<?php
class SiteController {
/**
* Declares class-based actions.
*/
public function actions() {
return array(
// captcha action renders the CAPTCHA image displayed on the contact page
'captcha' => array(
'class' => 'CCaptchaAction',
'backColor' => 0xFFFFFF,
),
// page action renders "static" pages stored under 'protected/views/site/pages'
// They can be accessed via: index.php?r=site/page&view=FileName
'page' => array(
'class' => 'CViewAction',
),
);
}
/**
* This is the default 'index' action that is invoked
* when an action is not explicitly requested by users.
*/
public function actionIndex() {
if (Utility::isSessionValid()) {
$session = new CHttpSession;
$session->open();
$rid = $session['Person_ID'];
$csaServices2 = array();
$bdims_reg_tags = explode(",", BDIMS_REGISTRAR_TAGS);
//Check If the use if CSA / VLE
if (Utility::isAuthorizedCsa($rid)) {
$csaServices = Utility::getCsaServices();
foreach ($csaServices as $key => $values) {
foreach ($values as $k => $val) {
$val = (array) $val;
if (($val['is_csa_service'] == "2") && Utility::isAuthorizedVle($rid)) {
if ($val['service_provider_tag'] == 'bdims') {
if (!in_array($val['service_tag'], $bdims_reg_tags)) {
$csaServices2[$key][$k] = $val;
}
} else {
$csaServices2[$key][$k] = $val;
}
} elseif ($val['is_csa_service'] == "1") {
if ($val['service_provider_tag'] == 'bdims') {
if (!in_array($val['service_tag'], $bdims_reg_tags)) {
$csaServices2[$key][$k] = $val;
}
} else {
$csaServices2[$key][$k] = $val;
}
}
}
}
} else {
//Check If the user is BDIMS User
$userInfo = Utility::getHealthUserInfo($rid);
if ($userInfo != "1" && $userInfo != "2") {
//Check for other Auth users
throw new CHttpException(403, 'Access Denied. Please contact IVISS Administator.');
exit;
} else {
$csaServices = Utility::getCsaServices();
$bdims_info = Utility::getHealthUserInfo($rid);
if (($bdims_info != "1") && ($bdims_info != "2")) {
throw new CHttpException(403, 'Access Denied. Please contact IVISS Administator.');
exit;
}
foreach ($csaServices as $key => $values) {
foreach ($values as $k => $val) {
$val = (array) $val;
if ($val['service_provider_tag'] == 'bdims') {
if (($bdims_info == "2") && in_array($val['service_tag'], $bdims_reg_tags)) {
$csaServices2[$key][$k] = $val;
} elseif (($bdims_info == "1") && !in_array($val['service_tag'], $bdims_reg_tags)) {
$csaServices2[$key][$k] = $val;
}
}
}
}
}
}
$session['csaServices'] = $csaServices2;
unset($csaServices);
unset($csaServices2);
//$this->render('index', array('csaServices' => $csaServices2));
$htmlCode = $this->render('index', true);
$htmlCode = preg_replace('#(?ix)(?>[^\S ]\s*|\s{2,})(?=(?:(?:[^<]++|<(?!/?(?:textarea|pre)\b))*+)(?:<(?>textarea|pre)\b|\z))#', ' ', $htmlCode);
echo $htmlCode;
} else {
$loginUrl = Utility::getFullBaseUrl() . "/site/login";
$this->redirect($loginUrl);
}
}
/**
* This is the action to handle external exceptions.
*/
public function actionError() {
if ($error = Yii::app()->errorHandler->error) {
if (Yii::app()->request->isAjaxRequest)
echo $error['message'];
else
$this->render('error', $error);
}
}
/**
* Validates the Token
*
* @return boolean
*/
public function actionIstokenactive() {
$session = new CHttpSession;
$session->open();
if (empty($session['idm_token'])) {
echo "0";
} else {
$idm_token = $session['idm_token'];
$info = Utility::getTokenInfo($idm_token);
echo count($info);
}
}
/**
* Displays the contact page
*/
public function actionContact() {
throw new CHttpException(405, 'Method Discontinued. Please contact IVISS Administator.');
exit;
$model = new ContactForm;
if (isset($_POST['ContactForm'])) {
$model->attributes = $_POST['ContactForm'];
if ($model->validate()) {
$name = '=?UTF-8?B?' . base64_encode($model->name) . '?=';
$subject = '=?UTF-8?B?' . base64_encode($model->subject) . '?=';
$headers = "From: $name <{$model->email}>\r\n" .
"Reply-To: {$model->email}\r\n" .
"MIME-Version: 1.0\r\n" .
"Content-Type: text/plain; charset=UTF-8";
mail(Yii::app()->params['adminEmail'], $subject, $model->body, $headers);
Yii::app()->user->setFlash('contact', 'Thank you for contacting us. We will respond to you as soon as possible.');
$this->refresh();
}
}
$this->render('contact', array('model' => $model));
}
/**
* Displays the login page
*/
public function actionLogin() {
if (Utility::isSessionValid()) {
$loginUrl = Utility::getFullBaseUrl();
$this->redirect($loginUrl);
exit;
}
if (isset($_POST['idm_token'])) {
$idm_token = $_POST['idm_token'];
$tokenInfo = Utility::getTokenInfo($idm_token);
if (!isset($tokenInfo['Person_ID']) || empty($tokenInfo['Person_ID'])) {
//Exception
throw new CHttpException(400, 'Invalid Request.');
}
$rid = $tokenInfo['Person_ID'];
$csaInfo = Utility::getCsaInfo($rid);
if (($csaInfo === false) && (Utility::isAuthorizedVle($rid) === false) && (Utility::isHealthUser($rid) === false)) {
//Exception
throw new CHttpException(403, 'Access Denied');
} else {
$session = new CHttpSession;
$session->open();
$session['Person_ID'] = $rid;
//$session['username'] = Utility::outputfilter(Utility::sanatizeParams($tokenInfo['Person']));
$session['username'] = Utility::sanatizeParams($tokenInfo['Person']);
$session['idm_token'] = $idm_token;
$session->regenerateID();
}
Utility::initLogin();
$this->redirect($this->createUrl('/'));
} else {
$service_provider_tag = "csaportal";
$HMAC_KEY = Utility::getHmacKeyFromLegitTag($service_provider_tag);
if ($HMAC_KEY === false) {
//Exception
throw new CHttpException(500, 'No HMAC Key Found');
} else {
$actionUrl = Utility::getUrlFromLegitTag('ldapserver');
$actionUrl = $actionUrl . "/auth/idmlevel2/";
$actionUrl = Utility::removeDoubleSlashesFromUrl($actionUrl);
$callback_url = Utility::getUrlFromLegitTag($service_provider_tag);
$callback_url = $callback_url . "/site/login";
$callback_failure_url = $callback_url;
$idm_data = ($callback_url . $callback_failure_url . $service_provider_tag);
$IDM_HMAC = hash_hmac('sha1', $idm_data, $HMAC_KEY);
$params = array();
$params['action_url'] = $actionUrl;
$params['callback_url'] = $callback_url;
$params['callback_failure_url'] = $callback_failure_url;
$params['service_provider_tag'] = "csaportal";
$params['idm_hmac'] = $IDM_HMAC;
// display the login form
//$htmlCode = $this->renderPartial('idmlogin', $params, true);
$htmlCode = $this->renderPartial('loginidm', $params, true);
$htmlCode = preg_replace('#(?ix)(?>[^\S ]\s*|\s{2,})(?=(?:(?:[^<]++|<(?!/?(?:textarea|pre)\b))*+)(?:<(?>textarea|pre)\b|\z))#', ' ', $htmlCode);
echo $htmlCode;
}
}
}
/**
* Logs out the current user and redirect to homepage.
*/
public function actionLogout() {
Yii::app()->user->logout();
$session = new CHttpSession;
$session->destroy();
unset(Yii::app()->request->cookies['ZDEDebuggerPresent']);
unset(Yii::app()->request->cookies['YII_CSRF_TOKEN']);
unset(Yii::app()->request->cookies['PHPSESSID']);
unset(Yii::app()->request->cookies['iviss_cookie']);
$loginUrl = Utility::getFullBaseUrl() . "/site/login";
$this->redirect($loginUrl);
}
}
preferences:
29.94 ms | 402 KiB | 5 Q