GEANT /
CAT
@@ -19,7 +19,7 @@ discard block |
||
| 19 | 19 | * <base_url>/copyright.php after deploying the software |
| 20 | 20 | */ |
| 21 | 21 | |
| 22 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 22 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 23 | 23 | |
| 24 | 24 | $auth = new \web\lib\admin\Authentication(); |
| 25 | 25 | $loggerInstance = new \core\common\Logging(); |
@@ -34,7 +34,7 @@ discard block |
||
| 34 | 34 | $instId = $my_inst->identifier; |
| 35 | 35 | // delete the IdP and send user to enrollment |
| 36 | 36 | $my_inst->destroy(); |
| 37 | - $loggerInstance->writeAudit($_SESSION['user'], "DEL", "IdP " . $instId); |
|
| 37 | + $loggerInstance->writeAudit($_SESSION['user'], "DEL", "IdP ".$instId); |
|
| 38 | 38 | header("Location: overview_user.php"); |
| 39 | 39 | exit; |
| 40 | 40 | } |
@@ -50,7 +50,7 @@ discard block |
||
| 50 | 50 | } |
| 51 | 51 | // flush all IdP attributes and send user to creation wizard |
| 52 | 52 | $my_inst->flushAttributes(); |
| 53 | - $loggerInstance->writeAudit($_SESSION['user'], "DEL", "IdP starting over" . $instId); |
|
| 53 | + $loggerInstance->writeAudit($_SESSION['user'], "DEL", "IdP starting over".$instId); |
|
| 54 | 54 | header("Location: edit_participant.php?inst_id=$instId&wizard=true"); |
| 55 | 55 | exit; |
| 56 | 56 | } |
@@ -72,21 +72,21 @@ discard block |
||
| 72 | 72 | } |
| 73 | 73 | |
| 74 | 74 | $inst_name = $my_inst->name; |
| 75 | -echo "<h1>" . sprintf(_("Submitted attributes for IdP '%s'"), $inst_name) . "</h1>"; |
|
| 75 | +echo "<h1>".sprintf(_("Submitted attributes for IdP '%s'"), $inst_name)."</h1>"; |
|
| 76 | 76 | echo "<table>"; |
| 77 | 77 | echo $optionParser->processSubmittedFields($my_inst, $_POST, $_FILES); |
| 78 | 78 | echo "</table>"; |
| 79 | 79 | |
| 80 | 80 | // delete cached logo, if present |
| 81 | -$dir = ROOT . '/web/downloads/logos/'; |
|
| 82 | -$globResult = glob($dir . $my_inst->identifier . "_*.png"); |
|
| 81 | +$dir = ROOT.'/web/downloads/logos/'; |
|
| 82 | +$globResult = glob($dir.$my_inst->identifier."_*.png"); |
|
| 83 | 83 | if ($globResult === FALSE) { // we should catch the improbable error condition |
| 84 | 84 | $globResult = []; |
| 85 | 85 | } |
| 86 | 86 | array_map('unlink', $globResult); |
| 87 | 87 | $loggerInstance->debug(4, "UNLINK from $dir\n"); |
| 88 | 88 | |
| 89 | -$loggerInstance->writeAudit($_SESSION['user'], "MOD", "IdP " . $my_inst->identifier . " - attributes changed"); |
|
| 89 | +$loggerInstance->writeAudit($_SESSION['user'], "MOD", "IdP ".$my_inst->identifier." - attributes changed"); |
|
| 90 | 90 | |
| 91 | 91 | // re-instantiate ourselves... profiles need fresh data |
| 92 | 92 | |
@@ -98,15 +98,15 @@ discard block |
||
| 98 | 98 | |
| 99 | 99 | if (isset(\config\ConfAssistant::CONSORTIUM['ssid']) && count(\config\ConfAssistant::CONSORTIUM['ssid']) > 0) { |
| 100 | 100 | foreach (\config\ConfAssistant::CONSORTIUM['ssid'] as $ssidname) { |
| 101 | - $ssids[] = $ssidname . " " . (isset(\config\ConfAssistant::CONSORTIUM['tkipsupport']) && \config\ConfAssistant::CONSORTIUM['tkipsupport'] === TRUE ? _("(WPA2/AES and WPA/TKIP)") : _("(WPA2/AES)") ); |
|
| 101 | + $ssids[] = $ssidname." ".(isset(\config\ConfAssistant::CONSORTIUM['tkipsupport']) && \config\ConfAssistant::CONSORTIUM['tkipsupport'] === TRUE ? _("(WPA2/AES and WPA/TKIP)") : _("(WPA2/AES)")); |
|
| 102 | 102 | } |
| 103 | 103 | } |
| 104 | 104 | |
| 105 | 105 | foreach ($my_inst->getAttributes("media:SSID_with_legacy") as $ssidname) { |
| 106 | - $ssids[] = $ssidname['value'] . " " . _("(WPA2/AES and WPA/TKIP)"); |
|
| 106 | + $ssids[] = $ssidname['value']." "._("(WPA2/AES and WPA/TKIP)"); |
|
| 107 | 107 | } |
| 108 | 108 | foreach ($my_inst->getAttributes("media:SSID") as $ssidname) { |
| 109 | - $ssids[] = $ssidname['value'] . " " . _("(WPA2/AES)"); |
|
| 109 | + $ssids[] = $ssidname['value']." "._("(WPA2/AES)"); |
|
| 110 | 110 | } |
| 111 | 111 | |
| 112 | 112 | echo "<table>"; |
@@ -114,7 +114,7 @@ discard block |
||
| 114 | 114 | if (count($ssids) > 0) { |
| 115 | 115 | $printedlist = ""; |
| 116 | 116 | foreach ($ssids as $names) { |
| 117 | - $printedlist = $printedlist . "$names "; |
|
| 117 | + $printedlist = $printedlist."$names "; |
|
| 118 | 118 | } |
| 119 | 119 | echo $uiElements->boxOkay(sprintf(_("Your installers will configure the following SSIDs: <strong>%s</strong>"), $printedlist), _("SSIDs configured")); |
| 120 | 120 | } |
@@ -142,7 +142,7 @@ discard block |
||
| 142 | 142 | // did we get an email address? then, show the silverbullet jumpstart button |
| 143 | 143 | // otherwise, issue a smartass comment |
| 144 | 144 | if (count($my_inst->getAttributes("support:email")) > 0) { |
| 145 | - echo "<form method='post' action='edit_silverbullet.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'><button type='submit'>" . sprintf(_("Continue to %s properties"), \core\ProfileSilverbullet::PRODUCTNAME) . "</button></form>"; |
|
| 145 | + echo "<form method='post' action='edit_silverbullet.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'><button type='submit'>".sprintf(_("Continue to %s properties"), \core\ProfileSilverbullet::PRODUCTNAME)."</button></form>"; |
|
| 146 | 146 | } else { |
| 147 | 147 | echo "<table>"; |
| 148 | 148 | echo $uiElements->boxError(sprintf(_("You did not submit an e-mail address. This is required for %s. Please go to the %s dashboard and edit your helpdesk settings to include a helpdesk e-mail address."), core\ProfileSilverbullet::PRODUCTNAME, $ui->nomenclatureInst), _("No support e-mail!")); |
@@ -150,9 +150,9 @@ discard block |
||
| 150 | 150 | } |
| 151 | 151 | } |
| 152 | 152 | if (\config\Master::FUNCTIONALITY_LOCATIONS['CONFASSISTANT_RADIUS'] == "LOCAL") { |
| 153 | - echo "<br/><form method='post' action='edit_profile.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'><button type='submit'>" . _("Continue to RADIUS/EAP profile definition") . "</button></form>"; |
|
| 153 | + echo "<br/><form method='post' action='edit_profile.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'><button type='submit'>"._("Continue to RADIUS/EAP profile definition")."</button></form>"; |
|
| 154 | 154 | } |
| 155 | 155 | } |
| 156 | -echo "<br/><form method='post' action='overview_user.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'><button type='submit'>" . _("Continue to dashboard") . "</button></form>"; |
|
| 156 | +echo "<br/><form method='post' action='overview_user.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'><button type='submit'>"._("Continue to dashboard")."</button></form>"; |
|
| 157 | 157 | |
| 158 | 158 | echo $deco->footer(); |
@@ -142,17 +142,17 @@ discard block |
||
| 142 | 142 | foreach (array_keys($this->typeDb) as $name) { |
| 143 | 143 | if ($className === 0) { |
| 144 | 144 | $tempArray[] = $name; |
| 145 | - } elseif (preg_match('/^' . $className . ':/', $name) > 0) { |
|
| 145 | + } elseif (preg_match('/^'.$className.':/', $name) > 0) { |
|
| 146 | 146 | $tempArray[] = $name; |
| 147 | 147 | } |
| 148 | 148 | } |
| 149 | 149 | $returnArray = $tempArray; |
| 150 | 150 | // remove silverbullet-specific options if this deployment is not SB |
| 151 | 151 | foreach ($tempArray as $key => $val) { |
| 152 | - if (( \config\Master::FUNCTIONALITY_LOCATIONS['CONFASSISTANT_SILVERBULLET'] != 'LOCAL') && (preg_match('/^fed:silverbullet/', $val) > 0)) { |
|
| 152 | + if ((\config\Master::FUNCTIONALITY_LOCATIONS['CONFASSISTANT_SILVERBULLET'] != 'LOCAL') && (preg_match('/^fed:silverbullet/', $val) > 0)) { |
|
| 153 | 153 | unset($returnArray[$key]); |
| 154 | 154 | } |
| 155 | - if (( \config\Master::FUNCTIONALITY_LOCATIONS['CONFASSISTANT_RADIUS'] != 'LOCAL') && (preg_match('/^fed:minted_ca_file/', $val) > 0)) { |
|
| 155 | + if ((\config\Master::FUNCTIONALITY_LOCATIONS['CONFASSISTANT_RADIUS'] != 'LOCAL') && (preg_match('/^fed:minted_ca_file/', $val) > 0)) { |
|
| 156 | 156 | unset($returnArray[$key]); |
| 157 | 157 | } |
| 158 | 158 | } |
@@ -172,7 +172,7 @@ discard block |
||
| 172 | 172 | if (isset($this->typeDb[$optionname])) { |
| 173 | 173 | return $this->typeDb[$optionname]; |
| 174 | 174 | } |
| 175 | - throw new Exception("Metadata about an option was requested, but the option name does not exist in the system: " . htmlentities($optionname)); |
|
| 175 | + throw new Exception("Metadata about an option was requested, but the option name does not exist in the system: ".htmlentities($optionname)); |
|
| 176 | 176 | } |
| 177 | 177 | |
| 178 | 178 | /** |
@@ -108,7 +108,7 @@ discard block |
||
| 108 | 108 | */ |
| 109 | 109 | public function __construct() { |
| 110 | 110 | $this->loggerInstance = new Logging(); |
| 111 | - $this->loggerInstance->debug(3, "--- BEGIN constructing class " . get_class($this) . " .\n"); |
|
| 111 | + $this->loggerInstance->debug(3, "--- BEGIN constructing class ".get_class($this)." .\n"); |
|
| 112 | 112 | $this->languageInstance = new Language(); |
| 113 | 113 | Entity::intoThePotatoes(); |
| 114 | 114 | // some config elements are displayable. We need some dummies to |
@@ -127,13 +127,13 @@ discard block |
||
| 127 | 127 | $dummy_organisation2a = _("organization"); |
| 128 | 128 | $dummy_organisation3 = _("entity"); |
| 129 | 129 | // and do something useless with the strings so that there's no "unused" complaint |
| 130 | - if (strlen($dummy_NRO . $dummy_inst1 . $dummy_inst2 . $dummy_inst3 . $dummy_hotspot1 . $dummy_hotspot2 . $dummy_hotspot3 . $dummy_organisation1 . $dummy_organisation2 . $dummy_organisation2a . $dummy_organisation3) < 0) { |
|
| 130 | + if (strlen($dummy_NRO.$dummy_inst1.$dummy_inst2.$dummy_inst3.$dummy_hotspot1.$dummy_hotspot2.$dummy_hotspot3.$dummy_organisation1.$dummy_organisation2.$dummy_organisation2a.$dummy_organisation3) < 0) { |
|
| 131 | 131 | throw new Exception("Strings are usually not shorter than 0 characters. We've encountered a string blackhole."); |
| 132 | 132 | } |
| 133 | - $xyzVariableFed = \config\ConfAssistant::CONSORTIUM['nomenclature_federation'] . ""; |
|
| 134 | - $xyzVariableInst = \config\ConfAssistant::CONSORTIUM['nomenclature_institution'] . ""; |
|
| 135 | - $xyzVariableHotspot = \config\ConfAssistant::CONSORTIUM['nomenclature_hotspot'] . ""; |
|
| 136 | - $xyzVariableParticipant = \config\ConfAssistant::CONSORTIUM['nomenclature_participant'] . ""; |
|
| 133 | + $xyzVariableFed = \config\ConfAssistant::CONSORTIUM['nomenclature_federation'].""; |
|
| 134 | + $xyzVariableInst = \config\ConfAssistant::CONSORTIUM['nomenclature_institution'].""; |
|
| 135 | + $xyzVariableHotspot = \config\ConfAssistant::CONSORTIUM['nomenclature_hotspot'].""; |
|
| 136 | + $xyzVariableParticipant = \config\ConfAssistant::CONSORTIUM['nomenclature_participant'].""; |
|
| 137 | 137 | Entity::$nomenclature_fed = _($xyzVariableFed); |
| 138 | 138 | Entity::$nomenclature_inst = _($xyzVariableInst); |
| 139 | 139 | Entity::$nomenclature_hotspot = _($xyzVariableHotspot); |
@@ -148,7 +148,7 @@ discard block |
||
| 148 | 148 | * Logs the end of lifetime of the entity to the debug log on level 5. |
| 149 | 149 | */ |
| 150 | 150 | public function __destruct() { |
| 151 | - (new Logging())->debug(5, "--- KILL Destructing class " . get_class($this) . " .\n"); |
|
| 151 | + (new Logging())->debug(5, "--- KILL Destructing class ".get_class($this)." .\n"); |
|
| 152 | 152 | } |
| 153 | 153 | |
| 154 | 154 | /** |
@@ -179,7 +179,7 @@ discard block |
||
| 179 | 179 | */ |
| 180 | 180 | public static function createTemporaryDirectory($purpose = 'installer', $failIsFatal = 1) { |
| 181 | 181 | $loggerInstance = new Logging(); |
| 182 | - $name = md5(time() . rand()); |
|
| 182 | + $name = md5(time().rand()); |
|
| 183 | 183 | $path = ROOT; |
| 184 | 184 | switch ($purpose) { |
| 185 | 185 | case 'silverbullet': |
@@ -197,7 +197,7 @@ discard block |
||
| 197 | 197 | default: |
| 198 | 198 | throw new Exception("unable to create temporary directory due to unknown purpose: $purpose\n"); |
| 199 | 199 | } |
| 200 | - $tmpDir = $path . '/' . $name; |
|
| 200 | + $tmpDir = $path.'/'.$name; |
|
| 201 | 201 | $loggerInstance->debug(4, "temp dir: $purpose : $tmpDir\n"); |
| 202 | 202 | if (!mkdir($tmpDir, 0700, true)) { |
| 203 | 203 | if ($failIsFatal) { |
@@ -217,7 +217,7 @@ discard block |
||
| 217 | 217 | * @return void |
| 218 | 218 | */ |
| 219 | 219 | public static function rrmdir($dir) { |
| 220 | - foreach (glob($dir . '/*') as $file) { |
|
| 220 | + foreach (glob($dir.'/*') as $file) { |
|
| 221 | 221 | if (is_dir($file)) { |
| 222 | 222 | Entity::rrmdir($file); |
| 223 | 223 | } else { |
@@ -242,12 +242,12 @@ discard block |
||
| 242 | 242 | } |
| 243 | 243 | // these substr() are guaranteed to yield actual string data, as the |
| 244 | 244 | // base string is an MD5 hash - has sufficient length |
| 245 | - $uuid = /** @scrutinizer ignore-type */ substr($chars, 0, 8) . '-'; |
|
| 246 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 8, 4) . '-'; |
|
| 247 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 12, 4) . '-'; |
|
| 248 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 16, 4) . '-'; |
|
| 245 | + $uuid = /** @scrutinizer ignore-type */ substr($chars, 0, 8).'-'; |
|
| 246 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 8, 4).'-'; |
|
| 247 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 12, 4).'-'; |
|
| 248 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 16, 4).'-'; |
|
| 249 | 249 | $uuid .= /** @scrutinizer ignore-type */ substr($chars, 20, 12); |
| 250 | - return $prefix . $uuid; |
|
| 250 | + return $prefix.$uuid; |
|
| 251 | 251 | } |
| 252 | 252 | |
| 253 | 253 | /** |
@@ -292,8 +292,8 @@ discard block |
||
| 292 | 292 | // if called from a class, guess based on the class name; |
| 293 | 293 | // otherwise, on the filename relative to ROOT |
| 294 | 294 | $myName = $caller['class'] ?? substr($caller['file'], strlen(ROOT)); |
| 295 | - $loggerInstance->debug(1,$caller); |
|
| 296 | - $loggerInstance->debug(1,"\nFOUND ".$myName."\n"); |
|
| 295 | + $loggerInstance->debug(1, $caller); |
|
| 296 | + $loggerInstance->debug(1, "\nFOUND ".$myName."\n"); |
|
| 297 | 297 | if (preg_match("/diag/", $myName) == 1) { |
| 298 | 298 | $ret = "diagnostics"; |
| 299 | 299 | } elseif (preg_match("/core/", $myName) == 1) { |
@@ -307,7 +307,7 @@ discard block |
||
| 307 | 307 | } else { |
| 308 | 308 | $ret = "web_user"; |
| 309 | 309 | } |
| 310 | - $loggerInstance->debug(1,"\nRETURNING ".$ret."\n"); |
|
| 310 | + $loggerInstance->debug(1, "\nRETURNING ".$ret."\n"); |
|
| 311 | 311 | return $ret; |
| 312 | 312 | } |
| 313 | 313 | |
@@ -325,10 +325,10 @@ discard block |
||
| 325 | 325 | if ($catalogue === NULL) { |
| 326 | 326 | $theCatalogue = Entity::determineOwnCatalogue(); |
| 327 | 327 | textdomain($theCatalogue); |
| 328 | - bindtextdomain($theCatalogue, ROOT . "/translation/"); |
|
| 328 | + bindtextdomain($theCatalogue, ROOT."/translation/"); |
|
| 329 | 329 | } else { |
| 330 | 330 | textdomain($catalogue); |
| 331 | - bindtextdomain($catalogue, ROOT . "/translation/"); |
|
| 331 | + bindtextdomain($catalogue, ROOT."/translation/"); |
|
| 332 | 332 | } |
| 333 | 333 | } |
| 334 | 334 | |
@@ -21,14 +21,14 @@ discard block |
||
| 21 | 21 | */ |
| 22 | 22 | |
| 23 | 23 | require_once "autoloader.php"; |
| 24 | -require_once __DIR__ . "/../packageRoot.php"; |
|
| 24 | +require_once __DIR__."/../packageRoot.php"; |
|
| 25 | 25 | |
| 26 | 26 | // enable Composer autoloader, if exists |
| 27 | -if (file_exists(__DIR__ . "/../vendor/autoload.php") !== FALSE) { |
|
| 28 | - include_once __DIR__ . "/../vendor/autoload.php"; |
|
| 27 | +if (file_exists(__DIR__."/../vendor/autoload.php") !== FALSE) { |
|
| 28 | + include_once __DIR__."/../vendor/autoload.php"; |
|
| 29 | 29 | } |
| 30 | 30 | |
| 31 | -if (!file_exists(ROOT . "/config/Master.php")) { |
|
| 31 | +if (!file_exists(ROOT."/config/Master.php")) { |
|
| 32 | 32 | echo "Master configuration file not found. You need to configure the product! At least config/Master.php is required!"; |
| 33 | 33 | throw new Exception("Master config file not found!"); |
| 34 | 34 | } |
@@ -36,14 +36,14 @@ discard block |
||
| 36 | 36 | /* load sub-configs if we are dealing with those in this installation */ |
| 37 | 37 | |
| 38 | 38 | if (\config\Master::FUNCTIONALITY_LOCATIONS['CONFASSISTANT_SILVERBULLET'] == 'LOCAL' || \config\Master::FUNCTIONALITY_LOCATIONS['CONFASSISTANT_RADIUS'] == 'LOCAL') { |
| 39 | - if (!file_exists(ROOT . "/config/ConfAssistant.php")) { |
|
| 39 | + if (!file_exists(ROOT."/config/ConfAssistant.php")) { |
|
| 40 | 40 | echo "ConfAssistant configuration file not found. You need to configure the product!"; |
| 41 | 41 | throw new Exception("ConfAssistant config file not found!"); |
| 42 | 42 | } |
| 43 | 43 | } |
| 44 | 44 | |
| 45 | 45 | if (\config\Master::FUNCTIONALITY_LOCATIONS['DIAGNOSTICS'] == 'LOCAL') { |
| 46 | - if (!file_exists(ROOT . "/config/Diagnostics.php")) { |
|
| 46 | + if (!file_exists(ROOT."/config/Diagnostics.php")) { |
|
| 47 | 47 | echo "Diagnostics configuration file not found. You need to configure the product!"; |
| 48 | 48 | throw new Exception("Diagnostics config file not found!"); |
| 49 | 49 | } |
@@ -113,12 +113,12 @@ discard block |
||
| 113 | 113 | $this->name = $this->languageInstance->getLocalisedValue($this->getAttributes('general:instname')); |
| 114 | 114 | $eligibility = $this->eligibility(); |
| 115 | 115 | if (in_array(IdP::ELIGIBILITY_IDP, $eligibility) && in_array(IdP::ELIGIBILITY_SP, $eligibility)) { |
| 116 | - $eligType = IdP::TYPE_IDPSP . ""; |
|
| 116 | + $eligType = IdP::TYPE_IDPSP.""; |
|
| 117 | 117 | $this->type = $eligType; |
| 118 | 118 | } elseif (in_array(IdP::ELIGIBILITY_IDP, $eligibility)) { |
| 119 | - $eligType = IdP::TYPE_IDP . ""; |
|
| 119 | + $eligType = IdP::TYPE_IDP.""; |
|
| 120 | 120 | } else { |
| 121 | - $eligType = IdP::TYPE_SP . ""; |
|
| 121 | + $eligType = IdP::TYPE_SP.""; |
|
| 122 | 122 | } |
| 123 | 123 | $this->type = $eligType; |
| 124 | 124 | $this->loggerInstance->debug(3, "--- END Constructing new IdP object ... ---\n"); |
@@ -131,7 +131,7 @@ discard block |
||
| 131 | 131 | * @return \core\AbstractProfile[] list of Profiles of this IdP |
| 132 | 132 | */ |
| 133 | 133 | public function listProfiles(bool $activeOnly = FALSE) { |
| 134 | - $query = "SELECT profile_id FROM profile WHERE inst_id = $this->identifier" . ($activeOnly ? " AND showtime = 1" : ""); |
|
| 134 | + $query = "SELECT profile_id FROM profile WHERE inst_id = $this->identifier".($activeOnly ? " AND showtime = 1" : ""); |
|
| 135 | 135 | $allProfiles = $this->databaseHandle->exec($query); |
| 136 | 136 | $returnarray = []; |
| 137 | 137 | // SELECT -> resource, not boolean |
@@ -141,7 +141,7 @@ discard block |
||
| 141 | 141 | $returnarray[] = $oneProfile; |
| 142 | 142 | } |
| 143 | 143 | |
| 144 | - $this->loggerInstance->debug(4, "listProfiles: " . print_r($returnarray, true)); |
|
| 144 | + $this->loggerInstance->debug(4, "listProfiles: ".print_r($returnarray, true)); |
|
| 145 | 145 | return $returnarray; |
| 146 | 146 | } |
| 147 | 147 | |
@@ -152,7 +152,7 @@ discard block |
||
| 152 | 152 | * @return \core\AbstractDeployment[] list of deployments of this IdP |
| 153 | 153 | */ |
| 154 | 154 | public function listDeployments(bool $activeOnly = FALSE) { |
| 155 | - $query = "SELECT deployment_id FROM deployment WHERE inst_id = $this->identifier" . ($activeOnly ? " AND status = " . AbstractDeployment::ACTIVE : ""); |
|
| 155 | + $query = "SELECT deployment_id FROM deployment WHERE inst_id = $this->identifier".($activeOnly ? " AND status = ".AbstractDeployment::ACTIVE : ""); |
|
| 156 | 156 | $allDeployments = $this->databaseHandle->exec($query); |
| 157 | 157 | $returnarray = []; |
| 158 | 158 | // SELECT -> resource, not boolean |
@@ -160,7 +160,7 @@ discard block |
||
| 160 | 160 | $returnarray[] = new DeploymentManaged($this, $deploymentQuery->deployment_id); |
| 161 | 161 | } |
| 162 | 162 | |
| 163 | - $this->loggerInstance->debug(4, "listDeployments: " . print_r($returnarray, true)); |
|
| 163 | + $this->loggerInstance->debug(4, "listDeployments: ".print_r($returnarray, true)); |
|
| 164 | 164 | return $returnarray; |
| 165 | 165 | } |
| 166 | 166 | |
@@ -294,7 +294,7 @@ discard block |
||
| 294 | 294 | case AbstractProfile::PROFILETYPE_SILVERBULLET: |
| 295 | 295 | $theProfile = new ProfileSilverbullet($identifier, $this); |
| 296 | 296 | $theProfile->addSupportedEapMethod(new \core\common\EAP(\core\common\EAP::EAPTYPE_SILVERBULLET), 1); |
| 297 | - $theProfile->setRealm($this->identifier . "-" . $theProfile->identifier . "." . strtolower($this->federation) . strtolower(\config\ConfAssistant::SILVERBULLET['realm_suffix'])); |
|
| 297 | + $theProfile->setRealm($this->identifier."-".$theProfile->identifier.".".strtolower($this->federation).strtolower(\config\ConfAssistant::SILVERBULLET['realm_suffix'])); |
|
| 298 | 298 | return $theProfile; |
| 299 | 299 | default: |
| 300 | 300 | throw new Exception("This type of profile is unknown and can not be added."); |
@@ -430,7 +430,7 @@ discard block |
||
| 430 | 430 | */ |
| 431 | 431 | public function getExternalDBId() { |
| 432 | 432 | if (\config\ConfAssistant::CONSORTIUM['name'] == "eduroam" && isset(\config\ConfAssistant::CONSORTIUM['deployment-voodoo']) && \config\ConfAssistant::CONSORTIUM['deployment-voodoo'] == "Operations Team") { // SW: APPROVED |
| 433 | - $idQuery = $this->databaseHandle->exec("SELECT external_db_id FROM institution WHERE inst_id = $this->identifier AND external_db_syncstate = " . self::EXTERNAL_DB_SYNCSTATE_SYNCED); |
|
| 433 | + $idQuery = $this->databaseHandle->exec("SELECT external_db_id FROM institution WHERE inst_id = $this->identifier AND external_db_syncstate = ".self::EXTERNAL_DB_SYNCSTATE_SYNCED); |
|
| 434 | 434 | // SELECT -> it's a resource, not a boolean |
| 435 | 435 | if (mysqli_num_rows(/** @scrutinizer ignore-type */ $idQuery) == 0) { |
| 436 | 436 | return FALSE; |
@@ -45,11 +45,11 @@ discard block |
||
| 45 | 45 | ], |
| 46 | 46 | [ |
| 47 | 47 | 'title' => sprintf(_("Is it safe to use %s installers?"), \config\Master::APPEARANCE['productname']), |
| 48 | - 'text' => sprintf(_("%s installers configure security settings on your device, therefore you should be sure that you are using genuine ones."), \config\Master::APPEARANCE['productname']) . ' ' . ( isset(\config\ConfAssistant::CONSORTIUM['signer_name']) && \config\ConfAssistant::CONSORTIUM['signer_name'] != "" ? sprintf(_("This is why %s installers are digitally signed by %s. Watch out for a system message confirming this."), \config\Master::APPEARANCE['productname'], \config\ConfAssistant::CONSORTIUM['signer_name']) : ""), |
|
| 48 | + 'text' => sprintf(_("%s installers configure security settings on your device, therefore you should be sure that you are using genuine ones."), \config\Master::APPEARANCE['productname']).' '.(isset(\config\ConfAssistant::CONSORTIUM['signer_name']) && \config\ConfAssistant::CONSORTIUM['signer_name'] != "" ? sprintf(_("This is why %s installers are digitally signed by %s. Watch out for a system message confirming this."), \config\Master::APPEARANCE['productname'], \config\ConfAssistant::CONSORTIUM['signer_name']) : ""), |
|
| 49 | 49 | ], |
| 50 | 50 | [ |
| 51 | 51 | 'title' => _("Windows 'SmartScreen' or 'Internet Explorer' tell me that the file is not commonly downloaded and possibly harmful. Should I be concerned?"), |
| 52 | - 'text' => _("Contrary to what the name suggests, 'SmartScreen' isn't actually very smart. The warning merely means that the file has not yet been downloaded by enough users to make Microsoft consider it popular (which would strangely enough make it be considered 'safe'). This message alone is not a security problem.") . " " . (isset(\config\ConfAssistant::CONSORTIUM['signer_name']) && \config\ConfAssistant::CONSORTIUM['signer_name'] != "" ? sprintf(_("So long as the file is carrying a valid signature from %s, the download is safe."), \config\ConfAssistant::CONSORTIUM['signer_name']) . " " : "") . sprintf(_("Please see also Microsoft's FAQ regarding SmartScreen at %s."), "<a href='http://windows.microsoft.com/en-US/windows7/SmartScreen-Filter-frequently-asked-questions-IE9?SignedIn=1'>Microsoft FAQ</a>") |
|
| 52 | + 'text' => _("Contrary to what the name suggests, 'SmartScreen' isn't actually very smart. The warning merely means that the file has not yet been downloaded by enough users to make Microsoft consider it popular (which would strangely enough make it be considered 'safe'). This message alone is not a security problem.")." ".(isset(\config\ConfAssistant::CONSORTIUM['signer_name']) && \config\ConfAssistant::CONSORTIUM['signer_name'] != "" ? sprintf(_("So long as the file is carrying a valid signature from %s, the download is safe."), \config\ConfAssistant::CONSORTIUM['signer_name'])." " : "").sprintf(_("Please see also Microsoft's FAQ regarding SmartScreen at %s."), "<a href='http://windows.microsoft.com/en-US/windows7/SmartScreen-Filter-frequently-asked-questions-IE9?SignedIn=1'>Microsoft FAQ</a>") |
|
| 53 | 53 | ], |
| 54 | 54 | [ |
| 55 | 55 | 'title' => sprintf(_("I can see %s network and my device is configured but it does not connect, what can be the cause?"), \config\ConfAssistant::CONSORTIUM['display_name']), |
@@ -68,7 +68,7 @@ discard block |
||
| 68 | 68 | $consortium = \config\ConfAssistant::CONSORTIUM['display_name']; |
| 69 | 69 | array_push($Faq, |
| 70 | 70 | [ |
| 71 | - 'id' => 'what_is_' . \config\ConfAssistant::CONSORTIUM['name'], |
|
| 71 | + 'id' => 'what_is_'.\config\ConfAssistant::CONSORTIUM['name'], |
|
| 72 | 72 | 'title' => sprintf(_("What is this %s thing anyway?"), $consortium), |
| 73 | 73 | 'text' => sprintf(_("%s is a global WiFi roaming consortium which gives members of education and research access to the internet <i>for free</i> on all %s hotspots on the planet. There are several million %s users already, enjoying free internet access on more than %d hotspots! Visit <a href='http://www.eduroam.org'>the %s homepage</a> or <a href='http://monitor.eduroam.org/map_service_loc.php'>the %s location map</a> for more details."), $consortium, $consortium, $consortium, count($SPs), $consortium, $consortium) |
| 74 | 74 | ]); |
@@ -135,7 +135,7 @@ |
||
| 135 | 135 | $returnarray = []; |
| 136 | 136 | $query = "SELECT id_institution AS id, country, inst_realm as realmlist, name AS collapsed_name, contact AS collapsed_contact, type FROM view_active_institution WHERE country = ?"; |
| 137 | 137 | if ($eduroamDbType !== NULL) { |
| 138 | - $query .= " AND ( type = '" . ExternalEduroamDBData::TYPE_IDPSP . "' OR type = '" . $eduroamDbType . "')"; |
|
| 138 | + $query .= " AND ( type = '".ExternalEduroamDBData::TYPE_IDPSP."' OR type = '".$eduroamDbType."')"; |
|
| 139 | 139 | } |
| 140 | 140 | $externals = $this->db->exec($query, "s", $tld); |
| 141 | 141 | // was a SELECT query, so a resource and not a boolean |
@@ -164,7 +164,7 @@ discard block |
||
| 164 | 164 | } |
| 165 | 165 | } |
| 166 | 166 | |
| 167 | - $this->loggerInstance->debug(4, "RADIUSTests is in opMode " . $this->opMode . ", parameters were: $realm, $outerUsernameForChecks, " . print_r($supportedEapTypes, true)); |
|
| 167 | + $this->loggerInstance->debug(4, "RADIUSTests is in opMode ".$this->opMode.", parameters were: $realm, $outerUsernameForChecks, ".print_r($supportedEapTypes, true)); |
|
| 168 | 168 | $this->loggerInstance->debug(4, print_r($expectedServerNames, true)); |
| 169 | 169 | $this->loggerInstance->debug(4, print_r($expectedCABundle, true)); |
| 170 | 170 | |
@@ -251,7 +251,7 @@ discard block |
||
| 251 | 251 | $returnarray[] = RADIUSTests::CERTPROB_WILDCARD_IN_NAME; |
| 252 | 252 | continue; // otherwise we'd ALSO complain that it's not a real hostname |
| 253 | 253 | } |
| 254 | - if ($onename != "" && filter_var("foo@" . idn_to_ascii($onename), FILTER_VALIDATE_EMAIL) === FALSE) { |
|
| 254 | + if ($onename != "" && filter_var("foo@".idn_to_ascii($onename), FILTER_VALIDATE_EMAIL) === FALSE) { |
|
| 255 | 255 | $returnarray[] = RADIUSTests::CERTPROB_NOT_A_HOSTNAME; |
| 256 | 256 | } |
| 257 | 257 | } |
@@ -277,7 +277,7 @@ discard block |
||
| 277 | 277 | $probValue = RADIUSTests::CERTPROB_SHA1_SIGNATURE; |
| 278 | 278 | $returnarray[] = $probValue; |
| 279 | 279 | } |
| 280 | - $this->loggerInstance->debug(4, "CERT IS: " . print_r($intermediateCa, TRUE)); |
|
| 280 | + $this->loggerInstance->debug(4, "CERT IS: ".print_r($intermediateCa, TRUE)); |
|
| 281 | 281 | if ($intermediateCa['basicconstraints_set'] == 0) { |
| 282 | 282 | $returnarray[] = RADIUSTests::CERTPROB_NO_BASICCONSTRAINTS; |
| 283 | 283 | } |
@@ -325,7 +325,7 @@ discard block |
||
| 325 | 325 | public function udpReachability($probeindex, $opnameCheck = TRUE, $frag = TRUE) { |
| 326 | 326 | // for EAP-TLS to be a viable option, we need to pass a random client cert to make eapol_test happy |
| 327 | 327 | // the following PEM data is one of the SENSE EAPLab client certs (not secret at all) |
| 328 | - $clientcert = file_get_contents(dirname(__FILE__) . "/clientcert.p12"); |
|
| 328 | + $clientcert = file_get_contents(dirname(__FILE__)."/clientcert.p12"); |
|
| 329 | 329 | if ($clientcert === FALSE) { |
| 330 | 330 | throw new Exception("A dummy client cert is part of the source distribution, but could not be loaded!"); |
| 331 | 331 | } |
@@ -334,7 +334,7 @@ discard block |
||
| 334 | 334 | if ($this->opMode == self::RADIUS_TEST_OPERATION_MODE_THOROUGH) { |
| 335 | 335 | return $this->udpLogin($probeindex, $this->supportedEapTypes[0]->getArrayRep(), $this->outerUsernameForChecks, 'eaplab', $opnameCheck, $frag, $clientcert); |
| 336 | 336 | } |
| 337 | - return $this->udpLogin($probeindex, \core\common\EAP::EAPTYPE_ANY, "cat-connectivity-test@" . $this->realm, 'eaplab', $opnameCheck, $frag, $clientcert); |
|
| 337 | + return $this->udpLogin($probeindex, \core\common\EAP::EAPTYPE_ANY, "cat-connectivity-test@".$this->realm, 'eaplab', $opnameCheck, $frag, $clientcert); |
|
| 338 | 338 | } |
| 339 | 339 | |
| 340 | 340 | /** |
@@ -355,7 +355,7 @@ discard block |
||
| 355 | 355 | return RADIUSTests::CERTPROB_NO_CDP_HTTP; |
| 356 | 356 | } |
| 357 | 357 | // first and second sub-match is the full URL... check it |
| 358 | - $crlcontent = \core\common\OutsideComm::downloadFile(trim($crlUrl[1] . $crlUrl[2])); |
|
| 358 | + $crlcontent = \core\common\OutsideComm::downloadFile(trim($crlUrl[1].$crlUrl[2])); |
|
| 359 | 359 | if ($crlcontent === FALSE) { |
| 360 | 360 | return RADIUSTests::CERTPROB_NO_CRL_AT_CDP_URL; |
| 361 | 361 | } |
@@ -386,7 +386,7 @@ discard block |
||
| 386 | 386 | fclose($pipes[1]); |
| 387 | 387 | fclose($pipes[2]); |
| 388 | 388 | $retval = proc_close($process); |
| 389 | - if ($retval != 0 || !preg_match("/BEGIN X509 CRL/",$pem)) { |
|
| 389 | + if ($retval != 0 || !preg_match("/BEGIN X509 CRL/", $pem)) { |
|
| 390 | 390 | // this was not a real CRL |
| 391 | 391 | return RADIUSTests::CERTPROB_NO_CRL_AT_CDP_URL; |
| 392 | 392 | } |
@@ -408,7 +408,7 @@ discard block |
||
| 408 | 408 | $origLength = strlen($hex); |
| 409 | 409 | for ($i = 1; $i < $origLength; $i++) { |
| 410 | 410 | if ($i % 2 == 1 && $i != strlen($hex)) { |
| 411 | - $spaced .= $hex[$i] . " "; |
|
| 411 | + $spaced .= $hex[$i]." "; |
|
| 412 | 412 | } else { |
| 413 | 413 | $spaced .= $hex[$i]; |
| 414 | 414 | } |
@@ -492,19 +492,19 @@ discard block |
||
| 492 | 492 | $eapText = \core\common\EAP::eapDisplayName($eaptype); |
| 493 | 493 | $config = ' |
| 494 | 494 | network={ |
| 495 | - ssid="' . \config\Master::APPEARANCE['productname'] . ' testing" |
|
| 495 | + ssid="' . \config\Master::APPEARANCE['productname'].' testing" |
|
| 496 | 496 | key_mgmt=WPA-EAP |
| 497 | 497 | proto=WPA2 |
| 498 | 498 | pairwise=CCMP |
| 499 | 499 | group=CCMP |
| 500 | 500 | '; |
| 501 | 501 | // phase 1 |
| 502 | - $config .= 'eap=' . $eapText['OUTER'] . "\n"; |
|
| 502 | + $config .= 'eap='.$eapText['OUTER']."\n"; |
|
| 503 | 503 | $logConfig = $config; |
| 504 | 504 | // phase 2 if applicable; all inner methods have passwords |
| 505 | 505 | if (isset($eapText['INNER']) && $eapText['INNER'] != "") { |
| 506 | - $config .= ' phase2="auth=' . $eapText['INNER'] . "\"\n"; |
|
| 507 | - $logConfig .= ' phase2="auth=' . $eapText['INNER'] . "\"\n"; |
|
| 506 | + $config .= ' phase2="auth='.$eapText['INNER']."\"\n"; |
|
| 507 | + $logConfig .= ' phase2="auth='.$eapText['INNER']."\"\n"; |
|
| 508 | 508 | } |
| 509 | 509 | // all methods set a password, except EAP-TLS |
| 510 | 510 | if ($eaptype != \core\common\EAP::EAPTYPE_TLS) { |
@@ -520,11 +520,11 @@ discard block |
||
| 520 | 520 | } |
| 521 | 521 | |
| 522 | 522 | // inner identity |
| 523 | - $config .= ' identity="' . $inner . "\"\n"; |
|
| 524 | - $logConfig .= ' identity="' . $inner . "\"\n"; |
|
| 523 | + $config .= ' identity="'.$inner."\"\n"; |
|
| 524 | + $logConfig .= ' identity="'.$inner."\"\n"; |
|
| 525 | 525 | // outer identity, may be equal |
| 526 | - $config .= ' anonymous_identity="' . $outer . "\"\n"; |
|
| 527 | - $logConfig .= ' anonymous_identity="' . $outer . "\"\n"; |
|
| 526 | + $config .= ' anonymous_identity="'.$outer."\"\n"; |
|
| 527 | + $logConfig .= ' anonymous_identity="'.$outer."\"\n"; |
|
| 528 | 528 | // done |
| 529 | 529 | $config .= "}"; |
| 530 | 530 | $logConfig .= "}"; |
@@ -585,13 +585,13 @@ discard block |
||
| 585 | 585 | * @return string the command-line for eapol_test |
| 586 | 586 | */ |
| 587 | 587 | private function eapolTestConfig($probeindex, $opName, $frag) { |
| 588 | - $cmdline = \config\Diagnostics::PATHS['eapol_test'] . |
|
| 589 | - " -a " . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['ip'] . |
|
| 590 | - " -s " . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['secret'] . |
|
| 591 | - " -o serverchain.pem" . |
|
| 592 | - " -c ./udp_login_test.conf" . |
|
| 593 | - " -M 22:44:66:CA:20:" . sprintf("%02d", $probeindex) . " " . |
|
| 594 | - " -t " . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['timeout'] . " "; |
|
| 588 | + $cmdline = \config\Diagnostics::PATHS['eapol_test']. |
|
| 589 | + " -a ".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['ip']. |
|
| 590 | + " -s ".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['secret']. |
|
| 591 | + " -o serverchain.pem". |
|
| 592 | + " -c ./udp_login_test.conf". |
|
| 593 | + " -M 22:44:66:CA:20:".sprintf("%02d", $probeindex)." ". |
|
| 594 | + " -t ".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['timeout']." "; |
|
| 595 | 595 | if ($opName) { |
| 596 | 596 | $cmdline .= '-N126:s:"1cat.eduroam.org" '; |
| 597 | 597 | } |
@@ -620,10 +620,10 @@ discard block |
||
| 620 | 620 | * @throws Exception |
| 621 | 621 | */ |
| 622 | 622 | private function createCArepository($tmpDir, &$intermOdditiesCAT, $servercert, $eapIntermediates, $eapIntermediateCRLs) { |
| 623 | - if (!mkdir($tmpDir . "/root-ca-allcerts/", 0700, true)) { |
|
| 623 | + if (!mkdir($tmpDir."/root-ca-allcerts/", 0700, true)) { |
|
| 624 | 624 | throw new Exception("unable to create root CA directory (RADIUS Tests): $tmpDir/root-ca-allcerts/\n"); |
| 625 | 625 | } |
| 626 | - if (!mkdir($tmpDir . "/root-ca-eaponly/", 0700, true)) { |
|
| 626 | + if (!mkdir($tmpDir."/root-ca-eaponly/", 0700, true)) { |
|
| 627 | 627 | throw new Exception("unable to create root CA directory (RADIUS Tests): $tmpDir/root-ca-eaponly/\n"); |
| 628 | 628 | } |
| 629 | 629 | // make a copy of the EAP-received chain and add the configured intermediates, if any |
@@ -637,15 +637,15 @@ discard block |
||
| 637 | 637 | } |
| 638 | 638 | if ($decoded['ca'] == 1) { |
| 639 | 639 | if ($decoded['root'] == 1) { // save CAT roots to the root directory |
| 640 | - file_put_contents($tmpDir . "/root-ca-eaponly/configuredroot" . count($catRoots) . ".pem", $decoded['pem']); |
|
| 641 | - file_put_contents($tmpDir . "/root-ca-allcerts/configuredroot" . count($catRoots) . ".pem", $decoded['pem']); |
|
| 640 | + file_put_contents($tmpDir."/root-ca-eaponly/configuredroot".count($catRoots).".pem", $decoded['pem']); |
|
| 641 | + file_put_contents($tmpDir."/root-ca-allcerts/configuredroot".count($catRoots).".pem", $decoded['pem']); |
|
| 642 | 642 | $catRoots[] = $decoded['pem']; |
| 643 | 643 | } else { // save the intermediates to allcerts directory |
| 644 | - file_put_contents($tmpDir . "/root-ca-allcerts/cat-intermediate" . count($catIntermediates) . ".pem", $decoded['pem']); |
|
| 644 | + file_put_contents($tmpDir."/root-ca-allcerts/cat-intermediate".count($catIntermediates).".pem", $decoded['pem']); |
|
| 645 | 645 | $intermOdditiesCAT = array_merge($intermOdditiesCAT, $this->propertyCheckIntermediate($decoded)); |
| 646 | 646 | if (isset($decoded['CRL']) && isset($decoded['CRL'][0])) { |
| 647 | 647 | $this->loggerInstance->debug(4, "got an intermediate CRL; adding them to the chain checks. (Remember: checking end-entity cert only, not the whole chain"); |
| 648 | - file_put_contents($tmpDir . "/root-ca-allcerts/crl_cat" . count($catIntermediates) . ".pem", $decoded['CRL'][0]); |
|
| 648 | + file_put_contents($tmpDir."/root-ca-allcerts/crl_cat".count($catIntermediates).".pem", $decoded['CRL'][0]); |
|
| 649 | 649 | } |
| 650 | 650 | $catIntermediates[] = $decoded['pem']; |
| 651 | 651 | } |
@@ -654,26 +654,26 @@ discard block |
||
| 654 | 654 | // save all intermediate certificates and CRLs to separate files in |
| 655 | 655 | // both root-ca directories |
| 656 | 656 | foreach ($eapIntermediates as $index => $onePem) { |
| 657 | - file_put_contents($tmpDir . "/root-ca-eaponly/intermediate$index.pem", $onePem); |
|
| 658 | - file_put_contents($tmpDir . "/root-ca-allcerts/intermediate$index.pem", $onePem); |
|
| 657 | + file_put_contents($tmpDir."/root-ca-eaponly/intermediate$index.pem", $onePem); |
|
| 658 | + file_put_contents($tmpDir."/root-ca-allcerts/intermediate$index.pem", $onePem); |
|
| 659 | 659 | } |
| 660 | 660 | foreach ($eapIntermediateCRLs as $index => $onePem) { |
| 661 | - file_put_contents($tmpDir . "/root-ca-eaponly/intermediateCRL$index.pem", $onePem); |
|
| 662 | - file_put_contents($tmpDir . "/root-ca-allcerts/intermediateCRL$index.pem", $onePem); |
|
| 661 | + file_put_contents($tmpDir."/root-ca-eaponly/intermediateCRL$index.pem", $onePem); |
|
| 662 | + file_put_contents($tmpDir."/root-ca-allcerts/intermediateCRL$index.pem", $onePem); |
|
| 663 | 663 | } |
| 664 | 664 | |
| 665 | 665 | $checkstring = ""; |
| 666 | 666 | if (isset($servercert['CRL']) && isset($servercert['CRL'][0])) { |
| 667 | 667 | $this->loggerInstance->debug(4, "got a server CRL; adding them to the chain checks. (Remember: checking end-entity cert only, not the whole chain"); |
| 668 | 668 | $checkstring = "-crl_check_all"; |
| 669 | - file_put_contents($tmpDir . "/root-ca-eaponly/crl-server.pem", $servercert['CRL'][0]); |
|
| 670 | - file_put_contents($tmpDir . "/root-ca-allcerts/crl-server.pem", $servercert['CRL'][0]); |
|
| 669 | + file_put_contents($tmpDir."/root-ca-eaponly/crl-server.pem", $servercert['CRL'][0]); |
|
| 670 | + file_put_contents($tmpDir."/root-ca-allcerts/crl-server.pem", $servercert['CRL'][0]); |
|
| 671 | 671 | } |
| 672 | 672 | |
| 673 | 673 | |
| 674 | 674 | // now c_rehash the root CA directory ... |
| 675 | - system(\config\Diagnostics::PATHS['c_rehash'] . " $tmpDir/root-ca-eaponly/ > /dev/null"); |
|
| 676 | - system(\config\Diagnostics::PATHS['c_rehash'] . " $tmpDir/root-ca-allcerts/ > /dev/null"); |
|
| 675 | + system(\config\Diagnostics::PATHS['c_rehash']." $tmpDir/root-ca-eaponly/ > /dev/null"); |
|
| 676 | + system(\config\Diagnostics::PATHS['c_rehash']." $tmpDir/root-ca-allcerts/ > /dev/null"); |
|
| 677 | 677 | return $checkstring; |
| 678 | 678 | } |
| 679 | 679 | |
@@ -704,12 +704,12 @@ discard block |
||
| 704 | 704 | // the error log will complain if we run this test against an empty file of certs |
| 705 | 705 | // so test if there's something PEMy in the file at all |
| 706 | 706 | if (filesize("$tmpDir/serverchain.pem") > 10) { |
| 707 | - exec(\config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/incomingserver.pem", $verifyResultEaponly); |
|
| 708 | - $this->loggerInstance->debug(4, \config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/serverchain.pem\n"); |
|
| 709 | - $this->loggerInstance->debug(4, "Chain verify pass 1: " . print_r($verifyResultEaponly, TRUE) . "\n"); |
|
| 710 | - exec(\config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/incomingserver.pem", $verifyResultAllcerts); |
|
| 711 | - $this->loggerInstance->debug(4, \config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/serverchain.pem\n"); |
|
| 712 | - $this->loggerInstance->debug(4, "Chain verify pass 2: " . print_r($verifyResultAllcerts, TRUE) . "\n"); |
|
| 707 | + exec(\config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/incomingserver.pem", $verifyResultEaponly); |
|
| 708 | + $this->loggerInstance->debug(4, \config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/serverchain.pem\n"); |
|
| 709 | + $this->loggerInstance->debug(4, "Chain verify pass 1: ".print_r($verifyResultEaponly, TRUE)."\n"); |
|
| 710 | + exec(\config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/incomingserver.pem", $verifyResultAllcerts); |
|
| 711 | + $this->loggerInstance->debug(4, \config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/serverchain.pem\n"); |
|
| 712 | + $this->loggerInstance->debug(4, "Chain verify pass 2: ".print_r($verifyResultAllcerts, TRUE)."\n"); |
|
| 713 | 713 | } |
| 714 | 714 | |
| 715 | 715 | |
@@ -775,7 +775,7 @@ discard block |
||
| 775 | 775 | // we are UNHAPPY if no names match! |
| 776 | 776 | $happiness = "UNHAPPY"; |
| 777 | 777 | foreach ($this->expectedServerNames as $expectedName) { |
| 778 | - $this->loggerInstance->debug(4, "Managing expectations for $expectedName: " . print_r($servercert['CN'], TRUE) . print_r($servercert['sAN_DNS'], TRUE)); |
|
| 778 | + $this->loggerInstance->debug(4, "Managing expectations for $expectedName: ".print_r($servercert['CN'], TRUE).print_r($servercert['sAN_DNS'], TRUE)); |
|
| 779 | 779 | if (array_search($expectedName, $servercert['CN']) !== FALSE && array_search($expectedName, $servercert['sAN_DNS']) !== FALSE) { |
| 780 | 780 | $this->loggerInstance->debug(4, "Totally happy!"); |
| 781 | 781 | $happiness = "TOTALLY"; |
@@ -819,11 +819,11 @@ discard block |
||
| 819 | 819 | $theconfigs = $this->wpaSupplicantConfig($eaptype, $finalInner, $finalOuter, $password); |
| 820 | 820 | // the config intentionally does not include CA checking. We do this |
| 821 | 821 | // ourselves after getting the chain with -o. |
| 822 | - file_put_contents($tmpDir . "/udp_login_test.conf", $theconfigs[0]); |
|
| 822 | + file_put_contents($tmpDir."/udp_login_test.conf", $theconfigs[0]); |
|
| 823 | 823 | |
| 824 | 824 | $cmdline = $this->eapolTestConfig($probeindex, $opnameCheck, $frag); |
| 825 | 825 | $this->loggerInstance->debug(4, "Shallow reachability check cmdline: $cmdline\n"); |
| 826 | - $this->loggerInstance->debug(4, "Shallow reachability check config: $tmpDir\n" . $theconfigs[1] . "\n"); |
|
| 826 | + $this->loggerInstance->debug(4, "Shallow reachability check config: $tmpDir\n".$theconfigs[1]."\n"); |
|
| 827 | 827 | $time_start = microtime(true); |
| 828 | 828 | $pflow = []; |
| 829 | 829 | exec($cmdline, $pflow); |
@@ -866,7 +866,7 @@ discard block |
||
| 866 | 866 | if ($packetflow[count($packetflow) - 1] == 3 && $this->checkLineparse($packetflow_orig, self::LINEPARSE_CHECK_REJECTIGNORE)) { |
| 867 | 867 | array_pop($packetflow); |
| 868 | 868 | } |
| 869 | - $this->loggerInstance->debug(5, "Packetflow: " . print_r($packetflow, TRUE)); |
|
| 869 | + $this->loggerInstance->debug(5, "Packetflow: ".print_r($packetflow, TRUE)); |
|
| 870 | 870 | $packetcount = array_count_values($packetflow); |
| 871 | 871 | $testresults['packetcount'] = $packetcount; |
| 872 | 872 | $testresults['packetflow'] = $packetflow; |
@@ -943,7 +943,7 @@ discard block |
||
| 943 | 943 | |
| 944 | 944 | $x509 = new \core\common\X509(); |
| 945 | 945 | // $eap_certarray holds all certs received in EAP conversation |
| 946 | - $incomingData = file_get_contents($tmpDir . "/serverchain.pem"); |
|
| 946 | + $incomingData = file_get_contents($tmpDir."/serverchain.pem"); |
|
| 947 | 947 | if ($incomingData !== FALSE && strlen($incomingData) > 0) { |
| 948 | 948 | $eapCertArray = $x509->splitCertificate($incomingData); |
| 949 | 949 | } else { |
@@ -973,10 +973,10 @@ discard block |
||
| 973 | 973 | case RADIUSTests::SERVER_CA_SELFSIGNED: |
| 974 | 974 | $servercert[] = $cert; |
| 975 | 975 | if (count($servercert) == 1) { |
| 976 | - if (file_put_contents($tmpDir . "/incomingserver.pem", $cert['pem'] . "\n") === FALSE) { |
|
| 976 | + if (file_put_contents($tmpDir."/incomingserver.pem", $cert['pem']."\n") === FALSE) { |
|
| 977 | 977 | $this->loggerInstance->debug(4, "The (first) server certificate could not be written to $tmpDir/incomingserver.pem!\n"); |
| 978 | 978 | } |
| 979 | - $this->loggerInstance->debug(4, "This is the (first) server certificate, with CRL content if applicable: " . print_r($servercert[0], true)); |
|
| 979 | + $this->loggerInstance->debug(4, "This is the (first) server certificate, with CRL content if applicable: ".print_r($servercert[0], true)); |
|
| 980 | 980 | } elseif (!in_array(RADIUSTests::CERTPROB_TOO_MANY_SERVER_CERTS, $testresults['cert_oddities'])) { |
| 981 | 981 | $testresults['cert_oddities'][] = RADIUSTests::CERTPROB_TOO_MANY_SERVER_CERTS; |
| 982 | 982 | } |
@@ -1056,7 +1056,7 @@ discard block |
||
| 1056 | 1056 | chdir($tmpDir); |
| 1057 | 1057 | $this->loggerInstance->debug(4, "temp dir: $tmpDir\n"); |
| 1058 | 1058 | if ($clientcertdata !== NULL) { |
| 1059 | - file_put_contents($tmpDir . "/client.p12", $clientcertdata); |
|
| 1059 | + file_put_contents($tmpDir."/client.p12", $clientcertdata); |
|
| 1060 | 1060 | } |
| 1061 | 1061 | $testresults = []; |
| 1062 | 1062 | // initialise the sub-array for cleaner parsing |
@@ -1152,7 +1152,7 @@ discard block |
||
| 1152 | 1152 | 'issuer' => $this->printDN($certdata['issuer']), |
| 1153 | 1153 | 'validFrom' => $this->printTm($certdata['validFrom_time_t']), |
| 1154 | 1154 | 'validTo' => $this->printTm($certdata['validTo_time_t']), |
| 1155 | - 'serialNumber' => $certdata['serialNumber'] . sprintf(" (0x%X)", $certdata['serialNumber']), |
|
| 1155 | + 'serialNumber' => $certdata['serialNumber'].sprintf(" (0x%X)", $certdata['serialNumber']), |
|
| 1156 | 1156 | 'sha1' => $certdata['sha1'], |
| 1157 | 1157 | 'extensions' => $certdata['extensions'] |
| 1158 | 1158 | ]; |
@@ -79,7 +79,7 @@ discard block |
||
| 79 | 79 | $mail->WordWrap = 72; |
| 80 | 80 | $mail->isHTML(FALSE); |
| 81 | 81 | $mail->CharSet = 'UTF-8'; |
| 82 | - $configuredFrom = \config\Master::APPEARANCE['from-mail'] . ""; |
|
| 82 | + $configuredFrom = \config\Master::APPEARANCE['from-mail'].""; |
|
| 83 | 83 | $mail->From = $configuredFrom; |
| 84 | 84 | // are we fancy? i.e. S/MIME signing? |
| 85 | 85 | if (isset(\config\Master::MAILSETTINGS['certfilename'], \config\Master::MAILSETTINGS['keyfilename'], \config\Master::MAILSETTINGS['keypass'])) { |
@@ -119,7 +119,7 @@ discard block |
||
| 119 | 119 | $loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: no MX."); |
| 120 | 120 | return OutsideComm::MAILDOMAIN_NO_MX; |
| 121 | 121 | } |
| 122 | - $loggerInstance->debug(5, "Domain: $domain MX: " . print_r($mx, TRUE)); |
|
| 122 | + $loggerInstance->debug(5, "Domain: $domain MX: ".print_r($mx, TRUE)); |
|
| 123 | 123 | // create a pool of A and AAAA records for all the MXes |
| 124 | 124 | $ipAddrs = []; |
| 125 | 125 | foreach ($mx as $onemx) { |
@@ -129,14 +129,14 @@ discard block |
||
| 129 | 129 | $ipAddrs[] = $oneipv4['ip']; |
| 130 | 130 | } |
| 131 | 131 | foreach ($v6list as $oneipv6) { |
| 132 | - $ipAddrs[] = "[" . $oneipv6['ipv6'] . "]"; |
|
| 132 | + $ipAddrs[] = "[".$oneipv6['ipv6']."]"; |
|
| 133 | 133 | } |
| 134 | 134 | } |
| 135 | 135 | if (count($ipAddrs) == 0) { |
| 136 | 136 | $loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: no mailserver hosts."); |
| 137 | 137 | return OutsideComm::MAILDOMAIN_NO_HOST; |
| 138 | 138 | } |
| 139 | - $loggerInstance->debug(5, "Domain: $domain Addrs: " . print_r($ipAddrs, TRUE)); |
|
| 139 | + $loggerInstance->debug(5, "Domain: $domain Addrs: ".print_r($ipAddrs, TRUE)); |
|
| 140 | 140 | // connect to all hosts. If all can't connect, return MAILDOMAIN_NO_CONNECT. |
| 141 | 141 | // If at least one does not support STARTTLS or one of the hosts doesn't connect |
| 142 | 142 | // , return MAILDOMAIN_NO_STARTTLS (one which we can't connect to we also |
@@ -188,7 +188,7 @@ discard block |
||
| 188 | 188 | switch (\config\ConfAssistant::SMSSETTINGS['provider']) { |
| 189 | 189 | case 'Nexmo': |
| 190 | 190 | // taken from https://docs.nexmo.com/messaging/sms-api |
| 191 | - $url = 'https://rest.nexmo.com/sms/json?' . http_build_query( |
|
| 191 | + $url = 'https://rest.nexmo.com/sms/json?'.http_build_query( |
|
| 192 | 192 | [ |
| 193 | 193 | 'api_key' => \config\ConfAssistant::SMSSETTINGS['username'], |
| 194 | 194 | 'api_secret' => \config\ConfAssistant::SMSSETTINGS['password'], |
@@ -214,14 +214,14 @@ discard block |
||
| 214 | 214 | $loggerInstance->debug(2, 'Problem with SMS invitation: no message was sent!'); |
| 215 | 215 | return OutsideComm::SMS_NOTSENT; |
| 216 | 216 | } |
| 217 | - $loggerInstance->debug(2, 'Total of ' . $messageCount . ' messages were attempted to send.'); |
|
| 217 | + $loggerInstance->debug(2, 'Total of '.$messageCount.' messages were attempted to send.'); |
|
| 218 | 218 | |
| 219 | 219 | $totalFailures = 0; |
| 220 | 220 | foreach ($decoded_response['messages'] as $message) { |
| 221 | 221 | if ($message['status'] == 0) { |
| 222 | - $loggerInstance->debug(2, $message['message-id'] . ": Success"); |
|
| 222 | + $loggerInstance->debug(2, $message['message-id'].": Success"); |
|
| 223 | 223 | } else { |
| 224 | - $loggerInstance->debug(2, $message['message-id'] . ": Failed (failure code = " . $message['status'] . ")"); |
|
| 224 | + $loggerInstance->debug(2, $message['message-id'].": Failed (failure code = ".$message['status'].")"); |
|
| 225 | 225 | $totalFailures++; |
| 226 | 226 | } |
| 227 | 227 | } |
@@ -289,7 +289,7 @@ discard block |
||
| 289 | 289 | $proto = "https://"; |
| 290 | 290 | } |
| 291 | 291 | // then, send out the mail |
| 292 | - $message = _("Hello,") . "\n\n" . wordwrap($introTexts[$introtext] . " " . $validity, 72) . "\n\n"; |
|
| 292 | + $message = _("Hello,")."\n\n".wordwrap($introTexts[$introtext]." ".$validity, 72)."\n\n"; |
|
| 293 | 293 | // default means we don't have a Reply-To. |
| 294 | 294 | $replyToMessage = wordwrap(_("manually. Please do not reply to this mail; this is a send-only address.")); |
| 295 | 295 | |
@@ -297,8 +297,8 @@ discard block |
||
| 297 | 297 | // see if we are supposed to add a custom message |
| 298 | 298 | $customtext = $federation->getAttributes('fed:custominvite'); |
| 299 | 299 | if (count($customtext) > 0) { |
| 300 | - $message .= wordwrap(sprintf(_("Additional message from your %s administrator:"), Entity::$nomenclature_fed), 72) . "\n---------------------------------" . |
|
| 301 | - wordwrap($customtext[0]['value'], 72) . "\n---------------------------------\n\n"; |
|
| 300 | + $message .= wordwrap(sprintf(_("Additional message from your %s administrator:"), Entity::$nomenclature_fed), 72)."\n---------------------------------". |
|
| 301 | + wordwrap($customtext[0]['value'], 72)."\n---------------------------------\n\n"; |
|
| 302 | 302 | } |
| 303 | 303 | // and add Reply-To already now |
| 304 | 304 | foreach ($federation->listFederationAdmins() as $fedadmin_id) { |
@@ -314,19 +314,19 @@ discard block |
||
| 314 | 314 | } |
| 315 | 315 | $productname = \config\Master::APPEARANCE['productname']; |
| 316 | 316 | $consortium = \config\ConfAssistant::CONSORTIUM['display_name']; |
| 317 | - $message .= wordwrap(sprintf(_("To enlist as an administrator for that %s, please click on the following link:"), Entity::$nomenclature_participant), 72) . "\n\n" . |
|
| 318 | - $proto . $_SERVER['SERVER_NAME'] . \config\Master::PATHS['cat_base_url'] . "admin/action_enrollment.php?token=$newtoken\n\n" . |
|
| 319 | - wordwrap(sprintf(_("If clicking the link doesn't work, you can also go to the %s Administrator Interface at"), $productname), 72) . "\n\n" . |
|
| 320 | - $proto . $_SERVER['SERVER_NAME'] . \config\Master::PATHS['cat_base_url'] . "admin/\n\n" . |
|
| 321 | - _("and enter the invitation token") . "\n\n" . |
|
| 322 | - $newtoken . "\n\n$replyToMessage\n\n" . |
|
| 323 | - wordwrap(_("Do NOT forward the mail before the token has expired - or the recipients may be able to consume the token on your behalf!"), 72) . "\n\n" . |
|
| 324 | - wordwrap(sprintf(_("We wish you a lot of fun with the %s."), $productname), 72) . "\n\n" . |
|
| 317 | + $message .= wordwrap(sprintf(_("To enlist as an administrator for that %s, please click on the following link:"), Entity::$nomenclature_participant), 72)."\n\n". |
|
| 318 | + $proto.$_SERVER['SERVER_NAME'].\config\Master::PATHS['cat_base_url']."admin/action_enrollment.php?token=$newtoken\n\n". |
|
| 319 | + wordwrap(sprintf(_("If clicking the link doesn't work, you can also go to the %s Administrator Interface at"), $productname), 72)."\n\n". |
|
| 320 | + $proto.$_SERVER['SERVER_NAME'].\config\Master::PATHS['cat_base_url']."admin/\n\n". |
|
| 321 | + _("and enter the invitation token")."\n\n". |
|
| 322 | + $newtoken."\n\n$replyToMessage\n\n". |
|
| 323 | + wordwrap(_("Do NOT forward the mail before the token has expired - or the recipients may be able to consume the token on your behalf!"), 72)."\n\n". |
|
| 324 | + wordwrap(sprintf(_("We wish you a lot of fun with the %s."), $productname), 72)."\n\n". |
|
| 325 | 325 | sprintf(_("Sincerely,\n\nYour friendly folks from %s Operations"), $consortium); |
| 326 | 326 | |
| 327 | 327 | |
| 328 | 328 | // who to whom? |
| 329 | - $mail->FromName = \config\Master::APPEARANCE['productname'] . " Invitation System"; |
|
| 329 | + $mail->FromName = \config\Master::APPEARANCE['productname']." Invitation System"; |
|
| 330 | 330 | |
| 331 | 331 | if (isset(\config\Master::APPEARANCE['invitation-bcc-mail']) && \config\Master::APPEARANCE['invitation-bcc-mail'] !== NULL) { |
| 332 | 332 | $mail->addBCC(\config\Master::APPEARANCE['invitation-bcc-mail']); |
