Fixed gh-235 to insure that the public access switch for front-end views work. Resolved gh-236 to Auto save Name to System Name if blank. Added text area for private key of server. Fixed the getModel helper method. Fixed the batch methods. Maked a few tweaks to the compiler.
This commit is contained in:
@ -49,7 +49,116 @@ class ComponentbuilderControllerApi extends JControllerForm
|
||||
parent::__construct($config);
|
||||
}
|
||||
|
||||
|
||||
|
||||
public function handshake()
|
||||
{
|
||||
// get input values
|
||||
$input = JFactory::getApplication()->input;
|
||||
// get Trust
|
||||
$PUBLIC = $input->post->get('VDM_PUBLIC', null, 'STRING');
|
||||
$SECRET = $input->post->get('VDM_SECRET', null, 'STRING');
|
||||
$ID = $input->post->get('VDM_ID', null, 'STRING');
|
||||
// check if correct value is given
|
||||
if (ComponentbuilderHelper::checkString($PUBLIC) && ComponentbuilderHelper::checkString($SECRET) && ComponentbuilderHelper::checkString($ID))
|
||||
{
|
||||
// use the JCB open public protocol to open this
|
||||
$opened = ComponentbuilderHelper::openPublicProtocol($SECRET, $ID, $PUBLIC);
|
||||
// simple check to have a little more hoops
|
||||
if (ComponentbuilderHelper::checkString($opened['public']) && ComponentbuilderHelper::checkString($opened['id'])
|
||||
&& strpos($opened['public'], '-----BEGIN PUBLIC KEY-----') !== false
|
||||
&& strpos($opened['public'], '-----END PUBLIC KEY-----') !== false
|
||||
&& strpos($opened['id'], 'VDM_') !== false
|
||||
&& strpos($opened['id'], '_SP') !== false)
|
||||
&& ComponentbuilderHelper::checkObject(ComponentbuilderHelper::crypt('RSA')))
|
||||
{
|
||||
array('public' => ComponentbuilderHelper::getPublicKey($opened['id'], $opened['public']), 'id' => $opened['id']), $opened['public']
|
||||
ComponentbuilderHelper::crypt();
|
||||
// clear session
|
||||
JFactory::getApplication()->getSession()->destroy();
|
||||
jexit();
|
||||
}
|
||||
}
|
||||
}
|
||||
// die since have no trust
|
||||
echo 12;
|
||||
// clear session
|
||||
JFactory::getApplication()->getSession()->destroy();
|
||||
jexit();
|
||||
}
|
||||
|
||||
public function trust()
|
||||
{
|
||||
// get input values
|
||||
$input = JFactory::getApplication()->input;
|
||||
// get Trust
|
||||
$TRUST = $input->post->get('VDM_TRUST', null, 'STRING');
|
||||
// check if correct value is given
|
||||
if (ComponentbuilderHelper::checkString($TRUST))
|
||||
{
|
||||
$key = ComponentbuilderHelper::salt(1, 2);
|
||||
// get the trust
|
||||
$trustArray = ComponentbuilderHelper::unlock($TRUST, $key, null);
|
||||
// check the array
|
||||
if (ComponentbuilderHelper::checkArray($trustArray)
|
||||
&& isset($trustArray['request_id']) && is_numeric($trustArray['request_id'])
|
||||
&& isset($trustArray['chain']) && ComponentbuilderHelper::checkArray($trustArray['chain'])
|
||||
&& isset($trustArray['url']) && ComponentbuilderHelper::checkString($trustArray['url'])
|
||||
&& isset($trustArray['path']) && ComponentbuilderHelper::checkString($trustArray['path'])
|
||||
&& isset($trustArray['email']) && ComponentbuilderHelper::checkString($trustArray['email'])
|
||||
&& isset($trustArray['name']) && ComponentbuilderHelper::checkString($trustArray['name'])
|
||||
&& isset($trustArray['method']) && is_numeric($trustArray['method']) && $trustArray['method'] > 0)
|
||||
{
|
||||
// send the request
|
||||
echo ComponentbuilderHelper::requestTrust($trustArray);
|
||||
// clear session
|
||||
JFactory::getApplication()->getSession()->destroy();
|
||||
jexit();
|
||||
}
|
||||
}
|
||||
// die since have no trust
|
||||
echo 12;
|
||||
// clear session
|
||||
JFactory::getApplication()->getSession()->destroy();
|
||||
jexit();
|
||||
}
|
||||
|
||||
public function itrust()
|
||||
{
|
||||
// get input values
|
||||
$input = JFactory::getApplication()->input;
|
||||
// get allowed string
|
||||
$allow = $input->get('allow', null, 'STRING');
|
||||
// check if correct value is given
|
||||
if (ComponentbuilderHelper::checkString($allow))
|
||||
{
|
||||
// get the request ID
|
||||
$request_id = ComponentbuilderHelper::unlock($allow, null, 4);
|
||||
// check the array
|
||||
if (ComponentbuilderHelper::checkString($request_id)
|
||||
&& strpos($request_id, 'VDM_') !== false
|
||||
&& strpos($request_id, '_SP') !== false)
|
||||
{
|
||||
$request_id = str_replace(array('VDM_', '_SP'), '', $request_id);
|
||||
$request_id = (string) 'VDM_' . preg_replace("/[^0-9]/", "", $request_id) . '_SP';
|
||||
if ($id = ComponentbuilderHelper::getVar('trust_site', $request_id, 'request_id', 'id'))
|
||||
{
|
||||
if ($message = ComponentbuilderHelper::confirmTrust($id))
|
||||
{
|
||||
// push out the message
|
||||
echo $message;
|
||||
// clear session
|
||||
JFactory::getApplication()->getSession()->destroy();
|
||||
jexit();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
// clear session
|
||||
JFactory::getApplication()->getSession()->destroy();
|
||||
// die since have no trust
|
||||
jexit('Restricted access');
|
||||
}
|
||||
|
||||
public function backup()
|
||||
{
|
||||
// get params first
|
||||
@ -209,7 +318,7 @@ class ComponentbuilderControllerApi extends JControllerForm
|
||||
$this->setRedirect(JRoute::_('index.php?option=com_componentbuilder&view=joomla_components', false), JText::_('COM_COMPONENTBUILDER_ACCESS_DENIED'), 'Error');
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
protected function getApiUser()
|
||||
{
|
||||
// return user object
|
||||
|
||||
Reference in New Issue
Block a user