function createServerKeys($openSslCnfPath) {
$spotSigning = new SpotSigning(true);
$x = $spotSigning->createPrivateKey($openSslCnfPath);
$this->setIfNot('publickey', $x['public']);
$this->setIfNot('privatekey', $x['private']);
} # createServerKeys
function render()
{
$formMessages = array('errors' => array(), 'info' => array());
# Controleer de users' rechten
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_post_comment, '');
# Sportparser is nodig voor het escapen van de random string
$spotParser = new SpotParser();
# spot signing is nodig voor het RSA signen van de spot en dergelijke
$spotSigning = new SpotSigning();
# creeer een default comment zodat het form altijd
# de waardes van het form kan renderen
$comment = array('body' => '', 'rating' => 0, 'inreplyto' => $this->_inReplyTo, 'newmessageid' => '', 'randomstr' => '');
# postcomment verzoek was standaard niet geprobeerd
$postResult = array();
# zet de page title
$this->_pageTitle = "spot: post comment";
# Als de user niet ingelogged is, dan heeft dit geen zin
if ($this->_currentSession['user']['userid'] == SPOTWEB_ANONYMOUS_USERID) {
$postResult = array('result' => 'notloggedin');
unset($this->_commentForm['submit']);
}
# if
# Zorg er voor dat reserved usernames geen comments kunnen posten
$spotUser = new SpotUserSystem($this->_db, $this->_settings);
if (!$spotUser->validUsername($this->_currentSession['user']['username'])) {
$postResult = array('result' => 'notloggedin');
unset($this->_commentForm['submit']);
}
# if
if (isset($this->_commentForm['submit'])) {
# submit unsetten we altijd
unset($this->_commentForm['submit']);
# zorg er voor dat alle variables ingevuld zijn
$comment = array_merge($comment, $this->_commentForm);
# vraag de users' privatekey op
$this->_currentSession['user']['privatekey'] = $spotUser->getUserPrivateRsaKey($this->_currentSession['user']['userid']);
# het messageid krijgen we met <>'s, maar we werken
# in spotweb altijd zonder, dus die strippen we
$comment['newmessageid'] = substr($comment['newmessageid'], 1, -1);
# valideer of we deze comment kunnen posten, en zo ja, doe dat dan
$spotPosting = new SpotPosting($this->_db, $this->_settings);
$formMessages['errors'] = $spotPosting->postComment($this->_currentSession['user'], $comment);
if (empty($formMessages['errors'])) {
$postResult = array('result' => 'success', 'user' => $this->_currentSession['user']['username'], 'userid' => $spotSigning->calculateUserid($this->_currentSession['user']['publickey']), 'rating' => $comment['rating'], 'body' => $comment['body']);
} else {
$postResult = array('result' => 'failure');
}
# else
}
# if
#- display stuff -#
$this->template('postcomment', array('postcommentform' => $comment, 'formmessages' => $formMessages, 'postresult' => $postResult));
}
function render()
{
$formMessages = array('errors' => array(), 'info' => array());
# Controleer de users' rechten
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_create_new_user, '');
# creeer een default spotuser zodat het form altijd
# de waardes van het form kan renderen
$spotUser = array('username' => '', 'firstname' => '', 'lastname' => '', 'mail' => '');
# createuser resultaat is standaard niet geprobeerd
$createResult = array();
# Instantieer het Spot user system
$spotUserSystem = new SpotUserSystem($this->_db, $this->_settings);
# zet de page title
$this->_pageTitle = "spot: create user";
# Is dit een submit van een form, of nog maar de aanroep?
if (isset($this->_createUserForm['submit'])) {
# submit unsetten we altijd
unset($this->_createUserForm['submit']);
# userid zetten we altijd op false voor het maken van een
# nieuwe user, omdat validateUserRecord() anders denkt
# dat we een bestaande user aan het bewerken zijn en we bv.
# het mailaddress niet controleren op dubbelen behalve 'zichzelf'
$this->_createUserForm['userid'] = false;
# creeer een random password voor deze user
$spotUser['newpassword1'] = substr($spotUserSystem->generateUniqueId(), 1, 9);
$spotUser['newpassword2'] = $spotUser['newpassword1'];
# valideer de user
$spotUser = array_merge($spotUser, $this->_createUserForm);
$formMessages['errors'] = $spotUserSystem->validateUserRecord($spotUser, false);
# Is er geen andere user met dezelfde username?
if ($this->_db->usernameExists($spotUser['username'])) {
$formMessages['errors'][] = array('validateuser_usernameexists', array($spotUser['username']));
}
# if
if (empty($formMessages['errors'])) {
# Creer een private en public key paar voor deze user
$spotSigning = new SpotSigning();
$userKey = $spotSigning->createPrivateKey($this->_settings->get('openssl_cnf_path'));
$spotUser['publickey'] = $userKey['public'];
$spotUser['privatekey'] = $userKey['private'];
# Notificatiesysteem initialiseren
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $this->_currentSession);
# voeg de user toe
$spotUserSystem->addUser($spotUser);
# als het toevoegen van de user gelukt is, laat het weten
$createResult = array('result' => 'success', 'user' => $spotUser['username'], 'password' => $spotUser['newpassword1']);
# verstuur een e-mail naar de nieuwe gebruiker als daar om is gevraagd
if ($this->_createUserForm['sendmail'] == "true" || $this->_createUserForm['sendmail'] == "on" || $this->_settings->get('sendwelcomemail')) {
$spotsNotifications->sendNewUserMail($spotUser);
}
# if
# en verstuur een notificatie
$spotsNotifications->sendUserAdded($spotUser['username'], $spotUser['newpassword1']);
} else {
$createResult = array('result' => 'failure');
}
# else
}
# if
#- display stuff -#
$this->template('createuser', array('createuserform' => $spotUser, 'formmessages' => $formMessages, 'createresult' => $createResult));
}
function updateUserPreferences()
{
$userList = $this->_db->listUsers("", 0, 9999999);
# loop through every user and fix it
foreach ($userList['list'] as $user) {
# Omdat we vanuit listUsers() niet alle velden meekrijgen
# vragen we opnieuw het user record op
$user = $this->_db->getUser($user['userid']);
# set the users' preferences
$this->setSettingIfNot($user['prefs'], 'perpage', 25);
$this->setSettingIfNot($user['prefs'], 'date_formatting', 'human');
$this->setSettingIfNot($user['prefs'], 'template', 'we1rdo');
$this->setSettingIfNot($user['prefs'], 'count_newspots', true);
$this->setSettingIfNot($user['prefs'], 'keep_seenlist', true);
$this->setSettingIfNot($user['prefs'], 'auto_markasread', true);
$this->setSettingIfNot($user['prefs'], 'keep_downloadlist', true);
$this->setSettingIfNot($user['prefs'], 'keep_watchlist', true);
$this->setSettingIfNot($user['prefs'], 'nzb_search_engine', 'nzbindex');
$this->setSettingIfNot($user['prefs'], 'show_filesize', true);
$this->setSettingIfNot($user['prefs'], 'show_reportcount', true);
$this->setSettingIfNot($user['prefs'], 'show_multinzb', true);
$this->setSettingIfNot($user['prefs'], 'customcss', '');
$this->setSettingIfNot($user['prefs'], 'newspotdefault_tag', $user['username']);
$this->setSettingIfNot($user['prefs'], 'newspotdefault_body', '');
$this->setSettingIfNot($user['prefs']['nzbhandling'], 'action', 'disable');
$this->setSettingIfNot($user['prefs']['nzbhandling'], 'local_dir', '/tmp');
$this->setSettingIfNot($user['prefs']['nzbhandling'], 'prepare_action', 'merge');
$this->setSettingIfNot($user['prefs']['nzbhandling'], 'command', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['sabnzbd'], 'url', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['sabnzbd'], 'apikey', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['nzbget'], 'host', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['nzbget'], 'port', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['nzbget'], 'username', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['nzbget'], 'password', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['nzbget'], 'timeout', 15);
$this->setSettingIfNot($user['prefs']['notifications']['growl'], 'host', '');
$this->setSettingIfNot($user['prefs']['notifications']['growl'], 'password', '');
$this->setSettingIfNot($user['prefs']['notifications']['nma'], 'api', '');
$this->setSettingIfNot($user['prefs']['notifications']['notifo'], 'username', '');
$this->setSettingIfNot($user['prefs']['notifications']['notifo'], 'api', '');
$this->setSettingIfNot($user['prefs']['notifications']['prowl'], 'apikey', '');
$this->setSettingIfNot($user['prefs']['notifications']['twitter'], 'screen_name', '');
$this->setSettingIfNot($user['prefs']['notifications']['twitter'], 'request_token', '');
$this->setSettingIfNot($user['prefs']['notifications']['twitter'], 'request_token_secret', '');
$this->setSettingIfNot($user['prefs']['notifications']['twitter'], 'access_token', '');
$this->setSettingIfNot($user['prefs']['notifications']['twitter'], 'access_token_secret', '');
$notifProviders = Notifications_Factory::getActiveServices();
foreach ($notifProviders as $notifProvider) {
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider], 'enabled', false);
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider]['events'], 'watchlist_handled', false);
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider]['events'], 'nzb_handled', false);
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider]['events'], 'retriever_finished', false);
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider]['events'], 'spot_posted', false);
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider]['events'], 'user_added', false);
}
// foreach
# make sure a sort preference is defined. An empty field means relevancy
$this->setSettingIfNot($user['prefs'], 'defaultsortfield', '');
# oude settings verwijderen
$this->unsetSetting($user['prefs'], 'search_url');
$this->unsetSetting($user['prefs']['notifications'], 'libnotify');
# controleren dat de user een geldige RSA key heeft
if ($user['userid'] > 2) {
$rsaKey = $this->_db->getUserPrivateRsaKey($user['userid']);
if (empty($rsaKey)) {
# Creer een private en public key paar voor deze user
$spotSigning = new SpotSigning();
$userKey = $spotSigning->createPrivateKey($this->_settings->get('openssl_cnf_path'));
$this->_db->setUserRsaKeys($user['userid'], $userKey['public'], $userKey['private']);
}
# if
}
# if
# update the user record in the database
$this->_db->setUser($user);
}
# foreach
}
function render()
{
$formMessages = array('errors' => array(), 'info' => array());
# Controleer de users' rechten
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_post_spot, '');
# Sportparser is nodig voor het escapen van de random string
$spotParser = new SpotParser();
# spot signing is nodig voor het RSA signen van de spot en dergelijke
$spotSigning = new SpotSigning();
# creeer een default spot zodat het form altijd
# de waardes van het form kan renderen
$spot = array('title' => '', 'body' => '', 'category' => 0, 'subcatz' => '', 'subcatlist' => '', 'tag' => '', 'website' => '', 'newmessageid' => '', 'randomstr' => '');
# postspot verzoek was standaard niet geprobeerd
$postResult = array();
# zet de page title
$this->_pageTitle = "spot: post";
# Als de user niet ingelogged is, dan heeft dit geen zin
if ($this->_currentSession['user']['userid'] == SPOTWEB_ANONYMOUS_USERID) {
$postResult = array('result' => 'notloggedin');
unset($this->_spotForm['submit']);
}
# if
# Zorg er voor dat reserved usernames geen spots kunnen posten
$spotUser = new SpotUserSystem($this->_db, $this->_settings);
if (!$spotUser->validUsername($this->_currentSession['user']['username'])) {
$postResult = array('result' => 'notloggedin');
unset($this->_spotForm['submit']);
}
# if
# If user tried to submit, validate the file uploads
if (isset($this->_spotForm['submit'])) {
# Make sure an NZB file was provided
if (!isset($_FILES['newspotform']) || $_FILES['newspotform']['error']['nzbfile'] != UPLOAD_ERR_OK) {
$formMessages['errors'][] = array('postspot_invalidnzb', '(none given)');
$postResult = array('result' => 'failure');
// $xml = file_get_contents($_FILES['filterimport']['tmp_name']);
unset($this->_spotForm['submit']);
}
# if
# Make sure an imgae file was provided
if (!isset($_FILES['newspotform']) || $_FILES['newspotform']['error']['imagefile'] != UPLOAD_ERR_OK) {
$formMessages['errors'][] = array('postspot_imageinvalid', '(none given)');
$postResult = array('result' => 'failure');
// $xml = file_get_contents($_FILES['filterimport']['tmp_name']);
unset($this->_spotForm['submit']);
}
# if
}
# if
if (isset($this->_spotForm['submit'])) {
# Notificatiesysteem initialiseren
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $this->_currentSession);
# submit unsetten we altijd
unset($this->_spotForm['submit']);
# De subcatz wordt per hoofdcategory doorgegeven, merge die naar 1
# subcatz
$spot['subcatz'] = isset($this->_spotForm['subcatz' . $this->_spotForm['category']]) ? $this->_spotForm['subcatz' . $this->_spotForm['category']] : '';
# zorg er voor dat alle variables ingevuld zijn
$spot = array_merge($spot, $this->_spotForm);
# vraag de users' privatekey op
$this->_currentSession['user']['privatekey'] = $spotUser->getUserPrivateRsaKey($this->_currentSession['user']['userid']);
# het messageid krijgen we met <>'s, maar we werken
# in spotweb altijd zonder, dus die strippen we
$spot['newmessageid'] = substr($spot['newmessageid'], 1, -1);
# valideer of we deze spot kunnen posten, en zo ja, doe dat dan
$spotPosting = new SpotPosting($this->_db, $this->_settings);
$formMessages['errors'] = $spotPosting->postSpot($this->_currentSession['user'], $spot, $_FILES['newspotform']['tmp_name']['imagefile'], $_FILES['newspotform']['tmp_name']['nzbfile']);
if (empty($formMessages['errors'])) {
$postResult = array('result' => 'success', 'user' => $this->_currentSession['user']['username'], 'userid' => $spotSigning->calculateUserid($this->_currentSession['user']['publickey']), 'body' => $spot['body']);
# en verstuur een notificatie
$spotsNotifications->sendSpotPosted($spot);
} else {
$postResult = array('result' => 'failure');
}
# else
}
# if
#- display stuff -#
$this->template('newspot', array('postspotform' => $spot, 'formmessages' => $formMessages, 'postresult' => $postResult));
}
function getFullSpot($msgId)
{
# initialize some variables
$spotSigning = new SpotSigning($this->_use_openssl);
$spotParser = new SpotParser();
$spot = array('fullxml' => '', 'user-signature' => '', 'user-key' => '', 'verified' => false, 'messageid' => $msgId, 'userid' => '', 'xml-signature' => '', 'moderated' => 0);
# Vraag de volledige article header van de spot op
$header = $this->getHeader('<' . $msgId . '>');
# Parse de header
foreach ($header as $str) {
$keys = explode(':', $str);
switch ($keys[0]) {
case 'X-XML':
$spot['fullxml'] .= substr($str, 7);
break;
case 'X-User-Signature':
$spot['user-signature'] = $spotParser->unspecialString(substr($str, 18));
break;
case 'X-XML-Signature':
$spot['xml-signature'] = substr($str, 17);
break;
case 'X-User-Key':
$xml = simplexml_load_string(substr($str, 12));
if ($xml !== false) {
$spot['user-key']['exponent'] = (string) $xml->Exponent;
$spot['user-key']['modulo'] = (string) $xml->Modulus;
}
# if
break;
# x-user-key
}
# switch
}
# foreach
# Valideer de signature van de XML, deze is gesigned door de user zelf
$spot['verified'] = $spotSigning->verifyFullSpot($spot);
# als de spot verified is, toon dan de userid van deze user
if ($spot['verified']) {
$spot['userid'] = $spotSigning->calculateUserid($spot['user-key']['modulo']);
}
# if
# Parse nu de XML file, alles wat al gedefinieerd is eerder wordt niet overschreven
$spot = array_merge($spotParser->parseFull($spot['fullxml']), $spot);
return $spot;
}
function parseXover($subj, $from, $date, $messageid, $rsakeys)
{
$_CAT = 0;
$_FSIZE = 1;
// initialiseer wat variabelen
$spot = array();
// Eerst splitsen we de header string op in enkel de category info e.d.
$fromInfoPos = strpos($from, '<');
if ($fromInfoPos === false) {
return false;
} else {
# Haal de postername en de <>'s weg
$fromAddress = explode('@', substr($from, $fromInfoPos + 1, -1));
if (count($fromAddress) < 2) {
return false;
}
# if
$spot['header'] = $fromAddress[1];
}
# if
$spot['verified'] = false;
$spot['filesize'] = 0;
$spot['messageid'] = substr($messageid, 1, strlen($messageid) - 2);
# als de spot in de toekomst ligt, dan corrigeren we dat naar nu
if (time() < strtotime($date)) {
$spot['stamp'] = time();
} else {
$spot['stamp'] = strtotime($date);
}
# if
$fields = explode('.', $spot['header']);
if (count($fields) >= 6) {
$spot['filesize'] = $fields[$_FSIZE];
$spot['category'] = substr($fields[$_CAT], 0, 1) - 1.0;
// extract de posters name
$spot['poster'] = substr($from, 0, $fromInfoPos - 1);
// key id
$spot['keyid'] = (int) substr($fields[$_CAT], 1, 1);
if ($spot['keyid'] >= 0) {
$expression = '';
$strInput = substr($fields[$_CAT], 2);
$recentKey = $spot['keyid'] != 1;
if ($recentKey) {
if (strlen($strInput) == 0 || strlen($strInput) % 3 != 0) {
return;
}
# if
$subcatAr = $this->splitBySizEx($strInput, 3);
foreach ($subcatAr as $str) {
if (strlen($str) > 0) {
$expression .= strtolower(substr($str, 0, 1)) . (int) substr($str, 1) . '|';
}
# if
}
# foeeach
} else {
$list = array();
for ($i = 0; $i < strlen($strInput); $i++) {
if ($strInput[$i] == 0 && !is_numeric($strInput[$i]) && strlen($expression) > 0) {
$list[] = $expression;
$expression = '';
}
# if
$expression .= $strInput[$i];
}
# for
$list[] = $expression;
$expression = '';
foreach ($list as $str) {
$expression .= strtolower(substr($str, 0, 1)) . substr($str, 1) . '|';
}
# foreach
}
# else if $recentKey
# Break up the subcategories per subcat-type
if (strlen($expression) > 0) {
$subcats = explode('|', $expression);
$spot['subcata'] = '';
$spot['subcatb'] = '';
$spot['subcatc'] = '';
$spot['subcatd'] = '';
$spot['subcatz'] = '';
foreach ($subcats as $subcat) {
if (in_array(strtolower(substr($subcat, 0, 1)), array('a', 'b', 'c', 'd', 'z')) !== false) {
$spot['subcat' . strtolower(substr($subcat, 0, 1))] .= $subcat . '|';
}
# if
}
# foreach
# We vullen hier de z categorieen alvast op in het geval er geen Z category gegeven is
if (empty($spot['subcatz'])) {
$spot['subcatz'] = SpotCategories::createSubcatz($spot['category'], $spot['subcata'] . $spot['subcatb'] . $spot['subcatd']);
}
# if
}
# if
if (strpos($subj, '=?') !== false && strpos($subj, '?=') !== false) {
# Make sure its as simple as possible
$subj = str_replace('?= =?', '?==?', $subj);
$subj = str_replace('\\r', '', trim($this->oldEncodingParse($subj)));
$subj = str_replace('\\n', '', $subj);
}
# if
if ($recentKey) {
$tmp = explode('|', $subj);
$spot['title'] = trim($tmp[0]);
if (count($tmp) > 1) {
$spot['tag'] = trim($tmp[1]);
} else {
$spot['tag'] = '';
}
# else
} else {
$tmp = explode('|', $subj);
if (count($tmp) <= 1) {
$tmp = array($subj);
}
# if
$spot['tag'] = trim($tmp[count($tmp) - 1]);
# remove the tags from the array
array_pop($tmp);
array_pop($tmp);
$spot['title'] = trim(implode('|', $tmp));
if (strpos($spot['title'], chr(0xc2)) !== false | strpos($spot['title'], chr(0xc3)) !== false) {
$spot['title'] = trim($this->oldEncodingParse($spot['title']));
}
# if
}
# if recentKey
if (strlen($spot['title']) != 0 && strlen($spot['poster']) != 0) {
# Als er een recentkey is (key <> 1), OF de spot is na 2010 geplaatst, dan moet
# de spot gesigned zijn.
$mustbeSigned = $recentKey | $spot['stamp'] > 1293870080;
if ($mustbeSigned) {
$spot['headersign'] = $fields[count($fields) - 1];
if (strlen($spot['headersign']) != 0) {
$spot['wassigned'] = true;
# KeyID 7 betekent dat alleen een hashcash vereist is
if ($spot['keyid'] == 7) {
$userSignedHash = sha1('<' . $spot['messageid'] . '>', false);
$spot['verified'] = substr($userSignedHash, 0, 3) == '0000';
} else {
# the signature this header is signed with
$signature = $this->unspecialString($spot['headersign']);
$spotSigning = new SpotSigning();
$spot['verified'] = $spotSigning->verifySpotHeader($spot, $signature, $rsakeys);
}
# else
}
# if
} else {
$spot['verified'] = true;
$spot['wassigned'] = false;
}
# if doesnt need to be signed, pretend that it is
}
# if
}
# if
}
# if
# Nu zetten we de titel en dergelijke om naar utf8, we kunnen
# dat niet eerder doen omdat anders de RSA signature niet meer
# klopt.
if ($spot !== false && $spot['verified']) {
$spot['title'] = utf8_encode($spot['title']);
$spot['poster'] = utf8_encode($spot['poster']);
$spot['tag'] = utf8_encode($spot['tag']);
}
# f
return $spot;
}
function getCleanRandomString($len)
{
$spotParser = new SpotParser();
$spotSigning = new SpotSigning();
return substr($spotParser->specialString(base64_encode($spotSigning->makeRandomStr($len))), 0, $len);
}
require_once "NNTP/Protocol/Client.php";
require_once "NNTP/Client.php";
require_once "lib/exceptions/CustomException.php";
require_once "lib/exceptions/NntpException.php";
require_once "lib/SpotSecurity.php";
require_once "lib/SpotTiming.php";
require_once "settings.php";
require_once "lib/SpotDb.php";
define('USERID', 30);
/* -------------------------------------------------------------------- */
echo "Included PHP classes... " . PHP_EOL;
$db = new SpotDb($settings['db']);
$db->connect();
echo "Connected to the database.." . PHP_EOL;
$spotSettings = SpotSettings::singleton($db, $settings);
$spotSigning = new SpotSigning();
$spotPosting = new SpotPosting($db, $spotSettings);
$spotUserSystem = new SpotUserSystem($db, $spotSettings);
echo "Initialized classes.." . PHP_EOL;
$spot['category'] = 0;
$spot['website'] = 'http://www.moviemeter.nl/film/69912';
$spot['body'] = 'Hierbij een cover van de film Colombiana.
Met dank aan de originele poster van deze cover';
$spot['poster'] = 'Spotweb Test User';
$spot['tag'] = '';
$spot['key'] = 7;
$spot['title'] = 'Colombiana cover (SWtest2)';
echo "Spot Title will be: " . $spot['title'] . PHP_EOL;
$spot['category'] = 0;
$spot["subcata"] = "a5|";
function getFullSpot($msgId)
{
# initialize some variables
$spotSigning = new SpotSigning();
$spot = array('fullxml' => '', 'user-signature' => '', 'user-key' => '', 'verified' => false, 'messageid' => $msgId, 'userid' => '', 'xml-signature' => '', 'moderated' => 0);
# Vraag de volledige article header van de spot op
$header = $this->getHeader('<' . $msgId . '>');
# Parse de header
$spot = array_merge($spot, $this->parseHeader($header, $spot));
# Valideer de signature van de XML, deze is gesigned door de user zelf
$spot['verified'] = $spotSigning->verifyFullSpot($spot);
# als de spot verified is, toon dan de userid van deze user
if ($spot['verified']) {
$spot['userid'] = $spotSigning->calculateUserid($spot['user-key']['modulo']);
}
# if
# Parse nu de XML file, alles wat al gedefinieerd is eerder wordt niet overschreven
$spot = array_merge($this->_spotParser->parseFull($spot['fullxml']), $spot);
return $spot;
}
<tr> <td colspan="2"> xml </td> <td> </td> <td> <?php
showResult(extension_loaded('xml'));
?>
</td> </tr>
<tr> <td colspan="2"> zip </td> <td> NZB files comprimeren </td> <td> <?php
showResult(extension_loaded('zip'));
?>
</td> </tr>
<tr> <td colspan="2"> zlib </td> <td> </td> <td> <?php
showResult(extension_loaded('zlib'));
?>
</td> </tr>
<tr> <th colspan="3"> OpenSSL </th> </tr>
<?php
require_once "lib/SpotSigning.php";
$spotSigning = new SpotSigning();
$privKey = $spotSigning->createPrivateKey($settings['openssl_cnf_path']);
?>
<tr> <td rowspan="3"> Minimaal 1 moet OK zijn<br />In volgorde van snelste naar langzaamste </td> <td> openssl </td> <td> </td> <td> <?php
showResult(extension_loaded('openssl'));
?>
</td> </tr>
<tr> <td> gmp </td> <td> </td> <td> <?php
showResult(extension_loaded('gmp'));
?>
</td> </tr>
<tr> <td> bcmath </td> <td> </td> <td> <?php
showResult(extension_loaded('bcmath'));
?>
</td> </tr>
<tr> <td colspan="2"> Can create private key? </td> <td> </td> <td> <?php
function parseXover($subj, $from, $date, $messageid, $rsakeys, $use_openssl)
{
$_ID = 2;
$_CAT = 0;
// initialiseer wat variabelen
$spot = array();
// Eerst splitsen we de header string op in enkel de category info e.d.
$tmpHdr = preg_split('(<|>)', $from);
if (count($tmpHdr) < 2) {
return null;
}
# if
$tmpHdr = explode('@', $tmpHdr[1]);
if (count($tmpHdr) < 2) {
return false;
}
# if
$spot['header'] = $tmpHdr[1];
$spot['verified'] = false;
$spot['messageid'] = substr($messageid, 1, strlen($messageid) - 2);
if (time() < strtotime($date)) {
$spot['stamp'] = time();
} else {
$spot['stamp'] = strtotime($date);
}
# if
$fields = explode('.', $spot['header']);
if (count($fields) >= 6) {
$spot['id'] = $fields[$_ID];
if ($spot['id'] > 9) {
$spot['category'] = substr($fields[$_CAT], 0, 1) - 1.0;
// extract de posters name
$spot['poster'] = explode('<', $from);
$spot['poster'] = trim($spot['poster'][0]);
// key id
$spot['keyid'] = (int) substr($fields[$_CAT], 1, 1);
// groupname
$spot['groupname'] = 'free.pt';
if ($spot['keyid'] >= 1) {
$expression = '';
$strInput = substr($fields[$_CAT], 2);
$recentKey = $spot['keyid'] != 1;
if ($recentKey) {
if (strlen($strInput) == 0 || strlen($strInput) % 3 != 0) {
exit;
}
# if
$subcatAr = $this->splitBySizEx($strInput, 3);
foreach ($subcatAr as $str) {
if (strlen($str) > 0) {
$expression .= strtolower(substr($str, 0, 1)) . (int) substr($str, 1) . '|';
}
# if
}
# foeeach
$spot['subcat'] = (int) substr($subcatAr[0], 1);
} else {
$list = array();
for ($i = 0; $i < strlen($strInput); $i++) {
if ($strInput[$i] == 0 && !is_numeric($strInput[$i]) && strlen($expression) > 0) {
$list[] = $expression;
$expression = '';
}
# if
$expression .= $strInput[$i];
}
# for
$list[] = $expression;
$expression = '';
foreach ($list as $str) {
$expression .= strtolower(substr($str, 0, 1)) . substr($str, 1) . '|';
}
# foreach
$spot['subcat'] = (int) substr($list[0], 1);
}
# else if $recentKey
# Break up the subcategories per subcat-type
if (strlen($expression) > 0) {
$subcats = explode('|', $expression);
$spot['subcata'] = '';
$spot['subcatb'] = '';
$spot['subcatc'] = '';
$spot['subcatd'] = '';
foreach ($subcats as $subcat) {
if (array_search(strtolower(substr($subcat, 0, 1)), array('a', 'b', 'c', 'd')) !== false) {
$spot['subcat' . strtolower(substr($subcat, 0, 1))] .= $subcat . '|';
}
# if
}
# foreach
}
# if
if (strpos($subj, '=?') !== false && strpos($subj, '?=') !== false) {
# Make sure its as simple as possible
$subj = str_replace('?= =?', '?==?', $subj);
$subj = str_replace('\\r', '', trim($this->oldEncodingParse($subj)));
$subj = str_replace('\\n', '', $subj);
}
# if
if ($recentKey) {
if (strpos($subj, '|') !== false) {
$tmp = explode('|', $subj);
$spot['title'] = trim($tmp[0]);
$spot['tag'] = trim($tmp[1]);
} else {
$spot['title'] = trim($subj);
$spot['tag'] = '';
}
# else
} else {
$tmp = explode('|', $subj);
if (count($tmp) <= 1) {
$tmp = array($subj);
}
# if
$spot['tag'] = trim($tmp[count($tmp) - 1]);
# remove the tags from the array
array_pop($tmp);
array_pop($tmp);
$spot['title'] = trim(implode('|', $tmp));
if (strpos($spot['title'], chr(0xc2)) !== false | strpos($spot['title'], chr(0xc3)) !== false) {
$spot['title'] = trim($this->oldEncodingParse($spot['title']));
}
# if
}
# if recentKey
if (strlen($spot['title']) != 0 && strlen($spot['poster']) != 0 && ($spot['id'] >= 1000000 || $recentKey)) {
# Vanaf spot-id 1385910 komen we KeyID's 2 tegen, dus vanaf daar gaan we alle niet-signed posts weigeren.
$mustbeSigned = $recentKey | !$recentKey & $spot['id'] > 1385910;
# FIXME
#
# somehow there is a check that the key is only validated for spots with key id 2 ?
# not sure about the code as it only seems to execute for more than 25000 spots or something?
#
$mustbeSigned = $mustbeSigned & $spot['keyid'] >= 2;
# and verify the signature it
if ($mustbeSigned) {
$spot['headersign'] = $fields[count($fields) - 1];
if (strlen($spot['headersign']) != 0) {
$spot['wassigned'] = true;
# KeyID 7 betekent dat het serverless signed is
if ($spot['keyid'] == 7) {
$userSignedHash = sha1('<' . $spot['messageid'] . '>', false);
$spot['verified'] = substr($userSignedHash, 0, 3) == '0000';
} else {
# the signature this header is signed with
$signature = $this->unspecialString($spot['headersign']);
$spotSigning = new SpotSigning($use_openssl);
$spot['verified'] = $spotSigning->verifySpotHeader($spot, $signature, $rsakeys);
}
# else
}
# if
} else {
$spot['verified'] = true;
$spot['wassigned'] = false;
}
# if doesnt need to be signed, pretend that it is
}
# if
}
# if
}
# if
}
# if
return $spot;
}
