Rev 310 | Rev 360 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 310 | Rev 329 | ||
---|---|---|---|
Line 51... | Line 51... | ||
51 | // Nobody logged in anymore. Destroy session cookie to make GDPR people happy |
51 | // Nobody logged in anymore. Destroy session cookie to make GDPR people happy |
52 | $ses->destroySession(); |
52 | $ses->destroySession(); |
53 | } |
53 | } |
54 | } |
54 | } |
55 | 55 | ||
56 | public static function raNumLoggedIn() { |
56 | public static function raCheckPassword($ra_email, $password) { |
57 | if (basename($_SERVER['SCRIPT_FILENAME']) == 'sitemap.php') { |
57 | $ra = new OIDplusRA($ra_email); |
58 | // The sitemap may not contain any confidential information, even if the user is logged in, |
- | |
59 | // because they could accidentally copy-paste the sitemap to a search engine control panel |
- | |
60 | return 0; |
58 | return $ra->checkPassword($password); |
61 | } |
59 | } |
62 | $ses = OIDplus::sesHandler(); |
- | |
63 | - | ||
64 | $list = $ses->getValue('oidplus_logged_in'); |
- | |
65 | if (is_null($list)) return 0; |
- | |
66 | 60 | ||
67 | $ary = ($list == '') ? array() : explode('|', $list); |
61 | public static function raNumLoggedIn() { |
68 | return count($ary); |
62 | return count(self::loggedInRaList()); |
69 | } |
63 | } |
70 | 64 | ||
71 | public static function raLogoutAll() { |
65 | public static function raLogoutAll() { |
72 | $ses = OIDplus::sesHandler(); |
66 | $ses = OIDplus::sesHandler(); |
73 | $ses->setValue('oidplus_logged_in', ''); |
67 | $ses->setValue('oidplus_logged_in', ''); |
74 | } |
68 | } |
75 | 69 | ||
76 | public static function loggedInRaList() { |
70 | public static function loggedInRaList() { |
77 | if (basename($_SERVER['SCRIPT_FILENAME']) == 'sitemap.php') { |
71 | if (self::forceAllLoggedOut()) { |
78 | // The sitemap may not contain any confidential information, even if the user is logged in, |
- | |
79 | // because they could accidentally copy-paste the sitemap to a search engine control panel |
- | |
80 | return array(); |
72 | return array(); |
81 | } |
73 | } |
- | 74 | ||
82 | $ses = OIDplus::sesHandler(); |
75 | $ses = OIDplus::sesHandler(); |
83 | $list = $ses->getValue('oidplus_logged_in'); |
76 | $list = $ses->getValue('oidplus_logged_in'); |
84 | if (is_null($list)) $list = ''; |
77 | if (is_null($list)) $list = ''; |
85 | 78 | ||
86 | $res = array(); |
79 | $res = array(); |
87 | foreach (explode('|', $list) as $ra_email) { |
80 | foreach (array_unique(explode('|',$list)) as $ra_email) { |
88 | if ($ra_email == '') continue; |
81 | if ($ra_email == '') continue; |
89 | $res[] = new OIDplusRA($ra_email); |
82 | $res[] = new OIDplusRA($ra_email); |
90 | } |
83 | } |
91 | return $res; |
84 | return $res; |
92 | } |
85 | } |
Line 105... | Line 98... | ||
105 | $ses->setValue('oidplus_admin_logged_in', '1'); |
98 | $ses->setValue('oidplus_admin_logged_in', '1'); |
106 | } |
99 | } |
107 | 100 | ||
108 | public static function adminLogout() { |
101 | public static function adminLogout() { |
109 | $ses = OIDplus::sesHandler(); |
102 | $ses = OIDplus::sesHandler(); |
110 | - | ||
111 | $ses->setValue('oidplus_admin_logged_in', '0'); |
103 | $ses->setValue('oidplus_admin_logged_in', '0'); |
112 | 104 | ||
113 | if (self::raNumLoggedIn() == 0) { |
105 | if (self::raNumLoggedIn() == 0) { |
114 | // Nobody logged in anymore. Destroy session cookie to make GDPR people happy |
106 | // Nobody logged in anymore. Destroy session cookie to make GDPR people happy |
115 | $ses->destroySession(); |
107 | $ses->destroySession(); |
Line 124... | Line 116... | ||
124 | $calc_authkey = bin2hex(version_compare(PHP_VERSION, '7.1.0') >= 0 ? hash('sha3-512', $password, true) : bb\Sha3\Sha3::hash($password, 512, true)); |
116 | $calc_authkey = bin2hex(version_compare(PHP_VERSION, '7.1.0') >= 0 ? hash('sha3-512', $password, true) : bb\Sha3\Sha3::hash($password, 512, true)); |
125 | return $calc_authkey == bin2hex(base64_decode($hashed)); |
117 | return $calc_authkey == bin2hex(base64_decode($hashed)); |
126 | } |
118 | } |
127 | 119 | ||
128 | public static function isAdminLoggedIn() { |
120 | public static function isAdminLoggedIn() { |
129 | if (basename($_SERVER['SCRIPT_FILENAME']) == 'sitemap.php') { |
121 | if (self::forceAllLoggedOut()) { |
130 | // The sitemap may not contain any confidential information, even if the user is logged in, |
- | |
131 | // because they could accidentally copy-paste the sitemap to a search engine control panel |
- | |
132 | return false; |
122 | return false; |
133 | } |
123 | } |
134 | $ses = OIDplus::sesHandler(); |
124 | $ses = OIDplus::sesHandler(); |
135 | return $ses->getValue('oidplus_admin_logged_in') == '1'; |
125 | return $ses->getValue('oidplus_admin_logged_in') == '1'; |
136 | } |
126 | } |
Line 145... | Line 135... | ||
145 | 135 | ||
146 | public static function validateAuthKey($data, $auth_key) { |
136 | public static function validateAuthKey($data, $auth_key) { |
147 | return self::makeAuthKey($data) == $auth_key; |
137 | return self::makeAuthKey($data) == $auth_key; |
148 | } |
138 | } |
149 | 139 | ||
- | 140 | // "Veto" functions to force logout state |
|
- | 141 | ||
- | 142 | public static function forceAllLoggedOut() { |
|
- | 143 | if (isset($_SERVER['SCRIPT_FILENAME']) && (basename($_SERVER['SCRIPT_FILENAME']) == 'sitemap.php')) { |
|
- | 144 | // The sitemap may not contain any confidential information, |
|
- | 145 | // even if the user is logged in, because the admin could |
|
- | 146 | // accidentally copy-paste the sitemap to a |
|
- | 147 | // search engine control panel while they are logged in |
|
- | 148 | return true; |
|
- | 149 | } else { |
|
- | 150 | return false; |
|
- | 151 | } |
|
- | 152 | } |
|
- | 153 | ||
150 | } |
154 | } |