X-Git-Url: https://git-public.kairo.at/?p=authserver.git;a=blobdiff_plain;f=app%2Findex.php;h=e1be02d4e1c4930185cea38e09fffbfabdff145b;hp=b9820504ffbf9aea27c3645e9fd445a2d5c23a28;hb=caa2589f5af56a2809548f57b2110f6826c58ca8;hpb=9b32cdebaf8f89db6c365d8c4b108c5fe682006b
diff --git a/app/index.php b/app/index.php
index b982050..e1be02d 100644
--- a/app/index.php
+++ b/app/index.php
@@ -10,14 +10,15 @@ $errors = $utils->checkForSecureConnection();
$utils->sendSecurityHeaders();
// Initialize the HTML document with our basic elements.
-extract($utils->initHTMLDocument('KaiRo.at Authentication Server')); // sets $document, $html, $head, $title, $body
+extract($utils->initHTMLDocument(sprintf(_('%s Authentication Server'), $utils->settings['operator_name']))); // sets $document, $html, $head, $title, $body
if (!count($errors)) {
$session = $utils->initSession(); // Read session or create new session and set cookie.
$user = array('id' => 0, 'email' => '');
$pagetype = 'default';
if (is_null($session)) {
- $errors[] = _('The session system is not working.').' '._('Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('The session system is not working.').' '
+ .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
}
elseif (array_key_exists('logout', $_GET)) {
$result = $db->prepare('UPDATE `auth_sessions` SET `logged_in` = FALSE WHERE `id` = :sessid;');
@@ -28,7 +29,7 @@ if (!count($errors)) {
$session['logged_in'] = 0;
}
elseif (array_key_exists('email', $_POST)) {
- if (!preg_match('/^[^@]+@[^@]+\.[^@]+$/', $_POST['email'])) {
+ if (!preg_match('/^[^@]+@([^@]+\.[^@]+|localhost)$/', $_POST['email'])) {
$errors[] = _('The email address is invalid.');
}
elseif ($utils->verifyTimeCode(@$_POST['tcode'], $session)) {
@@ -87,7 +88,8 @@ if (!count($errors)) {
$result = $db->prepare('INSERT INTO `auth_users` (`email`, `pwdhash`, `status`, `verify_hash`) VALUES (:email, :pwdhash, \'unverified\', :vcode);');
if (!$result->execute(array(':email' => $_POST['email'], ':pwdhash' => $newHash, ':vcode' => $vcode))) {
$utils->log('user_insert_failure', 'email: '.$_POST['email'].' - '.$result->errorInfo()[2]);
- $errors[] = _('Could not add user.').' '._('Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('Could not add user.').' '
+ .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
}
$user = array('id' => $db->lastInsertId(),
'email' => $_POST['email'],
@@ -102,18 +104,18 @@ if (!count($errors)) {
$mail->setCharset('utf-8');
$mail->addHeader('X-KAIRO-AUTH', 'email_verification');
$mail->addRecipient($user['email']);
- $mail->setSender('noreply@auth.kairo.at', _('KaiRo.at Authentication Service'));
- $mail->setSubject('Email Verification for KaiRo.at Authentication');
+ $mail->setSender($utils->settings['info_from_email'], sprintf(_('%s Authentication Service'), $utils->settings['operator_name']));
+ $mail->setSubject(sprintf(_('Email Verification for %s Authentication'), $utils->settings['operator_name']));
$mail->addMailText(_('Welcome!')."\n\n");
$mail->addMailText(sprintf(_('This email address, %s, has been used for registration on "%s".'),
- $user['email'], _('KaiRo.at Authentication Service'))."\n\n");
+ $user['email'], sprintf(_('%s Authentication Service'), $utils->settings['operator_name']))."\n\n");
$mail->addMailText(_('Please confirm that registration by clicking the following link (or calling it up in your browser):')."\n");
$mail->addMailText($utils->getDomainBaseURL().strstr($_SERVER['REQUEST_URI'], '?', true)
.'?email='.rawurlencode($user['email']).'&verification_code='.rawurlencode($user['verify_hash'])."\n\n");
$mail->addMailText(_('With this confirmation, you accept that we handle your data for the purpose of logging you into other websites when you request that.')."\n");
$mail->addMailText(_('Those websites will get to know your email address but not your password, which we store securely.')."\n");
$mail->addMailText(_('If you do not call this confirmation link within 72 hours, your data will be deleted from our database.')."\n\n");
- $mail->addMailText(sprintf(_('The %s team'), 'KaiRo.at'));
+ $mail->addMailText(sprintf(_('The %s team'), $utils->settings['operator_name']));
//$mail->setDebugAddress("robert@localhost");
$mailsent = $mail->send();
if ($mailsent) {
@@ -121,7 +123,8 @@ if (!count($errors)) {
}
else {
$utils->log('verify_mail_failure', 'user: '.$user['id'].', email: '.$user['email']);
- $errors[] = _('The confirmation email could not be sent to you.').' '._('Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('The confirmation email could not be sent to you.').' '
+ .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
}
}
else {
@@ -130,7 +133,8 @@ if (!count($errors)) {
$result = $db->prepare('UPDATE `auth_users` SET `verify_hash` = :vcode WHERE `id` = :userid;');
if (!$result->execute(array(':vcode' => $vcode, ':userid' => $user['id']))) {
$utils->log('vhash_set_failure', 'user: '.$user['id']);
- $errors[] = _('Could not initiate reset request.').' '._('Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('Could not initiate reset request.').' '
+ .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
}
else {
$utils->log('pwd_reset_request', 'user: '.$user['id'].', email: '.$user['email']);
@@ -140,16 +144,16 @@ if (!count($errors)) {
$mail->setCharset('utf-8');
$mail->addHeader('X-KAIRO-AUTH', 'password_reset');
$mail->addRecipient($user['email']);
- $mail->setSender('noreply@auth.kairo.at', _('KaiRo.at Authentication Service'));
- $mail->setSubject('How to reset your password for KaiRo.at Authentication');
+ $mail->setSender($utils->settings['info_from_email'], sprintf(_('%s Authentication Service'), $utils->settings['operator_name']));
+ $mail->setSubject(sprintf(_('How to reset your password for %s Authentication'), $utils->settings['operator_name']));
$mail->addMailText(_('Hi,')."\n\n");
$mail->addMailText(sprintf(_('A request for setting a new password for this email address, %s, has been submitted on "%s".'),
- $user['email'], _('KaiRo.at Authentication Service'))."\n\n");
+ $user['email'], sprintf(_('%s Authentication Service'), $utils->settings['operator_name']))."\n\n");
$mail->addMailText(_('You can set a new password by clicking the following link (or calling it up in your browser):')."\n");
$mail->addMailText($utils->getDomainBaseURL().strstr($_SERVER['REQUEST_URI'], '?', true)
.'?email='.rawurlencode($user['email']).'&reset_code='.rawurlencode($resetcode)."\n\n");
$mail->addMailText(_('If you do not call this confirmation link within 1 hour, this link expires and the existing password is being kept in place.')."\n\n");
- $mail->addMailText(sprintf(_('The %s team'), 'KaiRo.at'));
+ $mail->addMailText(sprintf(_('The %s team'), $utils->settings['operator_name']));
//$mail->setDebugAddress("robert@localhost");
$mailsent = $mail->send();
if ($mailsent) {
@@ -157,7 +161,8 @@ if (!count($errors)) {
}
else {
$utils->log('pwd_reset_mail_failure', 'user: '.$user['id'].', email: '.$user['email']);
- $errors[] = _('The email with password reset instructions could not be sent to you.').' '._('Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('The email with password reset instructions could not be sent to you.').' '
+ .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
}
}
}
@@ -195,7 +200,7 @@ if (!count($errors)) {
}
elseif (array_key_exists('reset', $_GET)) {
if ($session['logged_in']) {
- $result = $db->prepare('SELECT `id`,`email` FROM `auth_users` WHERE `id` = :userid;');
+ $result = $db->prepare('SELECT `id`,`email`,`group_id` FROM `auth_users` WHERE `id` = :userid;');
$result->execute(array(':userid' => $session['user']));
$user = $result->fetch(PDO::FETCH_ASSOC);
if (!$user['id']) {
@@ -209,14 +214,15 @@ if (!count($errors)) {
}
}
elseif (array_key_exists('verification_code', $_GET)) {
- $result = $db->prepare('SELECT `id`,`email` FROM `auth_users` WHERE `email` = :email AND `status` = \'unverified\' AND `verify_hash` = :vcode;');
+ $result = $db->prepare('SELECT `id`,`email`,`group_id` FROM `auth_users` WHERE `email` = :email AND `status` = \'unverified\' AND `verify_hash` = :vcode;');
$result->execute(array(':email' => @$_GET['email'], ':vcode' => $_GET['verification_code']));
$user = $result->fetch(PDO::FETCH_ASSOC);
if ($user['id']) {
$result = $db->prepare('UPDATE `auth_users` SET `verify_hash` = \'\', `status` = \'ok\' WHERE `id` = :userid;');
if (!$result->execute(array(':userid' => $user['id']))) {
$utils->log('verification_save_failure', 'user: '.$user['id']);
- $errors[] = _('Could not save confirmation.').' '._('Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('Could not save confirmation.').' '
+ .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
}
$pagetype = 'verification_done';
}
@@ -226,7 +232,7 @@ if (!count($errors)) {
}
elseif (array_key_exists('reset_code', $_GET)) {
$reset_fail = true;
- $result = $db->prepare('SELECT `id`,`email`,`verify_hash` FROM `auth_users` WHERE `email` = :email');
+ $result = $db->prepare('SELECT `id`,`email`,`verify_hash`,`group_id` FROM `auth_users` WHERE `email` = :email');
$result->execute(array(':email' => @$_GET['email']));
$user = $result->fetch(PDO::FETCH_ASSOC);
if ($user['id']) {
@@ -261,7 +267,7 @@ if (!count($errors)) {
}
}
elseif (array_key_exists('clients', $_GET)) {
- $result = $db->prepare('SELECT `id`,`email` FROM `auth_users` WHERE `id` = :userid;');
+ $result = $db->prepare('SELECT `id`,`email`,`group_id` FROM `auth_users` WHERE `id` = :userid;');
$result->execute(array(':userid' => $session['user']));
$user = $result->fetch(PDO::FETCH_ASSOC);
if ($session['logged_in'] && $user['id']) {
@@ -277,7 +283,8 @@ if (!count($errors)) {
':scope' => $scope,
':userid' => $user['id']))) {
$utils->log('client_save_failure', 'client: '.$clientid);
- $errors[] = _('Unexpectedly failed to save new client information.').' '._('Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('Unexpectedly failed to save new client information.').' '
+ .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
}
}
if (!count($errors)) {
@@ -320,7 +327,8 @@ if (!count($errors)) {
$result = $db->prepare('UPDATE `auth_users` SET `pwdhash` = :pwdhash, `verify_hash` = \'\' WHERE `id` = :userid;');
if (!$result->execute(array(':pwdhash' => $newHash, ':userid' => $session['user']))) {
$utils->log('pwd_reset_failure', 'user: '.$session['user']);
- $errors[] = _('Password reset failed.').' '._('Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('Password reset failed.').' '
+ .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
}
else {
$pagetype = 'reset_done';
@@ -462,7 +470,7 @@ if (!count($errors)) {
$link = $litem->appendLink('./?logout', _('Log out'));
$litem = $ulist->appendElement('li');
$link = $litem->appendLink('./?addemail', _('Add another email address'));
- if (in_array($user['email'], $utils->client_reg_email_whitelist)) {
+ if (($utils->client_reg_email_whitelist === false) || (in_array($user['email'], $utils->client_reg_email_whitelist))) {
$litem = $ulist->appendElement('li');
$link = $litem->appendLink('./?clients', _('Manage OAuth2 clients'));
}