function verify_user($url_user, $db) { if (!$url_user || !preg_match('/^[A-Z0-9._-]+$/i', $url_user)) { report_problem(WEAVE_ERROR_INVALID_USERNAME, 400); } $auth_user = array_key_exists('PHP_AUTH_USER', $_SERVER) ? $_SERVER['PHP_AUTH_USER'] : null; $auth_pw = array_key_exists('PHP_AUTH_PW', $_SERVER) ? $_SERVER['PHP_AUTH_PW'] : null; if (is_null($auth_user) || is_null($auth_pw)) { /* CGI/FCGI auth workarounds */ $auth_str = null; if (array_key_exists('Authorization', $_SERVER)) { /* Standard fastcgi configuration */ $auth_str = $_SERVER['Authorization']; } else { if (array_key_exists('AUTHORIZATION', $_SERVER)) { /* Alternate fastcgi configuration */ $auth_str = $_SERVER['AUTHORIZATION']; } else { if (array_key_exists('HTTP_AUTHORIZATION', $_SERVER)) { /* IIS/ISAPI and newer (yet to be released) fastcgi */ $auth_str = $_SERVER['HTTP_AUTHORIZATION']; } else { if (array_key_exists('REDIRECT_HTTP_AUTHORIZATION', $_SERVER)) { /* mod_rewrite - per-directory internal redirect */ $auth_str = $_SERVER['REDIRECT_HTTP_AUTHORIZATION']; } } } } if (!is_null($auth_str)) { /* Basic base64 auth string */ if (preg_match('/Basic\\s+(.*)$/', $auth_str)) { $auth_str = substr($auth_str, 6); $auth_str = base64_decode($auth_str, true); if ($auth_str != FALSE) { $tmp = explode(':', $auth_str); if (count($tmp) == 2) { $auth_user = $tmp[0]; $auth_pw = $tmp[1]; } } } } } if (!$auth_user || !$auth_pw) { log_error("Auth failed 1 {"); log_error(" User pw: " . $auth_user . " | " . $auth_pw); log_error(" Url_user: "******"}"); report_problem('Authentication failed', '401'); } $url_user = strtolower($url_user); if (strtolower($auth_user) != $url_user) { log_error("(140) Missmatch:" . strtolower($auth_user) . "|" . $url_user); report_problem(WEAVE_ERROR_USERID_PATH_MISMATCH, 400); } try { if (!$db->authenticate_user(fix_utf8_encoding($auth_pw))) { log_error("Auth failed 2 {"); log_error(" User pw: " . $auth_user . "|" . $auth_pw . "|md5:" . md5($auth_pw) . "|fix:" . fix_utf8_encoding($auth_pw) . "|fix md5 " . md5(fix_utf8_encoding($auth_pw))); log_error(" Url_user: "******"}"); report_problem('Authentication failed', '401'); } } catch (Exception $e) { header("X-Weave-Backoff: 1800"); log_error($e->getMessage(), $e->getCode()); report_problem($e->getMessage(), $e->getCode()); } return true; }
The JSON payload should include Field Description password The password to be associated with the account. email Email address associated with the account captcha-challenge The challenge string from the captcha (see miscellaneous functions below) captcha-response The response to the captcha. Only required if WEAVE_REGISTER_USE_CAPTCHA is set */ log_error("PUT"); $data = get_json(); log_error(print_r($data, true)); //werte vorhanden if ($data == NULL) { report_problem(WEAVE_ERROR_JSON_PARSE, 400); } $name = $username; $pwd = fix_utf8_encoding($data['password']); $email = $data['email']; if ($email == '') { log_error('create user datenfehler'); report_problem(WEAVE_ERROR_NO_EMAIL, 400); } else { if ($pwd == '') { log_error('create user datenfehler'); report_problem(WEAVE_ERROR_MISSING_PASSWORD, 400); } } if ($name == '' || $pwd == '' || $email == '') { log_error('create user datenfehler'); report_problem(WEAVE_ERROR_JSON_PARSE, 400); } log_error("create user " . $name . " pw : " . $pwd);