function processInput($fieldValues, $expectedValues) { global $eppnRealm; $skv = array(); foreach ($expectedValues as $db => $field) { switch ($db) { case "cn": $hookfile = SimpleSAML_Module::getModuleDir('selfregister') . '/hooks/hook_attributes.php'; include_once $hookfile; $skv[$db] = get_cn_hook($fieldValues); break; case "userPassword": $skv[$db] = sspmod_selfregister_Util::validatePassword($fieldValues); break; // case "eduPersonPrincipalName": // $skv[$db] = $fieldValues['uid'].'@'.$eppnRealm; // break; // case "eduPersonPrincipalName": // $skv[$db] = $fieldValues['uid'].'@'.$eppnRealm; // break; case "mail": if (array_key_exists('token', $_POST)) { global $tokenLifetime; $tg = new SimpleSAML_Auth_TimeLimitedToken($tokenLifetime); $email = $_POST['emailconfirmed']; $tg->addVerificationData($email); $token = $_POST['token']; if (!$tg->validate_token($token)) { throw new sspmod_selfregister_Error_UserException('invalid_token'); } $skv[$db] = $email; } break; default: $skv[$db] = $fieldValues[$field]; } } return $skv; }
// Some user error detected $formGen = new sspmod_selfregister_XHTML_Form($formFields, 'newUser.php'); $showFields = sspmod_selfregister_Util::genFieldView($viewAttr); $formGen->fieldsToShow($showFields); $formGen->setReadOnly('mail'); $values = $validator->getRawInput(); $hidden = array(); $values['mail'] = $hidden['emailconfirmed'] = $_REQUEST['emailconfirmed']; $hidden['token'] = $_REQUEST['token']; $formGen->addHiddenData($hidden); $values['pw1'] = ''; $values['pw2'] = ''; $formGen->setValues($values); $formGen->setSubmitter('submit_change'); $formHtml = $formGen->genFormHtml(); $html = new SimpleSAML_XHTML_Template($config, 'selfregister:step3_register.tpl.php', 'selfregister:selfregister'); $html->data['formHtml'] = $formHtml; $error = $html->t($e->getMesgId(), $e->getTrVars()); $html->data['error'] = htmlspecialchars($error); $html->show(); } } else { // Stage 1: New user clean access $html = new SimpleSAML_XHTML_Template($config, 'selfregister:step1_email.tpl.php', 'selfregister:selfregister'); $html->data['systemName'] = $systemName; $logged_and_same_auth = sspmod_selfregister_Util::checkLoggedAndSameAuth(); if ($logged_and_same_auth) { $html->data['logouturl'] = $logged_and_same_auth->getLogoutURL(); } $html->show(); }
} $readOnlyFields = $showFields; $formGen = new sspmod_selfregister_XHTML_Form($formFields, 'delUser.php'); $formGen->fieldsToShow($showFields); $formGen->setReadOnly($readOnlyFields); $html = new SimpleSAML_XHTML_Template($config, 'selfregister:deluser.tpl.php', 'selfregister:selfregister'); if (array_key_exists('sender', $_POST)) { try { // Delete user object $store->delUser($attributes[$store->userIdAttr][0]); // Now when a User delete himself sucesfully, System log out him. // In the future when admin delete a user a msg will be showed // $html->data['userMessage'] = 'message_userdel'; $as->logout(SimpleSAML_Module::getModuleURL('selfregister/index.php?status=deleted')); } catch (sspmod_selfregister_Error_UserException $e) { // Some user error detected $error = $html->t($e->getMesgId(), $e->getTrVars()); $html->data['error'] = htmlspecialchars($error); } } elseif (array_key_exists('logout', $_GET)) { $as->logout(SimpleSAML_Module::getModuleURL('selfregister/index.php')); } else { // The GET access this endpoint $values = sspmod_selfregister_Util::filterAsAttributes($attributes, $reviewAttr); } $formGen->setValues($values); $formGen->setSubmitter('submit_delete'); $formHtml = $formGen->genFormHtml(); $html->data['formHtml'] = $formHtml; $html->data['uid'] = $attributes[$store->userIdAttr][0]; $html->show();
// Add or update user object $listValidate = array('pw1', 'pw2'); $validator = new sspmod_selfregister_Registration_Validation($formFields, $listValidate); $email = filter_input(INPUT_POST, 'emailconfirmed', FILTER_VALIDATE_EMAIL); if (!$email) { throw new SimpleSAML_Error_Exception('E-mail parameter in request is lost'); } $tg = new SimpleSAML_Auth_TimeLimitedToken($tokenLifetime); $tg->addVerificationData($email); $token = $_REQUEST['token']; if (!$tg->validate_token($token)) { throw new sspmod_selfregister_Error_UserException('invalid_token'); } $userValues = $store->findAndGetUser('mail', $email); $validValues = $validator->validateInput(); $newPw = sspmod_selfregister_Util::validatePassword($validValues); $store->changeUserPassword($userValues[$store->userIdAttr], $newPw); $html = new SimpleSAML_XHTML_Template($config, 'selfregister:lostPassword_complete.tpl.php', 'selfregister:selfregister'); $html->show(); } catch (sspmod_selfregister_Error_UserException $e) { // Some user error detected $formGen = new sspmod_selfregister_XHTML_Form($formFields, 'lostPassword.php'); $showFields = array('pw1', 'pw2'); $formGen->fieldsToShow($showFields); $hidden = array(); $hidden['emailconfirmed'] = $_REQUEST['emailconfirmed']; $hidden['token'] = $_REQUEST['token']; $formGen->addHiddenData($hidden); $formGen->setValues(array($store->userIdAttr => $_REQUEST[$store->userIdAttr])); $formGen->setSubmitter('submit_change'); $formHtml = $formGen->genFormHtml();