This method is used to logout from CAS. Halts by redirecting to the CAS
server.
/**
* @param string $user : username
* @param bool $remote : logged out remotely (so do not redirect)
* @param string $redir : url to redirect to. Uses home page according to prefs if empty
* @return void : redirects to suitable homepage or redir param if not remote
*/
function user_logout($user, $remote = false, $redir = '')
{
global $prefs, $logslib, $lslib, $user_cookie_site;
$logslib->add_log('login', 'logged out');
$userInfo = $this->get_user_info($user);
$this->delete_user_cookie($userInfo['userId']);
if ($remote && $prefs['feature_intertiki'] == 'y' and $prefs['feature_intertiki_sharedcookie'] == 'y' and !empty($prefs['feature_intertiki_mymaster'])) {
include_once('XML/RPC.php');
$remote = $prefs['interlist'][$prefs['feature_intertiki_mymaster']];
$remote['path'] = preg_replace('/^\/?/', '/', $remote['path']);
$client = new XML_RPC_Client($remote['path'], $remote['host'], $remote['port']);
$client->setDebug(0);
$msg = new XML_RPC_Message(
'intertiki.logout',
array(
new XML_RPC_Value($prefs['tiki_key'], 'string'),
new XML_RPC_Value($user, 'string')
)
);
$client->send($msg);
return;
}
// more local cleanup originally from tiki-logout.php
// go offline in Live Support
if ($prefs['feature_live_support'] == 'y') {
global $access; include_once ('lib/live_support/lslib.php');
if ($lslib->get_operator_status($user) != 'offline') {
$lslib->set_operator_status($user, 'offline');
}
}
setcookie($user_cookie_site, '', -3600, $prefs['cookie_path'], $prefs['cookie_domain']);
/* change group home page or deactivate if no page is set */
if (!empty($redir)) {
$url = $redir;
} else if (($groupHome = $this->get_group_home('Anonymous')) != '') {
$url = (preg_match('/^(\/|https?:)/', $groupHome)) ? $groupHome : 'tiki-index.php?page=' . $groupHome;
} else {
$url = $prefs['site_tikiIndex'];
}
// RFC 2616 defines that the 'Location' HTTP headerconsists of an absolute URI
if (!preg_match('/^https?\:/i', $url)) {
global $url_scheme, $url_host, $url_port, $base_url;
$url = (preg_match('#^/#', $url) ? $url_scheme . '://' . $url_host . (($url_port != '') ? ":$url_port" : '') : $base_url) . $url;
}
if (SID)
$url .= '?' . SID;
if ( $prefs['auth_method'] === 'cas' && $user !== 'admin' && $user !== '' && $prefs['cas_force_logout'] === 'y' ) {
phpCAS::logoutWithRedirectServiceAndUrl($url, $url);
}
unset($_SESSION['cas_validation_time']);
unset($_SESSION[$user_cookie_site]);
session_unset();
session_destroy();
if ($prefs['auth_method'] === 'ws') {
header('Location: ' . str_replace('//', '//admin:@', $url)); // simulate a fake login to logout the user
} else {
header('Location: ' . $url);
}
return;
}
protected function reset($hard = false)
{
// Log out from the CAS server
if (phpCAS::isAuthenticated()) {
$service = "http" . (IS_SECURE ? 's' : '') . "://" . SERVER_HOST . $_SERVER['REQUEST_URI'];
phpCAS::logoutWithRedirectServiceAndUrl($service, $service);
}
return true;
}
function casLogout()
{
global $CASAuth;
global $casIsSetUp;
global $wgUser, $wgRequest, $wgLanguageCode;
require_once $CASAuth["phpCAS"] . "/CAS.php";
// Logout from MediaWiki
$wgUser->logout();
// Get returnto value
$returnto = $wgRequest->getVal("returnto");
if ($returnto) {
$lg = Language::factory($wgLanguageCode);
$target = Title::newFromText($returnto);
if ($target && $target->getPrefixedDBkey() != $lg->specialPage("Userlogout")) {
$redirecturl = $target->getFullUrl();
}
}
if (!$casIsSetUp) {
return false;
}
// Logout from CAS (will redirect user to CAS server)
if (isset($redirecturl)) {
phpCAS::logoutWithRedirectServiceAndUrl($redirecturl, $redirecturl);
} else {
phpCAS::logout();
}
return true;
// We won't get here
}
phpCAS::setNoCasServerValidation();
//Don't validate with SSL
$url = 'http://128.187.104.23:1337/demeter/CASLogic.php';
//Return url after validation
phpCAS::setFixedServiceURL($url);
//Set the return URL
if (isset($_REQUEST['logout'])) {
//If wanting to log out
echo "Logging Out.";
$_SESSION['AUTH'] = false;
//Make user unable to call backend functions
$_SESSION['AUTH_USER'] = '';
//Removed stored user
$url = "http://128.187.104.23:1337/demeter/index.html";
//url to return to after completion
phpCAS::logoutWithRedirectServiceAndUrl($url, '');
//set return url
} else {
$auth = phpCAS::checkAuthentication();
//Go to CAS and verify
if ($auth == false) {
//CAS failed the authentication
$_SESSION['AUTH'] = false;
//Make user unable to call backend functions
$_SESSION['AUTH_USER'] = '';
//Removed stored user
phpCAS::forceAuthentication();
//Take User to CAS sign in page
} else {
Session::put('AUTH', true);
Session::save();
