aboutsummaryrefslogtreecommitdiffstats
path: root/mayor-orig/www/policy/public
diff options
context:
space:
mode:
authorM.Gergo2018-07-06 11:14:41 +0200
committerM.Gergo2018-07-06 11:14:41 +0200
commit43de9af71f7f4ca5731b94a06d688ae8412ba427 (patch)
tree54835de1dfcda504c02da261f0dc26885aed2e89 /mayor-orig/www/policy/public
parent50310b0e4513ee3fcce67351ae61e8fff851130e (diff)
downloadmayor-43de9af71f7f4ca5731b94a06d688ae8412ba427.tar.gz
mayor-43de9af71f7f4ca5731b94a06d688ae8412ba427.zip
2018/Feb/28 -i állapot hozzáadva, mint a módosítások kiindulási állapota
Diffstat (limited to 'mayor-orig/www/policy/public')
-rw-r--r--mayor-orig/www/policy/public/auth/forgotten-pre.php92
-rw-r--r--mayor-orig/www/policy/public/auth/forgotten.php16
-rw-r--r--mayor-orig/www/policy/public/auth/login-pre.php86
-rw-r--r--mayor-orig/www/policy/public/auth/login.php17
-rw-r--r--mayor-orig/www/policy/public/naplo/rpc/rpc-pre.php48
-rw-r--r--mayor-orig/www/policy/public/naplo/rpc/rpc.php7
-rw-r--r--mayor-orig/www/policy/public/password/changeMyPassword-pre.php69
-rw-r--r--mayor-orig/www/policy/public/password/changeMyPassword.php9
-rw-r--r--mayor-orig/www/policy/public/password/resetPassword-pre.php68
-rw-r--r--mayor-orig/www/policy/public/password/resetPassword.php9
-rw-r--r--mayor-orig/www/policy/public/portal/rpc/rpc-pre.php104
-rw-r--r--mayor-orig/www/policy/public/portal/start.php0
-rw-r--r--mayor-orig/www/policy/public/rpc/naplo/rpc-pre.php70
-rw-r--r--mayor-orig/www/policy/public/rpc/rpc-pre.php43
-rw-r--r--mayor-orig/www/policy/public/session/logout-pre.php28
-rw-r--r--mayor-orig/www/policy/public/session/set-pre.php10
16 files changed, 676 insertions, 0 deletions
diff --git a/mayor-orig/www/policy/public/auth/forgotten-pre.php b/mayor-orig/www/policy/public/auth/forgotten-pre.php
new file mode 100644
index 00000000..76ffaebb
--- /dev/null
+++ b/mayor-orig/www/policy/public/auth/forgotten-pre.php
@@ -0,0 +1,92 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ require_once('include/share/net/phpmailer.php');
+
+ $ADAT['userAccount'] = readVariable($_POST['userAccount'], 'string', readVariable($_GET['userAccount'], 'string', null));
+ $ADAT['toPolicy'] = readVariable($_POST['toPolicy'], 'enum', readVariable($_GET['toPolicy'], 'enum', 'parent', array('parent','private')), array('parent','private'));
+ $ADAT['mail'] = readVariable($_POST['mail'], 'string', null);
+
+ if ($AUTH[$ADAT['toPolicy']]['enablePasswordReset']!==true) {
+ //$_SESSION['alert'][] = 'info:pw_reset_disabled';
+ $ADAT['forgotDisabled'] = true;
+ }
+
+/* Under dev
+ foreach(array('private','parent','public') as $_policy) {
+ if ($ADAT['toPolicy']==$_policy && $AUTH[$_policy]['enablePasswordReset']!==true) $ADAT['forgotDisabled'] = true;
+ }
+*/
+ if ($action == 'sendResetPasswordMail') {
+
+ // TODO - ez a kettő összevonható, kukac tuti nincs a felhasználónévben
+ // TODO - megviszgálhatnánk, hogy milyen authentikációs levelen van a user
+ // TODO - mármint, ahol megváltoztatható egyáltalán a jelszó...
+ require_once('include/modules/session/search/searchAccount.php');
+ if (isset($ADAT['userAccount'])) {
+ $ADAT['accounts'] = searchAccount('userAccount', $ADAT['userAccount'], $searchAttrs = array('userCn','mail','userAccount'), $ADAT['toPolicy']);
+ for ($i=0; $i<$ADAT['accounts']['count']; $i++) {
+ if ($ADAT['userAccount'] == $ADAT['accounts'][$i]['userAccount'][0] && $ADAT['accounts'][$i]['mail'][0] != '') {
+ $ADAT['account'] = array(
+ 'policy' => $ADAT['toPolicy'],
+ 'userAccount' => $ADAT['accounts'][$i]['userAccount'][0],
+ 'userCn' => $ADAT['accounts'][$i]['userCn'][0],
+ 'mail' => current(explode(' ',str_replace(';',' ',trim($ADAT['accounts'][$i]['mail'][0])))),
+ );
+ break;
+ }
+ }
+ } elseif (isset($ADAT['mail'])) {
+ $ADAT['accounts'] = searchAccount('mail', $ADAT['mail'], $searchAttrs = array('userCn','mail','userAccount'), $ADAT['toPolicy']);
+ for ($i=0; $i<$ADAT['accounts']['count']; $i++) {
+ if ($ADAT['mail'] == $ADAT['accounts'][$i]['mail'][0] && $ADAT['accounts'][$i]['mail'][0] != '') {
+ $ADAT['account'] = array(
+ 'policy' => $ADAT['toPolicy'],
+ 'userAccount' => $ADAT['accounts'][$i]['userAccount'][0],
+ 'userCn' => $ADAT['accounts'][$i]['userCn'][0],
+ 'mail' => current(explode(' ',str_replace(';',' ',trim($ADAT['accounts'][$i]['mail'][0])))),
+ );
+ break;
+ }
+ }
+ }
+
+ // Recovery
+ if (is_array($ADAT['account'])) {
+ $recoveryRequest = generatePasswordRecoveryRequest($ADAT['account']);
+ if ($recoveryRequest!=false) {
+ $ADAT['account']['url'] = $recoveryRequest;
+ // levél generálása és kiküldése
+ $body = '<html><head><title></title></head><body>
+<p>Az alábbi linkre kattintva magadhatod az új MaYoR-jelszavadat.</p>
+<p>Ha nem te küldted az igénylést, tekintsd a levelet tárgytalannak!</p>
+<p class="link">'.$recoveryRequest.'</p>
+<p>'.__SUPPORT_EMAIL_NAME.' ('.__SUPPORT_EMAIL_ADDRESS.')</p>
+</body></html>';
+ /* MAIL */
+ if (__EMAIL_ENABLED===true) {
+ $mail = new PHPMailer();
+ $mail->CharSet = 'UTF-8';
+ $mail->SetFrom(__SUPPORT_EMAIL_ADDRESS,__SUPPORT_EMAIL_NAME);
+ $mail->AddAddress($ADAT['account']['mail'], $ADAT['account']['userCn']);
+ $mail->Subject = "[MaYoR] Jelszóemlékeztető";
+ $mail->MsgHTML($body);
+ $mail->Send();
+ } else {
+ //dump(__EMAIL_ENABLED);
+ //dump(__SUPPORT_EMAIL_ADDRESS);
+ //dump(__SUPPORT_EMAIL_NAME);
+ }
+ /* -- */
+// $_SESSION['alert'][] = 'info:success';
+ } else {
+// $_SESSION['alert'][] = 'info:success'; // nem üzenünk hibát
+ }
+ } else {
+// $_SESSION['alert'][] = 'message:wrong_data:Nincs ilyen azonosító, vagy nincs rögzítve e-mail cím az azonosítóhoz! ('.$ADAT['userAccount'].')';
+ }
+
+ }
+
+?> \ No newline at end of file
diff --git a/mayor-orig/www/policy/public/auth/forgotten.php b/mayor-orig/www/policy/public/auth/forgotten.php
new file mode 100644
index 00000000..bd751c83
--- /dev/null
+++ b/mayor-orig/www/policy/public/auth/forgotten.php
@@ -0,0 +1,16 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $ADAT,$action;
+
+ if ($ADAT['forgotDisabled']===true)
+ putForgotDisabled();
+ elseif (!is_array($ADAT['account']) && $action=='') {
+ putForgotPasswordForm($ADAT);
+ putForgotUserAccountForm($ADAT);
+ } else {
+ putForgotThankyou();
+ }
+ putBackToLogin($ADAT);
+?> \ No newline at end of file
diff --git a/mayor-orig/www/policy/public/auth/login-pre.php b/mayor-orig/www/policy/public/auth/login-pre.php
new file mode 100644
index 00000000..c524751f
--- /dev/null
+++ b/mayor-orig/www/policy/public/auth/login-pre.php
@@ -0,0 +1,86 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ if (defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) { // kompatibilitási okokból
+ $toPolicy = readVariable($_REQUEST['toPolicy'], 'enum', 'private', $POLICIES);
+ } else {
+ $toPolicy = 'private'; // force
+ }
+ $toSkin = readVariable($_POST['toSkin'], 'enum', readVariable($_GET['toSkin'], 'enum', null, $SKINSSHOW), $SKINSSHOW);
+ @list($toPage,$toSub,$toF) = readVariable(explode(':',$_REQUEST['toPSF']), 'strictstring');
+ $toPSF = "$toPage:$toSub:$toF";
+
+// Ha már az adott sessionID-vel belépett az adott policy-ra, akkor ne lépjen be újra
+// if ($sessionID != '' and validUser($sessionID, $toPolicy)) {
+// header('Location: '.location("index.php?policy=$toPolicy&page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID", array('alert')));
+// die();
+// }
+
+ if ($toPolicy=='private' && isset($_SESSION['portalLoggedUsername']) && defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) {
+ $action='autologin';
+ //A SuliX-osok kérésére ezt sajnos kihagyjuk :( session_regenerate_id(true);
+ }
+
+ // Az elküldött név+jelszó ellenőrzése
+ if ($action == 'login' || $action=='autologin') {
+
+ // A toPolicy hibaüzenetei
+ if (file_exists('include/alert/'.$lang.'/'.$AUTH[$toPolicy]['backend'].'.php')) {
+ require('include/alert/'.$lang.'/'.$AUTH[$toPolicy]['backend'].'.php');
+ } elseif (file_exists('include/alert/'._DEFAULT_LANG.'/'.$AUTH[$toPolicy]['backend'].'.php')) {
+ require('include/alert/'._DEFAULT_LANG.'/'.$AUTH[$toPolicy]['backend'].'.php');
+ }
+ // Autentikáció - alapok
+ if (file_exists('include/share/auth/base.php')) {
+ require('include/share/auth/base.php');
+ }
+ // Autentikáció - toPolicy
+ if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php')) {
+ require('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php');
+ }
+
+ // lejart session-ok torlese
+ require('include/share/session/close.php');
+ closeOldAndIdleSessions();
+
+ if ($action=='autologin' && defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) {
+ $userPassword = readVariable($_SESSION['portalLoggedPassword'], 'string');
+ //$userAccount = readVariable($_SESSION['portalLoggedUsername'], 'regexp', null, array("^([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$"));
+ $userAccount = readVariable($_SESSION['portalLoggedUsername'], 'userAccount', null);
+ } else {
+ $userPassword = readVariable($_POST['userPassword'], 'string');
+ //$userAccount = readVariable($_POST['userAccount'], 'regexp', null, array("^([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$"));
+ $userAccount = readVariable($_SESSION['portalLoggedUsername'], 'userAccount', null);
+ }
+
+ if (defined('_BOLONDOS') && _BOLONDOS===true) $userAccount = visszafele($userAccount);
+
+ $accountInformation = array('account' => $userAccount, 'password' => $userPassword, 'policy' => $toPolicy, 'skin'=>$toSkin);
+ if ($sessionID != '') $accountInformation['sessionID'] = $sessionID;
+
+ if ($userAccount != '' and $userPassword != '') {
+
+ $result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy); // ??? toPolicy benne van az AccountInformation-ben!!! Ldap backend only?
+ logLogin($toPolicy, $userAccount, $result);
+ if ($result === _AUTH_SUCCESS) {
+ $sessionID = newSession($accountInformation, $toPolicy);
+ if ($toSkin == '') $toSkin = $skin;
+ header('Location: '.location("index.php?page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID&policy=$toPolicy&lang=$lang&skin=$toSkin", array('alertOLD')));
+ } elseif ($result === _AUTH_EXPIRED) {
+ $_SESSION['alert'][] = 'message:force_pw_update';
+ header('Location: '.location("index.php?policy=public&page=password&f=changeMyPassword&userAccount=".$userAccount."&toPolicy=$toPolicy&skin=$toSkin", array('alertOLD')));
+ } elseif ($result >= _AUTH_FAILURE) {
+ // sikertelen azonosítás - a hibaüzenetet a függvény generálja
+ //$NOF = @getFailedLoginCount($toPolicy,$userAccount);
+ //if ($NOF>1) sleep(min($NOF,10,rand(1,10))); // harden brute force attempts
+ } else {
+ // Ilyen csak hibás függvényműködés esetén lehet:
+ $_SESSION['alert'][] = "message:default:hibás visszatérési érték:userAuthentication:($result)";
+ }
+ } else {
+ $_SESSION['alert'][] = 'message:empty_field';
+ }
+ }
+
+?>
diff --git a/mayor-orig/www/policy/public/auth/login.php b/mayor-orig/www/policy/public/auth/login.php
new file mode 100644
index 00000000..c86bf24b
--- /dev/null
+++ b/mayor-orig/www/policy/public/auth/login.php
@@ -0,0 +1,17 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $userAccount, $userPassword, $toPolicy, $toPSF, $toSkin, $salt;
+ global $ADAT;
+
+ if (defined('_USERACCOUNT') && (!is_string(_USERACCOUNT) || _USERACCOUNT=='') )
+ putLoginForm($userAccount, $toPolicy, $toPSF, $toSkin, $salt);
+ else
+ putAlreadyLoggedIn();
+
+ if ($_SESSION['authStatus'] == _AUTH_FAILURE) {
+ putElfelejtettJelszoForm($ADAT);
+ }
+
+?>
diff --git a/mayor-orig/www/policy/public/naplo/rpc/rpc-pre.php b/mayor-orig/www/policy/public/naplo/rpc/rpc-pre.php
new file mode 100644
index 00000000..53328c7c
--- /dev/null
+++ b/mayor-orig/www/policy/public/naplo/rpc/rpc-pre.php
@@ -0,0 +1,48 @@
+<?php
+
+ require_once('include/share/ssl/ssl.php');
+ /* Class: Interconnect AES */
+
+ /* remote procedure call remote controller */
+ $rpcDetails = $_GET['detail'];
+ $initOMKod = readVariable($_GET['init'],'strictstring',0);
+
+ try
+ {
+ $RPC = new Interconnect();
+ $RPC->setRemoteOMKod($initOMKod);
+ $REQUEST = $RPC->processRequest($rpcDetails);
+ $func = $REQUEST->func;
+ }
+ catch (Exception $e)
+ {
+ $func='';
+ $DATA = array('error'=>$e->getMessage());
+ }
+ // processing
+
+ // MASTER BOSS -> portal/rpc/rpc, ez itt ELAVULT
+ $DATA = array();
+ if (isset($func) && $func!='') {
+ switch ($func) {
+ case 'getVersion':
+ case 'ping':
+ $DATA = $RPC->prepareReply(
+ array('func'=>'getVersion','response_revision'=>_MAYORREV,'pong')
+ );
+ $RPC->setResponse($DATA);
+ break;
+ case 'checkRegistration':
+ $otherPublicKey = getSslPublicKeyByOMKod($REQUEST->OMKOD);
+ if ($otherPublicKey===false) $valid=0;
+ elseif ($REQUEST->publicKey == $otherPublicKey) $valid=1;
+ else $valid=2;
+ $DATA = $RPC->prepareReply(
+ array('func'=>$func,'response'=>serialize($REQUEST),'valid'=>$valid)
+ );
+ $RPC->setResponse($DATA);
+ default:
+ break;
+ }
+ }
+?>
diff --git a/mayor-orig/www/policy/public/naplo/rpc/rpc.php b/mayor-orig/www/policy/public/naplo/rpc/rpc.php
new file mode 100644
index 00000000..be00b0a5
--- /dev/null
+++ b/mayor-orig/www/policy/public/naplo/rpc/rpc.php
@@ -0,0 +1,7 @@
+<?php
+
+ global $DATA;
+
+ if (count($DATA)>0) putResponse($DATA); // reply
+
+?>
diff --git a/mayor-orig/www/policy/public/password/changeMyPassword-pre.php b/mayor-orig/www/policy/public/password/changeMyPassword-pre.php
new file mode 100644
index 00000000..f7c68879
--- /dev/null
+++ b/mayor-orig/www/policy/public/password/changeMyPassword-pre.php
@@ -0,0 +1,69 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ $toPolicy = readVariable($_REQUEST['toPolicy'], 'enum', 'private', $POLICIES);
+ $userAccount = readVariable($_REQUEST['userAccount'], 'emptystringnull', (defined('_USERACCOUNT'))?_USERACCOUNT:null);
+
+ if (file_exists(_CONFIGDIR."/$toPolicy-conf.php")) {
+ require_once(_CONFIGDIR."/$toPolicy-conf.php");
+ }
+
+ if ($AUTH[$toPolicy]['enableSelfPasswordChange']) {
+
+ // Az elküldött név+jelszó ellenőrzése
+ if ($action == 'changePassword') {
+
+
+ require_once('include/modules/auth/base/login.php');
+
+ if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php')) {
+ require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php');
+ }
+ if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php')) {
+ require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php');
+ }
+ if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php')) {
+ require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php');
+ }
+
+ $userPassword = readVariable($_POST['userPassword'], 'emptystringnull');
+ $newPassword = readVariable($_POST['newPassword'], 'emptystringnull');
+ $verification = readVariable($_POST['verification'], 'emptystringnull');
+
+ if ($verification == '' or $newPassword == '') {
+ $_SESSION['alert'][] = 'message:empty_field';
+ } elseif ($verification != $newPassword) {
+ $_SESSION['alert'][] = 'message:pw_not_match';
+ } elseif ($userPassword == $newPassword) {
+ $_SESSION['alert'][] = 'message:pw_not_changed';
+ } else {
+
+ $result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy);
+ if ($result >= _AUTH_FAILURE) {
+ $_SESSION['alert'][] = 'message:auth_failure'; // megj: a hibaüzenetet a userAuthentication egyébként generálja. kell ez?
+ } else {
+
+ if (changeMyPassword($userAccount, $userPassword, $newPassword, $toPolicy)) {
+// Újra be kell jelentkezni mindenképp...
+// updateSessionPassword($userAccount, $toPolicy, $verification);
+// if (validUser($sessionID,$policy))
+// header('Location: '.location("index.php?policy=$toPolicy&sessionID=".$sessionID, array('alert')));
+// else
+ header('Location: '.location("index.php?page=auth&f=login&toPolicy=$toPolicy", array('alert')));
+ } else {
+ $_SESSION['alert'][] = 'message:pw_change_failed';
+ }
+ }
+
+ }
+
+ } // action
+
+ } else {
+
+ $_SESSION['alert'][] = 'page:pw_change_disabled';
+
+ }
+
+?>
diff --git a/mayor-orig/www/policy/public/password/changeMyPassword.php b/mayor-orig/www/policy/public/password/changeMyPassword.php
new file mode 100644
index 00000000..29ebbf10
--- /dev/null
+++ b/mayor-orig/www/policy/public/password/changeMyPassword.php
@@ -0,0 +1,9 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $userAccount, $toPolicy;
+
+ putChangePasswordForm($userAccount, $toPolicy);
+
+?>
diff --git a/mayor-orig/www/policy/public/password/resetPassword-pre.php b/mayor-orig/www/policy/public/password/resetPassword-pre.php
new file mode 100644
index 00000000..3590f27a
--- /dev/null
+++ b/mayor-orig/www/policy/public/password/resetPassword-pre.php
@@ -0,0 +1,68 @@
+<?php
+ if (_RIGHTS_OK !== true) die();
+
+ $selector = readVariable($_POST['selector'], 'string', readVariable($_GET['selector'], 'hexa', null));
+ $validator = readVariable($_POST['validator'], 'string', readVariable($_GET['validator'], 'hexa', null));
+
+ if ($validator!='') {
+ $q = "SELECT * FROM accountRecovery WHERE selector = '%s' AND expires >= NOW()";
+ $r = db_query($q, array('debug'=>false,'fv'=>'getPasswordRecoveryRequest','modul'=>'login','result'=>'record','values'=>array($selector)));
+ }
+ if (!is_array($r)) {
+ $_SESSION['alert']['page'] = 'message:wrong_data:A jelszó-helyreállítási kérelem nem létezik, vagy lejárt!';
+ } else {
+
+ $calc = hash('sha256', hex2bin($validator));
+ if (hash_equals($calc, $r['token'])) {
+ // The reset token is valid. Authenticate the user.
+ //dump($r);
+ $ADAT = $r;
+ $ADAT['validator'] = $validator;
+
+ $toPolicy = $r['policy'];
+ $userAccount = $r['userAccount'];
+
+ if (file_exists(_CONFIGDIR."/$toPolicy-conf.php")) {
+ require_once(_CONFIGDIR."/$toPolicy-conf.php");
+ }
+
+ if ($AUTH[$toPolicy]['enablePasswordReset']) {
+
+ if ($action == 'resetPassword') {
+
+ if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php')) {
+ require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php');
+ }
+ if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php')) {
+ require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php');
+ }
+
+ $newPassword = readVariable($_POST['newPassword'], 'emptystringnull');
+ $verification = readVariable($_POST['verification'], 'emptystringnull');
+
+ if ($verification == '' or $newPassword == '') {
+ $_SESSION['alert'][] = 'message:empty_field';
+ } elseif ($verification != $newPassword) {
+ $_SESSION['alert'][] = 'message:pw_not_match';
+ } else {
+ if (changePassword($userAccount, $newPassword, $toPolicy)) {
+ $q = "DELETE FROM accountRecovery WHERE userAccount = '%s'";
+ db_query($q, array('debug'=>false,'fv'=>'getPasswordRecoveryRequest','modul'=>'login','result'=>'delete','values'=>array($userAccount)));
+ header('Location: '.location("index.php?page=auth&f=login&toPolicy=$toPolicy", array('alert')));
+ } else {
+ $_SESSION['alert'][] = 'message:pw_change_failed';
+ }
+ }
+ }
+
+ } else {
+ $_SESSION['alert'][] = 'page:pw_reset_disabled';
+ }
+
+ } else {
+ $_SESSION['alert']['page'] = 'message:insufficient_access:A jelszó-helyreállítási kérelem nem érvényes!';
+ }
+
+ }
+
+?>
diff --git a/mayor-orig/www/policy/public/password/resetPassword.php b/mayor-orig/www/policy/public/password/resetPassword.php
new file mode 100644
index 00000000..eaefcc8c
--- /dev/null
+++ b/mayor-orig/www/policy/public/password/resetPassword.php
@@ -0,0 +1,9 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $ADAT;
+
+ if ($ADAT['userAccount']!='') putResetPasswordForm($ADAT);
+
+?>
diff --git a/mayor-orig/www/policy/public/portal/rpc/rpc-pre.php b/mayor-orig/www/policy/public/portal/rpc/rpc-pre.php
new file mode 100644
index 00000000..edd9a592
--- /dev/null
+++ b/mayor-orig/www/policy/public/portal/rpc/rpc-pre.php
@@ -0,0 +1,104 @@
+<?php
+/*
+ MOVED!!
+ - mayor-base/public/rpc/rpc
+ - mayor-portal-mayor/rpc/controller/rpc
+ ===========================================
+
+ require_once('include/share/ssl/ssl.php');
+
+ // MOVE
+ function getRegisztraltIskolaAdat($nodeId) {
+ if ($nodeId=='') {
+ $q = "SELECT * FROM regisztracio";
+ $r = db_query($q, array('modul'=>'portal','result'=>'indexed'));
+ } else {
+ $q = "SELECT * FROM regisztracio WHERE nodeId='%s'";
+ $v = array($nodeId);
+ $r = db_query($q, array('modul'=>'portal','result'=>'record','values'=>$v));
+ }
+ return $r;
+ }
+
+ function getPublicDataByNodeIdFromReg($nodeId) {
+ $q = "SELECT * FROM regisztracio WHERE nodeId='%s'";
+ $v = array($nodeId);
+ $r = db_query($q, array('debug'=>false,'fv'=>'getPublicDataByNodeIdFromReg','modul'=>'portal','result'=>'record','values'=>$v));
+ return $r;
+ }
+ function modRegData($nodeId, $regId, $DATA) {
+ $q = "UPDATE regisztracio SET ".implode(',',array_fill(0, count($DATA), "%s='%s'"))." WHERE regId=%u AND nodeId=%u";
+ foreach ($DATA as $key=>$val) {
+ $v[] = $key; $v[] = $val;
+ }
+ $v[] = $regId; $v[] = $nodeId;
+ $r = db_query($q, array('debug'=>true,'fv'=>'modRegData','modul'=>'portal','values'=>$v));
+ if ($r) return true;
+ else return $q;
+ }
+
+ /* Class: Interconnect AES * /
+
+ /* remote procedure call remote controller * /
+ try
+ {
+ /* rights.php:
+ $RPC = new Interconnect();
+ $RPC->setRemoteHostByNodeId($senderNodeId);
+ $REQUEST = $RPC->processRequest();
+ * /
+ $REQUEST = $RPC->getIncomingRequest();
+ $func = $REQUEST['func'];
+
+ }
+ catch (Exception $e)
+ {
+ $func='';
+ $DATA = array('error'=>$e->getMessage());
+ }
+ // processing
+ $DATA = array();
+ if (isset($func) && $func!='') {
+ switch ($func) {
+ case 'getVersion':
+ case 'ping':
+ $DATA = array('func'=>'getVersion','response_revision'=>_MAYORREV,'pong');
+ $RPC->setResponse($DATA);
+ break;
+ case 'checkRegistration':
+ $DATA = getPublicDataByNodeIdFromReg($senderNodeId);
+ if (is_array($DATA)) $valid = 1; else $valid = 0;
+ $DATA = array('func'=>$func,'valid'=>$valid,'status'=>$RPC->getStatus(),'get'=>$_GET,'post'=>$_POST);
+ $RPC->setResponse($DATA);
+ break;
+ case 'getPublicDataByNodeId':
+ $DATA = getPublicDataByNodeIdFromReg($REQUEST['nodeId']);
+ $RPC->setResponse($DATA);
+ break;
+ case 'modRegData':
+ $DATA['result'] = modRegData($senderNodeId,$REQUEST['regId'],$REQUEST['data']);
+ $DATA['func'] = 'modRegData';
+ $RPC->setResponse($DATA);
+ break;
+ case 'getIskola':
+ $iskolaAdat = getRegisztraltIskolaAdat($REQUEST['otherNodeId']);
+ $DATA = array('func'=>$func,'iskolaAdat'=>$iskolaAdat);
+ $RPC->setResponse($DATA);
+ break;
+ case 'getRegistrationData':
+ $DATA = getPublicDataByNodeIdFromReg($REQUEST['nodeId']);
+ break;
+ case 'refreshRegistration':
+ break;
+ case 'getPublicData':
+ $iskolaAdat = getRegisztraltIskolaAdat();
+ $DATA = array('func'=>$func,'szomszedok'=>$iskolaAdat);
+ $RPC->setResponse($DATA);
+ break;
+ default:
+ break;
+ }
+
+ }
+*/
+?>
diff --git a/mayor-orig/www/policy/public/portal/start.php b/mayor-orig/www/policy/public/portal/start.php
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/mayor-orig/www/policy/public/portal/start.php
diff --git a/mayor-orig/www/policy/public/rpc/naplo/rpc-pre.php b/mayor-orig/www/policy/public/rpc/naplo/rpc-pre.php
new file mode 100644
index 00000000..aba7552f
--- /dev/null
+++ b/mayor-orig/www/policy/public/rpc/naplo/rpc-pre.php
@@ -0,0 +1,70 @@
+<?php
+/*
+ module: mayor-base
+
+ A alap metódusok RPC kezelője
+
+*/
+ require_once('include/share/ssl/ssl.php');
+ require_once('include/modules/naplo/share/rpc.php');
+
+ /*
+ rights.php:
+ $_RPC['senderNodeId']
+ $RPC = new Interconnect();
+ $RPC->setRemoteHostByNodeId($senderNodeId);
+ $RPC->processRequest();
+ $_RPC['request'] = $RPC->getIncomingRequest();
+ */
+ $func = $_RPC['request']['func'];
+ // processing
+ $DATA = array();
+ if (isset($func) && $func!='') {
+ switch ($func) {
+ // itt a currens verziót kellene visszaadni
+ case 'getVersion':
+ case 'ping':
+ $DATA = array('func'=>'getVersion','revision'=>_MAYORREV,'pong');
+ $RPC->setResponse($DATA);
+ break;
+ case 'getPrivilegeInfo':
+ $nodeId = $_RPC['senderNodeId'];
+ $userAccount = readVariable($_RPC['request']['userAccount'], 'string');
+ $OMKod = readVariable($_RPC['request']['OMKod'],'numeric unsigned');
+ $priv = explode(',',getRPCPrivilegeByNUO($nodeId, $userAccount, $OMKod));
+ if (is_array($priv) && in_array('Jogosultság',$priv)) {
+ $DATA = array('func'=>'getPrivilegeInfo','result'=>'success','priv'=>$priv);
+ } else {
+ $DATA = array('func'=>'getPrivilegeInfo','result'=>'failure','alert'=>'message:insufficient_access');
+ }
+ $RPC->setResponse($DATA);
+ break;
+ case 'getTantargyfelosztasStat':
+ $nodeId = $_RPC['senderNodeId'];
+ $userAccount = readVariable($_RPC['request']['userAccount'], 'string');
+ $OMKod = readVariable($_RPC['request']['OMKod'],'numeric unsigned'); // a naplo/base/rights már felhasználta az __INTEZMENY beállításnál
+ $priv = explode(',',getRPCPrivilegeByNUO($nodeId, $userAccount, $OMKod));
+ if (is_array($priv) && in_array('Tantárgyfelosztás',$priv)) {
+ // Az __INTEZMENY és __TANEV beállítását a naplo/rights.php már elvégezte...
+
+ require_once('include/modules/naplo/share/intezmenyek.php');
+ require_once('include/modules/naplo/share/osztaly.php');
+ require_once('include/modules/naplo/share/targy.php');
+ require_once('include/modules/naplo/share/tankor.php');
+ require_once('include/modules/naplo/stat/tantargyFelosztas.php');
+ global $ADAT; $ADAT = array();
+ $IA = getTantargyfelosztasStat();
+
+ $DATA = array('func'=>'getTantargyfelosztasStat','result'=>'success','tanev'=>__TANEV,'intezmeny'=>__INTEZMENY, 'IA'=>$IA);
+ } else {
+ $DATA = array('func'=>'getTantargyfelosztasStat','result'=>'failure','alert'=>'message:insufficient_access');
+ }
+ $RPC->setResponse($DATA);
+ break;
+ default:
+ $DATA['result'] = 'ismeretlen függvény: '.$func;
+ break;
+ }
+
+ }
+?>
diff --git a/mayor-orig/www/policy/public/rpc/rpc-pre.php b/mayor-orig/www/policy/public/rpc/rpc-pre.php
new file mode 100644
index 00000000..30336e9e
--- /dev/null
+++ b/mayor-orig/www/policy/public/rpc/rpc-pre.php
@@ -0,0 +1,43 @@
+<?php
+/*
+ module: mayor-base
+
+ A alap metódusok RPC kezelője
+
+*/
+ require_once('include/share/ssl/ssl.php');
+
+ try
+ {
+ /*
+ rights.php:
+ $RPC = new Interconnect();
+ $RPC->setRemoteHostByNodeId($senderNodeId);
+ $REQUEST = $RPC->processRequest();
+ */
+ $REQUEST = $RPC->getIncomingRequest();
+ $func = $REQUEST['func'];
+
+ }
+ catch (Exception $e)
+ {
+ $func='';
+ $DATA = array('error'=>$e->getMessage());
+ }
+ // processing
+ $DATA = array();
+ if (isset($func) && $func!='') {
+ switch ($func) {
+ // itt a currens verziót kellene visszaadni
+ case 'getVersion':
+ case 'ping':
+ $DATA = array('func'=>'getVersion','revision'=>_MAYORREV,'pong');
+ $RPC->setResponse($DATA);
+ break;
+ default:
+ $DATA['result'] = 'ismeretlen függvény: '.$func;
+ break;
+ }
+
+ }
+?>
diff --git a/mayor-orig/www/policy/public/session/logout-pre.php b/mayor-orig/www/policy/public/session/logout-pre.php
new file mode 100644
index 00000000..ac344fee
--- /dev/null
+++ b/mayor-orig/www/policy/public/session/logout-pre.php
@@ -0,0 +1,28 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ require('include/share/session/close.php');
+
+ closeSession();
+ closeOldAndIdleSessions();
+ if (defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) {
+ session_start();
+ unset($_SESSION['portalLoggedPassword']);
+ unset($_SESSION['szuloDiakIdOk']);
+ session_destroy();
+ header('Location: /');
+ } else {
+// session_start();
+// unset($_SESSION['szuloDiakIdOk']);
+// session_destroy();
+ session_start();
+ session_unset();
+ session_destroy();
+ session_write_close();
+ setcookie(session_name(),'',0,'/');
+ session_regenerate_id(true);
+ header('Location: index.php');
+ }
+
+?>
diff --git a/mayor-orig/www/policy/public/session/set-pre.php b/mayor-orig/www/policy/public/session/set-pre.php
new file mode 100644
index 00000000..d3e77776
--- /dev/null
+++ b/mayor-orig/www/policy/public/session/set-pre.php
@@ -0,0 +1,10 @@
+<?php
+
+ if (_RIGHTS_OK !== true) die();
+
+ global $_JSON;
+ $layout = readVariable($_GET['layout'],'id',0);
+ $_SESSION['pageLayout'] = $layout;
+ $_JSON['success'] = true;
+ $_JSON['pageLayout'] = $layout;
+?>