diff --git a/.gitignore b/.gitignore index 364616d..dbe6e34 100644 --- a/.gitignore +++ b/.gitignore @@ -35,4 +35,5 @@ vendor *.log *.bak - +logs +.gitignore \ No newline at end of file diff --git a/application/controllers/Member.php b/application/controllers/Member.php index 33b1034..462d51b 100644 --- a/application/controllers/Member.php +++ b/application/controllers/Member.php @@ -953,7 +953,7 @@ class Member extends Admin_Controller { list( $payload, $decrypted, $result, $body ) = $this->main_api_post( '/trips/api/report', $payload ); if ( is_array( $payload ) ) { - $key = sprintf( 'speding_category%s', $_days != 60 ? ( $_days > 0 ) ? $_days : '_daysrange' : '' ); + $key = sprintf( 'speding_category%s', $_days != 60 ? (( $_days > 0 ) ? $_days : '_daysrange') : '' ); $data[$key] = $payload; } if ( $echo ) { diff --git a/application/controllers/Welcome.php b/application/controllers/Welcome.php index da2b500..a5b7532 100644 --- a/application/controllers/Welcome.php +++ b/application/controllers/Welcome.php @@ -27,10 +27,11 @@ class Welcome extends Bko_Controller { $in['password'] = $password; $in['action'] = SAVVY_BKO_LOGIN; $out = array(); - $ret = $this->savvy_api($in, $out); + $ret = $this->savvy_admin('/login', $in, $out); //var_dump($ret); //var_dump($out); + if ($ret == PHP_API_OK) { $this->buildUserSession($ret, $out); redirect('dash'); diff --git a/application/core/SAV_Controller.php b/application/core/SAV_Controller.php index 99b0439..3b343ee 100644 --- a/application/core/SAV_Controller.php +++ b/application/core/SAV_Controller.php @@ -1,6 +1,7 @@ "", @@ -44,17 +45,20 @@ class SAV_Controller extends CI_Controller { ); public $data = array(); - function __construct() { + function __construct() + { parent::__construct(); } - protected function smart_htmlspecialchars($str) { + protected function smart_htmlspecialchars($str) + { if (substr($str, 0, 1) == '<') return $str; return htmlspecialchars($str); } - protected function sql_escape_func($inp) { + protected function sql_escape_func($inp) + { if (is_array($inp)) { return array_map(__METHOD__, $inp); } @@ -67,21 +71,38 @@ class SAV_Controller extends CI_Controller { return $inp; } - protected function savvy_api($in, &$out) { + protected function savvy_api($in, &$out) + { global $savvyext; $ret = -1; $in['pid'] = 115; $in['backoffice'] = 1; - error_log(json_encode($in)); + error_log(json_encode($in)); $out = $savvyext->savvyext_api($in); $ret = $out["retval"]; - error_log("ret = $ret"); - error_log(json_encode($out)); + error_log("ret = $ret"); + error_log(json_encode($out)); + return $ret; + } + + protected function savvy_admin($endpoint, $in, &$out) + { + global $savvyext; + $ret = -1; + $in['pid'] = 115; + $in['backoffice'] = 1; + error_log(json_encode($in)); + $out = $savvyext->savvyext_admin($endpoint,$in); + //var_dump($out);exit; + $ret = $out["retval"]; + error_log("ret = $ret"); + error_log(json_encode($out)); return $ret; } // call API with no default params - protected function savvy_api_clearly($in, &$out) { + protected function savvy_api_clearly($in, &$out) + { global $savvyext; $ret = -1; error_log(json_encode($in)); @@ -91,9 +112,10 @@ class SAV_Controller extends CI_Controller { error_log(json_encode($out)); return $ret; } - protected function main_api_post($endpoint,$payload) { + protected function main_api_post($endpoint, $payload) + { global $savvyext; - + $httpAuthToken = $savvyext->cfgReadChar('system.oauth2_token'); $encryptionAlg = $savvyext->cfgReadChar('encryption.algorithm'); $encryptionKey = $savvyext->cfgReadChar('encryption.key'); @@ -106,9 +128,10 @@ class SAV_Controller extends CI_Controller { $encryptionKey, OPENSSL_RAW_DATA, $encryptionIV - )); + ) + ); $postdata = "{\"encrypted_payload\": \"${encrypted_payload}\"}"; - $url = $savvyext->cfgReadChar('system.api_url').$endpoint; + $url = $savvyext->cfgReadChar('system.api_url') . $endpoint; $ch = curl_init($url); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); @@ -117,16 +140,20 @@ class SAV_Controller extends CI_Controller { curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_VERBOSE, false); - curl_setopt($ch, CURLOPT_HTTPHEADER, array( - 'Content-Type: application/json', - 'Content-Length: ' . strlen($postdata), - 'Authorization: Server-Token ' . $httpAuthToken) + curl_setopt( + $ch, + CURLOPT_HTTPHEADER, + array( + 'Content-Type: application/json', + 'Content-Length: ' . strlen($postdata), + 'Authorization: Server-Token ' . $httpAuthToken + ) ); $body = curl_exec($ch); - $result = json_decode($body,true); + $result = json_decode($body, true); - if (is_array($result) && array_key_exists('payload',$result)) { + if (is_array($result) && array_key_exists('payload', $result)) { $decrypted = openssl_decrypt( hex2bin( $result['payload'] @@ -140,18 +167,19 @@ class SAV_Controller extends CI_Controller { $decrypted = $body; // Attempt without encryption } $payload = json_decode($decrypted, true); - return [$payload,$decrypted,$result,$body]; + return [$payload, $decrypted, $result, $body]; } - protected function main_api_get($endpoint,$payload) { + protected function main_api_get($endpoint, $payload) + { global $savvyext; - + $httpAuthToken = $savvyext->cfgReadChar('system.oauth2_token'); $encryptionAlg = $savvyext->cfgReadChar('encryption.algorithm'); $encryptionKey = $savvyext->cfgReadChar('encryption.key'); $encryptionIV = $savvyext->cfgReadChar('encryption.iv'); - $url = $savvyext->cfgReadChar('system.api_url').$endpoint.$payload; + $url = $savvyext->cfgReadChar('system.api_url') . $endpoint . $payload; //echo $url; $ch = curl_init($url); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET"); @@ -159,7 +187,10 @@ class SAV_Controller extends CI_Controller { curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_VERBOSE, false); - curl_setopt($ch, CURLOPT_HTTPHEADER, array( + curl_setopt( + $ch, + CURLOPT_HTTPHEADER, + array( 'Content-Type: application/json', 'Authorization: Server-Token ' . $httpAuthToken, "client_id: BackOffice" @@ -167,9 +198,9 @@ class SAV_Controller extends CI_Controller { ); $body = curl_exec($ch); - $result = json_decode($body,true); + $result = json_decode($body, true); - if (is_array($result) && array_key_exists('payload',$result)) { + if (is_array($result) && array_key_exists('payload', $result)) { $decrypted = openssl_decrypt( hex2bin( $result['payload'] @@ -183,27 +214,31 @@ class SAV_Controller extends CI_Controller { $decrypted = $body; // Attempt without encryption } $payload = json_decode($decrypted, true); - return [$payload,$decrypted,$result,$body]; + return [$payload, $decrypted, $result, $body]; } - function formatedMesage($msgType, $theMessage) { + function formatedMesage($msgType, $theMessage) + { return "
" . $theMessage . "
"; } - protected function renderMemberPage($page_name, $data) { + protected function renderMemberPage($page_name, $data) + { $this->load->view('admin/view_admin_header', $data); $this->load->view('member/' . $page_name, $data); $this->load->view('admin/view_admin_footer', $data); } - protected function renderAdminPage($page_name, $data) { + protected function renderAdminPage($page_name, $data) + { $this->load->view('admin/view_admin_header', $data); $this->load->view('admin/' . $page_name, $data); $this->load->view('admin/view_admin_footer', $data); } - - protected function renderUploadPage($page_name, $data) { + + protected function renderUploadPage($page_name, $data) + { $this->load->view('admin/view_admin_header', $data); $this->load->view('upload/' . $page_name, $data); $this->load->view('admin/view_admin_footer', $data); diff --git a/backend.php b/backend.php index f7c1341..42a6d33 100644 --- a/backend.php +++ b/backend.php @@ -11,81 +11,150 @@ */ -class savvyext_api_savvy{ - var $database= - [ - "host" => "10.10.33.21", - "name" => "savvy", - "user" => "savvy", - "pass" => "savvy001!", - "port" => "5432" - ]; - - var $gpsdatabase= - [ - "host" => "172.31.12.248", - "name" => "savvy_gps", - "user" => "savvy", - "pass" => "savvy001!", - "port" => "5432" - ]; - - - var $database_replica= - [ - "host" => "10.10.33.21", - "name" => "savvy", - "user" => "savvy", - "pass" => "savvy001!", - "port" => "5432" - ]; +class savvyext_api_savvy +{ + var $system = [ + "storage_url" => "https://resources.sworks.float.sg/" + ]; - var $google= - [ - "api_key" => "AIzaSyBMNecOHz0OHbJti5P9foh_PVPYZntr18I", - "api_key_old" => "AIzaSyDvjiRTxngOQyBP4zpqFlZuiquc0ROvo9c", - "drive_client_id" => "343605975098-frdrsttkgkih8dm19js6itgs6ps261ea.apps.googleusercontent.com", - "drive_client_secret" => "XbUr5SW9Y1CaEjO_3fvglRna", - "drive_card_images" => "1NjftJBnFj9zTqWX7GLDhvlh28JOMeqv3", - "storage_project_id" => "float-app-224118", - "storage_auth_file" => "/home/savvy/savvy/savvyext/etc/float-app-224118-52ef1783d2c5.json", - "kms_project_id" => "float-app-224118", - "kms_auth_file" => "/home/savvy/savvy/savvyext/etc/float-app-224118-52ef1783d2c5.json", - "kms_keyring_id" => "development", - "kms_key_id" => "oauth2_tokens" - ]; - - public function cfgReadChar($varname){ - $pieces = explode(".", $varname); - if ( $pieces[0] == 'database'){ - return $this->database[$pieces[1]]; - } - - if ( $pieces[0] == 'gpsdatabase'){ - return $this->gpsdatabase[$pieces[1]]; - } - if ( $pieces[0] == 'database_replica'){ - return $this->database_replica[$pieces[1]]; + var $database = + [ + "host" => "10.10.33.21", + "name" => "savvy", + "user" => "savvy", + "pass" => "savvy001!", + "port" => "5432" + ]; + + var $gpsdatabase = + [ + "host" => "10.10.33.21", + "name" => "savvy_gps", + "user" => "savvy", + "pass" => "savvy001!", + "port" => "5432" + ]; + + + var $database_replica = + [ + "host" => "10.10.33.21", + "name" => "savvy", + "user" => "savvy", + "pass" => "savvy001!", + "port" => "5432" + ]; + + var $google = + [ + "api_key" => "AIzaSyBMNecOHz0OHbJti5P9foh_PVPYZntr18I", + "api_key_old" => "AIzaSyDvjiRTxngOQyBP4zpqFlZuiquc0ROvo9c", + "drive_client_id" => "343605975098-frdrsttkgkih8dm19js6itgs6ps261ea.apps.googleusercontent.com", + "drive_client_secret" => "XbUr5SW9Y1CaEjO_3fvglRna", + "drive_card_images" => "1NjftJBnFj9zTqWX7GLDhvlh28JOMeqv3", + "storage_project_id" => "float-app-224118", + "storage_auth_file" => "/home/savvy/savvy/savvyext/etc/float-app-224118-52ef1783d2c5.json", + "kms_project_id" => "float-app-224118", + "kms_auth_file" => "/home/savvy/savvy/savvyext/etc/float-app-224118-52ef1783d2c5.json", + "kms_keyring_id" => "development", + "kms_key_id" => "oauth2_tokens" + ]; + + var $savvyext = + [ + "url" => "localhost:8000/api/v1/admin/login", + "key" => "ZmxvYXQ6RmwwYXQh", + "token" => "01bef20e2ab1ac21cd6469dd9fbf533b", + ]; + + var $savvyext_admin = + [ + "url" => "localhost:8000/api/v1/admin", + "key" => "ZmxvYXQ6RmwwYXQh", + "token" => "01bef20e2ab1ac21cd6469dd9fbf533b", + ]; + + public function cfgReadChar($varname) + { + $pieces = explode(".", $varname); + if ($pieces[0] == 'database') { + return $this->database[$pieces[1]]; + } + + if ($pieces[0] == 'gpsdatabase') { + return $this->gpsdatabase[$pieces[1]]; + } + if ($pieces[0] == 'database_replica') { + return $this->database_replica[$pieces[1]]; + } + + if (is_array($this->{$pieces[0]})) { + return $this->{$pieces[0]}[$pieces[1]]; + } else { + return []; + } } - - if ( is_array($this->$pieces[0])){ return $this->$pieces[0][$pieces[1]]; - }else {return [];} - - - - } - - public function cfgReadLong($varname){ - return $this->cfgReadChar($varname); - } - public function savvyext_api($in){ - return []; - } - } + public function cfgReadLong($varname) + { + return $this->cfgReadChar($varname); + } - -if (!array_key_exists('savvyext', $GLOBALS)) { - $savvyext = new savvyext_api_savvy(); + public function savvyext_api($in) + { + //return []; + $postdata = json_encode($in); + $url = $this->cfgReadChar('savvyext.url'); + $ch = curl_init($url); + curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); + curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); + curl_setopt($ch, CURLOPT_VERBOSE, false); + curl_setopt($ch, CURLOPT_HTTPHEADER, [ + 'content-type: application/json', + 'content-length: ' . strlen($postdata), + 'server-token: ' . $this->cfgReadChar('savvyext.token') + ]); + curl_setopt($ch, CURLOPT_HEADER, false); // Do not show the response headers + curl_setopt($ch, CURLOPT_USERPWD, base64_decode($this->cfgReadChar('savvyext.key'))); + curl_setopt($ch, CURLOPT_TIMEOUT, 60); + $res = curl_exec($ch); + //echo "DEBUG: ".$res."=====\n"; + curl_close($ch); + return json_decode($res, true); + } + + + public function savvyext_admin($endpoint, $in) + { + //return []; + $postdata = json_encode($in); + $url = $this->cfgReadChar('savvyext_admin.url').$endpoint; + $ch = curl_init($url); + curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); + curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); + curl_setopt($ch, CURLOPT_VERBOSE, false); + curl_setopt($ch, CURLOPT_HTTPHEADER, [ + 'content-type: application/json', + 'content-length: ' . strlen($postdata), + 'server-token: ' . $this->cfgReadChar('savvyext.token') + ]); + curl_setopt($ch, CURLOPT_HEADER, false); // Do not show the response headers + curl_setopt($ch, CURLOPT_USERPWD, base64_decode($this->cfgReadChar('savvyext.key'))); + curl_setopt($ch, CURLOPT_TIMEOUT, 60); + $res = curl_exec($ch); + //echo "DEBUG: ".$res."=====\n"; + curl_close($ch); + return json_decode($res, true); + } } + +if (!array_key_exists('savvyext', $GLOBALS)) { + $savvyext = new savvyext_api_savvy(); +}