function process_api_request($function_to_run, $permission_needed)
{
global $is_logged_in;
$lock = false;
try {
verify_api_request($permission_needed);
log_api($function_to_run);
get_user_lock($lock = $is_logged_in);
$ret = $function_to_run();
} catch (Exception $e) {
$error = $e->getMessage();
addlog(LOG_API, sprintf("[%s] API error: \"%s\": %s: %s", getenv("REMOTE_ADDR"), $error, $function_to_run, file_get_contents("php://input")));
$ret = array("error" => $error);
}
if ($lock) {
release_lock($lock);
}
echo json_encode($ret);
}
function test_api()
{
global $is_logged_in;
// the API tries to get a lock on our user. this will block if we're already locked
if ($is_logged_in) {
try {
release_lock($is_logged_in);
} catch (Exception $e) {
echo $e->getMessage();
}
}
try {
$wbx = new WBX_API(API_KEY, API_SECRET);
// test_api_info($wbx);
// test_api_vouchers($wbx);
// test_api_orders($wbx);
// test_get_deposit_address($wbx);
// test_api_withdraw_fiat($wbx);
test_api_withdraw_bitcoin($wbx);
} catch (Exception $e) {
echo "caught Exception: {$e->getMessage()}<br/>\n";
}
// re-obtain the lock. switcher will later try to unlock it
if ($is_logged_in) {
get_user_lock($is_logged_in);
}
}
<?php
require_once '../util.php';
$is_logged_in = 'sync_to_bitcoin';
foreach (bitcoin_list_accounts(CONFIRMATIONS_FOR_DEPOSIT) as $account => $balance) {
if ($balance) {
try {
get_openid_for_user($account);
// check they have an account
} catch (Exception $e) {
continue;
}
get_user_lock($account);
addlog(LOG_CRONJOB, sprintf("add %s BTC for user %s", internal_to_numstr($balance), $account));
sync_to_bitcoin((string) $account);
release_lock($account);
}
}
function switcher($page)
{
global $is_logged_in, $is_admin, $is_verified;
try {
$lock = false;
if (!preg_match("/^[0-9_a-z]*\$/", $page)) {
$page = 'junk';
}
// delay showing the header when logging in until we know whether the login worked or not
if ($page != 'download' && $page != 'login' && $page != 'graph') {
show_header($page, $is_logged_in);
}
if ($is_logged_in) {
get_user_lock($lock = $is_logged_in);
}
addlog(LOG_SWITCHER, sprintf("[%s] visit page '%s'", getenv("REMOTE_ADDR"), $page));
switch ($page) {
////////////////////////////////////////////////////////////////////////
// for general consumption
////////////////////////////////////////////////////////////////////////
case '404':
case 'graph':
case 'help':
case 'news':
case 'orderbook':
case 'test':
case 'trade':
case 'view_trades':
include "{$page}.php";
break;
////////////////////////////////////////////////////////////////////////
// for logged in users only
////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////
// for logged in users only
////////////////////////////////////////////////////////////////////////
case 'api':
case 'deposit':
case 'identity':
case 'place_order':
case 'profile':
case 'statement':
case 'turn_on_duo':
case 'view_order':
case 'view_request':
case 'withdraw':
if ($is_logged_in) {
include "{$page}.php";
} else {
log_badpage($page);
}
break;
////////////////////////////////////////////////////////////////////////
// for admin only
////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////
// for admin only
////////////////////////////////////////////////////////////////////////
case 'add_cash':
case 'bank':
case 'commission':
case 'docs':
case 'download':
case 'freeze':
case 'users':
if ($is_admin) {
include "{$page}.php";
} else {
log_badpage($page);
}
break;
case 'login':
if (!$is_logged_in) {
include "login.php";
// we just tried to log in, so check whether or not it worked before showing the footer
get_login_status();
} else {
addlog(LOG_LOGIN, " already logged in");
log_badpage($page);
}
break;
case 'logout':
setcookie('autologin', FALSE, time() - 60 * 60 * 24 * 365);
logout();
default:
sleep(3);
log_badpage($page);
break;
}
// debugging for session stuff
if (0) {
echo "<div class='content_box'>\n";
echo "<h3>Debug</h3>\n";
echo "<p>\n";
echo "session id: ", session_id(), "<br/>\n";
echo "session age: ", time() - $_SESSION['creation_time'], " seconds<br/>\n";
if (isset($inactivity)) {
echo "you were inactive for {$inactivity} seconds<br/>\n";
}
echo "MAX_IDLE_MINUTES_BEFORE_LOGOUT = ", MAX_IDLE_MINUTES_BEFORE_LOGOUT, " minutes = ", MAX_IDLE_MINUTES_BEFORE_LOGOUT * 60, " seconds<br/>\n";
echo "MAX_SESSION_ID_LIFETIME = ", MAX_SESSION_ID_LIFETIME, " minutes = ", MAX_SESSION_ID_LIFETIME * 60, " seconds<br/>\n";
echo "</p></div>\n";
}
} catch (Error $e) {
global $shown_header;
report_exception($e, SEVERITY::ERROR);
// Same as below, but flag + log this for review,
if (!$shown_header) {
show_header($page, $is_logged_in);
}
echo "<div class='content_box'><h3>{$e->getTitle()}</h3>";
echo "<p>{$e->getMessage()}</p></div>";
} catch (Problem $e) {
global $shown_header;
if (!$shown_header) {
show_header($page, $is_logged_in);
}
echo "<div class='content_box'><h3>{$e->getTitle()}</h3>";
echo "<p>{$e->getMessage()}</p></div>";
} catch (Exception $e) {
global $shown_header;
if (!$shown_header) {
show_header($page, $is_logged_in);
}
echo "<div class='content_box'><h3>Technical difficulties</h3>";
echo "<p>{$e->getMessage()}</p></div>";
}
show_footer($is_logged_in, $is_admin, $is_verified);
if ($lock) {
release_lock($lock);
}
}
