commit f93c08a1a172dbde32968bb84c54d4bcf4a0d72d
parent df5f5873763243ca942e0e323c39f98133403335
Author: Jan Dankert <develop@jandankert.de>
Date: Thu, 31 Oct 2019 04:33:38 +0100
Use Cookies for the connection to the CMS server
Diffstat:
4 files changed, 116 insertions(+), 53 deletions(-)
diff --git a/CMS.class.php b/CMS.class.php
@@ -3,12 +3,21 @@
define('CMS_READ' ,'GET' );
define('CMS_WRITE' ,'POST');
-class CMS extends Client
+class CMS
{
var $login = false;
var $token;
- function login($user, $password,$dbid )
+ private $client;
+
+ public function __construct()
+ {
+ $this->client = new Client();
+ $this->client->useCookies = true;
+
+ }
+
+ function login($user, $password,$dbid )
{
// Erster Request der Sitzung muss ein GET-Request sein.
@@ -17,9 +26,13 @@ class CMS extends Client
$result = $this->call(CMS_WRITE,'login','login',array('login_name'=>$user,'login_password'=>$password,'dbid'=>$dbid) );
- if ( ! $this->success ) {
+ if ( ! $this->client->success ) {
throw new Exception( 'Login failed.',true );
}
+
+ $this->login = true;
+
+ return $this->login;
}
@@ -69,7 +82,7 @@ class CMS extends Client
function filevalue($id)
{
- $result = parent::call(CMS_READ,'file','show',array('id'=>$id),true );
+ $result = $this->call(CMS_READ,'file','show',array('id'=>$id),true );
return $result;
}
@@ -77,14 +90,14 @@ class CMS extends Client
public function fileWrite($id,$value)
{
- $result = parent::call(CMS_WRITE,'file','save',array('id'=>$id,'value'=>$value) );
+ $result = $this->call(CMS_WRITE,'file','save',array('id'=>$id,'value'=>$value) );
return $result;
}
public function fileAdd($value)
{
- $result = parent::call(CMS_WRITE,'file','save',array('value'=>$value) );
+ $result = $this->call(CMS_WRITE,'file','save',array('value'=>$value) );
return $result;
}
@@ -92,11 +105,18 @@ class CMS extends Client
protected function call( $method,$action,$subaction,$parameter=array(),$direct=false )
{
- $result = parent::call( $method,$action,$subaction,$parameter,false );
+ Logger::trace( "Executing $method $action/$subaction"."\n".$this->__toString() );
+
+ $result = $this->client->call( $method,$action,$subaction,$parameter,false );
- Logger::trace( "API-Result of $method $action/$subaction:\n".print_r($result,true));
+ Logger::trace( "API-Result of $method $action/$subaction:"."\n".$this->__toString()."\n".print_r($result,true));
return $result;
}
+ public function __toString()
+ {
+ return print_r( get_object_vars($this),true);
+ }
+
}
diff --git a/Client.class.php b/Client.class.php
@@ -1,25 +1,28 @@
-<?php
+<?php
class Client
{
- protected $action;
- protected $subaction;
- protected $cookies = array();
- protected $useCookies = false;
-
- protected $sessionName;
- protected $sessionId;
- protected $token;
-
- protected $method; // GET oder POST
-
- protected $responseHeader;
-
- protected $success;
-
-
- protected function call($method,$action,$subaction,$parameter=array(),$direct=false)
+ public $useCookies = false;
+ public $success;
+
+ protected $action;
+ protected $subaction;
+
+ public $cookies = array();
+ protected $sessionName;
+ protected $sessionId;
+
+ protected $token;
+
+ protected $method; // GET oder POST
+
+ protected $responseHeader;
+ protected $parameterString;
+ protected $requestHeader;
+
+
+ public function call($method,$action,$subaction,$parameter=array(),$direct=false)
{
global $config;
$error = '';
@@ -41,7 +44,7 @@ class Client
$path .= '/api/';
// Methode: Fallback GET
- if ( empty($method))
+ if ( !$method )
$method='GET';
// Die Funktion fsockopen() erwartet eine Protokollangabe (bei TCP optional, bei SSL notwendig).
@@ -65,43 +68,48 @@ class Client
if ( $method=='POST')
$parameter += array('token'=>$this->token);
- $parameterString = '';
+ $this->parameterString = '';
foreach( $parameter as $name=>$value )
{
- if ( !empty($parameterString) )
- $parameterString .= '&';
+ if ( $this->parameterString )
+ $this->parameterString .= '&';
- $parameterString .= urlencode($name).'='.urlencode($value);
+ $this->parameterString .= urlencode($name).'='.urlencode($value);
}
if ( $method == 'GET')
- $http_get .= '?'.$parameterString;
+ $http_get .= '?'.$this->parameterString;
- $header = array();
+ $this->requestHeader = array();
- $header[] = $method.' '.$http_get.' HTTP/1.0';
- $header[] = 'Host: '.$host;
- $header[] = 'Accept: application/php-serialized';
+ $this->requestHeader[] = $method.' '.$http_get.' HTTP/1.0';
+ $this->requestHeader[] = 'Host: '.$host;
+ $this->requestHeader[] = 'Accept: application/php-serialized';
if ( $this->useCookies)
- foreach( $this->cookies as $cookieName=>$cookieValue)
- $header[] = 'Cookie: '.$cookieName.'='.$cookieValue;
-
- if ( ! empty($this->sessionName))
- $header[] = 'Cookie: '.$this->sessionName.'='.$this->sessionId;
+ {
+ $cookies = array();;
+ foreach( $this->cookies as $cookieName=>$cookieValue)
+ $cookies[] = $cookieName.'='.$cookieValue;
+ $this->requestHeader[] = 'Cookie: '.implode('; ',$cookies);
+
+ }
+
+ //if ( ! empty($this->sessionName))
+ // $this->requestHeader[] = 'Cookie: '.$this->sessionName.'='.$this->sessionId;
if ( $method == 'POST' )
{
- $header[] = 'Content-Type: application/x-www-form-urlencoded';
- $header[] = 'Content-Length: '.strlen($parameterString);
+ $this->requestHeader[] = 'Content-Type: application/x-www-form-urlencoded';
+ $this->requestHeader[] = 'Content-Length: '.strlen($this->parameterString);
}
- $http_request = implode($lb,$header).$lb.$lb;
+ $http_request = implode($lb,$this->requestHeader).$lb.$lb;
if ( $method == 'POST' )
{
- $http_request .= $parameterString;
+ $http_request .= $this->parameterString;
}
if (!is_resource($fp)) {
$error = 'Connection lost after connect: '.$prx_proto.$host.':'.$port;
@@ -120,6 +128,7 @@ class Client
elseif (!feof($fp)) {
$line = fgets($fp,1028);
$status = substr($line,9,3);
+
}
else
{
@@ -144,7 +153,12 @@ class Client
}
}
fclose($fp); // Verbindung brav schlie�en.
-
+
+ if ( @$status != '200' )
+ {
+ throw new RuntimeException('Server-Status != 200: '."$line\n".$body);
+ }
+
foreach( $this->responseHeader as $headerName => $headerValue)
{
if ( $headerName == 'Set-Cookie' )
@@ -180,4 +194,9 @@ class Client
}
}
+
+ public function __toString()
+ {
+ return print_r( get_object_vars($this),true);
+ }
}
diff --git a/URIParser.class.php b/URIParser.class.php
@@ -47,7 +47,14 @@ class URIParser
return;
}
- $result = $this->client->projectlist();
+ try {
+
+ $result = $this->client->projectlist();
+ }
+ catch( Exception $e) {
+ Logger::error("Failed to read projects: \n".$this->client->__toString()."\n".$e->getMessage() );
+ throw $e;
+ }
//Logger::trace( print_r( $result,true) );
$projects = $result['projects'];
diff --git a/WebDAV.class.php b/WebDAV.class.php
@@ -83,14 +83,20 @@ class WebDAV
session_start();
- if ( !empty($_SESSION['DAV_CLIENT']) )
- $this->client = $_SESSION['DAV_CLIENT'];
+ if ( @$_SESSION['DAV_CLIENT'] )
+ {
+ $this->client = $_SESSION['DAV_CLIENT'];
+ Logger::trace('Client-Herkunft: aus Session');
+ }
else
{
$this->client = new CMS();
$_SESSION['DAV_CLIENT'] = $this->client;
+ Logger::trace('Client-Herkunft: neu');
}
+ Logger::trace('Zustand Client: '."\n".$this->client->__toString() );
+
if ( $this->client->login )
{
// Benutzer ist bereits im CMS eingeloggt.
@@ -108,11 +114,15 @@ class WebDAV
try {
$this->client->login($username, $pass, $config['cms.database']);
+
+ $_SESSION['DAV_CLIENT'] = $this->client;
+ session_write_close();
}
catch( Exception $e )
{
$this->httpStatus('401 Unauthorized');
header('WWW-Authenticate: Basic realm="'.$config['dav.realm'].'"');
+ error_log( print_r($e->getMessage(),true) );
echo 'Failed login for user '.$username;
exit;
}
@@ -128,7 +138,9 @@ class WebDAV
echo 'Could not authenticate user '.$username;
exit;
}
- }
+ $_SESSION[ DAV_CLIENT ] = $this->client;
+ session_write_close();
+ }
else
{
// Client ist nicht angemeldet, daher wird nun die
@@ -142,7 +154,7 @@ class WebDAV
}
else
{
- return; //
+ return; // Bei OPTIONS müssen wir keine URL auswerten und können direkt zur Methode springen.
}
}
@@ -792,8 +804,13 @@ class WebDAV
$objektinhalt['type'] = 'folder';
$inhalte[] = $objektinhalt;
-
- $result = $this->client->projectlist();
+
+ try {
+ $result = $this->client->projectlist();
+ } catch( Exception $e) {
+ Logger::error($e->__toString().$this->client->__toString());
+ throw $e;
+ }
$projects = $result['projects'];
foreach( $projects as $projectid=>$p )
{