1
0
Fork 0
smsgateway/smsSender.php

99 lines
3.4 KiB
PHP

<?php
require_once 'smsToken.php';
class smsSender
{
protected $sessionId = null;
protected $dbBackend;
protected $smsBackend;
const password_mask = '<masked password>';
public function __construct($dbBackend, $smsBackend, $sessionId)
{
$this->sessionId = $sessionId;
$this->dbBackend = $dbBackend;
$this->smsBackend = $smsBackend;
}
public function login($username, $password)
{
$token = '';
try
{
$token = $this->dbBackend->getToken($username, $password, $_SERVER['REMOTE_ADDR'], $this->sessionId);
}
catch (Exception $e)
{
throw new Exception('Authentication failed. Reason: ' . $e->getMessage());
}
$this->dbBackend->auditLog($_SERVER['REMOTE_ADDR'], 'login', 'Successful login by ' . $username);
return $token;
}
public function send($token, $recipient, $message, $passwordLocations)
{
try
{
$tokenObj = $this->dbBackend->checkToken($token, $this->sessionId, $_SERVER['REMOTE_ADDR']);
}
catch (Exception $e)
{
$this->dbBackend->auditLog($_SERVER['REMOTE_ADDR'], 'send', 'Message sending attempt by invalid token ' . $token);
throw new Exception('Authentication failed. Reason: Bad Token', 0, $e);
}
try
{
$this->smsBackend->sendSMS($recipient, $message);
$this->dbBackend->auditLog($_SERVER['REMOTE_ADDR'], 'send', 'Successful SMS sending by ' . $tokenObj->getUsername());
$this->dbBackend->messageLog($tokenObj->getUserId(), $recipient, $this->maskPasswords($message, $passwordLocations), $_SERVER['REMOTE_ADDR']);
return 'success';
}
catch (PDOException $e)
{
error_log('SMS sending cannot be logged due to a database error!');
$this->dbBackend->auditLog($_SERVER['REMOTE_ADDR'], 'send', 'SMS sending by ' . $tokenObj->getUserName() . ' cannot be logged due to a database error');
}
catch (Exception $e)
{
$this->dbBackend->auditLog($_SERVER['REMOTE_ADDR'], 'send', 'Error during SMS sending by user ' . $token->getUserName() . ': ' . $e->getMessage());
error_log('Error during SMS sending: ' . $e->getMessage());
}
throw new Exception('Send failed: Unknown Error');
}
protected function maskPasswords($message, $passwordLocations)
{
$msg = $message;
$mod = 0;
foreach ($passwordLocations as $loc)
{
$msg = substr_replace($msg, self::password_mask, $loc[0] + $mod, $loc[1]);
$mod += (strlen(self::password_mask) - $loc[1]);
}
return $msg;
}
public function logout($token)
{
try
{
$username = $this->dbBackend->removeToken($_SERVER['REMOTE_ADDR'], $this->sessionId, $token);
$this->dbBackend->auditLog($_SERVER['REMOTE_ADDR'], 'logout', $username . ' logged out successfully');
session_destroy();
session_id('');
unset($_COOKIE['PHPSESSID']);
return 'success';
}
catch (Exception $e)
{
error_log('Logout failed: ' . $e->getMessage());
$this->dbBackend->auditLog('Logout failed: ' . $e->getMessage());
throw new Exception('Logout failed: Internal Server Error');
}
}
}