// Store the header and footer into variables. ob_start(); if (file_exists(SSO_ROOT_PATH . "/header.php")) { require_once SSO_ROOT_PATH . "/header.php"; } $sso_header = ob_get_contents(); ob_end_clean(); ob_start(); if (file_exists(SSO_ROOT_PATH . "/footer.php")) { require_once SSO_ROOT_PATH . "/footer.php"; } $sso_footer = ob_get_contents(); ob_end_clean(); // Connect to the database and generate database globals. try { SSO_DBConnect(false); } catch (Exception $e) { SSO_DisplayError("Unable to connect to the database."); } // Load in fields without admin select. SSO_LoadFields(false); // Load in $sso_settings and initialize it. SSO_LoadSettings(); if (SSO_USE_HTTPS && !BB_IsSSLRequest()) { SSO_DisplayError("SSL expected. Most likely cause: Bad server configuration."); } if (!isset($_REQUEST["sso_id"]) && isset($_COOKIE["sso_server_id"])) { $_REQUEST["sso_id"] = $_COOKIE["sso_server_id"]; } if (!isset($_REQUEST["sso_id"])) { SSO_DisplayError("Session ID expected. Most likely causes: Pressing the back button, clicking a URL that launched a new web browser, using a non-offical client, or a bad or incorrectly configured web proxy. If you clicked a URL in an e-mail, it opened a new web browser, and you got this error, then try this solution: Copy the URL and paste it into the address bar of the other web browser. Sorry for the inconvenience, but this behavior helps keep your account secure from hackers.");
$bb_randpage = SSO_BASE_RAND_SEED; $bb_rootname = "SSO Server Admin"; $bb_usertoken = ""; $sso_site_admin = false; $sso_user_id = "0"; // Require developers to inject code here. For example, integration with a specific login system or IP address restrictions. if (file_exists("admin_hook.php")) { require_once "admin_hook.php"; } if (!is_string($bb_usertoken) || $bb_usertoken === "") { echo "Invalid user token.\n"; exit; } BB_ProcessPageToken("action"); // Connect to the database and generate database globals. SSO_DBConnect(true); // Load in fields with admin select. SSO_LoadFields(true); // Load in $sso_settings and initialize it. SSO_LoadSettings(); // Menu/Navigation options. if ($sso_site_admin) { $sso_menuopts = array("SSO Server Options" => array("Find User" => BB_GetRequestURLBase() . "?action=finduser&sec_t=" . BB_CreateSecurityToken("finduser"), "Manage Fields" => BB_GetRequestURLBase() . "?action=managefields&sec_t=" . BB_CreateSecurityToken("managefields"), "Manage Tags" => BB_GetRequestURLBase() . "?action=managetags&sec_t=" . BB_CreateSecurityToken("managetags"), "Manage API Keys" => BB_GetRequestURLBase() . "?action=manageapikeys&sec_t=" . BB_CreateSecurityToken("manageapikeys"), "Manage IP Cache" => BB_GetRequestURLBase() . "?action=manageipcache&sec_t=" . BB_CreateSecurityToken("manageipcache"), "Configure" => BB_GetRequestURLBase() . "?action=configure&sec_t=" . BB_CreateSecurityToken("configure"), "Reset All Sessions" => array("href" => BB_GetRequestURLBase() . "?action=resetsessions&sec_t=" . BB_CreateSecurityToken("resetsessions"), "onclick" => "return confirm('" . htmlspecialchars(BB_JSSafe(BB_Translate("Are you sure you want to reset all sessions?"))) . "');"))); } else { $sso_menuopts = array("SSO Server Options" => array("Find User" => BB_GetRequestURLBase() . "?action=finduser&sec_t=" . BB_CreateSecurityToken("finduser"))); } // Load providers. $providers = SSO_GetProviderList(); $sso_providers = array(); $menuopts = array(); $newprovider = false;