public static function startNewSession($username, $password, $gcm_id) { $success = true; //test if the username and password are correct if (user::isLogin($username, $password)) { //retrieve user info $user_info = user::getUserByUsername($username); $e = user::setGCM($user_info['id'], $gcm_id); $success = $success && $e; //check if user has existing session: if (session::does_user_have_session($user_info['id'])) { //remove the session $session_info = session::get_last_session_for_user_id($user_info['id']); session::delete_session_by_id($session_info['id']); } //generate a unique hash $newHash = md5(random::generateString(10)); while (!session::is_unique_hash($newHash)) { $newHash = md5(random::generateString(10)); } //create a session $res = session::add_new_session($user_info['id'], $newHash, "0"); $success = $success && $res; if (!$success) { Execute::$lastErrorMessage = "failed to add new changes to database"; Report::error(__METHOD__ . "," . __LINE__, "failed to new cahnges to database"); } return $success; } else { Execute::$lastErrorMessage = "trying to login with an incorrect username or password"; Report::warning(__METHOD__ . "," . __LINE__, "trying to login with an incorrect username or password"); return false; //trying to log in with an incorrect username or password } }
public function test() { $username = "******"; $password = "******"; $email = "*****@*****.**"; $username2 = "bla2"; $password2 = "pass2"; $email2 = "*****@*****.**"; $username3 = "gue"; $password3 = "pass3"; $email3 = "*****@*****.**"; user::create_new_user($username, $password, $email); $this->assertEquals(1, user::getNumberOfUsers(), "number of users is not correct after adding a new user"); user::create_new_user($username2, $password2, $email2); $this->assertEquals(2, user::getNumberOfUsers(), "number of users is not correct after adding a new user"); user::create_new_user($username3, $password3, $email3); $this->assertEquals(3, user::getNumberOfUsers(), "number of users is not correct after adding a new user"); $user1ID = user::getUserByUsername($username)['id']; $user2ID = user::getUserByUsername($username2)['id']; $user3ID = user::getUserByUsername($username3)['id']; $this->assertTrue(safe_input::is_valid_session_hash(md5("\$3dfsd43^^%")), "safe_input::is_valid_session_hash()"); $this->assertFalse(safe_input::is_valid_session_hash("x = 2 "), "safe_input::is_valid_session_hash()"); //get_last_session_for_user_id($user_id) //add_new_session($user_id,$hash,$encryption_key) $this->assertFalse(session::add_new_session("hh", md5("bla"), md5("bla2")), "[add_new_session()]"); $this->assertTrue(session::add_new_session($user1ID, md5("bla"), md5("bla2")), "failed to add new session[add_new_session()]"); $s1 = session::$last_inserted_id; $this->assertFalse(session::is_unique_hash(md5("bla")), "[session::is_unique_hash()]"); $this->assertTrue(session::is_unique_hash(md5("bddla")), "[session::is_unique_hash()]"); //$this->assertNull(session::add_new_session($user2ID,md5("bla"),md5("mmm")),"Hash has to be unique! [add_new_session()]") ; $this->assertTrue(session::add_new_session($user2ID, md5("hash2"), md5("bla2")), "failed to add new session[add_new_session()]"); $this->assertTrue(session::add_new_session($user1ID, md5("hash2sss"), md5("blssssa2")), "failed to add new session[add_new_session()]"); $s2 = session::$last_inserted_id; $s_info = session::get_last_session_for_user_id($user1ID); $this->assertEquals($s_info['encryptionKey'], md5("blssssa2"), "[get_last_session_for_user_id()]"); $this->assertFalse(session::is_unique_hash($s_info['hash']), "[is_unique_hash()]"); $this->assertTrue(session::is_unique_hash(md5("asdfasefds")), "[is_unique_hash()]"); $this->assertTrue(session::does_user_have_session($user2ID), "[does_user_have_session()]"); $this->assertFalse(session::does_user_have_session($user3ID), "[does_user_have_session()]"); //delete_all_sessions_for_user_id($user_id) $this->assertFalse(session::delete_all_sessions_for_user_id("sadsadsad"), "[delete_all_sessions_for_user_id()]"); $this->assertTrue(session::delete_all_sessions_for_user_id($user2ID), "[delete_all_sessions_for_user_id()]"); $this->assertFalse(session::does_user_have_session($user2ID), "[does_user_have_session()]"); $this->assertTrue(session::does_user_have_session($user1ID), "[does_user_have_session()]"); //session::delete_session_by_id($session_id) $s_info = session::get_last_session_for_user_id($user1ID); $this->assertTrue(session::add_new_session($user2ID, md5("hash2"), md5("bla2")), "failed to add new session[add_new_session()]"); $s2_info = session::get_last_session_for_user_id($user2ID); $this->assertTrue(session::delete_session_by_id($s2_info['id']), "[delete_session_by_id()]"); $this->assertFalse(session::does_user_have_session($user2ID), "[does_user_have_session()]"); $this->assertTrue(session::does_user_have_session($user1ID), "[does_user_have_session()]"); //session::delete_session_by_hash($hash) $s_info = session::get_last_session_for_user_id($user1ID); $this->assertTrue(session::add_new_session($user2ID, md5("hash2"), md5("bla2")), "failed to add new session[add_new_session()]"); $s2_info = session::get_last_session_for_user_id($user2ID); $this->assertTrue(session::delete_session_by_hash($s2_info['hash']), "[delete_session_by_id()]"); $this->assertFalse(session::does_user_have_session($user2ID), "[does_user_have_session()]"); $this->assertTrue(session::does_user_have_session($user1ID), "[does_user_have_session()]"); //session::get_session_by_hash($hash) $s_infos = session::get_session_by_hash($s_info['hash']); $this->assertEquals($s_info['id'], $s_infos['id'], "session::get_session_by_hash()"); }
public function newSession() { if (XmlRequestValidator::isValidNewSessionRequest($this->requestData)) { $username = $this->requestData->body->username; $password = $this->requestData->body->password; $gcm_id = $this->requestData->body->gcm; if (Execute::startNewSession($username, $password, $gcm_id)) { //seccuss response with the session id $user_info = user::getUserByUsername($username); $session_info = session::get_last_session_for_user_id($user_info['id']); $hash = $session_info['hash']; $this->response = XmlBuilder::newSessionSuccessfullResponse("plain", $hash); } else { //failure response with the reason $this->response = XmlBuilder::failed_response("plain", 2, XmlParseRequest::$DATABASE_ERROR, Execute::$lastErrorMessage); } } else { Report::error(__METHOD__ . "," . __LINE__, "invalid new session request!"); $this->invalidRequest(); } }
public function test() { $obj = new XmlParseRequest(); $xmlFile1 = file_get_contents("./files/invalidXmlFile1.xml"); $xmlFile2 = file_get_contents("./files/invalidXmlFile2.xml"); $this->assertFalse($obj->isValidXmlFile($xmlFile1), "isValidXmlFile"); $xmlFile2 = file_get_contents("./files/invalidXmlFile2.xml"); $this->assertFalse($obj->isValidXmlFile($xmlFile2), "isValidXmlFile"); $xmlFile3 = file_get_contents("./files/validXmlFile.xml"); $this->assertTrue($obj->isValidXmlFile($xmlFile3), "isValidXmlFile"); $xmlDocument = simplexml_load_string($xmlFile3); $this->assertTrue($obj->isValidRequest($xmlDocument), "isvalidRequest"); $obj->processRequest($xmlFile1); $xm1 = simplexml_load_string($obj->getResponse()); $this->assertTrue(!empty($xm1->xpath("/response/error")), "[processRequest]"); $xmlFile4 = file_get_contents("./files/registerNewUserRequest.xml"); $obj->processRequest($xmlFile4); $xmm = simplexml_load_string($xmlFile4); $xm2 = simplexml_load_string($obj->getResponse()); $this->assertTrue(!empty($xm2->xpath("/response/body/status")), "[processRequest]"); $this->assertEquals("successful", $xm2->body->status, "[processRequest]"); $u = (string) $xmm->body->username; $email = (string) $xmm->body->email; $this->assertTrue(user::doesUsernameExist($u), "register new user request[processRequest]"); $user_info = user::getUserByUsername($u); $this->assertEquals($u, $user_info['username'], "useranme was not add correctly by the request[processRequest]"); $this->assertEquals($email, $user_info['email'], "email was not add correctly by the request[processRequest]"); //newSession() $username = "******"; $password = "******"; $email = "*****@*****.**"; $gcm_id = "23546813DFGE56456"; user::create_new_user($username, $password, $email); $xmlFile = file_get_contents("./files/newSessionRequest.xml"); $p = simplexml_load_string($xmlFile); $p->body->username = $username; $p->body->password = $password; $p->body->gcm = $gcm_id; $req = $p->asXML(); $obj = new XmlParseRequest(); $obj->processRequest($req); $response = $obj->getResponse(); $pr = simplexml_load_string($response); $user_info = user::getUserByUsername($username); $session_info = session::get_last_session_for_user_id($user_info['id']); $this->assertEquals("successful", $pr->body->status, "[new session request]"); $this->assertEquals($session_info['hash'], $pr->body->session, "[new session request]"); $this->assertEquals($gcm_id, $user_info['gcmID'], "[new session request]"); $p = simplexml_load_string($xmlFile); $p->body->password = $password . "ddd"; $req = $p->asXML(); $obj = new XmlParseRequest(); $obj->processRequest($req); $response = $obj->getResponse(); $pr = simplexml_load_string($response); $this->assertEquals("failed", $pr->body->status, "[new session request]"); //endSession() session::clear_table(); user::clear_table(); $username = "******"; $password = "******"; $email = "*****@*****.**"; user::create_new_user($username, $password, $email); $user_info = user::getUserByUsername($username); $session = md5("dfgfds4543"); session::add_new_session($user_info['id'], $session, "0"); $xmlFile = file_get_contents("./files/endSessionRequest.xml"); $p = simplexml_load_string($xmlFile); $p->body->session = $session; $req = $p->asXML(); $obj = new XmlParseRequest(); $obj->processRequest($req); $response = $obj->getResponse(); $pr = simplexml_load_string($response); $this->assertEquals("successful", $pr->body->status, "[end session request]"); $this->assertEquals($session, $pr->body->session, "[end session request]"); //give an invalid session id $obj->processRequest($xmlFile); $response = $obj->getResponse(); $pr = simplexml_load_string($response); $this->assertTrue(!empty($pr->xpath("/response/body/reason")), "[end seesion request]"); //registerGCM() session::clear_table(); user::clear_table(); $username = "******"; $password = "******"; $email = "*****@*****.**"; $gcm = "SDFGa43534"; user::create_new_user($username, $password, $email); $user_info = user::getUserByUsername($username); $session = md5("dfgfds4543"); session::add_new_session($user_info['id'], $session, "0"); $xmlFile = file_get_contents("./files/registerGCMRequest.xml"); $p = simplexml_load_string($xmlFile); $p->body->session = $session; $p->body->gcm = $gcm; $req = $p->asXML(); $obj = new XmlParseRequest(); $obj->processRequest($req); $response = $obj->getResponse(); $pr = simplexml_load_string($response); $this->assertEquals("successful", $pr->body->status, "[register GCM id request]"); $this->assertEquals($session, $pr->body->session, "[register GCM id request]"); $user_info = user::getUserByUsername($username); $this->assertEquals($gcm, $user_info['gcmID'], "[register GCM id request]"); //test failure $p = simplexml_load_string($xmlFile); $p->body->session = md5("asdssfsfs"); $req = $p->asXML(); $obj = new XmlParseRequest(); $obj->processRequest($req); $response = $obj->getResponse(); $pr = simplexml_load_string($response); $this->assertEquals("failed", $pr->body->status, "[register GCM id request]"); $this->assertEquals("1", $pr->body->error_code, "[register GCM id request]"); }