// Store the header and footer into variables.
ob_start();
if (file_exists(SSO_ROOT_PATH . "/header.php")) {
require_once SSO_ROOT_PATH . "/header.php";
}
$sso_header = ob_get_contents();
ob_end_clean();
ob_start();
if (file_exists(SSO_ROOT_PATH . "/footer.php")) {
require_once SSO_ROOT_PATH . "/footer.php";
}
$sso_footer = ob_get_contents();
ob_end_clean();
// Connect to the database and generate database globals.
try {
SSO_DBConnect(false);
} catch (Exception $e) {
SSO_DisplayError("Unable to connect to the database.");
}
// Load in fields without admin select.
SSO_LoadFields(false);
// Load in $sso_settings and initialize it.
SSO_LoadSettings();
if (SSO_USE_HTTPS && !BB_IsSSLRequest()) {
SSO_DisplayError("SSL expected. Most likely cause: Bad server configuration.");
}
if (!isset($_REQUEST["sso_id"]) && isset($_COOKIE["sso_server_id"])) {
$_REQUEST["sso_id"] = $_COOKIE["sso_server_id"];
}
if (!isset($_REQUEST["sso_id"])) {
SSO_DisplayError("Session ID expected. Most likely causes: Pressing the back button, clicking a URL that launched a new web browser, using a non-offical client, or a bad or incorrectly configured web proxy. If you clicked a URL in an e-mail, it opened a new web browser, and you got this error, then try this solution: Copy the URL and paste it into the address bar of the other web browser. Sorry for the inconvenience, but this behavior helps keep your account secure from hackers.");
$bb_randpage = SSO_BASE_RAND_SEED;
$bb_rootname = "SSO Server Admin";
$bb_usertoken = "";
$sso_site_admin = false;
$sso_user_id = "0";
// Require developers to inject code here. For example, integration with a specific login system or IP address restrictions.
if (file_exists("admin_hook.php")) {
require_once "admin_hook.php";
}
if (!is_string($bb_usertoken) || $bb_usertoken === "") {
echo "Invalid user token.\n";
exit;
}
BB_ProcessPageToken("action");
// Connect to the database and generate database globals.
SSO_DBConnect(true);
// Load in fields with admin select.
SSO_LoadFields(true);
// Load in $sso_settings and initialize it.
SSO_LoadSettings();
// Menu/Navigation options.
if ($sso_site_admin) {
$sso_menuopts = array("SSO Server Options" => array("Find User" => BB_GetRequestURLBase() . "?action=finduser&sec_t=" . BB_CreateSecurityToken("finduser"), "Manage Fields" => BB_GetRequestURLBase() . "?action=managefields&sec_t=" . BB_CreateSecurityToken("managefields"), "Manage Tags" => BB_GetRequestURLBase() . "?action=managetags&sec_t=" . BB_CreateSecurityToken("managetags"), "Manage API Keys" => BB_GetRequestURLBase() . "?action=manageapikeys&sec_t=" . BB_CreateSecurityToken("manageapikeys"), "Manage IP Cache" => BB_GetRequestURLBase() . "?action=manageipcache&sec_t=" . BB_CreateSecurityToken("manageipcache"), "Configure" => BB_GetRequestURLBase() . "?action=configure&sec_t=" . BB_CreateSecurityToken("configure"), "Reset All Sessions" => array("href" => BB_GetRequestURLBase() . "?action=resetsessions&sec_t=" . BB_CreateSecurityToken("resetsessions"), "onclick" => "return confirm('" . htmlspecialchars(BB_JSSafe(BB_Translate("Are you sure you want to reset all sessions?"))) . "');")));
} else {
$sso_menuopts = array("SSO Server Options" => array("Find User" => BB_GetRequestURLBase() . "?action=finduser&sec_t=" . BB_CreateSecurityToken("finduser")));
}
// Load providers.
$providers = SSO_GetProviderList();
$sso_providers = array();
$menuopts = array();
$newprovider = false;
