/trunk/plugins/viathinksoft/adminPages/110_system_config/OIDplusPageAdminSystemConfig.class.php |
---|
26,48 → 26,39 |
class OIDplusPageAdminSystemConfig extends OIDplusPagePluginAdmin { |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Update(array $params): array { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
public function action(string $actionID, array $params): array { |
if ($actionID == 'config_update') { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
_CheckParamExists($params, 'name'); |
_CheckParamExists($params, 'value'); |
_CheckParamExists($params, 'name'); |
_CheckParamExists($params, 'value'); |
$name = $params['name']; |
$value = $params['value']; |
$name = $params['name']; |
$value = $params['value']; |
$res = OIDplus::db()->query("select protected, visible from ###config where name = ?", array($name)); |
if (!$res->any()) { |
throw new OIDplusException(_L('Setting does not exist')); |
} |
$row = $res->fetch_array(); |
if (($row['protected'] == 1) || ($row['visible'] == 0)) { |
throw new OIDplusException(_L("Setting %1 is read-only",$name)); |
} |
$res = OIDplus::db()->query("select protected, visible from ###config where name = ?", array($name)); |
if (!$res->any()) { |
throw new OIDplusException(_L('Setting does not exist')); |
} |
$row = $res->fetch_array(); |
if (($row['protected'] == 1) || ($row['visible'] == 0)) { |
throw new OIDplusException(_L("Setting %1 is read-only",$name)); |
} |
$old_value = OIDplus::config()->getValue($name, ''); |
OIDplus::config()->setValue($name, $value); |
if ($old_value != $value) { |
OIDplus::logger()->log("V2:[OK/INFO]A", "Changed system config setting '%1' from '%2' to '%3'", $name, $old_value, $value); |
} |
$old_value = OIDplus::config()->getValue($name, ''); |
OIDplus::config()->setValue($name, $value); |
if ($old_value != $value) { |
OIDplus::logger()->log("V2:[OK/INFO]A", "Changed system config setting '%1' from '%2' to '%3'", $name, $old_value, $value); |
} |
return array("status" => 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'config_update') { |
return $this->action_Update($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/adminPages/120_registration/OIDplusPageAdminRegistration.class.php |
---|
58,36 → 58,28 |
} |
/** |
* This action is called by the ViaThinkSoft server in order to verify that the system is in the ownership of the correct private key |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_VerifyPubKey(array $params): array { |
_CheckParamExists($params, 'challenge'); |
public function action(string $actionID, array $params): array { |
if ($actionID == 'verify_pubkey') { |
// This action is called by the ViaThinkSoft server in order to verify that the system is in the ownership of the correct private key |
$payload = 'oidplus-verify-pubkey:'.sha3_512($params['challenge']); |
_CheckParamExists($params, 'challenge'); |
$signature = ''; |
if (!OIDplus::getPkiStatus() || !@openssl_sign($payload, $signature, OIDplus::getSystemPrivateKey())) { |
throw new OIDplusException(_L('Signature failed')); |
} |
$payload = 'oidplus-verify-pubkey:'.sha3_512($params['challenge']); |
return array( |
"status" => 0, |
"response" => base64_encode($signature) |
); |
} |
$signature = ''; |
if (!OIDplus::getPkiStatus() || !@openssl_sign($payload, $signature, OIDplus::getSystemPrivateKey())) { |
throw new OIDplusException(_L('Signature failed')); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'verify_pubkey') { |
return $this->action_VerifyPubKey($params); |
return array( |
"status" => 0, |
"response" => base64_encode($signature) |
); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/adminPages/130_create_ra/OIDplusPageAdminCreateRa.class.php |
---|
25,60 → 25,50 |
class OIDplusPageAdminCreateRa extends OIDplusPagePluginAdmin { |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Create(array $params): array { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
public function action(string $actionID, array $params): array { |
if ($actionID == 'create_ra') { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
_CheckParamExists($params, 'email'); |
_CheckParamExists($params, 'password1'); |
_CheckParamExists($params, 'password2'); |
_CheckParamExists($params, 'email'); |
_CheckParamExists($params, 'password1'); |
_CheckParamExists($params, 'password2'); |
$email = $params['email']; |
$password1 = $params['password1']; |
$password2 = $params['password2']; |
$email = $params['email']; |
$password1 = $params['password1']; |
$password2 = $params['password2']; |
if (!OIDplus::mailUtils()->validMailAddress($email)) { |
throw new OIDplusException(_L('eMail address is invalid.')); |
} |
if (!OIDplus::mailUtils()->validMailAddress($email)) { |
throw new OIDplusException(_L('eMail address is invalid.')); |
} |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($email)); // TODO: this should be a static function in the RA class |
if ($res->any()) { |
throw new OIDplusException(_L('RA does already exist')); |
} |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($email)); // TODO: this should be a static function in the RA class |
if ($res->any()) { |
throw new OIDplusException(_L('RA does already exist')); |
} |
if ($password1 !== $password2) { |
throw new OIDplusException(_L('Passwords do not match')); |
} |
if ($password1 !== $password2) { |
throw new OIDplusException(_L('Passwords do not match')); |
} |
if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) { |
$minlen = OIDplus::config()->getValue('ra_min_password_length'); |
throw new OIDplusException(_L('Password is too short. Need at least %1 characters',$minlen)); |
} |
if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) { |
$minlen = OIDplus::config()->getValue('ra_min_password_length'); |
throw new OIDplusException(_L('Password is too short. Need at least %1 characters',$minlen)); |
} |
OIDplus::logger()->log("V2:[INFO]RA(%1)+[OK/INFO]A", "RA '%1' was created by the admin, without email address verification or invitation", $email); |
OIDplus::logger()->log("V2:[INFO]RA(%1)+[OK/INFO]A", "RA '%1' was created by the admin, without email address verification or invitation", $email); |
$ra = new OIDplusRA($email); |
$ra->register_ra($password1); |
$ra = new OIDplusRA($email); |
$ra->register_ra($password1); |
return array("status" => 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'create_ra') { |
return $this->action_Create($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/adminPages/400_oidinfo_export/OIDplusPageAdminOIDInfoExport.class.php |
---|
38,146 → 38,129 |
/*private*/ const QUERY_GET_OIDINFO_DATA_V1 = '1.3.6.1.4.1.37476.2.5.2.1.6.1'; |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_ImportXml(array $params): array { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null,401); |
} |
public function action(string $actionID, array $params): array { |
if (!isset($_FILES['userfile'])) { |
throw new OIDplusException(_L('Please choose a file.')); |
} |
if ($actionID == 'import_xml_file') { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null,401); |
} |
$xml_contents = file_get_contents($_FILES['userfile']['tmp_name']); |
if (!isset($_FILES['userfile'])) { |
throw new OIDplusException(_L('Please choose a file.')); |
} |
$errors = array(); |
list($count_imported_oids, $count_already_existing, $count_errors, $count_warnings) = $this->oidinfoImportXML($xml_contents, $errors, $replaceExistingOIDs=false, $orphan_mode=self::ORPHAN_AUTO_DEORPHAN); |
if (count($errors) > 0) { |
// Note: These "errors" can also be warnings (partial success) |
// TODO: since the output can be very long, should we really show it in a JavaScript alert() ?! |
return array( |
"status" => -1, |
"count_imported_oids" => $count_imported_oids, |
"count_already_existing" => $count_already_existing, |
"count_errors" => $count_errors, |
"count_warnings" => $count_warnings, |
"error" => implode("\n",$errors) |
); |
} else { |
return array( |
"status" => 0, |
"count_imported_oids" => $count_imported_oids, |
"count_already_existing" => $count_already_existing, |
"count_errors" => $count_errors, |
"count_warnings" => $count_warnings |
); |
} |
} |
$xml_contents = file_get_contents($_FILES['userfile']['tmp_name']); |
/** |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_ImportOidInfo(array $params): array { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
$errors = array(); |
list($count_imported_oids, $count_already_existing, $count_errors, $count_warnings) = $this->oidinfoImportXML($xml_contents, $errors, $replaceExistingOIDs=false, $orphan_mode=self::ORPHAN_AUTO_DEORPHAN); |
if (count($errors) > 0) { |
// Note: These "errors" can also be warnings (partial success) |
// TODO: since the output can be very long, should we really show it in a JavaScript alert() ?! |
return array( |
"status" => -1, |
"count_imported_oids" => $count_imported_oids, |
"count_already_existing" => $count_already_existing, |
"count_errors" => $count_errors, |
"count_warnings" => $count_warnings, |
"error" => implode("\n",$errors) |
); |
} else { |
return array( |
"status" => 0, |
"count_imported_oids" => $count_imported_oids, |
"count_already_existing" => $count_already_existing, |
"count_errors" => $count_errors, |
"count_warnings" => $count_warnings |
); |
} |
} else if ($actionID == 'import_oidinfo_oid') { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
_CheckParamExists($params, 'oid'); |
_CheckParamExists($params, 'oid'); |
$oid = $params['oid']; |
$oid = $params['oid']; |
$query = self::QUERY_GET_OIDINFO_DATA_V1; |
$query = self::QUERY_GET_OIDINFO_DATA_V1; |
$payload = array( |
"query" => $query, // we must repeat the query because we want to sign it |
"system_id" => OIDplus::getSystemId(false), |
"oid" => $oid |
); |
$payload = array( |
"query" => $query, // we must repeat the query because we want to sign it |
"system_id" => OIDplus::getSystemId(false), |
"oid" => $oid |
); |
$signature = ''; |
if (!OIDplus::getPkiStatus() || !@openssl_sign(json_encode($payload), $signature, OIDplus::getSystemPrivateKey())) { |
if (!OIDplus::getPkiStatus()) { |
throw new OIDplusException(_L('Error: Your system could not generate a private/public key pair. (OpenSSL is probably missing on your system). Therefore, you cannot register/unregister your OIDplus instance.')); |
} else { |
throw new OIDplusException(_L('Signature failed')); |
$signature = ''; |
if (!OIDplus::getPkiStatus() || !@openssl_sign(json_encode($payload), $signature, OIDplus::getSystemPrivateKey())) { |
if (!OIDplus::getPkiStatus()) { |
throw new OIDplusException(_L('Error: Your system could not generate a private/public key pair. (OpenSSL is probably missing on your system). Therefore, you cannot register/unregister your OIDplus instance.')); |
} else { |
throw new OIDplusException(_L('Signature failed')); |
} |
} |
} |
$data = array( |
"payload" => $payload, |
"signature" => base64_encode($signature) |
); |
$data = array( |
"payload" => $payload, |
"signature" => base64_encode($signature) |
); |
if (OIDplus::getEditionInfo()['vendor'] != 'ViaThinkSoft') { |
// The oid-info.com import functionality is a confidential API between ViaThinkSoft and oid-info.com and cannot be used in forks of OIDplus |
throw new OIDplusException(_L('This feature is only available in the ViaThinkSoft edition of OIDplus')); |
} |
if (OIDplus::getEditionInfo()['vendor'] != 'ViaThinkSoft') { |
// The oid-info.com import functionality is a confidential API between ViaThinkSoft and oid-info.com and cannot be used in forks of OIDplus |
throw new OIDplusException(_L('This feature is only available in the ViaThinkSoft edition of OIDplus')); |
} |
if (function_exists('gzdeflate')) { |
$compressed = "1"; |
$data2 = gzdeflate(json_encode($data)); |
} else { |
$compressed = "0"; |
$data2 = json_encode($data); |
} |
if (function_exists('gzdeflate')) { |
$compressed = "1"; |
$data2 = gzdeflate(json_encode($data)); |
} else { |
$compressed = "0"; |
$data2 = json_encode($data); |
} |
$res_curl = url_post_contents( |
'https://oidplus.viathinksoft.com/reg2/query.php', |
array( |
"query" => $query, |
"compressed" => $compressed, |
"data" => base64_encode($data2) |
) |
); |
$res_curl = url_post_contents( |
'https://oidplus.viathinksoft.com/reg2/query.php', |
array( |
"query" => $query, |
"compressed" => $compressed, |
"data" => base64_encode($data2) |
) |
); |
if ($res_curl === false) { |
throw new OIDplusException(_L('Communication with %1 server failed', 'ViaThinkSoft')); |
} |
if ($res_curl === false) { |
throw new OIDplusException(_L('Communication with %1 server failed', 'ViaThinkSoft')); |
} |
$json = @json_decode($res_curl, true); |
$json = @json_decode($res_curl, true); |
if (!$json) { |
return array( |
"status" => -1, |
"error" => _L('JSON reply from ViaThinkSoft decoding error: %1',$res_curl) |
); |
} |
if (!$json) { |
return array( |
"status" => -1, |
"error" => _L('JSON reply from ViaThinkSoft decoding error: %1',$res_curl) |
); |
} |
if (isset($json['error']) || ($json['status'] < 0)) { |
return array( |
"status" => -1, |
"error" => $json['error'] ?? _L('Received error status code: %1', $json['status']) |
); |
} |
if (isset($json['error']) || ($json['status'] < 0)) { |
return array( |
"status" => -1, |
"error" => $json['error'] ?? _L('Received error status code: %1', $json['status']) |
); |
} |
$errors = array(); |
list($count_imported_oids, $count_already_existing, $count_errors, $count_warnings) = $this->oidinfoImportXML('<oid-database>'.$json['xml'].'</oid-database>', $errors, $replaceExistingOIDs=false, $orphan_mode=self::ORPHAN_DISALLOW_ORPHANS); |
if (count($errors) > 0) { |
return array("status" => -1, "error" => implode("\n",$errors)); |
} else if ($count_imported_oids <> 1) { |
return array("status" => -1, "error" => _L('Imported %1, but expected to import 1',$count_imported_oids)); |
$errors = array(); |
list($count_imported_oids, $count_already_existing, $count_errors, $count_warnings) = $this->oidinfoImportXML('<oid-database>'.$json['xml'].'</oid-database>', $errors, $replaceExistingOIDs=false, $orphan_mode=self::ORPHAN_DISALLOW_ORPHANS); |
if (count($errors) > 0) { |
return array("status" => -1, "error" => implode("\n",$errors)); |
} else if ($count_imported_oids <> 1) { |
return array("status" => -1, "error" => _L('Imported %1, but expected to import 1',$count_imported_oids)); |
} else { |
return array("status" => 0); |
} |
} else { |
return array("status" => 0); |
} |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'import_xml_file') { |
return $this->action_ImportXml($params); |
} else if ($actionID == 'import_oidinfo_oid') { |
return $this->action_ImportOidInfo($params); |
} else { |
return parent::action($actionID, $params); |
} |
} |
/trunk/plugins/viathinksoft/adminPages/700_colors/OIDplusPageAdminColors.class.php |
---|
65,41 → 65,32 |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Update(array $params): array { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
public function action(string $actionID, array $params): array { |
if ($actionID == 'color_update') { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
_CheckParamExists($params, 'hue_shift'); |
_CheckParamExists($params, 'sat_shift'); |
_CheckParamExists($params, 'val_shift'); |
_CheckParamExists($params, 'invcolors'); |
_CheckParamExists($params, 'theme'); |
_CheckParamExists($params, 'hue_shift'); |
_CheckParamExists($params, 'sat_shift'); |
_CheckParamExists($params, 'val_shift'); |
_CheckParamExists($params, 'invcolors'); |
_CheckParamExists($params, 'theme'); |
OIDplus::config()->setValue('color_hue_shift', $params['hue_shift']); |
OIDplus::config()->setValue('color_sat_shift', $params['sat_shift']); |
OIDplus::config()->setValue('color_val_shift', $params['val_shift']); |
OIDplus::config()->setValue('color_invert', $params['invcolors']); |
OIDplus::config()->setValue('design', $params['theme']); |
OIDplus::config()->setValue('color_hue_shift', $params['hue_shift']); |
OIDplus::config()->setValue('color_sat_shift', $params['sat_shift']); |
OIDplus::config()->setValue('color_val_shift', $params['val_shift']); |
OIDplus::config()->setValue('color_invert', $params['invcolors']); |
OIDplus::config()->setValue('design', $params['theme']); |
OIDplus::logger()->log("V2:[OK/INFO]A", "Changed system color theme"); |
OIDplus::logger()->log("V2:[OK/INFO]A", "Changed system color theme"); |
return array("status" => 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'color_update') { |
return $this->action_Update($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/adminPages/900_software_update/OIDplusPageAdminSoftwareUpdate.class.php |
---|
49,139 → 49,130 |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Update(array $params): array { |
@set_time_limit(0); |
public function action(string $actionID, array $params): array { |
if ($actionID == 'update_now') { |
@set_time_limit(0); |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
if (OIDplus::getInstallType() === 'git-wc') { |
$cmd = $this->getGitCommand().' 2>&1'; |
if (OIDplus::getInstallType() === 'git-wc') { |
$cmd = $this->getGitCommand().' 2>&1'; |
$ec = -1; |
$out = array(); |
exec($cmd, $out, $ec); |
$ec = -1; |
$out = array(); |
exec($cmd, $out, $ec); |
$res = _L('Execute command:').' '.$cmd."\n\n".trim(implode("\n",$out)); |
if ($ec === 0) { |
$rev = 'HEAD'; // do not translate |
return array("status" => 0, "content" => $res, "rev" => $rev); |
} else { |
return array("status" => -1, "error" => $res, "content" => ""); |
$res = _L('Execute command:').' '.$cmd."\n\n".trim(implode("\n",$out)); |
if ($ec === 0) { |
$rev = 'HEAD'; // do not translate |
return array("status" => 0, "content" => $res, "rev" => $rev); |
} else { |
return array("status" => -1, "error" => $res, "content" => ""); |
} |
} |
} |
else if (OIDplus::getInstallType() === 'svn-wc') { |
$cmd = $this->getSvnCommand().' 2>&1'; |
else if (OIDplus::getInstallType() === 'svn-wc') { |
$cmd = $this->getSvnCommand().' 2>&1'; |
$ec = -1; |
$out = array(); |
exec($cmd, $out, $ec); |
$ec = -1; |
$out = array(); |
exec($cmd, $out, $ec); |
$res = _L('Execute command:').' '.$cmd."\n\n".trim(implode("\n",$out)); |
if ($ec === 0) { |
$rev = 'HEAD'; // do not translate |
return array("status" => 0, "content" => $res, "rev" => $rev); |
} else { |
return array("status" => -1, "error" => $res, "content" => ""); |
$res = _L('Execute command:').' '.$cmd."\n\n".trim(implode("\n",$out)); |
if ($ec === 0) { |
$rev = 'HEAD'; // do not translate |
return array("status" => 0, "content" => $res, "rev" => $rev); |
} else { |
return array("status" => -1, "error" => $res, "content" => ""); |
} |
} |
} |
else if (OIDplus::getInstallType() === 'svn-snapshot') { |
else if (OIDplus::getInstallType() === 'svn-snapshot') { |
$rev = $params['rev']; |
$rev = $params['rev']; |
$update_version = $params['update_version'] ?? 1; |
if (($update_version != 1) && ($update_version != 2)) { |
throw new OIDplusException(_L('Unknown update version')); |
} |
$update_version = $params['update_version'] ?? 1; |
if (($update_version != 1) && ($update_version != 2)) { |
throw new OIDplusException(_L('Unknown update version')); |
} |
// Download and unzip |
// Download and unzip |
$cont = false; |
for ($retry=1; $retry<=3; $retry++) { |
if (function_exists('gzdecode')) { |
$url = sprintf(OIDplus::getEditionInfo()['update_package_gz'], $rev-1, $rev); |
$cont = url_get_contents($url); |
if ($cont !== false) $cont = @gzdecode($cont); |
} else { |
$url = sprintf(OIDplus::getEditionInfo()['update_package'], $rev-1, $rev); |
$cont = url_get_contents($url); |
$cont = false; |
for ($retry=1; $retry<=3; $retry++) { |
if (function_exists('gzdecode')) { |
$url = sprintf(OIDplus::getEditionInfo()['update_package_gz'], $rev-1, $rev); |
$cont = url_get_contents($url); |
if ($cont !== false) $cont = @gzdecode($cont); |
} else { |
$url = sprintf(OIDplus::getEditionInfo()['update_package'], $rev-1, $rev); |
$cont = url_get_contents($url); |
} |
if ($cont !== false) { |
break; |
} else { |
sleep(1); |
} |
} |
if ($cont !== false) { |
break; |
} else { |
sleep(1); |
} |
} |
if ($cont === false) throw new OIDplusException(_L("Update %1 could not be downloaded from ViaThinkSoft server. Please try again later.",$rev)); |
if ($cont === false) throw new OIDplusException(_L("Update %1 could not be downloaded from ViaThinkSoft server. Please try again later.",$rev)); |
// Check signature... |
// Check signature... |
if (function_exists('openssl_verify')) { |
if (function_exists('openssl_verify')) { |
$m = array(); |
if (!preg_match('@<\?php /\* <ViaThinkSoftSignature>(.+)</ViaThinkSoftSignature> \*/ \?>\n@ismU', $cont, $m)) { |
throw new OIDplusException(_L("Update package file of revision %1 not digitally signed",$rev)); |
} |
$signature = base64_decode($m[1]); |
$m = array(); |
if (!preg_match('@<\?php /\* <ViaThinkSoftSignature>(.+)</ViaThinkSoftSignature> \*/ \?>\n@ismU', $cont, $m)) { |
throw new OIDplusException(_L("Update package file of revision %1 not digitally signed",$rev)); |
} |
$signature = base64_decode($m[1]); |
$naked = preg_replace('@<\?php /\* <ViaThinkSoftSignature>(.+)</ViaThinkSoftSignature> \*/ \?>\n@ismU', '', $cont); |
$hash = hash("sha256", $naked."update_".($rev-1)."_to_".($rev).".txt"); |
$naked = preg_replace('@<\?php /\* <ViaThinkSoftSignature>(.+)</ViaThinkSoftSignature> \*/ \?>\n@ismU', '', $cont); |
$hash = hash("sha256", $naked."update_".($rev-1)."_to_".($rev).".txt"); |
$public_key = file_get_contents(__DIR__.'/public.pem'); |
if (!openssl_verify($hash, $signature, $public_key, OPENSSL_ALGO_SHA256)) { |
throw new OIDplusException(_L("Update package file of revision %1: Signature invalid",$rev)); |
$public_key = file_get_contents(__DIR__.'/public.pem'); |
if (!openssl_verify($hash, $signature, $public_key, OPENSSL_ALGO_SHA256)) { |
throw new OIDplusException(_L("Update package file of revision %1: Signature invalid",$rev)); |
} |
} |
} |
// All OK! Now write the file |
// All OK! Now write the file |
$tmp_filename = 'update_'.generateRandomString(10).'.tmp.php'; |
$local_file = OIDplus::localpath().$tmp_filename; |
$tmp_filename = 'update_'.generateRandomString(10).'.tmp.php'; |
$local_file = OIDplus::localpath().$tmp_filename; |
@file_put_contents($local_file, $cont); |
@file_put_contents($local_file, $cont); |
if (!file_exists($local_file) || (@file_get_contents($local_file) !== $cont)) { |
throw new OIDplusException(_L('Update file could not written. Probably there are no write-permissions to the root folder.')); |
} |
if (!file_exists($local_file) || (@file_get_contents($local_file) !== $cont)) { |
throw new OIDplusException(_L('Update file could not written. Probably there are no write-permissions to the root folder.')); |
} |
if ($update_version == 1) { |
// Now call the written file |
// Note: we may not use eval($cont) because the script uses die(), |
// and things in the script might collide with currently (un)loaded source code files, shutdown procedues, etc. |
$web_file = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE).$tmp_filename; // NOT canonical URL! This might fail with reverse proxies which can only be executed from outside |
$res = url_get_contents($web_file); |
if ($res === false) { |
throw new OIDplusException(_L('Update-script %1 could not be executed',$web_file)); |
if ($update_version == 1) { |
// Now call the written file |
// Note: we may not use eval($cont) because the script uses die(), |
// and things in the script might collide with currently (un)loaded source code files, shutdown procedues, etc. |
$web_file = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE).$tmp_filename; // NOT canonical URL! This might fail with reverse proxies which can only be executed from outside |
$res = url_get_contents($web_file); |
if ($res === false) { |
throw new OIDplusException(_L('Update-script %1 could not be executed',$web_file)); |
} |
return array("status" => 0, "content" => $res, "rev" => $rev); |
} else if ($update_version == 2) { |
// In this version, the client will call the web-update file. |
// This has the advantage that it will also work if the system is htpasswd protected |
return array("status" => 0, "update_file" => $tmp_filename, "rev" => $rev); |
} else { |
throw new OIDplusException(_L("Unexpected update version")); |
} |
return array("status" => 0, "content" => $res, "rev" => $rev); |
} else if ($update_version == 2) { |
// In this version, the client will call the web-update file. |
// This has the advantage that it will also work if the system is htpasswd protected |
return array("status" => 0, "update_file" => $tmp_filename, "rev" => $rev); |
} else { |
throw new OIDplusException(_L("Unexpected update version")); |
} |
} |
else { |
throw new OIDplusException(_L('Multiple version files/directories (oidplus_version.txt, .version.php, .git, or .svn) are existing! Therefore, the version is ambiguous!')); |
} |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'update_now') { |
return $this->action_Update($params); |
else { |
throw new OIDplusException(_L('Multiple version files/directories (oidplus_version.txt, .version.php, .git, or .svn) are existing! Therefore, the version is ambiguous!')); |
} |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/adminPages/910_automated_ajax_calls/OIDplusPageAdminAutomatedAJAXCalls.class.php |
---|
29,36 → 29,27 |
class OIDplusPageAdminAutomatedAJAXCalls extends OIDplusPagePluginAdmin { |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Blacklist(array $params): array { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
public function action(string $actionID, array $params): array { |
if ($actionID == 'blacklistJWT') { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
if (!OIDplus::baseConfig()->getValue('JWT_ALLOW_AJAX_ADMIN', true)) { |
throw new OIDplusException(_L('The administrator has disabled this feature. (Base configuration setting %1).','JWT_ALLOW_AJAX_ADMIN')); |
} |
if (!OIDplus::baseConfig()->getValue('JWT_ALLOW_AJAX_ADMIN', true)) { |
throw new OIDplusException(_L('The administrator has disabled this feature. (Base configuration setting %1).','JWT_ALLOW_AJAX_ADMIN')); |
} |
$gen = OIDplusAuthContentStoreJWT::JWT_GENERATOR_AJAX; |
$sub = 'admin'; |
$gen = OIDplusAuthContentStoreJWT::JWT_GENERATOR_AJAX; |
$sub = 'admin'; |
OIDplusAuthContentStoreJWT::jwtBlacklist($gen, $sub); |
OIDplusAuthContentStoreJWT::jwtBlacklist($gen, $sub); |
return array("status" => 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'blacklistJWT') { |
return $this->action_Blacklist($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/adminPages/911_rest_api/OIDplusPageAdminRestApi.class.php |
---|
29,36 → 29,27 |
class OIDplusPageAdminRestApi extends OIDplusPagePluginAdmin { |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Blacklist(array $params): array { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
public function action(string $actionID, array $params): array { |
if ($actionID == 'blacklistJWT') { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), null, 401); |
} |
if (!OIDplus::baseConfig()->getValue('JWT_ALLOW_REST_ADMIN', true)) { |
throw new OIDplusException(_L('The administrator has disabled this feature. (Base configuration setting %1).','JWT_ALLOW_REST_ADMIN')); |
} |
if (!OIDplus::baseConfig()->getValue('JWT_ALLOW_REST_ADMIN', true)) { |
throw new OIDplusException(_L('The administrator has disabled this feature. (Base configuration setting %1).','JWT_ALLOW_REST_ADMIN')); |
} |
$gen = OIDplusAuthContentStoreJWT::JWT_GENERATOR_REST; |
$sub = 'admin'; |
$gen = OIDplusAuthContentStoreJWT::JWT_GENERATOR_REST; |
$sub = 'admin'; |
OIDplusAuthContentStoreJWT::jwtBlacklist($gen, $sub); |
OIDplusAuthContentStoreJWT::jwtBlacklist($gen, $sub); |
return array("status" => 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'blacklistJWT') { |
return $this->action_Blacklist($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/captcha/vts_challenge/OIDplusCaptchaPluginVtsClientChallenge.class.php |
---|
49,45 → 49,36 |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_GetChallenge(array $params): array { |
$offset = 0; // doesn't matter |
$min = $offset; |
$max = $offset + OIDplus::baseConfig()->getValue('VTS_CAPTCHA_COMPLEXITY', 50000); |
if ($max > mt_getrandmax()) $max = mt_getrandmax(); |
public function action(string $actionID, array $params): array { |
if ($actionID == 'get_challenge') { |
$offset = 0; // doesn't matter |
$min = $offset; |
$max = $offset + OIDplus::baseConfig()->getValue('VTS_CAPTCHA_COMPLEXITY', 50000); |
if ($max > mt_getrandmax()) $max = mt_getrandmax(); |
$starttime = time(); |
$random = mt_rand($min,$max); |
$ip_target = $_SERVER['REMOTE_ADDR'] ?? 'unknown'; |
$challenge = sha3_512($starttime.'/'.$ip_target.'/'.$random); // $random is secret! |
$challenge_integrity = OIDplus::authUtils()->makeAuthKey(['797bfc34-f4fa-11ed-86ca-3c4a92df8582',$challenge]); |
$send_to_client = array($starttime, $ip_target, $challenge, $min, $max, $challenge_integrity); |
$starttime = time(); |
$random = mt_rand($min,$max); |
$ip_target = $_SERVER['REMOTE_ADDR'] ?? 'unknown'; |
$challenge = sha3_512($starttime.'/'.$ip_target.'/'.$random); // $random is secret! |
$challenge_integrity = OIDplus::authUtils()->makeAuthKey(['797bfc34-f4fa-11ed-86ca-3c4a92df8582',$challenge]); |
$send_to_client = array($starttime, $ip_target, $challenge, $min, $max, $challenge_integrity); |
$open_trans_file = self::getOpenTransFileName($ip_target, $random); |
if (@file_put_contents($open_trans_file, '') === false) { |
throw new OIDplusException(_L('Cannot write file %1', $open_trans_file)); |
} |
$open_trans_file = self::getOpenTransFileName($ip_target, $random); |
if (@file_put_contents($open_trans_file, '') === false) { |
throw new OIDplusException(_L('Cannot write file %1', $open_trans_file)); |
} |
return array( |
"status" => 0, |
"challenge" => $send_to_client, |
// Autosolve on=calculate result on page load; off=calculate result on form submit |
"autosolve" => OIDplus::baseConfig()->getValue('VTS_CAPTCHA_AUTOSOLVE', true) |
); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'get_challenge') { |
return $this->action_GetChallenge($params); |
return array( |
"status" => 0, |
"challenge" => $send_to_client, |
// Autosolve on=calculate result on page load; off=calculate result on form submit |
"autosolve" => OIDplus::baseConfig()->getValue('VTS_CAPTCHA_AUTOSOLVE', true) |
); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/objectTypes/mac/OIDplusObjectTypePluginMac.class.php |
---|
35,48 → 35,39 |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_GenerateAAI(array $params): array { |
_CheckParamExists($params, 'aai_bits'); |
_CheckParamExists($params, 'aai_multicast'); |
public function action(string $actionID, array $params): array { |
if ($actionID == 'generate_aai') { |
_CheckParamExists($params, 'aai_bits'); |
_CheckParamExists($params, 'aai_multicast'); |
if (($params['aai_bits'] != '48') && ($params['aai_bits'] != '64')) { |
throw new OIDplusException(_L("Invalid bit amount")); |
} |
if (($params['aai_bits'] != '48') && ($params['aai_bits'] != '64')) { |
throw new OIDplusException(_L("Invalid bit amount")); |
} |
$aai = ''; |
for ($i=0; $i<$params['aai_bits']/4; $i++) { |
try { |
$aai .= dechex(random_int(0, 15)); |
} catch (\Exception $e) { |
$aai .= dechex(mt_rand(0, 15)); |
$aai = ''; |
for ($i=0; $i<$params['aai_bits']/4; $i++) { |
try { |
$aai .= dechex(random_int(0, 15)); |
} catch (\Exception $e) { |
$aai .= dechex(mt_rand(0, 15)); |
} |
} |
} |
if ($params['aai_multicast'] == 'true') { |
$aai[1] = '3'; |
} else { |
$aai[1] = '2'; |
} |
if ($params['aai_multicast'] == 'true') { |
$aai[1] = '3'; |
} else { |
$aai[1] = '2'; |
} |
$aai = strtoupper($aai); |
$aai = rtrim(chunk_split($aai, 2, '-'), '-'); |
$aai = strtoupper($aai); |
$aai = rtrim(chunk_split($aai, 2, '-'), '-'); |
return array("status" => 0, "aai" => $aai); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'generate_aai') { |
return $this->action_GenerateAAI($params); |
return array("status" => 0, "aai" => $aai); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/publicPages/001_ra_base/OIDplusPagePublicRaBaseUtils.class.php |
---|
27,47 → 27,44 |
class OIDplusPagePublicRaBaseUtils extends OIDplusPagePluginPublic { |
/** |
* @param array $params email |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Delete(array $params): array { |
_CheckParamExists($params, 'email'); |
public function action(string $actionID, array $params): array { |
$email = $params['email']; |
// Action: delete_ra |
// Method: POST |
// Parameters: email |
// Outputs: Text |
if ($actionID == 'delete_ra') { |
_CheckParamExists($params, 'email'); |
$ra_logged_in = OIDplus::authUtils()->isRaLoggedIn($email); |
$email = $params['email']; |
if (!OIDplus::authUtils()->isAdminLoggedIn() && !$ra_logged_in) { |
throw new OIDplusException(_L('Authentication error. Please log in.'), null, 401); |
} |
$ra_logged_in = OIDplus::authUtils()->isRaLoggedIn($email); |
if ($ra_logged_in) OIDplus::authUtils()->raLogout($email); |
if (!OIDplus::authUtils()->isAdminLoggedIn() && !$ra_logged_in) { |
throw new OIDplusException(_L('Authentication error. Please log in.'), null, 401); |
} |
$ra = new OIDplusRA($email); |
if (!$ra->existing()) { |
throw new OIDplusException(_L('RA "%1" does not exist.',$email)); |
} |
$ra->delete(); |
$ra = null; |
if ($ra_logged_in) OIDplus::authUtils()->raLogout($email); |
OIDplus::logger()->log("V2:[OK/WARN]RA(%1)+[OK/INFO]A", "RA '%1' deleted", $email); |
$ra = new OIDplusRA($email); |
if (!$ra->existing()) { |
throw new OIDplusException(_L('RA "%1" does not exist.',$email)); |
} |
$ra->delete(); |
$ra = null; |
return array("status" => 0); |
} |
OIDplus::logger()->log("V2:[OK/WARN]RA(%1)+[OK/INFO]A", "RA '%1' deleted", $email); |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'delete_ra') { |
return $this->action_Delete($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |
} |
/** |
/trunk/plugins/viathinksoft/publicPages/090_login/OIDplusPagePublicLogin.class.php |
---|
26,116 → 26,90 |
class OIDplusPagePublicLogin extends OIDplusPagePluginPublic { |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_RaLogin(array $params): array { |
OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
public function action(string $actionID, array $params): array { |
// === RA LOGIN/LOGOUT === |
_CheckParamExists($params, 'email'); |
_CheckParamExists($params, 'password'); |
if ($actionID == 'ra_login') { |
OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
$email = $params['email']; |
$ra = new OIDplusRA($email); |
_CheckParamExists($params, 'email'); |
_CheckParamExists($params, 'password'); |
if (empty($email)) { |
throw new OIDplusException(_L('Please enter a valid email address')); |
} |
$email = $params['email']; |
$ra = new OIDplusRA($email); |
if ($ra->checkPassword($params['password'])) { |
$remember_me = isset($params['remember_me']) && ($params['remember_me']); |
OIDplus::authUtils()->raLoginEx($email, $remember_me, 'Regular login'); |
if (empty($email)) { |
throw new OIDplusException(_L('Please enter a valid email address')); |
} |
$authInfo = OIDplus::authUtils()->raGeneratePassword($params['password']); |
if ($ra->checkPassword($params['password'])) { |
$remember_me = isset($params['remember_me']) && ($params['remember_me']); |
OIDplus::authUtils()->raLoginEx($email, $remember_me, 'Regular login'); |
// Rehash, so that we always have the latest default auth plugin and params |
// Note that we do it every time (unlike PHPs recommended password_needs_rehash), |
// because we are not sure which auth plugin created the hash (there might be multiple |
// auth plugins that can verify this hash). So we just rehash on every login! |
$new_authkey = $authInfo->getAuthKey(); |
$authInfo = OIDplus::authUtils()->raGeneratePassword($params['password']); |
OIDplus::db()->query("UPDATE ###ra set last_login = ".OIDplus::db()->sqlDate().", authkey = ? where email = ?", array($new_authkey, $email)); |
// Rehash, so that we always have the latest default auth plugin and params |
// Note that we do it every time (unlike PHPs recommended password_needs_rehash), |
// because we are not sure which auth plugin created the hash (there might be multiple |
// auth plugins that can verify this hash). So we just rehash on every login! |
$new_authkey = $authInfo->getAuthKey(); |
return array("status" => 0); |
} else { |
if (OIDplus::config()->getValue('log_failed_ra_logins', false)) { |
if ($ra->existing()) { |
OIDplus::logger()->log("V2:[WARN]A", "Failed login to RA account '%1' (wrong password)", $email); |
} else { |
OIDplus::logger()->log("V2:[WARN]A", "Failed login to RA account '%1' (RA not existing)", $email); |
OIDplus::db()->query("UPDATE ###ra set last_login = ".OIDplus::db()->sqlDate().", authkey = ? where email = ?", array($new_authkey, $email)); |
return array("status" => 0); |
} else { |
if (OIDplus::config()->getValue('log_failed_ra_logins', false)) { |
if ($ra->existing()) { |
OIDplus::logger()->log("V2:[WARN]A", "Failed login to RA account '%1' (wrong password)", $email); |
} else { |
OIDplus::logger()->log("V2:[WARN]A", "Failed login to RA account '%1' (RA not existing)", $email); |
} |
} |
throw new OIDplusException(_L('Wrong password or user not registered')); |
} |
throw new OIDplusException(_L('Wrong password or user not registered')); |
} |
} |
/** |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_RaLogout(array $params): array { |
_CheckParamExists($params, 'email'); |
} else if ($actionID == 'ra_logout') { |
$email = $params['email']; |
_CheckParamExists($params, 'email'); |
OIDplus::authUtils()->raLogoutEx($email); |
$email = $params['email']; |
return array("status" => 0); |
} |
OIDplus::authUtils()->raLogoutEx($email); |
/** |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_AdminLogin(array $params): array { |
OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
return array("status" => 0); |
} |
_CheckParamExists($params, 'password'); |
if (OIDplus::authUtils()->adminCheckPassword($params['password'])) { |
$remember_me = isset($params['remember_me']) && ($params['remember_me']); |
OIDplus::authUtils()->adminLoginEx($remember_me, 'Regular login'); |
// === ADMIN LOGIN/LOGOUT === |
// TODO: Write a "last login" entry in config table? |
else if ($actionID == 'admin_login') { |
OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
return array("status" => 0); |
} else { |
if (OIDplus::config()->getValue('log_failed_admin_logins', false)) { |
OIDplus::logger()->log("V2:[WARN]A", "Failed login to admin account"); |
_CheckParamExists($params, 'password'); |
if (OIDplus::authUtils()->adminCheckPassword($params['password'])) { |
$remember_me = isset($params['remember_me']) && ($params['remember_me']); |
OIDplus::authUtils()->adminLoginEx($remember_me, 'Regular login'); |
// TODO: Write a "last login" entry in config table? |
return array("status" => 0); |
} else { |
if (OIDplus::config()->getValue('log_failed_admin_logins', false)) { |
OIDplus::logger()->log("V2:[WARN]A", "Failed login to admin account"); |
} |
throw new OIDplusException(_L('Wrong password')); |
} |
throw new OIDplusException(_L('Wrong password')); |
} |
} |
else if ($actionID == 'admin_logout') { |
OIDplus::authUtils()->adminLogoutEx(); |
/** |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_AdminLogout(array $params): array { |
OIDplus::authUtils()->adminLogoutEx(); |
return array("status" => 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'ra_login') { |
return $this->action_RaLogin($params); |
} else if ($actionID == 'ra_logout') { |
return $this->action_RaLogout($params); |
} else if ($actionID == 'admin_login') { |
return $this->action_AdminLogin($params); |
} else if ($actionID == 'admin_logout') { |
return $this->action_AdminLogout($params); |
} else { |
return array("status" => 0); |
} |
else { |
return parent::action($actionID, $params); |
} |
} |
/trunk/plugins/viathinksoft/publicPages/091_forgot_password/OIDplusPagePublicForgotPassword.class.php |
---|
26,83 → 26,65 |
class OIDplusPagePublicForgotPassword extends OIDplusPagePluginPublic { |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
* @throws OIDplusMailException |
*/ |
private function action_Request(array $params): array { |
_CheckParamExists($params, 'email'); |
$email = $params['email']; |
public function action(string $actionID, array $params): array { |
if ($actionID == 'forgot_password') { |
_CheckParamExists($params, 'email'); |
$email = $params['email']; |
if (!OIDplus::mailUtils()->validMailAddress($email)) { |
throw new OIDplusException(_L('Invalid email address')); |
} |
if (!OIDplus::mailUtils()->validMailAddress($email)) { |
throw new OIDplusException(_L('Invalid email address')); |
} |
OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
OIDplus::logger()->log("V2:[WARN]RA(%1)", "A new password for '%1' was requested (forgot password)", $email); |
OIDplus::logger()->log("V2:[WARN]RA(%1)", "A new password for '%1' was requested (forgot password)", $email); |
$activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:reset_password$'.$email.'$'.OIDplus::authUtils()->makeAuthKey(['93a16dbe-f4fb-11ed-b67e-3c4a92df8582',$email])); |
$activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:reset_password$'.$email.'$'.OIDplus::authUtils()->makeAuthKey(['93a16dbe-f4fb-11ed-b67e-3c4a92df8582',$email])); |
$message = $this->getForgotPasswordText($params['email']); |
$message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
$message = $this->getForgotPasswordText($params['email']); |
$message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title').' - Password reset request', $message); |
OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title').' - Password reset request', $message); |
return array("status" => 0); |
} |
return array("status" => 0); |
/** |
* @param array $params |
* @return array |
* @throws OIDplusException |
* @throws OIDplusMailException |
*/ |
private function action_Activate(array $params): array { |
_CheckParamExists($params, 'password1'); |
_CheckParamExists($params, 'password2'); |
_CheckParamExists($params, 'email'); |
_CheckParamExists($params, 'auth'); |
} else if ($actionID == 'reset_password') { |
$password1 = $params['password1']; |
$password2 = $params['password2']; |
$email = $params['email']; |
$auth = $params['auth']; |
_CheckParamExists($params, 'password1'); |
_CheckParamExists($params, 'password2'); |
_CheckParamExists($params, 'email'); |
_CheckParamExists($params, 'auth'); |
if (!OIDplus::authUtils()->validateAuthKey(['93a16dbe-f4fb-11ed-b67e-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_pwd_reset_time',-1))) { |
throw new OIDplusException(_L('Invalid or expired authentication key')); |
} |
$password1 = $params['password1']; |
$password2 = $params['password2']; |
$email = $params['email']; |
$auth = $params['auth']; |
if ($password1 !== $password2) { |
throw new OIDplusException(_L('Passwords do not match')); |
} |
if (!OIDplus::authUtils()->validateAuthKey(['93a16dbe-f4fb-11ed-b67e-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_pwd_reset_time',-1))) { |
throw new OIDplusException(_L('Invalid or expired authentication key')); |
} |
if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) { |
$minlen = OIDplus::config()->getValue('ra_min_password_length'); |
throw new OIDplusException(_L('Password is too short. Need at least %1 characters',$minlen)); |
} |
if ($password1 !== $password2) { |
throw new OIDplusException(_L('Passwords do not match')); |
} |
OIDplus::logger()->log("V2:[INFO]RA(%1)", "RA '%1' has reset his password (forgot passwort)", $email); |
if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) { |
$minlen = OIDplus::config()->getValue('ra_min_password_length'); |
throw new OIDplusException(_L('Password is too short. Need at least %1 characters',$minlen)); |
} |
$ra = new OIDplusRA($email); |
$ra->change_password($password1); |
OIDplus::logger()->log("V2:[INFO]RA(%1)", "RA '%1' has reset his password (forgot passwort)", $email); |
return array("status" => 0); |
} |
$ra = new OIDplusRA($email); |
$ra->change_password($password1); |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
* @throws OIDplusMailException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'forgot_password') { |
return $this->action_Request($params); |
} else if ($actionID == 'reset_password') { |
return $this->action_Activate($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/publicPages/095_attachments/OIDplusPagePublicAttachments.class.php |
---|
174,123 → 174,130 |
return OIDplus::config()->getValue('attachments_allow_ra_upload', 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Delete(array $params): array { |
_CheckParamExists($params, 'id'); |
$id = $params['id']; |
$obj = OIDplusObject::parse($id); |
if (!$obj) throw new OIDplusException(_L('Invalid object "%1"',$id)); |
if (!$obj->userHasWriteRights()) throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA of "%1" to upload an attachment.',$id), null, 401); |
public function action(string $actionID, array $params): array { |
if (!OIDplus::authUtils()->isAdminLoggedIn() && !$this->raMayDelete()) { |
throw new OIDplusException(_L('The administrator has disabled deleting attachments by RAs.')); |
} |
if ($actionID == 'deleteAttachment') { |
_CheckParamExists($params, 'id'); |
$id = $params['id']; |
$obj = OIDplusObject::parse($id); |
if (!$obj) throw new OIDplusException(_L('Invalid object "%1"',$id)); |
if (!$obj->userHasWriteRights()) throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA of "%1" to upload an attachment.',$id), null, 401); |
_CheckParamExists($params, 'filename'); |
$req_filename = $params['filename']; |
if (strpos($req_filename, '/') !== false) throw new OIDplusException(_L('Illegal file name')); |
if (strpos($req_filename, '\\') !== false) throw new OIDplusException(_L('Illegal file name')); |
if (strpos($req_filename, '..') !== false) throw new OIDplusException(_L('Illegal file name')); |
if (strpos($req_filename, chr(0)) !== false) throw new OIDplusException(_L('Illegal file name')); |
if (!OIDplus::authUtils()->isAdminLoggedIn() && !$this->raMayDelete()) { |
throw new OIDplusException(_L('The administrator has disabled deleting attachments by RAs.')); |
} |
$uploaddir = self::getUploadDir($id); |
$uploadfile = $uploaddir . DIRECTORY_SEPARATOR . basename($req_filename); |
_CheckParamExists($params, 'filename'); |
$req_filename = $params['filename']; |
if (strpos($req_filename, '/') !== false) throw new OIDplusException(_L('Illegal file name')); |
if (strpos($req_filename, '\\') !== false) throw new OIDplusException(_L('Illegal file name')); |
if (strpos($req_filename, '..') !== false) throw new OIDplusException(_L('Illegal file name')); |
if (strpos($req_filename, chr(0)) !== false) throw new OIDplusException(_L('Illegal file name')); |
if (!file_exists($uploadfile)) throw new OIDplusException(_L('File does not exist')); |
@unlink($uploadfile); |
if (file_exists($uploadfile)) { |
OIDplus::logger()->log("V2:[ERR]OID(%1)+[ERR]A", "Attachment file '%2' could not be deleted from object '%1' (problem with permissions?)", $id, basename($uploadfile)); |
$msg = _L('Attachment file "%1" could not be deleted from object "%2" (problem with permissions?)',basename($uploadfile),$id); |
if (OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException($msg); |
$uploaddir = self::getUploadDir($id); |
$uploadfile = $uploaddir . DIRECTORY_SEPARATOR . basename($req_filename); |
if (!file_exists($uploadfile)) throw new OIDplusException(_L('File does not exist')); |
@unlink($uploadfile); |
if (file_exists($uploadfile)) { |
OIDplus::logger()->log("V2:[ERR]OID(%1)+[ERR]A", "Attachment file '%2' could not be deleted from object '%1' (problem with permissions?)", $id, basename($uploadfile)); |
$msg = _L('Attachment file "%1" could not be deleted from object "%2" (problem with permissions?)',basename($uploadfile),$id); |
if (OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException($msg); |
} else { |
throw new OIDplusException($msg.'. '._L('Please contact the system administrator.')); |
} |
} else { |
throw new OIDplusException($msg.'. '._L('Please contact the system administrator.')); |
// If it was the last file, delete the empty directory |
$ary = @glob($uploaddir . DIRECTORY_SEPARATOR . '*'); |
if (is_array($ary) && (count($ary) == 0)) @rmdir($uploaddir); |
} |
} else { |
// If it was the last file, delete the empty directory |
$ary = @glob($uploaddir . DIRECTORY_SEPARATOR . '*'); |
if (is_array($ary) && (count($ary) == 0)) @rmdir($uploaddir); |
} |
OIDplus::logger()->log("V2:[OK]OID(%1)+[OK/INFO]OIDRA(%1)+[OK/INFO]A", "Deleted attachment '%2' from object '%1'", $id, basename($uploadfile)); |
OIDplus::logger()->log("V2:[OK]OID(%1)+[OK/INFO]OIDRA(%1)+[OK/INFO]A", "Deleted attachment '%2' from object '%1'", $id, basename($uploadfile)); |
return array("status" => 0); |
} |
return array("status" => 0); |
/** |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Upload(array $params): array { |
_CheckParamExists($params, 'id'); |
$id = $params['id']; |
$obj = OIDplusObject::parse($id); |
if (!$obj) throw new OIDplusException(_L('Invalid object "%1"',$id)); |
if (!$obj->userHasWriteRights()) throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA of "%1" to upload an attachment.',$id), null, 401); |
} else if ($actionID == 'uploadAttachment') { |
_CheckParamExists($params, 'id'); |
$id = $params['id']; |
$obj = OIDplusObject::parse($id); |
if (!$obj) throw new OIDplusException(_L('Invalid object "%1"',$id)); |
if (!$obj->userHasWriteRights()) throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA of "%1" to upload an attachment.',$id), null, 401); |
if (!OIDplus::authUtils()->isAdminLoggedIn() && !$this->raMayUpload()) { |
throw new OIDplusException(_L('The administrator has disabled uploading attachments by RAs.')); |
} |
if (!OIDplus::authUtils()->isAdminLoggedIn() && !$this->raMayUpload()) { |
throw new OIDplusException(_L('The administrator has disabled uploading attachments by RAs.')); |
} |
if (!isset($_FILES['userfile'])) { |
throw new OIDplusException(_L('Please choose a file.')); |
} |
if (!isset($_FILES['userfile'])) { |
throw new OIDplusException(_L('Please choose a file.')); |
} |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
$fname = basename($_FILES['userfile']['name']); |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
$fname = basename($_FILES['userfile']['name']); |
// 1. If something is on the blacklist, we always block it, even if it is on the whitelist, too |
$banned = explode(',', OIDplus::config()->getValue('attachments_block_extensions', '')); |
foreach ($banned as $ext) { |
$ext = trim($ext); |
if ($ext == '') continue; |
if (strtolower(substr($fname, -strlen($ext)-1)) == strtolower('.'.$ext)) { |
throw new OIDplusException(_L('The file extension "%1" is banned by the administrator (it can be uploaded by the administrator though)',$ext)); |
// 1. If something is on the blacklist, we always block it, even if it is on the whitelist, too |
$banned = explode(',', OIDplus::config()->getValue('attachments_block_extensions', '')); |
foreach ($banned as $ext) { |
$ext = trim($ext); |
if ($ext == '') continue; |
if (strtolower(substr($fname, -strlen($ext)-1)) == strtolower('.'.$ext)) { |
throw new OIDplusException(_L('The file extension "%1" is banned by the administrator (it can be uploaded by the administrator though)',$ext)); |
} |
} |
} |
// 2. Something on the whitelist is always OK |
$allowed = explode(',', OIDplus::config()->getValue('attachments_allow_extensions', '')); |
$is_whitelisted = false; |
foreach ($allowed as $ext) { |
$ext = trim($ext); |
if ($ext == '') continue; |
if (strtolower(substr($fname, -strlen($ext)-1)) == strtolower('.'.$ext)) { |
$is_whitelisted = true; |
break; |
// 2. Something on the whitelist is always OK |
$allowed = explode(',', OIDplus::config()->getValue('attachments_allow_extensions', '')); |
$is_whitelisted = false; |
foreach ($allowed as $ext) { |
$ext = trim($ext); |
if ($ext == '') continue; |
if (strtolower(substr($fname, -strlen($ext)-1)) == strtolower('.'.$ext)) { |
$is_whitelisted = true; |
break; |
} |
} |
} |
// 3. For everything that is neither whitelisted, nor blacklisted, the admin can decide if these grey zone is allowed or blocked |
if (!$is_whitelisted) { |
if (!OIDplus::config()->getValue('attachments_allow_grey_extensions', '1')) { |
$tmp = explode('.', $fname); |
$ext = array_pop($tmp); |
throw new OIDplusException(_L('The file extension "%1" is not on the whitelist (it can be uploaded by the administrator though)',$ext)); |
// 3. For everything that is neither whitelisted, nor blacklisted, the admin can decide if these grey zone is allowed or blocked |
if (!$is_whitelisted) { |
if (!OIDplus::config()->getValue('attachments_allow_grey_extensions', '1')) { |
$tmp = explode('.', $fname); |
$ext = array_pop($tmp); |
throw new OIDplusException(_L('The file extension "%1" is not on the whitelist (it can be uploaded by the administrator though)',$ext)); |
} |
} |
} |
} |
$req_filename = $_FILES['userfile']['name']; |
if (strpos($req_filename, '/') !== false) throw new OIDplusException(_L('Illegal file name')); |
if (strpos($req_filename, '\\') !== false) throw new OIDplusException(_L('Illegal file name')); |
if (strpos($req_filename, '..') !== false) throw new OIDplusException(_L('Illegal file name')); |
if (strpos($req_filename, chr(0)) !== false) throw new OIDplusException(_L('Illegal file name')); |
$req_filename = $_FILES['userfile']['name']; |
if (strpos($req_filename, '/') !== false) throw new OIDplusException(_L('Illegal file name')); |
if (strpos($req_filename, '\\') !== false) throw new OIDplusException(_L('Illegal file name')); |
if (strpos($req_filename, '..') !== false) throw new OIDplusException(_L('Illegal file name')); |
if (strpos($req_filename, chr(0)) !== false) throw new OIDplusException(_L('Illegal file name')); |
$uploaddir = self::getUploadDir($id); |
$uploadfile = $uploaddir . DIRECTORY_SEPARATOR . basename($req_filename); |
$uploaddir = self::getUploadDir($id); |
$uploadfile = $uploaddir . DIRECTORY_SEPARATOR . basename($req_filename); |
if (!is_dir($uploaddir)) { |
@mkdir($uploaddir, 0777, true); |
if (!is_dir($uploaddir)) { |
OIDplus::logger()->log("V2:[ERR]OID(%1)+[ERR]A", "Upload attachment '%2' to object '%1' failed: Cannot create directory '%3' (problem with permissions?)", $id, basename($uploadfile), basename($uploaddir)); |
$msg = _L('Upload attachment "%1" to object "%2" failed',basename($uploadfile),$id).': '._L('Cannot create directory "%1" (problem with permissions?)',basename($uploaddir)); |
@mkdir($uploaddir, 0777, true); |
if (!is_dir($uploaddir)) { |
OIDplus::logger()->log("V2:[ERR]OID(%1)+[ERR]A", "Upload attachment '%2' to object '%1' failed: Cannot create directory '%3' (problem with permissions?)", $id, basename($uploadfile), basename($uploaddir)); |
$msg = _L('Upload attachment "%1" to object "%2" failed',basename($uploadfile),$id).': '._L('Cannot create directory "%1" (problem with permissions?)',basename($uploaddir)); |
if (OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException($msg); |
} else { |
throw new OIDplusException($msg.'. '._L('Please contact the system administrator.')); |
} |
} |
} |
if (!@move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) { |
OIDplus::logger()->log("V2:[ERR]OID(%1)+[ERR]A", "Upload attachment '%2' to object '%1' failed: Cannot move uploaded file into directory (problem with permissions?)", $id, basename($uploadfile)); |
$msg = _L('Upload attachment "%1" to object "%2" failed',basename($uploadfile),$id).': '._L('Cannot move uploaded file into directory (problem with permissions?)'); |
if (OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException($msg); |
} else { |
297,34 → 304,10 |
throw new OIDplusException($msg.'. '._L('Please contact the system administrator.')); |
} |
} |
} |
if (!@move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) { |
OIDplus::logger()->log("V2:[ERR]OID(%1)+[ERR]A", "Upload attachment '%2' to object '%1' failed: Cannot move uploaded file into directory (problem with permissions?)", $id, basename($uploadfile)); |
$msg = _L('Upload attachment "%1" to object "%2" failed',basename($uploadfile),$id).': '._L('Cannot move uploaded file into directory (problem with permissions?)'); |
if (OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException($msg); |
} else { |
throw new OIDplusException($msg.'. '._L('Please contact the system administrator.')); |
} |
} |
OIDplus::logger()->log("V2:[OK]OID(%1)+[OK/INFO]OIDRA(%1)+[OK/INFO]A", "Uploaded attachment '%2' to object '%1'", $id, basename($uploadfile)); |
OIDplus::logger()->log("V2:[OK]OID(%1)+[OK/INFO]OIDRA(%1)+[OK/INFO]A", "Uploaded attachment '%2' to object '%1'", $id, basename($uploadfile)); |
return array("status" => 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'deleteAttachment') { |
return $this->action_Delete($params); |
} else if ($actionID == 'uploadAttachment') { |
return $this->action_Upload($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/publicPages/200_viathinksoft_freeoid/OIDplusPagePublicFreeOID.class.php |
---|
55,169 → 55,148 |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
* @throws OIDplusMailException |
*/ |
private function action_Request(array $params): array { |
public function action(string $actionID, array $params): array { |
if (empty(self::getFreeRootOid(false))) throw new OIDplusException(_L('FreeOID service not available. Please ask your administrator.')); |
_CheckParamExists($params, 'email'); |
$email = $params['email']; |
if ($actionID == 'request_freeoid') { |
_CheckParamExists($params, 'email'); |
$email = $params['email']; |
if ($already_registered_oid = $this->alreadyHasFreeOid($email, true)) { |
throw new OIDplusHtmlException(_L('This email address already has a FreeOID registered (%1)', '<a '.OIDplus::gui()->link($already_registered_oid).'>'.htmlentities($already_registered_oid).'</a>')); |
} |
if ($already_registered_oid = $this->alreadyHasFreeOid($email, true)) { |
throw new OIDplusHtmlException(_L('This email address already has a FreeOID registered (%1)', '<a '.OIDplus::gui()->link($already_registered_oid).'>'.htmlentities($already_registered_oid).'</a>')); |
} |
if (!OIDplus::mailUtils()->validMailAddress($email)) { |
throw new OIDplusException(_L('Invalid email address')); |
} |
if (!OIDplus::mailUtils()->validMailAddress($email)) { |
throw new OIDplusException(_L('Invalid email address')); |
} |
OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
$root_oid = self::getFreeRootOid(false); |
OIDplus::logger()->log("V2:[INFO]OID(oid:%1)+RA(%2)", "Requested a free OID for email '%2' to be placed into root '%1'", $root_oid, $email); |
$root_oid = self::getFreeRootOid(false); |
OIDplus::logger()->log("V2:[INFO]OID(oid:%1)+RA(%2)", "Requested a free OID for email '%2' to be placed into root '%1'", $root_oid, $email); |
$activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:com.viathinksoft.freeoid.activate_freeoid$'.$email.'$'.OIDplus::authUtils()->makeAuthKey(['40c87e20-f4fb-11ed-86ca-3c4a92df8582',$email])); |
$activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:com.viathinksoft.freeoid.activate_freeoid$'.$email.'$'.OIDplus::authUtils()->makeAuthKey(['40c87e20-f4fb-11ed-86ca-3c4a92df8582',$email])); |
$message = file_get_contents(__DIR__ . '/request_msg.tpl'); |
$message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
$message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
$message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
$message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
$message = file_get_contents(__DIR__ . '/request_msg.tpl'); |
$message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
$message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
$message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
$message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title').' - Free OID request', $message); |
OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title').' - Free OID request', $message); |
return array("status" => 0); |
} |
return array("status" => 0); |
/** |
* @param array $params |
* @return array |
* @throws OIDplusException |
* @throws OIDplusMailException |
*/ |
private function action_Activate(array $params): array { |
if (empty(self::getFreeRootOid(false))) throw new OIDplusException(_L('FreeOID service not available. Please ask your administrator.')); |
} else if ($actionID == 'activate_freeoid') { |
_CheckParamExists($params, 'email'); |
_CheckParamExists($params, 'auth'); |
_CheckParamExists($params, 'email'); |
_CheckParamExists($params, 'auth'); |
$email = $params['email']; |
$auth = $params['auth']; |
$email = $params['email']; |
$auth = $params['auth']; |
if (!OIDplus::authUtils()->validateAuthKey(['40c87e20-f4fb-11ed-86ca-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_invite_time', -1))) { |
throw new OIDplusException(_L('Invalid or expired authentication key')); |
} |
if (!OIDplus::authUtils()->validateAuthKey(['40c87e20-f4fb-11ed-86ca-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_invite_time', -1))) { |
throw new OIDplusException(_L('Invalid or expired authentication key')); |
} |
// 1. step: Check entered data and add the RA to the database |
// 1. step: Check entered data and add the RA to the database |
$ra = new OIDplusRA($email); |
if (!$ra->existing()) { |
_CheckParamExists($params, 'password1'); |
_CheckParamExists($params, 'password2'); |
_CheckParamExists($params, 'ra_name'); |
$ra = new OIDplusRA($email); |
if (!$ra->existing()) { |
_CheckParamExists($params, 'password1'); |
_CheckParamExists($params, 'password2'); |
_CheckParamExists($params, 'ra_name'); |
$password1 = $params['password1']; |
$password2 = $params['password2']; |
$ra_name = $params['ra_name']; |
$password1 = $params['password1']; |
$password2 = $params['password2']; |
$ra_name = $params['ra_name']; |
if ($password1 !== $password2) { |
throw new OIDplusException(_L('Passwords do not match')); |
} |
if ($password1 !== $password2) { |
throw new OIDplusException(_L('Passwords do not match')); |
} |
if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) { |
$minlen = OIDplus::config()->getValue('ra_min_password_length'); |
throw new OIDplusException(_L('Password is too short. Need at least %1 characters',$minlen)); |
} |
if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) { |
$minlen = OIDplus::config()->getValue('ra_min_password_length'); |
throw new OIDplusException(_L('Password is too short. Need at least %1 characters',$minlen)); |
} |
if (empty($ra_name)) { |
throw new OIDplusException(_L('Please enter your personal name or the name of your group.')); |
} |
if (empty($ra_name)) { |
throw new OIDplusException(_L('Please enter your personal name or the name of your group.')); |
$ra->register_ra($password1); |
$ra->setRaName($ra_name); |
} else { |
// RA already exists (e.g. was logged in using Google OAuth) |
$ra_name = $ra->raName(); |
} |
$ra->register_ra($password1); |
$ra->setRaName($ra_name); |
} else { |
// RA already exists (e.g. was logged in using Google OAuth) |
$ra_name = $ra->raName(); |
} |
// 2. step: Add the new OID to the database |
// 2. step: Add the new OID to the database |
$url = $params['url'] ?? ''; |
$title = $params['title'] ?? ''; |
$url = $params['url'] ?? ''; |
$title = $params['title'] ?? ''; |
$root_oid = self::getFreeRootOid(false); |
$new_oid = OIDplusOid::parse('oid:'.$root_oid)->appendArcs($this->freeoid_max_id()+1)->nodeId(false); |
$root_oid = self::getFreeRootOid(false); |
$new_oid = OIDplusOid::parse('oid:'.$root_oid)->appendArcs($this->freeoid_max_id()+1)->nodeId(false); |
OIDplus::logger()->log("V2:[INFO]OID(oid:%2)+OIDRA(oid:%2)", "Child OID '%1' added automatically by '%3' (RA Name: '%4')", $new_oid, $root_oid, $email, $ra_name); |
OIDplus::logger()->log("V2:[INFO]OID(oid:%1)+[OK]RA(%3)", "Free OID '%1' activated (RA Name: '%4')", $new_oid, $root_oid, $email, $ra_name); |
OIDplus::logger()->log("V2:[INFO]OID(oid:%2)+OIDRA(oid:%2)", "Child OID '%1' added automatically by '%3' (RA Name: '%4')", $new_oid, $root_oid, $email, $ra_name); |
OIDplus::logger()->log("V2:[INFO]OID(oid:%1)+[OK]RA(%3)", "Free OID '%1' activated (RA Name: '%4')", $new_oid, $root_oid, $email, $ra_name); |
if ((!empty($url)) && (substr($url, 0, 4) != 'http')) $url = 'http://'.$url; |
if ((!empty($url)) && (substr($url, 0, 4) != 'http')) $url = 'http://'.$url; |
$description = ''; // '<p>'.htmlentities($ra_name).'</p>'; |
if (!empty($url)) { |
$description .= '<p>'._L('More information at %1','<a href="'.htmlentities($url).'">'.htmlentities($url).'</a>').'</p>'; |
} |
$description = ''; // '<p>'.htmlentities($ra_name).'</p>'; |
if (!empty($url)) { |
$description .= '<p>'._L('More information at %1','<a href="'.htmlentities($url).'">'.htmlentities($url).'</a>').'</p>'; |
} |
if (empty($title)) $title = $ra_name; |
if (empty($title)) $title = $ra_name; |
try { |
$maxlen = OIDplus::baseConfig()->getValue('LIMITS_MAX_ID_LENGTH')-strlen('oid:'); |
if (strlen($new_oid) > $maxlen) { |
throw new OIDplusException(_L('The resulting OID %1 is too long (max allowed length: %2)',$new_oid,$maxlen)); |
} |
try { |
$maxlen = OIDplus::baseConfig()->getValue('LIMITS_MAX_ID_LENGTH')-strlen('oid:'); |
if (strlen($new_oid) > $maxlen) { |
throw new OIDplusException(_L('The resulting OID %1 is too long (max allowed length: %2)',$new_oid,$maxlen)); |
OIDplus::db()->query("insert into ###objects (id, ra_email, parent, title, description, confidential, created) values (?, ?, ?, ?, ?, ?, ".OIDplus::db()->sqlDate().")", array('oid:'.$new_oid, $email, self::getFreeRootOid(true), $title, $description, false)); |
OIDplusObject::resetObjectInformationCache(); |
} catch (\Exception $e) { |
$ra->delete(); |
throw $e; |
} |
OIDplus::db()->query("insert into ###objects (id, ra_email, parent, title, description, confidential, created) values (?, ?, ?, ?, ?, ?, ".OIDplus::db()->sqlDate().")", array('oid:'.$new_oid, $email, self::getFreeRootOid(true), $title, $description, false)); |
OIDplusObject::resetObjectInformationCache(); |
} catch (\Exception $e) { |
$ra->delete(); |
throw $e; |
} |
// Send delegation report email to admin |
// Send delegation report email to admin |
$message = "OID delegation report\n"; |
$message .= "\n"; |
$message .= "OID: ".$new_oid."\n"; |
$message .= "\n"; |
$message .= "RA Name: $ra_name\n"; |
$message .= "RA eMail: $email\n"; |
$message .= "URL for more information: $url\n"; |
$message .= "OID Name: $title\n"; |
$message .= "\n"; |
$message .= "More details: ".OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL)."?goto=oid%3A$new_oid\n"; |
$message = "OID delegation report\n"; |
$message .= "\n"; |
$message .= "OID: ".$new_oid."\n"; |
$message .= "\n"; |
$message .= "RA Name: $ra_name\n"; |
$message .= "RA eMail: $email\n"; |
$message .= "URL for more information: $url\n"; |
$message .= "OID Name: $title\n"; |
$message .= "\n"; |
$message .= "More details: ".OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL)."?goto=oid%3A$new_oid\n"; |
OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title')." - OID $new_oid registered", $message); |
OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title')." - OID $new_oid registered", $message); |
// Send delegation information to user |
// Send delegation information to user |
$message = file_get_contents(__DIR__ . '/allocated_msg.tpl'); |
$message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
$message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
$message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
$message = str_replace('{{NEW_OID}}', $new_oid, $message); |
OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title').' - Free OID allocated', $message); |
$message = file_get_contents(__DIR__ . '/allocated_msg.tpl'); |
$message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
$message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
$message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
$message = str_replace('{{NEW_OID}}', $new_oid, $message); |
OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title').' - Free OID allocated', $message); |
return array( |
"new_oid" => $new_oid, |
"status" => 0 |
); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
* @throws OIDplusMailException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'request_freeoid') { |
return $this->action_Request($params); |
} else if ($actionID == 'activate_freeoid') { |
return $this->action_Activate($params); |
return array( |
"new_oid" => $new_oid, |
"status" => 0 |
); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/publicPages/300_search/OIDplusPagePublicSearch.class.php |
---|
164,16 → 164,6 |
} |
/** |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Search(array $params): array { |
$ret = $this->doSearch($params); |
return array("status" => 0, "output" => $ret); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
180,11 → 170,15 |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'search') { |
return $this->action_Search($params); |
// Search with JavaScript/AJAX |
$ret = $this->doSearch($params); |
return array("status" => 0, "output" => $ret); |
} else { |
return parent::action($actionID, $params); |
} |
} |
/** |
/trunk/plugins/viathinksoft/publicPages/800_login_ldap/OIDplusPagePublicLoginLDAP.class.php |
---|
117,123 → 117,113 |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusConfigInitializationException |
* @throws OIDplusException |
*/ |
private function action_Login(array $params): array { |
if (!OIDplus::baseConfig()->getValue('LDAP_ENABLED', false)) { |
throw new OIDplusException(_L('LDAP authentication is disabled on this system.')); |
} |
public function action(string $actionID, array $params): array { |
if ($actionID == 'ra_login_ldap') { |
if (!OIDplus::baseConfig()->getValue('LDAP_ENABLED', false)) { |
throw new OIDplusException(_L('LDAP authentication is disabled on this system.')); |
} |
if (!function_exists('ldap_connect')) throw new OIDplusConfigInitializationException(_L('PHP extension "%1" not installed','LDAP')); |
if (!function_exists('ldap_connect')) throw new OIDplusConfigInitializationException(_L('PHP extension "%1" not installed','LDAP')); |
OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
_CheckParamExists($params, 'email'); |
_CheckParamExists($params, 'password'); |
_CheckParamExists($params, 'email'); |
_CheckParamExists($params, 'password'); |
$upn = $params['email']; |
$password = $params['password']; |
$upn = $params['email']; |
$password = $params['password']; |
$domainNumber = $this->getDomainNumber($upn); |
if ($domainNumber <= 0) { |
throw new OIDplusException(_L('The server is not configured to handle this domain (the part behind the at-sign)')); |
} |
$cfgSuffix = $domainNumber == 1 ? '' : "__$domainNumber"; |
$domainNumber = $this->getDomainNumber($upn); |
if ($domainNumber <= 0) { |
throw new OIDplusException(_L('The server is not configured to handle this domain (the part behind the at-sign)')); |
} |
$cfgSuffix = $domainNumber == 1 ? '' : "__$domainNumber"; |
if (empty($upn)) { |
throw new OIDplusException(_L('Please enter a valid username')); |
} |
if (empty($upn)) { |
throw new OIDplusException(_L('Please enter a valid username')); |
} |
$ldap = new \VtsLDAPUtils(); |
$ldap = new \VtsLDAPUtils(); |
try { |
try { |
$cfg_ldap_server = OIDplus::baseConfig()->getValue('LDAP_SERVER'.$cfgSuffix); |
$cfg_ldap_port = OIDplus::baseConfig()->getValue('LDAP_PORT'.$cfgSuffix, 389); |
$cfg_ldap_base_dn = OIDplus::baseConfig()->getValue('LDAP_BASE_DN'.$cfgSuffix); |
$cfg_ldap_server = OIDplus::baseConfig()->getValue('LDAP_SERVER'.$cfgSuffix); |
$cfg_ldap_port = OIDplus::baseConfig()->getValue('LDAP_PORT'.$cfgSuffix, 389); |
$cfg_ldap_base_dn = OIDplus::baseConfig()->getValue('LDAP_BASE_DN'.$cfgSuffix); |
// Note: Will throw an Exception if connect fails |
$ldap->connect($cfg_ldap_server, $cfg_ldap_port); |
// Note: Will throw an Exception if connect fails |
$ldap->connect($cfg_ldap_server, $cfg_ldap_port); |
if (!$ldap->login($upn, $password)) { |
if (OIDplus::config()->getValue('log_failed_ra_logins', false)) { |
OIDplus::logger()->log("V2:[WARN]A", "Failed login to RA account '%1' using LDAP", $upn); |
if (!$ldap->login($upn, $password)) { |
if (OIDplus::config()->getValue('log_failed_ra_logins', false)) { |
OIDplus::logger()->log("V2:[WARN]A", "Failed login to RA account '%1' using LDAP", $upn); |
} |
throw new OIDplusException(_L('Wrong password or user not registered')); |
} |
throw new OIDplusException(_L('Wrong password or user not registered')); |
} |
$ldap_userinfo = $ldap->getUserInfo($upn, $cfg_ldap_base_dn); |
$ldap_userinfo = $ldap->getUserInfo($upn, $cfg_ldap_base_dn); |
if (!$ldap_userinfo) { |
throw new OIDplusException(_L('The LDAP login was successful, but the own user %1 cannot be found. Please check the base configuration setting %2 and %3', $upn, "LDAP_BASE_DN$cfgSuffix", "LDAP_UPN_SUFFIX$cfgSuffix")); |
} |
if (!$ldap_userinfo) { |
throw new OIDplusException(_L('The LDAP login was successful, but the own user %1 cannot be found. Please check the base configuration setting %2 and %3', $upn, "LDAP_BASE_DN$cfgSuffix", "LDAP_UPN_SUFFIX$cfgSuffix")); |
} |
$foundSomething = false; |
$foundSomething = false; |
// --- |
// --- |
$cfgAdminGroup = OIDplus::baseConfig()->getValue('LDAP_ADMIN_GROUP'.$cfgSuffix,''); |
if (!empty($cfgAdminGroup)) { |
$isAdmin = $ldap->isMemberOfRec($ldap_userinfo, $cfgAdminGroup); |
} else { |
$isAdmin = false; |
} |
if ($isAdmin) { |
$foundSomething = true; |
$remember_me = isset($params['remember_me']) && ($params['remember_me']); |
OIDplus::authUtils()->adminLoginEx($remember_me, 'LDAP login'); |
} |
// --- |
$cfgRaGroup = OIDplus::baseConfig()->getValue('LDAP_RA_GROUP'.$cfgSuffix,''); |
if (!empty($cfgRaGroup)) { |
$isRA = $ldap->isMemberOfRec($ldap_userinfo, $cfgRaGroup); |
} else { |
$isRA = true; |
} |
if ($isRA) { |
if (OIDplus::baseConfig()->getValue('LDAP_AUTHENTICATE_UPN'.$cfgSuffix,true)) { |
$mail = \VtsLDAPUtils::getString($ldap_userinfo, 'userprincipalname'); |
$cfgAdminGroup = OIDplus::baseConfig()->getValue('LDAP_ADMIN_GROUP'.$cfgSuffix,''); |
if (!empty($cfgAdminGroup)) { |
$isAdmin = $ldap->isMemberOfRec($ldap_userinfo, $cfgAdminGroup); |
} else { |
$isAdmin = false; |
} |
if ($isAdmin) { |
$foundSomething = true; |
$remember_me = isset($params['remember_me']) && ($params['remember_me']); |
$this->doLoginRA($remember_me, $mail, $ldap_userinfo); |
OIDplus::authUtils()->adminLoginEx($remember_me, 'LDAP login'); |
} |
if (OIDplus::baseConfig()->getValue('LDAP_AUTHENTICATE_EMAIL'.$cfgSuffix,false)) { |
$mails = \VtsLDAPUtils::getArray($ldap_userinfo, 'mail'); |
foreach ($mails as $mail) { |
// --- |
$cfgRaGroup = OIDplus::baseConfig()->getValue('LDAP_RA_GROUP'.$cfgSuffix,''); |
if (!empty($cfgRaGroup)) { |
$isRA = $ldap->isMemberOfRec($ldap_userinfo, $cfgRaGroup); |
} else { |
$isRA = true; |
} |
if ($isRA) { |
if (OIDplus::baseConfig()->getValue('LDAP_AUTHENTICATE_UPN'.$cfgSuffix,true)) { |
$mail = \VtsLDAPUtils::getString($ldap_userinfo, 'userprincipalname'); |
$foundSomething = true; |
$remember_me = isset($params['remember_me']) && ($params['remember_me']); |
$this->doLoginRA($remember_me, $mail, $ldap_userinfo); |
} |
if (OIDplus::baseConfig()->getValue('LDAP_AUTHENTICATE_EMAIL'.$cfgSuffix,false)) { |
$mails = \VtsLDAPUtils::getArray($ldap_userinfo, 'mail'); |
foreach ($mails as $mail) { |
$foundSomething = true; |
$remember_me = isset($params['remember_me']) && ($params['remember_me']); |
$this->doLoginRA($remember_me, $mail, $ldap_userinfo); |
} |
} |
} |
} finally { |
$ldap->disconnect(); |
$ldap = null; |
} |
} finally { |
$ldap->disconnect(); |
$ldap = null; |
} |
if (!$foundSomething) { |
throw new OIDplusException(_L("Error: These credentials cannot be used with OIDplus. Please check the base configuration.")); |
} |
if (!$foundSomething) { |
throw new OIDplusException(_L("Error: These credentials cannot be used with OIDplus. Please check the base configuration.")); |
} |
return array("status" => 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusConfigInitializationException |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'ra_login_ldap') { |
return $this->action_Login($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/raPages/092_invite/OIDplusPageRaInvite.class.php |
---|
26,84 → 26,66 |
class OIDplusPageRaInvite extends OIDplusPagePluginRa { |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
* @throws OIDplusMailException |
*/ |
private function action_Request(array $params): array { |
$email = $params['email']; |
public function action(string $actionID, array $params): array { |
if ($actionID == 'invite_ra') { |
$email = $params['email']; |
if (!OIDplus::mailUtils()->validMailAddress($email)) { |
throw new OIDplusException(_L('Invalid email address')); |
} |
if (!OIDplus::mailUtils()->validMailAddress($email)) { |
throw new OIDplusException(_L('Invalid email address')); |
} |
OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
$this->inviteSecurityCheck($email); |
// TODO: should we also log who has invited? |
OIDplus::logger()->log("V2:[INFO]RA(%1)", "RA '%1' has been invited", $email); |
$this->inviteSecurityCheck($email); |
// TODO: should we also log who has invited? |
OIDplus::logger()->log("V2:[INFO]RA(%1)", "RA '%1' has been invited", $email); |
$activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:activate_ra$'.$email.'$'.OIDplus::authUtils()->makeAuthKey(['ed840c3e-f4fa-11ed-b67e-3c4a92df8582',$email])); |
$activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:activate_ra$'.$email.'$'.OIDplus::authUtils()->makeAuthKey(['ed840c3e-f4fa-11ed-b67e-3c4a92df8582',$email])); |
$message = $this->getInvitationText($email); |
$message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
$message = $this->getInvitationText($email); |
$message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title').' - Invitation', $message); |
OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title').' - Invitation', $message); |
return array("status" => 0); |
} |
return array("status" => 0); |
/** |
* @param array $params |
* @return array |
* @throws OIDplusException |
* @throws OIDplusMailException |
*/ |
private function action_Activate(array $params): array { |
_CheckParamExists($params, 'password1'); |
_CheckParamExists($params, 'password2'); |
_CheckParamExists($params, 'email'); |
_CheckParamExists($params, 'auth'); |
} else if ($actionID == 'activate_ra') { |
$password1 = $params['password1']; |
$password2 = $params['password2']; |
$email = $params['email']; |
$auth = $params['auth']; |
_CheckParamExists($params, 'password1'); |
_CheckParamExists($params, 'password2'); |
_CheckParamExists($params, 'email'); |
_CheckParamExists($params, 'auth'); |
if (!OIDplus::authUtils()->validateAuthKey(['ed840c3e-f4fa-11ed-b67e-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_invite_time',-1))) { |
throw new OIDplusException(_L('Invalid or expired authentication key')); |
} |
$password1 = $params['password1']; |
$password2 = $params['password2']; |
$email = $params['email']; |
$auth = $params['auth']; |
if ($password1 !== $password2) { |
throw new OIDplusException(_L('Passwords do not match')); |
} |
if (!OIDplus::authUtils()->validateAuthKey(['ed840c3e-f4fa-11ed-b67e-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_invite_time',-1))) { |
throw new OIDplusException(_L('Invalid or expired authentication key')); |
} |
if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) { |
$minlen = OIDplus::config()->getValue('ra_min_password_length'); |
throw new OIDplusException(_L('Password is too short. Need at least %1 characters',$minlen)); |
} |
if ($password1 !== $password2) { |
throw new OIDplusException(_L('Passwords do not match')); |
} |
OIDplus::logger()->log("V2:[OK]RA(%1)", "RA '%1' has been registered due to invitation", $email); |
if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) { |
$minlen = OIDplus::config()->getValue('ra_min_password_length'); |
throw new OIDplusException(_L('Password is too short. Need at least %1 characters',$minlen)); |
} |
$ra = new OIDplusRA($email); |
$ra->register_ra($password1); |
OIDplus::logger()->log("V2:[OK]RA(%1)", "RA '%1' has been registered due to invitation", $email); |
return array("status" => 0); |
} |
$ra = new OIDplusRA($email); |
$ra->register_ra($password1); |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
* @throws OIDplusMailException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'invite_ra') { |
return $this->action_Request($params); |
} else if ($actionID == 'activate_ra') { |
return $this->action_Activate($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/raPages/100_edit_contact_data/OIDplusPageRaEditContactData.class.php |
---|
26,63 → 26,54 |
class OIDplusPageRaEditContactData extends OIDplusPagePluginRa { |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Update(array $params): array { |
_CheckParamExists($params, 'email'); |
public function action(string $actionID, array $params): array { |
if ($actionID == 'change_ra_data') { |
_CheckParamExists($params, 'email'); |
$email = $params['email']; |
$email = $params['email']; |
if (!OIDplus::authUtils()->isRaLoggedIn($email) && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA to update its data.'), null, 401); |
} |
if (!OIDplus::authUtils()->isRaLoggedIn($email) && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA to update its data.'), null, 401); |
} |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($email)); |
if (!$res->any()) { |
throw new OIDplusException(_L('RA does not exist')); |
} |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($email)); |
if (!$res->any()) { |
throw new OIDplusException(_L('RA does not exist')); |
} |
OIDplus::logger()->log("V2:[OK/WARN]RA(%1)+[OK/INFO]A", "Changed RA '%1' contact data/details", $email); |
OIDplus::logger()->log("V2:[OK/WARN]RA(%1)+[OK/INFO]A", "Changed RA '%1' contact data/details", $email); |
if (isset($params['ra_name'])) |
OIDplus::db()->query("UPDATE ###ra SET ra_name = ? WHERE email = ?", array($params['ra_name'], $email)); |
if (isset($params['organization'])) |
OIDplus::db()->query("UPDATE ###ra SET organization = ? WHERE email = ?", array($params['organization'], $email)); |
if (isset($params['office'])) |
OIDplus::db()->query("UPDATE ###ra SET office = ? WHERE email = ?", array($params['office'], $email)); |
if (isset($params['personal_name'])) |
OIDplus::db()->query("UPDATE ###ra SET personal_name = ? WHERE email = ?", array($params['personal_name'], $email)); |
if (isset($params['privacy'])) |
OIDplus::db()->query("UPDATE ###ra SET privacy = ? WHERE email = ?", array($params['privacy'] == 'true', $email)); |
if (isset($params['street'])) |
OIDplus::db()->query("UPDATE ###ra SET street = ? WHERE email = ?", array($params['street'], $email)); |
if (isset($params['zip_town'])) |
OIDplus::db()->query("UPDATE ###ra SET zip_town = ? WHERE email = ?", array($params['zip_town'], $email)); |
if (isset($params['country'])) |
OIDplus::db()->query("UPDATE ###ra SET country = ? WHERE email = ?", array($params['country'], $email)); |
if (isset($params['phone'])) |
OIDplus::db()->query("UPDATE ###ra SET phone = ? WHERE email = ?", array($params['phone'], $email)); |
if (isset($params['mobile'])) |
OIDplus::db()->query("UPDATE ###ra SET mobile = ? WHERE email = ?", array($params['mobile'], $email)); |
if (isset($params['fax'])) |
OIDplus::db()->query("UPDATE ###ra SET fax = ? WHERE email = ?", array($params['fax'], $email)); |
if (isset($params['ra_name'])) |
OIDplus::db()->query("UPDATE ###ra SET ra_name = ? WHERE email = ?", array($params['ra_name'], $email)); |
if (isset($params['organization'])) |
OIDplus::db()->query("UPDATE ###ra SET organization = ? WHERE email = ?", array($params['organization'], $email)); |
if (isset($params['office'])) |
OIDplus::db()->query("UPDATE ###ra SET office = ? WHERE email = ?", array($params['office'], $email)); |
if (isset($params['personal_name'])) |
OIDplus::db()->query("UPDATE ###ra SET personal_name = ? WHERE email = ?", array($params['personal_name'], $email)); |
if (isset($params['privacy'])) |
OIDplus::db()->query("UPDATE ###ra SET privacy = ? WHERE email = ?", array($params['privacy'] == 'true', $email)); |
if (isset($params['street'])) |
OIDplus::db()->query("UPDATE ###ra SET street = ? WHERE email = ?", array($params['street'], $email)); |
if (isset($params['zip_town'])) |
OIDplus::db()->query("UPDATE ###ra SET zip_town = ? WHERE email = ?", array($params['zip_town'], $email)); |
if (isset($params['country'])) |
OIDplus::db()->query("UPDATE ###ra SET country = ? WHERE email = ?", array($params['country'], $email)); |
if (isset($params['phone'])) |
OIDplus::db()->query("UPDATE ###ra SET phone = ? WHERE email = ?", array($params['phone'], $email)); |
if (isset($params['mobile'])) |
OIDplus::db()->query("UPDATE ###ra SET mobile = ? WHERE email = ?", array($params['mobile'], $email)); |
if (isset($params['fax'])) |
OIDplus::db()->query("UPDATE ###ra SET fax = ? WHERE email = ?", array($params['fax'], $email)); |
OIDplus::db()->query("UPDATE ###ra SET updated = ".OIDplus::db()->sqlDate()." WHERE email = ?", array($email)); |
OIDplus::db()->query("UPDATE ###ra SET updated = ".OIDplus::db()->sqlDate()." WHERE email = ?", array($email)); |
return array("status" => 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'change_ra_data') { |
return $this->action_Update($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/raPages/101_change_password/OIDplusPageRaChangePassword.class.php |
---|
26,71 → 26,62 |
class OIDplusPageRaChangePassword extends OIDplusPagePluginRa { |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Update(array $params): array { |
_CheckParamExists($params, 'email'); |
public function action(string $actionID, array $params): array { |
if ($actionID == 'change_ra_password') { |
_CheckParamExists($params, 'email'); |
$email = $params['email']; |
$email = $params['email']; |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($email)); |
if (!$res->any()) { |
throw new OIDplusException(_L('RA does not exist')); |
} |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($email)); |
if (!$res->any()) { |
throw new OIDplusException(_L('RA does not exist')); |
} |
if (!OIDplus::authUtils()->isRaLoggedIn($email) && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA to update its data.'), null, 401); |
} |
if (!OIDplus::authUtils()->isRaLoggedIn($email) && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA to update its data.'), null, 401); |
} |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
_CheckParamExists($params, 'old_password'); |
$old_password = $params['old_password']; |
} else { |
$old_password = ''; |
} |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
_CheckParamExists($params, 'old_password'); |
$old_password = $params['old_password']; |
} else { |
$old_password = ''; |
} |
_CheckParamExists($params, 'new_password1'); |
_CheckParamExists($params, 'new_password2'); |
_CheckParamExists($params, 'new_password1'); |
_CheckParamExists($params, 'new_password2'); |
$password1 = $params['new_password1']; |
$password2 = $params['new_password2']; |
$password1 = $params['new_password1']; |
$password2 = $params['new_password2']; |
if ($password1 !== $password2) { |
throw new OIDplusException(_L('Passwords do not match')); |
} |
if ($password1 !== $password2) { |
throw new OIDplusException(_L('Passwords do not match')); |
} |
if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) { |
$minlen = OIDplus::config()->getValue('ra_min_password_length'); |
throw new OIDplusException(_L('New password is too short. Minimum password length: %1',$minlen)); |
} |
if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) { |
$minlen = OIDplus::config()->getValue('ra_min_password_length'); |
throw new OIDplusException(_L('New password is too short. Minimum password length: %1',$minlen)); |
} |
$ra = new OIDplusRA($email); |
if (!$ra->isPasswordLess()) { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
if (!$ra->checkPassword($old_password)) { |
throw new OIDplusException(_L('Old password incorrect')); |
$ra = new OIDplusRA($email); |
if (!$ra->isPasswordLess()) { |
if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
if (!$ra->checkPassword($old_password)) { |
throw new OIDplusException(_L('Old password incorrect')); |
} |
} |
OIDplus::logger()->log("V2:[OK/WARN]RA(%1)+[OK/INFO]A", "Password of RA '%1' changed", $email); |
} else { |
OIDplus::logger()->log("V2:[OK/WARN]RA(%1)+[OK/INFO]A", "Password of RA '%1' created", $email); |
} |
OIDplus::logger()->log("V2:[OK/WARN]RA(%1)+[OK/INFO]A", "Password of RA '%1' changed", $email); |
} else { |
OIDplus::logger()->log("V2:[OK/WARN]RA(%1)+[OK/INFO]A", "Password of RA '%1' created", $email); |
} |
$ra->change_password($password1); |
$ra->change_password($password1); |
return array("status" => 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'change_ra_password') { |
return $this->action_Update($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/raPages/102_change_email/OIDplusPageRaChangeEMail.class.php |
---|
26,58 → 26,141 |
class OIDplusPageRaChangeEMail extends OIDplusPagePluginRa { |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
* @throws OIDplusMailException |
*/ |
private function action_Request(array $params): array { |
if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException(_L('This functionality has been disabled by the administrator.')); |
} |
public function action(string $actionID, array $params): array { |
if ($actionID == 'change_ra_email') { |
if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException(_L('This functionality has been disabled by the administrator.')); |
} |
_CheckParamExists($params, 'old_email'); |
_CheckParamExists($params, 'new_email'); |
_CheckParamExists($params, 'old_email'); |
_CheckParamExists($params, 'new_email'); |
$old_email = $params['old_email']; |
$new_email = $params['new_email']; |
$old_email = $params['old_email']; |
$new_email = $params['new_email']; |
$ra = new OIDplusRA($old_email); |
if ($ra->isPasswordLess() && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException(_L('E-Mail-Address cannot be changed because this user does not have a password')); |
} |
$ra = new OIDplusRA($old_email); |
if ($ra->isPasswordLess() && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException(_L('E-Mail-Address cannot be changed because this user does not have a password')); |
} |
if (!OIDplus::authUtils()->isRaLoggedIn($old_email) && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA to update its email address.'), null, 401); |
} |
if (!OIDplus::authUtils()->isRaLoggedIn($old_email) && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA to update its email address.'), null, 401); |
} |
if (!OIDplus::mailUtils()->validMailAddress($new_email)) { |
throw new OIDplusException(_L('eMail address is invalid.')); |
} |
if (!OIDplus::mailUtils()->validMailAddress($new_email)) { |
throw new OIDplusException(_L('eMail address is invalid.')); |
} |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email)); |
if (!$res->any()) { |
throw new OIDplusException(_L('eMail address does not exist anymore. It was probably already changed.')); |
} |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email)); |
if (!$res->any()) { |
throw new OIDplusException(_L('eMail address does not exist anymore. It was probably already changed.')); |
} |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email)); |
if ($res->any()) { |
throw new OIDplusException(_L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.')); |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email)); |
if ($res->any()) { |
throw new OIDplusException(_L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.')); |
} |
if (OIDplus::authUtils()->isAdminLoggedIn()) { |
$ra_was_logged_in = OIDplus::authUtils()->isRaLoggedIn($old_email); |
$ra = new OIDplusRA($old_email); |
// Change RA email |
$ra->change_email($new_email); |
OIDplus::logger()->log("V2:[WARN]RA(%1)+[INFO]RA(%2)+[OK]A", "Admin changed email address '%1' to '%2'", $old_email, $new_email); |
// Change objects |
$res = OIDplus::db()->query("select id from ###objects where ra_email = ?", array($old_email)); |
while ($row = $res->fetch_array()) { |
OIDplus::logger()->log("V2:[INFO]OID(%1)+SUPOID(%1)", "Admin changed email address of RA '%2' (owner of %1) to '%3'", $row['id'], $old_email, $new_email); |
} |
OIDplus::db()->query("update ###objects set ra_email = ? where ra_email = ?", array($new_email, $old_email)); |
OIDplusObject::resetObjectInformationCache(); |
// Re-login |
if ($ra_was_logged_in) { |
OIDplus::authUtils()->raLogout($old_email); |
OIDplus::authUtils()->raLogin($new_email); |
} |
return array("status" => 0); |
} else { |
OIDplus::logger()->log("V2:[INFO]RA(%1)+RA(%2)", "Requested email address change from '%1' to '%2'", $old_email, $new_email); |
$activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:activate_new_ra_email$'.$old_email.'$'.$new_email.'$'.OIDplus::authUtils()->makeAuthKey(['5ef24124-f4fb-11ed-b67e-3c4a92df8582',$old_email,$new_email])); |
$message = file_get_contents(__DIR__ . '/change_request_email.tpl'); |
$message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
$message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
$message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
$message = str_replace('{{OLD_EMAIL}}', $old_email, $message); |
$message = str_replace('{{NEW_EMAIL}}', $new_email, $message); |
$message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
OIDplus::mailUtils()->sendMail($new_email, OIDplus::config()->getValue('system_title').' - Change email request', $message); |
return array("status" => 0); |
} |
} |
if (OIDplus::authUtils()->isAdminLoggedIn()) { |
else if ($actionID == 'activate_new_ra_email') { |
if (!OIDplus::config()->getValue('allow_ra_email_change')) { |
throw new OIDplusException(_L('This functionality has been disabled by the administrator.')); |
} |
_CheckParamExists($params, 'old_email'); |
_CheckParamExists($params, 'new_email'); |
_CheckParamExists($params, 'password'); |
_CheckParamExists($params, 'auth'); |
$old_email = $params['old_email']; |
$new_email = $params['new_email']; |
$password = $params['password']; |
$auth = $params['auth']; |
$ra_was_logged_in = OIDplus::authUtils()->isRaLoggedIn($old_email); |
$ra = new OIDplusRA($old_email); |
if ($ra->isPasswordLess() && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException(_L('E-Mail-Address cannot be changed because this user does not have a password')); |
} |
// Change RA email |
if (!OIDplus::authUtils()->validateAuthKey(['5ef24124-f4fb-11ed-b67e-3c4a92df8582',$old_email,$new_email], $auth, OIDplus::config()->getValue('max_ra_email_change_time', -1))) { |
throw new OIDplusException(_L('Invalid or expired authentication key')); |
} |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email)); |
if (!$res->any()) { |
throw new OIDplusException(_L('eMail address does not exist anymore. It was probably already changed.')); |
} |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email)); |
if ($res->any()) { |
throw new OIDplusException(_L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.')); |
} |
$ra = new OIDplusRA($old_email); |
if (!$ra->isPasswordLess()) { |
if (!$ra->checkPassword($password)) { |
throw new OIDplusException(_L('Wrong password')); |
} |
} |
// Change address of RA |
$ra->change_email($new_email); |
OIDplus::logger()->log("V2:[WARN]RA(%1)+[INFO]RA(%2)+[OK]A", "Admin changed email address '%1' to '%2'", $old_email, $new_email); |
OIDplus::logger()->log("V2:[OK]RA(%2)+RA(%1)", "RA '%1' has changed their email address to '%2'", $old_email, $new_email); |
// Change objects |
$res = OIDplus::db()->query("select id from ###objects where ra_email = ?", array($old_email)); |
while ($row = $res->fetch_array()) { |
OIDplus::logger()->log("V2:[INFO]OID(%1)+SUPOID(%1)", "Admin changed email address of RA '%2' (owner of %1) to '%3'", $row['id'], $old_email, $new_email); |
OIDplus::logger()->log("V2:[INFO]OID(%1)+SUPOID(%1)", "RA '%2' (owner of %1) has changed their email address to '%3'", $row['id'], $old_email, $new_email); |
} |
OIDplus::db()->query("update ###objects set ra_email = ? where ra_email = ?", array($new_email, $old_email)); |
OIDplusObject::resetObjectInformationCache(); |
88,117 → 171,16 |
OIDplus::authUtils()->raLogin($new_email); |
} |
return array("status" => 0); |
} else { |
OIDplus::logger()->log("V2:[INFO]RA(%1)+RA(%2)", "Requested email address change from '%1' to '%2'", $old_email, $new_email); |
$activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:activate_new_ra_email$'.$old_email.'$'.$new_email.'$'.OIDplus::authUtils()->makeAuthKey(['5ef24124-f4fb-11ed-b67e-3c4a92df8582',$old_email,$new_email])); |
$message = file_get_contents(__DIR__ . '/change_request_email.tpl'); |
// Send email |
$message = file_get_contents(__DIR__ . '/email_change_confirmation.tpl'); |
$message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
$message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
$message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
$message = str_replace('{{OLD_EMAIL}}', $old_email, $message); |
$message = str_replace('{{NEW_EMAIL}}', $new_email, $message); |
$message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
OIDplus::mailUtils()->sendMail($new_email, OIDplus::config()->getValue('system_title').' - Change email request', $message); |
OIDplus::mailUtils()->sendMail($old_email, OIDplus::config()->getValue('system_title').' - eMail address changed', $message); |
return array("status" => 0); |
} |
} |
/** |
* @param array $params |
* @return array |
* @throws OIDplusException |
* @throws OIDplusMailException |
*/ |
private function action_Activate(array $params): array { |
if (!OIDplus::config()->getValue('allow_ra_email_change')) { |
throw new OIDplusException(_L('This functionality has been disabled by the administrator.')); |
} |
_CheckParamExists($params, 'old_email'); |
_CheckParamExists($params, 'new_email'); |
_CheckParamExists($params, 'password'); |
_CheckParamExists($params, 'auth'); |
$old_email = $params['old_email']; |
$new_email = $params['new_email']; |
$password = $params['password']; |
$auth = $params['auth']; |
$ra_was_logged_in = OIDplus::authUtils()->isRaLoggedIn($old_email); |
$ra = new OIDplusRA($old_email); |
if ($ra->isPasswordLess() && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusException(_L('E-Mail-Address cannot be changed because this user does not have a password')); |
} |
if (!OIDplus::authUtils()->validateAuthKey(['5ef24124-f4fb-11ed-b67e-3c4a92df8582',$old_email,$new_email], $auth, OIDplus::config()->getValue('max_ra_email_change_time', -1))) { |
throw new OIDplusException(_L('Invalid or expired authentication key')); |
} |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email)); |
if (!$res->any()) { |
throw new OIDplusException(_L('eMail address does not exist anymore. It was probably already changed.')); |
} |
$res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email)); |
if ($res->any()) { |
throw new OIDplusException(_L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.')); |
} |
$ra = new OIDplusRA($old_email); |
if (!$ra->isPasswordLess()) { |
if (!$ra->checkPassword($password)) { |
throw new OIDplusException(_L('Wrong password')); |
} |
} |
// Change address of RA |
$ra->change_email($new_email); |
OIDplus::logger()->log("V2:[OK]RA(%2)+RA(%1)", "RA '%1' has changed their email address to '%2'", $old_email, $new_email); |
// Change objects |
$res = OIDplus::db()->query("select id from ###objects where ra_email = ?", array($old_email)); |
while ($row = $res->fetch_array()) { |
OIDplus::logger()->log("V2:[INFO]OID(%1)+SUPOID(%1)", "RA '%2' (owner of %1) has changed their email address to '%3'", $row['id'], $old_email, $new_email); |
} |
OIDplus::db()->query("update ###objects set ra_email = ? where ra_email = ?", array($new_email, $old_email)); |
OIDplusObject::resetObjectInformationCache(); |
// Re-login |
if ($ra_was_logged_in) { |
OIDplus::authUtils()->raLogout($old_email); |
OIDplus::authUtils()->raLogin($new_email); |
} |
// Send email |
$message = file_get_contents(__DIR__ . '/email_change_confirmation.tpl'); |
$message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
$message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
$message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
$message = str_replace('{{OLD_EMAIL}}', $old_email, $message); |
$message = str_replace('{{NEW_EMAIL}}', $new_email, $message); |
OIDplus::mailUtils()->sendMail($old_email, OIDplus::config()->getValue('system_title').' - eMail address changed', $message); |
return array("status" => 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
* @throws OIDplusMailException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'change_ra_email') { |
return $this->action_Request($params); |
} else if ($actionID == 'activate_new_ra_email') { |
return $this->action_Activate($params); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/raPages/910_automated_ajax_calls/OIDplusPageRaAutomatedAJAXCalls.class.php |
---|
29,39 → 29,30 |
class OIDplusPageRaAutomatedAJAXCalls extends OIDplusPagePluginRa { |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Blacklist(array $params): array { |
if (!OIDplus::baseConfig()->getValue('JWT_ALLOW_AJAX_USER', true)) { |
throw new OIDplusException(_L('The administrator has disabled this feature. (Base configuration setting %1).','JWT_ALLOW_AJAX_USER')); |
} |
public function action(string $actionID, array $params): array { |
if ($actionID == 'blacklistJWT') { |
if (!OIDplus::baseConfig()->getValue('JWT_ALLOW_AJAX_USER', true)) { |
throw new OIDplusException(_L('The administrator has disabled this feature. (Base configuration setting %1).','JWT_ALLOW_AJAX_USER')); |
} |
_CheckParamExists($params, 'user'); |
$ra_email = $params['user']; |
_CheckParamExists($params, 'user'); |
$ra_email = $params['user']; |
if (!OIDplus::authUtils()->isRaLoggedIn($ra_email) && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as the requested RA %2 or as admin.',OIDplus::gui()->link('oidplus:login$ra$'.$ra_email),'<b>'.htmlentities($ra_email).'</b>'), null, 401); |
} |
if (!OIDplus::authUtils()->isRaLoggedIn($ra_email) && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as the requested RA %2 or as admin.',OIDplus::gui()->link('oidplus:login$ra$'.$ra_email),'<b>'.htmlentities($ra_email).'</b>'), null, 401); |
} |
$gen = OIDplusAuthContentStoreJWT::JWT_GENERATOR_AJAX; |
$sub = $ra_email; |
$gen = OIDplusAuthContentStoreJWT::JWT_GENERATOR_AJAX; |
$sub = $ra_email; |
OIDplusAuthContentStoreJWT::jwtBlacklist($gen, $sub); |
OIDplusAuthContentStoreJWT::jwtBlacklist($gen, $sub); |
return array("status" => 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'blacklistJWT') { |
return $this->action_Blacklist($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |
/trunk/plugins/viathinksoft/raPages/911_rest_api/OIDplusPageRaRestApi.class.php |
---|
29,39 → 29,30 |
class OIDplusPageRaRestApi extends OIDplusPagePluginRa { |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
private function action_Blacklist(array $params): array { |
if (!OIDplus::baseConfig()->getValue('JWT_ALLOW_REST_USER', true)) { |
throw new OIDplusException(_L('The administrator has disabled this feature. (Base configuration setting %1).','JWT_ALLOW_REST_USER')); |
} |
public function action(string $actionID, array $params): array { |
if ($actionID == 'blacklistJWT') { |
if (!OIDplus::baseConfig()->getValue('JWT_ALLOW_REST_USER', true)) { |
throw new OIDplusException(_L('The administrator has disabled this feature. (Base configuration setting %1).','JWT_ALLOW_REST_USER')); |
} |
_CheckParamExists($params, 'user'); |
$ra_email = $params['user']; |
_CheckParamExists($params, 'user'); |
$ra_email = $params['user']; |
if (!OIDplus::authUtils()->isRaLoggedIn($ra_email) && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as the requested RA %2 or as admin.',OIDplus::gui()->link('oidplus:login$ra$'.$ra_email),'<b>'.htmlentities($ra_email).'</b>'), null, 401); |
} |
if (!OIDplus::authUtils()->isRaLoggedIn($ra_email) && !OIDplus::authUtils()->isAdminLoggedIn()) { |
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as the requested RA %2 or as admin.',OIDplus::gui()->link('oidplus:login$ra$'.$ra_email),'<b>'.htmlentities($ra_email).'</b>'), null, 401); |
} |
$gen = OIDplusAuthContentStoreJWT::JWT_GENERATOR_REST; |
$sub = $ra_email; |
$gen = OIDplusAuthContentStoreJWT::JWT_GENERATOR_REST; |
$sub = $ra_email; |
OIDplusAuthContentStoreJWT::jwtBlacklist($gen, $sub); |
OIDplusAuthContentStoreJWT::jwtBlacklist($gen, $sub); |
return array("status" => 0); |
} |
/** |
* @param string $actionID |
* @param array $params |
* @return array |
* @throws OIDplusException |
*/ |
public function action(string $actionID, array $params): array { |
if ($actionID == 'blacklistJWT') { |
return $this->action_Blacklist($params); |
return array("status" => 0); |
} else { |
return parent::action($actionID, $params); |
} |