function getConnexionBar()
{
if (CASUser::checkAuth()) {
$service = SITE_CAS_CONNEXIONBAR_URL;
phpCAS::serviceWeb($service, $err_code, $output);
$xml = simplexml_load_string($output);
$result = $xml->xpath('/reportoutput/reportdata');
return html_entity_decode($result[0]->asXML());
} else {
return "";
}
}
function getConnexionBar()
{
if (CASUser::checkAuth()) {
$service = SITE_CAS_CONNEXIONBAR_URL;
phpCAS::serviceWeb($service, $err_code, $output);
$xml = simplexml_load_string($output);
$result = $xml->xpath('/reportoutput/reportdata');
return str_replace("https://signin.mygcx.org/cas/logout", "https://intranet.campusforchrist.org/index.php?p_Mod=Logout", html_entity_decode($result[0]->asXML()));
} else {
return "";
}
}
/**
* function start
* Takes control of the application and displays the page.
* <pre><code>
* Begin Output Buffering (? or keep in includes file)
* create a new viewer
* get requested PageContent Module Name
* if none provided then set default to PAGE_MODULE_DEFAULT
* if viewer is NOT authenticated then
* Store requested PageContent Module & QueryString info
* set current PageContent Module to Login
* end if
*
* Load Module particulars from DB
* Create new instance of desired PageContent Module
* Setup any desired Module Parameters
* Load PageContent information
* Path to PageContent Module Root
* CSS Styles
* Javascripts
* Database Object
* Labels Object
* Viewer Object
* Call PageContent LoadData()
* Call PageContent ProcessData()
* Call PageContent PrepareDisplay()
* Get Page Content XML
* Open up Template
* Set PageContent information
* Get Template HTML
* display HTML
* flush Output Buffer
* </code></pre>
* @return [void]
*/
function start($validate = true)
{
// Begin Output Buffering (? or keep in includes file)
ob_start();
/*
* Setup Site DB.
*/
// Create a new DB connection
$this->db = new Database_Site(SITE_DB_NAME, SITE_DB_PATH, SITE_DB_USER, SITE_DB_PWORD);
/*
* Setup viewer information.
*/
// create a new viewer
$this->viewer = new Viewer();
// if there was a Language Change requested on current page:
if (isset($_REQUEST[Page::QS_LANGUAGE]) == true) {
// store this in the user's session
$_SESSION[Page::QS_LANGUAGE] = $_REQUEST[Page::QS_LANGUAGE];
}
// if there is a current Language setting in the stored session info
if (isset($_SESSION[Page::QS_LANGUAGE])) {
// update viewer's desired language ID to given value.
$this->viewer->setLanguageID($_SESSION[Page::QS_LANGUAGE]);
}
/*
* Setup Site Label data.
*/
// Create a new Label object
$this->labels = new XMLObject_MultilingualManager($this->viewer->getLanguageID());
/*
* Decide on which AppController Object to Load
*/
// get requested AppController Module Name
// if none provided then set default to PAGE_MODULE_DEFAULT
if (isset($_REQUEST[Page::QS_MODULE]) == true) {
$this->moduleKey = $_REQUEST[Page::QS_MODULE];
} else {
$this->moduleKey = PAGE_MODULE_DEFAULT;
}
if ($validate == true) {
// if viewer is NOT authenticated then
if (!$this->viewer->isAuthenticated()) {
// if the requested page wasn't PAGE_MODULE_LOGIN then
if ($this->moduleKey != PAGE_MODULE_LOGIN) {
// Store requested PageContent Module & QueryString info in Session CallBack
// NOTE: I use SERVER_ADDR + SCRIPT_URL instead of SCRIPT_URI
// since mac web servers tend to use rendezvous names which
// means nothing on Windows systems ...
$baseCallBack = $this->getBaseURL() . '?' . $_SERVER['QUERY_STRING'];
$_SESSION[SESSION_ID_CALLBACK] = $baseCallBack;
$this->debug('Viewer NOT Authenticated.<br>Storing baseCallBack=[' . $baseCallBack . ']<br>');
// set current PageContent Module to Login
$this->moduleKey = PAGE_MODULE_LOGIN;
}
// end if moduleKey != PAGE_MODULE_LOGIN
}
// end if
}
$this->debug('moduleKey=[' . $this->moduleKey . ']<br>');
// Load Module particulars from DB
$this->moduleManager = new RowManager_siteModuleManager();
$this->moduleManager->loadByKey($this->moduleKey);
if (!$this->moduleManager->isLoaded()) {
// Couldn't find requested ModuleKey so load Default
$this->moduleManager->loadByKey(PAGE_MODULE_DEFAULT);
}
/*
* Create new instance of desired Module's AppController Object
*
* Note: the AppController is generating the Content for the page.
* it will be referred to as the pageContent variable.
*/
// 1) Get path and name of Module's include file
$path = $this->moduleManager->getPath();
$includeFile = $this->moduleManager->getIncludeFile();
// 2) include the Module's Include file ( if it exists )
$this->debug('moduleIncludeFile=[' . $path . $includeFile . ']<br>');
if (file_exists($path . $includeFile)) {
$this->includeFile($path . $includeFile);
}
// 3) include the Module's Application File
$moduleFile = $this->moduleManager->getApplicationFile();
$this->includeFile($path . $moduleFile);
// 4) create a new instance of the module application as $pageContent
$moduleClassName = $this->moduleManager->getName();
$pageContent = new $moduleClassName($this->db, $this->viewer, $this->labels);
// $this->debugDumpArray( $pageContent );
/*
* Setup any desired Module Parameters
* NOTE: the ModuleParameters should be in the form of:
* Key1=Val1;Key2=Val2;...;KeyN=ValN
*/
$parameterList = $this->moduleManager->getParameters();
if (!is_null($parameterList) && $parameterList != '') {
// Break into array of KEY=VAL statements
$parameterArray = explode(';', $parameterList);
// for each set of KEY=VAL statements ...
for ($paramIndx = 0; $paramIndx < count($parameterArray); $paramIndx++) {
// Seperate the KEY and VALUE
$paramKeyVal = explode('=', $parameterArray[$paramIndx]);
// Store Key & Val in $_REQUEST array
// $_REQUEST[ KEY ] = VALUE;
$_REQUEST[$paramKeyVal[0]] = $paramKeyVal[1];
}
}
/*
***
*** Loading PageContent information
***
*/
// Path to PageContent Module Root
$pageContent->setModuleRootPath($path);
/*
* Save Page CallBack string. This value is primarily used in
* the language Menu switching link. Here we need to make sure
* the languageID link isn't included.
*/
$queryString = '';
$rawQueryString = $_SERVER['QUERY_STRING'];
// for each set of query string values
$queryStringList = explode('&', $rawQueryString);
for ($indx = 0; $indx < count($queryStringList); $indx++) {
// if querystring is not the Language Switch Key
$keyValue = explode('=', $queryStringList[$indx]);
if ($keyValue[0] != Page::QS_LANGUAGE) {
// add the query string entry
if ($queryString != '') {
$queryString .= '&';
}
$queryString .= $queryStringList[$indx];
}
}
// put together the desired page call back
$pageCallBack = $this->getBaseURL() . '?' . $queryString;
$pageContent->setPageCallBack($pageCallBack);
/*
* Save Base CallBack string to return to this page/module.
* This value is used for the PageObject's getCallBack() function.
*
* NOTE: callBack=http://URL/here/base_page.php?p_Mod=[ModuleKey]
*
* NOTE: in the case of the Logout Module, we want the baseCallBack
* to be the Login module, not Logout module...
*/
$baseCallBack = $this->getBaseURL() . '?' . Page::QS_MODULE . '=' . $this->moduleKey;
$pageContent->setBaseCallBack($baseCallBack);
// CSS Styles
// Adding default site css file
$pageContent->addStyleSheet('site.css');
// Javascripts
// These are some of the standard scripts ...
$pageContent->addScript('GoogleAnalytics1.js');
$pageContent->addScript('GoogleAnalytics2.js');
$pageContent->addScript('milonic_src.jsp');
$pageContent->addScript('menu_data.jsp');
$pageContent->addScript('MM_swapImage.jsp');
$pageContent->addScript('MM_preloadImages.jsp');
$pageContent->addScript('MM_findObj.jsp');
//$this->debug( $pageContent->getXML() );
// Call PageContent LoadData()
$pageContent->loadData();
// Call PageContent ProcessData()
$pageContent->processData();
// Call PageContent PrepareDisplay()
$pageContent->prepareDisplayData();
// Now get the Template requested by the PageContent object
$templateFile = $pageContent->getPageTemplate();
$this->parseTemplateData($templateFile);
// Open up Template
$template = new Template($this->pageTemplatePath);
// NOTE: early versions of the framework used XML as the data
// transfer medium to the templates. Newer versions pass
// the information using arrays
//
// if this is a XMLObject then use XML method ...
if (is_a($pageContent, 'XMLObject_PageContent')) {
// Get Page Content XML
$pageContentXML = $pageContent->getXML();
// Set PageContent information
$template->setXML('page', $pageContentXML);
} else {
// Get Page Content XML
$pageContentData = $pageContent->getPageContent();
// Set PageContent information
$template->set('page', $pageContentData);
}
$template->set('userID', $this->viewer->getUserID());
// NEW CODE
$template->set('GCX_ConnexionBar', CASUser::getConnexionBar());
// END NEW CODE
// Get Template HTML
// display HTML
echo $template->fetch($this->pageTemplate);
// flush Output Buffer
ob_end_flush();
}
/**
* function __construct
* This is the class constructor for Viewer class
* Initialize a Viewer and determine if they are properly authenticated.
* <pre><code>
* Save the DB connection Info
* If no session ID is set then
* set the Session ID to empty string
* end if
* Get current viewer ID from session ID
* If viewer ID is empty then
* if isDestroySession is set then
* Destroy the Session
* end if
* initialize Empty UnAuthorized Viewer ID
* else
* User Credientials are valid so ...
* Mark as Valid Authentication
*
* Prepare an SQL statement to lookup the viewer info from the DB
* Now load the Data from the DB
* end if
* </pre>
* @param $isDestroySession [BOOL] Should we destroy the session data if not authenticated?
* @param $dbName [STRING] The name of the database the viewer info is stored in
* @param $dbPath [STRING] The path of the database the viewer info is stored in
* @param $dbUser [STRING] The login ID for the database the viewer info is stored in
* @param $dbPassword [STRING] The password of the database the viewer info is stored in
*/
function __construct($isDestroySession = true, $dbName = SITE_DB_NAME, $dbPath = SITE_DB_PATH, $dbUser = SITE_DB_USER, $dbPassword = SITE_DB_PWORD)
{
// if no session ID is set then
if (!isset($_SESSION[SESSION_ID_ID])) {
// set the Session ID to empty string
$_SESSION[SESSION_ID_ID] = '';
}
if ($_SESSION[SESSION_ID_ID] == '') {
$_SESSION[SESSION_ID_ID] = 0;
}
// Get current viewer ID from session ID
$this->viewerID = $_SESSION[SESSION_ID_ID];
// attempt to load a viewerManager object with current viewerID
$this->viewerManager = new RowManager_ViewerManager($this->viewerID);
if ($this->viewerManager->isLoaded()) {
// Update current Session ID with current ViewerID
$_SESSION[SESSION_ID_ID] = $this->viewerID;
if ($this->viewerManager->isActive()) {
$this->isAuthenticated = true;
} else {
$this->isAuthenticated = false;
}
} else {
// Info not stored in session, get from GCX
$this->isAuthenticated = false;
if (CASUser::checkAuth()) {
if (!empty($_SESSION['phpCAS']['guid'])) {
if ($this->validateLogin($_SESSION['phpCAS']['guid'])) {
// a user with this GUID exists in our system
$this->isAuthenticated = true;
} else {
// code added by Russ September 11, 2009
// a user with this GUID does not exist in our system - create them
$guid = $_SESSION['phpCAS']['guid'];
// echo "The GUID[".$guid."]<br/>";
$gcxUsername = $_SESSION['phpCAS']['user'];
// echo "The gcxUsername[".$gcxUsername."]<br/>";
// the gcxUsername is (supposed to be) an email
// check to see if there is a cim_hrdb_person record with this email
// the comparison needs to be case insensitive (since mysql is insensitive by default, no special doctoring is needed)
// search for person record
$personManager = new RowManager_PersonManager();
$foundPerson = $personManager->loadByEmail($gcxUsername);
// get the personID of the person that was searched
$personID = $personManager->getID();
// if record does not exist
// create one
// update the personID
if (!$foundPerson) {
// create a new person record
$newpersonManager = new RowManager_PersonManager();
$newpersonManager->setEmail($gcxUsername);
$newpersonManager->createNewEntry();
$personID = $newpersonManager->getID();
}
// link the personID to the GUID/viewer in the cim_hrdb_access table
// first, check to see if any entry already exists in the access table
// if foundPerson is true above, it's possible (may have been linked to old viewer/username but not promoted to GCX account yet)
$accessManager = new RowManager_AccessManager();
$accessEntryFound = $accessManager->loadByPersonID($personID);
$viewerID = -1;
$createNewViewer = true;
if ($accessEntryFound) {
$viewerID = $accessManager->getViewerID();
$viewerManager = new RowManager_ViewerManager($viewerID);
// double check to make sure the viewer referenced in the access table actually exists
$viewerAlreadyExists = $viewerManager->isLoaded();
if ($viewerAlreadyExists) {
// no need to create a new viewer
$createNewViewer = false;
// update the existing viewer with the GUID and gcxUsername
$viewerManager->setGUID($guid);
$viewerManager->setUserID($gcxUsername);
$viewerManager->setLastLogin();
$viewerManager->updateDBTable();
}
// viewerAlreadyExists
}
// accessEntryFound
if ($createNewViewer) {
// create new viewer (user)
$newviewerManager = new RowManager_ViewerManager();
$newviewerManager->setPassWord('xxx');
$newviewerManager->setUserID($gcxUsername);
$newviewerManager->setLanguageID(1);
// english
// TODO this value should not be hard-coded for the account group
$newviewerManager->setAccountGroupID(15);
// the 'unknown' group
$newviewerManager->setIsActive(true);
$newviewerManager->setGUID($guid);
$newviewerManager->setLastLogin();
$newviewerManager->createNewEntry();
$viewerID = $newviewerManager->getID();
// get the ID of the newly created viewer
if ($accessEntryFound) {
// update the access table to reference the newly created viewer for the persoa
// this is the case where an access table entry may have been orphaned due to the deletion of a viewer
$accessManager->setViewerID($viewerID);
$accessManager->updateDBTable();
} else {
// create an access table entry
$newaccessManager = new RowManager_AccessManager();
$newaccessManager->setViewerID($viewerID);
$newaccessManager->setPersonID($personID);
$newaccessManager->createNewEntry();
}
}
// put into the 'all' access group
$viewerAccessGroupManager = new RowManager_ViewerAccessGroupManager();
$viewerAccessGroupManager->setViewerID($viewerID);
$viewerAccessGroupManager->setAccessGroupID(ALL_ACCESS_GROUP);
// add to the 'all' access group
$viewerAccessGroupManager->createNewEntry();
// Debugging code added by Russ Martin
// echo "validate login failed<br/>";
// echo "<pre>".print_r($_SESSION,true)."</pre>";
// try again to see if everything updated correctly
if ($this->validateLogin($guid)) {
// a user/viewer with this GUID now exists in our system
$this->isAuthenticated = true;
} else {
echo "Something has gone wrong: gcxUsername[" . $gcxUsername . "], guid[" . $guid . "]<br/>";
}
}
} else {
// Debugging code added by Russ Martin
// echo "session variable for storing GUID is empty<br/>";
}
} else {
// Debugging code added by Russ Martin
// echo "CASUser::checkAuth() failed<br/>";
}
}
// set hasSession
$this->hasSession = $this->viewerID != '';
// if no session
if (!$this->hasSession) {
// User Credentials are invalid so
// if they want me to destroy the session then
if ($isDestroySession == true) {
// Remove session
// session_destroy();
}
}
}
/**
* Initializes the authority objects based on an associative array of arguments
* @param array $args an associate array of arguments. The argument list is dependent on the authority
*
* General - Required keys:
* TITLE => The human readable title of the AuthorityImage
* INDEX => The tag used to identify this authority @see AuthenticationAuthority::getAuthenticationAuthority
*
* General - Optional keys:
* LOGGEDIN_IMAGE_URL => a url to an image/badge that is placed next to the user name when logged in
*
* CAS - Required keys:
* CAS_PROTOCOL => The protocol to use. Should be equivalent to one of the phpCAS constants, e.g. "2.0":
* CAS_VERSION_1_0 => '1.0', CAS_VERSION_2_0 => '2.0', SAML_VERSION_1_1 => 'S1'
* CAS_HOST => The host name of the CAS server, e.g. "cas.example.edu"
* CAS_PORT => The port the CAS server is listening on, e.g. "443"
* CAS_PATH => The path of the CAS application, e.g. "/cas/"
* CAS_CA_CERT => The filesystem path to a CA certificate that will be used to validate the authenticity
* of the CAS server, e.g. "/etc/tls/pki/certs/my_ca_cert.crt". If empty, no certificate
* validation will be performed (not recommended for production).
*
* CAS - Optional keys:
* ATTRA_EMAIL => Attribute name for the user's email adress, e.g. "email". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_FIRST_NAME => Attribute name for the user's first name, e.g. "givename". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_LAST_NAME => Attribute name for the user's last name, e.g. "surname". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_FULL_NAME => Attribute name for the user's full name, e.g. "displayname". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_MEMBER_OF => Attribute name for the user's groups, e.g. "memberof". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
*
* NOTE: Any subclass MUST call parent::init($args) to ensure proper operation
*
*/
public function init($args)
{
parent::init($args);
// include the PHPCAS library
if (empty($args['CAS_PHPCAS_PATH'])) {
require_once 'CAS.php';
} else {
require_once $args['CAS_PHPCAS_PATH'] . '/CAS.php';
}
if (empty($args['CAS_PROTOCOL'])) {
throw new KurogoConfigurationException('CAS_PROTOCOL value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_HOST'])) {
throw new KurogoConfigurationException('CAS_HOST value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_PORT'])) {
throw new KurogoConfigurationException('CAS_PORT value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_PATH'])) {
throw new KurogoConfigurationException('CAS_PATH value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_PROXY_INIT'])) {
phpCAS::client($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false);
} else {
phpCAS::proxy($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false);
if (!empty($args['CAS_PROXY_TICKET_PATH'])) {
phpCAS::setPGTStorageFile('', $args['CAS_PROXY_TICKET_PATH']);
}
if (!empty($args['CAS_PROXY_FIXED_CALLBACK_URL'])) {
phpCAS::setFixedCallbackURL($args['CAS_PROXY_FIXED_CALLBACK_URL']);
}
}
if (empty($args['CAS_CA_CERT'])) {
phpCAS::setNoCasServerValidation();
} else {
phpCAS::setCasServerCACert($args['CAS_CA_CERT']);
}
// Record any attribute mapping configured.
if (!empty($args['ATTRA_EMAIL'])) {
CASUser::mapAttribute('Email', $args['ATTRA_EMAIL']);
}
if (!empty($args['ATTRA_FIRST_NAME'])) {
CASUser::mapAttribute('FirstName', $args['ATTRA_FIRST_NAME']);
}
if (!empty($args['ATTRA_LAST_NAME'])) {
CASUser::mapAttribute('LastName', $args['ATTRA_LAST_NAME']);
}
if (!empty($args['ATTRA_FULL_NAME'])) {
CASUser::mapAttribute('FullName', $args['ATTRA_FULL_NAME']);
}
// Store an attribute for group membership if configured.
if (!empty($args['ATTRA_MEMBER_OF'])) {
CASUser::mapAttribute('MemberOf', $args['ATTRA_MEMBER_OF']);
}
}
/**
* Initializes the authority objects based on an associative array of arguments
* @param array $args an associate array of arguments. The argument list is dependent on the authority
*
* General - Required keys:
* TITLE => The human readable title of the AuthorityImage
* INDEX => The tag used to identify this authority @see AuthenticationAuthority::getAuthenticationAuthority
*
* General - Optional keys:
* LOGGEDIN_IMAGE_URL => a url to an image/badge that is placed next to the user name when logged in
*
* CAS - Required keys:
* CAS_PROTOCOL => The protocol to use. Should be equivalent to one of the phpCAS constants, e.g. "2.0":
* CAS_VERSION_1_0 => '1.0', CAS_VERSION_2_0 => '2.0', SAML_VERSION_1_1 => 'S1'
* CAS_HOST => The host name of the CAS server, e.g. "cas.example.edu"
* CAS_PORT => The port the CAS server is listening on, e.g. "443"
* CAS_PATH => The path of the CAS application, e.g. "/cas/"
* CAS_CA_CERT => The filesystem path to a CA certificate that will be used to validate the authenticity
* of the CAS server, e.g. "/etc/tls/pki/certs/my_ca_cert.crt". If empty, no certificate
* validation will be performed (not recommended for production).
*
* CAS - Optional keys:
* ATTRA_EMAIL => Attribute name for the user's email adress, e.g. "email". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_FIRST_NAME => Attribute name for the user's first name, e.g. "givename". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_LAST_NAME => Attribute name for the user's last name, e.g. "surname". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_FULL_NAME => Attribute name for the user's full name, e.g. "displayname". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_MEMBER_OF => Attribute name for the user's groups, e.g. "memberof". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
*
* NOTE: Any subclass MUST call parent::init($args) to ensure proper operation
*
*/
public function init($args)
{
parent::init($args);
// include the PHPCAS library
if (empty($args['CAS_PHPCAS_PATH'])) {
require_once 'CAS.php';
} else {
require_once $args['CAS_PHPCAS_PATH'] . '/CAS.php';
}
if (!empty($args['CAS_DEBUG_LOG'])) {
phpCAS::setDebug($args['CAS_DEBUG_LOG']);
}
if (empty($args['CAS_PROTOCOL'])) {
throw new KurogoConfigurationException('CAS_PROTOCOL value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_HOST'])) {
throw new KurogoConfigurationException('CAS_HOST value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_PORT'])) {
throw new KurogoConfigurationException('CAS_PORT value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_PATH'])) {
throw new KurogoConfigurationException('CAS_PATH value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_PROXY_INIT'])) {
phpCAS::client($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false);
} else {
phpCAS::proxy($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false);
if (!empty($args['CAS_PROXY_TICKET_PATH']) && !empty($args['CAS_PROXY_TICKET_DB_DSN'])) {
throw new KurogoConfigurationException('Only one of CAS_PROXY_TICKET_PATH or CAS_PROXY_TICKET_DB_DSN may be set for ' . $this->AuthorityTitle);
}
if (!empty($args['CAS_PROXY_TICKET_PATH'])) {
if (version_compare(PHPCAS_VERSION, '1.3', '>=')) {
phpCAS::setPGTStorageFile($args['CAS_PROXY_TICKET_PATH']);
} else {
phpCAS::setPGTStorageFile('', $args['CAS_PROXY_TICKET_PATH']);
}
}
if (!empty($args['CAS_PROXY_TICKET_DB_DSN'])) {
$user = $pass = $table = $driver_opts = '';
if (!empty($args['CAS_PROXY_TICKET_DB_USER'])) {
$user = $args['CAS_PROXY_TICKET_DB_USER'];
}
if (!empty($args['CAS_PROXY_TICKET_DB_PASS'])) {
$pass = $args['CAS_PROXY_TICKET_DB_PASS'];
}
if (!empty($args['CAS_PROXY_TICKET_DB_TABLE'])) {
$table = $args['CAS_PROXY_TICKET_DB_TABLE'];
}
if (!empty($args['CAS_PROXY_TICKET_DB_DRIVER_OPTS'])) {
$driver_opts = $args['CAS_PROXY_TICKET_DB_DRIVER_OPTS'];
}
phpCAS::setPGTStorageDb($args['CAS_PROXY_TICKET_DB_DSN'], $user, $pass, $table, $driver_opts);
}
if (!empty($args['CAS_PROXY_FIXED_CALLBACK_URL'])) {
phpCAS::setFixedCallbackURL($args['CAS_PROXY_FIXED_CALLBACK_URL']);
}
}
if (empty($args['CAS_CA_CERT'])) {
phpCAS::setNoCasServerValidation();
} else {
phpCAS::setCasServerCACert($args['CAS_CA_CERT']);
}
// Record any attribute mapping configured.
if (!empty($args['ATTRA_EMAIL'])) {
CASUser::mapAttribute('Email', $args['ATTRA_EMAIL']);
}
if (!empty($args['ATTRA_FIRST_NAME'])) {
CASUser::mapAttribute('FirstName', $args['ATTRA_FIRST_NAME']);
}
if (!empty($args['ATTRA_LAST_NAME'])) {
CASUser::mapAttribute('LastName', $args['ATTRA_LAST_NAME']);
}
if (!empty($args['ATTRA_FULL_NAME'])) {
CASUser::mapAttribute('FullName', $args['ATTRA_FULL_NAME']);
}
// Store an attribute for group membership if configured.
if (!empty($args['ATTRA_MEMBER_OF'])) {
CASUser::mapAttribute('MemberOf', $args['ATTRA_MEMBER_OF']);
}
}
<div id="whitebox"> <img id="wcLogo" src="<?php echo $pageContent->pathToRoot; ?> ../../Images/loggin_screen_wcLogo.gif" alt="Winter Conference Logo" /> <span id="registerForWC"> Register for <span id="WCBlue">Winter Conference:</span> </span> <div id="gcxSection"> <img id="gcxlogo" src="<?php echo $pageContent->pathToRoot; ?> ../../Images/loggin_screen_GCXlogo.gif" alt="GCX" /> <a id="loginWithGXC" href="<?php print CASUser::login_link(); ?> ">Log-in with GCX</a> <span id="createGcxAccount"> If you don't have an existing GCX identity: <a href="https://signin.mygcx.org/sso/selfservice/ssoSignup.jsp">Create an Account</a> </span> <a id='whatisgcxlink' href='javascript:ShowWhatIsGCX();'>What is GCX login?</a> <div style='position: relative;'> <div id='whatisgcxlogin' class='NotShowed'> <div style="float:right"><a href='javascript:ShowWhatIsGCX();'>close</a></div><h2>What is GCX login?</h2> GCX is a single sign on login that authenticates you to use Campus for Christ web applications including: <ul> <li><a target='_blank' href='https://pulse.campusforchrist.org/'>Pulse</a></li> <li><a target='_blank' href='https://pat.powertochange.org/'>Project Application Tool</a></li> <li><a target='_blank' href='http://intranet.campusforchrist.org/'>Registration/Intranet</a></li> <li><a target='_blank' href='http://resources.campusforchrist.org/'>Resources</a></li>
<?php
require "General/gen_Includes.php";
CASUser::setup("/var/www/campus/dev.intranet.campusforchrist.org/callback.log");
CASUser::checkAuth();
function processData()
{
switch ($this->mode) {
case moduleLogin::MODE_SUBMIT:
$this->viewer->assumeValidSession();
if ($this->viewer->validateLogin($this->userID, $this->passWord)) {
$this->processForms();
} else {
$this->errorMessages = 'Invalid UserID & Password.';
}
break;
case moduleLogin::MODE_FORM:
if ($this->viewer->isAuthenticated() == false) {
$this->mode = moduleLogin::MODE_DISPLAY;
}
break;
case moduleLogin::MODE_LOGOUT:
$this->viewer->deleteSession();
CASUser::logout();
// now redirect the page BACK to the LOGIN page
header("Location:" . Page::getLoginURL());
break;
}
}
