private function permission($rule = 0, $permission = null)
{
$OUTPUT = new Output();
if ($rule > 1 && $this->role < $rule) {
// Something About the logic here is not working.
if (!is_null($permission) && is_array($this->permissions)) {
if (!in_array($permission, $this->permissions)) {
$OUTPUT->error(1, "Insufficient Priveleges");
}
} else {
$OUTPUT->error(1, "Insufficient Priveleges");
}
}
}
function id($id)
{
$OUTPUT = new Output();
// save to array of ids that have been looked up thus far
// look up permissions and check if user is a member of any groups that have permissions
$OUTPUT->error(3, "Insufficient Document Level Privleges");
// if document does not exist in this collection, add it to the collection
}
static function curl($base, $path, $params, $auth_head = null, $basic = null)
{
// Build Curl Function
$curl = curl_init();
$headr = array();
$headr[] = 'Content-length: 0';
$headr[] = 'Content-type: application/json';
if (!is_null($auth_head)) {
if (!is_null($basic) && $basic) {
$headr[] = 'Authorization: Basic ' . $auth_head;
} else {
$headr[] = 'Authorization: Bearer ' . $auth_head;
}
}
curl_setopt($curl, CURLOPT_URL, Helper::buildURL($base, $path, $params));
curl_setopt($curl, CURLOPT_HTTPHEADER, $headr);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $params);
// curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
$rest = curl_exec($curl);
// TODO: Check if this works, if not, try a post request with get_file_contents ($context)
if ($rest === false) {
// curl failed
$out = json_decode(file_get_contents(Helper::buildURL($base, $path, $params)), true);
$OUTPUT = new Output();
$OUTPUT->error(2, curl_error($curl));
} else {
$out = json_decode($rest, true);
if (is_null($out) || isset($out["error"])) {
$out = json_decode(file_get_contents(Helper::buildURL($base, $path, $params)), true);
}
}
if (is_null($out) || isset($out["error"])) {
$OUTPUT->error(1, "Unable to retrieve information from API", $out);
}
return $out;
}
function __construct($id = null)
{
if (!is_null($id)) {
if ($this->valid_id($id)) {
session_id($id);
} else {
$OUTPUT = new Output();
$OUTPUT->error(2, "Session_id is invalid");
}
}
if (!$this->session_active()) {
session_start();
}
$this->id = session_id();
}
public function parse()
{
$executor = StepExecutor::getInstance();
$matches = array();
while ($line = fgets($this->_file)) {
$line = str_replace("\n", '', $line);
if (preg_match(self::STEP_PATTERN, $line, $matches) == 1) {
list($full, $step, $args) = $matches;
try {
$result = $executor->call($step, $args);
if (S_SUCCESS === $result) {
Output::success($line);
} elseif (S_PENDING === $result) {
Output::pending($line);
}
} catch (Exception $ex) {
Output::error($ex);
}
} else {
Output::println($line);
}
}
}
protected function check($r)
{
$user = Session::isLogged();
$api = Session::isLoggedApi();
if (Session::Has(Session::rights_key)) {
$rights = Session::Get(Session::rights_key);
} else {
$rights = array();
}
if ($user || $api) {
if (Session::Has(self::userid)) {
$userid = Session::Get(self::userid);
} else {
$userid = false;
}
if (Session::Has(self::apiid)) {
$apiid = Session::Get(self::apiid);
} else {
$apiid = false;
}
Output::success(array("user" => $userid, "api" => $apiid, "rights" => $rights, "next" => Session::nextCheck()));
}
Output::error("Not loggied in");
}
<?php include_once '/var/www/html/Lux/Core/Helper.php'; $OUTPUT = new Output(); $OUTPUT->error(5, "This Error was generated as a test");
<?php
include_once '/var/www/html/Lux/Core/Helper.php';
$DB = new Db("System");
$collection = $DB->selectCollection("Users");
$RULES = new Rules(1);
$OUTPUT = new Output();
$REQUEST = new Request();
$document = $collection->findOne(array('$or' => array(array("system_info.user" => $REQUEST->get("user")), array("system_info.email" => $REQUEST->get("user")))));
if (!is_null($document) && isset($document["system_info"]["email"])) {
$password = bin2hex(openssl_random_pseudo_bytes(8));
$hash = password_hash($password, PASSWORD_DEFAULT);
$collection->update($document["_id"], array('$set' => array("system_info.hash" => $hash)));
$to = $document["system_info"]["email"];
$subject = 'Email Verification';
$message = "A password reset link was sent to your email address. Your new password is {$password}";
$headers = 'From: no-reply@' . $_SERVER["HTTP_HOST"] . "\r\n" . 'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
$OUTPUT->success(0, "Password Reset Email Sent");
} else {
$OUTPUT->error(1, "Username/Email was not found in the system");
}
/**
* Error handler
* @access public
* @static
* @param int $pCode
* @param string $pMsg
* @param string $pFile
* @param string $pLine
*/
public static function errorHandler($pCode, $pMsg, $pFile, $pLine)
{
switch ($pCode) {
case E_WARNING:
case E_USER_WARNING:
$priority = PEAR_LOG_WARNING;
break;
case E_NOTICE:
case E_USER_NOTICE:
$priority = PEAR_LOG_NOTICE;
break;
case E_ERROR:
case E_USER_ERROR:
$priority = PEAR_LOG_ERR;
break;
default:
$priority = PEAR_LOG_INFO;
}
$tmp = $pMsg . ' in ' . $pFile . ' at line ' . $pLine;
self::setLog($tmp, $priority);
if (ProjectConfiguration::getConfig('is_debug')) {
Output::error($tmp);
Output::backtrace();
}
}
if (!empty($_POST['apk'])) {
try {
$uploadData = array('data' => file_get_contents($_POST['apk']), 'mimeType' => 'application/octet-stream', 'uploadType' => 'multipart');
//https://almanapp.nl/uploader/apks/nl-almanapp-almanappinbedrijf-release.apk
$apkupload_result = $service->edits_apks->upload($package, $transaction_id, $uploadData);
Output::info("APK (url:{$_POST['apk']}) is added to the page");
if (!empty($_POST['changes'])) {
Output::info("Changes have been ommited for now");
// $listing = new Google_Service_AndroidPublisher_ApkListing();
// $listing->setRecentChanges($_POST['changes']);
// $listing->setLanguage($lang);
// Output::info("Changes has been updated to: ",$_POST['changes']);
// $result = $service->edits_apklistings->patch($package,$transaction_id,$apkupload_result->getVersionCode(), $lang,$listing);
}
} catch (Google_Service_Exception $e) {
Output::error(sprintf("%s: %s: ERROR:", "APK Upload", $_POST['apk']), $e->getErrors());
}
}
$result = $service->edits->commit($package, $transaction_id);
Output::success("Changes have been done");
/**
* @param Google_Service_AndroidPublisher $service
* @param $package string
* @param $transaction_id int
* @param $lang string
* @param $type string
* @param $url string
* @return Google_Service_AndroidPublisher_ImagesUploadResponse|null
*/
function uploadNewImage(Google_Service_AndroidPublisher $service, $package, $transaction_id, $lang, $type, $url)
{
<?php
include_once '/var/www/html/Lux/Core/Helper.php';
$DB = new Db("System");
$collection = $DB->selectCollection("Accounts");
$OUTPUT = new Output();
$REQUEST = new Request();
$db2 = new Db("Auth");
$OUTPUT = new Output();
$clients = $db2->selectCollection("Clients");
$client_id = $REQUEST->get("client_id");
$redirect_uri = $REQUEST->get("redirect_uri");
$client_secret = $REQUEST->get("client_secret");
$client_doc = $clients->findOne(array("client_id" => $client_id, "client_secret" => $client_secret, "redirect_uri" => array('$elemMatch' => array('$in' => array($redirect_uri)))));
// get Password and Username from $REQUEST
// /client_id /redirect_uri /client_secret /code /grant_type:authorization_code
if ($REQUEST->get("grant_type") != "authorization_code") {
$OUTPUT->error(1, "Grant_type must equal authorization code in this context");
}
// find where there is a match
$uDoc = $collection->findOne(array('system_info.OAuth_clients' => array('$elemMatch' => array('$in' => array(array("client_id" => $REQUEST->get("client_id"), "code" => $REQUEST->get("code")))))));
if (is_null($uDoc)) {
$OUTPUT->error(1, "This code is either invalid or has already been redeemed");
}
$lAT = bin2hex(openssl_random_pseudo_bytes(16));
$document = $collection->update(array('_id' => $uDoc["_id"]), array('$pull' => array('system_info.OAuth_clients' => array("client_id" => $REQUEST->get("client_id"), "code" => $REQUEST->get("code")))), array('multiple' => false, 'upsert' => true));
$document = $collection->update(array('_id' => $uDoc["_id"]), array('$addToSet' => array('system_info.OAuth_clients' => array("client_id" => $REQUEST->get("client_id"), "access_token" => $lAT))), array('multiple' => false, 'upsert' => true));
$OUTPUT->success(1, array("access_token" => $lAT));
die;
<?php
include_once '/var/www/html/Lux/Core/Helper.php';
$DB = new Db("System");
$collection = $DB->selectCollection("Accounts");
$RULES = new Rules(1);
$OUTPUT = new Output();
$REQUEST = new Request();
if (!is_null($collection->findOne(array("system_info.access_token" => $REQUEST->get("access_token"), "system_info.eVerified" => true)))) {
$OUTPUT->success(1, "Email is verified in the system");
} else {
$OUTPUT->error(1, "Email is not verified");
}
<?php
// Helper functions and includes
include_once '/var/www/html/Lux/Core/Helper.php';
$DB = new Db("System");
$collection = $DB->selectCollection("Accounts");
$OUTPUT = new Output();
$REQUEST = new Request();
// get Password and Username from $REQUEST
$document = $collection->findOne(array('$or' => array(array("system_info.user" => $REQUEST->get("user")), array("system_info.email" => $REQUEST->get("user")))));
if (password_verify($REQUEST->get("password"), $document["system_info"]["hash"])) {
$lAT = bin2hex(openssl_random_pseudo_bytes(16));
// save $lAT into database
if ($REQUEST->avail("response_type") && $REQUEST->get("response_type") == "code") {
$collection->update(array("_id" => $document["_id"]), array('$addToSet' => array("system_info.OAuth_clients" => array("client_id" => $REQUEST->get("client_id"), "code" => $lAT))), array('multiple' => false, 'upsert' => true));
$OUTPUT->success(1, array("code" => $lAT));
die;
}
$collection->update(array("_id" => $document["_id"]), array('$set' => array("system_info.access_token" => $lAT)), array('multiple' => false, 'upsert' => true));
$OUTPUT->success(1, array("access_token" => $lAT, "user" => $document["system_info"]["user"]));
} else {
$OUTPUT->error(0, "Incorrect Username or Password");
}
$DB = new Db("System");
$collection = $DB->selectCollection("Accounts");
$OUTPUT = new Output();
$REQUEST = new Request();
// get Password and Username from $REQUEST
$hash = password_hash($REQUEST->get("password"), PASSWORD_DEFAULT);
if ($hash) {
$lAT = bin2hex(openssl_random_pseudo_bytes(16));
// save $lAT into database
if ($REQUEST->avail("access_token")) {
$collection->update(array("system_info.access_token" => $REQUEST->get("access_token")), array('$set' => array("system_info.access_token" => $lAT, "system_info.hash" => $hash, "system_info.user" => $REQUEST->get("user"))), array('multiple' => false, 'upsert' => true));
} else {
if (is_null($collection->findOne(array("system_info.user" => $REQUEST->get("user"))))) {
$result = $collection->insert(array("system_info" => array("access_token" => $lAT, "hash" => $hash, "user" => $REQUEST->get("user"))));
} else {
$OUTPUT->error(1, "User exists with this Username");
}
}
if ($REQUEST->avail("email")) {
$eVC = bin2hex(openssl_random_pseudo_bytes(16));
$collection->update(array("system_info.access_token" => $REQUEST->get("access_token")), array('$set' => array("system_info.email" => $REQUEST->get("email"), "system_info.eVerified" => $eVC)), array('multiple' => false, 'upsert' => true));
$to = $REQUEST->get("email");
$subject = 'Email Verification';
$url = $_SERVER["HTTP_HOST"] . "/Lux/CAuth/eVerify/?email={$to}&eVC={$eVC}";
$message = "Please click this link (or paste into browser) to verify email {$url}";
$headers = 'From: no-reply@' . $_SERVER["HTTP_HOST"] . "\r\n" . 'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
}
$OUTPUT->success(1, array("access_token" => $lAT, "user" => $REQUEST->get("user")));
} else {
$OUTPUT->error(1, "Unable to save user/password");
#!/usr/bin/env php
<?php
require_once __DIR__ . '/init.php';
$cli_params = Helper::parseCommandLineArgs($argv);
if (empty($cli_params['options']['config'])) {
$cli_params['options']['config'] = __DIR__ . DIRECTORY_SEPARATOR . 'config.ini';
}
$config = array();
if (file_exists($cli_params['options']['config'])) {
$config = parse_ini_file($cli_params['options']['config']);
}
$config = array_replace($config, $cli_params['options']);
//command line overrides everything
Helper::setConfig($config);
if (!Helper::checkConfigEnough()) {
Output::error('mmp: could not find config file "' . $cli_params['options']['config'] . '"');
exit(1);
}
$controller = Helper::getController($cli_params['command']['name'], $cli_params['command']['args']);
if ($controller !== false) {
$controller->runStrategy();
} else {
Output::error('mmp: unknown command "' . $cli_params['command']['name'] . '"');
Helper::getController('help')->runStrategy();
exit(1);
}
$DB = new Db("SocialNetwork");
$OUTPUT = new Output();
$collection = $DB->selectCollection("Notifications");
$REQUEST = new Request();
$RULES = new Rules(1, "social");
$permitted = array("subject", "body", "attachment", "attachment[]");
// to || thread
$update = Helper::updatePermitted($REQUEST, $permitted);
$update = Helper::subDocUpdate($update, "message");
// if thread id is not set, query for the thread and create a new one if none exists
// get the thread id
// find the last message on that thread (if one exists)
// create a document that references the last document and the thread_id
if (!$REQUEST->avail("thread")) {
$doc = $collection->findAndModify(array("reciepients" => $REQUEST->get("to"), "reciepients" => $RULES->getId(), "root" => true), array('$setOnInsert' => array("creator" => $RULES->getId())));
$thread = $doc["_id"];
} else {
$thread = $REQUEST->get("thread");
}
$root = $collection->find($thread);
if (is_null($root)) {
$OUTPUT->error(1, "The thread_id provided appears to be invalid");
}
$last = $collection->findOne(array('$query' => array("root" => $thread), '$orderBy' => array('$natural' => -1)));
$update["root"] = $thread;
$update["previous"] = $last["_id"];
$new = $collection->insert($update);
$OUTPUT->success(1, $new);
?>
<?php
include_once '/var/www/html/Lux/Core/Helper.php';
$DB = new Db("System");
$collection = $DB->selectCollection("Accounts");
$OUTPUT = new Output();
$REQUEST = new Request();
if (is_null($collection->findOne(array("system_info.user" => $REQUEST->get("user"))))) {
$OUTPUT->success(1, array("status" => "Username is free in the system"));
} else {
$OUTPUT->error(1, "User exists with this Username");
}
/**
* The main entry point method.
*/
public function main()
{
if (file_exists($this->config_file)) {
$this->options = parse_ini_file($this->config_file);
}
$this->options = array_replace($this->options, $this->params);
//task params overrides everything
Helper::setConfig($this->options);
$controller = Helper::getController($this->action, $this->action_options);
if ($controller !== false) {
$controller->runStrategy();
} else {
Output::error('mmp: unknown command "' . $this->action . '"');
Helper::getController('help')->runStrategy();
exit(1);
}
}
static function initVersionTable()
{
$engine = self::get("versiontable-engine");
if (!in_array($engine, array("MyISAM", "InnoDB"))) {
Output::error('mmp: wrong engine for versiontable "' . $engine . '"');
exit(1);
}
$db = self::getDbObject();
$tbl = self::get('versiontable');
$rev = self::getCurrentVersion();
$db->query("DROP TABLE IF EXISTS `{$tbl}`");
$db->query("CREATE TABLE `{$tbl}` (`rev` BIGINT(20) UNSIGNED, PRIMARY KEY(`rev`)) ENGINE={$engine}");
$db->query("TRUNCATE `{$tbl}`");
$db->query("INSERT INTO `{$tbl}` VALUES({$rev})");
}
echo '
<br><br>
Login Request POST Metod<br>
Example parameters <br>
email=adem.arass@gmail.com | password=123456<br>
Url <br>
http://basic-web-service.com/api/v1/api.php?request=login' . '<br>';
exit;
break;
default:
header('HTTP/1.1 405 Method Not Allowed');
header('Allow: GET, PUT, DELETE');
Output::error('Method not exist');
break;
}
Output::success($data);
} else {
header('HTTP/1.1 404 Not Found');
Output::error('Method not exist');
}
/*
Examle Requests
Add user (api/v1/api.php?request=users)
{"name":"Adem","surname":"Aras","email":"*****@*****.**","phone":123456789,"password":123456}
User login (api/v1/api.php?request=login)
{"email":"*****@*****.**","password":123456}
User update (api/v1/api.php?request=users/2)
{"name":"Adem","surname":"Aras","email":"*****@*****.**","phone":123456789,"password":123456}
User get (api/v1/api.php?request=users/2)
User delete (api/v1/api.php?request=users/2)
*/
include_once '/var/www/html/Lux/Core/Helper.php';
$DB = new Db("SocialNetwork");
$OUTPUT = new Output();
$collection = $DB->selectCollection("Connections");
$Users = $DB->selectCollection("Users");
$Groups = $DB->selectCollection("Groups");
$REQUEST = new Request();
$RULES = new Rules(1, "social");
// find in user or find in group
$query = $REQUEST->get("id");
$user = $Users->find($query);
if (is_null($user)) {
$user = $Groups->find($query);
if (is_null($user)) {
$OUTPUT->error(1, "Could not find the specified User or Group");
} else {
// create dbRef
$user2 = MongoDBRef::create("Groups", $query, "SocialNetwork");
}
} else {
$user2 = MongoDBRef::create("Users", $query, "SocialNetwork");
}
$user1 = MongoDBRef::create("Users", $RULES->getId(), "SocialNetwork");
// format update
$permitted = array("description", "connection_type");
$update = Helper::updatePermitted($REQUEST, $permitted);
$update = Helper::subDocUpdate($update, "information");
$subQuery1 = array('requestor' => $user1, 'requestee' => $user2);
$subQuery2 = array('requestor' => $user2, 'requestee' => $user1);
$query = array('$or' => array($subQuery1, $subQuery2));
<?php
// Helper and includes
include_once '/var/www/html/Lux/Core/Helper.php';
$db = new Db("System");
$OUTPUT = new Output();
$collection = $db->selectCollection("Contact");
$REQUEST = new Request();
$query = array("email_id" => $REQUEST->get("email_id"));
$document = $collection->findOne($query);
// Send mail
$to = trim(implode(" , ", $document["address"]), ' , ');
$subject = $REQUEST->get("subject");
$message = $REQUEST->get("body");
$sender = $REQUEST->avail("sender") ? $REQUEST->get("sender") : ($document["sender"] ? $document["sender"] : "noreply@" . $_SERVER["HTTP_HOST"]);
$headers = 'From: ' . $sender . "\r\n" . 'Reply-To: ' . $sender . "\r\n" . 'X-Mailer: PHP/' . phpversion();
$result = mail($to, $subject, $message, $headers);
if ($result == 1) {
$OUTPUT->success(0, null, null);
} else {
$OUTPUT->error(2, "An Error occured in the mail function");
}
?>
public function runStrategy()
{
$revision = 0;
$db = Helper::getDbObject();
if (empty($this->args)) {
$this->args[] = 'now';
}
$str = implode(' ', $this->args);
$target_migration = strtotime($str);
if (false === $target_migration) {
throw new Exception("Time is not correct");
}
$migrations = Helper::getAllMigrations();
$revisions = Helper::getDatabaseVersions($db);
if ($revisions === false) {
throw new Exception('Could not access revisions table');
}
if (!empty($revisions)) {
$revision = max($revisions);
} else {
Output::error('Revision table is empty. Initial schema not applied properly?');
return false;
}
$unapplied_migrations = array_diff($migrations, $revisions);
if (empty($migrations) || empty($unapplied_migrations) && $revision == max($migrations) && $target_migration > $revision) {
echo 'No new migrations available' . PHP_EOL;
return true;
} elseif ($revision < min($migrations) && $target_migration < $revision) {
echo 'No older migrations available' . PHP_EOL;
return true;
} else {
echo "Will migrate to: " . date('r', $target_migration) . PHP_EOL . PHP_EOL;
}
$direction = $revision <= $target_migration ? 'Up' : 'Down';
if ($direction === 'Down') {
$migrations = array_reverse($migrations);
foreach ($migrations as $migration) {
if ($migration > $revision) {
continue;
}
//Rollback only applied revisions, skip the others
if (!in_array($migration, $revisions)) {
continue;
}
if ($migration < $target_migration) {
break;
}
echo "ROLLBACK: " . date('r', $migration) . "\n";
Helper::applyMigration($migration, $db, $direction);
}
} else {
foreach ($migrations as $migration) {
//Apply previously unapplied revisions to "catch up"
if ($migration <= $revision && in_array($migration, $revisions)) {
continue;
}
if ($migration > $target_migration) {
break;
}
echo "APPLY: " . date('r', $migration) . "\n";
Helper::applyMigration($migration, $db, $direction);
}
}
}
public function exchange($code, $sId)
{
$OUTPUT = new Output();
$SESSION = new Session($sId);
$provider = $SESSION->get("provider");
// set the provider document for use later (no db call)
$base = $provider["base2"];
// should end in /access_token or something
$params = array("redirect_uri" => "http://" . $_SERVER["HTTP_HOST"] . strtok($_SERVER["REQUEST_URI"], '?'), "code" => $code, "grant_type" => "authorization_code");
$params["client_secret"] = $provider["client_secret"];
$params["client_id"] = $provider["client_id"];
$auth_head = base64_encode($provider["client_id"] . ":" . $provider["client_secret"]);
$AuthObj = Helper::curl($base, $params, $auth_head);
if (!isset($AuthObj) || !isset($AuthObj["access_token"])) {
$OUTPUT->error(2, $AuthObj);
}
return $AuthObj["access_token"];
}
$OUTPUT->success(1, null, $results);
} else {
$OUTPUT->error(2, "Service Could not be found");
}
$LF = new LuxFunctions();
$OUTPUT = new Output();
$DB = new Db("System");
$providers = $DB->selectCollection("providers");
$users = $DB->selectCollection("Users");
$provider_name = $LF->fetch_avail("provider");
$user = $users->findOne(array("lux_info.access_token" => $LF->fetch_avail("access_token")));
$access_token = $user["providers"][$provider_name]["access_token"];
$provider = $providers->findOne(array("provider_name" => $provider_name));
if (!$LF->is_avail("base")) {
$base = $provider["base4"];
} else {
$base = $LF->fetch_avail("base");
}
$params = $LF->getParameters();
unset($params["base"]);
unset($params["provider"]);
unset($params["path"]);
$params["access_token"] = $access_token;
$meDoc = json_decode(file_get_contents($base . $LF->fetch_avail("path") . "?" . http_build_query($params)), true);
if (is_null($meDoc) || isset($meDoc["error"])) {
$meDoc = curl($base . $LF->fetch_avail("path"), $params, $access_token);
}
if (is_null($meDoc) || isset($meDoc["error"])) {
$OUTPUT->error(1, "Unable to retrieve information from API", $meDoc);
}
$OUTPUT->success(1, $meDoc);
