ILIAS  eassessment Revision 61809
 All Data Structures Namespaces Files Functions Variables Groups Pages
index.php
Go to the documentation of this file.
1 <?php
2 
3 chdir ('..');
4 
5 define('IL_CERT_SSO', true);
6 define('IL_COOKIE_PATH', $_REQUEST['cookie_path']);
7 if ($_REQUEST['ilias_path'])
8  define('ILIAS_HTTP_PATH', $_REQUEST['ilias_path']);
9 
10 include_once './Services/Authentication/classes/class.ilAuthUtils.php';
11 
12 $_POST['auth_mode'] = AUTH_APACHE;
13 
14 ilAuthFactory::setContext(ilAuthFactory::CONTEXT_APACHE);
15 
16 require_once "include/inc.header.php";
17 
18 $redirect = $_GET['r'];
19 
20 $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
21 if (file_exists($path) && is_readable($path)) {
22  foreach(file($path) as $line) {
23  if (trim($line)) {
24  $validDomains[$line] = 1;
25  }
26  }
27 
28 }
29 else {
30  $validDomains = array();
31 }
32 
33 $validDomains[] = $_SERVER['HTTP_HOST'];
34 
35 $P = parse_url($redirect);
36 $pos = strrpos(substr($P["host"],0,strrpos($P["host"], '.')), '.' );
37 if($pos===false) {
38  $pos = 0;
39 }
40 else {
41  $pos += 1;
42 }
43 
44 $domain = substr($P["host"],$pos);
45 
46 if($validDomains[$domain] !== 1) {
47  die('The redirect target "'.$redirect.'" is not in the list of allowed domains.');
48 }
49 
50 if (strpos($redirect, '?') === false)
51  $redirect .= '?passed_sso=1';
52 else
53  $redirect .= '&passed_sso=1';
54 
55 if ((defined('APACHE_ERRORCODE') && APACHE_ERRORCODE) || (!$ilUser || $ilUser->getId() == ANONYMOUS_USER_ID || !$ilUser->getId()))
56  $redirect .= '&auth_stat='. AUTH_APACHE_FAILED;
57 
58 
59 
60 header('Location: ' . $redirect);