public function generateInitialJSCode($datasource, $options, $dbspecification, $debug)
{
$q = '"';
$generatedPrivateKey = null;
$passPhrase = null;
/*
* Decide the params.php file and load it.
*/
$currentDir = dirname(__FILE__) . DIRECTORY_SEPARATOR;
$currentDirParam = $currentDir . 'params.php';
$parentDirParam = dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'params.php';
if (file_exists($parentDirParam)) {
include $parentDirParam;
} else {
if (file_exists($currentDirParam)) {
include $currentDirParam;
}
}
/*
* Read the JS programs regarding by the developing or deployed.
*/
if (file_exists($currentDir . 'INTER-Mediator-Lib.js')) {
echo $this->combineScripts($currentDir);
} else {
readfile($currentDir . 'INTER-Mediator.js');
}
/*
* Generate the link to the definition file editor
*/
$relativeToDefFile = '';
$editorPath = dirname(__FILE__) . DIRECTORY_SEPARATOR . 'INTER-Mediator-Support';
$defFilePath = $_SERVER['DOCUMENT_ROOT'] . $_SERVER['SCRIPT_NAME'];
while (strpos($defFilePath, $editorPath) !== 0 && strlen($editorPath) > 1) {
$editorPath = dirname($editorPath);
$relativeToDefFile .= '..' . DIRECTORY_SEPARATOR;
}
$relativeToDefFile .= substr($defFilePath, strlen($editorPath) + 1);
$editorPath = dirname(__FILE__) . DIRECTORY_SEPARATOR . 'INTER-Mediator-Support' . DIRECTORY_SEPARATOR . 'defedit.html';
if (file_exists($editorPath)) {
$relativeToEditor = substr($editorPath, strlen($_SERVER['DOCUMENT_ROOT']));
$this->generateAssignJS("INTERMediatorOnPage.getEditorPath", "function(){return {$q}{$relativeToEditor}?target={$relativeToDefFile}{$q};}");
} else {
$this->generateAssignJS("INTERMediatorOnPage.getEditorPath", "function(){return '';}");
}
/*
* from db-class, determine the default key field string
*/
$defaultKey = null;
$dbClassName = 'DB_' . (isset($dbspecification['db-class']) ? $dbspecification['db-class'] : (isset($dbClass) ? $dbClass : ''));
require_once "{$dbClassName}.php";
if ((double) phpversion() < 5.3) {
$dbInstance = new $dbClassName();
if ($dbInstance != null) {
$defaultKey = $dbInstance->getDefaultKey();
}
} else {
$defaultKey = call_user_func(array($dbClassName, 'defaultKey'));
}
if ($defaultKey !== null) {
$items = array();
foreach ($datasource as $context) {
if (!array_key_exists('key', $context)) {
$context['key'] = $defaultKey;
}
$items[] = $context;
}
$datasource = $items;
}
/*
* Determine the uri of myself
*/
if (isset($callURL)) {
$pathToMySelf = $callURL;
} else {
if (isset($scriptPathPrefix) || isset($scriptPathSuffix)) {
$pathToMySelf = (isset($scriptPathPrefix) ? $scriptPathPrefix : '') . $_SERVER['SCRIPT_NAME'] . (isset($scriptPathSufix) ? $scriptPathSuffix : '');
} else {
$pathToMySelf = $_SERVER['SCRIPT_NAME'];
}
}
$this->generateAssignJS("INTERMediatorOnPage.getEntryPath", "function(){return {$q}{$pathToMySelf}{$q};}");
$this->generateAssignJS("INTERMediatorOnPage.getDataSources", "function(){return ", arrayToJSExcluding($datasource, '', array('password')), ";}");
$this->generateAssignJS("INTERMediatorOnPage.getOptionsAliases", "function(){return ", arrayToJS(isset($options['aliases']) ? $options['aliases'] : array(), ''), ";}");
$this->generateAssignJS("INTERMediatorOnPage.getOptionsTransaction", "function(){return ", arrayToJS(isset($options['transaction']) ? $options['transaction'] : '', ''), ";}");
$this->generateAssignJS("INTERMediatorOnPage.getDBSpecification", "function(){return ", arrayToJSExcluding($dbspecification, '', array('dsn', 'option', 'database', 'user', 'password', 'server', 'port', 'protocol', 'datatype')), ";}");
$isEmailAsUsernae = isset($options['authentication']) && isset($options['authentication']['email-as-username']) && $options['authentication']['email-as-username'] === true;
$this->generateAssignJS("INTERMediatorOnPage.isEmailAsUsername", $isEmailAsUsernae ? "true" : "false");
$messageClass = null;
if (isset($_SERVER["HTTP_ACCEPT_LANGUAGE"])) {
$clientLangArray = explode(',', $_SERVER["HTTP_ACCEPT_LANGUAGE"]);
foreach ($clientLangArray as $oneLanguage) {
$langCountry = explode(';', $oneLanguage);
if (strlen($langCountry[0]) > 0) {
$clientLang = explode('-', $langCountry[0]);
$messageClass = "MessageStrings_{$clientLang['0']}";
if (file_exists("{$currentDir}{$messageClass}.php")) {
$messageClass = new $messageClass();
break;
}
}
$messageClass = null;
}
}
if ($messageClass == null) {
require_once 'MessageStrings.php';
$messageClass = new MessageStrings();
}
$this->generateAssignJS("INTERMediatorOnPage.getMessages", "function(){return ", arrayToJS($messageClass->getMessages(), ''), ";}");
if (isset($options['browser-compatibility'])) {
$browserCompatibility = $options['browser-compatibility'];
}
$this->generateAssignJS("INTERMediatorOnPage.browserCompatibility", "function(){return ", arrayToJS($browserCompatibility, ''), ";}");
$clientIdSeed = time() + $_SERVER['REMOTE_ADDR'] + mt_rand();
$randomSecret = mt_rand();
$clientId = hash_hmac('sha256', $clientIdSeed, $randomSecret);
$this->generateAssignJS("INTERMediatorOnPage.clientNotificationIdentifier", "function(){return ", arrayToJS($clientId, ''), ";}");
$pusherParams = null;
if (isset($pusherParameters)) {
$pusherParams = $pusherParameters;
} else {
if (isset($options['pusher'])) {
$pusherParams = $options['pusher'];
}
}
if (!is_null($pusherParams)) {
$appKey = isset($pusherParams['key']) ? $pusherParams['key'] : "_im_key_isnt_supplied";
$chName = isset($pusherParams['channel']) ? $pusherParams['channel'] : "_im_pusher_default_channel";
$this->generateAssignJS("INTERMediatorOnPage.clientNotificationKey", "function(){return ", arrayToJS($appKey, ''), ";}");
$this->generateAssignJS("INTERMediatorOnPage.clientNotificationChannel", "function(){return ", arrayToJS($chName, ''), ";}");
}
if (isset($prohibitDebugMode) && $prohibitDebugMode) {
$this->generateAssignJS("INTERMediator.debugMode", "false");
} else {
$this->generateAssignJS("INTERMediator.debugMode", $debug === false ? "false" : $debug);
}
// Check Authentication
$boolValue = "false";
$requireAuthenticationContext = array();
if (isset($options['authentication'])) {
$boolValue = "true";
}
foreach ($datasource as $aContext) {
if (isset($aContext['authentication'])) {
$boolValue = "true";
$requireAuthenticationContext[] = $aContext['name'];
}
}
$this->generateAssignJS("INTERMediatorOnPage.requireAuthentication", $boolValue);
$this->generateAssignJS("INTERMediatorOnPage.authRequiredContext", arrayToJS($requireAuthenticationContext, ''));
$this->generateAssignJS("INTERMediatorOnPage.isNativeAuth", isset($options['authentication']) && isset($options['authentication']['user']) && $options['authentication']['user'][0] === 'database_native' ? "true" : "false");
$this->generateAssignJS("INTERMediatorOnPage.authStoring", $q, isset($options['authentication']) && isset($options['authentication']['storing']) ? $options['authentication']['storing'] : 'cookie', $q);
$this->generateAssignJS("INTERMediatorOnPage.authExpired", isset($options['authentication']) && isset($options['authentication']['authexpired']) ? $options['authentication']['authexpired'] : '3600');
$this->generateAssignJS("INTERMediatorOnPage.realm", $q, isset($options['authentication']) && isset($options['authentication']['realm']) ? $options['authentication']['realm'] : '', $q);
if (isset($generatedPrivateKey)) {
$rsa = new Crypt_RSA();
$rsa->setPassword($passPhrase);
$rsa->loadKey($generatedPrivateKey);
$rsa->setPassword();
$publickey = $rsa->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_RAW);
$this->generateAssignJS("INTERMediatorOnPage.publickey", "new biRSAKeyPair('", $publickey['e']->toHex(), "','0','", $publickey['n']->toHex(), "')");
}
}
public function generateInitialJSCode($datasource, $options, $dbspecification, $debug)
{
$q = '"';
$generatedPrivateKey = null;
$passPhrase = null;
$browserCompatibility = null;
$scriptPathPrefix = null;
$scriptPathSuffix = null;
$oAuthProvider = null;
$oAuthClientID = null;
$oAuthRedirect = null;
$dbClass = null;
$params = IMUtil::getFromParamsPHPFile(array("generatedPrivateKey", "passPhrase", "browserCompatibility", "scriptPathPrefix", "scriptPathSuffix", "oAuthProvider", "oAuthClientID", "oAuthRedirect", "passwordPolicy", "documentRootPrefix", "dbClass"), true);
$generatedPrivateKey = $params["generatedPrivateKey"];
$passPhrase = $params["passPhrase"];
$browserCompatibility = $params["browserCompatibility"];
$scriptPathPrefix = $params["scriptPathPrefix"];
$scriptPathSuffix = $params["scriptPathSuffix"];
$oAuthProvider = $params["oAuthProvider"];
$oAuthClientID = $params["oAuthClientID"];
$oAuthRedirect = $params["oAuthRedirect"];
$passwordPolicy = $params["passwordPolicy"];
$dbClass = $params["dbClass"];
$documentRootPrefix = is_null($params["documentRootPrefix"]) ? "" : $params["documentRootPrefix"];
/*
* Read the JS programs regarding by the developing or deployed.
*/
$currentDir = dirname(__FILE__) . DIRECTORY_SEPARATOR;
if (file_exists($currentDir . 'INTER-Mediator-Lib.js')) {
echo $this->combineScripts($currentDir);
} else {
readfile($currentDir . 'INTER-Mediator.js');
}
/*
* Generate the link to the definition file editor
*/
$relativeToDefFile = '';
$editorPath = dirname(__FILE__) . DIRECTORY_SEPARATOR . 'INTER-Mediator-Support';
$defFilePath = $_SERVER['DOCUMENT_ROOT'] . $_SERVER['SCRIPT_NAME'];
while (strpos($defFilePath, $editorPath) !== 0 && strlen($editorPath) > 1) {
$editorPath = dirname($editorPath);
$relativeToDefFile .= '..' . DIRECTORY_SEPARATOR;
}
$relativeToDefFile .= substr($defFilePath, strlen($editorPath) + 1);
$editorPath = dirname(__FILE__) . DIRECTORY_SEPARATOR . 'INTER-Mediator-Support' . DIRECTORY_SEPARATOR . 'defedit.html';
if (file_exists($editorPath)) {
$relativeToEditor = substr($editorPath, strlen($_SERVER['DOCUMENT_ROOT']));
$this->generateAssignJS("INTERMediatorOnPage.getEditorPath", "function(){return {$q}{$relativeToEditor}?target={$relativeToDefFile}{$q};}");
} else {
$this->generateAssignJS("INTERMediatorOnPage.getEditorPath", "function(){return '';}");
}
/*
* from db-class, determine the default key field string
*/
$defaultKey = null;
$dbClassName = 'DB_' . (isset($dbspecification['db-class']) ? $dbspecification['db-class'] : (!is_null($dbClass) ? $dbClass : ''));
if ($dbClassName !== 'DB_DefEditor' && $dbClassName !== 'DB_PageEditor') {
require_once "{$dbClassName}.php";
} else {
require_once dirname(__FILE__) . "/INTER-Mediator-Support/{$dbClassName}.php";
}
if ((double) phpversion() < 5.3) {
$dbInstance = new $dbClassName();
if ($dbInstance != null) {
$defaultKey = $dbInstance->getDefaultKey();
}
} else {
$defaultKey = call_user_func(array($dbClassName, 'defaultKey'));
}
if ($defaultKey !== null) {
$items = array();
foreach ($datasource as $context) {
if (!array_key_exists('key', $context)) {
$context['key'] = $defaultKey;
}
$items[] = $context;
}
$datasource = $items;
}
/*
* Determine the uri of myself
*/
if (isset($callURL)) {
$pathToMySelf = $callURL;
} else {
if (isset($scriptPathPrefix) || isset($scriptPathSuffix)) {
$pathToMySelf = (isset($scriptPathPrefix) ? $scriptPathPrefix : '') . filter_var($_SERVER['SCRIPT_NAME']) . (isset($scriptPathSufix) ? $scriptPathSuffix : '');
} else {
$pathToMySelf = filter_var($_SERVER['SCRIPT_NAME']);
}
}
$pathToIMRootDir = mb_ereg_replace("^{$documentRootPrefix}" . filter_var($_SERVER['DOCUMENT_ROOT']), "", dirname(__FILE__));
$this->generateAssignJS("INTERMediatorOnPage.getEntryPath", "function(){return {$q}{$pathToMySelf}{$q};}");
$this->generateAssignJS("INTERMediatorOnPage.getIMRootPath", "function(){return {$q}{$pathToIMRootDir}{$q};}");
$this->generateAssignJS("INTERMediatorOnPage.getDataSources", "function(){return ", arrayToJSExcluding($datasource, '', array('password')), ";}");
$this->generateAssignJS("INTERMediatorOnPage.getOptionsAliases", "function(){return ", arrayToJS(isset($options['aliases']) ? $options['aliases'] : array(), ''), ";}");
$this->generateAssignJS("INTERMediatorOnPage.getOptionsTransaction", "function(){return ", arrayToJS(isset($options['transaction']) ? $options['transaction'] : '', ''), ";}");
$this->generateAssignJS("INTERMediatorOnPage.getDBSpecification", "function(){return ", arrayToJSExcluding($dbspecification, '', array('dsn', 'option', 'database', 'user', 'password', 'server', 'port', 'protocol', 'datatype')), ";}");
$isEmailAsUsernae = isset($options['authentication']) && isset($options['authentication']['email-as-username']) && $options['authentication']['email-as-username'] === true;
$this->generateAssignJS("INTERMediatorOnPage.isEmailAsUsername", $isEmailAsUsernae ? "true" : "false");
$messageClass = null;
if (isset($_SERVER["HTTP_ACCEPT_LANGUAGE"])) {
$clientLangArray = explode(',', $_SERVER["HTTP_ACCEPT_LANGUAGE"]);
foreach ($clientLangArray as $oneLanguage) {
$langCountry = explode(';', $oneLanguage);
if (strlen($langCountry[0]) > 0) {
$clientLang = explode('-', $langCountry[0]);
if ($clientLang[0] === 'en') {
break;
}
$messageClass = "MessageStrings_{$clientLang['0']}";
if (file_exists("{$currentDir}{$messageClass}.php")) {
$messageClass = new $messageClass();
break;
}
}
$messageClass = null;
}
}
if ($messageClass == null) {
require_once 'MessageStrings.php';
$messageClass = new MessageStrings();
}
$this->generateAssignJS("INTERMediatorOnPage.getMessages", "function(){return ", arrayToJS($messageClass->getMessages(), ''), ";}");
if (isset($options['browser-compatibility'])) {
$browserCompatibility = $options['browser-compatibility'];
}
foreach ($browserCompatibility as $browser => $browserInfo) {
if (strtolower($browser) !== $browser) {
$browserCompatibility[strtolower($browser)] = $browserCompatibility[$browser];
unset($browserCompatibility[$browser]);
}
}
$this->generateAssignJS("INTERMediatorOnPage.browserCompatibility", "function(){return ", arrayToJS($browserCompatibility, ''), ";}");
$remoteAddr = filter_var($_SERVER['REMOTE_ADDR']);
if (is_null($remoteAddr) || $remoteAddr === FALSE) {
$remoteAddr = '0.0.0.0';
}
$clientIdSeed = time() + $remoteAddr + mt_rand();
$randomSecret = mt_rand();
$clientId = hash_hmac('sha256', $clientIdSeed, $randomSecret);
$this->generateAssignJS("INTERMediatorOnPage.clientNotificationIdentifier", "function(){return ", arrayToJS($clientId, ''), ";}");
$pusherParams = null;
if (isset($pusherParameters)) {
$pusherParams = $pusherParameters;
} else {
if (isset($options['pusher'])) {
$pusherParams = $options['pusher'];
}
}
if (!is_null($pusherParams)) {
$appKey = isset($pusherParams['key']) ? $pusherParams['key'] : "_im_key_isnt_supplied";
$chName = isset($pusherParams['channel']) ? $pusherParams['channel'] : "_im_pusher_default_channel";
$this->generateAssignJS("INTERMediatorOnPage.clientNotificationKey", "function(){return ", arrayToJS($appKey, ''), ";}");
$this->generateAssignJS("INTERMediatorOnPage.clientNotificationChannel", "function(){return ", arrayToJS($chName, ''), ";}");
}
$metadata = json_decode(file_get_contents(dirname(__FILE__) . DIRECTORY_SEPARATOR . "metadata.json"));
$this->generateAssignJS("INTERMediatorOnPage.metadata", "{version:{$q}{$metadata->version}{$q},releasedate:{$q}{$metadata->releasedate}{$q}}");
if (isset($prohibitDebugMode) && $prohibitDebugMode) {
$this->generateAssignJS("INTERMediator.debugMode", "false");
} else {
$this->generateAssignJS("INTERMediator.debugMode", $debug === false ? "false" : $debug);
}
// Check Authentication
$boolValue = "false";
$requireAuthenticationContext = array();
if (isset($options['authentication'])) {
$boolValue = "true";
}
foreach ($datasource as $aContext) {
if (isset($aContext['authentication'])) {
$boolValue = "true";
$requireAuthenticationContext[] = $aContext['name'];
}
}
$this->generateAssignJS("INTERMediatorOnPage.requireAuthentication", $boolValue);
$this->generateAssignJS("INTERMediatorOnPage.authRequiredContext", arrayToJS($requireAuthenticationContext, ''));
$ldap = new LDAPAuth();
// for PHP 5.2, 5.3
$this->generateAssignJS("INTERMediatorOnPage.isLDAP", $ldap->isActive ? "true" : "false");
$this->generateAssignJS("INTERMediatorOnPage.isOAuthAvailable", isset($oAuthProvider) ? "true" : "false");
$authObj = new OAuthAuth();
if ($authObj->isActive) {
$this->generateAssignJS("INTERMediatorOnPage.oAuthClientID", $q, $oAuthClientID, $q);
$this->generateAssignJS("INTERMediatorOnPage.oAuthBaseURL", $q, $authObj->oAuthBaseURL(), $q);
$this->generateAssignJS("INTERMediatorOnPage.oAuthRedirect", $q, $oAuthRedirect, $q);
$this->generateAssignJS("INTERMediatorOnPage.oAuthScope", $q, implode(' ', $authObj->infoScope()), $q);
}
$this->generateAssignJS("INTERMediatorOnPage.isNativeAuth", isset($options['authentication']) && isset($options['authentication']['user']) && $options['authentication']['user'][0] === 'database_native' ? "true" : "false");
$this->generateAssignJS("INTERMediatorOnPage.authStoring", $q, isset($options['authentication']) && isset($options['authentication']['storing']) ? $options['authentication']['storing'] : 'cookie', $q);
$this->generateAssignJS("INTERMediatorOnPage.authExpired", isset($options['authentication']) && isset($options['authentication']['authexpired']) ? $options['authentication']['authexpired'] : '3600');
$this->generateAssignJS("INTERMediatorOnPage.realm", $q, isset($options['authentication']) && isset($options['authentication']['realm']) ? $options['authentication']['realm'] : '', $q);
if (isset($generatedPrivateKey)) {
$rsa = new Crypt_RSA();
$rsa->setPassword($passPhrase);
$rsa->loadKey($generatedPrivateKey);
$rsa->setPassword();
$publickey = $rsa->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_RAW);
$this->generateAssignJS("INTERMediatorOnPage.publickey", "new biRSAKeyPair('", $publickey['e']->toHex(), "','0','", $publickey['n']->toHex(), "')");
if (in_array(sha1($generatedPrivateKey), array('413351603fa756ecd8270147d1a84e9a2de2a3f9', '094f61a9db51e0159fb0bf7d02a321d37f29a715')) && isset($_SERVER['SERVER_ADDR']) && $_SERVER['SERVER_ADDR'] !== '192.168.56.101') {
$this->generateDebugMessageJS('Please change the value of $generatedPrivateKey in params.php.');
}
}
if (isset($passwordPolicy)) {
$this->generateAssignJS("INTERMediatorOnPage.passwordPolicy", $q, $passwordPolicy, $q);
} else {
if (isset($options["authentication"]) && isset($options["authentication"]["password-policy"])) {
$this->generateAssignJS("INTERMediatorOnPage.passwordPolicy", $q, $options["authentication"]["password-policy"], $q);
}
}
if (isset($options['credit-including'])) {
$this->generateAssignJS("INTERMediatorOnPage.creditIncluding", $q, $options['credit-including'], $q);
}
}
/**
* @param $options
* @param null $access
* @param bool $bypassAuth
*/
function processingRequest($options, $access = null, $bypassAuth = false)
{
$this->logger->setDebugMessage("[processingRequest]", 2);
$this->outputOfProcessing = array();
$currentDir = dirname(__FILE__) . DIRECTORY_SEPARATOR;
// Message Class Detection
$messageClass = null;
if (isset($_SERVER["HTTP_ACCEPT_LANGUAGE"])) {
$clientLangArray = explode(',', $_SERVER["HTTP_ACCEPT_LANGUAGE"]);
foreach ($clientLangArray as $oneLanguage) {
$langCountry = explode(';', $oneLanguage);
if (strlen($langCountry[0]) > 0) {
$clientLang = explode('-', $langCountry[0]);
$messageClass = "MessageStrings_{$clientLang['0']}";
if (file_exists("{$currentDir}{$messageClass}.php")) {
$messageClass = new $messageClass();
break;
}
}
$messageClass = null;
}
}
if ($messageClass == null) {
$messageClass = new MessageStrings();
}
/* Aggregation Judgement */
$isSelect = $this->dbSettings->getAggregationSelect();
$isFrom = $this->dbSettings->getAggregationFrom();
$isGroupBy = $this->dbSettings->getAggregationGroupBy();
$isDBSupport = $this->dbClass->isSupportAggregation();
if (!$isDBSupport && ($isSelect || $isFrom || $isGroupBy)) {
$this->logger->setErrorMessage($messageClass->getMessageAs(1042));
$access = "do nothing";
} else {
if ($isDBSupport && ($isSelect && !$isFrom || !$isSelect && $isFrom)) {
$this->logger->setErrorMessage($messageClass->getMessageAs(1043));
$access = "do nothing";
} else {
if ($isDBSupport && $isSelect && $isFrom && in_array($access, array("update", "new", "create", "delete", "copy"))) {
$this->logger->setErrorMessage($messageClass->getMessageAs(1044));
$access = "do nothing";
}
}
}
// Authentication and Authorization
$tableInfo = $this->dbSettings->getDataSourceTargetArray();
$access = is_null($access) ? $_POST['access'] : $access;
$access = $access == "select" || $access == "load" ? "read" : $access;
$clientId = isset($_POST['clientid']) ? $_POST['clientid'] : (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "Non-browser-client");
$this->paramAuthUser = isset($_POST['authuser']) ? $_POST['authuser'] : "";
$paramResponse = isset($_POST['response']) ? $_POST['response'] : "";
$paramCryptResponse = isset($_POST['cresponse']) ? $_POST['cresponse'] : "";
$this->dbSettings->setRequireAuthentication(false);
$this->dbSettings->setRequireAuthorization(false);
$this->dbSettings->setDBNative(false);
if (isset($options['authentication']) || $access == 'challenge' || $access == 'changepassword' || isset($tableInfo['authentication']) && (isset($tableInfo['authentication']['all']) || isset($tableInfo['authentication'][$access]))) {
$this->dbSettings->setRequireAuthorization(true);
$this->dbSettings->setDBNative(false);
if (isset($options['authentication']['user']) && $options['authentication']['user'][0] == 'database_native') {
$this->dbSettings->setDBNative(true);
}
}
if (!$bypassAuth && $this->dbSettings->getRequireAuthorization()) {
// Authentication required
if (strlen($this->paramAuthUser) == 0 || strlen($paramResponse) == 0) {
// No username or password
$access = "do nothing";
$this->dbSettings->setRequireAuthentication(true);
}
// User and Password are suppried but...
if ($access != 'challenge') {
// Not accessing getting a challenge.
if ($this->dbSettings->isDBNative()) {
list($password, $challenge) = $this->decrypting($paramCryptResponse);
if ($password !== false) {
if (!$this->checkChallenge($challenge, $clientId)) {
$access = "do nothing";
$this->dbSettings->setRequireAuthentication(true);
} else {
$this->dbSettings->setUserAndPasswordForAccess($this->paramAuthUser, $password);
$this->logger->setDebugMessage("[checkChallenge] returns true.", 2);
}
} else {
$this->logger->setDebugMessage("Can't decrypt.");
$access = "do nothing";
$this->dbSettings->setRequireAuthentication(true);
}
} else {
$noAuthorization = true;
$authorizedGroups = $this->dbClass->getAuthorizedGroups($access);
$authorizedUsers = $this->dbClass->getAuthorizedUsers($access);
$this->logger->setDebugMessage(str_replace("\n", "", "contextName={$access}/access={$this->dbSettings->getTargetName()}/" . "authorizedUsers=" . var_export($authorizedUsers, true) . "/authorizedGroups=" . var_export($authorizedGroups, true)), 2);
if (count($authorizedUsers) == 0 && count($authorizedGroups) == 0) {
$noAuthorization = false;
} else {
$signedUser = $this->dbClass->authSupportUnifyUsernameAndEmail($this->dbSettings->getCurrentUser());
if (in_array($signedUser, $authorizedUsers)) {
$noAuthorization = false;
} else {
if (count($authorizedGroups) > 0) {
$belongGroups = $this->dbClass->authSupportGetGroupsOfUser($signedUser);
$this->logger->setDebugMessage($signedUser . "=belongGroups=" . var_export($belongGroups, true), 2);
if (count(array_intersect($belongGroups, $authorizedGroups)) != 0) {
$noAuthorization = false;
}
}
}
}
if ($noAuthorization) {
$this->logger->setDebugMessage("Authorization doesn't meet the settings.");
$access = "do nothing";
$this->dbSettings->setRequireAuthentication(true);
}
$signedUser = $this->dbClass->authSupportUnifyUsernameAndEmail($this->paramAuthUser);
$authSucceed = false;
if ($this->checkAuthorization($signedUser, $paramResponse, $clientId)) {
$this->logger->setDebugMessage("IM-built-in Authentication succeed.");
$authSucceed = true;
} else {
$ldap = new LDAPAuth();
$ldap->setLogger($this->logger);
if ($ldap->isActive) {
list($password, $challenge) = $this->decrypting($paramCryptResponse);
if ($ldap->bindCheck($signedUser, $password)) {
$this->logger->setDebugMessage("LDAP Authentication succeed.");
$authSucceed = true;
$this->addUser($signedUser, $password, true);
}
}
}
if (!$authSucceed) {
$this->logger->setDebugMessage("Authentication doesn't meet valid.{$signedUser}/{$paramResponse}/{$clientId}");
// Not Authenticated!
$access = "do nothing";
$this->dbSettings->setRequireAuthentication(true);
}
}
}
}
// Come here access=challenge or authenticated access
switch ($access) {
case 'describe':
$result = $this->dbClass->getSchema($this->dbSettings->getTargetName());
$this->outputOfProcessing['dbresult'] = $result;
$this->outputOfProcessing['resultCount'] = 0;
$this->outputOfProcessing['totalCount'] = 0;
break;
case 'read':
case 'select':
$result = $this->getFromDB($this->dbSettings->getTargetName());
if (isset($tableInfo['protect-reading']) && is_array($tableInfo['protect-reading'])) {
$recordCount = count($result);
for ($index = 0; $index < $recordCount; $index++) {
foreach ($result[$index] as $field => $value) {
if (in_array($field, $tableInfo['protect-reading'])) {
$result[$index][$field] = "[protected]";
}
}
}
}
$this->outputOfProcessing['dbresult'] = $result;
$this->outputOfProcessing['resultCount'] = $this->countQueryResult($this->dbSettings->getTargetName());
$this->outputOfProcessing['totalCount'] = $this->getTotalCount($this->dbSettings->getTargetName());
break;
case 'update':
if (isset($tableInfo['protect-writing']) && is_array($tableInfo['protect-writing'])) {
$fieldArray = array();
$valueArray = array();
$counter = 0;
$fieldValues = $this->dbSettings->getValue();
foreach ($this->dbSettings->getFieldsRequired() as $field) {
if (!in_array($field, $tableInfo['protect-writing'])) {
$fieldArray[] = $field;
$valueArray[] = $fieldValues[$counter];
}
$counter++;
}
$this->dbSettings->setTargetFields($fieldArray);
$this->dbSettings->setValue($valueArray);
}
$this->setToDB($this->dbSettings->getTargetName());
break;
case 'new':
case 'create':
$result = $this->newToDB($this->dbSettings->getTargetName(), $bypassAuth);
$this->outputOfProcessing['newRecordKeyValue'] = $result;
$this->outputOfProcessing['dbresult'] = $this->dbClass->updatedRecord();
break;
case 'delete':
$this->deleteFromDB($this->dbSettings->getTargetName());
break;
case 'copy':
$result = $this->copyInDB($this->dbSettings->getTargetName());
$this->outputOfProcessing['newRecordKeyValue'] = $result;
$this->outputOfProcessing['dbresult'] = $this->dbClass->updatedRecord();
break;
case 'challenge':
break;
case 'changepassword':
if (isset($_POST['newpass'])) {
$changeResult = $this->changePassword($this->paramAuthUser, $_POST['newpass']);
$this->outputOfProcessing['changePasswordResult'] = $changeResult ? true : false;
} else {
$this->outputOfProcessing['changePasswordResult'] = false;
}
break;
case 'unregister':
if (!is_null($this->dbSettings->notifyServer) && $this->clientPusherAvailable) {
$tableKeys = null;
if (isset($_POST['pks'])) {
$tableKeys = json_decode($_POST['pks'], true);
}
$this->dbSettings->notifyServer->unregister($_POST['notifyid'], $tableKeys);
}
break;
}
if ($this->logger->getDebugLevel() !== false) {
$fInfo = $this->getFieldInfo($this->dbSettings->getTargetName());
if ($fInfo != null) {
foreach ($this->dbSettings->getFieldsRequired() as $fieldName) {
if (!$this->dbClass->isContainingFieldName($fieldName, $fInfo)) {
$this->logger->setErrorMessage($messageClass->getMessageAs(1033, array($fieldName)));
}
}
}
}
}
/**
* @param $options
* @param null $access
* @param bool $bypassAuth
*/
function processingRequest($options, $access = null, $bypassAuth = false)
{
$this->logger->setDebugMessage("[processingRequest]", 2);
$this->outputOfPrcessing = '';
$generatedPrivateKey = '';
$passPhrase = '';
$currentDir = dirname(__FILE__) . DIRECTORY_SEPARATOR;
$currentDirParam = $currentDir . 'params.php';
$parentDirParam = dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'params.php';
if (file_exists($parentDirParam)) {
include $parentDirParam;
} else {
if (file_exists($currentDirParam)) {
include $currentDirParam;
}
}
$messageClass = null;
if (isset($_SERVER["HTTP_ACCEPT_LANGUAGE"])) {
$clientLangArray = explode(',', $_SERVER["HTTP_ACCEPT_LANGUAGE"]);
foreach ($clientLangArray as $oneLanguage) {
$langCountry = explode(';', $oneLanguage);
if (strlen($langCountry[0]) > 0) {
$clientLang = explode('-', $langCountry[0]);
$messageClass = "MessageStrings_{$clientLang['0']}";
if (file_exists("{$currentDir}{$messageClass}.php")) {
$messageClass = new $messageClass();
break;
}
}
$messageClass = null;
}
}
if ($messageClass == null) {
$messageClass = new MessageStrings();
}
$tableInfo = $this->dbSettings->getDataSourceTargetArray();
$access = is_null($access) ? $_POST['access'] : $access;
$clientId = isset($_POST['clientid']) ? $_POST['clientid'] : (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "Non-browser-client");
$this->paramAuthUser = isset($_POST['authuser']) ? $_POST['authuser'] : "";
$paramResponse = isset($_POST['response']) ? $_POST['response'] : "";
$this->dbSettings->setRequireAuthentication(false);
$this->dbSettings->setRequireAuthorization(false);
$this->dbSettings->setDBNative(false);
$keywordAuth = $access == "select" ? "load" : $access;
if (isset($options['authentication']) || $access == 'challenge' || $access == 'changepassword' || isset($tableInfo['authentication']) && (isset($tableInfo['authentication']['all']) || isset($tableInfo['authentication'][$keywordAuth]))) {
$this->dbSettings->setRequireAuthorization(true);
$this->dbSettings->setDBNative(false);
if (isset($options['authentication']['user']) && $options['authentication']['user'][0] == 'database_native') {
$this->dbSettings->setDBNative(true);
}
}
// $this->logger->setDebugMessage("dbNative={$this->dbSettings->isDBNative()}", 2);
// $this->logger->setDebugMessage("", 2);
if (!$bypassAuth && $this->dbSettings->getRequireAuthorization()) {
// Authentication required
if (strlen($this->paramAuthUser) == 0 || strlen($paramResponse) == 0) {
// No username or password
$access = "do nothing";
$this->dbSettings->setRequireAuthentication(true);
}
// User and Password are suppried but...
if ($access != 'challenge') {
// Not accessing getting a challenge.
if ($this->dbSettings->isDBNative()) {
$rsa = new Crypt_RSA();
$rsa->setPassword($passPhrase);
$rsa->loadKey($generatedPrivateKey);
$rsa->setPassword();
$privatekey = $rsa->getPrivateKey();
$priv = $rsa->_parseKey($privatekey, CRYPT_RSA_PRIVATE_FORMAT_PKCS1);
require_once 'bi2php/biRSA.php';
$keyDecrypt = new biRSAKeyPair('0', $priv['privateExponent']->toHex(), $priv['modulus']->toHex());
$decrypted = $keyDecrypt->biDecryptedString($paramResponse);
// $this->logger->setDebugMessage("decrypted={$decrypted}", 2);
if ($decrypted !== false) {
$nlPos = strpos($decrypted, "\n");
$nlPos = $nlPos === false ? strlen($decrypted) : $nlPos;
$password = $keyDecrypt->biDecryptedString(substr($decrypted, 0, $nlPos));
$password = strlen($password) == 0 ? "f32b309d4759446fc81de858322ed391a0c167a0" : $password;
$challenge = substr($decrypted, $nlPos + 1);
// $this->logger->setDebugMessage("password={$password}", 2);
// $this->logger->setDebugMessage("paramAuthUser={$this->paramAuthUser}", 2);
if (!$this->checkChallenge($challenge, $clientId)) {
$access = "do nothing";
$this->dbSettings->setRequireAuthentication(true);
} else {
$this->dbSettings->setUserAndPasswordForAccess($this->paramAuthUser, $password);
$this->logger->setDebugMessage("[checkChallenge] returns true.", 2);
}
} else {
$this->logger->setDebugMessage("Can't decrypt.");
$access = "do nothing";
$this->dbSettings->setRequireAuthentication(true);
}
} else {
$noAuthorization = true;
$authorizedGroups = $this->dbClass->getAuthorizedGroups($access);
$authorizedUsers = $this->dbClass->getAuthorizedUsers($access);
$this->logger->setDebugMessage("authorizedUsers=" . var_export($authorizedUsers, true) . "/authorizedGroups=" . var_export($authorizedGroups, true), 2);
if (count($authorizedUsers) == 0 && count($authorizedGroups) == 0) {
$noAuthorization = false;
} else {
$signedUser = $this->dbClass->authSupportUnifyUsernameAndEmail($this->dbSettings->getCurrentUser());
if (in_array($signedUser, $authorizedUsers)) {
$noAuthorization = false;
} else {
if (count($authorizedGroups) > 0) {
$belongGroups = $this->dbClass->authSupportGetGroupsOfUser($signedUser);
$this->logger->setDebugMessage($signedUser . "=belongGroups=" . var_export($belongGroups, true), 2);
if (count(array_intersect($belongGroups, $authorizedGroups)) != 0) {
$noAuthorization = false;
}
}
}
}
if ($noAuthorization) {
$this->logger->setDebugMessage("Authorization doesn't meet the settings.");
$access = "do nothing";
$this->dbSettings->setRequireAuthentication(true);
}
$signedUser = $this->dbClass->authSupportUnifyUsernameAndEmail($this->paramAuthUser);
if (!$this->checkAuthorization($signedUser, $paramResponse, $clientId)) {
$this->logger->setDebugMessage("Authentication doesn't meet valid.{$signedUser}/{$paramResponse}/{$clientId}");
// Not Authenticated!
$access = "do nothing";
$this->dbSettings->setRequireAuthentication(true);
}
}
}
}
// $this->logger->setDebugMessage("requireAuthentication={$this->dbSettings->getRequireAuthentication()}", 2);
// $this->logger->setDebugMessage("requireAuthorization={$this->dbSettings->getRequireAuthorization()}", 2);
// $this->logger->setDebugMessage("access={$access}, target={$this->dbSettings->getTargetName()}", 2);
// Come here access=challenge or authenticated access
switch ($access) {
case 'describe':
$result = $this->dbClass->getSchema($this->dbSettings->getTargetName());
$this->outputOfPrcessing = 'dbresult=' . arrayToJS($result, '') . ';' . "resultCount=0;";
break;
case 'select':
$result = $this->getFromDB($this->dbSettings->getTargetName());
if (isset($tableInfo['protect-reading']) && is_array($tableInfo['protect-reading'])) {
$recordCount = count($result);
for ($index = 0; $index < $recordCount; $index++) {
foreach ($result[$index] as $field => $value) {
if (in_array($field, $tableInfo['protect-reading'])) {
$result[$index][$field] = "[protected]";
}
}
}
}
$this->outputOfPrcessing = 'dbresult=' . arrayToJS($result, '') . ';' . "resultCount='{$this->countQueryResult($this->dbSettings->getTargetName())}';";
break;
case 'update':
if (isset($tableInfo['protect-writing']) && is_array($tableInfo['protect-writing'])) {
$fieldArray = array();
$valueArray = array();
$counter = 0;
$fieldValues = $this->dbSettings->getValue();
foreach ($this->dbSettings->getFieldsRequired() as $field) {
if (!in_array($field, $tableInfo['protect-writing'])) {
$fieldArray[] = $field;
$valueArray[] = $fieldValues[$counter];
}
$counter++;
}
$this->dbSettings->setTargetFields($fieldArray);
$this->dbSettings->setValue($valueArray);
}
$this->setToDB($this->dbSettings->getTargetName());
break;
case 'new':
$result = $this->newToDB($this->dbSettings->getTargetName(), $bypassAuth);
$this->outputOfPrcessing = "newRecordKeyValue='{$result}';";
break;
case 'delete':
$this->deleteFromDB($this->dbSettings->getTargetName());
break;
case 'challenge':
break;
case 'changepassword':
if (isset($_POST['newpass'])) {
$changeResult = $this->changePassword($this->paramAuthUser, $_POST['newpass']);
$this->outputOfPrcessing = "changePasswordResult=" . ($changeResult ? "true;" : "false;");
} else {
$this->outputOfPrcessing = "changePasswordResult=false;";
}
break;
}
// $this->logger->setDebugMessage("requireAuthentication={$this->dbSettings->getRequireAuthentication()}", 2);
// $this->logger->setDebugMessage("requireAuthorization={$this->dbSettings->getRequireAuthorization()}", 2);
if ($this->logger->getDebugLevel() !== false) {
$fInfo = $this->getFieldInfo($this->dbSettings->getTargetName());
if ($fInfo != null) {
foreach ($this->dbSettings->getFieldsRequired() as $fieldName) {
if (!in_array($fieldName, $fInfo)) {
$this->logger->setErrorMessage($messageClass->getMessageAs(1033, array($fieldName)));
}
}
}
}
}
