reviewed cookies api

author: Philip Häusler <msquare@notrademark.de> 2014-01-07 15:50:16 +0100
committer: Philip Häusler <msquare@notrademark.de> 2014-01-07 15:50:16 +0100
commit: 239c2b168411c110b1f884f6ef0df172cb913b4b (patch)
tree: 2d0e6721b2818afb24701428fb83d5843985d288 /includes
parent: e10e16a96ab1cfaf08bf867ca412767e3d3ca347 (diff)
9 files changed, 200 insertions, 193 deletions
diff --git a/includes/controller/angeltypes_controller.php b/includes/controller/angeltypes_controller.php
index 03c9651d..8b1783f2 100644
--- a/includes/controller/angeltypes_controller.php
+++ b/includes/controller/angeltypes_controller.php
@@ -38,7 +38,7 @@ function angeltype_delete_controller() {
   if (! in_array('admin_angel_types', $privileges))
     redirect(page_link_to('angeltypes'));
   
-  $angeltype = mAngelType($_REQUEST['angeltype_id']);
+  $angeltype = AngelType($_REQUEST['angeltype_id']);
   if ($angeltype === false)
     engelsystem_error("Unable to load angeltype.");
   if ($angeltype == null)
@@ -69,7 +69,7 @@ function angeltype_edit_controller() {
   $name = "";
   $restricted = false;
   if (isset($_REQUEST['angeltype_id'])) {
-    $angeltype = mAngelType($_REQUEST['angeltype_id']);
+    $angeltype = AngelType($_REQUEST['angeltype_id']);
     if ($angeltype === false)
       engelsystem_error("Unable to load angeltype.");
     if ($angeltype == null)
@@ -127,7 +127,7 @@ function angeltype_controller() {
   if (! isset($_REQUEST['angeltype_id']))
     redirect(page_link_to('angeltypes'));
   
-  $angeltype = mAngelType($_REQUEST['angeltype_id']);
+  $angeltype = AngelType($_REQUEST['angeltype_id']);
   if ($angeltype === false)
     engelsystem_error("Unable to load angeltype.");
   if ($angeltype == null)
diff --git a/includes/controller/api.php b/includes/controller/api.php
index 3c87e5b4..4403b984 100644
--- a/includes/controller/api.php
+++ b/includes/controller/api.php
@@ -1,6 +1,5 @@
 <?php
 
-
 /************************************************************************************************
  * API Documentation
  ************************************************************************************************
@@ -103,58 +102,60 @@ sendMessage
 
 ************************************************************************************************/
 
-
 /**
  * General API Controller
  */
 function api_controller() {
-  global $user, $DataJson, $_REQUEST;
-
+  global $user, $DataJson;
+  
   header("Content-Type: application/json; charset=utf-8");
-
+  
   // decode JSON request
   $input = file_get_contents("php://input");
   $input = json_decode($input, true);
   $_REQUEST = $input;
-
+  
   // get command
-  $cmd='';
-  if (isset($_REQUEST['cmd']) )
-    $cmd = strtolower( $_REQUEST['cmd']);
-
-  // decode commands, without key
-  switch( $cmd) {
+  $cmd = '';
+  if (isset($_REQUEST['cmd']))
+    $cmd = strtolower($_REQUEST['cmd']);
+    
+    // decode commands, without key
+  switch ($cmd) {
     case 'getversion':
       getVersion();
-      die( json_encode($DataJson));
+      die(json_encode($DataJson));
       break;
     case 'getapikey':
       getApiKey();
-      die( json_encode($DataJson));
+      die(json_encode($DataJson));
       break;
   }
-
+  
   // get API KEY
   if (isset($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key']))
     $key = $_REQUEST['key'];
   else
-  die( json_encode( array (
-          'status' => 'failed',
-          'error' => 'Missing parameter "key".' )));
-
-  // check API key
+    die(json_encode(array(
+        'status' => 'failed',
+        'error' => 'Missing parameter "key".' 
+    )));
+    
+    // check API key
   $user = User_by_api_key($key);
   if ($user === false)
-  	die( json_encode( array (
-          'status' => 'failed',
-          'error' => 'Unable to find user' )));
+    die(json_encode(array(
+        'status' => 'failed',
+        'error' => 'Unable to find user' 
+    )));
   if ($user == null)
-  	die( json_encode( array (
-          'status' => 'failed',
-          'error' => 'Key invalid.' )));
-
-  // decode command
-  switch( $cmd) {
+    die(json_encode(array(
+        'status' => 'failed',
+        'error' => 'Key invalid.' 
+    )));
+    
+    // decode command
+  switch ($cmd) {
     case 'getroom':
       getRoom();
       break;
@@ -162,34 +163,39 @@ function api_controller() {
       getAngelType();
       break;
     case 'getuser':
-      getUser();
+      // TODO Dataleak! Only coordinators are allowed to see so much user informations.
+      //getUser();
       break;
     case 'getshift':
       getShift();
       break;
     case 'getmessage':
-      getMessage();
+      // TODO Dataleak!
+      //getMessage();
       break;
     case 'sendmessage':
       sendMessage();
       break;
     default:
-      $DataJson = array (
+      $DataJson = array(
           'status' => 'failed',
-          'error' => 'Unknown Command "'. $cmd. '"' );
+          'error' => 'Unknown Command "' . $cmd . '"' 
+      );
   }
-
+  
   // check
-  if( $DataJson === false) {
-    $DataJson = array (
-      'status' => 'failed',
-      'error' => 'DataJson === false' );
-  } elseif( $DataJson == null) {
-    $DataJson = array (
-      'status' => 'failed',
-      'error' => 'DataJson == null' );
+  if ($DataJson === false) {
+    $DataJson = array(
+        'status' => 'failed',
+        'error' => 'DataJson === false' 
+    );
+  } elseif ($DataJson == null) {
+    $DataJson = array(
+        'status' => 'failed',
+        'error' => 'DataJson == null' 
+    );
   }
-
+  
   echo json_encode($DataJson);
   die();
 }
@@ -197,143 +203,151 @@ function api_controller() {
 /**
  * Get Version of API
  */
-function getVersion(){
+function getVersion() {
   global $DataJson;
-
+  
   $DataJson = array(
-    'status' => 'success',
-    'Version' => 1);
+      'status' => 'success',
+      'Version' => 1 
+  );
 }
 
-
 /**
  * Get API Key
  */
-function getApiKey(){
-  global $DataJson, $_REQUEST;
-
-  if (!isset($_REQUEST['user']) ) {
-    $DataJson = array (
-      'status' => 'failed',
-      'error' => 'Missing parameter "user".' );
-  }
-  elseif (!isset($_REQUEST['pw']) ) {
-    $DataJson = array (
-      'status' => 'failed',
-      'error' => 'Missing parameter "pw".' );
+function getApiKey() {
+  global $DataJson;
+  
+  if (! isset($_REQUEST['user'])) {
+    $DataJson = array(
+        'status' => 'failed',
+        'error' => 'Missing parameter "user".' 
+    );
+  } elseif (! isset($_REQUEST['pw'])) {
+    $DataJson = array(
+        'status' => 'failed',
+        'error' => 'Missing parameter "pw".' 
+    );
   } else {
-    $Erg = sql_select( "SELECT `UID`, `Passwort`, `api_key` FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST['user']) . "'");
-
+    $Erg = sql_select("SELECT `UID`, `Passwort`, `api_key` FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST['user']) . "'");
+    
     if (count($Erg) == 1) {
       $Erg = $Erg[0];
-      if (verify_password( $_REQUEST['pw'], $Erg["Passwort"], $Erg["UID"])) {
+      if (verify_password($_REQUEST['pw'], $Erg["Passwort"], $Erg["UID"])) {
         $key = $Erg["api_key"];
         $DataJson = array(
-          'status' => 'success',
-          'Key' => $key);
+            'status' => 'success',
+            'Key' => $key 
+        );
       } else {
-        $DataJson = array (
-          'status' => 'failed',
-          'error' => 'PW wrong' );
+        $DataJson = array(
+            'status' => 'failed',
+            'error' => 'PW wrong' 
+        );
       }
     } else {
-      $DataJson = array (
-        'status' => 'failed',
-        'error' => 'User not found.' );
+      $DataJson = array(
+          'status' => 'failed',
+          'error' => 'User not found.' 
+      );
     }
   }
-
+  
   sleep(1);
 }
 
-
 /**
  * Get Room
  */
-function getRoom(){
-  global $DataJson, $_REQUEST;
-
-  if (isset($_REQUEST['id']) ) {
-    $DataJson = mRoom( $_REQUEST['id']);
+function getRoom() {
+  global $DataJson;
+  
+  if (isset($_REQUEST['id'])) {
+    $DataJson = Room($_REQUEST['id']);
   } else {
-    $DataJson = mRoomList();
+    $DataJson = Room_ids();
   }
 }
 
 /**
  * Get AngelType
  */
-function getAngelType(){
-  global $DataJson, $_REQUEST;
-
-  if (isset($_REQUEST['id']) ) {
-    $DataJson = mAngelType( $_REQUEST['id']);
+function getAngelType() {
+  global $DataJson;
+  
+  if (isset($_REQUEST['id'])) {
+    $DataJson = AngelType($_REQUEST['id']);
   } else {
-    $DataJson = mAngelTypeList();
+    $DataJson = AngelType_ids();
   }
 }
 
 /**
  * Get User
  */
-function getUser(){
-  global $DataJson, $_REQUEST;
-
-  if (isset($_REQUEST['id']) ) {
-    $DataJson = mUser_Limit( $_REQUEST['id']);
+function getUser() {
+  global $DataJson;
+  
+  if (isset($_REQUEST['id'])) {
+    $DataJson = mUser_Limit($_REQUEST['id']);
   } else {
-    $DataJson = mUserList();
+    $DataJson = User_ids();
   }
 }
 
 /**
  * Get Shift
  */
-function getShift(){
-  global $DataJson, $_REQUEST;
-
-  if (isset($_REQUEST['id']) ) {
-    $DataJson = mShift( $_REQUEST['id']);
+function getShift() {
+  global $DataJson;
+  
+  if (isset($_REQUEST['id'])) {
+    $DataJson = Shift($_REQUEST['id']);
   } else {
-    $DataJson = mShiftList();
+    $DataJson = Shifts_filtered();
   }
 }
 
 /**
+ * @TODO: Why are ALL messages of ALL users returned? Data leak. It is not checked if this is my message!
  * Get Message
  */
-function getMessage(){
-  global $DataJson, $_REQUEST;
-
-  if (isset($_REQUEST['id']) ) {
-    $DataJson = mMessage( $_REQUEST['id']);
+function getMessage() {
+  global $DataJson;
+  
+  if (isset($_REQUEST['id'])) {
+    $DataJson = Message($_REQUEST['id']);
   } else {
-    $DataJson = mMessageList();
+    $DataJson = Message_ids();
   }
 }
 
 /**
  * Send Message
  */
-function sendMessage(){
-  global $DataJson, $_REQUEST;
-
-  if (!isset($_REQUEST['uid']) ) {
-  	$DataJson = array (
-  			'status' => 'failed',
-  			'error' => 'Missing parameter "uid".' );
-  }
-  elseif (!isset($_REQUEST['text']) ) {
-    $DataJson = array (
-      'status' => 'failed',
-      'error' => 'Missing parameter "text".' );
+function sendMessage() {
+  global $DataJson;
+  
+  if (! isset($_REQUEST['uid'])) {
+    $DataJson = array(
+        'status' => 'failed',
+        'error' => 'Missing parameter "uid".' 
+    );
+  } elseif (! isset($_REQUEST['text'])) {
+    $DataJson = array(
+        'status' => 'failed',
+        'error' => 'Missing parameter "text".' 
+    );
   } else {
-    if( mMessage_Send( $_REQUEST['uid'], $_REQUEST['text']) === true) {
-    	$DataJson = array( 'status' => 'success');
+    if (Message_send($_REQUEST['uid'], $_REQUEST['text']) === true) {
+      $DataJson = array(
+          'status' => 'success' 
+      );
     } else {
       $DataJson = array(
-        'status' => 'failed',
-        'error' => 'Transmitting was terminated with an Error.');
+          'status' => 'failed',
+          'error' => 'Transmitting was terminated with an Error.' 
+      );
     }
   }
 }
diff --git a/includes/controller/user_angeltypes_controller.php b/includes/controller/user_angeltypes_controller.php
index d110f7a7..b2a04a17 100644
--- a/includes/controller/user_angeltypes_controller.php
+++ b/includes/controller/user_angeltypes_controller.php
@@ -13,7 +13,7 @@ function user_angeltypes_delete_all_controller() {
     redirect(page_link_to('angeltypes'));
   }
   
-  $angeltype = mAngelType($_REQUEST['angeltype_id']);
+  $angeltype = AngelType($_REQUEST['angeltype_id']);
   if ($angeltype === false)
     engelsystem_error("Unable to load angeltype.");
   if ($angeltype == null) {
@@ -50,7 +50,7 @@ function user_angeltypes_confirm_all_controller() {
     redirect(page_link_to('angeltypes'));
   }
   
-  $angeltype = mAngelType($_REQUEST['angeltype_id']);
+  $angeltype = AngelType($_REQUEST['angeltype_id']);
   if ($angeltype === false)
     engelsystem_error("Unable to load angeltype.");
   if ($angeltype == null) {
@@ -95,7 +95,7 @@ function user_angeltype_confirm_controller() {
     redirect(page_link_to('angeltypes'));
   }
   
-  $angeltype = mAngelType($user_angeltype['angeltype_id']);
+  $angeltype = AngelType($user_angeltype['angeltype_id']);
   if ($angeltype === false)
     engelsystem_error("Unable to load angeltype.");
   if ($angeltype == null) {
@@ -143,7 +143,7 @@ function user_angeltype_delete_controller() {
     redirect(page_link_to('angeltypes'));
   }
   
-  $angeltype = mAngelType($user_angeltype['angeltype_id']);
+  $angeltype = AngelType($user_angeltype['angeltype_id']);
   if ($angeltype === false)
     engelsystem_error("Unable to load angeltype.");
   if ($angeltype == null) {
@@ -194,7 +194,7 @@ function user_angeltype_add_controller() {
     redirect(page_link_to('angeltypes'));
   }
   
-  $angeltype = mAngelType($_REQUEST['angeltype_id']);
+  $angeltype = AngelType($_REQUEST['angeltype_id']);
   if ($angeltype === false)
     engelsystem_error("Unable to load angeltype.");
   if ($angeltype == null) {
diff --git a/includes/model/AngelType_model.php b/includes/model/AngelType_model.php
index 22baa4a4..bc07ace7 100644
--- a/includes/model/AngelType_model.php
+++ b/includes/model/AngelType_model.php
@@ -80,7 +80,7 @@ function AngelTypes_with_user($user) {
 /**
  * Returns AngelType id array
  */
-function mAngelTypeList() {
+function AngelType_ids() {
   $angelType_source = sql_select("SELECT `id` FROM `AngelTypes`");
   if ($angelType_source === false)
     return false;
@@ -95,7 +95,7 @@ function mAngelTypeList() {
  * @param $id angelType
  *          ID
  */
-function mAngelType($id) {
+function AngelType($id) {
   $angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
   if ($angelType_source === false)
     return false;
diff --git a/includes/model/Message_model.php b/includes/model/Message_model.php
index d42dca5f..1e1923e8 100644
--- a/includes/model/Message_model.php
+++ b/includes/model/Message_model.php
@@ -1,51 +1,49 @@
-<?php
-
+<?php
+
 /**
  * Returns Message id array
- */
-function mMessageList() {
-	$message_source = sql_select("SELECT `id` FROM `Messages`");
-	if ($message_source === false)
-		return false;
-	if (count($message_source) > 0)
-		return $message_source;
-	return null;
-}
-
-/**
- * Returns message by id.
- *
- * @param $id message ID
- */
-function mMessage($id) {
-	$message_source = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
-	if ($message_source === false)
-		return false;
-	if (count($message_source) > 0)
-		return $message_source[0];
-	return null;
-}
-
-
-/**
- * send message
- *
- * @param $id User ID of Reciever
- * @param $text Text of Message
- */
-function mMessage_Send($id, $text) {
-	global $user;
-	
-  $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
-  $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags( $id));
-
-  if (($text != "" && is_numeric($to)) && 
-      (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) ) {
-    sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
-    return true;
-  } else {
-    return false;
-  }
- }
-
+ */
+function Message_ids() {
+  return sql_select("SELECT `id` FROM `Messages`");
+}
+
+/**
+ * Returns message by id.
+ *
+ * @param $id message
+ *          ID
+ */
+function Message($id) {
+  $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+  if ($message_source === false)
+    return false;
+  if (count($message_source) > 0)
+    return $message_source[0];
+  return null;
+}
+
+/**
+ * TODO: use validation functions, return new message id
+ * TODO: global $user con not be used in model!
+ * send message
+ *
+ * @param $id User
+ *          ID of Reciever
+ * @param $text Text
+ *          of Message
+ */
+function Message_send($id, $text) {
+  global $user;
+  
+  $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
+  $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($id));
+  
+  if (($text != "" && is_numeric($to)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0)) {
+    sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
+    return true;
+  } else {
+    return false;
+  }
+}
+
 ?>
 \ No newline at end of file
diff --git a/includes/model/Room_model.php b/includes/model/Room_model.php
index 5b9c7a2a..c48abc78 100644
--- a/includes/model/Room_model.php
+++ b/includes/model/Room_model.php
@@ -3,7 +3,7 @@
 /**
  * Returns room id array
  */
-function mRoomList() {
+function Room_ids() {
   $room_source = sql_select("SELECT `RID` FROM `Room` WHERE `show` = 'Y'");
   if ($room_source === false)
     return false;
@@ -12,13 +12,12 @@ function mRoomList() {
   return null;
 }
 
-
 /**
  * Returns room by id.
  *
- * @param $id RID
+ * @param $id RID          
  */
-function mRoom($id) {
+function Room($id) {
   $room_source = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($id) . " AND `show` = 'Y' LIMIT 1");
   if ($room_source === false)
     return false;
@@ -27,5 +26,4 @@ function mRoom($id) {
   return null;
 }
 
-
 ?>
diff --git a/includes/model/Shifts_model.php b/includes/model/Shifts_model.php
index df47b967..8cd4b3c2 100644
--- a/includes/model/Shifts_model.php
+++ b/includes/model/Shifts_model.php
@@ -1,9 +1,10 @@
 <?php
 
 /**
+ * TODO: $_REQUEST is not allowed in model!
  * Returns Shift id array
  */
-function mShiftList() {
+function Shifts_filtered() {
 	global $_REQUEST;
 	$filter = "";
 	
@@ -49,7 +50,7 @@ function mShiftList() {
  *
  * @param $id Shift ID
  */
-function mShift($id) {
+function Shift($id) {
 	$shifts_source = sql_select("SELECT * FROM `Shifts` WHERE `SID`=" . sql_escape($id) . " LIMIT 1");
 	$shiftsEntry_source = sql_select("SELECT `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`=" . sql_escape($id) );
 	
diff --git a/includes/model/User_model.php b/includes/model/User_model.php
index 84097333..d369ea3e 100644
--- a/includes/model/User_model.php
+++ b/includes/model/User_model.php
@@ -16,13 +16,8 @@ function Users_by_angeltype($angeltype) {
 /**
  * Returns User id array
  */
-function mUserList() {
-  $user_source = sql_select("SELECT `UID` FROM `User`");
-  if ($user_source === false)
-    return false;
-  if (count($user_source) > 0)
-    return $user_source;
-  return null;
+function User_ids() {
+  return sql_select("SELECT `UID` FROM `User`");
 }
 
 /**
@@ -49,6 +44,7 @@ function User($id) {
 }
 
 /**
+ * TODO: Merge into normal user function
  * Returns user by id (limit informations.
  *
  * @param $id UID          
diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php
index f7647e78..7a05491c 100644
--- a/includes/pages/user_messages.php
+++ b/includes/pages/user_messages.php
@@ -23,7 +23,7 @@ function user_messages() {
     $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`");
     
     $to_select_data = array(
-        "" => _("Select recipient...")
+        "" => _("Select recipient...") 
     );
     
     foreach ($users as $u)
@@ -98,7 +98,7 @@ function user_messages() {
         break;
       
       case "send":
-        if( mMessage_Send( $_REQUEST['to'], $_REQUEST['text']) === true) {
+        if (Message_send($_REQUEST['to'], $_REQUEST['text']) === true) {
           redirect(page_link_to("user_messages"));
         } else {
           return error(_("Transmitting was terminated with an Error."), true);
author	Philip Häusler <msquare@notrademark.de>	2014-01-07 15:50:16 +0100
committer	Philip Häusler <msquare@notrademark.de>	2014-01-07 15:50:16 +0100
commit	239c2b168411c110b1f884f6ef0df172cb913b4b (patch)
tree	2d0e6721b2818afb24701428fb83d5843985d288 /includes
parent	e10e16a96ab1cfaf08bf867ca412767e3d3ca347 (diff)