V2_Rewrite
Skylar Ittner 7 jaren geleden
commit b16da81513

4
.gitignore vendored

@ -0,0 +1,4 @@
/settings.php
/vendor
/database.mwb.bak
/nbproject/private

@ -0,0 +1,3 @@
<?php
require __DIR__ . "/required.php";

@ -0,0 +1,16 @@
{
"name": "netsyms/business-sso",
"description": "Single-sign-on system and accounts database for Netsyms small business apps",
"type": "project",
"require": {
"catfan/medoo": "^1.2",
"spomky-labs/otphp": "^8.3",
"endroid/qrcode": "^1.9"
},
"authors": [
{
"name": "Skylar Ittner",
"email": "admin@netsyms.com"
}
]
}

575
composer.lock gegenereerd

@ -0,0 +1,575 @@
{
"_readme": [
"This file locks the dependencies of your project to a known state",
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
"content-hash": "3d5a548f8a7cbbd0c911987b1fab33a5",
"packages": [
{
"name": "beberlei/assert",
"version": "v2.7.4",
"source": {
"type": "git",
"url": "https://github.com/beberlei/assert.git",
"reference": "3ee3bc468a3ce4bbfc3d74f53c6cdb5242d39d1a"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/beberlei/assert/zipball/3ee3bc468a3ce4bbfc3d74f53c6cdb5242d39d1a",
"reference": "3ee3bc468a3ce4bbfc3d74f53c6cdb5242d39d1a",
"shasum": ""
},
"require": {
"ext-mbstring": "*",
"php": ">=5.3"
},
"require-dev": {
"friendsofphp/php-cs-fixer": "^2.1.1",
"phpunit/phpunit": "^4|^5"
},
"type": "library",
"autoload": {
"psr-4": {
"Assert\\": "lib/Assert"
},
"files": [
"lib/Assert/functions.php"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-2-Clause"
],
"authors": [
{
"name": "Benjamin Eberlei",
"email": "kontakt@beberlei.de",
"role": "Lead Developer"
},
{
"name": "Richard Quadling",
"email": "rquadling@gmail.com",
"role": "Collaborator"
}
],
"description": "Thin assertion library for input validation in business models.",
"keywords": [
"assert",
"assertion",
"validation"
],
"time": "2017-03-14T18:06:52+00:00"
},
{
"name": "catfan/medoo",
"version": "v1.2.1",
"source": {
"type": "git",
"url": "https://github.com/catfan/Medoo.git",
"reference": "b5a788c90c44db0f978512c890cb6962af4685e8"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/catfan/Medoo/zipball/b5a788c90c44db0f978512c890cb6962af4685e8",
"reference": "b5a788c90c44db0f978512c890cb6962af4685e8",
"shasum": ""
},
"require": {
"ext-pdo": "*",
"php": ">=5.4"
},
"suggest": {
"ext-pdo_dblib": "For MSSQL or Sybase databases on Linux/UNIX platform",
"ext-pdo_mysql": "For MySQL or MariaDB databases",
"ext-pdo_oci": "For Oracle databases",
"ext-pdo_pqsql": "For PostgreSQL databases",
"ext-pdo_sqlite": "For SQLite databases",
"ext-pdo_sqlsrv": "For MSSQL databases on Windows platform"
},
"type": "framework",
"autoload": {
"psr-4": {
"Medoo\\": "/src"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Angel Lai",
"email": "angel@catfan.me"
}
],
"description": "The Lightest PHP database framework to accelerate development",
"homepage": "http://medoo.in",
"keywords": [
"database",
"lightweight",
"mssql",
"mysql",
"php framework",
"sql",
"sqlite"
],
"time": "2017-02-17T16:05:35+00:00"
},
{
"name": "christian-riesen/base32",
"version": "1.3.1",
"source": {
"type": "git",
"url": "https://github.com/ChristianRiesen/base32.git",
"reference": "0a31e50c0fa9b1692d077c86ac188eecdcbaf7fa"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/ChristianRiesen/base32/zipball/0a31e50c0fa9b1692d077c86ac188eecdcbaf7fa",
"reference": "0a31e50c0fa9b1692d077c86ac188eecdcbaf7fa",
"shasum": ""
},
"require": {
"php": ">=5.3.0"
},
"require-dev": {
"phpunit/phpunit": "4.*",
"satooshi/php-coveralls": "0.*"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.1.x-dev"
}
},
"autoload": {
"psr-4": {
"Base32\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Christian Riesen",
"email": "chris.riesen@gmail.com",
"homepage": "http://christianriesen.com",
"role": "Developer"
}
],
"description": "Base32 encoder/decoder according to RFC 4648",
"homepage": "https://github.com/ChristianRiesen/base32",
"keywords": [
"base32",
"decode",
"encode",
"rfc4648"
],
"time": "2016-05-05T11:49:03+00:00"
},
{
"name": "endroid/qrcode",
"version": "1.9.3",
"source": {
"type": "git",
"url": "https://github.com/endroid/QrCode.git",
"reference": "c9644bec2a9cc9318e98d1437de3c628dcd1ef93"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/endroid/QrCode/zipball/c9644bec2a9cc9318e98d1437de3c628dcd1ef93",
"reference": "c9644bec2a9cc9318e98d1437de3c628dcd1ef93",
"shasum": ""
},
"require": {
"ext-gd": "*",
"php": ">=5.4",
"symfony/options-resolver": "^2.3|^3.0"
},
"require-dev": {
"phpunit/phpunit": "^4.0|^5.0",
"sensio/framework-extra-bundle": "^3.0",
"symfony/browser-kit": "^2.3|^3.0",
"symfony/framework-bundle": "^2.3|^3.0",
"symfony/http-kernel": "^2.3|^3.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.x-dev"
}
},
"autoload": {
"psr-4": {
"Endroid\\QrCode\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Jeroen van den Enden",
"email": "info@endroid.nl",
"homepage": "http://endroid.nl/"
}
],
"description": "Endroid QR Code",
"homepage": "https://github.com/endroid/QrCode",
"keywords": [
"bundle",
"code",
"endroid",
"qr",
"qrcode",
"symfony"
],
"time": "2017-04-08T09:13:59+00:00"
},
{
"name": "paragonie/random_compat",
"version": "v2.0.10",
"source": {
"type": "git",
"url": "https://github.com/paragonie/random_compat.git",
"reference": "634bae8e911eefa89c1abfbf1b66da679ac8f54d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/paragonie/random_compat/zipball/634bae8e911eefa89c1abfbf1b66da679ac8f54d",
"reference": "634bae8e911eefa89c1abfbf1b66da679ac8f54d",
"shasum": ""
},
"require": {
"php": ">=5.2.0"
},
"require-dev": {
"phpunit/phpunit": "4.*|5.*"
},
"suggest": {
"ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes."
},
"type": "library",
"autoload": {
"files": [
"lib/random.php"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Paragon Initiative Enterprises",
"email": "security@paragonie.com",
"homepage": "https://paragonie.com"
}
],
"description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7",
"keywords": [
"csprng",
"pseudorandom",
"random"
],
"time": "2017-03-13T16:27:32+00:00"
},
{
"name": "spomky-labs/otphp",
"version": "v8.3.0",
"source": {
"type": "git",
"url": "https://github.com/Spomky-Labs/otphp.git",
"reference": "8c90e16ba48fe7c306832611e22c5bad2d663a98"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/Spomky-Labs/otphp/zipball/8c90e16ba48fe7c306832611e22c5bad2d663a98",
"reference": "8c90e16ba48fe7c306832611e22c5bad2d663a98",
"shasum": ""
},
"require": {
"beberlei/assert": "^2.4",
"christian-riesen/base32": "^1.1",
"paragonie/random_compat": "^2.0",
"php": "^5.5|^7.0",
"symfony/polyfill-mbstring": "^1.1",
"symfony/polyfill-php56": "^1.1"
},
"require-dev": {
"phpunit/phpunit": "~4.0|^5.0",
"satooshi/php-coveralls": "^1.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "8.2.x-dev"
}
},
"autoload": {
"psr-4": {
"OTPHP\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Florent Morselli",
"homepage": "https://github.com/Spomky"
},
{
"name": "All contributors",
"homepage": "https://github.com/Spomky-Labs/otphp/contributors"
}
],
"description": "A PHP library for generating one time passwords according to RFC 4226 (HOTP Algorithm) and the RFC 6238 (TOTP Algorithm) and compatible with Google Authenticator",
"homepage": "https://github.com/Spomky-Labs/otphp",
"keywords": [
"FreeOTP",
"RFC 4226",
"RFC 6238",
"google authenticator",
"hotp",
"otp",
"totp"
],
"time": "2016-12-08T10:46:02+00:00"
},
{
"name": "symfony/options-resolver",
"version": "v3.2.7",
"source": {
"type": "git",
"url": "https://github.com/symfony/options-resolver.git",
"reference": "6a19be85237fe8bbd4975f86942b4763bb0da6ca"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/options-resolver/zipball/6a19be85237fe8bbd4975f86942b4763bb0da6ca",
"reference": "6a19be85237fe8bbd4975f86942b4763bb0da6ca",
"shasum": ""
},
"require": {
"php": ">=5.5.9"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "3.2-dev"
}
},
"autoload": {
"psr-4": {
"Symfony\\Component\\OptionsResolver\\": ""
},
"exclude-from-classmap": [
"/Tests/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Fabien Potencier",
"email": "fabien@symfony.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Symfony OptionsResolver Component",
"homepage": "https://symfony.com",
"keywords": [
"config",
"configuration",
"options"
],
"time": "2017-03-21T21:44:32+00:00"
},
{
"name": "symfony/polyfill-mbstring",
"version": "v1.3.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-mbstring.git",
"reference": "e79d363049d1c2128f133a2667e4f4190904f7f4"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/e79d363049d1c2128f133a2667e4f4190904f7f4",
"reference": "e79d363049d1c2128f133a2667e4f4190904f7f4",
"shasum": ""
},
"require": {
"php": ">=5.3.3"
},
"suggest": {
"ext-mbstring": "For best performance"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.3-dev"
}
},
"autoload": {
"psr-4": {
"Symfony\\Polyfill\\Mbstring\\": ""
},
"files": [
"bootstrap.php"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Nicolas Grekas",
"email": "p@tchwork.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Symfony polyfill for the Mbstring extension",
"homepage": "https://symfony.com",
"keywords": [
"compatibility",
"mbstring",
"polyfill",
"portable",
"shim"
],
"time": "2016-11-14T01:06:16+00:00"
},
{
"name": "symfony/polyfill-php56",
"version": "v1.3.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-php56.git",
"reference": "1dd42b9b89556f18092f3d1ada22cb05ac85383c"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/polyfill-php56/zipball/1dd42b9b89556f18092f3d1ada22cb05ac85383c",
"reference": "1dd42b9b89556f18092f3d1ada22cb05ac85383c",
"shasum": ""
},
"require": {
"php": ">=5.3.3",
"symfony/polyfill-util": "~1.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.3-dev"
}
},
"autoload": {
"psr-4": {
"Symfony\\Polyfill\\Php56\\": ""
},
"files": [
"bootstrap.php"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Nicolas Grekas",
"email": "p@tchwork.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Symfony polyfill backporting some PHP 5.6+ features to lower PHP versions",
"homepage": "https://symfony.com",
"keywords": [
"compatibility",
"polyfill",
"portable",
"shim"
],
"time": "2016-11-14T01:06:16+00:00"
},
{
"name": "symfony/polyfill-util",
"version": "v1.3.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-util.git",
"reference": "746bce0fca664ac0a575e465f65c6643faddf7fb"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/polyfill-util/zipball/746bce0fca664ac0a575e465f65c6643faddf7fb",
"reference": "746bce0fca664ac0a575e465f65c6643faddf7fb",
"shasum": ""
},
"require": {
"php": ">=5.3.3"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.3-dev"
}
},
"autoload": {
"psr-4": {
"Symfony\\Polyfill\\Util\\": ""
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Nicolas Grekas",
"email": "p@tchwork.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Symfony utilities for portability of PHP codes",
"homepage": "https://symfony.com",
"keywords": [
"compat",
"compatibility",
"polyfill",
"shim"
],
"time": "2016-11-14T01:06:16+00:00"
}
],
"packages-dev": [],
"aliases": [],
"minimum-stability": "stable",
"stability-flags": [],
"prefer-stable": false,
"prefer-lowest": false,
"platform": [],
"platform-dev": []
}

Binair bestand niet weergegeven.

@ -0,0 +1,17 @@
<!DOCTYPE html>
<!--
To change this license header, choose License Headers in Project Properties.
To change this template file, choose Tools | Templates
and open the template in the editor.
-->
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<?php
// put your code here
?>
</body>
</html>

@ -0,0 +1,7 @@
include.path=${php.global.include.path}
php.version=PHP_70
source.encoding=UTF-8
src.dir=.
tags.asp=false
tags.short=false
web.root=.

@ -0,0 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://www.netbeans.org/ns/project/1">
<type>org.netbeans.modules.php.project</type>
<configuration>
<data xmlns="http://www.netbeans.org/ns/php-project/1">
<name>NetsymsBusinessSSO</name>
</data>
</configuration>
</project>

@ -0,0 +1,231 @@
<?php
/**
* This file contains global settings and utility functions.
*/
ob_start();
session_start();
header('Content-Type: text/html; charset=utf-8');
// Composer
require __DIR__ . '/vendor/autoload.php';
// Settings file
require __DIR__ . '/settings.php';
function sendError($error) {
die("<!DOCTYPE html><html><head><title>Error</title></head><body><h1 style='color: red; font-family: sans-serif; font-size:100%;'>" . htmlspecialchars($error) . "</h1></body></html>");
}
date_default_timezone_set(TIMEZONE);
// Database settings
// Also inits database and stuff
use Medoo\Medoo;
$database;
try {
$database = new Medoo([
'database_type' => DB_TYPE,
'database_name' => DB_NAME,
'server' => DB_SERVER,
'username' => DB_USER,
'password' => DB_PASS,
'charset' => DB_CHARSET
]);
} catch (Exception $ex) {
//header('HTTP/1.1 500 Internal Server Error');
sendError("Database error. Try again later. $ex");
}
if (!DEBUG) {
error_reporting(0);
} else {
error_reporting(E_ALL);
ini_set('display_errors', 'On');
}
$VARS;
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$VARS = $_POST;
define("GET", false);
} else {
$VARS = $_GET;
define("GET", true);
}
/**
* Checks if a string or whatever is empty.
* @param $str The thingy to check
* @return boolean True if it's empty or whatever.
*/
function is_empty($str) {
return (is_null($str) || !isset($str) || $str == '');
}
/**
* Add a user to the system. /!\ Assumes input is OK /!\
* @param string $username Username, saved in lowercase.
* @param string $password Password, will be hashed before saving.
* @param string $realname User's real legal name
* @param string $email User's email address.
* @return int The new user's ID number in the database.
*/
function adduser($username, $password, $realname, $email = "NOEMAIL@EXAMPLE.COM", $phone1 = "", $phone2 = "") {
global $database;
$database->insert('accounts', [
'username' => strtolower($username),
'password' => encryptPassword($password),
'realname' => $realname,
'email' => $email,
'phone1' => $phone1,
'phone2' => $phone2
]);
return $database->id();
}
/**
* Checks if an email address is valid.
* @param string $email Email to check
* @return boolean True if email passes validation, else false.
*/
function isValidEmail($email) {
return filter_var($email, FILTER_VALIDATE_EMAIL);
}
/**
* Check if an email exists in the database.
* @param String $email
*/
function email_exists($email) {
global $database;
return $database->has('accounts', ['email' => $email, "LIMIT" => QUERY_LIMIT]);
}
/**
* Check if a username exists in the database.
* @param String $username
*/
function user_exists($username) {
global $database;
return $database->has('accounts', ['username' => $username, "LIMIT" => QUERY_LIMIT]);
}
/**
* Checks the given credentials to see if they're legit.
* @param string $username
* @param string $password
* @return boolean True if OK, else false
*/
function authenticate_user_ldap($username, $password) {
$ds = ldap_connect(LDAP_SERVER);
if ($ds) {
$sr = ldap_search($ds, LDAP_BASEDN, "(|(uid=" . $username . ")(mail=" . $username . "))", ['cn', 'uid', 'mail']);
if (ldap_count_entries($ds, $sr) == 1) {
$info = ldap_get_entries($ds, $sr);
$name = $info[0]["cn"][0];
$uid = $info[0]["uid"][0];
$mail = $info[0]["mail"][0];
$_SESSION['uid'] = $uid;
$_SESSION['name'] = $name;
$_SESSION['mail'] = $mail;
return true;
} else if (ldap_count_entries($ds, $sr) > 1) {
sendError("Multiple users matched search criteria. Unsure which one you are.");
} else {
return false;
}
} else {
sendError("Login server offline.");
}
}
/**
* Hashes the given plaintext password
* @param String $password
* @return String the hash, using bcrypt
*/
function encryptPassword($password) {
return password_hash($password, PASSWORD_BCRYPT);
}
/**
* Securely verify a password and its hash
* @param String $password
* @param String $hash the hash to compare to
* @return boolean True if password OK, else false
*/
function comparePassword($password, $hash) {
return password_verify($password, $hash);
}
function dieifnotloggedin() {
if ($_SESSION['loggedin'] != true) {
sendError("Session expired. Please log out and log in again.");
}
}
/**
* Check if the previous database action had a problem.
* @param array $specials int=>string array with special response messages for SQL errors
*/
function checkDBError($specials = []) {
global $database;
$errors = $database->error();
if (!is_null($errors[1])) {
foreach ($specials as $code => $text) {
if ($errors[1] == $code) {
sendError($text);
}
}
sendError("A database error occurred:<br /><code>" . $errors[2] . "</code>");
}
}
/*
* http://stackoverflow.com/a/20075147/2534036
*/
if (!function_exists('base_url')) {
function base_url($atRoot = FALSE, $atCore = FALSE, $parse = FALSE) {
if (isset($_SERVER['HTTP_HOST'])) {
$http = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http';
$hostname = $_SERVER['HTTP_HOST'];
$dir = str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']);
$core = preg_split('@/@', str_replace($_SERVER['DOCUMENT_ROOT'], '', realpath(dirname(__FILE__))), NULL, PREG_SPLIT_NO_EMPTY);
$core = $core[0];
$tmplt = $atRoot ? ($atCore ? "%s://%s/%s/" : "%s://%s/") : ($atCore ? "%s://%s/%s/" : "%s://%s%s");
$end = $atRoot ? ($atCore ? $core : $hostname) : ($atCore ? $core : $dir);
$base_url = sprintf($tmplt, $http, $hostname, $end);
} else
$base_url = 'http://localhost/';
if ($parse) {
$base_url = parse_url($base_url);
if (isset($base_url['path']))
if ($base_url['path'] == '/')
$base_url['path'] = '';
}
return $base_url;
}
}
function redirectToPageId($id, $args, $dontdie) {
header('Location: ' . URL . '?id=' . $id . $args);
if (is_null($dontdie)) {
die("Please go to " . URL . '?id=' . $id . $args);
}
}
function redirectIfNotLoggedIn() {
if ($_SESSION['loggedin'] !== TRUE) {
header('Location: ' . URL . '/login.php');
die();
}
}

@ -0,0 +1,30 @@
<?php
// Whether to show debugging data in output.
// DO NOT SET TO TRUE IN PRODUCTION!!!
define("DEBUG", false);
// Database connection settings
// See http://medoo.in/api/new for info
define("DB_TYPE", "mysql");
define("DB_NAME", "sso");
define("DB_SERVER", "localhost");
define("DB_USER", "sso");
define("DB_PASS", "");
define("DB_CHARSET", "utf8");
define("LDAP_SERVER", "example.com");
define("LDAP_BASEDN", "ou=users,dc=example,dc=com");
define("SITE_TITLE", "Netsyms Business Apps :: Single Sign On");
define("COPYRIGHT_NAME", "Netsyms Technologies");
// For supported values, see http://php.net/manual/en/timezones.php
define("TIMEZONE", "America/Denver");
// Base URL for site links.
define('URL', 'http://localhost:8000/');
// Maximum number of rows to get in a query.
define("QUERY_LIMIT", 1000);
Laden…
Annuleren
Opslaan