dd/dd3/functions__openid_8php_source.html

 <?php

 /* Copyright (C) 2007-2013 Laurent Destailleur  <eldy@users.sourceforge.net>

  * Copyright (C) 2007-2009 Regis Houssin        <regis.houssin@inodbox.com>

  *

  * This program is free software; you can redistribute it and/or modify

  * it under the terms of the GNU General Public License as published by

  * the Free Software Foundation; either version 3 of the License, or

  * (at your option) any later version.

  *

  * This program is distributed in the hope that it will be useful,

  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  * GNU General Public License for more details.

  *

  * You should have received a copy of the GNU General Public License

  * along with this program. If not, see <https://www.gnu.org/licenses/>.

  */


 include_once DOL_DOCUMENT_ROOT.'/core/class/openid.class.php';


 function check_user_password_openid($usertotest, $passwordtotest, $entitytotest)

 {

   global $db, $conf, $langs;


   dol_syslog("functions_openid::check_user_password_openid usertotest=".$usertotest);


   $login = '';


   // Get identity from user and redirect browser to OpenID Server

   if (GETPOSTISSET('username')) {

     $openid = new SimpleOpenID();

     $openid->SetIdentity($_POST['username']);

     $protocol = ($conf->file->main_force_https ? 'https://' : 'http://');

     $openid->SetTrustRoot($protocol.$_SERVER["HTTP_HOST"]);

     $openid->SetRequiredFields(array('email', 'fullname'));

     $_SESSION['dol_entity'] = $_POST["entity"];

     //$openid->SetOptionalFields(array('dob','gender','postcode','country','language','timezone'));

     if ($openid->sendDiscoveryRequestToGetXRDS())

     {

       $openid->SetApprovedURL($protocol.$_SERVER["HTTP_HOST"].$_SERVER["SCRIPT_NAME"]); // Send Response from OpenID server to this script

       $openid->Redirect(); // This will redirect user to OpenID Server

     } else {

       $_SESSION["dol_loginmesg"] = $openid->GetError();

       return false;

     }

     return false;

   } elseif ($_GET['openid_mode'] == 'id_res') {

     // Perform HTTP Request to OpenID server to validate key

     $openid = new SimpleOpenID();

     $openid->SetIdentity($_GET['openid_identity']);

     $openid_validation_result = $openid->ValidateWithServer();

     if ($openid_validation_result === true)

     {

       // OK HERE KEY IS VALID


       $sql = "SELECT login, entity, datestartvalidity, dateendvalidity";

       $sql .= " FROM ".MAIN_DB_PREFIX."user";

       $sql .= " WHERE openid = '".$db->escape($_GET['openid_identity'])."'";

       $sql .= " AND entity IN (0,".($_SESSION["dol_entity"] ? $_SESSION["dol_entity"] : 1).")";


       dol_syslog("functions_openid::check_user_password_openid", LOG_DEBUG);

       $resql = $db->query($sql);

       if ($resql)

       {

         $obj = $db->fetch_object($resql);

         if ($obj)

         {

           $now = dol_now();

           if ($obj->datestartvalidity && $db->jdate($obj->datestartvalidity) > $now) {

             // Load translation files required by the page

             $langs->loadLangs(array('main', 'errors'));

             $_SESSION["dol_loginmesg"] = $langs->trans("ErrorLoginDateValidity");

             return '--bad-login-validity--';

           }

           if ($obj->dateendvalidity && $db->jdate($obj->dateendvalidity) < dol_get_first_hour($now)) {

             // Load translation files required by the page

             $langs->loadLangs(array('main', 'errors'));

             $_SESSION["dol_loginmesg"] = $langs->trans("ErrorLoginDateValidity");

             return '--bad-login-validity--';

           }


           $login = $obj->login;

         }

       }

     } elseif ($openid->IsError() === true)

     {

       // ON THE WAY, WE GOT SOME ERROR

       $_SESSION["dol_loginmesg"] = $openid->GetError();

       return false;

     } else {

       // Signature Verification Failed

       //echo "INVALID AUTHORIZATION";

       return false;

     }

   } elseif ($_GET['openid_mode'] == 'cancel')

   {

     // User Canceled your Request

     //echo "USER CANCELED REQUEST";

     return false;

   }


   return $login;

 }

dol_now
dol_now($mode= 'auto')
Return date for now.
Definition: functions.lib.php:2288

check_user_password_openid
check_user_password_openid($usertotest, $passwordtotest, $entitytotest)
Check validity of user/password/entity If test is ko, reason must be filled into $_SESSION[&quot;dol_login...
Definition: functions_openid.php:37

GETPOSTISSET
GETPOSTISSET($paramname)
Return true if we are in a context of submitting the parameter $paramname.
Definition: functions.lib.php:234

dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename= '', $restricttologhandler= '', $logcontext=null)
Write log message into outputs.
Definition: functions.lib.php:1208

dol_get_first_hour
dol_get_first_hour($date, $gm= 'tzserver')
Return GMT time for first hour of a given GMT date (it removes hours, min and second part) ...
Definition: date.lib.php:538

$resql
if(!empty($conf->facture->enabled)&&$user->rights->facture->lire) if((!empty($conf->fournisseur->enabled)&&empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)||!empty($conf->supplier_invoice->enabled))&&$user->rights->fournisseur->facture->lire) if(!empty($conf->don->enabled)&&$user->rights->don->lire) if(!empty($conf->tax->enabled)&&$user->rights->tax->charges->lire) if(!empty($conf->facture->enabled)&&!empty($conf->commande->enabled)&&$user->rights->commande->lire &&empty($conf->global->WORKFLOW_DISABLE_CREATE_INVOICE_FROM_ORDER)) if(!empty($conf->facture->enabled)&&$user->rights->facture->lire) if((!empty($conf->fournisseur->enabled)&&empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)||!empty($conf->supplier_invoice->enabled))&&$user->rights->fournisseur->facture->lire) $resql
Social contributions to pay.
Definition: index.php:1232

SimpleOpenID
Class to manage OpenID.
Definition: openid.class.php:27