public static function _GenerateLicenses(Form $form) { $qty = $form->getElementValue('qty'); if (!is_numeric($qty)) { Core::SetMessage('Please set a valid quantity', 'error'); return false; } if ($qty < 1) { Core::SetMessage('Please set a quantity greater than 0', 'error'); return false; } if ($qty > 999) { Core::SetMessage('Quantity limited to 999', 'warning'); $qty = 999; } $expires = new \Core\Date\DateTime(); $expires->modify($form->getElementValue('duration')); $expires = $expires->format('Y-m-d'); for ($i = 0; $i < $qty; $i++) { $license = new PackageRepositoryLicenseModel(); $license->set('password', \Core\random_hex(rand(35, 49))); $license->set('expires', $expires); $license->save(); } Core::SetMessage('Generated ' . $qty . ' license(s)!', 'success'); return '/packagerepositorylicense/admin'; }
/** * Check permissions on the user and system and return either blank or a string containing the error. * * @param string $step * * @return array|null */ private function _checkPermissions($step) { $error = null; if (!\ConfigHandler::Get('/package_repository/base_directory')) { // Check if the config is even set, can't proceed if it's not. trigger_error('The package repository does not appear to be setup yet. Please browse to Configuration and the appropriate options.'); return ['status' => View::ERROR_SERVERERROR, 'message' => 'The package repository is not setup on this server.']; } $dir = Factory::Directory(\ConfigHandler::Get('/package_repository/base_directory')); if (!$dir->exists()) { trigger_error($dir->getPath() . ' does not appear to exist! Unable to browse repo.xml without it.'); return ['status' => View::ERROR_SERVERERROR, 'message' => $dir->getPath() . ' does not seem to exist!']; } elseif (!$dir->isReadable()) { trigger_error($dir->getPath() . ' does not appear to be readable! Unable to browse repo.xml without it.'); return ['status' => View::ERROR_SERVERERROR, 'message' => $dir->getPath() . ' does not seem to be readable!']; } if (ConfigHandler::Get('/package_repository/is_private')) { // Lookup this license key, (or request one if not present). $valid = false; $autherror = 'Access to ' . SITENAME . ' (Package Repository) requires a license key and password.'; if (isset($_SERVER['PHP_AUTH_PW']) && isset($_SERVER['PHP_AUTH_USER'])) { $user = $_SERVER['PHP_AUTH_USER']; $pw = $_SERVER['PHP_AUTH_PW']; } else { $user = $pw = null; } if ($user && $pw) { /** @var PackageRepositoryLicenseModel $license */ $license = PackageRepositoryLicenseModel::Construct($user); $licvalid = $license->isValid($pw); if ($licvalid == 0) { // Lock this license to the remote IP, if requested by the admin. if (ConfigHandler::Get('/package_repository/auto_ip_restrict') && !$license->get('ip_restriction')) { $license->set('ip_restriction', REMOTE_IP); $license->save(); } SystemLogModel::LogInfoEvent('/packagerepository/' . $step, '[' . $user . '] accessed repository successfully'); return null; } else { if (($licvalid & PackageRepositoryLicenseModel::VALID_PASSWORD) == PackageRepositoryLicenseModel::VALID_PASSWORD) { $autherror = '[' . $user . '] Invalid license password'; $status = View::ERROR_ACCESSDENIED; SystemLogModel::LogSecurityEvent('/packagerepository/password_failure', $autherror); } if (($licvalid & PackageRepositoryLicenseModel::VALID_ACCESS) == PackageRepositoryLicenseModel::VALID_ACCESS) { $autherror = '[' . $user . '] IP address not authorized'; $status = View::ERROR_ACCESSDENIED; SystemLogModel::LogSecurityEvent('/packagerepository/ip_restriction', $autherror); } if (($licvalid & PackageRepositoryLicenseModel::VALID_EXPIRED) == PackageRepositoryLicenseModel::VALID_EXPIRED) { $autherror = '[' . $user . '] License provided has expired, please request a new one.'; $status = View::ERROR_GONE; SystemLogModel::LogSecurityEvent('/packagerepository/expired_license', $autherror); } if (($licvalid & PackageRepositoryLicenseModel::VALID_INVALID) == PackageRepositoryLicenseModel::VALID_INVALID) { $autherror = '[' . $user . '] License does not exist'; $status = View::ERROR_EXPECTATIONFAILED; SystemLogModel::LogSecurityEvent('/packagerepository/invalid_license', $autherror); } return ['status' => $status, 'message' => $autherror]; } } if (!$valid) { header('WWW-Authenticate: Basic realm="' . SITENAME . ' (Package Repository)"'); header('HTTP/1.0 401 Unauthorized'); echo $autherror; exit; } } else { SystemLogModel::LogInfoEvent('/packagerepository/' . $step, '[anonymous connection] accessed repository successfully'); return null; } }