MTGetAllCustomerNames gac=req->queryGetAllCustomerNames();
if(gac.stage()!=gac.Success)return;
m_list.clear();
- QList<MOCustomer>cl=gac.getcustomers();
- for(int i=0;i<cl.size();i++)
- m_list.append(cl[i]);
+ QList<MOCustomerShort>cl=gac.getcustomers();
+ //FIXME
+// for(int i=0;i<cl.size();i++)
+// m_list.append(cl[i]);
//update widget
m_listmodel->clear();
m_listmodel->insertRows(0,m_list.size());
m_addr->setPlainText(m_cust.address());
gl->addWidget(new QLabel(tr("Contact Information:")),++lc,0);
gl->addWidget(m_cont=new QTextEdit,lc,1);
- m_cont->setPlainText(m_cust.contact());
+ //FIXME
+// m_cont->setPlainText(m_cust.contact());
gl->setRowMinimumHeight(++lc,10);
gl->addWidget(new QLabel(tr("Web-Login/eMail:")),++lc,0);
gl->addWidget(m_mail=new QLabel(m_cust.email()),lc,1);
m_cust.setname(m_name->text());
//TODO: redo address editing
//m_cust.setaddress(m_addr->toPlainText());
- m_cust.setcontact(m_cont->toPlainText());
+ //m_cust.setcontact(m_cont->toPlainText());
m_cust.setcomments(m_comm->toPlainText());
return m_cust;
}
#include <QDialog>
#include <QList>
+#include "MOCustomerShort.h"
#include "MOCustomer.h"
/**this class expands on MOCustomer to add some convenience methods*/
QString hn;
if(usealterhost->isChecked())hn=alterhostname->text();
else hn=QSettings().value("hostname").toString();
- if(!mw->login(username->text(),password->text(),hn)){
+ QString hk=QSettings().value("hostkey").toString();
+ if(!mw->login(username->text(),password->text(),hn,hk)){
QMessageBox::warning(this,tr("Warning"),tr("Unable to log in."));
mw->deleteLater();
setEnabled(true);
//
#include "msinterface.h"
+#include <QMessageBox>
MSInterface::MSInterface(QString pid)
:MInterface()
{
profileid=pid;
-}
\ No newline at end of file
+}
+
+bool MSInterface::login(QString username,QString passwd,QString hostname,QString hostkey)
+{
+ MTLogin lg=MTLogin::query(username,passwd,hostname,hostkey);
+ if(lg.stage()==lg.Error)
+ QMessageBox::warning(0,tr("Warning"),tr("Login failed: %1").arg(tr(lg.errorString().toAscii())));
+ else
+ setSessionId(lg.getsessionid());
+ return lg.stage()==lg.Success;
+}
+
+ void logout(){}
+ bool relogin(){return false;}
static MSInterface* instance(){return qobject_cast<MSInterface*>(MInterface::instance());}
- bool login(QString,QString,QString){return false;}
+ bool login(QString username,QString passwd,QString hostname,QString hostkey);
void logout(){}
bool relogin(){return false;}
QString currentUser()const{return "";}
bool MTicket::isToBePaid()const
{
- if(status()==Bought || status()==Used)return true;
+ if(status()==Ordered || status()==Used)return true;
else return false;
}
MOEvent ev=getev.getevent();
QString r=QInputDialog::getText(this,tr("Cancel Event"),tr("Please enter a reason to cancel event \"%1\" or abort:").arg(ev.title()),QLineEdit::Normal,"",&ok);
if(!ok)return;
- MTCancelEvent cev=MTCancelEvent::queryWeb(id,r);
+ MTCancelEvent cev=MTCancelEvent::query(id,r);
if(!cev.hasError())
QMessageBox::information(this,tr("Event Cancelled"),tr("The event \"%1\" has been cancelled. Please inform everybody who bought a ticket.").arg(ev.title()));
else
//get password
QString pwd=QInputDialog::getText(this,tr("Password"),tr("Please enter an initial password for the user:"),QLineEdit::Password);
//send request
- req->queryCreateUser(name,pwd);
+ req->queryCreateUser(name,pwd,"");
//update display
updateUsers();
}
../www/inc/wob/wo_User.php \
../www/inc/wob/wtr_SetUserDescription.php \
../www/inc/wob/wtr_GetAllHostNames.php \
-../www/inc/wob/wo_HostAcl.php \
../www/inc/wob/wt_room.php \
+../www/inc/wob/wt_item.php \
+../www/inc/wob/wt_eventprice.php \
../www/inc/wob/wtr_GetAllShipping.php \
../www/inc/wob/wt_customer.php \
../www/inc/wob/wo_CartVoucher.php \
../www/inc/wob/wt_host.php \
../www/inc/wob/wt_country.php \
../www/inc/wob/wo_Country.php \
-../www/inc/wob/wt_userhosts.php \
+../www/inc/wob/wo_CustomerShort.php \
+../www/inc/wob/wtr_Logout.php \
../www/inc/wob/wtr_GetUserRoles.php \
+../www/inc/wob/wt_seatplan.php \
../www/inc/wob/wo_Ticket.php \
../www/inc/wob/wt_config.php \
+../www/inc/wob/wt_artist.php \
../www/inc/wob/wtr_SetUserRoles.php \
../www/inc/wob/wtr_ChangePassword.php \
+../www/inc/wob/wt_contact.php \
../www/inc/wob/wtr_DeleteUser.php \
../www/inc/wob/wo_Voucher.php \
../www/inc/wob/wtr_GetTicket.php \
../www/inc/wob/wtr_CancelEvent.php \
../www/inc/wob/wo_Host.php \
../www/inc/wob/wo_CartOrder.php \
-../www/inc/wob/wo_UserRole.php \
+../www/inc/wob/wt_userhost.php \
../www/inc/wob/wt_cart_voucher.php \
../www/inc/wob/wt_voucher.php \
../www/inc/wob/wo_CartTicket.php \
../www/inc/wob/wt_ticket.php \
../www/inc/wob/wtr_GetAllRooms.php \
../www/inc/wob/wt_moneylog.php \
+../www/inc/wob/wtr_GetMyRights.php \
../www/inc/wob/wtr_ServerInfo.php \
../www/inc/wob/wtr_Login.php \
../www/inc/wob/wtr_GetVoucher.php \
-../www/inc/wob/wt_users.php \
+../www/inc/wob/wt_documentlog.php \
+../www/inc/wob/wt_role.php \
../www/inc/wob/wtr_GetAllHosts.php \
../www/inc/wob/wtr_GetCustomer.php \
+../www/inc/wob/wo_ContactType.php \
../www/inc/wob/wt_cart_ticket.php \
+../www/inc/wob/wt_product.php \
../www/inc/wob/wtr_GetOrder.php \
../www/inc/wob/wtr_SetHost.php \
../www/inc/wob/wt_template.php \
../www/inc/wob/wo_Room.php \
../www/inc/wob/wtr_GetEvent.php \
../www/inc/wob/wt_shipping.php \
+../www/inc/wob/wt_user.php \
+../www/inc/wob/wt_contacttype.php \
../www/inc/wob/wt_address.php \
../www/inc/wob/wtr_GetMyRoles.php \
../www/inc/wob/wtr_GetAllUsers.php \
../www/inc/wob/autoload.php \
+../www/inc/wob/wt_cart_item.php \
+../www/inc/wob/wt_pricecategory.php \
../www/inc/wob/wo_Address.php \
../www/inc/wob/wo_Customer.php \
../www/inc/wob/wt_websession.php \
../www/inc/wob/wo_Order.php \
../www/inc/wob/transaction.php \
../www/inc/wob/wtr_SetUserHosts.php \
+../www/inc/wob/wt_roleright.php \
+../www/inc/wob/wo_Contact.php \
../www/inc/wob/wtr_GetUserHosts.php \
../www/inc/wob/wt_userrole.php \
../www/inc/wob/wo_Event.php \
../www/inc/wob/wtr_DeleteHost.php \
../www/inc/global_variables.php \
../www/inc/global_functions.php \
-../www/inc/machine/cauth_hash.php \
-../www/inc/machine/cauth_mhash.php \
../www/inc/machine/host.php \
../www/inc/machine/version.php \
-../www/inc/machine/cauth_string.php \
../www/inc/machine/template.php \
../www/inc/machine/session.php \
../www/inc/machine/autoload.php \
//do not attempt to save invalid or incomplete data
if(!isValid())return false;
//call
- MTCreateUser cu=req->queryCreateUser(name(),pwd);
+ MTCreateUser cu=req->queryCreateUser(name(),pwd,"");
//check success
if(cu.stage()==cu.Success){
operator=(cu.getuser().value());
MTGetUserRoles gr=req->queryGetUserRoles(name());
//check success
MCheckList ret;
+ //TODO: also get roles we don't have and do something about rights
if(gr.stage()==gr.Success){
- QList<MOUserRole>lr=gr.getroles();
+ QList<QString>lr=gr.getroles();
for(int i=0;i<lr.size();i++)
- ret.addItem(new MAcl(lr[i].username(),lr[i].isset()));
+ ret.addItem(new MAcl(lr[i],true));
}
return ret;
}
bool MUser::setRoles(const MCheckList&cl)
-{
+{/* TODO
//create DOM
QList<MOUserRole>lr;
for(int i=0;i<cl.size();i++){
//request
MTSetUserRoles sur=req->querySetUserRoles(name(),lr);
if(sur.stage()==sur.Success)return true;
- else return false;
+ else*/ return false;
}
MCheckList MUser::getHosts()
-{
+{/*TODO
//call
MTGetUserHosts gh=req->queryGetUserHosts(name());
//check success
ret.addItem(new MUserHost(hl[i]));
}
}
- return ret;
+ return ret;*/ return MCheckList();
}
bool MUser::setHosts(const MCheckList&cl)
-{
+{/*TODO
//create DOM
QList<MOHostAcl> hal;
for(int i=0;i<cl.size();i++){
//request
MTSetUserHosts suh=req->querySetUserHosts(name(),hal);
if(suh.stage()==suh.Success)return true;
- else return false;
+ else*/ return false;
}
/********************************************************/
m_set=s;
}
+/*TODO
MUserHost::MUserHost(const MOHostAcl&a)
{
m_host=a.hostname();
m_set=a.isset();
-}
+}*/
QString MUserHost::host()const
{
bool m_set;
};
-class MOHostAcl;
+// class MOHostAcl;
/**overwrites MCheckItem to represent a host item for the user*/
class MUserHost:public MCheckItem
{
MUserHost();
MUserHost(const MUserHost&);
MUserHost(QString,bool);
- MUserHost(const MOHostAcl&);
+ //MUserHost(const MOHostAcl&);
/**returns the host this item represents*/
virtual QString host()const;
/**returns the current log level*/
LogLevel logLevel()const{return loglvl;}
+
+ /**returns the current session ID*/
+ QString sessionId()const{return m_sessid;}
public slots:
/**set log level*/
/**sets the URL of the interface*/
void setUrl(QUrl u){m_url=u;}
+
+ /**sets the session id to be transmitted*/
+ void setSessionId(QString sid){m_sessid=sid;}
private:
static QMap<QString,WInterface*>inst;
QUrl m_url;
- QString m_proxyhost,m_proxyuser,m_proxypass;
+ QString m_proxyhost,m_proxyuser,m_proxypass,m_sessid;
unsigned short m_proxyport;
int m_wtimeout;
LogLevel loglvl;
WTransaction::WTransaction(QString ifc)
{
m_stage=Uninitialized;
- m_qsource=None;
m_httpid=-1;
m_iface=ifc;
}
:QObject()
{
m_stage=t.m_stage;
- m_qsource=t.m_qsource;
m_errstr=t.m_errstr;
m_errtype=t.m_errtype;
m_iface=t.m_iface;
//show the user we are waiting
WaitCursor wc;
//set up request
- m_qsource=Web;
QString log;
QEventLoop loop(this);
connect(this,SIGNAL(webFinished()),&loop,SLOT(quit()));
qDebug("Error: transaction cannot find interface.");
m_stage=Error;
m_errtype="_iface";
+ m_errstr="interface not found";
return QByteArray();
}
QUrl url=iface->url();
Q_OBJECT
public:
enum Stage {Uninitialized,Success,Error};
- enum QuerySource{None,Buffer,Web};
Stage stage()const{return m_stage;}
- QuerySource querySource()const{return m_qsource;}
bool hasError()const{return m_stage==Error;}
QString errorType()const{return m_errtype;}
QString errorString()const{return m_errstr;}
+
+ QString interface()const{return m_iface;}
protected:
WTransaction(QString iface=QString());
WTransaction(const WTransaction&);
void webReady(int,bool);
signals:
void webFinished();
- private:
+ protected:
Stage m_stage;
- QuerySource m_qsource;
QString m_errtype,m_errstr,m_iface;
int m_httpid;
};
<Column name="cancelreason" type="string"/>
</Table>
- <Table name="eventprices" backup="yes">
+ <Table name="eventprice" backup="yes">
<Column name="eventid" type="int32" primarykey="yes" foreignkey="event:eventid"/>
<Column name="pricecategoryid" type="int32" primarykey="yes" foreignkey="pricecategory:pricecategoryid"/>
<Column name="maxavailable" type="int32" notnull="yes"/>
</Input>
<Call lang="php" method="GetEventXml2($this);"/>
<Output>
- <Var name="event" type="Event/Full"/>
+ <Var name="event" type="Event"/>
</Output>
</Transaction>
<Input/>
<Call lang="php" method="GetAllEventsXml2($this);"/>
<Output>
- <Var name="events" type="List:Event/Full"/>
+ <Var name="events" type="List:Event"/>
</Output>
</Transaction>
<Transaction name="GetAllRooms">
<Input/>
<Output>
- <Var name="rooms" type="List:Room/Full"/>
+ <Var name="rooms" type="List:Room"/>
</Output>
</Transaction>
</Wolf>
\ No newline at end of file
<!-- configure output -->
<QtClientOutput sourceDir="src" subDir="wob" priInclude="wob.pri" classPrefix="M" clean="yes"/>
<PHPServerOutput sourceDir="www" subDir="inc/wob" extension=".php" clean="yes">
- <Authenticator isAuthenticated="$::session->isAuthenticated()" hasRole="$::session->canExecute('%')" userName="$::session->getUser()"/>
+ <Authenticator
+ isAuthenticated="$::session->isAuthenticated()"
+ hasRole="$::session->canExecute(%)"
+ userName="$::session->getUser()"
+ init="new Session(%)"/>
</PHPServerOutput>
<!-- HtmlOutput sourceDir="doc" subDir="wob"/ -->
<Property name="status" type="TicketState"/>
<Property name="orderid" type="int"/>
- <ToXml name="inOrder">ticketid eventid price status</ToXml>
- <ToXml name="Full">ticketid eventid price status orderid</ToXml>
-
<Mapping table="ticket">
<Map column="ticketid"/>
<Map column="price"/>
<Var name="ticketid" type="astring"/>
</Input>
<Output>
- <Var name="ticket" type="Ticket/Full"/>
+ <Var name="ticket" type="Ticket"/>
</Output>
</Transaction>
<Property name="price" type="int" optional="1"/>
<Property name="status" type="VoucherState" optional="1"/>
<Property name="isused" type="bool"/>
-
- <ToXml name="Full">voucherid value price status</ToXml>
- <ToXml name="inOrder">voucherid value price status</ToXml>
</Class>
<Transaction name="GetVoucher">
<Var name="voucherid" type="astring"/>
</Input>
<Output>
- <Var name="voucher" type="Voucher/Full"/>
+ <Var name="voucher" type="Voucher"/>
</Output>
</Transaction>
<Property name="ordertime" type="int64"/>
<Property name="senttime" type="int64"/>
<!-- etc.pp. -->
-
- <ToXml name="Short">orderid customerid seller amountpaid state amountdue</ToXml>
- <ToXml name="Full">orderid customerid seller amountpaid state amountdue tickets/inOrder vouchers/inOrder</ToXml>
</Class>
<Transaction name="GetOrder">
<Var name="orderid" type="int"/>
</Input>
<Output>
- <Var name="order" type="Order/Full"/>
+ <Var name="order" type="Order"/>
</Output>
</Transaction>
<Map column="canallusers"/>
<Map column="description"/>
</Mapping>
- <ToXml name="Full">id cost canuseweb canallusers description</ToXml>
</Class>
<Transaction name="GetAllShipping">
<Input/>
<Output>
- <Var name="shipping" type="List:Shipping/Full"/>
+ <Var name="shipping" type="List:Shipping"/>
</Output>
</Transaction>
</Wolf>
\ No newline at end of file
</Preset>
</Table>
- <Table name="rolerights" backup="yes">
+ <Table name="roleright" backup="yes">
<Column name="rolename" type="string:64" primarykey="yes"/>
<Column name="rightname" type="string:64" primarykey="yes"/>
</Table>
<Transaction name="ServerInfo" mode="open">
<Input/>
- <Call lang="php" method="serverInfoXml2($this);"/>
+ <Call lang="php" method="serverInfoXml($this);"/>
<Output>
<Var name="ServerVersion" type="string"/>
- <Var name="MinimumProtocolVersion" type="int"/>
- <Var name="ServerProtocolVersion" type="int"/>
+ <Var name="MinimumProtocolVersion" type="astring"/>
+ <Var name="ServerProtocolVersion" type="astring"/>
</Output>
</Transaction>
<Var name="hostname" type="string"/>
<Var name="hostkey" type="string"/>
</Input>
+ <Call lang="php" method="Session::login($this);"/>
<Output>
<Var name="sessionid" type="string"/>
<Var name="validtill" type="int64"/>
</Output>
</Transaction>
+ <Transaction name="Logout" mode="auth">
+ <Input/>
+ <Call lang="php" method="$::session->deleteSession();"/>
+ <Output/>
+ </Transaction>
+
<Transaction name="GetMyRoles" mode="auth">
<Input/>
+ <Call lang="php" method="$this->setrole(array_unique($::session->getRoles()));"/>
<Output>
<Var name="role" type="List:astring"/>
</Output>
</Transaction>
+ <Transaction name="GetMyRights" mode="auth">
+ <Input/>
+ <Call lang="php" method="$this->setrole(array_unique($::session->getRights()));"/>
+ <Output>
+ <Var name="right" type="List:astring"/>
+ </Output>
+ </Transaction>
<Class name="User">
<Property name="name" type="astring"/>
m_isauth=el2.attribute("isAuthenticated","false");
m_hasrole=el2.attribute("hasRole","false");
m_username=el2.attribute("userName","\"\"");
+ m_authinit=el2.attribute("init","");
}else{
m_isauth="false";
m_hasrole="false";
QString WocPHPServerOut::classSerializers(const WocClass&cls)
{
QString code;
- QStringList k=cls.serializers();
- for(int i=0;i<k.size();i++){
- //toString function (wraps toXml)
- code+="\npublic function toString"+k[i]+"(){\n\t$xml=new DomDocument;\n";
- code+="\t$xml->appendChild($this->toXml"+k[i]+"($xml));\n\treturn $xml->saveXml();\n}\n";
- //toXml function:
- code+="public function toXml"+k[i]+"($xml,$elementname=\""+cls.name()+"\"){\n";
- code+="\t$root=$xml->createElement($elementname);\n";
- code+="\t$root->setAttribute(\"serialization-mode\",\""+k[i]+"\");\n";
- //add properties
- QStringList p=cls.serializerProperties(k[i]);
- for(int j=0;j<p.size();j++)
- code+=propertyToXml(cls,p[j]);
- //return result
- code+="\treturn $root;\n}\n";
- }
+ //toString function (wraps toXml)
+ code+="\npublic function toString(){\n\t$xml=new DomDocument;\n";
+ code+="\t$xml->appendChild($this->toXml($xml));\n\treturn $xml->saveXml();\n}\n";
+ //toXml function:
+ code+="public function toXml($xml,$elementname=\""+cls.name()+"\"){\n";
+ code+="\t$root=$xml->createElement($elementname);\n";
+ //add properties
+ QStringList p=cls.propertyNames();
+ for(int j=0;j<p.size();j++)
+ code+=propertyToXml(cls,p[j]);
+ //return result
+ code+="\treturn $root;\n}\n";
return code;
}
return code;
}
-QString WocPHPServerOut::propertyToXml(const WocClass&cls,QString pt)
+QString WocPHPServerOut::propertyToXml(const WocClass&cls,QString sl)
{
- QStringList sl=pt.split("/",QString::SkipEmptyParts);
- if(sl.size()<1)return "";
- QString prop=sl[0].trimmed();
- QString var;
- if(sl.size()>1)var=sl[1].trimmed();
+ QString prop=sl.trimmed();
//is it a list?
if(cls.propertyIsList(prop)){
//is it a class?
if(cls.propertyIsObject(prop)){
QString code="\tforeach($this->get_"+prop+"() as $o)\n\t\t";
- code+="$root->appendChild($o->toXml"+var+"($xml,\""+prop+"\"));\n";
+ code+="$root->appendChild($o->toXml($xml,\""+prop+"\"));\n";
return code;
}else{
//there is no way to create lists of attributes, hence we always create elements
return "\t$root->appendChild($xml->createElement(\""+prop+"\",xq($this->getstr_"+prop+"())));\n";
//is it a class?
if(cls.propertyIsObject(prop))
- return "\t$root->appendChild($this->get_"+prop+"()->toXml"+var+"($xml,\""+prop+"\"));\n";
+ return "\t$root->appendChild($this->get_"+prop+"()->toXml($xml,\""+prop+"\"));\n";
//anything else?
qDebug("Warning: end of WocPHPServerOut::propertyToXml - this code should not be reachable.");
return "//internal generator error!\n";
//request handler:
code="public function handleRequest(){\n";
+ //parse low level XML
+ code+="\tglobal $HTTP_RAW_POST_DATA;\n\tif(isset($HTTP_RAW_POST_DATA))$txt=$HTTP_RAW_POST_DATA;else $txt=\"\";\n";
+ code+="\t$xml=new DOMDocument;\n\tif(!$xml->loadXML($txt))xmlParserError();\n";
+ code+="\t$root=$xml->documentElement;\n";
+
//security handling
switch(trn.authMode()){
case WocTransaction::Checked:
- code+="\tif(!"+m_isauth+"||!"+QString(m_hasrole).replace("%",trn.name())+")notAuthenticated();\n";
+ code+="\t/*security check: authenticated and authorized*/\n";
+ code+="\t$sid=$root->getAttribute(\"sessionid\");\n";
+ code+="\t"+QString(m_authinit).replace("%","$sid")+";\n";
+ code+="\tif(!"+m_isauth+"||!"+QString(m_hasrole).replace("%","\""+trn.name()+"\"")+")notAuthenticated();\n";
break;
case WocTransaction::Auth:
+ code+="\t/*security check: authenticated*/\n";
+ code+="\t$sid=$root->getAttribute(\"sessionid\");\n";
+ code+="\t"+QString(m_authinit).replace("%","$sid")+";\n";
code+="\tif(!"+m_isauth+")notAuthenticated();\n";
break;
- default: break;//none
+ default:
+ code+="\t/*no security check, open function*/\n";
+ break;//none
}
//parse inputs
//call
if(trn.hasCall("php")){
+ code+="\t/*call actual functionality:*/\n";
code+="\ttry{"+trn.callFunction("php")+"}catch(Exception $e){handleException($e);}\n";
- }else
+ }else{
+ code+="\t/*normally here would be the PHP call, but it is missing from the config*/\n";
qDebug("Warning: transaction %s does not have a PHP call!",trn.name().toAscii().data());
+ }
//encode outputs/handle errors
code+=trnOutput(trn);
QString WocPHPServerOut::trnInput(const WocTransaction&trn)
{
- QString code="\tglobal $HTTP_RAW_POST_DATA;\n\tif(isset($HTTP_RAW_POST_DATA))$txt=$HTTP_RAW_POST_DATA;else $txt=\"\";\n";
- code+="\t$xml=new DOMDocument;\n\tif(!$xml->loadXML($txt))xmlParserError();\n";
- code+="\t$root=$xml->documentElement;\n\ttry{\n";
+ QString code="\t/*start of input parsing*/\n";
+ code+="\ttry{\n";
QStringList sl=trn.inputNames();
for(int i=0;i<sl.size();i++){
QString t=trn.inputType(sl[i]);
}
}
code+="\t}catch(Exception $e){handleException($e);}\n";
+ code+="\t/*end of input parsing*/\n";
return code;
}
QString WocPHPServerOut::trnOutput(const WocTransaction&trn)
{
QStringList sl=trn.outputNames();
- QString code="\ttry{\n\t\t$xml=new DOMDocument;\n";
+ QString code="\t/*start of output encoding*/\n";
+ code+="\ttry{\n\t\t$xml=new DOMDocument;\n";
code+="\t\t$root=$xml->createElement(\"WobResponse\");\n";
code+="\t\t$root->setAttribute(\"status\",statusString());\n";
for(int i=0;i<sl.size();i++){
}
}
}
- code+="\t\t$xml->appendChild($root);\n\t}catch(Exception $e){handleException($e);}\n";
+ code+="\t\t$xml->appendChild($root);\n";
+ code+="\t\theader(\"X-WobResponse-Status: Ok\");\n";
+ code+="\t\tprint($xml->saveXml());\n";
+ code+="\t}catch(Exception $e){handleException($e);}\n";
+ code+="\t/*end of output*/\n";
return code;
}
virtual void newTransaction(const WocTransaction&);
private:
QString m_basedir,m_subdir,m_fileext;
- QString m_isauth,m_hasrole,m_username;
+ QString m_isauth,m_hasrole,m_username,m_authinit;
QFile m_loader,m_schema,m_transact;
/**helper: adds a loader line for a class to autoload.php*/
}
m_maps.insert(name,map);
}
- //scan serializers
- nl=cls.elementsByTagName("ToXml");
- for(int i=0;i<nl.size();i++){
- QDomElement el=nl.at(i).toElement();
- if(el.isNull())continue;
- QString name=el.attribute("name");
- if(!symok.exactMatch(name)){
- qDebug("Error: Illegal serializer %s in class %s.",name.toAscii().data(),m_name.toAscii().data());
- m_valid=false;
- return;
- }
- if(hasSerializer(name)){
- qDebug("Error: Double definition of serializer %s in class %s.",name.toAscii().data(),m_name.toAscii().data());
- m_valid=false;
- return;
- }
- QStringList prop=el.text().split(" ",QString::SkipEmptyParts);
- //TODO: check that properties exist
- m_serial.insert(name,prop);
- }
//check abstraction
if(!m_abstract && isAbstract()){
qDebug("Warning: class %s should be declared abstract.",m_name.toAscii().data());
/**returns a list of enum values as name-value pairs*/
QList<QPair<QString,int> > enumValues(QString t)const{return m_enumvals[t];}
- /**returns the names of all serializer methods of this class*/
- QStringList serializers()const{return m_serial.keys();}
- /**returns true if the given serializer is defined*/
- bool hasSerializer(QString s)const{return m_serial.contains(s);}
- /**returns which properties are encoded by this serializer*/
- QStringList serializerProperties(QString s)const{return m_serial[s];}
-
/**returns true if the given mapping exists*/
bool hasMapping(QString m)const{return m_maps.contains(m);}
/**returns the names of all tables for which a mapping exists*/
//enum types: "type-name" => List of ("constant-name",int-constant-value)
QMap<QString,QList<QPair<QString,int> > >m_enumvals;
//serializers: "name" => List of properties (syntax Objects: "propertyname/Serializer"
- QMap<QString,QStringList> m_serial;
+// QMap<QString,QStringList> m_serial;
//helper: contains predefined types sorted by serialization type
static const QStringList attrtypes,elemtypes;
scd+="\tmp_"+k[i]+"=o.mp_"+k[i]+";\n";
scd+="\treturn *this;\n}\n";
- //implement deserializer
+ //implement deserializer (as constructor)
hcd+="\t"+cn+"(const QDomElement&);\n";
scd+=cn+"::"+cn+"(const QDomElement&root)\n\t:WObject()\n{\n";
scd+="\tQDomNodeList nl;\n";
void WocQtClientOut::classSerializers(const WocClass&cls,QFile&hdr,QFile&src,QString cn)
{
- QStringList k=cls.serializers();
- if(k.size()==0)return;
QString hcd=" public:\n";
QString scd;
- for(int i=0;i<k.size();i++){
- hcd+="\tQString toString"+k[i]+"();\n";
- scd+="QString "+cn+"::toString"+k[i]+"()\n{\n";
- scd+="\tQDomDocument doc;\n\tdoc.appendChild(toXml"+k[i]+"(doc));\n";
- scd+="\treturn doc.toString();\n}\n";
- hcd+="\tQDomElement toXml"+k[i]+"(QDomDocument&,QString name=\""+cls.name()+"\");\n";
- scd+="QDomElement "+cn+"::toXml"+k[i]+"(QDomDocument&doc,QString name)\n{\n";
- scd+="\tQDomElement r=doc.createElement(name);\n";
- QStringList p=cls.serializerProperties(k[i]);
- for(int j=0;j<p.size();j++){
- QStringList pv=p[j].split("/",QString::SkipEmptyParts);
- if(pv.size()<1){
- qDebug("Error: encountered empty property while creating serializer %s for class %s.",k[i].toAscii().data(),cls.name().toAscii().data());
+ hcd+="\tQString toString();\n";
+ scd+="QString "+cn+"::toString()\n{\n";
+ scd+="\tQDomDocument doc;\n\tdoc.appendChild(toXml(doc));\n";
+ scd+="\treturn doc.toString();\n}\n";
+ hcd+="\tQDomElement toXml(QDomDocument&,QString name=\""+cls.name()+"\");\n";
+ scd+="QDomElement "+cn+"::toXml(QDomDocument&doc,QString name)\n{\n";
+ scd+="\tQDomElement r=doc.createElement(name);\n";
+ QStringList p=cls.propertyNames();
+ for(int j=0;j<p.size();j++){
+ QStringList pv=p[j].split("/",QString::SkipEmptyParts);
+ if(pv.size()<1){
+ qDebug("Error: encountered empty property while creating serializer for class %s.",cls.name().toAscii().data());
+ emit errorFound();
+ return;
+ }
+ QString prop=pv[0];
+ QString var;
+ if(pv.size()>1)var=pv[1];
+ //is it a list
+ if(cls.propertyIsList(prop)){
+ scd+="\tfor(int i=0;i<mp_"+prop+".size();i++){\n";
+ if(cls.propertyIsObject(prop))
+ scd+="\t\tr.appendChild(mp_"+prop+"[i].toXml"+var+"(doc,\""+prop+"\"));\n";
+ else
+ if(cls.propertyIsEnum(prop)){
+ scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
+ scd+="\t\tel.appendChild(doc.createTextNode("+cls.propertyPlainType(prop)+"2str(mp_"+prop+"[i])));\n";
+ scd+="\t\tr.appendChild(el);\n";
+ }else
+ if(cls.propertyIsString(prop)){
+ scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
+ scd+="\t\tel.appendChild(doc.createTextNode(mp_"+prop+"[i]));\n";
+ scd+="\t\tr.appendChild(el);\n";
+ }else
+ if(cls.propertyIsBool(prop)){
+ scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
+ scd+="\t\tel.appendChild(doc.createTextNode(mp_"+prop+"[i]?\"yes\":\"no\"));\n";
+ scd+="\t\tr.appendChild(el);\n";
+ }else
+ if(cls.propertyIsInt(prop)){
+ scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
+ scd+="\t\tel.appendChild(doc.createTextNode(QString::number(mp_"+prop+"[i])));\n";
+ scd+="\t\tr.appendChild(el);\n";
+ }else{
+ qDebug("Error: cannot generate serializer for class %s property %s.",cls.name().toAscii().data(),prop.toAscii().data());
emit errorFound();
return;
}
- QString prop=pv[0];
- QString var;
- if(pv.size()>1)var=pv[1];
- //is it a list
- if(cls.propertyIsList(prop)){
- scd+="\tfor(int i=0;i<mp_"+prop+".size();i++){\n";
- if(cls.propertyIsObject(prop))
- scd+="\t\tr.appendChild(mp_"+prop+"[i].toXml"+var+"(doc,\""+prop+"\"));\n";
+ scd+="\t}\n";
+ }else{
+ //non lists
+ scd+="\tif(!mp_"+prop+".isNull()){\n";
+ if(cls.propertyIsAttribute(prop)){
+ if(cls.propertyIsBool(prop))
+ scd+="\t\tr.setAttribute(\""+prop+"\",mp_"+prop+".value()?\"yes\":\"no\");\n";
else
- if(cls.propertyIsEnum(prop)){
- scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
- scd+="\t\tel.appendChild(doc.createTextNode("+cls.propertyPlainType(prop)+"2str(mp_"+prop+"[i])));\n";
- scd+="\t\tr.appendChild(el);\n";
+ scd+="\t\tr.setAttribute(\""+prop+"\",mp_"+prop+".value());\n";
+ }else{
+ if(cls.propertyIsObject(prop)){
+ scd+="\t\tr.appendChild(mp_"+prop+".value().toXml"+var+"(doc,\""+prop+"\"));\n";
}else
if(cls.propertyIsString(prop)){
scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
- scd+="\t\tel.appendChild(doc.createTextNode(mp_"+prop+"[i]));\n";
- scd+="\t\tr.appendChild(el);\n";
- }else
- if(cls.propertyIsBool(prop)){
- scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
- scd+="\t\tel.appendChild(doc.createTextNode(mp_"+prop+"[i]?\"yes\":\"no\"));\n";
- scd+="\t\tr.appendChild(el);\n";
- }else
- if(cls.propertyIsInt(prop)){
- scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
- scd+="\t\tel.appendChild(doc.createTextNode(QString::number(mp_"+prop+"[i])));\n";
+ scd+="\t\tel.appendChild(doc.createTextNode(mp_"+prop+"));\n";
scd+="\t\tr.appendChild(el);\n";
}else{
qDebug("Error: cannot generate serializer for class %s property %s.",cls.name().toAscii().data(),prop.toAscii().data());
emit errorFound();
return;
}
- scd+="\t}\n";
- }else{
- //non lists
- scd+="\tif(!mp_"+prop+".isNull()){\n";
- if(cls.propertyIsAttribute(prop)){
- if(cls.propertyIsBool(prop))
- scd+="\t\tr.setAttribute(\""+prop+"\",mp_"+prop+".value()?\"yes\":\"no\");\n";
- else
- scd+="\t\tr.setAttribute(\""+prop+"\",mp_"+prop+".value());\n";
- }else{
- if(cls.propertyIsObject(prop)){
- scd+="\t\tr.appendChild(mp_"+prop+".value().toXml"+var+"(doc,\""+prop+"\"));\n";
- }else
- if(cls.propertyIsString(prop)){
- scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
- scd+="\t\tel.appendChild(doc.createTextNode(mp_"+prop+"));\n";
- scd+="\t\tr.appendChild(el);\n";
- }else{
- qDebug("Error: cannot generate serializer for class %s property %s.",cls.name().toAscii().data(),prop.toAscii().data());
- emit errorFound();
- return;
- }
- }
- scd+="\t}\n";
}
+ scd+="\t}\n";
}
- scd+="\treturn r;\n}\n";
}
+ scd+="\treturn r;\n}\n";
hdr.write(hcd.toAscii());
src.write(scd.toAscii());
}
QString hcd;
QString scd;
hcd="#include \"WTransaction.h\"\n";
+ scd+="#include \"WInterface.h\"\n";
for(int i=0;i<in.size();i++){
QString tp=qtobjtype(trn,in[i],In);
if(tp!="")hcd+="#include <"+tp+".h>\n";
//interface code
QString sif=" "+cn+" query"+trn.name()+"("+inlist+")\n\t";
sif+="{return "+cn+"::query("+clist+(clist!=""?",":"")+"name());}\n";
- sif+=" "+cn+" queryWeb"+trn.name()+"("+inlist+")\n\t";
- sif+="{return "+cn+"::queryWeb("+clist+(clist!=""?",":"")+"name());}\n\n";
m_iface.write(sif.toAscii());
//create constructor
//query method
hcd+="\tvoid netquery();\n";
scd+="void "+cn+"::netquery()\n{\n";
- //TODO: encode input
- for(int i=0;i<in.size();i++){
- }
- //TODO: query and decode output
+ scd+="\tQDomDocument doc;QDomElement root=doc.createElement(\"WobRequest\");\n";
+ scd+="\tQDomElement tmp;\n";
+ scd+="\tWInterface *iface=WInterface::instance(m_iface);\n";
+ scd+="\tif(iface==0){m_errtype=\"_iface\";m_errstr=\"interface not found\";m_stage=Error;return;}\n";
+ if(trn.authMode()!=trn.Open)
+ scd+="\troot.setAttribute(\"sessionid\",iface->sessionId());\n";
+ //encode input
+ scd+=trnInput(trn);
+ scd+="\tdoc.appendChild(root);\n";
+ //query
+ scd+="\tQByteArray rba=executeQuery(\""+trn.name()+"\",doc.toByteArray());\n";
+ //decode output
+ scd+=trnOutput(trn);
scd+="}\n";
hdr.write(hcd.toAscii());
src.write(scd.toAscii());
}
//create queries
scd="";
- //TODO: query should optimize between local & web
- hcd+="\tstatic "+cn+" query("+inlist+defparm+"){return queryWeb("+clist+");}\n";
- hcd+="\tstatic "+cn+" queryWeb("+inlist+defparm+");\n";
- scd+=cn+" "+cn+"::queryWeb("+inlist+")\n{\n";
+ hcd+="\tstatic "+cn+" query("+inlist+defparm+");\n";
+ scd+=cn+" "+cn+"::query("+inlist+")\n{\n";
scd+="\t"+cn;
if(clist!="")scd+=" r("+clist+");\n";else scd+=" r;";
scd+="\tr.netquery();\n\treturn r;\n}\n";
src.write(QByteArray(SRCEND).replace("%",cn.toAscii()));
}
+QString WocQtClientOut::trnInput(const WocTransaction&trn)
+{
+ QString code="\t/*start of input encoding*/\n";
+ QStringList sl=trn.inputNames();
+ for(int i=0;i<sl.size();i++){
+ QString t=trn.inputType(sl[i]);
+ if(trn.isAttributeType(t)){
+ code+="\troot.setAttribute(\""+sl[i]+"\",in_"+sl[i];
+ if(trn.isBoolType(t))
+ code+="?\"yes\":\"no\"";
+ code+=");\n";
+ }else{
+ if(trn.isListType(t)){
+ QString pt=trn.plainType(t);
+ code+="\tfor(int i=0;i<in_"+sl[i]+".size();i++){\n";
+ if(trn.isObjectType(t)){
+ code+="\t\ttmp=in_"+sl[i]+"[i].toXml(doc,\""+sl[i]+"\");\n";
+ }else{
+ code+="\t\ttmp=doc.createElement(\""+sl[i]+"\");\n";
+ code+="\t\ttmp.appendChild(doc.createTextNode(";
+ if(trn.isIntType(t))
+ code+="QString::number(in_"+sl[i]+"[i])";
+ else
+ if(trn.isBoolType(t))
+ code+="in_"+sl[i]+"[i]?\"yes\":\"no\"";
+ else
+ code+="in_"+sl[i]+"[i]";
+ code+="));\n";
+ }
+ code+="\t\troot.appendChild(tmp);\n";
+ code+="\t}\n";
+ }else{
+ if(trn.isObjectType(t)){
+ code+="\troot.appendChild(in_"+sl[i]+".toXml(doc,\""+sl[i]+"\"));\n";
+ }else{
+ code+="\ttmp=doc.createElement(\""+sl[i]+"\");\n";
+ code+="\ttmp.appendChild(doc.createTextNode(";
+ if(trn.isIntType(t))
+ code+="QString::number(in_"+sl[i]+")";
+ else
+ code+="in_"+sl[i];
+ code+="));\n\troot.appendChild(tmp);\n";
+ }
+ }
+ }
+ }
+ code+="\t/*end of input encoding*/\n";
+ return code;
+}
+
+QString WocQtClientOut::trnOutput(const WocTransaction&trn)
+{
+ QStringList sl=trn.outputNames();
+ QString code="\t/*start of output decoding*/\n";
+ //basic XML parsing
+ code+="\tif(rba.isEmpty())return;\n";
+ code+="\tdoc=QDomDocument();\n";
+ code+="\tQString emsg;int eln,ecl;\n";
+ code+="\tif(!doc.setContent(rba,&emsg,&eln,&ecl)){\n";
+ code+="\t\tm_stage=Error;m_errtype=\"_iface\";m_errstr=QString(\"XML result parser error line %1 col %2: %3\").arg(eln).arg(ecl).arg(emsg);\n\t}\n";
+ code+="\troot=doc.documentElement();\n";
+ //decide where to go, error handling
+ code+="\tQString stat=root.attribute(\"status\");\n";
+ code+="\tif(stat!=\"ok\"){\n\t\tm_stage=Error;m_errtype=\"_server\";m_errstr=\"server error\";\n";
+ code+="\t\tQDomNodeList nl=root.elementsByTagName(\"Error\");\n";
+ code+="\t\tif(nl.size()==0)return;\n";
+ code+="\t\ttmp=nl.at(0).toElement();\n";
+ code+="\t\tm_errtype=tmp.attribute(\"type\",\"_server\");\n";
+ code+="\t\tm_errstr=tmp.text();\n\treturn;\n\t}\n";
+ code+="\tQDomNodeList nl;\n";
+ //parse parameters
+ for(int i=0;i<sl.size();i++){
+ QString t=trn.outputType(sl[i]);
+ if(trn.isAttributeType(t)){
+ code+="\tout_"+sl[i]+"=root.attribute(\""+sl[i]+"\")";
+ if(trn.isIntType(t))code+=".toInt()";else
+ if(trn.isBoolType(t))code+="==\"yes\"";
+ code+=";\n";
+ }else{
+ code+="\tnl=root.elementsByTagName(\""+sl[i]+"\");\n";
+ if(trn.isListType(t)){
+ code+="\tfor(int i=0;i<nl.size();i++){\n";
+ if(trn.isObjectType(t)){
+ code+="\t\tout_"+sl[i]+".append("+qtobjtype(trn,sl[i],Out)+"(nl.at(i).toElement()));\n";
+ }else if(trn.isIntType(t)){
+ code+="\t\tout_"+sl[i]+".append(nl.at(i).toElement().text().toInt());\n";
+ }else if(trn.isBoolType(t)){
+ code+="\t\tout_"+sl[i]+".append(nl.at(i).toElement().text()==\"yes\");\n";
+ }else{//can only be string
+ code+="\t\tout_"+sl[i]+".append(nl.at(i).toElement().text());\n";
+ }
+ code+="\t}\n";
+ }else{
+ code+="\tif(nl.size()>0){\n";
+ if(trn.isObjectType(t)){
+ code+="\t\tout_"+sl[i]+"="+qtobjtype(trn,sl[i],Out)+"(nl.at(0).toElement());\n";
+ }else{//can only be string
+ code+="\t\tout_"+sl[i]+"=nl.at(0).toElement().text();\n";
+ }
+ code+="\t}\n";
+ }
+ }
+ }
+ code+="\t/*end of output*/\n";
+ return code;
+}
+
QString WocQtClientOut::qttype(const WocTransaction&trn,QString v,InOut io)
{
QString tp=io==In?trn.inputType(v):trn.outputType(v);
QString tp=io==In?trn.inputType(v):trn.outputType(v);
if(tp.startsWith("List:"))
tp=tp.mid(5);
- if(tp=="astring" || tp=="string"||tp=="int")return "";
- else return m_prefix+"O"+tp.split("/",QString::SkipEmptyParts).at(0);
+ if(tp=="astring" || tp=="string"||tp=="int"||tp=="int32"||tp=="int64")return "";
+ else return m_prefix+"O"+tp;
}
void WocQtClientOut::addFile(QString bn)
QString qttype(const WocTransaction&,QString,InOut);
/**helper: generate a proper QT type for a transaction variable, WO* only */
QString qtobjtype(const WocTransaction&,QString,InOut);
+
+ /**helper generates the transaction input encoding*/
+ QString trnInput(const WocTransaction&);
+ /**helper generates the transaction output decoding*/
+ QString trnOutput(const WocTransaction&);
};
#endif
////////////
//Dedicated Client Configuration
-//Authentication algorithm
-// possible: md5, sha1, sha256, hmac-md5, hmac-sha1, hmac-sha256
-$ClientAuthAlgo="hmac-sha1";
-//hash algorithm library -- the PHP extension/module used for calculation
-// possible: string (md5, sha1 only), hash, mhash
-$HashLib="hash";
-
-//Initial timeout from start of session request to session authentication
-// usually 300s (5min) is a good value
-$ClientAuthTimeout=300;
//Authenticated session timeout - how long an authenticated session lasts
// this should usually be a few hours (3600s per hour)
$ClientSessionTimeout=2*3600;
die("Database is not correctly configured. Giving up.");
//load class-files
include('./inc/classes/autoload.php');
-include("./inc/machine/autoload.php");
?>
\ No newline at end of file
$AUTOCLASS["Host"]="./inc/machine/host.php";
$AUTOCLASS["Template"]="./inc/machine/template.php";
-//load hash lib
-include("./inc/machine/cauth_".$HashLib.".php");
-
+include("./inc/machine/version.php");
?>
\ No newline at end of file
+++ /dev/null
-<?
-//
-// PHP Implementation: cauth_hash
-//
-// Description:
-//
-//
-// Author: Konrad Rosenbaum <konrad@silmor.de>, (C) 2007
-//
-// Copyright: See README/COPYING files that come with this distribution
-//
-//
-
-/**helper for Session::authenticate, using hash module*/
-function calcAuth($cha,$tok)
-{
- global $ClientAuthAlgo;
- switch($ClientAuthAlgo){
- case "md5":
- case "sha1":
- case "sha256":return hash($ClientAuthAlgo,$cha.$tok);
- case "hmac-md5":return hash_hmac("md5",$cha,$tok);
- case "hmac-sha1":return hash_hmac("sha1",$cha,$tok);
- case "hmac-sha256":return hash_hmac("sha256",$cha,$tok);
- default:trigger_error("Internal error: unknown hash algorithm",E_USER_ERROR);
- }
-}
-
-/**helper for Customer::authenticate and Customer::setPassword*/
-function calcPasswd($pass,$salt)
-{
- return $salt.":".hash("sha1",$salt.$pass);
-}
-
-?>
\ No newline at end of file
+++ /dev/null
-<?
-//
-// PHP Implementation: cauth_mhash
-//
-// Description:
-//
-//
-// Author: Konrad Rosenbaum <konrad@silmor.de>, (C) 2007
-//
-// Copyright: See README/COPYING files that come with this distribution
-//
-//
-
-/**helper for Session::authenticate, using mhash module*/
-function calcAuth($cha,$tok)
-{
- global $ClientAuthAlgo;
- switch($ClientAuthAlgo){
- case "md5":return bin2hex(mhash(MHASH_MD5,$cha.$tok));
- case "sha1":return bin2hex(mhash(MHASH_SHA1,$cha.$tok));
- case "sha256":return bin2hex(mhash(MHASH_SHA256,$cha.$tok));
- case "hmac-md5":return bin2hex(mhash(MHASH_MD5,$cha,$tok));
- case "hmac-sha1":return bin2hex(mhash(MHASH_SHA1,$cha,$tok));
- case "hmac-sha256":return bin2hex(mhash(MHASH_SHA256,$cha,$tok));
- default:trigger_error("Internal error: unknown hash algorithm",E_USER_ERROR);
- }
-}
-
-/**helper for Customer::authenticate and Customer::setPassword*/
-function calcPasswd($pass,$salt)
-{
- return $salt.":".bin2hex(mhash(MHASH_SHA1,$salt.$pass));
-}
-
-?>
\ No newline at end of file
+++ /dev/null
-<?
-//
-// PHP Implementation: cauth_string
-//
-// Description:
-//
-//
-// Author: Konrad Rosenbaum <konrad@silmor.de>, (C) 2007
-//
-// Copyright: See README/COPYING files that come with this distribution
-//
-//
-
-/**helper for Session::authenticate, using string module*/
-function calcAuth($key,$tok)
-{
- global $ClientAuthAlgo;
- switch($ClientAuthAlgo){
- case "md5":return strtolower(md5($key.$tok));
- case "sha1":return strtolower(sha1($key.$tok));
- default:trigger_error("Internal error: unknown hash algorithm",E_USER_ERROR);
- }
-}
-
-/**helper for Customer::authenticate and Customer::setPassword*/
-function calcPasswd($pass,$salt)
-{
- return $salt.":".strtolower(sha1($salt.$pass));
-}
-
-?>
\ No newline at end of file
global $db;
$db->deleteRows("session","timeout<=".time());
-/**initiate new session - $rand should contain some food for the random number generator (from the host request)*/
-function newSession($rand)
-{
- global $db,$ClientAuthTimeout;
- //get random bits
- randseed($rand);
- $sid=getRandom(128);
- $ucha=getRandom(128);
- $hcha=getRandom(128);
- //try to create entry
- $db->beginTransaction();
- while(1){
- //check for existence
- $res=$db->select("session","sessionid","sessionid='".$sid."'");
- if(count($res)==0)break;
- //create new SID and repeat
- $sid=getRandom(128);
- }
- $ret=array("sessionid"=>$sid,"uchallenge"=>$ucha,"hchallenge"=>$hcha,"user"=>"","timeout"=>time()+$ClientAuthTimeout);
- $db->insert("session",$ret);
- $db->commitTransaction();
- return $ret;
-}
-
-/**delete current session*/
-function deleteSession()
-{
- global $_SERVER,$db;
- if(isset($_SERVER["HTTP_X_MAGICSMOKE_SESSION"]))
- $db->deleteRows("session","sessionid=".$db->escapeString($_SERVER["HTTP_X_MAGICSMOKE_SESSION"]));
-}
-
/**The session class*/
class Session
{
private $sessid="";
private $user="";
+ private $roles;
+ private $rights;
/**construct the session object, check validity*/
- public function __construct()
+ public function __construct($sid)
+ {
+ global $db,$session;
+ $this->roles=array();
+ $this->rights=array();
+ $res=$db->select("session","sessionid,user","sessionid=".$db->escapeString($sid));
+ if(count($res)>0){
+ $this->sessid=$sid;
+ $this->user=$res[0]["user"];
+ $this->initRights();
+ }
+ $session=$this;
+ }
+
+ /**internal: retrieve and remember the rights of this user*/
+ public function initRights()
{
- global $_SERVER,$db;
- if(isset($_SERVER["HTTP_X_MAGICSMOKE_SESSION"])){
- $res=$db->select("session","sessionid,user","sessionid=".$db->escapeString($_SERVER["HTTP_X_MAGICSMOKE_SESSION"]));
- if(count($res)>0){
- $this->sessid=$_SERVER["HTTP_X_MAGICSMOKE_SESSION"];
- $this->user=$res[0]["user"];
- }
+ global $db;
+ $res=$db->select("userrole","role","uname=".$db->escapeString($this->user));
+ for($i=0;$i<count($res);$i++){
+ $this->roles[]=$res[$i][0];
+ $res2=$db->select("roleright","rightname","rolename=".$db->escapeString($res[$i][0]));
+ for($j=0;$j<count($res2);$j++)
+ $this->rights[]=$res2[$j][0];
+ }
+ }
+
+ /**returns all rights of this user*/
+ public function getRights(){return $this->rights;}
+
+ /**returns all roles of this user*/
+ public function getRoles(){return $this->roles;}
+
+ /**creates a new session*/
+ static public function login($trans)
+ {
+ global $db,$ClientSessionTimeout;
+ //get host data
+ $uhres=$db->select("userhosts","host","uname=".$db->escapeString($trans->getusername()));
+ $hres=$db->select("host","*","hostname=".$db->escapeString($trans->gethostname));
+ $hosts=array();
+ foreach($uhres as $hst)
+ $hosts[]=$hst["host"];
+ //logic check 1: abort if host is unknown
+ if(count($hres)==0){
+ $trans->abortWithError("auth",translate("php::","Unknown Host"));
+ }
+ //logic check: login is allowed if
+ // a) $hosts contains _any and the host is known, or
+ // b) $hosts contains the transmitted host name
+ $hostname=$trans->gethostname();
+ if( !in_array($hostname,$hosts) && !in_array("_any",$hosts)){
+ $trans->abortWithError("auth",translate("php::","Host/User combination not allowed");
+ }
+
+ //validate host
+ $splt=explode(" ",$hres[0]["hostkey"]);
+ if(count($splt)!=2){
+ $trans->abortWithError("auth",translate("php::","Host authentication failed"));
+ }
+ $cmp=strtolower(sha1($splt[0].$trans->gethostkey()));
+ if($cmp != strtolower($splt[1])){
+ $trans->abortWithError("auth",translate("php::","Host authentication failed"));
+ }
+
+ //get user data
+ $ures=$db->select("users","*","uname=".$db->escapeString($trans->getusername()));
+ if(count($ures)<1){
+ $trans->abortWithError("auth",translate("php::","User Authentication failed"));
+ }
+ //validate user
+ $splt=explode(" ",$ures[0]["passwd"]);
+ if(count($splt)!=2){
+ $trans->abortWithError("auth",translate("php::","User Authentication failed"));
+ }
+ $cmp=strtolower(sha1($splt[0].$trans->getpassword()));
+ if($cmp!=strtolower($splt[1])){
+ $trans->abortWithError("auth",translate("php::","User Authentication failed"));
+ }
+
+ //create session and return
+ //get random bits
+ randseed($rand);
+ $sid=getRandom(128);
+ //try to create entry
+ $db->beginTransaction();
+ while(1){
+ //check for existence
+ $res=$db->select("session","sessionid","sessionid='".$sid."'");
+ if(count($res)==0)break;
+ //create new SID and repeat
+ $sid=getRandom(128);
}
+ $valid=time()+$ClientSessionTimeout;
+ $ret=array("sessionid"=>$sid,"user"=>$trans->getusername(),"timeout"=>$valid);
+ $db->insert("session",$ret);
+ $db->commitTransaction();
+
+ $trans->setsessionid($sid);
+ $trans->setvalidtill($valid);
}
+ /**delete current session*/
+ function deleteSession()
+ {
+ global $db;
+ $db->deleteRows("session","sessionid=".$db->escapeString($this->sessid));
+ }
+
/**returns true if the session exists, it may still be temporary and unauthenticated*/
public function isValid()
{
exit();
}
- /**runs authentication against the user request*/
- public function authenticate()
- {
- global $db,$REQUESTDATA;
- //already authenticated?
- if($this->isAuthenticated()){
- header("X-MagicSmoke-Status: Error");
- die("Protocol violation: already authenticated.");
- }
- //get DB record:session
- $sres=$db->select("session","*","sessionid=".$db->escapeString($this->sessid));
- if(count($sres)<1){
- header("X-MagicSmoke-Status: Unauthenticated");
- deleteSession();
- die("No such session");
- }
- //parse request
- $auth=new DOMDocument;
- if(!$auth->loadXML($REQUESTDATA)){
- header("X-MagicSmoke-Status: SyntaxError");
- deleteSession();
- die(tr("unable to parse XML data"));
- }
- $hostname="";$hostauth="";$username="";$userauth="";
- foreach($auth->getElementsByTagName("HostName") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $hostname=$cn->wholeText;
- foreach($auth->getElementsByTagName("HostAuth") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $hostauth=$cn->wholeText;
- foreach($auth->getElementsByTagName("UserName") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $username=$cn->wholeText;
- foreach($auth->getElementsByTagName("UserAuth") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $userauth=$cn->wholeText;
- if($hostname=="" || $hostauth=="" || $username=="" || $userauth==""){
- header("X-MagicSmoke-Status: SyntaxError");
- deleteSession();
- die(tr("missing some authentication data"));
- }
- //get user data
- $ures=$db->select("users","*","uname=".$db->escapeString($username));
- if(count($ures)<1){
- header("X-MagicSmoke-Status: Unauthenticated");
- deleteSession();
- $this->xdie("No such user");
- }
- //get allowed hosts
- $uhres=$db->select("userhosts","host","uname=".$db->escapeString($username));
- $hres=$db->select("host","*","hostname=".$db->escapeString($hostname));
- $hosts=array();
- foreach($uhres as $hst)
- $hosts[]=$hst["host"];
- //check that host is allowed
- $needhostauth=true;
- if(in_array("_anon",$hosts)){
- //anonymous hosts allowed, ignore host auth
- $needhostauth=false;
- }else
- if(in_array("_any",$hosts)){
- //any host allowed, check it exists
- if(count($hres)<1){
- header("X-MagicSmoke-Status: Unauthenticated");
- deleteSession();
- $this->xdie("unknown host");
- }
- }else{
- //check whether allowed
- if(!in_array($hostname,$hosts)){
- //host name not in allowed list
- header("X-MagicSmoke-Status: Unauthenticated");
- deleteSession();
- $this->xdie("host not allowed");
- }
- //check whether exists
- if(count($hres)<1){
- header("X-MagicSmoke-Status: Unauthenticated");
- deleteSession();
- $this->xdie("No such host");
- }
- }
- //compare
- $ua=calcAuth($sres[0]["uchallenge"],$ures[0]["passwd"]);
- if($ua!=$userauth){
- header("X-MagicSmoke-Status: Unauthenticated");
- deleteSession();
- $this->xdie("user challenge failed");
- }
- if($needhostauth){
- $ha=calcAuth($sres[0]["hchallenge"],$hres[0]["hostkey"]);
- if($ha!=$hostauth){
- header("X-MagicSmoke-Status: Unauthenticated");
- deleteSession();
- $this->xdie("host challenge failed");
- }
- }
- //success
- header("X-MagicSmoke-Status: Ok");
- global $ClientSessionTimeout;
- $tout=(time()+$ClientSessionTimeout)."\n".time();
- $db->update("session",array("user"=>$username,"timeout"=>$tout),"sessionid=".$db->escapeString($this->sessid));
- echo $tout;
- }
-
/**set my own password*/
public function setMyPasswd($txt)
{
public function canExecute($transaction)
{
global $db;
- $res=$db->select("userrole","role","uname=".$db->escapeString($this->user));
- foreach($res as $rl)
- if($rl["role"]==$transaction || $rl["role"]=="_admin")
- return true;
- return false;
+ if(in_array("_admin",$this->roles))return true;
+ return in_array($transaction,$this->rights);
}
/**called for GetMyRoles transaction*/
// PHP: scans each line splitting at () and ,
//minimum version that the server understands (4 hex digits)
-defversion(MINSERVER,0000)
+defversion(MINSERVER,0101)
//current version of the server
-defversion(CURSERVER,0005)
+defversion(CURSERVER,0101)
//current human readable version of the server
-defversion(HRSERVER,1.1 beta)
+defversion(HRSERVER,1.91 alpha)
//minimum version that the client requires
-defversion(MINCLIENT,0000)
+defversion(MINCLIENT,0101)
//current version of the client
-defversion(CURCLIENT,0005)
+defversion(CURCLIENT,0101)
//current human readable version of the client
-defversion(HRCLIENT,1.1 beta)
+defversion(HRCLIENT,1.91 alpha)
//load version include
defversion();
+function serverInfoXml($trans)
+{
+ global $MSVERSION;
+ $trans->setServerVersion($MSVERSION["HRSERVER"]);
+ $trans->setMinimumProtocolVersion($MSVERSION["MINSERVER"]);
+ $trans->setServerProtocolVersion($MSVERSION["CURSERVER"]);
+}
+
?>
\ No newline at end of file
exit();
}
+ /**called to abort a transactions flow*/
+ public function abortWithError($type,$text){
+ header("X-WobResponse-Status: Error");
+ print("<WobResponse status=\"error\"><Error type=\"".xq($type)."\">".xq($text)."</Error></WobResponse>\n");
+ exit();
+ }
+
/**returns the status of the transaction as string*/
public function statusString()
{
<?
-//check the HTTP-request type
-if($_SERVER["REQUEST_METHOD"] != "POST" || !isset($_SERVER["HTTP_X_MAGICSMOKE_REQUEST"])){
- header("X-MagicSmoke-Status: NonPost");
- print("<html><title>Error</title><body>This is the machine interface of Magic Smoke. Other clients and browsers are not allowed.</html>");
- exit();
-}
//fix content-type to something that is not manipulated by proxies
header("Content-Type: application/x-MagicSmoke");
-include_once("inc/tr.php");
-include_once("inc/machine/version.php");
-
-//check whether the request is known
-/* TRANSLATOR TransactionNames:: */
-/**all valid requests must be listed here (in lower case and wrapped in tr())*/
-$ALLOWEDREQUESTS=array(
- //info request:
- tr("serverinfo"),
- //session requests:
- tr("startsession"),tr("sessionauth"),tr("closesession"),
- //////////
- //all requests below here need authentication
- //role management: get my own ACLs
- tr("getmyroles"),
- /////////
- //all requests below here need a role entry in the DB
- //user management
- tr("getusers"),tr("setuserdescription"),tr("getuseracl"),tr("setuseracl"),tr("getuserhosts"),
- tr("setuserhosts"),tr("adduser"),tr("deleteuser"),tr("setmypasswd"),tr("setpasswd"),
- //host management
- tr("gethosts"),tr("sethost"),tr("addhost"),tr("deletehost"),
- //event infos
- tr("geteventlist"),tr("geteventdata"),tr("seteventdata"),tr("eventsummary"),tr("cancelevent"),
- //room infos
- tr("getroomdata"),tr("setroomdata"),
- //customer info
- tr("getcustomerlist"),tr("getcustomer"),tr("setcustomer"),tr("deletecustomer"),
- //sell/order stuff
- tr("checkorder"),tr("createorder"),tr("createsale"),tr("createreservedorder"),tr("getorderlist"),
- tr("getorder"),tr("orderpay"),tr("orderrefund"),tr("ordershipped"),tr("cancelorder"),
- tr("orderbyticket"),tr("getordersbyevents"),tr("setordercomment"),tr("orderchangeshipping"),
- tr("reservationtoorder"),tr("reservationtosale"),
- //shipping info
- tr("getshipping"),tr("setshipping"),tr("deleteshipping"),
- //ticket management
- tr("getticket"),tr("useticket"),tr("changeticketprice"),tr("ticketreturn"),
- //voucher management
- tr("getvoucherprices"),tr("cancelvoucher"),tr("emptyvoucher"),tr("usevoucher"),tr("usevoucheroutside"),tr("getvoucher"),
- //templates
- tr("gettemplatelist"),tr("gettemplate"),tr("settemplate"),tr("settemplatedescription"),
- tr("deletetemplate"),
- //backup
- tr("backup"),
- //money trail
- tr("moneylog")
-);
-/**special roles begin with _ and are listed here (in lower case and wrapped in tr())*/
-$SPECIALROLES=array(
- tr("_admin"),//system administrator
- tr("_anyshipping"),//user can assign any kind of shipping
- tr("_repriceshipping"),//user may alter shipping price
- tr("_anyvoucher"),//user may generate vouchers of any value/price, not just configured ones
- tr("_anypricevoucher"),//user may generate vouchers with price different from value
- tr("_explicitshipdate")//user may set an explicit shipping date
-);
-/* TRANSLATOR php::
-*/
-/**contains the low-level request name from the client*/
-$SMOKEREQUEST=strtolower($_SERVER["HTTP_X_MAGICSMOKE_REQUEST"]);
-if(!in_array($SMOKEREQUEST,$ALLOWEDREQUESTS)){
- header("X-MagicSmoke-Status: InvalidRequest");
- die(tr("Invalid Request, please use the MagicSmoke Client with this page."));
-}
-/**contains the low-level request data from the client*/
-$REQUESTDATA="";
-if(isset($HTTP_RAW_POST_DATA)){
- $REQUESTDATA=$HTTP_RAW_POST_DATA;
-}
-
-//initialize basics
+//initialize
include("inc/loader.php");
-
-// server info can be answered without performing any more initialization
-if($SMOKEREQUEST=="serverinfo"){
- header("X-MagicSmoke-Status: Ok");
- print("<Info>\n <ServerVersion proto=\"");
- print($MSVERSION["MINSERVER"]." ".$MSVERSION["CURSERVER"]);
- print("\">".$MSVERSION["HRSERVER"]);
- print("</ServerVersion>\n <AuthAlgorithm>$ClientAuthAlgo</AuthAlgorithm>\n</Info>");
- exit();
-}
-
-//initialize DB
include("inc/loader_nonadmin.php");
+include("./inc/machine/autoload.php");
-//load machine interface
-include("inc/machine/session.php");
-include("inc/machine/host.php");
-include("inc/machine/template.php");
-
-// request to start a session
-if($SMOKEREQUEST=="startsession"){
- //start session
- $sess=newSession($REQUESTDATA);
- header("X-MagicSmoke-Status: Ok");
- print("<SessionStart><ID>".$sess["sessionid"]."</ID><HostChallenge>".$sess["hchallenge"].
- "</HostChallenge><UserChallenge>".$sess["uchallenge"]."</UserChallenge><Timeout>".
- $sess["timeout"]."</Timeout></SessionStart>");
- exit();
-}
-//request to close a session
-if($SMOKEREQUEST=="closesession"){
- //close session
- deleteSession();
- //return
- header("X-MagicSmoke-Status: Ok");
- exit();
-}
-
-//all others need a valid session, check it
-//check session
-/**session object*/
-$session=new Session;
-if(!$session->isValid()){
- header("X-MagicSmoke-Status: Unauthenticated");
- die(tr("Invalid or missing sessionid, or session timed out."));
-}
-
-//request session authentication
-if($SMOKEREQUEST=="sessionauth"){
- $session->authenticate();
- exit();
-}
-
-//remainder must be authenticated
-if(!$session->isAuthenticated()){
- header("X-MagicSmoke-Status: Unauthenticated");
- die(tr("Session not yet authenticated."));
-}
-
-//get roles of myself
-if($SMOKEREQUEST=="getmyroles"){
- $session->getMyRoles();
- exit();
-}
-
-//check that we actually are allowed to do this
-if(!$session->canExecute($SMOKEREQUEST)){
- header("X-MagicSmoke-Status: NotAllowed");
- die(tr("You do not have the right to execute this transaction."));
-}
-
-//get a list of events
-if($SMOKEREQUEST=="geteventlist"){
- getAllEventsXml();
- exit();
-}
-
-//get a specific event
-if($SMOKEREQUEST=="geteventdata"){
- //convert request data into array
- $evts=array();
- $lst=explode(" ",$REQUESTDATA);
- foreach($lst as $k=>$v){
- $evts[]=$v+0;
- }
- //get data and build XML
- getEventsXml(array_values(array_unique($evts)));
- exit();
-}
-
-//set an event
-if($SMOKEREQUEST=="seteventdata"){
- setEventXml($REQUESTDATA);
- exit();
-}
-
-//get the summary info of the event
-if($SMOKEREQUEST=="eventsummary"){
- getEventSummaryXml($REQUESTDATA+0);
- exit();
-}
-
-//cancel an event
-if($SMOKEREQUEST=="cancelevent"){
- cancelEventXml(trim($REQUESTDATA));
- exit();
-}
-
-//get room
-if($SMOKEREQUEST=="getroomdata"){
- getRoomsXml($REQUESTDATA);
- exit();
-}
-
-//set room
-if($SMOKEREQUEST=="setroomdata"){
- setRoomsXml($REQUESTDATA);
- exit();
-}
-
-//get all users
-if($SMOKEREQUEST=="getusers"){
- getAllUsersXml();
- exit();
-}
-
-if($SMOKEREQUEST=="setuserdescription"){
- setUserDescrXml($REQUESTDATA);
- exit();
-}
-
-//get ACL info of specific users
-if($SMOKEREQUEST=="getuseracl"){
- getUserAclXml($REQUESTDATA);
- exit();
-}
-//set the ACL of a specific user
-if($SMOKEREQUEST=="setuseracl"){
- setUserAclXml($REQUESTDATA);
- exit();
-}
-//get the allowed client hosts of a specific user
-if($SMOKEREQUEST=="getuserhosts"){
- getUserHostsXml($REQUESTDATA);
- exit();
-}
-//set the allowed client hosts of a specific user
-if($SMOKEREQUEST=="setuserhosts"){
- setUserHostsXml($REQUESTDATA);
- exit();
-}
-//create a new user
-if($SMOKEREQUEST=="adduser"){
- addUserXml($REQUESTDATA);
- exit();
-}
-//delete an user
-if($SMOKEREQUEST=="deleteuser"){
- deleteUserXml($REQUESTDATA);
- exit();
-}
-//set my own password
-if($SMOKEREQUEST=="setmypasswd"){
- $session->setMyPasswd($REQUESTDATA);
- exit();
-}
-//reset another users password
-if($SMOKEREQUEST=="setpasswd"){
- setPasswdXml($REQUESTDATA);
- exit();
-}
-
-//return a list of all hosts with their keys
-// there is currently no transaction to get names only, since this is
-// implied in getuserhosts
-if($SMOKEREQUEST=="gethosts"){
- getAllHostsXml();
- exit();
-}
-//change the key of a host
-if($SMOKEREQUEST=="sethost"){
- setHostXml($REQUESTDATA);
-}
-//create a new host entry
-if($SMOKEREQUEST=="addhost"){
- addHostXml($REQUESTDATA);
- exit();
-}
-if($SMOKEREQUEST=="deletehost"){
- deleteHostXml($REQUESTDATA);
- exit();
-}
-
-
-//return list of templates
-if($SMOKEREQUEST=="gettemplatelist"){
- getTemplateList();
- exit();
-}
-//get specific template
-if($SMOKEREQUEST=="gettemplate"){
- getTemplate(trim($REQUESTDATA));
- exit();
-}
-//set a specific template
-if($SMOKEREQUEST=="settemplate"){
- setTemplate($REQUESTDATA);
- exit();
-}
-//set a specific template description
-if($SMOKEREQUEST=="settemplatedescription"){
- setTemplateDescription($REQUESTDATA);
- exit();
-}
-//delete a template
-if($SMOKEREQUEST=="deletetemplate"){
- deleteTemplate(trim($REQUESTDATA));
- exit();
-}
-
-
-//get the list of customers
-if($SMOKEREQUEST=="getcustomerlist"){
- getCustomerListXml();
- exit();
-}
-
-//get a specific customer
-if($SMOKEREQUEST=="getcustomer"){
- getCustomerXml(trim($REQUESTDATA));
- exit();
-}
-
-//set/create a specific customer
-if($SMOKEREQUEST=="setcustomer"){
- setCustomerXml($REQUESTDATA);
- exit();
-}
-
-//delete/merge a specific customer
-if($SMOKEREQUEST=="deletecustomer"){
- deleteCustomerXml($REQUESTDATA);
- exit();
-}
-
-//check that the order can be executed
-if($SMOKEREQUEST=="checkorder"){
- createOrderXml($REQUESTDATA,"check");
- exit();
-}
-//create order as normal order
-if($SMOKEREQUEST=="createorder"){
- createOrderXml($REQUESTDATA,"order");
- exit();
-}
-//create order as a sale (already paid and delivered)
-if($SMOKEREQUEST=="createsale"){
- createOrderXml($REQUESTDATA,"sell");
- exit();
-}
-//create order as a reservation (like normal order, but cannot be used/paid/sent)
-if($SMOKEREQUEST=="createreservedorder"){
- createOrderXml($REQUESTDATA,"reserve");
- exit();
-}
-//change reservation into order
-if($SMOKEREQUEST=="reservationtoorder"){
- changeReservationXml(trim($REQUESTDATA),ORDER_PLACED);
- exit();
-}
-//change reservation into sale
-if($SMOKEREQUEST=="reservationtosale"){
- changeReservationXml(trim($REQUESTDATA),ORDER_SOLD);
- exit();
-}
-//get list of all orders
-if($SMOKEREQUEST=="getorderlist"){
- getOrderListXml();
- exit();
-}
-//get a single order
-if($SMOKEREQUEST=="getorder"){
- getOrderXml(trim($REQUESTDATA)+0);
- exit();
-}
-//pay for an order
-if($SMOKEREQUEST=="orderpay"){
- orderPayXml($REQUESTDATA,1);
- exit();
-}
-//refund an order
-if($SMOKEREQUEST=="orderrefund"){
- orderPayXml($REQUESTDATA,-1);
- exit();
-}
-//mark order shipped
-if($SMOKEREQUEST=="ordershipped"){
- orderShippedXml(trim($REQUESTDATA));
- exit();
-}
-//cancel order
-if($SMOKEREQUEST=="cancelorder"){
- orderCancelXml(trim($REQUESTDATA));
- exit();
-}
-//find an order
-if($SMOKEREQUEST=="orderbyticket"){
- orderByTicketXml(trim($REQUESTDATA));
- exit();
-}
-if($SMOKEREQUEST=="getordersbyevents"){
- orderByEventXml(trim($REQUESTDATA));
- exit();
-}
-if($SMOKEREQUEST=="setordercomment"){
- setOrderCommentXml(trim($REQUESTDATA));
- exit();
-}
-if($SMOKEREQUEST=="orderchangeshipping"){
- setOrderShippingXml(trim($REQUESTDATA));
- exit();
-}
-
-//get shipping info
-if($SMOKEREQUEST=="getshipping"){
- getShippingXml();
- exit();
-}
-//set/create shipping info
-if($SMOKEREQUEST=="setshipping"){
- setShippingXml(trim($REQUESTDATA));
- exit();
-}
-//delete shipping info
-if($SMOKEREQUEST=="deleteshipping"){
- deleteShippingXml(trim($REQUESTDATA));
- exit();
-}
-
-
-//get a ticket
-if($SMOKEREQUEST=="getticket"){
- getTicketXml(trim($REQUESTDATA));
- exit();
-}
-//mark a ticket as used
-if($SMOKEREQUEST=="useticket"){
- useTicketXml(trim($REQUESTDATA));
- exit();
-}
-//change the price of a ticket
-if($SMOKEREQUEST=="changeticketprice"){
- changeTicketPriceXml(trim($REQUESTDATA));
- exit();
-}
-//return a ticket: cancels it
-if($SMOKEREQUEST=="ticketreturn"){
- ticketReturnXml(trim($REQUESTDATA));
- exit();
-}
-
-//get all valid prices for vouchers
-if($SMOKEREQUEST=="getvoucherprices"){
- getVoucherPricesXml();
- exit();
-}
-//return a voucher: cancels it
-if($SMOKEREQUEST=="cancelvoucher"){
- cancelVoucherXml(trim($REQUESTDATA));
- exit();
-}
-//return a voucher: emties it
-if($SMOKEREQUEST=="emptyvoucher"){
- emptyVoucherXml(trim($REQUESTDATA));
- exit();
-}
-//use a voucher to pay
-if($SMOKEREQUEST=="usevoucher"){
- useVoucherXml(trim($REQUESTDATA));
- exit();
-}
-//use a voucher to pay
-if($SMOKEREQUEST=="usevoucheroutside"){
- useVoucher2Xml(trim($REQUESTDATA));
- exit();
-}
-//get info about a voucher
-if($SMOKEREQUEST=="getvoucher"){
- getVoucherXml(trim($REQUESTDATA));
- exit();
-}
-
-
-//get info about a voucher
-if($SMOKEREQUEST=="moneylog"){
- moneylogXml(trim($REQUESTDATA));
- exit();
-}
-
-
-//retrieve backup
-if($SMOKEREQUEST=="backup"){
- header("X-MagicSmoke-Status: Ok");
- $db->dumpBackup();
- exit();
-}
+//let wob do the rest
+WobTransaction::handle();
-//EOF
-header("X-MagicSmoke-Status: Error");
-die(tr("Internal Error: unknown command, hiccup in code structure."));
?>
\ No newline at end of file
projects / web/konrad/smoke.git / commitdiff