GEANT /
CAT
@@ -17,9 +17,9 @@ discard block |
||
| 17 | 17 | class CertificationAuthorityEduPki extends EntityWithDBProperties implements CertificationAuthorityInterface |
| 18 | 18 | { |
| 19 | 19 | |
| 20 | - private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | - private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | - private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 20 | + private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | + private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | + private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 23 | 23 | private const EDUPKI_RA_ID = 700; |
| 24 | 24 | private const EDUPKI_CERT_PROFILE = "User SOAP"; |
| 25 | 25 | private const EDUPKI_RA_PKEY_PASSPHRASE = "..."; |
@@ -35,13 +35,13 @@ discard block |
||
| 35 | 35 | parent::__construct(); |
| 36 | 36 | |
| 37 | 37 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_CERT) === FALSE) { |
| 38 | - throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 38 | + throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 39 | 39 | } |
| 40 | 40 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_KEY) === FALSE) { |
| 41 | - throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 41 | + throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 42 | 42 | } |
| 43 | 43 | if (stat(CertificationAuthorityEduPki::LOCATION_WEBROOT) === FALSE) { |
| 44 | - throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 44 | + throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 45 | 45 | } |
| 46 | 46 | } |
| 47 | 47 | |
@@ -75,19 +75,19 @@ discard block |
||
| 75 | 75 | // initialise connection to eduPKI CA / eduroam RA and send the request to them |
| 76 | 76 | try { |
| 77 | 77 | $altArray = [# Array mit den Subject Alternative Names |
| 78 | - "email:" . $csr["USERNAME"] |
|
| 78 | + "email:".$csr["USERNAME"] |
|
| 79 | 79 | ]; |
| 80 | 80 | $soapPub = $this->initEduPKISoapSession("PUBLIC"); |
| 81 | 81 | $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n"); |
| 82 | - $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPki::EDUPKI_RA_ID . "\n"); |
|
| 83 | - $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n"); |
|
| 82 | + $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPki::EDUPKI_RA_ID."\n"); |
|
| 83 | + $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n"); |
|
| 84 | 84 | $this->loggerInstance->debug(5, "PARAM_3: "); |
| 85 | 85 | $this->loggerInstance->debug(5, $altArray); |
| 86 | - $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE . "\n"); |
|
| 87 | - $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n"); |
|
| 88 | - $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n"); |
|
| 89 | - $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERNAME"] . "\n"); |
|
| 90 | - $this->loggerInstance->debug(5, "PARAM_8: " . \config\ConfAssistant::SILVERBULLET['product_name'] . "\n"); |
|
| 86 | + $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE."\n"); |
|
| 87 | + $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n"); |
|
| 88 | + $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n"); |
|
| 89 | + $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERNAME"]."\n"); |
|
| 90 | + $this->loggerInstance->debug(5, "PARAM_8: ".\config\ConfAssistant::SILVERBULLET['product_name']."\n"); |
|
| 91 | 91 | $this->loggerInstance->debug(5, "PARAM_9: false\n"); |
| 92 | 92 | $soapNewRequest = $soapPub->newRequest( |
| 93 | 93 | CertificationAuthorityEduPki::EDUPKI_RA_ID, # RA-ID |
@@ -109,11 +109,11 @@ discard block |
||
| 109 | 109 | } catch (Exception $e) { |
| 110 | 110 | // PHP 7.1 can do this much better |
| 111 | 111 | if (is_soap_fault($e)) { |
| 112 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: { |
|
| 112 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: { |
|
| 113 | 113 | $e->faultstring |
| 114 | 114 | }\n"); |
| 115 | 115 | } |
| 116 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 116 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 117 | 117 | } |
| 118 | 118 | try { |
| 119 | 119 | $soap = $this->initEduPKISoapSession("RA"); |
@@ -125,8 +125,8 @@ discard block |
||
| 125 | 125 | $soapReqnum, [ |
| 126 | 126 | "RaID" => CertificationAuthorityEduPki::EDUPKI_RA_ID, |
| 127 | 127 | "Role" => CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE, |
| 128 | - "Subject" => "DC=eduroam,DC=test,DC=test,C=" . $csr["FED"] . ",O=" . \config\ConfAssistant::CONSORTIUM['name'] . ",OU=" . $csr["FED"] . ",CN=" . $csr['USERNAME'] . ",emailAddress=" . $csr['USERNAME'], |
|
| 129 | - "SubjectAltNames" => ["email:" . $csr["USERNAME"]], |
|
| 128 | + "Subject" => "DC=eduroam,DC=test,DC=test,C=".$csr["FED"].",O=".\config\ConfAssistant::CONSORTIUM['name'].",OU=".$csr["FED"].",CN=".$csr['USERNAME'].",emailAddress=".$csr['USERNAME'], |
|
| 129 | + "SubjectAltNames" => ["email:".$csr["USERNAME"]], |
|
| 130 | 130 | "NotBefore" => (new \DateTime())->format('c'), |
| 131 | 131 | "NotAfter" => $expiry->format('c'), |
| 132 | 132 | ] |
@@ -145,7 +145,7 @@ discard block |
||
| 145 | 145 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 146 | 146 | // rather than just using the string. Grr. |
| 147 | 147 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 148 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext); |
|
| 148 | + file_put_contents($tempdir['dir']."/content.txt", $soapCleartext); |
|
| 149 | 149 | // retrieve our RA cert from filesystem |
| 150 | 150 | // the RA certificates are not needed right now because we |
| 151 | 151 | // have resorted to S/MIME signatures with openssl command-line |
@@ -157,7 +157,7 @@ discard block |
||
| 157 | 157 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 158 | 158 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 159 | 159 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n $soapCleartext\n"); |
| 160 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 160 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 161 | 161 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 162 | 162 | $output = []; |
| 163 | 163 | $return = 999; |
@@ -166,14 +166,14 @@ discard block |
||
| 166 | 166 | throw new Exception("Non-zero return value from openssl smime!"); |
| 167 | 167 | } |
| 168 | 168 | // and get the signature blob back from the filesystem |
| 169 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 169 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 170 | 170 | $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n"); |
| 171 | - $this->loggerInstance->debug(5, $soapReqnum . "\n"); |
|
| 172 | - $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending! |
|
| 173 | - $this->loggerInstance->debug(5, $detachedSig . "\n"); |
|
| 171 | + $this->loggerInstance->debug(5, $soapReqnum."\n"); |
|
| 172 | + $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending! |
|
| 173 | + $this->loggerInstance->debug(5, $detachedSig."\n"); |
|
| 174 | 174 | $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig); |
| 175 | - $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest()); |
|
| 176 | - $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse()); |
|
| 175 | + $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest()); |
|
| 176 | + $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse()); |
|
| 177 | 177 | if ($soapIssueCert === FALSE) { |
| 178 | 178 | throw new Exception("The locally approved request was NOT processed by the CA."); |
| 179 | 179 | } |
@@ -210,9 +210,9 @@ discard block |
||
| 210 | 210 | throw new Exception("CAInfo has no root certificate for us!"); |
| 211 | 211 | } |
| 212 | 212 | } catch (SoapFault $e) { |
| 213 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 213 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 214 | 214 | } catch (Exception $e) { |
| 215 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 215 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 216 | 216 | } |
| 217 | 217 | return [ |
| 218 | 218 | "CERT" => openssl_x509_read($parsedCert['pem']), |
@@ -245,12 +245,12 @@ discard block |
||
| 245 | 245 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 246 | 246 | // rather than just using the string. Grr. |
| 247 | 247 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 248 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest); |
|
| 248 | + file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest); |
|
| 249 | 249 | // retrieve our RA cert from filesystem |
| 250 | 250 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 251 | 251 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 252 | 252 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n"); |
| 253 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPki::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 253 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPki::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 254 | 254 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 255 | 255 | $output = []; |
| 256 | 256 | $return = 999; |
@@ -259,7 +259,7 @@ discard block |
||
| 259 | 259 | throw new Exception("Non-zero return value from openssl smime!"); |
| 260 | 260 | } |
| 261 | 261 | // and get the signature blob back from the filesystem |
| 262 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 262 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 263 | 263 | $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig); |
| 264 | 264 | if ($soapIssueRev === FALSE) { |
| 265 | 265 | throw new Exception("The locally approved revocation request was NOT processed by the CA."); |
@@ -267,9 +267,9 @@ discard block |
||
| 267 | 267 | } catch (Exception $e) { |
| 268 | 268 | // PHP 7.1 can do this much better |
| 269 | 269 | if (is_soap_fault($e)) { |
| 270 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n"); |
|
| 270 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n"); |
|
| 271 | 271 | } |
| 272 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 272 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 273 | 273 | } |
| 274 | 274 | } |
| 275 | 275 | |
@@ -369,9 +369,9 @@ discard block |
||
| 369 | 369 | */ |
| 370 | 370 | public function soapToXmlInteger($x) |
| 371 | 371 | { |
| 372 | - return '<' . $x[0] . '>' |
|
| 372 | + return '<'.$x[0].'>' |
|
| 373 | 373 | . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1) |
| 374 | - . '</' . $x[0] . '>'; |
|
| 374 | + . '</'.$x[0].'>'; |
|
| 375 | 375 | } |
| 376 | 376 | |
| 377 | 377 | /** |
@@ -390,9 +390,9 @@ discard block |
||
| 390 | 390 | // dump private key into directory |
| 391 | 391 | $outstring = ""; |
| 392 | 392 | openssl_pkey_export($privateKey, $outstring); |
| 393 | - file_put_contents($tempdir . "/pkey.pem", $outstring); |
|
| 393 | + file_put_contents($tempdir."/pkey.pem", $outstring); |
|
| 394 | 394 | // PHP can only do one DC in the Subject. But we need three. |
| 395 | - $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 395 | + $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 396 | 396 | $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n"); |
| 397 | 397 | $output = []; |
| 398 | 398 | $return = 999; |
@@ -270,7 +270,7 @@ discard block |
||
| 270 | 270 | $serverCandidates[IdPlist::geoDistance($adminLocation, ['lat' => $iterator->location_lat, 'lon' => $iterator->location_lon])] = $iterator->server_id; |
| 271 | 271 | } |
| 272 | 272 | if ($clients > $maxSupportedClients * 0.9) { |
| 273 | - $this->loggerInstance->debug(1, "A RADIUS server for Managed SP (" . $iterator->server_id . ") is serving at more than 90% capacity!"); |
|
| 273 | + $this->loggerInstance->debug(1, "A RADIUS server for Managed SP (".$iterator->server_id.") is serving at more than 90% capacity!"); |
|
| 274 | 274 | } |
| 275 | 275 | } |
| 276 | 276 | if (count($serverCandidates) == 0 && $federation != "DEFAULT") { |
@@ -307,7 +307,7 @@ discard block |
||
| 307 | 307 | $foundFreePort1 = 0; |
| 308 | 308 | while ($foundFreePort1 == 0) { |
| 309 | 309 | $portCandidate = random_int(1200, 65535); |
| 310 | - $check = $this->databaseHandle->exec("SELECT port_instance_1 FROM deployment WHERE radius_instance_1 = '" . $ourserver . "' AND port_instance_1 = $portCandidate"); |
|
| 310 | + $check = $this->databaseHandle->exec("SELECT port_instance_1 FROM deployment WHERE radius_instance_1 = '".$ourserver."' AND port_instance_1 = $portCandidate"); |
|
| 311 | 311 | if (mysqli_num_rows(/** @scrutinizer ignore-type */ $check) == 0) { |
| 312 | 312 | $foundFreePort1 = $portCandidate; |
| 313 | 313 | } |
@@ -316,14 +316,14 @@ discard block |
||
| 316 | 316 | $foundFreePort2 = 0; |
| 317 | 317 | while ($foundFreePort2 == 0) { |
| 318 | 318 | $portCandidate = random_int(1200, 65535); |
| 319 | - $check = $this->databaseHandle->exec("SELECT port_instance_2 FROM deployment WHERE radius_instance_2 = '" . $ourSecondServer . "' AND port_instance_2 = $portCandidate"); |
|
| 319 | + $check = $this->databaseHandle->exec("SELECT port_instance_2 FROM deployment WHERE radius_instance_2 = '".$ourSecondServer."' AND port_instance_2 = $portCandidate"); |
|
| 320 | 320 | if (mysqli_num_rows(/** @scrutinizer ignore-type */ $check) == 0) { |
| 321 | 321 | $foundFreePort2 = $portCandidate; |
| 322 | 322 | } |
| 323 | 323 | } |
| 324 | 324 | // and make up a shared secret that is halfways readable |
| 325 | 325 | $futureSecret = $this->randomString(16, "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"); |
| 326 | - $this->databaseHandle->exec("UPDATE deployment SET radius_instance_1 = '" . $ourserver . "', radius_instance_2 = '" . $ourSecondServer . "', port_instance_1 = $foundFreePort1, port_instance_2 = $foundFreePort2, secret = '$futureSecret', consortium = '$this->consortium' WHERE deployment_id = $this->identifier"); |
|
| 326 | + $this->databaseHandle->exec("UPDATE deployment SET radius_instance_1 = '".$ourserver."', radius_instance_2 = '".$ourSecondServer."', port_instance_1 = $foundFreePort1, port_instance_2 = $foundFreePort2, secret = '$futureSecret', consortium = '$this->consortium' WHERE deployment_id = $this->identifier"); |
|
| 327 | 327 | return ["port_instance_1" => $foundFreePort1, "port_instance_2" => $foundFreePort2, "secret" => $futureSecret, "radius_instance_1" => $ourserver, "radius_instance_2" => $ourserver]; |
| 328 | 328 | } |
| 329 | 329 | |
@@ -370,7 +370,7 @@ discard block |
||
| 370 | 370 | */ |
| 371 | 371 | public function deactivate() |
| 372 | 372 | { |
| 373 | - $this->databaseHandle->exec("UPDATE deployment SET status = " . DeploymentManaged::INACTIVE . " WHERE deployment_id = $this->identifier"); |
|
| 373 | + $this->databaseHandle->exec("UPDATE deployment SET status = ".DeploymentManaged::INACTIVE." WHERE deployment_id = $this->identifier"); |
|
| 374 | 374 | } |
| 375 | 375 | |
| 376 | 376 | /** |
@@ -381,7 +381,7 @@ discard block |
||
| 381 | 381 | */ |
| 382 | 382 | public function activate() |
| 383 | 383 | { |
| 384 | - $this->databaseHandle->exec("UPDATE deployment SET status = " . DeploymentManaged::ACTIVE . " WHERE deployment_id = $this->identifier"); |
|
| 384 | + $this->databaseHandle->exec("UPDATE deployment SET status = ".DeploymentManaged::ACTIVE." WHERE deployment_id = $this->identifier"); |
|
| 385 | 385 | } |
| 386 | 386 | |
| 387 | 387 | /** |
@@ -393,7 +393,7 @@ discard block |
||
| 393 | 393 | { |
| 394 | 394 | $customAttrib = $this->getAttributes("managedsp:operatorname"); |
| 395 | 395 | if (count($customAttrib) == 0) { |
| 396 | - return "1sp." . $this->identifier . "-" . $this->institution . \config\ConfAssistant::SILVERBULLET['realm_suffix']; |
|
| 396 | + return "1sp.".$this->identifier."-".$this->institution.\config\ConfAssistant::SILVERBULLET['realm_suffix']; |
|
| 397 | 397 | } |
| 398 | 398 | return $customAttrib[0]["value"]; |
| 399 | 399 | } |
@@ -409,13 +409,13 @@ discard block |
||
| 409 | 409 | { |
| 410 | 410 | |
| 411 | 411 | $hostname = "radius_hostname_$idx"; |
| 412 | - $ch = curl_init("http://" . $this->$hostname); |
|
| 412 | + $ch = curl_init("http://".$this->$hostname); |
|
| 413 | 413 | if ($ch === FALSE) { |
| 414 | 414 | $res = 'FAILURE'; |
| 415 | 415 | } else { |
| 416 | 416 | curl_setopt($ch, CURLOPT_POST, 1); |
| 417 | 417 | curl_setopt($ch, CURLOPT_POSTFIELDS, $post); |
| 418 | - $this->loggerInstance->debug(1, "Posting to http://" . $this->$hostname . ": $post\n"); |
|
| 418 | + $this->loggerInstance->debug(1, "Posting to http://".$this->$hostname.": $post\n"); |
|
| 419 | 419 | curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); |
| 420 | 420 | curl_setopt($ch, CURLOPT_HEADER, 0); |
| 421 | 421 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
@@ -431,7 +431,7 @@ discard block |
||
| 431 | 431 | $this->loggerInstance->debug(1, $this); |
| 432 | 432 | } |
| 433 | 433 | $this->loggerInstance->debug(1, "Database update"); |
| 434 | - $this->databaseHandle->exec("UPDATE deployment SET radius_status_$idx = " . ($res == 'OK' ? \core\AbstractDeployment::RADIUS_OK : \core\AbstractDeployment::RADIUS_FAILURE) . " WHERE deployment_id = $this->identifier"); |
|
| 434 | + $this->databaseHandle->exec("UPDATE deployment SET radius_status_$idx = ".($res == 'OK' ? \core\AbstractDeployment::RADIUS_OK : \core\AbstractDeployment::RADIUS_FAILURE)." WHERE deployment_id = $this->identifier"); |
|
| 435 | 435 | return $res; |
| 436 | 436 | } |
| 437 | 437 | |
@@ -452,19 +452,19 @@ discard block |
||
| 452 | 452 | } else { |
| 453 | 453 | $txt = $remove ? _('Profile dectivation failed') : _('Profile activation/modification failed'); |
| 454 | 454 | } |
| 455 | - $txt = $txt . ' '; |
|
| 455 | + $txt = $txt.' '; |
|
| 456 | 456 | if (array_count_values($response)[$status] == 2) { |
| 457 | - $txt = $txt . _('on both RADIUS servers: primary and backup') . '.'; |
|
| 457 | + $txt = $txt._('on both RADIUS servers: primary and backup').'.'; |
|
| 458 | 458 | } else { |
| 459 | 459 | if ($response['res[1]'] == $status) { |
| 460 | - $txt = $txt . _('on primary RADIUS server') . '.'; |
|
| 460 | + $txt = $txt._('on primary RADIUS server').'.'; |
|
| 461 | 461 | } else { |
| 462 | - $txt = $txt . _('on backup RADIUS server') . '.'; |
|
| 462 | + $txt = $txt._('on backup RADIUS server').'.'; |
|
| 463 | 463 | } |
| 464 | 464 | } |
| 465 | 465 | $mail = \core\common\OutsideComm::mailHandle(); |
| 466 | 466 | $email = $this->getAttributes("support:email")[0]['value']; |
| 467 | - $mail->FromName = \config\Master::APPEARANCE['productname'] . " Notification System"; |
|
| 467 | + $mail->FromName = \config\Master::APPEARANCE['productname']." Notification System"; |
|
| 468 | 468 | $mail->addAddress($email); |
| 469 | 469 | if ($status == 'OK') { |
| 470 | 470 | $mail->Subject = _('RADIUS profile update problem fixed'); |
@@ -498,7 +498,7 @@ discard block |
||
| 498 | 498 | return NULL; |
| 499 | 499 | } |
| 500 | 500 | $timeout = 10; |
| 501 | - curl_setopt($ch, CURLOPT_URL, 'http://' . $host); |
|
| 501 | + curl_setopt($ch, CURLOPT_URL, 'http://'.$host); |
|
| 502 | 502 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
| 503 | 503 | curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); |
| 504 | 504 | curl_exec($ch); |
@@ -590,35 +590,35 @@ discard block |
||
| 590 | 590 | { |
| 591 | 591 | $remove = ($this->status == \core\AbstractDeployment::INACTIVE) ? 0 : 1; |
| 592 | 592 | $toPost = ($onlyone ? array($onlyone => '') : array(1 => '', 2 => '')); |
| 593 | - $toPostTemplate = 'instid=' . $this->institution . '&deploymentid=' . $this->identifier . '&secret=' . $this->secret . '&country=' . $this->getAttributes("internal:country")[0]['value'] . '&'; |
|
| 593 | + $toPostTemplate = 'instid='.$this->institution.'&deploymentid='.$this->identifier.'&secret='.$this->secret.'&country='.$this->getAttributes("internal:country")[0]['value'].'&'; |
|
| 594 | 594 | if ($remove) { |
| 595 | - $toPostTemplate = $toPostTemplate . 'remove=1&'; |
|
| 595 | + $toPostTemplate = $toPostTemplate.'remove=1&'; |
|
| 596 | 596 | } else { |
| 597 | 597 | if ($this->getAttributes("managedsp:operatorname")[0]['value'] ?? NULL) { |
| 598 | - $toPostTemplate = $toPostTemplate . 'operatorname=' . $this->getAttributes("managedsp:operatorname")[0]['value'] . '&'; |
|
| 598 | + $toPostTemplate = $toPostTemplate.'operatorname='.$this->getAttributes("managedsp:operatorname")[0]['value'].'&'; |
|
| 599 | 599 | } |
| 600 | 600 | if ($this->getAttributes("managedsp:vlan")[0]['value'] ?? NULL) { |
| 601 | 601 | $allRealms = $this->getAllRealms(); |
| 602 | 602 | if (!empty($allRealms)) { |
| 603 | - $toPostTemplate = $toPostTemplate . 'vlan=' . $this->getAttributes("managedsp:vlan")[0]['value'] . '&'; |
|
| 604 | - $toPostTemplate = $toPostTemplate . 'realmforvlan[]=' . implode('&realmforvlan[]=', $allRealms) . '&'; |
|
| 603 | + $toPostTemplate = $toPostTemplate.'vlan='.$this->getAttributes("managedsp:vlan")[0]['value'].'&'; |
|
| 604 | + $toPostTemplate = $toPostTemplate.'realmforvlan[]='.implode('&realmforvlan[]=', $allRealms).'&'; |
|
| 605 | 605 | } |
| 606 | 606 | } |
| 607 | 607 | } |
| 608 | 608 | foreach (array_keys($toPost) as $key) { |
| 609 | - $elem = 'port' . $key; |
|
| 610 | - $toPost[$key] = $toPostTemplate . 'port=' . $this->$elem; |
|
| 609 | + $elem = 'port'.$key; |
|
| 610 | + $toPost[$key] = $toPostTemplate.'port='.$this->$elem; |
|
| 611 | 611 | } |
| 612 | 612 | $response = array(); |
| 613 | 613 | foreach ($toPost as $key => $value) { |
| 614 | - $this->loggerInstance->debug(1, 'toPost ' . $toPost[$key] . "\n"); |
|
| 615 | - $response['res[' . $key . ']'] = $this->sendToRADIUS($key, $toPost[$key]); |
|
| 614 | + $this->loggerInstance->debug(1, 'toPost '.$toPost[$key]."\n"); |
|
| 615 | + $response['res['.$key.']'] = $this->sendToRADIUS($key, $toPost[$key]); |
|
| 616 | 616 | } |
| 617 | 617 | if ($onlyone) { |
| 618 | - $response['res[' . ($onlyone == 1) ? 2 : 1 . ']'] = \core\AbstractDeployment::RADIUS_OK; |
|
| 618 | + $response['res['.($onlyone == 1) ? 2 : 1.']'] = \core\AbstractDeployment::RADIUS_OK; |
|
| 619 | 619 | } |
| 620 | 620 | foreach (array('OK', 'FAILURE') as $status) { |
| 621 | - if ( ( ($status == 'OK' && $notify) || ($status == 'FAILURE') ) && ( in_array($status, $response) ) ) { |
|
| 621 | + if ((($status == 'OK' && $notify) || ($status == 'FAILURE')) && (in_array($status, $response))) { |
|
| 622 | 622 | $this->sendMailtoAdmin($remove, $response, $status); |
| 623 | 623 | } |
| 624 | 624 | } |
@@ -110,7 +110,7 @@ discard block |
||
| 110 | 110 | public function __construct() |
| 111 | 111 | { |
| 112 | 112 | $this->loggerInstance = new Logging(); |
| 113 | - $this->loggerInstance->debug(3, "--- BEGIN constructing class " . get_class($this) . " .\n"); |
|
| 113 | + $this->loggerInstance->debug(3, "--- BEGIN constructing class ".get_class($this)." .\n"); |
|
| 114 | 114 | $this->languageInstance = new Language(); |
| 115 | 115 | Entity::intoThePotatoes("core"); |
| 116 | 116 | // some config elements are displayable. We need some dummies to |
@@ -129,13 +129,13 @@ discard block |
||
| 129 | 129 | $dummy_organisation2a = _("organization"); |
| 130 | 130 | $dummy_organisation3 = _("entity"); |
| 131 | 131 | // and do something useless with the strings so that there's no "unused" complaint |
| 132 | - if (strlen($dummy_NRO . $dummy_idp1 . $dummy_idp2 . $dummy_idp3 . $dummy_hotspot1 . $dummy_hotspot2 . $dummy_hotspot3 . $dummy_organisation1 . $dummy_organisation2 . $dummy_organisation2a . $dummy_organisation3) < 0) { |
|
| 132 | + if (strlen($dummy_NRO.$dummy_idp1.$dummy_idp2.$dummy_idp3.$dummy_hotspot1.$dummy_hotspot2.$dummy_hotspot3.$dummy_organisation1.$dummy_organisation2.$dummy_organisation2a.$dummy_organisation3) < 0) { |
|
| 133 | 133 | throw new Exception("Strings are usually not shorter than 0 characters. We've encountered a string blackhole."); |
| 134 | 134 | } |
| 135 | - $xyzVariableFed = \config\ConfAssistant::CONSORTIUM['nomenclature_federation'] . ""; |
|
| 136 | - $xyzVariableIdP = \config\ConfAssistant::CONSORTIUM['nomenclature_idp'] . ""; |
|
| 137 | - $xyzVariableHotspot = \config\ConfAssistant::CONSORTIUM['nomenclature_hotspot'] . ""; |
|
| 138 | - $xyzVariableParticipant = \config\ConfAssistant::CONSORTIUM['nomenclature_participant'] . ""; |
|
| 135 | + $xyzVariableFed = \config\ConfAssistant::CONSORTIUM['nomenclature_federation'].""; |
|
| 136 | + $xyzVariableIdP = \config\ConfAssistant::CONSORTIUM['nomenclature_idp'].""; |
|
| 137 | + $xyzVariableHotspot = \config\ConfAssistant::CONSORTIUM['nomenclature_hotspot'].""; |
|
| 138 | + $xyzVariableParticipant = \config\ConfAssistant::CONSORTIUM['nomenclature_participant'].""; |
|
| 139 | 139 | Entity::$nomenclature_fed = _($xyzVariableFed); |
| 140 | 140 | Entity::$nomenclature_idp = _($xyzVariableIdP); |
| 141 | 141 | Entity::$nomenclature_hotspot = _($xyzVariableHotspot); |
@@ -151,7 +151,7 @@ discard block |
||
| 151 | 151 | */ |
| 152 | 152 | public function __destruct() |
| 153 | 153 | { |
| 154 | - (new Logging())->debug(5, "--- KILL Destructing class " . get_class($this) . " .\n"); |
|
| 154 | + (new Logging())->debug(5, "--- KILL Destructing class ".get_class($this)." .\n"); |
|
| 155 | 155 | } |
| 156 | 156 | |
| 157 | 157 | /** |
@@ -184,7 +184,7 @@ discard block |
||
| 184 | 184 | public static function createTemporaryDirectory($purpose = 'installer', $failIsFatal = 1) |
| 185 | 185 | { |
| 186 | 186 | $loggerInstance = new Logging(); |
| 187 | - $name = md5(time() . rand()); |
|
| 187 | + $name = md5(time().rand()); |
|
| 188 | 188 | $path = ROOT; |
| 189 | 189 | switch ($purpose) { |
| 190 | 190 | case 'silverbullet': |
@@ -202,7 +202,7 @@ discard block |
||
| 202 | 202 | default: |
| 203 | 203 | throw new Exception("unable to create temporary directory due to unknown purpose: $purpose\n"); |
| 204 | 204 | } |
| 205 | - $tmpDir = $path . '/' . $name; |
|
| 205 | + $tmpDir = $path.'/'.$name; |
|
| 206 | 206 | $loggerInstance->debug(4, "temp dir: $purpose : $tmpDir\n"); |
| 207 | 207 | if (!mkdir($tmpDir, 0700, true)) { |
| 208 | 208 | if ($failIsFatal) { |
@@ -223,7 +223,7 @@ discard block |
||
| 223 | 223 | */ |
| 224 | 224 | public static function rrmdir($dir) |
| 225 | 225 | { |
| 226 | - foreach (glob($dir . '/*') as $file) { |
|
| 226 | + foreach (glob($dir.'/*') as $file) { |
|
| 227 | 227 | if (is_dir($file)) { |
| 228 | 228 | Entity::rrmdir($file); |
| 229 | 229 | } else { |
@@ -249,12 +249,12 @@ discard block |
||
| 249 | 249 | } |
| 250 | 250 | // these substr() are guaranteed to yield actual string data, as the |
| 251 | 251 | // base string is an MD5 hash - has sufficient length |
| 252 | - $uuid = /** @scrutinizer ignore-type */ substr($chars, 0, 8) . '-'; |
|
| 253 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 8, 4) . '-'; |
|
| 254 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 12, 4) . '-'; |
|
| 255 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 16, 4) . '-'; |
|
| 252 | + $uuid = /** @scrutinizer ignore-type */ substr($chars, 0, 8).'-'; |
|
| 253 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 8, 4).'-'; |
|
| 254 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 12, 4).'-'; |
|
| 255 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 16, 4).'-'; |
|
| 256 | 256 | $uuid .= /** @scrutinizer ignore-type */ substr($chars, 20, 12); |
| 257 | - return $prefix . $uuid; |
|
| 257 | + return $prefix.$uuid; |
|
| 258 | 258 | } |
| 259 | 259 | |
| 260 | 260 | /** |
@@ -295,7 +295,7 @@ discard block |
||
| 295 | 295 | for ($i = count($trace); $i--; $i > 0) { |
| 296 | 296 | if (isset($trace[$i - 1]['class']) && preg_match('/Entity/', $trace[$i - 1]['class'])) { |
| 297 | 297 | if ($showTrace) { |
| 298 | - echo "FOUND caller: " . /** @scrutinizer ignore-type */ print_r($trace[$i], true) . " - class is " . $trace[$i]['class']; |
|
| 298 | + echo "FOUND caller: "./** @scrutinizer ignore-type */ print_r($trace[$i], true)." - class is ".$trace[$i]['class']; |
|
| 299 | 299 | } |
| 300 | 300 | $caller = $trace[$i]; |
| 301 | 301 | break; |
@@ -305,8 +305,8 @@ discard block |
||
| 305 | 305 | // otherwise, on the filename relative to ROOT |
| 306 | 306 | $myName = $caller['class'] ?? substr($caller['file'], strlen(ROOT)); |
| 307 | 307 | if ($showTrace === TRUE) { |
| 308 | - echo "<pre>" . /** @scrutinizer ignore-type */ print_r($trace, true) . "</pre>"; |
|
| 309 | - echo "CLASS = " . $myName . "<br/>"; |
|
| 308 | + echo "<pre>"./** @scrutinizer ignore-type */ print_r($trace, true)."</pre>"; |
|
| 309 | + echo "CLASS = ".$myName."<br/>"; |
|
| 310 | 310 | } |
| 311 | 311 | if (preg_match("/diag/", $myName) == 1) { |
| 312 | 312 | $ret = "diagnostics"; |
@@ -340,10 +340,10 @@ discard block |
||
| 340 | 340 | if ($catalogue === NULL) { |
| 341 | 341 | $theCatalogue = Entity::determineOwnCatalogue($trace); |
| 342 | 342 | textdomain($theCatalogue); |
| 343 | - bindtextdomain($theCatalogue, ROOT . "/translation/"); |
|
| 343 | + bindtextdomain($theCatalogue, ROOT."/translation/"); |
|
| 344 | 344 | } else { |
| 345 | 345 | textdomain($catalogue); |
| 346 | - bindtextdomain($catalogue, ROOT . "/translation/"); |
|
| 346 | + bindtextdomain($catalogue, ROOT."/translation/"); |
|
| 347 | 347 | } |
| 348 | 348 | } |
| 349 | 349 | |
@@ -132,20 +132,20 @@ discard block |
||
| 132 | 132 | if ($device == "TOTAL") { |
| 133 | 133 | continue; |
| 134 | 134 | } |
| 135 | - $retstring .= "<tr><td>$device</td><td>" . $numbers['ADMIN'] . "</td><td>" . $numbers['SILVERBULLET'] . "</td><td>" . $numbers['USER'] . "</td></tr>"; |
|
| 135 | + $retstring .= "<tr><td>$device</td><td>".$numbers['ADMIN']."</td><td>".$numbers['SILVERBULLET']."</td><td>".$numbers['USER']."</td></tr>"; |
|
| 136 | 136 | } |
| 137 | - $retstring .= "<tr><td><strong>TOTAL</strong></td><td><strong>" . $data['TOTAL']['ADMIN'] . "</strong></td><td><strong>" . $data['TOTAL']['SILVERBULLET'] . "</strong></td><td><strong>" . $data['TOTAL']['USER'] . "</strong></td></tr>"; |
|
| 137 | + $retstring .= "<tr><td><strong>TOTAL</strong></td><td><strong>".$data['TOTAL']['ADMIN']."</strong></td><td><strong>".$data['TOTAL']['SILVERBULLET']."</strong></td><td><strong>".$data['TOTAL']['USER']."</strong></td></tr>"; |
|
| 138 | 138 | break; |
| 139 | 139 | case "XML": |
| 140 | 140 | // the calls to date() operate on current date, so there is no chance for a FALSE to be returned. Silencing scrutinizer. |
| 141 | - $retstring .= "<federation id='$this->tld' ts='" . /** @scrutinizer ignore-type */ date("Y-m-d") . "T" . /** @scrutinizer ignore-type */ date("H:i:s") . "'>\n"; |
|
| 141 | + $retstring .= "<federation id='$this->tld' ts='"./** @scrutinizer ignore-type */ date("Y-m-d")."T"./** @scrutinizer ignore-type */ date("H:i:s")."'>\n"; |
|
| 142 | 142 | foreach ($data as $device => $numbers) { |
| 143 | 143 | if ($device == "TOTAL") { |
| 144 | 144 | continue; |
| 145 | 145 | } |
| 146 | - $retstring .= " <device name='" . $device . "'>\n <downloads group='admin'>" . $numbers['ADMIN'] . "</downloads>\n <downloads group='managed_idp'>" . $numbers['SILVERBULLET'] . "</downloads>\n <downloads group='user'>" . $numbers['USER'] . "</downloads>\n </device>"; |
|
| 146 | + $retstring .= " <device name='".$device."'>\n <downloads group='admin'>".$numbers['ADMIN']."</downloads>\n <downloads group='managed_idp'>".$numbers['SILVERBULLET']."</downloads>\n <downloads group='user'>".$numbers['USER']."</downloads>\n </device>"; |
|
| 147 | 147 | } |
| 148 | - $retstring .= "<total>\n <downloads group='admin'>" . $data['TOTAL']['ADMIN'] . "</downloads>\n <downloads group='managed_idp'>" . $data['TOTAL']['SILVERBULLET'] . "</downloads>\n <downloads group='user'>" . $data['TOTAL']['USER'] . "</downloads>\n</total>\n"; |
|
| 148 | + $retstring .= "<total>\n <downloads group='admin'>".$data['TOTAL']['ADMIN']."</downloads>\n <downloads group='managed_idp'>".$data['TOTAL']['SILVERBULLET']."</downloads>\n <downloads group='user'>".$data['TOTAL']['USER']."</downloads>\n</total>\n"; |
|
| 149 | 149 | $retstring .= "</federation>"; |
| 150 | 150 | break; |
| 151 | 151 | case "array": |
@@ -237,7 +237,7 @@ discard block |
||
| 237 | 237 | $identifier = $this->databaseHandle->lastID(); |
| 238 | 238 | |
| 239 | 239 | if ($identifier == 0 || !$this->loggerInstance->writeAudit($ownerId, "NEW", "Organisation $identifier")) { |
| 240 | - $text = "<p>Could not create a new " . common\Entity::$nomenclature_participant . "!</p>"; |
|
| 240 | + $text = "<p>Could not create a new ".common\Entity::$nomenclature_participant."!</p>"; |
|
| 241 | 241 | echo $text; |
| 242 | 242 | throw new Exception($text); |
| 243 | 243 | } |
@@ -379,7 +379,7 @@ discard block |
||
| 379 | 379 | return; // no update to fetch |
| 380 | 380 | } |
| 381 | 381 | $certDetails = openssl_x509_parse($entryInQuestion['CERT']); |
| 382 | - $expiry = "20" . $certDetails['validTo'][0] . $certDetails['validTo'][1] . "-" . $certDetails['validTo'][2] . $certDetails['validTo'][3] . "-" . $certDetails['validTo'][4] . $certDetails['validTo'][5]; |
|
| 382 | + $expiry = "20".$certDetails['validTo'][0].$certDetails['validTo'][1]."-".$certDetails['validTo'][2].$certDetails['validTo'][3]."-".$certDetails['validTo'][4].$certDetails['validTo'][5]; |
|
| 383 | 383 | openssl_x509_export($entryInQuestion['CERT'], $pem); |
| 384 | 384 | $updateQuery = "UPDATE federation_servercerts SET status = 'ISSUED', certificate = ?, expiry = ? WHERE ca_name = 'eduPKI' AND request_serial = ?"; |
| 385 | 385 | $this->databaseHandle->exec($updateQuery, "ssi", $pem, $expiry, $reqSerial); |
@@ -135,7 +135,7 @@ discard block |
||
| 135 | 135 | sprintf(_("%s: Do not terminate EAP"), \core\ProfileSilverbullet::PRODUCTNAME) => "fed:silverbullet-noterm", |
| 136 | 136 | sprintf(_("%s: max users per profile"), \core\ProfileSilverbullet::PRODUCTNAME) => "fed:silverbullet-maxusers", |
| 137 | 137 | sprintf(_("Mint %s with CA on creation"), $this->nomenclatureIdP) => "fed:minted_ca_file", |
| 138 | - sprintf(_("OpenRoaming: Allow %s Opt-In"),$this->nomenclatureParticipant) => "fed:openroaming", |
|
| 138 | + sprintf(_("OpenRoaming: Allow %s Opt-In"), $this->nomenclatureParticipant) => "fed:openroaming", |
|
| 139 | 139 | _("OpenRoaming: Custom NAPTR Target") => "fed:openroaming_customtarget", |
| 140 | 140 | $ssidText => "media:SSID", |
| 141 | 141 | $passpointOiText => "media:consortium_OI", |
@@ -147,7 +147,7 @@ discard block |
||
| 147 | 147 | $find = array_keys($displayNames, $input, TRUE); |
| 148 | 148 | |
| 149 | 149 | if (count($find) == 0) { // this is an error! throw an Exception |
| 150 | - throw new \Exception("The translation of an option name was requested, but the option is not known to the system: " . htmlentities($input)); |
|
| 150 | + throw new \Exception("The translation of an option name was requested, but the option is not known to the system: ".htmlentities($input)); |
|
| 151 | 151 | } |
| 152 | 152 | \core\common\Entity::outOfThePotatoes(); |
| 153 | 153 | return $find[0]; |
@@ -168,7 +168,7 @@ discard block |
||
| 168 | 168 | |
| 169 | 169 | foreach ($optionlist as $option) { |
| 170 | 170 | $type = $optioninfo->optionType($option['name']); |
| 171 | - if (preg_match('/^' . $class . '/', $option['name']) && $option['level'] == "$level") { |
|
| 171 | + if (preg_match('/^'.$class.'/', $option['name']) && $option['level'] == "$level") { |
|
| 172 | 172 | // all non-multilang attribs get this assignment ... |
| 173 | 173 | $language = ""; |
| 174 | 174 | $content = $option['value']; |
@@ -186,19 +186,19 @@ discard block |
||
| 186 | 186 | $locationMarkers[] = $coords; |
| 187 | 187 | break; |
| 188 | 188 | case "file": |
| 189 | - $retval .= "<tr><td>" . $this->displayName($option['name']) . "</td><td>$language</td><td>"; |
|
| 189 | + $retval .= "<tr><td>".$this->displayName($option['name'])."</td><td>$language</td><td>"; |
|
| 190 | 190 | switch ($option['name']) { |
| 191 | 191 | case "general:logo_file": |
| 192 | 192 | case "fed:logo_file": |
| 193 | - $retval .= $this->previewImageinHTML('ROWID-' . $option['level'] . '-' . $option['row']); |
|
| 193 | + $retval .= $this->previewImageinHTML('ROWID-'.$option['level'].'-'.$option['row']); |
|
| 194 | 194 | break; |
| 195 | 195 | case "eap:ca_file": |
| 196 | 196 | // fall-through intended: display both the same way |
| 197 | 197 | case "fed:minted_ca_file": |
| 198 | - $retval .= $this->previewCAinHTML('ROWID-' . $option['level'] . '-' . $option['row']); |
|
| 198 | + $retval .= $this->previewCAinHTML('ROWID-'.$option['level'].'-'.$option['row']); |
|
| 199 | 199 | break; |
| 200 | 200 | case "support:info_file": |
| 201 | - $retval .= $this->previewInfoFileinHTML('ROWID-' . $option['level'] . '-' . $option['row']); |
|
| 201 | + $retval .= $this->previewInfoFileinHTML('ROWID-'.$option['level'].'-'.$option['row']); |
|
| 202 | 202 | break; |
| 203 | 203 | default: |
| 204 | 204 | } |
@@ -208,10 +208,10 @@ discard block |
||
| 208 | 208 | // do not display the option at all; it gets auto-set by the ProfileSilverbullet constructor and doesn't have to be seen |
| 209 | 209 | break; |
| 210 | 210 | } |
| 211 | - $retval .= "<tr><td>" . $this->displayName($option['name']) . "</td><td>$language</td><td><strong>" . ($content == "on" ? _("on") : _("off") ) . "</strong></td></tr>"; |
|
| 211 | + $retval .= "<tr><td>".$this->displayName($option['name'])."</td><td>$language</td><td><strong>".($content == "on" ? _("on") : _("off"))."</strong></td></tr>"; |
|
| 212 | 212 | break; |
| 213 | 213 | default: |
| 214 | - $retval .= "<tr><td>" . $this->displayName($option['name']) . "</td><td>$language</td><td><strong>$content</strong></td></tr>"; |
|
| 214 | + $retval .= "<tr><td>".$this->displayName($option['name'])."</td><td>$language</td><td><strong>$content</strong></td></tr>"; |
|
| 215 | 215 | } |
| 216 | 216 | } |
| 217 | 217 | } |
@@ -220,11 +220,11 @@ discard block |
||
| 220 | 220 | $locationCount = 0; |
| 221 | 221 | foreach ($locationMarkers as $g) { |
| 222 | 222 | $locationCount++; |
| 223 | - $marker .= '<marker name="' . $locationCount . '" lat="' . $g['lat'] . '" lng="' . $g['lon'] . '" />'; |
|
| 223 | + $marker .= '<marker name="'.$locationCount.'" lat="'.$g['lat'].'" lng="'.$g['lon'].'" />'; |
|
| 224 | 224 | } |
| 225 | 225 | $marker .= '<\/markers>'; // some validator says this should be escaped |
| 226 | 226 | $jMarker = json_encode($locationMarkers); |
| 227 | - $retval .= '<tr><td><script>markers=\'' . $marker . '\'; jmarkers = \'' . $jMarker . '\';</script></td><td></td><td></td></tr>'; |
|
| 227 | + $retval .= '<tr><td><script>markers=\''.$marker.'\'; jmarkers = \''.$jMarker.'\';</script></td><td></td><td></td></tr>'; |
|
| 228 | 228 | } |
| 229 | 229 | \core\common\Entity::outOfThePotatoes(); |
| 230 | 230 | return $retval; |
@@ -240,11 +240,11 @@ discard block |
||
| 240 | 240 | \core\common\Entity::intoThePotatoes(); |
| 241 | 241 | $idpoptions = $myInst->getAttributes(); |
| 242 | 242 | $retval = "<div class='infobox'> |
| 243 | - <h2>" . sprintf(_("General %s details"), $this->nomenclatureParticipant) . "</h2> |
|
| 243 | + <h2>" . sprintf(_("General %s details"), $this->nomenclatureParticipant)."</h2> |
|
| 244 | 244 | <table> |
| 245 | 245 | <tr> |
| 246 | 246 | <td> |
| 247 | - " . _("Country:") . " |
|
| 247 | + " . _("Country:")." |
|
| 248 | 248 | </td> |
| 249 | 249 | <td> |
| 250 | 250 | </td> |
@@ -254,16 +254,16 @@ discard block |
||
| 254 | 254 | $retval .= $myFed->name; |
| 255 | 255 | $retval .= "</strong> |
| 256 | 256 | </td> |
| 257 | - </tr>" . $this->infoblock($idpoptions, "general", "IdP") . " |
|
| 257 | + </tr>" . $this->infoblock($idpoptions, "general", "IdP")." |
|
| 258 | 258 | </table> |
| 259 | 259 | </div>"; |
| 260 | 260 | |
| 261 | 261 | $blocks = [["support", _("Global Helpdesk Details")], ["media", _("Media Properties")]]; |
| 262 | 262 | foreach ($blocks as $block) { |
| 263 | 263 | $retval .= "<div class='infobox'> |
| 264 | - <h2>" . $block[1] . "</h2> |
|
| 264 | + <h2>" . $block[1]."</h2> |
|
| 265 | 265 | <table>" . |
| 266 | - $this->infoblock($idpoptions, $block[0], "IdP") . |
|
| 266 | + $this->infoblock($idpoptions, $block[0], "IdP"). |
|
| 267 | 267 | "</table> |
| 268 | 268 | </div>"; |
| 269 | 269 | } |
@@ -278,12 +278,12 @@ discard block |
||
| 278 | 278 | */ |
| 279 | 279 | private function displaySize(int $number) { |
| 280 | 280 | if ($number > 1024 * 1024) { |
| 281 | - return round($number / 1024 / 1024, 2) . " MiB"; |
|
| 281 | + return round($number / 1024 / 1024, 2)." MiB"; |
|
| 282 | 282 | } |
| 283 | 283 | if ($number > 1024) { |
| 284 | - return round($number / 1024, 2) . " KiB"; |
|
| 284 | + return round($number / 1024, 2)." KiB"; |
|
| 285 | 285 | } |
| 286 | - return $number . " B"; |
|
| 286 | + return $number." B"; |
|
| 287 | 287 | } |
| 288 | 288 | |
| 289 | 289 | /** |
@@ -337,7 +337,7 @@ discard block |
||
| 337 | 337 | $ref = $validator->databaseReference($cAReference); |
| 338 | 338 | $rawResult = UIElements::getBlobFromDB($ref['table'], $ref['rowindex'], FALSE); |
| 339 | 339 | if (is_bool($rawResult)) { // we didn't actually get a CA! |
| 340 | - $retval = "<div class='ca-summary'>" . _("There was an error while retrieving the certificate from the database!") . "</div>"; |
|
| 340 | + $retval = "<div class='ca-summary'>"._("There was an error while retrieving the certificate from the database!")."</div>"; |
|
| 341 | 341 | \core\common\Entity::outOfThePotatoes(); |
| 342 | 342 | return $retval; |
| 343 | 343 | } |
@@ -353,14 +353,14 @@ discard block |
||
| 353 | 353 | |
| 354 | 354 | $details['name'] = preg_replace('/(.)\/(.)/', "$1<br/>$2", $details['name']); |
| 355 | 355 | $details['name'] = preg_replace('/\//', "", $details['name']); |
| 356 | - $certstatus = ( $details['root'] == 1 ? "R" : "I"); |
|
| 357 | - $certTooltip = ( $details['root'] == 1 ? _("Root CA") : _("Intermediate CA")); |
|
| 356 | + $certstatus = ($details['root'] == 1 ? "R" : "I"); |
|
| 357 | + $certTooltip = ($details['root'] == 1 ? _("Root CA") : _("Intermediate CA")); |
|
| 358 | 358 | if ($details['ca'] == 0 && $details['root'] != 1) { |
| 359 | - $retval = "<div class='ca-summary' style='background-color:red'><div style='position:absolute; right: 0px; width:20px; height:20px; background-color:maroon; border-radius:10px; text-align: center;'><div style='padding-top:3px; font-weight:bold; color:#ffffff;'>S</div></div>" . _("This is a <strong>SERVER</strong> certificate!") . "<br/>" . $details['name'] . "</div>"; |
|
| 359 | + $retval = "<div class='ca-summary' style='background-color:red'><div style='position:absolute; right: 0px; width:20px; height:20px; background-color:maroon; border-radius:10px; text-align: center;'><div style='padding-top:3px; font-weight:bold; color:#ffffff;'>S</div></div>"._("This is a <strong>SERVER</strong> certificate!")."<br/>".$details['name']."</div>"; |
|
| 360 | 360 | \core\common\Entity::outOfThePotatoes(); |
| 361 | 361 | return $retval; |
| 362 | 362 | } |
| 363 | - $retval = "<div class='ca-summary' ><div style='position:absolute; right: 0px; width:20px; height:20px; background-color:#0000ff; border-radius:10px; text-align: center;'><div title='$certTooltip' style='padding-top:3px; font-weight:bold; color:#ffffff;'>$certstatus</div></div>" . $details['name'] . "</div>"; |
|
| 363 | + $retval = "<div class='ca-summary' ><div style='position:absolute; right: 0px; width:20px; height:20px; background-color:#0000ff; border-radius:10px; text-align: center;'><div title='$certTooltip' style='padding-top:3px; font-weight:bold; color:#ffffff;'>$certstatus</div></div>".$details['name']."</div>"; |
|
| 364 | 364 | \core\common\Entity::outOfThePotatoes(); |
| 365 | 365 | return $retval; |
| 366 | 366 | } |
@@ -373,7 +373,7 @@ discard block |
||
| 373 | 373 | */ |
| 374 | 374 | public function previewImageinHTML($imageReference) { |
| 375 | 375 | \core\common\Entity::intoThePotatoes(); |
| 376 | - $retval = "<img style='max-width:150px' src='inc/filepreview.php?id=" . $imageReference . "' alt='" . _("Preview of logo file") . "'/>"; |
|
| 376 | + $retval = "<img style='max-width:150px' src='inc/filepreview.php?id=".$imageReference."' alt='"._("Preview of logo file")."'/>"; |
|
| 377 | 377 | \core\common\Entity::outOfThePotatoes(); |
| 378 | 378 | return $retval; |
| 379 | 379 | } |
@@ -390,13 +390,13 @@ discard block |
||
| 390 | 390 | $ref = $validator->databaseReference($fileReference); |
| 391 | 391 | $fileBlob = UIElements::getBlobFromDB($ref['table'], $ref['rowindex'], FALSE); |
| 392 | 392 | if (is_bool($fileBlob)) { // we didn't actually get a file! |
| 393 | - $retval = "<div class='ca-summary'>" . _("There was an error while retrieving the file from the database!") . "</div>"; |
|
| 393 | + $retval = "<div class='ca-summary'>"._("There was an error while retrieving the file from the database!")."</div>"; |
|
| 394 | 394 | \core\common\Entity::outOfThePotatoes(); |
| 395 | 395 | return $retval; |
| 396 | 396 | } |
| 397 | 397 | $decodedFileBlob = base64_decode($fileBlob); |
| 398 | 398 | $fileinfo = new \finfo(); |
| 399 | - $retval = "<div class='ca-summary'>" . _("File exists") . " (" . $fileinfo->buffer($decodedFileBlob, FILEINFO_MIME_TYPE) . ", " . $this->displaySize(strlen($decodedFileBlob)) . ")<br/><a href='inc/filepreview.php?id=$fileReference'>" . _("Preview") . "</a></div>"; |
|
| 399 | + $retval = "<div class='ca-summary'>"._("File exists")." (".$fileinfo->buffer($decodedFileBlob, FILEINFO_MIME_TYPE).", ".$this->displaySize(strlen($decodedFileBlob)).")<br/><a href='inc/filepreview.php?id=$fileReference'>"._("Preview")."</a></div>"; |
|
| 400 | 400 | \core\common\Entity::outOfThePotatoes(); |
| 401 | 401 | return $retval; |
| 402 | 402 | } |
@@ -424,7 +424,7 @@ discard block |
||
| 424 | 424 | $retval .= "<tr><td>"; |
| 425 | 425 | } |
| 426 | 426 | $finalCaption = ($caption !== NULL ? $caption : $uiMessages[$level]['text']); |
| 427 | - $retval .= "<img class='icon' src='" . $uiMessages[$level]['icon'] . "' alt='" . $finalCaption . "' title='" . $finalCaption . "'/>"; |
|
| 427 | + $retval .= "<img class='icon' src='".$uiMessages[$level]['icon']."' alt='".$finalCaption."' title='".$finalCaption."'/>"; |
|
| 428 | 428 | if (!$omittabletags) { |
| 429 | 429 | $retval .= "</td><td>"; |
| 430 | 430 | } |
@@ -506,8 +506,8 @@ discard block |
||
| 506 | 506 | return ""; |
| 507 | 507 | } |
| 508 | 508 | |
| 509 | - $loggerInstance->debug(4, "Consortium logo is at: " . ROOT . "/web/resources/images/consortium_logo_large.png"); |
|
| 510 | - $logogd = imagecreatefrompng(ROOT . "/web/resources/images/consortium_logo_large.png"); |
|
| 509 | + $loggerInstance->debug(4, "Consortium logo is at: ".ROOT."/web/resources/images/consortium_logo_large.png"); |
|
| 510 | + $logogd = imagecreatefrompng(ROOT."/web/resources/images/consortium_logo_large.png"); |
|
| 511 | 511 | if ($logogd === FALSE) { // consortium logo is bogus; don't do anything |
| 512 | 512 | return ""; |
| 513 | 513 | } |
@@ -533,7 +533,7 @@ discard block |
||
| 533 | 533 | imagecolorallocate($whiteimage, 255, 255, 255); |
| 534 | 534 | // also make sure the initial placement is a multitude of 12; otherwise "two half" symbols might be affected |
| 535 | 535 | $targetplacementx = (int) ($symbolsize * round(($sizeinput[0] / 2 - ($targetwidth - $symbolsize + 1) / 2) / $symbolsize)); |
| 536 | - $targetplacementy = (int) ($symbolsize * round(($sizeinput[1] / 2 - ($targetheight - $symbolsize + 1 ) / 2) / $symbolsize)); |
|
| 536 | + $targetplacementy = (int) ($symbolsize * round(($sizeinput[1] / 2 - ($targetheight - $symbolsize + 1) / 2) / $symbolsize)); |
|
| 537 | 537 | imagecopyresized($inputgd, $whiteimage, $targetplacementx - $symbolsize, $targetplacementy - $symbolsize, 0, 0, $targetwidth + 2 * $symbolsize, $targetheight + 2 * $symbolsize, $targetwidth + 2 * $symbolsize, $targetheight + 2 * $symbolsize); |
| 538 | 538 | imagecopyresized($inputgd, $logogd, $targetplacementx, $targetplacementy, 0, 0, $targetwidth, $targetheight, $sizelogo[0], $sizelogo[1]); |
| 539 | 539 | ob_start(); |
@@ -583,9 +583,9 @@ discard block |
||
| 583 | 583 | $message = "Your configuration appears to be fine."; |
| 584 | 584 | break; |
| 585 | 585 | default: |
| 586 | - throw new Exception("The result code level " . $test->test_result['global'] . " is not defined!"); |
|
| 586 | + throw new Exception("The result code level ".$test->test_result['global']." is not defined!"); |
|
| 587 | 587 | } |
| 588 | - $out .= $this->boxFlexible($test->test_result['global'], "<br><strong>Test Summary</strong><br>" . $message . "<br>See below for details<br><hr>"); |
|
| 588 | + $out .= $this->boxFlexible($test->test_result['global'], "<br><strong>Test Summary</strong><br>".$message."<br>See below for details<br><hr>"); |
|
| 589 | 589 | foreach ($test->out as $testValue) { |
| 590 | 590 | foreach ($testValue as $o) { |
| 591 | 591 | $out .= $this->boxFlexible($o['level'], $o['message']); |
@@ -62,7 +62,7 @@ |
||
| 62 | 62 | they are from the same user group. You are not allowed to share them to an unlimited |
| 63 | 63 | audience (e.g. on a publicly accessible web server).</li> |
| 64 | 64 | <li>If You are an eduroam Identity Provider administrator, you are allowed to download and pass on the Installers to |
| 65 | -your own <?php echo \config\ConfAssistant::CONSORTIUM['nomenclature_idp'];?> end users, e.g. on the support web pages of your <?php echo \config\ConfAssistant::CONSORTIUM['nomenclature_idp'];?>, on Welcome Package CDs or USB sticks, etc.</li> |
|
| 65 | +your own <?php echo \config\ConfAssistant::CONSORTIUM['nomenclature_idp']; ?> end users, e.g. on the support web pages of your <?php echo \config\ConfAssistant::CONSORTIUM['nomenclature_idp']; ?>, on Welcome Package CDs or USB sticks, etc.</li> |
|
| 66 | 66 | <li>If You are a third-party not affiliated with eduroam, you are only allowed to download and pass on |
| 67 | 67 | the Metadata and/or the Installers after having received written permission by the eduroam Operations team.</li> |
| 68 | 68 | </ul> |
@@ -19,7 +19,7 @@ discard block |
||
| 19 | 19 | * <base_url>/copyright.php after deploying the software |
| 20 | 20 | */ |
| 21 | 21 | |
| 22 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 22 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 23 | 23 | |
| 24 | 24 | $auth = new \web\lib\admin\Authentication(); |
| 25 | 25 | $deco = new \web\lib\admin\PageDecoration(); |
@@ -43,7 +43,7 @@ discard block |
||
| 43 | 43 | } |
| 44 | 44 | $profileToBeDel = $validator->existingProfile($_GET['profile_id'], $my_inst->identifier); |
| 45 | 45 | $profileToBeDel->destroy(); |
| 46 | - $loggerInstance->writeAudit($_SESSION['user'], "DEL", "Profile " . $profileToBeDel->identifier); |
|
| 46 | + $loggerInstance->writeAudit($_SESSION['user'], "DEL", "Profile ".$profileToBeDel->identifier); |
|
| 47 | 47 | header("Location: overview_org.php?inst_id=$my_inst->identifier"); |
| 48 | 48 | exit; |
| 49 | 49 | case web\lib\common\FormElements::BUTTON_SAVE: |
@@ -52,7 +52,7 @@ discard block |
||
| 52 | 52 | echo $deco->pageheader(sprintf(_("%s: Edit Profile - Result"), \config\Master::APPEARANCE['productname']), "ADMIN-IDP"); |
| 53 | 53 | } else { |
| 54 | 54 | $profile = $my_inst->newProfile(core\AbstractProfile::PROFILETYPE_RADIUS); |
| 55 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $my_inst->identifier . " - Profile created"); |
|
| 55 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP ".$my_inst->identifier." - Profile created"); |
|
| 56 | 56 | echo $deco->pageheader(sprintf(_("%s: Profile wizard (step 3 completed)"), \config\Master::APPEARANCE['productname']), "ADMIN-IDP"); |
| 57 | 57 | } |
| 58 | 58 | if (!$profile instanceof \core\ProfileRADIUS) { |
@@ -121,7 +121,7 @@ discard block |
||
| 121 | 121 | $uiElements = new web\lib\admin\UIElements(); |
| 122 | 122 | // set realm info, if submitted |
| 123 | 123 | if ($realm !== FALSE) { |
| 124 | - $profile->setRealm($anonLocal . "@" . $realm); |
|
| 124 | + $profile->setRealm($anonLocal."@".$realm); |
|
| 125 | 125 | echo $uiElements->boxOkay(sprintf(_("Realm: <strong>%s</strong>"), $realm)); |
| 126 | 126 | } else { |
| 127 | 127 | $profile->setRealm(""); |
@@ -147,7 +147,7 @@ discard block |
||
| 147 | 147 | echo $uiElements->boxError(_("Realm check username cannot be configured: realm is missing!")); |
| 148 | 148 | } else { |
| 149 | 149 | $profile->setRealmcheckUser(true, $checkuser_name); |
| 150 | - echo $uiElements->boxOkay(sprintf(_("Special username for realm check is <strong>%s</strong>, the value is <strong>%s</strong>"), _("ON"), $checkuser_name . "@" . $realm)); |
|
| 150 | + echo $uiElements->boxOkay(sprintf(_("Special username for realm check is <strong>%s</strong>, the value is <strong>%s</strong>"), _("ON"), $checkuser_name."@".$realm)); |
|
| 151 | 151 | } |
| 152 | 152 | } else { |
| 153 | 153 | $profile->setRealmCheckUser(false); |
@@ -159,12 +159,12 @@ discard block |
||
| 159 | 159 | $extratext = ""; |
| 160 | 160 | if (!empty($realm)) { |
| 161 | 161 | if ($hint !== FALSE) { |
| 162 | - $extratext = " " . sprintf(_("The realm portion MUST be exactly '...@%s'."), $realm); |
|
| 162 | + $extratext = " ".sprintf(_("The realm portion MUST be exactly '...@%s'."), $realm); |
|
| 163 | 163 | } else { |
| 164 | - $extratext = " " . sprintf(_("The realm portion MUST end with '%s' but sub-realms of it are allowed (i.e. 'user@%s' and 'user@<...>.%s' are both acceptable)."), $realm, $realm, $realm); |
|
| 164 | + $extratext = " ".sprintf(_("The realm portion MUST end with '%s' but sub-realms of it are allowed (i.e. 'user@%s' and 'user@<...>.%s' are both acceptable)."), $realm, $realm, $realm); |
|
| 165 | 165 | } |
| 166 | 166 | } |
| 167 | - echo $uiElements->boxOkay(_("Where possible, supplicants will verify that username inputs contain a syntactically correct realm.") . $extratext); |
|
| 167 | + echo $uiElements->boxOkay(_("Where possible, supplicants will verify that username inputs contain a syntactically correct realm.").$extratext); |
|
| 168 | 168 | } else { |
| 169 | 169 | $profile->setInputVerificationPreference(false, false); |
| 170 | 170 | } |
@@ -196,30 +196,30 @@ discard block |
||
| 196 | 196 | echo $uiElements->boxOkay(_("Redirection is <strong>OFF</strong>")); |
| 197 | 197 | } |
| 198 | 198 | |
| 199 | - $loggerInstance->writeAudit($_SESSION['user'], "MOD", "Profile " . $profile->identifier . " - attributes changed"); |
|
| 199 | + $loggerInstance->writeAudit($_SESSION['user'], "MOD", "Profile ".$profile->identifier." - attributes changed"); |
|
| 200 | 200 | // reload the profile to ingest new CA and server names if any; before checking EAP completeness |
| 201 | 201 | $reloadedProfileNr1 = \core\ProfileFactory::instantiate($profile->identifier); |
| 202 | 202 | foreach (\core\common\EAP::listKnownEAPTypes() as $a) { |
| 203 | 203 | if ($a->getIntegerRep() == \core\common\EAP::INTEGER_SILVERBULLET) { // do not allow adding silverbullet via the backdoor |
| 204 | 204 | continue; |
| 205 | 205 | } |
| 206 | - if (isset($_POST[$a->getPrintableRep()]) && isset($_POST[$a->getPrintableRep() . "-priority"]) && is_numeric($_POST[$a->getPrintableRep() . "-priority"])) { |
|
| 207 | - $priority = (int) $_POST[$a->getPrintableRep() . "-priority"]; |
|
| 206 | + if (isset($_POST[$a->getPrintableRep()]) && isset($_POST[$a->getPrintableRep()."-priority"]) && is_numeric($_POST[$a->getPrintableRep()."-priority"])) { |
|
| 207 | + $priority = (int) $_POST[$a->getPrintableRep()."-priority"]; |
|
| 208 | 208 | // add EAP type to profile as requested, but ... |
| 209 | 209 | $reloadedProfileNr1->addSupportedEapMethod($a, $priority); |
| 210 | - $loggerInstance->writeAudit($_SESSION['user'], "MOD", "Profile " . $reloadedProfileNr1->identifier . " - supported EAP types changed"); |
|
| 210 | + $loggerInstance->writeAudit($_SESSION['user'], "MOD", "Profile ".$reloadedProfileNr1->identifier." - supported EAP types changed"); |
|
| 211 | 211 | // see if we can enable the EAP type, or if info is missing |
| 212 | 212 | $eapcompleteness = $reloadedProfileNr1->isEapTypeDefinitionComplete($a); |
| 213 | 213 | if ($eapcompleteness === true) { |
| 214 | - echo $uiElements->boxOkay(_("Supported EAP Type: ") . "<strong>" . $a->getPrintableRep() . "</strong>"); |
|
| 214 | + echo $uiElements->boxOkay(_("Supported EAP Type: ")."<strong>".$a->getPrintableRep()."</strong>"); |
|
| 215 | 215 | } else { |
| 216 | 216 | $warntext = ""; |
| 217 | 217 | if (is_array($eapcompleteness)) { |
| 218 | 218 | foreach ($eapcompleteness as $item) { |
| 219 | - $warntext .= "<strong>" . $uiElements->displayName($item) . "</strong> "; |
|
| 219 | + $warntext .= "<strong>".$uiElements->displayName($item)."</strong> "; |
|
| 220 | 220 | } |
| 221 | 221 | } |
| 222 | - echo $uiElements->boxWarning(sprintf(_("Supported EAP Type: <strong>%s</strong> is missing required information %s !"), $a->getPrintableRep(), $warntext) . "<br/>" . _("The EAP type was added to the profile, but you need to complete the missing information before we can produce installers for you.")); |
|
| 222 | + echo $uiElements->boxWarning(sprintf(_("Supported EAP Type: <strong>%s</strong> is missing required information %s !"), $a->getPrintableRep(), $warntext)."<br/>"._("The EAP type was added to the profile, but you need to complete the missing information before we can produce installers for you.")); |
|
| 223 | 223 | } |
| 224 | 224 | } |
| 225 | 225 | } |
@@ -230,23 +230,23 @@ discard block |
||
| 230 | 230 | if (count($significantChanges) > 0) { |
| 231 | 231 | $myInstOriginal = new \core\IdP($profile->institution); |
| 232 | 232 | // send a notification/alert mail to someone we know is in charge |
| 233 | - $text = _("To whom it may concern,") . "\n\n"; |
|
| 233 | + $text = _("To whom it may concern,")."\n\n"; |
|
| 234 | 234 | /// were made to the *Identity Provider* *LU* / integer number of IdP / (previously known as) Name |
| 235 | - $text .= sprintf(_("significant changes were made to a RADIUS deployment profile of the %s %s / %s / '%s'."), $ui->nomenclatureIdP, strtoupper($myInstOriginal->federation), $myInstOriginal->identifier, $myInstOriginal->name) . "\n\n"; |
|
| 235 | + $text .= sprintf(_("significant changes were made to a RADIUS deployment profile of the %s %s / %s / '%s'."), $ui->nomenclatureIdP, strtoupper($myInstOriginal->federation), $myInstOriginal->identifier, $myInstOriginal->name)."\n\n"; |
|
| 236 | 236 | if (isset($significantChanges[\core\AbstractProfile::CA_CLASH_ADDED])) { |
| 237 | - $text .= _("WARNING! A new trusted root CA was added, and it has the exact same name as a previously existing root CA. This may (but does not necessarily) mean that this is an attempt to insert an unauthorised trust root by disguising as the genuine one. The details are below:") . "\n\n"; |
|
| 238 | - $text .= $significantChanges[\core\AbstractProfile::CA_CLASH_ADDED] . "\n\n"; |
|
| 237 | + $text .= _("WARNING! A new trusted root CA was added, and it has the exact same name as a previously existing root CA. This may (but does not necessarily) mean that this is an attempt to insert an unauthorised trust root by disguising as the genuine one. The details are below:")."\n\n"; |
|
| 238 | + $text .= $significantChanges[\core\AbstractProfile::CA_CLASH_ADDED]."\n\n"; |
|
| 239 | 239 | } |
| 240 | 240 | if (isset($significantChanges[\core\AbstractProfile::CA_ADDED])) { |
| 241 | - $text .= _("A new trusted root CA was added. The details are below:") . "\n\n"; |
|
| 242 | - $text .= $significantChanges[\core\AbstractProfile::CA_ADDED] . "\n\n"; |
|
| 241 | + $text .= _("A new trusted root CA was added. The details are below:")."\n\n"; |
|
| 242 | + $text .= $significantChanges[\core\AbstractProfile::CA_ADDED]."\n\n"; |
|
| 243 | 243 | } |
| 244 | 244 | if (isset($significantChanges[\core\AbstractProfile::SERVERNAME_ADDED])) { |
| 245 | - $text .= _("A new acceptable server name for the authentication server was added. The details are below:") . "\n\n"; |
|
| 246 | - $text .= $significantChanges[\core\AbstractProfile::SERVERNAME_ADDED] . "\n\n"; |
|
| 245 | + $text .= _("A new acceptable server name for the authentication server was added. The details are below:")."\n\n"; |
|
| 246 | + $text .= $significantChanges[\core\AbstractProfile::SERVERNAME_ADDED]."\n\n"; |
|
| 247 | 247 | } |
| 248 | - $text .= _("This mail is merely a cross-check because these changes can be security-relevant. If the change was expected, you do not need to take any action.") . "\n\n"; |
|
| 249 | - $text .= _("Greetings, ") . "\n\n" . \config\Master::APPEARANCE['productname_long']; |
|
| 248 | + $text .= _("This mail is merely a cross-check because these changes can be security-relevant. If the change was expected, you do not need to take any action.")."\n\n"; |
|
| 249 | + $text .= _("Greetings, ")."\n\n".\config\Master::APPEARANCE['productname_long']; |
|
| 250 | 250 | // (currently, send hard-wired to NRO - future: for linked insts, check eduroam DBv2 and send to registered admins directly) |
| 251 | 251 | $fed = new core\Federation($myInstOriginal->federation); |
| 252 | 252 | foreach ($fed->listFederationAdmins() as $id) { |
@@ -305,14 +305,14 @@ discard block |
||
| 305 | 305 | $oneHostOkay = FALSE; |
| 306 | 306 | $testCandidates = []; |
| 307 | 307 | foreach ($dnsChecks->NAPTR_hostname_records as $oneServer) { |
| 308 | - $testCandidates[$oneServer['hostname']][] = ($oneServer['family'] == "IPv4" ? $oneServer['IP'] : "[" . $oneServer['IP'] . "]") . ":" . $oneServer['port']; |
|
| 308 | + $testCandidates[$oneServer['hostname']][] = ($oneServer['family'] == "IPv4" ? $oneServer['IP'] : "[".$oneServer['IP']."]").":".$oneServer['port']; |
|
| 309 | 309 | } |
| 310 | 310 | foreach ($testCandidates as $oneHost => $listOfIPs) { |
| 311 | 311 | $connectionTests = new core\diag\RFC6614Tests(array_values($listOfIPs), $oneHost, "openroaming"); |
| 312 | 312 | // for now (no OpenRoaming client certs available) only run server-side tests |
| 313 | 313 | foreach ($listOfIPs as $oneIP) { |
| 314 | 314 | $connectionResult = $connectionTests->cApathCheck($oneIP); |
| 315 | - if ($connectionResult != core\diag\AbstractTest::RETVAL_OK || ( isset($connectionTests->TLS_CA_checks_result['cert_oddity']) && count($connectionTests->TLS_CA_checks_result['cert_oddity']) > 0)) { |
|
| 315 | + if ($connectionResult != core\diag\AbstractTest::RETVAL_OK || (isset($connectionTests->TLS_CA_checks_result['cert_oddity']) && count($connectionTests->TLS_CA_checks_result['cert_oddity']) > 0)) { |
|
| 316 | 316 | $allHostsOkay = FALSE; |
| 317 | 317 | } else { |
| 318 | 318 | $oneHostOkay = TRUE; |
@@ -349,7 +349,7 @@ discard block |
||
| 349 | 349 | <?php |
| 350 | 350 | if (count($reloadedProfileNr2->getEapMethodsinOrderOfPreference(1)) > 0) { |
| 351 | 351 | echo "<form method='post' action='overview_installers.php?inst_id=$my_inst->identifier&profile_id=$reloadedProfileNr2->identifier' accept-charset='UTF-8'> |
| 352 | - <button type='submit'>" . _("Continue to Installer Fine-Tuning and Download") . "</button> |
|
| 352 | + <button type='submit'>"._("Continue to Installer Fine-Tuning and Download")."</button> |
|
| 353 | 353 | </form>"; |
| 354 | 354 | } |
| 355 | 355 | echo $deco->footer(); |
@@ -98,98 +98,98 @@ |
||
| 98 | 98 | } |
| 99 | 99 | |
| 100 | 100 | switch ($operationMode) { |
| 101 | - case OPERATION_MODE_EDIT: |
|
| 102 | - $idp = $validator->existingIdP($_GET['inst_id']); |
|
| 103 | - // editing IdPs is done from within the popup. When we're done, send the |
|
| 104 | - // user back to the popup (append the result of the operation later) |
|
| 105 | - $redirectDestination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&"; |
|
| 106 | - if (count($validAddresses) == 0) { |
|
| 107 | - header("Location: $redirectDestination" . "invitation=INVALIDSYNTAX"); |
|
| 108 | - exit(1); |
|
| 109 | - } |
|
| 110 | - // is the user primary admin of this IdP? |
|
| 111 | - $is_owner = $idp->isPrimaryOwner($_SESSION['user']); |
|
| 112 | - // check if he is (also) federation admin for the federation this IdP is in. His invitations have more blessing then. |
|
| 113 | - $fedadmin = $userObject->isFederationAdmin($idp->federation); |
|
| 114 | - // check if he is either one, if not, complain |
|
| 115 | - if (!$is_owner && !$fedadmin) { |
|
| 116 | - echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureParticipant) . "</p>"; |
|
| 117 | - exit(1); |
|
| 118 | - } |
|
| 101 | + case OPERATION_MODE_EDIT: |
|
| 102 | + $idp = $validator->existingIdP($_GET['inst_id']); |
|
| 103 | + // editing IdPs is done from within the popup. When we're done, send the |
|
| 104 | + // user back to the popup (append the result of the operation later) |
|
| 105 | + $redirectDestination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&"; |
|
| 106 | + if (count($validAddresses) == 0) { |
|
| 107 | + header("Location: $redirectDestination" . "invitation=INVALIDSYNTAX"); |
|
| 108 | + exit(1); |
|
| 109 | + } |
|
| 110 | + // is the user primary admin of this IdP? |
|
| 111 | + $is_owner = $idp->isPrimaryOwner($_SESSION['user']); |
|
| 112 | + // check if he is (also) federation admin for the federation this IdP is in. His invitations have more blessing then. |
|
| 113 | + $fedadmin = $userObject->isFederationAdmin($idp->federation); |
|
| 114 | + // check if he is either one, if not, complain |
|
| 115 | + if (!$is_owner && !$fedadmin) { |
|
| 116 | + echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureParticipant) . "</p>"; |
|
| 117 | + exit(1); |
|
| 118 | + } |
|
| 119 | 119 | |
| 120 | - $prettyprintname = $idp->name; |
|
| 121 | - $newtokens = $mgmt->createTokens($fedadmin, $validAddresses, $idp); |
|
| 122 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . implode(",", $validAddresses)); |
|
| 123 | - $introtext = "CO-ADMIN"; |
|
| 124 | - $participant_type = $idp->type; |
|
| 125 | - break; |
|
| 126 | - case OPERATION_MODE_NEWUNLINKED: |
|
| 127 | - $redirectDestination = "../overview_federation.php?"; |
|
| 128 | - if (count($validAddresses) == 0) { |
|
| 129 | - header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 130 | - exit(1); |
|
| 131 | - } |
|
| 132 | - // run an input check and conversion of the raw inputs... just in case |
|
| 133 | - $newinstname = $validator->string($_POST['name']); |
|
| 134 | - $newcountry = $validator->string($_POST['country']); |
|
| 135 | - $participant_type = $validator->partType($_POST['participant_type']); |
|
| 136 | - $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry); |
|
| 137 | - if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 138 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 139 | - } |
|
| 140 | - $federation = $validator->existingFederation($newcountry); |
|
| 141 | - $prettyprintname = $newinstname; |
|
| 142 | - $introtext = "NEW-FED"; |
|
| 143 | - // send the user back to his federation overview page, append the result of the operation later |
|
| 144 | - // do the token creation magic |
|
| 145 | - $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $newinstname, 0, $newcountry, $participant_type); |
|
| 146 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE - Token created for $participant_type " . implode(",", $validAddresses)); |
|
| 147 | - break; |
|
| 148 | - case OPERATION_MODE_NEWFROMDB: |
|
| 149 | - $redirectDestination = "../overview_federation.php?"; |
|
| 150 | - if (count($validAddresses) == 0) { |
|
| 151 | - header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 152 | - exit(1); |
|
| 153 | - } |
|
| 154 | - // a real external DB entry was submitted and all the required parameters are there |
|
| 155 | - $newexternalid = $validator->string($_POST['externals']); |
|
| 156 | - $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid); |
|
| 157 | - $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']); |
|
| 158 | - if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 159 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 160 | - } |
|
| 161 | - $federation = $validator->existingFederation($extinfo['country']); |
|
| 162 | - $newcountry = $extinfo['country']; |
|
| 163 | - // see if the inst name is defined in the currently set language; if not, pick its English name; if N/A, pick the last in the list |
|
| 164 | - $prettyprintname = ""; |
|
| 165 | - foreach ($extinfo['names'] as $lang => $name) { |
|
| 166 | - if ($lang == $languageInstance->getLang()) { |
|
| 167 | - $prettyprintname = $name; |
|
| 120 | + $prettyprintname = $idp->name; |
|
| 121 | + $newtokens = $mgmt->createTokens($fedadmin, $validAddresses, $idp); |
|
| 122 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . implode(",", $validAddresses)); |
|
| 123 | + $introtext = "CO-ADMIN"; |
|
| 124 | + $participant_type = $idp->type; |
|
| 125 | + break; |
|
| 126 | + case OPERATION_MODE_NEWUNLINKED: |
|
| 127 | + $redirectDestination = "../overview_federation.php?"; |
|
| 128 | + if (count($validAddresses) == 0) { |
|
| 129 | + header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 130 | + exit(1); |
|
| 168 | 131 | } |
| 169 | - } |
|
| 170 | - if ($prettyprintname == "" && isset($extinfo['names']['en'])) { |
|
| 171 | - $prettyprintname = $extinfo['names']['en']; |
|
| 172 | - } |
|
| 173 | - if ($prettyprintname == "") { |
|
| 174 | - foreach ($extinfo['names'] as $name) { |
|
| 175 | - $prettyprintname = $name; |
|
| 132 | + // run an input check and conversion of the raw inputs... just in case |
|
| 133 | + $newinstname = $validator->string($_POST['name']); |
|
| 134 | + $newcountry = $validator->string($_POST['country']); |
|
| 135 | + $participant_type = $validator->partType($_POST['participant_type']); |
|
| 136 | + $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry); |
|
| 137 | + if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 138 | + throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 176 | 139 | } |
| 177 | - } |
|
| 178 | - $participant_type = $extinfo['type']; |
|
| 179 | - // fill the rest of the text |
|
| 180 | - $introtext = "EXISTING-FED"; |
|
| 181 | - // do the token creation magic |
|
| 182 | - $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $prettyprintname, $newexternalid); |
|
| 183 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . implode(",", $validAddresses)); |
|
| 184 | - break; |
|
| 185 | - default: // includes OPERATION_MODE_INVALID |
|
| 186 | - // second param is TRUE, so the variable *will* contain a string |
|
| 187 | - // i.e. ignore Scrutinizer type warning later |
|
| 188 | - $wrongcontent = print_r($_POST, TRUE); |
|
| 189 | - echo "<pre>Wrong parameters in POST: |
|
| 140 | + $federation = $validator->existingFederation($newcountry); |
|
| 141 | + $prettyprintname = $newinstname; |
|
| 142 | + $introtext = "NEW-FED"; |
|
| 143 | + // send the user back to his federation overview page, append the result of the operation later |
|
| 144 | + // do the token creation magic |
|
| 145 | + $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $newinstname, 0, $newcountry, $participant_type); |
|
| 146 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE - Token created for $participant_type " . implode(",", $validAddresses)); |
|
| 147 | + break; |
|
| 148 | + case OPERATION_MODE_NEWFROMDB: |
|
| 149 | + $redirectDestination = "../overview_federation.php?"; |
|
| 150 | + if (count($validAddresses) == 0) { |
|
| 151 | + header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 152 | + exit(1); |
|
| 153 | + } |
|
| 154 | + // a real external DB entry was submitted and all the required parameters are there |
|
| 155 | + $newexternalid = $validator->string($_POST['externals']); |
|
| 156 | + $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid); |
|
| 157 | + $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']); |
|
| 158 | + if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 159 | + throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 160 | + } |
|
| 161 | + $federation = $validator->existingFederation($extinfo['country']); |
|
| 162 | + $newcountry = $extinfo['country']; |
|
| 163 | + // see if the inst name is defined in the currently set language; if not, pick its English name; if N/A, pick the last in the list |
|
| 164 | + $prettyprintname = ""; |
|
| 165 | + foreach ($extinfo['names'] as $lang => $name) { |
|
| 166 | + if ($lang == $languageInstance->getLang()) { |
|
| 167 | + $prettyprintname = $name; |
|
| 168 | + } |
|
| 169 | + } |
|
| 170 | + if ($prettyprintname == "" && isset($extinfo['names']['en'])) { |
|
| 171 | + $prettyprintname = $extinfo['names']['en']; |
|
| 172 | + } |
|
| 173 | + if ($prettyprintname == "") { |
|
| 174 | + foreach ($extinfo['names'] as $name) { |
|
| 175 | + $prettyprintname = $name; |
|
| 176 | + } |
|
| 177 | + } |
|
| 178 | + $participant_type = $extinfo['type']; |
|
| 179 | + // fill the rest of the text |
|
| 180 | + $introtext = "EXISTING-FED"; |
|
| 181 | + // do the token creation magic |
|
| 182 | + $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $prettyprintname, $newexternalid); |
|
| 183 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . implode(",", $validAddresses)); |
|
| 184 | + break; |
|
| 185 | + default: // includes OPERATION_MODE_INVALID |
|
| 186 | + // second param is TRUE, so the variable *will* contain a string |
|
| 187 | + // i.e. ignore Scrutinizer type warning later |
|
| 188 | + $wrongcontent = print_r($_POST, TRUE); |
|
| 189 | + echo "<pre>Wrong parameters in POST: |
|
| 190 | 190 | " . htmlspecialchars(/** @scrutinizer ignore-type */ $wrongcontent) . " |
| 191 | 191 | </pre>"; |
| 192 | - exit(1); |
|
| 192 | + exit(1); |
|
| 193 | 193 | } |
| 194 | 194 | |
| 195 | 195 | // send, and invalidate the token immediately if the mail could not be sent! |
@@ -20,7 +20,7 @@ discard block |
||
| 20 | 20 | * <base_url>/copyright.php after deploying the software |
| 21 | 21 | */ |
| 22 | 22 | |
| 23 | -require_once dirname(dirname(dirname(__DIR__))) . "/config/_config.php"; |
|
| 23 | +require_once dirname(dirname(dirname(__DIR__)))."/config/_config.php"; |
|
| 24 | 24 | |
| 25 | 25 | $auth = new \web\lib\admin\Authentication(); |
| 26 | 26 | $auth->authenticate(); |
@@ -102,9 +102,9 @@ discard block |
||
| 102 | 102 | $idp = $validator->existingIdP($_GET['inst_id']); |
| 103 | 103 | // editing IdPs is done from within the popup. When we're done, send the |
| 104 | 104 | // user back to the popup (append the result of the operation later) |
| 105 | - $redirectDestination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&"; |
|
| 105 | + $redirectDestination = "manageAdmins.inc.php?inst_id=".$idp->identifier."&"; |
|
| 106 | 106 | if (count($validAddresses) == 0) { |
| 107 | - header("Location: $redirectDestination" . "invitation=INVALIDSYNTAX"); |
|
| 107 | + header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 108 | 108 | exit(1); |
| 109 | 109 | } |
| 110 | 110 | // is the user primary admin of this IdP? |
@@ -113,13 +113,13 @@ discard block |
||
| 113 | 113 | $fedadmin = $userObject->isFederationAdmin($idp->federation); |
| 114 | 114 | // check if he is either one, if not, complain |
| 115 | 115 | if (!$is_owner && !$fedadmin) { |
| 116 | - echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureParticipant) . "</p>"; |
|
| 116 | + echo "<p>".sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureParticipant)."</p>"; |
|
| 117 | 117 | exit(1); |
| 118 | 118 | } |
| 119 | 119 | |
| 120 | 120 | $prettyprintname = $idp->name; |
| 121 | 121 | $newtokens = $mgmt->createTokens($fedadmin, $validAddresses, $idp); |
| 122 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . implode(",", $validAddresses)); |
|
| 122 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP ".$idp->identifier." - Token created for ".implode(",", $validAddresses)); |
|
| 123 | 123 | $introtext = "CO-ADMIN"; |
| 124 | 124 | $participant_type = $idp->type; |
| 125 | 125 | break; |
@@ -135,7 +135,7 @@ discard block |
||
| 135 | 135 | $participant_type = $validator->partType($_POST['participant_type']); |
| 136 | 136 | $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry); |
| 137 | 137 | if ($new_idp_authorized_fedadmin !== TRUE) { |
| 138 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 138 | + throw new Exception("Something's wrong... you want to create a new ".$uiElements->nomenclatureParticipant.", but are not a ".$uiElements->nomenclatureFed." admin for the ".$uiElements->nomenclatureFed." it should be in!"); |
|
| 139 | 139 | } |
| 140 | 140 | $federation = $validator->existingFederation($newcountry); |
| 141 | 141 | $prettyprintname = $newinstname; |
@@ -143,7 +143,7 @@ discard block |
||
| 143 | 143 | // send the user back to his federation overview page, append the result of the operation later |
| 144 | 144 | // do the token creation magic |
| 145 | 145 | $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $newinstname, 0, $newcountry, $participant_type); |
| 146 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE - Token created for $participant_type " . implode(",", $validAddresses)); |
|
| 146 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE - Token created for $participant_type ".implode(",", $validAddresses)); |
|
| 147 | 147 | break; |
| 148 | 148 | case OPERATION_MODE_NEWFROMDB: |
| 149 | 149 | $redirectDestination = "../overview_federation.php?"; |
@@ -156,7 +156,7 @@ discard block |
||
| 156 | 156 | $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid); |
| 157 | 157 | $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']); |
| 158 | 158 | if ($new_idp_authorized_fedadmin !== TRUE) { |
| 159 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 159 | + throw new Exception("Something's wrong... you want to create a new ".$uiElements->nomenclatureParticipant.", but are not a ".$uiElements->nomenclatureFed." admin for the ".$uiElements->nomenclatureFed." it should be in!"); |
|
| 160 | 160 | } |
| 161 | 161 | $federation = $validator->existingFederation($extinfo['country']); |
| 162 | 162 | $newcountry = $extinfo['country']; |
@@ -180,14 +180,14 @@ discard block |
||
| 180 | 180 | $introtext = "EXISTING-FED"; |
| 181 | 181 | // do the token creation magic |
| 182 | 182 | $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $prettyprintname, $newexternalid); |
| 183 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . implode(",", $validAddresses)); |
|
| 183 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for ".implode(",", $validAddresses)); |
|
| 184 | 184 | break; |
| 185 | 185 | default: // includes OPERATION_MODE_INVALID |
| 186 | 186 | // second param is TRUE, so the variable *will* contain a string |
| 187 | 187 | // i.e. ignore Scrutinizer type warning later |
| 188 | 188 | $wrongcontent = print_r($_POST, TRUE); |
| 189 | 189 | echo "<pre>Wrong parameters in POST: |
| 190 | -" . htmlspecialchars(/** @scrutinizer ignore-type */ $wrongcontent) . " |
|
| 190 | +" . htmlspecialchars(/** @scrutinizer ignore-type */ $wrongcontent)." |
|
| 191 | 191 | </pre>"; |
| 192 | 192 | exit(1); |
| 193 | 193 | } |
@@ -212,14 +212,14 @@ discard block |
||
| 212 | 212 | } |
| 213 | 213 | |
| 214 | 214 | if (count($status) == 0) { |
| 215 | - header("Location: $redirectDestination" . "invitation=FAILURE"); |
|
| 215 | + header("Location: $redirectDestination"."invitation=FAILURE"); |
|
| 216 | 216 | exit; |
| 217 | 217 | } |
| 218 | 218 | $finalDestParams = "invitation=SUCCESS"; |
| 219 | 219 | if (count($status) < count($totalSegments)) { // only a subset of mails was sent, update status |
| 220 | 220 | $finalDestParams = "invitation=PARTIAL"; |
| 221 | 221 | } |
| 222 | -$finalDestParams .= "&successcount=" . count($status); |
|
| 222 | +$finalDestParams .= "&successcount=".count($status); |
|
| 223 | 223 | if ($allEncrypted === TRUE) { |
| 224 | 224 | $finalDestParams .= "&transportsecurity=ENCRYPTED"; |
| 225 | 225 | } elseif ($allClear === TRUE) { |
@@ -228,4 +228,4 @@ discard block |
||
| 228 | 228 | $finalDestParams .= "&transportsecurity=PARTIAL"; |
| 229 | 229 | } |
| 230 | 230 | |
| 231 | -header("Location: $redirectDestination" . $finalDestParams); |
|
| 231 | +header("Location: $redirectDestination".$finalDestParams); |
|
@@ -20,7 +20,7 @@ discard block |
||
| 20 | 20 | */ |
| 21 | 21 | ?> |
| 22 | 22 | <?php |
| 23 | -require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php"; |
|
| 23 | +require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php"; |
|
| 24 | 24 | |
| 25 | 25 | $auth = new \web\lib\admin\Authentication(); |
| 26 | 26 | $auth->authenticate(); |
@@ -35,7 +35,7 @@ discard block |
||
| 35 | 35 | |
| 36 | 36 | // if we have a pushed close button, submit attributes and send user back to the overview page |
| 37 | 37 | // if external DB sync is disabled globally, the user never gets to this page. If he came here *anyway* -> send him back immediately. |
| 38 | -if ((isset($_POST['submitbutton']) && $_POST['submitbutton'] == web\lib\common\FormElements::BUTTON_CLOSE ) || \config\Master::DB['enforce-external-sync'] == FALSE) { |
|
| 38 | +if ((isset($_POST['submitbutton']) && $_POST['submitbutton'] == web\lib\common\FormElements::BUTTON_CLOSE) || \config\Master::DB['enforce-external-sync'] == FALSE) { |
|
| 39 | 39 | header("Location: ../overview_federation.php"); |
| 40 | 40 | exit; |
| 41 | 41 | } |
@@ -92,9 +92,9 @@ discard block |
||
| 92 | 92 | $cat = new \core\CAT(); |
| 93 | 93 | switch ($my_inst->getExternalDBSyncState()) { |
| 94 | 94 | case \core\IdP::EXTERNAL_DB_SYNCSTATE_SYNCED: |
| 95 | - printf(_("This %s is linked to the %s database."), $uiElements->nomenclatureParticipant, \config\ConfAssistant::CONSORTIUM['display_name']) . "</p>"; |
|
| 96 | - echo "<p>" . sprintf(_("The following information about the IdP is stored in the %s DB and %s DB:"), \config\Master::APPEARANCE['productname'], \config\ConfAssistant::CONSORTIUM['display_name']) . "</p>"; |
|
| 97 | - echo "<table><tr><td>" . sprintf(_("Information in <strong>%s Database</strong>"), \config\Master::APPEARANCE['productname']) . "</td><td>" . sprintf(_("Information in <strong>%s Database</strong>"), \config\ConfAssistant::CONSORTIUM['display_name']) . "</td></tr>"; |
|
| 95 | + printf(_("This %s is linked to the %s database."), $uiElements->nomenclatureParticipant, \config\ConfAssistant::CONSORTIUM['display_name'])."</p>"; |
|
| 96 | + echo "<p>".sprintf(_("The following information about the IdP is stored in the %s DB and %s DB:"), \config\Master::APPEARANCE['productname'], \config\ConfAssistant::CONSORTIUM['display_name'])."</p>"; |
|
| 97 | + echo "<table><tr><td>".sprintf(_("Information in <strong>%s Database</strong>"), \config\Master::APPEARANCE['productname'])."</td><td>".sprintf(_("Information in <strong>%s Database</strong>"), \config\ConfAssistant::CONSORTIUM['display_name'])."</td></tr>"; |
|
| 98 | 98 | echo "<tr><td>"; |
| 99 | 99 | // left-hand side: CAT DB |
| 100 | 100 | echo "<table>"; |
@@ -106,7 +106,7 @@ discard block |
||
| 106 | 106 | } else { |
| 107 | 107 | $language = \config\Master::LANGUAGES[$name['lang']]['display'] ?? "(unsupported language)"; |
| 108 | 108 | } |
| 109 | - echo "<tr><td>" . sprintf(_("%s Name (%s)"), $uiElements->nomenclatureParticipant, $language) . "</td><td>" . $name['value'] . "</td></tr>"; |
|
| 109 | + echo "<tr><td>".sprintf(_("%s Name (%s)"), $uiElements->nomenclatureParticipant, $language)."</td><td>".$name['value']."</td></tr>"; |
|
| 110 | 110 | } |
| 111 | 111 | |
| 112 | 112 | $admins = $my_inst->listOwners(); |
@@ -117,7 +117,7 @@ discard block |
||
| 117 | 117 | if (count($username) == 0) { |
| 118 | 118 | $username[0]['value'] = _("Unnamed User"); |
| 119 | 119 | } |
| 120 | - echo "<tr><td>" . _("Administrator [invited as]") . "</td><td>" . $username[0]['value'] . " [" . $admin['MAIL'] . "]</td></tr>"; |
|
| 120 | + echo "<tr><td>"._("Administrator [invited as]")."</td><td>".$username[0]['value']." [".$admin['MAIL']."]</td></tr>"; |
|
| 121 | 121 | } |
| 122 | 122 | echo "</table>"; |
| 123 | 123 | // end of left-hand side |
@@ -125,38 +125,38 @@ discard block |
||
| 125 | 125 | // right-hand side: external DB |
| 126 | 126 | $externalid = $my_inst->getExternalDBId(); |
| 127 | 127 | if (is_bool($externalid)) { // we are in SYNCED state so this cannot happen |
| 128 | - throw new Exception("We are in SYNCSTATE_SYNCED but still there is no external DB Id available for the " . $uiElements->nomenclatureParticipant . "!"); |
|
| 128 | + throw new Exception("We are in SYNCSTATE_SYNCED but still there is no external DB Id available for the ".$uiElements->nomenclatureParticipant."!"); |
|
| 129 | 129 | } |
| 130 | 130 | |
| 131 | 131 | $extinfo = $cat->getExternalDBEntityDetails($externalid); |
| 132 | 132 | |
| 133 | 133 | echo "<table>"; |
| 134 | 134 | foreach ($extinfo['names'] as $lang => $name) { |
| 135 | - echo "<tr><td>" . sprintf(_("%s Name (%s)"), $uiElements->nomenclatureParticipant, $lang) . "</td><td>$name</td>"; |
|
| 135 | + echo "<tr><td>".sprintf(_("%s Name (%s)"), $uiElements->nomenclatureParticipant, $lang)."</td><td>$name</td>"; |
|
| 136 | 136 | } |
| 137 | 137 | foreach ($extinfo['admins'] as $number => $admin_details) { |
| 138 | - echo "<tr><td>" . _("Administrator email") . "</td><td>" . $admin_details['email'] . "</td></tr>"; |
|
| 138 | + echo "<tr><td>"._("Administrator email")."</td><td>".$admin_details['email']."</td></tr>"; |
|
| 139 | 139 | } |
| 140 | 140 | echo "</table>"; |
| 141 | 141 | // end of right-hand side |
| 142 | 142 | echo "</td></tr></table>"; |
| 143 | - echo "<p>" . _("If this mapping is not correct any more, you can remove the link:") . " "; |
|
| 143 | + echo "<p>"._("If this mapping is not correct any more, you can remove the link:")." "; |
|
| 144 | 144 | echo "<form name='form-unlink-inst' action='inc/manageDBLink.inc.php?inst_id=$my_inst->identifier' method='post' accept-charset='UTF-8'>"; |
| 145 | - echo "<button type='submit' class='delete' name='submitbutton' id='submit' value='" . web\lib\common\FormElements::BUTTON_DELETE . "'>" . _("Unlink") . "</button></form>"; |
|
| 145 | + echo "<button type='submit' class='delete' name='submitbutton' id='submit' value='".web\lib\common\FormElements::BUTTON_DELETE."'>"._("Unlink")."</button></form>"; |
|
| 146 | 146 | break; |
| 147 | 147 | case \core\IdP::EXTERNAL_DB_SYNCSTATE_NOT_SYNCED: |
| 148 | 148 | $temparray = []; |
| 149 | - printf(_("This %s is not yet linked to the %s database."), $uiElements->nomenclatureParticipant, \config\ConfAssistant::CONSORTIUM['display_name']) . " "; |
|
| 150 | - echo "<strong>" . _("This means that its profiles are not made available on the user download page.") . "</strong> "; |
|
| 149 | + printf(_("This %s is not yet linked to the %s database."), $uiElements->nomenclatureParticipant, \config\ConfAssistant::CONSORTIUM['display_name'])." "; |
|
| 150 | + echo "<strong>"._("This means that its profiles are not made available on the user download page.")."</strong> "; |
|
| 151 | 151 | printf(_("You can link it to the %s database below."), \config\ConfAssistant::CONSORTIUM['display_name']); |
| 152 | 152 | $candidates = $my_inst->getExternalDBSyncCandidates($my_inst->type); |
| 153 | 153 | echo "<br/><form name='form-link-inst' action='inc/manageDBLink.inc.php?inst_id=$my_inst->identifier' method='post' accept-charset='UTF-8'>"; |
| 154 | - printf(_("Please select an entity from the %s DB which corresponds to this CAT %s."), \config\ConfAssistant::CONSORTIUM['display_name'], $uiElements->nomenclatureParticipant) . " "; |
|
| 154 | + printf(_("Please select an entity from the %s DB which corresponds to this CAT %s."), \config\ConfAssistant::CONSORTIUM['display_name'], $uiElements->nomenclatureParticipant)." "; |
|
| 155 | 155 | if (count($candidates) > 0) { |
| 156 | 156 | printf(_("Particularly promising entries (names in CAT and %s DB are a 100%% match) are on top of the list."), \config\ConfAssistant::CONSORTIUM['display_name']); |
| 157 | 157 | } |
| 158 | 158 | echo "<table>"; |
| 159 | - echo "<tr><th>" . _("Link to this entity?") . "</th><th>" . sprintf(_("%s Name"), $uiElements->nomenclatureParticipant) . "</th><th>" . _("Administrators") . "</th></tr>"; |
|
| 159 | + echo "<tr><th>"._("Link to this entity?")."</th><th>".sprintf(_("%s Name"), $uiElements->nomenclatureParticipant)."</th><th>"._("Administrators")."</th></tr>"; |
|
| 160 | 160 | |
| 161 | 161 | foreach ($candidates as $candidate) { |
| 162 | 162 | $info = $cat->getExternalDBEntityDetails($candidate); |
@@ -166,7 +166,7 @@ discard block |
||
| 166 | 166 | } |
| 167 | 167 | echo "</td><td>"; |
| 168 | 168 | foreach ($info['admins'] as $number => $admin_details) { |
| 169 | - echo "[E-Mail] " . $admin_details['email'] . "<br/>"; |
|
| 169 | + echo "[E-Mail] ".$admin_details['email']."<br/>"; |
|
| 170 | 170 | } |
| 171 | 171 | echo "</td></tr>"; |
| 172 | 172 | $temparray[] = $candidate; |
@@ -178,7 +178,7 @@ discard block |
||
| 178 | 178 | $buffer = ""; |
| 179 | 179 | |
| 180 | 180 | foreach ($unmappedentities as $v) { |
| 181 | - $buffer .= "<option value='" . $v['ID'] . "'>[ID " . $v['ID'] . "] " . $v['name'] . "</option>"; |
|
| 181 | + $buffer .= "<option value='".$v['ID']."'>[ID ".$v['ID']."] ".$v['name']."</option>"; |
|
| 182 | 182 | } |
| 183 | 183 | |
| 184 | 184 | if ($buffer != "") { |
@@ -189,9 +189,9 @@ discard block |
||
| 189 | 189 | } |
| 190 | 190 | // issue a big red warning if there are no link candidates at all in the federation |
| 191 | 191 | if (empty($buffer) && empty($candidates)) { |
| 192 | - echo "<tr><td style='color:#ff0000' colspan='2'>" . sprintf(_('There is no single unmapped %s in the external database for this %s!'), $uiElements->nomenclatureParticipant, $uiElements->nomenclatureFed) . "</td></tr>"; |
|
| 192 | + echo "<tr><td style='color:#ff0000' colspan='2'>".sprintf(_('There is no single unmapped %s in the external database for this %s!'), $uiElements->nomenclatureParticipant, $uiElements->nomenclatureFed)."</td></tr>"; |
|
| 193 | 193 | } |
| 194 | - echo "</table><button type='submit' name='submitbutton' id='submit' value='" . web\lib\common\FormElements::BUTTON_SAVE . "' disabled >" . _("Create Link") . "</button></form>"; |
|
| 194 | + echo "</table><button type='submit' name='submitbutton' id='submit' value='".web\lib\common\FormElements::BUTTON_SAVE."' disabled >"._("Create Link")."</button></form>"; |
|
| 195 | 195 | break; |
| 196 | 196 | default: |
| 197 | 197 | } |
