summaryrefslogtreecommitdiffstats
path: root/inc/user.inc.php
diff options
context:
space:
mode:
Diffstat (limited to 'inc/user.inc.php')
-rw-r--r--inc/user.inc.php34
1 files changed, 19 insertions, 15 deletions
diff --git a/inc/user.inc.php b/inc/user.inc.php
index c09e936..28a1fd5 100644
--- a/inc/user.inc.php
+++ b/inc/user.inc.php
@@ -43,7 +43,7 @@ class User
{
if (!isset(self::$user['userid']))
return false;
- return (int) self::$user['userid'];
+ return self::$user['userid'];
}
public static function getMail()
@@ -152,10 +152,16 @@ class User
return true;
$hasSession = Session::load();
if (empty($_SERVER['persistent-id'])) {
- if (Session::getUid() === false)
+ if (Session::getUid() === false) {
+ if (!empty($_SERVER['Shib-Session-ID'])) {
+ Message::addError('Sie haben sich erfolgreich mittels bwIDM authentifiziert,'
+ . ' aber der IdP Ihrer Einrichtung scheint die benötigten Metadaten nicht'
+ . ' an den bwLehrpool-SP zu übermitteln. Bitte wenden Sie sich an den Support.');
+ }
return false;
+ }
// Try user from local DB
- self::$user = Database::queryFirst('SELECT userid, shibid, login, organizationid AS organization, firstname, lastname, email FROM user WHERE userid = :uid LIMIT 1', array('uid' => Session::getUid()));
+ self::$user = Database::queryFirst('SELECT userid, shibid, organizationid AS organization, firstname, lastname, email FROM user WHERE userid = :uid LIMIT 1', array('uid' => Session::getUid()));
self::$isInDb = self::$user !== false;
return self::$isInDb;
}
@@ -174,9 +180,8 @@ class User
$_SERVER['mail'] = '';
$shibId = md5($_SERVER['persistent-id']);
self::$user = array(
- 'userid' => 0,
+ 'userid' => NULL,
'shibid' => $shibId,
- 'login' => NULL,
'firstname' => $_SERVER['givenName'],
'lastname' => $_SERVER['sn'],
'email' => $_SERVER['mail'],
@@ -190,7 +195,7 @@ class User
if (isset($_SERVER['affiliation']) && preg_match('/@([a-zA-Z\-\._]+)(;|$)/', $_SERVER['affiliation'], $out))
self::$user['organization'] = $out[1];
// Get matching db entry if any
- $user = Database::queryFirst('SELECT userid, login, firstname, lastname, email, fixedname FROM user WHERE shibid = :shibid LIMIT 1', array('shibid' => $shibId));
+ $user = Database::queryFirst('SELECT userid, firstname, lastname, email, fixedname FROM user WHERE shibid = :shibid LIMIT 1', array('shibid' => $shibId));
if ($user === false) {
// No match in database, user is not signed up
return true;
@@ -201,7 +206,6 @@ class User
Session::save();
}
// Already signed up, see if we can fetch missing fields from DB
- self::$user['login'] = $user['login'];
self::$isInDb = true;
self::$isAnonymous = (empty($user['firstname']) && empty($user['lastname']));
foreach (array('firstname', 'lastname', 'email') as $key) {
@@ -220,15 +224,15 @@ class User
if (!empty($existingLogin)) {
if ($anonymous) {
$ret = Database::exec("UPDATE user SET shibid = :shibid, firstname = '', lastname = '', email = '', password = '' "
- . " WHERE login = :login LIMIT 1", array(
+ . " WHERE userid = :userid LIMIT 1", array(
'shibid' => self::$user['shibid'],
- 'login' => $existingLogin
+ 'userid' => $existingLogin
));
} else {
$ret = Database::exec("UPDATE user SET shibid = :shibid, password = '', firstname = :firstname, lastname = :lastname, email = :email "
- . " WHERE login = :login LIMIT 1", array(
+ . " WHERE userid = :userid LIMIT 1", array(
'shibid' => self::$user['shibid'],
- 'login' => $existingLogin,
+ 'userid' => $existingLogin,
'firstname' => self::$user['firstname'],
'lastname' => self::$user['lastname'],
'email' => self::$user['email']
@@ -239,14 +243,14 @@ class User
// New account
if ($anonymous) {
- Database::exec("INSERT INTO user (shibid, login, organizationid, firstname, lastname, email) "
+ Database::exec("INSERT INTO user (shibid, userid, organizationid, firstname, lastname, email) "
. " VALUES (:shibid, :shibid, :org, '', '', '') "
. " ON DUPLICATE KEY UPDATE firstname = '', lastname = '', email = '', password = ''", array(
'shibid' => self::$user['shibid'],
'org' => self::getOrganizationId()
));
} else {
- Database::exec("INSERT INTO user (shibid, login, organizationid, firstname, lastname, email) "
+ Database::exec("INSERT INTO user (shibid, userid, organizationid, firstname, lastname, email) "
. " VALUES (:shibid, :shibid, :org, :firstname, :lastname, :email) "
. " ON DUPLICATE KEY UPDATE firstname = VALUES(firstname), lastname = VALUES(lastname), email = VALUES(email), password = ''", array(
'shibid' => self::$user['shibid'],
@@ -284,7 +288,7 @@ class User
public static function login($user, $pass)
{
- $ret = Database::queryFirst('SELECT userid, password FROM user WHERE login = :user LIMIT 1', array(':user' => $user));
+ $ret = Database::queryFirst('SELECT userid, password FROM user WHERE userid = :user LIMIT 1', array(':user' => $user));
if ($ret === false)
return false;
if (!Crypto::verify($pass, $ret['password']))
@@ -305,7 +309,7 @@ class User
}
Session::delete();
if (self::$isShib) {
- Header('Location: ' . CONFIG_PREFIX . '?do=Logout&noredirect=yes');
+ Header('Location: /Shibboleth.sso/Logout');
} else {
Header('Location: ?do=Main');
}