| author | Giulio Cesare Solaroli <giulio.cesare@clipperz.com> | 2011-10-06 22:57:46 (UTC) |
|---|---|---|
| committer | Giulio Cesare Solaroli <giulio.cesare@clipperz.com> | 2011-10-06 22:57:46 (UTC) |
| commit | 647a8a53917dd15dc81caaeb36c658e18e579ab0 (patch) (unidiff) | |
| tree | 16caa4aca7c943632f9398360fc7f9a9ef3b3f0e | |
| parent | a26b219b6f4f3fee727d9b23d8cd374f6b32a4fa (diff) | |
| download | clipperz-647a8a53917dd15dc81caaeb36c658e18e579ab0.zip clipperz-647a8a53917dd15dc81caaeb36c658e18e579ab0.tar.gz clipperz-647a8a53917dd15dc81caaeb36c658e18e579ab0.tar.bz2 | |
Fixed the formatting of PHP code
| -rw-r--r-- | backend/php/src/index.php | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/backend/php/src/index.php b/backend/php/src/index.php index 3d23e7a..214ac01 100644 --- a/backend/php/src/index.php +++ b/backend/php/src/index.php | |||
| @@ -1,754 +1,755 @@ | |||
| 1 | <?php | 1 | <?php |
| 2 | include "./configuration.php"; | 2 | include "./configuration.php"; |
| 3 | include "./objects/class.database.php"; | 3 | include "./objects/class.database.php"; |
| 4 | include "./objects/class.user.php"; | 4 | include "./objects/class.user.php"; |
| 5 | include "./objects/class.record.php"; | 5 | include "./objects/class.record.php"; |
| 6 | include "./objects/class.recordversion.php"; | 6 | include "./objects/class.recordversion.php"; |
| 7 | include "./objects/class.onetimepassword.php"; | 7 | include "./objects/class.onetimepassword.php"; |
| 8 | include "./objects/class.onetimepasswordstatus.php"; | 8 | include "./objects/class.onetimepasswordstatus.php"; |
| 9 | 9 | ||
| 10 | //----------------------------------------------------------------------------- | 10 | //----------------------------------------------------------------------------- |
| 11 | 11 | ||
| 12 | if ( !function_exists('json_decode') ) { | 12 | if ( !function_exists('json_decode') ) { |
| 13 | function json_decode($content, $assoc=false) { | 13 | function json_decode($content, $assoc=false) { |
| 14 | require_once 'json/JSON.php'; | 14 | require_once 'json/JSON.php'; |
| 15 | if ( $assoc ) { | 15 | if ( $assoc ) { |
| 16 | $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE); | 16 | $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE); |
| 17 | } else { | 17 | } else { |
| 18 | $json = new Services_JSON; | 18 | $json = new Services_JSON; |
| 19 | } | 19 | } |
| 20 | 20 | ||
| 21 | return $json->decode($content); | 21 | return $json->decode($content); |
| 22 | } | 22 | } |
| 23 | } | 23 | } |
| 24 | 24 | ||
| 25 | if ( !function_exists('json_encode') ) { | 25 | if ( !function_exists('json_encode') ) { |
| 26 | function json_encode($content) { | 26 | function json_encode($content) { |
| 27 | require_once 'json/JSON.php'; | 27 | require_once 'json/JSON.php'; |
| 28 | $json = new Services_JSON; | 28 | $json = new Services_JSON; |
| 29 | 29 | ||
| 30 | return $json->encode($content); | 30 | return $json->encode($content); |
| 31 | } | 31 | } |
| 32 | } | 32 | } |
| 33 | 33 | ||
| 34 | //----------------------------------------------------------------------------- | 34 | //----------------------------------------------------------------------------- |
| 35 | //'dec2base', 'base2dec' and 'digits' are functions found on the following | 35 | //'dec2base', 'base2dec' and 'digits' are functions found on the following |
| 36 | //PHP manual page: http://ch2.php.net/manual/en/ref.bc.php | 36 | //PHP manual page: http://ch2.php.net/manual/en/ref.bc.php |
| 37 | // | 37 | // |
| 38 | 38 | ||
| 39 | function dec2base($dec, $base, $digits=FALSE) { | 39 | function dec2base($dec, $base, $digits=FALSE) { |
| 40 | if ($base<2 or $base>256) { | 40 | if ($base<2 or $base>256) { |
| 41 | die("Invalid Base: ".$base); | 41 | die("Invalid Base: ".$base); |
| 42 | } | 42 | } |
| 43 | 43 | ||
| 44 | bcscale(0); | 44 | bcscale(0); |
| 45 | $value=""; | 45 | $value=""; |
| 46 | if (!$digits) { | 46 | if (!$digits) { |
| 47 | $digits = digits($base); | 47 | $digits = digits($base); |
| 48 | } | 48 | } |
| 49 | 49 | ||
| 50 | while ($dec > $base-1) { | 50 | while ($dec > $base-1) { |
| 51 | $rest = bcmod($dec, $base); | 51 | $rest = bcmod($dec, $base); |
| 52 | $dec = bcdiv($dec, $base); | 52 | $dec = bcdiv($dec, $base); |
| 53 | $value = $digits[$rest].$value; | 53 | $value = $digits[$rest].$value; |
| 54 | } | 54 | } |
| 55 | 55 | ||
| 56 | $value=$digits[intval($dec)].$value; | 56 | $value=$digits[intval($dec)].$value; |
| 57 | 57 | ||
| 58 | return (string)$value; | 58 | return (string)$value; |
| 59 | } | 59 | } |
| 60 | 60 | ||
| 61 | //............................................................................. | 61 | //............................................................................. |
| 62 | 62 | ||
| 63 | // convert another base value to its decimal value | 63 | // convert another base value to its decimal value |
| 64 | function base2dec($value, $base, $digits=FALSE) { | 64 | function base2dec($value, $base, $digits=FALSE) { |
| 65 | if ($base<2 or $base>256) { | 65 | if ($base<2 or $base>256) { |
| 66 | die("Invalid Base: ".$base); | 66 | die("Invalid Base: ".$base); |
| 67 | } | 67 | } |
| 68 | 68 | ||
| 69 | bcscale(0); | 69 | bcscale(0); |
| 70 | if ($base<37) { | 70 | if ($base<37) { |
| 71 | $value=strtolower($value); | 71 | $value=strtolower($value); |
| 72 | } | 72 | } |
| 73 | 73 | ||
| 74 | if (!$digits) { | 74 | if (!$digits) { |
| 75 | $digits=digits($base); | 75 | $digits=digits($base); |
| 76 | } | 76 | } |
| 77 | 77 | ||
| 78 | $size = strlen($value); | 78 | $size = strlen($value); |
| 79 | $dec="0"; | 79 | $dec="0"; |
| 80 | for ($loop=0; $loop<$size; $loop++) { | 80 | for ($loop=0; $loop<$size; $loop++) { |
| 81 | $element = strpos($digits, $value[$loop]); | 81 | $element = strpos($digits, $value[$loop]); |
| 82 | $power = bcpow($base, $size-$loop-1); | 82 | $power = bcpow($base, $size-$loop-1); |
| 83 | $dec = bcadd($dec, bcmul($element,$power)); | 83 | $dec = bcadd($dec, bcmul($element,$power)); |
| 84 | } | 84 | } |
| 85 | 85 | ||
| 86 | return (string)$dec; | 86 | return (string)$dec; |
| 87 | } | 87 | } |
| 88 | 88 | ||
| 89 | //............................................................................. | 89 | //............................................................................. |
| 90 | 90 | ||
| 91 | function digits($base) { | 91 | function digits($base) { |
| 92 | if ($base>64) { | 92 | if ($base>64) { |
| 93 | $digits=""; | 93 | $digits=""; |
| 94 | for ($loop=0; $loop<256; $loop++) { | 94 | for ($loop=0; $loop<256; $loop++) { |
| 95 | $digits.=chr($loop); | 95 | $digits.=chr($loop); |
| 96 | } | 96 | } |
| 97 | } else { | 97 | } else { |
| 98 | $digits ="0123456789abcdefghijklmnopqrstuvwxyz"; | 98 | $digits ="0123456789abcdefghijklmnopqrstuvwxyz"; |
| 99 | $digits.="ABCDEFGHIJKLMNOPQRSTUVWXYZ-_"; | 99 | $digits.="ABCDEFGHIJKLMNOPQRSTUVWXYZ-_"; |
| 100 | } | 100 | } |
| 101 | 101 | ||
| 102 | $digits=substr($digits,0,$base); | 102 | $digits=substr($digits,0,$base); |
| 103 | 103 | ||
| 104 | return (string)$digits; | 104 | return (string)$digits; |
| 105 | } | 105 | } |
| 106 | 106 | ||
| 107 | //----------------------------------------------------------------------------- | 107 | //----------------------------------------------------------------------------- |
| 108 | 108 | ||
| 109 | function clipperz_hash($value) { | 109 | function clipperz_hash($value) { |
| 110 | return hash("sha256", hash("sha256", $value, true)); | 110 | return hash("sha256", hash("sha256", $value, true)); |
| 111 | } | 111 | } |
| 112 | 112 | ||
| 113 | //----------------------------------------------------------------------------- | 113 | //----------------------------------------------------------------------------- |
| 114 | 114 | ||
| 115 | function clipperz_randomSeed() { | 115 | function clipperz_randomSeed() { |
| 116 | $result; | 116 | $result; |
| 117 | 117 | ||
| 118 | srand((double) microtime()*1000000); | 118 | srand((double) microtime()*1000000); |
| 119 | $result = ""; | 119 | $result = ""; |
| 120 | 120 | ||
| 121 | while(strlen($result) < 64) { | 121 | while(strlen($result) < 64) { |
| 122 | $result = $result.dec2base(rand(), 16); | 122 | $result = $result.dec2base(rand(), 16); |
| 123 | } | 123 | } |
| 124 | 124 | ||
| 125 | $result = substr($result, 0, 64); | 125 | $result = substr($result, 0, 64); |
| 126 | 126 | ||
| 127 | return $result; | 127 | return $result; |
| 128 | } | 128 | } |
| 129 | 129 | ||
| 130 | //----------------------------------------------------------------------------- | 130 | //----------------------------------------------------------------------------- |
| 131 | 131 | ||
| 132 | function updateUserCredentials($parameters, &$user) { | 132 | function updateUserCredentials($parameters, &$user) { |
| 133 | $user->username = $parameters["C"]; | 133 | $user->username = $parameters["C"]; |
| 134 | $user->srp_s = $parameters["s"]; | 134 | $user->srp_s = $parameters["s"]; |
| 135 | $user->srp_v = $parameters["v"]; | 135 | $user->srp_v = $parameters["v"]; |
| 136 | $user->auth_version =$parameters["version"]; | 136 | $user->auth_version =$parameters["version"]; |
| 137 | } | 137 | } |
| 138 | 138 | ||
| 139 | function updateUserData($parameters, &$user) { | 139 | function updateUserData($parameters, &$user) { |
| 140 | $user->header = $parameters["header"]; | 140 | $user->header = $parameters["header"]; |
| 141 | $user->statistics =$parameters["statistics"]; | 141 | $user->statistics =$parameters["statistics"]; |
| 142 | $user->version =$parameters["version"]; | 142 | $user->version =$parameters["version"]; |
| 143 | $user->lock = $parameters["lock"]; | 143 | $user->lock = $parameters["lock"]; |
| 144 | } | 144 | } |
| 145 | 145 | ||
| 146 | function updateRecordData($parameters, &$record, &$recordVersion) { | 146 | function updateRecordData($parameters, &$record, &$recordVersion) { |
| 147 | $recordData = $parameters["record"]; | 147 | $recordData = $parameters["record"]; |
| 148 | $record->reference =$recordData["reference"]; | 148 | $record->reference =$recordData["reference"]; |
| 149 | $record->data = $recordData["data"]; | 149 | $record->data = $recordData["data"]; |
| 150 | $record->version = $recordData["version"]; | 150 | $record->version = $recordData["version"]; |
| 151 | 151 | ||
| 152 | $recordVersionData = $parameters["currentRecordVersion"]; | 152 | $recordVersionData = $parameters["currentRecordVersion"]; |
| 153 | $recordVersion->reference = $recordVersionData ["reference"]; | 153 | $recordVersion->reference = $recordVersionData ["reference"]; |
| 154 | $recordVersion->data = $recordVersionData ["data"]; | 154 | $recordVersion->data = $recordVersionData ["data"]; |
| 155 | $recordVersion->version = $recordVersionData ["version"]; | 155 | $recordVersion->version = $recordVersionData ["version"]; |
| 156 | $recordVersion->previous_version_id =$recordVersionData ["previousVersion"]; | 156 | $recordVersion->previous_version_id =$recordVersionData ["previousVersion"]; |
| 157 | $recordVersion->previous_version_key =$recordVersionData ["previousVersionKey"]; | 157 | $recordVersion->previous_version_key =$recordVersionData ["previousVersionKey"]; |
| 158 | } | 158 | } |
| 159 | 159 | ||
| 160 | //----------------------------------------------------------------------------- | 160 | //----------------------------------------------------------------------------- |
| 161 | 161 | ||
| 162 | function updateOTPStatus(&$otp, $status) { | 162 | function updateOTPStatus(&$otp, $status) { |
| 163 | $otpStatus = new onetimepasswordstatus(); | 163 | $otpStatus = new onetimepasswordstatus(); |
| 164 | $selectedStatuses = $otpStatus->GetList(array(array("code", "=", $status))); | 164 | $selectedStatuses = $otpStatus->GetList(array(array("code", "=", $status))); |
| 165 | $otpStatus = $selectedStatuses[0]; | 165 | $otpStatus = $selectedStatuses[0]; |
| 166 | $otp->SetOnetimepasswordstatus($otpStatus); | 166 | $otp->SetOnetimepasswordstatus($otpStatus); |
| 167 | } | 167 | } |
| 168 | 168 | ||
| 169 | function updateOTP($parameters, &$otp, $status) { | 169 | function updateOTP($parameters, &$otp, $status) { |
| 170 | $otp->reference = $parameters["reference"]; | 170 | $otp->reference = $parameters["reference"]; |
| 171 | $otp->key = $parameters["key"]; | 171 | $otp->key = $parameters["key"]; |
| 172 | $otp->key_checksum= $parameters["keyChecksum"]; | 172 | $otp->key_checksum= $parameters["keyChecksum"]; |
| 173 | $otp->data = $parameters["data"]; | 173 | $otp->data = $parameters["data"]; |
| 174 | $otp->version = $parameters["version"]; | 174 | $otp->version = $parameters["version"]; |
| 175 | 175 | ||
| 176 | updateOTPStatus($otp, $status); | 176 | updateOTPStatus($otp, $status); |
| 177 | } | 177 | } |
| 178 | 178 | ||
| 179 | function resetOTP(&$otp, $status) { | 179 | function resetOTP(&$otp, $status) { |
| 180 | $otp->data = ""; | 180 | $otp->data = ""; |
| 181 | updateOTPStatus($otp, $status); | 181 | updateOTPStatus($otp, $status); |
| 182 | $otp->Save(); | 182 | $otp->Save(); |
| 183 | } | 183 | } |
| 184 | 184 | ||
| 185 | //----------------------------------------------------------------------------- | 185 | //----------------------------------------------------------------------------- |
| 186 | 186 | ||
| 187 | function fixOTPStatusTable() { | 187 | function fixOTPStatusTable() { |
| 188 | $otpStatus = new onetimepasswordstatus(); | 188 | $otpStatus = new onetimepasswordstatus(); |
| 189 | $otpStatusList = $otpStatus->GetList(); | 189 | $otpStatusList = $otpStatus->GetList(); |
| 190 | if (count($otpStatusList) != 4) { | 190 | if (count($otpStatusList) != 4) { |
| 191 | $otpStatus->DeleteList(); | 191 | $otpStatus->DeleteList(); |
| 192 | 192 | ||
| 193 | $otpStatus->code = "ACTIVE"; $otpStatus->name = "Active"; $otpStatus->description = "Active"; $otpStatus->SaveNew(); | 193 | $otpStatus->code = "ACTIVE"; $otpStatus->name = "Active"; $otpStatus->description = "Active"; $otpStatus->SaveNew(); |
| 194 | $otpStatus->code = "REQUESTED"; $otpStatus->name = "Requested"; $otpStatus->description = "Requested";$otpStatus->SaveNew(); | 194 | $otpStatus->code = "REQUESTED"; $otpStatus->name = "Requested"; $otpStatus->description = "Requested";$otpStatus->SaveNew(); |
| 195 | $otpStatus->code = "USED"; $otpStatus->name = "Used"; $otpStatus->description = "Used"; $otpStatus->SaveNew(); | 195 | $otpStatus->code = "USED"; $otpStatus->name = "Used"; $otpStatus->description = "Used"; $otpStatus->SaveNew(); |
| 196 | $otpStatus->code = "DISABLED"; $otpStatus->name = "Disabled"; $otpStatus->description = "Disabled";$otpStatus->SaveNew(); | 196 | $otpStatus->code = "DISABLED"; $otpStatus->name = "Disabled"; $otpStatus->description = "Disabled";$otpStatus->SaveNew(); |
| 197 | } | 197 | } |
| 198 | } | 198 | } |
| 199 | 199 | ||
| 200 | //----------------------------------------------------------------------------- | 200 | //----------------------------------------------------------------------------- |
| 201 | 201 | ||
| 202 | function arrayContainsValue($array, $value) { | 202 | function arrayContainsValue($array, $value) { |
| 203 | $object = NULL; | 203 | $object = NULL; |
| 204 | for ($i=0; $i<count($array); $i++) { | 204 | for ($i=0; $i<count($array); $i++) { |
| 205 | if ($array[$i] == $value) { | 205 | if ($array[$i] == $value) { |
| 206 | $object = $value; | 206 | $object = $value; |
| 207 | } | 207 | } |
| 208 | } | 208 | } |
| 209 | 209 | ||
| 210 | return !is_null($object); | 210 | return !is_null($object); |
| 211 | } | 211 | } |
| 212 | 212 | ||
| 213 | //----------------------------------------------------------------------------- | 213 | //----------------------------------------------------------------------------- |
| 214 | 214 | ||
| 215 | $result = Array(); | 215 | $result = Array(); |
| 216 | 216 | ||
| 217 | session_start(); | 217 | session_start(); |
| 218 | 218 | ||
| 219 | $method = $_POST['method']; | 219 | $method = $_POST['method']; |
| 220 | 220 | ||
| 221 | if (get_magic_quotes_gpc()) { | 221 | if (get_magic_quotes_gpc()) { |
| 222 | $parameters = json_decode(stripslashes($_POST['parameters']), true); | 222 | $parameters = json_decode(stripslashes($_POST['parameters']), true); |
| 223 | } else { | 223 | } else { |
| 224 | $parameters = json_decode($_POST['parameters'], true); | 224 | $parameters = json_decode($_POST['parameters'], true); |
| 225 | } | 225 | } |
| 226 | 226 | ||
| 227 | $parameters = $parameters["parameters"]; | 227 | $parameters = $parameters["parameters"]; |
| 228 | 228 | ||
| 229 | switch($method) { | 229 | switch($method) { |
| 230 | case "registration": | 230 | case "registration": |
| 231 | error_log("registration"); | 231 | error_log("registration"); |
| 232 | $message = $parameters["message"]; | 232 | $message = $parameters["message"]; |
| 233 | 233 | ||
| 234 | if ($message == "completeRegistration") { | 234 | if ($message == "completeRegistration") { |
| 235 | $user = new user(); | 235 | $user = new user(); |
| 236 | 236 | ||
| 237 | updateUserCredentials($parameters["credentials"], $user); | 237 | updateUserCredentials($parameters["credentials"], $user); |
| 238 | updateUserData($parameters["user"], $user); | 238 | updateUserData($parameters["user"], $user); |
| 239 | $user->Save(); | 239 | $user->Save(); |
| 240 | 240 | ||
| 241 | $result["lock"] = $user->lock; | 241 | $result["lock"] = $user->lock; |
| 242 | $result["result"] = "done"; | 242 | $result["result"] = "done"; |
| 243 | } | 243 | } |
| 244 | break; | 244 | break; |
| 245 | 245 | ||
| 246 | case "handshake": | 246 | case "handshake": |
| 247 | error_log("handshake"); | 247 | error_log("handshake"); |
| 248 | $srp_g = "2"; | 248 | $srp_g = "2"; |
| 249 | $srp_n = base2dec("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); | 249 | $srp_n = base2dec("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); |
| 250 | 250 | ||
| 251 | $message = $parameters["message"]; | 251 | $message = $parameters["message"]; |
| 252 | 252 | ||
| 253 | //============================================================= | 253 | //============================================================= |
| 254 | if ($message == "connect") { | 254 | if ($message == "connect") { |
| 255 | $user= new user(); | 255 | $user= new user(); |
| 256 | $_SESSION["C"] = $parameters["parameters"]["C"]; | 256 | $_SESSION["C"] = $parameters["parameters"]["C"]; |
| 257 | $_SESSION["A"] = $parameters["parameters"]["A"]; | 257 | $_SESSION["A"] = $parameters["parameters"]["A"]; |
| 258 | 258 | ||
| 259 | $userList = $user->GetList(array(array("username", "=", $_SESSION["C"]))); | 259 | $userList = $user->GetList(array(array("username", "=", $_SESSION["C"]))); |
| 260 | 260 | ||
| 261 | if (count($userList) == 1) { | 261 | if (count($userList) == 1) { |
| 262 | $currentUser = $userList[ 0 ]; | 262 | $currentUser = $userList[ 0 ]; |
| 263 | 263 | ||
| 264 | if (array_key_exists("otpId", $_SESSION)) { | 264 | if (array_key_exists("otpId", $_SESSION)) { |
| 265 | $otp = new onetimepassword(); | 265 | $otp = new onetimepassword(); |
| 266 | $otp = $otp->Get($_SESSION["otpId"]); | 266 | $otp = $otp->Get($_SESSION["otpId"]); |
| 267 | 267 | ||
| 268 | if ($otp->GetUser()->userId != $currentUser->userId) { | 268 | if ($otp->GetUser()->userId != $currentUser->userId) { |
| 269 | throw new Exception("User missmatch between the current session and 'One Time Password' user"); | 269 | throw new Exception("User missmatch between the current session and 'One Time Password' user"); |
| 270 | } else if ($otp->GetOnetimepasswordstatus()->code != "REQUESTED") { | 270 | } else if ($otp->GetOnetimepasswordstatus()->code != "REQUESTED") { |
| 271 | throw new Exception("Tring to use an 'One Time Password' in the wrong state"); | 271 | throw new Exception("Tring to use an 'One Time Password' in the wrong state"); |
| 272 | } | 272 | } |
| 273 | 273 | ||
| 274 | resetOTP($otp, "USED"); | 274 | resetOTP($otp, "USED"); |
| 275 | $result["oneTimePassword"] = $otp->reference; | 275 | $result["oneTimePassword"] = $otp->reference; |
| 276 | } | 276 | } |
| 277 | 277 | ||
| 278 | $_SESSION["s"] = $currentUser->srp_s; | 278 | $_SESSION["s"] = $currentUser->srp_s; |
| 279 | $_SESSION["v"] = $currentUser->srp_v; | 279 | $_SESSION["v"] = $currentUser->srp_v; |
| 280 | $_SESSION["userId"] = $currentUser->userId; | 280 | $_SESSION["userId"] = $currentUser->userId; |
| 281 | } else { | 281 | } else { |
| 282 | $_SESSION["s"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; | 282 | $_SESSION["s"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; |
| 283 | $_SESSION["v"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; | 283 | $_SESSION["v"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; |
| 284 | } | 284 | } |
| 285 | 285 | ||
| 286 | $_SESSION["b"] = clipperz_randomSeed(); | 286 | $_SESSION["b"] = clipperz_randomSeed(); |
| 287 | // $_SESSION["b"] = "5761e6c84d22ea3c5649de01702d60f674ccfe79238540eb34c61cd020230c53"; | 287 | // $_SESSION["b"] = "5761e6c84d22ea3c5649de01702d60f674ccfe79238540eb34c61cd020230c53"; |
| 288 | $_SESSION["B"] = dec2base(bcadd(base2dec($_SESSION["v"], 16), bcpowmod($srp_g, base2dec($_SESSION["b"], 16), $srp_n)), 16); | 288 | $_SESSION["B"] = dec2base(bcadd(base2dec($_SESSION["v"], 16), bcpowmod($srp_g, base2dec($_SESSION["b"], 16), $srp_n)), 16); |
| 289 | 289 | ||
| 290 | $result["s"] = $_SESSION["s"]; | 290 | $result["s"] = $_SESSION["s"]; |
| 291 | $result["B"] = $_SESSION["B"]; | 291 | $result["B"] = $_SESSION["B"]; |
| 292 | 292 | ||
| 293 | //============================================================= | 293 | //============================================================= |
| 294 | } else if ($message == "credentialCheck") { | 294 | } else if ($message == "credentialCheck") { |
| 295 | error_log("credentialCheck"); | 295 | error_log("credentialCheck"); |
| 296 | $u = clipperz_hash(base2dec($_SESSION["B"],16)); | 296 | $u = clipperz_hash(base2dec($_SESSION["B"],16)); |
| 297 | $A = base2dec($_SESSION["A"], 16); | 297 | $A = base2dec($_SESSION["A"], 16); |
| 298 | $S = bcpowmod(bcmul($A, bcpowmod(base2dec($_SESSION["v"], 16), base2dec($u, 16), $srp_n)), base2dec($_SESSION["b"], 16), $srp_n); | 298 | $S = bcpowmod(bcmul($A, bcpowmod(base2dec($_SESSION["v"], 16), base2dec($u, 16), $srp_n)), base2dec($_SESSION["b"], 16), $srp_n); |
| 299 | $K = clipperz_hash($S); | 299 | $K = clipperz_hash($S); |
| 300 | $M1 = clipperz_hash($A.base2dec($_SESSION["B"],16).$K); | 300 | $M1 = clipperz_hash($A.base2dec($_SESSION["B"],16).$K); |
| 301 | 301 | ||
| 302 | //$result["B"] = $_SESSION["B"]; | 302 | //$result["B"] = $_SESSION["B"]; |
| 303 | //$result["u"] = $u; | 303 | //$result["u"] = $u; |
| 304 | //$result["A"] = $A; | 304 | //$result["A"] = $A; |
| 305 | //$result["S"] = $S; | 305 | //$result["S"] = $S; |
| 306 | //$result["K"] = $K; | 306 | //$result["K"] = $K; |
| 307 | //$result["M1"] = $M1; | 307 | //$result["M1"] = $M1; |
| 308 | //$result["_M1"] = $parameters["parameters"]["M1"]; | 308 | //$result["_M1"] = $parameters["parameters"]["M1"]; |
| 309 | 309 | ||
| 310 | if ($M1 == $parameters["parameters"]["M1"]) { | 310 | if ($M1 == $parameters["parameters"]["M1"]) { |
| 311 | $_SESSION["K"] = $K; | 311 | $_SESSION["K"] = $K; |
| 312 | $M2 = clipperz_hash($A.$M1.$K); | 312 | $M2 = clipperz_hash($A.$M1.$K); |
| 313 | 313 | ||
| 314 | $result["M2"] = $M2; | 314 | $result["M2"] = $M2; |
| 315 | $result["connectionId"] = ""; | 315 | $result["connectionId"] = ""; |
| 316 | $result["loginInfo"] = array(); | 316 | $result["loginInfo"] = array(); |
| 317 | $result["loginInfo"]["latest"] = array(); | 317 | $result["loginInfo"]["latest"] = array(); |
| 318 | $result["loginInfo"]["current"] = array(); | 318 | $result["loginInfo"]["current"] = array(); |
| 319 | $result["offlineCopyNeeded"] = "false"; | 319 | $result["offlineCopyNeeded"] = "false"; |
| 320 | $result["lock"] = "----"; | 320 | $result["lock"] = "----"; |
| 321 | } else { | 321 | } else { |
| 322 | $result["error"] = "?"; | 322 | $result["error"] = "?"; |
| 323 | } | 323 | } |
| 324 | //============================================================= | 324 | //============================================================= |
| 325 | } else if ($message == "oneTimePassword") { | 325 | } else if ($message == "oneTimePassword") { |
| 326 | error_log("oneTimePassword"); | 326 | error_log("oneTimePassword"); |
| 327 | //{ | 327 | //{ |
| 328 | //"message":"oneTimePassword", | 328 | //"message":"oneTimePassword", |
| 329 | //"version":"0.2", | 329 | //"version":"0.2", |
| 330 | //"parameters":{ | 330 | //"parameters":{ |
| 331 | // "oneTimePasswordKey":"06dfa7f428081f8b2af98b0895e14e18af90b0ef2ff32828e55cc2ac6b24d29b", | 331 | // "oneTimePasswordKey":"06dfa7f428081f8b2af98b0895e14e18af90b0ef2ff32828e55cc2ac6b24d29b", |
| 332 | // "oneTimePasswordKeyChecksum":"60bcba3f72e56f6bb3f0ff88509b9a0e5ec730dfa71daa4c1e892dbd1b0c360d" | 332 | // "oneTimePasswordKeyChecksum":"60bcba3f72e56f6bb3f0ff88509b9a0e5ec730dfa71daa4c1e892dbd1b0c360d" |
| 333 | //} | 333 | //} |
| 334 | //} | 334 | //} |
| 335 | $otp = new onetimepassword(); | 335 | $otp = new onetimepassword(); |
| 336 | $otpList = $otp->GetList(array(array("key", "=", $parameters["parameters"]["oneTimePasswordKey"]))); | 336 | $otpList = $otp->GetList(array(array("key", "=", $parameters["parameters"]["oneTimePasswordKey"]))); |
| 337 | 337 | ||
| 338 | if (count($otpList) == 1) { | 338 | if (count($otpList) == 1) { |
| 339 | $currentOtp = $otpList[0]; | 339 | $currentOtp = $otpList[0]; |
| 340 | 340 | ||
| 341 | if ($currentOtp->GetOnetimepasswordstatus()->code == "ACTIVE") { | 341 | if ($currentOtp->GetOnetimepasswordstatus()->code == "ACTIVE") { |
| 342 | if ($currentOtp->key_checksum == $parameters["parameters"]["oneTimePasswordKeyChecksum"]) { | 342 | if ($currentOtp->key_checksum == $parameters["parameters"]["oneTimePasswordKeyChecksum"]) { |
| 343 | $_SESSION["userId"] = $currentOtp->GetUser()->userId; | 343 | $_SESSION["userId"] = $currentOtp->GetUser()->userId; |
| 344 | $_SESSION["otpId"]= $currentOtp->onetimepasswordId; | 344 | $_SESSION["otpId"]= $currentOtp->onetimepasswordId; |
| 345 | 345 | ||
| 346 | $result["data"] = $currentOtp->data; | 346 | $result["data"] = $currentOtp->data; |
| 347 | $result["version"] = $currentOtp->version; | 347 | $result["version"] = $currentOtp->version; |
| 348 | 348 | ||
| 349 | resetOTP($currentOtp, "REQUESTED"); | 349 | resetOTP($currentOtp, "REQUESTED"); |
| 350 | } else { | 350 | } else { |
| 351 | resetOTP($currentOtp, "DISABLED"); | 351 | resetOTP($currentOtp, "DISABLED"); |
| 352 | throw new Exception("The requested One Time Password has been disabled, due to a wrong keyChecksum"); | 352 | throw new Exception("The requested One Time Password has been disabled, due to a wrong keyChecksum"); |
| 353 | } | 353 | } |
| 354 | } else { | 354 | } else { |
| 355 | throw new Exception("The requested One Time Password was not active"); | 355 | throw new Exception("The requested One Time Password was not active"); |
| 356 | } | 356 | } |
| 357 | } else { | 357 | } else { |
| 358 | throw new Exception("The requested One Time Password has not been found"); | 358 | throw new Exception("The requested One Time Password has not been found"); |
| 359 | } | 359 | } |
| 360 | 360 | ||
| 361 | //============================================================= | 361 | //============================================================= |
| 362 | } | 362 | } |
| 363 | 363 | ||
| 364 | break; | 364 | break; |
| 365 | 365 | ||
| 366 | case "message": | 366 | case "message": |
| 367 | error_log("message"); | 367 | error_log("message"); |
| 368 | if ($parameters["srpSharedSecret"] == $_SESSION["K"]) { | 368 | if ($parameters["srpSharedSecret"] == $_SESSION["K"]) { |
| 369 | $message = $parameters["message"]; | 369 | $message = $parameters["message"]; |
| 370 | 370 | ||
| 371 | //============================================================= | 371 | //============================================================= |
| 372 | if ($message == "getUserDetails") { | 372 | if ($message == "getUserDetails") { |
| 373 | //{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}} | 373 | //{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}} |
| 374 | $user = new user(); | 374 | $user = new user(); |
| 375 | $user = $user->Get($_SESSION["userId"]); | 375 | $user = $user->Get($_SESSION["userId"]); |
| 376 | 376 | ||
| 377 | $result["header"] = $user->header; | 377 | $result["header"] = $user->header; |
| 378 | |||
| 378 | $records = $user->GetRecordList(); | 379 | $records = $user->GetRecordList(); |
| 379 | foreach ($records as $record) | 380 | foreach ($records as $record) { |
| 380 | { | ||
| 381 | $recordStats["updateDate"] = $record->update_date; | 381 | $recordStats["updateDate"] = $record->update_date; |
| 382 | $recordsStats[$record->reference] = $recordStats; | 382 | $recordsStats[$record->reference] = $recordStats; |
| 383 | } | 383 | } |
| 384 | $result["recordsStats"] = $recordsStats; | 384 | $result["recordsStats"] = $recordsStats; |
| 385 | |||
| 385 | $result["statistics"] =$user->statistics; | 386 | $result["statistics"] =$user->statistics; |
| 386 | $result["version"] =$user->version; | 387 | $result["version"] =$user->version; |
| 387 | 388 | ||
| 388 | //============================================================= | 389 | //============================================================= |
| 389 | } else if ($message == "addNewRecords") { | 390 | } else if ($message == "addNewRecords") { |
| 390 | /* | 391 | /* |
| 391 | //{ | 392 | //{ |
| 392 | //"message":"addNewRecords", | 393 | //"message":"addNewRecords", |
| 393 | //"srpSharedSecret":"b58fdf62acebbcb67f63d28c0437f166069f45690c648cd4376a792ae7a325f7", | 394 | //"srpSharedSecret":"b58fdf62acebbcb67f63d28c0437f166069f45690c648cd4376a792ae7a325f7", |
| 394 | //"parameters":{ | 395 | //"parameters":{ |
| 395 | // "records":[ | 396 | // "records":[ |
| 396 | // { | 397 | // { |
| 397 | // "record":{ | 398 | // "record":{ |
| 398 | // "reference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", | 399 | // "reference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", |
| 399 | // "data":"OBSGtcb6blXq/xaYG.....4EqlQqgAvITN", | 400 | // "data":"OBSGtcb6blXq/xaYG.....4EqlQqgAvITN", |
| 400 | // "version":"0.3" | 401 | // "version":"0.3" |
| 401 | // }, | 402 | // }, |
| 402 | // "currentRecordVersion":{ | 403 | // "currentRecordVersion":{ |
| 403 | // "reference":"83ad301525c18f2afd72b6ac82c0a713382e1ef70ac69935ca7e2869dd4ff980", | 404 | // "reference":"83ad301525c18f2afd72b6ac82c0a713382e1ef70ac69935ca7e2869dd4ff980", |
| 404 | // "recordReference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", | 405 | // "recordReference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", |
| 405 | // "data":"NXJ5jiZhkd0CMiwwntAq....1TjjF+SGfE=", | 406 | // "data":"NXJ5jiZhkd0CMiwwntAq....1TjjF+SGfE=", |
| 406 | // "version":"0.3", | 407 | // "version":"0.3", |
| 407 | // "previousVersion":"3e174a86afc322271d8af28bc062b0f1bfd7344fad01212cd08b2757c4b199c4", | 408 | // "previousVersion":"3e174a86afc322271d8af28bc062b0f1bfd7344fad01212cd08b2757c4b199c4", |
| 408 | // "previousVersionKey":"kozaaGCzXWr71LbOKu6Z3nz520V..5U85tSBvb+u44twttv54Kw==" | 409 | // "previousVersionKey":"kozaaGCzXWr71LbOKu6Z3nz520V..5U85tSBvb+u44twttv54Kw==" |
| 409 | // } | 410 | // } |
| 410 | // } | 411 | // } |
| 411 | // ], | 412 | // ], |
| 412 | // "user":{ | 413 | // "user":{ |
| 413 | // "header":"{\"reco...ersion\":\"0.1\"}", | 414 | // "header":"{\"reco...ersion\":\"0.1\"}", |
| 414 | // "statistics":"rKI6nR6iqggygQJ3SQ58bFUX", | 415 | // "statistics":"rKI6nR6iqggygQJ3SQ58bFUX", |
| 415 | // "version":"0.3", | 416 | // "version":"0.3", |
| 416 | // "lock":"----" | 417 | // "lock":"----" |
| 417 | // } | 418 | // } |
| 418 | //} | 419 | //} |
| 419 | //} | 420 | //} |
| 420 | */ | 421 | */ |
| 421 | $user = new user(); | 422 | $user = new user(); |
| 422 | $record = new record(); | 423 | $record = new record(); |
| 423 | $recordVersion = new recordversion(); | 424 | $recordVersion = new recordversion(); |
| 424 | 425 | ||
| 425 | $user = $user->Get($_SESSION["userId"]); | 426 | $user = $user->Get($_SESSION["userId"]); |
| 426 | updateUserData($parameters["parameters"]["user"], $user); | 427 | updateUserData($parameters["parameters"]["user"], $user); |
| 427 | 428 | ||
| 428 | $recordParameterList = $parameters["parameters"]["records"]; | 429 | $recordParameterList = $parameters["parameters"]["records"]; |
| 429 | $c = count($recordParameterList); | 430 | $c = count($recordParameterList); |
| 430 | for ($i=0; $i<$c; $i++) { | 431 | for ($i=0; $i<$c; $i++) { |
| 431 | updateRecordData($recordParameterList[$i], $record, $recordVersion); | 432 | updateRecordData($recordParameterList[$i], $record, $recordVersion); |
| 432 | 433 | ||
| 433 | $record->SaveNew(); | 434 | $record->SaveNew(); |
| 434 | $recordVersion->SaveNew(); | 435 | $recordVersion->SaveNew(); |
| 435 | 436 | ||
| 436 | $record->AddRecordversion($recordVersion); | 437 | $record->AddRecordversion($recordVersion); |
| 437 | $user->AddRecord($record); | 438 | $user->AddRecord($record); |
| 438 | 439 | ||
| 439 | $record->Save(); | 440 | $record->Save(); |
| 440 | $recordVersion->Save(); | 441 | $recordVersion->Save(); |
| 441 | } | 442 | } |
| 442 | 443 | ||
| 443 | $user->Save(); | 444 | $user->Save(); |
| 444 | 445 | ||
| 445 | $result["lock"] = $user->lock; | 446 | $result["lock"] = $user->lock; |
| 446 | $result["result"] = "done"; | 447 | $result["result"] = "done"; |
| 447 | 448 | ||
| 448 | //============================================================= | 449 | //============================================================= |
| 449 | } else if ($message == "getRecordDetail") { | 450 | } else if ($message == "getRecordDetail") { |
| 450 | //{ | 451 | //{ |
| 451 | //"message":"getRecordDetail", | 452 | //"message":"getRecordDetail", |
| 452 | //"srpSharedSecret":"4c00dcb66a9f2aea41a87e4707c526874e2eb29cc72d2c7086837e53d6bf2dfe", | 453 | //"srpSharedSecret":"4c00dcb66a9f2aea41a87e4707c526874e2eb29cc72d2c7086837e53d6bf2dfe", |
| 453 | //"parameters":{ | 454 | //"parameters":{ |
| 454 | // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50" | 455 | // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50" |
| 455 | //} | 456 | //} |
| 456 | //} | 457 | //} |
| 457 | // | 458 | // |
| 458 | //result = { | 459 | //result = { |
| 459 | // currentVersion:{ | 460 | // currentVersion:{ |
| 460 | // reference:"88943d709c3ea2442d4f58eaaec6409276037e5a37e0a6d167b9dad9e947e854", | 461 | // reference:"88943d709c3ea2442d4f58eaaec6409276037e5a37e0a6d167b9dad9e947e854", |
| 461 | // accessDate:"Wed, 13 February 2008 14:25:12 UTC", | 462 | // accessDate:"Wed, 13 February 2008 14:25:12 UTC", |
| 462 | // creationDate:"Tue, 17 April 2007 17:17:52 UTC", | 463 | // creationDate:"Tue, 17 April 2007 17:17:52 UTC", |
| 463 | // version:"0.2", | 464 | // version:"0.2", |
| 464 | // data:"xI3WXddQLFtL......EGyKnnAVik", | 465 | // data:"xI3WXddQLFtL......EGyKnnAVik", |
| 465 | // updateDate:"Tue, 17 April 2007 17:17:52 UTC", | 466 | // updateDate:"Tue, 17 April 2007 17:17:52 UTC", |
| 466 | // header:"####" | 467 | // header:"####" |
| 467 | // } | 468 | // } |
| 468 | // reference:"13a5e52976337ab210903cd04872588e1b21fb72bc183e91aa25c494b8138551", | 469 | // reference:"13a5e52976337ab210903cd04872588e1b21fb72bc183e91aa25c494b8138551", |
| 469 | // oldestUsedEncryptedVersion:"0.2", | 470 | // oldestUsedEncryptedVersion:"0.2", |
| 470 | // accessDate:"Wed, 13 February 2008 14:25:12 UTC", | 471 | // accessDate:"Wed, 13 February 2008 14:25:12 UTC", |
| 471 | // creationDate:"Wed, 14 March 2007 13:53:11 UTC", | 472 | // creationDate:"Wed, 14 March 2007 13:53:11 UTC", |
| 472 | // version:"0.2", | 473 | // version:"0.2", |
| 473 | // updatedDate:"Tue, 17 April 2007 17:17:52 UTC", | 474 | // updatedDate:"Tue, 17 April 2007 17:17:52 UTC", |
| 474 | // data:"0/BjzyY6jeh71h...pAw2++NEyylGhMC5C5f5m8pBApYziN84s4O3JQ3khW/1UttQl4=" | 475 | // data:"0/BjzyY6jeh71h...pAw2++NEyylGhMC5C5f5m8pBApYziN84s4O3JQ3khW/1UttQl4=" |
| 475 | //} | 476 | //} |
| 476 | $record = new record(); | 477 | $record = new record(); |
| 477 | 478 | ||
| 478 | $recordList = $record->GetList(array(array("reference", "=", $parameters["parameters"]["reference"]))); | 479 | $recordList = $record->GetList(array(array("reference", "=", $parameters["parameters"]["reference"]))); |
| 479 | $currentRecord = $recordList[0]; | 480 | $currentRecord = $recordList[0]; |
| 480 | $currentRecordVersions = $currentRecord->GetRecordversionList(); | 481 | $currentRecordVersions = $currentRecord->GetRecordversionList(); |
| 481 | $currentVersion = $currentRecordVersions[0]; | 482 | $currentVersion = $currentRecordVersions[0]; |
| 482 | 483 | ||
| 483 | $result["currentVersion"] = array(); | 484 | $result["currentVersion"] = array(); |
| 484 | $result["currentVersion"]["reference"] =$currentVersion->reference; | 485 | $result["currentVersion"]["reference"] =$currentVersion->reference; |
| 485 | $result["currentVersion"]["data"] = $currentVersion->data; | 486 | $result["currentVersion"]["data"] = $currentVersion->data; |
| 486 | $result["currentVersion"]["header"] = $currentVersion->header; | 487 | $result["currentVersion"]["header"] = $currentVersion->header; |
| 487 | $result["currentVersion"]["version"] = $currentVersion->version; | 488 | $result["currentVersion"]["version"] = $currentVersion->version; |
| 488 | $result["currentVersion"]["creationDate"] =$currentVersion->creation_date; | 489 | $result["currentVersion"]["creationDate"] =$currentVersion->creation_date; |
| 489 | $result["currentVersion"]["updateDate"] =$currentVersion->update_date; | 490 | $result["currentVersion"]["updateDate"] =$currentVersion->update_date; |
| 490 | $result["currentVersion"]["accessDate"] =$currentVersion->access_date; | 491 | $result["currentVersion"]["accessDate"] =$currentVersion->access_date; |
| 491 | 492 | ||
| 492 | $result["reference"] = $currentRecord->reference; | 493 | $result["reference"] = $currentRecord->reference; |
| 493 | $result["data"] = $currentRecord->data; | 494 | $result["data"] = $currentRecord->data; |
| 494 | $result["version"] = $currentRecord->version; | 495 | $result["version"] = $currentRecord->version; |
| 495 | $result["creationDate"] =$currentRecord->creation_date; | 496 | $result["creationDate"] =$currentRecord->creation_date; |
| 496 | $result["updateDate"] = $currentRecord->update_date; | 497 | $result["updateDate"] = $currentRecord->update_date; |
| 497 | $result["accessDate"] = $currentRecord->access_date; | 498 | $result["accessDate"] = $currentRecord->access_date; |
| 498 | $result["oldestUsedEncryptedVersion"] ="---"; | 499 | $result["oldestUsedEncryptedVersion"] ="---"; |
| 499 | 500 | ||
| 500 | //============================================================= | 501 | //============================================================= |
| 501 | } else if ($message == "updateData") { | 502 | } else if ($message == "updateData") { |
| 502 | //{ | 503 | //{ |
| 503 | //"message":"updateData", | 504 | //"message":"updateData", |
| 504 | //"srpSharedSecret":"4e4aadb1d64513ec4dd42f5e8d5b2d4363de75e4424b6bcf178c9d6a246356c5", | 505 | //"srpSharedSecret":"4e4aadb1d64513ec4dd42f5e8d5b2d4363de75e4424b6bcf178c9d6a246356c5", |
| 505 | //"parameters":{ | 506 | //"parameters":{ |
| 506 | // "records":[ | 507 | // "records":[ |
| 507 | // { | 508 | // { |
| 508 | // "record":{ | 509 | // "record":{ |
| 509 | // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", | 510 | // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", |
| 510 | // "data":"8hgR0Z+JDrUa812polDJ....JnZUKXNEqKI", | 511 | // "data":"8hgR0Z+JDrUa812polDJ....JnZUKXNEqKI", |
| 511 | // "version":"0.3" | 512 | // "version":"0.3" |
| 512 | // }, | 513 | // }, |
| 513 | // "currentRecordVersion":{ | 514 | // "currentRecordVersion":{ |
| 514 | // "reference":"b1d82aeb9a0c4f6584bea68ba80839f43dd6ede79791549e29a1860554b144ee", | 515 | // "reference":"b1d82aeb9a0c4f6584bea68ba80839f43dd6ede79791549e29a1860554b144ee", |
| 515 | // "recordReference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", | 516 | // "recordReference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", |
| 516 | // "data":"2d/UgKxxV+kBPV9GRUE.....VGonDoW0tqefxOJo=", | 517 | // "data":"2d/UgKxxV+kBPV9GRUE.....VGonDoW0tqefxOJo=", |
| 517 | // "version":"0.3", | 518 | // "version":"0.3", |
| 518 | // "previousVersion":"55904195249037394316d3be3f5e78f08073170103bf0e7ab49a911c159cb0be", | 519 | // "previousVersion":"55904195249037394316d3be3f5e78f08073170103bf0e7ab49a911c159cb0be", |
| 519 | // "previousVersionKey":"YWiaZeMIVHaIl96OWW+2e8....6d6nHbn6cr2NA/dbQRuC2w==" | 520 | // "previousVersionKey":"YWiaZeMIVHaIl96OWW+2e8....6d6nHbn6cr2NA/dbQRuC2w==" |
| 520 | // } | 521 | // } |
| 521 | // } | 522 | // } |
| 522 | // ], | 523 | // ], |
| 523 | // "user":{ | 524 | // "user":{ |
| 524 | // "header":"{\"rec.....sion\":\"0.1\"}", | 525 | // "header":"{\"rec.....sion\":\"0.1\"}", |
| 525 | // "statistics":"tt3uU9hWBy8rNnMckgCnxMJh", | 526 | // "statistics":"tt3uU9hWBy8rNnMckgCnxMJh", |
| 526 | // "version":"0.3", | 527 | // "version":"0.3", |
| 527 | // "lock":"----" | 528 | // "lock":"----" |
| 528 | // } | 529 | // } |
| 529 | //} | 530 | //} |
| 530 | //} | 531 | //} |
| 531 | 532 | ||
| 532 | $user = new user(); | 533 | $user = new user(); |
| 533 | $user = $user->Get($_SESSION["userId"]); | 534 | $user = $user->Get($_SESSION["userId"]); |
| 534 | updateUserData($parameters["parameters"]["user"], $user); | 535 | updateUserData($parameters["parameters"]["user"], $user); |
| 535 | $user->Save(); | 536 | $user->Save(); |
| 536 | 537 | ||
| 537 | $recordParameterList = $parameters["parameters"]["records"]; | 538 | $recordParameterList = $parameters["parameters"]["records"]; |
| 538 | $c = count($recordParameterList); | 539 | $c = count($recordParameterList); |
| 539 | for ($i=0; $i<$c; $i++) { | 540 | for ($i=0; $i<$c; $i++) { |
| 540 | $recordList = $user->GetRecordList(array(array("reference", "=", $recordParameterList[$i]["record"]["reference"]))); | 541 | $recordList = $user->GetRecordList(array(array("reference", "=", $recordParameterList[$i]["record"]["reference"]))); |
| 541 | $currentRecord = $recordList[0]; | 542 | $currentRecord = $recordList[0]; |
| 542 | $currentRecordVersions = $currentRecord->GetRecordversionList(); | 543 | $currentRecordVersions = $currentRecord->GetRecordversionList(); |
| 543 | $currentVersion = $currentRecordVersions[0]; | 544 | $currentVersion = $currentRecordVersions[0]; |
| 544 | 545 | ||
| 545 | updateRecordData($recordParameterList[$i], $currentRecord, $currentVersion); | 546 | updateRecordData($recordParameterList[$i], $currentRecord, $currentVersion); |
| 546 | 547 | ||
| 547 | 548 | ||
| 548 | $currentRecord->Save(); | 549 | $currentRecord->Save(); |
| 549 | $currentVersion->Save(); | 550 | $currentVersion->Save(); |
| 550 | } | 551 | } |
| 551 | 552 | ||
| 552 | 553 | ||
| 553 | $result["lock"] = $user->lock; | 554 | $result["lock"] = $user->lock; |
| 554 | $result["result"] = "done"; | 555 | $result["result"] = "done"; |
| 555 | 556 | ||
| 556 | //============================================================= | 557 | //============================================================= |
| 557 | } else if ($message == "deleteRecords") { | 558 | } else if ($message == "deleteRecords") { |
| 558 | //{ | 559 | //{ |
| 559 | //"message":"deleteRecords", | 560 | //"message":"deleteRecords", |
| 560 | //"srpSharedSecret":"4a64982f7ee366954ec50b9efea62a902a097ef111410c2aa7c4d5343bd1cdd1", | 561 | //"srpSharedSecret":"4a64982f7ee366954ec50b9efea62a902a097ef111410c2aa7c4d5343bd1cdd1", |
| 561 | //"parameters":{ | 562 | //"parameters":{ |
| 562 | // "recordReferences":["46494c81d10b80ab190d41e6806ef63869cfcc7a0ab8fe98cc3f93de4729bb9a"], | 563 | // "recordReferences":["46494c81d10b80ab190d41e6806ef63869cfcc7a0ab8fe98cc3f93de4729bb9a"], |
| 563 | // "user":{ | 564 | // "user":{ |
| 564 | // "header":"{\"rec...rsion\":\"0.1\"}", | 565 | // "header":"{\"rec...rsion\":\"0.1\"}", |
| 565 | // "statistics":"44kOOda0xYZjbcugJBdagBQx", | 566 | // "statistics":"44kOOda0xYZjbcugJBdagBQx", |
| 566 | // "version":"0.3", | 567 | // "version":"0.3", |
| 567 | // "lock":"----" | 568 | // "lock":"----" |
| 568 | // } | 569 | // } |
| 569 | //} | 570 | //} |
| 570 | //} | 571 | //} |
| 571 | $user = new user(); | 572 | $user = new user(); |
| 572 | $user = $user->Get($_SESSION["userId"]); | 573 | $user = $user->Get($_SESSION["userId"]); |
| 573 | 574 | ||
| 574 | $recordReferenceList = $parameters["parameters"]["recordReferences"]; | 575 | $recordReferenceList = $parameters["parameters"]["recordReferences"]; |
| 575 | $recordList = array(); | 576 | $recordList = array(); |
| 576 | $c = count($recordReferenceList); | 577 | $c = count($recordReferenceList); |
| 577 | for ($i=0; $i<$c; $i++) { | 578 | for ($i=0; $i<$c; $i++) { |
| 578 | array_push($recordList, array("reference", "=", $recordReferenceList[$i])); | 579 | array_push($recordList, array("reference", "=", $recordReferenceList[$i])); |
| 579 | } | 580 | } |
| 580 | 581 | ||
| 581 | $record = new record(); | 582 | $record = new record(); |
| 582 | $record->DeleteList($recordList, true); | 583 | $record->DeleteList($recordList, true); |
| 583 | 584 | ||
| 584 | updateUserData($parameters["parameters"]["user"], $user); | 585 | updateUserData($parameters["parameters"]["user"], $user); |
| 585 | $user->Save(); | 586 | $user->Save(); |
| 586 | 587 | ||
| 587 | $result["recordList"] = $recordList; | 588 | $result["recordList"] = $recordList; |
| 588 | $result["lock"] = $user->lock; | 589 | $result["lock"] = $user->lock; |
| 589 | $result["result"] = "done"; | 590 | $result["result"] = "done"; |
| 590 | 591 | ||
| 591 | //============================================================= | 592 | //============================================================= |
| 592 | } else if ($message == "deleteUser") { | 593 | } else if ($message == "deleteUser") { |
| 593 | //{"message":"deleteUser", "srpSharedSecret":"e8e4ca6544dca49c95b3647d8358ad54c317048b74d2ac187ac25f719c9bac58", "parameters":{}} | 594 | //{"message":"deleteUser", "srpSharedSecret":"e8e4ca6544dca49c95b3647d8358ad54c317048b74d2ac187ac25f719c9bac58", "parameters":{}} |
| 594 | $user = new user(); | 595 | $user = new user(); |
| 595 | $user->Get($_SESSION["userId"]); | 596 | $user->Get($_SESSION["userId"]); |
| 596 | $user->Delete(true); | 597 | $user->Delete(true); |
| 597 | 598 | ||
| 598 | $result["result"] = "ok"; | 599 | $result["result"] = "ok"; |
| 599 | 600 | ||
| 600 | //============================================================= | 601 | //============================================================= |
| 601 | } else if ($message == "addNewOneTimePassword") { | 602 | } else if ($message == "addNewOneTimePassword") { |
| 602 | //{ | 603 | //{ |
| 603 | //"message":"addNewOneTimePassword", | 604 | //"message":"addNewOneTimePassword", |
| 604 | //"srpSharedSecret":"96fee4af06c09ce954fe7a9f87970e943449186bebf70bac0af1d6ebb818dabb", | 605 | //"srpSharedSecret":"96fee4af06c09ce954fe7a9f87970e943449186bebf70bac0af1d6ebb818dabb", |
| 605 | //"parameters":{ | 606 | //"parameters":{ |
| 606 | // "user":{ | 607 | // "user":{ |
| 607 | // "header":"{\"records\":{\"index\":{\"419ea6....rsion\":\"0.1\"}", | 608 | // "header":"{\"records\":{\"index\":{\"419ea6....rsion\":\"0.1\"}", |
| 608 | // "statistics":"rrlwNbDt83rpWT4S72upiVsC", | 609 | // "statistics":"rrlwNbDt83rpWT4S72upiVsC", |
| 609 | // "version":"0.3", | 610 | // "version":"0.3", |
| 610 | // "lock":"----" | 611 | // "lock":"----" |
| 611 | // }, | 612 | // }, |
| 612 | // "oneTimePassword":{ | 613 | // "oneTimePassword":{ |
| 613 | // "reference":"29e26f3a2aae61fe5cf58c45296c6df4f3dceafe067ea550b455be345f44123c", | 614 | // "reference":"29e26f3a2aae61fe5cf58c45296c6df4f3dceafe067ea550b455be345f44123c", |
| 614 | // "key":"afb848208758361a96a298b9db08995cf036011747809357a90645bc93fdfa03", | 615 | // "key":"afb848208758361a96a298b9db08995cf036011747809357a90645bc93fdfa03", |
| 615 | // "keyChecksum":"d1599ae443b5a566bfd93c0aeec4c81b42c0506ee09874dae050449580bb3486", | 616 | // "keyChecksum":"d1599ae443b5a566bfd93c0aeec4c81b42c0506ee09874dae050449580bb3486", |
| 616 | // "data":"hsyY8DHksgR52x6c4j7XAtIUeY.....dxsr3XWt7CbGg==", | 617 | // "data":"hsyY8DHksgR52x6c4j7XAtIUeY.....dxsr3XWt7CbGg==", |
| 617 | // "version":"0.3" | 618 | // "version":"0.3" |
| 618 | // } | 619 | // } |
| 619 | //} | 620 | //} |
| 620 | //} | 621 | //} |
| 621 | 622 | ||
| 622 | fixOTPStatusTable(); | 623 | fixOTPStatusTable(); |
| 623 | 624 | ||
| 624 | $user = new user(); | 625 | $user = new user(); |
| 625 | $user = $user->Get($_SESSION["userId"]); | 626 | $user = $user->Get($_SESSION["userId"]); |
| 626 | 627 | ||
| 627 | $otp = new onetimepassword(); | 628 | $otp = new onetimepassword(); |
| 628 | updateOTP($parameters["parameters"]["oneTimePassword"], $otp, "ACTIVE"); | 629 | updateOTP($parameters["parameters"]["oneTimePassword"], $otp, "ACTIVE"); |
| 629 | $user->AddOnetimepassword($otp); | 630 | $user->AddOnetimepassword($otp); |
| 630 | 631 | ||
| 631 | updateUserData($parameters["parameters"]["user"], $user); | 632 | updateUserData($parameters["parameters"]["user"], $user); |
| 632 | $user->Save(); | 633 | $user->Save(); |
| 633 | 634 | ||
| 634 | $result["lock"] = $user->lock; | 635 | $result["lock"] = $user->lock; |
| 635 | $result["result"] = "done"; | 636 | $result["result"] = "done"; |
| 636 | 637 | ||
| 637 | //============================================================= | 638 | //============================================================= |
| 638 | } else if ($message == "updateOneTimePasswords") { | 639 | } else if ($message == "updateOneTimePasswords") { |
| 639 | //{ | 640 | //{ |
| 640 | //"message":"updateOneTimePasswords", | 641 | //"message":"updateOneTimePasswords", |
| 641 | //"srpSharedSecret":"c78f8ed099ea421f4dd0a4e02dbaf1f7da925f0088188d99399874ff064a3d27", | 642 | //"srpSharedSecret":"c78f8ed099ea421f4dd0a4e02dbaf1f7da925f0088188d99399874ff064a3d27", |
| 642 | //"parameters":{ | 643 | //"parameters":{ |
| 643 | // "user":{ | 644 | // "user":{ |
| 644 | // "header":"{\"reco...sion\":\"0.1\"}", | 645 | // "header":"{\"reco...sion\":\"0.1\"}", |
| 645 | // "statistics":"UeRq75RZHzDC7elzrh/+OB5d", | 646 | // "statistics":"UeRq75RZHzDC7elzrh/+OB5d", |
| 646 | // "version":"0.3", | 647 | // "version":"0.3", |
| 647 | // "lock":"----" | 648 | // "lock":"----" |
| 648 | // }, | 649 | // }, |
| 649 | // "oneTimePasswords":["f5f44c232f239efe48ab81a6236deea1a840d52946f7d4d782dad52b4c5359ce"] | 650 | // "oneTimePasswords":["f5f44c232f239efe48ab81a6236deea1a840d52946f7d4d782dad52b4c5359ce"] |
| 650 | //} | 651 | //} |
| 651 | //} | 652 | //} |
| 652 | 653 | ||
| 653 | $user = new user(); | 654 | $user = new user(); |
| 654 | $user = $user->Get($_SESSION["userId"]); | 655 | $user = $user->Get($_SESSION["userId"]); |
| 655 | 656 | ||
| 656 | $validOtpReferences = $parameters["parameters"]["oneTimePasswords"]; | 657 | $validOtpReferences = $parameters["parameters"]["oneTimePasswords"]; |
| 657 | 658 | ||
| 658 | $otpList = $user->GetOnetimepasswordList(); | 659 | $otpList = $user->GetOnetimepasswordList(); |
| 659 | $c = count($otpList); | 660 | $c = count($otpList); |
| 660 | for ($i=0; $i<$c; $i++) { | 661 | for ($i=0; $i<$c; $i++) { |
| 661 | $currentOtp = $otpList[$i]; | 662 | $currentOtp = $otpList[$i]; |
| 662 | if (arrayContainsValue($validOtpReferences, $currentOtp->reference) == false) { | 663 | if (arrayContainsValue($validOtpReferences, $currentOtp->reference) == false) { |
| 663 | $currentOtp->Delete(); | 664 | $currentOtp->Delete(); |
| 664 | } | 665 | } |
| 665 | } | 666 | } |
| 666 | 667 | ||
| 667 | updateUserData($parameters["parameters"]["user"], $user); | 668 | updateUserData($parameters["parameters"]["user"], $user); |
| 668 | $user->Save(); | 669 | $user->Save(); |
| 669 | 670 | ||
| 670 | $result["result"] = $user->lock; | 671 | $result["result"] = $user->lock; |
| 671 | 672 | ||
| 672 | //============================================================= | 673 | //============================================================= |
| 673 | } else if ($message == "getOneTimePasswordsDetails") { | 674 | } else if ($message == "getOneTimePasswordsDetails") { |
| 674 | 675 | ||
| 675 | //============================================================= | 676 | //============================================================= |
| 676 | } else if ($message == "getLoginHistory") { | 677 | } else if ($message == "getLoginHistory") { |
| 677 | $result["result"] = array(); | 678 | $result["result"] = array(); |
| 678 | 679 | ||
| 679 | //============================================================= | 680 | //============================================================= |
| 680 | } else if ($message == "upgradeUserCredentials") { | 681 | } else if ($message == "upgradeUserCredentials") { |
| 681 | //{ | 682 | //{ |
| 682 | //"message":"upgradeUserCredentials", | 683 | //"message":"upgradeUserCredentials", |
| 683 | //"srpSharedSecret":"f1c25322e1478c8fb26063e9eef2f6fc25e0460065a31cb718f80bcff8f8a735", | 684 | //"srpSharedSecret":"f1c25322e1478c8fb26063e9eef2f6fc25e0460065a31cb718f80bcff8f8a735", |
| 684 | //"parameters":{ | 685 | //"parameters":{ |
| 685 | // "user":{ | 686 | // "user":{ |
| 686 | // "header":"{\"reco...sion\":\"0.1\"}", | 687 | // "header":"{\"reco...sion\":\"0.1\"}", |
| 687 | // "statistics":"s72Xva+w7CLgH+ihwqwXUbyu", | 688 | // "statistics":"s72Xva+w7CLgH+ihwqwXUbyu", |
| 688 | // "version":"0.3", | 689 | // "version":"0.3", |
| 689 | // "lock":"----" | 690 | // "lock":"----" |
| 690 | // }, | 691 | // }, |
| 691 | // "credentials":{ | 692 | // "credentials":{ |
| 692 | // "C":"57d15a8afbc1ae08103bd991d387ddfd8d26824276476fe709d754f098b6c26d", | 693 | // "C":"57d15a8afbc1ae08103bd991d387ddfd8d26824276476fe709d754f098b6c26d", |
| 693 | // "s":"d6735fc0486f391c4f3c947928f9e61a2418e7bed2bc9b25bb43f93acc52f636", | 694 | // "s":"d6735fc0486f391c4f3c947928f9e61a2418e7bed2bc9b25bb43f93acc52f636", |
| 694 | // "v":"540c2ebbf941a481b6b2c9026c07fb46e8202e4408ed96864a696deb622baece", | 695 | // "v":"540c2ebbf941a481b6b2c9026c07fb46e8202e4408ed96864a696deb622baece", |
| 695 | // "version":"0.2" | 696 | // "version":"0.2" |
| 696 | // }, | 697 | // }, |
| 697 | // "oneTimePasswords":{ | 698 | // "oneTimePasswords":{ |
| 698 | // "923cdc61c4b877b263236124c44d69b459d240453a461cce8ddf7518b423ca94": "1HD6Ta0xsifEDhDwE....9WDK6tvrS6w==", | 699 | // "923cdc61c4b877b263236124c44d69b459d240453a461cce8ddf7518b423ca94": "1HD6Ta0xsifEDhDwE....9WDK6tvrS6w==", |
| 699 | // "fb1573cb9497652a81688a099a524fb116e604c6fbc191cf33406eb8438efa5f": "CocN0cSxLmMRdgNF9....o3xhGUEY68Q==" | 700 | // "fb1573cb9497652a81688a099a524fb116e604c6fbc191cf33406eb8438efa5f": "CocN0cSxLmMRdgNF9....o3xhGUEY68Q==" |
| 700 | // } | 701 | // } |
| 701 | //} | 702 | //} |
| 702 | //} | 703 | //} |
| 703 | 704 | ||
| 704 | $user = new user(); | 705 | $user = new user(); |
| 705 | $user->Get($_SESSION["userId"]); | 706 | $user->Get($_SESSION["userId"]); |
| 706 | 707 | ||
| 707 | $otp = new onetimepassword(); | 708 | $otp = new onetimepassword(); |
| 708 | 709 | ||
| 709 | updateUserCredentials($parameters["parameters"]["credentials"], $user); | 710 | updateUserCredentials($parameters["parameters"]["credentials"], $user); |
| 710 | updateUserData($parameters["parameters"]["user"], $user); | 711 | updateUserData($parameters["parameters"]["user"], $user); |
| 711 | 712 | ||
| 712 | $otpList = $parameters["parameters"]["oneTimePasswords"]; | 713 | $otpList = $parameters["parameters"]["oneTimePasswords"]; |
| 713 | foreach($otpList as $otpReference=>$otpData) { | 714 | foreach($otpList as $otpReference=>$otpData) { |
| 714 | $otpList = $otp->GetList(array(array("reference", "=", $otpReference))); | 715 | $otpList = $otp->GetList(array(array("reference", "=", $otpReference))); |
| 715 | $currentOtp = $otpList[0]; | 716 | $currentOtp = $otpList[0]; |
| 716 | $currentOtp->data = $otpData; | 717 | $currentOtp->data = $otpData; |
| 717 | $currentOtp->Save(); | 718 | $currentOtp->Save(); |
| 718 | } | 719 | } |
| 719 | 720 | ||
| 720 | $user->Save(); | 721 | $user->Save(); |
| 721 | 722 | ||
| 722 | $result["lock"] = $user->lock; | 723 | $result["lock"] = $user->lock; |
| 723 | $result["result"] = "done"; | 724 | $result["result"] = "done"; |
| 724 | 725 | ||
| 725 | //============================================================= | 726 | //============================================================= |
| 726 | } else if ($message == "echo") { | 727 | } else if ($message == "echo") { |
| 727 | $result["result"] = $parameters; | 728 | $result["result"] = $parameters; |
| 728 | } | 729 | } |
| 729 | 730 | ||
| 730 | //============================================================= | 731 | //============================================================= |
| 731 | } else if (isset($_SESSION['K'])) { | 732 | } else if (isset($_SESSION['K'])) { |
| 732 | $result["error"] = "Wrong shared secret!"; | 733 | $result["error"] = "Wrong shared secret!"; |
| 733 | } else { | 734 | } else { |
| 734 | $result["result"] = "EXCEPTION"; | 735 | $result["result"] = "EXCEPTION"; |
| 735 | $result["message"] = "Trying to communicate without an active connection"; | 736 | $result["message"] = "Trying to communicate without an active connection"; |
| 736 | } | 737 | } |
| 737 | break; | 738 | break; |
| 738 | 739 | ||
| 739 | case "logout": | 740 | case "logout": |
| 740 | error_log("logout"); | 741 | error_log("logout"); |
| 741 | session_destroy(); | 742 | session_destroy(); |
| 742 | break; | 743 | break; |
| 743 | 744 | ||
| 744 | default: | 745 | default: |
| 745 | error_log("default"); | 746 | error_log("default"); |
| 746 | $result["result"] = $parameters; | 747 | $result["result"] = $parameters; |
| 747 | break; | 748 | break; |
| 748 | } | 749 | } |
| 749 | 750 | ||
| 750 | session_write_close(); | 751 | session_write_close(); |
| 751 | 752 | ||
| 752 | echo(json_encode($result)); | 753 | echo(json_encode($result)); |
| 753 | error_log("result: ".json_encode($result)); | 754 | error_log("result: ".json_encode($result)); |
| 754 | ?> | 755 | ?> |