private function renderResult()
{
$mat_no = $_POST['mat_no'];
if (!ctype_alnum($mat_no)) {
$this->renderError('Matriculation number contains non-alphanumerical characters');
return;
}
$project_id = $_POST['project_id'];
if (!ctype_digit($project_id)) {
$this->renderError('Project-id invalid');
return;
}
$pwd = $_POST['password'];
if (!$pwd) {
$this->renderError('Password empty');
return;
}
$result_str = 'No results for this combination of matriculation number and password found.';
if (preg_match(PasswordGenerator::$passwordCharacterRegExp, $pwd)) {
//If not, we dont query the database, but we won't tell the intruder either
$db = Database::getInstance();
$data = $db->getResultDataByMatNo($project_id, $mat_no);
$crypt = new CryptProxy($data['crypt_module'], $project_id, $data['member_id']);
$decrypted_result = $crypt->decryptResult($data['result'], $data['crypt_data'], $pwd);
if ($decrypted_result) {
$result_str = sprintf('<div class="result">%s</div>', $decrypted_result);
}
}
$this->renderNote($result_str, sprintf('Results for matriculation number %s:', $mat_no));
}
private function renderResult()
{
$mat_no = $_POST['mat_no'];
if (!ctype_alnum($mat_no)) {
$this->renderError(Messages::getString('StartPage.MatNoInvalid'));
return;
}
$project_id = $_POST['project_id'];
if (!ctype_digit($project_id)) {
$this->renderError(Messages::getString('StartPage.ProjectIdInvalid'));
return;
}
$pwd = $_POST['password'];
if (!$pwd) {
$this->renderError(Messages::getString('StartPage.PasswordEmpty'));
return;
}
$result_str = Messages::getString('StartPage.NoResultsFound');
if (preg_match(PasswordGenerator::$passwordCharacterRegExp, $pwd)) {
//If not, we dont query the database, but we won't tell the intruder either
$db = Database::getInstance();
if (!$db->accessOpen($project_id)) {
$this->renderError(Messages::getString('StartPage.NoAccessOpen'));
return;
}
$data = $db->getResultDataByMatNo($project_id, $mat_no);
$crypt = new CryptProxy($data['crypt_module'], $project_id, $data['member_id']);
$decrypted_result = $crypt->decryptResult($data['result'], $data['crypt_data'], $pwd);
if ($decrypted_result) {
$result_str = sprintf('<div class="result">%s</div>', $decrypted_result);
}
}
$this->renderBackNote($result_str, sprintf(Messages::getString('StartPage.Results'), $mat_no));
}
private function renderContent()
{
$result = null;
if (!isset($_GET['crypt'])) {
return null;
}
$crypt_module = $_GET['crypt'];
if (!isset(Config::$crypt_info[$crypt_module])) {
echo sprintf(Messages::getString('GenKeyPage.EncryptionModuleNotFound'), $crypt_module);
return null;
}
$current = intval($_GET['current']);
$max = intval($_GET['max']);
if ($current > $max) {
echo sprintf(Messages::getString('GenKeyPage.IndexError'), $current, $max);
return null;
}
try {
//Now generate the key
echo sprintf(" " . Messages::getString('GenKeyPage.Generating'), $current, $max);
flush();
$db = Database::getInstance();
$project_id = $this->project->getId();
$member_id = $db->getNextMemberId($project_id);
$crypt = new CryptProxy($crypt_module, $project_id, $member_id);
$pw_gen = new ConfiguredPasswordGenerator();
$password = $pw_gen->generatePassword();
$crypt_data = $crypt->generateCryptData($password);
if (!$db->createRkey($project_id, $member_id, $crypt_module, $crypt_data)) {
echo Messages::getString('GenKeyPage.ErrorInsertingRKey');
return null;
}
$rkey = new RKey($project_id, $member_id);
$result = array($rkey, $password);
echo ' ' . Messages::getString('GenKeyPage.Finished');
flush();
} catch (Exception $e) {
echo $e;
return null;
}
return $result;
}
private function renderContent()
{
$result = null;
if (!isset($_GET['crypt'])) {
return null;
}
$crypt_module = $_GET['crypt'];
if (!isset(MainConfig::$crypt_info[$crypt_module])) {
echo "Encryption module {$crypt_module} not found.";
return null;
}
$current = intval($_GET['current']);
$max = intval($_GET['max']);
if ($current > $max) {
echo sprintf("Index error: %d/%d", $current, $max);
return null;
}
try {
//Now generate the key
echo sprintf('Generating R-Key %d of %d...', $current, $max);
flush();
$db = Database::getInstance();
$project_id = $this->project->getId();
$member_id = $db->getNextMemberId($project_id);
$crypt = new CryptProxy($crypt_module);
$pw_gen = new ConfiguredPasswordGenerator();
$password = $pw_gen->generatePassword();
$crypt_data = $crypt->generateCryptData($password);
if (!$db->createRkey($project_id, $member_id, $crypt_module, $crypt_data)) {
echo "Error inserting RKey!";
return null;
}
$rkey = new RKey($project_id, $member_id);
$result = array($rkey, $password);
echo " finished.";
flush();
} catch (Exception $e) {
echo $e;
return null;
}
return $result;
}
private function processInput()
{
$this->storeResult = 0;
// Strip header, if required
if ($_POST['csv_has_header']) {
$_POST['key'][0] = '';
$_POST['mat_no'][0] = '';
$_POST['data'][0] = '';
}
//Inputs
$keys = $_POST['key'];
$mat_nos = $_POST['mat_no'];
$data = $_POST['data'];
$element_count = max(count($keys), count($mat_nos), count($data));
$nonempty_elements = $element_count;
//Check validity of inputs
$commitData = true;
$this->db->startTransaction();
for ($i = 0; $i < $element_count; $i++) {
if (!$keys[$i] && !$mat_nos[$i] && !$data[$i]) {
unset($_POST['ignore'][$i]);
$nonempty_elements--;
continue;
}
$this->remark[$i] = '';
// check the R-Key
if (!$keys[$i]) {
$this->remark[$i] = Messages::getString('EnterDataPage.NoRKey');
$commitData = false;
//Fatal Error
unset($_POST['ignore'][$i]);
continue;
}
try {
$rkey = new RKey(sprintf('%03d-%s', $this->project->getId(), $keys[$i]));
} catch (Exception $e) {
$this->remark[$i] = Messages::getString('EnterDataPage.RKeyInvalid');
$commitData = false;
//Fatal Error
unset($_POST['ignore'][$i]);
continue;
}
// check the Mat-No
if (!$mat_nos[$i]) {
$this->remark[$i] = Messages::getString('EnterDataPage.NoMatNo');
$commitData = false;
//Fatal Error
unset($_POST['ignore'][$i]);
continue;
}
$mat_no = $mat_nos[$i];
if (!ctype_alnum($mat_no)) {
$this->remark[$i] = Messages::getString('StartPage.MatNoInvalid');
$commitData = false;
//Fatal Error
unset($_POST['ignore'][$i]);
continue;
}
// Verify for current data
$current_data = $this->db->getResultDataByRKey($rkey);
if (!$current_data) {
$current_data = $this->db->getResultDataByMatNo($rkey->getProjectId(), $mat_no);
}
if (!$current_data) {
$this->remark[$i] = Messages::getString('EnterDataPage.RKeyNotFound');
$commitData = false;
//Fatal Error
unset($_POST['ignore'][$i]);
continue;
}
// mat used with other rkey?
if ($current_data['member_id']) {
$alt_data = $this->db->getResultDataByMatNo($rkey->getProjectId(), $mat_no, $current_data['member_id']);
if ($alt_data) {
$this->remark[$i] .= sprintf(Messages::getString('EnterDataPage.MatNoAlreadyUsed'), $mat_no);
$commitData = false;
//Fatal Error
unset($_POST['ignore'][$i]);
continue;
}
}
// Now go for warnings:
// rkey already used? (this test will get obsolete)
if ($current_data['mat_no'] && $current_data['mat_no'] != $mat_no) {
$this->remark[$i] .= sprintf(Messages::getString('EnterDataPage.RKeyAlreadyUsedMatNo'), $current_data['mat_no']);
if (!$this->postValue('ignore', $i, null)) {
$commitData = false;
//Fatal Error
$_POST['ignore'][$i] = false;
// might be ignored the next time
}
}
// check the Data
if (!$data[$i]) {
$this->remark[$i] .= Messages::getString('EnterDataPage.NoResultProvided');
if (!$this->postValue('ignore', $i, null)) {
$commitData = false;
//Fatal Error
$_POST['ignore'][$i] = false;
// might be ignored the next time
}
}
$date = $data[$i];
if ($current_data['result']) {
$this->remark[$i] .= Messages::getString('EnterDataPage.AlreadyResultStored');
if (!$this->postValue('ignore', $i, null)) {
$commitData = false;
//Fatal Error
$_POST['ignore'][$i] = false;
// might be ignored the next time
}
}
if (!$this->remark[$i] || $this->postValue('ignore', $i, null)) {
// encrypt data:
$crypt = new CryptProxy($current_data['crypt_module'], $this->project->getId(), $current_data['member_id']);
$crypted_date = $crypt->encryptResult($date, $current_data['crypt_data']);
// Save data to database
try {
$this->db->updateResultData($current_data['project_id'], $current_data['member_id'], $mat_no, $crypted_date);
} catch (Exception $exception) {
$this->remark[$i] = $exception;
$commitData = false;
//Fatal Error
unset($_POST['ignore'][$i]);
continue;
}
$this->storeResult++;
}
}
//Finish transaction
if ($nonempty_elements == 0) {
$this->db->rollback();
$this->storeResult = -1;
} elseif ($commitData) {
$this->db->commit();
} else {
$this->db->rollback();
$this->storeResult = 0;
}
}
private function processInput()
{
$this->storeResult = 0;
//Inputs
$keys = $_POST['key'];
$mat_nos = $_POST['mat_no'];
$data = $_POST['data'];
$element_count = max(count($keys), count($mat_nos), count($data));
//Check validity of inputs
$commitData = true;
$this->db->startTransaction();
for ($i = 0; $i < $element_count; $i++) {
if (!$keys[$i] && !$mat_nos[$i] && !$data[$i]) {
unset($_POST['ignore'][$i]);
continue;
}
$this->remark[$i] = '';
// check the R-Key
if (!$keys[$i]) {
$this->remark[$i] = 'No RKey provided.';
$commitData = false;
//Fatal Error
unset($_POST['ignore'][$i]);
continue;
}
try {
$rkey = new RKey(sprintf('%03d-%s', $this->project->getId(), $keys[$i]));
} catch (Exception $e) {
$this->remark[$i] = 'RKey invalid.';
$commitData = false;
//Fatal Error
unset($_POST['ignore'][$i]);
continue;
}
$current_data = $this->db->getResultDataByRKey($rkey);
if (!$current_data) {
$this->remark[$i] = 'RKey not found.';
$commitData = false;
//Fatal Error
unset($_POST['ignore'][$i]);
continue;
}
// check the Mat-No
if (!$mat_nos[$i]) {
$this->remark[$i] = 'No matriculation number provided.';
$commitData = false;
//Fatal Error
unset($_POST['ignore'][$i]);
continue;
}
$mat_no = $mat_nos[$i];
if (!ctype_alnum($mat_no)) {
$this->remark[$i] = 'Matriculation number contains non-alphanumerical characters.';
$commitData = false;
//Fatal Error
unset($_POST['ignore'][$i]);
continue;
}
// mat used with other rkey?
$alt_data = $this->db->getResultDataByMatNo($rkey->getProjectId(), $mat_no, $rkey->getMemberId());
if ($alt_data) {
$alt_rkey = new RKey($alt_data['project_id'], $alt_data['member_id']);
$this->remark[$i] .= sprintf('Matriculation number already used for RKey %s. ', $alt_rkey);
$commitData = false;
//Fatal Error
unset($_POST['ignore'][$i]);
continue;
}
// Now go for warnings:
// mat_no used?
if ($current_data['mat_no'] && $current_data['mat_no'] != $mat_no) {
$this->remark[$i] .= sprintf('R-Key already used for matriculation number %s. ', $current_data['mat_no']);
if (!$this->postValue('ignore', $i, null)) {
$commitData = false;
//Fatal Error
$_POST['ignore'][$i] = false;
// might be ignored the next time
}
}
// check the Data
if (!$data[$i]) {
$this->remark[$i] .= 'No result provided. ';
if (!$this->postValue('ignore', $i, null)) {
$commitData = false;
//Fatal Error
$_POST['ignore'][$i] = false;
// might be ignored the next time
}
}
$date = $data[$i];
if ($current_data['result']) {
$this->remark[$i] .= 'Already a result stored for this R-Key. ';
if (!$this->postValue('ignore', $i, null)) {
$commitData = false;
//Fatal Error
$_POST['ignore'][$i] = false;
// might be ignored the next time
}
}
if (!$this->remark[$i] || $this->postValue('ignore', $i, null)) {
// encrypt data:
$crypt = new CryptProxy($current_data['crypt_module']);
$crypted_date = $crypt->encryptResult($date, $current_data['crypt_data']);
// Save data to database
$this->db->updateResultData($rkey, $mat_no, $crypted_date);
$this->storeResult++;
}
}
//Finish transaction
if ($commitData) {
$this->db->commit();
} else {
$this->db->rollback();
$this->storeResult = 0;
}
}