diff options
author | M.Gergo | 2019-03-08 21:20:34 +0100 |
---|---|---|
committer | M.Gergo | 2019-03-08 21:20:34 +0100 |
commit | f51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0 (patch) | |
tree | e13e60e4b94a3b58f1e2bfbe271102c8f04b67bd /mayor-orig/www/include/base | |
parent | c76a004b0135786f2742283f8d5f917106f58bd8 (diff) | |
download | mayor-f51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0.tar.gz mayor-f51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0.zip |
további rendrakás
Diffstat (limited to 'mayor-orig/www/include/base')
-rw-r--r-- | mayor-orig/www/include/base/base.php | 233 | ||||
-rw-r--r-- | mayor-orig/www/include/base/cache.php | 33 | ||||
-rw-r--r-- | mayor-orig/www/include/base/config.php | 62 | ||||
-rw-r--r-- | mayor-orig/www/include/base/error.php | 44 | ||||
-rw-r--r-- | mayor-orig/www/include/base/log.php | 33 | ||||
-rw-r--r-- | mayor-orig/www/include/base/login.php | 139 | ||||
-rw-r--r-- | mayor-orig/www/include/base/mysql.php | 396 | ||||
-rw-r--r-- | mayor-orig/www/include/base/rights.php | 397 | ||||
-rw-r--r-- | mayor-orig/www/include/base/str.php | 230 | ||||
-rw-r--r-- | mayor-orig/www/include/base/var.php | 134 |
10 files changed, 0 insertions, 1701 deletions
diff --git a/mayor-orig/www/include/base/base.php b/mayor-orig/www/include/base/base.php deleted file mode 100644 index 378b31fd..00000000 --- a/mayor-orig/www/include/base/base.php +++ /dev/null @@ -1,233 +0,0 @@ -<?php -/* - Module: base -*/ - -function isMobile() { - if(preg_match('/(up.browser|up.link|windows ce|iemobile|mmp|symbian|smartphone|midp|wap|phone| vodafone|o2|pocket|mobile|pda|psp)/i',strtolower($_SERVER['HTTP_USER_AGENT']))) - return true; - //if(((strpos(strtolower($_SERVER['HTTP_ACCEPT']),'text/vnd.wap.wml')>0) or (strpos(strtolower($_SERVER['HTTP_ACCEPT']),'application/vnd.wap.xhtml+xml')>0)) or ((((isset($_SERVER['HTTP_X_WAP_PROFILE']) or isset($_SERVER['HTTP_PROFILE']) or isset($_SERVER['X-OperaMini-Features']) or isset($_SERVER['UA-pixels'])))))) - $mobile_ua = strtolower(substr($_SERVER['HTTP_USER_AGENT'],0,4)); - $mobile_agents = array('acs-','alav','alca','amoi','audi','aste','avan','benq' ,'bird','blac','blaz','brew','cell','cldc','cmd-','dang','doco','eric','hipt','inno','ipaq','java' ,'jigs','kddi','keji','leno','lg-c','lg-d','lg-g','lge-','maui','maxo','midp','mits','mmef','mobi','mot-','moto','mwbp','nec-','newt','noki','opwv','palm','pana','pant','pdxg' ,'phil','play','pluc','port','prox','qtek','qwap', 'sage','sams','sany','sch-','sec-','send','seri','sgh-','shar','sie-','siem','smal','smar','sony','sph-','symb','t-mo','teli','tim-','tosh','tsm-','upg1','upsi','vk-v','voda','wap-','wapa','wapi','wapp','wapr','webc','winw','winw' ,'xda','xda-'); - if(in_array($mobile_ua,$mobile_agents)) { - return true; - } -} - -// ------------------------------------------ -// PHP session -// ------------------------------------------ - - session_start(); - -// ------------------------------------------ -// Böngésző azonosítás -// ------------------------------------------ - - if (defined('_ALLOWPDAIDENTIFICATION') && isMobile()) define('_USER_AGENT','ppc'); // inkább ketté kéne bontani [wap,ppc] tartalomra - else - if (strpos($_SERVER['HTTP_USER_AGENT'],'Opera') !== false) define('_USER_AGENT','opera'); - elseif (strpos($_SERVER['HTTP_USER_AGENT'],'Gecko') !== false) define('_USER_AGENT','gecko'); - elseif (strpos($_SERVER['HTTP_USER_AGENT'],'MSIE') !== false) define('_USER_AGENT','msie'); - else define('_USER_AGENT',''); - - if (strstr($_SERVER['HTTP_USER_AGENT'],'iPhone')!=false) define('_USER_AGENT_PLUS','iPhone'); - else define('_USER_AGENT_PLUS',''); - - if (($_SESSION['isMobile']=isMobile())===true) $_SESSION['pageLayout']=1; // patch - -// MaYoR revision konstans definiálása - - if (@file_exists(_LOGDIR.'/revision')) { - $_rf = @fopen(_LOGDIR.'/revision', "r"); - if ($_rf) $rev = @fgets($_rf, 64); - @fclose($_rf); - } else { - //rev missing... - } - define('_MAYORREV',chop($rev)); - unset($rev); - -// ------------------------------------------ -// Default értékek -// ------------------------------------------ - /* - $policy - hozzáférési mód - kötelező - $page - megjelenítendő oldal - kötelező - $sub - aloldal - opcionális - $f - file - kötelező - $lang - az oldal nyelve - kötelező - skin - az oldal témája, "bőre" - kötelező - $action - elvégzendő feladat megjelölésére - opcionális - $_SESSION['alert'] - figyelmeztető üzenet (tömb) - opcionális - */ - - if (($__key = array_search('blue', $SKINS)) !== false) unset($SKINS[$__key]); - if (($__key = array_search('pda', $SKINS)) !== false) unset($SKINS[$__key]); - if ($AUTH['public']['skin'] == 'blue') $AUTH['public']['skin'] = 'classic'; - if ($AUTH['private']['skin'] == 'blue') $AUTH['private']['skin'] = 'classic'; - if ($AUTH['parent']['skin'] == 'blue') $AUTH['parent']['skin'] = 'classic'; - // itt beolvassuk, később még egy szigorítás is van - - if (_RUNLEVEL=='cron') { - $policy = 'private'; - @$page = readVariable($_SERVER['argv'][1],'strictstring'); - @$sub = readVariable($_SERVER['argv'][2],'strictstring'); - @$f = readVariable($_SERVER['argv'][3],'strictstring'); - @$sessionID = "cron"; - } else { - @$policy = readVariable($_REQUEST['policy'],'strictstring',null,$POLICIES); - @$page = readVariable($_REQUEST['page'],'strictstring'); - @$sub = readVariable($_REQUEST['sub'],'strictstring'); - @$f = readVariable($_REQUEST['f'],'strictstring'); - @$sessionID = readVariable($_GET['sessionID'],'hexa'); - } - if ($f == '') { - if ($sub != '') $f = $sub; - elseif ($page != '') $f = $page; - } - @$lang = readVariable($_GET['lang'],'strictstring',null,$LANGUAGES); - if (_RUNLEVEL === 'cron') $skin = 'cron'; - else @$skin = readVariable($_POST['skin'],'strictstring',readVariable($_GET['skin'],'strictstring',null,$SKINS),$SKINS); - @$action = readVariable($_REQUEST['action'],'strictstring',null); - // ++ ha még mindig üres a skin, és pocketpc-ről/pda jövünk (de megengedjük a felülírást) - // if (_USER_AGENT==='ppc' && $skin=='') $skin='pda'; - // ++ - //-- - if (is_array($POLICIES) && !in_array($policy, $POLICIES)) $policy = _DEFAULT_POLICY; - - define('_POLICY', $policy); - - // Miert ne csatolnánk be az összes policy beállítsait? --> config.php - - if ($f=='' && is_array($DEFAULT_PSF[$policy])) extract($DEFAULT_PSF[$policy], EXTR_OVERWRITE); - if (!in_array($lang, $LANGUAGES)) $lang=_DEFAULT_LANG; - // ha a skin még mindig üres, akkor az ellenőrzésnél a default-ot állítjuk be... - if (!@in_array($skin, $SKINS)) $skin = (isset($AUTH[$policy]['skin'])) ? $AUTH[$policy]['skin'] : _DEFAULT_SKIN; - - if (file_exists("lang/$lang/base/base.php")) { - require("lang/$lang/base/base.php"); - } elseif (file_exists('lang/'._DEFAULT_LANG.'/base/base.php')) { - require('lang/'._DEFAULT_LANG.'/base/base.php'); - } - - // A skin-hez tartozó beállátosok.. ha vannak... - ide való? De még a *-pre elé! - if (file_exists(_CONFIGDIR."/skin-$skin/config.php")) { - require(_CONFIGDIR."/skin-$skin/config.php"); - } elseif (file_exists(_CONFIGDIR.'/skin-'._DEFAULT_SKIN.'/config.php')) { - require(_CONFIGDIR.'/skin-'._DEFAULT_SKIN.'/config.php'); - } - -// ----------------------------------------------------------------- -// page() -// ----------------------------------------------------------------- - -function page($page, $sub, $f, $lang, $skin, $policy = _DEFAULT_POLICY) { - - global $_JSON; - if (html_alert($_SESSION['alert'])) { // A figyelmeztető üzenet letilthatja az oldal további megjelenítését. - if ($sub != '') { - $load = "$sub/$f"; - } else { - $load = $f; - } - - // --TEST $API_DICTIONARY['api']['naplo']['orarend']['orarend'] = true; - if ($skin=='api') { - $_JSON['api']['version'] = '1.0'; - if (isset($API_DICTIONARY[$skin][$page][$sub][$f])===false) { // --TODO API_DICTIONARY - return false; - } - } - - if (file_exists("policy/$policy/$page/$load.php")) { - if (file_exists("lang/$lang/module-$page/base.php")) { - require_once("lang/$lang/module-$page/base.php"); - } elseif (file_exists("lang/"._DEFAULT_LANG."/module-$page/base.php")) { - require_once("lang/"._DEFAULT_LANG."/module-$page/base.php"); - } - if (file_exists("lang/$lang/module-$page/$load.php")) { - require_once("lang/$lang/module-$page/$load.php"); - } elseif (file_exists("lang/"._DEFAULT_LANG."/module-$page/$load.php")) { - require_once("lang/"._DEFAULT_LANG."/module-$page/$load.php"); - } - if (file_exists("skin/$skin/module-$page/html/base.phtml")) { - require_once("skin/$skin/module-$page/html/base.phtml"); - } elseif ($skin!=='api' && file_exists("skin/"._DEFAULT_SKIN."/module-$page/html/base.phtml")) { // api esetén nem töltjük be a default skin phtml-t - require_once("skin/"._DEFAULT_SKIN."/module-$page/html/base.phtml"); - } - if (file_exists("skin/$skin/module-$page/html/$load.phtml")) { - require_once("skin/$skin/module-$page/html/$load.phtml"); - } elseif ($skin!=='api' && file_exists("skin/"._DEFAULT_SKIN."/module-$page/html/$load.phtml")) { // api esetén nem töltjük be a default skin phtml-t - require_once("skin/"._DEFAULT_SKIN."/module-$page/html/$load.phtml"); - } - $_JSON['api']['debug'] = serialize($page.$load); - - include("policy/$policy/$page/$load.php"); - } elseif (file_exists("static/$lang/$page/$load.html")) { - include("static/$lang/$page/$load.html"); - } else { - //??? ha már kiírtuk a hibaüzeneteket, újabbat nem írhatunk ki sajnos :( html_alert(array('page:page_missing:'."[$page]:[$sub]:[$f]")); --> rights.php - } - } -} - -function href($href,$get = array('sessionID','lang','skin','policy')) { - - global $sessionID,$lang,$skin,$policy,$page,$sub,$f,$action; - global $SKINS; - if ($href!='') { - if (strpos($href,'?') === false) { - $href .= '?'; - } else { - $href.='&'; - } - for ($i=0;$i<count($get);$i++) { - $par = $get[$i]; - if ($par == 'skin' && $skin == 'ajax') $value = readVariable($_GET['toSkin'],'enum',null,$SKINS); - else $value = $$par; - if (is_array($value)) { // pl. $_SESSION['alert'] - for ($j=0;$j<count($value);$j++) { - $href .= $par.'[]='.$value[$j].'&'; - } - } else { - $href .= "$par=".$value.'&'; - } - } - $href = substr($href,0,-1); - if ($skin == 'pda') $href .= '&rand='.rand(); // PDA hack - mer' a szemétje nem olvassa újra, hiába a fejlécen a sok okos varázslat... :( - $href = str_replace('&','&',str_replace('&','&',$href)); - } - return $href; - -} - -function location($href,$get = array('sessionID','lang','skin','policy')) { - - global $sessionID,$lang,$skin,$policy,$page,$sub,$f,$action; - - if ($href!='') { - if (strpos($href,'?')===false) { - $href.='?'; - } else { - $href.='&'; - } - for ($i=0;$i<count($get);$i++) { - $par = $get[$i]; - if (is_array($$par)) { // pl. $_SESSION['alert'] - for ($j=0;$j<count($$par);$j++) { - $href .= $par.'[]='.${$par}[$j].'&'; - } - } else { - $href .= "$par=".$$par.'&'; - } - } - $href = substr($href,0,-1); - $href = str_replace('&','&',$href); - } - - return $href; - -} - -?> diff --git a/mayor-orig/www/include/base/cache.php b/mayor-orig/www/include/base/cache.php deleted file mode 100644 index 3c630581..00000000 --- a/mayor-orig/www/include/base/cache.php +++ /dev/null @@ -1,33 +0,0 @@ -<?php -// MaYoR - GPL - author: support@mayor.hu -class mayorCache { - private $DATA = array(); - private $REGISTRY = array(); - public function exists($key) { - return (!is_null($this->DATA[$key])); - } - public function get($key) { - return $this->DATA[$key]; - } - public function set($key,$data, $dataType=null) { - $this->DATA[$key] = $data; - if ($dataType!='') $this->REGISTRY[$dataType][] = $key; - } - public function del($key) { - unset($this->DATA[$key]); - unset($this->REGISTRY[array_search($key,$this->REGISTRY)]); - } - public function flushdb() { - $this->DATA = array(); - $this->REGISTRY = array(); - } - public function delType($dataType) { - $c = count($this->REGISTRY[$dataType]); - for ($i=0; $i<$c; $i++ ) { - $this->del($this->REGISTRY[$dataType][$i]); - } - unset($this->REGISTRY[$dataType]); - } -} -$mayorCache = new mayorCache(); -?>
\ No newline at end of file diff --git a/mayor-orig/www/include/base/config.php b/mayor-orig/www/include/base/config.php deleted file mode 100644 index 28f711cb..00000000 --- a/mayor-orig/www/include/base/config.php +++ /dev/null @@ -1,62 +0,0 @@ -<?php - -if (PHP_SAPI!=='cli') define('_RUNLEVEL','www'); else define('_RUNLEVEL','cron'); - -define('_JSLIB','jquery.min'); - -if (!defined('_LOGLEVEL')) define('_LOGLEVEL',10); - -date_default_timezone_set('Europe/Budapest'); - -if (_RUNLEVEL === 'cron') { - (include("../config/main-config.php")); // csak webrootból futtatható -} else { - if (@file_exists('../config/main-config.php') && @is_readable('../config/main-config.php')==true) { - include("../config/main-config.php"); - } elseif(@file_exists('../config/main-config.php')===false) { - die('FATAL ERROR! Missing '.$_SERVER['DOCUMENT_ROOT'].'/../config/main-config.php'); - } elseif (@is_readable('../config/main-config.php')==false) { - die('FATAL ERROR! Forbidden to read "main-config.php"'); - } else { - die('FATAL ERROR! Unknown error! '.$_SERVER['DOCUMENT_ROOT'].'/../config/main-config.php'); - } - if (defined('_LOCKFILE') && @file_exists(_LOCKFILE)) { - include(_BASEDIR.'/update.php'); - die(); - } -} - -if (!defined('_SECURECOOKIE')) define('_SECURECOOKIE', true); - -define('_BASE_URL',( ($_SERVER['HTTPS']=='on')?"https://".$_SERVER['SERVER_NAME']:"http://".$_SERVER['SERVER_NAME'] )); - -/* classic, blue, ajax + rpc, + cron kiegészítés */ -$SKINS = @array_unique(array_merge($SKINS,array('classic','blue','ajax','rpc','gray','cron','api'))); -$SKINSSHOW = @array_unique(array_merge($SKINSSHOW,array('classic','vakbarat','gray'))); - -if (is_array($POLICIES) && defined('_CONFIGDIR')) { - foreach ($POLICIES as $key => $_policy) { - if (file_exists(_CONFIGDIR."/$_policy-conf.php")) { - @require(_CONFIGDIR."/$_policy-conf.php"); - if (file_exists(_BASEDIR.'/policy/'.$_policy.'/'.$DEFAULT_PSF[$_policy]['page'].'/'.$DEFAULT_PSF[$_policy]['sub'].'/'.$DEFAULT_PSF[$_policy]['f'].'.php') - === false) { - //nincs meg ez a file - $_SESSION['alert'][] = 'info:file_not_found:default page:'.$_policy.':'.implode(' ',$DEFAULT_PSF[$_policy]); - } - } else { - $DEFAULT_PSF[$_policy] = array(); - $_SESSION['alert'][] = 'page:file_not_found:'._CONFIGDIR."/$_policy-conf.php"; - } - } -} else { - $_SESSION['alert'][] = 'page:config_error:nincs POLICIES tömb vagy _CONFIGDIR konstans!'; -} - -if (!defined('__FBCONNECT_ENABLED')) define('__FBCONNECT_ENABLED',false); -if (!defined('__SHOW_FACES_TYPE')) define('__SHOW_FACES_TYPE','circle'); // circle, square, classic - -$VALID_MODULES =array('portal','naplo','auth','jatek','password','session','fenntarto'); -if(is_array($EXTRA_MODULES)) $VALID_MODULES = array_unique(array_merge($VALID_MODULES,$EXTRA_MODULES)); - - -?> diff --git a/mayor-orig/www/include/base/error.php b/mayor-orig/www/include/base/error.php deleted file mode 100644 index e790d65a..00000000 --- a/mayor-orig/www/include/base/error.php +++ /dev/null @@ -1,44 +0,0 @@ -<?php - - /* Ezen hibákat továbbra is reportoljuk */ - error_reporting(E_ERROR | E_PARSE); - - /* Saját Error Handler */ - function mayorErrorHandler($errno, $errmsg, $filename, $linenum, $vars) { - - $dt = date("Y-m-d H:i:s (T)"); - $errortype = array ( - E_ERROR => 'Error', //1 - E_WARNING => 'Warning', //2 - E_PARSE => 'Parsing Error', //4 - E_NOTICE => 'Notice', //8 - E_CORE_ERROR => 'Core Error', //16 - E_CORE_WARNING => 'Core Warning', //32 - E_COMPILE_ERROR => 'Compile Error', //64 - E_COMPILE_WARNING => 'Compile Warning', //128 - E_USER_ERROR => 'User Error', - E_USER_WARNING => 'User Warning', - E_USER_NOTICE => 'User Notice', // 1024 - E_STRICT => 'Runtime Notice', // 2048 - E_RECOVERABLE_ERROR => 'Catchable Fatal Error', // 4096 - E_ALL => 'ALL', //binary 1111111111111 - ); - $userError = array(E_USER_ERROR, E_USER_WARNING, E_USER_NOTICE); - $trackOnly = array(E_USER_ERROR, E_ERROR, E_USER_WARNING, E_USER_NOTICE, E_WARNING); - if (defined('__TESTERRORREPORTERWARN')) $trackOnly[] = E_NOTICE; - if (in_array($errno,$userError)) { - $err = "$dt $errno ".$errtype[$errno]." $errmsg"; - } elseif (in_array($errno,$trackOnly)) { - $err = "$dt $errno ".$errtype[$errno]." $errmsg $filename $linenum"; - /* if (in_array($errno, $user_errors)) { $err .= " vartrace(" . wddx_serialize_value($vars, "Variables") . ") ";} */ - // if (defined('_LOGDIR')) error_log($err, 0, _LOGDIR.'/phperror.log'); - } - if ($err!='') $_SESSION['alert'][] = 'alert:raw:'._MAYORREV.':'._USERACCOUNT.':'.':'.$err; - return false; - } - - /* Írjuk felül a gyárit */ - $old_error_handler = set_error_handler("mayorErrorHandler"); - //restore_error_handler(); - -?> diff --git a/mayor-orig/www/include/base/log.php b/mayor-orig/www/include/base/log.php deleted file mode 100644 index 14e214a9..00000000 --- a/mayor-orig/www/include/base/log.php +++ /dev/null @@ -1,33 +0,0 @@ -<?php -/* - Module: base - - function naploz($aCode) - function szamlal($policy,$page) -*/ - define('CLIENTIPADDRESS',_clientIp()); - function _clientIp() { - return ($_SERVER['HTTP_X_FORWARDED_FOR']!='')?$_SERVER['HTTP_X_FORWARDED_FOR']:$_SERVER['REMOTE_ADDR']; - } - - function logLogin($policy, $userAccount, $flag) { //loginLog - $q = "INSERT INTO loginLog (dt,ip,userAccount,policy,flag) VALUES (NOW(),'%s','%s','%s', %u)"; - db_query($q, array('fv' => 'logLogin', 'modul' => 'login', 'values' => array(_clientIp(), $userAccount, $policy, $flag))); - } - - function szamlal($policy, $page) { - $q = "INSERT INTO stat (dt, policy, page) VALUES (NOW(),'%s','%s')"; - db_query($q, array('fv' => 'szamlal', 'modul' => 'login', 'values' => array($policy, $page))); - } - - function mayorLogger($loglevel, $modul, $message, $userAccount='') { - if ($loglevel>_LOGLEVEL) { - $fp = fopen(_LOGDIR.'/'.$modul.'.log','a+'); - if ($fp!=false) { - $msg = date('Y-m-d H:i:s').' '.$userAccount.': '.$message."\n"; - fputs($fp,$msg); - fclose($fp); - } - } - } -?> diff --git a/mayor-orig/www/include/base/login.php b/mayor-orig/www/include/base/login.php deleted file mode 100644 index 4624a92a..00000000 --- a/mayor-orig/www/include/base/login.php +++ /dev/null @@ -1,139 +0,0 @@ -<?php - - if ($sessionMode===2 || $action == 'mayorGlobalLogin' || $action == 'facebooklogin' || $action== 'googleapilogin') { - - $toPolicy = readVariable($_REQUEST['toPolicy'], 'enum', 'private', $POLICIES); - $policyOrderIndex = readVariable($_POST['policyOrderIndex'], 'id', 0); - - $__POLICYORDER[0] = array('private','parent','public'); - $__POLICYORDER[1] = array('private'); - $__POLICYORDER[2] = array('parent'); - $__POLICYORDER[3] = array('public'); - - $toSkin = readVariable($_POST['toSkin'], 'enum', readVariable($_GET['toSkin'], 'enum', null, $SKINSSHOW), $SKINSSHOW); - @list($toPage,$toSub,$toF) = readVariable(explode(':',$_REQUEST['toPSF']), 'strictstring'); - $toPSF = "$toPage:$toSub:$toF"; - // Autentikáció - alapok - $fbAuth = false; - if (file_exists('include/share/auth/base.php')) { - require_once('include/share/auth/base.php'); - } - require_once('include/modules/auth/base/login.php'); - - // lejart session-ok torlese - require_once('include/share/session/close.php'); - closeOldAndIdleSessions(); - - if (__FBCONNECT_ENABLED===true && $action=='facebooklogin') { - if (version_compare(PHP_VERSION, '5.4.0', '<')) { - $_SESSION['alert'][] = 'info::facebook:szerver konfigurációs hiba, legalább 5.4-es php verzió szükséges'; - return false; - } - require_once('include/share/net/facebook.php'); - $FBDATA = mayorFacebookAuth(); // preAuth - if (is_array($FBDATA) && $FBDATA['accessToken']!="") { - $userAccount = $FBDATA['userAccount']; - $fbAuth = true; - } - } elseif (__GOOGLEAPI_ENABLED===true && $action=='googleapilogin') { - if (version_compare(PHP_VERSION, '5.5.0', '<')) { - $_SESSION['alert'][] = 'info::googleapi:szerver konfigurációs hiba, legalább 5.5-ös php verzió szükséges'; - return false; - } - require_once('include/share/net/googleapi.php'); - $GOOGLEAPIDATA = mayorGoogleApiAuth(); // preAuth - if (($GOOGLEAPIDATA) && $GOOGLEAPIDATA['userAccount']!="") { - $userAccount = $GOOGLEAPIDATA['userAccount']; - $googleapiAuth = true; - } - } elseif ($sessionMode===2) { - $MAYORAPIDATA = mayorApiAuth(); - if ($MAYORAPIDATA!==false && $MAYORAPIDATA['userAccount']!="") { - $userAccount = $MAYORAPIDATA['userAccount']; - $toPolicy = $MAYORAPIDATA['toPolicy']; - $mayorapiAuth = true; - } else { - unsetTokenCookies(); // + unregister token - } - } else { - $userPassword = readVariable($_POST['userPassword'], 'string'); - // $userAccount = readVariable($_POST['userAccount'], 'regexp', null, array("^([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$")); - $userAccount = readVariable($_POST['userAccount'], 'userAccount', null); - } - - if (defined('_BOLONDOS') && _BOLONDOS===true) $userAccount = visszafele($userAccount); - if (is_array($AUTH[$toPolicy]['allowOnly']) && !in_array($userAccount,$AUTH[$toPolicy]['allowOnly'])) $userAccount=''; - - if ($sessionID != '') $accountInformation['sessionID'] = $sessionID; - if ($userAccount != '' and ($userPassword != '' or $fbAuth===true or $googleapiAuth===true or $mayorapiAuth === true)) { - - for ($i=0; $i<count($__POLICYORDER[$policyOrderIndex]); $i++) { - $toPolicy=$__POLICYORDER[$policyOrderIndex][$i]; - if (!in_array($AUTH[$toPolicy]['authentication'],array('required','try'))) { - continue;; - } - $accountInformation = array('account' => $userAccount, 'password' => $userPassword, 'policy' => $toPolicy, 'skin'=>$toSkin); - if ($fbAuth===true) { - if ($FBDATA['toPolicy']==$toPolicy) { - $result = _AUTH_SUCCESS; // az authentikációt a mayorFacebookAuth() csinálta - $accountInformation['cn'] = $FBDATA['fbUserCn']; - $accountInformation['mail'] = $FBDATA['fbUserEmail']; - $accountInformation['studyId'] = $FBDATA['studyId']; - } else { - $_SESSION['alert'][] = 'info:A facebook azonosító nincs még összekötve! Először lépj be a MaYoR-ba, és kezdeményezd a facebook connectet!'; - continue;; - } - } elseif ($googleapiAuth===true) { - if ($GOOGLEAPIDATA['toPolicy']==$toPolicy) { - $result = _AUTH_SUCCESS; // az authentikációt a mayorGoogleapiAuth() csinálta - $accountInformation['cn'] = $GOOGLEAPIDATA['googleUserCn']; - $accountInformation['mail'] = $GOOGLEAPIDATA['googleUserEmail']; - $accountInformation['studyId'] = $GOOGLEAPIDATA['studyId']; - } else { - $_SESSION['alert'][] = 'info:A google azonosító nincs még összekötve! Először lépj be a MaYoR-ba, és kezdeményezd!'; - continue;; - } - } elseif ($mayorapiAuth===true) { - if ($MAYORAPIDATA['toPolicy'] == $toPolicy) { - $result = _AUTH_SUCCESS; // az authentikációt a mayorApiAuth() csinálta - $accountInformation['cn'] = $MAYORAPIDATA['userCn']; - // $accountInformation['mail'] = $MAYORAPIDATA['userEmail']; - $accountInformation['studyId'] = $MAYORAPIDATA['studyId']; - } else { - continue;; - } - } else { - $result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy); // ??? toPolicy benne van az AccountInformation-ben!!! Ldap backend only? - } - logLogin($toPolicy, $userAccount, $result); - - define('_MAYORAUTHRESULT',$result); - if ($result === _AUTH_SUCCESS) { - $_SESSION['alert'] = array(); - $sessionID = newSession($accountInformation, $toPolicy); - if ($mayorapiAuth!==true) generateAuthToken(array('userAccount'=>$userAccount, 'policy'=>$toPolicy, 'userCn'=>$accountInformation['cn'], 'studyId'=>$accountInformation['studyId'])); // --TODO untrusted clients - if ($toSkin == '') $toSkin = $skin; - header('Location: '.location("index.php?page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID&policy=$toPolicy&lang=$lang&skin=$toSkin", array('alertOLD'))); - break; - } elseif ($result === _AUTH_EXPIRED) { - $_SESSION['alert'][] = 'message:force_pw_update'; - header('Location: '.location("index.php?policy=public&page=password&f=changeMyPassword&userAccount=".$userAccount."&toPolicy=$toPolicy&skin=$toSkin", array('alertOLD'))); - break; - } elseif ($result === _AUTH_FAILURE_1) { - // nincs ilyen user, megpróbáljuk beauthentikálni parent-tel is. - } elseif ($result >= _AUTH_FAILURE) { - // sikertelen azonosítás - a hibaüzenetet a függvény generálja - // megpróbáljuk beauthentikálni parent-tel is. - break; - } else { - // Ilyen csak hibás függvényműködés esetén lehet: - $_SESSION['alert'][] = "message:default:hibás visszatérési érték:userAuthentication:(".serialize($result).")"; - break; - } - } - } else { - $_SESSION['alert'][] = 'message:empty_field'; - } - } - -?> diff --git a/mayor-orig/www/include/base/mysql.php b/mayor-orig/www/include/base/mysql.php deleted file mode 100644 index b2e22f82..00000000 --- a/mayor-orig/www/include/base/mysql.php +++ /dev/null @@ -1,396 +0,0 @@ -<?php - - error_reporting(E_ALL && ~E_NOTICE); -// error_reporting(E_ALL); - - //if (!defined("MYSQLI_ENABLED")) define("MYSQLI_ENABLED",function_exists('mysqli_connect')); - if (!defined("MYSQLI_ENABLED")) define("MYSQLI_ENABLED",false); // egyelőre kikapcsoljuk, mert az Illyés-ben pl egfeküdt a szerver ettől - if (is_array($AUTH)) foreach ($AUTH as $_policy => $config) { - if ($config['backend'] == 'mysql') { - $MYSQL_DATA[$_policy . ' auth'] = array( - 'user' => $config['mysql user'], - 'host' => $config['mysql host'], - 'pw' => $config['mysql pw'], - 'db' => $config['mysql db'], - ); - if ($MYSQL_DATA[$_policy . ' auth']['host']=='') - if ($MYSQL_DATA['host']=='') - $MYSQL_DATA[$_policy . ' auth']['host'] = 'localhost'; - else - $MYSQL_DATA[$_policy . ' auth']['host'] = $MYSQL_DATA['host']; - } - } -//-----------------------------------------------------------------------// - - function db_selectDb($db,$lr) { - if (MYSQLI_ENABLED===true) - return mysqli_select_db($lr,$db); - else - return mysql_select_db($db,$lr); - } - - function db_connect($modul, $SET = array('priv' => null, 'force' => true, 'host'=> null, 'username' => null, 'password' => null, 'db' => null, 'fv' => null)) { - - global $MYSQL_DATA; - - $lr = false; - extract($SET); - if (!isset($force)) $force = true; - if (!isset($priv)) $priv = ''; - - //if ($MYSQL_DATA['persistent']===true) $mysql_connect = 'mysql_pconnect'; else $mysql_connect = 'mysql_connect'; - $mysql_connect = 'mysql_connect'; - /* setting host */ - if (!isset($host)) { - if ($MYSQL_DATA[$modul]['host'.$priv]=='') { - if ($MYSQL_DATA[$modul]['host']=='') { - if ($MYSQL_DATA['host']=='') { - $host = 'localhost'; - } else { - $host = $MYSQL_DATA['host']; - } - } else { - $host = $MYSQL_DATA[$modul]['host']; - } - } else { - $host = $MYSQL_DATA[$modul]['host'.$priv]; - } - } - /* --- */ - if ($priv == 'root') { - if (MYSQLI_ENABLED===true) - $lr = @mysqli_connect($host, $username, $password); // force new ??? - else - $lr = @$mysql_connect($host, $username, $password, $force); - } else { - /* --- */ - if (is_array($MYSQL_DATA[$modul])) { - if (isset($priv) && $priv != '' && isset($MYSQL_DATA[$modul]['user'.$priv])) { // Először megpróbálunk $priv szerinti privilégiummal csatlakozni - if (MYSQLI_ENABLED===true) - $lr = @mysqli_connect($host, $MYSQL_DATA[$modul]['user'.$priv], $MYSQL_DATA[$modul]['pw'.$priv], $MYSQL_DATA[$modul]['db']); - else - $lr = @$mysql_connect($host, $MYSQL_DATA[$modul]['user'.$priv], $MYSQL_DATA[$modul]['pw'.$priv], $force); - } - if ($lr === false) {// Ha nem sikerült, vagy nem volt megadva privilégium, akkor próbáljunk anélkül csatlakozni - if (MYSQLI_ENABLED===true) - $lr = @mysqli_connect($host, $MYSQL_DATA[$modul]['user'], $MYSQL_DATA[$modul]['pw'], $MYSQL_DATA[$modul]['db']); - else - $lr = @$mysql_connect($host, $MYSQL_DATA[$modul]['user'], $MYSQL_DATA[$modul]['pw'], $force); - } - } else { - $_SESSION['alert'][] = "message:sql_failure/${SET['fv']}:db_connect:modul $modul has no config"; - } - } - if ($lr) { - // mysql_set_charset('utf8', $lr); - if ($priv != 'root') $db = $MYSQL_DATA[$modul]['db']; - if ($db != '') { - $result = db_selectDb($db , $lr); - if ($result === true) { - if (MYSQLI_ENABLED===true) { - mysqli_set_charset($lr, "utf8"); - mysqli_query($lr, "SET NAMES utf8"); - mysqli_query($lr, "SET collation_connection='utf8_hungarian_ci'"); - } else { - mysql_query("SET NAMES utf8", $lr); - mysql_query("SET collation_connection='utf8_hungarian_ci'", $lr); - } - } else { - $_SESSION['alert'][] = "message:sql_select_db_failure:db_connect/${SET['fv']}:$modul:".$MYSQL_DATA[$modul]['db']; - mysql_close($lr); - return false; - } - } elseif (!isset($MYSQL_DATA[$modul]['db'])) { - $_SESSION['alert'][] = "message:sql_warning:db_connect/${SET['fv']}:modul $modul has empty database config value"; - } - } else { - if (__DEBUG || (defined('__DETAILED') && __DETAILED)) $_SESSION['alert'][] = "message:sql_connect_failure:db_connect/${SET['fv']}:modul - $modul, priv - $priv, username - $username, db - $db"; - else $_SESSION['alert'][] = "message:sql_connect_failure:db_connect/${SET['fv']}:$modul modul"; - } - return $lr; - - } - - function db_close($lr) { - if ($MYSQL_DATA['persistent']!==true) { - if (MYSQLI_ENABLED===true) - return mysqli_close($lr); - else - return mysql_close($lr); - } else - return true; // not closing; - } - -//-----------------------------------------------------------------------// - - function db_query($q, $SET, $olr = null) { - /* - $SET = array( - 'modul' => '...' - 'fv' => '...' - 'result' => 'indexed'|'assoc'|'multiassoc'|'idonly'|'value'|'record'|'keyvaluepair'|'insert'|'affected rows' - 'keyfield' => '...' (if result in (assoc,multiassoc)) - 'detailed' => true | false (default) (echo the query in error messages) - 'debug' => true | false (default) (echo the query before quering it) - 'rollback' => true | false (default) - 'values' => array(...) (if $q is an sprintf format string) - ); - */ - global $_JSON; - - if (!isset($q) || $q == '') { - $_SESSION['alert'][] = 'message:sql_query_failure:db_query/'.$SET['fv'].':query is empty'; - return false; - } - - if (!isset($SET['result'])) $SET['result'] = ''; - - // Adatbázis csatlakozás (ha szükséges) - if (isset($olr) && $olr != '') { - if (MYSQLI_ENABLED===true) - $mysql_get_server_info = mysqli_get_server_info($olr); - else - $mysql_get_server_info = @mysql_get_server_info($olr); - } - if (isset($olr) && $olr != '' && $mysql_get_server_info !== false) { - $lr = $olr; - } else { - unset($olr); - if (in_array(substr(strtolower($q),0,4), array('sele','show','expl','set ','use '))) $lr = @db_connect($SET['modul'], array('priv' => 'Read', 'fv' => $SET['fv'])); - else $lr = @db_connect($SET['modul'], array('priv' => 'Write', 'fv' => $SET['fv'])); - } - if ($lr === false) { - if ($SET['detailed'] === true || __DETAILED) $_SESSION['alert'][] = 'message:sql_connect_failure:db_query/'.$SET['fv'].':'.$SET['modul'].':'.$q; - else $_SESSION['alert'][] = 'message:sql_connect_failure:db_query/'.$SET['fv']; - return false; - } - - // Ha behelyettesítendő paraméterek vannak - if (isset($SET['values']) && is_array($SET['values']) && count($SET['values']) > 0) { - $SET['values'] = array_map('db_escape_string', $SET['values'], array_fill(0 , count($SET['values']), $lr)); - array_unshift($SET['values'], $q); - $q_pattern = $q; - $q = @call_user_func_array('sprintf', $SET['values']); - if ($q === false) { - $_SESSION['alert'][] = 'message:wrong_data:db_query:behelyettesítés:'.$SET['fv']; - return false; - } - } - if ((isset($SET['debug']) && $SET['debug']===true) || (defined('__DEBUG') && __DEBUG === true)) { - $_q = str_replace(" ",'',$q); - echo '<pre>info:debug:'.htmlspecialchars($SET['modul'].':'.$SET['fv'].':'.date('Y-m-d H:i:s').': '." \n".$_q)."<hr /></pre>"; - if ($_GET['skin'] == 'ajax') $_JSON['sql log'][] = $SET['modul'].':'.$SET['fv'].':'.date('Y-m-d H:i:s').': '." \n".$_q; - if ($_GET['skin'] == 'rpc') { - openlog("MaYoR", LOG_PID | LOG_PERROR, LOG_LOCAL0); - syslog(LOG_WARNING, '[RPC]MySQL: '.(json_encode($SET)).", query: $_q {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})"); - closelog(); - } - } - if ( - ($SET['detailed'] === true || __DETAILED) - && strpos($q_pattern, '%s') !== false - && (strpos($q_pattern, '`%s`') === false && strpos($q_pattern, "'%s'") === false) - ) $_SESSION['alert'][] = 'message:lehet hiba?:db_query/'.$SET['fv'].':'.$SET['modul'].':'.$q_pattern; - - if ($SET['log']===true) mayorLogger(10,'mysql',$q,_USERACCOUNT); - if (MYSQLI_ENABLED===true) - $r = mysqli_query($lr,$q); - else - $r = @mysql_query($q, $lr); - define(MYSQL_LOGGER,false); - if (MYSQL_LOGGER === true) { - $filename = '/tmp/mysql.log'; - $fp = fopen($filename, "a+"); - fputs ($fp, $q."\n"); - fclose ($fp); - } - /* WARNING HANDLER */ -// if ((isset($SET['debug']) && $SET['debug']===true) || (defined('__DEBUG') &&__DEBUG === true) || (defined('__DETAILED') && __DETAILED===true)) { - if ((isset($SET['debug']) && $SET['debug']===true) || (defined('__DEBUG') &&__DEBUG === true)) { - if (MYSQLI_ENABLED===true) - $warningCountResult = mysqli_query($lr,"SELECT @@warning_count"); - else - $warningCountResult = mysql_query("SELECT @@warning_count",$lr); - if ($warningCountResult) { - if (MYSQLI_ENABLED===true) - $warningCount = mysqli_fetch_row($lr,$warningCountResult); - else - $warningCount = mysql_fetch_row($warningCountResult); - if ($warningCount[0] > 0) { - //Have warnings - if (MYSQLI_ENABLED===true) - $warningDetailResult = mysqli_query($lr, "SHOW WARNINGS"); - else - $warningDetailResult = mysql_query("SHOW WARNINGS",$lr); - if ($warningDetailResult ) { - if (MYSQLI_ENABLED===true) - while ($warning = mysqli_fetch_assoc($lr, $warningDetailResult)) {dump($warning); mayorLogger(2,'mysql',$q.' '.$warning,_USERACCOUNT);} - else - while ($warning = mysql_fetch_assoc($warningDetailResult)) {dump($warning); mayorLogger(2,'mysql',$q.' '.$warning,_USERACCOUNT);} - } - }//Else no warnings - } - } - /* WARNING HANDLER */ - if (!$r) { - // if ($SET['detailed'] === true || __DETAILED) $_SESSION['alert'][] = 'message:sql_query_failure:'.$SET['fv'].':'.':'.$q; - if ($SET['detailed'] === true || __DETAILED) { - if (MYSQLI_ENABLED===true) { - $_SESSION['alert'][] = 'message:sql_query_failure:mysqli:'.$SET['fv'].':'.mysqli_error($lr).':'.$q; - } else { - $_SESSION['alert'][] = 'message:sql_query_failure:mysql:'.$SET['fv'].':'.mysql_error($lr).':'.$q; - } - } else { - $_SESSION['alert'][] = 'message:sql_query_failure:'.$SET['fv']; - } - if ($SET['rollback'] === true) db_rollback($lr, $SET['fv']); - if (!isset($olr)) db_close($lr); - return false; - } - - if (MYSQLI_ENABLED === true) { - - if (in_array(substr(strtolower($q),0,4), array('sele','show','expl','(sel'))) { - $RESULT = array(); - switch($SET['result']) { - case 'indexed': - while ($A = mysqli_fetch_assoc($r)) $RESULT[] = $A; - break; - case 'assoc': - while ($A = mysqli_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]] = $A; - break; - case 'multiassoc': - while ($A = mysqli_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]][] = $A; - break; - case 'idonly': - while ($A = mysqli_fetch_row($r)) $RESULT[] = $A[0]; - break; - case 'value': - if (mysqli_num_rows($r) > 0) { - $A = mysqli_fetch_row($r); $RESULT = $A[0]; - } else { $RESULT = null; } - break; - case 'record': - if (mysqli_num_rows($r) > 0) { - $A = mysqli_fetch_assoc($r); $RESULT = $A; - } else { $RESULT = null; } - break; - case 'keyvaluepair': - while ($A = mysqli_fetch_row($r)) $RESULT[$A[0]] = $A[1]; - break; - case 'keyvalues': - while ($A = mysqli_fetch_row($r)) $RESULT[$A[0]][] = $A[1]; - break; - } - } elseif ($SET['result'] == 'insert' && (substr(strtolower($q),0,6) == 'insert' || substr(strtolower($q),0,7) == 'replace')) { - $RESULT = mysqli_insert_id($lr); - mayorLogger(1,'mysql',$q,_USERACCOUNT); - } elseif ($SET['result'] == 'affected rows') { - $RESULT = mysqli_affected_rows($lr); - mayorLogger(1,'mysql',$q,_USERACCOUNT); - } else { // create, insert, de nem olyan resulttal... - $RESULT = $r; - mayorLogger(1,'mysql',$q,_USERACCOUNT); - } - } else { // OLD DRIVER - - if (in_array(substr(strtolower($q),0,4), array('sele','show','expl','(sel'))) { - $RESULT = array(); - switch($SET['result']) { - case 'indexed': - while ($A = mysql_fetch_assoc($r)) $RESULT[] = $A; - break; - case 'assoc': - while ($A = mysql_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]] = $A; - break; - case 'multiassoc': - while ($A = mysql_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]][] = $A; - break; - case 'idonly': - while ($A = mysql_fetch_row($r)) $RESULT[] = $A[0]; - break; - case 'value': - if (mysql_num_rows($r) > 0) { - $A = mysql_fetch_row($r); $RESULT = $A[0]; - } else { $RESULT = null; } - break; - case 'record': - if (mysql_num_rows($r) > 0) { - $A = mysql_fetch_assoc($r); $RESULT = $A; - } else { $RESULT = null; } - break; - case 'keyvaluepair': - while ($A = mysql_fetch_row($r)) $RESULT[$A[0]] = $A[1]; - break; - case 'keyvalues': - while ($A = mysql_fetch_row($r)) $RESULT[$A[0]][] = $A[1]; - break; - } - } elseif ($SET['result'] == 'insert' && (substr(strtolower($q),0,6) == 'insert' || substr(strtolower($q),0,7) == 'replace')) { - $RESULT = mysql_insert_id($lr); - mayorLogger(1,'mysql',$q,_USERACCOUNT); - } elseif ($SET['result'] == 'affected rows') { - $RESULT = mysql_affected_rows($lr); - mayorLogger(1,'mysql',$q,_USERACCOUNT); - } else { // create, insert, de nem olyan resulttal... - $RESULT = $r; - mayorLogger(1,'mysql',$q,_USERACCOUNT); - } - } // DRIVER - - if (!isset($olr)) db_close($lr); - return $RESULT; - - } - -//-----------------------------------------------------------------------// - - function db_start_trans($lr) { - if ($lr != '') - if (MYSQLI_ENABLED === true) - mysqli_query($lr, "START TRANSACTION"); - else - mysql_query("START TRANSACTION", $lr); - } - - function db_commit($lr) { - if ($lr != '') - if (MYSQLI_ENABLED === true) - mysqli_query($lr, "COMMIT"); - else - mysql_query("COMMIT", $lr); - } - - function db_rollback($lr, $msg = '') { - if ($lr != '') { - $_SESSION['alert'][] = 'message:rollback:'.$msg; - if (MYSQLI_ENABLED === true) - mysqli_query($lr, "ROLLBACK"); - else - mysql_query("ROLLBACK", $lr); - } - } - -//---------------------------------------------------------------------// - - function db_escape_string($str, $olr = null) { - - if (isset($olr)) $lr = $olr; - else $lr = db_connect('login'); - - if (!$lr) return false; - - if(get_magic_quotes_gpc()) { - $return = mysql_real_escape_string(stripslashes($str), $lr); - } else { - if (MYSQLI_ENABLED===true) - $return = mysqli_real_escape_string($lr, $str); - else - $return = mysql_real_escape_string($str, $lr); - } - if (!isset($olr)) db_close($lr); - - return $return; - } - -?> diff --git a/mayor-orig/www/include/base/rights.php b/mayor-orig/www/include/base/rights.php deleted file mode 100644 index dc6b7aa7..00000000 --- a/mayor-orig/www/include/base/rights.php +++ /dev/null @@ -1,397 +0,0 @@ -<?php - -// --TODO-- ez nem ide való! -require_once('include/modules/auth/base/token.php'); - - -/* - Module: base - - validUser($sessionID,$policy,$skin='',$lang='') - - - ellenőrizzük a $page, $sub, $f formai helyességét - - validUser - ellenőrzi, hogy be vagyunk-e jelentkezve, beállítja a konstansokst, ha kell elküld az auth oldalra - - validUser esetén a session kezelő fv-ek csatolása (backend függő) - - a module, psf include fájlainak és a pre fájlnak a csatolása - - A validUser fv két funkciót lát el egyszerre (ellenőriz, és konstans beállít). - A konstansokat (pl. _SESSIONID) csak az aktuális policy-re állítjuk, a toPolicyra nem. - A validUser figyelembe veszi a _SESSION_MAX_IDLE_TIME konstans értékét: ha az activity+_SESSION_MAX_IDLE_TIME már elmúlt - akkor elutasít, - különben az aktivity értékét frissíti. - - a '_POLICY'-t a base.php-ben definiáljuk. - -*/ -function sessionHash($algo='ripemd160', $hashThis='') -{ - if ($hashThis=='') $hashThis = uniqid(rand(), true); - if (!in_array($algo,hash_algos())) $algo = 'sha1'; - $sessionID = substr( hash($algo, $hashThis), 0, 40 ); // 40: sha1, ripem160 - return $sessionID; -} - -if(!function_exists('hash_equals')) { // lásd még str - function hash_equals($str1, $str2) { - if(strlen($str1) != strlen($str2)) { - return false; - } else { - $res = $str1 ^ $str2; - $ret = 0; - for($i = strlen($res) - 1; $i >= 0; $i--) $ret |= ord($res[$i]); - return !$ret; - } - } -} - - -function sessionCookieEncode($sessionID,$now,$extra='') -{ - if ($extra=='') $extra = uniqid(rand(), true); - $extraHash=sessionHash('ripemd160',$extra); - $pwHash = sessionHash('ripemd160',uniqid(rand(), true)); - $value = base64_encode(strtotime($now).'g'.$extraHash.'g'.$pwHash); - return array('name'=>($sessionID), 'value'=>$value, 'store'=> $extraHash, 'pwHash'=>$pwHash); -} - -function sessionCookieDecode($sessionID) -{ - return explode('g',base64_decode($_COOKIE[($sessionID)])); -} - -function pseudoTokenGenerator() { - - if (function_exists('openssl_random_pseudo_bytes')) - $token = bin2hex(openssl_random_pseudo_bytes(32)); - else - $token = bin2hex(sessionHash()); - return $token; -} - -###################################################################### -# Azonosított user ellenőrzése a session tábla alapján -###################################################################### - -function validUser($sessionID,$policy,$skin='',$lang='') { - global $page; - if (_RUNLEVEL === 'cron') { - define('_USERPASSWORD','MaYoR-cron'); - define('_USERACCOUNT','MaYoR-cron'); - define('_USERCN','MaYoR-cron User'); - define('_STUDYID',''); - define('_LANG',$lang); - define('_SESSIONID','cron'); - return true; - } - -// if ($sessionID == '' || $MAYORAPIAUTH['valid']!==true) { - if ($sessionID == '') { - $MAYORAPIAUTH = mayorApiAuth(); // van-e hosszulejáratu session-je - if ($policy == _POLICY && $MAYORAPIAUTH['valid']!==true) { - define('_USERPASSWORD',''); - define('_USERACCOUNT',''); - define('_USERCN',''); - define('_STUDYID',''); - define('_LANG',$lang); - define('_SESSIONID',''); - } - return false; - } else { - - $lr = db_connect('login', array('fv' => 'validUser')); - - if ($lr === false) die('A keretrendeszer adatbázisa nem érhető el! (validUser)'); - // ha nem tudta beállítani a sütit, akkor az $_sc üres lesz így a dt feltétel 1970-01-01, ami nem gond. - list($_sessionDt,$_sessionCookie,$_sessionPwHash) = sessionCookieDecode($sessionID); - $query = "SELECT userAccount, userCn, studyId, aes_decrypt(userPassword, '%s'), skin, lang, activity, dt - FROM session WHERE sessionID='%s' AND policy='%s'"; // [SECURITY-002] quickfix from marton.drotos@sztaki.hu - - if (defined('_SESSION_MAX_IDLE_TIME') and _SESSION_MAX_IDLE_TIME != 0) $query .= " AND activity + INTERVAL "._SESSION_MAX_IDLE_TIME." HOUR > NOW()"; - - $query .= " AND dt='".date('Y-m-d H:i:s', (($_sessionDt=="")?null:$_sessionDt) )."'"; - $query .= " AND sessionCookie='%s'"; - - $ret = db_query($query, array('fv' => 'validUser', 'modul' => 'login', 'result' => 'indexed', 'values' => array($_sessionPwHash, $sessionID, $policy, $_sessionCookie)), $lr); - $num = count($ret); - $sessionMode = 1; - - // ha nincs találat, nézzük meg, van-e a kliensnek hosszú lejáratú tokenje, kivéve, ha ... - if ($num !== 1 && $page!='password') { - $MAYORAPIAUTH = mayorApiAuth(); - if ($MAYORAPIAUTH['valid'] === true) { - global $sessionMode; - $sessionMode = 2; - // reauth AS: - $toPolicy = $MAYORAPIAUTH['policy']; - $userAccount = $MAYORAPIAUTH['userAccount']; - $userCn = $MAYORAPIAUTH['userCn']; - $studyId = $MAYORAPIAUTH['studyId']; - $userPassword = ''; - $lang = _DEFAULT_LANG; - } else { - unsetTokenCookies(); - } - } // --token vizsgálat vége - - if ($num == 1) { - - if ($sessionMode == 1) list($userAccount, $userCn, $studyId, $userPassword, $savedSkin, $lang, $activity, $dt) = array_values($ret[0]); - global $SKINS; - if (_USER_AGENT!=='ppc' && @in_array($savedSkin,$SKINS) ) $skin=$savedSkin; - if ($policy == _POLICY) { - define('_USERACCOUNT',$userAccount); - define('_USERCN',$userCn); - define('_STUDYID',$studyId); - define('_USERPASSWORD',$userPassword); -// define('_SKIN',$skin); - define('_LANG',$lang); - define('_SESSIONID',$sessionID); - } - - // Aktivitás figyelése! // hopp, nem biztos, hogy van session! - $query = "UPDATE session SET activity = NOW() WHERE sessionID = '%s'"; - db_query($query, array('fv' => 'validUser', 'modul' => 'login', 'values' => array($sessionID)), $lr); - db_close($lr); - return true; - - } else { - - if ($policy == _POLICY) { - define('_USERPASSWORD',''); - define('_USERACCOUNT',''); - define('_USERCN',''); - define('_STUDYID',''); -// define('_SKIN',$skin); - define('_LANG',$lang); - define('_SESSIONID',''); - } - db_close($lr); - if ($num > 1) $_SESSION['alert'][] = 'message:multi_session'; - if ($_sessionDt==="") define('_NOCOOKIE',true); // beállítjuk, hogy üzenni tudjunk - - return false; - - } - - } - -} - -//=================================================================================================================================== -// ------------------------------------------ -// debug üzenetek tárolása - a $_DEBUG változóba kerül midnen -// ------------------------------------------ - if (_RUNLEVEL!=='cron') ob_start(); - -// ------------------------------------------ -// a $page, $sub és $f csak a-z betűvel kezdődhet, utána pedig csak (a-z, /_-). $page és $f nem lehet üres -// ------------------------------------------ - - if ( - (preg_match('#^([a-z]|[A-Z])([0-9]|[a-z]|[A-Z]|/|_|-)*$#', $page) == false) OR - ($sub != '' AND preg_match('#^([a-z]|[A-Z])([0-9]|[a-z]|[A-Z]|/|_|-)*$#', $sub) == false) OR - (preg_match('#^([0-9]|[a-z]|[A-Z]|_|-)*$#', $f) == false) - ) { - $_SESSION['alert'][] = 'page:wrong_page:'; - $RIGHTS_OK = false; - } else { - $RIGHTS_OK = true; - } - -// ------------------------------------------ -// Security Check: $policy szerinti ellenőrzés -// ------------------------------------------ - - // A validUser (session.php) beállítja az alapvető session konstansokat is - if ( !validUser($sessionID,$policy,$skin,$lang) ) { - if ($AUTH[$policy]['authentication'] == 'required') { - if (defined('_NOCOOKIE')) $_SESSION['alert'][] = 'message:cookie';//$extendAlert='alert[]=message:cookie&'; - $_SESSION['alert'][]='message:auth_failure:'._CONTROL_FLAG_REQUIRED; - header('Location: index.php?policy=public&page=auth&f=login&toPolicy='.$policy."&toPSF=$page:$sub:$f&sessionID=$sessionID"); - die(); - } else { - // Hibás, vagy nem létező sessionID esetének kezelése - ha nem kötelező a sessionID --> nem csinálunk semmit (lehet egy másik policy-ben valid - } - - } - if (file_exists('include/share/session/base.php')) { - // A session kezeléshez szükséges backend függő függvények pl. memberOf - require('include/share/session/base.php'); - - } - // Remote Protocol Call (MaYoR) - if ($skin=='rpc') { - define('_RPC',true); - require_once('include/share/ssl/ssl.php'); - try - { - $_RPC['senderNodeId'] = $senderNodeId = readVariable($_POST['senderNodeId'],'strictstring',0); - $RPC = new Interconnect(); - $RPC->setRequestTarget('controller'); // A remoteHost lekérdezéshez kellhet - $RPC->setRemoteHostByNodeId($_RPC['senderNodeId']); - $RPC->processRequest(); // vélhetően van request - $_RPC['request'] = $RPC->getIncomingRequest(); - } - catch (Exception $e) - { - //$func=''; - //$DATA = array('error'=>$e->getMessage()); - } - } else { define('_RPC',false); } - // Interconnect end - - define('_RIGHTS_OK',$RIGHTS_OK); - - /* XSRF2 */ - define('__SALTNAME','MS_'.sha1($page.'_'.$sub.'_'.$f)); - define('__SALTVALUE',sessionHash()); - // mtoken - if (empty($_SESSION['mayorToken'])) { - $_SESSION['mayorToken'] = pseudoTokenGenerator(); - } - if (count($_POST)>0) { - if (!empty($_POST['mayorToken'])) { - if (hash_equals($_SESSION['mayorToken'], $_POST['mayorToken'])) { - // OK, token regenerálás + visszakuldjuk az ETAG-ben - $_SESSION['mayorToken'] = pseudoTokenGenerator(); - } else { - if ($_POST['action']!='') { /* Ha nincs action formváltozó, nincs szükség hibaüzenetre, a form nem módosít, de most... */ - $_SESSION['alert'][] = 'message:not_valid_form:pnu2'; - $_JSON['result'] = false; - } - unset($_POST['action']); - unset($action); - } - } else { // klasszikus ellenőrzés, fallback - echo 'FATAL ERROR 696'; - die(); - /* - // $_JSON['result'] = false; // ITT gátolhatjuk a működést - if ($_COOKIE[__SALTNAME]=='') { // a session átállásig - ez semmitől nem véd, adott nevű sütit generálni bárki tud - $_SESSION['alert'][] = 'message:not_valid_form:no cookie'.$_SESSION[__SALTNAME]; - $_JSON['result'] = false; - unset($_POST['action']); - unset($action); - } elseif (!is_null($_COOKIE[__SALTNAME]) && ($_COOKIE[__SALTNAME] == $_POST[__SALTNAME])) { - // rendben - } else { - if ($_POST['action']!='') { // Ha nincs action formváltozó, nincs szükség hibaüzenetre, a form nem módosít - $_SESSION['alert'][] = 'message:not_valid_form'; - $_JSON['result'] = false; - } - unset($_POST['action']); - unset($action); - } - */ - } // END DEPRECATED BLOCK - } - // eredeti post kezelés + ETAG prevent cache - if (($_SERVER['HTTPS']!=='on') || (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER']!='' && substr($_SERVER['HTTP_REFERER'],4,1)!=='s')) $_ssl = false; else $_ssl=true; - -//4400 if (@setcookie('xxxDEPRECATEDxxx_'.__SALTNAME,__SALTVALUE,time()+60*60*_SESSION_MAX_IDLE_TIME,'/','',$_ssl, true) == false) { -//4400 $_SESSION['alert'][] = 'message:no_cookie:unabletoset'; -//4400 } - - - /* /XSRF2 previous revision: r4138 */ - - // betöltjük az össes config-ot... (lásd még widgets) - try { - $_dirlist = scandir(_CONFIGDIR); - for ($i=0; $i<count($_dirlist); $i++) { - $_dir = $_dirlist[$i]; - if (is_dir(_CONFIGDIR.'/'.$_dir) && substr($_dir,0,7)=='module-') { - $_configFile = _CONFIGDIR . "/".$_dir.'/config.php'; - list($_rest,$_module) = explode('-',$_dir); - if (in_array($_module,$VALID_MODULES)) { - $_loadModule[] = $_module; - if (file_exists($_configFile)) { - require_once($_configFile); - } - } - } - } - } catch (Exception $e) { - $_SESSION['alert'][] = 'info:config hiba:'.$e->getMessage(); - } - // ha betöltenénk az ÖSSZES modul include-jait, akkor be kéne mindent tölteni kb. ugyhogy ezt hagyjuk - if ($dh_all = @opendir("include/widgets/")) { - $includes = array(); - while (($_file = readdir($dh_all)) !== false) { - if (substr($_file,-4) == '.php') $includes[] = $_file; - } - closedir($dh_all); - sort($includes); - for ($i = 0; $i < count($includes); $i++) { - require_once("include/widgets/".$includes[$i]); - } - } - unset($file); - /* ---- */ - if (!in_array($page,$_loadModule)) $_loadModule[] = $page; - for ($i=0; $i<count($_loadModule); $i++) { - $_module = $_loadModule[$i]; - if (in_array($_module,$VALID_MODULES)) { - if ($dh = @opendir("include/modules/$_module/base")) { - $includes = array(); - while (($file = readdir($dh)) !== false) { - if (substr($file,-4) == '.php') $includes[] = $file; - } - closedir($dh); - sort($includes); - for ($j = 0; $j < count($includes); $j++) { - require_once("include/modules/$_module/base/".$includes[$j]); - } - } - } - } - unset($file); - /* ---- */ - - - $skinFile = _CONFIGDIR."/skin-$skin/$page-config.php"; - if ($sub == '') { - $includeFile = "include/modules/$page/$f.php"; - $preFile = "policy/$policy/$page/$f-pre.php"; - $pageFile = "policy/$policy/$page/$f.php"; - $staticFile = "static/$lang/$page/$f.html"; - } else { - $includeFile = "include/modules/$page/$sub/$f.php"; - $preFile = "policy/$policy/$page/$sub/$f-pre.php"; - $pageFile = "policy/$policy/$page/$sub/$f.php"; - $staticFile = "static/$lang/$page/$sub/$f.html"; - } - if (!file_exists($preFile) && !file_exists($pageFile) && !file_exists($staticFile)) - $_SESSION['alert'][] = 'page:page_missing:'.$page.'-'.$sub.'-'.$f; - /* DEFAULTS zcheck() */ - if (defined('_ENABLE_IFRAME_EMBEDING')) - define('_ENABLE_IFRAME_EMBEDDING',_ENABLE_IFRAME_EMBEDING); - elseif (!defined('_ENABLE_IFRAME_EMBEDDING')) - define('_ENABLE_IFRAME_EMBEDDING',false); - - if (!defined('__MAX_MENU')) define('__MAX_MENU',7); - - if (!defined('__SUPPORT_EMAIL_ADDRESS')) { - if (!defined('__EMAIL_ENABLED')) define('__EMAIL_ENABLED',false); - } elseif (!defined('__SUPPORT_EMAIL_NAME')) { - define('__SUPPORT_EMAIL_NAME',_SITE.' support'); - if (!defined('__EMAIL_ENABLED')) define('__EMAIL_ENABLED',true); - } else { - if (!defined('__EMAIL_ENABLED')) define('__EMAIL_ENABLED',true); - } - // --------- - //Breadcrumb - if (count($_SESSION['breadcrumb'])>10) array_shift($_SESSION['breadcrumb']); - $_SESSION['breadcrumb'][] = array('page'=>"$page",'sub'=>"$sub",'f'=>"$f"); - // --------- - if (file_exists($includeFile)) require($includeFile); - if (file_exists($skinFile)) require($skinFile); - if (file_exists($preFile)) include($preFile); - -// --------------------------------------- -// debug üzenetek tárolásának vége -// --------------------------------------- - $_DEBUG = ob_get_contents(); - ob_end_clean(); - - -?>
\ No newline at end of file diff --git a/mayor-orig/www/include/base/str.php b/mayor-orig/www/include/base/str.php deleted file mode 100644 index 5c5a7c07..00000000 --- a/mayor-orig/www/include/base/str.php +++ /dev/null @@ -1,230 +0,0 @@ -<?php -/* - Module: base - - function kisbetus($str) - function nagybetus($str) - function ekezettelen($str) - function utf8_to_iso88592($str) - function iso88592_to_utf8($str) - function str_cmp($a,$b) -*/ - -mb_internal_encoding("UTF-8"); - -// ------------------------------------------------------------------- -// Kisbetűssé konvertálás (a magyar ékezetes karaktereket is) -// ------------------------------------------------------------------- - -function kisbetus($str) { - $str = strtolower(mb_convert_encoding($str, 'ISO-8859-2', 'UTF-8')); - $str = strtr($str, "", ""); - $str = mb_convert_encoding($str, 'UTF-8', 'ISO-8859-2'); - return $str; -} - -// ------------------------------------------------------------------- -// Nagybetűssé konvertálás (a magyar ékezetes karaktereket is) -// ------------------------------------------------------------------- - -function nagybetus($str) { - $str = strtoupper(mb_convert_encoding($str, 'ISO-8859-2', 'UTF-8')); - $str = strtr($str, "", ""); - $str = mb_convert_encoding($str, 'UTF-8', 'ISO-8859-2'); - return $str; -} - -// ------------------------------------------------------------------- -// Ékezettelenné konvertálás (UTF-8 --> Lat2 --> ékezettelen) -// ------------------------------------------------------------------- - -function ekezettelen($str) { - return strtr(mb_convert_encoding($str, 'ISO-8859-2', 'UTF-8'), '', 'aaeiooouuuAAEIOOOUUU'); -} - -/* -// --------------------------------------------------------------------------- -// -// UTF8 <--> ISO88592 váltás -// -// --------------------------------------------------------------------------- - -function UTF8_to_ISO88592($str) { - - return mb_convert_encoding($str,'ISO-8859-2','UTF-8'); - -} - -function ISO88592_to_UTF8($str) { - - return mb_convert_encoding($str,'UTF-8','ISO-8859-2'); - -} -*/ - -// --------------------------------------------------------------------------- -// -// Két string összehasonlítása a magyar ABC szerint ($a < $b => -1) -// -// --------------------------------------------------------------------------- - -function str_cmp($a,$b) { - - $ABC = Array('a'=>1, - ''=>1, - ''=>1, - 'b'=>3, - 'c'=>4, - 'd'=>5, - 'e'=>6, - ''=>7, - 'f'=>8, - 'g'=>9, - 'h'=>10, - 'i'=>11, - ''=>12, - 'j'=>13, - 'k'=>14, - 'l'=>15, - 'm'=>16, - 'n'=>17, - 'o'=>18, - ''=>18, - ''=>20, - ''=>20, - 'p'=>22, - 'q'=>23, - 'q'=>24, - 'r'=>25, - 's'=>26, - 't'=>27, - 'u'=>28, - ''=>28, - ''=>30, - ''=>30, - 'v'=>32, - 'x'=>33, - 'w'=>34, - 'y'=>35, - 'z'=>36 - ); - - $a = kisbetus(mb_convert_encoding($a,'ISO-8859-2','UTF-8')); - $b = kisbetus(mb_convert_encoding($b,'ISO-8859-2','UTF-8')); - - if ($a==$b) return 0; - - $i=0; - while( $i<strlen($a) && $i<strlen($b) && $a[$i]==$b[$i]) { - $i++; - } - - if ($i==strlen($a) && $i<strlen($b)) { - return 1; - } elseif ($i==strlen($b) && $i<strlen($a)) { - return -1; - } elseif ($ABC[$a[$i]] < $ABC[$b[$i]]) { - return -1; - } else { - return 1; - } -} - - function decimal_to_roman($number) { - $roman = ''; - while ($number >= 1000) { $roman .= "M"; $number = $number -1000; } - while ($number >= 900) { $roman .= "CM"; $number = $number -900; } - while ($number >= 500) { $roman .= "D"; $number = $number -500; } - while ($number >= 400) { $roman .= "CD"; $number = $number -400; } - while ($number >= 100) { $roman .= "C"; $number = $number -100; } - while ($number >= 90) { $roman .= "XC"; $number = $number -90; } - while ($number >= 50) { $roman .= "L"; $number = $number -50; } - while ($number >= 40) { $roman .= "XL"; $number = $number -40; } - while ($number >= 10) { $roman .= "X"; $number = $number -10; } - while ($number >= 9) { $roman .= "IX"; $number = $number -9; } - while ($number >= 5) { $roman .= "V"; $number = $number -5; } - while ($number >= 4) { $roman .= "IV"; $number = $number -4; } - while ($number >= 1) { $roman .= "I"; $number = $number -1; } - return $roman; - } - - function visszafele($e) {$b='';for($i=0; $i<mb_strlen($e,'utf-8'); $i++) $b = mb_substr($e,$i,1).$b; return $b;} - - function mayor_array_join ($a='') { - $ARGS = func_get_args(); - $x = array(); - for ($i=0;$i<count($ARGS);$i++) { - $a = $ARGS[$i]; - if (is_array($a)) foreach($a as $v) $x[] = $v; elseif ($a!='') $x[] = $a; - } - return $x; - } - - if(!function_exists('hash_equals')) { - function hash_equals($str1, $str2) { - if(strlen($str1) != strlen($str2)) { - return false; - } else { - $res = $str1 ^ $str2; - $ret = 0; - for($i = strlen($res) - 1; $i >= 0; $i--) $ret |= ord($res[$i]); - return !$ret; - } - } - } - - if ( !function_exists( 'hex2bin' ) ) { - function hex2bin( $str ) { - $sbin = ""; - $len = strlen( $str ); - for ( $i = 0; $i < $len; $i += 2 ) { - $sbin .= pack( "H*", substr( $str, $i, 2 ) ); - } - return $sbin; - } - } - - function makeLinksClickable($text){ - $pattern[] = '/(\S+@\S+\.\S+)/'; - $replace[] = '<a href="mailto:$1">$1</a>'; - $pattern[] = '!(((f|ht)tp(s)?://)[-a-zA-Zа-яА-Я()0-9@:%_+.~#?&;//=]+)!i'; -// $replace[] = '<a href="$1" target="_blank">$1</a> <a href="$1" target="_blank"><span class="icon-circle-arrow-right"></span></a>'; - $replace[] = '<a href="$1" target="_blank">[LINK]</a>'; - return preg_replace($pattern, $replace, $text); - } - function supertext($txt) { - $r = $txt; - $r = htmlspecialchars($r); - $pattern[]='/@diakId:(\d+)/'; - $pattern[]='/@tanarId:(\d+)/'; - $pattern[]='/@tankorId:(\d+)/'; - //$pattern[]='/@osztalyId:(\d+)/'; - $replacement[]='<b><span class="diakNev icon-child" data-diakid="${1}"></span></b>'; - $replacement[]='<b><span class="tanarNev icon-adult" data-tanarid="${1}"></span></b>'; - $replacement[]='<b><span class="tankorAdat" data-tankorid="${1}">[tankör adatok]</span></b>'; - //$replacement[]='<b><span class="osztalyAdat" data-osztalyid="${1}">[osztály adatok]</span></b>'; - $r = preg_replace($pattern,$replacement,$r); - return $r; - } - - - require_once('include/share/date/names.php'); - function superdate($datetime) { - global $aHetNapjai; - $stamp = strtotime($datetime); - $date = date('Y-m-d',$stamp); - $dow = date('N',$stamp); - $Hi = date('H:i',$stamp); - if ($Hi == '00:00') $Hi = ''; - if ($stamp<=strtotime('-6 day')) { - return date('Y.m.d.', $stamp).' '.$Hi; - } elseif ($date==date('Y-m-d')) { - return 'Ma '.$Hi; - } elseif ($dow>date('N')) { - return 'Múlt hét '.kisbetus($aHetNapjai[$dow-1]).' '.$Hi; - } else { - return $aHetNapjai[$dow-1].' '.$Hi; - } - } - -?> diff --git a/mayor-orig/www/include/base/var.php b/mayor-orig/www/include/base/var.php deleted file mode 100644 index 3068fbc6..00000000 --- a/mayor-orig/www/include/base/var.php +++ /dev/null @@ -1,134 +0,0 @@ -<?php - /* - Példa: - $szuletesiEv = readVariable($_POST['sze'], 'numeric unsigned', null, array(), '1900<$return && $return<2100'); - */ - function readVariable( $IN, $type = '', $default = null, $allowOnly = array(), $condition = null ) { - - if (is_array($IN)) { - $return = array(); - for ($i = 0; $i < count($IN); $i++) { - $_var = readVariable($IN[$i], $type, $default, $allowOnly, $condition); - if (isset($_var)) $return[] = $_var; - } - } else { - switch ($type) { - case 'numeric': - $return = (isset($IN) && is_numeric($IN)) ? intval($IN) : $default; - break; - case 'id': - case 'numeric unsigned': - $return = (isset($IN) && is_numeric($IN) && $IN >= 0) ? intval($IN) : $default; - break; - case 'float': - $return = (isset($IN) && is_numeric($IN)) ? floatval($IN) : $default; - break; - case 'float unsigned': - $return = (isset($IN) && is_numeric($IN) && $IN >= 0) ? floatval($IN) : $default; - break; - case 'datetime': - $return = (isset($IN) && $IN != '' && strtotime($IN) !== false && strtotime($IN) > 0) ? $IN : $default; - break; - case 'date': - $return = (isset($IN) && $IN != '' && strtotime($IN) !== false && strtotime($IN) > 0) ? date('Y-m-d',strtotime($IN)) : $default; - break; - case 'enum': - case 'emptystringnull': - case 'string': - if(get_magic_quotes_gpc()) $IN = stripslashes($IN); // -- DEPRECATED (mindig false) - $return = (isset($IN) && $IN != '') ? $IN : $default; - break; - case 'notempty': - $return = (isset($IN) && $IN != '') ? true : false; - break; - case 'bool': - // Ha nincs beállítva, akkor mindenképp true lenne így: - // $return = (isset($IN) && ($IN === 'false' || !$IN)) ? false : true; - $return = (isset($IN)) ? (($IN === 'false' || !$IN)? false : true) : $default; - break; - case 'strictstring': - $return = (isset($IN)) ? preg_replace("/[^a-zA-Z0-9_\-]/i",'',$IN) : $default; - break; - case 'html': - $return = (isset($IN)) ? preg_replace("/[^a-zA-Z0-9\ \.\,?_|:;űáéúőóüöíŰÁÉÚŐÓÜÖÍ\-]/i",'',$IN) : $default; - break; - case 'hexa': - $return = preg_replace("/[^0-9a-fA-F]/i",'',$IN); - break; - case 'number': - $return = preg_replace("/[^0-9]/",'',$IN); - break; - case 'sql': - $return = db_escape_string($IN); - if ($return === false) $return = $default; - break; - case 'path': - $return = ( preg_match('#^([a-z]|[A-Z]|[0-9])([0-9]|[a-z]|[A-Z]|/|_|-)*$#', $IN ) != false ) ? $IN : $default; - break; - case 'regexp': - $return = ( preg_match( "#$allowOnly[0]#", $IN ) == 1 ) ? $IN : $default; - break; - case 'regreplace': - $return = preg_replace( '#'.$allowOnly[0].'#i', '', $IN ); - break; - case 'mail': - case 'email': - $return = filter_var($IN, FILTER_VALIDATE_EMAIL); - break; - case 'userAccount': - $return = (preg_match("#([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$#", $IN) != false) ? $IN : $default; - break; - default: - $return = $IN; - $_SESSION['alert'][] = 'message:unknown_type:'.$type.':readVariable'; - break; - } - if ($return !== $default && !in_array($type,array('regexp','regreplace')) && count($allowOnly) > 0) $return = (in_array($return, $allowOnly)) ? $return : $default; - if (isset($condition) && $return != $default) $return = (eval("return $condition;")) ? $return : $default; - } - - return $return; - } - - function in_date_interval($dt,$tolDt,$igDt) { - $accept = false; - if ($dt == date('Y-m-d', strtotime($tolDt))) // ha a kezdőnapra esik - $accept = true; - if ($dt == date('Y-m-d', strtotime($igDt))) // ha a végnapra esik - $accept = true; - return ( - $accept - || ( - (is_null($tolDt) || strtotime($tolDt)<=strtotime($dt)) - && (is_null($igDt) || strtotime($dt)<=strtotime($igDt)) - ) - ); - } - - // FIGYELEM! Csak megbízható belső kódban használjuk - function reindex($THIS, $HOW) { - // ha nincs megadva, hogy hogy, adjuk vissza az eredeti tömböt - if (!is_array($HOW) || count($HOW)==0) return $THIS; - - $RET = array(); - for ($i=0; $i<count($THIS); $i++) { - $val = '$RET'; - foreach ( $HOW as $key ) { - $val .= '[$THIS[$i]["'.$key.'"]]'; - } - $val .='[]=$THIS[$i];'; - $fail = @eval($val); // not used - } - return $RET; - } - - function dump() { - - $ARGS=func_get_args(); - echo '<pre>'; - call_user_func_array('var_dump', $ARGS); - echo '<hr /></pre>'; - - } - -?> |