diff options
Diffstat (limited to 'mayor-orig/www/policy/private/session')
26 files changed, 916 insertions, 0 deletions
diff --git a/mayor-orig/www/policy/private/session/accountInfo-pre.php b/mayor-orig/www/policy/private/session/accountInfo-pre.php new file mode 100644 index 00000000..7bf243cc --- /dev/null +++ b/mayor-orig/www/policy/private/session/accountInfo-pre.php @@ -0,0 +1,51 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + $userAccount = readVariable($_GET['userAccount'],'userAccount'); + $toPolicy = readVariable($_POST['toPolicy'], 'enum', + readVariable($_GET['toPolicy'], 'enum', _POLICY, $POLICIES), + $POLICIES + ); + + + if ($userAccount == '') $userAccount = _USERACCOUNT; + + // Milyen kategóriába sorolható a userAccount, illetve az aktuális user + $userCategories = getAccountCategories($userAccount, $toPolicy); + if ( + _POLICY == 'private' && + ( + memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']) || + ( + memberOf(_USERACCOUNT,'diakadmin') && + in_array('diak',$userCategories) + ) + ) + ) define('_ACCESS_AS', _ADMIN_ACCESS); + elseif ($userAccount == _USERACCOUNT) define('_ACCESS_AS', _SELF_ACCESS); + else define('_ACCESS_AS', _OTHER_ACCESS); + + list($backendAttrs, $backendAttrDef) = getBackendAttrs('Account', $toPolicy); + if ($action == 'changeSettings') { + + changeAccountInfo($userAccount, $toPolicy); + + } elseif ($action=='userSettingsModify') { + + $changeSkinTo = readVariable($_POST['changeSkinTo'],'enum',null,$SKINSSHOW); + setUserSettings($userAccount, $toPolicy, array('skin'=>$changeSkinTo)); + + } + + + + $userInfo = getUserInfo($userAccount, $toPolicy); // keretrendszer attribútumai + $accountInfo = getAccountInfo($userAccount, $toPolicy); // backend attribútumai + + $ADAT = getUserSettings($userAccount, $toPolicy); + +?> diff --git a/mayor-orig/www/policy/private/session/accountInfo.php b/mayor-orig/www/policy/private/session/accountInfo.php new file mode 100644 index 00000000..7c4a3e0a --- /dev/null +++ b/mayor-orig/www/policy/private/session/accountInfo.php @@ -0,0 +1,15 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + global $accountInfo, $userInfo, $backendAttrDef, $toPolicy; + global $ADAT; + + putUserSettingsForm($ADAT); + + putAccountInfoForm($userInfo, $accountInfo, $backendAttrDef, $toPolicy); + +?> diff --git a/mayor-orig/www/policy/private/session/admin/knownNodes-pre.php b/mayor-orig/www/policy/private/session/admin/knownNodes-pre.php new file mode 100644 index 00000000..d166babd --- /dev/null +++ b/mayor-orig/www/policy/private/session/admin/knownNodes-pre.php @@ -0,0 +1,39 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + if (!__USERADMIN) { + $_SESSION['alert'][] = "page:insufficient_access"; + } else { + + require('include/share/ssl/ssl.php'); + + $ADAT['my']['url'] = $url = substr($_SERVER["HTTP_REFERER"], 0, strpos($_SERVER["HTTP_REFERER"], 'index.php?')); + $ADAT['my']['dt'] = date('Y-m-d'); + + $RPC = new Interconnect(); + $ADAT['my']['publicKey'] = $RPC->getPublicKey(); + $ADAT['my']['nodeId'] = $RPC->getNodeId(); + + + if ($action == 'rpcPing') { + $ADAT['nodeId'] = readVariable($_POST['nodeId'],'id'); + $RPC->setRemoteHostByNodeId($ADAT['nodeId']); + $RPC->setRequestTarget('base'); + $ADAT['pingResult'] = $RPC->sendRequest(array('func'=>'ping')); + $ADAT['nodeVersion'] = $ADAT['pingResult']['revision']; + // $RPC->setRequestTarget('controller'); + } elseif ($action == 'getPublicDataByNodeId') { + $ADAT['nodeId'] = readVariable($_POST['nodeId'],'id'); + $RPC->setRequestTarget('base'); + $RPC->setRemoteHostByNodeId($ADAT['nodeId']); + } elseif ($action == 'removeNode') { + $ADAT['nodeId'] = readVariable($_POST['nodeId'],'id'); + removeNodeFromLocalKeychain($ADAT['nodeId']); + } + + $ADAT['nodes'] = getPublicDataFromLocalKeychain(); + + } + +?> diff --git a/mayor-orig/www/policy/private/session/admin/knownNodes.php b/mayor-orig/www/policy/private/session/admin/knownNodes.php new file mode 100644 index 00000000..e7a95d58 --- /dev/null +++ b/mayor-orig/www/policy/private/session/admin/knownNodes.php @@ -0,0 +1,10 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $ADAT; + + putGetNodeData(); + putKnownNodes($ADAT); + +?> diff --git a/mayor-orig/www/policy/private/session/admin/registration-pre.php b/mayor-orig/www/policy/private/session/admin/registration-pre.php new file mode 100644 index 00000000..eabc8cfe --- /dev/null +++ b/mayor-orig/www/policy/private/session/admin/registration-pre.php @@ -0,0 +1,123 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + if (!__USERADMIN) { + $_SESSION['alert'][] = "page:insufficient_access"; + } else { + + require('include/share/ssl/ssl.php'); + + $ADAT['NODETIPUSOK'] = array('intézmény','backup','fejlesztői'); + $ADAT['OSSZEG'] = array(0,1000,2000,3000,5000,10000);; + // regisztrációs űrlap elemei (portal-mayor-ból átemelve... + $ADAT['MEZOK'] = array( + 'nodeTipus' => array('kotelezo'=>true,'options'=>$ADAT['NODETIPUSOK']), + 'nev' => array('kotelezo'=>true), + 'rovidNev' => array(), + 'OMKod' => array(), + 'cimHelyseg' => array('kotelezo'=>true), + 'cimIrsz' => array('kotelezo'=>true), + 'cimKozteruletNev' => array('kotelezo'=>true), + 'cimKozteruletJelleg' => array('kotelezo'=>true), + 'cimHazszam' => array('kotelezo'=>true), + 'telefon' => array(), + 'fax' => array(), + 'email' => array(), + 'honlap' => array(), + 'url' => array(), + 'kapcsolatNev' => array('kotelezo'=>true), + 'kapcsolatEmail' => array('kotelezo'=>true), + 'kapcsolatTelefon' => array(), + // külön, más helyen jelennek meg + 'dij'=> array('kotelezo'=>true,'display'=>false,'type'=>'none'), + 'egyebTamogatas' => array('display'=>false,'type'=>'none'), + 'utemezes'=>array('display'=>false,'type'=>'none'), + // rejtett mezők - nem módosíthatók + 'regId'=>array('display'=>false,'type'=>'none'), + 'dt'=>array('display'=>false), + 'publicKey' => array('kotelezo'=>true,'display'=>false,'readonly'=>true,'type'=>'textarea'), + ); + $ADAT['my']['url'] = $url = substr($_SERVER["HTTP_REFERER"], 0, strpos($_SERVER["HTTP_REFERER"], 'index.php?')); + $ADAT['my']['dt'] = date('Y-m-d'); + + $RPC = new Interconnect(); + $ADAT['my']['publicKey'] = $RPC->getPublicKey(); + $ADAT['my']['nodeId'] = $RPC->getNodeId(); + + // regisztráció + if ($action == 'sendRegRequest') { + unset($_POST['action']); + $_POST['publicRequest'] = 'registration'; + $res = json_decode(sendPublicRequest($_POST), true); + foreach ($res['alert'] as $index => $aAdat) $_SESSION['alert'][] = implode(':',$aAdat); + if ($res['success'] === true) { + setNodeId($res['nodeId'], $ADAT['my']['publicKey']); + $ADAT['my']['nodeId'] = $res['nodeId']; + $RPC = new Interconnect(); // újracsatlakozás... + } + //dump($res); + } elseif ($action == 'checkOldRegByPublicKey') { + $DATA['publicKey'] = $ADAT['my']['publicKey']; + $DATA['publicRequest'] = 'getNodeIdByPublicKey'; + // ha kellene ellenőrzés, akkar a választ a publicKey-el kódolva kellene küldeni... + $res = json_decode(sendPublicRequest($DATA), true); + foreach ($res['alert'] as $index => $aAdat) $_SESSION['alert'][] = implode(':',$aAdat); + if ($res['success'] === true) { + setNodeId($res['nodeId'], $ADAT['my']['publicKey']); + $ADAT['my']['nodeId'] = $res['nodeId']; + $RPC = new Interconnect(); // újracsatlakozás... + } + dump($res); + } + + if ($ADAT['my']['nodeId'] != 0) + try { + $RPC->setRemoteHostByNodeId(''); // controller + $RPC->setRequestTarget('controller'); + $ADAT['registrationStatus']['result'] = $RPC->sendRequest(array('func'=>'checkRegistration')); + //dump($ADAT['registrationStatus']['result'], $RPC->getStatus()); + // Teszt: egy alap metódus lekérdezése... + //$RPC->setRequestTarget('base'); + // $ADAT['controllerVersion'] = $RPC->sendRequest(array('func'=>'ping')); + // dump($ADAT['controllerVersion']); + // $RPC->setRequestTarget('controller'); + if ($ADAT['registrationStatus']['result']['valid'] == 1) { + $ADAT['regAdat'] = $RPC->getRegistrationDataByNodeId($ADAT['my']['nodeId']); + //dump($ADAT['regAdat'], $RPC->getStatus()); + } + } catch (Exception $e) { + dump("checkRegistration",$e); + } + + if ($action == 'modRegAdat') { + $MOD = array(); + foreach ($ADAT['regAdat']['nodeData'] as $key => $value) { + $newValue = readVariable($_POST[$key], 'string'); + if ( + !in_array($key, array('nodeId','regId','publicKey')) + && str_replace(array("\n","\r","\n\r"),"",$value) != str_replace(array("\n","\r","\n\r"),"",$newValue) + && !is_null($newValue) + ) $MOD[$key] = $newValue; + } + if (count($MOD) > 0) try { + // Interconnect-en keresztül!! + $ADAT['modRegData']['result'] = $RPC->sendRequest( + array('func'=>'modRegData', 'data'=>$MOD, 'regId'=>$ADAT['regAdat']['nodeData']['regId']) + ); + // A megjelenítéshez módosítjuk a kirakandó adatokat helyben is. + if ($ADAT['modRegData']['result']['result'] === true) { + $_SESSION['alert'][] = 'info:success:A regisztrációs adatokat módosítottuk a regisztrációs szerveren.'; + foreach ($MOD as $key => $val) $ADAT['regAdat']['nodeData'][$key] = $val; + } else { + $_SESSION['alert'][] = 'message:wrong_data:Az adatmódosítás nem sikerült a regisztrációs szerveren.'; + } + } catch (Exception $e) { + dump("modRegData",$e); + } + + } + + } + +?> diff --git a/mayor-orig/www/policy/private/session/admin/registration.php b/mayor-orig/www/policy/private/session/admin/registration.php new file mode 100644 index 00000000..6ad2d8e7 --- /dev/null +++ b/mayor-orig/www/policy/private/session/admin/registration.php @@ -0,0 +1,16 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $ADAT; + + validRegisztracio($ADAT['registrationStatus']['result']['valid'], $ADAT['my']['nodeId']); + if ($ADAT['registrationStatus']['result']['valid'] != 1) { + putCheckOldReg($ADAT); + putRegisztracio($ADAT); + } else { + putRegisztracioMod($ADAT); + } + putPublicKey($ADAT['my']['publicKey']); + +?> diff --git a/mayor-orig/www/policy/private/session/createAccount-pre.php b/mayor-orig/www/policy/private/session/createAccount-pre.php new file mode 100644 index 00000000..ce789482 --- /dev/null +++ b/mayor-orig/www/policy/private/session/createAccount-pre.php @@ -0,0 +1,110 @@ +<?php +/* + Module: base/session + createAccount => byAdmin esetén csak az érintet policy-n belül az adminGroup tagjainak lehet létrehozni új account-ot + createAccount => byRegistration esetén bárki regisztrálhat bármely policy-ből +*/ + + if (_RIGHTS_OK !== true) die(); + + if (memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) { + $DEFAULTS['userAccount'] = readVariable($_GET['userAccount'],'userAccount'); + $DEFAULTS['userCn'] = readVariable($_GET['userCn'],'emptystringnull'); + $DEFAULTS['userPassword'] = readVariable($_GET['userPassword'],'emptystringnull'); + $DEFAULTS['mail'] = readVariable($_GET['email'],'emptystringnull'); + $DEFAULTS['telephoneNumber'] = readVariable($_GET['tel'],'emptystringnull'); + } + + $toPolicy = readVariable($_POST['toPolicy'], 'enum', readVariable($_GET['toPolicy'], 'enum',_POLICY, $POLICIES), $POLICIES); + + @$toPSF = $_REQUEST['toPSF']; + + if ($toPolicy != _POLICY) require_once(_CONFIGDIR."/$toPolicy-conf.php"); + if ( + ( + $AUTH[$toPolicy]['createAccount'] == 'byAdmin' + and memberOf(_USERACCOUNT, $AUTH['private']['adminGroup']) + ) + or ( + $AUTH[$toPolicy]['createAccount'] == 'byRegistration' + && _USERACCOUNT =='' + ) + ) { + define('_ENABLE',true); + } else { + define('_ENABLE',false); + $_SESSION['alert'][] = 'page:insufficient_access:#1'; + } + + if (_ENABLE && $action == 'createAccount' && isset($_POST['new'])) { + + $file = $_FILES['file']['tmp_name']; + if ($file != '' && $file != 'none' && file_exists($file)) { + + $uidfp=fopen($file, 'r'); + while ($sor=fgets($uidfp, 4096)) { + list($userCn, $userAccount, $userPassword, $category, $studyId, $container)=explode(" ",chop($sor)); + // A biztonság kedvéért ez a html form validációval egyező legyen + $userCn = readVariable($userCn,'html'); + $userAccount = readvariable($userAccount,'html'); + $studyId = readVariable($studyId,'number'); + $category = readVariable($category, 'enum','',$AUTH[$toPolicy]['categories']); + $container = readVariable($container,'enum','',$AUTH[$toPolicy][$AUTH[$toPolicy]['backend'].'Containers']); + $policyAccountAttrs = array(); + if (is_array($AUTH[$toPolicy]['accountAttrs'])) foreach ($AUTH[$toPolicy]['accountAttrs'] as $attr) { + if (isset($$attr) and $$attr != '') $policyAccountAttrs[$attr] = readVariable($$attr, 'string'); + } + if (createAccount($userCn, $userAccount, $userPassword, $toPolicy, array('container'=> $container, 'category' => $category, 'policyAttrs' => $policyAccountAttrs)) ===false) { + $_SESSION['alert'][] = "info:user_create_failure: cn.$userCn|account.$userAccount|policy.$toPolicy|category.$category|container.$container"; + } + } + fclose($uidfp); + + } else { + + // kötelező paraméterek + $userCn = readVariable($_POST['userCn'],'html'); + $userAccount = readvariable($_POST['userAccount'],'html'); + $studyId = readVariable($_POST['studyId'],'number'); + $userPassword = $_POST['userPassword']; + $verification = $_POST['verification']; + + // opcionális paraméterek + $category = readVariable($_POST['category'], 'enum','',$AUTH[$toPolicy]['categories']); + $container = readVariable($_POST['container'],'enum','',$AUTH[$toPolicy][$AUTH[$toPolicy]['backend'].'Containers']); + + $policyAccountAttrs = array(); + if (is_array($AUTH[$toPolicy]['accountAttrs'])) foreach ($AUTH[$toPolicy]['accountAttrs'] as $attr) { + if (isset($_POST[$attr]) and $_POST[$attr] != '') $policyAccountAttrs[$attr] = readVariable($_POST[$attr], 'string'); // ??? + } + + if ($userCn == '' or $userAccount == '' or $userPassword == '' or $verification == '') { + // Csak policy váltás történt + // $_SESSION['alert'][] = 'message:empty_field'; + } elseif ($userPassword != $verification) { + $_SESSION['alert'][] = 'message:pw_not_match'; + } else { + if (createAccount($userCn, $userAccount, $userPassword, $toPolicy, + array('container'=> $container, 'category' => $category, 'policyAttrs' => $policyAccountAttrs))) { + if ( + _POLICY == 'private' + && memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']) + ) header('Location: '.location("index.php?page=session&f=accountInfo&userAccount=$userAccount&toPolicy=$toPolicy")); + elseif (_POLICY == 'public') { + $toPSF = ($toPSF=='') ? 'auth::login' : $toPSF; + header( + 'Location: '.location("index.php?page=auth&f=login&userAccount=$userAccount&policy=public&toPolicy=$toPolicy&toPSF=$toPSF", array('skin','lang','sessionID')) + ); + } else { + $toPSF = ($toPSF=='') ? 'session::accountInfo' : $toPSF; + header( + 'Location: '.location("index.php?page=auth&f=login&userAccount=$userAccount&policy=public&toPolicy=$toPolicy&toPSF=$toPSF", array('skin','lang','sessionID')) + ); + } + } + } + } + + } + +?> diff --git a/mayor-orig/www/policy/private/session/createAccount.php b/mayor-orig/www/policy/private/session/createAccount.php new file mode 100644 index 00000000..94c4b703 --- /dev/null +++ b/mayor-orig/www/policy/private/session/createAccount.php @@ -0,0 +1,12 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + global $toPolicy,$DEFAULTS; + + putCreateAccountForm($toPolicy, $DEFAULTS); + +?> diff --git a/mayor-orig/www/policy/private/session/createGroup-pre.php b/mayor-orig/www/policy/private/session/createGroup-pre.php new file mode 100644 index 00000000..8b65ce02 --- /dev/null +++ b/mayor-orig/www/policy/private/session/createGroup-pre.php @@ -0,0 +1,49 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + if (_POLICY == 'private' && memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) { + } else { + $_SESSION['alert'][] = 'page:insufficient_access'; + } + $toPolicy = readVariable($_POST['toPolicy'], 'enum', _POLICY, $POLICIES); + + if ($action == 'createGroup') { + + $file = $_FILES['file']['tmp_name']; + if ($file != '' and $file != 'none' and file_exists($file)) { +/* $uidfp=fopen($file, 'r'); + while ($sor=fgets($uidfp, 4096)) { + list($groupCn, $groupDesc, $category)=explode(" ",chop($sor)); + !!!!!!!! createGroup($groupCn, $groupDesc, $category, $toPolicy); + } + fclose($uidfp); +*/ + } else { + + $groupCn = readVariable($_POST['groupCn'],'html'); + $groupDesc = readVariable($_POST['groupDesc'],'html'); + $category = readVariable($_POST['category'],'enum',null,$AUTH[_POLICY]['categories']); + $container = readVariable($_POST['container'],'enum','',$AUTH[$toPolicy][$AUTH[$toPolicy]['backend'].'Containers']); + $policyGroupAttrs = array(); + if (is_array($AUTH[$toPolicy]['groupAttrs'])) foreach ($AUTH[$toPolicy]['groupAttrs'] as $attr) { + if (isset($_POST[$attr]) and $_POST[$attr] != '') $policyGroupAttrs[$attr] = readVariable($_POST[$attr], 'string'); // ??? + } + + if ($groupCn == '' || $groupDesc == '' || $category == '') { + // Csak policy váltás + //$_SESSION['alert'][] = 'message:empty_field'.":$groupCn:$groupDesc:$category"; + } else { + if (createGroup($groupCn, $groupDesc, $toPolicy, array('container'=> $container, 'policyAttrs' => $policyGroupAttrs))) { + header('Location: '.location("index.php?page=session&f=groupInfo&groupCn=$groupCn&toPolicy=$toPolicy")); + } + } + } + + + } + +?> diff --git a/mayor-orig/www/policy/private/session/createGroup.php b/mayor-orig/www/policy/private/session/createGroup.php new file mode 100644 index 00000000..a914ceaf --- /dev/null +++ b/mayor-orig/www/policy/private/session/createGroup.php @@ -0,0 +1,12 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + global $toPolicy; + + putCreateGroupForm($toPolicy); + +?> diff --git a/mayor-orig/www/policy/private/session/download-pre.php b/mayor-orig/www/policy/private/session/download-pre.php new file mode 100644 index 00000000..6b396143 --- /dev/null +++ b/mayor-orig/www/policy/private/session/download-pre.php @@ -0,0 +1,66 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + if (!((defined('_POLICY') && _POLICY=='public') + || (defined('__TITKARSAG') && __TITKARSAG===true) + || (defined('__TANAR') && __TANAR===true) + || (defined('__NAPLOADMIN') && __NAPLOADMIN===true) + || (defined('__DIAK') && __DIAK===true) + )) { + return false; + } + + // $file - csak a file neve, útvonal nem lehet benne + if (isset($_POST['file']) && $_POST['file'] != '') $file = basename($_POST['file']); + elseif (isset($_GET['file']) && $_GET['file'] != '') $file = basename($_GET['file']); + + if (!isset($file)) $_SESSION['alert'][] = 'page:empty_fields:file'; + else { + // $dir - betű, szám, -, _, és / lehet benne (elején csak betű vagy szám) + $dir = readVariable($_POST['dir'], 'path', readVariable($_GET['dir'], 'path')); + + // Az útvonal beállítása + $path = _DOWNLOADDIR.'/'._POLICY; + if (isset($dir)) $path .= '/'.$dir; + $path .= '/'.$file; + + // Jogosultságok ellenőzése dir alapján + if (__DIAK===true) { + if (strstr($dir,'naplo/face/')===false) return false; + } + // Titkarsag, Tanar, Naploadmin letoltheti, amit szeretne + + // Létezik-e a file + if (!file_exists($path)) $_SESSION['alert'][] = 'page:file_not_found:'.substr($path, strlen(_DOWNLOADDIR.'/'._POLICY.'/')).':'.$path; + else { + + $ADAT['path'] = $path; + $ADAT['dir'] = $dir; + $ADAT['file'] = $file; + $ADAT['ext'] = strtolower(substr(strrchr($file,"."),1)); + $ADAT['size'] = filesize($path); + $ADAT['mime'] = readVariable($_POST['mimetype'], 'enum', readVariable($_GET['mimetype'], 'enum', null, $allowedMimeTypes), $allowedMimeTypes); + + // MiME típus megállapítása + if (!isset($ADAT['mime'])) { + if ($allowedExtensions[$ADAT['ext']] != '') $ADAT['mime'] = $allowedExtensions[$ADAT['ext']]; + else { + if (function_exists('mime_content_type')) { + $ADAT['mime'] = mime_content_type($ADAT['path']); + } elseif (function_exists('finfo_file')) { + $finfo = finfo_open(FILEINFO_MIME); + $ADAT['mime'] = finfo_file($finfo, $ADAT['path']); + finfo_close($finfo); + } + if ($ADAT['mime'] == '') $ADAT['mime'] = "application/force-download"; + } + } + if (in_array($ADAT['mime'],array('image/gif','image/png','image/jpeg','image/jpeg'))) $ADAT['pure']=true; + // letöltés + if (isset($_GET['download'])) passFile($ADAT); + + } + } + + +?> diff --git a/mayor-orig/www/policy/private/session/download.php b/mayor-orig/www/policy/private/session/download.php new file mode 100644 index 00000000..12d907a9 --- /dev/null +++ b/mayor-orig/www/policy/private/session/download.php @@ -0,0 +1,9 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $ADAT; + + if (is_array($ADAT)) putDownloadForm($ADAT); + +?> diff --git a/mayor-orig/www/policy/private/session/facebookConnect-pre.php b/mayor-orig/www/policy/private/session/facebookConnect-pre.php new file mode 100644 index 00000000..b0988ae5 --- /dev/null +++ b/mayor-orig/www/policy/private/session/facebookConnect-pre.php @@ -0,0 +1,91 @@ +<?php + + if (__FBCONNECT_ENABLED !== true ) return false; + + if (version_compare(PHP_VERSION, '5.4.0', '<')) { + return false; + } else { + /* facebook login start */ + require_once ('include/share/facebook/autoload.php'); + $fb = new Facebook\Facebook(array( + 'app_id' => __FB_APP_ID, + 'app_secret' => __FB_APP_SECRET, + 'cookie' => true, + 'status' => true, + 'default_graph_version' => 'v2.5', + )); + $oAuth2Client = $fb->getOAuth2Client(); + + $helper = $fb->getJavaScriptHelper(); + try { + $accessToken = $helper->getAccessToken(); + // convert + if ($accessToken !='' && !$accessToken->isLongLived()) { + try { + $accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken); + } catch (Facebook\Exceptions\FacebookSDKException $e) { + $_SESSION['alert'][] = "info::Error getting long-lived access token: " . $helper->getMessage() . ""; + } + } + } catch(Facebook\Exceptions\FacebookResponseException $e) { + // When Graph returns an error + $_SESSION['alert'][] = 'info::Graph returned an error: ' . $e->getMessage(); + } catch(Facebook\Exceptions\FacebookSDKException $e) { + // When validation fails or other local issues + $_SESSION['alert'][] = 'info::Facebook SDK returned an error: ' . $e->getMessage(); + } + if (isset($accessToken)) { + $_SESSION['facebook_access_token'] = (string) $accessToken; + $_SESSION['facebook_access_token_object'] = $accessToken; + $response = $fb->get('/me?fields=id,name,email',$accessToken); + $userNode = $response->getGraphUser(); + $ADAT['fbUserId'] = $userNode->getField('id'); + $ADAT['fbUserCn'] = $userNode->getField('name'); + $ADAT['fbUserEmail'] = $userNode->getField('email'); + } + } + if ($action=='revokeFbAuth') { + fbConnectRevoke($ADAT['fbUserId']); + } elseif ($action=='grantFbAuth') { + fbConnectGrant($ADAT); + } + + $ADAT['fbUserIdStatusz'] = checkFbConnectAssoc($ADAT); + + function checkFbConnectAssoc($ADAT) { + if ($ADAT['fbUserId']=='') return 0; + + $q = "SELECT count(*) AS db FROM facebookConnect where userAccount='%s' AND policy='%s' AND fbUserId='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId']); + $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v)); + if ($db==1) return 1; // 'OK'; + + $q = "SELECT count(*) AS db FROM facebookConnect where userAccount='%s' AND policy='%s' AND fbUserId!='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId']); + $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v)); + if ($db==1) return 2; // 'masik fbUserId van megadva'; + + $q = "SELECT count(*) AS db FROM facebookConnect where userAccount!='%s' AND policy='%s' AND fbUserId='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId']); + $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v)); + if ($db==1) return 3; // 'masik userAccount van hozzárendelve ehhez a fb azonosítóhoz'; + + return false; + } + + function fbConnectRevoke($fbUserId) { + if ($fbUserId=='') return 0; + + $q = "DELETE FROM facebookConnect where userAccount='%s' AND policy='%s' AND fbUserId='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$fbUserId); + return db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','values'=>$v)); + } + function fbConnectGrant($ADAT) { + if ($ADAT['fbUserId']=='') return 0; + + $q = "INSERT IGNORE INTO facebookConnect (userAccount,policy,fbUserId,fbUserCn,fbUserEmail,studyId) VALUES ('%s','%s','%s','%s','%s','%s')"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId'],'fbUserCn'=>_USERCN.' ('.$ADAT['fbUserCn'].')','fbUserEmail'=>$ADAT['fbUserEmail'],'studyId'=>_STUDYID); + return db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'insert','values'=>$v)); + } + +?>
\ No newline at end of file diff --git a/mayor-orig/www/policy/private/session/facebookConnect.php b/mayor-orig/www/policy/private/session/facebookConnect.php new file mode 100644 index 00000000..e125c680 --- /dev/null +++ b/mayor-orig/www/policy/private/session/facebookConnect.php @@ -0,0 +1,7 @@ +<?php + + global $ADAT; + + putFacebookConnectStatusz($ADAT); + +?>
\ No newline at end of file diff --git a/mayor-orig/www/policy/private/session/googleapi-pre.php b/mayor-orig/www/policy/private/session/googleapi-pre.php new file mode 100644 index 00000000..49438dcc --- /dev/null +++ b/mayor-orig/www/policy/private/session/googleapi-pre.php @@ -0,0 +1,100 @@ +<?php + + if (__GOOGLEAPI_ENABLED !== true ) return false; + + if (version_compare(PHP_VERSION, '5.4.0', '<')) { + return false; + } else { + require_once ('include/share/googleapi/autoload.php'); + + if ($action=='googleapiRevoke') { + googleapiRevoke(); + unset($_SESSION['googleapi_id_token']); + unset($_SESSION['googleapi_object']); + } elseif ($action=='googleapiGrant') { + // itt nem áll rendelkezésre adat! googleapiGrant($ADAT); + // a get id_token résznél kötjük össze a usert és irányítjuk tovább + } + //$ADAT['googleapiStatus'] = googleapiCheckAssoc($ADAT); + if ($_SESSION['googleapi_id_token']!='') { + // van azonosított user + // a sessionben rendelkezésre is áll az objektum (googleapi_object), + // de itt most lekérdezzük a google szervertől újra! + $redirect_uri = _BASE_URL.'/index.php'; + $client = new Google_Client(); + $client->setClientId(__GOOGLEAPI_CLIENT_ID); + $client->setClientSecret(__GOOGLEAPI_CLIENT_SECRET); + $client->setScopes('email'); + // $client->setAccessToken($_SESSION['googleapi_id_token']); + try { + $ADAT['payload'] = $payload = $client->verifyIdToken($_SESSION['googleapi_id_token']); + $ADAT['googleapiStatusz'] = 1; + } catch(Exception $e) { + $_SESSION['alert'][] = 'info::googleapi SDK hiba: ' . $e->getMessage(); + $ADAT['googleapiStatusz'] = 2; + } + } elseif ($_GET['id_token']!='') { + $redirect_uri = _BASE_URL.'/index.php'; + $client = new Google_Client(); + //$client->setAuthConfig($oauth_credentials); + $client->setClientId(__GOOGLEAPI_CLIENT_ID); + $client->setClientSecret(__GOOGLEAPI_CLIENT_SECRET); +// $client->setRedirectUri($redirect_uri); + $client->setScopes('email'); + try { + $payload = $client->verifyIdToken($_GET['id_token']); + } catch(Exception $e) { + $_SESSION['alert'][] = 'info::googleapi SDK hiba: ' . $e->getMessage(); + } + if (isset($payload['sub'])) { // subject + $_SESSION['google_access_token'] = (string) $payload; + $_SESSION['google_access_token_object'] = $payload; + // mayor auth start + $accountInformation=array(); + $toPolicy = 'public'; + $ADAT['googleSub'] = $payload['sub']; +// $ADAT['fbUserId'] = $userNode->getField('id'); + $ADAT['googleUserCn'] = $payload['name']; + $ADAT['googleUserEmail'] = $payload['email']; + googleapiGrant($ADAT); + /* mayor auth stop */ + } else { + $_SESSION['alert'][] = 'info:nem érvényes accessToken'; + } + } + + } + function googleapiCheckAssoc($ADAT) { + if ($ADAT['googleSub']=='') return 0; + + $q = "SELECT count(*) AS db FROM googleConnect where userAccount='%s' AND policy='%s' AND googleSub='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['googleSub']); + $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v)); + if ($db==1) return 1; // 'OK'; + + $q = "SELECT count(*) AS db FROM googleConnect where userAccount='%s' AND policy='%s' AND googleSub!='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['googleSub']); + $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v)); + if ($db==1) return 2; // 'masik googleSub van megadva'; + + $q = "SELECT count(*) AS db FROM googleConnect where userAccount!='%s' AND policy='%s' AND googleSub='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'googleSub'=>$ADAT['googleSub']); + $db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v)); + if ($db==1) return 3; // 'masik userAccount van hozzárendelve ehhez a googleSub azonosítóhoz'; + + return false; + } + + function googleapiRevoke() { + $q = "DELETE FROM googleConnect where userAccount='%s' AND policy='%s'"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY); + return db_query($q,array('fv'=>'googleapiRevoke','modul'=>'login','values'=>$v)); + } + function googleapiGrant($ADAT) { + if ($ADAT['googleSub']=='') return 0; + $q = "INSERT IGNORE INTO googleConnect (userAccount,policy,googleSub,googleUserCn,googleUserEmail,studyId) VALUES ('%s','%s','%s','%s','%s','%s')"; + $v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'googleSub'=>$ADAT['googleSub'],_USERACCOUNT.' ('.$ADAT['googleUserCn'].')',$ADAT['googleUserEmail'],_STUDYID); + return db_query($q,array('debug'=>true,'fv'=>'googleapiGrant','modul'=>'login','result'=>'insert','values'=>$v)); + } + +?>
\ No newline at end of file diff --git a/mayor-orig/www/policy/private/session/googleapi.php b/mayor-orig/www/policy/private/session/googleapi.php new file mode 100644 index 00000000..fe079bed --- /dev/null +++ b/mayor-orig/www/policy/private/session/googleapi.php @@ -0,0 +1,28 @@ +<?php + + global $ADAT; + +// putFacebookConnectStatusz($ADAT); + +// echo '<div class="g-signin2" data-onsuccess="onSignIn"></div>'; + +// echo '<h1>Tesztüzem</h1>'; + +// formBegin(); +// echo '<input type="text" name="action" value="googleapiCheck" >'; +// echo '<button type="button" id="googleapiCheckBtn" class="api"><span class="icon-googleplus"></span> Ellenőrzés</button>'; +// formEnd(); + +// formBegin(); +// echo '<input type="hidden" name="action" value="googleGrant" >'; +// echo '<button type="button" id="googleLoginBtn" class="api"><span class="icon-googleplus"></span> Összeköt</button>'; +// formEnd(); + +// formBegin(); +// echo '<input type="text" name="action" value="googleRevoke" >'; +// echo '<button type="submit" class="api"><span class="icon-googleplus"></span> Visszavon</button>'; +// formEnd(); + + putGoogleapiStatusz($ADAT); + +?>
\ No newline at end of file diff --git a/mayor-orig/www/policy/private/session/groupInfo-pre.php b/mayor-orig/www/policy/private/session/groupInfo-pre.php new file mode 100644 index 00000000..97864ffa --- /dev/null +++ b/mayor-orig/www/policy/private/session/groupInfo-pre.php @@ -0,0 +1,43 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + + $toPolicy = readVariable($_POST['toPolicy'], 'enum', + readVariable($_GET['toPolicy'], 'enum', _POLICY, $POLICIES), + $POLICIES + ); + + $groupCn = readVariable($_GET['groupCn'],'regreplace',null,array("[^a-zA-Z0-9\ \.\,_:;űáéúőóüöíŰÁÉÚŐÓÜÖÍ\-]")); + +// egyelőre csak private-ból lehet valaki admin... +// if (memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) define('_ACCESS_AS', _ADMIN_ACCESS); + + if ( + _POLICY == 'private' && + ( + memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']) || + ( + memberOf(_USERACCOUNT,'diakadmin') && + in_array('diak',$userCategories) + ) + ) + ) define('_ACCESS_AS', _ADMIN_ACCESS); + else define('_ACCESS_AS', _OTHER_ACCESS); + + list($backendAttrs,$backendAttrDef) = getBackendAttrs('Group', $toPolicy); + + if ($action == 'changeSettings') { + + changeGroupInfo($groupCn, $toPolicy); + + } + $groupInfo = getGroupInfo($groupCn, $toPolicy); // keretrendszer attribútumai + // backend attribútumai + + if ($groupInfo===false) $_SESSION['alert'][] = 'page::'; + +?> diff --git a/mayor-orig/www/policy/private/session/groupInfo.php b/mayor-orig/www/policy/private/session/groupInfo.php new file mode 100644 index 00000000..6dda377c --- /dev/null +++ b/mayor-orig/www/policy/private/session/groupInfo.php @@ -0,0 +1,12 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + global $groupCn, $groupInfo, $backendAttrDef, $toPolicy; + + putGroupInfoForm($groupCn, $groupInfo, $backendAttrDef, $toPolicy); + +?> diff --git a/mayor-orig/www/policy/private/session/search/searchAccount-pre.php b/mayor-orig/www/policy/private/session/search/searchAccount-pre.php new file mode 100644 index 00000000..2108f631 --- /dev/null +++ b/mayor-orig/www/policy/private/session/search/searchAccount-pre.php @@ -0,0 +1,28 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + $toPolicy = readVariable($_POST['toPolicy'], 'enum', _POLICY, $POLICIES); + + define('__ADMIN', memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])); + define('__DIAKADMIN', memberOf(_USERACCOUNT, 'diakadmin')); + + // valójában így sem jó, mert a lekérdezett backend-től kellene függővé teni a keresés mezőket... + if ($AUTH[_POLICY]['backend'] == 'ad') $searchAttrList = array('userCn', 'userAccount', 'uidNumber', 'studyId'); + else $searchAttrList = array('userCn', 'userAccount', 'studyId'); + + if ($action == 'searchAccount') { + $attr = readVariable($_POST['attr'], 'enum', 'userCn', $searchAttrList); + $pattern = readVariable($_POST['pattern'], 'string'); + $searchResult = searchAccount($attr, $pattern, $searchAttrList, $toPolicy); + } elseif ($action == 'deleteAccount' and __ADMIN === true) { + $userAccount = readVariable($_POST['userAccount'], 'string'); + deleteAccount($userAccount, $toPolicy); + } else { + echo $action; + } + +?> diff --git a/mayor-orig/www/policy/private/session/search/searchAccount.php b/mayor-orig/www/policy/private/session/search/searchAccount.php new file mode 100644 index 00000000..8cfe1d75 --- /dev/null +++ b/mayor-orig/www/policy/private/session/search/searchAccount.php @@ -0,0 +1,16 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + global $attr, $pattern, $searchResult, $searchAttrList, $toPolicy; + + putSearchAccountForm($attr, $pattern, $searchAttrList, $toPolicy); + + if (is_array($searchResult)) { + putSearchResultBox($searchResult, $toPolicy); + } + +?> diff --git a/mayor-orig/www/policy/private/session/search/searchGroup-pre.php b/mayor-orig/www/policy/private/session/search/searchGroup-pre.php new file mode 100644 index 00000000..94deeba2 --- /dev/null +++ b/mayor-orig/www/policy/private/session/search/searchGroup-pre.php @@ -0,0 +1,25 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + $toPolicy = readVariable($_POST['toPolicy'], 'enum', _POLICY, $POLICIES); + + define('__ADMIN', memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])); + define('__DIAKADMIN', memberOf(_USERACCOUNT, 'diakadmin')); + + $searchAttrs = array('groupCn', 'groupDesc'); + if ($action == 'searchGroup') { + $attr = readVariable($_POST['attr'], 'enum', 'groupCn', $searchAttrs); + $pattern = readVariable($_POST['pattern'],'html'); + $searchResult = searchGroup($attr, $pattern, $searchAttrs, $toPolicy); + } elseif (__ADMIN ===true && $action == 'deleteGroup') { + $groupCn = readVariable($_POST['groupCn'], 'html'); // nem biztos hogy id - bizos nem id, hanem a csoport neve + deleteGroup($groupCn, $toPolicy); + } else { + echo $action; + } + +?> diff --git a/mayor-orig/www/policy/private/session/search/searchGroup.php b/mayor-orig/www/policy/private/session/search/searchGroup.php new file mode 100644 index 00000000..c36d0ef6 --- /dev/null +++ b/mayor-orig/www/policy/private/session/search/searchGroup.php @@ -0,0 +1,16 @@ +<?php +/* + Module: base/session +*/ + + if (_RIGHTS_OK !== true) die(); + + global $attr, $pattern, $searchAttrs, $searchResult, $toPolicy; + + putSearchGroupForm($attr, $pattern, $searchAttrs, $toPolicy); + + if (is_array($searchResult)) { + putSearchResultBox($searchResult, $toPolicy); + } + +?> diff --git a/mayor-orig/www/policy/private/session/session-pre.php b/mayor-orig/www/policy/private/session/session-pre.php new file mode 100644 index 00000000..d1c65349 --- /dev/null +++ b/mayor-orig/www/policy/private/session/session-pre.php @@ -0,0 +1,5 @@ +<?php + + header('Location: '.location('index.php?page=session&sub=search&f=searchAccount')); + +?>
\ No newline at end of file diff --git a/mayor-orig/www/policy/private/session/session.php b/mayor-orig/www/policy/private/session/session.php new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/mayor-orig/www/policy/private/session/session.php diff --git a/mayor-orig/www/policy/private/session/sessionAdmin-pre.php b/mayor-orig/www/policy/private/session/sessionAdmin-pre.php new file mode 100644 index 00000000..08b55781 --- /dev/null +++ b/mayor-orig/www/policy/private/session/sessionAdmin-pre.php @@ -0,0 +1,24 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + if (_POLICY != 'private' || !memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) { + $_SESSION['alert'][] = 'page:insufficient_access'; + } else { + + if ($action == 'deleteSession') { + + $policy = readVariable($_POST['delPolicy'], 'enum', null, $POLICIES); + $userAccount = readVariable($_POST['delSessionID'], 'string', null); + if (isset($policy) && isset($userAccount)) { + deleteSession($userAccount, $policy); + } else { $_SESSION['alert'][] = 'message:wrong_data:userAccount,policy:'.$policy.':'.$userAccount; } + + } + $ADAT['session'] = getSessions(); +//echo '<pre>'; var_dump($ADAT); echo '</pre>'; + + } + + +?> diff --git a/mayor-orig/www/policy/private/session/sessionAdmin.php b/mayor-orig/www/policy/private/session/sessionAdmin.php new file mode 100644 index 00000000..d1398e4f --- /dev/null +++ b/mayor-orig/www/policy/private/session/sessionAdmin.php @@ -0,0 +1,9 @@ +<?php + + if (_RIGHTS_OK !== true) die(); + + global $ADAT; + + putSessionList($ADAT); + +?> |