split source code of singleSignOn.php in many functions

added support for http basic authentification
remove useless "?SID=" values

6 files changed, 287 insertions, 136 deletions

diff --git a/php/Attic/examples/sample-idp/admin_user.php b/php/Attic/examples/sample-idp/admin_user.php
index 56b1f7e4..6ecdc8ca 100644
--- a/php/Attic/examples/sample-idp/admin_user.php
+++ b/php/Attic/examples/sample-idp/admin_user.php
@@ -49,7 +49,7 @@
 <html>
 <body onLoad="window.focus();">
 <table>
-<caption><?php echo ($_GET['type'] == 'user' ? 'Identity' : 'Session'); ?> Dump</caption>
+<caption><?php echo ($_GET['type'] == 'identity' ? 'Identity' : 'Session'); ?> Dump</caption>
 <tr>
   <td>
   <textarea rows="15" cols="50"><?php echo htmlentities($row[0], ENT_QUOTES); ?></textarea>
diff --git a/php/Attic/examples/sample-idp/setup.php b/php/Attic/examples/sample-idp/setup.php
index b1cc113f..9403f7d9 100644
--- a/php/Attic/examples/sample-idp/setup.php
+++ b/php/Attic/examples/sample-idp/setup.php
@@ -335,7 +335,8 @@
 		}
 		$setup = TRUE;
 	}
-		ob_start();
+        $setup_log = ob_get_contents();
+		ob_end_clean();
 ?>
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
@@ -345,24 +346,17 @@
   if ($setup == TRUE) {
 ?>
 <meta http-equiv="Refresh" CONTENT="3; URL=index.php">
-<?php } ?>
 </head>
 <body>
-<?php
-  ob_end_flush();
-  ob_end_flush();
-  ?>
+<?php echo $setup_log;  ?>
+<p><a href='index.php'>Back to Index</a></p>
 </body>
 </html>
 <?php
-  	if (empty($setup))
+    }
+    else
 	{
 ?>
-
-<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
-<head>
-<title>Setup script for Lasso (Liberty Alliance Single Sign On)</title>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-15" />
 <script language="JavaScript" type="text/javascript">
 <!-- 
 
@@ -385,9 +379,6 @@
 <tr>
   <td>DSN (Data Source Name) :</td><td><input type='text' name='dsn' size='50' value='<?php echo $config['dsn']; ?>' maxlength='100'></td><td><a href='http://pear.php.net/manual/en/package.database.db.intro-dsn.php' target='_new'>Help</a></td>
 </tr>
-<tr>
-  <td>Server XML Dump:</td><td><input type='text' name='server_dump_filename' size='50' value='<?php echo $config['server_dump_filename']; ?>' maxlength='100'></td><td>&nbsp;</td>
-</tr>
 </table>
 </p>
 <hr>
@@ -398,8 +389,8 @@
   <td>Authentification type :</td>
   <td>
   <select name='auth_type'>
-	<option value="auth_form">HTML Login/Password Form</option>
-	<option value="auth_basic">HTTP Auth Basic</option>
+    <option value="auth_form" <?php if ($config['auth_type'] == 'auth_form') echo 'selected' ?>>HTML Login/Password Form</option>
+	<option value="auth_basic" <?php if ($config['auth_type'] == 'auth_basic') echo 'selected' ?>>HTTP Auth Basic</option>
   </select>
   </td><td>&nbsp;</td>
 </tr>
@@ -411,19 +402,23 @@
 <caption>Identity Provider</caption>
 
 <tr>
-  <td>Metadata</td><td><input type='text' name='idp-metadata' size='50' value='<?php echo $config['idp-metadata']; ?>'></td><td>&nbsp;</td>
+  <td>Server XML Dump :</td><td><input type='text' name='server_dump_filename' size='50' value='<?php echo $config['server_dump_filename']; ?>' maxlength='100'></td><td>&nbsp;</td>
+</tr>
+
+<tr>
+  <td>Metadata :</td><td><input type='text' name='idp-metadata' size='50' value='<?php echo $config['idp-metadata']; ?>'></td><td>&nbsp;</td>
 </tr>
 
 <tr>
-  <td>Public Key</td><td><input type='text' name='idp-public_key' size='50' value='<?php echo $config['idp-public_key']; ?>'></td><td>&nbsp;</td>
+  <td>Public Key :</td><td><input type='text' name='idp-public_key' size='50' value='<?php echo $config['idp-public_key']; ?>'></td><td>&nbsp;</td>
 </tr>
 
 <tr>
-  <td>Private Key</td><td><input type='text' name='idp-private_key' size='50' value='<?php echo $config['idp-private_key']; ?>'></td><td>&nbsp;</td>
+  <td>Private Key :</td><td><input type='text' name='idp-private_key' size='50' value='<?php echo $config['idp-private_key']; ?>'></td><td>&nbsp;</td>
 </tr>
 
 <tr>
-  <td>Certificate</td><td><input type='text' name='idp-ca' size='50' value='<?php echo $config['idp-ca']; ?>'></td><td>&nbsp;</td>
+  <td>Certificate :</td><td><input type='text' name='idp-ca' size='50' value='<?php echo $config['idp-ca']; ?>'></td><td>&nbsp;</td>
 </tr>
 </table>
 </p>
@@ -437,15 +432,15 @@
 <caption>Service Provider <b><?php echo $sp ?></caption>
 
 <tr>
-  <td>Metadata</td><td><input type='text' name='sp^<?php echo $sp; ?>^metadata' size='50' value='<?php echo $config['sp'][$sp]['metadata']; ?>'></td>
+  <td>Metadata :</td><td><input type='text' name='sp^<?php echo $sp; ?>^metadata' size='50' value='<?php echo $config['sp'][$sp]['metadata']; ?>'></td>
   <td><a href="javascript:openpopup('edit_metadata.php?filename=<?php echo $config['sp'][$sp]['metadata']; ?>')">Edit Metadata</a></td>
 </tr>
 <tr>
-  <td>Public Key</td><td><input type='text' name='sp^<?php echo $sp; ?>^public_key' size='50' value='<?php echo $config['sp'][$sp]['public_key']; ?>'></td><td>&nbsp;</td>
+  <td>Public Key :</td><td><input type='text' name='sp^<?php echo $sp; ?>^public_key' size='50' value='<?php echo $config['sp'][$sp]['public_key']; ?>'></td><td>&nbsp;</td>
 
 </tr>
 <tr>
-  <td>Certificate</td><td><input type='text' name='sp^<?php echo $sp; ?>^ca' size='50' value='<?php echo $config['sp'][$sp]['ca']; ?>'></td><td>&nbsp;</td>
+  <td>Certificate :</td><td><input type='text' name='sp^<?php echo $sp; ?>^ca' size='50' value='<?php echo $config['sp'][$sp]['ca']; ?>'></td><td>&nbsp;</td>
 </tr>
 
 <tr>
@@ -466,20 +461,20 @@
 <caption>Add a new Service Provider</caption>
 
 <tr>
-  <td>Name</td><td><input type='text' name='sp' size='50'></td><td>&nbsp;</td>
+  <td>Name :</td><td><input type='text' name='sp' size='50'></td><td>&nbsp;</td>
 </tr>
 
 <tr>
-  <td>Metadata</td><td><input type='text' name='metadata' size='50'></td>
+  <td>Metadata :</td><td><input type='text' name='metadata' size='50'></td>
   <td><a href="javascript:openpopup('create_metadata.php')">Create Metadata</a></td>
 </tr>
 
 <tr>
-  <td>Public Key</td><td><input type='text' name='public_key' size='50'></td><td>&nbsp;</td>
+  <td>Public Key :</td><td><input type='text' name='public_key' size='50'></td><td>&nbsp;</td>
 </tr>
 
 <tr>
-  <td>Certificate</td><td><input type='text' name='ca' size='50'></td><td>&nbsp;</td>
+  <td>Certificate :</td><td><input type='text' name='ca' size='50'></td><td>&nbsp;</td>
 </tr>
 
 <tr>
diff --git a/php/Attic/examples/sample-idp/singleSignOn.php b/php/Attic/examples/sample-idp/singleSignOn.php
index 2aab4b40..5f664d92 100644
--- a/php/Attic/examples/sample-idp/singleSignOn.php
+++ b/php/Attic/examples/sample-idp/singleSignOn.php
@@ -22,19 +22,85 @@
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 
-  require_once 'HTML/QuickForm.php';
-  require_once 'DB.php';
+    require_once 'HTML/QuickForm.php';
+    require_once 'DB.php';
  
-  $config = unserialize(file_get_contents('config.inc'));
-
-  session_start();
+    $config = unserialize(file_get_contents('config.inc'));
+    
+    session_start();
   
-  lasso_init();
-
-  // Create Lasso Server
-  $server_dump = file_get_contents($config['server_dump_filename']);
-  $server = LassoServer::newFromDump($server_dump);
+    lasso_init();
+
+    // Create Lasso Server
+    $server_dump = file_get_contents($config['server_dump_filename']);
+    $server = LassoServer::newFromDump($server_dump);
+
+    // HTTP Basic Authentification
+    if ($config['auth_type'] == 'auth_basic')
+    {
+        if (!isset($_SERVER['PHP_AUTH_USER']))
+        {
+            sendHTTPBasicAuth();
+            exit;
+        }
+        else
+        {
+            $login = new LassoLogin($server);
+
+            // init login
+            updateDumpsFromSession($login);
+            initFromAuthnRequest($login);
+
+            // connect to the data base
+            $db = &DB::connect($config['dsn']);
+            if (DB::isError($db)) 
+                die($db->getMessage());
+
+          	// User must *NOT* Authenticate with the IdP 
+            if (!$login->mustAuthenticate()) 
+            {
+                $user_id = authentificateUser($db, $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
+                if (!$user_id) 
+                    die("Unknown User");
+                    
+                $array = getIdentityDumpAndSessionDumpFromUserID($db, $user_id);
+                if (empty($array))
+                    die("Could not get Identity and Session Dump");
+
+                $login->setIdentityFromDump($array['identity_dump']);
+                $login->setSessionFromDump($array['session_dump']);
+	  
+                doneSingleSignOn($db, $login, $user_id);
+                $db->disconnect();
+                exit;
+            }
+
+            // Check Login and Password
+            if (!($user_id = authentificateUser($db, $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])))
+            {
+                sendHTTPBasicAuth();
+                $db->disconnect();
+                exit;
+            }
+            else
+            {
+                $array = getIdentityDumpAndSessionDumpFromUserID($db, $user_id);
+                $is_first_sso = (empty($array) ? TRUE : FALSE);
+
+                if (!$is_first_sso)
+                {
+                    $login->setIdentityFromDump($array['identity_dump']);
+                    $login->setSessionFromDump($array['session_dump']);
+                } 
+                doneSingleSignOn($db, $login, $user_id, $is_first_sso);
+            }
+            $db->disconnect();
+        }
+        exit;
+  }
 
+  // HTML Form Authentification
+  
   // Create the form
   $form = new HTML_QuickForm('frm');
   
@@ -48,6 +114,92 @@
   $form->addRule('password', 'Please enter the Password', 'required', null, 'client');
 
   /*
+   * 
+   */
+  function sendHTTPBasicAuth()
+  {
+    header('WWW-Authenticate: Basic realm="Lasso Identity Provider One"');
+    header('HTTP/1.0 401 Unauthorized');
+    echo "Acces Denied";
+  }
+
+  /*
+   * Update Identity dump
+   */
+   function updateIdentityDump($db, $user_id, $identity_dump)
+   {
+       	$query = "UPDATE users SET identity_dump=".$db->quoteSmart($identity_dump);
+		$query .= " WHERE user_id='$user_id'";
+
+		$res =& $db->query($query);
+		if (DB::isError($res)) 
+		  die($res->getMessage());
+   }
+
+   /*
+   * Update Session dump
+   */
+   function updateSessionDump($db, $user_id, $session_dump)
+   {
+		$query = "UPDATE users SET session_dump=".$db->quoteSmart($session_dump);
+		$query .= " WHERE user_id='$user_id'";
+
+		$res =& $db->query($query);
+		if (DB::isError($res)) 
+		  die($res->getMessage());
+   }
+
+   /*
+    * Save the Assertion Artifact in the database
+    */
+   function saveAssertionArtifact($db, $artifact, $assertion)
+   {
+	  $assertion_dump = $assertion->dump();
+
+	  if (empty($assertion_dump))
+		die("assertion dump is empty");
+		
+	  // Save assertion 
+	  $query = 	"INSERT INTO assertions (assertion, response_dump, created) VALUES ";
+	  $query .= "('".$artifact."',".$db->quoteSmart($assertion_dump).", NOW())";
+
+	  $res =& $db->query($query);
+  	  if (DB::isError($res)) 
+		die($res->getMessage());
+   }
+
+  /*
+   * Update Session and Identity Dump from PHP Session variables
+   */
+  function updateDumpsFromSession(&$login)
+  {
+	// Get session and identity dump if there are available
+	if (!empty($_SESSION['session_dump']))
+	  $login->setSessionFromDump($_SESSION['session_dump']);
+
+	if (!empty($_SESSION['identity_dump']))
+	  $login->setIdentityFromDump($_SESSION['identity_dump']);
+  }
+
+  /*
+   * Init Lasso login from AuthnRequestMsg
+   */
+  function initFromAuthnRequest(&$login)
+  {
+	switch ($_SERVER['REQUEST_METHOD'])
+	{
+	  case 'GET':
+		$login->initFromAuthnRequestMsg($_SERVER['QUERY_STRING'], lassoHttpMethodRedirect);
+		break;
+	  case 'POST':
+		die("methode POST not implemented"); // TODO
+		break;
+	  default:
+		die("Unknown request method"); 
+	}
+  }
+  
+  /*
    * This function authentificate the user against the Postgres Database
    */
   function authentificateUser($db, $username, $password)
@@ -68,9 +220,52 @@
   }
 
   /*
+   * Get UserID from the NameIdentifier
+   * return user_id or 0 if not found
+   */
+  function getUserIDFromNameIdentifier($db, $nameidentifier)
+  {
+      $query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='$nameidentifier'";
+      echo $query;
+	  
+	  $res =& $db->query($query);
+	  if (DB::isError($res)) 
+  		die($res->getMessage());
+		
+      // UserID not found
+	  if (!$res->numRows()) 
+        return (0);
+	  
+	  $row = $res->fetchRow();
+      return ($row[0]);
+  }
+
+  /*
    * 
    */
-  function doneSingleSignOn($db, $login, $user_id, $is_first_sso)
+   function getIdentityDumpAndSessionDumpFromUserID($db, $user_id)
+   {
+      // User is authentificated
+	  $query = "SELECT identity_dump,session_dump FROM users WHERE identity_dump";
+	  $query .= " IS NOT NULL AND session_dump IS NOT NULL AND user_id='$user_id'";
+
+	  $res =& $db->query($query);
+	  if (DB::isError($res)) 
+		die($res->getMessage());
+
+	  if ($res->numRows()) 
+	  {
+		$row =& $res->fetchRow();
+        $ret = array("identity_dump" => $row[0], "session_dump" => $row[1]);
+        return ($ret);
+	  } 
+   }
+
+
+  /*
+   * 
+   */
+  function doneSingleSignOn($db, &$login, $user_id, $is_first_sso = FALSE)
   {
 	  $authenticationMethod = 
 	  (($_SERVER["HTTPS"] == 'on') ? lassoSamlAuthenticationMethodSecureRemotePassword : lassoSamlAuthenticationMethodPassword);
@@ -113,45 +308,19 @@
 	  $identity = $login->identity;
 	  // do we need to update identity dump?
 	  if ($login->isIdentityDirty)
-	  {
-		$query = "UPDATE users SET identity_dump=".$db->quoteSmart($identity->dump());
-		$query .= " WHERE user_id='$user_id'";
-
-		$res =& $db->query($query);
-		if (DB::isError($res)) 
-		  die($res->getMessage());
-	  }
+        updateIdentityDump($db, $user_id, $identity->dump());
 
 	  $session = $login->session;
 	  // do we need to update session dump?
 	  if ($login->isSessionDirty)
-	  {
-		$query = "UPDATE users SET session_dump=".$db->quoteSmart($identity->dump());
-		$query .= " WHERE user_id='$user_id'";
-
-		$res =& $db->query($query);
-		if (DB::isError($res)) 
-		  die($res->getMessage());
-	  }
+        updateSessionDump($db, $user_id, $session->dump());
 
 	  if (empty($login->assertionArtifact))
 		die("assertion Artifact is empty");
 
-	  $assertion = $login->assertion;
-	  $assertion_dump = $assertion->dump();
+      saveAssertionArtifact($db, $login->assertionArtifact, $login->assertion);
 
-	  if (empty($assertion_dump))
-		die("assertion dump is empty");
-		
-	  // Save assertion 
-	  $query = 	"INSERT INTO assertions (assertion, response_dump, created) VALUES ";
-	  $query .= "('".$login->assertionArtifact."',".$db->quoteSmart($assertion_dump).", NOW())";
-
-	  $res =& $db->query($query);
-  	  if (DB::isError($res)) 
-		die($res->getMessage());
-
-	  $_SESSION['login_dump'] = ''; // delete login_dump 
+	  unset($_SESSION['login_dump']); // delete login_dump 
 	  $_SESSION['identity_dump'] = $session->dump();
 	  $_SESSION['session_dump'] = $session->dump();
 
@@ -179,33 +348,24 @@
 	if (empty($_SESSION['login_dump']))
 	  die("Login dump is not registred");
 
-	// conect to the data base
+	// connect to the data base
 	$db = &DB::connect($config['dsn']);
 	if (DB::isError($db)) 
 	  die($db->getMessage());
 
-	$login = LassoLogin::newfromdump($server, $_SESSION['login_dump']);
+	$login = LassoLogin::newFromDump($server, $_SESSION['login_dump']);
 
 	if (($user_id = authentificateUser($db, $form->exportValue('username'), 
 	  $form->exportValue('password')))) 
 	{
-	  // User is authentificated
-	  $query = "SELECT identity_dump,session_dump FROM users WHERE identity_dump";
-	  $query .= " IS NOT NULL AND session_dump IS NOT NULL AND user_id='$user_id'";
-
-	  $res =& $db->query($query);
-	  if (DB::isError($res)) 
-		die($res->getMessage());
+      $array = getIdentityDumpAndSessionDumpFromUserID($db, $user_id);
+      $is_first_sso = (empty($array) ? TRUE : FALSE);
 
-	  $is_first_sso = FALSE;
-	  if ($res->numRows()) 
-	  {
-		$row =& $res->fetchRow();
-		$login->setIdentityFromDump($row[0]);
-		$login->setSessionFromDump($row[1]);
+      if (!$is_first_sso)
+      {
+		$login->setIdentityFromDump($array['identity_dump']);
+		$login->setSessionFromDump($array['session_dump']);
 	  } 
-	  else
-		$is_first_sso = TRUE;
 
 	  doneSingleSignOn($db, $login, $user_id, $is_first_sso);
 	  $db->disconnect();
@@ -216,24 +376,9 @@
   {
   	$login = new LassoLogin($server);
 
-	// Get session and identity dump if there are available
-	if (!empty($_SESSION['session_dump']))
-	  $login->setSessionFromDump($_SESSION['session_dump']);
-
-	if (!empty($_SESSION['identity_dump']))
-	  $login->setIdentityFromDump($_SESSION['identity_dump']);
-	
-	switch ($_SERVER['REQUEST_METHOD'])
-	{
-	  case 'GET':
-		$login->initFromAuthnRequestMsg($_SERVER['QUERY_STRING'], lassoHttpMethodRedirect);
-		break;
-	  case 'POST':
-		die("methode POST not implemented"); // TODO
-		break;
-	  default:
-		die("Unknown request method"); 
-	}
+    // init login
+    updateDumpsFromSession($login);
+    initFromAuthnRequest($login);
 	
 	// User must NOT Authenticate with the IdP 
 	if (!$login->mustAuthenticate()) 
@@ -242,21 +387,13 @@
 	  $db = &DB::connect($config['dsn']);
 	  if (DB::isError($db)) 
 		die($db->getMessage());
-
-	  $query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='";
-	  $query .= $login->nameIdentifier . "'";
+        
+      $user_id = getUserIDFromNameIdentifier($db, $login->nameIdentifier);
 	  
-	  $res =& $db->query($query);
-	  if (DB::isError($res)) 
-  		die($res->getMessage());
-		
-	  if (!$res->numRows()) 
+	  if (!$user_id) 
 		die("Unknown User");
 	  
-	  $row = $res->fetchRow();
-	  $user_id = $row[0];
-
-	  doneSingleSignOn($db, $user_id);
+	  doneSingleSignOn($db, $login, $user_id);
 	  $db->disconnect();
 	  exit;
 	}
diff --git a/php/Attic/examples/sample-idp/soapEndpoint.php b/php/Attic/examples/sample-idp/soapEndpoint.php
index 633aa483..f45c12de 100644
--- a/php/Attic/examples/sample-idp/soapEndpoint.php
+++ b/php/Attic/examples/sample-idp/soapEndpoint.php
@@ -116,7 +116,7 @@
 	  $row = $res->fetchRow();
 	  $user_id = $row[0];
 
-	  $query = "SELECT user_dump,session_dump FROM users WHERE user_id='$user_id'";
+	  $query = "SELECT identity_dump,session_dump FROM users WHERE user_id='$user_id'";
 
 	  $res =& $db->query($query);
 	  if (DB::isError($res)) 
@@ -146,8 +146,8 @@
 	  if ($logout->isIdentityDirty)
 	  {
 		$identity = $logout->identity;
-		$query = "UPDATE users SET user_dump=".$db->quoteSmart($identity->dump());
-		$query .= " WHERE user_id='$user_id'";
+		$query = "UPDATE users SET identity_dump=".$db->quoteSmart($identity->dump());
+		$query .= " WHERE identity_id='$user_id'";
 
 		$res =& $db->query($query);
 		if (DB::isError($res)) 
@@ -179,15 +179,37 @@
 		  die("Logout failed with : " . $providerID);
 		}
 		
-		while (!feof($fp)) {
-		  $reponse .= @fread($fp, 8192);
-		}
-
-		fclose($fp);
-
-		list($header, $body) = preg_split("/(\r\n\r\n|\n\n)/", $reponse, 2);
-
-		$logout->processResponseMsg($body, lassoHttpMethodSoap);
+        // header
+        do $header .= fread($fp, 1); while (!preg_match('/\\r\\n\\r\\n$/',$header));
+
+        // chunked encoding
+        if (preg_match('/Transfer\\-Encoding:\\s+chunked\\r\\n/',$header))
+        {
+            do {
+                $byte = '';
+                $chunk_size = '';
+                
+                do {
+                    $chunk_size .= $byte;
+                    $byte = fread($fp, 1);
+                } while ($byte != "\\r");     
+	  
+                fread($fp, 1);    
+                $chunk_size = hexdec($chunk_size); 
+                $response .= fread($fp, $chunk_size);
+                fread($fp, 2);          
+            } while ($chunk_size);        
+        }
+        else
+        {
+            if (preg_match('/Content\\-Length:\\s+([0-9]+)\\r\\n/', $header, $matches))
+                $response = fread($fp, $matches[1]);
+            else 
+                while (!feof($fp)) $response .= fread($fp, 1024);
+        }
+        fclose($fp);
+
+		$logout->processResponseMsg($response, lassoHttpMethodSoap);
 	  } 
 	  
 	  $logout->buildResponseMsg();
diff --git a/php/Attic/examples/sample-sp/assertionConsumer.php b/php/Attic/examples/sample-sp/assertionConsumer.php
index 1413fd59..5de00e98 100644
--- a/php/Attic/examples/sample-sp/assertionConsumer.php
+++ b/php/Attic/examples/sample-sp/assertionConsumer.php
@@ -128,7 +128,7 @@
 	$_SESSION["session_dump"] = $session->dump();
 	$_SESSION["user_id"] = $user_id;
 
-	$url = "index.php?SID=". $SID;
+	$url = "index.php";
   }
   else 
   {
@@ -166,7 +166,7 @@
 	$_SESSION["session_dump"] = $session->dump();
 	$_SESSION["user_id"] = $user_id;
 
-	$url = "register.php?SID=". $SID;
+	$url = "register.php";
   }
   
   // Update last_login
diff --git a/php/Attic/examples/sample-sp/index.php b/php/Attic/examples/sample-sp/index.php
index c7b2d39b..700198f4 100644
--- a/php/Attic/examples/sample-sp/index.php
+++ b/php/Attic/examples/sample-sp/index.php
@@ -52,10 +52,7 @@ You can get more informations about <b>Lasso</b> at <br>
 
  require_once 'DB.php';
 
- if (!empty($_GET['SID'])) 
-  session_start($_GET['SID']);
- else
-  session_start();
+ session_start();
 
  lasso_init();
  
@@ -90,7 +87,7 @@ You can get more informations about <b>Lasso</b> at <br>
 </tr>
 <?php } else { ?>
 <tr>
-  <td><a href="logout.php?SID=<?php echo $SID ?>">Logout!</a></td>
+  <td><a href="logout.php">Logout!</a></td>
 </tr>
 <?php } ?>
 </table>