diff --git a/copri4/main/src/Mod/APIfunc.pm b/copri4/main/src/Mod/APIfunc.pm index 9cf3728..c3b517a 100755 --- a/copri4/main/src/Mod/APIfunc.pm +++ b/copri4/main/src/Mod/APIfunc.pm @@ -936,6 +936,7 @@ sub booking_update(){ #prevent reset occupied values OR only if genkey defined #if(($state eq "occupied" && $record_pos->{txt10} =~ /requested/) || ($state eq "occupied" && $record_pos->{txt10} =~ /occupied/ && $q->param('genkey') eq "1")) if(($state_key == 3 && $record_pos->{int10} == 2) || ($state_key == 3 && $record_pos->{int10} == 3 && $q->param('genkey') eq "1")){ + $update_pos->{start_time} = "now()"; $update_pos->{end_time} = "now()"; #$update_pos->{txt05} = "$gps";#start GPS, not exist on request @@ -1065,12 +1066,12 @@ sub booking_update(){ $booking_values->{response_state} = "Failure 2012: occupied bike " . $q->param('bike') . " cannot be $state"; $booking_values->{response_text} = "Fahrrad Nr. " . $q->param('bike') . " ist in Benutzung und kann somit nicht storniert werden."; }elsif($state_key == 3 && $record_pos->{int10} == 1){ - $booking_values->{response_state} = "Failure 2016: occupied bike " . $q->param('bike') . " cannot be $state"; + $booking_values->{response_state} = "Failure 2016: available bike " . $q->param('bike') . " have to be at first reserved, thats because cannot be $state"; $booking_values->{response_text} = "Fahrrad Nr. " . $q->param('bike') . " wurde nicht reserviert und kann somit nicht gemietet werden."; }else{ $booking_values->{response_state} = "Failure 2035: bike " . $q->param('bike') . " state change to $state not possible."; - $booking_values->{response_text} = "Fehler! Die Miete Fahrrad Nr. " . $q->param('bike') . " kann nicht mit dem vorhandnen Status $state_text werden."; + $booking_values->{response_text} = "Fehler! Die Miete Fahrrad Nr. " . $q->param('bike') . " kann nicht mit dem vorhandenen Status $state_text werden."; } #contenttrans @@ -2050,6 +2051,7 @@ sub auth_verify(){ user_tour => [], user_group => [] }; + my $user_group = ""; my $bike_group = ""; my $tariff_content = ""; @@ -2058,6 +2060,11 @@ sub auth_verify(){ $return->{merchant_id} = $1 if($cgi_authcookie && $cgi_authcookie =~ /\w+_(\w+)$/); my $netloc = $q->url(-base=>1); $bw->log("--> auth_verify on dbname $varenv{dbname},\n Starting with authcookie: $cgi_authcookie",$netloc,""); + my $debug=1; + my $now_dt = strftime "%Y-%m-%d %H:%M:%S", localtime; + open(FILE,">>$varenv{logdir}/authcookie.log") if($debug); + print FILE "\n*-->$now_dt $netloc | $varenv{dbname} | $cgi_authcookie\n" if($debug); + if($cgi_authcookie && length($cgi_authcookie) > 30){ my $authref = { table => "contentadr", @@ -2069,16 +2076,18 @@ sub auth_verify(){ $auth_operator = $dbt->fetch_record($dbh,$authref); $bw->log("auth_verified on operator $varenv{dbname} anchor 1",$auth_operator->{c_id},""); + my $auth_primary = { c_id => 0 }; + my $auth_operator = { c_id => 0 }; + #just part of operator-routing (sharee account management) - #primary select - if(1==1){ - if($varenv{dbname} ne "sharee_primary"){ + if($varenv{dbname} ne "sharee_primary"){ + #primary select my $dbh_primary = $dbt->dbconnect_extern("sharee_primary"); - my $auth_primary = { c_id => 0 }; $auth_primary = $dbt->fetch_record($dbh_primary,$authref); if($auth_primary->{c_id} && $auth_primary->{c_id} > 0){ $bw->log("auth_verified on primary anchor 2 by dbname $varenv{dbname}",$auth_primary->{c_id},""); + print FILE "auth_verified on primary anchor 2 by dbname $varenv{dbname} | pri $auth_primary->{c_id}\n if($debug)"; #On booking_request, user must be authenticated and addr must exist #At first insert/update Operator dbname array on primary @@ -2086,8 +2095,9 @@ sub auth_verify(){ #first, save operator array which are used my %operator_hash = ();#local DB - $bw->log("booking_request auth_verified by dbname $varenv{dbname} (dbname=$varenv{dbname})",$auth_operator->{c_id},""); - + $bw->log("booking_request auth_verified by dbname $varenv{dbname}",$auth_operator->{c_id},""); + print FILE "booking_request auth_verified by dbname $varenv{dbname} | pri $auth_primary->{c_id}\n if($debug)"; + if($auth_primary->{txt17} && $auth_primary->{txt17} =~ /\w\s\w/){#append DB's %operator_hash = map { $_ => 1 } split(/\s+/,$auth_primary->{txt17}); }elsif($auth_primary->{txt17}){ @@ -2097,6 +2107,7 @@ sub auth_verify(){ my @operator_array = keys %operator_hash; $bw->log("auth_verified update operator keys by array: @operator_array",\%operator_hash,""); + print FILE "auth_verified update operator keys by array: @operator_array | pri $auth_primary->{c_id}\n" if($debug); my $update_primary = { table => "contentadr", txt17 => "@operator_array",#operator ids @@ -2132,13 +2143,15 @@ sub auth_verify(){ my $auth_operator3 = { c_id => 0 }; $auth_operator3 = $dbt->fetch_record($dbh,$authref);# if($uid); $bw->log("auth_verified on operator anchor 3 by dbname $varenv{dbname}",$auth_operator3->{c_id},""); + print FILE "auth_verified on operator anchor 3 by dbname $varenv{dbname} | op3 $auth_operator3->{c_id}\n" if($debug); #if user on operator available by userid c_id, then update authcookie if($auth_operator3->{c_id} > 0){ my $authcookies = $auth_operator3->{txt05} . "|" . $cgi_authcookie; + $bw->log("UPDATE adr on operator by dbname $varenv{dbname}",$auth_operator3->{c_id},""); + print FILE "UPDATE adr on operator by dbname $varenv{dbname} | op3 $auth_operator3->{c_id}\n" if($debug); my $update = { table => "contentadr", - #txt05 => "$auth_primary->{txt05}",#authcookies txt05 => "$authcookies",#authcookies atime => "now()", #mtime => "now()",#only set mtime on real user-data change @@ -2152,6 +2165,7 @@ sub auth_verify(){ my $c_id = 0; if($auth_primary->{c_id} > 0){ $bw->log("INSERT adr from record_primary to operator by dbname $varenv{dbname}",$auth_primary->{c_id},""); + print FILE "INSERT adr from record_primary to operator by dbname $varenv{dbname} | pri $auth_primary->{c_id}\n" if($debug); my $insert = { %$auth_primary, table => "contentadr", @@ -2162,42 +2176,40 @@ sub auth_verify(){ } }else{ $bw->log("auth_verified on operator anchor 3 FAILS by dbname $varenv{dbname}. user seem not be activated",$auth_operator->{c_id},""); + print FILE "auth_verified on operator anchor 3 FAILS by dbname $varenv{dbname}. user seem not be activated | op $auth_operator->{c_id}\n" if($debug); } } $auth_operator = $dbt->fetch_record($dbh,$authref); if($auth_operator->{c_id} > 0){ $record = $auth_operator;#At first try using operator to get Tarif $bw->log("auth_verified on operator anchor 2.2 by dbname $varenv{dbname}",$auth_operator->{c_id},""); + print FILE "auth_verified on operator anchor 2.2 by dbname $varenv{dbname} | op $auth_operator->{c_id}\n" if($debug); }else{ $record = $auth_primary; $bw->log("auth_verified on primary anchor 2.3 by dbname $varenv{dbname}",$auth_primary->{c_id},""); + print FILE "auth_verified on primary anchor 2.3 by dbname $varenv{dbname} | pri $auth_primary->{c_id}\n" if($debug); } - }else{# if($auth_primary->{c_id}){ fails + }else{# if($auth_primary->{c_id}) fails $bw->log("auth_verified on primary anchor 4 FAILS by dbname $varenv{dbname}.",$auth_primary->{c_id},""); + print FILE "auth_verified on primary anchor 4 FAILS by dbname $varenv{dbname} | pri $auth_primary->{c_id}\n" if($debug); $auth_operator = $dbt->fetch_record($dbh,$authref); $record = $auth_operator; $bw->log("auth_verified on operator anchor 9 by dbname $varenv{dbname}.",$auth_operator->{c_id},""); + print FILE "auth_verified on operator anchor 9 by dbname $varenv{dbname} | op $auth_operator->{c_id}\n" if($debug); } - }else{# if($varenv{dbname} eq "sharee_primary") - my $auth_operator = { c_id => 0 }; - $auth_operator = $dbt->fetch_record($dbh,$authref); - $bw->log("auth_verified on operator anchor 4 by dbname $varenv{dbname}",$auth_operator->{c_id},""); - $record = $auth_operator; - }#end if($varenv{dbname} ne "sharee_primary") - - }else{ - my $auth_operator = { c_id => 0 }; - $auth_operator = $dbt->fetch_record($dbh,$authref); - $bw->log("auth_verified on operator anchor 6 by dbname $varenv{dbname}",$auth_operator->{c_id},""); - $record = $auth_operator; + }else{# if($varenv{dbname} eq "sharee_primary") + $auth_primary = $dbt->fetch_record($dbh,$authref); + $bw->log("auth_verified on operator anchor 4 by dbname $varenv{dbname}",$auth_primary->{c_id},""); + print FILE "auth_verified on operator anchor 4 by dbname $varenv{dbname} | pri $auth_primary->{c_id}\n" if($debug); + $record = $auth_primary; + }#end if($varenv{dbname} ne "sharee_primary") + + if($varenv{dbname} ne "sharee_primary"){ + ($bike_group,$user_group,$tariff_content,$user_tour) = $self->fetch_tariff($record,$q->param('authcookie')); } - if($varenv{dbname} ne "sharee_primary"){ - ($bike_group,$user_group,$tariff_content,$user_tour) = $self->fetch_tariff($record,$q->param('authcookie')); - } - - if ($record->{c_id} > 0 && length($record->{txt05}) > 30){ - my @check_cookies = split(/\|/,$record->{txt05}); + if($auth_primary->{c_id} > 0 && length($auth_primary->{txt05}) > 30){ + my @check_cookies = split(/\|/,$auth_primary->{txt05}); foreach(@check_cookies){ if(length($_) > 30 && $_ =~ /$cgi_authcookie/){ $return->{authcookie} = $cgi_authcookie; @@ -2209,8 +2221,7 @@ sub auth_verify(){ } } } - } - elsif($userc_id && looks_like_number($userc_id) && length($userc_id) >= 4){ + }elsif($userc_id && looks_like_number($userc_id) && length($userc_id) >= 4){ my $authref = { table => "contentadr", fetch => "one", @@ -2232,6 +2243,7 @@ sub auth_verify(){ } }else{ $bw->log("auth_verified on operator anchor FAILS by dbname $varenv{dbname}, no authcookie, dump \$q",$q,""); + print FILE "auth_verified on operator anchor FAILS by dbname $varenv{dbname}, no authcookie\n" if($debug); } $return->{agb_checked} = "0"; $return->{agb_checked} = "1" if($record->{int14});#sharee AGB global @@ -2275,9 +2287,15 @@ sub auth_verify(){ if(!$users_serviceapp->{u_id} || $users_serviceapp->{u_id} == 0){ $record = { c_id => 0 }; + $return = { c_id => 0 }; $bw->log("reset auth_verify because of only Servicetool users access:",$record,""); } + print FILE "users_serviceapp: $users_serviceapp->{u_id} | $return->{authcookie}\n" if($debug); } + + print FILE "final return: $return->{authcookie}\n" if($debug); + + close(FILE) if($debug); return ($return,$record); }#end auth_verify @@ -2297,15 +2315,13 @@ sub authorization(){ my $user_pw = $q->param('user_pw') || $q->param('txt04'); #print "user_pw:" . $q->param('user_pw') . "|txt04:" . $q->param('txt04') . "|user_pw:" . $q->param('user_pw'); - my $pw_length = 6;#only 6 and if < 8 user failure will be set - $user_pw = "mo2Xah6a" if(length($user_pw) < $pw_length); - + my $pw_length = 8; my $record = { c_id => 0 };#if fails - my $return = { authcookie => 0 };#if fails + my $return = { authcookie => "" };#if fails #print "$hw_id | $merchant_id | $user_id | $user_pw\n";exit; - if($user_id && length($user_id) >= 4 && length($user_pw) >= $pw_length && length($hw_id) >= 10 && length($merchant_id) >= 8){ + if($user_id && length($user_id) >= 4 && $user_pw && length($user_pw) >= $pw_length && length($hw_id) >= 10 && length($merchant_id) >= 8){ my $authref = { table => "contentadr", fetch => "one", @@ -2334,7 +2350,7 @@ sub authorization(){ $return = $self->authcookie_manager($dbh,$q,$record,$merchant_id,$hw_id,$aowner); }else{ - $bw->log("authorization fals because of failing condition: if($user_id && length($user_id) >= 4 && length($user_pw) >= $pw_length && length($hw_id) >= 10 && length($merchant_id) >= 8)","",""); + $bw->log("authorization fails because of failing condition: if($user_id && length($user_id) >= 4 && length($user_pw) >= $pw_length && length($hw_id) >= 10 && length($merchant_id) >= 8)","",""); } return $return; }#end authorization @@ -2351,7 +2367,7 @@ sub authcookie_manager { my $user_agent = $q->user_agent(); my $clientIP = $q->remote_addr(); - my $return = { authcookie => 0 };#if fails + my $return = { authcookie => "" };#if fails my %varenv = $cf->envonline(); my $authcookie=md5_hex($record->{txt08}.$q->escapeHTML($hw_id)); diff --git a/copri4/main/src/Mod/APIjsonserver.pm b/copri4/main/src/Mod/APIjsonserver.pm index 0d18187..7be687f 100755 --- a/copri4/main/src/Mod/APIjsonserver.pm +++ b/copri4/main/src/Mod/APIjsonserver.pm @@ -416,7 +416,6 @@ elsif($q->param('request') eq "user_bikes_occupied"){ #bikes_available elsif($q->param('request') eq "bikes_available"){ - #use Time::HiRes qw/gettimeofday/; if($varenv{syshost} eq "shareeapp-primary"){ ($aowner,my $return_merchant) = $apif->fetch_merchant($q,\%varenv,$coo,$q->param('merchant_id')); $varenv{merchant_id} = $return_merchant->{merchant_id}; @@ -425,13 +424,13 @@ elsif($q->param('request') eq "bikes_available"){ my ($auth,$authraw) = $apif->auth_verify($q); $response = { %$response, %$auth }; ($response->{bikes},$response->{uri_operator_array},$response->{user_group},$response->{user_tour}) = $jsc->loop_sharees($q,$authraw,$return_merchant); - #my $stamp = gettimeofday; #$bw->log("X bikes_available $varenv{syshost} $stamp: $response->{user_group}",$response,""); }else{ ($aowner,my $return_merchant) = $apif->fetch_merchant($q,\%varenv,$coo,$q->param('merchant_id')); $varenv{merchant_id} = $return_merchant->{merchant_id}; - my ($auth,$authraw) = $apif->auth_verify($q);#on operator loop select, operator adr must be select to get user_group + #on operator loop select, operator adr must be select to get user_group + my ($auth,$authraw) = $apif->auth_verify($q); $response = { %$response, %$auth }; $bw->log("Y bikes_available by c_id $authraw->{c_id}, Tarif:",$authraw->{txt30},""); $response->{bikes} = $apif->bikes_available($q,\%varenv,$authraw); diff --git a/copri4/shareeweb-project/src/Lib/Mlogic.pm b/copri4/shareeweb-project/src/Lib/Mlogic.pm index 64cc35e..12a025b 100755 --- a/copri4/shareeweb-project/src/Lib/Mlogic.pm +++ b/copri4/shareeweb-project/src/Lib/Mlogic.pm @@ -47,8 +47,8 @@ sub tpl(){ if($users_sharee->{c_id} && $R::sharee_edit ne "delete_account2" && ($users_sharee->{c_id} eq $varenv->{superu_id} || $users_sharee->{c_id} eq "22262" || $dbt->{copri_conf}->{stage} eq "test")){ my $coo = $q->cookie('domcookie') || $q->param('sessionid') || ""; - my $api_test = "sharee_kn"; - #my $api_test = "sharee_fr01"; + #my $api_test = "sharee_kn"; + my $api_test = "sharee_fr01"; print $q->div({-style=>'float:right;text-align:right;height:25px;padding:6px 15px;background-color:white'},$q->a({-style=>"color:#$bgcolor1;", -href=>"$varenv->{metahost}/src/scripts/tests/index.pl?sessionid=$coo\&api_test=$api_test", -target=>'_blank'}," [ $api_test ] ")),"\n"; }