* $Author:: $ *
* -------------------------------------------------------------------- *
* Copyright (c) 2003 - 2009 by Roland Haeder *
- * Copyright (c) 2009 - 2013 by Mailer Developer Team *
+ * Copyright (c) 2009 - 2015 by Mailer Developer Team *
* For more information visit: http://mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
// Sends out a request to the API and returns it's result
function sendWernisApiRequest ($scriptName, $requestData = array()) {
+ // Debug call
+ //* DEBUG */ reportBug(__FUNCTION__, __LINE__, 'scriptName=' . $scriptName . ',requestData=<pre>' . print_r($requestData, TRUE) . '</pre>');
+
// Is the requestData an array?
if (!is_array($requestData)) {
// Then abort here!
break;
}
} else {
- // All fine here
- $return = array(
- 'status' => 'OK',
- 'response' => $responseLine
- );
+ // All fine, then analyze API response
+ $return = convertApiResponseToArray($responseLine, '&', '=');
+
+ // Nothing is fine now
+ $return['status'] = 'generic_failed';
+ $return['message'] = '--WERNIS_API_REQUEST_FAILED_GENERIC--}';
+
+ // Are 'encrypted', 'key' and 'iv' set?
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':return=<pre>' . print_r($return, TRUE) . '</pre>');
+ if ((isset($return['encrypted'])) && (isset($return['key'])) && (isset($return['iv']))) {
+ // Fully decode it (URL-encoded BASE64)
+ $decoded = decodeString($return['encrypted']);
+ $iv = decodeString($return['iv']);
+
+ // Generate decryption key
+ $decryptionKey = generateWernisDecryptionKey($return['key']);
+
+ // Decrypt string
+ $decrypted = decrytStringByCipher($decoded, getWernisEncryptionAlgorithm(), getWernisEncryptionMode(), $decryptionKey, $iv);
+ //* DEBUG-DIE */ die('key="' . $return['key'] . '"<br />decryptionKey="' . $decryptionKey . '"<br />decoded="' . $decoded . '"<br />decrypted="' . $decrypted . '"');
+
+ // First char must be an &
+ assert(substr($decrypted, 0, 1) == '&');
+
+ // Now the string needs to be turned into an array, first explode all &
+ $elements = explode('&', $decrypted);
+
+ // And remove first element
+ array_shift($elements);
+ //* DEBUG-DIE */ die('elements=<pre>' . print_r($elements, TRUE) . '</pre>');
+
+ // Now "walk" all ements
+ foreach ($elements as $idx => $element) {
+ // Explode element
+ $keyValue = explode('=', $element);
+
+ // Make sure it is valid
+ assert(count($keyValue) == 2);
+
+ // Now handle all over
+ $return[$keyValue[0]] = $keyValue[1];
+ } // END - foreach
+
+ // Remove encryption stuff
+ unset($return['encrypted'], $return['key'], $return['iv']);
+ } // END - if
+
+ // All fine ...
+ $return['status'] = 'OK';
+ $return['message'] = NULL;
}
// Return the result
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':return=<pre>' . print_r($return, TRUE) . '</pre>');
return $return;
}
// Prepare the request data
$requestData = array(
- 't_uid' => getWernisRefid(),
- 't_md5' => getWernisPassMd5()
+ 't_uid' => getWernisRefid(),
+ 't_md5' => getWernisPassMd5()
);
// Return the result from the lower functions
// Return the result from the lower functions
$return = sendWernisApiRequest('book.php', $requestData);
+ // Did it went smoothly?
if (isHttpResponseStatusOkay($return)) {
// All fine!
$result = TRUE;
'sub_request' => $subRequest,
'fields' => $fields,
't_uid' => bigintval($authData['wernis_userid']),
+ 't_md5' => getWernisPassMd5(),
'auth_key' => $authData['api_auth_key'],
'challenge' => $authData['api_redirect_challenge']
);
displayMessage('{--GUEST_WERNIS_REGISTRATION_PASSWORD_NOT_SET--}');
} else {
// So far, all fine, then let's do the call-back on auth.php ...
- $response = executeWernisApiAuth(postRequestElement('wernis_id'), postRequestElement('wernis_password'));
-
- // Was the status okay?
- if (isHttpResponseStatusOkay($response)) {
- // All fine, then analyze API response
- $args = convertApiResponseToArray($response['response'], '&', '=');
+ $args = executeWernisApiAuth(postRequestElement('wernis_id'), postRequestElement('wernis_password'));
+ // Status was okay?
+ if (isHttpResponseStatusOkay($args)) {
// Is status set?
+ //* DEBUG-DIE */ die('response=<pre>' . print_r($response, TRUE) . '</pre>,args=' . '<pre>'.print_r($args, TRUE).'</pre>');
assert(isset($args['auth_status']));
// Add WDS66 userid
die(__FUNCTION__ . ':' . __LINE__ . ': status[' . gettype($status) . ']=' . $status . ' - Unfinished.');
} else {
// Something bad happened
- displayMessage($response['message']);
+ displayMessage($args['message']);
}
}
} // END - if
// Finish user registration with WDS66 API
function doWernisFinishUserRegistration ($challenge, $challengeResponse, $status) {
- // Check status from GET parameters and stored value
- if (($status == '1') && (isFormSent('wernis_register'))) {
- // Form has been sent
- die(__FUNCTION__ . ':' . __LINE__ . ': Reached!');
- } elseif ($status == '1') {
+ // Is the status 1? (= all fine with API call)
+ if ($status == '1') {
// Get mapped data based on challenge
- $return = getWernisMapedDataFromApiByChallenge($challenge, $status);
+ $return = getWernisMappedDataFromApiByChallenge($challenge, $status);
// Is the array filled?
- if ((count($return['mapped_data']) > 0) && (empty($return['message']))) {
+ //* DEBUG-DIE */ die(__METHOD__ . ':return=<pre>' . print_r($return, TRUE) . '</pre> - EXIT!');
+ if ((isset($return['mapped_data'])) && (count($return['mapped_data']) > 0) && (empty($return['message']))) {
+ // Set must-fillout fields
+ $return['mapped_data'] = runFilterChain('register_must_fillout', $return['mapped_data']);
+
+ // Add missing elements
+ $return['mapped_data']['gender'] = NULL;
+ $return['mapped_data']['birthday_selection'] = generateDayMonthYearSelectionBox($return['mapped_data']['birth_day'], $return['mapped_data']['birth_month'], $return['mapped_data']['birth_year']);
+ $return['mapped_data']['challenge'] = getRequestElement('challenge');
+ $return['mapped_data']['__challenge_response'] = getRequestElement('__challenge_response');
+
// Display form
loadTemplate('guest_wernis_registration_form', FALSE, $return['mapped_data']);
+
+ // All fine
return TRUE;
} else {
- // Something bad happened
+ // Something unexpected happened (e.g. no API requests left)
displayMessage($return['message']);
return FALSE;
}
}
// "Getter" for mapped data by calling the API and given challenge and status
-function getWernisMapedDataFromApiByChallenge ($challenge, $status) {
+function getWernisMappedDataFromApiByChallenge ($challenge, $status) {
// Get stored registration data
$rows = getWernisRegistrationDataByKey('api_redirect_challenge', $challenge);
} // END - if
// Now call "get.php"
- $response = executeWernisApiGet($rows[0], 'data', 'anrede|vorname|name|strasse|plz|ort|birth_day|birth_month|birth_year|email|werber');
+ $response = executeWernisApiGet($rows[0], 'data', 'vorname|name|strasse|plz|ort|birth_day|birth_month|birth_year|email|werber');
// Was the status okay?
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':response=<pre>' . print_r($response, TRUE) . '</pre>');
if (isHttpResponseStatusOkay($response)) {
// API returned non-errous response, 'data=' must be found
- assert(substr($response['response'], 0, 5) == 'data=');
-
- // And remove it, this is now BASE64-encoded
- $encodedData = urldecode(substr($response['response'], 5));
+ assert(isset($response['data']));
// And decode it (all steps separated to later "easily" debug them)
- $decodedData = base64_decode($encodedData);
+ $decodedData = base64_decode(urldecode($response['data']));
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':decodedData=' . $decodedData);
/*
* Do some checks on the decoded string, it should be a
- * serialized array with 11 entries (see above
+ * serialized array with 10 entries (see above
* executeWernisApiGet() call).
*/
- assert(substr($decodedData, 0, 6) == 'a:11:{');
+ assert(substr($decodedData, 0, 6) == 'a:10:{');
assert(substr($decodedData, -1, 1) == '}');
// The array seems to be fine, unserialize it
$userData = unserialize($decodedData);
+ //* DEBUG-DIE */ die(__METHOD__ . ':userData=<pre>' . print_r($userData, TRUE) . '</pre> - EXIT!');
// All mappings WDS66->mailer
$mappings = array(
- 'anrede' => 'gender',
'vorname' => 'surname',
'name' => 'family',
'strasse' => 'street_nr',
}
// Return mapped data array
+ //* DEBUG-DIE */ die(__METHOD__ . ':return=<pre>' . print_r($return, TRUE) . '</pre> - EXIT!');
return $return;
}
sqlQueryEscaped("UPDATE
`{?_MYSQL_PREFIX?}_wernis_regs`
SET
- `%s`='%s'
+ `%s` = '%s'
WHERE
- `%s`='%s' AND
+ `%s` = '%s' AND
`%s` != '%s'
LIMIT 1",
array(
$updatedColumn,
$newValue,
$key,
+ $oldValue,
$updatedColumn,
$oldValue
), __FUNCTION__, __LINE__
return $rows;
}
+// Do local user registration with data from WDS66 API
+function doWernisUserRegistration () {
+ // Call generic registration function
+ $status = doGenericUserRegistration();
+
+ // Does this went fine?
+ if ($status === FALSE) {
+ // No, then abort here silently
+ return FALSE;
+ } // END - if
+
+ // Make sure the user id is valid
+ assert(isset($GLOBALS['register_userid']));
+ assert(isValidId($GLOBALS['register_userid']));
+
+ // Generic registration is finished, so add more data:
+}
+
+// Generates decrption key based on private key, public key and API key
+function generateWernisDecryptionKey ($publicKey) {
+ // Generate key from most known data
+ $key = hashSha256(sprintf(
+ '%s:%s:%s',
+ getWernisApiMd5(),
+ getWernisPrivateKey(),
+ $publicKey
+ ));
+
+ // Return it
+ return $key;
+}
+
//-----------------------------------------------------------------------------
// Auth status callback functions
//-----------------------------------------------------------------------------
`api_redirect_challenge`='%s'
WHERE
`api_auth_key`='%s' AND
- `wernis_userid`=%s
+ `wernis_userid`=%s AND
`api_auth_status`='PENDING'
LIMIT 1",
array(
assert(sqlAffectedRows() == 1);
// Redirect to WDS66 module=auth ...
- redirectToUrl(getWernisBaseUrl() . '/modules.php?module=auth&auth_key=' . $args['auth_key'] . '&params=' . urlencode(base64_encode('&module=' . getModule() . '&what=' . getWhat())) . '&challenge=' . $challenge);
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':' . __LINE__ . '<pre>' . print_r($args, TRUE) . '</pre>');
+ redirectToUrl(getWernisBaseUrl() . '/modules.php?module=auth&auth_key=' . trim($args['auth_key']) . '&params=' . urlencode(base64_encode('&module=' . getModule() . '&what=' . getWhat())) . '&challenge=' . $challenge, FALSE, FALSE);
}
// Handler for auth_status=ACCEPTED
// auth_key and wernis_userid must be set
assert(isset($args['auth_key']));
assert(isset($args['wernis_userid']));
- die(__FUNCTION__ . '<pre>'.print_r($args, TRUE).'</pre>');
+ die(__FUNCTION__ . ':' . __LINE__ . '<pre>' . print_r($args, TRUE) . '</pre>');
+}
+
+//------------------------------------------------------------------------------
+// Template helper functions
+//------------------------------------------------------------------------------
+
+// Template helper to generate a selection box for encryption alogrithms
+function doTemplateSelectWernisEncryptionAlgorithm ($templateName, $clear = FALSE, $default = NULL) {
+ // Get all available algorithms
+ $algorithms = getSupportedEncryptionAlgorithms();
+ //* DEBUG-DIE */ die('algorithms=<pre>' . print_r($algorithms, TRUE) . '</pre>');
+
+ // Init array
+ $options = array();
+
+ // And fill it
+ foreach ($algorithms as $key => $dummy) {
+ $options[$key] = array('algorithms' => $key);
+ } // END - if
+
+ // Handle it over to generateSelectionBoxFromArray()
+ $content = generateSelectionBoxFromArray($options, 'wernis_encryption_algorithm', 'algorithms', '', '_wernis', '', $default, '', TRUE, FALSE);
+
+ // Return prepared content
+ return $content;
+}
+
+// Template helper to generate a selection box for encryption alogrithms
+function doTemplateSelectWernisEncryptionMode ($templateName, $clear = FALSE, $default = NULL) {
+ // Get all available modes
+ $modes = getSupportedEncryptionModes();
+
+ // Init array
+ $options = array();
+
+ // And fill it
+ foreach ($modes as $key => $dummy) {
+ $options[$key] = array('modes' => $key);
+ } // END - if
+
+ // Handle it over to generateSelectionBoxFromArray()
+ $content = generateSelectionBoxFromArray($options, 'wernis_encryption_mode', 'modes', '', '_wernis', '', $default, '', TRUE, FALSE);
+
+ // Return prepared content
+ return $content;
}
//-----------------------------------------------------------------------------
return $GLOBALS[__FUNCTION__];
}
+// Wrapper function for 'wernis_encryption_algorithm'
+function getWernisEncryptionAlgorithm () {
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__])) {
+ // Get config entry
+ $GLOBALS[__FUNCTION__] = getConfig('wernis_encryption_algorithm');
+ } // END - if
+
+ // Return cache
+ return $GLOBALS[__FUNCTION__];
+}
+
+// Wrapper function for 'wernis_encryption_mode'
+function getWernisEncryptionMode () {
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__])) {
+ // Get config entry
+ $GLOBALS[__FUNCTION__] = getConfig('wernis_encryption_mode');
+ } // END - if
+
+ // Return cache
+ return $GLOBALS[__FUNCTION__];
+}
+
+// Wrapper function for 'wernis_private_key'
+function getWernisPrivateKey () {
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__])) {
+ // Get config entry
+ $GLOBALS[__FUNCTION__] = getConfig('wernis_private_key');
+ } // END - if
+
+ // Return cache
+ return $GLOBALS[__FUNCTION__];
+}
+
// [EOF]
?>