Answer attributes about the authenticated user.
| public static getAttributes ( ) : array | ||
| return | array | |
public function __construct()
{
$this->attr = phpCAS::getAttributes();
$this->attr['username'] = phpCAS::getUser();
$this->id = $this->attr['user_id'];
unset($this->attr['sequence_token']);
}
function getAttributes()
{
if (phpCAS::isAuthenticated()) {
return phpCAS::getAttributes();
}
return null;
}
public function loginCallback()
{
$attributes = phpCAS::getAttributes();
$this->updateLocalUserFromBackend($attributes);
$usr_id = User::getUserIDByEmail($attributes['mail'], true);
$user = User::getDetails($usr_id);
Auth::createLoginCookie(APP_COOKIE, $user['usr_email'], true);
}
public static function modelAttributes()
{
$userInfo = array_combine(array('username', 'email', 'user_id'), explode('|', \phpCAS::getUser()));
$casInfo = array_change_key_case(array_map('urldecode', \phpCAS::getAttributes()), CASE_LOWER);
$casInfo['realname'] = $casInfo['username'];
unset($casInfo['useraccountcontrol'], $casInfo['usernum'], $casInfo['useremail']);
$return = array_merge($casInfo, $userInfo);
return $return;
}
/**
* Return user details, if the user is logged in.
*/
public function user()
{
if (phpCAS::isAuthenticated()) {
$userlogin = phpCAS::getUser();
$attributes = phpCAS::getAttributes();
return (object) array('userlogin' => $userlogin, 'attributes' => $attributes);
} else {
show_error("User was not authenticated yet.");
}
}
public static function post_login($parameters)
{
$uid = $parameters['uid'];
$casBackend = OC_USER_CAS::getInstance();
$userDatabase = new \OC\User\Database();
if (phpCAS::isAuthenticated()) {
// $cas_attributes may vary in name, therefore attributes are fetched to $attributes
$cas_attributes = phpCAS::getAttributes();
$cas_uid = phpCAS::getUser();
// parameters
$attributes = array();
if ($cas_uid == $uid) {
\OCP\Util::writeLog('cas', 'attr \\"' . implode(',', $cas_attributes) . '\\" for the user: '******'cas_name'] = $cas_attributes[$casBackend->displayNameMapping];
} else {
$attributes['cas_name'] = $cas_attributes['cn'];
}
if (array_key_exists($casBackend->mailMapping, $cas_attributes)) {
$attributes['cas_email'] = $cas_attributes[$casBackend->mailMapping];
} else {
$attributes['cas_email'] = $cas_attributes['mail'];
}
if (array_key_exists($casBackend->groupMapping, $cas_attributes)) {
$attributes['cas_groups'] = $cas_attributes[$casBackend->groupMapping];
} else {
if (!empty($casBackend->defaultGroup)) {
$attributes['cas_groups'] = array($casBackend->defaultGroup);
\OCP\Util::writeLog('cas', 'Using default group "' . $casBackend->defaultGroup . '" for the user: '******'/[^a-zA-Z0-9 _\\.@\\-]/', $uid)) {
\OCP\Util::writeLog('cas', 'Invalid username "' . $uid . '", allowed chars "a-zA-Z0-9" and "_.@-" ', \OCP\Util::DEBUG);
return false;
} else {
$random_password = \OCP\Util::generateRandomBytes(20);
\OCP\Util::writeLog('cas', 'Creating new user: ' . $uid, \OCP\Util::DEBUG);
$userDatabase->createUser($uid, $random_password);
// after creating the user, fill the attributes
if ($userDatabase->userExists($uid)) {
OC_USER_CAS_Hooks::update_user($uid, $attributes);
}
}
}
// try to update user attributes
if ($casBackend->updateUserData) {
OC_USER_CAS_Hooks::update_user($cas_uid, $attributes);
}
return true;
}
}
return false;
}
public static function sso($action = 'login')
{
include_once ROOT_PATH . 'lib/cas/CAS.php';
include_once ROOT_PATH . 'config/cas.php';
$client = '';
// error_reporting(E_ALL);
// ini_set("display_errors", 1);
$cas_host = CAS_HOST;
$cas_port = intval(CAS_PORT);
$cas_context = CAS_CONTEXT;
$phpCAS = new \phpCAS();
// $phpCAS->setDebug();
$phpCAS->client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context);
$phpCAS->setNoCasServerValidation();
$phpCAS->handleLogoutRequests();
$phpCAS->forceAuthentication();
if (isset($action) && $action == 'logout') {
$phpCAS->logout();
}
$client = $phpCAS->getAttributes();
return $client;
}
* ======================================================================== */
/*
* Authors: Giannis Kapetanakis <*****@*****.**>
*/
require_once '../../include/baseTheme.php';
require_once 'include/CAS/CAS.php';
require_once 'modules/auth/auth.inc.php';
$auth = 7;
cas_authenticate($auth);
if (phpCAS::checkAuthentication()) {
$cas = get_auth_settings($auth);
$_SESSION['cas_attributes'] = phpCAS::getAttributes();
$attrs = get_cas_attrs($_SESSION['cas_attributes'], $cas);
$_SESSION['cas_uname'] = phpCAS::getUser();
if (!empty($_SESSION['cas_uname'])) {
$_SESSION['uname'] = $_SESSION['cas_uname'];
}
if (!empty($attrs['casuserlastattr'])) {
$_SESSION['cas_surname'] = $attrs['casuserlastattr'];
}
if (!empty($attrs['casuserfirstattr'])) {
$_SESSION['cas_givenname'] = $attrs['casuserfirstattr'];
}
if (!empty($attrs['casusermailattr'])) {
$_SESSION['cas_email'] = $attrs['casusermailattr'];
}
$theme = $default_theme;
}
bindtextdomain('nixtape', $install_path . '/themes/' . $theme . '/locale/');
textdomain('nixtape');
$smarty = new Smarty();
$smarty->setTemplateDir(array($install_path . '/themes/' . $theme . '/templates/', $install_path . '/themes/thelist/templates/'));
$smarty->setPluginsDir(array(SMARTY_DIR . '/plugins/', $install_path . '/themes/' . $theme . '/plugins/', $install_path . '/themes/thelist/plugins/'));
$smarty->setCompileDir($install_path . '/themes/' . $theme . '/templates_c/');
$smarty->setCacheDir($install_path . '/cache/');
$smarty->setConfigDir(array($install_path . '/themes/' . $theme . '/config/', $install_path . '/themes/thelist/config/'));
$current_lang = preg_replace('/.UTF-8/', '', $current_lang);
$smarty->assign('casauth', $auth);
if ($auth) {
$casuid = phpCAS::getUser();
$smarty->assign('userid', phpCAS::getUser());
$attr = phpCAS::getAttributes();
$nickname = $attr['nickname'];
$smarty->assign('handle', $nickname);
$user = new User($casuid);
$userid = $user->id;
$makerid = $user->makerid;
$smarty->assign('makerid', $makerid);
}
$smarty->assign('lang_selector_array', array($current_lang => 1));
$smarty->assign('base_url', $base_url);
$smarty->assign('default_theme', $default_theme);
$smarty->assign('site_name', $site_name);
$smarty->assign('img_url', $base_url . '/themes/' . $theme . '/img/');
$smarty->assign('this_page', $_SERVER['REQUEST_URI']);
$smarty->assign('this_page_absolute', (empty($_SERVER['HTTPS']) ? 'http://' : 'http://') . (empty($_SERVER['HOST']) ? $_SERVER['SERVER_NAME'] : $_SERVER['HOST']) . ($_SERVER['SERVER_PORT'] == 80 ? '' : ':' . $_SERVER['SERVER_PORT']) . $_SERVER['REQUEST_URI']);
if (isset($logged_in) && $logged_in) {
<body>
<h2>Advanced SAML 1.1 example</h2>
<?php
require 'script_info.php';
?>
Authentication succeeded for user
<strong><?php
echo phpCAS::getUser();
?>
</strong>.
<h3>User Attributes</h3>
<ul>
<?php
foreach (phpCAS::getAttributes() as $key => $value) {
if (is_array($value)) {
echo '<li>', $key, ':<ol>';
foreach ($value as $item) {
echo '<li><strong>', $item, '</strong></li>';
}
echo '</ol></li>';
} else {
echo '<li>', $key, ': <strong>', $value, '</strong></li>' . PHP_EOL;
}
}
?>
</ul>
<p><a href="?logout=">Logout</a></p>
</body>
</html>
// logout if desired
if (isset($_REQUEST['logout'])) {
\phpCAS::logout(array('service' => 'http://www.testlogin1.my/login.php'));
}
// for this test, simply print that the authentication was successfull
?>
<html>
<head>
<title>www.testlogin1.my</title>
</head>
<body>
<h1>Successfull Authentication!</h1>
<?php
require 'script_info.php';
?>
<p>the user's login is <b><?php
echo \phpCAS::getUser();
?>
</b>.</p>
<p>phpCAS version is <b><?php
echo \phpCAS::getVersion();
?>
</b>.</p>
<p>the user's attributes is <b><?php
print_r(\phpCAS::getAttributes());
?>
</b></p>
<p><a href="?logout=1">Logout</a></p>
</body>
</html>
<?php
draw($tool_content, 0);
exit;
} else {
// try to authenticate user
$auth_method_settings = get_auth_settings($auth);
if ($auth == 6) {
redirect_to_home_page('secure/index_reg.php' . ($prof ? '?p=1' : ''));
}
$is_valid = auth_user_login($auth, $uname, $passwd, $auth_method_settings);
}
if ($auth == 7) {
if (phpCAS::checkAuthentication()) {
$uname = phpCAS::getUser();
$cas = get_auth_settings($auth);
// store CAS released attributes in $GLOBALS['auth_user_info']
get_cas_attrs(phpCAS::getAttributes(), $cas);
if (!empty($uname)) {
$is_valid = true;
}
}
}
}
if ($is_valid) {
// connection successful
$_SESSION['was_validated'] = array('auth' => $auth, 'uname' => $uname, 'uname_exists' => user_exists($uname));
if (isset($GLOBALS['auth_user_info'])) {
$_SESSION['was_validated']['auth_user_info'] = $GLOBALS['auth_user_info'];
}
} else {
$tool_content .= "<div class='alert alert-danger'>{$langConnNo}<br>{$langAuthNoValidUser}</div>" . "<p>« <a href='{$lastpage}'>{$langBack}</a></p>";
}
public function getUser(CakeRequest $request)
{
phpCAS::handleLogoutRequests(false);
phpCAS::forceAuthentication();
return array_merge(array('username' => phpCAS::getUser()), phpCAS::getAttributes());
}
function buildsurveysession($surveyid, $preview = false)
{
global $hitid, $hitname;
Yii::trace('start', 'survey.buildsurveysession');
global $secerror, $clienttoken;
global $tokensexist;
//global $surveyid;
global $move, $rooturl;
$sLangCode = App()->language;
$languagechanger = makeLanguageChangerSurvey($sLangCode);
if (!$preview) {
$preview = Yii::app()->getConfig('previewmode');
}
$thissurvey = getSurveyInfo($surveyid, $sLangCode);
$_SESSION['survey_' . $surveyid]['templatename'] = $thissurvey['template'];
// $thissurvey['template'] already fixed by model : but why put this in session ?
$_SESSION['survey_' . $surveyid]['templatepath'] = getTemplatePath($thissurvey['template']) . DIRECTORY_SEPARATOR;
$sTemplatePath = $_SESSION['survey_' . $surveyid]['templatepath'];
$loadsecurity = returnGlobal('loadsecurity', true);
// NO TOKEN REQUIRED BUT CAPTCHA ENABLED FOR SURVEY ACCESS
if ($tokensexist == 0 && isCaptchaEnabled('surveyaccessscreen', $thissurvey['usecaptcha']) && !isset($_SESSION['survey_' . $surveyid]['captcha_surveyaccessscreen']) && !$preview) {
//session_start();
require_once dirname(__FILE__) . "/CAS/CAS.php";
//指定log文件
phpCAS::setDebug('./log.log');
//指定cas地址,最后一个true表示是否cas服务器为https
phpCAS::client(CAS_VERSION_2_0, 'ids.hit.edu.cn', 443, 'authserver', true);
phpCAS::handleLogoutRequests();
//本地退出应该重定向到CAS进行退出,传递service参数可以使CAS退出后返回本应用
//demo表示退出请求为logout的请求
if (isset($_GET['logout'])) {
$param = array('service' => 'http://demo.cas.wisedu.cn:3273/');
phpCAS::logout($param);
exit;
}
//设置no ssl,即忽略证书检查.如果需要ssl,请用 phpCAS::setCasServerCACert()设置
//setCasServerCACert方法设置ssl证书,
phpCAS::setNoCasServerValidation();
phpCAS::forceAuthentication();
$hitid = phpCAS::getUser();
$hitname = phpCAS::getAttributes()["cn"];
/*//默认的就是这种状况
// IF CAPTCHA ANSWER IS NOT CORRECT OR NOT SET
//echo 2221;
if (!isset($loadsecurity) ||
!isset($_SESSION['survey_'.$surveyid]['secanswer']) ||
$loadsecurity != $_SESSION['survey_'.$surveyid]['secanswer'])
{
//echo 111;
sendCacheHeaders();
doHeader();
// No or bad answer to required security question
$redata = compact(array_keys(get_defined_vars()));
//下面一行测试注释掉,除样式没有发现其他影响
//echo templatereplace(file_get_contents($sTemplatePath."startpage.pstpl"),array(),$redata,'frontend_helper[875]');
//echo makedropdownlist();
echo templatereplace(file_get_contents($sTemplatePath."survey.pstpl"),array(),$redata,'frontend_helper[877]');
echo "我们需要对你的身份进行确认,确保你是哈尔滨工业大学师生,请点击下面的按钮进行全校统一认证登录";
if (isset($loadsecurity))
{ // was a bad answer
echo "<font color='#FF0000'>".gT("The answer to the security question is incorrect.")."</font><br />";
}
echo "<p class='captcha'>".gT("Please confirm access to survey by answering the security question below and click continue.")."</p>"
.CHtml::form(array("/survey/index","sid"=>$surveyid), 'post', array('class'=>'captcha'))."
<table align='center'>
<tr>
<td align='right' valign='middle'>
<input type='hidden' name='sid' value='".$surveyid."' id='sid' />
<input type='hidden' name='lang' value='".$sLangCode."' id='lang' />";
// In case we this is a direct Reload previous answers URL, then add hidden fields
if (isset($_GET['loadall']) && isset($_GET['scid'])
&& isset($_GET['loadname']) && isset($_GET['loadpass']))
{
echo "
<input type='hidden' name='loadall' value='".htmlspecialchars($_GET['loadall'],ENT_QUOTES, 'UTF-8')."' id='loadall' />
<input type='hidden' name='scid' value='".returnGlobal('scid',true)."' id='scid' />
<input type='hidden' name='loadname' value='".htmlspecialchars($_GET['loadname'],ENT_QUOTES, 'UTF-8')."' id='loadname' />
<input type='hidden' name='loadpass' value='".htmlspecialchars($_GET['loadpass'],ENT_QUOTES, 'UTF-8')."' id='loadpass' />";
}
echo "
</td>
</tr>";
if (function_exists("ImageCreate") && isCaptchaEnabled('surveyaccessscreen', $thissurvey['usecaptcha']))
{
echo "<tr>
<td align='center' valign='middle'><label for='captcha'>".gT("Security question:")."</label></td><td align='left' valign='middle'><table><tr><td valign='middle'><img src='".Yii::app()->getController()->createUrl('/verification/image/sid/'.$surveyid)."' alt='captcha' /></td>
<td valign='middle'><input id='captcha' type='text' size='5' maxlength='3' name='loadsecurity' value='' /></td></tr></table>
</td>
</tr>";
}
echo "<tr><td colspan='2' align='center'><input class='submit' type='submit' value='".gT("Continue")."' /></td></tr>
</table>
</form>";
echo templatereplace(file_get_contents($sTemplatePath."endpage.pstpl"),array(),$redata,'frontend_helper[1567]');
doFooter();
exit;
}
else{
$_SESSION['survey_'.$surveyid]['captcha_surveyaccessscreen']=true;
}*/
}
//BEFORE BUILDING A NEW SESSION FOR THIS SURVEY, LET'S CHECK TO MAKE SURE THE SURVEY SHOULD PROCEED!
// TOKEN REQUIRED BUT NO TOKEN PROVIDED
if ($tokensexist == 1 && !$clienttoken && !$preview) {
if ($thissurvey['nokeyboard'] == 'Y') {
includeKeypad();
$kpclass = "text-keypad";
} else {
$kpclass = "";
}
// DISPLAY REGISTER-PAGE if needed
// DISPLAY CAPTCHA if needed
if (isset($thissurvey) && $thissurvey['allowregister'] == "Y") {
// Add the event and test if done
Yii::app()->runController("register/index/sid/{$surveyid}");
Yii::app()->end();
} else {
sendCacheHeaders();
doHeader();
$redata = compact(array_keys(get_defined_vars()));
echo templatereplace(file_get_contents($sTemplatePath . "startpage.pstpl"), array(), $redata, 'frontend_helper[1594]');
//echo makedropdownlist();
echo templatereplace(file_get_contents($sTemplatePath . "survey.pstpl"), array(), $redata, 'frontend_helper[1596]');
// ->renderPartial('entertoken_view');
if (isset($secerror)) {
echo "<span class='error'>" . $secerror . "</span><br />";
}
echo '<div id="wrapper"><p id="tokenmessage">' . gT("This is a controlled survey. You need a valid token to participate.") . "<br />";
echo gT("If you have been issued a token, please enter it in the box below and click continue.") . "</p>\n <script type='text/javascript'>var focus_element='#token';</script>" . CHtml::form(array("/survey/index", "sid" => $surveyid), 'post', array('id' => 'tokenform', 'autocomplete' => 'off')) . "\n <ul>\n <li>";
?>
<label for='token'><?php
eT("Token:");
?>
</label><input class='text <?php
echo $kpclass;
?>
' id='token' type='password' name='token' value='' />
<?php
echo "<input type='hidden' name='sid' value='" . $surveyid . "' id='sid' />\n <input type='hidden' name='lang' value='" . $sLangCode . "' id='lang' />";
if (isset($_GET['newtest']) && $_GET['newtest'] == "Y") {
echo " <input type='hidden' name='newtest' value='Y' id='newtest' />";
}
// If this is a direct Reload previous answers URL, then add hidden fields
if (isset($_GET['loadall']) && isset($_GET['scid']) && isset($_GET['loadname']) && isset($_GET['loadpass'])) {
echo "\n <input type='hidden' name='loadall' value='" . htmlspecialchars($_GET['loadall'], ENT_QUOTES, 'UTF-8') . "' id='loadall' />\n <input type='hidden' name='scid' value='" . returnGlobal('scid', true) . "' id='scid' />\n <input type='hidden' name='loadname' value='" . htmlspecialchars($_GET['loadname'], ENT_QUOTES, 'UTF-8') . "' id='loadname' />\n <input type='hidden' name='loadpass' value='" . htmlspecialchars($_GET['loadpass'], ENT_QUOTES, 'UTF-8') . "' id='loadpass' />";
}
echo "</li>";
if (function_exists("ImageCreate") && isCaptchaEnabled('surveyaccessscreen', $thissurvey['usecaptcha'])) {
echo "<li>\n <label for='captchaimage'>" . gT("Security Question") . "</label><img id='captchaimage' src='" . Yii::app()->getController()->createUrl('/verification/image/sid/' . $surveyid) . "' alt='captcha' /><input type='text' size='5' maxlength='3' name='loadsecurity' value='' />\n </li>";
}
echo "<li>\n <input class='submit button' type='submit' value='" . gT("Continue") . "' />\n </li>\n </ul>\n </form></div>";
echo templatereplace(file_get_contents($sTemplatePath . "endpage.pstpl"), array(), $redata, 'frontend_helper[1645]');
doFooter();
exit;
}
} elseif ($tokensexist == 1 && $clienttoken && !isCaptchaEnabled('surveyaccessscreen', $thissurvey['usecaptcha'])) {
//check if token actually does exist
// check also if it is allowed to change survey after completion
if ($thissurvey['alloweditaftercompletion'] == 'Y') {
$oTokenEntry = Token::model($surveyid)->findByAttributes(array('token' => $clienttoken));
} else {
$oTokenEntry = Token::model($surveyid)->usable()->incomplete()->findByAttributes(array('token' => $clienttoken));
}
if (!isset($oTokenEntry)) {
//TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT
killSurveySession($surveyid);
sendCacheHeaders();
doHeader();
$redata = compact(array_keys(get_defined_vars()));
echo templatereplace(file_get_contents($sTemplatePath . "startpage.pstpl"), array(), $redata, 'frontend_helper[1676]');
echo templatereplace(file_get_contents($sTemplatePath . "survey.pstpl"), array(), $redata, 'frontend_helper[1677]');
echo '<div id="wrapper"><p id="tokenmessage">' . gT("This is a controlled survey. You need a valid token to participate.") . "<br /><br />\n" . "\t" . gT("The token you have provided is either not valid, or has already been used.") . "<br /><br />\n" . "\t" . sprintf(gT("For further information please contact %s"), $thissurvey['adminname']) . " (<a href='mailto:{$thissurvey['adminemail']}'>" . "{$thissurvey['adminemail']}</a>)</p></div>\n";
echo templatereplace(file_get_contents($sTemplatePath . "endpage.pstpl"), array(), $redata, 'frontend_helper[1684]');
doFooter();
exit;
}
} elseif ($tokensexist == 1 && $clienttoken && isCaptchaEnabled('surveyaccessscreen', $thissurvey['usecaptcha'])) {
// IF CAPTCHA ANSWER IS CORRECT
if (isset($loadsecurity) && isset($_SESSION['survey_' . $surveyid]['secanswer']) && $loadsecurity == $_SESSION['survey_' . $surveyid]['secanswer']) {
if ($thissurvey['alloweditaftercompletion'] == 'Y') {
$oTokenEntry = Token::model($surveyid)->findByAttributes(array('token' => $clienttoken));
} else {
$oTokenEntry = Token::model($surveyid)->incomplete()->findByAttributes(array('token' => $clienttoken));
}
if (!isset($oTokenEntry)) {
sendCacheHeaders();
doHeader();
//TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT
$redata = compact(array_keys(get_defined_vars()));
echo templatereplace(file_get_contents($sTemplatePath . "startpage.pstpl"), array(), $redata, 'frontend_helper[1719]');
echo templatereplace(file_get_contents($sTemplatePath . "survey.pstpl"), array(), $redata, 'frontend_helper[1720]');
echo "\t<div id='wrapper'>\n" . "\t<p id='tokenmessage'>\n" . "\t" . gT("This is a controlled survey. You need a valid token to participate.") . "<br /><br />\n" . "\t" . gT("The token you have provided is either not valid, or has already been used.") . "<br/><br />\n" . "\t" . sprintf(gT("For further information please contact %s"), $thissurvey['adminname']) . " (<a href='mailto:{$thissurvey['adminemail']}'>" . "{$thissurvey['adminemail']}</a>)\n" . "\t</p>\n" . "\t</div>\n";
echo templatereplace(file_get_contents($sTemplatePath . "endpage.pstpl"), array(), $redata, 'frontend_helper[1731]');
doFooter();
exit;
}
} else {
if (!isset($move) || is_null($move)) {
unset($_SESSION['survey_' . $surveyid]['srid']);
$gettoken = $clienttoken;
sendCacheHeaders();
doHeader();
// No or bad answer to required security question
$redata = compact(array_keys(get_defined_vars()));
echo templatereplace(file_get_contents($sTemplatePath . "startpage.pstpl"), array(), $redata, 'frontend_helper[1745]');
echo templatereplace(file_get_contents($sTemplatePath . "survey.pstpl"), array(), $redata, 'frontend_helper[1746]');
// If token wasn't provided and public registration
// is enabled then show registration form
if (!isset($gettoken) && isset($thissurvey) && $thissurvey['allowregister'] == "Y") {
echo templatereplace(file_get_contents($sTemplatePath . "register.pstpl"), array(), $redata, 'frontend_helper[1751]');
} else {
// only show CAPTCHA
echo '<div id="wrapper"><p id="tokenmessage">';
if (isset($loadsecurity)) {
// was a bad answer
echo "<span class='error'>" . gT("The answer to the security question is incorrect.") . "</span><br />";
}
echo gT("This is a controlled survey. You need a valid token to participate.") . "<br /><br />";
// IF TOKEN HAS BEEN GIVEN THEN AUTOFILL IT
// AND HIDE ENTRY FIELD
if (!isset($gettoken)) {
echo gT("If you have been issued a token, please enter it in the box below and click continue.") . "</p>\n <form id='tokenform' method='get' action='" . Yii::app()->getController()->createUrl("/survey/index") . "'>\n <ul>\n <li>\n <input type='hidden' name='sid' value='" . $surveyid . "' id='sid' />\n <input type='hidden' name='lang' value='" . $sLangCode . "' id='lang' />";
if (isset($_GET['loadall']) && isset($_GET['scid']) && isset($_GET['loadname']) && isset($_GET['loadpass'])) {
echo "<input type='hidden' name='loadall' value='" . htmlspecialchars($_GET['loadall'], ENT_QUOTES, 'UTF-8') . "' id='loadall' />\n <input type='hidden' name='scid' value='" . returnGlobal('scid', true) . "' id='scid' />\n <input type='hidden' name='loadname' value='" . htmlspecialchars($_GET['loadname'], ENT_QUOTES, 'UTF-8') . "' id='loadname' />\n <input type='hidden' name='loadpass' value='" . htmlspecialchars($_GET['loadpass'], ENT_QUOTES, 'UTF-8') . "' id='loadpass' />";
}
echo '<label for="token">' . gT("Token") . "</label><input class='text' type='password' id='token' name='token'></li>";
} else {
echo gT("Please confirm the token by answering the security question below and click continue.") . "</p>\n <form id='tokenform' method='get' action='" . Yii::app()->getController()->createUrl("/survey/index") . "'>\n <ul>\n <li>\n <input type='hidden' name='sid' value='" . $surveyid . "' id='sid' />\n <input type='hidden' name='lang' value='" . $sLangCode . "' id='lang' />";
if (isset($_GET['loadall']) && isset($_GET['scid']) && isset($_GET['loadname']) && isset($_GET['loadpass'])) {
echo "<input type='hidden' name='loadall' value='" . htmlspecialchars($_GET['loadall'], ENT_QUOTES, 'UTF-8') . "' id='loadall' />\n <input type='hidden' name='scid' value='" . returnGlobal('scid', true) . "' id='scid' />\n <input type='hidden' name='loadname' value='" . htmlspecialchars($_GET['loadname'], ENT_QUOTES, 'UTF-8') . "' id='loadname' />\n <input type='hidden' name='loadpass' value='" . htmlspecialchars($_GET['loadpass'], ENT_QUOTES, 'UTF-8') . "' id='loadpass' />";
}
echo '<label for="token">' . gT("Token:") . "</label><span id='token'>{$gettoken}</span>" . "<input type='hidden' name='token' value='{$gettoken}'></li>";
}
if (function_exists("ImageCreate") && isCaptchaEnabled('surveyaccessscreen', $thissurvey['usecaptcha'])) {
echo "<li>\n <label for='captchaimage'>" . gT("Security Question") . "</label><img id='captchaimage' src='" . Yii::app()->getController()->createUrl('/verification/image/sid/' . $surveyid) . "' alt='captcha' /><input type='text' size='5' maxlength='3' name='loadsecurity' value='' />\n </li>";
}
echo "<li><input class='submit' type='submit' value='" . gT("Continue") . "' /></li>\n </ul>\n </form>\n </id>";
}
echo '</div>' . templatereplace(file_get_contents($sTemplatePath . "endpage.pstpl"), array(), $redata, 'frontend_helper[1817]');
doFooter();
exit;
}
}
}
//RESET ALL THE SESSION VARIABLES AND START AGAIN
unset($_SESSION['survey_' . $surveyid]['grouplist']);
unset($_SESSION['survey_' . $surveyid]['fieldarray']);
unset($_SESSION['survey_' . $surveyid]['insertarray']);
unset($_SESSION['survey_' . $surveyid]['fieldnamesInfo']);
unset($_SESSION['survey_' . $surveyid]['fieldmap-' . $surveyid . '-randMaster']);
unset($_SESSION['survey_' . $surveyid]['groupReMap']);
$_SESSION['survey_' . $surveyid]['fieldnamesInfo'] = array();
// Multi lingual support order : by REQUEST, if not by Token->language else by survey default language
if (returnGlobal('lang', true)) {
$language_to_set = returnGlobal('lang', true);
} elseif (isset($oTokenEntry) && $oTokenEntry) {
// If survey have token : we have a $oTokenEntry
// Can use $oTokenEntry = Token::model($surveyid)->findByAttributes(array('token'=>$clienttoken)); if we move on another function : this par don't validate the token validity
$language_to_set = $oTokenEntry->language;
} else {
$language_to_set = $thissurvey['language'];
}
// Always SetSurveyLanguage : surveys controller SetSurveyLanguage too, if different : broke survey (#09769)
SetSurveyLanguage($surveyid, $language_to_set);
UpdateGroupList($surveyid, $_SESSION['survey_' . $surveyid]['s_lang']);
$sQuery = "SELECT count(*)\n" . " FROM {{groups}} INNER JOIN {{questions}} ON {{groups}}.gid = {{questions}}.gid\n" . " WHERE {{questions}}.sid=" . $surveyid . "\n" . " AND {{groups}}.language='" . App()->getLanguage() . "'\n" . " AND {{questions}}.language='" . App()->getLanguage() . "'\n" . " AND {{questions}}.parent_qid=0\n";
$totalquestions = Yii::app()->db->createCommand($sQuery)->queryScalar();
$sQuery = "select count(*) from {{groups}}\n left join {{questions}} on {{groups}}.gid={{questions}}.gid\n where {{groups}}.sid={$surveyid} and qid is null";
$iTotalGroupsWithoutQuestions = Yii::app()->db->createCommand($sQuery)->queryScalar();
// Fix totalquestions by substracting Test Display questions
$iNumberofQuestions = dbExecuteAssoc("SELECT count(*)\n" . " FROM {{questions}}" . " WHERE type in ('X','*')\n" . " AND sid={$surveyid}" . " AND language='" . $_SESSION['survey_' . $surveyid]['s_lang'] . "'" . " AND parent_qid=0")->read();
$_SESSION['survey_' . $surveyid]['totalquestions'] = $totalquestions - (int) reset($iNumberofQuestions);
//2. SESSION VARIABLE: totalsteps
//The number of "pages" that will be presented in this survey
//The number of pages to be presented will differ depending on the survey format
switch ($thissurvey['format']) {
case "A":
$_SESSION['survey_' . $surveyid]['totalsteps'] = 1;
break;
case "G":
if (isset($_SESSION['survey_' . $surveyid]['grouplist'])) {
$_SESSION['survey_' . $surveyid]['totalsteps'] = count($_SESSION['survey_' . $surveyid]['grouplist']);
}
break;
case "S":
$_SESSION['survey_' . $surveyid]['totalsteps'] = $totalquestions;
}
if ($totalquestions == 0 || $iTotalGroupsWithoutQuestions > 0) {
sendCacheHeaders();
doHeader();
$redata = compact(array_keys(get_defined_vars()));
echo templatereplace(file_get_contents($sTemplatePath . "startpage.pstpl"), array(), $redata, 'frontend_helper[1914]');
echo templatereplace(file_get_contents($sTemplatePath . "survey.pstpl"), array(), $redata, 'frontend_helper[1915]');
echo "\t<div id='wrapper'>\n" . "\t<p id='tokenmessage'>\n" . "\t" . gT("This survey cannot be tested or completed for the following reason(s):") . "<br />\n";
echo "<ul>";
if ($totalquestions == 0) {
echo '<li>' . gT("There are no questions in this survey.") . '</li>';
}
if ($iTotalGroupsWithoutQuestions == 0) {
echo '<li>' . gT("There are empty question groups in this survey - please create at least one question within a question group.") . '</li>';
}
echo "</ul>" . "\t" . sprintf(gT("For further information please contact %s"), $thissurvey['adminname']) . " (<a href='mailto:{$thissurvey['adminemail']}'>" . "{$thissurvey['adminemail']}</a>)<br /><br />\n" . "\t</p>\n" . "\t</div>\n";
echo templatereplace(file_get_contents($sTemplatePath . "endpage.pstpl"), array(), $redata, 'frontend_helper[1925]');
doFooter();
exit;
}
//Perform a case insensitive natural sort on group name then question title of a multidimensional array
// usort($arows, 'groupOrderThenQuestionOrder');
//3. SESSION VARIABLE - insertarray
//An array containing information about used to insert the data into the db at the submit stage
//4. SESSION VARIABLE - fieldarray
//See rem at end..
if ($tokensexist == 1 && $clienttoken) {
$_SESSION['survey_' . $surveyid]['token'] = $clienttoken;
}
if ($thissurvey['anonymized'] == "N") {
$_SESSION['survey_' . $surveyid]['insertarray'][] = "token";
}
$qtypes = getQuestionTypeList('', 'array');
$fieldmap = createFieldMap($surveyid, 'full', true, false, $_SESSION['survey_' . $surveyid]['s_lang']);
// Randomization groups for groups
$aRandomGroups = array();
$aGIDCompleteMap = array();
// first find all groups and their groups IDS
$criteria = new CDbCriteria();
$criteria->addColumnCondition(array('sid' => $surveyid, 'language' => $_SESSION['survey_' . $surveyid]['s_lang']));
$criteria->addCondition("randomization_group != ''");
$oData = QuestionGroup::model()->findAll($criteria);
foreach ($oData as $aGroup) {
$aRandomGroups[$aGroup['randomization_group']][] = $aGroup['gid'];
}
// Shuffle each group and create a map for old GID => new GID
foreach ($aRandomGroups as $sGroupName => $aGIDs) {
$aShuffledIDs = $aGIDs;
shuffle($aShuffledIDs);
$aGIDCompleteMap = $aGIDCompleteMap + array_combine($aGIDs, $aShuffledIDs);
}
$_SESSION['survey_' . $surveyid]['groupReMap'] = $aGIDCompleteMap;
$randomized = false;
// So we can trigger reorder once for group and question randomization
// Now adjust the grouplist
if (count($aRandomGroups) > 0 && !$preview) {
$randomized = true;
// So we can trigger reorder once for group and question randomization
// Now adjust the grouplist
Yii::import('application.helpers.frontend_helper', true);
// make sure frontend helper is loaded
UpdateGroupList($surveyid, $_SESSION['survey_' . $surveyid]['s_lang']);
// ... and the fieldmap
// First create a fieldmap with GID as key
foreach ($fieldmap as $aField) {
if (isset($aField['gid'])) {
$GroupFieldMap[$aField['gid']][] = $aField;
} else {
$GroupFieldMap['other'][] = $aField;
}
}
// swap it
foreach ($GroupFieldMap as $iOldGid => $fields) {
$iNewGid = $iOldGid;
if (isset($aGIDCompleteMap[$iOldGid])) {
$iNewGid = $aGIDCompleteMap[$iOldGid];
}
$newGroupFieldMap[$iNewGid] = $GroupFieldMap[$iNewGid];
}
$GroupFieldMap = $newGroupFieldMap;
// and convert it back to a fieldmap
unset($fieldmap);
foreach ($GroupFieldMap as $aGroupFields) {
foreach ($aGroupFields as $aField) {
if (isset($aField['fieldname'])) {
$fieldmap[$aField['fieldname']] = $aField;
// isset() because of the shuffled flag above
}
}
}
unset($GroupFieldMap);
}
// Randomization groups for questions
// Find all defined randomization groups through question attribute values
$randomGroups = array();
if (in_array(Yii::app()->db->getDriverName(), array('mssql', 'sqlsrv', 'dblib'))) {
$rgquery = "SELECT attr.qid, CAST(value as varchar(255)) as value FROM {{question_attributes}} as attr right join {{questions}} as quests on attr.qid=quests.qid WHERE attribute='random_group' and CAST(value as varchar(255)) <> '' and sid={$surveyid} GROUP BY attr.qid, CAST(value as varchar(255))";
} else {
$rgquery = "SELECT attr.qid, value FROM {{question_attributes}} as attr right join {{questions}} as quests on attr.qid=quests.qid WHERE attribute='random_group' and value <> '' and sid={$surveyid} GROUP BY attr.qid, value";
}
$rgresult = dbExecuteAssoc($rgquery);
foreach ($rgresult->readAll() as $rgrow) {
// Get the question IDs for each randomization group
$randomGroups[$rgrow['value']][] = $rgrow['qid'];
}
// If we have randomization groups set, then lets cycle through each group and
// replace questions in the group with a randomly chosen one from the same group
if (count($randomGroups) > 0 && !$preview) {
$randomized = true;
// So we can trigger reorder once for group and question randomization
$copyFieldMap = array();
$oldQuestOrder = array();
$newQuestOrder = array();
$randGroupNames = array();
foreach ($randomGroups as $key => $value) {
$oldQuestOrder[$key] = $randomGroups[$key];
$newQuestOrder[$key] = $oldQuestOrder[$key];
// We shuffle the question list to get a random key->qid which will be used to swap from the old key
shuffle($newQuestOrder[$key]);
$randGroupNames[] = $key;
}
// Loop through the fieldmap and swap each question as they come up
foreach ($fieldmap as $fieldkey => $fieldval) {
$found = 0;
foreach ($randomGroups as $gkey => $gval) {
// We found a qid that is in the randomization group
if (isset($fieldval['qid']) && in_array($fieldval['qid'], $oldQuestOrder[$gkey])) {
// Get the swapped question
$idx = array_search($fieldval['qid'], $oldQuestOrder[$gkey]);
foreach ($fieldmap as $key => $field) {
if (isset($field['qid']) && $field['qid'] == $newQuestOrder[$gkey][$idx]) {
$field['random_gid'] = $fieldval['gid'];
// It is possible to swap to another group
$copyFieldMap[$key] = $field;
}
}
$found = 1;
break;
} else {
$found = 2;
}
}
if ($found == 2) {
$copyFieldMap[$fieldkey] = $fieldval;
}
reset($randomGroups);
}
$fieldmap = $copyFieldMap;
}
if ($randomized === true) {
// reset the sequencing counts
$gseq = -1;
$_gid = -1;
$qseq = -1;
$_qid = -1;
$copyFieldMap = array();
foreach ($fieldmap as $key => $val) {
if ($val['gid'] != '') {
if (isset($val['random_gid'])) {
$gid = $val['random_gid'];
} else {
$gid = $val['gid'];
}
if ($gid != $_gid) {
$_gid = $gid;
++$gseq;
}
}
if ($val['qid'] != '' && $val['qid'] != $_qid) {
$_qid = $val['qid'];
++$qseq;
}
if ($val['gid'] != '' && $val['qid'] != '') {
$val['groupSeq'] = $gseq;
$val['questionSeq'] = $qseq;
}
$copyFieldMap[$key] = $val;
}
$fieldmap = $copyFieldMap;
unset($copyFieldMap);
$_SESSION['survey_' . $surveyid]['fieldmap-' . $surveyid . $_SESSION['survey_' . $surveyid]['s_lang']] = $fieldmap;
$_SESSION['survey_' . $surveyid]['fieldmap-' . $surveyid . '-randMaster'] = 'fieldmap-' . $surveyid . $_SESSION['survey_' . $surveyid]['s_lang'];
}
// TMSW Condition->Relevance: don't need hasconditions, or usedinconditions
$_SESSION['survey_' . $surveyid]['fieldmap'] = $fieldmap;
foreach ($fieldmap as $field) {
if (isset($field['qid']) && $field['qid'] != '') {
$_SESSION['survey_' . $surveyid]['fieldnamesInfo'][$field['fieldname']] = $field['sid'] . 'X' . $field['gid'] . 'X' . $field['qid'];
$_SESSION['survey_' . $surveyid]['insertarray'][] = $field['fieldname'];
//fieldarray ARRAY CONTENTS -
// [0]=questions.qid,
// [1]=fieldname,
// [2]=questions.title,
// [3]=questions.question
// [4]=questions.type,
// [5]=questions.gid,
// [6]=questions.mandatory,
// [7]=conditionsexist,
// [8]=usedinconditions
// [8]=usedinconditions
// [9]=used in group.php for question count
// [10]=new group id for question in randomization group (GroupbyGroup Mode)
if (!isset($_SESSION['survey_' . $surveyid]['fieldarray'][$field['sid'] . 'X' . $field['gid'] . 'X' . $field['qid']])) {
//JUST IN CASE : PRECAUTION!
//following variables are set only if $style=="full" in createFieldMap() in common_helper.
//so, if $style = "short", set some default values here!
if (isset($field['title'])) {
$title = $field['title'];
} else {
$title = "";
}
if (isset($field['question'])) {
$question = $field['question'];
} else {
$question = "";
}
if (isset($field['mandatory'])) {
$mandatory = $field['mandatory'];
} else {
$mandatory = 'N';
}
if (isset($field['hasconditions'])) {
$hasconditions = $field['hasconditions'];
} else {
$hasconditions = 'N';
}
if (isset($field['usedinconditions'])) {
$usedinconditions = $field['usedinconditions'];
} else {
$usedinconditions = 'N';
}
$_SESSION['survey_' . $surveyid]['fieldarray'][$field['sid'] . 'X' . $field['gid'] . 'X' . $field['qid']] = array($field['qid'], $field['sid'] . 'X' . $field['gid'] . 'X' . $field['qid'], $title, $question, $field['type'], $field['gid'], $mandatory, $hasconditions, $usedinconditions);
}
if (isset($field['random_gid'])) {
$_SESSION['survey_' . $surveyid]['fieldarray'][$field['sid'] . 'X' . $field['gid'] . 'X' . $field['qid']][10] = $field['random_gid'];
}
}
}
// Prefill questions/answers from command line params
$reservedGetValues = array('token', 'sid', 'gid', 'qid', 'lang', 'newtest', 'action');
$startingValues = array();
if (isset($_GET)) {
foreach ($_GET as $k => $v) {
if (!in_array($k, $reservedGetValues) && isset($_SESSION['survey_' . $surveyid]['fieldmap'][$k])) {
$startingValues[$k] = $v;
} else {
// Search question codes to use those for prefilling.
foreach ($_SESSION['survey_' . $surveyid]['fieldmap'] as $sgqa => $details) {
if ($details['title'] == $k) {
$startingValues[$sgqa] = $v;
}
}
}
}
}
$_SESSION['survey_' . $surveyid]['startingValues'] = $startingValues;
if (isset($_SESSION['survey_' . $surveyid]['fieldarray'])) {
$_SESSION['survey_' . $surveyid]['fieldarray'] = array_values($_SESSION['survey_' . $surveyid]['fieldarray']);
}
//Check if a passthru label and value have been included in the query url
$oResult = SurveyURLParameter::model()->getParametersForSurvey($surveyid);
foreach ($oResult->readAll() as $aRow) {
if (isset($_GET[$aRow['parameter']]) && !$preview) {
$_SESSION['survey_' . $surveyid]['urlparams'][$aRow['parameter']] = $_GET[$aRow['parameter']];
if ($aRow['targetqid'] != '') {
foreach ($fieldmap as $sFieldname => $aField) {
if ($aRow['targetsqid'] != '') {
if ($aField['qid'] == $aRow['targetqid'] && $aField['sqid'] == $aRow['targetsqid']) {
$_SESSION['survey_' . $surveyid]['startingValues'][$sFieldname] = $_GET[$aRow['parameter']];
$_SESSION['survey_' . $surveyid]['startingValues'][$aRow['parameter']] = $_GET[$aRow['parameter']];
}
} else {
if ($aField['qid'] == $aRow['targetqid']) {
$_SESSION['survey_' . $surveyid]['startingValues'][$sFieldname] = $_GET[$aRow['parameter']];
$_SESSION['survey_' . $surveyid]['startingValues'][$aRow['parameter']] = $_GET[$aRow['parameter']];
}
}
}
}
}
}
Yii::trace('end', 'survey.buildsurveysession');
}
private function authenticate_cas() {
/* *****
* Toute la partie authentification en elle-même a été déplacée dans le
* fichier login_sso.php, afin de permettre à phpCAS de gérer tout seul
* la session PHP.
* *****
*
include_once('CAS.php');
if ($GLOBALS['mode_debug']) {
phpCAS::setDebug($GLOBALS['debug_log_file']);
}
// config_cas.inc.php est le fichier d'informations de connexions au serveur cas
$path = dirname(__FILE__)."/../secure/config_cas.inc.php";
include($path);
# On défini l'URL de base, pour que phpCAS ne se trompe pas dans la génération
# de l'adresse de retour vers le service (attention, requiert patchage manuel
# de phpCAS !!)
if (isset($GLOBALS['gepiBaseUrl'])) {
$url_base = $GLOBALS['gepiBaseUrl'];
} else {
$url_base = $this->https_request() ? 'https' : 'http';
$url_base .= '://';
$url_base .= $_SERVER['SERVER_NAME'];
}
// Le premier argument est la version du protocole CAS
// Le dernier argument a été ajouté par patch manuel de phpCAS.
phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_root, false, $url_base);
phpCAS::setLang('french');
// redirige vers le serveur d'authentification si aucun utilisateur authentifié n'a
// été trouvé par le client CAS.
phpCAS::setNoCasServerValidation();
// Gestion du single sign-out
phpCAS::handleLogoutRequests(false);
// Authentification
phpCAS::forceAuthentication();
*/
if (getSettingValue("sso_cas_table") == 'yes') {
$this->login_sso = phpCAS::getUser();
$test = $this->test_loginsso();
if ($test == '0') {
//la correspondance n'existe pas dans gépi; on detruit la session avant de rediriger.
session_destroy();
header("Location:login_failure.php?error=11&mode=sso_table");
exit;
} else {
$this->login = $test;
}
} else {
$this->login = phpCAS::getUser();
}
/* La session est gérée par phpCAS directement, en amont. On n'y touche plus.
session_name("GEPI");
session_start();
*/
$_SESSION['login'] = $this->login;
$this->current_auth_mode = "sso";
// Extractions des attributs supplémentaires, le cas échéant
$tab = phpCAS::getAttributes();
$attributs = array('prenom','nom','email');
foreach($attributs as $attribut) {
$code_attribut = getSettingValue('cas_attribut_'.$attribut);
// Si un attribut a été spécifié, on va le chercher
if (!empty($code_attribut)) {
if (isset($tab[$code_attribut])) {
$valeur = $tab[$code_attribut];
if (!empty($valeur)){
// L'attribut est trouvé et non vide, on l'assigne pour mettre à jour l'utilisateur
// On s'assure que la chaîne est bien enregistrée en UTF-8.
$valeur = ensure_utf8($valeur);
$this->cas_extra_attributes[$attribut] = trim(mysqli_real_escape_string($GLOBALS["mysqli"], $valeur));
}
}
}
}
return true;
}
/**
* Zend_Auth Authentication
*
* @param return boolean
*/
public function authenticate()
{
if (phpCAS::checkAuthentication()) {
$user = phpCAS::getAttributes();
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $user);
}
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null, $this->_errors);
/*
if($user = $this->validateTicket($this->getTicket(), $this->getService())) {
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $user);
}
else {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null, $this->_errors);
}*/
}
function authenticate()
{
global $wpcas_options, $cas_configured;
phpCAS::setDebug('/tmp/phpCAS.log');
if (!$cas_configured) {
die(__('wpCAS plugin not configured', 'wpcas'));
}
if (phpCAS::isAuthenticated()) {
/**
* @author dbalseiro
* Me fijo en el atributo Tipo de Usuario para ver si accede o no a la app
*/
$tipoUsr = phpCAS::getAttributes();
$tipoUsr = $tipoUsr['personType'];
phpCAS::trace($tipoUsr);
if ($tipoUsr != 'INTERNA') {
wp_die('No tiene permiso para acceder a esta aplicacion');
die;
}
// CAS was successful
$user = get_user_by('login', phpCAS::getUser());
if (!$user) {
$email = phpCAS::getAttributes();
$email = $email['email'];
$user = get_user_by('email', $email);
}
if ($user) {
// user already exists
// the CAS user has a WP account
wp_set_auth_cookie($user->ID);
if (isset($_GET['redirect_to'])) {
wp_redirect(preg_match('/^http/', $_GET['redirect_to']) ? $_GET['redirect_to'] : site_url($_GET['redirect_to']));
die;
}
wp_redirect(site_url('/'));
die;
} else {
// the CAS user _does_not_have_ a WP account
if (function_exists('wpcas_nowpuser')) {
$email = phpCAS::getAttributes();
$email = $email['email'];
wpcas_nowpuser(phpCAS::getUser(), $email);
} else {
die(__('you do not have permission here', 'wpcas'));
}
}
} else {
phpCAS::forceAuthentication();
die("NOT AUTHENTICATED");
}
}
function _setCASGroups()
{
if (phpCAS::checkAuthentication()) {
$attributes = plaincas_pattern_attributes(phpCAS::getAttributes());
if (!is_array($attributes)) {
$attributes = array($attributes);
}
$patterns = plaincas_group_patterns();
if (!empty($patterns)) {
foreach ($patterns as $role => $pattern) {
foreach ($attributes as $attribute) {
// An invalid pattern will generate a php warning and will not be considered.
if (preg_match($pattern, $attribute)) {
$this->_addUserGroup($role);
}
}
}
} else {
foreach ($attributes as $attribute) {
// Add all attributes as groups
$this->_addUserGroup($attribute);
}
}
}
}
function cas_authenticate($auth, $new = false, $cas_host = null, $cas_port = null, $cas_context = null, $cas_cachain = null)
{
global $langConnectWith, $langNotSSL;
// SESSION does not exist if user has not been authenticated
$ret = array();
if (!$new) {
$cas = get_auth_settings($auth);
if ($cas) {
$cas_host = $cas['cas_host'];
$cas_port = $cas['cas_port'];
$cas_context = $cas['cas_context'];
$cas_cachain = $cas['cas_cachain'];
$casusermailattr = $cas['casusermailattr'];
$casuserfirstattr = $cas['casuserfirstattr'];
$casuserlastattr = $cas['casuserlastattr'];
$cas_altauth = $cas['cas_altauth'];
}
}
if ($new or $cas) {
$cas_url = 'https://' . $cas_host;
$cas_port = intval($cas_port);
if ($cas_port != '443') {
$cas_url = $cas_url . ':' . $cas_port;
}
$cas_url = $cas_url . $cas_context;
// The "real" hosts that send SAML logout messages
// Assumes the cas server is load balanced across multiple hosts
$cas_real_hosts = array($cas_host);
// Uncomment to enable debugging
// phpCAS::setDebug();
// Initialize phpCAS - keep session in application
$ret['message'] = "{$langConnectWith} {$cas_url}";
phpCAS::client(SAML_VERSION_1_1, $cas_host, $cas_port, $cas_context, FALSE);
// Set the CA certificate that is the issuer of the cert on the CAS server
if (isset($cas_cachain) && !empty($cas_cachain) && is_readable($cas_cachain)) {
phpCAS::setCasServerCACert($cas_cachain);
} else {
phpCAS::setNoCasServerValidation();
$ret['error'] = "{$langNotSSL}";
}
// Single Sign Out
//phpCAS::handleLogoutRequests(true, $cas_real_hosts);
// Force CAS authentication on any page that includes this file
phpCAS::forceAuthentication();
//$ret['attrs'] = get_cas_attrs(phpCAS::getAttributes(), $cas);
if (phpCAS::checkAuthentication()) {
$ret['attrs'] = phpCAS::getAttributes();
}
return $ret;
} else {
return null;
}
}
/**
* forces to authenticate.
*
* @todo force throwing exception by wrong settings for mapping before redirect.
*
* @param string $providerName Provider name to authenticate
* @Flow\Session(autoStart = TRUE)
*
* @throws \RafaelKa\JasigPhpCas\Exception\InvalidArgumentException
* @throws \RafaelKa\JasigPhpCas\Exception\CasAttributesEmptyException
*
* @return array array with CAS attributes.
*/
public function authenticate($providerName)
{
if (!$this->isCasProvider($providerName)) {
throw new \RafaelKa\JasigPhpCas\Exception\InvalidArgumentException(sprintf('%s is not CAS-Provider.' . $providerName), 1371247195);
}
$this->forceThrowingValidationException();
if (!empty($this->casAttributes[$providerName])) {
return $this->casAttributes[$providerName];
}
$this->createPhpCasClient($providerName);
if (\phpCAS::isAuthenticated()) {
$this->casAttributes[$providerName] = \phpCAS::getAttributes();
// @todo handle phpCAS session -> use sessionhanling from php CAS or delete this.
session_unset();
session_destroy();
if (empty($this->casAttributes[$providerName]) || !is_array($this->casAttributes[$providerName])) {
throw new \RafaelKa\JasigPhpCas\Exception\CasAttributesEmptyException('Attributes given by CAS-Server are empty or not an array. Please trace it by your self!', 1371467113);
}
return $this->casAttributes[$providerName];
}
\phpCAS::forceAuthentication();
}
