mirror of https://github.com/BOINC/boinc.git
90 lines
3.6 KiB
PHP
90 lines
3.6 KiB
PHP
<?php
|
|
// This file is part of BOINC.
|
|
// http://boinc.berkeley.edu
|
|
// Copyright (C) 2018 University of California
|
|
//
|
|
// BOINC is free software; you can redistribute it and/or modify it
|
|
// under the terms of the GNU Lesser General Public License
|
|
// as published by the Free Software Foundation,
|
|
// either version 3 of the License, or (at your option) any later version.
|
|
//
|
|
// BOINC is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
|
// See the GNU Lesser General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Lesser General Public License
|
|
// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
// functions dealing with the consent and consent_type tables.
|
|
|
|
require_once("../inc/boinc_db.inc");
|
|
require_once("../inc/util.inc");
|
|
|
|
define('CONSENT_TYPE_ENROLL','ENROLL');
|
|
|
|
// Utility function to check the terms of use.
|
|
function check_termsofuse() {
|
|
return defined('TERMSOFUSE_FILE') and file_exists(TERMSOFUSE_FILE);
|
|
}
|
|
|
|
function consent_to_a_policy($user, $consent_type_id, $consent_flag, $consent_not_required, $source, $ctime = 0) {
|
|
$mys = BoincDb::escape_string($source);
|
|
if ($ctime==0) {
|
|
$mytime = $user->create_time;
|
|
} else {
|
|
$mytime = $ctime;
|
|
}
|
|
return BoincConsent::insert(
|
|
"(userid, consent_type_id, consent_time, consent_flag, consent_not_required, source) " .
|
|
"values($user->id, $consent_type_id, $mytime, $consent_flag, $consent_not_required, '$mys')"
|
|
);
|
|
|
|
}
|
|
|
|
// Checks to see if a user has consented to specfic consent_type_id.
|
|
function check_user_consent($user, $consent_name) {
|
|
list($checkct, $ctid) = check_consent_type($consent_name);
|
|
if ($checkct) {
|
|
$consent_result = BoincLatestConsent::lookup("userid={$user->id} AND consent_type_id=$ctid AND consent_flag=1");
|
|
if ($consent_result) {
|
|
return TRUE;
|
|
}
|
|
}
|
|
return FALSE;
|
|
}
|
|
|
|
// Checks to see if a particular consent_type name is in
|
|
// available. Returns an array of format: (BOOLEAN, INTEGER). The
|
|
// boolean is T/F depending on whether that consent_type exists, and
|
|
// if checkenabled=TRUE, if the consent_type is enabled/available for
|
|
// use. The integer is the consent_type_id- the id from consent_type
|
|
// table. If the boolean is FALSE, the integer returned is -1.
|
|
function check_consent_type($name, $checkenabled=TRUE) {
|
|
$ct = BoincConsentType::lookup("shortname = '{$name}'");
|
|
if ($ct and ( !$checkenabled or ($ct->enabled)) ) {
|
|
return array(TRUE, $ct->id);
|
|
}
|
|
return array(FALSE, -1);
|
|
}
|
|
|
|
// When a user uses the Web site to login, this funtion checks the
|
|
// ENROLL consent and intercepts the login, presenting the terms of
|
|
// use page Web form before they can continue.
|
|
function intercept_login($user, $perm, $in_next_url = "") {
|
|
list($checkct, $ctid) = check_consent_type(CONSENT_TYPE_ENROLL);
|
|
$config = get_config();
|
|
if ( parse_bool($config, "enable_login_mustagree_termsofuse") and $checkct and check_termsofuse() and (!check_user_consent($user, CONSENT_TYPE_ENROLL))) {
|
|
// sent user to terms-of-use Web form after login
|
|
$mytoken = create_token($user->id, TOKEN_TYPE_LOGIN_INTERCEPT, TOKEN_DURATION_TWO_HOURS);
|
|
send_cookie('logintoken', $mytoken, false);
|
|
send_cookie('tempuserid', $user->id, false);
|
|
send_cookie('tempperm', $perm, false);
|
|
$save_url = $in_next_url;
|
|
return "user_agreetermsofuse.php?next_url=$save_url";
|
|
} else {
|
|
send_cookie('auth', $user->authenticator, $perm);
|
|
return $in_next_url;
|
|
}
|
|
}
|