Permalink
Browse files

Updated branch modules to include secure directory

  • Loading branch information...
1 parent b3c0533 commit eab044ef8ae8902356a93bf20259fa0d120e07df @eberhardtm eberhardtm committed Aug 20, 2014
Showing with 145 additions and 14 deletions.
  1. +37 −14 .scrutinizer.yml
  2. +3 −0 mod/branch/class/Branch.php
  3. +9 −0 mod/branch/class/Branch_Admin.php
  4. +11 −0 secure/debug.php
  5. +32 −0 secure/index.php
  6. +53 −0 secure/logout.php
View
@@ -1,32 +1,55 @@
# .scrutinizer.yml
+build:
+ environment:
+ php:
+ version: '5.4.28'
+
+filter:
+ excluded_paths:
+ - tests/*
+
+#this takes about 2min 30sec to run. Need a faster build
+tools:
+ php_mess_detector: false
+
+#take approximtely 2 min to run. Need a faster build
+tools:
+ php_analyzer:
+ config:
+ metrics_coupling:
+ enabled: false
+ stable_code:
+ namespace_prefixes: []
+ classes: []
+
checks:
php:
code_rating: true
- duplication: true
- variable_existence: true
+ duplication: false
+ variable_existence: false
useless_calls: true
use_statement_alias_conflict: true
- unused_variables: true
- unused_properties: true
- unused_parameters: true
- unused_methods: true
- unreachable_code: true
+ unused_variables: false
+ unused_properties: false
+ unused_parameters: false
+ unused_methods: false
+ unreachable_code: false
sql_injection_vulnerabilities: true
security_vulnerabilities: true
precedence_mistakes: true
precedence_in_conditions: true
parameter_non_unique: true
no_property_on_interface: true
- no_non_implemented_abstract_methods: true
+ no_non_implemented_abstract_methods: false
deprecated_code_usage: true
closure_use_not_conflicting: true
closure_use_modifiable: true
- avoid_useless_overridden_methods: true
+ avoid_useless_overridden_methods: false
avoid_conflicting_incrementers: true
- assignment_of_null_return: true
- argument_type_checks: true
- avoid_unnecessary_concatenation: true
+ assignment_of_null_return: false
+ argument_type_checks: false
+ avoid_unnecessary_concatenation: false
method_calls_on_non_object: true
no_duplicate_arguments: true
no_error_suppression: true
@@ -35,5 +58,5 @@ checks:
spacing_around_conditional_operators: true
filter:
- excluded_paths:
- - lib/pear/*
+ excluded_paths:
+ - lib/*
@@ -151,6 +151,9 @@ public function createDirectories()
if (!mkdir($this->directory . 'config/core/')) {
return FALSE;
}
+ if (!mkdir($this->directory . 'secure/')) {
+ return FALSE;
+ }
return TRUE;
}
@@ -234,6 +234,15 @@ public function install_branch_core()
}
}
+ if (!PHPWS_File::copy_directory(PHPWS_SOURCE_DIR . 'secure/',
+ $this->branch->directory . 'secure/')) {
+ $this->content[] = dgettext('branch',
+ 'Failed to copy secure directory to branch.');
+ return false;
+ } else {
+ $this->content[] = dgettext('branch', 'Copied secure directory to branch.');
+ }
+
$stats = sprintf('<?php include \'%sphpws_stats.php\' ?>',
PHPWS_SOURCE_DIR);
$index_file = sprintf('<?php include \'%sindex.php\'; ?>',
View
@@ -0,0 +1,11 @@
+<?php
+if($_SERVER['REMOTE_ADDR'] == '152.10.152.154') {
+ $parts = explode('/',dirname($_SERVER['SCRIPT_URI']));
+ array_pop($parts);
+ array_push($parts, '');
+ echo implode('/', $parts);
+ phpinfo();
+} else {
+ header('Location: index.php');
+}
+?>
View
@@ -0,0 +1,32 @@
+<?php
+
+// Detect phpWebSite
+if(file_exists('../config/core/config.php')) {
+ define('PHPWEBSITE', true);
+
+ require_once('../config/core/config.php');
+ require_once(PHPWS_SOURCE_DIR . 'inc/Bootstrap.php');
+
+ if(isset($_SERVER['PHP_AUTH_USER'])) {
+ require_once(PHPWS_SOURCE_DIR . 'mod/users/class/Current_User.php');
+ Current_User::loginUser(preg_replace('/@appstate.edu/', '', $_SERVER['PHP_AUTH_USER']));
+ }
+
+ PHPWS_unBootstrap();
+}
+
+// Build new URL
+$parts = explode('/',$_SERVER['SCRIPT_URL']);
+while(array_pop($parts) != 'secure');
+$redirect = 'https://' . $_SERVER['HTTP_HOST'] . implode('/', $parts) .
+ (defined('PHPWEBSITE') ? '/index.php?module=users&action=user&command=return_bookmark' : '');
+?>
+<html>
+ <head>
+ <!-- THIS FILE SHOULD NEVER EVER BE CACHED. MAKE SURE TO DISABLE CACHING AT THE APACHE LEVEL. -->
+ <meta http-equiv="refresh" content="0;url=<?php echo $redirect; ?>" />
+ </head>
+ <body>
+ <p><a href="<?php echo $redirect; ?>">If you are not redirected automatically, please click this link.</a></p>
+ </body>
+</html>
View
@@ -0,0 +1,53 @@
+<?php
+
+// Detect phpWebSite
+if(file_exists('../config/core/config.php')) {
+ define('PHPWEBSITE', true);
+
+ require_once('../config/core/config.php');
+ require_once(PHPWS_SOURCE_DIR . 'inc/Bootstrap.php');
+
+ session_name(md5(SITE_HASH . $_SERVER['REMOTE_ADDR']));
+}
+session_start();
+unset($_SESSION);
+session_destroy();
+
+
+// Shibboleth local logout is always relative to the root
+$shiblocallogout = 'https://' . $_SERVER['HTTP_HOST'] . '/Shibboleth.sso/Logout';
+
+// Our destination, however, not necessarily so figure it out
+$parts = explode('/', $_SERVER['SCRIPT_URL']);
+while(array_pop($parts) != 'secure');
+$destination = 'http://' . $_SERVER['HTTP_HOST'] . implode('/', $parts);
+
+if(isset($_SERVER['AUTH_TYPE'])) {
+ if(strtolower($_SERVER['AUTH_TYPE']) == 'shibboleth') {
+?>
+<html>
+ <head>
+ <meta http-equiv="refresh" content="2;url=<?php echo $destination; ?>" />
+ </head>
+ <body>
+ <p>Logging you out...</p>
+ <p><a href="<?php echo $destination; ?>">If you are not redirected automatically, please click this link.</a></p>
+ <iframe style="display: none" src="<?php echo $_SERVER['HTTP_SHIB_LOGOUTURL']; ?>?return_url=<?php echo $shiblocallogout?>"><p>Logging You Out...</p></iframe>
+ </body>
+</html>
+<?php
+ } else if(strtolower($_SERVER['AUTH_TYPE']) == 'cosign') {
+?>
+<html>
+ <head>
+ <meta http-equiv="refresh" content="2; url=<?php echo COSIGN_LOGOUT_URL; ?>" />
+ </head>
+ <body>
+ <p>Logging you out...</p>
+ <p><a href="<?php echo COSIGN_LOGOUT_URL; ?>">If you are not redirected automatically, please click this link.</a></p>
+ </body>
+</html>
+<?php
+ }
+}
+?>

0 comments on commit eab044e

Please sign in to comment.