<?php
/**
* Utility Class for IVISS Project
*
* @author Rochak Chauhan
*/
class Utility {
/**
* Function to check if the iviss_cookie is present and/or valid
*
* @author Rochak Chauhan
* @return boolean
*/
static function isSessionValid() {
if (isset(Yii::app()->request->cookies['iviss_cookie']->value)) {
$iviss_cookie = @Yii::app()->request->cookies['iviss_cookie']->value;
$session = new CHttpSession;
$session->open();
if (!isset($session['Person_ID']) || empty($session['Person_ID'])) {
return false;
}
$idm_token = $session['idm_token'];
$rand_number = $session['RandomNumner'];
$RID = $session['Person_ID'];
$ua = $_SERVER['HTTP_USER_AGENT'];
$ip = $_SERVER['REMOTE_ADDR'];
$session->regenerateID();
$date = date("D-M-Y");
$hash = $idm_token . "_" . $date . "-" . $ua . "_" . $ip . "-" . $RID . "_" . $rand_number;
$hash = hash_hmac("sha1", $hash, "legit");
if ($hash == $iviss_cookie) {
return true;
}
}
return false;
}
/**
* Function to create iviss_cookie after successful login
*
* @author Rochak Chauhan
*
* @return void
*/
static function initLogin() {
$session = new CHttpSession;
$session->open();
if (!isset($session['Person_ID']) || empty($session['Person_ID'])) {
return false;
}
$session['RandomNumner'] = $rand_number = rand(1, 999999);
$session->regenerateID();
$RID = $session['Person_ID'];
$idm_token = $session['idm_token'];
$ua = $_SERVER['HTTP_USER_AGENT'];
$ip = $_SERVER['REMOTE_ADDR'];
$date = date("D-M-Y");
$hash = $idm_token . "_" . $date . "-" . $ua . "_" . $ip . "-" . $RID . "_" . $rand_number;
$hash = hash_hmac("sha1", $hash, "legit");
$expire = time() + 60 * 60 * 8; //Cookie valid for 8 hours
$cOptions = array("secure" => true, "httpOnly" => true, 'expire' => $expire);
Yii::app()->request->cookies['iviss_cookie'] = new CHttpCookie("iviss_cookie", $hash, $cOptions);
}
/**
* Function to filter (whitelisted) the string
*
* @param string $str
* @return string
*/
static function outputfilter($str) {
$str = strip_tags($str);
$str = preg_replace('/[^A-Za-z0-9\-\(]/', ' ', $str);
$str = str_replace('(', ' ', $str);
return $str;
}
/**
* Function to get local/private base url of the servive provider from the service provider tag
*
* @param string $service_provider_tag
* @return mixed (string on success AND false on failure)
*/
static function getUrlFromLegitTag($service_provider_tag) {
$service_provider_tag = (string) $service_provider_tag;
$service_provider_tag = Utility::sanatizeParams($service_provider_tag);
$data = Yii::app()->cache->get('legitInfo_' . $service_provider_tag);
if (($data === false) || empty($data)) {
$url = LEGIT_URL . "/getdepartmentinfo/index/sp_tag/$service_provider_tag";
$url = Utility::removeDoubleSlashesFromUrl($url);
$param = array();
$hmac = md5(SALT . SECOND_SALT . "CSA_PORTAL_getdepartmentinfo");
$param['hmac'] = $hmac;
$data = Utility::postViaCurl($url, $param);
$data = json_decode($data);
Yii::app()->cache->set('legitInfo_' . $service_provider_tag, $data, DATA_CACHE_TIMEOUT);
}
if (empty($data->RESPONSE)) {
return false;
} else {
return $data->RESPONSE->service_provider_base_url;
}
}
/**
* Function to get public base url of the servive provider from the service provider tag
*
* @param string $service_provider_tag
* @return mixed (string on success AND false on failure)
*/
static function getPublicUrlFromLegitTag($service_provider_tag) {
$service_provider_tag = (string) $service_provider_tag;
$service_provider_tag = Utility::sanatizeParams($service_provider_tag);
$data = Yii::app()->cache->get('legitPublicInfo_' . $service_provider_tag);
if (($data === false) || empty($data)) {
$url = LEGIT_URL . "/getdepartmentinfo/index/sp_tag/$service_provider_tag";
$url = Utility::removeDoubleSlashesFromUrl($url);
$param = array();
$hmac = md5(SALT . SECOND_SALT . "CSA_PORTAL_getdepartmentinfo");
$param['hmac'] = $hmac;
$data = Utility::postViaCurl($url, $param);
$data = json_decode($data);
Yii::app()->cache->set('legitPublicInfo_' . $service_provider_tag, $data, DATA_CACHE_TIMEOUT);
}
if (empty($data->RESPONSE)) {
return false;
} else {
return $data->RESPONSE->service_list_url;
}
}
/**
* Function to get HMAC_KEY from the Service Provider Tag / LegitTag
*
* @param string $legitTag
* @return mixed (string on success AND false on failure)
*/
function getHmacKeyFromLegitTag($legitTag) {
$legitTag = (string) $legitTag;
$legitTag = Utility::sanatizeParams($legitTag);
$data = Yii::app()->cache->get('legitHmacInfo_' . $legitTag);
if (($data === false) || empty($data)) {
$url = LEGIT_URL . "/gethmackey/index/sp_tag/$legitTag";
$url = Utility::removeDoubleSlashesFromUrl($url);
$param = array();
$hmac = md5(SALT . SECOND_SALT . "CSA_PORTAL_gethmackey");
$param['hmac'] = $hmac;
$data = Utility::postViaCurl($url, $param);
$data = json_decode($data);
Yii::app()->cache->set('legitHmacInfo_' . $legitTag, $data, DATA_CACHE_TIMEOUT);
}
if (empty($data->RESPONSE)) {
return false;
} else {
return $data->RESPONSE;
}
}
/**
* Remove double slashed
*
* @param string $url
* @return string
*/
static function removeDoubleSlashesFromUrl($url) {
$url = trim($url);
if (strpos($url, "https://") === false) {
$prefix = "http://";
} else {
$prefix = "https://";
}
$url = str_replace("http://", "", $url);
$url = str_replace("https://", "", $url);
$url = str_replace("//", "/", $url);
$url = $prefix . $url;
return $url;
}
/**
* Function to extract IP address form URL
*
* @param string $url
* @return string (IP Address)
*/
static function getIpFromUrl($url) {
$url = trim($url);
$url = str_ireplace("https://", "", $url);
$url = str_ireplace("http://", "", $url);
$url = str_ireplace("www.", "", $url);
$pos = stripos($url, "/", 0);
if ($pos !== false) {
$url = substr($url, 0, $pos);
}
return gethostbyname($url);
}
/**
* Function to check if the current client's IP is authorized or not
*
* @return boolean
*/
static function isRequestFromAuthorizedDomain() {
$authorizedDomains = Utility::getAllAuthorizedDomains();
$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
return in_array($REMOTE_ADDR, $authorizedDomains);
}
/**
* Function to fetch list of all Authorised Envirnment URLs from Legit
*
* @return array
*/
static function getAllAuthorizedDomains() {
$return = array();
$res = Yii::app()->cache->get('getallauthorizeddomains');
if (($res === false) || empty($res)) {
$hmac = md5(SALT . SECOND_SALT . "CSA_PORTAL_getallauthorizeddomains");
$return['hmac'] = $hmac;
$url = LEGIT_URL . "/getallauthorizeddomains";
$res = Utility::postViaCurl($url, $return);
$res = json_decode($res);
Yii::app()->cache->set('getallauthorizeddomains', $res, DATA_CACHE_TIMEOUT);
}
if ($res->STATUS_ID == "000") {
$return = (array) $res->RESPONSE;
}
return $return;
}
/**
* Function to check if the logged in user is an athorized CSA
*
* @param int $rid
* @param boolean
*/
static public function isAuthorizedCsa($rid) {
$return = FALSE;
$res = Yii::app()->cache->get('getcsainfo_' . $rid);
if (($res === false) || empty($res)) {
$rid = Utility::sanatizeParams($rid);
$apiUrl = LEGIT_URL . "/newgovpay/restapi/getcsainfo/" . $rid;
$apiUrl = Utility::removeDoubleSlashesFromUrl($apiUrl);
$param = array();
$res = Utility::postViaCurl($apiUrl, $param);
$res = json_decode($res);
Yii::app()->cache->set('getcsainfo_' . $rid, $res, DATA_CACHE_TIMEOUT);
}
if ($res->STATUS_ID == "000") {
$return = true;
}
return $return;
}
/**
* Function to check if the logged in user is an athorized CSA
*
* @param int $rid
* @param boolean
*/
static public function isAuthorizedVle($rid) {
$return = FALSE;
$info = Utility::getCsaInfo($rid);
if ($info) {
$RESIDENT_ID = $info['RESIDENT_ID'];
$vlerid = $info['vlerid'];
if ($vlerid == $RESIDENT_ID) {
return TRUE;
}
}
return $return;
}
/**
* Function to check if the logged in user is an athorized CSA
*
* @param int $rid
* @param mixed [array on success and false on error]
*/
static public function getCsaInfo($rid) {
$return = false;
if (Utility::isAuthorizedCsa($rid) === TRUE) {
$res = Yii::app()->cache->get('getcsainfo_' . $rid);
if (($res === false) || empty($res)) {
$rid = Utility::sanatizeParams($rid);
$apiUrl = LEGIT_URL . "/newgovpay/restapi/getcsainfo/" . $rid;
$apiUrl = Utility::removeDoubleSlashesFromUrl($apiUrl);
$param = array();
$res = Utility::postViaCurl($apiUrl, $param);
$res = json_decode($res);
Yii::app()->cache->set('getcsainfo_' . $rid, $res, DATA_CACHE_TIMEOUT);
}
if ($res->STATUS_ID == "000") {
$return = (array) $res->RESPONSE;
}
}
return $return;
}
/**
* Function to get all the CSA Sercices from LeGIT
*
* @return mixed [array on success and false on failure]
*/
static public function getCsaServices() {
$return = false;
$res = Yii::app()->cache->get('getcsaservices_');
if (($res === false) || empty($res)) {
$apiUrl = LEGIT_URL . "/getcsaservices";
$apiUrl = Utility::removeDoubleSlashesFromUrl($apiUrl);
$hmac = md5(SALT . SECOND_SALT . "CSA_PORTAL_getcsaservices");
$return['hmac'] = $hmac;
$res = Utility::postViaCurl($apiUrl, $return);
$res = json_decode($res);
Yii::app()->cache->set('getcsaservices_', $res, DATA_CACHE_TIMEOUT);
}
if ($res->STATUS_ID == "000") {
$return = (array) $res->RESPONSE;
}
return $return;
}
/**
* Function to get the full base URL
*
* @param string
*/
static public function getFullBaseUrl() {
$apiUrl = Yii::app()->cache->get('getbaseurl_esevaportal');
if (($apiUrl === false) || empty($apiUrl)) {
$apiUrl = Utility::getPublicUrlFromLegitTag('csaportal');
$apiUrl = Utility::removeDoubleSlashesFromUrl($apiUrl);
Yii::app()->cache->set('getbaseurl_esevaportal', $apiUrl, DATA_CACHE_TIMEOUT);
}
return $apiUrl;
}
/**
* Function to simulate Browser and make a POST request
*
* @param string $url
* @param array $params
* @param boolean $serializeParams
*
* @return string
*/
static function postViaCurl($url, $params, $serializeParams = FALSE) {
if ($serializeParams === true) {
$serializedParams = array();
foreach ($params as $key => $value) {
if (is_array($value)) {
$serializedParams[$key] = serialize($value);
} else {
$serializedParams[$key] = trim($value);
}
}
$params = $serializedParams;
unset($serializedParams);
} else {
if (is_array($params)) {
$post_string = '';
foreach ($params as $key => $val) {
if (is_array($val)) {
$val = serialize($val);
}
$post_string .= urlencode($key) . '=' . urlencode($val) . '&';
}
$params = rtrim($post_string, '&');
}
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_TIMEOUT, CURL_TIMEOUT);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
$output = curl_exec($ch);
if ($output === false) {
$error = array();
$error['ERROR_MSG'] = curl_error($ch);
$error['ERROR_CODE'] = curl_errno($ch);
$error['url'] = $url;
$return = array();
$return['STATUS_ID'] = '222';
$return['STATUS_MSG'] = 'CURL_ERROR';
$return['RESPONSE'] = $error;
return json_encode($return);
} else {
return $output;
}
}
/**
* Function to simulate Browser and make a POST request, while keeping the same Mime type of the response.
*
* @param string $url
* @param array $params
*
* @return string
*/
static function postViaCurlWithHeaders($url, $params = NULL) {
if (is_array($params)) {
$post_string = '';
foreach ($params as $key => $val) {
if (is_array($val)) {
$val = serialize($val);
}
$post_string .= urlencode($key) . '=' . urlencode($val) . '&';
}
$params = rtrim($post_string, '&');
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_TIMEOUT, CURL_TIMEOUT);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
$output = curl_exec($ch);
if ($output === false) {
$error = array();
$error['ERROR_MSG'] = curl_error($ch);
$error['ERROR_CODE'] = curl_errno($ch);
$error['url'] = $url;
$return = array();
$return['STATUS_ID'] = '222';
$return['STATUS_MSG'] = 'CURL_ERROR';
$return['RESPONSE'] = $error;
return json_encode($return);
} else {
$info = curl_getinfo($ch);
curl_close($ch);
$matches = array();
$regex = '/Content-Length:\s([0-9].+?)\s/';
$count = preg_match($regex, $output, $matches);
$remote_filesize = isset($matches[1]) ? $matches[1] : "";
$regex = '/Content-Type:\s([a-z].+?)\s/';
$count = preg_match($regex, $output, $matches);
$remote_file_content_type = isset($matches[1]) ? $matches[1] : "";
header("Content-Type: $remote_file_content_type");
return $output;
}
}
/**
* Function to strip (whitelisted) string
*
* @param string $parameter
* @param boolean $strip_tags
*
* @return string
*/
static function sanatizeParams($parameter, $strip_tags = true) {
if (is_array($parameter)) {
$results = array();
foreach ($parameter as $key => $value) {
$value = trim($value);
if ($strip_tags) {
$value = strip_tags($value);
}
$value = mysql_escape_string($value);
$results[$key] = $value;
}
return $results;
} else {
$parameter = trim($parameter);
if ($strip_tags) {
$parameter = strip_tags($parameter);
}
$parameter = mysql_escape_string($parameter);
return $parameter;
}
}
/**
* Function to get the info from the IDM_TOKEN
*
* @param string $idm_token
*
* @param array
*/
static public function getTokenInfo($idm_token) {
$apiUrl = Utility::getUrlFromLegitTag('ldapserver');
$apiUrl = $apiUrl . "/api/gettokeninfo/idm_token/" . $idm_token;
$apiUrl = Utility::removeDoubleSlashesFromUrl($apiUrl);
$return = array();
$res = Utility::postViaCurl($apiUrl, $return);
$res = json_decode($res);
if ($res->STATUS_ID == "000") {
$return = (array) $res->RESPONSE;
}
return $return;
}
/**
* Function to validate the url
*
* @param string $url
* @return boolean
* @throws CHttpException
*/
static function validateUrlFormat($url) {
$count = substr_count($url, "?");
if ($count > 1) {
throw new CHttpException(400, 'FATAL ERROR: Invalid URL');
exit;
}
return true;
}
/**
* Function to check is the current user is Health's Authorized Reporter.
*
* @param int $rid
* @return int [0 on error, 2 register and 1 reporter ]
*/
static function getHealthUserInfo($rid) {
$fields['resident_id'] = $rid;
$healthurl = LEGIT_URL . "/bdims/api/verify/Isauthorizeduser";
$getHealthInfo = Utility::postViaCurl($healthurl, $fields);
$getHealthInfo = json_decode($getHealthInfo);
if ($getHealthInfo->STATUS_ID == "000") {
return 2;
} elseif ($getHealthInfo->STATUS_ID == "111") {
return 1;
}
return 0;
}
/**
* Function to check if the use if an Auth User in Health
*
* @param type $rid
* @return boolean
*/
static function isHealthUser($rid) {
$fields['resident_id'] = $rid;
$healthurl = LEGIT_URL . "/bdims/api/verify/Isauthorizeduser";
$getHealthInfo = Utility::postViaCurl($healthurl, $fields);
$getHealthInfo = json_decode($getHealthInfo);
if ($getHealthInfo->STATUS_ID == "000") {
return TRUE;
} elseif ($getHealthInfo->STATUS_ID == "111") {
return TRUE;
}
return false;
}
static function postSerialzedViaCurl($url, $params) {
$params = array("params" => $params);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_TIMEOUT, CURL_TIMEOUT);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
$output = curl_exec($ch);
if ($output === false) {
$error = array();
$error['ERROR_MSG'] = curl_error($ch);
$error['ERROR_CODE'] = curl_errno($ch);
$error['url'] = $url;
$return = array();
$return['STATUS_ID'] = '222';
$return['STATUS_MSG'] = 'CURL_ERROR';
$return['RESPONSE'] = $error;
return json_encode($return);
} else {
$info = curl_getinfo($ch);
curl_close($ch);
$matches = array();
$regex = '/Content-Length:\s([0-9].+?)\s/';
$count = preg_match($regex, $output, $matches);
$remote_filesize = isset($matches[1]) ? $matches[1] : "";
$regex = '/Content-Type:\s([a-z].+?)\s/';
$count = preg_match($regex, $output, $matches);
$remote_file_content_type = isset($matches[1]) ? $matches[1] : "";
header("Content-Type: $remote_file_content_type");
return $output;
}
}
static function outputfilter($str) {
$str = strip_tags($str);
$str = preg_replace('/[^A-Za-z0-9\-\(]/', ' ', $str);
$str = str_replace('(', ' ', $str);
return $str;
}
static function downloadViaCurl($url, $params) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_TIMEOUT, CURL_TIMEOUT);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
$output = curl_exec($ch);
if ($output === false) {
$error = array();
$error['ERROR_MSG'] = curl_error($ch);
$error['ERROR_CODE'] = curl_errno($ch);
$error['url'] = $url;
$return = array();
$return['STATUS_ID'] = '222';
$return['STATUS_MSG'] = 'CURL_ERROR';
$return['RESPONSE'] = $error;
return json_encode($return);
} else {
$info = curl_getinfo($ch);
curl_close($ch);
$matches = array();
$regex = '/Content-Length:\s([0-9].+?)\s/';
$count = preg_match($regex, $output, $matches);
$remote_filesize = isset($matches[1]) ? $matches[1] : "";
$regex = '/Content-Type:\s([a-z].+?)\s/';
$count = preg_match($regex, $output, $matches);
$remote_file_content_type = isset($matches[1]) ? $matches[1] : "";
return $output;
}
}
}
?>
- Output for 5.3.0 - 5.3.28, 5.4.0 - 5.4.27, 5.5.0 - 5.5.11
- Fatal error: Cannot redeclare Utility::outputfilter() in /in/oEUZ8 on line 591
Process exited with code 255.
preferences:
190.98 ms | 1395 KiB | 76 Q