source: trunk/FACT++/www/schedule/save.php@ 18405

Last change on this file since 18405 was 18367, checked in by tbretz, 9 years ago
Check if is valid.
File size: 7.8 KB
Line 
1<?php
2
3if (!isset($_POST['n']) || !isset($_POST['d']))
4 return header('HTTP/1.0 400 Syntax error.');
5
6require_once 'config.php';
7
8function login()
9{
10 global $ldaphost;
11 global $baseDN;
12 global $groupDN;
13
14 $username = $_SERVER['PHP_AUTH_USER'];
15 $password = $_SERVER['PHP_AUTH_PW'];
16
17 if (!isset($username) || !isset($password))
18 return "Unauthorized.";
19
20 $con = @ldap_connect($ldaphost);
21 if (!$con)
22 return "ldap_connect failed to ".$ldaphost;
23
24 //------------------ Look for user common name
25 $attributes = array('cn', 'mail');
26 $dn = 'ou=People,'.$baseDN;
27 $filter = '(uid='.$username.')';
28
29 $sr = @ldap_search($con, $dn, $filter, $attributes);
30 if (!$sr)
31 return "ldap_search failed for dn=".$dn.": ".ldap_error($con);
32
33 $srData = @ldap_get_entries($con, $sr);
34 if ($srData["count"]==0)
35 return "No results returned by ldap_get_entries for dn=".$dn.".";
36
37 $email =$srData[0]['mail'][0];
38 $userCommonName=$srData[0]['cn'][0];
39 $userDN =$srData[0]['dn'];
40
41 //------------------ Authenticate user
42 if (!@ldap_bind($con, $userDN, $password))
43 return "ldap_bind failed: ".ldap_error($con);
44
45 //------------------ Check if the user is in FACT ldap group
46 $attributes= array("member");
47 $filter= '(objectClass=*)';
48
49 // Get all members of the group.
50 $sr = @ldap_read($con, $groupDN, $filter, $attributes);
51 if (!$sr)
52 return "ldap_read failed for dn=".$groupDN.": ".ldap_error($con);
53
54 // retrieve the corresponding data
55 $srData = @ldap_get_entries($con, $sr);
56 if ($srData["count"]==0)
57 return "No results returned by ldap_get_entries for dn=".$dn.".";
58
59 @ldap_unbind($con);
60
61 $found = false;
62 foreach ($srData[0]['member'] as $member)
63 if (strpos($member, "cn=".$userCommonName.",")===0)
64 return "";
65
66 return "Authorization failed.";
67}
68
69// --------------------------------------------------------------------
70
71if (isset($_GET['logout']))
72{
73 if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
74 return;
75
76 return header('HTTP/1.0 401 Successfull logout!');
77}
78
79// --------------------------------------------------------------------
80
81$rc = login();
82if ($rc!="")
83{
84 header('WWW-Authenticate: Basic realm="FACT Schedule"');
85 header('HTTP/1.0 401 '.$rc);
86}
87
88// ====================================================================
89
90// This is the day/night from which the data is to be deleted
91// and to which the data is to be submitted
92$day = $_POST['n'];
93
94// This is the time of the last diabled entry (or the time from which
95// on the data should be deleted/submitted)
96// Note that there is no sanity check yet, therefore the data and the
97// time variable must be consistent
98// FIXME: This should be 11:59:59 the prev day to allow for 12:00 being
99// the first possible entry, but this makes things below more complicated
100$time = isset($_POST['t']) ? $_POST['t'] : "12:00:00";
101
102// The data to be submitted
103$data = json_decode($_POST['d']);
104
105// Get user
106$user = $_SERVER['PHP_AUTH_USER'];
107
108// FIXME: Make sure that the date is valid (in the future)?
109
110// ----------------------------------------------------------------
111
112// Calculate the date for the next day, to have the correct
113//date after midnight as well
114$date = new DateTime($day);
115$date->add(new DateInterval('P1D')); // PnYnMnDTnHnMnS
116$nextDay = $date->format('Y-m-d');
117
118// ----------------------------------------------------------------
119
120// Calculate the lower limit from which on data should be deleted.
121// This is either noon (if the date is in the future) or the provided
122// time (different from 12:00:00) during the night
123$cut = $day." ".$time;
124
125$d = new DateTime($cut);
126
127// If the time lays before noon, it belongs to the next day
128if ($d->format("His")<120000)
129{
130 $d->add(new DateInterval('P1D')); // PnYnMnDTnHnMnS
131 $cut = $d->format("Y-m-d H:i:s");
132}
133
134// ================================================================
135
136$db = mysql_connect($dbhost,$dbuser,$dbpass);
137if (!$db)
138 die(mysql_error());
139
140if (!mysql_select_db($dbname, $db))
141 die(mysql_error());
142
143$query = "SELECT * FROM MeasurementType";
144
145$sql = mysql_query($query);
146if (!$sql)
147 die(mysql_error());
148
149$measurements = array();
150while($row = mysql_fetch_assoc($sql))
151 $measurements[$row['fMeasurementTypeKey']] = $row;
152
153// ----------------------------------------------------------------
154
155// Now create the queries with the correct dates (date and time)
156// from the posted data and the times therein
157$queries = array();
158
159array_push($queries, "LOCK TABLES Schedule WRITE");
160array_push($queries, "DELETE FROM Schedule WHERE fStart>'".$cut."' AND DATE(ADDTIME(fStart, '-12:00')) = '".$day."'");
161
162// ----------------------------------------------------------------
163
164$last = $cut;
165
166foreach ($data as $row)
167{
168 $t = $row[0]; // time
169
170 // If there is a time set (first task in an observation),
171 // remember the time, if not this is just a measurement
172 // within an observation so duplicate the time
173 if (!isset($t))
174 {
175 $t = $save;
176 $id++;
177 }
178 else
179 {
180 $save = $t;
181 $id = 0;
182 }
183
184 // Check if the time is before noon. If it is before noon,
185 // it belongs to the next day
186 $d = date_parse($t);
187 $t = $d['hour']<12 ? $nextDay." ".$t : $day." ".$t;
188
189 // Check all but the last task in a measurement whether
190 // the are not unlimited
191 if ($last==$t)
192 {
193 if ($measurements[$m]['fIsUnlimited']==true)
194 die("Unlimited task '".$measurements[$m]['fMeasurementTypeName']."' detected before end of observation\n[".$last."|".($id-1)."]");
195 }
196
197 if ($last>$t)
198 die("Times not sequential\n[".$last."|".$t."]");
199
200 $last = $t;
201
202 $m = $row[1]; // measurement
203 $s = $row[2]; // source
204 $v = $row[3]; // value
205
206 // Check if task need source or must not have a source
207 if ($measurements[$m]['fNeedsSource']==true && $s==0)
208 die("Task '".$measurements[$m]['fMeasurementTypeName']."' needs source.\n[".$t."|".$id."]");
209 if ($measurements[$m]['fNeedsSource']!=true && $s>0)
210 die("Task '".$measurements[$m]['fMeasurementTypeName']."' must not have source.\n[".$t."|".$id."]");
211
212 // Compile query
213 $query = "INSERT INTO Schedule SET";
214 $query .= " fStart='".$t."'";
215 $query .= ",fMeasurementID=".$id;
216 $query .= ",fMeasurementTypeKey=".$m;
217 $query .= ",fUser='".$user."'";
218 if ($s>0)
219 $query .= ",fSourceKey=".$s;
220
221 // Check if this is a valid JSON object
222 if (!json_decode('{'.$v.'}'))
223 {
224 switch (json_last_error())
225 {
226 case JSON_ERROR_NONE: break;
227 case JSON_ERROR_DEPTH: $err = 'Maximum stack depth exceeded'; break;
228 case JSON_ERROR_STATE_MISMATCH: $err = 'Invalid or malformed JSON'; break;
229 case JSON_ERROR_CTRL_CHAR: $err = 'Unexpected control character'; break;
230 case JSON_ERROR_SYNTAX: $err = 'Syntax error'; break;
231 case JSON_ERROR_UTF8: $err = 'Malformed UTF-8 characters'; break;
232 default: $err = 'Unknown error'; break;
233 }
234
235 if (isset($err))
236 die($err." at ".$t." [entry #".($id+1)."]:\n".$v);
237 }
238
239 // PHP >= 5.5.0
240 // if (!json_decode('{'.$v.'}'))
241 // die("Invalid option at ".$t.": ".$v." [JSON - ".json_last_error_msg()."]");
242
243
244
245 if ($v)
246 $query .= ",fData='".$v."'";
247
248 // add query to the list of queries
249 array_push($queries, $query);
250}
251
252array_push($queries, "UNLOCK TABLES");
253
254// ================================================================
255// Database interaction
256// ================================================================
257
258foreach ($queries as $query)
259 if (!mysql_query($query))
260 die(mysql_error());
261
262mysql_close($db);
263
264?>
Note: See TracBrowser for help on using the repository browser.