|
@@ -19,7 +19,7 @@ discard block |
|
|
block discarded – undo |
|
19
|
19
|
* <base_url>/copyright.php after deploying the software |
|
20
|
20
|
*/ |
|
21
|
21
|
|
|
22
|
|
-require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
|
22
|
+require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
23
|
23
|
|
|
24
|
24
|
$auth = new \web\lib\admin\Authentication(); |
|
25
|
25
|
$deco = new \web\lib\admin\PageDecoration(); |
|
@@ -52,7 +52,7 @@ discard block |
|
|
block discarded – undo |
|
52
|
52
|
echo $deco->pageheader(sprintf(_("%s: Edit Profile - Result"), \config\Master::APPEARANCE['productname']), "ADMIN-IDP"); |
|
53
|
53
|
} else { |
|
54
|
54
|
$profile = $my_inst->newProfile(core\AbstractProfile::PROFILETYPE_RADIUS); |
|
55
|
|
- $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $my_inst->identifier . " - Profile created"); |
|
|
55
|
+ $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP ".$my_inst->identifier." - Profile created"); |
|
56
|
56
|
echo $deco->pageheader(sprintf(_("%s: Profile wizard (step 3 completed)"), \config\Master::APPEARANCE['productname']), "ADMIN-IDP"); |
|
57
|
57
|
} |
|
58
|
58
|
if (!$profile instanceof \core\ProfileRADIUS) { |
|
@@ -113,7 +113,7 @@ discard block |
|
|
block discarded – undo |
|
113
|
113
|
$uiElements = new web\lib\admin\UIElements(); |
|
114
|
114
|
// set realm info, if submitted |
|
115
|
115
|
if ($realm !== FALSE) { |
|
116
|
|
- $profile->setRealm($anonLocal . "@" . $realm); |
|
|
116
|
+ $profile->setRealm($anonLocal."@".$realm); |
|
117
|
117
|
echo $uiElements->boxOkay(sprintf(_("Realm: <strong>%s</strong>"), $realm)); |
|
118
|
118
|
} else { |
|
119
|
119
|
$profile->setRealm(""); |
|
@@ -136,7 +136,7 @@ discard block |
|
|
block discarded – undo |
|
136
|
136
|
echo $uiElements->boxError(_("Realm check username cannot be configured: realm is missing!")); |
|
137
|
137
|
} else { |
|
138
|
138
|
$profile->setRealmcheckUser(true, $checkuser_name); |
|
139
|
|
- echo $uiElements->boxOkay(sprintf(_("Special username for realm check is <strong>%s</strong>, the value is <strong>%s</strong>"), _("ON"), $checkuser_name . "@" . $realm)); |
|
|
139
|
+ echo $uiElements->boxOkay(sprintf(_("Special username for realm check is <strong>%s</strong>, the value is <strong>%s</strong>"), _("ON"), $checkuser_name."@".$realm)); |
|
140
|
140
|
} |
|
141
|
141
|
} else { |
|
142
|
142
|
$profile->setRealmCheckUser(false); |
|
@@ -149,7 +149,7 @@ discard block |
|
|
block discarded – undo |
|
149
|
149
|
} else { |
|
150
|
150
|
$profile->setInputVerificationPreference($verify, $hint); |
|
151
|
151
|
if ($hint !== FALSE) { |
|
152
|
|
- $extratext = " " . sprintf(_("and the input field will be prefilled with '<strong>@%s</strong>'."), $realm); |
|
|
152
|
+ $extratext = " ".sprintf(_("and the input field will be prefilled with '<strong>@%s</strong>'."), $realm); |
|
153
|
153
|
} else { |
|
154
|
154
|
$extratext = "."; |
|
155
|
155
|
} |
|
@@ -186,17 +186,17 @@ discard block |
|
|
block discarded – undo |
|
186
|
186
|
echo $uiElements->boxOkay(_("Redirection is <strong>OFF</strong>")); |
|
187
|
187
|
} |
|
188
|
188
|
|
|
189
|
|
- $loggerInstance->writeAudit($_SESSION['user'], "MOD", "Profile " . $profile->identifier . " - attributes changed"); |
|
|
189
|
+ $loggerInstance->writeAudit($_SESSION['user'], "MOD", "Profile ".$profile->identifier." - attributes changed"); |
|
190
|
190
|
|
|
191
|
191
|
foreach (\core\common\EAP::listKnownEAPTypes() as $a) { |
|
192
|
192
|
if ($a->getIntegerRep() == \core\common\EAP::INTEGER_SILVERBULLET) { // do not allow adding silverbullet via the backdoor |
|
193
|
193
|
continue; |
|
194
|
194
|
} |
|
195
|
|
- if (isset($_POST[$a->getPrintableRep()]) && isset($_POST[$a->getPrintableRep() . "-priority"]) && is_numeric($_POST[$a->getPrintableRep() . "-priority"])) { |
|
196
|
|
- $priority = (int) $_POST[$a->getPrintableRep() . "-priority"]; |
|
|
195
|
+ if (isset($_POST[$a->getPrintableRep()]) && isset($_POST[$a->getPrintableRep()."-priority"]) && is_numeric($_POST[$a->getPrintableRep()."-priority"])) { |
|
|
196
|
+ $priority = (int) $_POST[$a->getPrintableRep()."-priority"]; |
|
197
|
197
|
// add EAP type to profile as requested, but ... |
|
198
|
198
|
$profile->addSupportedEapMethod($a, $priority); |
|
199
|
|
- $loggerInstance->writeAudit($_SESSION['user'], "MOD", "Profile " . $profile->identifier . " - supported EAP types changed"); |
|
|
199
|
+ $loggerInstance->writeAudit($_SESSION['user'], "MOD", "Profile ".$profile->identifier." - supported EAP types changed"); |
|
200
|
200
|
} |
|
201
|
201
|
} |
|
202
|
202
|
// re-instantiate $profile, we need to do completion checks and need fresh data for isEapTypeDefinitionComplete() |
|
@@ -205,23 +205,23 @@ discard block |
|
|
block discarded – undo |
|
205
|
205
|
if (count($significantChanges) > 0) { |
|
206
|
206
|
$myInstOriginal = new \core\IdP($profile->institution); |
|
207
|
207
|
// send a notification/alert mail to someone we know is in charge |
|
208
|
|
- $text = _("To whom it may concern,") . "\n\n"; |
|
|
208
|
+ $text = _("To whom it may concern,")."\n\n"; |
|
209
|
209
|
/// were made to the *Identity Provider* *LU* / integer number of IdP / (previously known as) Name |
|
210
|
|
- $text .= sprintf(_("significant changes were made to a RADIUS deployment profile of the %s %s / %s / '%s'."), $ui->nomenclatureInst, strtoupper($myInstOriginal->federation), $myInstOriginal->identifier, $myInstOriginal->name) . "\n\n"; |
|
|
210
|
+ $text .= sprintf(_("significant changes were made to a RADIUS deployment profile of the %s %s / %s / '%s'."), $ui->nomenclatureInst, strtoupper($myInstOriginal->federation), $myInstOriginal->identifier, $myInstOriginal->name)."\n\n"; |
|
211
|
211
|
if (isset($significantChanges[\core\AbstractProfile::CA_CLASH_ADDED])) { |
|
212
|
|
- $text .= _("WARNING! A new trusted root CA was added, and it has the exact same name as a previously existing root CA. This may (but does not necessarily) mean that this is an attempt to insert an unauthorised trust root by disguising as the genuine one. The details are below:") . "\n\n"; |
|
213
|
|
- $text .= $significantChanges[\core\AbstractProfile::CA_CLASH_ADDED] . "\n\n"; |
|
|
212
|
+ $text .= _("WARNING! A new trusted root CA was added, and it has the exact same name as a previously existing root CA. This may (but does not necessarily) mean that this is an attempt to insert an unauthorised trust root by disguising as the genuine one. The details are below:")."\n\n"; |
|
|
213
|
+ $text .= $significantChanges[\core\AbstractProfile::CA_CLASH_ADDED]."\n\n"; |
|
214
|
214
|
} |
|
215
|
215
|
if (isset($significantChanges[\core\AbstractProfile::CA_ADDED])) { |
|
216
|
216
|
$text .= _("A new trusted root CA was added. The details are below:\n\n"); |
|
217
|
|
- $text .= $significantChanges[\core\AbstractProfile::CA_ADDED] . "\n\n"; |
|
|
217
|
+ $text .= $significantChanges[\core\AbstractProfile::CA_ADDED]."\n\n"; |
|
218
|
218
|
} |
|
219
|
219
|
if (isset($significantChanges[\core\AbstractProfile::SERVERNAME_ADDED])) { |
|
220
|
|
- $text .= _("A new acceptable server name for the authentication server was added. The details are below:") . "\n\n"; |
|
221
|
|
- $text .= $significantChanges[\core\AbstractProfile::SERVERNAME_ADDED] . "\n\n"; |
|
|
220
|
+ $text .= _("A new acceptable server name for the authentication server was added. The details are below:")."\n\n"; |
|
|
221
|
+ $text .= $significantChanges[\core\AbstractProfile::SERVERNAME_ADDED]."\n\n"; |
|
222
|
222
|
} |
|
223
|
|
- $text .= _("This mail is merely a cross-check because these changes can be security-relevant. If the change was expected, you do not need to take any action.") . "\n\n"; |
|
224
|
|
- $text .= _("Greetings, ") . "\n\n" . \config\Master::APPEARANCE['productname_long']; |
|
|
223
|
+ $text .= _("This mail is merely a cross-check because these changes can be security-relevant. If the change was expected, you do not need to take any action.")."\n\n"; |
|
|
224
|
+ $text .= _("Greetings, ")."\n\n".\config\Master::APPEARANCE['productname_long']; |
|
225
|
225
|
// (currently, send hard-wired to NRO - future: for linked insts, check eduroam DBv2 and send to registered admins directly) |
|
226
|
226
|
$fed = new core\Federation($myInstOriginal->federation); |
|
227
|
227
|
foreach ($fed->listFederationAdmins() as $id) { |
|
@@ -233,7 +233,7 @@ discard block |
|
|
block discarded – undo |
|
233
|
233
|
// see if we can enable the EAP type, or if info is missing |
|
234
|
234
|
$eapcompleteness = $reloadedProfile->isEapTypeDefinitionComplete($oneEap); |
|
235
|
235
|
if ($eapcompleteness === true) { |
|
236
|
|
- echo $uiElements->boxOkay(_("Supported EAP Type: ") . "<strong>" . $oneEap->getPrintableRep() . "</strong>"); |
|
|
236
|
+ echo $uiElements->boxOkay(_("Supported EAP Type: ")."<strong>".$oneEap->getPrintableRep()."</strong>"); |
|
237
|
237
|
} else { |
|
238
|
238
|
|
|
239
|
239
|
if (is_array($eapcompleteness)) { |
|
@@ -242,11 +242,11 @@ discard block |
|
|
block discarded – undo |
|
242
|
242
|
$warntext = "<strong>"; |
|
243
|
243
|
foreach ($eapcompleteness as $item) { |
|
244
|
244
|
$iterator = $iterator + 1; |
|
245
|
|
- $warntext .= $uiElements->displayName($item) . "</strong>".($iterator < $number ? ", " : "")."<strong>"; |
|
|
245
|
+ $warntext .= $uiElements->displayName($item)."</strong>".($iterator < $number ? ", " : "")."<strong>"; |
|
246
|
246
|
} |
|
247
|
247
|
$warntext .= "</strong>"; |
|
248
|
248
|
} |
|
249
|
|
- echo $uiElements->boxWarning(sprintf(_("Supported EAP Type <strong>%s</strong> is missing required information: %s !"), $oneEap->getPrintableRep(), $warntext) . "<br/>" . _("The EAP type was added to the profile, but you need to complete the missing information before we can produce installers for you.")); |
|
|
249
|
+ echo $uiElements->boxWarning(sprintf(_("Supported EAP Type <strong>%s</strong> is missing required information: %s !"), $oneEap->getPrintableRep(), $warntext)."<br/>"._("The EAP type was added to the profile, but you need to complete the missing information before we can produce installers for you.")); |
|
250
|
250
|
} |
|
251
|
251
|
} |
|
252
|
252
|
$reloadedProfile->prepShowtime(); |
|
@@ -259,7 +259,7 @@ discard block |
|
|
block discarded – undo |
|
259
|
259
|
<?php |
|
260
|
260
|
if (count($reloadedProfile->getEapMethodsinOrderOfPreference(1)) > 0) { |
|
261
|
261
|
echo "<form method='post' action='overview_installers.php?inst_id=$my_inst->identifier&profile_id=$reloadedProfile->identifier' accept-charset='UTF-8'> |
|
262
|
|
- <button type='submit'>" . _("Continue to Installer Fine-Tuning and Download") . "</button> |
|
|
262
|
+ <button type='submit'>"._("Continue to Installer Fine-Tuning and Download")."</button> |
|
263
|
263
|
</form>"; |
|
264
|
264
|
} |
|
265
|
265
|
echo $deco->footer(); |
GEANT /
CAT
