Subversion Repositories SmartDukaan

Rev

Rev 15378 | Rev 15383 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 15378 Rev 15380
Line 146... Line 146...
146 
        if(isset($checkToken) && !empty($checkToken) && isset($token) && !empty($token)) {
 146 
        if(isset($checkToken) && !empty($checkToken) && isset($token) && !empty($token)) {
147 
                $this->loadModel('SocialProfile');
 147 
                $this->loadModel('SocialProfile');
148 
                $options = array('conditions'=>array('access_token'=>$token),'fields'=>array('user_id'),'recursive'=>-1);
 148 
                $options = array('conditions'=>array('access_token'=>$token),'fields'=>array('user_id'),'recursive'=>-1);
149 
                $user = $this->SocialProfile->find('first',$options);
 149 
                $user = $this->SocialProfile->find('first',$options);
150 
                $this->log(print_r($user['SocialProfile'],1),'headers');
 150 
                $this->log(print_r($user['SocialProfile'],1),'headers');
151 
                if(!$userId){
 151 
                /*if(!$userId){
152 
                	$userId = $this->request->query('user_id');
 152 
                	$userId = $this->request->query('user_id');
153 
                }
153 
                }*/
154 
                if(isset($userId) && !empty($userId)){
 154 
                if(isset($userId) && !empty($userId)){
155 
                    if($userId == $user['SocialProfile']['user_id']){
 155 
                    if($userId == $user['SocialProfile']['user_id']){
- 
 
 156 
                    	$this->log("User authenticated",'headers');
156 
                        return true;
 157 
                        return true;
157 
                    } else{
 158 
                    } else{
158 
                    	// token mismatch, so maybe hack attempt
 159 
                    	// token mismatch, so maybe hack attempt
- 
 
 160 
                    	$this->log("Mismatch hence user not authenticated",'headers');
159 
                        return false;
 161 
                        return false;
160 
                    }
 162 
                    }
161 
                } else {
 163 
                } else {
162 
                	// userId is not sent so maybe hack attempt
 164 
                	// userId is not sent so maybe hack attempt
- 
 
 165 
                	$this->log("Id not sent hence user not authenticated",'headers');
163 
                	return false;
 166 
                	return false;
164 
                }
 167 
                }
165 
        } else {
168 
        } else {
- 
 
 169 
        	$this->log("Old User hence pass",'headers');
166 
            return true;
 170 
            return true;
167 
        }
 171 
        }
168 
        // return true;
 - 
 
169 
    }
 172 
    }
170 
 
 173 
 
171 
    function getallheaders() {
174 
    function getallheaders() {
172 
	   $headers = '';
175 
	   $headers = '';
173 
       foreach ($_SERVER as $name => $value)
176 
       foreach ($_SERVER as $name => $value)
Line 390... Line 393...
390 
		}
 393 
		}
391 
		$this->loadModel('User');
 394 
		$this->loadModel('User');
392 
		$this->User->Behaviors->attach('Containable');
 395 
		$this->User->Behaviors->attach('Containable');
393 
		$options = array('contain'=>array('UserAccount'), 'conditions'=>array('User.id'=>$userId),'fields'=>array('username','email'),'recursive'=>-1);
 396 
		$options = array('contain'=>array('UserAccount'), 'conditions'=>array('User.id'=>$userId),'fields'=>array('username','email'),'recursive'=>-1);
394 
		$user = $this->User->find('first',$options);
 397 
		$user = $this->User->find('first',$options);
395 
		$this->log("user_accounts ".print_r($user,1));
 398 
		$this->log("user_accounts ".print_r($user,1),'headers');
396 
		$data = array('email'=>$user['User']['email'],'Id'=>$user['UserAccount'][0]['account_key'],'cartId' => $user['UserAccount'][1]['account_key'],'isPrivateDealUser'=>1,'next'=>$next);
 399 
		$data = array('email'=>$user['User']['email'],'Id'=>$user['UserAccount'][0]['account_key'],'cartId' => $user['UserAccount'][1]['account_key'],'isPrivateDealUser'=>1,'next'=>$next);
397 
		$data = '?data='.base64_encode(serialize($data));
 400 
		$data = '?data='.base64_encode(serialize($data));
398 
		$token = '&token='.md5(Configure::read('saholicapikey').'|'.$user['UserAccount'][0]['account_key']);
401 
		$token = '&token='.md5(Configure::read('saholicapikey').'|'.$user['UserAccount'][0]['account_key']);
399 
		$url = Configure::read('saholicapihost')."login!authorizeProfitMandiUser?userId=".$user['UserAccount'][0]['account_key']."&source=ProfitMandi";
 402 
		$url = Configure::read('saholicapihost')."login!authorizeProfitMandiUser?userId=".$user['UserAccount'][0]['account_key']."&source=ProfitMandi";
400 
		$result = $this->make_request($url);
 403 
		$result = $this->make_request($url,null);
- 
 
 404 
		$this->log(print_r($result,1),'headers');
401 
		if(!empty($result['tokenString'])){
 405 
		if(!empty($result['tokenString'])){
402 
			$token = '&token='.$result['tokenString'];
 406 
			$token = '&token='.$result['tokenString'];
403 
			return Configure::read('saholicauthurl').$data.$token.'&v=2';
 407 
			return Configure::read('saholicauthurl').$data.$token.'&v=2';
404 
		}
 408 
		}
405 
		return Configure::read('saholicauthurl').$data.$token;
 409 
		return Configure::read('saholicauthurl').$data.$token;