X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Flibs%2Fwernis_functions.php;h=c9fe0da434ea4cb7b4f0fdbc3ddd449d02338e20;hb=refs%2Fheads%2F0.2.1-FINAL;hp=6135f5921ec588926dfe4860f575b07bfd1c1ef9;hpb=cd7d344ea7007cfa20413acd3e03e50f0ab86d86;p=mailer.git diff --git a/inc/libs/wernis_functions.php b/inc/libs/wernis_functions.php index 6135f5921e..c9fe0da434 100644 --- a/inc/libs/wernis_functions.php +++ b/inc/libs/wernis_functions.php @@ -16,7 +16,7 @@ * $Author:: $ * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2009 by Roland Haeder * - * Copyright (c) 2009 - 2013 by Mailer Developer Team * + * Copyright (c) 2009 - 2016 by Mailer Developer Team * * For more information visit: http://mxchange.org * * * * This program is free software; you can redistribute it and/or modify * @@ -41,13 +41,13 @@ if (!defined('__SECURITY')) { } // END - if // Sets a status message and code -function WERNIS_STATUS_MESSAGE ($message, $status) { +function setWernisStatusMessage ($message, $status) { $GLOBALS['wernis_data']['message'] = $message; $GLOBALS['wernis_data']['status'] = $status; } // Get the status message -function GET_WERNIS_ERROR_MESSAGE () { +function getWernisErrorMessage () { if (isset($GLOBALS['wernis_data']['message'])) { // Use raw message return $GLOBALS['wernis_data']['message']; @@ -61,7 +61,7 @@ function GET_WERNIS_ERROR_MESSAGE () { } // Get the status code -function GET_WERNIS_ERROR_CODE () { +function getWernisErrorCode () { if (isset($GLOBALS['wernis_data']['status'])) { // Use raw message return $GLOBALS['wernis_data']['status']; @@ -72,7 +72,10 @@ function GET_WERNIS_ERROR_CODE () { } // Sends out a request to the API and returns it's result -function WERNIS_SEND_REQUEST ($scriptName, $requestData = array()) { +function sendWernisApiRequest ($scriptName, $requestData = []) { + // Debug call + //* DEBUG */ reportBug(__FUNCTION__, __LINE__, 'scriptName=' . $scriptName . ',requestData=
' . print_r($requestData, TRUE) . '
'); + // Is the requestData an array? if (!is_array($requestData)) { // Then abort here! @@ -96,7 +99,7 @@ function WERNIS_SEND_REQUEST ($scriptName, $requestData = array()) { $requestData['api_key'] = getWernisApiMd5(); // Is a purpose there? - if (isset($requestData['purpose'])) { + if (!empty($requestData['purpose'])) { // Eval the purpose eval('$purpose = "' . doFinalCompilation($requestData['purpose'], FALSE) . '";'); @@ -110,6 +113,15 @@ function WERNIS_SEND_REQUEST ($scriptName, $requestData = array()) { // Get the raw response from the lower function $response = sendHttpPostRequest($requestString, $requestData); + // Debug message + //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, sprintf('isDeveloperSystem()=%d', intval(isDeveloperSystem()))); + + // Log response only for development + if (isDeveloperSystem()) { + // Log whole message + logDebugMessage(__FUNCTION__, __LINE__, sprintf('response[%s]=%s', gettype($response), print_r($response, TRUE))); + } // END - if + // Check the response header if all is fine if (!isHttpStatusOkay($response[0])) { // Something bad happend... :( @@ -145,12 +157,25 @@ function WERNIS_SEND_REQUEST ($scriptName, $requestData = array()) { $data = explode('=', $responseLine); // Default return array (should not stay empty) - $return = array(); + $return = []; // We use only the first two entries (which shall be fine) if ($data[0] === 'error') { - // The request has failed... :( - switch ($data[1]) { + // The request has failed... + $status = $data[1]; + $extraData = ''; + + // Explode status code + $exploded = explode(':', $status); + + // More extra data found? + if (count($exploded) > 1) { + // Then set all + $status = $exploded[0]; + $extraData = $exploded[1]; + } // END - if + + switch ($status) { case '404': // Invalid API id case 'AUTH': // Authorization has failed $return = array( @@ -189,41 +214,129 @@ function WERNIS_SEND_REQUEST ($scriptName, $requestData = array()) { ); break; + case 'AUTH-STATUS': // Unexpected auth status + // Switch on extra data + switch ($extraData) { + case 'ACCEPTED': + $return = array( + 'status' => 'api_auth_status_accepted', + 'message' => '{--WERNIS_API_REQUEST_FAILED_AUTH_STATUS_ACCEPTED--}' + ); + break; + + case 'REJECTED': + $return = array( + 'status' => 'api_auth_status_rejected', + 'message' => '{--WERNIS_API_REQUEST_FAILED_AUTH_STATUS_REJECTED--}' + ); + break; + + case 'UNKNOWN': + $return = array( + 'status' => 'api_auth_status_unknown', + 'message' => '{--WERNIS_API_REQUEST_FAILED_AUTH_STATUS_UNKNOWN--}' + ); + break; + + default: // Unknown + $return = array( + 'status' => 'api_auth_status_failed', + 'message' => getMaskedMessage('WERNIS_API_REQUEST_FAILED_AUTH_STATUS', $extraData) + ); + break; + } // END - switch + break; + default: // Unknown error (maybe new?) - logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unknown error %s from WDS66 API received.", $data[1])); + logDebugMessage(__FUNCTION__, __LINE__, sprintf('Unknown error %s from WDS66 API received.', $data[1])); $return = array( 'status' => 'request_failed', 'message' => '{%message,WERNIS_API_REQUEST_FAILED=' . $data[1] . '%}' ); break; - } + } // END - switch } else { - // All fine here - $return = array( - 'status' => 'OK', - 'response' => $responseLine - ); + // All fine, then analyze API response + $return = convertApiResponseToArray($responseLine, '&', '='); + + // Nothing is fine now + $return['status'] = 'generic_failed'; + $return['message'] = '--WERNIS_API_REQUEST_FAILED_GENERIC--}'; + + // Are 'encrypted', 'key' and 'iv' set? + //* DEBUG-DIE */ die(__FUNCTION__ . ':return=
' . print_r($return, TRUE) . '
'); + if ((isset($return['encrypted'])) && (isset($return['key'])) && (isset($return['iv']))) { + // Fully decode it (URL-encoded BASE64) + $decoded = decodeString($return['encrypted']); + $iv = decodeString($return['iv']); + + // Generate decryption key + $decryptionKey = generateWernisDecryptionKey($return['key']); + + // Decrypt string + $decrypted = decrytStringByCipher($decoded, getWernisEncryptionAlgorithm(), getWernisEncryptionMode(), $decryptionKey, $iv); + //* DEBUG-DIE */ die('key="' . $return['key'] . '"
decryptionKey="' . $decryptionKey . '"
decoded="' . $decoded . '"
decrypted="' . $decrypted . '"'); + + // First char must be an & + assert(substr($decrypted, 0, 1) == '&'); + + // Now the string needs to be turned into an array, first explode all & + $elements = explode('&', $decrypted); + + // And remove first element + array_shift($elements); + //* DEBUG-DIE */ die('elements=
' . print_r($elements, TRUE) . '
'); + + // Now "walk" all ements + foreach ($elements as $idx => $element) { + // Explode element + $keyValue = explode('=', $element); + + // Make sure it is valid + assert(count($keyValue) == 2); + + // Now handle all over + $return[$keyValue[0]] = $keyValue[1]; + } // END - foreach + + // Remove encryption stuff + unset($return['encrypted'], $return['key'], $return['iv']); + } // END - if + + // All fine ... + $return['status'] = 'OK'; + $return['message'] = NULL; } // Return the result + //* DEBUG-DIE */ die(__FUNCTION__ . ':return=
' . print_r($return, TRUE) . '
'); return $return; } // Tests the function by calling balance.php on the API -function WERNIS_TEST_API () { +function doAdminTestWernisApi () { + // Only as admin + assert(isAdmin()); + // Result is always failed $result = FALSE; + // Prepare the request data + $requestData = array( + 't_uid' => getWernisRefid(), + 't_md5' => getWernisPassMd5() + ); + // Return the result from the lower functions - $return = WERNIS_SEND_REQUEST('balance.php'); + $return = sendWernisApiRequest('balance.php', $requestData); // Did it went smoothly? - if ($return['status'] == 'OK') { + if (isHttpResponseStatusOkay($return)) { // All fine! $result = TRUE; } else { // Status failure text - WERNIS_STATUS_MESSAGE($return['message'], $return['status']); + setWernisStatusMessage($return['message'], $return['status']); } // Return result @@ -231,7 +344,7 @@ function WERNIS_TEST_API () { } // Widthdraw this amount -function WERNIS_EXECUTE_WITHDRAW ($wdsId, $userMd5, $amount) { +function executeWernisApiWithdraw ($wdsId, $userMd5, $amount) { // Is the sponsor extension installed? if (!isWernisWithdrawActive()) { if (!isExtensionActive('sponsor')) { @@ -257,29 +370,29 @@ function WERNIS_EXECUTE_WITHDRAW ($wdsId, $userMd5, $amount) { ); // Return the result from the lower functions - $return = WERNIS_SEND_REQUEST('book.php', $requestData); + $return = sendWernisApiRequest('book.php', $requestData); - if ($return['status'] == 'OK') { + // Did it went smoothly? + if (isHttpResponseStatusOkay($return)) { // All fine! $result = TRUE; // Log the transfer - WERNIS_LOG_TRANSFER($wdsId, $amount, 'WITHDRAW'); + logWernisTransfer($wdsId, $amount, 'WITHDRAW'); } else { // Status failure text - WERNIS_STATUS_MESSAGE($return['message'], $return['status']); + setWernisStatusMessage($return['message'], $return['status']); // Log the transfer - WERNIS_LOG_TRANSFER($wdsId, $amount, 'FAILED', $return['message'], $return['status']); + logWernisTransfer($wdsId, $amount, 'FAILED', $return['message'], $return['status']); } // Return result return $result; } - // Payout this amount -function WERNIS_EXECUTE_PAYOUT ($wdsId, $amount) { +function executeWernisApiPayout ($wdsId, $amount) { // Default is failed attempt $result = FALSE; @@ -294,33 +407,80 @@ function WERNIS_EXECUTE_PAYOUT ($wdsId, $amount) { ); // Return the result from the lower functions - $return = WERNIS_SEND_REQUEST('book.php', $requestData); + $return = sendWernisApiRequest('book.php', $requestData); - if ($return['status'] == 'OK') { + if (isHttpResponseStatusOkay($return)) { // All fine! $result = TRUE; // Log the transfer - WERNIS_LOG_TRANSFER($wdsId, $amount, 'PAYOUT'); + logWernisTransfer($wdsId, $amount, 'PAYOUT'); } else { // Status failure text - WERNIS_STATUS_MESSAGE($return['message'], $return['status']); + setWernisStatusMessage($return['message'], $return['status']); // Log the transfer - WERNIS_LOG_TRANSFER($wdsId, $amount, 'FAILED', $return['message'], $return['status']); + logWernisTransfer($wdsId, $amount, 'FAILED', $return['message'], $return['status']); } // Return result return $result; } +// Execute auth.php request +function executeWernisApiAuth ($wernisId, $wernisPassword) { + // Prepare request data + $requestData = array( + 't_uid' => bigintval($wernisId), + 't_md5' => hashSha256($wernisPassword), + ); + + // Call auth.php + $return = sendWernisApiRequest('auth.php', $requestData); + + // Return full array + return $return; +} + +// Execute get.php reguest with given auth data (not all are used) +function executeWernisApiGet ($authData, $subRequest, $fields) { + // It must be an array + assert(is_array($authData)); + + // Check required array elements + assert(isset($authData['wernis_userid'])); + assert(isset($authData['api_auth_key'])); + assert(isset($authData['api_redirect_challenge'])); + + // Then create request array + $requestData = array( + 'sub_request' => $subRequest, + 'fields' => $fields, + 't_uid' => bigintval($authData['wernis_userid']), + 't_md5' => getWernisPassMd5(), + 'auth_key' => $authData['api_auth_key'], + 'challenge' => $authData['api_redirect_challenge'] + ); + + // Call get.php + $return = sendWernisApiRequest('get.php', $requestData); + + // Return full array + return $return; +} + +// Translate auth status +function translateWernisAuthStatu ($status) { + return '{%message,WERNIS_AUTH_STATUS_' . strtoupper($status) . '%}'; +} + // Translate the status IN/OUT function translateWernisTransferStatus ($status) { // Default status is unknown - $return = '{%message,WERNIS_STATUS_UNKNWOWN=' . $status . '%}'; + $return = '{%message,WERNIS_TRANSFER_STATUS_UNKNWOWN=' . $status . '%}'; // Construct message id - $messageId = 'WERNIS_STATUS_' . $status; + $messageId = 'WERNIS_TRANSFER_STATUS_' . $status; // Is it there? if (isMessageIdValid($messageId)) { @@ -333,9 +493,9 @@ function translateWernisTransferStatus ($status) { } // Log the transfer -function WERNIS_LOG_TRANSFER ($wdsId, $amount, $type = 'FAILED', $message = '', $status = '') { +function logWernisTransfer ($wdsId, $amount, $type = 'FAILED', $message = '', $status = '') { // Register this wernis movement - SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_wernis` (`userid`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type`, `wernis_api_message`, `wernis_api_status`) VALUES (%s, %s, %s, UNIX_TIMESTAMP(), '%s', '%s', '%s')", + sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_user_wernis` (`userid`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type`, `wernis_api_message`, `wernis_api_status`) VALUES (%s, %s, %s, UNIX_TIMESTAMP(), '%s', '%s', '%s')", array( getMemberId(), bigintval($wdsId), @@ -346,8 +506,8 @@ function WERNIS_LOG_TRANSFER ($wdsId, $amount, $type = 'FAILED', $message = '', ), __FUNCTION__, __LINE__); } -// Take fees and factor -function WERNIS_TAKE_FEE ($points, $mode) { +// Calulcate fees and factor +function calculateWernisFee ($points, $mode) { // Payout or withdraw are allowed modes! //* DEBUG: */ debugOutput('mode=' . $mode . ',points=' . $points); if (!in_array($mode, array('payout', 'withdraw'))) { @@ -380,7 +540,8 @@ function WERNIS_TAKE_FEE ($points, $mode) { } // Add withdraw fees and factor -function WERNIS_ADD_WITHDRAW_FEE ($points) { +// @TODO Unused? +function calulcateWernisWithdrawFee ($points) { // Is there a percentage or fixed fee? if (getWernisWithdrawFeePercent() > 0) { // Percentage fee @@ -394,6 +555,504 @@ function WERNIS_ADD_WITHDRAW_FEE ($points) { return $points; } +// Displays registration form for WDS66 registration +function doDisplayWernisUserRegistrationForm () { + // Is the form sent? + if (isFormSent('register')) { + // Is wernis_id set? + if (!isPostRequestElementSet('wernis_id')) { + // Id not set + displayMessage('{--GUEST_WERNIS_REGISTRATION_ID_NOT_SET--}'); + } elseif (!isPostRequestElementSet('wernis_password')) { + // Password not set + displayMessage('{--GUEST_WERNIS_REGISTRATION_PASSWORD_NOT_SET--}'); + } else { + // So far, all fine, then let's do the call-back on auth.php ... + $args = executeWernisApiAuth(postRequestElement('wernis_id'), postRequestElement('wernis_password')); + + // Status was okay? + if (isHttpResponseStatusOkay($args)) { + // Is auth_status set? + //* DEBUG-DIE */ die('response=
' . print_r($response, TRUE) . '
,args=' . '
'.print_r($args, TRUE).'
'); + assert(isset($args['auth_status'])); + + // Add WDS66 userid + $args['wernis_userid'] = postRequestElement('wernis_id'); + + // "Detect" auth status + $callbackFunction = 'doWernisAuth' . capitalizeUnderscoreString($args['auth_status']); + + // Is the call-back there? + if (!is_callable($callbackFunction, FALSE, $callableName)) { + // Not there, could be bad. :( + reportBug(__FUNCTION__, __LINE__, 'Unsupported auth_status=' . $args['auth_status'] . ',args()=' . count($args) . ',callbackFunction=' . $callbackFunction . ' detected.'); + } // END - if + + // Then call it + $status = call_user_func($callbackFunction, $args); + + // @TODO Something more to do here? + die(__FUNCTION__ . ':' . __LINE__ . ': status[' . gettype($status) . ']=' . $status . ' - Unfinished.'); + } else { + // Something bad happened + displayMessage($args['message']); + } + } + } // END - if + + // Is there a challenge + response? + if ((isGetRequestElementSet('status')) && (isGetRequestElementSet('challenge')) && (isGetRequestElementSet('__challenge_response'))) { + // Redirect from modules.php?module=auth, so validate challenge response ... + // 1) Get first 24 characters = salt + $salt = substr(getRequestElement('__challenge_response'), 0, 24); + + // 2) Generate hash for challenge response + $challengeResponse = $salt . hashSha256($salt . getWernisApiMd5() . getRequestElement('challenge')); + + // Is the response valid? + if ($challengeResponse != getRequestElement('__challenge_response')) { + // Not valid + displayMessage('{--GUEST_WERNIS_REGISTRATION_INVALID_CHALLENGE_RESPONSE--}'); + return; + } // END - if + + /* + * Now, that the challenge-response is the same, the challenge itself + * is also the same. Next get the data from wernis_regs table by + * challenge. There is currently no other way to get the data as there + * is no Wernis user id provided. Later on the stored challenge response + * can be compared with provided. + */ + $return = doWernisFinishUserRegistration(getRequestElement('challenge'), getRequestElement('__challenge_response'), getRequestElement('status')); + + // Is the registration finished? + if ($return === FALSE) { + // No, then abort here silently as the function should have already displayed a message + return; + } // END - if + } elseif (!isFormSent('register')) { + // Form not send, so load form template + loadTemplate('guest_wernis_registration_rpc_form'); + } +} + +// Finish user registration with WDS66 API +function doWernisFinishUserRegistration ($challenge, $challengeResponse, $status) { + // Is the status 1? (= all fine with API call) + if ($status == '1') { + // Get mapped data based on challenge + $return = getWernisMappedDataFromApiByChallenge($challenge, $challengeResponse, $status); + + // Is the array filled? + //* DEBUG-DIE */ die(__METHOD__ . ':return=
' . print_r($return, TRUE) . '
- EXIT!'); + if ((isset($return['mapped_data'])) && (count($return['mapped_data']) > 0) && (empty($return['message']))) { + // Set must-fillout fields + $return['mapped_data'] = runFilterChain('register_must_fillout', $return['mapped_data']); + + // Add missing elements + $return['mapped_data']['sex'] = NULL; + $return['mapped_data']['birthday_selection'] = generateDayMonthYearSelectionBox($return['mapped_data']['birth_day'], $return['mapped_data']['birth_month'], $return['mapped_data']['birth_year']); + $return['mapped_data']['challenge'] = getRequestElement('challenge'); + $return['mapped_data']['__challenge_response'] = getRequestElement('__challenge_response'); + + // Display form + loadTemplate('guest_wernis_registration_form', FALSE, $return['mapped_data']); + + // All fine + return TRUE; + } else { + // Something unexpected happened (e.g. no API requests left) + displayMessage($return['message']); + return FALSE; + } + } else { + // Not accepted + displayMessage('{--GUEST_WERNIS_REGISTRATION_AUTH_REJECTED--}'); + } +} + +// "Getter" for mapped data by calling the API and given challenge and status +function getWernisMappedDataFromApiByChallenge ($challenge, $challengeResponse, $status) { + // Get stored registration data + $rows = getWernisRegistrationDataByKey('api_redirect_challenge', $challenge); + + // Zero result found? + if (count($rows) == 0) { + // Nothing found + displayMessage('{--GUEST_WERNIS_REGISTRATION_ZERO_ROWS_FOUND--}'); + + // Display form + loadTemplate('guest_wernis_registration_rpc_form'); + return []; + } // END - if + + // Init array + $return = array( + // Mapped data + 'mapped_data' => [], + // Any error message from API + 'message' => '' + ); + + // Has the auth status changed? + if ($rows[0]['api_auth_status'] != 'ACCEPTED') { + /* + * The authorization of this application has been accepted, so + * update it and ignore result from function because the update + * will always run. + */ + updateWernisRegistrationDataByKey('api_auth_status', 'api_redirect_challenge', $challenge, 'ACCEPTED'); + updateWernisRegistrationDataByKey('api_challenge_response', 'api_redirect_challenge', $challenge, $challengeResponse); + } // END - if + + // Now call "get.php" + $response = executeWernisApiGet($rows[0], 'data', 'vorname|name|strasse|plz|ort|birth_day|birth_month|birth_year|email|werber'); + + // Was the status okay? + //* DEBUG-DIE */ die(__FUNCTION__ . ':response=
' . print_r($response, TRUE) . '
'); + if (isHttpResponseStatusOkay($response)) { + // API returned non-errous response, 'data=' must be found + assert(isset($response['data'])); + + // And decode it (all steps separated to later "easily" debug them) + $decodedData = base64_decode(urldecode($response['data'])); + //* DEBUG-DIE */ die(__FUNCTION__ . ':decodedData=' . $decodedData); + + /* + * Do some checks on the decoded string, it should be a + * serialized array with 10 entries (see above + * executeWernisApiGet() call). + */ + assert(substr($decodedData, 0, 6) == 'a:10:{'); + assert(substr($decodedData, -1, 1) == '}'); + + // The array seems to be fine, unserialize it + $userData = unserialize($decodedData); + //* DEBUG-DIE */ die(__METHOD__ . ':userData=
' . print_r($userData, TRUE) . '
- EXIT!'); + + // All mappings WDS66->mailer + $mappings = array( + 'vorname' => 'surname', + 'name' => 'family', + 'strasse' => 'street_nr', + 'plz' => 'zip', + 'ort' => 'city', + 'email' => 'email', + 'birth_day' => 'birth_day', + 'birth_month' => 'birth_month', + 'birth_year' => 'birth_year', + 'werber' => 'wernis_refid' + ); + + // Map all WDS66 entries into mailer entries + foreach ($mappings as $from => $to) { + // All must exist + if (!isset($userData[$from])) { + // Element $from does not exist + reportBug(__FUNCTION__, __LINE__, 'Cannot map from=' . $from . ' -> to=' . $to . ': element does not exist.'); + } // END - if + + // "Map" all and make empty strings to NULL + $return['mapped_data'][$to] = convertEmptyToNull($userData[$from]); + } // END - foreach + + // Both arrays must have same size + assert(count($userData) == count($return['mapped_data'])); + + // Now add userid from WDS66 + $return['mapped_data']['wernis_userid'] = bigintval($rows[0]['wernis_userid']); + } else { + // Something bad happened so copy the message + $return['message'] = $response['message']; + } + + // Return mapped data array + //* DEBUG-DIE */ die(__METHOD__ . ':return=
' . print_r($return, TRUE) . '
- EXIT!'); + return $return; +} + +// Updates auth status by given key/value pair +function updateWernisRegistrationDataByKey ($updatedColumn, $key, $oldValue, $newValue) { + // Run the update + sqlQueryEscaped("UPDATE + `{?_MYSQL_PREFIX?}_wernis_regs` +SET + `%s` = '%s' +WHERE + `%s` = '%s' AND + `%s` != '%s' +LIMIT 1", + array( + $updatedColumn, + $newValue, + $key, + $oldValue, + $updatedColumn, + $oldValue + ), __FUNCTION__, __LINE__ + ); + + // Check if rows as been affected + return ifSqlHasZeroAffectedRows(); +} + +// "Getter" for Wernis registration data by given key and value +function getWernisRegistrationDataByKey ($key, $value, $limit = 1) { + // Init array + $rows = []; + + // Now search for it + $result = sqlQueryEscaped("SELECT + `local_userid`, + `wernis_userid`, + `api_auth_status`, + `api_auth_key`, + `api_redirect_challenge`, + `api_challenge_response`, + UNIX_TIMESTAMP(`record_inserted`) AS `record_inserted` +FROM + `{?_MYSQL_PREFIX?}_wernis_regs` +WHERE + `%s`='%s' +ORDER BY + `id` ASC +LIMIT %d", + array( + $key, + $value, + $limit + ), __FUNCTION__, __LINE__ + ); + + // Is there an entry? + if (sqlNumRows($result) > 0) { + // At least one entry has been found, so loop through all + while ($row = sqlFetchArray($result)) { + // Add it + array_push($rows, $row); + } // END - while + } // END - if + + // Free result + sqlFreeResult($result); + + // Return found entries + return $rows; +} + +// Do local user registration with data from WDS66 API +function doWernisUserRegistration () { + // Call generic registration function + $status = doGenericUserRegistration(); + + // Does this went fine? + if ($status === FALSE) { + // No, then abort here silently + return FALSE; + } // END - if + + // Make sure the user id is valid + assert(isset($GLOBALS['register_userid'])); + assert(isValidId($GLOBALS['register_userid'])); + + // Generic registration is finished, so add more data: +} + +// Generates decrption key based on private key, public key and API key +function generateWernisDecryptionKey ($publicKey) { + // Generate key from most known data + $key = hashSha256(sprintf( + '%s:%s:%s', + getWernisApiMd5(), + getWernisPrivateKey(), + $publicKey + )); + + // Return it + return $key; +} + +// Registers or updates Wernis registration data +function registerUpdateWernisRegistrationCall ($args, $challenge, $status) { + // Make sure the required array elements are there + assert(is_array($args)); + assert(isset($args['auth_key'])); + assert(isset($args['wernis_userid'])); + + // Search entry in database by auth_key + if (countSumTotalData($args['auth_key'], 'wernis_regs', 'id', 'api_auth_key', TRUE) == 0) { + // "Register" this call + sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_wernis_regs` ( + `wernis_userid`, + `api_auth_status`, + `api_auth_key`, + `api_redirect_challenge` +) VALUES ( + %s, + '%s', + '%s', + '%s' +)", + array( + bigintval($args['wernis_userid']), + $status, + $args['auth_key'], + $challenge + ), __FUNCTION__, __LINE__ + ); + } else { + // Update challenge + sqlQueryEscaped("UPDATE + `{?_MYSQL_PREFIX?}_wernis_regs` +SET + `api_redirect_challenge`='%s', + `api_auth_status`='%s' +WHERE + `api_auth_key`='%s' AND + `wernis_userid`=%s +LIMIT 1", + array( + $challenge, + $status, + $args['auth_key'], + bigintval($args['wernis_userid']) + ), __FUNCTION__, __LINE__ + ); + } + + // Return whether something has been inserted or updated + return (sqlAffectedRows() == 1); +} + +//----------------------------------------------------------------------------- +// Auth status callback functions +//----------------------------------------------------------------------------- + +// Handler for auth_status=PENDING +function doWernisAuthPending ($args) { + // $args must always be an array + assert(is_array($args)); + + // auth_key and wernis_userid must be set + assert(isset($args['auth_key'])); + assert(isset($args['wernis_userid'])); + + // Generate a challenge that will be added to the URL + $challenge = hashSha256(generatePassword(128)); + + // Register or update the record + $registered = registerUpdateWernisRegistrationCall($args, $challenge, 'PENDING'); + + // Should always register/update + assert($registered === TRUE); + + // Redirect to WDS66 module=auth ... + //* DEBUG-DIE */ die(__FUNCTION__ . ':' . __LINE__ . '
' . print_r($args, TRUE) . '
'); + redirectToUrl(getWernisBaseUrl() . '/modules.php?module=auth&auth_key=' . trim($args['auth_key']) . '&params=' . urlencode(base64_encode('&module=' . getModule() . '&what=' . getWhat())) . '&challenge=' . $challenge, FALSE, FALSE); +} + +// Handler for auth_status=ACCEPTED +function doWernisAuthAccepted ($args) { + // $args must always be an array + assert(is_array($args)); + + // auth_key and wernis_userid must be set + assert(isset($args['auth_key'])); + assert(isset($args['wernis_userid'])); + + // Get registration data by auth_key + $rows = getWernisRegistrationDataByKey('api_auth_key', $args['auth_key']); + + // Is developer system? + if (isDeveloperSystem()) { + // Log whole rows array + logDebugMessage(__FUNCTION__, __LINE__, sprintf('args[%s]=%s,rows[%s]=%s', gettype($args), print_r($args, TRUE), gettype($rows), print_r($rows, TRUE))); + } // END - if + + // Is rows empty? + if (count($rows) == 0) { + // Generate challenge + $challenge = hashSha256(generatePassword(128)); + + // Then register it ... + $registered = registerUpdateWernisRegistrationCall($args, $challenge, $args['auth_status']); + + // Should always register/update + assert($registered === TRUE); + + // ... and redirect to module=auth + redirectToUrl(getWernisBaseUrl() . '/modules.php?module=auth&auth_key=' . trim($args['auth_key']) . '&params=' . urlencode(base64_encode('&module=' . getModule() . '&what=' . getWhat())) . '&challenge=' . $challenge, FALSE, FALSE); + } // END - if + + // The userid should be same + assert(isset($rows[0]['wernis_userid'])); + assert($rows[0]['wernis_userid'] === $args['wernis_userid']); + + // Check both challenge + response + assert(isset($rows[0]['api_redirect_challenge'])); + assert(isset($rows[0]['api_challenge_response'])); + + // Both are fine, so get the data + $return = doWernisFinishUserRegistration($rows[0]['api_redirect_challenge'], $rows[0]['api_challenge_response'], '1'); + + // All fine? + if ($return === FALSE) { + // @TODO Should not happen??? + reportBug(__FUNCTION__, __LINE__, 'args=
' . print_r($args, TRUE) . '
rows=
' . print_r($rows, TRUE) . '
- Failed!'); + } // END - if + + // Generate URL + $url = basename(detectRequestUri()) . '&challenge=' . $rows[0]['api_redirect_challenge'] . '&__challenge_response=' . $rows[0]['api_challenge_response'] . '&status=1'; + + // Redirect to URL + redirectToUrl($url); +} + +//------------------------------------------------------------------------------ +// Template helper functions +//------------------------------------------------------------------------------ + +// Template helper to generate a selection box for encryption alogrithms +function doTemplateSelectWernisEncryptionAlgorithm ($templateName, $clear = FALSE, $default = NULL) { + // Get all available algorithms + $algorithms = getSupportedEncryptionAlgorithms(); + //* DEBUG-DIE */ die('algorithms=
' . print_r($algorithms, TRUE) . '
'); + + // Init array + $options = []; + + // And fill it + foreach ($algorithms as $key => $dummy) { + $options[$key] = array('algorithms' => $key); + } // END - if + + // Handle it over to generateSelectionBoxFromArray() + $content = generateSelectionBoxFromArray($options, 'wernis_encryption_algorithm', 'algorithms', '', '_wernis', '', $default, '', TRUE, FALSE); + + // Return prepared content + return $content; +} + +// Template helper to generate a selection box for encryption alogrithms +function doTemplateSelectWernisEncryptionMode ($templateName, $clear = FALSE, $default = NULL) { + // Get all available modes + $modes = getSupportedEncryptionModes(); + + // Init array + $options = []; + + // And fill it + foreach ($modes as $key => $dummy) { + $options[$key] = array('modes' => $key); + } // END - if + + // Handle it over to generateSelectionBoxFromArray() + $content = generateSelectionBoxFromArray($options, 'wernis_encryption_mode', 'modes', '', '_wernis', '', $default, '', TRUE, FALSE); + + // Return prepared content + return $content; +} + //----------------------------------------------------------------------------- // Wrapper functions //----------------------------------------------------------------------------- @@ -554,5 +1213,101 @@ function getWernisWithdrawFeeFix () { return $GLOBALS[__FUNCTION__]; } +// Wrapper function for 'wernis_payout_fee_percent' +function getWernisPayoutFeePercent () { + // Is there cache? + if (!isset($GLOBALS[__FUNCTION__])) { + // Get config entry + $GLOBALS[__FUNCTION__] = getConfig('wernis_payout_fee_percent'); + } // END - if + + // Return cache + return $GLOBALS[__FUNCTION__]; +} + +// Wrapper function for 'wernis_payout_fee_fix' +function getWernisPayoutFeeFix () { + // Is there cache? + if (!isset($GLOBALS[__FUNCTION__])) { + // Get config entry + $GLOBALS[__FUNCTION__] = getConfig('wernis_payout_fee_fix'); + } // END - if + + // Return cache + return $GLOBALS[__FUNCTION__]; +} + +// Wrapper function for 'wernis_min_payout' +function getWernisMinPayout () { + // Is there cache? + if (!isset($GLOBALS[__FUNCTION__])) { + // Get config entry + $GLOBALS[__FUNCTION__] = getConfig('wernis_min_payout'); + } // END - if + + // Return cache + return $GLOBALS[__FUNCTION__]; +} + +// Wrapper function for 'wernis_min_withdraw' +function getWernisMinWithdraw () { + // Is there cache? + if (!isset($GLOBALS[__FUNCTION__])) { + // Get config entry + $GLOBALS[__FUNCTION__] = getConfig('wernis_min_withdraw'); + } // END - if + + // Return cache + return $GLOBALS[__FUNCTION__]; +} + +// Wrapper function for 'wernis_base_url' +function getWernisBaseUrl () { + // Is there cache? + if (!isset($GLOBALS[__FUNCTION__])) { + // Get config entry + $GLOBALS[__FUNCTION__] = getConfig('wernis_base_url'); + } // END - if + + // Return cache + return $GLOBALS[__FUNCTION__]; +} + +// Wrapper function for 'wernis_encryption_algorithm' +function getWernisEncryptionAlgorithm () { + // Is there cache? + if (!isset($GLOBALS[__FUNCTION__])) { + // Get config entry + $GLOBALS[__FUNCTION__] = getConfig('wernis_encryption_algorithm'); + } // END - if + + // Return cache + return $GLOBALS[__FUNCTION__]; +} + +// Wrapper function for 'wernis_encryption_mode' +function getWernisEncryptionMode () { + // Is there cache? + if (!isset($GLOBALS[__FUNCTION__])) { + // Get config entry + $GLOBALS[__FUNCTION__] = getConfig('wernis_encryption_mode'); + } // END - if + + // Return cache + return $GLOBALS[__FUNCTION__]; +} + +// Wrapper function for 'wernis_private_key' +function getWernisPrivateKey () { + // Is there cache? + if (!isset($GLOBALS[__FUNCTION__])) { + // Get config entry + $GLOBALS[__FUNCTION__] = getConfig('wernis_private_key'); + } // END - if + + // Return cache + return $GLOBALS[__FUNCTION__]; +} + // [EOF] ?>