/**
* @param int $applicationId
* @return bool
*/
public static function hasCurrentUserAccessToApp($applicationId)
{
$userId = MMUsers::getCurrentUserId();
$authorizedUsers = self::fetchAllowedUsersByApplication($applicationId);
return in_array($userId, $authorizedUsers);
}
/**
* @param $token
* @return bool
*/
public static function isUserTokenValid($token)
{
//get secret seed and add date (20140703)
$secretSeed = self::getFormSecretSeed();
//get user id (anonymous or current logged user)
$userId = MMUsers::getCurrentUserId() != -1 ? MMUsers::getCurrentUserId() : MMUsers::getAnonymousUserId();
//cluster identifier
$clusterIdentifier = ClusterTool::clusterIdentifier();
if(sha1($secretSeed . date('Ymd') . $userId . $clusterIdentifier) == $token)
{
return true;
}
//yesterday date
else if(sha1($secretSeed . date('Ymd', time() - 60 * 60 * 24) . $userId . $clusterIdentifier) == $token)
{
return true;
}
else
{
return false;
}
}
/**
* @return bool
*/
public function canRead(array $params)
{
$isPublic = $params['isPublic'];
$isFull = $params['isFull'];
$restrictionLevel = $this->applicationLocalized->restrictionLevel();
if( $restrictionLevel == ApplicationObject::RESTRICTION_LEVEL_LIMITED)
{
$id = MMUsers::getCurrentUserId();
$authorizedUsers = MMLimitedApplicationsAllowedUsers::fetchAllowedUsersByApplication($this->applicationLocalized->application_id);
if(empty($authorizedUsers) || !in_array($id, $authorizedUsers)){
return false;
}
else
{
return true;
}
}
$allowsPublicView = $this->getApplicationCustomParamater('allowsPublicView');
if( $isPublic && $allowsPublicView && MMUserHeader::tokenExists( isset( $_GET['t'] ) ? $_GET['t'] : false ) != null)
{
return true;
}
elseif( $isPublic )
{
return false;
}
if( !BlockDefault::user()
|| // or if ToU not validated
( (bool)BlockDefault::user()
&& !BlockDefault::user()->toUValidated()
&& BlockDefault::iniMerck()->hasVariable( 'LoginSettings', 'ToUCheck' )
&& BlockDefault::iniMerck()->variable( 'LoginSettings', 'ToUCheck') != 'disabled'
) )
{
return !$isFull;
}
return null;
}
/**
* @return String
*/
public function calculate()
{
//check if canRead
if($this->canRead())
{
//get current user id
$userId = MMUsers::getCurrentUserId();
//check if current user is logged
if(!MMUsers::isAnonymous($userId))
{
//not json encode return
$this->outputAsJson = false;
//set XML header
header('Content-Type: text/xml; charset=utf-8');
//construct request
$request = 'http://www.shef.ac.uk/FRAX/result.aspx?';
foreach ($_REQUEST as $key => $value)
{
if( in_array($key, self::$whiteList))
$request .= $key . '=' . $value . '&';
}
//add ID value
$request .= 'ID=8376972874';
$curl = curl_init();
//set URL
curl_setopt($curl, CURLOPT_URL, $request);
//not display page content
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
//allow cookie session
curl_setopt($curl, CURLOPT_COOKIESESSION, true);
//exec and return curl request
return curl_exec($curl);
}
}
}
/**
* @return string
*/
protected function startCourseOverWsdl()
{
$courseId = ( isset( $_POST['courseid'] ) && filter_var($_POST['courseid'], FILTER_VALIDATE_REGEXP, SecurityTool::$ELEARNING_COURSEID_REGEXP) ) ? $_POST['courseid'] : null;
$soapUrl = SolrSafeOperatorHelper::feature('OnlineVortrageSettings', 'WsdlUrl');
$credentialLogin = SolrSafeOperatorHelper::feature('OnlineVortrageSettings', 'WsdlLogin');
$credentialPassword = SolrSafeOperatorHelper::feature('OnlineVortrageSettings', 'WsdlPassword');
$useLocale = SolrSafeOperatorHelper::feature('OnlineVortrageSettings', 'UseLocale');
$locale = SolrSafeOperatorHelper::feature('OnlineVortrageSettings', 'Locale');
$credentials = array(
'login' => $credentialLogin,
'password' => $credentialPassword,
);
$params = array(
array(
'username' => MMUsers::getCurrentUserId(),
'courseID' => $courseId,
)
);
if ( $useLocale )
{
$params[0]['locale'] = $locale;
}
try
{
$soap = new SoapClientAuth( $soapUrl, $credentials );
$result = $soap->__soapCall( 'UnivadisEncrypt', $params );
if ( isset($result) && isset($result->return) )
{
$url = $result->return;
if ( strpos($url, 'http') !== 0 || strpos($url, 'https') !== 0)
{
$url = 'http://' . $url;
}
if ( !ContextTool::instance()->isMobile() )
{
$url = urlencode( urlencode( $url ) );
$url = '/external/deeplink?deeplink=' . $url . '&exit_strategy=0';
}
return $url;
}
}
catch ( SoapFault $f )
{
}
return false;
}
<?php
/* @type $Params string[] */
$nodeID = $Params['nodeID'];
$node = eZContentObjectTreeNode::fetch($nodeID);
header('Pragma: no-cache');
header('cache-Control: no-cache, must-revalidate');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
//TODO add context to login
if(MMUsers::isAnonymous(MMUsers::getCurrentUserId()))
{
$host = eZSys::serverURL();
$siteIni = eZINI::instance( 'site.ini' );
$loginUrl = preg_replace('#^https?//[^/]+#', '', $siteIni->variable('SiteSettings', 'LoginPage'));
$context = $host . '/esibuild/download/' . $nodeID;
header( 'Location: ' . $loginUrl . '?context='.urlencode($context) );
eZExecution::cleanExit();
}
//test if application allow download
if(!SecurityTool::getFileApplicationCanRead($node))
{
header('HTTP/1.1 403 Forbidden');
echo "<h1>Forbidden access</h1>\n";
eZExecution::cleanExit();
}
if($node)
{
$value = 'de_CH';
break;
case 'fre-CA':
$value = 'fr_CA';
break;
case 'eng-CA':
$value = 'en_CA';
break;
}
if( $value )
setcookie( substr($value, -2) . '_Login', $value, 0, '/', CookieTool::getCookieDomain() );
}
$userId = MMUsers::getCurrentUserId();
if ( !MMUsers::isAnonymous($userId) )
{
if ( SolrSafeOperatorHelper::featureIsActive( 'ToUPPPopin' ) )
{
if (
( !ContextTool::instance()->isMobile() && SolrSafeOperatorHelper::feature( 'ToUPPPopin', 'useDedicatedPage' ) )
||
( ContextTool::instance()->isMobile() && SolrSafeOperatorHelper::feature('ToUPPPopin','showOnMobile') && SolrSafeOperatorHelper::feature('ToUPPPopin','useDedicatedPageMobile') )
)
{
$serviceLogin = ESBFactory::getLoginService( ServiceLoginBase::ESB_METHOD_AUTOLOGIN, $_REQUEST );
if ( $serviceLogin->checkTouPPPopin( ESBFactory::getUserService()->form() ) )
{
CookieTool::destroyCookie( 'displayToUPPPopin' );
CookieTool::destroyCookie( 'displayToUPPPopin', '/', null );
public static function setCookie()
{
$country = self::country();
CookieTool::setCookie( self::COOKIE_KEY, self::countTotalFromUserSelection( MMUsers::getCurrentUserId(), $country ) );
}
/**
* @return array
*/
public static function applicationList()
{
# Hotfix #23450 note-8
if ( !isset($_COOKIE['remember_me']) )
{
$cookieExpiration = time() + eZINI::instance('merck.ini')->variable('TIBCOCookieSettings', 'TIBCOCookieExpiration');
$uuid = MMUsers::getCurrentUserId();
setcookie('remember_me', MMUserLogin::encryptText(json_encode($uuid)), $cookieExpiration, '/', CookieTool::getCookieDomain());
}
$out = array('applicationList' => array());
$host = 'http://' . self::host();
if ( isset($_POST['application']) )
{
$applicationIdList = array((int) $_POST['application']);
}
else
{
$applicationIdList = AppBarControl::instance()->applicationIds();
}
foreach ( $applicationIdList as $applicationId )
{
if ( !is_numeric($applicationId) )
{
continue;
}
$applicationLocalized = CacheApplicationTool::buildLocalizedApplicationByApplication($applicationId);
$application = ($applicationLocalized) ? $applicationLocalized->applicationObject() : null;
if ( $applicationLocalized )
{
$application = $applicationLocalized->applicationObject();
}
if ( isset($application) )
{
$applicationType = $application->applicationType();
$icons = array(
'icon' => array(
'path' => '',
'md5' => '',
'file' => 'ico.png',
),
'icon_hd' => array(
'path' => '',
'md5' => '',
'file' => 'ico_notext_hd.png',
),
'icon_active' => array(
'path' => '',
'md5' => '',
'file' => 'ico_notext_active.png',
),
'icon_active_hd' => array(
'path' => '',
'md5' => '',
'file' => 'ico_notext_active_hd.png'
),
);
foreach($icons as $key => $iconData)
{
$path = sprintf('apps/%s/%s', $application->attribute('identifier'), $iconData['file']);
$fullPath = StaticData::clusterFilePath(ClusterTool::clusterIdentifier(), $path);
if ($fullPath)
{
$icons[$key]['path'] = StaticData::externalUrl(ClusterTool::clusterIdentifier(), $path);
$icons[$key]['md5'] = md5_file($fullPath);
}
}
$path = '/' . $applicationLocalized->attribute('url');
$url = $host . $path;
if ( $application->isPureExternal() )
{
$url = $applicationLocalized->attribute("external_url");
}
$outApplicationListArray = array(
'id' => $applicationId,
'identifier' => $application->attribute('identifier'),
'name' => $applicationLocalized->attribute('name'),
'headline' => $applicationLocalized->attribute('headline'),
'type' => $applicationType->attribute('internal_type'),
'url' => $url,
'path' => $path,
'javascript' => self::getJavascript($application->attribute('identifier'), 'application'));
foreach($icons as $key => $icon)
{
$outApplicationListArray[$key] = array(
'100' => array('path' => $icon['path'], $icon['md5']),
);
}
$out['applicationList'][] = $outApplicationListArray;
}
}
return $out;
}
public function addInfo($campaignCode, $data)
{
if (MMUsers::getCurrentUserObject() instanceof MMUsers == false)
{
return null;
}
$userId = MMUsers::getCurrentUserId();
$data = array(
'data' => array(
'additionalInfo' => array(
'userId' => $userId,
'campaignCode' => $campaignCode,
'headers' => $data,
)
)
);
// $data = json_encode($data);
return $this->callWSHandler($this->getEsbInterface('addinfo'), $data);
}
/**
*
* @return eZTemplate
*/
public function tpl()
{
$tpl = parent::tpl();
// test if user is logged
$userId = MMUsers::getCurrentUserId();
$currentUser = MMUsers::fetchById( $userId );
$isLogged = !empty($currentUser);
$salt = eZINI::instance( 'merck.ini' )->variable( 'TicketLogin', 'DESKey' );
$hash = sha1($this->getApplicationId() . $salt);
$tpl->setVariable('application_id', $this->getApplicationId());
$tpl->setVariable('is_logged' , $isLogged);
$tpl->setVariable('hash' , $hash);
// applications for anonymous users
$applications_anonymous = array();
if( !$isLogged )
{
$ids = CountryAppsBar::fetchAppsBarApplicationIds();
// convert ids in string
$applications_anonymous = explode(',', implode(',', $ids));
}
$tpl->setVariable('applications_anonymous', $applications_anonymous);
if( $isLogged && SolrSafeOperatorHelper::featureIsActive( 'GoogleAnalytics' ) )
{
$gtmVariables = array(
'visitorSpecialtyLabel' => SolrSafeOperatorHelper::getTaxoTranslation( 'user_specialty', $this->user()->userSpecialityId() ),
'visitorTypeLabel' => SolrSafeOperatorHelper::getTaxoTranslation( 'customer_type', $this->user()->customerTypeId() )
);
$gtmToPush = isset( $this->_result['gtm_variables'] ) ? array_merge( $this->_result['gtm_variables'], $gtmVariables ) : $gtmVariables;
$tpl->setVariable( 'gtm_visitorvariables', $gtmToPush );
}
return $tpl;
}
public function r()
{
$userId = MMUsers::getCurrentUserId();
if (!empty($userId)) {
$params = array(
'uuid' => $userId,
'h' => sha1( eZINI::instance( 'merck.ini' )->variable( 'TicketLogin', 'DESKey' ) . $userId ),
'context' => '/',
);
$url = '/service/relog?' . http_build_query($params);
return array(
'errorCode' => 0,
'redirectUrl' => $url,
);
} else {
return array(
'errorCode' => 0,
'redirectUrl' => '/',
);
}
}
/**
* @param int $courseId
*/
public static function redirectCertificateGeneratedUrl( $courseId )
{
if( is_null($courseId) || !($user = MMUsers::getCurrentUserObject()) )
{
return false;
}
$userData = self::readUserData();
$countryId = self::getProperCountryId( $user );
$parameters = array(
'UserID' => $user->attribute('uuid'),
'CourseID' => $courseId,
'CountryID' => $countryId,
'FirstName' => $userData['FirstName'],
'LastName' => $userData['LastName'],
'UserAddress' => $userData['UserAddress'],
);
eZLog::write('userId: ' . $user->attribute('uuid'), 'mycertificates.log');
eZLog::write('currentUserId: ' . MMUsers::getCurrentUserId(), 'mycertificates.log');
eZLog::write('courseId: ' . $courseId, 'mycertificates.log');
eZLog::write('readUsersData: ' . var_export($userData,true), 'mycertificates.log');
eZLog::write('countryId: ' . $countryId);
eZLog::write('sentParams: ' . var_export($parameters,true), 'mycertificates.log');
try
{
$command = self::getWebserviceClient()->getCommand('GenerateCertificateURL', $parameters);
$command->prepare();
$redirectUrl = self::extractDataGeneratedUrl($command->getResponse()->xml());
eZLog::write('redirectUrl: ' . $redirectUrl, 'mycertificates.log');
header( "Location: $redirectUrl" );
}
catch (Exception $e)
{
echo $e->getMessage();
}
eZExecution::cleanExit();
}
