From: Roland Haeder Date: Sat, 4 Apr 2015 02:51:37 +0000 (+0200) Subject: Also already accepted/rejected/never started authorizations for registration should... X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=6d9a86d30124a824f1dba5487b0981fc6c96991d;p=mailer.git Also already accepted/rejected/never started authorizations for registration should work ... :-) Signed-off-by: Roland Häder --- diff --git a/inc/extensions/ext-wernis.php b/inc/extensions/ext-wernis.php index 0ec3db97ff..53d370471c 100644 --- a/inc/extensions/ext-wernis.php +++ b/inc/extensions/ext-wernis.php @@ -41,10 +41,10 @@ if (!defined('__SECURITY')) { } // END - if // Version of this extension -setThisExtensionVersion('0.1.0'); +setThisExtensionVersion('0.1.1'); // Version history array (add more with , '0.0.1' and so on) -setExtensionVersionHistory(array('0.0.0', '0.0.1', '0.0.2', '0.0.3', '0.0.4', '0.0.5', '0.0.6', '0.0.7', '0.0.8', '0.0.9', '0.1.0')); +setExtensionVersionHistory(array('0.0.0', '0.0.1', '0.0.2', '0.0.3', '0.0.4', '0.0.5', '0.0.6', '0.0.7', '0.0.8', '0.0.9', '0.1.0', '0.1.1')); switch (getExtensionMode()) { case 'setup': // Do stuff when installation is running diff --git a/inc/extensions/wernis/mode-update.php b/inc/extensions/wernis/mode-update.php index 226efc39af..1271ae0ea2 100644 --- a/inc/extensions/wernis/mode-update.php +++ b/inc/extensions/wernis/mode-update.php @@ -147,6 +147,13 @@ INDEX (`wernis_userid`)", setExtensionUpdateNotes("Daten für verschlüsselte Übertragungen hinzugefügt."); break; + case '0.1.1': // SQL queries for v0.1.1 + addExtensionAddTableColumnSql('wernis_regs', 'api_challenge_response', "VARCHAR(255) NOT NULL DEFAULT 'INVALID'"); + + // Update notes (these will be set as task text!) + setExtensionUpdateNotes("Challange-Reponse muss auch gespeichert werden, da sonst eine erneute API-Anfrage nötig wäre, das ist aber überflüssig, da bei einer Annahme, bereits ACCEPTED zurückkommt."); + break; + } // END - switch // [EOF] diff --git a/inc/language/wernis_de.php b/inc/language/wernis_de.php index 474609e5ab..c1be39d073 100644 --- a/inc/language/wernis_de.php +++ b/inc/language/wernis_de.php @@ -42,14 +42,22 @@ if (!defined('__SECURITY')) { // Language definitions addMessages(array( - 'WERNIS_STATUS_UNKNWOWN' => "Wernis-Typ %s unbekannt.", - 'WERNIS_STATUS_WITHDRAW' => "Einzahlung von WDS66", - 'WERNIS_STATUS_PAYOUT' => "Auszahlung an WDS66", - 'WERNIS_STATUS_FAILED' => "Fehlgeschlagen", 'WERNIS_TIMESTAMP' => "Buchungszeitmarke", 'WERNIS_ACCOUNT' => "WDS66-Hauptaccount", 'WERNIS_TOTAL_WERNIS' => "Gesamt überwiesen", + // Transfer status + 'WERNIS_TRANSFER_STATUS_UNKNWOWN' => "Wernis-Typ %s unbekannt.", + 'WERNIS_TRANSFER_STATUS_WITHDRAW' => "Einzahlung von WDS66", + 'WERNIS_TRANSFER_STATUS_PAYOUT' => "Auszahlung an WDS66", + 'WERNIS_TRANSFER_STATUS_FAILED' => "Fehlgeschlagen", + + // Auth status + 'WERNIS_AUTH_STATUS_UNKNOWN' => "Unbekannt", + 'WERNIS_AUTH_STATUS_ACCEPTED' => "Angenommen", + 'WERNIS_AUTH_STATUS_REJECTED' => "Abgelehnt", + 'WERNIS_AUTH_STATUS_PENDING' => "Wartend", + // Admin messages 'ADMIN_CONFIG_WERNIS_TITLE' => "Einstellungen zum WDS66-Hauptaccount:", 'ADMIN_CONFIG_WERNIS_MIN_PAYOUT' => "Minimumguthaben für Auszahlungen.", @@ -101,6 +109,10 @@ addMessages(array( 'WERNIS_API_REQUEST_FAILED_AMOUNT' => "Konto weist nicht genügend Deckung auf.", 'WERNIS_API_REQUEST_FAILED_API_AMOUNT' => "API-Konto weist nicht genügend Deckung auf.", 'WERNIS_API_REQUEST_FAILED_GENERIC' => "API-Abfrage fehlgeschlagen oder Auswertung der Antwort fehlgeschlagen.", + 'WERNIS_API_REQUEST_FAILED_AUTH_STATUS' => "API-Authorisierung hat unerwarteten Status {OPEN_TEMPLATE}pipe,translateWernisAuthStatu=%s{CLOSE_TEMPLATE}.", + 'WERNIS_API_REQUEST_FAILED_AUTH_STATUS_ACCEPTED' => "Bei der API-Authorisierung ist ein Fehler unterlaufen, da {--WERNIS_AUTH_STATUS_ACCEPTED--} als Fehler gemeldet wurde.", + 'WERNIS_API_REQUEST_FAILED_AUTH_STATUS_REJECTED' => "Sie hatten dem Datentransfer zu diesem {?MT_WORD?} nicht zugestimmt.", + 'WERNIS_API_REQUEST_FAILED_AUTH_STATUS_UNKNOWN' => "Sie haben noch keine Authorisierung durchgeführt und haben vermutlich einen alten Link benutzt.", 'WERNIS_API_PURPOSE_WITHDRAW' => "Einzahlung auf {?MAIN_TITLE?} ({?URL?}), id: %s", 'WERNIS_API_PURPOSE_PAYOUT' => "Auszahlung von {?MAIN_TITLE?} ({?URL?}), id: %s", @@ -160,6 +172,7 @@ addMessages(array( 'GUEST_WERNIS_REGISTRATION_PASSWORD_NOT_SET' => "Bitte geben Sie Ihr Wernis-Passwort ein. Tipp: Dies ist nicht Ihr Account-Passwort.", 'GUEST_WERNIS_REGISTRATION_INVALID_CHALLENGE_RESPONSE' => "Es ist beim Anmeldeversuch ein Fehler unterlaufen: Falsche Challenge-Response", 'GUEST_WERNIS_REGISTRATION_ZERO_ROWS_FOUND' => "Es konnte keine Anmeldedaten von der WDS66-API gefunden werden. Haben Sie auch den richtigen Link aufgerufen?", + 'GUEST_WERNIS_REGISTRATION_AUTH_REJECTED' => "Die Anmeldung mit WDS66 kann nicht abgeschlossen werden, da Sie den Datenzugriff verweigert haben.", 'GUEST_REGISTER_WERNIS_PROVIDER_TITLE' => "Anmeldung mit WDS66 am {?mt_word?} {?MAIN_TITLE?}:", // Points accounts - subject diff --git a/inc/libs/wernis_functions.php b/inc/libs/wernis_functions.php index 41a0b09a27..e01bcb9c31 100644 --- a/inc/libs/wernis_functions.php +++ b/inc/libs/wernis_functions.php @@ -152,8 +152,21 @@ function sendWernisApiRequest ($scriptName, $requestData = array()) { // We use only the first two entries (which shall be fine) if ($data[0] === 'error') { - // The request has failed... :( - switch ($data[1]) { + // The request has failed... + $status = $data[1]; + $extraData = ''; + + // Explode status code + $exploded = explode(':', $status); + + // More extra data found? + if (count($exploded) > 1) { + // Then set all + $status = $exploded[0]; + $extraData = $exploded[1]; + } // END - if + + switch ($status) { case '404': // Invalid API id case 'AUTH': // Authorization has failed $return = array( @@ -192,6 +205,39 @@ function sendWernisApiRequest ($scriptName, $requestData = array()) { ); break; + case 'AUTH-STATUS': // Unexpected auth status + // Switch on extra data + switch ($extraData) { + case 'ACCEPTED': + $return = array( + 'status' => 'api_auth_status_accepted', + 'message' => '{--WERNIS_API_REQUEST_FAILED_AUTH_STATUS_ACCEPTED--}' + ); + break; + + case 'REJECTED': + $return = array( + 'status' => 'api_auth_status_rejected', + 'message' => '{--WERNIS_API_REQUEST_FAILED_AUTH_STATUS_REJECTED--}' + ); + break; + + case 'UNKNOWN': + $return = array( + 'status' => 'api_auth_status_unknown', + 'message' => '{--WERNIS_API_REQUEST_FAILED_AUTH_STATUS_UNKNOWN--}' + ); + break; + + default: // Unknown + $return = array( + 'status' => 'api_auth_status_failed', + 'message' => getMaskedMessage('WERNIS_API_REQUEST_FAILED_AUTH_STATUS', $extraData) + ); + break; + } // END - switch + break; + default: // Unknown error (maybe new?) logDebugMessage(__FUNCTION__, __LINE__, sprintf('Unknown error %s from WDS66 API received.', $data[1])); $return = array( @@ -199,7 +245,7 @@ function sendWernisApiRequest ($scriptName, $requestData = array()) { 'message' => '{%message,WERNIS_API_REQUEST_FAILED=' . $data[1] . '%}' ); break; - } + } // END - switch } else { // All fine, then analyze API response $return = convertApiResponseToArray($responseLine, '&', '='); @@ -414,13 +460,18 @@ function executeWernisApiGet ($authData, $subRequest, $fields) { return $return; } +// Translate auth status +function translateWernisAuthStatu ($status) { + return '{%message,WERNIS_AUTH_STATUS_' . strtoupper($status) . '%}'; +} + // Translate the status IN/OUT function translateWernisTransferStatus ($status) { // Default status is unknown - $return = '{%message,WERNIS_STATUS_UNKNWOWN=' . $status . '%}'; + $return = '{%message,WERNIS_TRANSFER_STATUS_UNKNWOWN=' . $status . '%}'; // Construct message id - $messageId = 'WERNIS_STATUS_' . $status; + $messageId = 'WERNIS_TRANSFER_STATUS_' . $status; // Is it there? if (isMessageIdValid($messageId)) { @@ -581,7 +632,7 @@ function doWernisFinishUserRegistration ($challenge, $challengeResponse, $status // Is the status 1? (= all fine with API call) if ($status == '1') { // Get mapped data based on challenge - $return = getWernisMappedDataFromApiByChallenge($challenge, $status); + $return = getWernisMappedDataFromApiByChallenge($challenge, $challengeResponse, $status); // Is the array filled? //* DEBUG-DIE */ die(__METHOD__ . ':return=
' . print_r($return, TRUE) . '
- EXIT!'); @@ -606,13 +657,13 @@ function doWernisFinishUserRegistration ($challenge, $challengeResponse, $status return FALSE; } } else { - // Status does not need to be changed - die(__FUNCTION__ . ':' . __LINE__ . ': Reached!'); + // Not accepted + displayMessage('{--GUEST_WERNIS_REGISTRATION_AUTH_REJECTED--}'); } } // "Getter" for mapped data by calling the API and given challenge and status -function getWernisMappedDataFromApiByChallenge ($challenge, $status) { +function getWernisMappedDataFromApiByChallenge ($challenge, $challengeResponse, $status) { // Get stored registration data $rows = getWernisRegistrationDataByKey('api_redirect_challenge', $challenge); @@ -642,6 +693,7 @@ function getWernisMappedDataFromApiByChallenge ($challenge, $status) { * will always run. */ updateWernisRegistrationDataByKey('api_auth_status', 'api_redirect_challenge', $challenge, 'ACCEPTED'); + updateWernisRegistrationDataByKey('api_challenge_response', 'api_redirect_challenge', $challenge, $challengeResponse); } // END - if // Now call "get.php" @@ -747,6 +799,7 @@ function getWernisRegistrationDataByKey ($key, $value, $limit = 1) { `api_auth_status`, `api_auth_key`, `api_redirect_challenge`, + `api_challenge_response`, UNIX_TIMESTAMP(`record_inserted`) AS `record_inserted` FROM `{?_MYSQL_PREFIX?}_wernis_regs` @@ -881,7 +934,32 @@ function doWernisAuthAccepted ($args) { // auth_key and wernis_userid must be set assert(isset($args['auth_key'])); assert(isset($args['wernis_userid'])); - die(__FUNCTION__ . ':' . __LINE__ . '
' . print_r($args, TRUE) . '
'); + + // Get registration data by auth_key + $rows = getWernisRegistrationDataByKey('api_auth_key', $args['auth_key']); + + // The userid should be same + assert(isset($rows[0]['wernis_userid'])); + assert($rows[0]['wernis_userid'] === $args['wernis_userid']); + + // Check both challenge + response + assert(isset($rows[0]['api_redirect_challenge'])); + assert(isset($rows[0]['api_challenge_response'])); + + // Both are fine, so get the data + $return = doWernisFinishUserRegistration($rows[0]['api_redirect_challenge'], $rows[0]['api_challenge_response'], '1'); + + // All fine? + if ($return === FALSE) { + // @TODO Should not happen??? + reportBug(__FUNCTION__, __LINE__, 'args=
' . print_r($args, TRUE) . '
rows=
' . print_r($rows, TRUE) . '
- Failed!'); + } // END - if + + // Generate URL + $url = basename(detectRequestUri()) . '&challenge=' . $rows[0]['api_redirect_challenge'] . '&__challenge_response=' . $rows[0]['api_challenge_response'] . '&status=1'; + + // Redirect to URL + redirectToUrl($url); } //------------------------------------------------------------------------------