Esempio n. 1
  * Handles a webservice command
  * @param int       $commandCode
  * @access public
  * @return boolean
  * @throws SoapFault
 public function Handle($commandCode)
     if (Request::GetDeviceType() !== "webservice" || Request::GetDeviceID() !== "webservice") {
         throw new FatalException("Invalid device id and type for webservice execution");
     if (Request::GetGETUser() != Request::GetAuthUser()) {
         ZLog::Write(LOGLEVEL_INFO, sprintf("Webservice::HandleWebservice('%s'): user '%s' executing action for user '%s'", $commandCode, Request::GetAuthUser(), Request::GetGETUser()));
     // initialize non-wsdl soap server
     $this->server = new SoapServer(null, array('uri' => ""));
     // the webservice command is handled by its class
     if ($commandCode == ZPush::COMMAND_WEBSERVICE_DEVICE) {
         ZLog::Write(LOGLEVEL_DEBUG, sprintf("Webservice::HandleWebservice('%s'): executing WebserviceDevice service", $commandCode));
         include_once 'webservicedevice.php';
     // the webservice command is handled by its class
     if ($commandCode == ZPush::COMMAND_WEBSERVICE_USERS) {
             throw new HTTPReturnCodeException(sprintf("Access to the WebserviceUsers service is disabled in configuration. Enable setting ALLOW_WEBSERVICE_USERS_ACCESS.", Request::GetAuthUser()), 403);
         ZLog::Write(LOGLEVEL_DEBUG, sprintf("Webservice::HandleWebservice('%s'): executing WebserviceUsers service", $commandCode));
         if (ZPush::GetBackend()->Setup("SYSTEM", true) == false) {
             throw new AuthenticationRequiredException(sprintf("User '%s' has no admin privileges", Request::GetAuthUser()));
         include_once 'webserviceusers.php';
     ZLog::Write(LOGLEVEL_DEBUG, sprintf("Webservice::HandleWebservice('%s'): sucessfully sent %d bytes", $commandCode, ob_get_length()));
     return true;
Esempio n. 2
 public function __construct()
     $this->preserved = array();
     // static vars come from the parent class
     $this->latest = array("pid" => self::$pid, "ip" => Request::GetRemoteAddr(), "user" => self::$user, "start" => $_SERVER['REQUEST_TIME'], "devtype" => Request::GetDeviceType(), "devid" => self::$devid, "devagent" => Request::GetUserAgent(), "command" => Request::GetCommandCode(), "ended" => 0, "push" => false);
     $this->key = self::PREFIX . self::$devid . '|' . self::$user . '|' . self::$pid;
  * Constructor
  * @access public
 public function TopCollector()
     // initialize super parameters
     $this->allocate = 2097152;
     // 2 MB
     $this->type = 20;
     // initialize params
     $this->preserved = array();
     // static vars come from the parent class
     $this->latest = array("pid" => self::$pid, "ip" => Request::GetRemoteAddr(), "user" => self::$user, "start" => self::$start, "devtype" => Request::GetDeviceType(), "devid" => self::$devid, "devagent" => Request::GetUserAgent(), "command" => Request::GetCommandCode(), "ended" => 0, "push" => false);
Esempio n. 4
  * Handles a webservice command
  * @param int       $commandCode
  * @access public
  * @return boolean
  * @throws SoapFault
 public function Handle($commandCode)
     if (Request::GetDeviceType() !== "webservice" || Request::GetDeviceID() !== "webservice") {
         throw new FatalException("Invalid device id and type for webservice execution");
     if (Request::GetGETUser() != Request::GetAuthUser()) {
         ZLog::Write(LOGLEVEL_INFO, sprintf("Webservice::HandleWebservice('%s'): user '%s' executing action for user '%s'", $commandCode, Request::GetAuthUser(), Request::GetGETUser()));
     // initialize non-wsdl soap server
     $this->server = new SoapServer(null, array('uri' => ""));
     // the webservice command is handled by its class
     if ($commandCode == ZPush::COMMAND_WEBSERVICE_DEVICE) {
         ZLog::Write(LOGLEVEL_DEBUG, sprintf("Webservice::HandleWebservice('%s'): executing WebserviceDevice service", $commandCode));
         include_once 'webservicedevice.php';
     ZLog::Write(LOGLEVEL_DEBUG, sprintf("Webservice::HandleWebservice('%s'): sucessfully sent %d bytes", $commandCode, ob_get_length()));
     return true;
  * Constructor
  * @access public
 public function DeviceManager()
     $this->statemachine = ZPush::GetStateMachine();
     $this->deviceHash = false;
     $this->devid = Request::GetDeviceID();
     $this->windowSize = array();
     $this->latestFolder = false;
     $this->hierarchySyncRequired = false;
     // only continue if deviceid is set
     if ($this->devid) {
         $this->device = new ASDevice($this->devid, Request::GetDeviceType(), Request::GetGETUser(), Request::GetUserAgent());
     } else {
         throw new FatalNotImplementedException("Can not proceed without a device id.");
     $this->loopdetection = new LoopDetection();
     $this->stateManager = new StateManager();
Esempio n. 6
try {
    // check config & initialize the basics
    ZLog::Write(LOGLEVEL_DEBUG, "-------- Start");
    ZLog::Write(LOGLEVEL_INFO, sprintf("Version='%s' method='%s' from='%s' cmd='%s' getUser='******' devId='%s' devType='%s'", @constant('ZPUSH_VERSION'), Request::GetMethod(), Request::GetRemoteAddr(), Request::GetCommand(), Request::GetGETUser(), Request::GetDeviceID(), Request::GetDeviceType()));
    // Stop here if this is an OPTIONS request
    if (Request::IsMethodOPTIONS()) {
        throw new NoPostRequestException("Options request", NoPostRequestException::OPTIONS_REQUEST);
    // Process request headers and look for AS headers
    // Check required GET parameters
    if (Request::IsMethodPOST() && (Request::GetCommandCode() === false || !Request::GetGETUser() || !Request::GetDeviceID() || !Request::GetDeviceType())) {
        throw new FatalException("Requested the Z-Push URL without the required GET parameters");
    // Load the backend
    $backend = ZPush::GetBackend();
    // always request the authorization header
    if (!Request::AuthenticationInfo()) {
        throw new AuthenticationRequiredException("Access denied. Please send authorisation information");
    // check the provisioning information
    if (PROVISIONING === true && Request::IsMethodPOST() && ZPush::CommandNeedsProvisioning(Request::GetCommandCode()) && (Request::WasPolicyKeySent() && Request::GetPolicyKey() == 0 || ZPush::GetDeviceManager()->ProvisioningRequired(Request::GetPolicyKey())) && (LOOSE_PROVISIONING === false || LOOSE_PROVISIONING === true && Request::WasPolicyKeySent())) {
        //TODO for AS 14 send a wbxml response
        throw new ProvisioningRequiredException();
    // most commands require an authenticated user
    if (ZPush::CommandNeedsAuthentication(Request::GetCommandCode())) {
Esempio n. 7
        ZPush::PrintZPushLegal($exclass, sprintf('<pre>%s</pre>', $ex->getMessage()));
        // log the failed login attemt e.g. for fail2ban
        if (defined('LOGAUTHFAIL') && LOGAUTHFAIL != false) {
            ZLog::Write(LOGLEVEL_WARN, sprintf("IP: %s failed to authenticate user '%s'", Request::GetRemoteAddr(), Request::GetAuthUser() ? Request::GetAuthUser() : Request::GetGETUser()));
    } else {
        if ($ex instanceof WBXMLException) {
            ZLog::Write(LOGLEVEL_FATAL, "Request could not be processed correctly due to a WBXMLException. Please report this including the 'WBXML debug data' logged. Be aware that the debug data could contain confidential information.");
        } else {
            if (!$ex instanceof ZPushException || $ex->showLegalNotice()) {
                $cmdinfo = Request::GetCommand() ? sprintf(" processing command <i>%s</i>", Request::GetCommand()) : "";
                $extrace = $ex->getTrace();
                $trace = !empty($extrace) ? "\n\nTrace:\n" . print_r($extrace, 1) : "";
                ZPush::PrintZPushLegal($exclass . $cmdinfo, sprintf('<pre>%s</pre>', $ex->getMessage() . $trace));
    // Announce exception to process loop detection
    if (ZPush::GetDeviceManager(false)) {
    // Announce exception if the TopCollector if available
    ZPush::GetTopCollector()->AnnounceInformation(get_class($ex), true);
// save device data if the DeviceManager is available
if (ZPush::GetDeviceManager(false)) {
// end gracefully
ZLog::Write(LOGLEVEL_INFO, sprintf("cmd='%s' memory='%s/%s' time='%ss' devType='%s' devId='%s' getUser='******' from='%s' version='%s' method='%s' httpcode='%s'", Request::GetCommand(), Utils::FormatBytes(memory_get_peak_usage(false)), Utils::FormatBytes(memory_get_peak_usage(true)), number_format(microtime(true) - $_SERVER["REQUEST_TIME_FLOAT"], 2), Request::GetDeviceType(), Request::GetDeviceID(), Request::GetGETUser(), Request::GetRemoteAddr(), @constant('ZPUSH_VERSION'), Request::GetMethod(), http_response_code()));
ZLog::Write(LOGLEVEL_DEBUG, "-------- End");
Esempio n. 8
  * Sends an email notification to the user containing the data the user tried to save.
  * @param SyncObject $message
  * @param SyncObject $oldmessage
  * @return void
 private function sendNotificationEmail($message, $oldmessage)
     // get email address and full name of the user
     $userinfo = ZPush::GetBackend()->GetUserDetails(Request::GetAuthUser());
     // get the name of the folder
     $foldername = "unknown";
     $folderid = bin2hex($this->folderid);
     $folders = ZPush::GetAdditionalSyncFolders();
     if (isset($folders[$folderid]) && isset($folders[$folderid]->displayname)) {
         $foldername = $folders[$folderid]->displayname;
     // get the differences between the two objects
     $data = substr(get_class($oldmessage), 4) . "\r\n";
     // get the suppported fields as we need them to determine the ghosted properties
     $supportedFields = ZPush::GetDeviceManager()->GetSupportedFields(ZPush::GetDeviceManager()->GetFolderIdForBackendId($folderid));
     $dataarray = $oldmessage->EvaluateAndCompare($message, @constant('READ_ONLY_NOTIFY_YOURDATA'), $supportedFields);
     foreach ($dataarray as $key => $value) {
         $value = str_replace("\r", "", $value);
         $value = str_replace("\n", str_pad("\r\n", 25), $value);
         $data .= str_pad(ucfirst($key) . ":", 25) . $value . "\r\n";
     // build a simple mime message
     $toEmail = $userinfo['emailaddress'];
     $mail = "From: Z-Push <no-reply>\r\n";
     $mail .= "To: {$toEmail}\r\n";
     $mail .= "Content-Type: text/plain; charset=utf-8\r\n";
     $mail .= "Subject: " . @constant('READ_ONLY_NOTIFY_SUBJECT') . "\r\n\r\n";
     $mail .= @constant('READ_ONLY_NOTIFY_BODY') . "\r\n";
     // replace values of template
     $mail = str_replace("**USERFULLNAME**", $userinfo['fullname'], $mail);
     $mail = str_replace("**DATE**", strftime(@constant('READ_ONLY_NOTIFY_DATE_FORMAT')), $mail);
     $mail = str_replace("**TIME**", strftime(@constant('READ_ONLY_NOTIFY_TIME_FORMAT')), $mail);
     $mail = str_replace("**FOLDERNAME**", $foldername, $mail);
     $mail = str_replace("**MOBILETYPE**", Request::GetDeviceType(), $mail);
     $mail = str_replace("**MOBILEDEVICEID**", Request::GetDeviceID(), $mail);
     $mail = str_replace("**DIFFERENCES**", $data, $mail);
     // user send email to himself
     $m = new SyncSendMail();
     $m->saveinsent = false;
     $m->replacemime = true;
     $m->mime = $mail;
Esempio n. 9
  * Constructor
  * @access public
 public function __construct()
     $this->statemachine = ZPush::GetStateMachine();
     $this->deviceHash = false;
     $this->devid = Request::GetDeviceID();
     $this->saveDevice = true;
     $this->windowSize = array();
     $this->latestFolder = false;
     $this->hierarchySyncRequired = false;
     // only continue if deviceid is set
     if ($this->devid) {
         $this->device = new ASDevice($this->devid, Request::GetDeviceType(), Request::GetGETUser(), Request::GetUserAgent());
     } else {
         throw new FatalNotImplementedException("Can not proceed without a device id.");
     $this->loopdetection = new LoopDetection();
     $this->stateManager = new StateManager();
     $this->additionalFoldersHash = $this->getAdditionalFoldersHash();
     if ($this->IsKoe() && $this->device->GetKoeVersion() !== false) {
         ZLog::Write(LOGLEVEL_DEBUG, sprintf("KOE: %s / %s / %s", $this->device->GetKoeVersion(), $this->device->GetKoeBuild(), strftime("%Y-%m-%d %H:%M", $this->device->GetKoeBuildDate())));
Esempio n. 10
  * Write request header to log
 protected static function RequestHeader()
     self::Write(LOGLEVEL_DEBUG, "-------- Start");
     self::Write(LOGLEVEL_DEBUG, sprintf("cmd='%s' devType='%s' devId='%s' getUser='******' from='%s' version='%s' method='%s'", Request::GetCommand(), Request::GetDeviceType(), Request::GetDeviceID(), Request::GetGETUser(), Request::GetRemoteAddr(), @constant('ZPUSH_VERSION'), Request::GetMethod()));