public function loginAction() { /* Check whether the user is already logged in */ if ($this->session->userid !== null) { if (!$this->handle_actions()) { $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(); header('Location: https://' . $_SERVER['HTTP_HOST'] . '/'); } return; } $this->view->session = $this->session; $ldap = ApplicationConfiguration::service('egi.ldap.host'); if (array_key_exists('username', $_POST)) { $this->view->username = $_POST['username']; $username = "******" . $_POST['username'] . ",ou=People,dc=egi,dc=eu"; $password = $_POST['password']; $ds = $this->initLDAP(true, $username, $password); if (is_resource($ds)) { @ldap_close($ds); $username = $_POST['username']; $this->session->username = $username; $users = new Default_Model_Researchers(); $users->viewModerated = true; $users->filter->username->equals($username); if ($users->count() == 1) { if (!$users->items[0]->deleted) { $this->session->userid = $users->items[0]->Id; $this->session->userRole = $users->items[0]->positionTypeID; $this->session->userCountryID = $users->items[0]->countryID; $this->session->userCountryName = $users->items[0]->country->name; $this->session->user = $users->items[0]; $this->session->fullName = $users->items[0]->firstName . " " . $users->items[0]->lastName; $this->session->cname = $users->items[0]->cname; setAuthCookies($username, md5($password)); $user = $users->items[0]; $user->lastLogin = time(); $user->password = md5($password); // TODO: remove this when SAML has been implemented $user->save(); $this->saveUserCredentials($user->id, md5($password)); // TODO: replace with SAML Auth token $this->handle_actions(); } else { $this->view->accountDeleted = true; error_log(var_export($users->items[0]->delInfo, true)); $this->view->accountDeleter = $users->items[0]->delInfo->deleter->name; $this->view->accountDeleterID = $users->items[0]->delInfo->deleter->id; $this->view->accountDeletedOn = $users->items[0]->delInfo->deletedOn; } } else { $this->session->claimPassword = md5($password); $ds = $this->initLDAP(true); // no rdn/pwd: root connection if ($ds !== false) { $users2 = new Default_Model_Contacts(); $sr = ldap_search($ds, "ou=people,dc=egi,dc=eu", "(uid=" . $_POST['username'] . ")"); $info = ldap_get_entries($ds, $sr); ldap_close($ds); if ($info["count"] > 0) { $this->session->fullName = $info[0]['cn'][0]; $users2->filter->data->ilike($info[0]['mail'][0]); if ($users2->refresh()->count() != 0) { // Found existing profiles $ids = array(); for ($i = 0; $i < $users2->count(); $i++) { $ids[] = $users2->items[$i]->researcherid; } $users->viewModerated = false; $users->filter->id->in($ids); $users->refresh(); $entries = array(); $canClaim = array(); for ($i = 0; $i < $users->count(); $i++) { $entries[] = $users->items[$i]; $canClaim[] = $users->items[$i]->id; } $this->view->entries = $entries; $this->session->canClaim = $canClaim; } else { // Create a new profile $roleTypeID = 3; if (array_key_exists('usercertificatesubject', $info[0])) { $sub = explode('/', $info[0]['usercertificatesubject'][0]); foreach ($sub as $s) { if (substr($s, 0, 2) == 'C=') { $country = substr($s, 2); $cs = new Default_Model_Countries(); $cs->filter->isocode->equals($country); if ($cs->count() > 0) { $this->view->country = $cs->items[0]->name; } break; } } } if (array_key_exists('sn', $info[0])) { $this->view->lastname = $info[0]['sn'][0]; $this->view->firstname = str_replace($info[0]['sn'][0], "", $info[0]['cn'][0]); } if (array_key_exists('destinationindicator', $info[0])) { $this->view->gender = $info[0]['destinationindicator'][0]; } if (array_key_exists('ou', $info[0])) { $this->view->institute = $info[0]['ou']['0']; } if (array_key_exists('employeetype', $info[0])) { if ($info[0]['employeetype'][0] == "Experienced researcher" || $info[0]['employeetype'][0] == "Management") { $roleTypeID = 2; } else { if ($info[0]['employeetype'][0] == "Technical Support" || $info[0]['employeetype'][0] == "PhD Student") { $roleTypeID = 3; } else { $roleTypeID = 4; } } } if (array_key_exists('mail', $info[0])) { $this->view->SSOmail = $info[0]['mail'][0]; } $pts = new Default_Model_PositionTypes(); $pts->filter->id->equals($roleTypeID); $this->view->roleType = $pts->items[0]->description; $contactTypes = new Default_Model_ContactTypes(); $this->view->contactTypes = $contactTypes->refresh(); } } } else { error_log($this->view->ldapError); } } } else { error_log($this->view->ldapError); } } }
public static function sendMessage($appid, $userid, $recipientid, $message) { //Get sender $users = new Default_Model_Researchers(); $users->filter->id->equals($userid); if ($users->count() == 0) { return "Sender not found"; } $user = $users->items[0]; //Get sender's primary email $contacts = new Default_Model_Contacts(); $contacts->filter->isprimary->equals(true)->and($contacts->filter->researcherid->equals($userid)); if ($contacts->count() == 0) { return "Sender has no primary e-mail set"; } $useremail = $contacts->items[0]->data; //Get recipient $recipients = new Default_Model_Researchers(); $recipients->filter->id->equals($recipientid); if ($recipients->count() == 0) { return "Recipient not found"; } $recipient = $recipients->items[0]; //Get recipient's primary email $contacts = new Default_Model_Contacts(); $contacts->filter->isprimary->equals(true)->and($contacts->filter->researcherid->equals($recipientid)); if ($contacts->count() == 0) { return "Recipient has no primary e-mail set"; } $recipientmail = $contacts->items[0]->data; //Get application $applications = new Default_Model_Applications(); $applications->filter->id->equals($appid); if ($applications->count() == 0) { return "Software not found"; } $app = $applications->items[0]; //Decode message $message = base64_decode($message); if (strlen(trim($message)) === 0) { return "Message is empty"; } //Get text body and also set html body $textbody = self::getTextBody($app, $user, $useremail, $recipient, $message); $body = preg_replace("/\\</", "<", $textbody); $body = preg_replace("/\\>/", ">", $body); $body = preg_replace("/\n/", "<br/>", $body); $body = preg_replace("/\t/", "<span style='padding-left:10px;'></span>", $body); $body = preg_replace("/\\[1\\]/", "<a href='http://" . $_SERVER["APPLICATION_UI_HOSTNAME"] . "' target='_blank' title='Visit EGI Applications Database' >EGI AppDB</a>", $body); $body = preg_replace("/\\[2\\]/", "<a href='http://" . $_SERVER["APPLICATION_UI_HOSTNAME"] . "?p=" . base64_encode("//people/details?id=" . $user->id) . "' target='_blank' title='View person's entry in EGI AppDB' >" . $user->firstname . " " . $user->lastname . "</a>", $body); $body = preg_replace("/\\[3\\]/", "'<a href='http://" . $_SERVER["APPLICATION_UI_HOSTNAME"] . "?p=" . base64_encode("/apps/details?id=" . $app->id) . "' target='_blank' title='View software entry in EGI AppDB' >" . $app->name . "</a>'", $body); $body = "<html><head></head><body>" . $body . "</body></html>"; $textbody = preg_replace("/\t/", " ", $textbody); $textbody = preg_replace("/\\[1\\]/", "EGI AppDB [1]", $textbody); $textbody = preg_replace("/\\[2\\]/", $user->firstname . " " . $user->lastname . " [2]", $textbody); $textbody = preg_replace("/\\[3\\]/", "'" . $app->name . "' [3]", $textbody); $textbody .= "\n\n________________________________________________________________________________________________________\n"; $textbody .= "[1]. http://" . $_SERVER["APPLICATION_UI_HOSTNAME"] . "\n"; $textbody .= "[2]. http://" . $_SERVER["APPLICATION_UI_HOSTNAME"] . "?p=" . base64_encode("/people/details?id=" . $user->id) . "\n"; $textbody .= "[3]. http://" . $_SERVER["APPLICATION_UI_HOSTNAME"] . "?p=" . base64_encode("/apps/details?id=" . $app->id) . " \n"; $subject = "EGI Applications Database: " . $user->firstname . " " . $user->lastname . " sent you a message"; if (trim($useremail) === '') { $useremail = false; } //sendMultipartMail($subject,$recipientmail, $textbody, $body, '*****@*****.**', 'enadyskolopassword',$useremail, null, false, array("From"=>$useremail)); EmailService::sendReportAsUser($useremail, $subject, $recipientmail, $textbody, $body); }
public static function sendPermissionsRequest($userid, $apikeyid, $msg) { //Get sender $users = new Default_Model_Researchers(); $users->filter->id->equals($userid); if ($users->count() == 0) { return "Sender not found"; } $user = $users->items[0]; //Get sender's primary email $contacts = new Default_Model_Contacts(); $contacts->filter->isprimary->equals(true)->and($contacts->filter->researcherid->equals($userid)); if ($contacts->count() == 0) { return "Sender has no primary e-mail set"; } //Check if e-mail has value $useremail = $contacts->items[0]->data; if (trim($useremail) == '') { return "Sender has no valid primary e-mail set"; } //Get api key $apikeys = new Default_Model_APIKeys(); $apikeys->filter->id->equals($apikeyid)->and($apikeys->filter->ownerid->equals($userid)); if (count($apikeys) == 0) { return "Api key not found"; } $apikey = $apikeys->items[0]; //Get Appdb administrators $recipients = array(); $admins = new Default_Model_Researchers(); $agmf = new Default_Model_ActorGroupMembersFilter(); $agmf->groupid->numequals(-1); // admins $admins->filter->chain($agmf, "AND"); if (count($admins->items) == 0) { return ""; } //Get admins primary emails $admins = $admins->items; foreach ($admins as $admin) { $contacts = new Default_Model_Contacts(); $contacts->filter->isprimary->equals(true)->and($contacts->filter->researcherid->equals($admin->id))->and($contacts->filter->contacttypeid->equals(7)); if (count($contacts->items) == 0) { continue; } if (trim($contacts->items[0]->data) !== '') { $recipients[] = $contacts->items[0]->data; } } $recipients = array_unique($recipients); if (count($recipients) == 0) { return ""; } $textbody = self::getMailBody($user, $apikey, $msg); //Get text body and also set html body $body = preg_replace("/\\</", "<", $textbody); $body = preg_replace("/\\>/", ">", $body); $body = preg_replace("/\n/", "<br/>", $body); $body = preg_replace("/\t/", "<span style='padding-left:10px;'></span>", $body); $body = preg_replace("/\\[1\\]/", "<a href='http://" . $_SERVER["APPLICATION_UI_HOSTNAME"] . "?p=" . base64_encode("/people/details?id=" . $user->id) . "' target='_blank' title='View person's entry in EGI AppDB' >" . $user->firstname . " " . $user->lastname . "</a>", $body); $body = preg_replace("/\\[2\\]/", "<b>" . $apikey->key . "</b>", $body); $body = "<html><head></head><body>" . $body . "</body></html>"; $textbody = preg_replace("/\t/", " ", $textbody); $textbody = preg_replace("/\\[1\\]/", $user->firstname . " " . $user->lastname . " [id: " . $user->id . ", url: http://" . $_SERVER["APPLICATION_UI_HOSTNAME"] . "?p=" . base64_encode("/people/details?id=" . $user->id) . "]", $textbody); $textbody = preg_replace("/\\[2\\]/", $apikey->key, $textbody); $subject = "EGI AppDB: API Permissions request from user " . $user->firstname . " " . $user->lastname; //sendMultipartMail($subject,$recipients, $textbody, $body, '*****@*****.**', 'enadyskolopassword',$useremail); EmailService::sendReport($subject, $recipients, $textbody, $body, $useremail); return true; }
public function primarycontactAction() { $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(); $id = $this->_getParam("id"); $action = $this->_getParam("act"); $action = strtolower(trim($action)); if ($action == '') { $action = 'get'; } $error = ''; $res = ''; $resid = ''; if ($this->session->userid == null || $action === 'set' && $id == '') { $this->getResponse()->clearAllHeaders(); $this->getResponse()->setRawHeader("HTTP/1.0 403 Forbidden"); $this->getResponse()->setHeader("Status", "403 Forbidden"); return; } if ($action === 'set') { $p = new Default_Model_Contacts(); $p->filter->researcherid->equals($this->session->userid)->and($p->filter->id->equals($id)); if ($p->count() === 0) { $error = "The provided contact is not found"; } else { $pi = $p->items[0]; $pi->isprimary = true; $pi->save(); $resid = $pi->id; $res = $pi->data; } } else { $p = new Default_Model_Contacts(); $p->filter->researcherid->equals($this->session->userid)->and($p->filter->isprimary->equals(true)); if (count($p->items) === 0) { $error = "The provided contact is not found"; } else { $pi = $p->items[0]; $resid = $pi->id; $res = $pi->data; } } if ($error !== '') { echo "<response error='" . $error . "'></response>"; } else { echo "<response " . ($resid !== '' ? "id='" . $resid . "'" : "") . " >" . $res . "</response>"; } }