/** * Adds an admin user * * @param array $reg_data * @param \PDO $link * @return array */ function register_admin_user($reg_data, $link) { $lang = $reg_data['lang']; /** @noinspection PhpIncludeInspection */ require dirname(__FILE__) . "/../../languages/{$lang}/admin/admregtxt.php"; if (strlen($reg_data['user']) < USER_MINLENGTH) { return array('error' => REG_ADM_USR_USER_TOO_SHORT); } if (strlen($reg_data['user']) > USER_MAXLENGTH) { return array('error' => REG_ADM_USR_USER_TOO_LONG); } if (strlen($reg_data['password']) < PASS_MINLENGTH) { return array('error' => REG_ADM_USR_PASS_TOO_SHORT); } if ($reg_data['password'] !== $reg_data['password2']) { return array('error' => REG_ADM_USR_PASS_NO_MATCH); } if (($email = filter_var($reg_data['email'], FILTER_VALIDATE_EMAIL)) === false) { return array('error' => REG_ADM_USR_MUST_PROVIDE_VALID_EMAIL); } $use_password_hash = defined('SYNAPP_USE_PASSWORD_HASH_AUTHENTICATION') && (SYNAPP_USE_PASSWORD_HASH_AUTHENTICATION === true || is_string(SYNAPP_USE_PASSWORD_HASH_AUTHENTICATION) && (trim(strtolower(SYNAPP_USE_PASSWORD_HASH_AUTHENTICATION)) === 'on' || trim(strtolower(SYNAPP_USE_PASSWORD_HASH_AUTHENTICATION)) === 'true' || trim(strtolower(SYNAPP_USE_PASSWORD_HASH_AUTHENTICATION)) === '1')) ? true : false; if ($use_password_hash) { $password = password_hash($reg_data['password'], PASSWORD_DEFAULT); } else { $password = hash('sha256', mt_rand() . '$' . $reg_data['password'] . NORAINBOW_SALT); } $sql = "INSERT INTO `synadmin` ( `uuid`, `user`, `password`, `email`, `lang` ) VALUES ( :uuid, :user , :password , :email , :lang )"; $stmt = $link->prepare($sql); $v5uuid = \synapp\info\tools\uuid\uuid::v5(\synapp\info\tools\uuid\uuid::v4(), SYNAPP_MAIL_DOMAIN); $stmt->bindValue(':uuid', $v5uuid, PDO::PARAM_STR); $stmt->bindValue(':user', $reg_data['user'], PDO::PARAM_STR); $stmt->bindValue(':password', $password, PDO::PARAM_STR); $stmt->bindValue(':email', $email, PDO::PARAM_STR); $stmt->bindValue(':lang', $reg_data['lang'], PDO::PARAM_STR); if ($stmt->execute()) { return array('uuid' => $v5uuid); } else { error_log($link->errorInfo()); return array('error' => REG_ADM_COULDNT_PERFORM_DATABASE_OPERATION); } }
/** * @param $description * @param $userId * @param null $created * @param string $privacy * @param string $status * @param null $raffleId * @param null $tableId * @param null $fusionTablesService * @throws Exception * @return stdClass */ public function addRaffle($description, $userId, $created = null, $privacy = null, $status = null, $raffleId = null, $tableId = null, $fusionTablesService = null) { if ($privacy === null) { $privacy = 'public'; } else { $privacy = $this->escape_mysql_string($privacy); } if ($status === null) { $status = 'closed'; } else { $status = $this->escape_mysql_string($status); } if ($created === null) { $created = date("Y-m-d H:i:s"); } else { $created = $this->escape_mysql_string($created); } if ($raffleId === null) { $raffleId = uuid::v5(uuid::v4(), 'synapp\\info\\tools\\gplusraffle'); } else { $raffleId = $this->escape_mysql_string($raffleId); } if ($tableId === null || $tableId === 'raffles') { $tableId = $this->escape_mysql_string($this->tableIds['raffles']); } else { $tableId = $this->escape_mysql_string($tableId); } $userId = $this->escape_mysql_string($userId); $description = $this->escape_mysql_string($description); if ($fusionTablesService === null) { $fusionTablesService = $this->fusionTablesService; } // create new raffle with creatorid = $userId $sql = "INSERT INTO {$tableId} " . "('raffleid','raffledescription','creatorid','created','privacy','status') " . "VALUES ('{$raffleId}', '{$description}', '{$userId}', '{$created}', '{$privacy}', '{$status}')"; $result = $fusionTablesService->query->sql($sql); if (isset($result->columns) && is_array($result->columns) && $result->columns[0] === 'rowid' && isset($result->rows) && is_array($result->rows) && count($result->rows) === 1) { $resultObject = new stdClass(); $resultObject->columns = array('raffleid', 'raffledescription', 'creatorid', 'created', 'privacy', 'status'); $resultObject->rows = array(array($raffleId, $description, $userId, $created, $privacy, $status)); return $resultObject; } else { throw new Exception("Couldn't create raffle with id {$raffleId}", 500); } }
If we're signed in we can go ahead and retrieve the ID token, which is part of the bundle of data that is exchange in the authenticate step - we only need to do a network call if we have to retrieve the Google certificate to verify it, and that can be cached. ************************************************/ if ($client->getAccessToken() && !$client->isAccessTokenExpired()) { $_SESSION['access_token'] = $client->getAccessToken(); $token_data = ''; //$client->verifyIdToken()->getAttributes(); $tableSchema = array('raffles' => array('raffleid' => 'STRING', 'raffledescription' => 'STRING', 'creatorid' => 'STRING', 'created' => 'DATETIME', 'privacy' => 'STRING', 'status' => 'STRING'), 'participants' => array('raffleid' => 'STRING', 'participantid' => 'STRING', 'comment' => 'STRING', 'joined' => 'DATETIME'), 'winners' => array('raffleid' => 'STRING', 'winnerid' => 'STRING', 'raffled' => 'DATETIME')); $plusService = new Google_Service_Plus($client); $person = $plusService->people->get('me'); $uuid = new uuid(); $raffleids = array(uuid::v5(uuid::v4(), 'synapp\\info\\tools\\gplusraffle'), uuid::v5(uuid::v4(), 'synapp\\info\\tools\\gplusraffle'), uuid::v5(uuid::v4(), 'synapp\\info\\tools\\gplusraffle'), uuid::v5(uuid::v4(), 'synapp\\info\\tools\\gplusraffle')); $insertQueries = array(array('tableName' => 'raffles', 'sql' => " ('raffleid','raffledescription','creatorid','created','privacy','status') " . "VALUES ('{$raffleids['0']}', 'test raffle 1','{$person->id}','" . date("Y-m-d H:i:s") . "','public','closed')"), array('tableName' => 'raffles', 'sql' => " ('raffleid','raffledescription','creatorid','created','privacy','status') " . "VALUES ('{$raffleids['1']}', 'test raffle 2','{$person->id}','" . date("Y-m-d H:i:s") . "','public','closed')"), array('tableName' => 'raffles', 'sql' => " ('raffleid','raffledescription','creatorid','created','privacy','status') " . "VALUES ('{$raffleids['2']}', 'test raffle 3','{$person->id}','" . date("Y-m-d H:i:s") . "','public','closed')"), array('tableName' => 'raffles', 'sql' => " ('raffleid','raffledescription','creatorid','created','privacy','status') " . "VALUES ('{$raffleids['3']}', 'test raffle 4','{$person->id}','" . date("Y-m-d H:i:s") . "','public','closed')"), array('tableName' => 'participants', 'sql' => " ('raffleid','participantid','comment','joined') " . "VALUES ('{$raffleids['0']}', '{$person->id}', 'Comment 1','" . date("Y-m-d H:i:s") . "')"), array('tableName' => 'participants', 'sql' => " ('raffleid','participantid','joined') " . "VALUES ('{$raffleids['1']}', '{$person->id}', 'Comment 2','" . date("Y-m-d H:i:s") . "')"), array('tableName' => 'participants', 'sql' => " ('raffleid','participantid','joined') " . "VALUES ('{$raffleids['2']}', '{$person->id}', 'Comment 3','" . date("Y-m-d H:i:s") . "')"), array('tableName' => 'participants', 'sql' => " ('raffleid','participantid','joined') " . "VALUES ('{$raffleids['3']}', '{$person->id}', 'Comment 4','" . date("Y-m-d H:i:s") . "')"), array('tableName' => 'winners', 'sql' => " ('raffleid','winnerid','raffled') " . "VALUES ('{$raffleids['0']}', '{$person->id}','" . date("Y-m-d H:i:s") . "')"), array('tableName' => 'winners', 'sql' => " ('raffleid','winnerid','raffled') " . "VALUES ('{$raffleids['1']}', '{$person->id}','" . date("Y-m-d H:i:s") . "')"), array('tableName' => 'winners', 'sql' => " ('raffleid','winnerid','raffled') " . "VALUES ('{$raffleids['2']}', '{$person->id}','" . date("Y-m-d H:i:s") . "')"), array('tableName' => 'winners', 'sql' => " ('raffleid','winnerid','raffled') " . "VALUES ('{$raffleids['3']}', '{$person->id}','" . date("Y-m-d H:i:s") . "')")); $selectQueries = array(array('tableName' => 'raffles', 'sql' => ""), array('tableName' => 'participants', 'sql' => ""), array('tableName' => 'winners', 'sql' => ""), array('tableName' => 'raffles', 'sql' => " WHERE raffleid='{$raffleids['0']}'"), array('tableName' => 'raffles', 'sql' => " WHERE raffleid!='{$raffleids['0']}'")); $fusionTablesService = new Google_Service_Fusiontables($client); $errors = array(); $tableids = array(); foreach ($tableSchema as $tableName => $columns) { $tableColumns = array(); foreach ($columns as $columnName => $columnType) { $column = new Google_Service_Fusiontables_Column(); $column->setName($columnName); $column->setType($columnType); $tableColumns[] = $column; } $table = new Google_Service_Fusiontables_Table(); $table->setName($tableName);