X-Git-Url: http://mop.ddnsfree.com/gitweb/?a=blobdiff_plain;f=web%2FObj%2Fsac-a-push.phh;h=44ef8add9f1623688943bc085a9b31db0ee5fefe;hb=8dae4c3ee7fdb23c9780191e7e51343553033a93;hp=433ec45a51bf3255b069abb2addd6fdcfc087d9e;hpb=5afa7681faebc92f25f73074e599b4048bcdd2a0;p=brisk.git diff --git a/web/Obj/sac-a-push.phh b/web/Obj/sac-a-push.phh index 433ec45..44ef8ad 100644 --- a/web/Obj/sac-a-push.phh +++ b/web/Obj/sac-a-push.phh @@ -2,7 +2,7 @@ /* * brisk - Obj/sac-a-push.phh * - * Copyright (C) 2012 Matteo Nastasi + * Copyright (C) 2012-2014 Matteo Nastasi * mailto: nastasi@alternativeoutput.it * matteo.nastasi@milug.org * web: http://www.alternativeoutput.it @@ -32,7 +32,7 @@ declare(ticks = 1); function global_dump() { - GLOBAL $G_alarm_passwd, $G_black_list, $G_btrace_pref_sub, $G_dbauth; + GLOBAL $G_alarm_passwd, $G_ban_list, $G_black_list, $G_btrace_pref_sub, $G_dbauth; GLOBAL $G_dbpfx, $G_donors_all, $G_donors_cur, $G_is_local, $G_lang; GLOBAL $G_poll_entries, $G_poll_name, $G_poll_title, $G_proxy_white_list; GLOBAL $G_room_roadmap, $G_shutdown, $G_sidebanner, $G_sidebanner2; @@ -43,6 +43,7 @@ function global_dump() GLOBAL $G_with_topbanner; fprintf(STDERR, "G_alarm_passwd = [%s]\n", print_r($G_alarm_passwd, TRUE)); + fprintf(STDERR, "G_ban_list = [%s]\n", print_r($G_ban_list, TRUE)); fprintf(STDERR, "G_black_list = [%s]\n", print_r($G_black_list, TRUE)); fprintf(STDERR, "G_btrace_pref_sub = [%s]\n", print_r($G_btrace_pref_sub, TRUE)); fprintf(STDERR, "G_dbauth = [%s]\n", print_r($G_dbauth, TRUE)); @@ -621,7 +622,7 @@ class Sac_a_push { { GLOBAL $DOCUMENT_ROOT, $HTTP_HOST; - GLOBAL $G_alarm_passwd, $G_black_list, $G_btrace_pref_sub, $G_dbauth; + GLOBAL $G_alarm_passwd, $G_ban_list, $G_black_list, $G_btrace_pref_sub, $G_dbauth; GLOBAL $G_dbpfx, $G_donors_all, $G_donors_cur, $G_is_local, $G_lang; GLOBAL $G_poll_entries, $G_poll_name, $G_poll_title, $G_proxy_white_list; GLOBAL $G_room_roadmap, $G_shutdown, $G_sidebanner, $G_sidebanner2; @@ -797,7 +798,7 @@ class Sac_a_push { $line = trim($buf); if ($line == "reload") { require("$DOCUMENT_ROOT/Etc/".BRISK_CONF); - + $this->app->reload($G_ban_list, $G_black_list); global_dump(); } else if ($line == "shutdown" || $line == "sd") { @@ -937,17 +938,30 @@ class Sac_a_push { function direct_command($cmdstr) { + GLOBAL $G_alarm_passwd; + $cmd = cmd_deserialize($cmdstr); if (!isset($cmd['cmd'])) { return cmd_return(500, 'no cmd found'); } - // "cmd" => "userauth", "login" => 'mop', 'private' => 'it_must_be_correct', + // "cmd" => "userauth", "sess" => 'xxxxxxxxxxx', 'private' => 'it_must_be_correct', // 'the_end' => 'true' ); + // cmd=userauth&sess=52d796ac08c47&private=yourpasswd192.168.122.152d796ac08c47&the_end=true if ($cmd['cmd'] == 'userauth') { - if (!isset($cmd['login']) || !isset($cmd['private'])) { - return cmd_return(503, 'malformed cmd'); + if (!isset($cmd['sess']) || !isset($cmd['private'])) { + return cmd_return(401, 'malformed cmd'); } + $idx = -1; + if (($user = $this->app->get_user($cmd['sess'], &$idx)) == FALSE) + return cmd_return(402, 'user not found'); + + if (($user->flags & USER_FLAG_TY_ADMIN) == 0x00) + return cmd_return(403, 'permission denied'); + + if (md5($G_alarm_passwd.$user->ip.$user->sess) != $cmd['private']) + return cmd_return(404, 'authentication failed ['.$cmd['private'].']['.$G_alarm_passwd.$user->ip.$user->sess.']'); + return cmd_return(200, 'success'); }