openrat-webdav

git clone http://git.code.weiherhei.de/openrat-webdav.git
Log | Files | Refs

commit f93c08a1a172dbde32968bb84c54d4bcf4a0d72d
parent df5f5873763243ca942e0e323c39f98133403335
Author: Jan Dankert <develop@jandankert.de>
Date:   Thu, 31 Oct 2019 04:33:38 +0100

Use Cookies for the connection to the CMS server

Diffstat:
CMS.class.php | 36++++++++++++++++++++++++++++--------
Client.class.php | 95+++++++++++++++++++++++++++++++++++++++++++++++--------------------------------
URIParser.class.php | 9++++++++-
WebDAV.class.php | 29+++++++++++++++++++++++------
4 files changed, 116 insertions(+), 53 deletions(-)

diff --git a/CMS.class.php b/CMS.class.php @@ -3,12 +3,21 @@ define('CMS_READ' ,'GET' ); define('CMS_WRITE' ,'POST'); -class CMS extends Client +class CMS { var $login = false; var $token; - function login($user, $password,$dbid ) + private $client; + + public function __construct() + { + $this->client = new Client(); + $this->client->useCookies = true; + + } + + function login($user, $password,$dbid ) { // Erster Request der Sitzung muss ein GET-Request sein. @@ -17,9 +26,13 @@ class CMS extends Client $result = $this->call(CMS_WRITE,'login','login',array('login_name'=>$user,'login_password'=>$password,'dbid'=>$dbid) ); - if ( ! $this->success ) { + if ( ! $this->client->success ) { throw new Exception( 'Login failed.',true ); } + + $this->login = true; + + return $this->login; } @@ -69,7 +82,7 @@ class CMS extends Client function filevalue($id) { - $result = parent::call(CMS_READ,'file','show',array('id'=>$id),true ); + $result = $this->call(CMS_READ,'file','show',array('id'=>$id),true ); return $result; } @@ -77,14 +90,14 @@ class CMS extends Client public function fileWrite($id,$value) { - $result = parent::call(CMS_WRITE,'file','save',array('id'=>$id,'value'=>$value) ); + $result = $this->call(CMS_WRITE,'file','save',array('id'=>$id,'value'=>$value) ); return $result; } public function fileAdd($value) { - $result = parent::call(CMS_WRITE,'file','save',array('value'=>$value) ); + $result = $this->call(CMS_WRITE,'file','save',array('value'=>$value) ); return $result; } @@ -92,11 +105,18 @@ class CMS extends Client protected function call( $method,$action,$subaction,$parameter=array(),$direct=false ) { - $result = parent::call( $method,$action,$subaction,$parameter,false ); + Logger::trace( "Executing $method $action/$subaction"."\n".$this->__toString() ); + + $result = $this->client->call( $method,$action,$subaction,$parameter,false ); - Logger::trace( "API-Result of $method $action/$subaction:\n".print_r($result,true)); + Logger::trace( "API-Result of $method $action/$subaction:"."\n".$this->__toString()."\n".print_r($result,true)); return $result; } + public function __toString() + { + return print_r( get_object_vars($this),true); + } + } diff --git a/Client.class.php b/Client.class.php @@ -1,25 +1,28 @@ -<?php +<?php class Client { - protected $action; - protected $subaction; - protected $cookies = array(); - protected $useCookies = false; - - protected $sessionName; - protected $sessionId; - protected $token; - - protected $method; // GET oder POST - - protected $responseHeader; - - protected $success; - - - protected function call($method,$action,$subaction,$parameter=array(),$direct=false) + public $useCookies = false; + public $success; + + protected $action; + protected $subaction; + + public $cookies = array(); + protected $sessionName; + protected $sessionId; + + protected $token; + + protected $method; // GET oder POST + + protected $responseHeader; + protected $parameterString; + protected $requestHeader; + + + public function call($method,$action,$subaction,$parameter=array(),$direct=false) { global $config; $error = ''; @@ -41,7 +44,7 @@ class Client $path .= '/api/'; // Methode: Fallback GET - if ( empty($method)) + if ( !$method ) $method='GET'; // Die Funktion fsockopen() erwartet eine Protokollangabe (bei TCP optional, bei SSL notwendig). @@ -65,43 +68,48 @@ class Client if ( $method=='POST') $parameter += array('token'=>$this->token); - $parameterString = ''; + $this->parameterString = ''; foreach( $parameter as $name=>$value ) { - if ( !empty($parameterString) ) - $parameterString .= '&'; + if ( $this->parameterString ) + $this->parameterString .= '&'; - $parameterString .= urlencode($name).'='.urlencode($value); + $this->parameterString .= urlencode($name).'='.urlencode($value); } if ( $method == 'GET') - $http_get .= '?'.$parameterString; + $http_get .= '?'.$this->parameterString; - $header = array(); + $this->requestHeader = array(); - $header[] = $method.' '.$http_get.' HTTP/1.0'; - $header[] = 'Host: '.$host; - $header[] = 'Accept: application/php-serialized'; + $this->requestHeader[] = $method.' '.$http_get.' HTTP/1.0'; + $this->requestHeader[] = 'Host: '.$host; + $this->requestHeader[] = 'Accept: application/php-serialized'; if ( $this->useCookies) - foreach( $this->cookies as $cookieName=>$cookieValue) - $header[] = 'Cookie: '.$cookieName.'='.$cookieValue; - - if ( ! empty($this->sessionName)) - $header[] = 'Cookie: '.$this->sessionName.'='.$this->sessionId; + { + $cookies = array();; + foreach( $this->cookies as $cookieName=>$cookieValue) + $cookies[] = $cookieName.'='.$cookieValue; + $this->requestHeader[] = 'Cookie: '.implode('; ',$cookies); + + } + + //if ( ! empty($this->sessionName)) + // $this->requestHeader[] = 'Cookie: '.$this->sessionName.'='.$this->sessionId; if ( $method == 'POST' ) { - $header[] = 'Content-Type: application/x-www-form-urlencoded'; - $header[] = 'Content-Length: '.strlen($parameterString); + $this->requestHeader[] = 'Content-Type: application/x-www-form-urlencoded'; + $this->requestHeader[] = 'Content-Length: '.strlen($this->parameterString); } - $http_request = implode($lb,$header).$lb.$lb; + $http_request = implode($lb,$this->requestHeader).$lb.$lb; if ( $method == 'POST' ) { - $http_request .= $parameterString; + $http_request .= $this->parameterString; } if (!is_resource($fp)) { $error = 'Connection lost after connect: '.$prx_proto.$host.':'.$port; @@ -120,6 +128,7 @@ class Client elseif (!feof($fp)) { $line = fgets($fp,1028); $status = substr($line,9,3); + } else { @@ -144,7 +153,12 @@ class Client } } fclose($fp); // Verbindung brav schlie�en. - + + if ( @$status != '200' ) + { + throw new RuntimeException('Server-Status != 200: '."$line\n".$body); + } + foreach( $this->responseHeader as $headerName => $headerValue) { if ( $headerName == 'Set-Cookie' ) @@ -180,4 +194,9 @@ class Client } } + + public function __toString() + { + return print_r( get_object_vars($this),true); + } } diff --git a/URIParser.class.php b/URIParser.class.php @@ -47,7 +47,14 @@ class URIParser return; } - $result = $this->client->projectlist(); + try { + + $result = $this->client->projectlist(); + } + catch( Exception $e) { + Logger::error("Failed to read projects: \n".$this->client->__toString()."\n".$e->getMessage() ); + throw $e; + } //Logger::trace( print_r( $result,true) ); $projects = $result['projects']; diff --git a/WebDAV.class.php b/WebDAV.class.php @@ -83,14 +83,20 @@ class WebDAV session_start(); - if ( !empty($_SESSION['DAV_CLIENT']) ) - $this->client = $_SESSION['DAV_CLIENT']; + if ( @$_SESSION['DAV_CLIENT'] ) + { + $this->client = $_SESSION['DAV_CLIENT']; + Logger::trace('Client-Herkunft: aus Session'); + } else { $this->client = new CMS(); $_SESSION['DAV_CLIENT'] = $this->client; + Logger::trace('Client-Herkunft: neu'); } + Logger::trace('Zustand Client: '."\n".$this->client->__toString() ); + if ( $this->client->login ) { // Benutzer ist bereits im CMS eingeloggt. @@ -108,11 +114,15 @@ class WebDAV try { $this->client->login($username, $pass, $config['cms.database']); + + $_SESSION['DAV_CLIENT'] = $this->client; + session_write_close(); } catch( Exception $e ) { $this->httpStatus('401 Unauthorized'); header('WWW-Authenticate: Basic realm="'.$config['dav.realm'].'"'); + error_log( print_r($e->getMessage(),true) ); echo 'Failed login for user '.$username; exit; } @@ -128,7 +138,9 @@ class WebDAV echo 'Could not authenticate user '.$username; exit; } - } + $_SESSION[ DAV_CLIENT ] = $this->client; + session_write_close(); + } else { // Client ist nicht angemeldet, daher wird nun die @@ -142,7 +154,7 @@ class WebDAV } else { - return; // + return; // Bei OPTIONS müssen wir keine URL auswerten und können direkt zur Methode springen. } } @@ -792,8 +804,13 @@ class WebDAV $objektinhalt['type'] = 'folder'; $inhalte[] = $objektinhalt; - - $result = $this->client->projectlist(); + + try { + $result = $this->client->projectlist(); + } catch( Exception $e) { + Logger::error($e->__toString().$this->client->__toString()); + throw $e; + } $projects = $result['projects']; foreach( $projects as $projectid=>$p ) {