login_redirect.php 1.96 KB
Newer Older
1 2
<?php
#
3
# Copyright (c) 2000-2007 University of Utah and the Flux Group.
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
# 
# {{{EMULAB-LICENSE
# 
# This file is part of the Emulab network testbed software.
# 
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
# 
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public
# License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this file.  If not, see <http://www.gnu.org/licenses/>.
# 
# }}}
23 24 25 26 27 28
#
include("defs.php3");

# No Pageheader since we spit out a redirection below.

#
29
# We must get the redirection arguments,
30
#
31
$reqargs = RequiredPageArguments("redirect_to", PAGEARG_STRING);
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53

#
# Check format. Also figure out the target.
#
if (! preg_match("/^http[s]?:\/\/([-\w\.]*)\//", $redirect_to, $matches)) {
    PAGEARGERROR("Invalid redirection argument!");
}
$redirect_host = $matches[1];

#
# Right now all we allow is www.datapository.net, and that is really
# nfs.emulab.net.
#
if ($redirect_host != "www.datapository.net" &&
    $redirect_host != "nfs.emulab.net") {
    PAGEARGERROR("Invalid redirection host '$redirect_host'");
}

#
# Okay, now see if the user is logged in. If not, the user will be
# be brought back here after logging in.
#
54 55 56
$this_user = CheckLoginOrDie();
$uid       = $this_user->uid();
$isadmin   = ISADMIN();
57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74

#
# Generate a cookie. 
# 
$authhash = GENHASH();

#
# Send it over to the server where it will save it.
#
SUEXEC("nobody", "nobody", "xlogin $redirect_host $uid $authhash",
       SUEXEC_ACTION_DIE);

#
# Now redirect the user over, passing along the hash in the URL.
# 
header("Location: ${redirect_to}?user=${uid}&auth=${authhash}");

?>