GEANT /
CAT
@@ -8,7 +8,7 @@ |
||
| 8 | 8 | /** |
| 9 | 9 | * |
| 10 | 10 | */ |
| 11 | - $root = dirname(dirname(__FILE__)); |
|
| 12 | - include($root."/config/config.php"); |
|
| 13 | - set_include_path(get_include_path() . PATH_SEPARATOR . "$root/core" . PATH_SEPARATOR . "$root"); |
|
| 11 | + $root = dirname(dirname(__FILE__)); |
|
| 12 | + include($root."/config/config.php"); |
|
| 13 | + set_include_path(get_include_path() . PATH_SEPARATOR . "$root/core" . PATH_SEPARATOR . "$root"); |
|
| 14 | 14 | ?> |
@@ -141,13 +141,13 @@ discard block |
||
| 141 | 141 | ]; |
| 142 | 142 | |
| 143 | 143 | /** |
| 144 | - * Configuration for GeoIP2 |
|
| 145 | - * Beware, the legacy version does not really work with IPv6 addresses |
|
| 146 | - * version: set to 2 if you wish to use GeoIP2, to 1 for the legacy version or set to 0 to turn off geolocation service |
|
| 147 | - * geoip2-path-to-autoloader: points to the GeoIP2 autoloader |
|
| 148 | - * geoip2-path-to-db: points to the GeoIP2 city database |
|
| 149 | - * @var array |
|
| 150 | - */ |
|
| 144 | + * Configuration for GeoIP2 |
|
| 145 | + * Beware, the legacy version does not really work with IPv6 addresses |
|
| 146 | + * version: set to 2 if you wish to use GeoIP2, to 1 for the legacy version or set to 0 to turn off geolocation service |
|
| 147 | + * geoip2-path-to-autoloader: points to the GeoIP2 autoloader |
|
| 148 | + * geoip2-path-to-db: points to the GeoIP2 city database |
|
| 149 | + * @var array |
|
| 150 | + */ |
|
| 151 | 151 | |
| 152 | 152 | public static $GEOIP = [ |
| 153 | 153 | 'version' => 0, |
@@ -174,21 +174,21 @@ discard block |
||
| 174 | 174 | * @var array |
| 175 | 175 | */ |
| 176 | 176 | public static $LANGUAGES = [ |
| 177 | - 'ca' => ['display' => 'Català', 'locale' => 'ca_ES.utf8'], |
|
| 178 | - 'de' => ['display' => 'Deutsch', 'locale' => 'de_DE.utf8'], |
|
| 179 | - 'en' => ['display' => 'English(GB)', 'locale' => 'en_GB.utf8'], |
|
| 180 | - 'es' => ['display' => 'Español', 'locale' => 'es_ES.utf8'], |
|
| 181 | - 'gl' => ['display' => 'Galego', 'locale' => 'gl_ES.utf8'], |
|
| 182 | - 'hr' => ['display' => 'Hrvatski', 'locale' => 'hr_HR.utf8'], |
|
| 183 | - 'it' => ['display' => 'Italiano', 'locale' => 'it_IT.utf8'], |
|
| 184 | - 'nb' => ['display' => 'Norsk', 'locale' => 'nb_NO.utf8'], |
|
| 185 | - 'pl' => ['display' => 'Polski', 'locale' => 'pl_PL.utf8'], |
|
| 186 | - 'sl' => ['display' => 'Slovenščina', 'locale' => 'sl_SI.utf8'], |
|
| 187 | - 'sr' => ['display' => 'Srpski', 'locale' => 'sr_RS@latin'], |
|
| 188 | - 'fi' => ['display' => 'Suomi', 'locale' => 'fi_FI.utf8'], |
|
| 189 | - 'el' => ['display' => 'Ελληνικά', 'locale' => 'el_GR.utf8'], |
|
| 190 | - 'hu' => ['display' => 'Magyar', 'locale' => 'hu_HU.utf8'], |
|
| 191 | - 'pt' => ['display' => 'Português', 'locale' => 'pt_PT.utf8'], |
|
| 177 | + 'ca' => ['display' => 'Català', 'locale' => 'ca_ES.utf8'], |
|
| 178 | + 'de' => ['display' => 'Deutsch', 'locale' => 'de_DE.utf8'], |
|
| 179 | + 'en' => ['display' => 'English(GB)', 'locale' => 'en_GB.utf8'], |
|
| 180 | + 'es' => ['display' => 'Español', 'locale' => 'es_ES.utf8'], |
|
| 181 | + 'gl' => ['display' => 'Galego', 'locale' => 'gl_ES.utf8'], |
|
| 182 | + 'hr' => ['display' => 'Hrvatski', 'locale' => 'hr_HR.utf8'], |
|
| 183 | + 'it' => ['display' => 'Italiano', 'locale' => 'it_IT.utf8'], |
|
| 184 | + 'nb' => ['display' => 'Norsk', 'locale' => 'nb_NO.utf8'], |
|
| 185 | + 'pl' => ['display' => 'Polski', 'locale' => 'pl_PL.utf8'], |
|
| 186 | + 'sl' => ['display' => 'Slovenščina', 'locale' => 'sl_SI.utf8'], |
|
| 187 | + 'sr' => ['display' => 'Srpski', 'locale' => 'sr_RS@latin'], |
|
| 188 | + 'fi' => ['display' => 'Suomi', 'locale' => 'fi_FI.utf8'], |
|
| 189 | + 'el' => ['display' => 'Ελληνικά', 'locale' => 'el_GR.utf8'], |
|
| 190 | + 'hu' => ['display' => 'Magyar', 'locale' => 'hu_HU.utf8'], |
|
| 191 | + 'pt' => ['display' => 'Português', 'locale' => 'pt_PT.utf8'], |
|
| 192 | 192 | |
| 193 | 193 | // For the following languages, partial translations exist in Transifex, but |
| 194 | 194 | // they are not complete enough for display. Their Transifex content is not |
@@ -237,45 +237,45 @@ discard block |
||
| 237 | 237 | ], |
| 238 | 238 | |
| 239 | 239 | 'TLS-clientcerts' => [ |
| 240 | - 'CA1' => [ |
|
| 240 | + 'CA1' => [ |
|
| 241 | 241 | 'status' => 'ACCREDITED', |
| 242 | 242 | 'issuerCA' => '/DC=org/DC=pki1/CN=PKI 1', |
| 243 | 243 | 'certificates' => [ |
| 244 | - [ |
|
| 244 | + [ |
|
| 245 | 245 | 'status' => 'CORRECT', |
| 246 | 246 | 'public' => 'ca1-client-cert.pem', |
| 247 | 247 | 'private' => 'ca1-client-key.pem', |
| 248 | 248 | 'expected' => 'PASS'], |
| 249 | - [ |
|
| 249 | + [ |
|
| 250 | 250 | 'status' => 'WRONGPOLICY', |
| 251 | 251 | 'public' => 'ca1-nopolicy-cert.pem', |
| 252 | 252 | 'private' => 'ca1-nopolicy-key.key', |
| 253 | 253 | 'expected' => 'FAIL'], |
| 254 | - [ |
|
| 254 | + [ |
|
| 255 | 255 | 'status' => 'EXPIRED', |
| 256 | 256 | 'public' => 'ca1-exp.pem', |
| 257 | 257 | 'private' => 'ca1-exp.key', |
| 258 | 258 | 'expected' => 'FAIL'], |
| 259 | - [ |
|
| 259 | + [ |
|
| 260 | 260 | 'status' => 'REVOKED', |
| 261 | 261 | 'public' => 'ca1-revoked.pem', |
| 262 | 262 | 'private' => 'ca1-revoked.key', |
| 263 | 263 | 'expected' => 'FAIL'], |
| 264 | 264 | ] |
| 265 | - ], |
|
| 266 | - 'CA-N' => [ |
|
| 265 | + ], |
|
| 266 | + 'CA-N' => [ |
|
| 267 | 267 | 'status' => 'NONACCREDITED', |
| 268 | 268 | 'issuerCA' => '/DC=org/DC=pkiN/CN=PKI N', |
| 269 | 269 | 'certificates' => [ |
| 270 | - [ |
|
| 270 | + [ |
|
| 271 | 271 | 'status' => 'CORRECT', |
| 272 | 272 | 'public' => 'caN-client-cert.pem', |
| 273 | 273 | 'private' => 'caN-client-cert.key', |
| 274 | 274 | 'expected' => 'FAIL'], |
| 275 | - ] |
|
| 276 | - ] |
|
| 277 | - ], |
|
| 278 | - 'accreditedCAsURL' => '', |
|
| 275 | + ] |
|
| 276 | + ] |
|
| 277 | + ], |
|
| 278 | + 'accreditedCAsURL' => '', |
|
| 279 | 279 | ]; |
| 280 | 280 | |
| 281 | 281 | /** |
@@ -313,11 +313,11 @@ discard block |
||
| 313 | 313 | 'db' => 'customer_db', |
| 314 | 314 | 'user' => 'customerservice', |
| 315 | 315 | 'pass' => '2lame4u'], |
| 316 | - 'enforce-external-sync' => TRUE, |
|
| 317 | - /* if you feed your user database from a third-party source and do not want CAT to update it on its own, you can |
|
| 316 | + 'enforce-external-sync' => TRUE, |
|
| 317 | + /* if you feed your user database from a third-party source and do not want CAT to update it on its own, you can |
|
| 318 | 318 | * make it read-only |
| 319 | 319 | */ |
| 320 | - 'userdb-readonly' => FALSE, |
|
| 320 | + 'userdb-readonly' => FALSE, |
|
| 321 | 321 | ]; |
| 322 | 322 | |
| 323 | 323 | /** |
@@ -31,10 +31,11 @@ discard block |
||
| 31 | 31 | $idpoptions = $my_inst->getAttributes(); |
| 32 | 32 | $inst_name = $my_inst->name; |
| 33 | 33 | |
| 34 | -if ($wizard_style) |
|
| 34 | +if ($wizard_style) { |
|
| 35 | 35 | $cat = defaultPagePrelude(sprintf(_("%s: IdP enrollment wizard (step 2)"), Config::$APPEARANCE['productname'])); |
| 36 | -else |
|
| 36 | +} else { |
|
| 37 | 37 | $cat = defaultPagePrelude(sprintf(_("%s: Editing IdP '%s'"), Config::$APPEARANCE['productname'], $inst_name)); |
| 38 | +} |
|
| 38 | 39 | // let's check if the inst handle actually exists in the DB and user is authorised |
| 39 | 40 | ?> |
| 40 | 41 | <script src="js/option_expand.js" type="text/javascript"></script> |
@@ -43,9 +44,10 @@ discard block |
||
| 43 | 44 | |
| 44 | 45 | <?php |
| 45 | 46 | $additional = FALSE; |
| 46 | -foreach ($idpoptions as $optionname => $optionvalue) |
|
| 47 | +foreach ($idpoptions as $optionname => $optionvalue) { |
|
| 47 | 48 | if ($optionvalue['name'] == "general:geo_coordinates") |
| 48 | 49 | $additional = TRUE; |
| 50 | +} |
|
| 49 | 51 | geo_widget_head($my_inst->federation, $inst_name) |
| 50 | 52 | ?> |
| 51 | 53 | <script> |
@@ -74,10 +76,11 @@ discard block |
||
| 74 | 76 | |
| 75 | 77 | <h1> |
| 76 | 78 | <?php |
| 77 | -if ($wizard_style) |
|
| 79 | +if ($wizard_style) { |
|
| 78 | 80 | echo _("Step 2: General Information about your IdP"); |
| 79 | -else |
|
| 81 | +} else { |
|
| 80 | 82 | printf(_("Editing IdP information for '%s'"), $inst_name); |
| 83 | +} |
|
| 81 | 84 | ?> |
| 82 | 85 | </h1> |
| 83 | 86 | <div class='infobox'> |
@@ -98,9 +101,10 @@ discard block |
||
| 98 | 101 | echo "<form enctype='multipart/form-data' action='edit_idp_result.php?inst_id=$my_inst->identifier" . ($wizard_style ? "&wizard=true" : "") . "' method='post' accept-charset='UTF-8'> |
| 99 | 102 | <input type='hidden' name='MAX_FILE_SIZE' value='" . Config::$MAX_UPLOAD_SIZE . "'>"; |
| 100 | 103 | |
| 101 | -if ($wizard_style) |
|
| 104 | +if ($wizard_style) { |
|
| 102 | 105 | echo "<p>" . |
| 103 | 106 | _("Hello, newcomer. Your institution is new to us. This wizard will ask you several questions about your IdP, so that we can generate beautiful profiles for you in the end. All of the information below is optional, but it is important to fill out as many fields as possible for the benefit of your end users.") . "</p>"; |
| 107 | +} |
|
| 104 | 108 | ?> |
| 105 | 109 | <fieldset class="option_container"> |
| 106 | 110 | <legend><strong><?php echo _("General Information"); ?></strong></legend> |
@@ -143,12 +147,14 @@ discard block |
||
| 143 | 147 | echo "<strong>" . ( count(Config::$CONSORTIUM['ssid']) > 0 ? _("Additional SSIDs:") : _("SSIDs:")) . " </strong>"; |
| 144 | 148 | if (count(Config::$CONSORTIUM['ssid']) > 0) { |
| 145 | 149 | $ssidlist = ""; |
| 146 | - foreach (Config::$CONSORTIUM['ssid'] as $ssid) |
|
| 147 | - $ssidlist .= ", '<strong>" . $ssid . "</strong>'"; |
|
| 150 | + foreach (Config::$CONSORTIUM['ssid'] as $ssid) { |
|
| 151 | + $ssidlist .= ", '<strong>" . $ssid . "</strong>'"; |
|
| 152 | + } |
|
| 148 | 153 | $ssidlist = substr($ssidlist, 2); |
| 149 | 154 | echo sprintf(ngettext("We will always configure this SSID for WPA2/AES: %s.", "We will always configure these SSIDs for WPA2/AES: %s.", count(Config::$CONSORTIUM['ssid'])), $ssidlist); |
| 150 | - if (Config::$CONSORTIUM['tkipsupport']) |
|
| 151 | - echo " " . _("They will also be configured for WPA/TKIP if the device supports multiple encryption types."); |
|
| 155 | + if (Config::$CONSORTIUM['tkipsupport']) { |
|
| 156 | + echo " " . _("They will also be configured for WPA/TKIP if the device supports multiple encryption types."); |
|
| 157 | + } |
|
| 152 | 158 | echo "<br/>" . sprintf(_("It is also possible to define custom additional SSIDs with the options '%s' and '%s' below."), display_name("media:SSID"), display_name("media:SSID_with_legacy")); |
| 153 | 159 | } else { |
| 154 | 160 | echo _("Please configure which SSIDs should be configured in the installers."); |
@@ -160,8 +166,9 @@ discard block |
||
| 160 | 166 | echo "<strong>" . ( count(Config::$CONSORTIUM['ssid']) > 0 ? _("Additional Hotspot 2.0 / Passpoint Consortia:") : _("Hotspot 2.0 / Passpoint Consortia:")) . " </strong>"; |
| 161 | 167 | if (count(Config::$CONSORTIUM['interworking-consortium-oi']) > 0) { |
| 162 | 168 | $consortiumlist = ""; |
| 163 | - foreach (Config::$CONSORTIUM['interworking-consortium-oi'] as $oi) |
|
| 164 | - $consortiumlist .= ", '<strong>" . $oi . "</strong>'"; |
|
| 169 | + foreach (Config::$CONSORTIUM['interworking-consortium-oi'] as $oi) { |
|
| 170 | + $consortiumlist .= ", '<strong>" . $oi . "</strong>'"; |
|
| 171 | + } |
|
| 165 | 172 | $consortiumlist = substr($consortiumlist, 2); |
| 166 | 173 | echo sprintf(ngettext("We will always configure this Consortium OI: %s.", "We will always configure these Consortium OIs: %s.", count(Config::$CONSORTIUM['interworking-consortium-oi'])), $consortiumlist); |
| 167 | 174 | |
@@ -190,11 +197,12 @@ discard block |
||
| 190 | 197 | <fieldset class="option_container"> |
| 191 | 198 | <legend><strong><?php echo _("Helpdesk Details for all users"); ?></strong></legend> |
| 192 | 199 | <?php |
| 193 | -if ($wizard_style) |
|
| 200 | +if ($wizard_style) { |
|
| 194 | 201 | echo "<p>" . |
| 195 | 202 | _("If your IdP provides a helpdesk for its users, it would be nice if you would tell us the pointers to this helpdesk. Some site installers might be able to signal this information to the user if he gets stuck.") . "</p> |
| 196 | 203 | <p>" . |
| 197 | 204 | _("If you enter a value here, it will be added to the site installers for all your users, and will be displayed on the download page. If you operate separate helpdesks for different user groups (we call this 'profiles'), or operate no help desk at all (shame on you!), you can also leave any of these fields empty and optionally specify per-profile helpdesk information later in this wizard.") . "</p>"; |
| 205 | +} |
|
| 198 | 206 | ?> |
| 199 | 207 | |
| 200 | 208 | <table id="expandable_support_options"> |
@@ -206,9 +214,10 @@ discard block |
||
| 206 | 214 | <!-- <fieldset class="option_container"> |
| 207 | 215 | <legend><strong><?php echo _("EAP details for all users"); ?></strong></legend> |
| 208 | 216 | <?php |
| 209 | -if ($wizard_style) |
|
| 217 | +if ($wizard_style) { |
|
| 210 | 218 | echo "<p>" . _("Most EAP methods need server-side authentication details, like the CA certificate and/or server name(s) of your authentication servers. If all the EAP methods you support work with the same CA and or Common Names of servers, you can enter them here and they will be added as trust anchors in all profiles. If the details differ per profile or per EAP-type, you can also enter them in the individual profiles later.") . "</p> |
| 211 | 219 | <p>" . sprintf(_("<strong>Note well: </strong>The server-side validation is a cornerstone of %s; without it, users are subject to man-in-the-middle attacks! We will not generate site installers without Trusted CA anchors and server names."), Config::$CONSORTIUM['name']) . "</p>"; |
| 220 | +} |
|
| 212 | 221 | ?> |
| 213 | 222 | <table id="expandable_eapserver_options"> |
| 214 | 223 | <?php |
@@ -18,10 +18,11 @@ |
||
| 18 | 18 | if ($ls['Code'] === 'urn:oasis:names:tc:SAML:2.0:status:Success' && !isset($ls['SubCode'])) { |
| 19 | 19 | /* Successful logout. */ |
| 20 | 20 | $url = htmlspecialchars($_SERVER['HTTP_HOST']) . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], "/admin/logout_check.php")); |
| 21 | - if ($_SERVER['HTTPS'] == "on") |
|
| 22 | - $url = "https://" . $url; |
|
| 23 | - else |
|
| 24 | - $url = "http://" . $url; |
|
| 21 | + if ($_SERVER['HTTPS'] == "on") { |
|
| 22 | + $url = "https://" . $url; |
|
| 23 | + } else { |
|
| 24 | + $url = "http://" . $url; |
|
| 25 | + } |
|
| 25 | 26 | |
| 26 | 27 | header("Location: $url"); |
| 27 | 28 | } else { |
@@ -31,10 +31,11 @@ |
||
| 31 | 31 | <?php |
| 32 | 32 | $remaining_attribs = $user->beginflushAttributes(); |
| 33 | 33 | |
| 34 | -if (isset($_POST['option'])) |
|
| 34 | +if (isset($_POST['option'])) { |
|
| 35 | 35 | foreach ($_POST['option'] as $opt_id => $optname) |
| 36 | 36 | if ($optname == "user:fedadmin") { |
| 37 | 37 | echo "Security violation: user tried to make himself federation administrator!"; |
| 38 | +} |
|
| 38 | 39 | exit(1); |
| 39 | 40 | } |
| 40 | 41 | ?> |
@@ -128,19 +128,21 @@ discard block |
||
| 128 | 128 | if (isset($_GET['invitation'])) { |
| 129 | 129 | echo "<div class='ca-summary' style='position:relative;'><table>"; |
| 130 | 130 | |
| 131 | - if ($_GET['invitation'] == "SUCCESS") |
|
| 132 | - echo UI_remark(_("The invitation email was sent successfully."), _("The invitation email was sent.")); |
|
| 133 | - else if ($_GET['invitation'] == "FAILURE") |
|
| 134 | - echo UI_error(_("The invitation email could not be sent!"), _("The invitation email could not be sent!")); |
|
| 135 | - else |
|
| 136 | - echo UI_error(_("Error: unknown result code of invitation!?!"), _("Unknown result!")); |
|
| 131 | + if ($_GET['invitation'] == "SUCCESS") { |
|
| 132 | + echo UI_remark(_("The invitation email was sent successfully."), _("The invitation email was sent.")); |
|
| 133 | + } else if ($_GET['invitation'] == "FAILURE") { |
|
| 134 | + echo UI_error(_("The invitation email could not be sent!"), _("The invitation email could not be sent!")); |
|
| 135 | + } else { |
|
| 136 | + echo UI_error(_("Error: unknown result code of invitation!?!"), _("Unknown result!")); |
|
| 137 | + } |
|
| 137 | 138 | |
| 138 | 139 | echo "</table></div>"; |
| 139 | 140 | } |
| 140 | - if (Config::$CONSORTIUM['name'] == 'eduroam') |
|
| 141 | - $helptext = "<h3>" . sprintf(_("Need help? Refer to the <a href='%s'>Federation Operator manual</a>"),"https://wiki.geant.org/x/KQB_AQ")."</h3>"; |
|
| 142 | - else |
|
| 143 | - $helptext = ""; |
|
| 141 | + if (Config::$CONSORTIUM['name'] == 'eduroam') { |
|
| 142 | + $helptext = "<h3>" . sprintf(_("Need help? Refer to the <a href='%s'>Federation Operator manual</a>"),"https://wiki.geant.org/x/KQB_AQ")."</h3>"; |
|
| 143 | + } else { |
|
| 144 | + $helptext = ""; |
|
| 145 | + } |
|
| 144 | 146 | echo $helptext; |
| 145 | 147 | |
| 146 | 148 | ?> |
@@ -153,8 +155,9 @@ discard block |
||
| 153 | 155 | $feds = $user->getAttributes("user:fedadmin"); |
| 154 | 156 | $pending_invites = $mgmt->listPendingInvitations(); |
| 155 | 157 | |
| 156 | - if (Config::$DB['enforce-external-sync']) |
|
| 157 | - echo "<th>" . sprintf(_("%s Database Sync Status"), Config::$CONSORTIUM['name']) . "</th>"; |
|
| 158 | + if (Config::$DB['enforce-external-sync']) { |
|
| 159 | + echo "<th>" . sprintf(_("%s Database Sync Status"), Config::$CONSORTIUM['name']) . "</th>"; |
|
| 160 | + } |
|
| 158 | 161 | ?> |
| 159 | 162 | <th><?php echo _("Administrator Management"); ?></th> |
| 160 | 163 | </tr> |
@@ -165,10 +168,11 @@ discard block |
||
| 165 | 168 | |
| 166 | 169 | // extract only pending invitations for *this* fed |
| 167 | 170 | $display_pendings = FALSE; |
| 168 | - foreach ($pending_invites as $oneinvite) |
|
| 169 | - if (strtoupper($oneinvite['country']) == strtoupper($thefed->identifier)) { |
|
| 171 | + foreach ($pending_invites as $oneinvite) { |
|
| 172 | + if (strtoupper($oneinvite['country']) == strtoupper($thefed->identifier)) { |
|
| 170 | 173 | // echo "PENDINGS!"; |
| 171 | 174 | $display_pendings = TRUE; |
| 175 | + } |
|
| 172 | 176 | } |
| 173 | 177 | |
| 174 | 178 | $idps = $thefed->listIdentityProviders(); |
@@ -253,8 +257,8 @@ discard block |
||
| 253 | 257 | </strong> |
| 254 | 258 | </td> |
| 255 | 259 | </tr>"; |
| 256 | - foreach ($pending_invites as $oneinvite) |
|
| 257 | - if (strtoupper($oneinvite['country']) == strtoupper($thefed->identifier)) { |
|
| 260 | + foreach ($pending_invites as $oneinvite) { |
|
| 261 | + if (strtoupper($oneinvite['country']) == strtoupper($thefed->identifier)) { |
|
| 258 | 262 | echo "<tr> |
| 259 | 263 | <td>" . |
| 260 | 264 | $oneinvite['name'] . " |
@@ -263,6 +267,7 @@ discard block |
||
| 263 | 267 | $oneinvite['mail'] . " |
| 264 | 268 | </td> |
| 265 | 269 | <td colspan=2>"; |
| 270 | + } |
|
| 266 | 271 | echo "<form method='post' action='overview_federation.php' accept-charset='UTF-8'> |
| 267 | 272 | <input type='hidden' name='invitation_id' value='" . $oneinvite['token'] . "'/> |
| 268 | 273 | <button class='delete' type='submit' name='submitbutton' value='" . BUTTON_DELETE . "'>" . _("Revoke Invitation") . "</button> |
@@ -19,10 +19,10 @@ discard block |
||
| 19 | 19 | $Cat->set_locale("web_admin"); |
| 20 | 20 | |
| 21 | 21 | $additional_message = [ |
| 22 | - L_OK => '', |
|
| 23 | - L_REMARK => _("Some properties of the connection attempt were sub-optimal; the list is below."), |
|
| 24 | - L_WARN => _("Some properties of the connection attempt were sub-optimal; the list is below."), |
|
| 25 | - L_ERROR => _("Some configuration errors were observed; the list is below."), |
|
| 22 | + L_OK => '', |
|
| 23 | + L_REMARK => _("Some properties of the connection attempt were sub-optimal; the list is below."), |
|
| 24 | + L_WARN => _("Some properties of the connection attempt were sub-optimal; the list is below."), |
|
| 25 | + L_ERROR => _("Some configuration errors were observed; the list is below."), |
|
| 26 | 26 | |
| 27 | 27 | ]; |
| 28 | 28 | |
@@ -32,25 +32,25 @@ discard block |
||
| 32 | 32 | } |
| 33 | 33 | |
| 34 | 34 | function printDN($dn) { |
| 35 | - $out = ''; |
|
| 36 | - foreach (array_reverse($dn) as $k => $v) { |
|
| 37 | - if(is_array ($v)) { |
|
| 38 | - foreach ($v as $V) { |
|
| 35 | + $out = ''; |
|
| 36 | + foreach (array_reverse($dn) as $k => $v) { |
|
| 37 | + if(is_array ($v)) { |
|
| 38 | + foreach ($v as $V) { |
|
| 39 | 39 | if($out) |
| 40 | - $out .= ','; |
|
| 40 | + $out .= ','; |
|
| 41 | 41 | $out .= "$k=$V"; |
| 42 | - } |
|
| 43 | - } else { |
|
| 44 | - if($out) |
|
| 42 | + } |
|
| 43 | + } else { |
|
| 44 | + if($out) |
|
| 45 | 45 | $out .= ','; |
| 46 | - $out .= "$k=$v"; |
|
| 47 | - } |
|
| 48 | - } |
|
| 49 | - return($out); |
|
| 46 | + $out .= "$k=$v"; |
|
| 47 | + } |
|
| 48 | + } |
|
| 49 | + return($out); |
|
| 50 | 50 | } |
| 51 | 51 | |
| 52 | 52 | function printTm($tm) { |
| 53 | - return(gmdate(DateTime::COOKIE,$tm)); |
|
| 53 | + return(gmdate(DateTime::COOKIE,$tm)); |
|
| 54 | 54 | } |
| 55 | 55 | |
| 56 | 56 | |
@@ -60,19 +60,19 @@ discard block |
||
| 60 | 60 | $server_info = []; |
| 61 | 61 | $udp_result = $testsuite->UDP_reachability_result[$host]; |
| 62 | 62 | if(isset($udp_result['certdata']) && count($udp_result['certdata'])) { |
| 63 | - foreach ($udp_result['certdata'] as $certdata) { |
|
| 64 | - if($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned' ) |
|
| 65 | - continue; |
|
| 66 | - $server_cert = [ |
|
| 67 | - 'subject' => printDN($certdata['subject']), |
|
| 68 | - 'issuer' => printDN($certdata['issuer']), |
|
| 69 | - 'validFrom' => printTm($certdata['validFrom_time_t']), |
|
| 70 | - 'validTo' => printTm($certdata['validTo_time_t']), |
|
| 71 | - 'serialNumber' => $certdata['serialNumber'].sprintf(" (0x%X)",$certdata['serialNumber']), |
|
| 72 | - 'sha1' => $certdata['sha1'], |
|
| 73 | - 'extensions' => $certdata['extensions'] |
|
| 74 | - ]; |
|
| 75 | - } |
|
| 63 | + foreach ($udp_result['certdata'] as $certdata) { |
|
| 64 | + if($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned' ) |
|
| 65 | + continue; |
|
| 66 | + $server_cert = [ |
|
| 67 | + 'subject' => printDN($certdata['subject']), |
|
| 68 | + 'issuer' => printDN($certdata['issuer']), |
|
| 69 | + 'validFrom' => printTm($certdata['validFrom_time_t']), |
|
| 70 | + 'validTo' => printTm($certdata['validTo_time_t']), |
|
| 71 | + 'serialNumber' => $certdata['serialNumber'].sprintf(" (0x%X)",$certdata['serialNumber']), |
|
| 72 | + 'sha1' => $certdata['sha1'], |
|
| 73 | + 'extensions' => $certdata['extensions'] |
|
| 74 | + ]; |
|
| 75 | + } |
|
| 76 | 76 | } |
| 77 | 77 | $ret['server_cert'] = $server_cert; |
| 78 | 78 | if(isset($udp_result['incoming_server_names'][0]) ) { |
@@ -120,7 +120,7 @@ discard block |
||
| 120 | 120 | */ |
| 121 | 121 | $hostindex = $_REQUEST['hostindex']; |
| 122 | 122 | if(!is_numeric($hostindex)) |
| 123 | - exit; |
|
| 123 | + exit; |
|
| 124 | 124 | |
| 125 | 125 | |
| 126 | 126 | $returnarray = []; |
@@ -177,16 +177,16 @@ discard block |
||
| 177 | 177 | case RETVAL_OK : |
| 178 | 178 | $level = $returnarray['result'][$i]['level']; |
| 179 | 179 | switch($level) { |
| 180 | - case L_OK : |
|
| 180 | + case L_OK : |
|
| 181 | 181 | $message = _("<strong>Test successful.</strong>"); |
| 182 | - break; |
|
| 183 | - case L_REMARK : |
|
| 182 | + break; |
|
| 183 | + case L_REMARK : |
|
| 184 | 184 | case L_WARN : |
| 185 | 185 | $message = _("<strong>Test partially successful</strong>: authentication succeded.") . ' ' . $additional_message[$level]; |
| 186 | - break; |
|
| 187 | - case L_ERROR : |
|
| 186 | + break; |
|
| 187 | + case L_ERROR : |
|
| 188 | 188 | $message = _("<strong>Test FAILED</strong>: authentication succeded.") . ' ' . $additional_message[$level]; |
| 189 | - break; |
|
| 189 | + break; |
|
| 190 | 190 | } |
| 191 | 191 | break; |
| 192 | 192 | case RETVAL_CONVERSATION_REJECT: |
@@ -36,13 +36,15 @@ discard block |
||
| 36 | 36 | foreach (array_reverse($dn) as $k => $v) { |
| 37 | 37 | if(is_array ($v)) { |
| 38 | 38 | foreach ($v as $V) { |
| 39 | - if($out) |
|
| 40 | - $out .= ','; |
|
| 39 | + if($out) { |
|
| 40 | + $out .= ','; |
|
| 41 | + } |
|
| 41 | 42 | $out .= "$k=$V"; |
| 42 | 43 | } |
| 43 | 44 | } else { |
| 44 | - if($out) |
|
| 45 | - $out .= ','; |
|
| 45 | + if($out) { |
|
| 46 | + $out .= ','; |
|
| 47 | + } |
|
| 46 | 48 | $out .= "$k=$v"; |
| 47 | 49 | } |
| 48 | 50 | } |
@@ -61,8 +63,9 @@ discard block |
||
| 61 | 63 | $udp_result = $testsuite->UDP_reachability_result[$host]; |
| 62 | 64 | if(isset($udp_result['certdata']) && count($udp_result['certdata'])) { |
| 63 | 65 | foreach ($udp_result['certdata'] as $certdata) { |
| 64 | - if($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned' ) |
|
| 65 | - continue; |
|
| 66 | + if($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned' ) { |
|
| 67 | + continue; |
|
| 68 | + } |
|
| 66 | 69 | $server_cert = [ |
| 67 | 70 | 'subject' => printDN($certdata['subject']), |
| 68 | 71 | 'issuer' => printDN($certdata['issuer']), |
@@ -77,9 +80,9 @@ discard block |
||
| 77 | 80 | $ret['server_cert'] = $server_cert; |
| 78 | 81 | if(isset($udp_result['incoming_server_names'][0]) ) { |
| 79 | 82 | $ret['server'] = sprintf(_("Connected to %s."), $udp_result['incoming_server_names'][0]); |
| 83 | + } else { |
|
| 84 | + $ret['server'] = 0; |
|
| 80 | 85 | } |
| 81 | - else |
|
| 82 | - $ret['server'] = 0; |
|
| 83 | 86 | $ret['level'] = L_OK; |
| 84 | 87 | $ret['time_millisec'] = sprintf("%d", $udp_result['time_millisec']); |
| 85 | 88 | if (isset($udp_result['cert_oddities']) && count($udp_result['cert_oddities']) > 0) { |
@@ -100,8 +103,9 @@ discard block |
||
| 100 | 103 | return $ret; |
| 101 | 104 | } |
| 102 | 105 | |
| 103 | -if (!isset($_REQUEST['test_type']) || !$_REQUEST['test_type']) |
|
| 106 | +if (!isset($_REQUEST['test_type']) || !$_REQUEST['test_type']) { |
|
| 104 | 107 | exit; |
| 108 | +} |
|
| 105 | 109 | |
| 106 | 110 | $test_type = $_REQUEST['test_type']; |
| 107 | 111 | $check_realm = valid_Realm($_REQUEST['realm']); |
@@ -119,8 +123,9 @@ discard block |
||
| 119 | 123 | exit; |
| 120 | 124 | */ |
| 121 | 125 | $hostindex = $_REQUEST['hostindex']; |
| 122 | -if(!is_numeric($hostindex)) |
|
| 126 | +if(!is_numeric($hostindex)) { |
|
| 123 | 127 | exit; |
| 128 | +} |
|
| 124 | 129 | |
| 125 | 130 | |
| 126 | 131 | $returnarray = []; |
@@ -235,10 +240,11 @@ discard block |
||
| 235 | 240 | switch ($testresult) { |
| 236 | 241 | case RETVAL_CONVERSATION_REJECT: |
| 237 | 242 | $level = $returnarray['result'][$i]['level']; |
| 238 | - if($level > L_OK) |
|
| 239 | - $message = _("<strong>Test partially successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned.") . ' ' . $additional_message[$level]; |
|
| 240 | - else |
|
| 241 | - $message = _("<strong>Test successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned."); |
|
| 243 | + if($level > L_OK) { |
|
| 244 | + $message = _("<strong>Test partially successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned.") . ' ' . $additional_message[$level]; |
|
| 245 | + } else { |
|
| 246 | + $message = _("<strong>Test successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned."); |
|
| 247 | + } |
|
| 242 | 248 | break; |
| 243 | 249 | case RETVAL_IMMEDIATE_REJECT: |
| 244 | 250 | $message = _("<strong>Test FAILED</strong>: the request was rejected immediately, without EAP conversation. This is not necessarily an error: if the RADIUS server enforces that outer identities correspond to an existing username, then this result is expected (Note: you could configure a valid outer identity in your profile settings to get past this hurdle). In all other cases, the server appears misconfigured or it is unreachable."); |
@@ -276,23 +282,28 @@ discard block |
||
| 276 | 282 | } else { |
| 277 | 283 | $returnarray['message'] = $testsuite->return_codes[$testsuite->TLS_CA_checks_result[$host]['status']]["message"]; |
| 278 | 284 | $returnarray['level'] = L_OK; |
| 279 | - if ($testsuite->TLS_CA_checks_result[$host]['status'] != RETVAL_CONNECTION_REFUSED) |
|
| 280 | - $returnarray['message'] .= ' (' . sprintf(_("elapsed time: %d"), $testsuite->TLS_CA_checks_result[$host]['time_millisec']) . ' ms)'; |
|
| 281 | - else |
|
| 282 | - $returnarray['level'] = L_ERROR; |
|
| 285 | + if ($testsuite->TLS_CA_checks_result[$host]['status'] != RETVAL_CONNECTION_REFUSED) { |
|
| 286 | + $returnarray['message'] .= ' (' . sprintf(_("elapsed time: %d"), $testsuite->TLS_CA_checks_result[$host]['time_millisec']) . ' ms)'; |
|
| 287 | + } else { |
|
| 288 | + $returnarray['level'] = L_ERROR; |
|
| 289 | + } |
|
| 283 | 290 | if ($testsuite->TLS_CA_checks_result[$host]['status'] == RETVAL_OK) { |
| 284 | 291 | $returnarray['certdata'] = []; |
| 285 | 292 | $returnarray['certdata']['subject'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['subject']; |
| 286 | 293 | $returnarray['certdata']['issuer'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['issuer']; |
| 287 | 294 | $returnarray['certdata']['extensions'] = []; |
| 288 | - if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'])) |
|
| 289 | - $returnarray['certdata']['extensions']['subjectaltname'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']; |
|
| 290 | - if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['policyoid'])) |
|
| 291 | - $returnarray['certdata']['extensions']['policies'] = join(' ', $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['policyoid']); |
|
| 292 | - if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['crlDistributionPoint'])) |
|
| 293 | - $returnarray['certdata']['extensions']['crldistributionpoints'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['crlDistributionPoint']; |
|
| 294 | - if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['authorityInfoAccess'])) |
|
| 295 | - $returnarray['certdata']['extensions']['authorityinfoaccess'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['authorityInfoAccess']; |
|
| 295 | + if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'])) { |
|
| 296 | + $returnarray['certdata']['extensions']['subjectaltname'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']; |
|
| 297 | + } |
|
| 298 | + if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['policyoid'])) { |
|
| 299 | + $returnarray['certdata']['extensions']['policies'] = join(' ', $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['policyoid']); |
|
| 300 | + } |
|
| 301 | + if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['crlDistributionPoint'])) { |
|
| 302 | + $returnarray['certdata']['extensions']['crldistributionpoints'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['crlDistributionPoint']; |
|
| 303 | + } |
|
| 304 | + if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['authorityInfoAccess'])) { |
|
| 305 | + $returnarray['certdata']['extensions']['authorityinfoaccess'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['authorityInfoAccess']; |
|
| 306 | + } |
|
| 296 | 307 | } |
| 297 | 308 | $returnarray['cert_oddities'] = []; |
| 298 | 309 | } |
@@ -306,10 +317,11 @@ discard block |
||
| 306 | 317 | $k = 0; |
| 307 | 318 | // the host member of the array may not exist if RETVAL_SKIPPED came out |
| 308 | 319 | // (e.g. no client cert to test with). Be prepared for that |
| 309 | - if (isset($testsuite->TLS_clients_checks_result[$host])) |
|
| 310 | - foreach ($testsuite->TLS_clients_checks_result[$host]['ca'] as $type => $cli) { |
|
| 320 | + if (isset($testsuite->TLS_clients_checks_result[$host])) { |
|
| 321 | + foreach ($testsuite->TLS_clients_checks_result[$host]['ca'] as $type => $cli) { |
|
| 311 | 322 | foreach ($cli as $key => $val) { |
| 312 | 323 | $returnarray['ca'][$k][$key] = $val; |
| 324 | + } |
|
| 313 | 325 | } |
| 314 | 326 | $k++; |
| 315 | 327 | } |
@@ -347,8 +359,9 @@ discard block |
||
| 347 | 359 | $oids = check_policy($data); |
| 348 | 360 | if (!empty($oids)) { |
| 349 | 361 | $printedres .= '<li>' . _("Certificate policies") . ':'; |
| 350 | - foreach ($oids as $k => $o) |
|
| 351 | - $printedres .= " $o ($k)"; |
|
| 362 | + foreach ($oids as $k => $o) { |
|
| 363 | + $printedres .= " $o ($k)"; |
|
| 364 | + } |
|
| 352 | 365 | } |
| 353 | 366 | if (($crl = certificate_get_field($data, 'crlDistributionPoints'))) { |
| 354 | 367 | $printedres .= '<li>' . _("crlDistributionPoints") . ': ' . $crl; |
@@ -36,53 +36,53 @@ discard block |
||
| 36 | 36 | require_once("SanityTests.php"); |
| 37 | 37 | |
| 38 | 38 | function print_test_results($t) { |
| 39 | - $out = ''; |
|
| 40 | - switch($t->test_result['global']) { |
|
| 41 | - case L_OK: |
|
| 39 | + $out = ''; |
|
| 40 | + switch($t->test_result['global']) { |
|
| 41 | + case L_OK: |
|
| 42 | 42 | $message = "Your configuration appears to be fine."; |
| 43 | - break; |
|
| 44 | - case L_WARN: |
|
| 43 | + break; |
|
| 44 | + case L_WARN: |
|
| 45 | 45 | $message = "There were some warnings, but your configuration should work."; |
| 46 | - break; |
|
| 47 | - case L_ERROR: |
|
| 46 | + break; |
|
| 47 | + case L_ERROR: |
|
| 48 | 48 | $message = "Your configuration appears to be broken, please fix the errors."; |
| 49 | - break; |
|
| 50 | - case L_NOTICE: |
|
| 49 | + break; |
|
| 50 | + case L_NOTICE: |
|
| 51 | 51 | $message = "Your configuration appears to be fine."; |
| 52 | - break; |
|
| 53 | - } |
|
| 54 | - $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>"); |
|
| 55 | - foreach ($t->out as $test => $test_val) { |
|
| 56 | - foreach ($test_val as $o) { |
|
| 57 | - $out .= UI_message($o['level'],$o['message']); |
|
| 58 | - } |
|
| 59 | - } |
|
| 60 | - return($out); |
|
| 52 | + break; |
|
| 53 | + } |
|
| 54 | + $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>"); |
|
| 55 | + foreach ($t->out as $test => $test_val) { |
|
| 56 | + foreach ($test_val as $o) { |
|
| 57 | + $out .= UI_message($o['level'],$o['message']); |
|
| 58 | + } |
|
| 59 | + } |
|
| 60 | + return($out); |
|
| 61 | 61 | } |
| 62 | 62 | |
| 63 | 63 | function return_test_results($t) { |
| 64 | - $out = ''; |
|
| 65 | - switch($t->test_result['global']) { |
|
| 66 | - case L_OK: |
|
| 64 | + $out = ''; |
|
| 65 | + switch($t->test_result['global']) { |
|
| 66 | + case L_OK: |
|
| 67 | 67 | $message = "Your configuration appears to be fine."; |
| 68 | - break; |
|
| 69 | - case L_WARN: |
|
| 68 | + break; |
|
| 69 | + case L_WARN: |
|
| 70 | 70 | $message = "There were some warnings, but your configuration should work."; |
| 71 | - break; |
|
| 72 | - case L_ERROR: |
|
| 71 | + break; |
|
| 72 | + case L_ERROR: |
|
| 73 | 73 | $message = "Your configuration appears to be broken, please fix the errors."; |
| 74 | - break; |
|
| 75 | - case L_NOTICE: |
|
| 74 | + break; |
|
| 75 | + case L_NOTICE: |
|
| 76 | 76 | $message = "Your configuration appears to be fine."; |
| 77 | - break; |
|
| 78 | - } |
|
| 79 | - $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>"); |
|
| 80 | - foreach ($t->out as $test => $test_val) { |
|
| 81 | - foreach ($test_val as $o) { |
|
| 82 | - $out .= UI_message($o['level'],$o['message']); |
|
| 83 | - } |
|
| 84 | - } |
|
| 85 | - return($out); |
|
| 77 | + break; |
|
| 78 | + } |
|
| 79 | + $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>"); |
|
| 80 | + foreach ($t->out as $test => $test_val) { |
|
| 81 | + foreach ($test_val as $o) { |
|
| 82 | + $out .= UI_message($o['level'],$o['message']); |
|
| 83 | + } |
|
| 84 | + } |
|
| 85 | + return($out); |
|
| 86 | 86 | } |
| 87 | 87 | |
| 88 | 88 | |
@@ -93,8 +93,8 @@ discard block |
||
| 93 | 93 | authenticate(); |
| 94 | 94 | $user = new User($_SESSION['user']); |
| 95 | 95 | if (!$user->isSuperadmin()) { |
| 96 | - print "Not Superadmin"; |
|
| 97 | - exit; |
|
| 96 | + print "Not Superadmin"; |
|
| 97 | + exit; |
|
| 98 | 98 | } |
| 99 | 99 | |
| 100 | 100 | } |
@@ -108,7 +108,7 @@ discard block |
||
| 108 | 108 | break; |
| 109 | 109 | case 'html': |
| 110 | 110 | header("Content-Type:text/html;charset=utf-8"); |
| 111 | - echo "<!DOCTYPE html> |
|
| 111 | + echo "<!DOCTYPE html> |
|
| 112 | 112 | <html xmlns='http://www.w3.org/1999/xhtml' lang='$ourlocale'> |
| 113 | 113 | <head lang='$ourlocale'> |
| 114 | 114 | <meta http-equiv='Content-Type' content='text/html; charset=UTF-8'></head>"; |
@@ -28,8 +28,9 @@ discard block |
||
| 28 | 28 | |
| 29 | 29 | // delete stored realm |
| 30 | 30 | |
| 31 | -if (isset($_SESSION['check_realm'])) |
|
| 31 | +if (isset($_SESSION['check_realm'])) { |
|
| 32 | 32 | unset($_SESSION['check_realm']); |
| 33 | +} |
|
| 33 | 34 | |
| 34 | 35 | |
| 35 | 36 | geo_widget_head($my_inst->federation, $my_inst->name); |
@@ -95,15 +96,17 @@ discard block |
||
| 95 | 96 | </div> |
| 96 | 97 | <?php |
| 97 | 98 | $loadmap = FALSE; |
| 98 | - foreach ($idpoptions as $optionname => $optionvalue) |
|
| 99 | - if ($optionvalue['name'] == "general:geo_coordinates") |
|
| 99 | + foreach ($idpoptions as $optionname => $optionvalue) { |
|
| 100 | + if ($optionvalue['name'] == "general:geo_coordinates") |
|
| 100 | 101 | $loadmap = TRUE; |
| 101 | - if ($loadmap) |
|
| 102 | - echo ' |
|
| 102 | + } |
|
| 103 | + if ($loadmap) { |
|
| 104 | + echo ' |
|
| 103 | 105 | <div class="infobox" style="width:270px;"> |
| 104 | 106 | <div id="map" style="width:100%; height:150px"></div> |
| 105 | 107 | </div> |
| 106 | 108 | '; |
| 109 | + } |
|
| 107 | 110 | ?> |
| 108 | 111 | </div> |
| 109 | 112 | <table> |
@@ -131,8 +134,8 @@ discard block |
||
| 131 | 134 | <h2><?php _("Available Support actions"); ?></h2> |
| 132 | 135 | <table> |
| 133 | 136 | <?php |
| 134 | - if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || Config::$RADIUSTESTS['TLS-discoverytag'] != "") |
|
| 135 | - echo "<tr> |
|
| 137 | + if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || Config::$RADIUSTESTS['TLS-discoverytag'] != "") { |
|
| 138 | + echo "<tr> |
|
| 136 | 139 | <td>" . _("Check another realm's reachability") . "</td> |
| 137 | 140 | <td><form method='post' action='action_realmcheck.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'> |
| 138 | 141 | <input type='text' name='realm' id='realm'> |
@@ -140,7 +143,9 @@ discard block |
||
| 140 | 143 | </form> |
| 141 | 144 | </td> |
| 142 | 145 | </tr>"; |
| 143 | - if (Config::$CONSORTIUM['name'] == "eduroam") // SW: APPROVED |
|
| 146 | + } |
|
| 147 | + if (Config::$CONSORTIUM['name'] == "eduroam") { |
|
| 148 | + // SW: APPROVED |
|
| 144 | 149 | echo "<tr> |
| 145 | 150 | <td>" . _("Check server status of European federations") . "</td> |
| 146 | 151 | <td> |
@@ -149,14 +154,17 @@ discard block |
||
| 149 | 154 | </form> |
| 150 | 155 | </td> |
| 151 | 156 | </tr>"; |
| 157 | + } |
|
| 152 | 158 | ?> |
| 153 | 159 | </table> |
| 154 | 160 | <hr/> |
| 155 | 161 | <h2><?php echo _("Profiles for this institution"); ?></h2> |
| 156 | 162 | <?php |
| 157 | 163 | $profiles_for_this_idp = $my_inst->listProfiles(); |
| 158 | - if (count($profiles_for_this_idp) == 0) // no profiles yet. |
|
| 164 | + if (count($profiles_for_this_idp) == 0) { |
|
| 165 | + // no profiles yet. |
|
| 159 | 166 | echo _("There are not yet any profiles for your institution."); |
| 167 | + } |
|
| 160 | 168 | |
| 161 | 169 | foreach ($profiles_for_this_idp as $profile_list) { |
| 162 | 170 | echo "<div style='display: table-row; margin-bottom: 20px;'>"; |
@@ -170,9 +178,10 @@ discard block |
||
| 170 | 178 | // readiness - but want to display it before! |
| 171 | 179 | |
| 172 | 180 | $has_overrides = FALSE; |
| 173 | - foreach ($attribs as $attrib) |
|
| 174 | - if ($attrib['level'] == "Profile" && !preg_match("/^(internal:|profile:name|profile:description)/", $attrib['name'])) |
|
| 181 | + foreach ($attribs as $attrib) { |
|
| 182 | + if ($attrib['level'] == "Profile" && !preg_match("/^(internal:|profile:name|profile:description)/", $attrib['name'])) |
|
| 175 | 183 | $has_overrides = TRUE; |
| 184 | + } |
|
| 176 | 185 | |
| 177 | 186 | $buffer_eaptypediv = "<div style='margin-bottom:40px; float:left;'>" . _("<strong>EAP Types</strong> (in order of preference):") . "<br/>"; |
| 178 | 187 | $typelist = $profile_list->getEapMethodsinOrderOfPreference(); |
@@ -196,9 +205,10 @@ discard block |
||
| 196 | 205 | $allcomplete = FALSE; |
| 197 | 206 | }; |
| 198 | 207 | $eapattribs = $profile_list->getAttributes(0, $eaptype); |
| 199 | - foreach ($attribs as $attrib) |
|
| 200 | - if ($attrib['level'] == "Method" && !preg_match("/^internal:/", $attrib['name'])) |
|
| 208 | + foreach ($attribs as $attrib) { |
|
| 209 | + if ($attrib['level'] == "Method" && !preg_match("/^internal:/", $attrib['name'])) |
|
| 201 | 210 | $buffer_eaptypediv .= "<img src='../resources/images/icons/Letter-E-blue-icon.png' alt='" . _("Option override on EAP Method level is in effect.") . "'>"; |
| 211 | + } |
|
| 202 | 212 | $buffer_eaptypediv .= "<br/>"; |
| 203 | 213 | } |
| 204 | 214 | $buffer_headline = "<h2 style='overflow:auto;'>"; |
@@ -206,23 +216,27 @@ discard block |
||
| 206 | 216 | $buffer_headline .= "<div style='float:right;'>"; |
| 207 | 217 | $sufficient_config = $profile_list->getSufficientConfig(); |
| 208 | 218 | $showtime = $profile_list->getShowtime(); |
| 209 | - if ($has_overrides) |
|
| 210 | - $buffer_headline .= UI_remark("", _("Option override on profile level is in effect."), TRUE); |
|
| 211 | - if (!$allcomplete) |
|
| 212 | - $buffer_headline .= UI_error("", _("The information in this profile is incomplete."), TRUE); |
|
| 213 | - if ($showtime) |
|
| 214 | - $buffer_headline .= UI_okay("", _("This profile is shown on the user download interface."), TRUE); |
|
| 215 | - else if ($sufficient_config) |
|
| 216 | - $buffer_headline .= UI_warning("", sprintf(_("This profile is NOT shown on the user download interface, even though we have enough information to show. To enable the profile, add the attribute \"%s\" and tick the corresponding box."), display_name("profile:production")), TRUE); |
|
| 219 | + if ($has_overrides) { |
|
| 220 | + $buffer_headline .= UI_remark("", _("Option override on profile level is in effect."), TRUE); |
|
| 221 | + } |
|
| 222 | + if (!$allcomplete) { |
|
| 223 | + $buffer_headline .= UI_error("", _("The information in this profile is incomplete."), TRUE); |
|
| 224 | + } |
|
| 225 | + if ($showtime) { |
|
| 226 | + $buffer_headline .= UI_okay("", _("This profile is shown on the user download interface."), TRUE); |
|
| 227 | + } else if ($sufficient_config) { |
|
| 228 | + $buffer_headline .= UI_warning("", sprintf(_("This profile is NOT shown on the user download interface, even though we have enough information to show. To enable the profile, add the attribute \"%s\" and tick the corresponding box."), display_name("profile:production")), TRUE); |
|
| 229 | + } |
|
| 217 | 230 | $buffer_headline .= "</div>"; |
| 218 | 231 | |
| 219 | 232 | $buffer_headline .= sprintf(_("Profile: %s"), $profile_name) . "</h2>"; |
| 220 | 233 | |
| 221 | 234 | echo $buffer_headline; |
| 222 | 235 | |
| 223 | - if (array_search(EAP::$TTLS_PAP, $typelist) !== FALSE && array_search(EAP::$TTLS_GTC, $typelist) === FALSE && array_search(EAP::$PEAP_MSCHAP2, $typelist) === FALSE && array_search(EAP::$TTLS_MSCHAP2, $typelist) === FALSE) |
|
| 224 | - /// Hmmm... IdP Supports TTLS-PAP, but not TTLS-GTC nor anything based on MSCHAPv2. That locks out Symbian users; and is easy to circumvent. Tell the admin... |
|
| 236 | + if (array_search(EAP::$TTLS_PAP, $typelist) !== FALSE && array_search(EAP::$TTLS_GTC, $typelist) === FALSE && array_search(EAP::$PEAP_MSCHAP2, $typelist) === FALSE && array_search(EAP::$TTLS_MSCHAP2, $typelist) === FALSE) { |
|
| 237 | + /// Hmmm... IdP Supports TTLS-PAP, but not TTLS-GTC nor anything based on MSCHAPv2. That locks out Symbian users; and is easy to circumvent. Tell the admin... |
|
| 225 | 238 | $buffer_eaptypediv .= "<p>" . sprintf(_("Read this <a href='%s'>tip</a>."), "https://confluence.terena.org/display/H2eduroam/eap-types#eap-types-choices") . "</p>"; |
| 239 | + } |
|
| 226 | 240 | |
| 227 | 241 | $buffer_eaptypediv .= "</div>"; |
| 228 | 242 | echo $buffer_eaptypediv; |
@@ -230,12 +244,13 @@ discard block |
||
| 230 | 244 | $has_realm = $profile_list->getAttributes("internal:realm"); |
| 231 | 245 | $has_realm = $has_realm[0]['value']; |
| 232 | 246 | echo "<div class='profilemodulebuttons' style='float:right;'>"; |
| 233 | - if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || ( count(Config::$RADIUSTESTS['TLS-clientcerts']) > 0 && Config::$RADIUSTESTS['TLS-discoverytag'] != "")) |
|
| 234 | - echo "<form action='action_realmcheck.php?inst_id=$my_inst->identifier&profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'> |
|
| 247 | + if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || ( count(Config::$RADIUSTESTS['TLS-clientcerts']) > 0 && Config::$RADIUSTESTS['TLS-discoverytag'] != "")) { |
|
| 248 | + echo "<form action='action_realmcheck.php?inst_id=$my_inst->identifier&profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'> |
|
| 235 | 249 | <button type='submit' name='profile_action' value='check' " . ($has_realm ? "" : "disabled='disabled' title='" . _("The realm can only be checked if you configure the realm!") . "'") . "> |
| 236 | 250 | " . _("Check realm reachability") . " |
| 237 | 251 | </button> |
| 238 | 252 | </form>"; |
| 253 | + } |
|
| 239 | 254 | echo "<form action='overview_installers.php?inst_id=$my_inst->identifier&profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'> |
| 240 | 255 | <button type='submit' name='profile_action' value='check' " . ($has_eaptypes ? "" : "disabled='disabled' title='" . _("You have not fully configured any supported EAP types!") . "'") . "> |
| 241 | 256 | " . _("Installer Fine-Tuning and Download") . " |
@@ -261,10 +276,11 @@ discard block |
||
| 261 | 276 | if ($profile_list->getShowtime()) { |
| 262 | 277 | echo "<div style='display: table-cell; text-align:center;'><p><strong>" . _("User Download Link") . "</strong></p>"; |
| 263 | 278 | $URL = $profile_list->getCollapsedAttributes(); |
| 264 | - if (isset($URL['device-specific:redirect'])) |
|
| 265 | - $displayurl = $URL['device-specific:redirect'][0]; |
|
| 266 | - else |
|
| 267 | - $displayurl = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://' ) . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier . "&profile=" . $profile_list->identifier; |
|
| 279 | + if (isset($URL['device-specific:redirect'])) { |
|
| 280 | + $displayurl = $URL['device-specific:redirect'][0]; |
|
| 281 | + } else { |
|
| 282 | + $displayurl = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://' ) . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier . "&profile=" . $profile_list->identifier; |
|
| 283 | + } |
|
| 268 | 284 | echo "<a href='$displayurl' style='white-space: nowrap; text-align: center;'>"; |
| 269 | 285 | $uri = "data:image/png;base64," . base64_encode(png_inject_consortium_logo(QRcode::png($displayurl, FALSE, QR_ECLEVEL_Q, 12))); |
| 270 | 286 | $size = getimagesize($uri); |
@@ -277,8 +293,9 @@ discard block |
||
| 277 | 293 | echo "<div style='width:20px;'></div>"; |
| 278 | 294 | echo "<div style='display: table-cell; min-width:200px;'><p><strong>" . _("User Downloads") . "</strong></p><table>"; |
| 279 | 295 | $stats = $profile_list->getUserDownloadStats(); |
| 280 | - foreach ($stats as $dev => $count) |
|
| 281 | - echo "<tr><td><strong>$dev</strong></td><td>$count</td></tr>"; |
|
| 296 | + foreach ($stats as $dev => $count) { |
|
| 297 | + echo "<tr><td><strong>$dev</strong></td><td>$count</td></tr>"; |
|
| 298 | + } |
|
| 282 | 299 | echo "</table></div>"; |
| 283 | 300 | } |
| 284 | 301 | echo "</div>"; |
