// This *must* be httpS:// (path to your QuickBooks SOAP server) $appurl = 'https://' . str_replace('//', '/', $_SERVER['HTTP_HOST'] . '' . dirname($_SERVER['REQUEST_URI']) . '/' . basename($_SERVER['PHP_SELF'], '_qwc.php') . '_server.php'); if (false !== strpos($_SERVER['HTTP_HOST'], 'localhost')) { $appurl = str_replace('https://', 'http://', $appurl); } $appsupport = $appurl . '?support=1'; if (false !== strpos($appurl, '?')) { // This *must* be httpS:// and the domain name must match the domain name above $appsupport = $appurl . '&support=1'; } $username = '******'; // This is the username you stored in the 'quickbooks_user' table by using QuickBooks_Utilities::createUser() //$fileid = '57F3B9B6-86F1-4FCC-B1FF-966DE1813D20'; // Just make this up, but make sure it keeps that format //$ownerid = '57F3B9B6-86F1-4FCC-B1FF-166DE1813D20'; // Just make this up, but make sure it keeps that format $fileid = QuickBooks_WebConnector_QWC::GUID(); $ownerid = QuickBooks_WebConnector_QWC::GUID(); $qbtype = QUICKBOOKS_TYPE_QBFS; // You can leave this as-is unless you're using QuickBooks POS $readonly = false; // No, we want to write data to QuickBooks $run_every_n_seconds = 600; // Run every 600 seconds (10 minutes) // Generate the XML file $QWC = new QuickBooks_WebConnector_QWC($name, $descrip, $appurl, $appsupport, $username, $fileid, $ownerid, $qbtype, $readonly, $run_every_n_seconds); $xml = $QWC->generate(); // Send as a file download //header('Content-Type: text/plain'); header('Content-type: text/xml'); header('Content-Disposition: attachment; filename="QuickBooks-PostgreSQL-Mirror_' . $_SERVER['HTTP_HOST'] . '.qwc"'); print $xml; exit;
/** * Log a user in * * @param string $username * @param string $password * @param boolean $override If this is set to TRUE, a correct password *is not* required * @return string A session ticket, or an empty string if the login failed */ protected function _authLogin($username, $password, &$company_file, &$wait_before_next_update, &$min_run_every_n_seconds, $override = false) { $errnum = 0; $errmsg = ''; if ($override) { $this->authCreate($username, $password); } else { if (strlen(trim($password)) == 0) { // Blank passwords *always fail* return null; } else { if (strlen(trim($password)) == 32 or strlen(trim($password)) == 40) { // Possible *hack* attempt (they're sending us a random hash hoping it will match one of the hashed passwords) return null; } } } // Support for plain-text, MD5 (without salt), and SHA1 (without salt) passwords $plain_text = $password; $plain_md5 = md5($password); $plain_sha1 = sha1($password); if ($override or $arr = $this->_fetch($this->_query("\n\t\t\t\tSELECT \n\t\t\t\t\t* \n\t\t\t\tFROM \n\t\t\t\t\t" . $this->_mapTableName(QUICKBOOKS_DRIVER_SQL_USERTABLE) . " \n\t\t\t\tWHERE \n\t\t\t\t\tqb_username = '******' AND \n\t\t\t\t\t(\n\t\t\t\t\t\tqb_password = '******' OR\n\t\t\t\t\t\tqb_password = '******' OR \n\t\t\t\t\t\tqb_password = '******' OR \n\t\t\t\t\t\tqb_password = '******' \n\t\t\t\t\t) AND \n\t\t\t\t\tstatus = '" . QUICKBOOKS_USER_ENABLED . "' ", $errnum, $errmsg, 0, 1))) { //$ticket = md5((string) microtime() . $username . $this->_mapTableName(QUICKBOOKS_DRIVER_SQL_SALT)); $ticket = QuickBooks_WebConnector_QWC::GUID(false); $this->_query("\n\t\t\t\tINSERT INTO \n\t\t\t\t\t" . $this->_mapTableName(QUICKBOOKS_DRIVER_SQL_TICKETTABLE) . "\n\t\t\t\t( \n\t\t\t\t\tqb_username, \n\t\t\t\t\tticket, \n\t\t\t\t\tipaddr, \n\t\t\t\t\twrite_datetime, \n\t\t\t\t\ttouch_datetime\n\t\t\t\t) VALUES ( \n\t\t\t\t\t'" . $this->_escape($username) . "', \n\t\t\t\t\t'" . $this->_escape($ticket) . "',\n\t\t\t\t\t'" . $_SERVER['REMOTE_ADDR'] . "', \n\t\t\t\t\t'" . date('Y-m-d H:i:s') . "', \n\t\t\t\t\t'" . date('Y-m-d H:i:s') . "'\n\t\t\t\t) ", $errnum, $errmsg); $this->_query("\n\t\t\t\tUPDATE \n\t\t\t\t\t" . $this->_mapTableName(QUICKBOOKS_DRIVER_SQL_USERTABLE) . " \n\t\t\t\tSET \n\t\t\t\t\ttouch_datetime = '" . date('Y-m-d H:i:s') . "'\n\t\t\t\tWHERE \n\t\t\t\t\tqb_username = '******' ", $errnum, $errmsg); if (isset($arr) and is_array($arr)) { $company_file = $arr['qb_company_file']; $wait_before_next_update = $arr['qbwc_wait_before_next_update']; $min_run_every_n_seconds = $arr['qbwc_min_run_every_n_seconds']; } return $ticket; } return null; }