Ejemplo n.º 1
0
function checkToken($conf, $token)
{
    //http://code.google.com/p/google-reader-api/wiki/ActionToken
    $user = Minz_Session::param('currentUser', '_');
    logMe('checkToken(' . $token . ")\n");
    $system_conf = Minz_Configuration::get('system');
    if ($token === str_pad(sha1($system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z')) {
        return true;
    }
    unauthorized();
}
Ejemplo n.º 2
0
$dbName = $config['database']['database'];
$tableName = $config['database']['tableName'];
$debug = $config['settings']['debug'];
//echo "<html><head><title>LocInfo Table Viewer</title></head>";
//echo "<body>";
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
    $config['database']['username'] = $_SERVER['PHP_AUTH_USER'];
    $config['database']['password'] = $_SERVER['PHP_AUTH_PW'];
    $user = $config['database']['username'];
    //echo "user: $user";
    if (!$db->connect($config['database'])) {
        unauthorized();
        exit;
    }
} else {
    unauthorized();
    exit;
}
echo "Successfully connected to database: {$database} at host: {$hostname} as user: {$user}<br>";
echo "Retrieving info from table: {$tableName}<br>";
// sending query
$result = $db->getTable($tableName);
if (!$result) {
    die("Query to select data from table {$tableName} failed. Check tablename.<br>\n");
}
$fields_num = mysql_num_fields($result);
echo "<h1>Table: {$table}</h1>";
echo "<table border='1'><tr>";
// printing table headers
for ($i = 0; $i < $fields_num; $i++) {
    $field = mysql_fetch_field($result);
Ejemplo n.º 3
0
/**
 * Adding Middle Layer to authenticate every request
 * Checking if the request has valid api key in the 'Authorization' header
 *
 * @param \Slim\Route $route Rota
 */
function authorize(\Slim\Route $route)
{
    if (AUTHORIZATION_ENABLED) {
        global $log;
        $log->Debug("Autorizando aplicação.");
        $app = \Slim\Slim::getInstance();
        if ($app->request()->headers(AUTHORIZATION_HEADER) == null) {
            $log->Debug("Cabeçalho de autorização não informado.");
            unauthorized($log);
        }
        $authorizationHeader = $app->request()->headers(AUTHORIZATION_HEADER);
        if (strpos($authorizationHeader, 'Bearer') !== 0) {
            $log->Debug("Tipo de autorização não é Bearer.");
            unauthorized($log);
        }
        $method = $app->request()->getMethod();
        $data = null;
        if ($method != "GET") {
            $data = $app->request()->getBody();
        }
        $accessToken = trim(preg_replace('/^(?:\\s+)?Bearer\\s/', '', $authorizationHeader));
        // verifica se o token de acesso foi informado, se foi verifica se está possui acesso
        if (!isset($accessToken) || !Authorization::isAuthorized($accessToken, $data)) {
            unauthorized($log);
        }
    }
}
Ejemplo n.º 4
0
}
$function = $route->getFunctionName();
$params = $route->getParameterValues();
// Execute controller
try {
    $controller = new $class($serviceFactory, $env->input(), $env->getConfig(), $env->auth(), $env);
    if ($params) {
        $output = call_user_func_array(array($controller, $function), $params);
    } else {
        $output = $controller->{$function}();
    }
    echo $output;
} catch (NotFoundException $e) {
    notFound($format, $route->getUri());
} catch (UnauthorizedException $e) {
    unauthorized($format, $e, $route->getUri());
    // User safe error message (usually invalid input, etc)
} catch (UserSafeException $e) {
    userError($format, $e);
    // Unexpected Exception
} catch (Exception $e) {
    serverError($format, $e, $env->isProduction());
}
function notFound($format, $uri)
{
    http_response_code(404);
    if ($format == 'plain') {
        echo "Resource Not Found\nThere is no resource located at {$uri}\n";
    } else {
        if ($format == 'html') {
            $view = ViewFactory::createView('Error\\NotFound');