aboutsummaryrefslogtreecommitdiffstats
path: root/mayor-orig/mayor-base/www/policy/private
diff options
context:
space:
mode:
authorM.Gergo2019-03-08 21:20:34 +0100
committerM.Gergo2019-03-08 21:20:34 +0100
commitf51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0 (patch)
treee13e60e4b94a3b58f1e2bfbe271102c8f04b67bd /mayor-orig/mayor-base/www/policy/private
parentc76a004b0135786f2742283f8d5f917106f58bd8 (diff)
downloadmayor-f51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0.tar.gz
mayor-f51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0.zip
további rendrakás
Diffstat (limited to 'mayor-orig/mayor-base/www/policy/private')
-rw-r--r--mayor-orig/mayor-base/www/policy/private/password/changePassword-pre.php60
-rw-r--r--mayor-orig/mayor-base/www/policy/private/password/changePassword.php9
-rw-r--r--mayor-orig/mayor-base/www/policy/private/portal/start.php0
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/accountInfo-pre.php75
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/accountInfo.php19
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes-pre.php39
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes.php10
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/admin/registration-pre.php123
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/admin/registration.php16
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/createAccount-pre.php110
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/createAccount.php12
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/createGroup-pre.php49
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/createGroup.php12
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/download-pre.php66
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/download.php9
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/eduroam-pre.php5
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/eduroam.php0
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/facebookConnect-pre.php91
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/facebookConnect.php7
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/googleapi-pre.php100
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/googleapi.php28
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/groupInfo-pre.php43
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/groupInfo.php12
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/search/searchAccount-pre.php29
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/search/searchAccount.php16
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/search/searchGroup-pre.php25
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/search/searchGroup.php16
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/session-pre.php5
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/session.php0
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/sessionAdmin-pre.php24
-rw-r--r--mayor-orig/mayor-base/www/policy/private/session/sessionAdmin.php9
31 files changed, 1019 insertions, 0 deletions
diff --git a/mayor-orig/mayor-base/www/policy/private/password/changePassword-pre.php b/mayor-orig/mayor-base/www/policy/private/password/changePassword-pre.php
new file mode 100644
index 00000000..08731581
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/password/changePassword-pre.php
@@ -0,0 +1,60 @@
+<?php
+/*
+ Module: base/password
+
+ Ez még teljesen kiforratlan!
+ Csak átmásoltam a public-ból, és elkezdtem átírni...
+*/
+
+ if (_RIGHTS_OK !== true) die();
+
+ $toPolicy = readVariable($_POST['toPolicy'], 'enum', readVariable($_GET['toPolicy'], 'enum', _POLICY, $POLICIES), $POLICIES);
+
+ // Itt csak a private policy jelszavát lehet módosítani
+// $toPolicy = 'private';
+ $userAccount = readVariable($_REQUEST['userAccount'], 'emptystringnull');
+
+ // Ha saját jelszavát szeretné változtatni, akkor átirányítjuk oda
+ if ($userAccount == _USERACCOUNT) {
+ header('Location: '.location('index.php?policy=public&page=password&f=changePassword&toPolicy='.$toPolicy,array('lang','skin','sessionID')));
+ exit;
+ }
+
+ // Jogosultság ellenőrzés
+ if (
+ memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']) or
+ (memberOf($userAccount,'diák') and memberOf(_USERACCOUNT,'diakadmin'))
+ ) {
+
+ // Az elküldött név+jelszó ellenőrzése
+ if ($action == 'changePassword') {
+
+ if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php')) {
+ require('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php');
+ }
+
+ $newPassword = readVariable($_POST['newPassword'], 'emptystringnull');
+ $verification = readVariable($_POST['verification'], 'emptystringnull');
+
+ if ($verification == '' or $newPassword == '') {
+ $_SESSION['alert'][] = 'message:empty_field';
+ } elseif ($verification != $newPassword) {
+ $_SESSION['alert'][] = 'message:pw_not_match';
+ } else {
+
+ if (changePassword($userAccount, $newPassword, $toPolicy)) {
+ // Módosítsuk a bejelentkezett user eltárolt jelszavát? - hagyjuk inkább... legalább látja, hogy változott valami...
+ // updateSessionPassword($userAccount, $toPolicy, $verification);
+ } else {
+ $_SESSION['alert'][] = 'message:pw_change_failed';
+ }
+
+ }
+
+ } // action
+
+ } else {
+ $_SESSION['alert'][] = 'page:insufficient_access';
+ }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/password/changePassword.php b/mayor-orig/mayor-base/www/policy/private/password/changePassword.php
new file mode 100644
index 00000000..f95661e0
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/password/changePassword.php
@@ -0,0 +1,9 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $userAccount, $toPolicy;
+
+ putChangePasswordForm($userAccount, $toPolicy, true); // rögzített policy
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/portal/start.php b/mayor-orig/mayor-base/www/policy/private/portal/start.php
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/portal/start.php
diff --git a/mayor-orig/mayor-base/www/policy/private/session/accountInfo-pre.php b/mayor-orig/mayor-base/www/policy/private/session/accountInfo-pre.php
new file mode 100644
index 00000000..9b54adf5
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/accountInfo-pre.php
@@ -0,0 +1,75 @@
+<?php
+/*
+ Module: base/session
+*/
+
+ if (_RIGHTS_OK !== true) die();
+
+ $userAccount = readVariable($_GET['userAccount'],'userAccount');
+ $toPolicy = readVariable($_POST['toPolicy'], 'enum',
+ readVariable($_GET['toPolicy'], 'enum', _POLICY, $POLICIES),
+ $POLICIES
+ );
+
+
+ if ($userAccount == '') $userAccount = _USERACCOUNT;
+
+ // Milyen kategóriába sorolható a userAccount, illetve az aktuális user
+ $userCategories = getAccountCategories($userAccount, $toPolicy);
+ if (
+ _POLICY == 'private' &&
+ (
+ memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']) ||
+ (
+ memberOf(_USERACCOUNT,'diakadmin') &&
+ in_array('diak',$userCategories)
+ )
+ )
+ ) define('_ACCESS_AS', _ADMIN_ACCESS);
+ elseif ($userAccount == _USERACCOUNT) define('_ACCESS_AS', _SELF_ACCESS);
+ else define('_ACCESS_AS', _OTHER_ACCESS);
+
+ list($backendAttrs, $backendAttrDef) = getBackendAttrs('Account', $toPolicy);
+ if ($action == 'changeSettings') {
+
+ changeAccountInfo($userAccount, $toPolicy);
+
+ } elseif ($action=='tokenLogout') {
+
+ revokeTokens();
+
+ } elseif ($action=='userSettingsModify') {
+
+ $changeSkinTo = readVariable($_POST['changeSkinTo'],'enum',null,$SKINSSHOW);
+ setUserSettings($userAccount, $toPolicy, array('skin'=>$changeSkinTo));
+
+ } elseif ($action=='generateEduroamId') {
+ $eduroamDOMAIN = readVariable($_POST['eduroamDOMAIN'],'enum',null,$eduroamDOMAINS);
+ $eduroamPASSWORD = @exec('pwgen');
+ if (__TANAR===true) {
+ $eduroamAFFILIATION = 'faculty';
+ } elseif (__DIAK===true) {
+ $eduroamAFFILIATION = 'student';
+ } else {
+ $eduroamAFFILIATION = 'staff';
+ }
+ createEduroamSettings(array('userAccount'=>$userAccount,'policy'=> $toPolicy,
+ 'eduroamUID' => $userAccount,
+ 'eduroamDOMAIN'=>$eduroamDOMAIN,
+ 'eduroamAFFILIATION'=>$eduroamAFFILIATION,
+ 'eduroamPASSWORD'=>$eduroamPASSWORD));
+ } elseif ($action=='modoifyEduroamId') {
+
+ }
+
+ $userInfo = getUserInfo($userAccount, $toPolicy); // keretrendszer attribútumai
+ $accountInfo = getAccountInfo($userAccount, $toPolicy); // backend attribútumai
+
+ $ADAT = getUserSettings($userAccount, $toPolicy);
+ $ADAT['activity'] = getMyActivity();
+
+ if ($toPolicy=='private' && _POLICY ==='private') {
+ $ADAT['eduroamAdat'] = getEduroamSettings($userAccount, $toPolicy);
+ // dump($ADAT);
+ }
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/accountInfo.php b/mayor-orig/mayor-base/www/policy/private/session/accountInfo.php
new file mode 100644
index 00000000..66642ef3
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/accountInfo.php
@@ -0,0 +1,19 @@
+<?php
+/*
+ Module: base/session
+*/
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $accountInfo, $userInfo, $backendAttrDef, $toPolicy;
+ global $ADAT;
+
+ putUserSettingsForm($ADAT);
+
+ putEduroamForm($ADAT);
+
+ putAccountActivityForm($ADAT);
+
+ putAccountInfoForm($userInfo, $accountInfo, $backendAttrDef, $toPolicy);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes-pre.php b/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes-pre.php
new file mode 100644
index 00000000..d166babd
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes-pre.php
@@ -0,0 +1,39 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ if (!__USERADMIN) {
+ $_SESSION['alert'][] = "page:insufficient_access";
+ } else {
+
+ require('include/share/ssl/ssl.php');
+
+ $ADAT['my']['url'] = $url = substr($_SERVER["HTTP_REFERER"], 0, strpos($_SERVER["HTTP_REFERER"], 'index.php?'));
+ $ADAT['my']['dt'] = date('Y-m-d');
+
+ $RPC = new Interconnect();
+ $ADAT['my']['publicKey'] = $RPC->getPublicKey();
+ $ADAT['my']['nodeId'] = $RPC->getNodeId();
+
+
+ if ($action == 'rpcPing') {
+ $ADAT['nodeId'] = readVariable($_POST['nodeId'],'id');
+ $RPC->setRemoteHostByNodeId($ADAT['nodeId']);
+ $RPC->setRequestTarget('base');
+ $ADAT['pingResult'] = $RPC->sendRequest(array('func'=>'ping'));
+ $ADAT['nodeVersion'] = $ADAT['pingResult']['revision'];
+ // $RPC->setRequestTarget('controller');
+ } elseif ($action == 'getPublicDataByNodeId') {
+ $ADAT['nodeId'] = readVariable($_POST['nodeId'],'id');
+ $RPC->setRequestTarget('base');
+ $RPC->setRemoteHostByNodeId($ADAT['nodeId']);
+ } elseif ($action == 'removeNode') {
+ $ADAT['nodeId'] = readVariable($_POST['nodeId'],'id');
+ removeNodeFromLocalKeychain($ADAT['nodeId']);
+ }
+
+ $ADAT['nodes'] = getPublicDataFromLocalKeychain();
+
+ }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes.php b/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes.php
new file mode 100644
index 00000000..e7a95d58
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes.php
@@ -0,0 +1,10 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $ADAT;
+
+ putGetNodeData();
+ putKnownNodes($ADAT);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/admin/registration-pre.php b/mayor-orig/mayor-base/www/policy/private/session/admin/registration-pre.php
new file mode 100644
index 00000000..eabc8cfe
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/admin/registration-pre.php
@@ -0,0 +1,123 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ if (!__USERADMIN) {
+ $_SESSION['alert'][] = "page:insufficient_access";
+ } else {
+
+ require('include/share/ssl/ssl.php');
+
+ $ADAT['NODETIPUSOK'] = array('intézmény','backup','fejlesztői');
+ $ADAT['OSSZEG'] = array(0,1000,2000,3000,5000,10000);;
+ // regisztrációs űrlap elemei (portal-mayor-ból átemelve...
+ $ADAT['MEZOK'] = array(
+ 'nodeTipus' => array('kotelezo'=>true,'options'=>$ADAT['NODETIPUSOK']),
+ 'nev' => array('kotelezo'=>true),
+ 'rovidNev' => array(),
+ 'OMKod' => array(),
+ 'cimHelyseg' => array('kotelezo'=>true),
+ 'cimIrsz' => array('kotelezo'=>true),
+ 'cimKozteruletNev' => array('kotelezo'=>true),
+ 'cimKozteruletJelleg' => array('kotelezo'=>true),
+ 'cimHazszam' => array('kotelezo'=>true),
+ 'telefon' => array(),
+ 'fax' => array(),
+ 'email' => array(),
+ 'honlap' => array(),
+ 'url' => array(),
+ 'kapcsolatNev' => array('kotelezo'=>true),
+ 'kapcsolatEmail' => array('kotelezo'=>true),
+ 'kapcsolatTelefon' => array(),
+ // külön, más helyen jelennek meg
+ 'dij'=> array('kotelezo'=>true,'display'=>false,'type'=>'none'),
+ 'egyebTamogatas' => array('display'=>false,'type'=>'none'),
+ 'utemezes'=>array('display'=>false,'type'=>'none'),
+ // rejtett mezők - nem módosíthatók
+ 'regId'=>array('display'=>false,'type'=>'none'),
+ 'dt'=>array('display'=>false),
+ 'publicKey' => array('kotelezo'=>true,'display'=>false,'readonly'=>true,'type'=>'textarea'),
+ );
+ $ADAT['my']['url'] = $url = substr($_SERVER["HTTP_REFERER"], 0, strpos($_SERVER["HTTP_REFERER"], 'index.php?'));
+ $ADAT['my']['dt'] = date('Y-m-d');
+
+ $RPC = new Interconnect();
+ $ADAT['my']['publicKey'] = $RPC->getPublicKey();
+ $ADAT['my']['nodeId'] = $RPC->getNodeId();
+
+ // regisztráció
+ if ($action == 'sendRegRequest') {
+ unset($_POST['action']);
+ $_POST['publicRequest'] = 'registration';
+ $res = json_decode(sendPublicRequest($_POST), true);
+ foreach ($res['alert'] as $index => $aAdat) $_SESSION['alert'][] = implode(':',$aAdat);
+ if ($res['success'] === true) {
+ setNodeId($res['nodeId'], $ADAT['my']['publicKey']);
+ $ADAT['my']['nodeId'] = $res['nodeId'];
+ $RPC = new Interconnect(); // újracsatlakozás...
+ }
+ //dump($res);
+ } elseif ($action == 'checkOldRegByPublicKey') {
+ $DATA['publicKey'] = $ADAT['my']['publicKey'];
+ $DATA['publicRequest'] = 'getNodeIdByPublicKey';
+ // ha kellene ellenőrzés, akkar a választ a publicKey-el kódolva kellene küldeni...
+ $res = json_decode(sendPublicRequest($DATA), true);
+ foreach ($res['alert'] as $index => $aAdat) $_SESSION['alert'][] = implode(':',$aAdat);
+ if ($res['success'] === true) {
+ setNodeId($res['nodeId'], $ADAT['my']['publicKey']);
+ $ADAT['my']['nodeId'] = $res['nodeId'];
+ $RPC = new Interconnect(); // újracsatlakozás...
+ }
+ dump($res);
+ }
+
+ if ($ADAT['my']['nodeId'] != 0)
+ try {
+ $RPC->setRemoteHostByNodeId(''); // controller
+ $RPC->setRequestTarget('controller');
+ $ADAT['registrationStatus']['result'] = $RPC->sendRequest(array('func'=>'checkRegistration'));
+ //dump($ADAT['registrationStatus']['result'], $RPC->getStatus());
+ // Teszt: egy alap metódus lekérdezése...
+ //$RPC->setRequestTarget('base');
+ // $ADAT['controllerVersion'] = $RPC->sendRequest(array('func'=>'ping'));
+ // dump($ADAT['controllerVersion']);
+ // $RPC->setRequestTarget('controller');
+ if ($ADAT['registrationStatus']['result']['valid'] == 1) {
+ $ADAT['regAdat'] = $RPC->getRegistrationDataByNodeId($ADAT['my']['nodeId']);
+ //dump($ADAT['regAdat'], $RPC->getStatus());
+ }
+ } catch (Exception $e) {
+ dump("checkRegistration",$e);
+ }
+
+ if ($action == 'modRegAdat') {
+ $MOD = array();
+ foreach ($ADAT['regAdat']['nodeData'] as $key => $value) {
+ $newValue = readVariable($_POST[$key], 'string');
+ if (
+ !in_array($key, array('nodeId','regId','publicKey'))
+ && str_replace(array("\n","\r","\n\r"),"",$value) != str_replace(array("\n","\r","\n\r"),"",$newValue)
+ && !is_null($newValue)
+ ) $MOD[$key] = $newValue;
+ }
+ if (count($MOD) > 0) try {
+ // Interconnect-en keresztül!!
+ $ADAT['modRegData']['result'] = $RPC->sendRequest(
+ array('func'=>'modRegData', 'data'=>$MOD, 'regId'=>$ADAT['regAdat']['nodeData']['regId'])
+ );
+ // A megjelenítéshez módosítjuk a kirakandó adatokat helyben is.
+ if ($ADAT['modRegData']['result']['result'] === true) {
+ $_SESSION['alert'][] = 'info:success:A regisztrációs adatokat módosítottuk a regisztrációs szerveren.';
+ foreach ($MOD as $key => $val) $ADAT['regAdat']['nodeData'][$key] = $val;
+ } else {
+ $_SESSION['alert'][] = 'message:wrong_data:Az adatmódosítás nem sikerült a regisztrációs szerveren.';
+ }
+ } catch (Exception $e) {
+ dump("modRegData",$e);
+ }
+
+ }
+
+ }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/admin/registration.php b/mayor-orig/mayor-base/www/policy/private/session/admin/registration.php
new file mode 100644
index 00000000..6ad2d8e7
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/admin/registration.php
@@ -0,0 +1,16 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $ADAT;
+
+ validRegisztracio($ADAT['registrationStatus']['result']['valid'], $ADAT['my']['nodeId']);
+ if ($ADAT['registrationStatus']['result']['valid'] != 1) {
+ putCheckOldReg($ADAT);
+ putRegisztracio($ADAT);
+ } else {
+ putRegisztracioMod($ADAT);
+ }
+ putPublicKey($ADAT['my']['publicKey']);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/createAccount-pre.php b/mayor-orig/mayor-base/www/policy/private/session/createAccount-pre.php
new file mode 100644
index 00000000..ce789482
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/createAccount-pre.php
@@ -0,0 +1,110 @@
+<?php
+/*
+ Module: base/session
+ createAccount => byAdmin esetén csak az érintet policy-n belül az adminGroup tagjainak lehet létrehozni új account-ot
+ createAccount => byRegistration esetén bárki regisztrálhat bármely policy-ből
+*/
+
+ if (_RIGHTS_OK !== true) die();
+
+ if (memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) {
+ $DEFAULTS['userAccount'] = readVariable($_GET['userAccount'],'userAccount');
+ $DEFAULTS['userCn'] = readVariable($_GET['userCn'],'emptystringnull');
+ $DEFAULTS['userPassword'] = readVariable($_GET['userPassword'],'emptystringnull');
+ $DEFAULTS['mail'] = readVariable($_GET['email'],'emptystringnull');
+ $DEFAULTS['telephoneNumber'] = readVariable($_GET['tel'],'emptystringnull');
+ }
+
+ $toPolicy = readVariable($_POST['toPolicy'], 'enum', readVariable($_GET['toPolicy'], 'enum',_POLICY, $POLICIES), $POLICIES);
+
+ @$toPSF = $_REQUEST['toPSF'];
+
+ if ($toPolicy != _POLICY) require_once(_CONFIGDIR."/$toPolicy-conf.php");
+ if (
+ (
+ $AUTH[$toPolicy]['createAccount'] == 'byAdmin'
+ and memberOf(_USERACCOUNT, $AUTH['private']['adminGroup'])
+ )
+ or (
+ $AUTH[$toPolicy]['createAccount'] == 'byRegistration'
+ && _USERACCOUNT ==''
+ )
+ ) {
+ define('_ENABLE',true);
+ } else {
+ define('_ENABLE',false);
+ $_SESSION['alert'][] = 'page:insufficient_access:#1';
+ }
+
+ if (_ENABLE && $action == 'createAccount' && isset($_POST['new'])) {
+
+ $file = $_FILES['file']['tmp_name'];
+ if ($file != '' && $file != 'none' && file_exists($file)) {
+
+ $uidfp=fopen($file, 'r');
+ while ($sor=fgets($uidfp, 4096)) {
+ list($userCn, $userAccount, $userPassword, $category, $studyId, $container)=explode(" ",chop($sor));
+ // A biztonság kedvéért ez a html form validációval egyező legyen
+ $userCn = readVariable($userCn,'html');
+ $userAccount = readvariable($userAccount,'html');
+ $studyId = readVariable($studyId,'number');
+ $category = readVariable($category, 'enum','',$AUTH[$toPolicy]['categories']);
+ $container = readVariable($container,'enum','',$AUTH[$toPolicy][$AUTH[$toPolicy]['backend'].'Containers']);
+ $policyAccountAttrs = array();
+ if (is_array($AUTH[$toPolicy]['accountAttrs'])) foreach ($AUTH[$toPolicy]['accountAttrs'] as $attr) {
+ if (isset($$attr) and $$attr != '') $policyAccountAttrs[$attr] = readVariable($$attr, 'string');
+ }
+ if (createAccount($userCn, $userAccount, $userPassword, $toPolicy, array('container'=> $container, 'category' => $category, 'policyAttrs' => $policyAccountAttrs)) ===false) {
+ $_SESSION['alert'][] = "info:user_create_failure: cn.$userCn|account.$userAccount|policy.$toPolicy|category.$category|container.$container";
+ }
+ }
+ fclose($uidfp);
+
+ } else {
+
+ // kötelező paraméterek
+ $userCn = readVariable($_POST['userCn'],'html');
+ $userAccount = readvariable($_POST['userAccount'],'html');
+ $studyId = readVariable($_POST['studyId'],'number');
+ $userPassword = $_POST['userPassword'];
+ $verification = $_POST['verification'];
+
+ // opcionális paraméterek
+ $category = readVariable($_POST['category'], 'enum','',$AUTH[$toPolicy]['categories']);
+ $container = readVariable($_POST['container'],'enum','',$AUTH[$toPolicy][$AUTH[$toPolicy]['backend'].'Containers']);
+
+ $policyAccountAttrs = array();
+ if (is_array($AUTH[$toPolicy]['accountAttrs'])) foreach ($AUTH[$toPolicy]['accountAttrs'] as $attr) {
+ if (isset($_POST[$attr]) and $_POST[$attr] != '') $policyAccountAttrs[$attr] = readVariable($_POST[$attr], 'string'); // ???
+ }
+
+ if ($userCn == '' or $userAccount == '' or $userPassword == '' or $verification == '') {
+ // Csak policy váltás történt
+ // $_SESSION['alert'][] = 'message:empty_field';
+ } elseif ($userPassword != $verification) {
+ $_SESSION['alert'][] = 'message:pw_not_match';
+ } else {
+ if (createAccount($userCn, $userAccount, $userPassword, $toPolicy,
+ array('container'=> $container, 'category' => $category, 'policyAttrs' => $policyAccountAttrs))) {
+ if (
+ _POLICY == 'private'
+ && memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])
+ ) header('Location: '.location("index.php?page=session&f=accountInfo&userAccount=$userAccount&toPolicy=$toPolicy"));
+ elseif (_POLICY == 'public') {
+ $toPSF = ($toPSF=='') ? 'auth::login' : $toPSF;
+ header(
+ 'Location: '.location("index.php?page=auth&f=login&userAccount=$userAccount&policy=public&toPolicy=$toPolicy&toPSF=$toPSF", array('skin','lang','sessionID'))
+ );
+ } else {
+ $toPSF = ($toPSF=='') ? 'session::accountInfo' : $toPSF;
+ header(
+ 'Location: '.location("index.php?page=auth&f=login&userAccount=$userAccount&policy=public&toPolicy=$toPolicy&toPSF=$toPSF", array('skin','lang','sessionID'))
+ );
+ }
+ }
+ }
+ }
+
+ }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/createAccount.php b/mayor-orig/mayor-base/www/policy/private/session/createAccount.php
new file mode 100644
index 00000000..94c4b703
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/createAccount.php
@@ -0,0 +1,12 @@
+<?php
+/*
+ Module: base/session
+*/
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $toPolicy,$DEFAULTS;
+
+ putCreateAccountForm($toPolicy, $DEFAULTS);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/createGroup-pre.php b/mayor-orig/mayor-base/www/policy/private/session/createGroup-pre.php
new file mode 100644
index 00000000..8b65ce02
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/createGroup-pre.php
@@ -0,0 +1,49 @@
+<?php
+/*
+ Module: base/session
+*/
+
+ if (_RIGHTS_OK !== true) die();
+
+ if (_POLICY == 'private' && memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) {
+ } else {
+ $_SESSION['alert'][] = 'page:insufficient_access';
+ }
+ $toPolicy = readVariable($_POST['toPolicy'], 'enum', _POLICY, $POLICIES);
+
+ if ($action == 'createGroup') {
+
+ $file = $_FILES['file']['tmp_name'];
+ if ($file != '' and $file != 'none' and file_exists($file)) {
+/* $uidfp=fopen($file, 'r');
+ while ($sor=fgets($uidfp, 4096)) {
+ list($groupCn, $groupDesc, $category)=explode(" ",chop($sor));
+ !!!!!!!! createGroup($groupCn, $groupDesc, $category, $toPolicy);
+ }
+ fclose($uidfp);
+*/
+ } else {
+
+ $groupCn = readVariable($_POST['groupCn'],'html');
+ $groupDesc = readVariable($_POST['groupDesc'],'html');
+ $category = readVariable($_POST['category'],'enum',null,$AUTH[_POLICY]['categories']);
+ $container = readVariable($_POST['container'],'enum','',$AUTH[$toPolicy][$AUTH[$toPolicy]['backend'].'Containers']);
+ $policyGroupAttrs = array();
+ if (is_array($AUTH[$toPolicy]['groupAttrs'])) foreach ($AUTH[$toPolicy]['groupAttrs'] as $attr) {
+ if (isset($_POST[$attr]) and $_POST[$attr] != '') $policyGroupAttrs[$attr] = readVariable($_POST[$attr], 'string'); // ???
+ }
+
+ if ($groupCn == '' || $groupDesc == '' || $category == '') {
+ // Csak policy váltás
+ //$_SESSION['alert'][] = 'message:empty_field'.":$groupCn:$groupDesc:$category";
+ } else {
+ if (createGroup($groupCn, $groupDesc, $toPolicy, array('container'=> $container, 'policyAttrs' => $policyGroupAttrs))) {
+ header('Location: '.location("index.php?page=session&f=groupInfo&groupCn=$groupCn&toPolicy=$toPolicy"));
+ }
+ }
+ }
+
+
+ }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/createGroup.php b/mayor-orig/mayor-base/www/policy/private/session/createGroup.php
new file mode 100644
index 00000000..a914ceaf
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/createGroup.php
@@ -0,0 +1,12 @@
+<?php
+/*
+ Module: base/session
+*/
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $toPolicy;
+
+ putCreateGroupForm($toPolicy);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/download-pre.php b/mayor-orig/mayor-base/www/policy/private/session/download-pre.php
new file mode 100644
index 00000000..6b396143
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/download-pre.php
@@ -0,0 +1,66 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+ if (!((defined('_POLICY') && _POLICY=='public')
+ || (defined('__TITKARSAG') && __TITKARSAG===true)
+ || (defined('__TANAR') && __TANAR===true)
+ || (defined('__NAPLOADMIN') && __NAPLOADMIN===true)
+ || (defined('__DIAK') && __DIAK===true)
+ )) {
+ return false;
+ }
+
+ // $file - csak a file neve, útvonal nem lehet benne
+ if (isset($_POST['file']) && $_POST['file'] != '') $file = basename($_POST['file']);
+ elseif (isset($_GET['file']) && $_GET['file'] != '') $file = basename($_GET['file']);
+
+ if (!isset($file)) $_SESSION['alert'][] = 'page:empty_fields:file';
+ else {
+ // $dir - betű, szám, -, _, és / lehet benne (elején csak betű vagy szám)
+ $dir = readVariable($_POST['dir'], 'path', readVariable($_GET['dir'], 'path'));
+
+ // Az útvonal beállítása
+ $path = _DOWNLOADDIR.'/'._POLICY;
+ if (isset($dir)) $path .= '/'.$dir;
+ $path .= '/'.$file;
+
+ // Jogosultságok ellenőzése dir alapján
+ if (__DIAK===true) {
+ if (strstr($dir,'naplo/face/')===false) return false;
+ }
+ // Titkarsag, Tanar, Naploadmin letoltheti, amit szeretne
+
+ // Létezik-e a file
+ if (!file_exists($path)) $_SESSION['alert'][] = 'page:file_not_found:'.substr($path, strlen(_DOWNLOADDIR.'/'._POLICY.'/')).':'.$path;
+ else {
+
+ $ADAT['path'] = $path;
+ $ADAT['dir'] = $dir;
+ $ADAT['file'] = $file;
+ $ADAT['ext'] = strtolower(substr(strrchr($file,"."),1));
+ $ADAT['size'] = filesize($path);
+ $ADAT['mime'] = readVariable($_POST['mimetype'], 'enum', readVariable($_GET['mimetype'], 'enum', null, $allowedMimeTypes), $allowedMimeTypes);
+
+ // MiME típus megállapítása
+ if (!isset($ADAT['mime'])) {
+ if ($allowedExtensions[$ADAT['ext']] != '') $ADAT['mime'] = $allowedExtensions[$ADAT['ext']];
+ else {
+ if (function_exists('mime_content_type')) {
+ $ADAT['mime'] = mime_content_type($ADAT['path']);
+ } elseif (function_exists('finfo_file')) {
+ $finfo = finfo_open(FILEINFO_MIME);
+ $ADAT['mime'] = finfo_file($finfo, $ADAT['path']);
+ finfo_close($finfo);
+ }
+ if ($ADAT['mime'] == '') $ADAT['mime'] = "application/force-download";
+ }
+ }
+ if (in_array($ADAT['mime'],array('image/gif','image/png','image/jpeg','image/jpeg'))) $ADAT['pure']=true;
+ // letöltés
+ if (isset($_GET['download'])) passFile($ADAT);
+
+ }
+ }
+
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/download.php b/mayor-orig/mayor-base/www/policy/private/session/download.php
new file mode 100644
index 00000000..12d907a9
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/download.php
@@ -0,0 +1,9 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $ADAT;
+
+ if (is_array($ADAT)) putDownloadForm($ADAT);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/eduroam-pre.php b/mayor-orig/mayor-base/www/policy/private/session/eduroam-pre.php
new file mode 100644
index 00000000..40a406cd
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/eduroam-pre.php
@@ -0,0 +1,5 @@
+<?php
+
+ getEduroamAdat();
+
+?> \ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/private/session/eduroam.php b/mayor-orig/mayor-base/www/policy/private/session/eduroam.php
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/eduroam.php
diff --git a/mayor-orig/mayor-base/www/policy/private/session/facebookConnect-pre.php b/mayor-orig/mayor-base/www/policy/private/session/facebookConnect-pre.php
new file mode 100644
index 00000000..b0988ae5
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/facebookConnect-pre.php
@@ -0,0 +1,91 @@
+<?php
+
+ if (__FBCONNECT_ENABLED !== true ) return false;
+
+ if (version_compare(PHP_VERSION, '5.4.0', '<')) {
+ return false;
+ } else {
+ /* facebook login start */
+ require_once ('include/share/facebook/autoload.php');
+ $fb = new Facebook\Facebook(array(
+ 'app_id' => __FB_APP_ID,
+ 'app_secret' => __FB_APP_SECRET,
+ 'cookie' => true,
+ 'status' => true,
+ 'default_graph_version' => 'v2.5',
+ ));
+ $oAuth2Client = $fb->getOAuth2Client();
+
+ $helper = $fb->getJavaScriptHelper();
+ try {
+ $accessToken = $helper->getAccessToken();
+ // convert
+ if ($accessToken !='' && !$accessToken->isLongLived()) {
+ try {
+ $accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
+ } catch (Facebook\Exceptions\FacebookSDKException $e) {
+ $_SESSION['alert'][] = "info::Error getting long-lived access token: " . $helper->getMessage() . "";
+ }
+ }
+ } catch(Facebook\Exceptions\FacebookResponseException $e) {
+ // When Graph returns an error
+ $_SESSION['alert'][] = 'info::Graph returned an error: ' . $e->getMessage();
+ } catch(Facebook\Exceptions\FacebookSDKException $e) {
+ // When validation fails or other local issues
+ $_SESSION['alert'][] = 'info::Facebook SDK returned an error: ' . $e->getMessage();
+ }
+ if (isset($accessToken)) {
+ $_SESSION['facebook_access_token'] = (string) $accessToken;
+ $_SESSION['facebook_access_token_object'] = $accessToken;
+ $response = $fb->get('/me?fields=id,name,email',$accessToken);
+ $userNode = $response->getGraphUser();
+ $ADAT['fbUserId'] = $userNode->getField('id');
+ $ADAT['fbUserCn'] = $userNode->getField('name');
+ $ADAT['fbUserEmail'] = $userNode->getField('email');
+ }
+ }
+ if ($action=='revokeFbAuth') {
+ fbConnectRevoke($ADAT['fbUserId']);
+ } elseif ($action=='grantFbAuth') {
+ fbConnectGrant($ADAT);
+ }
+
+ $ADAT['fbUserIdStatusz'] = checkFbConnectAssoc($ADAT);
+
+ function checkFbConnectAssoc($ADAT) {
+ if ($ADAT['fbUserId']=='') return 0;
+
+ $q = "SELECT count(*) AS db FROM facebookConnect where userAccount='%s' AND policy='%s' AND fbUserId='%s'";
+ $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId']);
+ $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v));
+ if ($db==1) return 1; // 'OK';
+
+ $q = "SELECT count(*) AS db FROM facebookConnect where userAccount='%s' AND policy='%s' AND fbUserId!='%s'";
+ $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId']);
+ $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v));
+ if ($db==1) return 2; // 'masik fbUserId van megadva';
+
+ $q = "SELECT count(*) AS db FROM facebookConnect where userAccount!='%s' AND policy='%s' AND fbUserId='%s'";
+ $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId']);
+ $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v));
+ if ($db==1) return 3; // 'masik userAccount van hozzárendelve ehhez a fb azonosítóhoz';
+
+ return false;
+ }
+
+ function fbConnectRevoke($fbUserId) {
+ if ($fbUserId=='') return 0;
+
+ $q = "DELETE FROM facebookConnect where userAccount='%s' AND policy='%s' AND fbUserId='%s'";
+ $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$fbUserId);
+ return db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','values'=>$v));
+ }
+ function fbConnectGrant($ADAT) {
+ if ($ADAT['fbUserId']=='') return 0;
+
+ $q = "INSERT IGNORE INTO facebookConnect (userAccount,policy,fbUserId,fbUserCn,fbUserEmail,studyId) VALUES ('%s','%s','%s','%s','%s','%s')";
+ $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId'],'fbUserCn'=>_USERCN.' ('.$ADAT['fbUserCn'].')','fbUserEmail'=>$ADAT['fbUserEmail'],'studyId'=>_STUDYID);
+ return db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'insert','values'=>$v));
+ }
+
+?> \ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/private/session/facebookConnect.php b/mayor-orig/mayor-base/www/policy/private/session/facebookConnect.php
new file mode 100644
index 00000000..e125c680
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/facebookConnect.php
@@ -0,0 +1,7 @@
+<?php
+
+ global $ADAT;
+
+ putFacebookConnectStatusz($ADAT);
+
+?> \ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/private/session/googleapi-pre.php b/mayor-orig/mayor-base/www/policy/private/session/googleapi-pre.php
new file mode 100644
index 00000000..49438dcc
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/googleapi-pre.php
@@ -0,0 +1,100 @@
+<?php
+
+ if (__GOOGLEAPI_ENABLED !== true ) return false;
+
+ if (version_compare(PHP_VERSION, '5.4.0', '<')) {
+ return false;
+ } else {
+ require_once ('include/share/googleapi/autoload.php');
+
+ if ($action=='googleapiRevoke') {
+ googleapiRevoke();
+ unset($_SESSION['googleapi_id_token']);
+ unset($_SESSION['googleapi_object']);
+ } elseif ($action=='googleapiGrant') {
+ // itt nem áll rendelkezésre adat! googleapiGrant($ADAT);
+ // a get id_token résznél kötjük össze a usert és irányítjuk tovább
+ }
+ //$ADAT['googleapiStatus'] = googleapiCheckAssoc($ADAT);
+ if ($_SESSION['googleapi_id_token']!='') {
+ // van azonosított user
+ // a sessionben rendelkezésre is áll az objektum (googleapi_object),
+ // de itt most lekérdezzük a google szervertől újra!
+ $redirect_uri = _BASE_URL.'/index.php';
+ $client = new Google_Client();
+ $client->setClientId(__GOOGLEAPI_CLIENT_ID);
+ $client->setClientSecret(__GOOGLEAPI_CLIENT_SECRET);
+ $client->setScopes('email');
+ // $client->setAccessToken($_SESSION['googleapi_id_token']);
+ try {
+ $ADAT['payload'] = $payload = $client->verifyIdToken($_SESSION['googleapi_id_token']);
+ $ADAT['googleapiStatusz'] = 1;
+ } catch(Exception $e) {
+ $_SESSION['alert'][] = 'info::googleapi SDK hiba: ' . $e->getMessage();
+ $ADAT['googleapiStatusz'] = 2;
+ }
+ } elseif ($_GET['id_token']!='') {
+ $redirect_uri = _BASE_URL.'/index.php';
+ $client = new Google_Client();
+ //$client->setAuthConfig($oauth_credentials);
+ $client->setClientId(__GOOGLEAPI_CLIENT_ID);
+ $client->setClientSecret(__GOOGLEAPI_CLIENT_SECRET);
+// $client->setRedirectUri($redirect_uri);
+ $client->setScopes('email');
+ try {
+ $payload = $client->verifyIdToken($_GET['id_token']);
+ } catch(Exception $e) {
+ $_SESSION['alert'][] = 'info::googleapi SDK hiba: ' . $e->getMessage();
+ }
+ if (isset($payload['sub'])) { // subject
+ $_SESSION['google_access_token'] = (string) $payload;
+ $_SESSION['google_access_token_object'] = $payload;
+ // mayor auth start
+ $accountInformation=array();
+ $toPolicy = 'public';
+ $ADAT['googleSub'] = $payload['sub'];
+// $ADAT['fbUserId'] = $userNode->getField('id');
+ $ADAT['googleUserCn'] = $payload['name'];
+ $ADAT['googleUserEmail'] = $payload['email'];
+ googleapiGrant($ADAT);
+ /* mayor auth stop */
+ } else {
+ $_SESSION['alert'][] = 'info:nem érvényes accessToken';
+ }
+ }
+
+ }
+ function googleapiCheckAssoc($ADAT) {
+ if ($ADAT['googleSub']=='') return 0;
+
+ $q = "SELECT count(*) AS db FROM googleConnect where userAccount='%s' AND policy='%s' AND googleSub='%s'";
+ $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['googleSub']);
+ $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v));
+ if ($db==1) return 1; // 'OK';
+
+ $q = "SELECT count(*) AS db FROM googleConnect where userAccount='%s' AND policy='%s' AND googleSub!='%s'";
+ $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['googleSub']);
+ $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v));
+ if ($db==1) return 2; // 'masik googleSub van megadva';
+
+ $q = "SELECT count(*) AS db FROM googleConnect where userAccount!='%s' AND policy='%s' AND googleSub='%s'";
+ $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'googleSub'=>$ADAT['googleSub']);
+ $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v));
+ if ($db==1) return 3; // 'masik userAccount van hozzárendelve ehhez a googleSub azonosítóhoz';
+
+ return false;
+ }
+
+ function googleapiRevoke() {
+ $q = "DELETE FROM googleConnect where userAccount='%s' AND policy='%s'";
+ $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY);
+ return db_query($q,array('fv'=>'googleapiRevoke','modul'=>'login','values'=>$v));
+ }
+ function googleapiGrant($ADAT) {
+ if ($ADAT['googleSub']=='') return 0;
+ $q = "INSERT IGNORE INTO googleConnect (userAccount,policy,googleSub,googleUserCn,googleUserEmail,studyId) VALUES ('%s','%s','%s','%s','%s','%s')";
+ $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'googleSub'=>$ADAT['googleSub'],_USERACCOUNT.' ('.$ADAT['googleUserCn'].')',$ADAT['googleUserEmail'],_STUDYID);
+ return db_query($q,array('debug'=>true,'fv'=>'googleapiGrant','modul'=>'login','result'=>'insert','values'=>$v));
+ }
+
+?> \ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/private/session/googleapi.php b/mayor-orig/mayor-base/www/policy/private/session/googleapi.php
new file mode 100644
index 00000000..fe079bed
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/googleapi.php
@@ -0,0 +1,28 @@
+<?php
+
+ global $ADAT;
+
+// putFacebookConnectStatusz($ADAT);
+
+// echo '<div class="g-signin2" data-onsuccess="onSignIn"></div>';
+
+// echo '<h1>Tesztüzem</h1>';
+
+// formBegin();
+// echo '<input type="text" name="action" value="googleapiCheck" >';
+// echo '<button type="button" id="googleapiCheckBtn" class="api"><span class="icon-googleplus"></span> Ellenőrzés</button>';
+// formEnd();
+
+// formBegin();
+// echo '<input type="hidden" name="action" value="googleGrant" >';
+// echo '<button type="button" id="googleLoginBtn" class="api"><span class="icon-googleplus"></span> Összeköt</button>';
+// formEnd();
+
+// formBegin();
+// echo '<input type="text" name="action" value="googleRevoke" >';
+// echo '<button type="submit" class="api"><span class="icon-googleplus"></span> Visszavon</button>';
+// formEnd();
+
+ putGoogleapiStatusz($ADAT);
+
+?> \ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/private/session/groupInfo-pre.php b/mayor-orig/mayor-base/www/policy/private/session/groupInfo-pre.php
new file mode 100644
index 00000000..97864ffa
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/groupInfo-pre.php
@@ -0,0 +1,43 @@
+<?php
+/*
+ Module: base/session
+*/
+
+ if (_RIGHTS_OK !== true) die();
+
+
+ $toPolicy = readVariable($_POST['toPolicy'], 'enum',
+ readVariable($_GET['toPolicy'], 'enum', _POLICY, $POLICIES),
+ $POLICIES
+ );
+
+ $groupCn = readVariable($_GET['groupCn'],'regreplace',null,array("[^a-zA-Z0-9\ \.\,_:;űáéúőóüöíŰÁÉÚŐÓÜÖÍ\-]"));
+
+// egyelőre csak private-ból lehet valaki admin...
+// if (memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) define('_ACCESS_AS', _ADMIN_ACCESS);
+
+ if (
+ _POLICY == 'private' &&
+ (
+ memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']) ||
+ (
+ memberOf(_USERACCOUNT,'diakadmin') &&
+ in_array('diak',$userCategories)
+ )
+ )
+ ) define('_ACCESS_AS', _ADMIN_ACCESS);
+ else define('_ACCESS_AS', _OTHER_ACCESS);
+
+ list($backendAttrs,$backendAttrDef) = getBackendAttrs('Group', $toPolicy);
+
+ if ($action == 'changeSettings') {
+
+ changeGroupInfo($groupCn, $toPolicy);
+
+ }
+ $groupInfo = getGroupInfo($groupCn, $toPolicy); // keretrendszer attribútumai
+ // backend attribútumai
+
+ if ($groupInfo===false) $_SESSION['alert'][] = 'page::';
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/groupInfo.php b/mayor-orig/mayor-base/www/policy/private/session/groupInfo.php
new file mode 100644
index 00000000..6dda377c
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/groupInfo.php
@@ -0,0 +1,12 @@
+<?php
+/*
+ Module: base/session
+*/
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $groupCn, $groupInfo, $backendAttrDef, $toPolicy;
+
+ putGroupInfoForm($groupCn, $groupInfo, $backendAttrDef, $toPolicy);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount-pre.php b/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount-pre.php
new file mode 100644
index 00000000..1ef93e95
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount-pre.php
@@ -0,0 +1,29 @@
+<?php
+/*
+ Module: base/session
+*/
+
+ if (_RIGHTS_OK !== true) die();
+
+ $toPolicy = readVariable($_POST['toPolicy'], 'enum', _POLICY, $POLICIES);
+
+ define('__ADMIN', memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']));
+ define('__DIAKADMIN', memberOf(_USERACCOUNT, 'diakadmin'));
+
+ // valójában így sem jó, mert a lekérdezett backend-től kellene függővé teni a keresés mezőket...
+ if ($AUTH[_POLICY]['backend'] == 'ad') $searchAttrList = array('userCn', 'userAccount', 'uidNumber', 'studyId');
+ else $searchAttrList = array('userCn', 'userAccount', 'studyId');
+
+ if ($action == 'searchAccount') {
+ $attr = readVariable($_POST['attr'], 'enum', 'userCn', $searchAttrList);
+ $pattern = readVariable($_POST['pattern'], 'string');
+ $searchResult = searchAccount($attr, $pattern, $searchAttrList, $toPolicy);
+ } elseif ($action == 'deleteAccount' and __ADMIN === true) {
+ $userAccount = readVariable($_POST['userAccount'], 'string');
+ deleteAccount($userAccount, $toPolicy);
+ } else {
+ echo $action;
+ }
+
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount.php b/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount.php
new file mode 100644
index 00000000..727706ee
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount.php
@@ -0,0 +1,16 @@
+<?php
+/*
+ Module: base/session
+*/
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $attr, $pattern, $searchResult, $searchAttrList, $toPolicy, $ADAT;
+
+ putSearchAccountForm($attr, $pattern, $searchAttrList, $toPolicy);
+
+ if (is_array($searchResult)) {
+ putSearchResultBox($searchResult, $toPolicy);
+ }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup-pre.php b/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup-pre.php
new file mode 100644
index 00000000..94deeba2
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup-pre.php
@@ -0,0 +1,25 @@
+<?php
+/*
+ Module: base/session
+*/
+
+ if (_RIGHTS_OK !== true) die();
+
+ $toPolicy = readVariable($_POST['toPolicy'], 'enum', _POLICY, $POLICIES);
+
+ define('__ADMIN', memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']));
+ define('__DIAKADMIN', memberOf(_USERACCOUNT, 'diakadmin'));
+
+ $searchAttrs = array('groupCn', 'groupDesc');
+ if ($action == 'searchGroup') {
+ $attr = readVariable($_POST['attr'], 'enum', 'groupCn', $searchAttrs);
+ $pattern = readVariable($_POST['pattern'],'html');
+ $searchResult = searchGroup($attr, $pattern, $searchAttrs, $toPolicy);
+ } elseif (__ADMIN ===true && $action == 'deleteGroup') {
+ $groupCn = readVariable($_POST['groupCn'], 'html'); // nem biztos hogy id - bizos nem id, hanem a csoport neve
+ deleteGroup($groupCn, $toPolicy);
+ } else {
+ echo $action;
+ }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup.php b/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup.php
new file mode 100644
index 00000000..c36d0ef6
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup.php
@@ -0,0 +1,16 @@
+<?php
+/*
+ Module: base/session
+*/
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $attr, $pattern, $searchAttrs, $searchResult, $toPolicy;
+
+ putSearchGroupForm($attr, $pattern, $searchAttrs, $toPolicy);
+
+ if (is_array($searchResult)) {
+ putSearchResultBox($searchResult, $toPolicy);
+ }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/session-pre.php b/mayor-orig/mayor-base/www/policy/private/session/session-pre.php
new file mode 100644
index 00000000..d1c65349
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/session-pre.php
@@ -0,0 +1,5 @@
+<?php
+
+ header('Location: '.location('index.php?page=session&sub=search&f=searchAccount'));
+
+?> \ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/private/session/session.php b/mayor-orig/mayor-base/www/policy/private/session/session.php
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/session.php
diff --git a/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin-pre.php b/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin-pre.php
new file mode 100644
index 00000000..08b55781
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin-pre.php
@@ -0,0 +1,24 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ if (_POLICY != 'private' || !memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) {
+ $_SESSION['alert'][] = 'page:insufficient_access';
+ } else {
+
+ if ($action == 'deleteSession') {
+
+ $policy = readVariable($_POST['delPolicy'], 'enum', null, $POLICIES);
+ $userAccount = readVariable($_POST['delSessionID'], 'string', null);
+ if (isset($policy) && isset($userAccount)) {
+ deleteSession($userAccount, $policy);
+ } else { $_SESSION['alert'][] = 'message:wrong_data:userAccount,policy:'.$policy.':'.$userAccount; }
+
+ }
+ $ADAT['session'] = getSessions();
+//echo '<pre>'; var_dump($ADAT); echo '</pre>';
+
+ }
+
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin.php b/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin.php
new file mode 100644
index 00000000..d1398e4f
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin.php
@@ -0,0 +1,9 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $ADAT;
+
+ putSessionList($ADAT);
+
+?>