function wbMain()
{
wbCore::init();
list($module, $class, $method) = wbRequest::getController();
// theme override
$theme = wbRequest::getVarClean('theme');
if (!empty($theme)) {
wbPage::setTheme($theme);
}
$page = wbRequest::getVarClean('page');
if (!empty($page)) {
wbPage::setPage($page);
}
ob_start();
$modView = wbModule::getView($module, $class, $method);
if (ob_get_length() > 0) {
$rawOutput = ob_get_contents();
$modView = 'The following lines were printed in raw mode by module, however this
should not happen. The module is probably directly calling functions
like echo, print, or printf. Please modify the module to exclude direct output.
The module is violating Webi architecture principles.<br /><br />' . $rawOutput . '<br /><br />This is the real module output:<br /><br />' . $modView;
}
ob_end_clean();
wbPage::render($modView);
}
function ws_proccess($search, $getParams, $controller, $postParams, $jsonItems, $start, $limit)
{
$GLOBALS["Webi_PageTime"] = microtime(true);
include 'lib/bootstrap.php';
/* Load Webi Core */
sys::import('webi.core');
wbCore::init();
$_GET['jsonItems'] = $jsonItems;
if (!empty($getParams)) {
$getParams =& wbUtil::jsonDecode($getParams);
} else {
$getParams = array();
}
if (json_decode($postParams) > 0) {
$postParams = json_decode($postParams);
} else {
$postParams = array();
}
$controller =& wbUtil::jsonDecode($controller);
$type = $controller['type'];
if (!empty($getParams)) {
foreach ($getParams as $key => $value) {
$_GET[$key] = $value;
}
}
if (!empty($postParams)) {
foreach ($postParams as $key => $value) {
$_POST[$key] = $value;
}
}
$_GET['module'] = $controller['module'];
$_GET['class'] = $controller['class'];
$_GET['method'] = $controller['method'];
list($module, $class, $method) = wbRequest::getController();
$callback = wbRequest::getVarClean('callback');
if (!wbModule::isAvailable($module, $class, $type)) {
header("HTTP/1.1 400 Bad Request");
return;
}
try {
$result = wbModule::call($module, $class, $method, array(), $type);
} catch (Exception $e) {
$result = array('items' => array(), 'total' => 0, 'success' => false, 'message' => $e->getMessage());
}
$return = array();
$return['success'] = $result['success'];
$return['message'] = $result['message'];
$return['total'] = (int) $result['total'];
$return['data'] = $result['items'];
$return['current'] = (int) $result['current'];
$return['rowCount'] = (int) $result['rowCount'];
$return = base64_encode(serialize($return));
return $return;
}
function wbWSMain()
{
// TODO: don't load the whole core
wbCore::init();
/*
determine the server type, then
create an instance of an that server and
serve the request according the ther servers protocol
*/
$type = wbRequest::getVarClean('type');
switch ($type) {
case 'json':
list($module, $class, $method) = wbRequest::getController();
$callback = wbRequest::getVarClean('callback');
if (!wbModule::isAvailable($module, $class, $type)) {
header("HTTP/1.1 400 Bad Request");
return;
}
try {
$result = wbModule::call($module, $class, $method, array(), $type);
} catch (Exception $e) {
$result = array('items' => array(), 'total' => 0, 'success' => false, 'message' => $e->getMessage());
}
if ($result || is_array($result)) {
if (empty($callback)) {
header('Content-Type: application/json');
echo json_encode($result);
} else {
header('Content-Type: text/javascript');
echo $callback . '(' . json_encode($result) . ')';
}
} else {
header("HTTP/1.1 500 Internal Server Error");
}
break;
default:
// nothing todo for now
}
}
/**
* Confirm an authorisation key is valid
*
* See description of xarSecGenAuthKey for information on
* this function
*
* @access public
* @param string authIdVarName
* @return bool true if the key is valid, false if it is not
* @throws FORBIDDEN_OPERATION
* @todo bring back possibility of time authorized keys
*/
function confirmAuthKey($modName = NULL, $authIdVarName = 'authid')
{
if (!isset($modName)) {
list($modName) = wbRequest::getController();
}
$authid = wbRequest::getVar($authIdVarName);
$rands = wbSession::getVar('rand');
$now = time();
srand((double) microtime() * 1000000);
// convert single rand to array of "timestamp-rand()" strings
if (!is_array($rands)) {
$rands = array();
// session integrity: only keep most recent 64 values
$rands = array_slice($rands, -64);
wbSession::setVar('rand', $rands);
}
// needed in foreach to expire old rand values
$age = wbConfig::get('Session.InactivityTimeout') * 60;
// convert minutes to seconds
// loop through the rands array to find a match
foreach ($rands as $r => $rnd) {
list($timestamp, $rndval) = explode('-', $rnd, 2);
// ignore and get rid of random values older than session activity timeout
if ($now - $age > $timestamp) {
unset($rands[$r]);
continue;
}
// Regenerate static part of key
$partkey = $rndval . strtolower($modName);
if (md5($partkey) == $authid) {
// Match - get rid of it and leave happy
unset($rands[$r]);
// session integrity: only keep most recent 64 values
$rands = array_slice($rands, -64);
wbSession::setVar('rand', $rands);
return true;
}
}
throw new Exception("<p>Operasi yang anda coba lakukan tidak diperkenankan dalam kondisi ini.</p>Anda mungkin telah menekan tombol Back atau Reload pada browser dan mencoba kembali operasi yang tidak boleh diulang, atau cookie tidak diaktifkan pada browser anda");
return false;
}
