summaryrefslogtreecommitdiff
path: root/backend
Unidiff
Diffstat (limited to 'backend') (more/less context) (ignore whitespace changes)
-rw-r--r--backend/php/src/configuration.php6
-rw-r--r--backend/php/src/index.php189
2 files changed, 179 insertions, 16 deletions
diff --git a/backend/php/src/configuration.php b/backend/php/src/configuration.php
index 291e3a1..85f680e 100644
--- a/backend/php/src/configuration.php
+++ b/backend/php/src/configuration.php
@@ -1,36 +1,36 @@
1<?php 1<?php
2global $configuration; 2global $configuration;
3$configuration['soap'] = "http://www.phpobjectgenerator.com/services/soap.php?wsdl"; 3$configuration['soap'] = "http://www.phpobjectgenerator.com/services/soap.php?wsdl";
4$configuration['homepage'] = "http://www.phpobjectgenerator.com"; 4$configuration['homepage'] = "http://www.phpobjectgenerator.com";
5$configuration['revisionNumber'] = ""; 5$configuration['revisionNumber'] = "";
6$configuration['versionNumber'] = "3.0d"; 6$configuration['versionNumber'] = "3.0d";
7 7
8$configuration['setup_password'] = ''; 8$configuration['setup_password'] = '';
9 9
10 10
11// to enable automatic data encoding, run setup, go to the manage plugins tab and install the base64 plugin. 11// to enable automatic data encoding, run setup, go to the manage plugins tab and install the base64 plugin.
12// then set db_encoding = 1 below. 12// then set db_encoding = 1 below.
13// when enabled, db_encoding transparently encodes and decodes data to and from the database without any 13// when enabled, db_encoding transparently encodes and decodes data to and from the database without any
14// programmatic effort on your part. 14// programmatic effort on your part.
15$configuration['db_encoding'] = 0; 15$configuration['db_encoding'] = 0;
16 16
17// edit the information below to match your database settings 17// edit the information below to match your database settings
18 18
19 $configuration['db'] = 'clipperz'; //database name 19 $configuration['db'] = 'clipperz'; //database name
20 $configuration['host'] = 'localhost'; //database host 20 $configuration['host'] = 'localhost'; //database host
21 $configuration['user'] = 'root'; //database user 21 $configuration['user'] = 'clipperz'; //database user
22 $configuration['pass'] = 'pass'; //database password 22 $configuration['pass'] = 'clipperz'; //database password
23 $configuration['port'] = '3306'; //database port 23 $configuration['port'] = '3306'; //database port
24 24
25 25
26//proxy settings - if you are behnd a proxy, change the settings below 26//proxy settings - if you are behnd a proxy, change the settings below
27$configuration['proxy_host'] = false; 27$configuration['proxy_host'] = false;
28$configuration['proxy_port'] = false; 28$configuration['proxy_port'] = false;
29$configuration['proxy_username'] = false; 29$configuration['proxy_username'] = false;
30$configuration['proxy_password'] = false; 30$configuration['proxy_password'] = false;
31 31
32 32
33//plugin settings 33//plugin settings
34$configuration['plugins_path'] = dirname(__FILE__).'/plugins'; 34$configuration['plugins_path'] = dirname(__FILE__).'/plugins';
35 35
36?> \ No newline at end of file 36?> \ No newline at end of file
diff --git a/backend/php/src/index.php b/backend/php/src/index.php
index 214ac01..da7c60c 100644
--- a/backend/php/src/index.php
+++ b/backend/php/src/index.php
@@ -1,755 +1,918 @@
1<?php 1<?php
2 include "./configuration.php"; 2 include "./configuration.php";
3 include "./objects/class.database.php"; 3 include "./objects/class.database.php";
4 include "./objects/class.user.php"; 4 include "./objects/class.user.php";
5 include "./objects/class.record.php"; 5 include "./objects/class.record.php";
6 include "./objects/class.recordversion.php"; 6 include "./objects/class.recordversion.php";
7 include "./objects/class.onetimepassword.php"; 7 include "./objects/class.onetimepassword.php";
8 include "./objects/class.onetimepasswordstatus.php"; 8 include "./objects/class.onetimepasswordstatus.php";
9 9
10//----------------------------------------------------------------------------- 10//-----------------------------------------------------------------------------
11 11
12if ( !function_exists('json_decode') ) { 12if ( !function_exists('json_decode') ) {
13 function json_decode($content, $assoc=false) { 13 function json_decode($content, $assoc=false) {
14 require_once 'json/JSON.php'; 14 require_once 'json/JSON.php';
15 if ( $assoc ) { 15 if ( $assoc ) {
16 $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE); 16 $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE);
17 } else { 17 } else {
18 $json = new Services_JSON; 18 $json = new Services_JSON;
19 } 19 }
20 20
21 return $json->decode($content); 21 return $json->decode($content);
22 } 22 }
23} 23}
24 24
25if ( !function_exists('json_encode') ) { 25if ( !function_exists('json_encode') ) {
26 function json_encode($content) { 26 function json_encode($content) {
27 require_once 'json/JSON.php'; 27 require_once 'json/JSON.php';
28 $json = new Services_JSON; 28 $json = new Services_JSON;
29 29
30 return $json->encode($content); 30 return $json->encode($content);
31 } 31 }
32} 32}
33 33
34//----------------------------------------------------------------------------- 34//-----------------------------------------------------------------------------
35 //'dec2base', 'base2dec' and 'digits' are functions found on the following 35 //'dec2base', 'base2dec' and 'digits' are functions found on the following
36 //PHP manual page: http://ch2.php.net/manual/en/ref.bc.php 36 //PHP manual page: http://ch2.php.net/manual/en/ref.bc.php
37// 37//
38 38
39function dec2base($dec, $base, $digits=FALSE) { 39function dec2base($dec, $base, $digits=FALSE) {
40 if ($base<2 or $base>256) { 40 if ($base<2 or $base>256) {
41 die("Invalid Base: ".$base); 41 die("Invalid Base: ".$base);
42 } 42 }
43 43
44 bcscale(0); 44 bcscale(0);
45 $value=""; 45 $value="";
46 if (!$digits) { 46 if (!$digits) {
47 $digits = digits($base); 47 $digits = digits($base);
48 } 48 }
49 49
50 while ($dec > $base-1) { 50 while ($dec > $base-1) {
51 $rest = bcmod($dec, $base); 51 $rest = bcmod($dec, $base);
52 $dec = bcdiv($dec, $base); 52 $dec = bcdiv($dec, $base);
53 $value = $digits[$rest].$value; 53 $value = $digits[$rest].$value;
54 } 54 }
55 55
56 $value=$digits[intval($dec)].$value; 56 $value=$digits[intval($dec)].$value;
57 57
58 return (string)$value; 58 return (string)$value;
59} 59}
60 60
61//............................................................................. 61//.............................................................................
62 62
63// convert another base value to its decimal value 63// convert another base value to its decimal value
64function base2dec($value, $base, $digits=FALSE) { 64function base2dec($value, $base, $digits=FALSE) {
65 if ($base<2 or $base>256) { 65 if ($base<2 or $base>256) {
66 die("Invalid Base: ".$base); 66 die("Invalid Base: ".$base);
67 } 67 }
68 68
69 bcscale(0); 69 bcscale(0);
70 if ($base<37) { 70 if ($base<37) {
71 $value=strtolower($value); 71 $value=strtolower($value);
72 } 72 }
73 73
74 if (!$digits) { 74 if (!$digits) {
75 $digits=digits($base); 75 $digits=digits($base);
76 } 76 }
77 77
78 $size = strlen($value); 78 $size = strlen($value);
79 $dec="0"; 79 $dec="0";
80 for ($loop=0; $loop<$size; $loop++) { 80 for ($loop=0; $loop<$size; $loop++) {
81 $element = strpos($digits, $value[$loop]); 81 $element = strpos($digits, $value[$loop]);
82 $power = bcpow($base, $size-$loop-1); 82 $power = bcpow($base, $size-$loop-1);
83 $dec = bcadd($dec, bcmul($element,$power)); 83 $dec = bcadd($dec, bcmul($element,$power));
84 } 84 }
85 85
86 return (string)$dec; 86 return (string)$dec;
87} 87}
88 88
89//............................................................................. 89//.............................................................................
90 90
91function digits($base) { 91function digits($base) {
92 if ($base>64) { 92 if ($base>64) {
93 $digits=""; 93 $digits="";
94 for ($loop=0; $loop<256; $loop++) { 94 for ($loop=0; $loop<256; $loop++) {
95 $digits.=chr($loop); 95 $digits.=chr($loop);
96 } 96 }
97 } else { 97 } else {
98 $digits ="0123456789abcdefghijklmnopqrstuvwxyz"; 98 $digits ="0123456789abcdefghijklmnopqrstuvwxyz";
99 $digits.="ABCDEFGHIJKLMNOPQRSTUVWXYZ-_"; 99 $digits.="ABCDEFGHIJKLMNOPQRSTUVWXYZ-_";
100 } 100 }
101 101
102 $digits=substr($digits,0,$base); 102 $digits=substr($digits,0,$base);
103 103
104 return (string)$digits; 104 return (string)$digits;
105} 105}
106 106
107//----------------------------------------------------------------------------- 107//-----------------------------------------------------------------------------
108 108
109function clipperz_hash($value) { 109function clipperz_hash($value) {
110 return hash("sha256", hash("sha256", $value, true)); 110 return hash("sha256", hash("sha256", $value, true));
111} 111}
112 112
113//----------------------------------------------------------------------------- 113//-----------------------------------------------------------------------------
114 114
115function clipperz_randomSeed() { 115function clipperz_randomSeed() {
116 $result; 116 $result;
117 117
118 srand((double) microtime()*1000000); 118 srand((double) microtime()*1000000);
119 $result = ""; 119 $result = "";
120 120
121 while(strlen($result) < 64) { 121 while(strlen($result) < 64) {
122 $result = $result.dec2base(rand(), 16); 122 $result = $result.dec2base(rand(), 16);
123 } 123 }
124 124
125 $result = substr($result, 0, 64); 125 $result = substr($result, 0, 64);
126 126
127 return $result; 127 return $result;
128} 128}
129 129
130//----------------------------------------------------------------------------- 130//-----------------------------------------------------------------------------
131 131
132function updateUserCredentials($parameters, &$user) { 132function updateUserCredentials($parameters, &$user) {
133 $user->username = $parameters["C"]; 133 $user->username = $parameters["C"];
134 $user->srp_s = $parameters["s"]; 134 $user->srp_s = $parameters["s"];
135 $user->srp_v = $parameters["v"]; 135 $user->srp_v = $parameters["v"];
136 $user->auth_version =$parameters["version"]; 136 $user->auth_version =$parameters["version"];
137} 137}
138 138
139function updateUserData($parameters, &$user) { 139function updateUserData($parameters, &$user) {
140 $user->header = $parameters["header"]; 140 $user->header = $parameters["header"];
141 $user->statistics =$parameters["statistics"]; 141 $user->statistics =$parameters["statistics"];
142 $user->version =$parameters["version"]; 142 $user->version =$parameters["version"];
143 $user->lock = $parameters["lock"]; 143 if (array_key_exists("lock", $parameters)) {
144 $user->lock = $parameters["lock"];
145 }
144} 146}
145 147
146function updateRecordData($parameters, &$record, &$recordVersion) { 148function updateRecordData($parameters, &$record, &$recordVersion) {
147 $recordData = $parameters["record"]; 149 $recordData = $parameters["record"];
148 $record->reference =$recordData["reference"]; 150 $record->reference =$recordData["reference"];
149 $record->data = $recordData["data"]; 151 $record->data = $recordData["data"];
150 $record->version = $recordData["version"]; 152 $record->version = $recordData["version"];
151 153
152 $recordVersionData = $parameters["currentRecordVersion"]; 154 $recordVersionData = $parameters["currentRecordVersion"];
153 $recordVersion->reference = $recordVersionData ["reference"]; 155 $recordVersion->reference = $recordVersionData ["reference"];
154 $recordVersion->data = $recordVersionData ["data"]; 156 $recordVersion->data = $recordVersionData ["data"];
155 $recordVersion->version = $recordVersionData ["version"]; 157 $recordVersion->version = $recordVersionData ["version"];
156 $recordVersion->previous_version_id =$recordVersionData ["previousVersion"]; 158 if (array_key_exists("previousVersion", $recordVersionData)) {
159 $recordVersion->previous_version_id =$recordVersionData ["previousVersion"];
160 }
157 $recordVersion->previous_version_key =$recordVersionData ["previousVersionKey"]; 161 $recordVersion->previous_version_key =$recordVersionData ["previousVersionKey"];
158} 162}
159 163
160//----------------------------------------------------------------------------- 164//-----------------------------------------------------------------------------
161 165
162function updateOTPStatus(&$otp, $status) { 166function updateOTPStatus(&$otp, $status) {
163 $otpStatus = new onetimepasswordstatus(); 167 $otpStatus = new onetimepasswordstatus();
164 $selectedStatuses = $otpStatus->GetList(array(array("code", "=", $status))); 168 $selectedStatuses = $otpStatus->GetList(array(array("code", "=", $status)));
165 $otpStatus = $selectedStatuses[0]; 169 $otpStatus = $selectedStatuses[0];
166 $otp->SetOnetimepasswordstatus($otpStatus); 170 $otp->SetOnetimepasswordstatus($otpStatus);
167} 171}
168 172
169function updateOTP($parameters, &$otp, $status) { 173function updateOTP($parameters, &$otp, $status) {
170 $otp->reference = $parameters["reference"]; 174 $otp->reference = $parameters["reference"];
171 $otp->key = $parameters["key"]; 175 $otp->key = $parameters["key"];
172 $otp->key_checksum= $parameters["keyChecksum"]; 176 $otp->key_checksum= $parameters["keyChecksum"];
173 $otp->data = $parameters["data"]; 177 $otp->data = $parameters["data"];
174 $otp->version = $parameters["version"]; 178 $otp->version = $parameters["version"];
175 179
176 updateOTPStatus($otp, $status); 180 updateOTPStatus($otp, $status);
177} 181}
178 182
179function resetOTP(&$otp, $status) { 183function resetOTP(&$otp, $status) {
180 $otp->data = ""; 184 $otp->data = "";
181 updateOTPStatus($otp, $status); 185 updateOTPStatus($otp, $status);
182 $otp->Save(); 186 $otp->Save();
183} 187}
184 188
185//----------------------------------------------------------------------------- 189//-----------------------------------------------------------------------------
186 190
187function fixOTPStatusTable() { 191function fixOTPStatusTable() {
188 $otpStatus = new onetimepasswordstatus(); 192 $otpStatus = new onetimepasswordstatus();
189 $otpStatusList = $otpStatus->GetList(); 193 $otpStatusList = $otpStatus->GetList();
190 if (count($otpStatusList) != 4) { 194 if (count($otpStatusList) != 4) {
191 $otpStatus->DeleteList(); 195 $otpStatus->DeleteList();
192 196
193 $otpStatus->code = "ACTIVE"; $otpStatus->name = "Active"; $otpStatus->description = "Active"; $otpStatus->SaveNew(); 197 $otpStatus->code = "ACTIVE"; $otpStatus->name = "Active"; $otpStatus->description = "Active"; $otpStatus->SaveNew();
194 $otpStatus->code = "REQUESTED"; $otpStatus->name = "Requested"; $otpStatus->description = "Requested";$otpStatus->SaveNew(); 198 $otpStatus->code = "REQUESTED"; $otpStatus->name = "Requested"; $otpStatus->description = "Requested";$otpStatus->SaveNew();
195 $otpStatus->code = "USED"; $otpStatus->name = "Used"; $otpStatus->description = "Used"; $otpStatus->SaveNew(); 199 $otpStatus->code = "USED"; $otpStatus->name = "Used"; $otpStatus->description = "Used"; $otpStatus->SaveNew();
196 $otpStatus->code = "DISABLED"; $otpStatus->name = "Disabled"; $otpStatus->description = "Disabled";$otpStatus->SaveNew(); 200 $otpStatus->code = "DISABLED"; $otpStatus->name = "Disabled"; $otpStatus->description = "Disabled";$otpStatus->SaveNew();
197 } 201 }
198} 202}
199 203
200//----------------------------------------------------------------------------- 204//-----------------------------------------------------------------------------
201 205
202function arrayContainsValue($array, $value) { 206function arrayContainsValue($array, $value) {
203 $object = NULL; 207 $object = NULL;
204 for ($i=0; $i<count($array); $i++) { 208 for ($i=0; $i<count($array); $i++) {
205 if ($array[$i] == $value) { 209 if ($array[$i] == $value) {
206 $object = $value; 210 $object = $value;
207 } 211 }
208 } 212 }
209 213
210 return !is_null($object); 214 return !is_null($object);
211} 215}
212 216
213//----------------------------------------------------------------------------- 217//-----------------------------------------------------------------------------
214 218
215 $result = Array(); 219 $result = Array();
216 220
217 session_start(); 221 session_start();
218 222
219 $method = $_POST['method']; 223 $method = $_POST['method'];
220 224
221 if (get_magic_quotes_gpc()) { 225 if (get_magic_quotes_gpc()) {
222 $parameters = json_decode(stripslashes($_POST['parameters']), true); 226 $parameters = json_decode(stripslashes($_POST['parameters']), true);
223 } else { 227 } else {
224 $parameters = json_decode($_POST['parameters'], true); 228 $parameters = json_decode($_POST['parameters'], true);
225 } 229 }
226 230
227 $parameters = $parameters["parameters"]; 231 $parameters = $parameters["parameters"];
228 232
229 switch($method) { 233 switch($method) {
230 case "registration": 234 case "registration":
231error_log("registration"); 235error_log("registration");
232 $message = $parameters["message"]; 236 $message = $parameters["message"];
233 237
234 if ($message == "completeRegistration") { 238 if ($message == "completeRegistration") {
235 $user = new user(); 239 $user = new user();
236 240
237 updateUserCredentials($parameters["credentials"], $user); 241 updateUserCredentials($parameters["credentials"], $user);
238 updateUserData($parameters["user"], $user); 242 updateUserData($parameters["user"], $user);
239 $user->Save(); 243 $user->Save();
240 244
241 $result["lock"] = $user->lock; 245 $result["lock"] = $user->lock;
242 $result["result"] = "done"; 246 $result["result"] = "done";
243 } 247 }
244 break; 248 break;
245 249
246 case "handshake": 250 case "handshake":
247error_log("handshake"); 251error_log("handshake");
248 $srp_g = "2"; 252 $srp_g = "2";
249 $srp_n = base2dec("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); 253 $srp_n = base2dec("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16);
250 254
251 $message = $parameters["message"]; 255 $message = $parameters["message"];
252 256
253 //============================================================= 257 //=============================================================
254 if ($message == "connect") { 258 if ($message == "connect") {
255 $user= new user(); 259 $user= new user();
256 $_SESSION["C"] = $parameters["parameters"]["C"]; 260 $_SESSION["C"] = $parameters["parameters"]["C"];
257 $_SESSION["A"] = $parameters["parameters"]["A"]; 261 $_SESSION["A"] = $parameters["parameters"]["A"];
258 262
259 $userList = $user->GetList(array(array("username", "=", $_SESSION["C"]))); 263 $userList = $user->GetList(array(array("username", "=", $_SESSION["C"])));
260 264
261 if (count($userList) == 1) { 265 if (count($userList) == 1) {
262 $currentUser = $userList[ 0 ]; 266 $currentUser = $userList[ 0 ];
263 267
264 if (array_key_exists("otpId", $_SESSION)) { 268 if (array_key_exists("otpId", $_SESSION)) {
265 $otp = new onetimepassword(); 269 $otp = new onetimepassword();
266 $otp = $otp->Get($_SESSION["otpId"]); 270 $otp = $otp->Get($_SESSION["otpId"]);
267 271
268 if ($otp->GetUser()->userId != $currentUser->userId) { 272 if ($otp->GetUser()->userId != $currentUser->userId) {
269 throw new Exception("User missmatch between the current session and 'One Time Password' user"); 273 throw new Exception("User missmatch between the current session and 'One Time Password' user");
270 } else if ($otp->GetOnetimepasswordstatus()->code != "REQUESTED") { 274 } else if ($otp->GetOnetimepasswordstatus()->code != "REQUESTED") {
271 throw new Exception("Tring to use an 'One Time Password' in the wrong state"); 275 throw new Exception("Tring to use an 'One Time Password' in the wrong state");
272 } 276 }
273 277
274 resetOTP($otp, "USED"); 278 resetOTP($otp, "USED");
275 $result["oneTimePassword"] = $otp->reference; 279 $result["oneTimePassword"] = $otp->reference;
276 } 280 }
277 281
278 $_SESSION["s"] = $currentUser->srp_s; 282 $_SESSION["s"] = $currentUser->srp_s;
279 $_SESSION["v"] = $currentUser->srp_v; 283 $_SESSION["v"] = $currentUser->srp_v;
280 $_SESSION["userId"] = $currentUser->userId; 284 $_SESSION["userId"] = $currentUser->userId;
281 } else { 285 } else {
282 $_SESSION["s"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; 286 $_SESSION["s"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00";
283 $_SESSION["v"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; 287 $_SESSION["v"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00";
284 } 288 }
285 289
286 $_SESSION["b"] = clipperz_randomSeed(); 290 $_SESSION["b"] = clipperz_randomSeed();
287 // $_SESSION["b"] = "5761e6c84d22ea3c5649de01702d60f674ccfe79238540eb34c61cd020230c53"; 291 // $_SESSION["b"] = "5761e6c84d22ea3c5649de01702d60f674ccfe79238540eb34c61cd020230c53";
288 $_SESSION["B"] = dec2base(bcadd(base2dec($_SESSION["v"], 16), bcpowmod($srp_g, base2dec($_SESSION["b"], 16), $srp_n)), 16); 292 $_SESSION["B"] = dec2base(bcadd(base2dec($_SESSION["v"], 16), bcpowmod($srp_g, base2dec($_SESSION["b"], 16), $srp_n)), 16);
289 293
290 $result["s"] = $_SESSION["s"]; 294 $result["s"] = $_SESSION["s"];
291 $result["B"] = $_SESSION["B"]; 295 $result["B"] = $_SESSION["B"];
292 296
293 //============================================================= 297 //=============================================================
294 } else if ($message == "credentialCheck") { 298 } else if ($message == "credentialCheck") {
295error_log("credentialCheck"); 299error_log("credentialCheck");
296 $u = clipperz_hash(base2dec($_SESSION["B"],16)); 300 $u = clipperz_hash(base2dec($_SESSION["B"],16));
297 $A = base2dec($_SESSION["A"], 16); 301 $A = base2dec($_SESSION["A"], 16);
298 $S = bcpowmod(bcmul($A, bcpowmod(base2dec($_SESSION["v"], 16), base2dec($u, 16), $srp_n)), base2dec($_SESSION["b"], 16), $srp_n); 302 $S = bcpowmod(bcmul($A, bcpowmod(base2dec($_SESSION["v"], 16), base2dec($u, 16), $srp_n)), base2dec($_SESSION["b"], 16), $srp_n);
299 $K = clipperz_hash($S); 303 $K = clipperz_hash($S);
300 $M1 = clipperz_hash($A.base2dec($_SESSION["B"],16).$K); 304 $M1 = clipperz_hash($A.base2dec($_SESSION["B"],16).$K);
301 305
302//$result["B"] = $_SESSION["B"]; 306//$result["B"] = $_SESSION["B"];
303//$result["u"] = $u; 307//$result["u"] = $u;
304//$result["A"] = $A; 308//$result["A"] = $A;
305//$result["S"] = $S; 309//$result["S"] = $S;
306//$result["K"] = $K; 310//$result["K"] = $K;
307//$result["M1"] = $M1; 311//$result["M1"] = $M1;
308//$result["_M1"] = $parameters["parameters"]["M1"]; 312//$result["_M1"] = $parameters["parameters"]["M1"];
309 313
310 if ($M1 == $parameters["parameters"]["M1"]) { 314 if ($M1 == $parameters["parameters"]["M1"]) {
311 $_SESSION["K"] = $K; 315 $_SESSION["K"] = $K;
312 $M2 = clipperz_hash($A.$M1.$K); 316 $M2 = clipperz_hash($A.$M1.$K);
313 317
314 $result["M2"] = $M2; 318 $result["M2"] = $M2;
315 $result["connectionId"] = ""; 319 $result["connectionId"] = "";
316 $result["loginInfo"] = array(); 320 $result["loginInfo"] = array();
317 $result["loginInfo"]["latest"] = array(); 321 $result["loginInfo"]["latest"] = array();
318 $result["loginInfo"]["current"] = array(); 322 $result["loginInfo"]["current"] = array();
319 $result["offlineCopyNeeded"] = "false"; 323 $result["offlineCopyNeeded"] = "false";
320 $result["lock"] = "----"; 324 $result["lock"] = "----";
321 } else { 325 } else {
322 $result["error"] = "?"; 326 $result["error"] = "?";
323 } 327 }
324 //============================================================= 328 //=============================================================
325 } else if ($message == "oneTimePassword") { 329 } else if ($message == "oneTimePassword") {
326error_log("oneTimePassword"); 330error_log("oneTimePassword");
327//{ 331//{
328 //"message":"oneTimePassword", 332 //"message":"oneTimePassword",
329 //"version":"0.2", 333 //"version":"0.2",
330 //"parameters":{ 334 //"parameters":{
331 // "oneTimePasswordKey":"06dfa7f428081f8b2af98b0895e14e18af90b0ef2ff32828e55cc2ac6b24d29b", 335 // "oneTimePasswordKey":"06dfa7f428081f8b2af98b0895e14e18af90b0ef2ff32828e55cc2ac6b24d29b",
332 // "oneTimePasswordKeyChecksum":"60bcba3f72e56f6bb3f0ff88509b9a0e5ec730dfa71daa4c1e892dbd1b0c360d" 336 // "oneTimePasswordKeyChecksum":"60bcba3f72e56f6bb3f0ff88509b9a0e5ec730dfa71daa4c1e892dbd1b0c360d"
333 //} 337 //}
334//} 338//}
335 $otp = new onetimepassword(); 339 $otp = new onetimepassword();
336 $otpList = $otp->GetList(array(array("key", "=", $parameters["parameters"]["oneTimePasswordKey"]))); 340 $otpList = $otp->GetList(array(array("key", "=", $parameters["parameters"]["oneTimePasswordKey"])));
337 341
338 if (count($otpList) == 1) { 342 if (count($otpList) == 1) {
339 $currentOtp = $otpList[0]; 343 $currentOtp = $otpList[0];
340 344
341 if ($currentOtp->GetOnetimepasswordstatus()->code == "ACTIVE") { 345 if ($currentOtp->GetOnetimepasswordstatus()->code == "ACTIVE") {
342 if ($currentOtp->key_checksum == $parameters["parameters"]["oneTimePasswordKeyChecksum"]) { 346 if ($currentOtp->key_checksum == $parameters["parameters"]["oneTimePasswordKeyChecksum"]) {
343 $_SESSION["userId"] = $currentOtp->GetUser()->userId; 347 $_SESSION["userId"] = $currentOtp->GetUser()->userId;
344 $_SESSION["otpId"]= $currentOtp->onetimepasswordId; 348 $_SESSION["otpId"]= $currentOtp->onetimepasswordId;
345 349
346 $result["data"] = $currentOtp->data; 350 $result["data"] = $currentOtp->data;
347 $result["version"] = $currentOtp->version; 351 $result["version"] = $currentOtp->version;
348 352
349 resetOTP($currentOtp, "REQUESTED"); 353 resetOTP($currentOtp, "REQUESTED");
350 } else { 354 } else {
351 resetOTP($currentOtp, "DISABLED"); 355 resetOTP($currentOtp, "DISABLED");
352 throw new Exception("The requested One Time Password has been disabled, due to a wrong keyChecksum"); 356 throw new Exception("The requested One Time Password has been disabled, due to a wrong keyChecksum");
353 } 357 }
354 } else { 358 } else {
355 throw new Exception("The requested One Time Password was not active"); 359 throw new Exception("The requested One Time Password was not active");
356 } 360 }
357 } else { 361 } else {
358 throw new Exception("The requested One Time Password has not been found"); 362 throw new Exception("The requested One Time Password has not been found");
359 } 363 }
360 364
361 //============================================================= 365 //=============================================================
362 } 366 }
363 367
364 break; 368 break;
365 369
366 case "message": 370 case "message":
367error_log("message"); 371error_log("message");
372//error_log("message: ".json_encode($parameters));
368 if ($parameters["srpSharedSecret"] == $_SESSION["K"]) { 373 if ($parameters["srpSharedSecret"] == $_SESSION["K"]) {
369 $message = $parameters["message"]; 374 $message = $parameters["message"];
370 375
371 //============================================================= 376 //=============================================================
372 if ($message == "getUserDetails") { 377 if ($message == "getUserDetails") {
373//{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}} 378//{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}}
374 $user = new user(); 379 $user = new user();
375 $user = $user->Get($_SESSION["userId"]); 380 $user = $user->Get($_SESSION["userId"]);
376 381
377 $result["header"] = $user->header; 382 $result["header"] = $user->header;
378 383
379 $records = $user->GetRecordList(); 384 $records = $user->GetRecordList();
380 foreach ($records as $record) { 385 foreach ($records as $record) {
381 $recordStats["updateDate"] = $record->update_date; 386 $recordStats["updateDate"] = $record->update_date;
382 $recordsStats[$record->reference] = $recordStats; 387 $recordsStats[$record->reference] = $recordStats;
383 } 388 }
384 $result["recordsStats"] = $recordsStats; 389 $result["recordsStats"] = $recordsStats;
385 390
386 $result["statistics"] =$user->statistics; 391 $result["statistics"] =$user->statistics;
387 $result["version"] =$user->version; 392 $result["version"] =$user->version;
388 393
389 //============================================================= 394 //=============================================================
390 } else if ($message == "addNewRecords") { 395 } else if ($message == "addNewRecords") {
391/* 396/*
392//{ 397//{
393 //"message":"addNewRecords", 398 //"message":"addNewRecords",
394 //"srpSharedSecret":"b58fdf62acebbcb67f63d28c0437f166069f45690c648cd4376a792ae7a325f7", 399 //"srpSharedSecret":"b58fdf62acebbcb67f63d28c0437f166069f45690c648cd4376a792ae7a325f7",
395 //"parameters":{ 400 //"parameters":{
396 // "records":[ 401 // "records":[
397 // { 402 // {
398 // "record":{ 403 // "record":{
399 // "reference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", 404 // "reference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610",
400 // "data":"OBSGtcb6blXq/xaYG.....4EqlQqgAvITN", 405 // "data":"OBSGtcb6blXq/xaYG.....4EqlQqgAvITN",
401 // "version":"0.3" 406 // "version":"0.3"
402 // }, 407 // },
403 // "currentRecordVersion":{ 408 // "currentRecordVersion":{
404 // "reference":"83ad301525c18f2afd72b6ac82c0a713382e1ef70ac69935ca7e2869dd4ff980", 409 // "reference":"83ad301525c18f2afd72b6ac82c0a713382e1ef70ac69935ca7e2869dd4ff980",
405 // "recordReference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", 410 // "recordReference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610",
406 // "data":"NXJ5jiZhkd0CMiwwntAq....1TjjF+SGfE=", 411 // "data":"NXJ5jiZhkd0CMiwwntAq....1TjjF+SGfE=",
407 // "version":"0.3", 412 // "version":"0.3",
408 // "previousVersion":"3e174a86afc322271d8af28bc062b0f1bfd7344fad01212cd08b2757c4b199c4", 413 // "previousVersion":"3e174a86afc322271d8af28bc062b0f1bfd7344fad01212cd08b2757c4b199c4",
409 // "previousVersionKey":"kozaaGCzXWr71LbOKu6Z3nz520V..5U85tSBvb+u44twttv54Kw==" 414 // "previousVersionKey":"kozaaGCzXWr71LbOKu6Z3nz520V..5U85tSBvb+u44twttv54Kw=="
410 // } 415 // }
411 // } 416 // }
412 // ], 417 // ],
413 // "user":{ 418 // "user":{
414 // "header":"{\"reco...ersion\":\"0.1\"}", 419 // "header":"{\"reco...ersion\":\"0.1\"}",
415 // "statistics":"rKI6nR6iqggygQJ3SQ58bFUX", 420 // "statistics":"rKI6nR6iqggygQJ3SQ58bFUX",
416 // "version":"0.3", 421 // "version":"0.3",
417 // "lock":"----" 422 // "lock":"----"
418 // } 423 // }
419 //} 424 //}
420//} 425//}
421*/ 426*/
422 $user = new user(); 427 $user = new user();
423 $record = new record(); 428 $record = new record();
424 $recordVersion = new recordversion(); 429 $recordVersion = new recordversion();
425 430
426 $user = $user->Get($_SESSION["userId"]); 431 $user = $user->Get($_SESSION["userId"]);
427 updateUserData($parameters["parameters"]["user"], $user); 432 updateUserData($parameters["parameters"]["user"], $user);
428 433
429 $recordParameterList = $parameters["parameters"]["records"]; 434 $recordParameterList = $parameters["parameters"]["records"];
430 $c = count($recordParameterList); 435 $c = count($recordParameterList);
431 for ($i=0; $i<$c; $i++) { 436 for ($i=0; $i<$c; $i++) {
432 updateRecordData($recordParameterList[$i], $record, $recordVersion); 437 updateRecordData($recordParameterList[$i], $record, $recordVersion);
433 438
434 $record->SaveNew(); 439 $record->SaveNew();
435 $recordVersion->SaveNew(); 440 $recordVersion->SaveNew();
436 441
437 $record->AddRecordversion($recordVersion); 442 $record->AddRecordversion($recordVersion);
438 $user->AddRecord($record); 443 $user->AddRecord($record);
439 444
440 $record->Save(); 445 $record->Save();
441 $recordVersion->Save(); 446 $recordVersion->Save();
442 } 447 }
443 448
444 $user->Save(); 449 $user->Save();
445 450
446 $result["lock"] = $user->lock; 451 $result["lock"] = $user->lock;
447 $result["result"] = "done"; 452 $result["result"] = "done";
448 453
449 //============================================================= 454 //=============================================================
455 } else if ($message == "saveChanges") {
456
457//{
458// "message":"saveChanges",
459// "srpSharedSecret":"edc78508907c942173818f7247fa64869ba80672a7aa8d27b8fa6bfe524fb9c8",
460// "parameters":{
461// "records":{
462// "updated":[
463// {
464// "currentRecordVersion":{
465// "previousVersionKey":"####",
466// "reference":"08c8eb7ec528fbf987bbfb84fe2e960cf9ae937b19fbb5f05d8d90a7039fac6a",
467// "data":"WYQ16AjodjsmyZDXa4MKxOju0F…beD/zXlbVb0Zj0ZI/N55bZ",
468// "version":"0.3"
469// },
470// "record":{
471// "reference":"83de5304f60a808e48a815c6203d7d3f24874d3f40faba420bbc60b376fcc356",
472// "data":"B6uBuBE Aly0knvgrUppodDTGZQC…guizL9QvHCWyM bQQBGBVvHZ6LfA==",
473// "version":"0.3"
474// }
475// }
476// ],
477// "deleted":[
478//
479// ]
480// },
481// "user":{
482// "header":"{\"rec…sion\":\"0.1\"}",
483// "statistics":"e6iXVEM4i8ZatPZFCCads/9F",
484// "version":"0.3"
485// }
486// }
487//}
488 $user = new user();
489 $user = $user->Get($_SESSION["userId"]);
490 updateUserData($parameters["parameters"]["user"], $user);
491
492 $recordToUpdateParameterList = $parameters["parameters"]["records"]["updated"];
493 $c = count($recordToUpdateParameterList);
494 for ($i=0; $i<$c; $i++) {
495 $recordList = $user->GetRecordList(array(array("reference", "=", $recordToUpdateParameterList [$i]["record"]["reference"])));
496 if (count($recordList) == 0) {
497 $currentRecord = new record();
498 $currentVersion = new recordversion();
499 $isNewRecord = true;
500 } else {
501 $currentRecord = $recordList[0];
502 $currentRecordVersions = $currentRecord->GetRecordversionList();
503 $currentVersion = $currentRecordVersions[0];
504 $isNewRecord = false;
505 }
506
507 updateRecordData($recordToUpdateParameterList[$i], $currentRecord, $currentVersion);
508
509 if ($isNewRecord == true) {
510 $currentRecord->SaveNew();
511 $currentVersion->SaveNew();
512
513 $currentRecord->AddRecordversion($currentVersion);
514 $user->AddRecord($currentRecord);
515 }
516
517 $currentRecord->Save();
518 $currentVersion->Save();
519 }
520
521 $user->Save();
522
523 $recordToDeleteReferenceList = $parameters["parameters"]["records"]["deleted"];
524 $recordList = array();
525 $c = count($recordToDeleteReferenceList);
526 for ($i=0; $i<$c; $i++) {
527 array_push($recordList, array("reference", "=", $recordToDeleteReferenceList[$i]));
528 }
529
530 $record = new record();
531 $record->DeleteList($recordList, true);
532
533 $result["lock"] = $user->lock;
534 $result["result"] = "done";
535
536 //=============================================================
450 } else if ($message == "getRecordDetail") { 537 } else if ($message == "getRecordDetail") {
451//{ 538//{
452 //"message":"getRecordDetail", 539 //"message":"getRecordDetail",
453 //"srpSharedSecret":"4c00dcb66a9f2aea41a87e4707c526874e2eb29cc72d2c7086837e53d6bf2dfe", 540 //"srpSharedSecret":"4c00dcb66a9f2aea41a87e4707c526874e2eb29cc72d2c7086837e53d6bf2dfe",
454 //"parameters":{ 541 //"parameters":{
455 // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50" 542 // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50"
456 //} 543 //}
457//} 544//}
458// 545//
459 //result = { 546 //result = {
460 // currentVersion:{ 547 // currentVersion:{
461 // reference:"88943d709c3ea2442d4f58eaaec6409276037e5a37e0a6d167b9dad9e947e854", 548 // reference:"88943d709c3ea2442d4f58eaaec6409276037e5a37e0a6d167b9dad9e947e854",
462 // accessDate:"Wed, 13 February 2008 14:25:12 UTC", 549 // accessDate:"Wed, 13 February 2008 14:25:12 UTC",
463 // creationDate:"Tue, 17 April 2007 17:17:52 UTC", 550 // creationDate:"Tue, 17 April 2007 17:17:52 UTC",
464 // version:"0.2", 551 // version:"0.2",
465 // data:"xI3WXddQLFtL......EGyKnnAVik", 552 // data:"xI3WXddQLFtL......EGyKnnAVik",
466 // updateDate:"Tue, 17 April 2007 17:17:52 UTC", 553 // updateDate:"Tue, 17 April 2007 17:17:52 UTC",
467 // header:"####" 554 // header:"####"
468 // } 555 // }
469 // reference:"13a5e52976337ab210903cd04872588e1b21fb72bc183e91aa25c494b8138551", 556 // reference:"13a5e52976337ab210903cd04872588e1b21fb72bc183e91aa25c494b8138551",
470 // oldestUsedEncryptedVersion:"0.2", 557 // oldestUsedEncryptedVersion:"0.2",
471 // accessDate:"Wed, 13 February 2008 14:25:12 UTC", 558 // accessDate:"Wed, 13 February 2008 14:25:12 UTC",
472 // creationDate:"Wed, 14 March 2007 13:53:11 UTC", 559 // creationDate:"Wed, 14 March 2007 13:53:11 UTC",
473 // version:"0.2", 560 // version:"0.2",
474 // updatedDate:"Tue, 17 April 2007 17:17:52 UTC", 561 // updatedDate:"Tue, 17 April 2007 17:17:52 UTC",
475 // data:"0/BjzyY6jeh71h...pAw2++NEyylGhMC5C5f5m8pBApYziN84s4O3JQ3khW/1UttQl4=" 562 // data:"0/BjzyY6jeh71h...pAw2++NEyylGhMC5C5f5m8pBApYziN84s4O3JQ3khW/1UttQl4="
476 //} 563 //}
564
565
566 // #Actual result (causing error in /gamma)
567 //{
568 // "result" : {
569 // "currentVersion" : {
570 // "reference" : "cb05177f96a832062c6b936d24323cb74a64e2ef1d97ee026cd1003755af7495",
571 // "data" : "RAnoHmikp7RmiZ2WVyEMW+Ia",
572 // "header" : "",
573 // "version" : "0.3",
574 // "creationDate" : "0000-00-00 00:00:00",
575 // "updateDate" : "2011-10-09 19:49:11",
576 // "accessDate" : "2011-10-09 19:49:11"
577 // },
578 // "reference" : "b07e2afa2ba782b9f379649b36ded6de0452b43c27e6b887c7ce4f2a93f44346",
579 // "data" : "NtK1nkLUabbJQx5uO8ept...ZJ5dkJYYkyh3VQ==",
580 // "version" : "0.3",
581 // "creationDate" : "2011-10-09 19:49:11",
582 // "updateDate" : "Tue, 30 Nov 1999 00:00:00 +0000",
583 // "accessDate" : "0000-00-00 00:00:00",
584 // "oldestUsedEncryptedVersion" : "---"
585 // }
586 //}
587
588
589 // #Response from the online /gamma version
590 //{
591 // "result" : {
592 // "versions" : {
593 // "e2c193f017ad4f6babf51de59f7550a40596afc0c27373b6a360e426b5bc06de" : {
594 // "reference" : "e2c193f017ad4f6babf51de59f7550a40596afc0c27373b6a360e426b5bc06de",
595 // "data" : "s\/3ClggH4uCcf+BkIMqQ...+W0PVt\/MJ3t7s1g0g",
596 // "creationDate" : "Mon, 10 October 2011 14:42:42 UTC",
597 // "header" : "####",
598 // "updateDate" : "Mon, 10 October 2011 14:42:42 UTC",
599 // "previousVersion" : "a96a6d8b9ac73fcdf874d8a8534ffb2d43da8f5222e96a4a29bd2ae437619463",
600 // "version" : "0.3",
601 // "accessDate" : "Mon, 10 October 2011 14:42:42 UTC",
602 // "previousVersionKey" : "####"
603 // },
604 // [...]
605 // "a96a6d8b9ac73fcdf874d8a8534ffb2d43da8f5222e96a4a29bd2ae437619463" : {
606 // "reference" : "a96a6d8b9ac73fcdf874d8a8534ffb2d43da8f5222e96a4a29bd2ae437619463",
607 // "accessDate" : "Mon, 10 October 2011 14:41:17 UTC",
608 // "creationDate" : "Mon, 27 October 2008 08:16:14 UTC",
609 // "version" : "0.3",
610 // "data" : "m3yhZu81UAjCY6U2Kn...IUCb9suV0fldGOg=",
611 // "updateDate" : "Mon, 27 October 2008 08:16:14 UTC",
612 // "header" : "####"
613 // }
614 // },
615 // "oldestUsedEncryptedVersion" : "0.2",
616 // "reference" : "36ec1a41118813ced3553534fa2607d781cba687768db305beed368a8e06e113",
617 // "data" : "frlUkTbaOWD9j2ROat...ruWioCK0Mss27oHjPg==",
618 // "creationDate" : "Wed, 14 March 2007 17:39:35 UTC",
619 // "version" : "0.3",
620 // "accessDate" : "Mon, 10 October 2011 14:45:12 UTC",
621 // "currentVersion" : "e2c193f017ad4f6babf51de59f7550a40596afc0c27373b6a360e426b5bc06de",
622 // "updatedDate" : "Mon, 10 October 2011 14:45:12 UTC"
623 // },
624 // "toll" : {
625 // "requestType" : "MESSAGE",
626 // "targetValue" : "a516c942a3792cc620775a41f8870a6c7b51796d9a94da978a75da6a52eb1e10",
627 // "cost" : 2
628 // }
629 // }
630
477 $record = new record(); 631 $record = new record();
478 632
479 $recordList = $record->GetList(array(array("reference", "=", $parameters["parameters"]["reference"]))); 633 $recordList = $record->GetList(array(array("reference", "=", $parameters["parameters"]["reference"])));
480 $currentRecord = $recordList[0]; 634 $currentRecord = $recordList[0];
481 $currentRecordVersions = $currentRecord->GetRecordversionList(); 635 $currentRecordVersions = $currentRecord->GetRecordversionList();
482 $currentVersion = $currentRecordVersions[0]; 636 $currentVersion = $currentRecordVersions[0];
483 637
484 $result["currentVersion"] = array(); 638 $result["versions"] = array();
485 $result["currentVersion"]["reference"] =$currentVersion->reference; 639 // foreach ($currentRecordVersions as $currentVersion) {
486 $result["currentVersion"]["data"] = $currentVersion->data; 640 $result["versions"][$currentVersion->reference] = array();
487 $result["currentVersion"]["header"] = $currentVersion->header; 641 $result["versions"][$currentVersion->reference]["reference"]= $currentVersion->reference;
488 $result["currentVersion"]["version"] = $currentVersion->version; 642 $result["versions"][$currentVersion->reference]["data"] = $currentVersion->data;
489 $result["currentVersion"]["creationDate"] =$currentVersion->creation_date; 643 $result["versions"][$currentVersion->reference]["header"] = $currentVersion->header;
490 $result["currentVersion"]["updateDate"] =$currentVersion->update_date; 644 $result["versions"][$currentVersion->reference]["version"] = $currentVersion->version;
491 $result["currentVersion"]["accessDate"] =$currentVersion->access_date; 645 $result["versions"][$currentVersion->reference]["creationDate"]= $currentVersion->creation_date;
646 $result["versions"][$currentVersion->reference]["updateDate"]= $currentVersion->update_date;
647 $result["versions"][$currentVersion->reference]["accessDate"]= $currentVersion->access_date;
648
649 // }
650 $result["currentVersion"] = $currentVersion->reference;
651 // $result["currentVersion"] = $currentRecord->currentVersion; //????
492 652
493 $result["reference"] = $currentRecord->reference; 653 $result["reference"] = $currentRecord->reference;
494 $result["data"] = $currentRecord->data; 654 $result["data"] = $currentRecord->data;
495 $result["version"] = $currentRecord->version; 655 $result["version"] = $currentRecord->version;
496 $result["creationDate"] =$currentRecord->creation_date; 656 $result["creationDate"] =$currentRecord->creation_date;
497 $result["updateDate"] = $currentRecord->update_date; 657 $result["updateDate"] = $currentRecord->update_date;
498 $result["accessDate"] = $currentRecord->access_date; 658 $result["accessDate"] = $currentRecord->access_date;
499 $result["oldestUsedEncryptedVersion"] ="---"; 659 $result["oldestUsedEncryptedVersion"] ="---";
500 660
501 //============================================================= 661 //=============================================================
502 } else if ($message == "updateData") { 662 } else if ($message == "updateData") {
503//{ 663//{
504 //"message":"updateData", 664 //"message":"updateData",
505 //"srpSharedSecret":"4e4aadb1d64513ec4dd42f5e8d5b2d4363de75e4424b6bcf178c9d6a246356c5", 665 //"srpSharedSecret":"4e4aadb1d64513ec4dd42f5e8d5b2d4363de75e4424b6bcf178c9d6a246356c5",
506 //"parameters":{ 666 //"parameters":{
507 // "records":[ 667 // "records":[
508 // { 668 // {
509 // "record":{ 669 // "record":{
510 // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", 670 // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50",
511 // "data":"8hgR0Z+JDrUa812polDJ....JnZUKXNEqKI", 671 // "data":"8hgR0Z+JDrUa812polDJ....JnZUKXNEqKI",
512 // "version":"0.3" 672 // "version":"0.3"
513 // }, 673 // },
514 // "currentRecordVersion":{ 674 // "currentRecordVersion":{
515 // "reference":"b1d82aeb9a0c4f6584bea68ba80839f43dd6ede79791549e29a1860554b144ee", 675 // "reference":"b1d82aeb9a0c4f6584bea68ba80839f43dd6ede79791549e29a1860554b144ee",
516 // "recordReference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", 676 // "recordReference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50",
517 // "data":"2d/UgKxxV+kBPV9GRUE.....VGonDoW0tqefxOJo=", 677 // "data":"2d/UgKxxV+kBPV9GRUE.....VGonDoW0tqefxOJo=",
518 // "version":"0.3", 678 // "version":"0.3",
519 // "previousVersion":"55904195249037394316d3be3f5e78f08073170103bf0e7ab49a911c159cb0be", 679 // "previousVersion":"55904195249037394316d3be3f5e78f08073170103bf0e7ab49a911c159cb0be",
520 // "previousVersionKey":"YWiaZeMIVHaIl96OWW+2e8....6d6nHbn6cr2NA/dbQRuC2w==" 680 // "previousVersionKey":"YWiaZeMIVHaIl96OWW+2e8....6d6nHbn6cr2NA/dbQRuC2w=="
521 // } 681 // }
522 // } 682 // }
523 // ], 683 // ],
524 // "user":{ 684 // "user":{
525 // "header":"{\"rec.....sion\":\"0.1\"}", 685 // "header":"{\"rec.....sion\":\"0.1\"}",
526 // "statistics":"tt3uU9hWBy8rNnMckgCnxMJh", 686 // "statistics":"tt3uU9hWBy8rNnMckgCnxMJh",
527 // "version":"0.3", 687 // "version":"0.3",
528 // "lock":"----" 688 // "lock":"----"
529 // } 689 // }
530 //} 690 //}
531//} 691//}
532 692
533 $user = new user(); 693 $user = new user();
534 $user = $user->Get($_SESSION["userId"]); 694 $user = $user->Get($_SESSION["userId"]);
535 updateUserData($parameters["parameters"]["user"], $user); 695 updateUserData($parameters["parameters"]["user"], $user);
536 $user->Save(); 696 $user->Save();
537 697
538 $recordParameterList = $parameters["parameters"]["records"]; 698 $recordParameterList = $parameters["parameters"]["records"];
539 $c = count($recordParameterList); 699 $c = count($recordParameterList);
540 for ($i=0; $i<$c; $i++) { 700 for ($i=0; $i<$c; $i++) {
541 $recordList = $user->GetRecordList(array(array("reference", "=", $recordParameterList[$i]["record"]["reference"]))); 701 $recordList = $user->GetRecordList(array(array("reference", "=", $recordParameterList[$i]["record"]["reference"])));
542 $currentRecord = $recordList[0]; 702 $currentRecord = $recordList[0];
543 $currentRecordVersions = $currentRecord->GetRecordversionList(); 703 $currentRecordVersions = $currentRecord->GetRecordversionList();
544 $currentVersion = $currentRecordVersions[0]; 704 $currentVersion = $currentRecordVersions[0];
545 705
546 updateRecordData($recordParameterList[$i], $currentRecord, $currentVersion); 706 updateRecordData($recordParameterList[$i], $currentRecord, $currentVersion);
547 707
548 708
549 $currentRecord->Save(); 709 $currentRecord->Save();
550 $currentVersion->Save(); 710 $currentVersion->Save();
551 } 711 }
552 712
553 713
554 $result["lock"] = $user->lock; 714 $result["lock"] = $user->lock;
555 $result["result"] = "done"; 715 $result["result"] = "done";
556 716
557 //============================================================= 717 //=============================================================
558 } else if ($message == "deleteRecords") { 718 } else if ($message == "deleteRecords") {
559//{ 719//{
560 //"message":"deleteRecords", 720 //"message":"deleteRecords",
561 //"srpSharedSecret":"4a64982f7ee366954ec50b9efea62a902a097ef111410c2aa7c4d5343bd1cdd1", 721 //"srpSharedSecret":"4a64982f7ee366954ec50b9efea62a902a097ef111410c2aa7c4d5343bd1cdd1",
562 //"parameters":{ 722 //"parameters":{
563 // "recordReferences":["46494c81d10b80ab190d41e6806ef63869cfcc7a0ab8fe98cc3f93de4729bb9a"], 723 // "recordReferences":["46494c81d10b80ab190d41e6806ef63869cfcc7a0ab8fe98cc3f93de4729bb9a"],
564 // "user":{ 724 // "user":{
565 // "header":"{\"rec...rsion\":\"0.1\"}", 725 // "header":"{\"rec...rsion\":\"0.1\"}",
566 // "statistics":"44kOOda0xYZjbcugJBdagBQx", 726 // "statistics":"44kOOda0xYZjbcugJBdagBQx",
567 // "version":"0.3", 727 // "version":"0.3",
568 // "lock":"----" 728 // "lock":"----"
569 // } 729 // }
570 //} 730 //}
571//} 731//}
572 $user = new user(); 732 $user = new user();
573 $user = $user->Get($_SESSION["userId"]); 733 $user = $user->Get($_SESSION["userId"]);
574 734
575 $recordReferenceList = $parameters["parameters"]["recordReferences"]; 735 $recordReferenceList = $parameters["parameters"]["recordReferences"];
576 $recordList = array(); 736 $recordList = array();
577 $c = count($recordReferenceList); 737 $c = count($recordReferenceList);
578 for ($i=0; $i<$c; $i++) { 738 for ($i=0; $i<$c; $i++) {
579 array_push($recordList, array("reference", "=", $recordReferenceList[$i])); 739 array_push($recordList, array("reference", "=", $recordReferenceList[$i]));
580 } 740 }
581 741
582 $record = new record(); 742 $record = new record();
583 $record->DeleteList($recordList, true); 743 $record->DeleteList($recordList, true);
584 744
585 updateUserData($parameters["parameters"]["user"], $user); 745 updateUserData($parameters["parameters"]["user"], $user);
586 $user->Save(); 746 $user->Save();
587 747
588 $result["recordList"] = $recordList; 748 $result["recordList"] = $recordList;
589 $result["lock"] = $user->lock; 749 $result["lock"] = $user->lock;
590 $result["result"] = "done"; 750 $result["result"] = "done";
591 751
592 //============================================================= 752 //=============================================================
593 } else if ($message == "deleteUser") { 753 } else if ($message == "deleteUser") {
594//{"message":"deleteUser", "srpSharedSecret":"e8e4ca6544dca49c95b3647d8358ad54c317048b74d2ac187ac25f719c9bac58", "parameters":{}} 754//{"message":"deleteUser", "srpSharedSecret":"e8e4ca6544dca49c95b3647d8358ad54c317048b74d2ac187ac25f719c9bac58", "parameters":{}}
595 $user = new user(); 755 $user = new user();
596 $user->Get($_SESSION["userId"]); 756 $user->Get($_SESSION["userId"]);
597 $user->Delete(true); 757 $user->Delete(true);
598 758
599 $result["result"] = "ok"; 759 $result["result"] = "ok";
600 760
601 //============================================================= 761 //=============================================================
602 } else if ($message == "addNewOneTimePassword") { 762 } else if ($message == "addNewOneTimePassword") {
603//{ 763//{
604 //"message":"addNewOneTimePassword", 764 //"message":"addNewOneTimePassword",
605 //"srpSharedSecret":"96fee4af06c09ce954fe7a9f87970e943449186bebf70bac0af1d6ebb818dabb", 765 //"srpSharedSecret":"96fee4af06c09ce954fe7a9f87970e943449186bebf70bac0af1d6ebb818dabb",
606 //"parameters":{ 766 //"parameters":{
607 // "user":{ 767 // "user":{
608 // "header":"{\"records\":{\"index\":{\"419ea6....rsion\":\"0.1\"}", 768 // "header":"{\"records\":{\"index\":{\"419ea6....rsion\":\"0.1\"}",
609 // "statistics":"rrlwNbDt83rpWT4S72upiVsC", 769 // "statistics":"rrlwNbDt83rpWT4S72upiVsC",
610 // "version":"0.3", 770 // "version":"0.3",
611 // "lock":"----" 771 // "lock":"----"
612 // }, 772 // },
613 // "oneTimePassword":{ 773 // "oneTimePassword":{
614 // "reference":"29e26f3a2aae61fe5cf58c45296c6df4f3dceafe067ea550b455be345f44123c", 774 // "reference":"29e26f3a2aae61fe5cf58c45296c6df4f3dceafe067ea550b455be345f44123c",
615 // "key":"afb848208758361a96a298b9db08995cf036011747809357a90645bc93fdfa03", 775 // "key":"afb848208758361a96a298b9db08995cf036011747809357a90645bc93fdfa03",
616 // "keyChecksum":"d1599ae443b5a566bfd93c0aeec4c81b42c0506ee09874dae050449580bb3486", 776 // "keyChecksum":"d1599ae443b5a566bfd93c0aeec4c81b42c0506ee09874dae050449580bb3486",
617 // "data":"hsyY8DHksgR52x6c4j7XAtIUeY.....dxsr3XWt7CbGg==", 777 // "data":"hsyY8DHksgR52x6c4j7XAtIUeY.....dxsr3XWt7CbGg==",
618 // "version":"0.3" 778 // "version":"0.3"
619 // } 779 // }
620 //} 780 //}
621//} 781//}
622 782
623 fixOTPStatusTable(); 783 fixOTPStatusTable();
624 784
625 $user = new user(); 785 $user = new user();
626 $user = $user->Get($_SESSION["userId"]); 786 $user = $user->Get($_SESSION["userId"]);
627 787
628 $otp = new onetimepassword(); 788 $otp = new onetimepassword();
629 updateOTP($parameters["parameters"]["oneTimePassword"], $otp, "ACTIVE"); 789 updateOTP($parameters["parameters"]["oneTimePassword"], $otp, "ACTIVE");
630 $user->AddOnetimepassword($otp); 790 $user->AddOnetimepassword($otp);
631 791
632 updateUserData($parameters["parameters"]["user"], $user); 792 updateUserData($parameters["parameters"]["user"], $user);
633 $user->Save(); 793 $user->Save();
634 794
635 $result["lock"] = $user->lock; 795 $result["lock"] = $user->lock;
636 $result["result"] = "done"; 796 $result["result"] = "done";
637 797
638 //============================================================= 798 //=============================================================
639 } else if ($message == "updateOneTimePasswords") { 799 } else if ($message == "updateOneTimePasswords") {
640//{ 800//{
641 //"message":"updateOneTimePasswords", 801 //"message":"updateOneTimePasswords",
642 //"srpSharedSecret":"c78f8ed099ea421f4dd0a4e02dbaf1f7da925f0088188d99399874ff064a3d27", 802 //"srpSharedSecret":"c78f8ed099ea421f4dd0a4e02dbaf1f7da925f0088188d99399874ff064a3d27",
643 //"parameters":{ 803 //"parameters":{
644 // "user":{ 804 // "user":{
645 // "header":"{\"reco...sion\":\"0.1\"}", 805 // "header":"{\"reco...sion\":\"0.1\"}",
646 // "statistics":"UeRq75RZHzDC7elzrh/+OB5d", 806 // "statistics":"UeRq75RZHzDC7elzrh/+OB5d",
647 // "version":"0.3", 807 // "version":"0.3",
648 // "lock":"----" 808 // "lock":"----"
649 // }, 809 // },
650 // "oneTimePasswords":["f5f44c232f239efe48ab81a6236deea1a840d52946f7d4d782dad52b4c5359ce"] 810 // "oneTimePasswords":["f5f44c232f239efe48ab81a6236deea1a840d52946f7d4d782dad52b4c5359ce"]
651 //} 811 //}
652//} 812//}
653 813
654 $user = new user(); 814 $user = new user();
655 $user = $user->Get($_SESSION["userId"]); 815 $user = $user->Get($_SESSION["userId"]);
656 816
657 $validOtpReferences = $parameters["parameters"]["oneTimePasswords"]; 817 $validOtpReferences = $parameters["parameters"]["oneTimePasswords"];
658 818
659 $otpList = $user->GetOnetimepasswordList(); 819 $otpList = $user->GetOnetimepasswordList();
660 $c = count($otpList); 820 $c = count($otpList);
661 for ($i=0; $i<$c; $i++) { 821 for ($i=0; $i<$c; $i++) {
662 $currentOtp = $otpList[$i]; 822 $currentOtp = $otpList[$i];
663 if (arrayContainsValue($validOtpReferences, $currentOtp->reference) == false) { 823 if (arrayContainsValue($validOtpReferences, $currentOtp->reference) == false) {
664 $currentOtp->Delete(); 824 $currentOtp->Delete();
665 } 825 }
666 } 826 }
667 827
668 updateUserData($parameters["parameters"]["user"], $user); 828 updateUserData($parameters["parameters"]["user"], $user);
669 $user->Save(); 829 $user->Save();
670 830
671 $result["result"] = $user->lock; 831 $result["result"] = $user->lock;
672 832
673 //============================================================= 833 //=============================================================
674 } else if ($message == "getOneTimePasswordsDetails") { 834 } else if ($message == "getOneTimePasswordsDetails") {
675 835
676 //============================================================= 836 //=============================================================
677 } else if ($message == "getLoginHistory") { 837 } else if ($message == "getLoginHistory") {
678 $result["result"] = array(); 838 $result["result"] = array();
679 839
680 //============================================================= 840 //=============================================================
681 } else if ($message == "upgradeUserCredentials") { 841 } else if ($message == "upgradeUserCredentials") {
682//{ 842//{
683 //"message":"upgradeUserCredentials", 843 //"message":"upgradeUserCredentials",
684 //"srpSharedSecret":"f1c25322e1478c8fb26063e9eef2f6fc25e0460065a31cb718f80bcff8f8a735", 844 //"srpSharedSecret":"f1c25322e1478c8fb26063e9eef2f6fc25e0460065a31cb718f80bcff8f8a735",
685 //"parameters":{ 845 //"parameters":{
686 // "user":{ 846 // "user":{
687 // "header":"{\"reco...sion\":\"0.1\"}", 847 // "header":"{\"reco...sion\":\"0.1\"}",
688 // "statistics":"s72Xva+w7CLgH+ihwqwXUbyu", 848 // "statistics":"s72Xva+w7CLgH+ihwqwXUbyu",
689 // "version":"0.3", 849 // "version":"0.3",
690 // "lock":"----" 850 // "lock":"----"
691 // }, 851 // },
692 // "credentials":{ 852 // "credentials":{
693 // "C":"57d15a8afbc1ae08103bd991d387ddfd8d26824276476fe709d754f098b6c26d", 853 // "C":"57d15a8afbc1ae08103bd991d387ddfd8d26824276476fe709d754f098b6c26d",
694 // "s":"d6735fc0486f391c4f3c947928f9e61a2418e7bed2bc9b25bb43f93acc52f636", 854 // "s":"d6735fc0486f391c4f3c947928f9e61a2418e7bed2bc9b25bb43f93acc52f636",
695 // "v":"540c2ebbf941a481b6b2c9026c07fb46e8202e4408ed96864a696deb622baece", 855 // "v":"540c2ebbf941a481b6b2c9026c07fb46e8202e4408ed96864a696deb622baece",
696 // "version":"0.2" 856 // "version":"0.2"
697 // }, 857 // },
698 // "oneTimePasswords":{ 858 // "oneTimePasswords":{
699 // "923cdc61c4b877b263236124c44d69b459d240453a461cce8ddf7518b423ca94": "1HD6Ta0xsifEDhDwE....9WDK6tvrS6w==", 859 // "923cdc61c4b877b263236124c44d69b459d240453a461cce8ddf7518b423ca94": "1HD6Ta0xsifEDhDwE....9WDK6tvrS6w==",
700 // "fb1573cb9497652a81688a099a524fb116e604c6fbc191cf33406eb8438efa5f": "CocN0cSxLmMRdgNF9....o3xhGUEY68Q==" 860 // "fb1573cb9497652a81688a099a524fb116e604c6fbc191cf33406eb8438efa5f": "CocN0cSxLmMRdgNF9....o3xhGUEY68Q=="
701 // } 861 // }
702 //} 862 //}
703//} 863//}
704 864
705 $user = new user(); 865 $user = new user();
706 $user->Get($_SESSION["userId"]); 866 $user->Get($_SESSION["userId"]);
707 867
708 $otp = new onetimepassword(); 868 $otp = new onetimepassword();
709 869
710 updateUserCredentials($parameters["parameters"]["credentials"], $user); 870 updateUserCredentials($parameters["parameters"]["credentials"], $user);
711 updateUserData($parameters["parameters"]["user"], $user); 871 updateUserData($parameters["parameters"]["user"], $user);
712 872
713 $otpList = $parameters["parameters"]["oneTimePasswords"]; 873 $otpList = $parameters["parameters"]["oneTimePasswords"];
714 foreach($otpList as $otpReference=>$otpData) { 874 foreach($otpList as $otpReference=>$otpData) {
715 $otpList = $otp->GetList(array(array("reference", "=", $otpReference))); 875 $otpList = $otp->GetList(array(array("reference", "=", $otpReference)));
716 $currentOtp = $otpList[0]; 876 $currentOtp = $otpList[0];
717 $currentOtp->data = $otpData; 877 $currentOtp->data = $otpData;
718 $currentOtp->Save(); 878 $currentOtp->Save();
719 } 879 }
720 880
721 $user->Save(); 881 $user->Save();
722 882
723 $result["lock"] = $user->lock; 883 $result["lock"] = $user->lock;
724 $result["result"] = "done"; 884 $result["result"] = "done";
725 885
726 //============================================================= 886 //=============================================================
727 } else if ($message == "echo") { 887 } else if ($message == "echo") {
728 $result["result"] = $parameters; 888 $result["result"] = $parameters;
729 } 889 }
730 890
731 //============================================================= 891 //=============================================================
732 } else if (isset($_SESSION['K'])) { 892 } else if (isset($_SESSION['K'])) {
733 $result["error"] = "Wrong shared secret!"; 893 $result["error"] = "Wrong shared secret!";
734 } else { 894 } else {
735 $result["result"] = "EXCEPTION"; 895 $result["result"] = "EXCEPTION";
736 $result["message"] = "Trying to communicate without an active connection"; 896 $result["message"] = "Trying to communicate without an active connection";
737 } 897 }
738 break; 898 break;
739 899
740 case "logout": 900 case "logout":
741error_log("logout"); 901error_log("logout");
742 session_destroy(); 902 session_destroy();
743 break; 903 break;
744 904
745 default: 905 default:
746error_log("default"); 906error_log("default");
747 $result["result"] = $parameters; 907 $result["result"] = $parameters;
748 break; 908 break;
749 } 909 }
750 910
751 session_write_close(); 911 session_write_close();
912
913 $finalResult = Array();
914 $finalResult["result"] = $result;
752 915
753 echo(json_encode($result)); 916 echo(json_encode($finalResult));
754error_log("result: ".json_encode($result)); 917error_log("result: ".json_encode($finalResult));
755?> 918?>