function migrateAccountMap($nren_id, $username, $password, $ivector, $ap_name)
{
if (hasNewValues($nren_id)) {
echo "It looks like NREN " . $nren_id . " " . "has been migrated already, please verify this and if not, " . "clean the fields in the database before venturing forth.\n";
} else {
echo "Migrating NREN " . $nren_id . " to new schema.\n";
$u = "UPDATE nrens SET login_name=?, ap_name=?, password=?, ivector=? WHERE nren_id=?";
MDB2Wrapper::update($u, array('text', 'text', 'text', 'text', 'integer'), array($username, $ap_name, $password, $ivector, $nren_id));
}
}
private function deleteAdmin($admin, $level)
{
/* does the current user have the rights? */
try {
$query = "SELECT a.* FROM admins a LEFT JOIN nrens n on n.nren_id = a.nren";
$query .= " WHERE (a.admin=? OR a.admin=?) AND n.name=?";
$res = MDB2Wrapper::execute($query, array('text', 'text', 'text'), array($admin, $this->person->getEPPN(), $this->person->getNREN()));
switch (count($res)) {
case 0:
Framework::error_output("Did not find neither the admin to delete or the current admin in the database. Cannot continue.");
return;
case 1:
if ($res[0]['admin'] != $admin) {
Framework::error_output("Cannot find the admin to delete in the admins-table. Cannot continue.");
return;
}
break;
case 2:
$id = 0;
if ($res[1]['admin'] == $admin) {
$id = 1;
}
$nrenID = $res[$id]['nren'];
$subscriberID = $res[$id]['subscriber'];
break;
default:
Framework::error_output("Too many hits in the database. Cannot decide where to go from here.");
return;
}
} catch (DBStatementException $dbse) {
$msg = "Cannot find id-values in the database due to server problems. Server said: " . htmlentities($dbse->getMessage());
Framework::error_output($msg);
return;
} catch (DBQueryException $dbqe) {
$msg = "Cannot find id-values due to data inconsistency. Server said: " . htmlentities($dbqe->getMessage());
Framework::error_output($msg);
return;
}
/* Find the admin-level of both admins and make sure that the
* enforcer (the admin performing the deletion) has the rights
* to do so. */
if ($res[0]['admin'] == $admin) {
$targetLevel = (int) $res[0]['admin_level'];
$enforcerLevel = (int) $res[1]['admin_level'];
} else {
$targetLevel = (int) $res[1]['admin_level'];
$enforcerLevel = (int) $res[0]['admin_level'];
}
if ($enforcerLevel < $targetLevel) {
Framework::error_output("Cannot delete admin with higher admin-level.");
return;
}
if ($targetLevel == NREN_ADMIN) {
$query = "DELETE FROM admins WHERE admin=? AND nren=?";
$params = array('text', 'text');
$data = array($admin, $nrenID);
} else {
$query = "DELETE FROM admins WHERE admin=? AND nren=? AND subscriber=?";
$params = array('text', 'text', 'text');
$data = array($admin, $nrenID, $subscriberID);
}
try {
MDB2Wrapper::update($query, $params, $data);
Logger::log_event(LOG_INFO, "Successfully deleted admin {$admin} with level {$targetLevel}");
} catch (DBStatementException $dbse) {
Framework::error_output("Could not delete the admin because the statement was bad " . "Please contact an administrator. Server said " . htmlentities($dbse->getMessage()));
Logger::log_event(LOG_NOTICE, __FILE__ . ":" . __LINE__ . ": Problem occured when trying to delete " . "admin {$admin} with level {$level}: " . $dbse->getMessage());
} catch (DBQueryException $dbqe) {
Framework::error_output("Could not delete the admin because of problems with the " . "received data. Server said " . htmlentities($dbqe->getMessage()));
Logger::log_event(LOG_INFO, __FILE__ . ":" . __LINE__ . ": Problem occured when tyring to delete " . "admin {$admin} with level {$level}: " . $dbqe->getMessage());
}
Framework::success_output($this->translateTag('l10n_suc_deleteadm1', 'admin') . " " . htmlentities($admin));
}
/**
* deleteCertFromDB - delete a certificate from the database.
*/
public function deleteCertFromDB($key)
{
if (!isset($key) || $key == "") {
return;
}
/* remove the certificate from the database */
try {
MDB2Wrapper::update("DELETE FROM cert_cache WHERE auth_key=?", array('text'), array($key));
Logger::log_event(LOG_NOTICE, "Removed the certificate ({$key}) from the database ");
} catch (DBStatementException $dbse) {
$msg = __FILE__ . ":" . __LINE__ . " Error in query syntax.";
Logger::log_event(LOG_NOTICE, $msg);
$msg .= "<BR />Could not delete the certificate with hash: {$key}.<br />Try to do a manual deletion.";
$msg .= "<BR />Server said: " . htmlentities($dbse->getMessage());
Framework::error_output($msg);
/* Even though we fail, the certificate was
* successfully revoked, thus the operation was
* semi-successful. But, true should indicate that
* *everything* went well */
return false;
} catch (DBQueryException $dbqe) {
$msg = __FILE__ . ":" . __LINE__ . " Query-error. Constraint violoation in query?";
Logger::log_event(LOG_NOTICE, $msg);
$msg .= "<BR />Server said: " . htmlentities($dbqe->getMessage());
Framework::error_output($msg);
return false;
}
return true;
}
function delete_csr_from_db($person, $auth_key)
{
if (!$person->isAuth()) {
return false;
}
/* Verify that the CSR is present */
try {
$csr = get_csr_from_db_raw($person->getX509ValidCN(), $auth_key);
} catch (CSRNotFoundException $csrnfe) {
echo "No matching CSR found.<BR>\n";
$msg = "Could not delete CSR from ip " . $_SERVER['REMOTE_ADDR'];
$msg .= " : " . stripslashes($person->getX509ValidCN()) . " Reason: not found";
Logger::log_event(LOG_NOTICE, $msg);
return false;
} catch (ConfusaGenException $cge) {
$msg = "Error in deleting CSR (" . htmlentities($auth_key) . ")";
$msg .= "for user: "******" ";
$msg .= "Too many hits!";
Framework::error_output($msg);
Logger::log_event(LOG_ALERT, $msg);
return false;
}
MDB2Wrapper::update("DELETE FROM csr_cache WHERE auth_key=? AND common_name=?", array('text', 'text'), array($auth_key, $person->getX509ValidCN()));
$msg = "Dropping csr " . $auth_key . " ";
$msg .= "for user " . stripslashes($person->getX509ValidCN()) . " (" . $_SERVER['REMOTE_ADDR'] . ") from csr_cache";
logger::log_event(LOG_NOTICE, $msg);
return true;
}
/**
* delSubscriber - remove the subscriber from the NREN and Confusa.
*
* This will remove the subscriber *permanently* along with all it's
* affiliated subscriber admins (this is handled by the database-schema
* with the 'ON DELETE CASCADE'.
*
* @param id String|integer the ID of the institution/subscriber in the database.
*
*/
private function delSubscriber($id)
{
if (!isset($id) || $id === "") {
Framework::error_output("Cannot delete subscriber with unknown id!");
}
$nren = $this->person->getNREN();
/*
* Make sure that we are deleting a subscriber from the current NREN.
*/
try {
$query = "SELECT nren_id, subscriber FROM nren_subscriber_view ";
$query .= "WHERE nren=? AND subscriber_id=?";
$res = MDB2Wrapper::execute($query, array('text', 'text'), array($this->person->getNREN(), $id));
} catch (DBQueryException $dbqe) {
$errorTag = PW::create();
$msg = "Could not delete subscriber with ID {$id} from DB.";
Logger::logEvent(LOG_NOTICE, "NRENAdmin", "delSubscriber()", $msg, __LINE__, $errorTag);
Framework::message_output($msg . "<br />[{$errorTag}] Server said: " . htmlentities($dbqe->getMessage()));
return false;
} catch (DBStatementException $dbse) {
$errorTag = PW::create();
$msg = "Could not delete subsriber with ID {$id} from DB, due to problems with the " . "statement. Probably this is a configuration error. Server said: " . $dbse->getMessage();
Logger::logEvent(LOG_NOTICE, "NRENAdmin", "delSubscriber()", $msg, __LINE__, $errorTag);
Framework::message_output("[{$errorTag}]" . htmlentities($msg));
return false;
}
if (count($res) != 1) {
Framework::error_output("Could not find a unique NREN/subscriber pair for subscriber with id " . htmlentities($id));
return false;
}
$nren_id = $res[0]['nren_id'];
$subscriberName = $res[0]['subscriber'];
if (!isset($nren_id) || $nren_id == "") {
Framework::error_output("Could not get the NREN-ID for subscriber " . htmlentities($id) . "Will not delete subscriber (" . htmlentites($id) . ").");
return false;
}
/*
* Revoke all certificates for subscriber
*/
$ca = CAHandler::getCA($this->person);
$list = $ca->getCertListForPersons("", $subscriberName);
$count = 0;
foreach ($list as $key => $value) {
try {
if (isset($value['auth_key'])) {
echo "<pre>\n";
print_r($value);
echo "</pre>\n";
if ($ca->revokeCert($value['auth_key'], "privilegeWithdrawn")) {
$count = $count + 1;
}
}
} catch (CGE_KeyRevokeException $kre) {
echo $kre->getMessage() . "<br />\n";
}
Logger::logEvent(LOG_INFO, "NRENAdmin", "delSubscriber()", "Deleting subscriber, revoked {$count} issued certificates " . "for subscriber {$subscriberName}.");
}
MDB2Wrapper::update("DELETE FROM subscribers WHERE subscriber_id = ? AND nren_id = ?", array('text', 'text'), array($id, $nren_id));
Logger::logEvent(LOG_INFO, "NRENAdmin", "delSubscriber()", "Deleted subscriber with ID {$id}.\n");
$msg = $this->translateTag('l10n_suc_deletesubs1', 'nrenadmin') . htmlentities($subscriberName) . $this->translateTag('l10n_suc_deletesubs2', 'nrenadmin') . " " . htmlentities($id) . ". " . $this->translateTag('l10n_suc_deletesubs3', 'nrenadmin') . " " . $count . " " . $this->translateTag('l10n_suc_deletesubs4', 'nrenadmin');
Framework::success_output($msg);
}
/**
* deleteCertificate() - remove a certificate associated with the
* subscriber from the database.
*
* @param String $serial the serial-number of the certificate.
* @return Boolean the result.
*/
private function deleteCertificate($serial)
{
$cert = $this->getRobotCert($serial);
if (isset($cert)) {
try {
MDB2Wrapper::update("DELETE FROM robot_certs WHERE id=?", array('text'), array($cert['id']));
Framework::success_output($this->translateTag('l10n_suc_deletecert1', 'robot') . htmlentities($serial) . $this->translateTag('l10n_suc_deletecert2', 'robot'));
Logger::log_event(LOG_NOTICE, "[RI] " . $this->person->getEPPN() . " from " . $this->person->getSubscriber()->getOrgName() . " deleted certificate {$serial} from the database");
return true;
} catch (Exception $e) {
Framework::error_output(htmlentities($e->getMessage()));
return false;
}
} else {
Framework::error_output("Could not find certificate (" . htmlentities($serial) . ") in database.");
return false;
}
/* Unreachable, but nevertheless */
return false;
}
/**
*After the CSR has been uploaded to the Comodo certificate apply API, it
* must be authorized by the user.
* Call the authorize endpoint in the API and update the respective DB entry.
*/
private function capiAuthorizeCSR()
{
$authorize_endpoint = ConfusaConstants::$CAPI_AUTH_ENDPOINT;
$postfields_auth = $this->bs_pf();
$postfields_auth["orderNumber"] = $this->order_number;
$data = CurlWrapper::curlContact($authorize_endpoint, "post", $postfields_auth);
Logger::log_event(LOG_DEBUG, "Authorizing CSR " . $this->order_number . " for signing.");
/* the only formal restriction we have is if the API returns 0 for the query */
if (substr($data, 0, 1) == "0") {
/* update the database-entry to reflect the autorization-state */
MDB2Wrapper::update("UPDATE order_store SET authorized='authorized' WHERE order_number=?", array('text'), array($this->order_number));
Logger::log_event(LOG_NOTICE, "Authorized certificate with order number " . $this->order_number . ". " . $this->owner_string);
} else {
Logger::log_event(LOG_WARNING, "Error authorizing CSR " . $this->order_number . " " . "Server said " . $error_parts[0] . " (" . $error_parts[1] . ")");
$msg = "Received an error when authorizing the CSR with orderNumber " . $this->order_number . $data . "\n";
$error_parts = explode("\n", $data, 2);
$msg .= $this->capiErrorMessage($error_parts[0], $error_parts[1]);
throw new CGE_ComodoAPIException($msg);
}
}
/**
* create() add a new subscriber to the database.
*
* This function will create a new entry in the subscribers-table and
* add the uploaded values to it.
*
* If the subscriber is valid, it means it has a db-entry, and thus we
* cannot create a new one.
*
* The function is a skeleton, it will create a skeleton subscriber and
* then call save() to decorate it. This is so we can handle arbitrary
* number of arguments. Requried attributes (such as idp_name) must be
* set as we sue this in order to create the entry.
*
* @param: void
* @return Boolean true|false indication success or failure.
*/
public function create()
{
if ($this->isValid()) {
return false;
}
if (is_null($this->getIdPName()) || $this->getIdPName() == "") {
throw new ConfusaGenException("Cannot add subscriber without an IdP-name " . "(Attribute Name). " . "This is requried for all subscribers.");
}
if (is_null($this->org_name) || $this->org_name == "") {
throw new ConfusaGenException("Cannot add subscriber without an org-name" . "(DN Organization Name) ." . "This value cannot be changed after the subscriber has been added " . "and must be provided at creation.");
}
$query = "INSERT INTO subscribers (name, dn_name, nren_id) VALUES(?, ?, ?)";
$params = array('text', 'text', 'text');
$data = array($this->getIdPName(), $this->org_name, $this->nren->getID());
try {
MDB2Wrapper::update($query, $params, $data);
$id_res = MDB2Wrapper::execute("SELECT subscriber_id FROM subscribers where name=? AND nren_id=?", array('text', 'text'), array($this->getIdPName(), $this->nren->getID()));
if (count($id_res) == 1) {
$this->setDBID($id_res[0]['subscriber_id']);
$this->valid = true;
$this->save();
} else {
throw new ConfusaGenException("Could not add subscriber to database for unknown reason.");
}
return true;
} catch (DBStatementException $dbse) {
$msg = __CLASS__ . "::" . __FUNCTION__ . "(" . __LINE__ . ") ";
$msg .= "Cannot connect properly to database, some internal error. ";
$msg .= "Make sure the DB is configured correctly." . $dbse->getMessage();
throw new ConfusaGenException($msg);
} catch (DBQueryException $dbqe) {
$msg = __CLASS__ . "::" . __FUNCTION__ . "(" . __LINE__ . ") ";
$msg .= "Cannot connect properly to database, ";
$msg .= "errors with supplied data.";
throw new ConfusaGenException($msg);
}
return false;
}
/**
* getAdminStatus() get the admin-level from the database
*
* This function assumes isAuth() has been verified.
*
* @param void
* @return Integer value indication the admin-level
*/
private function getAdminStatus()
{
if (isset($this->adminStatus)) {
return $this->adminStatus;
}
$adminRes = NORMAL_USER;
if (!$this->isAuth()) {
$this->adminStatus = NORMAL_USER;
return NORMAL_USER;
}
/* if the database is riddled with errors, do not run through the
* test once more, just bail */
if ($this->adminDBError) {
$this->adminStatus = NORMAL_USER;
return NORMAL_USER;
}
require_once 'MDB2Wrapper.php';
$errorCode = PW::create(8);
$query = "SELECT * FROM admins WHERE admin=:admin AND nren=:nren_id AND ";
$query .= "((admin_level='2' AND (idp_url='' OR ISNULL(idp_url) OR idp_url=:idp_url)) OR ";
$query .= "((admin_level='1' OR admin_level='0') AND subscriber=:subscriber_id))";
$params = array();
$params['admin'] = $this->eppn;
$params['nren_id'] = $this->nren->getID();
$params['idp_url'] = $this->nren->getIdP();
$params['subscriber_id'] = -1;
if (!is_null($this->getSubscriber())) {
$params['subscriber_id'] = $this->getSubscriber()->getDBID();
}
$res = MDB2Wrapper::execute($query, null, $params);
$size = count($res);
if ($size == 1) {
$adminRes = $res[0]['admin_level'];
if ($this->getName(false) != $res[0]['admin_name'] || $this->getEmail(false) != $res[0]['admin_email']) {
try {
MDB2Wrapper::update("UPDATE admins SET admin_name=?, admin_email=? WHERE admin_id=?", array('text', 'text', 'text'), array($this->getName(false), $this->getEmail(false), $res[0]['admin_id']));
} catch (DBStatementException $dbse) {
$msg = "[{$errorCode}] Database not properly set. Missing fields in the admins-table.";
Logger::log_event(LOG_ALERT, __FILE__ . ":" . __LINE__ . $msg);
Framework::error_output($msg . "<br />Server said: " . $dbse->getMessage());
$this->adminDBError = true;
} catch (DBQueryException $dbqe) {
Logger::log_event(LOG_INFO, "[{$errorCode}] Could not update data for admin." . $dbqe->getMessage());
Framework::error_output("[{$errorCode}] Could not update data for admin. Problems with keys. Server said: " . $dbqe->getMessage());
$this->adminDBError = true;
} catch (Exception $e) {
$msg = "Could not update admin-data. Unknown error. Server said: " . $e->getMessage();
Framework::error_output($msg);
Logger::Log_event(LOG_INFO, $msg);
$this->adminDBError = true;
}
}
}
$this->adminStatus = $adminRes;
return $adminRes;
}
/**
* save() save the Certificate to the database.
*
* This function requires that the owner is a registred
* administrator. It will then save all the registred fields to the
* database and connect the admin to the certificate.
*
* The function will handle both new certificates as well as updating
* existing ones.
*
* @param void
* @return Boolean flag indicating if the save-operation succeeded
* @access public
*/
public function save()
{
/* is it a new certificate? */
if (!$this->getCertFromDB()) {
if (!isset($this->owner)) {
return false;
}
try {
$admin_res = MDB2Wrapper::execute("SELECT * FROM admins WHERE admin_id=?", array('text'), array($this->owner));
if (count($admin_res) == 0) {
return false;
}
if (count($admin_res) > 1) {
Logger::log_event(LOG_WARNING, __FILE__ . ":" . __LINE__ . " Corrupted database. Multiple admins with same primary key!");
return false;
}
$this->subscriber = Input::sanitizeID($admin_res[0]['subscriber']);
} catch (DBStatementException $dbse) {
Logger::log_event(LOG_WARNING, __FILE__ . ":" . __LINE__ . " Could not find Admin (statement), server said: " . $dbse->getMessage());
return false;
} catch (DBQueryException $dbqe) {
Logger::log_event(LOG_WARNING, __FILE__ . ":" . __LINE__ . " Could not find Admin (query), server said: " . $dbqe->getMessage());
return false;
}
$update = "INSERT INTO robot_certs (subscriber_id, uploaded_by, ";
$update .= " uploaded_date, valid_until, cert, fingerprint, ";
$update .= "serial, comment)";
$update .= " VALUES(?, ?, current_timestamp(), ?, ?, ?, ?, ?)";
$params = array('text', 'text', 'text', 'text', 'text', 'text', 'text');
$data = array($this->subscriber, $this->owner, $this->getEndDate(), $this->getPEMContent(), $this->getFingerprint(), $this->getSerial(), $this->getComment());
echo "{$update}\n";
try {
MDB2Wrapper::update($update, $params, $data);
return true;
} catch (DBStatementException $dbse) {
Logger::log_event(LOG_WARNING, __FILE__ . ":" . __LINE__ . " Could save Robot-cert (statement), server said: " . $dbse->getMessage());
return false;
} catch (DBQueryException $dbqe) {
Logger::log_event(LOG_WARNING, __FILE__ . ":" . __LINE__ . " Could save Robot-cert (query), server said: " . $dbqe->getMessage());
return false;
}
} else {
if (is_array($this->changed) && count($this->changed) > 0) {
/* existing certificate, but things have changed. */
$query = "UPDATE robot_certs SET ";
$params = array();
$data = array();
foreach ($this->changed as $key => $value) {
$query .= "{$key}=:{$key}, ";
$data[$key] = $value;
}
$query = substr($query, 0, -2) . " WHERE id=:id";
$data['id'] = $this->db_id;
try {
MDB2Wrapper::update($query, null, $data);
echo "updated OK\n";
return true;
} catch (DBStatementException $dbse) {
$msg = __CLASS__ . "::" . __FUNCTION__ . "(" . __LINE__ . ") ";
$msg .= "Cannot connect properly to database, some internal error. ";
$msg .= "Make sure the DB is configured correctly." . $dbse->getMessage();
} catch (DBQueryException $dbqe) {
$msg = __CLASS__ . "::" . __FUNCTION__ . "(" . __LINE__ . ") ";
$msg .= "Cannot connect properly to database, ";
$msg .= "errors with supplied data.";
}
}
}
return false;
}
private function updateNRENPrivacyNotice($nren, $new_text)
{
$query = "UPDATE nrens SET privacy_notice=? WHERE nren_id=?";
try {
$res = MDB2Wrapper::update($query, array('text', 'text'), array($new_text, $nren->getID()));
} catch (DBStatementException $dbse) {
Framework::error_output("Problem updating the privacy-notice of your NREN! " . "Please contact an administrator to resolve this! " . "Server said " . htmlentities($dbse->getMessage()));
return;
} catch (DBQueryException $dbqe) {
Framework::error_output("Problem updating the about text of your NREN, " . "probably related to the supplied data. " . "Please verify the data to be inserted! " . "Server said " . htmlentities($dbqe->getMessage()));
return;
}
Logger::log_event(LOG_INFO, "Privacy-notice for NREN {$nren} was changed by " . $this->person->getEPPN() . " from " . $_SERVER['REMOTE_ADDR']);
Framework::success_output($this->translateTag('l10n_suc_privnoticetext', 'stylist'));
}
/**
* save() store updated results to the database, encrypting the password
* before storage.
*/
public function save($validate = true)
{
if (!$this->changed) {
return false;
}
if ($validate && !CAHandler::getCA($this->person)->verifyCredentials($this->login_name, $this->password)) {
/* FIXME: l10n */
throw new ConfusaGenException("Invalid username/password, Comodo will not accept!");
}
/* We create a new ivector every time we save the password */
$size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CFB);
$iv = mcrypt_create_iv($size, MCRYPT_DEV_URANDOM);
$cryptpw = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, Config::get_config('capi_enc_pw'), base64_encode($this->password), MCRYPT_MODE_CFB, $iv));
if (MDB2Wrapper::testColumn('nrens', 'login_name') && MDB2Wrapper::testColumn('nrens', 'password') && MDB2Wrapper::testColumn('nrens', 'ivector') && MDB2Wrapper::testColumn('nrens', 'ap_name')) {
$sql = " UPDATE nrens SET login_name=?, password=?, ivector=?, ap_name=?";
$sql .= " WHERE nren_id = ?";
Logger::log_event(LOG_DEBUG, "Using the new database-schema for account-details");
} else {
if (isset($this->account_id)) {
$sql = "UPDATE account_map SET login_name=?, password=?, ivector=?, ap_name=?";
$sql .= " WHERE nren_id = ?";
} else {
$sql = "INSERT INTO account_map (login_name, password, ivector, ap_name, nren_id) ";
$sql .= "VALUES(?, ?, ?, ?, ?)";
}
}
$params = array('text', 'text', 'text', 'text', 'integer');
$data = array($this->login_name, $cryptpw, base64_encode($iv), $this->ap_name, $this->nren->getID());
try {
MDB2Wrapper::update($sql, $params, $data);
Logger::log_event(LOG_NOTICE, "account-data updated for NREN " . $this->nren->getID());
} catch (DBQueryException $dqe) {
$errorTag = PW::create();
Logger::log_event(LOG_ERR, "Could not update the login-account with ID " . $this->account_id . " for " . $this->nren->getID() . "(" . $this->login_name . ")");
return false;
} catch (DBStatementException $dse) {
$errorTag = PW::create();
Logger::log_event(LOG_ERR, "Could not update the login-account for NREN " . $this->nren->getID() . " to new value {$login_name} " . $dse->getMessage());
return false;
}
$this->changed = false;
return true;
}
/**
* An error considered critical for Confusa's execution has happened, try
* to insert it into the DB, so error reporting tools and admins can handle
* it.
*
* @param $log_level const integer The log level (EMERG, CRIT...) of the
* log-event
* @param $log_body string The log message itself
*/
static function insertCriticalErrorIntoDB($log_level, $log_body)
{
include_once 'MDB2Wrapper.php';
include_once 'confusa_gen.php';
$query = "INSERT INTO critical_errors(error_date, error_level, log_msg) ";
$query .= "VALUES(current_timestamp,?,?)";
try {
$res = @MDB2Wrapper::update($query, array('text', 'text'), array($log_level, $log_body));
} catch (ConfusaGenException $e) {
/* log the exception... no, wait... */
}
}
/**
* Set/update maintenance message for a given NREN.
*
* @param Person $person
* @param String $msg the new NREN maint-mode message
* @returns Boolean true if update was successful
* @access public
*/
public function setMaintMsg($person, $msg)
{
if (!isset($msg) || !isset($person)) {
return false;
}
try {
MDB2Wrapper::update("UPDATE nrens SET maint_msg=? WHERE nren_id=?", array('text', 'text'), array($msg, $this->getID()));
} catch (DBQueryException $dbqe) {
/* FIXME */
} catch (DBStatementException $dbse) {
/* FIXME */
}
unset($this->maint_msg);
$this->getMaintMsg();
if ($this->maint_msg !== $msg) {
Logger::log_event(LOG_ERR, "Could not save NREN-maintenance-message for {$nname} to DB.");
return false;
}
Logger::log_event(LOG_NOTICE, $person->getEPPN() . "(" . $person->getName() . ") updated maintenance-message for " . $this->getName());
return true;
}
/**
* deleteFromDB() remove one (or all() CSR belonging to a person
*
* @param Person $person the owner of the CSR.
* @param String|null $pubHash optional hash. If present, only
* this will be removed
* @return Boolean True if removed ok.
* @access public
*/
static function deleteFromDB($person, $pubHash = null)
{
if (!isset($person)) {
return false;
}
$remove = "DELETE FROM csr_cache WHERE common_name=:common_name";
$data['common_name'] = $person->getX509ValidCN();
if (isset($pubHash)) {
$remove .= " AND auth_key=:auth_key";
$data['auth_key'] = $pubHash;
}
try {
MDB2Wrapper::update($remove, null, $data);
} catch (DBStatementException $dbse) {
Logger::log_event(LOG_WARNING, __FILE__ . ":" . __LINE__ . " Coult not remove CSR from database. Server said: " . $dbse->getMessage());
return false;
} catch (DBQueryException $dbqe) {
Logger::log_event(LOG_WARNING, __FILE__ . ":" . __LINE__ . " Coult not remove CSR from database. Server said: " . $dbqe->getMessage());
return false;
}
return true;
}
