index-functions.php ➔ validateP12() - Code Metrics - Inspection of "Need to set value for storeattributes session var." - cilogon/service - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( b41a6b...ee7378 )

by Terrence

created 2019-11-22 19:42 UTC

index-functions.php ➔ validateP12() B

↳ Parent: Project

Complexity

Conditions	6
Paths	4

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	6
nc	4
nop	0
dl	0
loc	20
rs	8.9777
c	0
b	0
f	0

<?php

/**
 * This file contains functions called by index-site.php. The index-site.php
 * file should include this file with the following statement at the top:
 *
 * require_once __DIR__ . '/index-functions.php';
 */

use CILogon\Service\Util;
use CILogon\Service\Content;
use CILogon\Service\Loggit;

/**
 * printLogonPage
 *
 * This function prints out the HTML for the main cilogon.org page.
 * Explanatory text is shown as well as a button to log in to an IdP
 * and get rerouted to the Shibboleth protected service script, or the
 * OpenID script.
 *
 * @param bool $clearcookies True if the Shibboleth cookies and session
 *        variables  should be cleared out before displaying the page.
 *        Defaults to false.
 */
function printLogonPage($clearcookies = false)
/**
 * @ignore
 */
function getUser() {

}

function getUser($id, $realm) {

}
{
    if ($clearcookies) {
        Util::removeShibCookies();
        Util::unsetAllUserSessionVars();
        Util::getSkin()->init(true);  // Clear cilogon_skin var; check for forced skin
    }

    $log = new Loggit();
    $log->info('Welcome page hit.');

    Util::setSessionVar('stage', 'logon'); // For Show/Hide Help button clicks

    Content::printHeader('Welcome To The CILogon Service');

    echo '
    <div class="boxed">
    ';

    Content::printHelpButton();
    Content::printWAYF();

    echo '
    </div> <!-- End boxed -->
    ';
    Content::printFooter();
}

/**
 * printMainPage
 *
 * This function prints out the HTML for the main page where the user
 * can download a certificate.
 */
function printMainPage()
/**
 * @ignore
 */
function getUser() {

}

function getUser($id, $realm) {

}
{
    $log = new Loggit();
    $log->info('Get And Use Certificate page hit.');

    Util::setSessionVar('stage', 'main'); // For Show/Hide Help button clicks

    Content::printHeader('Get Your Certificate');

    // CIL-626 Allow browser 'reload page' by adding CSRF to the PHP session
    Util::setSessionVar('submit', 'Proceed');
    Util::getCsrf()->setTheSession();

    echo '
    <div class="boxed">
    ';

    Content::printHelpButton();
    Content::printCertInfo();

    printGetCertificate();
    printLogOff();

    echo '
    </div> <!-- boxed -->
    ';
    Content::printFooter();
}

/**
 * printGetCertificate
 *
 * This function prints the 'Get New Certificate' box on the main page.
 * If the 'p12' PHP session variable is valid, it is read and a link for the
 * usercred.p12 file is presented to the user.
 */
function printGetCertificate()
{
    // Check if PKCS12 downloading is disabled. If so, print out message.
    $skin = Util::getSkin();
    $pkcs12disabled = $skin->getConfigOption('pkcs12', 'disabled');
    $disabledbyskin = ((!is_null($pkcs12disabled)) && ((int)$pkcs12disabled == 1));
    $disabledbyconf = ((!defined('MYPROXY_LOGON')) || (empty(MYPROXY_LOGON)));
    if ($disabledbyskin || $disabledbyconf) {
        $disabledmsg = 'Downloading PKCS12 certificates is disabled.';
        if ($disabledbyskin) {
            $disabledmsg = $skin->getConfigOption('pkcs12', 'disabledmessage');
            if (!is_null($disabledmsg)) {
                $disabledmsg = trim(html_entity_decode($disabledmsg));
            }
            if (strlen($disabledmsg) == 0) {
                $disabledmsg = 'Downloading PKCS12 certificates is ' .
                    'restricted. Please try another method or log on ' .
                    'with a different Identity Provider.';
            }
        }

        echo '<div class="p12actionbox"><p>
             ', $disabledmsg , '
             </p></div> <!-- p12actionbox -->';
    } else { // PKCS12 downloading is okay
        $downloadcerttext = "Clicking this button will generate a link " .
            "to a new certificate, which you can download to your local " .
            "computer. The certificate is valid for up to 13 months.";
        $p12linktext = "Left-click this link to import the certificate " .
            "into your broswer / operating system. (Firefox users see " .
            "the FAQ.) Right-click this link and select 'Save As...' to " .
            "save the certificate to your desktop.";
        $passwordtext1 = 'Enter a password of at least 12 characters to " .
            "protect your certificate.';
        $passwordtext2 = 'Re-enter your password to verify.';

        validateP12();
        $p12expire = '';
        $p12link = '';
        $p12 = Util::getSessionVar('p12');
        if (preg_match('/([^\s]*)\s(.*)/', $p12, $match)) {
            $p12expire = $match[1];
            $p12link = $match[2];
        }

        if ((strlen($p12link) > 0) && (strlen($p12expire) > 0)) {
            $p12link = '<a href="' . $p12link .
                '">&raquo; Click Here To Download Your Certificate &laquo;</a>';
        }
        if ((strlen($p12expire) > 0) && ($p12expire > 0)) {
            $expire = $p12expire - time();
            $minutes = floor($expire % 3600 / 60);
            $seconds = $expire % 60;
            $p12expire = 'Link Expires: ' .
                sprintf("%02dm:%02ds", $minutes, $seconds);
        } else {
            $p12expire = '';
        }

        $p12lifetime = Util::getSessionVar('p12lifetime');
        if ((strlen($p12lifetime) == 0) || ($p12lifetime == 0)) {
            $p12lifetime = Util::getCookieVar('p12lifetime');
        }
        $p12multiplier = Util::getSessionVar('p12multiplier');
        if ((strlen($p12multiplier) == 0) || ($p12multiplier == 0)) {
            $p12multiplier = Util::getCookieVar('p12multiplier');
        }

        // Try to read the skin's intiallifetime if not yet set
        if ((strlen($p12lifetime) == 0) || ($p12lifetime <= 0)) {
            // See if the skin specified an initial value
            $skinlife = $skin->getConfigOption('pkcs12', 'initiallifetime', 'number');
            $skinmult = $skin->getConfigOption('pkcs12', 'initiallifetime', 'multiplier');
            if (
                (!is_null($skinlife)) && (!is_null($skinmult)) &&
                ((int)$skinlife > 0) && ((int)$skinmult > 0)
            ) {
                $p12lifetime = (int)$skinlife;
                $p12multiplier = (int)$skinmult;
            } else {
                $p12lifetime = 13;      // Default to 13 months
                $p12multiplier = 732;
            }
        }
        if ((strlen($p12multiplier) == 0) || ($p12multiplier <= 0)) {
            $p12multiplier = 732;   // Default to months
            if ($p12lifetime > 13) {
                $p12lifetime = 13;
            }
        }

        // Make sure lifetime is within [minlifetime,maxlifetime]
        list($minlifetime, $maxlifetime) =
            Content::getMinMaxLifetimes('pkcs12', 9516);
        if (($p12lifetime * $p12multiplier) < $minlifetime) {
            $p12lifetime = $minlifetime;
            $p12multiplier = 1; // In hours
        } elseif (($p12lifetime * $p12multiplier) > $maxlifetime) {
            $p12lifetime = $maxlifetime;
            $p12multiplier = 1; // In hours
        }

        $lifetimetext = "Specify the certificate lifetime. Acceptable range " .
                        "is between $minlifetime and $maxlifetime hours" .
                        (($maxlifetime > 732) ?
                            " ( = " . round(($maxlifetime / 732), 2) . " months)." :
                            "."
                        );

        echo '
        <div class="p12actionbox"';

        if (Util::getSessionVar('showhelp') == 'on') {
            echo ' style="width:92%;"';
        }

        echo '>
        <table class="helptable">
        <tr>
        <td class="actioncell">
        ';

        Content::printFormHead();

        echo '
          <fieldset>
          ';

        $p12error = Util::getSessionVar('p12error');
        if (strlen($p12error) > 0) {
            echo "<p class=\"logonerror\">$p12error</p>";
            Util::unsetSessionVar('p12error');
        }

        echo '
          <p>
          Password Protect Your New Certificate:
          </p>

          <p>
          <label for="password1" class="helpcursor" title="' ,
          $passwordtext1 , '">Enter A Password:</label>
          <input type="password" name="password1" id="password1"
          size="22" title="' , $passwordtext1 , '" onkeyup="checkPassword()"/>
          <img src="/images/blankIcon.png" width="14" height="14" alt=""
          id="pw1icon"/>
          </p>

          <p>
          <label for="password2" class="helpcursor" title="' ,
          $passwordtext2 , '">Confirm Password:</label>
          <input type="password" name="password2" id="password2"
          size="22" title="' , $passwordtext2 , '" onkeyup="checkPassword()"/>
          <img src="/images/blankIcon.png" width="14" height="14" alt=""
          id="pw2icon"/>
          </p>

          <p class="p12certificatelifetime">
          <label for="p12lifetime" title="' , $lifetimetext ,
          '" class="helpcursor">Certificate Lifetime:</label>
          <input type="text" name="p12lifetime" id="p12lifetime"
          title="', $lifetimetext ,
          '" class="helpcursor" value="' , $p12lifetime ,
          '" size="8" maxlength="8"/>
          <select title="' , $lifetimetext ,
          '" class="helpcursor" id="p12multiplier" name="p12multiplier">
          <option value="1"' ,
              (($p12multiplier == 1) ? ' selected="selected"' : '') ,
              '>hours</option>
          <option value="24"' ,
              (($p12multiplier == 24) ? ' selected="selected"' : '') ,
              '>days</option>
          <option value="732"' ,
              (($p12multiplier == 732) ? ' selected="selected"' : '') ,
              '>months</option>
          </select>
          <img src="/images/blankIcon.png" width="14" height="14" alt=""/>
          </p>

          <p>
          <input type="submit" name="submit" class="submit helpcursor"
          title="' , $downloadcerttext , '" value="Get New Certificate"
          onclick="showHourglass(\'p12\')"/>
          <img src="/images/hourglass.gif" width="32" height="32" alt=""
          class="hourglass" id="p12hourglass"/>
          </p>

          <p id="p12value" class="helpcursor" title="' ,
              $p12linktext , '">' , $p12link , '</p>
          <p id="p12expire">' , $p12expire , '</p>

          </fieldset>
          </form>
        </td>
        ';

        if (Util::getSessionVar('showhelp') == 'on') {
            echo '
            <td class="helpcell">
            <div>
            <p>
            In order to get a new certificate, please enter a password of at
            least 12 characters in length.  This password protects the private
            key of the certificate and is different from your identity provider
            password.  You must enter the password twice for verification.
            </p>
            <p>
            After entering a password, click the "Get New Certificate" button to
            generate a new link.  Right-click on this link to download the
            certificate to your computer.  The certificate is valid for up to 13
            months.
            </p>
            </div>
            </td>
            ';
        }

        echo '
        </tr>
        </table>
        </div> <!-- p12actionbox -->
        ';
    }
}

/**
 * printLogOff
 *
 * This function prints the Log Off boxes at the bottom of the main page.
 */
function printLogOff()
{
    $logofftext = 'End your CILogon session and return to the welcome page. ' .
                  'Note that this will not log you out at ' .
                  Util::getSessionVar('idpname') . '.';

    $showhelp = Util::getSessionVar('showhelp');

    echo '
    <div class="logoffactionbox"';

    if ($showhelp == 'on') {
        echo ' style="width:92%;"';
    }

    echo '>
    <table class="helptable">
    <tr>
    <td class="actioncell">
    ';

    Content::printFormHead();

    echo '
      <p>
      <input type="submit" name="submit" class="submit helpcursor"
      title="' , $logofftext , '" value="Log Off" />
      </p>
    </form>
    </td>
    ';

    if ($showhelp == 'on') {
        echo '
        <td class="helpcell">
        <div>
        <p>
        This button will log you off of the CILogon Service. In order to log
        out from your identity provider, you must either quit your browser
        or manually clear your browser\'s cookies.
        </p>
        </div>
        </td>
        ';
    }

    echo '
    </tr>
    </table>
    </div> <!-- logoffactionbox -->

    <div class="logofftextbox"';

    if ($showhelp == 'on') {
        echo ' style="width:92%;"';
    }

    echo '>
    <table class="helptable">
    <tr>
    <td class="actioncell">
      <p>To log off, please quit your browser.<p>
    </td>
    ';

    if ($showhelp == 'on') {
        echo '
        <td class="helpcell">
        <div>
        <p>
        Quitting your browser clears all session cookies which logs you out
        from your identity provider.  Alternatively, you can manually clear
        your browser\'s cookies.
        </p>
        </div>
        </td>
        ';
    }

    echo '
    </tr>
    </table>
    </div> <!-- logofftextbox -->
    ';
}

/**
 * validateP12
 *
 * This function is called just before the 'Download your certificate'
 * link is printed out to HTML. It checks to see if the p12 is still
 * valid time-wise. If not, then it unsets the PHP session variable
 * 'p12'.
 */
function validateP12()
{
    $p12link = '';
    $p12expire = '';
    $p12 = Util::getSessionVar('p12');
    if (preg_match('/([^\s]*)\s(.*)/', $p12, $match)) {
        $p12expire = $match[1];
        $p12link = $match[2];
    }

    // Verify that the p12expire and p12link values are valid.
    if (
        (strlen($p12expire) == 0) ||
        ($p12expire == 0) ||
        (time() > $p12expire) ||
        (strlen($p12link) == 0)
    ) {
        Util::unsetSessionVar('p12');
    }
}


1			<?php
2
3			/**
4			* This file contains functions called by index-site.php. The index-site.php
5			* file should include this file with the following statement at the top:
6			*
7			* require_once __DIR__ . '/index-functions.php';
8			*/
9
10			use CILogon\Service\Util;
11			use CILogon\Service\Content;
12			use CILogon\Service\Loggit;
13
14			/**
15			* printLogonPage
16			*
17			* This function prints out the HTML for the main cilogon.org page.
18			* Explanatory text is shown as well as a button to log in to an IdP
19			* and get rerouted to the Shibboleth protected service script, or the
20			* OpenID script.
21			*
22			* @param bool $clearcookies True if the Shibboleth cookies and session
23			* variables should be cleared out before displaying the page.
24			* Defaults to false.
25			*/
26			function printLogonPage($clearcookies = false)
			0 ignored issues – show Best Practice introduced 2019-11-18 22:50 UTC by Report Bug Copy Issue Report The function `printLogonPage()` has been defined more than once; this definition is ignored, only the first definition in `authorize/index-functions.php` (L22-118) is considered. This check looks for functions that have already been defined in other files. Some Codebases, like WordPress, make a practice of defining functions multiple times. This may lead to problems with the detection of function parameters and types. If you really need to do this, you can mark the duplicate definition with the `@ignore` annotation. /** * @ignore */ function getUser() { } function getUser($id, $realm) { } See also the PhpDoc documentation for @ignore. Loading history...
27			{
28			if ($clearcookies) {
29			Util::removeShibCookies();
30			Util::unsetAllUserSessionVars();
31			Util::getSkin()->init(true); // Clear cilogon_skin var; check for forced skin
32			}
33
34			$log = new Loggit();
35			$log->info('Welcome page hit.');
36
37			Util::setSessionVar('stage', 'logon'); // For Show/Hide Help button clicks
38
39			Content::printHeader('Welcome To The CILogon Service');
40
41			echo '
42			<div class="boxed">
43			';
44
45			Content::printHelpButton();
46			Content::printWAYF();
47
48			echo '
49			</div> <!-- End boxed -->
50			';
51			Content::printFooter();
52			}
53
54			/**
55			* printMainPage
56			*
57			* This function prints out the HTML for the main page where the user
58			* can download a certificate.
59			*/
60			function printMainPage()
			0 ignored issues – show Best Practice introduced 2019-11-18 22:50 UTC by Report Bug Copy Issue Report The function `printMainPage()` has been defined more than once; this definition is ignored, only the first definition in `authorize/index-functions.php` (L189-286) is considered. This check looks for functions that have already been defined in other files. Some Codebases, like WordPress, make a practice of defining functions multiple times. This may lead to problems with the detection of function parameters and types. If you really need to do this, you can mark the duplicate definition with the `@ignore` annotation. /** * @ignore */ function getUser() { } function getUser($id, $realm) { } See also the PhpDoc documentation for @ignore. Loading history...
61			{
62			$log = new Loggit();
63			$log->info('Get And Use Certificate page hit.');
64
65			Util::setSessionVar('stage', 'main'); // For Show/Hide Help button clicks
66
67			Content::printHeader('Get Your Certificate');
68
69			// CIL-626 Allow browser 'reload page' by adding CSRF to the PHP session
70			Util::setSessionVar('submit', 'Proceed');
71			Util::getCsrf()->setTheSession();
72
73			echo '
74			<div class="boxed">
75			';
76
77			Content::printHelpButton();
78			Content::printCertInfo();
			0 ignored issues – show Bug introduced 2019-11-21 22:10 UTC by Report Bug Copy Issue Report The method `printCertInfo()` does not seem to exist on `object<CILogon\Service\Content>`. This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces. This is most likely a typographical error or the method has been renamed. Loading history...
79			printGetCertificate();
80			printLogOff();
81
82			echo '
83			</div> <!-- boxed -->
84			';
85			Content::printFooter();
86			}
87
88			/**
89			* printGetCertificate
90			*
91			* This function prints the 'Get New Certificate' box on the main page.
92			* If the 'p12' PHP session variable is valid, it is read and a link for the
93			* usercred.p12 file is presented to the user.
94			*/
95			function printGetCertificate()
96			{
97			// Check if PKCS12 downloading is disabled. If so, print out message.
98			$skin = Util::getSkin();
99			$pkcs12disabled = $skin->getConfigOption('pkcs12', 'disabled');
100			$disabledbyskin = ((!is_null($pkcs12disabled)) && ((int)$pkcs12disabled == 1));
101			$disabledbyconf = ((!defined('MYPROXY_LOGON')) \|\| (empty(MYPROXY_LOGON)));
102			if ($disabledbyskin \|\| $disabledbyconf) {
103			$disabledmsg = 'Downloading PKCS12 certificates is disabled.';
104			if ($disabledbyskin) {
105			$disabledmsg = $skin->getConfigOption('pkcs12', 'disabledmessage');
106			if (!is_null($disabledmsg)) {
107			$disabledmsg = trim(html_entity_decode($disabledmsg));
108			}
109			if (strlen($disabledmsg) == 0) {
110			$disabledmsg = 'Downloading PKCS12 certificates is ' .
111			'restricted. Please try another method or log on ' .
112			'with a different Identity Provider.';
113			}
114			}
115
116			echo '<div class="p12actionbox"><p>
117			', $disabledmsg , '
118			</p></div> <!-- p12actionbox -->';
119			} else { // PKCS12 downloading is okay
120			$downloadcerttext = "Clicking this button will generate a link " .
121			"to a new certificate, which you can download to your local " .
122			"computer. The certificate is valid for up to 13 months.";
123			$p12linktext = "Left-click this link to import the certificate " .
124			"into your broswer / operating system. (Firefox users see " .
125			"the FAQ.) Right-click this link and select 'Save As...' to " .
126			"save the certificate to your desktop.";
127			$passwordtext1 = 'Enter a password of at least 12 characters to " .
128			"protect your certificate.';
129			$passwordtext2 = 'Re-enter your password to verify.';
130
131			validateP12();
132			$p12expire = '';
133			$p12link = '';
134			$p12 = Util::getSessionVar('p12');
135			if (preg_match('/([^\s])\s(.)/', $p12, $match)) {
136			$p12expire = $match[1];
137			$p12link = $match[2];
138			}
139
140			if ((strlen($p12link) > 0) && (strlen($p12expire) > 0)) {
141			$p12link = '<a href="' . $p12link .
142			'">» Click Here To Download Your Certificate «</a>';
143			}
144			if ((strlen($p12expire) > 0) && ($p12expire > 0)) {
145			$expire = $p12expire - time();
146			$minutes = floor($expire % 3600 / 60);
147			$seconds = $expire % 60;
148			$p12expire = 'Link Expires: ' .
149			sprintf("%02dm:%02ds", $minutes, $seconds);
150			} else {
151			$p12expire = '';
152			}
153
154			$p12lifetime = Util::getSessionVar('p12lifetime');
155			if ((strlen($p12lifetime) == 0) \|\| ($p12lifetime == 0)) {
156			$p12lifetime = Util::getCookieVar('p12lifetime');
157			}
158			$p12multiplier = Util::getSessionVar('p12multiplier');
159			if ((strlen($p12multiplier) == 0) \|\| ($p12multiplier == 0)) {
160			$p12multiplier = Util::getCookieVar('p12multiplier');
161			}
162
163			// Try to read the skin's intiallifetime if not yet set
164			if ((strlen($p12lifetime) == 0) \|\| ($p12lifetime <= 0)) {
165			// See if the skin specified an initial value
166			$skinlife = $skin->getConfigOption('pkcs12', 'initiallifetime', 'number');
167			$skinmult = $skin->getConfigOption('pkcs12', 'initiallifetime', 'multiplier');
168			if (
169			(!is_null($skinlife)) && (!is_null($skinmult)) &&
170			((int)$skinlife > 0) && ((int)$skinmult > 0)
171			) {
172			$p12lifetime = (int)$skinlife;
173			$p12multiplier = (int)$skinmult;
174			} else {
175			$p12lifetime = 13; // Default to 13 months
176			$p12multiplier = 732;
177			}
178			}
179			if ((strlen($p12multiplier) == 0) \|\| ($p12multiplier <= 0)) {
180			$p12multiplier = 732; // Default to months
181			if ($p12lifetime > 13) {
182			$p12lifetime = 13;
183			}
184			}
185
186			// Make sure lifetime is within [minlifetime,maxlifetime]
187			list($minlifetime, $maxlifetime) =
188			Content::getMinMaxLifetimes('pkcs12', 9516);
189			if (($p12lifetime * $p12multiplier) < $minlifetime) {
190			$p12lifetime = $minlifetime;
191			$p12multiplier = 1; // In hours
192			} elseif (($p12lifetime * $p12multiplier) > $maxlifetime) {
193			$p12lifetime = $maxlifetime;
194			$p12multiplier = 1; // In hours
195			}
196
197			$lifetimetext = "Specify the certificate lifetime. Acceptable range " .
198			"is between $minlifetime and $maxlifetime hours" .
199			(($maxlifetime > 732) ?
200			" ( = " . round(($maxlifetime / 732), 2) . " months)." :
201			"."
202			);
203
204			echo '
205			<div class="p12actionbox"';
206
207			if (Util::getSessionVar('showhelp') == 'on') {
208			echo ' style="width:92%;"';
209			}
210
211			echo '>
212			<table class="helptable">
213			<tr>
214			<td class="actioncell">
215			';
216
217			Content::printFormHead();
218
219			echo '
220			<fieldset>
221			';
222
223			$p12error = Util::getSessionVar('p12error');
224			if (strlen($p12error) > 0) {
225			echo "<p class=\"logonerror\">$p12error</p>";
226			Util::unsetSessionVar('p12error');
227			}
228
229			echo '
230			<p>
231			Password Protect Your New Certificate:
232			</p>
233
234			<p>
235			<label for="password1" class="helpcursor" title="' ,
236			$passwordtext1 , '">Enter A Password:</label>
237			<input type="password" name="password1" id="password1"
238			size="22" title="' , $passwordtext1 , '" onkeyup="checkPassword()"/>
239			<img src="/images/blankIcon.png" width="14" height="14" alt=""
240			id="pw1icon"/>
241			</p>
242
243			<p>
244			<label for="password2" class="helpcursor" title="' ,
245			$passwordtext2 , '">Confirm Password:</label>
246			<input type="password" name="password2" id="password2"
247			size="22" title="' , $passwordtext2 , '" onkeyup="checkPassword()"/>
248			<img src="/images/blankIcon.png" width="14" height="14" alt=""
249			id="pw2icon"/>
250			</p>
251
252			<p class="p12certificatelifetime">
253			<label for="p12lifetime" title="' , $lifetimetext ,
254			'" class="helpcursor">Certificate Lifetime:</label>
255			<input type="text" name="p12lifetime" id="p12lifetime"
256			title="', $lifetimetext ,
257			'" class="helpcursor" value="' , $p12lifetime ,
258			'" size="8" maxlength="8"/>
259			<select title="' , $lifetimetext ,
260			'" class="helpcursor" id="p12multiplier" name="p12multiplier">
261			<option value="1"' ,
262			(($p12multiplier == 1) ? ' selected="selected"' : '') ,
263			'>hours</option>
264			<option value="24"' ,
265			(($p12multiplier == 24) ? ' selected="selected"' : '') ,
266			'>days</option>
267			<option value="732"' ,
268			(($p12multiplier == 732) ? ' selected="selected"' : '') ,
269			'>months</option>
270			</select>
271			<img src="/images/blankIcon.png" width="14" height="14" alt=""/>
272			</p>
273
274			<p>
275			<input type="submit" name="submit" class="submit helpcursor"
276			title="' , $downloadcerttext , '" value="Get New Certificate"
277			onclick="showHourglass(\'p12\')"/>
278			<img src="/images/hourglass.gif" width="32" height="32" alt=""
279			class="hourglass" id="p12hourglass"/>
280			</p>
281
282			<p id="p12value" class="helpcursor" title="' ,
283			$p12linktext , '">' , $p12link , '</p>
284			<p id="p12expire">' , $p12expire , '</p>
285
286			</fieldset>
287			</form>
288			</td>
289			';
290
291			if (Util::getSessionVar('showhelp') == 'on') {
292			echo '
293			<td class="helpcell">
294			<div>
295			<p>
296			In order to get a new certificate, please enter a password of at
297			least 12 characters in length. This password protects the private
298			key of the certificate and is different from your identity provider
299			password. You must enter the password twice for verification.
300			</p>
301			<p>
302			After entering a password, click the "Get New Certificate" button to
303			generate a new link. Right-click on this link to download the
304			certificate to your computer. The certificate is valid for up to 13
305			months.
306			</p>
307			</div>
308			</td>
309			';
310			}
311
312			echo '
313			</tr>
314			</table>
315			</div> <!-- p12actionbox -->
316			';
317			}
318			}
319
320			/**
321			* printLogOff
322			*
323			* This function prints the Log Off boxes at the bottom of the main page.
324			*/
325			function printLogOff()
326			{
327			$logofftext = 'End your CILogon session and return to the welcome page. ' .
328			'Note that this will not log you out at ' .
329			Util::getSessionVar('idpname') . '.';
330
331			$showhelp = Util::getSessionVar('showhelp');
332
333			echo '
334			<div class="logoffactionbox"';
335
336			if ($showhelp == 'on') {
337			echo ' style="width:92%;"';
338			}
339
340			echo '>
341			<table class="helptable">
342			<tr>
343			<td class="actioncell">
344			';
345
346			Content::printFormHead();
347
348			echo '
349			<p>
350			<input type="submit" name="submit" class="submit helpcursor"
351			title="' , $logofftext , '" value="Log Off" />
352			</p>
353			</form>
354			</td>
355			';
356
357			if ($showhelp == 'on') {
358			echo '
359			<td class="helpcell">
360			<div>
361			<p>
362			This button will log you off of the CILogon Service. In order to log
363			out from your identity provider, you must either quit your browser
364			or manually clear your browser\'s cookies.
365			</p>
366			</div>
367			</td>
368			';
369			}
370
371			echo '
372			</tr>
373			</table>
374			</div> <!-- logoffactionbox -->
375
376			<div class="logofftextbox"';
377
378			if ($showhelp == 'on') {
379			echo ' style="width:92%;"';
380			}
381
382			echo '>
383			<table class="helptable">
384			<tr>
385			<td class="actioncell">
386			<p>To log off, please quit your browser.<p>
387			</td>
388			';
389
390			if ($showhelp == 'on') {
391			echo '
392			<td class="helpcell">
393			<div>
394			<p>
395			Quitting your browser clears all session cookies which logs you out
396			from your identity provider. Alternatively, you can manually clear
397			your browser\'s cookies.
398			</p>
399			</div>
400			</td>
401			';
402			}
403
404			echo '
405			</tr>
406			</table>
407			</div> <!-- logofftextbox -->
408			';
409			}
410
411			/**
412			* validateP12
413			*
414			* This function is called just before the 'Download your certificate'
415			* link is printed out to HTML. It checks to see if the p12 is still
416			* valid time-wise. If not, then it unsets the PHP session variable
417			* 'p12'.
418			*/
419			function validateP12()
420			{
421			$p12link = '';
422			$p12expire = '';
423			$p12 = Util::getSessionVar('p12');
424			if (preg_match('/([^\s])\s(.)/', $p12, $match)) {
425			$p12expire = $match[1];
426			$p12link = $match[2];
427			}
428
429			// Verify that the p12expire and p12link values are valid.
430			if (
431			(strlen($p12expire) == 0) \|\|
432			($p12expire == 0) \|\|
433			(time() > $p12expire) \|\|
434			(strlen($p12link) == 0)
435			) {
436			Util::unsetSessionVar('p12');
437			}
438			}
439

cilogon / service

Push — master ( b41a6b...ee7378 )

index-functions.php ➔ validateP12() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like