Rev 310 | Rev 360 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 310 | Rev 329 | ||
|---|---|---|---|
| Line 51... | Line 51... | ||
| 51 | // Nobody logged in anymore. Destroy session cookie to make GDPR people happy |
51 | // Nobody logged in anymore. Destroy session cookie to make GDPR people happy |
| 52 | $ses->destroySession(); |
52 | $ses->destroySession(); |
| 53 | } |
53 | } |
| 54 | } |
54 | } |
| 55 | 55 | ||
| 56 | public static function raNumLoggedIn() { |
56 | public static function raCheckPassword($ra_email, $password) { |
| 57 | if (basename($_SERVER['SCRIPT_FILENAME']) == 'sitemap.php') { |
57 | $ra = new OIDplusRA($ra_email); |
| 58 | // The sitemap may not contain any confidential information, even if the user is logged in, |
- | |
| 59 | // because they could accidentally copy-paste the sitemap to a search engine control panel |
- | |
| 60 | return 0; |
58 | return $ra->checkPassword($password); |
| 61 | } |
59 | } |
| 62 | $ses = OIDplus::sesHandler(); |
- | |
| 63 | - | ||
| 64 | $list = $ses->getValue('oidplus_logged_in'); |
- | |
| 65 | if (is_null($list)) return 0; |
- | |
| 66 | 60 | ||
| 67 | $ary = ($list == '') ? array() : explode('|', $list); |
61 | public static function raNumLoggedIn() { |
| 68 | return count($ary); |
62 | return count(self::loggedInRaList()); |
| 69 | } |
63 | } |
| 70 | 64 | ||
| 71 | public static function raLogoutAll() { |
65 | public static function raLogoutAll() { |
| 72 | $ses = OIDplus::sesHandler(); |
66 | $ses = OIDplus::sesHandler(); |
| 73 | $ses->setValue('oidplus_logged_in', ''); |
67 | $ses->setValue('oidplus_logged_in', ''); |
| 74 | } |
68 | } |
| 75 | 69 | ||
| 76 | public static function loggedInRaList() { |
70 | public static function loggedInRaList() { |
| 77 | if (basename($_SERVER['SCRIPT_FILENAME']) == 'sitemap.php') { |
71 | if (self::forceAllLoggedOut()) { |
| 78 | // The sitemap may not contain any confidential information, even if the user is logged in, |
- | |
| 79 | // because they could accidentally copy-paste the sitemap to a search engine control panel |
- | |
| 80 | return array(); |
72 | return array(); |
| 81 | } |
73 | } |
| - | 74 | ||
| 82 | $ses = OIDplus::sesHandler(); |
75 | $ses = OIDplus::sesHandler(); |
| 83 | $list = $ses->getValue('oidplus_logged_in'); |
76 | $list = $ses->getValue('oidplus_logged_in'); |
| 84 | if (is_null($list)) $list = ''; |
77 | if (is_null($list)) $list = ''; |
| 85 | 78 | ||
| 86 | $res = array(); |
79 | $res = array(); |
| 87 | foreach (explode('|', $list) as $ra_email) { |
80 | foreach (array_unique(explode('|',$list)) as $ra_email) { |
| 88 | if ($ra_email == '') continue; |
81 | if ($ra_email == '') continue; |
| 89 | $res[] = new OIDplusRA($ra_email); |
82 | $res[] = new OIDplusRA($ra_email); |
| 90 | } |
83 | } |
| 91 | return $res; |
84 | return $res; |
| 92 | } |
85 | } |
| Line 105... | Line 98... | ||
| 105 | $ses->setValue('oidplus_admin_logged_in', '1'); |
98 | $ses->setValue('oidplus_admin_logged_in', '1'); |
| 106 | } |
99 | } |
| 107 | 100 | ||
| 108 | public static function adminLogout() { |
101 | public static function adminLogout() { |
| 109 | $ses = OIDplus::sesHandler(); |
102 | $ses = OIDplus::sesHandler(); |
| 110 | - | ||
| 111 | $ses->setValue('oidplus_admin_logged_in', '0'); |
103 | $ses->setValue('oidplus_admin_logged_in', '0'); |
| 112 | 104 | ||
| 113 | if (self::raNumLoggedIn() == 0) { |
105 | if (self::raNumLoggedIn() == 0) { |
| 114 | // Nobody logged in anymore. Destroy session cookie to make GDPR people happy |
106 | // Nobody logged in anymore. Destroy session cookie to make GDPR people happy |
| 115 | $ses->destroySession(); |
107 | $ses->destroySession(); |
| Line 124... | Line 116... | ||
| 124 | $calc_authkey = bin2hex(version_compare(PHP_VERSION, '7.1.0') >= 0 ? hash('sha3-512', $password, true) : bb\Sha3\Sha3::hash($password, 512, true)); |
116 | $calc_authkey = bin2hex(version_compare(PHP_VERSION, '7.1.0') >= 0 ? hash('sha3-512', $password, true) : bb\Sha3\Sha3::hash($password, 512, true)); |
| 125 | return $calc_authkey == bin2hex(base64_decode($hashed)); |
117 | return $calc_authkey == bin2hex(base64_decode($hashed)); |
| 126 | } |
118 | } |
| 127 | 119 | ||
| 128 | public static function isAdminLoggedIn() { |
120 | public static function isAdminLoggedIn() { |
| 129 | if (basename($_SERVER['SCRIPT_FILENAME']) == 'sitemap.php') { |
121 | if (self::forceAllLoggedOut()) { |
| 130 | // The sitemap may not contain any confidential information, even if the user is logged in, |
- | |
| 131 | // because they could accidentally copy-paste the sitemap to a search engine control panel |
- | |
| 132 | return false; |
122 | return false; |
| 133 | } |
123 | } |
| 134 | $ses = OIDplus::sesHandler(); |
124 | $ses = OIDplus::sesHandler(); |
| 135 | return $ses->getValue('oidplus_admin_logged_in') == '1'; |
125 | return $ses->getValue('oidplus_admin_logged_in') == '1'; |
| 136 | } |
126 | } |
| Line 145... | Line 135... | ||
| 145 | 135 | ||
| 146 | public static function validateAuthKey($data, $auth_key) { |
136 | public static function validateAuthKey($data, $auth_key) { |
| 147 | return self::makeAuthKey($data) == $auth_key; |
137 | return self::makeAuthKey($data) == $auth_key; |
| 148 | } |
138 | } |
| 149 | 139 | ||
| - | 140 | // "Veto" functions to force logout state |
|
| - | 141 | ||
| - | 142 | public static function forceAllLoggedOut() { |
|
| - | 143 | if (isset($_SERVER['SCRIPT_FILENAME']) && (basename($_SERVER['SCRIPT_FILENAME']) == 'sitemap.php')) { |
|
| - | 144 | // The sitemap may not contain any confidential information, |
|
| - | 145 | // even if the user is logged in, because the admin could |
|
| - | 146 | // accidentally copy-paste the sitemap to a |
|
| - | 147 | // search engine control panel while they are logged in |
|
| - | 148 | return true; |
|
| - | 149 | } else { |
|
| - | 150 | return false; |
|
| - | 151 | } |
|
| - | 152 | } |
|
| - | 153 | ||
| 150 | } |
154 | } |