Beispiel #1
0
<?php

require_once "includes/session.inc";
require_once "includes/db.class.inc";
function reconstruct($shares)
{
    $command = '/usr/bin/python /var/www/html/mfa/sss/toyapp.py decrypt ' . json_encode($shares);
    //implode(',',$shares).']';
    $result = exec($command, $status);
    return $result;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    if (is_session_active()) {
        //$shares = array($_POST['1'] , $_POST['2'], $_POST['3']);
        $shares = array();
        if (!empty($_POST['1'])) {
            array_push($shares, $_POST['1']);
        }
        if (!empty($_POST['2'])) {
            array_push($shares, $_POST['2']);
        }
        if (!empty($_POST['3'])) {
            array_push($shares, $_POST['3']);
        }
        //var_dump($shares);
        $reconstructed_secret = reconstruct($shares);
        $db = new DBConnection();
        $db->connect();
        $user = get_user_info();
        $secret = $db->query('secret', 'secret', "uid='{$user}'", null, null, null)[0]['secret'];
        $db->delete('secret', "uid='{$user}'");
Beispiel #2
0
** Last revision: 2010-03-09
*************************************************************************/
session_start();
require_once 'include/common.inc.php';
require_once 'include/review_forms.php';
require_once 'include/header.php';
require_once 'include/jquery.php';
$post_vars = array("stage", "substage", "username", "password", "requestid", "sessionid", "notes", "initials");
foreach ($post_vars as $post_var) {
    $post_var = "fm_" . $post_var;
    ${$post_var} = isset($_POST[$post_var]) ? $_POST[$post_var] : "";
}
// Use the Bronto SessionID to establish a binding to the active session.
if ($fm_sessionid) {
    $bapi = connect_bronto_session($fm_sessionid);
    if (!is_session_active($bapi)) {
        display_errorbox("Your " . APP_NAME . " session has expired; please log in again.<br/>[id=" . $fm_sessionid . "]");
        $fm_stage = "start";
    }
} else {
    $bapi = null;
}
if (empty($fm_stage) || $fm_stage == "start") {
    $request_id = null;
    if (isset($_GET['fm_requestid'])) {
        $request_id = $_GET['fm_requestid'];
        if (!empty($_SESSION['username'])) {
            $dbh = open_db();
            //ab
            prepare_message_review($dbh, $request_id);
            //ab
Beispiel #3
0
<!--Site Controller-->
<?php 
include "sanitization.php";
$result = "";
// We don't want to do anything unless there is an active session
if (isset($_POST['type']) && is_session_active()) {
    // What kind of request is this?
    // Make sure it's not something nasty
    $request_type = sanitizeMYSQL($connection, $_POST['type']);
    // What do we want to do with it?
    switch ($request_type) {
        case "logout":
            logout();
            $result = "success";
            break;
        case "search":
            // If the search query didn't make it through we don't want to do anything.
            if (isset($_POST['value'])) {
                $search_string = $_POST['value'];
                $result = find_cars($connection, $search_string);
            } else {
                $result = "failure";
            }
            break;
        case "rent":
            if (isset($_POST['value'])) {
                // This should work
                $result = rent_car($connection, $_POST['value']);
            } else {
                $result = "failure";
            }