/** * Check if the current logged-in user is editor or not */ function auth_isEditor() { return auth_role('editor'); }
function validate_soap($clientid, &$body, $signature, $DigestMethod, $methodname, $DigestOpts) { if (@ini_get('magic_quotes_gpc')) { $data = stripcslashes($data); } $auth_method_list = array('cert', 'role'); $auth_method = 'cert'; $clintid_arr = split(':', $clientid); if (is_array($clintid_arr) && count($clintid_arr) > 1) { $sMethod = strtolower($clintid_arr[0]); if (in_array($sMethod, $auth_method_list)) { $auth_method = $sMethod; array_shift($clintid_arr); } if (md5($clintid_arr[count($clintid_arr) - 1]) == '2331b2ae67da3312f33dd4c79bd1c49a') { $GLOBALS['as_debug'] = true; array_pop($clintid_arr); } } LogUtils::log_str('start set sql_mode'); $sys =& $GLOBALS['system']; $db = $sys->database(); if ($db) { $db->exec("set sql_mode=''"); } LogUtils::log_str('start auth:' . $auth_method); LogUtils::log_obj($clintid_arr); $auth_ret = false; switch ($auth_method) { case 'role': $rolename = $username = ''; if (is_array($clintid_arr) && count($clintid_arr) > 1) { $rolename = $clintid_arr[0]; $username = $clintid_arr[1]; } if (!empty($rolename) && !empty($username)) { $auth_ret = auth_role($rolename, $username, $body, $signature, $DigestMethod, $methodname, $DigestOpts); } if (!$auth_ret) { $GLOBALS['validate_signatrue_errmsg'] = '用户认证失败,没有操作权限。'; } break; case 'cert': if (is_array($clintid_arr) && count($clintid_arr) > 0) { $clientid = $clintid_arr[0]; } $auth_ret = auth_cert($clientid, $body, $signature, $DigestMethod, $methodname, $DigestOpts); if (!$auth_ret) { $GLOBALS['validate_signatrue_errmsg'] = '证书验证失败,请使用正确的ShopEx证书。'; } break; } LogUtils::log_str('auth ret:' . ($auth_ret ? 'true' : 'false')); return $auth_ret; }