Permalink
Browse files

Updated branch modules to include secure directory

  • Loading branch information...
eberhardtm committed Aug 20, 2014
1 parent b3c0533 commit eab044ef8ae8902356a93bf20259fa0d120e07df
Showing with 145 additions and 14 deletions.
  1. +37 −14 .scrutinizer.yml
  2. +3 −0 mod/branch/class/Branch.php
  3. +9 −0 mod/branch/class/Branch_Admin.php
  4. +11 −0 secure/debug.php
  5. +32 −0 secure/index.php
  6. +53 −0 secure/logout.php
View
@@ -1,32 +1,55 @@
# .scrutinizer.yml
build:
environment:
php:
version: '5.4.28'
filter:
excluded_paths:
- tests/*
#this takes about 2min 30sec to run. Need a faster build
tools:
php_mess_detector: false
#take approximtely 2 min to run. Need a faster build
tools:
php_analyzer:
config:
metrics_coupling:
enabled: false
stable_code:
namespace_prefixes: []
classes: []
checks:
php:
code_rating: true
duplication: true
variable_existence: true
duplication: false
variable_existence: false
useless_calls: true
use_statement_alias_conflict: true
unused_variables: true
unused_properties: true
unused_parameters: true
unused_methods: true
unreachable_code: true
unused_variables: false
unused_properties: false
unused_parameters: false
unused_methods: false
unreachable_code: false
sql_injection_vulnerabilities: true
security_vulnerabilities: true
precedence_mistakes: true
precedence_in_conditions: true
parameter_non_unique: true
no_property_on_interface: true
no_non_implemented_abstract_methods: true
no_non_implemented_abstract_methods: false
deprecated_code_usage: true
closure_use_not_conflicting: true
closure_use_modifiable: true
avoid_useless_overridden_methods: true
avoid_useless_overridden_methods: false
avoid_conflicting_incrementers: true
assignment_of_null_return: true
argument_type_checks: true
avoid_unnecessary_concatenation: true
assignment_of_null_return: false
argument_type_checks: false
avoid_unnecessary_concatenation: false
method_calls_on_non_object: true
no_duplicate_arguments: true
no_error_suppression: true
@@ -35,5 +58,5 @@ checks:
spacing_around_conditional_operators: true
filter:
excluded_paths:
- lib/pear/*
excluded_paths:
- lib/*
@@ -151,6 +151,9 @@ public function createDirectories()
if (!mkdir($this->directory . 'config/core/')) {
return FALSE;
}
if (!mkdir($this->directory . 'secure/')) {
return FALSE;
}
return TRUE;
}
@@ -234,6 +234,15 @@ public function install_branch_core()
}
}
if (!PHPWS_File::copy_directory(PHPWS_SOURCE_DIR . 'secure/',
$this->branch->directory . 'secure/')) {
$this->content[] = dgettext('branch',
'Failed to copy secure directory to branch.');
return false;
} else {
$this->content[] = dgettext('branch', 'Copied secure directory to branch.');
}
$stats = sprintf('<?php include \'%sphpws_stats.php\' ?>',
PHPWS_SOURCE_DIR);
$index_file = sprintf('<?php include \'%sindex.php\'; ?>',
View
@@ -0,0 +1,11 @@
<?php
if($_SERVER['REMOTE_ADDR'] == '152.10.152.154') {
$parts = explode('/',dirname($_SERVER['SCRIPT_URI']));
array_pop($parts);
array_push($parts, '');
echo implode('/', $parts);
phpinfo();
} else {
header('Location: index.php');
}
?>
View
@@ -0,0 +1,32 @@
<?php
// Detect phpWebSite
if(file_exists('../config/core/config.php')) {
define('PHPWEBSITE', true);
require_once('../config/core/config.php');
require_once(PHPWS_SOURCE_DIR . 'inc/Bootstrap.php');
if(isset($_SERVER['PHP_AUTH_USER'])) {
require_once(PHPWS_SOURCE_DIR . 'mod/users/class/Current_User.php');
Current_User::loginUser(preg_replace('/@appstate.edu/', '', $_SERVER['PHP_AUTH_USER']));
}
PHPWS_unBootstrap();
}
// Build new URL
$parts = explode('/',$_SERVER['SCRIPT_URL']);
while(array_pop($parts) != 'secure');
$redirect = 'https://' . $_SERVER['HTTP_HOST'] . implode('/', $parts) .
(defined('PHPWEBSITE') ? '/index.php?module=users&action=user&command=return_bookmark' : '');
?>
<html>
<head>
<!-- THIS FILE SHOULD NEVER EVER BE CACHED. MAKE SURE TO DISABLE CACHING AT THE APACHE LEVEL. -->
<meta http-equiv="refresh" content="0;url=<?php echo $redirect; ?>" />
</head>
<body>
<p><a href="<?php echo $redirect; ?>">If you are not redirected automatically, please click this link.</a></p>
</body>
</html>
View
@@ -0,0 +1,53 @@
<?php
// Detect phpWebSite
if(file_exists('../config/core/config.php')) {
define('PHPWEBSITE', true);
require_once('../config/core/config.php');
require_once(PHPWS_SOURCE_DIR . 'inc/Bootstrap.php');
session_name(md5(SITE_HASH . $_SERVER['REMOTE_ADDR']));
}
session_start();
unset($_SESSION);
session_destroy();
// Shibboleth local logout is always relative to the root
$shiblocallogout = 'https://' . $_SERVER['HTTP_HOST'] . '/Shibboleth.sso/Logout';
// Our destination, however, not necessarily so figure it out
$parts = explode('/', $_SERVER['SCRIPT_URL']);
while(array_pop($parts) != 'secure');
$destination = 'http://' . $_SERVER['HTTP_HOST'] . implode('/', $parts);
if(isset($_SERVER['AUTH_TYPE'])) {
if(strtolower($_SERVER['AUTH_TYPE']) == 'shibboleth') {
?>
<html>
<head>
<meta http-equiv="refresh" content="2;url=<?php echo $destination; ?>" />
</head>
<body>
<p>Logging you out...</p>
<p><a href="<?php echo $destination; ?>">If you are not redirected automatically, please click this link.</a></p>
<iframe style="display: none" src="<?php echo $_SERVER['HTTP_SHIB_LOGOUTURL']; ?>?return_url=<?php echo $shiblocallogout?>"><p>Logging You Out...</p></iframe>
</body>
</html>
<?php
} else if(strtolower($_SERVER['AUTH_TYPE']) == 'cosign') {
?>
<html>
<head>
<meta http-equiv="refresh" content="2; url=<?php echo COSIGN_LOGOUT_URL; ?>" />
</head>
<body>
<p>Logging you out...</p>
<p><a href="<?php echo COSIGN_LOGOUT_URL; ?>">If you are not redirected automatically, please click this link.</a></p>
</body>
</html>
<?php
}
}
?>

0 comments on commit eab044e

Please sign in to comment.