WebSVN – oidplus – Blame – /trunk/plugins/adminPages/120_registration/OIDplusPageAdminRegistration.class.php

Rev	Author	Line No.	Line
139	daniel-mar	1	<?php
		2
		3	/*
		4	* OIDplus 2.0
		5	* Copyright 2019 Daniel Marschall, ViaThinkSoft
		6	*
		7	* Licensed under the Apache License, Version 2.0 (the "License");
		8	* you may not use this file except in compliance with the License.
		9	* You may obtain a copy of the License at
		10	*
		11	* http://www.apache.org/licenses/LICENSE-2.0
		12	*
		13	* Unless required by applicable law or agreed to in writing, software
		14	* distributed under the License is distributed on an "AS IS" BASIS,
		15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		16	* See the License for the specific language governing permissions and
		17	* limitations under the License.
		18	*/
		19
256	daniel-mar	20	class OIDplusPageAdminRegistration extends OIDplusPagePluginAdmin {
139	daniel-mar	21
269	daniel-mar	22	/private/ const QUERY_REGISTER_V1 = '1.3.6.1.4.1.37476.2.5.2.1.1.1';
		23	/private/ const QUERY_UNREGISTER_V1 = '1.3.6.1.4.1.37476.2.5.2.1.2.1';
		24	/private/ const QUERY_LISTALLSYSTEMIDS_V1 = '1.3.6.1.4.1.37476.2.5.2.1.3.1';
		25	/private/ const QUERY_LIVESTATUS_V1 = '1.3.6.1.4.1.37476.2.5.2.1.4.1';
256	daniel-mar	26
139	daniel-mar	27	public function gui($id, &$out, &$handled) {
141	daniel-mar	28	if ($id === 'oidplus:srv_registration') {
139	daniel-mar	29	$handled = true;
360	daniel-mar	30	$out['title'] = _L('System registration settings');
241	daniel-mar	31	$out['icon'] = file_exists(__DIR__.'/icon_big.png') ? OIDplus::webpath(__DIR__).'icon_big.png' : '';
139	daniel-mar	32
		33	if (!OIDplus::authUtils()::isAdminLoggedIn()) {
		34	$out['icon'] = 'img/error_big.png';
360	daniel-mar	35	$out['text'] = '<p>'._L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login')).'</p>';
281	daniel-mar	36	return;
		37	}
		38
362	daniel-mar	39	if (file_exists(__DIR__ . '/info$'.OIDplus::getCurrentLang().'.html')) {
		40	$info = file_get_contents(__DIR__ . '/info$'.OIDplus::getCurrentLang().'.html');
		41	} else {
		42	$info = file_get_contents(__DIR__ . '/info.html');
		43	}
395	daniel-mar	44
386	daniel-mar	45	list($html, $js, $css) = extractHtmlContents($info);
		46	$info = '';
		47	if (!empty($js)) $info .= "<script>\n$js\n</script>";
		48	if (!empty($css)) $info .= "<style>\n$css\n</style>";
		49	$info .= $html;
281	daniel-mar	50
362	daniel-mar	51	$out['text'] = $info;
		52
281	daniel-mar	53	if (!OIDplus::getPkiStatus()) {
360	daniel-mar	54	$out['text'] .= '<p><font color="red">'._L('Error: Your system could not generate a private/public key pair. (OpenSSL is probably missing on your system). Therefore, you cannot register/unregister your OIDplus instance.').'</font></p>';
139	daniel-mar	55	} else {
360	daniel-mar	56	$out['text'] .= '<p><input type="button" onclick="openOidInPanel(\'oidplus:srvreg_status\');" value="'._L('Check status of the registration and collected data').'"></p>';
277	daniel-mar	57
281	daniel-mar	58	if (OIDplus::baseConfig()->getValue('REGISTRATION_HIDE_SYSTEM', false)) {
360	daniel-mar	59	$out['text'] .= '<p><font color="red"><b>'._L('Attention!').'</b> '._L('<code>REGISTRATION_HIDE_SYSTEM</code> is set in the local configuration file! Therefore, this system will not register itself, despite of the settings below.').'</font></p>';
281	daniel-mar	60	}
139	daniel-mar	61
360	daniel-mar	62	$out['text'] .= '<p>'._L('You can adjust your privacy level here').':</p><p><select name="reg_privacy" id="reg_privacy">';
227	daniel-mar	63
281	daniel-mar	64	# ---
139	daniel-mar	65
281	daniel-mar	66	$out['text'] .= '<option value="0"';
		67	if (OIDplus::config()->getValue('reg_privacy') == 0) {
		68	$out['text'] .= ' selected';
		69	} else {
		70	$out['text'] .= '';
		71	}
360	daniel-mar	72	$out['text'] .= '>'._L('0 = Register to directory service and automatically publish RA/OID data at oid-info.com').'</option>';
139	daniel-mar	73
281	daniel-mar	74	# ---
139	daniel-mar	75
281	daniel-mar	76	$out['text'] .= '<option value="1"';
		77	if (OIDplus::config()->getValue('reg_privacy') == 1) {
		78	$out['text'] .= ' selected';
		79	} else {
		80	$out['text'] .= '';
		81	}
360	daniel-mar	82	$out['text'] .= '>'._L('1 = Only register to directory service').'</option>';
139	daniel-mar	83
281	daniel-mar	84	# ---
139	daniel-mar	85
281	daniel-mar	86	$out['text'] .= '<option value="2"';
		87	if (OIDplus::config()->getValue('reg_privacy') == 2) {
		88	$out['text'] .= ' selected';
		89	} else {
		90	$out['text'] .= '';
		91	}
360	daniel-mar	92	$out['text'] .= '>'._L('2 = Hide system').'</option>';
139	daniel-mar	93
281	daniel-mar	94	# ---
139	daniel-mar	95
360	daniel-mar	96	$out['text'] .= '</select> <input type="button" value="'._L('Change').'" onclick="crudActionRegPrivacyUpdate()"></p>';
139	daniel-mar	97
360	daniel-mar	98	$out['text'] .= '<p>'._L('After clicking "change", your OIDplus system will contact the ViaThinkSoft server to adjust (add or remove information) your privacy setting. This may take a few minutes.').'</p>';
139	daniel-mar	99
360	daniel-mar	100	$out['text'] .= '<p>'._L('<i>Privacy information:</i> Please note that removing your system from the directory does not automatically delete information about OIDs which are already published at oid-info.com. To remove already submitted OIDs at oid-info.com, please contact the <a href="mailto:admin@oid-info.com">OID Repository Webmaster</a>.').'</p>';
139	daniel-mar	101	}
		102	}
141	daniel-mar	103	if ($id === 'oidplus:srvreg_status') {
		104	$handled = true;
446	daniel-mar	105	$out['title'] = _L('Registration live status');
		106	$out['icon'] = file_exists(__DIR__.'/icon_big.png') ? OIDplus::webpath(__DIR__).'icon_big.png' : '';
141	daniel-mar	107
446	daniel-mar	108	if (!OIDplus::authUtils()::isAdminLoggedIn()) {
		109	$out['icon'] = 'img/error_big.png';
		110	$out['text'] = '<p>'._L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login')).'</p>';
		111	return;
		112	}
		113
256	daniel-mar	114	$query = self::QUERY_LIVESTATUS_V1;
141	daniel-mar	115
		116	$payload = array(
		117	"query" => $query, // we must repeat the query because we want to sign it
446	daniel-mar	118	"lang" => OIDplus::getCurrentLang(),
227	daniel-mar	119	"system_id" => OIDplus::getSystemId(false)
141	daniel-mar	120	);
		121
		122	$signature = '';
465	daniel-mar	123	if (!OIDplus::getPkiStatus() \|\| !@openssl_sign(json_encode($payload), $signature, OIDplus::config()->getValue('oidplus_private_key'))) {
360	daniel-mar	124	throw new OIDplusException(_L('Signature failed'));
239	daniel-mar	125	}
141	daniel-mar	126
		127	$data = array(
		128	"payload" => $payload,
		129	"signature" => base64_encode($signature)
		130	);
		131
484	daniel-mar	132	if (!function_exists('curl_init')) {
464	daniel-mar	133	throw new Exception(_L('The "%1" PHP extension is not installed at your system. Please enable the PHP extension <code>%2</code>.','CURL','php_curl'));
463	daniel-mar	134	}
		135
141	daniel-mar	136	$ch = curl_init();
496	daniel-mar	137	if (ini_get('curl.cainfo') == '') curl_setopt($ch, CURLOPT_CAINFO, OIDplus::localpath() . '3p/certs/cacert.pem');
141	daniel-mar	138	curl_setopt($ch, CURLOPT_URL, 'https://oidplus.viathinksoft.com/reg2/query.php');
		139	curl_setopt($ch, CURLOPT_POST, 1);
464	daniel-mar	140	if (function_exists('gzdeflate')) {
		141	$compressed = "1";
		142	$data2 = gzdeflate(json_encode($data));
		143	} else {
		144	$compressed = "0";
		145	$data2 = json_encode($data);
		146	}
		147	curl_setopt($ch, CURLOPT_POSTFIELDS, "query=".urlencode($query)."&compressed=$compressed&data=".urlencode(base64_encode($data2)));
141	daniel-mar	148	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
		149	curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
		150	curl_setopt($ch, CURLOPT_AUTOREFERER, true);
239	daniel-mar	151	if (!($res = @curl_exec($ch))) {
360	daniel-mar	152	throw new OIDplusException(_L('Communication with ViaThinkSoft server failed: %1',curl_error($ch)));
239	daniel-mar	153	}
141	daniel-mar	154	curl_close($ch);
		155
370	daniel-mar	156	$json = @json_decode($res, true);
		157
		158	if (!$json) {
		159	$out['icon'] = 'img/error_big.png';
		160	$out['text'] = _L('JSON reply from ViaThinkSoft decoding error: %1',$res);
		161	return;
		162	}
		163
381	daniel-mar	164	if (isset($json['error']) \|\| ($json['status'] < 0)) {
370	daniel-mar	165	$out['icon'] = 'img/error_big.png';
		166	if (isset($json['error'])) {
		167	$out['text'] = _L('Received error status code: %1',$json['error']);
		168	} else {
		169	$out['text'] = _L('Received error status code: %1',$json['status']);
		170	}
		171	return;
		172	}
		173
366	daniel-mar	174	$out['text'] = '<p><a '.OIDplus::gui()->link('oidplus:srv_registration').'><img src="img/arrow_back.png" width="16" alt="'._L('Go back').'"> '._L('Go back to registration settings').'</a></p>' .
372	daniel-mar	175	$json['content'];
141	daniel-mar	176	}
139	daniel-mar	177	}
		178
370	daniel-mar	179	protected function areWeRegistered() {
		180	// To check if we are registered. Check it "anonymously" (i.e. without revealing our system ID)
		181	$res = file_get_contents('https://oidplus.viathinksoft.com/reg2/query.php?query='.self::QUERY_LISTALLSYSTEMIDS_V1);
		182
		183	$json = @json_decode($res, true);
		184
		185	if (!$json) {
		186	return false; // throw new OIDplusException(_L('JSON reply from ViaThinkSoft decoding error: %1',$res));
		187	}
		188
381	daniel-mar	189	if (isset($json['error']) \|\| ($json['status'] < 0)) {
370	daniel-mar	190	if (isset($json['error'])) {
		191	return false; // throw new OIDplusException(_L('Received error status code: %1',$json['error']));
		192	} else {
		193	return false; // throw new OIDplusException(_L('Received error status code: %1',$json['status']));
		194	}
		195	}
		196
		197	$list = $json['list'];
		198
		199	return in_array(OIDplus::getSystemId(false), $list);
		200	}
		201
140	daniel-mar	202	public function sendRegistrationQuery($privacy_level=null) {
		203	if (is_null($privacy_level)) {
		204	$privacy_level = OIDplus::config()->getValue('reg_privacy');
		205	}
139	daniel-mar	206
496	daniel-mar	207	$system_url = OIDplus::webpath();
139	daniel-mar	208
175	daniel-mar	209	// It is very important that we set the ping time NOW, because ViaThinkSoft might contact us during the ping,
		210	// and this would cause an endless loop!
		211	OIDplus::config()->setValue('reg_last_ping', time());
277	daniel-mar	212
239	daniel-mar	213	if (!OIDplus::getPkiStatus()) return false;
175	daniel-mar	214
139	daniel-mar	215	if ($privacy_level == 2) {
370	daniel-mar	216	// The user wants to unregister, but we only unregister if we are registered
		217	if ($this->areWeRegistered()) {
256	daniel-mar	218	$query = self::QUERY_UNREGISTER_V1;
139	daniel-mar	219
		220	$payload = array(
		221	"query" => $query, // we must repeat the query because we want to sign it
227	daniel-mar	222	"system_id" => OIDplus::getSystemId(false)
139	daniel-mar	223	);
		224
		225	$signature = '';
465	daniel-mar	226	if (!OIDplus::getPkiStatus() \|\| !@openssl_sign(json_encode($payload), $signature, OIDplus::config()->getValue('oidplus_private_key'))) {
360	daniel-mar	227	return false; // throw new OIDplusException(_L('Signature failed'));
239	daniel-mar	228	}
139	daniel-mar	229
		230	$data = array(
		231	"payload" => $payload,
		232	"signature" => base64_encode($signature)
		233	);
		234
484	daniel-mar	235	if (!function_exists('curl_init')) {
464	daniel-mar	236	return false; // throw new Exception(_L('The "%1" PHP extension is not installed at your system. Please enable the PHP extension <code>%2</code>.','CURL','php_curl'));
463	daniel-mar	237	}
		238
139	daniel-mar	239	$ch = curl_init();
496	daniel-mar	240	if (ini_get('curl.cainfo') == '') curl_setopt($ch, CURLOPT_CAINFO, OIDplus::localpath() . '3p/certs/cacert.pem');
139	daniel-mar	241	curl_setopt($ch, CURLOPT_URL, 'https://oidplus.viathinksoft.com/reg2/query.php');
		242	curl_setopt($ch, CURLOPT_POST, 1);
464	daniel-mar	243	if (function_exists('gzdeflate')) {
		244	$compressed = "1";
		245	$data2 = gzdeflate(json_encode($data));
		246	} else {
		247	$compressed = "0";
		248	$data2 = json_encode($data);
		249	}
		250	curl_setopt($ch, CURLOPT_POSTFIELDS, "query=".urlencode($query)."&compressed=$compressed&data=".urlencode(base64_encode($data2)));
139	daniel-mar	251	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
		252	curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
		253	curl_setopt($ch, CURLOPT_AUTOREFERER, true);
239	daniel-mar	254	if (!($res = @curl_exec($ch))) {
360	daniel-mar	255	return false; // throw new OIDplusException(_L('Communication with ViaThinkSoft server failed: %1',curl_error($ch)));
239	daniel-mar	256	}
139	daniel-mar	257	curl_close($ch);
370	daniel-mar	258
		259	$json = @json_decode($res, true);
		260
		261	if (!$json) {
		262	return false; // throw new OIDplusException(_L('JSON reply from ViaThinkSoft decoding error: %1',$res));
		263	}
		264
381	daniel-mar	265	if (isset($json['error']) \|\| ($json['status'] < 0)) {
370	daniel-mar	266	if (isset($json['error'])) {
		267	return false; // throw new OIDplusException(_L('Received error status code: %1',$json['error']));
		268	} else {
		269	return false; // throw new OIDplusException(_L('Received error status code: %1',$json['status']));
		270	}
		271	}
139	daniel-mar	272	}
		273	} else {
		274	if ($privacy_level == 0) {
380	daniel-mar	275	$adminExportPlugin = OIDplus::getPluginByOid('1.3.6.1.4.1.37476.2.5.2.4.3.400'); // OIDplusPageAdminOIDInfoExport
		276	if (!is_null($adminExportPlugin)) {
139	daniel-mar	277	ob_start();
		278	OIDplusPageAdminOIDInfoExport::outputXML(false); // no online check, because the query should be short (since the query is done while a visitor waits for the response)
		279	$oidinfo_xml = ob_get_contents();
		280	ob_end_clean();
		281	} else {
		282	$oidinfo_xml = false;
		283	}
		284	} else {
		285	$oidinfo_xml = false;
		286	}
		287
256	daniel-mar	288	$query = self::QUERY_REGISTER_V1;
139	daniel-mar	289
		290	$root_oids = array();
227	daniel-mar	291	foreach (OIDplus::getEnabledObjectTypes() as $ot) {
139	daniel-mar	292	if ($ot::ns() == 'oid') {
261	daniel-mar	293	$res = OIDplus::db()->query("select id from ###objects where " .
396	daniel-mar	294	"(parent = 'oid:' or " .
394	daniel-mar	295	// The following two cases are special cases e.g. if there are multiple PEN or UUID-OIDs, and the system owner decides to use the IANA PEN as root OID, but actually, it is not "his" root then! The OIDs inside the IANA PEN root are his root then!
443	daniel-mar	296	"parent in (select oid from ###asn1id where well_known = ?) or " .
		297	"parent in (select oid from ###iri where well_known = ?)) and " .
396	daniel-mar	298	// We assume hereby that RAs of well-known OIDs (e.g. IANA) will not use OIDplus for allocating OIDs:
443	daniel-mar	299	"id not in (select oid from ###asn1id where well_known = ?) and " .
		300	"id not in (select oid from ###iri where well_known = ?) " .
		301	"order by ".OIDplus::db()->natOrder('id'), array(true, true, true, true));
236	daniel-mar	302	while ($row = $res->fetch_array()) {
139	daniel-mar	303	$root_oids[] = substr($row['id'],strlen('oid:'));
		304	}
		305	}
		306	}
		307	$payload = array(
		308	"query" => $query, // we must repeat the query because we want to sign it
		309	"privacy_level" => $privacy_level,
227	daniel-mar	310	"system_id" => OIDplus::getSystemId(false),
139	daniel-mar	311	"public_key" => OIDplus::config()->getValue('oidplus_public_key'),
		312	"system_url" => $system_url,
		313	"hide_system_url" => 0,
		314	"hide_public_key" => 0,
		315	"admin_email" => OIDplus::config()->getValue('admin_email'),
257	daniel-mar	316	"system_title" => OIDplus::config()->getValue('system_title'),
139	daniel-mar	317	"oidinfo_xml" => @base64_encode($oidinfo_xml),
170	daniel-mar	318	"root_oids" => $root_oids,
		319	"system_version" => OIDplus::getVersion(),
		320	"system_install_type" => OIDplus::getInstallType()
139	daniel-mar	321	);
		322
		323	$signature = '';
465	daniel-mar	324	if (!OIDplus::getPkiStatus() \|\| !@openssl_sign(json_encode($payload), $signature, OIDplus::config()->getValue('oidplus_private_key'))) {
396	daniel-mar	325	return false; // throw new OIDplusException(_L('Signature failed'));
239	daniel-mar	326	}
139	daniel-mar	327
		328	$data = array(
		329	"payload" => $payload,
		330	"signature" => base64_encode($signature)
		331	);
		332
463	daniel-mar	333
484	daniel-mar	334	if (!function_exists('curl_init')) {
464	daniel-mar	335	return false; // throw new Exception(_L('The "%1" PHP extension is not installed at your system. Please enable the PHP extension <code>%2</code>.','CURL','php_curl'));
463	daniel-mar	336	}
		337
139	daniel-mar	338	$ch = curl_init();
496	daniel-mar	339	if (ini_get('curl.cainfo') == '') curl_setopt($ch, CURLOPT_CAINFO, OIDplus::localpath() . '3p/certs/cacert.pem');
139	daniel-mar	340	curl_setopt($ch, CURLOPT_URL, 'https://oidplus.viathinksoft.com/reg2/query.php');
		341	curl_setopt($ch, CURLOPT_POST, 1);
464	daniel-mar	342	if (function_exists('gzdeflate')) {
		343	$compressed = "1";
		344	$data2 = gzdeflate(json_encode($data));
		345	} else {
		346	$compressed = "0";
		347	$data2 = json_encode($data);
		348	}
		349	curl_setopt($ch, CURLOPT_POSTFIELDS, "query=".urlencode($query)."&compressed=$compressed&data=".urlencode(base64_encode($data2)));
139	daniel-mar	350	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
		351	curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
		352	curl_setopt($ch, CURLOPT_AUTOREFERER, true);
239	daniel-mar	353	if (!($res = @curl_exec($ch))) {
360	daniel-mar	354	return false; // throw new OIDplusException(_L('Communication with ViaThinkSoft server failed: %1',curl_error($ch)));
239	daniel-mar	355	}
139	daniel-mar	356	curl_close($ch);
206	daniel-mar	357
370	daniel-mar	358	$json = @json_decode($res, true);
		359
		360	if (!$json) {
		361	return false; // throw new OIDplusException(_L('JSON reply from ViaThinkSoft decoding error: %1',$res));
		362	}
		363
381	daniel-mar	364	if (isset($json['error']) \|\| ($json['status'] < 0)) {
		365	if (isset($json['error'])) {
		366	return false; // throw new OIDplusException(_L('Received error status code: %1',$json['error']));
		367	} else {
		368	return false; // throw new OIDplusException(_L('Received error status code: %1',$json['status']));
		369	}
		370	} else if ($json['status'] == 99/Hash conflict/) {
288	daniel-mar	371	OIDplus::logger()->log("[WARN]A!", "Removing SystemID and key pair because there is a hash conflict with another OIDplus system!");
206	daniel-mar	372
		373	// Delete the system ID since we have a conflict with the 31-bit hash!
		374	OIDplus::config()->setValue('oidplus_private_key', '');
		375	OIDplus::config()->setValue('oidplus_public_key', '');
		376
		377	// Try to generate a new system ID
227	daniel-mar	378	OIDplus::getPkiStatus(true);
206	daniel-mar	379
370	daniel-mar	380	// Enforce a new registration attempt at the next page visit
206	daniel-mar	381	// We will not try again here, because that might lead to an endless loop if the VTS server would always return 'HASH_CONFLCIT'
		382	OIDplus::config()->setValue('reg_last_ping', 0);
		383	}
139	daniel-mar	384	}
		385	}
		386
		387	public function init($html=true) {
463	daniel-mar	388	// Note: It is important that the default value is '2', otherwise, systems which don't have CURL will fail
		389	OIDplus::config()->prepareConfigKey('reg_privacy', '2=Hide your system, 1=Register your system to the ViaThinkSoft directory and oid-info.com, 0=Publish your system to ViaThinkSoft directory and all public contents (RA/OID) to oid-info.com', '2', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
263	daniel-mar	390	if (($value != '0') && ($value != '1') && ($value != '2')) {
360	daniel-mar	391	throw new OIDplusException(_L('Please enter either 0, 1 or 2.'));
263	daniel-mar	392	}
		393	// Now do a recheck and notify the ViaThinkSoft server
316	daniel-mar	394	if (($value == 2) \|\| !OIDplus::baseConfig()->getValue('REGISTRATION_HIDE_SYSTEM', false)) {
		395	OIDplus::config()->setValue('reg_last_ping', 0);
		396	$this->sendRegistrationQuery($value);
		397	}
263	daniel-mar	398	});
		399	OIDplus::config()->prepareConfigKey('reg_ping_interval', 'Registration ping interval (in seconds)', '3600', OIDplusConfig::PROTECTION_HIDDEN, function($value) {
277	daniel-mar	400
263	daniel-mar	401	});
		402	OIDplus::config()->prepareConfigKey('reg_last_ping', 'Last ping to ViaThinkSoft directory services', '0', OIDplusConfig::PROTECTION_HIDDEN, function($value) {
277	daniel-mar	403
263	daniel-mar	404	});
362	daniel-mar	405	OIDplus::config()->prepareConfigKey('oobe_registration_done', '"Out Of Box Experience" wizard for OIDplusPageAdminRegistration done once?', '0', OIDplusConfig::PROTECTION_HIDDEN, function($value) {});
277	daniel-mar	406
292	daniel-mar	407	// Is it time to register / renew the directory entry?
294	daniel-mar	408	// Note: REGISTRATION_HIDE_SYSTEM is an undocumented constant that can be put in the userdata/baseconfig/config.inc.php files of a test system accessing the same database as the productive system that is registered.
292	daniel-mar	409	// This avoids that the URL of a productive system is overridden with the URL of a cloned test system (since they use the same database, they also have the same system ID)
277	daniel-mar	410
463	daniel-mar	411	if (OIDplus::config()->getValue('oobe_registration_done') == '1') {
		412	if (!OIDplus::baseConfig()->getValue('REGISTRATION_HIDE_SYSTEM', false)) {
		413	$privacy_level = OIDplus::config()->getValue('reg_privacy');
139	daniel-mar	414
463	daniel-mar	415	if (PHP_SAPI !== 'cli') { // don't register when called from CLI, otherwise the oidinfo XML can't convert relative links into absolute links
		416	if ((time()-OIDplus::config()->getValue('reg_last_ping') >= OIDplus::config()->getValue('reg_ping_interval'))) {
		417	$this->sendRegistrationQuery();
		418	}
139	daniel-mar	419	}
		420	}
		421	}
		422	}
		423
		424	public function tree(&$json, $ra_email=null, $nonjs=false, $req_goto='') {
281	daniel-mar	425	if (!OIDplus::authUtils()::isAdminLoggedIn()) return false;
292	daniel-mar	426
139	daniel-mar	427	if (file_exists(__DIR__.'/treeicon.png')) {
241	daniel-mar	428	$tree_icon = OIDplus::webpath(__DIR__).'treeicon.png';
139	daniel-mar	429	} else {
		430	$tree_icon = null; // default icon (folder)
		431	}
		432
		433	$json[] = array(
141	daniel-mar	434	'id' => 'oidplus:srv_registration',
139	daniel-mar	435	'icon' => $tree_icon,
360	daniel-mar	436	'text' => _L('System registration')
139	daniel-mar	437	);
		438
		439	return true;
		440	}
		441
		442	public function tree_search($request) {
		443	return false;
		444	}
292	daniel-mar	445
		446	public function implementsFeature($id) {
370	daniel-mar	447	if (strtolower($id) == '1.3.6.1.4.1.37476.2.5.2.3.1') return true; // oobeEntry, oobeRequested
292	daniel-mar	448	return false;
		449	}
		450
362	daniel-mar	451	public function oobeRequested(): bool {
		452	// Interface 1.3.6.1.4.1.37476.2.5.2.3.1
370	daniel-mar	453
362	daniel-mar	454	return OIDplus::config()->getValue('oobe_registration_done') == '0';
		455	}
		456
292	daniel-mar	457	public function oobeEntry($step, $do_edits, &$errors_happened)/: void/ {
		458	// Interface 1.3.6.1.4.1.37476.2.5.2.3.1
		459
360	daniel-mar	460	echo '<p><u>'._L('Step %1: System registration and automatic publishing (optional)',$step).'</u></p>';
370	daniel-mar	461
362	daniel-mar	462	if (file_exists(__DIR__ . '/info$'.OIDplus::getCurrentLang().'.html')) {
		463	$info = file_get_contents(__DIR__ . '/info$'.OIDplus::getCurrentLang().'.html');
		464	} else {
		465	$info = file_get_contents(__DIR__ . '/info.html');
		466	}
292	daniel-mar	467
362	daniel-mar	468	// make sure the program works even if the user provided HTML is not UTF-8
		469	$info = iconv(mb_detect_encoding($info, mb_detect_order(), true), 'UTF-8//IGNORE', $info);
		470	$bom = pack('H*','EFBBBF');
		471	$info = preg_replace("/^$bom/", '', $info);
292	daniel-mar	472
362	daniel-mar	473	echo $info;
		474
484	daniel-mar	475	if (!function_exists('curl_init')) {
360	daniel-mar	476	echo '<p><font color="red">';
464	daniel-mar	477	echo _L('The "%1" PHP extension is not installed at your system. Please enable the PHP extension <code>%2</code>.','CURL','php_curl').' ';
360	daniel-mar	478	echo _L('Therefore, you <b>cannot</b> register your OIDplus instance now.');
		479	echo '</font></p>';
362	daniel-mar	480	if ($do_edits) {
		481	OIDplus::config()->setValue('oobe_registration_done', '1');
		482	}
353	daniel-mar	483	return;
		484	}
		485
		486	$testurl = 'https://www.google.com/';
		487	$ch = curl_init();
496	daniel-mar	488	if (ini_get('curl.cainfo') == '') curl_setopt($ch, CURLOPT_CAINFO, OIDplus::localpath() . '3p/certs/cacert.pem');
353	daniel-mar	489	curl_setopt($ch, CURLOPT_URL, $testurl);
		490	curl_setopt($ch, CURLOPT_HEADER, TRUE);
		491	curl_setopt($ch, CURLOPT_NOBODY, TRUE);
		492	curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
		493	curl_exec($ch);
		494	$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
		495	curl_close($ch);
		496	if (!$httpCode) {
360	daniel-mar	497	echo '<p><font color="red">';
463	daniel-mar	498	echo _L('The "CURL" PHP extension cannot access HTTPS webpages. Therefore, you cannot use this feature. Please download <a href="https://curl.haxx.se/ca/cacert.pem">cacert.pem</a>, place it somewhere and then adjust the setting <code>curl.cainfo</code> in PHP.ini.').' ';
360	daniel-mar	499	echo _L('Therefore, you <b>cannot</b> register your OIDplus instance now.');
		500	echo '</font></p>';
362	daniel-mar	501	if ($do_edits) {
		502	OIDplus::config()->setValue('oobe_registration_done', '1');
		503	}
353	daniel-mar	504	return;
		505	}
		506
292	daniel-mar	507	$pki_status = OIDplus::getPkiStatus();
		508
		509	if (!$pki_status) {
360	daniel-mar	510	echo '<p><font color="red">';
463	daniel-mar	511	echo _L('Your system could not generate a private/public key pair. (OpenSSL is probably missing on your system).').' ';
360	daniel-mar	512	echo _L('Therefore, you <b>cannot</b> register your OIDplus instance now.');
		513	echo '</font></p>';
362	daniel-mar	514	if ($do_edits) {
		515	OIDplus::config()->setValue('oobe_registration_done', '1');
		516	}
353	daniel-mar	517	return;
		518	}
292	daniel-mar	519
360	daniel-mar	520	echo '<p>'._L('Privacy level').':</p><select name="reg_privacy" id="reg_privacy">';
292	daniel-mar	521
353	daniel-mar	522	# ---
292	daniel-mar	523
353	daniel-mar	524	echo '<option value="0"';
		525	if (isset($_REQUEST['sent'])) {
		526	if (isset($_REQUEST['reg_privacy']) && ($_REQUEST['reg_privacy'] == 0)) echo ' selected';
		527	} else {
362	daniel-mar	528	if ((OIDplus::config()->getValue('reg_privacy') == 0) \|\| !OIDplus::config()->getValue('oobe_registration_done')) {
353	daniel-mar	529	echo ' selected';
292	daniel-mar	530	} else {
353	daniel-mar	531	echo '';
292	daniel-mar	532	}
353	daniel-mar	533	}
360	daniel-mar	534	echo '>'._L('0 = Register to directory service and automatically publish RA/OID data at oid-info.com').'</option>';
292	daniel-mar	535
353	daniel-mar	536	# ---
292	daniel-mar	537
353	daniel-mar	538	echo '<option value="1"';
		539	if (isset($_REQUEST['sent'])) {
		540	if (isset($_REQUEST['reg_privacy']) && ($_REQUEST['reg_privacy'] == 1)) echo ' selected';
		541	} else {
		542	if ((OIDplus::config()->getValue('reg_privacy') == 1)) {
		543	echo ' selected';
292	daniel-mar	544	} else {
353	daniel-mar	545	echo '';
292	daniel-mar	546	}
353	daniel-mar	547	}
360	daniel-mar	548	echo '>'._L('1 = Only register to directory service').'</option>';
292	daniel-mar	549
353	daniel-mar	550	# ---
292	daniel-mar	551
353	daniel-mar	552	echo '<option value="2"';
		553	if (isset($_REQUEST['sent'])) {
		554	if (isset($_REQUEST['reg_privacy']) && ($_REQUEST['reg_privacy'] == 2)) echo ' selected';
		555	} else {
		556	if ((OIDplus::config()->getValue('reg_privacy') == 2)) {
		557	echo ' selected';
292	daniel-mar	558	} else {
353	daniel-mar	559	echo '';
292	daniel-mar	560	}
353	daniel-mar	561	}
360	daniel-mar	562	echo '>'._L('2 = Hide system').'</option>';
292	daniel-mar	563
353	daniel-mar	564	# ---
292	daniel-mar	565
353	daniel-mar	566	echo '</select>';
292	daniel-mar	567
353	daniel-mar	568	$msg = '';
		569	if ($do_edits) {
		570	try {
		571	OIDplus::config()->setValue('reg_privacy', $_REQUEST['reg_privacy']);
362	daniel-mar	572	OIDplus::config()->setValue('oobe_registration_done', '1');
353	daniel-mar	573	} catch (Exception $e) {
		574	$msg = $e->getMessage();
		575	$errors_happened = true;
292	daniel-mar	576	}
353	daniel-mar	577	}
		578	echo ' <font color="red"><b>'.$msg.'</b></font>';
292	daniel-mar	579
360	daniel-mar	580	echo '<p>'._L('<i>Privacy information:</i> This setting can always be changed in the administrator login / control panel.').'<br>';
		581	echo _L('<a %1>Click here</a> for more information about privacy related topics.','href="../../../res/OIDplus/privacy_documentation.html" target="_blank"');
		582	echo '</p>';
292	daniel-mar	583	}
		584
463	daniel-mar	585	}

Subversion Repositories oidplus

oidplus/trunk/plugins/adminPages/120_registration/OIDplusPageAdminRegistration.class.php – Rev 496