|
1 <?php |
|
2 $basechars = '23456789abcdefghjkmnpqrstuvwxyz'; |
|
3 $base = strlen($basechars); |
|
4 |
|
5 function my_encode($int) { |
|
6 global $base, $basechars; |
|
7 $nb = $int; |
|
8 $res = ''; |
|
9 while($nb > 0 or strlen($res) == 0) { |
|
10 $mod = $nb % $base; |
|
11 $res = $basechars[$mod].$res; |
|
12 $nb = ($nb - $mod) / $base; |
|
13 } |
|
14 return $res; |
|
15 } |
|
16 |
|
17 function my_decode($str) { |
|
18 global $base, $basechars; |
|
19 $s = strtolower($str); |
|
20 $m = 1; |
|
21 $res = 0; |
|
22 for ($i = strlen($s)-1; $i >= 0; $i--) { |
|
23 $res += $m * strpos($basechars, $s[$i]); |
|
24 $m *= $base; |
|
25 } |
|
26 return $res; |
|
27 }; |
|
28 |
|
29 require('connect.inc.php'); |
|
30 |
|
31 session_start(); |
|
32 |
|
33 $data = isset($_REQUEST['data']) ? $_REQUEST['data'] : false; |
|
34 $insdata = pg_escape_string($data ? $data : '{}'); |
|
35 |
|
36 if (isset($_REQUEST['sessionid'])) { |
|
37 $_SESSION['sessionid'] = $_REQUEST['sessionid']; |
|
38 } |
|
39 |
|
40 if (isset($_REQUEST['sessionkey'])) { |
|
41 $_SESSION['sessionkey'] = $_REQUEST['sessionkey']; |
|
42 } |
|
43 |
|
44 if (isset($_SESSION['sessionid'])) { |
|
45 $sidnum = my_decode($_SESSION['sessionid']); |
|
46 $rq = pg_query("SELECT editkey FROM hdaviz_sessions WHERE id = $sidnum"); |
|
47 if ($ligne = pg_fetch_row($rq)) { |
|
48 if (isset($_SESSION['sessionkey'])) { |
|
49 $keynum = my_decode($_SESSION['sessionkey']); |
|
50 if ($keynum == $ligne[0]) { |
|
51 $write = true; |
|
52 } else { |
|
53 $write = false; |
|
54 unset($_SESSION['sessionkey']); |
|
55 } |
|
56 } else { |
|
57 $keynum = false; |
|
58 $write = false; |
|
59 } |
|
60 } else { |
|
61 unset($_SESSION['sessionid']); |
|
62 } |
|
63 } |
|
64 |
|
65 if (!isset($_SESSION['sessionid'])) { |
|
66 do { |
|
67 $sidnum = mt_rand(1000, 100000000); |
|
68 $rq = pg_query("SELECT COUNT(*) FROM hdaviz_sessions WHERE id=$sidnum"); |
|
69 $l = pg_fetch_row($rq); |
|
70 $nb = $l[0]; |
|
71 pg_free_result($rq); |
|
72 } while ($nb > 0); |
|
73 $keynum = mt_rand(104, 100000001); |
|
74 $rq = pg_query("INSERT INTO hdaviz_sessions (id, editkey, data) VALUES ($sidnum, $keynum, '{}')"); |
|
75 $write = true; |
|
76 $_SESSION['sessionid'] = my_encode($sidnum); |
|
77 $_SESSION['sessionkey'] = my_encode($keynum); |
|
78 } |
|
79 |
|
80 if ($write and $data) { |
|
81 pg_query("UPDATE hdaviz_sessions SET data='$insdata' WHERE id=$sidnum AND editkey=$keynum"); |
|
82 } else { |
|
83 $rq = pg_query("SELECT data FROM hdaviz_sessions WHERE id=$sidnum"); |
|
84 $l = pg_fetch_row($rq); |
|
85 $data = $l[0]; |
|
86 pg_free_result($rq); |
|
87 } |
|
88 |
|
89 $resobj = array("data" => $data, "write_allowed" => $write, "sessionid" => $_SESSION['sessionid']); |
|
90 if ($write) { |
|
91 $resobj["sessionkey"] = $_SESSION['sessionkey']; |
|
92 } |
|
93 |
|
94 |
|
95 echo json_encode($resobj); |
|
96 ?> |