load((int)$uid); } catch (PAException $e) { $msg = "$e->message"; $error = TRUE; } if ($user->email) { // we have an auth'ed user $user->{"general"} = _loadprofile($uid, GENERAL); $user->{"personal"} = _loadprofile($uid, PERSONAL); $user->{"professional"} = _loadprofile($uid, PROFESSIONAL); release_page($user); } else { login_page($msg); } } else { login_page("You must login to proceed"); // not auth'ed } } else if ($request_handle == '/login') { $username = trim($_POST['username']); $password = trim($_POST['password']); if (!$username || !$password) { login_page("Error: Username or Password cannot be empty"); } else { require_once '../api/User/User.php'; try { $u = User::authenticate_user($username, $password); } catch (PAException $e) { login_page("Error: $e->message"); } if ($u > 0) { $logged_user = new User(); try { $logged_user->load($u); $logged_user->set_last_login(); } catch (PAException $e) { $msg = "$e->message"; $load_error = TRUE; } if ($load_error) { login_page("Sorry: your login failed.
$msg"); } else { Logger::log("$INFO: sucessful login of uid: $uid"); session_start(); $_SESSION['user']['name'] = $logged_user->login_name; $_SESSION['user']['id'] = $logged_user->user_id; $_SESSION['user']['role'] = $logged_user->role; $_SESSION['user']['first_name'] = $logged_user->first_name; $_SESSION['user']['last_name'] = $logged_user->last_name; $_SESSION['user']['email'] = $logged_user->email; header("Location: $script_url"."/sxip"); exit; } } else { // auth failed login_page("Sorry: your login failed."); } } } else if ($request_handle == "/sxip/confirm") { // build confirm page confirm_page(); } else if ($request_handle == "/sxip/post") { // build (auto)post page post_page(); } else if ($request_handle == "/matrix") { require_once '../api/User/User.php'; $user = new User(); $uid = get_uid(); if ($uid) { try { $user->load((int)$uid); } catch (PAException $e) { $msg = "$e->message"; } if ($user->email) { // we have an auth'ed user $user->{"general"} = _loadprofile($uid, GENERAL); $user->{"personal"} = _loadprofile($uid, PERSONAL); $user->{"professional"} = _loadprofile($uid, PROFESSIONAL); } } default_page(show_property_matrix($user)); } function verify_page() { header("Content-type: text/plain"); echo ( (verify_sig($_POST['dix:/signature'], $_POST['dix:/digest'])) ? "dix:/true" : "dix:/false" ); } function post_page() { global $script_url, $homesite_url, $homesite_name, $homesite_secret; $post = get_proper_post(); ob_start(); ?>
" method="POST"> stash->{sxip_response})); // my $sig = hmac_sha1_hex($text, $c->config->{homesite_secret}); // pass along EVERYTHING foreach ($post as $k=>$v) { echo("\n"); } ?>

PeopleAggregator SXIP Homesite

is requesting you to release the following information, for the following reason:

$v) { if(preg_match("|^dix:/|",$k)) { echo("\n"); } } if (is_array($post["release"])) { ?>

You have chosen to release the following info to .

Please verify and hit 'confirm', or hit 'refine' to change anything.

"); foreach ($post["release"] as $k=>$v) { echo("
  • ".htmlspecialchars($v).": ".htmlspecialchars($post[$v])."
    • \n"); echo("\n"); } echo(""); } ?>

    PeopleAggregator SXIP Homesite

    is requesting you to release the following info
    Please check/un-check what you want to release.
    Fields marked with (*) are required info.
    $v) { if(preg_match("|^dix:/|",$k)) { echo("\n"); } else { echo(""); echo(" 0) { echo(" checked=\"true\""); } echo("\"/>"); echo(" $k"); if ($properties[$k]["required"]) { echo(" *"); } echo("
    \n"); } } ?>

    PeopleAggregator SXIP Homesite



    PeopleAggregator SXIP Homesite

    See Matrix of dix://sxip.net/simple#1 supported fields

    PeopleAggregator SXIP Homesite PeopleAggregator SXIP Homesite $v) { if (preg_match("|^dix:/|", $k)) { // pass along $props[$k] = $v; } else if (preg_match("|^dix:/|", $v)) { // indicates a requested property if ($prop_match[$v]) { // we have an internal match for this prop $props[$k]["value"] = $prop_match[$v]["value"]; // initially release everything that has been set $props[$k]["release"] = ($prop_match[$v][perm] == 1) ? 1 : 0; } else { // no internal PA fields match $props[$k]["value"] = ""; $props[$k]["release"] = 0; } } } if($sxip_req["dix:/required"]) { // do we have required fields? if (is_array($sxip_req["dix:/required"])) { for ($i=0;$i$av) { $html .= "
    $av[label] ($k)
    "; // $html .= "
    ".print_r($av, true)."
    "; if (count($av)>1) { $html .= "used in PA: \"$av[value]\""; } else { $html .= "(not currently supported by PA)"; } $html .= "
    \n"; } $html .= "\n"; return $html; } function property_matrix($user) { global $script_url; $prop_match = // map dix property names to internal PA user fieldnames array( "dix:/persona-url" => array( label => "Persona URL", value => "$script_url/persona/".$user->user_id, perm => 1 ), "dix://sxip.net/namePerson/prefix" => array( label => "Prefix" ), "dix://sxip.net/namePerson/first" => array( label => "First Name", value => $user->first_name, perm => 1 ), "dix://sxip.net/namePerson/last" => array( label => "Last Name", value => $user->last_name, perm => 1 ), "dix://sxip.net/namePerson/middle" => array( label => "Middle Name" ), "dix://sxip.net/namePerson/suffix" => array(label => "Suffix"), "dix://sxip.net/namePerson/friendly" => array( label => "Alias", value => $user->login_name, perm => 1 ), "dix://sxip.net/birthDate/birthYear" => array( label => "Year Of Birth", value => date("Y", $user->general["dob"]), perm => $user->general["dob_perm"] ), "dix://sxip.net/birthDate/birthMonth" => array( label => "Month Of Birth", value => date("F", $user->general["dob"]), perm => $user->general["dob_perm"] ), "dix://sxip.net/birthDate/birthDay" => array( label => "Day Of Birth", value => date("j", $user->general["dob"]), perm => $user->general["dob_perm"] ), "dix://sxip.net/contact/phone/default" => array(label => "Main Phone"), "dix://sxip.net/contact/phone/home" => array(label => "Home Phone"), "dix://sxip.net/contact/phone/business" => array(label => "Business Phone"), "dix://sxip.net/contact/phone/cell" => array(label => "Cell Phone"), "dix://sxip.net/contact/phone/fax" => array(label => "Fax"), "dix://sxip.net/contact/IM/default" => array(label => "Main IM"), "dix://sxip.net/contact/IM/AIM" => array(label => "AIM"), "dix://sxip.net/contact/IM/ICQ" => array(labe => "ICQ"), "dix://sxip.net/contact/IM/MSN" => array(label => "MSN"), "dix://sxip.net/contact/IM/Yahoo" => array(label => "Yahoo!"), "dix://sxip.net/contact/IM/Jabber" => array(label => "Jabber"), "dix://sxip.net/contact/IM/Skype" => array(label => "Skype"), "dix://sxip.net/contact/internet/email" => array( label => "Email", value => $user->email, perm => 1 ), "dix://sxip.net/contact/internet/verifiedemailhash" => array(label => "Verified Email"), "dix://sxip.net/internet/web/default" => array( label => "Web URL", value => $user->general["homepage"], perm => $user->general["homepage_perm"] ), "dix://sxip.net/contact/web/blog" => array( label => "Blog URL", // PA does make a destinction between Homepage and blog value => $user->general["homepage"], perm => $user->general["homepage_perm"] ), "dix://sxip.net/contact/web/Linkedin" => array(label => "LinkedIn URL"), "dix://sxip.net/contact/web/Amazon" => array(label => "Amazon URL"), "dix://sxip.net/contact/web/Flickr" => array( label => "Flickr URL", // TODO what's the correct URL? value => $user->general["flickr"], perm => $user->general["flickr_perm"] ), "dix://sxip.net/contact/web/Delicious" => array( label => "Delicious URL", value => "http://del.icio.us/".$user->general["delicious"], perm => $user->general["delicious_perm"] ), "dix://sxip.net/company/name" => array( label => "Company Name", value => $user->professional["company"], perm => $user->professional["company_perm"] ), "dix://sxip.net/company/title" => array( label => "Title", value => $user->professional["title"], perm => $user->professional["title_perm"] ), "dix://sxip.net/media/image/small" => array( label => "Web Image", value => $user->picture, perm => 1 ), "dix://sxip.net/media/image/medium" => array( label => "Web Image" ), "dix://sxip.net/media/image/large" => array( label => "Web Image" ), "dix://sxip.net/media/spokenname" => array( label => "Spoken Name", value => $user->general["caption"], perm => $user->general["caption_perm"] ), "dix://sxip.net/media/greeting/audio" => array( label => "Audio Greeting" ), "dix://sxip.net/media/greeting/video" => array( label => "Video Greeting" ), "dix://sxip.net/media/biography" => array( label => "Biography" ), ); return $prop_match; } function get_uid() { session_start(); if(!$_GET['uid']) { $uid = $_SESSION['user']['id']; } else { $uid = $_GET['uid']; } if ((int)$uid > 0) { return $uid; } else { return FALSE; } } function _loadprofile($uid, $slot=GENERAL) { // make sure this nis loaded, might be used out of login context Logger::log("$INFO: enter _loadprofile, $uid, $slot"); require_once '../api/User/User.php'; $user_profile = User::load_user_profile($uid, $uid, $slot); $c = count($user_profile); for ($i=0; $i<$c; $i++) { $k = $user_profile[$i]['name']; $v = $user_profile[$i]['value']; $perm_k = $k."_perm"; $perm_v = $user_profile[$i]['perm']; $profile_data[$k] = $v; $profile_data[$perm_k] = $perm_v; } return $profile_data; } function clean_input() { // no magic quotes, thanks! if (get_magic_quotes_gpc()) { function stripslashes_deep($value) { $value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value); return $value; } $_POST = stripslashes_deep($_POST); $_GET = stripslashes_deep($_GET); $_COOKIE = stripslashes_deep($_COOKIE); } } function get_script_url() { // figure out our URL $script_url = 'http'; $https = (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') ? 1 : 0; if ($https){ $script_url .= 's'; } $script_url .= '://' . $_SERVER['HTTP_HOST']; if(!preg_match("/:\d+$/", $script_url)) { // we do NOT have a PORT jet if($https and $_SERVER['SERVER_PORT'] != 443 or !$https and $_SERVER['SERVER_PORT'] != 80) { $script_url .= ':' . $_SERVER['SERVER_PORT']; } } $script_url .= $_SERVER['SCRIPT_NAME']; return $script_url; } function get_proper_post() { // get the raw POST header $ph = fopen("php://input", "rb"); while (!feof($ph)) { $p .= fread($ph, 4096); } fclose($ph); // process it like a query string $tmp = explode("&", $p); while (list($k1, $v1) = each($tmp)) { $nv = explode("=", $v1); $name = urldecode(array_shift($nv)); $thevalue = urldecode(join("", $nv)); // This portion created a multidimensional array when its needed if ($post[$name]) { if (is_array($post[$name])) { // there's been others of this name $post[$name][] = $thevalue; } else { // there was one previous of this name $value = $post[$name]; unset($post[$name]); $post[$name][] = $value; $post[$name][] = $thevalue; } } else { $post[$name] = $thevalue; } } return $post; } function verify_sig($sig, $dig) { global $homesite_secret; return ($sig == hmac_sha1($homesite_secret, $dig)) ? TRUE : FALSE; } /* lifted directl from Membersite.php */ function _sxipDigest($message) { $pairs = array(); $chars = array('%', '=', '&'); $repl = array('%25', '%3D', '%26'); foreach ($message as $key => $val) { if (strtolower($key) == 'dix:/signature') { continue; } $vals = is_array($val) ? $val : array($val); foreach ($vals as $v) { $kClean = str_replace($chars, $repl, $key); $vClean = str_replace($chars, $repl, $v); $pairs[] = $kClean . '='. $vClean; } } sort($pairs); $digest = implode('&', $pairs); $hash = sha1($digest); // $this->_logger->debug("made digest $digest, hash $hash"); return $hash; } function hmac_sha1($key, $data) { $ipad = array(); $opad = array(); $keylen = strlen($key); $k = array(); for ($i = 0; $i < 64; $i++) { $k[$i] = ($i < $keylen ? (integer)$key[$i] : 0x00); $ipad[$i] = 0x36 ^ $k[$i]; $opad[$i] = 0x5c ^ $k[$i]; } return bin2hex(sha1($opad . sha1($ipad . $data))); } ?>