6 changed files with 7 additions and 222 deletions
@ -1,86 +0,0 @@
|
||||
<?php |
||||
/* |
||||
COPYRIGHT |
||||
|
||||
Copyright 2007 Sergio Vaccaro <sergio@inservibile.org> |
||||
|
||||
This file is part of JSON-RPC PHP. |
||||
|
||||
JSON-RPC PHP is free software; you can redistribute it and/or modify |
||||
it under the terms of the GNU General Public License as published by |
||||
the Free Software Foundation; either version 2 of the License, or |
||||
(at your option) any later version. |
||||
|
||||
JSON-RPC PHP is distributed in the hope that it will be useful, |
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
GNU General Public License for more details. |
||||
|
||||
You should have received a copy of the GNU General Public License |
||||
along with JSON-RPC PHP; if not, write to the Free Software |
||||
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA |
||||
*/ |
||||
|
||||
/** |
||||
* This class build a json-RPC Server 1.0 |
||||
* http://json-rpc.org/wiki/specification |
||||
* |
||||
* @author sergio <jsonrpcphp@inservibile.org> |
||||
*/ |
||||
class jsonRPCServer { |
||||
/** |
||||
* This function handle a request binding it to a given object |
||||
* |
||||
* @param object $object |
||||
* @return boolean |
||||
*/ |
||||
public static function handle($object) { |
||||
|
||||
// checks if a JSON-RCP request has been received |
||||
if ( |
||||
$_SERVER['REQUEST_METHOD'] != 'POST' || |
||||
empty($_SERVER['CONTENT_TYPE']) || |
||||
$_SERVER['CONTENT_TYPE'] != 'application/json' |
||||
) { |
||||
// This is not a JSON-RPC request |
||||
return false; |
||||
} |
||||
|
||||
// reads the input data |
||||
$request_string = file_get_contents('php://input'); |
||||
$request = json_decode($request_string,true); |
||||
|
||||
// executes the task on local object |
||||
try { |
||||
if ($result = @call_user_func_array(array($object,$request['method']),$request['params'])) { |
||||
$response = array ( |
||||
'id' => $request['id'], |
||||
'result' => $result, |
||||
'error' => NULL |
||||
); |
||||
} else { |
||||
$response = array ( |
||||
'id' => $request['id'], |
||||
'result' => NULL, |
||||
'error' => 'unknown method or incorrect parameters' |
||||
); |
||||
} |
||||
} catch (Exception $e) { |
||||
$response = array ( |
||||
'id' => $request['id'], |
||||
'result' => NULL, |
||||
'error' => $e->getMessage() |
||||
); |
||||
} |
||||
|
||||
// output the response |
||||
if (!empty($request['id'])) { // notifications don't want response |
||||
header('content-type: text/javascript'); |
||||
echo json_encode($response); |
||||
} |
||||
|
||||
// finish |
||||
return true; |
||||
} |
||||
} |
||||
?> |
@ -1,6 +0,0 @@
|
||||
<?php |
||||
interface smsBackend |
||||
{ |
||||
public function sendSMS($recipient, $message); |
||||
} |
||||
|
@ -1,98 +0,0 @@
|
||||
<?php |
||||
require_once 'smsToken.php'; |
||||
|
||||
class smsSender |
||||
{ |
||||
protected $sessionId = null; |
||||
protected $dbBackend; |
||||
protected $smsBackend; |
||||
const password_mask = '<masked password>'; |
||||
|
||||
public function __construct($dbBackend, $smsBackend, $sessionId) |
||||
{ |
||||
$this->sessionId = $sessionId; |
||||
$this->dbBackend = $dbBackend; |
||||
$this->smsBackend = $smsBackend; |
||||
} |
||||
|
||||
public function login($username, $password) |
||||
{ |
||||
$token = ''; |
||||
|
||||
try |
||||
{ |
||||
$token = $this->dbBackend->getToken($username, $password, $_SERVER['REMOTE_ADDR'], $this->sessionId); |
||||
} |
||||
catch (Exception $e) |
||||
{ |
||||
throw new Exception('Authentication failed. Reason: ' . $e->getMessage()); |
||||
} |
||||
$this->dbBackend->auditLog($_SERVER['REMOTE_ADDR'], 'login', 'Successful login by ' . $username); |
||||
return $token; |
||||
} |
||||
|
||||
public function send($token, $recipient, $message, $passwordLocations) |
||||
{ |
||||
try |
||||
{ |
||||
$tokenObj = $this->dbBackend->checkToken($token, $this->sessionId, $_SERVER['REMOTE_ADDR']); |
||||
} |
||||
catch (Exception $e) |
||||
{ |
||||
$this->dbBackend->auditLog($_SERVER['REMOTE_ADDR'], 'send', 'Message sending attempt by invalid token ' . $token); |
||||
throw new Exception('Authentication failed. Reason: Bad Token', 0, $e); |
||||
} |
||||
|
||||
try |
||||
{ |
||||
$this->smsBackend->sendSMS($recipient, $message); |
||||
$this->dbBackend->auditLog($_SERVER['REMOTE_ADDR'], 'send', 'Successful SMS sending by ' . $tokenObj->getUsername()); |
||||
$this->dbBackend->messageLog($tokenObj->getUserId(), $recipient, $this->maskPasswords($message, $passwordLocations), $_SERVER['REMOTE_ADDR']); |
||||
return 'success'; |
||||
} |
||||
catch (PDOException $e) |
||||
{ |
||||
error_log('SMS sending cannot be logged due to a database error!'); |
||||
$this->dbBackend->auditLog($_SERVER['REMOTE_ADDR'], 'send', 'SMS sending by ' . $tokenObj->getUserName() . ' cannot be logged due to a database error'); |
||||
} |
||||
catch (Exception $e) |
||||
{ |
||||
$this->dbBackend->auditLog($_SERVER['REMOTE_ADDR'], 'send', 'Error during SMS sending by user ' . $token->getUserName() . ': ' . $e->getMessage()); |
||||
error_log('Error during SMS sending: ' . $e->getMessage()); |
||||
} |
||||
throw new Exception('Send failed: Unknown Error'); |
||||
} |
||||
|
||||
protected function maskPasswords($message, $passwordLocations) |
||||
{ |
||||
$msg = $message; |
||||
|
||||
$mod = 0; |
||||
foreach ($passwordLocations as $loc) |
||||
{ |
||||
$msg = substr_replace($msg, self::password_mask, $loc[0] + $mod, $loc[1]); |
||||
$mod += (strlen(self::password_mask) - $loc[1]); |
||||
} |
||||
|
||||
return $msg; |
||||
} |
||||
|
||||
public function logout($token) |
||||
{ |
||||
try |
||||
{ |
||||
$username = $this->dbBackend->removeToken($_SERVER['REMOTE_ADDR'], $this->sessionId, $token); |
||||
$this->dbBackend->auditLog($_SERVER['REMOTE_ADDR'], 'logout', $username . ' logged out successfully'); |
||||
session_destroy(); |
||||
session_id(''); |
||||
unset($_COOKIE['PHPSESSID']); |
||||
return 'success'; |
||||
} |
||||
catch (Exception $e) |
||||
{ |
||||
error_log('Logout failed: ' . $e->getMessage()); |
||||
$this->dbBackend->auditLog('Logout failed: ' . $e->getMessage()); |
||||
throw new Exception('Logout failed: Internal Server Error'); |
||||
} |
||||
} |
||||
} |
@ -1,29 +0,0 @@
|
||||
<?php |
||||
class smsToken |
||||
{ |
||||
protected $userId; |
||||
protected $userName; |
||||
protected $sessionId; |
||||
protected $ip; |
||||
protected $token; |
||||
|
||||
public function __construct($userId, $userName, $sessionId, $ip, $token) |
||||
{ |
||||
$this->userId = $userId; |
||||
$this->userName = $userName; |
||||
$this->sessionId = $sessionId; |
||||
$this->ip = $ip; |
||||
$this->token = $token; |
||||
} |
||||
|
||||
public function getUserId() |
||||
{ |
||||
return $this->userId; |
||||
} |
||||
|
||||
public function getUserName() |
||||
{ |
||||
return $this->userName; |
||||
} |
||||
} |
||||
|
Loading…
Reference in new issue