Proyectos de Subversion LeadersLinked - Services

Rev

Rev 316 | Rev 318 | Ir a la última revisión | Mostrar el archivo completo | | | Autoría | Ultima modificación | Ver Log |

Rev 316 Rev 317
Línea 139... Línea 139...
139 
    }
 139 
    }
Línea 140... Línea 140...
140
140
141 
    public function signinAction()
 141 
    public function signinAction()
142 
    {
 142 
    {
- 
 
 143 
        $rawdata = file_get_contents("php://input");
143 
        $rawdata = file_get_contents("php://input");
 144 
        error_log('URL = ' . $_SERVER['REQUEST_URI'] );
Línea 144... Línea 145...
144 
        error_log('$rawdata = ' . $rawdata );
 145 
        error_log('$rawdata = ' . $rawdata );
Línea 145... Línea 146...
145
146
Línea 161... Línea 162...
161 
            $timestamp      = Functions::sanitizeFilterString($this->params()->fromPost('timestamp', ''));
 162 
            $timestamp      = Functions::sanitizeFilterString($this->params()->fromPost('timestamp', ''));
162 
            $password       = Functions::sanitizeFilterString($this->params()->fromPost('password', ''));
 163 
            $password       = Functions::sanitizeFilterString($this->params()->fromPost('password', ''));
163 
            $sync_id        = Functions::sanitizeFilterString($this->params()->fromPost('sync_id', ''));
 164 
            $sync_id        = Functions::sanitizeFilterString($this->params()->fromPost('sync_id', ''));
Línea 164... Línea 165...
164
165
165
166
166 
            $ok = $device_uuid && strlen($device_uuid) == 36;
 167 
            $ok = $device_uuid && strlen($device_uuid) == 32;
167 
            $ok = $ok && $rand > 0;
 168 
            $ok = $ok && $rand > 0;
168 
            $ok = $ok && $timestamp >= $min;
 169 
            $ok = $ok && ($timestamp / 1000) >= $min;
169 
            $ok = $ok && $timestamp <= $max;
 170 
            $ok = $ok && ($timestamp / 1000) <= $max;
170 
            $ok = $ok && strlen($password) == 32;
 171 
            $ok = $ok && strlen($password) == 32;
Línea 171... Línea 172...
171 
            $ok = $ok && strlen($user_uuid)  == 36;
 172 
            $ok = $ok && strlen($user_uuid)  == 36;
Línea 256... Línea 257...
256 
 
 257 
 
Línea 257... Línea 258...
257 
    }
 258 
    }
258
259
- 
 
 260 
    public function fcmAction()
259 
    public function fcmAction()
 261 
    {
- 
 
 262
260 
    {
 263 
        $rawdata = file_get_contents("php://input");
Línea 261... Línea 264...
261 
        $rawdata = file_get_contents("php://input");
 264 
        error_log('URL = ' . $_SERVER['REQUEST_URI'] );
Línea 269... Línea 272...
269
272
270 
            $seed   = $this->config['leaderslinked.services.seed'];
 273 
            $seed   = $this->config['leaderslinked.services.seed'];
271 
            $min    = strtotime('-1 day');
 274 
            $min    = strtotime('-1 day');
Línea 272... Línea -...
272 
            $max    = strtotime('+1 day');
 - 
 
273
- 
 
274
- 
 
275
275 
            $max    = strtotime('+1 day');
276
276
277 
            $device_uuid    = Functions::sanitizeFilterString($this->params()->fromPost('device', ''));
 277 
            $device_uuid    = Functions::sanitizeFilterString($this->params()->fromPost('device_uuid', ''));
278 
            $token          = Functions::sanitizeFilterString($this->params()->fromPost('token', ''));
 278 
            $token          = Functions::sanitizeFilterString($this->params()->fromPost('token', ''));
279 
            $rand           = Functions::sanitizeFilterString($this->params()->fromPost('rand', ''));
 279 
            $rand           = Functions::sanitizeFilterString($this->params()->fromPost('rand', ''));
280 
            $timestamp      = Functions::sanitizeFilterString($this->params()->fromPost('timestamp', ''));
 280 
            $timestamp      = Functions::sanitizeFilterString($this->params()->fromPost('timestamp', ''));
281 
            $password       = Functions::sanitizeFilterString($this->params()->fromPost('password', ''));
 - 
 
Línea 282... Línea 281...
282 
            $sync_id        = Functions::sanitizeFilterString($this->params()->fromPost('sync_id', ''));
 281 
            $password       = Functions::sanitizeFilterString($this->params()->fromPost('password', ''));
283 
 
 282 
            $sync_id        = Functions::sanitizeFilterString($this->params()->fromPost('sync_id', ''));
284
283
285 
            $ok = $device_uuid && strlen($device_uuid) == 36;
 284 
            $ok = $device_uuid && strlen($device_uuid) == 32;
286 
            $ok = $ok && $rand > 0;
 285 
            $ok = $ok && $rand > 0;
287 
            $ok = $ok && $timestamp >= $min;
 286 
            $ok = $ok && ($timestamp / 1000) >= $min;
288 
            $ok = $ok && $timestamp <= $max;
 287 
            $ok = $ok && ($timestamp / 1000) <= $max;
Línea 289... Línea 288...
289 
            $ok = $ok && strlen($password) == 32;
 288 
            $ok = $ok && strlen($password) == 32;
Línea 296... Línea 295...
296 
                    'data' => 'ERROR_PARAMETERS_ARE_INVALID',
 295 
                    'data' => 'ERROR_PARAMETERS_ARE_INVALID',
297 
                ]);
 296 
                ]);
298 
            }
 297 
            }
Línea 299... Línea 298...
299
298
- 
 
 299 
            $password_md5 = md5($device_uuid . '-' . $seed . '-' . $rand . '-' . $timestamp . '-' . $token );
300 
            $password_md5 = md5($device_uuid . '-' . $seed . '-' . $rand . '-' . $timestamp . '-' . $token );
 300
301 
            if($password != $password_md5) {
 301 
            if($password != $password_md5) {
302 
                return new JsonModel([
 302 
                return new JsonModel([
303 
                    'success' => false,
 303 
                    'success' => false,
304 
                    'data' => 'ERROR_WEBSERVICE_PASSWORD',
 304 
                    'data' => 'ERROR_WEBSERVICE_PASSWORD',
Línea 355... Línea 355...
355
355
356
356
357 
    public function deviceAction()
 357 
    public function deviceAction()
- 
 
 358 
    {
358 
    {
 359 
        $rawdata = file_get_contents("php://input");
Línea 359... Línea 360...
359 
        $rawdata = file_get_contents("php://input");
 360 
        error_log('URL = ' . $_SERVER['REQUEST_URI'] );
Línea 360... Línea 361...
360 
        error_log('$rawdata = ' . $rawdata );
 361 
        error_log('$rawdata = ' . $rawdata );
Línea 361... Línea 362...
361
362
362 
        $request = $this->getRequest();
 363 
        $request = $this->getRequest();
363
364
- 
 
 365 
        if($request->isPost()) {
- 
 
 366
Línea 364... Línea 367...
364 
        if($request->isPost()) {
 367 
            $seed   = $this->config['leaderslinked.services.seed'];
365
368 
            $min    = strtotime('-1 day');
366 
            $seed   = $this->config['leaderslinked.services.seed'];
 369 
            $max    = strtotime('+1 day');
Línea 376... Línea 379...
376 
            $model          = Functions::sanitizeFilterString($this->params()->fromPost('model', ''));
 379 
            $model          = Functions::sanitizeFilterString($this->params()->fromPost('model', ''));
377 
            $rand           = Functions::sanitizeFilterString($this->params()->fromPost('rand', ''));
 380 
            $rand           = Functions::sanitizeFilterString($this->params()->fromPost('rand', ''));
378 
            $timestamp      = Functions::sanitizeFilterString($this->params()->fromPost('timestamp', ''));
 381 
            $timestamp      = Functions::sanitizeFilterString($this->params()->fromPost('timestamp', ''));
379 
            $password       = Functions::sanitizeFilterString($this->params()->fromPost('password', ''));
 382 
            $password       = Functions::sanitizeFilterString($this->params()->fromPost('password', ''));
380 
            $sync_id        = Functions::sanitizeFilterString($this->params()->fromPost('sync_id', ''));
 383 
            $sync_id        = Functions::sanitizeFilterString($this->params()->fromPost('sync_id', ''));
- 
 
 384
Línea 381... Línea 385...
381 
 
 385 
 
382 
            $ok = $device_uuid && strlen($device_uuid) == 36 && $sync_id;
 386 
            $ok = $device_uuid && strlen($device_uuid) == 32;
383 
            $ok = $ok && strlen($manufacturer) <= 250;
 387 
            $ok = $ok && strlen($manufacturer) <= 250;
384 
            $ok = $ok && strlen($brand) <= 250;
 388 
            $ok = $ok && strlen($brand) <= 250;
385 
            $ok = $ok && strlen($version) <= 250;
 389 
            $ok = $ok && strlen($version) <= 250;
386 
            $ok = $ok && strlen($model) <= 250;
 390 
            $ok = $ok && strlen($model) <= 250;
387 
            $ok = $ok && $rand > 0;
 391 
            $ok = $ok && $rand > 0;
388 
            $ok = $ok && $timestamp >= $min;
 392 
            $ok = $ok && ($timestamp / 1000) >= $min;
389 
            $ok = $ok && $timestamp <= $max;
 393 
            $ok = $ok && ($timestamp / 1000) <= $max;
390 
            $ok = $ok && strlen($password) == 32;
 394 
            $ok = $ok && strlen($password) == 32;
391 
            $ok = $ok && $sync_id;
 395 
            $ok = $ok && $sync_id;
Línea 392... Línea 396...
392
396 
 
- 
 
 397
- 
 
 398 
            $password_md5 = md5($device_uuid . '-' . $seed . '-' . $rand . '-' . $timestamp . '-' . $manufacturer . '-' . $brand . '-' . $version . '-' . $model);
393
399
394 
            $password_md5 = md5($device_uuid . '-' . $seed . '-' . $rand . '-' . $timestamp . '-' . $manufacturer . '-' . $brand . '-' . $version . '-' . $model);
 400
395 
            if($password != $password_md5) {
 401 
            if($password != $password_md5) {
396 
                return new JsonModel([
 402 
                return new JsonModel([
397 
                    'success' => false,
 403 
                    'success' => false,
Línea 483... Línea 489...
483
489
484
490
485 
    public function signoutAction()
 491 
    public function signoutAction()
- 
 
 492 
    {
486 
    {
 493 
        $rawdata = file_get_contents("php://input");
487 
        $rawdata = file_get_contents("php://input");
 494 
        error_log('URL = ' . $_SERVER['REQUEST_URI'] );
488 
        error_log('$rawdata = ' . $rawdata );
 495 
        error_log('$rawdata = ' . $rawdata );
Línea 489... Línea 496...
489
496
Línea 505... Línea 512...
505 
            $timestamp      = Functions::sanitizeFilterString($this->params()->fromPost('timestamp', ''));
 512 
            $timestamp      = Functions::sanitizeFilterString($this->params()->fromPost('timestamp', ''));
506 
            $password       = Functions::sanitizeFilterString($this->params()->fromPost('password', ''));
 513 
            $password       = Functions::sanitizeFilterString($this->params()->fromPost('password', ''));
507 
            $sync_id        = Functions::sanitizeFilterString($this->params()->fromPost('sync_id', ''));
 514 
            $sync_id        = Functions::sanitizeFilterString($this->params()->fromPost('sync_id', ''));
Línea 508... Línea 515...
508
515
509
516
510 
            $ok = $device_uuid && strlen($device_uuid) == 36;
 517 
            $ok = $device_uuid && strlen($device_uuid) == 32;
511 
            $ok = $ok && $rand > 0;
 518 
            $ok = $ok && $rand > 0;
512 
            $ok = $ok && $timestamp >= $min;
 519 
            $ok = $ok && ($timestamp / 1000) >= $min;
513 
            $ok = $ok && $timestamp <= $max;
 520 
            $ok = $ok && ($timestamp / 1000) <= $max;
514 
            $ok = $ok && strlen($password) == 32;
 521 
            $ok = $ok && strlen($password) == 32;
Línea 515... Línea 522...
515 
            $ok = $ok && strlen($user_uuid)  == 36;
 522 
            $ok = $ok && strlen($user_uuid)  == 36;