示例#1
0
 public function _check($subject, $controller, $action)
 {
     $decision = false;
     $object = Zend_Registry::get('userid');
     $user = Evil_Structure::getObject('user', $object);
     Zend_Registry::set('userData', $user->data());
     $role = $user->getValue('role');
     $logger = Zend_Registry::get('logger');
     // Роль для гостя - незарег. пользователя
     $role = $object == -1 ? 'guest' : $role;
     // По 3-м возможным вариантам: все, роль пользователя, ID пользователя
     $check = array('all', $role, $object);
     foreach ($check as $__user_role) {
         if (!isset(self::$_rules[$__user_role][$controller])) {
             continue;
         } else {
             $current = self::$_rules[$__user_role][$controller];
         }
         if (is_array($current)) {
             if (empty($current)) {
                 // пустой массив - все методы - разрешаем
                 $decision = true;
                 break;
             } elseif (in_array($action, $current)) {
                 // есть в списке - разрешаем
                 $decision = true;
                 break;
             }
         }
     }
     return $decision;
 }
示例#2
0
 public function doAuth($controller)
 {
     if (!isset($_GET['userid']) && !isset($_GET['password'])) {
         throw new Exception("Mailformed request", 403);
         exit;
     } else {
         $user = Evil_Structure::getObject('user');
         $user->where('nickname', '=', $_GET['userid']);
         if ($user->load()) {
             if ($user->getValue('password') == md5($_GET['password'])) {
                 $apiSession = Evil_Structure::getObject('api-sessions');
                 $apiSession->where('userid', '=', $user->getId());
                 if ($apiSession->load()) {
                     //Existing record
                     Zend_Debug::dump($apiSession);
                 } else {
                     //new record, insert data
                 }
                 return $user->getId();
             } else {
                 throw new Exception('Password Incorrect');
             }
         } else {
             throw new Exception('Unknown user');
         }
     }
 }
示例#3
0
 public function where($key, $selector, $value = null, $offset = 0, $count = 500, $orderBy = 'id DESC')
 {
     switch ($selector) {
         case '=':
         case '<':
         case '>':
         case '<=':
         case '>=':
         case '!=':
             if (in_array($key, $this->_fixedschema)) {
                 $this->_lastQuery = $this->_fixed->select()->from($this->_fixed)->where($key . ' ' . $selector . ' ?', $value);
                 $rows = $this->_fixed->fetchAll($this->_lastQuery);
                 $ids = $rows->toArray();
             }
             break;
         case ':':
             foreach ($value as &$cvalue) {
                 $cvalue = '"' . $cvalue . '"';
             }
             if (in_array($key, $this->_fixedschema)) {
                 $this->_lastQuery = $this->_fixed->select()->from($this->_fixed)->where($key . ' IN (' . implode(',', $value) . ')');
                 $rows = $this->_fixed->fetchAll($this->_lastQuery);
             }
             break;
         case '*':
         case '@':
             switch ($key) {
                 case 'all':
                     $this->_lastQuery = $this->_fixed->select()->limitPage($offset, $count)->order($orderBy);
                     $rows = $this->_fixed->fetchAll($this->_lastQuery);
                     break;
             }
             break;
         case 'multi':
             $this->_lastQuery = $this->_fixed->select()->from($this->_fixed);
             foreach ($value as $fieldName => $fieldParams) {
                 foreach ($fieldParams as $selector => $val) {
                     $this->_lastQuery->where($fieldName . ' ' . $selector . ' ?', $val);
                 }
             }
             $rows = $this->_fixed->fetchAll($this->_lastQuery);
             break;
         default:
             throw new Evil_Exception('Unknown selector ' . $selector);
             break;
     }
     $ids = $rows->toArray();
     foreach ($ids as $data) {
         $id = $data['id'];
         $this->_items[$id] = Evil_Structure::getObject($this->_type, $id, $data);
     }
     return $this;
 }
示例#4
0
 public static function get($type, $source)
 {
     $sensors = Evil_Structure::getComposite('sensor');
     $sensors->where('src', '=', $source);
     $srcFiltered = $sensors->data('id');
     $sensors->where('type', '=', $type);
     $typeFiltered = $sensors->data('id');
     $sensors->load(array_intersect($srcFiltered, $typeFiltered));
     $Output = array();
     foreach ($sensors->_items as $item) {
         $Output[] = array((int) $item->getValue('time') * 1000, (double) $item->getValue('value'));
     }
     return $Output;
 }
示例#5
0
 public function track($source, $args = null)
 {
     $sales = Evil_Structure::getComposite('transfer');
     $sales->where('src', '=', $source);
     $filteredByType = $sales->data('type');
     $filteredByType = array_keys($filteredByType, 'billSale');
     $filteredByPayed = $sales->data('isPayed');
     $filteredByPayed = array_keys($filteredByPayed, Score_Money_Core::PAYED);
     $sales->load(array_intersect($filteredByPayed, $filteredByType));
     $sum = 0;
     $sales = $sales->data();
     foreach ($sales as $sale) {
         $sum += $sale['sum'];
     }
     return $sum;
 }
示例#6
0
 /**
  * @description show all comments for current object
  * @param array $params
  * @param object $table
  * @param object $config
  * @param object $controller
  * @return object|array
  * @author Se#
  * @version 0.0.1
  */
 public function _actionDefault($justFetch = false)
 {
     $params = self::$_info['params'];
     $table = self::$_info['table'];
     $controller = self::$_info['controller'];
     $object = Evil_Structure::getObject('comment');
     if (!$justFetch) {
         $controller->view->headLink()->appendStylesheet($controller->view->baseUrl() . '/css/comments.css');
     }
     if (!isset($params['id'])) {
         $controller->_redirect('/');
     }
     $db = Zend_Registry::get('db');
     $controller->view->comments = $db->fetchAll($db->select()->from(Evil_DB::scope2table('comment'))->where('objectId=?', $params['id'])->where('objectTable=?', Evil_DB::scope2table($params['controller'])));
     $objectData = $table->fetchRow($table->select()->from($table)->where('id=?', $params['id']));
     $this->_commentsForm($justFetch, $objectData);
     return $objectData;
 }
示例#7
0
 public function doAuth($controller)
 {
     if (!isset($_SERVER['PHP_AUTH_USER'])) {
         header('WWW-Authenticate: Basic realm="Login"');
         header('HTTP/1.0 401 Unauthorized');
         exit;
     } else {
         $user = Evil_Structure::getObject('user');
         $user->where('nickname', '=', $_SERVER['PHP_AUTH_USER']);
         if ($user->load()) {
             if ($user->getValue('password') == md5($_SERVER['PHP_AUTH_PW'])) {
                 return $user->getId();
             } else {
                 throw new Exception('Password Incorrect');
             }
         } else {
             throw new Exception('Unknown user');
         }
     }
 }
示例#8
0
 /**
  * @description do auth (:
  * @throws Evil_Exception|Exception
  * @param $controller
  * @param array $login
  * @param array $password
  * @param string $tableName
  * @return int
  * @author BreathLess, Se#
  * @version 0.0.2
  * @changeLog
  * 0.0.2 login and password variabled, tableName is dynamic
  */
 public function doAuth($controller, $login = array(), $password = array(), $formConfig = array(), $tableName = 'user')
 {
     // Support custom views for auth form
     $config = Zend_Registry::get('config');
     $config = is_object($config) ? $config->toArray() : $config;
     if (isset($config['evil']['auth']['native']['view']) && !empty($config['evil']['auth']['native']['view'])) {
         return $this->_doCustomAuth($controller, $config['evil']['auth']['native']['view']);
     } else {
         if (empty($formConfig)) {
             $form = new Evil_Auth_Form_Native();
         } else {
             $form = new Zend_Form($formConfig);
         }
         $controller->view->form = $form;
         if ($controller->getRequest()->isPost()) {
             if ($form->isValid($_POST)) {
                 $data = $form->getValues();
                 $login = empty($login) ? array('field' => 'nickname', 'value' => 'username') : $login;
                 $password = empty($password) ? array('field' => 'password', 'value' => 'password') : $password;
                 if (!isset($data[$login['value']]) || !isset($data[$password['value']])) {
                     throw new Exception(' Missed "' . $login['value'] . '" or "' . $password['value'] . '" field');
                 }
                 $user = Evil_Structure::getObject($tableName);
                 $user->where($login['field'], '=', $data[$login['value']]);
                 if ($user->load()) {
                     if ($user->getValue($password['field']) == md5($data[$password['value']])) {
                         return $user->getId();
                     } else {
                         throw new Evil_Exception('Password Incorrect', 4042);
                     }
                 } else {
                     throw new Evil_Exception('Unknown user', 4044);
                 }
             }
         }
     }
     return -1;
 }
示例#9
0
 public function doAuth($controller)
 {
     if (!isset($_SERVER['PHP_AUTH_USER'])) {
         $realm = 'SCORE';
         header('HTTP/1.1 401 Unauthorized');
         header('WWW-Authenticate: Digest realm="' . $realm . '",qop="auth",nonce="' . uniqid() . '",opaque="' . md5($realm) . '"');
         exit;
     } else {
         if ($data = $this->_http_digest_parse($_SERVER['PHP_AUTH_DIGEST'])) {
             $user = Evil_Structure::getObject('user');
             $user->where('nickname', '=', $data['username']);
             if ($user->load()) {
                 $A1 = md5($data['username'] . ':' . $realm . ':' . $user->getValue('password'));
                 $A2 = md5($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']);
                 $valid_response = md5($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2);
                 if ($data['response'] == $valid_response) {
                     return $user->getId();
                 }
             } else {
                 throw new Exception('Unknown user');
             }
         }
     }
 }
示例#10
0
 /**
  * @todo make more normal name
  * Unauth user
  * @param Zend_Controller_Action $controller
  */
 public function doUnAuth($controller)
 {
     $uid = Zend_Registry::get('userid');
     //            var_dump($uid);
     if (!isset($uid)) {
         return -1;
     }
     $evilUser = Evil_Structure::getObject('user');
     $evilUser->where('id', '=', $uid);
     if (!$evilUser->load()) {
         return -1;
     }
     $key = $evilUser->getValue('password');
     $login = $evilUser->getValue('nickname');
     //            var_dump($key, $login);
     if (!empty($key) && !empty($login)) {
         $call = array('service' => 'Auth', 'method' => 'keyBreak', 'data' => array('key' => $key));
         $result = $this->_makeSOACall($call);
         // FIXME if result is not Success must we remove row from users?
         //                if (isset($result['result'][0])
         //                    && $result['result'][0] == 'Success')
         //                {}
         // Note method erase do not return status of erase operation
         $evilUser->erase();
         return $evilUser->getId();
     }
     return -1;
 }
示例#11
0
 public function load($ids = null)
 {
     $data = array();
     if ($ids !== null) {
         $this->_ids = $ids;
     }
     $this->_items = array();
     $this->_data = array();
     $ids = (array) $this->_ids;
     foreach ($ids as &$id) {
         // Se#: WTF?
         $id = '"' . $id . '"';
     }
     // old-school
     //  die('`id` IN (' . implode (',', $ids) . ')');
     $fixedRows = $this->_fixed->fetchAll($this->_fixed->select()->from($this->_fixed)->where('`id` IN (' . implode(',', $ids) . ')'));
     $fluidRows = $this->_fluid->fetchAll($this->_fluid->select()->from($this->_fluid)->where('`i` IN (' . implode(',', $ids) . ')'));
     $fluidRows = $fluidRows->toArray();
     $fixedRows = $fixedRows->toArray();
     foreach ($fluidRows as $row) {
         $data[$row['i']][$row['k']] = $row['v'];
     }
     foreach ($fixedRows as $row) {
         $data[$row['id']] = array_merge($data[$row['id']], $row);
     }
     foreach ($data as $id => $data) {
         $this->_items[$id] = Evil_Structure::getObject($this->_type, $id, $data);
     }
 }
示例#12
0
 /**
  * 
  * @param string $key
  * @throws Evil_Exception
  * return userID on success
  */
 public function verifyAPIKey($key)
 {
     $ticket = Evil_Structure::getObject('ticket', $key);
     if ($ticket->load()) {
         $userId = $ticket->getValue('user');
         Zend_Registry::set('userid', $userId);
         $this->attach($userId);
         $this->register();
         return $userId;
     } else {
         return false;
     }
 }