* $Author:: $ *
* -------------------------------------------------------------------- *
* Copyright (c) 2003 - 2009 by Roland Haeder *
- * Copyright (c) 2009 - 2013 by Mailer Developer Team *
+ * Copyright (c) 2009 - 2015 by Mailer Developer Team *
* For more information visit: http://mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
} // END - if
// Sets a status message and code
-function WERNIS_STATUS_MESSAGE ($message, $status) {
+function setWernisStatusMessage ($message, $status) {
$GLOBALS['wernis_data']['message'] = $message;
$GLOBALS['wernis_data']['status'] = $status;
}
// Get the status message
-function GET_WERNIS_ERROR_MESSAGE () {
+function getWernisErrorMessage () {
if (isset($GLOBALS['wernis_data']['message'])) {
// Use raw message
return $GLOBALS['wernis_data']['message'];
}
// Get the status code
-function GET_WERNIS_ERROR_CODE () {
+function getWernisErrorCode () {
if (isset($GLOBALS['wernis_data']['status'])) {
// Use raw message
return $GLOBALS['wernis_data']['status'];
}
// Sends out a request to the API and returns it's result
-function WERNIS_SEND_REQUEST ($scriptName, $requestData = array()) {
+function sendWernisApiRequest ($scriptName, $requestData = array()) {
+ // Debug call
+ //* DEBUG */ reportBug(__FUNCTION__, __LINE__, 'scriptName=' . $scriptName . ',requestData=<pre>' . print_r($requestData, TRUE) . '</pre>');
+
// Is the requestData an array?
if (!is_array($requestData)) {
// Then abort here!
$requestData['api_key'] = getWernisApiMd5();
// Is a purpose there?
- if (isset($requestData['purpose'])) {
+ if (!empty($requestData['purpose'])) {
// Eval the purpose
eval('$purpose = "' . doFinalCompilation($requestData['purpose'], FALSE) . '";');
// We use only the first two entries (which shall be fine)
if ($data[0] === 'error') {
- // The request has failed... :(
- switch ($data[1]) {
+ // The request has failed...
+ $status = $data[1];
+ $extraData = '';
+
+ // Explode status code
+ $exploded = explode(':', $status);
+
+ // More extra data found?
+ if (count($exploded) > 1) {
+ // Then set all
+ $status = $exploded[0];
+ $extraData = $exploded[1];
+ } // END - if
+
+ switch ($status) {
case '404': // Invalid API id
case 'AUTH': // Authorization has failed
$return = array(
);
break;
+ case 'AUTH-STATUS': // Unexpected auth status
+ // Switch on extra data
+ switch ($extraData) {
+ case 'ACCEPTED':
+ $return = array(
+ 'status' => 'api_auth_status_accepted',
+ 'message' => '{--WERNIS_API_REQUEST_FAILED_AUTH_STATUS_ACCEPTED--}'
+ );
+ break;
+
+ case 'REJECTED':
+ $return = array(
+ 'status' => 'api_auth_status_rejected',
+ 'message' => '{--WERNIS_API_REQUEST_FAILED_AUTH_STATUS_REJECTED--}'
+ );
+ break;
+
+ case 'UNKNOWN':
+ $return = array(
+ 'status' => 'api_auth_status_unknown',
+ 'message' => '{--WERNIS_API_REQUEST_FAILED_AUTH_STATUS_UNKNOWN--}'
+ );
+ break;
+
+ default: // Unknown
+ $return = array(
+ 'status' => 'api_auth_status_failed',
+ 'message' => getMaskedMessage('WERNIS_API_REQUEST_FAILED_AUTH_STATUS', $extraData)
+ );
+ break;
+ } // END - switch
+ break;
+
default: // Unknown error (maybe new?)
logDebugMessage(__FUNCTION__, __LINE__, sprintf('Unknown error %s from WDS66 API received.', $data[1]));
$return = array(
'message' => '{%message,WERNIS_API_REQUEST_FAILED=' . $data[1] . '%}'
);
break;
- }
+ } // END - switch
} else {
- // All fine here
- $return = array(
- 'status' => 'OK',
- 'response' => $responseLine
- );
+ // All fine, then analyze API response
+ $return = convertApiResponseToArray($responseLine, '&', '=');
+
+ // Nothing is fine now
+ $return['status'] = 'generic_failed';
+ $return['message'] = '--WERNIS_API_REQUEST_FAILED_GENERIC--}';
+
+ // Are 'encrypted', 'key' and 'iv' set?
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':return=<pre>' . print_r($return, TRUE) . '</pre>');
+ if ((isset($return['encrypted'])) && (isset($return['key'])) && (isset($return['iv']))) {
+ // Fully decode it (URL-encoded BASE64)
+ $decoded = decodeString($return['encrypted']);
+ $iv = decodeString($return['iv']);
+
+ // Generate decryption key
+ $decryptionKey = generateWernisDecryptionKey($return['key']);
+
+ // Decrypt string
+ $decrypted = decrytStringByCipher($decoded, getWernisEncryptionAlgorithm(), getWernisEncryptionMode(), $decryptionKey, $iv);
+ //* DEBUG-DIE */ die('key="' . $return['key'] . '"<br />decryptionKey="' . $decryptionKey . '"<br />decoded="' . $decoded . '"<br />decrypted="' . $decrypted . '"');
+
+ // First char must be an &
+ assert(substr($decrypted, 0, 1) == '&');
+
+ // Now the string needs to be turned into an array, first explode all &
+ $elements = explode('&', $decrypted);
+
+ // And remove first element
+ array_shift($elements);
+ //* DEBUG-DIE */ die('elements=<pre>' . print_r($elements, TRUE) . '</pre>');
+
+ // Now "walk" all ements
+ foreach ($elements as $idx => $element) {
+ // Explode element
+ $keyValue = explode('=', $element);
+
+ // Make sure it is valid
+ assert(count($keyValue) == 2);
+
+ // Now handle all over
+ $return[$keyValue[0]] = $keyValue[1];
+ } // END - foreach
+
+ // Remove encryption stuff
+ unset($return['encrypted'], $return['key'], $return['iv']);
+ } // END - if
+
+ // All fine ...
+ $return['status'] = 'OK';
+ $return['message'] = NULL;
}
// Return the result
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':return=<pre>' . print_r($return, TRUE) . '</pre>');
return $return;
}
// Tests the function by calling balance.php on the API
-function WERNIS_TEST_API () {
+function doAdminTestWernisApi () {
// Only as admin
assert(isAdmin());
// Prepare the request data
$requestData = array(
- 't_uid' => getWernisRefid(),
- 't_md5' => getWernisPassMd5()
+ 't_uid' => getWernisRefid(),
+ 't_md5' => getWernisPassMd5()
);
// Return the result from the lower functions
- $return = WERNIS_SEND_REQUEST('balance.php', $requestData);
+ $return = sendWernisApiRequest('balance.php', $requestData);
// Did it went smoothly?
- if ($return['status'] == 'OK') {
+ if (isHttpResponseStatusOkay($return)) {
// All fine!
$result = TRUE;
} else {
// Status failure text
- WERNIS_STATUS_MESSAGE($return['message'], $return['status']);
+ setWernisStatusMessage($return['message'], $return['status']);
}
// Return result
}
// Widthdraw this amount
-function WERNIS_EXECUTE_WITHDRAW ($wdsId, $userMd5, $amount) {
+function executeWernisApiWithdraw ($wdsId, $userMd5, $amount) {
// Is the sponsor extension installed?
if (!isWernisWithdrawActive()) {
if (!isExtensionActive('sponsor')) {
);
// Return the result from the lower functions
- $return = WERNIS_SEND_REQUEST('book.php', $requestData);
+ $return = sendWernisApiRequest('book.php', $requestData);
- if ($return['status'] == 'OK') {
+ // Did it went smoothly?
+ if (isHttpResponseStatusOkay($return)) {
// All fine!
$result = TRUE;
// Log the transfer
- WERNIS_LOG_TRANSFER($wdsId, $amount, 'WITHDRAW');
+ logWernisTransfer($wdsId, $amount, 'WITHDRAW');
} else {
// Status failure text
- WERNIS_STATUS_MESSAGE($return['message'], $return['status']);
+ setWernisStatusMessage($return['message'], $return['status']);
// Log the transfer
- WERNIS_LOG_TRANSFER($wdsId, $amount, 'FAILED', $return['message'], $return['status']);
+ logWernisTransfer($wdsId, $amount, 'FAILED', $return['message'], $return['status']);
}
// Return result
return $result;
}
-
// Payout this amount
-function WERNIS_EXECUTE_PAYOUT ($wdsId, $amount) {
+function executeWernisApiPayout ($wdsId, $amount) {
// Default is failed attempt
$result = FALSE;
);
// Return the result from the lower functions
- $return = WERNIS_SEND_REQUEST('book.php', $requestData);
+ $return = sendWernisApiRequest('book.php', $requestData);
- if ($return['status'] == 'OK') {
+ if (isHttpResponseStatusOkay($return)) {
// All fine!
$result = TRUE;
// Log the transfer
- WERNIS_LOG_TRANSFER($wdsId, $amount, 'PAYOUT');
+ logWernisTransfer($wdsId, $amount, 'PAYOUT');
} else {
// Status failure text
- WERNIS_STATUS_MESSAGE($return['message'], $return['status']);
+ setWernisStatusMessage($return['message'], $return['status']);
// Log the transfer
- WERNIS_LOG_TRANSFER($wdsId, $amount, 'FAILED', $return['message'], $return['status']);
+ logWernisTransfer($wdsId, $amount, 'FAILED', $return['message'], $return['status']);
}
// Return result
return $result;
}
+// Execute auth.php request
+function executeWernisApiAuth ($wernisId, $wernisPassword) {
+ // Prepare request data
+ $requestData = array(
+ 't_uid' => bigintval($wernisId),
+ 't_md5' => hashSha256($wernisPassword),
+ );
+
+ // Call auth.php
+ $return = sendWernisApiRequest('auth.php', $requestData);
+
+ // Return full array
+ return $return;
+}
+
+// Execute get.php reguest with given auth data (not all are used)
+function executeWernisApiGet ($authData, $subRequest, $fields) {
+ // It must be an array
+ assert(is_array($authData));
+
+ // Check required array elements
+ assert(isset($authData['wernis_userid']));
+ assert(isset($authData['api_auth_key']));
+ assert(isset($authData['api_redirect_challenge']));
+
+ // Then create request array
+ $requestData = array(
+ 'sub_request' => $subRequest,
+ 'fields' => $fields,
+ 't_uid' => bigintval($authData['wernis_userid']),
+ 't_md5' => getWernisPassMd5(),
+ 'auth_key' => $authData['api_auth_key'],
+ 'challenge' => $authData['api_redirect_challenge']
+ );
+
+ // Call get.php
+ $return = sendWernisApiRequest('get.php', $requestData);
+
+ // Return full array
+ return $return;
+}
+
+// Translate auth status
+function translateWernisAuthStatu ($status) {
+ return '{%message,WERNIS_AUTH_STATUS_' . strtoupper($status) . '%}';
+}
+
// Translate the status IN/OUT
function translateWernisTransferStatus ($status) {
// Default status is unknown
- $return = '{%message,WERNIS_STATUS_UNKNWOWN=' . $status . '%}';
+ $return = '{%message,WERNIS_TRANSFER_STATUS_UNKNWOWN=' . $status . '%}';
// Construct message id
- $messageId = 'WERNIS_STATUS_' . $status;
+ $messageId = 'WERNIS_TRANSFER_STATUS_' . $status;
// Is it there?
if (isMessageIdValid($messageId)) {
}
// Log the transfer
-function WERNIS_LOG_TRANSFER ($wdsId, $amount, $type = 'FAILED', $message = '', $status = '') {
+function logWernisTransfer ($wdsId, $amount, $type = 'FAILED', $message = '', $status = '') {
// Register this wernis movement
sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_user_wernis` (`userid`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type`, `wernis_api_message`, `wernis_api_status`) VALUES (%s, %s, %s, UNIX_TIMESTAMP(), '%s', '%s', '%s')",
array(
), __FUNCTION__, __LINE__);
}
-// Take fees and factor
-function WERNIS_TAKE_FEE ($points, $mode) {
+// Calulcate fees and factor
+function calculateWernisFee ($points, $mode) {
// Payout or withdraw are allowed modes!
//* DEBUG: */ debugOutput('mode=' . $mode . ',points=' . $points);
if (!in_array($mode, array('payout', 'withdraw'))) {
}
// Add withdraw fees and factor
-function WERNIS_ADD_WITHDRAW_FEE ($points) {
+// @TODO Unused?
+function calulcateWernisWithdrawFee ($points) {
// Is there a percentage or fixed fee?
if (getWernisWithdrawFeePercent() > 0) {
// Percentage fee
return $points;
}
+// Displays registration form for WDS66 registration
+function doDisplayWernisUserRegistrationForm () {
+ // Is the form sent?
+ if (isFormSent('register')) {
+ // Is wernis_id set?
+ if (!isPostRequestElementSet('wernis_id')) {
+ // Id not set
+ displayMessage('{--GUEST_WERNIS_REGISTRATION_ID_NOT_SET--}');
+ } elseif (!isPostRequestElementSet('wernis_password')) {
+ // Password not set
+ displayMessage('{--GUEST_WERNIS_REGISTRATION_PASSWORD_NOT_SET--}');
+ } else {
+ // So far, all fine, then let's do the call-back on auth.php ...
+ $args = executeWernisApiAuth(postRequestElement('wernis_id'), postRequestElement('wernis_password'));
+
+ // Status was okay?
+ if (isHttpResponseStatusOkay($args)) {
+ // Is auth_status set?
+ //* DEBUG-DIE */ die('response=<pre>' . print_r($response, TRUE) . '</pre>,args=' . '<pre>'.print_r($args, TRUE).'</pre>');
+ assert(isset($args['auth_status']));
+
+ // Add WDS66 userid
+ $args['wernis_userid'] = postRequestElement('wernis_id');
+
+ // "Detect" auth status
+ $callbackFunction = 'doWernisAuth' . capitalizeUnderscoreString($args['auth_status']);
+
+ // Is the call-back there?
+ if (!is_callable($callbackFunction, FALSE, $callableName)) {
+ // Not there, could be bad. :(
+ reportBug(__FUNCTION__, __LINE__, 'Unsupported auth_status=' . $args['auth_status'] . ',args()=' . count($args) . ',callbackFunction=' . $callbackFunction . ' detected.');
+ } // END - if
+
+ // Then call it
+ $status = call_user_func($callbackFunction, $args);
+
+ // @TODO Something more to do here?
+ die(__FUNCTION__ . ':' . __LINE__ . ': status[' . gettype($status) . ']=' . $status . ' - Unfinished.');
+ } else {
+ // Something bad happened
+ displayMessage($args['message']);
+ }
+ }
+ } // END - if
+
+ // Is there a challenge + response?
+ if ((isGetRequestElementSet('status')) && (isGetRequestElementSet('challenge')) && (isGetRequestElementSet('__challenge_response'))) {
+ // Redirect from modules.php?module=auth, so validate challenge response ...
+ // 1) Get first 24 characters = salt
+ $salt = substr(getRequestElement('__challenge_response'), 0, 24);
+
+ // 2) Generate hash for challenge response
+ $challengeResponse = $salt . hashSha256($salt . getWernisApiMd5() . getRequestElement('challenge'));
+
+ // Is the response valid?
+ if ($challengeResponse != getRequestElement('__challenge_response')) {
+ // Not valid
+ displayMessage('{--GUEST_WERNIS_REGISTRATION_INVALID_CHALLENGE_RESPONSE--}');
+ return;
+ } // END - if
+
+ /*
+ * Now, that the challenge-response is the same, the challenge itself
+ * is also the same. Next get the data from wernis_regs table by
+ * challenge. There is currently no other way to get the data as there
+ * is no Wernis user id provided. Later on the stored challenge response
+ * can be compared with provided.
+ */
+ $return = doWernisFinishUserRegistration(getRequestElement('challenge'), getRequestElement('__challenge_response'), getRequestElement('status'));
+
+ // Is the registration finished?
+ if ($return === FALSE) {
+ // No, then abort here silently as the function should have already displayed a message
+ return;
+ } // END - if
+ } elseif (!isFormSent('register')) {
+ // Form not send, so load form template
+ loadTemplate('guest_wernis_registration_rpc_form');
+ }
+}
+
+// Finish user registration with WDS66 API
+function doWernisFinishUserRegistration ($challenge, $challengeResponse, $status) {
+ // Is the status 1? (= all fine with API call)
+ if ($status == '1') {
+ // Get mapped data based on challenge
+ $return = getWernisMappedDataFromApiByChallenge($challenge, $challengeResponse, $status);
+
+ // Is the array filled?
+ //* DEBUG-DIE */ die(__METHOD__ . ':return=<pre>' . print_r($return, TRUE) . '</pre> - EXIT!');
+ if ((isset($return['mapped_data'])) && (count($return['mapped_data']) > 0) && (empty($return['message']))) {
+ // Set must-fillout fields
+ $return['mapped_data'] = runFilterChain('register_must_fillout', $return['mapped_data']);
+
+ // Add missing elements
+ $return['mapped_data']['gender'] = NULL;
+ $return['mapped_data']['birthday_selection'] = generateDayMonthYearSelectionBox($return['mapped_data']['birth_day'], $return['mapped_data']['birth_month'], $return['mapped_data']['birth_year']);
+ $return['mapped_data']['challenge'] = getRequestElement('challenge');
+ $return['mapped_data']['__challenge_response'] = getRequestElement('__challenge_response');
+
+ // Display form
+ loadTemplate('guest_wernis_registration_form', FALSE, $return['mapped_data']);
+
+ // All fine
+ return TRUE;
+ } else {
+ // Something unexpected happened (e.g. no API requests left)
+ displayMessage($return['message']);
+ return FALSE;
+ }
+ } else {
+ // Not accepted
+ displayMessage('{--GUEST_WERNIS_REGISTRATION_AUTH_REJECTED--}');
+ }
+}
+
+// "Getter" for mapped data by calling the API and given challenge and status
+function getWernisMappedDataFromApiByChallenge ($challenge, $challengeResponse, $status) {
+ // Get stored registration data
+ $rows = getWernisRegistrationDataByKey('api_redirect_challenge', $challenge);
+
+ // Zero result found?
+ if (count($rows) == 0) {
+ // Nothing found
+ displayMessage('{--GUEST_WERNIS_REGISTRATION_ZERO_ROWS_FOUND--}');
+
+ // Display form
+ loadTemplate('guest_wernis_registration_rpc_form');
+ return array();
+ } // END - if
+
+ // Init array
+ $return = array(
+ // Mapped data
+ 'mapped_data' => array(),
+ // Any error message from API
+ 'message' => ''
+ );
+
+ // Has the auth status changed?
+ if ($rows[0]['api_auth_status'] != 'ACCEPTED') {
+ /*
+ * The authorization of this application has been accepted, so
+ * update it and ignore result from function because the update
+ * will always run.
+ */
+ updateWernisRegistrationDataByKey('api_auth_status', 'api_redirect_challenge', $challenge, 'ACCEPTED');
+ updateWernisRegistrationDataByKey('api_challenge_response', 'api_redirect_challenge', $challenge, $challengeResponse);
+ } // END - if
+
+ // Now call "get.php"
+ $response = executeWernisApiGet($rows[0], 'data', 'vorname|name|strasse|plz|ort|birth_day|birth_month|birth_year|email|werber');
+
+ // Was the status okay?
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':response=<pre>' . print_r($response, TRUE) . '</pre>');
+ if (isHttpResponseStatusOkay($response)) {
+ // API returned non-errous response, 'data=' must be found
+ assert(isset($response['data']));
+
+ // And decode it (all steps separated to later "easily" debug them)
+ $decodedData = base64_decode(urldecode($response['data']));
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':decodedData=' . $decodedData);
+
+ /*
+ * Do some checks on the decoded string, it should be a
+ * serialized array with 10 entries (see above
+ * executeWernisApiGet() call).
+ */
+ assert(substr($decodedData, 0, 6) == 'a:10:{');
+ assert(substr($decodedData, -1, 1) == '}');
+
+ // The array seems to be fine, unserialize it
+ $userData = unserialize($decodedData);
+ //* DEBUG-DIE */ die(__METHOD__ . ':userData=<pre>' . print_r($userData, TRUE) . '</pre> - EXIT!');
+
+ // All mappings WDS66->mailer
+ $mappings = array(
+ 'vorname' => 'surname',
+ 'name' => 'family',
+ 'strasse' => 'street_nr',
+ 'plz' => 'zip',
+ 'ort' => 'city',
+ 'email' => 'email',
+ 'birth_day' => 'birth_day',
+ 'birth_month' => 'birth_month',
+ 'birth_year' => 'birth_year',
+ 'werber' => 'wernis_refid'
+ );
+
+ // Map all WDS66 entries into mailer entries
+ foreach ($mappings as $from => $to) {
+ // All must exist
+ if (!isset($userData[$from])) {
+ // Element $from does not exist
+ reportBug(__FUNCTION__, __LINE__, 'Cannot map from=' . $from . ' -> to=' . $to . ': element does not exist.');
+ } // END - if
+
+ // "Map" all and make empty strings to NULL
+ $return['mapped_data'][$to] = convertEmptyToNull($userData[$from]);
+ } // END - foreach
+
+ // Both arrays must have same size
+ assert(count($userData) == count($return['mapped_data']));
+
+ // Now add userid from WDS66
+ $return['mapped_data']['wernis_userid'] = bigintval($rows[0]['wernis_userid']);
+ } else {
+ // Something bad happened so copy the message
+ $return['message'] = $response['message'];
+ }
+
+ // Return mapped data array
+ //* DEBUG-DIE */ die(__METHOD__ . ':return=<pre>' . print_r($return, TRUE) . '</pre> - EXIT!');
+ return $return;
+}
+
+// Updates auth status by given key/value pair
+function updateWernisRegistrationDataByKey ($updatedColumn, $key, $oldValue, $newValue) {
+ // Run the update
+ sqlQueryEscaped("UPDATE
+ `{?_MYSQL_PREFIX?}_wernis_regs`
+SET
+ `%s` = '%s'
+WHERE
+ `%s` = '%s' AND
+ `%s` != '%s'
+LIMIT 1",
+ array(
+ $updatedColumn,
+ $newValue,
+ $key,
+ $oldValue,
+ $updatedColumn,
+ $oldValue
+ ), __FUNCTION__, __LINE__
+ );
+
+ // Check if rows as been affected
+ return ifSqlHasZeroAffectedRows();
+}
+
+// "Getter" for Wernis registration data by given key and value
+function getWernisRegistrationDataByKey ($key, $value, $limit = 1) {
+ // Init array
+ $rows = array();
+
+ // Now search for it
+ $result = sqlQueryEscaped("SELECT
+ `local_userid`,
+ `wernis_userid`,
+ `api_auth_status`,
+ `api_auth_key`,
+ `api_redirect_challenge`,
+ `api_challenge_response`,
+ UNIX_TIMESTAMP(`record_inserted`) AS `record_inserted`
+FROM
+ `{?_MYSQL_PREFIX?}_wernis_regs`
+WHERE
+ `%s`='%s'
+ORDER BY
+ `id`
+LIMIT %d",
+ array(
+ $key,
+ $value,
+ $limit
+ ), __FUNCTION__, __LINE__
+ );
+
+ // Is there an entry?
+ if (sqlNumRows($result) > 0) {
+ // At least one entry has been found, so loop through all
+ while ($row = sqlFetchArray($result)) {
+ // Add it
+ array_push($rows, $row);
+ } // END - while
+ } // END - if
+
+ // Free result
+ sqlFreeResult($result);
+
+ // Return found entries
+ return $rows;
+}
+
+// Do local user registration with data from WDS66 API
+function doWernisUserRegistration () {
+ // Call generic registration function
+ $status = doGenericUserRegistration();
+
+ // Does this went fine?
+ if ($status === FALSE) {
+ // No, then abort here silently
+ return FALSE;
+ } // END - if
+
+ // Make sure the user id is valid
+ assert(isset($GLOBALS['register_userid']));
+ assert(isValidId($GLOBALS['register_userid']));
+
+ // Generic registration is finished, so add more data:
+}
+
+// Generates decrption key based on private key, public key and API key
+function generateWernisDecryptionKey ($publicKey) {
+ // Generate key from most known data
+ $key = hashSha256(sprintf(
+ '%s:%s:%s',
+ getWernisApiMd5(),
+ getWernisPrivateKey(),
+ $publicKey
+ ));
+
+ // Return it
+ return $key;
+}
+
+//-----------------------------------------------------------------------------
+// Auth status callback functions
+//-----------------------------------------------------------------------------
+
+// Handler for auth_status=PENDING
+function doWernisAuthPending ($args) {
+ // $args must always be an array
+ assert(is_array($args));
+
+ // auth_key and wernis_userid must be set
+ assert(isset($args['auth_key']));
+ assert(isset($args['wernis_userid']));
+
+ // Generate a challenge that will be added to the URL
+ $challenge = hashSha256(generatePassword(128));
+
+ // Search entry in database by auth_key
+ if (countSumTotalData($args['auth_key'], 'wernis_regs', 'id', 'api_auth_key', TRUE) == 0) {
+ // "Register" this call
+ sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_wernis_regs` (
+ `wernis_userid`,
+ `api_auth_status`,
+ `api_auth_key`,
+ `api_redirect_challenge`
+) VALUES (
+ %s,
+ 'PENDING',
+ '%s',
+ '%s'
+)",
+ array(
+ bigintval($args['wernis_userid']),
+ $args['auth_key'],
+ $challenge
+ ), __FUNCTION__, __LINE__
+ );
+ } else {
+ // Update challenge
+ sqlQueryEscaped("UPDATE
+ `{?_MYSQL_PREFIX?}_wernis_regs`
+SET
+ `api_redirect_challenge`='%s'
+WHERE
+ `api_auth_key`='%s' AND
+ `wernis_userid`=%s AND
+ `api_auth_status`='PENDING'
+LIMIT 1",
+ array(
+ $challenge,
+ $args['auth_key'],
+ bigintval($args['wernis_userid'])
+ ), __FUNCTION__, __LINE__
+ );
+ }
+
+ // Should always update/insert
+ assert(sqlAffectedRows() == 1);
+
+ // Redirect to WDS66 module=auth ...
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':' . __LINE__ . '<pre>' . print_r($args, TRUE) . '</pre>');
+ redirectToUrl(getWernisBaseUrl() . '/modules.php?module=auth&auth_key=' . trim($args['auth_key']) . '&params=' . urlencode(base64_encode('&module=' . getModule() . '&what=' . getWhat())) . '&challenge=' . $challenge, FALSE, FALSE);
+}
+
+// Handler for auth_status=ACCEPTED
+function doWernisAuthAccepted ($args) {
+ // $args must always be an array
+ assert(is_array($args));
+
+ // auth_key and wernis_userid must be set
+ assert(isset($args['auth_key']));
+ assert(isset($args['wernis_userid']));
+
+ // Get registration data by auth_key
+ $rows = getWernisRegistrationDataByKey('api_auth_key', $args['auth_key']);
+
+ // The userid should be same
+ assert(isset($rows[0]['wernis_userid']));
+ assert($rows[0]['wernis_userid'] === $args['wernis_userid']);
+
+ // Check both challenge + response
+ assert(isset($rows[0]['api_redirect_challenge']));
+ assert(isset($rows[0]['api_challenge_response']));
+
+ // Both are fine, so get the data
+ $return = doWernisFinishUserRegistration($rows[0]['api_redirect_challenge'], $rows[0]['api_challenge_response'], '1');
+
+ // All fine?
+ if ($return === FALSE) {
+ // @TODO Should not happen???
+ reportBug(__FUNCTION__, __LINE__, 'args=<pre>' . print_r($args, TRUE) . '</pre>rows=<pre>' . print_r($rows, TRUE) . '</pre> - Failed!');
+ } // END - if
+
+ // Generate URL
+ $url = basename(detectRequestUri()) . '&challenge=' . $rows[0]['api_redirect_challenge'] . '&__challenge_response=' . $rows[0]['api_challenge_response'] . '&status=1';
+
+ // Redirect to URL
+ redirectToUrl($url);
+}
+
+//------------------------------------------------------------------------------
+// Template helper functions
+//------------------------------------------------------------------------------
+
+// Template helper to generate a selection box for encryption alogrithms
+function doTemplateSelectWernisEncryptionAlgorithm ($templateName, $clear = FALSE, $default = NULL) {
+ // Get all available algorithms
+ $algorithms = getSupportedEncryptionAlgorithms();
+ //* DEBUG-DIE */ die('algorithms=<pre>' . print_r($algorithms, TRUE) . '</pre>');
+
+ // Init array
+ $options = array();
+
+ // And fill it
+ foreach ($algorithms as $key => $dummy) {
+ $options[$key] = array('algorithms' => $key);
+ } // END - if
+
+ // Handle it over to generateSelectionBoxFromArray()
+ $content = generateSelectionBoxFromArray($options, 'wernis_encryption_algorithm', 'algorithms', '', '_wernis', '', $default, '', TRUE, FALSE);
+
+ // Return prepared content
+ return $content;
+}
+
+// Template helper to generate a selection box for encryption alogrithms
+function doTemplateSelectWernisEncryptionMode ($templateName, $clear = FALSE, $default = NULL) {
+ // Get all available modes
+ $modes = getSupportedEncryptionModes();
+
+ // Init array
+ $options = array();
+
+ // And fill it
+ foreach ($modes as $key => $dummy) {
+ $options[$key] = array('modes' => $key);
+ } // END - if
+
+ // Handle it over to generateSelectionBoxFromArray()
+ $content = generateSelectionBoxFromArray($options, 'wernis_encryption_mode', 'modes', '', '_wernis', '', $default, '', TRUE, FALSE);
+
+ // Return prepared content
+ return $content;
+}
+
//-----------------------------------------------------------------------------
// Wrapper functions
//-----------------------------------------------------------------------------
return $GLOBALS[__FUNCTION__];
}
+// Wrapper function for 'wernis_base_url'
+function getWernisBaseUrl () {
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__])) {
+ // Get config entry
+ $GLOBALS[__FUNCTION__] = getConfig('wernis_base_url');
+ } // END - if
+
+ // Return cache
+ return $GLOBALS[__FUNCTION__];
+}
+
+// Wrapper function for 'wernis_encryption_algorithm'
+function getWernisEncryptionAlgorithm () {
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__])) {
+ // Get config entry
+ $GLOBALS[__FUNCTION__] = getConfig('wernis_encryption_algorithm');
+ } // END - if
+
+ // Return cache
+ return $GLOBALS[__FUNCTION__];
+}
+
+// Wrapper function for 'wernis_encryption_mode'
+function getWernisEncryptionMode () {
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__])) {
+ // Get config entry
+ $GLOBALS[__FUNCTION__] = getConfig('wernis_encryption_mode');
+ } // END - if
+
+ // Return cache
+ return $GLOBALS[__FUNCTION__];
+}
+
+// Wrapper function for 'wernis_private_key'
+function getWernisPrivateKey () {
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__])) {
+ // Get config entry
+ $GLOBALS[__FUNCTION__] = getConfig('wernis_private_key');
+ } // END - if
+
+ // Return cache
+ return $GLOBALS[__FUNCTION__];
+}
+
// [EOF]
?>
projects / mailer.git / blobdiff