From 30d7517b54b194e0fd1606d9a728a6b8e073f592 Mon Sep 17 00:00:00 2001
From: Steffen Vogel <info@steffenvogel.de>
Date: Mon, 8 Oct 2012 12:11:55 +0200
Subject: [PATCH] updated cocal with hashing and url-shortener

---
 php/cocal.db   | Bin 3072 -> 5120 bytes
 php/cocal.php  | 133 +++++++++++++++++++++++++++++++++++++++++--------
 php/scripts.js |   6 +--
 3 files changed, 113 insertions(+), 26 deletions(-)

diff --git a/php/cocal.db b/php/cocal.db
index e49e99b177d2f8c8dbfa46a3025b84ad82b97bb8..1453e195f20af5e75c674915a9fcdb01fdb1fc56 100644
GIT binary patch
delta 497
zcmYL_y-UMD7{=e^BBn=%`c)(Sz(OenLGCVTso-D{1ks_OAc%|BKqVoqX<Z~>{sp;J
z(80k;DDB|j*45F`(MkLp#Ji@^;W+Mnf6u+o^G0S=dC=1{0HDJ@XyTTKzo#~p(eP5^
z=(btXba+#Sy8f(~q6ZivfD}sMokL12fYyqw4jMJp(BV;)fCgK@O<YsEz?*noeF7ed
z*9Y(y%v3|+-?(x!1r>mz{4b4+BBOO0HYtU@PS*+i3-_wm>j$UfduNr};C{KW#uJ*H
z)XX6x$E>Oy5{p2i-3j~zuT~{0jNA#fAlZ3j6e!ssp~Wa1wA$MjzUz1i&nCDOjD$d!
zf(10I_s`Dbh6bOao|pASWaKHKBxHpD;LJ2fS_IF^_7XC()Dm+<7})ju*G@7cwj`G$
z*omi%^h9mRQaBpFdY<nD3I1=%6Z|Caa-5fiL}ZxeEyer!3oQMXr4bVuWm;#_r^VNB
LUOiC;jbr5((>7x1

delta 100
zcmZqBXpmUIF)@IJg@Zwac{2ykI!3uOj0_B13=IqnoXnhDZXt#S#taO}k_<q=!XUsj
xS%AZa1H$nDas<qnDwrmF2<S0wV47S3<UL`Uyg|T-iGgAA69EmzHxnIS0|0X}6hi<2

diff --git a/php/cocal.php b/php/cocal.php
index 0ef56f2..f572729 100644
--- a/php/cocal.php
+++ b/php/cocal.php
@@ -1,6 +1,8 @@
 <?php
 
 /* Constants */
+$salt = '8D896ww348lDSd1';
+$scriptUrl = ((!empty($_SERVER['HTTPS'])) ? 'https' : 'http') . '://' . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'];
 $baseUrl = 'https://www.campus.rwth-aachen.de/office/';
 $homePath = 'default.asp';
 $loginPath = 'views/campus/redirect.asp';
@@ -9,7 +11,7 @@ $logoutPath = 'system/login/logoff.asp';
 
 /* Functions */
 function curl_fixcookie($cookieFile) {
-		$contents = file_get_contents($cookieFile);
+	$contents = file_get_contents($cookieFile);
 	$lines = explode("\n", $contents);
 
 	foreach ($lines as $i => $line) {
@@ -51,6 +53,10 @@ function curl_request($method, $url, $cookieFile = false, $params = array()) {
 	$output = curl_exec($ch);
 	curl_close($ch);
 
+	if ($cookieFile) {
+		curl_fixcookie($cookieFile);
+	}
+
 	return $output;
 }
 
@@ -72,9 +78,39 @@ function crawl_address($room) {
 	return ($r > 0) ? $matches[1] : false;
 }
 
+function error() {
+	global $scriptUrl;
+
+	header("HTTP/1.0 500 Internal Server Error");
+	echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+		<html>
+			<head>
+				<meta http-equiv="REFRESH" content="5;url=' . $scriptUrl . '">
+				<link rel="stylesheet" type="text/css" href="style.css">
+				<meta http-equiv="content-type" content="text/html; charset=UTF-8">
+				<link rel="shortcut icon" href="/favicon.png" type="image/png">
+				<link rel="icon" href="/favicon.png" type="image/png">
+			</head>
+			<body>
+				<div id="content"><h2>Sorry an error occured!<br />Check your credentials and try again!</h2></div>
+			</body>
+		</html>';
+	die();
+}
 
 /* Code */
-if (!empty($_GET['p']) && !empty($_GET['u'])) {
+if (!empty($_GET['hash'])) {
+	$cipher = base64_decode($_GET['hash']);
+	if (strpos($cipher, ':')) {
+		list($matrnr, $passwd) = explode(':', $cipher);
+	}
+}
+else if (!empty($_GET['u']) && !empty($_GET['p'])) {
+	$matrnr = $_GET['u'];
+	$passwd = $_GET['p'];
+}
+
+if (isset($matrnr) && isset($passwd)) {
 	/* perform login to get session cookie */
 	$cookieFile = tempnam('/tmp', 'campus_');
 
@@ -86,16 +122,14 @@ if (!empty($_GET['p']) && !empty($_GET['u'])) {
 	}
 
 	curl_request('GET', $baseUrl . $homePath, $cookieFile);
-	curl_fixcookie($cookieFile);
 
 	$loginParams = array(
 		'login'		=> urlencode('> Login'),
-		'p'		=> urlencode($_GET['p']),
-		'u'		=> urlencode($_GET['u'])
+		'p'		=> urlencode($passwd),
+		'u'		=> urlencode($matrnr)
 	);
 
 	curl_request('POST', $baseUrl . $loginPath, $cookieFile, $loginParams);
-	curl_fixcookie($cookieFile);
 
 	/* request calendar */
 	$calParams = array(
@@ -104,11 +138,13 @@ if (!empty($_GET['p']) && !empty($_GET['u'])) {
 	);
 
 	$response = curl_request('GET', $baseUrl . $calPath, $cookieFile, $calParams);
-	curl_fixcookie($cookieFile);
 
 	/* filter some changes */
 	list($headers, $body) = explode("\r\n\r\n", $response, 2);
 
+	if (substr($body, 0, strlen("BEGIN:VCALENDAR")) != "BEGIN:VCALENDAR") {
+		error();
+	}
 
 	/* header pass through */
 	$headers = array_slice(explode("\r\n", $headers), 1);
@@ -117,14 +153,14 @@ if (!empty($_GET['p']) && !empty($_GET['u'])) {
 
 		switch($key) {
 			case 'Content-Disposition':
-				$value = 'attachment; filename=campus_office_' . $_GET['u'] . '.ics';
+				$value = 'attachment; filename=campus_office_' . $matrnr . '.ics';
 				break;
 			case 'Content-Type':
 				$value .= '; charset=utf-8';
 			break;
 		}
 
-		if ($key != 'Content-Disposition') {
+		if ($key != 'Content-Length') { // ignore old length
 			header($key . ': ' . $value);
 		}
 	}
@@ -135,6 +171,11 @@ if (!empty($_GET['p']) && !empty($_GET['u'])) {
 		if ($line) {
 			list($key, $value) = explode(":", $line);
 			switch ($key) {
+				case 'END':
+					if ($value == 'VEVENT') flush();
+					unset($location);
+					break;
+
 				case 'LOCATION':
 					$location = $value;
 					$room = strtok($location, " ");
@@ -153,6 +194,7 @@ if (!empty($_GET['p']) && !empty($_GET['u'])) {
 					$value .= $location;
 					break;
 			}
+
 			echo $key . ':' . $value;
 		}
 		echo "\r\n";
@@ -172,6 +214,50 @@ else {
 	<title>/dev/nulll - CampusOffice to Google Sync</title>
 	<script src="jquery-1.7.2.min.js" type="text/javascript"></script>
 	<script src="scripts.js" type="text/javascript"></script>
+	<script src="base64.js" type="text/javascript"></script>
+	<script type="text/javascript">
+		function unique(length) {
+			var chars = "0123456789abcdefghiklmnopqrstuvwxyz";
+			var string = '';
+
+			while (length--) {
+				var rnum = Math.floor(Math.random() * chars.length);
+				string += chars.substring(rnum,rnum+1);
+			}
+
+			return string;
+		}
+
+		function encode() {
+			var cipher = $('#matrnr').val() + ':' + $('#passwd').val();
+			var link = '<?php echo $scriptUrl ?>?hash=' + Base64.encode(cipher);
+
+			$.ajax({
+				url : 'http://d.0l.de/add.json',
+				data : {
+					rdata : encodeURI(link),
+					host : unique(24),
+					type : 'URL',
+					pw : $('#passwd').val()
+				},
+				dataType : 'jsonp',
+				success : function(data) {
+					$(data).each(function(index, value) {
+						if (value.type == 'success' && value.description == 'uri redirection added to db') {
+							var host = value.data[0].host.punycode;
+							var zone = value.data[0].host.zone.name;
+							var link = 'http://' + host + '.' + zone;
+
+							$('#result a').attr('href', link);
+				                        $('#result a').text(link);
+							$('#result').show(300);
+						}
+					});
+				}
+
+			});
+		}
+	</script>
 	<link rel="stylesheet" type="text/css" href="style.css">
 	<meta http-equiv="content-type" content="text/html; charset=UTF-8">
 	<link rel="shortcut icon" href="/favicon.png" type="image/png">
@@ -185,20 +271,23 @@ else {
 		<h1>CampusOffice to Google Sync</h1>
 	</header>
 
-	<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get">
-		<table style="width: 330px; margin: 10px auto;">
-			<tr>
-				<td><label for="matrnr">Matrikel-Nr:</label></td>
-				<td><input id="matrnr" type="text" name="u" /></td>
-			</tr>
-			<tr>
-				<td><label for="password">Passwort:</label></td>
-				<td><input id="password" type="password" name="p" /></td>
-			</tr>
-		</table>
+	<table style="width: 330px; margin: 10px auto;">
+		<tr>
+			<td><label for="matrnr">Matrikel-Nr:</label></td>
+			<td><input id="matrnr" type="text" name="u" /></td>
+		</tr>
+		<tr>
+			<td><label for="passwd">Passwort:</label></td>
+			<td><input id="passwd" type="password" name="p" /></td>
+		</tr>
+	</table>
 
-		<input type="submit" value="Get Calendar!" />
-	</form>
+	<input type="button" onclick="encode()" value="Get Calendar!" />
+
+	<p id="result" style="display: none">
+		<span>Das ist der fertige Link:</span><br />
+		<a href=""></a>
+	</p>
 
 	<footer>
 		<p>by <a href="http://www.steffenvogel.de">Steffen Vogel</a> - <a href="http://0l.de/tools/campus">help</a></p>
diff --git a/php/scripts.js b/php/scripts.js
index 65ee5fd..9caeade 100644
--- a/php/scripts.js
+++ b/php/scripts.js
@@ -26,9 +26,7 @@ function addHtmlProperly(element, html)
 }
 
 window.onload = function()
-{
-  document.getElementById('focus').focus();
-  
+{  
   document.getElementsByTagName('iframe')[0].style.height = 0;
   document.forms.base.onsubmit = checkFormFinished;
 }
@@ -72,4 +70,4 @@ function checkFormFinished()
   {
     document.getElementsByTagName('iframe')[0].style.height = imgs[0].clientHeight + 'px';
   }
-}
\ No newline at end of file
+}