3 if(file_exists("config.php")) {
4 require_once("config.php");
6 // config file doesnt exist, we must abort sensibly
9 // get out master library for ga4php
10 require_once("../lib/lib.php");
14 // first we want to fork into the background like all good daemons should
15 //$pid = pcntl_fork();
21 // i am the parent, i shall leave
22 echo "i am a parent, i leave\n";
25 global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
27 $cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT, 0666 | 'IPC_CREAT');
28 $sr_queue = msg_get_queue($MSG_QUEUE_KEY_ID_SERVER, 0666 | 'IPC_CREAT');
37 msg_receive($sr_queue, 0, $msg_type, 16384, $msg);
40 case MSG_AUTH_USER_TOKEN:
41 echo "Call to auth user token\n";
42 // minimal checking, we leav it up to authenticateUser to do the real
44 if(!isset($msg["username"])) $msg["username"] = "";
45 if(!isset($msg["passcode"])) $msg["passcode"] = "";
46 $username = $msg["username"];
47 $passcode = $msg["passcode"];
49 $authval = $myga->authenticateUser($username, $passcode);
50 msg_send($cl_queue, MSG_AUTH_USER_TOKEN, $authval);
54 if(!isset($msg["username"])) {
55 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
57 $username = $msg["username"];
58 $sql = "select users_otk from users where users_username='$username'";
60 $res = $dbo->query($sql);
62 foreach($res as $row) {
63 $otk = $row["users_otk"];
67 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
69 $hand = fopen("otks/$otk.png", "rb");
70 $data = fread($hand, filesize("otks/$otk.png"));
72 msg_send($cl_queue, MSG_GET_OTK_PNG, $data);
73 unlink("otks/$otk.png");
74 $sql = "update users set users_otk='' where users_username='$username'";
80 case MSG_ADD_USER_TOKEN:
81 echo "Call to add user token\n";
82 if(!isset($msg["username"])) {
83 msg_send($cl_queue, MSG_ADD_USER_TOKEN, false);
85 $username = $msg["username"];
87 if(isset($msg["tokentype"])) {
91 if(isset($msg["hexkey"])) {
92 $hexkey = $msg["hexkey"];
95 $myga->setUser($username, $tokentype, "", $hexkey);
97 $url = $myga->createUrl($username);
99 $otk = generateRandomString();
100 system("qrencode -o otks/$otk.png $url");
102 $sql = "update users set users_otk='$otk' where users_username='$username'";
103 $dbo = getDatabase();
104 $res = $dbo->query($sql);
106 msg_send($cl_queue, MSG_ADD_USER_TOKEN, true);
109 case MSG_DELETE_USER:
110 echo "Call to del user\n";
111 if(!isset($msg["username"])) {
112 msg_send($cl_queue, MSG_DELETE_USER, false);
114 $username = $msg["username"];
116 $sql = "delete from users where users_username='$username'";
117 $dbo = getDatabase();
120 msg_send($cl_queue, MSG_DELETE_USER, true);
123 case MSG_AUTH_USER_PASSWORD:
125 echo "Call to auth user pass\n";
126 if(!isset($msg["username"])) {
127 msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false);
130 if(!isset($msg["password"])) {
131 msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false);
135 $username = $msg["username"];
136 $password = $msg["password"];
137 $sql = "select users_password from users where users_username='$username'";
138 $dbo = getDatabase();
139 $res = $dbo->query($sql);
141 foreach($res as $row) {
142 $pass = $row["users_password"];
146 $ourpass = hash('sha512', $password);
147 echo "ourpass: $ourpass\nourhash: $pass\n";
148 if($ourpass == $pass) {
149 msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, true);
152 msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false);
157 case MSG_SET_USER_PASSWORD:
158 echo "Call to set user pass\n";
160 if(!isset($msg["username"])) {
161 msg_send($cl_queue, MSG_SET_USER_PASSWORD, false);
164 if(!isset($msg["password"])) {
165 msg_send($cl_queue, MSG_SET_USER_PASSWORD, false);
169 $username = $msg["username"];
170 $password = $msg["password"];
172 $pass = hash('sha512', $password);
174 $dbo = getDatabase();
175 $sql = "update users set users_password='$pass' where users_username='$username'";
179 msg_send($cl_queue, MSG_SET_USER_REALNAME, true);
182 // these are irrelavent yet
185 case MSG_SET_USER_REALNAME:
186 echo "Call to set user realname\n";
188 if(!isset($msg["username"])) {
189 msg_send($cl_queue, MSG_SET_USER_REALNAME, false);
192 if(!isset($msg["realname"])) {
193 msg_send($cl_queue, MSG_SET_USER_REALNAME, false);
197 $username = $msg["username"];
198 $realname = $msg["realname"];
199 $sql = "update users set users_realname='$realname' where users_username='$username'";
200 $dbo = getDatabase();
204 msg_send($cl_queue, MSG_SET_USER_REALNAME, true);
206 // TODO now set real name
208 case MSG_SET_USER_TOKEN:
210 echo "Call to set user token\n";
211 if(!isset($msg["username"])) {
212 msg_send($cl_queue, MSG_SET_USER_TOKEN, false);
215 if(!isset($msg["tokenstring"])) {
216 msg_send($cl_queue, MSG_SET_USER_TOKEN, false);
221 $username = $msg["username"];
222 $token = $msg["tokenstring"];
223 $return = $myga->setUserKey($username, $token);
224 msg_send($cl_queue, MSG_SET_USER_TOKEN, $return);
226 // TODO now set token
228 case MSG_SET_USER_TOKEN_TYPE:
230 echo "Call to set user token type\n";
231 if(!isset($msg["username"])) {
232 msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, false);
235 if(!isset($msg["tokentype"])) {
236 msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, false);
240 $username = $msg["username"];
241 $tokentype = $msg["tokentype"];
243 msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, $myga->setTokenType($username, $tokentype));
245 // TODO now set token
248 // TODO this needs to be better
249 $sql = "select * from users";
251 $dbo = getDatabase();
252 $res = $dbo->query($sql);
256 foreach($res as $row) {
257 $users[$i]["username"] = $row["users_username"];
258 $users[$i]["realname"] = $row["users_realname"];
259 if($row["users_password"]!="") {
260 $users[$i]["haspass"] = true;
262 $users[$i]["haspass"] = false;
264 echo "user: ".$users[$i]["username"]." has tdata: \"".$row["users_tokendata"]."\"\n";
265 if($row["users_tokendata"]!="") {
266 $users[$i]["hastoken"] = true;
268 $users[$i]["hastoken"] = false;
272 msg_send($cl_queue, MSG_GET_USERS, $users);
274 // TODO now set token