summaryrefslogtreecommitdiff
path: root/backend
authorGiulio Cesare Solaroli <giulio.cesare@clipperz.com>2011-10-06 22:57:46 (UTC)
committer Giulio Cesare Solaroli <giulio.cesare@clipperz.com>2011-10-06 22:57:46 (UTC)
commit647a8a53917dd15dc81caaeb36c658e18e579ab0 (patch) (unidiff)
tree16caa4aca7c943632f9398360fc7f9a9ef3b3f0e /backend
parenta26b219b6f4f3fee727d9b23d8cd374f6b32a4fa (diff)
downloadclipperz-647a8a53917dd15dc81caaeb36c658e18e579ab0.zip
clipperz-647a8a53917dd15dc81caaeb36c658e18e579ab0.tar.gz
clipperz-647a8a53917dd15dc81caaeb36c658e18e579ab0.tar.bz2
Fixed the formatting of PHP code
Diffstat (limited to 'backend') (more/less context) (ignore whitespace changes)
-rw-r--r--backend/php/src/index.php5
1 files changed, 3 insertions, 2 deletions
diff --git a/backend/php/src/index.php b/backend/php/src/index.php
index 3d23e7a..214ac01 100644
--- a/backend/php/src/index.php
+++ b/backend/php/src/index.php
@@ -1,754 +1,755 @@
1<?php 1<?php
2 include "./configuration.php"; 2 include "./configuration.php";
3 include "./objects/class.database.php"; 3 include "./objects/class.database.php";
4 include "./objects/class.user.php"; 4 include "./objects/class.user.php";
5 include "./objects/class.record.php"; 5 include "./objects/class.record.php";
6 include "./objects/class.recordversion.php"; 6 include "./objects/class.recordversion.php";
7 include "./objects/class.onetimepassword.php"; 7 include "./objects/class.onetimepassword.php";
8 include "./objects/class.onetimepasswordstatus.php"; 8 include "./objects/class.onetimepasswordstatus.php";
9 9
10//----------------------------------------------------------------------------- 10//-----------------------------------------------------------------------------
11 11
12if ( !function_exists('json_decode') ) { 12if ( !function_exists('json_decode') ) {
13 function json_decode($content, $assoc=false) { 13 function json_decode($content, $assoc=false) {
14 require_once 'json/JSON.php'; 14 require_once 'json/JSON.php';
15 if ( $assoc ) { 15 if ( $assoc ) {
16 $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE); 16 $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE);
17 } else { 17 } else {
18 $json = new Services_JSON; 18 $json = new Services_JSON;
19 } 19 }
20 20
21 return $json->decode($content); 21 return $json->decode($content);
22 } 22 }
23} 23}
24 24
25if ( !function_exists('json_encode') ) { 25if ( !function_exists('json_encode') ) {
26 function json_encode($content) { 26 function json_encode($content) {
27 require_once 'json/JSON.php'; 27 require_once 'json/JSON.php';
28 $json = new Services_JSON; 28 $json = new Services_JSON;
29 29
30 return $json->encode($content); 30 return $json->encode($content);
31 } 31 }
32} 32}
33 33
34//----------------------------------------------------------------------------- 34//-----------------------------------------------------------------------------
35 //'dec2base', 'base2dec' and 'digits' are functions found on the following 35 //'dec2base', 'base2dec' and 'digits' are functions found on the following
36 //PHP manual page: http://ch2.php.net/manual/en/ref.bc.php 36 //PHP manual page: http://ch2.php.net/manual/en/ref.bc.php
37// 37//
38 38
39function dec2base($dec, $base, $digits=FALSE) { 39function dec2base($dec, $base, $digits=FALSE) {
40 if ($base<2 or $base>256) { 40 if ($base<2 or $base>256) {
41 die("Invalid Base: ".$base); 41 die("Invalid Base: ".$base);
42 } 42 }
43 43
44 bcscale(0); 44 bcscale(0);
45 $value=""; 45 $value="";
46 if (!$digits) { 46 if (!$digits) {
47 $digits = digits($base); 47 $digits = digits($base);
48 } 48 }
49 49
50 while ($dec > $base-1) { 50 while ($dec > $base-1) {
51 $rest = bcmod($dec, $base); 51 $rest = bcmod($dec, $base);
52 $dec = bcdiv($dec, $base); 52 $dec = bcdiv($dec, $base);
53 $value = $digits[$rest].$value; 53 $value = $digits[$rest].$value;
54 } 54 }
55 55
56 $value=$digits[intval($dec)].$value; 56 $value=$digits[intval($dec)].$value;
57 57
58 return (string)$value; 58 return (string)$value;
59} 59}
60 60
61//............................................................................. 61//.............................................................................
62 62
63// convert another base value to its decimal value 63// convert another base value to its decimal value
64function base2dec($value, $base, $digits=FALSE) { 64function base2dec($value, $base, $digits=FALSE) {
65 if ($base<2 or $base>256) { 65 if ($base<2 or $base>256) {
66 die("Invalid Base: ".$base); 66 die("Invalid Base: ".$base);
67 } 67 }
68 68
69 bcscale(0); 69 bcscale(0);
70 if ($base<37) { 70 if ($base<37) {
71 $value=strtolower($value); 71 $value=strtolower($value);
72 } 72 }
73 73
74 if (!$digits) { 74 if (!$digits) {
75 $digits=digits($base); 75 $digits=digits($base);
76 } 76 }
77 77
78 $size = strlen($value); 78 $size = strlen($value);
79 $dec="0"; 79 $dec="0";
80 for ($loop=0; $loop<$size; $loop++) { 80 for ($loop=0; $loop<$size; $loop++) {
81 $element = strpos($digits, $value[$loop]); 81 $element = strpos($digits, $value[$loop]);
82 $power = bcpow($base, $size-$loop-1); 82 $power = bcpow($base, $size-$loop-1);
83 $dec = bcadd($dec, bcmul($element,$power)); 83 $dec = bcadd($dec, bcmul($element,$power));
84 } 84 }
85 85
86 return (string)$dec; 86 return (string)$dec;
87} 87}
88 88
89//............................................................................. 89//.............................................................................
90 90
91function digits($base) { 91function digits($base) {
92 if ($base>64) { 92 if ($base>64) {
93 $digits=""; 93 $digits="";
94 for ($loop=0; $loop<256; $loop++) { 94 for ($loop=0; $loop<256; $loop++) {
95 $digits.=chr($loop); 95 $digits.=chr($loop);
96 } 96 }
97 } else { 97 } else {
98 $digits ="0123456789abcdefghijklmnopqrstuvwxyz"; 98 $digits ="0123456789abcdefghijklmnopqrstuvwxyz";
99 $digits.="ABCDEFGHIJKLMNOPQRSTUVWXYZ-_"; 99 $digits.="ABCDEFGHIJKLMNOPQRSTUVWXYZ-_";
100 } 100 }
101 101
102 $digits=substr($digits,0,$base); 102 $digits=substr($digits,0,$base);
103 103
104 return (string)$digits; 104 return (string)$digits;
105} 105}
106 106
107//----------------------------------------------------------------------------- 107//-----------------------------------------------------------------------------
108 108
109function clipperz_hash($value) { 109function clipperz_hash($value) {
110 return hash("sha256", hash("sha256", $value, true)); 110 return hash("sha256", hash("sha256", $value, true));
111} 111}
112 112
113//----------------------------------------------------------------------------- 113//-----------------------------------------------------------------------------
114 114
115function clipperz_randomSeed() { 115function clipperz_randomSeed() {
116 $result; 116 $result;
117 117
118 srand((double) microtime()*1000000); 118 srand((double) microtime()*1000000);
119 $result = ""; 119 $result = "";
120 120
121 while(strlen($result) < 64) { 121 while(strlen($result) < 64) {
122 $result = $result.dec2base(rand(), 16); 122 $result = $result.dec2base(rand(), 16);
123 } 123 }
124 124
125 $result = substr($result, 0, 64); 125 $result = substr($result, 0, 64);
126 126
127 return $result; 127 return $result;
128} 128}
129 129
130//----------------------------------------------------------------------------- 130//-----------------------------------------------------------------------------
131 131
132function updateUserCredentials($parameters, &$user) { 132function updateUserCredentials($parameters, &$user) {
133 $user->username = $parameters["C"]; 133 $user->username = $parameters["C"];
134 $user->srp_s = $parameters["s"]; 134 $user->srp_s = $parameters["s"];
135 $user->srp_v = $parameters["v"]; 135 $user->srp_v = $parameters["v"];
136 $user->auth_version =$parameters["version"]; 136 $user->auth_version =$parameters["version"];
137} 137}
138 138
139function updateUserData($parameters, &$user) { 139function updateUserData($parameters, &$user) {
140 $user->header = $parameters["header"]; 140 $user->header = $parameters["header"];
141 $user->statistics =$parameters["statistics"]; 141 $user->statistics =$parameters["statistics"];
142 $user->version =$parameters["version"]; 142 $user->version =$parameters["version"];
143 $user->lock = $parameters["lock"]; 143 $user->lock = $parameters["lock"];
144} 144}
145 145
146function updateRecordData($parameters, &$record, &$recordVersion) { 146function updateRecordData($parameters, &$record, &$recordVersion) {
147 $recordData = $parameters["record"]; 147 $recordData = $parameters["record"];
148 $record->reference =$recordData["reference"]; 148 $record->reference =$recordData["reference"];
149 $record->data = $recordData["data"]; 149 $record->data = $recordData["data"];
150 $record->version = $recordData["version"]; 150 $record->version = $recordData["version"];
151 151
152 $recordVersionData = $parameters["currentRecordVersion"]; 152 $recordVersionData = $parameters["currentRecordVersion"];
153 $recordVersion->reference = $recordVersionData ["reference"]; 153 $recordVersion->reference = $recordVersionData ["reference"];
154 $recordVersion->data = $recordVersionData ["data"]; 154 $recordVersion->data = $recordVersionData ["data"];
155 $recordVersion->version = $recordVersionData ["version"]; 155 $recordVersion->version = $recordVersionData ["version"];
156 $recordVersion->previous_version_id =$recordVersionData ["previousVersion"]; 156 $recordVersion->previous_version_id =$recordVersionData ["previousVersion"];
157 $recordVersion->previous_version_key =$recordVersionData ["previousVersionKey"]; 157 $recordVersion->previous_version_key =$recordVersionData ["previousVersionKey"];
158} 158}
159 159
160//----------------------------------------------------------------------------- 160//-----------------------------------------------------------------------------
161 161
162function updateOTPStatus(&$otp, $status) { 162function updateOTPStatus(&$otp, $status) {
163 $otpStatus = new onetimepasswordstatus(); 163 $otpStatus = new onetimepasswordstatus();
164 $selectedStatuses = $otpStatus->GetList(array(array("code", "=", $status))); 164 $selectedStatuses = $otpStatus->GetList(array(array("code", "=", $status)));
165 $otpStatus = $selectedStatuses[0]; 165 $otpStatus = $selectedStatuses[0];
166 $otp->SetOnetimepasswordstatus($otpStatus); 166 $otp->SetOnetimepasswordstatus($otpStatus);
167} 167}
168 168
169function updateOTP($parameters, &$otp, $status) { 169function updateOTP($parameters, &$otp, $status) {
170 $otp->reference = $parameters["reference"]; 170 $otp->reference = $parameters["reference"];
171 $otp->key = $parameters["key"]; 171 $otp->key = $parameters["key"];
172 $otp->key_checksum= $parameters["keyChecksum"]; 172 $otp->key_checksum= $parameters["keyChecksum"];
173 $otp->data = $parameters["data"]; 173 $otp->data = $parameters["data"];
174 $otp->version = $parameters["version"]; 174 $otp->version = $parameters["version"];
175 175
176 updateOTPStatus($otp, $status); 176 updateOTPStatus($otp, $status);
177} 177}
178 178
179function resetOTP(&$otp, $status) { 179function resetOTP(&$otp, $status) {
180 $otp->data = ""; 180 $otp->data = "";
181 updateOTPStatus($otp, $status); 181 updateOTPStatus($otp, $status);
182 $otp->Save(); 182 $otp->Save();
183} 183}
184 184
185//----------------------------------------------------------------------------- 185//-----------------------------------------------------------------------------
186 186
187function fixOTPStatusTable() { 187function fixOTPStatusTable() {
188 $otpStatus = new onetimepasswordstatus(); 188 $otpStatus = new onetimepasswordstatus();
189 $otpStatusList = $otpStatus->GetList(); 189 $otpStatusList = $otpStatus->GetList();
190 if (count($otpStatusList) != 4) { 190 if (count($otpStatusList) != 4) {
191 $otpStatus->DeleteList(); 191 $otpStatus->DeleteList();
192 192
193 $otpStatus->code = "ACTIVE"; $otpStatus->name = "Active"; $otpStatus->description = "Active"; $otpStatus->SaveNew(); 193 $otpStatus->code = "ACTIVE"; $otpStatus->name = "Active"; $otpStatus->description = "Active"; $otpStatus->SaveNew();
194 $otpStatus->code = "REQUESTED"; $otpStatus->name = "Requested"; $otpStatus->description = "Requested";$otpStatus->SaveNew(); 194 $otpStatus->code = "REQUESTED"; $otpStatus->name = "Requested"; $otpStatus->description = "Requested";$otpStatus->SaveNew();
195 $otpStatus->code = "USED"; $otpStatus->name = "Used"; $otpStatus->description = "Used"; $otpStatus->SaveNew(); 195 $otpStatus->code = "USED"; $otpStatus->name = "Used"; $otpStatus->description = "Used"; $otpStatus->SaveNew();
196 $otpStatus->code = "DISABLED"; $otpStatus->name = "Disabled"; $otpStatus->description = "Disabled";$otpStatus->SaveNew(); 196 $otpStatus->code = "DISABLED"; $otpStatus->name = "Disabled"; $otpStatus->description = "Disabled";$otpStatus->SaveNew();
197 } 197 }
198} 198}
199 199
200//----------------------------------------------------------------------------- 200//-----------------------------------------------------------------------------
201 201
202function arrayContainsValue($array, $value) { 202function arrayContainsValue($array, $value) {
203 $object = NULL; 203 $object = NULL;
204 for ($i=0; $i<count($array); $i++) { 204 for ($i=0; $i<count($array); $i++) {
205 if ($array[$i] == $value) { 205 if ($array[$i] == $value) {
206 $object = $value; 206 $object = $value;
207 } 207 }
208 } 208 }
209 209
210 return !is_null($object); 210 return !is_null($object);
211} 211}
212 212
213//----------------------------------------------------------------------------- 213//-----------------------------------------------------------------------------
214 214
215 $result = Array(); 215 $result = Array();
216 216
217 session_start(); 217 session_start();
218 218
219 $method = $_POST['method']; 219 $method = $_POST['method'];
220 220
221 if (get_magic_quotes_gpc()) { 221 if (get_magic_quotes_gpc()) {
222 $parameters = json_decode(stripslashes($_POST['parameters']), true); 222 $parameters = json_decode(stripslashes($_POST['parameters']), true);
223 } else { 223 } else {
224 $parameters = json_decode($_POST['parameters'], true); 224 $parameters = json_decode($_POST['parameters'], true);
225 } 225 }
226 226
227 $parameters = $parameters["parameters"]; 227 $parameters = $parameters["parameters"];
228 228
229 switch($method) { 229 switch($method) {
230 case "registration": 230 case "registration":
231error_log("registration"); 231error_log("registration");
232 $message = $parameters["message"]; 232 $message = $parameters["message"];
233 233
234 if ($message == "completeRegistration") { 234 if ($message == "completeRegistration") {
235 $user = new user(); 235 $user = new user();
236 236
237 updateUserCredentials($parameters["credentials"], $user); 237 updateUserCredentials($parameters["credentials"], $user);
238 updateUserData($parameters["user"], $user); 238 updateUserData($parameters["user"], $user);
239 $user->Save(); 239 $user->Save();
240 240
241 $result["lock"] = $user->lock; 241 $result["lock"] = $user->lock;
242 $result["result"] = "done"; 242 $result["result"] = "done";
243 } 243 }
244 break; 244 break;
245 245
246 case "handshake": 246 case "handshake":
247error_log("handshake"); 247error_log("handshake");
248 $srp_g = "2"; 248 $srp_g = "2";
249 $srp_n = base2dec("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); 249 $srp_n = base2dec("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16);
250 250
251 $message = $parameters["message"]; 251 $message = $parameters["message"];
252 252
253 //============================================================= 253 //=============================================================
254 if ($message == "connect") { 254 if ($message == "connect") {
255 $user= new user(); 255 $user= new user();
256 $_SESSION["C"] = $parameters["parameters"]["C"]; 256 $_SESSION["C"] = $parameters["parameters"]["C"];
257 $_SESSION["A"] = $parameters["parameters"]["A"]; 257 $_SESSION["A"] = $parameters["parameters"]["A"];
258 258
259 $userList = $user->GetList(array(array("username", "=", $_SESSION["C"]))); 259 $userList = $user->GetList(array(array("username", "=", $_SESSION["C"])));
260 260
261 if (count($userList) == 1) { 261 if (count($userList) == 1) {
262 $currentUser = $userList[ 0 ]; 262 $currentUser = $userList[ 0 ];
263 263
264 if (array_key_exists("otpId", $_SESSION)) { 264 if (array_key_exists("otpId", $_SESSION)) {
265 $otp = new onetimepassword(); 265 $otp = new onetimepassword();
266 $otp = $otp->Get($_SESSION["otpId"]); 266 $otp = $otp->Get($_SESSION["otpId"]);
267 267
268 if ($otp->GetUser()->userId != $currentUser->userId) { 268 if ($otp->GetUser()->userId != $currentUser->userId) {
269 throw new Exception("User missmatch between the current session and 'One Time Password' user"); 269 throw new Exception("User missmatch between the current session and 'One Time Password' user");
270 } else if ($otp->GetOnetimepasswordstatus()->code != "REQUESTED") { 270 } else if ($otp->GetOnetimepasswordstatus()->code != "REQUESTED") {
271 throw new Exception("Tring to use an 'One Time Password' in the wrong state"); 271 throw new Exception("Tring to use an 'One Time Password' in the wrong state");
272 } 272 }
273 273
274 resetOTP($otp, "USED"); 274 resetOTP($otp, "USED");
275 $result["oneTimePassword"] = $otp->reference; 275 $result["oneTimePassword"] = $otp->reference;
276 } 276 }
277 277
278 $_SESSION["s"] = $currentUser->srp_s; 278 $_SESSION["s"] = $currentUser->srp_s;
279 $_SESSION["v"] = $currentUser->srp_v; 279 $_SESSION["v"] = $currentUser->srp_v;
280 $_SESSION["userId"] = $currentUser->userId; 280 $_SESSION["userId"] = $currentUser->userId;
281 } else { 281 } else {
282 $_SESSION["s"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; 282 $_SESSION["s"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00";
283 $_SESSION["v"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; 283 $_SESSION["v"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00";
284 } 284 }
285 285
286 $_SESSION["b"] = clipperz_randomSeed(); 286 $_SESSION["b"] = clipperz_randomSeed();
287 // $_SESSION["b"] = "5761e6c84d22ea3c5649de01702d60f674ccfe79238540eb34c61cd020230c53"; 287 // $_SESSION["b"] = "5761e6c84d22ea3c5649de01702d60f674ccfe79238540eb34c61cd020230c53";
288 $_SESSION["B"] = dec2base(bcadd(base2dec($_SESSION["v"], 16), bcpowmod($srp_g, base2dec($_SESSION["b"], 16), $srp_n)), 16); 288 $_SESSION["B"] = dec2base(bcadd(base2dec($_SESSION["v"], 16), bcpowmod($srp_g, base2dec($_SESSION["b"], 16), $srp_n)), 16);
289 289
290 $result["s"] = $_SESSION["s"]; 290 $result["s"] = $_SESSION["s"];
291 $result["B"] = $_SESSION["B"]; 291 $result["B"] = $_SESSION["B"];
292 292
293 //============================================================= 293 //=============================================================
294 } else if ($message == "credentialCheck") { 294 } else if ($message == "credentialCheck") {
295error_log("credentialCheck"); 295error_log("credentialCheck");
296 $u = clipperz_hash(base2dec($_SESSION["B"],16)); 296 $u = clipperz_hash(base2dec($_SESSION["B"],16));
297 $A = base2dec($_SESSION["A"], 16); 297 $A = base2dec($_SESSION["A"], 16);
298 $S = bcpowmod(bcmul($A, bcpowmod(base2dec($_SESSION["v"], 16), base2dec($u, 16), $srp_n)), base2dec($_SESSION["b"], 16), $srp_n); 298 $S = bcpowmod(bcmul($A, bcpowmod(base2dec($_SESSION["v"], 16), base2dec($u, 16), $srp_n)), base2dec($_SESSION["b"], 16), $srp_n);
299 $K = clipperz_hash($S); 299 $K = clipperz_hash($S);
300 $M1 = clipperz_hash($A.base2dec($_SESSION["B"],16).$K); 300 $M1 = clipperz_hash($A.base2dec($_SESSION["B"],16).$K);
301 301
302//$result["B"] = $_SESSION["B"]; 302//$result["B"] = $_SESSION["B"];
303//$result["u"] = $u; 303//$result["u"] = $u;
304//$result["A"] = $A; 304//$result["A"] = $A;
305//$result["S"] = $S; 305//$result["S"] = $S;
306//$result["K"] = $K; 306//$result["K"] = $K;
307//$result["M1"] = $M1; 307//$result["M1"] = $M1;
308//$result["_M1"] = $parameters["parameters"]["M1"]; 308//$result["_M1"] = $parameters["parameters"]["M1"];
309 309
310 if ($M1 == $parameters["parameters"]["M1"]) { 310 if ($M1 == $parameters["parameters"]["M1"]) {
311 $_SESSION["K"] = $K; 311 $_SESSION["K"] = $K;
312 $M2 = clipperz_hash($A.$M1.$K); 312 $M2 = clipperz_hash($A.$M1.$K);
313 313
314 $result["M2"] = $M2; 314 $result["M2"] = $M2;
315 $result["connectionId"] = ""; 315 $result["connectionId"] = "";
316 $result["loginInfo"] = array(); 316 $result["loginInfo"] = array();
317 $result["loginInfo"]["latest"] = array(); 317 $result["loginInfo"]["latest"] = array();
318 $result["loginInfo"]["current"] = array(); 318 $result["loginInfo"]["current"] = array();
319 $result["offlineCopyNeeded"] = "false"; 319 $result["offlineCopyNeeded"] = "false";
320 $result["lock"] = "----"; 320 $result["lock"] = "----";
321 } else { 321 } else {
322 $result["error"] = "?"; 322 $result["error"] = "?";
323 } 323 }
324 //============================================================= 324 //=============================================================
325 } else if ($message == "oneTimePassword") { 325 } else if ($message == "oneTimePassword") {
326error_log("oneTimePassword"); 326error_log("oneTimePassword");
327//{ 327//{
328 //"message":"oneTimePassword", 328 //"message":"oneTimePassword",
329 //"version":"0.2", 329 //"version":"0.2",
330 //"parameters":{ 330 //"parameters":{
331 // "oneTimePasswordKey":"06dfa7f428081f8b2af98b0895e14e18af90b0ef2ff32828e55cc2ac6b24d29b", 331 // "oneTimePasswordKey":"06dfa7f428081f8b2af98b0895e14e18af90b0ef2ff32828e55cc2ac6b24d29b",
332 // "oneTimePasswordKeyChecksum":"60bcba3f72e56f6bb3f0ff88509b9a0e5ec730dfa71daa4c1e892dbd1b0c360d" 332 // "oneTimePasswordKeyChecksum":"60bcba3f72e56f6bb3f0ff88509b9a0e5ec730dfa71daa4c1e892dbd1b0c360d"
333 //} 333 //}
334//} 334//}
335 $otp = new onetimepassword(); 335 $otp = new onetimepassword();
336 $otpList = $otp->GetList(array(array("key", "=", $parameters["parameters"]["oneTimePasswordKey"]))); 336 $otpList = $otp->GetList(array(array("key", "=", $parameters["parameters"]["oneTimePasswordKey"])));
337 337
338 if (count($otpList) == 1) { 338 if (count($otpList) == 1) {
339 $currentOtp = $otpList[0]; 339 $currentOtp = $otpList[0];
340 340
341 if ($currentOtp->GetOnetimepasswordstatus()->code == "ACTIVE") { 341 if ($currentOtp->GetOnetimepasswordstatus()->code == "ACTIVE") {
342 if ($currentOtp->key_checksum == $parameters["parameters"]["oneTimePasswordKeyChecksum"]) { 342 if ($currentOtp->key_checksum == $parameters["parameters"]["oneTimePasswordKeyChecksum"]) {
343 $_SESSION["userId"] = $currentOtp->GetUser()->userId; 343 $_SESSION["userId"] = $currentOtp->GetUser()->userId;
344 $_SESSION["otpId"]= $currentOtp->onetimepasswordId; 344 $_SESSION["otpId"]= $currentOtp->onetimepasswordId;
345 345
346 $result["data"] = $currentOtp->data; 346 $result["data"] = $currentOtp->data;
347 $result["version"] = $currentOtp->version; 347 $result["version"] = $currentOtp->version;
348 348
349 resetOTP($currentOtp, "REQUESTED"); 349 resetOTP($currentOtp, "REQUESTED");
350 } else { 350 } else {
351 resetOTP($currentOtp, "DISABLED"); 351 resetOTP($currentOtp, "DISABLED");
352 throw new Exception("The requested One Time Password has been disabled, due to a wrong keyChecksum"); 352 throw new Exception("The requested One Time Password has been disabled, due to a wrong keyChecksum");
353 } 353 }
354 } else { 354 } else {
355 throw new Exception("The requested One Time Password was not active"); 355 throw new Exception("The requested One Time Password was not active");
356 } 356 }
357 } else { 357 } else {
358 throw new Exception("The requested One Time Password has not been found"); 358 throw new Exception("The requested One Time Password has not been found");
359 } 359 }
360 360
361 //============================================================= 361 //=============================================================
362 } 362 }
363 363
364 break; 364 break;
365 365
366 case "message": 366 case "message":
367error_log("message"); 367error_log("message");
368 if ($parameters["srpSharedSecret"] == $_SESSION["K"]) { 368 if ($parameters["srpSharedSecret"] == $_SESSION["K"]) {
369 $message = $parameters["message"]; 369 $message = $parameters["message"];
370 370
371 //============================================================= 371 //=============================================================
372 if ($message == "getUserDetails") { 372 if ($message == "getUserDetails") {
373//{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}} 373//{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}}
374 $user = new user(); 374 $user = new user();
375 $user = $user->Get($_SESSION["userId"]); 375 $user = $user->Get($_SESSION["userId"]);
376 376
377 $result["header"] = $user->header; 377 $result["header"] = $user->header;
378
378 $records = $user->GetRecordList(); 379 $records = $user->GetRecordList();
379 foreach ($records as $record) 380 foreach ($records as $record) {
380 {
381 $recordStats["updateDate"] = $record->update_date; 381 $recordStats["updateDate"] = $record->update_date;
382 $recordsStats[$record->reference] = $recordStats; 382 $recordsStats[$record->reference] = $recordStats;
383 } 383 }
384 $result["recordsStats"] = $recordsStats; 384 $result["recordsStats"] = $recordsStats;
385
385 $result["statistics"] =$user->statistics; 386 $result["statistics"] =$user->statistics;
386 $result["version"] =$user->version; 387 $result["version"] =$user->version;
387 388
388 //============================================================= 389 //=============================================================
389 } else if ($message == "addNewRecords") { 390 } else if ($message == "addNewRecords") {
390/* 391/*
391//{ 392//{
392 //"message":"addNewRecords", 393 //"message":"addNewRecords",
393 //"srpSharedSecret":"b58fdf62acebbcb67f63d28c0437f166069f45690c648cd4376a792ae7a325f7", 394 //"srpSharedSecret":"b58fdf62acebbcb67f63d28c0437f166069f45690c648cd4376a792ae7a325f7",
394 //"parameters":{ 395 //"parameters":{
395 // "records":[ 396 // "records":[
396 // { 397 // {
397 // "record":{ 398 // "record":{
398 // "reference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", 399 // "reference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610",
399 // "data":"OBSGtcb6blXq/xaYG.....4EqlQqgAvITN", 400 // "data":"OBSGtcb6blXq/xaYG.....4EqlQqgAvITN",
400 // "version":"0.3" 401 // "version":"0.3"
401 // }, 402 // },
402 // "currentRecordVersion":{ 403 // "currentRecordVersion":{
403 // "reference":"83ad301525c18f2afd72b6ac82c0a713382e1ef70ac69935ca7e2869dd4ff980", 404 // "reference":"83ad301525c18f2afd72b6ac82c0a713382e1ef70ac69935ca7e2869dd4ff980",
404 // "recordReference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", 405 // "recordReference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610",
405 // "data":"NXJ5jiZhkd0CMiwwntAq....1TjjF+SGfE=", 406 // "data":"NXJ5jiZhkd0CMiwwntAq....1TjjF+SGfE=",
406 // "version":"0.3", 407 // "version":"0.3",
407 // "previousVersion":"3e174a86afc322271d8af28bc062b0f1bfd7344fad01212cd08b2757c4b199c4", 408 // "previousVersion":"3e174a86afc322271d8af28bc062b0f1bfd7344fad01212cd08b2757c4b199c4",
408 // "previousVersionKey":"kozaaGCzXWr71LbOKu6Z3nz520V..5U85tSBvb+u44twttv54Kw==" 409 // "previousVersionKey":"kozaaGCzXWr71LbOKu6Z3nz520V..5U85tSBvb+u44twttv54Kw=="
409 // } 410 // }
410 // } 411 // }
411 // ], 412 // ],
412 // "user":{ 413 // "user":{
413 // "header":"{\"reco...ersion\":\"0.1\"}", 414 // "header":"{\"reco...ersion\":\"0.1\"}",
414 // "statistics":"rKI6nR6iqggygQJ3SQ58bFUX", 415 // "statistics":"rKI6nR6iqggygQJ3SQ58bFUX",
415 // "version":"0.3", 416 // "version":"0.3",
416 // "lock":"----" 417 // "lock":"----"
417 // } 418 // }
418 //} 419 //}
419//} 420//}
420*/ 421*/
421 $user = new user(); 422 $user = new user();
422 $record = new record(); 423 $record = new record();
423 $recordVersion = new recordversion(); 424 $recordVersion = new recordversion();
424 425
425 $user = $user->Get($_SESSION["userId"]); 426 $user = $user->Get($_SESSION["userId"]);
426 updateUserData($parameters["parameters"]["user"], $user); 427 updateUserData($parameters["parameters"]["user"], $user);
427 428
428 $recordParameterList = $parameters["parameters"]["records"]; 429 $recordParameterList = $parameters["parameters"]["records"];
429 $c = count($recordParameterList); 430 $c = count($recordParameterList);
430 for ($i=0; $i<$c; $i++) { 431 for ($i=0; $i<$c; $i++) {
431 updateRecordData($recordParameterList[$i], $record, $recordVersion); 432 updateRecordData($recordParameterList[$i], $record, $recordVersion);
432 433
433 $record->SaveNew(); 434 $record->SaveNew();
434 $recordVersion->SaveNew(); 435 $recordVersion->SaveNew();
435 436
436 $record->AddRecordversion($recordVersion); 437 $record->AddRecordversion($recordVersion);
437 $user->AddRecord($record); 438 $user->AddRecord($record);
438 439
439 $record->Save(); 440 $record->Save();
440 $recordVersion->Save(); 441 $recordVersion->Save();
441 } 442 }
442 443
443 $user->Save(); 444 $user->Save();
444 445
445 $result["lock"] = $user->lock; 446 $result["lock"] = $user->lock;
446 $result["result"] = "done"; 447 $result["result"] = "done";
447 448
448 //============================================================= 449 //=============================================================
449 } else if ($message == "getRecordDetail") { 450 } else if ($message == "getRecordDetail") {
450//{ 451//{
451 //"message":"getRecordDetail", 452 //"message":"getRecordDetail",
452 //"srpSharedSecret":"4c00dcb66a9f2aea41a87e4707c526874e2eb29cc72d2c7086837e53d6bf2dfe", 453 //"srpSharedSecret":"4c00dcb66a9f2aea41a87e4707c526874e2eb29cc72d2c7086837e53d6bf2dfe",
453 //"parameters":{ 454 //"parameters":{
454 // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50" 455 // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50"
455 //} 456 //}
456//} 457//}
457// 458//
458 //result = { 459 //result = {
459 // currentVersion:{ 460 // currentVersion:{
460 // reference:"88943d709c3ea2442d4f58eaaec6409276037e5a37e0a6d167b9dad9e947e854", 461 // reference:"88943d709c3ea2442d4f58eaaec6409276037e5a37e0a6d167b9dad9e947e854",
461 // accessDate:"Wed, 13 February 2008 14:25:12 UTC", 462 // accessDate:"Wed, 13 February 2008 14:25:12 UTC",
462 // creationDate:"Tue, 17 April 2007 17:17:52 UTC", 463 // creationDate:"Tue, 17 April 2007 17:17:52 UTC",
463 // version:"0.2", 464 // version:"0.2",
464 // data:"xI3WXddQLFtL......EGyKnnAVik", 465 // data:"xI3WXddQLFtL......EGyKnnAVik",
465 // updateDate:"Tue, 17 April 2007 17:17:52 UTC", 466 // updateDate:"Tue, 17 April 2007 17:17:52 UTC",
466 // header:"####" 467 // header:"####"
467 // } 468 // }
468 // reference:"13a5e52976337ab210903cd04872588e1b21fb72bc183e91aa25c494b8138551", 469 // reference:"13a5e52976337ab210903cd04872588e1b21fb72bc183e91aa25c494b8138551",
469 // oldestUsedEncryptedVersion:"0.2", 470 // oldestUsedEncryptedVersion:"0.2",
470 // accessDate:"Wed, 13 February 2008 14:25:12 UTC", 471 // accessDate:"Wed, 13 February 2008 14:25:12 UTC",
471 // creationDate:"Wed, 14 March 2007 13:53:11 UTC", 472 // creationDate:"Wed, 14 March 2007 13:53:11 UTC",
472 // version:"0.2", 473 // version:"0.2",
473 // updatedDate:"Tue, 17 April 2007 17:17:52 UTC", 474 // updatedDate:"Tue, 17 April 2007 17:17:52 UTC",
474 // data:"0/BjzyY6jeh71h...pAw2++NEyylGhMC5C5f5m8pBApYziN84s4O3JQ3khW/1UttQl4=" 475 // data:"0/BjzyY6jeh71h...pAw2++NEyylGhMC5C5f5m8pBApYziN84s4O3JQ3khW/1UttQl4="
475 //} 476 //}
476 $record = new record(); 477 $record = new record();
477 478
478 $recordList = $record->GetList(array(array("reference", "=", $parameters["parameters"]["reference"]))); 479 $recordList = $record->GetList(array(array("reference", "=", $parameters["parameters"]["reference"])));
479 $currentRecord = $recordList[0]; 480 $currentRecord = $recordList[0];
480 $currentRecordVersions = $currentRecord->GetRecordversionList(); 481 $currentRecordVersions = $currentRecord->GetRecordversionList();
481 $currentVersion = $currentRecordVersions[0]; 482 $currentVersion = $currentRecordVersions[0];
482 483
483 $result["currentVersion"] = array(); 484 $result["currentVersion"] = array();
484 $result["currentVersion"]["reference"] =$currentVersion->reference; 485 $result["currentVersion"]["reference"] =$currentVersion->reference;
485 $result["currentVersion"]["data"] = $currentVersion->data; 486 $result["currentVersion"]["data"] = $currentVersion->data;
486 $result["currentVersion"]["header"] = $currentVersion->header; 487 $result["currentVersion"]["header"] = $currentVersion->header;
487 $result["currentVersion"]["version"] = $currentVersion->version; 488 $result["currentVersion"]["version"] = $currentVersion->version;
488 $result["currentVersion"]["creationDate"] =$currentVersion->creation_date; 489 $result["currentVersion"]["creationDate"] =$currentVersion->creation_date;
489 $result["currentVersion"]["updateDate"] =$currentVersion->update_date; 490 $result["currentVersion"]["updateDate"] =$currentVersion->update_date;
490 $result["currentVersion"]["accessDate"] =$currentVersion->access_date; 491 $result["currentVersion"]["accessDate"] =$currentVersion->access_date;
491 492
492 $result["reference"] = $currentRecord->reference; 493 $result["reference"] = $currentRecord->reference;
493 $result["data"] = $currentRecord->data; 494 $result["data"] = $currentRecord->data;
494 $result["version"] = $currentRecord->version; 495 $result["version"] = $currentRecord->version;
495 $result["creationDate"] =$currentRecord->creation_date; 496 $result["creationDate"] =$currentRecord->creation_date;
496 $result["updateDate"] = $currentRecord->update_date; 497 $result["updateDate"] = $currentRecord->update_date;
497 $result["accessDate"] = $currentRecord->access_date; 498 $result["accessDate"] = $currentRecord->access_date;
498 $result["oldestUsedEncryptedVersion"] ="---"; 499 $result["oldestUsedEncryptedVersion"] ="---";
499 500
500 //============================================================= 501 //=============================================================
501 } else if ($message == "updateData") { 502 } else if ($message == "updateData") {
502//{ 503//{
503 //"message":"updateData", 504 //"message":"updateData",
504 //"srpSharedSecret":"4e4aadb1d64513ec4dd42f5e8d5b2d4363de75e4424b6bcf178c9d6a246356c5", 505 //"srpSharedSecret":"4e4aadb1d64513ec4dd42f5e8d5b2d4363de75e4424b6bcf178c9d6a246356c5",
505 //"parameters":{ 506 //"parameters":{
506 // "records":[ 507 // "records":[
507 // { 508 // {
508 // "record":{ 509 // "record":{
509 // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", 510 // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50",
510 // "data":"8hgR0Z+JDrUa812polDJ....JnZUKXNEqKI", 511 // "data":"8hgR0Z+JDrUa812polDJ....JnZUKXNEqKI",
511 // "version":"0.3" 512 // "version":"0.3"
512 // }, 513 // },
513 // "currentRecordVersion":{ 514 // "currentRecordVersion":{
514 // "reference":"b1d82aeb9a0c4f6584bea68ba80839f43dd6ede79791549e29a1860554b144ee", 515 // "reference":"b1d82aeb9a0c4f6584bea68ba80839f43dd6ede79791549e29a1860554b144ee",
515 // "recordReference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", 516 // "recordReference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50",
516 // "data":"2d/UgKxxV+kBPV9GRUE.....VGonDoW0tqefxOJo=", 517 // "data":"2d/UgKxxV+kBPV9GRUE.....VGonDoW0tqefxOJo=",
517 // "version":"0.3", 518 // "version":"0.3",
518 // "previousVersion":"55904195249037394316d3be3f5e78f08073170103bf0e7ab49a911c159cb0be", 519 // "previousVersion":"55904195249037394316d3be3f5e78f08073170103bf0e7ab49a911c159cb0be",
519 // "previousVersionKey":"YWiaZeMIVHaIl96OWW+2e8....6d6nHbn6cr2NA/dbQRuC2w==" 520 // "previousVersionKey":"YWiaZeMIVHaIl96OWW+2e8....6d6nHbn6cr2NA/dbQRuC2w=="
520 // } 521 // }
521 // } 522 // }
522 // ], 523 // ],
523 // "user":{ 524 // "user":{
524 // "header":"{\"rec.....sion\":\"0.1\"}", 525 // "header":"{\"rec.....sion\":\"0.1\"}",
525 // "statistics":"tt3uU9hWBy8rNnMckgCnxMJh", 526 // "statistics":"tt3uU9hWBy8rNnMckgCnxMJh",
526 // "version":"0.3", 527 // "version":"0.3",
527 // "lock":"----" 528 // "lock":"----"
528 // } 529 // }
529 //} 530 //}
530//} 531//}
531 532
532 $user = new user(); 533 $user = new user();
533 $user = $user->Get($_SESSION["userId"]); 534 $user = $user->Get($_SESSION["userId"]);
534 updateUserData($parameters["parameters"]["user"], $user); 535 updateUserData($parameters["parameters"]["user"], $user);
535 $user->Save(); 536 $user->Save();
536 537
537 $recordParameterList = $parameters["parameters"]["records"]; 538 $recordParameterList = $parameters["parameters"]["records"];
538 $c = count($recordParameterList); 539 $c = count($recordParameterList);
539 for ($i=0; $i<$c; $i++) { 540 for ($i=0; $i<$c; $i++) {
540 $recordList = $user->GetRecordList(array(array("reference", "=", $recordParameterList[$i]["record"]["reference"]))); 541 $recordList = $user->GetRecordList(array(array("reference", "=", $recordParameterList[$i]["record"]["reference"])));
541 $currentRecord = $recordList[0]; 542 $currentRecord = $recordList[0];
542 $currentRecordVersions = $currentRecord->GetRecordversionList(); 543 $currentRecordVersions = $currentRecord->GetRecordversionList();
543 $currentVersion = $currentRecordVersions[0]; 544 $currentVersion = $currentRecordVersions[0];
544 545
545 updateRecordData($recordParameterList[$i], $currentRecord, $currentVersion); 546 updateRecordData($recordParameterList[$i], $currentRecord, $currentVersion);
546 547
547 548
548 $currentRecord->Save(); 549 $currentRecord->Save();
549 $currentVersion->Save(); 550 $currentVersion->Save();
550 } 551 }
551 552
552 553
553 $result["lock"] = $user->lock; 554 $result["lock"] = $user->lock;
554 $result["result"] = "done"; 555 $result["result"] = "done";
555 556
556 //============================================================= 557 //=============================================================
557 } else if ($message == "deleteRecords") { 558 } else if ($message == "deleteRecords") {
558//{ 559//{
559 //"message":"deleteRecords", 560 //"message":"deleteRecords",
560 //"srpSharedSecret":"4a64982f7ee366954ec50b9efea62a902a097ef111410c2aa7c4d5343bd1cdd1", 561 //"srpSharedSecret":"4a64982f7ee366954ec50b9efea62a902a097ef111410c2aa7c4d5343bd1cdd1",
561 //"parameters":{ 562 //"parameters":{
562 // "recordReferences":["46494c81d10b80ab190d41e6806ef63869cfcc7a0ab8fe98cc3f93de4729bb9a"], 563 // "recordReferences":["46494c81d10b80ab190d41e6806ef63869cfcc7a0ab8fe98cc3f93de4729bb9a"],
563 // "user":{ 564 // "user":{
564 // "header":"{\"rec...rsion\":\"0.1\"}", 565 // "header":"{\"rec...rsion\":\"0.1\"}",
565 // "statistics":"44kOOda0xYZjbcugJBdagBQx", 566 // "statistics":"44kOOda0xYZjbcugJBdagBQx",
566 // "version":"0.3", 567 // "version":"0.3",
567 // "lock":"----" 568 // "lock":"----"
568 // } 569 // }
569 //} 570 //}
570//} 571//}
571 $user = new user(); 572 $user = new user();
572 $user = $user->Get($_SESSION["userId"]); 573 $user = $user->Get($_SESSION["userId"]);
573 574
574 $recordReferenceList = $parameters["parameters"]["recordReferences"]; 575 $recordReferenceList = $parameters["parameters"]["recordReferences"];
575 $recordList = array(); 576 $recordList = array();
576 $c = count($recordReferenceList); 577 $c = count($recordReferenceList);
577 for ($i=0; $i<$c; $i++) { 578 for ($i=0; $i<$c; $i++) {
578 array_push($recordList, array("reference", "=", $recordReferenceList[$i])); 579 array_push($recordList, array("reference", "=", $recordReferenceList[$i]));
579 } 580 }
580 581
581 $record = new record(); 582 $record = new record();
582 $record->DeleteList($recordList, true); 583 $record->DeleteList($recordList, true);
583 584
584 updateUserData($parameters["parameters"]["user"], $user); 585 updateUserData($parameters["parameters"]["user"], $user);
585 $user->Save(); 586 $user->Save();
586 587
587 $result["recordList"] = $recordList; 588 $result["recordList"] = $recordList;
588 $result["lock"] = $user->lock; 589 $result["lock"] = $user->lock;
589 $result["result"] = "done"; 590 $result["result"] = "done";
590 591
591 //============================================================= 592 //=============================================================
592 } else if ($message == "deleteUser") { 593 } else if ($message == "deleteUser") {
593//{"message":"deleteUser", "srpSharedSecret":"e8e4ca6544dca49c95b3647d8358ad54c317048b74d2ac187ac25f719c9bac58", "parameters":{}} 594//{"message":"deleteUser", "srpSharedSecret":"e8e4ca6544dca49c95b3647d8358ad54c317048b74d2ac187ac25f719c9bac58", "parameters":{}}
594 $user = new user(); 595 $user = new user();
595 $user->Get($_SESSION["userId"]); 596 $user->Get($_SESSION["userId"]);
596 $user->Delete(true); 597 $user->Delete(true);
597 598
598 $result["result"] = "ok"; 599 $result["result"] = "ok";
599 600
600 //============================================================= 601 //=============================================================
601 } else if ($message == "addNewOneTimePassword") { 602 } else if ($message == "addNewOneTimePassword") {
602//{ 603//{
603 //"message":"addNewOneTimePassword", 604 //"message":"addNewOneTimePassword",
604 //"srpSharedSecret":"96fee4af06c09ce954fe7a9f87970e943449186bebf70bac0af1d6ebb818dabb", 605 //"srpSharedSecret":"96fee4af06c09ce954fe7a9f87970e943449186bebf70bac0af1d6ebb818dabb",
605 //"parameters":{ 606 //"parameters":{
606 // "user":{ 607 // "user":{
607 // "header":"{\"records\":{\"index\":{\"419ea6....rsion\":\"0.1\"}", 608 // "header":"{\"records\":{\"index\":{\"419ea6....rsion\":\"0.1\"}",
608 // "statistics":"rrlwNbDt83rpWT4S72upiVsC", 609 // "statistics":"rrlwNbDt83rpWT4S72upiVsC",
609 // "version":"0.3", 610 // "version":"0.3",
610 // "lock":"----" 611 // "lock":"----"
611 // }, 612 // },
612 // "oneTimePassword":{ 613 // "oneTimePassword":{
613 // "reference":"29e26f3a2aae61fe5cf58c45296c6df4f3dceafe067ea550b455be345f44123c", 614 // "reference":"29e26f3a2aae61fe5cf58c45296c6df4f3dceafe067ea550b455be345f44123c",
614 // "key":"afb848208758361a96a298b9db08995cf036011747809357a90645bc93fdfa03", 615 // "key":"afb848208758361a96a298b9db08995cf036011747809357a90645bc93fdfa03",
615 // "keyChecksum":"d1599ae443b5a566bfd93c0aeec4c81b42c0506ee09874dae050449580bb3486", 616 // "keyChecksum":"d1599ae443b5a566bfd93c0aeec4c81b42c0506ee09874dae050449580bb3486",
616 // "data":"hsyY8DHksgR52x6c4j7XAtIUeY.....dxsr3XWt7CbGg==", 617 // "data":"hsyY8DHksgR52x6c4j7XAtIUeY.....dxsr3XWt7CbGg==",
617 // "version":"0.3" 618 // "version":"0.3"
618 // } 619 // }
619 //} 620 //}
620//} 621//}
621 622
622 fixOTPStatusTable(); 623 fixOTPStatusTable();
623 624
624 $user = new user(); 625 $user = new user();
625 $user = $user->Get($_SESSION["userId"]); 626 $user = $user->Get($_SESSION["userId"]);
626 627
627 $otp = new onetimepassword(); 628 $otp = new onetimepassword();
628 updateOTP($parameters["parameters"]["oneTimePassword"], $otp, "ACTIVE"); 629 updateOTP($parameters["parameters"]["oneTimePassword"], $otp, "ACTIVE");
629 $user->AddOnetimepassword($otp); 630 $user->AddOnetimepassword($otp);
630 631
631 updateUserData($parameters["parameters"]["user"], $user); 632 updateUserData($parameters["parameters"]["user"], $user);
632 $user->Save(); 633 $user->Save();
633 634
634 $result["lock"] = $user->lock; 635 $result["lock"] = $user->lock;
635 $result["result"] = "done"; 636 $result["result"] = "done";
636 637
637 //============================================================= 638 //=============================================================
638 } else if ($message == "updateOneTimePasswords") { 639 } else if ($message == "updateOneTimePasswords") {
639//{ 640//{
640 //"message":"updateOneTimePasswords", 641 //"message":"updateOneTimePasswords",
641 //"srpSharedSecret":"c78f8ed099ea421f4dd0a4e02dbaf1f7da925f0088188d99399874ff064a3d27", 642 //"srpSharedSecret":"c78f8ed099ea421f4dd0a4e02dbaf1f7da925f0088188d99399874ff064a3d27",
642 //"parameters":{ 643 //"parameters":{
643 // "user":{ 644 // "user":{
644 // "header":"{\"reco...sion\":\"0.1\"}", 645 // "header":"{\"reco...sion\":\"0.1\"}",
645 // "statistics":"UeRq75RZHzDC7elzrh/+OB5d", 646 // "statistics":"UeRq75RZHzDC7elzrh/+OB5d",
646 // "version":"0.3", 647 // "version":"0.3",
647 // "lock":"----" 648 // "lock":"----"
648 // }, 649 // },
649 // "oneTimePasswords":["f5f44c232f239efe48ab81a6236deea1a840d52946f7d4d782dad52b4c5359ce"] 650 // "oneTimePasswords":["f5f44c232f239efe48ab81a6236deea1a840d52946f7d4d782dad52b4c5359ce"]
650 //} 651 //}
651//} 652//}
652 653
653 $user = new user(); 654 $user = new user();
654 $user = $user->Get($_SESSION["userId"]); 655 $user = $user->Get($_SESSION["userId"]);
655 656
656 $validOtpReferences = $parameters["parameters"]["oneTimePasswords"]; 657 $validOtpReferences = $parameters["parameters"]["oneTimePasswords"];
657 658
658 $otpList = $user->GetOnetimepasswordList(); 659 $otpList = $user->GetOnetimepasswordList();
659 $c = count($otpList); 660 $c = count($otpList);
660 for ($i=0; $i<$c; $i++) { 661 for ($i=0; $i<$c; $i++) {
661 $currentOtp = $otpList[$i]; 662 $currentOtp = $otpList[$i];
662 if (arrayContainsValue($validOtpReferences, $currentOtp->reference) == false) { 663 if (arrayContainsValue($validOtpReferences, $currentOtp->reference) == false) {
663 $currentOtp->Delete(); 664 $currentOtp->Delete();
664 } 665 }
665 } 666 }
666 667
667 updateUserData($parameters["parameters"]["user"], $user); 668 updateUserData($parameters["parameters"]["user"], $user);
668 $user->Save(); 669 $user->Save();
669 670
670 $result["result"] = $user->lock; 671 $result["result"] = $user->lock;
671 672
672 //============================================================= 673 //=============================================================
673 } else if ($message == "getOneTimePasswordsDetails") { 674 } else if ($message == "getOneTimePasswordsDetails") {
674 675
675 //============================================================= 676 //=============================================================
676 } else if ($message == "getLoginHistory") { 677 } else if ($message == "getLoginHistory") {
677 $result["result"] = array(); 678 $result["result"] = array();
678 679
679 //============================================================= 680 //=============================================================
680 } else if ($message == "upgradeUserCredentials") { 681 } else if ($message == "upgradeUserCredentials") {
681//{ 682//{
682 //"message":"upgradeUserCredentials", 683 //"message":"upgradeUserCredentials",
683 //"srpSharedSecret":"f1c25322e1478c8fb26063e9eef2f6fc25e0460065a31cb718f80bcff8f8a735", 684 //"srpSharedSecret":"f1c25322e1478c8fb26063e9eef2f6fc25e0460065a31cb718f80bcff8f8a735",
684 //"parameters":{ 685 //"parameters":{
685 // "user":{ 686 // "user":{
686 // "header":"{\"reco...sion\":\"0.1\"}", 687 // "header":"{\"reco...sion\":\"0.1\"}",
687 // "statistics":"s72Xva+w7CLgH+ihwqwXUbyu", 688 // "statistics":"s72Xva+w7CLgH+ihwqwXUbyu",
688 // "version":"0.3", 689 // "version":"0.3",
689 // "lock":"----" 690 // "lock":"----"
690 // }, 691 // },
691 // "credentials":{ 692 // "credentials":{
692 // "C":"57d15a8afbc1ae08103bd991d387ddfd8d26824276476fe709d754f098b6c26d", 693 // "C":"57d15a8afbc1ae08103bd991d387ddfd8d26824276476fe709d754f098b6c26d",
693 // "s":"d6735fc0486f391c4f3c947928f9e61a2418e7bed2bc9b25bb43f93acc52f636", 694 // "s":"d6735fc0486f391c4f3c947928f9e61a2418e7bed2bc9b25bb43f93acc52f636",
694 // "v":"540c2ebbf941a481b6b2c9026c07fb46e8202e4408ed96864a696deb622baece", 695 // "v":"540c2ebbf941a481b6b2c9026c07fb46e8202e4408ed96864a696deb622baece",
695 // "version":"0.2" 696 // "version":"0.2"
696 // }, 697 // },
697 // "oneTimePasswords":{ 698 // "oneTimePasswords":{
698 // "923cdc61c4b877b263236124c44d69b459d240453a461cce8ddf7518b423ca94": "1HD6Ta0xsifEDhDwE....9WDK6tvrS6w==", 699 // "923cdc61c4b877b263236124c44d69b459d240453a461cce8ddf7518b423ca94": "1HD6Ta0xsifEDhDwE....9WDK6tvrS6w==",
699 // "fb1573cb9497652a81688a099a524fb116e604c6fbc191cf33406eb8438efa5f": "CocN0cSxLmMRdgNF9....o3xhGUEY68Q==" 700 // "fb1573cb9497652a81688a099a524fb116e604c6fbc191cf33406eb8438efa5f": "CocN0cSxLmMRdgNF9....o3xhGUEY68Q=="
700 // } 701 // }
701 //} 702 //}
702//} 703//}
703 704
704 $user = new user(); 705 $user = new user();
705 $user->Get($_SESSION["userId"]); 706 $user->Get($_SESSION["userId"]);
706 707
707 $otp = new onetimepassword(); 708 $otp = new onetimepassword();
708 709
709 updateUserCredentials($parameters["parameters"]["credentials"], $user); 710 updateUserCredentials($parameters["parameters"]["credentials"], $user);
710 updateUserData($parameters["parameters"]["user"], $user); 711 updateUserData($parameters["parameters"]["user"], $user);
711 712
712 $otpList = $parameters["parameters"]["oneTimePasswords"]; 713 $otpList = $parameters["parameters"]["oneTimePasswords"];
713 foreach($otpList as $otpReference=>$otpData) { 714 foreach($otpList as $otpReference=>$otpData) {
714 $otpList = $otp->GetList(array(array("reference", "=", $otpReference))); 715 $otpList = $otp->GetList(array(array("reference", "=", $otpReference)));
715 $currentOtp = $otpList[0]; 716 $currentOtp = $otpList[0];
716 $currentOtp->data = $otpData; 717 $currentOtp->data = $otpData;
717 $currentOtp->Save(); 718 $currentOtp->Save();
718 } 719 }
719 720
720 $user->Save(); 721 $user->Save();
721 722
722 $result["lock"] = $user->lock; 723 $result["lock"] = $user->lock;
723 $result["result"] = "done"; 724 $result["result"] = "done";
724 725
725 //============================================================= 726 //=============================================================
726 } else if ($message == "echo") { 727 } else if ($message == "echo") {
727 $result["result"] = $parameters; 728 $result["result"] = $parameters;
728 } 729 }
729 730
730 //============================================================= 731 //=============================================================
731 } else if (isset($_SESSION['K'])) { 732 } else if (isset($_SESSION['K'])) {
732 $result["error"] = "Wrong shared secret!"; 733 $result["error"] = "Wrong shared secret!";
733 } else { 734 } else {
734 $result["result"] = "EXCEPTION"; 735 $result["result"] = "EXCEPTION";
735 $result["message"] = "Trying to communicate without an active connection"; 736 $result["message"] = "Trying to communicate without an active connection";
736 } 737 }
737 break; 738 break;
738 739
739 case "logout": 740 case "logout":
740error_log("logout"); 741error_log("logout");
741 session_destroy(); 742 session_destroy();
742 break; 743 break;
743 744
744 default: 745 default:
745error_log("default"); 746error_log("default");
746 $result["result"] = $parameters; 747 $result["result"] = $parameters;
747 break; 748 break;
748 } 749 }
749 750
750 session_write_close(); 751 session_write_close();
751 752
752 echo(json_encode($result)); 753 echo(json_encode($result));
753error_log("result: ".json_encode($result)); 754error_log("result: ".json_encode($result));
754?> 755?>