From 2631dcf8638280bacbf59a0d83cdc89a76e2d76c Mon Sep 17 00:00:00 2001 From: Thomas BELOT Date: Fri, 5 Jun 2015 15:27:18 +0200 Subject: [PATCH] Reworked the way phpCAS setup enforcement was build so that its checked everywhere. Got rid of useless require_once on CAS.php --- CASAuth.php | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/CASAuth.php b/CASAuth.php index 1f2f91f..9ad632f 100644 --- a/CASAuth.php +++ b/CASAuth.php @@ -95,15 +95,14 @@ function casLogin($user, &$result) { $lg = Language::factory($wgLanguageCode); - if ($_REQUEST["title"] == $lg->specialPage("Userlogin")) { + if ($_REQUEST["title"] == $lg->specialPage("Userlogin")) { + if(!$casIsSetUp){ + error_log("CASAuth.php:casLogin - casSetup() was not called"); + return false; + } // Setup for a web request require_once("$IP/includes/WebStart.php"); - // Load phpCAS - require_once($CASAuth["phpCAS"]."/CAS.php"); - if(!$casIsSetUp) - return false; - //Will redirect to CAS server if not logged in phpCAS::forceAuthentication(); @@ -179,8 +178,10 @@ function casLogout() { global $CASAuth; global $casIsSetUp; global $wgUser, $wgRequest, $wgLanguageCode; - - require_once($CASAuth["phpCAS"]."/CAS.php"); + if(!$casIsSetUp){ + error_log("CASAuth.php:casLogout - casSetup() was not called"); + return false; + } // Logout from MediaWiki $wgUser->logout(); @@ -195,9 +196,6 @@ function casLogout() { } } - if(!$casIsSetUp) - return false; - // Logout from CAS (will redirect user to CAS server) if (isset($redirecturl)) { @@ -254,8 +252,11 @@ function casPostAuth($ticket2logout) { function casSingleSignOut($ticket2logout) { global $CASAuth; global $IP; - - require_once($CASAuth["phpCAS"]."/CAS.php"); + global $casIsSetUp; + if(!$casIsSetUp){ + error_log("CASAuth.php:casSingleSignOut - casSetup() was not called"); + return false; + } $session_id = preg_replace('/[^\w]/','',$ticket2logout);