Online PHP editor | output for oEUZ8

<?php /** * Utility Class for IVISS Project * * @author Rochak Chauhan */ class Utility { /** * Function to check if the iviss_cookie is present and/or valid * * @author Rochak Chauhan * @return boolean */ static function isSessionValid() { if (isset(Yii::app()->request->cookies['iviss_cookie']->value)) { $iviss_cookie = @Yii::app()->request->cookies['iviss_cookie']->value; $session = new CHttpSession; $session->open(); if (!isset($session['Person_ID']) || empty($session['Person_ID'])) { return false; } $idm_token = $session['idm_token']; $rand_number = $session['RandomNumner']; $RID = $session['Person_ID']; $ua = $_SERVER['HTTP_USER_AGENT']; $ip = $_SERVER['REMOTE_ADDR']; $session->regenerateID(); $date = date("D-M-Y"); $hash = $idm_token . "_" . $date . "-" . $ua . "_" . $ip . "-" . $RID . "_" . $rand_number; $hash = hash_hmac("sha1", $hash, "legit"); if ($hash == $iviss_cookie) { return true; } } return false; } /** * Function to create iviss_cookie after successful login * * @author Rochak Chauhan * * @return void */ static function initLogin() { $session = new CHttpSession; $session->open(); if (!isset($session['Person_ID']) || empty($session['Person_ID'])) { return false; } $session['RandomNumner'] = $rand_number = rand(1, 999999); $session->regenerateID(); $RID = $session['Person_ID']; $idm_token = $session['idm_token']; $ua = $_SERVER['HTTP_USER_AGENT']; $ip = $_SERVER['REMOTE_ADDR']; $date = date("D-M-Y"); $hash = $idm_token . "_" . $date . "-" . $ua . "_" . $ip . "-" . $RID . "_" . $rand_number; $hash = hash_hmac("sha1", $hash, "legit"); $expire = time() + 60 * 60 * 8; //Cookie valid for 8 hours $cOptions = array("secure" => true, "httpOnly" => true, 'expire' => $expire); Yii::app()->request->cookies['iviss_cookie'] = new CHttpCookie("iviss_cookie", $hash, $cOptions); } /** * Function to filter (whitelisted) the string * * @param string $str * @return string */ static function outputfilter($str) { $str = strip_tags($str); $str = preg_replace('/[^A-Za-z0-9\-\(]/', ' ', $str); $str = str_replace('(', ' ', $str); return $str; } /** * Function to get local/private base url of the servive provider from the service provider tag * * @param string $service_provider_tag * @return mixed (string on success AND false on failure) */ static function getUrlFromLegitTag($service_provider_tag) { $service_provider_tag = (string) $service_provider_tag; $service_provider_tag = Utility::sanatizeParams($service_provider_tag); $data = Yii::app()->cache->get('legitInfo_' . $service_provider_tag); if (($data === false) || empty($data)) { $url = LEGIT_URL . "/getdepartmentinfo/index/sp_tag/$service_provider_tag"; $url = Utility::removeDoubleSlashesFromUrl($url); $param = array(); $hmac = md5(SALT . SECOND_SALT . "CSA_PORTAL_getdepartmentinfo"); $param['hmac'] = $hmac; $data = Utility::postViaCurl($url, $param); $data = json_decode($data); Yii::app()->cache->set('legitInfo_' . $service_provider_tag, $data, DATA_CACHE_TIMEOUT); } if (empty($data->RESPONSE)) { return false; } else { return $data->RESPONSE->service_provider_base_url; } } /** * Function to get public base url of the servive provider from the service provider tag * * @param string $service_provider_tag * @return mixed (string on success AND false on failure) */ static function getPublicUrlFromLegitTag($service_provider_tag) { $service_provider_tag = (string) $service_provider_tag; $service_provider_tag = Utility::sanatizeParams($service_provider_tag); $data = Yii::app()->cache->get('legitPublicInfo_' . $service_provider_tag); if (($data === false) || empty($data)) { $url = LEGIT_URL . "/getdepartmentinfo/index/sp_tag/$service_provider_tag"; $url = Utility::removeDoubleSlashesFromUrl($url); $param = array(); $hmac = md5(SALT . SECOND_SALT . "CSA_PORTAL_getdepartmentinfo"); $param['hmac'] = $hmac; $data = Utility::postViaCurl($url, $param); $data = json_decode($data); Yii::app()->cache->set('legitPublicInfo_' . $service_provider_tag, $data, DATA_CACHE_TIMEOUT); } if (empty($data->RESPONSE)) { return false; } else { return $data->RESPONSE->service_list_url; } } /** * Function to get HMAC_KEY from the Service Provider Tag / LegitTag * * @param string $legitTag * @return mixed (string on success AND false on failure) */ function getHmacKeyFromLegitTag($legitTag) { $legitTag = (string) $legitTag; $legitTag = Utility::sanatizeParams($legitTag); $data = Yii::app()->cache->get('legitHmacInfo_' . $legitTag); if (($data === false) || empty($data)) { $url = LEGIT_URL . "/gethmackey/index/sp_tag/$legitTag"; $url = Utility::removeDoubleSlashesFromUrl($url); $param = array(); $hmac = md5(SALT . SECOND_SALT . "CSA_PORTAL_gethmackey"); $param['hmac'] = $hmac; $data = Utility::postViaCurl($url, $param); $data = json_decode($data); Yii::app()->cache->set('legitHmacInfo_' . $legitTag, $data, DATA_CACHE_TIMEOUT); } if (empty($data->RESPONSE)) { return false; } else { return $data->RESPONSE; } } /** * Remove double slashed * * @param string $url * @return string */ static function removeDoubleSlashesFromUrl($url) { $url = trim($url); if (strpos($url, "https://") === false) { $prefix = "http://"; } else { $prefix = "https://"; } $url = str_replace("http://", "", $url); $url = str_replace("https://", "", $url); $url = str_replace("//", "/", $url); $url = $prefix . $url; return $url; } /** * Function to extract IP address form URL * * @param string $url * @return string (IP Address) */ static function getIpFromUrl($url) { $url = trim($url); $url = str_ireplace("https://", "", $url); $url = str_ireplace("http://", "", $url); $url = str_ireplace("www.", "", $url); $pos = stripos($url, "/", 0); if ($pos !== false) { $url = substr($url, 0, $pos); } return gethostbyname($url); } /** * Function to check if the current client's IP is authorized or not * * @return boolean */ static function isRequestFromAuthorizedDomain() { $authorizedDomains = Utility::getAllAuthorizedDomains(); $REMOTE_ADDR = $_SERVER['REMOTE_ADDR']; return in_array($REMOTE_ADDR, $authorizedDomains); } /** * Function to fetch list of all Authorised Envirnment URLs from Legit * * @return array */ static function getAllAuthorizedDomains() { $return = array(); $res = Yii::app()->cache->get('getallauthorizeddomains'); if (($res === false) || empty($res)) { $hmac = md5(SALT . SECOND_SALT . "CSA_PORTAL_getallauthorizeddomains"); $return['hmac'] = $hmac; $url = LEGIT_URL . "/getallauthorizeddomains"; $res = Utility::postViaCurl($url, $return); $res = json_decode($res); Yii::app()->cache->set('getallauthorizeddomains', $res, DATA_CACHE_TIMEOUT); } if ($res->STATUS_ID == "000") { $return = (array) $res->RESPONSE; } return $return; } /** * Function to check if the logged in user is an athorized CSA * * @param int $rid * @param boolean */ static public function isAuthorizedCsa($rid) { $return = FALSE; $res = Yii::app()->cache->get('getcsainfo_' . $rid); if (($res === false) || empty($res)) { $rid = Utility::sanatizeParams($rid); $apiUrl = LEGIT_URL . "/newgovpay/restapi/getcsainfo/" . $rid; $apiUrl = Utility::removeDoubleSlashesFromUrl($apiUrl); $param = array(); $res = Utility::postViaCurl($apiUrl, $param); $res = json_decode($res); Yii::app()->cache->set('getcsainfo_' . $rid, $res, DATA_CACHE_TIMEOUT); } if ($res->STATUS_ID == "000") { $return = true; } return $return; } /** * Function to check if the logged in user is an athorized CSA * * @param int $rid * @param boolean */ static public function isAuthorizedVle($rid) { $return = FALSE; $info = Utility::getCsaInfo($rid); if ($info) { $RESIDENT_ID = $info['RESIDENT_ID']; $vlerid = $info['vlerid']; if ($vlerid == $RESIDENT_ID) { return TRUE; } } return $return; } /** * Function to check if the logged in user is an athorized CSA * * @param int $rid * @param mixed [array on success and false on error] */ static public function getCsaInfo($rid) { $return = false; if (Utility::isAuthorizedCsa($rid) === TRUE) { $res = Yii::app()->cache->get('getcsainfo_' . $rid); if (($res === false) || empty($res)) { $rid = Utility::sanatizeParams($rid); $apiUrl = LEGIT_URL . "/newgovpay/restapi/getcsainfo/" . $rid; $apiUrl = Utility::removeDoubleSlashesFromUrl($apiUrl); $param = array(); $res = Utility::postViaCurl($apiUrl, $param); $res = json_decode($res); Yii::app()->cache->set('getcsainfo_' . $rid, $res, DATA_CACHE_TIMEOUT); } if ($res->STATUS_ID == "000") { $return = (array) $res->RESPONSE; } } return $return; } /** * Function to get all the CSA Sercices from LeGIT * * @return mixed [array on success and false on failure] */ static public function getCsaServices() { $return = false; $res = Yii::app()->cache->get('getcsaservices_'); if (($res === false) || empty($res)) { $apiUrl = LEGIT_URL . "/getcsaservices"; $apiUrl = Utility::removeDoubleSlashesFromUrl($apiUrl); $hmac = md5(SALT . SECOND_SALT . "CSA_PORTAL_getcsaservices"); $return['hmac'] = $hmac; $res = Utility::postViaCurl($apiUrl, $return); $res = json_decode($res); Yii::app()->cache->set('getcsaservices_', $res, DATA_CACHE_TIMEOUT); } if ($res->STATUS_ID == "000") { $return = (array) $res->RESPONSE; } return $return; } /** * Function to get the full base URL * * @param string */ static public function getFullBaseUrl() { $apiUrl = Yii::app()->cache->get('getbaseurl_esevaportal'); if (($apiUrl === false) || empty($apiUrl)) { $apiUrl = Utility::getPublicUrlFromLegitTag('csaportal'); $apiUrl = Utility::removeDoubleSlashesFromUrl($apiUrl); Yii::app()->cache->set('getbaseurl_esevaportal', $apiUrl, DATA_CACHE_TIMEOUT); } return $apiUrl; } /** * Function to simulate Browser and make a POST request * * @param string $url * @param array $params * @param boolean $serializeParams * * @return string */ static function postViaCurl($url, $params, $serializeParams = FALSE) { if ($serializeParams === true) { $serializedParams = array(); foreach ($params as $key => $value) { if (is_array($value)) { $serializedParams[$key] = serialize($value); } else { $serializedParams[$key] = trim($value); } } $params = $serializedParams; unset($serializedParams); } else { if (is_array($params)) { $post_string = ''; foreach ($params as $key => $val) { if (is_array($val)) { $val = serialize($val); } $post_string .= urlencode($key) . '=' . urlencode($val) . '&'; } $params = rtrim($post_string, '&'); } } $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0'); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_TIMEOUT, CURL_TIMEOUT); curl_setopt($ch, CURLOPT_POSTFIELDS, $params); $output = curl_exec($ch); if ($output === false) { $error = array(); $error['ERROR_MSG'] = curl_error($ch); $error['ERROR_CODE'] = curl_errno($ch); $error['url'] = $url; $return = array(); $return['STATUS_ID'] = '222'; $return['STATUS_MSG'] = 'CURL_ERROR'; $return['RESPONSE'] = $error; return json_encode($return); } else { return $output; } } /** * Function to simulate Browser and make a POST request, while keeping the same Mime type of the response. * * @param string $url * @param array $params * * @return string */ static function postViaCurlWithHeaders($url, $params = NULL) { if (is_array($params)) { $post_string = ''; foreach ($params as $key => $val) { if (is_array($val)) { $val = serialize($val); } $post_string .= urlencode($key) . '=' . urlencode($val) . '&'; } $params = rtrim($post_string, '&'); } $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0'); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_TIMEOUT, CURL_TIMEOUT); curl_setopt($ch, CURLOPT_POSTFIELDS, $params); $output = curl_exec($ch); if ($output === false) { $error = array(); $error['ERROR_MSG'] = curl_error($ch); $error['ERROR_CODE'] = curl_errno($ch); $error['url'] = $url; $return = array(); $return['STATUS_ID'] = '222'; $return['STATUS_MSG'] = 'CURL_ERROR'; $return['RESPONSE'] = $error; return json_encode($return); } else { $info = curl_getinfo($ch); curl_close($ch); $matches = array(); $regex = '/Content-Length:\s([0-9].+?)\s/'; $count = preg_match($regex, $output, $matches); $remote_filesize = isset($matches[1]) ? $matches[1] : ""; $regex = '/Content-Type:\s([a-z].+?)\s/'; $count = preg_match($regex, $output, $matches); $remote_file_content_type = isset($matches[1]) ? $matches[1] : ""; header("Content-Type: $remote_file_content_type"); return $output; } } /** * Function to strip (whitelisted) string * * @param string $parameter * @param boolean $strip_tags * * @return string */ static function sanatizeParams($parameter, $strip_tags = true) { if (is_array($parameter)) { $results = array(); foreach ($parameter as $key => $value) { $value = trim($value); if ($strip_tags) { $value = strip_tags($value); } $value = mysql_escape_string($value); $results[$key] = $value; } return $results; } else { $parameter = trim($parameter); if ($strip_tags) { $parameter = strip_tags($parameter); } $parameter = mysql_escape_string($parameter); return $parameter; } } /** * Function to get the info from the IDM_TOKEN * * @param string $idm_token * * @param array */ static public function getTokenInfo($idm_token) { $apiUrl = Utility::getUrlFromLegitTag('ldapserver'); $apiUrl = $apiUrl . "/api/gettokeninfo/idm_token/" . $idm_token; $apiUrl = Utility::removeDoubleSlashesFromUrl($apiUrl); $return = array(); $res = Utility::postViaCurl($apiUrl, $return); $res = json_decode($res); if ($res->STATUS_ID == "000") { $return = (array) $res->RESPONSE; } return $return; } /** * Function to validate the url * * @param string $url * @return boolean * @throws CHttpException */ static function validateUrlFormat($url) { $count = substr_count($url, "?"); if ($count > 1) { throw new CHttpException(400, 'FATAL ERROR: Invalid URL'); exit; } return true; } /** * Function to check is the current user is Health's Authorized Reporter. * * @param int $rid * @return int [0 on error, 2 register and 1 reporter ] */ static function getHealthUserInfo($rid) { $fields['resident_id'] = $rid; $healthurl = LEGIT_URL . "/bdims/api/verify/Isauthorizeduser"; $getHealthInfo = Utility::postViaCurl($healthurl, $fields); $getHealthInfo = json_decode($getHealthInfo); if ($getHealthInfo->STATUS_ID == "000") { return 2; } elseif ($getHealthInfo->STATUS_ID == "111") { return 1; } return 0; } /** * Function to check if the use if an Auth User in Health * * @param type $rid * @return boolean */ static function isHealthUser($rid) { $fields['resident_id'] = $rid; $healthurl = LEGIT_URL . "/bdims/api/verify/Isauthorizeduser"; $getHealthInfo = Utility::postViaCurl($healthurl, $fields); $getHealthInfo = json_decode($getHealthInfo); if ($getHealthInfo->STATUS_ID == "000") { return TRUE; } elseif ($getHealthInfo->STATUS_ID == "111") { return TRUE; } return false; } static function postSerialzedViaCurl($url, $params) { $params = array("params" => $params); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0'); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_TIMEOUT, CURL_TIMEOUT); curl_setopt($ch, CURLOPT_POSTFIELDS, $params); $output = curl_exec($ch); if ($output === false) { $error = array(); $error['ERROR_MSG'] = curl_error($ch); $error['ERROR_CODE'] = curl_errno($ch); $error['url'] = $url; $return = array(); $return['STATUS_ID'] = '222'; $return['STATUS_MSG'] = 'CURL_ERROR'; $return['RESPONSE'] = $error; return json_encode($return); } else { $info = curl_getinfo($ch); curl_close($ch); $matches = array(); $regex = '/Content-Length:\s([0-9].+?)\s/'; $count = preg_match($regex, $output, $matches); $remote_filesize = isset($matches[1]) ? $matches[1] : ""; $regex = '/Content-Type:\s([a-z].+?)\s/'; $count = preg_match($regex, $output, $matches); $remote_file_content_type = isset($matches[1]) ? $matches[1] : ""; header("Content-Type: $remote_file_content_type"); return $output; } } static function outputfilter($str) { $str = strip_tags($str); $str = preg_replace('/[^A-Za-z0-9\-\(]/', ' ', $str); $str = str_replace('(', ' ', $str); return $str; } static function downloadViaCurl($url, $params) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0'); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_TIMEOUT, CURL_TIMEOUT); curl_setopt($ch, CURLOPT_POSTFIELDS, $params); $output = curl_exec($ch); if ($output === false) { $error = array(); $error['ERROR_MSG'] = curl_error($ch); $error['ERROR_CODE'] = curl_errno($ch); $error['url'] = $url; $return = array(); $return['STATUS_ID'] = '222'; $return['STATUS_MSG'] = 'CURL_ERROR'; $return['RESPONSE'] = $error; return json_encode($return); } else { $info = curl_getinfo($ch); curl_close($ch); $matches = array(); $regex = '/Content-Length:\s([0-9].+?)\s/'; $count = preg_match($regex, $output, $matches); $remote_filesize = isset($matches[1]) ? $matches[1] : ""; $regex = '/Content-Type:\s([a-z].+?)\s/'; $count = preg_match($regex, $output, $matches); $remote_file_content_type = isset($matches[1]) ? $matches[1] : ""; return $output; } } } ?>