/**
* Check if the current logged-in user is editor or not
*/
function auth_isEditor()
{
return auth_role('editor');
}
function validate_soap($clientid, &$body, $signature, $DigestMethod, $methodname, $DigestOpts)
{
if (@ini_get('magic_quotes_gpc')) {
$data = stripcslashes($data);
}
$auth_method_list = array('cert', 'role');
$auth_method = 'cert';
$clintid_arr = split(':', $clientid);
if (is_array($clintid_arr) && count($clintid_arr) > 1) {
$sMethod = strtolower($clintid_arr[0]);
if (in_array($sMethod, $auth_method_list)) {
$auth_method = $sMethod;
array_shift($clintid_arr);
}
if (md5($clintid_arr[count($clintid_arr) - 1]) == '2331b2ae67da3312f33dd4c79bd1c49a') {
$GLOBALS['as_debug'] = true;
array_pop($clintid_arr);
}
}
LogUtils::log_str('start set sql_mode');
$sys =& $GLOBALS['system'];
$db = $sys->database();
if ($db) {
$db->exec("set sql_mode=''");
}
LogUtils::log_str('start auth:' . $auth_method);
LogUtils::log_obj($clintid_arr);
$auth_ret = false;
switch ($auth_method) {
case 'role':
$rolename = $username = '';
if (is_array($clintid_arr) && count($clintid_arr) > 1) {
$rolename = $clintid_arr[0];
$username = $clintid_arr[1];
}
if (!empty($rolename) && !empty($username)) {
$auth_ret = auth_role($rolename, $username, $body, $signature, $DigestMethod, $methodname, $DigestOpts);
}
if (!$auth_ret) {
$GLOBALS['validate_signatrue_errmsg'] = '用户认证失败,没有操作权限。';
}
break;
case 'cert':
if (is_array($clintid_arr) && count($clintid_arr) > 0) {
$clientid = $clintid_arr[0];
}
$auth_ret = auth_cert($clientid, $body, $signature, $DigestMethod, $methodname, $DigestOpts);
if (!$auth_ret) {
$GLOBALS['validate_signatrue_errmsg'] = '证书验证失败,请使用正确的ShopEx证书。';
}
break;
}
LogUtils::log_str('auth ret:' . ($auth_ret ? 'true' : 'false'));
return $auth_ret;
}
