From 785d74ad5bcb34b76e127e153f1333cdb7014065 Mon Sep 17 00:00:00 2001
From: Justin Mitchell <arthur@sucs.org>
Date: Mon, 22 Sep 2008 15:19:49 +0000
Subject: [PATCH] handler for card registration codes
---
htdocs/doorknock.php | 132 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 132 insertions(+)
create mode 100644 htdocs/doorknock.php
diff --git a/htdocs/doorknock.php b/htdocs/doorknock.php
new file mode 100644
index 0000000..8a24bec
--- /dev/null
+++ b/htdocs/doorknock.php
@@ -0,0 +1,132 @@
+<?
+
+function msg_tx($text, $time, $fg, $bg)
+{
+ $f = fopen("http://door.sucs.org/sendstatus.py?text=".urlencode($text)."&timeout=$time&fg=$fg&bg=$bg", "r");
+ fclose($f);
+}
+
+function msg_good($text, $time=5)
+{
+ msg_tx($text, $time, "0,0,0", "128,255,128");
+}
+
+function msg_bad($text, $time=3)
+{
+ msg_tx($text, $time, "0,0,0", "255,64,64");
+}
+
+header("Content-type: text/plain");
+
+// Initialise the database
+require("/usr/share/adodb/adodb.inc.php");
+$DB = NewADOConnection('postgres8');
+if ($DB->Connect('dbname=sucs') === FALSE) {
+ echo "DB fail\n";
+ exit;
+}
+$DB->SetFetchMode(ADODB_FETCH_ASSOC);
+
+
+ $f = fopen("/tmp/doorlog", "a");
+
+if (isset($_REQUEST['code'])) {
+
+ // Expire old requests
+ $DB->Execute("delete from doorknock where start < NOW() - 30 seconds:reltime");
+
+ // Parse out the string
+ $code = $_REQUEST['code'];
+
+ $codes = split(' ',$code);
+ if ($codes[0] != "SUCS") {
+ echo "Unrecognised codeword '{$codes[0]}'\n";
+ msg_bad("Invalid slip");
+ exit;
+ }
+
+ // look up the user
+ $user = $DB->GetAll("select * from signup where id=?",array($codes[1]));
+ if (!is_array($user) || count($user) < 1) {
+ echo "Unrecognised signup id\n";
+ msg_bad("Invalid slip");
+ exit;
+ }
+
+ if ($codes[2] != $user[0]['password']) {
+ echo "Password mismatch\n";
+ msg_bad("Invalid slip");
+ exit;
+ }
+
+ if ($user[0]['card'] != "") {
+ echo "User already has a card\n";
+ msg_bad("Slip already used");
+ exit;
+ }
+
+ // all looks valid so far
+ // check we arent bouncing ourselves out
+
+ $exist = $DB->GetAll("select * from doorknock");
+ if (is_array($exist) && count($exist) > 0) {
+ print_r($exist);
+ if ($exist[0]['suid'] == $user[0]['id']) {
+ echo "Already in progress, no action\n";
+ exit;
+ }
+
+ $DB->Execute("delete from doorknock");
+ echo "Bouncing out signup id={$exist[0]['suid']}\n";
+ }
+ $DB->Execute("insert into doorknock (suid,start) values(?,NOW())", array($user[0]['id']));
+ echo "Start waiting for id={$user[0]['id']}\n";
+ msg_good("Please swipe ID Card to complete registration", 10);
+ exit;
+
+
+
+} else
+// a card was swiped at the door, try to match it
+if (isset($_REQUEST['id'])) {
+ $card = $_REQUEST['id'];
+
+ $exist = $DB->GetAll("select * from doorknock");
+ if (!is_array($exist) || count($exist) < 1) {
+ echo "No registration in progress, ignoring.\n";
+ exit;
+ }
+
+ $signup = $DB->GetAll("select * from signup where id=?",array($exist[0]['suid']));
+ if (!is_array($signup) || count($signup) < 1) {
+ echo "Unrecognised signup id\n";
+ msg_bad("Invalid slip");
+ $DB->Execute("delete from doorknock");
+ exit;
+ }
+
+ // should really check the card isnt already registered first
+ $DB->Execute("update signup set card=? where id=?", array($card, $signup[0]['id']));
+ echo "Registering card '$card' to signup id {$signup[0]['id']}\n";
+ $DB->Execute("delete from doorknock");
+
+ // User is registered, stick it in the real doorcards list too
+ if ($signup[0]['username'] != "") {
+ $user = $DB->GetAll("select * from members where username=?", array($signup[0]['username']));
+ if (!is_array($user) || count($user) < 1) {
+ echo "Cant find username '{$signup[0]['username']}' to full reg the card\n";
+ } else {
+ $DB->Execute("insert into doorcards (uid, cardnumber) values (?,?)", array($user[0]['uid'], $card));
+ echo "Registering card to uid={$user[0]['uid']} username {$user[0]['username']}\n";
+ }
+ }
+ unlink("/tmp/cards");
+ system("/usr/local/bin/db-to-cards.php");
+ system("sudo /usr/local/bin/putcardsfile");
+ unlink("/tmp/cards");
+ msg_good("Card now registered, swipe again for access");
+
+ exit;
+}
+
+?>
--
GitLab