diff options
| author | M.Gergo | 2019-03-08 21:20:34 +0100 |
|---|---|---|
| committer | M.Gergo | 2019-03-08 21:20:34 +0100 |
| commit | f51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0 (patch) | |
| tree | e13e60e4b94a3b58f1e2bfbe271102c8f04b67bd /mayor-orig/mayor-base/www/policy | |
| parent | c76a004b0135786f2742283f8d5f917106f58bd8 (diff) | |
| download | mayor-f51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0.tar.gz mayor-f51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0.zip | |
további rendrakás
Diffstat (limited to 'mayor-orig/mayor-base/www/policy')
44 files changed, 1574 insertions, 0 deletions
diff --git a/mayor-orig/mayor-base/www/policy/private/password/changePassword-pre.php b/mayor-orig/mayor-base/www/policy/private/password/changePassword-pre.php new file mode 100644 index 00000000..08731581 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/password/changePassword-pre.php @@ -0,0 +1,60 @@ +<?php +/* + Module: base/password + + Ez még teljesen kiforratlan! + Csak átmásoltam a public-ból, és elkezdtem átírni... +*/ + + if (_RIGHTS_OK !== true) die(); + + $toPolicy = readVariable($_POST['toPolicy'], 'enum', readVariable($_GET['toPolicy'], 'enum', _POLICY, $POLICIES), $POLICIES); + + // Itt csak a private policy jelszavát lehet módosítani +// $toPolicy = 'private'; + $userAccount = readVariable($_REQUEST['userAccount'], 'emptystringnull'); + + // Ha saját jelszavát szeretné változtatni, akkor átirányítjuk oda + if ($userAccount == _USERACCOUNT) { + header('Location: '.location('index.php?policy=public&page=password&f=changePassword&toPolicy='.$toPolicy,array('lang','skin','sessionID'))); + exit; + } + + // Jogosultság ellenőrzés + if ( + memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']) or + (memberOf($userAccount,'diák') and memberOf(_USERACCOUNT,'diakadmin')) + ) { + + // Az elküldött név+jelszó ellenőrzése + if ($action == 'changePassword') { + + if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php')) { + require('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php'); + } + + $newPassword = readVariable($_POST['newPassword'], 'emptystringnull'); + $verification = readVariable($_POST['verification'], 'emptystringnull'); + + if ($verification == '' or $newPassword == '') { + $_SESSION['alert'][] = 'message:empty_field'; + } elseif ($verification != $newPassword) { + $_SESSION['alert'][] = 'message:pw_not_match'; + } else { + + if (changePassword($userAccount, $newPassword, $toPolicy)) { + // Módosítsuk a bejelentkezett user eltárolt jelszavát? - hagyjuk inkább... legalább látja, hogy változott valami... + // updateSessionPassword($userAccount, $toPolicy, $verification); + } else { + $_SESSION['alert'][] = 'message:pw_change_failed'; + } + + } + + } // action + + } else { + $_SESSION['alert'][] = 'page:insufficient_access'; + } + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/password/changePassword.php b/mayor-orig/mayor-base/www/policy/private/password/changePassword.php new file mode 100644 index 00000000..f95661e0 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/password/changePassword.php @@ -0,0 +1,9 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $userAccount, $toPolicy; + + putChangePasswordForm($userAccount, $toPolicy, true); // rögzített policy + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/portal/start.php b/mayor-orig/mayor-base/www/policy/private/portal/start.php new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/portal/start.php diff --git a/mayor-orig/mayor-base/www/policy/private/session/accountInfo-pre.php b/mayor-orig/mayor-base/www/policy/private/session/accountInfo-pre.php new file mode 100644 index 00000000..9b54adf5 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/accountInfo-pre.php @@ -0,0 +1,75 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + $userAccount = readVariable($_GET['userAccount'],'userAccount'); + $toPolicy = readVariable($_POST['toPolicy'], 'enum', + readVariable($_GET['toPolicy'], 'enum', _POLICY, $POLICIES), + $POLICIES + ); + + + if ($userAccount == '') $userAccount = _USERACCOUNT; + + // Milyen kategóriába sorolható a userAccount, illetve az aktuális user + $userCategories = getAccountCategories($userAccount, $toPolicy); + if ( + _POLICY == 'private' && + ( + memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']) || + ( + memberOf(_USERACCOUNT,'diakadmin') && + in_array('diak',$userCategories) + ) + ) + ) define('_ACCESS_AS', _ADMIN_ACCESS); + elseif ($userAccount == _USERACCOUNT) define('_ACCESS_AS', _SELF_ACCESS); + else define('_ACCESS_AS', _OTHER_ACCESS); + + list($backendAttrs, $backendAttrDef) = getBackendAttrs('Account', $toPolicy); + if ($action == 'changeSettings') { + + changeAccountInfo($userAccount, $toPolicy); + + } elseif ($action=='tokenLogout') { + + revokeTokens(); + + } elseif ($action=='userSettingsModify') { + + $changeSkinTo = readVariable($_POST['changeSkinTo'],'enum',null,$SKINSSHOW); + setUserSettings($userAccount, $toPolicy, array('skin'=>$changeSkinTo)); + + } elseif ($action=='generateEduroamId') { + $eduroamDOMAIN = readVariable($_POST['eduroamDOMAIN'],'enum',null,$eduroamDOMAINS); + $eduroamPASSWORD = @exec('pwgen'); + if (__TANAR===true) { + $eduroamAFFILIATION = 'faculty'; + } elseif (__DIAK===true) { + $eduroamAFFILIATION = 'student'; + } else { + $eduroamAFFILIATION = 'staff'; + } + createEduroamSettings(array('userAccount'=>$userAccount,'policy'=> $toPolicy, + 'eduroamUID' => $userAccount, + 'eduroamDOMAIN'=>$eduroamDOMAIN, + 'eduroamAFFILIATION'=>$eduroamAFFILIATION, + 'eduroamPASSWORD'=>$eduroamPASSWORD)); + } elseif ($action=='modoifyEduroamId') { + + } + + $userInfo = getUserInfo($userAccount, $toPolicy); // keretrendszer attribútumai + $accountInfo = getAccountInfo($userAccount, $toPolicy); // backend attribútumai + + $ADAT = getUserSettings($userAccount, $toPolicy); + $ADAT['activity'] = getMyActivity(); + + if ($toPolicy=='private' && _POLICY ==='private') { + $ADAT['eduroamAdat'] = getEduroamSettings($userAccount, $toPolicy); + // dump($ADAT); + } +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/accountInfo.php b/mayor-orig/mayor-base/www/policy/private/session/accountInfo.php new file mode 100644 index 00000000..66642ef3 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/accountInfo.php @@ -0,0 +1,19 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + global $accountInfo, $userInfo, $backendAttrDef, $toPolicy; + global $ADAT; + + putUserSettingsForm($ADAT); + + putEduroamForm($ADAT); + + putAccountActivityForm($ADAT); + + putAccountInfoForm($userInfo, $accountInfo, $backendAttrDef, $toPolicy); + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes-pre.php b/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes-pre.php new file mode 100644 index 00000000..d166babd --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes-pre.php @@ -0,0 +1,39 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + if (!__USERADMIN) { + $_SESSION['alert'][] = "page:insufficient_access"; + } else { + + require('include/share/ssl/ssl.php'); + + $ADAT['my']['url'] = $url = substr($_SERVER["HTTP_REFERER"], 0, strpos($_SERVER["HTTP_REFERER"], 'index.php?')); + $ADAT['my']['dt'] = date('Y-m-d'); + + $RPC = new Interconnect(); + $ADAT['my']['publicKey'] = $RPC->getPublicKey(); + $ADAT['my']['nodeId'] = $RPC->getNodeId(); + + + if ($action == 'rpcPing') { + $ADAT['nodeId'] = readVariable($_POST['nodeId'],'id'); + $RPC->setRemoteHostByNodeId($ADAT['nodeId']); + $RPC->setRequestTarget('base'); + $ADAT['pingResult'] = $RPC->sendRequest(array('func'=>'ping')); + $ADAT['nodeVersion'] = $ADAT['pingResult']['revision']; + // $RPC->setRequestTarget('controller'); + } elseif ($action == 'getPublicDataByNodeId') { + $ADAT['nodeId'] = readVariable($_POST['nodeId'],'id'); + $RPC->setRequestTarget('base'); + $RPC->setRemoteHostByNodeId($ADAT['nodeId']); + } elseif ($action == 'removeNode') { + $ADAT['nodeId'] = readVariable($_POST['nodeId'],'id'); + removeNodeFromLocalKeychain($ADAT['nodeId']); + } + + $ADAT['nodes'] = getPublicDataFromLocalKeychain(); + + } + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes.php b/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes.php new file mode 100644 index 00000000..e7a95d58 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes.php @@ -0,0 +1,10 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $ADAT; + + putGetNodeData(); + putKnownNodes($ADAT); + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/admin/registration-pre.php b/mayor-orig/mayor-base/www/policy/private/session/admin/registration-pre.php new file mode 100644 index 00000000..eabc8cfe --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/admin/registration-pre.php @@ -0,0 +1,123 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + if (!__USERADMIN) { + $_SESSION['alert'][] = "page:insufficient_access"; + } else { + + require('include/share/ssl/ssl.php'); + + $ADAT['NODETIPUSOK'] = array('intézmény','backup','fejlesztői'); + $ADAT['OSSZEG'] = array(0,1000,2000,3000,5000,10000);; + // regisztrációs űrlap elemei (portal-mayor-ból átemelve... + $ADAT['MEZOK'] = array( + 'nodeTipus' => array('kotelezo'=>true,'options'=>$ADAT['NODETIPUSOK']), + 'nev' => array('kotelezo'=>true), + 'rovidNev' => array(), + 'OMKod' => array(), + 'cimHelyseg' => array('kotelezo'=>true), + 'cimIrsz' => array('kotelezo'=>true), + 'cimKozteruletNev' => array('kotelezo'=>true), + 'cimKozteruletJelleg' => array('kotelezo'=>true), + 'cimHazszam' => array('kotelezo'=>true), + 'telefon' => array(), + 'fax' => array(), + 'email' => array(), + 'honlap' => array(), + 'url' => array(), + 'kapcsolatNev' => array('kotelezo'=>true), + 'kapcsolatEmail' => array('kotelezo'=>true), + 'kapcsolatTelefon' => array(), + // külön, más helyen jelennek meg + 'dij'=> array('kotelezo'=>true,'display'=>false,'type'=>'none'), + 'egyebTamogatas' => array('display'=>false,'type'=>'none'), + 'utemezes'=>array('display'=>false,'type'=>'none'), + // rejtett mezők - nem módosíthatók + 'regId'=>array('display'=>false,'type'=>'none'), + 'dt'=>array('display'=>false), + 'publicKey' => array('kotelezo'=>true,'display'=>false,'readonly'=>true,'type'=>'textarea'), + ); + $ADAT['my']['url'] = $url = substr($_SERVER["HTTP_REFERER"], 0, strpos($_SERVER["HTTP_REFERER"], 'index.php?')); + $ADAT['my']['dt'] = date('Y-m-d'); + + $RPC = new Interconnect(); + $ADAT['my']['publicKey'] = $RPC->getPublicKey(); + $ADAT['my']['nodeId'] = $RPC->getNodeId(); + + // regisztráció + if ($action == 'sendRegRequest') { + unset($_POST['action']); + $_POST['publicRequest'] = 'registration'; + $res = json_decode(sendPublicRequest($_POST), true); + foreach ($res['alert'] as $index => $aAdat) $_SESSION['alert'][] = implode(':',$aAdat); + if ($res['success'] === true) { + setNodeId($res['nodeId'], $ADAT['my']['publicKey']); + $ADAT['my']['nodeId'] = $res['nodeId']; + $RPC = new Interconnect(); // újracsatlakozás... + } + //dump($res); + } elseif ($action == 'checkOldRegByPublicKey') { + $DATA['publicKey'] = $ADAT['my']['publicKey']; + $DATA['publicRequest'] = 'getNodeIdByPublicKey'; + // ha kellene ellenőrzés, akkar a választ a publicKey-el kódolva kellene küldeni... + $res = json_decode(sendPublicRequest($DATA), true); + foreach ($res['alert'] as $index => $aAdat) $_SESSION['alert'][] = implode(':',$aAdat); + if ($res['success'] === true) { + setNodeId($res['nodeId'], $ADAT['my']['publicKey']); + $ADAT['my']['nodeId'] = $res['nodeId']; + $RPC = new Interconnect(); // újracsatlakozás... + } + dump($res); + } + + if ($ADAT['my']['nodeId'] != 0) + try { + $RPC->setRemoteHostByNodeId(''); // controller + $RPC->setRequestTarget('controller'); + $ADAT['registrationStatus']['result'] = $RPC->sendRequest(array('func'=>'checkRegistration')); + //dump($ADAT['registrationStatus']['result'], $RPC->getStatus()); + // Teszt: egy alap metódus lekérdezése... + //$RPC->setRequestTarget('base'); + // $ADAT['controllerVersion'] = $RPC->sendRequest(array('func'=>'ping')); + // dump($ADAT['controllerVersion']); + // $RPC->setRequestTarget('controller'); + if ($ADAT['registrationStatus']['result']['valid'] == 1) { + $ADAT['regAdat'] = $RPC->getRegistrationDataByNodeId($ADAT['my']['nodeId']); + //dump($ADAT['regAdat'], $RPC->getStatus()); + } + } catch (Exception $e) { + dump("checkRegistration",$e); + } + + if ($action == 'modRegAdat') { + $MOD = array(); + foreach ($ADAT['regAdat']['nodeData'] as $key => $value) { + $newValue = readVariable($_POST[$key], 'string'); + if ( + !in_array($key, array('nodeId','regId','publicKey')) + && str_replace(array("\n","\r","\n\r"),"",$value) != str_replace(array("\n","\r","\n\r"),"",$newValue) + && !is_null($newValue) + ) $MOD[$key] = $newValue; + } + if (count($MOD) > 0) try { + // Interconnect-en keresztül!! + $ADAT['modRegData']['result'] = $RPC->sendRequest( + array('func'=>'modRegData', 'data'=>$MOD, 'regId'=>$ADAT['regAdat']['nodeData']['regId']) + ); + // A megjelenítéshez módosítjuk a kirakandó adatokat helyben is. + if ($ADAT['modRegData']['result']['result'] === true) { + $_SESSION['alert'][] = 'info:success:A regisztrációs adatokat módosítottuk a regisztrációs szerveren.'; + foreach ($MOD as $key => $val) $ADAT['regAdat']['nodeData'][$key] = $val; + } else { + $_SESSION['alert'][] = 'message:wrong_data:Az adatmódosítás nem sikerült a regisztrációs szerveren.'; + } + } catch (Exception $e) { + dump("modRegData",$e); + } + + } + + } + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/admin/registration.php b/mayor-orig/mayor-base/www/policy/private/session/admin/registration.php new file mode 100644 index 00000000..6ad2d8e7 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/admin/registration.php @@ -0,0 +1,16 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $ADAT; + + validRegisztracio($ADAT['registrationStatus']['result']['valid'], $ADAT['my']['nodeId']); + if ($ADAT['registrationStatus']['result']['valid'] != 1) { + putCheckOldReg($ADAT); + putRegisztracio($ADAT); + } else { + putRegisztracioMod($ADAT); + } + putPublicKey($ADAT['my']['publicKey']); + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/createAccount-pre.php b/mayor-orig/mayor-base/www/policy/private/session/createAccount-pre.php new file mode 100644 index 00000000..ce789482 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/createAccount-pre.php @@ -0,0 +1,110 @@ +<?php +/* + Module: base/session + createAccount => byAdmin esetén csak az érintet policy-n belül az adminGroup tagjainak lehet létrehozni új account-ot + createAccount => byRegistration esetén bárki regisztrálhat bármely policy-ből +*/ + + if (_RIGHTS_OK !== true) die(); + + if (memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) { + $DEFAULTS['userAccount'] = readVariable($_GET['userAccount'],'userAccount'); + $DEFAULTS['userCn'] = readVariable($_GET['userCn'],'emptystringnull'); + $DEFAULTS['userPassword'] = readVariable($_GET['userPassword'],'emptystringnull'); + $DEFAULTS['mail'] = readVariable($_GET['email'],'emptystringnull'); + $DEFAULTS['telephoneNumber'] = readVariable($_GET['tel'],'emptystringnull'); + } + + $toPolicy = readVariable($_POST['toPolicy'], 'enum', readVariable($_GET['toPolicy'], 'enum',_POLICY, $POLICIES), $POLICIES); + + @$toPSF = $_REQUEST['toPSF']; + + if ($toPolicy != _POLICY) require_once(_CONFIGDIR."/$toPolicy-conf.php"); + if ( + ( + $AUTH[$toPolicy]['createAccount'] == 'byAdmin' + and memberOf(_USERACCOUNT, $AUTH['private']['adminGroup']) + ) + or ( + $AUTH[$toPolicy]['createAccount'] == 'byRegistration' + && _USERACCOUNT =='' + ) + ) { + define('_ENABLE',true); + } else { + define('_ENABLE',false); + $_SESSION['alert'][] = 'page:insufficient_access:#1'; + } + + if (_ENABLE && $action == 'createAccount' && isset($_POST['new'])) { + + $file = $_FILES['file']['tmp_name']; + if ($file != '' && $file != 'none' && file_exists($file)) { + + $uidfp=fopen($file, 'r'); + while ($sor=fgets($uidfp, 4096)) { + list($userCn, $userAccount, $userPassword, $category, $studyId, $container)=explode(" ",chop($sor)); + // A biztonság kedvéért ez a html form validációval egyező legyen + $userCn = readVariable($userCn,'html'); + $userAccount = readvariable($userAccount,'html'); + $studyId = readVariable($studyId,'number'); + $category = readVariable($category, 'enum','',$AUTH[$toPolicy]['categories']); + $container = readVariable($container,'enum','',$AUTH[$toPolicy][$AUTH[$toPolicy]['backend'].'Containers']); + $policyAccountAttrs = array(); + if (is_array($AUTH[$toPolicy]['accountAttrs'])) foreach ($AUTH[$toPolicy]['accountAttrs'] as $attr) { + if (isset($$attr) and $$attr != '') $policyAccountAttrs[$attr] = readVariable($$attr, 'string'); + } + if (createAccount($userCn, $userAccount, $userPassword, $toPolicy, array('container'=> $container, 'category' => $category, 'policyAttrs' => $policyAccountAttrs)) ===false) { + $_SESSION['alert'][] = "info:user_create_failure: cn.$userCn|account.$userAccount|policy.$toPolicy|category.$category|container.$container"; + } + } + fclose($uidfp); + + } else { + + // kötelező paraméterek + $userCn = readVariable($_POST['userCn'],'html'); + $userAccount = readvariable($_POST['userAccount'],'html'); + $studyId = readVariable($_POST['studyId'],'number'); + $userPassword = $_POST['userPassword']; + $verification = $_POST['verification']; + + // opcionális paraméterek + $category = readVariable($_POST['category'], 'enum','',$AUTH[$toPolicy]['categories']); + $container = readVariable($_POST['container'],'enum','',$AUTH[$toPolicy][$AUTH[$toPolicy]['backend'].'Containers']); + + $policyAccountAttrs = array(); + if (is_array($AUTH[$toPolicy]['accountAttrs'])) foreach ($AUTH[$toPolicy]['accountAttrs'] as $attr) { + if (isset($_POST[$attr]) and $_POST[$attr] != '') $policyAccountAttrs[$attr] = readVariable($_POST[$attr], 'string'); // ??? + } + + if ($userCn == '' or $userAccount == '' or $userPassword == '' or $verification == '') { + // Csak policy váltás történt + // $_SESSION['alert'][] = 'message:empty_field'; + } elseif ($userPassword != $verification) { + $_SESSION['alert'][] = 'message:pw_not_match'; + } else { + if (createAccount($userCn, $userAccount, $userPassword, $toPolicy, + array('container'=> $container, 'category' => $category, 'policyAttrs' => $policyAccountAttrs))) { + if ( + _POLICY == 'private' + && memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']) + ) header('Location: '.location("index.php?page=session&f=accountInfo&userAccount=$userAccount&toPolicy=$toPolicy")); + elseif (_POLICY == 'public') { + $toPSF = ($toPSF=='') ? 'auth::login' : $toPSF; + header( + 'Location: '.location("index.php?page=auth&f=login&userAccount=$userAccount&policy=public&toPolicy=$toPolicy&toPSF=$toPSF", array('skin','lang','sessionID')) + ); + } else { + $toPSF = ($toPSF=='') ? 'session::accountInfo' : $toPSF; + header( + 'Location: '.location("index.php?page=auth&f=login&userAccount=$userAccount&policy=public&toPolicy=$toPolicy&toPSF=$toPSF", array('skin','lang','sessionID')) + ); + } + } + } + } + + } + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/createAccount.php b/mayor-orig/mayor-base/www/policy/private/session/createAccount.php new file mode 100644 index 00000000..94c4b703 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/createAccount.php @@ -0,0 +1,12 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + global $toPolicy,$DEFAULTS; + + putCreateAccountForm($toPolicy, $DEFAULTS); + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/createGroup-pre.php b/mayor-orig/mayor-base/www/policy/private/session/createGroup-pre.php new file mode 100644 index 00000000..8b65ce02 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/createGroup-pre.php @@ -0,0 +1,49 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + if (_POLICY == 'private' && memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) { + } else { + $_SESSION['alert'][] = 'page:insufficient_access'; + } + $toPolicy = readVariable($_POST['toPolicy'], 'enum', _POLICY, $POLICIES); + + if ($action == 'createGroup') { + + $file = $_FILES['file']['tmp_name']; + if ($file != '' and $file != 'none' and file_exists($file)) { +/* $uidfp=fopen($file, 'r'); + while ($sor=fgets($uidfp, 4096)) { + list($groupCn, $groupDesc, $category)=explode(" ",chop($sor)); + !!!!!!!! createGroup($groupCn, $groupDesc, $category, $toPolicy); + } + fclose($uidfp); +*/ + } else { + + $groupCn = readVariable($_POST['groupCn'],'html'); + $groupDesc = readVariable($_POST['groupDesc'],'html'); + $category = readVariable($_POST['category'],'enum',null,$AUTH[_POLICY]['categories']); + $container = readVariable($_POST['container'],'enum','',$AUTH[$toPolicy][$AUTH[$toPolicy]['backend'].'Containers']); + $policyGroupAttrs = array(); + if (is_array($AUTH[$toPolicy]['groupAttrs'])) foreach ($AUTH[$toPolicy]['groupAttrs'] as $attr) { + if (isset($_POST[$attr]) and $_POST[$attr] != '') $policyGroupAttrs[$attr] = readVariable($_POST[$attr], 'string'); // ??? + } + + if ($groupCn == '' || $groupDesc == '' || $category == '') { + // Csak policy váltás + //$_SESSION['alert'][] = 'message:empty_field'.":$groupCn:$groupDesc:$category"; + } else { + if (createGroup($groupCn, $groupDesc, $toPolicy, array('container'=> $container, 'policyAttrs' => $policyGroupAttrs))) { + header('Location: '.location("index.php?page=session&f=groupInfo&groupCn=$groupCn&toPolicy=$toPolicy")); + } + } + } + + + } + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/createGroup.php b/mayor-orig/mayor-base/www/policy/private/session/createGroup.php new file mode 100644 index 00000000..a914ceaf --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/createGroup.php @@ -0,0 +1,12 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + global $toPolicy; + + putCreateGroupForm($toPolicy); + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/download-pre.php b/mayor-orig/mayor-base/www/policy/private/session/download-pre.php new file mode 100644 index 00000000..6b396143 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/download-pre.php @@ -0,0 +1,66 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + if (!((defined('_POLICY') && _POLICY=='public') + || (defined('__TITKARSAG') && __TITKARSAG===true) + || (defined('__TANAR') && __TANAR===true) + || (defined('__NAPLOADMIN') && __NAPLOADMIN===true) + || (defined('__DIAK') && __DIAK===true) + )) { + return false; + } + + // $file - csak a file neve, útvonal nem lehet benne + if (isset($_POST['file']) && $_POST['file'] != '') $file = basename($_POST['file']); + elseif (isset($_GET['file']) && $_GET['file'] != '') $file = basename($_GET['file']); + + if (!isset($file)) $_SESSION['alert'][] = 'page:empty_fields:file'; + else { + // $dir - betű, szám, -, _, és / lehet benne (elején csak betű vagy szám) + $dir = readVariable($_POST['dir'], 'path', readVariable($_GET['dir'], 'path')); + + // Az útvonal beállítása + $path = _DOWNLOADDIR.'/'._POLICY; + if (isset($dir)) $path .= '/'.$dir; + $path .= '/'.$file; + + // Jogosultságok ellenőzése dir alapján + if (__DIAK===true) { + if (strstr($dir,'naplo/face/')===false) return false; + } + // Titkarsag, Tanar, Naploadmin letoltheti, amit szeretne + + // Létezik-e a file + if (!file_exists($path)) $_SESSION['alert'][] = 'page:file_not_found:'.substr($path, strlen(_DOWNLOADDIR.'/'._POLICY.'/')).':'.$path; + else { + + $ADAT['path'] = $path; + $ADAT['dir'] = $dir; + $ADAT['file'] = $file; + $ADAT['ext'] = strtolower(substr(strrchr($file,"."),1)); + $ADAT['size'] = filesize($path); + $ADAT['mime'] = readVariable($_POST['mimetype'], 'enum', readVariable($_GET['mimetype'], 'enum', null, $allowedMimeTypes), $allowedMimeTypes); + + // MiME típus megállapítása + if (!isset($ADAT['mime'])) { + if ($allowedExtensions[$ADAT['ext']] != '') $ADAT['mime'] = $allowedExtensions[$ADAT['ext']]; + else { + if (function_exists('mime_content_type')) { + $ADAT['mime'] = mime_content_type($ADAT['path']); + } elseif (function_exists('finfo_file')) { + $finfo = finfo_open(FILEINFO_MIME); + $ADAT['mime'] = finfo_file($finfo, $ADAT['path']); + finfo_close($finfo); + } + if ($ADAT['mime'] == '') $ADAT['mime'] = "application/force-download"; + } + } + if (in_array($ADAT['mime'],array('image/gif','image/png','image/jpeg','image/jpeg'))) $ADAT['pure']=true; + // letöltés + if (isset($_GET['download'])) passFile($ADAT); + + } + } + + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/download.php b/mayor-orig/mayor-base/www/policy/private/session/download.php new file mode 100644 index 00000000..12d907a9 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/download.php @@ -0,0 +1,9 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $ADAT; + + if (is_array($ADAT)) putDownloadForm($ADAT); + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/eduroam-pre.php b/mayor-orig/mayor-base/www/policy/private/session/eduroam-pre.php new file mode 100644 index 00000000..40a406cd --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/eduroam-pre.php @@ -0,0 +1,5 @@ +<?php + + getEduroamAdat(); + +?>
\ No newline at end of file diff --git a/mayor-orig/mayor-base/www/policy/private/session/eduroam.php b/mayor-orig/mayor-base/www/policy/private/session/eduroam.php new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/eduroam.php diff --git a/mayor-orig/mayor-base/www/policy/private/session/facebookConnect-pre.php b/mayor-orig/mayor-base/www/policy/private/session/facebookConnect-pre.php new file mode 100644 index 00000000..b0988ae5 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/facebookConnect-pre.php @@ -0,0 +1,91 @@ +<?php + + if (__FBCONNECT_ENABLED !== true ) return false; + + if (version_compare(PHP_VERSION, '5.4.0', '<')) { + return false; + } else { + /* facebook login start */ + require_once ('include/share/facebook/autoload.php'); + $fb = new Facebook\Facebook(array( + 'app_id' => __FB_APP_ID, + 'app_secret' => __FB_APP_SECRET, + 'cookie' => true, + 'status' => true, + 'default_graph_version' => 'v2.5', + )); + $oAuth2Client = $fb->getOAuth2Client(); + + $helper = $fb->getJavaScriptHelper(); + try { + $accessToken = $helper->getAccessToken(); + // convert + if ($accessToken !='' && !$accessToken->isLongLived()) { + try { + $accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken); + } catch (Facebook\Exceptions\FacebookSDKException $e) { + $_SESSION['alert'][] = "info::Error getting long-lived access token: " . $helper->getMessage() . ""; + } + } + } catch(Facebook\Exceptions\FacebookResponseException $e) { + // When Graph returns an error + $_SESSION['alert'][] = 'info::Graph returned an error: ' . $e->getMessage(); + } catch(Facebook\Exceptions\FacebookSDKException $e) { + // When validation fails or other local issues + $_SESSION['alert'][] = 'info::Facebook SDK returned an error: ' . $e->getMessage(); + } + if (isset($accessToken)) { + $_SESSION['facebook_access_token'] = (string) $accessToken; + $_SESSION['facebook_access_token_object'] = $accessToken; + $response = $fb->get('/me?fields=id,name,email',$accessToken); + $userNode = $response->getGraphUser(); + $ADAT['fbUserId'] = $userNode->getField('id'); + $ADAT['fbUserCn'] = $userNode->getField('name'); + $ADAT['fbUserEmail'] = $userNode->getField('email'); + } + } + if ($action=='revokeFbAuth') { + fbConnectRevoke($ADAT['fbUserId']); + } elseif ($action=='grantFbAuth') { + fbConnectGrant($ADAT); + } + + $ADAT['fbUserIdStatusz'] = checkFbConnectAssoc($ADAT); + + function checkFbConnectAssoc($ADAT) { + if ($ADAT['fbUserId']=='') return 0; + + $q = "SELECT count(*) AS db FROM facebookConnect where userAccount='%s' AND policy='%s' AND fbUserId='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId']); + $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v)); + if ($db==1) return 1; // 'OK'; + + $q = "SELECT count(*) AS db FROM facebookConnect where userAccount='%s' AND policy='%s' AND fbUserId!='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId']); + $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v)); + if ($db==1) return 2; // 'masik fbUserId van megadva'; + + $q = "SELECT count(*) AS db FROM facebookConnect where userAccount!='%s' AND policy='%s' AND fbUserId='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId']); + $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v)); + if ($db==1) return 3; // 'masik userAccount van hozzárendelve ehhez a fb azonosítóhoz'; + + return false; + } + + function fbConnectRevoke($fbUserId) { + if ($fbUserId=='') return 0; + + $q = "DELETE FROM facebookConnect where userAccount='%s' AND policy='%s' AND fbUserId='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$fbUserId); + return db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','values'=>$v)); + } + function fbConnectGrant($ADAT) { + if ($ADAT['fbUserId']=='') return 0; + + $q = "INSERT IGNORE INTO facebookConnect (userAccount,policy,fbUserId,fbUserCn,fbUserEmail,studyId) VALUES ('%s','%s','%s','%s','%s','%s')"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId'],'fbUserCn'=>_USERCN.' ('.$ADAT['fbUserCn'].')','fbUserEmail'=>$ADAT['fbUserEmail'],'studyId'=>_STUDYID); + return db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'insert','values'=>$v)); + } + +?>
\ No newline at end of file diff --git a/mayor-orig/mayor-base/www/policy/private/session/facebookConnect.php b/mayor-orig/mayor-base/www/policy/private/session/facebookConnect.php new file mode 100644 index 00000000..e125c680 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/facebookConnect.php @@ -0,0 +1,7 @@ +<?php + + global $ADAT; + + putFacebookConnectStatusz($ADAT); + +?>
\ No newline at end of file diff --git a/mayor-orig/mayor-base/www/policy/private/session/googleapi-pre.php b/mayor-orig/mayor-base/www/policy/private/session/googleapi-pre.php new file mode 100644 index 00000000..49438dcc --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/googleapi-pre.php @@ -0,0 +1,100 @@ +<?php + + if (__GOOGLEAPI_ENABLED !== true ) return false; + + if (version_compare(PHP_VERSION, '5.4.0', '<')) { + return false; + } else { + require_once ('include/share/googleapi/autoload.php'); + + if ($action=='googleapiRevoke') { + googleapiRevoke(); + unset($_SESSION['googleapi_id_token']); + unset($_SESSION['googleapi_object']); + } elseif ($action=='googleapiGrant') { + // itt nem áll rendelkezésre adat! googleapiGrant($ADAT); + // a get id_token résznél kötjük össze a usert és irányítjuk tovább + } + //$ADAT['googleapiStatus'] = googleapiCheckAssoc($ADAT); + if ($_SESSION['googleapi_id_token']!='') { + // van azonosított user + // a sessionben rendelkezésre is áll az objektum (googleapi_object), + // de itt most lekérdezzük a google szervertől újra! + $redirect_uri = _BASE_URL.'/index.php'; + $client = new Google_Client(); + $client->setClientId(__GOOGLEAPI_CLIENT_ID); + $client->setClientSecret(__GOOGLEAPI_CLIENT_SECRET); + $client->setScopes('email'); + // $client->setAccessToken($_SESSION['googleapi_id_token']); + try { + $ADAT['payload'] = $payload = $client->verifyIdToken($_SESSION['googleapi_id_token']); + $ADAT['googleapiStatusz'] = 1; + } catch(Exception $e) { + $_SESSION['alert'][] = 'info::googleapi SDK hiba: ' . $e->getMessage(); + $ADAT['googleapiStatusz'] = 2; + } + } elseif ($_GET['id_token']!='') { + $redirect_uri = _BASE_URL.'/index.php'; + $client = new Google_Client(); + //$client->setAuthConfig($oauth_credentials); + $client->setClientId(__GOOGLEAPI_CLIENT_ID); + $client->setClientSecret(__GOOGLEAPI_CLIENT_SECRET); +// $client->setRedirectUri($redirect_uri); + $client->setScopes('email'); + try { + $payload = $client->verifyIdToken($_GET['id_token']); + } catch(Exception $e) { + $_SESSION['alert'][] = 'info::googleapi SDK hiba: ' . $e->getMessage(); + } + if (isset($payload['sub'])) { // subject + $_SESSION['google_access_token'] = (string) $payload; + $_SESSION['google_access_token_object'] = $payload; + // mayor auth start + $accountInformation=array(); + $toPolicy = 'public'; + $ADAT['googleSub'] = $payload['sub']; +// $ADAT['fbUserId'] = $userNode->getField('id'); + $ADAT['googleUserCn'] = $payload['name']; + $ADAT['googleUserEmail'] = $payload['email']; + googleapiGrant($ADAT); + /* mayor auth stop */ + } else { + $_SESSION['alert'][] = 'info:nem érvényes accessToken'; + } + } + + } + function googleapiCheckAssoc($ADAT) { + if ($ADAT['googleSub']=='') return 0; + + $q = "SELECT count(*) AS db FROM googleConnect where userAccount='%s' AND policy='%s' AND googleSub='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['googleSub']); + $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v)); + if ($db==1) return 1; // 'OK'; + + $q = "SELECT count(*) AS db FROM googleConnect where userAccount='%s' AND policy='%s' AND googleSub!='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['googleSub']); + $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v)); + if ($db==1) return 2; // 'masik googleSub van megadva'; + + $q = "SELECT count(*) AS db FROM googleConnect where userAccount!='%s' AND policy='%s' AND googleSub='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'googleSub'=>$ADAT['googleSub']); + $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v)); + if ($db==1) return 3; // 'masik userAccount van hozzárendelve ehhez a googleSub azonosítóhoz'; + + return false; + } + + function googleapiRevoke() { + $q = "DELETE FROM googleConnect where userAccount='%s' AND policy='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY); + return db_query($q,array('fv'=>'googleapiRevoke','modul'=>'login','values'=>$v)); + } + function googleapiGrant($ADAT) { + if ($ADAT['googleSub']=='') return 0; + $q = "INSERT IGNORE INTO googleConnect (userAccount,policy,googleSub,googleUserCn,googleUserEmail,studyId) VALUES ('%s','%s','%s','%s','%s','%s')"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'googleSub'=>$ADAT['googleSub'],_USERACCOUNT.' ('.$ADAT['googleUserCn'].')',$ADAT['googleUserEmail'],_STUDYID); + return db_query($q,array('debug'=>true,'fv'=>'googleapiGrant','modul'=>'login','result'=>'insert','values'=>$v)); + } + +?>
\ No newline at end of file diff --git a/mayor-orig/mayor-base/www/policy/private/session/googleapi.php b/mayor-orig/mayor-base/www/policy/private/session/googleapi.php new file mode 100644 index 00000000..fe079bed --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/googleapi.php @@ -0,0 +1,28 @@ +<?php + + global $ADAT; + +// putFacebookConnectStatusz($ADAT); + +// echo '<div class="g-signin2" data-onsuccess="onSignIn"></div>'; + +// echo '<h1>Tesztüzem</h1>'; + +// formBegin(); +// echo '<input type="text" name="action" value="googleapiCheck" >'; +// echo '<button type="button" id="googleapiCheckBtn" class="api"><span class="icon-googleplus"></span> Ellenőrzés</button>'; +// formEnd(); + +// formBegin(); +// echo '<input type="hidden" name="action" value="googleGrant" >'; +// echo '<button type="button" id="googleLoginBtn" class="api"><span class="icon-googleplus"></span> Összeköt</button>'; +// formEnd(); + +// formBegin(); +// echo '<input type="text" name="action" value="googleRevoke" >'; +// echo '<button type="submit" class="api"><span class="icon-googleplus"></span> Visszavon</button>'; +// formEnd(); + + putGoogleapiStatusz($ADAT); + +?>
\ No newline at end of file diff --git a/mayor-orig/mayor-base/www/policy/private/session/groupInfo-pre.php b/mayor-orig/mayor-base/www/policy/private/session/groupInfo-pre.php new file mode 100644 index 00000000..97864ffa --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/groupInfo-pre.php @@ -0,0 +1,43 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + + $toPolicy = readVariable($_POST['toPolicy'], 'enum', + readVariable($_GET['toPolicy'], 'enum', _POLICY, $POLICIES), + $POLICIES + ); + + $groupCn = readVariable($_GET['groupCn'],'regreplace',null,array("[^a-zA-Z0-9\ \.\,_:;űáéúőóüöíŰÁÉÚŐÓÜÖÍ\-]")); + +// egyelőre csak private-ból lehet valaki admin... +// if (memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) define('_ACCESS_AS', _ADMIN_ACCESS); + + if ( + _POLICY == 'private' && + ( + memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']) || + ( + memberOf(_USERACCOUNT,'diakadmin') && + in_array('diak',$userCategories) + ) + ) + ) define('_ACCESS_AS', _ADMIN_ACCESS); + else define('_ACCESS_AS', _OTHER_ACCESS); + + list($backendAttrs,$backendAttrDef) = getBackendAttrs('Group', $toPolicy); + + if ($action == 'changeSettings') { + + changeGroupInfo($groupCn, $toPolicy); + + } + $groupInfo = getGroupInfo($groupCn, $toPolicy); // keretrendszer attribútumai + // backend attribútumai + + if ($groupInfo===false) $_SESSION['alert'][] = 'page::'; + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/groupInfo.php b/mayor-orig/mayor-base/www/policy/private/session/groupInfo.php new file mode 100644 index 00000000..6dda377c --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/groupInfo.php @@ -0,0 +1,12 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + global $groupCn, $groupInfo, $backendAttrDef, $toPolicy; + + putGroupInfoForm($groupCn, $groupInfo, $backendAttrDef, $toPolicy); + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount-pre.php b/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount-pre.php new file mode 100644 index 00000000..1ef93e95 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount-pre.php @@ -0,0 +1,29 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + $toPolicy = readVariable($_POST['toPolicy'], 'enum', _POLICY, $POLICIES); + + define('__ADMIN', memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])); + define('__DIAKADMIN', memberOf(_USERACCOUNT, 'diakadmin')); + + // valójában így sem jó, mert a lekérdezett backend-től kellene függővé teni a keresés mezőket... + if ($AUTH[_POLICY]['backend'] == 'ad') $searchAttrList = array('userCn', 'userAccount', 'uidNumber', 'studyId'); + else $searchAttrList = array('userCn', 'userAccount', 'studyId'); + + if ($action == 'searchAccount') { + $attr = readVariable($_POST['attr'], 'enum', 'userCn', $searchAttrList); + $pattern = readVariable($_POST['pattern'], 'string'); + $searchResult = searchAccount($attr, $pattern, $searchAttrList, $toPolicy); + } elseif ($action == 'deleteAccount' and __ADMIN === true) { + $userAccount = readVariable($_POST['userAccount'], 'string'); + deleteAccount($userAccount, $toPolicy); + } else { + echo $action; + } + + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount.php b/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount.php new file mode 100644 index 00000000..727706ee --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount.php @@ -0,0 +1,16 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + global $attr, $pattern, $searchResult, $searchAttrList, $toPolicy, $ADAT; + + putSearchAccountForm($attr, $pattern, $searchAttrList, $toPolicy); + + if (is_array($searchResult)) { + putSearchResultBox($searchResult, $toPolicy); + } + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup-pre.php b/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup-pre.php new file mode 100644 index 00000000..94deeba2 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup-pre.php @@ -0,0 +1,25 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + $toPolicy = readVariable($_POST['toPolicy'], 'enum', _POLICY, $POLICIES); + + define('__ADMIN', memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])); + define('__DIAKADMIN', memberOf(_USERACCOUNT, 'diakadmin')); + + $searchAttrs = array('groupCn', 'groupDesc'); + if ($action == 'searchGroup') { + $attr = readVariable($_POST['attr'], 'enum', 'groupCn', $searchAttrs); + $pattern = readVariable($_POST['pattern'],'html'); + $searchResult = searchGroup($attr, $pattern, $searchAttrs, $toPolicy); + } elseif (__ADMIN ===true && $action == 'deleteGroup') { + $groupCn = readVariable($_POST['groupCn'], 'html'); // nem biztos hogy id - bizos nem id, hanem a csoport neve + deleteGroup($groupCn, $toPolicy); + } else { + echo $action; + } + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup.php b/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup.php new file mode 100644 index 00000000..c36d0ef6 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup.php @@ -0,0 +1,16 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + global $attr, $pattern, $searchAttrs, $searchResult, $toPolicy; + + putSearchGroupForm($attr, $pattern, $searchAttrs, $toPolicy); + + if (is_array($searchResult)) { + putSearchResultBox($searchResult, $toPolicy); + } + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/session-pre.php b/mayor-orig/mayor-base/www/policy/private/session/session-pre.php new file mode 100644 index 00000000..d1c65349 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/session-pre.php @@ -0,0 +1,5 @@ +<?php + + header('Location: '.location('index.php?page=session&sub=search&f=searchAccount')); + +?>
\ No newline at end of file diff --git a/mayor-orig/mayor-base/www/policy/private/session/session.php b/mayor-orig/mayor-base/www/policy/private/session/session.php new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/session.php diff --git a/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin-pre.php b/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin-pre.php new file mode 100644 index 00000000..08b55781 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin-pre.php @@ -0,0 +1,24 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + if (_POLICY != 'private' || !memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) { + $_SESSION['alert'][] = 'page:insufficient_access'; + } else { + + if ($action == 'deleteSession') { + + $policy = readVariable($_POST['delPolicy'], 'enum', null, $POLICIES); + $userAccount = readVariable($_POST['delSessionID'], 'string', null); + if (isset($policy) && isset($userAccount)) { + deleteSession($userAccount, $policy); + } else { $_SESSION['alert'][] = 'message:wrong_data:userAccount,policy:'.$policy.':'.$userAccount; } + + } + $ADAT['session'] = getSessions(); +//echo '<pre>'; var_dump($ADAT); echo '</pre>'; + + } + + +?> diff --git a/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin.php b/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin.php new file mode 100644 index 00000000..d1398e4f --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin.php @@ -0,0 +1,9 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $ADAT; + + putSessionList($ADAT); + +?> diff --git a/mayor-orig/mayor-base/www/policy/public/auth/forgotten-pre.php b/mayor-orig/mayor-base/www/policy/public/auth/forgotten-pre.php new file mode 100644 index 00000000..76ffaebb --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/public/auth/forgotten-pre.php @@ -0,0 +1,92 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + require_once('include/share/net/phpmailer.php'); + + $ADAT['userAccount'] = readVariable($_POST['userAccount'], 'string', readVariable($_GET['userAccount'], 'string', null)); + $ADAT['toPolicy'] = readVariable($_POST['toPolicy'], 'enum', readVariable($_GET['toPolicy'], 'enum', 'parent', array('parent','private')), array('parent','private')); + $ADAT['mail'] = readVariable($_POST['mail'], 'string', null); + + if ($AUTH[$ADAT['toPolicy']]['enablePasswordReset']!==true) { + //$_SESSION['alert'][] = 'info:pw_reset_disabled'; + $ADAT['forgotDisabled'] = true; + } + +/* Under dev + foreach(array('private','parent','public') as $_policy) { + if ($ADAT['toPolicy']==$_policy && $AUTH[$_policy]['enablePasswordReset']!==true) $ADAT['forgotDisabled'] = true; + } +*/ + if ($action == 'sendResetPasswordMail') { + + // TODO - ez a kettő összevonható, kukac tuti nincs a felhasználónévben + // TODO - megviszgálhatnánk, hogy milyen authentikációs levelen van a user + // TODO - mármint, ahol megváltoztatható egyáltalán a jelszó... + require_once('include/modules/session/search/searchAccount.php'); + if (isset($ADAT['userAccount'])) { + $ADAT['accounts'] = searchAccount('userAccount', $ADAT['userAccount'], $searchAttrs = array('userCn','mail','userAccount'), $ADAT['toPolicy']); + for ($i=0; $i<$ADAT['accounts']['count']; $i++) { + if ($ADAT['userAccount'] == $ADAT['accounts'][$i]['userAccount'][0] && $ADAT['accounts'][$i]['mail'][0] != '') { + $ADAT['account'] = array( + 'policy' => $ADAT['toPolicy'], + 'userAccount' => $ADAT['accounts'][$i]['userAccount'][0], + 'userCn' => $ADAT['accounts'][$i]['userCn'][0], + 'mail' => current(explode(' ',str_replace(';',' ',trim($ADAT['accounts'][$i]['mail'][0])))), + ); + break; + } + } + } elseif (isset($ADAT['mail'])) { + $ADAT['accounts'] = searchAccount('mail', $ADAT['mail'], $searchAttrs = array('userCn','mail','userAccount'), $ADAT['toPolicy']); + for ($i=0; $i<$ADAT['accounts']['count']; $i++) { + if ($ADAT['mail'] == $ADAT['accounts'][$i]['mail'][0] && $ADAT['accounts'][$i]['mail'][0] != '') { + $ADAT['account'] = array( + 'policy' => $ADAT['toPolicy'], + 'userAccount' => $ADAT['accounts'][$i]['userAccount'][0], + 'userCn' => $ADAT['accounts'][$i]['userCn'][0], + 'mail' => current(explode(' ',str_replace(';',' ',trim($ADAT['accounts'][$i]['mail'][0])))), + ); + break; + } + } + } + + // Recovery + if (is_array($ADAT['account'])) { + $recoveryRequest = generatePasswordRecoveryRequest($ADAT['account']); + if ($recoveryRequest!=false) { + $ADAT['account']['url'] = $recoveryRequest; + // levél generálása és kiküldése + $body = '<html><head><title></title></head><body> +<p>Az alábbi linkre kattintva magadhatod az új MaYoR-jelszavadat.</p> +<p>Ha nem te küldted az igénylést, tekintsd a levelet tárgytalannak!</p> +<p class="link">'.$recoveryRequest.'</p> +<p>'.__SUPPORT_EMAIL_NAME.' ('.__SUPPORT_EMAIL_ADDRESS.')</p> +</body></html>'; + /* MAIL */ + if (__EMAIL_ENABLED===true) { + $mail = new PHPMailer(); + $mail->CharSet = 'UTF-8'; + $mail->SetFrom(__SUPPORT_EMAIL_ADDRESS,__SUPPORT_EMAIL_NAME); + $mail->AddAddress($ADAT['account']['mail'], $ADAT['account']['userCn']); + $mail->Subject = "[MaYoR] Jelszóemlékeztető"; + $mail->MsgHTML($body); + $mail->Send(); + } else { + //dump(__EMAIL_ENABLED); + //dump(__SUPPORT_EMAIL_ADDRESS); + //dump(__SUPPORT_EMAIL_NAME); + } + /* -- */ +// $_SESSION['alert'][] = 'info:success'; + } else { +// $_SESSION['alert'][] = 'info:success'; // nem üzenünk hibát + } + } else { +// $_SESSION['alert'][] = 'message:wrong_data:Nincs ilyen azonosító, vagy nincs rögzítve e-mail cím az azonosítóhoz! ('.$ADAT['userAccount'].')'; + } + + } + +?>
\ No newline at end of file diff --git a/mayor-orig/mayor-base/www/policy/public/auth/forgotten.php b/mayor-orig/mayor-base/www/policy/public/auth/forgotten.php new file mode 100644 index 00000000..bd751c83 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/public/auth/forgotten.php @@ -0,0 +1,16 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $ADAT,$action; + + if ($ADAT['forgotDisabled']===true) + putForgotDisabled(); + elseif (!is_array($ADAT['account']) && $action=='') { + putForgotPasswordForm($ADAT); + putForgotUserAccountForm($ADAT); + } else { + putForgotThankyou(); + } + putBackToLogin($ADAT); +?>
\ No newline at end of file diff --git a/mayor-orig/mayor-base/www/policy/public/auth/login-pre.php b/mayor-orig/mayor-base/www/policy/public/auth/login-pre.php new file mode 100644 index 00000000..c524751f --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/public/auth/login-pre.php @@ -0,0 +1,86 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + if (defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) { // kompatibilitási okokból + $toPolicy = readVariable($_REQUEST['toPolicy'], 'enum', 'private', $POLICIES); + } else { + $toPolicy = 'private'; // force + } + $toSkin = readVariable($_POST['toSkin'], 'enum', readVariable($_GET['toSkin'], 'enum', null, $SKINSSHOW), $SKINSSHOW); + @list($toPage,$toSub,$toF) = readVariable(explode(':',$_REQUEST['toPSF']), 'strictstring'); + $toPSF = "$toPage:$toSub:$toF"; + +// Ha már az adott sessionID-vel belépett az adott policy-ra, akkor ne lépjen be újra +// if ($sessionID != '' and validUser($sessionID, $toPolicy)) { +// header('Location: '.location("index.php?policy=$toPolicy&page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID", array('alert'))); +// die(); +// } + + if ($toPolicy=='private' && isset($_SESSION['portalLoggedUsername']) && defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) { + $action='autologin'; + //A SuliX-osok kérésére ezt sajnos kihagyjuk :( session_regenerate_id(true); + } + + // Az elküldött név+jelszó ellenőrzése + if ($action == 'login' || $action=='autologin') { + + // A toPolicy hibaüzenetei + if (file_exists('include/alert/'.$lang.'/'.$AUTH[$toPolicy]['backend'].'.php')) { + require('include/alert/'.$lang.'/'.$AUTH[$toPolicy]['backend'].'.php'); + } elseif (file_exists('include/alert/'._DEFAULT_LANG.'/'.$AUTH[$toPolicy]['backend'].'.php')) { + require('include/alert/'._DEFAULT_LANG.'/'.$AUTH[$toPolicy]['backend'].'.php'); + } + // Autentikáció - alapok + if (file_exists('include/share/auth/base.php')) { + require('include/share/auth/base.php'); + } + // Autentikáció - toPolicy + if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php')) { + require('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php'); + } + + // lejart session-ok torlese + require('include/share/session/close.php'); + closeOldAndIdleSessions(); + + if ($action=='autologin' && defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) { + $userPassword = readVariable($_SESSION['portalLoggedPassword'], 'string'); + //$userAccount = readVariable($_SESSION['portalLoggedUsername'], 'regexp', null, array("^([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$")); + $userAccount = readVariable($_SESSION['portalLoggedUsername'], 'userAccount', null); + } else { + $userPassword = readVariable($_POST['userPassword'], 'string'); + //$userAccount = readVariable($_POST['userAccount'], 'regexp', null, array("^([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$")); + $userAccount = readVariable($_SESSION['portalLoggedUsername'], 'userAccount', null); + } + + if (defined('_BOLONDOS') && _BOLONDOS===true) $userAccount = visszafele($userAccount); + + $accountInformation = array('account' => $userAccount, 'password' => $userPassword, 'policy' => $toPolicy, 'skin'=>$toSkin); + if ($sessionID != '') $accountInformation['sessionID'] = $sessionID; + + if ($userAccount != '' and $userPassword != '') { + + $result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy); // ??? toPolicy benne van az AccountInformation-ben!!! Ldap backend only? + logLogin($toPolicy, $userAccount, $result); + if ($result === _AUTH_SUCCESS) { + $sessionID = newSession($accountInformation, $toPolicy); + if ($toSkin == '') $toSkin = $skin; + header('Location: '.location("index.php?page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID&policy=$toPolicy&lang=$lang&skin=$toSkin", array('alertOLD'))); + } elseif ($result === _AUTH_EXPIRED) { + $_SESSION['alert'][] = 'message:force_pw_update'; + header('Location: '.location("index.php?policy=public&page=password&f=changeMyPassword&userAccount=".$userAccount."&toPolicy=$toPolicy&skin=$toSkin", array('alertOLD'))); + } elseif ($result >= _AUTH_FAILURE) { + // sikertelen azonosítás - a hibaüzenetet a függvény generálja + //$NOF = @getFailedLoginCount($toPolicy,$userAccount); + //if ($NOF>1) sleep(min($NOF,10,rand(1,10))); // harden brute force attempts + } else { + // Ilyen csak hibás függvényműködés esetén lehet: + $_SESSION['alert'][] = "message:default:hibás visszatérési érték:userAuthentication:($result)"; + } + } else { + $_SESSION['alert'][] = 'message:empty_field'; + } + } + +?> diff --git a/mayor-orig/mayor-base/www/policy/public/auth/login.php b/mayor-orig/mayor-base/www/policy/public/auth/login.php new file mode 100644 index 00000000..c86bf24b --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/public/auth/login.php @@ -0,0 +1,17 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $userAccount, $userPassword, $toPolicy, $toPSF, $toSkin, $salt; + global $ADAT; + + if (defined('_USERACCOUNT') && (!is_string(_USERACCOUNT) || _USERACCOUNT=='') ) + putLoginForm($userAccount, $toPolicy, $toPSF, $toSkin, $salt); + else + putAlreadyLoggedIn(); + + if ($_SESSION['authStatus'] == _AUTH_FAILURE) { + putElfelejtettJelszoForm($ADAT); + } + +?> diff --git a/mayor-orig/mayor-base/www/policy/public/password/changeMyPassword-pre.php b/mayor-orig/mayor-base/www/policy/public/password/changeMyPassword-pre.php new file mode 100644 index 00000000..e9ef2f3c --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/public/password/changeMyPassword-pre.php @@ -0,0 +1,72 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + _clearSessionCache($sessionID); + unsetTokenCookies(); // ha valaki ide tévedne, visszavonjuk a Tokenjét és a cache-t is vissza kell + + $toPolicy = readVariable($_REQUEST['toPolicy'], 'enum', 'private', $POLICIES); + $userAccount = readVariable($_REQUEST['userAccount'], 'emptystringnull', (defined('_USERACCOUNT'))?_USERACCOUNT:null); + + if (file_exists(_CONFIGDIR."/$toPolicy-conf.php")) { + require_once(_CONFIGDIR."/$toPolicy-conf.php"); + } + + if ($AUTH[$toPolicy]['enableSelfPasswordChange']) { + + // Az elküldött név+jelszó ellenőrzése + if ($action == 'changePassword') { + + + require_once('include/modules/auth/base/login.php'); + + if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php')) { + require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php'); + } + if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php')) { + require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php'); + } + if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php')) { + require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php'); + } + + $userPassword = readVariable($_POST['userPassword'], 'emptystringnull'); + $newPassword = readVariable($_POST['newPassword'], 'emptystringnull'); + $verification = readVariable($_POST['verification'], 'emptystringnull'); + + if ($verification == '' or $newPassword == '') { + $_SESSION['alert'][] = 'message:empty_field'; + } elseif ($verification != $newPassword) { + $_SESSION['alert'][] = 'message:pw_not_match'; + } elseif ($userPassword == $newPassword) { + $_SESSION['alert'][] = 'message:pw_not_changed'; + } else { + + $result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy); + if ($result >= _AUTH_FAILURE) { + $_SESSION['alert'][] = 'message:auth_failure'; // megj: a hibaüzenetet a userAuthentication egyébként generálja. kell ez? + } else { + + if (changeMyPassword($userAccount, $userPassword, $newPassword, $toPolicy)) { +// Újra be kell jelentkezni mindenképp... +// updateSessionPassword($userAccount, $toPolicy, $verification); +// if (validUser($sessionID,$policy)) +// header('Location: '.location("index.php?policy=$toPolicy&sessionID=".$sessionID, array('alert'))); +// else + header('Location: '.location("index.php?page=auth&f=login&toPolicy=$toPolicy", array('alert'))); + } else { + $_SESSION['alert'][] = 'message:pw_change_failed'; + } + } + + } + + } // action + + } else { + + $_SESSION['alert'][] = 'page:pw_change_disabled'; + + } + +?> diff --git a/mayor-orig/mayor-base/www/policy/public/password/changeMyPassword.php b/mayor-orig/mayor-base/www/policy/public/password/changeMyPassword.php new file mode 100644 index 00000000..29ebbf10 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/public/password/changeMyPassword.php @@ -0,0 +1,9 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $userAccount, $toPolicy; + + putChangePasswordForm($userAccount, $toPolicy); + +?> diff --git a/mayor-orig/mayor-base/www/policy/public/password/resetPassword-pre.php b/mayor-orig/mayor-base/www/policy/public/password/resetPassword-pre.php new file mode 100644 index 00000000..3590f27a --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/public/password/resetPassword-pre.php @@ -0,0 +1,68 @@ +<?php + if (_RIGHTS_OK !== true) die(); + + $selector = readVariable($_POST['selector'], 'string', readVariable($_GET['selector'], 'hexa', null)); + $validator = readVariable($_POST['validator'], 'string', readVariable($_GET['validator'], 'hexa', null)); + + if ($validator!='') { + $q = "SELECT * FROM accountRecovery WHERE selector = '%s' AND expires >= NOW()"; + $r = db_query($q, array('debug'=>false,'fv'=>'getPasswordRecoveryRequest','modul'=>'login','result'=>'record','values'=>array($selector))); + } + if (!is_array($r)) { + $_SESSION['alert']['page'] = 'message:wrong_data:A jelszó-helyreállítási kérelem nem létezik, vagy lejárt!'; + } else { + + $calc = hash('sha256', hex2bin($validator)); + if (hash_equals($calc, $r['token'])) { + // The reset token is valid. Authenticate the user. + //dump($r); + $ADAT = $r; + $ADAT['validator'] = $validator; + + $toPolicy = $r['policy']; + $userAccount = $r['userAccount']; + + if (file_exists(_CONFIGDIR."/$toPolicy-conf.php")) { + require_once(_CONFIGDIR."/$toPolicy-conf.php"); + } + + if ($AUTH[$toPolicy]['enablePasswordReset']) { + + if ($action == 'resetPassword') { + + if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php')) { + require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php'); + } + if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php')) { + require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php'); + } + + $newPassword = readVariable($_POST['newPassword'], 'emptystringnull'); + $verification = readVariable($_POST['verification'], 'emptystringnull'); + + if ($verification == '' or $newPassword == '') { + $_SESSION['alert'][] = 'message:empty_field'; + } elseif ($verification != $newPassword) { + $_SESSION['alert'][] = 'message:pw_not_match'; + } else { + if (changePassword($userAccount, $newPassword, $toPolicy)) { + $q = "DELETE FROM accountRecovery WHERE userAccount = '%s'"; + db_query($q, array('debug'=>false,'fv'=>'getPasswordRecoveryRequest','modul'=>'login','result'=>'delete','values'=>array($userAccount))); + header('Location: '.location("index.php?page=auth&f=login&toPolicy=$toPolicy", array('alert'))); + } else { + $_SESSION['alert'][] = 'message:pw_change_failed'; + } + } + } + + } else { + $_SESSION['alert'][] = 'page:pw_reset_disabled'; + } + + } else { + $_SESSION['alert']['page'] = 'message:insufficient_access:A jelszó-helyreállítási kérelem nem érvényes!'; + } + + } + +?> diff --git a/mayor-orig/mayor-base/www/policy/public/password/resetPassword.php b/mayor-orig/mayor-base/www/policy/public/password/resetPassword.php new file mode 100644 index 00000000..eaefcc8c --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/public/password/resetPassword.php @@ -0,0 +1,9 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $ADAT; + + if ($ADAT['userAccount']!='') putResetPasswordForm($ADAT); + +?> diff --git a/mayor-orig/mayor-base/www/policy/public/portal/rpc/rpc-pre.php b/mayor-orig/mayor-base/www/policy/public/portal/rpc/rpc-pre.php new file mode 100644 index 00000000..edd9a592 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/public/portal/rpc/rpc-pre.php @@ -0,0 +1,104 @@ +<?php +/* + MOVED!! + - mayor-base/public/rpc/rpc + - mayor-portal-mayor/rpc/controller/rpc + =========================================== + + require_once('include/share/ssl/ssl.php'); + + // MOVE + function getRegisztraltIskolaAdat($nodeId) { + if ($nodeId=='') { + $q = "SELECT * FROM regisztracio"; + $r = db_query($q, array('modul'=>'portal','result'=>'indexed')); + } else { + $q = "SELECT * FROM regisztracio WHERE nodeId='%s'"; + $v = array($nodeId); + $r = db_query($q, array('modul'=>'portal','result'=>'record','values'=>$v)); + } + return $r; + } + + function getPublicDataByNodeIdFromReg($nodeId) { + $q = "SELECT * FROM regisztracio WHERE nodeId='%s'"; + $v = array($nodeId); + $r = db_query($q, array('debug'=>false,'fv'=>'getPublicDataByNodeIdFromReg','modul'=>'portal','result'=>'record','values'=>$v)); + return $r; + } + function modRegData($nodeId, $regId, $DATA) { + $q = "UPDATE regisztracio SET ".implode(',',array_fill(0, count($DATA), "%s='%s'"))." WHERE regId=%u AND nodeId=%u"; + foreach ($DATA as $key=>$val) { + $v[] = $key; $v[] = $val; + } + $v[] = $regId; $v[] = $nodeId; + $r = db_query($q, array('debug'=>true,'fv'=>'modRegData','modul'=>'portal','values'=>$v)); + if ($r) return true; + else return $q; + } + + /* Class: Interconnect AES * / + + /* remote procedure call remote controller * / + try + { + /* rights.php: + $RPC = new Interconnect(); + $RPC->setRemoteHostByNodeId($senderNodeId); + $REQUEST = $RPC->processRequest(); + * / + $REQUEST = $RPC->getIncomingRequest(); + $func = $REQUEST['func']; + + } + catch (Exception $e) + { + $func=''; + $DATA = array('error'=>$e->getMessage()); + } + // processing + $DATA = array(); + if (isset($func) && $func!='') { + switch ($func) { + case 'getVersion': + case 'ping': + $DATA = array('func'=>'getVersion','response_revision'=>_MAYORREV,'pong'); + $RPC->setResponse($DATA); + break; + case 'checkRegistration': + $DATA = getPublicDataByNodeIdFromReg($senderNodeId); + if (is_array($DATA)) $valid = 1; else $valid = 0; + $DATA = array('func'=>$func,'valid'=>$valid,'status'=>$RPC->getStatus(),'get'=>$_GET,'post'=>$_POST); + $RPC->setResponse($DATA); + break; + case 'getPublicDataByNodeId': + $DATA = getPublicDataByNodeIdFromReg($REQUEST['nodeId']); + $RPC->setResponse($DATA); + break; + case 'modRegData': + $DATA['result'] = modRegData($senderNodeId,$REQUEST['regId'],$REQUEST['data']); + $DATA['func'] = 'modRegData'; + $RPC->setResponse($DATA); + break; + case 'getIskola': + $iskolaAdat = getRegisztraltIskolaAdat($REQUEST['otherNodeId']); + $DATA = array('func'=>$func,'iskolaAdat'=>$iskolaAdat); + $RPC->setResponse($DATA); + break; + case 'getRegistrationData': + $DATA = getPublicDataByNodeIdFromReg($REQUEST['nodeId']); + break; + case 'refreshRegistration': + break; + case 'getPublicData': + $iskolaAdat = getRegisztraltIskolaAdat(); + $DATA = array('func'=>$func,'szomszedok'=>$iskolaAdat); + $RPC->setResponse($DATA); + break; + default: + break; + } + + } +*/ +?> diff --git a/mayor-orig/mayor-base/www/policy/public/portal/start.php b/mayor-orig/mayor-base/www/policy/public/portal/start.php new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/public/portal/start.php diff --git a/mayor-orig/mayor-base/www/policy/public/rpc/rpc-pre.php b/mayor-orig/mayor-base/www/policy/public/rpc/rpc-pre.php new file mode 100644 index 00000000..30336e9e --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/public/rpc/rpc-pre.php @@ -0,0 +1,43 @@ +<?php +/* + module: mayor-base + + A alap metódusok RPC kezelője + +*/ + require_once('include/share/ssl/ssl.php'); + + try + { + /* + rights.php: + $RPC = new Interconnect(); + $RPC->setRemoteHostByNodeId($senderNodeId); + $REQUEST = $RPC->processRequest(); + */ + $REQUEST = $RPC->getIncomingRequest(); + $func = $REQUEST['func']; + + } + catch (Exception $e) + { + $func=''; + $DATA = array('error'=>$e->getMessage()); + } + // processing + $DATA = array(); + if (isset($func) && $func!='') { + switch ($func) { + // itt a currens verziót kellene visszaadni + case 'getVersion': + case 'ping': + $DATA = array('func'=>'getVersion','revision'=>_MAYORREV,'pong'); + $RPC->setResponse($DATA); + break; + default: + $DATA['result'] = 'ismeretlen függvény: '.$func; + break; + } + + } +?> diff --git a/mayor-orig/mayor-base/www/policy/public/session/logout-pre.php b/mayor-orig/mayor-base/www/policy/public/session/logout-pre.php new file mode 100644 index 00000000..013be18c --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/public/session/logout-pre.php @@ -0,0 +1,29 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + require('include/share/session/close.php'); + + closeSession(); + closeOldAndIdleSessions(); + if (defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) { + session_start(); + unset($_SESSION['portalLoggedPassword']); + unset($_SESSION['szuloDiakIdOk']); + session_destroy(); + header('Location: /'); + } else { +// session_start(); +// unset($_SESSION['szuloDiakIdOk']); +// session_destroy(); + session_start(); + session_unset(); + session_destroy(); + session_write_close(); + setcookie(session_name(),'',0,'/'); + setcookie($sessionID,'',0,'/'); + session_regenerate_id(true); + header('Location: index.php'); + } + +?> diff --git a/mayor-orig/mayor-base/www/policy/public/session/set-pre.php b/mayor-orig/mayor-base/www/policy/public/session/set-pre.php new file mode 100644 index 00000000..d3e77776 --- /dev/null +++ b/mayor-orig/mayor-base/www/policy/public/session/set-pre.php @@ -0,0 +1,10 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $_JSON; + $layout = readVariable($_GET['layout'],'id',0); + $_SESSION['pageLayout'] = $layout; + $_JSON['success'] = true; + $_JSON['pageLayout'] = $layout; +?> |