+// Displays registration form for WDS66 registration
+function doDisplayWernisUserRegistrationForm () {
+ // Is the form sent?
+ if (isFormSent('register')) {
+ // Is wernis_id set?
+ if (!isPostRequestElementSet('wernis_id')) {
+ // Id not set
+ displayMessage('{--GUEST_WERNIS_REGISTRATION_ID_NOT_SET--}');
+ } elseif (!isPostRequestElementSet('wernis_password')) {
+ // Password not set
+ displayMessage('{--GUEST_WERNIS_REGISTRATION_PASSWORD_NOT_SET--}');
+ } else {
+ // So far, all fine, then let's do the call-back on auth.php ...
+ $response = executeWernisAuth(postRequestElement('wernis_id'), postRequestElement('wernis_password'));
+
+ // Was the status okay?
+ if ((isset($response['status'])) && ($response['status'] == 'OK') && (!empty($response['response']))) {
+ // All fine, then analyze response
+ $args = convertApiResponseToArray($response['response'], '&', '=');
+
+ // Is status set?
+ assert(isset($args['auth_status']));
+
+ // Add WDS66 userid
+ $args['wernis_userid'] = postRequestElement('wernis_id');
+
+ // "Detect" auth status
+ $callbackFunction = 'doWernisAuth' . capitalizeUnderscoreString($args['auth_status']);
+
+ // Is the call-back there?
+ if (!is_callable($callbackFunction, FALSE, $callableName)) {
+ // Not there, could be bad. :(
+ reportBug(__FUNCTION__, __LINE__, 'Unsupported auth_status=' . $args['auth_status'] . ',args()=' . count($args) . ',callbackFunction=' . $callbackFunction . ' detected.');
+ } // END - if
+
+ // Then call it
+ $status = call_user_func($callbackFunction, $args);
+ die(__FUNCTION__ . ': status[' . gettype($status) . ']=' . $status);
+ } else {
+ // Something bad happened
+ displayMessage($response['message']);
+ }
+ }
+ } // END - if
+
+ // Is the form not sent? (E.g. missing form fields)
+ if ((isGetRequestElementSet('status')) && (isGetRequestElementSet('challenge')) && (isGetRequestElementSet('__challenge_response'))) {
+ // Redirect from modules.php?module=auth, so validate challenge response ...
+ // 1) Get first 24 characters = salt
+ $salt = substr(getRequestElement('__challenge_response'), 0, 24);
+
+ // 2) Generate hash again
+ $response = $salt . hashSha256($salt . getWernisApiMd5() . getRequestElement('challenge'));
+
+ // Is the response valid?
+ if ($response != getRequestElement('__challenge_response')) {
+ // Not valid
+ displayMessage('{--GUEST_WERNIS_REGISTRATION_INVALID_CHALLENGE_RESPONSE--}');
+ return;
+ } // END - if
+
+ /*
+ * Now, that the challenge-response is the same, the challenge itself
+ * is also the same. So get.php can be called.
+ */
+ die('!ojk');
+ } elseif (!isFormSent('register')) {
+ // Form not send, so load form template
+ loadTemplate('guest_wernis_registration_form');
+ } // END - if
+}
+
+//-----------------------------------------------------------------------------
+// Auth status callback functions
+//-----------------------------------------------------------------------------
+
+// Handler for auth_status=PENDING
+function doWernisAuthPending ($args) {
+ // auth_key must be set
+ assert(isset($args['auth_key']));
+
+ // Generate a challenge that will be added to the URL
+ $challenge = hashSha256(generatePassword(128));
+
+ // Search entry in database by auth_key
+ if (countSumTotalData($args['auth_key'], 'wernis_regs', 'id', 'api_auth_key', TRUE) == 0) {
+ // "Register" this call
+ sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_wernis_regs` (
+ `wernis_userid`,
+ `api_auth_status`,
+ `api_auth_key`,
+ `api_redirect_challenge`
+) VALUES (
+ %s,
+ 'PENDING',
+ '%s',
+ '%s'
+)",
+ array(
+ bigintval($args['wernis_userid']),
+ $args['auth_key'],
+ $challenge
+ ), __FUNCTION__, __LINE__
+ );
+
+ // Should be inserted
+ assert(sqlAffectedRows() == 1);
+ } else {
+ // Update challenge
+ sqlQueryEscaped("UPDATE
+ `{?_MYSQL_PREFIX?}_wernis_regs`
+SET
+ `api_redirect_challenge`='%s'
+WHERE
+ `api_auth_key`='%s' AND
+ `wernis_userid`=%s
+ `api_auth_status`='PENDING'
+LIMIT 1",
+ array(
+ $challenge,
+ $args['auth_key'],
+ bigintval($args['wernis_userid'])
+ ), __FUNCTION__, __LINE__
+ );
+
+ // Should always be updated
+ assert(sqlAffectedRows() == 1);
+ }
+
+ // Redirect to WDS66 module=auth ...
+ redirectToUrl(getWernisBaseUrl() . '/modules.php?module=auth&auth_key=' . $args['auth_key'] . '&params=' . urlencode(base64_encode('&module=' . getModule() . '&what=' . getWhat())) . '&challenge=' . $challenge);
+}
+