mirror of
https://repo.palemoon.org/Moonchild/FSyncMS.git
synced 2024-11-15 06:12:54 +00:00
153 lines
5.5 KiB
PHP
153 lines
5.5 KiB
PHP
|
<?php
|
||
|
|
|
||
|
|
require_once 'weave_utils.php';
|
||
|
|
if(!$include) //file should only be used in context of index.php
|
||
|
|
{
|
||
|
|
log_error("include error");
|
||
|
|
report_problem('Function not found', 404);
|
||
|
|
}
|
||
|
|
require_once "settings.php";
|
||
|
|
#Basic path extraction and validation. No point in going on if these are missing
|
||
|
|
$path = '/';
|
||
|
|
if (!empty($_SERVER['PATH_INFO']))
|
||
|
|
$path = $_SERVER['PATH_INFO'];
|
||
|
|
else if (!empty($_SERVER['ORIG_PATH_INFO']))
|
||
|
|
$path = $_SERVER['ORIG_PATH_INFO'];
|
||
|
|
else
|
||
|
|
{
|
||
|
|
log_error("user.php: No path found");
|
||
|
|
report_problem("No path found", 404);
|
||
|
|
}
|
||
|
|
$path = substr($path, 1); #chop the lead slash
|
||
|
|
list($preinstr,$version, $username, $function, $collection, $id) = explode('/', $path.'///');
|
||
|
|
log_error("Pfad:".$path);
|
||
|
|
if( $preinstr != 'user' && $preinstr!='misc')
|
||
|
|
report_problem('Function not found', 404);
|
||
|
|
|
||
|
|
if ($version != '1.0')
|
||
|
|
report_problem('Function not found', 404);
|
||
|
|
|
||
|
|
//if captcha
|
||
|
|
if(($preinstr =='misc') && ($_SERVER['REQUEST_METHOD'] == 'GET') && ($username =='captcha_html'))
|
||
|
|
{
|
||
|
|
if(ENABLE_REGISTER)
|
||
|
|
exit("And click to the next page");
|
||
|
|
else
|
||
|
|
exit("Register to this Server is not permitted, sorry");
|
||
|
|
}
|
||
|
|
|
||
|
|
//probably no need but...
|
||
|
|
header("Content-type: application/json");
|
||
|
|
//if ($function != "info" && $function != "storage")
|
||
|
|
// report_problem(WEAVE_ERROR_FUNCTION_NOT_SUPPORTED, 400);
|
||
|
|
if (!validate_username($username))
|
||
|
|
{
|
||
|
|
log_error( "invalid user");
|
||
|
|
report_problem(WEAVE_ERROR_INVALID_USERNAME, 400);
|
||
|
|
}
|
||
|
|
#user passes preliminaries, connections made, onto actually getting the data
|
||
|
|
try
|
||
|
|
{
|
||
|
|
if ($_SERVER['REQUEST_METHOD'] == 'GET')
|
||
|
|
{
|
||
|
|
$db = new WeaveStorage($username);
|
||
|
|
log_error("user.php: GET");
|
||
|
|
if($function == 'node' && $collection == 'weave') //client fragt node an
|
||
|
|
{
|
||
|
|
//to be compatible with users how use /index.php/ in their path
|
||
|
|
/*$index ="https://";
|
||
|
|
if (!isset($_SERVER['HTTPS']))
|
||
|
|
$index = "http://";
|
||
|
|
$index .= $_SERVER['SERVER_NAME']. dirname($_SERVER['SCRIPT_NAME']) . "/";
|
||
|
|
if(strpos($_SERVER['REQUEST_URI'],'index.php') !== 0)
|
||
|
|
$index .= "index.php/";
|
||
|
|
//antwort (self)i*/
|
||
|
|
exit(FSYNCMS_ROOT);
|
||
|
|
|
||
|
|
}
|
||
|
|
else if($function == 'password_reset')
|
||
|
|
{
|
||
|
|
//email mit neuem pw senden
|
||
|
|
}
|
||
|
|
//node/weave
|
||
|
|
else if($function == '' && $collection == '' && $id =='') //frage nach freiem usernamen
|
||
|
|
//User exists
|
||
|
|
{
|
||
|
|
//$db = new WeaveStorage($username);
|
||
|
|
if(exists_user($db))
|
||
|
|
exit(json_encode(1));
|
||
|
|
else
|
||
|
|
exit(json_encode(0));
|
||
|
|
}
|
||
|
|
else
|
||
|
|
report_problem(WEAVE_ERROR_INVALID_PROTOCOL, 400);
|
||
|
|
}
|
||
|
|
else if($_SERVER['REQUEST_METHOD'] == 'PUT')
|
||
|
|
{
|
||
|
|
|
||
|
|
if(ENABLE_REGISTER)
|
||
|
|
{
|
||
|
|
$db = new WeaveStorage(null);
|
||
|
|
//Requests that an account be created for username.
|
||
|
|
/*
|
||
|
|
The JSON payload should include
|
||
|
|
Field Description
|
||
|
|
password The password to be associated with the account.
|
||
|
|
email Email address associated with the account
|
||
|
|
captcha-challenge The challenge string from the captcha (see miscellaneous functions below)
|
||
|
|
captcha-response The response to the captcha. Only required if WEAVE_REGISTER_USE_CAPTCHA is set
|
||
|
|
*/
|
||
|
|
log_error("PUT");
|
||
|
|
$data = get_json();
|
||
|
|
log_error(print_r($data,true));
|
||
|
|
//werte vorhanden
|
||
|
|
if($data == NULL)
|
||
|
|
report_problem(WEAVE_ERROR_INVALID_PROTOCOL, 400);
|
||
|
|
$name = $username;
|
||
|
|
$pwd = fix_utf8_encoding($data['password']);
|
||
|
|
$email = $data['email'];
|
||
|
|
if($name == '' || $pwd == '' || $email == '')
|
||
|
|
{
|
||
|
|
log_error('create user datenfehler');
|
||
|
|
report_problem(WEAVE_ERROR_INVALID_PROTOCOL, 400);
|
||
|
|
}
|
||
|
|
log_error("create user ".$name." pw : ".$pwd);
|
||
|
|
try{
|
||
|
|
if ($db->create_user($name, $pwd))
|
||
|
|
{
|
||
|
|
log_error("successfully created user");
|
||
|
|
exit(json_encode(strtolower($name)));
|
||
|
|
}
|
||
|
|
else
|
||
|
|
{
|
||
|
|
log_error("create user failed");
|
||
|
|
report_problem('Authentication failed', '401');
|
||
|
|
}
|
||
|
|
}
|
||
|
|
catch(Exception $e)
|
||
|
|
{
|
||
|
|
log_error("db exception create user");
|
||
|
|
header("X-Weave-Backoff: 1800");
|
||
|
|
report_problem($e->getMessage(), $e->getCode());
|
||
|
|
}
|
||
|
|
|
||
|
|
}
|
||
|
|
else
|
||
|
|
{
|
||
|
|
log_error("register not enabled");
|
||
|
|
report_problem(WEAVE_ERROR_FUNCTION_NOT_SUPPORTED,400);
|
||
|
|
}
|
||
|
|
} // ende put
|
||
|
|
}
|
||
|
|
catch(Exception $e)
|
||
|
|
{
|
||
|
|
report_problem($e->getMessage(), $e->getCode());
|
||
|
|
}
|
||
|
|
#The datasets we might be dealing with here are too large for sticking it all into an array, so
|
||
|
|
#we need to define a direct-output method for the storage class to use. If we start producing multiples
|
||
|
|
#(unlikely), we can put them in their own class.
|
||
|
|
|
||
|
|
#include_once "WBOJsonOutput.php";
|
||
|
|
|
||
|
|
?>
|