public static function purge()
{
$whereClause = 'action_count=0 OR (action_count=-1 AND expiration<:time)';
$params = array(array('id' => ':time', 'value' => time()));
$tokens = Token::search($whereClause, $params);
foreach ($tokens as $token) {
$token->delete();
}
}
public static function checkRights($page, $action, $token)
{
loadClass('status');
loadClass('token');
loadClass('action');
loadClass('right');
loadClass('customer');
if (is_null($action)) {
Functions::setResponse(400);
}
$pagename = str_replace('.php', '', basename($page));
$actionName = $pagename . '-' . $action;
$whereClause = 'name=:name';
$params = array(array('id' => ':name', 'value' => $actionName));
$result = Action::search($whereClause, $params);
if (!count($result)) {
echo 'Please update actions and rights!';
Functions::setResponse(500);
}
$action = $result[0];
define('LOGGED_OUT_STATUS', 'standard');
$loggedOut = false;
if (is_null($token) || strtolower($token) == 'none') {
$loggedOut = true;
} else {
$whereClause = 'value=:value';
$params = array(array('id' => ':value', 'value' => $token));
$result = Token::search($whereClause, $params);
if (!count($result)) {
Functions::setResponse(498);
} else {
$token = $result[0];
$customer = new Customer($token->get('customerId'));
$status = new Status($customer->get('statusId'));
}
}
if ($loggedOut) {
$whereClause = 'name=:name';
$params = array(array('id' => ':name', 'value' => LOGGED_OUT_STATUS));
$result = Status::search($whereClause, $params);
if (!count($result)) {
Functions::setResponse(500);
}
$status = $result[0];
}
$whereClause = 'action_id=:action_id AND status_id=:status_id';
$params = array(array('id' => ':action_id', 'value' => $action->get('id')), array('id' => ':status_id', 'value' => $status->get('id')));
$result = Right::search($whereClause, $params);
if (!count($result)) {
Functions::setResponse(401);
}
if ($result[0]->get('right') == 'deny') {
Functions::setResponse(401);
}
}
function logoutUser()
{
$data = Functions::getJSONData();
$tokenValue = Functions::elt($data, 'tokenValue');
if (is_null($tokenValue)) {
Functions::setResponse(400);
}
$whereClause = 'value=:tokenValue';
$params = array(array('id' => ':tokenValue', 'value' => $tokenValue));
$results = Token::search($whereClause, $params);
if (!count($results)) {
return true;
}
foreach ($results as $result) {
$result->delete();
}
return true;
}
