public function Execute($db, $params) { if (isset($params["SceneID"]) && UUID::TryParse($params["SceneID"], $this->SceneID)) { $sql = "DELETE FROM Scenes WHERE ID='" . $this->SceneID . "'"; } else { if (isset($params["Name"])) { $sql = "DELETE FROM Scenes WHERE Name='" . $params["Name"] . "'"; } else { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } } $sth = $db->prepare($sql); if ($sth->execute()) { header("Content-Type: application/json", true); echo '{ "Success": true }'; exit; } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } }
public function Execute($db, $params) { if (isset($params["Identifier"], $params["Credential"], $params["Type"], $params["UserID"]) && UUID::TryParse($params["UserID"], $this->UserID)) { if (isset($params["Enabled"]) && $params["Enabled"] == False) { $parameters = array(':Identifier' => $params["Identifier"], ':Credential' => $params["Credential"], ':Type' => $params["Type"], ':UserID' => $this->UserID); $sql = "INSERT INTO Identities (Identifier, Credential, Type, UserID, Enabled)\n VALUES (:Identifier, :Credential, :Type, :UserID, False)\n ON DUPLICATE KEY UPDATE Credential=VALUES(Credential), Type=VALUES(Type), UserID=VALUES(UserID), Enabled=VALUES(Enabled)"; } else { $parameters = array(':Identifier' => $params["Identifier"], ':Credential' => $params["Credential"], ':Type' => $params["Type"], ':UserID' => $this->UserID); $sql = "INSERT INTO Identities (Identifier, Credential, Type, UserID)\n VALUES (:Identifier, :Credential, :Type, :UserID)\n ON DUPLICATE KEY UPDATE Credential=VALUES(Credential), Type=VALUES(Type), UserID=VALUES(UserID), Enabled=1"; } $sth = $db->prepare($sql); if ($sth->execute($parameters)) { header("Content-Type: application/json", true); echo '{ "Success": true }'; exit; } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } } else { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } }
public function Execute($db, $params) { // TODO: Sanity check the expiration date // TODO: Also run a regex on Resource to make sure it's a valid (relative or absolute) URL if (!isset($params["OwnerID"], $params["Resource"], $params["Expiration"]) || !UUID::TryParse($params["OwnerID"], $this->OwnerID)) { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } if (!isset($params["CapabilityID"]) || !UUID::TryParse($params["CapabilityID"], $this->CapabilityID)) { $this->CapabilityID = UUID::Random(); } $resource = $params["Resource"]; $expiration = $params["Expiration"]; $sql = "INSERT INTO Capabilities (ID, OwnerID, Resource, ExpirationDate) VALUES (:ID, :OwnerID, :Resource, :ExpirationDate)\n ON DUPLICATE KEY UPDATE OwnerID=VALUES(OwnerID), Resource=VALUES(Resource), ExpirationDate=VALUES(ExpirationDate)"; $sth = $db->prepare($sql); if ($sth->execute(array(':ID' => $this->CapabilityID, ':OwnerID' => $this->OwnerID, ':Resource' => $resource, ':ExpirationDate' => $expiration))) { header("Content-Type: application/json", true); echo sprintf('{"Success": true, "CapabilityID": "%s"}', $this->CapabilityID); exit; } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } }
public function Execute($db, $params) { $sql = "SELECT Identifier, Type, Credential, UserID, Enabled FROM Identities WHERE"; $id = null; if (isset($params["UserID"]) && UUID::TryParse($params["UserID"], $id)) { $sql .= " UserID=:ID"; } else { if (isset($params["Identifier"])) { $id = $params["Identifier"]; $sql .= " Identifier=:ID"; } else { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } } $sth = $db->prepare($sql); if ($sth->execute(array(':ID' => $id))) { $found = array(); while ($obj = $sth->fetchObject()) { $found[] = sprintf('{"Identifier":"%s","Credential":"%s","Type":"%s","UserID":"%s","Enabled":%s}', $obj->Identifier, $obj->Credential, $obj->Type, $obj->UserID, $obj->Enabled ? 'true' : 'false'); } header("Content-Type: application/json", true); echo '{"Success":true,"Identities":[' . implode(',', $found) . ']}'; exit; } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } }
public function Execute($db, $params) { if (!isset($params["OwnerID"], $params["Resource"], $params["Expiration"]) || !UUID::TryParse($params["OwnerID"], $this->OwnerID)) { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } if (!isset($params["CapabilityID"]) || !UUID::TryParse($params["CapabilityID"], $this->CapabilityID)) { $this->CapabilityID = UUID::Random(); } $resource = $params["Resource"]; $expiration = intval($params["Expiration"]); // Sanity check the expiration date if ($expiration <= time()) { header("Content-Type: application/json", true); echo '{ "Message": "Invalid expiration date ' . $expiration . '" }'; exit; } log_message('debug', "Creating capability " . $this->CapabilityID . " owned by " . $this->OwnerID . " mapping to {$resource} until {$expiration}"); $sql = "INSERT INTO Capabilities (ID, OwnerID, Resource, ExpirationDate) VALUES (:ID, :OwnerID, :Resource, FROM_UNIXTIME(:ExpirationDate))\n ON DUPLICATE KEY UPDATE ID=VALUES(ID), Resource=VALUES(Resource), ExpirationDate=VALUES(ExpirationDate)"; $sth = $db->prepare($sql); if ($sth->execute(array(':ID' => $this->CapabilityID, ':OwnerID' => $this->OwnerID, ':Resource' => $resource, ':ExpirationDate' => $expiration))) { header("Content-Type: application/json", true); echo sprintf('{"Success": true, "CapabilityID": "%s"}', $this->CapabilityID); exit; } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } }
public function Execute($db, $params) { if (isset($params["SceneID"], $params["Enabled"]) && UUID::TryParse($params["SceneID"], $this->SceneID)) { $sql = "UPDATE Scenes SET Enabled=:Enabled WHERE ID='" . $this->SceneID . "'"; } else { if (isset($params["Name"], $params["Enabled"])) { $sql = "UPDATE Scenes SET Enabled=:Enabled WHERE Name='" . $params["Name"] . "'"; } else { log_message('error', sprintf("AddScene: Unable to parse passed parameters or parameter missing: '%s'", print_r($params, true))); header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } } $sth = $db->prepare($sql); if ($sth->execute(array(':Enabled' => $params["Enabled"]))) { if ($sth->rowCount() > 0) { header("Content-Type: application/json", true); echo '{ "Success": true }'; exit; } else { log_message('error', "Failed updating the database"); header("Content-Type: application/json", true); echo '{ "Message": "Database update failed" }'; exit; } } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } }
public function Execute($db, $params) { $sql = "DELETE FROM Sessions"; if (isset($params['SessionID']) && UUID::TryParse($params['SessionID'], $this->ID)) { $sql .= " WHERE SessionID=:ID"; } else { if (isset($params['UserID']) && UUID::TryParse($params['UserID'], $this->ID)) { $sql .= " WHERE UserID=:ID"; } else { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } } $sth = $db->prepare($sql); if ($sth->execute(array(':ID' => $this->ID))) { header("Content-Type: application/json", true); echo '{ "Success": true }'; exit; } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } }
public function Execute($db, $params) { $this->inventory = new ALT($db); $folderid = ''; if (!isset($params["FolderID"]) || !UUID::TryParse($params["FolderID"], $folderid)) { $folderid = UUID::Random(); } $this->Folder = new InventoryFolder($folderid); if (!isset($params, $params["Name"], $params["ParentID"], $params["OwnerID"]) || !UUID::TryParse($params["ParentID"], $this->Folder->ParentID) || !UUID::TryParse($params["OwnerID"], $this->Folder->OwnerID)) { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } $this->Folder->Name = trim($params["Name"]); $this->Folder->ContentType = isset($params["ContentType"]) && trim($params["ContentType"]) != '' ? trim($params["ContentType"]) : 'application/octet-stream'; $this->Folder->ExtraData = isset($params["ExtraData"]) ? trim($params["ExtraData"]) : ''; try { $result = $this->inventory->InsertNode($this->Folder); if ($result != FALSE) { header("Content-Type: application/json", true); echo sprintf('{ "Success": true, "FolderID": "%s" }', $result); exit; } else { header("Content-Type: application/json", true); echo '{ "Message": "Folder creation failed" }'; exit; } } catch (Exception $ex) { log_message('error', sprintf("Error occurred during query: %s", $ex)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } }
public function Execute($db, $params) { $asset = null; $assetID = null; if (isset($params["ID"]) && UUID::TryParse($params["ID"], $assetID)) { log_message('debug', "xGetAsset asset: {$assetID}"); $assets = new SQLAssets($db); $asset = $assets->GetAsset($assetID); } $response = array(); if (!empty($asset)) { $response['Success'] = TRUE; $response['SHA256'] = $asset->SHA256; $response['Last-Modified'] = gmdate(DATE_RFC850, $asset->CreationDate); $response['CreatorID'] = $asset->CreatorID; $response['ContentType'] = $asset->ContentType; $response['ContentLength'] = $asset->ContentLength; $response['EncodedData'] = base64_encode($asset->Data); $response['Temporary'] = $asset->Temporary; } else { log_message('info', "Asset {$assetID} not found"); $response['Success'] = FALSE; $response['Message'] = "Asset {$assetID} not found"; } header("Content-Type: application/json", true); echo json_encode($response); exit; }
public function Execute($db, $params) { if (!isset($params["CapabilityID"]) || !UUID::TryParse($params["CapabilityID"], $this->CapabilityID)) { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } $sql = "SELECT OwnerID,Resource,UNIX_TIMESTAMP(ExpirationDate) AS ExpirationDate FROM Capabilities WHERE ID=:ID AND UNIX_TIMESTAMP(ExpirationDate) > UNIX_TIMESTAMP() LIMIT 1"; $sth = $db->prepare($sql); if ($sth->execute(array(':ID' => $this->CapabilityID))) { if ($sth->rowCount() > 0) { $obj = $sth->fetchObject(); header("Content-Type: application/json", true); echo sprintf('{"Success": true, "CapabilityID": "%s", "OwnerID": "%s", "Resource": "%s", "Expiration": %u}', $this->CapabilityID, $obj->OwnerID, $obj->Resource, $obj->ExpirationDate); exit; } else { header("Content-Type: application/json", true); echo '{ "Message": "Capability not found" }'; exit; } } log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; }
public function Execute($db, $params) { if (!isset($params["OwnerID"]) || !UUID::TryParse($params["OwnerID"], $this->OwnerID)) { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } $sql = "SELECT ID,Resource,UNIX_TIMESTAMP(ExpirationDate) AS ExpirationDate FROM Capabilities WHERE OwnerID=:OwnerID AND UNIX_TIMESTAMP(ExpirationDate) > UNIX_TIMESTAMP()"; $sth = $db->prepare($sql); if ($sth->execute(array(':OwnerID' => $this->OwnerID))) { $caplist = array(); while ($obj = $sth->fetchObject()) { $cap = sprintf('{"CapabilityID":"%s","Resource":"%s","Expiration":"%s"}', $obj->ID, $obj->Resource, $obj->ExpirationDate); $caplist[] = $cap; } header("Content-Type: application/json", true); echo '{ "Success":true,"Capabilities":[' . implode(',', $caplist) . ']}'; exit; } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } }
public function Execute($db, $params) { if (isset($params["UserID"], $params["Name"], $params["Email"]) && UUID::TryParse($params["UserID"], $this->UserID)) { // Distinguish between a user insert, and a user update $sql = "SELECT ID FROM Users WHERE ID=:ID"; $sth = $db->prepare($sql); $sth->execute(array('ID' => $this->UserID)); if ($sth->rowCount() == 0) { // New User Insertion $sql = "INSERT INTO Users (ID, Name, Email, AccessLevel) VALUES (:ID, :Name, :Email, :AccessLevel)"; } else { // UUID exists, update existing record $sql = "UPDATE Users SET Name=:Name, Email=:Email, AccessLevel=:AccessLevel WHERE ID=:ID"; } $sth->closeCursor(); // Set the AccessLevel for this user if (isset($params["AccessLevel"]) && is_numeric($params["AccessLevel"])) { $accessLevel = (int) $params["AccessLevel"]; if ($accessLevel > 255) { $accessLevel = 255; } else { if ($accessLevel < 0) { $accessLevel = 0; } } } else { $accessLevel = 0; } $sth = $db->prepare($sql); if ($sth->execute(array('ID' => $this->UserID, 'Name' => $params["Name"], 'Email' => $params["Email"], 'AccessLevel' => $accessLevel))) { if ($sth->rowCount() > 0) { header("Content-Type: application/json", true); echo '{ "Success": true }'; exit; } else { log_message('error', "Failed updating the database"); header("Content-Type: application/json", true); echo '{ "Message": "Database update failed" }'; exit; } } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } } else { log_message('error', sprintf("Missing or invalid parameters: %s", print_r($params, true))); header("Content-Type: application/json", true); echo '{ "Message": "Missing or invalid parameters" }'; exit; } }
public function Execute($db, $params) { if (isset($params["UserID"]) && UUID::TryParse($params["UserID"], $this->UserID)) { unset($params["RequestMethod"]); unset($params["UserID"]); if (count($params) > 0) { $sql = "REPLACE INTO UserData (ID, `Key`, `Value`) VALUES"; $values = array(":ID" => $this->UserID); $i = 0; foreach ($params as $key => $value) { if ($key === "UserID" || $key === "Name" || $key === "Email") { header("Content-Type: application/json", true); echo '{ "Message": "Field name is reserved" }'; exit; } if ($i > 0) { $sql .= ','; } $sql .= '(:ID, :Key' . $i . ', :Value' . $i . ')'; $values[':Key' . $i] = preg_replace('/[^a-zA-Z0-9\\s]/', '', $key); $values[':Value' . $i] = escape_json($value); ++$i; } $sth = $db->prepare($sql); if ($sth->execute($values)) { if ($sth->rowCount() > 0) { header("Content-Type: application/json", true); echo '{ "Success": true }'; exit; } else { log_message('error', "Failed updating the database"); header("Content-Type: application/json", true); echo '{ "Message": "Database update failed" }'; exit; } } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } } else { header("Content-Type: application/json", true); echo '{ "Message": "No fields specified" }'; exit; } } else { header("Content-Type: application/json", true); echo '{ "Message": "Missing or invalid UserID" }'; exit; } }
public function Execute($db, $params) { $sql = "SELECT * FROM Sessions WHERE"; if (isset($params["UserID"]) && UUID::TryParse($params["UserID"], $this->ID)) { $sql .= " UserID=:ID"; } else { if (isset($params["SessionID"]) && UUID::TryParse($params["SessionID"], $this->ID)) { $sql .= " SessionID=:ID"; } else { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } } $sth = $db->prepare($sql); if ($sth->execute(array(':ID' => $this->ID))) { if ($sth->rowCount() > 0) { $obj = $sth->fetchObject(); $session = new Session(); $session->UserID = $obj->UserID; $session->SessionID = $obj->SessionID; $session->SecureSessionID = $obj->SecureSessionID; $session->SceneID = $obj->SceneID; $session->ScenePosition = Vector3::Parse($obj->ScenePosition); $session->SceneLookAt = Vector3::Parse($obj->SceneLookAt); $session->LastUpdate = $obj->LastUpdate; $session->ExtraData = $obj->ExtraData; if (empty($session->ExtraData)) { $session->ExtraData = "{}"; } $output = sprintf('{ "Success": true, "UserID": "%s", "SessionID": "%s", "SecureSessionID": "%s", "SceneID": "%s", "ScenePosition": %s, "SceneLookAt": %s, "ExtraData": %s }', $session->UserID, $session->SessionID, $session->SecureSessionID, $session->SceneID, $session->ScenePosition->toOSD(), $session->SceneLookAt->toOSD(), $session->ExtraData); header("Content-Type: application/json", true); echo $output; exit; } else { header("Content-Type: application/json", true); echo '{ "Message": "Session not found" }'; exit; } } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } }
public function Execute($db, $params) { if (isset($params["SessionID"]) && UUID::TryParse($params["SessionID"], $this->SessionID)) { $sql = "UPDATE Sessions SET"; $dbValues = array('SessionID' => $this->SessionID); $addComma = FALSE; handle_uuid_parameter("SecureSessionID", $params, $sql, $dbValues, $addComma); handle_uuid_parameter("SceneID", $params, $sql, $dbValues, $addComma); handle_vector_parameter("ScenePosition", $params, $sql, $dbValues, $addComma); handle_vector_parameter("SceneLookAt", $params, $sql, $dbValues, $addComma); handle_json_parameter("ExtraData", $params, $sql, $dbValues, $addComma); $sql .= " WHERE SessionID=:SessionID"; $sth = $db->prepare($sql); if ($sth->execute($dbValues)) { // TODO: We don't currently check if a row was actually updated since rowCount() will be zero // if there was no change (false negative). header("Content-Type: application/json", true); echo '{ "Success": true }'; exit; //if ($sth->rowCount() > 0) //{ // header("Content-Type: application/json", true); // echo '{ "Success": true }'; // exit(); //} //else //{ // // FIXME: rowCount() will be 0 if no changes were made. No // // change should still be reported as a success // header("Content-Type: application/json", true); // echo '{ "Message": "Session does not exist" }'; // exit(); //} } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } } else { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } }
public function Execute($db, $params) { $this->Scene = new Scene(); if (isset($params["SceneID"], $params["Key"], $params["Value"]) && UUID::TryParse($params["SceneID"], $this->Scene->ID)) { $sql = "SELECT ExtraData FROM Scenes WHERE Scenes.ID = :SceneID"; $sth = $db->prepare($sql); $key = $params['Key']; $value = $params['Value']; if ($sth->execute(array('SceneID' => $this->Scene->ID))) { if ($sth->rowCount() == 1) { $obj = $sth->fetchObject(); $scene = new Scene(); $xtra = array(); if (!is_null($obj->ExtraData)) { $xtra = json_decode($obj->ExtraData, true); } $xtra[$key] = $value; $sql2 = "UPDATE Scenes SET ExtraData = :ExtraData WHERE ID = :SceneID"; $sth2 = $db->prepare($sql2); if ($sth2->execute(array('SceneID' => $this->Scene->ID, 'ExtraData' => json_encode($xtra)))) { header("Content-Type: application/json", true); echo '{"Success":true}'; exit; } else { header("Content-Type: application/json", true); echo '{ "Message": "unable to set scene" }'; exit; } } else { header("Content-Type: application/json", true); echo '{ "Message": "No matching scene found" }'; exit; } } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } } else { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; } }
public function Execute($db, $params) { $itemID = NULL; $ownerID = NULL; $fetchFolders = TRUE; $fetchItems = TRUE; $childrenOnly = TRUE; if (!isset($params["ItemID"], $params["OwnerID"]) || !UUID::TryParse($params["ItemID"], $itemID) || !UUID::TryParse($params["OwnerID"], $ownerID)) { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } if (isset($params["IncludeFolders"])) { $fetchFolders = (bool) $params["IncludeFolders"]; } if (isset($params["IncludeItems"])) { $fetchItems = (bool) $params["IncludeItems"]; } if (isset($params["ChildrenOnly"])) { $childrenOnly = (bool) $params["ChildrenOnly"]; } $this->inventory = new ALT($db); // Optimization for inventory skeleton fetching if ($itemID == $ownerID && $fetchFolders && !$fetchItems && !$childrenOnly) { log_message('debug', 'Doing a FetchSkeleton for ' . $ownerID); if ($library = $this->inventory->FetchSkeleton($ownerID)) { output_results($library); exit; } else { header("Content-Type: application/json", true); echo '{ "Message": "Inventory not found" }'; exit; } } else { if ($nodes = $this->inventory->FetchDescendants($itemID, $fetchFolders, $fetchItems, $childrenOnly)) { output_results($nodes); exit; } else { header("Content-Type: application/json", true); echo '{ "Message": "Item or folder not found" }'; exit; } } }
public function Execute($db, $params) { $ownerID = null; if (isset($params["Type"])) { $dbValues = array(':Type' => $params["Type"]); if (isset($params["OwnerID"]) && UUID::TryParse($params["OwnerID"], $ownerID)) { $sql = "SELECT `OwnerID`, `Key`, `Value` FROM Generic WHERE `OwnerID`=:OwnerID AND `Type`=:Type"; $dbValues[':OwnerID'] = $ownerID; if (isset($params["Key"])) { $sql .= " AND `Key`=:Key"; $dbValues[':Key'] = $params["Key"]; } } else { if (isset($params["Key"])) { $sql = "SELECT `OwnerID`, `Key`, `Value` FROM Generic WHERE `Key`=:Key AND `Type`=:Type"; $dbValues[':Key'] = $params["Key"]; } else { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } } $sth = $db->prepare($sql); if ($sth->execute($dbValues)) { $found = array(); while ($obj = $sth->fetchObject()) { $found[] = json_encode(array('OwnerID' => $obj->OwnerID, 'Key' => $obj->Key, 'Value' => $obj->Value)); } header("Content-Type: application/json", true); echo '{ "Success": true, "Entries": [' . implode(',', $found) . '] }'; exit; } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } } else { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } }
public function Execute($db, $params) { $this->inventory = new ALT($db); $itemid = null; if (!isset($params["ItemID"]) || !UUID::TryParse($params["ItemID"], $itemid)) { $itemid = UUID::Random(); } $this->Item = new InventoryItem($itemid); if (!isset($params, $params["AssetID"], $params["Name"], $params["ParentID"], $params["OwnerID"]) || !UUID::TryParse($params["ParentID"], $this->Item->ParentID) || !UUID::TryParse($params["AssetID"], $this->Item->AssetID) || !UUID::TryParse($params["OwnerID"], $this->Item->OwnerID)) { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } $this->Item->Name = trim($params["Name"]); $this->Item->Description = isset($params["Description"]) ? $params["Description"] : ''; $this->Item->ExtraData = isset($params["ExtraData"]) ? $params["ExtraData"] : ''; // If the CreatorID is not set, invalid, or zero, we set CreatorID to NULL so the database // layer will fetch CreatorID information based on AssetID if (!isset($params["CreatorID"]) || !UUID::TryParse($params["CreatorID"], $this->Item->CreatorID) || $this->Item->CreatorID == '00000000-0000-0000-0000-000000000000') { $this->Item->CreatorID = null; } // If ContentType is not given the database layer will fetch ContentType information based // on AssetID if (isset($params["ContentType"])) { $this->Item->ContentType = $params["ContentType"]; } try { $result = $this->inventory->InsertNode($this->Item); if ($result != false) { header("Content-Type: application/json", true); echo sprintf('{ "Success": true, "ItemID": "%s" }', $result); exit; } else { header("Content-Type: application/json", true); echo '{ "Message": "Item creation failed" }'; exit; } } catch (Exception $ex) { log_message('error', sprintf("Error occurred during query: %s", $ex)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } }
public function Execute($db, $params) { if (isset($params["UserID"], $params["Name"], $params["Email"]) && UUID::TryParse($params["UserID"], $this->UserID)) { $sql = "REPLACE INTO Users (ID, Name, Email, AccessLevel) VALUES (:ID, :Name, :Email, :AccessLevel)"; // Set the AccessLevel for this user if (isset($params["AccessLevel"]) && is_numeric($params["AccessLevel"])) { $accessLevel = (int) $params["AccessLevel"]; if ($accessLevel > 255) { $accessLevel = 255; } else { if ($accessLevel < 0) { $accessLevel = 0; } } } else { $accessLevel = 0; } $sth = $db->prepare($sql); if ($sth->execute(array('ID' => $this->UserID, 'Name' => $params["Name"], 'Email' => $params["Email"], 'AccessLevel' => $accessLevel))) { if ($sth->rowCount() > 0) { header("Content-Type: application/json", true); echo '{ "Success": true }'; exit; } else { log_message('error', "Failed updating the database"); header("Content-Type: application/json", true); echo '{ "Message": "Database update failed" }'; exit; } } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } } else { log_message('error', sprintf("Missing or invalid parameters: %s", print_r($params, true))); header("Content-Type: application/json", true); echo '{ "Message": "Missing or invalid parameters" }'; exit; } }
public function Execute($db, $params) { $ownerID = null; $folderID = null; if (!isset($params["OwnerID"], $params["FolderID"]) || !UUID::TryParse($params["OwnerID"], $ownerID) || !UUID::TryParse($params["FolderID"], $folderID)) { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } $this->inventory = new ALT($db); if ($this->inventory->RemoveNode($folderID, TRUE)) { header("Content-Type: application/json", true); echo '{ "Success": true }'; exit; } else { header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } }
public function Execute($db, $params) { $asset = null; $assetID = null; $response = array(); if (isset($params["EncodedData"]) && isset($params["ContentType"])) { log_message('debug', "xAddAsset asset"); // Build the asset structure from the parameters $asset = new Asset(); if (!isset($params["AssetID"]) || !UUID::TryParse($params["AssetID"], $asset->ID)) { $asset->ID = UUID::Random(); } if (!isset($params["CreatorID"]) || !UUID::TryParse($params["CreatorID"], $asset->CreatorID)) { $asset->CreatorID = UUID::Zero; } $asset->Data = base64_decode($params["EncodedData"]); $asset->SHA256 = hash("sha256", $asset->Data); $asset->ContentLength = strlen($asset->Data); $asset->ContentType = $params["ContentType"]; $asset->Temporary = !empty($params["Temporary"]); $asset->Public = !empty($params["Public"]); $assets = new SQLAssets($db); $created = false; if ($assets->AddAsset($asset, $created)) { $response['Success'] = TRUE; $response['AssetID'] = $asset->ID; $response['Status'] = $created ? "created" : "updated"; } else { log_message('warn', 'failed to create asset'); $response['Success'] = FALSE; $response['Message'] = 'failed to create the asset'; } } else { $response['Success'] = FALSE; $response['Message'] = 'missing required parameters'; } log_message('debug', sprintf("[AddAsset] result %s", json_encode($response))); header("Content-Type: application/json", true); echo json_encode($response); exit; }
public function Execute($db, $params) { if (isset($params["UserID"], $params["Key"]) && UUID::TryParse($params["UserID"], $this->UserID)) { $sql = "DELETE FROM UserData WHERE `ID`=:UserID AND `Key`=:Key"; $sth = $db->prepare($sql); if ($sth->execute(array(':UserID' => $params['UserID'], ':Key' => $params['Key']))) { header("Content-Type: application/json", true); echo '{ "Success": true }'; exit; } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } } else { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } }
public function Execute($db, $params) { $response = array(); $assetID = null; if (!isset($params["AssetID"]) || !UUID::TryParse($params["AssetID"], $assetID)) { $response['Success'] = FALSE; $response['Message'] = 'missing required parameters'; } else { $assets = new SQLAssets($db); //$assets = new MongoAssets($db); //$assets = new FSAssets($db); if ($assets->RemoveAsset($assetID)) { $response['Success'] = TRUE; } else { $response['Success'] = FALSE; $response['Message'] = 'failed to remove the asset'; } } header("Content-Type: application/json", true); echo json_encode($response); exit; }
public function Execute($db, $params) { $ownerID = null; if (isset($params["OwnerID"], $params["Type"], $params["Key"], $params["Value"]) && UUID::TryParse($params["OwnerID"], $ownerID)) { $sql = "INSERT INTO Generic (`OwnerID`, `Type`, `Key`, `Value`)\n VALUES (:OwnerID, :Type, :Key, :Value)\n ON DUPLICATE KEY UPDATE `Type`=VALUES(`Type`), `Key`=VALUES(`Key`), `Value`=VALUES(`Value`)"; $sth = $db->prepare($sql); if ($sth->execute(array(':OwnerID' => $ownerID, ':Type' => $params["Type"], ':Key' => $params["Key"], ':Value' => $params["Value"]))) { header("Content-Type: application/json", true); echo '{ "Success": true }'; exit; } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } } else { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } }
public function Execute($db, $params) { $ownerID = NULL; $folderID = NULL; if (!isset($params['OwnerID'], $params['FolderID'], $params['Items']) || !UUID::TryParse($params['OwnerID'], $ownerID) || !UUID::TryParse($params['FolderID'], $folderID)) { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } $itemIDs = explode(',', $params['Items']); if (!isset($itemIDs) || count($itemIDs) < 1) { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } $uuidItemIDs = array(); foreach ($itemIDs as $itemID) { $parsedItemID = NULL; if (UUID::TryParse($itemID, $parsedItemID)) { $uuidItemIDs[] = $parsedItemID; } else { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } } $this->inventory = new ALT($db); if ($this->inventory->MoveNodes($uuidItemIDs, $folderID)) { header("Content-Type: application/json", true); echo '{ "Success": true }'; exit; } else { header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } }
public function Execute($db, $params) { $ownerID = null; if (!isset($params['OwnerID'], $params['ContentType']) || !UUID::TryParse($params['OwnerID'], $ownerID)) { header("Content-Type: application/json", true); echo '{ "Message": "Invalid parameters" }'; exit; } $contentType = $params['ContentType']; $sql = "SELECT * FROM Inventory WHERE OwnerID=:OwnerID AND Type='Folder' AND ContentType=:ContentType LIMIT 1"; $sth = $db->prepare($sql); if ($sth->execute(array('OwnerID' => $ownerID, 'ContentType' => $contentType))) { if ($sth->rowCount() > 0) { $item = $sth->fetchObject(); $folder = new InventoryFolder(UUID::Parse($item->ID)); $folder->ParentID = UUID::Parse($item->ParentID); $folder->OwnerID = UUID::Parse($item->OwnerID); $folder->Name = $item->Name; $folder->ContentType = $item->ContentType; $folder->Version = $item->Version; $folder->ExtraData = $item->ExtraData; header("Content-Type: application/json", true); echo sprintf('{ "Success": true, "Folder": %s }', $folder->toOSD()); exit; } else { header("Content-Type: application/json", true); echo '{ "Message": "Folder not found" }'; exit; } } else { log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true))); log_message('debug', sprintf("Query: %s", $sql)); header("Content-Type: application/json", true); echo '{ "Message": "Database query error" }'; exit; } }
function process_login($method_name, $params, $userID) { $config =& get_config(); $userService = $config['user_service']; log_message('debug', "Processing new login request"); $req = $params[0]; $fullname = $req["first"] . ' ' . $req["last"]; // Sanity check the request, make sure it's somewhat valid if (empty($userID)) { if (!isset($req["first"], $req["last"], $req["passwd"]) || empty($req["first"]) || empty($req["last"]) || empty($req["passwd"])) { return array('reason' => 'key', 'login' => 'false', 'message' => "Login request must contain a first name, last name, and password and they cannot be blank"); } // Authorize the first/last/password and resolve it to a user account UUID log_message('debug', "Doing password-based authorization for user {$fullname}"); $userID = authorize_identity($fullname, $req['passwd']); if (empty($userID)) { return array('reason' => 'key', 'login' => 'false', 'message' => "Sorry! We couldn't log you in.\nPlease check to make sure you entered the right\n * Account name\n * Password\nAlso, please make sure your Caps Lock key is off."); } log_message('debug', sprintf("Authorization success for %s", $userID)); } else { log_message('debug', sprintf("Using pre-authenticated capability for %s", $userID)); } // Get information about the user account $user = get_user_by_id($userID); if (empty($user)) { return array('reason' => 'key', 'login' => 'false', 'message' => "Sorry! We couldn't log you in. User account information could not be retrieved. If this problem persists, please contact the grid operator."); } $login_success = true; //ensure username has the same case as in the database $fullname = $user['Name']; if (!empty($user['UserFlags'])) { // get_user_by_id() fully decodes the structure, this is not needed //$userflags = json_decode($user['UserFlags'], TRUE); $userflags = $user['UserFlags']; if (!empty($userflags['Suspended']) && (bool) $userflags['Suspended'] === true) { $login_success = false; log_message('debug', "User " . $user['Name'] . " is banned."); } else { if ($user['AccessLevel'] < $config['access_level_minimum']) { if ($config['validation_required']) { if (!empty($userflags['Validated'])) { $login_success = $userflags['Validated']; } else { $login_success = false; } if (!$login_success) { log_message('debug', "User " . $user['Name'] . " has not validated their email."); } } } } } else { if ($user['AccessLevel'] < $config['access_level_minimum'] && $config['validation_required']) { $login_success = false; log_message('debug', "User " . $user['Name'] . " has not validated their email."); } } if (!$login_success) { return array('reason' => 'key', 'login' => 'false', 'message' => "Sorry! We couldn't log you in. User account has been suspended or is not yet activated. If this problem persists, please contact the grid operator."); } $lastLocation = null; if (isset($user['LastLocation'])) { $lastLocation = SceneLocation::fromOSD($user['LastLocation']); } $homeLocation = null; if (isset($user['HomeLocation'])) { $homeLocation = SceneLocation::fromOSD($user['HomeLocation']); } log_message('debug', sprintf("User retrieval success for %s", $fullname)); // Check for an existing session $existingSession = get_session($userID); if (!empty($existingSession)) { log_message('debug', sprintf("Existing session %s found for %s in scene %s", $existingSession["SessionID"], $fullname, $existingSession["SceneID"])); $sceneID = null; if (UUID::TryParse($existingSession["SceneID"], $sceneID)) { inform_scene_of_logout($sceneID, $userID); } if (remove_session($userID)) { log_message('debug', "Removed existing session for {$fullname} ({$userID})"); } else { log_message('warn', "Failed to remove session for {$fullname} ({$userID})"); return array('reason' => 'presence', 'login' => 'false', 'message' => "You are already logged in from another location. Please try again later."); } } else { log_message('debug', "No existing session found for {$fullname} ({$userID})"); } // Create a login session $sessionID = null; $secureSessionID = null; $extradata = array('ClientIP' => $_SERVER['REMOTE_ADDR']); if (!add_session($userID, $sessionID, $secureSessionID, $extradata)) { return array('reason' => 'presence', 'login' => 'false', 'message' => "Failed to create a login session. Please try again later."); } log_message('debug', sprintf("Session creation success for %s (%s)", $fullname, $userID)); // Find the starting scene for this user $scene = null; $startPosition = null; $startLookAt = null; if (!find_start_location($req['start'], $lastLocation, $homeLocation, $scene, $startPosition, $startLookAt) || !isset($scene->ExtraData['ExternalAddress'], $scene->ExtraData['ExternalPort'])) { return array('reason' => 'presence', 'login' => 'false', 'message' => "Error connecting to the grid. No suitable region to connect to."); } $lludpAddress = $scene->ExtraData['ExternalAddress']; $lludpPort = $scene->ExtraData['ExternalPort']; // Generate a circuit code srand(make_seed()); $circuitCode = rand(); // Prepare a login to the destination scene $seedCapability = NULL; $appearance = $user['LLPackedAppearance']; if (!create_opensim_presence($scene, $userID, $circuitCode, $fullname, $appearance, $sessionID, $secureSessionID, $startPosition, $seedCapability)) { return array('reason' => 'presence', 'login' => 'false', 'message' => "Failed to establish a presence in the destination region. Please try again later."); } log_message('debug', sprintf("Presence creation success for %s (%s) in %s with seedcap %s", $fullname, $userID, $scene->Name, $seedCapability)); // Build the response $response = array(); $response['seconds_since_epoch'] = time(); $response['login'] = '******'; $response['agent_id'] = (string) $userID; list($response['first_name'], $response['last_name']) = explode(' ', $fullname); $response['message'] = $config['message_of_the_day']; $response['udp_blacklist'] = $config['udp_blacklist']; $response['circuit_code'] = $circuitCode; $response['sim_ip'] = $lludpAddress; $response['sim_port'] = (int) $lludpPort; $response['seed_capability'] = $seedCapability; $response['region_x'] = (string) $scene->MinPosition->X; $response['region_y'] = (string) $scene->MinPosition->Y; $response['region_size_x'] = (string) ($scene->MaxPosition->X - $scene->MinPosition->X); $response['region_size_y'] = (string) ($scene->MaxPosition->Y - $scene->MinPosition->Y); $response['look_at'] = sprintf("[r%s, r%s, r%s]", $startLookAt->X, $startLookAt->Y, $startLookAt->Z); // TODO: If a valid $homeLocation is set, we should be pulling region_handle / position / lookat out of it $response['home'] = sprintf("{'region_handle':[r%s, r%s], 'position':[r%s, r%s, r%s], 'look_at':[r%s, r%s, r%s]}", $scene->MinPosition->X, $scene->MinPosition->Y, $startPosition->X, $startPosition->Y, $startPosition->Z, $startLookAt->X, $startLookAt->Y, $startLookAt->Z); $response['session_id'] = (string) $sessionID; $response['secure_session_id'] = (string) $secureSessionID; $req['options'][] = 'initial-outfit'; for ($i = 0; $i < count($req['options']); $i++) { $option = str_replace('-', '_', $req['options'][$i]); if (file_exists(BASEPATH . "options/Class.{$option}.php")) { if (include_once BASEPATH . "options/Class.{$option}.php") { $instance = new $option($user); $response[$req["options"][$i]] = $instance->GetResults(); } else { log_message('warn', "Unable to process login option: " . $option); } } else { log_message('debug', "Option " . $option . " not implemented."); } } $response["start_location"] = $req["start"]; $response["agent_access"] = 'A'; $response["agent_region_access"] = 'A'; $response["agent_access_max"] = 'A'; $response["agent_flags"] = 0; $response["ao_transition"] = 0; $response["inventory_host"] = "127.0.0.1"; log_message('info', sprintf("Login User=%s %s Channel=%s Start=%s Viewer=%s id0=%s Mac=%s", $req["first"], $req["last"], $req["channel"], $req["start"], $req["version"], $req["id0"], $req["mac"])); return $response; }
$request = $json; } else { log_message('warn', "Error decoding JSON request"); log_message('debug', "Invalid JSON request data: " . $data); RequestFailed('Error decoding JSON request'); } } } $capability = trim($request['cap']); $operation = trim($request['RequestMethod']); } } log_message('debug', sprintf("cap=%s, op=%s, request=%s", $capability, $operation, json_encode($request))); // --------------- validate the capability --------------- if (!empty($config['authorize_commands'])) { if (!UUID::TryParse($capability, $capid)) { log_message('warn', sprintf("invalid uuid %s", $capability)); RequestFailed('Invalid capability'); } $cap = get_capability($capability); if ($cap == null) { log_message('warn', sprintf("invalid capability %s", $capability)); RequestFailed('Invalid capability'); } // log_message('debug',sprintf("Capability=%s",json_encode($cap))); } // execute_command($operation, $capability, $request); if (file_exists(BASEPATH . "lib/Class.{$operation}.php")) { if (include_once BASEPATH . "lib/Class.{$operation}.php") { $gMethodName = $operation; $instance = new $operation();
function add_wearable(&$wearables, $appearance, $wearableName) { $uuid = null; // ItemID if (isset($appearance[$wearableName . 'Item']) && UUID::TryParse($appearance[$wearableName . 'Item'], $uuid)) { $wearables[] = $uuid; } else { $wearables[] = UUID::Zero; } // AssetID if (isset($appearance[$wearableName . 'Asset']) && UUID::TryParse($appearance[$wearableName . 'Asset'], $uuid)) { $wearables[] = $uuid; } else { $wearables[] = UUID::Zero; } }