"; metaobjectRequestLogFile($currentTime . " - " . $currentClientIP); metaobjectRequestLogFile($metaobjectReq); if ($selectedLanguage == "" || !is_numeric($selectedLanguage)) : $selectedLanguage = "1"; endif; // Default in English $languageSelected = $selectedLanguage; getLanguage(__FILE__); getCurrentScript(__FILE__); $err = array(); $metaobjectResponse = ""; $xmlMetaobject = ""; // *** Parse request *** $dataArray = xml2array($metaobjectReq); // *** Convert result array to usable parameters *** // Authentication data $sessionId = convertSpecial($dataArray["xml"]["metaobject"]["auth"]["session_id"]); $passPhrase = convertSpecial($dataArray["xml"]["metaobject"]["auth"]["passphrase"]); if (checkRequestAuthenticationData2($sessionId, $passPhrase)) : $debugOut .= "Authentication okay!

\n"; $operationMode = convertSpecial($dataArray["xml"]["metaobject"]["operation"]); if ($operationMode == "") : $operationMode = "GET"; else : $operationMode = strtoupper($operationMode); endif; $debugOn = convertSpecial($dataArray["xml"]["metaobject"]["debug_on"]); if (strtoupper($debugOn) == "YES" || strtoupper($debugOn) == "ON") : $debug = true; endif; $objType = convertSpecial($dataArray["xml"]["metaobject"]["obj_type"]); $objId = convertSpecial($dataArray["xml"]["metaobject"]["obj_id"]); $objEid = convertSpecial($dataArray["xml"]["metaobject"]["obj_eid"]); if ($objType == "") : $objType = "cs"; endif; if ($objType == "cs") : if ($objId != "" && $objEid == "") : $objEid = getFieldValueFromId("customer","cs_id",$objId,"cs_eid"); elseif ($objEid != "" && $objId == "") : $objId = getFieldValueFromId("customer","cs_eid",$objEid,"cs_id"); endif; elseif ($objType == "cr") : if ($objId != "" && $objEid == "") : $objEid = getFieldValueFromId("courier","cr_id",$objId,"cr_eid"); elseif ($objEid != "" && $objId == "") : $objId = getFieldValueFromId("courier","cr_eid",$objEid,"cr_id"); endif; endif; $debugOut .= "operation: " . $operation . "
\n"; $debugOut .= "objType: " . $objType . "
\n"; $debugOut .= "objId: " . $objId . "
\n"; $debugOut .= "objEid: " . $objEid . "
\n"; // INIT $specialScriptExtensionForAutoResponse = ""; $moObjType = "usr"; // metaobject type if ($objId != "" && $objEid != "") : // Get current global number of THIS database instance $constGlobalDbInstNo = getParameterValue("0", "GLOBAL_UNIQUE_DB_INSTANCE_NO", "0", "0"); if ($objType == "cs") : $csEidString = "'" . $objEid . "'"; $sqlquery = "SELECT hq.hq_id, hq.hq_mnemonic, cs.cs_eid, cs.cs_id, usr.usr_id, usr.usr_account" . " FROM customer AS cs, employee AS emp, user AS usr, headquarters AS hq" . " WHERE cs.cs_eid IN (" . $csEidString . ") AND" . " cs.hq_id = hq.hq_id AND" . " cs.cs_admin = emp.emp_id AND" . " emp.usr_id = usr.usr_id"; $debugOut .= "
\nSQL:
\n" . $sqlquery . "
\n
\n"; $result = $db->query($sqlquery); if (DB::isError($result)) die ("$PHP_SELF: " . $result->getMessage()); $csArray = array(); $csIdArray = array(); while ($row = $result->fetch_assoc()): $csIdArray[] = $row["cs_id"]; $csArray[$row["cs_id"]] = array($row["cs_eid"], $row["hq_id"], $row["hq_mnemonic"], $row["usr_id"], $row["usr_account"]); endwhile; $result->free(); $csIdArrayLen = count($csIdArray); // print_r($csIdArray); $debugOut .= "Anzahl einzutragener Kunden auf Basis der EIDs: " . $csIdArrayLen . "
\n"; if ($csIdArrayLen > 0) : $debugOut .= "constGlobalDbInstNo=" . $constGlobalDbInstNo . "
\n"; if ($constGlobalDbInstNo != "" && is_numeric($constGlobalDbInstNo)) : // Get database instance connection data of metaobject $constExtDbInst = getExternalMetaDbInst(); $db_conn = getDbConnectionSpecial($constExtDbInst, $dbname, $dblogin, $dbpassword); // Define array of customers NOT existing in metaobject $csIdFailedArray = array(); $count = 0; for ($i = 0; $i < $csIdArrayLen; $i++) : // Check existence of usr_id of the customer(s) in metaobject $tmpSqlQuery = "SELECT mo_id, mo_hash FROM meta_object.metaobject WHERE mo_id_ref_db = '" . $constGlobalDbInstNo . "' AND mo_obj_type = '" . $moObjType . "' AND mo_obj_id = '" . $csArray[$csIdArray[$i]][3] . "'"; $result = $db_conn->query($tmpSqlQuery); $errX = ""; if (DB::isError($result)) {$errX = "ERR";}; if ($errX == "ERR") : $debugOut .= "ERR: TYPE=DB_SELECT|CS_ID=" . $csIdArray[$i] . "|CS_EID=" . $csArray[$csIdArray[$i]][0] . "
\n"; else : $rowDoesExist = false; while ($row = $result->fetch_assoc()): $moId = $row["mo_id"]; if ($moId != "") : $rowDoesExist = true; // Extend array regarding to the hash value $csArray[$csIdArray[$i]] = array_merge($csArray[$csIdArray[$i]], array($row["mo_hash"])); endif; endwhile; $result->free(); if (!$rowDoesExist) : $csIdFailedArray[$count] = $csIdArray[$i]; $count++; $debugOut .= "NOT_EXIST: CS_ID=" . $csIdArray[$i] . "|CS_EID=" . $csArray[$csIdArray[$i]][0] . "
\n"; else : $debugOut .= "EXIST: CS_ID=" . $csIdArray[$i] . "|CS_EID=" . $csArray[$csIdArray[$i]][0] . "
\n"; endif; endif; endfor; // Insert customers into metaobject $csIdFailedArrayLen = count($csIdFailedArray); // print_r($csIdFailedArray); $debugOut .= "Anzahl Neukunden, die NICHT in der metaobject verzeichnet sind: " . $csIdFailedArrayLen . "
\n"; if ($csIdFailedArrayLen > 0) : for ($i = 0; $i < $csIdFailedArrayLen; $i++) : $currCsId = $csIdFailedArray[$i]; $currUsrId = $csArray[$currCsId][3]; $debugOut .= "currUsrId=" . $currUsrId . "
\n"; // Generate unique hash value // $currentTime = getDateTime("0"); if ($currUsrId != "" && is_numeric($currUsrId) && $currUsrId > 0) : $tmpHash = makeMD5Hash($csArray[$currCsId][1], $currCsId, $currUsrId); $debugOut .= "tmpHash=" . $tmpHash . "
\n"; if ($tmpHash != "") : $csArray[$currCsId] = array_merge($csArray[$currCsId], array($tmpHash)); if ($operationMode == "GENERATE") : $tmpSqlQuery = "INSERT meta_object.metaobject (mo_id_ref_db,mo_obj_type,mo_obj_id,mo_hash) VALUES ('" . $constGlobalDbInstNo . "','" . $moObjType . "','" . $currUsrId . "','" . $tmpHash . "') "; $result = $db_conn->query($tmpSqlQuery); $errX = ""; if (DB::isError($result)) {$errX = "ERR";}; else : $errX = "NO_GEN_REQ"; endif; if ($errX == "ERR") : $debugOut .= "ERR: TYPE=DB_INSERT|CS_ID=" . $currCsId . "|CS_EID=" . $csArray[$currCsId][0] . "
\n"; elseif ($errX == "NO_GEN_REQ") : $debugOut .= "ERR: NO GENERATION ENABLED
\n"; else : $debugOut .= "Insert ok! " . "CS_ID=" . $currCsId . "|CS_EID=" . $csArray[$currCsId][0] . "
\n"; endif; else : $debugOut .= "ERR: USR_ID=LEER|CS_ID=" . $currCsId . "|CS_EID=" . $csArray[$currCsId][0] . "
\n"; endif; else : $debugOut .= "ERR: HASH=LEER|CS_ID=" . $currCsId . "|CS_EID=" . $csArray[$currCsId][0] . "
\n"; endif; endfor; else : $debugOut .= "ALLE DATENSÄTZE SIND IN metaobject VERZEICHNET!" . "
\n"; endif; // Check for having a usr_account and password AND output of the headers $authHeader = ""; for ($i = 0; $i < $csIdArrayLen; $i++) : $currCsId = $csIdArray[$i]; $currCsEid = $csArray[$currCsId][0]; $currCsHqId = $csArray[$currCsId][1]; $currCsHqMnemonic = $csArray[$currCsId][2]; $currCsUsrId = $csArray[$currCsId][3]; $currCsUsrAccount = $csArray[$currCsId][4]; $currCsUsrHash = $csArray[$currCsId][5]; $currCsUsrPassword = ""; if ($currCsUsrAccount == "" && $currCsUsrId != "") : // Create account and passwort $currCsUsrAccount = $currCsEid; $currCsUsrPassword = $currCsHqMnemonic . rand(10000,99999); $cryptedUsrPassword = cryptDbPassword($currCsUsrPassword); updateStmt("user", "usr_id", $currCsUsrId, array("usr_account", $currCsUsrAccount, "usr_password", $cryptedUsrPassword)); endif; // Insert special script extension for station based auto response $parIdNew = ""; if ($specialScriptExtensionForAutoResponse != "" && !existsEntry("parameter",array("par_key", "AUTO_RESPONSE_INCLUDE_FILENAME_SUFFIX_CS_" . $currCsId))) : if ($operationMode == "GENERATE") : insertStmt("parameter", array("par_key", "AUTO_RESPONSE_INCLUDE_FILENAME_SUFFIX_CS_" . $currCsId, "hq_id", "0", "emp_id", "0", "par_value", $specialScriptExtensionForAutoResponse)); $parIdNew = getLastInsertId(); endif; endif; $debugOut .= "PARAMETER INSERT OK! " . "CS_ID=" . $currCsId . "|CS_EID=" . $csArray[$currCsId][0] . "|PAR_ID=" . $parIdNew . "
\n"; // Output of all order request headers $authHeader .= " \n\n"; $authHeader .= " \n"; $authHeader .= " " . $currCsEid . "\n"; $authHeader .= " " . $currCsUsrAccount . "\n"; $authHeader .= " " . $currCsUsrPassword . "\n"; $authHeader .= " " . $currCsUsrHash . "\n"; $authHeader .= " \n"; $authHeader .= " \n"; $authHeader .= " \n\n"; endfor; else : $err[] = array("104", getLngt("Referenz zur globalen metaobject-Instanz fehlt.")); endif; else : $err[] = array("103", getLngt("Das Objekt konnte nicht aufgefunden werden.")); endif; $xmlMetaobject = $authHeader; elseif ($objType == "cr") : $crEidString = "'" . $objEid . "'"; $sqlquery = "SELECT hq.hq_id, hq.hq_mnemonic, cr.cr_eid, cr.cr_id, usr.usr_id, usr.usr_account" . " FROM courier AS cr, user AS usr, headquarters AS hq" . " WHERE cr.cr_eid IN (" . $crEidString . ") AND" . " cr.hq_id = hq.hq_id AND" . " cr.usr_id = usr.usr_id"; $debugOut .= "
\nSQL:
\n" . $sqlquery . "
\n
\n"; $result = $db->query($sqlquery); if (DB::isError($result)) die ("$PHP_SELF: " . $result->getMessage()); $crArray = array(); $crIdArray = array(); while ($row = $result->fetch_assoc()): $crIdArray[] = $row["cr_id"]; $crArray[$row["cr_id"]] = array($row["cr_eid"], $row["hq_id"], $row["hq_mnemonic"], $row["usr_id"], $row["usr_account"]); endwhile; $result->free(); $crIdArrayLen = count($crIdArray); // print_r($csIdArray); $debugOut .= "Anzahl einzutragener Unternehmer auf Basis der EIDs: " . $crIdArrayLen . "
\n"; if ($crIdArrayLen > 0) : $debugOut .= "constGlobalDbInstNo=" . $constGlobalDbInstNo . "
\n"; if ($constGlobalDbInstNo != "" && is_numeric($constGlobalDbInstNo)) : // Get database instance connection data of metaobject $constExtDbInst = getExternalMetaDbInst(); $db_conn = getDbConnectionSpecial($constExtDbInst, $dbname, $dblogin, $dbpassword); // Define array of customers NOT existing in metaobject $crIdFailedArray = array(); $count = 0; for ($i = 0; $i < $crIdArrayLen; $i++) : // Check existence of usr_id of the contractor(s) in metaobject $tmpSqlQuery = "SELECT mo_id, mo_hash FROM meta_object.metaobject WHERE mo_id_ref_db = '" . $constGlobalDbInstNo . "' AND mo_obj_type = '" . $moObjType . "' AND mo_obj_id = '" . $crArray[$crIdArray[$i]][3] . "'"; $debugOut .= "tmpSqlQuery = " . $tmpSqlQuery . "
\n"; $result = $db_conn->query($tmpSqlQuery); $errX = ""; if (DB::isError($result)) {$errX = "ERR";}; if ($errX == "ERR") : $debugOut .= "ERR: TYPE=DB_SELECT|CR_ID=" . $crIdArray[$i] . "|CR_EID=" . $crArray[$crIdArray[$i]][0] . "
\n"; else : $rowDoesExist = false; while ($row = $result->fetch_assoc()): $moId = $row["mo_id"]; if ($moId != "") : $rowDoesExist = true; // Extend array regarding to the hash value $crArray[$crIdArray[$i]] = array_merge($crArray[$crIdArray[$i]], array($row["mo_hash"])); endif; endwhile; $result->free(); if (!$rowDoesExist) : $crIdFailedArray[$count] = $crIdArray[$i]; $count++; $debugOut .= "NOT_EXIST: CR_ID=" . $crIdArray[$i] . "|CR_EID=" . $crArray[$crIdArray[$i]][0] . "
\n"; else : $debugOut .= "EXIST: CR_ID=" . $crIdArray[$i] . "|CR_EID=" . $crArray[$crIdArray[$i]][0] . "
\n"; endif; endif; endfor; // Insert contractors into metaobject $crIdFailedArrayLen = count($crIdFailedArray); // print_r($crIdFailedArray); $debugOut .= "Anzahl Neuunternehmer, die NICHT in der metaobject verzeichnet sind: " . $crIdFailedArrayLen . "
\n"; if ($crIdFailedArrayLen > 0) : for ($i = 0; $i < $crIdFailedArrayLen; $i++) : $currCrId = $crIdFailedArray[$i]; $currUsrId = $crArray[$currCrId][3]; $debugOut .= "currUsrId=" . $currUsrId . "
\n"; // Generate unique hash value // $currentTime = getDateTime("0"); if ($currUsrId != "" && is_numeric($currUsrId) && $currUsrId > 0) : $tmpHash = makeMD5Hash($crArray[$currCrId][1], $currCrId, $currUsrId); $debugOut .= "tmpHash=" . $tmpHash . "
\n"; if ($tmpHash != "") : $crArray[$currCrId] = array_merge($crArray[$currCrId], array($tmpHash)); if ($operationMode == "GENERATE") : $tmpSqlQuery = "INSERT meta_object.metaobject (mo_id_ref_db,mo_obj_type,mo_obj_id,mo_hash) VALUES ('" . $constGlobalDbInstNo . "','" . $moObjType . "','" . $currUsrId . "','" . $tmpHash . "') "; $result = $db_conn->query($tmpSqlQuery); $errX = ""; if (DB::isError($result)) {$errX = "ERR";}; else : $errX = "NO_GEN_REQ"; endif; if ($errX == "ERR") : $debugOut .= "ERR: TYPE=DB_INSERT|CR_ID=" . $currCrId . "|CR_EID=" . $crArray[$currCrId][0] . "
\n"; elseif ($errX == "NO_GEN_REQ") : $debugOut .= "ERR: NO GENERATION ENABLED
\n"; else : $debugOut .= "Insert ok! " . "CR_ID=" . $currCrId . "|CR_EID=" . $crArray[$currCrId][0] . "
\n"; endif; else : $debugOut .= "ERR: USR_ID=LEER|CR_ID=" . $currCrId . "|CR_EID=" . $crArray[$currCrId][0] . "
\n"; endif; else : $debugOut .= "ERR: HASH=LEER|CR_ID=" . $currCrId . "|CR_EID=" . $crArray[$currCrId][0] . "
\n"; endif; endfor; else : $debugOut .= "ALLE DATENSÄTZE SIND IN metaobject VERZEICHNET!" . "
\n"; endif; // Check for having a usr_account and password AND output of the headers $authHeader = ""; for ($i = 0; $i < $crIdArrayLen; $i++) : $currCrId = $crIdArray[$i]; $currCrEid = $crArray[$currCrId][0]; $currCrHqId = $crArray[$currCrId][1]; $currCrHqMnemonic = $crArray[$currCrId][2]; $currCrUsrId = $crArray[$currCrId][3]; $currCrUsrAccount = $crArray[$currCrId][4]; $currCrUsrHash = $crArray[$currCrId][5]; $currCrUsrPassword = ""; $debugOut .= "currCrUsrId = " . $currCrUsrId . "
\n"; $debugOut .= "currCrUsrAccount = " . $currCrUsrAccount . "
\n"; if ($currCrUsrId != "") : // Create account and passwort if ($currCrUsrAccount == "") : $currCrUsrAccount = $currCrEid; endif; $currCrUsrPassword = $currCrHqMnemonic . rand(10000,99999); $cryptedUsrPassword = cryptDbPassword($currCrUsrPassword); $debugOut .= "currCrUsrPassword = " . $currCrUsrPassword . "
\n"; $debugOut .= "cryptedUsrPassword = " . $cryptedUsrPassword . "
\n"; updateStmt("user", "usr_id", $currCrUsrId, array("usr_account", $currCrUsrAccount, "usr_password", $cryptedUsrPassword)); endif; // Insert special script extension for station based auto response $parIdNew = ""; if ($specialScriptExtensionForAutoResponse != "" && !existsEntry("parameter",array("par_key", "AUTO_RESPONSE_INCLUDE_FILENAME_SUFFIX_CR_" . $currCrId))) : if ($operationMode == "GENERATE") : insertStmt("parameter", array("par_key", "AUTO_RESPONSE_INCLUDE_FILENAME_SUFFIX_CR_" . $currCrId, "hq_id", "0", "emp_id", "0", "par_value", $specialScriptExtensionForAutoResponse)); $parIdNew = getLastInsertId(); endif; endif; $debugOut .= "PARAMETER INSERT OK! " . "CR_ID=" . $currCrId . "|CR_EID=" . $crArray[$currCrId][0] . "|PAR_ID=" . $parIdNew . "
\n"; // Output of all order request headers $authHeader .= " \n\n"; $authHeader .= " \n"; $authHeader .= " " . $currCrEid . "\n"; $authHeader .= " " . $currCrUsrAccount . "\n"; $authHeader .= " " . $currCrUsrPassword . "\n"; $authHeader .= " " . $currCrUsrHash . "\n"; $authHeader .= " \n"; $authHeader .= " \n\n"; endfor; else : $err[] = array("104", getLngt("Referenz zur globalen metaobject-Instanz fehlt.")); endif; else : $err[] = array("103", getLngt("Das Objekt konnte nicht aufgefunden werden.")); endif; $xmlMetaobject = $authHeader; endif; else : $err[] = array("102", getLngt("Ein Objekt wurde nicht spezifiziert.")); endif; else : // Authentication data not ok $err[] = array("101", getLngt("Die Authentifizierungsdaten sind nicht in Ordnung.")); endif; // print_r($err); // Check existence of at least one error $errLen = count($err); // Output $metaobjectResponse .= ""; if ($errLen > 0) : metaobjectRequestLogFile("ERRORS", 1); $metaobjectResponse .= "NOT OK"; $metaobjectResponse .= ""; for ($i = 0; $i < $errLen; $i++) : $metaobjectResponse .= ""; $metaobjectResponse .= "" . $err[$i][0] . ""; $metaobjectResponse .= ""; $metaobjectResponse .= ""; if ($debug) : $metaobjectResponse .= "" . $debugOut . ""; endif; metaobjectRequestLogFile($err[$i][0] . " : " . mcEncode($err[$i][1]), 1); endfor; $metaobjectResponse .= ""; else : $metaobjectResponse .= "OK" . $xmlMetaobject . ""; if ($debug) : $metaobjectResponse .= "" . $debugOut . ""; endif; endif; $metaobjectResponse .= ""; // Log entries metaobjectRequestLogFile($metaobjectResponse); // Write response into log metaobjectRequestLogFile("___________________________________________________________________________________"); // Return output echo $metaobjectResponse; /* // REQUEST // Global metaobjects (equipment). // Request authentication [mdtr] // Session-ID [mandatory] [mdtr] // Dynamic one-way-encryption passphrase ... // Activates debug output ("ON" or "YES") GENERATE // Operation (GETs auth header if object does exist or GENERATEs auth header, default is "GET" if emty tag) .... // Type of the object ("cs" = empty = default = customer, "cr" = contractor, etc.) .... // ID of the object (Either ID or EID has to exist) .... // EID of the object (Either ID or EID has to exist) // RESPONSE (GENERATE and GET) OK .... // EID of the customer .... // Account .... // Password .... // Session ID .... // Costcenter name */ ?>