protected function _postCreateAction($path) { $xmlstr = $this->getRawPost(); $xml_in = simplexml_load_string($xmlstr); @($in_guid = (string) $xml_in->guid); @($in_name = (string) $xml_in->name); @($in_mia_secs = (string) $xml_in->mia_secs); if (empty($in_guid) || empty($in_name)) { $this->_error("All required fields were not provided."); } if (null != ($device = DAO_Monitor::getByGUID($in_guid))) { $this->_error("GUID already exists."); } $fields = array(); $fields[DAO_Monitor::LAST_UPDATED] = time(); if (!empty($in_guid)) { $fields[DAO_Monitor::GUID] = $in_guid; } if (!empty($in_name)) { $fields[DAO_Monitor::NAME] = $in_name; } if (!empty($in_mia_secs)) { $fields[DAO_Monitor::MIA_SECS] = intval($in_mia_secs); } $id = DAO_Monitor::create($fields); // Render the new entity $this->_getAction(array($id)); }
function handleRequest(DevblocksHttpRequest $request) { $stack = $request->path; $db = DevblocksPlatform::getDatabaseService(); // **** BEGIN AUTH @($verb = $_SERVER['REQUEST_METHOD']); @($header_date = $_SERVER['HTTP_DATE']); @($header_signature = $_SERVER['HTTP_PORTSENSOR_AUTH']); @($this->_payload = $this->_getRawPost()); @(list($auth_access_key, $auth_signature) = explode(":", $header_signature, 2)); if (null == ($monitor = DAO_Monitor::getByGUID($auth_access_key))) { $this->_error(sprintf("Access denied! (Unknown monitor: %s)", $auth_access_key)); } DAO_Monitor::update($monitor->id, array(DAO_Monitor::LAST_UPDATED => time())); @($auth_secret_key = $monitor->secret_key); $string_to_sign = "{$verb}\n{$header_date}\n{$this->_payload}\n{$auth_secret_key}\n"; $compare_hash = base64_encode(sha1($string_to_sign, true)); if (0 != strcmp($auth_signature, $compare_hash)) { $this->_error("Access denied! (Invalid signature)"); } // Check that this IP is allowed to perform the VERB // if(!$stored_keychain->isValidIp($_SERVER['REMOTE_ADDR'])) { // $this->_error(sprintf("Access denied! (IP %s not authorized)",$_SERVER['REMOTE_ADDR'])); // } // **** END AUTH // Figure out our format by looking at the last path argument @(list($command, $format) = explode('.', array_pop($stack))); array_push($stack, $command); $this->_format = $format; $method = strtolower($verb) . 'Action'; if (method_exists($this, $method)) { call_user_func(array(&$this, $method), $stack, $monitor); } //************ }