function checkToken($conf, $token)
{
//http://code.google.com/p/google-reader-api/wiki/ActionToken
$user = Minz_Session::param('currentUser', '_');
logMe('checkToken(' . $token . ")\n");
$system_conf = Minz_Configuration::get('system');
if ($token === str_pad(sha1($system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z')) {
return true;
}
unauthorized();
}
$dbName = $config['database']['database'];
$tableName = $config['database']['tableName'];
$debug = $config['settings']['debug'];
//echo "<html><head><title>LocInfo Table Viewer</title></head>";
//echo "<body>";
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
$config['database']['username'] = $_SERVER['PHP_AUTH_USER'];
$config['database']['password'] = $_SERVER['PHP_AUTH_PW'];
$user = $config['database']['username'];
//echo "user: $user";
if (!$db->connect($config['database'])) {
unauthorized();
exit;
}
} else {
unauthorized();
exit;
}
echo "Successfully connected to database: {$database} at host: {$hostname} as user: {$user}<br>";
echo "Retrieving info from table: {$tableName}<br>";
// sending query
$result = $db->getTable($tableName);
if (!$result) {
die("Query to select data from table {$tableName} failed. Check tablename.<br>\n");
}
$fields_num = mysql_num_fields($result);
echo "<h1>Table: {$table}</h1>";
echo "<table border='1'><tr>";
// printing table headers
for ($i = 0; $i < $fields_num; $i++) {
$field = mysql_fetch_field($result);
/**
* Adding Middle Layer to authenticate every request
* Checking if the request has valid api key in the 'Authorization' header
*
* @param \Slim\Route $route Rota
*/
function authorize(\Slim\Route $route)
{
if (AUTHORIZATION_ENABLED) {
global $log;
$log->Debug("Autorizando aplicação.");
$app = \Slim\Slim::getInstance();
if ($app->request()->headers(AUTHORIZATION_HEADER) == null) {
$log->Debug("Cabeçalho de autorização não informado.");
unauthorized($log);
}
$authorizationHeader = $app->request()->headers(AUTHORIZATION_HEADER);
if (strpos($authorizationHeader, 'Bearer') !== 0) {
$log->Debug("Tipo de autorização não é Bearer.");
unauthorized($log);
}
$method = $app->request()->getMethod();
$data = null;
if ($method != "GET") {
$data = $app->request()->getBody();
}
$accessToken = trim(preg_replace('/^(?:\\s+)?Bearer\\s/', '', $authorizationHeader));
// verifica se o token de acesso foi informado, se foi verifica se está possui acesso
if (!isset($accessToken) || !Authorization::isAuthorized($accessToken, $data)) {
unauthorized($log);
}
}
}
}
$function = $route->getFunctionName();
$params = $route->getParameterValues();
// Execute controller
try {
$controller = new $class($serviceFactory, $env->input(), $env->getConfig(), $env->auth(), $env);
if ($params) {
$output = call_user_func_array(array($controller, $function), $params);
} else {
$output = $controller->{$function}();
}
echo $output;
} catch (NotFoundException $e) {
notFound($format, $route->getUri());
} catch (UnauthorizedException $e) {
unauthorized($format, $e, $route->getUri());
// User safe error message (usually invalid input, etc)
} catch (UserSafeException $e) {
userError($format, $e);
// Unexpected Exception
} catch (Exception $e) {
serverError($format, $e, $env->isProduction());
}
function notFound($format, $uri)
{
http_response_code(404);
if ($format == 'plain') {
echo "Resource Not Found\nThere is no resource located at {$uri}\n";
} else {
if ($format == 'html') {
$view = ViewFactory::createView('Error\\NotFound');