Proyectos de Subversion Moodle

Rev

Rev 96 | Rev 1384 | Ir a la última revisión | | Comparar con el anterior | Ultima modificación | Ver Log |

Rev Autor Línea Nro. Línea
96 efrain 1 
<?php
2 
header('Content-Type: application/json');
3 
header('Access-Control-Allow-Origin: *');
4 
define('LLWS_USERNAME', 'leaderdslinked-ws');
5 
define('LLWS_PASSWORD', 'KFB3lFsLp&*CpB0uc2VNc!zVn@w!EZqZ*jr$J0AlE@sYREUcyP');
1383 ariadna 6 
define('LLWS_RSA_N', 34589927);
7 
define('LLWS_RSA_D', 4042211);
8 
define('LLWS_RSA_E', 7331);
9 
define('LLWS_CATEGORY_ID', 6);
96 efrain 10 
 
11 
 
12 
require_once(__DIR__ . '/../config.php');
13 
global $DB, $CFG;
14 
 
1383 ariadna 15 
require_once($CFG->libdir . '/moodlelib.php');
96 efrain 16 
require_once($CFG->libdir . '/externallib.php');
1383 ariadna 17 
require_once($CFG->libdir . '/authlib.php');
18 
require_once($CFG->libdir . '/gdlib.php');
96 efrain 19 
 
1383 ariadna 20 
require_once($CFG->dirroot . '/user/lib.php');
96 efrain 21 
require_once __DIR__ . '/rsa.php';
22 
require_once __DIR__ . '/lib.php';
23 
 
24 
 
25 
 
26 
/*
27 
$username   = trim(isset($_SERVER['HTTP_USERNAME']) ? filter_var($_SERVER['HTTP_USERNAME'], FILTER_SANITIZE_STRING) : '');
28 
$password   = trim(isset($_SERVER['HTTP_PASSWORD']) ? filter_var($_SERVER['HTTP_PASSWORD'], FILTER_SANITIZE_STRING) : '');
29 
$timestamp  = trim(isset($_SERVER['HTTP_TIMESTAMP']) ? filter_var($_SERVER['HTTP_TIMESTAMP'], FILTER_SANITIZE_STRING) : '');
30 
$rand       = intval(isset($_SERVER['HTTP_RAND']) ? filter_var($_SERVER['HTTP_RAND'], FILTER_SANITIZE_NUMBER_INT) : 0,10);
31 
*/
32 
 
1383 ariadna 33 
$username   = trim(isset($_REQUEST['data']['username']) ? filter_var($_REQUEST['data']['username'], FILTER_SANITIZE_STRING) : '');
34 
$password   = trim(isset($_REQUEST['data']['password']) ? filter_var($_REQUEST['data']['password'], FILTER_SANITIZE_STRING) : '');
35 
$timestamp  = trim(isset($_REQUEST['data']['timestamp']) ? filter_var($_REQUEST['data']['timestamp'], FILTER_SANITIZE_STRING) : '');
36 
$rand       = intval(isset($_REQUEST['data']['rand']) ? filter_var($_REQUEST['data']['rand'], FILTER_SANITIZE_NUMBER_INT) : 0, 10);
37 
$data       = trim(isset($_REQUEST['data']['data']) ? filter_var($_REQUEST['data']['data'], FILTER_SANITIZE_STRING) : '');
96 efrain 38 
 
39 
/*
40 
$data = '';
41 
$input = fopen("php://input", "r");
42 
 
43 
 
44 
while ($line = fread($input, 1024))
45 
{
46 
    $data .= $line;
47 
}
48 
fclose($input);*/
49 
 
50 
/*
51 
echo 'username = '. $username . PHP_EOL;
52 
echo 'password = '. $password . PHP_EOL;
53 
echo 'rand = '. $rand . PHP_EOL;
54 
echo 'timestamp = '. $timestamp . PHP_EOL;
55 
echo 'data = '. $data . PHP_EOL;
56 
 
57 
 
58 
/*
59 
list($usec, $sec) = explode(' ', microtime());
60 
$seed = intval($sec + ((float) $usec * 100000));
61 
 
62 
$username   = LLWS_USERNAME;
63 
$timestamp  = date('Y-m-d\TH:i:s');
64 
mt_srand($seed, MT_RAND_MT19937);
65 
$rand =  mt_rand();
66 
 
67 
$password   = LLWS_PASSWORD;
68 
$password  = password_hash($username.'-'. $password. '-' . $rand. '-' . $timestamp, PASSWORD_DEFAULT);
69 
 
70 
$data       = $rsa->encrypt(json_encode(['email' => 'usuario4@test.com', 'first_name' => 'usuario4', 'last_name' => 'test']));
71 
*/
72 
 
1383 ariadna 73 
if (empty($username) || empty($password) || empty($timestamp) || empty($rand) || !is_integer($rand)) {
74 
    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY1']);
96 efrain 75 
    exit;
76 
}
77 
 
1383 ariadna 78 
if ($username != LLWS_USERNAME) {
79 
    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY2']);
96 efrain 80 
    exit;
81 
}
82 
 
83 
$dt = \DateTime::createFromFormat('Y-m-d\TH:i:s', $timestamp);
1383 ariadna 84 
if (!$dt) {
85 
    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY3']);
96 efrain 86 
    exit;
87 
}
88 
 
89 
$t0 = $dt->getTimestamp();
90 
$t1 = strtotime('-5 minutes');
91 
$t2 = strtotime('+5 minutes');
92 
 
1383 ariadna 93 
if ($t0 < $t1 || $t0 > $t2) {
96 efrain 94 
    //echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY4']) ;
95 
    //exit;
96 
}
97 
 
1383 ariadna 98 
if (!password_verify($username . '-' . LLWS_PASSWORD . '-' . $rand . '-' . $timestamp, $password)) {
99 
    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY5']);
96 efrain 100 
    exit;
101 
}
102 
 
1383 ariadna 103 
if (empty($data)) {
104 
    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS1']);
96 efrain 105 
    exit;
106 
}
107 
 
108 
$data = base64_decode($data);
1383 ariadna 109 
if (empty($data)) {
110 
    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS2']);
96 efrain 111 
    exit;
112 
}
113 
 
114 
try {
115 
    $rsa = new rsa();
116 
    $rsa->setKeys(LLWS_RSA_N, LLWS_RSA_D, LLWS_RSA_E);
117 
    $data = $rsa->decrypt($data);
1383 ariadna 118 
} catch (Throwable $e) {
119 
    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS3']);
96 efrain 120 
    exit;
121 
}
1383 ariadna 122 
 
96 efrain 123 
$data = (array) json_decode($data);
1383 ariadna 124 
if (empty($data)) {
125 
    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS4']);
96 efrain 126 
    exit;
127 
}
128 
 
129 
 
130 
$email      = trim(isset($data['email']) ? filter_var($data['email'], FILTER_SANITIZE_EMAIL) : '');
131 
$first_name = trim(isset($data['first_name']) ? filter_var($data['first_name'], FILTER_SANITIZE_STRING) : '');
132 
$last_name  = trim(isset($data['last_name']) ? filter_var($data['last_name'], FILTER_SANITIZE_STRING) : '');
133 
 
1383 ariadna 134 
if (!filter_var($email, FILTER_VALIDATE_EMAIL) || empty($first_name) || empty($last_name)) {
135 
    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS5']);
96 efrain 136 
    exit;
137 
}
138 
 
139 
 
140 
 
141 
$user = ll_get_user_by_email($email);
1383 ariadna 142 
if ($user) {
96 efrain 143 
    $new_user = false;
144 
} else {
145 
    $new_user = true;
146 
    $username = ll_get_username_available($first_name, $last_name);
147 
 
148 
    $user = ll_create_user($username, $email, $first_name, $last_name);
1383 ariadna 149 
 
150 
    if ($user) {
151 
 
96 efrain 152 
        $filename   = trim(isset($data['image_filename']) ? filter_var($data['image_filename'], FILTER_SANITIZE_EMAIL) : '');
153 
        $content    = trim(isset($data['image_content']) ? filter_var($data['image_content'], FILTER_SANITIZE_STRING) : '');
1383 ariadna 154 
 
155 
 
156 
        if ($filename && $content) {
96 efrain 157 
            $tempfile = __DIR__ . DIRECTORY_SEPARATOR . $filename;
158 
            try {
159 
                file_put_contents($filename, base64_decode($content));
160 
                if (file_exists($tempfile)) {
1383 ariadna 161 
                    $usericonid = process_new_icon(context_user::instance($user->id, MUST_EXIST), 'user', 'icon', 0, $tempfile);
162 
                    if ($usericonid) {
163 
                        $DB->set_field('user', 'picture', $usericonid, array('id' => $user->id));
96 efrain 164 
                    }
165 
                }
1383 ariadna 166 
            } catch (\Throwable $e) {
167 
            } finally {
168 
                if (file_exists($tempfile)) {
96 efrain 169 
                    unlink($tempfile);
170 
                }
171 
            }
172 
        }
173 
    }
1383 ariadna 174 
}
96 efrain 175 
 
176 
 
177 
 
1383 ariadna 178 
if (!$user) {
179 
    echo json_encode(['success' => false, 'data' => 'ERROR_MOODLE1']);
96 efrain 180 
    exit;
1383 ariadna 181 
}
96 efrain 182 
 
1383 ariadna 183 
if ($new_user) {
96 efrain 184 
    $role = $DB->get_record('role', array('archetype' => 'student'));
185 
    $enrolmethod = 'manual';
1383 ariadna 186 
 
96 efrain 187 
    $courses = get_courses();
1383 ariadna 188 
    foreach ($courses as $course) {
189 
        if ($course->categoy_id == LLWS_CATEGORY_ID) {
96 efrain 190 
            $context = context_course::instance($course->id);
191 
            if (!is_enrolled($context, $user)) {
192 
                $enrol = enrol_get_plugin($enrolmethod);
193 
                if ($enrol === null) {
194 
                    return false;
195 
                }
196 
                $instances = enrol_get_instances($course->id, true);
197 
                $manualinstance = null;
198 
                foreach ($instances as $instance) {
199 
                    if ($instance->name == $enrolmethod) {
200 
                        $manualinstance = $instance;
201 
                        break;
202 
                    }
203 
                }
204 
                if ($manualinstance !== null) {
205 
                    $instanceid = $enrol->add_default_instance($course);
206 
                    if ($instanceid === null) {
207 
                        $instanceid = $enrol->add_instance($course);
208 
                    }
209 
                    $instance = $DB->get_record('enrol', array('id' => $instanceid));
1383 ariadna 210 
                    if ($instance) {
96 efrain 211 
                        $enrol->enrol_user($instance, $user->id, $role->id);
212 
                    }
213 
                }
214 
            }
215 
        }
216 
    }
217 
}
218 
 
219 
 
220 
 
221 
 
222 
$user = get_complete_user_data('id', $user->id);
223 
if (!isloggedin()) {
224 
    complete_user_login($user);
225 
}
226 
 
1383 ariadna 227 
header('Location: ' . $CFG->wwwroot . '/my');
96 efrain 228 
exit;