示例#1
0
 public function authApiKey($user, $key)
 {
     global $postgisdb;
     $postgisdb = $user;
     $settings_viewer = new Settings_viewer();
     $res = $settings_viewer->get();
     $apiKey = $res['data']['api_key'];
     if ($apiKey == $key && $key != false) {
         return true;
     } else {
         return false;
     }
 }
示例#2
0
function UserIDCheck($sValue, &$oStatus)
{
    global $sTable;
    global $postgisObject;
    global $sUserID;
    $sUserID = postgis::toAscii($sValue, NULL, "_");
    $sPassword = VDFormat($_POST['Password'], true);
    $sPassword = Settings_viewer::encryptPw($sPassword);
    ings_viewerssword;
    $oStatus->bValid = false;
    $oStatus->sErrMsg = "User ID '{$sValue}' already exist";
    $sQuery = "SELECT COUNT(*) as count FROM {$sTable} WHERE screenname = '{$sUserID}' AND pw='{$sPassword}'";
    $res = $postgisObject->execQuery($sQuery);
    $row = $postgisObject->fetchRow($res);
    //echo($sQuery);
    //die();
    if ($row['count'] > 0) {
        $oStatus->bValid = 1;
        $postgisObject->numRows($res);
    } else {
        $oStatus->bValid = 0;
    }
}
<?php

//include("../../header.php");
include "../server_header.inc";
include "../../inc/oauthcheck.php";
$settings_viewer = new Settings_viewer();
if ($HTTP_RAW_POST_DATA) {
    $obj = json_decode($HTTP_RAW_POST_DATA);
}
//print_r($parts);
//print_r($obj);
switch ($parts[4]) {
    case "get":
        // All tables
        $response = $settings_viewer->get();
        break;
    case "update":
        // All tables
        $response = $settings_viewer->update($_POST);
        break;
    case "updatepw":
        // All tables
        $response = $settings_viewer->updatePw($_POST['pw']);
        break;
    case "updateapikey":
        // All tables
        $response = $settings_viewer->updateApiKey();
        break;
}
include_once "../server_footer.inc";
示例#4
0
<?php

include "../conf/main.php";
include "../libs/functions.php";
include "../model/databases.php";
include "../model/dbchecks.php";
include '../model/settings_viewer.php';
$dbList = new databases();
try {
    $arr = $dbList->listAllDbs();
} catch (Exception $e) {
    echo $e->getMessage() . "\n";
    die;
}
$postgisdb = "mygeocloud";
$postgis = new postgis();
$i = 1;
foreach ($arr['data'] as $db) {
    if ($db != "template1" and $db != "template0" and $db != "postgres" and $db != "postgis_template") {
        $postgisdb = $db;
        //$dbc = new dbcheck();
        $viewer = new Settings_viewer();
        $arr = $viewer->get();
        $sql = "INSERT INTO users(screenname,pw) VALUES('{$db}','{$arr['data']['pw']}')";
        $postgis->execQuery($sql);
        echo $sql . "\n";
        $i++;
    }
    //if ($i>10) die();
}
<?php

$settings_viewer = new Settings_viewer();
$response = $settings_viewer->get();
// mod_php
if (isset($_SERVER['PHP_AUTH_USER'])) {
    $username = $_SERVER['PHP_AUTH_USER'];
    $password = $_SERVER['PHP_AUTH_PW'];
    // most other servers
} elseif (isset($_SERVER['HTTP_AUTHENTICATION'])) {
    if (strpos(strtolower($_SERVER['HTTP_AUTHENTICATION']), 'basic') === 0) {
        list($username, $password) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
    }
}
if (is_null($username)) {
    header('WWW-Authenticate: Basic realm="' . $parts[2] . '"');
    header('HTTP/1.0 401 Unauthorized');
    header("Cache-Control: no-cache, must-revalidate");
    // HTTP/1.1
    header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
    // Date in the past
    // Text to send if user hits Cancel button
    die("Could not authenticate you 1");
} elseif ($username != $parts[2]) {
    header('WWW-Authenticate: Basic realm="' . $parts[2] . '"');
    header('HTTP/1.0 401 Unauthorized');
    header("Cache-Control: no-cache, must-revalidate");
    // HTTP/1.1
    header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
    // Date in the past
    // Text to send if user hits Cancel button
    $res = $postgisObject->execQuery($sQuery);
    $row = $postgisObject->fetchRow($res);
    //echo($row['count']);
    //die();
    if ($row['count'] > 0) {
        $oStatus->bValid = 0;
        $postgisObject->numRows($res);
    } else {
        $oStatus->bValid = 1;
    }
}
$sUserID = VDFormat($_POST['UserID'], true);
$sPassword = VDFormat($_POST['Password'], true);
$sEmail = VDFormat($_POST['Email'], true);
$sUserID = postgis::toAscii($sUserID, NULL, "_");
$sPassword = Settings_viewer::encryptPw($sPassword);
$sQuery = "INSERT INTO {$sTable} (screenname,pw,email) VALUES('{$sUserID}','{$sPassword}','{$sEmail}')";
$postgisObject->execQuery($sQuery);
$_SESSION['auth'] = true;
$_SESSION['screen_name'] = $sUserID;
//print_r($_SESSION);
?>

</div>
</div>
</div>
</body>
</html>
<?php 
if ($_SESSION['auth'] && $_SESSION['screen_name']) {
    die("<script>window.location='/user/login/p'</script>");
示例#7
0
<?php

set_time_limit(0);
include_once '../server_header.inc';
include_once 'libs/PEAR/Cache_Lite/Lite.php';
include_once 'libs/SQL_Tokenizer.php';
$_REQUEST['q'] = rawurldecode($_REQUEST['q']);
$settings_viewer = new Settings_viewer();
$res = $settings_viewer->get();
$apiKey = $res['data']['api_key'];
$callback = $_GET['jsonp_callback'];
//$array = preg_split("/(\r\n|\n|\r)/", $string);
$response = transaction($_REQUEST['q']);
// Check if $data is set in SELECT section
if (!$data) {
    $data = json_encode($response);
}
if ($callback) {
    echo $callback . '(' . $data . ');';
} else {
    echo $data;
}
/**/
function transaction($sql)
{
    global $response, $apiKey, $data, $basePath;
    $parsedSQL = SqlParser::ParseString($sql)->getArray();
    //$tokens = SqlParser::Tokenize($sql, true);
    if (strpos($sql, ';') !== false) {
        $response['success'] = false;
        $response['message'] = "You can't use ';'. Use the bulk transaction API instead";