function wind_addNewUsers() { require_once "wind_functions.php"; if ($_POST['wind_new_users'] && $_POST['wind_new_role'] && $_POST['wind_new_blog']) { print "<div id='message' class='updated fade'><p>Adding new users...</p>"; $users_to_add = array(); $users_to_add = explode("\n", $_POST['wind_new_users']); $users_to_add = array_filter(array_map('trim', $users_to_add)); $users_to_add = array_map('strtolower', $users_to_add); foreach ($users_to_add as $user) { // does this look like a valid uni? if (preg_match('/^[a-z]{2,}[0-9]+$/', $user)) { // yes, go ahead // Check to see if user already exists; if so, subscribe them if ($existing_user = get_userdatabylogin($user)) { // user already exists; add to blog print "<br>{$user} already exists, adding to blog"; add_user_to_blog($_POST['wind_new_blog'], $existing_user->ID, $_POST['wind_new_role']); } else { // user doesn't exist //look up their ldap info... make warning if user can't be found in ldap print "<br>{$user} does not exist yet... "; $user_ldap_info = get_ldap_information($user); if ($user_ldap_info['first_name']) { print "found {$user_ldap_info['first_name']} {$user_ldap_info['last_name']} in LDAP. Adding..."; } else { print "No match in LDAP. Bad uni or FERPA-protected student? Adding user regardless..."; } // done warning admin about user LDAP status // add user to WP; pass in empty array of wind affiliations $wind_affiliations = array(); wind_create_wp_user($user, $wind_affiliations); // now get their user ID and add them to this blog $existing_user = get_userdatabylogin($user); add_user_to_blog($_POST['wind_new_blog'], $existing_user->ID, $_POST['wind_new_role']); } // done checking whether user exists in WP } else { // no, it does not ... abort print "<br>'{$user}' does not appear to be a valid uni; skipping..."; } // done checking for valid uni } // done iterating through the list of users print "</div>"; } else { // some field was missing print "<div id='message' class='updated fade'><p>A list of unis, the role, and a blog are all required. Please make a selection for each.</p></div>"; } }
function wind_authenticate() { # now all the site options are available as variables extract(wind_getSiteOptions()); global $UNI; $wind_auth_status = 0; $debug = true; if ($debug) { echo "<br> In authenticate function... <br>"; } if ($_GET["ticketid"]) { if ($debug) { echo "<br> got ticket id <br>"; } // If they have a ticket, validate it against the wind server. $validate = "https://{$wind_server}{$wind_validate_uri}?ticketid=" . $_GET["ticketid"]; if ($debug) { echo "Checking your credentials....<br>"; } // let's try wrapping wget! $wget_args = " -q -O - {$validate}"; $wget_output = wrap_wget($wget_args); //list($firstline, $secondline) = wrap_wget($wget_args); $wind_response = $wget_output[0]; $UNI = $wget_output[1]; windlogger("{$UNI} logging in"); if ($wind_response == "yes") { // valid ticket $wind_auth_status = 1; #echo "UNI is $UNI"; if ($debug) { echo "Your password is valid for {$UNI}...<br>"; } } else { // not valid ticket if ($debug) { echo "Need to log in, please wait..."; } $wind_auth_status = 0; } } else { // no ticket if ($debug) { echo "Sending you to Columbia WIND authentication...<br>"; } $wind_auth_status = 0; } // done validating ticket against WIND server if ($wind_auth_status) { $wind_affiliations = array_slice($wget_output, 2, sizeof($wget_output) - 2, false); if ($debug) { foreach ($wind_affiliations as $mrAffil) { windlogger("{$UNI}: Affil is {$mrAffil}"); } } if ($user = get_userdatabylogin($UNI)) { // user already exists if ($debug) { windlogger("user {$UNI} already exists "); } // the CAS user has a WP account if ($debug) { echo "Finding your WordPress account... <br>"; } $result = wp_set_auth_cookie($user->ID); if ($debug && $wind_check_course_affils) { windlogger("{$UNI} yes check course affils"); } if ($wind_check_course_affils) { wind_add_to_blogs($user, $wind_affiliations, $debug); } wp_redirect(site_url('/wp-admin/')); die; } else { // the CAS user does not have a WP account if ($debug) { error_log("user {$UNI} does not exist\n", 3, $wind_log_file); } if ($debug) { echo "Making you a new WordPress account... <br>"; } if (function_exists('wind_create_wp_user')) { if ($debug) { error_log("provisioning account {$UNI}\n", 3, $wind_log_file); } wind_create_wp_user($UNI, $wind_affiliations); wp_redirect(site_url('/wp-admin/')); } else { echo "Sorry, your account isn't provisioned. Please contact <a href='mailto:{$wind_help_email}'>{$wind_help_email}</a>.<br>"; die; } } } else { // better authenticate, then! if ($_SERVER["SERVER_PORT"] == 443) { $server_protocol = "https"; } else { $server_protocol = "http"; } // this causes "too many redirects" problem on some LAMP instances //if ( isset($_GET['redirect_to'])) { // $my_redir_to = "&redirect_to=" . $_GET['redirect_to']; //} else { // $my_redir_to = ""; //} #$destination = $server_protocol . "://" . $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . $_SERVER["PHP_SELF"]; #$destination = $server_protocol . "://" . $_SERVER["SERVER_NAME"] . $_SERVER["PHP_SELF"]; $path = isset($_SERVER['REDIRECT_URL']) ? $_SERVER['REDIRECT_URL'] : $_SERVER["PHP_SELF"]; $destination = $server_protocol . "://" . $_SERVER["SERVER_NAME"] . $path; $login_link = "https://" . $wind_server . $wind_login_uri . "?service=" . $wind_service_name . "&destination=" . urlencode($destination); echo "Login redirect...<br> You should be redirected within 5 seconds. Otherwise, <A href='{$login_link}'>click here</a>."; echo "<meta http-equiv='refresh' content='0;url={$login_link}'>"; die; } }