コード例 #1
0
 private function renderResult()
 {
     $mat_no = $_POST['mat_no'];
     if (!ctype_alnum($mat_no)) {
         $this->renderError('Matriculation number contains non-alphanumerical characters');
         return;
     }
     $project_id = $_POST['project_id'];
     if (!ctype_digit($project_id)) {
         $this->renderError('Project-id invalid');
         return;
     }
     $pwd = $_POST['password'];
     if (!$pwd) {
         $this->renderError('Password empty');
         return;
     }
     $result_str = 'No results for this combination of matriculation number and password found.';
     if (preg_match(PasswordGenerator::$passwordCharacterRegExp, $pwd)) {
         //If not, we dont query the database, but we won't tell the intruder either
         $db = Database::getInstance();
         $data = $db->getResultDataByMatNo($project_id, $mat_no);
         $crypt = new CryptProxy($data['crypt_module'], $project_id, $data['member_id']);
         $decrypted_result = $crypt->decryptResult($data['result'], $data['crypt_data'], $pwd);
         if ($decrypted_result) {
             $result_str = sprintf('<div class="result">%s</div>', $decrypted_result);
         }
     }
     $this->renderNote($result_str, sprintf('Results for matriculation number %s:', $mat_no));
 }
コード例 #2
0
 private function renderResult()
 {
     $mat_no = $_POST['mat_no'];
     if (!ctype_alnum($mat_no)) {
         $this->renderError(Messages::getString('StartPage.MatNoInvalid'));
         return;
     }
     $project_id = $_POST['project_id'];
     if (!ctype_digit($project_id)) {
         $this->renderError(Messages::getString('StartPage.ProjectIdInvalid'));
         return;
     }
     $pwd = $_POST['password'];
     if (!$pwd) {
         $this->renderError(Messages::getString('StartPage.PasswordEmpty'));
         return;
     }
     $result_str = Messages::getString('StartPage.NoResultsFound');
     if (preg_match(PasswordGenerator::$passwordCharacterRegExp, $pwd)) {
         //If not, we dont query the database, but we won't tell the intruder either
         $db = Database::getInstance();
         if (!$db->accessOpen($project_id)) {
             $this->renderError(Messages::getString('StartPage.NoAccessOpen'));
             return;
         }
         $data = $db->getResultDataByMatNo($project_id, $mat_no);
         $crypt = new CryptProxy($data['crypt_module'], $project_id, $data['member_id']);
         $decrypted_result = $crypt->decryptResult($data['result'], $data['crypt_data'], $pwd);
         if ($decrypted_result) {
             $result_str = sprintf('<div class="result">%s</div>', $decrypted_result);
         }
     }
     $this->renderBackNote($result_str, sprintf(Messages::getString('StartPage.Results'), $mat_no));
 }
コード例 #3
0
 private function renderContent()
 {
     $result = null;
     if (!isset($_GET['crypt'])) {
         return null;
     }
     $crypt_module = $_GET['crypt'];
     if (!isset(Config::$crypt_info[$crypt_module])) {
         echo sprintf(Messages::getString('GenKeyPage.EncryptionModuleNotFound'), $crypt_module);
         return null;
     }
     $current = intval($_GET['current']);
     $max = intval($_GET['max']);
     if ($current > $max) {
         echo sprintf(Messages::getString('GenKeyPage.IndexError'), $current, $max);
         return null;
     }
     try {
         //Now generate the key
         echo sprintf("&nbsp;&nbsp;&nbsp;&nbsp;" . Messages::getString('GenKeyPage.Generating'), $current, $max);
         flush();
         $db = Database::getInstance();
         $project_id = $this->project->getId();
         $member_id = $db->getNextMemberId($project_id);
         $crypt = new CryptProxy($crypt_module, $project_id, $member_id);
         $pw_gen = new ConfiguredPasswordGenerator();
         $password = $pw_gen->generatePassword();
         $crypt_data = $crypt->generateCryptData($password);
         if (!$db->createRkey($project_id, $member_id, $crypt_module, $crypt_data)) {
             echo Messages::getString('GenKeyPage.ErrorInsertingRKey');
             return null;
         }
         $rkey = new RKey($project_id, $member_id);
         $result = array($rkey, $password);
         echo ' ' . Messages::getString('GenKeyPage.Finished');
         flush();
     } catch (Exception $e) {
         echo $e;
         return null;
     }
     return $result;
 }
コード例 #4
0
 private function renderContent()
 {
     $result = null;
     if (!isset($_GET['crypt'])) {
         return null;
     }
     $crypt_module = $_GET['crypt'];
     if (!isset(MainConfig::$crypt_info[$crypt_module])) {
         echo "Encryption module {$crypt_module} not found.";
         return null;
     }
     $current = intval($_GET['current']);
     $max = intval($_GET['max']);
     if ($current > $max) {
         echo sprintf("Index error: %d/%d", $current, $max);
         return null;
     }
     try {
         //Now generate the key
         echo sprintf('Generating R-Key %d of %d...', $current, $max);
         flush();
         $db = Database::getInstance();
         $project_id = $this->project->getId();
         $member_id = $db->getNextMemberId($project_id);
         $crypt = new CryptProxy($crypt_module);
         $pw_gen = new ConfiguredPasswordGenerator();
         $password = $pw_gen->generatePassword();
         $crypt_data = $crypt->generateCryptData($password);
         if (!$db->createRkey($project_id, $member_id, $crypt_module, $crypt_data)) {
             echo "Error inserting RKey!";
             return null;
         }
         $rkey = new RKey($project_id, $member_id);
         $result = array($rkey, $password);
         echo " finished.";
         flush();
     } catch (Exception $e) {
         echo $e;
         return null;
     }
     return $result;
 }
コード例 #5
0
 private function processInput()
 {
     $this->storeResult = 0;
     // Strip header, if required
     if ($_POST['csv_has_header']) {
         $_POST['key'][0] = '';
         $_POST['mat_no'][0] = '';
         $_POST['data'][0] = '';
     }
     //Inputs
     $keys = $_POST['key'];
     $mat_nos = $_POST['mat_no'];
     $data = $_POST['data'];
     $element_count = max(count($keys), count($mat_nos), count($data));
     $nonempty_elements = $element_count;
     //Check validity of inputs
     $commitData = true;
     $this->db->startTransaction();
     for ($i = 0; $i < $element_count; $i++) {
         if (!$keys[$i] && !$mat_nos[$i] && !$data[$i]) {
             unset($_POST['ignore'][$i]);
             $nonempty_elements--;
             continue;
         }
         $this->remark[$i] = '';
         // check the R-Key
         if (!$keys[$i]) {
             $this->remark[$i] = Messages::getString('EnterDataPage.NoRKey');
             $commitData = false;
             //Fatal Error
             unset($_POST['ignore'][$i]);
             continue;
         }
         try {
             $rkey = new RKey(sprintf('%03d-%s', $this->project->getId(), $keys[$i]));
         } catch (Exception $e) {
             $this->remark[$i] = Messages::getString('EnterDataPage.RKeyInvalid');
             $commitData = false;
             //Fatal Error
             unset($_POST['ignore'][$i]);
             continue;
         }
         // check the Mat-No
         if (!$mat_nos[$i]) {
             $this->remark[$i] = Messages::getString('EnterDataPage.NoMatNo');
             $commitData = false;
             //Fatal Error
             unset($_POST['ignore'][$i]);
             continue;
         }
         $mat_no = $mat_nos[$i];
         if (!ctype_alnum($mat_no)) {
             $this->remark[$i] = Messages::getString('StartPage.MatNoInvalid');
             $commitData = false;
             //Fatal Error
             unset($_POST['ignore'][$i]);
             continue;
         }
         // Verify for current data
         $current_data = $this->db->getResultDataByRKey($rkey);
         if (!$current_data) {
             $current_data = $this->db->getResultDataByMatNo($rkey->getProjectId(), $mat_no);
         }
         if (!$current_data) {
             $this->remark[$i] = Messages::getString('EnterDataPage.RKeyNotFound');
             $commitData = false;
             //Fatal Error
             unset($_POST['ignore'][$i]);
             continue;
         }
         // mat used with other rkey?
         if ($current_data['member_id']) {
             $alt_data = $this->db->getResultDataByMatNo($rkey->getProjectId(), $mat_no, $current_data['member_id']);
             if ($alt_data) {
                 $this->remark[$i] .= sprintf(Messages::getString('EnterDataPage.MatNoAlreadyUsed'), $mat_no);
                 $commitData = false;
                 //Fatal Error
                 unset($_POST['ignore'][$i]);
                 continue;
             }
         }
         // Now go for warnings:
         // rkey already used? (this test will get obsolete)
         if ($current_data['mat_no'] && $current_data['mat_no'] != $mat_no) {
             $this->remark[$i] .= sprintf(Messages::getString('EnterDataPage.RKeyAlreadyUsedMatNo'), $current_data['mat_no']);
             if (!$this->postValue('ignore', $i, null)) {
                 $commitData = false;
                 //Fatal Error
                 $_POST['ignore'][$i] = false;
                 // might be ignored the next time
             }
         }
         // check the Data
         if (!$data[$i]) {
             $this->remark[$i] .= Messages::getString('EnterDataPage.NoResultProvided');
             if (!$this->postValue('ignore', $i, null)) {
                 $commitData = false;
                 //Fatal Error
                 $_POST['ignore'][$i] = false;
                 // might be ignored the next time
             }
         }
         $date = $data[$i];
         if ($current_data['result']) {
             $this->remark[$i] .= Messages::getString('EnterDataPage.AlreadyResultStored');
             if (!$this->postValue('ignore', $i, null)) {
                 $commitData = false;
                 //Fatal Error
                 $_POST['ignore'][$i] = false;
                 // might be ignored the next time
             }
         }
         if (!$this->remark[$i] || $this->postValue('ignore', $i, null)) {
             // encrypt data:
             $crypt = new CryptProxy($current_data['crypt_module'], $this->project->getId(), $current_data['member_id']);
             $crypted_date = $crypt->encryptResult($date, $current_data['crypt_data']);
             // Save data to database
             try {
                 $this->db->updateResultData($current_data['project_id'], $current_data['member_id'], $mat_no, $crypted_date);
             } catch (Exception $exception) {
                 $this->remark[$i] = $exception;
                 $commitData = false;
                 //Fatal Error
                 unset($_POST['ignore'][$i]);
                 continue;
             }
             $this->storeResult++;
         }
     }
     //Finish transaction
     if ($nonempty_elements == 0) {
         $this->db->rollback();
         $this->storeResult = -1;
     } elseif ($commitData) {
         $this->db->commit();
     } else {
         $this->db->rollback();
         $this->storeResult = 0;
     }
 }
コード例 #6
0
 private function processInput()
 {
     $this->storeResult = 0;
     //Inputs
     $keys = $_POST['key'];
     $mat_nos = $_POST['mat_no'];
     $data = $_POST['data'];
     $element_count = max(count($keys), count($mat_nos), count($data));
     //Check validity of inputs
     $commitData = true;
     $this->db->startTransaction();
     for ($i = 0; $i < $element_count; $i++) {
         if (!$keys[$i] && !$mat_nos[$i] && !$data[$i]) {
             unset($_POST['ignore'][$i]);
             continue;
         }
         $this->remark[$i] = '';
         // check the R-Key
         if (!$keys[$i]) {
             $this->remark[$i] = 'No RKey provided.';
             $commitData = false;
             //Fatal Error
             unset($_POST['ignore'][$i]);
             continue;
         }
         try {
             $rkey = new RKey(sprintf('%03d-%s', $this->project->getId(), $keys[$i]));
         } catch (Exception $e) {
             $this->remark[$i] = 'RKey invalid.';
             $commitData = false;
             //Fatal Error
             unset($_POST['ignore'][$i]);
             continue;
         }
         $current_data = $this->db->getResultDataByRKey($rkey);
         if (!$current_data) {
             $this->remark[$i] = 'RKey not found.';
             $commitData = false;
             //Fatal Error
             unset($_POST['ignore'][$i]);
             continue;
         }
         // check the Mat-No
         if (!$mat_nos[$i]) {
             $this->remark[$i] = 'No matriculation number provided.';
             $commitData = false;
             //Fatal Error
             unset($_POST['ignore'][$i]);
             continue;
         }
         $mat_no = $mat_nos[$i];
         if (!ctype_alnum($mat_no)) {
             $this->remark[$i] = 'Matriculation number contains non-alphanumerical characters.';
             $commitData = false;
             //Fatal Error
             unset($_POST['ignore'][$i]);
             continue;
         }
         // mat used with other rkey?
         $alt_data = $this->db->getResultDataByMatNo($rkey->getProjectId(), $mat_no, $rkey->getMemberId());
         if ($alt_data) {
             $alt_rkey = new RKey($alt_data['project_id'], $alt_data['member_id']);
             $this->remark[$i] .= sprintf('Matriculation number already used for RKey %s. ', $alt_rkey);
             $commitData = false;
             //Fatal Error
             unset($_POST['ignore'][$i]);
             continue;
         }
         // Now go for warnings:
         // mat_no used?
         if ($current_data['mat_no'] && $current_data['mat_no'] != $mat_no) {
             $this->remark[$i] .= sprintf('R-Key already used for matriculation number %s. ', $current_data['mat_no']);
             if (!$this->postValue('ignore', $i, null)) {
                 $commitData = false;
                 //Fatal Error
                 $_POST['ignore'][$i] = false;
                 // might be ignored the next time
             }
         }
         // check the Data
         if (!$data[$i]) {
             $this->remark[$i] .= 'No result provided. ';
             if (!$this->postValue('ignore', $i, null)) {
                 $commitData = false;
                 //Fatal Error
                 $_POST['ignore'][$i] = false;
                 // might be ignored the next time
             }
         }
         $date = $data[$i];
         if ($current_data['result']) {
             $this->remark[$i] .= 'Already a result stored for this R-Key. ';
             if (!$this->postValue('ignore', $i, null)) {
                 $commitData = false;
                 //Fatal Error
                 $_POST['ignore'][$i] = false;
                 // might be ignored the next time
             }
         }
         if (!$this->remark[$i] || $this->postValue('ignore', $i, null)) {
             // encrypt data:
             $crypt = new CryptProxy($current_data['crypt_module']);
             $crypted_date = $crypt->encryptResult($date, $current_data['crypt_data']);
             // Save data to database
             $this->db->updateResultData($rkey, $mat_no, $crypted_date);
             $this->storeResult++;
         }
     }
     //Finish transaction
     if ($commitData) {
         $this->db->commit();
     } else {
         $this->db->rollback();
         $this->storeResult = 0;
     }
 }