source: trunk/FACT++/www/schedule/save.php@ 18633

Last change on this file since 18633 was 18520, checked in by tbretz, 8 years ago
Allow to save an empty schedule to allow to delete the schedule of the night; do not copy usename and password to variables before check whether they are set, this leads to error messages in the log-file.
File size: 7.9 KB
Line 
1<?php
2
3if (!isset($_POST['n']) || !isset($_POST['d']))
4 return header('HTTP/1.0 400 Syntax error.');
5
6require_once 'config.php';
7
8function login()
9{
10 global $ldaphost;
11 global $baseDN;
12 global $groupDN;
13
14 if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
15 return "Unauthorized.";
16
17 $username = $_SERVER['PHP_AUTH_USER'];
18 $password = $_SERVER['PHP_AUTH_PW'];
19
20 $con = @ldap_connect($ldaphost);
21 if (!$con)
22 return "ldap_connect failed to ".$ldaphost;
23
24 //------------------ Look for user common name
25 $attributes = array('cn', 'mail');
26 $dn = 'ou=People,'.$baseDN;
27 $filter = '(uid='.$username.')';
28
29 $sr = @ldap_search($con, $dn, $filter, $attributes);
30 if (!$sr)
31 return "ldap_search failed for dn=".$dn.": ".ldap_error($con);
32
33 $srData = @ldap_get_entries($con, $sr);
34 if ($srData["count"]==0)
35 return "No results returned by ldap_get_entries for dn=".$dn.".";
36
37 $email =$srData[0]['mail'][0];
38 $userCommonName=$srData[0]['cn'][0];
39 $userDN =$srData[0]['dn'];
40
41 //------------------ Authenticate user
42 if (!@ldap_bind($con, $userDN, $password))
43 return "ldap_bind failed: ".ldap_error($con);
44
45 //------------------ Check if the user is in FACT ldap group
46 $attributes= array("member");
47 $filter= '(objectClass=*)';
48
49 // Get all members of the group.
50 $sr = @ldap_read($con, $groupDN, $filter, $attributes);
51 if (!$sr)
52 return "ldap_read failed for dn=".$groupDN.": ".ldap_error($con);
53
54 // retrieve the corresponding data
55 $srData = @ldap_get_entries($con, $sr);
56 if ($srData["count"]==0)
57 return "No results returned by ldap_get_entries for dn=".$dn.".";
58
59 @ldap_unbind($con);
60
61 $found = false;
62 foreach ($srData[0]['member'] as $member)
63 if (strpos($member, "cn=".$userCommonName.",")===0)
64 return "";
65
66 return "Authorization failed.";
67}
68
69// --------------------------------------------------------------------
70
71if (isset($_GET['logout']))
72{
73 if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
74 return;
75
76 return header('HTTP/1.0 401 Successfull logout!');
77}
78
79// --------------------------------------------------------------------
80
81$rc = login();
82if ($rc!="")
83{
84 header('WWW-Authenticate: Basic realm="FACT Schedule"');
85 return header('HTTP/1.0 401 '.$rc);
86}
87
88// ====================================================================
89
90// This is the day/night from which the data is to be deleted
91// and to which the data is to be submitted
92$day = $_POST['n'];
93
94// This is the time of the last diabled entry (or the time from which
95// on the data should be deleted/submitted)
96// Note that there is no sanity check yet, therefore the data and the
97// time variable must be consistent
98// FIXME: This should be 11:59:59 the prev day to allow for 12:00 being
99// the first possible entry, but this makes things below more complicated
100$time = isset($_POST['t']) ? $_POST['t'] : "12:00:00";
101
102// The data to be submitted
103$data = json_decode($_POST['d']);
104
105// Get user
106$user = $_SERVER['PHP_AUTH_USER'];
107
108// FIXME: Make sure that the date is valid (in the future)?
109
110// ----------------------------------------------------------------
111
112// Calculate the date for the next day, to have the correct
113//date after midnight as well
114$date = new DateTime($day);
115$date->add(new DateInterval('P1D')); // PnYnMnDTnHnMnS
116$nextDay = $date->format('Y-m-d');
117
118// ----------------------------------------------------------------
119
120// Calculate the lower limit from which on data should be deleted.
121// This is either noon (if the date is in the future) or the provided
122// time (different from 12:00:00) during the night
123$cut = $day." ".$time;
124
125$d = new DateTime($cut);
126
127// If the time lays before noon, it belongs to the next day
128if ($d->format("His")<120000)
129{
130 $d->add(new DateInterval('P1D')); // PnYnMnDTnHnMnS
131 $cut = $d->format("Y-m-d H:i:s");
132}
133
134// ================================================================
135
136$db = mysql_connect($dbhost,$dbuser,$dbpass);
137if (!$db)
138 die(mysql_error());
139
140if (!mysql_select_db($dbname, $db))
141 die(mysql_error());
142
143$query = "SELECT * FROM MeasurementType";
144
145$sql = mysql_query($query);
146if (!$sql)
147 die(mysql_error());
148
149$measurements = array();
150while($row = mysql_fetch_assoc($sql))
151 $measurements[$row['fMeasurementTypeKey']] = $row;
152
153// ----------------------------------------------------------------
154
155// Now create the queries with the correct dates (date and time)
156// from the posted data and the times therein
157$queries = array();
158
159array_push($queries, "LOCK TABLES Schedule WRITE");
160array_push($queries, "DELETE FROM Schedule WHERE fStart>'".$cut."' AND DATE(ADDTIME(fStart, '-12:00')) = '".$day."'");
161
162// ----------------------------------------------------------------
163
164$last = $cut;
165
166if (count($data)!=1 || !empty($data[0][0])) // empty schedule
167foreach ($data as $row)
168{
169 $t = $row[0]; // time
170
171 // If there is a time set (first task in an observation),
172 // remember the time, if not this is just a measurement
173 // within an observation so duplicate the time
174 if (!isset($t))
175 {
176 $t = $save;
177 $id++;
178 }
179 else
180 {
181 $save = $t;
182 $id = 0;
183 }
184
185 // Check if the time is before noon. If it is before noon,
186 // it belongs to the next day
187 $d = date_parse($t);
188 $t = $d['hour']<12 ? $nextDay." ".$t : $day." ".$t;
189
190 if ($d==FALSE)
191 die("Could not parse time '".$t."' with date_parse");
192
193 // Check all but the last task in a measurement whether
194 // the are not unlimited
195 if ($last==$t)
196 {
197 if ($measurements[$m]['fIsUnlimited']==true)
198 die("Unlimited task '".$measurements[$m]['fMeasurementTypeName']."' detected before end of observation\n[".$last."|".($id-1)."]");
199 }
200
201 if ($last>$t)
202 die("Times not sequential\n[".$last."|".$t."]");
203
204 $last = $t;
205
206 $m = $row[1]; // measurement
207 $s = $row[2]; // source
208 $v = $row[3]; // value
209
210 // Check if task need source or must not have a source
211 if ($measurements[$m]['fNeedsSource']==true && $s==0)
212 die("Task '".$measurements[$m]['fMeasurementTypeName']."' needs source.\n[".$t."|".$id."]");
213 if ($measurements[$m]['fNeedsSource']!=true && $s>0)
214 die("Task '".$measurements[$m]['fMeasurementTypeName']."' must not have source.\n[".$t."|".$id."]");
215
216 // Compile query
217 $query = "INSERT INTO Schedule SET";
218 $query .= " fStart='".$t."'";
219 $query .= ",fMeasurementID=".$id;
220 $query .= ",fMeasurementTypeKey=".$m;
221 $query .= ",fUser='".$user."'";
222 if ($s>0)
223 $query .= ",fSourceKey=".$s;
224
225 // Check if this is a valid JSON object
226 if (!json_decode('{'.$v.'}'))
227 {
228 switch (json_last_error())
229 {
230 case JSON_ERROR_NONE: break;
231 case JSON_ERROR_DEPTH: $err = 'Maximum stack depth exceeded'; break;
232 case JSON_ERROR_STATE_MISMATCH: $err = 'Invalid or malformed JSON'; break;
233 case JSON_ERROR_CTRL_CHAR: $err = 'Unexpected control character'; break;
234 case JSON_ERROR_SYNTAX: $err = 'Syntax error'; break;
235 case JSON_ERROR_UTF8: $err = 'Malformed UTF-8 characters'; break;
236 default: $err = 'Unknown error'; break;
237 }
238
239 if (isset($err))
240 die($err." at ".$t." [entry #".($id+1)."]:\n".$v);
241 }
242
243 // PHP >= 5.5.0
244 // if (!json_decode('{'.$v.'}'))
245 // die("Invalid option at ".$t.": ".$v." [JSON - ".json_last_error_msg()."]");
246
247
248
249 if ($v)
250 $query .= ",fData='".$v."'";
251
252 // add query to the list of queries
253 array_push($queries, $query);
254}
255
256array_push($queries, "UNLOCK TABLES");
257
258// ================================================================
259// Database interaction
260// ================================================================
261
262foreach ($queries as $query)
263 if (!mysql_query($query))
264 die(mysql_error());
265
266mysql_close($db);
267
268?>
Note: See TracBrowser for help on using the repository browser.