1 | <?php |
---|
2 | |
---|
3 | /**************************************************************************\ |
---|
4 | * eGroupWare * |
---|
5 | * http://www.egroupware.org * |
---|
6 | * -------------------------------------------- * |
---|
7 | * This program is free software; you can redistribute it and/or modify it * |
---|
8 | * under the terms of the GNU General Public License as published by the * |
---|
9 | * Free Software Foundation; either version 2 of the License, or (at your * |
---|
10 | * option) any later version. * |
---|
11 | \**************************************************************************/ |
---|
12 | |
---|
13 | require_once 'common.inc.php'; |
---|
14 | require_once 'engine/config.egw.inc.php'; |
---|
15 | require_once 'class.so_adminaccess.inc.php'; |
---|
16 | |
---|
17 | /** |
---|
18 | * @package Workflow |
---|
19 | * @license http://www.gnu.org/copyleft/gpl.html GPL |
---|
20 | * @author Sidnei Augusto Drovetto Jr. - drovetto@gmail.com |
---|
21 | */ |
---|
22 | class external_bridge |
---|
23 | { |
---|
24 | /** |
---|
25 | * @var string $siteAddress the address of the site |
---|
26 | * @access public |
---|
27 | */ |
---|
28 | var $siteAddress; |
---|
29 | |
---|
30 | /** |
---|
31 | * @var object $acl access rights object |
---|
32 | * @access public |
---|
33 | */ |
---|
34 | var $acl; |
---|
35 | /** |
---|
36 | * @var object $db |
---|
37 | * @access public |
---|
38 | */ |
---|
39 | var $db; |
---|
40 | /** |
---|
41 | * @var array $public_functions |
---|
42 | * @access public |
---|
43 | */ |
---|
44 | var $public_functions = array( |
---|
45 | 'render' => True |
---|
46 | ); |
---|
47 | /** |
---|
48 | * External bridge |
---|
49 | * @access public |
---|
50 | * @return void |
---|
51 | */ |
---|
52 | function external_bridge() |
---|
53 | { |
---|
54 | $this->db = $GLOBALS['workflow']['workflowObjects']->getDBGalaxia(); |
---|
55 | $this->acl = new so_adminaccess($GLOBALS['workflow']['workflowObjects']->getDBGalaxia()->Link_ID); |
---|
56 | } |
---|
57 | /** |
---|
58 | * load Data |
---|
59 | * @access public |
---|
60 | * @return void |
---|
61 | */ |
---|
62 | function loadData($site) |
---|
63 | { |
---|
64 | /* define the dynamic values that can be used in the login process */ |
---|
65 | $tmpUser = ""; |
---|
66 | $tmpOrg = ""; |
---|
67 | |
---|
68 | $tmpUser = $GLOBALS['phpgw_info']['user']['account_lid']; |
---|
69 | $tmpOrg = explode(",ou=", $GLOBALS['phpgw_info']['user']['account_dn']); |
---|
70 | $tmpOrg = explode(",", $tmpOrg[1]); |
---|
71 | $tmpOrg = $tmpOrg[0]; |
---|
72 | |
---|
73 | $replace = array( |
---|
74 | '%user%' => $tmpUser, |
---|
75 | '%organization%' => $tmpOrg, |
---|
76 | '%password%' => $GLOBALS['phpgw_info']['user']['passwd']); |
---|
77 | |
---|
78 | /* select the required form values for submission */ |
---|
79 | $result = $this->db->query("SELECT address, post FROM egw_wf_external_application WHERE (external_application_id = {$site})"); |
---|
80 | $row = $result->fetchRow(DB_FETCHMODE_ASSOC); |
---|
81 | if (!$row) |
---|
82 | die(""); |
---|
83 | |
---|
84 | $dataTmp = str_replace("\r", "", $row['post']); |
---|
85 | $dataTmp = explode("\n", $dataTmp); |
---|
86 | |
---|
87 | $this->siteAddress = $row['address']; |
---|
88 | |
---|
89 | $data = array(); |
---|
90 | foreach ($dataTmp as $aux) |
---|
91 | { |
---|
92 | list($varName,$value) = explode("=", $aux, 2); |
---|
93 | $data["$varName"] = $value; |
---|
94 | } |
---|
95 | |
---|
96 | /* replace the tags with the actual values */ |
---|
97 | foreach ($data as $key => $value) |
---|
98 | foreach ($replace as $before => $after) |
---|
99 | $data[$key] = str_replace($before, $after, $data[$key]); |
---|
100 | |
---|
101 | /* load the data */ |
---|
102 | $output = array(); |
---|
103 | foreach ($data as $key => $value) |
---|
104 | $output[] = array( |
---|
105 | "name" => $key, |
---|
106 | "value" => $value); |
---|
107 | |
---|
108 | return $output; |
---|
109 | } |
---|
110 | /** |
---|
111 | * External bridge |
---|
112 | * @access public |
---|
113 | * @return void |
---|
114 | */ |
---|
115 | function render() |
---|
116 | { |
---|
117 | if (($GLOBALS['phpgw_info']['server']['use_https'] > 0) && ($_SERVER['HTTPS'] != 'on')) |
---|
118 | { |
---|
119 | header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); |
---|
120 | exit; |
---|
121 | } |
---|
122 | |
---|
123 | /* validate the var and avoid SQL injection */ |
---|
124 | $site = $_REQUEST['site']; |
---|
125 | |
---|
126 | $redirect = false; |
---|
127 | if (!is_numeric($site)) |
---|
128 | $redirect = true; |
---|
129 | else |
---|
130 | { |
---|
131 | /* check if the user has the permission to access the requested site */ |
---|
132 | $site = (int) $site; |
---|
133 | if (!$this->acl->checkUserGroupAccessToResource('APX', $GLOBALS['phpgw_info']['user']['account_id'], $site)) |
---|
134 | $redirect = true; |
---|
135 | } |
---|
136 | |
---|
137 | /* in case of any error, send the user to the frontpage */ |
---|
138 | if ($redirect) |
---|
139 | { |
---|
140 | header("Location: index.php"); |
---|
141 | exit; |
---|
142 | } |
---|
143 | |
---|
144 | /* generates the form */ |
---|
145 | $generatedForm = ''; |
---|
146 | $loginData = $this->loadData($site); |
---|
147 | foreach ($loginData as $formData) |
---|
148 | $generatedForm .= "<input type=\"hidden\" name=\"" . $formData['name'] . "\" id=\"" . $formData['name'] . "\" value=\"" . $formData['value'] . "\">"; |
---|
149 | $generatedForm = 'document.write(\'' . $generatedForm . '\');'; |
---|
150 | |
---|
151 | /* encode the form before submission */ |
---|
152 | $encodedForm = ''; |
---|
153 | for ($i = 0; $i < strlen($generatedForm); $i++) |
---|
154 | $encodedForm .= '%' . bin2hex($generatedForm[$i]); |
---|
155 | $encodedForm = '<script type="text/javascript">eval(unescape(\'' . $encodedForm . '\'))</script>'; |
---|
156 | |
---|
157 | /* assign variables to the template */ |
---|
158 | $smarty = $GLOBALS['workflow']['factory']->getInstance('workflow_smarty', false); |
---|
159 | $smarty->assign('encodedForm', $encodedForm); |
---|
160 | $smarty->assign('siteAddress', $this->siteAddress); |
---|
161 | $smarty->display('external_bridge.tpl'); |
---|
162 | } |
---|
163 | } |
---|
164 | ?> |
---|