clean = strip_tags_deep($_POST);
             setcookie('admin_key', encryptCookie($clean['admin_key']), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
             setcookie('admin_secret', encryptCookie($clean['admin_secret']), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
             $variables['admin_key'] = $clean['admin_key'];
             $variables['admin_secret'] = $clean['admin_secret'];
         }
         ebsco_render('sign_on.html', 'layout.html', $variables);
     } else {
         ebsco_render('sign_on.html', 'layout.html', $variables);
Beispiel #3
0
    }
}
// upon new launch, eliminate any existing session tokens to prevent bad API calls from old sessions
if (isset($_COOKIE['sessionToken'])) {
    unset($_COOKIE['sessionToken']);
}
// legacy instructions had labeled the userid/password as custid/password - this allows both
if (isset($clean['custom_ebsco_userid'])) {
    $clean['custom_custid'] = $clean['custom_ebsco_userid'];
}
if (isset($clean['custom_ebsco_password'])) {
    $clean['custom_password'] = $clean['custom_ebsco_password'];
}
$oauth_consumer_key = $clean['oauth_consumer_key'];
// this loads in custom settings, such as email, api credentials, logo, etc.
$customparams = loadCustomParams($c, $oauth_consumer_key, $clean);
// whitelist of accepted parameters
$accepted = array('oauth_consumer_key', 'roles', 'context_label', 'context_title', 'lis_person_name_full', 'lis_person_contact_email_primary', 'resource_link_title', 'resource_link_id', 'tool_consumer_instance_guid', 'launch_presentation_return_url');
// transfer variables to session
foreach ($clean as $foo => $bar) {
    if (in_array($foo, $accepted) && !empty($bar)) {
        $encryptedC = encryptCookie($bar);
        setcookie($foo, $encryptedC, $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
    }
}
$sql = 'SELECT * FROM credentials WHERE ' . 'userid = ? AND ' . 'profile = ? AND ' . 'password = ?';
/* Prepare statement */
$stmt = $c->prepare($sql);
if ($stmt === false) {
    trigger_error('Wrong SQL: ' . $sql . ' Error: ' . $conn->errno . ' ' . $conn->error, E_USER_ERROR);
}
Beispiel #4
0
    die("This site requires the use of cookies.  Please enable cookies in your web browser.");
} else {
    if (!isset($_COOKIE['oauth_consumer_key'])) {
        die("It looks like browser security settings may have blocked this content.  Please try a different browser, or lower your security settings.");
    }
}
$cookieDCd = decryptCookie($_COOKIE['oauth_consumer_key']);
$_SESSION['debug'] .= "<p>Cookie dump: ";
$accepted = array('oauth_consumer_key', 'roles', 'context_label', 'user_id', 'context_title', 'lis_person_name_full', 'lis_person_contact_email_primary', 'resource_link_title', 'resource_link_id', 'tool_consumer_instance_guid', 'launch_presentation_return_url');
foreach ($_COOKIE as $index => $thecookie) {
    if (in_array($index, $accepted)) {
        $_SESSION['debug'] .= "<br />" . $index . ": " . decryptCookie($thecookie);
    }
}
$_SESSION['debug'] .= "</p>";
$customparams = loadCustomParams($c, $cookieDCd);
$profile = $customparams['profile'];
try {
    $api = new EBSCOAPI($c, $customparams);
} catch (Exception $e) {
    die("It looks like your user id and password for your EDS API profile are incorrect.  Please check your settings in the <a href='http://curriculumbuilder.ebscohost.com/admin.php' target='_top'>admin panel</a>.<p style='display:none;'>" . var_export($customparams, TRUE) . "</p>");
}
try {
    $_SESSION['debug'] .= "<p>Using AuthToken " . $api->getAuthToken() . "</p>";
    $newSessionToken = $api->apiSessionToken($api->getAuthToken(), $profile, 'n');
} catch (Exception $e) {
    echo "<div style='display:none;'>" . $_SESSION['debug'] . "</div>";
    die("It looks like your profile id for your EDS API profile is incorrect.  Please check your settings in the <a href='http://curriculumbuilder.ebscohost.com/admin.php' target='_top'>admin panel</a>.<p style='display:none;'>" . var_export($customparams, TRUE) . "</p><p style='display:none;'>" . $e->getMessage() . "</p>");
}
setcookie('sessionToken', encryptCookie($newSessionToken), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
setcookie('login', encryptCookie($profile), 0, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);