dolibarr  7.0.0-beta
functions_openid.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2007-2013 Laurent Destailleur <eldy@users.sourceforge.net>
3  * Copyright (C) 2007-2009 Regis Houssin <regis.houssin@capnetworks.com>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 3 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program. If not, see <http://www.gnu.org/licenses/>.
17  */
18 
25 include_once DOL_DOCUMENT_ROOT.'/core/class/openid.class.php';
26 
27 
37 function check_user_password_openid($usertotest,$passwordtotest,$entitytotest)
38 {
39  global $_POST,$db,$conf,$langs;
40 
41  dol_syslog("functions_openid::check_user_password_openid usertotest=".$usertotest);
42 
43  $login='';
44 
45  // Get identity from user and redirect browser to OpenID Server
46  if (isset($_POST['username']))
47  {
48  $openid = new SimpleOpenID();
49  $openid->SetIdentity($_POST['username']);
50  $protocol = ($conf->file->main_force_https ? 'https://' : 'http://');
51  $openid->SetTrustRoot($protocol . $_SERVER["HTTP_HOST"]);
52  $openid->SetRequiredFields(array('email','fullname'));
53  $_SESSION['dol_entity'] = $_POST["entity"];
54  //$openid->SetOptionalFields(array('dob','gender','postcode','country','language','timezone'));
55  if ($openid->sendDiscoveryRequestToGetXRDS())
56  {
57  $openid->SetApprovedURL($protocol . $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"]); // Send Response from OpenID server to this script
58  $openid->Redirect(); // This will redirect user to OpenID Server
59  }
60  else
61  {
62  $error = $openid->GetError();
63  return false;
64  }
65  return false;
66  }
67  // Perform HTTP Request to OpenID server to validate key
68  elseif($_GET['openid_mode'] == 'id_res')
69  {
70  $openid = new SimpleOpenID();
71  $openid->SetIdentity($_GET['openid_identity']);
72  $openid_validation_result = $openid->ValidateWithServer();
73  if ($openid_validation_result == true)
74  {
75  // OK HERE KEY IS VALID
76 
77  $sql ="SELECT login";
78  $sql.=" FROM ".MAIN_DB_PREFIX."user";
79  $sql.=" WHERE openid = '".$db->escape($_GET['openid_identity'])."'";
80  $sql.=" AND entity IN (0," . ($_SESSION["dol_entity"] ? $_SESSION["dol_entity"] : 1) . ")";
81 
82  dol_syslog("functions_openid::check_user_password_openid", LOG_DEBUG);
83  $resql=$db->query($sql);
84  if ($resql)
85  {
86  $obj=$db->fetch_object($resql);
87  if ($obj)
88  {
89  $login=$obj->login;
90  }
91  }
92  }
93  else if($openid->IsError() == true)
94  {
95  // ON THE WAY, WE GOT SOME ERROR
96  $error = $openid->GetError();
97  return false;
98  }
99  else
100  {
101  // Signature Verification Failed
102  //echo "INVALID AUTHORIZATION";
103  return false;
104  }
105  }
106  else if ($_GET['openid_mode'] == 'cancel')
107  {
108  // User Canceled your Request
109  //echo "USER CANCELED REQUEST";
110  return false;
111  }
112 
113  return $login;
114 }
check_user_password_openid($usertotest, $passwordtotest, $entitytotest)
Check validity of user/password/entity If test is ko, reason must be filled into $_SESSION["dol_login...
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='')
Write log message into outputs.
if(!empty($conf->facture->enabled)&&$user->rights->facture->lire) if(!empty($conf->fournisseur->enabled)&&$user->rights->fournisseur->facture->lire) if(!empty($conf->don->enabled)&&$user->rights->societe->lire) if(!empty($conf->tax->enabled)&&$user->rights->tax->charges->lire) if(!empty($conf->facture->enabled)&&!empty($conf->commande->enabled)&&$user->rights->commande->lire &&empty($conf->global->WORKFLOW_DISABLE_CREATE_INVOICE_FROM_ORDER)) if(!empty($conf->facture->enabled)&&$user->rights->facture->lire) if(!empty($conf->fournisseur->enabled)&&$user->rights->fournisseur->facture->lire) $resql
Social contributions to pay.
Definition: index.php:1013
Class to manage OpenID.