summaryrefslogtreecommitdiff
path: root/backend/php
Side-by-side diff
Diffstat (limited to 'backend/php') (more/less context) (ignore whitespace changes)
-rw-r--r--backend/php/src/configuration.php6
-rw-r--r--backend/php/src/index.php189
2 files changed, 179 insertions, 16 deletions
diff --git a/backend/php/src/configuration.php b/backend/php/src/configuration.php
index 291e3a1..85f680e 100644
--- a/backend/php/src/configuration.php
+++ b/backend/php/src/configuration.php
@@ -1,36 +1,36 @@
<?php
global $configuration;
$configuration['soap'] = "http://www.phpobjectgenerator.com/services/soap.php?wsdl";
$configuration['homepage'] = "http://www.phpobjectgenerator.com";
$configuration['revisionNumber'] = "";
$configuration['versionNumber'] = "3.0d";
$configuration['setup_password'] = '';
// to enable automatic data encoding, run setup, go to the manage plugins tab and install the base64 plugin.
// then set db_encoding = 1 below.
// when enabled, db_encoding transparently encodes and decodes data to and from the database without any
// programmatic effort on your part.
$configuration['db_encoding'] = 0;
// edit the information below to match your database settings
-$configuration['db'] = 'clipperz'; // database name
+$configuration['db'] = 'clipperz'; // database name
$configuration['host'] = 'localhost'; // database host
-$configuration['user'] = 'root'; // database user
-$configuration['pass'] = 'pass'; // database password
+$configuration['user'] = 'clipperz'; // database user
+$configuration['pass'] = 'clipperz'; // database password
$configuration['port'] = '3306'; // database port
//proxy settings - if you are behnd a proxy, change the settings below
$configuration['proxy_host'] = false;
$configuration['proxy_port'] = false;
$configuration['proxy_username'] = false;
$configuration['proxy_password'] = false;
//plugin settings
$configuration['plugins_path'] = dirname(__FILE__).'/plugins';
?> \ No newline at end of file
diff --git a/backend/php/src/index.php b/backend/php/src/index.php
index 214ac01..da7c60c 100644
--- a/backend/php/src/index.php
+++ b/backend/php/src/index.php
@@ -95,110 +95,114 @@ function digits($base) {
$digits.=chr($loop);
}
} else {
$digits ="0123456789abcdefghijklmnopqrstuvwxyz";
$digits.="ABCDEFGHIJKLMNOPQRSTUVWXYZ-_";
}
$digits=substr($digits,0,$base);
return (string)$digits;
}
//-----------------------------------------------------------------------------
function clipperz_hash($value) {
return hash("sha256", hash("sha256", $value, true));
}
//-----------------------------------------------------------------------------
function clipperz_randomSeed() {
$result;
srand((double) microtime()*1000000);
$result = "";
while(strlen($result) < 64) {
$result = $result.dec2base(rand(), 16);
}
$result = substr($result, 0, 64);
return $result;
}
//-----------------------------------------------------------------------------
function updateUserCredentials($parameters, &$user) {
$user->username = $parameters["C"];
$user->srp_s = $parameters["s"];
$user->srp_v = $parameters["v"];
$user->auth_version = $parameters["version"];
}
function updateUserData($parameters, &$user) {
$user->header = $parameters["header"];
$user->statistics = $parameters["statistics"];
$user->version = $parameters["version"];
- $user->lock = $parameters["lock"];
+ if (array_key_exists("lock", $parameters)) {
+ $user->lock = $parameters["lock"];
+ }
}
function updateRecordData($parameters, &$record, &$recordVersion) {
$recordData = $parameters["record"];
$record->reference = $recordData["reference"];
$record->data = $recordData["data"];
$record->version = $recordData["version"];
$recordVersionData = $parameters["currentRecordVersion"];
$recordVersion->reference = $recordVersionData ["reference"];
$recordVersion->data = $recordVersionData ["data"];
$recordVersion->version = $recordVersionData ["version"];
- $recordVersion->previous_version_id = $recordVersionData ["previousVersion"];
+ if (array_key_exists("previousVersion", $recordVersionData)) {
+ $recordVersion->previous_version_id = $recordVersionData ["previousVersion"];
+ }
$recordVersion->previous_version_key = $recordVersionData ["previousVersionKey"];
}
//-----------------------------------------------------------------------------
function updateOTPStatus(&$otp, $status) {
$otpStatus = new onetimepasswordstatus();
$selectedStatuses = $otpStatus->GetList(array(array("code", "=", $status)));
$otpStatus = $selectedStatuses[0];
$otp->SetOnetimepasswordstatus($otpStatus);
}
function updateOTP($parameters, &$otp, $status) {
$otp->reference = $parameters["reference"];
$otp->key = $parameters["key"];
$otp->key_checksum = $parameters["keyChecksum"];
$otp->data = $parameters["data"];
$otp->version = $parameters["version"];
updateOTPStatus($otp, $status);
}
function resetOTP(&$otp, $status) {
$otp->data = "";
updateOTPStatus($otp, $status);
$otp->Save();
}
//-----------------------------------------------------------------------------
function fixOTPStatusTable() {
$otpStatus = new onetimepasswordstatus();
$otpStatusList = $otpStatus->GetList();
if (count($otpStatusList) != 4) {
$otpStatus->DeleteList();
$otpStatus->code = "ACTIVE"; $otpStatus->name = "Active"; $otpStatus->description = "Active"; $otpStatus->SaveNew();
$otpStatus->code = "REQUESTED"; $otpStatus->name = "Requested"; $otpStatus->description = "Requested"; $otpStatus->SaveNew();
$otpStatus->code = "USED"; $otpStatus->name = "Used"; $otpStatus->description = "Used"; $otpStatus->SaveNew();
$otpStatus->code = "DISABLED"; $otpStatus->name = "Disabled"; $otpStatus->description = "Disabled"; $otpStatus->SaveNew();
}
}
//-----------------------------------------------------------------------------
function arrayContainsValue($array, $value) {
$object = NULL;
for ($i=0; $i<count($array); $i++) {
@@ -320,220 +324,376 @@ error_log("credentialCheck");
$result["lock"] = "----";
} else {
$result["error"] = "?";
}
//=============================================================
} else if ($message == "oneTimePassword") {
error_log("oneTimePassword");
//{
// "message":"oneTimePassword",
// "version":"0.2",
// "parameters":{
// "oneTimePasswordKey":"06dfa7f428081f8b2af98b0895e14e18af90b0ef2ff32828e55cc2ac6b24d29b",
// "oneTimePasswordKeyChecksum":"60bcba3f72e56f6bb3f0ff88509b9a0e5ec730dfa71daa4c1e892dbd1b0c360d"
// }
//}
$otp = new onetimepassword();
$otpList = $otp->GetList(array(array("key", "=", $parameters["parameters"]["oneTimePasswordKey"])));
if (count($otpList) == 1) {
$currentOtp = $otpList[0];
if ($currentOtp->GetOnetimepasswordstatus()->code == "ACTIVE") {
if ($currentOtp->key_checksum == $parameters["parameters"]["oneTimePasswordKeyChecksum"]) {
$_SESSION["userId"] = $currentOtp->GetUser()->userId;
$_SESSION["otpId"] = $currentOtp->onetimepasswordId;
$result["data"] = $currentOtp->data;
$result["version"] = $currentOtp->version;
resetOTP($currentOtp, "REQUESTED");
} else {
resetOTP($currentOtp, "DISABLED");
throw new Exception("The requested One Time Password has been disabled, due to a wrong keyChecksum");
}
} else {
throw new Exception("The requested One Time Password was not active");
}
} else {
throw new Exception("The requested One Time Password has not been found");
}
//=============================================================
}
break;
case "message":
error_log("message");
+//error_log("message: ".json_encode($parameters));
if ($parameters["srpSharedSecret"] == $_SESSION["K"]) {
$message = $parameters["message"];
//=============================================================
if ($message == "getUserDetails") {
//{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}}
$user = new user();
$user = $user->Get($_SESSION["userId"]);
$result["header"] = $user->header;
$records = $user->GetRecordList();
foreach ($records as $record) {
$recordStats["updateDate"] = $record->update_date;
$recordsStats[$record->reference] = $recordStats;
}
$result["recordsStats"] = $recordsStats;
$result["statistics"] = $user->statistics;
$result["version"] = $user->version;
//=============================================================
} else if ($message == "addNewRecords") {
/*
//{
// "message":"addNewRecords",
// "srpSharedSecret":"b58fdf62acebbcb67f63d28c0437f166069f45690c648cd4376a792ae7a325f7",
// "parameters":{
// "records":[
// {
// "record":{
// "reference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610",
// "data":"OBSGtcb6blXq/xaYG.....4EqlQqgAvITN",
// "version":"0.3"
// },
// "currentRecordVersion":{
// "reference":"83ad301525c18f2afd72b6ac82c0a713382e1ef70ac69935ca7e2869dd4ff980",
// "recordReference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610",
// "data":"NXJ5jiZhkd0CMiwwntAq....1TjjF+SGfE=",
// "version":"0.3",
// "previousVersion":"3e174a86afc322271d8af28bc062b0f1bfd7344fad01212cd08b2757c4b199c4",
// "previousVersionKey":"kozaaGCzXWr71LbOKu6Z3nz520V..5U85tSBvb+u44twttv54Kw=="
// }
// }
// ],
// "user":{
// "header":"{\"reco...ersion\":\"0.1\"}",
// "statistics":"rKI6nR6iqggygQJ3SQ58bFUX",
// "version":"0.3",
// "lock":"----"
// }
// }
//}
*/
$user = new user();
$record = new record();
$recordVersion = new recordversion();
$user = $user->Get($_SESSION["userId"]);
updateUserData($parameters["parameters"]["user"], $user);
$recordParameterList = $parameters["parameters"]["records"];
$c = count($recordParameterList);
for ($i=0; $i<$c; $i++) {
updateRecordData($recordParameterList[$i], $record, $recordVersion);
$record->SaveNew();
$recordVersion->SaveNew();
$record->AddRecordversion($recordVersion);
$user->AddRecord($record);
$record->Save();
$recordVersion->Save();
}
$user->Save();
$result["lock"] = $user->lock;
$result["result"] = "done";
//=============================================================
+ } else if ($message == "saveChanges") {
+
+//{
+// "message":"saveChanges",
+// "srpSharedSecret":"edc78508907c942173818f7247fa64869ba80672a7aa8d27b8fa6bfe524fb9c8",
+// "parameters":{
+// "records":{
+// "updated":[
+// {
+// "currentRecordVersion":{
+// "previousVersionKey":"####",
+// "reference":"08c8eb7ec528fbf987bbfb84fe2e960cf9ae937b19fbb5f05d8d90a7039fac6a",
+// "data":"WYQ16AjodjsmyZDXa4MKxOju0F…beD/zXlbVb0Zj0ZI/N55bZ",
+// "version":"0.3"
+// },
+// "record":{
+// "reference":"83de5304f60a808e48a815c6203d7d3f24874d3f40faba420bbc60b376fcc356",
+// "data":"B6uBuBE Aly0knvgrUppodDTGZQC…guizL9QvHCWyM bQQBGBVvHZ6LfA==",
+// "version":"0.3"
+// }
+// }
+// ],
+// "deleted":[
+//
+// ]
+// },
+// "user":{
+// "header":"{\"rec…sion\":\"0.1\"}",
+// "statistics":"e6iXVEM4i8ZatPZFCCads/9F",
+// "version":"0.3"
+// }
+// }
+//}
+ $user = new user();
+ $user = $user->Get($_SESSION["userId"]);
+ updateUserData($parameters["parameters"]["user"], $user);
+
+ $recordToUpdateParameterList = $parameters["parameters"]["records"]["updated"];
+ $c = count($recordToUpdateParameterList);
+ for ($i=0; $i<$c; $i++) {
+ $recordList = $user->GetRecordList(array(array("reference", "=", $recordToUpdateParameterList [$i]["record"]["reference"])));
+ if (count($recordList) == 0) {
+ $currentRecord = new record();
+ $currentVersion = new recordversion();
+ $isNewRecord = true;
+ } else {
+ $currentRecord = $recordList[0];
+ $currentRecordVersions = $currentRecord->GetRecordversionList();
+ $currentVersion = $currentRecordVersions[0];
+ $isNewRecord = false;
+ }
+
+ updateRecordData($recordToUpdateParameterList[$i], $currentRecord, $currentVersion);
+
+ if ($isNewRecord == true) {
+ $currentRecord->SaveNew();
+ $currentVersion->SaveNew();
+
+ $currentRecord->AddRecordversion($currentVersion);
+ $user->AddRecord($currentRecord);
+ }
+
+ $currentRecord->Save();
+ $currentVersion->Save();
+ }
+
+ $user->Save();
+
+ $recordToDeleteReferenceList = $parameters["parameters"]["records"]["deleted"];
+ $recordList = array();
+ $c = count($recordToDeleteReferenceList);
+ for ($i=0; $i<$c; $i++) {
+ array_push($recordList, array("reference", "=", $recordToDeleteReferenceList[$i]));
+ }
+
+ $record = new record();
+ $record->DeleteList($recordList, true);
+
+ $result["lock"] = $user->lock;
+ $result["result"] = "done";
+
+ //=============================================================
} else if ($message == "getRecordDetail") {
//{
// "message":"getRecordDetail",
// "srpSharedSecret":"4c00dcb66a9f2aea41a87e4707c526874e2eb29cc72d2c7086837e53d6bf2dfe",
// "parameters":{
// "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50"
// }
//}
//
// result = {
// currentVersion:{
// reference:"88943d709c3ea2442d4f58eaaec6409276037e5a37e0a6d167b9dad9e947e854",
// accessDate:"Wed, 13 February 2008 14:25:12 UTC",
// creationDate:"Tue, 17 April 2007 17:17:52 UTC",
// version:"0.2",
// data:"xI3WXddQLFtL......EGyKnnAVik",
// updateDate:"Tue, 17 April 2007 17:17:52 UTC",
// header:"####"
// }
// reference:"13a5e52976337ab210903cd04872588e1b21fb72bc183e91aa25c494b8138551",
// oldestUsedEncryptedVersion:"0.2",
// accessDate:"Wed, 13 February 2008 14:25:12 UTC",
// creationDate:"Wed, 14 March 2007 13:53:11 UTC",
// version:"0.2",
// updatedDate:"Tue, 17 April 2007 17:17:52 UTC",
// data:"0/BjzyY6jeh71h...pAw2++NEyylGhMC5C5f5m8pBApYziN84s4O3JQ3khW/1UttQl4="
// }
+
+
+// # Actual result (causing error in /gamma)
+// {
+// "result" : {
+// "currentVersion" : {
+// "reference" : "cb05177f96a832062c6b936d24323cb74a64e2ef1d97ee026cd1003755af7495",
+// "data" : "RAnoHmikp7RmiZ2WVyEMW+Ia",
+// "header" : "",
+// "version" : "0.3",
+// "creationDate" : "0000-00-00 00:00:00",
+// "updateDate" : "2011-10-09 19:49:11",
+// "accessDate" : "2011-10-09 19:49:11"
+// },
+// "reference" : "b07e2afa2ba782b9f379649b36ded6de0452b43c27e6b887c7ce4f2a93f44346",
+// "data" : "NtK1nkLUabbJQx5uO8ept...ZJ5dkJYYkyh3VQ==",
+// "version" : "0.3",
+// "creationDate" : "2011-10-09 19:49:11",
+// "updateDate" : "Tue, 30 Nov 1999 00:00:00 +0000",
+// "accessDate" : "0000-00-00 00:00:00",
+// "oldestUsedEncryptedVersion" : "---"
+// }
+// }
+
+
+// # Response from the online /gamma version
+// {
+// "result" : {
+// "versions" : {
+// "e2c193f017ad4f6babf51de59f7550a40596afc0c27373b6a360e426b5bc06de" : {
+// "reference" : "e2c193f017ad4f6babf51de59f7550a40596afc0c27373b6a360e426b5bc06de",
+// "data" : "s\/3ClggH4uCcf+BkIMqQ...+W0PVt\/MJ3t7s1g0g",
+// "creationDate" : "Mon, 10 October 2011 14:42:42 UTC",
+// "header" : "####",
+// "updateDate" : "Mon, 10 October 2011 14:42:42 UTC",
+// "previousVersion" : "a96a6d8b9ac73fcdf874d8a8534ffb2d43da8f5222e96a4a29bd2ae437619463",
+// "version" : "0.3",
+// "accessDate" : "Mon, 10 October 2011 14:42:42 UTC",
+// "previousVersionKey" : "####"
+// },
+// [...]
+// "a96a6d8b9ac73fcdf874d8a8534ffb2d43da8f5222e96a4a29bd2ae437619463" : {
+// "reference" : "a96a6d8b9ac73fcdf874d8a8534ffb2d43da8f5222e96a4a29bd2ae437619463",
+// "accessDate" : "Mon, 10 October 2011 14:41:17 UTC",
+// "creationDate" : "Mon, 27 October 2008 08:16:14 UTC",
+// "version" : "0.3",
+// "data" : "m3yhZu81UAjCY6U2Kn...IUCb9suV0fldGOg=",
+// "updateDate" : "Mon, 27 October 2008 08:16:14 UTC",
+// "header" : "####"
+// }
+// },
+// "oldestUsedEncryptedVersion" : "0.2",
+// "reference" : "36ec1a41118813ced3553534fa2607d781cba687768db305beed368a8e06e113",
+// "data" : "frlUkTbaOWD9j2ROat...ruWioCK0Mss27oHjPg==",
+// "creationDate" : "Wed, 14 March 2007 17:39:35 UTC",
+// "version" : "0.3",
+// "accessDate" : "Mon, 10 October 2011 14:45:12 UTC",
+// "currentVersion" : "e2c193f017ad4f6babf51de59f7550a40596afc0c27373b6a360e426b5bc06de",
+// "updatedDate" : "Mon, 10 October 2011 14:45:12 UTC"
+// },
+// "toll" : {
+// "requestType" : "MESSAGE",
+// "targetValue" : "a516c942a3792cc620775a41f8870a6c7b51796d9a94da978a75da6a52eb1e10",
+// "cost" : 2
+// }
+// }
+
$record = new record();
$recordList = $record->GetList(array(array("reference", "=", $parameters["parameters"]["reference"])));
$currentRecord = $recordList[0];
$currentRecordVersions = $currentRecord->GetRecordversionList();
$currentVersion = $currentRecordVersions[0];
-
- $result["currentVersion"] = array();
- $result["currentVersion"]["reference"] = $currentVersion->reference;
- $result["currentVersion"]["data"] = $currentVersion->data;
- $result["currentVersion"]["header"] = $currentVersion->header;
- $result["currentVersion"]["version"] = $currentVersion->version;
- $result["currentVersion"]["creationDate"] = $currentVersion->creation_date;
- $result["currentVersion"]["updateDate"] = $currentVersion->update_date;
- $result["currentVersion"]["accessDate"] = $currentVersion->access_date;
+
+ $result["versions"] = array();
+// foreach ($currentRecordVersions as $currentVersion) {
+ $result["versions"][$currentVersion->reference] = array();
+ $result["versions"][$currentVersion->reference]["reference"] = $currentVersion->reference;
+ $result["versions"][$currentVersion->reference]["data"] = $currentVersion->data;
+ $result["versions"][$currentVersion->reference]["header"] = $currentVersion->header;
+ $result["versions"][$currentVersion->reference]["version"] = $currentVersion->version;
+ $result["versions"][$currentVersion->reference]["creationDate"] = $currentVersion->creation_date;
+ $result["versions"][$currentVersion->reference]["updateDate"] = $currentVersion->update_date;
+ $result["versions"][$currentVersion->reference]["accessDate"] = $currentVersion->access_date;
+
+// }
+ $result["currentVersion"] = $currentVersion->reference;
+// $result["currentVersion"] = $currentRecord->currentVersion; // ????
$result["reference"] = $currentRecord->reference;
$result["data"] = $currentRecord->data;
$result["version"] = $currentRecord->version;
$result["creationDate"] = $currentRecord->creation_date;
$result["updateDate"] = $currentRecord->update_date;
$result["accessDate"] = $currentRecord->access_date;
$result["oldestUsedEncryptedVersion"] = "---";
//=============================================================
} else if ($message == "updateData") {
//{
// "message":"updateData",
// "srpSharedSecret":"4e4aadb1d64513ec4dd42f5e8d5b2d4363de75e4424b6bcf178c9d6a246356c5",
// "parameters":{
// "records":[
// {
// "record":{
// "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50",
// "data":"8hgR0Z+JDrUa812polDJ....JnZUKXNEqKI",
// "version":"0.3"
// },
// "currentRecordVersion":{
// "reference":"b1d82aeb9a0c4f6584bea68ba80839f43dd6ede79791549e29a1860554b144ee",
// "recordReference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50",
// "data":"2d/UgKxxV+kBPV9GRUE.....VGonDoW0tqefxOJo=",
// "version":"0.3",
// "previousVersion":"55904195249037394316d3be3f5e78f08073170103bf0e7ab49a911c159cb0be",
// "previousVersionKey":"YWiaZeMIVHaIl96OWW+2e8....6d6nHbn6cr2NA/dbQRuC2w=="
// }
// }
// ],
// "user":{
// "header":"{\"rec.....sion\":\"0.1\"}",
// "statistics":"tt3uU9hWBy8rNnMckgCnxMJh",
// "version":"0.3",
// "lock":"----"
// }
// }
//}
$user = new user();
$user = $user->Get($_SESSION["userId"]);
updateUserData($parameters["parameters"]["user"], $user);
$user->Save();
$recordParameterList = $parameters["parameters"]["records"];
$c = count($recordParameterList);
@@ -704,52 +864,55 @@ error_log("message");
$user = new user();
$user->Get($_SESSION["userId"]);
$otp = new onetimepassword();
updateUserCredentials($parameters["parameters"]["credentials"], $user);
updateUserData($parameters["parameters"]["user"], $user);
$otpList = $parameters["parameters"]["oneTimePasswords"];
foreach($otpList as $otpReference=>$otpData) {
$otpList = $otp->GetList(array(array("reference", "=", $otpReference)));
$currentOtp = $otpList[0];
$currentOtp->data = $otpData;
$currentOtp->Save();
}
$user->Save();
$result["lock"] = $user->lock;
$result["result"] = "done";
//=============================================================
} else if ($message == "echo") {
$result["result"] = $parameters;
}
//=============================================================
} else if (isset($_SESSION['K'])) {
$result["error"] = "Wrong shared secret!";
} else {
$result["result"] = "EXCEPTION";
$result["message"] = "Trying to communicate without an active connection";
}
break;
case "logout":
error_log("logout");
session_destroy();
break;
default:
error_log("default");
$result["result"] = $parameters;
break;
}
session_write_close();
+
+ $finalResult = Array();
+ $finalResult["result"] = $result;
- echo(json_encode($result));
-error_log("result: ".json_encode($result));
+ echo(json_encode($finalResult));
+error_log("result: ".json_encode($finalResult));
?>