public function url()
{
if (empty($this->startDate) || empty($this->endDate)) {
throw new KurogoConfigurationException('Start or end date cannot be blank');
}
$diff = $this->endTimestamp() - $this->startTimestamp();
if ($diff < 86400 || $diff == 89999) {
// fix for DST
if (count($this->trumbaFilters) > 0) {
$this->setRequiresDateFilter(false);
$this->addFilter('startdate', $this->startDate->format('Ymd'));
$this->addFilter('days', 1);
} else {
$this->setRequiresDateFilter(true);
$this->addFilter('startdate', $this->startDate->format('Ym') . '01');
$this->addFilter('months', 1);
}
} elseif ($diff % 86400 == 0) {
$this->setRequiresDateFilter(false);
$this->addFilter('startdate', $this->startDate->format('Ymd'));
$this->addFilter('days', $diff / 86400);
} else {
Kurogo::log(LOG_WARNING, "Non day integral duration specified {$diff}", 'calendar');
}
return parent::url();
}
protected function retrieveResponse()
{
if (!class_exists('ZipArchive')) {
throw new KurogoException("class ZipArchive (php-zip) not available");
}
$tmpFile = Kurogo::tempFile();
// this is the same as parent
if (!($this->requestURL = $this->url())) {
throw new KurogoDataException("URL could not be determined");
}
$this->requestParameters = $this->parameters();
// the following are private functions in URLDataRetriever
//$this->requestMethod = $this->setContextMethod();
//$this->requestHeaders = $this->setContextHeaders();
//$this->requestData = $this->setContextData();
Kurogo::log(LOG_INFO, "Retrieving {$this->requestURL}", 'url_retriever');
// the creation of $data is different from parent
copy($this->requestURL, $tmpFile);
$zip = new ZipArchive();
$zip->open($tmpFile);
$data = $zip->getFromIndex(0);
unlink($tmpFile);
// this is the same as parent
$http_response_header = isset($http_response_header) ? $http_response_header : array();
$response = $this->initResponse();
$response->setRequest($this->requestMethod, $this->requestURL, $this->requestParameters, $this->requestHeaders, null);
$response->setResponse($data);
$response->setResponseHeaders($http_response_header);
Kurogo::log(LOG_DEBUG, sprintf("Returned status %d and %d bytes", $response->getCode(), strlen($data)), 'url_retriever');
return $response;
}
public function auth($options, &$userArray)
{
if (isset($options['startOver']) && $options['startOver']) {
$this->reset();
}
if (isset($_REQUEST['openid_mode'])) {
if (isset($_REQUEST['openid_identity'])) {
if ($ns = $this->getOpenIDNamespace('http://specs.openid.net/extensions/oauth/1.0', $_REQUEST)) {
if ($request_token = $this->getOpenIDValue('request_token', $ns, $_REQUEST)) {
$this->setToken(OAuthProvider::TOKEN_TYPE_REQUEST, $request_token);
if (!$this->getAccessToken($options)) {
throw new KurogoDataServerException("Error getting OAuth Access token");
}
}
}
$userArray = $_REQUEST;
return AUTH_OK;
} else {
Kurogo::log(LOG_WARNING, "openid_identity not found", 'auth');
return AUTH_FAILED;
}
} else {
//redirect to auth page
$url = $this->getAuthURL($options);
header("Location: " . $url);
exit;
}
}
public function setBoundingBox($xmin, $ymin, $xmax, $ymax)
{
if ($xmax - $xmin > 0 && $ymax - $ymin > 0) {
$this->bbox = array('xmin' => $xmin, 'ymin' => $ymin, 'xmax' => $xmax, 'ymax' => $ymax);
$this->center = array('lat' => ($ymin + $ymax) / 2, 'lon' => ($xmin + $xmax) / 2);
$this->zoomLevel = log(360 / ($xmax - $xmin), 2);
} else {
Kurogo::log(LOG_WARNING, "invalid bounding box {xmin={$xmin}, ymin={$ymin}, xmax={$xmax}, ymax={$ymax}}", "maps");
}
}
public static function factory($parserClass, $args)
{
Kurogo::log(LOG_DEBUG, "Initializing DataParser {$parserClass}", "data");
if (!class_exists($parserClass)) {
throw new KurogoConfigurationException("Parser class {$parserClass} not defined");
}
$parser = new $parserClass();
if (!$parser instanceof DataParser) {
throw new KurogoConfigurationException("{$parserClass} is not a subclass of DataParser");
}
$parser->init($args);
return $parser;
}
/**
* Outputs a 404 error message
*/
function _404()
{
header("HTTP/1.1 404 Not Found");
$url = $_SERVER['REQUEST_URI'];
Kurogo::log(LOG_WARNING, "URL {$url} not found", 'kurogo');
echo <<<html
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL {$url} was not found on this server.</p>
</body></html>
html;
exit;
}
public function searchCampusMap($query)
{
$this->searchResults = array();
foreach ($this->feeds as $id => $feedData) {
$controller = MapDataController::factory($feedData['CONTROLLER_CLASS'], $feedData);
if ($controller->canSearch()) {
try {
$results = $controller->search($query);
$this->resultCount += count($results);
$this->searchResults = array_merge($this->searchResults, $results);
} catch (KurogoDataServerException $e) {
Kurogo::log(LOG_WARNING, 'encountered KurogoDataServerException for feed config: ' . print_r($feedData, true) . $e->getMessage(), 'maps');
}
}
}
return $this->searchResults;
}
public function setContext($bool)
{
if ($this->value == UserContext::CONTEXT_DEFAULT) {
if ($bool && isset($_COOKIE[$this->cookie])) {
$this->clearCookie();
}
return true;
}
if ($bool) {
Kurogo::log(LOG_DEBUG, "Setting CookieContext {$this->cookie} to {$this->value}", 'context');
$this->setCookie();
} elseif (Kurogo::arrayVal($_COOKIE, $this->cookie) == $this->value) {
Kurogo::log(LOG_DEBUG, "Clearing CookieContext {$this->cookie} by {$this->value}", 'context');
$this->clearCookie();
}
return true;
}
private function errorHandler($sql, $errorInfo, $ignoreErrors, $catchErrorCodes)
{
$e = new KurogoDataException(sprintf("Error with %s: %s", $sql, $errorInfo['message']), $errorInfo['code']);
if ($ignoreErrors) {
$this->lastError = KurogoError::errorFromException($e);
return;
}
// prevent the default error handling mechanism
// from triggerring in the rare case of expected
// errors such as unique field violations
if (in_array($errorInfo[0], $catchErrorCodes)) {
return $errorInfo;
}
Kurogo::log(LOG_WARNING, sprintf("%s error with %s: %s", $this->dbType, $sql, $errorInfo['message']), 'db');
if (Kurogo::getSiteVar('DB_DEBUG')) {
throw $e;
}
}
public function __construct($html, $encoding, $pageNumber, $paragraphsPerPage = HTMLPager::PARAGRAPH_LIMIT)
{
$dom = new DOMDocument();
libxml_use_internal_errors(true);
libxml_clear_errors();
// clean up any errors belonging to other operations
$dom->loadHTML(mb_convert_encoding($html, 'HTML-ENTITIES', $encoding));
foreach (libxml_get_errors() as $error) {
Kurogo::log(LOG_WARNING, "HTMLPager got loadHTML warning (line {$error->line}; column {$error->column}) {$error->message}", 'data');
}
libxml_clear_errors();
// free up memory associated with the errors
libxml_use_internal_errors(false);
$body = $dom->getElementsByTagName("body")->item(0);
$currentPage = NULL;
$pages = array();
$currentParagraphCount = 0;
foreach ($body->childNodes as $node) {
if ($currentPage == NULL) {
// need to start a new page
if ($node->nodeName == "#text" && trim($node->nodeValue) == "") {
continue;
// this node is blank so do not start a new page yet
}
$currentPage = new HTMLPage();
$pages[] = $currentPage;
}
$currentPage->addNode($node);
if ($node->nodeName == "p") {
$currentParagraphCount++;
}
if ($currentParagraphCount == $paragraphsPerPage) {
$currentPage = NULL;
$currentParagraphCount = 0;
}
}
$this->pages = $pages;
$this->pageCount = count($pages);
if ($pageNumber >= 0 && $pageNumber < $this->pageCount) {
$this->pageNumber = $pageNumber;
}
}
public function parseData($contents)
{
$data = json_decode($contents, true);
if (!$data) {
Kurogo::log(LOG_WARNING, "Failed to get JSON response from ArcGIS server at {$this->baseURL}", 'maps');
throw new KurogoDataServerException("The map server for this category is temporarily down. Please try again later.");
}
if (isset($data['error'])) {
$error = $data['error'];
$code = $error['code'];
$message = $error['message'];
$details = isset($error['details']) ? json_encode($error['details']) : '';
Kurogo::log(LOG_WARNING, "Error response from ArcGIS server at {$this->baseURL}:\n" . "Code: {$code}\n" . "Message: {$message}\n" . "Details: {$details}\n", 'maps');
throw new KurogoDataServerException("The map server for this category is temporarily down. Please try again later.");
}
$this->serviceDescription = $data['serviceDescription'];
//if (isset($data['supportedImageFormatTypes'])) {
// $this->supportedImageFormats = explode(',', $data['supportedImageFormatTypes']);
//}
$this->units = $data['units'];
$this->mapName = $data['mapName'];
$this->spatialRef = $data['spatialReference']['wkid'];
$this->initialExtent = $data['initialExtent'];
$this->fullExtent = $data['fullExtent'];
// assume these are always the same as the overall spatial ref
unset($this->initialExtent['spatialReference']);
unset($this->fullExtent['spatialReference']);
//$this->singleFusedMapCache = $data['singleFusedMapCache'];
foreach ($data['layers'] as $layerData) {
$id = $layerData['id'];
$name = $layerData['name'];
$this->subLayers[$id] = new ArcGISLayer($id, $name, $this);
}
if (count($this->subLayers) == 1) {
$this->defaultLayerId = current(array_keys($this->subLayers));
}
if (isset($this->defaultLayerId)) {
$this->selectDefaultLayer();
}
$this->isPopulated = true;
return $this->getListItems();
}
private function handleRequest($args)
{
if (isset($args['action'])) {
$currentModules = $this->getModuleCustomizeList();
switch ($args['action']) {
case 'swap':
$currentIDs = array_keys($currentModules);
if (isset($args['module1'], $args['module2']) && in_array($args['module1'], $currentIDs) && in_array($args['module2'], $currentIDs)) {
foreach ($currentIDs as $index => &$id) {
if ($id == $args['module1']) {
$id = $args['module2'];
} else {
if ($id == $args['module2']) {
$id = $args['module1'];
}
}
}
$this->setNavigationModuleOrder($currentIDs);
}
break;
case 'on':
case 'off':
if (isset($args['module'])) {
$disabledModuleIDs = array();
foreach ($currentModules as $id => &$info) {
if ($id == $args['module']) {
$info['disabled'] = $args['action'] != 'on';
}
if ($info['disabled']) {
$disabledModuleIDs[] = $id;
}
}
$this->setNavigationHiddenModules($disabledModuleIDs);
}
break;
default:
Kurogo::log(LOG_WARNING, __FUNCTION__ . "(): Unknown action '{$_REQUEST['action']}'", 'module');
break;
}
}
}
protected static function generateURL($file, $contents, $subdirectory = null)
{
$path = AUTOLOAD_FILE_DIR;
if (!realpath_exists($path)) {
if (!mkdir($path, 0755, true)) {
Kurogo::log(LOG_WARNING, "could not create {$path}", 'data');
return;
}
}
$subPath = $path . "/{$subdirectory}";
if (!realpath_exists($subPath)) {
if (!mkdir($subPath, 0755, true)) {
Kurogo::log(LOG_WARNING, "could not create {$subPath}", 'data');
return;
}
}
if (file_put_contents(self::filePath($file, $subdirectory), $contents)) {
return self::fullURL($file, $subdirectory);
} else {
return false;
}
}
protected function retrieveResponse()
{
if (!class_exists('ZipArchive')) {
throw new KurogoException("class ZipArchive (php-zip) not available");
}
$tmpFile = Kurogo::tempFile();
// this is the same as parent
if (!($this->requestURL = $this->url())) {
throw new KurogoDataException("URL could not be determined");
}
Kurogo::log(LOG_INFO, "Retrieving {$this->requestURL}", 'url_retriever');
// get data from parent request and save to temp file which we will
// unzip and return
$response = parent::retrieveResponse();
file_put_contents($tmpFile, $response->getResponse());
$zip = new ZipArchive();
if (!$zip->open($tmpFile)) {
throw new KurogoDataException("Could not open zip file");
}
$targetFile = $this->targetFile();
if ($targetFile) {
$index = $zip->locateName($targetFile);
} else {
$index = 0;
}
if ($index === false) {
// $zip->locateName failed
throw new KurogoDataException("Could not locate {$this->targetFile} in zip archive");
}
$data = $zip->getFromIndex($index);
unlink($tmpFile);
$zip->close();
$response->setResponse($data);
Kurogo::log(LOG_DEBUG, sprintf("Returned status %d and %d bytes", $response->getCode(), strlen($data)), 'url_retriever');
return $response;
}
protected function retrieveResponse()
{
$this->initRequestIfNeeded();
$method = $this->method();
$parameters = $this->parameters();
$soapClient = $this->getSOAPClient();
$options = array();
if ($this->location) {
$options['location'] = $this->location;
}
if ($this->uri) {
$options['uri'] = $this->uri;
}
if ($this->action) {
$options['soapaction'] = $this->action;
}
$headers = $this->soapHeaders;
Kurogo::log(LOG_DEBUG, sprintf("Calling SOAP Method %s", $method), 'soap');
$response = $this->initResponse();
$response->setStartTime(microtime(true));
try {
$data = $soapClient->__soapCall($method, $parameters, $options, $headers, $outputHeaders);
} catch (SoapFault $fault) {
throw new KurogoDataException($fault->getMessage(), $fault->getCode());
}
$response->setEndTime(microtime(true));
if (!($lastResponseHeaders = $soapClient->__getLastResponseHeaders())) {
$lastResponseHeaders = array();
}
$response = $this->initResponse();
if ($file = $this->saveToFile()) {
$filePath = $this->cache->getFullPath($file);
file_put_contents($filePath, $data);
$data = $filePath;
}
if ($this->authority) {
$response->setContext('authority', $this->authority);
}
$response->setRequest($this->location, $method, $parameters, $this->soapHeaders, $this->soapOptions);
$response->setResponse($data);
return $response;
}
protected function initializeForPage()
{
$nativeApp = (bool) $this->getArg('nativeApp', false);
$this->assign('nativeApp', $nativeApp);
// Default args to pass through forms and urls
$defaultArgs = array();
if ($nativeApp) {
$defaultArgs['nativeApp'] = 1;
}
// If this is a native app, use the native app GA id
if ($nativeApp) {
$this->assign('GOOGLE_ANALYTICS_ID', Kurogo::getOptionalSiteVar('GOOGLE_ANALYTICS_NATIVE_ID'));
}
if (!Kurogo::getSiteVar('AUTHENTICATION_ENABLED')) {
throw new KurogoConfigurationException($this->getLocalizedString("ERROR_AUTHENTICATION_DISABLED"));
}
$session = $this->getSession();
//return URL
$urlArray = $this->extractModuleArray($this->args);
//see if remain logged in is enabled by the administrator, then if the value has been passed (i.e. the user checked the "remember me" box)
$allowRemainLoggedIn = Kurogo::getOptionalSiteVar('AUTHENTICATION_REMAIN_LOGGED_IN_TIME');
if ($allowRemainLoggedIn) {
$remainLoggedIn = $this->getArg('remainLoggedIn', 0);
} else {
$remainLoggedIn = 0;
}
// initialize
$authenticationAuthorities = array('total' => 0, 'direct' => array(), 'indirect' => array(), 'auto' => array());
$invalidAuthorities = array();
// cycle through the defined authorities in the config
foreach (AuthenticationAuthority::getDefinedAuthenticationAuthorities() as $authorityIndex => $authorityData) {
// USER_LOGIN property determines whether the authority is used for logins (or just groups or oauth)
$USER_LOGIN = $this->argVal($authorityData, 'USER_LOGIN', 'NONE');
// trap the exception if the authority is invalid (usually due to misconfiguration)
try {
$authority = AuthenticationAuthority::getAuthenticationAuthority($authorityIndex);
$authorityData['listclass'] = $authority->getAuthorityClass();
$authorityData['title'] = $authorityData['TITLE'];
$authorityData['url'] = $this->buildURL('login', array_merge($urlArray, array('authority' => $authorityIndex, 'remainLoggedIn' => $remainLoggedIn, 'startOver' => 1)));
if ($USER_LOGIN == 'FORM') {
$authenticationAuthorities['direct'][$authorityIndex] = $authorityData;
$authenticationAuthorities['total']++;
} elseif ($USER_LOGIN == 'LINK') {
$authenticationAuthorities['indirect'][$authorityIndex] = $authorityData;
$authenticationAuthorities['total']++;
} elseif ($USER_LOGIN == 'AUTO') {
$authenticationAuthorities['auto'][$authorityIndex] = $authorityData;
$authenticationAuthorities['total']++;
}
} catch (KurogoConfigurationException $e) {
Kurogo::log(LOG_WARNING, "Invalid authority data for %s: %s", $authorityIndex, $e->getMessage(), 'auth');
$invalidAuthorities[$authorityIndex] = $e->getMessage();
}
}
//see if we have any valid authorities
if ($authenticationAuthorities['total'] == 0) {
$message = $this->getLocalizedString("ERROR_NO_AUTHORITIES");
if (count($invalidAuthorities) > 0) {
$message .= sprintf(" %s invalid authorit%s found:\n", count($invalidAuthorities), count($invalidAuthorities) > 1 ? 'ies' : 'y');
foreach ($invalidAuthorities as $authorityIndex => $invalidAuthority) {
$message .= sprintf("%s: %s\n", $authorityIndex, $invalidAuthority);
}
}
//we don't
throw new KurogoConfigurationException($message);
}
//assign template variables
$this->assign('authenticationAuthorities', $authenticationAuthorities);
$this->assign('allowRemainLoggedIn', $allowRemainLoggedIn);
if ($forgetPasswordURL = $this->getOptionalModuleVar('FORGET_PASSWORD_URL')) {
$this->assign('FORGET_PASSWORD_URL', $this->buildBreadcrumbURL('forgotpassword', array()));
$this->assign('FORGET_PASSWORD_TEXT', $this->getOptionalModuleVar('FORGET_PASSWORD_TEXT', $this->getLocalizedString('FORGET_PASSWORD_TEXT')));
}
$multipleAuthorities = count($authenticationAuthorities['direct']) + count($authenticationAuthorities['indirect']) > 1;
switch ($this->page) {
case 'logoutConfirm':
//this page is presented when a specific authority is chosen and the user is presented the option to actually log out.
$authorityIndex = $this->getArg('authority');
if (!$this->isLoggedIn($authorityIndex)) {
// they aren't logged in
$this->redirectTo('index', $defaultArgs);
} elseif ($user = $this->getUser($authorityIndex)) {
$authority = $user->getAuthenticationAuthority();
$this->assign('message', $this->getLocalizedString('LOGIN_SIGNED_IN_SINGLE', Kurogo::getSiteString('SITE_NAME'), $authority->getAuthorityTitle(), $user->getFullName()));
$this->assign('url', $this->buildURL('logout', array('authority' => $authorityIndex)));
$this->assign('linkText', $this->getLocalizedString('SIGN_OUT'));
$this->setTemplatePage('message');
} else {
//This honestly should never happen
$this->redirectTo('index', $defaultArgs);
}
break;
case 'logout':
$authorityIndex = $this->getArg('authority');
//hard logouts attempt to logout of the indirect service provider (must be implemented by the authority)
$hard = $this->getArg('hard', false);
if (!$this->isLoggedIn($authorityIndex)) {
//not logged in
$this->redirectTo('index', $defaultArgs);
} elseif ($authority = AuthenticationAuthority::getAuthenticationAuthority($authorityIndex)) {
$user = $this->getUser($authority);
//log them out
$result = $session->logout($authority, $hard);
} else {
//This honestly should never happen
$this->redirectTo('index', $defaultArgs);
}
if ($result) {
$this->setLogData($user, $user->getFullName());
$this->logView();
//if they are still logged in return to the login page, otherwise go home.
if ($this->isLoggedIn()) {
$this->redirectTo('index', array_merge(array('logout' => $authorityIndex), $defaultArgs));
} else {
$this->redirectToModule($this->getHomeModuleID(), '', array('logout' => $authorityIndex));
}
} else {
//there was an error logging out
$this->setTemplatePage('message');
$this->assign('message', $this->getLocalizedString("ERROR_SIGN_OUT"));
}
break;
case 'forgotpassword':
//redirect to forgot password url
if ($forgetPasswordURL = $this->getOptionalModuleVar('FORGET_PASSWORD_URL')) {
Kurogo::redirectToURL($forgetPasswordURL);
} else {
$this->redirectTo('index', $defaultArgs);
}
break;
case 'login':
//get arguments
$login = $this->argVal($_POST, 'loginUser', '');
$password = $this->argVal($_POST, 'loginPassword', '');
$options = array_merge($urlArray, array('remainLoggedIn' => $remainLoggedIn), $defaultArgs);
$session = $this->getSession();
$session->setRemainLoggedIn($remainLoggedIn);
$authorityIndex = $this->getArg('authority', '');
if (!($authorityData = AuthenticationAuthority::getAuthenticationAuthorityData($authorityIndex))) {
//invalid authority
$this->redirectTo('index', $options);
}
if ($this->isLoggedIn($authorityIndex)) {
//we're already logged in
$this->redirectTo('index', $options);
}
$this->assign('authority', $authorityIndex);
$this->assign('remainLoggedIn', $remainLoggedIn);
$this->assign('authorityTitle', $authorityData['TITLE']);
//if they haven't submitted the form and it's a direct login show the form
if ($authorityData['USER_LOGIN'] == 'FORM' && empty($login)) {
if (!($loginMessage = $this->getOptionalModuleVar('LOGIN_DIRECT_MESSAGE'))) {
$loginMessage = $this->getLocalizedString('LOGIN_DIRECT_MESSAGE', Kurogo::getSiteString('SITE_NAME'));
}
$this->assign('LOGIN_DIRECT_MESSAGE', $loginMessage);
$this->assign('urlArray', array_merge($urlArray, $defaultArgs));
break;
} elseif ($authority = AuthenticationAuthority::getAuthenticationAuthority($authorityIndex)) {
//indirect logins handling the login process themselves. Send a return url so the indirect authority can come back here
if ($authorityData['USER_LOGIN'] == 'LINK') {
$options['return_url'] = FULL_URL_BASE . $this->configModule . '/login?' . http_build_query(array_merge($options, array('authority' => $authorityIndex)));
}
$options['startOver'] = $this->getArg('startOver', 0);
$result = $authority->login($login, $password, $session, $options);
} else {
$this->redirectTo('index', $options);
}
switch ($result) {
case AUTH_OK:
$user = $this->getUser($authority);
$this->setLogData($user, $user->getFullName());
$this->logView();
if ($urlArray) {
self::redirectToArray(array_merge($urlArray, $defaultArgs));
} else {
$this->redirectToModule($this->getHomeModuleID(), '', array('login' => $authorityIndex));
}
break;
case AUTH_OAUTH_VERIFY:
// authorities that require a manual oauth verification key
$this->assign('verifierKey', $authority->getVerifierKey());
$this->setTemplatePage('oauth_verify.tpl');
break 2;
default:
//there was a problem.
if ($authorityData['USER_LOGIN'] == 'FORM') {
$this->assign('message', $this->getLocalizedString('ERROR_LOGIN_DIRECT'));
break 2;
} else {
$this->redirectTo('index', array_merge(array('messagekey' => 'ERROR_LOGIN_INDIRECT'), $options, $defaultArgs));
}
}
case 'index':
//sometimes messages are passed. This probably has some
if ($messagekey = $this->getArg('messagekey')) {
$this->assign('messagekey', $this->getLocalizedString($messagekey));
try {
$message = $this->getLocalizedString($messagekey);
$this->assign('message', $message);
} catch (KurogoException $e) {
}
}
if ($this->isLoggedIn()) {
//if the url is set then redirect
if ($urlArray) {
self::redirectToArray(array_merge($urlArray, $defaultArgs));
}
//if there is only 1 authority then redirect to logout confirm
if (!$multipleAuthorities) {
$user = $this->getUser();
$this->redirectTo('logoutConfirm', array_merge(array('authority' => $user->getAuthenticationAuthorityIndex()), $defaultArgs));
}
//more than 1 authority. There could be 1 or more actual logged in users
$sessionUsers = $session->getUsers();
$users = array();
//cycle through the logged in users to build a list
foreach ($sessionUsers as $authorityIndex => $user) {
$authority = $user->getAuthenticationAuthority();
$users[] = array('class' => $authority->getAuthorityClass(), 'title' => count($sessionUsers) > 1 ? $this->getLocalizedString("SIGN_OUT_AUTHORITY", array($authority->getAuthorityTitle(), $user->getFullName())) : $this->getLocalizedString('SIGN_OUT'), 'subtitle' => count($sessionUsers) > 1 ? $this->getLocalizedString('SIGN_OUT') : '', 'url' => $this->buildBreadcrumbURL('logout', array('authority' => $authorityIndex), false));
//remove the authority from the list of available authorities (since they are logged in)
if (isset($authenticationAuthorities['direct'][$authorityIndex])) {
unset($authenticationAuthorities['direct'][$authorityIndex]);
}
if (isset($authenticationAuthorities['indirect'][$authorityIndex])) {
unset($authenticationAuthorities['indirect'][$authorityIndex]);
}
}
$this->assign('users', $users);
// navlist of users
$this->assign('authenticationAuthorities', $authenticationAuthorities);
//list of authorities not logged in
$this->assign('moreAuthorities', count($authenticationAuthorities['direct']) + count($authenticationAuthorities['indirect']));
//see if there are any left
if (count($sessionUsers) == 1) {
//there's only on logged in user
$user = current($sessionUsers);
$authority = $user->getAuthenticationAuthority();
$this->assign('LOGIN_SIGNED_IN_MESSAGE', $this->getLocalizedString('LOGIN_SIGNED_IN_SINGLE', Kurogo::getSiteString('SITE_NAME'), $authority->getAuthorityTitle(), $user->getFullName()));
} else {
//there are multiple logged in users
$this->assign('LOGIN_SIGNED_IN_MESSAGE', $this->getLocalizedString('LOGIN_SIGNED_IN_MULTIPLE', array(Kurogo::getSiteString('SITE_NAME'))));
}
//use loggedin.tpl
$this->setTemplatePage('loggedin');
} else {
// not logged in
// if there is only 1 direct authority then redirect to the login page for that authority
if (!$multipleAuthorities && count($authenticationAuthorities['direct'])) {
$this->redirectTo('login', array_merge($urlArray, array('authority' => key($authenticationAuthorities['direct'])), $defaultArgs));
}
// if there is only 1 auto authority then redirect to the login page for that authority
if (!$multipleAuthorities && count($authenticationAuthorities['auto']) && !$messagekey) {
$this->redirectTo('login', array_merge($urlArray, array('authority' => key($authenticationAuthorities['auto'])), $defaultArgs));
}
// do we have any indirect authorities?
if (count($authenticationAuthorities['indirect'])) {
if (!($indirectMessage = $this->getOptionalModuleVar('LOGIN_INDIRECT_MESSAGE'))) {
$indirectMessage = $this->getLocalizedString('LOGIN_INDIRECT_MESSAGE', Kurogo::getSiteString('SITE_NAME'));
}
$this->assign('LOGIN_INDIRECT_MESSAGE', $indirectMessage);
}
// the site can create their own message at the top, or it will use the default message
if (!($loginMessage = $this->getOptionalModuleVar('LOGIN_INDEX_MESSAGE'))) {
if ($multipleAuthorities) {
$loginMessage = $this->getLocalizedString('LOGIN_INDEX_MESSAGE_MULTIPLE', Kurogo::getSiteString('SITE_NAME'));
} else {
$loginMessage = $this->getLocalizedString('LOGIN_INDEX_MESSAGE_SINGLE', Kurogo::getSiteString('SITE_NAME'));
}
}
$this->assign('LOGIN_INDEX_MESSAGE', $loginMessage);
}
break;
}
}
public function getGroup($group)
{
// don't try if it's empty
if (empty($group)) {
return false;
}
$ldap = $this->connectToServer();
if (!$ldap) {
return false;
}
/*
some servers don't permit anonymous searches so we need to bind as a valid user
Note: it does not, and should not be an account with administrative privilages.
Usually a regular service account will suffice
*/
if (!$this->bindAdmin()) {
return false;
}
if (!$this->getField('groupname')) {
throw new KurogoConfigurationException('LDAP group name field not specified');
}
if (!$this->getField('members')) {
throw new KurogoConfigurationException('LDAP group members field not specified');
}
$searchStr = array(sprintf('(%s=%s)', $this->getField('groupname'), $this->ldapEscape($group)));
$searchStr = count($searchStr) > 1 ? "(|" . implode("", $searchStr) . ")" : implode("", $searchStr);
$search = @ldap_search($ldap, $this->ldapSearchBase('group'), $searchStr);
if ($search) {
$result = @ldap_get_entries($ldap, $search);
// see if we got a result back
if ($result['count'] > 0) {
$entry = $result[0];
$group = new $this->groupClass($this);
$group->setDN($entry['dn']);
// single value attributes expect a maximum of one value
$singleValueAttributes = $group->singleValueAttributes();
for ($i = 0; $i < $entry['count']; $i++) {
$attrib = $entry[$i];
if (in_array($attrib, $singleValueAttributes)) {
$value = $entry[$attrib][0];
} else {
$value = $entry[$attrib];
unset($value['count']);
}
$group->setAttribute($attrib, $value);
}
return $group;
} else {
return false;
}
} else {
Kurogo::log(LOG_WARNING, "Error searching LDAP Server {$this->ldapServer} for group={$group}: " . ldap_error($ldap), 'auth');
return false;
}
}
public function initializeForCommand()
{
$this->requiresAdmin();
switch ($this->command) {
case 'checkversion':
$current = Kurogo::sharedInstance()->checkCurrentVersion();
Kurogo::log(LOG_INFO, sprintf("Checking version. This site: %s Current Kurogo Version: %s", $current, KUROGO_VERSION), 'admin');
$uptodate = version_compare(KUROGO_VERSION, $current, ">=");
$messageKey = $uptodate ? 'KUROGO_VERSION_MESSAGE_UPTODATE' : 'KUROGO_VERSION_MESSAGE_NOTUPDATED';
$data = array('current' => $current, 'local' => KUROGO_VERSION, 'uptodate' => $uptodate, 'message' => $this->getLocalizedString($messageKey, $current, KUROGO_VERSION));
$this->setResponse($data);
$this->setResponseVersion(1);
break;
case 'getlocalizedstring':
$key = $this->getArg('key');
$data = array();
if (is_array($key)) {
foreach ($key as $k) {
$data[$k] = $this->getLocalizedString($k);
}
} else {
$data[$key] = $this->getLocalizedString($key);
}
$this->setResponse($data);
$this->setResponseVersion(1);
break;
case 'clearcaches':
Kurogo::log(LOG_NOTICE, "Clearing Site Caches", 'admin');
$result = Kurogo::sharedInstance()->clearCaches();
if ($result === 0) {
$this->setResponse(true);
$this->setResponseVersion(1);
} else {
$this->throwError(new KurogoError(1, "Error clearing caches", "There was an error ({$result}) clearing the caches"));
}
break;
case 'upload':
$type = $this->getArg('type');
$section = $this->getArg('section', '');
$subsection = null;
switch ($type) {
case 'module':
$moduleID = $this->getArg('module', '');
$module = WebModule::factory($moduleID);
$type = $module;
break;
case 'site':
break;
default:
throw new KurogoConfigurationException("Invalid type {$type}");
}
if (count($_FILES) == 0) {
throw new KurogoException("No files uploaded");
}
foreach ($_FILES as $key => $uploadData) {
$this->uploadFile($type, $section, $subsection, $key, $uploadData);
}
$this->setResponseVersion(1);
$this->setResponse(true);
break;
case 'getconfigsections':
$type = $this->getArg('type');
switch ($type) {
case 'module':
$moduleID = $this->getArg('module', '');
$module = WebModule::factory($moduleID);
$sections = $module->getModuleAdminSections();
break;
case 'site':
throw new KurogoConfigurationException("getconfigsections for site not handled yet");
}
$this->setResponse($sections);
$this->setResponseVersion(1);
break;
case 'getconfigdata':
$type = $this->getArg('type');
$section = $this->getArg('section', '');
switch ($type) {
case 'module':
$moduleID = $this->getArg('module', '');
$module = WebModule::factory($moduleID);
$adminData = $this->getAdminData($module, $section);
break;
case 'site':
$adminData = $this->getAdminData('site', $section);
break;
}
$this->setResponse($adminData);
$this->setResponseVersion(1);
break;
case 'setconfigdata':
$type = $this->getArg('type');
$data = $this->getArg('data', array());
$section = $this->getArg('section', '');
$subsection = null;
if (empty($data)) {
$data = array();
} elseif (!is_array($data)) {
throw new KurogoConfigurationException("Invalid data for {$type} {$section}");
}
switch ($type) {
case 'module':
if ($section == 'overview') {
foreach ($data as $moduleID => $props) {
$module = WebModule::factory($moduleID);
if (!is_array($props)) {
throw new KurogoConfigurationException("Invalid properties for {$type} {$section}");
}
$valid_props = array('protected', 'secure', 'disabled', 'search');
foreach ($props as $key => $value) {
if (!in_array($key, $valid_props)) {
throw new KurogoConfigurationException("Invalid property {$key} for module {$module}");
}
$this->setConfigVar($module, 'general', $subsection, $key, $value);
}
}
foreach ($this->changedConfigs as $config) {
$config->saveFile();
}
$this->setResponse(true);
$this->setResponseVersion(1);
break 2;
} else {
$moduleID = $this->getArg('module', '');
$module = WebModule::factory($moduleID);
$type = $module;
}
break;
case 'site':
break;
default:
throw new KurogoConfigurationException("Invalid type {$type}");
}
foreach ($data as $section => $fields) {
$adminData = $this->getAdminData($type, $section);
if ($adminData['sectiontype'] == 'sections') {
$subsection = key($fields);
$fields = current($fields);
$adminData = $this->getAdminData($type, $section, $subsection);
}
$fields = is_array($fields) ? $fields : array();
foreach ($fields as $key => $value) {
if ($adminData['sectiontype'] == 'section' && isset($adminData['sectionclearvalues']) && $adminData['sectionclearvalues']) {
if ($config = $this->getAdminConfig($type, $adminData['config'], ConfigFile::OPTION_DO_NOT_CREATE)) {
$config->removeSection($key);
}
}
// ignore prefix values. We'll put it back together later
if (preg_match("/^(.*?)_prefix\$/", $key, $bits)) {
continue;
}
$prefix = isset($fields[$key . '_prefix']) ? $fields[$key . '_prefix'] : '';
if ($prefix && defined($prefix)) {
$value = constant($prefix) . '/' . $value;
}
$this->setConfigVar($type, $section, $subsection, $key, $value);
}
}
if ($sectionorder = $this->getArg('sectionorder')) {
foreach ($sectionorder as $section => $order) {
$this->setSectionOrder($type, $section, $subsection, $order);
}
}
foreach ($this->changedConfigs as $config) {
$config->saveFile();
}
$this->setResponse(true);
$this->setResponseVersion(1);
break;
case 'removeconfigsection':
$type = $this->getArg('type');
$section = $this->getArg('section', '');
$key = $this->getArg('key', null);
switch ($type) {
case 'site':
$subsection = $this->getArg('subsection', null);
$sectionData = $this->getAdminData($type, $section, $subsection);
$config = ConfigFile::factory($sectionData['config'], 'site');
break;
case 'module':
$moduleID = $this->getArg('module', '');
$module = WebModule::factory($moduleID);
$sectionData = $this->getAdminData($module, $section);
$config = $module->getConfig($sectionData['config']);
break;
default:
throw new KurogoConfigurationException("Invalid type {$type}");
}
if (!isset($sectionData['sections']) || (!isset($sectionData['sectiondelete']) || !$sectionData['sectiondelete'])) {
throw new KurogoConfigurationException("Config '{$section}' of module '{$moduleID}' does not permit removal of items");
}
if (!isset($sectionData['sections'][$key])) {
throw new KurogoConfigurationException("Section {$key} not found in config '{$section}' of module '{$moduleID}'");
}
Kurogo::log(LOG_NOTICE, "Removing section {$section} from " . $this->getTypeStr($type) . " {$subsection}", 'admin');
if (!($result = $config->removeSection($key))) {
throw new KurogoException("Error removing item {$key} from config '" . $sectionData['config'] . "'");
} else {
$config->saveFile();
}
$this->setResponse(true);
$this->setResponseVersion(1);
break;
case 'setmodulelayout':
Kurogo::log(LOG_NOTICE, "Updating module layout", 'admin');
$data = $this->getArg('data', array());
$config = ModuleConfigFile::factory('home', 'module');
if (!isset($data['primary_modules'])) {
$data['primary_modules'] = array();
}
$config->setSection('primary_modules', $data['primary_modules']);
if (!isset($data['secondary_modules'])) {
$data['secondary_modules'] = array();
}
$config->setSection('secondary_modules', $data['secondary_modules']);
$config->saveFile();
$this->setResponse(true);
$this->setResponseVersion(1);
break;
default:
$this->invalidCommand();
break;
}
}
public function __doRequest($request, $location, $action, $version, $one_way = 0)
{
//use curl if there is auth
if ($this->auth) {
$headers = array('Content-Type: text/xml; charset=' . Kurogo::getCharset());
$ch = curl_init($location);
if (!$this->ssl_verify) {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
}
curl_setopt($ch, CURLOPT_HTTPAUTH, $this->auth);
curl_setopt($ch, CURLOPT_USERPWD, $this->cred);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $request);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$result = curl_exec($ch);
Kurogo::log(LOG_WARNING, "SOAP result: {$result}, {$location}", 'soap');
return $result;
} else {
return parent::__doRequest($request, $location, $action, $version, $one_way);
}
}
/**
* Public factory method. This is the designated way to instantiated data controllers. Takes a string
* for the classname to load and an array of arguments. Subclasses should generally not override this
* method, but instead override init() to provide initialization behavior
* @param string $controllerClass the classname to instantiate
* @param array $args an associative array of arguments that get passed to init()
* @return DataController a data controller object
*/
public static function factory($controllerClass, $args = array())
{
$args = is_array($args) ? $args : array();
Kurogo::log(LOG_DEBUG, "Initializing DataModel {$controllerClass}", "data");
if (!class_exists($controllerClass)) {
throw new KurogoConfigurationException("DataModel class {$controllerClass} not defined");
}
$controller = new $controllerClass();
if (!$controller instanceof DataModel) {
throw new KurogoConfigurationException("{$controllerClass} is not a subclass of DataModel");
}
$controller->setDebugMode(Kurogo::getSiteVar('DATA_DEBUG'));
//get global options from the site data_controller section
$args = array_merge(Kurogo::getOptionalSiteSection('data_controller'), $args);
$controller->init($args);
return $controller;
}
public static function factory($retrieverClass, $args)
{
Kurogo::log(LOG_DEBUG, "Initializing DataRetriever {$retrieverClass}", "data");
if (!class_exists($retrieverClass)) {
throw new KurogoConfigurationException("Retriever class {$retrieverClass} not defined");
}
$retriever = new $retrieverClass();
if (!$retriever instanceof DataRetriever) {
throw new KurogoConfigurationException(get_class($retriever) . " is not a subclass of DataRetriever");
}
$retriever->setDebugMode(Kurogo::getSiteVar('DATA_DEBUG'));
$retriever->init($args);
return $retriever;
}
/**
* Retrieves the data using the given url. The default implementation uses the file_get_content()
* function to retrieve the request. Subclasses would need to implement this if a simple GET request
* is not sufficient (i.e. you need POST or custom headers).
* @param string the url to retrieve
* @return string the response from the server
* @TODO support POST requests and custom headers and perhaps proxy requests
*/
protected function retrieveData($url)
{
Kurogo::log(LOG_INFO, "Retrieving {$url}", 'data');
$data = file_get_contents($url, false, $this->streamContext);
$http_response_header = isset($http_response_header) ? $http_response_header : array();
$this->response = DataResponse::factory('HTTPDataResponse', array());
$this->response->setRequest($this->method, $url, $this->filters, $this->requestHeaders);
$this->response->setResponse($data);
$this->response->setResponseHeaders($http_response_header);
Kurogo::log(LOG_DEBUG, sprintf("Returned status %d and %d bytes", $this->getResponseCode(), strlen($data)), 'data');
return $data;
}
public function parseData($data)
{
$data = json_decode($data, true);
if (isset($data['data']['kind']['calendar#calendarFeed'])) {
return $this->parseCalendarFeeds($data);
} elseif (isset($data['feed']['entry'])) {
return $this->parseResourceFeeds($data);
}
Kurogo::log(LOG_WARNING, 'Unknown data found', 'data');
return array();
}
function exceptionHandlerForAPI(Exception $exception)
{
$bt = $exception->getTrace();
array_unshift($bt, array('line' => $exception->getLine(), 'file' => $exception->getFile()));
Kurogo::log(LOG_ALERT, "A " . get_class($exception) . " has occured: " . $exception->getMessage(), "exception", $bt);
$error = KurogoError::errorFromException($exception);
$response = new APIResponse();
$response->setVersion(0);
$response->setError($error);
$response->display();
exit;
}
protected function retrieveResponse()
{
if ($this->requiresToken && !$this->token) {
$response = $this->initResponse();
return $response;
}
$startTime = microtime(true);
$headers = $this->headers(true);
$response = parent::retrieveResponse();
//if there is a location header we need to re-sign before redirecting
if ($redirectURL = $response->getHeader("Location")) {
Kurogo::log(LOG_WARNING, "Found Location Header", 'oauth');
$redirectParts = parse_url($redirectURL);
//if the redirect does not include the host or scheme, use the scheme/host from the original URL
if (!isset($redirectParts['scheme']) || !isset($redirectParts['host'])) {
$urlParts = parse_url($url);
unset($urlParts['path']);
unset($urlParts['query']);
$redirectURL = $this->buildURL($urlParts) . $redirectURL;
}
$this->setBaseURL($this->canonicalURL($redirectURL));
$parameters = $this->parameters();
if (isset($redirectParts['query'])) {
$parameters = array_merge($parameters, $this->parseQueryString($redirectParts['query']));
}
$this->setParameters($parameters);
//reset headers
$this->setHeaders($headers);
Kurogo::log(LOG_DEBUG, "Redirecting to {$this->baseURL}", 'oauth');
$response = $this->retrieveResponse();
}
//reset the start time to include the whole process
$response->setStartTime($startTime);
return $response;
}
/**
* attempts to see if a valid login cookie is present.
*/
private function getLoginCookie()
{
$token = '';
$hash = '';
if (isset($_COOKIE[self::TOKEN_COOKIE], $_COOKIE[self::USERHASH_COOKIE])) {
$token = $_COOKIE[self::TOKEN_COOKIE];
$hash = $_COOKIE[self::USERHASH_COOKIE];
} elseif (isset($_COOKIE[self::API_TOKEN_COOKIE], $_COOKIE[self::API_USERHASH_COOKIE])) {
$token = $_COOKIE[self::API_TOKEN_COOKIE];
$hash = $_COOKIE[self::API_USERHASH_COOKIE];
}
// a token exists
if ($token) {
//get the token data
if ($data = $this->getLoginTokenData($token)) {
$this->login_token = $token;
$users = array();
//validate the hash
if ($this->getUserHash($data['data']) == $hash) {
foreach ($data['data'] as $userData) {
// attempt to get the user
if ($authority = AuthenticationAuthority::getAuthenticationAuthority($userData['auth'])) {
if ($user = $authority->getUser($userData['userID'])) {
$user->setSessionData($userData['data']);
$users[] = $user;
} else {
Kurogo::log(LOG_WARNING, "Unable to load user " . $userData['userID'] . " for " . $userData['auth'], 'session');
}
} else {
Kurogo::log(LOG_WARNING, "Unable to load authority " . $userData['auth'], 'session');
}
}
if (count($users) > 0) {
return $users;
}
}
}
// something did not match so clean up
$this->clearLoginToken();
}
return false;
}
public function saveFile()
{
if (!is_writable($this->filepath)) {
throw new KurogoConfigurationException("Cannot save config file: {$this->filepath} Check permissions");
} elseif ($this->localFile) {
throw new KurogoConfigurationException("Safety net. File will not be saved because it was loaded and has local overrides. The code is probably wrong");
}
$string = array();
foreach ($this->sectionVars as $section => $sectionData) {
if (is_array($sectionData)) {
if (count($string) > 0) {
$string[] = '';
}
if (isset($sectionData[0])) {
foreach ($sectionData as $value) {
$string[] = sprintf("%s[] = %s", $section, $this->saveValue($value));
}
$sectionData = array();
} elseif ($section !== 'No Section') {
$string[] = sprintf("[%s]", $section);
}
foreach ($sectionData as $var => $value) {
if (is_scalar($value)) {
$string[] = sprintf('%s = %s', $var, $this->saveValue($value));
} elseif (isset($value[0])) {
foreach ($value as $_value) {
$string[] = sprintf("%s[] = %s", $var, $this->saveValue($_value));
}
} else {
Kurogo::log(LOG_WARNING, "Error parsing non scalar value for {$var} in " . $this->filepath, 'config');
}
}
} else {
$string[] = sprintf('%s = %s', $section, $this->saveValue($sectionData));
}
}
file_put_contents($this->filepath, implode(PHP_EOL, $string));
return true;
}
protected function getMergedConfigData($feedId = null)
{
if ($this->getArg('worldmap')) {
return array();
}
// allow individual feeds to override values in the feed group
if ($this->feedGroup === null) {
// putting this to see if/when this happens
throw new Exception("feed group not set");
Kurogo::log(LOG_WARNING, "Warning: feed group not set when initializing image controller, using first group", 'maps');
$this->feedGroup = key($this->feedGroups);
}
$configData = $this->getDataForGroup($this->feedGroup);
// allow individual feeds to override group value
$feedData = $this->getCurrentFeed($feedId);
if ($feedData) {
foreach ($feedData as $key => $value) {
$configData[$key] = $value;
}
}
return $configData;
}
public function read($filename = NULL)
{
$path = $this->getFullPath($filename);
if (file_exists($path)) {
if ($contents = file_get_contents($path)) {
Kurogo::log(LOG_DEBUG, "Reading cache {$path}", 'cache');
if ($this->serialize) {
return unserialize($contents);
} else {
return $contents;
}
}
$this->error = "could not get contents of {$path}";
Kurogo::log(LOG_WARNING, $this->error, 'data');
}
return FALSE;
}
function minifyThemeVarReplace($matches)
{
$themeVars = minifyGetThemeVars();
if (isset($themeVars, $themeVars[$matches[1]])) {
return $themeVars[$matches[1]];
} else {
Kurogo::log(LOG_WARNING, "theme variable '{$matches[1]}' not set", 'minify');
return $matches[0];
// variable not set, do nothing
}
}
