GEANT /
CAT
@@ -36,7 +36,7 @@ |
||
| 36 | 36 | * @return boolean |
| 37 | 37 | */ |
| 38 | 38 | |
| 39 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 39 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 40 | 40 | |
| 41 | 41 | // we are referring to $_SESSION later in the file |
| 42 | 42 | CAT_session_start(); |
@@ -23,54 +23,54 @@ |
||
| 23 | 23 | this is just an include file for Gui class definition |
| 24 | 24 | */ |
| 25 | 25 | $Faq = [ |
| 26 | - [ |
|
| 26 | + [ |
|
| 27 | 27 | 'id'=>'idp_not_listed', |
| 28 | 28 | 'title'=>_("My organisation is not listed. Can't I just use any of the other ones?"), |
| 29 | 29 | 'text'=>_("No! The installers contain security settings which are specific to the organisation. If you are not from that organisation, your device will detect that you are about to send your username and credential to an unauthorised server and will abort the login. Using an installer from a different organisation is <i>guaranteed to not work</i>!") |
| 30 | - ], |
|
| 31 | - [ |
|
| 30 | + ], |
|
| 31 | + [ |
|
| 32 | 32 | 'id'=>'idp_not_listed', |
| 33 | 33 | 'title'=>_("What can I do to get my organisation listed?"), |
| 34 | 34 | 'text'=>sprintf(_("Contact %s administrators within your organisation and request that they add their organisation to the system. It will take at most one hour of their time to get things done."),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
| 35 | 35 | ], |
| 36 | - [ |
|
| 36 | + [ |
|
| 37 | 37 | 'id'=>'device_not_listed', |
| 38 | 38 | 'title'=>sprintf(_("My device is not listed! Does that mean I can't do %s?"),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']), |
| 39 | 39 | 'text'=>sprintf(_("No. The CAT tool can only support Operating Systems which can be automatically configured in some way. Many other devices can still be used with %s, but must be configured manually. Please contact your organisation to get help in setting up such a device."),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
| 40 | - ], |
|
| 40 | + ], |
|
| 41 | 41 | |
| 42 | - [ |
|
| 42 | + [ |
|
| 43 | 43 | 'title'=>sprintf(_("I can connect to %s simply by providing username and password, what is the point of using an installer?"),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']), |
| 44 | 44 | 'text'=>sprintf(_("When you are connecting from an unconfigured device your security is at risk. The very point of preconfiguration is to set up security, when this is done, your device will first confirm that it talks to the correct authentication server and will never send your password to an untrusted one.")) |
| 45 | 45 | ], |
| 46 | - [ |
|
| 46 | + [ |
|
| 47 | 47 | 'title'=>sprintf(_("Is it safe to use %s installers?"),CONFIG['APPEARANCE']['productname']), |
| 48 | 48 | 'text'=>sprintf(_("%s installers configure security settings on your device, therefore you should be sure that you are using genuine ones."),CONFIG['APPEARANCE']['productname']).' '.( isset(CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name']) && CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name'] != "" ? sprintf(_("This is why %s installers are digitally signed by %s. Watch out for a system message confirming this."),CONFIG['APPEARANCE']['productname'],CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name']):""), |
| 49 | 49 | |
| 50 | 50 | ], |
| 51 | - [ |
|
| 51 | + [ |
|
| 52 | 52 | 'title'=>_("Windows 'SmartScreen' or 'Internet Explorer' tell me that the file is not commonly downloaded and possibly harmful. Should I be concerned?"), |
| 53 | 53 | 'text'=>_("Contrary to what the name suggests, 'SmartScreen' isn't actually very smart. The warning merely means that the file has not yet been downloaded by enough users to make Microsoft consider it popular (which would strangely enough make it be considered 'safe'). This message alone is not a security problem.")." ".(isset(CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name']) && CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name'] != "" ? sprintf(_("So long as the file is carrying a valid signature from %s, the download is safe."),CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name'])." ":"").sprintf(_("Please see also Microsoft's FAQ regarding SmartScreen at %s."),"<a href='http://windows.microsoft.com/en-US/windows7/SmartScreen-Filter-frequently-asked-questions-IE9?SignedIn=1'>Microsoft FAQ</a>") |
| 54 | 54 | |
| 55 | 55 | ], |
| 56 | - [ |
|
| 56 | + [ |
|
| 57 | 57 | 'title'=>sprintf(_("I can see %s network and my device is configured but it does not connect, what can be the cause?"),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']), |
| 58 | - 'text'=>sprintf(_("There can be a number of different reasons. The network you see may not be a genuine %s one and your device silently drops the connection attempt; there may be something wrong with the configuration of the network; your account may have expired; there may be a connection problem with your home authentication server; you may have broken the regulations of the network you are using and have been refused access as a consequence. You should contact your organisation and report the problem, the administrators should be able to trace your connections."),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
|
| 58 | + 'text'=>sprintf(_("There can be a number of different reasons. The network you see may not be a genuine %s one and your device silently drops the connection attempt; there may be something wrong with the configuration of the network; your account may have expired; there may be a connection problem with your home authentication server; you may have broken the regulations of the network you are using and have been refused access as a consequence. You should contact your organisation and report the problem, the administrators should be able to trace your connections."),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
|
| 59 | 59 | ], |
| 60 | - [ |
|
| 60 | + [ |
|
| 61 | 61 | 'id'=>'contact', |
| 62 | 62 | 'title'=>sprintf(_("I have a question about this web site. Whom should I contact?")), |
| 63 | 63 | 'text'=>sprintf(_("You should send a mail to %s."),CONFIG['APPEARANCE']['support-contact']['display']) |
| 64 | - ], |
|
| 64 | + ], |
|
| 65 | 65 | ]; |
| 66 | 66 | |
| 67 | 67 | if (CONFIG_CONFASSISTANT['CONSORTIUM']['name'] == "eduroam") { |
| 68 | 68 | $eduroamDb = new core\ExternalEduroamDBData(); |
| 69 | 69 | $SPs = $eduroamDb->allServiceProviders(); |
| 70 | - array_push($Faq, |
|
| 71 | - [ |
|
| 72 | - 'id'=>'what_is_'.CONFIG_CONFASSISTANT['CONSORTIUM']['name'], |
|
| 73 | - 'title'=>sprintf(_("What is this %s thing anyway?"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']), |
|
| 74 | - 'text'=>sprintf(_("%s is a global WiFi roaming consortium which gives members of education and research access to the internet <i>for free</i> on all %s hotspots on the planet. There are several million %s users already, enjoying free internet access on more than %d hotspots! Visit <a href='http://www.eduroam.org'>the %s homepage</a> or <a href='http://monitor.eduroam.org/map_service_loc.php'>the %s location map</a> for more details."),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'],CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'],CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $SPs, CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
|
| 75 | - ]); |
|
| 70 | + array_push($Faq, |
|
| 71 | + [ |
|
| 72 | + 'id'=>'what_is_'.CONFIG_CONFASSISTANT['CONSORTIUM']['name'], |
|
| 73 | + 'title'=>sprintf(_("What is this %s thing anyway?"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']), |
|
| 74 | + 'text'=>sprintf(_("%s is a global WiFi roaming consortium which gives members of education and research access to the internet <i>for free</i> on all %s hotspots on the planet. There are several million %s users already, enjoying free internet access on more than %d hotspots! Visit <a href='http://www.eduroam.org'>the %s homepage</a> or <a href='http://monitor.eduroam.org/map_service_loc.php'>the %s location map</a> for more details."),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'],CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'],CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $SPs, CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
|
| 75 | + ]); |
|
| 76 | 76 | } |
@@ -31,36 +31,36 @@ discard block |
||
| 31 | 31 | [ |
| 32 | 32 | 'id'=>'idp_not_listed', |
| 33 | 33 | 'title'=>_("What can I do to get my organisation listed?"), |
| 34 | - 'text'=>sprintf(_("Contact %s administrators within your organisation and request that they add their organisation to the system. It will take at most one hour of their time to get things done."),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
|
| 34 | + 'text'=>sprintf(_("Contact %s administrators within your organisation and request that they add their organisation to the system. It will take at most one hour of their time to get things done."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
|
| 35 | 35 | ], |
| 36 | 36 | [ |
| 37 | 37 | 'id'=>'device_not_listed', |
| 38 | - 'title'=>sprintf(_("My device is not listed! Does that mean I can't do %s?"),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']), |
|
| 39 | - 'text'=>sprintf(_("No. The CAT tool can only support Operating Systems which can be automatically configured in some way. Many other devices can still be used with %s, but must be configured manually. Please contact your organisation to get help in setting up such a device."),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
|
| 38 | + 'title'=>sprintf(_("My device is not listed! Does that mean I can't do %s?"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']), |
|
| 39 | + 'text'=>sprintf(_("No. The CAT tool can only support Operating Systems which can be automatically configured in some way. Many other devices can still be used with %s, but must be configured manually. Please contact your organisation to get help in setting up such a device."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
|
| 40 | 40 | ], |
| 41 | 41 | |
| 42 | 42 | [ |
| 43 | - 'title'=>sprintf(_("I can connect to %s simply by providing username and password, what is the point of using an installer?"),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']), |
|
| 43 | + 'title'=>sprintf(_("I can connect to %s simply by providing username and password, what is the point of using an installer?"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']), |
|
| 44 | 44 | 'text'=>sprintf(_("When you are connecting from an unconfigured device your security is at risk. The very point of preconfiguration is to set up security, when this is done, your device will first confirm that it talks to the correct authentication server and will never send your password to an untrusted one.")) |
| 45 | 45 | ], |
| 46 | 46 | [ |
| 47 | - 'title'=>sprintf(_("Is it safe to use %s installers?"),CONFIG['APPEARANCE']['productname']), |
|
| 48 | - 'text'=>sprintf(_("%s installers configure security settings on your device, therefore you should be sure that you are using genuine ones."),CONFIG['APPEARANCE']['productname']).' '.( isset(CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name']) && CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name'] != "" ? sprintf(_("This is why %s installers are digitally signed by %s. Watch out for a system message confirming this."),CONFIG['APPEARANCE']['productname'],CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name']):""), |
|
| 47 | + 'title'=>sprintf(_("Is it safe to use %s installers?"), CONFIG['APPEARANCE']['productname']), |
|
| 48 | + 'text'=>sprintf(_("%s installers configure security settings on your device, therefore you should be sure that you are using genuine ones."), CONFIG['APPEARANCE']['productname']).' '.(isset(CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name']) && CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name'] != "" ? sprintf(_("This is why %s installers are digitally signed by %s. Watch out for a system message confirming this."), CONFIG['APPEARANCE']['productname'], CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name']) : ""), |
|
| 49 | 49 | |
| 50 | 50 | ], |
| 51 | 51 | [ |
| 52 | 52 | 'title'=>_("Windows 'SmartScreen' or 'Internet Explorer' tell me that the file is not commonly downloaded and possibly harmful. Should I be concerned?"), |
| 53 | - 'text'=>_("Contrary to what the name suggests, 'SmartScreen' isn't actually very smart. The warning merely means that the file has not yet been downloaded by enough users to make Microsoft consider it popular (which would strangely enough make it be considered 'safe'). This message alone is not a security problem.")." ".(isset(CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name']) && CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name'] != "" ? sprintf(_("So long as the file is carrying a valid signature from %s, the download is safe."),CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name'])." ":"").sprintf(_("Please see also Microsoft's FAQ regarding SmartScreen at %s."),"<a href='http://windows.microsoft.com/en-US/windows7/SmartScreen-Filter-frequently-asked-questions-IE9?SignedIn=1'>Microsoft FAQ</a>") |
|
| 53 | + 'text'=>_("Contrary to what the name suggests, 'SmartScreen' isn't actually very smart. The warning merely means that the file has not yet been downloaded by enough users to make Microsoft consider it popular (which would strangely enough make it be considered 'safe'). This message alone is not a security problem.")." ".(isset(CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name']) && CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name'] != "" ? sprintf(_("So long as the file is carrying a valid signature from %s, the download is safe."), CONFIG_CONFASSISTANT['CONSORTIUM']['signer_name'])." " : "").sprintf(_("Please see also Microsoft's FAQ regarding SmartScreen at %s."), "<a href='http://windows.microsoft.com/en-US/windows7/SmartScreen-Filter-frequently-asked-questions-IE9?SignedIn=1'>Microsoft FAQ</a>") |
|
| 54 | 54 | |
| 55 | 55 | ], |
| 56 | 56 | [ |
| 57 | - 'title'=>sprintf(_("I can see %s network and my device is configured but it does not connect, what can be the cause?"),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']), |
|
| 58 | - 'text'=>sprintf(_("There can be a number of different reasons. The network you see may not be a genuine %s one and your device silently drops the connection attempt; there may be something wrong with the configuration of the network; your account may have expired; there may be a connection problem with your home authentication server; you may have broken the regulations of the network you are using and have been refused access as a consequence. You should contact your organisation and report the problem, the administrators should be able to trace your connections."),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
|
| 57 | + 'title'=>sprintf(_("I can see %s network and my device is configured but it does not connect, what can be the cause?"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']), |
|
| 58 | + 'text'=>sprintf(_("There can be a number of different reasons. The network you see may not be a genuine %s one and your device silently drops the connection attempt; there may be something wrong with the configuration of the network; your account may have expired; there may be a connection problem with your home authentication server; you may have broken the regulations of the network you are using and have been refused access as a consequence. You should contact your organisation and report the problem, the administrators should be able to trace your connections."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
|
| 59 | 59 | ], |
| 60 | 60 | [ |
| 61 | 61 | 'id'=>'contact', |
| 62 | 62 | 'title'=>sprintf(_("I have a question about this web site. Whom should I contact?")), |
| 63 | - 'text'=>sprintf(_("You should send a mail to %s."),CONFIG['APPEARANCE']['support-contact']['display']) |
|
| 63 | + 'text'=>sprintf(_("You should send a mail to %s."), CONFIG['APPEARANCE']['support-contact']['display']) |
|
| 64 | 64 | ], |
| 65 | 65 | ]; |
| 66 | 66 | |
@@ -71,6 +71,6 @@ discard block |
||
| 71 | 71 | [ |
| 72 | 72 | 'id'=>'what_is_'.CONFIG_CONFASSISTANT['CONSORTIUM']['name'], |
| 73 | 73 | 'title'=>sprintf(_("What is this %s thing anyway?"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']), |
| 74 | - 'text'=>sprintf(_("%s is a global WiFi roaming consortium which gives members of education and research access to the internet <i>for free</i> on all %s hotspots on the planet. There are several million %s users already, enjoying free internet access on more than %d hotspots! Visit <a href='http://www.eduroam.org'>the %s homepage</a> or <a href='http://monitor.eduroam.org/map_service_loc.php'>the %s location map</a> for more details."),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'],CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'],CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $SPs, CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
|
| 74 | + 'text'=>sprintf(_("%s is a global WiFi roaming consortium which gives members of education and research access to the internet <i>for free</i> on all %s hotspots on the planet. There are several million %s users already, enjoying free internet access on more than %d hotspots! Visit <a href='http://www.eduroam.org'>the %s homepage</a> or <a href='http://monitor.eduroam.org/map_service_loc.php'>the %s location map</a> for more details."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $SPs, CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) |
|
| 75 | 75 | ]); |
| 76 | 76 | } |
@@ -104,7 +104,7 @@ discard block |
||
| 104 | 104 | return $this->counter; |
| 105 | 105 | } |
| 106 | 106 | |
| 107 | - $cachedNumber = @file_get_contents(ROOT . "/var/tmp/cachedSPNumber.serialised"); |
|
| 107 | + $cachedNumber = @file_get_contents(ROOT."/var/tmp/cachedSPNumber.serialised"); |
|
| 108 | 108 | if ($cachedNumber !== FALSE) { |
| 109 | 109 | $numberData = unserialize($cachedNumber); |
| 110 | 110 | $now = new \DateTime(); |
@@ -119,7 +119,7 @@ discard block |
||
| 119 | 119 | while ($iterator = mysqli_fetch_object(/** @scrutinizer ignore-type */ $query)) { |
| 120 | 120 | $this->counter = $iterator->total; |
| 121 | 121 | } |
| 122 | - file_put_contents(ROOT . "/var/tmp/cachedSPNumber.serialised", serialize(["number" => $this->counter, "timestamp" => new \DateTime()])); |
|
| 122 | + file_put_contents(ROOT."/var/tmp/cachedSPNumber.serialised", serialize(["number" => $this->counter, "timestamp" => new \DateTime()])); |
|
| 123 | 123 | } |
| 124 | 124 | } |
| 125 | 125 | |
@@ -29,7 +29,7 @@ discard block |
||
| 29 | 29 | |
| 30 | 30 | use Exception; |
| 31 | 31 | |
| 32 | -require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php"; |
|
| 32 | +require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php"; |
|
| 33 | 33 | |
| 34 | 34 | /** |
| 35 | 35 | * This class defines the various actions doable with the admin API, the |
@@ -244,7 +244,7 @@ discard block |
||
| 244 | 244 | const ACTIONS = [ |
| 245 | 245 | // Inst-level actions. |
| 246 | 246 | API::ACTION_NEWINST_BY_REF => [ |
| 247 | - "REQ" => [API::AUXATTRIB_EXTERNALID,], |
|
| 247 | + "REQ" => [API::AUXATTRIB_EXTERNALID, ], |
|
| 248 | 248 | "OPT" => [ |
| 249 | 249 | 'general:geo_coordinates', |
| 250 | 250 | 'general:logo_file', |
@@ -555,8 +555,8 @@ discard block |
||
| 555 | 555 | |
| 556 | 556 | case \core\Options::TYPECODE_COORDINATES: |
| 557 | 557 | $extension = \core\Options::TYPECODE_TEXT; |
| 558 | - $coercedInline["option"][$basename] = $oneAttrib['NAME'] . "#"; |
|
| 559 | - $coercedInline["value"][$basename . "-" . $extension] = $oneAttrib['VALUE']; |
|
| 558 | + $coercedInline["option"][$basename] = $oneAttrib['NAME']."#"; |
|
| 559 | + $coercedInline["value"][$basename."-".$extension] = $oneAttrib['VALUE']; |
|
| 560 | 560 | break; |
| 561 | 561 | case \core\Options::TYPECODE_TEXT: |
| 562 | 562 | // Fall-through: they all get the same treatment. |
@@ -566,18 +566,18 @@ discard block |
||
| 566 | 566 | // Fall-through: they all get the same treatment. |
| 567 | 567 | case \core\Options::TYPECODE_INTEGER: |
| 568 | 568 | $extension = $optionInfo['type']; |
| 569 | - $coercedInline["option"][$basename] = $oneAttrib['NAME'] . "#"; |
|
| 570 | - $coercedInline["value"][$basename . "-" . $extension] = $oneAttrib['VALUE']; |
|
| 569 | + $coercedInline["option"][$basename] = $oneAttrib['NAME']."#"; |
|
| 570 | + $coercedInline["value"][$basename."-".$extension] = $oneAttrib['VALUE']; |
|
| 571 | 571 | if ($optionInfo['flag'] == "ML") { |
| 572 | - $coercedInline["value"][$basename . "-lang"] = $oneAttrib['LANG']; |
|
| 572 | + $coercedInline["value"][$basename."-lang"] = $oneAttrib['LANG']; |
|
| 573 | 573 | } |
| 574 | 574 | break; |
| 575 | 575 | case \core\Options::TYPECODE_FILE: |
| 576 | 576 | // Binary data is expected in base64 encoding. This is true also for PEM files! |
| 577 | 577 | $extension = $optionInfo['type']; |
| 578 | - $coercedInline["option"][$basename] = $oneAttrib['NAME'] . "#"; |
|
| 579 | - file_put_contents($dir['dir'] . "/" . $basename . "-" . $extension, base64_decode($oneAttrib['VALUE'])); |
|
| 580 | - $coercedFile["value"]['tmp_name'][$basename . "-" . $extension] = $dir['dir'] . "/" . $basename . "-" . $extension; |
|
| 578 | + $coercedInline["option"][$basename] = $oneAttrib['NAME']."#"; |
|
| 579 | + file_put_contents($dir['dir']."/".$basename."-".$extension, base64_decode($oneAttrib['VALUE'])); |
|
| 580 | + $coercedFile["value"]['tmp_name'][$basename."-".$extension] = $dir['dir']."/".$basename."-".$extension; |
|
| 581 | 581 | break; |
| 582 | 582 | default: |
| 583 | 583 | throw new Exception("We don't seem to know this type code!"); |
@@ -606,7 +606,7 @@ discard block |
||
| 606 | 606 | public function returnSuccess($details) { |
| 607 | 607 | $output = json_encode(["result" => "SUCCESS", "details" => $details], JSON_PRETTY_PRINT); |
| 608 | 608 | if ($output === FALSE) { |
| 609 | - $this->returnError(API::ERROR_INTERNAL_ERROR, "Unable to JSON encode return data: ". json_last_error(). " - ". json_last_error_msg()); |
|
| 609 | + $this->returnError(API::ERROR_INTERNAL_ERROR, "Unable to JSON encode return data: ".json_last_error()." - ".json_last_error_msg()); |
|
| 610 | 610 | } |
| 611 | 611 | else { |
| 612 | 612 | echo $output; |
@@ -607,8 +607,7 @@ |
||
| 607 | 607 | $output = json_encode(["result" => "SUCCESS", "details" => $details], JSON_PRETTY_PRINT); |
| 608 | 608 | if ($output === FALSE) { |
| 609 | 609 | $this->returnError(API::ERROR_INTERNAL_ERROR, "Unable to JSON encode return data: ". json_last_error(). " - ". json_last_error_msg()); |
| 610 | - } |
|
| 611 | - else { |
|
| 610 | + } else { |
|
| 612 | 611 | echo $output; |
| 613 | 612 | } |
| 614 | 613 | } |
@@ -236,7 +236,7 @@ |
||
| 236 | 236 | const AUXATTRIB_SB_USERNAME = "ATTRIB-MANAGED-USERNAME"; |
| 237 | 237 | const AUXATTRIB_SB_USERID = "ATTRIB-MANAGED-USERID"; |
| 238 | 238 | const AUXATTRIB_SB_CERTSERIAL = "ATTRIB-MANAGED-CERTSERIAL"; |
| 239 | - const AUXATTRIB_SB_CERTCN = "ATTRIB-MANAGED-CERTCN"; |
|
| 239 | + const AUXATTRIB_SB_CERTCN = "ATTRIB-MANAGED-CERTCN"; |
|
| 240 | 240 | const AUXATTRIB_SB_CERTANNOTATION = "ATTRIB-MANAGED-CERTANNOTATION"; |
| 241 | 241 | const AUXATTRIB_SB_EXPIRY = "ATTRIB-MANAGED-EXPIRY"; /* MySQL timestamp format */ |
| 242 | 242 | const AUXATTRIB_TOKEN = "ATTRIB-TOKEN"; |
@@ -19,7 +19,7 @@ discard block |
||
| 19 | 19 | * <base_url>/copyright.php after deploying the software |
| 20 | 20 | */ |
| 21 | 21 | |
| 22 | -require_once dirname(dirname(__DIR__)) . '/config/_config.php'; |
|
| 22 | +require_once dirname(dirname(__DIR__)).'/config/_config.php'; |
|
| 23 | 23 | |
| 24 | 24 | $uiElements = new web\lib\admin\UIElements(); |
| 25 | 25 | |
@@ -75,7 +75,7 @@ discard block |
||
| 75 | 75 | // filesystem cleanup |
| 76 | 76 | case web\lib\common\FormElements::BUTTON_DELETE: |
| 77 | 77 | $i = web\lib\admin\Maintenance::deleteObsoleteTempDirs(); |
| 78 | - echo "<div class='ca-summary'><table>" . $uiElements->boxRemark(sprintf("Deleted %d cache directories.", $i), "Cache deleted") . "</table></div>"; |
|
| 78 | + echo "<div class='ca-summary'><table>".$uiElements->boxRemark(sprintf("Deleted %d cache directories.", $i), "Cache deleted")."</table></div>"; |
|
| 79 | 79 | break; |
| 80 | 80 | default: |
| 81 | 81 | break; |
@@ -141,7 +141,7 @@ discard block |
||
| 141 | 141 | $admin_query = $dbHandle->exec("SELECT SUM(downloads_admin) AS admin, SUM(downloads_user) AS user, SUM(downloads_silverbullet) as silverbullet FROM downloads WHERE device_id = '$index'"); |
| 142 | 142 | // SELECT -> mysqli_result, not boolean |
| 143 | 143 | while ($a = mysqli_fetch_object(/** @scrutinizer ignore-type */ $admin_query)) { |
| 144 | - echo "<td>" . $device_array['display'] . "</td><td>" . $a->admin . "</td><td>" . $a->user . "</td><td>" . $a->silverbullet . "</td><td>" . sprintf("%s", $a->user + $a->silverbullet) . "</td>"; |
|
| 144 | + echo "<td>".$device_array['display']."</td><td>".$a->admin."</td><td>".$a->user."</td><td>".$a->silverbullet."</td><td>".sprintf("%s", $a->user + $a->silverbullet)."</td>"; |
|
| 145 | 145 | $gross_admin = $gross_admin + $a->admin; |
| 146 | 146 | $gross_user = $gross_user + $a->user; |
| 147 | 147 | $gross_silverbullet = $gross_silverbullet + $a->silverbullet; |
@@ -116,16 +116,16 @@ |
||
| 116 | 116 | 'server_suffix' => '.hosted.eduroam.org', |
| 117 | 117 | 'gracetime' => 90, |
| 118 | 118 | 'CA' => ["type" => "embedded"], # OCSP URL needs to be configured in openssl.cnf |
| 119 | - # 'CA' => ["type" => "DFN", "SOAP_API_ENDPOINT" => "http://no.idea.where/"], |
|
| 119 | + # 'CA' => ["type" => "DFN", "SOAP_API_ENDPOINT" => "http://no.idea.where/"], |
|
| 120 | 120 | |
| 121 | 121 | ], |
| 122 | 122 | |
| 123 | 123 | /** |
| 124 | - * Lists the RADIUS servers. They have a built-in DB to log auth requests. |
|
| 125 | - * We need to query those to get auth stats for silverbullet admins |
|
| 126 | - * |
|
| 127 | - * @var array |
|
| 128 | - */ |
|
| 124 | + * Lists the RADIUS servers. They have a built-in DB to log auth requests. |
|
| 125 | + * We need to query those to get auth stats for silverbullet admins |
|
| 126 | + * |
|
| 127 | + * @var array |
|
| 128 | + */ |
|
| 129 | 129 | 'DB' => [ |
| 130 | 130 | // names don't matter - the source code will iterate through |
| 131 | 131 | // all entries |
@@ -134,13 +134,13 @@ |
||
| 134 | 134 | 'db' => 'radacct', |
| 135 | 135 | 'user' => 'someuser', |
| 136 | 136 | 'pass' => 'somepass', |
| 137 | - 'readonly' => TRUE,], |
|
| 137 | + 'readonly' => TRUE, ], |
|
| 138 | 138 | 'RADIUS_2' => [ |
| 139 | 139 | 'host' => 'auth-2.hosted.eduroam.org', |
| 140 | 140 | 'db' => 'radacct', |
| 141 | 141 | 'user' => 'someuser', |
| 142 | 142 | 'pass' => 'somepass', |
| 143 | - 'readonly' => TRUE,], |
|
| 143 | + 'readonly' => TRUE, ], |
|
| 144 | 144 | ], |
| 145 | 145 | |
| 146 | 146 | /** |
@@ -9,7 +9,7 @@ discard block |
||
| 9 | 9 | * ****************************************************************************** |
| 10 | 10 | */ |
| 11 | 11 | |
| 12 | -require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php"; |
|
| 12 | +require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php"; |
|
| 13 | 13 | |
| 14 | 14 | $auth = new \web\lib\admin\Authentication(); |
| 15 | 15 | $auth->authenticate(); |
@@ -22,30 +22,30 @@ discard block |
||
| 22 | 22 | |
| 23 | 23 | ?> |
| 24 | 24 | |
| 25 | -<h1><?php echo _("User Authentication Records");?></h1> |
|
| 26 | -<p><?php echo _("Note that:");?></p> |
|
| 25 | +<h1><?php echo _("User Authentication Records"); ?></h1> |
|
| 26 | +<p><?php echo _("Note that:"); ?></p> |
|
| 27 | 27 | <ul> |
| 28 | - <li><?php echo _("Authentication records are deleted after six months retention time");?></li> |
|
| 29 | - <li><?php echo _("Operator Domain is based on the RADIUS attribute 'Operator-Name' and not sent by all hotspots");?></li> |
|
| 30 | - <li><?php echo _("Different MAC addresses per credential may be due to MAC Address randomisation in recent operating systems");?></li> |
|
| 28 | + <li><?php echo _("Authentication records are deleted after six months retention time"); ?></li> |
|
| 29 | + <li><?php echo _("Operator Domain is based on the RADIUS attribute 'Operator-Name' and not sent by all hotspots"); ?></li> |
|
| 30 | + <li><?php echo _("Different MAC addresses per credential may be due to MAC Address randomisation in recent operating systems"); ?></li> |
|
| 31 | 31 | </ul> |
| 32 | 32 | <table class='authrecord'> |
| 33 | 33 | <tr> |
| 34 | - <td><strong><?php echo _("Timestamp");?></strong></td> |
|
| 35 | - <td><strong><?php echo _("Credential");?></strong></td> |
|
| 36 | - <td><strong><?php echo _("MAC Address");?></strong></td> |
|
| 37 | - <td><strong><?php echo _("Result");?></strong></td> |
|
| 38 | - <td><strong><?php echo _("Operator Domain");?></strong></td> |
|
| 34 | + <td><strong><?php echo _("Timestamp"); ?></strong></td> |
|
| 35 | + <td><strong><?php echo _("Credential"); ?></strong></td> |
|
| 36 | + <td><strong><?php echo _("MAC Address"); ?></strong></td> |
|
| 37 | + <td><strong><?php echo _("Result"); ?></strong></td> |
|
| 38 | + <td><strong><?php echo _("Operator Domain"); ?></strong></td> |
|
| 39 | 39 | </tr> |
| 40 | 40 | <?php |
| 41 | 41 | $userAuthData = $profile->getUserAuthRecords($userInt); |
| 42 | 42 | foreach ($userAuthData as $oneRecord) { |
| 43 | - echo "<tr class='".($oneRecord['RESULT'] == "Access-Accept" ? "auth-success" : "auth-fail" )."'>" |
|
| 43 | + echo "<tr class='".($oneRecord['RESULT'] == "Access-Accept" ? "auth-success" : "auth-fail")."'>" |
|
| 44 | 44 | . "<td>".$oneRecord['TIMESTAMP']."</td>" |
| 45 | - . "<td>".substr_replace($oneRecord['CN'], "@…", strpos($oneRecord['CN'],"@"))."</td>" |
|
| 45 | + . "<td>".substr_replace($oneRecord['CN'], "@…", strpos($oneRecord['CN'], "@"))."</td>" |
|
| 46 | 46 | . "<td>".$oneRecord['MAC']."</td>" |
| 47 | 47 | . "<td>".($oneRecord['RESULT'] == "Access-Accept" ? _("Success") : _("Failure"))."</td>" |
| 48 | - . "<td>".substr($oneRecord['OPERATOR'] ?? "1(unknown)",1)."</td>" |
|
| 48 | + . "<td>".substr($oneRecord['OPERATOR'] ?? "1(unknown)", 1)."</td>" |
|
| 49 | 49 | . "</tr>"; |
| 50 | 50 | } |
| 51 | 51 | ?> |
@@ -37,7 +37,7 @@ discard block |
||
| 37 | 37 | */ |
| 38 | 38 | private function inputValidationError($customtext) { |
| 39 | 39 | \core\common\Entity::intoThePotatoes(); |
| 40 | - $retval = "<p>" . _("Input validation error: ") . $customtext . "</p>"; |
|
| 40 | + $retval = "<p>"._("Input validation error: ").$customtext."</p>"; |
|
| 41 | 41 | \core\common\Entity::outOfThePotatoes(); |
| 42 | 42 | return $retval; |
| 43 | 43 | } |
@@ -149,7 +149,7 @@ discard block |
||
| 149 | 149 | */ |
| 150 | 150 | public function string($input, $allowWhitespace = FALSE) { |
| 151 | 151 | // always chop out invalid characters, and surrounding whitespace |
| 152 | - $retvalStep0 = iconv("UTF-8", "UTF-8//TRANSLIT", $input); |
|
| 152 | + $retvalStep0 = iconv("UTF-8", "UTF-8//TRANSLIT", $input); |
|
| 153 | 153 | if ($retvalStep0 === FALSE) { |
| 154 | 154 | throw new Exception("iconv failure for string sanitisation. With TRANSLIT, this should never happen!"); |
| 155 | 155 | } |
@@ -457,7 +457,7 @@ discard block |
||
| 457 | 457 | try { |
| 458 | 458 | $image->readImageBlob($binary); |
| 459 | 459 | } catch (\ImagickException $exception) { |
| 460 | - echo "Error" . $exception->getMessage(); |
|
| 460 | + echo "Error".$exception->getMessage(); |
|
| 461 | 461 | return FALSE; |
| 462 | 462 | } |
| 463 | 463 | // image survived the sanity check |
@@ -90,7 +90,7 @@ discard block |
||
| 90 | 90 | |
| 91 | 91 | // realm is automatically calculated, then stored in DB |
| 92 | 92 | |
| 93 | - $this->realm = "opaquehash@$myInst->identifier-$this->identifier." . strtolower($myInst->federation) . CONFIG_CONFASSISTANT['SILVERBULLET']['realm_suffix']; |
|
| 93 | + $this->realm = "opaquehash@$myInst->identifier-$this->identifier.".strtolower($myInst->federation).CONFIG_CONFASSISTANT['SILVERBULLET']['realm_suffix']; |
|
| 94 | 94 | $localValueIfAny = ""; |
| 95 | 95 | |
| 96 | 96 | // but there's some common internal attributes populated directly |
@@ -107,11 +107,11 @@ discard block |
||
| 107 | 107 | |
| 108 | 108 | // and we need to populate eap:server_name and eap:ca_file with the NRO-specific EAP information |
| 109 | 109 | $silverbulletAttributes = [ |
| 110 | - "eap:server_name" => "auth." . strtolower($myFed->tld) . CONFIG_CONFASSISTANT['SILVERBULLET']['server_suffix'], |
|
| 110 | + "eap:server_name" => "auth.".strtolower($myFed->tld).CONFIG_CONFASSISTANT['SILVERBULLET']['server_suffix'], |
|
| 111 | 111 | ]; |
| 112 | 112 | $temp = array_merge($this->addInternalAttributes($internalAttributes), $this->addInternalAttributes($silverbulletAttributes)); |
| 113 | 113 | $x509 = new \core\common\X509(); |
| 114 | - $caHandle = fopen(dirname(__FILE__) . "/../config/SilverbulletServerCerts/" . strtoupper($myFed->tld) . "/root.pem", "r"); |
|
| 114 | + $caHandle = fopen(dirname(__FILE__)."/../config/SilverbulletServerCerts/".strtoupper($myFed->tld)."/root.pem", "r"); |
|
| 115 | 115 | if ($caHandle !== FALSE) { |
| 116 | 116 | $cAFile = fread($caHandle, 16000000); |
| 117 | 117 | foreach ($x509->splitCertificate($cAFile) as $oneCa) { |
@@ -132,26 +132,26 @@ discard block |
||
| 132 | 132 | $this->loggerInstance->debug(3, "--- END Constructing new Profile object ... ---\n"); |
| 133 | 133 | |
| 134 | 134 | $this->termsAndConditions = "<h2>Product Definition</h2> |
| 135 | - <p>" . \core\ProfileSilverbullet::PRODUCTNAME . " outsources the technical setup of " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] . " " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . " functions to the " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] . " Operations Team. The system includes</p> |
|
| 135 | + <p>" . \core\ProfileSilverbullet::PRODUCTNAME." outsources the technical setup of ".CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']." ".CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution']." functions to the ".CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']." Operations Team. The system includes</p> |
|
| 136 | 136 | <ul> |
| 137 | 137 | <li>a web-based user management interface where user accounts and access credentials can be created and revoked (there is a limit to the number of active users)</li> |
| 138 | 138 | <li>a technical infrastructure ('CA') which issues and revokes credentials</li> |
| 139 | - <li>a technical infrastructure ('RADIUS') which verifies access credentials and subsequently grants access to " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] . "</li> |
|
| 139 | + <li>a technical infrastructure ('RADIUS') which verifies access credentials and subsequently grants access to " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']."</li> |
|
| 140 | 140 | </ul> |
| 141 | 141 | <h2>User Account Liability</h2> |
| 142 | - <p>As an " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] . " " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . " administrator using this system, you are authorized to create user accounts according to your local " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . " policy. You are fully responsible for the accounts you issue and are the data controller for all user information you deposit in this system; the system is a data processor.</p>"; |
|
| 142 | + <p>As an " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']." ".CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution']." administrator using this system, you are authorized to create user accounts according to your local ".CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution']." policy. You are fully responsible for the accounts you issue and are the data controller for all user information you deposit in this system; the system is a data processor.</p>"; |
|
| 143 | 143 | $this->termsAndConditions .= "<p>Your responsibilities include that you</p> |
| 144 | 144 | <ul> |
| 145 | - <li>only issue accounts to members of your " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . ", as defined by your local policy.</li> |
|
| 145 | + <li>only issue accounts to members of your " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'].", as defined by your local policy.</li> |
|
| 146 | 146 | <li>must make sure that all accounts that you issue can be linked by you to actual human end users</li> |
| 147 | - <li>have to immediately revoke accounts of users when they leave or otherwise stop being a member of your " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . "</li> |
|
| 147 | + <li>have to immediately revoke accounts of users when they leave or otherwise stop being a member of your " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution']."</li> |
|
| 148 | 148 | <li>will act upon notifications about possible network abuse by your users and will appropriately sanction them</li> |
| 149 | 149 | </ul> |
| 150 | 150 | <p>"; |
| 151 | - $this->termsAndConditions .= "Failure to comply with these requirements may make your " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_federation'] . " act on your behalf, which you authorise, and will ultimately lead to the deletion of your " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . " (and all the users you create inside) in this system."; |
|
| 151 | + $this->termsAndConditions .= "Failure to comply with these requirements may make your ".CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_federation']." act on your behalf, which you authorise, and will ultimately lead to the deletion of your ".CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution']." (and all the users you create inside) in this system."; |
|
| 152 | 152 | $this->termsAndConditions .= "</p> |
| 153 | 153 | <h2>Privacy</h2> |
| 154 | - <p>With " . \core\ProfileSilverbullet::PRODUCTNAME . ", we are necessarily storing personally identifiable information about the end users you create. While the actual human is only identifiable with your help, we consider all the user data as relevant in terms of privacy jurisdiction. Please note that</p> |
|
| 154 | + <p>With " . \core\ProfileSilverbullet::PRODUCTNAME.", we are necessarily storing personally identifiable information about the end users you create. While the actual human is only identifiable with your help, we consider all the user data as relevant in terms of privacy jurisdiction. Please note that</p> |
|
| 155 | 155 | <ul> |
| 156 | 156 | <li>You are the only one who needs to be able to make a link to the human behind the usernames you create. The usernames you create in the system have to be rich enough to allow you to make that identification step. Also consider situations when you are unavailable or leave the organisation and someone else needs to perform the matching to an individual.</li> |
| 157 | 157 | <li>The identifiers we create in the credentials are not linked to the usernames you add to the system; they are randomly generated pseudonyms.</li> |
@@ -254,7 +254,7 @@ discard block |
||
| 254 | 254 | if (empty($certNames)) { |
| 255 | 255 | return []; |
| 256 | 256 | } |
| 257 | - $namesCondensed = "'" . implode("' OR username = '", $certNames) . "'"; |
|
| 257 | + $namesCondensed = "'".implode("' OR username = '", $certNames)."'"; |
|
| 258 | 258 | $serverHandles = DBConnection::handle("RADIUS"); |
| 259 | 259 | $returnarray = []; |
| 260 | 260 | foreach ($serverHandles as $oneDbServer) { |
