author | Giulio Cesare Solaroli <giulio.cesare@clipperz.com> | 2011-10-06 22:57:46 (UTC) |
---|---|---|
committer | Giulio Cesare Solaroli <giulio.cesare@clipperz.com> | 2011-10-06 22:57:46 (UTC) |
commit | 647a8a53917dd15dc81caaeb36c658e18e579ab0 (patch) (unidiff) | |
tree | 16caa4aca7c943632f9398360fc7f9a9ef3b3f0e /backend | |
parent | a26b219b6f4f3fee727d9b23d8cd374f6b32a4fa (diff) | |
download | clipperz-647a8a53917dd15dc81caaeb36c658e18e579ab0.zip clipperz-647a8a53917dd15dc81caaeb36c658e18e579ab0.tar.gz clipperz-647a8a53917dd15dc81caaeb36c658e18e579ab0.tar.bz2 |
Fixed the formatting of PHP code
-rw-r--r-- | backend/php/src/index.php | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/backend/php/src/index.php b/backend/php/src/index.php index 3d23e7a..214ac01 100644 --- a/backend/php/src/index.php +++ b/backend/php/src/index.php | |||
@@ -1,754 +1,755 @@ | |||
1 | <?php | 1 | <?php |
2 | include "./configuration.php"; | 2 | include "./configuration.php"; |
3 | include "./objects/class.database.php"; | 3 | include "./objects/class.database.php"; |
4 | include "./objects/class.user.php"; | 4 | include "./objects/class.user.php"; |
5 | include "./objects/class.record.php"; | 5 | include "./objects/class.record.php"; |
6 | include "./objects/class.recordversion.php"; | 6 | include "./objects/class.recordversion.php"; |
7 | include "./objects/class.onetimepassword.php"; | 7 | include "./objects/class.onetimepassword.php"; |
8 | include "./objects/class.onetimepasswordstatus.php"; | 8 | include "./objects/class.onetimepasswordstatus.php"; |
9 | 9 | ||
10 | //----------------------------------------------------------------------------- | 10 | //----------------------------------------------------------------------------- |
11 | 11 | ||
12 | if ( !function_exists('json_decode') ) { | 12 | if ( !function_exists('json_decode') ) { |
13 | function json_decode($content, $assoc=false) { | 13 | function json_decode($content, $assoc=false) { |
14 | require_once 'json/JSON.php'; | 14 | require_once 'json/JSON.php'; |
15 | if ( $assoc ) { | 15 | if ( $assoc ) { |
16 | $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE); | 16 | $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE); |
17 | } else { | 17 | } else { |
18 | $json = new Services_JSON; | 18 | $json = new Services_JSON; |
19 | } | 19 | } |
20 | 20 | ||
21 | return $json->decode($content); | 21 | return $json->decode($content); |
22 | } | 22 | } |
23 | } | 23 | } |
24 | 24 | ||
25 | if ( !function_exists('json_encode') ) { | 25 | if ( !function_exists('json_encode') ) { |
26 | function json_encode($content) { | 26 | function json_encode($content) { |
27 | require_once 'json/JSON.php'; | 27 | require_once 'json/JSON.php'; |
28 | $json = new Services_JSON; | 28 | $json = new Services_JSON; |
29 | 29 | ||
30 | return $json->encode($content); | 30 | return $json->encode($content); |
31 | } | 31 | } |
32 | } | 32 | } |
33 | 33 | ||
34 | //----------------------------------------------------------------------------- | 34 | //----------------------------------------------------------------------------- |
35 | //'dec2base', 'base2dec' and 'digits' are functions found on the following | 35 | //'dec2base', 'base2dec' and 'digits' are functions found on the following |
36 | //PHP manual page: http://ch2.php.net/manual/en/ref.bc.php | 36 | //PHP manual page: http://ch2.php.net/manual/en/ref.bc.php |
37 | // | 37 | // |
38 | 38 | ||
39 | function dec2base($dec, $base, $digits=FALSE) { | 39 | function dec2base($dec, $base, $digits=FALSE) { |
40 | if ($base<2 or $base>256) { | 40 | if ($base<2 or $base>256) { |
41 | die("Invalid Base: ".$base); | 41 | die("Invalid Base: ".$base); |
42 | } | 42 | } |
43 | 43 | ||
44 | bcscale(0); | 44 | bcscale(0); |
45 | $value=""; | 45 | $value=""; |
46 | if (!$digits) { | 46 | if (!$digits) { |
47 | $digits = digits($base); | 47 | $digits = digits($base); |
48 | } | 48 | } |
49 | 49 | ||
50 | while ($dec > $base-1) { | 50 | while ($dec > $base-1) { |
51 | $rest = bcmod($dec, $base); | 51 | $rest = bcmod($dec, $base); |
52 | $dec = bcdiv($dec, $base); | 52 | $dec = bcdiv($dec, $base); |
53 | $value = $digits[$rest].$value; | 53 | $value = $digits[$rest].$value; |
54 | } | 54 | } |
55 | 55 | ||
56 | $value=$digits[intval($dec)].$value; | 56 | $value=$digits[intval($dec)].$value; |
57 | 57 | ||
58 | return (string)$value; | 58 | return (string)$value; |
59 | } | 59 | } |
60 | 60 | ||
61 | //............................................................................. | 61 | //............................................................................. |
62 | 62 | ||
63 | // convert another base value to its decimal value | 63 | // convert another base value to its decimal value |
64 | function base2dec($value, $base, $digits=FALSE) { | 64 | function base2dec($value, $base, $digits=FALSE) { |
65 | if ($base<2 or $base>256) { | 65 | if ($base<2 or $base>256) { |
66 | die("Invalid Base: ".$base); | 66 | die("Invalid Base: ".$base); |
67 | } | 67 | } |
68 | 68 | ||
69 | bcscale(0); | 69 | bcscale(0); |
70 | if ($base<37) { | 70 | if ($base<37) { |
71 | $value=strtolower($value); | 71 | $value=strtolower($value); |
72 | } | 72 | } |
73 | 73 | ||
74 | if (!$digits) { | 74 | if (!$digits) { |
75 | $digits=digits($base); | 75 | $digits=digits($base); |
76 | } | 76 | } |
77 | 77 | ||
78 | $size = strlen($value); | 78 | $size = strlen($value); |
79 | $dec="0"; | 79 | $dec="0"; |
80 | for ($loop=0; $loop<$size; $loop++) { | 80 | for ($loop=0; $loop<$size; $loop++) { |
81 | $element = strpos($digits, $value[$loop]); | 81 | $element = strpos($digits, $value[$loop]); |
82 | $power = bcpow($base, $size-$loop-1); | 82 | $power = bcpow($base, $size-$loop-1); |
83 | $dec = bcadd($dec, bcmul($element,$power)); | 83 | $dec = bcadd($dec, bcmul($element,$power)); |
84 | } | 84 | } |
85 | 85 | ||
86 | return (string)$dec; | 86 | return (string)$dec; |
87 | } | 87 | } |
88 | 88 | ||
89 | //............................................................................. | 89 | //............................................................................. |
90 | 90 | ||
91 | function digits($base) { | 91 | function digits($base) { |
92 | if ($base>64) { | 92 | if ($base>64) { |
93 | $digits=""; | 93 | $digits=""; |
94 | for ($loop=0; $loop<256; $loop++) { | 94 | for ($loop=0; $loop<256; $loop++) { |
95 | $digits.=chr($loop); | 95 | $digits.=chr($loop); |
96 | } | 96 | } |
97 | } else { | 97 | } else { |
98 | $digits ="0123456789abcdefghijklmnopqrstuvwxyz"; | 98 | $digits ="0123456789abcdefghijklmnopqrstuvwxyz"; |
99 | $digits.="ABCDEFGHIJKLMNOPQRSTUVWXYZ-_"; | 99 | $digits.="ABCDEFGHIJKLMNOPQRSTUVWXYZ-_"; |
100 | } | 100 | } |
101 | 101 | ||
102 | $digits=substr($digits,0,$base); | 102 | $digits=substr($digits,0,$base); |
103 | 103 | ||
104 | return (string)$digits; | 104 | return (string)$digits; |
105 | } | 105 | } |
106 | 106 | ||
107 | //----------------------------------------------------------------------------- | 107 | //----------------------------------------------------------------------------- |
108 | 108 | ||
109 | function clipperz_hash($value) { | 109 | function clipperz_hash($value) { |
110 | return hash("sha256", hash("sha256", $value, true)); | 110 | return hash("sha256", hash("sha256", $value, true)); |
111 | } | 111 | } |
112 | 112 | ||
113 | //----------------------------------------------------------------------------- | 113 | //----------------------------------------------------------------------------- |
114 | 114 | ||
115 | function clipperz_randomSeed() { | 115 | function clipperz_randomSeed() { |
116 | $result; | 116 | $result; |
117 | 117 | ||
118 | srand((double) microtime()*1000000); | 118 | srand((double) microtime()*1000000); |
119 | $result = ""; | 119 | $result = ""; |
120 | 120 | ||
121 | while(strlen($result) < 64) { | 121 | while(strlen($result) < 64) { |
122 | $result = $result.dec2base(rand(), 16); | 122 | $result = $result.dec2base(rand(), 16); |
123 | } | 123 | } |
124 | 124 | ||
125 | $result = substr($result, 0, 64); | 125 | $result = substr($result, 0, 64); |
126 | 126 | ||
127 | return $result; | 127 | return $result; |
128 | } | 128 | } |
129 | 129 | ||
130 | //----------------------------------------------------------------------------- | 130 | //----------------------------------------------------------------------------- |
131 | 131 | ||
132 | function updateUserCredentials($parameters, &$user) { | 132 | function updateUserCredentials($parameters, &$user) { |
133 | $user->username = $parameters["C"]; | 133 | $user->username = $parameters["C"]; |
134 | $user->srp_s = $parameters["s"]; | 134 | $user->srp_s = $parameters["s"]; |
135 | $user->srp_v = $parameters["v"]; | 135 | $user->srp_v = $parameters["v"]; |
136 | $user->auth_version =$parameters["version"]; | 136 | $user->auth_version =$parameters["version"]; |
137 | } | 137 | } |
138 | 138 | ||
139 | function updateUserData($parameters, &$user) { | 139 | function updateUserData($parameters, &$user) { |
140 | $user->header = $parameters["header"]; | 140 | $user->header = $parameters["header"]; |
141 | $user->statistics =$parameters["statistics"]; | 141 | $user->statistics =$parameters["statistics"]; |
142 | $user->version =$parameters["version"]; | 142 | $user->version =$parameters["version"]; |
143 | $user->lock = $parameters["lock"]; | 143 | $user->lock = $parameters["lock"]; |
144 | } | 144 | } |
145 | 145 | ||
146 | function updateRecordData($parameters, &$record, &$recordVersion) { | 146 | function updateRecordData($parameters, &$record, &$recordVersion) { |
147 | $recordData = $parameters["record"]; | 147 | $recordData = $parameters["record"]; |
148 | $record->reference =$recordData["reference"]; | 148 | $record->reference =$recordData["reference"]; |
149 | $record->data = $recordData["data"]; | 149 | $record->data = $recordData["data"]; |
150 | $record->version = $recordData["version"]; | 150 | $record->version = $recordData["version"]; |
151 | 151 | ||
152 | $recordVersionData = $parameters["currentRecordVersion"]; | 152 | $recordVersionData = $parameters["currentRecordVersion"]; |
153 | $recordVersion->reference = $recordVersionData ["reference"]; | 153 | $recordVersion->reference = $recordVersionData ["reference"]; |
154 | $recordVersion->data = $recordVersionData ["data"]; | 154 | $recordVersion->data = $recordVersionData ["data"]; |
155 | $recordVersion->version = $recordVersionData ["version"]; | 155 | $recordVersion->version = $recordVersionData ["version"]; |
156 | $recordVersion->previous_version_id =$recordVersionData ["previousVersion"]; | 156 | $recordVersion->previous_version_id =$recordVersionData ["previousVersion"]; |
157 | $recordVersion->previous_version_key =$recordVersionData ["previousVersionKey"]; | 157 | $recordVersion->previous_version_key =$recordVersionData ["previousVersionKey"]; |
158 | } | 158 | } |
159 | 159 | ||
160 | //----------------------------------------------------------------------------- | 160 | //----------------------------------------------------------------------------- |
161 | 161 | ||
162 | function updateOTPStatus(&$otp, $status) { | 162 | function updateOTPStatus(&$otp, $status) { |
163 | $otpStatus = new onetimepasswordstatus(); | 163 | $otpStatus = new onetimepasswordstatus(); |
164 | $selectedStatuses = $otpStatus->GetList(array(array("code", "=", $status))); | 164 | $selectedStatuses = $otpStatus->GetList(array(array("code", "=", $status))); |
165 | $otpStatus = $selectedStatuses[0]; | 165 | $otpStatus = $selectedStatuses[0]; |
166 | $otp->SetOnetimepasswordstatus($otpStatus); | 166 | $otp->SetOnetimepasswordstatus($otpStatus); |
167 | } | 167 | } |
168 | 168 | ||
169 | function updateOTP($parameters, &$otp, $status) { | 169 | function updateOTP($parameters, &$otp, $status) { |
170 | $otp->reference = $parameters["reference"]; | 170 | $otp->reference = $parameters["reference"]; |
171 | $otp->key = $parameters["key"]; | 171 | $otp->key = $parameters["key"]; |
172 | $otp->key_checksum= $parameters["keyChecksum"]; | 172 | $otp->key_checksum= $parameters["keyChecksum"]; |
173 | $otp->data = $parameters["data"]; | 173 | $otp->data = $parameters["data"]; |
174 | $otp->version = $parameters["version"]; | 174 | $otp->version = $parameters["version"]; |
175 | 175 | ||
176 | updateOTPStatus($otp, $status); | 176 | updateOTPStatus($otp, $status); |
177 | } | 177 | } |
178 | 178 | ||
179 | function resetOTP(&$otp, $status) { | 179 | function resetOTP(&$otp, $status) { |
180 | $otp->data = ""; | 180 | $otp->data = ""; |
181 | updateOTPStatus($otp, $status); | 181 | updateOTPStatus($otp, $status); |
182 | $otp->Save(); | 182 | $otp->Save(); |
183 | } | 183 | } |
184 | 184 | ||
185 | //----------------------------------------------------------------------------- | 185 | //----------------------------------------------------------------------------- |
186 | 186 | ||
187 | function fixOTPStatusTable() { | 187 | function fixOTPStatusTable() { |
188 | $otpStatus = new onetimepasswordstatus(); | 188 | $otpStatus = new onetimepasswordstatus(); |
189 | $otpStatusList = $otpStatus->GetList(); | 189 | $otpStatusList = $otpStatus->GetList(); |
190 | if (count($otpStatusList) != 4) { | 190 | if (count($otpStatusList) != 4) { |
191 | $otpStatus->DeleteList(); | 191 | $otpStatus->DeleteList(); |
192 | 192 | ||
193 | $otpStatus->code = "ACTIVE"; $otpStatus->name = "Active"; $otpStatus->description = "Active"; $otpStatus->SaveNew(); | 193 | $otpStatus->code = "ACTIVE"; $otpStatus->name = "Active"; $otpStatus->description = "Active"; $otpStatus->SaveNew(); |
194 | $otpStatus->code = "REQUESTED"; $otpStatus->name = "Requested"; $otpStatus->description = "Requested";$otpStatus->SaveNew(); | 194 | $otpStatus->code = "REQUESTED"; $otpStatus->name = "Requested"; $otpStatus->description = "Requested";$otpStatus->SaveNew(); |
195 | $otpStatus->code = "USED"; $otpStatus->name = "Used"; $otpStatus->description = "Used"; $otpStatus->SaveNew(); | 195 | $otpStatus->code = "USED"; $otpStatus->name = "Used"; $otpStatus->description = "Used"; $otpStatus->SaveNew(); |
196 | $otpStatus->code = "DISABLED"; $otpStatus->name = "Disabled"; $otpStatus->description = "Disabled";$otpStatus->SaveNew(); | 196 | $otpStatus->code = "DISABLED"; $otpStatus->name = "Disabled"; $otpStatus->description = "Disabled";$otpStatus->SaveNew(); |
197 | } | 197 | } |
198 | } | 198 | } |
199 | 199 | ||
200 | //----------------------------------------------------------------------------- | 200 | //----------------------------------------------------------------------------- |
201 | 201 | ||
202 | function arrayContainsValue($array, $value) { | 202 | function arrayContainsValue($array, $value) { |
203 | $object = NULL; | 203 | $object = NULL; |
204 | for ($i=0; $i<count($array); $i++) { | 204 | for ($i=0; $i<count($array); $i++) { |
205 | if ($array[$i] == $value) { | 205 | if ($array[$i] == $value) { |
206 | $object = $value; | 206 | $object = $value; |
207 | } | 207 | } |
208 | } | 208 | } |
209 | 209 | ||
210 | return !is_null($object); | 210 | return !is_null($object); |
211 | } | 211 | } |
212 | 212 | ||
213 | //----------------------------------------------------------------------------- | 213 | //----------------------------------------------------------------------------- |
214 | 214 | ||
215 | $result = Array(); | 215 | $result = Array(); |
216 | 216 | ||
217 | session_start(); | 217 | session_start(); |
218 | 218 | ||
219 | $method = $_POST['method']; | 219 | $method = $_POST['method']; |
220 | 220 | ||
221 | if (get_magic_quotes_gpc()) { | 221 | if (get_magic_quotes_gpc()) { |
222 | $parameters = json_decode(stripslashes($_POST['parameters']), true); | 222 | $parameters = json_decode(stripslashes($_POST['parameters']), true); |
223 | } else { | 223 | } else { |
224 | $parameters = json_decode($_POST['parameters'], true); | 224 | $parameters = json_decode($_POST['parameters'], true); |
225 | } | 225 | } |
226 | 226 | ||
227 | $parameters = $parameters["parameters"]; | 227 | $parameters = $parameters["parameters"]; |
228 | 228 | ||
229 | switch($method) { | 229 | switch($method) { |
230 | case "registration": | 230 | case "registration": |
231 | error_log("registration"); | 231 | error_log("registration"); |
232 | $message = $parameters["message"]; | 232 | $message = $parameters["message"]; |
233 | 233 | ||
234 | if ($message == "completeRegistration") { | 234 | if ($message == "completeRegistration") { |
235 | $user = new user(); | 235 | $user = new user(); |
236 | 236 | ||
237 | updateUserCredentials($parameters["credentials"], $user); | 237 | updateUserCredentials($parameters["credentials"], $user); |
238 | updateUserData($parameters["user"], $user); | 238 | updateUserData($parameters["user"], $user); |
239 | $user->Save(); | 239 | $user->Save(); |
240 | 240 | ||
241 | $result["lock"] = $user->lock; | 241 | $result["lock"] = $user->lock; |
242 | $result["result"] = "done"; | 242 | $result["result"] = "done"; |
243 | } | 243 | } |
244 | break; | 244 | break; |
245 | 245 | ||
246 | case "handshake": | 246 | case "handshake": |
247 | error_log("handshake"); | 247 | error_log("handshake"); |
248 | $srp_g = "2"; | 248 | $srp_g = "2"; |
249 | $srp_n = base2dec("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); | 249 | $srp_n = base2dec("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); |
250 | 250 | ||
251 | $message = $parameters["message"]; | 251 | $message = $parameters["message"]; |
252 | 252 | ||
253 | //============================================================= | 253 | //============================================================= |
254 | if ($message == "connect") { | 254 | if ($message == "connect") { |
255 | $user= new user(); | 255 | $user= new user(); |
256 | $_SESSION["C"] = $parameters["parameters"]["C"]; | 256 | $_SESSION["C"] = $parameters["parameters"]["C"]; |
257 | $_SESSION["A"] = $parameters["parameters"]["A"]; | 257 | $_SESSION["A"] = $parameters["parameters"]["A"]; |
258 | 258 | ||
259 | $userList = $user->GetList(array(array("username", "=", $_SESSION["C"]))); | 259 | $userList = $user->GetList(array(array("username", "=", $_SESSION["C"]))); |
260 | 260 | ||
261 | if (count($userList) == 1) { | 261 | if (count($userList) == 1) { |
262 | $currentUser = $userList[ 0 ]; | 262 | $currentUser = $userList[ 0 ]; |
263 | 263 | ||
264 | if (array_key_exists("otpId", $_SESSION)) { | 264 | if (array_key_exists("otpId", $_SESSION)) { |
265 | $otp = new onetimepassword(); | 265 | $otp = new onetimepassword(); |
266 | $otp = $otp->Get($_SESSION["otpId"]); | 266 | $otp = $otp->Get($_SESSION["otpId"]); |
267 | 267 | ||
268 | if ($otp->GetUser()->userId != $currentUser->userId) { | 268 | if ($otp->GetUser()->userId != $currentUser->userId) { |
269 | throw new Exception("User missmatch between the current session and 'One Time Password' user"); | 269 | throw new Exception("User missmatch between the current session and 'One Time Password' user"); |
270 | } else if ($otp->GetOnetimepasswordstatus()->code != "REQUESTED") { | 270 | } else if ($otp->GetOnetimepasswordstatus()->code != "REQUESTED") { |
271 | throw new Exception("Tring to use an 'One Time Password' in the wrong state"); | 271 | throw new Exception("Tring to use an 'One Time Password' in the wrong state"); |
272 | } | 272 | } |
273 | 273 | ||
274 | resetOTP($otp, "USED"); | 274 | resetOTP($otp, "USED"); |
275 | $result["oneTimePassword"] = $otp->reference; | 275 | $result["oneTimePassword"] = $otp->reference; |
276 | } | 276 | } |
277 | 277 | ||
278 | $_SESSION["s"] = $currentUser->srp_s; | 278 | $_SESSION["s"] = $currentUser->srp_s; |
279 | $_SESSION["v"] = $currentUser->srp_v; | 279 | $_SESSION["v"] = $currentUser->srp_v; |
280 | $_SESSION["userId"] = $currentUser->userId; | 280 | $_SESSION["userId"] = $currentUser->userId; |
281 | } else { | 281 | } else { |
282 | $_SESSION["s"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; | 282 | $_SESSION["s"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; |
283 | $_SESSION["v"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; | 283 | $_SESSION["v"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; |
284 | } | 284 | } |
285 | 285 | ||
286 | $_SESSION["b"] = clipperz_randomSeed(); | 286 | $_SESSION["b"] = clipperz_randomSeed(); |
287 | // $_SESSION["b"] = "5761e6c84d22ea3c5649de01702d60f674ccfe79238540eb34c61cd020230c53"; | 287 | // $_SESSION["b"] = "5761e6c84d22ea3c5649de01702d60f674ccfe79238540eb34c61cd020230c53"; |
288 | $_SESSION["B"] = dec2base(bcadd(base2dec($_SESSION["v"], 16), bcpowmod($srp_g, base2dec($_SESSION["b"], 16), $srp_n)), 16); | 288 | $_SESSION["B"] = dec2base(bcadd(base2dec($_SESSION["v"], 16), bcpowmod($srp_g, base2dec($_SESSION["b"], 16), $srp_n)), 16); |
289 | 289 | ||
290 | $result["s"] = $_SESSION["s"]; | 290 | $result["s"] = $_SESSION["s"]; |
291 | $result["B"] = $_SESSION["B"]; | 291 | $result["B"] = $_SESSION["B"]; |
292 | 292 | ||
293 | //============================================================= | 293 | //============================================================= |
294 | } else if ($message == "credentialCheck") { | 294 | } else if ($message == "credentialCheck") { |
295 | error_log("credentialCheck"); | 295 | error_log("credentialCheck"); |
296 | $u = clipperz_hash(base2dec($_SESSION["B"],16)); | 296 | $u = clipperz_hash(base2dec($_SESSION["B"],16)); |
297 | $A = base2dec($_SESSION["A"], 16); | 297 | $A = base2dec($_SESSION["A"], 16); |
298 | $S = bcpowmod(bcmul($A, bcpowmod(base2dec($_SESSION["v"], 16), base2dec($u, 16), $srp_n)), base2dec($_SESSION["b"], 16), $srp_n); | 298 | $S = bcpowmod(bcmul($A, bcpowmod(base2dec($_SESSION["v"], 16), base2dec($u, 16), $srp_n)), base2dec($_SESSION["b"], 16), $srp_n); |
299 | $K = clipperz_hash($S); | 299 | $K = clipperz_hash($S); |
300 | $M1 = clipperz_hash($A.base2dec($_SESSION["B"],16).$K); | 300 | $M1 = clipperz_hash($A.base2dec($_SESSION["B"],16).$K); |
301 | 301 | ||
302 | //$result["B"] = $_SESSION["B"]; | 302 | //$result["B"] = $_SESSION["B"]; |
303 | //$result["u"] = $u; | 303 | //$result["u"] = $u; |
304 | //$result["A"] = $A; | 304 | //$result["A"] = $A; |
305 | //$result["S"] = $S; | 305 | //$result["S"] = $S; |
306 | //$result["K"] = $K; | 306 | //$result["K"] = $K; |
307 | //$result["M1"] = $M1; | 307 | //$result["M1"] = $M1; |
308 | //$result["_M1"] = $parameters["parameters"]["M1"]; | 308 | //$result["_M1"] = $parameters["parameters"]["M1"]; |
309 | 309 | ||
310 | if ($M1 == $parameters["parameters"]["M1"]) { | 310 | if ($M1 == $parameters["parameters"]["M1"]) { |
311 | $_SESSION["K"] = $K; | 311 | $_SESSION["K"] = $K; |
312 | $M2 = clipperz_hash($A.$M1.$K); | 312 | $M2 = clipperz_hash($A.$M1.$K); |
313 | 313 | ||
314 | $result["M2"] = $M2; | 314 | $result["M2"] = $M2; |
315 | $result["connectionId"] = ""; | 315 | $result["connectionId"] = ""; |
316 | $result["loginInfo"] = array(); | 316 | $result["loginInfo"] = array(); |
317 | $result["loginInfo"]["latest"] = array(); | 317 | $result["loginInfo"]["latest"] = array(); |
318 | $result["loginInfo"]["current"] = array(); | 318 | $result["loginInfo"]["current"] = array(); |
319 | $result["offlineCopyNeeded"] = "false"; | 319 | $result["offlineCopyNeeded"] = "false"; |
320 | $result["lock"] = "----"; | 320 | $result["lock"] = "----"; |
321 | } else { | 321 | } else { |
322 | $result["error"] = "?"; | 322 | $result["error"] = "?"; |
323 | } | 323 | } |
324 | //============================================================= | 324 | //============================================================= |
325 | } else if ($message == "oneTimePassword") { | 325 | } else if ($message == "oneTimePassword") { |
326 | error_log("oneTimePassword"); | 326 | error_log("oneTimePassword"); |
327 | //{ | 327 | //{ |
328 | //"message":"oneTimePassword", | 328 | //"message":"oneTimePassword", |
329 | //"version":"0.2", | 329 | //"version":"0.2", |
330 | //"parameters":{ | 330 | //"parameters":{ |
331 | // "oneTimePasswordKey":"06dfa7f428081f8b2af98b0895e14e18af90b0ef2ff32828e55cc2ac6b24d29b", | 331 | // "oneTimePasswordKey":"06dfa7f428081f8b2af98b0895e14e18af90b0ef2ff32828e55cc2ac6b24d29b", |
332 | // "oneTimePasswordKeyChecksum":"60bcba3f72e56f6bb3f0ff88509b9a0e5ec730dfa71daa4c1e892dbd1b0c360d" | 332 | // "oneTimePasswordKeyChecksum":"60bcba3f72e56f6bb3f0ff88509b9a0e5ec730dfa71daa4c1e892dbd1b0c360d" |
333 | //} | 333 | //} |
334 | //} | 334 | //} |
335 | $otp = new onetimepassword(); | 335 | $otp = new onetimepassword(); |
336 | $otpList = $otp->GetList(array(array("key", "=", $parameters["parameters"]["oneTimePasswordKey"]))); | 336 | $otpList = $otp->GetList(array(array("key", "=", $parameters["parameters"]["oneTimePasswordKey"]))); |
337 | 337 | ||
338 | if (count($otpList) == 1) { | 338 | if (count($otpList) == 1) { |
339 | $currentOtp = $otpList[0]; | 339 | $currentOtp = $otpList[0]; |
340 | 340 | ||
341 | if ($currentOtp->GetOnetimepasswordstatus()->code == "ACTIVE") { | 341 | if ($currentOtp->GetOnetimepasswordstatus()->code == "ACTIVE") { |
342 | if ($currentOtp->key_checksum == $parameters["parameters"]["oneTimePasswordKeyChecksum"]) { | 342 | if ($currentOtp->key_checksum == $parameters["parameters"]["oneTimePasswordKeyChecksum"]) { |
343 | $_SESSION["userId"] = $currentOtp->GetUser()->userId; | 343 | $_SESSION["userId"] = $currentOtp->GetUser()->userId; |
344 | $_SESSION["otpId"]= $currentOtp->onetimepasswordId; | 344 | $_SESSION["otpId"]= $currentOtp->onetimepasswordId; |
345 | 345 | ||
346 | $result["data"] = $currentOtp->data; | 346 | $result["data"] = $currentOtp->data; |
347 | $result["version"] = $currentOtp->version; | 347 | $result["version"] = $currentOtp->version; |
348 | 348 | ||
349 | resetOTP($currentOtp, "REQUESTED"); | 349 | resetOTP($currentOtp, "REQUESTED"); |
350 | } else { | 350 | } else { |
351 | resetOTP($currentOtp, "DISABLED"); | 351 | resetOTP($currentOtp, "DISABLED"); |
352 | throw new Exception("The requested One Time Password has been disabled, due to a wrong keyChecksum"); | 352 | throw new Exception("The requested One Time Password has been disabled, due to a wrong keyChecksum"); |
353 | } | 353 | } |
354 | } else { | 354 | } else { |
355 | throw new Exception("The requested One Time Password was not active"); | 355 | throw new Exception("The requested One Time Password was not active"); |
356 | } | 356 | } |
357 | } else { | 357 | } else { |
358 | throw new Exception("The requested One Time Password has not been found"); | 358 | throw new Exception("The requested One Time Password has not been found"); |
359 | } | 359 | } |
360 | 360 | ||
361 | //============================================================= | 361 | //============================================================= |
362 | } | 362 | } |
363 | 363 | ||
364 | break; | 364 | break; |
365 | 365 | ||
366 | case "message": | 366 | case "message": |
367 | error_log("message"); | 367 | error_log("message"); |
368 | if ($parameters["srpSharedSecret"] == $_SESSION["K"]) { | 368 | if ($parameters["srpSharedSecret"] == $_SESSION["K"]) { |
369 | $message = $parameters["message"]; | 369 | $message = $parameters["message"]; |
370 | 370 | ||
371 | //============================================================= | 371 | //============================================================= |
372 | if ($message == "getUserDetails") { | 372 | if ($message == "getUserDetails") { |
373 | //{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}} | 373 | //{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}} |
374 | $user = new user(); | 374 | $user = new user(); |
375 | $user = $user->Get($_SESSION["userId"]); | 375 | $user = $user->Get($_SESSION["userId"]); |
376 | 376 | ||
377 | $result["header"] = $user->header; | 377 | $result["header"] = $user->header; |
378 | |||
378 | $records = $user->GetRecordList(); | 379 | $records = $user->GetRecordList(); |
379 | foreach ($records as $record) | 380 | foreach ($records as $record) { |
380 | { | ||
381 | $recordStats["updateDate"] = $record->update_date; | 381 | $recordStats["updateDate"] = $record->update_date; |
382 | $recordsStats[$record->reference] = $recordStats; | 382 | $recordsStats[$record->reference] = $recordStats; |
383 | } | 383 | } |
384 | $result["recordsStats"] = $recordsStats; | 384 | $result["recordsStats"] = $recordsStats; |
385 | |||
385 | $result["statistics"] =$user->statistics; | 386 | $result["statistics"] =$user->statistics; |
386 | $result["version"] =$user->version; | 387 | $result["version"] =$user->version; |
387 | 388 | ||
388 | //============================================================= | 389 | //============================================================= |
389 | } else if ($message == "addNewRecords") { | 390 | } else if ($message == "addNewRecords") { |
390 | /* | 391 | /* |
391 | //{ | 392 | //{ |
392 | //"message":"addNewRecords", | 393 | //"message":"addNewRecords", |
393 | //"srpSharedSecret":"b58fdf62acebbcb67f63d28c0437f166069f45690c648cd4376a792ae7a325f7", | 394 | //"srpSharedSecret":"b58fdf62acebbcb67f63d28c0437f166069f45690c648cd4376a792ae7a325f7", |
394 | //"parameters":{ | 395 | //"parameters":{ |
395 | // "records":[ | 396 | // "records":[ |
396 | // { | 397 | // { |
397 | // "record":{ | 398 | // "record":{ |
398 | // "reference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", | 399 | // "reference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", |
399 | // "data":"OBSGtcb6blXq/xaYG.....4EqlQqgAvITN", | 400 | // "data":"OBSGtcb6blXq/xaYG.....4EqlQqgAvITN", |
400 | // "version":"0.3" | 401 | // "version":"0.3" |
401 | // }, | 402 | // }, |
402 | // "currentRecordVersion":{ | 403 | // "currentRecordVersion":{ |
403 | // "reference":"83ad301525c18f2afd72b6ac82c0a713382e1ef70ac69935ca7e2869dd4ff980", | 404 | // "reference":"83ad301525c18f2afd72b6ac82c0a713382e1ef70ac69935ca7e2869dd4ff980", |
404 | // "recordReference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", | 405 | // "recordReference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", |
405 | // "data":"NXJ5jiZhkd0CMiwwntAq....1TjjF+SGfE=", | 406 | // "data":"NXJ5jiZhkd0CMiwwntAq....1TjjF+SGfE=", |
406 | // "version":"0.3", | 407 | // "version":"0.3", |
407 | // "previousVersion":"3e174a86afc322271d8af28bc062b0f1bfd7344fad01212cd08b2757c4b199c4", | 408 | // "previousVersion":"3e174a86afc322271d8af28bc062b0f1bfd7344fad01212cd08b2757c4b199c4", |
408 | // "previousVersionKey":"kozaaGCzXWr71LbOKu6Z3nz520V..5U85tSBvb+u44twttv54Kw==" | 409 | // "previousVersionKey":"kozaaGCzXWr71LbOKu6Z3nz520V..5U85tSBvb+u44twttv54Kw==" |
409 | // } | 410 | // } |
410 | // } | 411 | // } |
411 | // ], | 412 | // ], |
412 | // "user":{ | 413 | // "user":{ |
413 | // "header":"{\"reco...ersion\":\"0.1\"}", | 414 | // "header":"{\"reco...ersion\":\"0.1\"}", |
414 | // "statistics":"rKI6nR6iqggygQJ3SQ58bFUX", | 415 | // "statistics":"rKI6nR6iqggygQJ3SQ58bFUX", |
415 | // "version":"0.3", | 416 | // "version":"0.3", |
416 | // "lock":"----" | 417 | // "lock":"----" |
417 | // } | 418 | // } |
418 | //} | 419 | //} |
419 | //} | 420 | //} |
420 | */ | 421 | */ |
421 | $user = new user(); | 422 | $user = new user(); |
422 | $record = new record(); | 423 | $record = new record(); |
423 | $recordVersion = new recordversion(); | 424 | $recordVersion = new recordversion(); |
424 | 425 | ||
425 | $user = $user->Get($_SESSION["userId"]); | 426 | $user = $user->Get($_SESSION["userId"]); |
426 | updateUserData($parameters["parameters"]["user"], $user); | 427 | updateUserData($parameters["parameters"]["user"], $user); |
427 | 428 | ||
428 | $recordParameterList = $parameters["parameters"]["records"]; | 429 | $recordParameterList = $parameters["parameters"]["records"]; |
429 | $c = count($recordParameterList); | 430 | $c = count($recordParameterList); |
430 | for ($i=0; $i<$c; $i++) { | 431 | for ($i=0; $i<$c; $i++) { |
431 | updateRecordData($recordParameterList[$i], $record, $recordVersion); | 432 | updateRecordData($recordParameterList[$i], $record, $recordVersion); |
432 | 433 | ||
433 | $record->SaveNew(); | 434 | $record->SaveNew(); |
434 | $recordVersion->SaveNew(); | 435 | $recordVersion->SaveNew(); |
435 | 436 | ||
436 | $record->AddRecordversion($recordVersion); | 437 | $record->AddRecordversion($recordVersion); |
437 | $user->AddRecord($record); | 438 | $user->AddRecord($record); |
438 | 439 | ||
439 | $record->Save(); | 440 | $record->Save(); |
440 | $recordVersion->Save(); | 441 | $recordVersion->Save(); |
441 | } | 442 | } |
442 | 443 | ||
443 | $user->Save(); | 444 | $user->Save(); |
444 | 445 | ||
445 | $result["lock"] = $user->lock; | 446 | $result["lock"] = $user->lock; |
446 | $result["result"] = "done"; | 447 | $result["result"] = "done"; |
447 | 448 | ||
448 | //============================================================= | 449 | //============================================================= |
449 | } else if ($message == "getRecordDetail") { | 450 | } else if ($message == "getRecordDetail") { |
450 | //{ | 451 | //{ |
451 | //"message":"getRecordDetail", | 452 | //"message":"getRecordDetail", |
452 | //"srpSharedSecret":"4c00dcb66a9f2aea41a87e4707c526874e2eb29cc72d2c7086837e53d6bf2dfe", | 453 | //"srpSharedSecret":"4c00dcb66a9f2aea41a87e4707c526874e2eb29cc72d2c7086837e53d6bf2dfe", |
453 | //"parameters":{ | 454 | //"parameters":{ |
454 | // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50" | 455 | // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50" |
455 | //} | 456 | //} |
456 | //} | 457 | //} |
457 | // | 458 | // |
458 | //result = { | 459 | //result = { |
459 | // currentVersion:{ | 460 | // currentVersion:{ |
460 | // reference:"88943d709c3ea2442d4f58eaaec6409276037e5a37e0a6d167b9dad9e947e854", | 461 | // reference:"88943d709c3ea2442d4f58eaaec6409276037e5a37e0a6d167b9dad9e947e854", |
461 | // accessDate:"Wed, 13 February 2008 14:25:12 UTC", | 462 | // accessDate:"Wed, 13 February 2008 14:25:12 UTC", |
462 | // creationDate:"Tue, 17 April 2007 17:17:52 UTC", | 463 | // creationDate:"Tue, 17 April 2007 17:17:52 UTC", |
463 | // version:"0.2", | 464 | // version:"0.2", |
464 | // data:"xI3WXddQLFtL......EGyKnnAVik", | 465 | // data:"xI3WXddQLFtL......EGyKnnAVik", |
465 | // updateDate:"Tue, 17 April 2007 17:17:52 UTC", | 466 | // updateDate:"Tue, 17 April 2007 17:17:52 UTC", |
466 | // header:"####" | 467 | // header:"####" |
467 | // } | 468 | // } |
468 | // reference:"13a5e52976337ab210903cd04872588e1b21fb72bc183e91aa25c494b8138551", | 469 | // reference:"13a5e52976337ab210903cd04872588e1b21fb72bc183e91aa25c494b8138551", |
469 | // oldestUsedEncryptedVersion:"0.2", | 470 | // oldestUsedEncryptedVersion:"0.2", |
470 | // accessDate:"Wed, 13 February 2008 14:25:12 UTC", | 471 | // accessDate:"Wed, 13 February 2008 14:25:12 UTC", |
471 | // creationDate:"Wed, 14 March 2007 13:53:11 UTC", | 472 | // creationDate:"Wed, 14 March 2007 13:53:11 UTC", |
472 | // version:"0.2", | 473 | // version:"0.2", |
473 | // updatedDate:"Tue, 17 April 2007 17:17:52 UTC", | 474 | // updatedDate:"Tue, 17 April 2007 17:17:52 UTC", |
474 | // data:"0/BjzyY6jeh71h...pAw2++NEyylGhMC5C5f5m8pBApYziN84s4O3JQ3khW/1UttQl4=" | 475 | // data:"0/BjzyY6jeh71h...pAw2++NEyylGhMC5C5f5m8pBApYziN84s4O3JQ3khW/1UttQl4=" |
475 | //} | 476 | //} |
476 | $record = new record(); | 477 | $record = new record(); |
477 | 478 | ||
478 | $recordList = $record->GetList(array(array("reference", "=", $parameters["parameters"]["reference"]))); | 479 | $recordList = $record->GetList(array(array("reference", "=", $parameters["parameters"]["reference"]))); |
479 | $currentRecord = $recordList[0]; | 480 | $currentRecord = $recordList[0]; |
480 | $currentRecordVersions = $currentRecord->GetRecordversionList(); | 481 | $currentRecordVersions = $currentRecord->GetRecordversionList(); |
481 | $currentVersion = $currentRecordVersions[0]; | 482 | $currentVersion = $currentRecordVersions[0]; |
482 | 483 | ||
483 | $result["currentVersion"] = array(); | 484 | $result["currentVersion"] = array(); |
484 | $result["currentVersion"]["reference"] =$currentVersion->reference; | 485 | $result["currentVersion"]["reference"] =$currentVersion->reference; |
485 | $result["currentVersion"]["data"] = $currentVersion->data; | 486 | $result["currentVersion"]["data"] = $currentVersion->data; |
486 | $result["currentVersion"]["header"] = $currentVersion->header; | 487 | $result["currentVersion"]["header"] = $currentVersion->header; |
487 | $result["currentVersion"]["version"] = $currentVersion->version; | 488 | $result["currentVersion"]["version"] = $currentVersion->version; |
488 | $result["currentVersion"]["creationDate"] =$currentVersion->creation_date; | 489 | $result["currentVersion"]["creationDate"] =$currentVersion->creation_date; |
489 | $result["currentVersion"]["updateDate"] =$currentVersion->update_date; | 490 | $result["currentVersion"]["updateDate"] =$currentVersion->update_date; |
490 | $result["currentVersion"]["accessDate"] =$currentVersion->access_date; | 491 | $result["currentVersion"]["accessDate"] =$currentVersion->access_date; |
491 | 492 | ||
492 | $result["reference"] = $currentRecord->reference; | 493 | $result["reference"] = $currentRecord->reference; |
493 | $result["data"] = $currentRecord->data; | 494 | $result["data"] = $currentRecord->data; |
494 | $result["version"] = $currentRecord->version; | 495 | $result["version"] = $currentRecord->version; |
495 | $result["creationDate"] =$currentRecord->creation_date; | 496 | $result["creationDate"] =$currentRecord->creation_date; |
496 | $result["updateDate"] = $currentRecord->update_date; | 497 | $result["updateDate"] = $currentRecord->update_date; |
497 | $result["accessDate"] = $currentRecord->access_date; | 498 | $result["accessDate"] = $currentRecord->access_date; |
498 | $result["oldestUsedEncryptedVersion"] ="---"; | 499 | $result["oldestUsedEncryptedVersion"] ="---"; |
499 | 500 | ||
500 | //============================================================= | 501 | //============================================================= |
501 | } else if ($message == "updateData") { | 502 | } else if ($message == "updateData") { |
502 | //{ | 503 | //{ |
503 | //"message":"updateData", | 504 | //"message":"updateData", |
504 | //"srpSharedSecret":"4e4aadb1d64513ec4dd42f5e8d5b2d4363de75e4424b6bcf178c9d6a246356c5", | 505 | //"srpSharedSecret":"4e4aadb1d64513ec4dd42f5e8d5b2d4363de75e4424b6bcf178c9d6a246356c5", |
505 | //"parameters":{ | 506 | //"parameters":{ |
506 | // "records":[ | 507 | // "records":[ |
507 | // { | 508 | // { |
508 | // "record":{ | 509 | // "record":{ |
509 | // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", | 510 | // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", |
510 | // "data":"8hgR0Z+JDrUa812polDJ....JnZUKXNEqKI", | 511 | // "data":"8hgR0Z+JDrUa812polDJ....JnZUKXNEqKI", |
511 | // "version":"0.3" | 512 | // "version":"0.3" |
512 | // }, | 513 | // }, |
513 | // "currentRecordVersion":{ | 514 | // "currentRecordVersion":{ |
514 | // "reference":"b1d82aeb9a0c4f6584bea68ba80839f43dd6ede79791549e29a1860554b144ee", | 515 | // "reference":"b1d82aeb9a0c4f6584bea68ba80839f43dd6ede79791549e29a1860554b144ee", |
515 | // "recordReference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", | 516 | // "recordReference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", |
516 | // "data":"2d/UgKxxV+kBPV9GRUE.....VGonDoW0tqefxOJo=", | 517 | // "data":"2d/UgKxxV+kBPV9GRUE.....VGonDoW0tqefxOJo=", |
517 | // "version":"0.3", | 518 | // "version":"0.3", |
518 | // "previousVersion":"55904195249037394316d3be3f5e78f08073170103bf0e7ab49a911c159cb0be", | 519 | // "previousVersion":"55904195249037394316d3be3f5e78f08073170103bf0e7ab49a911c159cb0be", |
519 | // "previousVersionKey":"YWiaZeMIVHaIl96OWW+2e8....6d6nHbn6cr2NA/dbQRuC2w==" | 520 | // "previousVersionKey":"YWiaZeMIVHaIl96OWW+2e8....6d6nHbn6cr2NA/dbQRuC2w==" |
520 | // } | 521 | // } |
521 | // } | 522 | // } |
522 | // ], | 523 | // ], |
523 | // "user":{ | 524 | // "user":{ |
524 | // "header":"{\"rec.....sion\":\"0.1\"}", | 525 | // "header":"{\"rec.....sion\":\"0.1\"}", |
525 | // "statistics":"tt3uU9hWBy8rNnMckgCnxMJh", | 526 | // "statistics":"tt3uU9hWBy8rNnMckgCnxMJh", |
526 | // "version":"0.3", | 527 | // "version":"0.3", |
527 | // "lock":"----" | 528 | // "lock":"----" |
528 | // } | 529 | // } |
529 | //} | 530 | //} |
530 | //} | 531 | //} |
531 | 532 | ||
532 | $user = new user(); | 533 | $user = new user(); |
533 | $user = $user->Get($_SESSION["userId"]); | 534 | $user = $user->Get($_SESSION["userId"]); |
534 | updateUserData($parameters["parameters"]["user"], $user); | 535 | updateUserData($parameters["parameters"]["user"], $user); |
535 | $user->Save(); | 536 | $user->Save(); |
536 | 537 | ||
537 | $recordParameterList = $parameters["parameters"]["records"]; | 538 | $recordParameterList = $parameters["parameters"]["records"]; |
538 | $c = count($recordParameterList); | 539 | $c = count($recordParameterList); |
539 | for ($i=0; $i<$c; $i++) { | 540 | for ($i=0; $i<$c; $i++) { |
540 | $recordList = $user->GetRecordList(array(array("reference", "=", $recordParameterList[$i]["record"]["reference"]))); | 541 | $recordList = $user->GetRecordList(array(array("reference", "=", $recordParameterList[$i]["record"]["reference"]))); |
541 | $currentRecord = $recordList[0]; | 542 | $currentRecord = $recordList[0]; |
542 | $currentRecordVersions = $currentRecord->GetRecordversionList(); | 543 | $currentRecordVersions = $currentRecord->GetRecordversionList(); |
543 | $currentVersion = $currentRecordVersions[0]; | 544 | $currentVersion = $currentRecordVersions[0]; |
544 | 545 | ||
545 | updateRecordData($recordParameterList[$i], $currentRecord, $currentVersion); | 546 | updateRecordData($recordParameterList[$i], $currentRecord, $currentVersion); |
546 | 547 | ||
547 | 548 | ||
548 | $currentRecord->Save(); | 549 | $currentRecord->Save(); |
549 | $currentVersion->Save(); | 550 | $currentVersion->Save(); |
550 | } | 551 | } |
551 | 552 | ||
552 | 553 | ||
553 | $result["lock"] = $user->lock; | 554 | $result["lock"] = $user->lock; |
554 | $result["result"] = "done"; | 555 | $result["result"] = "done"; |
555 | 556 | ||
556 | //============================================================= | 557 | //============================================================= |
557 | } else if ($message == "deleteRecords") { | 558 | } else if ($message == "deleteRecords") { |
558 | //{ | 559 | //{ |
559 | //"message":"deleteRecords", | 560 | //"message":"deleteRecords", |
560 | //"srpSharedSecret":"4a64982f7ee366954ec50b9efea62a902a097ef111410c2aa7c4d5343bd1cdd1", | 561 | //"srpSharedSecret":"4a64982f7ee366954ec50b9efea62a902a097ef111410c2aa7c4d5343bd1cdd1", |
561 | //"parameters":{ | 562 | //"parameters":{ |
562 | // "recordReferences":["46494c81d10b80ab190d41e6806ef63869cfcc7a0ab8fe98cc3f93de4729bb9a"], | 563 | // "recordReferences":["46494c81d10b80ab190d41e6806ef63869cfcc7a0ab8fe98cc3f93de4729bb9a"], |
563 | // "user":{ | 564 | // "user":{ |
564 | // "header":"{\"rec...rsion\":\"0.1\"}", | 565 | // "header":"{\"rec...rsion\":\"0.1\"}", |
565 | // "statistics":"44kOOda0xYZjbcugJBdagBQx", | 566 | // "statistics":"44kOOda0xYZjbcugJBdagBQx", |
566 | // "version":"0.3", | 567 | // "version":"0.3", |
567 | // "lock":"----" | 568 | // "lock":"----" |
568 | // } | 569 | // } |
569 | //} | 570 | //} |
570 | //} | 571 | //} |
571 | $user = new user(); | 572 | $user = new user(); |
572 | $user = $user->Get($_SESSION["userId"]); | 573 | $user = $user->Get($_SESSION["userId"]); |
573 | 574 | ||
574 | $recordReferenceList = $parameters["parameters"]["recordReferences"]; | 575 | $recordReferenceList = $parameters["parameters"]["recordReferences"]; |
575 | $recordList = array(); | 576 | $recordList = array(); |
576 | $c = count($recordReferenceList); | 577 | $c = count($recordReferenceList); |
577 | for ($i=0; $i<$c; $i++) { | 578 | for ($i=0; $i<$c; $i++) { |
578 | array_push($recordList, array("reference", "=", $recordReferenceList[$i])); | 579 | array_push($recordList, array("reference", "=", $recordReferenceList[$i])); |
579 | } | 580 | } |
580 | 581 | ||
581 | $record = new record(); | 582 | $record = new record(); |
582 | $record->DeleteList($recordList, true); | 583 | $record->DeleteList($recordList, true); |
583 | 584 | ||
584 | updateUserData($parameters["parameters"]["user"], $user); | 585 | updateUserData($parameters["parameters"]["user"], $user); |
585 | $user->Save(); | 586 | $user->Save(); |
586 | 587 | ||
587 | $result["recordList"] = $recordList; | 588 | $result["recordList"] = $recordList; |
588 | $result["lock"] = $user->lock; | 589 | $result["lock"] = $user->lock; |
589 | $result["result"] = "done"; | 590 | $result["result"] = "done"; |
590 | 591 | ||
591 | //============================================================= | 592 | //============================================================= |
592 | } else if ($message == "deleteUser") { | 593 | } else if ($message == "deleteUser") { |
593 | //{"message":"deleteUser", "srpSharedSecret":"e8e4ca6544dca49c95b3647d8358ad54c317048b74d2ac187ac25f719c9bac58", "parameters":{}} | 594 | //{"message":"deleteUser", "srpSharedSecret":"e8e4ca6544dca49c95b3647d8358ad54c317048b74d2ac187ac25f719c9bac58", "parameters":{}} |
594 | $user = new user(); | 595 | $user = new user(); |
595 | $user->Get($_SESSION["userId"]); | 596 | $user->Get($_SESSION["userId"]); |
596 | $user->Delete(true); | 597 | $user->Delete(true); |
597 | 598 | ||
598 | $result["result"] = "ok"; | 599 | $result["result"] = "ok"; |
599 | 600 | ||
600 | //============================================================= | 601 | //============================================================= |
601 | } else if ($message == "addNewOneTimePassword") { | 602 | } else if ($message == "addNewOneTimePassword") { |
602 | //{ | 603 | //{ |
603 | //"message":"addNewOneTimePassword", | 604 | //"message":"addNewOneTimePassword", |
604 | //"srpSharedSecret":"96fee4af06c09ce954fe7a9f87970e943449186bebf70bac0af1d6ebb818dabb", | 605 | //"srpSharedSecret":"96fee4af06c09ce954fe7a9f87970e943449186bebf70bac0af1d6ebb818dabb", |
605 | //"parameters":{ | 606 | //"parameters":{ |
606 | // "user":{ | 607 | // "user":{ |
607 | // "header":"{\"records\":{\"index\":{\"419ea6....rsion\":\"0.1\"}", | 608 | // "header":"{\"records\":{\"index\":{\"419ea6....rsion\":\"0.1\"}", |
608 | // "statistics":"rrlwNbDt83rpWT4S72upiVsC", | 609 | // "statistics":"rrlwNbDt83rpWT4S72upiVsC", |
609 | // "version":"0.3", | 610 | // "version":"0.3", |
610 | // "lock":"----" | 611 | // "lock":"----" |
611 | // }, | 612 | // }, |
612 | // "oneTimePassword":{ | 613 | // "oneTimePassword":{ |
613 | // "reference":"29e26f3a2aae61fe5cf58c45296c6df4f3dceafe067ea550b455be345f44123c", | 614 | // "reference":"29e26f3a2aae61fe5cf58c45296c6df4f3dceafe067ea550b455be345f44123c", |
614 | // "key":"afb848208758361a96a298b9db08995cf036011747809357a90645bc93fdfa03", | 615 | // "key":"afb848208758361a96a298b9db08995cf036011747809357a90645bc93fdfa03", |
615 | // "keyChecksum":"d1599ae443b5a566bfd93c0aeec4c81b42c0506ee09874dae050449580bb3486", | 616 | // "keyChecksum":"d1599ae443b5a566bfd93c0aeec4c81b42c0506ee09874dae050449580bb3486", |
616 | // "data":"hsyY8DHksgR52x6c4j7XAtIUeY.....dxsr3XWt7CbGg==", | 617 | // "data":"hsyY8DHksgR52x6c4j7XAtIUeY.....dxsr3XWt7CbGg==", |
617 | // "version":"0.3" | 618 | // "version":"0.3" |
618 | // } | 619 | // } |
619 | //} | 620 | //} |
620 | //} | 621 | //} |
621 | 622 | ||
622 | fixOTPStatusTable(); | 623 | fixOTPStatusTable(); |
623 | 624 | ||
624 | $user = new user(); | 625 | $user = new user(); |
625 | $user = $user->Get($_SESSION["userId"]); | 626 | $user = $user->Get($_SESSION["userId"]); |
626 | 627 | ||
627 | $otp = new onetimepassword(); | 628 | $otp = new onetimepassword(); |
628 | updateOTP($parameters["parameters"]["oneTimePassword"], $otp, "ACTIVE"); | 629 | updateOTP($parameters["parameters"]["oneTimePassword"], $otp, "ACTIVE"); |
629 | $user->AddOnetimepassword($otp); | 630 | $user->AddOnetimepassword($otp); |
630 | 631 | ||
631 | updateUserData($parameters["parameters"]["user"], $user); | 632 | updateUserData($parameters["parameters"]["user"], $user); |
632 | $user->Save(); | 633 | $user->Save(); |
633 | 634 | ||
634 | $result["lock"] = $user->lock; | 635 | $result["lock"] = $user->lock; |
635 | $result["result"] = "done"; | 636 | $result["result"] = "done"; |
636 | 637 | ||
637 | //============================================================= | 638 | //============================================================= |
638 | } else if ($message == "updateOneTimePasswords") { | 639 | } else if ($message == "updateOneTimePasswords") { |
639 | //{ | 640 | //{ |
640 | //"message":"updateOneTimePasswords", | 641 | //"message":"updateOneTimePasswords", |
641 | //"srpSharedSecret":"c78f8ed099ea421f4dd0a4e02dbaf1f7da925f0088188d99399874ff064a3d27", | 642 | //"srpSharedSecret":"c78f8ed099ea421f4dd0a4e02dbaf1f7da925f0088188d99399874ff064a3d27", |
642 | //"parameters":{ | 643 | //"parameters":{ |
643 | // "user":{ | 644 | // "user":{ |
644 | // "header":"{\"reco...sion\":\"0.1\"}", | 645 | // "header":"{\"reco...sion\":\"0.1\"}", |
645 | // "statistics":"UeRq75RZHzDC7elzrh/+OB5d", | 646 | // "statistics":"UeRq75RZHzDC7elzrh/+OB5d", |
646 | // "version":"0.3", | 647 | // "version":"0.3", |
647 | // "lock":"----" | 648 | // "lock":"----" |
648 | // }, | 649 | // }, |
649 | // "oneTimePasswords":["f5f44c232f239efe48ab81a6236deea1a840d52946f7d4d782dad52b4c5359ce"] | 650 | // "oneTimePasswords":["f5f44c232f239efe48ab81a6236deea1a840d52946f7d4d782dad52b4c5359ce"] |
650 | //} | 651 | //} |
651 | //} | 652 | //} |
652 | 653 | ||
653 | $user = new user(); | 654 | $user = new user(); |
654 | $user = $user->Get($_SESSION["userId"]); | 655 | $user = $user->Get($_SESSION["userId"]); |
655 | 656 | ||
656 | $validOtpReferences = $parameters["parameters"]["oneTimePasswords"]; | 657 | $validOtpReferences = $parameters["parameters"]["oneTimePasswords"]; |
657 | 658 | ||
658 | $otpList = $user->GetOnetimepasswordList(); | 659 | $otpList = $user->GetOnetimepasswordList(); |
659 | $c = count($otpList); | 660 | $c = count($otpList); |
660 | for ($i=0; $i<$c; $i++) { | 661 | for ($i=0; $i<$c; $i++) { |
661 | $currentOtp = $otpList[$i]; | 662 | $currentOtp = $otpList[$i]; |
662 | if (arrayContainsValue($validOtpReferences, $currentOtp->reference) == false) { | 663 | if (arrayContainsValue($validOtpReferences, $currentOtp->reference) == false) { |
663 | $currentOtp->Delete(); | 664 | $currentOtp->Delete(); |
664 | } | 665 | } |
665 | } | 666 | } |
666 | 667 | ||
667 | updateUserData($parameters["parameters"]["user"], $user); | 668 | updateUserData($parameters["parameters"]["user"], $user); |
668 | $user->Save(); | 669 | $user->Save(); |
669 | 670 | ||
670 | $result["result"] = $user->lock; | 671 | $result["result"] = $user->lock; |
671 | 672 | ||
672 | //============================================================= | 673 | //============================================================= |
673 | } else if ($message == "getOneTimePasswordsDetails") { | 674 | } else if ($message == "getOneTimePasswordsDetails") { |
674 | 675 | ||
675 | //============================================================= | 676 | //============================================================= |
676 | } else if ($message == "getLoginHistory") { | 677 | } else if ($message == "getLoginHistory") { |
677 | $result["result"] = array(); | 678 | $result["result"] = array(); |
678 | 679 | ||
679 | //============================================================= | 680 | //============================================================= |
680 | } else if ($message == "upgradeUserCredentials") { | 681 | } else if ($message == "upgradeUserCredentials") { |
681 | //{ | 682 | //{ |
682 | //"message":"upgradeUserCredentials", | 683 | //"message":"upgradeUserCredentials", |
683 | //"srpSharedSecret":"f1c25322e1478c8fb26063e9eef2f6fc25e0460065a31cb718f80bcff8f8a735", | 684 | //"srpSharedSecret":"f1c25322e1478c8fb26063e9eef2f6fc25e0460065a31cb718f80bcff8f8a735", |
684 | //"parameters":{ | 685 | //"parameters":{ |
685 | // "user":{ | 686 | // "user":{ |
686 | // "header":"{\"reco...sion\":\"0.1\"}", | 687 | // "header":"{\"reco...sion\":\"0.1\"}", |
687 | // "statistics":"s72Xva+w7CLgH+ihwqwXUbyu", | 688 | // "statistics":"s72Xva+w7CLgH+ihwqwXUbyu", |
688 | // "version":"0.3", | 689 | // "version":"0.3", |
689 | // "lock":"----" | 690 | // "lock":"----" |
690 | // }, | 691 | // }, |
691 | // "credentials":{ | 692 | // "credentials":{ |
692 | // "C":"57d15a8afbc1ae08103bd991d387ddfd8d26824276476fe709d754f098b6c26d", | 693 | // "C":"57d15a8afbc1ae08103bd991d387ddfd8d26824276476fe709d754f098b6c26d", |
693 | // "s":"d6735fc0486f391c4f3c947928f9e61a2418e7bed2bc9b25bb43f93acc52f636", | 694 | // "s":"d6735fc0486f391c4f3c947928f9e61a2418e7bed2bc9b25bb43f93acc52f636", |
694 | // "v":"540c2ebbf941a481b6b2c9026c07fb46e8202e4408ed96864a696deb622baece", | 695 | // "v":"540c2ebbf941a481b6b2c9026c07fb46e8202e4408ed96864a696deb622baece", |
695 | // "version":"0.2" | 696 | // "version":"0.2" |
696 | // }, | 697 | // }, |
697 | // "oneTimePasswords":{ | 698 | // "oneTimePasswords":{ |
698 | // "923cdc61c4b877b263236124c44d69b459d240453a461cce8ddf7518b423ca94": "1HD6Ta0xsifEDhDwE....9WDK6tvrS6w==", | 699 | // "923cdc61c4b877b263236124c44d69b459d240453a461cce8ddf7518b423ca94": "1HD6Ta0xsifEDhDwE....9WDK6tvrS6w==", |
699 | // "fb1573cb9497652a81688a099a524fb116e604c6fbc191cf33406eb8438efa5f": "CocN0cSxLmMRdgNF9....o3xhGUEY68Q==" | 700 | // "fb1573cb9497652a81688a099a524fb116e604c6fbc191cf33406eb8438efa5f": "CocN0cSxLmMRdgNF9....o3xhGUEY68Q==" |
700 | // } | 701 | // } |
701 | //} | 702 | //} |
702 | //} | 703 | //} |
703 | 704 | ||
704 | $user = new user(); | 705 | $user = new user(); |
705 | $user->Get($_SESSION["userId"]); | 706 | $user->Get($_SESSION["userId"]); |
706 | 707 | ||
707 | $otp = new onetimepassword(); | 708 | $otp = new onetimepassword(); |
708 | 709 | ||
709 | updateUserCredentials($parameters["parameters"]["credentials"], $user); | 710 | updateUserCredentials($parameters["parameters"]["credentials"], $user); |
710 | updateUserData($parameters["parameters"]["user"], $user); | 711 | updateUserData($parameters["parameters"]["user"], $user); |
711 | 712 | ||
712 | $otpList = $parameters["parameters"]["oneTimePasswords"]; | 713 | $otpList = $parameters["parameters"]["oneTimePasswords"]; |
713 | foreach($otpList as $otpReference=>$otpData) { | 714 | foreach($otpList as $otpReference=>$otpData) { |
714 | $otpList = $otp->GetList(array(array("reference", "=", $otpReference))); | 715 | $otpList = $otp->GetList(array(array("reference", "=", $otpReference))); |
715 | $currentOtp = $otpList[0]; | 716 | $currentOtp = $otpList[0]; |
716 | $currentOtp->data = $otpData; | 717 | $currentOtp->data = $otpData; |
717 | $currentOtp->Save(); | 718 | $currentOtp->Save(); |
718 | } | 719 | } |
719 | 720 | ||
720 | $user->Save(); | 721 | $user->Save(); |
721 | 722 | ||
722 | $result["lock"] = $user->lock; | 723 | $result["lock"] = $user->lock; |
723 | $result["result"] = "done"; | 724 | $result["result"] = "done"; |
724 | 725 | ||
725 | //============================================================= | 726 | //============================================================= |
726 | } else if ($message == "echo") { | 727 | } else if ($message == "echo") { |
727 | $result["result"] = $parameters; | 728 | $result["result"] = $parameters; |
728 | } | 729 | } |
729 | 730 | ||
730 | //============================================================= | 731 | //============================================================= |
731 | } else if (isset($_SESSION['K'])) { | 732 | } else if (isset($_SESSION['K'])) { |
732 | $result["error"] = "Wrong shared secret!"; | 733 | $result["error"] = "Wrong shared secret!"; |
733 | } else { | 734 | } else { |
734 | $result["result"] = "EXCEPTION"; | 735 | $result["result"] = "EXCEPTION"; |
735 | $result["message"] = "Trying to communicate without an active connection"; | 736 | $result["message"] = "Trying to communicate without an active connection"; |
736 | } | 737 | } |
737 | break; | 738 | break; |
738 | 739 | ||
739 | case "logout": | 740 | case "logout": |
740 | error_log("logout"); | 741 | error_log("logout"); |
741 | session_destroy(); | 742 | session_destroy(); |
742 | break; | 743 | break; |
743 | 744 | ||
744 | default: | 745 | default: |
745 | error_log("default"); | 746 | error_log("default"); |
746 | $result["result"] = $parameters; | 747 | $result["result"] = $parameters; |
747 | break; | 748 | break; |
748 | } | 749 | } |
749 | 750 | ||
750 | session_write_close(); | 751 | session_write_close(); |
751 | 752 | ||
752 | echo(json_encode($result)); | 753 | echo(json_encode($result)); |
753 | error_log("result: ".json_encode($result)); | 754 | error_log("result: ".json_encode($result)); |
754 | ?> | 755 | ?> |