8 public $salt_secretkey =
'';
9 public $username_sessionattr =
'';
10 public $cmsBackendUrl =
'';
11 public $crypt_secretkey =
'';
12 private $key =
"secretKey123#";
13 private $CMS_sid_object;
23 $user_id = Yii::app()->user->id;
29 if (isset($this->username_sessionattr) && ($this->username_sessionattr ==
'username')) {
30 $username = $user->username;
32 $username = $user->email;
41 $password = md5($this->salt_secretkey . $username);
42 $CMS_sid = $this->sendRequest($username, $password);
44 if (isset($CMS_sid) && isset($CMS_sid->{
'sid'})) {
45 YII::app()->session->add(
'feSid', $CMS_sid->{
'sid'});
46 $this->CMS_sid_object = $CMS_sid;
53 public function getProfileAttr($attributename =
"")
57 $attributevalue = Yii::app()->getModule(
'user')->user()->profile->getAttribute($attributename);
59 return $attributevalue;
62 public function printBackendPath()
64 $username = $password =
'';
66 include_once
'encryption_class.php';
67 $user_id = Yii::app()->user->id;
73 if (isset($this->username_sessionattr) && ($this->username_sessionattr ==
'username')) {
74 $username = $user->username;
76 $username = $user->email;
79 $profile_firstname = $this->getProfileAttr(
'firstname');
80 $profile_lastname = $this->getProfileAttr(
'lastname');
81 $profile_cmseditor = $this->getProfileAttr(
'cmseditor');
83 $password = md5($this->salt_secretkey . $username);
84 if (!isset($CMS_sid)) {
85 $CMS_sid = $this->sendRequest($username, $password);
87 $CMS_sid = $this->CMS_sid_object;
90 if (isset($CMS_sid->{
'sid'}))
91 YII::app()->session->add(
'feSid', $CMS_sid->{
'sid'});
93 if (isset($CMS_sid->{
'secret'}) && isset($CMS_sid->{
'sid'})) {
94 echo $this->cmsBackendUrl .
'?sid=' . $CMS_sid->{
'sid'} .
'&value=' . $this->encrypt($CMS_sid->{
'secret'});
96 } elseif (isset($profile_cmseditor) && $profile_cmseditor == 1) {
97 if (isset($this->crypt_secretkey) && $this->crypt_secretkey !=
'') {
99 $this->crypt_secretkey = $this->key;
101 echo $this->cmsBackendUrl .
'?u=' . $this->encrypt($user->username) .
'&f=' . $this->encrypt($profile_firstname) .
'&l=' . $this->encrypt($profile_lastname) .
'&e=' . $this->encrypt($user->email) .
'&p=' . $this->encrypt($password) .
'&c=' . $this->encrypt($this->crypt_secretkey) .
'&ch=' . $this->username_sessionattr;
113 private function sendRequest($username, $password)
115 $url = $this->authUrl;
116 $data = json_encode(array(
117 "login" => $username,
118 "password" => $password
121 if (!in_array(
'curl', get_loaded_extensions())) {
122 Yii::log(
'Error: curl not installed',
'trace',
'exception.CDbException');
123 echo
'<script language = "JavaScript" type = "text/JavaScript">alert("Error: curl not installed");</script>';
128 curl_setopt($curl, CURLOPT_URL, $url);
129 curl_setopt($curl, CURLOPT_POST, 1);
130 curl_setopt($curl, CURLOPT_HEADER, 1);
131 curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
132 curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
133 curl_setopt($curl, CURLOPT_HTTPHEADER, array(
134 "Content-Type: application/json; charset=utf-8"
136 curl_setopt($curl, CURLOPT_USERAGENT,
'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13');
138 $response = curl_exec($curl);
144 $info = curl_getinfo($curl);
145 $header = substr($response, 0, $info[
'header_size']);
146 $headers = ($this->http_parse_headers($header));
147 $body = substr($response, $info[
'header_size'], strlen($response) - 1);
148 $body = json_decode($body);
150 if (isset($headers[
"Set-Cookie"])) {
151 $cookie = $headers[
"Set-Cookie"];
152 $key = substr($cookie, 0, strpos($cookie,
'='));
153 $value = substr($cookie, strpos($cookie,
'=') + 1, strlen($cookie) - 1);
154 $value = str_replace(
"; Path=/",
"", $value);
156 $value = str_replace(
"; HttpOnly",
"", $value);
157 setcookie($key, $value, time() + 60 * 60 * 24,
'/');
160 $body->{
'secret'} = $value;
163 Yii::log(
'Error: Authentication on CMS failed',
'trace',
'exception.CDbException');
173 private function http_parse_headers($header)
176 $fields = explode(
"\r\n", preg_replace(
'/\x0D\x0A[\x09\x20]+/',
' ', $header));
177 foreach ($fields as $field) {
178 if (preg_match(
'/([^:]+): (.+)/m', $field, $match)) {
179 $match[1] = preg_replace(
'/(?<=^|[\x09\x20\x2D])./e',
'strtoupper("\0")', strtolower(trim($match[1])));
181 if (isset($retVal[$match[1]])) {
182 $retVal[$match[1]] = array(
187 $retVal[$match[1]] = trim($match[2]);
196 private function encrypt($val)
198 if (isset($this->crypt_secretkey) && $this->crypt_secretkey !=
"")
199 $this->key = $this->crypt_secretkey;
202 $encrypt_result = $crypt->encrypt($this->key, $val, $min_length);
203 return urlencode($encrypt_result);