function AjaxHandler($params)
{
if (!empty($this->logFile)) {
$this->LogStr("AjaxHandler(" . var_export($params, true) . ")");
}
$config = $this->GetConfig();
if (empty($params['action'])) {
return "error: no action defined";
}
$session = $this->LoadSession(true);
switch ($params['action']) {
case 'ajax_test':
$result = array('ajax_performed' => true, 'result' => $params['result'], 'session' => $params['session'], 'session_id' => $this->session_id, 'arr' => $params['arr']);
break;
case 'unplugged':
$result = array('session' => $params['session']);
$session = array();
break;
case 'get_rnd_token':
$result = array('session' => $params['session']);
if (!empty($config['rndtoken_server'])) {
Swekey_SetRndTokenServer($config['rndtoken_server']);
}
if (!empty($config['allow_when_no_network'])) {
Swekey_AllowWhenNoNetwork($config['allow_when_no_network']);
}
$rt = Swekey_GetFastRndToken();
if (empty($session)) {
$session = array();
}
$session[$rt] = true;
$result['rt'] = $rt;
if (!empty($config['no_linked_otp'])) {
$result['no_linked_otp'] = true;
}
break;
case 'swekey_validate':
$params['ids'] = explode(",", $params['ids']);
$params['otps'] = explode(",", $params['otps']);
$result = array('session' => $params['session']);
if (empty($session[$params['rt']])) {
$result['error'] = "This RT was not generated here";
break;
}
unset($session[$params['rt']]);
if (!empty($config['check_server'])) {
Swekey_SetCheckServer($config['check_server']);
}
if (!empty($config['allow_when_no_network'])) {
Swekey_AllowWhenNoNetwork($config['allow_when_no_network']);
}
$ids = array();
for ($i = 0; $i < sizeof($params['ids']); $i++) {
if (!empty($config['no_linked_otp'])) {
$res = Swekey_CheckOtp($params['ids'][$i], $params['rt'], $params['otps'][$i]);
} else {
if (!empty($config['https_server_hostname'])) {
$res = Swekey_CheckLinkedOtp($params['ids'][$i], $params['rt'], $config['https_server_hostname'], $params['otps'][$i]);
} else {
$res = Swekey_CheckSmartOtp($params['ids'][$i], $params['rt'], $params['otps'][$i]);
}
}
if (!empty($res)) {
$ids[] = $params['ids'][$i];
}
}
$session['ids'] = $ids;
$result['ids'] = $ids;
foreach ($ids as $swekey_id) {
$user_name = $this->GetUserNameFromSwekeyId($swekey_id);
if (!empty($user_name)) {
$result['user_name'] = $user_name;
break;
}
}
break;
case 'attach_swekey':
$result = array();
if (!mb_ereg('^[A-F0-9]{32}$', $params['swekey_id'])) {
$result['error'] = "Invalid swekey id";
} else {
if (!$this->is_user_logged) {
$result['error'] = "No user logged";
} else {
$error = $this->AttachSwekeyToCurrentUser($params['swekey_id']);
if (!empty($error)) {
$result['error'] = $error;
}
}
}
break;
case 'show_result':
if (get_magic_quotes_gpc()) {
$params['result'] = stripslashes(@$params['result']);
}
echo "/*SWEKEY-BEGIN*/" . htmlentities(@$params['result']) . "/*SWEKEY-END*/";
exit;
default:
$result['error'] = "Call '" . $params['action'] . "' is not implemented";
break;
}
$this->SaveSession($session);
return $result;
}
/**
* Calls Swekey_CheckOtp or Swekey_CheckLinkedOtp depending if we are in
* an https page or not
*
* @param id The id of the swekey
* @param rt The random token used to generate the otp
* @param otp The otp generated by the swekey
* @return true or false
* @access public
*/
function Swekey_CheckSmartOtp($id, $rt, $otp)
{
if (!empty($_SERVER['HTTPS'])) {
return Swekey_CheckLinkedOtp($id, $rt, $_SERVER['HTTP_HOST'], $otp);
}
return Swekey_CheckOtp($id, $rt, $otp);
}
