phowell
/
flexday
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
flexday/single_sign_on.php

161 lines
6.4 KiB
PHP
Raw Blame History

<?php
// _____ _____ _ _ _____ _ ______ _ ____ _ _
// / ____|_ _| \ | |/ ____| | | ____| (_) / __ \| \ | |
// | (___ | | | \| | | __| | | |__ ___ _ __ _ _ __ | | | | \| |
// \___ \ | | | . ` | | |_ | | | __| / __| |/ _` | '_ \ | | | | . ` |
// ____) |_| |_| |\ | |__| | |____| |____ \__ \ | (_| | | | | | |__| | |\ |
// |_____/|_____|_| \_|\_____|______|______| |___/_|\__, |_| |_| \____/|_| \_|
// __/ |
// |___/
// SSO
//
// Set GLOBAL VARS corresponding to current logged in user.
// They may only edit their own dir info.
//
date_default_timezone_set('America/Los_Angeles');
// 3. Check if an entry exists
function does_exist($qry, $full_record) { global $c;
$r = mysqli_query($c, $qry);
$a = mysqli_num_rows($r);
if (! $a ) { return 0; }
$row = mysqli_fetch_array($r, MYSQLI_NUM);
$id = $row[0]; // getting the id of that which exists... assuming first column has it.
$e = mysqli_error($c); if($e) { d_err("sql error: " . $e); }
if ($a && $full_record) { return $row; } if ($a) { return $id; } return 0; }
function dumpit($var) {
ob_start();
var_dump($var);
$a=ob_get_contents();
ob_end_clean();
$a = preg_replace('~[\r\n]+~', '', $a);
return $a;
}
function insert_or_get_browser($b) {
global $c;
$BROWSER = ok($b);
$existing = does_exist( "SELECT id FROM www_browsers WHERE string='$BROWSER'", 0);
if ($existing) { return $existing;
} else {
$q = "INSERT INTO www_browsers (string) VALUES ('$BROWSER')";
single_row_insert($q,0,$c);
return does_exist( "SELECT id FROM www_browsers WHERE string='$BROWSER'",0,$c); } }
// //
// // Log everything!
function log_it($action, $user=860) {
global $USER, $USER_NAME, $USER_GOO, $USER_EMAIL, $c;
if (! $USER) {
$USER = array( 'user_id'=>'unknown', 'id'=>-1 ); }
$user_browser = $_SERVER['HTTP_USER_AGENT'];
$user_ip = $_SERVER['REMOTE_ADDR'];
$BROWSER = insert_or_get_browser($user_browser);
$ACTION = ok($action) . " / " . dumpit($USER) . " / " . $USER_GOO . " / " . $USER_EMAIL;
//$persid = $USER->id;
//if (! $persid) { $persid = -1; }
$qupdate = "INSERT INTO gavi_logs SET personnel_id='{$user}', action='{$ACTION}',name='{$USER_NAME}',browser=$BROWSER, ip='$user_ip'";
//print_r($qupdate);
single_row_insert($qupdate,0,$c);
return array("result"=>"success","action"=>"logged","query"=>$qupdate,"err"=>mysqli_error($c)); }
/*session_destroy();
echo "ending session";
exit();
*/
$auth_script = "mAuth.php";
if (file_exists($auth_script)) {
require_once($auth_script);
$USER_TYPE = $attributes['Roles'][0];
$USER_GOO = $attributes['uid'][0];
$USER_EMAIL = $attributes['EmailGC'][0];
session_start();
$SESSION_ID = session_id();
//if ( $SESSION_ID == '' ) { // session_status() == PHP_SESSION_ACTIVE // newer php uses this
if ( session_status() == PHP_SESSION_ACTIVE ) { // // newer php uses this
$_SESSION['USER_TYPE'] = $USER_TYPE;
$_SESSION['USER_GOO'] = $USER_GOO;
$_SESSION['USER_EMAIL'] = $USER_EMAIL;
log_it("Logged in Session id: {$SESSION_ID} / {$USER_NAME} / {$USER_EMAIL} / {$USER_GOO}");
} else { // already logged in....
$USER_TYPE = $_SESSION['USER_TYPE'];
$USER_GOO = $_SESSION['USER_GOO'];
$USER_EMAIL = $_SESSION['USER_EMAIL'];
log_it("Already logged in: Session id: {$SESSION_ID} / {$USER_NAME} / {$USER_EMAIL} / {$USER_GOO}");
}
} else {
// Handle the error if the file doesn't exist
$USER_TYPE = 'FACULTY'; $USER_GOO = 'G00102586'; $USER_EMAIL = 'phowell@my.gavilan.edu';
session_start();
$_SESSION['USER_TYPE'] = $USER_TYPE;
$_SESSION['USER_GOO'] = $USER_GOO;
$_SESSION['USER_EMAIL'] = $USER_EMAIL;
}
// The SSO check should have happened on the actual page. If it gets
// stuck on an api call the app will break.
//
// SSO Given email is inconsistent. Lookup by GOO
//
$goo = substr($USER_GOO, 3);
$q0 = "SELECT email,name,id FROM conf_users WHERE goo='{$goo}'";
//echo $q0;
$temp_usr = single_row_select($q0,0);
$USER_NAME = '';
// Is this a "MISSING USER?" Create an account for them.
if (is_null($temp_usr)) {
$LC_EMAIL = strtolower($USER_EMAIL);
$result = single_row_insert("INSERT INTO conf_users (goo, email, name) VALUES ('{$goo}','{$LC_EMAIL}','{$USER_NAME}');");
//echo "INSERT INTO conf_users (goo, email, name) VALUES ('{$goo}','{$LC_EMAIL}','{$USER_NAME}');";
//print_r($result);
$USER_NAME = $temp_usr['name'];
$USER_EMAIL = strtolower($temp_usr['email']);
// Set the $USER global
$usr_qry = "SELECT id AS conf_id, goo AS conf_goo, email AS conf_email, name AS conf_name, active AS conf_active FROM conf_users WHERE goo='{$goo}'";
$USER = single_row_select($usr_qry, 0);
$logaction = log_it("Made a new conf_users row for {$USER_NAME} / {$LC_EMAIL} / {$USER_GOO}", $result);
} else {
$USER_NAME = $temp_usr['name'];
$USER_EMAIL = strtolower($temp_usr['email']);
// Set the $USER global
$usr_qry = "SELECT id AS conf_id, goo AS conf_goo, email AS conf_email, name AS conf_name, active AS conf_active FROM conf_users WHERE goo='{$goo}'";
$USER = single_row_select($usr_qry, 0);
$logaction = log_it("Successful conf_users lookup for {$temp_usr['name']}", $temp_usr['id']);
}
/*
// Check again for missing user entry. Create an account for them.
if (is_null($USER)) {
$LC_EMAIL = strtolower($USER_EMAIL);
$goo = substr($USER_GOO, 3);
$USER_NAME = '';
$result = single_row_insert("INSERT INTO conf_users (goo, email, name) VALUES ('{$goo}','{$LC_EMAIL}','{$USER_NAME}');");
//echo "INSERT INTO conf_users (goo, email, name) VALUES ('{$goo}','{$LC_EMAIL}','{$USER_NAME}');";
//print_r($result);
//$logaction = log_it("Made a new conf_users row for {$USER_NAME} / {$LC_EMAIL} / {$USER_GOO}");
$usr_qry = "SELECT id AS conf_id, goo AS conf_goo, email AS conf_email, name AS conf_name, active AS conf_active FROM conf_users WHERE LOWER(email)='{$USER_EMAIL}'";
$USER = single_row_select($usr_qry, 0);
}
*/
Reference in New Issue View Git Blame Copy Permalink