function verifyAuthentication($username, $pass, $server) { $xnatview = getXnatViewOptions(); $auth_url = $xnatview['config']['authUrl'] . '?' . http_build_query(array('username' => $username, 'password' => $pass, 'instance' => $server)); $cookie = session_name() . '=' . session_id(); $ch = curl_init($auth_url); curl_setopt_array($ch, array(CURLOPT_RETURNTRANSFER => true, CURLOPT_FOLLOWLOCATION => true, CURLOPT_MAXREDIRS => 3, CURLOPT_FAILONERROR => true, CURLOPT_CONNECTTIMEOUT => 30, CURLOPT_COOKIE => $cookie)); $result = curl_exec($ch); if ($result === false) { return false; } $auth = json_decode($result, true); if ($auth === null) { error_log('Unexpected authentication result: ' . $result); return false; } # pass on the cookie and remember it list($pysessname, $pysessid) = $auth['session']; setcookie($pysessname, $pysessid, 0, '/'); $_SESSION['xnatview.authinfo'] = array('pysessname' => $pysessname, 'pysessid' => $pysessid); return $auth['authenticated']; }
<?php require_once 'includes/common.php'; function _fatal_error($error_msg) { die("<html><body><span style='font-weight: bold; color: red;'>{$error_msg}</span></body></html>"); } session_start(); $base_url = getBaseUrl(); $xnatview = getXnatViewOptions(); $in_frame = isset($_REQUEST['in_frame']) && (bool) $_REQUEST['in_frame']; $deeplink_url = $_SERVER['PHP_SELF']; // strip '/' (plus the default whitespace characters) $path_info = trim($_SERVER['PATH_INFO'], "/ \t\n\r\v"); $path_info = array_filter(explode('/', $path_info)); if (count($path_info) < 4) { _fatal_error("Invalid scan URL."); } else { list($project, $subject, $experiment, $scan) = $path_info; } // construct the deeplink url $deeplink_url = getHostUrl() . $_SERVER['REQUEST_URI']; $qpos = strpos($deeplink_url, "?"); if ($qpos !== false) { $deeplink_url = substr($deeplink_url, 0, $qpos); } $qpos = strpos($deeplink_url, "#"); if ($qpos !== false) { $deeplink_url = substr($deeplink_url, 0, $qpos); } $xnatview['config']['galleryScanLink'] = $deeplink_url;