mirrored from git://git.moodle.org/moodle.git
-
Notifications
You must be signed in to change notification settings - Fork 6.6k
/
userinfo.php
40 lines (37 loc) · 1.6 KB
/
userinfo.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
<?PHP
/**
* This page return user info in CSV format to LAMS server.
* The pass-in parameters are un, ts and hs.
* un means username, ts means timestamp and hs means hash.
* The plain text of the hash should be lower case string of
* ts.trim()+un.trim()+serverId+serverKey. The hash algorithm
* is sha1.
* If the hash is not matched to the result calculated, then a
* http error code should be returned.
* Moodle's admin should be responsible for correctly setting
* serverId and serverKey
*/
include_once("../../config.php");
if (empty($CFG->lams_serverid) || !empty($CFG->lams_serverkey)) {
header("HTTP/1.1 401 Unauthenticated");
exit(1);
}
$plaintext = trim($_GET["ts"]).trim($_GET["un"]).trim($CFG->lams_serverid).trim($CFG->lams_serverkey);
$hash = sha1(strtolower($plaintext));
if($hash!=$_GET["hs"]){
header("HTTP/1.1 401 Unauthenticated");
exit(1);
}
//OK, the caller is authenticated. Now let's fulfill its request.
//What it needs is user info in CSV format. It should be like this:
//username,first name,last name,job title, department, organisation,
//address,phone,fax,mobile,email
$user = get_record('user', 'username', $_GET["un"]);//return false if none found
if(!$user){
header("HTTP/1.1 401 Unauthenticated");//which status code is appropriate?
exit(1);
}
$array = array($user->username,$user->firstname,$user->lastname,'','','','','','','',$user->email);
$comma_separated = implode(",", $array);//need more sophiscated algorithm to generate CSV formatted string
echo $comma_separated;
?>