mod/lams/userinfo.php

   1 <?PHP
   2
   3 /**
   4  * This page return user info in CSV format to LAMS server.
   5  * The pass-in parameters are un, ts and hs.
   6  * un means username, ts means timestamp and hs means hash.
   7  * The plain text of the hash should be lower case string of
   8  * ts.trim()+un.trim()+serverId+serverKey. The hash algorithm
   9  * is sha1.
  10  * If the hash is not matched to the result calculated, then a
  11  * http error code should be returned.
  12  * Moodle's admin should be responsible for correctly setting
  13  * serverId and serverKey
  14  */
  15   include_once("../../config.php");
  16
  17     if(!isset($CFG->lams_serverid)||!isset($CFG->lams_serverkey))
  18     {
  19         header("HTTP/1.1 401 Unauthenticated");
  20         exit(1);
  21     }
  22     $plaintext = trim($_GET["ts"]).trim($_GET["un"]).trim($CFG->lams_serverid).trim($CFG->lams_serverkey);
  23     $hash = sha1(strtolower($plaintext));
  24     if($hash!=$_GET["hs"]){
  25         header("HTTP/1.1 401 Unauthenticated");
  26         exit(1);
  27     }
  28
  29     //OK, the caller is authenticated. Now let's fulfill its request.
  30     //What it needs is user info in CSV format. It should be like this:
  31     //username,first name,last name,job title, department, organisation,
  32     //address,phone,fax,mobile,email
  33     $user = get_record('user', 'username', $_GET["un"]);//return false if none found
  34     if(!$user){
  35         header("HTTP/1.1 401 Unauthenticated");//which status code is appropriate?
  36         exit(1);
  37     }
  38     $array = array($user->username,$user->firstname,$user->lastname,'','','','','','','',$user->email);
  39     $comma_separated = implode(",", $array);//need more sophiscated algorithm to generate CSV formatted string
  40     echo $comma_separated;
  41 ?>