GEANT / CAT

config/_config.php

Indentation +3 added lines, -3 removed lines

@@ -8,7 +8,7 @@
 /**
  * 
  */
-  $root = dirname(dirname(__FILE__));
-  include($root."/config/config.php");
-  set_include_path(get_include_path() . PATH_SEPARATOR . "$root/core" . PATH_SEPARATOR . "$root");
+    $root = dirname(dirname(__FILE__));
+    include($root."/config/config.php");
+    set_include_path(get_include_path() . PATH_SEPARATOR . "$root/core" . PATH_SEPARATOR . "$root");
 ?>

config/config-template.php

Indentation +37 added lines, -37 removed lines

@@ -141,13 +141,13 @@ 
     ];
 
     /**
-      * Configuration for GeoIP2 
-      * Beware, the legacy version does not really work with IPv6 addresses
-      * version: set to 2 if you wish to use GeoIP2, to 1 for the legacy version or set to 0 to turn off geolocation service
-      * geoip2-path-to-autoloader: points to the GeoIP2 autoloader 
-      * geoip2-path-to-db: points to the GeoIP2 city database
-      * @var array
-      */
+     * Configuration for GeoIP2 
+     * Beware, the legacy version does not really work with IPv6 addresses
+     * version: set to 2 if you wish to use GeoIP2, to 1 for the legacy version or set to 0 to turn off geolocation service
+     * geoip2-path-to-autoloader: points to the GeoIP2 autoloader 
+     * geoip2-path-to-db: points to the GeoIP2 city database
+     * @var array
+     */
       
     public static $GEOIP = [
         'version' => 0,
@@ -174,21 +174,21 @@ 
      * @var array
      */
     public static $LANGUAGES = [
-      'ca' => ['display' => 'Català',      'locale' => 'ca_ES.utf8'],
-      'de' => ['display' => 'Deutsch',     'locale' => 'de_DE.utf8'],
-      'en' => ['display' => 'English(GB)', 'locale' => 'en_GB.utf8'],
-      'es' => ['display' => 'Español',     'locale' => 'es_ES.utf8'],
-      'gl' => ['display' => 'Galego',      'locale' => 'gl_ES.utf8'],
-      'hr' => ['display' => 'Hrvatski',    'locale' => 'hr_HR.utf8'],
-      'it' => ['display' => 'Italiano',    'locale' => 'it_IT.utf8'],
-      'nb' => ['display' => 'Norsk',       'locale' => 'nb_NO.utf8'],
-      'pl' => ['display' => 'Polski',      'locale' => 'pl_PL.utf8'],
-      'sl' => ['display' => 'Slovenščina', 'locale' => 'sl_SI.utf8'],
-      'sr' => ['display' => 'Srpski',      'locale' => 'sr_RS@latin'],
-      'fi' => ['display' => 'Suomi',       'locale' => 'fi_FI.utf8'],
-      'el' => ['display' => 'Ελληνικά',    'locale' => 'el_GR.utf8'],
-      'hu' => ['display' => 'Magyar',      'locale' => 'hu_HU.utf8'],
-      'pt' => ['display' => 'Português',   'locale' => 'pt_PT.utf8'],
+        'ca' => ['display' => 'Català',      'locale' => 'ca_ES.utf8'],
+        'de' => ['display' => 'Deutsch',     'locale' => 'de_DE.utf8'],
+        'en' => ['display' => 'English(GB)', 'locale' => 'en_GB.utf8'],
+        'es' => ['display' => 'Español',     'locale' => 'es_ES.utf8'],
+        'gl' => ['display' => 'Galego',      'locale' => 'gl_ES.utf8'],
+        'hr' => ['display' => 'Hrvatski',    'locale' => 'hr_HR.utf8'],
+        'it' => ['display' => 'Italiano',    'locale' => 'it_IT.utf8'],
+        'nb' => ['display' => 'Norsk',       'locale' => 'nb_NO.utf8'],
+        'pl' => ['display' => 'Polski',      'locale' => 'pl_PL.utf8'],
+        'sl' => ['display' => 'Slovenščina', 'locale' => 'sl_SI.utf8'],
+        'sr' => ['display' => 'Srpski',      'locale' => 'sr_RS@latin'],
+        'fi' => ['display' => 'Suomi',       'locale' => 'fi_FI.utf8'],
+        'el' => ['display' => 'Ελληνικά',    'locale' => 'el_GR.utf8'],
+        'hu' => ['display' => 'Magyar',      'locale' => 'hu_HU.utf8'],
+        'pt' => ['display' => 'Português',   'locale' => 'pt_PT.utf8'],
 
 // For the following languages, partial translations exist in Transifex, but
 // they are not complete enough for display. Their Transifex content is not
@@ -237,45 +237,45 @@ 
         ],
 
         'TLS-clientcerts' => [
-          'CA1' => [
+            'CA1' => [
             'status' => 'ACCREDITED',
             'issuerCA' => '/DC=org/DC=pki1/CN=PKI 1',
             'certificates' => [
-              [
+                [
                 'status' => 'CORRECT',
                 'public' => 'ca1-client-cert.pem',
                 'private' => 'ca1-client-key.pem',
                 'expected' => 'PASS'],
-              [
+                [
                 'status' => 'WRONGPOLICY',
                 'public' => 'ca1-nopolicy-cert.pem',
                 'private' => 'ca1-nopolicy-key.key',
                 'expected' => 'FAIL'],
-              [
+                [
                 'status' => 'EXPIRED',
                 'public' => 'ca1-exp.pem',
                 'private' => 'ca1-exp.key',
                 'expected' => 'FAIL'],
-              [
+                [
                 'status' => 'REVOKED',
                 'public' => 'ca1-revoked.pem',
                 'private' => 'ca1-revoked.key',
                 'expected' => 'FAIL'],
             ]
-          ],
-          'CA-N' => [
+            ],
+            'CA-N' => [
             'status' => 'NONACCREDITED',
             'issuerCA' => '/DC=org/DC=pkiN/CN=PKI N',
             'certificates' => [
-               [
+                [
                 'status' => 'CORRECT',
                 'public' => 'caN-client-cert.pem',
                 'private' => 'caN-client-cert.key',
                 'expected' => 'FAIL'],
-               ]
-          ]
-      ],
-      'accreditedCAsURL' => '',
+                ]
+            ]
+        ],
+        'accreditedCAsURL' => '',
     ];
 
     /**
@@ -313,11 +313,11 @@ 
             'db' => 'customer_db',
             'user' => 'customerservice',
             'pass' => '2lame4u'],
-         'enforce-external-sync' => TRUE,
-         /* if you feed your user database from a third-party source and do not want CAT to update it on its own, you can 
+            'enforce-external-sync' => TRUE,
+            /* if you feed your user database from a third-party source and do not want CAT to update it on its own, you can 
           * make it read-only
           */
-         'userdb-readonly' => FALSE,
+            'userdb-readonly' => FALSE,
     ];
 
     /**

web/admin/radius_tests.php

Indentation +37 added lines, -37 removed lines

@@ -19,10 +19,10 @@ 
 $Cat->set_locale("web_admin");
 
 $additional_message =  [
-   L_OK => '',
-   L_REMARK => _("Some properties of the connection attempt were sub-optimal; the list is below."),
-   L_WARN => _("Some properties of the connection attempt were sub-optimal; the list is below."),
-   L_ERROR => _("Some configuration errors were observed; the list is below."),
+    L_OK => '',
+    L_REMARK => _("Some properties of the connection attempt were sub-optimal; the list is below."),
+    L_WARN => _("Some properties of the connection attempt were sub-optimal; the list is below."),
+    L_ERROR => _("Some configuration errors were observed; the list is below."),
  
 ];
 
@@ -32,25 +32,25 @@ 
 }
 
 function printDN($dn) {
-  $out = '';
-  foreach (array_reverse($dn) as $k => $v) {
-      if(is_array ($v)) {
-         foreach ($v as $V) {
+    $out = '';
+    foreach (array_reverse($dn) as $k => $v) {
+        if(is_array ($v)) {
+            foreach ($v as $V) {
             if($out) 
-               $out .= ',';
+                $out .= ',';
             $out .= "$k=$V";
-         }
-      } else {
-         if($out) 
+            }
+        } else {
+            if($out) 
             $out .= ',';
-         $out .= "$k=$v";
-      }
-  }
-  return($out);
+            $out .= "$k=$v";
+        }
+    }
+    return($out);
 }
 
 function printTm($tm) {
-  return(gmdate(DateTime::COOKIE,$tm));
+    return(gmdate(DateTime::COOKIE,$tm));
 }
 
 
@@ -60,19 +60,19 @@ 
     $server_info = [];
     $udp_result = $testsuite->UDP_reachability_result[$host];
     if(isset($udp_result['certdata']) && count($udp_result['certdata'])) {
-       foreach ($udp_result['certdata'] as $certdata) {
-          if($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned' )
-             continue;
-          $server_cert =  [
-             'subject' => printDN($certdata['subject']),
-             'issuer' => printDN($certdata['issuer']),
-             'validFrom' => printTm($certdata['validFrom_time_t']),
-             'validTo' => printTm($certdata['validTo_time_t']),
-             'serialNumber' => $certdata['serialNumber'].sprintf(" (0x%X)",$certdata['serialNumber']),
-             'sha1' => $certdata['sha1'],
-             'extensions' => $certdata['extensions']
-          ];
-       }
+        foreach ($udp_result['certdata'] as $certdata) {
+            if($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned' )
+                continue;
+            $server_cert =  [
+                'subject' => printDN($certdata['subject']),
+                'issuer' => printDN($certdata['issuer']),
+                'validFrom' => printTm($certdata['validFrom_time_t']),
+                'validTo' => printTm($certdata['validTo_time_t']),
+                'serialNumber' => $certdata['serialNumber'].sprintf(" (0x%X)",$certdata['serialNumber']),
+                'sha1' => $certdata['sha1'],
+                'extensions' => $certdata['extensions']
+            ];
+        }
     }
     $ret['server_cert'] = $server_cert;
     if(isset($udp_result['incoming_server_names'][0]) ) {
@@ -120,7 +120,7 @@ 
 */
 $hostindex = $_REQUEST['hostindex']; 
 if(!is_numeric($hostindex))
-  exit;
+    exit;
 
 
 $returnarray = [];
@@ -177,16 +177,16 @@ 
                 case RETVAL_OK :
                     $level = $returnarray['result'][$i]['level'];
                     switch($level) {
-                         case L_OK :
+                            case L_OK :
                              $message = _("<strong>Test successful.</strong>");
-                             break;
-                         case L_REMARK :
+                                break;
+                            case L_REMARK :
                          case L_WARN :
                              $message = _("<strong>Test partially successful</strong>: authentication succeded.") . ' ' . $additional_message[$level];
-                             break;
-                         case L_ERROR :
+                                break;
+                            case L_ERROR :
                              $message = _("<strong>Test FAILED</strong>: authentication succeded.") . ' ' . $additional_message[$level];
-                             break;
+                                break;
                     }
                     break;
                 case RETVAL_CONVERSATION_REJECT:

web/admin/sanity_tests.php

Indentation +39 added lines, -39 removed lines

@@ -36,53 +36,53 @@ 
 require_once("SanityTests.php");
 
 function print_test_results($t) {
-   $out = '';
-   switch($t->test_result['global']) {
-       case L_OK:
+    $out = '';
+    switch($t->test_result['global']) {
+        case L_OK:
          $message = "Your configuration appears to be fine.";
-         break;
-       case L_WARN:
+            break;
+        case L_WARN:
          $message = "There were some warnings, but your configuration should work.";
-         break;
-       case L_ERROR:
+            break;
+        case L_ERROR:
          $message = "Your configuration appears to be broken, please fix the errors.";
-         break;
-       case L_NOTICE:
+            break;
+        case L_NOTICE:
          $message = "Your configuration appears to be fine.";
-         break;
-   }
-   $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>");
-   foreach ($t->out as $test => $test_val)  {
-   foreach ($test_val as $o)  {
-       $out .= UI_message($o['level'],$o['message']);
-   }
-   }
-   return($out);
+            break;
+    }
+    $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>");
+    foreach ($t->out as $test => $test_val)  {
+    foreach ($test_val as $o)  {
+        $out .= UI_message($o['level'],$o['message']);
+    }
+    }
+    return($out);
 }
 
 function return_test_results($t) {
-   $out = '';
-   switch($t->test_result['global']) {
-       case L_OK:
+    $out = '';
+    switch($t->test_result['global']) {
+        case L_OK:
          $message = "Your configuration appears to be fine.";
-         break;
-       case L_WARN:
+            break;
+        case L_WARN:
          $message = "There were some warnings, but your configuration should work.";
-         break;
-       case L_ERROR:
+            break;
+        case L_ERROR:
          $message = "Your configuration appears to be broken, please fix the errors.";
-         break;
-       case L_NOTICE:
+            break;
+        case L_NOTICE:
          $message = "Your configuration appears to be fine.";
-         break;
-   }
-   $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>");
-   foreach ($t->out as $test => $test_val)  {
-   foreach ($test_val as $o)  {
-       $out .= UI_message($o['level'],$o['message']);
-   }
-   }
-   return($out);
+            break;
+    }
+    $out .= UI_message($t->test_result['global'],"<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>");
+    foreach ($t->out as $test => $test_val)  {
+    foreach ($test_val as $o)  {
+        $out .= UI_message($o['level'],$o['message']);
+    }
+    }
+    return($out);
 }
 
 
@@ -93,8 +93,8 @@ 
     authenticate();
     $user = new User($_SESSION['user']);
     if (!$user->isSuperadmin()) {
-         print "Not Superadmin";
-         exit;
+            print "Not Superadmin";
+            exit;
     }
     
 }
@@ -108,7 +108,7 @@ 
         break;
     case 'html':
     header("Content-Type:text/html;charset=utf-8");
-      echo "<!DOCTYPE html>
+        echo "<!DOCTYPE html>
           <html xmlns='http://www.w3.org/1999/xhtml' lang='$ourlocale'>
           <head lang='$ourlocale'>
           <meta http-equiv='Content-Type' content='text/html; charset=UTF-8'></head>";

web/admin/action_realmcheck.php

Indentation +154 added lines, -154 removed lines

@@ -28,30 +28,30 @@ 
 else
     $my_profile = NULL;
 if ($my_profile != NULL) {
-   $cr = $my_profile->getAttributes("internal:realm");
-   if ($cr) {
-      // checking our own stuff. Enable thorough checks
-      $check_thorough = TRUE;
-      $check_realm = $cr[0]['value'];
-      $testsuite = new RADIUSTests($check_realm, $my_profile->identifier);
-   } else {
-      $error_message = _("You asked for a realm check, but we don't know the realm for this profile!") . "</p>";
-   }
+    $cr = $my_profile->getAttributes("internal:realm");
+    if ($cr) {
+        // checking our own stuff. Enable thorough checks
+        $check_thorough = TRUE;
+        $check_realm = $cr[0]['value'];
+        $testsuite = new RADIUSTests($check_realm, $my_profile->identifier);
+    } else {
+        $error_message = _("You asked for a realm check, but we don't know the realm for this profile!") . "</p>";
+    }
 } else { // someone else's realm... only shallow checks
-   if(!empty($_REQUEST['realm'])) {
-      if($check_realm = valid_Realm($_REQUEST['realm'])) {
-         $_SESSION['check_realm'] = $check_realm;
-      }
-   } else {
-      if(!empty($_SESSION['check_realm']))
-         $check_realm = $_SESSION['check_realm'];
-      else
-         $check_realm = FALSE;
-   }
-   if($check_realm)
-      $testsuite = new RADIUSTests($check_realm);
-   else
-      $error_message = _("No valid realm name given, cannot execute any checks!");
+    if(!empty($_REQUEST['realm'])) {
+        if($check_realm = valid_Realm($_REQUEST['realm'])) {
+            $_SESSION['check_realm'] = $check_realm;
+        }
+    } else {
+        if(!empty($_SESSION['check_realm']))
+            $check_realm = $_SESSION['check_realm'];
+        else
+            $check_realm = FALSE;
+    }
+    if($check_realm)
+        $testsuite = new RADIUSTests($check_realm);
+    else
+        $error_message = _("No valid realm name given, cannot execute any checks!");
 }
 
 $translate = _("STATIC");
@@ -401,7 +401,7 @@ 
    var formData = new FormData($('#live_form')[0]);
 <?php
 foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
-   print "
+    print "
 $(\"#live_src".$hostindex."_img\").attr('src',icon_loading);
 $(\"#live_src".$hostindex."_img\").show();
     $.ajax({
@@ -438,7 +438,7 @@ 
     else
         $extraarg = "";
     
-   print "
+    print "
 $(\"#src".$hostindex."_img\").attr('src',icon_loading);
 $(\"#src$hostindex\").html('');
 running_ajax_stat++;
@@ -480,89 +480,89 @@ 
    <strong><?php echo _("Overview") ?></strong>
    </legend>
       <?php
-      // NAPTR existence check
-      echo "<strong>"._("DNS chekcs")."</strong><div>";
-      $naptr = $testsuite->NAPTR();
-      if ($naptr != RETVAL_NOTCONFIGURED) {
-           echo "<table>";
-                  // output in friendly words
-          echo "<tr><td>" . _("Checking NAPTR existence:") . "</td><td>";
-          switch ($naptr) {
-             case RETVAL_NONAPTR:
+        // NAPTR existence check
+        echo "<strong>"._("DNS chekcs")."</strong><div>";
+        $naptr = $testsuite->NAPTR();
+        if ($naptr != RETVAL_NOTCONFIGURED) {
+            echo "<table>";
+                    // output in friendly words
+            echo "<tr><td>" . _("Checking NAPTR existence:") . "</td><td>";
+            switch ($naptr) {
+                case RETVAL_NONAPTR:
                 echo _("This realm has no NAPTR records.");
                 break;
-             case RETVAL_ONLYUNRELATEDNAPTR:
+                case RETVAL_ONLYUNRELATEDNAPTR:
                 printf(_("This realm has NAPTR records, but none are associated with %s."), Config::$CONSORTIUM['name']);
                 break;
-             default: // if none of the possible negative retvals, then we have matching NAPTRs
+                default: // if none of the possible negative retvals, then we have matching NAPTRs
                 printf(_("This realm has %d %s NAPTR records."), $naptr, Config::$CONSORTIUM['name']);
-           }
-           echo "</td></tr>";
+            }
+            echo "</td></tr>";
 
-           // compliance checks for NAPTRs
+            // compliance checks for NAPTRs
 
-           if ($naptr > 0) {
-              echo "<tr><td>" . _("Checking NAPTR compliance (flag = S and regex = {empty}):") . "</td><td>";
-              $naptr_valid = $testsuite->NAPTR_compliance();
-              switch ($naptr_valid) {
-                 case RETVAL_OK:
+            if ($naptr > 0) {
+                echo "<tr><td>" . _("Checking NAPTR compliance (flag = S and regex = {empty}):") . "</td><td>";
+                $naptr_valid = $testsuite->NAPTR_compliance();
+                switch ($naptr_valid) {
+                    case RETVAL_OK:
                     echo _("No issues found.");
                     break;
-                 case RETVAL_INVALID:
+                    case RETVAL_INVALID:
                     printf(_("At least one NAPTR with invalid content found!"));
                     break;
-              }
-              echo "</td></tr>";
+                }
+                echo "</td></tr>";
             }
 
             // SRV resolution
 
             if ($naptr > 0 && $naptr_valid == RETVAL_OK) {
-              $srv = $testsuite->NAPTR_SRV();
-               echo "<tr><td>" . _("Checking SRVs:") . "</td><td>";
-               switch ($srv) {
-                  case RETVAL_SKIPPED:
+                $srv = $testsuite->NAPTR_SRV();
+                echo "<tr><td>" . _("Checking SRVs:") . "</td><td>";
+                switch ($srv) {
+                    case RETVAL_SKIPPED:
                      echo _("This check was skipped.");
-                     break;
-                  case RETVAL_INVALID:
+                        break;
+                    case RETVAL_INVALID:
                      printf(_("At least one NAPTR with invalid content found!"));
-                     break;
-                  default: // print number of successfully retrieved SRV targets
+                        break;
+                    default: // print number of successfully retrieved SRV targets
                      printf(_("%d host names discovered."), $srv);
-               }
-               echo "</td></tr>";
+                }
+                echo "</td></tr>";
             }
             // IP addresses for the hosts
             if ($naptr > 0 && $naptr_valid == RETVAL_OK && $srv > 0) {
-               $hosts = $testsuite->NAPTR_hostnames();
-               echo "<tr><td>" . _("Checking IP address resolution:") . "</td><td>";
-               switch ($srv) {
-                  case RETVAL_SKIPPED:
+                $hosts = $testsuite->NAPTR_hostnames();
+                echo "<tr><td>" . _("Checking IP address resolution:") . "</td><td>";
+                switch ($srv) {
+                    case RETVAL_SKIPPED:
                      echo _("This check was skipped.");
-                     break;
-                  case RETVAL_INVALID:
+                        break;
+                    case RETVAL_INVALID:
                      printf(_("At least one hostname could not be resolved!"));
-                     break;
-                  default: // print number of successfully retrieved SRV targets
+                        break;
+                    default: // print number of successfully retrieved SRV targets
                      printf(_("%d IP addresses resolved."), $hosts);
-               }
-               echo "</td></tr>";
+                }
+                echo "</td></tr>";
             }
 
             echo "</table><table>";
-              if (count($testsuite->listerrors()) == 0) {
+                if (count($testsuite->listerrors()) == 0) {
                 echo UI_message(L_OK,sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("with no DNS errors encountered. Congratulations!"));
                 echo "</table>";
-              } else {
+                } else {
                 echo UI_message(L_ERROR,sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("but there were DNS errors! Check them!") . " " . _("You should re-run the tests after fixing the errors; more errors might be uncovered at that point. The exact error causes are listed below."));
                 echo "</table><div class='notacceptable'><table>";
                 foreach ($testsuite->listerrors() as $details)
-                   echo "<tr><td>" . $details['TYPE'] . "</td><td>" . $details['TARGET'] . "</td></tr>";
+                    echo "<tr><td>" . $details['TYPE'] . "</td><td>" . $details['TARGET'] . "</td></tr>";
                 echo "</table></div>";
-              }
-              echo '</div>';
+                }
+                echo '</div>';
 
-              echo '<script type="text/javascript">
+                echo '<script type="text/javascript">
               function run_dynamic() {
                  running_ajax_dyn = 0;
                  $("#main_dynamic_ico").attr("src",icon_loading);
@@ -571,37 +571,37 @@ 
                  global_level_dyn = L_OK;
                  $("#dynamic_tests").show();
               ';
-                  foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
-                      $host = '';
-                      if ($addr['family'] == "IPv6") $host .= '[';
-                      $host .= $addr['IP'];
-                      if ($addr['family'] == "IPv6") $host .= ']';
-                      $host .= ':' . $addr['port'];
+                    foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
+                        $host = '';
+                        if ($addr['family'] == "IPv6") $host .= '[';
+                        $host .= $addr['IP'];
+                        if ($addr['family'] == "IPv6") $host .= ']';
+                        $host .= ':' . $addr['port'];
 /*if($addr['family'] == "IPv6")
    continue;*/
-                      print "
+                        print "
                             running_ajax_dyn++;
                             $.ajax({url:'radius_tests.php', data:{test_type: 'capath', realm: realm, src: '$host', lang: '".CAT::get_lang()."', hostindex: '$hostindex' }, error: eee, success: capath, dataType: 'json'}); 
                             running_ajax_dyn++;
                             $.ajax({url:'radius_tests.php', data:{test_type: 'clients', realm: realm, src: '$host', lang: '".CAT::get_lang()."', hostindex: '$hostindex' }, error: eee, success: clients, dataType: 'json'}); 
                        ";
-                   }
-              echo "}
+                    }
+                echo "}
               </script><hr>";
        
-         } else {
-          echo "<tr><td>" . _("Dynamic discovery test is not configured") . "</td><td>";
-         }
-         echo "<strong>"._("Static connectivity tests")."</strong>
+            } else {
+            echo "<tr><td>" . _("Dynamic discovery test is not configured") . "</td><td>";
+            }
+            echo "<strong>"._("Static connectivity tests")."</strong>
          <table><tr>
          <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_static_ico' class='icon'></td><td id='main_static_result' style='display:none'>&nbsp;</td>
          </tr></table>";
-         if($naptr > 0) {
-             echo "<hr><strong>"._("Dynamic connectivity tests")."</strong>
+            if($naptr > 0) {
+                echo "<hr><strong>"._("Dynamic connectivity tests")."</strong>
          <table><tr>
          <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_dynamic_ico' class='icon'></td><td id='main_dynamic_result' style='display:none'>&nbsp;</td>
          </tr></table>";
-         }
+            }
 ?>
 
 </fieldset>
@@ -613,11 +613,11 @@ 
      <fieldset class="option_container" id="static_tests">
      <legend><strong> <?php echo _("STATIC connectivity tests");?> </strong> </legend>
 <?php
-     echo sprintf(_("This check sends a request for the realm through various entry points of the %s infrastructure. The request will contain the 'Operator-Name' attribute, and will be larger than 1500 Bytes to catch two common configuration problems.<br/>Since we don't have actual credentials for the realm, we can't authenticate successfully - so the expected outcome is to get an Access-Reject after having gone through an EAP conversation."), Config::$CONSORTIUM['name']);
+        echo sprintf(_("This check sends a request for the realm through various entry points of the %s infrastructure. The request will contain the 'Operator-Name' attribute, and will be larger than 1500 Bytes to catch two common configuration problems.<br/>Since we don't have actual credentials for the realm, we can't authenticate successfully - so the expected outcome is to get an Access-Reject after having gone through an EAP conversation."), Config::$CONSORTIUM['name']);
 print "<p>";
 
 foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
-  print "<hr>";
+    print "<hr>";
 printf(_("Testing from: %s"), "<strong>".Config::$RADIUSTESTS['UDP-hosts'][$hostindex]['display_name']."</strong>");
 print "<table id='results$hostindex'  style='width:100%' class='udp_results'>
 <tr>
@@ -637,28 +637,28 @@ 
   </div>
 
 <?php
-              if ($naptr > 0) {
+                if ($naptr > 0) {
 ?>
   <div id="tabs-3">
 <button id="run_d_tests" onclick="run_dynamic()"><?php echo _("Repeat dynamic connectivity tests") ?></button>
 
 <?php
-                  echo "<div id='dynamic_tests'><fieldset class='option_container'>
+                    echo "<div id='dynamic_tests'><fieldset class='option_container'>
                 <legend><strong>" . _("DYNAMIC connectivity tests") . "</strong></legend>";
 
-                  $resultstoprint = [];
-                  if (count($testsuite->NAPTR_hostname_records)>0) {
-                      $resultstoprint[] = '<table style="align:right; display: none;" id="dynamic_result_fail">' .  UI_message(L_ERROR,_("Some errors were found during the tests, see below")) . '</table><table style="align:right; display: none;" id="dynamic_result_pass">' . UI_message(L_OK,_("All tests passed, congratulations!")) . '</table>';
-                      $resultstoprint[] = '<div style="align:right;"><a href="" class="moreall">' . _('Show detailed information for all tests') . '</a></div>' . '<p><strong>' . _("Checking server handshake...") . "</strong><p>";
-                      foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
+                    $resultstoprint = [];
+                    if (count($testsuite->NAPTR_hostname_records)>0) {
+                        $resultstoprint[] = '<table style="align:right; display: none;" id="dynamic_result_fail">' .  UI_message(L_ERROR,_("Some errors were found during the tests, see below")) . '</table><table style="align:right; display: none;" id="dynamic_result_pass">' . UI_message(L_OK,_("All tests passed, congratulations!")) . '</table>';
+                        $resultstoprint[] = '<div style="align:right;"><a href="" class="moreall">' . _('Show detailed information for all tests') . '</a></div>' . '<p><strong>' . _("Checking server handshake...") . "</strong><p>";
+                        foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
 /*                          if ($addr['family'] == "IPv6") {
                               $resultstoprint[] = '<strong>' . $addr['IP'] . ' TCP/' . $addr['port'] . "</strong><ul style='list-style-type: none;'><li>" . _('Due to OpenSSL limitations, it is not possible to check IPv6 addresses at this time.') . '</li></ul>';
                               continue;
                           }*/
-                          $bracketaddr = ($addr["family"] == "IPv6" ? "[" . $addr["IP"] . "]" : $addr["IP"]);
-                          $resultstoprint[] = '<p><strong>' . $bracketaddr . ' TCP/' . $addr['port'] . '</strong>';
-                          $resultstoprint[] = '<ul style="list-style-type: none;" class="caresult"><li>';
-                          $resultstoprint[] = "<table id='caresults$hostindex'  style='width:100%'>
+                            $bracketaddr = ($addr["family"] == "IPv6" ? "[" . $addr["IP"] . "]" : $addr["IP"]);
+                            $resultstoprint[] = '<p><strong>' . $bracketaddr . ' TCP/' . $addr['port'] . '</strong>';
+                            $resultstoprint[] = '<ul style="list-style-type: none;" class="caresult"><li>';
+                            $resultstoprint[] = "<table id='caresults$hostindex'  style='width:100%'>
 <tr>
 <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='srcca".$hostindex."_img'></td>
 <td id='srcca$hostindex'>
@@ -666,17 +666,17 @@ 
 </td>
 </tr>
 </table>";
-                          $resultstoprint[] = '</li></ul>';
-                     }    
-                     $clientstest = [];
-                     foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
-                          //$clientsres = $testsuite->TLS_client_side_tests();
+                            $resultstoprint[] = '</li></ul>';
+                        }    
+                        $clientstest = [];
+                        foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) {
+                            //$clientsres = $testsuite->TLS_client_side_tests();
 /*                          if ($addr['family'] == 'IPv6') {
                                   $clientstest[] = '<p><strong>' . $addr['IP'] . ' TCP/' . $addr['port'] . '</strong></p>' .  "<ul style='list-style-type: none;'><li>" . _('Due to OpenSSL limitations, it is not possible to check IPv6 addresses at this time.') . '</li></ul>';
                                   continue;
                           }*/
-                          $clientstest[] = '<p><strong>' . $addr['IP'] . ' TCP/' . $addr['port'] . '</strong></p><ol>';
-                          $clientstest[] = "<span id='clientresults$hostindex$clinx'><table style='width:100%'>
+                            $clientstest[] = '<p><strong>' . $addr['IP'] . ' TCP/' . $addr['port'] . '</strong></p><ol>';
+                            $clientstest[] = "<span id='clientresults$hostindex$clinx'><table style='width:100%'>
 <tr>
 <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='srcclient".$hostindex."_img'></td>
 <td id='srcclient$hostindex'>
@@ -684,29 +684,29 @@ 
 </td>
 </tr>
 </table></span>";
-                          $clientstest[] = '</ol>';
-                      }
-                      echo '<div style="align:right;">';
-                      echo join('',$resultstoprint);
-                      echo '<span id="clientstest" style="display: none;"><p><hr><b>' . _('Checking if certificates from  CAs are accepted...') . '</b><p>' .  _('A few client certificates will be tested to check if servers are resistant to some certificate problems.') . '<p>';
-                      print join('',$clientstest);
-                      echo '</span>';
-                      echo '</div>';
-                  }
-                  echo "</fieldset></div></div>";
-              }
-              // further checks TBD:
-              //     check if accepts certificates from all accredited CAs
-              //     check if doesn't accept revoked certificates
-              //     check if RADIUS request gets rejected timely
-              //     check if truncates/dies on Operator-Name
-              if ($check_thorough) {
-                  echo "<div id='tabs-4'><fieldset class='option_container'>
+                            $clientstest[] = '</ol>';
+                        }
+                        echo '<div style="align:right;">';
+                        echo join('',$resultstoprint);
+                        echo '<span id="clientstest" style="display: none;"><p><hr><b>' . _('Checking if certificates from  CAs are accepted...') . '</b><p>' .  _('A few client certificates will be tested to check if servers are resistant to some certificate problems.') . '<p>';
+                        print join('',$clientstest);
+                        echo '</span>';
+                        echo '</div>';
+                    }
+                    echo "</fieldset></div></div>";
+                }
+                // further checks TBD:
+                //     check if accepts certificates from all accredited CAs
+                //     check if doesn't accept revoked certificates
+                //     check if RADIUS request gets rejected timely
+                //     check if truncates/dies on Operator-Name
+                if ($check_thorough) {
+                    echo "<div id='tabs-4'><fieldset class='option_container'>
                 <legend><strong>" . _("Live login test") . "</strong></legend>";
-                  $prof_compl = $my_profile->getEapMethodsinOrderOfPreference(1);
-                  if (count($prof_compl) > 0) {
+                    $prof_compl = $my_profile->getEapMethodsinOrderOfPreference(1);
+                    if (count($prof_compl) > 0) {
 
-                      echo "<div id='disposable_credential_container'><p>" . _("If you enter an existing login credential here, you can test the actual authentication from various checkpoints all over the world.") . "</p>
+                        echo "<div id='disposable_credential_container'><p>" . _("If you enter an existing login credential here, you can test the actual authentication from various checkpoints all over the world.") . "</p>
                     <p>" . _("The test will use all EAP types you have set in your profile information to check whether the right CAs and server names are used, and of course whether the login with these credentials and the given EAP type actually worked. If you have set anonymous outer ID, the test will use that.") . "</p>
                     <p>" . _("Note: the tool purposefully does not offer you to save these credentials, and they will never be saved in any way on the server side. Please use only <strong>temporary test accounts</strong> here; permanently valid test accounts in the wild are considered harmful!") . "</p></div>
                     <form enctype='multipart/form-data' id='live_form' accept-charset='UTF-8'>
@@ -715,44 +715,44 @@ 
                     <input type='hidden' name='profile_id' value='".$my_profile->identifier."'>
                     <table id='live_tests'>";
 // if any password based EAP methods are available enable this section
-              if (in_array(EAP::$PEAP_MSCHAP2, $prof_compl) ||
+                if (in_array(EAP::$PEAP_MSCHAP2, $prof_compl) ||
                               in_array(EAP::$TTLS_MSCHAP2, $prof_compl) ||
                               in_array(EAP::$TTLS_GTC, $prof_compl) ||
                               in_array(EAP::$FAST_GTC, $prof_compl) ||
                               in_array(EAP::$PWD, $prof_compl) ||
                               in_array(EAP::$TTLS_PAP, $prof_compl)
-                      ) { 
-                          echo  "<tr><td colspan='2'><strong>" . _("Password-based EAP types") . "</strong></td></tr>
+                        ) { 
+                            echo  "<tr><td colspan='2'><strong>" . _("Password-based EAP types") . "</strong></td></tr>
                         <tr><td>" . _("Real (inner) username:") . "</td><td><input type='text' id='username' class='mandatory' name='username'/></td></tr>";
-                           echo "<tr><td>" . _("Anonymous outer ID (optional):") . "</td><td><input type='text' id='outer_username' name='outer_username'/></td></tr>";
-                          echo "<tr><td>" . _("Password:") . "</td><td><input type='text' id='password' class='mandatory' name='password'/></td></tr>";
-               }
-                      // ask for cert + privkey if TLS-based method is active
-                      if (in_array(EAP::$TLS, $prof_compl))
-                          echo "<tr><td colspan='2'><strong>" . _("Certificate-based EAP types") . "</strong></td></tr>
+                            echo "<tr><td>" . _("Anonymous outer ID (optional):") . "</td><td><input type='text' id='outer_username' name='outer_username'/></td></tr>";
+                            echo "<tr><td>" . _("Password:") . "</td><td><input type='text' id='password' class='mandatory' name='password'/></td></tr>";
+                }
+                        // ask for cert + privkey if TLS-based method is active
+                        if (in_array(EAP::$TLS, $prof_compl))
+                            echo "<tr><td colspan='2'><strong>" . _("Certificate-based EAP types") . "</strong></td></tr>
                         <tr><td>" . _("Certificate file (.p12 or .pfx):") . "</td><td><input type='file' id='cert' accept='application/x-pkcs12' name='cert'/></td></tr>
                         <tr><td>" . _("Certificate password, if any:") . "</td><td><input type='text' id='privkey' name='privkey_pass'/></td></tr>
                         <tr><td>" . _("Username, if different from certificate Subject:") . "</td><td><input type='text' id='tls_username' name='tls_username'/></td></tr>";
-                      echo "<tr><td colspan='2'><button id='submit_credentials'>" . _("Submit credentials") . "</button></td></tr></table></form>";
-                      echo "<div id='live_login_results' style='display:none'>";
-                      foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
+                        echo "<tr><td colspan='2'><button id='submit_credentials'>" . _("Submit credentials") . "</button></td></tr></table></form>";
+                        echo "<div id='live_login_results' style='display:none'>";
+                        foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) {
                         print "<hr>";
-                      printf(_("Testing from: %s"), "<strong>".Config::$RADIUSTESTS['UDP-hosts'][$hostindex]['display_name']."</strong>");
-                      print "<span style='position:relative'><img src='../resources/images/icons/loading51.gif' id='live_src".$hostindex."_img' style='width:24px; position: absolute; left: 20px; bottom: 0px; '></span>";
+                        printf(_("Testing from: %s"), "<strong>".Config::$RADIUSTESTS['UDP-hosts'][$hostindex]['display_name']."</strong>");
+                        print "<span style='position:relative'><img src='../resources/images/icons/loading51.gif' id='live_src".$hostindex."_img' style='width:24px; position: absolute; left: 20px; bottom: 0px; '></span>";
 print "<div id='eap_test$hostindex' class='eap_test_results'></div>";
 }
-                      echo "</div>";
+                        echo "</div>";
 
-                  } else {// no EAP methods fully defined
-                      echo "Live Login Checks require at least one fully configured EAP type.";
-                  }
-                  echo "</fieldset></div>";
-              }
+                    } else {// no EAP methods fully defined
+                        echo "Live Login Checks require at least one fully configured EAP type.";
+                    }
+                    echo "</fieldset></div>";
+                }
 echo "
 </div>
 ";
 }
-              ?>
+                ?>
     <form method='post' action='overview_idp.php?inst_id=<?php echo $my_inst->identifier; ?>' accept-charset='UTF-8'>
         <button type='submit' name='submitbutton' value='<?php echo BUTTON_CLOSE; ?>'><?php echo _("Return to dashboard"); ?></button>
     </form>
@@ -763,11 +763,11 @@ 
     run_udp();
 <?php
     if ($naptr > 0) 
-       echo "run_dynamic();";
+        echo "run_dynamic();";
     else
-       echo '$("#tabs-d-li").hide();';
+        echo '$("#tabs-d-li").hide();';
     if (!$check_thorough) 
-       echo '$("#tabs-through").hide();';
+        echo '$("#tabs-through").hide();';
 ?>
 </script>
     <?php footer() ?>

web/admin/112365365321.php

Indentation +4 added lines, -4 removed lines

@@ -43,7 +43,7 @@ 
     authenticate();
     $no_security = 0;
 } else {
-   $no_security = 1;
+    $no_security = 1;
 }
 $user = new User((!in_array("I do not care about security!", Config::$SUPERADMINS) ? $_SESSION['user'] : "UNIDENTIFIED"));
 
@@ -61,16 +61,16 @@ 
             </legend>
 <?php
             if (isset($_POST['admin_action'])) {
-               if($_POST['admin_action'] == BUTTON_SANITY_TESTS)
+                if($_POST['admin_action'] == BUTTON_SANITY_TESTS)
                         include("sanity_tests.php");
             }
 ?>
 <button type="submit" name="admin_action" value="<?php echo BUTTON_SANITY_TESTS; ?>">Run configuration check</button>
 </fieldset>
 <?php if($no_security) {
-     print "<h2 style='color: red'>In order to do more you need to configure the SUPERADMIN section  in config/config.php and login as one.</h2>";
+        print "<h2 style='color: red'>In order to do more you need to configure the SUPERADMIN section  in config/config.php and login as one.</h2>";
 
-   } else {
+    } else {
 ?>
         <fieldset class="option_container">
             <legend>

web/admin/inc/geo_widget.php

Indentation +1 added lines, -1 removed lines

@@ -283,7 +283,7 @@
     if ($wizard)
             echo "<p>".
             _("The user download interface (see <a href='../'>here</a>), uses geolocation to suggest possibly matching IdPs to the user. The more precise you define the location here, the easier your users will find you.").
-                 "</p>
+                    "</p>
                      <ul>".
                         _("<li>Drag the marker in the map to your place, or</li>
 <li>enter your street address in the field below for lookup, or</li>

web/admin/inc/sendinvite.inc.php

Indentation +1 added lines, -1 removed lines

@@ -140,7 +140,7 @@
         $message .= wordwrap(_("Additional message from your federation administrator:"),72) . "
 ---------------------------------
 "
-                  . wordwrap($customtext[0]['value'],72) . "
+                    . wordwrap($customtext[0]['value'],72) . "
 ---------------------------------
 
 ";

web/admin/inc/option_xhr.inc.php

Switch Indentation +27 added lines, -27 removed lines

@@ -25,33 +25,33 @@
     $list = $optioninfo->availableOptions($_GET["class"]);
 
     switch ($_GET['class']) {
-    case "general":
-        $blacklist_item = array_search("general:geo_coordinates", $list);
-        if ($blacklist_item !== FALSE) {
-            unset($list[$blacklist_item]);
-            $list = array_values($list);
-        }
-        break;
-    case "user":
-        $blacklist_item = array_search("user:fedadmin", $list);
-        if ($blacklist_item !== FALSE) {
-            unset($list[$blacklist_item]);
-            $list = array_values($list);
-        }
-        break;
-    case "eap":
-    case "support":
-    case "profile":
-    case "media":
-    case "fed":
-            $list = array_values($list);
-        break;
-    case "device-specific":
-    case "eap-specific":
-        break;
-    default:
-        debug(1,"Unknown type of option!");
-        exit(1);
+        case "general":
+            $blacklist_item = array_search("general:geo_coordinates", $list);
+            if ($blacklist_item !== FALSE) {
+                unset($list[$blacklist_item]);
+                $list = array_values($list);
+            }
+            break;
+        case "user":
+            $blacklist_item = array_search("user:fedadmin", $list);
+            if ($blacklist_item !== FALSE) {
+                unset($list[$blacklist_item]);
+                $list = array_values($list);
+            }
+            break;
+        case "eap":
+        case "support":
+        case "profile":
+        case "media":
+        case "fed":
+                $list = array_values($list);
+            break;
+        case "device-specific":
+        case "eap-specific":
+            break;
+        default:
+            debug(1,"Unknown type of option!");
+            exit(1);
     }
     // echo "<pre>".print_r($list)."</pre>";