Created
October 15, 2014 03:11
-
-
Save dangtrinhnt/544b81dff395fe48952e to your computer and use it in GitHub Desktop.
Update parent account in PowerSchool
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| require_once("PSSSOSettings.php"); | |
| function SSOUpdateGuardianAccount($Username, $NewUsername, $Password, $Last, $First, $Email, $Disable, $PSUsername, $PSPassword) { | |
| date_default_timezone_set('Asia/Ho_Chi_Minh'); | |
| $old_error_handler = set_error_handler("mySSOErrorHandler"); | |
| $ParentID = ""; | |
| $LookupEmail = ""; | |
| $SyncCompleted = false; | |
| $ErrorMessage = ""; | |
| $Datadump = "Username: ".$Username."\nPassword: ".$Password."\nFirst: ".$First."\nLast: ".$Last."\nEmail: ".$Email."\nDisabled: ".$Disable; | |
| global $NotificationEmail, $FromEmail, $PowerschoolErrorString, $PowerschoolErrorString1, $PowerschoolErrorString2, $PowerschoolConnectedString, $OracleListener, $OracleUsername, $OraclePassword, $PowerschoolDomainName; | |
| if ($Username != "") { | |
| echo "=> Find SSO email address of parent account\n"; | |
| $conn = oci_connect($OracleUsername, $OraclePassword, $OracleListener); | |
| if (!$conn) { | |
| $e = oci_error(); | |
| echo "SSOUpdateGuardianAccount cURL error", "Cannot make Oracle connection.\n\n".$Datadump; | |
| if ($NotificationEmail != "") { | |
| mail($NotificationEmail, "SSOUpdateGuardianAccount cURL error", "Cannot make Oracle connection.\n\n".$Datadump, "From: ".$FromEmail); | |
| } | |
| trigger_error(htmlentities($e['message'], ENT_QUOTES), E_USER_ERROR); | |
| } | |
| $sql = "select | |
| a.pcas_accounttoken, | |
| e.emailaddress | |
| from pcas_account a inner join pcas_emailcontact e on a.pcas_accountid = e.pcas_accountid | |
| where lower(a.username) = '".strtolower($Username)."'"; | |
| $stmt = oci_parse($conn,$sql); | |
| oci_execute($stmt); | |
| $row = oci_fetch_array($stmt, OCI_ASSOC+OCI_RETURN_NULLS); | |
| $ParentID = $row["PCAS_ACCOUNTTOKEN"]; | |
| $LookupEmail = $row["EMAILADDRESS"]; | |
| if ($ParentID == "") { | |
| $ErrorMessage .= $Username." not found"; | |
| } | |
| if ($ErrorMessage == "" && strtolower($Email) != strtolower($LookupEmail)) { // Make sure new email address is not in use already | |
| $sql = "select | |
| a.username | |
| from pcas_account a inner join pcas_emailcontact e on a.pcas_accountid = e.pcas_accountid | |
| where lower(e.emailaddress) = '".strtolower($Email)."'"; | |
| $stmt = oci_parse($conn,$sql); | |
| oci_execute($stmt); | |
| $row = oci_fetch_array($stmt, OCI_ASSOC+OCI_RETURN_NULLS); | |
| $ExistingUser = $row["USERNAME"]; | |
| if ($ExistingUser != "") { | |
| $ErrorMessage .= $ExistingUser." is using ".$Email." already"; | |
| } | |
| } | |
| oci_free_statement($stmt); | |
| oci_close($conn); | |
| } | |
| if ($ErrorMessage == "" && $ParentID != "" && $LookupEmail != "") { | |
| $pslogin = $PSUsername; // Default school must be District Office | |
| $pspassword = $PSPassword; | |
| $domain = $PowerschoolDomainName; // No trailing slash | |
| $cookie = uniqid("update") . '.txt'; // Cookie file, webserver must have r/w access | |
| $login1URL = $domain."/admin/pw.html"; // Authentication page | |
| echo "\n\n++++ Admin login page: " . $login1URL . " ++++\n\n"; | |
| $login2URL = $domain."/admin/home.html"; // Home page | |
| $editGuardian1URL = $domain."/admin/guardians/search.html"; // New guardian account load page | |
| $editGuardian2URL = $domain."/admin/guardians/home.html"; // New guardian account load page | |
| $editGuardian3URL = $domain."/admin/guardians/home.html?changesSaved=true"; // New guardian account submit page | |
| $logoutURL = $domain."/admin/~loff"; // Logout | |
| try { | |
| echo "=> Load login page via cURL\n"; | |
| $ch = curl_init(); | |
| curl_setopt($ch, CURLOPT_URL, $login1URL); | |
| curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); | |
| curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie); | |
| curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie); | |
| curl_setopt($ch, CURLOPT_HEADER, false); | |
| curl_setopt($ch, CURLOPT_POST, false); | |
| curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
| curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); | |
| $buffer = curl_exec($ch); | |
| echo "\n\nDEBUG: buffer - \n\n" . $buffer . "\n\n"; | |
| // Scrape token and key from login page | |
| // Note - this will break if PS changes the layout of their login page | |
| // Not real classy (could have used regular expressions), but this works | |
| $lines = explode("\n", $buffer); | |
| //~ echo "\n\n++++ lines: " . $lines . " ++++\n\n"; | |
| foreach ($lines as $line) { | |
| echo "\n\n++++ Line: " . $line . "++++\n\n"; | |
| if (strstr($line, '<input type="hidden" name="pstoken" value="') ){ | |
| $pstoken = str_replace('<input type="hidden" name="pstoken" value="', '', $line); | |
| $pstoken = str_replace('">', '', $pstoken); | |
| echo "\n\n++++ pstoken ". $pstoken . "++++\n\n"; | |
| } | |
| if (strstr($line, 'var pskey = "')) { | |
| $pskey = str_replace('var pskey = "', '', $line); | |
| $pskey = str_replace('";', '', $pskey); | |
| } | |
| } | |
| if (!isset($pskey)) { | |
| echo "SSOUpdateGuardianAccount cURL error - Cannot load login page.\n\n".$Datadump; | |
| if ($NotificationEmail != "") { | |
| mail($NotificationEmail, "SSOUpdateGuardianAccount cURL error", "Cannot load login page.\n\n".$Datadump, "From: ".$FromEmail); | |
| } | |
| return "Cannot load login page.\n"; | |
| } | |
| // First Hash password using md5 with raw binary output, then base64 encode | |
| $pspassword2 = base64_encode(md5($pspassword, TRUE)); | |
| // Then remove trailing "=" | |
| while (substr($pspassword2, -1, 1) == "=") { | |
| $pspassword2 = substr($pspassword2, 0, -1); | |
| } | |
| // Then hash again with md5, using supplied key on PS login page | |
| $hash = hash_hmac("md5", $pspassword2, $pskey); | |
| // Hash lower-case version of password (6.x) | |
| //$hash = hash_hmac("md5", strtolower($pspassword), $pskey); | |
| // Delete cookie from previous session | |
| if (is_file($cookie)) { | |
| unlink ($cookie); | |
| } | |
| echo "=> cURL the login authentication\n"; | |
| // The page is acutally called twice, hence the need for the -L. | |
| // The first time, it receives the session cookie. | |
| // The second time, it supplies the valid cookie and loads the page. | |
| // Add &ldappassword=$password to -d (POST values) string if logging on as ldap user | |
| $LoginData = array('username' => $pslogin, 'pstoken' => $pstoken, 'password' => $hash, 'ldappassword' => $pspassword); | |
| curl_setopt($ch, CURLOPT_URL, $login2URL); | |
| curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); | |
| curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie); | |
| curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie); | |
| curl_setopt($ch, CURLOPT_HEADER, false); | |
| curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
| curl_setopt($ch, CURLOPT_POST, true); | |
| curl_setopt($ch, CURLOPT_POSTFIELDS, $LoginData); | |
| $buffer = curl_exec($ch); | |
| if (strstr($buffer,$PowerschoolConnectedString) === false || strstr($buffer,$PowerschoolErrorString1) !== false || strstr($buffer,$PowerschoolErrorString2) !== false) { | |
| echo "SSOUpdateGuardianAccount cURL error - Cannot authenticate against Powerschool.\n\n".$Datadump; | |
| if ($NotificationEmail != "") { | |
| mail($NotificationEmail, "SSOUpdateGuardianAccount cURL error", "Cannot authenticate against Powerschool.\n\n".$Datadump, "From: ".$FromEmail); | |
| } | |
| return "Cannot authenticate against Powerschool.\n"; | |
| } | |
| echo "=> We are now logged in, and session cookie is stored in the $cookie file\n"; | |
| echo "=> Edit guardian account\n"; | |
| $EditGuardianData1 = array( | |
| "searchParameters.email" => $LookupEmail | |
| ); | |
| $EditGuardianData2 = array( | |
| "account.username" => strtolower($Username), | |
| "username" => strtolower($NewUsername), //$Username | |
| "firstName" => $First, | |
| "lastName" => $Last, | |
| "email" => strtolower($Email), // $LookupEmail | |
| "gai" => $ParentID, | |
| "ac" => "brij:admin-accountmanagement-pkg/SaveGuardianAccount", | |
| "doc" => "/admin/guardians/home.html", | |
| "render_in_java" => "true", | |
| "changesSaved" => "true" | |
| ); | |
| if ($Disable) { | |
| $EditGuardianData2["accountDisabled"] = "true"; | |
| $EditGuardianData2["__checkbox_accountDisabled"] = "true"; | |
| } | |
| if ($Password != "") { | |
| $EditGuardianData2["newPassword"] = $Password; | |
| $EditGuardianData2["confirmPassword"] = $Password; | |
| echo "\n==== New password: " . $Password . "\n\n"; | |
| } | |
| echo "=> Load guardian search form\n"; | |
| curl_setopt($ch, CURLOPT_URL, $editGuardian1URL); | |
| curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie); | |
| curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie); | |
| curl_setopt($ch, CURLOPT_POST, false); | |
| curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
| $buffer = curl_exec($ch); | |
| if (strstr($buffer,$PowerschoolConnectedString) === false || strstr($buffer,$PowerschoolErrorString) !== false) { | |
| echo "SSOUpdateGuardianAccount cURL error - Cannot load parent search form - " . $Datadump; | |
| if ($NotificationEmail != "") { | |
| mail($NotificationEmail, "SSOUpdateGuardianAccount cURL error", "Cannot load parent search form.\n\n".$Datadump, "From: ".$FromEmail); | |
| } | |
| return "Cannot load parent search form.\n"; | |
| } | |
| echo "=> Submit guardian search form by guardian email\n"; | |
| curl_setopt($ch, CURLOPT_URL, $editGuardian2URL); | |
| curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); | |
| curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie); | |
| curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie); | |
| curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
| curl_setopt($ch, CURLOPT_POST, true); | |
| curl_setopt($ch, CURLOPT_POSTFIELDS, $EditGuardianData1); | |
| $buffer = curl_exec($ch); | |
| if (strstr($buffer,$PowerschoolConnectedString) === false || strstr($buffer,$PowerschoolErrorString) !== false) { | |
| echo "SSOUpdateGuardianAccount cURL error - Cannot submit guardian search form - " . $Datadump; | |
| if ($NotificationEmail != "") { | |
| mail($NotificationEmail, "SSOUpdateGuardianAccount cURL error", "Cannot submit guardian search form.\n\n".$Datadump, "From: ".$FromEmail); | |
| } | |
| return "Cannot submit guardian search form by guardian email.\n"; | |
| } | |
| echo "=> Submit parent update form\n"; | |
| curl_setopt($ch, CURLOPT_URL, $editGuardian3URL); | |
| curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); | |
| curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie); | |
| curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie); | |
| curl_setopt($ch, CURLOPT_SAFE_UPLOAD, true); // important for sending '@' at the beginning of the password | |
| curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
| curl_setopt($ch, CURLOPT_POST, true); | |
| curl_setopt($ch, CURLOPT_POSTFIELDS, $EditGuardianData2); | |
| $buffer = curl_exec($ch); | |
| if (strstr($buffer,$PowerschoolConnectedString) === false || strstr($buffer,$PowerschoolErrorString) !== false) { | |
| echo "SSOUpdateGuardianAccount cURL error - Cannot submit parent update form:\n\n" . $Datadump; | |
| if ($NotificationEmail != "") { | |
| mail($NotificationEmail, "SSOUpdateGuardianAccount cURL error", "Cannot submit parent update form.\n\n".$Datadump, "From: ".$FromEmail); | |
| } | |
| return "Cannot submit parent update form.\n"; | |
| } | |
| echo "=> Logout\n"; | |
| curl_setopt($ch, CURLOPT_URL, $logoutURL); | |
| curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false); | |
| curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie); | |
| curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie); | |
| curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
| curl_setopt($ch, CURLOPT_POST, false); | |
| $buffer = curl_exec($ch); | |
| curl_close($ch); | |
| // Remove cookie file | |
| if (is_file($cookie)) { | |
| unlink ($cookie); | |
| } | |
| $SyncCompleted = true; | |
| } catch (Exception $e) { | |
| $ErrorMessage .= "Unknown error: ".$e->getMessage(); | |
| } | |
| } | |
| restore_error_handler(); | |
| if ($ErrorMessage != "") { | |
| $Datadump = "Username: ".$Username."\nPassword: ".$Password."\nFirst: ".$First."\nLast: ".$Last."\nEmail: ".$Email."\nDisabled: ".$Disable; | |
| echo "SSOUpdateGuardianAccount cURL error: " . $Datadump; | |
| if ($NotificationEmail != "") { | |
| mail($NotificationEmail, "SSOUpdateGuardianAccount cURL error", $ErrorMessage."\n\n".$Datadump, "From: ".$FromEmail); | |
| } | |
| return $Username." - ".$ErrorMessage."\n"; | |
| } else { | |
| return ""; | |
| } | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment