GEANT / CAT

web/admin/logout_check.php

Braces +5 added lines, -4 removed lines

@@ -18,10 +18,11 @@
 if ($ls['Code'] === 'urn:oasis:names:tc:SAML:2.0:status:Success' && !isset($ls['SubCode'])) {
     /* Successful logout. */
     $url = htmlspecialchars($_SERVER['HTTP_HOST']) . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], "/admin/logout_check.php"));
-    if ($_SERVER['HTTPS'] == "on")
-        $url = "https://" . $url;
-    else
-        $url = "http://" . $url;
+    if ($_SERVER['HTTPS'] == "on") {
+            $url = "https://" . $url;
+    } else {
+            $url = "http://" . $url;
+    }
 
     header("Location: $url");
 } else {

web/admin/edit_user_result.php

Braces +2 added lines, -1 removed lines

@@ -31,10 +31,11 @@
 <?php
 $remaining_attribs = $user->beginflushAttributes();
 
-if (isset($_POST['option']))
+if (isset($_POST['option'])) {
     foreach ($_POST['option'] as $opt_id => $optname)
         if ($optname == "user:fedadmin") {
             echo "Security violation: user tried to make himself federation administrator!";
+}
             exit(1);
         }
 ?>

web/admin/overview_federation.php

Spacing +2 added lines, -2 removed lines

@@ -138,7 +138,7 @@ 
         echo "</table></div>";
     }
     if (Config::$CONSORTIUM['name'] == 'eduroam')
-        $helptext = "<h3>" . sprintf(_("Need help? Refer to the <a href='%s'>Federation Operator manual</a>"),"https://wiki.geant.org/x/KQB_AQ")."</h3>";
+        $helptext = "<h3>" . sprintf(_("Need help? Refer to the <a href='%s'>Federation Operator manual</a>"), "https://wiki.geant.org/x/KQB_AQ") . "</h3>";
     else
         $helptext = "";
     echo $helptext;
@@ -186,7 +186,7 @@ 
                 // deployment status; need to dive into profiles for this
                 // show happy eyeballs if at least one profile is configured/showtime                    
                 echo "<td>";
-                echo ($idp_instance->isOneProfileConfigured() ? "C" : "" ) . " " . ($idp_instance->isOneProfileShowtime() ? "V" : "" );
+                echo ($idp_instance->isOneProfileConfigured() ? "C" : "") . " " . ($idp_instance->isOneProfileShowtime() ? "V" : "");
                 echo "</td>";
                 // get the coarse status overview
                 $status = $idp_instance->getAllProfileStatusOverview();

Braces +21 added lines, -16 removed lines

@@ -128,19 +128,21 @@ 
     if (isset($_GET['invitation'])) {
         echo "<div class='ca-summary' style='position:relative;'><table>";
 
-        if ($_GET['invitation'] == "SUCCESS")
-            echo UI_remark(_("The invitation email was sent successfully."), _("The invitation email was sent."));
-        else if ($_GET['invitation'] == "FAILURE")
-            echo UI_error(_("The invitation email could not be sent!"), _("The invitation email could not be sent!"));
-        else
-            echo UI_error(_("Error: unknown result code of invitation!?!"), _("Unknown result!"));
+        if ($_GET['invitation'] == "SUCCESS") {
+                    echo UI_remark(_("The invitation email was sent successfully."), _("The invitation email was sent."));
+        } else if ($_GET['invitation'] == "FAILURE") {
+                    echo UI_error(_("The invitation email could not be sent!"), _("The invitation email could not be sent!"));
+        } else {
+                    echo UI_error(_("Error: unknown result code of invitation!?!"), _("Unknown result!"));
+        }
 
         echo "</table></div>";
     }
-    if (Config::$CONSORTIUM['name'] == 'eduroam')
-        $helptext = "<h3>" . sprintf(_("Need help? Refer to the <a href='%s'>Federation Operator manual</a>"),"https://wiki.geant.org/x/KQB_AQ")."</h3>";
-    else
-        $helptext = "";
+    if (Config::$CONSORTIUM['name'] == 'eduroam') {
+            $helptext = "<h3>" . sprintf(_("Need help? Refer to the <a href='%s'>Federation Operator manual</a>"),"https://wiki.geant.org/x/KQB_AQ")."</h3>";
+    } else {
+            $helptext = "";
+    }
     echo $helptext;
 
     ?>
@@ -153,8 +155,9 @@ 
             $feds = $user->getAttributes("user:fedadmin");
             $pending_invites = $mgmt->listPendingInvitations();
 
-            if (Config::$DB['enforce-external-sync'])
-                echo "<th>" . sprintf(_("%s Database Sync Status"), Config::$CONSORTIUM['name']) . "</th>";
+            if (Config::$DB['enforce-external-sync']) {
+                            echo "<th>" . sprintf(_("%s Database Sync Status"), Config::$CONSORTIUM['name']) . "</th>";
+            }
             ?>
             <th><?php echo _("Administrator Management"); ?></th>
         </tr>
@@ -165,10 +168,11 @@ 
 
             // extract only pending invitations for *this* fed
             $display_pendings = FALSE;
-            foreach ($pending_invites as $oneinvite)
-                if (strtoupper($oneinvite['country']) == strtoupper($thefed->identifier)) {
+            foreach ($pending_invites as $oneinvite) {
+                            if (strtoupper($oneinvite['country']) == strtoupper($thefed->identifier)) {
                     // echo "PENDINGS!";
                     $display_pendings = TRUE;
+            }
                 }
 
             $idps = $thefed->listIdentityProviders();
@@ -253,8 +257,8 @@ 
                                </strong>
                             </td>
                          </tr>";
-                foreach ($pending_invites as $oneinvite)
-                    if (strtoupper($oneinvite['country']) == strtoupper($thefed->identifier)) {
+                foreach ($pending_invites as $oneinvite) {
+                                    if (strtoupper($oneinvite['country']) == strtoupper($thefed->identifier)) {
                         echo "<tr>
                                     <td>" .
                         $oneinvite['name'] . "
@@ -263,6 +267,7 @@ 
                         $oneinvite['mail'] . "
                                     </td>
                                     <td colspan=2>";
+                }
                         echo "<form method='post' action='overview_federation.php' accept-charset='UTF-8'>
                                 <input type='hidden' name='invitation_id' value='" . $oneinvite['token'] . "'/>
                                 <button class='delete' type='submit' name='submitbutton' value='" . BUTTON_DELETE . "'>" . _("Revoke Invitation") . "</button>

web/admin/radius_tests.php

Indentation +37 added lines, -37 removed lines

@@ -19,10 +19,10 @@ 
 $Cat->set_locale("web_admin");
 
 $additional_message =  [
-   L_OK => '',
-   L_REMARK => _("Some properties of the connection attempt were sub-optimal; the list is below."),
-   L_WARN => _("Some properties of the connection attempt were sub-optimal; the list is below."),
-   L_ERROR => _("Some configuration errors were observed; the list is below."),
+    L_OK => '',
+    L_REMARK => _("Some properties of the connection attempt were sub-optimal; the list is below."),
+    L_WARN => _("Some properties of the connection attempt were sub-optimal; the list is below."),
+    L_ERROR => _("Some configuration errors were observed; the list is below."),
  
 ];
 
@@ -32,25 +32,25 @@ 
 }
 
 function printDN($dn) {
-  $out = '';
-  foreach (array_reverse($dn) as $k => $v) {
-      if(is_array ($v)) {
-         foreach ($v as $V) {
+    $out = '';
+    foreach (array_reverse($dn) as $k => $v) {
+        if(is_array ($v)) {
+            foreach ($v as $V) {
             if($out) 
-               $out .= ',';
+                $out .= ',';
             $out .= "$k=$V";
-         }
-      } else {
-         if($out) 
+            }
+        } else {
+            if($out) 
             $out .= ',';
-         $out .= "$k=$v";
-      }
-  }
-  return($out);
+            $out .= "$k=$v";
+        }
+    }
+    return($out);
 }
 
 function printTm($tm) {
-  return(gmdate(DateTime::COOKIE,$tm));
+    return(gmdate(DateTime::COOKIE,$tm));
 }
 
 
@@ -60,19 +60,19 @@ 
     $server_info = [];
     $udp_result = $testsuite->UDP_reachability_result[$host];
     if(isset($udp_result['certdata']) && count($udp_result['certdata'])) {
-       foreach ($udp_result['certdata'] as $certdata) {
-          if($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned' )
-             continue;
-          $server_cert =  [
-             'subject' => printDN($certdata['subject']),
-             'issuer' => printDN($certdata['issuer']),
-             'validFrom' => printTm($certdata['validFrom_time_t']),
-             'validTo' => printTm($certdata['validTo_time_t']),
-             'serialNumber' => $certdata['serialNumber'].sprintf(" (0x%X)",$certdata['serialNumber']),
-             'sha1' => $certdata['sha1'],
-             'extensions' => $certdata['extensions']
-          ];
-       }
+        foreach ($udp_result['certdata'] as $certdata) {
+            if($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned' )
+                continue;
+            $server_cert =  [
+                'subject' => printDN($certdata['subject']),
+                'issuer' => printDN($certdata['issuer']),
+                'validFrom' => printTm($certdata['validFrom_time_t']),
+                'validTo' => printTm($certdata['validTo_time_t']),
+                'serialNumber' => $certdata['serialNumber'].sprintf(" (0x%X)",$certdata['serialNumber']),
+                'sha1' => $certdata['sha1'],
+                'extensions' => $certdata['extensions']
+            ];
+        }
     }
     $ret['server_cert'] = $server_cert;
     if(isset($udp_result['incoming_server_names'][0]) ) {
@@ -120,7 +120,7 @@ 
 */
 $hostindex = $_REQUEST['hostindex']; 
 if(!is_numeric($hostindex))
-  exit;
+    exit;
 
 
 $returnarray = [];
@@ -177,16 +177,16 @@ 
                 case RETVAL_OK :
                     $level = $returnarray['result'][$i]['level'];
                     switch($level) {
-                         case L_OK :
+                            case L_OK :
                              $message = _("<strong>Test successful.</strong>");
-                             break;
-                         case L_REMARK :
+                                break;
+                            case L_REMARK :
                          case L_WARN :
                              $message = _("<strong>Test partially successful</strong>: authentication succeded.") . ' ' . $additional_message[$level];
-                             break;
-                         case L_ERROR :
+                                break;
+                            case L_ERROR :
                              $message = _("<strong>Test FAILED</strong>: authentication succeded.") . ' ' . $additional_message[$level];
-                             break;
+                                break;
                     }
                     break;
                 case RETVAL_CONVERSATION_REJECT:

Spacing +29 added lines, -29 removed lines

@@ -18,7 +18,7 @@ 
 $Cat = new CAT();
 $Cat->set_locale("web_admin");
 
-$additional_message =  [
+$additional_message = [
    L_OK => '',
    L_REMARK => _("Some properties of the connection attempt were sub-optimal; the list is below."),
    L_WARN => _("Some properties of the connection attempt were sub-optimal; the list is below."),
@@ -28,20 +28,20 @@ 
 
 function disp_name($eap) {
     $D = EAP::eapDisplayName($eap);
-    return $D['OUTER'] . ( $D['INNER'] != '' ? '-' . $D['INNER'] : '');
+    return $D['OUTER'] . ($D['INNER'] != '' ? '-' . $D['INNER'] : '');
 }
 
 function printDN($dn) {
   $out = '';
   foreach (array_reverse($dn) as $k => $v) {
-      if(is_array ($v)) {
+      if (is_array($v)) {
          foreach ($v as $V) {
-            if($out) 
+            if ($out) 
                $out .= ',';
             $out .= "$k=$V";
          }
       } else {
-         if($out) 
+         if ($out) 
             $out .= ',';
          $out .= "$k=$v";
       }
@@ -50,32 +50,32 @@ 
 }
 
 function printTm($tm) {
-  return(gmdate(DateTime::COOKIE,$tm));
+  return(gmdate(DateTime::COOKIE, $tm));
 }
 
 
 
-function process_result($testsuite,$host) {
+function process_result($testsuite, $host) {
     $ret = [];
     $server_info = [];
     $udp_result = $testsuite->UDP_reachability_result[$host];
-    if(isset($udp_result['certdata']) && count($udp_result['certdata'])) {
+    if (isset($udp_result['certdata']) && count($udp_result['certdata'])) {
        foreach ($udp_result['certdata'] as $certdata) {
-          if($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned' )
+          if ($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned')
              continue;
-          $server_cert =  [
+          $server_cert = [
              'subject' => printDN($certdata['subject']),
              'issuer' => printDN($certdata['issuer']),
              'validFrom' => printTm($certdata['validFrom_time_t']),
              'validTo' => printTm($certdata['validTo_time_t']),
-             'serialNumber' => $certdata['serialNumber'].sprintf(" (0x%X)",$certdata['serialNumber']),
+             'serialNumber' => $certdata['serialNumber'] . sprintf(" (0x%X)", $certdata['serialNumber']),
              'sha1' => $certdata['sha1'],
              'extensions' => $certdata['extensions']
           ];
        }
     }
     $ret['server_cert'] = $server_cert;
-    if(isset($udp_result['incoming_server_names'][0]) ) {
+    if (isset($udp_result['incoming_server_names'][0])) {
         $ret['server'] = sprintf(_("Connected to %s."), $udp_result['incoming_server_names'][0]);
     }
     else
@@ -119,7 +119,7 @@ 
    exit;
 */
 $hostindex = $_REQUEST['hostindex']; 
-if(!is_numeric($hostindex))
+if (!is_numeric($hostindex))
   exit;
 
 
@@ -140,14 +140,14 @@ 
                 if ($_FILES['cert']['error'] == UPLOAD_ERR_OK) {
                     $clientcertdata = file_get_contents($_FILES['cert']['tmp_name']);
                     $privkey_pass = isset($_REQUEST['privkey_pass']) && $_REQUEST['privkey_pass'] ? $_REQUEST['privkey_pass'] : ""; //!!
-                    if(isset($_REQUEST['tls_username']) && $_REQUEST['tls_username']) {
+                    if (isset($_REQUEST['tls_username']) && $_REQUEST['tls_username']) {
                         $tls_username = valid_user($_REQUEST['tls_username']);
                     } else {
-                        if(openssl_pkcs12_read($clientcertdata,$certs,$privkey_pass)) {
+                        if (openssl_pkcs12_read($clientcertdata, $certs, $privkey_pass)) {
                             $mydetails = openssl_x509_parse($certs['cert']);
-                            if(isset($mydetails['subject']['CN']) && $mydetails['subject']['CN']) {
-                                $tls_username=$mydetails['subject']['CN'];
-                                debug(4,"PKCS12-CN=$tls_username\n");
+                            if (isset($mydetails['subject']['CN']) && $mydetails['subject']['CN']) {
+                                $tls_username = $mydetails['subject']['CN'];
+                                debug(4, "PKCS12-CN=$tls_username\n");
                             } else {
                                 $testresult = RETVAL_INCOMPLETE_DATA;
                                 $run_test = FALSE;
@@ -161,14 +161,14 @@ 
                     $testresult = RETVAL_INCOMPLETE_DATA;
                     $run_test = FALSE;
                 }
-                    if($run_test) {
-                        debug(4,"TLS-USERNAME=$tls_username\n");
-                        $testresult = $testsuite->UDP_login($hostindex, $eap, $tls_username, $privkey_pass,'', TRUE, TRUE, $clientcertdata);
+                    if ($run_test) {
+                        debug(4, "TLS-USERNAME=$tls_username\n");
+                        $testresult = $testsuite->UDP_login($hostindex, $eap, $tls_username, $privkey_pass, '', TRUE, TRUE, $clientcertdata);
                     }
             } else {
-                $testresult = $testsuite->UDP_login($hostindex, $eap, $user_name, $user_password,$outer_user_name);
+                $testresult = $testsuite->UDP_login($hostindex, $eap, $user_name, $user_password, $outer_user_name);
             }
-        $returnarray['result'][$i] = process_result($testsuite,$hostindex);
+        $returnarray['result'][$i] = process_result($testsuite, $hostindex);
         $returnarray['result'][$i]['eap'] = display_name($eap);
         $returnarray['returncode'][$i] = $testresult;
 
@@ -176,7 +176,7 @@ 
             switch ($testresult) {
                 case RETVAL_OK :
                     $level = $returnarray['result'][$i]['level'];
-                    switch($level) {
+                    switch ($level) {
                          case L_OK :
                              $message = _("<strong>Test successful.</strong>");
                              break;
@@ -228,21 +228,21 @@ 
         $i = 0;
         $returnarray['hostindex'] = $hostindex;
         $testresult = $testsuite->UDP_reachability($hostindex);
-        $returnarray['result'][$i] = process_result($testsuite,$hostindex);
+        $returnarray['result'][$i] = process_result($testsuite, $hostindex);
         $returnarray['result'][$i]['eap'] = 'ALL';
         $returnarray['returncode'][$i] = $testresult;
         // a failed check may not have gotten any certificate, be prepared for that
         switch ($testresult) {
             case RETVAL_CONVERSATION_REJECT:
                 $level = $returnarray['result'][$i]['level'];
-                if($level > L_OK)
+                if ($level > L_OK)
                     $message = _("<strong>Test partially successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned.") . ' ' . $additional_message[$level];
                 else
                     $message = _("<strong>Test successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned.");
                 break;
             case RETVAL_IMMEDIATE_REJECT:
                 $message = _("<strong>Test FAILED</strong>: the request was rejected immediately, without EAP conversation. This is not necessarily an error: if the RADIUS server enforces that outer identities correspond to an existing username, then this result is expected (Note: you could configure a valid outer identity in your profile settings to get past this hurdle). In all other cases, the server appears misconfigured or it is unreachable.");
-                $level= L_WARN;
+                $level = L_WARN;
                 break;
             case RETVAL_NO_RESPONSE:
                     $returnarray['result'][$i]['server'] = 0;
@@ -255,10 +255,10 @@ 
                 break;
             default:
                 $message = _("unhandled error");
-                $level= L_ERROR;
+                $level = L_ERROR;
                 break;
         }
-debug(4,"SERVER=".$returnarray['result'][$i]['server']."\n");
+debug(4, "SERVER=" . $returnarray['result'][$i]['server'] . "\n");
         $returnarray['result'][$i]['level'] = $level;
         $returnarray['result'][$i]['message'] = $message;
         break;

Braces +43 added lines, -30 removed lines

@@ -36,13 +36,15 @@ 
   foreach (array_reverse($dn) as $k => $v) {
       if(is_array ($v)) {
          foreach ($v as $V) {
-            if($out) 
-               $out .= ',';
+            if($out) {
+                           $out .= ',';
+            }
             $out .= "$k=$V";
          }
       } else {
-         if($out) 
-            $out .= ',';
+         if($out) {
+                     $out .= ',';
+         }
          $out .= "$k=$v";
       }
   }
@@ -61,8 +63,9 @@ 
     $udp_result = $testsuite->UDP_reachability_result[$host];
     if(isset($udp_result['certdata']) && count($udp_result['certdata'])) {
        foreach ($udp_result['certdata'] as $certdata) {
-          if($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned' )
-             continue;
+          if($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned' ) {
+                       continue;
+          }
           $server_cert =  [
              'subject' => printDN($certdata['subject']),
              'issuer' => printDN($certdata['issuer']),
@@ -77,9 +80,9 @@ 
     $ret['server_cert'] = $server_cert;
     if(isset($udp_result['incoming_server_names'][0]) ) {
         $ret['server'] = sprintf(_("Connected to %s."), $udp_result['incoming_server_names'][0]);
+    } else {
+            $ret['server'] = 0;
     }
-    else
-        $ret['server'] = 0;
     $ret['level'] = L_OK;
     $ret['time_millisec'] = sprintf("%d", $udp_result['time_millisec']);
     if (isset($udp_result['cert_oddities']) && count($udp_result['cert_oddities']) > 0) {
@@ -100,8 +103,9 @@ 
     return $ret;
 }
 
-if (!isset($_REQUEST['test_type']) || !$_REQUEST['test_type'])
+if (!isset($_REQUEST['test_type']) || !$_REQUEST['test_type']) {
     exit;
+}
 
 $test_type = $_REQUEST['test_type']; 
 $check_realm = valid_Realm($_REQUEST['realm']); 
@@ -119,8 +123,9 @@ 
    exit;
 */
 $hostindex = $_REQUEST['hostindex']; 
-if(!is_numeric($hostindex))
+if(!is_numeric($hostindex)) {
   exit;
+}
 
 
 $returnarray = [];
@@ -235,10 +240,11 @@ 
         switch ($testresult) {
             case RETVAL_CONVERSATION_REJECT:
                 $level = $returnarray['result'][$i]['level'];
-                if($level > L_OK)
-                    $message = _("<strong>Test partially successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned.") . ' ' . $additional_message[$level];
-                else
-                    $message = _("<strong>Test successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned.");
+                if($level > L_OK) {
+                                    $message = _("<strong>Test partially successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned.") . ' ' . $additional_message[$level];
+                } else {
+                                    $message = _("<strong>Test successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned.");
+                }
                 break;
             case RETVAL_IMMEDIATE_REJECT:
                 $message = _("<strong>Test FAILED</strong>: the request was rejected immediately, without EAP conversation. This is not necessarily an error: if the RADIUS server enforces that outer identities correspond to an existing username, then this result is expected (Note: you could configure a valid outer identity in your profile settings to get past this hurdle). In all other cases, the server appears misconfigured or it is unreachable.");
@@ -276,23 +282,28 @@ 
             } else {
                 $returnarray['message'] = $testsuite->return_codes[$testsuite->TLS_CA_checks_result[$host]['status']]["message"];
                 $returnarray['level'] = L_OK;
-                if ($testsuite->TLS_CA_checks_result[$host]['status'] != RETVAL_CONNECTION_REFUSED)
-                    $returnarray['message'] .= ' (' . sprintf(_("elapsed time: %d"), $testsuite->TLS_CA_checks_result[$host]['time_millisec']) . '&nbsp;ms)';
-                else
-                    $returnarray['level'] = L_ERROR;
+                if ($testsuite->TLS_CA_checks_result[$host]['status'] != RETVAL_CONNECTION_REFUSED) {
+                                    $returnarray['message'] .= ' (' . sprintf(_("elapsed time: %d"), $testsuite->TLS_CA_checks_result[$host]['time_millisec']) . '&nbsp;ms)';
+                } else {
+                                    $returnarray['level'] = L_ERROR;
+                }
                 if ($testsuite->TLS_CA_checks_result[$host]['status'] == RETVAL_OK) {
                     $returnarray['certdata'] = [];
                     $returnarray['certdata']['subject'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['subject'];
                     $returnarray['certdata']['issuer'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['issuer'];
                     $returnarray['certdata']['extensions'] = [];
-                    if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']))
-                        $returnarray['certdata']['extensions']['subjectaltname'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'];
-                    if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['policyoid']))
-                        $returnarray['certdata']['extensions']['policies'] = join(' ', $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['policyoid']);
-                    if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['crlDistributionPoint']))
-                        $returnarray['certdata']['extensions']['crldistributionpoints'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['crlDistributionPoint'];
-                    if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['authorityInfoAccess']))
-                        $returnarray['certdata']['extensions']['authorityinfoaccess'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['authorityInfoAccess'];
+                    if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'])) {
+                                            $returnarray['certdata']['extensions']['subjectaltname'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'];
+                    }
+                    if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['policyoid'])) {
+                                            $returnarray['certdata']['extensions']['policies'] = join(' ', $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['policyoid']);
+                    }
+                    if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['crlDistributionPoint'])) {
+                                            $returnarray['certdata']['extensions']['crldistributionpoints'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['crlDistributionPoint'];
+                    }
+                    if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['authorityInfoAccess'])) {
+                                            $returnarray['certdata']['extensions']['authorityinfoaccess'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['authorityInfoAccess'];
+                    }
                 }
                 $returnarray['cert_oddities'] = [];
             }
@@ -306,10 +317,11 @@ 
         $k = 0;
         // the host member of the array may not exist if RETVAL_SKIPPED came out
         // (e.g. no client cert to test with). Be prepared for that
-        if (isset($testsuite->TLS_clients_checks_result[$host]))
-            foreach ($testsuite->TLS_clients_checks_result[$host]['ca'] as $type => $cli) {
+        if (isset($testsuite->TLS_clients_checks_result[$host])) {
+                    foreach ($testsuite->TLS_clients_checks_result[$host]['ca'] as $type => $cli) {
                 foreach ($cli as $key => $val) {
                     $returnarray['ca'][$k][$key] = $val;
+        }
                 }
                 $k++;
             }
@@ -347,8 +359,9 @@ 
             $oids = check_policy($data);
             if (!empty($oids)) {
                 $printedres .= '<li>' . _("Certificate policies") . ':';
-                foreach ($oids as $k => $o)
-                    $printedres .= " $o ($k)";
+                foreach ($oids as $k => $o) {
+                                    $printedres .= " $o ($k)";
+                }
             }
             if (($crl = certificate_get_field($data, 'crlDistributionPoints'))) {
                 $printedres .= '<li>' . _("crlDistributionPoints") . ': ' . $crl;

web/admin/sanity_tests.php

Indentation +39 added lines, -39 removed lines

@@ -36,53 +36,53 @@ 
 require_once("SanityTests.php");
 
 function print_test_results($t) {
-   $out = '';
-   switch($t->test_result['global']) {
-       case L_OK:
+    $out = '';
+    switch($t->test_result['global']) {
+        case L_OK:
          $message = "Your configuration appears to be fine.";
-         break;
-       case L_WARN:
+            break;
+        case L_WARN:
          $message = "There were some warnings, but your configuration should work.";
-         break;
-       case L_ERROR:
+            break;
+        case L_ERROR:
          $message = "Your configuration appears to be broken, please fix the errors.";
-         break;
-       case L_NOTICE:
+            break;
+        case L_NOTICE:
          $message = "Your configuration appears to be fine.";
-         break;
-   }
-   $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>");
-   foreach ($t->out as $test => $test_val)  {
-   foreach ($test_val as $o)  {
-       $out .= UI_message($o['level'],$o['message']);
-   }
-   }
-   return($out);
+            break;
+    }
+    $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>");
+    foreach ($t->out as $test => $test_val)  {
+    foreach ($test_val as $o)  {
+        $out .= UI_message($o['level'],$o['message']);
+    }
+    }
+    return($out);
 }
 
 function return_test_results($t) {
-   $out = '';
-   switch($t->test_result['global']) {
-       case L_OK:
+    $out = '';
+    switch($t->test_result['global']) {
+        case L_OK:
          $message = "Your configuration appears to be fine.";
-         break;
-       case L_WARN:
+            break;
+        case L_WARN:
          $message = "There were some warnings, but your configuration should work.";
-         break;
-       case L_ERROR:
+            break;
+        case L_ERROR:
          $message = "Your configuration appears to be broken, please fix the errors.";
-         break;
-       case L_NOTICE:
+            break;
+        case L_NOTICE:
          $message = "Your configuration appears to be fine.";
-         break;
-   }
-   $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>");
-   foreach ($t->out as $test => $test_val)  {
-   foreach ($test_val as $o)  {
-       $out .= UI_message($o['level'],$o['message']);
-   }
-   }
-   return($out);
+            break;
+    }
+    $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>");
+    foreach ($t->out as $test => $test_val)  {
+    foreach ($test_val as $o)  {
+        $out .= UI_message($o['level'],$o['message']);
+    }
+    }
+    return($out);
 }
 
 
@@ -93,8 +93,8 @@ 
     authenticate();
     $user = new User($_SESSION['user']);
     if (!$user->isSuperadmin()) {
-         print "Not Superadmin";
-         exit;
+            print "Not Superadmin";
+            exit;
     }
     
 }
@@ -108,7 +108,7 @@ 
         break;
     case 'html':
     header("Content-Type:text/html;charset=utf-8");
-      echo "<!DOCTYPE html>
+        echo "<!DOCTYPE html>
           <html xmlns='http://www.w3.org/1999/xhtml' lang='$ourlocale'>
           <head lang='$ourlocale'>
           <meta http-equiv='Content-Type' content='text/html; charset=UTF-8'></head>";

Spacing +11 added lines, -11 removed lines

@@ -37,7 +37,7 @@ 
 
 function print_test_results($t) {
    $out = '';
-   switch($t->test_result['global']) {
+   switch ($t->test_result['global']) {
        case L_OK:
          $message = "Your configuration appears to be fine.";
          break;
@@ -51,10 +51,10 @@ 
          $message = "Your configuration appears to be fine.";
          break;
    }
-   $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>");
-   foreach ($t->out as $test => $test_val)  {
-   foreach ($test_val as $o)  {
-       $out .= UI_message($o['level'],$o['message']);
+   $out .= UI_message($t->test_result['global'], "<br><strong>Test Summary</strong><br>" . $message . "<br>See below for details<br><hr>");
+   foreach ($t->out as $test => $test_val) {
+   foreach ($test_val as $o) {
+       $out .= UI_message($o['level'], $o['message']);
    }
    }
    return($out);
@@ -62,7 +62,7 @@ 
 
 function return_test_results($t) {
    $out = '';
-   switch($t->test_result['global']) {
+   switch ($t->test_result['global']) {
        case L_OK:
          $message = "Your configuration appears to be fine.";
          break;
@@ -76,10 +76,10 @@ 
          $message = "Your configuration appears to be fine.";
          break;
    }
-   $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>");
-   foreach ($t->out as $test => $test_val)  {
-   foreach ($test_val as $o)  {
-       $out .= UI_message($o['level'],$o['message']);
+   $out .= UI_message($t->test_result['global'], "<br><strong>Test Summary</strong><br>" . $message . "<br>See below for details<br><hr>");
+   foreach ($t->out as $test => $test_val) {
+   foreach ($test_val as $o) {
+       $out .= UI_message($o['level'], $o['message']);
    }
    }
    return($out);
@@ -100,7 +100,7 @@ 
 }
 $test = new SanityTest();
 $test->run_tests($Tests);
-$format =  empty($_REQUEST['format']) ? 'include' : $_REQUEST['format'];
+$format = empty($_REQUEST['format']) ? 'include' : $_REQUEST['format'];
 switch ($format) {
     case 'include':
         $o = print_test_results($test);

web/admin/overview_idp.php

Spacing +4 added lines, -4 removed lines

@@ -85,7 +85,7 @@ 
         <div class='infobox' style='text-align:center;'>
             <h2><?php echo _("Institution Download Area QR Code"); ?></h2>
             <?php
-            $displayurl = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier;
+            $displayurl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier;
             $uri = "data:image/png;base64," . base64_encode(png_inject_consortium_logo(QRcode::png($displayurl, FALSE, QR_ECLEVEL_Q, 12)));
             $size = getimagesize($uri);
             echo "<img width='" . ($size[0] / 4) . "' height='" . ($size[1] / 4) . "' src='$uri' alt='QR-code'/>";
@@ -115,7 +115,7 @@ 
             </td>
             <td>
                 <form action='edit_idp_result.php?inst_id=<?php echo $my_inst->identifier; ?>' method='post' accept-charset='UTF-8'>
-                    <button class='delete' type='submit' name='submitbutton' value='<?php echo BUTTON_DELETE; ?>' onclick="return confirm('<?php echo ( Config::$CONSORTIUM['selfservice_registration'] === NULL ? _("After deleting the IdP, you can not recreate it yourself - you need a new invitation token from the federation administrator!") . " " : "" ) . sprintf(_("Do you really want to delete your IdP %s?"), $my_inst->name); ?>')"><?php echo _("Delete IdP"); ?></button>
+                    <button class='delete' type='submit' name='submitbutton' value='<?php echo BUTTON_DELETE; ?>' onclick="return confirm('<?php echo (Config::$CONSORTIUM['selfservice_registration'] === NULL ? _("After deleting the IdP, you can not recreate it yourself - you need a new invitation token from the federation administrator!") . " " : "") . sprintf(_("Do you really want to delete your IdP %s?"), $my_inst->name); ?>')"><?php echo _("Delete IdP"); ?></button>
                 </form>
 
             </td>
@@ -230,7 +230,7 @@ 
         $has_realm = $profile_list->getAttributes("internal:realm");
         $has_realm = $has_realm[0]['value'];
         echo "<div class='profilemodulebuttons' style='float:right;'>";
-        if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || ( count(Config::$RADIUSTESTS['TLS-clientcerts']) > 0 && Config::$RADIUSTESTS['TLS-discoverytag'] != ""))
+        if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || (count(Config::$RADIUSTESTS['TLS-clientcerts']) > 0 && Config::$RADIUSTESTS['TLS-discoverytag'] != ""))
             echo "<form action='action_realmcheck.php?inst_id=$my_inst->identifier&amp;profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'>
                               <button type='submit' name='profile_action' value='check' " . ($has_realm ? "" : "disabled='disabled' title='" . _("The realm can only be checked if you configure the realm!") . "'") . ">
                                   " . _("Check realm reachability") . "
@@ -264,7 +264,7 @@ 
             if (isset($URL['device-specific:redirect']))
                 $displayurl = $URL['device-specific:redirect'][0];
             else
-                $displayurl = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://' ) . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier . "&amp;profile=" . $profile_list->identifier;
+                $displayurl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier . "&amp;profile=" . $profile_list->identifier;
             echo "<a href='$displayurl' style='white-space: nowrap; text-align: center;'>";
             $uri = "data:image/png;base64," . base64_encode(png_inject_consortium_logo(QRcode::png($displayurl, FALSE, QR_ECLEVEL_Q, 12)));
             $size = getimagesize($uri);

Braces +48 added lines, -31 removed lines

@@ -28,8 +28,9 @@ 
 
 // delete stored realm
 
-if (isset($_SESSION['check_realm']))
+if (isset($_SESSION['check_realm'])) {
     unset($_SESSION['check_realm']);
+}
 
 
 geo_widget_head($my_inst->federation, $my_inst->name);
@@ -95,15 +96,17 @@ 
         </div>
         <?php
         $loadmap = FALSE;
-        foreach ($idpoptions as $optionname => $optionvalue)
-            if ($optionvalue['name'] == "general:geo_coordinates")
+        foreach ($idpoptions as $optionname => $optionvalue) {
+                    if ($optionvalue['name'] == "general:geo_coordinates")
                 $loadmap = TRUE;
-        if ($loadmap)
-            echo '
+        }
+        if ($loadmap) {
+                    echo '
 <div class="infobox"  style="width:270px;">
 <div id="map" style="width:100%; height:150px"></div>
 </div>
 ';
+        }
         ?>
     </div>
     <table>
@@ -131,8 +134,8 @@ 
     <h2><?php _("Available Support actions"); ?></h2>
     <table>
         <?php
-        if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || Config::$RADIUSTESTS['TLS-discoverytag'] != "")
-            echo "<tr>
+        if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || Config::$RADIUSTESTS['TLS-discoverytag'] != "") {
+                    echo "<tr>
                         <td>" . _("Check another realm's reachability") . "</td>
                         <td><form method='post' action='action_realmcheck.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'>
                               <input type='text' name='realm' id='realm'>
@@ -140,7 +143,9 @@ 
                             </form>
                         </td>
                     </tr>";
-        if (Config::$CONSORTIUM['name'] == "eduroam") // SW: APPROVED
+        }
+        if (Config::$CONSORTIUM['name'] == "eduroam") {
+            // SW: APPROVED
             echo "<tr>
                         <td>" . _("Check server status of European federations") . "</td>
                         <td>
@@ -149,14 +154,17 @@ 
                            </form>
                         </td>
                     </tr>";
+        }
         ?>
     </table>
     <hr/>
     <h2><?php echo _("Profiles for this institution"); ?></h2>
     <?php
     $profiles_for_this_idp = $my_inst->listProfiles();
-    if (count($profiles_for_this_idp) == 0) // no profiles yet.
+    if (count($profiles_for_this_idp) == 0) {
+        // no profiles yet.
         echo _("There are not yet any profiles for your institution.");
+    }
 
     foreach ($profiles_for_this_idp as $profile_list) {
         echo "<div style='display: table-row; margin-bottom: 20px;'>";
@@ -170,9 +178,10 @@ 
         // readiness - but want to display it before!
 
         $has_overrides = FALSE;
-        foreach ($attribs as $attrib)
-            if ($attrib['level'] == "Profile" && !preg_match("/^(internal:|profile:name|profile:description)/", $attrib['name']))
+        foreach ($attribs as $attrib) {
+                    if ($attrib['level'] == "Profile" && !preg_match("/^(internal:|profile:name|profile:description)/", $attrib['name']))
                 $has_overrides = TRUE;
+        }
 
         $buffer_eaptypediv = "<div style='margin-bottom:40px; float:left;'>" . _("<strong>EAP Types</strong> (in order of preference):") . "<br/>";
         $typelist = $profile_list->getEapMethodsinOrderOfPreference();
@@ -196,9 +205,10 @@ 
                 $allcomplete = FALSE;
             };
             $eapattribs = $profile_list->getAttributes(0, $eaptype);
-            foreach ($attribs as $attrib)
-                if ($attrib['level'] == "Method" && !preg_match("/^internal:/", $attrib['name']))
+            foreach ($attribs as $attrib) {
+                            if ($attrib['level'] == "Method" && !preg_match("/^internal:/", $attrib['name']))
                     $buffer_eaptypediv .= "<img src='../resources/images/icons/Letter-E-blue-icon.png' alt='" . _("Option override on EAP Method level is in effect.") . "'>";
+            }
             $buffer_eaptypediv .= "<br/>";
         }
         $buffer_headline = "<h2 style='overflow:auto;'>";
@@ -206,23 +216,27 @@ 
         $buffer_headline .= "<div style='float:right;'>";
         $sufficient_config = $profile_list->getSufficientConfig();
         $showtime = $profile_list->getShowtime();
-        if ($has_overrides)
-            $buffer_headline .= UI_remark("", _("Option override on profile level is in effect."), TRUE);
-        if (!$allcomplete)
-            $buffer_headline .= UI_error("", _("The information in this profile is incomplete."), TRUE);
-        if ($showtime)
-            $buffer_headline .= UI_okay("", _("This profile is shown on the user download interface."), TRUE);
-        else if ($sufficient_config)
-            $buffer_headline .= UI_warning("", sprintf(_("This profile is NOT shown on the user download interface, even though we have enough information to show. To enable the profile, add the attribute \"%s\" and tick the corresponding box."), display_name("profile:production")), TRUE);
+        if ($has_overrides) {
+                    $buffer_headline .= UI_remark("", _("Option override on profile level is in effect."), TRUE);
+        }
+        if (!$allcomplete) {
+                    $buffer_headline .= UI_error("", _("The information in this profile is incomplete."), TRUE);
+        }
+        if ($showtime) {
+                    $buffer_headline .= UI_okay("", _("This profile is shown on the user download interface."), TRUE);
+        } else if ($sufficient_config) {
+                    $buffer_headline .= UI_warning("", sprintf(_("This profile is NOT shown on the user download interface, even though we have enough information to show. To enable the profile, add the attribute \"%s\" and tick the corresponding box."), display_name("profile:production")), TRUE);
+        }
         $buffer_headline .= "</div>";
 
         $buffer_headline .= sprintf(_("Profile: %s"), $profile_name) . "</h2>";
 
         echo $buffer_headline;
 
-        if (array_search(EAP::$TTLS_PAP, $typelist) !== FALSE && array_search(EAP::$TTLS_GTC, $typelist) === FALSE && array_search(EAP::$PEAP_MSCHAP2, $typelist) === FALSE && array_search(EAP::$TTLS_MSCHAP2, $typelist) === FALSE)
-        /// Hmmm... IdP Supports TTLS-PAP, but not TTLS-GTC nor anything based on MSCHAPv2. That locks out Symbian users; and is easy to circumvent. Tell the admin...
+        if (array_search(EAP::$TTLS_PAP, $typelist) !== FALSE && array_search(EAP::$TTLS_GTC, $typelist) === FALSE && array_search(EAP::$PEAP_MSCHAP2, $typelist) === FALSE && array_search(EAP::$TTLS_MSCHAP2, $typelist) === FALSE) {
+                /// Hmmm... IdP Supports TTLS-PAP, but not TTLS-GTC nor anything based on MSCHAPv2. That locks out Symbian users; and is easy to circumvent. Tell the admin...
             $buffer_eaptypediv .= "<p>" . sprintf(_("Read this <a href='%s'>tip</a>."), "https://confluence.terena.org/display/H2eduroam/eap-types#eap-types-choices") . "</p>";
+        }
 
         $buffer_eaptypediv .= "</div>";
         echo $buffer_eaptypediv;
@@ -230,12 +244,13 @@ 
         $has_realm = $profile_list->getAttributes("internal:realm");
         $has_realm = $has_realm[0]['value'];
         echo "<div class='profilemodulebuttons' style='float:right;'>";
-        if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || ( count(Config::$RADIUSTESTS['TLS-clientcerts']) > 0 && Config::$RADIUSTESTS['TLS-discoverytag'] != ""))
-            echo "<form action='action_realmcheck.php?inst_id=$my_inst->identifier&amp;profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'>
+        if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || ( count(Config::$RADIUSTESTS['TLS-clientcerts']) > 0 && Config::$RADIUSTESTS['TLS-discoverytag'] != "")) {
+                    echo "<form action='action_realmcheck.php?inst_id=$my_inst->identifier&amp;profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'>
                               <button type='submit' name='profile_action' value='check' " . ($has_realm ? "" : "disabled='disabled' title='" . _("The realm can only be checked if you configure the realm!") . "'") . ">
                                   " . _("Check realm reachability") . "
                               </button>
                           </form>";
+        }
         echo "<form action='overview_installers.php?inst_id=$my_inst->identifier&amp;profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'>
                               <button type='submit' name='profile_action' value='check' " . ($has_eaptypes ? "" : "disabled='disabled'  title='" . _("You have not fully configured any supported EAP types!") . "'") . ">
                                   " . _("Installer Fine-Tuning and Download") . "
@@ -261,10 +276,11 @@ 
         if ($profile_list->getShowtime()) {
             echo "<div style='display: table-cell; text-align:center;'><p><strong>" . _("User Download Link") . "</strong></p>";
             $URL = $profile_list->getCollapsedAttributes();
-            if (isset($URL['device-specific:redirect']))
-                $displayurl = $URL['device-specific:redirect'][0];
-            else
-                $displayurl = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://' ) . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier . "&amp;profile=" . $profile_list->identifier;
+            if (isset($URL['device-specific:redirect'])) {
+                            $displayurl = $URL['device-specific:redirect'][0];
+            } else {
+                            $displayurl = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://' ) . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier . "&amp;profile=" . $profile_list->identifier;
+            }
             echo "<a href='$displayurl' style='white-space: nowrap; text-align: center;'>";
             $uri = "data:image/png;base64," . base64_encode(png_inject_consortium_logo(QRcode::png($displayurl, FALSE, QR_ECLEVEL_Q, 12)));
             $size = getimagesize($uri);
@@ -277,8 +293,9 @@ 
             echo "<div style='width:20px;'></div>";
             echo "<div style='display: table-cell; min-width:200px;'><p><strong>" . _("User Downloads") . "</strong></p><table>";
             $stats = $profile_list->getUserDownloadStats();
-            foreach ($stats as $dev => $count)
-                echo "<tr><td><strong>$dev</strong></td><td>$count</td></tr>";
+            foreach ($stats as $dev => $count) {
+                            echo "<tr><td><strong>$dev</strong></td><td>$count</td></tr>";
+            }
             echo "</table></div>";
         }
         echo "</div>";

web/admin/action_realmcheck.php

Indentation +154 added lines, -154 removed lines

@@ -28,30 +28,30 @@ 
 else
     $my_profile = NULL;
 if ($my_profile != NULL) {
-   $cr = $my_profile->getAttributes("internal:realm");
-   if ($cr) {
-      // checking our own stuff. Enable thorough checks
-      $check_thorough = TRUE;
-      $check_realm = $cr[0]['value'];
-      $testsuite = new RADIUSTests($check_realm, $my_profile->identifier);
-   } else {
-      $error_message = _("You asked for a realm check, but we don't know the realm for this profile!") . "</p>";
-   }
+    $cr = $my_profile->getAttributes("internal:realm");
+    if ($cr) {
+        // checking our own stuff. Enable thorough checks
+        $check_thorough = TRUE;
+        $check_realm = $cr[0]['value'];
+        $testsuite = new RADIUSTests($check_realm, $my_profile->identifier);
+    } else {
+        $error_message = _("You asked for a realm check, but we don't know the realm for this profile!") . "</p>";
+    }
 } else { // someone else's realm... only shallow checks
-   if(!empty($_REQUEST['realm'])) {
-      if($check_realm = valid_Realm($_REQUEST['realm'])) {
-         $_SESSION['check_realm'] = $check_realm;
-      }
-   } else {
-      if(!empty($_SESSION['check_realm']))
-         $check_realm = $_SESSION['check_realm'];
-      else
-         $check_realm = FALSE;
-   }
-   if($check_realm)
-      $testsuite = new RADIUSTests($check_realm);
-   else
-      $error_message = _("No valid realm name given, cannot execute any checks!");
+    if(!empty($_REQUEST['realm'])) {
+        if($check_realm = valid_Realm($_REQUEST['realm'])) {
+            $_SESSION['check_realm'] = $check_realm;
+        }
+    } else {
+        if(!empty($_SESSION['check_realm']))
+            $check_realm = $_SESSION['check_realm'];
+        else
+            $check_realm = FALSE;
+    }
+    if($check_realm)
+        $testsuite = new RADIUSTests($check_realm);
+    else
+        $error_message = _("No valid realm name given, cannot execute any checks!");
 }
 
 $translate = _("STATIC");
@@ -401,7 +401,7 @@ 
    var formData = new FormData($('#live_form')[0]);
 <?php
 foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
-   print "
+    print "
 $(\"#live_src".$hostindex."_img\").attr('src',icon_loading);
 $(\"#live_src".$hostindex."_img\").show();
     $.ajax({
@@ -438,7 +438,7 @@ 
     else
         $extraarg = "";
     
-   print "
+    print "
 $(\"#src".$hostindex."_img\").attr('src',icon_loading);
 $(\"#src$hostindex\").html('');
 running_ajax_stat++;
@@ -480,89 +480,89 @@ 
    <strong><?php echo _("Overview") ?></strong>
    </legend>
       <?php
-      // NAPTR existence check
-      echo "<strong>"._("DNS chekcs")."</strong><div>";
-      $naptr = $testsuite->NAPTR();
-      if ($naptr != RETVAL_NOTCONFIGURED) {
-           echo "<table>";
-                  // output in friendly words
-          echo "<tr><td>" . _("Checking NAPTR existence:") . "</td><td>";
-          switch ($naptr) {
-             case RETVAL_NONAPTR:
+        // NAPTR existence check
+        echo "<strong>"._("DNS chekcs")."</strong><div>";
+        $naptr = $testsuite->NAPTR();
+        if ($naptr != RETVAL_NOTCONFIGURED) {
+            echo "<table>";
+                    // output in friendly words
+            echo "<tr><td>" . _("Checking NAPTR existence:") . "</td><td>";
+            switch ($naptr) {
+                case RETVAL_NONAPTR:
                 echo _("This realm has no NAPTR records.");
                 break;
-             case RETVAL_ONLYUNRELATEDNAPTR:
+                case RETVAL_ONLYUNRELATEDNAPTR:
                 printf(_("This realm has NAPTR records, but none are associated with %s."), Config::$CONSORTIUM['name']);
                 break;
-             default: // if none of the possible negative retvals, then we have matching NAPTRs
+                default: // if none of the possible negative retvals, then we have matching NAPTRs
                 printf(_("This realm has %d %s NAPTR records."), $naptr, Config::$CONSORTIUM['name']);
-           }
-           echo "</td></tr>";
+            }
+            echo "</td></tr>";
 
-           // compliance checks for NAPTRs
+            // compliance checks for NAPTRs
 
-           if ($naptr > 0) {
-              echo "<tr><td>" . _("Checking NAPTR compliance (flag = S and regex = {empty}):") . "</td><td>";
-              $naptr_valid = $testsuite->NAPTR_compliance();
-              switch ($naptr_valid) {
-                 case RETVAL_OK:
+            if ($naptr > 0) {
+                echo "<tr><td>" . _("Checking NAPTR compliance (flag = S and regex = {empty}):") . "</td><td>";
+                $naptr_valid = $testsuite->NAPTR_compliance();
+                switch ($naptr_valid) {
+                    case RETVAL_OK:
                     echo _("No issues found.");
                     break;
-                 case RETVAL_INVALID:
+                    case RETVAL_INVALID:
                     printf(_("At least one NAPTR with invalid content found!"));
                     break;
-              }
-              echo "</td></tr>";
+                }
+                echo "</td></tr>";
             }
 
             // SRV resolution
 
             if ($naptr > 0 && $naptr_valid == RETVAL_OK) {
-              $srv = $testsuite->NAPTR_SRV();
-               echo "<tr><td>" . _("Checking SRVs:") . "</td><td>";
-               switch ($srv) {
-                  case RETVAL_SKIPPED:
+                $srv = $testsuite->NAPTR_SRV();
+                echo "<tr><td>" . _("Checking SRVs:") . "</td><td>";
+                switch ($srv) {
+                    case RETVAL_SKIPPED:
                      echo _("This check was skipped.");
-                     break;
-                  case RETVAL_INVALID:
+                        break;
+                    case RETVAL_INVALID:
                      printf(_("At least one NAPTR with invalid content found!"));
-                     break;
-                  default: // print number of successfully retrieved SRV targets
+                        break;
+                    default: // print number of successfully retrieved SRV targets
                      printf(_("%d host names discovered."), $srv);
-               }
-               echo "</td></tr>";
+                }
+                echo "</td></tr>";
             }
             // IP addresses for the hosts
             if ($naptr > 0 && $naptr_valid == RETVAL_OK && $srv > 0) {
-               $hosts = $testsuite->NAPTR_hostnames();
-               echo "<tr><td>" . _("Checking IP address resolution:") . "</td><td>";
-               switch ($srv) {
-                  case RETVAL_SKIPPED:
+                $hosts = $testsuite->NAPTR_hostnames();
+                echo "<tr><td>" . _("Checking IP address resolution:") . "</td><td>";
+                switch ($srv) {
+                    case RETVAL_SKIPPED:
                      echo _("This check was skipped.");
-                     break;
-                  case RETVAL_INVALID:
+                        break;
+                    case RETVAL_INVALID:
                      printf(_("At least one hostname could not be resolved!"));
-                     break;
-                  default: // print number of successfully retrieved SRV targets
+                        break;
+                    default: // print number of successfully retrieved SRV targets
                      printf(_("%d IP addresses resolved."), $hosts);
-               }
-               echo "</td></tr>";
+                }
+                echo "</td></tr>";
             }
 
             echo "</table><table>";
-              if (count($testsuite->listerrors()) == 0) {
+                if (count($testsuite->listerrors()) == 0) {
                 echo UI_message(L_OK,sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("with no DNS errors encountered. Congratulations!"));
                 echo "</table>";
-              } else {
+                } else {
                 echo UI_message(L_ERROR,sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("but there were DNS errors! Check them!") . " " . _("You should re-run the tests after fixing the errors; more errors might be uncovered at that point. The exact error causes are listed below."));
                 echo "</table><div class='notacceptable'><table>";
                 foreach ($testsuite->listerrors() as $details)
-                   echo "<tr><td>" . $details['TYPE'] . "</td><td>" . $details['TARGET'] . "</td></tr>";
+                    echo "<tr><td>" . $details['TYPE'] . "</td><td>" . $details['TARGET'] . "</td></tr>";
                 echo "</table></div>";
-              }
-              echo '</div>';
+                }
+                echo '</div>';
 
-              echo '<script type="text/javascript">
+                echo '<script type="text/javascript">
               function run_dynamic() {
                  running_ajax_dyn = 0;
                  $("#main_dynamic_ico").attr("src",icon_loading);
@@ -571,37 +571,37 @@ 
                  global_level_dyn = L_OK;
                  $("#dynamic_tests").show();
               ';
-                  foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
-                      $host = '';
-                      if ($addr['family'] == "IPv6") $host .= '[';
-                      $host .= $addr['IP'];
-                      if ($addr['family'] == "IPv6") $host .= ']';
-                      $host .= ':' . $addr['port'];
+                    foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
+                        $host = '';
+                        if ($addr['family'] == "IPv6") $host .= '[';
+                        $host .= $addr['IP'];
+                        if ($addr['family'] == "IPv6") $host .= ']';
+                        $host .= ':' . $addr['port'];
 /*if($addr['family'] == "IPv6")
    continue;*/
-                      print "
+                        print "
                             running_ajax_dyn++;
                             $.ajax({url:'radius_tests.php', data:{test_type: 'capath', realm: realm, src: '$host', lang: '".CAT::get_lang()."', hostindex: '$hostindex' }, error: eee, success: capath, dataType: 'json'}); 
                             running_ajax_dyn++;
                             $.ajax({url:'radius_tests.php', data:{test_type: 'clients', realm: realm, src: '$host', lang: '".CAT::get_lang()."', hostindex: '$hostindex' }, error: eee, success: clients, dataType: 'json'}); 
                        ";
-                   }
-              echo "}
+                    }
+                echo "}
               </script><hr>";
        
-         } else {
-          echo "<tr><td>" . _("Dynamic discovery test is not configured") . "</td><td>";
-         }
-         echo "<strong>"._("Static connectivity tests")."</strong>
+            } else {
+            echo "<tr><td>" . _("Dynamic discovery test is not configured") . "</td><td>";
+            }
+            echo "<strong>"._("Static connectivity tests")."</strong>
          <table><tr>
          <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_static_ico' class='icon'></td><td id='main_static_result' style='display:none'>&nbsp;</td>
          </tr></table>";
-         if($naptr > 0) {
-             echo "<hr><strong>"._("Dynamic connectivity tests")."</strong>
+            if($naptr > 0) {
+                echo "<hr><strong>"._("Dynamic connectivity tests")."</strong>
          <table><tr>
          <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_dynamic_ico' class='icon'></td><td id='main_dynamic_result' style='display:none'>&nbsp;</td>
          </tr></table>";
-         }
+            }
 ?>
 
 </fieldset>
@@ -613,11 +613,11 @@ 
      <fieldset class="option_container" id="static_tests">
      <legend><strong> <?php echo _("STATIC connectivity tests");?> </strong> </legend>
 <?php
-     echo sprintf(_("This check sends a request for the realm through various entry points of the %s infrastructure. The request will contain the 'Operator-Name' attribute, and will be larger than 1500 Bytes to catch two common configuration problems.<br/>Since we don't have actual credentials for the realm, we can't authenticate successfully - so the expected outcome is to get an Access-Reject after having gone through an EAP conversation."), Config::$CONSORTIUM['name']);
+        echo sprintf(_("This check sends a request for the realm through various entry points of the %s infrastructure. The request will contain the 'Operator-Name' attribute, and will be larger than 1500 Bytes to catch two common configuration problems.<br/>Since we don't have actual credentials for the realm, we can't authenticate successfully - so the expected outcome is to get an Access-Reject after having gone through an EAP conversation."), Config::$CONSORTIUM['name']);
 print "<p>";
 
 foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
-  print "<hr>";
+    print "<hr>";
 printf(_("Testing from: %s"), "<strong>".Config::$RADIUSTESTS['UDP-hosts'][$hostindex]['display_name']."</strong>");
 print "<table id='results$hostindex'  style='width:100%' class='udp_results'>
 <tr>
@@ -637,28 +637,28 @@ 
   </div>
 
 <?php
-              if ($naptr > 0) {
+                if ($naptr > 0) {
 ?>
   <div id="tabs-3">
 <button id="run_d_tests" onclick="run_dynamic()"><?php echo _("Repeat dynamic connectivity tests") ?></button>
 
 <?php
-                  echo "<div id='dynamic_tests'><fieldset class='option_container'>
+                    echo "<div id='dynamic_tests'><fieldset class='option_container'>
                 <legend><strong>" . _("DYNAMIC connectivity tests") . "</strong></legend>";
 
-                  $resultstoprint = [];
-                  if (count($testsuite->NAPTR_hostname_records)>0) {
-                      $resultstoprint[] = '<table style="align:right; display: none;" id="dynamic_result_fail">' .  UI_message(L_ERROR,_("Some errors were found during the tests, see below")) . '</table><table style="align:right; display: none;" id="dynamic_result_pass">' . UI_message(L_OK,_("All tests passed, congratulations!")) . '</table>';
-                      $resultstoprint[] = '<div style="align:right;"><a href="" class="moreall">' . _('Show detailed information for all tests') . '</a></div>' . '<p><strong>' . _("Checking server handshake...") . "</strong><p>";
-                      foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
+                    $resultstoprint = [];
+                    if (count($testsuite->NAPTR_hostname_records)>0) {
+                        $resultstoprint[] = '<table style="align:right; display: none;" id="dynamic_result_fail">' .  UI_message(L_ERROR,_("Some errors were found during the tests, see below")) . '</table><table style="align:right; display: none;" id="dynamic_result_pass">' . UI_message(L_OK,_("All tests passed, congratulations!")) . '</table>';
+                        $resultstoprint[] = '<div style="align:right;"><a href="" class="moreall">' . _('Show detailed information for all tests') . '</a></div>' . '<p><strong>' . _("Checking server handshake...") . "</strong><p>";
+                        foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
 /*                          if ($addr['family'] == "IPv6") {
                               $resultstoprint[] = '<strong>' . $addr['IP'] . ' TCP/' . $addr['port'] . "</strong><ul style='list-style-type: none;'><li>" . _('Due to OpenSSL limitations, it is not possible to check IPv6 addresses at this time.') . '</li></ul>';
                               continue;
                           }*/
-                          $bracketaddr = ($addr["family"] == "IPv6" ? "[" . $addr["IP"] . "]" : $addr["IP"]);
-                          $resultstoprint[] = '<p><strong>' . $bracketaddr . ' TCP/' . $addr['port'] . '</strong>';
-                          $resultstoprint[] = '<ul style="list-style-type: none;" class="caresult"><li>';
-                          $resultstoprint[] = "<table id='caresults$hostindex'  style='width:100%'>
+                            $bracketaddr = ($addr["family"] == "IPv6" ? "[" . $addr["IP"] . "]" : $addr["IP"]);
+                            $resultstoprint[] = '<p><strong>' . $bracketaddr . ' TCP/' . $addr['port'] . '</strong>';
+                            $resultstoprint[] = '<ul style="list-style-type: none;" class="caresult"><li>';
+                            $resultstoprint[] = "<table id='caresults$hostindex'  style='width:100%'>
 <tr>
 <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='srcca".$hostindex."_img'></td>
 <td id='srcca$hostindex'>
@@ -666,17 +666,17 @@ 
 </td>
 </tr>
 </table>";
-                          $resultstoprint[] = '</li></ul>';
-                     }    
-                     $clientstest = [];
-                     foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
-                          //$clientsres = $testsuite->TLS_client_side_tests();
+                            $resultstoprint[] = '</li></ul>';
+                        }    
+                        $clientstest = [];
+                        foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
+                            //$clientsres = $testsuite->TLS_client_side_tests();
 /*                          if ($addr['family'] == 'IPv6') {
                                   $clientstest[] = '<p><strong>' . $addr['IP'] . ' TCP/' . $addr['port'] . '</strong></p>' .  "<ul style='list-style-type: none;'><li>" . _('Due to OpenSSL limitations, it is not possible to check IPv6 addresses at this time.') . '</li></ul>';
                                   continue;
                           }*/
-                          $clientstest[] = '<p><strong>' . $addr['IP'] . ' TCP/' . $addr['port'] . '</strong></p><ol>';
-                          $clientstest[] = "<span id='clientresults$hostindex$clinx'><table style='width:100%'>
+                            $clientstest[] = '<p><strong>' . $addr['IP'] . ' TCP/' . $addr['port'] . '</strong></p><ol>';
+                            $clientstest[] = "<span id='clientresults$hostindex$clinx'><table style='width:100%'>
 <tr>
 <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='srcclient".$hostindex."_img'></td>
 <td id='srcclient$hostindex'>
@@ -684,29 +684,29 @@ 
 </td>
 </tr>
 </table></span>";
-                          $clientstest[] = '</ol>';
-                      }
-                      echo '<div style="align:right;">';
-                      echo join('',$resultstoprint);
-                      echo '<span id="clientstest" style="display: none;"><p><hr><b>' . _('Checking if certificates from  CAs are accepted...') . '</b><p>' .  _('A few client certificates will be tested to check if servers are resistant to some certificate problems.') . '<p>';
-                      print join('',$clientstest);
-                      echo '</span>';
-                      echo '</div>';
-                  }
-                  echo "</fieldset></div></div>";
-              }
-              // further checks TBD:
-              //     check if accepts certificates from all accredited CAs
-              //     check if doesn't accept revoked certificates
-              //     check if RADIUS request gets rejected timely
-              //     check if truncates/dies on Operator-Name
-              if ($check_thorough) {
-                  echo "<div id='tabs-4'><fieldset class='option_container'>
+                            $clientstest[] = '</ol>';
+                        }
+                        echo '<div style="align:right;">';
+                        echo join('',$resultstoprint);
+                        echo '<span id="clientstest" style="display: none;"><p><hr><b>' . _('Checking if certificates from  CAs are accepted...') . '</b><p>' .  _('A few client certificates will be tested to check if servers are resistant to some certificate problems.') . '<p>';
+                        print join('',$clientstest);
+                        echo '</span>';
+                        echo '</div>';
+                    }
+                    echo "</fieldset></div></div>";
+                }
+                // further checks TBD:
+                //     check if accepts certificates from all accredited CAs
+                //     check if doesn't accept revoked certificates
+                //     check if RADIUS request gets rejected timely
+                //     check if truncates/dies on Operator-Name
+                if ($check_thorough) {
+                    echo "<div id='tabs-4'><fieldset class='option_container'>
                 <legend><strong>" . _("Live login test") . "</strong></legend>";
-                  $prof_compl = $my_profile->getEapMethodsinOrderOfPreference(1);
-                  if (count($prof_compl) > 0) {
+                    $prof_compl = $my_profile->getEapMethodsinOrderOfPreference(1);
+                    if (count($prof_compl) > 0) {
 
-                      echo "<div id='disposable_credential_container'><p>" . _("If you enter an existing login credential here, you can test the actual authentication from various checkpoints all over the world.") . "</p>
+                        echo "<div id='disposable_credential_container'><p>" . _("If you enter an existing login credential here, you can test the actual authentication from various checkpoints all over the world.") . "</p>
                     <p>" . _("The test will use all EAP types you have set in your profile information to check whether the right CAs and server names are used, and of course whether the login with these credentials and the given EAP type actually worked. If you have set anonymous outer ID, the test will use that.") . "</p>
                     <p>" . _("Note: the tool purposefully does not offer you to save these credentials, and they will never be saved in any way on the server side. Please use only <strong>temporary test accounts</strong> here; permanently valid test accounts in the wild are considered harmful!") . "</p></div>
                     <form enctype='multipart/form-data' id='live_form' accept-charset='UTF-8'>
@@ -715,44 +715,44 @@ 
                     <input type='hidden' name='profile_id' value='".$my_profile->identifier."'>
                     <table id='live_tests'>";
 // if any password based EAP methods are available enable this section
-              if (in_array(EAP::$PEAP_MSCHAP2, $prof_compl) ||
+                if (in_array(EAP::$PEAP_MSCHAP2, $prof_compl) ||
                               in_array(EAP::$TTLS_MSCHAP2, $prof_compl) ||
                               in_array(EAP::$TTLS_GTC, $prof_compl) ||
                               in_array(EAP::$FAST_GTC, $prof_compl) ||
                               in_array(EAP::$PWD, $prof_compl) ||
                               in_array(EAP::$TTLS_PAP, $prof_compl)
-                      ) { 
-                          echo  "<tr><td colspan='2'><strong>" . _("Password-based EAP types") . "</strong></td></tr>
+                        ) { 
+                            echo  "<tr><td colspan='2'><strong>" . _("Password-based EAP types") . "</strong></td></tr>
                         <tr><td>" . _("Real (inner) username:") . "</td><td><input type='text' id='username' class='mandatory' name='username'/></td></tr>";
-                           echo "<tr><td>" . _("Anonymous outer ID (optional):") . "</td><td><input type='text' id='outer_username' name='outer_username'/></td></tr>";
-                          echo "<tr><td>" . _("Password:") . "</td><td><input type='text' id='password' class='mandatory' name='password'/></td></tr>";
-               }
-                      // ask for cert + privkey if TLS-based method is active
-                      if (in_array(EAP::$TLS, $prof_compl))
-                          echo "<tr><td colspan='2'><strong>" . _("Certificate-based EAP types") . "</strong></td></tr>
+                            echo "<tr><td>" . _("Anonymous outer ID (optional):") . "</td><td><input type='text' id='outer_username' name='outer_username'/></td></tr>";
+                            echo "<tr><td>" . _("Password:") . "</td><td><input type='text' id='password' class='mandatory' name='password'/></td></tr>";
+                }
+                        // ask for cert + privkey if TLS-based method is active
+                        if (in_array(EAP::$TLS, $prof_compl))
+                            echo "<tr><td colspan='2'><strong>" . _("Certificate-based EAP types") . "</strong></td></tr>
                         <tr><td>" . _("Certificate file (.p12 or .pfx):") . "</td><td><input type='file' id='cert' accept='application/x-pkcs12' name='cert'/></td></tr>
                         <tr><td>" . _("Certificate password, if any:") . "</td><td><input type='text' id='privkey' name='privkey_pass'/></td></tr>
                         <tr><td>" . _("Username, if different from certificate Subject:") . "</td><td><input type='text' id='tls_username' name='tls_username'/></td></tr>";
-                      echo "<tr><td colspan='2'><button id='submit_credentials'>" . _("Submit credentials") . "</button></td></tr></table></form>";
-                      echo "<div id='live_login_results' style='display:none'>";
-                      foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
+                        echo "<tr><td colspan='2'><button id='submit_credentials'>" . _("Submit credentials") . "</button></td></tr></table></form>";
+                        echo "<div id='live_login_results' style='display:none'>";
+                        foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
                         print "<hr>";
-                      printf(_("Testing from: %s"), "<strong>".Config::$RADIUSTESTS['UDP-hosts'][$hostindex]['display_name']."</strong>");
-                      print "<span style='position:relative'><img src='../resources/images/icons/loading51.gif' id='live_src".$hostindex."_img' style='width:24px; position: absolute; left: 20px; bottom: 0px; '></span>";
+                        printf(_("Testing from: %s"), "<strong>".Config::$RADIUSTESTS['UDP-hosts'][$hostindex]['display_name']."</strong>");
+                        print "<span style='position:relative'><img src='../resources/images/icons/loading51.gif' id='live_src".$hostindex."_img' style='width:24px; position: absolute; left: 20px; bottom: 0px; '></span>";
 print "<div id='eap_test$hostindex' class='eap_test_results'></div>";
 }
-                      echo "</div>";
+                        echo "</div>";
 
-                  } else {// no EAP methods fully defined
-                      echo "Live Login Checks require at least one fully configured EAP type.";
-                  }
-                  echo "</fieldset></div>";
-              }
+                    } else {// no EAP methods fully defined
+                        echo "Live Login Checks require at least one fully configured EAP type.";
+                    }
+                    echo "</fieldset></div>";
+                }
 echo "
 </div>
 ";
 }
-              ?>
+                ?>
     <form method='post' action='overview_idp.php?inst_id=<?php echo $my_inst->identifier; ?>' accept-charset='UTF-8'>
         <button type='submit' name='submitbutton' value='<?php echo BUTTON_CLOSE; ?>'><?php echo _("Return to dashboard"); ?></button>
     </form>
@@ -763,11 +763,11 @@ 
     run_udp();
 <?php
     if ($naptr > 0) 
-       echo "run_dynamic();";
+        echo "run_dynamic();";
     else
-       echo '$("#tabs-d-li").hide();';
+        echo '$("#tabs-d-li").hide();';
     if (!$check_thorough) 
-       echo '$("#tabs-through").hide();';
+        echo '$("#tabs-through").hide();';
 ?>
 </script>
     <?php footer() ?>

Spacing +41 added lines, -41 removed lines

@@ -20,7 +20,7 @@ 
 
 $cat = defaultPagePrelude(_("Sanity check for dynamic discovery of realms"));
 $check_thorough = FALSE;
-$error_message ='';
+$error_message = '';
 $my_inst = valid_IdP($_REQUEST['inst_id'], $_SESSION['user']);
 
 if (isset($_GET['profile_id']))
@@ -38,17 +38,17 @@ 
       $error_message = _("You asked for a realm check, but we don't know the realm for this profile!") . "</p>";
    }
 } else { // someone else's realm... only shallow checks
-   if(!empty($_REQUEST['realm'])) {
-      if($check_realm = valid_Realm($_REQUEST['realm'])) {
+   if (!empty($_REQUEST['realm'])) {
+      if ($check_realm = valid_Realm($_REQUEST['realm'])) {
          $_SESSION['check_realm'] = $check_realm;
       }
    } else {
-      if(!empty($_SESSION['check_realm']))
+      if (!empty($_SESSION['check_realm']))
          $check_realm = $_SESSION['check_realm'];
       else
          $check_realm = FALSE;
    }
-   if($check_realm)
+   if ($check_realm)
       $testsuite = new RADIUSTests($check_realm);
    else
       $error_message = _("No valid realm name given, cannot execute any checks!");
@@ -226,7 +226,7 @@ 
      }
  }
  cliinfo = cliinfo + '<li><table><tbody><tr><td class="icon_td"><img class="icon" src="' + icons[level] +'" style="width: 24px;"></td><td>' + state;
- cliinfo = cliinfo + ' <?php echo "(".sprintf(_("elapsed time: %sms."),"'+data.ca[key].certificate[c].time_millisec+'&nbsp;").")"; ?>' + add + '</td></tr>';
+ cliinfo = cliinfo + ' <?php echo "(" . sprintf(_("elapsed time: %sms."), "'+data.ca[key].certificate[c].time_millisec+'&nbsp;") . ")"; ?>' + add + '</td></tr>';
  cliinfo = cliinfo + '</tbody></table></ul></li>';
  if (data.ca[key].certificate[c].finalerror==1) {
      cliinfo = cliinfo + '<li>' + restskipped + '</li>';
@@ -316,7 +316,7 @@ 
    var v = data.result[0];
    $("#src"+data.hostindex+"_img").attr('src',icons[v.level]);
    if(v.server != 0 ) {
-      $("#src"+data.hostindex).html('<strong>'+v.server+'</strong><br/><?php printf(_("elapsed time: %sms."),"'+v.time_millisec+'&nbsp;") ?><p>'+v.message+'</p>');
+      $("#src"+data.hostindex).html('<strong>'+v.server+'</strong><br/><?php printf(_("elapsed time: %sms."), "'+v.time_millisec+'&nbsp;") ?><p>'+v.message+'</p>');
       var cert_data = "<tr class='server_cert'><td>&nbsp;</td><td colspan=2><div><dl class='server_cert_list'>";
       $.each(server_cert, function(l,s) {
          cert_data = cert_data + "<dt>" + s + "</dt><dd>"+ v.server_cert[l] + "</dd>";
@@ -339,7 +339,7 @@ 
       }
       $("#src"+data.hostindex).append(cert_data);
    } else {
-       $("#src"+data.hostindex).html('<br/><?php printf(_("elapsed time: %sms."),"'+v.time_millisec+'&nbsp;") ?><p>'+v.message+'</p>');
+       $("#src"+data.hostindex).html('<br/><?php printf(_("elapsed time: %sms."), "'+v.time_millisec+'&nbsp;") ?><p>'+v.message+'</p>');
    }
       global_level_udp = Math.max(global_level_udp,v.level);  
       $(".server_cert").show();
@@ -391,7 +391,7 @@ 
          });
       }
       o = o +  cert_data+'</table>';
-      $("#eap_test"+data.hostindex).append('<strong><img style="position: relative; top: 2px;" src="'+icons[v.level]+'"><span style="position: relative; top: -5px; left: 1em">'+v.eap+' &ndash; <?php printf(_("elapsed time: %sms."),"'+v.time_millisec+'&nbsp;") ?></span></strong><div class="more" style="padding-left: 40px"><div class="morecontent"><div style="display:none; background: #eee;">'+o+'</div><a href="" class="morelink">' + moretext + '</a></div></div>');
+      $("#eap_test"+data.hostindex).append('<strong><img style="position: relative; top: 2px;" src="'+icons[v.level]+'"><span style="position: relative; top: -5px; left: 1em">'+v.eap+' &ndash; <?php printf(_("elapsed time: %sms."), "'+v.time_millisec+'&nbsp;") ?></span></strong><div class="more" style="padding-left: 40px"><div class="morecontent"><div style="display:none; background: #eee;">'+o+'</div><a href="" class="morelink">' + moretext + '</a></div></div>');
    });
 }
 
@@ -402,8 +402,8 @@ 
 <?php
 foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
    print "
-$(\"#live_src".$hostindex."_img\").attr('src',icon_loading);
-$(\"#live_src".$hostindex."_img\").show();
+$(\"#live_src".$hostindex . "_img\").attr('src',icon_loading);
+$(\"#live_src".$hostindex . "_img\").show();
     $.ajax({
         url: 'radius_tests.php?src=0&hostindex=$hostindex&realm='+realm,
         type: 'POST',
@@ -434,15 +434,15 @@ 
 <?php
 foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
     if ($check_thorough)
-        $extraarg = "profile_id: ".$my_profile->identifier.", ";
+        $extraarg = "profile_id: " . $my_profile->identifier . ", ";
     else
         $extraarg = "";
     
    print "
-$(\"#src".$hostindex."_img\").attr('src',icon_loading);
+$(\"#src".$hostindex . "_img\").attr('src',icon_loading);
 $(\"#src$hostindex\").html('');
 running_ajax_stat++;
-$.get('radius_tests.php',{test_type: 'udp', $extraarg realm: realm, src: $hostindex, lang: '".CAT::get_lang()."', hostindex: '$hostindex'  }, udp, 'json');
+$.get('radius_tests.php',{test_type: 'udp', $extraarg realm: realm, src: $hostindex, lang: '" . CAT::get_lang() . "', hostindex: '$hostindex'  }, udp, 'json');
 
 ";
 }
@@ -461,8 +461,8 @@ 
 </script>
    <?php
     productheader("ADMIN", CAT::get_lang());
-    print "<h1>".sprintf(_("Realm testing for: %s"),$check_realm)."</h1>\n";
-    if($error_message) {
+    print "<h1>" . sprintf(_("Realm testing for: %s"), $check_realm) . "</h1>\n";
+    if ($error_message) {
         print "<p>$error_message</p>";
     } else {
 ?>
@@ -481,7 +481,7 @@ 
    </legend>
       <?php
       // NAPTR existence check
-      echo "<strong>"._("DNS chekcs")."</strong><div>";
+      echo "<strong>" . _("DNS chekcs") . "</strong><div>";
       $naptr = $testsuite->NAPTR();
       if ($naptr != RETVAL_NOTCONFIGURED) {
            echo "<table>";
@@ -551,10 +551,10 @@ 
 
             echo "</table><table>";
               if (count($testsuite->listerrors()) == 0) {
-                echo UI_message(L_OK,sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("with no DNS errors encountered. Congratulations!"));
+                echo UI_message(L_OK, sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("with no DNS errors encountered. Congratulations!"));
                 echo "</table>";
               } else {
-                echo UI_message(L_ERROR,sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("but there were DNS errors! Check them!") . " " . _("You should re-run the tests after fixing the errors; more errors might be uncovered at that point. The exact error causes are listed below."));
+                echo UI_message(L_ERROR, sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("but there were DNS errors! Check them!") . " " . _("You should re-run the tests after fixing the errors; more errors might be uncovered at that point. The exact error causes are listed below."));
                 echo "</table><div class='notacceptable'><table>";
                 foreach ($testsuite->listerrors() as $details)
                    echo "<tr><td>" . $details['TYPE'] . "</td><td>" . $details['TARGET'] . "</td></tr>";
@@ -581,9 +581,9 @@ 
    continue;*/
                       print "
                             running_ajax_dyn++;
-                            $.ajax({url:'radius_tests.php', data:{test_type: 'capath', realm: realm, src: '$host', lang: '".CAT::get_lang()."', hostindex: '$hostindex' }, error: eee, success: capath, dataType: 'json'}); 
+                            $.ajax({url:'radius_tests.php', data:{test_type: 'capath', realm: realm, src: '$host', lang: '" . CAT::get_lang() . "', hostindex: '$hostindex' }, error: eee, success: capath, dataType: 'json'}); 
                             running_ajax_dyn++;
-                            $.ajax({url:'radius_tests.php', data:{test_type: 'clients', realm: realm, src: '$host', lang: '".CAT::get_lang()."', hostindex: '$hostindex' }, error: eee, success: clients, dataType: 'json'}); 
+                            $.ajax({url:'radius_tests.php', data:{test_type: 'clients', realm: realm, src: '$host', lang: '" . CAT::get_lang() . "', hostindex: '$hostindex' }, error: eee, success: clients, dataType: 'json'}); 
                        ";
                    }
               echo "}
@@ -592,12 +592,12 @@ 
          } else {
           echo "<tr><td>" . _("Dynamic discovery test is not configured") . "</td><td>";
          }
-         echo "<strong>"._("Static connectivity tests")."</strong>
+         echo "<strong>" . _("Static connectivity tests") . "</strong>
          <table><tr>
          <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_static_ico' class='icon'></td><td id='main_static_result' style='display:none'>&nbsp;</td>
          </tr></table>";
-         if($naptr > 0) {
-             echo "<hr><strong>"._("Dynamic connectivity tests")."</strong>
+         if ($naptr > 0) {
+             echo "<hr><strong>" . _("Dynamic connectivity tests") . "</strong>
          <table><tr>
          <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_dynamic_ico' class='icon'></td><td id='main_dynamic_result' style='display:none'>&nbsp;</td>
          </tr></table>";
@@ -611,19 +611,19 @@ 
      <button id="run_s_tests" onclick="run_udp()"><?php echo _("Repeat static connectivity tests") ?></button>
      <p>
      <fieldset class="option_container" id="static_tests">
-     <legend><strong> <?php echo _("STATIC connectivity tests");?> </strong> </legend>
+     <legend><strong> <?php echo _("STATIC connectivity tests"); ?> </strong> </legend>
 <?php
      echo sprintf(_("This check sends a request for the realm through various entry points of the %s infrastructure. The request will contain the 'Operator-Name' attribute, and will be larger than 1500 Bytes to catch two common configuration problems.<br/>Since we don't have actual credentials for the realm, we can't authenticate successfully - so the expected outcome is to get an Access-Reject after having gone through an EAP conversation."), Config::$CONSORTIUM['name']);
 print "<p>";
 
 foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
   print "<hr>";
-printf(_("Testing from: %s"), "<strong>".Config::$RADIUSTESTS['UDP-hosts'][$hostindex]['display_name']."</strong>");
+printf(_("Testing from: %s"), "<strong>" . Config::$RADIUSTESTS['UDP-hosts'][$hostindex]['display_name'] . "</strong>");
 print "<table id='results$hostindex'  style='width:100%' class='udp_results'>
 <tr>
-<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='src".$hostindex."_img'></td>
+<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='src" . $hostindex . "_img'></td>
 <td id='src$hostindex' colspan=2>
-"._("testing...")."
+" . _("testing...") . "
 </td>
 </tr>" .
 //server_cert('udp-'.$hostindex) .
@@ -647,8 +647,8 @@ 
                 <legend><strong>" . _("DYNAMIC connectivity tests") . "</strong></legend>";
 
                   $resultstoprint = [];
-                  if (count($testsuite->NAPTR_hostname_records)>0) {
-                      $resultstoprint[] = '<table style="align:right; display: none;" id="dynamic_result_fail">' .  UI_message(L_ERROR,_("Some errors were found during the tests, see below")) . '</table><table style="align:right; display: none;" id="dynamic_result_pass">' . UI_message(L_OK,_("All tests passed, congratulations!")) . '</table>';
+                  if (count($testsuite->NAPTR_hostname_records) > 0) {
+                      $resultstoprint[] = '<table style="align:right; display: none;" id="dynamic_result_fail">' . UI_message(L_ERROR, _("Some errors were found during the tests, see below")) . '</table><table style="align:right; display: none;" id="dynamic_result_pass">' . UI_message(L_OK, _("All tests passed, congratulations!")) . '</table>';
                       $resultstoprint[] = '<div style="align:right;"><a href="" class="moreall">' . _('Show detailed information for all tests') . '</a></div>' . '<p><strong>' . _("Checking server handshake...") . "</strong><p>";
                       foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
 /*                          if ($addr['family'] == "IPv6") {
@@ -660,9 +660,9 @@ 
                           $resultstoprint[] = '<ul style="list-style-type: none;" class="caresult"><li>';
                           $resultstoprint[] = "<table id='caresults$hostindex'  style='width:100%'>
 <tr>
-<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='srcca".$hostindex."_img'></td>
+<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='srcca" . $hostindex . "_img'></td>
 <td id='srcca$hostindex'>
-"._("testing...")."
+" . _("testing...") . "
 </td>
 </tr>
 </table>";
@@ -678,18 +678,18 @@ 
                           $clientstest[] = '<p><strong>' . $addr['IP'] . ' TCP/' . $addr['port'] . '</strong></p><ol>';
                           $clientstest[] = "<span id='clientresults$hostindex$clinx'><table style='width:100%'>
 <tr>
-<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='srcclient".$hostindex."_img'></td>
+<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='srcclient" . $hostindex . "_img'></td>
 <td id='srcclient$hostindex'>
-"._("testing...")."
+" . _("testing...") . "
 </td>
 </tr>
 </table></span>";
                           $clientstest[] = '</ol>';
                       }
                       echo '<div style="align:right;">';
-                      echo join('',$resultstoprint);
-                      echo '<span id="clientstest" style="display: none;"><p><hr><b>' . _('Checking if certificates from  CAs are accepted...') . '</b><p>' .  _('A few client certificates will be tested to check if servers are resistant to some certificate problems.') . '<p>';
-                      print join('',$clientstest);
+                      echo join('', $resultstoprint);
+                      echo '<span id="clientstest" style="display: none;"><p><hr><b>' . _('Checking if certificates from  CAs are accepted...') . '</b><p>' . _('A few client certificates will be tested to check if servers are resistant to some certificate problems.') . '<p>';
+                      print join('', $clientstest);
                       echo '</span>';
                       echo '</div>';
                   }
@@ -711,8 +711,8 @@ 
                     <p>" . _("Note: the tool purposefully does not offer you to save these credentials, and they will never be saved in any way on the server side. Please use only <strong>temporary test accounts</strong> here; permanently valid test accounts in the wild are considered harmful!") . "</p></div>
                     <form enctype='multipart/form-data' id='live_form' accept-charset='UTF-8'>
                     <input type='hidden' name='test_type' value='udp_login'>
-                    <input type='hidden' name='lang' value='".CAT::get_lang()."'>
-                    <input type='hidden' name='profile_id' value='".$my_profile->identifier."'>
+                    <input type='hidden' name='lang' value='".CAT::get_lang() . "'>
+                    <input type='hidden' name='profile_id' value='".$my_profile->identifier . "'>
                     <table id='live_tests'>";
 // if any password based EAP methods are available enable this section
               if (in_array(EAP::$PEAP_MSCHAP2, $prof_compl) ||
@@ -737,8 +737,8 @@ 
                       echo "<div id='live_login_results' style='display:none'>";
                       foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
                         print "<hr>";
-                      printf(_("Testing from: %s"), "<strong>".Config::$RADIUSTESTS['UDP-hosts'][$hostindex]['display_name']."</strong>");
-                      print "<span style='position:relative'><img src='../resources/images/icons/loading51.gif' id='live_src".$hostindex."_img' style='width:24px; position: absolute; left: 20px; bottom: 0px; '></span>";
+                      printf(_("Testing from: %s"), "<strong>" . Config::$RADIUSTESTS['UDP-hosts'][$hostindex]['display_name'] . "</strong>");
+                      print "<span style='position:relative'><img src='../resources/images/icons/loading51.gif' id='live_src" . $hostindex . "_img' style='width:24px; position: absolute; left: 20px; bottom: 0px; '></span>";
 print "<div id='eap_test$hostindex' class='eap_test_results'></div>";
 }
                       echo "</div>";

Braces +40 added lines, -28 removed lines

@@ -23,10 +23,11 @@ 
 $error_message ='';
 $my_inst = valid_IdP($_REQUEST['inst_id'], $_SESSION['user']);
 
-if (isset($_GET['profile_id']))
+if (isset($_GET['profile_id'])) {
     $my_profile = valid_Profile($_GET['profile_id'], $my_inst->identifier);
-else
+} else {
     $my_profile = NULL;
+}
 if ($my_profile != NULL) {
    $cr = $my_profile->getAttributes("internal:realm");
    if ($cr) {
@@ -43,16 +44,18 @@ 
          $_SESSION['check_realm'] = $check_realm;
       }
    } else {
-      if(!empty($_SESSION['check_realm']))
-         $check_realm = $_SESSION['check_realm'];
-      else
-         $check_realm = FALSE;
+      if(!empty($_SESSION['check_realm'])) {
+               $check_realm = $_SESSION['check_realm'];
+      } else {
+               $check_realm = FALSE;
+      }
+   }
+   if($check_realm) {
+         $testsuite = new RADIUSTests($check_realm);
+   } else {
+         $error_message = _("No valid realm name given, cannot execute any checks!");
+   }
    }
-   if($check_realm)
-      $testsuite = new RADIUSTests($check_realm);
-   else
-      $error_message = _("No valid realm name given, cannot execute any checks!");
-}
 
 $translate = _("STATIC");
 $translate = _("DYNAMIC");
@@ -433,10 +436,11 @@ 
    $(".server_cert").hide();
 <?php
 foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
-    if ($check_thorough)
-        $extraarg = "profile_id: ".$my_profile->identifier.", ";
-    else
-        $extraarg = "";
+    if ($check_thorough) {
+            $extraarg = "profile_id: ".$my_profile->identifier.", ";
+    } else {
+            $extraarg = "";
+    }
     
    print "
 $(\"#src".$hostindex."_img\").attr('src',icon_loading);
@@ -556,8 +560,9 @@ 
               } else {
                 echo UI_message(L_ERROR,sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("but there were DNS errors! Check them!") . " " . _("You should re-run the tests after fixing the errors; more errors might be uncovered at that point. The exact error causes are listed below."));
                 echo "</table><div class='notacceptable'><table>";
-                foreach ($testsuite->listerrors() as $details)
-                   echo "<tr><td>" . $details['TYPE'] . "</td><td>" . $details['TARGET'] . "</td></tr>";
+                foreach ($testsuite->listerrors() as $details) {
+                                   echo "<tr><td>" . $details['TYPE'] . "</td><td>" . $details['TARGET'] . "</td></tr>";
+                }
                 echo "</table></div>";
               }
               echo '</div>';
@@ -573,9 +578,13 @@ 
               ';
                   foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
                       $host = '';
-                      if ($addr['family'] == "IPv6") $host .= '[';
+                      if ($addr['family'] == "IPv6") {
+                          $host .= '[';
+                      }
                       $host .= $addr['IP'];
-                      if ($addr['family'] == "IPv6") $host .= ']';
+                      if ($addr['family'] == "IPv6") {
+                          $host .= ']';
+                      }
                       $host .= ':' . $addr['port'];
 /*if($addr['family'] == "IPv6")
    continue;*/
@@ -728,11 +737,12 @@ 
                           echo "<tr><td>" . _("Password:") . "</td><td><input type='text' id='password' class='mandatory' name='password'/></td></tr>";
                }
                       // ask for cert + privkey if TLS-based method is active
-                      if (in_array(EAP::$TLS, $prof_compl))
-                          echo "<tr><td colspan='2'><strong>" . _("Certificate-based EAP types") . "</strong></td></tr>
+                      if (in_array(EAP::$TLS, $prof_compl)) {
+                                                echo "<tr><td colspan='2'><strong>" . _("Certificate-based EAP types") . "</strong></td></tr>
                         <tr><td>" . _("Certificate file (.p12 or .pfx):") . "</td><td><input type='file' id='cert' accept='application/x-pkcs12' name='cert'/></td></tr>
                         <tr><td>" . _("Certificate password, if any:") . "</td><td><input type='text' id='privkey' name='privkey_pass'/></td></tr>
                         <tr><td>" . _("Username, if different from certificate Subject:") . "</td><td><input type='text' id='tls_username' name='tls_username'/></td></tr>";
+                      }
                       echo "<tr><td colspan='2'><button id='submit_credentials'>" . _("Submit credentials") . "</button></td></tr></table></form>";
                       echo "<div id='live_login_results' style='display:none'>";
                       foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
@@ -762,13 +772,15 @@ 
     var realm = '<?php echo $check_realm; ?>';
     run_udp();
 <?php
-    if ($naptr > 0) 
-       echo "run_dynamic();";
-    else
-       echo '$("#tabs-d-li").hide();';
-    if (!$check_thorough) 
-       echo '$("#tabs-through").hide();';
-?>
+    if ($naptr > 0) {
+           echo "run_dynamic();";
+    } else {
+           echo '$("#tabs-d-li").hide();';
+    }
+    if (!$check_thorough) {
+           echo '$("#tabs-through").hide();';
+    }
+    ?>
 </script>
     <?php footer() ?>
 

web/admin/action_fedcheck.php

Spacing +20 added lines, -20 removed lines

@@ -18,7 +18,7 @@ 
 require_once("../resources/inc/header.php");
 require_once("../resources/inc/footer.php");
 
-function profilechecks(IdP $idpinfo,Profile $profile) {
+function profilechecks(IdP $idpinfo, Profile $profile) {
 
     $tabletext = "<tr><td>" . $idpinfo->name . "</td><td>" . $profile->name . "</td>";
     
@@ -30,12 +30,12 @@ 
         // update database with the findings
         
         DBConnection::exec("INST", "UPDATE profile SET "
-                . "status_dns = ".RETVAL_SKIPPED.", "
-                . "status_cert = ".RETVAL_SKIPPED.", "
-                . "status_reachability = ". RETVAL_SKIPPED.", "
-                . "status_TLS = ".RETVAL_SKIPPED.", "
+                . "status_dns = " . RETVAL_SKIPPED . ", "
+                . "status_cert = " . RETVAL_SKIPPED . ", "
+                . "status_reachability = " . RETVAL_SKIPPED . ", "
+                . "status_TLS = " . RETVAL_SKIPPED . ", "
                 . "last_status_check = NOW() "
-                . "WHERE profile_id = ".$profile->identifier);
+                . "WHERE profile_id = " . $profile->identifier);
         
         return $tabletext;
     }
@@ -82,9 +82,9 @@ 
     }
 
     if ($NAPTR_issues) {
-        $tabletext .= UI_error(0,0,true);
+        $tabletext .= UI_error(0, 0, true);
     } else {
-        $tabletext .= UI_okay(0,0,true);
+        $tabletext .= UI_okay(0, 0, true);
     }
     
     $UDP_errors = false;
@@ -106,13 +106,13 @@ 
     }
     
     $tabletext .= "</td><td>";
-    $tabletext .= UI_message($cert_biggest_oddity,0,0,true);
+    $tabletext .= UI_message($cert_biggest_oddity, 0, 0, true);
         
     $tabletext .= "</td><td>";
     if (!$UDP_errors) {
-        $tabletext .= UI_okay(0,0,true);
+        $tabletext .= UI_okay(0, 0, true);
     } else {
-        $tabletext .= UI_error(0,0,true);
+        $tabletext .= UI_error(0, 0, true);
     }
     
     $tabletext .= "</td><td>";
@@ -127,19 +127,19 @@ 
         }
     }
     if (!$dynamic_errors) {
-        $tabletext .= UI_okay(0,0,true);
+        $tabletext .= UI_okay(0, 0, true);
     } else {
-        $tabletext .= UI_error(0,0,true);
+        $tabletext .= UI_error(0, 0, true);
     }
     $tabletext .= "</td></tr>";
 
     DBConnection::exec("INST", "UPDATE profile SET "
-                . "status_dns = ".($NAPTR_issues ? RETVAL_INVALID : RETVAL_OK) . ", "
-                . "status_cert = ".($cert_biggest_oddity) . ", "
-                . "status_reachability = ".($UDP_errors ? RETVAL_INVALID : RETVAL_OK) . ", "
-                . "status_TLS = ".($dynamic_errors ? RETVAL_INVALID : RETVAL_OK) . ", "
+                . "status_dns = " . ($NAPTR_issues ? RETVAL_INVALID : RETVAL_OK) . ", "
+                . "status_cert = " . ($cert_biggest_oddity) . ", "
+                . "status_reachability = " . ($UDP_errors ? RETVAL_INVALID : RETVAL_OK) . ", "
+                . "status_TLS = " . ($dynamic_errors ? RETVAL_INVALID : RETVAL_OK) . ", "
                 . "last_status_check = NOW() "
-                . "WHERE profile_id = ".$profile->identifier);    
+                . "WHERE profile_id = " . $profile->identifier);    
         
     return $tabletext;
 }
@@ -177,7 +177,7 @@ 
     echo "<h2>" . _("Profiles marked as visible (V)") . "</h2>" . "<table>";
     echo rowdescription();
     foreach ($profiles_showtime as $oneprofile)
-        echo profilechecks($oneprofile['idp'],$oneprofile['profile']);
+        echo profilechecks($oneprofile['idp'], $oneprofile['profile']);
     echo "</table>";
 }
 
@@ -185,7 +185,7 @@ 
     echo "<h2>" . _("Profiles with sufficient configuration, not marked as visible (C)") . "</h2>" . "<table>";
     echo rowdescription();
     foreach ($profiles_confready as $oneprofile)
-        echo profilechecks($oneprofile['idp'],$oneprofile['profile']);
+        echo profilechecks($oneprofile['idp'], $oneprofile['profile']);
     echo "</table>";
 }
 ?>

Braces +32 added lines, -21 removed lines

@@ -44,10 +44,11 @@ 
     // NAPTR existence check
     $tabletext .= "<td>";
     $naptr = $testsuite->NAPTR();
-    if ($naptr != RETVAL_NOTCONFIGURED)
-        switch ($naptr) {
+    if ($naptr != RETVAL_NOTCONFIGURED) {
+            switch ($naptr) {
             case RETVAL_NONAPTR:
                 $tabletext .= _("No NAPTR records");
+    }
                 break;
             case RETVAL_ONLYUNRELATEDNAPTR:
                 $tabletext .= sprintf(_("No associated NAPTR records"));
@@ -62,23 +63,26 @@ 
 
     if ($naptr > 0) {
         $naptr_valid = $testsuite->NAPTR_compliance();
-        if ($naptr_valid == RETVAL_INVALID)
-            $NAPTR_issues = true;
+        if ($naptr_valid == RETVAL_INVALID) {
+                    $NAPTR_issues = true;
+        }
     }
 
     // SRV resolution
 
     if ($naptr > 0 && $naptr_valid == RETVAL_OK) {
         $srv = $testsuite->NAPTR_SRV();
-        if ($srv == RETVAL_INVALID)
-            $NAPTR_issues = true;
+        if ($srv == RETVAL_INVALID) {
+                    $NAPTR_issues = true;
+        }
     }
 
     // IP addresses for the hosts
     if ($naptr > 0 && $naptr_valid == RETVAL_OK && $srv > 0) {
         $hosts = $testsuite->NAPTR_hostnames();
-        if ($hosts == RETVAL_INVALID)
-            $NAPTR_issues = true;
+        if ($hosts == RETVAL_INVALID) {
+                    $NAPTR_issues = true;
+        }
     }
 
     if ($NAPTR_issues) {
@@ -94,14 +98,17 @@ 
         $testsuite->UDP_reachability($hostindex, true, true);
         $results = $testsuite->UDP_reachability_result[$hostindex];
         //echo "<pre>".print_r($results,true)."</pre>";
-        if ($results['packetflow_sane'] != TRUE)
-            $UDP_errors = true;
-        if (empty($results['packetflow'][11]))
-            $UDP_errors = true;
+        if ($results['packetflow_sane'] != TRUE) {
+                    $UDP_errors = true;
+        }
+        if (empty($results['packetflow'][11])) {
+                    $UDP_errors = true;
+        }
         if (count($results['cert_oddities']) > 0) {
-            foreach ($results['cert_oddities'] as $oddity)
-                if ($oddity['level'] > $cert_biggest_oddity)
+            foreach ($results['cert_oddities'] as $oddity) {
+                            if ($oddity['level'] > $cert_biggest_oddity)
                     $cert_biggest_oddity = $oddity['level'];
+            }
         }
     }
     
@@ -122,8 +129,9 @@ 
     if ($naptr > 0 && count($testsuite->NAPTR_hostname_records) > 0) {
         foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
             $retval = $testsuite->TLS_clients_side_check($addr);
-            if ($retval != RETVAL_OK && $retval != RETVAL_SKIPPED)
-                $dynamic_errors = true;
+            if ($retval != RETVAL_OK && $retval != RETVAL_SKIPPED) {
+                            $dynamic_errors = true;
+            }
         }
     }
     if (!$dynamic_errors) {
@@ -165,10 +173,11 @@ 
 $profiles_showtime = [];
 $profiles_readyconf = [];
 
-foreach ($allIDPs as $index => $oneidp)
+foreach ($allIDPs as $index => $oneidp) {
     foreach ($oneidp['instance']->listProfiles() as $profile)
         if ($profile->getShowtime()) {
             $profiles_showtime[] = ['idp' => $oneidp['instance'], 'profile' => $profile];
+}
         } else if ($profile->readyForShowtime()) {
             $profiles_confready[] = ['idp' => $oneidp['instance'], 'profile' => $profile];
         }
@@ -176,16 +185,18 @@ 
 if (count($profiles_showtime) > 0) {
     echo "<h2>" . _("Profiles marked as visible (V)") . "</h2>" . "<table>";
     echo rowdescription();
-    foreach ($profiles_showtime as $oneprofile)
-        echo profilechecks($oneprofile['idp'],$oneprofile['profile']);
+    foreach ($profiles_showtime as $oneprofile) {
+            echo profilechecks($oneprofile['idp'],$oneprofile['profile']);
+    }
     echo "</table>";
 }
 
 if (count($profiles_confready) > 0) {
     echo "<h2>" . _("Profiles with sufficient configuration, not marked as visible (C)") . "</h2>" . "<table>";
     echo rowdescription();
-    foreach ($profiles_confready as $oneprofile)
-        echo profilechecks($oneprofile['idp'],$oneprofile['profile']);
+    foreach ($profiles_confready as $oneprofile) {
+            echo profilechecks($oneprofile['idp'],$oneprofile['profile']);
+    }
     echo "</table>";
 }
 ?>

web/admin/edit_idp_result.php

Spacing +1 added lines, -1 removed lines

@@ -89,7 +89,7 @@
 
 if (isset(Config::$CONSORTIUM['ssid']) && count(Config::$CONSORTIUM['ssid']) > 0)
     foreach (Config::$CONSORTIUM['ssid'] as $ssidname)
-        $ssids[] = $ssidname . " " . (isset(Config::$CONSORTIUM['tkipsupport']) && Config::$CONSORTIUM['tkipsupport'] === TRUE ? _("(WPA2/AES and WPA/TKIP)") : _("(WPA2/AES)") );
+        $ssids[] = $ssidname . " " . (isset(Config::$CONSORTIUM['tkipsupport']) && Config::$CONSORTIUM['tkipsupport'] === TRUE ? _("(WPA2/AES and WPA/TKIP)") : _("(WPA2/AES)"));
 
 $custom_ssids_wpa2 = $my_inst->getAttributes("media:SSID");
 $custom_ssids_wpa = $my_inst->getAttributes("media:SSID_with_legacy");

Braces +11 added lines, -6 removed lines

@@ -74,8 +74,9 @@ 
 $my_inst->commitFlushAttributes($killlist);
 // delete cached logo, if present
 $logofile = dirname(dirname(__FILE__)) . "/downloads/logos/" . $my_inst->identifier . ".png";
-if (is_file($logofile))
+if (is_file($logofile)) {
     unlink($logofile);
+}
 
 CAT::writeAudit($_SESSION['user'], "MOD", "IdP " . $my_inst->identifier . " - attributes changed");
 
@@ -87,27 +88,31 @@ 
 
 $ssids = [];
 
-if (isset(Config::$CONSORTIUM['ssid']) && count(Config::$CONSORTIUM['ssid']) > 0)
+if (isset(Config::$CONSORTIUM['ssid']) && count(Config::$CONSORTIUM['ssid']) > 0) {
     foreach (Config::$CONSORTIUM['ssid'] as $ssidname)
         $ssids[] = $ssidname . " " . (isset(Config::$CONSORTIUM['tkipsupport']) && Config::$CONSORTIUM['tkipsupport'] === TRUE ? _("(WPA2/AES and WPA/TKIP)") : _("(WPA2/AES)") );
+}
 
 $custom_ssids_wpa2 = $my_inst->getAttributes("media:SSID");
 $custom_ssids_wpa = $my_inst->getAttributes("media:SSID_with_legacy");
 $wired_support = $my_inst->getAttributes("media:wired");
 
-if (count($custom_ssids_wpa) > 0)
+if (count($custom_ssids_wpa) > 0) {
     foreach ($custom_ssids_wpa as $ssidname)
         $ssids[] = $ssidname['value'] . " " . _("(WPA2/AES and WPA/TKIP)");
+}
 
-if (count($custom_ssids_wpa2) > 0)
+if (count($custom_ssids_wpa2) > 0) {
     foreach ($custom_ssids_wpa2 as $ssidname)
         $ssids[] = $ssidname['value'] . " " . _("(WPA2/AES)");
+}
 
 echo "<table>";
 if (count($ssids) > 0) {
     $printedlist = "";
-    foreach ($ssids as $names)
-        $printedlist = $printedlist . "$names ";
+    foreach ($ssids as $names) {
+            $printedlist = $printedlist . "$names ";
+    }
     echo UI_okay(sprintf(_("Your installers will configure the following SSIDs: <strong>%s</strong>"), $printedlist), _("SSIDs configured"));
 };
 if (count($wired_support) > 0) {