public function submitconfirmationcodeAction() { $this->_helper->layout->disableLayout(); if ($this->session->isNewUser !== true && $this->session->userid !== -1) { $this->_helper->viewRenderer->setNoRender(); header("Location: " . "https://" . $_SERVER['HTTP_HOST']); return; } $this->view->error = null; $this->view->session = $this->session; $this->view->expired = false; $code = isset($_POST["confirmationcode"]) === true ? trim($_POST["confirmationcode"]) : null; if ($code === null) { $this->view->error = "No confirmation code given"; return; } //Check if current account is already connected to a profile implicitly or through a different session //In this case the view should inform the user and autorefresh to the portal if (AccountConnect::isConnected($this->session) !== false) { //Update session so user will auto login on page refresh SamlAuth::setupSamlAuth($this->session); $this->view->session = $this->session; return; } //Check if account is not pending, which means the request has timedout. //In this case the view should inform the user and autorefresh to display the confirmation form. if (AccountConnect::isPending($this->session) === false) { $this->view->error = "Your connection request has expired"; $this->view->expired = true; //Update session so user will be redirected to the appropriate form SamlAuth::setupSamlAuth($this->session); return; } $result = AccountConnect::submitPendingConnectionCode($this->session, $code); if ($result !== true) { $this->view->error = "Given code is not correct"; return; } $this->view->session = $this->session; }