diff options
author | Kelly Rauchenberger <fefferburbia@gmail.com> | 2008-08-01 17:29:12 +0000 |
---|---|---|
committer | Kelly Rauchenberger <fefferburbia@gmail.com> | 2008-08-01 17:29:12 +0000 |
commit | ff10ea272a1b63d6c5a5ce496911cc0e8e7e8b9d (patch) | |
tree | 4417c6102184220821d89577cfa7df290ed5d835 /central/trunk/xmlrpc.php | |
parent | 498b6e83b649954eed35ea4197479931b7d2f1e8 (diff) | |
download | instadisc-ff10ea272a1b63d6c5a5ce496911cc0e8e7e8b9d.tar.gz instadisc-ff10ea272a1b63d6c5a5ce496911cc0e8e7e8b9d.tar.bz2 instadisc-ff10ea272a1b63d6c5a5ce496911cc0e8e7e8b9d.zip |
Central: Centrallized verification checks
Molded the verification checking into one library functions so the each and every XML-RPC function wouldn't have to implement. Also added the InstaDisc.sendUpdateNotice and InstaDisc.askForDatabase functions.
Diffstat (limited to 'central/trunk/xmlrpc.php')
-rw-r--r-- | central/trunk/xmlrpc.php | 245 |
1 files changed, 120 insertions, 125 deletions
diff --git a/central/trunk/xmlrpc.php b/central/trunk/xmlrpc.php index 1a3c1c3..9e5971a 100644 --- a/central/trunk/xmlrpc.php +++ b/central/trunk/xmlrpc.php | |||
@@ -9,16 +9,9 @@ include('instadisc.php'); | |||
9 | 9 | ||
10 | function checkRegistration($username, $verification, $verificationID) | 10 | function checkRegistration($username, $verification, $verificationID) |
11 | { | 11 | { |
12 | $getuser = "SELECT * FROM users WHERE username = \"" . $username "\""; | 12 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
13 | $getuser2 = mysql_query($getuser): | ||
14 | $getuser3 = mysql_fetch_array($getuser2); | ||
15 | if ($getuser3['username'] == $username) | ||
16 | { | 13 | { |
17 | $test = $username . ":" . $getuser3['password'] . ":" .$verificationID; | 14 | return new xmlrpcresp(new xmlrpcval(0, "int")); |
18 | if (md5($test) == $verification) | ||
19 | { | ||
20 | return new xmlrpcresp(new xmlrpcval(0, "int")); | ||
21 | } | ||
22 | } | 15 | } |
23 | 16 | ||
24 | return new xmlrpcresp(new xmlrpcval(1, "int")); | 17 | return new xmlrpcresp(new xmlrpcval(1, "int")); |
@@ -26,24 +19,17 @@ function checkRegistration($username, $verification, $verificationID) | |||
26 | 19 | ||
27 | function deleteItem($username, $verification, $verificationID, $id) | 20 | function deleteItem($username, $verification, $verificationID, $id) |
28 | { | 21 | { |
29 | $getuser = "SELECT * FROM users WHERE username = \"" . $username "\""; | 22 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
30 | $getuser2 = mysql_query($getuser): | ||
31 | $getuser3 = mysql_fetch_array($getuser2); | ||
32 | if ($getuser3['username'] == $username) | ||
33 | { | 23 | { |
34 | $test = $username . ":" . $getuser3['password'] . ":" .$verificationID; | 24 | $getitem = "SELECT * FROM inbox WHERE id = " . $id; |
35 | if (md5($test) == $verification) | 25 | $getitem2 = mysql_query($getitem); |
26 | $getitem3 = mysql_fetch_array($getitem2); | ||
27 | if ($getitem3['id'] == $id) | ||
36 | { | 28 | { |
37 | $getitem = "SELECT * FROM inbox WHERE id = " . $id; | 29 | $delitem = "DELETE inbox WHERE id = " . $id; |
38 | $getitem2 = mysql_query($getitem); | 30 | $delitem2 = mysql_query($delitem); |
39 | $getitem3 = mysql_fetch_array($getitem2); | ||
40 | if ($getitem3['id'] == $id) | ||
41 | { | ||
42 | $delitem = "DELETE inbox WHERE id = " . $id; | ||
43 | $delitem2 = mysql_query($delitem); | ||
44 | 31 | ||
45 | return new xmlrpcresp(new xmlrpcval(0, "int")); | 32 | return new xmlrpcresp(new xmlrpcval(0, "int")); |
46 | } | ||
47 | } | 33 | } |
48 | } | 34 | } |
49 | 35 | ||
@@ -52,23 +38,16 @@ function deleteItem($username, $verification, $verificationID, $id) | |||
52 | 38 | ||
53 | function resendItem($username, $verification, $verificationID, $id) | 39 | function resendItem($username, $verification, $verificationID, $id) |
54 | { | 40 | { |
55 | $getuser = "SELECT * FROM users WHERE username = \"" . $username "\""; | 41 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
56 | $getuser2 = mysql_query($getuser): | ||
57 | $getuser3 = mysql_fetch_array($getuser2); | ||
58 | if ($getuser3['username'] == $username) | ||
59 | { | 42 | { |
60 | $test = $username . ":" . $getuser3['password'] . ":" .$verificationID; | 43 | $getitem = "SELECT * FROM inbox WHERE id = " . $id; |
61 | if (md5($test) == $verification) | 44 | $getitem2 = mysql_query($getitem); |
45 | $getitem3 = mysql_fetch_array($getitem2); | ||
46 | if ($getitem3['id'] == $id) | ||
62 | { | 47 | { |
63 | $getitem = "SELECT * FROM inbox WHERE id = " . $id; | 48 | instaDisc_sendItem($id); |
64 | $getitem2 = mysql_query($getitem); | ||
65 | $getitem3 = mysql_fetch_array($getitem2); | ||
66 | if ($getitem3['id'] == $id) | ||
67 | { | ||
68 | instaDisc_sendItem($id); | ||
69 | 49 | ||
70 | return new xmlrpcresp(new xmlrpcval(0, "int")); | 50 | return new xmlrpcresp(new xmlrpcval(0, "int")); |
71 | } | ||
72 | } | 51 | } |
73 | } | 52 | } |
74 | 53 | ||
@@ -77,48 +56,41 @@ function resendItem($username, $verification, $verificationID, $id) | |||
77 | 56 | ||
78 | function sendFromUpdate($username, $verification, $verificationID, $subscription, $title, $author, $url, $semantics) | 57 | function sendFromUpdate($username, $verification, $verificationID, $subscription, $title, $author, $url, $semantics) |
79 | { | 58 | { |
80 | $getuser = "SELECT * FROM users WHERE username = \"" . $username . "\""; | 59 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
81 | $getuser2 = mysql_query($getuser); | ||
82 | $getuser3 = mysql_fetch_array($getuser2); | ||
83 | if ($getuser3['username'] == $username) | ||
84 | { | 60 | { |
85 | $test = $username . ':' . $getuser3['password'] . ':' . $verificationID; | 61 | $getusubs = "SELECT * FROM subscriptions WHERE username = \"" . $username . "\" AND uri = \"" . $subscription . "\" AND owner = \"true\""; |
86 | if (md5($test) == $verification) | 62 | $getusubs2 = mysql_query($getusubs); |
63 | $getusubs3 = mysql_fetch_array($getusubs2); | ||
64 | if ($getusubs['username'] == $username) | ||
87 | { | 65 | { |
88 | $getusubs = "SELECT * FROM subscriptions WHERE username = \"" . $username . "\" AND uri = \"" . $subscription . "\" AND owner = \"true\""; | 66 | $cserver = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; |
89 | $getusubs2 = mysql_query($getusubs); | 67 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver . "\""; |
90 | $getusubs3 = mysql_fetch_array($getusubs2); | 68 | $getuk2 = mysql_query($getuk); |
91 | if ($getusubs['username'] == $username) | 69 | $getuk3 = mysql_fetch_array($getuk2); |
70 | |||
71 | $getcs = "SELECT * FROM centralServers"; | ||
72 | $getcs2 = mysql_query($getcs); | ||
73 | $i=0; | ||
74 | while ($getcs3[$i] = mysql_fetch_array($getcs2)) | ||
92 | { | 75 | { |
93 | $cserver = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; | 76 | $verID = rand(1,65536); |
94 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver . "\""; | 77 | |
95 | $getuk2 = mysql_query($getuk); | 78 | $client = new xmlrpc_client($getcs3[$i]['url']); |
96 | $getuk3 = mysql_fetch_array($getuk2); | 79 | $msg = new xmlrpcmsg("InstaDisc.sendFromCentral", array( new xmlrpcval($cserver, 'string'), |
97 | 80 | new xmlrpcval(md5($cserver + ":" + $getuk3['key'] + ":" + $verID), 'string'), | |
98 | $getcs = "SELECT * FROM centralServers"; | 81 | new xmlrpcval($verID, 'int'), |
99 | $getcs2 = mysql_query($getcs); | 82 | new xmlrpcval($subscription, 'string'), |
100 | $i=0; | 83 | new xmlrpcval($title, 'string'), |
101 | while ($getcs3[$i] = mysql_fetch_array($getcs2)) | 84 | new xmlrpcval($author, 'string'), |
102 | { | 85 | new xmlrpcval($url, 'string'), |
103 | $verID = rand(1,65536); | 86 | new xmlrpcval($semantics, 'array'), |
104 | 87 | new xmlrpcval(getConfig('softwareVersion'), 'int'), | |
105 | $client = new xmlrpc_client($getcs3[$i]['url']); | 88 | new xmlrpcval(getConfig('databaseVersion'), 'int'))); |
106 | $msg = new xmlrpcmsg("InstaDisc.sendFromCentral", array( new xmlrpcval($cserver, 'string'), | 89 | $client->send($msg); |
107 | new xmlrpcval(md5($cserver + ":" + $getuk3['key'] + ":" + $verID), 'string'), | 90 | $i++; |
108 | new xmlrpcval($verID, 'int'), | ||
109 | new xmlrpcval($subscription, 'string'), | ||
110 | new xmlrpcval($title, 'string'), | ||
111 | new xmlrpcval($author, 'string'), | ||
112 | new xmlrpcval($url, 'string'), | ||
113 | new xmlrpcval($semantics, 'array'), | ||
114 | new xmlrpcval(getConfig('softwareVersion'), 'int'), | ||
115 | new xmlrpcval(getConfig('databaseVersion'), 'int'))); | ||
116 | $client->send($msg); | ||
117 | $i++; | ||
118 | } | ||
119 | |||
120 | return new xmlrpcresp(new xmlrpcval(0, "int")); | ||
121 | } | 91 | } |
92 | |||
93 | return new xmlrpcresp(new xmlrpcval(0, "int")); | ||
122 | } | 94 | } |
123 | } | 95 | } |
124 | 96 | ||
@@ -127,62 +99,70 @@ function sendFromUpdate($username, $verification, $verificationID, $subscription | |||
127 | 99 | ||
128 | function sendFromCentral($cserver, $verification, $verificationID, $subscription, $title, $author, $url, $semantics, $softwareVersion, $databaseVersion) | 100 | function sendFromCentral($cserver, $verification, $verificationID, $subscription, $title, $author, $url, $semantics, $softwareVersion, $databaseVersion) |
129 | { | 101 | { |
130 | $getcs = "SELECT * FROM centralServers WHERE url = \"" . $cserver . "\""; | 102 | if (instaDisc_checkVerification($cserver, $verification, $verificationID, 'centralServers', 'url', 'key')) |
131 | $getcs2 = mysql_query($getcs); | ||
132 | $getcs3 = mysql_fetch_array($getcs2); | ||
133 | if ($getcs3['url'] == $cserver) | ||
134 | { | 103 | { |
135 | $test = $cserver . ':' . $getcs3['key'] . ':' . $verificationID; | 104 | if ($softwareVersion > getConfig('softwareVersion')) |
136 | if (md5($test) == $verification) | ||
137 | { | 105 | { |
138 | if ($softwareVersion > getConfig('softwareVersion')) | 106 | instaDisc_sendUpdateNotice(); |
139 | { | 107 | } else if ($softwareVersion < getConfig('softwareVersion')) |
140 | instaDisc_sendUpdateNotice(); | 108 | { |
141 | } else if ($softwareVersion < getConfig('softwareVersion')) | 109 | $cserver2 = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; |
142 | { | 110 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver2 . "\""; |
143 | $cserver2 = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; | 111 | $getuk2 = mysql_query($getuk); |
144 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver2 . "\""; | 112 | $getuk3 = mysql_fetch_array($getuk2); |
145 | $getuk2 = mysql_query($getuk); | ||
146 | $getuk3 = mysql_fetch_array($getuk2); | ||
147 | 113 | ||
148 | $verID = rand(1,65536); | 114 | $verID = rand(1,65536); |
149 | 115 | ||
150 | $client = new xmlrpc_client($cserver); | 116 | $client = new xmlrpc_client($cserver); |
151 | $msg = new xmlrpcmsg("InstaDisc.sendUpdateNotice", array( new xmlrpcval($cserver2, 'string'), | 117 | $msg = new xmlrpcmsg("InstaDisc.sendUpdateNotice", array( new xmlrpcval($cserver2, 'string'), |
152 | new xmlrpcval(md5($cserver2 . ':' . $getuk3['key'] . ':' . $verID), 'string'), | 118 | new xmlrpcval(md5($cserver2 . ':' . $getuk3['key'] . ':' . $verID), 'string'), |
153 | new xmlrpcval($verID, 'int'), | 119 | new xmlrpcval($verID, 'int'), |
154 | new xmlrpcval(getConfig('softwareVersion'), 'int'))); | 120 | new xmlrpcval(getConfig('softwareVersion'), 'int'))); |
155 | $client->send($msg); | 121 | $client->send($msg); |
156 | } | 122 | } |
157 | 123 | ||
158 | if ($databaseVersion > getConfig('databaseVersion')) | 124 | if ($databaseVersion > getConfig('databaseVersion')) |
159 | { | 125 | { |
160 | $cserver2 = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; | 126 | $cserver2 = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; |
161 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver2 . "\""; | 127 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver2 . "\""; |
162 | $getuk2 = mysql_query($getuk); | 128 | $getuk2 = mysql_query($getuk); |
163 | $getuk3 = mysql_fetch_array($getuk2); | 129 | $getuk3 = mysql_fetch_array($getuk2); |
130 | |||
131 | $verID = rand(1,65536); | ||
132 | |||
133 | $client = new xmlrpc_client($cserver); | ||
134 | $msg = new xmlrpcmsg("InstaDisc.askForDatabase", array( new xmlrpcval($cserver2, 'string'), | ||
135 | new xmlrpcval(md5($cserver2 . ':' . $getuk3['key'] . ':' . $verID), 'string'), | ||
136 | new xmlrpcval($verID, 'int'), | ||
137 | new xmlrpcval(getConfig('databaseVersion'), 'int'))); | ||
138 | $client->send($msg); | ||
139 | } else if ($databaseVersion < getConfig('databaseVersion')) | ||
140 | { | ||
141 | instaDisc_sendDatabase($cserver); | ||
142 | } | ||
164 | 143 | ||
165 | $verID = rand(1,65536); | 144 | $getsed = "SELECT * FROM subscriptions WHERE uri = \"" . $subscription . "\""; |
145 | $getsed2 = mysql_query($getsed); | ||
146 | $i=0; | ||
147 | while ($getsed3[$i] = mysql_fetch_array($getsed2)) | ||
148 | { | ||
149 | instaDisc_addItem($getsed3['username'], $subscription, $title, $author, $url, $semantics); | ||
150 | $i++; | ||
151 | } | ||
166 | 152 | ||
167 | $client = new xmlrpc_client($cserver); | 153 | return new xmlrpcresp(new xmlrpcval(0, "int")); |
168 | $msg = new xmlrpcmsg("InstaDisc.askForDatabase", array( new xmlrpcval($cserver2, 'string'), | 154 | } |
169 | new xmlrpcval(md5($cserver2 . ':' . $getuk3['key'] . ':' . $verID), 'string'), | ||
170 | new xmlrpcval($verID, 'int'), | ||
171 | new xmlrpcval(getConfig('databaseVersion'), 'int'))); | ||
172 | $client->send($msg); | ||
173 | } else if ($databaseVersion < getConfig('databaseVersion')) | ||
174 | { | ||
175 | instaDisc_sendDatabase($cserver); | ||
176 | } | ||
177 | 155 | ||
178 | $getsed = "SELECT * FROM subscriptions WHERE uri = \"" . $subscription . "\""; | 156 | return new xmlrpcresp(new xmlrpcval(1, "int")); |
179 | $getsed2 = mysql_query($getsed); | 157 | } |
180 | $i=0; | 158 | |
181 | while ($getsed3[$i] = mysql_fetch_array($getsed2)) | 159 | function sendUpdateNotice($cserver, $verification, $verificationID, $softwareVersion) |
182 | { | 160 | { |
183 | instaDisc_addItem($getsed3['username'], $subscription, $title, $author, $url, $semantics); | 161 | if (instaDisc_checkVerification($cserver, $verification, $verificationID, 'centralServers', 'url', 'key')) |
184 | $i++; | 162 | { |
185 | } | 163 | if ($softwareVersion > getConfig('softwareVersion')) |
164 | { | ||
165 | instaDisc_sendUpdateNotice(); | ||
186 | 166 | ||
187 | return new xmlrpcresp(new xmlrpcval(0, "int")); | 167 | return new xmlrpcresp(new xmlrpcval(0, "int")); |
188 | } | 168 | } |
@@ -191,12 +171,27 @@ function sendFromCentral($cserver, $verification, $verificationID, $subscription | |||
191 | return new xmlrpcresp(new xmlrpcval(1, "int")); | 171 | return new xmlrpcresp(new xmlrpcval(1, "int")); |
192 | } | 172 | } |
193 | 173 | ||
174 | function askForDatabase($cserver, $verification, $verificationID, $databaseVersion) | ||
175 | { | ||
176 | if (instaDisc_checkVerification($cserver, $verification, $verificationID, 'centralServers', 'url', 'key')) | ||
177 | { | ||
178 | if ($databaseVersion < getConfig('databaseVersion')) | ||
179 | { | ||
180 | instaDisc_sendDatabase($cserver); | ||
181 | } | ||
182 | } | ||
183 | |||
184 | return new xmlrpcresp(new xmlrpcval(1, "int")); | ||
185 | } | ||
186 | |||
194 | $s = new xmlrpc_server( array( "InstaDisc.checkRegistration" => array("function" => "checkRegistration"), | 187 | $s = new xmlrpc_server( array( "InstaDisc.checkRegistration" => array("function" => "checkRegistration"), |
195 | "InstaDisc.deleteItem" => array("function" => "deleteItem"), | 188 | "InstaDisc.deleteItem" => array("function" => "deleteItem"), |
196 | "InstaDisc.resendItem" => array("function" => "resendItem"), | 189 | "InstaDisc.resendItem" => array("function" => "resendItem"), |
197 | "InstaDisc.requestRetained" => array("function" => "requestRetained"), | 190 | "InstaDisc.requestRetained" => array("function" => "requestRetained"), |
198 | "InstaDisc.sendFromUpdate" => array("function" => "sendFromUpdate"), | 191 | "InstaDisc.sendFromUpdate" => array("function" => "sendFromUpdate"), |
199 | "InstaDisc.sendFromCentral" => array("function" => "sendFromCentral") | 192 | "InstaDisc.sendFromCentral" => array("function" => "sendFromCentral"), |
193 | "InstaDisc.sendUpdateNotice" => array("function" => "sendUpdateNotice"), | ||
194 | "InstaDisc.askForDatabase" => array("function" => "askForDatabase") | ||
200 | ),0); | 195 | ),0); |
201 | $s->functions_parameters_type = 'phpvals'; | 196 | $s->functions_parameters_type = 'phpvals'; |
202 | $s->service(); | 197 | $s->service(); |