8 public $salt_secretkey =
'';
9 public $username_sessionattr =
'';
10 public $cmsBackendUrl =
'';
19 if(isset(Yii::app()->user->{$this->username_sessionattr})){
20 $username = Yii::app()->user->{$this->username_sessionattr};
22 $password = md5($this->salt_secretkey.$username);
23 YII::app()->session->add(
'feSid', $this->sendRequest($username, $password));
29 include_once
'encryption_class.php';
30 echo $this->cmsBackendUrl.
'?sid='.YII::app()->session->get(
'feSid').
'&value='.$this->encrypt($_COOKIE[
"GCN_SESSION_SECRET"]);
38 private function sendRequest($username, $password){
40 $data = json_encode(array(
"login"=>$username,
"password"=>$password));
42 if(!in_array (
'curl', get_loaded_extensions())){
43 Yii::log(
'Error: curl not installed',
'trace',
'exception.CDbException');
44 echo
'<script language = "JavaScript" type = "text/JavaScript">alert("Error: curl not installed");</script>';
48 curl_setopt($curl, CURLOPT_URL, $url);
49 curl_setopt($curl, CURLOPT_POST, 1);
50 curl_setopt($curl, CURLOPT_HEADER, 1);
51 curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
52 curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
53 curl_setopt($curl, CURLOPT_HTTPHEADER, array(
"Content-Type: application/json; charset=utf-8"));
54 curl_setopt($curl, CURLOPT_USERAGENT,
'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13');
56 $response = curl_exec($curl);
57 $info = curl_getinfo($curl);
58 $header = substr($response, 0, $info[
'header_size']);
59 $headers = ($this->http_parse_headers($header));
60 $body = substr($response, $info[
'header_size'], strlen($response)-1);
61 $body = json_decode($body);
63 if(isset($headers[
"Set-Cookie"])){
64 $cookie = $headers[
"Set-Cookie"];
65 $key = substr($cookie, 0 , strpos($cookie,
'='));
66 $value = substr($cookie, strpos($cookie,
'=')+1, strlen($cookie)-1);
67 $value = str_replace(
"; Path=/",
"", $value);
68 setcookie($key, $value,time()+60*60*24,
'/');
71 return $body->{
'sid'};
74 Yii::log(
'Error: Authentication on CMS failed',
'trace',
'exception.CDbException');
86 private function http_parse_headers( $header ){
88 $fields = explode(
"\r\n", preg_replace(
'/\x0D\x0A[\x09\x20]+/',
' ', $header));
89 foreach( $fields as $field ) {
90 if( preg_match(
'/([^:]+): (.+)/m', $field, $match) ) {
91 $match[1] = preg_replace(
'/(?<=^|[\x09\x20\x2D])./e',
'strtoupper("\0")', strtolower(trim($match[1])));
92 if( isset($retVal[$match[1]]) ) {
93 $retVal[$match[1]] = array($retVal[$match[1]], $match[2]);
95 $retVal[$match[1]] = trim($match[2]);
104 private function encrypt($val){
105 $key =
"secretKey123#";
108 $encrypt_result = $crypt->encrypt($key, $val, $min_length);
109 return urlencode($encrypt_result);