WebSVN – oidplus – Blame – /trunk/plugins/viathinksoft/publicPages/100_whois/whois/webwhois.php

Rev	Author	Line No.	Line
635	daniel-mar	1	<?php
		2
		3	/*
		4	* OIDplus 2.0
758	daniel-mar	5	* Copyright 2019 - 2022 Daniel Marschall, ViaThinkSoft
635	daniel-mar	6	*
		7	* Licensed under the Apache License, Version 2.0 (the "License");
		8	* you may not use this file except in compliance with the License.
		9	* You may obtain a copy of the License at
		10	*
		11	* http://www.apache.org/licenses/LICENSE-2.0
		12	*
		13	* Unless required by applicable law or agreed to in writing, software
		14	* distributed under the License is distributed on an "AS IS" BASIS,
		15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		16	* See the License for the specific language governing permissions and
		17	* limitations under the License.
		18	*/
		19
		20	require_once __DIR__ . '/../../../../../includes/oidplus.inc.php';
		21
762	daniel-mar	22	//define('XML_URN', 'urn:oid:1.3.6.1.4.1.37476.2.5.2.5.1.1');
		23	define('XML_URN', 'urn:ietf:id:viathinksoft-oidip-02');
		24
		25	// define('XML_URN_URL', 'https://oidplus.viathinksoft.com/oidplus/plugins/publicPages/100_whois/whois/xml_schema.xsd');
		26	define('XML_URN_URL', OIDplus::webpath(__DIR__,true).'xml_schema.xsd');
		27
635	daniel-mar	28	OIDplus::init(true);
		29	set_exception_handler(array('OIDplusGui', 'html_exception_handler'));
		30
		31	if (OIDplus::baseConfig()->getValue('DISABLE_PLUGIN_OIDplusPagePublicWhois', false)) {
		32	throw new OIDplusException(_L('This plugin was disabled by the system administrator!'));
		33	}
		34
		35	originHeaders();
		36
		37	// Step 0: Get request parameter
		38
		39	if (PHP_SAPI == 'cli') {
		40	if ($_SERVER['argc'] != 2) {
		41	echo _L('Syntax').': '.$_SERVER['argv'][0].' <query>'."\n";
		42	exit(2);
		43	}
		44	$query = $_SERVER['argv'][1];
		45	} else {
		46	if (!isset($_REQUEST['query'])) {
		47	http_response_code(400);
		48	die('<h1>'._L('Error').'</h1><p>'._L('Argument "%1" is missing','query').'<p>');
		49	}
		50	$query = $_REQUEST['query'];
		51	}
		52
		53	// Split input into query, authTokens and serverCommands
		54	$tokens = explode('$', $query);
		55	$query = array_shift($tokens);
		56	$authTokens[] = array();
		57	$serverCommands = array();
		58	foreach ($tokens as $token) {
		59	if (strpos($token,'=') !== false) {
		60	$tmp = explode('=',$token,2);
		61	$serverCommands[strtolower($tmp[0])] = $tmp[1];
		62	} else {
		63	$authTokens[] = $token;
		64	}
		65	}
		66
		67	$query = str_replace('oid:.', 'oid:', $query); // allow leading dot
		68
		69	// Step 1: Collect data
		70
		71	$out = array();
		72
		73	$out[] = "query: $query";
		74
		75	$distance = null;
		76	$found = null;
		77
		78	try {
		79	$obj = OIDplusObject::findFitting($query);
		80	if (!$obj) $obj = OIDplusObject::parse($query); // in case we didn't find anything fitting, we take it as it is and later use getParent() to find something else
		81	$query = $obj->nodeId();
		82	} catch (Exception $e) {
		83	$obj = null;
		84	}
		85
		86	$only_wellknown_ids_found = false;
		87	$continue = false;
		88
		89	if (!$obj) {
		90	$out[] = "result: Not found"; // DO NOT TRANSLATE!
		91	$continue = false;
		92	$res = null;
		93	} else {
		94	$obj = null;
		95	$distance = 0;
		96
		97	$init_query = $query;
		98	while (true) {
		99	$res = OIDplus::db()->query("select * from ###objects where id = ?", array($query));
		100	if ($res->num_rows() > 0) {
		101	$obj = OIDplusObject::parse($query);
		102	if ($distance > 0) {
		103	$out[] = "result: Not found; superior object found"; // DO NOT TRANSLATE!
		104	$out[] = "distance: $distance"; // DO NOT TRANSLATE
		105	} else {
		106	$out[] = "result: Found"; // DO NOT TRANSLATE!
		107	}
		108	$continue = true;
		109	break;
		110	}
		111
		112	if (substr($query,0,4) === 'oid:') {
		113	$query_prev = $query;
		114	$query = 'oid:'.oid_up(explode(':',$query,2)[1]);
		115	if ($query == $query_prev) break;
		116	$distance++;
		117	} else {
713	daniel-mar	118	// getParent() will find the parent which DOES exist in the DB.
		119	// It does not need to be the direct parent (like ->one_up() does)
635	daniel-mar	120	$obj = OIDplusObject::parse($query)->getParent(); // For objects, we assume that they are parents of each other
		121	if ($obj) {
		122	$res = OIDplus::db()->query("select * from ###objects where id = ?", array($obj->nodeId()));
		123	$distance = $obj->distance($query);
		124	assert($res->num_rows() > 0);
		125
		126	$query = $obj->nodeId();
		127	}
713	daniel-mar	128
		129	if ($distance > 0) {
		130	$out[] = "result: Not found; superior object found"; // DO NOT TRANSLATE!
		131	$out[] = "distance: $distance"; // DO NOT TRANSLATE
		132	}
		133	$continue = true;
		134
635	daniel-mar	135	break;
		136	}
		137	}
		138
		139	if ((substr($query,0,4) === 'oid:') && (!$obj)) {
		140	$query = $init_query;
		141	$distance = 0;
		142	while (true) {
		143	$res = OIDplus::db()->query("select * from ###asn1id where oid = ? union select * from ###iri where oid = ?", array($query, $query));
		144	if ($res->num_rows() > 0) {
		145	$obj = OIDplusObject::parse($query);
		146	$res = null;
		147	if ($distance > 0) {
		148	$out[] = "result: Not found; superior object found"; // DO NOT TRANSLATE!
		149	$out[] = "distance: $distance"; // DO NOT TRANSLATE
		150	} else {
		151	$out[] = "result: Found"; // DO NOT TRANSLATE!
		152	}
		153	$only_wellknown_ids_found = true; // Information partially available
		154	$continue = true;
		155	break;
		156	}
		157	$query_prev = $query;
		158	$query = 'oid:'.oid_up(explode(':',$query,2)[1]);
		159	if ($query == $query_prev) break;
		160	$distance++;
		161	}
		162	}
		163
		164	if (!$obj) {
		165	$out[] = "result: Not found"; // DO NOT TRANSLATE!
		166	$continue = false;
		167	}
		168
		169	$found = $distance == 0;
		170	}
		171
		172	if ($continue) {
		173	$out[] = "";
		174	$out[] = "object: $query"; // DO NOT TRANSLATE!
		175	if (!allowObjectView($obj, $authTokens)) {
		176	$out[] = "status: Information unavailable"; // DO NOT TRANSLATE!
		177	$out[] = "attribute: confidential"; // DO NOT TRANSLATE!
		178	} else {
		179	if ($only_wellknown_ids_found) {
		180	$out[] = "status: Information partially available"; // DO NOT TRANSLATE!
		181	} else {
		182	$out[] = "status: Information available"; // DO NOT TRANSLATE!
		183	}
		184
		185	$row = $res ? $res->fetch_object() : null;
		186
758	daniel-mar	187	if (!is_null($row)) {
		188	$out[] = 'name: ' . $row->title; // DO NOT TRANSLATE!
635	daniel-mar	189
		190	$cont = $row->description;
		191	$cont = preg_replace('@<a[^>]+href\s=\s["\']([^\'"]+)["\'][^>]>(.+)<\s/\sa\s>@ismU', '\2 (\1)', $cont);
		192	$cont = preg_replace('@<br.*>@', "\n", $cont);
		193	$cont = preg_replace('@\\n+@', "\n", $cont);
		194	$out[] = 'description: ' . trim(html_entity_decode(strip_tags($cont))); // DO NOT TRANSLATE!
		195	}
		196
		197	if (substr($query,0,4) === 'oid:') {
		198	$out[] = 'asn1-notation: ' . $obj->getAsn1Notation(false); // DO NOT TRANSLATE!
		199	$out[] = 'iri-notation: ' . $obj->getIriNotation(false); // DO NOT TRANSLATE!
		200
		201	$res2 = OIDplus::db()->query("select * from ###asn1id where oid = ?", array($obj->nodeId()));
		202	while ($row2 = $res2->fetch_object()) {
		203	$out[] = 'identifier: ' . $row2->name; // DO NOT TRANSLATE!
		204	}
		205
		206	$res2 = OIDplus::db()->query("select * from ###asn1id where standardized = ? and oid = ?", array(true, $obj->nodeId()));
		207	while ($row2 = $res2->fetch_object()) {
		208	$out[] = 'standardized-id: ' . $row2->name; // DO NOT TRANSLATE!
		209	}
		210
		211	$res2 = OIDplus::db()->query("select * from ###iri where oid = ?", array($obj->nodeId()));
		212	while ($row2 = $res2->fetch_object()) {
		213	$out[] = 'unicode-label: ' . $row2->name; // DO NOT TRANSLATE!
		214	}
		215
		216	$res2 = OIDplus::db()->query("select * from ###iri where longarc = ? and oid = ?", array(true, $obj->nodeId()));
		217	while ($row2 = $res2->fetch_object()) {
		218	$out[] = 'long-arc: ' . $row2->name; // DO NOT TRANSLATE!
		219	}
		220	}
		221
		222	if ($obj->isConfidential()) { // yes, we use isConfidential() instead of allowObjectView()!
678	daniel-mar	223	$out[] = 'attribute: confidential'; // DO NOT TRANSLATE!
635	daniel-mar	224	}
		225
730	daniel-mar	226	if ($obj->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.4')) {
		227	// Also ask $obj for extra attributes:
		228	// This way we could add various additional information, e.g. IPv4/6 range analysis, interpretation of GUID, etc. (TODO)
		229	$obj->whoisObjectAttributes($obj->nodeId(), $out);
		230	}
		231
635	daniel-mar	232	foreach (OIDplus::getPagePlugins() as $plugin) {
		233	if ($plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.4')) {
		234	$plugin->whoisObjectAttributes($obj->nodeId(), $out);
		235	}
		236	}
		237
		238	if (substr($query,0,4) === 'oid:') {
		239	$sParent = 'oid:'.oid_up(explode(':',$query,2)[1]);
		240
		241	$objTest = OIDplusObject::parse($sParent);
		242	if (allowObjectView($objTest, $authTokens)) {
		243	$out[] = 'parent: ' . $sParent . show_asn1_appendix($sParent); // DO NOT TRANSLATE!
		244	} else {
		245	$out[] = 'parent: ' . $sParent; // DO NOT TRANSLATE!
		246	}
		247	} else if (!is_null($row) && !empty($row->parent) && (!is_root($row->parent))) {
		248	$sParent = $row->parent;
		249	$out[] = 'parent: ' . $row->parent; // DO NOT TRANSLATE!
		250	}
		251
		252	$res2 = OIDplus::db()->query("select * from ###objects where parent = ? order by ".OIDplus::db()->natOrder('id'), array($obj->nodeId()));
		253	while ($row2 = $res2->fetch_object()) {
		254	$objTest = OIDplusObject::parse($row2->id);
		255	if (allowObjectView($objTest, $authTokens)) {
		256	$out[] = 'subordinate: ' . $row2->id . show_asn1_appendix($row2->id); // DO NOT TRANSLATE!
		257	} else {
		258	$out[] = 'subordinate: ' . $row2->id; // DO NOT TRANSLATE!
		259	}
		260	}
		261
		262	if (!is_null($row)) {
		263	if ($row->created) $out[] = 'created: ' . date('Y-m-d H:i:s', strtotime($row->created)); // DO NOT TRANSLATE!
		264	if ($row->updated) $out[] = 'updated: ' . date('Y-m-d H:i:s', strtotime($row->updated)); // DO NOT TRANSLATE!
		265	}
		266
		267	$out[] = '';
		268
		269	$res2 = OIDplus::db()->query("select * from ###ra where email = ?", array(is_null($row) ? '' : $row->ra_email));
		270	if ($row2 = $res2->fetch_object()) {
		271	$out[] = 'ra: '.(!empty($row2->ra_name) ? $row2->ra_name : (!empty($row2->email) ? $row2->email : _L('Unknown'))); // DO NOT TRANSLATE!
		272	$out[] = 'ra-status: Information available'; // DO NOT TRANSLATE!
		273
		274	$tmp = array();
		275	if (!empty($row2->office)) $tmp[] = $row2->office;
		276	if (!empty($row2->organization)) $tmp[] = $row2->organization;
		277	$tmp = implode(', ', $tmp);
		278
		279	$out[] = 'ra-contact-name: ' . $row2->personal_name.(!empty($tmp) ? " ($tmp)" : ''); // DO NOT TRANSLATE!
		280	if (!allowRAView($row2, $authTokens)) {
		281	if (!empty($row2->street) \|\| !empty($row2->zip_town) \|\| !empty($row2->country)) {
		282	$out[] = 'ra-address: '._L('(redacted)'); // DO NOT TRANSLATE!
		283	}
		284	$out[] = 'ra-phone: ' . (!empty($row2->phone) ? _L('(redacted)') : ''); // DO NOT TRANSLATE!
		285	$out[] = 'ra-mobile: ' . (!empty($row2->mobile) ? _L('(redacted)') : ''); // DO NOT TRANSLATE!
		286	$out[] = 'ra-fax: ' . (!empty($row2->fax) ? _L('(redacted)') : ''); // DO NOT TRANSLATE!
		287	} else {
		288	if (!empty($row2->street)) $out[] = 'ra-address: ' . $row2->street; // DO NOT TRANSLATE!
		289	if (!empty($row2->zip_town)) $out[] = 'ra-address: ' . $row2->zip_town; // DO NOT TRANSLATE!
		290	if (!empty($row2->country)) $out[] = 'ra-address: ' . $row2->country; // DO NOT TRANSLATE!
		291	$out[] = 'ra-phone: ' . $row2->phone; // DO NOT TRANSLATE!
		292	$out[] = 'ra-mobile: ' . $row2->mobile; // DO NOT TRANSLATE!
		293	$out[] = 'ra-fax: ' . $row2->fax; // DO NOT TRANSLATE!
		294	}
		295	$out[] = 'ra-email: ' . $row->ra_email; // DO NOT TRANSLATE!
730	daniel-mar	296
		297	$ra = new OIDplusRA($row->ra_email);
		298	if ($ra->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.4')) {
731	daniel-mar	299	$ra->whoisRaAttributes($row->ra_email, $out); /** @phpstan-ignore-line */
730	daniel-mar	300	}
		301
635	daniel-mar	302	foreach (OIDplus::getPagePlugins() as $plugin) {
		303	if ($plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.4')) {
		304	$plugin->whoisRaAttributes($row->ra_email, $out);
		305	}
		306	}
		307
		308	if ($row2->privacy) { // yes, we use row2->privacy() instead of allowRAView()!
678	daniel-mar	309	$out[] = 'ra-attribute: confidential'; // DO NOT TRANSLATE!
635	daniel-mar	310	}
		311
		312	if ($row2->registered) $out[] = 'ra-created: ' . date('Y-m-d H:i:s', strtotime($row2->registered)); // DO NOT TRANSLATE!
		313	if ($row2->updated) $out[] = 'ra-updated: ' . date('Y-m-d H:i:s', strtotime($row2->updated)); // DO NOT TRANSLATE!
		314	} else {
		315	$out[] = 'ra: '.(!is_null($row) && !empty($row->ra_email) ? $row->ra_email : _L('Unknown')); // DO NOT TRANSLATE!
		316	if (!is_null($row)) {
		317	foreach (OIDplus::getPagePlugins() as $plugin) {
		318	if ($plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.4')) {
		319	$plugin->whoisRaAttributes($row->ra_email, $out);
		320	}
		321	}
		322	}
		323	$out[] = "ra-status: Information unavailable"; // DO NOT TRANSLATE!
		324	}
		325	}
		326	}
		327
		328	// Step 2: Format output
		329
		330	if (isset($_REQUEST['format'])) {
		331	$format = $_REQUEST['format'];
		332	} else if (isset($serverCommands['format'])) {
		333	$format = $serverCommands['format'];
		334	} else {
656	daniel-mar	335	$format = 'text'; // default
635	daniel-mar	336	}
		337
758	daniel-mar	338	if (($format != 'txt') && ($format != 'text') && ($format != 'json') && ($format != 'xml') && ($format != 'html')) {
656	daniel-mar	339	$format = 'text'; // default
635	daniel-mar	340	}
		341
656	daniel-mar	342	if (($format == 'text') \|\| ($format == 'txt')) {
635	daniel-mar	343	header('Content-Type:text/plain; charset=UTF-8');
		344
		345	$longest_key = 0;
		346	foreach ($out as $line) {
		347	$longest_key = max($longest_key, strlen(trim(explode(':',$line,2)[0])));
		348	}
		349
		350	ob_start();
		351
		352	//echo '% ' . str_repeat('*', OIDplus::config()->getValue('webwhois_output_format_max_line_length', 80)-2)."\r\n";
		353
		354	foreach ($out as $line) {
		355	if (trim($line) == '') {
		356	echo "\r\n";
		357	continue;
		358	}
		359
		360	$ary = explode(':', $line, 2);
		361
		362	$key = trim($ary[0]);
		363
		364	$value = isset($ary[1]) ? trim($ary[1]) : '';
674	daniel-mar	365
		366	// Normalize line-breaks to \r\n, otherwise mb_wordwrap won't work correctly
		367	$value = str_replace("\r\n", "\n", $value);
		368	$value = str_replace("\r", "\n", $value);
		369	$value = str_replace("\n", "\r\n", $value);
		370
635	daniel-mar	371	$value = mb_wordwrap($value, OIDplus::config()->getValue('webwhois_output_format_max_line_length', 80) - $longest_key - strlen(':') - OIDplus::config()->getValue('webwhois_output_format_spacer', 2), "\r\n");
		372	$value = str_replace("\r\n", "\r\n$key:".str_repeat(' ', $longest_key-strlen($key)) . str_repeat(' ', OIDplus::config()->getValue('webwhois_output_format_spacer', 2)), $value);
		373
		374	if (!empty($value)) {
		375	echo $key.':' . str_repeat(' ', $longest_key-strlen($key)) . str_repeat(' ', OIDplus::config()->getValue('webwhois_output_format_spacer', 2)) . $value . "\r\n";
		376	}
		377	}
		378
		379	//echo '% ' . str_repeat('*', OIDplus::config()->getValue('webwhois_output_format_max_line_length', 80)-2)."\r\n";
		380
		381	$cont = ob_get_contents();
		382	ob_end_clean();
		383
		384	echo $cont;
		385
		386	if (OIDplus::getPkiStatus()) {
		387	$signature = '';
		388	if (@openssl_sign($cont, $signature, OIDplus::config()->getValue('oidplus_private_key'))) {
		389	$signature = base64_encode($signature);
		390	$signature = mb_wordwrap($signature, OIDplus::config()->getValue('webwhois_output_format_max_line_length', 80) - strlen('% '), "\r\n", true);
		391	$signature = "% -----BEGIN RSA SIGNATURE-----\r\n".
		392	preg_replace('/^/m', '% ', $signature)."\r\n".
		393	"% -----END RSA SIGNATURE-----\r\n";
		394	echo $signature;
		395	}
		396	}
		397	}
		398
		399	if ($format == 'json') {
		400	$ary = array();
		401
		402	$current_section = array();
		403	$ary[] = &$current_section;
		404
		405	foreach ($out as $line) {
		406	if ($line == '') {
		407	unset($current_section);
		408	$current_section = array();
		409	$ary[] = &$current_section;
		410	} else {
		411	list($key,$val) = explode(':', $line, 2);
		412	$val = trim($val);
		413	if (!empty($val)) {
		414	if (!isset($current_section[$key])) {
		415	$current_section[$key] = $val;
		416	} elseif (is_array($current_section[$key])) {
		417	$current_section[$key][] = $val;
		418	} else {
		419	$current_section[$key] = array($current_section[$key], $val);
		420	}
		421	}
		422	}
		423	}
		424	$ary = array(
		425	// https://code.visualstudio.com/docs/languages/json#_mapping-in-the-json
		426	// Note that this syntax is VS Code-specific and not part of the JSON Schema specification.
		427	//'$schema' => 'https://oidplus.viathinksoft.com/oidplus/plugins/publicPages/100_whois/whois/json_schema.json',
644	daniel-mar	428	'$schema' => OIDplus::webpath(__DIR__,true).'json_schema.json',
635	daniel-mar	429
		430	// we need this NAMED root, otherwise PHP will name the sections "0", "1", "2" if the array is not sequencial (e.g. because "signature" is added)
758	daniel-mar	431	'oidip' => $ary
635	daniel-mar	432	);
		433
		434	if (OIDplus::getPkiStatus()) {
		435	$cont = json_encode($ary);
		436	$signature = '';
		437	if (@openssl_sign($cont, $signature, OIDplus::config()->getValue('oidplus_private_key'))) {
		438	$signature = base64_encode($signature);
		439	$ary['signature'] = array('content' => $cont, 'signature' => $signature);
		440	}
		441	}
		442
		443	// Good JSON schema validator here: https://www.jsonschemavalidator.net
		444	header('Content-Type:application/json; charset=UTF-8');
		445	echo json_encode($ary);
		446	}
		447
		448	if ($format == 'xml') {
758	daniel-mar	449	$xml = '<oidip><section>';
635	daniel-mar	450	foreach ($out as $line) {
		451	if ($line == '') {
		452	$xml .= '</section><section>';
		453	} else {
		454	list($key,$val) = explode(':', $line, 2);
		455	$val = trim($val);
		456	if (!empty($val)) {
		457	$xml .= "<$key>".htmlspecialchars($val)."</$key>";
		458	}
		459	}
		460	}
758	daniel-mar	461	$xml .= '</section></oidip>';
635	daniel-mar	462
		463	$xml = preg_replace('@<section><(.+)>(.+)</section>@ismU', '<\\1Section><\\1>\\2</\\1Section>', $xml);
		464
		465	if (OIDplus::getPkiStatus()) {
		466	$cont = $xml;
		467	$signature = '';
		468	if (@openssl_sign($cont, $signature, OIDplus::config()->getValue('oidplus_private_key'))) {
		469	$signature = base64_encode($signature);
760	daniel-mar	470	$cdata = '<![CDATA['.str_replace(']]>', ']]]]><![CDATA[>', $cont).']]>';
		471	$xml .= "<signatureSection><content>".$cdata."</content><signature>".htmlspecialchars($signature)."</signature></signatureSection>";
635	daniel-mar	472	}
		473	}
		474
		475	// Good XSD validator here: https://www.liquid-technologies.com/online-xsd-validator
		476	header('Content-Type:application/xml; charset=UTF-8');
		477	echo '<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>';
762	daniel-mar	478	echo '<root xmlns="'.XML_URN.'"';
635	daniel-mar	479	echo ' xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"';
762	daniel-mar	480	echo ' xsi:schemaLocation="'.XML_URN.' '.XML_URN_URL.'">';
635	daniel-mar	481	echo $xml;
		482	echo '</root>';
		483	}
		484
758	daniel-mar	485	if ($format == 'html') {
		486	// TODO
		487	throw new OIDplusException(_L('The output format "%1" has not yet been implemented!'));
		488	}
		489
635	daniel-mar	490	# ---
		491
		492	function show_asn1_appendix($id) {
		493	if (substr($id,0,4) === 'oid:') {
		494	$appendix_asn1ids = array();
		495	$res3 = OIDplus::db()->query("select * from ###asn1id where oid = ?", array($id));
		496	while ($row3 = $res3->fetch_object()) {
		497	$appendix_asn1ids[] = $row3->name;
		498	}
		499
		500	$appendix = implode(', ', $appendix_asn1ids);
		501	if (!empty($appendix)) $appendix = " ($appendix)";
		502	} else {
		503	$appendix = '';
		504	}
		505	return $appendix;
		506	}
		507
		508	function is_root($id) {
		509	return empty(explode(':',$id,2)[1]);
		510	}
		511
		512	function authTokenAccepted($content, $authTokens) {
		513	foreach ($authTokens as $token) {
		514	if (OIDplusPagePublicWhois::genWhoisAuthToken($content) == $token) return true;
		515	}
		516	return false;
		517	}
		518
		519	function allowObjectView($obj, $authTokens) {
		520	// Master auth token
		521	$authToken = trim(OIDplus::config()->getValue('whois_auth_token'));
		522	if (empty($authToken)) $authToken = false;
		523	if ($authToken && in_array($authToken, $authTokens)) return true;
		524
		525	// Per-OID auth tokens
		526	$curid = $obj->nodeId();
		527	while (($res = OIDplus::db()->query("select parent, confidential from ###objects where id = ?", array($curid)))->num_rows() > 0) {
		528	$row = $res->fetch_array();
		529	// Example: You have an auth Token for 2.999.1.2.3
		530	// This allows you to view 2.999.1.2.3 and all of its children,
		531	// as long as they are not confidential (then you need their auth token).
		532	// 2, 2.999, 2.999.1 and 2.999.1.2 are visible,
		533	// (because their existence is now obvious).
		534	if ($row['confidential'] && !authTokenAccepted($curid, $authTokens)) return false;
		535	$curid = $row['parent'];
		536	}
		537
		538	// Allow
		539	return true;
		540	}
		541
		542	function allowRAView($row, $authTokens) {
		543	// Master auth token
		544	$authToken = trim(OIDplus::config()->getValue('whois_auth_token'));
		545	if (empty($authToken)) $authToken = false;
		546	if ($authToken && in_array($authToken, $authTokens)) return true;
		547
		548	// Per-RA auth tokens
		549	if ($row->privacy && !authTokenAccepted('ra:'.$row->ra_name, $authTokens)) return false;
		550
		551	// Allow
		552	return true;
		553	}

Subversion Repositories oidplus

oidplus/trunk/plugins/viathinksoft/publicPages/100_whois/whois/webwhois.php @ 868 – Rev 762