-rw-r--r-- | backend/php/src/configuration.php | 6 | ||||
-rw-r--r-- | backend/php/src/index.php | 189 |
2 files changed, 179 insertions, 16 deletions
diff --git a/backend/php/src/configuration.php b/backend/php/src/configuration.php index 291e3a1..85f680e 100644 --- a/backend/php/src/configuration.php +++ b/backend/php/src/configuration.php | |||
@@ -1,36 +1,36 @@ | |||
1 | <?php | 1 | <?php |
2 | global $configuration; | 2 | global $configuration; |
3 | $configuration['soap'] = "http://www.phpobjectgenerator.com/services/soap.php?wsdl"; | 3 | $configuration['soap'] = "http://www.phpobjectgenerator.com/services/soap.php?wsdl"; |
4 | $configuration['homepage'] = "http://www.phpobjectgenerator.com"; | 4 | $configuration['homepage'] = "http://www.phpobjectgenerator.com"; |
5 | $configuration['revisionNumber'] = ""; | 5 | $configuration['revisionNumber'] = ""; |
6 | $configuration['versionNumber'] = "3.0d"; | 6 | $configuration['versionNumber'] = "3.0d"; |
7 | 7 | ||
8 | $configuration['setup_password'] = ''; | 8 | $configuration['setup_password'] = ''; |
9 | 9 | ||
10 | 10 | ||
11 | // to enable automatic data encoding, run setup, go to the manage plugins tab and install the base64 plugin. | 11 | // to enable automatic data encoding, run setup, go to the manage plugins tab and install the base64 plugin. |
12 | // then set db_encoding = 1 below. | 12 | // then set db_encoding = 1 below. |
13 | // when enabled, db_encoding transparently encodes and decodes data to and from the database without any | 13 | // when enabled, db_encoding transparently encodes and decodes data to and from the database without any |
14 | // programmatic effort on your part. | 14 | // programmatic effort on your part. |
15 | $configuration['db_encoding'] = 0; | 15 | $configuration['db_encoding'] = 0; |
16 | 16 | ||
17 | // edit the information below to match your database settings | 17 | // edit the information below to match your database settings |
18 | 18 | ||
19 | $configuration['db'] = 'clipperz'; //database name | 19 | $configuration['db'] = 'clipperz'; //database name |
20 | $configuration['host'] = 'localhost'; //database host | 20 | $configuration['host'] = 'localhost'; //database host |
21 | $configuration['user'] = 'root'; //database user | 21 | $configuration['user'] = 'clipperz'; //database user |
22 | $configuration['pass'] = 'pass'; //database password | 22 | $configuration['pass'] = 'clipperz'; //database password |
23 | $configuration['port'] = '3306'; //database port | 23 | $configuration['port'] = '3306'; //database port |
24 | 24 | ||
25 | 25 | ||
26 | //proxy settings - if you are behnd a proxy, change the settings below | 26 | //proxy settings - if you are behnd a proxy, change the settings below |
27 | $configuration['proxy_host'] = false; | 27 | $configuration['proxy_host'] = false; |
28 | $configuration['proxy_port'] = false; | 28 | $configuration['proxy_port'] = false; |
29 | $configuration['proxy_username'] = false; | 29 | $configuration['proxy_username'] = false; |
30 | $configuration['proxy_password'] = false; | 30 | $configuration['proxy_password'] = false; |
31 | 31 | ||
32 | 32 | ||
33 | //plugin settings | 33 | //plugin settings |
34 | $configuration['plugins_path'] = dirname(__FILE__).'/plugins'; | 34 | $configuration['plugins_path'] = dirname(__FILE__).'/plugins'; |
35 | 35 | ||
36 | ?> \ No newline at end of file | 36 | ?> \ No newline at end of file |
diff --git a/backend/php/src/index.php b/backend/php/src/index.php index 214ac01..da7c60c 100644 --- a/backend/php/src/index.php +++ b/backend/php/src/index.php | |||
@@ -1,755 +1,918 @@ | |||
1 | <?php | 1 | <?php |
2 | include "./configuration.php"; | 2 | include "./configuration.php"; |
3 | include "./objects/class.database.php"; | 3 | include "./objects/class.database.php"; |
4 | include "./objects/class.user.php"; | 4 | include "./objects/class.user.php"; |
5 | include "./objects/class.record.php"; | 5 | include "./objects/class.record.php"; |
6 | include "./objects/class.recordversion.php"; | 6 | include "./objects/class.recordversion.php"; |
7 | include "./objects/class.onetimepassword.php"; | 7 | include "./objects/class.onetimepassword.php"; |
8 | include "./objects/class.onetimepasswordstatus.php"; | 8 | include "./objects/class.onetimepasswordstatus.php"; |
9 | 9 | ||
10 | //----------------------------------------------------------------------------- | 10 | //----------------------------------------------------------------------------- |
11 | 11 | ||
12 | if ( !function_exists('json_decode') ) { | 12 | if ( !function_exists('json_decode') ) { |
13 | function json_decode($content, $assoc=false) { | 13 | function json_decode($content, $assoc=false) { |
14 | require_once 'json/JSON.php'; | 14 | require_once 'json/JSON.php'; |
15 | if ( $assoc ) { | 15 | if ( $assoc ) { |
16 | $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE); | 16 | $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE); |
17 | } else { | 17 | } else { |
18 | $json = new Services_JSON; | 18 | $json = new Services_JSON; |
19 | } | 19 | } |
20 | 20 | ||
21 | return $json->decode($content); | 21 | return $json->decode($content); |
22 | } | 22 | } |
23 | } | 23 | } |
24 | 24 | ||
25 | if ( !function_exists('json_encode') ) { | 25 | if ( !function_exists('json_encode') ) { |
26 | function json_encode($content) { | 26 | function json_encode($content) { |
27 | require_once 'json/JSON.php'; | 27 | require_once 'json/JSON.php'; |
28 | $json = new Services_JSON; | 28 | $json = new Services_JSON; |
29 | 29 | ||
30 | return $json->encode($content); | 30 | return $json->encode($content); |
31 | } | 31 | } |
32 | } | 32 | } |
33 | 33 | ||
34 | //----------------------------------------------------------------------------- | 34 | //----------------------------------------------------------------------------- |
35 | //'dec2base', 'base2dec' and 'digits' are functions found on the following | 35 | //'dec2base', 'base2dec' and 'digits' are functions found on the following |
36 | //PHP manual page: http://ch2.php.net/manual/en/ref.bc.php | 36 | //PHP manual page: http://ch2.php.net/manual/en/ref.bc.php |
37 | // | 37 | // |
38 | 38 | ||
39 | function dec2base($dec, $base, $digits=FALSE) { | 39 | function dec2base($dec, $base, $digits=FALSE) { |
40 | if ($base<2 or $base>256) { | 40 | if ($base<2 or $base>256) { |
41 | die("Invalid Base: ".$base); | 41 | die("Invalid Base: ".$base); |
42 | } | 42 | } |
43 | 43 | ||
44 | bcscale(0); | 44 | bcscale(0); |
45 | $value=""; | 45 | $value=""; |
46 | if (!$digits) { | 46 | if (!$digits) { |
47 | $digits = digits($base); | 47 | $digits = digits($base); |
48 | } | 48 | } |
49 | 49 | ||
50 | while ($dec > $base-1) { | 50 | while ($dec > $base-1) { |
51 | $rest = bcmod($dec, $base); | 51 | $rest = bcmod($dec, $base); |
52 | $dec = bcdiv($dec, $base); | 52 | $dec = bcdiv($dec, $base); |
53 | $value = $digits[$rest].$value; | 53 | $value = $digits[$rest].$value; |
54 | } | 54 | } |
55 | 55 | ||
56 | $value=$digits[intval($dec)].$value; | 56 | $value=$digits[intval($dec)].$value; |
57 | 57 | ||
58 | return (string)$value; | 58 | return (string)$value; |
59 | } | 59 | } |
60 | 60 | ||
61 | //............................................................................. | 61 | //............................................................................. |
62 | 62 | ||
63 | // convert another base value to its decimal value | 63 | // convert another base value to its decimal value |
64 | function base2dec($value, $base, $digits=FALSE) { | 64 | function base2dec($value, $base, $digits=FALSE) { |
65 | if ($base<2 or $base>256) { | 65 | if ($base<2 or $base>256) { |
66 | die("Invalid Base: ".$base); | 66 | die("Invalid Base: ".$base); |
67 | } | 67 | } |
68 | 68 | ||
69 | bcscale(0); | 69 | bcscale(0); |
70 | if ($base<37) { | 70 | if ($base<37) { |
71 | $value=strtolower($value); | 71 | $value=strtolower($value); |
72 | } | 72 | } |
73 | 73 | ||
74 | if (!$digits) { | 74 | if (!$digits) { |
75 | $digits=digits($base); | 75 | $digits=digits($base); |
76 | } | 76 | } |
77 | 77 | ||
78 | $size = strlen($value); | 78 | $size = strlen($value); |
79 | $dec="0"; | 79 | $dec="0"; |
80 | for ($loop=0; $loop<$size; $loop++) { | 80 | for ($loop=0; $loop<$size; $loop++) { |
81 | $element = strpos($digits, $value[$loop]); | 81 | $element = strpos($digits, $value[$loop]); |
82 | $power = bcpow($base, $size-$loop-1); | 82 | $power = bcpow($base, $size-$loop-1); |
83 | $dec = bcadd($dec, bcmul($element,$power)); | 83 | $dec = bcadd($dec, bcmul($element,$power)); |
84 | } | 84 | } |
85 | 85 | ||
86 | return (string)$dec; | 86 | return (string)$dec; |
87 | } | 87 | } |
88 | 88 | ||
89 | //............................................................................. | 89 | //............................................................................. |
90 | 90 | ||
91 | function digits($base) { | 91 | function digits($base) { |
92 | if ($base>64) { | 92 | if ($base>64) { |
93 | $digits=""; | 93 | $digits=""; |
94 | for ($loop=0; $loop<256; $loop++) { | 94 | for ($loop=0; $loop<256; $loop++) { |
95 | $digits.=chr($loop); | 95 | $digits.=chr($loop); |
96 | } | 96 | } |
97 | } else { | 97 | } else { |
98 | $digits ="0123456789abcdefghijklmnopqrstuvwxyz"; | 98 | $digits ="0123456789abcdefghijklmnopqrstuvwxyz"; |
99 | $digits.="ABCDEFGHIJKLMNOPQRSTUVWXYZ-_"; | 99 | $digits.="ABCDEFGHIJKLMNOPQRSTUVWXYZ-_"; |
100 | } | 100 | } |
101 | 101 | ||
102 | $digits=substr($digits,0,$base); | 102 | $digits=substr($digits,0,$base); |
103 | 103 | ||
104 | return (string)$digits; | 104 | return (string)$digits; |
105 | } | 105 | } |
106 | 106 | ||
107 | //----------------------------------------------------------------------------- | 107 | //----------------------------------------------------------------------------- |
108 | 108 | ||
109 | function clipperz_hash($value) { | 109 | function clipperz_hash($value) { |
110 | return hash("sha256", hash("sha256", $value, true)); | 110 | return hash("sha256", hash("sha256", $value, true)); |
111 | } | 111 | } |
112 | 112 | ||
113 | //----------------------------------------------------------------------------- | 113 | //----------------------------------------------------------------------------- |
114 | 114 | ||
115 | function clipperz_randomSeed() { | 115 | function clipperz_randomSeed() { |
116 | $result; | 116 | $result; |
117 | 117 | ||
118 | srand((double) microtime()*1000000); | 118 | srand((double) microtime()*1000000); |
119 | $result = ""; | 119 | $result = ""; |
120 | 120 | ||
121 | while(strlen($result) < 64) { | 121 | while(strlen($result) < 64) { |
122 | $result = $result.dec2base(rand(), 16); | 122 | $result = $result.dec2base(rand(), 16); |
123 | } | 123 | } |
124 | 124 | ||
125 | $result = substr($result, 0, 64); | 125 | $result = substr($result, 0, 64); |
126 | 126 | ||
127 | return $result; | 127 | return $result; |
128 | } | 128 | } |
129 | 129 | ||
130 | //----------------------------------------------------------------------------- | 130 | //----------------------------------------------------------------------------- |
131 | 131 | ||
132 | function updateUserCredentials($parameters, &$user) { | 132 | function updateUserCredentials($parameters, &$user) { |
133 | $user->username = $parameters["C"]; | 133 | $user->username = $parameters["C"]; |
134 | $user->srp_s = $parameters["s"]; | 134 | $user->srp_s = $parameters["s"]; |
135 | $user->srp_v = $parameters["v"]; | 135 | $user->srp_v = $parameters["v"]; |
136 | $user->auth_version =$parameters["version"]; | 136 | $user->auth_version =$parameters["version"]; |
137 | } | 137 | } |
138 | 138 | ||
139 | function updateUserData($parameters, &$user) { | 139 | function updateUserData($parameters, &$user) { |
140 | $user->header = $parameters["header"]; | 140 | $user->header = $parameters["header"]; |
141 | $user->statistics =$parameters["statistics"]; | 141 | $user->statistics =$parameters["statistics"]; |
142 | $user->version =$parameters["version"]; | 142 | $user->version =$parameters["version"]; |
143 | $user->lock = $parameters["lock"]; | 143 | if (array_key_exists("lock", $parameters)) { |
144 | $user->lock = $parameters["lock"]; | ||
145 | } | ||
144 | } | 146 | } |
145 | 147 | ||
146 | function updateRecordData($parameters, &$record, &$recordVersion) { | 148 | function updateRecordData($parameters, &$record, &$recordVersion) { |
147 | $recordData = $parameters["record"]; | 149 | $recordData = $parameters["record"]; |
148 | $record->reference =$recordData["reference"]; | 150 | $record->reference =$recordData["reference"]; |
149 | $record->data = $recordData["data"]; | 151 | $record->data = $recordData["data"]; |
150 | $record->version = $recordData["version"]; | 152 | $record->version = $recordData["version"]; |
151 | 153 | ||
152 | $recordVersionData = $parameters["currentRecordVersion"]; | 154 | $recordVersionData = $parameters["currentRecordVersion"]; |
153 | $recordVersion->reference = $recordVersionData ["reference"]; | 155 | $recordVersion->reference = $recordVersionData ["reference"]; |
154 | $recordVersion->data = $recordVersionData ["data"]; | 156 | $recordVersion->data = $recordVersionData ["data"]; |
155 | $recordVersion->version = $recordVersionData ["version"]; | 157 | $recordVersion->version = $recordVersionData ["version"]; |
156 | $recordVersion->previous_version_id =$recordVersionData ["previousVersion"]; | 158 | if (array_key_exists("previousVersion", $recordVersionData)) { |
159 | $recordVersion->previous_version_id =$recordVersionData ["previousVersion"]; | ||
160 | } | ||
157 | $recordVersion->previous_version_key =$recordVersionData ["previousVersionKey"]; | 161 | $recordVersion->previous_version_key =$recordVersionData ["previousVersionKey"]; |
158 | } | 162 | } |
159 | 163 | ||
160 | //----------------------------------------------------------------------------- | 164 | //----------------------------------------------------------------------------- |
161 | 165 | ||
162 | function updateOTPStatus(&$otp, $status) { | 166 | function updateOTPStatus(&$otp, $status) { |
163 | $otpStatus = new onetimepasswordstatus(); | 167 | $otpStatus = new onetimepasswordstatus(); |
164 | $selectedStatuses = $otpStatus->GetList(array(array("code", "=", $status))); | 168 | $selectedStatuses = $otpStatus->GetList(array(array("code", "=", $status))); |
165 | $otpStatus = $selectedStatuses[0]; | 169 | $otpStatus = $selectedStatuses[0]; |
166 | $otp->SetOnetimepasswordstatus($otpStatus); | 170 | $otp->SetOnetimepasswordstatus($otpStatus); |
167 | } | 171 | } |
168 | 172 | ||
169 | function updateOTP($parameters, &$otp, $status) { | 173 | function updateOTP($parameters, &$otp, $status) { |
170 | $otp->reference = $parameters["reference"]; | 174 | $otp->reference = $parameters["reference"]; |
171 | $otp->key = $parameters["key"]; | 175 | $otp->key = $parameters["key"]; |
172 | $otp->key_checksum= $parameters["keyChecksum"]; | 176 | $otp->key_checksum= $parameters["keyChecksum"]; |
173 | $otp->data = $parameters["data"]; | 177 | $otp->data = $parameters["data"]; |
174 | $otp->version = $parameters["version"]; | 178 | $otp->version = $parameters["version"]; |
175 | 179 | ||
176 | updateOTPStatus($otp, $status); | 180 | updateOTPStatus($otp, $status); |
177 | } | 181 | } |
178 | 182 | ||
179 | function resetOTP(&$otp, $status) { | 183 | function resetOTP(&$otp, $status) { |
180 | $otp->data = ""; | 184 | $otp->data = ""; |
181 | updateOTPStatus($otp, $status); | 185 | updateOTPStatus($otp, $status); |
182 | $otp->Save(); | 186 | $otp->Save(); |
183 | } | 187 | } |
184 | 188 | ||
185 | //----------------------------------------------------------------------------- | 189 | //----------------------------------------------------------------------------- |
186 | 190 | ||
187 | function fixOTPStatusTable() { | 191 | function fixOTPStatusTable() { |
188 | $otpStatus = new onetimepasswordstatus(); | 192 | $otpStatus = new onetimepasswordstatus(); |
189 | $otpStatusList = $otpStatus->GetList(); | 193 | $otpStatusList = $otpStatus->GetList(); |
190 | if (count($otpStatusList) != 4) { | 194 | if (count($otpStatusList) != 4) { |
191 | $otpStatus->DeleteList(); | 195 | $otpStatus->DeleteList(); |
192 | 196 | ||
193 | $otpStatus->code = "ACTIVE"; $otpStatus->name = "Active"; $otpStatus->description = "Active"; $otpStatus->SaveNew(); | 197 | $otpStatus->code = "ACTIVE"; $otpStatus->name = "Active"; $otpStatus->description = "Active"; $otpStatus->SaveNew(); |
194 | $otpStatus->code = "REQUESTED"; $otpStatus->name = "Requested"; $otpStatus->description = "Requested";$otpStatus->SaveNew(); | 198 | $otpStatus->code = "REQUESTED"; $otpStatus->name = "Requested"; $otpStatus->description = "Requested";$otpStatus->SaveNew(); |
195 | $otpStatus->code = "USED"; $otpStatus->name = "Used"; $otpStatus->description = "Used"; $otpStatus->SaveNew(); | 199 | $otpStatus->code = "USED"; $otpStatus->name = "Used"; $otpStatus->description = "Used"; $otpStatus->SaveNew(); |
196 | $otpStatus->code = "DISABLED"; $otpStatus->name = "Disabled"; $otpStatus->description = "Disabled";$otpStatus->SaveNew(); | 200 | $otpStatus->code = "DISABLED"; $otpStatus->name = "Disabled"; $otpStatus->description = "Disabled";$otpStatus->SaveNew(); |
197 | } | 201 | } |
198 | } | 202 | } |
199 | 203 | ||
200 | //----------------------------------------------------------------------------- | 204 | //----------------------------------------------------------------------------- |
201 | 205 | ||
202 | function arrayContainsValue($array, $value) { | 206 | function arrayContainsValue($array, $value) { |
203 | $object = NULL; | 207 | $object = NULL; |
204 | for ($i=0; $i<count($array); $i++) { | 208 | for ($i=0; $i<count($array); $i++) { |
205 | if ($array[$i] == $value) { | 209 | if ($array[$i] == $value) { |
206 | $object = $value; | 210 | $object = $value; |
207 | } | 211 | } |
208 | } | 212 | } |
209 | 213 | ||
210 | return !is_null($object); | 214 | return !is_null($object); |
211 | } | 215 | } |
212 | 216 | ||
213 | //----------------------------------------------------------------------------- | 217 | //----------------------------------------------------------------------------- |
214 | 218 | ||
215 | $result = Array(); | 219 | $result = Array(); |
216 | 220 | ||
217 | session_start(); | 221 | session_start(); |
218 | 222 | ||
219 | $method = $_POST['method']; | 223 | $method = $_POST['method']; |
220 | 224 | ||
221 | if (get_magic_quotes_gpc()) { | 225 | if (get_magic_quotes_gpc()) { |
222 | $parameters = json_decode(stripslashes($_POST['parameters']), true); | 226 | $parameters = json_decode(stripslashes($_POST['parameters']), true); |
223 | } else { | 227 | } else { |
224 | $parameters = json_decode($_POST['parameters'], true); | 228 | $parameters = json_decode($_POST['parameters'], true); |
225 | } | 229 | } |
226 | 230 | ||
227 | $parameters = $parameters["parameters"]; | 231 | $parameters = $parameters["parameters"]; |
228 | 232 | ||
229 | switch($method) { | 233 | switch($method) { |
230 | case "registration": | 234 | case "registration": |
231 | error_log("registration"); | 235 | error_log("registration"); |
232 | $message = $parameters["message"]; | 236 | $message = $parameters["message"]; |
233 | 237 | ||
234 | if ($message == "completeRegistration") { | 238 | if ($message == "completeRegistration") { |
235 | $user = new user(); | 239 | $user = new user(); |
236 | 240 | ||
237 | updateUserCredentials($parameters["credentials"], $user); | 241 | updateUserCredentials($parameters["credentials"], $user); |
238 | updateUserData($parameters["user"], $user); | 242 | updateUserData($parameters["user"], $user); |
239 | $user->Save(); | 243 | $user->Save(); |
240 | 244 | ||
241 | $result["lock"] = $user->lock; | 245 | $result["lock"] = $user->lock; |
242 | $result["result"] = "done"; | 246 | $result["result"] = "done"; |
243 | } | 247 | } |
244 | break; | 248 | break; |
245 | 249 | ||
246 | case "handshake": | 250 | case "handshake": |
247 | error_log("handshake"); | 251 | error_log("handshake"); |
248 | $srp_g = "2"; | 252 | $srp_g = "2"; |
249 | $srp_n = base2dec("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); | 253 | $srp_n = base2dec("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); |
250 | 254 | ||
251 | $message = $parameters["message"]; | 255 | $message = $parameters["message"]; |
252 | 256 | ||
253 | //============================================================= | 257 | //============================================================= |
254 | if ($message == "connect") { | 258 | if ($message == "connect") { |
255 | $user= new user(); | 259 | $user= new user(); |
256 | $_SESSION["C"] = $parameters["parameters"]["C"]; | 260 | $_SESSION["C"] = $parameters["parameters"]["C"]; |
257 | $_SESSION["A"] = $parameters["parameters"]["A"]; | 261 | $_SESSION["A"] = $parameters["parameters"]["A"]; |
258 | 262 | ||
259 | $userList = $user->GetList(array(array("username", "=", $_SESSION["C"]))); | 263 | $userList = $user->GetList(array(array("username", "=", $_SESSION["C"]))); |
260 | 264 | ||
261 | if (count($userList) == 1) { | 265 | if (count($userList) == 1) { |
262 | $currentUser = $userList[ 0 ]; | 266 | $currentUser = $userList[ 0 ]; |
263 | 267 | ||
264 | if (array_key_exists("otpId", $_SESSION)) { | 268 | if (array_key_exists("otpId", $_SESSION)) { |
265 | $otp = new onetimepassword(); | 269 | $otp = new onetimepassword(); |
266 | $otp = $otp->Get($_SESSION["otpId"]); | 270 | $otp = $otp->Get($_SESSION["otpId"]); |
267 | 271 | ||
268 | if ($otp->GetUser()->userId != $currentUser->userId) { | 272 | if ($otp->GetUser()->userId != $currentUser->userId) { |
269 | throw new Exception("User missmatch between the current session and 'One Time Password' user"); | 273 | throw new Exception("User missmatch between the current session and 'One Time Password' user"); |
270 | } else if ($otp->GetOnetimepasswordstatus()->code != "REQUESTED") { | 274 | } else if ($otp->GetOnetimepasswordstatus()->code != "REQUESTED") { |
271 | throw new Exception("Tring to use an 'One Time Password' in the wrong state"); | 275 | throw new Exception("Tring to use an 'One Time Password' in the wrong state"); |
272 | } | 276 | } |
273 | 277 | ||
274 | resetOTP($otp, "USED"); | 278 | resetOTP($otp, "USED"); |
275 | $result["oneTimePassword"] = $otp->reference; | 279 | $result["oneTimePassword"] = $otp->reference; |
276 | } | 280 | } |
277 | 281 | ||
278 | $_SESSION["s"] = $currentUser->srp_s; | 282 | $_SESSION["s"] = $currentUser->srp_s; |
279 | $_SESSION["v"] = $currentUser->srp_v; | 283 | $_SESSION["v"] = $currentUser->srp_v; |
280 | $_SESSION["userId"] = $currentUser->userId; | 284 | $_SESSION["userId"] = $currentUser->userId; |
281 | } else { | 285 | } else { |
282 | $_SESSION["s"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; | 286 | $_SESSION["s"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; |
283 | $_SESSION["v"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; | 287 | $_SESSION["v"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; |
284 | } | 288 | } |
285 | 289 | ||
286 | $_SESSION["b"] = clipperz_randomSeed(); | 290 | $_SESSION["b"] = clipperz_randomSeed(); |
287 | // $_SESSION["b"] = "5761e6c84d22ea3c5649de01702d60f674ccfe79238540eb34c61cd020230c53"; | 291 | // $_SESSION["b"] = "5761e6c84d22ea3c5649de01702d60f674ccfe79238540eb34c61cd020230c53"; |
288 | $_SESSION["B"] = dec2base(bcadd(base2dec($_SESSION["v"], 16), bcpowmod($srp_g, base2dec($_SESSION["b"], 16), $srp_n)), 16); | 292 | $_SESSION["B"] = dec2base(bcadd(base2dec($_SESSION["v"], 16), bcpowmod($srp_g, base2dec($_SESSION["b"], 16), $srp_n)), 16); |
289 | 293 | ||
290 | $result["s"] = $_SESSION["s"]; | 294 | $result["s"] = $_SESSION["s"]; |
291 | $result["B"] = $_SESSION["B"]; | 295 | $result["B"] = $_SESSION["B"]; |
292 | 296 | ||
293 | //============================================================= | 297 | //============================================================= |
294 | } else if ($message == "credentialCheck") { | 298 | } else if ($message == "credentialCheck") { |
295 | error_log("credentialCheck"); | 299 | error_log("credentialCheck"); |
296 | $u = clipperz_hash(base2dec($_SESSION["B"],16)); | 300 | $u = clipperz_hash(base2dec($_SESSION["B"],16)); |
297 | $A = base2dec($_SESSION["A"], 16); | 301 | $A = base2dec($_SESSION["A"], 16); |
298 | $S = bcpowmod(bcmul($A, bcpowmod(base2dec($_SESSION["v"], 16), base2dec($u, 16), $srp_n)), base2dec($_SESSION["b"], 16), $srp_n); | 302 | $S = bcpowmod(bcmul($A, bcpowmod(base2dec($_SESSION["v"], 16), base2dec($u, 16), $srp_n)), base2dec($_SESSION["b"], 16), $srp_n); |
299 | $K = clipperz_hash($S); | 303 | $K = clipperz_hash($S); |
300 | $M1 = clipperz_hash($A.base2dec($_SESSION["B"],16).$K); | 304 | $M1 = clipperz_hash($A.base2dec($_SESSION["B"],16).$K); |
301 | 305 | ||
302 | //$result["B"] = $_SESSION["B"]; | 306 | //$result["B"] = $_SESSION["B"]; |
303 | //$result["u"] = $u; | 307 | //$result["u"] = $u; |
304 | //$result["A"] = $A; | 308 | //$result["A"] = $A; |
305 | //$result["S"] = $S; | 309 | //$result["S"] = $S; |
306 | //$result["K"] = $K; | 310 | //$result["K"] = $K; |
307 | //$result["M1"] = $M1; | 311 | //$result["M1"] = $M1; |
308 | //$result["_M1"] = $parameters["parameters"]["M1"]; | 312 | //$result["_M1"] = $parameters["parameters"]["M1"]; |
309 | 313 | ||
310 | if ($M1 == $parameters["parameters"]["M1"]) { | 314 | if ($M1 == $parameters["parameters"]["M1"]) { |
311 | $_SESSION["K"] = $K; | 315 | $_SESSION["K"] = $K; |
312 | $M2 = clipperz_hash($A.$M1.$K); | 316 | $M2 = clipperz_hash($A.$M1.$K); |
313 | 317 | ||
314 | $result["M2"] = $M2; | 318 | $result["M2"] = $M2; |
315 | $result["connectionId"] = ""; | 319 | $result["connectionId"] = ""; |
316 | $result["loginInfo"] = array(); | 320 | $result["loginInfo"] = array(); |
317 | $result["loginInfo"]["latest"] = array(); | 321 | $result["loginInfo"]["latest"] = array(); |
318 | $result["loginInfo"]["current"] = array(); | 322 | $result["loginInfo"]["current"] = array(); |
319 | $result["offlineCopyNeeded"] = "false"; | 323 | $result["offlineCopyNeeded"] = "false"; |
320 | $result["lock"] = "----"; | 324 | $result["lock"] = "----"; |
321 | } else { | 325 | } else { |
322 | $result["error"] = "?"; | 326 | $result["error"] = "?"; |
323 | } | 327 | } |
324 | //============================================================= | 328 | //============================================================= |
325 | } else if ($message == "oneTimePassword") { | 329 | } else if ($message == "oneTimePassword") { |
326 | error_log("oneTimePassword"); | 330 | error_log("oneTimePassword"); |
327 | //{ | 331 | //{ |
328 | //"message":"oneTimePassword", | 332 | //"message":"oneTimePassword", |
329 | //"version":"0.2", | 333 | //"version":"0.2", |
330 | //"parameters":{ | 334 | //"parameters":{ |
331 | // "oneTimePasswordKey":"06dfa7f428081f8b2af98b0895e14e18af90b0ef2ff32828e55cc2ac6b24d29b", | 335 | // "oneTimePasswordKey":"06dfa7f428081f8b2af98b0895e14e18af90b0ef2ff32828e55cc2ac6b24d29b", |
332 | // "oneTimePasswordKeyChecksum":"60bcba3f72e56f6bb3f0ff88509b9a0e5ec730dfa71daa4c1e892dbd1b0c360d" | 336 | // "oneTimePasswordKeyChecksum":"60bcba3f72e56f6bb3f0ff88509b9a0e5ec730dfa71daa4c1e892dbd1b0c360d" |
333 | //} | 337 | //} |
334 | //} | 338 | //} |
335 | $otp = new onetimepassword(); | 339 | $otp = new onetimepassword(); |
336 | $otpList = $otp->GetList(array(array("key", "=", $parameters["parameters"]["oneTimePasswordKey"]))); | 340 | $otpList = $otp->GetList(array(array("key", "=", $parameters["parameters"]["oneTimePasswordKey"]))); |
337 | 341 | ||
338 | if (count($otpList) == 1) { | 342 | if (count($otpList) == 1) { |
339 | $currentOtp = $otpList[0]; | 343 | $currentOtp = $otpList[0]; |
340 | 344 | ||
341 | if ($currentOtp->GetOnetimepasswordstatus()->code == "ACTIVE") { | 345 | if ($currentOtp->GetOnetimepasswordstatus()->code == "ACTIVE") { |
342 | if ($currentOtp->key_checksum == $parameters["parameters"]["oneTimePasswordKeyChecksum"]) { | 346 | if ($currentOtp->key_checksum == $parameters["parameters"]["oneTimePasswordKeyChecksum"]) { |
343 | $_SESSION["userId"] = $currentOtp->GetUser()->userId; | 347 | $_SESSION["userId"] = $currentOtp->GetUser()->userId; |
344 | $_SESSION["otpId"]= $currentOtp->onetimepasswordId; | 348 | $_SESSION["otpId"]= $currentOtp->onetimepasswordId; |
345 | 349 | ||
346 | $result["data"] = $currentOtp->data; | 350 | $result["data"] = $currentOtp->data; |
347 | $result["version"] = $currentOtp->version; | 351 | $result["version"] = $currentOtp->version; |
348 | 352 | ||
349 | resetOTP($currentOtp, "REQUESTED"); | 353 | resetOTP($currentOtp, "REQUESTED"); |
350 | } else { | 354 | } else { |
351 | resetOTP($currentOtp, "DISABLED"); | 355 | resetOTP($currentOtp, "DISABLED"); |
352 | throw new Exception("The requested One Time Password has been disabled, due to a wrong keyChecksum"); | 356 | throw new Exception("The requested One Time Password has been disabled, due to a wrong keyChecksum"); |
353 | } | 357 | } |
354 | } else { | 358 | } else { |
355 | throw new Exception("The requested One Time Password was not active"); | 359 | throw new Exception("The requested One Time Password was not active"); |
356 | } | 360 | } |
357 | } else { | 361 | } else { |
358 | throw new Exception("The requested One Time Password has not been found"); | 362 | throw new Exception("The requested One Time Password has not been found"); |
359 | } | 363 | } |
360 | 364 | ||
361 | //============================================================= | 365 | //============================================================= |
362 | } | 366 | } |
363 | 367 | ||
364 | break; | 368 | break; |
365 | 369 | ||
366 | case "message": | 370 | case "message": |
367 | error_log("message"); | 371 | error_log("message"); |
372 | //error_log("message: ".json_encode($parameters)); | ||
368 | if ($parameters["srpSharedSecret"] == $_SESSION["K"]) { | 373 | if ($parameters["srpSharedSecret"] == $_SESSION["K"]) { |
369 | $message = $parameters["message"]; | 374 | $message = $parameters["message"]; |
370 | 375 | ||
371 | //============================================================= | 376 | //============================================================= |
372 | if ($message == "getUserDetails") { | 377 | if ($message == "getUserDetails") { |
373 | //{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}} | 378 | //{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}} |
374 | $user = new user(); | 379 | $user = new user(); |
375 | $user = $user->Get($_SESSION["userId"]); | 380 | $user = $user->Get($_SESSION["userId"]); |
376 | 381 | ||
377 | $result["header"] = $user->header; | 382 | $result["header"] = $user->header; |
378 | 383 | ||
379 | $records = $user->GetRecordList(); | 384 | $records = $user->GetRecordList(); |
380 | foreach ($records as $record) { | 385 | foreach ($records as $record) { |
381 | $recordStats["updateDate"] = $record->update_date; | 386 | $recordStats["updateDate"] = $record->update_date; |
382 | $recordsStats[$record->reference] = $recordStats; | 387 | $recordsStats[$record->reference] = $recordStats; |
383 | } | 388 | } |
384 | $result["recordsStats"] = $recordsStats; | 389 | $result["recordsStats"] = $recordsStats; |
385 | 390 | ||
386 | $result["statistics"] =$user->statistics; | 391 | $result["statistics"] =$user->statistics; |
387 | $result["version"] =$user->version; | 392 | $result["version"] =$user->version; |
388 | 393 | ||
389 | //============================================================= | 394 | //============================================================= |
390 | } else if ($message == "addNewRecords") { | 395 | } else if ($message == "addNewRecords") { |
391 | /* | 396 | /* |
392 | //{ | 397 | //{ |
393 | //"message":"addNewRecords", | 398 | //"message":"addNewRecords", |
394 | //"srpSharedSecret":"b58fdf62acebbcb67f63d28c0437f166069f45690c648cd4376a792ae7a325f7", | 399 | //"srpSharedSecret":"b58fdf62acebbcb67f63d28c0437f166069f45690c648cd4376a792ae7a325f7", |
395 | //"parameters":{ | 400 | //"parameters":{ |
396 | // "records":[ | 401 | // "records":[ |
397 | // { | 402 | // { |
398 | // "record":{ | 403 | // "record":{ |
399 | // "reference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", | 404 | // "reference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", |
400 | // "data":"OBSGtcb6blXq/xaYG.....4EqlQqgAvITN", | 405 | // "data":"OBSGtcb6blXq/xaYG.....4EqlQqgAvITN", |
401 | // "version":"0.3" | 406 | // "version":"0.3" |
402 | // }, | 407 | // }, |
403 | // "currentRecordVersion":{ | 408 | // "currentRecordVersion":{ |
404 | // "reference":"83ad301525c18f2afd72b6ac82c0a713382e1ef70ac69935ca7e2869dd4ff980", | 409 | // "reference":"83ad301525c18f2afd72b6ac82c0a713382e1ef70ac69935ca7e2869dd4ff980", |
405 | // "recordReference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", | 410 | // "recordReference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610", |
406 | // "data":"NXJ5jiZhkd0CMiwwntAq....1TjjF+SGfE=", | 411 | // "data":"NXJ5jiZhkd0CMiwwntAq....1TjjF+SGfE=", |
407 | // "version":"0.3", | 412 | // "version":"0.3", |
408 | // "previousVersion":"3e174a86afc322271d8af28bc062b0f1bfd7344fad01212cd08b2757c4b199c4", | 413 | // "previousVersion":"3e174a86afc322271d8af28bc062b0f1bfd7344fad01212cd08b2757c4b199c4", |
409 | // "previousVersionKey":"kozaaGCzXWr71LbOKu6Z3nz520V..5U85tSBvb+u44twttv54Kw==" | 414 | // "previousVersionKey":"kozaaGCzXWr71LbOKu6Z3nz520V..5U85tSBvb+u44twttv54Kw==" |
410 | // } | 415 | // } |
411 | // } | 416 | // } |
412 | // ], | 417 | // ], |
413 | // "user":{ | 418 | // "user":{ |
414 | // "header":"{\"reco...ersion\":\"0.1\"}", | 419 | // "header":"{\"reco...ersion\":\"0.1\"}", |
415 | // "statistics":"rKI6nR6iqggygQJ3SQ58bFUX", | 420 | // "statistics":"rKI6nR6iqggygQJ3SQ58bFUX", |
416 | // "version":"0.3", | 421 | // "version":"0.3", |
417 | // "lock":"----" | 422 | // "lock":"----" |
418 | // } | 423 | // } |
419 | //} | 424 | //} |
420 | //} | 425 | //} |
421 | */ | 426 | */ |
422 | $user = new user(); | 427 | $user = new user(); |
423 | $record = new record(); | 428 | $record = new record(); |
424 | $recordVersion = new recordversion(); | 429 | $recordVersion = new recordversion(); |
425 | 430 | ||
426 | $user = $user->Get($_SESSION["userId"]); | 431 | $user = $user->Get($_SESSION["userId"]); |
427 | updateUserData($parameters["parameters"]["user"], $user); | 432 | updateUserData($parameters["parameters"]["user"], $user); |
428 | 433 | ||
429 | $recordParameterList = $parameters["parameters"]["records"]; | 434 | $recordParameterList = $parameters["parameters"]["records"]; |
430 | $c = count($recordParameterList); | 435 | $c = count($recordParameterList); |
431 | for ($i=0; $i<$c; $i++) { | 436 | for ($i=0; $i<$c; $i++) { |
432 | updateRecordData($recordParameterList[$i], $record, $recordVersion); | 437 | updateRecordData($recordParameterList[$i], $record, $recordVersion); |
433 | 438 | ||
434 | $record->SaveNew(); | 439 | $record->SaveNew(); |
435 | $recordVersion->SaveNew(); | 440 | $recordVersion->SaveNew(); |
436 | 441 | ||
437 | $record->AddRecordversion($recordVersion); | 442 | $record->AddRecordversion($recordVersion); |
438 | $user->AddRecord($record); | 443 | $user->AddRecord($record); |
439 | 444 | ||
440 | $record->Save(); | 445 | $record->Save(); |
441 | $recordVersion->Save(); | 446 | $recordVersion->Save(); |
442 | } | 447 | } |
443 | 448 | ||
444 | $user->Save(); | 449 | $user->Save(); |
445 | 450 | ||
446 | $result["lock"] = $user->lock; | 451 | $result["lock"] = $user->lock; |
447 | $result["result"] = "done"; | 452 | $result["result"] = "done"; |
448 | 453 | ||
449 | //============================================================= | 454 | //============================================================= |
455 | } else if ($message == "saveChanges") { | ||
456 | |||
457 | //{ | ||
458 | // "message":"saveChanges", | ||
459 | // "srpSharedSecret":"edc78508907c942173818f7247fa64869ba80672a7aa8d27b8fa6bfe524fb9c8", | ||
460 | // "parameters":{ | ||
461 | // "records":{ | ||
462 | // "updated":[ | ||
463 | // { | ||
464 | // "currentRecordVersion":{ | ||
465 | // "previousVersionKey":"####", | ||
466 | // "reference":"08c8eb7ec528fbf987bbfb84fe2e960cf9ae937b19fbb5f05d8d90a7039fac6a", | ||
467 | // "data":"WYQ16AjodjsmyZDXa4MKxOju0F…beD/zXlbVb0Zj0ZI/N55bZ", | ||
468 | // "version":"0.3" | ||
469 | // }, | ||
470 | // "record":{ | ||
471 | // "reference":"83de5304f60a808e48a815c6203d7d3f24874d3f40faba420bbc60b376fcc356", | ||
472 | // "data":"B6uBuBE Aly0knvgrUppodDTGZQC…guizL9QvHCWyM bQQBGBVvHZ6LfA==", | ||
473 | // "version":"0.3" | ||
474 | // } | ||
475 | // } | ||
476 | // ], | ||
477 | // "deleted":[ | ||
478 | // | ||
479 | // ] | ||
480 | // }, | ||
481 | // "user":{ | ||
482 | // "header":"{\"rec…sion\":\"0.1\"}", | ||
483 | // "statistics":"e6iXVEM4i8ZatPZFCCads/9F", | ||
484 | // "version":"0.3" | ||
485 | // } | ||
486 | // } | ||
487 | //} | ||
488 | $user = new user(); | ||
489 | $user = $user->Get($_SESSION["userId"]); | ||
490 | updateUserData($parameters["parameters"]["user"], $user); | ||
491 | |||
492 | $recordToUpdateParameterList = $parameters["parameters"]["records"]["updated"]; | ||
493 | $c = count($recordToUpdateParameterList); | ||
494 | for ($i=0; $i<$c; $i++) { | ||
495 | $recordList = $user->GetRecordList(array(array("reference", "=", $recordToUpdateParameterList [$i]["record"]["reference"]))); | ||
496 | if (count($recordList) == 0) { | ||
497 | $currentRecord = new record(); | ||
498 | $currentVersion = new recordversion(); | ||
499 | $isNewRecord = true; | ||
500 | } else { | ||
501 | $currentRecord = $recordList[0]; | ||
502 | $currentRecordVersions = $currentRecord->GetRecordversionList(); | ||
503 | $currentVersion = $currentRecordVersions[0]; | ||
504 | $isNewRecord = false; | ||
505 | } | ||
506 | |||
507 | updateRecordData($recordToUpdateParameterList[$i], $currentRecord, $currentVersion); | ||
508 | |||
509 | if ($isNewRecord == true) { | ||
510 | $currentRecord->SaveNew(); | ||
511 | $currentVersion->SaveNew(); | ||
512 | |||
513 | $currentRecord->AddRecordversion($currentVersion); | ||
514 | $user->AddRecord($currentRecord); | ||
515 | } | ||
516 | |||
517 | $currentRecord->Save(); | ||
518 | $currentVersion->Save(); | ||
519 | } | ||
520 | |||
521 | $user->Save(); | ||
522 | |||
523 | $recordToDeleteReferenceList = $parameters["parameters"]["records"]["deleted"]; | ||
524 | $recordList = array(); | ||
525 | $c = count($recordToDeleteReferenceList); | ||
526 | for ($i=0; $i<$c; $i++) { | ||
527 | array_push($recordList, array("reference", "=", $recordToDeleteReferenceList[$i])); | ||
528 | } | ||
529 | |||
530 | $record = new record(); | ||
531 | $record->DeleteList($recordList, true); | ||
532 | |||
533 | $result["lock"] = $user->lock; | ||
534 | $result["result"] = "done"; | ||
535 | |||
536 | //============================================================= | ||
450 | } else if ($message == "getRecordDetail") { | 537 | } else if ($message == "getRecordDetail") { |
451 | //{ | 538 | //{ |
452 | //"message":"getRecordDetail", | 539 | //"message":"getRecordDetail", |
453 | //"srpSharedSecret":"4c00dcb66a9f2aea41a87e4707c526874e2eb29cc72d2c7086837e53d6bf2dfe", | 540 | //"srpSharedSecret":"4c00dcb66a9f2aea41a87e4707c526874e2eb29cc72d2c7086837e53d6bf2dfe", |
454 | //"parameters":{ | 541 | //"parameters":{ |
455 | // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50" | 542 | // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50" |
456 | //} | 543 | //} |
457 | //} | 544 | //} |
458 | // | 545 | // |
459 | //result = { | 546 | //result = { |
460 | // currentVersion:{ | 547 | // currentVersion:{ |
461 | // reference:"88943d709c3ea2442d4f58eaaec6409276037e5a37e0a6d167b9dad9e947e854", | 548 | // reference:"88943d709c3ea2442d4f58eaaec6409276037e5a37e0a6d167b9dad9e947e854", |
462 | // accessDate:"Wed, 13 February 2008 14:25:12 UTC", | 549 | // accessDate:"Wed, 13 February 2008 14:25:12 UTC", |
463 | // creationDate:"Tue, 17 April 2007 17:17:52 UTC", | 550 | // creationDate:"Tue, 17 April 2007 17:17:52 UTC", |
464 | // version:"0.2", | 551 | // version:"0.2", |
465 | // data:"xI3WXddQLFtL......EGyKnnAVik", | 552 | // data:"xI3WXddQLFtL......EGyKnnAVik", |
466 | // updateDate:"Tue, 17 April 2007 17:17:52 UTC", | 553 | // updateDate:"Tue, 17 April 2007 17:17:52 UTC", |
467 | // header:"####" | 554 | // header:"####" |
468 | // } | 555 | // } |
469 | // reference:"13a5e52976337ab210903cd04872588e1b21fb72bc183e91aa25c494b8138551", | 556 | // reference:"13a5e52976337ab210903cd04872588e1b21fb72bc183e91aa25c494b8138551", |
470 | // oldestUsedEncryptedVersion:"0.2", | 557 | // oldestUsedEncryptedVersion:"0.2", |
471 | // accessDate:"Wed, 13 February 2008 14:25:12 UTC", | 558 | // accessDate:"Wed, 13 February 2008 14:25:12 UTC", |
472 | // creationDate:"Wed, 14 March 2007 13:53:11 UTC", | 559 | // creationDate:"Wed, 14 March 2007 13:53:11 UTC", |
473 | // version:"0.2", | 560 | // version:"0.2", |
474 | // updatedDate:"Tue, 17 April 2007 17:17:52 UTC", | 561 | // updatedDate:"Tue, 17 April 2007 17:17:52 UTC", |
475 | // data:"0/BjzyY6jeh71h...pAw2++NEyylGhMC5C5f5m8pBApYziN84s4O3JQ3khW/1UttQl4=" | 562 | // data:"0/BjzyY6jeh71h...pAw2++NEyylGhMC5C5f5m8pBApYziN84s4O3JQ3khW/1UttQl4=" |
476 | //} | 563 | //} |
564 | |||
565 | |||
566 | // #Actual result (causing error in /gamma) | ||
567 | //{ | ||
568 | // "result" : { | ||
569 | // "currentVersion" : { | ||
570 | // "reference" : "cb05177f96a832062c6b936d24323cb74a64e2ef1d97ee026cd1003755af7495", | ||
571 | // "data" : "RAnoHmikp7RmiZ2WVyEMW+Ia", | ||
572 | // "header" : "", | ||
573 | // "version" : "0.3", | ||
574 | // "creationDate" : "0000-00-00 00:00:00", | ||
575 | // "updateDate" : "2011-10-09 19:49:11", | ||
576 | // "accessDate" : "2011-10-09 19:49:11" | ||
577 | // }, | ||
578 | // "reference" : "b07e2afa2ba782b9f379649b36ded6de0452b43c27e6b887c7ce4f2a93f44346", | ||
579 | // "data" : "NtK1nkLUabbJQx5uO8ept...ZJ5dkJYYkyh3VQ==", | ||
580 | // "version" : "0.3", | ||
581 | // "creationDate" : "2011-10-09 19:49:11", | ||
582 | // "updateDate" : "Tue, 30 Nov 1999 00:00:00 +0000", | ||
583 | // "accessDate" : "0000-00-00 00:00:00", | ||
584 | // "oldestUsedEncryptedVersion" : "---" | ||
585 | // } | ||
586 | //} | ||
587 | |||
588 | |||
589 | // #Response from the online /gamma version | ||
590 | //{ | ||
591 | // "result" : { | ||
592 | // "versions" : { | ||
593 | // "e2c193f017ad4f6babf51de59f7550a40596afc0c27373b6a360e426b5bc06de" : { | ||
594 | // "reference" : "e2c193f017ad4f6babf51de59f7550a40596afc0c27373b6a360e426b5bc06de", | ||
595 | // "data" : "s\/3ClggH4uCcf+BkIMqQ...+W0PVt\/MJ3t7s1g0g", | ||
596 | // "creationDate" : "Mon, 10 October 2011 14:42:42 UTC", | ||
597 | // "header" : "####", | ||
598 | // "updateDate" : "Mon, 10 October 2011 14:42:42 UTC", | ||
599 | // "previousVersion" : "a96a6d8b9ac73fcdf874d8a8534ffb2d43da8f5222e96a4a29bd2ae437619463", | ||
600 | // "version" : "0.3", | ||
601 | // "accessDate" : "Mon, 10 October 2011 14:42:42 UTC", | ||
602 | // "previousVersionKey" : "####" | ||
603 | // }, | ||
604 | // [...] | ||
605 | // "a96a6d8b9ac73fcdf874d8a8534ffb2d43da8f5222e96a4a29bd2ae437619463" : { | ||
606 | // "reference" : "a96a6d8b9ac73fcdf874d8a8534ffb2d43da8f5222e96a4a29bd2ae437619463", | ||
607 | // "accessDate" : "Mon, 10 October 2011 14:41:17 UTC", | ||
608 | // "creationDate" : "Mon, 27 October 2008 08:16:14 UTC", | ||
609 | // "version" : "0.3", | ||
610 | // "data" : "m3yhZu81UAjCY6U2Kn...IUCb9suV0fldGOg=", | ||
611 | // "updateDate" : "Mon, 27 October 2008 08:16:14 UTC", | ||
612 | // "header" : "####" | ||
613 | // } | ||
614 | // }, | ||
615 | // "oldestUsedEncryptedVersion" : "0.2", | ||
616 | // "reference" : "36ec1a41118813ced3553534fa2607d781cba687768db305beed368a8e06e113", | ||
617 | // "data" : "frlUkTbaOWD9j2ROat...ruWioCK0Mss27oHjPg==", | ||
618 | // "creationDate" : "Wed, 14 March 2007 17:39:35 UTC", | ||
619 | // "version" : "0.3", | ||
620 | // "accessDate" : "Mon, 10 October 2011 14:45:12 UTC", | ||
621 | // "currentVersion" : "e2c193f017ad4f6babf51de59f7550a40596afc0c27373b6a360e426b5bc06de", | ||
622 | // "updatedDate" : "Mon, 10 October 2011 14:45:12 UTC" | ||
623 | // }, | ||
624 | // "toll" : { | ||
625 | // "requestType" : "MESSAGE", | ||
626 | // "targetValue" : "a516c942a3792cc620775a41f8870a6c7b51796d9a94da978a75da6a52eb1e10", | ||
627 | // "cost" : 2 | ||
628 | // } | ||
629 | // } | ||
630 | |||
477 | $record = new record(); | 631 | $record = new record(); |
478 | 632 | ||
479 | $recordList = $record->GetList(array(array("reference", "=", $parameters["parameters"]["reference"]))); | 633 | $recordList = $record->GetList(array(array("reference", "=", $parameters["parameters"]["reference"]))); |
480 | $currentRecord = $recordList[0]; | 634 | $currentRecord = $recordList[0]; |
481 | $currentRecordVersions = $currentRecord->GetRecordversionList(); | 635 | $currentRecordVersions = $currentRecord->GetRecordversionList(); |
482 | $currentVersion = $currentRecordVersions[0]; | 636 | $currentVersion = $currentRecordVersions[0]; |
483 | 637 | ||
484 | $result["currentVersion"] = array(); | 638 | $result["versions"] = array(); |
485 | $result["currentVersion"]["reference"] =$currentVersion->reference; | 639 | // foreach ($currentRecordVersions as $currentVersion) { |
486 | $result["currentVersion"]["data"] = $currentVersion->data; | 640 | $result["versions"][$currentVersion->reference] = array(); |
487 | $result["currentVersion"]["header"] = $currentVersion->header; | 641 | $result["versions"][$currentVersion->reference]["reference"]= $currentVersion->reference; |
488 | $result["currentVersion"]["version"] = $currentVersion->version; | 642 | $result["versions"][$currentVersion->reference]["data"] = $currentVersion->data; |
489 | $result["currentVersion"]["creationDate"] =$currentVersion->creation_date; | 643 | $result["versions"][$currentVersion->reference]["header"] = $currentVersion->header; |
490 | $result["currentVersion"]["updateDate"] =$currentVersion->update_date; | 644 | $result["versions"][$currentVersion->reference]["version"] = $currentVersion->version; |
491 | $result["currentVersion"]["accessDate"] =$currentVersion->access_date; | 645 | $result["versions"][$currentVersion->reference]["creationDate"]= $currentVersion->creation_date; |
646 | $result["versions"][$currentVersion->reference]["updateDate"]= $currentVersion->update_date; | ||
647 | $result["versions"][$currentVersion->reference]["accessDate"]= $currentVersion->access_date; | ||
648 | |||
649 | // } | ||
650 | $result["currentVersion"] = $currentVersion->reference; | ||
651 | // $result["currentVersion"] = $currentRecord->currentVersion; //???? | ||
492 | 652 | ||
493 | $result["reference"] = $currentRecord->reference; | 653 | $result["reference"] = $currentRecord->reference; |
494 | $result["data"] = $currentRecord->data; | 654 | $result["data"] = $currentRecord->data; |
495 | $result["version"] = $currentRecord->version; | 655 | $result["version"] = $currentRecord->version; |
496 | $result["creationDate"] =$currentRecord->creation_date; | 656 | $result["creationDate"] =$currentRecord->creation_date; |
497 | $result["updateDate"] = $currentRecord->update_date; | 657 | $result["updateDate"] = $currentRecord->update_date; |
498 | $result["accessDate"] = $currentRecord->access_date; | 658 | $result["accessDate"] = $currentRecord->access_date; |
499 | $result["oldestUsedEncryptedVersion"] ="---"; | 659 | $result["oldestUsedEncryptedVersion"] ="---"; |
500 | 660 | ||
501 | //============================================================= | 661 | //============================================================= |
502 | } else if ($message == "updateData") { | 662 | } else if ($message == "updateData") { |
503 | //{ | 663 | //{ |
504 | //"message":"updateData", | 664 | //"message":"updateData", |
505 | //"srpSharedSecret":"4e4aadb1d64513ec4dd42f5e8d5b2d4363de75e4424b6bcf178c9d6a246356c5", | 665 | //"srpSharedSecret":"4e4aadb1d64513ec4dd42f5e8d5b2d4363de75e4424b6bcf178c9d6a246356c5", |
506 | //"parameters":{ | 666 | //"parameters":{ |
507 | // "records":[ | 667 | // "records":[ |
508 | // { | 668 | // { |
509 | // "record":{ | 669 | // "record":{ |
510 | // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", | 670 | // "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", |
511 | // "data":"8hgR0Z+JDrUa812polDJ....JnZUKXNEqKI", | 671 | // "data":"8hgR0Z+JDrUa812polDJ....JnZUKXNEqKI", |
512 | // "version":"0.3" | 672 | // "version":"0.3" |
513 | // }, | 673 | // }, |
514 | // "currentRecordVersion":{ | 674 | // "currentRecordVersion":{ |
515 | // "reference":"b1d82aeb9a0c4f6584bea68ba80839f43dd6ede79791549e29a1860554b144ee", | 675 | // "reference":"b1d82aeb9a0c4f6584bea68ba80839f43dd6ede79791549e29a1860554b144ee", |
516 | // "recordReference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", | 676 | // "recordReference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50", |
517 | // "data":"2d/UgKxxV+kBPV9GRUE.....VGonDoW0tqefxOJo=", | 677 | // "data":"2d/UgKxxV+kBPV9GRUE.....VGonDoW0tqefxOJo=", |
518 | // "version":"0.3", | 678 | // "version":"0.3", |
519 | // "previousVersion":"55904195249037394316d3be3f5e78f08073170103bf0e7ab49a911c159cb0be", | 679 | // "previousVersion":"55904195249037394316d3be3f5e78f08073170103bf0e7ab49a911c159cb0be", |
520 | // "previousVersionKey":"YWiaZeMIVHaIl96OWW+2e8....6d6nHbn6cr2NA/dbQRuC2w==" | 680 | // "previousVersionKey":"YWiaZeMIVHaIl96OWW+2e8....6d6nHbn6cr2NA/dbQRuC2w==" |
521 | // } | 681 | // } |
522 | // } | 682 | // } |
523 | // ], | 683 | // ], |
524 | // "user":{ | 684 | // "user":{ |
525 | // "header":"{\"rec.....sion\":\"0.1\"}", | 685 | // "header":"{\"rec.....sion\":\"0.1\"}", |
526 | // "statistics":"tt3uU9hWBy8rNnMckgCnxMJh", | 686 | // "statistics":"tt3uU9hWBy8rNnMckgCnxMJh", |
527 | // "version":"0.3", | 687 | // "version":"0.3", |
528 | // "lock":"----" | 688 | // "lock":"----" |
529 | // } | 689 | // } |
530 | //} | 690 | //} |
531 | //} | 691 | //} |
532 | 692 | ||
533 | $user = new user(); | 693 | $user = new user(); |
534 | $user = $user->Get($_SESSION["userId"]); | 694 | $user = $user->Get($_SESSION["userId"]); |
535 | updateUserData($parameters["parameters"]["user"], $user); | 695 | updateUserData($parameters["parameters"]["user"], $user); |
536 | $user->Save(); | 696 | $user->Save(); |
537 | 697 | ||
538 | $recordParameterList = $parameters["parameters"]["records"]; | 698 | $recordParameterList = $parameters["parameters"]["records"]; |
539 | $c = count($recordParameterList); | 699 | $c = count($recordParameterList); |
540 | for ($i=0; $i<$c; $i++) { | 700 | for ($i=0; $i<$c; $i++) { |
541 | $recordList = $user->GetRecordList(array(array("reference", "=", $recordParameterList[$i]["record"]["reference"]))); | 701 | $recordList = $user->GetRecordList(array(array("reference", "=", $recordParameterList[$i]["record"]["reference"]))); |
542 | $currentRecord = $recordList[0]; | 702 | $currentRecord = $recordList[0]; |
543 | $currentRecordVersions = $currentRecord->GetRecordversionList(); | 703 | $currentRecordVersions = $currentRecord->GetRecordversionList(); |
544 | $currentVersion = $currentRecordVersions[0]; | 704 | $currentVersion = $currentRecordVersions[0]; |
545 | 705 | ||
546 | updateRecordData($recordParameterList[$i], $currentRecord, $currentVersion); | 706 | updateRecordData($recordParameterList[$i], $currentRecord, $currentVersion); |
547 | 707 | ||
548 | 708 | ||
549 | $currentRecord->Save(); | 709 | $currentRecord->Save(); |
550 | $currentVersion->Save(); | 710 | $currentVersion->Save(); |
551 | } | 711 | } |
552 | 712 | ||
553 | 713 | ||
554 | $result["lock"] = $user->lock; | 714 | $result["lock"] = $user->lock; |
555 | $result["result"] = "done"; | 715 | $result["result"] = "done"; |
556 | 716 | ||
557 | //============================================================= | 717 | //============================================================= |
558 | } else if ($message == "deleteRecords") { | 718 | } else if ($message == "deleteRecords") { |
559 | //{ | 719 | //{ |
560 | //"message":"deleteRecords", | 720 | //"message":"deleteRecords", |
561 | //"srpSharedSecret":"4a64982f7ee366954ec50b9efea62a902a097ef111410c2aa7c4d5343bd1cdd1", | 721 | //"srpSharedSecret":"4a64982f7ee366954ec50b9efea62a902a097ef111410c2aa7c4d5343bd1cdd1", |
562 | //"parameters":{ | 722 | //"parameters":{ |
563 | // "recordReferences":["46494c81d10b80ab190d41e6806ef63869cfcc7a0ab8fe98cc3f93de4729bb9a"], | 723 | // "recordReferences":["46494c81d10b80ab190d41e6806ef63869cfcc7a0ab8fe98cc3f93de4729bb9a"], |
564 | // "user":{ | 724 | // "user":{ |
565 | // "header":"{\"rec...rsion\":\"0.1\"}", | 725 | // "header":"{\"rec...rsion\":\"0.1\"}", |
566 | // "statistics":"44kOOda0xYZjbcugJBdagBQx", | 726 | // "statistics":"44kOOda0xYZjbcugJBdagBQx", |
567 | // "version":"0.3", | 727 | // "version":"0.3", |
568 | // "lock":"----" | 728 | // "lock":"----" |
569 | // } | 729 | // } |
570 | //} | 730 | //} |
571 | //} | 731 | //} |
572 | $user = new user(); | 732 | $user = new user(); |
573 | $user = $user->Get($_SESSION["userId"]); | 733 | $user = $user->Get($_SESSION["userId"]); |
574 | 734 | ||
575 | $recordReferenceList = $parameters["parameters"]["recordReferences"]; | 735 | $recordReferenceList = $parameters["parameters"]["recordReferences"]; |
576 | $recordList = array(); | 736 | $recordList = array(); |
577 | $c = count($recordReferenceList); | 737 | $c = count($recordReferenceList); |
578 | for ($i=0; $i<$c; $i++) { | 738 | for ($i=0; $i<$c; $i++) { |
579 | array_push($recordList, array("reference", "=", $recordReferenceList[$i])); | 739 | array_push($recordList, array("reference", "=", $recordReferenceList[$i])); |
580 | } | 740 | } |
581 | 741 | ||
582 | $record = new record(); | 742 | $record = new record(); |
583 | $record->DeleteList($recordList, true); | 743 | $record->DeleteList($recordList, true); |
584 | 744 | ||
585 | updateUserData($parameters["parameters"]["user"], $user); | 745 | updateUserData($parameters["parameters"]["user"], $user); |
586 | $user->Save(); | 746 | $user->Save(); |
587 | 747 | ||
588 | $result["recordList"] = $recordList; | 748 | $result["recordList"] = $recordList; |
589 | $result["lock"] = $user->lock; | 749 | $result["lock"] = $user->lock; |
590 | $result["result"] = "done"; | 750 | $result["result"] = "done"; |
591 | 751 | ||
592 | //============================================================= | 752 | //============================================================= |
593 | } else if ($message == "deleteUser") { | 753 | } else if ($message == "deleteUser") { |
594 | //{"message":"deleteUser", "srpSharedSecret":"e8e4ca6544dca49c95b3647d8358ad54c317048b74d2ac187ac25f719c9bac58", "parameters":{}} | 754 | //{"message":"deleteUser", "srpSharedSecret":"e8e4ca6544dca49c95b3647d8358ad54c317048b74d2ac187ac25f719c9bac58", "parameters":{}} |
595 | $user = new user(); | 755 | $user = new user(); |
596 | $user->Get($_SESSION["userId"]); | 756 | $user->Get($_SESSION["userId"]); |
597 | $user->Delete(true); | 757 | $user->Delete(true); |
598 | 758 | ||
599 | $result["result"] = "ok"; | 759 | $result["result"] = "ok"; |
600 | 760 | ||
601 | //============================================================= | 761 | //============================================================= |
602 | } else if ($message == "addNewOneTimePassword") { | 762 | } else if ($message == "addNewOneTimePassword") { |
603 | //{ | 763 | //{ |
604 | //"message":"addNewOneTimePassword", | 764 | //"message":"addNewOneTimePassword", |
605 | //"srpSharedSecret":"96fee4af06c09ce954fe7a9f87970e943449186bebf70bac0af1d6ebb818dabb", | 765 | //"srpSharedSecret":"96fee4af06c09ce954fe7a9f87970e943449186bebf70bac0af1d6ebb818dabb", |
606 | //"parameters":{ | 766 | //"parameters":{ |
607 | // "user":{ | 767 | // "user":{ |
608 | // "header":"{\"records\":{\"index\":{\"419ea6....rsion\":\"0.1\"}", | 768 | // "header":"{\"records\":{\"index\":{\"419ea6....rsion\":\"0.1\"}", |
609 | // "statistics":"rrlwNbDt83rpWT4S72upiVsC", | 769 | // "statistics":"rrlwNbDt83rpWT4S72upiVsC", |
610 | // "version":"0.3", | 770 | // "version":"0.3", |
611 | // "lock":"----" | 771 | // "lock":"----" |
612 | // }, | 772 | // }, |
613 | // "oneTimePassword":{ | 773 | // "oneTimePassword":{ |
614 | // "reference":"29e26f3a2aae61fe5cf58c45296c6df4f3dceafe067ea550b455be345f44123c", | 774 | // "reference":"29e26f3a2aae61fe5cf58c45296c6df4f3dceafe067ea550b455be345f44123c", |
615 | // "key":"afb848208758361a96a298b9db08995cf036011747809357a90645bc93fdfa03", | 775 | // "key":"afb848208758361a96a298b9db08995cf036011747809357a90645bc93fdfa03", |
616 | // "keyChecksum":"d1599ae443b5a566bfd93c0aeec4c81b42c0506ee09874dae050449580bb3486", | 776 | // "keyChecksum":"d1599ae443b5a566bfd93c0aeec4c81b42c0506ee09874dae050449580bb3486", |
617 | // "data":"hsyY8DHksgR52x6c4j7XAtIUeY.....dxsr3XWt7CbGg==", | 777 | // "data":"hsyY8DHksgR52x6c4j7XAtIUeY.....dxsr3XWt7CbGg==", |
618 | // "version":"0.3" | 778 | // "version":"0.3" |
619 | // } | 779 | // } |
620 | //} | 780 | //} |
621 | //} | 781 | //} |
622 | 782 | ||
623 | fixOTPStatusTable(); | 783 | fixOTPStatusTable(); |
624 | 784 | ||
625 | $user = new user(); | 785 | $user = new user(); |
626 | $user = $user->Get($_SESSION["userId"]); | 786 | $user = $user->Get($_SESSION["userId"]); |
627 | 787 | ||
628 | $otp = new onetimepassword(); | 788 | $otp = new onetimepassword(); |
629 | updateOTP($parameters["parameters"]["oneTimePassword"], $otp, "ACTIVE"); | 789 | updateOTP($parameters["parameters"]["oneTimePassword"], $otp, "ACTIVE"); |
630 | $user->AddOnetimepassword($otp); | 790 | $user->AddOnetimepassword($otp); |
631 | 791 | ||
632 | updateUserData($parameters["parameters"]["user"], $user); | 792 | updateUserData($parameters["parameters"]["user"], $user); |
633 | $user->Save(); | 793 | $user->Save(); |
634 | 794 | ||
635 | $result["lock"] = $user->lock; | 795 | $result["lock"] = $user->lock; |
636 | $result["result"] = "done"; | 796 | $result["result"] = "done"; |
637 | 797 | ||
638 | //============================================================= | 798 | //============================================================= |
639 | } else if ($message == "updateOneTimePasswords") { | 799 | } else if ($message == "updateOneTimePasswords") { |
640 | //{ | 800 | //{ |
641 | //"message":"updateOneTimePasswords", | 801 | //"message":"updateOneTimePasswords", |
642 | //"srpSharedSecret":"c78f8ed099ea421f4dd0a4e02dbaf1f7da925f0088188d99399874ff064a3d27", | 802 | //"srpSharedSecret":"c78f8ed099ea421f4dd0a4e02dbaf1f7da925f0088188d99399874ff064a3d27", |
643 | //"parameters":{ | 803 | //"parameters":{ |
644 | // "user":{ | 804 | // "user":{ |
645 | // "header":"{\"reco...sion\":\"0.1\"}", | 805 | // "header":"{\"reco...sion\":\"0.1\"}", |
646 | // "statistics":"UeRq75RZHzDC7elzrh/+OB5d", | 806 | // "statistics":"UeRq75RZHzDC7elzrh/+OB5d", |
647 | // "version":"0.3", | 807 | // "version":"0.3", |
648 | // "lock":"----" | 808 | // "lock":"----" |
649 | // }, | 809 | // }, |
650 | // "oneTimePasswords":["f5f44c232f239efe48ab81a6236deea1a840d52946f7d4d782dad52b4c5359ce"] | 810 | // "oneTimePasswords":["f5f44c232f239efe48ab81a6236deea1a840d52946f7d4d782dad52b4c5359ce"] |
651 | //} | 811 | //} |
652 | //} | 812 | //} |
653 | 813 | ||
654 | $user = new user(); | 814 | $user = new user(); |
655 | $user = $user->Get($_SESSION["userId"]); | 815 | $user = $user->Get($_SESSION["userId"]); |
656 | 816 | ||
657 | $validOtpReferences = $parameters["parameters"]["oneTimePasswords"]; | 817 | $validOtpReferences = $parameters["parameters"]["oneTimePasswords"]; |
658 | 818 | ||
659 | $otpList = $user->GetOnetimepasswordList(); | 819 | $otpList = $user->GetOnetimepasswordList(); |
660 | $c = count($otpList); | 820 | $c = count($otpList); |
661 | for ($i=0; $i<$c; $i++) { | 821 | for ($i=0; $i<$c; $i++) { |
662 | $currentOtp = $otpList[$i]; | 822 | $currentOtp = $otpList[$i]; |
663 | if (arrayContainsValue($validOtpReferences, $currentOtp->reference) == false) { | 823 | if (arrayContainsValue($validOtpReferences, $currentOtp->reference) == false) { |
664 | $currentOtp->Delete(); | 824 | $currentOtp->Delete(); |
665 | } | 825 | } |
666 | } | 826 | } |
667 | 827 | ||
668 | updateUserData($parameters["parameters"]["user"], $user); | 828 | updateUserData($parameters["parameters"]["user"], $user); |
669 | $user->Save(); | 829 | $user->Save(); |
670 | 830 | ||
671 | $result["result"] = $user->lock; | 831 | $result["result"] = $user->lock; |
672 | 832 | ||
673 | //============================================================= | 833 | //============================================================= |
674 | } else if ($message == "getOneTimePasswordsDetails") { | 834 | } else if ($message == "getOneTimePasswordsDetails") { |
675 | 835 | ||
676 | //============================================================= | 836 | //============================================================= |
677 | } else if ($message == "getLoginHistory") { | 837 | } else if ($message == "getLoginHistory") { |
678 | $result["result"] = array(); | 838 | $result["result"] = array(); |
679 | 839 | ||
680 | //============================================================= | 840 | //============================================================= |
681 | } else if ($message == "upgradeUserCredentials") { | 841 | } else if ($message == "upgradeUserCredentials") { |
682 | //{ | 842 | //{ |
683 | //"message":"upgradeUserCredentials", | 843 | //"message":"upgradeUserCredentials", |
684 | //"srpSharedSecret":"f1c25322e1478c8fb26063e9eef2f6fc25e0460065a31cb718f80bcff8f8a735", | 844 | //"srpSharedSecret":"f1c25322e1478c8fb26063e9eef2f6fc25e0460065a31cb718f80bcff8f8a735", |
685 | //"parameters":{ | 845 | //"parameters":{ |
686 | // "user":{ | 846 | // "user":{ |
687 | // "header":"{\"reco...sion\":\"0.1\"}", | 847 | // "header":"{\"reco...sion\":\"0.1\"}", |
688 | // "statistics":"s72Xva+w7CLgH+ihwqwXUbyu", | 848 | // "statistics":"s72Xva+w7CLgH+ihwqwXUbyu", |
689 | // "version":"0.3", | 849 | // "version":"0.3", |
690 | // "lock":"----" | 850 | // "lock":"----" |
691 | // }, | 851 | // }, |
692 | // "credentials":{ | 852 | // "credentials":{ |
693 | // "C":"57d15a8afbc1ae08103bd991d387ddfd8d26824276476fe709d754f098b6c26d", | 853 | // "C":"57d15a8afbc1ae08103bd991d387ddfd8d26824276476fe709d754f098b6c26d", |
694 | // "s":"d6735fc0486f391c4f3c947928f9e61a2418e7bed2bc9b25bb43f93acc52f636", | 854 | // "s":"d6735fc0486f391c4f3c947928f9e61a2418e7bed2bc9b25bb43f93acc52f636", |
695 | // "v":"540c2ebbf941a481b6b2c9026c07fb46e8202e4408ed96864a696deb622baece", | 855 | // "v":"540c2ebbf941a481b6b2c9026c07fb46e8202e4408ed96864a696deb622baece", |
696 | // "version":"0.2" | 856 | // "version":"0.2" |
697 | // }, | 857 | // }, |
698 | // "oneTimePasswords":{ | 858 | // "oneTimePasswords":{ |
699 | // "923cdc61c4b877b263236124c44d69b459d240453a461cce8ddf7518b423ca94": "1HD6Ta0xsifEDhDwE....9WDK6tvrS6w==", | 859 | // "923cdc61c4b877b263236124c44d69b459d240453a461cce8ddf7518b423ca94": "1HD6Ta0xsifEDhDwE....9WDK6tvrS6w==", |
700 | // "fb1573cb9497652a81688a099a524fb116e604c6fbc191cf33406eb8438efa5f": "CocN0cSxLmMRdgNF9....o3xhGUEY68Q==" | 860 | // "fb1573cb9497652a81688a099a524fb116e604c6fbc191cf33406eb8438efa5f": "CocN0cSxLmMRdgNF9....o3xhGUEY68Q==" |
701 | // } | 861 | // } |
702 | //} | 862 | //} |
703 | //} | 863 | //} |
704 | 864 | ||
705 | $user = new user(); | 865 | $user = new user(); |
706 | $user->Get($_SESSION["userId"]); | 866 | $user->Get($_SESSION["userId"]); |
707 | 867 | ||
708 | $otp = new onetimepassword(); | 868 | $otp = new onetimepassword(); |
709 | 869 | ||
710 | updateUserCredentials($parameters["parameters"]["credentials"], $user); | 870 | updateUserCredentials($parameters["parameters"]["credentials"], $user); |
711 | updateUserData($parameters["parameters"]["user"], $user); | 871 | updateUserData($parameters["parameters"]["user"], $user); |
712 | 872 | ||
713 | $otpList = $parameters["parameters"]["oneTimePasswords"]; | 873 | $otpList = $parameters["parameters"]["oneTimePasswords"]; |
714 | foreach($otpList as $otpReference=>$otpData) { | 874 | foreach($otpList as $otpReference=>$otpData) { |
715 | $otpList = $otp->GetList(array(array("reference", "=", $otpReference))); | 875 | $otpList = $otp->GetList(array(array("reference", "=", $otpReference))); |
716 | $currentOtp = $otpList[0]; | 876 | $currentOtp = $otpList[0]; |
717 | $currentOtp->data = $otpData; | 877 | $currentOtp->data = $otpData; |
718 | $currentOtp->Save(); | 878 | $currentOtp->Save(); |
719 | } | 879 | } |
720 | 880 | ||
721 | $user->Save(); | 881 | $user->Save(); |
722 | 882 | ||
723 | $result["lock"] = $user->lock; | 883 | $result["lock"] = $user->lock; |
724 | $result["result"] = "done"; | 884 | $result["result"] = "done"; |
725 | 885 | ||
726 | //============================================================= | 886 | //============================================================= |
727 | } else if ($message == "echo") { | 887 | } else if ($message == "echo") { |
728 | $result["result"] = $parameters; | 888 | $result["result"] = $parameters; |
729 | } | 889 | } |
730 | 890 | ||
731 | //============================================================= | 891 | //============================================================= |
732 | } else if (isset($_SESSION['K'])) { | 892 | } else if (isset($_SESSION['K'])) { |
733 | $result["error"] = "Wrong shared secret!"; | 893 | $result["error"] = "Wrong shared secret!"; |
734 | } else { | 894 | } else { |
735 | $result["result"] = "EXCEPTION"; | 895 | $result["result"] = "EXCEPTION"; |
736 | $result["message"] = "Trying to communicate without an active connection"; | 896 | $result["message"] = "Trying to communicate without an active connection"; |
737 | } | 897 | } |
738 | break; | 898 | break; |
739 | 899 | ||
740 | case "logout": | 900 | case "logout": |
741 | error_log("logout"); | 901 | error_log("logout"); |
742 | session_destroy(); | 902 | session_destroy(); |
743 | break; | 903 | break; |
744 | 904 | ||
745 | default: | 905 | default: |
746 | error_log("default"); | 906 | error_log("default"); |
747 | $result["result"] = $parameters; | 907 | $result["result"] = $parameters; |
748 | break; | 908 | break; |
749 | } | 909 | } |
750 | 910 | ||
751 | session_write_close(); | 911 | session_write_close(); |
912 | |||
913 | $finalResult = Array(); | ||
914 | $finalResult["result"] = $result; | ||
752 | 915 | ||
753 | echo(json_encode($result)); | 916 | echo(json_encode($finalResult)); |
754 | error_log("result: ".json_encode($result)); | 917 | error_log("result: ".json_encode($finalResult)); |
755 | ?> | 918 | ?> |