GEANT / CAT

core/ProfileRADIUS.php

Spacing +10 added lines, -10 removed lines

@@ -105,9 +105,9 @@ 
 
         $attributesLowLevel = array_merge($this->deviceLevelAttributes, $this->eapLevelAttributes);
 
-        $this->loggerInstance->debug(5, "Device-Level Attributes: " . /** @scrutinizer ignore-type */ print_r($this->deviceLevelAttributes, true));
-        $this->loggerInstance->debug(5, "EAP-Level Attributes: " . /** @scrutinizer ignore-type */ print_r($this->eapLevelAttributes, true));
-        $this->loggerInstance->debug(5, "All low-Level Attributes: " . /** @scrutinizer ignore-type */ print_r($attributesLowLevel, true));
+        $this->loggerInstance->debug(5, "Device-Level Attributes: "./** @scrutinizer ignore-type */ print_r($this->deviceLevelAttributes, true));
+        $this->loggerInstance->debug(5, "EAP-Level Attributes: "./** @scrutinizer ignore-type */ print_r($this->eapLevelAttributes, true));
+        $this->loggerInstance->debug(5, "All low-Level Attributes: "./** @scrutinizer ignore-type */ print_r($attributesLowLevel, true));
 
         // now fetch and merge profile-level attributes if not already set on deeper level
 
@@ -137,7 +137,7 @@ 
             }
         }
 
-        $this->loggerInstance->debug(5, "Merged Attributes: " . /** @scrutinizer ignore-type */ print_r($attributesLowLevel, true));
+        $this->loggerInstance->debug(5, "Merged Attributes: "./** @scrutinizer ignore-type */ print_r($attributesLowLevel, true));
 
         // now, fetch and merge IdP-wide attributes
 
@@ -152,7 +152,7 @@ 
         // add the internal attribute to that effect
         
         if (isset($this->attributes['media:openroaming_always'])) {
-            $this->attributes = array_merge($this->attributes, $this->addInternalAttributes([ "internal:openroaming" => TRUE ] ));
+            $this->attributes = array_merge($this->attributes, $this->addInternalAttributes(["internal:openroaming" => TRUE]));
         }
         
         $this->loggerInstance->debug(3, "--- END Constructing new Profile object ... ---\n");
@@ -200,7 +200,7 @@ 
                 "row" => $attributeQuery->row,
                 "flag" => $optinfo['flag'],
                 "device" => ($devicesOrEAPMethods == "DEVICES" ? $attributeQuery->deviceormethod : NULL),
-                "eapmethod" => ($devicesOrEAPMethods == "DEVICES" ? 0 : (new \core\common\EAP($attributeQuery->deviceormethod))->getArrayRep() )];
+                "eapmethod" => ($devicesOrEAPMethods == "DEVICES" ? 0 : (new \core\common\EAP($attributeQuery->deviceormethod))->getArrayRep())];
         }
         return $temparray;
     }
@@ -309,7 +309,7 @@ 
      */
     public function setAnonymousIDSupport($shallwe)
     {
-        $this->databaseHandle->exec("UPDATE profile SET use_anon_outer = " . ($shallwe === true ? "1" : "0") . " WHERE profile_id = $this->identifier");
+        $this->databaseHandle->exec("UPDATE profile SET use_anon_outer = ".($shallwe === true ? "1" : "0")." WHERE profile_id = $this->identifier");
     }
 
     /** Toggle special username for realm checks
@@ -319,7 +319,7 @@ 
      * @return void
      */
     public function setRealmCheckUser($shallwe, $localpart = NULL) {
-        $this->databaseHandle->exec("UPDATE profile SET checkuser_outer = " . ($shallwe === true ? "1" : "0") . " WHERE profile_id = $this->identifier");
+        $this->databaseHandle->exec("UPDATE profile SET checkuser_outer = ".($shallwe === true ? "1" : "0")." WHERE profile_id = $this->identifier");
         if ($localpart !== NULL) {
             $this->databaseHandle->exec("UPDATE profile SET checkuser_value = ? WHERE profile_id = $this->identifier", "s", $localpart);
         }
@@ -334,8 +334,8 @@ 
      */
     public function setInputVerificationPreference($verify, $hint)
     {
-        $this->databaseHandle->exec("UPDATE profile SET verify_userinput_suffix = " . ($verify === true ? "1" : "0") .
-                ", hint_userinput_suffix = " . ($hint === true ? "1" : "0") .
+        $this->databaseHandle->exec("UPDATE profile SET verify_userinput_suffix = ".($verify === true ? "1" : "0").
+                ", hint_userinput_suffix = ".($hint === true ? "1" : "0").
                 " WHERE profile_id = $this->identifier");
     }
 

core/DBConnection.php

Spacing +20 added lines, -20 removed lines

@@ -62,24 +62,24 @@ 
             case "EXTERNAL":
             case "FRONTEND":
             case "DIAGNOSTICS":
-                if (!isset(self::${"instance" . $theDb})) {
+                if (!isset(self::${"instance".$theDb})) {
                     $class = __CLASS__;
-                    self::${"instance" . $theDb} = new $class($database);
-                    DBConnection::${"instance" . $theDb}->databaseInstance = $theDb;
+                    self::${"instance".$theDb} = new $class($database);
+                    DBConnection::${"instance".$theDb}->databaseInstance = $theDb;
                 }
-                return self::${"instance" . $theDb};
+                return self::${"instance".$theDb};
             case "RADIUS":
-                if (!isset(self::${"instance" . $theDb})) {
+                if (!isset(self::${"instance".$theDb})) {
                     $class = __CLASS__;
                     foreach (\config\ConfAssistant::DB as $name => $oneRadiusAuthDb) {
                         $theInstance = new $class($name);
-                        self::${"instance" . $theDb}[] = $theInstance;
+                        self::${"instance".$theDb}[] = $theInstance;
                         $theInstance->databaseInstance = $theDb;
                     }
                 }
-                return self::${"instance" . $theDb};
+                return self::${"instance".$theDb};
             default:
-                throw new Exception("This type of database (" . strtoupper($database) . ") is not known!");
+                throw new Exception("This type of database (".strtoupper($database).") is not known!");
         }
     }
 
@@ -121,18 +121,18 @@ 
             }
         }
         // log exact query to debug log, if log level is at 5
-        $this->loggerInstance->debug(5, "DB ATTEMPT: " . $querystring . "\n");
+        $this->loggerInstance->debug(5, "DB ATTEMPT: ".$querystring."\n");
         if ($types !== NULL) {
-            $this->loggerInstance->debug(5, "Argument type sequence: $types, parameters are: " . /** @scrutinizer ignore-type */ print_r($arguments, true));
+            $this->loggerInstance->debug(5, "Argument type sequence: $types, parameters are: "./** @scrutinizer ignore-type */ print_r($arguments, true));
         }
 
         if ($this->connection->connect_error) {
-            throw new Exception("ERROR: Cannot send query to $this->databaseInstance database (no connection, error number" . $this->connection->connect_error . ")!");
+            throw new Exception("ERROR: Cannot send query to $this->databaseInstance database (no connection, error number".$this->connection->connect_error.")!");
         }
         if ($types === NULL) {
             $result = $this->connection->query($querystring);
             if ($result === FALSE) {
-                throw new Exception("DB: Unable to execute simple statement! Error was --> " . $this->connection->error . " <--");
+                throw new Exception("DB: Unable to execute simple statement! Error was --> ".$this->connection->error." <--");
             }
         } else {
             // fancy! prepared statement with dedicated argument list
@@ -148,7 +148,7 @@ 
                 }
                 $prepResult = $statementObject->prepare($querystring);
                 if ($prepResult === FALSE) {
-                    throw new Exception("DB: Unable to prepare statement! Statement was --> $querystring <--, error was --> " . $statementObject->error . " <--.");
+                    throw new Exception("DB: Unable to prepare statement! Statement was --> $querystring <--, error was --> ".$statementObject->error." <--.");
                 }
                 $this->preparedStatements[$querystring] = $statementObject;
             }
@@ -161,11 +161,11 @@ 
             array_unshift($localArray, $types);
             $retval = call_user_func_array([$statementObject, "bind_param"], $localArray);
             if ($retval === FALSE) {
-                throw new Exception("DB: Unable to bind parameters to prepared statement! Argument array was --> " . var_export($localArray, TRUE) . " <--. Error was --> " . $statementObject->error . " <--");
+                throw new Exception("DB: Unable to bind parameters to prepared statement! Argument array was --> ".var_export($localArray, TRUE)." <--. Error was --> ".$statementObject->error." <--");
             }
             $result = $statementObject->execute();
             if ($result === FALSE) {
-                throw new Exception("DB: Unable to execute prepared statement! Error was --> " . $statementObject->error . " <--");
+                throw new Exception("DB: Unable to execute prepared statement! Error was --> ".$statementObject->error." <--");
             }
             $selectResult = $statementObject->get_result();
             if ($selectResult !== FALSE) {
@@ -175,14 +175,14 @@ 
 
         // all cases where $result could be FALSE have been caught earlier
         if ($this->connection->errno) {
-            throw new Exception("ERROR: Cannot execute query in $this->databaseInstance database - (hopefully escaped) query was '$querystring', errno was " . $this->connection->errno . "!");
+            throw new Exception("ERROR: Cannot execute query in $this->databaseInstance database - (hopefully escaped) query was '$querystring', errno was ".$this->connection->errno."!");
         }
 
 
         if ($isMoreThanSelect) {
-            $this->loggerInstance->writeSQLAudit("[DB: " . strtoupper($this->databaseInstance) . "] " . $querystring);
+            $this->loggerInstance->writeSQLAudit("[DB: ".strtoupper($this->databaseInstance)."] ".$querystring);
             if ($types !== NULL) {
-                $this->loggerInstance->writeSQLAudit("Argument type sequence: $types, parameters are: " . /** @scrutinizer ignore-type */ print_r($arguments, true));
+                $this->loggerInstance->writeSQLAudit("Argument type sequence: $types, parameters are: "./** @scrutinizer ignore-type */ print_r($arguments, true));
             }
         }
         return $result;
@@ -277,13 +277,13 @@ 
         if (isset(\config\Master::DB[$databaseCapitalised])) {
             $this->connection = new \mysqli(\config\Master::DB[$databaseCapitalised]['host'], \config\Master::DB[$databaseCapitalised]['user'], \config\Master::DB[$databaseCapitalised]['pass'], \config\Master::DB[$databaseCapitalised]['db']);
             if ($this->connection->connect_error) {
-                throw new Exception("ERROR: Unable to connect to $database database! This is a fatal error, giving up (error number " . $this->connection->connect_errno . ").");
+                throw new Exception("ERROR: Unable to connect to $database database! This is a fatal error, giving up (error number ".$this->connection->connect_errno.").");
             }
             $this->readOnly = \config\Master::DB[$databaseCapitalised]['readonly'];
         } else { // one of the RADIUS DBs
             $this->connection = new \mysqli(\config\ConfAssistant::DB[$databaseCapitalised]['host'], \config\ConfAssistant::DB[$databaseCapitalised]['user'], \config\ConfAssistant::DB[$databaseCapitalised]['pass'], \config\ConfAssistant::DB[$databaseCapitalised]['db']);
             if ($this->connection->connect_error) {
-                throw new Exception("ERROR: Unable to connect to $database database! This is a fatal error, giving up (error number " . $this->connection->connect_errno . ").");
+                throw new Exception("ERROR: Unable to connect to $database database! This is a fatal error, giving up (error number ".$this->connection->connect_errno.").");
             }
             $this->readOnly = \config\ConfAssistant::DB[$databaseCapitalised]['readonly'];
         }

core/AbstractProfile.php

Spacing +7 added lines, -7 removed lines

@@ -134,7 +134,7 @@ 
     protected function saveDownloadDetails($idpIdentifier, $profileId, $deviceId, $area, $lang, $eapType)
     {
         if (\config\Master::PATHS['logdir']) {
-            $file = fopen(\config\Master::PATHS['logdir'] . "/download_details.log", "a");
+            $file = fopen(\config\Master::PATHS['logdir']."/download_details.log", "a");
             if ($file === FALSE) {
                 throw new Exception("Unable to open file for append: $file");
             }
@@ -181,7 +181,7 @@ 
         }
         foreach ($new->getAttributes("eap:server_name") as $newName) {
             if (!in_array($newName['value'], $baselineNames)) {
-                $retval[AbstractProfile::SERVERNAME_ADDED] .= "#New server name '" . $newName['value'] . "' added";
+                $retval[AbstractProfile::SERVERNAME_ADDED] .= "#New server name '".$newName['value']."' added";
             }
         }
         return $retval;
@@ -205,7 +205,7 @@ 
             $eaptype = new common\EAP($eapQuery->eap_method_id);
             $eapTypeArray[] = $eaptype;
         }
-        $this->loggerInstance->debug(4, "This profile supports the following EAP types:\n" . /** @scrutinizer ignore-type */ print_r($eapTypeArray, true));
+        $this->loggerInstance->debug(4, "This profile supports the following EAP types:\n"./** @scrutinizer ignore-type */ print_r($eapTypeArray, true));
         return $eapTypeArray;
     }
 
@@ -287,16 +287,16 @@ 
         if (count($this->getAttributes("internal:checkuser_outer")) > 0) {
             // we are supposed to use a specific outer username for checks, 
             // which is different from the outer username we put into installers
-            return $this->getAttributes("internal:checkuser_value")[0]['value'] . "@" . $realm;
+            return $this->getAttributes("internal:checkuser_value")[0]['value']."@".$realm;
         }
         if (count($this->getAttributes("internal:use_anon_outer")) > 0) {
             // no special check username, but there is an anon outer ID for
             // installers - so let's use that one
-            return $this->getAttributes("internal:anon_local_value")[0]['value'] . "@" . $realm;
+            return $this->getAttributes("internal:anon_local_value")[0]['value']."@".$realm;
         }
         // okay, no guidance on outer IDs at all - but we need *something* to
         // test with for the RealmChecks. So:
-        return "@" . $realm;
+        return "@".$realm;
     }
 
     /**
@@ -747,7 +747,7 @@ 
     public function prepShowtime()
     {
         $properConfig = $this->readyForShowtime();
-        $this->databaseHandle->exec("UPDATE profile SET sufficient_config = " . ($properConfig ? "TRUE" : "FALSE") . " WHERE profile_id = " . $this->identifier);
+        $this->databaseHandle->exec("UPDATE profile SET sufficient_config = ".($properConfig ? "TRUE" : "FALSE")." WHERE profile_id = ".$this->identifier);
 
         $attribs = $this->getCollapsedAttributes();
         // if not enough info to go live, set FALSE

core/SilverbulletCertificate.php

Spacing +5 added lines, -5 removed lines

@@ -325,7 +325,7 @@ 
         $invitationObject = new SilverbulletInvitation($token);
         $profile = new ProfileSilverbullet($invitationObject->profile);
         $inst = new IdP($profile->institution);
-        $loggerInstance->debug(5, "tokenStatus: done, got " . $invitationObject->invitationTokenStatus . ", " . $invitationObject->profile . ", " . $invitationObject->userId . ", " . $invitationObject->expiry . ", " . $invitationObject->invitationTokenString . "\n");
+        $loggerInstance->debug(5, "tokenStatus: done, got ".$invitationObject->invitationTokenStatus.", ".$invitationObject->profile.", ".$invitationObject->userId.", ".$invitationObject->expiry.", ".$invitationObject->invitationTokenString."\n");
         if ($invitationObject->invitationTokenStatus != SilverbulletInvitation::SB_TOKENSTATUS_VALID && $invitationObject->invitationTokenStatus != SilverbulletInvitation::SB_TOKENSTATUS_PARTIALLY_REDEEMED) {
             throw new Exception("Attempt to generate a SilverBullet installer with an invalid/redeemed/expired token. The user should never have gotten that far!");
         }
@@ -338,12 +338,12 @@ 
             throw new Exception("Despite a valid token, the corresponding user was not found in database or database query error!");
         }
         $expiryObject = mysqli_fetch_object(/** @scrutinizer ignore-type */ $userrow);
-        $loggerInstance->debug(5, "EXP: " . $expiryObject->expiry . "\n");
+        $loggerInstance->debug(5, "EXP: ".$expiryObject->expiry."\n");
         $expiryDateObject = date_create_from_format("Y-m-d H:i:s", $expiryObject->expiry);
         if ($expiryDateObject === FALSE) {
             throw new Exception("The expiry date we got from the DB is bogus!");
         }
-        $loggerInstance->debug(5, $expiryDateObject->format("Y-m-d H:i:s") . "\n");
+        $loggerInstance->debug(5, $expiryDateObject->format("Y-m-d H:i:s")."\n");
         // date_create with no parameters can't fail, i.e. is never FALSE
         $validity = date_diff(/** @scrutinizer ignore-type */ date_create(), $expiryDateObject);
         $expiryDays = $validity->days + 1;
@@ -382,7 +382,7 @@ 
         $certString = "";
         openssl_x509_export($cert, $certString);
         $parsedCert = $x509->processCertificate($certString);
-        $loggerInstance->debug(5, "CERTINFO: " . /** @scrutinizer ignore-type */ print_r($parsedCert['full_details'], true));
+        $loggerInstance->debug(5, "CERTINFO: "./** @scrutinizer ignore-type */ print_r($parsedCert['full_details'], true));
         $realExpiryDate = date_create_from_format("U", $parsedCert['full_details']['validTo_time_t'])->format("Y-m-d H:i:s");
 
         // store new cert info in DB
@@ -442,7 +442,7 @@ 
         $username = "";
         while ($usernameIsUnique === FALSE) {
             $usernameLocalPart = common\Entity::randomString(64 - 1 - strlen($realm), "0123456789abcdefghijklmnopqrstuvwxyz");
-            $username = $usernameLocalPart . "@" . $realm;
+            $username = $usernameLocalPart."@".$realm;
             $uniquenessQuery = $databaseHandle->exec("SELECT cn from silverbullet_certificate WHERE cn = ? AND ca_type = ?", "ss", $username, $certtype);
             // SELECT -> resource, not boolean
             if (mysqli_num_rows(/** @scrutinizer ignore-type */ $uniquenessQuery) == 0) {

core/CertificationAuthorityEduPki.php

Spacing +37 added lines, -37 removed lines

@@ -17,9 +17,9 @@ 
 class CertificationAuthorityEduPki extends EntityWithDBProperties implements CertificationAuthorityInterface
 {
 
-    private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem";
-    private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey";
-    private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem";
+    private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem";
+    private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey";
+    private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem";
     private const EDUPKI_RA_ID = 700;
     private const EDUPKI_CERT_PROFILE = "User SOAP";
     private const EDUPKI_RA_PKEY_PASSPHRASE = "...";
@@ -35,13 +35,13 @@ 
         parent::__construct();
 
         if (stat(CertificationAuthorityEduPki::LOCATION_RA_CERT) === FALSE) {
-            throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPki::LOCATION_RA_CERT);
+            throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPki::LOCATION_RA_CERT);
         }
         if (stat(CertificationAuthorityEduPki::LOCATION_RA_KEY) === FALSE) {
-            throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPki::LOCATION_RA_KEY);
+            throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPki::LOCATION_RA_KEY);
         }
         if (stat(CertificationAuthorityEduPki::LOCATION_WEBROOT) === FALSE) {
-            throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPki::LOCATION_WEBROOT);
+            throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPki::LOCATION_WEBROOT);
         }
     }
 
@@ -75,19 +75,19 @@ 
         // initialise connection to eduPKI CA / eduroam RA and send the request to them
         try {
             $altArray = [# Array mit den Subject Alternative Names
-                "email:" . $csr["USERNAME"]
+                "email:".$csr["USERNAME"]
             ];
             $soapPub = $this->initEduPKISoapSession("PUBLIC");
             $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n");
-            $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPki::EDUPKI_RA_ID . "\n");
-            $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n");
+            $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPki::EDUPKI_RA_ID."\n");
+            $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n");
             $this->loggerInstance->debug(5, "PARAM_3: ");
             $this->loggerInstance->debug(5, $altArray);
-            $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE . "\n");
-            $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n");
-            $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n");
-            $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERNAME"] . "\n");
-            $this->loggerInstance->debug(5, "PARAM_8: " . ProfileSilverbullet::PRODUCTNAME . "\n");
+            $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE."\n");
+            $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n");
+            $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n");
+            $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERNAME"]."\n");
+            $this->loggerInstance->debug(5, "PARAM_8: ".ProfileSilverbullet::PRODUCTNAME."\n");
             $this->loggerInstance->debug(5, "PARAM_9: false\n");
             $soapNewRequest = $soapPub->newRequest(
                     CertificationAuthorityEduPki::EDUPKI_RA_ID, # RA-ID
@@ -109,11 +109,11 @@ 
         } catch (Exception $e) {
             // PHP 7.1 can do this much better
             if (is_soap_fault($e)) {
-                throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}:  {
+                throw new Exception("Error when sending SOAP request: "."{$e->faultcode}:  {
                     $e->faultstring
                 }\n");
             }
-            throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage());
+            throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage());
         }
         try {
             $soap = $this->initEduPKISoapSession("RA");
@@ -125,8 +125,8 @@ 
                     $soapReqnum, [
                 "RaID" => CertificationAuthorityEduPki::EDUPKI_RA_ID,
                 "Role" => CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE,
-                "Subject" => "DC=eduroam,DC=test,DC=test,C=" . $csr["FED"] . ",O=" . \config\ConfAssistant::CONSORTIUM['name'] . ",OU=" . $csr["FED"] . ",CN=" . $csr['USERNAME'] . ",emailAddress=" . $csr['USERNAME'],
-                "SubjectAltNames" => ["email:" . $csr["USERNAME"]],
+                "Subject" => "DC=eduroam,DC=test,DC=test,C=".$csr["FED"].",O=".\config\ConfAssistant::CONSORTIUM['name'].",OU=".$csr["FED"].",CN=".$csr['USERNAME'].",emailAddress=".$csr['USERNAME'],
+                "SubjectAltNames" => ["email:".$csr["USERNAME"]],
                 "NotBefore" => (new \DateTime())->format('c'),
                 "NotAfter" => $expiry->format('c'),
                     ]
@@ -145,7 +145,7 @@ 
             // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file
             // rather than just using the string. Grr.
             $tempdir = \core\common\Entity::createTemporaryDirectory("test");
-            file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext);
+            file_put_contents($tempdir['dir']."/content.txt", $soapCleartext);
             // retrieve our RA cert from filesystem                    
             // the RA certificates are not needed right now because we
             // have resorted to S/MIME signatures with openssl command-line
@@ -157,7 +157,7 @@ 
             // sign the data, using cmdline because openssl_pkcs7_sign produces strange results
             // -binary didn't help, nor switch -md to sha1 sha256 or sha512
             $this->loggerInstance->debug(5, "Actual content to be signed is this:\n  $soapCleartext\n");
-            $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem";
+            $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem";
             $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline:   $execCmd\n");
             $output = [];
             $return = 999;
@@ -166,14 +166,14 @@ 
                 throw new Exception("Non-zero return value from openssl smime!");
             }
             // and get the signature blob back from the filesystem
-            $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt"));
+            $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt"));
             $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n");
-            $this->loggerInstance->debug(5, $soapReqnum . "\n");
-            $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending!
-            $this->loggerInstance->debug(5, $detachedSig . "\n");
+            $this->loggerInstance->debug(5, $soapReqnum."\n");
+            $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending!
+            $this->loggerInstance->debug(5, $detachedSig."\n");
             $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig);
-            $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest());
-            $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse());
+            $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest());
+            $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse());
             if ($soapIssueCert === FALSE) {
                 throw new Exception("The locally approved request was NOT processed by the CA.");
             }
@@ -210,9 +210,9 @@ 
                 throw new Exception("CAInfo has no root certificate for us!");
             }
         } catch (SoapFault $e) {
-            throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
+            throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
         } catch (Exception $e) {
-            throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage());
+            throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage());
         }
         return [
             "CERT" => openssl_x509_read($parsedCert['pem']),
@@ -245,12 +245,12 @@ 
             // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file
             // rather than just using the string. Grr.
             $tempdir = \core\common\Entity::createTemporaryDirectory("test");
-            file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest);
+            file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest);
             // retrieve our RA cert from filesystem
             // sign the data, using cmdline because openssl_pkcs7_sign produces strange results
             // -binary didn't help, nor switch -md to sha1 sha256 or sha512
             $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n");
-            $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPki::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPki::LOCATION_RA_CERT;
+            $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPki::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPki::LOCATION_RA_CERT;
             $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n");
             $output = [];
             $return = 999;
@@ -259,7 +259,7 @@ 
                 throw new Exception("Non-zero return value from openssl smime!");
             }
             // and get the signature blob back from the filesystem
-            $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt"));
+            $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt"));
             $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig);
             if ($soapIssueRev === FALSE) {
                 throw new Exception("The locally approved revocation request was NOT processed by the CA.");
@@ -267,9 +267,9 @@ 
         } catch (Exception $e) {
             // PHP 7.1 can do this much better
             if (is_soap_fault($e)) {
-                throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n");
+                throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n");
             }
-            throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage());
+            throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage());
         }
     }
 
@@ -369,9 +369,9 @@ 
      */
     public function soapToXmlInteger($x)
     {
-        return '<' . $x[0] . '>'
+        return '<'.$x[0].'>'
                 . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1)
-                . '</' . $x[0] . '>';
+                . '</'.$x[0].'>';
     }
 
     /**
@@ -390,9 +390,9 @@ 
         // dump private key into directory
         $outstring = "";
         openssl_pkey_export($privateKey, $outstring);
-        file_put_contents($tempdir . "/pkey.pem", $outstring);
+        file_put_contents($tempdir."/pkey.pem", $outstring);
         // PHP can only do one DC in the Subject. But we need three.
-        $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username";
+        $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username";
         $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n");
         $output = [];
         $return = 999;

core/CertificationAuthorityEduPkiServer.php

Spacing +37 added lines, -37 removed lines

@@ -17,9 +17,9 @@ 
 class CertificationAuthorityEduPkiServer extends EntityWithDBProperties implements CertificationAuthorityInterface
 {
 
-    private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem";
-    private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey";
-    private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem";
+    private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem";
+    private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey";
+    private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem";
     private const EDUPKI_RA_ID = 700;
     private const EDUPKI_CERT_PROFILE = "Radius Server SOAP";
     private const EDUPKI_RA_PKEY_PASSPHRASE = "...";
@@ -35,13 +35,13 @@ 
         parent::__construct();
 
         if (stat(CertificationAuthorityEduPkiServer::LOCATION_RA_CERT) === FALSE) {
-            throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPkiServer::LOCATION_RA_CERT);
+            throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPkiServer::LOCATION_RA_CERT);
         }
         if (stat(CertificationAuthorityEduPkiServer::LOCATION_RA_KEY) === FALSE) {
-            throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPkiServer::LOCATION_RA_KEY);
+            throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPkiServer::LOCATION_RA_KEY);
         }
         if (stat(CertificationAuthorityEduPkiServer::LOCATION_WEBROOT) === FALSE) {
-            throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPkiServer::LOCATION_WEBROOT);
+            throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPkiServer::LOCATION_WEBROOT);
         }
     }
 
@@ -99,19 +99,19 @@ 
         // initialise connection to eduPKI CA / eduroam RA and send the request to them
         try {
             $altArray = [# Array mit den Subject Alternative Names
-                "email:" . $csr["USERMAIL"]
+                "email:".$csr["USERMAIL"]
             ];
             $soapPub = $this->initEduPKISoapSession("PUBLIC");
             $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n");
-            $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPkiServer::EDUPKI_RA_ID . "\n");
-            $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n");
+            $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPkiServer::EDUPKI_RA_ID."\n");
+            $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n");
             $this->loggerInstance->debug(5, "PARAM_3: ");
             $this->loggerInstance->debug(5, $altArray);
-            $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPkiServer::EDUPKI_CERT_PROFILE . "\n");
-            $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n");
-            $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n");
-            $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERMAIL"] . "\n");
-            $this->loggerInstance->debug(5, "PARAM_8: " . ProfileSilverbullet::PRODUCTNAME . "\n");
+            $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPkiServer::EDUPKI_CERT_PROFILE."\n");
+            $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n");
+            $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n");
+            $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERMAIL"]."\n");
+            $this->loggerInstance->debug(5, "PARAM_8: ".ProfileSilverbullet::PRODUCTNAME."\n");
             $this->loggerInstance->debug(5, "PARAM_9: false\n");
             $soapNewRequest = $soapPub->newRequest(
                     CertificationAuthorityEduPkiServer::EDUPKI_RA_ID, # RA-ID
@@ -133,11 +133,11 @@ 
         } catch (Exception $e) {
             // PHP 7.1 can do this much better
             if (is_soap_fault($e)) {
-                throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}:  {
+                throw new Exception("Error when sending SOAP request: "."{$e->faultcode}:  {
                     $e->faultstring
                 }\n");
             }
-            throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage());
+            throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage());
         }
         try {
             $soap = $this->initEduPKISoapSession("RA");
@@ -171,7 +171,7 @@ 
             // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file
             // rather than just using the string. Grr.
             $tempdir = \core\common\Entity::createTemporaryDirectory("test");
-            file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext);
+            file_put_contents($tempdir['dir']."/content.txt", $soapCleartext);
             // retrieve our RA cert from filesystem                    
             // the RA certificates are not needed right now because we
             // have resorted to S/MIME signatures with openssl command-line
@@ -183,7 +183,7 @@ 
             // sign the data, using cmdline because openssl_pkcs7_sign produces strange results
             // -binary didn't help, nor switch -md to sha1 sha256 or sha512
             $this->loggerInstance->debug(5, "Actual content to be signed is this:\n  $soapCleartext\n");
-        $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem";
+        $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem";
             $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline:   $execCmd\n");
             $output = [];
             $return = 999;
@@ -192,21 +192,21 @@ 
                 throw new Exception("Non-zero return value from openssl smime!");
             }
             // and get the signature blob back from the filesystem
-            $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt"));
+            $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt"));
             $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n");
-            $this->loggerInstance->debug(5, $soapReqnum . "\n");
-            $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending!
-            $this->loggerInstance->debug(5, $detachedSig . "\n");
+            $this->loggerInstance->debug(5, $soapReqnum."\n");
+            $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending!
+            $this->loggerInstance->debug(5, $detachedSig."\n");
             $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig);
-            $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest());
-            $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse());
+            $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest());
+            $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse());
             if ($soapIssueCert === FALSE) {
                 throw new Exception("The locally approved request was NOT processed by the CA.");
             }
         } catch (SoapFault $e) {
-            throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
+            throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
         } catch (Exception $e) {
-            throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage());
+            throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage());
         }
         return $soapReqnum;
     }
@@ -258,9 +258,9 @@ 
                 throw new Exception("CAInfo has no root certificate for us!");
             }
         } catch (SoapFault $e) {
-            throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
+            throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
         } catch (Exception $e) {
-            throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage());
+            throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage());
         }
         return [
             "CERT" => openssl_x509_read($parsedCert['pem']),
@@ -293,12 +293,12 @@ 
             // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file
             // rather than just using the string. Grr.
             $tempdir = \core\common\Entity::createTemporaryDirectory("test");
-            file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest);
+            file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest);
             // retrieve our RA cert from filesystem
             // sign the data, using cmdline because openssl_pkcs7_sign produces strange results
             // -binary didn't help, nor switch -md to sha1 sha256 or sha512
             $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n");
-        $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPkiServer::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPkiServer::LOCATION_RA_CERT;
+        $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPkiServer::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPkiServer::LOCATION_RA_CERT;
             $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n");
             $output = [];
             $return = 999;
@@ -307,7 +307,7 @@ 
                 throw new Exception("Non-zero return value from openssl smime!");
             }
             // and get the signature blob back from the filesystem
-            $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt"));
+            $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt"));
             $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig);
             if ($soapIssueRev === FALSE) {
                 throw new Exception("The locally approved revocation request was NOT processed by the CA.");
@@ -315,9 +315,9 @@ 
         } catch (Exception $e) {
             // PHP 7.1 can do this much better
             if (is_soap_fault($e)) {
-                throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n");
+                throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n");
             }
-            throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage());
+            throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage());
         }
     }
 
@@ -417,9 +417,9 @@ 
      */
     public function soapToXmlInteger($x)
     {
-        return '<' . $x[0] . '>'
+        return '<'.$x[0].'>'
                 . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1)
-                . '</' . $x[0] . '>';
+                . '</'.$x[0].'>';
     }
 
     /**
@@ -438,9 +438,9 @@ 
         // dump private key into directory
         $outstring = "";
         openssl_pkey_export($privateKey, $outstring);
-        file_put_contents($tempdir . "/pkey.pem", $outstring);
+        file_put_contents($tempdir."/pkey.pem", $outstring);
         // PHP can only do one DC in the Subject. But we need three.
-        $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username";
+        $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username";
         $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n");
         $output = [];
         $return = 999;

core/CertificationAuthorityEmbeddedRSA.php

Spacing +20 added lines, -20 removed lines

@@ -16,10 +16,10 @@ 
 class CertificationAuthorityEmbeddedRSA extends EntityWithDBProperties implements CertificationAuthorityInterface
 {
 
-    private const LOCATION_ROOT_CA = ROOT . "/config/SilverbulletClientCerts/rootca-RSA.pem";
-    private const LOCATION_ISSUING_CA = ROOT . "/config/SilverbulletClientCerts/real-RSA.pem";
-    private const LOCATION_ISSUING_KEY = ROOT . "/config/SilverbulletClientCerts/real-RSA.key";
-    private const LOCATION_CONFIG = ROOT . "/config/SilverbulletClientCerts/openssl-RSA.cnf";
+    private const LOCATION_ROOT_CA = ROOT."/config/SilverbulletClientCerts/rootca-RSA.pem";
+    private const LOCATION_ISSUING_CA = ROOT."/config/SilverbulletClientCerts/real-RSA.pem";
+    private const LOCATION_ISSUING_KEY = ROOT."/config/SilverbulletClientCerts/real-RSA.key";
+    private const LOCATION_CONFIG = ROOT."/config/SilverbulletClientCerts/openssl-RSA.cnf";
 
     /**
      * string with the PEM variant of the root CA
@@ -66,11 +66,11 @@ 
         parent::__construct();
         $this->rootPem = file_get_contents(CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA);
         if ($this->rootPem === FALSE) {
-            throw new Exception("Root CA PEM file not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA);
+            throw new Exception("Root CA PEM file not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA);
         }
         $this->issuingCertRaw = file_get_contents(CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA);
         if ($this->issuingCertRaw === FALSE) {
-            throw new Exception("Issuing CA PEM file not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA);
+            throw new Exception("Issuing CA PEM file not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA);
         }
         $rootParsed = openssl_x509_read($this->rootPem);
         $issuingCertCandidate = openssl_x509_read($this->issuingCertRaw);
@@ -80,15 +80,15 @@ 
         }
         $this->issuingCert = $issuingCertCandidate;
         if (stat(CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY) === FALSE) {
-            throw new Exception("Private key not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY);
+            throw new Exception("Private key not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY);
         }
-        $issuingKeyTemp = openssl_pkey_get_private("file://" . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY);
+        $issuingKeyTemp = openssl_pkey_get_private("file://".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY);
         if ($issuingKeyTemp === FALSE || is_resource($issuingKeyTemp)) {
             throw new Exception("The private key did not parse correctly (or is not a PHP8 object)!");
         }
         $this->issuingKey = $issuingKeyTemp;
         if (stat(CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG) === FALSE) {
-            throw new Exception("openssl configuration not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG);
+            throw new Exception("openssl configuration not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG);
         }
         $this->conffile = CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG;
     }
@@ -131,27 +131,27 @@ 
         // generate stub index.txt file
         $tempdirArray = \core\common\Entity::createTemporaryDirectory("test");
         $tempdir = $tempdirArray['dir'];
-        $nowIndexTxt = (new \DateTime())->format("ymdHis") . "Z";
-        $expiryIndexTxt = $originalExpiry->format("ymdHis") . "Z";
+        $nowIndexTxt = (new \DateTime())->format("ymdHis")."Z";
+        $expiryIndexTxt = $originalExpiry->format("ymdHis")."Z";
         // serials for our CA are always integers
         $serialHex = strtoupper(dechex((int) $cert->serial));
         if (strlen($serialHex) % 2 == 1) {
-            $serialHex = "0" . $serialHex;
+            $serialHex = "0".$serialHex;
         }
 
-        $indexStatement = "$certstatus\t$expiryIndexTxt\t" . ($certstatus == "R" ? "$nowIndexTxt,unspecified" : "") . "\t$serialHex\tunknown\t/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$federation/CN=$cert->username\n";
+        $indexStatement = "$certstatus\t$expiryIndexTxt\t".($certstatus == "R" ? "$nowIndexTxt,unspecified" : "")."\t$serialHex\tunknown\t/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$federation/CN=$cert->username\n";
         $this->loggerInstance->debug(4, "index.txt contents-to-be: $indexStatement");
-        if (!file_put_contents($tempdir . "/index.txt", $indexStatement)) {
+        if (!file_put_contents($tempdir."/index.txt", $indexStatement)) {
             $this->loggerInstance->debug(1, "Unable to write openssl index.txt file for revocation handling!");
         }
         // index.txt.attr is dull but needs to exist
-        file_put_contents($tempdir . "/index.txt.attr", "unique_subject = yes\n");
+        file_put_contents($tempdir."/index.txt.attr", "unique_subject = yes\n");
         // call "openssl ocsp" to manufacture our own OCSP statement
         // adding "-rmd sha1" to the following command-line makes the
         // choice of signature algorithm for the response explicit
         // but it's only available from openssl-1.1.0 (which we do not
         // want to require just for that one thing).
-        $execCmd = \config\Master::PATHS['openssl'] . " ocsp -issuer " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -rsigner " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -rkey " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY . " -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der";
+        $execCmd = \config\Master::PATHS['openssl']." ocsp -issuer ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -rsigner ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -rkey ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY." -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der";
         $this->loggerInstance->debug(2, "Calling openssl ocsp with following cmdline: $execCmd\n");
         $output = [];
         $return = 999;
@@ -159,11 +159,11 @@ 
         if ($return !== 0) {
             throw new Exception("Non-zero return value from openssl ocsp!");
         }
-        $ocsp = file_get_contents($tempdir . "/$serialHex.response.der");
+        $ocsp = file_get_contents($tempdir."/$serialHex.response.der");
         // remove the temp dir!
-        unlink($tempdir . "/$serialHex.response.der");
-        unlink($tempdir . "/index.txt.attr");
-        unlink($tempdir . "/index.txt");
+        unlink($tempdir."/$serialHex.response.der");
+        unlink($tempdir."/index.txt.attr");
+        unlink($tempdir."/index.txt");
         rmdir($tempdir);
         $this->databaseHandle->exec("UPDATE silverbullet_certificate SET OCSP = ?, OCSP_timestamp = NOW() WHERE serial_number = ?", "si", $ocsp, $cert->serial);
         return $ocsp;

web/admin/inc/filepreview.php

Spacing +3 added lines, -3 removed lines

@@ -22,7 +22,7 @@ 
 ?>
 <?php
 
-require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php";
+require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php";
 
 $validator = new \web\lib\common\InputValidation();
 $idRaw = $_GET["id"] ?? "";
@@ -37,7 +37,7 @@ 
         // Set data type and caching for 30 days
         $info = new finfo();
         $filetype = $info->buffer($finalBlob, FILEINFO_MIME_TYPE);
-        header("Content-type: " . $filetype);
+        header("Content-type: ".$filetype);
 
         switch ($filetype) {
             case "text/rtf": // fall-through, same treatment
@@ -54,7 +54,7 @@ 
         header("Cache-Control: must-revalidate");
         $offset = 60 * 60 * 24 * 30;
         // gmdate can't possibly fail, because it operates on time() and an integer offset
-        $ExpStr = "Expires: " . /** @scrutinizer ignore-type */ gmdate("D, d M Y H:i:s", time() + $offset) . " GMT";
+        $ExpStr = "Expires: "./** @scrutinizer ignore-type */ gmdate("D, d M Y H:i:s", time() + $offset)." GMT";
         header($ExpStr);
         //  Print out the image
         echo $finalBlob;

web/admin/inc/sendinvite.inc.php

Switch Indentation +87 added lines, -87 removed lines

@@ -98,98 +98,98 @@
 }
 
 switch ($operationMode) {
-    case OPERATION_MODE_EDIT:
-        $idp = $validator->existingIdP($_GET['inst_id']);
-        // editing IdPs is done from within the popup. When we're done, send the 
-        // user back to the popup (append the result of the operation later)
-        $redirectDestination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&";
-        if (count($validAddresses) == 0) {
-            header("Location: $redirectDestination" . "invitation=INVALIDSYNTAX");
-            exit(1);
-        }
-        // is the user primary admin of this IdP?
-        $is_owner = $idp->isPrimaryOwner($_SESSION['user']);
-        // check if he is (also) federation admin for the federation this IdP is in. His invitations have more blessing then.
-        $fedadmin = $userObject->isFederationAdmin($idp->federation);
-        // check if he is either one, if not, complain
-        if (!$is_owner && !$fedadmin) {
-            echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureInst) . "</p>";
-            exit(1);
-        }
+        case OPERATION_MODE_EDIT:
+            $idp = $validator->existingIdP($_GET['inst_id']);
+            // editing IdPs is done from within the popup. When we're done, send the 
+            // user back to the popup (append the result of the operation later)
+            $redirectDestination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&";
+            if (count($validAddresses) == 0) {
+                header("Location: $redirectDestination" . "invitation=INVALIDSYNTAX");
+                exit(1);
+            }
+            // is the user primary admin of this IdP?
+            $is_owner = $idp->isPrimaryOwner($_SESSION['user']);
+            // check if he is (also) federation admin for the federation this IdP is in. His invitations have more blessing then.
+            $fedadmin = $userObject->isFederationAdmin($idp->federation);
+            // check if he is either one, if not, complain
+            if (!$is_owner && !$fedadmin) {
+                echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureInst) . "</p>";
+                exit(1);
+            }
 
-        $prettyprintname = $idp->name;
-        $newtokens = $mgmt->createTokens($fedadmin, $validAddresses, $idp);
-        $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . implode(",", $validAddresses));
-        $introtext = "CO-ADMIN";
-        $participant_type = $idp->type;
-        break;
-    case OPERATION_MODE_NEWUNLINKED:
-        $redirectDestination = "../overview_federation.php?";
-        if (count($validAddresses) == 0) {
-            header("Location: $redirectDestination"."invitation=INVALIDSYNTAX");
-            exit(1);
-        }
-        // run an input check and conversion of the raw inputs... just in case
-        $newinstname = $validator->string($_POST['name']);
-        $newcountry = $validator->string($_POST['country']);
-        $participant_type = $validator->partType($_POST['participant_type']);
-        $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry);
-        if ($new_idp_authorized_fedadmin !== TRUE) {
-            throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureInst . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!");
-        }
-        $federation = $validator->existingFederation($newcountry);
-        $prettyprintname = $newinstname;
-        $introtext = "NEW-FED";
-        // send the user back to his federation overview page, append the result of the operation later
-        // do the token creation magic
-        $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $newinstname, 0, $newcountry, $participant_type);
-        $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE  - Token created for $participant_type " . implode(",", $validAddresses));
-        break;
-    case OPERATION_MODE_NEWFROMDB:
-        $redirectDestination = "../overview_federation.php?";
-        if (count($validAddresses) == 0) {
-            header("Location: $redirectDestination"."invitation=INVALIDSYNTAX");
-            exit(1);
-        }
-        // a real external DB entry was submitted and all the required parameters are there
-        $newexternalid = $validator->string($_POST['externals']);
-        $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid);
-        $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']);
-        if ($new_idp_authorized_fedadmin !== TRUE) {
-            throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureInst . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!");
-        }
-        $federation = $validator->existingFederation($extinfo['country']);
-        $newcountry = $extinfo['country'];
-        // see if the inst name is defined in the currently set language; if not, pick its English name; if N/A, pick the last in the list
-        $prettyprintname = "";
-        foreach ($extinfo['names'] as $lang => $name) {
-            if ($lang == $languageInstance->getLang()) {
-                $prettyprintname = $name;
+            $prettyprintname = $idp->name;
+            $newtokens = $mgmt->createTokens($fedadmin, $validAddresses, $idp);
+            $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . implode(",", $validAddresses));
+            $introtext = "CO-ADMIN";
+            $participant_type = $idp->type;
+            break;
+        case OPERATION_MODE_NEWUNLINKED:
+            $redirectDestination = "../overview_federation.php?";
+            if (count($validAddresses) == 0) {
+                header("Location: $redirectDestination"."invitation=INVALIDSYNTAX");
+                exit(1);
             }
-        }
-        if ($prettyprintname == "" && isset($extinfo['names']['en'])) {
-            $prettyprintname = $extinfo['names']['en'];
-        }
-        if ($prettyprintname == "") {
-            foreach ($extinfo['names'] as $name) {
-                $prettyprintname = $name;
+            // run an input check and conversion of the raw inputs... just in case
+            $newinstname = $validator->string($_POST['name']);
+            $newcountry = $validator->string($_POST['country']);
+            $participant_type = $validator->partType($_POST['participant_type']);
+            $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry);
+            if ($new_idp_authorized_fedadmin !== TRUE) {
+                throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureInst . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!");
             }
-        }
-        $participant_type = $extinfo['type'];
-        // fill the rest of the text
-        $introtext = "EXISTING-FED";
-        // do the token creation magic
-        $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $prettyprintname, $newexternalid);
-        $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE  - Token created for " . implode(",", $validAddresses));
-        break;
-    default: // includes OPERATION_MODE_INVALID
-        // second param is TRUE, so the variable *will* contain a string
-        // i.e. ignore Scrutinizer type warning later
-        $wrongcontent = print_r($_POST, TRUE);
-        echo "<pre>Wrong parameters in POST:
+            $federation = $validator->existingFederation($newcountry);
+            $prettyprintname = $newinstname;
+            $introtext = "NEW-FED";
+            // send the user back to his federation overview page, append the result of the operation later
+            // do the token creation magic
+            $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $newinstname, 0, $newcountry, $participant_type);
+            $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE  - Token created for $participant_type " . implode(",", $validAddresses));
+            break;
+        case OPERATION_MODE_NEWFROMDB:
+            $redirectDestination = "../overview_federation.php?";
+            if (count($validAddresses) == 0) {
+                header("Location: $redirectDestination"."invitation=INVALIDSYNTAX");
+                exit(1);
+            }
+            // a real external DB entry was submitted and all the required parameters are there
+            $newexternalid = $validator->string($_POST['externals']);
+            $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid);
+            $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']);
+            if ($new_idp_authorized_fedadmin !== TRUE) {
+                throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureInst . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!");
+            }
+            $federation = $validator->existingFederation($extinfo['country']);
+            $newcountry = $extinfo['country'];
+            // see if the inst name is defined in the currently set language; if not, pick its English name; if N/A, pick the last in the list
+            $prettyprintname = "";
+            foreach ($extinfo['names'] as $lang => $name) {
+                if ($lang == $languageInstance->getLang()) {
+                    $prettyprintname = $name;
+                }
+            }
+            if ($prettyprintname == "" && isset($extinfo['names']['en'])) {
+                $prettyprintname = $extinfo['names']['en'];
+            }
+            if ($prettyprintname == "") {
+                foreach ($extinfo['names'] as $name) {
+                    $prettyprintname = $name;
+                }
+            }
+            $participant_type = $extinfo['type'];
+            // fill the rest of the text
+            $introtext = "EXISTING-FED";
+            // do the token creation magic
+            $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $prettyprintname, $newexternalid);
+            $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE  - Token created for " . implode(",", $validAddresses));
+            break;
+        default: // includes OPERATION_MODE_INVALID
+            // second param is TRUE, so the variable *will* contain a string
+            // i.e. ignore Scrutinizer type warning later
+            $wrongcontent = print_r($_POST, TRUE);
+            echo "<pre>Wrong parameters in POST:
 " . htmlspecialchars(/** @scrutinizer ignore-type */ $wrongcontent) . "
 </pre>";
-        exit(1);
+            exit(1);
 }
 
 // send, and invalidate the token immediately if the mail could not be sent!

Spacing +13 added lines, -13 removed lines

@@ -20,7 +20,7 @@ 
  *          <base_url>/copyright.php after deploying the software
  */
 
-require_once dirname(dirname(dirname(__DIR__))) . "/config/_config.php";
+require_once dirname(dirname(dirname(__DIR__)))."/config/_config.php";
 
 $auth = new \web\lib\admin\Authentication();
 $auth->authenticate();
@@ -102,9 +102,9 @@ 
         $idp = $validator->existingIdP($_GET['inst_id']);
         // editing IdPs is done from within the popup. When we're done, send the 
         // user back to the popup (append the result of the operation later)
-        $redirectDestination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&";
+        $redirectDestination = "manageAdmins.inc.php?inst_id=".$idp->identifier."&";
         if (count($validAddresses) == 0) {
-            header("Location: $redirectDestination" . "invitation=INVALIDSYNTAX");
+            header("Location: $redirectDestination"."invitation=INVALIDSYNTAX");
             exit(1);
         }
         // is the user primary admin of this IdP?
@@ -113,13 +113,13 @@ 
         $fedadmin = $userObject->isFederationAdmin($idp->federation);
         // check if he is either one, if not, complain
         if (!$is_owner && !$fedadmin) {
-            echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureInst) . "</p>";
+            echo "<p>".sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureInst)."</p>";
             exit(1);
         }
 
         $prettyprintname = $idp->name;
         $newtokens = $mgmt->createTokens($fedadmin, $validAddresses, $idp);
-        $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . implode(",", $validAddresses));
+        $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP ".$idp->identifier." - Token created for ".implode(",", $validAddresses));
         $introtext = "CO-ADMIN";
         $participant_type = $idp->type;
         break;
@@ -135,7 +135,7 @@ 
         $participant_type = $validator->partType($_POST['participant_type']);
         $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry);
         if ($new_idp_authorized_fedadmin !== TRUE) {
-            throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureInst . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!");
+            throw new Exception("Something's wrong... you want to create a new ".$uiElements->nomenclatureInst.", but are not a ".$uiElements->nomenclatureFed." admin for the ".$uiElements->nomenclatureFed." it should be in!");
         }
         $federation = $validator->existingFederation($newcountry);
         $prettyprintname = $newinstname;
@@ -143,7 +143,7 @@ 
         // send the user back to his federation overview page, append the result of the operation later
         // do the token creation magic
         $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $newinstname, 0, $newcountry, $participant_type);
-        $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE  - Token created for $participant_type " . implode(",", $validAddresses));
+        $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE  - Token created for $participant_type ".implode(",", $validAddresses));
         break;
     case OPERATION_MODE_NEWFROMDB:
         $redirectDestination = "../overview_federation.php?";
@@ -156,7 +156,7 @@ 
         $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid);
         $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']);
         if ($new_idp_authorized_fedadmin !== TRUE) {
-            throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureInst . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!");
+            throw new Exception("Something's wrong... you want to create a new ".$uiElements->nomenclatureInst.", but are not a ".$uiElements->nomenclatureFed." admin for the ".$uiElements->nomenclatureFed." it should be in!");
         }
         $federation = $validator->existingFederation($extinfo['country']);
         $newcountry = $extinfo['country'];
@@ -180,14 +180,14 @@ 
         $introtext = "EXISTING-FED";
         // do the token creation magic
         $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $prettyprintname, $newexternalid);
-        $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE  - Token created for " . implode(",", $validAddresses));
+        $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE  - Token created for ".implode(",", $validAddresses));
         break;
     default: // includes OPERATION_MODE_INVALID
         // second param is TRUE, so the variable *will* contain a string
         // i.e. ignore Scrutinizer type warning later
         $wrongcontent = print_r($_POST, TRUE);
         echo "<pre>Wrong parameters in POST:
-" . htmlspecialchars(/** @scrutinizer ignore-type */ $wrongcontent) . "
+" . htmlspecialchars(/** @scrutinizer ignore-type */ $wrongcontent)."
 </pre>";
         exit(1);
 }
@@ -212,14 +212,14 @@ 
 }
 
 if (count($status) == 0) {
-    header("Location: $redirectDestination" . "invitation=FAILURE");
+    header("Location: $redirectDestination"."invitation=FAILURE");
     exit;
 }
 $finalDestParams = "invitation=SUCCESS";
 if (count($status) < count($totalSegments)) { // only a subset of mails was sent, update status
     $finalDestParams = "invitation=PARTIAL";
 }
-$finalDestParams .= "&successcount=" . count($status);
+$finalDestParams .= "&successcount=".count($status);
 if ($allEncrypted === TRUE) {
     $finalDestParams .= "&transportsecurity=ENCRYPTED";
 } elseif ($allClear === TRUE) {
@@ -228,4 +228,4 @@ 
     $finalDestParams .= "&transportsecurity=PARTIAL";
 }
 
-header("Location: $redirectDestination" . $finalDestParams);
+header("Location: $redirectDestination".$finalDestParams);