src/Controller/WebserviceController.php line 404

Open in your IDE?
  1. <?php
  2. namespace App\Controller;
  4. use App\Entity\Users;
  5. use App\Entity\UsersAmbienti;
  6. use App\Entity\Questionari;
  7. use App\Entity\QuestionariIniziati;
  8. use App\Entity\Domande;
  9. use App\Entity\Risposte;
  10. use Doctrine\ORM\EntityManagerInterface;
  11. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  12. use Symfony\Component\HttpFoundation\Request;
  13. use Symfony\Component\HttpFoundation\Response;
  14. use Symfony\Component\Routing\Annotation\Route;
  15. use Doctrine\Persistence\ManagerRegistry;
  16. use Symfony\Component\HttpFoundation\RequestStack;
  17. use Symfony\Component\Yaml\Yaml;
  18. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  19. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  20. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  23. class WebserviceController extends AbstractController
  24. {
  25.     private RequestStack $requestStack;
  26.     private SessionInterface $session;
  27.     public function __construct (RequestStack $requestStack, private TokenStorageInterface $tokenStorage)
  28.     {
  29.         $this->requestStack $requestStack;
  30.         $this->session $requestStack->getSession();
  31.     }
  32.     private function checkAuth(string $authManagerRegistry $doctrine): int
  33.     {
  34.         $a explode(" "$auth);
  35.         if ($a[0] == "Basic") {
  36.             $t $a[1];
  37.             if ($t == "") {
  38.                 return 0;
  39.             } else {
  40.                 $t explode("."$t);
  41.                 $t0_header base64_decode($t[0]);
  42.                 $t1_payload base64_decode($t[1]);
  43.                 $t0_header json_decode($t0_header);
  44.                 if ($t0_header) {
  45.                     $t1_payload json_decode($t1_payload);
  46.                     if ($t1_payload) {
  47.                         $from $t1_payload->from;
  48.                         $to $t1_payload->to;
  49.                         if ($from <= $t1_payload->from && $to >= $t1_payload->to) {
  50.                             $user $doctrine->getRepository(Users::class)->findOneBy(['email' => $t1_payload->user]);
  51.                             if ($user) {
  52.                                 $ambiente $doctrine->getRepository(UsersAmbienti::class)->findOneBy(['user' => $user"url" => $t1_payload->url]);
  53.                                 $apisecret $ambiente->getApisecret();
  54.                                 if ($t0_header == "HS256") {
  55.                                     $alg "sha256";
  56.                                 } else {
  57.                                     $alg "sha256";
  58.                                 }
  59.                                 $signature hash_hmac($alg$t[0] . $t[1], $apisecrettrue);
  60.                                 $signature base64_encode($signature);
  61.                                 if ($signature == $t[2]) {
  62.                                     return $ambiente->getId();
  63.                                 } else {
  64.                                     //$signature = $user->getEmail()."|".$t1_payload->url."|".$signature;
  65.                                     return -3;
  66.                                 }
  67.                             } else {
  68.                                 return -1;
  69.                             }
  70.                         } else {
  71.                             return -2;
  72.                         }
  73.                         
  74.                     } else {
  75.                         return 0;
  76.                     }
  77.                 } else {
  78.                     return 0;
  79.                 }
  80.             }
  81.         }
  82.         return 0;
  83.     }
  84.     
  85.     #[Route('/webservice'name'app_webservice')]
  86.     public function index(Request $requestManagerRegistry $doctrine): Response
  87.     {
  88.         $s '<html>
  89.             <head>
  90.             <meta charset="UTF-8">
  91.             <meta name="viewport" content="width=device-width, initial-scale=1">
  92.             <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css">
  93.             <title>LIVE</title>
  94.             <link href="/dist/css/pages/login-register-lock.css" rel="stylesheet">
  95.             <link href="/dist/css/style.min.css" rel="stylesheet">
  96.             <style>
  97.             footer {
  98.             width: 100%;
  99.             position: fixed;
  100.             bottom: 0px;
  101.             text-align: center;
  102.             padding: 3px;
  103.             background-color: #000;
  104.             color: #fff;
  105.             }
  106.             </style>
  107.             </head>
  108.             <body>
  109.             <div style="width: 100%; height: 20px; position: absolute; top: 50%; margin-top: -10px;">
  110.             <center>LIVE</center>
  111.             </div>
  112.             </body>
  113.             <footer><center>42b.it</center></footer>
  114.             </html>';
  115.         return new Response($s);
  116.     }
  117.     
  118.     #[Route('/webservice/connect'name'app_webservice_connect')]
  119.     public function connect(Request $request,ManagerRegistry $doctrine): Response
  120.     {
  121.         $apikey $request->get("a");
  122.         $apisecret $request->get("b");
  123.         $url $request->get("c");
  124.         $user $doctrine->getRepository(UsersAmbienti::class)->findOneBy(['apikey' => $apikey"apisecret" => $apisecret]);
  125.         if ($user) {
  126.             $header = [
  127.                 'typ' => 'JWT',
  128.                 'alg' => 'HS256'
  129.             ];
  130.             $header json_encode($header);        
  131.             $header base64_encode($header);
  132.             $now strtotime(date("Y-m-d H:i:s"));
  133.             $to $now 3600// 1 ora;
  134.             $payload = [            
  135.                 "from" => date("Y-m-d H:i:s"),
  136.                 "to" => date("Y-m-d H:i:s"$to),
  137.                 "url" => $url,
  138.                 "user" => $user->getUser()->getEmail()
  139.             ];
  140.             $payload json_encode($payload);
  141.             $payload base64_encode($payload);
  142.             $signature hash_hmac('sha256'$header $payload$apisecrettrue);
  143.             $signature base64_encode($signature);
  144.             $token $header "." $payload "." $signature;
  145.             echo $token;
  146.             exit();
  147.         } else {
  148.             echo "0";
  149.             exit();
  150.         }
  151.     }
  152.     
  153.     
  154.     #[Route('/webservice/getquestionari'name'app_webservice_getquestionari')]
  155.     public function getQuestionari(Request $request,ManagerRegistry $doctrine): Response
  156.     {
  157.         $headers apache_request_headers();
  158.         $check $this->checkAuth($headers["Authorization"], $doctrine);
  159.         if ((int)$check 0) {
  160.             $questionari $doctrine->getRepository(Questionari::class)->findBy(['ambiente' => $check]);
  161.             $res = [];
  162.             foreach ($questionari as $q) {
  163.                 if ($q->getQuestionario()) {
  164.                     // non riporto 
  165.                 } else {
  166.                     $res[$q->getId()] = $q->getTitolo();
  167.                 }
  168.             }
  169.             echo json_encode($res);
  170.         } else {
  171.             if ((int)$check == -1) {
  172.                 echo "Api error";
  173.             } elseif ((int)$check == -2) {
  174.                 echo "Expired";
  175.             } elseif ((int)$check == -3) {
  176.                 echo "Api error";
  177.             } else {
  178.                 echo "Error";
  179.             }
  180.         }
  181.         exit();
  182.     }
  183.     
  184.     #[Route('/webservice/getquestionarofatherfromson'name'app_webservice_getquestionariofatherfromson')]
  185.     public function getquestionarofatherfromson(Request $request,ManagerRegistry $doctrine): Response
  186.     {
  187.         $headers apache_request_headers();
  188.         $check $this->checkAuth($headers["Authorization"], $doctrine);
  189.         if ((int)$check 0){
  190.             if (!isset($_REQUEST["questionario"])) {
  191.                 var_dump($_REQUEST);
  192.                 return new Response("Error cod 205");
  193.             }
  194.             $questionario $_REQUEST["questionario"];
  195.             $q $doctrine->getRepository(Questionari::class)->findOneById((int)$questionario);
  196.             if ($q) {
  197.                 return new Response($q->getQuestionario()->getId());
  198.             } else {
  199.                 return new Response("0");
  200.             }
  201.         }
  202.         exit();
  203.     }
  204.     
  205.     #[Route('/webservice/createquestionaro'name'app_webservice_createquestionario')]
  206.     public function createQuestionario(Request $request,ManagerRegistry $doctrine): Response
  207.     {
  208.         $headers apache_request_headers();
  209.         $check $this->checkAuth($headers["Authorization"], $doctrine);
  210.         if ((int)$check 0){
  211.             $teachers = [];
  212.             $nteachers $request->get("nteachers");
  213.             if ((int)$nteachers 0) {
  214.                 for ($i 1$i <= $nteachers$i++) {
  215.                     $teachers[] = [
  216.                         "id" => $request->get("teacher_id_" $i),
  217.                         "username" => $request->get("teacher_id_username_" $i),
  218.                         "name" => $request->get("teacher_id_name_" $i)
  219.                     ];
  220.                 } 
  221.             }
  222.             if (!isset($_REQUEST["questionario"])) {
  223.                 return new Response("Error cod 205");
  224.             }
  225.             $questionario $_REQUEST["questionario"];
  226.             
  227.             $q $doctrine->getRepository(Questionari::class)->findOneById((int)$questionario);
  228.             if ($q) {
  229.                 $q2 = new Questionari();
  230.                 $q2->setQuestionario($q);
  231.                 $q2->setAmbiente($q->getAmbiente());
  232.                 $q2->setCorsoId($_REQUEST["course"]);
  233.                 $q2->setUser($q->getUser());
  234.                 $q2->setTitolo($q->getTitolo());     
  235.                 $q2->setDescrizione($q->getDescrizione());     
  236.                 $q2->setCreatedAt(new \DateTimeImmutable("now"));
  237.                 $token bin2hex(random_bytes(32));
  238.                 $soken bin2hex(hash_hmac('sha256',$token,bin2hex(random_bytes(8)), true));
  239.                 $q2->setToken($soken);
  240.                 $entityManager $doctrine->getManager();
  241.                 $entityManager->persist($q2);
  242.                 $entityManager->flush();
  243.                 $qid $q2->getId();
  244.                 $domande $doctrine->getRepository(Domande::class)->findByQuestionario(["questionario" => $q], ["posizione" => "ASC"]);
  245.                 if ($domande){
  246.                     $posizione 1;
  247.                     foreach ($domande as $d) {
  248.                         if ($d->getTipoRisposta() == "docente") {
  249.                             foreach ($teachers as $t) {
  250.                                 $d2 = new Domande();
  251.                                 $d2->setQuestionario($q2);
  252.                                 $d2->setDomanda($d->getDomanda());
  253.                                 $d2->setTipoRisposta($d->getTipoRisposta());
  254.                                 $d2->setOpzioniRisposta($d->getOpzioniRisposta() . "\nTeacher:" json_encode($t));     
  255.                                 $d2->setMultipla($d->isMultipla());
  256.                                 $d2->setPosizione($d->getMostraPosizione());
  257.                                 $d2->setMostraPosizione(1);
  258.                                 $d2->setCreatedAt(new \DateTimeImmutable("now"));
  259.                                 $d2->setPlaceholder($d->getPlaceholder());
  260.                                 $d2->setObbligatoria($d->isObbligatoria());
  261.                                 $entityManager->persist($d2);
  262.                                 $posizione++;
  263.                             }
  264.                         } else {
  265.                             $d2 = new Domande();
  266.                             $d2->setQuestionario($q2);
  267.                             $d2->setDomanda($d->getDomanda());
  268.                             $d2->setTipoRisposta($d->getTipoRisposta());
  269.                             $d2->setOpzioniRisposta($d->getOpzioniRisposta());     
  270.                             $d2->setMultipla($d->isMultipla());
  271.                             $d2->setPosizione($posizione);
  272.                             $d2->setMostraPosizione($d->getMostraPosizione());
  273.                             $d2->setCreatedAt(new \DateTimeImmutable("now"));
  274.                             $d2->setPlaceholder($d->getPlaceholder());
  275.                             $d2->setObbligatoria($d->isObbligatoria());
  276.                             $entityManager->persist($d2);
  277.                             $posizione++;
  278.                         }     
  279.                     }
  280.                     $entityManager->flush();
  281.                 }
  282.                 echo $soken "." $q2->getId() . "." $q->getId();
  283.             } else {
  284.                 echo "Errore 149";
  285.             }
  286.             exit();
  287.         } else {
  288.             if((int)$check == -1) {
  289.                 echo "Api error";
  290.             } elseif ((int)$check == -2) {
  291.                 echo "Expired";
  292.             } elseif ((int)$check == -3) {
  293.                 echo "Api error";
  294.             } else {
  295.                 echo "Error";
  296.             }
  297.         }
  298.         exit();
  299.     }
  300.     #[Route('/webservice/getStudentQuestionario'name'app_webservice_getstudentquestionario')]
  301.     public function getStudentQuestionario(Request $request,ManagerRegistry $doctrine): Response{
  302.         $headers apache_request_headers();
  303.         $check $this->checkAuth($headers["Authorization"], $doctrine);
  304.         $user $request->get("user");
  305.         if ((int)$check && $user != "") {
  306.             // il token generale e' corretto
  307.             // controllo che il token passato sia corretto rispetto al questioanrio
  308.             $q $doctrine->getRepository(Questionari::class)->findOneByToken($request->get("token"));
  309.             if ($q->getId() == $request->get("questionario") || $q->getQuestionario()->getId() == $request->get("questionario")) {
  310.                 if ($q->getId() == $request->get("questionario")) {
  311.                     $qid $q->getId();
  312.                 } else {
  313.                     $qid $q->getQuestionario()->getId();
  314.                 }
  315.                 $qi $doctrine->getRepository(QuestionariIniziati::class)->findOneBy([
  316.                     "questionario" => $q,
  317.                     "user_id" => $user,
  318.                     "status" => 1,
  319.                     "ambiente" => $q->getQuestionario()->getAmbiente()
  320.                 ]);
  321.                 if ($qi) {
  322.                     $qid .= "_" $qi->getId();
  323.                 }
  324.                 echo $qid;
  325.             } else {
  326.                 echo "error";
  327.             }
  328.         }
  329.         exit();
  330.     }
  331.     
  332.     #[Route('/webservice/tutor'name'app_webservice_tutorquestionario')]
  333.     public function tutorQuestionario(Request $request,ManagerRegistry $doctrine): Response
  334.     
  335.         $headers apache_request_headers();
  336.         $session $this->requestStack->getSession();
  337.         $session_token $session->get('token');
  338.         $session_signature $session->get('signature');
  339.         $session_message $session->get('message');
  340.         if ($session_token != "") {
  341.             $token1 $session_token;
  342.             $session->set('token'"");
  343.             $signature $session_signature;
  344.             $session->set('signature'"");
  345.             $res json_decode(base64_decode($token1));
  346.         } else {
  347.             $token1 $request->get("token");
  348.             $signature $request->get("signature");
  349.         }
  350.         if ($token1 == "") {
  351.             echo "288";
  352.             return $this->redirectToRoute("login");
  353.         }
  354.         $res json_decode(base64_decode($token1));
  355.         // controllo se esiste il questionario ( questionario ) con il token passato ( token )
  356.         $q $doctrine->getRepository(Questionari::class)->findOneBy([
  357.             "id" => $res->questionario,
  358.             "token"=> $res->token
  359.         ]);
  360.         
  361.         if (!$q) {
  362.             $questionario $doctrine->getRepository(Questionari::class)->find($res->questionario);
  363.             if ($questionario) {
  364.                 $q $doctrine->getRepository(Questionari::class)->findOneBy([
  365.                     "questionario" => $questionario,
  366.                     "token"=> $res->token
  367.                 ]);
  368.             }
  369.         }
  370.         if ($q) {
  371.             $ambiente $q->getQuestionario()->getAmbiente();
  372.             $secret $ambiente->getApisecret();
  373.             $signature2 hash_hmac("sha256"$token1$secrettrue);
  374.             $signature2 base64_encode($signature2);
  375.             if ($signature != $signature2) {
  376.                 echo "Error code 283";
  377.                 echo $signature " " $signature2 "<br />";
  378.                 exit();
  379.             }
  380.             
  381.             // riscrivo il token e la signature perche' e' cambiato il valore di questionarioiniziato
  382.             $repository $doctrine->getRepository(Users::class);
  383.             $user $repository->findOneBy(['email' => $res->user_email]);
  384.             $roles $user->getRoles();
  385.             if (in_array("ROLE_MANAGER"$roles)) {
  386.                 $ttoken = new UsernamePasswordToken($user'main'$user->getRoles());
  387.                 $this->tokenStorage->setToken($ttoken);
  388.                 $this->session->set('_security_main'serialize($ttoken));
  389.                 return $this->forward('App\Controller\DefaultController::index', ["moodle_token" => """uid" => 0]);
  390.             } else {
  391.                 return new Response("Error code 369");
  392.             }
  393.         } else {
  394.             var_dump($res);
  395.             return new Response("Error code 373");
  396.         }
  397.     }
  398.     
  399.     #[Route('/webservice/sustain'name'app_webservice_sustainstudentquestionario')]
  400.     public function sustainStudentQuestionario(Request $request,ManagerRegistry $doctrine): Response
  401.     
  402.         $headers apache_request_headers();
  403.         $session $this->requestStack->getSession();
  404.         $session_token $session->get('token');
  405.         $session_signature $session->get('signature');
  406.         $session_message $session->get('message');
  407.         if ($session_token != "") {
  408.             $token1 $session_token;
  409.             $session->set('token'"");
  410.             $signature $session_signature;
  411.             $session->set('signature'"");
  412.             $res json_decode(base64_decode($token1));
  413.         } else {
  414.             $token1 $request->get("token");
  415.             $signature $request->get("signature");
  416.         }
  417.         if ($token1 == "") {
  418.             echo "288";
  419.             return $this->redirectToRoute("login");
  420.         }
  421.         $res json_decode(base64_decode($token1));
  422.         // controllo se esiste il questionario ( questionario ) con il token passato ( token )
  423.         $q $doctrine->getRepository(Questionari::class)->findOneBy([
  424.             "id" => $res->questionario,
  425.             "token"=> $res->token
  426.         ]);
  427.         
  428.         if (!$q) {
  429.             $questionario $doctrine->getRepository(Questionari::class)->find($res->questionario);
  430.             if ($questionario) {
  431.                 $q $doctrine->getRepository(Questionari::class)->findOneBy([
  432.                     "questionario" => $questionario,
  433.                     "token"=> $res->token
  434.                 ]);
  435.             }
  436.         }
  437.         if ($q) {
  438.             $ambiente $q->getQuestionario()->getAmbiente();
  439.             $secret $ambiente->getApisecret();
  440.             $signature2 hash_hmac("sha256"$token1$secrettrue);
  441.             $signature2 base64_encode($signature2);
  442.             if ($signature != $signature2) {
  443.                 echo "Error code 283";
  444.                 echo $signature " " $signature2 "<br />";
  445.                 exit();
  446.             }
  447.             if ((int)$res->questionarioiniziato != 0) {
  448.                 $qi $doctrine->getRepository(QuestionariIniziati::class)->findOneBy([
  449.                     "id" => $res->questionarioiniziato
  450.                 ]);
  451.                 if ($qi) {
  452.                     $domande $doctrine->getRepository(Domande::class)->findBy(["questionario" => $q], ["posizione" => "ASC"]);
  453.                     $risposte $doctrine->getRepository(Risposte::class)->findBy(["questionario_iniziato" => $qi], ["posizione" => "ASC"]);
  454.                     $risp = [];
  455.                     foreach ($risposte as $r){
  456.                         $risp[$r->getDomanda()->getId()] = $r;
  457.                     }
  458.                 } else {
  459.                     echo "errore";
  460.                     exit();
  461.                 }
  462.                 
  463.             } else {
  464.                 //exit();
  465.                 $qi = new QuestionariIniziati();
  466.                 $qi->setQuestionario($q);
  467.                 $qi->setAmbiente($q->getQuestionario()->getAmbiente());
  468.                 $qi->setUserId($res->user);
  469.                 $qi->setUserEmail($res->user_email);
  470.                 $qi->setUserEmailHash($res->user_email_hash);
  471.                 $qi->setStatus(1);
  472.                 $qi->setLastQuestion(0);
  473.                 $qi->setReturnurl($res->return);
  474.                 $qi->setCreatedAt(new \DateTimeImmutable("now"));
  475.                 $qi->setModifiedAt(new \DateTimeImmutable("now"));
  476.                 $entityManager $doctrine->getManager();
  477.                 $entityManager->persist($qi);
  478.                 $entityManager->flush();
  479.                 
  480.                 // riscrivo il token e la signature perche' e' cambiato il valore di questionarioiniziato
  481.                 $r= [];
  482.                 $r["user"] = $res->user;
  483.                 $r["user_email"] = $res->user_email;
  484.                 $r["user_email_hash"] = $res->user_email_hash;
  485.                 $r["course"] = $res->course;
  486.                 $r["questionario"] = $res->questionario;
  487.                 $r["questionarioiniziato"] = $qi->getId();
  488.                 $r["return"] = $res->return;
  489.                 $r["token"] = $res->token;
  490.                 echo "<!-- token: " $token1 "<br/>-->";
  491.                 echo "<!-- secret: " $secret "<br />-->";
  492.                 echo "<!-- signature: " $signature "<br />-->";
  493.                 $token1 base64_encode(json_encode($r));
  494.                 $signature hash_hmac("sha256"$token1$secrettrue);
  495.                 $signature base64_encode($signature);
  496.                 $domande $doctrine->getRepository(Domande::class)->findBy(["questionario" => $q], ["posizione" => "ASC"]);
  497.                 if ($domande) {
  498.                     $posizione 1;
  499.                     foreach ($domande as $d) {
  500.                         $r = new Risposte();
  501.                         $r->setQuestionario($q);
  502.                         $r->setQuestionarioIniziato($qi);
  503.                         $r->setDomanda($d);
  504.                         $r->setTipoRisposta($d->getTipoRisposta());
  505.                         $r->setOpzioniRisposta($d->getOpzioniRisposta());     
  506.                         $r->setMultipla($d->isMultipla());
  507.                         $r->setPosizione($posizione);
  508.                         $r->setRisposta("");
  509.                         $r->setCreatedAt(new \DateTimeImmutable("now"));
  510.                         $r->setModifiedAt(new \DateTimeImmutable("now"));
  511.                         $r->setObbligatoria($d->isObbligatoria());
  512.                         $entityManager->persist($r);
  513.                         $posizione++;
  514.                     }     
  515.                 }
  516.                 $entityManager->flush();
  517.                 $risposte $doctrine->getRepository(Risposte::class)->findBy(["questionario_iniziato" => $qi], ["posizione" => "ASC"]);
  518.                 $risp = [];
  519.                 foreach ($risposte as $r) {
  520.                     $risp[$r->getDomanda()->getId()] = $r;
  521.                 }
  522.             }
  523.             return $this->render('webservice/questionario.html.twig', [
  524.                 "qi" => $qi,
  525.                 "domande" => $domande,
  526.                 "risposte" => $risp,
  527.                 "token" => $token1,
  528.                 "signature" => $signature,
  529.                 "message" => $session_message,
  530.             ]);
  531.         } else {
  532.             var_dump($res);
  533.             echo "Error code 380";
  534.             exit();
  535.         }
  536.     }
  537.     #[Route('/webservice/cancelAndBack/{qi}'name'app_webservice_cancelquestionario_andback')]
  538.     public function cancelQuestionarioAndBack(Request $requestManagerRegistry $doctrineQuestionariIniziati $qi): Response
  539.     {
  540.         $entityManager $doctrine->getManager();
  541.         $token1 $request->get("token");
  542.         $signature $request->get("signature");
  543.         $url $request->get("return");
  544.         $res json_decode(base64_decode($token1));
  545.         // controllo se esiste il questionario ( questionario ) con il token passato ( token )
  546.         $q $doctrine->getRepository(Questionari::class)->findOneBy([
  547.             "id" => $res->questionario,
  548.             "token" => $res->token
  549.         ]);
  550.         if ($q) {
  551.             $ambiente $q->getQuestionario()->getAmbiente();
  552.             $secret $ambiente->getApisecret();
  553.             $signature2 hash_hmac("sha256"$token1$secrettrue);
  554.             $signature2 base64_encode($signature2);
  555.             if ($signature != $signature2) {
  556.                 echo "Error code 283";
  557.                 exit();
  558.             }
  559.         }
  560.         $qi->setStatus(-1);
  561.         $qi->setModifiedAt(new \DateTimeImmutable("now"));
  562.         $entityManager->persist($qi);
  563.         $entityManager->flush();
  564.         return $this->redirect($res->return);
  565.     }
  566.     #[Route('/webservice/save/{qi}'name'app_webservice_savequestionario')]
  567.     public function save(Request $requestManagerRegistry $doctrineQuestionariIniziati $qi): Response
  568.     {
  569.         $entityManager $doctrine->getManager();
  570.         $token1 $request->get("token");
  571.         $signature $request->get("signature");
  572.         $url $request->get("return");
  573.         $res json_decode(base64_decode($token1));
  574.         // controllo se esiste il questionario ( questionario ) con il token passato ( token )
  575.         $q $doctrine->getRepository(Questionari::class)->findOneBy([
  576.             "id" => $res->questionario,
  577.             "token"=> $res->token
  578.         ]);
  579.         if ($q) {
  580.             $ambiente $q->getQuestionario()->getAmbiente();
  581.             $secret $ambiente->getApisecret();
  582.             $signature2 hash_hmac("sha256"$token1$secrettrue);
  583.             $signature2 base64_encode($signature2);
  584.             if ($signature != $signature2) {
  585.                 echo "Error code 283";
  586.                 exit();
  587.             }
  588.         }
  589.         
  590.         $domandeObbligatorie = [];
  591.         $domandes $qi->getQuestionario()->getDomandes();
  592.         foreach ($domandes as $d) {
  593.             if ($d->isObbligatoria()) {
  594.                 if ($d->getTipoRisposta() == "linkert5" || $d->getTipoRisposta() == "linkert7" || $d->getTipoRisposta()=="docente"){
  595.                     $domandeObbligatorie[$d->getId()] = [];
  596.                     $argomenti $d->getOpzioniRisposta();
  597.                     $righe explode("\n",$argomenti);
  598.                     foreach($righe as $r){
  599.                         $v explode("#",$r);
  600.                         if($v[0]=="argomenti"){
  601.                             $args explode("|",$v[1]);
  602.                             $i 1;
  603.                             foreach($args as $a){
  604.                                 $domandeObbligatorie[$d->getId()][$i] = 1;
  605.                                 $i++;
  606.                             }
  607.                         }
  608.                     }
  609.                 }
  610.             }
  611.         }
  612.         
  613.         $risposte = [];
  614.         $risposte_complete = [];
  615.         foreach ($_REQUEST as $k => $v) {
  616.             if (stripos($k,"domanda_") !== false) {
  617.                 $d explode("_",$k);
  618.                 $id_domanda $d[1];
  619.                 if (count($d) == 3) {
  620.                     $argomento $d[2];
  621.                 } else {
  622.                     $argomento "";
  623.                 }
  624.                 if (!isset($risposte[$id_domanda])) {
  625.                     $risposte[$id_domanda] = [];
  626.                 }
  627.                 $valore $v;
  628.                 $risposte[$id_domanda][$argomento] = $v;
  629.             }
  630.         }
  631.         
  632.         foreach ($risposte as $id_domanda => $k) {
  633.             $i 1;
  634.             foreach ($risposte[$id_domanda] as $k2 => $v2) {
  635.                 if ($k2 == "") {
  636.                     $risposte_complete[$id_domanda][$k2] = $v2;
  637.                 } else {
  638.                     if ($k2 == $i) {
  639.                         $risposte_complete[$id_domanda][$k2] = $v2;
  640.                     } else {
  641.                         while ($i $k2) {
  642.                             $risposte_complete[$id_domanda][$i] = "";
  643.                             $i++;
  644.                         }
  645.                         $risposte_complete[$id_domanda][$k2] = $v2;
  646.                     }
  647.                 }
  648.                 $i++;
  649.             }
  650.         }
  651.         foreach ($risposte_complete as $domanda => $v) {
  652.             if (isset($domandeObbligatorie[$domanda])) {
  653.                 $d array_diff_key($risposte_complete[$domanda],$domandeObbligatorie[$domanda]);
  654.                 if (count($d) == 0) {
  655.                     unset($domandeObbligatorie[$domanda]);
  656.                 }
  657.             }
  658.         }
  659.         $error 0;
  660.         $message = [];
  661.         $message["Error"] = [];
  662.         $message["Success"] = [];
  663.         if (count($domandeObbligatorie) > 0) {
  664.             $message['Error'][] = 'Tutte le domande obbligatorie devono essere completate. Grazie!';
  665.             $error 1;
  666.         }
  667.         if (!$error) {
  668.             foreach ($risposte_complete as $domanda => $v) {
  669.                 $domanda_ $doctrine->getRepository(Domande::class)->findOneBy(["id" => $domanda]);
  670.                 if ($domanda_) {
  671.                     $risposta $doctrine->getRepository(Risposte::class)->findOneBy([
  672.                         "questionario_iniziato" => $qi,
  673.                         "domanda"=> $domanda_
  674.                     ]);
  675.                     if ($risposta) {
  676.                         $s = [];
  677.                         $posizione "";
  678.                         foreach ($risposte_complete[$domanda] as $posizione => $valore) {
  679.                             if (is_array($valore)) {
  680.                                 $valore implode(","$valore);
  681.                             }
  682.                             $s[] = $posizione ":" $valore;
  683.                         }
  684.                         if (count($s) == && $posizione == "") {
  685.                             $r $risposte_complete[$domanda][$posizione];
  686.                             if (is_array($r)) {
  687.                                 $r implode("|"$r);
  688.                             }
  689.                         } else {
  690.                             $r implode("|"$s);
  691.                         }
  692.                         $risposta->setRisposta($r);
  693.                         $risposta->setModifiedAt(new \DateTimeImmutable("now"));
  694.                         $entityManager->persist($risposta);
  695.                         $qi->setModifiedAt(new \DateTimeImmutable("now"));
  696.                         $entityManager->persist($qi);
  697.                     } else {
  698.                         echo "489";
  699.                         exit();
  700.                     }
  701.                 } else {
  702.                     echo "492";
  703.                     exit();
  704.                 }
  705.             }
  706.             $entityManager->flush();
  707.             $message["Success"][] = "Questionario salvato correttamente";
  708.             $session $this->requestStack->getSession();
  709.             $session->set('token'$token1);
  710.             $session->set('signature'$signature);
  711.             $session->set('message'$message);
  712.             return $this->redirectToRoute("app_webservice_sustainstudentquestionariook", ["qi" => $qi->getId()]);
  713.         }
  714.         $session $this->requestStack->getSession();
  715.         $session->set('token'$token1);
  716.         $session->set('signature'$signature);
  717.         $session->set('message'$message);
  718.         //$foo = $session->get('foo');
  719.         // the second argument is the value returned when the attribute doesn't exist
  720.         //$filters = $session->get('filters', []);
  721.         return $this->redirectToRoute("app_webservice_sustainstudentquestionario");
  722.     }
  723.     #[Route('/webservice/saved/{qi}'name'app_webservice_sustainstudentquestionariook')]
  724.     public function saved(Request $request,ManagerRegistry $doctrine,QuestionariIniziati $qi): Response
  725.     {
  726.         $entityManager $doctrine->getManager();
  727.         $session $this->requestStack->getSession();
  728.         $token1 $session->get("token");
  729.         $signature $session->get("signature");
  730.         $url $qi->getReturnurl();
  731.         $res json_decode(base64_decode($token1));
  732.         // controllo se esiste il questionario ( questionario ) con il token passato ( token )
  733.         $q $doctrine->getRepository(Questionari::class)->findOneBy([
  734.             "id" => $res->questionario,
  735.             "token" => $res->token
  736.         ]);
  737.         if ($q) {
  738.             $ambiente $q->getQuestionario()->getAmbiente();
  739.             $secret $ambiente->getApisecret();
  740.             $signature2 hash_hmac("sha256"$token1$secrettrue);
  741.             $signature2 base64_encode($signature2);
  742.             if($signature!=$signature2){
  743.                 echo "Error code 283";
  744.                 exit();
  745.             }
  746.         }
  747.         $session $this->requestStack->getSession();
  748.         $session->set('token'$token1);
  749.         $session->set('signature'$signature);
  750.         return $this->render('webservice/saved.html.twig', [
  751.             "qi" => $qi
  752.         ]);
  753.     }
  754.     #[Route('/webservice/chiamaallinea/{ambiente}'name'app_webservice_chiama_allinea_ambiente')]
  755.     public function chiamaallinea(Request $requestManagerRegistry $doctrinestring $ambiente ""): Response
  756.     {
  757.         // wget https://questionari.42b.it/webservice/chiamaallinea/partecipa?token=UN49MEURY2vNn6zf --output-document=logAllinea.`date +\%Y\%m\%d-\%H_\%M_\%S`.log
  758.         // da mettere in crontab
  759.         // il token e' definito nel file yaml dell' ambiente, nella cartella conig, assieme a username e password con cui contattare moodle.
  760.         $token $request->get("token");
  761.         $yaml Yaml::parse(file_get_contents('../config/' $ambiente '.yaml'));
  762.         $stored_token $yaml["parameters"]["token"];
  763.         if ($token != $stored_token) {
  764.             return new Response("Token errato");
  765.         }
  766.         $token2 "";
  767.         if (isset($yaml["parameters"]["password"])) {
  768.             $token2 md5(date("Y-m-d H") . " " $ambiente " " $yaml["parameters"]["password"]);
  769.         } else {
  770.             return new Response("File errato");
  771.         }
  772.         // chiamata di fatto interna, ma la faccio come se fosse esterna
  773.         $url "https://questionari.42b.it/webservice/allineaambiente/" $ambiente "?token=" $token2;
  774.         $ch curl_init();
  775.         curl_setopt($chCURLOPT_URL$url);
  776.         curl_setopt($chCURLOPT_HEADERfalse);
  777.         $res curl_exec($ch);
  778.         curl_close($ch);
  779.         return new Response("Ok");
  780.         
  781.     }
  782.     #[Route('/webservice/allineaambiente/{ambiente}'name'app_webservice_allinea_ambiente')]
  783.     public function allinea(Request $requestManagerRegistry $doctrinestring $ambiente ""): Response
  784.     {
  785.         $entityManager $doctrine->getManager();
  786.         $session $this->requestStack->getSession();
  787.         $yaml Yaml::parse(file_get_contents('../config/' $ambiente '.yaml'));
  788.         $token1 md5(date("Y-m-d H") . " " $ambiente " " $yaml["parameters"]["password"]);
  789.         $t $request->get("token");
  790.         if ($ambiente == "") {
  791.             return new Response("manca ambiente");
  792.             
  793.         }
  794.         if ($_SERVER["REMOTE_ADDR"] != "51.77.220.131" && $_SERVER["REMOTE_ADDR"] != "92.246.117.18" && $_SERVER["REMOTE_ADDR"] != "92.246.117.158") {
  795.             return new Response("Non puoi eseguire da qui: " $_SERVER["REMOTE_ADDR"]);
  796.         }
  797.         if ($t != $token1) {
  798.             return new Response("Token errato");
  799.         }
  800.         // se sono qui, posso cominciare ad eseguire
  801.         switch ($ambiente) {
  802.             case "partecipa":
  803.                 $url "https://www.partecipa.eu";
  804.                 break;
  805.             case "cfcs":
  806.                 $url "https://fad.cafoscarichallengeschool.it";
  807.                 break;
  808.             case "safety":
  809.                 $url "https://elearning.headup.it";
  810.                 break;
  811.             default:
  812.                 return new Response("Manca ambiente");
  813.         }
  814.         $username $password "";
  815.         if (isset($yaml) && isset($yaml["parameters"])) {
  816.             $username $yaml["parameters"]["username"];
  817.             $password $yaml["parameters"]["password"];
  818.         }
  819.         if ($username=="" || $password == "") {
  820.             return new Response("mancano credenziali");
  821.         } else {
  822.             $x exec('curl "' $url '/login/token.php?service=moodle_mobile_app" -d "username=' $username '&password=' $password '"');
  823.             $j json_decode($x);
  824.             if (!$j) {
  825.                 return new Response("error 751");
  826.             }
  827.             $token $j->token;
  828.             if ($token) {
  829.                 $utenti = [];
  830.                 $ambiente $doctrine->getRepository(UsersAmbienti::class)
  831.                 ->findOneBy(["url" => $url]);
  832.                 if ($ambiente) {
  833.                     $entityManager $doctrine->getManager();
  834.                     $query $entityManager->createQuery(
  835.                     'SELECT q
  836.                     FROM App\Entity\Questionari q
  837.                     WHERE q.ambiente = :ambiente
  838.                     AND q.corso_id IS NOT NULL
  839.                     ORDER BY q.id ASC'
  840.                     )->setParameter('ambiente'$ambiente->getId());
  841.                     $res $query->getResult();
  842.                     $corsi = [];
  843.                     foreach ($res as $r) {
  844.                         if (!in_array($r->getCorsoId(), $corsi)) {
  845.                             $corsi[] = $r->getCorsoId();
  846.                         }
  847.                     }
  848.                     $utenti = [];
  849.                     if (count($corsi) > 0) {
  850.                         foreach ($corsi as $c) {
  851.                             //$x = exec('curl "https:///www.partecipa.eu/webservice/rest/server.php?wstoken='.$token.'&wsfunction=core_user_get_users_by_field" -d "field=username&values[0]='.$username.'&moodlewsrestformat=json"');
  852.                             $x exec('curl "' $url '/webservice/rest/server.php?wstoken=' $token '&wsfunction=core_enrol_get_enrolled_users" -d "courseid=' $c '&moodlewsrestformat=json"');
  853.                             $j json_decode($x);
  854.                             foreach ($j as $u) {
  855.                                 foreach ($u->roles as $role) {
  856.                                     if ($role->shortname == "manager") {
  857.                                         if (!isset($utenti[$u->email])) {
  858.                                             $utenti[$u->email] = [];
  859.                                         }
  860.                                         $utenti[$u->email][] = $c;
  861.                                     }
  862.                                 }
  863.                             }
  864.                         }
  865.                     }
  866.                 }
  867.                 foreach ($utenti as $k => $v) {
  868.                     $user $doctrine->getRepository(Users::class)
  869.                     ->findOneBy(["email" => $k]);
  870.                     if ($user) {
  871.                         $user->setCorsiMoodle(json_encode($v));
  872.                         $entityManager $doctrine->getManager();
  873.                         $entityManager->persist($user);
  874.                         $entityManager->flush();
  875.                     } else {
  876.                         $u = new Users();
  877.                         $u->setEmail($k);
  878.                         $u->setPassword("emty");
  879.                         $u->setRoles(array("ROLE_MANAGER"));
  880.                         $u->setIsVerified(false);
  881.                         $u->setCorsiMoodle(json_encode($v));
  882.                         $entityManager $doctrine->getManager();
  883.                         $entityManager->persist($u);
  884.                         $entityManager->flush();
  885.                     }
  886.                 }
  887.                 return new Response("");
  888.             } else {
  889.                 return new Response("errore nel token");
  890.             }
  891.         }
  892.     }
  893. }