aboutsummaryrefslogtreecommitdiffstats
path: root/mayor-orig/www/include/base
diff options
context:
space:
mode:
authorM.Gergo2018-07-06 11:14:41 +0200
committerM.Gergo2018-07-06 11:14:41 +0200
commit43de9af71f7f4ca5731b94a06d688ae8412ba427 (patch)
tree54835de1dfcda504c02da261f0dc26885aed2e89 /mayor-orig/www/include/base
parent50310b0e4513ee3fcce67351ae61e8fff851130e (diff)
downloadmayor-43de9af71f7f4ca5731b94a06d688ae8412ba427.tar.gz
mayor-43de9af71f7f4ca5731b94a06d688ae8412ba427.zip
2018/Feb/28 -i állapot hozzáadva, mint a módosítások kiindulási állapota
Diffstat (limited to 'mayor-orig/www/include/base')
-rw-r--r--mayor-orig/www/include/base/base.php227
-rw-r--r--mayor-orig/www/include/base/cache.php33
-rw-r--r--mayor-orig/www/include/base/config.php62
-rw-r--r--mayor-orig/www/include/base/error.php44
-rw-r--r--mayor-orig/www/include/base/log.php33
-rw-r--r--mayor-orig/www/include/base/login.php120
-rw-r--r--mayor-orig/www/include/base/mysql.php396
-rw-r--r--mayor-orig/www/include/base/rights.php376
-rw-r--r--mayor-orig/www/include/base/str.php230
-rw-r--r--mayor-orig/www/include/base/var.php134
10 files changed, 1655 insertions, 0 deletions
diff --git a/mayor-orig/www/include/base/base.php b/mayor-orig/www/include/base/base.php
new file mode 100644
index 00000000..dd620a41
--- /dev/null
+++ b/mayor-orig/www/include/base/base.php
@@ -0,0 +1,227 @@
+<?php
+/*
+ Module: base
+*/
+
+function isMobile() {
+ if(preg_match('/(up.browser|up.link|windows ce|iemobile|mmp|symbian|smartphone|midp|wap|phone| vodafone|o2|pocket|mobile|pda|psp)/i',strtolower($_SERVER['HTTP_USER_AGENT'])))
+ return true;
+ //if(((strpos(strtolower($_SERVER['HTTP_ACCEPT']),'text/vnd.wap.wml')>0) or (strpos(strtolower($_SERVER['HTTP_ACCEPT']),'application/vnd.wap.xhtml+xml')>0)) or ((((isset($_SERVER['HTTP_X_WAP_PROFILE']) or isset($_SERVER['HTTP_PROFILE']) or isset($_SERVER['X-OperaMini-Features']) or isset($_SERVER['UA-pixels']))))))
+ $mobile_ua = strtolower(substr($_SERVER['HTTP_USER_AGENT'],0,4));
+ $mobile_agents = array('acs-','alav','alca','amoi','audi','aste','avan','benq' ,'bird','blac','blaz','brew','cell','cldc','cmd-','dang','doco','eric','hipt','inno','ipaq','java' ,'jigs','kddi','keji','leno','lg-c','lg-d','lg-g','lge-','maui','maxo','midp','mits','mmef','mobi','mot-','moto','mwbp','nec-','newt','noki','opwv','palm','pana','pant','pdxg' ,'phil','play','pluc','port','prox','qtek','qwap', 'sage','sams','sany','sch-','sec-','send','seri','sgh-','shar','sie-','siem','smal','smar','sony','sph-','symb','t-mo','teli','tim-','tosh','tsm-','upg1','upsi','vk-v','voda','wap-','wapa','wapi','wapp','wapr','webc','winw','winw' ,'xda','xda-');
+ if(in_array($mobile_ua,$mobile_agents)) {
+ return true;
+ }
+}
+
+// ------------------------------------------
+// PHP session
+// ------------------------------------------
+
+ session_start();
+
+// ------------------------------------------
+// Böngésző azonosítás
+// ------------------------------------------
+
+ if (defined('_ALLOWPDAIDENTIFICATION') && isMobile()) define('_USER_AGENT','ppc'); // inkább ketté kéne bontani [wap,ppc] tartalomra
+ else
+ if (strpos($_SERVER['HTTP_USER_AGENT'],'Opera') !== false) define('_USER_AGENT','opera');
+ elseif (strpos($_SERVER['HTTP_USER_AGENT'],'Gecko') !== false) define('_USER_AGENT','gecko');
+ elseif (strpos($_SERVER['HTTP_USER_AGENT'],'MSIE') !== false) define('_USER_AGENT','msie');
+ else define('_USER_AGENT','');
+
+ if (strstr($_SERVER['HTTP_USER_AGENT'],'iPhone')!=false) define('_USER_AGENT_PLUS','iPhone');
+ else define('_USER_AGENT_PLUS','');
+
+ if (($_SESSION['isMobile']=isMobile())===true) $_SESSION['pageLayout']=1; // patch
+
+// MaYoR revision konstans definiálása
+
+ if (@file_exists(_LOGDIR.'/revision')) {
+ $_rf = @fopen(_LOGDIR.'/revision', "r");
+ if ($_rf) $rev = @fgets($_rf, 64);
+ @fclose($_rf);
+ } else {
+ //rev missing...
+ }
+ define('_MAYORREV',chop($rev));
+ unset($rev);
+
+// ------------------------------------------
+// Default értékek
+// ------------------------------------------
+ /*
+ $policy - hozzáférési mód - kötelező
+ $page - megjelenítendő oldal - kötelező
+ $sub - aloldal - opcionális
+ $f - file - kötelező
+ $lang - az oldal nyelve - kötelező
+ skin - az oldal témája, "bőre" - kötelező
+ $action - elvégzendő feladat megjelölésére - opcionális
+ $_SESSION['alert'] - figyelmeztető üzenet (tömb) - opcionális
+ */
+
+ if (($__key = array_search('blue', $SKINS)) !== false) unset($SKINS[$__key]);
+ if (($__key = array_search('pda', $SKINS)) !== false) unset($SKINS[$__key]);
+ if ($AUTH['public']['skin'] == 'blue') $AUTH['public']['skin'] = 'classic';
+ if ($AUTH['private']['skin'] == 'blue') $AUTH['private']['skin'] = 'classic';
+ if ($AUTH['parent']['skin'] == 'blue') $AUTH['parent']['skin'] = 'classic';
+ // itt beolvassuk, később még egy szigorítás is van
+
+ if (_RUNLEVEL=='cron') {
+ $policy = 'private';
+ @$page = readVariable($_SERVER['argv'][1],'strictstring');
+ @$sub = readVariable($_SERVER['argv'][2],'strictstring');
+ @$f = readVariable($_SERVER['argv'][3],'strictstring');
+ @$sessionID = "cron";
+ } else {
+ @$policy = readVariable($_REQUEST['policy'],'strictstring',null,$POLICIES);
+ @$page = readVariable($_REQUEST['page'],'strictstring');
+ @$sub = readVariable($_REQUEST['sub'],'strictstring');
+ @$f = readVariable($_REQUEST['f'],'strictstring');
+ @$sessionID = readVariable($_GET['sessionID'],'hexa');
+ }
+ if ($f == '') {
+ if ($sub != '') $f = $sub;
+ elseif ($page != '') $f = $page;
+ }
+ @$lang = readVariable($_GET['lang'],'strictstring',null,$LANGUAGES);
+ if (_RUNLEVEL === 'cron') $skin = 'cron';
+ else @$skin = readVariable($_POST['skin'],'strictstring',readVariable($_GET['skin'],'strictstring',null,$SKINS),$SKINS);
+ @$action = readVariable($_REQUEST['action'],'strictstring',null);
+ // ++ ha még mindig üres a skin, és pocketpc-ről/pda jövünk (de megengedjük a felülírást)
+ // if (_USER_AGENT==='ppc' && $skin=='') $skin='pda';
+ // ++
+ //--
+ if (is_array($POLICIES) && !in_array($policy, $POLICIES)) $policy = _DEFAULT_POLICY;
+
+ define('_POLICY', $policy);
+
+ // Miert ne csatolnánk be az összes policy beállítsait? --> config.php
+
+ if ($f=='' && is_array($DEFAULT_PSF[$policy])) extract($DEFAULT_PSF[$policy], EXTR_OVERWRITE);
+ if (!in_array($lang, $LANGUAGES)) $lang=_DEFAULT_LANG;
+ // ha a skin még mindig üres, akkor az ellenőrzésnél a default-ot állítjuk be...
+ if (!@in_array($skin, $SKINS)) $skin = (isset($AUTH[$policy]['skin'])) ? $AUTH[$policy]['skin'] : _DEFAULT_SKIN;
+
+ if (file_exists("lang/$lang/base/base.php")) {
+ require("lang/$lang/base/base.php");
+ } elseif (file_exists('lang/'._DEFAULT_LANG.'/base/base.php')) {
+ require('lang/'._DEFAULT_LANG.'/base/base.php');
+ }
+
+ // A skin-hez tartozó beállátosok.. ha vannak... - ide való? De még a *-pre elé!
+ if (file_exists(_CONFIGDIR."/skin-$skin/config.php")) {
+ require(_CONFIGDIR."/skin-$skin/config.php");
+ } elseif (file_exists(_CONFIGDIR.'/skin-'._DEFAULT_SKIN.'/config.php')) {
+ require(_CONFIGDIR.'/skin-'._DEFAULT_SKIN.'/config.php');
+ }
+
+// -----------------------------------------------------------------
+// page()
+// -----------------------------------------------------------------
+
+function page($page, $sub, $f, $lang, $skin, $policy = _DEFAULT_POLICY) {
+
+ global $_JSON;
+ if (html_alert($_SESSION['alert'])) { // A figyelmeztető üzenet letilthatja az oldal további megjelenítését.
+
+ if ($sub != '') {
+ $load = "$sub/$f";
+ } else {
+ $load = $f;
+ }
+
+ if (file_exists("policy/$policy/$page/$load.php")) {
+ if (file_exists("lang/$lang/module-$page/base.php")) {
+ require_once("lang/$lang/module-$page/base.php");
+ } elseif (file_exists("lang/"._DEFAULT_LANG."/module-$page/base.php")) {
+ require_once("lang/"._DEFAULT_LANG."/module-$page/base.php");
+ }
+ if (file_exists("lang/$lang/module-$page/$load.php")) {
+ require_once("lang/$lang/module-$page/$load.php");
+ } elseif (file_exists("lang/"._DEFAULT_LANG."/module-$page/$load.php")) {
+ require_once("lang/"._DEFAULT_LANG."/module-$page/$load.php");
+ }
+ if (file_exists("skin/$skin/module-$page/html/base.phtml")) {
+ require_once("skin/$skin/module-$page/html/base.phtml");
+ } elseif (file_exists("skin/"._DEFAULT_SKIN."/module-$page/html/base.phtml")) {
+ require_once("skin/"._DEFAULT_SKIN."/module-$page/html/base.phtml");
+ }
+ if (file_exists("skin/$skin/module-$page/html/$load.phtml")) {
+ require_once("skin/$skin/module-$page/html/$load.phtml");
+ } elseif (file_exists("skin/"._DEFAULT_SKIN."/module-$page/html/$load.phtml")) {
+ require_once("skin/"._DEFAULT_SKIN."/module-$page/html/$load.phtml");
+ }
+
+ include("policy/$policy/$page/$load.php");
+ //szamlal($policy,$page);
+ } elseif (file_exists("static/$lang/$page/$load.html")) {
+ include("static/$lang/$page/$load.html");
+ //szamlal($policy,$page);
+ } else {
+ //??? ha már kiírtuk a hibaüzeneteket, újabbat nem írhatunk ki sajnos :( html_alert(array('page:page_missing:'."[$page]:[$sub]:[$f]")); --> rights.php
+ }
+ }
+}
+
+function href($href,$get = array('sessionID','lang','skin','policy')) {
+
+ global $sessionID,$lang,$skin,$policy,$page,$sub,$f,$action;
+ global $SKINS;
+ if ($href!='') {
+ if (strpos($href,'?') === false) {
+ $href .= '?';
+ } else {
+ $href.='&';
+ }
+ for ($i=0;$i<count($get);$i++) {
+ $par = $get[$i];
+ if ($par == 'skin' && $skin == 'ajax') $value = readVariable($_GET['toSkin'],'enum',null,$SKINS);
+ else $value = $$par;
+ if (is_array($value)) { // pl. $_SESSION['alert']
+ for ($j=0;$j<count($value);$j++) {
+ $href .= $par.'[]='.$value[$j].'&';
+ }
+ } else {
+ $href .= "$par=".$value.'&';
+ }
+ }
+ $href = substr($href,0,-1);
+ if ($skin == 'pda') $href .= '&rand='.rand(); // PDA hack - mer' a szemétje nem olvassa újra, hiába a fejlécen a sok okos varázslat... :(
+ $href = str_replace('&','&#38;',str_replace('&#38;','&',$href));
+ }
+ return $href;
+
+}
+
+function location($href,$get = array('sessionID','lang','skin','policy')) {
+
+ global $sessionID,$lang,$skin,$policy,$page,$sub,$f,$action;
+
+ if ($href!='') {
+ if (strpos($href,'?')===false) {
+ $href.='?';
+ } else {
+ $href.='&';
+ }
+ for ($i=0;$i<count($get);$i++) {
+ $par = $get[$i];
+ if (is_array($$par)) { // pl. $_SESSION['alert']
+ for ($j=0;$j<count($$par);$j++) {
+ $href .= $par.'[]='.${$par}[$j].'&';
+ }
+ } else {
+ $href .= "$par=".$$par.'&';
+ }
+ }
+ $href = substr($href,0,-1);
+ $href = str_replace('&#38;','&',$href);
+ }
+
+ return $href;
+
+}
+
+?>
diff --git a/mayor-orig/www/include/base/cache.php b/mayor-orig/www/include/base/cache.php
new file mode 100644
index 00000000..3c630581
--- /dev/null
+++ b/mayor-orig/www/include/base/cache.php
@@ -0,0 +1,33 @@
+<?php
+// MaYoR - GPL - author: support@mayor.hu
+class mayorCache {
+ private $DATA = array();
+ private $REGISTRY = array();
+ public function exists($key) {
+ return (!is_null($this->DATA[$key]));
+ }
+ public function get($key) {
+ return $this->DATA[$key];
+ }
+ public function set($key,$data, $dataType=null) {
+ $this->DATA[$key] = $data;
+ if ($dataType!='') $this->REGISTRY[$dataType][] = $key;
+ }
+ public function del($key) {
+ unset($this->DATA[$key]);
+ unset($this->REGISTRY[array_search($key,$this->REGISTRY)]);
+ }
+ public function flushdb() {
+ $this->DATA = array();
+ $this->REGISTRY = array();
+ }
+ public function delType($dataType) {
+ $c = count($this->REGISTRY[$dataType]);
+ for ($i=0; $i<$c; $i++ ) {
+ $this->del($this->REGISTRY[$dataType][$i]);
+ }
+ unset($this->REGISTRY[$dataType]);
+ }
+}
+$mayorCache = new mayorCache();
+?> \ No newline at end of file
diff --git a/mayor-orig/www/include/base/config.php b/mayor-orig/www/include/base/config.php
new file mode 100644
index 00000000..4a234fcf
--- /dev/null
+++ b/mayor-orig/www/include/base/config.php
@@ -0,0 +1,62 @@
+<?php
+
+if (PHP_SAPI!=='cli') define('_RUNLEVEL','www'); else define('_RUNLEVEL','cron');
+
+define('_JSLIB','jquery.min');
+
+if (!defined('_LOGLEVEL')) define('_LOGLEVEL',10);
+
+date_default_timezone_set('Europe/Budapest');
+
+if (_RUNLEVEL === 'cron') {
+ (include("../config/main-config.php")); // csak webrootból futtatható
+} else {
+ if (@file_exists('../config/main-config.php') && @is_readable('../config/main-config.php')==true) {
+ include("../config/main-config.php");
+ } elseif(@file_exists('../config/main-config.php')===false) {
+ die('FATAL ERROR! Missing '.$_SERVER['DOCUMENT_ROOT'].'/../config/main-config.php');
+ } elseif (@is_readable('../config/main-config.php')==false) {
+ die('FATAL ERROR! Forbidden to read "main-config.php"');
+ } else {
+ die('FATAL ERROR! Unknown error! '.$_SERVER['DOCUMENT_ROOT'].'/../config/main-config.php');
+ }
+ if (defined('_LOCKFILE') && @file_exists(_LOCKFILE)) {
+ include(_BASEDIR.'/update.php');
+ die();
+ }
+}
+
+if (!defined('_SECURECOOKIE')) define('_SECURECOOKIE', true);
+
+define('_BASE_URL',( ($_SERVER['HTTPS']=='on')?"https://".$_SERVER['SERVER_NAME']:"http://".$_SERVER['SERVER_NAME'] ));
+
+/* classic, blue, ajax + rpc, + cron kiegészítés */
+$SKINS = @array_unique(array_merge($SKINS,array('classic','blue','ajax','rpc','gray','cron')));
+$SKINSSHOW = @array_unique(array_merge($SKINSSHOW,array('classic','vakbarat','gray')));
+
+if (is_array($POLICIES) && defined('_CONFIGDIR')) {
+ foreach ($POLICIES as $key => $_policy) {
+ if (file_exists(_CONFIGDIR."/$_policy-conf.php")) {
+ @require(_CONFIGDIR."/$_policy-conf.php");
+ if (file_exists(_BASEDIR.'/policy/'.$_policy.'/'.$DEFAULT_PSF[$_policy]['page'].'/'.$DEFAULT_PSF[$_policy]['sub'].'/'.$DEFAULT_PSF[$_policy]['f'].'.php')
+ === false) {
+ //nincs meg ez a file
+ $_SESSION['alert'][] = 'info:file_not_found:default page:'.$_policy.':'.implode(' ',$DEFAULT_PSF[$_policy]);
+ }
+ } else {
+ $DEFAULT_PSF[$_policy] = array();
+ $_SESSION['alert'][] = 'page:file_not_found:'._CONFIGDIR."/$_policy-conf.php";
+ }
+ }
+} else {
+ $_SESSION['alert'][] = 'page:config_error:nincs POLICIES tömb vagy _CONFIGDIR konstans!';
+}
+
+if (!defined('__FBCONNECT_ENABLED')) define('__FBCONNECT_ENABLED',false);
+if (!defined('__SHOW_FACES_TYPE')) define('__SHOW_FACES_TYPE','circle'); // circle, square, classic
+
+$VALID_MODULES =array('portal','naplo','auth','jatek','password','session','fenntarto');
+if(is_array($EXTRA_MODULES)) $VALID_MODULES = array_unique(array_merge($VALID_MODULES,$EXTRA_MODULES));
+
+
+?>
diff --git a/mayor-orig/www/include/base/error.php b/mayor-orig/www/include/base/error.php
new file mode 100644
index 00000000..e790d65a
--- /dev/null
+++ b/mayor-orig/www/include/base/error.php
@@ -0,0 +1,44 @@
+<?php
+
+ /* Ezen hibákat továbbra is reportoljuk */
+ error_reporting(E_ERROR | E_PARSE);
+
+ /* Saját Error Handler */
+ function mayorErrorHandler($errno, $errmsg, $filename, $linenum, $vars) {
+
+ $dt = date("Y-m-d H:i:s (T)");
+ $errortype = array (
+ E_ERROR => 'Error', //1
+ E_WARNING => 'Warning', //2
+ E_PARSE => 'Parsing Error', //4
+ E_NOTICE => 'Notice', //8
+ E_CORE_ERROR => 'Core Error', //16
+ E_CORE_WARNING => 'Core Warning', //32
+ E_COMPILE_ERROR => 'Compile Error', //64
+ E_COMPILE_WARNING => 'Compile Warning', //128
+ E_USER_ERROR => 'User Error',
+ E_USER_WARNING => 'User Warning',
+ E_USER_NOTICE => 'User Notice', // 1024
+ E_STRICT => 'Runtime Notice', // 2048
+ E_RECOVERABLE_ERROR => 'Catchable Fatal Error', // 4096
+ E_ALL => 'ALL', //binary 1111111111111
+ );
+ $userError = array(E_USER_ERROR, E_USER_WARNING, E_USER_NOTICE);
+ $trackOnly = array(E_USER_ERROR, E_ERROR, E_USER_WARNING, E_USER_NOTICE, E_WARNING);
+ if (defined('__TESTERRORREPORTERWARN')) $trackOnly[] = E_NOTICE;
+ if (in_array($errno,$userError)) {
+ $err = "$dt $errno ".$errtype[$errno]." $errmsg";
+ } elseif (in_array($errno,$trackOnly)) {
+ $err = "$dt $errno ".$errtype[$errno]." $errmsg $filename $linenum";
+ /* if (in_array($errno, $user_errors)) { $err .= " vartrace(" . wddx_serialize_value($vars, "Variables") . ") ";} */
+ // if (defined('_LOGDIR')) error_log($err, 0, _LOGDIR.'/phperror.log');
+ }
+ if ($err!='') $_SESSION['alert'][] = 'alert:raw:'._MAYORREV.':'._USERACCOUNT.':'.':'.$err;
+ return false;
+ }
+
+ /* Írjuk felül a gyárit */
+ $old_error_handler = set_error_handler("mayorErrorHandler");
+ //restore_error_handler();
+
+?>
diff --git a/mayor-orig/www/include/base/log.php b/mayor-orig/www/include/base/log.php
new file mode 100644
index 00000000..45c669e4
--- /dev/null
+++ b/mayor-orig/www/include/base/log.php
@@ -0,0 +1,33 @@
+<?php
+/*
+ Module: base
+
+ function naploz($aCode)
+ function szamlal($policy,$page)
+*/
+
+ function _clientIp() {
+ return ($_SERVER['HTTP_X_FORWARDED_FOR']!='')?$_SERVER['HTTP_X_FORWARDED_FOR']:$_SERVER['REMOTE_ADDR'];
+ }
+
+ function logLogin($policy, $userAccount, $flag) {
+ $q = "INSERT INTO loginLog (dt,ip,userAccount,policy,flag) VALUES (NOW(),'%s','%s','%s', %u)";
+ db_query($q, array('fv' => 'logLogin', 'modul' => 'login', 'values' => array(_clientIp(), $userAccount, $policy, $flag)));
+ }
+
+ function szamlal($policy, $page) {
+ $q = "INSERT INTO stat (dt, policy, page) VALUES (NOW(),'%s','%s')";
+ db_query($q, array('fv' => 'szamlal', 'modul' => 'login', 'values' => array($policy, $page)));
+ }
+
+ function mayorLogger($loglevel, $modul, $message, $userAccount='') {
+ if ($loglevel>_LOGLEVEL) {
+ $fp = fopen(_LOGDIR.'/'.$modul.'.log','a+');
+ if ($fp!=false) {
+ $msg = date('Y-m-d H:i:s').' '.$userAccount.': '.$message."\n";
+ fputs($fp,$msg);
+ fclose($fp);
+ }
+ }
+ }
+?>
diff --git a/mayor-orig/www/include/base/login.php b/mayor-orig/www/include/base/login.php
new file mode 100644
index 00000000..f244b90a
--- /dev/null
+++ b/mayor-orig/www/include/base/login.php
@@ -0,0 +1,120 @@
+<?php
+
+ if ($action == 'mayorGlobalLogin' || $action == 'facebooklogin' || $action== 'googleapilogin') {
+
+ $toPolicy = readVariable($_REQUEST['toPolicy'], 'enum', 'private', $POLICIES);
+ $policyOrderIndex = readVariable($_POST['policyOrderIndex'], 'id', 0);
+
+ $__POLICYORDER[0] = array('private','parent','public');
+ $__POLICYORDER[1] = array('private');
+ $__POLICYORDER[2] = array('parent');
+ $__POLICYORDER[3] = array('public');
+
+ $toSkin = readVariable($_POST['toSkin'], 'enum', readVariable($_GET['toSkin'], 'enum', null, $SKINSSHOW), $SKINSSHOW);
+ @list($toPage,$toSub,$toF) = readVariable(explode(':',$_REQUEST['toPSF']), 'strictstring');
+ $toPSF = "$toPage:$toSub:$toF";
+ // Autentikáció - alapok
+ $fbAuth = false;
+ if (file_exists('include/share/auth/base.php')) {
+ require_once('include/share/auth/base.php');
+ }
+ require_once('include/modules/auth/base/login.php');
+
+ // lejart session-ok torlese
+ require_once('include/share/session/close.php');
+ closeOldAndIdleSessions();
+
+ if (__FBCONNECT_ENABLED===true && $action=='facebooklogin') {
+ if (version_compare(PHP_VERSION, '5.4.0', '<')) {
+ $_SESSION['alert'][] = 'info::facebook:szerver konfigurációs hiba, legalább 5.4-es php verzió szükséges';
+ return false;
+ }
+ require_once('include/share/net/facebook.php');
+ $FBDATA = mayorFacebookAuth(); // preAuth
+ if (is_array($FBDATA) && $FBDATA['accessToken']!="") {
+ $userAccount = $FBDATA['userAccount'];
+ $fbAuth = true;
+ }
+ } elseif (__GOOGLEAPI_ENABLED===true && $action=='googleapilogin') {
+ if (version_compare(PHP_VERSION, '5.5.0', '<')) {
+ $_SESSION['alert'][] = 'info::googleapi:szerver konfigurációs hiba, legalább 5.5-ös php verzió szükséges';
+ return false;
+ }
+ require_once('include/share/net/googleapi.php');
+ $GOOGLEAPIDATA = mayorGoogleApiAuth(); // preAuth
+ if (($GOOGLEAPIDATA) && $GOOGLEAPIDATA['userAccount']!="") {
+ $userAccount = $GOOGLEAPIDATA['userAccount'];
+ $googleapiAuth = true;
+ }
+ } else {
+ $userPassword = readVariable($_POST['userPassword'], 'string');
+ // $userAccount = readVariable($_POST['userAccount'], 'regexp', null, array("^([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$"));
+ $userAccount = readVariable($_POST['userAccount'], 'userAccount', null);
+ }
+
+ if (defined('_BOLONDOS') && _BOLONDOS===true) $userAccount = visszafele($userAccount);
+ if (is_array($AUTH[$toPolicy]['allowOnly']) && !in_array($userAccount,$AUTH[$toPolicy]['allowOnly'])) $userAccount='';
+
+ if ($sessionID != '') $accountInformation['sessionID'] = $sessionID;
+ if ($userAccount != '' and ($userPassword != '' or $fbAuth===true or $googleapiAuth===true)) {
+
+ for ($i=0; $i<count($__POLICYORDER[$policyOrderIndex]); $i++) {
+ $toPolicy=$__POLICYORDER[$policyOrderIndex][$i];
+ if (!in_array($AUTH[$toPolicy]['authentication'],array('required','try'))) {
+ continue;;
+ }
+ $accountInformation = array('account' => $userAccount, 'password' => $userPassword, 'policy' => $toPolicy, 'skin'=>$toSkin);
+ if ($fbAuth===true) {
+ if ($FBDATA['toPolicy']==$toPolicy) {
+ $result = _AUTH_SUCCESS; // az authentikációt a mayorFacebookAuth() csinálta
+ $accountInformation['cn'] = $FBDATA['fbUserCn'];
+ $accountInformation['mail'] = $FBDATA['fbUserEmail'];
+ $accountInformation['studyId'] = $FBDATA['studyId'];
+ } else {
+ $_SESSION['alert'][] = 'info:A facebook azonosító nincs még összekötve! Először lépj be a MaYoR-ba, és kezdeményezd a facebook connectet!';
+ continue;;
+ }
+ } elseif ($googleapiAuth===true) {
+ if ($GOOGLEAPIDATA['toPolicy']==$toPolicy) {
+ $result = _AUTH_SUCCESS; // az authentikációt a mayorGoogleapiAuth() csinálta
+ $accountInformation['cn'] = $GOOGLEAPIDATA['googleUserCn'];
+ $accountInformation['mail'] = $GOOGLEAPIDATA['googleUserEmail'];
+ $accountInformation['studyId'] = $GOOGLEAPIDATA['studyId'];
+ } else {
+ $_SESSION['alert'][] = 'info:A google azonosító nincs még összekötve! Először lépj be a MaYoR-ba, és kezdeményezd!';
+ continue;;
+ }
+ } else {
+ $result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy); // ??? toPolicy benne van az AccountInformation-ben!!! Ldap backend only?
+ logLogin($toPolicy, $userAccount, $result);
+ }
+
+ define('_MAYORAUTHRESULT',$result);
+ if ($result === _AUTH_SUCCESS) {
+ $_SESSION['alert'] = array();
+ $sessionID = newSession($accountInformation, $toPolicy);
+ if ($toSkin == '') $toSkin = $skin;
+ header('Location: '.location("index.php?page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID&policy=$toPolicy&lang=$lang&skin=$toSkin", array('alertOLD')));
+ break;
+ } elseif ($result === _AUTH_EXPIRED) {
+ $_SESSION['alert'][] = 'message:force_pw_update';
+ header('Location: '.location("index.php?policy=public&page=password&f=changeMyPassword&userAccount=".$userAccount."&toPolicy=$toPolicy&skin=$toSkin", array('alertOLD')));
+ break;
+ } elseif ($result === _AUTH_FAILURE_1) {
+ // nincs ilyen user, megpróbáljuk beauthentikálni parent-tel is.
+ } elseif ($result >= _AUTH_FAILURE) {
+ // sikertelen azonosítás - a hibaüzenetet a függvény generálja
+ // megpróbáljuk beauthentikálni parent-tel is.
+ break;
+ } else {
+ // Ilyen csak hibás függvényműködés esetén lehet:
+ $_SESSION['alert'][] = "message:default:hibás visszatérési érték:userAuthentication:(".serialize($result).")";
+ break;
+ }
+ }
+ } else {
+ $_SESSION['alert'][] = 'message:empty_field';
+ }
+ }
+
+?>
diff --git a/mayor-orig/www/include/base/mysql.php b/mayor-orig/www/include/base/mysql.php
new file mode 100644
index 00000000..b2e22f82
--- /dev/null
+++ b/mayor-orig/www/include/base/mysql.php
@@ -0,0 +1,396 @@
+<?php
+
+ error_reporting(E_ALL && ~E_NOTICE);
+// error_reporting(E_ALL);
+
+ //if (!defined("MYSQLI_ENABLED")) define("MYSQLI_ENABLED",function_exists('mysqli_connect'));
+ if (!defined("MYSQLI_ENABLED")) define("MYSQLI_ENABLED",false); // egyelőre kikapcsoljuk, mert az Illyés-ben pl egfeküdt a szerver ettől
+ if (is_array($AUTH)) foreach ($AUTH as $_policy => $config) {
+ if ($config['backend'] == 'mysql') {
+ $MYSQL_DATA[$_policy . ' auth'] = array(
+ 'user' => $config['mysql user'],
+ 'host' => $config['mysql host'],
+ 'pw' => $config['mysql pw'],
+ 'db' => $config['mysql db'],
+ );
+ if ($MYSQL_DATA[$_policy . ' auth']['host']=='')
+ if ($MYSQL_DATA['host']=='')
+ $MYSQL_DATA[$_policy . ' auth']['host'] = 'localhost';
+ else
+ $MYSQL_DATA[$_policy . ' auth']['host'] = $MYSQL_DATA['host'];
+ }
+ }
+//-----------------------------------------------------------------------//
+
+ function db_selectDb($db,$lr) {
+ if (MYSQLI_ENABLED===true)
+ return mysqli_select_db($lr,$db);
+ else
+ return mysql_select_db($db,$lr);
+ }
+
+ function db_connect($modul, $SET = array('priv' => null, 'force' => true, 'host'=> null, 'username' => null, 'password' => null, 'db' => null, 'fv' => null)) {
+
+ global $MYSQL_DATA;
+
+ $lr = false;
+ extract($SET);
+ if (!isset($force)) $force = true;
+ if (!isset($priv)) $priv = '';
+
+ //if ($MYSQL_DATA['persistent']===true) $mysql_connect = 'mysql_pconnect'; else $mysql_connect = 'mysql_connect';
+ $mysql_connect = 'mysql_connect';
+ /* setting host */
+ if (!isset($host)) {
+ if ($MYSQL_DATA[$modul]['host'.$priv]=='') {
+ if ($MYSQL_DATA[$modul]['host']=='') {
+ if ($MYSQL_DATA['host']=='') {
+ $host = 'localhost';
+ } else {
+ $host = $MYSQL_DATA['host'];
+ }
+ } else {
+ $host = $MYSQL_DATA[$modul]['host'];
+ }
+ } else {
+ $host = $MYSQL_DATA[$modul]['host'.$priv];
+ }
+ }
+ /* --- */
+ if ($priv == 'root') {
+ if (MYSQLI_ENABLED===true)
+ $lr = @mysqli_connect($host, $username, $password); // force new ???
+ else
+ $lr = @$mysql_connect($host, $username, $password, $force);
+ } else {
+ /* --- */
+ if (is_array($MYSQL_DATA[$modul])) {
+ if (isset($priv) && $priv != '' && isset($MYSQL_DATA[$modul]['user'.$priv])) { // Először megpróbálunk $priv szerinti privilégiummal csatlakozni
+ if (MYSQLI_ENABLED===true)
+ $lr = @mysqli_connect($host, $MYSQL_DATA[$modul]['user'.$priv], $MYSQL_DATA[$modul]['pw'.$priv], $MYSQL_DATA[$modul]['db']);
+ else
+ $lr = @$mysql_connect($host, $MYSQL_DATA[$modul]['user'.$priv], $MYSQL_DATA[$modul]['pw'.$priv], $force);
+ }
+ if ($lr === false) {// Ha nem sikerült, vagy nem volt megadva privilégium, akkor próbáljunk anélkül csatlakozni
+ if (MYSQLI_ENABLED===true)
+ $lr = @mysqli_connect($host, $MYSQL_DATA[$modul]['user'], $MYSQL_DATA[$modul]['pw'], $MYSQL_DATA[$modul]['db']);
+ else
+ $lr = @$mysql_connect($host, $MYSQL_DATA[$modul]['user'], $MYSQL_DATA[$modul]['pw'], $force);
+ }
+ } else {
+ $_SESSION['alert'][] = "message:sql_failure/${SET['fv']}:db_connect:modul $modul has no config";
+ }
+ }
+ if ($lr) {
+ // mysql_set_charset('utf8', $lr);
+ if ($priv != 'root') $db = $MYSQL_DATA[$modul]['db'];
+ if ($db != '') {
+ $result = db_selectDb($db , $lr);
+ if ($result === true) {
+ if (MYSQLI_ENABLED===true) {
+ mysqli_set_charset($lr, "utf8");
+ mysqli_query($lr, "SET NAMES utf8");
+ mysqli_query($lr, "SET collation_connection='utf8_hungarian_ci'");
+ } else {
+ mysql_query("SET NAMES utf8", $lr);
+ mysql_query("SET collation_connection='utf8_hungarian_ci'", $lr);
+ }
+ } else {
+ $_SESSION['alert'][] = "message:sql_select_db_failure:db_connect/${SET['fv']}:$modul:".$MYSQL_DATA[$modul]['db'];
+ mysql_close($lr);
+ return false;
+ }
+ } elseif (!isset($MYSQL_DATA[$modul]['db'])) {
+ $_SESSION['alert'][] = "message:sql_warning:db_connect/${SET['fv']}:modul $modul has empty database config value";
+ }
+ } else {
+ if (__DEBUG || (defined('__DETAILED') && __DETAILED)) $_SESSION['alert'][] = "message:sql_connect_failure:db_connect/${SET['fv']}:modul - $modul, priv - $priv, username - $username, db - $db";
+ else $_SESSION['alert'][] = "message:sql_connect_failure:db_connect/${SET['fv']}:$modul modul";
+ }
+ return $lr;
+
+ }
+
+ function db_close($lr) {
+ if ($MYSQL_DATA['persistent']!==true) {
+ if (MYSQLI_ENABLED===true)
+ return mysqli_close($lr);
+ else
+ return mysql_close($lr);
+ } else
+ return true; // not closing;
+ }
+
+//-----------------------------------------------------------------------//
+
+ function db_query($q, $SET, $olr = null) {
+ /*
+ $SET = array(
+ 'modul' => '...'
+ 'fv' => '...'
+ 'result' => 'indexed'|'assoc'|'multiassoc'|'idonly'|'value'|'record'|'keyvaluepair'|'insert'|'affected rows'
+ 'keyfield' => '...' (if result in (assoc,multiassoc))
+ 'detailed' => true | false (default) (echo the query in error messages)
+ 'debug' => true | false (default) (echo the query before quering it)
+ 'rollback' => true | false (default)
+ 'values' => array(...) (if $q is an sprintf format string)
+ );
+ */
+ global $_JSON;
+
+ if (!isset($q) || $q == '') {
+ $_SESSION['alert'][] = 'message:sql_query_failure:db_query/'.$SET['fv'].':query is empty';
+ return false;
+ }
+
+ if (!isset($SET['result'])) $SET['result'] = '';
+
+ // Adatbázis csatlakozás (ha szükséges)
+ if (isset($olr) && $olr != '') {
+ if (MYSQLI_ENABLED===true)
+ $mysql_get_server_info = mysqli_get_server_info($olr);
+ else
+ $mysql_get_server_info = @mysql_get_server_info($olr);
+ }
+ if (isset($olr) && $olr != '' && $mysql_get_server_info !== false) {
+ $lr = $olr;
+ } else {
+ unset($olr);
+ if (in_array(substr(strtolower($q),0,4), array('sele','show','expl','set ','use '))) $lr = @db_connect($SET['modul'], array('priv' => 'Read', 'fv' => $SET['fv']));
+ else $lr = @db_connect($SET['modul'], array('priv' => 'Write', 'fv' => $SET['fv']));
+ }
+ if ($lr === false) {
+ if ($SET['detailed'] === true || __DETAILED) $_SESSION['alert'][] = 'message:sql_connect_failure:db_query/'.$SET['fv'].':'.$SET['modul'].':'.$q;
+ else $_SESSION['alert'][] = 'message:sql_connect_failure:db_query/'.$SET['fv'];
+ return false;
+ }
+
+ // Ha behelyettesítendő paraméterek vannak
+ if (isset($SET['values']) && is_array($SET['values']) && count($SET['values']) > 0) {
+ $SET['values'] = array_map('db_escape_string', $SET['values'], array_fill(0 , count($SET['values']), $lr));
+ array_unshift($SET['values'], $q);
+ $q_pattern = $q;
+ $q = @call_user_func_array('sprintf', $SET['values']);
+ if ($q === false) {
+ $_SESSION['alert'][] = 'message:wrong_data:db_query:behelyettesítés:'.$SET['fv'];
+ return false;
+ }
+ }
+ if ((isset($SET['debug']) && $SET['debug']===true) || (defined('__DEBUG') && __DEBUG === true)) {
+ $_q = str_replace(" ",'',$q);
+ echo '<pre>info:debug:'.htmlspecialchars($SET['modul'].':'.$SET['fv'].':'.date('Y-m-d H:i:s').': '." \n".$_q)."<hr /></pre>";
+ if ($_GET['skin'] == 'ajax') $_JSON['sql log'][] = $SET['modul'].':'.$SET['fv'].':'.date('Y-m-d H:i:s').': '." \n".$_q;
+ if ($_GET['skin'] == 'rpc') {
+ openlog("MaYoR", LOG_PID | LOG_PERROR, LOG_LOCAL0);
+ syslog(LOG_WARNING, '[RPC]MySQL: '.(json_encode($SET)).", query: $_q {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})");
+ closelog();
+ }
+ }
+ if (
+ ($SET['detailed'] === true || __DETAILED)
+ && strpos($q_pattern, '%s') !== false
+ && (strpos($q_pattern, '`%s`') === false && strpos($q_pattern, "'%s'") === false)
+ ) $_SESSION['alert'][] = 'message:lehet hiba?:db_query/'.$SET['fv'].':'.$SET['modul'].':'.$q_pattern;
+
+ if ($SET['log']===true) mayorLogger(10,'mysql',$q,_USERACCOUNT);
+ if (MYSQLI_ENABLED===true)
+ $r = mysqli_query($lr,$q);
+ else
+ $r = @mysql_query($q, $lr);
+ define(MYSQL_LOGGER,false);
+ if (MYSQL_LOGGER === true) {
+ $filename = '/tmp/mysql.log';
+ $fp = fopen($filename, "a+");
+ fputs ($fp, $q."\n");
+ fclose ($fp);
+ }
+ /* WARNING HANDLER */
+// if ((isset($SET['debug']) && $SET['debug']===true) || (defined('__DEBUG') &&__DEBUG === true) || (defined('__DETAILED') && __DETAILED===true)) {
+ if ((isset($SET['debug']) && $SET['debug']===true) || (defined('__DEBUG') &&__DEBUG === true)) {
+ if (MYSQLI_ENABLED===true)
+ $warningCountResult = mysqli_query($lr,"SELECT @@warning_count");
+ else
+ $warningCountResult = mysql_query("SELECT @@warning_count",$lr);
+ if ($warningCountResult) {
+ if (MYSQLI_ENABLED===true)
+ $warningCount = mysqli_fetch_row($lr,$warningCountResult);
+ else
+ $warningCount = mysql_fetch_row($warningCountResult);
+ if ($warningCount[0] > 0) {
+ //Have warnings
+ if (MYSQLI_ENABLED===true)
+ $warningDetailResult = mysqli_query($lr, "SHOW WARNINGS");
+ else
+ $warningDetailResult = mysql_query("SHOW WARNINGS",$lr);
+ if ($warningDetailResult ) {
+ if (MYSQLI_ENABLED===true)
+ while ($warning = mysqli_fetch_assoc($lr, $warningDetailResult)) {dump($warning); mayorLogger(2,'mysql',$q.' '.$warning,_USERACCOUNT);}
+ else
+ while ($warning = mysql_fetch_assoc($warningDetailResult)) {dump($warning); mayorLogger(2,'mysql',$q.' '.$warning,_USERACCOUNT);}
+ }
+ }//Else no warnings
+ }
+ }
+ /* WARNING HANDLER */
+ if (!$r) {
+ // if ($SET['detailed'] === true || __DETAILED) $_SESSION['alert'][] = 'message:sql_query_failure:'.$SET['fv'].':'.':'.$q;
+ if ($SET['detailed'] === true || __DETAILED) {
+ if (MYSQLI_ENABLED===true) {
+ $_SESSION['alert'][] = 'message:sql_query_failure:mysqli:'.$SET['fv'].':'.mysqli_error($lr).':'.$q;
+ } else {
+ $_SESSION['alert'][] = 'message:sql_query_failure:mysql:'.$SET['fv'].':'.mysql_error($lr).':'.$q;
+ }
+ } else {
+ $_SESSION['alert'][] = 'message:sql_query_failure:'.$SET['fv'];
+ }
+ if ($SET['rollback'] === true) db_rollback($lr, $SET['fv']);
+ if (!isset($olr)) db_close($lr);
+ return false;
+ }
+
+ if (MYSQLI_ENABLED === true) {
+
+ if (in_array(substr(strtolower($q),0,4), array('sele','show','expl','(sel'))) {
+ $RESULT = array();
+ switch($SET['result']) {
+ case 'indexed':
+ while ($A = mysqli_fetch_assoc($r)) $RESULT[] = $A;
+ break;
+ case 'assoc':
+ while ($A = mysqli_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]] = $A;
+ break;
+ case 'multiassoc':
+ while ($A = mysqli_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]][] = $A;
+ break;
+ case 'idonly':
+ while ($A = mysqli_fetch_row($r)) $RESULT[] = $A[0];
+ break;
+ case 'value':
+ if (mysqli_num_rows($r) > 0) {
+ $A = mysqli_fetch_row($r); $RESULT = $A[0];
+ } else { $RESULT = null; }
+ break;
+ case 'record':
+ if (mysqli_num_rows($r) > 0) {
+ $A = mysqli_fetch_assoc($r); $RESULT = $A;
+ } else { $RESULT = null; }
+ break;
+ case 'keyvaluepair':
+ while ($A = mysqli_fetch_row($r)) $RESULT[$A[0]] = $A[1];
+ break;
+ case 'keyvalues':
+ while ($A = mysqli_fetch_row($r)) $RESULT[$A[0]][] = $A[1];
+ break;
+ }
+ } elseif ($SET['result'] == 'insert' && (substr(strtolower($q),0,6) == 'insert' || substr(strtolower($q),0,7) == 'replace')) {
+ $RESULT = mysqli_insert_id($lr);
+ mayorLogger(1,'mysql',$q,_USERACCOUNT);
+ } elseif ($SET['result'] == 'affected rows') {
+ $RESULT = mysqli_affected_rows($lr);
+ mayorLogger(1,'mysql',$q,_USERACCOUNT);
+ } else { // create, insert, de nem olyan resulttal...
+ $RESULT = $r;
+ mayorLogger(1,'mysql',$q,_USERACCOUNT);
+ }
+ } else { // OLD DRIVER
+
+ if (in_array(substr(strtolower($q),0,4), array('sele','show','expl','(sel'))) {
+ $RESULT = array();
+ switch($SET['result']) {
+ case 'indexed':
+ while ($A = mysql_fetch_assoc($r)) $RESULT[] = $A;
+ break;
+ case 'assoc':
+ while ($A = mysql_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]] = $A;
+ break;
+ case 'multiassoc':
+ while ($A = mysql_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]][] = $A;
+ break;
+ case 'idonly':
+ while ($A = mysql_fetch_row($r)) $RESULT[] = $A[0];
+ break;
+ case 'value':
+ if (mysql_num_rows($r) > 0) {
+ $A = mysql_fetch_row($r); $RESULT = $A[0];
+ } else { $RESULT = null; }
+ break;
+ case 'record':
+ if (mysql_num_rows($r) > 0) {
+ $A = mysql_fetch_assoc($r); $RESULT = $A;
+ } else { $RESULT = null; }
+ break;
+ case 'keyvaluepair':
+ while ($A = mysql_fetch_row($r)) $RESULT[$A[0]] = $A[1];
+ break;
+ case 'keyvalues':
+ while ($A = mysql_fetch_row($r)) $RESULT[$A[0]][] = $A[1];
+ break;
+ }
+ } elseif ($SET['result'] == 'insert' && (substr(strtolower($q),0,6) == 'insert' || substr(strtolower($q),0,7) == 'replace')) {
+ $RESULT = mysql_insert_id($lr);
+ mayorLogger(1,'mysql',$q,_USERACCOUNT);
+ } elseif ($SET['result'] == 'affected rows') {
+ $RESULT = mysql_affected_rows($lr);
+ mayorLogger(1,'mysql',$q,_USERACCOUNT);
+ } else { // create, insert, de nem olyan resulttal...
+ $RESULT = $r;
+ mayorLogger(1,'mysql',$q,_USERACCOUNT);
+ }
+ } // DRIVER
+
+ if (!isset($olr)) db_close($lr);
+ return $RESULT;
+
+ }
+
+//-----------------------------------------------------------------------//
+
+ function db_start_trans($lr) {
+ if ($lr != '')
+ if (MYSQLI_ENABLED === true)
+ mysqli_query($lr, "START TRANSACTION");
+ else
+ mysql_query("START TRANSACTION", $lr);
+ }
+
+ function db_commit($lr) {
+ if ($lr != '')
+ if (MYSQLI_ENABLED === true)
+ mysqli_query($lr, "COMMIT");
+ else
+ mysql_query("COMMIT", $lr);
+ }
+
+ function db_rollback($lr, $msg = '') {
+ if ($lr != '') {
+ $_SESSION['alert'][] = 'message:rollback:'.$msg;
+ if (MYSQLI_ENABLED === true)
+ mysqli_query($lr, "ROLLBACK");
+ else
+ mysql_query("ROLLBACK", $lr);
+ }
+ }
+
+//---------------------------------------------------------------------//
+
+ function db_escape_string($str, $olr = null) {
+
+ if (isset($olr)) $lr = $olr;
+ else $lr = db_connect('login');
+
+ if (!$lr) return false;
+
+ if(get_magic_quotes_gpc()) {
+ $return = mysql_real_escape_string(stripslashes($str), $lr);
+ } else {
+ if (MYSQLI_ENABLED===true)
+ $return = mysqli_real_escape_string($lr, $str);
+ else
+ $return = mysql_real_escape_string($str, $lr);
+ }
+ if (!isset($olr)) db_close($lr);
+
+ return $return;
+ }
+
+?>
diff --git a/mayor-orig/www/include/base/rights.php b/mayor-orig/www/include/base/rights.php
new file mode 100644
index 00000000..1f3eed0f
--- /dev/null
+++ b/mayor-orig/www/include/base/rights.php
@@ -0,0 +1,376 @@
+<?php
+/*
+ Module: base
+
+ validUser($sessionID,$policy,$skin='',$lang='')
+
+ - ellenőrizzük a $page, $sub, $f formai helyességét
+ - validUser - ellenőrzi, hogy be vagyunk-e jelentkezve, beállítja a konstansokst, ha kell elküld az auth oldalra
+ - validUser esetén a session kezelő fv-ek csatolása (backend függő)
+ - a module, psf include fájlainak és a pre fájlnak a csatolása
+
+ A validUser fv két funkciót lát el egyszerre (ellenőriz, és konstans beállít).
+ A konstansokat (pl. _SESSIONID) csak az aktuális policy-re állítjuk, a toPolicyra nem.
+ A validUser figyelembe veszi a _SESSION_MAX_IDLE_TIME konstans értékét: ha az activity+_SESSION_MAX_IDLE_TIME már elmúlt - akkor elutasít,
+ különben az aktivity értékét frissíti.
+
+ a '_POLICY'-t a base.php-ben definiáljuk.
+
+*/
+function sessionHash($algo='ripemd160', $hashThis='')
+{
+ if ($hashThis=='') $hashThis = uniqid(rand(), true);
+ if (!in_array($algo,hash_algos())) $algo = 'sha1';
+ $sessionID = substr( hash($algo, $hashThis), 0, 40 ); // 40: sha1, ripem160
+ return $sessionID;
+}
+
+if(!function_exists('hash_equals')) { // lásd még str
+ function hash_equals($str1, $str2) {
+ if(strlen($str1) != strlen($str2)) {
+ return false;
+ } else {
+ $res = $str1 ^ $str2;
+ $ret = 0;
+ for($i = strlen($res) - 1; $i >= 0; $i--) $ret |= ord($res[$i]);
+ return !$ret;
+ }
+ }
+}
+
+
+function sessionCookieEncode($sessionID,$now,$extra='')
+{
+ if ($extra=='') $extra = uniqid(rand(), true);
+ $extraHash=sessionHash('ripemd160',$extra);
+// pwHash added
+// $value = base64_encode(strtotime($now).'g'.$extraHash);
+ $pwHash = sessionHash('ripemd160',uniqid(rand(), true));
+ $value = base64_encode(strtotime($now).'g'.$extraHash.'g'.$pwHash);
+ return array('name'=>md5($sessionID), 'value'=>$value, 'store'=> $extraHash, 'pwHash'=>$pwHash);
+}
+
+function sessionCookieDecode($sessionID)
+{
+ return explode('g',base64_decode($_COOKIE[md5($sessionID)]));
+}
+
+function pseudoTokenGenerator() {
+
+ if (function_exists('openssl_random_pseudo_bytes'))
+ $token = bin2hex(openssl_random_pseudo_bytes(32));
+ else
+ $token = bin2hex(sessionHash());
+ return $token;
+}
+
+######################################################################
+# Azonosított user ellenőrzése a session tábla alapján
+######################################################################
+
+
+
+function validUser($sessionID,$policy,$skin='',$lang='') {
+
+ if (_RUNLEVEL === 'cron') {
+ define('_USERPASSWORD','MaYoR-cron');
+ define('_USERACCOUNT','MaYoR-cron');
+ define('_USERCN','MaYoR-cron User');
+ define('_STUDYID','');
+ define('_LANG',$lang);
+ define('_SESSIONID','cron');
+ return true;
+ }
+
+ if ($sessionID == '') {
+
+ if ($policy == _POLICY) {
+ define('_USERPASSWORD','');
+ define('_USERACCOUNT','');
+ define('_USERCN','');
+ define('_STUDYID','');
+// define('_SKIN',$skin);
+ define('_LANG',$lang);
+ define('_SESSIONID','');
+ }
+ return false;
+
+ } else {
+
+ $lr = db_connect('login', array('fv' => 'validUser'));
+
+ if ($lr === false) die('A keretrendeszer adatbázisa nem érhető el! (validUser)');
+ // ha nem tudta beállítani a sütit, akkor az $_sc üres lesz így a dt feltétel 1970-01-01, ami nem gond.
+// pwHash
+// list($_sessionDt,$_sessionCookie) = sessionCookieDecode($sessionID);
+ list($_sessionDt,$_sessionCookie,$_sessionPwHash) = sessionCookieDecode($sessionID);
+// pwHash
+// $query = "SELECT userAccount, userCn, studyId, decode(userPassword, '"._MYSQL_ENCODE_STR."'), skin, lang, activity, dt
+// FROM session WHERE sessionID='%s' AND policy='%s'";
+ $query = "SELECT userAccount, userCn, studyId, aes_decrypt(userPassword, '%s'), skin, lang, activity, dt
+ FROM session WHERE sessionID='%s' AND policy='%s'"; // [SECURITY-002] quickfix from marton.drotos@sztaki.hu
+
+ if (defined('_SESSION_MAX_IDLE_TIME') and _SESSION_MAX_IDLE_TIME != 0) $query .= " AND activity + INTERVAL "._SESSION_MAX_IDLE_TIME." HOUR > NOW()";
+
+ $query .= " AND dt='".date('Y-m-d H:i:s', (($_sessionDt=="")?null:$_sessionDt) )."'";
+ $query .= " AND sessionCookie='%s'";
+
+ $ret = db_query($query, array('fv' => 'validUser', 'modul' => 'login', 'result' => 'indexed', 'values' => array($_sessionPwHash, $sessionID, $policy, $_sessionCookie)), $lr);
+
+ $num = count($ret);
+ if ($num == 1) {
+
+ list($userAccount, $userCn, $studyId, $userPassword, $savedSkin, $lang, $activity, $dt) = array_values($ret[0]);
+ /* PDA */
+ global $SKINS;
+ if (_USER_AGENT!=='ppc' && @in_array($savedSkin,$SKINS) ) $skin=$savedSkin;
+ if ($policy == _POLICY) {
+ define('_USERACCOUNT',$userAccount);
+ define('_USERCN',$userCn);
+ define('_STUDYID',$studyId);
+ define('_USERPASSWORD',$userPassword);
+// define('_SKIN',$skin);
+ define('_LANG',$lang);
+ define('_SESSIONID',$sessionID);
+ }
+ // Aktivitás figyelése!
+ $query = "UPDATE session SET activity = NOW() WHERE sessionID = '%s'";
+ db_query($query, array('fv' => 'validUser', 'modul' => 'login', 'values' => array($sessionID)), $lr);
+ db_close($lr);
+ return true;
+
+ } else {
+
+ if ($policy == _POLICY) {
+ define('_USERPASSWORD','');
+ define('_USERACCOUNT','');
+ define('_USERCN','');
+ define('_STUDYID','');
+// define('_SKIN',$skin);
+ define('_LANG',$lang);
+ define('_SESSIONID','');
+ }
+ db_close($lr);
+ if ($num > 1) $_SESSION['alert'][] = 'message:multi_session';
+ if ($_sessionDt==="") define('_NOCOOKIE',true); // beállítjuk, hogy üzenni tudjunk
+
+ return false;
+
+ }
+
+ }
+
+}
+
+//===================================================================================================================================
+// ------------------------------------------
+// debug üzenetek tárolása - a $_DEBUG változóba kerül midnen
+// ------------------------------------------
+ if (_RUNLEVEL!=='cron') ob_start();
+
+// ------------------------------------------
+// a $page, $sub és $f csak a-z betűvel kezdődhet, utána pedig csak (a-z, /_-). $page és $f nem lehet üres
+// ------------------------------------------
+
+ if (
+ (preg_match('#^([a-z]|[A-Z])([0-9]|[a-z]|[A-Z]|/|_|-)*$#', $page) == false) OR
+ ($sub != '' AND preg_match('#^([a-z]|[A-Z])([0-9]|[a-z]|[A-Z]|/|_|-)*$#', $sub) == false) OR
+ (preg_match('#^([0-9]|[a-z]|[A-Z]|_|-)*$#', $f) == false)
+ ) {
+ $_SESSION['alert'][] = 'page:wrong_page:';
+ $RIGHTS_OK = false;
+ } else {
+ $RIGHTS_OK = true;
+ }
+
+// ------------------------------------------
+// Security Check: $policy szerinti ellenőrzés
+// ------------------------------------------
+
+ // A validUser (session.php) beállítja az alapvető session konstansokat is
+ if ( !validUser($sessionID,$policy,$skin,$lang) ) {
+ if ($AUTH[$policy]['authentication'] == 'required') {
+ if (defined('_NOCOOKIE')) $_SESSION['alert'][] = 'message:cookie';//$extendAlert='alert[]=message:cookie&';
+ $_SESSION['alert'][]='message:auth_failure:'._CONTROL_FLAG_REQUIRED;
+ header('Location: index.php?policy=public&page=auth&f=login&toPolicy='.$policy."&toPSF=$page:$sub:$f&sessionID=$sessionID");
+ die();
+ } else {
+ // Hibás, vagy nem létező sessionID esetének kezelése - ha nem kötelező a sessionID --> nem csinálunk semmit (lehet egy másik policy-ben valid
+ }
+
+ }
+ if (file_exists('include/share/session/base.php')) {
+ // A session kezeléshez szükséges backend függő függvények pl. memberOf
+ require('include/share/session/base.php');
+
+ }
+ // Remote Protocol Call (MaYoR)
+ if ($skin=='rpc') {
+ define('_RPC',true);
+ require_once('include/share/ssl/ssl.php');
+ try
+ {
+ $_RPC['senderNodeId'] = $senderNodeId = readVariable($_POST['senderNodeId'],'strictstring',0);
+ $RPC = new Interconnect();
+ $RPC->setRequestTarget('controller'); // A remoteHost lekérdezéshez kellhet
+ $RPC->setRemoteHostByNodeId($_RPC['senderNodeId']);
+ $RPC->processRequest(); // vélhetően van request
+ $_RPC['request'] = $RPC->getIncomingRequest();
+ }
+ catch (Exception $e)
+ {
+ //$func='';
+ //$DATA = array('error'=>$e->getMessage());
+ }
+ } else { define('_RPC',false); }
+ // Interconnect end
+
+ define('_RIGHTS_OK',$RIGHTS_OK);
+
+ /* XSRF2 */
+ define('__SALTNAME','MS_'.sha1($page.'_'.$sub.'_'.$f));
+ define('__SALTVALUE',sessionHash());
+ // mtoken
+ if (empty($_SESSION['mayorToken'])) {
+ $_SESSION['mayorToken'] = pseudoTokenGenerator();
+ }
+ if (count($_POST)>0) {
+ if (!empty($_POST['mayorToken'])) {
+ if (hash_equals($_SESSION['mayorToken'], $_POST['mayorToken'])) {
+ // OK, token regenerálás + visszakuldjuk az ETAG-ben
+ $_SESSION['mayorToken'] = pseudoTokenGenerator();
+ } else {
+ if ($_POST['action']!='') { /* Ha nincs action formváltozó, nincs szükség hibaüzenetre, a form nem módosít, de most... */
+ $_SESSION['alert'][] = 'message:not_valid_form:pnu2';
+ $_JSON['result'] = false;
+ }
+ unset($_POST['action']);
+ unset($action);
+ }
+ } else { // klasszikus ellenőrzés, fallback // TODO BEGIN DEPRECATED BLOCK
+ // $_JSON['result'] = false; // ITT gátolhatjuk a működést
+ if ($_COOKIE[__SALTNAME]=='') { // a session átállásig - ez semmitől nem véd, adott nevű sütit generálni bárki tud
+ $_SESSION['alert'][] = 'message:not_valid_form:no cookie'.$_SESSION[__SALTNAME];
+ $_JSON['result'] = false;
+ unset($_POST['action']);
+ unset($action);
+ } elseif (!is_null($_COOKIE[__SALTNAME]) && ($_COOKIE[__SALTNAME] == $_POST[__SALTNAME])) {
+ // rendben
+ } else {
+ if ($_POST['action']!='') { // Ha nincs action formváltozó, nincs szükség hibaüzenetre, a form nem módosít
+ $_SESSION['alert'][] = 'message:not_valid_form';
+ $_JSON['result'] = false;
+ }
+ unset($_POST['action']);
+ unset($action);
+ }
+ } // END DEPRECATED BLOCK
+ }
+ // eredeti post kezelés + ETAG prevent cache
+ if (($_SERVER['HTTPS']!=='on') || (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER']!='' && substr($_SERVER['HTTP_REFERER'],4,1)!=='s')) $_ssl = false; else $_ssl=true;
+ if (@setcookie(__SALTNAME,__SALTVALUE,time()+60*60*_SESSION_MAX_IDLE_TIME,'/','',$_ssl, true) == false) {
+ $_SESSION['alert'][] = 'message:no_cookie:unabletoset';
+ }
+ /* /XSRF2 previous revision: r4138 */
+
+ // betöltjük az össes config-ot... (lásd még widgets)
+ try {
+ $_dirlist = scandir(_CONFIGDIR);
+ for ($i=0; $i<count($_dirlist); $i++) {
+ $_dir = $_dirlist[$i];
+ if (is_dir(_CONFIGDIR.'/'.$_dir) && substr($_dir,0,7)=='module-') {
+ $_configFile = _CONFIGDIR . "/".$_dir.'/config.php';
+ list($_rest,$_module) = explode('-',$_dir);
+ if (in_array($_module,$VALID_MODULES)) {
+ $_loadModule[] = $_module;
+ if (file_exists($_configFile)) {
+ require_once($_configFile);
+ }
+ }
+ }
+ }
+ } catch (Exception $e) {
+ $_SESSION['alert'][] = 'info:config hiba:'.$e->getMessage();
+ }
+ // ha betöltenénk az ÖSSZES modul include-jait, akkor be kéne mindent tölteni kb. ugyhogy ezt hagyjuk
+ if ($dh_all = @opendir("include/widgets/")) {
+ $includes = array();
+ while (($_file = readdir($dh_all)) !== false) {
+ if (substr($_file,-4) == '.php') $includes[] = $_file;
+ }
+ closedir($dh_all);
+ sort($includes);
+ for ($i = 0; $i < count($includes); $i++) {
+ require_once("include/widgets/".$includes[$i]);
+ }
+ }
+ unset($file);
+ /* ---- */
+ if (!in_array($page,$_loadModule)) $_loadModule[] = $page;
+ for ($i=0; $i<count($_loadModule); $i++) {
+ $_module = $_loadModule[$i];
+ if (in_array($_module,$VALID_MODULES)) {
+ if ($dh = @opendir("include/modules/$_module/base")) {
+ $includes = array();
+ while (($file = readdir($dh)) !== false) {
+ if (substr($file,-4) == '.php') $includes[] = $file;
+ }
+ closedir($dh);
+ sort($includes);
+ for ($j = 0; $j < count($includes); $j++) {
+ require_once("include/modules/$_module/base/".$includes[$j]);
+ }
+ }
+ }
+ }
+ unset($file);
+ /* ---- */
+
+
+ $skinFile = _CONFIGDIR."/skin-$skin/$page-config.php";
+ if ($sub == '') {
+ $includeFile = "include/modules/$page/$f.php";
+ $preFile = "policy/$policy/$page/$f-pre.php";
+ $pageFile = "policy/$policy/$page/$f.php";
+ $staticFile = "static/$lang/$page/$f.html";
+ } else {
+ $includeFile = "include/modules/$page/$sub/$f.php";
+ $preFile = "policy/$policy/$page/$sub/$f-pre.php";
+ $pageFile = "policy/$policy/$page/$sub/$f.php";
+ $staticFile = "static/$lang/$page/$sub/$f.html";
+ }
+ if (!file_exists($preFile) && !file_exists($pageFile) && !file_exists($staticFile))
+ $_SESSION['alert'][] = 'page:page_missing:'.$page.'-'.$sub.'-'.$f;
+ /* DEFAULTS zcheck() */
+ if (defined('_ENABLE_IFRAME_EMBEDING'))
+ define('_ENABLE_IFRAME_EMBEDDING',_ENABLE_IFRAME_EMBEDING);
+ elseif (!defined('_ENABLE_IFRAME_EMBEDDING'))
+ define('_ENABLE_IFRAME_EMBEDDING',false);
+
+ if (!defined('__MAX_MENU')) define('__MAX_MENU',7);
+
+ if (!defined('__SUPPORT_EMAIL_ADDRESS')) {
+ if (!defined('__EMAIL_ENABLED')) define('__EMAIL_ENABLED',false);
+ } elseif (!defined('__SUPPORT_EMAIL_NAME')) {
+ define('__SUPPORT_EMAIL_NAME',_SITE.' support');
+ if (!defined('__EMAIL_ENABLED')) define('__EMAIL_ENABLED',true);
+ } else {
+ if (!defined('__EMAIL_ENABLED')) define('__EMAIL_ENABLED',true);
+ }
+ // ---------
+ //Breadcrumb
+ if (count($_SESSION['breadcrumb'])>10) array_shift($_SESSION['breadcrumb']);
+ $_SESSION['breadcrumb'][] = array('page'=>"$page",'sub'=>"$sub",'f'=>"$f");
+ // ---------
+ if (file_exists($includeFile)) require($includeFile);
+ if (file_exists($skinFile)) require($skinFile);
+ if (file_exists($preFile)) include($preFile);
+
+// ---------------------------------------
+// debug üzenetek tárolásának vége
+// ---------------------------------------
+ $_DEBUG = ob_get_contents();
+ ob_end_clean();
+
+
+?> \ No newline at end of file
diff --git a/mayor-orig/www/include/base/str.php b/mayor-orig/www/include/base/str.php
new file mode 100644
index 00000000..5c5a7c07
--- /dev/null
+++ b/mayor-orig/www/include/base/str.php
@@ -0,0 +1,230 @@
+<?php
+/*
+ Module: base
+
+ function kisbetus($str)
+ function nagybetus($str)
+ function ekezettelen($str)
+ function utf8_to_iso88592($str)
+ function iso88592_to_utf8($str)
+ function str_cmp($a,$b)
+*/
+
+mb_internal_encoding("UTF-8");
+
+// -------------------------------------------------------------------
+// Kisbetűssé konvertálás (a magyar ékezetes karaktereket is)
+// -------------------------------------------------------------------
+
+function kisbetus($str) {
+ $str = strtolower(mb_convert_encoding($str, 'ISO-8859-2', 'UTF-8'));
+ $str = strtr($str, "", "");
+ $str = mb_convert_encoding($str, 'UTF-8', 'ISO-8859-2');
+ return $str;
+}
+
+// -------------------------------------------------------------------
+// Nagybetűssé konvertálás (a magyar ékezetes karaktereket is)
+// -------------------------------------------------------------------
+
+function nagybetus($str) {
+ $str = strtoupper(mb_convert_encoding($str, 'ISO-8859-2', 'UTF-8'));
+ $str = strtr($str, "", "");
+ $str = mb_convert_encoding($str, 'UTF-8', 'ISO-8859-2');
+ return $str;
+}
+
+// -------------------------------------------------------------------
+// Ékezettelenné konvertálás (UTF-8 --> Lat2 --> ékezettelen)
+// -------------------------------------------------------------------
+
+function ekezettelen($str) {
+ return strtr(mb_convert_encoding($str, 'ISO-8859-2', 'UTF-8'), '', 'aaeiooouuuAAEIOOOUUU');
+}
+
+/*
+// ---------------------------------------------------------------------------
+//
+// UTF8 <--> ISO88592 váltás
+//
+// ---------------------------------------------------------------------------
+
+function UTF8_to_ISO88592($str) {
+
+ return mb_convert_encoding($str,'ISO-8859-2','UTF-8');
+
+}
+
+function ISO88592_to_UTF8($str) {
+
+ return mb_convert_encoding($str,'UTF-8','ISO-8859-2');
+
+}
+*/
+
+// ---------------------------------------------------------------------------
+//
+// Két string összehasonlítása a magyar ABC szerint ($a < $b => -1)
+//
+// ---------------------------------------------------------------------------
+
+function str_cmp($a,$b) {
+
+ $ABC = Array('a'=>1,
+ ''=>1,
+ ''=>1,
+ 'b'=>3,
+ 'c'=>4,
+ 'd'=>5,
+ 'e'=>6,
+ ''=>7,
+ 'f'=>8,
+ 'g'=>9,
+ 'h'=>10,
+ 'i'=>11,
+ ''=>12,
+ 'j'=>13,
+ 'k'=>14,
+ 'l'=>15,
+ 'm'=>16,
+ 'n'=>17,
+ 'o'=>18,
+ ''=>18,
+ ''=>20,
+ ''=>20,
+ 'p'=>22,
+ 'q'=>23,
+ 'q'=>24,
+ 'r'=>25,
+ 's'=>26,
+ 't'=>27,
+ 'u'=>28,
+ ''=>28,
+ ''=>30,
+ ''=>30,
+ 'v'=>32,
+ 'x'=>33,
+ 'w'=>34,
+ 'y'=>35,
+ 'z'=>36
+ );
+
+ $a = kisbetus(mb_convert_encoding($a,'ISO-8859-2','UTF-8'));
+ $b = kisbetus(mb_convert_encoding($b,'ISO-8859-2','UTF-8'));
+
+ if ($a==$b) return 0;
+
+ $i=0;
+ while( $i<strlen($a) && $i<strlen($b) && $a[$i]==$b[$i]) {
+ $i++;
+ }
+
+ if ($i==strlen($a) && $i<strlen($b)) {
+ return 1;
+ } elseif ($i==strlen($b) && $i<strlen($a)) {
+ return -1;
+ } elseif ($ABC[$a[$i]] < $ABC[$b[$i]]) {
+ return -1;
+ } else {
+ return 1;
+ }
+}
+
+ function decimal_to_roman($number) {
+ $roman = '';
+ while ($number >= 1000) { $roman .= "M"; $number = $number -1000; }
+ while ($number >= 900) { $roman .= "CM"; $number = $number -900; }
+ while ($number >= 500) { $roman .= "D"; $number = $number -500; }
+ while ($number >= 400) { $roman .= "CD"; $number = $number -400; }
+ while ($number >= 100) { $roman .= "C"; $number = $number -100; }
+ while ($number >= 90) { $roman .= "XC"; $number = $number -90; }
+ while ($number >= 50) { $roman .= "L"; $number = $number -50; }
+ while ($number >= 40) { $roman .= "XL"; $number = $number -40; }
+ while ($number >= 10) { $roman .= "X"; $number = $number -10; }
+ while ($number >= 9) { $roman .= "IX"; $number = $number -9; }
+ while ($number >= 5) { $roman .= "V"; $number = $number -5; }
+ while ($number >= 4) { $roman .= "IV"; $number = $number -4; }
+ while ($number >= 1) { $roman .= "I"; $number = $number -1; }
+ return $roman;
+ }
+
+ function visszafele($e) {$b='';for($i=0; $i<mb_strlen($e,'utf-8'); $i++) $b = mb_substr($e,$i,1).$b; return $b;}
+
+ function mayor_array_join ($a='') {
+ $ARGS = func_get_args();
+ $x = array();
+ for ($i=0;$i<count($ARGS);$i++) {
+ $a = $ARGS[$i];
+ if (is_array($a)) foreach($a as $v) $x[] = $v; elseif ($a!='') $x[] = $a;
+ }
+ return $x;
+ }
+
+ if(!function_exists('hash_equals')) {
+ function hash_equals($str1, $str2) {
+ if(strlen($str1) != strlen($str2)) {
+ return false;
+ } else {
+ $res = $str1 ^ $str2;
+ $ret = 0;
+ for($i = strlen($res) - 1; $i >= 0; $i--) $ret |= ord($res[$i]);
+ return !$ret;
+ }
+ }
+ }
+
+ if ( !function_exists( 'hex2bin' ) ) {
+ function hex2bin( $str ) {
+ $sbin = "";
+ $len = strlen( $str );
+ for ( $i = 0; $i < $len; $i += 2 ) {
+ $sbin .= pack( "H*", substr( $str, $i, 2 ) );
+ }
+ return $sbin;
+ }
+ }
+
+ function makeLinksClickable($text){
+ $pattern[] = '/(\S+@\S+\.\S+)/';
+ $replace[] = '<a href="mailto:$1">$1</a>';
+ $pattern[] = '!(((f|ht)tp(s)?://)[-a-zA-Zа-яА-Я()0-9@:%_+.~#?&;//=]+)!i';
+// $replace[] = '<a href="$1" target="_blank">$1</a> <a href="$1" target="_blank"><span class="icon-circle-arrow-right"></span></a>';
+ $replace[] = '<a href="$1" target="_blank">[LINK]</a>';
+ return preg_replace($pattern, $replace, $text);
+ }
+ function supertext($txt) {
+ $r = $txt;
+ $r = htmlspecialchars($r);
+ $pattern[]='/@diakId:(\d+)/';
+ $pattern[]='/@tanarId:(\d+)/';
+ $pattern[]='/@tankorId:(\d+)/';
+ //$pattern[]='/@osztalyId:(\d+)/';
+ $replacement[]='<b><span class="diakNev icon-child" data-diakid="${1}"></span></b>';
+ $replacement[]='<b><span class="tanarNev icon-adult" data-tanarid="${1}"></span></b>';
+ $replacement[]='<b><span class="tankorAdat" data-tankorid="${1}">[tankör adatok]</span></b>';
+ //$replacement[]='<b><span class="osztalyAdat" data-osztalyid="${1}">[osztály adatok]</span></b>';
+ $r = preg_replace($pattern,$replacement,$r);
+ return $r;
+ }
+
+
+ require_once('include/share/date/names.php');
+ function superdate($datetime) {
+ global $aHetNapjai;
+ $stamp = strtotime($datetime);
+ $date = date('Y-m-d',$stamp);
+ $dow = date('N',$stamp);
+ $Hi = date('H:i',$stamp);
+ if ($Hi == '00:00') $Hi = '';
+ if ($stamp<=strtotime('-6 day')) {
+ return date('Y.m.d.', $stamp).' '.$Hi;
+ } elseif ($date==date('Y-m-d')) {
+ return 'Ma '.$Hi;
+ } elseif ($dow>date('N')) {
+ return 'Múlt hét '.kisbetus($aHetNapjai[$dow-1]).' '.$Hi;
+ } else {
+ return $aHetNapjai[$dow-1].' '.$Hi;
+ }
+ }
+
+?>
diff --git a/mayor-orig/www/include/base/var.php b/mayor-orig/www/include/base/var.php
new file mode 100644
index 00000000..3068fbc6
--- /dev/null
+++ b/mayor-orig/www/include/base/var.php
@@ -0,0 +1,134 @@
+<?php
+ /*
+ Példa:
+ $szuletesiEv = readVariable($_POST['sze'], 'numeric unsigned', null, array(), '1900<$return && $return<2100');
+ */
+ function readVariable( $IN, $type = '', $default = null, $allowOnly = array(), $condition = null ) {
+
+ if (is_array($IN)) {
+ $return = array();
+ for ($i = 0; $i < count($IN); $i++) {
+ $_var = readVariable($IN[$i], $type, $default, $allowOnly, $condition);
+ if (isset($_var)) $return[] = $_var;
+ }
+ } else {
+ switch ($type) {
+ case 'numeric':
+ $return = (isset($IN) && is_numeric($IN)) ? intval($IN) : $default;
+ break;
+ case 'id':
+ case 'numeric unsigned':
+ $return = (isset($IN) && is_numeric($IN) && $IN >= 0) ? intval($IN) : $default;
+ break;
+ case 'float':
+ $return = (isset($IN) && is_numeric($IN)) ? floatval($IN) : $default;
+ break;
+ case 'float unsigned':
+ $return = (isset($IN) && is_numeric($IN) && $IN >= 0) ? floatval($IN) : $default;
+ break;
+ case 'datetime':
+ $return = (isset($IN) && $IN != '' && strtotime($IN) !== false && strtotime($IN) > 0) ? $IN : $default;
+ break;
+ case 'date':
+ $return = (isset($IN) && $IN != '' && strtotime($IN) !== false && strtotime($IN) > 0) ? date('Y-m-d',strtotime($IN)) : $default;
+ break;
+ case 'enum':
+ case 'emptystringnull':
+ case 'string':
+ if(get_magic_quotes_gpc()) $IN = stripslashes($IN); // -- DEPRECATED (mindig false)
+ $return = (isset($IN) && $IN != '') ? $IN : $default;
+ break;
+ case 'notempty':
+ $return = (isset($IN) && $IN != '') ? true : false;
+ break;
+ case 'bool':
+ // Ha nincs beállítva, akkor mindenképp true lenne így:
+ // $return = (isset($IN) && ($IN === 'false' || !$IN)) ? false : true;
+ $return = (isset($IN)) ? (($IN === 'false' || !$IN)? false : true) : $default;
+ break;
+ case 'strictstring':
+ $return = (isset($IN)) ? preg_replace("/[^a-zA-Z0-9_\-]/i",'',$IN) : $default;
+ break;
+ case 'html':
+ $return = (isset($IN)) ? preg_replace("/[^a-zA-Z0-9\ \.\,?_|:;űáéúőóüöíŰÁÉÚŐÓÜÖÍ\-]/i",'',$IN) : $default;
+ break;
+ case 'hexa':
+ $return = preg_replace("/[^0-9a-fA-F]/i",'',$IN);
+ break;
+ case 'number':
+ $return = preg_replace("/[^0-9]/",'',$IN);
+ break;
+ case 'sql':
+ $return = db_escape_string($IN);
+ if ($return === false) $return = $default;
+ break;
+ case 'path':
+ $return = ( preg_match('#^([a-z]|[A-Z]|[0-9])([0-9]|[a-z]|[A-Z]|/|_|-)*$#', $IN ) != false ) ? $IN : $default;
+ break;
+ case 'regexp':
+ $return = ( preg_match( "#$allowOnly[0]#", $IN ) == 1 ) ? $IN : $default;
+ break;
+ case 'regreplace':
+ $return = preg_replace( '#'.$allowOnly[0].'#i', '', $IN );
+ break;
+ case 'mail':
+ case 'email':
+ $return = filter_var($IN, FILTER_VALIDATE_EMAIL);
+ break;
+ case 'userAccount':
+ $return = (preg_match("#([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$#", $IN) != false) ? $IN : $default;
+ break;
+ default:
+ $return = $IN;
+ $_SESSION['alert'][] = 'message:unknown_type:'.$type.':readVariable';
+ break;
+ }
+ if ($return !== $default && !in_array($type,array('regexp','regreplace')) && count($allowOnly) > 0) $return = (in_array($return, $allowOnly)) ? $return : $default;
+ if (isset($condition) && $return != $default) $return = (eval("return $condition;")) ? $return : $default;
+ }
+
+ return $return;
+ }
+
+ function in_date_interval($dt,$tolDt,$igDt) {
+ $accept = false;
+ if ($dt == date('Y-m-d', strtotime($tolDt))) // ha a kezdőnapra esik
+ $accept = true;
+ if ($dt == date('Y-m-d', strtotime($igDt))) // ha a végnapra esik
+ $accept = true;
+ return (
+ $accept
+ || (
+ (is_null($tolDt) || strtotime($tolDt)<=strtotime($dt))
+ && (is_null($igDt) || strtotime($dt)<=strtotime($igDt))
+ )
+ );
+ }
+
+ // FIGYELEM! Csak megbízható belső kódban használjuk
+ function reindex($THIS, $HOW) {
+ // ha nincs megadva, hogy hogy, adjuk vissza az eredeti tömböt
+ if (!is_array($HOW) || count($HOW)==0) return $THIS;
+
+ $RET = array();
+ for ($i=0; $i<count($THIS); $i++) {
+ $val = '$RET';
+ foreach ( $HOW as $key ) {
+ $val .= '[$THIS[$i]["'.$key.'"]]';
+ }
+ $val .='[]=$THIS[$i];';
+ $fail = @eval($val); // not used
+ }
+ return $RET;
+ }
+
+ function dump() {
+
+ $ARGS=func_get_args();
+ echo '<pre>';
+ call_user_func_array('var_dump', $ARGS);
+ echo '<hr /></pre>';
+
+ }
+
+?>