reviewed cookies api

This commit is contained in:
Philip Häusler 2014-01-07 15:50:16 +01:00
parent e10e16a96a
commit 239c2b1684
9 changed files with 200 additions and 193 deletions

View File

@ -38,7 +38,7 @@ function angeltype_delete_controller() {
if (! in_array('admin_angel_types', $privileges)) if (! in_array('admin_angel_types', $privileges))
redirect(page_link_to('angeltypes')); redirect(page_link_to('angeltypes'));
$angeltype = mAngelType($_REQUEST['angeltype_id']); $angeltype = AngelType($_REQUEST['angeltype_id']);
if ($angeltype === false) if ($angeltype === false)
engelsystem_error("Unable to load angeltype."); engelsystem_error("Unable to load angeltype.");
if ($angeltype == null) if ($angeltype == null)
@ -69,7 +69,7 @@ function angeltype_edit_controller() {
$name = ""; $name = "";
$restricted = false; $restricted = false;
if (isset($_REQUEST['angeltype_id'])) { if (isset($_REQUEST['angeltype_id'])) {
$angeltype = mAngelType($_REQUEST['angeltype_id']); $angeltype = AngelType($_REQUEST['angeltype_id']);
if ($angeltype === false) if ($angeltype === false)
engelsystem_error("Unable to load angeltype."); engelsystem_error("Unable to load angeltype.");
if ($angeltype == null) if ($angeltype == null)
@ -127,7 +127,7 @@ function angeltype_controller() {
if (! isset($_REQUEST['angeltype_id'])) if (! isset($_REQUEST['angeltype_id']))
redirect(page_link_to('angeltypes')); redirect(page_link_to('angeltypes'));
$angeltype = mAngelType($_REQUEST['angeltype_id']); $angeltype = AngelType($_REQUEST['angeltype_id']);
if ($angeltype === false) if ($angeltype === false)
engelsystem_error("Unable to load angeltype."); engelsystem_error("Unable to load angeltype.");
if ($angeltype == null) if ($angeltype == null)

View File

@ -1,6 +1,5 @@
<?php <?php
/************************************************************************************************ /************************************************************************************************
* API Documentation * API Documentation
************************************************************************************************ ************************************************************************************************
@ -103,12 +102,11 @@ sendMessage
************************************************************************************************/ ************************************************************************************************/
/** /**
* General API Controller * General API Controller
*/ */
function api_controller() { function api_controller() {
global $user, $DataJson, $_REQUEST; global $user, $DataJson;
header("Content-Type: application/json; charset=utf-8"); header("Content-Type: application/json; charset=utf-8");
@ -118,19 +116,19 @@ function api_controller() {
$_REQUEST = $input; $_REQUEST = $input;
// get command // get command
$cmd=''; $cmd = '';
if (isset($_REQUEST['cmd']) ) if (isset($_REQUEST['cmd']))
$cmd = strtolower( $_REQUEST['cmd']); $cmd = strtolower($_REQUEST['cmd']);
// decode commands, without key // decode commands, without key
switch( $cmd) { switch ($cmd) {
case 'getversion': case 'getversion':
getVersion(); getVersion();
die( json_encode($DataJson)); die(json_encode($DataJson));
break; break;
case 'getapikey': case 'getapikey':
getApiKey(); getApiKey();
die( json_encode($DataJson)); die(json_encode($DataJson));
break; break;
} }
@ -138,23 +136,26 @@ function api_controller() {
if (isset($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) if (isset($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key']))
$key = $_REQUEST['key']; $key = $_REQUEST['key'];
else else
die( json_encode( array ( die(json_encode(array(
'status' => 'failed', 'status' => 'failed',
'error' => 'Missing parameter "key".' ))); 'error' => 'Missing parameter "key".'
)));
// check API key // check API key
$user = User_by_api_key($key); $user = User_by_api_key($key);
if ($user === false) if ($user === false)
die( json_encode( array ( die(json_encode(array(
'status' => 'failed', 'status' => 'failed',
'error' => 'Unable to find user' ))); 'error' => 'Unable to find user'
)));
if ($user == null) if ($user == null)
die( json_encode( array ( die(json_encode(array(
'status' => 'failed', 'status' => 'failed',
'error' => 'Key invalid.' ))); 'error' => 'Key invalid.'
)));
// decode command // decode command
switch( $cmd) { switch ($cmd) {
case 'getroom': case 'getroom':
getRoom(); getRoom();
break; break;
@ -162,32 +163,37 @@ function api_controller() {
getAngelType(); getAngelType();
break; break;
case 'getuser': case 'getuser':
getUser(); // TODO Dataleak! Only coordinators are allowed to see so much user informations.
//getUser();
break; break;
case 'getshift': case 'getshift':
getShift(); getShift();
break; break;
case 'getmessage': case 'getmessage':
getMessage(); // TODO Dataleak!
//getMessage();
break; break;
case 'sendmessage': case 'sendmessage':
sendMessage(); sendMessage();
break; break;
default: default:
$DataJson = array ( $DataJson = array(
'status' => 'failed', 'status' => 'failed',
'error' => 'Unknown Command "'. $cmd. '"' ); 'error' => 'Unknown Command "' . $cmd . '"'
);
} }
// check // check
if( $DataJson === false) { if ($DataJson === false) {
$DataJson = array ( $DataJson = array(
'status' => 'failed', 'status' => 'failed',
'error' => 'DataJson === false' ); 'error' => 'DataJson === false'
} elseif( $DataJson == null) { );
$DataJson = array ( } elseif ($DataJson == null) {
'status' => 'failed', $DataJson = array(
'error' => 'DataJson == null' ); 'status' => 'failed',
'error' => 'DataJson == null'
);
} }
echo json_encode($DataJson); echo json_encode($DataJson);
@ -197,143 +203,151 @@ function api_controller() {
/** /**
* Get Version of API * Get Version of API
*/ */
function getVersion(){ function getVersion() {
global $DataJson; global $DataJson;
$DataJson = array( $DataJson = array(
'status' => 'success', 'status' => 'success',
'Version' => 1); 'Version' => 1
);
} }
/** /**
* Get API Key * Get API Key
*/ */
function getApiKey(){ function getApiKey() {
global $DataJson, $_REQUEST; global $DataJson;
if (!isset($_REQUEST['user']) ) { if (! isset($_REQUEST['user'])) {
$DataJson = array ( $DataJson = array(
'status' => 'failed', 'status' => 'failed',
'error' => 'Missing parameter "user".' ); 'error' => 'Missing parameter "user".'
} );
elseif (!isset($_REQUEST['pw']) ) { } elseif (! isset($_REQUEST['pw'])) {
$DataJson = array ( $DataJson = array(
'status' => 'failed', 'status' => 'failed',
'error' => 'Missing parameter "pw".' ); 'error' => 'Missing parameter "pw".'
);
} else { } else {
$Erg = sql_select( "SELECT `UID`, `Passwort`, `api_key` FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST['user']) . "'"); $Erg = sql_select("SELECT `UID`, `Passwort`, `api_key` FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST['user']) . "'");
if (count($Erg) == 1) { if (count($Erg) == 1) {
$Erg = $Erg[0]; $Erg = $Erg[0];
if (verify_password( $_REQUEST['pw'], $Erg["Passwort"], $Erg["UID"])) { if (verify_password($_REQUEST['pw'], $Erg["Passwort"], $Erg["UID"])) {
$key = $Erg["api_key"]; $key = $Erg["api_key"];
$DataJson = array( $DataJson = array(
'status' => 'success', 'status' => 'success',
'Key' => $key); 'Key' => $key
);
} else { } else {
$DataJson = array ( $DataJson = array(
'status' => 'failed', 'status' => 'failed',
'error' => 'PW wrong' ); 'error' => 'PW wrong'
);
} }
} else { } else {
$DataJson = array ( $DataJson = array(
'status' => 'failed', 'status' => 'failed',
'error' => 'User not found.' ); 'error' => 'User not found.'
);
} }
} }
sleep(1); sleep(1);
} }
/** /**
* Get Room * Get Room
*/ */
function getRoom(){ function getRoom() {
global $DataJson, $_REQUEST; global $DataJson;
if (isset($_REQUEST['id']) ) { if (isset($_REQUEST['id'])) {
$DataJson = mRoom( $_REQUEST['id']); $DataJson = Room($_REQUEST['id']);
} else { } else {
$DataJson = mRoomList(); $DataJson = Room_ids();
} }
} }
/** /**
* Get AngelType * Get AngelType
*/ */
function getAngelType(){ function getAngelType() {
global $DataJson, $_REQUEST; global $DataJson;
if (isset($_REQUEST['id']) ) { if (isset($_REQUEST['id'])) {
$DataJson = mAngelType( $_REQUEST['id']); $DataJson = AngelType($_REQUEST['id']);
} else { } else {
$DataJson = mAngelTypeList(); $DataJson = AngelType_ids();
} }
} }
/** /**
* Get User * Get User
*/ */
function getUser(){ function getUser() {
global $DataJson, $_REQUEST; global $DataJson;
if (isset($_REQUEST['id']) ) { if (isset($_REQUEST['id'])) {
$DataJson = mUser_Limit( $_REQUEST['id']); $DataJson = mUser_Limit($_REQUEST['id']);
} else { } else {
$DataJson = mUserList(); $DataJson = User_ids();
} }
} }
/** /**
* Get Shift * Get Shift
*/ */
function getShift(){ function getShift() {
global $DataJson, $_REQUEST; global $DataJson;
if (isset($_REQUEST['id']) ) { if (isset($_REQUEST['id'])) {
$DataJson = mShift( $_REQUEST['id']); $DataJson = Shift($_REQUEST['id']);
} else { } else {
$DataJson = mShiftList(); $DataJson = Shifts_filtered();
} }
} }
/** /**
* @TODO: Why are ALL messages of ALL users returned? Data leak. It is not checked if this is my message!
* Get Message * Get Message
*/ */
function getMessage(){ function getMessage() {
global $DataJson, $_REQUEST; global $DataJson;
if (isset($_REQUEST['id']) ) { if (isset($_REQUEST['id'])) {
$DataJson = mMessage( $_REQUEST['id']); $DataJson = Message($_REQUEST['id']);
} else { } else {
$DataJson = mMessageList(); $DataJson = Message_ids();
} }
} }
/** /**
* Send Message * Send Message
*/ */
function sendMessage(){ function sendMessage() {
global $DataJson, $_REQUEST; global $DataJson;
if (!isset($_REQUEST['uid']) ) { if (! isset($_REQUEST['uid'])) {
$DataJson = array ( $DataJson = array(
'status' => 'failed', 'status' => 'failed',
'error' => 'Missing parameter "uid".' ); 'error' => 'Missing parameter "uid".'
} );
elseif (!isset($_REQUEST['text']) ) { } elseif (! isset($_REQUEST['text'])) {
$DataJson = array ( $DataJson = array(
'status' => 'failed', 'status' => 'failed',
'error' => 'Missing parameter "text".' ); 'error' => 'Missing parameter "text".'
);
} else { } else {
if( mMessage_Send( $_REQUEST['uid'], $_REQUEST['text']) === true) { if (Message_send($_REQUEST['uid'], $_REQUEST['text']) === true) {
$DataJson = array( 'status' => 'success'); $DataJson = array(
'status' => 'success'
);
} else { } else {
$DataJson = array( $DataJson = array(
'status' => 'failed', 'status' => 'failed',
'error' => 'Transmitting was terminated with an Error.'); 'error' => 'Transmitting was terminated with an Error.'
);
} }
} }
} }

View File

@ -13,7 +13,7 @@ function user_angeltypes_delete_all_controller() {
redirect(page_link_to('angeltypes')); redirect(page_link_to('angeltypes'));
} }
$angeltype = mAngelType($_REQUEST['angeltype_id']); $angeltype = AngelType($_REQUEST['angeltype_id']);
if ($angeltype === false) if ($angeltype === false)
engelsystem_error("Unable to load angeltype."); engelsystem_error("Unable to load angeltype.");
if ($angeltype == null) { if ($angeltype == null) {
@ -50,7 +50,7 @@ function user_angeltypes_confirm_all_controller() {
redirect(page_link_to('angeltypes')); redirect(page_link_to('angeltypes'));
} }
$angeltype = mAngelType($_REQUEST['angeltype_id']); $angeltype = AngelType($_REQUEST['angeltype_id']);
if ($angeltype === false) if ($angeltype === false)
engelsystem_error("Unable to load angeltype."); engelsystem_error("Unable to load angeltype.");
if ($angeltype == null) { if ($angeltype == null) {
@ -95,7 +95,7 @@ function user_angeltype_confirm_controller() {
redirect(page_link_to('angeltypes')); redirect(page_link_to('angeltypes'));
} }
$angeltype = mAngelType($user_angeltype['angeltype_id']); $angeltype = AngelType($user_angeltype['angeltype_id']);
if ($angeltype === false) if ($angeltype === false)
engelsystem_error("Unable to load angeltype."); engelsystem_error("Unable to load angeltype.");
if ($angeltype == null) { if ($angeltype == null) {
@ -143,7 +143,7 @@ function user_angeltype_delete_controller() {
redirect(page_link_to('angeltypes')); redirect(page_link_to('angeltypes'));
} }
$angeltype = mAngelType($user_angeltype['angeltype_id']); $angeltype = AngelType($user_angeltype['angeltype_id']);
if ($angeltype === false) if ($angeltype === false)
engelsystem_error("Unable to load angeltype."); engelsystem_error("Unable to load angeltype.");
if ($angeltype == null) { if ($angeltype == null) {
@ -194,7 +194,7 @@ function user_angeltype_add_controller() {
redirect(page_link_to('angeltypes')); redirect(page_link_to('angeltypes'));
} }
$angeltype = mAngelType($_REQUEST['angeltype_id']); $angeltype = AngelType($_REQUEST['angeltype_id']);
if ($angeltype === false) if ($angeltype === false)
engelsystem_error("Unable to load angeltype."); engelsystem_error("Unable to load angeltype.");
if ($angeltype == null) { if ($angeltype == null) {

View File

@ -80,7 +80,7 @@ function AngelTypes_with_user($user) {
/** /**
* Returns AngelType id array * Returns AngelType id array
*/ */
function mAngelTypeList() { function AngelType_ids() {
$angelType_source = sql_select("SELECT `id` FROM `AngelTypes`"); $angelType_source = sql_select("SELECT `id` FROM `AngelTypes`");
if ($angelType_source === false) if ($angelType_source === false)
return false; return false;
@ -95,7 +95,7 @@ function mAngelTypeList() {
* @param $id angelType * @param $id angelType
* ID * ID
*/ */
function mAngelType($id) { function AngelType($id) {
$angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); $angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
if ($angelType_source === false) if ($angelType_source === false)
return false; return false;

View File

@ -3,49 +3,47 @@
/** /**
* Returns Message id array * Returns Message id array
*/ */
function mMessageList() { function Message_ids() {
$message_source = sql_select("SELECT `id` FROM `Messages`"); return sql_select("SELECT `id` FROM `Messages`");
if ($message_source === false)
return false;
if (count($message_source) > 0)
return $message_source;
return null;
} }
/** /**
* Returns message by id. * Returns message by id.
* *
* @param $id message ID * @param $id message
* ID
*/ */
function mMessage($id) { function Message($id) {
$message_source = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
if ($message_source === false) if ($message_source === false)
return false; return false;
if (count($message_source) > 0) if (count($message_source) > 0)
return $message_source[0]; return $message_source[0];
return null; return null;
} }
/** /**
* TODO: use validation functions, return new message id
* TODO: global $user con not be used in model!
* send message * send message
* *
* @param $id User ID of Reciever * @param $id User
* @param $text Text of Message * ID of Reciever
* @param $text Text
* of Message
*/ */
function mMessage_Send($id, $text) { function Message_send($id, $text) {
global $user; global $user;
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text)); $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
$to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags( $id)); $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($id));
if (($text != "" && is_numeric($to)) && if (($text != "" && is_numeric($to)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0)) {
(sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) ) {
sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'"); sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
return true; return true;
} else { } else {
return false; return false;
} }
} }
?> ?>

View File

@ -3,7 +3,7 @@
/** /**
* Returns room id array * Returns room id array
*/ */
function mRoomList() { function Room_ids() {
$room_source = sql_select("SELECT `RID` FROM `Room` WHERE `show` = 'Y'"); $room_source = sql_select("SELECT `RID` FROM `Room` WHERE `show` = 'Y'");
if ($room_source === false) if ($room_source === false)
return false; return false;
@ -12,13 +12,12 @@ function mRoomList() {
return null; return null;
} }
/** /**
* Returns room by id. * Returns room by id.
* *
* @param $id RID * @param $id RID
*/ */
function mRoom($id) { function Room($id) {
$room_source = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($id) . " AND `show` = 'Y' LIMIT 1"); $room_source = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($id) . " AND `show` = 'Y' LIMIT 1");
if ($room_source === false) if ($room_source === false)
return false; return false;
@ -27,5 +26,4 @@ function mRoom($id) {
return null; return null;
} }
?> ?>

View File

@ -1,9 +1,10 @@
<?php <?php
/** /**
* TODO: $_REQUEST is not allowed in model!
* Returns Shift id array * Returns Shift id array
*/ */
function mShiftList() { function Shifts_filtered() {
global $_REQUEST; global $_REQUEST;
$filter = ""; $filter = "";
@ -49,7 +50,7 @@ function mShiftList() {
* *
* @param $id Shift ID * @param $id Shift ID
*/ */
function mShift($id) { function Shift($id) {
$shifts_source = sql_select("SELECT * FROM `Shifts` WHERE `SID`=" . sql_escape($id) . " LIMIT 1"); $shifts_source = sql_select("SELECT * FROM `Shifts` WHERE `SID`=" . sql_escape($id) . " LIMIT 1");
$shiftsEntry_source = sql_select("SELECT `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`=" . sql_escape($id) ); $shiftsEntry_source = sql_select("SELECT `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`=" . sql_escape($id) );

View File

@ -16,13 +16,8 @@ function Users_by_angeltype($angeltype) {
/** /**
* Returns User id array * Returns User id array
*/ */
function mUserList() { function User_ids() {
$user_source = sql_select("SELECT `UID` FROM `User`"); return sql_select("SELECT `UID` FROM `User`");
if ($user_source === false)
return false;
if (count($user_source) > 0)
return $user_source;
return null;
} }
/** /**
@ -49,6 +44,7 @@ function User($id) {
} }
/** /**
* TODO: Merge into normal user function
* Returns user by id (limit informations. * Returns user by id (limit informations.
* *
* @param $id UID * @param $id UID

View File

@ -98,7 +98,7 @@ function user_messages() {
break; break;
case "send": case "send":
if( mMessage_Send( $_REQUEST['to'], $_REQUEST['text']) === true) { if (Message_send($_REQUEST['to'], $_REQUEST['text']) === true) {
redirect(page_link_to("user_messages")); redirect(page_link_to("user_messages"));
} else { } else {
return error(_("Transmitting was terminated with an Error."), true); return error(_("Transmitting was terminated with an Error."), true);