MERMS/MermsEmrWeb
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Backend Provider added

Browse Source
This commit is contained in:
Olusesan Ameye
2019-03-07 01:17:34 +00:00
parent e3e4ef0bd9
commit 2ba9d7ae58
1 changed files with 112 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
mermsemr/src/shared_tool/providers.cc
+112 -2
View File
@@ -16,6 +16,9 @@
#include "function_members.h"
long provider_login(CVars in, CVars &out);
long PracticeLogin(CVars in, CVars &out);
long PracticeSessionCheck(long practice_id, long practice_users_id, const char *sessionid, int create);
long providers_call(CVars in, CVars &out) {
long ret = PHP_API_BAD_PARAM;
@@ -56,14 +59,14 @@ long providers_call(CVars in, CVars &out) {
long provider_login(CVars in, CVars &out) {
long ret = 0;
long ret = -1;
try{
REQ_STRING(in, "username", 2, 49, "(.*)");
REQ_STRING(in, "pass", 2, 49, "(.*)");
if ( load_db_record(out, "SELECT p.name AS practice_name,u.*,u.id AS user_id FROM practice_users u LEFT JOIN practice p ON p.id = u.practice_id WHERE u.id = 1 ") > 0 ){
ret = PHP_LOGIN_OK;
ret = PracticeLogin( in, out );
}
@@ -77,3 +80,110 @@ try{
return ret;
}
long PracticeLogin(CVars in, CVars &out) {
long ret = PHP_API_BAD_PARAM;
try {
REQ_STRING(in, "username", 2, 49, "(.*)");
REQ_STRING(in, "pass", 2, 49, "(.*)");
const char * loc = getenv("REMOTE_ADDR");
ret = load_db_record(out, "SELECT UPPER( md5( now()::text) ) AS sessionid,m.*,m.*,m.id AS practice_users_id FROM practice_users m \
WHERE m.status=1 AND LOWER(m.username)=LOWER('%s') AND m.password= md5('%s')", in["username"].c_str(), in["pass"].c_str());
if (ret && out["practice_users_id"].Long() > 0) {
// remove all existing session
pgsql_exec("DELETE FROM practice_users_session WHERE practice_users_id=%ld ", out["practice_users_id"].Long());
// Create New Session Now
if (PracticeSessionCheck(out["practice_id"].Long(), out["practice_users_id"].Long(),out["sessionid"].c_str(), 1) > 0) {
out["stauts"] = "OK";
/*LOAD THE SESSION INTO OUT now */
load_db_record(out, "SELECT session FROM practice_users_session WHERE practice_users_id=%lu ORDER BY id DESC LIMIT 1", out["practice_users_id"].Long());
provider_email_calls(in["action"].Long(), in, out);
//===============================================================================================================================
pgsql_query("UPDATE practice_users SET last_login = now() WHERE id = %lu", out["practice_users_id"].Long());
// account_email(ACCOUNT_LOGIN_ALERT,out,out); // ALERT CUSTOMER OF LOGIN
ret = PHP_LOGIN_OK;
} else {
out["status"] = "Practice Session Check Failed";
}
} else {
out["status_message"] = "Invalid Username/Password";
}
} catch (bad_parameter) {
logfmt(logINFO, "ERROR CALL long PracticeLogin(CVars in, CVars &out)");
}
return ret;
}
long PracticeSessionCheck(long practice_id, long practice_users_id, const char *sessionid, int create) {
logfmt(logINFO, "long PracticeSessionCheck(long uid, const char *sessionid, int create )");
// Sanity check
long session_expired_minutes = 15; // load in the global
if (practice_users_id < 1 || sessionid == NULL || strlen(sessionid) < 4) {
return -1L; // Invalif parameters
}
logfmt(logINFO, "#######-#########-A");
// Clean old sessions
if (create == 1) // Clean Previous session by force
{
pgsql_exec("DELETE FROM practice_users_session WHERE practice_user_id=%ld", practice_users_id);
}
logfmt(logINFO, "#######-#########-B");
pgsql_exec("DELETE FROM practice_users_session WHERE practice_user_id=%ld AND updated < (now() - interval '%lu minutes')", practice_users_id, session_expired_minutes);
// Update/check existing session
if (create == 0) {
pgsql_exec("UPDATE practice_users_session SET updated=NOW() WHERE practice_users_id=%ld AND session='%s'", practice_users_id, sessionid);
const PGresult *res = pgsql_query("SELECT * FROM practice_users_session WHERE practice_users_id=%ld AND session='%s'", practice_users_id, sessionid);
if (res != NULL && pgsql_num_rows(res) > 0) {
logfmt(logINFO, "VALID SESSION *****");
return 1L; // Session updated
} else {
logfmt(logINFO, "INVALID SESSION *****");
//INVALID SESSION DETECTED
return -1L; // Invalid parameters
}
}
if (create > 0) {
// Check session i?
const PGresult *res = pgsql_query("SELECT * FROM practice_users_session WHERE practice_user_id=%ld AND session<>'%s'", practice_users_id, sessionid);
if (res != NULL && pgsql_num_rows(res) > 0) {
return -2L; // Active sessions found
}
CVars sess; // Do we have the same session already?
if (load_db_record(sess, "SELECT * FROM practice_users_session WHERE practice_user_id=%lu AND session='%s'", practice_users_id, sessionid) > 0) {
pgsql_exec("UPDATE practice_users_session SET updated=NOW() WHERE practice_user_id=%ld AND session='%s'", practice_users_id, sessionid);
return sess["id"].Long();
}
// Create a new session
const char * loc = getenv("REMOTE_ADDR");
sess["loc"] = loc;
sess["loc"].set_valid(true);
sess["practice_id"] = practice_id;
sess["practice_id"].set_valid(true);
sess["practice_user_id"] = practice_users_id;
sess["practice_user_id"].set_valid(true);
sess["session"] = sessionid;
sess["session"].set_valid(true);
long sid = insert_db_record(DBS_VALID, "practice_users_session", "practice_users_session_id_seq", sess); //members_session_id_seq
if (sid > 0) {
return sid; // New session created
}
return -3L; // Failed to create new session
}
logfmt(logINFO, "/long PracticeSessionCheck(long uid, const char *sessionid, int create )");
return 0L; // No route
}