From ff10ea272a1b63d6c5a5ce496911cc0e8e7e8b9d Mon Sep 17 00:00:00 2001
From: Kelly Rauchenberger <fefferburbia@gmail.com>
Date: Fri, 1 Aug 2008 17:29:12 +0000
Subject: Central: Centrallized verification checks
Molded the verification checking into one library functions so the each and every XML-RPC function wouldn't have to implement. Also added the InstaDisc.sendUpdateNotice
and InstaDisc.askForDatabase functions.
---
central/trunk/instadisc.php | 22 ++++
central/trunk/xmlrpc.php | 245 ++++++++++++++++++++++----------------------
2 files changed, 142 insertions(+), 125 deletions(-)
create mode 100644 central/trunk/instadisc.php
(limited to 'central/trunk')
diff --git a/central/trunk/instadisc.php b/central/trunk/instadisc.php
new file mode 100644
index 0000000..f8f33e5
--- /dev/null
+++ b/central/trunk/instadisc.php
@@ -0,0 +1,22 @@
+<?php
+
+/* InstaDisc Server - A Four Island Project */
+
+include_once('db.php');
+
+function instaDisc_checkVerification($username, $verification, $verificationID, $table, $nameField, $passField)
+{
+ $getitem = "SELECT * FROM " . $table . " WHERE " . $nameField . " = \"" . $username . "\"";
+ $getitem2 = mysql_query($getitem);
+ $getitem3 = mysql_fetch_array($getitem2);
+ if ($getitem3[$nameField] == $username)
+ {
+ $test = $username . ':' . $getitem3[$passField] . ':' . $verificationID;
+
+ return (md5($test) == $verification);
+ }
+
+ return false;
+}
+
+?>
diff --git a/central/trunk/xmlrpc.php b/central/trunk/xmlrpc.php
index 1a3c1c3..9e5971a 100644
--- a/central/trunk/xmlrpc.php
+++ b/central/trunk/xmlrpc.php
@@ -9,16 +9,9 @@ include('instadisc.php');
function checkRegistration($username, $verification, $verificationID)
{
- $getuser = "SELECT * FROM users WHERE username = \"" . $username "\"";
- $getuser2 = mysql_query($getuser):
- $getuser3 = mysql_fetch_array($getuser2);
- if ($getuser3['username'] == $username)
+ if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password'))
{
- $test = $username . ":" . $getuser3['password'] . ":" .$verificationID;
- if (md5($test) == $verification)
- {
- return new xmlrpcresp(new xmlrpcval(0, "int"));
- }
+ return new xmlrpcresp(new xmlrpcval(0, "int"));
}
return new xmlrpcresp(new xmlrpcval(1, "int"));
@@ -26,24 +19,17 @@ function checkRegistration($username, $verification, $verificationID)
function deleteItem($username, $verification, $verificationID, $id)
{
- $getuser = "SELECT * FROM users WHERE username = \"" . $username "\"";
- $getuser2 = mysql_query($getuser):
- $getuser3 = mysql_fetch_array($getuser2);
- if ($getuser3['username'] == $username)
+ if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password'))
{
- $test = $username . ":" . $getuser3['password'] . ":" .$verificationID;
- if (md5($test) == $verification)
+ $getitem = "SELECT * FROM inbox WHERE id = " . $id;
+ $getitem2 = mysql_query($getitem);
+ $getitem3 = mysql_fetch_array($getitem2);
+ if ($getitem3['id'] == $id)
{
- $getitem = "SELECT * FROM inbox WHERE id = " . $id;
- $getitem2 = mysql_query($getitem);
- $getitem3 = mysql_fetch_array($getitem2);
- if ($getitem3['id'] == $id)
- {
- $delitem = "DELETE inbox WHERE id = " . $id;
- $delitem2 = mysql_query($delitem);
+ $delitem = "DELETE inbox WHERE id = " . $id;
+ $delitem2 = mysql_query($delitem);
- return new xmlrpcresp(new xmlrpcval(0, "int"));
- }
+ return new xmlrpcresp(new xmlrpcval(0, "int"));
}
}
@@ -52,23 +38,16 @@ function deleteItem($username, $verification, $verificationID, $id)
function resendItem($username, $verification, $verificationID, $id)
{
- $getuser = "SELECT * FROM users WHERE username = \"" . $username "\"";
- $getuser2 = mysql_query($getuser):
- $getuser3 = mysql_fetch_array($getuser2);
- if ($getuser3['username'] == $username)
+ if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password'))
{
- $test = $username . ":" . $getuser3['password'] . ":" .$verificationID;
- if (md5($test) == $verification)
+ $getitem = "SELECT * FROM inbox WHERE id = " . $id;
+ $getitem2 = mysql_query($getitem);
+ $getitem3 = mysql_fetch_array($getitem2);
+ if ($getitem3['id'] == $id)
{
- $getitem = "SELECT * FROM inbox WHERE id = " . $id;
- $getitem2 = mysql_query($getitem);
- $getitem3 = mysql_fetch_array($getitem2);
- if ($getitem3['id'] == $id)
- {
- instaDisc_sendItem($id);
+ instaDisc_sendItem($id);
- return new xmlrpcresp(new xmlrpcval(0, "int"));
- }
+ return new xmlrpcresp(new xmlrpcval(0, "int"));
}
}
@@ -77,48 +56,41 @@ function resendItem($username, $verification, $verificationID, $id)
function sendFromUpdate($username, $verification, $verificationID, $subscription, $title, $author, $url, $semantics)
{
- $getuser = "SELECT * FROM users WHERE username = \"" . $username . "\"";
- $getuser2 = mysql_query($getuser);
- $getuser3 = mysql_fetch_array($getuser2);
- if ($getuser3['username'] == $username)
+ if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password'))
{
- $test = $username . ':' . $getuser3['password'] . ':' . $verificationID;
- if (md5($test) == $verification)
+ $getusubs = "SELECT * FROM subscriptions WHERE username = \"" . $username . "\" AND uri = \"" . $subscription . "\" AND owner = \"true\"";
+ $getusubs2 = mysql_query($getusubs);
+ $getusubs3 = mysql_fetch_array($getusubs2);
+ if ($getusubs['username'] == $username)
{
- $getusubs = "SELECT * FROM subscriptions WHERE username = \"" . $username . "\" AND uri = \"" . $subscription . "\" AND owner = \"true\"";
- $getusubs2 = mysql_query($getusubs);
- $getusubs3 = mysql_fetch_array($getusubs2);
- if ($getusubs['username'] == $username)
+ $cserver = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
+ $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver . "\"";
+ $getuk2 = mysql_query($getuk);
+ $getuk3 = mysql_fetch_array($getuk2);
+
+ $getcs = "SELECT * FROM centralServers";
+ $getcs2 = mysql_query($getcs);
+ $i=0;
+ while ($getcs3[$i] = mysql_fetch_array($getcs2))
{
- $cserver = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
- $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver . "\"";
- $getuk2 = mysql_query($getuk);
- $getuk3 = mysql_fetch_array($getuk2);
-
- $getcs = "SELECT * FROM centralServers";
- $getcs2 = mysql_query($getcs);
- $i=0;
- while ($getcs3[$i] = mysql_fetch_array($getcs2))
- {
- $verID = rand(1,65536);
-
- $client = new xmlrpc_client($getcs3[$i]['url']);
- $msg = new xmlrpcmsg("InstaDisc.sendFromCentral", array( new xmlrpcval($cserver, 'string'),
- new xmlrpcval(md5($cserver + ":" + $getuk3['key'] + ":" + $verID), 'string'),
- new xmlrpcval($verID, 'int'),
- new xmlrpcval($subscription, 'string'),
- new xmlrpcval($title, 'string'),
- new xmlrpcval($author, 'string'),
- new xmlrpcval($url, 'string'),
- new xmlrpcval($semantics, 'array'),
- new xmlrpcval(getConfig('softwareVersion'), 'int'),
- new xmlrpcval(getConfig('databaseVersion'), 'int')));
- $client->send($msg);
- $i++;
- }
-
- return new xmlrpcresp(new xmlrpcval(0, "int"));
+ $verID = rand(1,65536);
+
+ $client = new xmlrpc_client($getcs3[$i]['url']);
+ $msg = new xmlrpcmsg("InstaDisc.sendFromCentral", array( new xmlrpcval($cserver, 'string'),
+ new xmlrpcval(md5($cserver + ":" + $getuk3['key'] + ":" + $verID), 'string'),
+ new xmlrpcval($verID, 'int'),
+ new xmlrpcval($subscription, 'string'),
+ new xmlrpcval($title, 'string'),
+ new xmlrpcval($author, 'string'),
+ new xmlrpcval($url, 'string'),
+ new xmlrpcval($semantics, 'array'),
+ new xmlrpcval(getConfig('softwareVersion'), 'int'),
+ new xmlrpcval(getConfig('databaseVersion'), 'int')));
+ $client->send($msg);
+ $i++;
}
+
+ return new xmlrpcresp(new xmlrpcval(0, "int"));
}
}
@@ -127,62 +99,70 @@ function sendFromUpdate($username, $verification, $verificationID, $subscription
function sendFromCentral($cserver, $verification, $verificationID, $subscription, $title, $author, $url, $semantics, $softwareVersion, $databaseVersion)
{
- $getcs = "SELECT * FROM centralServers WHERE url = \"" . $cserver . "\"";
- $getcs2 = mysql_query($getcs);
- $getcs3 = mysql_fetch_array($getcs2);
- if ($getcs3['url'] == $cserver)
+ if (instaDisc_checkVerification($cserver, $verification, $verificationID, 'centralServers', 'url', 'key'))
{
- $test = $cserver . ':' . $getcs3['key'] . ':' . $verificationID;
- if (md5($test) == $verification)
+ if ($softwareVersion > getConfig('softwareVersion'))
{
- if ($softwareVersion > getConfig('softwareVersion'))
- {
- instaDisc_sendUpdateNotice();
- } else if ($softwareVersion < getConfig('softwareVersion'))
- {
- $cserver2 = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
- $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver2 . "\"";
- $getuk2 = mysql_query($getuk);
- $getuk3 = mysql_fetch_array($getuk2);
+ instaDisc_sendUpdateNotice();
+ } else if ($softwareVersion < getConfig('softwareVersion'))
+ {
+ $cserver2 = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
+ $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver2 . "\"";
+ $getuk2 = mysql_query($getuk);
+ $getuk3 = mysql_fetch_array($getuk2);
- $verID = rand(1,65536);
+ $verID = rand(1,65536);
- $client = new xmlrpc_client($cserver);
- $msg = new xmlrpcmsg("InstaDisc.sendUpdateNotice", array( new xmlrpcval($cserver2, 'string'),
- new xmlrpcval(md5($cserver2 . ':' . $getuk3['key'] . ':' . $verID), 'string'),
- new xmlrpcval($verID, 'int'),
- new xmlrpcval(getConfig('softwareVersion'), 'int')));
- $client->send($msg);
- }
+ $client = new xmlrpc_client($cserver);
+ $msg = new xmlrpcmsg("InstaDisc.sendUpdateNotice", array( new xmlrpcval($cserver2, 'string'),
+ new xmlrpcval(md5($cserver2 . ':' . $getuk3['key'] . ':' . $verID), 'string'),
+ new xmlrpcval($verID, 'int'),
+ new xmlrpcval(getConfig('softwareVersion'), 'int')));
+ $client->send($msg);
+ }
- if ($databaseVersion > getConfig('databaseVersion'))
- {
- $cserver2 = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
- $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver2 . "\"";
- $getuk2 = mysql_query($getuk);
- $getuk3 = mysql_fetch_array($getuk2);
+ if ($databaseVersion > getConfig('databaseVersion'))
+ {
+ $cserver2 = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
+ $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver2 . "\"";
+ $getuk2 = mysql_query($getuk);
+ $getuk3 = mysql_fetch_array($getuk2);
+
+ $verID = rand(1,65536);
+
+ $client = new xmlrpc_client($cserver);
+ $msg = new xmlrpcmsg("InstaDisc.askForDatabase", array( new xmlrpcval($cserver2, 'string'),
+ new xmlrpcval(md5($cserver2 . ':' . $getuk3['key'] . ':' . $verID), 'string'),
+ new xmlrpcval($verID, 'int'),
+ new xmlrpcval(getConfig('databaseVersion'), 'int')));
+ $client->send($msg);
+ } else if ($databaseVersion < getConfig('databaseVersion'))
+ {
+ instaDisc_sendDatabase($cserver);
+ }
- $verID = rand(1,65536);
+ $getsed = "SELECT * FROM subscriptions WHERE uri = \"" . $subscription . "\"";
+ $getsed2 = mysql_query($getsed);
+ $i=0;
+ while ($getsed3[$i] = mysql_fetch_array($getsed2))
+ {
+ instaDisc_addItem($getsed3['username'], $subscription, $title, $author, $url, $semantics);
+ $i++;
+ }
- $client = new xmlrpc_client($cserver);
- $msg = new xmlrpcmsg("InstaDisc.askForDatabase", array( new xmlrpcval($cserver2, 'string'),
- new xmlrpcval(md5($cserver2 . ':' . $getuk3['key'] . ':' . $verID), 'string'),
- new xmlrpcval($verID, 'int'),
- new xmlrpcval(getConfig('databaseVersion'), 'int')));
- $client->send($msg);
- } else if ($databaseVersion < getConfig('databaseVersion'))
- {
- instaDisc_sendDatabase($cserver);
- }
+ return new xmlrpcresp(new xmlrpcval(0, "int"));
+ }
- $getsed = "SELECT * FROM subscriptions WHERE uri = \"" . $subscription . "\"";
- $getsed2 = mysql_query($getsed);
- $i=0;
- while ($getsed3[$i] = mysql_fetch_array($getsed2))
- {
- instaDisc_addItem($getsed3['username'], $subscription, $title, $author, $url, $semantics);
- $i++;
- }
+ return new xmlrpcresp(new xmlrpcval(1, "int"));
+}
+
+function sendUpdateNotice($cserver, $verification, $verificationID, $softwareVersion)
+{
+ if (instaDisc_checkVerification($cserver, $verification, $verificationID, 'centralServers', 'url', 'key'))
+ {
+ if ($softwareVersion > getConfig('softwareVersion'))
+ {
+ instaDisc_sendUpdateNotice();
return new xmlrpcresp(new xmlrpcval(0, "int"));
}
@@ -191,12 +171,27 @@ function sendFromCentral($cserver, $verification, $verificationID, $subscription
return new xmlrpcresp(new xmlrpcval(1, "int"));
}
+function askForDatabase($cserver, $verification, $verificationID, $databaseVersion)
+{
+ if (instaDisc_checkVerification($cserver, $verification, $verificationID, 'centralServers', 'url', 'key'))
+ {
+ if ($databaseVersion < getConfig('databaseVersion'))
+ {
+ instaDisc_sendDatabase($cserver);
+ }
+ }
+
+ return new xmlrpcresp(new xmlrpcval(1, "int"));
+}
+
$s = new xmlrpc_server( array( "InstaDisc.checkRegistration" => array("function" => "checkRegistration"),
"InstaDisc.deleteItem" => array("function" => "deleteItem"),
"InstaDisc.resendItem" => array("function" => "resendItem"),
"InstaDisc.requestRetained" => array("function" => "requestRetained"),
"InstaDisc.sendFromUpdate" => array("function" => "sendFromUpdate"),
- "InstaDisc.sendFromCentral" => array("function" => "sendFromCentral")
+ "InstaDisc.sendFromCentral" => array("function" => "sendFromCentral"),
+ "InstaDisc.sendUpdateNotice" => array("function" => "sendUpdateNotice"),
+ "InstaDisc.askForDatabase" => array("function" => "askForDatabase")
),0);
$s->functions_parameters_type = 'phpvals';
$s->service();
--
cgit 1.4.1