ILIAS  release_4-3 Revision
 All Data Structures Namespaces Files Functions Variables Groups Pages
index.php
Go to the documentation of this file.
1 <?php
2 
3 chdir ('..');
4 
5 define('IL_CERT_SSO', true);
6 define('IL_COOKIE_PATH', $_REQUEST['cookie_path']);
7 if ($_REQUEST['ilias_path'])
8  define('ILIAS_HTTP_PATH', $_REQUEST['ilias_path']);
9 
10 include_once './Services/Authentication/classes/class.ilAuthUtils.php';
11 
12 $_POST['auth_mode'] = AUTH_APACHE;
13 
15 
16 require_once "include/inc.header.php";
17 
19 
20 $validDomains = array();
21 
22 $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
23 if(file_exists($path) && is_readable($path))
24 {
25  foreach(file($path) as $line)
26  {
27  if(trim($line))
28  {
29  $validDomains[] = trim($line);
30  }
31  }
32 }
33 
34 $P = parse_url($redirect);
35 $redirectDomain = $P["host"];
36 
38 
39 foreach($validDomains as $validDomain)
40 {
41  if( $redirectDomain === $validDomain )
42  {
43  $validRedirect = true;
44  break;
45  }
46 
47  if( strlen($redirectDomain) > (strlen($validDomain) + 1) )
48  {
49  if( substr($redirectDomain, (0 - strlen($validDomain) - 1)) === '.'. $validDomain)
50  {
51  $validRedirect = true;
52  break;
53  }
54  }
55 }
56 
57 if( !$validRedirect )
58 {
59  die('The redirect target "'.$redirect.'" is not in the list of allowed domains.');
60 }
61 
62 if (strpos($redirect, '?') === false)
63  $redirect .= '?passed_sso=1';
64 else
65  $redirect .= '&passed_sso=1';
66 
67 if ((defined('APACHE_ERRORCODE') && APACHE_ERRORCODE) || (!$ilUser || $ilUser->getId() == ANONYMOUS_USER_ID || !$ilUser->getId()))
68  $redirect .= '&auth_stat='. AUTH_APACHE_FAILED;
69 
70 
71 
72 header('Location: ' . $redirect);