Skip to content
Snippets Groups Projects
Commit 43ae7bd9 authored by Hakkel Tamás's avatar Hakkel Tamás
Browse files

új regisztrációs felület

parent e4cf0357
Branches
Tags
No related merge requests found
AuthType shibboleth
ShibRequireSession On
Require valid-user
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
<?php
if (! isset($_SERVER['uid'])) output($db,'Access denied');
ob_start("ob_gzhandler");
header('Vary: Accept-Encoding');
header('Pragma: no-cache');
header('Cache-Control: no-cache');
header('Accept-Ranges: bytes');
header('Content-Encoding: gzip');
$shibboleth = $_SERVER['uid'];
$now = microtime(true);
$enabled_time_window = 20; // in sec
$required_time_between_trials = 30; // in sec
$enabled_trials_per_day = 5;
$today = strtotime(date('Y-m-d').' 00:00 GMT');
$db = new PDO('sqlite:../db/db.sqlite');
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING );
$result = $db->prepare('
SELECT count(*)
FROM new_registration_log
WHERE shibboleth=:shibboleth AND timestamp > :today AND action="start"');
$result->execute(array(
'shibboleth' => $shibboleth,
'today' => $today));
$tmp = $result->fetch(PDO::FETCH_NUM);
$trials_today = intval($tmp[0]);
if (intval($trials_today) > $enabled_trials_per_day) {
sqlSave($db,$now,$shibboleth,'locked');
output($db,'locked');
}
if ($last_action === 'locked' AND $last_action > $today) {
output($db,'locked');
}
$result = $db->prepare('
SELECT timestamp,action
FROM new_registration_log
WHERE shibboleth=:shibboleth AND action != "page loaded"
ORDER BY timestamp DESC
LIMIT 1');
$result->execute(array('shibboleth' => $shibboleth));
$last_entry = $result->fetch(PDO::FETCH_ASSOC);
$last_action = $last_entry['action'];
$last_timestamp = floatval($last_entry['timestamp'])/1000;
if ($last_action === 'start' AND $last_timestamp > $now - $enabled_time_window) {
$result = $db->prepare('
SELECT card_ID
FROM card_log
WHERE timestamp > :start
GROUP BY card_ID
HAVING count(*) > 2');
$result->execute(array('start' => $last_entry['timestamp']));
$card_IDs = $result->fetchAll(PDO::FETCH_ASSOC);
if (! $card_IDs)
output($db,'waiting',$last_timestamp + $enabled_time_window);
elseif (count($card_IDs) > 1) {
sqlSave($db,$now,$shibboleth,'ambiguous');
output($db,'ambiguous');
} else {
saveUser($db,$card_IDs[0]['card_ID']);
sqlSave($db,$now,$shibboleth,'success');
output($db,'success');
}
}
if ($last_action === 'timeout' AND $last_timestamp > $now - $required_time_between_trials) {
output($db,'timeout');
}
if (! isset($_POST['action'])){
sqlSave($db,$now,$shibboleth,'page loaded');
output($db,'page loaded');
}
if ($last_action === 'start'
AND $last_timestamp < $now - $enabled_time_window
AND $last_timestamp > $now - $required_time_between_trials) {
sqlSave($db,$now,$shibboleth,'timeout');
output($db,'timeout');
}
if (($last_action === 'start' OR $last_action === 'timeout')
AND $last_timestamp < $now - $required_time_between_trials) {
sqlSave($db,$now,$shibboleth,'start');
output($db,'waiting',$last_timestamp + $enabled_time_window);
}
if ($last_action === 'success') {
sqlSave($db,$now,$shibboleth,'start');
output($db,'waiting',$last_timestamp + $enabled_time_window);
}
sqlSave($db,$now,$shibboleth,'start');
output($db,'waiting',$last_timestamp + $enabled_time_window);
function output($db,$message,$timestamp = NULL) {
$result = $db->prepare('
SELECT count(*)
FROM user
WHERE shibboleth=:shibboleth');
$result->execute(array('shibboleth' => $_SERVER['uid']));
$result = $result->fetch(PDO::FETCH_NUM);
$isRegistered = ($result[0] === '1');
die(json_encode(array(
'message' => $message,
'again' => $isRegistered,
'timestamp' => $timestamp*1000.
)));
}
function saveUser($db,$card_ID) {
$result = $db->prepare('
SELECT count(*)
FROM user
WHERE shibboleth=:shibboleth');
$result->execute(array('shibboleth' => $_SERVER['uid']));
$isAlreadyRegistered = $result->fetch(PDO::FETCH_NUM);
if (intval($isAlreadyRegistered[0]) > 0)
$db->exec("UPDATE user SET card_ID = '$card_ID' WHERE shibboleth = '{$_SERVER['uid']}'");
else
$db->exec("INSERT INTO user (shibboleth,name,email,card_ID)
VALUES ('{$_SERVER['uid']}','{$_SERVER['displayName']}','{$_SERVER['mail']}','$card_ID')");
}
function sqlSave($db,$now,$shibboleth,$last_action) {
$now *= 1000;
$now = number_format($now, 0, '.', '');
$db->exec("INSERT INTO new_registration_log (timestamp,shibboleth,action)
VALUES ($now, '$shibboleth','$last_action')");
}
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="PPKE ITK beléptető kapu">
<meta name="author" content="Hakkel Tamás">
<title>Sam</title>
<link rel="shortcut icon" href="../logo.ico">
<link rel="stylesheet"
href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css"
integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4"
crossorigin="anonymous">
<link href="https://fonts.googleapis.com/css?family=Quicksand:400,500" rel="stylesheet">
<script defer src="https://code.jquery.com/jquery-3.3.1.min.js" integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8="
crossorigin="anonymous"></script>
<style>
body {
font-family: 'Quicksand', sans-serif;
font-weight: 300;
}
nav {
font-size: 25px;
box-shadow: 0px 3px 5px lightgrey;
font-weight: 500;
position: fixed;
}
#logo {
height: 2.5rem;
padding: 0rem 1rem 0rem 0rem;
}
#loader {
width: 70px;
text-align: center;
position: fixed;
z-index: 999;
overflow: show;
margin: auto;
top: 50%;
left: 0;
bottom: 0;
right: 0;
}
#loader:before {
content: '';
display: block;
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-color: rgba(0, 0, 0, 0.3);
}
#loader>div {
width: 18px;
height: 18px;
background-color: #333;
border-radius: 100%;
display: inline-block;
-webkit-animation: sk-bouncedelay 1.4s infinite ease-in-out both;
animation: sk-bouncedelay 1.4s infinite ease-in-out both;
}
#loader .bounce1 {
-webkit-animation-delay: -0.32s;
animation-delay: -0.32s;
}
#loader .bounce2 {
-webkit-animation-delay: -0.16s;
animation-delay: -0.16s;
}
@-webkit-keyframes sk-bouncedelay {
0%,
80%,
100% {
-webkit-transform: scale(0)
}
40% {
-webkit-transform: scale(1.0)
}
}
@keyframes sk-bouncedelay {
0%,
80%,
100% {
-webkit-transform: scale(0);
transform: scale(0);
}
40% {
-webkit-transform: scale(1.0);
transform: scale(1.0);
}
}
</style>
</head>
<body>
<nav class="navbar fixed-top navbar-expand-sm navbar-light bg-light">
<span class="navbar-brand">
<img src="../logo.svg" width="30" height="30" class="d-inline-block align-top" alt="logo">
<span class="text">Registration</span><span class="text" style="display:none">Regisztráció</span>
</span>
</nav>
<div class="container" style="margin-top:6em">
<div id="loader">
<div class="bounce1"></div>
<div class="bounce2"></div>
<div class="bounce3"></div>
</div>
<div id="error-setup" style="display:none">
<div class="row">
<div class="col-sm-10 offset-sm-1 col-lg-8 offset-lg-2">
<p>
<span class="text">Error encountered while loading page... :(</span>
<span class="text" style="display:none">Valami hiba történt az oldal betöltése során... :(</span>
</p>
</div>
</div>
</div>
<div id="description" style="display:none">
<div class="row">
<div class="col-sm-10 offset-sm-1 col-lg-8 offset-lg-2 text-justify">
<p>
<span class="text">
<p><span class="again" style="display:none">You have already registered. </span>
To authenticate your card click on the button below and check in 3 times with your card
at the marked card reader within 20 seconds.
<p>
<div class="text-center mb-3"><button class="start btn btn-primary">Start <span class="again" style="display:none">card authentication</span><span class="again">registration</span></button></div>
<p><span class="again">
By registering you accept that we store pictures of you, and pair them with your card ID and
name, and that we send occasionally an email to your university email address about the operation
of the system. We use the collected data only to train the face recognition system.</span> You can delete
your registration any time by sending email to the <a href="mailto:info@sam.itk.ppke.hu">info@sam.itk.ppke.hu</a>
address, and if you encounter any error, please email us as well.
</p>
</span>
<span class="text" style="display:none">
<p><span class="again" style="display:none">Egyszer már regisztráltál. </span>
A kártyád hitelesítéséhez kattints az alábbi gombra, majd 20 másodpercen belül
olvasd le a megjelölt kártyaolvasónál 3x a kártyádat.
</p>
<div class="text-center mb-3"><button class="start btn btn-primary"><span class="again" style="display:none">Kártya hitelesítés</span><span class="again">Regisztráció</span> indítása</button></div>
<p><span class="again">
A regisztrációval elfogadod, hogy a eltároljuk a rólad készült felvételeket, majd a kártya-azonosítóddal és
a neveddel összepárosítsuk őket, illetve hogy az egyetemi email címedre alkalmanként levelet küldjünk
a rendszer működésével kapcsolatban. A tárolt adatokat kizárólag az arcfelismerő tanítására használjuk.</span>
A regisztráció törlése bármikor kérhető a <a href="mailto:info@sam.itk.ppke.hu">info@sam.itk.ppke.hu</a>
email címre küldött üzenetben, illetve az esetleges hibabejelentéseket is ide várjuk.
</p>
</span>
</p>
</div>
</div>
</div>
<div id="message" style="display:none">
<div class="row">
<div class="col-sm-10 offset-sm-1 col-lg-8 offset-lg-2 text-justify">
<p>
<span class="text">
<p id="waiting" class="message" style="display:none">
Check in 3 times with your card at the marked card reader within <span class="time"></span> seconds.
</p>
<p id="success" class="message" style="display:none">
You have successfully <span class="again">registered</span><span class="again" style="display:none">authenticated your card</span>.
</p>
<p id="timeout" class="message" style="display:none">
The <span class="again">registration</span><span class="again" style="display:none">authentication</span> session has been timed out. Please, try again 30 seconds later.
</p>
<p id="ambigous" class="message" style="display:none">
Unknown error occured. Please, refresh page and try again.
</p>
<p id="locked" class="message" style="display:none">
You can try at most 5 times a day to <span class="again">register</span><span class="again" style="display:none">authenticate your card</span> and you exceeded that limit. Please, try again tomorrow.
</p>
</span>
<span class="text" style="display:none">
<p id="waiting" class="message" style="display:none">
Olvasd le a kártyádat 3x a következő <span class="time"></span> másodpercen belül.
</p>
<p id="success" class="message" style="display:none">
A <span class="again">regisztráció</span><span class="again" style="display:none">hitelesítés</span> sikeres volt.
</p>
<p id="timeout" class="message" style="display:none">
A <span class="again">regisztrációs</span><span class="again" style="display:none">hitelesítési</span> időt túllépted. Kérlek, próbálkozz fél perc múlva.
</p>
<p id="ambigous" class="message" style="display:none">
Ismeretlen hiba történt. Kérlek, frissítsd az oldalt és próbálkozz újra.
</p>
<p id="locked" class="message" style="display:none">
Egy nap csak 5x próbálkozhatsz meg a <span class="again">regisztrációval</span><span class="again" style="display:none">hitelesítéssel</span>, és te meghaladtad ezt a limitet. Kérlek, próbálkozz újra holnap.
</p>
</span>
</p>
</div>
</div>
</div>
</div>
<script>
var language = navigator.languages ? navigator.languages[0] : (navigator.language || navigator.userLanguage);
waitFor("jQuery", setup);
function waitFor(what, callback) {
if (window[what]) callback();
else setTimeout(() => waitFor(what, callback), 50);
}
function setup() {
if (language === "hu" || language === "hu-HU")
$(".text").toggle();
$.post("backend.php")
.done(processReceivedData)
.fail((error) => { console.log(error); $("#error-setup").show(); })
.always(() => $("#loader").hide());
$(".start").click(function(){
$("#description").hide();
$("#message").show();
fetch();
});
}
function fetch() {
$.post("backend.php", {"action": true})
.done(processReceivedData)
.fail((error) => { console.log(error); $("#error-setup").show(); });
}
var interval;
var first = true;
function processReceivedData(data) {
var parsed = JSON.parse(data);
if (parsed['again'] && first){
$('.again').toggle();
first = false;
}
var message = parsed['message'];
if (message === "page loaded") {
$("#description").show();
} else {
$("#message").show();
$(".message").hide();
$("#" + message).show();
if (['locked','ambiguous','success','timeout'].includes(message) ) {
clearInterval(interval);
interval = null;
} else if (! interval)
interval = setInterval(fetch,300);
if (message === 'waiting'){
var time = new Date( - new Date());
$(".time").text(Math.floor((parsed['timestamp'] - Date.now())/1000));
}
}
}
</script>
</body>
</html>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
<script defer
src="https://code.jquery.com/jquery-3.3.1.min.js"
integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8="
crossorigin="anonymous"></script>
<link rel="stylesheet"
href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css"
integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4"
crossorigin="anonymous">
</head>
<body>
<button id="start" class="btn btn-primary">Indítás</button>
<script>
</script>
</body>
</html>
\ No newline at end of file
......@@ -44,7 +44,29 @@ if ($success)
else
$db->rollBack();
die(json_encode(array(
$answer = json_encode(array(
'success' => $success,
'answer' => $success ? $result->fetchAll(PDO::FETCH_ASSOC) : $error[2]
)));
));
$db = new PDO('sqlite:../belepteto-dev/db/db.sqlite');
$db->beginTransaction();
$queries = explode(';',$_POST['query']);
foreach ($queries as $query) {
if (trim($query) === '') continue;
$result = $db->prepare($query);
$success = $result !== FALSE;
if ($success)
$result->execute();
else {
$error = $db->errorInfo();
break;
}
}
if ($success)
$db->commit();
else
$db->rollBack();
die($answer);
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment