Index: singlesignon.install =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/singlesignon/singlesignon.install,v retrieving revision 1.1.2.2 diff -u -p -r1.1.2.2 singlesignon.install --- singlesignon.install 25 Feb 2008 05:36:53 -0000 1.1.2.2 +++ singlesignon.install 9 Apr 2008 20:26:49 -0000 @@ -1,6 +1,7 @@ '/Google|Yahoo|BlogPulse|ia_archiver|Pingdom|Teoma|Netcraft|Mnogosearch|page.store|libwww.perl|libcurl|del.icio.us|wiji/', + 'useragents_case' => '/Google|Yahoo|BlogPulse|ia_archiver|Pingdom|Teoma|Netcraft|Mnogosearch|page.store|libwww.perl|libcurl|del.icio.us|wiji/', 'useragents_nocase' => '/bot|spider/i', - 'client_IP' => '/64.191.203.34/', // Digg - 'target_url' => '/\/cron.php$|\/feed$|\/rss.xml$/', // Allows remote cron, feed, and rss + // Digg + 'client_IP' => '/64.191.203.34/', + // Allows remote cron, feed, and rss + 'target_url' => '/\/cron.php$|\/feed$|\/rss.xml$/', ); if (variable_get('singlesignon_use_domain_module', 0) && function_exists('domain_default')) { @@ -78,8 +81,10 @@ function singlesignon_init() { $singlesignon_bot_matches = variable_get('singlesignon_bot_matches', $variable_defaults); if ( - (!$master_url) // If the Master URL isn't set, we can't know what to do, so do nothing - || _singlesignon_is_bot() // Likewise, bots don't sign on + // If the Master URL isn't set, we can't know what to do, so do nothing + (!$master_url) + // Likewise, bots don't sign on + || _singlesignon_is_bot() ) { return null; } @@ -87,10 +92,8 @@ function singlesignon_init() { if (empty($_SESSION['singlesignon_prior_sid']) || $_SESSION['singlesignon_prior_sid'] != session_id()) { if ($base_url != $master_url) { if (!empty($_GET['singlesignon_dest'])) { - /* - * User was sent back to a slave site by this module but doesn't have - * a session. They clearly don't have cookies enabled. - */ + // User was sent back to a slave site by this module but doesn't have + // a session. They clearly don't have cookies enabled. drupal_set_message(t('Cookies are required.'), 'error'); return; } @@ -98,14 +101,11 @@ function singlesignon_init() { // url() only available if bootstrap has reached FULL. drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL); - /* - * This is the user's first hit to a slave site. Take note of their - * session ID, since that's how we tell if they've been here or not. - * Then go to the master site to see if they are logged in over there. - */ + // This is the user's first hit to a slave site. Take note of their + // session ID, since that's how we tell if they've been here or not. + // Then go to the master site to see if they are logged in over there. $_SESSION['singlesignon_prior_sid'] = session_id(); - $query = 'slave_session=' . session_id() - . '&singlesignon_dest=' . _singlesignon_get_dest(); + $query = 'slave_session='. session_id() .'&singlesignon_dest='. _singlesignon_get_dest(); _singlesignon_goto($master_url . url('singlesignon/initial_check', $query)); } } @@ -117,14 +117,11 @@ function singlesignon_init() { switch ($arg0) { case 'logout': - /* - * User is in the middle of logging out. Delete all other session - * records belonging to the current user. - * - * Don't delete the user's session on the present website because this - * session is needed for Drupal's regular logout process which takes - * place after the singlesignon module is executed. - */ + // User is in the middle of logging out. Delete all other session + // records belonging to the current user. + // Don't delete the user's session on the present website because this + // session is needed for Drupal's regular logout process which takes + // place after the singlesignon module is executed. if ($user->uid) { db_query("DELETE FROM {sessions} WHERE uid = %d AND sid <> '%s'", $user->uid, session_id()); } @@ -139,12 +136,10 @@ function singlesignon_init() { default: $op = isset($_POST['op']) ? $_POST['op'] : ''; if (function_exists('t') ? $op == t('Log in') : $op == 'Log in') { - /* - * User is in the middle of logging in. Can't do the master/slave - * checking yet because the login process happens after this module - * called. Set a flag telling us to do the master/slave checking - * once the login process is done. - */ + // User is in the middle of logging in. Can't do the master/slave + // checking yet because the login process happens after this module + // called. Set a flag telling us to do the master/slave checking + // once the login process is done. $_SESSION['singlesignon_just_loggged_in'] = true; return; } @@ -154,30 +149,23 @@ function singlesignon_init() { unset($_SESSION['singlesignon_just_loggged_in']); if ($base_url == $master_url) { if (!$user->uid || empty($_SESSION['singlesignon_slave_sessions']) || !is_array($_SESSION['singlesignon_slave_sessions']) || !_singlesignon_validate_sid($_SESSION['singlesignon_slave_sessions'])) { - /* - * Login failed or the user has no sessions on any slaves. - */ + // Login failed or the user has no sessions on any slaves. return; } - /* - * User just logged into the master server. Update the slave sessions' - * user ID's to be the user ID they have on the master server. - */ + // User just logged into the master server. Update the slave sessions' + // user ID's to be the user ID they have on the master server. $in = substr(str_repeat("'%s',", count($_SESSION['singlesignon_slave_sessions'])), 0, -1); $sql = "UPDATE {sessions} SET uid = %d WHERE sid IN ($in)"; $args = array_merge(array($sql), array($user->uid), $_SESSION['singlesignon_slave_sessions']); call_user_func_array('db_query', $args); return; } - elseif ($user->uid) { + else if ($user->uid) { // url() only available if bootstrap has reached FULL. drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL); - /* - * Tell the master site the user just logged in. - */ - $query = 'slave_session=' . session_id() - . '&singlesignon_dest=' . _singlesignon_get_dest(); + // Tell the master site the user just logged in. + $query = 'slave_session='. session_id() .'&singlesignon_dest='. _singlesignon_get_dest(); _singlesignon_goto($master_url . url('singlesignon/login', $query)); } } @@ -203,31 +191,23 @@ function _singlesignon_master($master_ur switch ($arg1) { case 'initial_check': - /* - * User had first hit on given slave site so came here. - */ + // User had first hit on given slave site so came here. if ($user->uid) { - /* - * User is already logged into the master server. Update the slave - * session's user ID to be the user ID they have on the master server. - */ + // User is already logged into the master server. Update the slave + // session's user ID to be the user ID they have on the master server. db_query("UPDATE {sessions} AS sess_slave LEFT JOIN {sessions} AS sess_master ON (sess_master.sid = '%s' AND sess_slave.sid = '%s') SET sess_slave.uid = sess_master.uid WHERE sess_slave.sid = '%s'", session_id(), $_GET['slave_session'], $_GET['slave_session']); } _singlesignon_goto($_GET['singlesignon_dest']); break; case 'login': - /* - * User is coming to the master site to say they just logged on to a - * slave. Set master site's user ID to be their one from the slave. - */ - $result = db_query("SELECT uid FROM {sessions} WHERE sid = '%s'", $_GET['slave_session']); - $row = db_fetch_array($result); + // User is coming to the master site to say they just logged on to a + // slave. Set master site's user ID to be their one from the slave. + $result = db_query("SELECT uid FROM {sessions} WHERE sid = '%s'", $_GET['slave_session']); + $row = db_fetch_array($result); $user->uid = $row['uid']; - /* - * Update all sessions' user ID's to the current one. - */ + // Update all sessions' user ID's to the current one. $in = substr(str_repeat("'%s',", count($_SESSION['singlesignon_slave_sessions'])), 0, -1); $sql = "UPDATE {sessions} SET uid = %d WHERE sid IN ($in)"; $args = array_merge(array($sql), array($user->uid), $_SESSION['singlesignon_slave_sessions']); @@ -259,7 +239,7 @@ function _singlesignon_get_dest() { * other sites and uses $_REQUEST['destination'] at inappropriate times. */ function _singlesignon_goto($uri) { - header('Location: ' . str_replace(array("\r","\n"), '', $uri)); + header('Location: '. str_replace(array("\r", "\n"), '', $uri)); exit; } @@ -288,21 +268,21 @@ function _singlesignon_validate_sid($sid } /** - * Internal function: Tries to determine whether the client is a bot or not + * Internal function: Tries to determine whether the client is a bot or not. */ function _singlesignon_is_bot() { global $singlesignon_bot_matches; - return( + return ( preg_match($singlesignon_bot_matches['useragents_nocase'], $_SERVER['HTTP_USER_AGENT']) - || preg_match($singlesignon_bot_matches['useragents_case'], $_SERVER['HTTP_USER_AGENT']) - || preg_match($singlesignon_bot_matches['client_IP'], $_SERVER['REMOTE_ADDR']) - || preg_match($singlesignon_bot_matches['target_url'], $_SERVER['REQUEST_URI']) + || preg_match($singlesignon_bot_matches['useragents_case'], $_SERVER['HTTP_USER_AGENT']) + || preg_match($singlesignon_bot_matches['client_IP'], $_SERVER['REMOTE_ADDR']) + || preg_match($singlesignon_bot_matches['target_url'], $_SERVER['REQUEST_URI']) ); } /** - * 3rd party integration: get master url from Domain Access module + * 3rd party integration: get master url from Domain Access module. */ function _singlesignon_get_default_domain() { $domain = domain_default(); @@ -312,16 +292,6 @@ function _singlesignon_get_default_domai // }}} // {{{ other hook functions - -/** - * Implementation of hook_perm(). - * - * Defines permission names for this module. - */ -function singlesignon_perm() { - return array('access content', 'access administration pages'); -} - /** * Implementation of hook_menu(). */ @@ -380,7 +350,7 @@ function singlesignon_admin_settings() { Single sign-on does not play well with bots (ie. search engines). The data below will hopefully help the single sign-on module to recognise bots and let them through (ie. it plays nicely with the recognised bots). -EOT +EOT, ); $form['singlesignon_bot_matches']['useragents_case'] = array( '#type' => 'textarea', @@ -419,22 +389,23 @@ EOT } /** - * Internal function for use of singlesignon_admin_settings; turns | separated string into \n separated string + * Internal function for use of singlesignon_admin_settings; turns | separated string into \n separated string. + * * @param $variable: The short name of the singlesignon bot matching variable * @param $text: The default text for the variable */ function _singlesignon_get_bm_variable($variable) { global $singlesignon_bot_matches; - return(preg_replace( - array("/^\/(.*?)\/i?$/", "/\|/"), - array("$1", "\n"), - $singlesignon_bot_matches[$variable] - )); + return (preg_replace( + array("/^\/(.*?)\/i?$/", "/\|/"), + array("$1", "\n"), + $singlesignon_bot_matches[$variable] + )); } /** - * Hook for validating a form; verifies the values for singlesignon bot recognition + * Hook for validating a form; verifies the values for singlesignon bot recognition. */ function singlesignon_admin_settings_validate($form_id, $form_values, $form) { $s['useragents_case'] = _singlesignon_verify_value($form_values, 'useragents_case'); @@ -446,27 +417,32 @@ function singlesignon_admin_settings_val } /** - * Internal function: Verifies one singlesignon bot recognition value + * Internal function: Verifies one singlesignon bot recognition value. + * * @param $form_values: The values we're validating * @param $value: The name of the value we're validation * @param $allowed: A regex specifying what values are allowed * @param $extras: The regex parameters (ie. 'i' is case insensitive) */ function _singlesignon_verify_value($form_values, $value, $allowed = '', $extras = '') { - if($allowed == '') { $allowed = '[A-Za-z0-9_\.]*'; } + if ($allowed == '') { + $allowed = '[A-Za-z0-9_\.]*'; + } if ($form_values['singlesignon_bot_matches'][$value] != '') { $vals = explode("\n", $form_values['singlesignon_bot_matches'][$value]); - foreach($vals as $val) { + foreach ($vals as $val) { $val = preg_replace("/^\s*(.*?)\s*$/", "$1", $val); - if(preg_match("/^$allowed$/", $val)) { + if (preg_match("/^$allowed$/", $val)) { $rvals[] = $val; - } else { - form_set_error('', t("The strings in $value contain non-word characters (we allow $allowed at the moment, and '" . $val . "' is a problem)")); + } + else { + form_set_error('', t("The strings in $value contain non-word characters (we allow $allowed at the moment, and '". $val ."' is a problem)")); } } - return('/' . join('|', $rvals) . "/$extras"); + return ('/'. join('|', $rvals) ."/$extras"); } - return($form_values['singlesignon_bot_matches'][$value]); + return ($form_values['singlesignon_bot_matches'][$value]); } // }}} +