function process_registration()
{
$dir = new directory_service();
$dir->search_by_attribute('ds_username', $this->event->get_value('contact_username'), array('ds_email'));
$to = $dir->get_first_value('ds_email');
$dates = explode(',', $this->event->get_value('dates'));
$date_strings = array();
foreach ($dates as $date) {
$date_strings[] = prettify_mysql_datetime(trim($date), 'l, d F Y');
}
$subject = 'Event Registration: ' . $_POST["name"] . ' for ' . $this->event->get_value('name');
$body = 'Name: ' . $_POST["name"] . "\n";
/*$body.="Department: ".$_POST["department"]."\n";
$body.="Campus Address: ".$_POST["address"]."\n";
$body.="Campus Postal Address: ".$_POST["postal_address"]."\n";
$body.="Work Phone: ".$_POST["phone"]."\n";*/
$body .= "E-mail Address: " . $_POST["email"] . "\n\n";
$body .= 'Class: ' . $this->event->get_value('name') . "\n\n";
$body .= 'Dates:' . "\n" . implode("\n", $date_strings) . "\n\n";
$body .= 'Time: ' . prettify_mysql_datetime($this->event->get_value('datetime'), 'g:i a') . "\n\n";
$body .= 'Location: ' . $this->event->get_value('location') . "\n\n";
// separated out so we don't repeat the content twice when we write back into the DB
$other_info = 'Other Information: ' . "\n" . strip_tags($this->event->get_value('content')) . "\n\n";
// to person who should get registration
mail($to, $subject, $body . $other_info, "From: " . strip_tags($_POST["email"]));
// to person who filled out email
mail(strip_tags($_POST["email"]), $subject, $body . $other_info, "From: " . strip_tags($to));
$values = array('registration' => 'full', 'show_hide' => 'hide', 'content' => $this->event->get_value('content') . '<h3>Registration Information</h3>' . nl2br(htmlspecialchars($body, ENT_QUOTES)));
reason_update_entity($this->event->id(), $this->event->get_value('last_edited_by'), $values, true);
$this->show_registration_thanks();
}
function run_error_checks()
{
$name = trim($this->display_name);
if (empty($name)) {
$name = $this->name;
}
$name = prettify_string($name);
$username = reason_require_authentication();
$password = $this->grab_value();
$dir = new directory_service();
if (!$dir->authenticate($username, $password)) {
$this->set_error($name . ': Please check your password.');
}
}
function process_registration()
{
$dir = new directory_service();
$dir->search_by_attribute('ds_username', $this->event->get_value('contact_username'), array('ds_email'));
$to = $dir->get_first_value('ds_email');
$subject = 'Event Registration: ' . $_POST["name"] . ' for ' . $this->event->get_value('name');
$body = 'Name: ' . $_POST["name"] . "\n";
$body .= "E-mail Address: " . $_POST["email"] . "\n\n";
$body .= 'Class: ' . $this->event->get_value('name') . "\n\n";
$body .= 'Date & Time: ' . prettify_mysql_datetime($this->event->get_value('datetime'), 'm/d/Y \\a\\t g:i a') . "\n\n";
$body .= 'Location: ' . $this->event->get_value('location') . "\n\n";
// to person who should get registration
mail($to, $subject, $body, "From: " . strip_tags($_POST["email"]));
// to person who filled out email
mail(strip_tags($_POST["email"]), $subject, $body, "From: " . strip_tags($to));
$this->show_registration_thanks();
}
/**
* Returns directory service records ONLY for the authorized usernames field of a group.
*
* @param array optional array specifying which attributes are desired for the directory service records
* @author Nathan White
* @return array directory service records
* @access public
*/
function get_records_for_authorized_usernames_field($return_attr = array())
{
$authorized_usernames_block = $this->get_block_authorized_usernames();
if (!empty($authorized_usernames_block)) {
$filter = '(|' . $authorized_usernames_block . ')';
$dir = new directory_service();
$dir->search_by_filter($filter, $return_attr);
$result = $dir->get_records();
if (!empty($result)) {
return $result;
}
}
return false;
}
<pre>
<?php
/**
* A little tester for trying out directory service functionality
*
* @todo build a more complete unit tester for directory services so that
* people developing them can make sure thay got it right
*
* @package carl_util
* @subpackage dir_service
*/
/**
* include the directory service
*/
include_once 'directory.php';
/**
* Test things out
*/
$dir = new directory_service(array('mysql'));
$dir->search_by_filter('(|(&(a=b)(c=*d)(!(j~=k)))(ds_email=*g*)(h>=i))');
//$dir->search_by_attribute('ds_email', array('*****@*****.**','*****@*****.**'), array('ds_fullname'));
//echo $dir->get_first_value('ds_fullname');
//print_r($dir->get_records());
?>
</pre>
protected function do_login()
{
$auth = new directory_service($this->params['auth_service']);
// succesful login
if ($auth->authenticate($this->request['username'], $this->request['password'])) {
$this->sess->start();
$this->logged_in = true;
$this->sess->set('username', strtolower(trim($this->request['username'])));
$this->log_authentication_event('login succeeded', $this->request['username']);
$this->clear_test_cookie();
// pop user back to the top of the page. this makes sure that the session
// info is available to all modules
if (!empty($this->dest_page)) {
header('Location: ' . $this->get_dest_page_link(true));
exit;
} else {
$this->do_logged_in();
}
} else {
$this->log_authentication_event('login failed', $this->request['username']);
$this->status_msg = 'The username and password you provided do not match. Please try again.';
}
}
protected function _get_user_info()
{
static $info = NULL;
if (NULL !== $info) {
return $info;
}
$info = array();
if ($user = reason_check_authentication()) {
$dir = new directory_service();
$dir->search_by_attribute('ds_username', array($user), array('ds_username', 'ds_fullname', 'carlcohortyear'));
$info = $dir->get_first_record();
}
return $info;
}
function get_user_can_delete($id)
{
if ($id && $this->allow_contact_to_delete) {
if ($item = new entity($id)) {
if ($user_netid = reason_check_authentication()) {
$dir = new directory_service();
$dir->search_by_attribute('ds_username', $user_netid, array('ds_email'));
$record = $dir->get_first_record();
if (in_array($item->get_value('classified_contact_email'), $record['ds_email'])) {
return true;
}
}
}
}
return false;
}
/**
* Require authentication via http basic auth
*
* Note 1: If the user already has a session-based login, or the script is otherwise behind an
* apache-rule-based http auth, this function will return the username without forcing a second
* login.
*
* Note 2: This function currently only works properly when php is running as an Apache module. If
* Apache is running under CGI/Fast CGI, it currently simply denies access.
*
* @todo Add CGI/FastCGI support
*
* @param string $realm
* @param string $cancel_message
* @return string username
*
*/
function reason_require_http_authentication($realm = FULL_ORGANIZATION_NAME, $cancel_message = '')
{
if($username = reason_check_authentication())
return $username;
force_secure_if_available();
if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW']))
{
require_once(CARL_UTIL_INC.'dir_service/directory.php');
$dir = new directory_service();
if($dir->authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))
return $_SERVER['PHP_AUTH_USER'];
}
$cgi_mode = (substr(php_sapi_name(), 0, 3) == 'cgi');
if(!$cgi_mode)
{
header('WWW-Authenticate: Basic realm="'.str_replace('"',"'",$realm).'"');
}
http_response_code(401);
if(empty($cancel_message))
{
$msg_str = 'This resource requires login.';
$cancel_message = '<!doctype HTML><html><title>'.$msg_str.'</title></head><body><h3>'.$msg_str.'</h3>';
if($cgi_mode && function_exists('is_developer') && is_developer())
$cancel_message .= '<p>HTTP authentication is not currently supported when PHP is running under CGI/Fast CGI.</p>';
$cancel_message .= '</body></html>';
}
echo $cancel_message;
exit;
}
/**
* Get an array of contact information for a given event entity
*
* Array keys: 'username', 'email', 'fullname', 'phone', 'organization'
*
* @param object $e event entity
* @return array
*/
function get_contact_info($e)
{
$ret = array();
$contact = $e->get_value('contact_username');
if(!empty($contact) )
{
$ret['username'] = $contact;
$dir = new directory_service();
$dir->search_by_attribute('ds_username', array(trim($contact)), array('ds_email','ds_fullname','ds_phone',));
$ret['email'] = $dir->get_first_value('ds_email');
$ret['fullname'] = $dir->get_first_value('ds_fullname');
$ret['phone'] = $dir->get_first_value('ds_phone');
$ret['organization'] = $e->get_value('contact_organization');
}
return $ret;
}
function init($args = array())
{
$head_items =& $this->parent->head_items;
$head_items->add_javascript(JQUERY_URL, true);
$head_items->add_javascript(WEB_JAVASCRIPT_PATH . 'login/focus.js');
$this->current_url = get_current_url();
$this->on_secure_page_if_available = !HTTPS_AVAILABLE || on_secure_page();
if (empty($this->request['dest_page'])) {
// in standalone mode, once the user has successfully logged in, they will be bounced back to the page
// they came from if there was one. otherwise, they will see a successful login message
if ($this->params['login_mode'] == 'standalone') {
if (empty($this->request['popup'])) {
// we have a referer. remember for later.
if (isset($_SERVER['HTTP_REFERER']) && !empty($_SERVER['HTTP_REFERER'])) {
$this->dest_page = $_SERVER['HTTP_REFERER'];
} else {
// we have no valid information on where to go back to. this will happen if a user goes
// directly to the login page without clicking on a link. in this case, there will be no
// jumping and a message saying you are logged in will appear along side the logout link.
}
}
} else {
$this->dest_page = $this->current_url;
}
} else {
// Search engines should not be indexing versions of the index page with specific destinations
$head_items->add_head_item('meta', array('name' => 'robots', 'content' => 'none'));
$this->dest_page = $this->request['dest_page'];
}
if (!empty($this->request['redir_link_text'])) {
$this->redir_link_text = $this->request['redir_link_text'];
}
$this->dest_page = $this->localize_destination_page();
$this->sess =& get_reason_session();
$this->logged_in = false;
// A session exists
if ($this->sess->exists()) {
if (!$this->sess->has_started()) {
$this->sess->start();
}
// user is logging out
if (!empty($this->request['logout'])) {
$username = $this->sess->get('username');
$this->sess->destroy();
$this->msg = 'You are now logged out';
$this->log_authentication_event('logout succeeded', $username);
if (empty($this->request['noredirect'])) {
$parts = parse_url($this->dest_page);
$port = isset($parts['port']) && !empty($parts['port']) ? ":" . $parts['port'] : '';
$query = isset($parts['query']) && !empty($parts['query']) ? '?' . $parts['query'] : '';
$fragment = isset($parts['fragment']) ? '#' . $parts['fragment'] : '';
$loc = 'http://' . $parts['host'] . $port . $parts['path'] . $query . $fragment;
header('Location: ' . $loc);
exit;
}
} elseif (!$this->sess->get('username')) {
$this->sess->destroy();
header('Location: ' . get_current_url());
exit;
} else {
$this->logged_in = true;
$this->msg = 'You are logged in as ' . $this->sess->get('username') . '.';
if (!empty($this->dest_page)) {
if ($this->dest_page != get_current_url()) {
$dest_txt = $this->_get_dest_page_text();
$cleaned_dest_page = htmlspecialchars($this->dest_page);
$this->msg_extra = '<p>Proceed to <a href="' . $cleaned_dest_page . '" title="' . $cleaned_dest_page . '">' . htmlspecialchars($dest_txt) . '</a></p>';
}
}
}
} else {
// trying to login
if (!empty($this->request['username']) and !empty($this->request['password'])) {
if ($this->test_cookie_exists()) {
$auth = new directory_service($this->params['auth_service']);
// succesful login
if ($auth->authenticate($this->request['username'], $this->request['password'])) {
$this->sess->start();
$this->logged_in = true;
$this->sess->set('username', trim($this->request['username']));
$this->log_authentication_event('login succeeded', $this->request['username']);
// pop user back to the top of the page. this makes sure that the session
// info is available to all modules
if (!empty($this->dest_page)) {
$parts = parse_url($this->dest_page);
$port = isset($parts['port']) && !empty($parts['port']) ? ":" . $parts['port'] : '';
$query = isset($parts['query']) && !empty($parts['query']) ? '?' . $parts['query'] : '';
$fragment = isset($parts['fragment']) ? '#' . $parts['fragment'] : '';
$loc = securest_available_protocol() . '://' . $parts['host'] . $port . $parts['path'] . $query . $fragment;
header('Location: ' . $loc);
exit;
}
if (!empty($this->request['popup'])) {
$this->close_window = true;
$this->msg = 'You are now logged in. Please close this window.';
}
} else {
$this->log_authentication_event('login failed', $this->request['username']);
$this->msg = 'The username and password you provided do not match. Please try again.';
}
} else {
$this->msg = 'It appears that you do not have cookies enabled. Please enable cookies and try logging in again';
}
} else {
$this->set_test_cookie();
if (!empty($this->request['code'])) {
$s =& get_reason_session();
$this->msg = $s->get_error_msg($this->request['code']);
}
if (!empty($this->request['msg_uname'])) {
$msg_id = id_of($this->request['msg_uname'], true, false);
if (!empty($msg_id)) {
$msg_ent = new entity($msg_id);
if ($msg_ent->get_value('type') == id_of('text_blurb')) {
$this->msg .= $msg_ent->get_value('content');
}
}
}
}
}
}
/**
* include dependencies
*/
include_once 'reason_header.php';
reason_include_once('classes/entity_selector.php');
include_once CARL_UTIL_INC . 'dir_service/directory.php';
reason_include_once('function_libraries/admin_actions.php');
$es = new entity_selector();
$es->add_type(id_of('site'));
$es->add_relation('site.department IS NOT NULL');
$es->add_relation('site.department != ""');
$sites = $es->run_one();
$creator = id_of('ldap');
$report = '';
$report_head = "Synchronizing with directory...\n\n";
$dir = new directory_service();
foreach ($sites as $site) {
$did_something = false;
$report_section = '';
$report_section .= "- " . $site->get_value('name') . "\n";
// hit directory - get all faculty and staff, add them to the faculty staff type
$dept = $site->get_value('department');
// use the department from the site entity
$filter = '(&(ou=' . $dept . ')(|(eduPersonPrimaryAffiliation=staff)(eduPersonPrimaryAffiliation=faculty)))';
// this is the filter
if ($dir->search_by_filter($filter, array('ds_username'))) {
$fac_staff = $dir->get_records();
} else {
$fac_staff = array();
}
$netids = array();
function send_email($media_work, $status, $netid)
{
if ($media_work->get_value('email_notification')) {
$user = new entity(get_user_id($netid));
$dir = new directory_service();
$dir->search_by_attribute('ds_username', $netid, array('ds_email', 'ds_fullname', 'ds_phone'));
$to = $dir->get_first_value('ds_email');
$owner = $media_work->get_owner();
$params = array('site_id' => $owner->id(), 'type_id' => id_of('av'), 'id' => $media_work->id(), 'cur_module' => 'Editor');
$link = html_entity_decode(carl_construct_link($params, array(''), '/reason/index.php'));
if ($status == 'success') {
$subject = '[Reason] Media processing complete: ' . html_entity_decode(strip_tags($media_work->get_value('name')));
$message = 'Media Work Processed' . "\n\n";
$message .= 'Name:' . "\n" . html_entity_decode(strip_tags($media_work->get_value('name'))) . "\n\n";
$message .= 'Site:' . "\n" . html_entity_decode(strip_tags($owner->get_value('name'))) . "\n\n";
$message .= 'View it at this url: ' . $link . "\n\n";
$message .= 'Uploaded by:' . "\n" . $user->get_value('name') . "\n\n";
} else {
$subject = '[Reason] Media error: ' . html_entity_decode(strip_tags($media_work->get_value('name')));
$message = 'Media Work Error During Processing' . "\n\n";
$message .= 'Name:' . "\n" . html_entity_decode(strip_tags($media_work->get_value('name'))) . "\n\n";
$message .= 'Site:' . "\n" . html_entity_decode(strip_tags($owner->get_value('name'))) . "\n\n";
$message .= 'Uploaded by:' . "\n" . $user->get_value('name') . "\n\n";
$message .= 'View it at this url: ' . $link . "\n\n";
$message .= 'If you continue to get this error after multiple attempts, please contact your Reason Administrator regarding this issue: ' . WEBMASTER_EMAIL_ADDRESS . "\n\n";
}
mail($to, $subject, $message);
}
}
function _get_maintainer_info($maintainer)
{
// Check to see if it's before or after 7 am, and set the last colleague->ldap sync time appropriately.
if (carl_date('G') < 7) {
$ldap_last_sync_time = strtotime('7 am yesterday');
} else {
$ldap_last_sync_time = strtotime('7 am today');
}
/* Either of the following conditions will fire the ldap->reason sync:
1: the cached info predates the last colleague->ldap sync (presumed to be daily by 7 am.)
2: the primary maintainer has been changed since the last ldap->reason sync. */
if ($this->parent->site_info->get_value('cache_last_updated') <= date('Y-m-d', $ldap_last_sync_time) || $this->parent->site_info->get_value('username_cache') != $this->parent->site_info->get_value('primary_maintainer')) {
$dir = new directory_service();
if ($dir->search_by_attribute('ds_username', $maintainer, array('ds_email', 'ds_fullname'))) {
$email = $dir->get_first_value('ds_email');
$full_name = $dir->get_first_value('ds_fullname');
// lets fall back to the maintainer username if a valid full name is not found for the user
$full_name = !carl_empty_html($full_name) ? $full_name : trim(strip_tags($maintainer));
$values = array('email_cache' => $email, 'name_cache' => $full_name, 'cache_last_updated' => date('Y-m-d H:i:s'), 'username_cache' => $maintainer);
$update_vals = array('ldap_cache' => $values);
reason_include_once('function_libraries/admin_actions.php');
/* I know this is nonstandard, but it's the only way right now
to update the entity without creating an archive and changing
the last_updated field on all the sites every day... */
$sqler = new SQLER();
foreach ($update_vals as $table => $fields) {
$sqler->update_one($table, $fields, $this->parent->site_info->id());
}
}
} else {
$email = $this->parent->site_info->get_value('email_cache');
$full_name = $this->parent->site_info->get_value('name_cache');
}
return array('email' => $email, 'full_name' => $full_name);
}
/**
* Take mixed username/netids and email addresses and resolve into "clean" array of good-looking email addresses
*
* By good-looking we mean that they satisfy this regex: /^([^<]+<)?([-.]|\w)+@([-.]|\w)+\.([-.]|\w)+>?$/i
*
* This function works as follows: For each address, first treats
* the address as a netid and tries to find a corresponding
* address in the directory (if this fails, it assumes that the address
* was intended as an address rather than a username); second, checks
* whether the address is valid
*
* If the address is invalid, the webmaster is included in the recipient list and an error is triggered
*
* @param mixed $addresses can be any of the following: 1) a valid email address, 2) a username in the directory, 3) a comma-delimited combination of addresses and/or usernames, or 4) an array of addresses and/or usernames.
* @param string $address_type can be 'mixed', 'email', or 'username'
* @return string $pretty_addresses Comma separated email addresses
*
**/
function _prettify_addresses($addresses, $address_type = 'mixed')
{
if ($address_type != 'mixed' && $address_type != 'email' && $address_type != 'username') {
trigger_error('$address_type parameter (' . $address_type . ') must be "mixed","email", or "username." Defaulting to "mixed".');
$address_type = 'mixed';
}
if (!is_array($addresses)) {
$addresses = explode(',', $addresses);
}
$pretty_address_array = array();
foreach ($addresses as $address) {
$address = trim($address);
if (!empty($address)) {
if ($address_type != 'email') {
$dir = new directory_service();
$result = $dir->search_by_attribute('ds_username', $address, array('ds_email'));
$dir_value = $dir->get_first_value('ds_email');
if ($address_type == 'username') {
if (empty($dir_value)) {
trigger_error('Username does not exist in directory service: ' . $address . '. setting address to ' . WEBMASTER_EMAIL_ADDRESS . ' instead.');
$address = WEBMASTER_EMAIL_ADDRESS;
} else {
$address = $dir_value;
}
} else {
$address = !empty($dir_value) ? $dir_value : $address;
}
}
$num_results = preg_match('/^([^<]+<)?([-.]|\\w)+@([-.]|\\w)+\\.([-.]|\\w)+>?$/i', $address);
if ($num_results <= 0) {
trigger_error('The address ' . $address . ' is invalid - setting address to ' . WEBMASTER_EMAIL_ADDRESS . ' instead.');
$pretty_address_array[] = WEBMASTER_EMAIL_ADDRESS;
} else {
$pretty_address_array[] = $address;
}
}
}
$pretty_addresses = implode(', ', $pretty_address_array);
return $pretty_addresses;
}
/**
* Live person search
*
* @todo broaden to do more than just first record
*/
function &find_one_person($search_field, $search_value, $attributes = NULL)
{
$dir = new directory_service();
if ($attributes) $dir->search_by_attribute($search_field, $search_value, $attributes);
else $dir->search_by_attribute($search_field, $search_value);
$result = $dir->get_first_record();
return $result;
}
function _get_email_addresses_from_users($users)
{
$usernames = array();
foreach ($users as $user) {
$usernames[] = $user->get_value('name');
}
$dir = new directory_service();
$dir->search_by_attribute('ds_username', $usernames, array('ds_email'));
$records = $dir->get_records();
$emails = array();
foreach ($records as $rec) {
if (isset($rec['ds_username'][0]) && !empty($rec['ds_email'][0])) {
$emails[$rec['ds_username'][0]] = $rec['ds_email'][0];
}
}
asort($emails);
return $emails;
}
function invalid_addresses($addresses)
{
$return_value = '';
if (!is_array($addresses)) {
$addresses = explode(',', $addresses);
}
$bad_addresses = array();
foreach ($addresses as $address) {
$address = trim($address);
if (!empty($address)) {
$dir = new directory_service();
$result = $dir->search_by_attribute('ds_username', $address, array('ds_email'));
$dir_value = $dir->get_first_value('ds_email');
if (empty($dir_value)) {
$num_results = preg_match('/^([-.]|\\w)+@([-.]|\\w)+\\.([-.]|\\w)+$/i', $address);
if ($num_results <= 0) {
$bad_addresses[] = $address;
}
}
}
}
return $bad_addresses;
}
function send_confirmation_emails()
{
$slot_entity = get_entity_by_id($this->request_array['slot_id']);
$dir = new directory_service();
$dir->search_by_attribute('ds_username', $this->event->get_value('contact_username'), array('ds_email', 'ds_fullname', 'ds_phone'));
$to = $dir->get_first_value('ds_email');
$subject = 'Event Registration: ' . $this->get_value('name') . ' for ' . $this->event->get_value('name');
$body = $this->get_value('name') . ' has registered for ' . $this->event->get_value('name') . "\n\n";
$body .= 'Name: ' . $this->get_value('name') . "\n";
$body .= "E-mail Address: " . $this->get_value('email') . "\n";
$body .= 'Date: ' . prettify_mysql_datetime($this->request_array['date'], 'm/d/Y') . "\n";
if ($this->include_time_in_email) {
$time = $this->event->get_value('datetime');
$time_parts = explode(' ', $time);
if ($time_parts[1] != '00:00:00') {
$body .= 'Time: ' . prettify_mysql_datetime($time, 'g:i a') . "\n";
}
}
$location = $this->event->get_value('location');
if (!empty($location)) {
$body .= 'Location: ' . $location . "\n";
}
$slot = $slot_entity['name'];
$body .= 'Slot: ' . $slot . "\n\n";
// to person who should get registration
mail($to, $subject, $body, "From: " . strip_tags($this->get_value('email')));
// to person who filled out email
mail(strip_tags($this->get_value('email')), $subject, $body, "From: " . strip_tags($to));
}
function look_up_dir_reason_diffs()
{
// these are the people in Reason but not in the directory
$to_lookup = array_diff(array_keys($this->reason_netids), array_keys($this->directory_netids));
// get LDAP info for those people
foreach ($to_lookup as $username) {
$dir = new directory_service();
$filter = $this->build_person_filter($username);
if ($dir->search_by_filter($filter, $this->required_attributes)) {
$this->reason_people_dir_info[$username] = $dir->get_first_record();
}
}
}
