<?php include_once 'app/app.php'; $customparams = loadCustomParams($c, decryptCookie($_COOKIE['oauth_consumer_key'])); $variables = array('c' => $c, 'customparams' => $customparams); ebsco_render('basic_search.html', 'layout.html', $variables);
$sql->execute(); $sql->store_result(); $sql->bind_result($result); $count = 0; while ($sql->fetch()) { $count++; $consumeridsArray['logged_in_consumerid'][$count] = $result; } if (!isset($consumeridsArray)) { $consumeridsArray = array(); } setcookie('consumeridsArray', encryptCookie($consumeridsArray), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE); if ($c->more_results()) { $c->next_result(); } $customparams = loadCustomParams($c, $key); $variables['consumeridsArray'] = $consumeridsArray; $variables['customparams'] = $customparams; ebsco_render('admin.html', 'layout.html', $variables); } else { if (isset($_COOKIE['forward_to_admin']) && decryptCookie($_COOKIE['forward_to_admin']) == "n") { if (isset($_POST['admin_key'])) { $clean = strip_tags_deep($_POST); setcookie('admin_key', encryptCookie($clean['admin_key']), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE); setcookie('admin_secret', encryptCookie($clean['admin_secret']), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE); $variables['admin_key'] = $clean['admin_key']; $variables['admin_secret'] = $clean['admin_secret']; } ebsco_render('sign_on.html', 'layout.html', $variables); } else { ebsco_render('sign_on.html', 'layout.html', $variables);
} } // upon new launch, eliminate any existing session tokens to prevent bad API calls from old sessions if (isset($_COOKIE['sessionToken'])) { unset($_COOKIE['sessionToken']); } // legacy instructions had labeled the userid/password as custid/password - this allows both if (isset($clean['custom_ebsco_userid'])) { $clean['custom_custid'] = $clean['custom_ebsco_userid']; } if (isset($clean['custom_ebsco_password'])) { $clean['custom_password'] = $clean['custom_ebsco_password']; } $oauth_consumer_key = $clean['oauth_consumer_key']; // this loads in custom settings, such as email, api credentials, logo, etc. $customparams = loadCustomParams($c, $oauth_consumer_key, $clean); // whitelist of accepted parameters $accepted = array('oauth_consumer_key', 'roles', 'context_label', 'context_title', 'lis_person_name_full', 'lis_person_contact_email_primary', 'resource_link_title', 'resource_link_id', 'tool_consumer_instance_guid', 'launch_presentation_return_url'); // transfer variables to session foreach ($clean as $foo => $bar) { if (in_array($foo, $accepted) && !empty($bar)) { $encryptedC = encryptCookie($bar); setcookie($foo, $encryptedC, $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE); } } $sql = 'SELECT * FROM credentials WHERE ' . 'userid = ? AND ' . 'profile = ? AND ' . 'password = ?'; /* Prepare statement */ $stmt = $c->prepare($sql); if ($stmt === false) { trigger_error('Wrong SQL: ' . $sql . ' Error: ' . $conn->errno . ' ' . $conn->error, E_USER_ERROR); }
die("This site requires the use of cookies. Please enable cookies in your web browser."); } else { if (!isset($_COOKIE['oauth_consumer_key'])) { die("It looks like browser security settings may have blocked this content. Please try a different browser, or lower your security settings."); } } $cookieDCd = decryptCookie($_COOKIE['oauth_consumer_key']); $_SESSION['debug'] .= "<p>Cookie dump: "; $accepted = array('oauth_consumer_key', 'roles', 'context_label', 'user_id', 'context_title', 'lis_person_name_full', 'lis_person_contact_email_primary', 'resource_link_title', 'resource_link_id', 'tool_consumer_instance_guid', 'launch_presentation_return_url'); foreach ($_COOKIE as $index => $thecookie) { if (in_array($index, $accepted)) { $_SESSION['debug'] .= "<br />" . $index . ": " . decryptCookie($thecookie); } } $_SESSION['debug'] .= "</p>"; $customparams = loadCustomParams($c, $cookieDCd); $profile = $customparams['profile']; try { $api = new EBSCOAPI($c, $customparams); } catch (Exception $e) { die("It looks like your user id and password for your EDS API profile are incorrect. Please check your settings in the <a href='http://curriculumbuilder.ebscohost.com/admin.php' target='_top'>admin panel</a>.<p style='display:none;'>" . var_export($customparams, TRUE) . "</p>"); } try { $_SESSION['debug'] .= "<p>Using AuthToken " . $api->getAuthToken() . "</p>"; $newSessionToken = $api->apiSessionToken($api->getAuthToken(), $profile, 'n'); } catch (Exception $e) { echo "<div style='display:none;'>" . $_SESSION['debug'] . "</div>"; die("It looks like your profile id for your EDS API profile is incorrect. Please check your settings in the <a href='http://curriculumbuilder.ebscohost.com/admin.php' target='_top'>admin panel</a>.<p style='display:none;'>" . var_export($customparams, TRUE) . "</p><p style='display:none;'>" . $e->getMessage() . "</p>"); } setcookie('sessionToken', encryptCookie($newSessionToken), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE); setcookie('login', encryptCookie($profile), 0, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);