/[drupal]/contributions/modules/singlesignon/singlesignon.module

Diff of /contributions/modules/singlesignon/singlesignon.module

Parent Directory | Revision Log | View Revision Graph Revision Graph | View Patch Patch

-revision 1.32,
Thu May  8 10:13:18 2008 UTC
+revision 1.33,
Mon May 19 03:08:12 2008 UTC
 Line 1
  <?php
- // $Id: singlesignon.module,v 1.31 2008/05/05 13:38:20 wayland76 Exp $
+ // $Id$
  /**
   * @file
   * Enables "Single Sign-Ons" between related Drupal sites on one server
   * with a shared database.
-  *
-  * Installation and activation are simple:
-  *   + Put this file in your modules directory.
-  *   + If you haven't done so already, create site sub-directories in the
-  *     "sites" directory for each of your domains.  Put "settings.php"
-  *     files in each of those directories.  Edit each of the settings.php
-  *     files to values appropriate for the given domain.
-  *   + Make sure the "$db_prefix" variable is set correctly in each
-  *     settings.php file (see details below).
-  *   + Create the site specific and shared database tables defined in the
-  *     "$db_prefix" variable (see details below).
-  *   + On each site, starting with the master site:
-  *      + Log in as administrator.
-  *      + Enable the "singlesignon" module
-  *         (via the checkbox in the administer | modules interface).
-  *      + Enter the URL of the master site
-  *         (via administer | settings | singlesignon).
-  *   + Delete cookies from all of your Drupal sites.
-  *
-  * This module relies on several tables being shared between the master and
-  * slave sites.  Here is an example of the "$db_prefix" variable you need to
-  * establish in all of your "settings.php" files in the "sites" directory.
-  * Each site should have a unique name in place of "somesitename_".  While
-  * you can rename "shared_" to something else, the prefixes must be the
-  * same for all sites.
-  *
-  * @verbatim
-  * $db_prefix = array(
-  *   'default'        => 'somesitename_',
-  *   'authmap'        => 'shared_',
-  *   'profile_fields' => 'shared_',
-  *   'profile_values' => 'shared_',
-  *   'role'           => 'shared_',
-  *   'sequences'      => 'shared_',
-  *   'sessions'       => 'shared_',
-  *   'users'          => 'shared_',
-  *   'users_roles'    => 'shared_',
-  *   'users_uid_seq'  => 'shared_',  // for pgsql
-  * );
-  * @endverbatim
-  *
-  * @link     http://drupal.org/project/singlesignon
-  * @author   Primary Author: Daniel Convissor <danielc@analysisandsolutions.com>
-  * @author   Maintainer: Tim Nelson <wayland@wayland.id.au>
-  * @version  $Revision: 1.31 $
   */
- // {{{ core functions
+ /**
+  * @defgroup singlesignon_core Core functions.
+  * @{
+  */
  include_once('sessions_extra.inc');
-Line 83 
 function singlesignon_boot() {
+Line 40 
 function singlesignon_boot() {
    }
    $_singlesignon_bot_matches = variable_get('singlesignon_bot_matches', $variable_defaults);
-   if (
+   // If no master URL is set or we are serving a bot, do nothing.
-     // If the Master URL isn't set, we can't know what to do, so do nothing
+   if (!$master_url || _singlesignon_is_bot()) {
-     (!$master_url)
+     return;
-     // Likewise, bots don't sign on
-     || _singlesignon_is_bot()
-   ) {
-     return null;
    }
    $extra_base_url = _singlesignon_base_url();
-Line 101 
 function singlesignon_boot() {
+Line 54 
 function singlesignon_boot() {
          drupal_set_message(t('Cookies are required.'), 'error');
          return;
        }
        // This is the user's first hit to a slave site.  Take note of their
        // session ID, since that's how we tell if they've been here or not.
        // Then go to the master site to see if they are logged in over there.
-Line 114 
 function singlesignon_boot() {
+Line 66 
 function singlesignon_boot() {
    // arg() only available if bootstrap has reached PATH.
    drupal_bootstrap(DRUPAL_BOOTSTRAP_PATH);
-   $arg0 = arg(0);
+   switch (arg(0)) {
-   switch ($arg0) {
      case 'logout':
        if ($user->uid) {
          _singlesignon_session_logout($user->uid);
-Line 125 
 function singlesignon_boot() {
+Line 75 
 function singlesignon_boot() {
      case 'singlesignon':
        if ($extra_base_url == $master_url) {
-         _singlesignon_master($master_url, $arg0, arg(1));
+         _singlesignon_master($master_url, arg(0), arg(1));
        }
        return;
-Line 136 
 function singlesignon_boot() {
+Line 86 
 function singlesignon_boot() {
          // checking yet because the login process happens after this module
          // called.  Set a flag telling us to do the master/slave checking
          // once the login process is done.
-         $_SESSION['singlesignon_just_loggged_in'] = true;
+         $_SESSION['singlesignon_just_loggged_in'] = TRUE;
          return;
        }
    }
-Line 167 
 function _singlesignon_master($master_ur
+Line 117 
 function _singlesignon_master($master_ur
    global $user;
    if (empty($_GET['singlesignon_dest']) || is_array($_GET['singlesignon_dest']) || empty($_GET['slave_session']) || is_array($_GET['slave_session']) || !_singlesignon_validate_sid($_GET['slave_session'])) {
-     echo t('Thank you for hacking.');
+     echo 'Invalid request.';
      exit;
    }
-Line 197 
 function _singlesignon_master($master_ur
+Line 147 
 function _singlesignon_master($master_ur
    }
  }
+ /**
+  * @} End of "defgroup singlesignon_core".
+  */
- // }}}
+ /**
- // {{{ helper functions
+  * @defgroup singlesignon_helpers Helper functions.
+  * @{
+  */
  /**
   * Sets up the URL and goes to it
   */
  function _singlesignon_goto_url($master_url, $url) {
-       // url() only available if bootstrap has reached FULL.
+   // url() only available if bootstrap has reached FULL.
-       drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
+   drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
-       $query = 'slave_session='. session_id() .'&singlesignon_dest='. _singlesignon_get_dest();
+   $query = 'slave_session='. session_id() .'&singlesignon_dest='. _singlesignon_get_dest();
-       _singlesignon_goto($master_url . url($url, array('query' => $query)));
+   _singlesignon_goto($master_url . url($url, $query));
  }
  /**
   * Gets the base url and fixess it up a bit
   */
  function _singlesignon_base_url() {
-   global $base_url;
+   return preg_replace('@^(https?://[^/]+).*@', '\\1', $GLOBALS['base_url']);
-   $scheme_authority = preg_replace('@^(https?://[^/]+).*@', '\\1', $base_url);
-   return ($scheme_authority);
  }
  /**
   * Combines $base_url and request_uri() in a safe, portable way.
   */
  function _singlesignon_get_dest() {
-   global $base_url;
+   $scheme_authority = preg_replace('@^(https?://[^/]+).*@', '\\1', $GLOBALS['base_url']);
-   $scheme_authority = preg_replace('@^(https?://[^/]+).*@', '\\1', $base_url);
    return rawurlencode($scheme_authority . request_uri());
  }
-Line 252 
 function _singlesignon_goto($uri) {
+Line 201 
 function _singlesignon_goto($uri) {
  function _singlesignon_validate_sid($sid) {
    if (is_array($sid)) {
      if (count($sid) > 100) {
-       return false;
+       return FALSE;
      }
      foreach ($sid as $value) {
        if (!ereg('^[A-Za-z0-9]{1,100}$', $value)) {
-         return false;
+         return FALSE;
        }
      }
    }
    else {
      if (!ereg('^[A-Za-z0-9]{1,100}$', $sid)) {
-       return false;
+       return FALSE;
      }
    }
-   return true;
+   return TRUE;
  }
  /**
-Line 290 
 function _singlesignon_get_default_domai
+Line 239 
 function _singlesignon_get_default_domai
    return $domain['scheme'] .'://'. $domain['subdomain'];
  }
- // }}}
+ + /**
- // {{{ other hook functions
+ +  * @} End of "defgroup singlesignon_helpers".
+ +  */
  /**
   * Implementation of hook_menu().
-Line 313 
 function singlesignon_menu() {
+Line 263 
 function singlesignon_menu() {
   * Provides user interface necessary to administer this module's settings.
   */
  function singlesignon_admin_settings() {
-   if (!user_access('access administration pages')) {
-     return drupal_access_denied();
-   }
    $form = array();
    $use_domain = variable_get('singlesignon_use_domain_module', 0);
    if (module_exists('domain')) {
-Line 344 
 function singlesignon_admin_settings() {
+Line 290 
 function singlesignon_admin_settings() {
      '#collapsible' => TRUE,
      '#collapsed' => TRUE,
      '#tree' => TRUE,
-     '#description' => <<<EOT
+     '#description' => t('Single sign-on does not play well with bots (ie. search engines).
- Single sign-on does not play well with bots (ie. search engines).
  The data below will hopefully help the single sign-on module to
- recognise bots and let them through (ie. it plays nicely with the recognised bots).
+ recognise bots and let them through (ie. it plays nicely with the recognised bots).'),
- EOT
    );
    $form['singlesignon_bot_matches']['useragents_case'] = array(
      '#type' => 'textarea',
-     '#title' => 'Case-sensitive User Agents',
+     '#title' => t('Case-sensitive User Agents'),
      '#rows' => 5,
      '#cols' => 40,
      '#default_value' => _singlesignon_get_bm_variable('useragents_case'),
-Line 360 
 EOT
+Line 304 
 EOT
    );
    $form['singlesignon_bot_matches']['useragents_nocase'] = array(
      '#type' => 'textarea',
-     '#title' => 'Case-insensitive User Agents',
+     '#title' => t('Case-insensitive User Agents'),
      '#rows' => 5,
      '#cols' => 40,
      '#default_value' => _singlesignon_get_bm_variable('useragents_nocase'),
-Line 368 
 EOT
+Line 312 
 EOT
    );
    $form['singlesignon_bot_matches']['client_IP'] = array(
      '#type' => 'textarea',
-     '#title' => 'Client IP',
+     '#title' => t('Client IP'),
      '#rows' => 5,
      '#cols' => 40,
      '#default_value' => _singlesignon_get_bm_variable('client_IP'),
-Line 376 
 EOT
+Line 320 
 EOT
    );
    $form['singlesignon_bot_matches']['target_url'] = array(
      '#type' => 'textarea',
-     '#title' => 'Target URL',
+     '#title' => t('Target URL'),
      '#rows' => 5,
      '#cols' => 40,
      '#default_value' => _singlesignon_get_bm_variable('target_url'),
      '#description' => t('A list of case-sensitive strings that might match a referrer.  <b>Not recommended</b> (in general; we have a few specific cases here)'),
    );
    return system_settings_form($form);
  }
  /**
   * Internal function for use of singlesignon_admin_settings; turns | separated string into \n separated string.
   *
-  * @param $variable: The short name of the singlesignon bot matching variable
+  * @param $variable
-  * @param $text: The default text for the variable
+  *   The short name of the singlesignon bot matching variable
+  * @param $text
+  *   The default text for the variable
   */
  function _singlesignon_get_bm_variable($variable) {
-   global $_singlesignon_bot_matches;
    return (preg_replace(
        array("/^\/(.*?)\/i?$/", "/\|/"),
        array("$1", "\n"),
-       $_singlesignon_bot_matches[$variable]
+       $GLOBALS['_singlesignon_bot_matches'][$variable]
      ));
  }
-Line 406 
 function _singlesignon_get_bm_variable($
+Line 349 
 function _singlesignon_get_bm_variable($
   * Hook for validating a form; verifies the values for singlesignon bot recognition.
   */
  function singlesignon_admin_settings_validate($form, &$form_state) {
+   $s = array();
    $s['useragents_case']   = _singlesignon_verify_value($form_state['values'], 'useragents_case');
    $s['useragents_nocase'] = _singlesignon_verify_value($form_state['values'], 'useragents_nocase', '', 'i');
-   $s['client_IP']        = _singlesignon_verify_value($form_state['values'], 'client_IP', '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}');
+   $s['client_IP']         = _singlesignon_verify_value($form_state['values'], 'client_IP', '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}');
-   $s['target_url']       = _singlesignon_verify_value($form_state['values'], 'target_url', '\\\\\/[A-Za-z0-9_\.\*\/\\\\-]*\$$');
+   $s['target_url']        = _singlesignon_verify_value($form_state['values'], 'target_url', '\\\\\/[A-Za-z0-9_\.\*\/\\\\-]*\$$');
    $form_state['values']['singlesignon_bot_matches'] = $s;
  }
-Line 417 
 function singlesignon_admin_settings_val
+Line 361 
 function singlesignon_admin_settings_val
  /**
   * Internal function: Verifies one singlesignon bot recognition value.
   *
-  * @param $form_values: The values we're validating
+  * @param $form_values:
-  * @param $value: The name of the value we're validation
+  *   The values we're validating
-  * @param $allowed: A regex specifying what values are allowed
+  * @param $value:
-  * @param $extras: The regex parameters (ie. 'i' is case insensitive)
+  *   The name of the value we're validation
+  * @param $allowed:
+  *   A regex specifying what values are allowed
+  * @param $extras:
+  *   The regex parameters (ie. 'i' is case insensitive)
   */
  function _singlesignon_verify_value($form_values, $value, $allowed = '', $extras = '') {
    if ($allowed == '') {
-Line 434 
 function _singlesignon_verify_value($for
+Line 382 
 function _singlesignon_verify_value($for
          $rvals[] = $val;
        }
        else {
-         form_set_error('', t("The strings in $value contain non-word characters (we allow $allowed at the moment, and '". $val ."' is a problem)"));
+         form_set_error('', t("The strings in @value contain non-word characters (we allow @allowed at the moment, and '@wrong-value' is a problem)", array('@value' => $value, '@allowed' => $allowed, '@wrong-value' => $val)));
        }
      }
      return ('/'. join('|', $rvals) ."/$extras");
-Line 442 
 function _singlesignon_verify_value($for
+Line 390 
 function _singlesignon_verify_value($for
    return ($form_values['singlesignon_bot_matches'][$value]);
  }
- // }}}

 Legend:



Removed from v.1.32
 


changed lines


 
Added in v.1.33
 Legend:



Removed from v.1.32
 


changed lines


 
Added in v.1.33
-Removed from v.1.32
+Added in v.1.33

	ViewVC Help
Powered by ViewVC 1.1.2