|
109
|
1 |
<?php |
|
|
2 |
$basechars = '23456789abcdefghjkmnpqrstuvwxyz'; |
|
|
3 |
$base = strlen($basechars); |
|
|
4 |
|
|
|
5 |
function my_encode($int) { |
|
|
6 |
global $base, $basechars; |
|
|
7 |
$nb = $int; |
|
|
8 |
$res = ''; |
|
|
9 |
while($nb > 0 or strlen($res) == 0) { |
|
|
10 |
$mod = $nb % $base; |
|
|
11 |
$res = $basechars[$mod].$res; |
|
|
12 |
$nb = ($nb - $mod) / $base; |
|
|
13 |
} |
|
|
14 |
return $res; |
|
|
15 |
} |
|
|
16 |
|
|
|
17 |
function my_decode($str) { |
|
|
18 |
global $base, $basechars; |
|
|
19 |
$s = strtolower($str); |
|
|
20 |
$m = 1; |
|
|
21 |
$res = 0; |
|
|
22 |
for ($i = strlen($s)-1; $i >= 0; $i--) { |
|
|
23 |
$res += $m * strpos($basechars, $s[$i]); |
|
|
24 |
$m *= $base; |
|
|
25 |
} |
|
|
26 |
return $res; |
|
|
27 |
}; |
|
|
28 |
|
|
|
29 |
require('connect.inc.php'); |
|
|
30 |
|
|
|
31 |
session_start(); |
|
|
32 |
|
|
|
33 |
$data = isset($_REQUEST['data']) ? $_REQUEST['data'] : false; |
|
|
34 |
$insdata = pg_escape_string($data ? $data : '{}'); |
|
|
35 |
|
|
|
36 |
if (isset($_REQUEST['sessionid'])) { |
|
|
37 |
$_SESSION['sessionid'] = $_REQUEST['sessionid']; |
|
|
38 |
} |
|
|
39 |
|
|
|
40 |
if (isset($_REQUEST['sessionkey'])) { |
|
|
41 |
$_SESSION['sessionkey'] = $_REQUEST['sessionkey']; |
|
|
42 |
} |
|
|
43 |
|
|
|
44 |
if (isset($_SESSION['sessionid'])) { |
|
|
45 |
$sidnum = my_decode($_SESSION['sessionid']); |
|
|
46 |
$rq = pg_query("SELECT editkey FROM hdaviz_sessions WHERE id = $sidnum"); |
|
|
47 |
if ($ligne = pg_fetch_row($rq)) { |
|
|
48 |
if (isset($_SESSION['sessionkey'])) { |
|
|
49 |
$keynum = my_decode($_SESSION['sessionkey']); |
|
|
50 |
if ($keynum == $ligne[0]) { |
|
|
51 |
$write = true; |
|
|
52 |
} else { |
|
|
53 |
$write = false; |
|
|
54 |
unset($_SESSION['sessionkey']); |
|
|
55 |
} |
|
|
56 |
} else { |
|
|
57 |
$keynum = false; |
|
|
58 |
$write = false; |
|
|
59 |
} |
|
|
60 |
} else { |
|
|
61 |
unset($_SESSION['sessionid']); |
|
|
62 |
} |
|
|
63 |
} |
|
|
64 |
|
|
|
65 |
if (!isset($_SESSION['sessionid'])) { |
|
|
66 |
do { |
|
|
67 |
$sidnum = mt_rand(1000, 100000000); |
|
|
68 |
$rq = pg_query("SELECT COUNT(*) FROM hdaviz_sessions WHERE id=$sidnum"); |
|
|
69 |
$l = pg_fetch_row($rq); |
|
|
70 |
$nb = $l[0]; |
|
|
71 |
pg_free_result($rq); |
|
|
72 |
} while ($nb > 0); |
|
|
73 |
$keynum = mt_rand(104, 100000001); |
|
|
74 |
$rq = pg_query("INSERT INTO hdaviz_sessions (id, editkey, data) VALUES ($sidnum, $keynum, '{}')"); |
|
|
75 |
$write = true; |
|
|
76 |
$_SESSION['sessionid'] = my_encode($sidnum); |
|
|
77 |
$_SESSION['sessionkey'] = my_encode($keynum); |
|
|
78 |
} |
|
|
79 |
|
|
|
80 |
if ($write and $data) { |
|
|
81 |
pg_query("UPDATE hdaviz_sessions SET data='$insdata' WHERE id=$sidnum AND editkey=$keynum"); |
|
|
82 |
} else { |
|
|
83 |
$rq = pg_query("SELECT data FROM hdaviz_sessions WHERE id=$sidnum"); |
|
|
84 |
$l = pg_fetch_row($rq); |
|
|
85 |
$data = $l[0]; |
|
|
86 |
pg_free_result($rq); |
|
|
87 |
} |
|
|
88 |
|
|
|
89 |
$resobj = array("data" => $data, "write_allowed" => $write, "sessionid" => $_SESSION['sessionid']); |
|
|
90 |
if ($write) { |
|
|
91 |
$resobj["sessionkey"] = $_SESSION['sessionkey']; |
|
|
92 |
} |
|
|
93 |
|
|
|
94 |
|
|
|
95 |
echo json_encode($resobj); |
|
|
96 |
?> |