function verify_user($url_user, $db)
{
if (!$url_user || !preg_match('/^[A-Z0-9._-]+$/i', $url_user)) {
report_problem(WEAVE_ERROR_INVALID_USERNAME, 400);
}
$auth_user = array_key_exists('PHP_AUTH_USER', $_SERVER) ? $_SERVER['PHP_AUTH_USER'] : null;
$auth_pw = array_key_exists('PHP_AUTH_PW', $_SERVER) ? $_SERVER['PHP_AUTH_PW'] : null;
if (is_null($auth_user) || is_null($auth_pw)) {
/* CGI/FCGI auth workarounds */
$auth_str = null;
if (array_key_exists('Authorization', $_SERVER)) {
/* Standard fastcgi configuration */
$auth_str = $_SERVER['Authorization'];
} else {
if (array_key_exists('AUTHORIZATION', $_SERVER)) {
/* Alternate fastcgi configuration */
$auth_str = $_SERVER['AUTHORIZATION'];
} else {
if (array_key_exists('HTTP_AUTHORIZATION', $_SERVER)) {
/* IIS/ISAPI and newer (yet to be released) fastcgi */
$auth_str = $_SERVER['HTTP_AUTHORIZATION'];
} else {
if (array_key_exists('REDIRECT_HTTP_AUTHORIZATION', $_SERVER)) {
/* mod_rewrite - per-directory internal redirect */
$auth_str = $_SERVER['REDIRECT_HTTP_AUTHORIZATION'];
}
}
}
}
if (!is_null($auth_str)) {
/* Basic base64 auth string */
if (preg_match('/Basic\\s+(.*)$/', $auth_str)) {
$auth_str = substr($auth_str, 6);
$auth_str = base64_decode($auth_str, true);
if ($auth_str != FALSE) {
$tmp = explode(':', $auth_str);
if (count($tmp) == 2) {
$auth_user = $tmp[0];
$auth_pw = $tmp[1];
}
}
}
}
}
if (!$auth_user || !$auth_pw) {
log_error("Auth failed 1 {");
log_error(" User pw: " . $auth_user . " | " . $auth_pw);
log_error(" Url_user: "******"}");
report_problem('Authentication failed', '401');
}
$url_user = strtolower($url_user);
if (strtolower($auth_user) != $url_user) {
log_error("(140) Missmatch:" . strtolower($auth_user) . "|" . $url_user);
report_problem(WEAVE_ERROR_USERID_PATH_MISMATCH, 400);
}
try {
if (!$db->authenticate_user(fix_utf8_encoding($auth_pw))) {
log_error("Auth failed 2 {");
log_error(" User pw: " . $auth_user . "|" . $auth_pw . "|md5:" . md5($auth_pw) . "|fix:" . fix_utf8_encoding($auth_pw) . "|fix md5 " . md5(fix_utf8_encoding($auth_pw)));
log_error(" Url_user: "******"}");
report_problem('Authentication failed', '401');
}
} catch (Exception $e) {
header("X-Weave-Backoff: 1800");
log_error($e->getMessage(), $e->getCode());
report_problem($e->getMessage(), $e->getCode());
}
return true;
}
The JSON payload should include
Field Description
password The password to be associated with the account.
email Email address associated with the account
captcha-challenge The challenge string from the captcha (see miscellaneous functions below)
captcha-response The response to the captcha. Only required if WEAVE_REGISTER_USE_CAPTCHA is set
*/
log_error("PUT");
$data = get_json();
log_error(print_r($data, true));
//werte vorhanden
if ($data == NULL) {
report_problem(WEAVE_ERROR_JSON_PARSE, 400);
}
$name = $username;
$pwd = fix_utf8_encoding($data['password']);
$email = $data['email'];
if ($email == '') {
log_error('create user datenfehler');
report_problem(WEAVE_ERROR_NO_EMAIL, 400);
} else {
if ($pwd == '') {
log_error('create user datenfehler');
report_problem(WEAVE_ERROR_MISSING_PASSWORD, 400);
}
}
if ($name == '' || $pwd == '' || $email == '') {
log_error('create user datenfehler');
report_problem(WEAVE_ERROR_JSON_PARSE, 400);
}
log_error("create user " . $name . " pw : " . $pwd);
