public function Execute($db, $params)
{
if (isset($params["SceneID"]) && UUID::TryParse($params["SceneID"], $this->SceneID)) {
$sql = "DELETE FROM Scenes WHERE ID='" . $this->SceneID . "'";
} else {
if (isset($params["Name"])) {
$sql = "DELETE FROM Scenes WHERE Name='" . $params["Name"] . "'";
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
}
$sth = $db->prepare($sql);
if ($sth->execute()) {
header("Content-Type: application/json", true);
echo '{ "Success": true }';
exit;
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
}
public function Execute($db, $params)
{
if (isset($params["Identifier"], $params["Credential"], $params["Type"], $params["UserID"]) && UUID::TryParse($params["UserID"], $this->UserID)) {
if (isset($params["Enabled"]) && $params["Enabled"] == False) {
$parameters = array(':Identifier' => $params["Identifier"], ':Credential' => $params["Credential"], ':Type' => $params["Type"], ':UserID' => $this->UserID);
$sql = "INSERT INTO Identities (Identifier, Credential, Type, UserID, Enabled)\n VALUES (:Identifier, :Credential, :Type, :UserID, False)\n ON DUPLICATE KEY UPDATE Credential=VALUES(Credential), Type=VALUES(Type), UserID=VALUES(UserID), Enabled=VALUES(Enabled)";
} else {
$parameters = array(':Identifier' => $params["Identifier"], ':Credential' => $params["Credential"], ':Type' => $params["Type"], ':UserID' => $this->UserID);
$sql = "INSERT INTO Identities (Identifier, Credential, Type, UserID)\n VALUES (:Identifier, :Credential, :Type, :UserID)\n ON DUPLICATE KEY UPDATE Credential=VALUES(Credential), Type=VALUES(Type), UserID=VALUES(UserID), Enabled=1";
}
$sth = $db->prepare($sql);
if ($sth->execute($parameters)) {
header("Content-Type: application/json", true);
echo '{ "Success": true }';
exit;
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
}
public function Execute($db, $params)
{
// TODO: Sanity check the expiration date
// TODO: Also run a regex on Resource to make sure it's a valid (relative or absolute) URL
if (!isset($params["OwnerID"], $params["Resource"], $params["Expiration"]) || !UUID::TryParse($params["OwnerID"], $this->OwnerID)) {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
if (!isset($params["CapabilityID"]) || !UUID::TryParse($params["CapabilityID"], $this->CapabilityID)) {
$this->CapabilityID = UUID::Random();
}
$resource = $params["Resource"];
$expiration = $params["Expiration"];
$sql = "INSERT INTO Capabilities (ID, OwnerID, Resource, ExpirationDate) VALUES (:ID, :OwnerID, :Resource, :ExpirationDate)\n ON DUPLICATE KEY UPDATE OwnerID=VALUES(OwnerID), Resource=VALUES(Resource), ExpirationDate=VALUES(ExpirationDate)";
$sth = $db->prepare($sql);
if ($sth->execute(array(':ID' => $this->CapabilityID, ':OwnerID' => $this->OwnerID, ':Resource' => $resource, ':ExpirationDate' => $expiration))) {
header("Content-Type: application/json", true);
echo sprintf('{"Success": true, "CapabilityID": "%s"}', $this->CapabilityID);
exit;
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
}
public function Execute($db, $params)
{
$sql = "SELECT Identifier, Type, Credential, UserID, Enabled FROM Identities WHERE";
$id = null;
if (isset($params["UserID"]) && UUID::TryParse($params["UserID"], $id)) {
$sql .= " UserID=:ID";
} else {
if (isset($params["Identifier"])) {
$id = $params["Identifier"];
$sql .= " Identifier=:ID";
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
}
$sth = $db->prepare($sql);
if ($sth->execute(array(':ID' => $id))) {
$found = array();
while ($obj = $sth->fetchObject()) {
$found[] = sprintf('{"Identifier":"%s","Credential":"%s","Type":"%s","UserID":"%s","Enabled":%s}', $obj->Identifier, $obj->Credential, $obj->Type, $obj->UserID, $obj->Enabled ? 'true' : 'false');
}
header("Content-Type: application/json", true);
echo '{"Success":true,"Identities":[' . implode(',', $found) . ']}';
exit;
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
}
public function Execute($db, $params)
{
if (!isset($params["OwnerID"], $params["Resource"], $params["Expiration"]) || !UUID::TryParse($params["OwnerID"], $this->OwnerID)) {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
if (!isset($params["CapabilityID"]) || !UUID::TryParse($params["CapabilityID"], $this->CapabilityID)) {
$this->CapabilityID = UUID::Random();
}
$resource = $params["Resource"];
$expiration = intval($params["Expiration"]);
// Sanity check the expiration date
if ($expiration <= time()) {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid expiration date ' . $expiration . '" }';
exit;
}
log_message('debug', "Creating capability " . $this->CapabilityID . " owned by " . $this->OwnerID . " mapping to {$resource} until {$expiration}");
$sql = "INSERT INTO Capabilities (ID, OwnerID, Resource, ExpirationDate) VALUES (:ID, :OwnerID, :Resource, FROM_UNIXTIME(:ExpirationDate))\n ON DUPLICATE KEY UPDATE ID=VALUES(ID), Resource=VALUES(Resource), ExpirationDate=VALUES(ExpirationDate)";
$sth = $db->prepare($sql);
if ($sth->execute(array(':ID' => $this->CapabilityID, ':OwnerID' => $this->OwnerID, ':Resource' => $resource, ':ExpirationDate' => $expiration))) {
header("Content-Type: application/json", true);
echo sprintf('{"Success": true, "CapabilityID": "%s"}', $this->CapabilityID);
exit;
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
}
public function Execute($db, $params)
{
if (isset($params["SceneID"], $params["Enabled"]) && UUID::TryParse($params["SceneID"], $this->SceneID)) {
$sql = "UPDATE Scenes SET Enabled=:Enabled WHERE ID='" . $this->SceneID . "'";
} else {
if (isset($params["Name"], $params["Enabled"])) {
$sql = "UPDATE Scenes SET Enabled=:Enabled WHERE Name='" . $params["Name"] . "'";
} else {
log_message('error', sprintf("AddScene: Unable to parse passed parameters or parameter missing: '%s'", print_r($params, true)));
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
}
$sth = $db->prepare($sql);
if ($sth->execute(array(':Enabled' => $params["Enabled"]))) {
if ($sth->rowCount() > 0) {
header("Content-Type: application/json", true);
echo '{ "Success": true }';
exit;
} else {
log_message('error', "Failed updating the database");
header("Content-Type: application/json", true);
echo '{ "Message": "Database update failed" }';
exit;
}
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
}
public function Execute($db, $params)
{
$sql = "DELETE FROM Sessions";
if (isset($params['SessionID']) && UUID::TryParse($params['SessionID'], $this->ID)) {
$sql .= " WHERE SessionID=:ID";
} else {
if (isset($params['UserID']) && UUID::TryParse($params['UserID'], $this->ID)) {
$sql .= " WHERE UserID=:ID";
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
}
$sth = $db->prepare($sql);
if ($sth->execute(array(':ID' => $this->ID))) {
header("Content-Type: application/json", true);
echo '{ "Success": true }';
exit;
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
}
public function Execute($db, $params)
{
$this->inventory = new ALT($db);
$folderid = '';
if (!isset($params["FolderID"]) || !UUID::TryParse($params["FolderID"], $folderid)) {
$folderid = UUID::Random();
}
$this->Folder = new InventoryFolder($folderid);
if (!isset($params, $params["Name"], $params["ParentID"], $params["OwnerID"]) || !UUID::TryParse($params["ParentID"], $this->Folder->ParentID) || !UUID::TryParse($params["OwnerID"], $this->Folder->OwnerID)) {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
$this->Folder->Name = trim($params["Name"]);
$this->Folder->ContentType = isset($params["ContentType"]) && trim($params["ContentType"]) != '' ? trim($params["ContentType"]) : 'application/octet-stream';
$this->Folder->ExtraData = isset($params["ExtraData"]) ? trim($params["ExtraData"]) : '';
try {
$result = $this->inventory->InsertNode($this->Folder);
if ($result != FALSE) {
header("Content-Type: application/json", true);
echo sprintf('{ "Success": true, "FolderID": "%s" }', $result);
exit;
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Folder creation failed" }';
exit;
}
} catch (Exception $ex) {
log_message('error', sprintf("Error occurred during query: %s", $ex));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
}
public function Execute($db, $params)
{
$asset = null;
$assetID = null;
if (isset($params["ID"]) && UUID::TryParse($params["ID"], $assetID)) {
log_message('debug', "xGetAsset asset: {$assetID}");
$assets = new SQLAssets($db);
$asset = $assets->GetAsset($assetID);
}
$response = array();
if (!empty($asset)) {
$response['Success'] = TRUE;
$response['SHA256'] = $asset->SHA256;
$response['Last-Modified'] = gmdate(DATE_RFC850, $asset->CreationDate);
$response['CreatorID'] = $asset->CreatorID;
$response['ContentType'] = $asset->ContentType;
$response['ContentLength'] = $asset->ContentLength;
$response['EncodedData'] = base64_encode($asset->Data);
$response['Temporary'] = $asset->Temporary;
} else {
log_message('info', "Asset {$assetID} not found");
$response['Success'] = FALSE;
$response['Message'] = "Asset {$assetID} not found";
}
header("Content-Type: application/json", true);
echo json_encode($response);
exit;
}
public function Execute($db, $params)
{
if (!isset($params["CapabilityID"]) || !UUID::TryParse($params["CapabilityID"], $this->CapabilityID)) {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
$sql = "SELECT OwnerID,Resource,UNIX_TIMESTAMP(ExpirationDate) AS ExpirationDate FROM Capabilities WHERE ID=:ID AND UNIX_TIMESTAMP(ExpirationDate) > UNIX_TIMESTAMP() LIMIT 1";
$sth = $db->prepare($sql);
if ($sth->execute(array(':ID' => $this->CapabilityID))) {
if ($sth->rowCount() > 0) {
$obj = $sth->fetchObject();
header("Content-Type: application/json", true);
echo sprintf('{"Success": true, "CapabilityID": "%s", "OwnerID": "%s", "Resource": "%s", "Expiration": %u}', $this->CapabilityID, $obj->OwnerID, $obj->Resource, $obj->ExpirationDate);
exit;
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Capability not found" }';
exit;
}
}
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
public function Execute($db, $params)
{
if (!isset($params["OwnerID"]) || !UUID::TryParse($params["OwnerID"], $this->OwnerID)) {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
$sql = "SELECT ID,Resource,UNIX_TIMESTAMP(ExpirationDate) AS ExpirationDate FROM Capabilities WHERE OwnerID=:OwnerID AND UNIX_TIMESTAMP(ExpirationDate) > UNIX_TIMESTAMP()";
$sth = $db->prepare($sql);
if ($sth->execute(array(':OwnerID' => $this->OwnerID))) {
$caplist = array();
while ($obj = $sth->fetchObject()) {
$cap = sprintf('{"CapabilityID":"%s","Resource":"%s","Expiration":"%s"}', $obj->ID, $obj->Resource, $obj->ExpirationDate);
$caplist[] = $cap;
}
header("Content-Type: application/json", true);
echo '{ "Success":true,"Capabilities":[' . implode(',', $caplist) . ']}';
exit;
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
}
public function Execute($db, $params)
{
if (isset($params["UserID"], $params["Name"], $params["Email"]) && UUID::TryParse($params["UserID"], $this->UserID)) {
// Distinguish between a user insert, and a user update
$sql = "SELECT ID FROM Users WHERE ID=:ID";
$sth = $db->prepare($sql);
$sth->execute(array('ID' => $this->UserID));
if ($sth->rowCount() == 0) {
// New User Insertion
$sql = "INSERT INTO Users (ID, Name, Email, AccessLevel) VALUES (:ID, :Name, :Email, :AccessLevel)";
} else {
// UUID exists, update existing record
$sql = "UPDATE Users SET Name=:Name, Email=:Email, AccessLevel=:AccessLevel WHERE ID=:ID";
}
$sth->closeCursor();
// Set the AccessLevel for this user
if (isset($params["AccessLevel"]) && is_numeric($params["AccessLevel"])) {
$accessLevel = (int) $params["AccessLevel"];
if ($accessLevel > 255) {
$accessLevel = 255;
} else {
if ($accessLevel < 0) {
$accessLevel = 0;
}
}
} else {
$accessLevel = 0;
}
$sth = $db->prepare($sql);
if ($sth->execute(array('ID' => $this->UserID, 'Name' => $params["Name"], 'Email' => $params["Email"], 'AccessLevel' => $accessLevel))) {
if ($sth->rowCount() > 0) {
header("Content-Type: application/json", true);
echo '{ "Success": true }';
exit;
} else {
log_message('error', "Failed updating the database");
header("Content-Type: application/json", true);
echo '{ "Message": "Database update failed" }';
exit;
}
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
} else {
log_message('error', sprintf("Missing or invalid parameters: %s", print_r($params, true)));
header("Content-Type: application/json", true);
echo '{ "Message": "Missing or invalid parameters" }';
exit;
}
}
public function Execute($db, $params)
{
if (isset($params["UserID"]) && UUID::TryParse($params["UserID"], $this->UserID)) {
unset($params["RequestMethod"]);
unset($params["UserID"]);
if (count($params) > 0) {
$sql = "REPLACE INTO UserData (ID, `Key`, `Value`) VALUES";
$values = array(":ID" => $this->UserID);
$i = 0;
foreach ($params as $key => $value) {
if ($key === "UserID" || $key === "Name" || $key === "Email") {
header("Content-Type: application/json", true);
echo '{ "Message": "Field name is reserved" }';
exit;
}
if ($i > 0) {
$sql .= ',';
}
$sql .= '(:ID, :Key' . $i . ', :Value' . $i . ')';
$values[':Key' . $i] = preg_replace('/[^a-zA-Z0-9\\s]/', '', $key);
$values[':Value' . $i] = escape_json($value);
++$i;
}
$sth = $db->prepare($sql);
if ($sth->execute($values)) {
if ($sth->rowCount() > 0) {
header("Content-Type: application/json", true);
echo '{ "Success": true }';
exit;
} else {
log_message('error', "Failed updating the database");
header("Content-Type: application/json", true);
echo '{ "Message": "Database update failed" }';
exit;
}
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "No fields specified" }';
exit;
}
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Missing or invalid UserID" }';
exit;
}
}
public function Execute($db, $params)
{
$sql = "SELECT * FROM Sessions WHERE";
if (isset($params["UserID"]) && UUID::TryParse($params["UserID"], $this->ID)) {
$sql .= " UserID=:ID";
} else {
if (isset($params["SessionID"]) && UUID::TryParse($params["SessionID"], $this->ID)) {
$sql .= " SessionID=:ID";
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
}
$sth = $db->prepare($sql);
if ($sth->execute(array(':ID' => $this->ID))) {
if ($sth->rowCount() > 0) {
$obj = $sth->fetchObject();
$session = new Session();
$session->UserID = $obj->UserID;
$session->SessionID = $obj->SessionID;
$session->SecureSessionID = $obj->SecureSessionID;
$session->SceneID = $obj->SceneID;
$session->ScenePosition = Vector3::Parse($obj->ScenePosition);
$session->SceneLookAt = Vector3::Parse($obj->SceneLookAt);
$session->LastUpdate = $obj->LastUpdate;
$session->ExtraData = $obj->ExtraData;
if (empty($session->ExtraData)) {
$session->ExtraData = "{}";
}
$output = sprintf('{ "Success": true, "UserID": "%s", "SessionID": "%s", "SecureSessionID": "%s", "SceneID": "%s", "ScenePosition": %s, "SceneLookAt": %s, "ExtraData": %s }', $session->UserID, $session->SessionID, $session->SecureSessionID, $session->SceneID, $session->ScenePosition->toOSD(), $session->SceneLookAt->toOSD(), $session->ExtraData);
header("Content-Type: application/json", true);
echo $output;
exit;
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Session not found" }';
exit;
}
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
}
public function Execute($db, $params)
{
if (isset($params["SessionID"]) && UUID::TryParse($params["SessionID"], $this->SessionID)) {
$sql = "UPDATE Sessions SET";
$dbValues = array('SessionID' => $this->SessionID);
$addComma = FALSE;
handle_uuid_parameter("SecureSessionID", $params, $sql, $dbValues, $addComma);
handle_uuid_parameter("SceneID", $params, $sql, $dbValues, $addComma);
handle_vector_parameter("ScenePosition", $params, $sql, $dbValues, $addComma);
handle_vector_parameter("SceneLookAt", $params, $sql, $dbValues, $addComma);
handle_json_parameter("ExtraData", $params, $sql, $dbValues, $addComma);
$sql .= " WHERE SessionID=:SessionID";
$sth = $db->prepare($sql);
if ($sth->execute($dbValues)) {
// TODO: We don't currently check if a row was actually updated since rowCount() will be zero
// if there was no change (false negative).
header("Content-Type: application/json", true);
echo '{ "Success": true }';
exit;
//if ($sth->rowCount() > 0)
//{
// header("Content-Type: application/json", true);
// echo '{ "Success": true }';
// exit();
//}
//else
//{
// // FIXME: rowCount() will be 0 if no changes were made. No
// // change should still be reported as a success
// header("Content-Type: application/json", true);
// echo '{ "Message": "Session does not exist" }';
// exit();
//}
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
}
public function Execute($db, $params)
{
$this->Scene = new Scene();
if (isset($params["SceneID"], $params["Key"], $params["Value"]) && UUID::TryParse($params["SceneID"], $this->Scene->ID)) {
$sql = "SELECT ExtraData FROM Scenes WHERE Scenes.ID = :SceneID";
$sth = $db->prepare($sql);
$key = $params['Key'];
$value = $params['Value'];
if ($sth->execute(array('SceneID' => $this->Scene->ID))) {
if ($sth->rowCount() == 1) {
$obj = $sth->fetchObject();
$scene = new Scene();
$xtra = array();
if (!is_null($obj->ExtraData)) {
$xtra = json_decode($obj->ExtraData, true);
}
$xtra[$key] = $value;
$sql2 = "UPDATE Scenes SET ExtraData = :ExtraData WHERE ID = :SceneID";
$sth2 = $db->prepare($sql2);
if ($sth2->execute(array('SceneID' => $this->Scene->ID, 'ExtraData' => json_encode($xtra)))) {
header("Content-Type: application/json", true);
echo '{"Success":true}';
exit;
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "unable to set scene" }';
exit;
}
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "No matching scene found" }';
exit;
}
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
}
}
public function Execute($db, $params)
{
$itemID = NULL;
$ownerID = NULL;
$fetchFolders = TRUE;
$fetchItems = TRUE;
$childrenOnly = TRUE;
if (!isset($params["ItemID"], $params["OwnerID"]) || !UUID::TryParse($params["ItemID"], $itemID) || !UUID::TryParse($params["OwnerID"], $ownerID)) {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
if (isset($params["IncludeFolders"])) {
$fetchFolders = (bool) $params["IncludeFolders"];
}
if (isset($params["IncludeItems"])) {
$fetchItems = (bool) $params["IncludeItems"];
}
if (isset($params["ChildrenOnly"])) {
$childrenOnly = (bool) $params["ChildrenOnly"];
}
$this->inventory = new ALT($db);
// Optimization for inventory skeleton fetching
if ($itemID == $ownerID && $fetchFolders && !$fetchItems && !$childrenOnly) {
log_message('debug', 'Doing a FetchSkeleton for ' . $ownerID);
if ($library = $this->inventory->FetchSkeleton($ownerID)) {
output_results($library);
exit;
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Inventory not found" }';
exit;
}
} else {
if ($nodes = $this->inventory->FetchDescendants($itemID, $fetchFolders, $fetchItems, $childrenOnly)) {
output_results($nodes);
exit;
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Item or folder not found" }';
exit;
}
}
}
public function Execute($db, $params)
{
$ownerID = null;
if (isset($params["Type"])) {
$dbValues = array(':Type' => $params["Type"]);
if (isset($params["OwnerID"]) && UUID::TryParse($params["OwnerID"], $ownerID)) {
$sql = "SELECT `OwnerID`, `Key`, `Value` FROM Generic WHERE `OwnerID`=:OwnerID AND `Type`=:Type";
$dbValues[':OwnerID'] = $ownerID;
if (isset($params["Key"])) {
$sql .= " AND `Key`=:Key";
$dbValues[':Key'] = $params["Key"];
}
} else {
if (isset($params["Key"])) {
$sql = "SELECT `OwnerID`, `Key`, `Value` FROM Generic WHERE `Key`=:Key AND `Type`=:Type";
$dbValues[':Key'] = $params["Key"];
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
}
$sth = $db->prepare($sql);
if ($sth->execute($dbValues)) {
$found = array();
while ($obj = $sth->fetchObject()) {
$found[] = json_encode(array('OwnerID' => $obj->OwnerID, 'Key' => $obj->Key, 'Value' => $obj->Value));
}
header("Content-Type: application/json", true);
echo '{ "Success": true, "Entries": [' . implode(',', $found) . '] }';
exit;
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
}
public function Execute($db, $params)
{
$this->inventory = new ALT($db);
$itemid = null;
if (!isset($params["ItemID"]) || !UUID::TryParse($params["ItemID"], $itemid)) {
$itemid = UUID::Random();
}
$this->Item = new InventoryItem($itemid);
if (!isset($params, $params["AssetID"], $params["Name"], $params["ParentID"], $params["OwnerID"]) || !UUID::TryParse($params["ParentID"], $this->Item->ParentID) || !UUID::TryParse($params["AssetID"], $this->Item->AssetID) || !UUID::TryParse($params["OwnerID"], $this->Item->OwnerID)) {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
$this->Item->Name = trim($params["Name"]);
$this->Item->Description = isset($params["Description"]) ? $params["Description"] : '';
$this->Item->ExtraData = isset($params["ExtraData"]) ? $params["ExtraData"] : '';
// If the CreatorID is not set, invalid, or zero, we set CreatorID to NULL so the database
// layer will fetch CreatorID information based on AssetID
if (!isset($params["CreatorID"]) || !UUID::TryParse($params["CreatorID"], $this->Item->CreatorID) || $this->Item->CreatorID == '00000000-0000-0000-0000-000000000000') {
$this->Item->CreatorID = null;
}
// If ContentType is not given the database layer will fetch ContentType information based
// on AssetID
if (isset($params["ContentType"])) {
$this->Item->ContentType = $params["ContentType"];
}
try {
$result = $this->inventory->InsertNode($this->Item);
if ($result != false) {
header("Content-Type: application/json", true);
echo sprintf('{ "Success": true, "ItemID": "%s" }', $result);
exit;
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Item creation failed" }';
exit;
}
} catch (Exception $ex) {
log_message('error', sprintf("Error occurred during query: %s", $ex));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
}
public function Execute($db, $params)
{
if (isset($params["UserID"], $params["Name"], $params["Email"]) && UUID::TryParse($params["UserID"], $this->UserID)) {
$sql = "REPLACE INTO Users (ID, Name, Email, AccessLevel) VALUES (:ID, :Name, :Email, :AccessLevel)";
// Set the AccessLevel for this user
if (isset($params["AccessLevel"]) && is_numeric($params["AccessLevel"])) {
$accessLevel = (int) $params["AccessLevel"];
if ($accessLevel > 255) {
$accessLevel = 255;
} else {
if ($accessLevel < 0) {
$accessLevel = 0;
}
}
} else {
$accessLevel = 0;
}
$sth = $db->prepare($sql);
if ($sth->execute(array('ID' => $this->UserID, 'Name' => $params["Name"], 'Email' => $params["Email"], 'AccessLevel' => $accessLevel))) {
if ($sth->rowCount() > 0) {
header("Content-Type: application/json", true);
echo '{ "Success": true }';
exit;
} else {
log_message('error', "Failed updating the database");
header("Content-Type: application/json", true);
echo '{ "Message": "Database update failed" }';
exit;
}
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
} else {
log_message('error', sprintf("Missing or invalid parameters: %s", print_r($params, true)));
header("Content-Type: application/json", true);
echo '{ "Message": "Missing or invalid parameters" }';
exit;
}
}
public function Execute($db, $params)
{
$ownerID = null;
$folderID = null;
if (!isset($params["OwnerID"], $params["FolderID"]) || !UUID::TryParse($params["OwnerID"], $ownerID) || !UUID::TryParse($params["FolderID"], $folderID)) {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
$this->inventory = new ALT($db);
if ($this->inventory->RemoveNode($folderID, TRUE)) {
header("Content-Type: application/json", true);
echo '{ "Success": true }';
exit;
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
}
public function Execute($db, $params)
{
$asset = null;
$assetID = null;
$response = array();
if (isset($params["EncodedData"]) && isset($params["ContentType"])) {
log_message('debug', "xAddAsset asset");
// Build the asset structure from the parameters
$asset = new Asset();
if (!isset($params["AssetID"]) || !UUID::TryParse($params["AssetID"], $asset->ID)) {
$asset->ID = UUID::Random();
}
if (!isset($params["CreatorID"]) || !UUID::TryParse($params["CreatorID"], $asset->CreatorID)) {
$asset->CreatorID = UUID::Zero;
}
$asset->Data = base64_decode($params["EncodedData"]);
$asset->SHA256 = hash("sha256", $asset->Data);
$asset->ContentLength = strlen($asset->Data);
$asset->ContentType = $params["ContentType"];
$asset->Temporary = !empty($params["Temporary"]);
$asset->Public = !empty($params["Public"]);
$assets = new SQLAssets($db);
$created = false;
if ($assets->AddAsset($asset, $created)) {
$response['Success'] = TRUE;
$response['AssetID'] = $asset->ID;
$response['Status'] = $created ? "created" : "updated";
} else {
log_message('warn', 'failed to create asset');
$response['Success'] = FALSE;
$response['Message'] = 'failed to create the asset';
}
} else {
$response['Success'] = FALSE;
$response['Message'] = 'missing required parameters';
}
log_message('debug', sprintf("[AddAsset] result %s", json_encode($response)));
header("Content-Type: application/json", true);
echo json_encode($response);
exit;
}
public function Execute($db, $params)
{
if (isset($params["UserID"], $params["Key"]) && UUID::TryParse($params["UserID"], $this->UserID)) {
$sql = "DELETE FROM UserData WHERE `ID`=:UserID AND `Key`=:Key";
$sth = $db->prepare($sql);
if ($sth->execute(array(':UserID' => $params['UserID'], ':Key' => $params['Key']))) {
header("Content-Type: application/json", true);
echo '{ "Success": true }';
exit;
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
}
public function Execute($db, $params)
{
$response = array();
$assetID = null;
if (!isset($params["AssetID"]) || !UUID::TryParse($params["AssetID"], $assetID)) {
$response['Success'] = FALSE;
$response['Message'] = 'missing required parameters';
} else {
$assets = new SQLAssets($db);
//$assets = new MongoAssets($db);
//$assets = new FSAssets($db);
if ($assets->RemoveAsset($assetID)) {
$response['Success'] = TRUE;
} else {
$response['Success'] = FALSE;
$response['Message'] = 'failed to remove the asset';
}
}
header("Content-Type: application/json", true);
echo json_encode($response);
exit;
}
public function Execute($db, $params)
{
$ownerID = null;
if (isset($params["OwnerID"], $params["Type"], $params["Key"], $params["Value"]) && UUID::TryParse($params["OwnerID"], $ownerID)) {
$sql = "INSERT INTO Generic (`OwnerID`, `Type`, `Key`, `Value`)\n VALUES (:OwnerID, :Type, :Key, :Value)\n ON DUPLICATE KEY UPDATE `Type`=VALUES(`Type`), `Key`=VALUES(`Key`), `Value`=VALUES(`Value`)";
$sth = $db->prepare($sql);
if ($sth->execute(array(':OwnerID' => $ownerID, ':Type' => $params["Type"], ':Key' => $params["Key"], ':Value' => $params["Value"]))) {
header("Content-Type: application/json", true);
echo '{ "Success": true }';
exit;
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
}
public function Execute($db, $params)
{
$ownerID = NULL;
$folderID = NULL;
if (!isset($params['OwnerID'], $params['FolderID'], $params['Items']) || !UUID::TryParse($params['OwnerID'], $ownerID) || !UUID::TryParse($params['FolderID'], $folderID)) {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
$itemIDs = explode(',', $params['Items']);
if (!isset($itemIDs) || count($itemIDs) < 1) {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
$uuidItemIDs = array();
foreach ($itemIDs as $itemID) {
$parsedItemID = NULL;
if (UUID::TryParse($itemID, $parsedItemID)) {
$uuidItemIDs[] = $parsedItemID;
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
}
$this->inventory = new ALT($db);
if ($this->inventory->MoveNodes($uuidItemIDs, $folderID)) {
header("Content-Type: application/json", true);
echo '{ "Success": true }';
exit;
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
}
public function Execute($db, $params)
{
$ownerID = null;
if (!isset($params['OwnerID'], $params['ContentType']) || !UUID::TryParse($params['OwnerID'], $ownerID)) {
header("Content-Type: application/json", true);
echo '{ "Message": "Invalid parameters" }';
exit;
}
$contentType = $params['ContentType'];
$sql = "SELECT * FROM Inventory WHERE OwnerID=:OwnerID AND Type='Folder' AND ContentType=:ContentType LIMIT 1";
$sth = $db->prepare($sql);
if ($sth->execute(array('OwnerID' => $ownerID, 'ContentType' => $contentType))) {
if ($sth->rowCount() > 0) {
$item = $sth->fetchObject();
$folder = new InventoryFolder(UUID::Parse($item->ID));
$folder->ParentID = UUID::Parse($item->ParentID);
$folder->OwnerID = UUID::Parse($item->OwnerID);
$folder->Name = $item->Name;
$folder->ContentType = $item->ContentType;
$folder->Version = $item->Version;
$folder->ExtraData = $item->ExtraData;
header("Content-Type: application/json", true);
echo sprintf('{ "Success": true, "Folder": %s }', $folder->toOSD());
exit;
} else {
header("Content-Type: application/json", true);
echo '{ "Message": "Folder not found" }';
exit;
}
} else {
log_message('error', sprintf("Error occurred during query: %d %s", $sth->errorCode(), print_r($sth->errorInfo(), true)));
log_message('debug', sprintf("Query: %s", $sql));
header("Content-Type: application/json", true);
echo '{ "Message": "Database query error" }';
exit;
}
}
function process_login($method_name, $params, $userID)
{
$config =& get_config();
$userService = $config['user_service'];
log_message('debug', "Processing new login request");
$req = $params[0];
$fullname = $req["first"] . ' ' . $req["last"];
// Sanity check the request, make sure it's somewhat valid
if (empty($userID)) {
if (!isset($req["first"], $req["last"], $req["passwd"]) || empty($req["first"]) || empty($req["last"]) || empty($req["passwd"])) {
return array('reason' => 'key', 'login' => 'false', 'message' => "Login request must contain a first name, last name, and password and they cannot be blank");
}
// Authorize the first/last/password and resolve it to a user account UUID
log_message('debug', "Doing password-based authorization for user {$fullname}");
$userID = authorize_identity($fullname, $req['passwd']);
if (empty($userID)) {
return array('reason' => 'key', 'login' => 'false', 'message' => "Sorry! We couldn't log you in.\nPlease check to make sure you entered the right\n * Account name\n * Password\nAlso, please make sure your Caps Lock key is off.");
}
log_message('debug', sprintf("Authorization success for %s", $userID));
} else {
log_message('debug', sprintf("Using pre-authenticated capability for %s", $userID));
}
// Get information about the user account
$user = get_user_by_id($userID);
if (empty($user)) {
return array('reason' => 'key', 'login' => 'false', 'message' => "Sorry! We couldn't log you in. User account information could not be retrieved. If this problem persists, please contact the grid operator.");
}
$login_success = true;
//ensure username has the same case as in the database
$fullname = $user['Name'];
if (!empty($user['UserFlags'])) {
// get_user_by_id() fully decodes the structure, this is not needed
//$userflags = json_decode($user['UserFlags'], TRUE);
$userflags = $user['UserFlags'];
if (!empty($userflags['Suspended']) && (bool) $userflags['Suspended'] === true) {
$login_success = false;
log_message('debug', "User " . $user['Name'] . " is banned.");
} else {
if ($user['AccessLevel'] < $config['access_level_minimum']) {
if ($config['validation_required']) {
if (!empty($userflags['Validated'])) {
$login_success = $userflags['Validated'];
} else {
$login_success = false;
}
if (!$login_success) {
log_message('debug', "User " . $user['Name'] . " has not validated their email.");
}
}
}
}
} else {
if ($user['AccessLevel'] < $config['access_level_minimum'] && $config['validation_required']) {
$login_success = false;
log_message('debug', "User " . $user['Name'] . " has not validated their email.");
}
}
if (!$login_success) {
return array('reason' => 'key', 'login' => 'false', 'message' => "Sorry! We couldn't log you in. User account has been suspended or is not yet activated. If this problem persists, please contact the grid operator.");
}
$lastLocation = null;
if (isset($user['LastLocation'])) {
$lastLocation = SceneLocation::fromOSD($user['LastLocation']);
}
$homeLocation = null;
if (isset($user['HomeLocation'])) {
$homeLocation = SceneLocation::fromOSD($user['HomeLocation']);
}
log_message('debug', sprintf("User retrieval success for %s", $fullname));
// Check for an existing session
$existingSession = get_session($userID);
if (!empty($existingSession)) {
log_message('debug', sprintf("Existing session %s found for %s in scene %s", $existingSession["SessionID"], $fullname, $existingSession["SceneID"]));
$sceneID = null;
if (UUID::TryParse($existingSession["SceneID"], $sceneID)) {
inform_scene_of_logout($sceneID, $userID);
}
if (remove_session($userID)) {
log_message('debug', "Removed existing session for {$fullname} ({$userID})");
} else {
log_message('warn', "Failed to remove session for {$fullname} ({$userID})");
return array('reason' => 'presence', 'login' => 'false', 'message' => "You are already logged in from another location. Please try again later.");
}
} else {
log_message('debug', "No existing session found for {$fullname} ({$userID})");
}
// Create a login session
$sessionID = null;
$secureSessionID = null;
$extradata = array('ClientIP' => $_SERVER['REMOTE_ADDR']);
if (!add_session($userID, $sessionID, $secureSessionID, $extradata)) {
return array('reason' => 'presence', 'login' => 'false', 'message' => "Failed to create a login session. Please try again later.");
}
log_message('debug', sprintf("Session creation success for %s (%s)", $fullname, $userID));
// Find the starting scene for this user
$scene = null;
$startPosition = null;
$startLookAt = null;
if (!find_start_location($req['start'], $lastLocation, $homeLocation, $scene, $startPosition, $startLookAt) || !isset($scene->ExtraData['ExternalAddress'], $scene->ExtraData['ExternalPort'])) {
return array('reason' => 'presence', 'login' => 'false', 'message' => "Error connecting to the grid. No suitable region to connect to.");
}
$lludpAddress = $scene->ExtraData['ExternalAddress'];
$lludpPort = $scene->ExtraData['ExternalPort'];
// Generate a circuit code
srand(make_seed());
$circuitCode = rand();
// Prepare a login to the destination scene
$seedCapability = NULL;
$appearance = $user['LLPackedAppearance'];
if (!create_opensim_presence($scene, $userID, $circuitCode, $fullname, $appearance, $sessionID, $secureSessionID, $startPosition, $seedCapability)) {
return array('reason' => 'presence', 'login' => 'false', 'message' => "Failed to establish a presence in the destination region. Please try again later.");
}
log_message('debug', sprintf("Presence creation success for %s (%s) in %s with seedcap %s", $fullname, $userID, $scene->Name, $seedCapability));
// Build the response
$response = array();
$response['seconds_since_epoch'] = time();
$response['login'] = '******';
$response['agent_id'] = (string) $userID;
list($response['first_name'], $response['last_name']) = explode(' ', $fullname);
$response['message'] = $config['message_of_the_day'];
$response['udp_blacklist'] = $config['udp_blacklist'];
$response['circuit_code'] = $circuitCode;
$response['sim_ip'] = $lludpAddress;
$response['sim_port'] = (int) $lludpPort;
$response['seed_capability'] = $seedCapability;
$response['region_x'] = (string) $scene->MinPosition->X;
$response['region_y'] = (string) $scene->MinPosition->Y;
$response['region_size_x'] = (string) ($scene->MaxPosition->X - $scene->MinPosition->X);
$response['region_size_y'] = (string) ($scene->MaxPosition->Y - $scene->MinPosition->Y);
$response['look_at'] = sprintf("[r%s, r%s, r%s]", $startLookAt->X, $startLookAt->Y, $startLookAt->Z);
// TODO: If a valid $homeLocation is set, we should be pulling region_handle / position / lookat out of it
$response['home'] = sprintf("{'region_handle':[r%s, r%s], 'position':[r%s, r%s, r%s], 'look_at':[r%s, r%s, r%s]}", $scene->MinPosition->X, $scene->MinPosition->Y, $startPosition->X, $startPosition->Y, $startPosition->Z, $startLookAt->X, $startLookAt->Y, $startLookAt->Z);
$response['session_id'] = (string) $sessionID;
$response['secure_session_id'] = (string) $secureSessionID;
$req['options'][] = 'initial-outfit';
for ($i = 0; $i < count($req['options']); $i++) {
$option = str_replace('-', '_', $req['options'][$i]);
if (file_exists(BASEPATH . "options/Class.{$option}.php")) {
if (include_once BASEPATH . "options/Class.{$option}.php") {
$instance = new $option($user);
$response[$req["options"][$i]] = $instance->GetResults();
} else {
log_message('warn', "Unable to process login option: " . $option);
}
} else {
log_message('debug', "Option " . $option . " not implemented.");
}
}
$response["start_location"] = $req["start"];
$response["agent_access"] = 'A';
$response["agent_region_access"] = 'A';
$response["agent_access_max"] = 'A';
$response["agent_flags"] = 0;
$response["ao_transition"] = 0;
$response["inventory_host"] = "127.0.0.1";
log_message('info', sprintf("Login User=%s %s Channel=%s Start=%s Viewer=%s id0=%s Mac=%s", $req["first"], $req["last"], $req["channel"], $req["start"], $req["version"], $req["id0"], $req["mac"]));
return $response;
}
$request = $json;
} else {
log_message('warn', "Error decoding JSON request");
log_message('debug', "Invalid JSON request data: " . $data);
RequestFailed('Error decoding JSON request');
}
}
}
$capability = trim($request['cap']);
$operation = trim($request['RequestMethod']);
}
}
log_message('debug', sprintf("cap=%s, op=%s, request=%s", $capability, $operation, json_encode($request)));
// --------------- validate the capability ---------------
if (!empty($config['authorize_commands'])) {
if (!UUID::TryParse($capability, $capid)) {
log_message('warn', sprintf("invalid uuid %s", $capability));
RequestFailed('Invalid capability');
}
$cap = get_capability($capability);
if ($cap == null) {
log_message('warn', sprintf("invalid capability %s", $capability));
RequestFailed('Invalid capability');
}
// log_message('debug',sprintf("Capability=%s",json_encode($cap)));
}
// execute_command($operation, $capability, $request);
if (file_exists(BASEPATH . "lib/Class.{$operation}.php")) {
if (include_once BASEPATH . "lib/Class.{$operation}.php") {
$gMethodName = $operation;
$instance = new $operation();
function add_wearable(&$wearables, $appearance, $wearableName)
{
$uuid = null;
// ItemID
if (isset($appearance[$wearableName . 'Item']) && UUID::TryParse($appearance[$wearableName . 'Item'], $uuid)) {
$wearables[] = $uuid;
} else {
$wearables[] = UUID::Zero;
}
// AssetID
if (isset($appearance[$wearableName . 'Asset']) && UUID::TryParse($appearance[$wearableName . 'Asset'], $uuid)) {
$wearables[] = $uuid;
} else {
$wearables[] = UUID::Zero;
}
}
