diff options
| author | Simon Rettberg | 2016-04-29 20:55:59 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2016-04-29 20:55:59 +0200 |
| commit | cbd23b7d191327a7cfb6a98e657659045da71af3 (patch) | |
| tree | f029ab85c3ac07d3f2a56b4359fd36c265898d6d /apis | |
| parent | More Progress; Merged changes from ufpr up to 775cdbd29f5d0f70946d1d5ff09c091... (diff) | |
| download | slx-admin-cbd23b7d191327a7cfb6a98e657659045da71af3.tar.gz slx-admin-cbd23b7d191327a7cfb6a98e657659045da71af3.tar.xz slx-admin-cbd23b7d191327a7cfb6a98e657659045da71af3.zip | |
Second half of merge....
Diffstat (limited to 'apis')
| -rw-r--r-- | apis/statistics.inc.php | 29 | ||||
| -rw-r--r-- | apis/webservice.inc.php | 34 | ||||
| -rw-r--r-- | apis/webservice/getinfo.php | 25 | ||||
| -rw-r--r-- | apis/webservice/login.php | 23 | ||||
| -rw-r--r-- | apis/webservice/newupload.php | 67 | ||||
| -rw-r--r-- | apis/webservice/upload.php | 62 |
6 files changed, 240 insertions, 0 deletions
diff --git a/apis/statistics.inc.php b/apis/statistics.inc.php new file mode 100644 index 00000000..2be805ba --- /dev/null +++ b/apis/statistics.inc.php @@ -0,0 +1,29 @@ +<?php + +$NOW = time(); +$cutoff = $NOW - 86400*90; + +$res = Database::simpleQuery("SELECT m.machineuuid, m.locationid, m.macaddr, m.clientip, m.lastseen, m.logintime, m.mbram," + . " m.kvmstate, m.cpumodel, m.systemmodel, m.id44mb, m.badsectors, m.hostname, GROUP_CONCAT(s.locationid) AS locs" + . " FROM machine m" + . " LEFT JOIN subnet s ON (INET_ATON(m.clientip) BETWEEN s.startaddr AND s.endaddr)" + . " WHERE m.lastseen > $cutoff" + . " GROUP BY m.machineuuid"); + +$return = array( + 'now' => $NOW, + 'clients' => array(), + 'locations' => Location::getLocationsAssoc() +); +while ($client = $res->fetch(PDO::FETCH_ASSOC)) { + if ($NOW - $client['lastseen'] > 610) { + $client['state'] = 'OFF'; + } elseif ($client['logintime'] == 0) { + $client['state'] = 'IDLE'; + } else { + $client['state'] = 'OCCUPIED'; + } + $return['clients'][] = $client; +} + +die(json_encode($return));
\ No newline at end of file diff --git a/apis/webservice.inc.php b/apis/webservice.inc.php new file mode 100644 index 00000000..42ff674b --- /dev/null +++ b/apis/webservice.inc.php @@ -0,0 +1,34 @@ +<?php +// print results, insert id or affected row count +session_start(); + +if(!isset($_POST['request'])){ + echo json_encode(array( + "errormsg"=>"Request not set, finishing session", + "status" => "error", + "msg" => "")); + session_unset(); + session_destroy(); +}else if($_POST['request']=='logout'){ + echo json_encode(array( + "errormsg"=> "", + "status" => "ok", + "msg" => "Logout successful")); + session_unset(); + session_destroy(); + +}else { + $target_dir = "tmpUploads/"; + $requests = array("login","getinfo","upload","newupload"); + if( in_array($_POST['request'],$requests )) + require("webservice/".$_POST['request'].".php"); + else{ + echo json_encode(array( + "errormsg"=> "Request don't exist, finishing session", + "status" => "error", + "msg" => "")); + session_unset(); + session_destroy(); + } +} +//TODO: analyze session unset/destroy diff --git a/apis/webservice/getinfo.php b/apis/webservice/getinfo.php new file mode 100644 index 00000000..3404008e --- /dev/null +++ b/apis/webservice/getinfo.php @@ -0,0 +1,25 @@ +<?php +if(isset($_SESSION['userid'])){ + $sql = "select user.login, user.fullname, user.email, cities.name from" + ." `user` left join cities on user.city=cities.cityid" + ." where user.userid= :userid"; + + $user=Database::queryFirst($sql, array("userid"=> $_SESSION['userid'])); + $ret = array( + "login"=>$user['login'], + "name"=>$user['fullname'], + "email"=>$user['email'], + "city"=>$user['name'], + "errormsg" => "", + "status" => "ok", + "msg" => "Get informations of user successful" + ); + echo json_encode($ret); + +}else{ + echo json_encode(array( + "errormsg"=> "Not logged in", + "status" => "error", + "msg" => "")); +} + diff --git a/apis/webservice/login.php b/apis/webservice/login.php new file mode 100644 index 00000000..e21975af --- /dev/null +++ b/apis/webservice/login.php @@ -0,0 +1,23 @@ +<?php +$login = $_POST['login']; +$sql = "select * from `user` WHERE login= :login"; +$user=Database::queryFirst($sql, array("login"=> $login)); +if($user){ + if(Crypto::verify($_POST['passwd'],$user['passwd'])){ + $_SESSION['userid']=$user['userid']; + echo json_encode(array( + "errormsg"=> "", + "status" => "ok", + "msg" => "Login successful")); + }else{ + echo json_encode(array( + "errormsg"=> "Wrong passwd", + "status" => "error", + "msg" => "")); + } +}else{ + echo json_encode(array( + "errormsg"=> "User not found", + "status" => "error", + "msg" => "")); +} diff --git a/apis/webservice/newupload.php b/apis/webservice/newupload.php new file mode 100644 index 00000000..b0e683c3 --- /dev/null +++ b/apis/webservice/newupload.php @@ -0,0 +1,67 @@ +<?php +if(!isset($_SESSION['userid'])){ + echo json_encode(array( + "errormsg"=>"Not logged in", + "status" => "error", + "msg" => "")); + die(); +} +if(!isset($_POST['nparts'])){ + echo json_encode(array( + "errormsg"=>"Number of parts isn't set", + "status" => "error", + "msg" => "")); + die(); +} + +function crypto_rand_secure($min, $max){ + $range = $max - $min; + if ($range < 1) return $min; // not so random... + $log = ceil(log($range, 2)); + $bytes = (int) ($log / 8) + 1; // length in bytes + $bits = (int) $log + 1; // length in bits + $filter = (int) (1 << $bits) - 1; // set all lower bits to 1 + do { + $rnd = hexdec(bin2hex(openssl_random_pseudo_bytes($bytes))); + $rnd = $rnd & $filter; // discard irrelevant bits + } while ($rnd >= $range); + return $min + $rnd; +} + +function getToken($length){ + $token = ""; + $codeAlphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; + $codeAlphabet.= "abcdefghijklmnopqrstuvwxyz"; + $codeAlphabet.= "0123456789"; + $max = strlen($codeAlphabet) - 1; + for ($i=0; $i < $length; $i++) { + $token .= $codeAlphabet[crypto_rand_secure(0, $max)]; + } + return $token; +} +$token=getToken(35); +while(Database::queryFirst("select * from upload where `token`=:token", array( + "token" => $token))){ + $token = getToken(35); +} +$okay=Database::exec("INSERT INTO upload(`userid`, `nparts`, `nremaining`, `token`)". + " values (:userid, :nparts, :nremaining, :token)", array( + "userid"=>$_SESSION['userid'], + "nparts"=>$_POST['nparts'], + "nremaining"=>$_POST['nparts'], + "token"=> $token + )); +if($okay){ + echo json_encode(array( + "uploadid"=>$token, + "errormsg"=>"", + "status" => "ok", + "msg" => "New upload succesful")); + mkdir($target_dir.$token."/",0755, true); +}else{ + echo json_encode(array( + "errormsg"=>"Error when saving new upload, please retry", + "status" => "error", + "msg" => "")); +} + diff --git a/apis/webservice/upload.php b/apis/webservice/upload.php new file mode 100644 index 00000000..50ada40e --- /dev/null +++ b/apis/webservice/upload.php @@ -0,0 +1,62 @@ +<?php +if(!isset($_POST['uploadid'])){ + echo json_encode(array( + "errormsg"=>"Not logged in", + "status" => "error", + "msg" => "")); + die(); +}elseif (!isset($_FILES['fileToUpload'])){ + echo json_encode(array( + "errormsg"=>"No file received", + "status" => "error", + "msg" => "")); + die(); +} + +$upload = Database::queryFirst("Select * from upload where token = :token", + array( "token" => $_POST['uploadid'])); +if($upload['userid']!= $_SESSION['userid']){ + echo json_encode(array( + "errormsg"=>"Not same owner", + "status" => "error", + "msg" => "")); + die(); +} + +$name = $_FILES["fileToUpload"]["name"]; +$upload['nremaining'] = $upload['nremaining'] - 1; +if ($upload['nremaining'] < 0){ + echo json_encode(array( + "errormsg"=>"Already received all the parts", + "status" => "error", + "msg" => "")); + die(); +} +$target_file = $target_dir.$_POST['uploadid']."/".$name; +if(move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)){ + $ret = Database::exec("UPDATE upload SET nremaining= :nremaining". + " WHERE id=:id", array( + "id"=>$upload['id'], + "nremaining"=>$upload['nremaining'] + )); + if ($upload['nremaining'] == 0) { + echo json_encode(array( + "errormsg"=>"", + "status" => "ok", + "msg" => "Upload successful, sending to taskmanager")); + //passa pro taskmanager; + die(); + }else{ + echo json_encode(array( + "errormsg"=>"", + "status" => "ok", + "msg" => "Upload successful, waiting next part")); + die(); + } +} else { + echo json_encode(array( + "errormsg"=>"", + "status" => "error", + "msg" => "Error on upload, please resend")); +} + |