diff options
author | M.Gergo | 2018-07-06 11:14:41 +0200 |
---|---|---|
committer | M.Gergo | 2018-07-06 11:14:41 +0200 |
commit | 43de9af71f7f4ca5731b94a06d688ae8412ba427 (patch) | |
tree | 54835de1dfcda504c02da261f0dc26885aed2e89 /mayor-orig/www/policy/public | |
parent | 50310b0e4513ee3fcce67351ae61e8fff851130e (diff) | |
download | mayor-43de9af71f7f4ca5731b94a06d688ae8412ba427.tar.gz mayor-43de9af71f7f4ca5731b94a06d688ae8412ba427.zip |
2018/Feb/28 -i állapot hozzáadva, mint a módosítások kiindulási állapota
Diffstat (limited to 'mayor-orig/www/policy/public')
16 files changed, 676 insertions, 0 deletions
diff --git a/mayor-orig/www/policy/public/auth/forgotten-pre.php b/mayor-orig/www/policy/public/auth/forgotten-pre.php new file mode 100644 index 00000000..76ffaebb --- /dev/null +++ b/mayor-orig/www/policy/public/auth/forgotten-pre.php @@ -0,0 +1,92 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + require_once('include/share/net/phpmailer.php'); + + $ADAT['userAccount'] = readVariable($_POST['userAccount'], 'string', readVariable($_GET['userAccount'], 'string', null)); + $ADAT['toPolicy'] = readVariable($_POST['toPolicy'], 'enum', readVariable($_GET['toPolicy'], 'enum', 'parent', array('parent','private')), array('parent','private')); + $ADAT['mail'] = readVariable($_POST['mail'], 'string', null); + + if ($AUTH[$ADAT['toPolicy']]['enablePasswordReset']!==true) { + //$_SESSION['alert'][] = 'info:pw_reset_disabled'; + $ADAT['forgotDisabled'] = true; + } + +/* Under dev + foreach(array('private','parent','public') as $_policy) { + if ($ADAT['toPolicy']==$_policy && $AUTH[$_policy]['enablePasswordReset']!==true) $ADAT['forgotDisabled'] = true; + } +*/ + if ($action == 'sendResetPasswordMail') { + + // TODO - ez a kettő összevonható, kukac tuti nincs a felhasználónévben + // TODO - megviszgálhatnánk, hogy milyen authentikációs levelen van a user + // TODO - mármint, ahol megváltoztatható egyáltalán a jelszó... + require_once('include/modules/session/search/searchAccount.php'); + if (isset($ADAT['userAccount'])) { + $ADAT['accounts'] = searchAccount('userAccount', $ADAT['userAccount'], $searchAttrs = array('userCn','mail','userAccount'), $ADAT['toPolicy']); + for ($i=0; $i<$ADAT['accounts']['count']; $i++) { + if ($ADAT['userAccount'] == $ADAT['accounts'][$i]['userAccount'][0] && $ADAT['accounts'][$i]['mail'][0] != '') { + $ADAT['account'] = array( + 'policy' => $ADAT['toPolicy'], + 'userAccount' => $ADAT['accounts'][$i]['userAccount'][0], + 'userCn' => $ADAT['accounts'][$i]['userCn'][0], + 'mail' => current(explode(' ',str_replace(';',' ',trim($ADAT['accounts'][$i]['mail'][0])))), + ); + break; + } + } + } elseif (isset($ADAT['mail'])) { + $ADAT['accounts'] = searchAccount('mail', $ADAT['mail'], $searchAttrs = array('userCn','mail','userAccount'), $ADAT['toPolicy']); + for ($i=0; $i<$ADAT['accounts']['count']; $i++) { + if ($ADAT['mail'] == $ADAT['accounts'][$i]['mail'][0] && $ADAT['accounts'][$i]['mail'][0] != '') { + $ADAT['account'] = array( + 'policy' => $ADAT['toPolicy'], + 'userAccount' => $ADAT['accounts'][$i]['userAccount'][0], + 'userCn' => $ADAT['accounts'][$i]['userCn'][0], + 'mail' => current(explode(' ',str_replace(';',' ',trim($ADAT['accounts'][$i]['mail'][0])))), + ); + break; + } + } + } + + // Recovery + if (is_array($ADAT['account'])) { + $recoveryRequest = generatePasswordRecoveryRequest($ADAT['account']); + if ($recoveryRequest!=false) { + $ADAT['account']['url'] = $recoveryRequest; + // levél generálása és kiküldése + $body = '<html><head><title></title></head><body> +<p>Az alábbi linkre kattintva magadhatod az új MaYoR-jelszavadat.</p> +<p>Ha nem te küldted az igénylést, tekintsd a levelet tárgytalannak!</p> +<p class="link">'.$recoveryRequest.'</p> +<p>'.__SUPPORT_EMAIL_NAME.' ('.__SUPPORT_EMAIL_ADDRESS.')</p> +</body></html>'; + /* MAIL */ + if (__EMAIL_ENABLED===true) { + $mail = new PHPMailer(); + $mail->CharSet = 'UTF-8'; + $mail->SetFrom(__SUPPORT_EMAIL_ADDRESS,__SUPPORT_EMAIL_NAME); + $mail->AddAddress($ADAT['account']['mail'], $ADAT['account']['userCn']); + $mail->Subject = "[MaYoR] Jelszóemlékeztető"; + $mail->MsgHTML($body); + $mail->Send(); + } else { + //dump(__EMAIL_ENABLED); + //dump(__SUPPORT_EMAIL_ADDRESS); + //dump(__SUPPORT_EMAIL_NAME); + } + /* -- */ +// $_SESSION['alert'][] = 'info:success'; + } else { +// $_SESSION['alert'][] = 'info:success'; // nem üzenünk hibát + } + } else { +// $_SESSION['alert'][] = 'message:wrong_data:Nincs ilyen azonosító, vagy nincs rögzítve e-mail cím az azonosítóhoz! ('.$ADAT['userAccount'].')'; + } + + } + +?>
\ No newline at end of file diff --git a/mayor-orig/www/policy/public/auth/forgotten.php b/mayor-orig/www/policy/public/auth/forgotten.php new file mode 100644 index 00000000..bd751c83 --- /dev/null +++ b/mayor-orig/www/policy/public/auth/forgotten.php @@ -0,0 +1,16 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $ADAT,$action; + + if ($ADAT['forgotDisabled']===true) + putForgotDisabled(); + elseif (!is_array($ADAT['account']) && $action=='') { + putForgotPasswordForm($ADAT); + putForgotUserAccountForm($ADAT); + } else { + putForgotThankyou(); + } + putBackToLogin($ADAT); +?>
\ No newline at end of file diff --git a/mayor-orig/www/policy/public/auth/login-pre.php b/mayor-orig/www/policy/public/auth/login-pre.php new file mode 100644 index 00000000..c524751f --- /dev/null +++ b/mayor-orig/www/policy/public/auth/login-pre.php @@ -0,0 +1,86 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + if (defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) { // kompatibilitási okokból + $toPolicy = readVariable($_REQUEST['toPolicy'], 'enum', 'private', $POLICIES); + } else { + $toPolicy = 'private'; // force + } + $toSkin = readVariable($_POST['toSkin'], 'enum', readVariable($_GET['toSkin'], 'enum', null, $SKINSSHOW), $SKINSSHOW); + @list($toPage,$toSub,$toF) = readVariable(explode(':',$_REQUEST['toPSF']), 'strictstring'); + $toPSF = "$toPage:$toSub:$toF"; + +// Ha már az adott sessionID-vel belépett az adott policy-ra, akkor ne lépjen be újra +// if ($sessionID != '' and validUser($sessionID, $toPolicy)) { +// header('Location: '.location("index.php?policy=$toPolicy&page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID", array('alert'))); +// die(); +// } + + if ($toPolicy=='private' && isset($_SESSION['portalLoggedUsername']) && defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) { + $action='autologin'; + //A SuliX-osok kérésére ezt sajnos kihagyjuk :( session_regenerate_id(true); + } + + // Az elküldött név+jelszó ellenőrzése + if ($action == 'login' || $action=='autologin') { + + // A toPolicy hibaüzenetei + if (file_exists('include/alert/'.$lang.'/'.$AUTH[$toPolicy]['backend'].'.php')) { + require('include/alert/'.$lang.'/'.$AUTH[$toPolicy]['backend'].'.php'); + } elseif (file_exists('include/alert/'._DEFAULT_LANG.'/'.$AUTH[$toPolicy]['backend'].'.php')) { + require('include/alert/'._DEFAULT_LANG.'/'.$AUTH[$toPolicy]['backend'].'.php'); + } + // Autentikáció - alapok + if (file_exists('include/share/auth/base.php')) { + require('include/share/auth/base.php'); + } + // Autentikáció - toPolicy + if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php')) { + require('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php'); + } + + // lejart session-ok torlese + require('include/share/session/close.php'); + closeOldAndIdleSessions(); + + if ($action=='autologin' && defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) { + $userPassword = readVariable($_SESSION['portalLoggedPassword'], 'string'); + //$userAccount = readVariable($_SESSION['portalLoggedUsername'], 'regexp', null, array("^([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$")); + $userAccount = readVariable($_SESSION['portalLoggedUsername'], 'userAccount', null); + } else { + $userPassword = readVariable($_POST['userPassword'], 'string'); + //$userAccount = readVariable($_POST['userAccount'], 'regexp', null, array("^([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$")); + $userAccount = readVariable($_SESSION['portalLoggedUsername'], 'userAccount', null); + } + + if (defined('_BOLONDOS') && _BOLONDOS===true) $userAccount = visszafele($userAccount); + + $accountInformation = array('account' => $userAccount, 'password' => $userPassword, 'policy' => $toPolicy, 'skin'=>$toSkin); + if ($sessionID != '') $accountInformation['sessionID'] = $sessionID; + + if ($userAccount != '' and $userPassword != '') { + + $result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy); // ??? toPolicy benne van az AccountInformation-ben!!! Ldap backend only? + logLogin($toPolicy, $userAccount, $result); + if ($result === _AUTH_SUCCESS) { + $sessionID = newSession($accountInformation, $toPolicy); + if ($toSkin == '') $toSkin = $skin; + header('Location: '.location("index.php?page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID&policy=$toPolicy&lang=$lang&skin=$toSkin", array('alertOLD'))); + } elseif ($result === _AUTH_EXPIRED) { + $_SESSION['alert'][] = 'message:force_pw_update'; + header('Location: '.location("index.php?policy=public&page=password&f=changeMyPassword&userAccount=".$userAccount."&toPolicy=$toPolicy&skin=$toSkin", array('alertOLD'))); + } elseif ($result >= _AUTH_FAILURE) { + // sikertelen azonosítás - a hibaüzenetet a függvény generálja + //$NOF = @getFailedLoginCount($toPolicy,$userAccount); + //if ($NOF>1) sleep(min($NOF,10,rand(1,10))); // harden brute force attempts + } else { + // Ilyen csak hibás függvényműködés esetén lehet: + $_SESSION['alert'][] = "message:default:hibás visszatérési érték:userAuthentication:($result)"; + } + } else { + $_SESSION['alert'][] = 'message:empty_field'; + } + } + +?> diff --git a/mayor-orig/www/policy/public/auth/login.php b/mayor-orig/www/policy/public/auth/login.php new file mode 100644 index 00000000..c86bf24b --- /dev/null +++ b/mayor-orig/www/policy/public/auth/login.php @@ -0,0 +1,17 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $userAccount, $userPassword, $toPolicy, $toPSF, $toSkin, $salt; + global $ADAT; + + if (defined('_USERACCOUNT') && (!is_string(_USERACCOUNT) || _USERACCOUNT=='') ) + putLoginForm($userAccount, $toPolicy, $toPSF, $toSkin, $salt); + else + putAlreadyLoggedIn(); + + if ($_SESSION['authStatus'] == _AUTH_FAILURE) { + putElfelejtettJelszoForm($ADAT); + } + +?> diff --git a/mayor-orig/www/policy/public/naplo/rpc/rpc-pre.php b/mayor-orig/www/policy/public/naplo/rpc/rpc-pre.php new file mode 100644 index 00000000..53328c7c --- /dev/null +++ b/mayor-orig/www/policy/public/naplo/rpc/rpc-pre.php @@ -0,0 +1,48 @@ +<?php + + require_once('include/share/ssl/ssl.php'); + /* Class: Interconnect AES */ + + /* remote procedure call remote controller */ + $rpcDetails = $_GET['detail']; + $initOMKod = readVariable($_GET['init'],'strictstring',0); + + try + { + $RPC = new Interconnect(); + $RPC->setRemoteOMKod($initOMKod); + $REQUEST = $RPC->processRequest($rpcDetails); + $func = $REQUEST->func; + } + catch (Exception $e) + { + $func=''; + $DATA = array('error'=>$e->getMessage()); + } + // processing + + // MASTER BOSS -> portal/rpc/rpc, ez itt ELAVULT + $DATA = array(); + if (isset($func) && $func!='') { + switch ($func) { + case 'getVersion': + case 'ping': + $DATA = $RPC->prepareReply( + array('func'=>'getVersion','response_revision'=>_MAYORREV,'pong') + ); + $RPC->setResponse($DATA); + break; + case 'checkRegistration': + $otherPublicKey = getSslPublicKeyByOMKod($REQUEST->OMKOD); + if ($otherPublicKey===false) $valid=0; + elseif ($REQUEST->publicKey == $otherPublicKey) $valid=1; + else $valid=2; + $DATA = $RPC->prepareReply( + array('func'=>$func,'response'=>serialize($REQUEST),'valid'=>$valid) + ); + $RPC->setResponse($DATA); + default: + break; + } + } +?> diff --git a/mayor-orig/www/policy/public/naplo/rpc/rpc.php b/mayor-orig/www/policy/public/naplo/rpc/rpc.php new file mode 100644 index 00000000..be00b0a5 --- /dev/null +++ b/mayor-orig/www/policy/public/naplo/rpc/rpc.php @@ -0,0 +1,7 @@ +<?php + + global $DATA; + + if (count($DATA)>0) putResponse($DATA); // reply + +?> diff --git a/mayor-orig/www/policy/public/password/changeMyPassword-pre.php b/mayor-orig/www/policy/public/password/changeMyPassword-pre.php new file mode 100644 index 00000000..f7c68879 --- /dev/null +++ b/mayor-orig/www/policy/public/password/changeMyPassword-pre.php @@ -0,0 +1,69 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + $toPolicy = readVariable($_REQUEST['toPolicy'], 'enum', 'private', $POLICIES); + $userAccount = readVariable($_REQUEST['userAccount'], 'emptystringnull', (defined('_USERACCOUNT'))?_USERACCOUNT:null); + + if (file_exists(_CONFIGDIR."/$toPolicy-conf.php")) { + require_once(_CONFIGDIR."/$toPolicy-conf.php"); + } + + if ($AUTH[$toPolicy]['enableSelfPasswordChange']) { + + // Az elküldött név+jelszó ellenőrzése + if ($action == 'changePassword') { + + + require_once('include/modules/auth/base/login.php'); + + if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php')) { + require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php'); + } + if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php')) { + require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php'); + } + if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php')) { + require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php'); + } + + $userPassword = readVariable($_POST['userPassword'], 'emptystringnull'); + $newPassword = readVariable($_POST['newPassword'], 'emptystringnull'); + $verification = readVariable($_POST['verification'], 'emptystringnull'); + + if ($verification == '' or $newPassword == '') { + $_SESSION['alert'][] = 'message:empty_field'; + } elseif ($verification != $newPassword) { + $_SESSION['alert'][] = 'message:pw_not_match'; + } elseif ($userPassword == $newPassword) { + $_SESSION['alert'][] = 'message:pw_not_changed'; + } else { + + $result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy); + if ($result >= _AUTH_FAILURE) { + $_SESSION['alert'][] = 'message:auth_failure'; // megj: a hibaüzenetet a userAuthentication egyébként generálja. kell ez? + } else { + + if (changeMyPassword($userAccount, $userPassword, $newPassword, $toPolicy)) { +// Újra be kell jelentkezni mindenképp... +// updateSessionPassword($userAccount, $toPolicy, $verification); +// if (validUser($sessionID,$policy)) +// header('Location: '.location("index.php?policy=$toPolicy&sessionID=".$sessionID, array('alert'))); +// else + header('Location: '.location("index.php?page=auth&f=login&toPolicy=$toPolicy", array('alert'))); + } else { + $_SESSION['alert'][] = 'message:pw_change_failed'; + } + } + + } + + } // action + + } else { + + $_SESSION['alert'][] = 'page:pw_change_disabled'; + + } + +?> diff --git a/mayor-orig/www/policy/public/password/changeMyPassword.php b/mayor-orig/www/policy/public/password/changeMyPassword.php new file mode 100644 index 00000000..29ebbf10 --- /dev/null +++ b/mayor-orig/www/policy/public/password/changeMyPassword.php @@ -0,0 +1,9 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $userAccount, $toPolicy; + + putChangePasswordForm($userAccount, $toPolicy); + +?> diff --git a/mayor-orig/www/policy/public/password/resetPassword-pre.php b/mayor-orig/www/policy/public/password/resetPassword-pre.php new file mode 100644 index 00000000..3590f27a --- /dev/null +++ b/mayor-orig/www/policy/public/password/resetPassword-pre.php @@ -0,0 +1,68 @@ +<?php + if (_RIGHTS_OK !== true) die(); + + $selector = readVariable($_POST['selector'], 'string', readVariable($_GET['selector'], 'hexa', null)); + $validator = readVariable($_POST['validator'], 'string', readVariable($_GET['validator'], 'hexa', null)); + + if ($validator!='') { + $q = "SELECT * FROM accountRecovery WHERE selector = '%s' AND expires >= NOW()"; + $r = db_query($q, array('debug'=>false,'fv'=>'getPasswordRecoveryRequest','modul'=>'login','result'=>'record','values'=>array($selector))); + } + if (!is_array($r)) { + $_SESSION['alert']['page'] = 'message:wrong_data:A jelszó-helyreállítási kérelem nem létezik, vagy lejárt!'; + } else { + + $calc = hash('sha256', hex2bin($validator)); + if (hash_equals($calc, $r['token'])) { + // The reset token is valid. Authenticate the user. + //dump($r); + $ADAT = $r; + $ADAT['validator'] = $validator; + + $toPolicy = $r['policy']; + $userAccount = $r['userAccount']; + + if (file_exists(_CONFIGDIR."/$toPolicy-conf.php")) { + require_once(_CONFIGDIR."/$toPolicy-conf.php"); + } + + if ($AUTH[$toPolicy]['enablePasswordReset']) { + + if ($action == 'resetPassword') { + + if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php')) { + require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php'); + } + if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php')) { + require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php'); + } + + $newPassword = readVariable($_POST['newPassword'], 'emptystringnull'); + $verification = readVariable($_POST['verification'], 'emptystringnull'); + + if ($verification == '' or $newPassword == '') { + $_SESSION['alert'][] = 'message:empty_field'; + } elseif ($verification != $newPassword) { + $_SESSION['alert'][] = 'message:pw_not_match'; + } else { + if (changePassword($userAccount, $newPassword, $toPolicy)) { + $q = "DELETE FROM accountRecovery WHERE userAccount = '%s'"; + db_query($q, array('debug'=>false,'fv'=>'getPasswordRecoveryRequest','modul'=>'login','result'=>'delete','values'=>array($userAccount))); + header('Location: '.location("index.php?page=auth&f=login&toPolicy=$toPolicy", array('alert'))); + } else { + $_SESSION['alert'][] = 'message:pw_change_failed'; + } + } + } + + } else { + $_SESSION['alert'][] = 'page:pw_reset_disabled'; + } + + } else { + $_SESSION['alert']['page'] = 'message:insufficient_access:A jelszó-helyreállítási kérelem nem érvényes!'; + } + + } + +?> diff --git a/mayor-orig/www/policy/public/password/resetPassword.php b/mayor-orig/www/policy/public/password/resetPassword.php new file mode 100644 index 00000000..eaefcc8c --- /dev/null +++ b/mayor-orig/www/policy/public/password/resetPassword.php @@ -0,0 +1,9 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $ADAT; + + if ($ADAT['userAccount']!='') putResetPasswordForm($ADAT); + +?> diff --git a/mayor-orig/www/policy/public/portal/rpc/rpc-pre.php b/mayor-orig/www/policy/public/portal/rpc/rpc-pre.php new file mode 100644 index 00000000..edd9a592 --- /dev/null +++ b/mayor-orig/www/policy/public/portal/rpc/rpc-pre.php @@ -0,0 +1,104 @@ +<?php +/* + MOVED!! + - mayor-base/public/rpc/rpc + - mayor-portal-mayor/rpc/controller/rpc + =========================================== + + require_once('include/share/ssl/ssl.php'); + + // MOVE + function getRegisztraltIskolaAdat($nodeId) { + if ($nodeId=='') { + $q = "SELECT * FROM regisztracio"; + $r = db_query($q, array('modul'=>'portal','result'=>'indexed')); + } else { + $q = "SELECT * FROM regisztracio WHERE nodeId='%s'"; + $v = array($nodeId); + $r = db_query($q, array('modul'=>'portal','result'=>'record','values'=>$v)); + } + return $r; + } + + function getPublicDataByNodeIdFromReg($nodeId) { + $q = "SELECT * FROM regisztracio WHERE nodeId='%s'"; + $v = array($nodeId); + $r = db_query($q, array('debug'=>false,'fv'=>'getPublicDataByNodeIdFromReg','modul'=>'portal','result'=>'record','values'=>$v)); + return $r; + } + function modRegData($nodeId, $regId, $DATA) { + $q = "UPDATE regisztracio SET ".implode(',',array_fill(0, count($DATA), "%s='%s'"))." WHERE regId=%u AND nodeId=%u"; + foreach ($DATA as $key=>$val) { + $v[] = $key; $v[] = $val; + } + $v[] = $regId; $v[] = $nodeId; + $r = db_query($q, array('debug'=>true,'fv'=>'modRegData','modul'=>'portal','values'=>$v)); + if ($r) return true; + else return $q; + } + + /* Class: Interconnect AES * / + + /* remote procedure call remote controller * / + try + { + /* rights.php: + $RPC = new Interconnect(); + $RPC->setRemoteHostByNodeId($senderNodeId); + $REQUEST = $RPC->processRequest(); + * / + $REQUEST = $RPC->getIncomingRequest(); + $func = $REQUEST['func']; + + } + catch (Exception $e) + { + $func=''; + $DATA = array('error'=>$e->getMessage()); + } + // processing + $DATA = array(); + if (isset($func) && $func!='') { + switch ($func) { + case 'getVersion': + case 'ping': + $DATA = array('func'=>'getVersion','response_revision'=>_MAYORREV,'pong'); + $RPC->setResponse($DATA); + break; + case 'checkRegistration': + $DATA = getPublicDataByNodeIdFromReg($senderNodeId); + if (is_array($DATA)) $valid = 1; else $valid = 0; + $DATA = array('func'=>$func,'valid'=>$valid,'status'=>$RPC->getStatus(),'get'=>$_GET,'post'=>$_POST); + $RPC->setResponse($DATA); + break; + case 'getPublicDataByNodeId': + $DATA = getPublicDataByNodeIdFromReg($REQUEST['nodeId']); + $RPC->setResponse($DATA); + break; + case 'modRegData': + $DATA['result'] = modRegData($senderNodeId,$REQUEST['regId'],$REQUEST['data']); + $DATA['func'] = 'modRegData'; + $RPC->setResponse($DATA); + break; + case 'getIskola': + $iskolaAdat = getRegisztraltIskolaAdat($REQUEST['otherNodeId']); + $DATA = array('func'=>$func,'iskolaAdat'=>$iskolaAdat); + $RPC->setResponse($DATA); + break; + case 'getRegistrationData': + $DATA = getPublicDataByNodeIdFromReg($REQUEST['nodeId']); + break; + case 'refreshRegistration': + break; + case 'getPublicData': + $iskolaAdat = getRegisztraltIskolaAdat(); + $DATA = array('func'=>$func,'szomszedok'=>$iskolaAdat); + $RPC->setResponse($DATA); + break; + default: + break; + } + + } +*/ +?> diff --git a/mayor-orig/www/policy/public/portal/start.php b/mayor-orig/www/policy/public/portal/start.php new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/mayor-orig/www/policy/public/portal/start.php diff --git a/mayor-orig/www/policy/public/rpc/naplo/rpc-pre.php b/mayor-orig/www/policy/public/rpc/naplo/rpc-pre.php new file mode 100644 index 00000000..aba7552f --- /dev/null +++ b/mayor-orig/www/policy/public/rpc/naplo/rpc-pre.php @@ -0,0 +1,70 @@ +<?php +/* + module: mayor-base + + A alap metódusok RPC kezelője + +*/ + require_once('include/share/ssl/ssl.php'); + require_once('include/modules/naplo/share/rpc.php'); + + /* + rights.php: + $_RPC['senderNodeId'] + $RPC = new Interconnect(); + $RPC->setRemoteHostByNodeId($senderNodeId); + $RPC->processRequest(); + $_RPC['request'] = $RPC->getIncomingRequest(); + */ + $func = $_RPC['request']['func']; + // processing + $DATA = array(); + if (isset($func) && $func!='') { + switch ($func) { + // itt a currens verziót kellene visszaadni + case 'getVersion': + case 'ping': + $DATA = array('func'=>'getVersion','revision'=>_MAYORREV,'pong'); + $RPC->setResponse($DATA); + break; + case 'getPrivilegeInfo': + $nodeId = $_RPC['senderNodeId']; + $userAccount = readVariable($_RPC['request']['userAccount'], 'string'); + $OMKod = readVariable($_RPC['request']['OMKod'],'numeric unsigned'); + $priv = explode(',',getRPCPrivilegeByNUO($nodeId, $userAccount, $OMKod)); + if (is_array($priv) && in_array('Jogosultság',$priv)) { + $DATA = array('func'=>'getPrivilegeInfo','result'=>'success','priv'=>$priv); + } else { + $DATA = array('func'=>'getPrivilegeInfo','result'=>'failure','alert'=>'message:insufficient_access'); + } + $RPC->setResponse($DATA); + break; + case 'getTantargyfelosztasStat': + $nodeId = $_RPC['senderNodeId']; + $userAccount = readVariable($_RPC['request']['userAccount'], 'string'); + $OMKod = readVariable($_RPC['request']['OMKod'],'numeric unsigned'); // a naplo/base/rights már felhasználta az __INTEZMENY beállításnál + $priv = explode(',',getRPCPrivilegeByNUO($nodeId, $userAccount, $OMKod)); + if (is_array($priv) && in_array('Tantárgyfelosztás',$priv)) { + // Az __INTEZMENY és __TANEV beállítását a naplo/rights.php már elvégezte... + + require_once('include/modules/naplo/share/intezmenyek.php'); + require_once('include/modules/naplo/share/osztaly.php'); + require_once('include/modules/naplo/share/targy.php'); + require_once('include/modules/naplo/share/tankor.php'); + require_once('include/modules/naplo/stat/tantargyFelosztas.php'); + global $ADAT; $ADAT = array(); + $IA = getTantargyfelosztasStat(); + + $DATA = array('func'=>'getTantargyfelosztasStat','result'=>'success','tanev'=>__TANEV,'intezmeny'=>__INTEZMENY, 'IA'=>$IA); + } else { + $DATA = array('func'=>'getTantargyfelosztasStat','result'=>'failure','alert'=>'message:insufficient_access'); + } + $RPC->setResponse($DATA); + break; + default: + $DATA['result'] = 'ismeretlen függvény: '.$func; + break; + } + + } +?> diff --git a/mayor-orig/www/policy/public/rpc/rpc-pre.php b/mayor-orig/www/policy/public/rpc/rpc-pre.php new file mode 100644 index 00000000..30336e9e --- /dev/null +++ b/mayor-orig/www/policy/public/rpc/rpc-pre.php @@ -0,0 +1,43 @@ +<?php +/* + module: mayor-base + + A alap metódusok RPC kezelője + +*/ + require_once('include/share/ssl/ssl.php'); + + try + { + /* + rights.php: + $RPC = new Interconnect(); + $RPC->setRemoteHostByNodeId($senderNodeId); + $REQUEST = $RPC->processRequest(); + */ + $REQUEST = $RPC->getIncomingRequest(); + $func = $REQUEST['func']; + + } + catch (Exception $e) + { + $func=''; + $DATA = array('error'=>$e->getMessage()); + } + // processing + $DATA = array(); + if (isset($func) && $func!='') { + switch ($func) { + // itt a currens verziót kellene visszaadni + case 'getVersion': + case 'ping': + $DATA = array('func'=>'getVersion','revision'=>_MAYORREV,'pong'); + $RPC->setResponse($DATA); + break; + default: + $DATA['result'] = 'ismeretlen függvény: '.$func; + break; + } + + } +?> diff --git a/mayor-orig/www/policy/public/session/logout-pre.php b/mayor-orig/www/policy/public/session/logout-pre.php new file mode 100644 index 00000000..ac344fee --- /dev/null +++ b/mayor-orig/www/policy/public/session/logout-pre.php @@ -0,0 +1,28 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + require('include/share/session/close.php'); + + closeSession(); + closeOldAndIdleSessions(); + if (defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) { + session_start(); + unset($_SESSION['portalLoggedPassword']); + unset($_SESSION['szuloDiakIdOk']); + session_destroy(); + header('Location: /'); + } else { +// session_start(); +// unset($_SESSION['szuloDiakIdOk']); +// session_destroy(); + session_start(); + session_unset(); + session_destroy(); + session_write_close(); + setcookie(session_name(),'',0,'/'); + session_regenerate_id(true); + header('Location: index.php'); + } + +?> diff --git a/mayor-orig/www/policy/public/session/set-pre.php b/mayor-orig/www/policy/public/session/set-pre.php new file mode 100644 index 00000000..d3e77776 --- /dev/null +++ b/mayor-orig/www/policy/public/session/set-pre.php @@ -0,0 +1,10 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $_JSON; + $layout = readVariable($_GET['layout'],'id',0); + $_SESSION['pageLayout'] = $layout; + $_JSON['success'] = true; + $_JSON['pageLayout'] = $layout; +?> |