function _wifi_getToken()
{
global $pdo;
if (isset($_SESSION['user']) && $_SESSION['user']) {
$alreadyToken = $pdo->prepare('SELECT * FROM wifi_tokens LEFT JOIN wifi_tokenGroup ON wt_group = wtg_id WHERE wt_assign = ? AND wt_date + INTERVAL wtg_duration MINUTE > NOW()');
$alreadyToken->bindValue(1, $_SESSION['user']['user_id']);
$alreadyToken->execute();
if ($token = $alreadyToken->fetch()) {
return $token['wt_token'];
} else {
$countStmt = $pdo->query('SELECT COUNT(*) FROM wifi_tokens WHERE wt_assign IS NULL');
$countRslt = $countStmt->fetch();
$tokenStmt = $pdo->prepare('SELECT * FROM wifi_tokens WHERE wt_assign IS NULL LIMIT 10, 1');
//$tokenStmt->bindValue(1, rand(0, $countRslt[0] - 1));
$tokenStmt->execute();
$token = $tokenStmt->fetch();
if ($token != null) {
$mdl = new Modele('wifi_tokens');
$mdl->fetch($token['wt_id']);
$mdl->modFrom(array('wt_assign' => $_SESSION['user']['user_id'], 'wt_date' => date('Y-m-d H:i:s')), false);
return $mdl->wt_token;
} else {
echo 'aucun tocken';
return false;
//Plus aucun token.
}
}
} else {
echo 'not logged';
return false;
}
}
function admin_modeles_modinst()
{
global $tpl;
$modele = new Modele($_GET['modele']);
$modele->fetch($_GET['key']);
$tpl->assign('result', '');
if (isset($_POST['action'])) {
if ($modele->modFrom($_POST)) {
$tpl->assign('result', 'success');
} else {
$tpl->assign('result', 'error');
}
}
$tpl->assign('modele', $modele);
$tpl->assign('edit', $modele->edit());
$tpl->display('adminmodeles_modinst.tpl');
quit();
}
function api_token()
{
// $_POST['grant_type'];
// $_POST['code'];
// $_POST['redirect_uri'];
// $_POST['client_id'];
// $_POST['client_secret'];
//On ne fait que des tokens d'auth
if ($_REQUEST['grant_type'] != 'authorization_code') {
return _api_error('grant_type', 'Only authorization_code is supported');
}
//Recherche du client
$cli = new Modele('api_clients');
$cli->find(array('ac_client' => $_REQUEST['client_id'], 'ac_secret' => $_REQUEST['client_secret']));
if (!$cli->next()) {
return _api_error('unauthorized_client', 'API client denied.');
}
//Verif callback client
$allowed_callbaks = explode("\n", $cli->ac_callback);
foreach ($allowed_callbaks as &$callback) {
$callback = trim($callback, " \t\n\r\v/");
}
if ($_REQUEST['redirect_uri'] == '' || !in_array($_REQUEST['redirect_uri'], $allowed_callbaks)) {
return _api_error('invalid_request_uri', 'Callback not registred 1 :' . $_REQUEST['redirect_uri']);
//Force l'arrêt
}
//Recherche du token
$tok = new Modele('api_tokens');
$tok->find(array('at_client' => $cli->getKey(), 'at_code' => $_REQUEST['code'], 'at_type' => 'AUTH'));
if (!$tok->next()) {
return _api_error('invalid_grant', 'API token not found.');
}
if ($tok->at_expire < time()) {
return _api_error('invalid_grant', 'API token too old.');
}
if ($tok->at_uri != '' && (!isset($_REQUEST['redirect_uri']) || $tok->at_uri != $_REQUEST['redirect_uri'])) {
return _api_error('invalid_request', 'Request URI invalid');
}
$update = array('at_type' => 'ACCESS', 'at_code' => md5(uniqid('', true)), 'at_start' => time(), 'at_expire' => time() + 3600);
if (!$tok->modFrom($update)) {
return _api_error('server_error', 'API token update.');
}
//Reponse
$config = _api_config();
$header = array('alg' => 'RS256', 'typ' => 'JWT');
$claims = array('iss' => $config['issuer'], 'sub' => $update['at_code'], 'aud' => $cli->ac_client, 'exp' => $update['at_expire'], 'iat' => $update['at_start']);
if ($tok->at_nonce != '') {
$claims['nonce'] = $tok->at_nonce;
}
$payload = base64url_encode(json_encode($header)) . '.' . base64url_encode(json_encode($claims));
$token = array('id_token' => $payload . '.' . base64url_encode(_api_sign($payload)), 'access_token' => $update['at_code'], 'token_type' => 'bearer', 'expires_in' => 3600);
if ($tok->at_scope != '') {
$token['scope'] = $tok->at_scope;
}
echo json_encode($token);
quit();
}
function _index_wizard_edit(Modele &$mdl, &$fields)
{
global $tpl;
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
return;
}
$insert = array();
foreach ($fields as $field) {
$insert[$field] = $_POST[$field];
}
if ($mdl->modFrom($insert)) {
$fields = null;
} else {
$tpl->assign('hsuccess', false);
}
}
function user_editpassword()
{
global $tpl;
$pass = $_POST['password'];
$confirm = $_POST['password2'];
$user = $_GET['user'];
if ($pass != $confirm) {
$tpl->assign('hsuccess', false);
} else {
$mdl = new Modele('users');
$mdl->fetch($user);
$rslt = $mdl->modFrom(array('user_pass' => md5($mdl->user_name . ':' . $pass)), false);
$tpl->assign('hsuccess', $rslt);
modexec('user', 'view');
}
}
function section_edit()
{
global $tpl;
$mdl = new Modele('sections');
$mdl->fetch($_GET['section']);
if (isset($_POST['postOK'])) {
$tpl->assign('hsuccess', $mdl->modFrom($_POST));
}
$tpl->assign('section', $mdl);
display();
}
function trip_opt_edit()
{
global $tpl;
$opt = new Modele('trip_option_options');
$opt->fetch($_GET['option']);
$opt->assignTemplate('ooption');
$mod = $opt->too_option;
$mod->assignTemplate('option');
$mdl = $mod->topt_trip;
$mdl->assignTemplate('trip');
$tpl->assign('form', $opt->edit(array('too_value', 'too_price')));
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($opt->modFrom($_POST)) {
redirect('trip', 'opt_list', array('option' => $mod->getKey(), 'hsuccess' => 1));
}
$tpl->assign('hsuccess', false);
}
display();
}
/**
* Sauvegarde de l'événement
*/
function event_editpost()
{
global $tpl;
$mdl = new Modele('events');
$mdl->fetch($_GET['event']);
$tpl->assign('success', false);
$tpl->assign('error', false);
if ($mdl->modFrom($_POST)) {
$tpl->assign('success', true);
} else {
$tpl->assign('error', 'Erreur d\'enregistrement.');
}
$tpl->assign('event', $mdl);
$tpl->display('event_edit.tpl');
quit();
}
