Example #1
0
/**
 * get user parameter on the base of a cookie value
 *
 * @author Hugues Peeters <*****@*****.**>
 * @param string $auth
 * @param string $cookie
 * @param string $cid
 * @param int    $gid
 * @return array   user parameters if it suceeds
 *         boolean false otherwise
 */
function get_user_info_from_cookie($auth, $cookie, $cid, $gid)
{
    if (!is_allowed_to_receive_user_info($auth)) {
        return null;
    }
    $res = array('userLastname' => null, 'userFirstname' => null, 'userLoginName' => null, 'userEmail' => null, 'userOfficialCode' => null, 'ssoCookieName' => null, 'ssoCookieValue' => null, 'ssoCookieExpireTime' => null, 'ssoCookieDomain' => null, 'ssoCookiePath' => null, 'courseTitle' => null, 'courseTitular' => null, 'courseCode' => null, 'courseDbName' => null, 'courseRegistrationAllowed' => null, 'courseVisibility' => null, 'courseAccess' => null, 'is_courseMember' => null, 'is_courseTutor' => null, 'is_courseAdmin' => null, 'is_courseAllowed' => null, 'groupName' => null, 'groupDescription' => null, 'groupPrivate' => null, 'is_groupMember' => null, 'is_groupTutor' => null, 'is_groupAllowed' => null);
    $ssoCookieName = get_conf('ssoCookieName');
    $ssoCookieDomain = get_conf('ssoCookieDomain');
    $ssoCookiePath = get_conf('ssoCookiePath');
    $ssoCookieExpireTime = time() + get_conf('ssoCookiePeriodValidity', 3600);
    $mainTblList = claro_sql_get_main_tbl();
    $tbl_user = $mainTblList['user'];
    $tbl_sso = $mainTblList['sso'];
    $sql = "SELECT user.nom          lastname,\n                   user.prenom       firstname,\n                   user.username     loginName,\n                   user.email        email,\n                   user.officialCode officialCode,\n                   user.user_id      userId\n\n            FROM `" . $tbl_sso . "`  AS sso,\n                 `" . $tbl_user . "` AS user\n            WHERE cookie = '" . $cookie . "'\n              AND user.user_id = sso.user_id";
    $userResult = claro_sql_query_fetch_all($sql);
    if (count($userResult) > 0) {
        $user = $userResult[0];
        $uid = $user['userId'];
        $res['userLastname'] = $user['lastname'];
        $res['userFirstname'] = $user['firstname'];
        $res['userLoginName'] = $user['loginName'];
        $res['userEmail'] = $user['email'];
        $res['userOfficialCode'] = $user['officialCode'];
        $newSsoCookieValue = generate_cookie();
        record_sso_cookie($uid, $newSsoCookieValue);
        $res['ssoCookieName'] = $ssoCookieName;
        $res['ssoCookieValue'] = $newSsoCookieValue;
        $res['ssoCookieExpireTime'] = $ssoCookieExpireTime;
        $res['ssoCookieDomain'] = $ssoCookieDomain;
        $res['ssoCookiePath'] = $ssoCookiePath;
    } else {
        return null;
    }
    if ($uid && $cid) {
        $tbl_course = $mainTblList['course'];
        // for claroline 1.6
        // $tbl_course          = $mainTblList['cours'       ]; // for claroline 1.5
        $tbl_rel_course_user = $mainTblList['rel_course_user'];
        $sql = "SELECT `c`.`intitule`              AS title,\n                       `c`.`administrativeNumber`  AS officialCode,\n                       `c`.`titulaires`            AS titular,\n                       `c`.`dbName`                AS dbName,\n                       `c`.`visibility`            AS visibility,\n                       `c`.`access`                AS access,\n                       `c`.`registration`          AS registration,\n                       `cu`.`isCourseManager`      AS isCourseManager,\n                       `cu`.`role`                 AS userRole,\n                       `cu`.`tutor`                AS tutor\n                FROM      `" . $tbl_course . "`          AS c\n                LEFT JOIN `" . $tbl_rel_course_user . "` AS cu\n                ON    `c`.`code`     = `cu`.`code_cours`\n                AND   `cu`.`user_id` = " . (int) $uid . "\n                WHERE `c`.`code`     = '" . $cid . "'";
        $courseResult = claro_sql_query_fetch_all($sql);
        if (count($courseResult > 0)) {
            $course = $courseResult[0];
            $res['courseTitle'] = $course['title'];
            $res['courseTitular'] = $course['titular'];
            $res['courseCode'] = $course['officialCode'];
            $res['courseDbName'] = $course['dbName'];
            $res['courseRegistrationAllowed'] = (bool) ($course['registration'] == 'OPEN');
            $res['courseVisibility'] = (bool) ($course['visibility'] == 'VISIBLE');
            $res['courseAccess'] = (bool) ($course['access'] == 'PUBLIC');
            $res['is_courseMember'] = (bool) (!is_null($course['userStatus']));
            $res['is_courseTutor'] = (bool) ($course['tutor'] == 1);
            $res['is_courseAdmin'] = (bool) ($course['isCourseManager'] == 1);
            $res['is_courseAllowed'] = (bool) ($course['visibility'] || $course['is_courseMember']);
        }
    }
    if ($uid && $cid && $gid) {
        $courseTblList = claro_sql_get_course_tbl(claro_get_course_db_name_glued($cid));
        $tbl_group_team = $courseTblList['group_team'];
        $tbl_group_property = $courseTblList['group_property'];
        $tbl_group_rel_team_user = $courseTblList['group_rel_team_user'];
        $sql = "SELECT g.`name`,\n                       g.`description`,\n                       g.`tutor` tutorId,\n                       gp.`private`,\n                       gp.`self_registration`,\n                       gtu.`user`,\n                       gtu.`team`,\n                       gtu.`status`,\n                       gtu.`role`\n                FROM `" . $tbl_group_team . "`          AS g,\n                     `" . $tbl_group_property . "`      AS gp,\n                     `" . $tbl_group_rel_team_user . "` AS gtu\n                WHERE gtu.`user` = '" . $uid . "'\n                  AND gtu.`team` = '" . $gid . "'\n                  AND gtu.`team` = g.`id`";
        $groupResult = claro_sql_query_fetch_all($sql);
        if (count($groupResult) > 0) {
            $group = $groupResult[0];
            $res['groupName'] = $group['name'];
            $res['groupDescription'] = $group['description'];
            $res['groupPrivate'] = (bool) ($group['private'] == 1);
            $res['is_groupMember'] = (bool) ($group['user'] == $uid);
            $res['is_groupTutor'] = (bool) ($group['tutorId'] == $uid);
            $res['is_groupAllowed'] = (bool) ($group['is_groupMember'] || $group['is_groupTutor'] || !$group['private']);
        }
    }
    return $res;
}
Example #2
0
function generate_unique_cookie()
{
    global $dict_db;
    do {
        $cookie = generate_cookie();
        $found_cookie = $dict_db->get_var("SELECT cookie FROM cookies WHERE cookie='{$cookie}';");
    } while ($found_cookie);
    return $cookie;
}