diff options
author | M.Gergo | 2019-03-08 21:20:34 +0100 |
---|---|---|
committer | M.Gergo | 2019-03-08 21:20:34 +0100 |
commit | f51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0 (patch) | |
tree | e13e60e4b94a3b58f1e2bfbe271102c8f04b67bd /mayor-orig/mayor-base/www/include/base | |
parent | c76a004b0135786f2742283f8d5f917106f58bd8 (diff) | |
download | mayor-f51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0.tar.gz mayor-f51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0.zip |
további rendrakás
Diffstat (limited to 'mayor-orig/mayor-base/www/include/base')
-rw-r--r-- | mayor-orig/mayor-base/www/include/base/base.php | 233 | ||||
-rw-r--r-- | mayor-orig/mayor-base/www/include/base/cache.php | 33 | ||||
-rw-r--r-- | mayor-orig/mayor-base/www/include/base/config.php | 62 | ||||
-rw-r--r-- | mayor-orig/mayor-base/www/include/base/error.php | 44 | ||||
-rw-r--r-- | mayor-orig/mayor-base/www/include/base/log.php | 33 | ||||
-rw-r--r-- | mayor-orig/mayor-base/www/include/base/login.php | 139 | ||||
-rw-r--r-- | mayor-orig/mayor-base/www/include/base/mysql.php | 396 | ||||
-rw-r--r-- | mayor-orig/mayor-base/www/include/base/rights.php | 397 | ||||
-rw-r--r-- | mayor-orig/mayor-base/www/include/base/str.php | 230 | ||||
-rw-r--r-- | mayor-orig/mayor-base/www/include/base/var.php | 134 |
10 files changed, 1701 insertions, 0 deletions
diff --git a/mayor-orig/mayor-base/www/include/base/base.php b/mayor-orig/mayor-base/www/include/base/base.php new file mode 100644 index 00000000..378b31fd --- /dev/null +++ b/mayor-orig/mayor-base/www/include/base/base.php @@ -0,0 +1,233 @@ +<?php +/* + Module: base +*/ + +function isMobile() { + if(preg_match('/(up.browser|up.link|windows ce|iemobile|mmp|symbian|smartphone|midp|wap|phone| vodafone|o2|pocket|mobile|pda|psp)/i',strtolower($_SERVER['HTTP_USER_AGENT']))) + return true; + //if(((strpos(strtolower($_SERVER['HTTP_ACCEPT']),'text/vnd.wap.wml')>0) or (strpos(strtolower($_SERVER['HTTP_ACCEPT']),'application/vnd.wap.xhtml+xml')>0)) or ((((isset($_SERVER['HTTP_X_WAP_PROFILE']) or isset($_SERVER['HTTP_PROFILE']) or isset($_SERVER['X-OperaMini-Features']) or isset($_SERVER['UA-pixels'])))))) + $mobile_ua = strtolower(substr($_SERVER['HTTP_USER_AGENT'],0,4)); + $mobile_agents = array('acs-','alav','alca','amoi','audi','aste','avan','benq' ,'bird','blac','blaz','brew','cell','cldc','cmd-','dang','doco','eric','hipt','inno','ipaq','java' ,'jigs','kddi','keji','leno','lg-c','lg-d','lg-g','lge-','maui','maxo','midp','mits','mmef','mobi','mot-','moto','mwbp','nec-','newt','noki','opwv','palm','pana','pant','pdxg' ,'phil','play','pluc','port','prox','qtek','qwap', 'sage','sams','sany','sch-','sec-','send','seri','sgh-','shar','sie-','siem','smal','smar','sony','sph-','symb','t-mo','teli','tim-','tosh','tsm-','upg1','upsi','vk-v','voda','wap-','wapa','wapi','wapp','wapr','webc','winw','winw' ,'xda','xda-'); + if(in_array($mobile_ua,$mobile_agents)) { + return true; + } +} + +// ------------------------------------------ +// PHP session +// ------------------------------------------ + + session_start(); + +// ------------------------------------------ +// Böngésző azonosítás +// ------------------------------------------ + + if (defined('_ALLOWPDAIDENTIFICATION') && isMobile()) define('_USER_AGENT','ppc'); // inkább ketté kéne bontani [wap,ppc] tartalomra + else + if (strpos($_SERVER['HTTP_USER_AGENT'],'Opera') !== false) define('_USER_AGENT','opera'); + elseif (strpos($_SERVER['HTTP_USER_AGENT'],'Gecko') !== false) define('_USER_AGENT','gecko'); + elseif (strpos($_SERVER['HTTP_USER_AGENT'],'MSIE') !== false) define('_USER_AGENT','msie'); + else define('_USER_AGENT',''); + + if (strstr($_SERVER['HTTP_USER_AGENT'],'iPhone')!=false) define('_USER_AGENT_PLUS','iPhone'); + else define('_USER_AGENT_PLUS',''); + + if (($_SESSION['isMobile']=isMobile())===true) $_SESSION['pageLayout']=1; // patch + +// MaYoR revision konstans definiálása + + if (@file_exists(_LOGDIR.'/revision')) { + $_rf = @fopen(_LOGDIR.'/revision', "r"); + if ($_rf) $rev = @fgets($_rf, 64); + @fclose($_rf); + } else { + //rev missing... + } + define('_MAYORREV',chop($rev)); + unset($rev); + +// ------------------------------------------ +// Default értékek +// ------------------------------------------ + /* + $policy - hozzáférési mód - kötelező + $page - megjelenítendő oldal - kötelező + $sub - aloldal - opcionális + $f - file - kötelező + $lang - az oldal nyelve - kötelező + skin - az oldal témája, "bőre" - kötelező + $action - elvégzendő feladat megjelölésére - opcionális + $_SESSION['alert'] - figyelmeztető üzenet (tömb) - opcionális + */ + + if (($__key = array_search('blue', $SKINS)) !== false) unset($SKINS[$__key]); + if (($__key = array_search('pda', $SKINS)) !== false) unset($SKINS[$__key]); + if ($AUTH['public']['skin'] == 'blue') $AUTH['public']['skin'] = 'classic'; + if ($AUTH['private']['skin'] == 'blue') $AUTH['private']['skin'] = 'classic'; + if ($AUTH['parent']['skin'] == 'blue') $AUTH['parent']['skin'] = 'classic'; + // itt beolvassuk, később még egy szigorítás is van + + if (_RUNLEVEL=='cron') { + $policy = 'private'; + @$page = readVariable($_SERVER['argv'][1],'strictstring'); + @$sub = readVariable($_SERVER['argv'][2],'strictstring'); + @$f = readVariable($_SERVER['argv'][3],'strictstring'); + @$sessionID = "cron"; + } else { + @$policy = readVariable($_REQUEST['policy'],'strictstring',null,$POLICIES); + @$page = readVariable($_REQUEST['page'],'strictstring'); + @$sub = readVariable($_REQUEST['sub'],'strictstring'); + @$f = readVariable($_REQUEST['f'],'strictstring'); + @$sessionID = readVariable($_GET['sessionID'],'hexa'); + } + if ($f == '') { + if ($sub != '') $f = $sub; + elseif ($page != '') $f = $page; + } + @$lang = readVariable($_GET['lang'],'strictstring',null,$LANGUAGES); + if (_RUNLEVEL === 'cron') $skin = 'cron'; + else @$skin = readVariable($_POST['skin'],'strictstring',readVariable($_GET['skin'],'strictstring',null,$SKINS),$SKINS); + @$action = readVariable($_REQUEST['action'],'strictstring',null); + // ++ ha még mindig üres a skin, és pocketpc-ről/pda jövünk (de megengedjük a felülírást) + // if (_USER_AGENT==='ppc' && $skin=='') $skin='pda'; + // ++ + //-- + if (is_array($POLICIES) && !in_array($policy, $POLICIES)) $policy = _DEFAULT_POLICY; + + define('_POLICY', $policy); + + // Miert ne csatolnánk be az összes policy beállítsait? --> config.php + + if ($f=='' && is_array($DEFAULT_PSF[$policy])) extract($DEFAULT_PSF[$policy], EXTR_OVERWRITE); + if (!in_array($lang, $LANGUAGES)) $lang=_DEFAULT_LANG; + // ha a skin még mindig üres, akkor az ellenőrzésnél a default-ot állítjuk be... + if (!@in_array($skin, $SKINS)) $skin = (isset($AUTH[$policy]['skin'])) ? $AUTH[$policy]['skin'] : _DEFAULT_SKIN; + + if (file_exists("lang/$lang/base/base.php")) { + require("lang/$lang/base/base.php"); + } elseif (file_exists('lang/'._DEFAULT_LANG.'/base/base.php')) { + require('lang/'._DEFAULT_LANG.'/base/base.php'); + } + + // A skin-hez tartozó beállátosok.. ha vannak... - ide való? De még a *-pre elé! + if (file_exists(_CONFIGDIR."/skin-$skin/config.php")) { + require(_CONFIGDIR."/skin-$skin/config.php"); + } elseif (file_exists(_CONFIGDIR.'/skin-'._DEFAULT_SKIN.'/config.php')) { + require(_CONFIGDIR.'/skin-'._DEFAULT_SKIN.'/config.php'); + } + +// ----------------------------------------------------------------- +// page() +// ----------------------------------------------------------------- + +function page($page, $sub, $f, $lang, $skin, $policy = _DEFAULT_POLICY) { + + global $_JSON; + if (html_alert($_SESSION['alert'])) { // A figyelmeztető üzenet letilthatja az oldal további megjelenítését. + if ($sub != '') { + $load = "$sub/$f"; + } else { + $load = $f; + } + + // --TEST $API_DICTIONARY['api']['naplo']['orarend']['orarend'] = true; + if ($skin=='api') { + $_JSON['api']['version'] = '1.0'; + if (isset($API_DICTIONARY[$skin][$page][$sub][$f])===false) { // --TODO API_DICTIONARY + return false; + } + } + + if (file_exists("policy/$policy/$page/$load.php")) { + if (file_exists("lang/$lang/module-$page/base.php")) { + require_once("lang/$lang/module-$page/base.php"); + } elseif (file_exists("lang/"._DEFAULT_LANG."/module-$page/base.php")) { + require_once("lang/"._DEFAULT_LANG."/module-$page/base.php"); + } + if (file_exists("lang/$lang/module-$page/$load.php")) { + require_once("lang/$lang/module-$page/$load.php"); + } elseif (file_exists("lang/"._DEFAULT_LANG."/module-$page/$load.php")) { + require_once("lang/"._DEFAULT_LANG."/module-$page/$load.php"); + } + if (file_exists("skin/$skin/module-$page/html/base.phtml")) { + require_once("skin/$skin/module-$page/html/base.phtml"); + } elseif ($skin!=='api' && file_exists("skin/"._DEFAULT_SKIN."/module-$page/html/base.phtml")) { // api esetén nem töltjük be a default skin phtml-t + require_once("skin/"._DEFAULT_SKIN."/module-$page/html/base.phtml"); + } + if (file_exists("skin/$skin/module-$page/html/$load.phtml")) { + require_once("skin/$skin/module-$page/html/$load.phtml"); + } elseif ($skin!=='api' && file_exists("skin/"._DEFAULT_SKIN."/module-$page/html/$load.phtml")) { // api esetén nem töltjük be a default skin phtml-t + require_once("skin/"._DEFAULT_SKIN."/module-$page/html/$load.phtml"); + } + $_JSON['api']['debug'] = serialize($page.$load); + + include("policy/$policy/$page/$load.php"); + } elseif (file_exists("static/$lang/$page/$load.html")) { + include("static/$lang/$page/$load.html"); + } else { + //??? ha már kiírtuk a hibaüzeneteket, újabbat nem írhatunk ki sajnos :( html_alert(array('page:page_missing:'."[$page]:[$sub]:[$f]")); --> rights.php + } + } +} + +function href($href,$get = array('sessionID','lang','skin','policy')) { + + global $sessionID,$lang,$skin,$policy,$page,$sub,$f,$action; + global $SKINS; + if ($href!='') { + if (strpos($href,'?') === false) { + $href .= '?'; + } else { + $href.='&'; + } + for ($i=0;$i<count($get);$i++) { + $par = $get[$i]; + if ($par == 'skin' && $skin == 'ajax') $value = readVariable($_GET['toSkin'],'enum',null,$SKINS); + else $value = $$par; + if (is_array($value)) { // pl. $_SESSION['alert'] + for ($j=0;$j<count($value);$j++) { + $href .= $par.'[]='.$value[$j].'&'; + } + } else { + $href .= "$par=".$value.'&'; + } + } + $href = substr($href,0,-1); + if ($skin == 'pda') $href .= '&rand='.rand(); // PDA hack - mer' a szemétje nem olvassa újra, hiába a fejlécen a sok okos varázslat... :( + $href = str_replace('&','&',str_replace('&','&',$href)); + } + return $href; + +} + +function location($href,$get = array('sessionID','lang','skin','policy')) { + + global $sessionID,$lang,$skin,$policy,$page,$sub,$f,$action; + + if ($href!='') { + if (strpos($href,'?')===false) { + $href.='?'; + } else { + $href.='&'; + } + for ($i=0;$i<count($get);$i++) { + $par = $get[$i]; + if (is_array($$par)) { // pl. $_SESSION['alert'] + for ($j=0;$j<count($$par);$j++) { + $href .= $par.'[]='.${$par}[$j].'&'; + } + } else { + $href .= "$par=".$$par.'&'; + } + } + $href = substr($href,0,-1); + $href = str_replace('&','&',$href); + } + + return $href; + +} + +?> diff --git a/mayor-orig/mayor-base/www/include/base/cache.php b/mayor-orig/mayor-base/www/include/base/cache.php new file mode 100644 index 00000000..3c630581 --- /dev/null +++ b/mayor-orig/mayor-base/www/include/base/cache.php @@ -0,0 +1,33 @@ +<?php +// MaYoR - GPL - author: support@mayor.hu +class mayorCache { + private $DATA = array(); + private $REGISTRY = array(); + public function exists($key) { + return (!is_null($this->DATA[$key])); + } + public function get($key) { + return $this->DATA[$key]; + } + public function set($key,$data, $dataType=null) { + $this->DATA[$key] = $data; + if ($dataType!='') $this->REGISTRY[$dataType][] = $key; + } + public function del($key) { + unset($this->DATA[$key]); + unset($this->REGISTRY[array_search($key,$this->REGISTRY)]); + } + public function flushdb() { + $this->DATA = array(); + $this->REGISTRY = array(); + } + public function delType($dataType) { + $c = count($this->REGISTRY[$dataType]); + for ($i=0; $i<$c; $i++ ) { + $this->del($this->REGISTRY[$dataType][$i]); + } + unset($this->REGISTRY[$dataType]); + } +} +$mayorCache = new mayorCache(); +?>
\ No newline at end of file diff --git a/mayor-orig/mayor-base/www/include/base/config.php b/mayor-orig/mayor-base/www/include/base/config.php new file mode 100644 index 00000000..28f711cb --- /dev/null +++ b/mayor-orig/mayor-base/www/include/base/config.php @@ -0,0 +1,62 @@ +<?php + +if (PHP_SAPI!=='cli') define('_RUNLEVEL','www'); else define('_RUNLEVEL','cron'); + +define('_JSLIB','jquery.min'); + +if (!defined('_LOGLEVEL')) define('_LOGLEVEL',10); + +date_default_timezone_set('Europe/Budapest'); + +if (_RUNLEVEL === 'cron') { + (include("../config/main-config.php")); // csak webrootból futtatható +} else { + if (@file_exists('../config/main-config.php') && @is_readable('../config/main-config.php')==true) { + include("../config/main-config.php"); + } elseif(@file_exists('../config/main-config.php')===false) { + die('FATAL ERROR! Missing '.$_SERVER['DOCUMENT_ROOT'].'/../config/main-config.php'); + } elseif (@is_readable('../config/main-config.php')==false) { + die('FATAL ERROR! Forbidden to read "main-config.php"'); + } else { + die('FATAL ERROR! Unknown error! '.$_SERVER['DOCUMENT_ROOT'].'/../config/main-config.php'); + } + if (defined('_LOCKFILE') && @file_exists(_LOCKFILE)) { + include(_BASEDIR.'/update.php'); + die(); + } +} + +if (!defined('_SECURECOOKIE')) define('_SECURECOOKIE', true); + +define('_BASE_URL',( ($_SERVER['HTTPS']=='on')?"https://".$_SERVER['SERVER_NAME']:"http://".$_SERVER['SERVER_NAME'] )); + +/* classic, blue, ajax + rpc, + cron kiegészítés */ +$SKINS = @array_unique(array_merge($SKINS,array('classic','blue','ajax','rpc','gray','cron','api'))); +$SKINSSHOW = @array_unique(array_merge($SKINSSHOW,array('classic','vakbarat','gray'))); + +if (is_array($POLICIES) && defined('_CONFIGDIR')) { + foreach ($POLICIES as $key => $_policy) { + if (file_exists(_CONFIGDIR."/$_policy-conf.php")) { + @require(_CONFIGDIR."/$_policy-conf.php"); + if (file_exists(_BASEDIR.'/policy/'.$_policy.'/'.$DEFAULT_PSF[$_policy]['page'].'/'.$DEFAULT_PSF[$_policy]['sub'].'/'.$DEFAULT_PSF[$_policy]['f'].'.php') + === false) { + //nincs meg ez a file + $_SESSION['alert'][] = 'info:file_not_found:default page:'.$_policy.':'.implode(' ',$DEFAULT_PSF[$_policy]); + } + } else { + $DEFAULT_PSF[$_policy] = array(); + $_SESSION['alert'][] = 'page:file_not_found:'._CONFIGDIR."/$_policy-conf.php"; + } + } +} else { + $_SESSION['alert'][] = 'page:config_error:nincs POLICIES tömb vagy _CONFIGDIR konstans!'; +} + +if (!defined('__FBCONNECT_ENABLED')) define('__FBCONNECT_ENABLED',false); +if (!defined('__SHOW_FACES_TYPE')) define('__SHOW_FACES_TYPE','circle'); // circle, square, classic + +$VALID_MODULES =array('portal','naplo','auth','jatek','password','session','fenntarto'); +if(is_array($EXTRA_MODULES)) $VALID_MODULES = array_unique(array_merge($VALID_MODULES,$EXTRA_MODULES)); + + +?> diff --git a/mayor-orig/mayor-base/www/include/base/error.php b/mayor-orig/mayor-base/www/include/base/error.php new file mode 100644 index 00000000..e790d65a --- /dev/null +++ b/mayor-orig/mayor-base/www/include/base/error.php @@ -0,0 +1,44 @@ +<?php + + /* Ezen hibákat továbbra is reportoljuk */ + error_reporting(E_ERROR | E_PARSE); + + /* Saját Error Handler */ + function mayorErrorHandler($errno, $errmsg, $filename, $linenum, $vars) { + + $dt = date("Y-m-d H:i:s (T)"); + $errortype = array ( + E_ERROR => 'Error', //1 + E_WARNING => 'Warning', //2 + E_PARSE => 'Parsing Error', //4 + E_NOTICE => 'Notice', //8 + E_CORE_ERROR => 'Core Error', //16 + E_CORE_WARNING => 'Core Warning', //32 + E_COMPILE_ERROR => 'Compile Error', //64 + E_COMPILE_WARNING => 'Compile Warning', //128 + E_USER_ERROR => 'User Error', + E_USER_WARNING => 'User Warning', + E_USER_NOTICE => 'User Notice', // 1024 + E_STRICT => 'Runtime Notice', // 2048 + E_RECOVERABLE_ERROR => 'Catchable Fatal Error', // 4096 + E_ALL => 'ALL', //binary 1111111111111 + ); + $userError = array(E_USER_ERROR, E_USER_WARNING, E_USER_NOTICE); + $trackOnly = array(E_USER_ERROR, E_ERROR, E_USER_WARNING, E_USER_NOTICE, E_WARNING); + if (defined('__TESTERRORREPORTERWARN')) $trackOnly[] = E_NOTICE; + if (in_array($errno,$userError)) { + $err = "$dt $errno ".$errtype[$errno]." $errmsg"; + } elseif (in_array($errno,$trackOnly)) { + $err = "$dt $errno ".$errtype[$errno]." $errmsg $filename $linenum"; + /* if (in_array($errno, $user_errors)) { $err .= " vartrace(" . wddx_serialize_value($vars, "Variables") . ") ";} */ + // if (defined('_LOGDIR')) error_log($err, 0, _LOGDIR.'/phperror.log'); + } + if ($err!='') $_SESSION['alert'][] = 'alert:raw:'._MAYORREV.':'._USERACCOUNT.':'.':'.$err; + return false; + } + + /* Írjuk felül a gyárit */ + $old_error_handler = set_error_handler("mayorErrorHandler"); + //restore_error_handler(); + +?> diff --git a/mayor-orig/mayor-base/www/include/base/log.php b/mayor-orig/mayor-base/www/include/base/log.php new file mode 100644 index 00000000..14e214a9 --- /dev/null +++ b/mayor-orig/mayor-base/www/include/base/log.php @@ -0,0 +1,33 @@ +<?php +/* + Module: base + + function naploz($aCode) + function szamlal($policy,$page) +*/ + define('CLIENTIPADDRESS',_clientIp()); + function _clientIp() { + return ($_SERVER['HTTP_X_FORWARDED_FOR']!='')?$_SERVER['HTTP_X_FORWARDED_FOR']:$_SERVER['REMOTE_ADDR']; + } + + function logLogin($policy, $userAccount, $flag) { //loginLog + $q = "INSERT INTO loginLog (dt,ip,userAccount,policy,flag) VALUES (NOW(),'%s','%s','%s', %u)"; + db_query($q, array('fv' => 'logLogin', 'modul' => 'login', 'values' => array(_clientIp(), $userAccount, $policy, $flag))); + } + + function szamlal($policy, $page) { + $q = "INSERT INTO stat (dt, policy, page) VALUES (NOW(),'%s','%s')"; + db_query($q, array('fv' => 'szamlal', 'modul' => 'login', 'values' => array($policy, $page))); + } + + function mayorLogger($loglevel, $modul, $message, $userAccount='') { + if ($loglevel>_LOGLEVEL) { + $fp = fopen(_LOGDIR.'/'.$modul.'.log','a+'); + if ($fp!=false) { + $msg = date('Y-m-d H:i:s').' '.$userAccount.': '.$message."\n"; + fputs($fp,$msg); + fclose($fp); + } + } + } +?> diff --git a/mayor-orig/mayor-base/www/include/base/login.php b/mayor-orig/mayor-base/www/include/base/login.php new file mode 100644 index 00000000..4624a92a --- /dev/null +++ b/mayor-orig/mayor-base/www/include/base/login.php @@ -0,0 +1,139 @@ +<?php + + if ($sessionMode===2 || $action == 'mayorGlobalLogin' || $action == 'facebooklogin' || $action== 'googleapilogin') { + + $toPolicy = readVariable($_REQUEST['toPolicy'], 'enum', 'private', $POLICIES); + $policyOrderIndex = readVariable($_POST['policyOrderIndex'], 'id', 0); + + $__POLICYORDER[0] = array('private','parent','public'); + $__POLICYORDER[1] = array('private'); + $__POLICYORDER[2] = array('parent'); + $__POLICYORDER[3] = array('public'); + + $toSkin = readVariable($_POST['toSkin'], 'enum', readVariable($_GET['toSkin'], 'enum', null, $SKINSSHOW), $SKINSSHOW); + @list($toPage,$toSub,$toF) = readVariable(explode(':',$_REQUEST['toPSF']), 'strictstring'); + $toPSF = "$toPage:$toSub:$toF"; + // Autentikáció - alapok + $fbAuth = false; + if (file_exists('include/share/auth/base.php')) { + require_once('include/share/auth/base.php'); + } + require_once('include/modules/auth/base/login.php'); + + // lejart session-ok torlese + require_once('include/share/session/close.php'); + closeOldAndIdleSessions(); + + if (__FBCONNECT_ENABLED===true && $action=='facebooklogin') { + if (version_compare(PHP_VERSION, '5.4.0', '<')) { + $_SESSION['alert'][] = 'info::facebook:szerver konfigurációs hiba, legalább 5.4-es php verzió szükséges'; + return false; + } + require_once('include/share/net/facebook.php'); + $FBDATA = mayorFacebookAuth(); // preAuth + if (is_array($FBDATA) && $FBDATA['accessToken']!="") { + $userAccount = $FBDATA['userAccount']; + $fbAuth = true; + } + } elseif (__GOOGLEAPI_ENABLED===true && $action=='googleapilogin') { + if (version_compare(PHP_VERSION, '5.5.0', '<')) { + $_SESSION['alert'][] = 'info::googleapi:szerver konfigurációs hiba, legalább 5.5-ös php verzió szükséges'; + return false; + } + require_once('include/share/net/googleapi.php'); + $GOOGLEAPIDATA = mayorGoogleApiAuth(); // preAuth + if (($GOOGLEAPIDATA) && $GOOGLEAPIDATA['userAccount']!="") { + $userAccount = $GOOGLEAPIDATA['userAccount']; + $googleapiAuth = true; + } + } elseif ($sessionMode===2) { + $MAYORAPIDATA = mayorApiAuth(); + if ($MAYORAPIDATA!==false && $MAYORAPIDATA['userAccount']!="") { + $userAccount = $MAYORAPIDATA['userAccount']; + $toPolicy = $MAYORAPIDATA['toPolicy']; + $mayorapiAuth = true; + } else { + unsetTokenCookies(); // + unregister token + } + } else { + $userPassword = readVariable($_POST['userPassword'], 'string'); + // $userAccount = readVariable($_POST['userAccount'], 'regexp', null, array("^([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$")); + $userAccount = readVariable($_POST['userAccount'], 'userAccount', null); + } + + if (defined('_BOLONDOS') && _BOLONDOS===true) $userAccount = visszafele($userAccount); + if (is_array($AUTH[$toPolicy]['allowOnly']) && !in_array($userAccount,$AUTH[$toPolicy]['allowOnly'])) $userAccount=''; + + if ($sessionID != '') $accountInformation['sessionID'] = $sessionID; + if ($userAccount != '' and ($userPassword != '' or $fbAuth===true or $googleapiAuth===true or $mayorapiAuth === true)) { + + for ($i=0; $i<count($__POLICYORDER[$policyOrderIndex]); $i++) { + $toPolicy=$__POLICYORDER[$policyOrderIndex][$i]; + if (!in_array($AUTH[$toPolicy]['authentication'],array('required','try'))) { + continue;; + } + $accountInformation = array('account' => $userAccount, 'password' => $userPassword, 'policy' => $toPolicy, 'skin'=>$toSkin); + if ($fbAuth===true) { + if ($FBDATA['toPolicy']==$toPolicy) { + $result = _AUTH_SUCCESS; // az authentikációt a mayorFacebookAuth() csinálta + $accountInformation['cn'] = $FBDATA['fbUserCn']; + $accountInformation['mail'] = $FBDATA['fbUserEmail']; + $accountInformation['studyId'] = $FBDATA['studyId']; + } else { + $_SESSION['alert'][] = 'info:A facebook azonosító nincs még összekötve! Először lépj be a MaYoR-ba, és kezdeményezd a facebook connectet!'; + continue;; + } + } elseif ($googleapiAuth===true) { + if ($GOOGLEAPIDATA['toPolicy']==$toPolicy) { + $result = _AUTH_SUCCESS; // az authentikációt a mayorGoogleapiAuth() csinálta + $accountInformation['cn'] = $GOOGLEAPIDATA['googleUserCn']; + $accountInformation['mail'] = $GOOGLEAPIDATA['googleUserEmail']; + $accountInformation['studyId'] = $GOOGLEAPIDATA['studyId']; + } else { + $_SESSION['alert'][] = 'info:A google azonosító nincs még összekötve! Először lépj be a MaYoR-ba, és kezdeményezd!'; + continue;; + } + } elseif ($mayorapiAuth===true) { + if ($MAYORAPIDATA['toPolicy'] == $toPolicy) { + $result = _AUTH_SUCCESS; // az authentikációt a mayorApiAuth() csinálta + $accountInformation['cn'] = $MAYORAPIDATA['userCn']; + // $accountInformation['mail'] = $MAYORAPIDATA['userEmail']; + $accountInformation['studyId'] = $MAYORAPIDATA['studyId']; + } else { + continue;; + } + } else { + $result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy); // ??? toPolicy benne van az AccountInformation-ben!!! Ldap backend only? + } + logLogin($toPolicy, $userAccount, $result); + + define('_MAYORAUTHRESULT',$result); + if ($result === _AUTH_SUCCESS) { + $_SESSION['alert'] = array(); + $sessionID = newSession($accountInformation, $toPolicy); + if ($mayorapiAuth!==true) generateAuthToken(array('userAccount'=>$userAccount, 'policy'=>$toPolicy, 'userCn'=>$accountInformation['cn'], 'studyId'=>$accountInformation['studyId'])); // --TODO untrusted clients + if ($toSkin == '') $toSkin = $skin; + header('Location: '.location("index.php?page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID&policy=$toPolicy&lang=$lang&skin=$toSkin", array('alertOLD'))); + break; + } elseif ($result === _AUTH_EXPIRED) { + $_SESSION['alert'][] = 'message:force_pw_update'; + header('Location: '.location("index.php?policy=public&page=password&f=changeMyPassword&userAccount=".$userAccount."&toPolicy=$toPolicy&skin=$toSkin", array('alertOLD'))); + break; + } elseif ($result === _AUTH_FAILURE_1) { + // nincs ilyen user, megpróbáljuk beauthentikálni parent-tel is. + } elseif ($result >= _AUTH_FAILURE) { + // sikertelen azonosítás - a hibaüzenetet a függvény generálja + // megpróbáljuk beauthentikálni parent-tel is. + break; + } else { + // Ilyen csak hibás függvényműködés esetén lehet: + $_SESSION['alert'][] = "message:default:hibás visszatérési érték:userAuthentication:(".serialize($result).")"; + break; + } + } + } else { + $_SESSION['alert'][] = 'message:empty_field'; + } + } + +?> diff --git a/mayor-orig/mayor-base/www/include/base/mysql.php b/mayor-orig/mayor-base/www/include/base/mysql.php new file mode 100644 index 00000000..b2e22f82 --- /dev/null +++ b/mayor-orig/mayor-base/www/include/base/mysql.php @@ -0,0 +1,396 @@ +<?php + + error_reporting(E_ALL && ~E_NOTICE); +// error_reporting(E_ALL); + + //if (!defined("MYSQLI_ENABLED")) define("MYSQLI_ENABLED",function_exists('mysqli_connect')); + if (!defined("MYSQLI_ENABLED")) define("MYSQLI_ENABLED",false); // egyelőre kikapcsoljuk, mert az Illyés-ben pl egfeküdt a szerver ettől + if (is_array($AUTH)) foreach ($AUTH as $_policy => $config) { + if ($config['backend'] == 'mysql') { + $MYSQL_DATA[$_policy . ' auth'] = array( + 'user' => $config['mysql user'], + 'host' => $config['mysql host'], + 'pw' => $config['mysql pw'], + 'db' => $config['mysql db'], + ); + if ($MYSQL_DATA[$_policy . ' auth']['host']=='') + if ($MYSQL_DATA['host']=='') + $MYSQL_DATA[$_policy . ' auth']['host'] = 'localhost'; + else + $MYSQL_DATA[$_policy . ' auth']['host'] = $MYSQL_DATA['host']; + } + } +//-----------------------------------------------------------------------// + + function db_selectDb($db,$lr) { + if (MYSQLI_ENABLED===true) + return mysqli_select_db($lr,$db); + else + return mysql_select_db($db,$lr); + } + + function db_connect($modul, $SET = array('priv' => null, 'force' => true, 'host'=> null, 'username' => null, 'password' => null, 'db' => null, 'fv' => null)) { + + global $MYSQL_DATA; + + $lr = false; + extract($SET); + if (!isset($force)) $force = true; + if (!isset($priv)) $priv = ''; + + //if ($MYSQL_DATA['persistent']===true) $mysql_connect = 'mysql_pconnect'; else $mysql_connect = 'mysql_connect'; + $mysql_connect = 'mysql_connect'; + /* setting host */ + if (!isset($host)) { + if ($MYSQL_DATA[$modul]['host'.$priv]=='') { + if ($MYSQL_DATA[$modul]['host']=='') { + if ($MYSQL_DATA['host']=='') { + $host = 'localhost'; + } else { + $host = $MYSQL_DATA['host']; + } + } else { + $host = $MYSQL_DATA[$modul]['host']; + } + } else { + $host = $MYSQL_DATA[$modul]['host'.$priv]; + } + } + /* --- */ + if ($priv == 'root') { + if (MYSQLI_ENABLED===true) + $lr = @mysqli_connect($host, $username, $password); // force new ??? + else + $lr = @$mysql_connect($host, $username, $password, $force); + } else { + /* --- */ + if (is_array($MYSQL_DATA[$modul])) { + if (isset($priv) && $priv != '' && isset($MYSQL_DATA[$modul]['user'.$priv])) { // Először megpróbálunk $priv szerinti privilégiummal csatlakozni + if (MYSQLI_ENABLED===true) + $lr = @mysqli_connect($host, $MYSQL_DATA[$modul]['user'.$priv], $MYSQL_DATA[$modul]['pw'.$priv], $MYSQL_DATA[$modul]['db']); + else + $lr = @$mysql_connect($host, $MYSQL_DATA[$modul]['user'.$priv], $MYSQL_DATA[$modul]['pw'.$priv], $force); + } + if ($lr === false) {// Ha nem sikerült, vagy nem volt megadva privilégium, akkor próbáljunk anélkül csatlakozni + if (MYSQLI_ENABLED===true) + $lr = @mysqli_connect($host, $MYSQL_DATA[$modul]['user'], $MYSQL_DATA[$modul]['pw'], $MYSQL_DATA[$modul]['db']); + else + $lr = @$mysql_connect($host, $MYSQL_DATA[$modul]['user'], $MYSQL_DATA[$modul]['pw'], $force); + } + } else { + $_SESSION['alert'][] = "message:sql_failure/${SET['fv']}:db_connect:modul $modul has no config"; + } + } + if ($lr) { + // mysql_set_charset('utf8', $lr); + if ($priv != 'root') $db = $MYSQL_DATA[$modul]['db']; + if ($db != '') { + $result = db_selectDb($db , $lr); + if ($result === true) { + if (MYSQLI_ENABLED===true) { + mysqli_set_charset($lr, "utf8"); + mysqli_query($lr, "SET NAMES utf8"); + mysqli_query($lr, "SET collation_connection='utf8_hungarian_ci'"); + } else { + mysql_query("SET NAMES utf8", $lr); + mysql_query("SET collation_connection='utf8_hungarian_ci'", $lr); + } + } else { + $_SESSION['alert'][] = "message:sql_select_db_failure:db_connect/${SET['fv']}:$modul:".$MYSQL_DATA[$modul]['db']; + mysql_close($lr); + return false; + } + } elseif (!isset($MYSQL_DATA[$modul]['db'])) { + $_SESSION['alert'][] = "message:sql_warning:db_connect/${SET['fv']}:modul $modul has empty database config value"; + } + } else { + if (__DEBUG || (defined('__DETAILED') && __DETAILED)) $_SESSION['alert'][] = "message:sql_connect_failure:db_connect/${SET['fv']}:modul - $modul, priv - $priv, username - $username, db - $db"; + else $_SESSION['alert'][] = "message:sql_connect_failure:db_connect/${SET['fv']}:$modul modul"; + } + return $lr; + + } + + function db_close($lr) { + if ($MYSQL_DATA['persistent']!==true) { + if (MYSQLI_ENABLED===true) + return mysqli_close($lr); + else + return mysql_close($lr); + } else + return true; // not closing; + } + +//-----------------------------------------------------------------------// + + function db_query($q, $SET, $olr = null) { + /* + $SET = array( + 'modul' => '...' + 'fv' => '...' + 'result' => 'indexed'|'assoc'|'multiassoc'|'idonly'|'value'|'record'|'keyvaluepair'|'insert'|'affected rows' + 'keyfield' => '...' (if result in (assoc,multiassoc)) + 'detailed' => true | false (default) (echo the query in error messages) + 'debug' => true | false (default) (echo the query before quering it) + 'rollback' => true | false (default) + 'values' => array(...) (if $q is an sprintf format string) + ); + */ + global $_JSON; + + if (!isset($q) || $q == '') { + $_SESSION['alert'][] = 'message:sql_query_failure:db_query/'.$SET['fv'].':query is empty'; + return false; + } + + if (!isset($SET['result'])) $SET['result'] = ''; + + // Adatbázis csatlakozás (ha szükséges) + if (isset($olr) && $olr != '') { + if (MYSQLI_ENABLED===true) + $mysql_get_server_info = mysqli_get_server_info($olr); + else + $mysql_get_server_info = @mysql_get_server_info($olr); + } + if (isset($olr) && $olr != '' && $mysql_get_server_info !== false) { + $lr = $olr; + } else { + unset($olr); + if (in_array(substr(strtolower($q),0,4), array('sele','show','expl','set ','use '))) $lr = @db_connect($SET['modul'], array('priv' => 'Read', 'fv' => $SET['fv'])); + else $lr = @db_connect($SET['modul'], array('priv' => 'Write', 'fv' => $SET['fv'])); + } + if ($lr === false) { + if ($SET['detailed'] === true || __DETAILED) $_SESSION['alert'][] = 'message:sql_connect_failure:db_query/'.$SET['fv'].':'.$SET['modul'].':'.$q; + else $_SESSION['alert'][] = 'message:sql_connect_failure:db_query/'.$SET['fv']; + return false; + } + + // Ha behelyettesítendő paraméterek vannak + if (isset($SET['values']) && is_array($SET['values']) && count($SET['values']) > 0) { + $SET['values'] = array_map('db_escape_string', $SET['values'], array_fill(0 , count($SET['values']), $lr)); + array_unshift($SET['values'], $q); + $q_pattern = $q; + $q = @call_user_func_array('sprintf', $SET['values']); + if ($q === false) { + $_SESSION['alert'][] = 'message:wrong_data:db_query:behelyettesítés:'.$SET['fv']; + return false; + } + } + if ((isset($SET['debug']) && $SET['debug']===true) || (defined('__DEBUG') && __DEBUG === true)) { + $_q = str_replace(" ",'',$q); + echo '<pre>info:debug:'.htmlspecialchars($SET['modul'].':'.$SET['fv'].':'.date('Y-m-d H:i:s').': '." \n".$_q)."<hr /></pre>"; + if ($_GET['skin'] == 'ajax') $_JSON['sql log'][] = $SET['modul'].':'.$SET['fv'].':'.date('Y-m-d H:i:s').': '." \n".$_q; + if ($_GET['skin'] == 'rpc') { + openlog("MaYoR", LOG_PID | LOG_PERROR, LOG_LOCAL0); + syslog(LOG_WARNING, '[RPC]MySQL: '.(json_encode($SET)).", query: $_q {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})"); + closelog(); + } + } + if ( + ($SET['detailed'] === true || __DETAILED) + && strpos($q_pattern, '%s') !== false + && (strpos($q_pattern, '`%s`') === false && strpos($q_pattern, "'%s'") === false) + ) $_SESSION['alert'][] = 'message:lehet hiba?:db_query/'.$SET['fv'].':'.$SET['modul'].':'.$q_pattern; + + if ($SET['log']===true) mayorLogger(10,'mysql',$q,_USERACCOUNT); + if (MYSQLI_ENABLED===true) + $r = mysqli_query($lr,$q); + else + $r = @mysql_query($q, $lr); + define(MYSQL_LOGGER,false); + if (MYSQL_LOGGER === true) { + $filename = '/tmp/mysql.log'; + $fp = fopen($filename, "a+"); + fputs ($fp, $q."\n"); + fclose ($fp); + } + /* WARNING HANDLER */ +// if ((isset($SET['debug']) && $SET['debug']===true) || (defined('__DEBUG') &&__DEBUG === true) || (defined('__DETAILED') && __DETAILED===true)) { + if ((isset($SET['debug']) && $SET['debug']===true) || (defined('__DEBUG') &&__DEBUG === true)) { + if (MYSQLI_ENABLED===true) + $warningCountResult = mysqli_query($lr,"SELECT @@warning_count"); + else + $warningCountResult = mysql_query("SELECT @@warning_count",$lr); + if ($warningCountResult) { + if (MYSQLI_ENABLED===true) + $warningCount = mysqli_fetch_row($lr,$warningCountResult); + else + $warningCount = mysql_fetch_row($warningCountResult); + if ($warningCount[0] > 0) { + //Have warnings + if (MYSQLI_ENABLED===true) + $warningDetailResult = mysqli_query($lr, "SHOW WARNINGS"); + else + $warningDetailResult = mysql_query("SHOW WARNINGS",$lr); + if ($warningDetailResult ) { + if (MYSQLI_ENABLED===true) + while ($warning = mysqli_fetch_assoc($lr, $warningDetailResult)) {dump($warning); mayorLogger(2,'mysql',$q.' '.$warning,_USERACCOUNT);} + else + while ($warning = mysql_fetch_assoc($warningDetailResult)) {dump($warning); mayorLogger(2,'mysql',$q.' '.$warning,_USERACCOUNT);} + } + }//Else no warnings + } + } + /* WARNING HANDLER */ + if (!$r) { + // if ($SET['detailed'] === true || __DETAILED) $_SESSION['alert'][] = 'message:sql_query_failure:'.$SET['fv'].':'.':'.$q; + if ($SET['detailed'] === true || __DETAILED) { + if (MYSQLI_ENABLED===true) { + $_SESSION['alert'][] = 'message:sql_query_failure:mysqli:'.$SET['fv'].':'.mysqli_error($lr).':'.$q; + } else { + $_SESSION['alert'][] = 'message:sql_query_failure:mysql:'.$SET['fv'].':'.mysql_error($lr).':'.$q; + } + } else { + $_SESSION['alert'][] = 'message:sql_query_failure:'.$SET['fv']; + } + if ($SET['rollback'] === true) db_rollback($lr, $SET['fv']); + if (!isset($olr)) db_close($lr); + return false; + } + + if (MYSQLI_ENABLED === true) { + + if (in_array(substr(strtolower($q),0,4), array('sele','show','expl','(sel'))) { + $RESULT = array(); + switch($SET['result']) { + case 'indexed': + while ($A = mysqli_fetch_assoc($r)) $RESULT[] = $A; + break; + case 'assoc': + while ($A = mysqli_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]] = $A; + break; + case 'multiassoc': + while ($A = mysqli_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]][] = $A; + break; + case 'idonly': + while ($A = mysqli_fetch_row($r)) $RESULT[] = $A[0]; + break; + case 'value': + if (mysqli_num_rows($r) > 0) { + $A = mysqli_fetch_row($r); $RESULT = $A[0]; + } else { $RESULT = null; } + break; + case 'record': + if (mysqli_num_rows($r) > 0) { + $A = mysqli_fetch_assoc($r); $RESULT = $A; + } else { $RESULT = null; } + break; + case 'keyvaluepair': + while ($A = mysqli_fetch_row($r)) $RESULT[$A[0]] = $A[1]; + break; + case 'keyvalues': + while ($A = mysqli_fetch_row($r)) $RESULT[$A[0]][] = $A[1]; + break; + } + } elseif ($SET['result'] == 'insert' && (substr(strtolower($q),0,6) == 'insert' || substr(strtolower($q),0,7) == 'replace')) { + $RESULT = mysqli_insert_id($lr); + mayorLogger(1,'mysql',$q,_USERACCOUNT); + } elseif ($SET['result'] == 'affected rows') { + $RESULT = mysqli_affected_rows($lr); + mayorLogger(1,'mysql',$q,_USERACCOUNT); + } else { // create, insert, de nem olyan resulttal... + $RESULT = $r; + mayorLogger(1,'mysql',$q,_USERACCOUNT); + } + } else { // OLD DRIVER + + if (in_array(substr(strtolower($q),0,4), array('sele','show','expl','(sel'))) { + $RESULT = array(); + switch($SET['result']) { + case 'indexed': + while ($A = mysql_fetch_assoc($r)) $RESULT[] = $A; + break; + case 'assoc': + while ($A = mysql_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]] = $A; + break; + case 'multiassoc': + while ($A = mysql_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]][] = $A; + break; + case 'idonly': + while ($A = mysql_fetch_row($r)) $RESULT[] = $A[0]; + break; + case 'value': + if (mysql_num_rows($r) > 0) { + $A = mysql_fetch_row($r); $RESULT = $A[0]; + } else { $RESULT = null; } + break; + case 'record': + if (mysql_num_rows($r) > 0) { + $A = mysql_fetch_assoc($r); $RESULT = $A; + } else { $RESULT = null; } + break; + case 'keyvaluepair': + while ($A = mysql_fetch_row($r)) $RESULT[$A[0]] = $A[1]; + break; + case 'keyvalues': + while ($A = mysql_fetch_row($r)) $RESULT[$A[0]][] = $A[1]; + break; + } + } elseif ($SET['result'] == 'insert' && (substr(strtolower($q),0,6) == 'insert' || substr(strtolower($q),0,7) == 'replace')) { + $RESULT = mysql_insert_id($lr); + mayorLogger(1,'mysql',$q,_USERACCOUNT); + } elseif ($SET['result'] == 'affected rows') { + $RESULT = mysql_affected_rows($lr); + mayorLogger(1,'mysql',$q,_USERACCOUNT); + } else { // create, insert, de nem olyan resulttal... + $RESULT = $r; + mayorLogger(1,'mysql',$q,_USERACCOUNT); + } + } // DRIVER + + if (!isset($olr)) db_close($lr); + return $RESULT; + + } + +//-----------------------------------------------------------------------// + + function db_start_trans($lr) { + if ($lr != '') + if (MYSQLI_ENABLED === true) + mysqli_query($lr, "START TRANSACTION"); + else + mysql_query("START TRANSACTION", $lr); + } + + function db_commit($lr) { + if ($lr != '') + if (MYSQLI_ENABLED === true) + mysqli_query($lr, "COMMIT"); + else + mysql_query("COMMIT", $lr); + } + + function db_rollback($lr, $msg = '') { + if ($lr != '') { + $_SESSION['alert'][] = 'message:rollback:'.$msg; + if (MYSQLI_ENABLED === true) + mysqli_query($lr, "ROLLBACK"); + else + mysql_query("ROLLBACK", $lr); + } + } + +//---------------------------------------------------------------------// + + function db_escape_string($str, $olr = null) { + + if (isset($olr)) $lr = $olr; + else $lr = db_connect('login'); + + if (!$lr) return false; + + if(get_magic_quotes_gpc()) { + $return = mysql_real_escape_string(stripslashes($str), $lr); + } else { + if (MYSQLI_ENABLED===true) + $return = mysqli_real_escape_string($lr, $str); + else + $return = mysql_real_escape_string($str, $lr); + } + if (!isset($olr)) db_close($lr); + + return $return; + } + +?> diff --git a/mayor-orig/mayor-base/www/include/base/rights.php b/mayor-orig/mayor-base/www/include/base/rights.php new file mode 100644 index 00000000..dc6b7aa7 --- /dev/null +++ b/mayor-orig/mayor-base/www/include/base/rights.php @@ -0,0 +1,397 @@ +<?php + +// --TODO-- ez nem ide való! +require_once('include/modules/auth/base/token.php'); + + +/* + Module: base + + validUser($sessionID,$policy,$skin='',$lang='') + + - ellenőrizzük a $page, $sub, $f formai helyességét + - validUser - ellenőrzi, hogy be vagyunk-e jelentkezve, beállítja a konstansokst, ha kell elküld az auth oldalra + - validUser esetén a session kezelő fv-ek csatolása (backend függő) + - a module, psf include fájlainak és a pre fájlnak a csatolása + + A validUser fv két funkciót lát el egyszerre (ellenőriz, és konstans beállít). + A konstansokat (pl. _SESSIONID) csak az aktuális policy-re állítjuk, a toPolicyra nem. + A validUser figyelembe veszi a _SESSION_MAX_IDLE_TIME konstans értékét: ha az activity+_SESSION_MAX_IDLE_TIME már elmúlt - akkor elutasít, + különben az aktivity értékét frissíti. + + a '_POLICY'-t a base.php-ben definiáljuk. + +*/ +function sessionHash($algo='ripemd160', $hashThis='') +{ + if ($hashThis=='') $hashThis = uniqid(rand(), true); + if (!in_array($algo,hash_algos())) $algo = 'sha1'; + $sessionID = substr( hash($algo, $hashThis), 0, 40 ); // 40: sha1, ripem160 + return $sessionID; +} + +if(!function_exists('hash_equals')) { // lásd még str + function hash_equals($str1, $str2) { + if(strlen($str1) != strlen($str2)) { + return false; + } else { + $res = $str1 ^ $str2; + $ret = 0; + for($i = strlen($res) - 1; $i >= 0; $i--) $ret |= ord($res[$i]); + return !$ret; + } + } +} + + +function sessionCookieEncode($sessionID,$now,$extra='') +{ + if ($extra=='') $extra = uniqid(rand(), true); + $extraHash=sessionHash('ripemd160',$extra); + $pwHash = sessionHash('ripemd160',uniqid(rand(), true)); + $value = base64_encode(strtotime($now).'g'.$extraHash.'g'.$pwHash); + return array('name'=>($sessionID), 'value'=>$value, 'store'=> $extraHash, 'pwHash'=>$pwHash); +} + +function sessionCookieDecode($sessionID) +{ + return explode('g',base64_decode($_COOKIE[($sessionID)])); +} + +function pseudoTokenGenerator() { + + if (function_exists('openssl_random_pseudo_bytes')) + $token = bin2hex(openssl_random_pseudo_bytes(32)); + else + $token = bin2hex(sessionHash()); + return $token; +} + +###################################################################### +# Azonosított user ellenőrzése a session tábla alapján +###################################################################### + +function validUser($sessionID,$policy,$skin='',$lang='') { + global $page; + if (_RUNLEVEL === 'cron') { + define('_USERPASSWORD','MaYoR-cron'); + define('_USERACCOUNT','MaYoR-cron'); + define('_USERCN','MaYoR-cron User'); + define('_STUDYID',''); + define('_LANG',$lang); + define('_SESSIONID','cron'); + return true; + } + +// if ($sessionID == '' || $MAYORAPIAUTH['valid']!==true) { + if ($sessionID == '') { + $MAYORAPIAUTH = mayorApiAuth(); // van-e hosszulejáratu session-je + if ($policy == _POLICY && $MAYORAPIAUTH['valid']!==true) { + define('_USERPASSWORD',''); + define('_USERACCOUNT',''); + define('_USERCN',''); + define('_STUDYID',''); + define('_LANG',$lang); + define('_SESSIONID',''); + } + return false; + } else { + + $lr = db_connect('login', array('fv' => 'validUser')); + + if ($lr === false) die('A keretrendeszer adatbázisa nem érhető el! (validUser)'); + // ha nem tudta beállítani a sütit, akkor az $_sc üres lesz így a dt feltétel 1970-01-01, ami nem gond. + list($_sessionDt,$_sessionCookie,$_sessionPwHash) = sessionCookieDecode($sessionID); + $query = "SELECT userAccount, userCn, studyId, aes_decrypt(userPassword, '%s'), skin, lang, activity, dt + FROM session WHERE sessionID='%s' AND policy='%s'"; // [SECURITY-002] quickfix from marton.drotos@sztaki.hu + + if (defined('_SESSION_MAX_IDLE_TIME') and _SESSION_MAX_IDLE_TIME != 0) $query .= " AND activity + INTERVAL "._SESSION_MAX_IDLE_TIME." HOUR > NOW()"; + + $query .= " AND dt='".date('Y-m-d H:i:s', (($_sessionDt=="")?null:$_sessionDt) )."'"; + $query .= " AND sessionCookie='%s'"; + + $ret = db_query($query, array('fv' => 'validUser', 'modul' => 'login', 'result' => 'indexed', 'values' => array($_sessionPwHash, $sessionID, $policy, $_sessionCookie)), $lr); + $num = count($ret); + $sessionMode = 1; + + // ha nincs találat, nézzük meg, van-e a kliensnek hosszú lejáratú tokenje, kivéve, ha ... + if ($num !== 1 && $page!='password') { + $MAYORAPIAUTH = mayorApiAuth(); + if ($MAYORAPIAUTH['valid'] === true) { + global $sessionMode; + $sessionMode = 2; + // reauth AS: + $toPolicy = $MAYORAPIAUTH['policy']; + $userAccount = $MAYORAPIAUTH['userAccount']; + $userCn = $MAYORAPIAUTH['userCn']; + $studyId = $MAYORAPIAUTH['studyId']; + $userPassword = ''; + $lang = _DEFAULT_LANG; + } else { + unsetTokenCookies(); + } + } // --token vizsgálat vége + + if ($num == 1) { + + if ($sessionMode == 1) list($userAccount, $userCn, $studyId, $userPassword, $savedSkin, $lang, $activity, $dt) = array_values($ret[0]); + global $SKINS; + if (_USER_AGENT!=='ppc' && @in_array($savedSkin,$SKINS) ) $skin=$savedSkin; + if ($policy == _POLICY) { + define('_USERACCOUNT',$userAccount); + define('_USERCN',$userCn); + define('_STUDYID',$studyId); + define('_USERPASSWORD',$userPassword); +// define('_SKIN',$skin); + define('_LANG',$lang); + define('_SESSIONID',$sessionID); + } + + // Aktivitás figyelése! // hopp, nem biztos, hogy van session! + $query = "UPDATE session SET activity = NOW() WHERE sessionID = '%s'"; + db_query($query, array('fv' => 'validUser', 'modul' => 'login', 'values' => array($sessionID)), $lr); + db_close($lr); + return true; + + } else { + + if ($policy == _POLICY) { + define('_USERPASSWORD',''); + define('_USERACCOUNT',''); + define('_USERCN',''); + define('_STUDYID',''); +// define('_SKIN',$skin); + define('_LANG',$lang); + define('_SESSIONID',''); + } + db_close($lr); + if ($num > 1) $_SESSION['alert'][] = 'message:multi_session'; + if ($_sessionDt==="") define('_NOCOOKIE',true); // beállítjuk, hogy üzenni tudjunk + + return false; + + } + + } + +} + +//=================================================================================================================================== +// ------------------------------------------ +// debug üzenetek tárolása - a $_DEBUG változóba kerül midnen +// ------------------------------------------ + if (_RUNLEVEL!=='cron') ob_start(); + +// ------------------------------------------ +// a $page, $sub és $f csak a-z betűvel kezdődhet, utána pedig csak (a-z, /_-). $page és $f nem lehet üres +// ------------------------------------------ + + if ( + (preg_match('#^([a-z]|[A-Z])([0-9]|[a-z]|[A-Z]|/|_|-)*$#', $page) == false) OR + ($sub != '' AND preg_match('#^([a-z]|[A-Z])([0-9]|[a-z]|[A-Z]|/|_|-)*$#', $sub) == false) OR + (preg_match('#^([0-9]|[a-z]|[A-Z]|_|-)*$#', $f) == false) + ) { + $_SESSION['alert'][] = 'page:wrong_page:'; + $RIGHTS_OK = false; + } else { + $RIGHTS_OK = true; + } + +// ------------------------------------------ +// Security Check: $policy szerinti ellenőrzés +// ------------------------------------------ + + // A validUser (session.php) beállítja az alapvető session konstansokat is + if ( !validUser($sessionID,$policy,$skin,$lang) ) { + if ($AUTH[$policy]['authentication'] == 'required') { + if (defined('_NOCOOKIE')) $_SESSION['alert'][] = 'message:cookie';//$extendAlert='alert[]=message:cookie&'; + $_SESSION['alert'][]='message:auth_failure:'._CONTROL_FLAG_REQUIRED; + header('Location: index.php?policy=public&page=auth&f=login&toPolicy='.$policy."&toPSF=$page:$sub:$f&sessionID=$sessionID"); + die(); + } else { + // Hibás, vagy nem létező sessionID esetének kezelése - ha nem kötelező a sessionID --> nem csinálunk semmit (lehet egy másik policy-ben valid + } + + } + if (file_exists('include/share/session/base.php')) { + // A session kezeléshez szükséges backend függő függvények pl. memberOf + require('include/share/session/base.php'); + + } + // Remote Protocol Call (MaYoR) + if ($skin=='rpc') { + define('_RPC',true); + require_once('include/share/ssl/ssl.php'); + try + { + $_RPC['senderNodeId'] = $senderNodeId = readVariable($_POST['senderNodeId'],'strictstring',0); + $RPC = new Interconnect(); + $RPC->setRequestTarget('controller'); // A remoteHost lekérdezéshez kellhet + $RPC->setRemoteHostByNodeId($_RPC['senderNodeId']); + $RPC->processRequest(); // vélhetően van request + $_RPC['request'] = $RPC->getIncomingRequest(); + } + catch (Exception $e) + { + //$func=''; + //$DATA = array('error'=>$e->getMessage()); + } + } else { define('_RPC',false); } + // Interconnect end + + define('_RIGHTS_OK',$RIGHTS_OK); + + /* XSRF2 */ + define('__SALTNAME','MS_'.sha1($page.'_'.$sub.'_'.$f)); + define('__SALTVALUE',sessionHash()); + // mtoken + if (empty($_SESSION['mayorToken'])) { + $_SESSION['mayorToken'] = pseudoTokenGenerator(); + } + if (count($_POST)>0) { + if (!empty($_POST['mayorToken'])) { + if (hash_equals($_SESSION['mayorToken'], $_POST['mayorToken'])) { + // OK, token regenerálás + visszakuldjuk az ETAG-ben + $_SESSION['mayorToken'] = pseudoTokenGenerator(); + } else { + if ($_POST['action']!='') { /* Ha nincs action formváltozó, nincs szükség hibaüzenetre, a form nem módosít, de most... */ + $_SESSION['alert'][] = 'message:not_valid_form:pnu2'; + $_JSON['result'] = false; + } + unset($_POST['action']); + unset($action); + } + } else { // klasszikus ellenőrzés, fallback + echo 'FATAL ERROR 696'; + die(); + /* + // $_JSON['result'] = false; // ITT gátolhatjuk a működést + if ($_COOKIE[__SALTNAME]=='') { // a session átállásig - ez semmitől nem véd, adott nevű sütit generálni bárki tud + $_SESSION['alert'][] = 'message:not_valid_form:no cookie'.$_SESSION[__SALTNAME]; + $_JSON['result'] = false; + unset($_POST['action']); + unset($action); + } elseif (!is_null($_COOKIE[__SALTNAME]) && ($_COOKIE[__SALTNAME] == $_POST[__SALTNAME])) { + // rendben + } else { + if ($_POST['action']!='') { // Ha nincs action formváltozó, nincs szükség hibaüzenetre, a form nem módosít + $_SESSION['alert'][] = 'message:not_valid_form'; + $_JSON['result'] = false; + } + unset($_POST['action']); + unset($action); + } + */ + } // END DEPRECATED BLOCK + } + // eredeti post kezelés + ETAG prevent cache + if (($_SERVER['HTTPS']!=='on') || (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER']!='' && substr($_SERVER['HTTP_REFERER'],4,1)!=='s')) $_ssl = false; else $_ssl=true; + +//4400 if (@setcookie('xxxDEPRECATEDxxx_'.__SALTNAME,__SALTVALUE,time()+60*60*_SESSION_MAX_IDLE_TIME,'/','',$_ssl, true) == false) { +//4400 $_SESSION['alert'][] = 'message:no_cookie:unabletoset'; +//4400 } + + + /* /XSRF2 previous revision: r4138 */ + + // betöltjük az össes config-ot... (lásd még widgets) + try { + $_dirlist = scandir(_CONFIGDIR); + for ($i=0; $i<count($_dirlist); $i++) { + $_dir = $_dirlist[$i]; + if (is_dir(_CONFIGDIR.'/'.$_dir) && substr($_dir,0,7)=='module-') { + $_configFile = _CONFIGDIR . "/".$_dir.'/config.php'; + list($_rest,$_module) = explode('-',$_dir); + if (in_array($_module,$VALID_MODULES)) { + $_loadModule[] = $_module; + if (file_exists($_configFile)) { + require_once($_configFile); + } + } + } + } + } catch (Exception $e) { + $_SESSION['alert'][] = 'info:config hiba:'.$e->getMessage(); + } + // ha betöltenénk az ÖSSZES modul include-jait, akkor be kéne mindent tölteni kb. ugyhogy ezt hagyjuk + if ($dh_all = @opendir("include/widgets/")) { + $includes = array(); + while (($_file = readdir($dh_all)) !== false) { + if (substr($_file,-4) == '.php') $includes[] = $_file; + } + closedir($dh_all); + sort($includes); + for ($i = 0; $i < count($includes); $i++) { + require_once("include/widgets/".$includes[$i]); + } + } + unset($file); + /* ---- */ + if (!in_array($page,$_loadModule)) $_loadModule[] = $page; + for ($i=0; $i<count($_loadModule); $i++) { + $_module = $_loadModule[$i]; + if (in_array($_module,$VALID_MODULES)) { + if ($dh = @opendir("include/modules/$_module/base")) { + $includes = array(); + while (($file = readdir($dh)) !== false) { + if (substr($file,-4) == '.php') $includes[] = $file; + } + closedir($dh); + sort($includes); + for ($j = 0; $j < count($includes); $j++) { + require_once("include/modules/$_module/base/".$includes[$j]); + } + } + } + } + unset($file); + /* ---- */ + + + $skinFile = _CONFIGDIR."/skin-$skin/$page-config.php"; + if ($sub == '') { + $includeFile = "include/modules/$page/$f.php"; + $preFile = "policy/$policy/$page/$f-pre.php"; + $pageFile = "policy/$policy/$page/$f.php"; + $staticFile = "static/$lang/$page/$f.html"; + } else { + $includeFile = "include/modules/$page/$sub/$f.php"; + $preFile = "policy/$policy/$page/$sub/$f-pre.php"; + $pageFile = "policy/$policy/$page/$sub/$f.php"; + $staticFile = "static/$lang/$page/$sub/$f.html"; + } + if (!file_exists($preFile) && !file_exists($pageFile) && !file_exists($staticFile)) + $_SESSION['alert'][] = 'page:page_missing:'.$page.'-'.$sub.'-'.$f; + /* DEFAULTS zcheck() */ + if (defined('_ENABLE_IFRAME_EMBEDING')) + define('_ENABLE_IFRAME_EMBEDDING',_ENABLE_IFRAME_EMBEDING); + elseif (!defined('_ENABLE_IFRAME_EMBEDDING')) + define('_ENABLE_IFRAME_EMBEDDING',false); + + if (!defined('__MAX_MENU')) define('__MAX_MENU',7); + + if (!defined('__SUPPORT_EMAIL_ADDRESS')) { + if (!defined('__EMAIL_ENABLED')) define('__EMAIL_ENABLED',false); + } elseif (!defined('__SUPPORT_EMAIL_NAME')) { + define('__SUPPORT_EMAIL_NAME',_SITE.' support'); + if (!defined('__EMAIL_ENABLED')) define('__EMAIL_ENABLED',true); + } else { + if (!defined('__EMAIL_ENABLED')) define('__EMAIL_ENABLED',true); + } + // --------- + //Breadcrumb + if (count($_SESSION['breadcrumb'])>10) array_shift($_SESSION['breadcrumb']); + $_SESSION['breadcrumb'][] = array('page'=>"$page",'sub'=>"$sub",'f'=>"$f"); + // --------- + if (file_exists($includeFile)) require($includeFile); + if (file_exists($skinFile)) require($skinFile); + if (file_exists($preFile)) include($preFile); + +// --------------------------------------- +// debug üzenetek tárolásának vége +// --------------------------------------- + $_DEBUG = ob_get_contents(); + ob_end_clean(); + + +?>
\ No newline at end of file diff --git a/mayor-orig/mayor-base/www/include/base/str.php b/mayor-orig/mayor-base/www/include/base/str.php new file mode 100644 index 00000000..5c5a7c07 --- /dev/null +++ b/mayor-orig/mayor-base/www/include/base/str.php @@ -0,0 +1,230 @@ +<?php +/* + Module: base + + function kisbetus($str) + function nagybetus($str) + function ekezettelen($str) + function utf8_to_iso88592($str) + function iso88592_to_utf8($str) + function str_cmp($a,$b) +*/ + +mb_internal_encoding("UTF-8"); + +// ------------------------------------------------------------------- +// Kisbetűssé konvertálás (a magyar ékezetes karaktereket is) +// ------------------------------------------------------------------- + +function kisbetus($str) { + $str = strtolower(mb_convert_encoding($str, 'ISO-8859-2', 'UTF-8')); + $str = strtr($str, "", ""); + $str = mb_convert_encoding($str, 'UTF-8', 'ISO-8859-2'); + return $str; +} + +// ------------------------------------------------------------------- +// Nagybetűssé konvertálás (a magyar ékezetes karaktereket is) +// ------------------------------------------------------------------- + +function nagybetus($str) { + $str = strtoupper(mb_convert_encoding($str, 'ISO-8859-2', 'UTF-8')); + $str = strtr($str, "", ""); + $str = mb_convert_encoding($str, 'UTF-8', 'ISO-8859-2'); + return $str; +} + +// ------------------------------------------------------------------- +// Ékezettelenné konvertálás (UTF-8 --> Lat2 --> ékezettelen) +// ------------------------------------------------------------------- + +function ekezettelen($str) { + return strtr(mb_convert_encoding($str, 'ISO-8859-2', 'UTF-8'), '', 'aaeiooouuuAAEIOOOUUU'); +} + +/* +// --------------------------------------------------------------------------- +// +// UTF8 <--> ISO88592 váltás +// +// --------------------------------------------------------------------------- + +function UTF8_to_ISO88592($str) { + + return mb_convert_encoding($str,'ISO-8859-2','UTF-8'); + +} + +function ISO88592_to_UTF8($str) { + + return mb_convert_encoding($str,'UTF-8','ISO-8859-2'); + +} +*/ + +// --------------------------------------------------------------------------- +// +// Két string összehasonlítása a magyar ABC szerint ($a < $b => -1) +// +// --------------------------------------------------------------------------- + +function str_cmp($a,$b) { + + $ABC = Array('a'=>1, + ''=>1, + ''=>1, + 'b'=>3, + 'c'=>4, + 'd'=>5, + 'e'=>6, + ''=>7, + 'f'=>8, + 'g'=>9, + 'h'=>10, + 'i'=>11, + ''=>12, + 'j'=>13, + 'k'=>14, + 'l'=>15, + 'm'=>16, + 'n'=>17, + 'o'=>18, + ''=>18, + ''=>20, + ''=>20, + 'p'=>22, + 'q'=>23, + 'q'=>24, + 'r'=>25, + 's'=>26, + 't'=>27, + 'u'=>28, + ''=>28, + ''=>30, + ''=>30, + 'v'=>32, + 'x'=>33, + 'w'=>34, + 'y'=>35, + 'z'=>36 + ); + + $a = kisbetus(mb_convert_encoding($a,'ISO-8859-2','UTF-8')); + $b = kisbetus(mb_convert_encoding($b,'ISO-8859-2','UTF-8')); + + if ($a==$b) return 0; + + $i=0; + while( $i<strlen($a) && $i<strlen($b) && $a[$i]==$b[$i]) { + $i++; + } + + if ($i==strlen($a) && $i<strlen($b)) { + return 1; + } elseif ($i==strlen($b) && $i<strlen($a)) { + return -1; + } elseif ($ABC[$a[$i]] < $ABC[$b[$i]]) { + return -1; + } else { + return 1; + } +} + + function decimal_to_roman($number) { + $roman = ''; + while ($number >= 1000) { $roman .= "M"; $number = $number -1000; } + while ($number >= 900) { $roman .= "CM"; $number = $number -900; } + while ($number >= 500) { $roman .= "D"; $number = $number -500; } + while ($number >= 400) { $roman .= "CD"; $number = $number -400; } + while ($number >= 100) { $roman .= "C"; $number = $number -100; } + while ($number >= 90) { $roman .= "XC"; $number = $number -90; } + while ($number >= 50) { $roman .= "L"; $number = $number -50; } + while ($number >= 40) { $roman .= "XL"; $number = $number -40; } + while ($number >= 10) { $roman .= "X"; $number = $number -10; } + while ($number >= 9) { $roman .= "IX"; $number = $number -9; } + while ($number >= 5) { $roman .= "V"; $number = $number -5; } + while ($number >= 4) { $roman .= "IV"; $number = $number -4; } + while ($number >= 1) { $roman .= "I"; $number = $number -1; } + return $roman; + } + + function visszafele($e) {$b='';for($i=0; $i<mb_strlen($e,'utf-8'); $i++) $b = mb_substr($e,$i,1).$b; return $b;} + + function mayor_array_join ($a='') { + $ARGS = func_get_args(); + $x = array(); + for ($i=0;$i<count($ARGS);$i++) { + $a = $ARGS[$i]; + if (is_array($a)) foreach($a as $v) $x[] = $v; elseif ($a!='') $x[] = $a; + } + return $x; + } + + if(!function_exists('hash_equals')) { + function hash_equals($str1, $str2) { + if(strlen($str1) != strlen($str2)) { + return false; + } else { + $res = $str1 ^ $str2; + $ret = 0; + for($i = strlen($res) - 1; $i >= 0; $i--) $ret |= ord($res[$i]); + return !$ret; + } + } + } + + if ( !function_exists( 'hex2bin' ) ) { + function hex2bin( $str ) { + $sbin = ""; + $len = strlen( $str ); + for ( $i = 0; $i < $len; $i += 2 ) { + $sbin .= pack( "H*", substr( $str, $i, 2 ) ); + } + return $sbin; + } + } + + function makeLinksClickable($text){ + $pattern[] = '/(\S+@\S+\.\S+)/'; + $replace[] = '<a href="mailto:$1">$1</a>'; + $pattern[] = '!(((f|ht)tp(s)?://)[-a-zA-Zа-яА-Я()0-9@:%_+.~#?&;//=]+)!i'; +// $replace[] = '<a href="$1" target="_blank">$1</a> <a href="$1" target="_blank"><span class="icon-circle-arrow-right"></span></a>'; + $replace[] = '<a href="$1" target="_blank">[LINK]</a>'; + return preg_replace($pattern, $replace, $text); + } + function supertext($txt) { + $r = $txt; + $r = htmlspecialchars($r); + $pattern[]='/@diakId:(\d+)/'; + $pattern[]='/@tanarId:(\d+)/'; + $pattern[]='/@tankorId:(\d+)/'; + //$pattern[]='/@osztalyId:(\d+)/'; + $replacement[]='<b><span class="diakNev icon-child" data-diakid="${1}"></span></b>'; + $replacement[]='<b><span class="tanarNev icon-adult" data-tanarid="${1}"></span></b>'; + $replacement[]='<b><span class="tankorAdat" data-tankorid="${1}">[tankör adatok]</span></b>'; + //$replacement[]='<b><span class="osztalyAdat" data-osztalyid="${1}">[osztály adatok]</span></b>'; + $r = preg_replace($pattern,$replacement,$r); + return $r; + } + + + require_once('include/share/date/names.php'); + function superdate($datetime) { + global $aHetNapjai; + $stamp = strtotime($datetime); + $date = date('Y-m-d',$stamp); + $dow = date('N',$stamp); + $Hi = date('H:i',$stamp); + if ($Hi == '00:00') $Hi = ''; + if ($stamp<=strtotime('-6 day')) { + return date('Y.m.d.', $stamp).' '.$Hi; + } elseif ($date==date('Y-m-d')) { + return 'Ma '.$Hi; + } elseif ($dow>date('N')) { + return 'Múlt hét '.kisbetus($aHetNapjai[$dow-1]).' '.$Hi; + } else { + return $aHetNapjai[$dow-1].' '.$Hi; + } + } + +?> diff --git a/mayor-orig/mayor-base/www/include/base/var.php b/mayor-orig/mayor-base/www/include/base/var.php new file mode 100644 index 00000000..3068fbc6 --- /dev/null +++ b/mayor-orig/mayor-base/www/include/base/var.php @@ -0,0 +1,134 @@ +<?php + /* + Példa: + $szuletesiEv = readVariable($_POST['sze'], 'numeric unsigned', null, array(), '1900<$return && $return<2100'); + */ + function readVariable( $IN, $type = '', $default = null, $allowOnly = array(), $condition = null ) { + + if (is_array($IN)) { + $return = array(); + for ($i = 0; $i < count($IN); $i++) { + $_var = readVariable($IN[$i], $type, $default, $allowOnly, $condition); + if (isset($_var)) $return[] = $_var; + } + } else { + switch ($type) { + case 'numeric': + $return = (isset($IN) && is_numeric($IN)) ? intval($IN) : $default; + break; + case 'id': + case 'numeric unsigned': + $return = (isset($IN) && is_numeric($IN) && $IN >= 0) ? intval($IN) : $default; + break; + case 'float': + $return = (isset($IN) && is_numeric($IN)) ? floatval($IN) : $default; + break; + case 'float unsigned': + $return = (isset($IN) && is_numeric($IN) && $IN >= 0) ? floatval($IN) : $default; + break; + case 'datetime': + $return = (isset($IN) && $IN != '' && strtotime($IN) !== false && strtotime($IN) > 0) ? $IN : $default; + break; + case 'date': + $return = (isset($IN) && $IN != '' && strtotime($IN) !== false && strtotime($IN) > 0) ? date('Y-m-d',strtotime($IN)) : $default; + break; + case 'enum': + case 'emptystringnull': + case 'string': + if(get_magic_quotes_gpc()) $IN = stripslashes($IN); // -- DEPRECATED (mindig false) + $return = (isset($IN) && $IN != '') ? $IN : $default; + break; + case 'notempty': + $return = (isset($IN) && $IN != '') ? true : false; + break; + case 'bool': + // Ha nincs beállítva, akkor mindenképp true lenne így: + // $return = (isset($IN) && ($IN === 'false' || !$IN)) ? false : true; + $return = (isset($IN)) ? (($IN === 'false' || !$IN)? false : true) : $default; + break; + case 'strictstring': + $return = (isset($IN)) ? preg_replace("/[^a-zA-Z0-9_\-]/i",'',$IN) : $default; + break; + case 'html': + $return = (isset($IN)) ? preg_replace("/[^a-zA-Z0-9\ \.\,?_|:;űáéúőóüöíŰÁÉÚŐÓÜÖÍ\-]/i",'',$IN) : $default; + break; + case 'hexa': + $return = preg_replace("/[^0-9a-fA-F]/i",'',$IN); + break; + case 'number': + $return = preg_replace("/[^0-9]/",'',$IN); + break; + case 'sql': + $return = db_escape_string($IN); + if ($return === false) $return = $default; + break; + case 'path': + $return = ( preg_match('#^([a-z]|[A-Z]|[0-9])([0-9]|[a-z]|[A-Z]|/|_|-)*$#', $IN ) != false ) ? $IN : $default; + break; + case 'regexp': + $return = ( preg_match( "#$allowOnly[0]#", $IN ) == 1 ) ? $IN : $default; + break; + case 'regreplace': + $return = preg_replace( '#'.$allowOnly[0].'#i', '', $IN ); + break; + case 'mail': + case 'email': + $return = filter_var($IN, FILTER_VALIDATE_EMAIL); + break; + case 'userAccount': + $return = (preg_match("#([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$#", $IN) != false) ? $IN : $default; + break; + default: + $return = $IN; + $_SESSION['alert'][] = 'message:unknown_type:'.$type.':readVariable'; + break; + } + if ($return !== $default && !in_array($type,array('regexp','regreplace')) && count($allowOnly) > 0) $return = (in_array($return, $allowOnly)) ? $return : $default; + if (isset($condition) && $return != $default) $return = (eval("return $condition;")) ? $return : $default; + } + + return $return; + } + + function in_date_interval($dt,$tolDt,$igDt) { + $accept = false; + if ($dt == date('Y-m-d', strtotime($tolDt))) // ha a kezdőnapra esik + $accept = true; + if ($dt == date('Y-m-d', strtotime($igDt))) // ha a végnapra esik + $accept = true; + return ( + $accept + || ( + (is_null($tolDt) || strtotime($tolDt)<=strtotime($dt)) + && (is_null($igDt) || strtotime($dt)<=strtotime($igDt)) + ) + ); + } + + // FIGYELEM! Csak megbízható belső kódban használjuk + function reindex($THIS, $HOW) { + // ha nincs megadva, hogy hogy, adjuk vissza az eredeti tömböt + if (!is_array($HOW) || count($HOW)==0) return $THIS; + + $RET = array(); + for ($i=0; $i<count($THIS); $i++) { + $val = '$RET'; + foreach ( $HOW as $key ) { + $val .= '[$THIS[$i]["'.$key.'"]]'; + } + $val .='[]=$THIS[$i];'; + $fail = @eval($val); // not used + } + return $RET; + } + + function dump() { + + $ARGS=func_get_args(); + echo '<pre>'; + call_user_func_array('var_dump', $ARGS); + echo '<hr /></pre>'; + + } + +?> |