This commit is contained in:
xdrm-brackets 2016-11-08 10:47:01 +01:00
parent c50ad689d3
commit 951bea859a
1 changed files with 15 additions and 6 deletions

View File

@ -48,14 +48,18 @@
if( !isset($GLOBALS['TOKEN']) )
$GLOBALS['TOKEN'] = null;
echo "1. ".$GLOBALS['TOKEN']."\n";
/* (1) Liste des permissions */
if( !isset($GLOBALS['PERM']) )
$GLOBALS['PERM'] = [];
echo "2. ".$GLOBALS['TOKEN']."\n";
/* (2) Gestion de AUTH (authentification) dans HEADER
---------------------------------------------------------*/
$GLOBALS['TOKEN'] = isset($_SERVER['PHP_AUTH_DIGEST']) ? $_SERVER['PHP_AUTH_DIGEST'] : '';
echo "3. ".$GLOBALS['TOKEN']."\n";
/* (3) Gestion de AUTH en fonction du token
---------------------------------------------------------*/
@ -64,10 +68,13 @@
else
$GLOBALS['TOKEN'] = null;
echo "4. ".$GLOBALS['TOKEN']."\n";
/* (4) On vérifie l'authentification par BDD
---------------------------------------------------------*/
if( !self::deepCheck() )
$GLOBALS['TOKEN'] = null;
echo "5. ".$GLOBALS['TOKEN']."\n";
}
@ -84,7 +91,7 @@
return false;
/* [2] Vérification de l'authentification
/* [2] Vérification du système
=========================================================*/
/* (1) Fetch cyclic-hashing-system -> check file */
$fn = __BUILD__.'/api/chs/hash';
@ -98,21 +105,23 @@
if( strlen($fc) !== 64 )
return false;
/* (3) Compares content */
/* [3] Hash comparison
=========================================================*/
/* (1) Compares content */
$hashed = self::secure_hash($GLOBALS['TOKEN']);
if( strlen($hashed) !== 64 || $hashed !== $fc )
if( $hashed !== $fc )
return false;
/* (4) Stores new content */
/* (2) Stores new content */
file_put_contents($fn, $GLOBALS['TOKEN']);
/* (5) Stores permission */
/* (3) Stores permission */
if( !in_array('cyclic-hash', $GLOBALS['PERM']) )
$GLOBALS['PERM'][] = 'cyclic-hash';
/* [3] Returns true if no error
/* [4] Returns true if no error
=========================================================*/
return true;