/** * Handle launch and/or set up the LTI session and global variables * * Make sure we have the values we need in the LTI session * This routine will not start a session if none exists. It will * die is there if no session_name() (PHPSESSID) cookie or * parameter. No need to create any fresh sessions here. * * @param $needed (optional, mixed) Indicates which of * the data structures are * needed. If this is omitted, * this assumes that CONTEXT, LINK, and USER data are required. * If LTIX::NONE is present, then none of the three are rquired. * If some combination of the three are needed, this accepts * an array of the LTIX::CONTEXT, LTIX: LINK, and LTIX::USER * can be passed in. * */ public static function requireData($needed = self::ALL) { global $CFG, $USER, $CONTEXT, $LINK; if ($needed == self::NONE) { $needed = array(); } if ($needed == self::ALL) { $needed = array(self::CONTEXT, self::LINK, self::USER); } if (is_string($needed)) { $needed = array($needed); } // Check if we are processing an LTI launch. If so, handle it self::launchCheck(); // Check to see if the session already exists. $sess = session_name(); if (ini_get('session.use_cookies') != '0') { if (!isset($_COOKIE[$sess])) { send403(); die_with_error_log("Missing session cookie - please re-launch"); } } else { // non-cookie session if (isset($_POST[$sess]) || isset($_GET[$sess])) { // We tried to set a session.. } else { if ($_SERVER['REQUEST_METHOD'] == 'POST') { send403(); die_with_error_log('Missing ' . $sess . ' from POST data'); } else { send403(); die_with_error_log('This tool should be launched from a learning system using LTI'); } } } // Start a session if it has not been started.. if (session_id() == "") { session_start(); // Should reassociate } // This happens from time to time when someone closes and reopens a laptop // Or their computer goes to sleep and wakes back up hours later. // So it is just a warning - nothing much we can do except tell them. if (!isset($_SESSION['lti'])) { // $debug = safe_var_dump($_SESSION); // error_log($debug); send403(); error_log('Session expired - please re-launch ' . session_id()); die('Session expired - please re-launch'); // with error_log } // Check the referrer... $trusted = checkReferer() || checkCSRF(); // Check to see if we switched browsers or IP addresses // TODO: Change these to warnings once we get more data if (!$trusted && isset($_SESSION['HTTP_USER_AGENT'])) { if (!isset($_SERVER['HTTP_USER_AGENT']) || $_SESSION['HTTP_USER_AGENT'] != $_SERVER['HTTP_USER_AGENT']) { send403(); die_with_error_log("Session has expired", " " . session_id() . " HTTP_USER_AGENT " . $_SESSION['HTTP_USER_AGENT'] . ' ::: ' . isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'Empty user agent', 'DIE:'); } } // We only check the first three octets as some systems wander throught the addresses on // class C - Perhaps it is even NAT - who knows - but we forgive those on the same Class C if (!$trusted && isset($_SESSION['REMOTE_ADDR']) && isset($_SERVER['REMOTE_ADDR'])) { $sess_pieces = explode('.', $_SESSION['REMOTE_ADDR']); $serv_pieces = explode('.', $_SERVER['REMOTE_ADDR']); if (count($sess_pieces) == 4 && count($serv_pieces) == 4) { if ($sess_pieces[0] != $serv_pieces[0] || $sess_pieces[1] != $serv_pieces[1] || $sess_pieces[2] != $serv_pieces[2]) { send403(); die_with_error_log('Session address has expired', " " . session_id() . " REMOTE_ADDR " . $_SESSION['REMOTE_ADDR'] . ' ' . $_SERVER['REMOTE_ADDR'], 'DIE:'); } } } // Check to see if the user has navigated to a new place in the hierarchy if (isset($_SESSION['script_path']) && getScriptPath() != 'core/blob' && strpos(getScriptPath(), $_SESSION['script_path']) !== 0) { send403(); die_with_error_log('Improper navigation detected', " " . session_id() . " script_path " . $_SESSION['script_path'] . ' / ' . getScriptPath(), 'DIE:'); } $LTI = $_SESSION['lti']; if (is_array($needed)) { foreach ($needed as $feature) { if (isset($LTI[$feature])) { continue; } die_with_error_log("This tool requires an LTI launch parameter:" . $feature); } } // Check to see if the session needs to be extended due to this request checkHeartBeat(); // Restart the number of continuous heartbeats $_SESSION['HEARTBEAT_COUNT'] = 0; // Populate the $USER $CONTEXT and $LINK objects if (isset($LTI['user_id']) && !is_object($USER)) { $USER = new \Tsugi\Core\User(); $USER->id = $LTI['user_id']; if (isset($LTI['user_email'])) { $USER->email = $LTI['user_email']; } if (isset($LTI['user_displayname'])) { $USER->displayname = $LTI['user_displayname']; $pieces = explode(' ', $USER->displayname); if (count($pieces) > 0) { $USER->firstname = $pieces[0]; } if (count($pieces) > 1) { $USER->lastname = $pieces[count($pieces) - 1]; } } $USER->instructor = isset($LTI['role']) && $LTI['role'] != 0; } if (isset($LTI['context_id']) && !is_object($CONTEXT)) { $CONTEXT = new \Tsugi\Core\Context(); $CONTEXT->id = $LTI['context_id']; if (isset($LTI['context_title'])) { $CONTEXT->title = $LTI['context_title']; } } if (isset($LTI['link_id']) && !is_object($LINK)) { $LINK = new \Tsugi\Core\Link(); $LINK->id = $LTI['link_id']; if (isset($LTI['grade'])) { $LINK->grade = $LTI['grade']; } if (isset($LTI['link_title'])) { $LINK->title = $LTI['link_title']; } if (isset($LTI['result_id'])) { $LINK->result_id = $LTI['result_id']; } } // Return the LTI structure return $LTI; }
if (!$authenticated) { send401(); } $userFilter = "(&(objectClass=person)(sAMAccountName={login})(memberOf=" . ldap_escape($memberOf, "", LDAP_ESCAPE_FILTER) . "))"; $ldap_filter = str_replace("{login}", ldap_escape($_SERVER['PHP_AUTH_USER'], "", LDAP_ESCAPE_FILTER), $userFilter); $searchResult = ldap_search($connection, $ldapBaseDn, $ldap_filter); if ($searchResult === false) { throw new Exception(ldap_error($connection)); } $entry = ldap_first_entry($connection, $searchResult); if ($entry === false) { send403(); } $userdn = ldap_get_dn($connection, $entry); if ($userdn === false) { send403(); } //// AUTHENTICATED. if ($_SERVER['REQUEST_METHOD'] == 'POST') { echo "woo! posted result for mac " . $_POST['wake']; $macAddressBinary = pack('H12', $_POST['wake']); $magicPacket = str_repeat(chr(0xff), 6) . str_repeat($macAddressBinary, 16); if (!($fp = fsockopen('udp://{$broadcast}', 7, $errno, $errstr, 2))) { throw new \Exception("Cannot open UDP socket: {$errstr}", $errno); } fputs($fp, $magicPacket); fclose($fp); } echo "<p>Hello. Please choose a machine to wake:</p><form method='post'>"; foreach ($machines as $host => $mac) { echo '<button name="wake" value="' . $mac . '">' . $host . '</button>';