/** * This function gets the md5 hash for the data verification integrity of all the events * * @param string $fields String containing the JSON of the fields to be verified * * @return mixed returns an array with the hash, or false if an error exists */ public function getHash($fields) { global $arrConf; if (!$this->_checkUserAuthorized('calendar')) { return false; } $dbCalendar = $this->_getDB($arrConf['dsn_conn_database']); $pCalendar = new paloSantoCalendar($dbCalendar); // Obtener el ID del usuario logoneado $id_user = $this->_leerIdUser(); if (is_null($id_user)) { return false; } $json = new Services_JSON(); $fields = $json->decode($fields); if (is_array($fields)) { //Se eliminan valores repetidos $fields = array_unique($fields); $key = array_search("id", $fields); // Se elimina el campo id en caso de que lo envie el cliente if ($key !== FALSE) { unset($fields[$key]); } } if (!is_array($fields) || count($fields) == 0) { $this->errMsg["fc"] = 'PARAMERROR'; $this->errMsg["fm"] = 'Wrong parameter'; $this->errMsg["fd"] = "The parameter \"fields\" must be an array json serialized and must contain at least one value different than \"id\"."; $this->errMsg["cn"] = get_class($this); return false; } //TODO: Este arreglo contiene los campos de la tabla "events", quiza se deba buscar una manera más eficiente de protegerse contra inyección de sql $arrFields = array("id", "uid", "startdate", "enddate", "starttime", "eventtype", "subject", "description", "asterisk_call", "recording", "call_to", "notification", "emails_notification", "endtime", "each_repeat", "days_repeat", "reminderTimer", "color", "last_update"); $counter = 1; $queryFields = "id,"; foreach ($fields as $value) { if (!in_array($value, $arrFields)) { $result["error"] = "Some field/s do not exist in the server"; return $result; } if ($counter == count($fields)) { $queryFields .= $value; } else { $queryFields .= $value . ","; } $counter++; } $result = $pCalendar->getUserEvents($id_user, $queryFields); if ($result === FALSE) { $this->errMsg["fc"] = 'DBERROR'; $this->errMsg["fm"] = 'Database operation failed'; $this->errMsg["fd"] = 'Unable to get data - ' . $pCalendar->_DB->errMsg; $this->errMsg["cn"] = get_class($pCalendar); return false; } $contacts_json = $json->encode($result); $hash = md5($contacts_json); $response["hash"] = $hash; return $response; }