<?php

////////////////////////////////////////////////////////////////////////////
///
/// Projekt: book to date
/// Autor: Volker Sauer, (C) 2006, 2007, 2008
/// etor Softwareentwicklung e.K.
/// Bottroper Str. 19, 45899 Gelsenkirchen, sauer@etor.de
///
/// Datei: x2dgw.php (Untere Schicht)
/// Beschreibung: Webservice Gateway Layer für die to date Reihe Version 1.0
///
////////////////////////////////////////////////////////////////////////////
///
/// Letzte Änderungungen:
/// 17.10.2007 Beginn der Aufzeichnungen
/// 25.10.2007 XML Escaping hinzugefügt
/// 24.02.2008 Beta Release 0.9.39
/// 08.06.2008 Übernahme in shop to date
/// 07.07.2008 shop to date6 Beta2 6.0.2.0
/// 11.10.2010 Anpassung Scriptextension
///
////////////////////////////////////////////////////////////////////////////
///<11.10.2010/7.0.2.5/>

if (!defined('SHOP_TO_DATE'))
	die('Forbidden');

// Version des Gateway Layers
define('GATEWAY_VERSION', '1.0');

class x2dgw {
	var $service_version;
	var $gateway_version;
	var $enctype;
	var $hash_computed;
	var $hash_recieved;
	var $action;
	var $data;
	var $cryption;

	// Konstruktor bekommt Service Layer Version zur Überprüfung
	function x2dws($service_version) {
		$this->service_version = $service_version;
	}

	// Request überprüfen und auseinanderbauen
	function handle() {

		$this->gateway_version = post_var('gatewayversion');
		$this->service_version = post_var('serviceversion');
		$this->action = post_var('action');
		$this->enctype = post_var('enctype');

		$this->hash_computed = md5($this->action.':'.post_var('data').':'.SECRET_KEY);
		$this->hash_received = post_var('hash');

		// Gateway Version überprüfen
		if ($this->gateway_version != GATEWAY_VERSION) {
			die("X2DWS 600 Illegal Gateway Version");
		}

		// Service Version überprüfen
		if ($this->service_version != $this->service_version) {
			die("X2DWS 601 Illegal Service Version");
		}

		// Hash überprüfen
		if ($this->hash_computed != $this->hash_received) {
			die("X2DWS 603 Hash mismatch");
		}

		// Verschlüsselung initialisieren
		if (!file_exists(WEBSERVICE_PATH . "x2dws$this->enctype.". CC_SITE_SCRIPTEXTENSION))
			die("X2DWS 605 Cannot handle Enctype");
		include_once(WEBSERVICE_PATH . "x2dws$this->enctype." . CC_SITE_SCRIPTEXTENSION);
		$this->cryption = new $this->enctype(SECRET_KEY);
		$this->data = $this->cryption->decrypt(post_var('data'));
		$this->action = post_var('action');
	}

	// Action auslesen
	function get_action() {
		return $this->action;
	}

	// Data auslesen
	function get_data() {
		return $this->data;
	}

	// Falls auch im Service Layer keine passende Action gefunden wird
	function action_nok() {
		die("X2DWS 604 Action Not Implemented");
	}

	// Antwort generieren und senden
	function send_response($response) {
		echo "X2DWS 200 OK";
		if (!empty($response))
			echo "\n\n".$this->cryption->encrypt($response);
		exit;
	}
}

// Holt Post-Vars
function post_var($key) {
	if (isset($_POST[$key]))
		return($_POST[$key]);
	else
		return("");
}

?>