hcuService_8i_source.html

 <?php
 /*
  * File: hcuService
  *
  * Purpose: This script will be used to facilitate any needed security, setup
  *          variable contents
  *
  * Use: This script should be included at the top of every script using require_once
  *
  *
  * NOTE: Some variables will need to be set prior to including this script to properly
  *       turn some options ON or OFF, or bypass logic
  *
  *
  * ** SCRIPT FLAGS
  *
  * serviceSkipCredentials - {true, false (Default)}
  *            When True this will allow the code to skip credential check
  *
  * serviceSkipSecurity - {true, false (Default)}
  *            When true this will allow the code to skip 'security' check
  *
  * serviceAllowReadonly - {true, false (Default)}
  *            Does this script allow access when the Home Banking Status is set to READONLY
  *
  * serviceShowInfo - {true, false (Default)}
  *            This will control if we show the upper right Info Container for the member
  *
  * serviceLoadMenu - {true, false (default)}
  *            This controls whether we go and load the menu object from the credit
  *            union directory
  *
  * serviceShowMenu - {true, false (Default)}
  *            Do we show the Top and Side Menu.. This will be programmatic and be loaded
  *            from a json object in the file incMenu
  *
  * serviceMenuScript - {string}
  *            This is the current "menu" item that should be selected, this should be the
  *            name of the item on the left 'aside' menu.  once this option is found, it
  *            also identifies the group that is selected as well
  *            * NOTE: IF THIS IS NOT SET, the _SERVER['current_script'] name is used
  *            Note 04-2019 "aside" element changed to nav because it's not an aside
  *
  * serviceLiveCheck - {true, false (default)}
  *            For LIVE systems, this will get the results from the fetch_packet function
  *            to determine the current status of the "Live" interface
  *            If there is a problem, hcuPreContent should load a screen with the information
  *
  * serviceLoadCuInfo - {true (default), false}
  *            This will determine certain CU Info settings are loaded.. This is needed for scripts
  *            like schedliveproc.php.
  *
  * serviceSuppressBanner - {false (default), true}
  *            This will suppress the banner from the top of the screen. The banner should not be
  *            present when the user is NOT logged in.
  */

   /*
    * * SET DEFAULT VALUES FOR SCRIPT FLAGS
    */
   $serviceMinimal = (!isset($serviceMinimal) ? false : $serviceMinimal);
   $serviceSkipCredentials = (!isset($serviceSkipCredentials) ? false : $serviceSkipCredentials);
   $serviceSkipSecurity = (!isset($serviceSkipSecurity) ? false : $serviceSkipSecurity);
   $serviceAllowReadonly = (!isset($serviceAllowReadonly) ? false : $serviceAllowReadonly);
   $serviceShowInfo = (!isset($serviceShowInfo) ? false : $serviceShowInfo);
   $serviceLoadMenu = (!isset($serviceLoadMenu) ? false : $serviceLoadMenu);
   $serviceShowMenu = (!isset($serviceShowMenu) ? false : $serviceShowMenu);
   // * DO NOT default serviceMenuScript to anything
   $serviceMenuScript = (!isset($serviceMenuScript) ? "" : $serviceMenuScript);
   //$serviceMenuScript = (!isset($serviceMenuScript) ? "hcuAccounts" : $serviceMenuScript);
   $serviceLiveCheck = (!isset($serviceLiveCheck) ? false : $serviceLiveCheck);
   $serviceLoadCuInfo = (!isset($serviceLoadCuInfo) ? true : $serviceLoadCuInfo);
   $serviceSuppressBanner = (!isset($serviceSuppressBanner) ? false : $serviceSuppressBanner);

   $validLanguageCodes = Array("en_US", "es_US", "pl_US");
   $serviceViewFromCuAdmin = false;

   /**
    * DECLARE HB_ENV as an array
    */
   $HB_ENV = Array();

   try {

     /*
      *  ** INCLUDE SCRIPTS **
      */
     require_once( dirname(__FILE__) . "/../library/hcuLoadLibs.i" );

     // set up the environment based on environment variables
     $HB_ENV['SYSENV'] = LoadSystemEnv("banking");

     $errHndlr = new CatchErrorHandler(HCU_PRODUCT_BANKING, $HB_ENV['SYSENV']['logger'], $HB_ENV['SYSENV']['devmode']);
     $excHndlr = new CatchExceptionHandler(HCU_PRODUCT_BANKING, $HB_ENV['SYSENV']['logger'], $HB_ENV['SYSENV']['devmode']);

     /**
      *  Setup the error handling class
      *
      */
     set_error_handler(array($errHndlr, "catchError"));
     set_exception_handler(array($excHndlr, "catchException"));

     $dbPluginFile = "db." . $HB_ENV['SYSENV']['db']['platform'] . ".i";
     // ** Include the database plugin file.  This file will include the database function declarations
     include (dirname(__FILE__) . '/../../shared/library/' . $dbPluginFile);

     /**
     * temporary variable to use in the hcuPreContent and hcuPostContent to create a responsive base to use for coding
     */
     $HB_ENV['USE_BS_FRAMEWORK'] = true;

     // get and save the DB handle (call after SYSENV is set up)
     $dbh = GetDBH( $HB_ENV['SYSENV']['db'] );
     $HB_ENV["dbh"] = $dbh;

     /*
      *  ** GLOBAL VALUES **
      */

     // ** LOGIN PATH MAY NEED TO BE SET SOMEWHERE ELSE -- PER homecu request script
     /**
      * @var string currentscript - the current script running, should be able to use this in place of hard coding script name
      */
     $HB_ENV['currentscript'] = basename($_SERVER['SCRIPT_NAME']);

     // Retain the full URL for changing language (and perhaps other uses.)
     $HB_ENV["currentQuery"] = $_SERVER["QUERY_STRING"];

     $HB_ENV['remoteIp'] = filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_SANITIZE_STRING);

     /*
      * *************************
      * START OF VALUES THAT ARE BEING MOVED TO HB_ENV['SYSENV']
      *
         $HB_ENV['dbplat'] = $dbplat;
         $HB_ENV['dbhost'] = $dbhost;
         $HB_ENV['dbuser'] = $dbuser;
         $HB_ENV['dbpasswd'] = $dbpasswd;
         $HB_ENV['dbname'] = $dbname;
         $HB_ENV['TicketDomain'] = $TicketDomain;
         $HB_ENV['TicketExpires'] = $TicketExpires;
         $HB_ENV['TicketPersists'] = $TicketPersists;
         $HB_ENV['TicketInactive'] = $TicketInactive;
      *
      * END
      * *************************
      */
     // ** SET ENVIRONMENT VARIABLES
     SetEnvStatic( $HB_ENV );

     if ($serviceLoadCuInfo) {
       $HB_ENV['cu'] = substr(filter_input(INPUT_GET, 'cu', FILTER_SANITIZE_STRING, array('flags' => (FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH))), 0, 12);
       if ($HB_ENV['cu'] == '' && in_array(basename($_SERVER['SCRIPT_NAME']), array('OFXRequest.prg', 'hcuAppFeed.prg', 'hcuAppDirector.prg'))) {
         $HB_ENV['cu'] = substr(filter_input(INPUT_POST, 'ORG', FILTER_SANITIZE_STRING, array('flags' => (FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH))), 0, 12);
         $HB_ENV['no_cookies'] = true;
       }
       if ($HB_ENV['cu'] == '' && in_array(basename($_SERVER['SCRIPT_NAME']), array('MoneyDesk3.prg'))) {
         $ReqPathArr = explode("/", $_SERVER['PATH_INFO']);
         $HB_ENV['cu'] = HCU_array_key_value(1, $ReqPathArr);
         $HB_ENV['cu'] = substr(preg_replace("/[^A-Za-z0-9]/","",$HB_ENV['cu']), 0, 12);
         $HB_ENV['no_cookies'] = true;
       }

       // ** Check HomeBanking Status Online / Offline / database active
       // * This should set the HB_ENV values based on the credit union
       // this sets up more HB_ENV and also checks if $dbh is valid
       $isValidCU = LoadCUAdmin( $dbh, $HB_ENV['cu'], $HB_ENV );
       if (!$isValidCU && strlen($HB_ENV['cu']) > 0) {
         throw new ErrorException('Credit Union Not Found');
       }
       if (HCU_array_key_value("live", $HB_ENV)) {

           // ** Appliance API Script
           require_once(dirname(__FILE__) . '/../../shared/library/sAPIAppl.i');

           // ** Load the specific plugin for this appliance configuration
           IncludeApplPlugin($HB_ENV);

       }

       // set the language
       SetLanguageEnv( $HB_ENV );
     } else {
       // ** Default the language to English in this instance
       $HB_ENV["Flang"] = "en_US";
     }
     // ** set to DSK -- hcuAppFeed overrides this value for APP or ADA
     require_once dirname(__FILE__) . '/../../shared/includes/third-party/Mobile_Detect.php';
     $mobileDetect = new Mobile_Detect();
     if ($mobileDetect->isMobile() || $mobileDetect->isTablet()) {
       $HB_ENV['platform'] = 'MBL';
     } else {
       $HB_ENV['platform'] = 'DSK';
     }


     // ** Validate the Language here
     // ** We will be able to make it a session cookie or longer like
     if (!in_array($HB_ENV['Flang'], $validLanguageCodes) || trim($HB_ENV['Flang']) == '') {
       $HB_ENV['Flang'] = "en_US";
     }

     // ** SET the current language for the site
     $Flang = $HB_ENV['Flang'];
     $MC = new hcu_talk_base( $Flang );

       // ** VERIFY DATABASE CONNECTION
     if ($HB_ENV['homebanking_status'] != "O") {
       if (!$dbh) {
         // * NO Database connection...
         throw new ErrorException($MC->msg('Could not Open Database', HCU_DISPLAY_AS_HTML), 900);

       }
     } else {
       // ** THROW ERROR - Home Banking is OFFLINE
       throw new ErrorException($MC->msg('Could not Open Database', HCU_DISPLAY_AS_HTML), 900);
     }

     // ** offer and make available dictionary and db handle
     $HB_ENV['MC'] = $MC;
     $HB_ENV['dbh'] = $dbh;

     // ** DETERMINE LIVE/BATCH STATUS -- ** 8/15/17 -- MOVED TO LoadCUAdmin

     // ** CHECK OFF LINE STATUS
     $HB_ENV['allowReadonly'] = $serviceAllowReadonly;

     if ($serviceLoadCuInfo) {
       $serverParts = explode(".",$_SERVER['SERVER_NAME']);
       $HB_ENV['cuhost'] = array_shift($serverParts);

       // ** SET CURRENT SCRIPT - LOGIN SCRIPT
       setLoginScript($HB_ENV);
     }

     if (!$serviceMinimal) {
       // * SET output to be UTF-8, this should work for all languages
       header('Content-Type: text/html; charset=UTF-8');

       // ** Check Member Security Credentials --
       $mbrStatus = Array();
       if (!$serviceSkipCredentials) {

         $mbrStatus = Check_Member_Credentials($HB_ENV, HCU_array_key_value("Ticket", $_COOKIE));
         // ** two dimensional array

         $serviceViewFromCuAdmin = HCU_array_key_value('Ca', $HB_ENV) != "";

         if (!$mbrStatus['result']) {
           $loginscript = $HB_ENV['loginscript'];

           $login_query_string = $_SERVER['QUERY_STRING'];

           // ** ALWAYS INCLUDE EMPTY HASH ON END _- THE ANCHOR TAG MUST GET CLEARED
             // ** OR jquery mobile will puke trying to find a non existent hash
           $now = time();

           //  setcookie("Ticket", "", $now, "/", $TicketDomain, 1);
           HCU_setcookie_env($HB_ENV['SYSENV'], "Ticket", "", $now);

           header("Location: {$loginscript}?" . $login_query_string . "#");
           exit;
         } else {

           // ** I want to refresh the cookie timeout
           $now = time();
           $newCtime = $now;
           $newCe = $now + $HB_ENV['SYSENV']['ticket']['expires'];

           // OLD SetTicket($_COOKIE['Ticket'], "Ctime={$newCtime}&Ce={$newCe}");
           SetTicket($HB_ENV, $_COOKIE['Ticket'], "Ctime={$newCtime}&Ce={$newCe}");

           // ** CHECK the 'cu' param in URL is set, if NOT then I want to force it by going there.
             // * At this point I know I am working with a valid cookie
           if ($HB_ENV['cu'] == '') {
             $redirScript = $HB_ENV['homebankingpath'] . "/{$HB_ENV['currentscript']}";
             $redirQuery  = "cu=" . $HB_ENV['Cu'];
             header("Location: {$redirScript}?{$redirQuery}#");
             exit;
           }

           if (!$serviceViewFromCuAdmin) {
             // * add the FeatureAccessList to HB_ENV
             // * This is the compiled list of Profile features with the permissions for this specific user
             $paramInputs = Array('Uid' => $HB_ENV['Uid']);
             $featureAccess = Perm_FeatureAccessList($dbh, $HB_ENV, $paramInputs);
             if ($featureAccess['status']['code'] == '000') {
               $HB_ENV['FeatureAccessList'] = HCU_array_key_value($HB_ENV['Uid'], $featureAccess['data']);
             } else {
               // ** NO FEATURE ACCESS RETURNED -- SET TO EMPTY LIST
               $HB_ENV['FeatureAccessList'] = Array();
             }
           }
         }
       } else {
         //  Check_Member_Credentials normally sets Cu from cookie --
           // ** However, it is NOT being called. set here
           // ** cu has sanity check in Check_HomeCU_Status
         $HB_ENV['Cu'] = $HB_ENV['cu'];
         $serviceSuppressBanner = true;
       }

       // get the envinfo
       LoadClientEnvInfo( $HB_ENV, HCU_array_key_value("envinfo", $_COOKIE) );

       // *** LOAD COMMON FRAGMENTS ??
       // *** Will need Menus/Footers/

       $cuSettings = Array();
       if (HCU_array_key_value("chome", $HB_ENV) != '') {
         // * Always load settings file
         $settingsDir =  ($HB_ENV['testmenu'] == '1' ? 'preview' : 'production');
         $HB_ENV['settingsDir'] = $settingsDir;
         $loadSettingsFile = "/home/{$HB_ENV['chome']}/public_html/bankingIncludes/{$settingsDir}/hcuSettings.i";

         if (is_readable($loadSettingsFile)) {
           // ** Menu Found - Load into an array
           $fileContent = file_get_contents($loadSettingsFile);
           // ** Now decode it and hope for the best
           $cuSettings = HCU_JsonDecode($fileContent);
         }
       } else {
         //** SOMETHING WENT WRONG..
         throw new ErrorException('Credit Union Not Found');

       }

       // ** LOAD the CU settings file prior to checking the offline status.
         // ** This is so the custom settings can be loaded for the screen
       if (!hcu_checkOffline($dbh, $HB_ENV)) {
         // ** We are OFFLINE - CALL THE OFFLINE FUNCTION -- DISPLAYS OFFLINE MESSAGE
         //

         // ** THROW ERROR ??
         throw new ErrorException($HB_ENV['offlinemsg'], 902);

       }

       // ** WILL NEED TO HANDLE SECURITY SETTINGS
       // ** Force Password Change
       // ** Force Security Change
       // ** Force EMAIL Verify


       if (!$serviceSkipSecurity && !$serviceViewFromCuAdmin) {

         // ** Now that we are here, check the current settings for security,
         // *  we may need to view an alternate screen for updating security profile
         // only check if the member is the one authenticating

         $l_MbrSettings = Check_Member_Settings($dbh, $HB_ENV, $MC);
         $serviceViewFromCUAdmin= $HB_ENV["Ca"] != "";

         // if settings need to be addressed AND (not an Odyssey app OR is a Pegasus app)
         $platform = $HB_ENV["platform"];
         if ( ($l_MbrSettings['code'] != '000') &&
              (($platform != "ADA" && $platform != "APP") ||
               ($platform == "ADA" || $platform =="APP") && $HB_ENV["envinfo"] == "Pegasus") ) {
           /*
            * Values for sC
            *
            * sC = 1 : the user pressed UPDATE NOW
            * sC = 2 : the user pressed UPDATE LATER
            */

           if (intval(HCU_array_key_value('sC', $HB_ENV)) == 0) {
             // set a cookie for the profileRequire update
             $retryCount = $HB_ENV["failedremain"];
             $timeExpires = time() + $HB_ENV['SYSENV']['ticket']['expires'];
             $hashedValue = md5( $retryCount . $timeExpires . $HB_ENV["secret"] );
             $profileCookie = "remain=$retryCount&until=$timeExpires&check=$hashedValue";

             HCU_setcookie_env($HB_ENV['SYSENV'], "securePass", $profileCookie, 0);
             // setcookie( "securePass", $profileCookie, 0, "/", $HB_ENV['TicketDomain'], 1 );

             // simply send the user to the hcuProfileRequire script to let it decide what is needed
             $nextScript = $HB_ENV["loginpath"]."/hcuProfileRequire.prg?".$HB_ENV["cuquery"];
             header("Location: {$nextScript}");
             exit;
           }
         } else {
           // ** If code == '000' && sC == 1
             // ** Then we have completed all the pieces we needed to update.
             // * go ahead and reset sC = 0
           if (HCU_array_key_value('sC', $HB_ENV) == 1) {
             $tixOption = "sC=0";
             // $_COOKIE['Ticket'] = SetTicket($_COOKIE['Ticket'], $tixOption);
             $_COOKIE['Ticket'] = SetTicket($HB_ENV, $_COOKIE['Ticket'], $tixOption);
             $HB_ENV['sC'] = 0;
             // ** CONTINUE WITH WHATEVER SCRIP WE ARE IN
           }
         }

         // clear out the cookie in case it exists
         HCU_setcookie_env ($HB_ENV['SYSENV'], "securePass", "", (time() - 3600));

       }
     }


   } catch ( Error $e) {

     if (isset($excHndlr)) {
       // ** CALL on the global exception Handler for this type of error
       $excHndlr->catchException($e);
     } else {
       // ** Really bad -- most likely an include script failed to load before we could load the Error Handler
       include_once(dirname(__FILE__) . '/../../shared/includes/hcuBadRequest.i');
     }
     exit;
   } catch (ErrorException $e) {
     // ** This should be setup a little more robust so that it will work seemlessly
       // * for destop scripts and for '.data' scripts that return json objects

     // ** Need to output something here to show we have failed.

     $serviceErrorMsg = $e->getMessage();
     $serviceErrorCode = $e->getCode();

     // ** LOG THE exception
     if (isset($excHndlr)) {
       $excHndlr->logException($e);
     }
     require_once(dirname(__FILE__) . '/../includes/hcuErrorPage.i');

     exit;
   }
Mobile_Detect
Definition: Mobile_Detect.php:23

hcu_talk_base
Definition: hcuTranslate.i:16

CatchExceptionHandler
Definition: hcuLogError.i:218

CatchErrorHandler
Definition: hcuLogError.i:293