165 lines
5.0 KiB
C++
165 lines
5.0 KiB
C++
// Topup management toosl
|
|
#include "clog.h"
|
|
#include "cgi.h"
|
|
#include "input.h"
|
|
#include "wrenchboard_api.h"
|
|
#include "bko.h"
|
|
#include "account.h"
|
|
#include "email.h"
|
|
#include "safestring.h"
|
|
#include <string>
|
|
#include "pgsql.h"
|
|
#include "pgsql_wrapper.h"
|
|
|
|
#include <curl/curl.h>
|
|
#include "account.h"
|
|
|
|
long BkoCommonSessionCheck(long backoffice_id,long shop,long acc, const char *sessionid, int create );
|
|
long BkoResendOffer(CVars in, CVars &out);
|
|
|
|
long bko_calls(CVars in, CVars &out)
|
|
{
|
|
logfmt( logINFO, "bko_calls()" );
|
|
out["result"] = "YES I GET TO BACK END";
|
|
long action = REQ_LONG( in, "action", 0, -1);
|
|
switch( action )
|
|
{
|
|
case WRENCHBOARD_BKO_LOGIN:
|
|
return LoginBkoAdmin( in, out);
|
|
break;
|
|
|
|
case WRENCHBOARD_BKO_RESEND_OFFER:
|
|
return BkoResendOffer( in, out);
|
|
break;
|
|
}
|
|
logfmt( logINFO, "/bko_calls()" );
|
|
return 0;
|
|
}
|
|
|
|
long BkoResendOffer(CVars in, CVars &out)
|
|
{
|
|
logfmt( logINFO, "BkoResendOffer()" );
|
|
REQ_STRING (in, "offer_code", 5, 49, "(.*)");
|
|
CVars x;
|
|
|
|
if ( load_db_record( x, "SELECT id AS offer_id FROM members_jobs_offer WHERE offer_code='%s'", in["offer_code"].c_str() )){
|
|
//ret = PHP_CREATED_OK;
|
|
//x["offer_id"] = offer_id;
|
|
//x["offer_id"].set_valid(true);
|
|
job_email(JOBS_INDIVIDUAL_OFFER_MAIL, x, out);
|
|
}
|
|
|
|
|
|
logfmt( logINFO, "/BkoResendOffer()" );
|
|
return 0;
|
|
}
|
|
|
|
|
|
long LoginBkoAdmin(CVars in, CVars &out)
|
|
{
|
|
long ret = PHP_API_BAD_PARAM;
|
|
logfmt( logINFO, "LoginBkoAdmin()" );
|
|
REQ_STRING (in, "username", 5, 49, "(.*)");
|
|
REQ_STRING (in, "password", 5, 49, "(.*)");
|
|
//REQ_STRING (in, "sessionid", 4, 40, "(.*)");
|
|
const char * loc = getenv("REMOTE_ADDR");
|
|
|
|
load_db_record( out, "SELECT md5( md5('now()')||'%d' ) AS sessionid",rand()*10000);
|
|
in["sessionid"] = out["sessionid"]; in["sessionid"].set_valid( true );
|
|
|
|
|
|
ret = load_db_record( out, "SELECT *,id AS backoffice_id FROM backoffice WHERE status=1 AND LOWER(username)=LOWER('%s') AND pass= md5('%s')", in["username"].c_str(), in["password"].c_str() );
|
|
if (ret>0) {
|
|
if (BkoCommonSessionCheck(out["id"].Long(),0,0, in["sessionid"].c_str(), 1)>0) {
|
|
out["stauts"] = "OK";
|
|
ret = PHP_API_OK;
|
|
} else {
|
|
out["status"] = "Session check failed";
|
|
}
|
|
} else {
|
|
out["status"] = "Invalid username and/or password";
|
|
}
|
|
|
|
logfmt( logINFO, "/LoginBkoAdmin()" );
|
|
return ret;
|
|
}
|
|
|
|
|
|
long BkoCommonSessionCheck(long backoffice_id,long shop,long acc, const char *sessionid, int create )
|
|
{
|
|
logfmt( logINFO, "long BkoCommonSessionCheck(long backoffice_id,long shop, const char *sessionid, int create )" );
|
|
// Sanity check
|
|
if (backoffice_id<1 || sessionid==NULL || strlen(sessionid)<4) {
|
|
return -1L; // Invalif parameters
|
|
}
|
|
|
|
char ptid[30];
|
|
if ( shop > 0 )
|
|
{
|
|
sprintf( ptid, " AND shop=%lu ", shop );
|
|
}
|
|
else
|
|
{
|
|
sprintf( ptid, " " ); // just empty space
|
|
}
|
|
// Clean old sessions
|
|
if (create>0)
|
|
{ pgsql_exec("DELETE FROM backoffice_session WHERE backoffice_id=%ld %s ", backoffice_id,ptid); }
|
|
else
|
|
{ pgsql_exec("DELETE FROM backoffice_session WHERE backoffice_id=%ld %s AND updated < (now() - interval '15 minutes')", backoffice_id,ptid); }
|
|
|
|
if (create==0 && pgsql_exec("UPDATE backoffice_session SET updated=NOW() WHERE backoffice_id=%ld %s AND sessionid='%s'", backoffice_id,ptid, sessionid)>0) {
|
|
return 1L; // Session updated
|
|
}
|
|
if (create>0) {
|
|
// Check session i?
|
|
/*
|
|
const PGresult *res = pgsql_query("SELECT * FROM backoffice_session WHERE backoffice_id=%ld %s AND sessionid<>'%s'", backoffice_id,ptid, sessionid);
|
|
if (res!=NULL && pgsql_num_rows(res)>0) {
|
|
return -2L; // Active sessions found
|
|
}
|
|
*/
|
|
CVars sess; // Do we have the same session already?
|
|
if (load_db_record( sess, "SELECT * FROM backoffice_session WHERE backoffice_id=%lu %s AND sessionid='%s'", backoffice_id,ptid, sessionid)>0) {
|
|
pgsql_exec("UPDATE backoffice_session SET updated=NOW() WHERE backoffice_id=%ld %s AND sessionid='%s'", backoffice_id,ptid, sessionid);
|
|
return sess["id"].Long();
|
|
}
|
|
// Create a new session
|
|
sess["backoffice_id"] = backoffice_id; sess["backoffice_id"].set_valid(true);
|
|
sess["sessionid"] = sessionid; sess["sessionid"].set_valid(true);
|
|
const char * loc = getenv("REMOTE_ADDR");
|
|
sess["loc"] = loc; sess["loc"].set_valid(true);
|
|
|
|
if ( shop > 0 )
|
|
{
|
|
sess["shop"] = shop; sess["shop"].set_valid(true);
|
|
}
|
|
if ( acc > 0 )
|
|
{
|
|
sess["account"] = acc; sess["account"].set_valid(true);
|
|
}
|
|
long sid = insert_db_record( DBS_VALID, "backoffice_session", "backoffice_session_id_seq", sess );
|
|
if (sid>0) {
|
|
return sid; // New session created
|
|
}
|
|
return -3L; // Failed to create new session
|
|
}
|
|
logfmt( logINFO, "/long BkoCommonSessionCheck(long backoffice_id,long shop, const char *sessionid, int create )" );
|
|
return 0L; // No route
|
|
}
|
|
|
|
/*
|
|
|
|
CREATE TABLE backoffice_session (
|
|
id SERIAL,
|
|
backoffice_id INT REFERENCES managers(id),
|
|
shop INT DEFAULT 0,
|
|
sessionid varchar(100) NOT NULL,
|
|
added timestamp without time zone DEFAULT now(),
|
|
updated timestamp without time zone DEFAULT now(),
|
|
status integer DEFAULT 1,
|
|
loc INET
|
|
);
|
|
|
|
|
|
*/ |