} else {
$auth_message .= "| Incoming or outgoing counter is missing; counters not updated. ";
}
if ($_REQUEST['stage'] == STAGE_LOGOUT) {
$authenticator->logout($info['conn_id']);
$auth_message .= "| User is now logged out. ";
}
if ($_REQUEST['stage'] == STAGE_COUNTERS) {
if ($info['token_status'] == TOKEN_INUSE) {
/* This is for the 15 minutes validation period, the exact same code is also present when the stage is login. If you update this one don't forget to update the other one! */
if ($info['account_status'] == ACCOUNT_STATUS_VALIDATION && $info['validation_grace_time_expired'] == 't') {
$auth_response = ACCOUNT_STATUS_VALIDATION_FAILED;
$auth_message .= "| The validation grace period which began at " . $info['reg_date'] . " has now expired. ";
} else {
/* TODO: This is a bit hackish, it's a shortcut untill the Token architecture uniform connection limit calculations are in place. */
$abuseControlFault = User::isAbuseControlViolated(User::getObject($info['user_id']), $info['user_mac'], Node::getObject($info['node_id']));
if ($abuseControlFault) {
$auth_response = ACCOUNT_STATUS_DENIED;
$auth_message .= "| {$abuseControlFault} ";
$authenticator->logout($info['conn_id']);
$auth_message .= "| User is now logged out. ";
} else {
$auth_response = $info['account_status'];
}
}
} else {
$auth_response = ACCOUNT_STATUS_DENIED;
$auth_message .= "| Invalid token status: " . $token_to_text[$info['token_status']] . ". ";
}
}
} else {
/** Generate a token in the connection table so the user can actually use the internet
@return true on success, false on failure
*/
function generateConnectionTokenNoSession($node, $node_ip = null, $mac = null)
{
if ($this->isUserValid()) {
$db = AbstractDb::getObject();
$token = self::generateToken();
if ($node_ip && $node) {
//echo "$session && $node_ip && {$session->get(SESS_NODE_ID_VAR)}";
$node_id = $node->getId();
$abuseControlFault = User::isAbuseControlViolated($this, $mac, $node);
if ($abuseControlFault) {
throw new Exception($abuseControlFault);
}
$mac = is_null($mac) ? '' : $db->escapeString($mac);
/*
* Delete all unused tokens for this user, so we don't fill the database
* with them
*/
$sql = "DELETE FROM connections USING tokens " . "WHERE tokens.token_id=connections.token_id AND token_status='" . TOKEN_UNUSED . "' AND user_id = '" . $this->getId() . "';\n";
// TODO: Try to find a reusable token before creating a brand new one!
$sql .= "INSERT INTO tokens (token_owner, token_issuer, token_id, token_status) VALUES ('" . $this->getId() . "', '" . $this->getId() . "', '{$token}', '" . TOKEN_UNUSED . "');\n";
$sql .= "INSERT INTO connections (user_id, token_id, timestamp_in, node_id, node_ip, last_updated, user_mac) VALUES ('" . $this->getId() . "', '{$token}', CURRENT_TIMESTAMP, '{$node_id}', '{$node_ip}', CURRENT_TIMESTAMP, '{$mac}')";
$db->execSqlUpdate($sql, false);
$retval = $token;
} else {
$retval = false;
}
} else {
$retval = false;
}
return $retval;
}
