From 412aa4f7094372669d9e028aaf16c9ed9a7023b1 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 21 Aug 2007 21:20:32 +0000
Subject: [PATCH] First files of the remoting interface.

---
 interface/lib/app.inc.php              |   2 +-
 interface/lib/classes/remoting.inc.php | 134 +++++++++++++++++++++++++
 interface/web/remote/index.php         |  16 +++
 3 files changed, 151 insertions(+), 1 deletion(-)
 create mode 100644 interface/lib/classes/remoting.inc.php
 create mode 100644 interface/web/remote/index.php

diff --git a/interface/lib/app.inc.php b/interface/lib/app.inc.php
index fc63f0249..926b4ebde 100644
--- a/interface/lib/app.inc.php
+++ b/interface/lib/app.inc.php
@@ -55,7 +55,7 @@ class app {
 		}
 		
 		//* Start the session
-		if($conf["start_session"] == true) {
+		if($this->_conf['start_session'] == true) {
 			session_start();
 			
 			//* Initialize session variables
diff --git a/interface/lib/classes/remoting.inc.php b/interface/lib/classes/remoting.inc.php
new file mode 100644
index 000000000..a49941520
--- /dev/null
+++ b/interface/lib/classes/remoting.inc.php
@@ -0,0 +1,134 @@
+<?php
+
+class remoting {
+	
+	//* remote session timeout in seconds
+	private $session_timeout = 600;
+	
+	//* remote login function
+	public function login($username, $password) {
+		global $app,$conf,$server;
+		
+		if(empty($username)) {
+			$server->fault('login_username_empty','The login username is empty');
+			return false;
+		}
+		
+		if(empty($password)) {
+			$server->fault('login_password_empty','The login password is empty');
+			return false;
+		}
+		
+		$username = $app->db->quote($username);
+		$password = $app->db->quote($password);
+		
+		$sql = "SELECT * FROM remote_user WHERE remote_username = '$username' and remote_password = md5('$password')";
+		$remote_user = $app->db->queryOneRecord($sql);
+		if($remote_user['remote_userid'] > 0) {
+			//* Create a remote user session
+			srand ((double)microtime()*1000000);
+			$remote_session = md5(rand());
+			$remote_userid = $remote_user['remote_userid'];
+			$remote_functions = $remote_user['remote_functions'];
+			$tstamp = time() + $this->session_timeout;
+			$sql = "INSERT INTO remote_session (remote_session,remote_userid,remote_functions,tstamp) VALUES ('$remote_session',$remote_userid,'$remote_functions',$tstamp)";
+			$app->db->query($sql);
+			return $remote_session;
+		} else {
+			$server->fault('login_failed','The login failed. Username or password wrong.');
+			return false;
+		}
+		
+	}
+	
+	
+	//* remote logout function
+	public function logout($session_id) {
+		global $app,$conf,$server;
+		
+		if(empty($session_id)) {
+			$server->fault('session_id_empty','The SessionID is empty.');
+			return false;
+		}
+		
+		$session_id = $app->db->quote($session_id);
+		
+		$sql = "DELETE FROM remote_session WHERE remote_session = '$session_id'";
+		$app->db->query($sql);
+		if($app->db->affectedRows() == 1) {
+			return true;
+		} else {
+			return false;
+		}
+	}
+	
+	public function mail_domain_add($session_id, $params) {
+		global $app,$conf,$server;
+		
+		if(!$this->checkPerm($session_id,'mail_domain_add')) {
+			$server->fault('permission_denied','You do not have the permissions to access this function.');
+			return false;
+		}
+		
+		//* Form definition file, that is used for this table in the interafce
+		$formdef = '../mail/form/mail_domain.tform.php';
+		
+		//* check the variables against the form definition and build the sql query automatically.
+		// I will use a modified version of the tform class for this.
+		
+		
+		
+		
+	}
+	
+	
+	
+	//* private functions -----------------------------------------------------------------------------------
+	
+	private function updateQuery($formdef,$params) {
+	
+	}
+	
+	
+	private function checkPerm($session_id,$function_name) {
+		
+		$session = $this->getSession($session_id);
+		if($session) {
+			$remote_functions = explode(',',$session['remote_functions']);
+			if(in_array($function_name,$remote_functions)) {
+				return true;
+			} else {
+				return false;
+			}
+		} else {
+			return false;
+		}
+	}
+	
+	
+	private function getSession($session_id) {
+		global $app,$conf,$server;
+		
+		if(empty($session_id)) {
+			$server->fault('session_id_empty','The SessionID is empty.');
+			return false;
+		}
+		
+		$session_id = $app->db->quote($session_id);
+		
+		$now = time();
+		$sql = "SELECT * FROM remote_session WHERE remote_session = '$session_id' AND tstamp >= $now";
+		$session = $app->db->queryOneRecord($sql);
+		if($session['remote_userid'] > 0) {
+			return $session;
+		} else {
+			$server->fault('session_does_not_exist','The Session is expired or does not exist.');
+			return false;
+		}
+	
+	}
+	
+	
+}
+
+?>
\ No newline at end of file
diff --git a/interface/web/remote/index.php b/interface/web/remote/index.php
new file mode 100644
index 000000000..d83a54356
--- /dev/null
+++ b/interface/web/remote/index.php
@@ -0,0 +1,16 @@
+<?php
+
+require_once('../../lib/config.inc.php');
+$conf['start_session'] = false;
+require_once('../../lib/app.inc.php');
+
+$app->load('remoting');
+
+$server = new SoapServer(null, array('uri' => $_SERVER['REQUEST_URI']));
+//$server->setPersistence(SOAP_PERSISTENCE_SESSION);
+$server->setClass('remoting');
+$server->handle();
+
+
+
+?>
\ No newline at end of file
-- 
GitLab