diff --git a/phpgwapi/inc/horde/Horde/SyncML.php b/phpgwapi/inc/horde/Horde/SyncML.php index ba19358c7b..e29d479619 100644 --- a/phpgwapi/inc/horde/Horde/SyncML.php +++ b/phpgwapi/inc/horde/Horde/SyncML.php @@ -19,7 +19,7 @@ * @copyright (c) The Horde Project (http://www.horde.org/) * @version $Id$ */ -require_once(EGW_API_INC.'/class.egw_db.inc.php'); + include_once 'Horde/SyncML/Command.php'; include_once 'Horde/SyncML/Command/Status.php'; include_once 'Horde/SyncML/Command/Alert.php'; @@ -646,11 +646,12 @@ class Horde_SyncML_SyncMLBody extends Horde_SyncML_ContentHandler { switch ($element) { case 'Final': $this->_actionCommands = false; - $deviceInfo = $state->getClientDeviceInfo(); if ($state->getSyncStatus() == CLIENT_SYNC_STARTED) { - if (strtolower($deviceInfo['manufacturer']) == 'funambol' - && isset($deviceInfo['softwareVersion'])) { + if ($state->isAuthorized() && + ($deviceInfo = $state->getClientDeviceInfo()) && + strtolower($deviceInfo['manufacturer']) == 'funambol' + && isset($deviceInfo['softwareVersion'])) { $swversion = $deviceInfo['softwareVersion']; if ($swversion < 1.0) { // e.g. Mozilla plugin uses this range @@ -668,9 +669,8 @@ class Horde_SyncML_SyncMLBody extends Horde_SyncML_ContentHandler { } else { $state->setSyncStatus(CLIENT_SYNC_ACKNOWLEDGED); } - } - if ($state->getSyncStatus() == SERVER_SYNC_FINNISHED) { + } elseif ($state->getSyncStatus() == SERVER_SYNC_FINNISHED) { $state->setSyncStatus(SERVER_SYNC_ACKNOWLEDGED); } diff --git a/phpgwapi/inc/horde/Horde/SyncML/State.php b/phpgwapi/inc/horde/Horde/SyncML/State.php index 45f48b866b..f908cee06e 100644 --- a/phpgwapi/inc/horde/Horde/SyncML/State.php +++ b/phpgwapi/inc/horde/Horde/SyncML/State.php @@ -203,6 +203,11 @@ class Horde_SyncML_State { var $_password; + /* + * integer 0 authorization pending + * -1 authorization failed + * 1 session is authorized + */ var $_isAuthorized; var $_AuthConfirmed; diff --git a/phpgwapi/inc/horde/Horde/SyncML/State_egw.php b/phpgwapi/inc/horde/Horde/SyncML/State_egw.php index 089f0820db..39a46bc579 100644 --- a/phpgwapi/inc/horde/Horde/SyncML/State_egw.php +++ b/phpgwapi/inc/horde/Horde/SyncML/State_egw.php @@ -13,7 +13,7 @@ * @author Joerg Lehrke * @version $Id$ */ -require_once(EGW_API_INC.'/class.egw_db.inc.php'); + include_once dirname(__FILE__).'/State.php'; /** @@ -301,68 +301,95 @@ class EGW_SyncML_State extends Horde_SyncML_State } function isAuthorized() { - if (!$this->_isAuthorized) { - if(!isset($this->_locName) && !isset($this->_password)) { - Horde::logMessage('SyncML: Authentication not yet possible currently. Username and password not available' , __FILE__, __LINE__, PEAR_LOG_DEBUG); - return false; - } - if (!isset($this->_password)) { - Horde::logMessage('SyncML: Authentication not yet possible currently. Password not available' , __FILE__, __LINE__, PEAR_LOG_DEBUG); - return false; - } + if(!isset($this->_locName)) + { + Horde::logMessage('SyncML: Authentication not yet possible. Username not available', + __FILE__, __LINE__, PEAR_LOG_DEBUG); + return false; + } - if (strpos($this->_locName,'@') === False) { - $this->_account_domain = $GLOBALS['egw_info']['server']['default_domain']; - $this->_locName .= '@'. $this->_account_domain; - } else { - $parts = explode('@',$this->_locName); - $this->_account_domain = array_pop($parts); - } + // store sessionID in a variable, because create() and verify() reset this value + $sessionID = session_id(); - $GLOBALS['egw_info']['user']['domain'] = $this->_account_domain; - if (is_array($GLOBALS['egw_domain'][$this->_account_domain])) + if (strpos($this->_locName,'@') === False) + { + $this->_account_domain = $GLOBALS['egw_info']['server']['default_domain']; + $this->_locName .= '@'. $this->_account_domain; + } + else + { + $parts = explode('@',$this->_locName); + $this->_account_domain = array_pop($parts); + } + + if (!is_object($GLOBALS['egw'])) + { + // Let the EGw core create the infrastructure classes + $_POST['login'] = $this->_locName; + $_REQUEST['domain'] = $this->_account_domain; + $GLOBALS['egw_info']['server']['default_domain'] = $this->_account_domain; + $GLOBALS['egw_info']['flags']['currentapp'] = 'login'; + $GLOBALS['egw_info']['flags']['noapi'] = false; + require_once(EGW_API_INC . '/functions.inc.php'); + } + + $GLOBALS['egw_info']['flags']['currentapp'] = 'syncml'; + + if (!$this->_isAuthorized) + { + + if (!isset($this->_password)) { + Horde::logMessage('SyncML: Authentication not yet possible. Credetials missing', + __FILE__, __LINE__, PEAR_LOG_DEBUG); + return false; + } + + if ($GLOBALS['egw']->session->create($this->_locName,$this->_password,'text')) + { + if ($GLOBALS['egw_info']['user']['apps']['syncml']) + { + $this->_isAuthorized = 1; + // restore the original sessionID + session_regenerate_id(); + session_id($sessionID); + $GLOBALS['sessionid'] = $sessionID; + @session_start(); + + Horde::logMessage('SyncML_EGW[' . $GLOBALS['sessionid'] + .']: Authentication of ' . $this->_locName . ' succeded', + __FILE__, __LINE__, PEAR_LOG_DEBUG); + + $config =& CreateObject('phpgwapi.config','syncml'); + $config->read_repository(); + $GLOBALS['config_syncml'] =& $config->config_data; + unset($config); - $GLOBALS['egw_info']['server']['db_host'] = $GLOBALS['egw_domain'][$this->_account_domain]['db_host']; - $GLOBALS['egw_info']['server']['db_port'] = $GLOBALS['egw_domain'][$this->_account_domain]['db_port']; - $GLOBALS['egw_info']['server']['db_name'] = $GLOBALS['egw_domain'][$this->_account_domain]['db_name']; - $GLOBALS['egw_info']['server']['db_user'] = $GLOBALS['egw_domain'][$this->_account_domain]['db_user']; - $GLOBALS['egw_info']['server']['db_pass'] = $GLOBALS['egw_domain'][$this->_account_domain]['db_pass']; - $GLOBALS['egw_info']['server']['db_type'] = $GLOBALS['egw_domain'][$this->_account_domain]['db_type']; - // It works -- don't ask me why. - $this->db = new egw_db($GLOBALS['egw_info']['server']); - if (!$this->db->connect()) { - Horde::logMessage('SyncML_EGW: Can not connect to database for user ' . $this->_locName, - __FILE__, __LINE__, PEAR_LOG_ERROR); - return false; } - - #Horde::logMessage('SyncML: authenticate with username: ' . $this->_locName . ' and password: ' . $this->_password, __FILE__, __LINE__, PEAR_LOG_DEBUG); - - if (($GLOBALS['sessionid'] = $GLOBALS['egw']->session->create($this->_locName,$this->_password,'text'))) { - if ($GLOBALS['egw_info']['user']['apps']['syncml']) { - $this->_isAuthorized = 1; - Horde::logMessage('SyncML_EGW: Authentication of ' . $this->_locName . '/' . $GLOBALS['sessionid'] . ' succeded', - __FILE__, __LINE__, PEAR_LOG_DEBUG); - } else { - $this->_isAuthorized = -1; // Authentication failed! - Horde::logMessage('SyncML is not enabled for user ' . $this->_locName, - __FILE__, __LINE__, PEAR_LOG_ERROR); - } - return ($this->_isAuthorized > 0); + else + { + $this->_isAuthorized = -1; // Authorization failed! + Horde::logMessage('SyncML is not enabled for user ' + . $this->_locName, __FILE__, __LINE__, PEAR_LOG_ERROR); } } - $this->_isAuthorized = -1; - Horde::logMessage('SyncML: Authentication of ' . $this->_locName . ' failed' , - __FILE__, __LINE__, PEAR_LOG_INFO); - } else { - // store sessionID in a variable, because verify() may reset this value - $sessionID = session_id(); - $GLOBALS['egw_info']['user']['domain'] = $this->_account_domain; - if (!$GLOBALS['egw']->session->verify($sessionID, 'staticsyncmlkp3')) { - Horde::logMessage('SyncML_EGW: egw session(' .$sessionID. ') not verified' , - __FILE__, __LINE__, PEAR_LOG_WARNING); + else + { + $this->_isAuthorized = -1; + Horde::logMessage('SyncML: Authentication of ' . $this->_locName + . ' failed', __FILE__, __LINE__, PEAR_LOG_INFO); + + } + + } + elseif ($this->_isAuthorized > 0) + { + if (!$GLOBALS['egw']->session->verify($sessionID, 'staticsyncmlkp3')) + { + Horde::logMessage('SyncML_EGW: egw session(' . $sessionID + . ') could not be not verified' , + __FILE__, __LINE__, PEAR_LOG_ERROR); } } return ($this->_isAuthorized > 0); diff --git a/rpc.php b/rpc.php index 8701e77841..60313008df 100644 --- a/rpc.php +++ b/rpc.php @@ -10,22 +10,27 @@ error_reporting(E_ALL & ~E_NOTICE); @define('AUTH_HANDLER', true); -@define('HORDE_BASE', dirname(__FILE__).'/phpgwapi/inc/horde/'); +@define('EGW_API_INC', dirname(__FILE__) . '/phpgwapi/inc/'); +@define('HORDE_BASE', EGW_API_INC . '/horde/'); require_once HORDE_BASE . '/lib/core.php'; require_once 'Horde/RPC.php'; +//require_once EGW_API_INC . '/common_functions.inc.php'; $GLOBALS['egw_info'] = array( 'flags' => array( - 'currentapp' => 'login', - 'noheader' => True, - 'nonavbar' => True, - 'disable_Template_class' => True - ) + 'currentapp' => 'syncml', + 'noheader' => true, + 'nonavbar' => true, + 'noapi' => true, + 'disable_Template_class' => true, + ), + 'server' => array( + 'show_domain_selectbox' => true, + ), ); -include('./header.inc.php'); -// allow to use an authentication specific for SyncML -$GLOBALS['egw_info']['flags']['currentapp'] = 'syncml'; + +include('./header.inc.php'); $errors = array(); @@ -45,11 +50,6 @@ if(version_compare(PHP_VERSION, '5.0.0') < 0) { $errors[] = 'eGroupWare\'s SyncML server requires PHP5. Please update to PHP 5.0.x if you want to use SyncML.'; } -$config =& CreateObject('phpgwapi.config','syncml'); -$config->read_repository(); -$GLOBALS['config_syncml'] =& $config->config_data; -unset($config); - /* Look at the Content-type of the request, if it is available, to try * and determine what kind of request this is. */ $input = null;