GEANT /
CAT
@@ -137,7 +137,7 @@ discard block |
||
| 137 | 137 | sprintf(_("In this section, you define on which media %s should be configured on user devices."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) . "</p> |
| 138 | 138 | <ul>"; |
| 139 | 139 | echo "<li>"; |
| 140 | - echo "<strong>" . ( count(CONFIG_CONFASSISTANT['CONSORTIUM']['ssid']) > 0 ? _("Additional SSIDs:") : _("SSIDs:")) . " </strong>"; |
|
| 140 | + echo "<strong>" . (count(CONFIG_CONFASSISTANT['CONSORTIUM']['ssid']) > 0 ? _("Additional SSIDs:") : _("SSIDs:")) . " </strong>"; |
|
| 141 | 141 | if (count(CONFIG_CONFASSISTANT['CONSORTIUM']['ssid']) > 0) { |
| 142 | 142 | $ssidlist = ""; |
| 143 | 143 | foreach (CONFIG_CONFASSISTANT['CONSORTIUM']['ssid'] as $ssid) { |
@@ -156,7 +156,7 @@ discard block |
||
| 156 | 156 | echo "</li>"; |
| 157 | 157 | |
| 158 | 158 | echo "<li>"; |
| 159 | - echo "<strong>" . ( count(CONFIG_CONFASSISTANT['CONSORTIUM']['ssid']) > 0 ? _("Additional Hotspot 2.0 / Passpoint Consortia:") : _("Hotspot 2.0 / Passpoint Consortia:")) . " </strong>"; |
|
| 159 | + echo "<strong>" . (count(CONFIG_CONFASSISTANT['CONSORTIUM']['ssid']) > 0 ? _("Additional Hotspot 2.0 / Passpoint Consortia:") : _("Hotspot 2.0 / Passpoint Consortia:")) . " </strong>"; |
|
| 160 | 160 | if (count(CONFIG_CONFASSISTANT['CONSORTIUM']['interworking-consortium-oi']) > 0) { |
| 161 | 161 | $consortiumlist = ""; |
| 162 | 162 | foreach (CONFIG_CONFASSISTANT['CONSORTIUM']['interworking-consortium-oi'] as $oi) { |
@@ -186,7 +186,7 @@ discard block |
||
| 186 | 186 | <legend><strong><?php echo _("Helpdesk Details for all users"); ?></strong></legend> |
| 187 | 187 | <?php |
| 188 | 188 | if ($wizardStyle) { |
| 189 | - echo "<p>"._("This section can be used to upload specific Terms of Use for your users and to display details of how your users can reach your local helpdesk.")."</p>"; |
|
| 189 | + echo "<p>" . _("This section can be used to upload specific Terms of Use for your users and to display details of how your users can reach your local helpdesk.") . "</p>"; |
|
| 190 | 190 | |
| 191 | 191 | if (CONFIG['FUNCTIONALITY_LOCATIONS']['CONFASSISTANT_RADIUS'] == "LOCAL") { |
| 192 | 192 | echo "<p>" . |
@@ -194,10 +194,10 @@ discard block |
||
| 194 | 194 | "<p>" . |
| 195 | 195 | _("If you enter a value here, it will be added to the installers for all your users, and will be displayed on the download page. If you operate separate helpdesks for different user groups (we call this 'profiles'), or operate no help desk at all, you can also leave any of these fields empty and optionally specify per-profile helpdesk information later in this wizard.") . "</p>"; |
| 196 | 196 | if (CONFIG['FUNCTIONALITY_LOCATIONS']['CONFASSISTANT_SILVERBULLET'] == "LOCAL") { |
| 197 | - echo "<p>" . sprintf(_("For %s deployments, providing at least a local e-mail contact is required."), core\ProfileSilverbullet::PRODUCTNAME) ." " . _("This is the contact point for your end users' level 1 support.") . "</p>"; |
|
| 197 | + echo "<p>" . sprintf(_("For %s deployments, providing at least a local e-mail contact is required."), core\ProfileSilverbullet::PRODUCTNAME) . " " . _("This is the contact point for your end users' level 1 support.") . "</p>"; |
|
| 198 | 198 | } |
| 199 | 199 | } elseif (CONFIG['FUNCTIONALITY_LOCATIONS']['CONFASSISTANT_SILVERBULLET'] == "LOCAL") { |
| 200 | - echo "<p>". _("Providing at least a local support e-mail contact is required.")." "._("This is the contact point for your end users' level 1 support.")."</p>"; |
|
| 200 | + echo "<p>" . _("Providing at least a local support e-mail contact is required.") . " " . _("This is the contact point for your end users' level 1 support.") . "</p>"; |
|
| 201 | 201 | } |
| 202 | 202 | |
| 203 | 203 | } |
@@ -94,7 +94,7 @@ |
||
| 94 | 94 | |
| 95 | 95 | /* load sub-configs if we are dealing with those in this installation */ |
| 96 | 96 | |
| 97 | -if (CONFIG['FUNCTIONALITY_LOCATIONS']['CONFASSISTANT_SILVERBULLET'] == 'LOCAL' || CONFIG['FUNCTIONALITY_LOCATIONS']['CONFASSISTANT_RADIUS'] == 'LOCAL' ) { |
|
| 97 | +if (CONFIG['FUNCTIONALITY_LOCATIONS']['CONFASSISTANT_SILVERBULLET'] == 'LOCAL' || CONFIG['FUNCTIONALITY_LOCATIONS']['CONFASSISTANT_RADIUS'] == 'LOCAL') { |
|
| 98 | 98 | include(ROOT . "/config/config-confassistant.php"); |
| 99 | 99 | } |
| 100 | 100 | |
@@ -56,7 +56,7 @@ discard block |
||
| 56 | 56 | <div class='infobox' style='text-align:center;'> |
| 57 | 57 | <h2><?php echo sprintf(_("QR Code for %s download area"), $uiElements->nomenclature_inst); ?></h2> |
| 58 | 58 | <?php |
| 59 | - $displayurl = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier; |
|
| 59 | + $displayurl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier; |
|
| 60 | 60 | $uri = "data:image/png;base64," . base64_encode($uiElements->pngInjectConsortiumLogo(QRcode::png($displayurl, FALSE, QR_ECLEVEL_Q, QRCODE_PIXELS_PER_SYMBOL), QRCODE_PIXELS_PER_SYMBOL)); |
| 61 | 61 | $size = getimagesize($uri); |
| 62 | 62 | echo "<img width='" . ($size[0] / 4) . "' height='" . ($size[1] / 4) . "' src='$uri' alt='QR-code'/>"; |
@@ -89,7 +89,7 @@ discard block |
||
| 89 | 89 | </td> |
| 90 | 90 | <td> |
| 91 | 91 | <form action='edit_idp_result.php?inst_id=<?php echo $my_inst->identifier; ?>' method='post' accept-charset='UTF-8'> |
| 92 | - <button class='delete' type='submit' name='submitbutton' value='<?php echo web\lib\common\FormElements::BUTTON_DELETE; ?>' onclick="return confirm('<?php echo ( CONFIG_CONFASSISTANT['CONSORTIUM']['selfservice_registration'] === NULL ? sprintf(_("After deleting the IdP, you can not recreate it yourself - you need a new invitation token from the %s administrator!"), $uiElements->nomenclature_fed) . " " : "" ) . sprintf(_("Do you really want to delete your %s %s?"), $uiElements->nomenclature_inst, $my_inst->name); ?>')"><?php echo sprintf(_("Delete %s"), $uiElements->nomenclature_inst); ?></button> |
|
| 92 | + <button class='delete' type='submit' name='submitbutton' value='<?php echo web\lib\common\FormElements::BUTTON_DELETE; ?>' onclick="return confirm('<?php echo (CONFIG_CONFASSISTANT['CONSORTIUM']['selfservice_registration'] === NULL ? sprintf(_("After deleting the IdP, you can not recreate it yourself - you need a new invitation token from the %s administrator!"), $uiElements->nomenclature_fed) . " " : "") . sprintf(_("Do you really want to delete your %s %s?"), $uiElements->nomenclature_inst, $my_inst->name); ?>')"><?php echo sprintf(_("Delete %s"), $uiElements->nomenclature_inst); ?></button> |
|
| 93 | 93 | </form> |
| 94 | 94 | |
| 95 | 95 | </td> |
@@ -167,7 +167,7 @@ discard block |
||
| 167 | 167 | <br/> |
| 168 | 168 | <br/> |
| 169 | 169 | <form action='edit_silverbullet.php?inst_id=<?php echo $my_inst->identifier; ?>&profile_id=<?php echo $profile_list->identifier; ?>' method='POST'> |
| 170 | - <button <?php echo ( is_array($completeness) ? "disabled" : "" ); ?> type='submit' name='sb_action' value='sb_edit'><?php echo _("Manage User Base"); ?></button> |
|
| 170 | + <button <?php echo (is_array($completeness) ? "disabled" : ""); ?> type='submit' name='sb_action' value='sb_edit'><?php echo _("Manage User Base"); ?></button> |
|
| 171 | 171 | </form> |
| 172 | 172 | </div> |
| 173 | 173 | |
@@ -302,7 +302,7 @@ discard block |
||
| 302 | 302 | if (isset($URL['device-specific:redirect'])) { |
| 303 | 303 | $displayurl = $URL['device-specific:redirect'][0]; |
| 304 | 304 | } else { |
| 305 | - $displayurl = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier . "&profile=" . $profile_list->identifier; |
|
| 305 | + $displayurl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier . "&profile=" . $profile_list->identifier; |
|
| 306 | 306 | } |
| 307 | 307 | echo "<a href='$displayurl' style='white-space: nowrap; text-align: center;'>"; |
| 308 | 308 | $uri = "data:image/png;base64," . base64_encode($uiElements->pngInjectConsortiumLogo(QRcode::png($displayurl, FALSE, QR_ECLEVEL_Q, QRCODE_PIXELS_PER_SYMBOL), QRCODE_PIXELS_PER_SYMBOL)); |
@@ -12,7 +12,7 @@ discard block |
||
| 12 | 12 | * @author Zilvinas Vaira |
| 13 | 13 | * |
| 14 | 14 | */ |
| 15 | -class SendTokenByEmail extends AbstractInvokerCommand{ |
|
| 15 | +class SendTokenByEmail extends AbstractInvokerCommand { |
|
| 16 | 16 | |
| 17 | 17 | const COMMAND = "sendtokenbyemail"; |
| 18 | 18 | |
@@ -39,7 +39,7 @@ discard block |
||
| 39 | 39 | * @param string $commandToken |
| 40 | 40 | * @param SilverbulletContext $context |
| 41 | 41 | */ |
| 42 | - public function __construct($commandToken, $context){ |
|
| 42 | + public function __construct($commandToken, $context) { |
|
| 43 | 43 | parent::__construct($commandToken, $context); |
| 44 | 44 | $this->mail = OutsideComm::mailHandle(); |
| 45 | 45 | $this->detailsCommand = new GetTokenEmailDetails(GetTokenEmailDetails::COMMAND, $context); |
@@ -52,7 +52,7 @@ discard block |
||
| 52 | 52 | * @see \web\lib\admin\http\AbstractCommand::execute() |
| 53 | 53 | */ |
| 54 | 54 | public function execute() { |
| 55 | - if(isset($_POST[GetTokenEmailDetails::PARAM_TOKENLINK]) && isset($_POST[ValidateEmailAddress::PARAM_ADDRESS])){ |
|
| 55 | + if (isset($_POST[GetTokenEmailDetails::PARAM_TOKENLINK]) && isset($_POST[ValidateEmailAddress::PARAM_ADDRESS])) { |
|
| 56 | 56 | |
| 57 | 57 | $invitationToken = $this->parseString($_POST[GetTokenEmailDetails::PARAM_TOKENLINK]); |
| 58 | 58 | $address = $this->parseString($_POST[ValidateEmailAddress::PARAM_ADDRESS]); |
@@ -61,11 +61,11 @@ discard block |
||
| 61 | 61 | $this->mail->FromName = sprintf(_("%s Invitation System"), CONFIG['APPEARANCE']['productname']); |
| 62 | 62 | $this->mail->Subject = $this->detailsCommand->getSubject(); |
| 63 | 63 | $this->mail->Body = $this->detailsCommand->getBody($invitationToken); |
| 64 | - $bytestream = $uiElements->pngInjectConsortiumLogo(\QRcode::png($invitationToken, FALSE, QR_ECLEVEL_Q, 12),12); |
|
| 64 | + $bytestream = $uiElements->pngInjectConsortiumLogo(\QRcode::png($invitationToken, FALSE, QR_ECLEVEL_Q, 12), 12); |
|
| 65 | 65 | $this->mail->addStringAttachment($bytestream, "qr-code-invitation.png", "base64", "image/png"); |
| 66 | 66 | |
| 67 | 67 | $this->mail->addAddress($address); |
| 68 | - if($this->mail->send()) { |
|
| 68 | + if ($this->mail->send()) { |
|
| 69 | 69 | $this->storeInfoMessage(sprintf(_("Email message has been sent successfuly to '%s'!"), $address)); |
| 70 | 70 | } else { |
| 71 | 71 | $this->storeErrorMessage(sprintf(_("Email message could not be sent to '%s'. Mailer error: '%s'."), $address, $this->mail->ErrorInfo)); |
@@ -11,7 +11,7 @@ discard block |
||
| 11 | 11 | * @author Zilvinas Vaira |
| 12 | 12 | * |
| 13 | 13 | */ |
| 14 | -class GetTokenEmailDetails extends AbstractAjaxCommand{ |
|
| 14 | +class GetTokenEmailDetails extends AbstractAjaxCommand { |
|
| 15 | 15 | |
| 16 | 16 | const COMMAND = "gettokenemaildetails"; |
| 17 | 17 | const PARAM_TOKENLINK = "tokenlink"; |
@@ -25,16 +25,16 @@ discard block |
||
| 25 | 25 | * @param string $commandToken |
| 26 | 26 | * @param DefaultContext $context |
| 27 | 27 | */ |
| 28 | - public function __construct($commandToken, $context){ |
|
| 28 | + public function __construct($commandToken, $context) { |
|
| 29 | 29 | parent::__construct($commandToken, $context); |
| 30 | 30 | $this->subject = sprintf(_("Your %s access is ready"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']); |
| 31 | - $this->body = _("Hello!"); |
|
| 31 | + $this->body = _("Hello!"); |
|
| 32 | 32 | $this->body .= "\n\n"; |
| 33 | - $this->body .= sprintf(_("A new %s access credential has been created for you by your network administrator."),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']); |
|
| 33 | + $this->body .= sprintf(_("A new %s access credential has been created for you by your network administrator."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']); |
|
| 34 | 34 | $this->body .= " "; |
| 35 | 35 | $this->body .= sprintf(_("Please follow the following link with the device you want to enable for %s to get a custom %s installation program just for you. You can click on the link, copy and paste it into a browser or scan the attached QR code."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']); |
| 36 | 36 | $this->body .= "\n\n%s\n\n"; // gets replaced with the token value by getBody() |
| 37 | - $this->body .= sprintf(_("Please keep this email or bookmark this link for future use. After picking up your %s installation program, you can use the same link to get status information about your %s account."),CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']); |
|
| 37 | + $this->body .= sprintf(_("Please keep this email or bookmark this link for future use. After picking up your %s installation program, you can use the same link to get status information about your %s account."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']); |
|
| 38 | 38 | $this->body .= "\n\n"; |
| 39 | 39 | $this->body .= _("Regards,"); |
| 40 | 40 | $this->body .= "\n\n"; |
@@ -45,7 +45,7 @@ discard block |
||
| 45 | 45 | * |
| 46 | 46 | * @return string |
| 47 | 47 | */ |
| 48 | - public function getSubject(){ |
|
| 48 | + public function getSubject() { |
|
| 49 | 49 | return $this->subject; |
| 50 | 50 | } |
| 51 | 51 | |
@@ -54,7 +54,7 @@ discard block |
||
| 54 | 54 | * @param string $invitationToken |
| 55 | 55 | * @return string |
| 56 | 56 | */ |
| 57 | - public function getBody($invitationToken){ |
|
| 57 | + public function getBody($invitationToken) { |
|
| 58 | 58 | return sprintf($this->body, $invitationToken); |
| 59 | 59 | } |
| 60 | 60 | |
@@ -64,7 +64,7 @@ discard block |
||
| 64 | 64 | * @see \web\lib\admin\http\AbstractCommand::execute() |
| 65 | 65 | */ |
| 66 | 66 | public function execute() { |
| 67 | - if(isset($_POST[self::PARAM_TOKENLINK])){ |
|
| 67 | + if (isset($_POST[self::PARAM_TOKENLINK])) { |
|
| 68 | 68 | |
| 69 | 69 | $invitationToken = $this->parseString($_POST[self::PARAM_TOKENLINK]); |
| 70 | 70 | |
@@ -72,7 +72,7 @@ discard block |
||
| 72 | 72 | |
| 73 | 73 | $tokenTag = new Tag('email'); |
| 74 | 74 | $tokenTag->addAttribute('subject', $this->getSubject()); |
| 75 | - $bytestream = $uiELements->pngInjectConsortiumLogo(\QRcode::png($invitationToken, FALSE, QR_ECLEVEL_Q, 12),12); |
|
| 75 | + $bytestream = $uiELements->pngInjectConsortiumLogo(\QRcode::png($invitationToken, FALSE, QR_ECLEVEL_Q, 12), 12); |
|
| 76 | 76 | $tokenTag->addAttribute('image', "data:image/png;base64," . base64_encode($bytestream)); |
| 77 | 77 | $tokenTag->addText($this->getBody($invitationToken)); |
| 78 | 78 | |
@@ -185,7 +185,6 @@ |
||
| 185 | 185 | * - RETVAL_NOTCONFIGURED; needs CONFIG_DIAGNOSTICS['RADIUSTESTS']['TLS-discoverytag'] |
| 186 | 186 | * - RETVAL_INVALID (at least one format error) |
| 187 | 187 | * - RETVAL_OK (all fine) |
| 188 | - |
|
| 189 | 188 | * @return int one of two RETVALs above |
| 190 | 189 | */ |
| 191 | 190 | public function relevantNAPTRcompliance() { |
@@ -52,6 +52,9 @@ discard block |
||
| 52 | 52 | */ |
| 53 | 53 | const PRODUCTNAME = "Managed IdP"; |
| 54 | 54 | |
| 55 | + /** |
|
| 56 | + * @param integer $length |
|
| 57 | + */ |
|
| 55 | 58 | public static function randomString( |
| 56 | 59 | $length, $keyspace = '23456789abcdefghijkmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ' |
| 57 | 60 | ) { |
@@ -183,6 +186,7 @@ discard block |
||
| 183 | 186 | /** |
| 184 | 187 | * create a CSR |
| 185 | 188 | * |
| 189 | + * @param resource $privateKey |
|
| 186 | 190 | * @return |
| 187 | 191 | */ |
| 188 | 192 | private function generateCsr($privateKey) { |
@@ -221,6 +225,7 @@ discard block |
||
| 221 | 225 | * take a CSR and sign it with our issuing CA's certificate |
| 222 | 226 | * |
| 223 | 227 | * @param $csr the CSR |
| 228 | + * @param integer $expiryDays |
|
| 224 | 229 | */ |
| 225 | 230 | private function signCsr($csr, $expiryDays) { |
| 226 | 231 | switch (CONFIG_CONFASSISTANT['SILVERBULLET']['CA']['type']) { |
@@ -140,27 +140,27 @@ discard block |
||
| 140 | 140 | $this->loggerInstance->debug(3, "--- END Constructing new Profile object ... ---\n"); |
| 141 | 141 | |
| 142 | 142 | $this->termsAndConditions = "<h2>Product Definition</h2> |
| 143 | - <p>". \core\ProfileSilverbullet::PRODUCTNAME." outsources the technical setup of ".CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] ." ".CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution']." functions to the " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] . " Operations Team. The system includes</p> |
|
| 143 | + <p>". \core\ProfileSilverbullet::PRODUCTNAME . " outsources the technical setup of " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] . " " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . " functions to the " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] . " Operations Team. The system includes</p> |
|
| 144 | 144 | <ul> |
| 145 | 145 | <li>a web-based user management interface where user accounts and access credentials can be created and revoked (there is a limit to the number of active users)</li> |
| 146 | 146 | <li>a technical infrastructure ('CA') which issues and revokes credentials</li> |
| 147 | - <li>a technical infrastructure ('RADIUS') which verifies access credentials and subsequently grants access to " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] ."</li> |
|
| 147 | + <li>a technical infrastructure ('RADIUS') which verifies access credentials and subsequently grants access to " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] . "</li> |
|
| 148 | 148 | <li><span style='color: red;'>TBD: a lookup/notification system which informs you of network abuse complaints by " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] . " Service Providers that pertain to your users</span></li> |
| 149 | 149 | </ul> |
| 150 | 150 | <h2>User Account Liability</h2> |
| 151 | - <p>As an " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] ." ".CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] ." administrator using this system, you are authorized to create user accounts according to your local " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . " policy. You are fully responsible for the accounts you issue and are the data controller for all user information you deposit in this system; the system is a data processor.</p>"; |
|
| 151 | + <p>As an " . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] . " " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . " administrator using this system, you are authorized to create user accounts according to your local " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . " policy. You are fully responsible for the accounts you issue and are the data controller for all user information you deposit in this system; the system is a data processor.</p>"; |
|
| 152 | 152 | $this->termsAndConditions .= "<p>Your responsibilities include that you</p> |
| 153 | 153 | <ul> |
| 154 | 154 | <li>only issue accounts to members of your " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . ", as defined by your local policy.</li> |
| 155 | 155 | <li>must make sure that all accounts that you issue can be linked by you to actual human end users</li> |
| 156 | - <li>have to immediately revoke accounts of users when they leave or otherwise stop being a member of your " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] ."</li> |
|
| 156 | + <li>have to immediately revoke accounts of users when they leave or otherwise stop being a member of your " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . "</li> |
|
| 157 | 157 | <li>will act upon notifications about possible network abuse by your users and will appropriately sanction them</li> |
| 158 | 158 | </ul> |
| 159 | 159 | <p>"; |
| 160 | - $this->termsAndConditions .= "Failure to comply with these requirements may make your ".CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_federation']." act on your behalf, which you authorise, and will ultimately lead to the deletion of your " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . " (and all the users you create inside) in this system."; |
|
| 160 | + $this->termsAndConditions .= "Failure to comply with these requirements may make your " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_federation'] . " act on your behalf, which you authorise, and will ultimately lead to the deletion of your " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . " (and all the users you create inside) in this system."; |
|
| 161 | 161 | $this->termsAndConditions .= "</p> |
| 162 | 162 | <h2>Privacy</h2> |
| 163 | - <p>With " . \core\ProfileSilverbullet::PRODUCTNAME .", we are necessarily storing personally identifiable information about the end users you create. While the actual human is only identifiable with your help, we consider all the user data as relevant in terms of privacy jurisdiction. Please note that</p> |
|
| 163 | + <p>With " . \core\ProfileSilverbullet::PRODUCTNAME . ", we are necessarily storing personally identifiable information about the end users you create. While the actual human is only identifiable with your help, we consider all the user data as relevant in terms of privacy jurisdiction. Please note that</p> |
|
| 164 | 164 | <ul> |
| 165 | 165 | <li>You are the only one who needs to be able to make a link to the human behind the usernames you create. The usernames you create in the system have to be rich enough to allow you to make that identification step. Also consider situations when you are unavailable or leave the organisation and someone else needs to perform the matching to an individual.</li> |
| 166 | 166 | <li>The identifiers we create in the credentials are not linked to the usernames you add to the system; they are randomly generated pseudonyms.</li> |
@@ -541,7 +541,7 @@ discard block |
||
| 541 | 541 | if (!$invitationsResult || $invitationsResult->num_rows == 0) { |
| 542 | 542 | $loggerInstance->debug(2, "Token $tokenvalue not found in database or database query error!\n"); |
| 543 | 543 | return ["status" => self::SB_TOKENSTATUS_INVALID, |
| 544 | - "cert_status" => [],]; |
|
| 544 | + "cert_status" => [], ]; |
|
| 545 | 545 | } |
| 546 | 546 | // if not returned, we found the token in the DB |
| 547 | 547 | $invitationRow = mysqli_fetch_object($invitationsResult); |
@@ -279,7 +279,7 @@ discard block |
||
| 279 | 279 | </td> |
| 280 | 280 | <td> |
| 281 | 281 | <input type='checkbox' <?php |
| 282 | - echo ($verify != FALSE ? "checked" : "" ); |
|
| 282 | + echo ($verify != FALSE ? "checked" : ""); |
|
| 283 | 283 | ?> name='verify_support' onclick=' |
| 284 | 284 | if (this.form.elements["verify_support"].checked !== true || this.form.elements["realm"].value.length == 0) { |
| 285 | 285 | this.form.elements["hint_support"].setAttribute("disabled", "disabled"); |
@@ -287,48 +287,48 @@ discard block |
||
| 287 | 287 | this.form.elements["hint_support"].removeAttribute("disabled"); |
| 288 | 288 | } |
| 289 | 289 | ;'/> |
| 290 | - <span id='hint_label' style='<?php echo ($realm == "" ? "color:#999999" : "" ); ?>'> |
|
| 290 | + <span id='hint_label' style='<?php echo ($realm == "" ? "color:#999999" : ""); ?>'> |
|
| 291 | 291 | <?php echo _("Prefill user input with realm suffix:"); ?> |
| 292 | 292 | </span> |
| 293 | - <input type='checkbox' <?php echo ($verify == FALSE ? "disabled" : "" ); ?> name='hint_support' <?php echo ( $hint != FALSE ? "checked" : "" ); ?> /> |
|
| 293 | + <input type='checkbox' <?php echo ($verify == FALSE ? "disabled" : ""); ?> name='hint_support' <?php echo ($hint != FALSE ? "checked" : ""); ?> /> |
|
| 294 | 294 | </td> |
| 295 | 295 | </tr> |
| 296 | 296 | <tr> |
| 297 | 297 | |
| 298 | 298 | <!-- checkbox and input field for anonymity support, available only when realm is known--> |
| 299 | 299 | <td> |
| 300 | - <span id='anon_support_label' style='<?php echo ($realm == "" ? "color:#999999" : "" ); ?>'> |
|
| 300 | + <span id='anon_support_label' style='<?php echo ($realm == "" ? "color:#999999" : ""); ?>'> |
|
| 301 | 301 | <?php echo _("Enable Anonymous Outer Identity:"); ?> |
| 302 | 302 | </span> |
| 303 | 303 | </td> |
| 304 | 304 | <td> |
| 305 | - <input type='checkbox' <?php echo ($useAnon != FALSE ? "checked" : "" ) . ($realm == "" ? " disabled" : "" ); ?> name='anon_support' onclick=' |
|
| 305 | + <input type='checkbox' <?php echo ($useAnon != FALSE ? "checked" : "") . ($realm == "" ? " disabled" : ""); ?> name='anon_support' onclick=' |
|
| 306 | 306 | if (this.form.elements["anon_support"].checked !== true) { |
| 307 | 307 | this.form.elements["anon_local"].setAttribute("disabled", "disabled"); |
| 308 | 308 | } else { |
| 309 | 309 | this.form.elements["anon_local"].removeAttribute("disabled"); |
| 310 | 310 | } |
| 311 | 311 | ;'/> |
| 312 | - <input type='text' <?php echo ($checkuserOuter == FALSE ? "disabled" : "" ); ?> name='anon_local' value='<?php echo $anonLocal; ?>'/> |
|
| 312 | + <input type='text' <?php echo ($checkuserOuter == FALSE ? "disabled" : ""); ?> name='anon_local' value='<?php echo $anonLocal; ?>'/> |
|
| 313 | 313 | </td> |
| 314 | 314 | </tr> |
| 315 | 315 | <tr> |
| 316 | 316 | |
| 317 | 317 | <!-- checkbox and input field for check realm outer id, available only when realm is known--> |
| 318 | 318 | <td> |
| 319 | - <span id='checkuser_label' style='<?php echo ($realm == "" ? "color:#999999" : "" ); ?>'> |
|
| 319 | + <span id='checkuser_label' style='<?php echo ($realm == "" ? "color:#999999" : ""); ?>'> |
|
| 320 | 320 | <?php echo _("Use special Outer Identity for realm checks:"); ?> |
| 321 | 321 | </span> |
| 322 | 322 | </td> |
| 323 | 323 | <td> |
| 324 | - <input type='checkbox' <?php echo ($checkuserOuter != FALSE ? "checked" : "" ) . ($realm == "" ? " disabled" : "" ); ?> name='checkuser_support' onclick=' |
|
| 324 | + <input type='checkbox' <?php echo ($checkuserOuter != FALSE ? "checked" : "") . ($realm == "" ? " disabled" : ""); ?> name='checkuser_support' onclick=' |
|
| 325 | 325 | if (this.form.elements["checkuser_support"].checked !== true) { |
| 326 | 326 | this.form.elements["checkuser_local"].setAttribute("disabled", "disabled"); |
| 327 | 327 | } else { |
| 328 | 328 | this.form.elements["checkuser_local"].removeAttribute("disabled"); |
| 329 | 329 | } |
| 330 | 330 | ;'/> |
| 331 | - <input type='text' <?php echo ($checkuserOuter == FALSE ? "disabled" : "" ); ?> name='checkuser_local' value='<?php echo $checkuserValue; ?>'/> |
|
| 331 | + <input type='text' <?php echo ($checkuserOuter == FALSE ? "disabled" : ""); ?> name='checkuser_local' value='<?php echo $checkuserValue; ?>'/> |
|
| 332 | 332 | </td> |
| 333 | 333 | </tr> |
| 334 | 334 | </table> |
@@ -344,14 +344,14 @@ discard block |
||
| 344 | 344 | <p> |
| 345 | 345 | |
| 346 | 346 | <?php |
| 347 | - echo "<span id='redirect_label' style='" . ($realm == "" ? "color:#999999" : "" ) . "'><label for='redirect'>" . _("Redirect end users to own web page:") . "</label></span> |
|
| 348 | - <input type='checkbox' name='redirect' id='redirect' " . ($blacklisted === FALSE ? "" : "checked " ) . "onclick=' |
|
| 347 | + echo "<span id='redirect_label' style='" . ($realm == "" ? "color:#999999" : "") . "'><label for='redirect'>" . _("Redirect end users to own web page:") . "</label></span> |
|
| 348 | + <input type='checkbox' name='redirect' id='redirect' " . ($blacklisted === FALSE ? "" : "checked ") . "onclick=' |
|
| 349 | 349 | if (this.form.elements[\"redirect\"].checked != true) { |
| 350 | 350 | this.form.elements[\"redirect_target\"].setAttribute(\"disabled\", \"disabled\"); |
| 351 | 351 | } else { |
| 352 | 352 | this.form.elements[\"redirect_target\"].removeAttribute(\"disabled\"); |
| 353 | 353 | };'/> |
| 354 | - <input type='text' name='redirect_target' " . ($blacklisted !== FALSE ? "value='$blacklisted'" : "disabled" ) . "/>"; |
|
| 354 | + <input type='text' name='redirect_target' " . ($blacklisted !== FALSE ? "value='$blacklisted'" : "disabled") . "/>"; |
|
| 355 | 355 | ?> |
| 356 | 356 | </p> |
| 357 | 357 | |
@@ -375,7 +375,7 @@ discard block |
||
| 375 | 375 | function priority(string $eapType, bool $isenabled, int $priority) { |
| 376 | 376 | echo "<td><select id='$eapType-priority' name='$eapType-priority' " . (!$isenabled ? "disabled='disabled'" : "") . ">"; |
| 377 | 377 | for ($a = 1; $a < 7; $a = $a + 1) { |
| 378 | - echo "<option id='$eapType-$a' value='$a' " . ( $isenabled && $a == $priority ? "selected" : "" ) . ">$a</option>"; |
|
| 378 | + echo "<option id='$eapType-$a' value='$a' " . ($isenabled && $a == $priority ? "selected" : "") . ">$a</option>"; |
|
| 379 | 379 | } |
| 380 | 380 | echo "</select></td>"; |
| 381 | 381 | } |
@@ -39,7 +39,7 @@ discard block |
||
| 39 | 39 | 'getUserCerts', |
| 40 | 40 | ]; |
| 41 | 41 | |
| 42 | -function getRequest($varName,$filter) { |
|
| 42 | +function getRequest($varName, $filter) { |
|
| 43 | 43 | $safeText = ["options"=>["regexp"=>"/^[\w\d-]+$/"]]; |
| 44 | 44 | switch ($filter) { |
| 45 | 45 | case 'safe_text': |
@@ -57,7 +57,7 @@ discard block |
||
| 57 | 57 | |
| 58 | 58 | // make sure this is a known action |
| 59 | 59 | $actionR = getRequest('action', 'safe_text'); |
| 60 | -$action = array_search($actionR,LISTOFACTIONS) ? $actionR : FALSE; |
|
| 60 | +$action = array_search($actionR, LISTOFACTIONS) ? $actionR : FALSE; |
|
| 61 | 61 | if ($action === FALSE) { |
| 62 | 62 | exit; |
| 63 | 63 | } |
@@ -65,18 +65,18 @@ discard block |
||
| 65 | 65 | $lang = $langR ? $validator->supportedLanguage($langR) : FALSE; |
| 66 | 66 | $deviceR = getRequest('device', 'safe_text'); |
| 67 | 67 | $device = $deviceR ? $validator->Device($deviceR) : FALSE; |
| 68 | -$idpR = getRequest('idp','int'); |
|
| 68 | +$idpR = getRequest('idp', 'int'); |
|
| 69 | 69 | $idp = $idpR ? $validator->IdP($idpR)->identifier : FALSE; |
| 70 | -$profileR = getRequest('profile','int'); |
|
| 70 | +$profileR = getRequest('profile', 'int'); |
|
| 71 | 71 | $profile = $profileR ? $validator->Profile($profileR)->identifier : FALSE; |
| 72 | -$federationR = getRequest('federation','safe_text'); |
|
| 72 | +$federationR = getRequest('federation', 'safe_text'); |
|
| 73 | 73 | $federation = $federationR ? $validator->Federation($deviceR)->identifier : FALSE; |
| 74 | -$disco = getRequest('disco','int'); |
|
| 75 | -$width = getRequest('width','int') ?? 0; |
|
| 76 | -$height = getRequest('height','int') ?? 0; |
|
| 77 | -$sort = getRequest('sort','int') ?? 0; |
|
| 78 | -$generatedforR = getRequest('generatedfor','safe_text') ?? 'user'; |
|
| 79 | -$token = getRequest('token','safe_text'); |
|
| 74 | +$disco = getRequest('disco', 'int'); |
|
| 75 | +$width = getRequest('width', 'int') ?? 0; |
|
| 76 | +$height = getRequest('height', 'int') ?? 0; |
|
| 77 | +$sort = getRequest('sort', 'int') ?? 0; |
|
| 78 | +$generatedforR = getRequest('generatedfor', 'safe_text') ?? 'user'; |
|
| 79 | +$token = getRequest('token', 'safe_text'); |
|
| 80 | 80 | |
| 81 | 81 | |
| 82 | 82 | switch ($action) { |
