diff --git a/php/.htaccess b/php/.htaccess
deleted file mode 100644
index f289550940da314e0c59b1995c38ed2b670f8f78..0000000000000000000000000000000000000000
--- a/php/.htaccess
+++ /dev/null
@@ -1 +0,0 @@
-Header set Access-Control-Allow-Origin "*"
diff --git a/php/config.php b/php/config.php
index 5e7980b5a861f872f24d5dd44e06471e748bf364..51116abd60ce33908aa847daf26b32c720fbe2b9 100644
--- a/php/config.php
+++ b/php/config.php
@@ -1,7 +1,6 @@
<?php
-//$poller_bin = "/usr/lib/mw/mwpoll";
-$poller_bin = "/usr/local/lib/mw/mwpoll.test";
+$poller_bin = "/usr/lib/mw/mwpoll";
$poller_path = "/var/run/mw/mwpoll.";
/* Fix these paths to your local test copy for test mode e.g. */
diff --git a/php/imageproxy.php b/php/imageproxy.php
new file mode 100644
index 0000000000000000000000000000000000000000..9226c278b26905c585fe2da427adcf4f2de76f77
--- /dev/null
+++ b/php/imageproxy.php
@@ -0,0 +1,35 @@
+<?php
+ $url = "";
+ if (isset($_GET['url'])){
+ $url = $_GET[ 'url' ];
+ } else {
+ exit();
+ }
+
+ $url_headers = get_headers($url, 1);
+
+ if (isset($url_headers['Content-Type'])) {
+ $type = strtolower($url_headers['Content-Type']);
+
+ $valid_image_type = array();
+ $valid_image_type['image/png']='';
+ $valid_image_type['image/jpg']='';
+ $valid_image_type['image/jpeg']='';
+ $valid_image_type['image/jpe']='';
+ $valid_image_type['image/gif']='';
+ $valid_image_type['image/tif']='';
+ $valid_image_type['image/tiff']='';
+ $valid_image_type['image/svg']='';
+ $valid_image_type['image/ico']='';
+ $valid_image_type['image/icon']='';
+ $valid_image_type['image/x-icon']='';
+
+ if (isset($valid_image_type[$type])) {
+ $im = file_get_contents($url);
+ $imdata = base64_encode($im);
+ echo $imdata;
+ } else {
+ echo 'not_an_image';
+ }
+ }
+?>
diff --git a/php/index.php b/php/index.php
index cb0aab8ac7fa180db852a7c03bb0f9e8ab9e1e7c..44869e265f1ea58153ccdb5ec488889faf986b2d 100644
--- a/php/index.php
+++ b/php/index.php
@@ -23,7 +23,7 @@ if (!isset($mwsess)) {
if ($_REQUEST['sucssite_loggedin']=="true" && $action!="logout") {
require("startup.php");
} else {
- echo 'Post requests only to this url';
+ echo 'nope';
exit;
}
}
diff --git a/php/poll.php b/php/poll.php
index a9d7783c6df53ee8a51a2e0d5e20c4ad3cffec34..144623f2f5de8166c53403830e8cff485e51e466 100644
--- a/php/poll.php
+++ b/php/poll.php
@@ -1,12 +1,11 @@
<?
-
require_once("config.php");
$data = unserialize(@$_REQUEST['mwsess']);
$sess = (int)$data['pid'];
$auth = trim($data['auth']);
-$path = $poller_path.$sess;
+$path = $poller_path . $sess;
header("Content-type: application/json; charset=utf-8");
@@ -27,7 +26,10 @@ if (@socket_recv($sock, $response, 4096, 0)===FALSE) {
exit;
}
$res = json_decode($response, TRUE);
-if ($res === NULL) { echo "{\"status\":\"Bad server response\"}\n"; exit; }
+if ($res === NULL) {
+ echo "{\"status\":\"Bad server response\"}\n";
+ exit;
+}
if ($res['status'] != "OK") {
echo $response;
@@ -46,8 +48,12 @@ if (@socket_recv($sock, $response, 262144, 0)===FALSE) {
exit;
}
-if ($response!="") echo $response."\n";
-else echo "[]\n";
+if ($response != "") {
+ echo $response . "\n";
+} else {
+ echo "[]\n";
+}
socket_close($sock);
+exit;
?>
diff --git a/php/startup.php b/php/startup.php
index 0e9781a74274256b980cb6aa0a640cba9fb077df..32db816f3f13109bff79e7317a8ec286f9893b5d 100644
--- a/php/startup.php
+++ b/php/startup.php
@@ -7,140 +7,120 @@ $password = trim($_REQUEST['password']);
// Preliminary checks
-// Have we been passed SUCSsite cookies?
-// If not, test that the login details make sense.
-if (@$_REQUEST['sucssite_loggedin']!="true") {
- if (empty($username) || empty($password)) {
- echo json_encode((object) ['error' => 'username and password must both be not empty']);
- exit;
- }
+// Test that the login details make sense.
+if (empty($username) || empty($password)) {
+ echo json_encode((object) ['error' => 'username and password must both be not empty']);
+}
- if (ctype_alnum($username) === FALSE) {
- echo json_encode((object) ['error' => 'alphanumeric usernames only']);
- exit;
- }
+if (!preg_match("/^[a-z][a-z0-9_]*$/", $username)) {
+ echo json_encode((object) ['error' => 'invalid characters in username']);
+ exit;
}
-// Have we been asked to create a new Milliways account?
-// If so, make sure that the password supplied is suitable.
-if ($action=="create") {
- $pass1 = @$_REQUEST['password1'];
- $pass2 = @$_REQUEST['password2'];
-
- if ($pass1 != $pass2) {
- echo json_encode((object) ['error' => 'Passwords don\'t match - please try again']);
- exit;
- }
+login($mwpoll, $username, $password, true);
- if (empty($pass1)) {
- echo json_encode((object) ['error' => 'Password cannot be blank']);
- exit;
- }
-
- if (ctype_alnum($pass1) === FALSE) {
- echo json_encode((object) ['error' => 'Milliways passwords can only contain alphanumeric characters']);
- exit;
- }
+function login($mwpoll, $username, $password, $continue) {
+ $desc = array(
+ 0 => array("pipe", "r"),
+ 1 => array("pipe", "w"),
+ );
+ $pipes = array();
- if (strlen($pass1) < 6) {
- echo json_encode((object) ['error' => 'Milliways passwords must be 6 characters or more']);
- exit;
- }
-}
-
-$desc = array(
- 0 => array("pipe", "r"),
- 1 => array("pipe", "w"),
-);
-$pipes = array();
-
-// Have we got SUCSsite cookies?
-// And no login attempt?
-// If so, fetch the user details and try to log in without a password.
-if (@$_REQUEST['sucssite_loggedin']=="true" && empty($username)) {
-
- // Do we appear to be in the SUCSsite environment?
- // There's only any point trying if we do.
- if (file_exists("../settings.php")) {
- // Do the bare minimum of SUCSsite init to retrieve the username for the session we've been passed
- include("../settings.php");
- // Initialise the database
- require("/usr/share/php/adodb/adodb.inc.php");
- $DB = NewADOConnection('postgres9');
- $DB->Connect('dbname='.$dbname.' user=apache');
- $DB->SetFetchMode(ADODB_FETCH_ASSOC);
-
- // Include the session library
- require($base."lib/session.php");
- $session = new Session;
- // $smarty->assign("session", $session); // This line might be useful?
- $realuser = $session->username;
-
- if ($action == "create") {
- $p = proc_open($mwpoll." -q -a -u ".$realuser." -s", $desc, $pipes);
- } else {
- $p = proc_open($mwpoll." -q -u ".$realuser." -s", $desc, $pipes);
- }
- $mode = "sucssite";
- }
-} else {
- // If not, try logging in with a password.
$p = proc_open($mwpoll." -q -u $username", $desc, $pipes);
- $mode = "password";
-}
-if (empty($p)) {
- echo "<h1>No</h1>";
- exit;
-}
-
-if ($p === FALSE) {
- echo json_encode((object) ['error' => 'failed to exec mwpoll']);
- exit;
-}
+ if (empty($p)) {
+ echo "<h1>No</h1>";
+ exit;
+ }
-if ($mode == "sucssite" && @$_REQUEST['sucssite_loggedin']=="true" && empty($username)) {
- // If we have a sucssite session cookie, use that
- fwrite($pipes[0], trim($_REQUEST['sucssite_session'])."\n");
- if ($action="create") {
- fwrite($pipes[0], $pass1."\n");
+ if ($p === FALSE) {
+ echo json_encode((object) ['error' => 'failed to exec mwpoll']);
+ exit;
}
-} else {
+
// Try logging on using username and password
if (fwrite($pipes[0], $password."\n") === FALSE) {
echo "Error writing to mwpoll\n";
}
-}
-$pid = fgets($pipes[1]);
-if ($pid === FALSE) {
- echo "error reading pid.\n";
-}
+ $pid = fgets($pipes[1]);
+ if ($pid === FALSE) {
+ echo "error reading pid.\n";
+ exit;
+ }
-$pid = trim($pid);
-if (!is_numeric($pid)) {
- if (substr($pid, -10) =="not found.") {
- // User doesn't exist - ask for a Milliways password so we can create them!
- echo json_encode((object) ['error' => $pid]);
- exit;
+ $pid = trim($pid);
+ if (!is_numeric($pid)) {
+ if (preg_match('/not found/', $pid)) {
+ if ($continue) {
+ createUser($mwpoll, $username, $password);
+ }
+ exit;
+ } else {
+ echo json_encode((object) ['error' => 'Bad response: pid=$pid']);
+ exit;
+ }
}
+
+ $auth = fgets($pipes[1]);
- echo json_encode((object) ['error' => 'Bad response: pid=$pid']);
- exit;
-}
+ if ($auth === FALSE) {
+ echo "Error reading auth string\n";
+ }
-$auth = fgets($pipes[1]);
+ $sess = array (
+ "pid" => $pid,
+ "auth" => $auth,
+ "username" => $username
+ );
-if ($auth === FALSE) {
- echo "Error reading auth string\n";
+ $mwsess = serialize($sess);
+ echo "success:" . $mwsess;
}
-$sess = array (
- "pid" => $pid,
- "auth" => $auth,
- "username" => $username
-);
-
-$mwsess = serialize($sess);
-echo "success:" . $mwsess;
+function createUser($mwpoll, $username, $password) {
+ // SUCS LDAP Server
+ $sucsLDAPServer = 'silver.sucs.swan.ac.uk';
+ // Bind String
+ $sucsBindDn = "uid=$username,ou=People,dc=sucs,dc=org";
+
+ // Try and connect to Silver
+ $ldapconnSUCS = ldap_connect($sucsLDAPServer) or die("Could not connect to SUCS LDAP server.");
+
+ if ($ldapconnSUCS) {
+ // Try and bind to SUCS LDAP. Using @ to suppress PHP warining on failure
+ $ldapbindSUCS = @ldap_bind($ldapconnSUCS, $sucsBindDn, $password);
+
+ if ($ldapbindSUCS) {
+ $desc = array(
+ 0 => array("pipe", "r"),
+ 1 => array("pipe", "w"),
+ );
+ $pipes = array();
+ // Authed to SUCS lets try and create the user
+ $p = proc_open($mwpoll." -q -a -u $username -s", $desc, $pipes);
+ fwrite($pipes[0], $password . "\n");
+ fwrite($pipes[0], $password . "\n");
+ fclose($pipes[0]);
+ $pid = fgets($pipes[1]);
+ if ($pid === FALSE) {
+ echo json_encode((object) ['error' => 'Error reading pid']);
+ }
+
+ $auth = fgets($pipes[1]);
+ fclose($pipes[1]);
+ proc_close($p);
+ if ($auth === FALSE) {
+ login($mwpoll, $username, $password, false);
+ }
+ exit;
+ } else {
+ echo json_encode((object) ['error' => 'Failed to auth to SUCS']);
+ exit;
+ }
+ } else {
+ echo json_encode((object) ['error' => 'Failed to connect to SUCS LDAP']);
+ exit;
+ }
+}
?>