From f51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0 Mon Sep 17 00:00:00 2001
From: M.Gergo
Date: Fri, 8 Mar 2019 21:20:34 +0100
Subject: további rendrakás

---
 .../policy/private/password/changePassword-pre.php |  60 ++++++++++
 .../www/policy/private/password/changePassword.php |   9 ++
 .../mayor-base/www/policy/private/portal/start.php |   0
 .../www/policy/private/session/accountInfo-pre.php |  75 +++++++++++++
 .../www/policy/private/session/accountInfo.php     |  19 ++++
 .../private/session/admin/knownNodes-pre.php       |  39 +++++++
 .../policy/private/session/admin/knownNodes.php    |  10 ++
 .../private/session/admin/registration-pre.php     | 123 +++++++++++++++++++++
 .../policy/private/session/admin/registration.php  |  16 +++
 .../policy/private/session/createAccount-pre.php   | 110 ++++++++++++++++++
 .../www/policy/private/session/createAccount.php   |  12 ++
 .../www/policy/private/session/createGroup-pre.php |  49 ++++++++
 .../www/policy/private/session/createGroup.php     |  12 ++
 .../www/policy/private/session/download-pre.php    |  66 +++++++++++
 .../www/policy/private/session/download.php        |   9 ++
 .../www/policy/private/session/eduroam-pre.php     |   5 +
 .../www/policy/private/session/eduroam.php         |   0
 .../policy/private/session/facebookConnect-pre.php |  91 +++++++++++++++
 .../www/policy/private/session/facebookConnect.php |   7 ++
 .../www/policy/private/session/googleapi-pre.php   | 100 +++++++++++++++++
 .../www/policy/private/session/googleapi.php       |  28 +++++
 .../www/policy/private/session/groupInfo-pre.php   |  43 +++++++
 .../www/policy/private/session/groupInfo.php       |  12 ++
 .../private/session/search/searchAccount-pre.php   |  29 +++++
 .../private/session/search/searchAccount.php       |  16 +++
 .../private/session/search/searchGroup-pre.php     |  25 +++++
 .../policy/private/session/search/searchGroup.php  |  16 +++
 .../www/policy/private/session/session-pre.php     |   5 +
 .../www/policy/private/session/session.php         |   0
 .../policy/private/session/sessionAdmin-pre.php    |  24 ++++
 .../www/policy/private/session/sessionAdmin.php    |   9 ++
 .../www/policy/public/auth/forgotten-pre.php       |  92 +++++++++++++++
 .../www/policy/public/auth/forgotten.php           |  16 +++
 .../www/policy/public/auth/login-pre.php           |  86 ++++++++++++++
 .../mayor-base/www/policy/public/auth/login.php    |  17 +++
 .../public/password/changeMyPassword-pre.php       |  72 ++++++++++++
 .../policy/public/password/changeMyPassword.php    |   9 ++
 .../policy/public/password/resetPassword-pre.php   |  68 ++++++++++++
 .../www/policy/public/password/resetPassword.php   |   9 ++
 .../www/policy/public/portal/rpc/rpc-pre.php       | 104 +++++++++++++++++
 .../mayor-base/www/policy/public/portal/start.php  |   0
 .../mayor-base/www/policy/public/rpc/rpc-pre.php   |  43 +++++++
 .../www/policy/public/session/logout-pre.php       |  29 +++++
 .../www/policy/public/session/set-pre.php          |  10 ++
 44 files changed, 1574 insertions(+)
 create mode 100644 mayor-orig/mayor-base/www/policy/private/password/changePassword-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/password/changePassword.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/portal/start.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/accountInfo-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/accountInfo.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/admin/registration-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/admin/registration.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/createAccount-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/createAccount.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/createGroup-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/createGroup.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/download-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/download.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/eduroam-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/eduroam.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/facebookConnect-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/facebookConnect.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/googleapi-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/googleapi.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/groupInfo-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/groupInfo.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/search/searchAccount-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/search/searchAccount.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/search/searchGroup-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/search/searchGroup.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/session-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/session.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/sessionAdmin-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/private/session/sessionAdmin.php
 create mode 100644 mayor-orig/mayor-base/www/policy/public/auth/forgotten-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/public/auth/forgotten.php
 create mode 100644 mayor-orig/mayor-base/www/policy/public/auth/login-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/public/auth/login.php
 create mode 100644 mayor-orig/mayor-base/www/policy/public/password/changeMyPassword-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/public/password/changeMyPassword.php
 create mode 100644 mayor-orig/mayor-base/www/policy/public/password/resetPassword-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/public/password/resetPassword.php
 create mode 100644 mayor-orig/mayor-base/www/policy/public/portal/rpc/rpc-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/public/portal/start.php
 create mode 100644 mayor-orig/mayor-base/www/policy/public/rpc/rpc-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/public/session/logout-pre.php
 create mode 100644 mayor-orig/mayor-base/www/policy/public/session/set-pre.php

(limited to 'mayor-orig/mayor-base/www/policy')

diff --git a/mayor-orig/mayor-base/www/policy/private/password/changePassword-pre.php b/mayor-orig/mayor-base/www/policy/private/password/changePassword-pre.php
new file mode 100644
index 00000000..08731581
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/password/changePassword-pre.php
@@ -0,0 +1,60 @@
+<?php
+/*
+    Module:	base/password
+
+    Ez még teljesen kiforratlan!
+    Csak átmásoltam a public-ból, és elkezdtem átírni...
+*/
+
+    if (_RIGHTS_OK !== true) die();
+
+    $toPolicy = readVariable($_POST['toPolicy'], 'enum', readVariable($_GET['toPolicy'], 'enum', _POLICY, $POLICIES), $POLICIES);
+
+    // Itt csak a private policy jelszavát lehet módosítani
+//    $toPolicy = 'private';
+    $userAccount = readVariable($_REQUEST['userAccount'], 'emptystringnull');
+
+    // Ha saját jelszavát szeretné változtatni, akkor átirányítjuk oda
+    if ($userAccount == _USERACCOUNT) {
+	header('Location: '.location('index.php?policy=public&page=password&f=changePassword&toPolicy='.$toPolicy,array('lang','skin','sessionID')));
+	exit;
+    }
+
+    // Jogosultság ellenőrzés
+    if (
+	memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']) or
+	(memberOf($userAccount,'diák') and memberOf(_USERACCOUNT,'diakadmin'))
+    ) {
+
+	// Az elküldött név+jelszó ellenőrzése
+	if ($action == 'changePassword') {
+
+		if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php')) {
+    		    require('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php');
+		}
+
+		$newPassword = readVariable($_POST['newPassword'], 'emptystringnull');
+		$verification = readVariable($_POST['verification'], 'emptystringnull');
+
+    	        if ($verification == '' or $newPassword == '') {
+        	    $_SESSION['alert'][] = 'message:empty_field';
+    		} elseif ($verification != $newPassword) {
+    		    $_SESSION['alert'][] = 'message:pw_not_match';
+    		} else {
+
+		    if (changePassword($userAccount, $newPassword, $toPolicy)) {
+			// Módosítsuk a bejelentkezett user eltárolt jelszavát? - hagyjuk inkább... legalább látja, hogy változott valami...
+			// updateSessionPassword($userAccount, $toPolicy, $verification);
+		    } else {
+			$_SESSION['alert'][] = 'message:pw_change_failed';
+		    }
+
+		}
+
+	} // action
+
+    } else {
+	$_SESSION['alert'][] = 'page:insufficient_access';
+    }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/password/changePassword.php b/mayor-orig/mayor-base/www/policy/private/password/changePassword.php
new file mode 100644
index 00000000..f95661e0
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/password/changePassword.php
@@ -0,0 +1,9 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $userAccount, $toPolicy;
+
+    putChangePasswordForm($userAccount, $toPolicy, true); // rögzített policy
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/portal/start.php b/mayor-orig/mayor-base/www/policy/private/portal/start.php
new file mode 100644
index 00000000..e69de29b
diff --git a/mayor-orig/mayor-base/www/policy/private/session/accountInfo-pre.php b/mayor-orig/mayor-base/www/policy/private/session/accountInfo-pre.php
new file mode 100644
index 00000000..9b54adf5
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/accountInfo-pre.php
@@ -0,0 +1,75 @@
+<?php
+/*
+    Module:	base/session
+*/
+
+    if (_RIGHTS_OK !== true) die();
+
+    $userAccount = readVariable($_GET['userAccount'],'userAccount');
+    $toPolicy = readVariable($_POST['toPolicy'], 'enum', 
+		readVariable($_GET['toPolicy'], 'enum', _POLICY, $POLICIES),
+		$POLICIES
+    );
+
+
+    if ($userAccount == '') $userAccount = _USERACCOUNT;
+
+    // Milyen kategóriába sorolható a userAccount, illetve az aktuális user
+    $userCategories = getAccountCategories($userAccount, $toPolicy);
+    if (
+	_POLICY == 'private' &&
+	(
+	    memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']) ||
+	    (
+		memberOf(_USERACCOUNT,'diakadmin') &&
+		in_array('diak',$userCategories)
+	    )
+	)
+    ) define('_ACCESS_AS', _ADMIN_ACCESS);
+    elseif ($userAccount == _USERACCOUNT) define('_ACCESS_AS', _SELF_ACCESS);
+    else define('_ACCESS_AS', _OTHER_ACCESS); 
+
+    list($backendAttrs, $backendAttrDef) = getBackendAttrs('Account', $toPolicy);
+    if ($action == 'changeSettings') {
+
+	changeAccountInfo($userAccount, $toPolicy);
+
+    } elseif ($action=='tokenLogout') {
+
+	revokeTokens();
+
+    } elseif ($action=='userSettingsModify') {
+
+	$changeSkinTo = readVariable($_POST['changeSkinTo'],'enum',null,$SKINSSHOW);
+	setUserSettings($userAccount, $toPolicy, array('skin'=>$changeSkinTo));
+
+    } elseif ($action=='generateEduroamId') {
+	$eduroamDOMAIN = readVariable($_POST['eduroamDOMAIN'],'enum',null,$eduroamDOMAINS);
+	$eduroamPASSWORD =  @exec('pwgen');
+        if (__TANAR===true) {
+            $eduroamAFFILIATION = 'faculty';
+        } elseif (__DIAK===true) {
+            $eduroamAFFILIATION = 'student';
+        } else {
+            $eduroamAFFILIATION = 'staff';
+        }
+	createEduroamSettings(array('userAccount'=>$userAccount,'policy'=> $toPolicy, 
+	    'eduroamUID' => $userAccount,
+	    'eduroamDOMAIN'=>$eduroamDOMAIN, 
+	    'eduroamAFFILIATION'=>$eduroamAFFILIATION, 
+	    'eduroamPASSWORD'=>$eduroamPASSWORD));
+    } elseif ($action=='modoifyEduroamId') {
+	
+    }
+
+    $userInfo = getUserInfo($userAccount, $toPolicy);		// keretrendszer attribútumai
+    $accountInfo = getAccountInfo($userAccount, $toPolicy);	// backend attribútumai
+
+    $ADAT = getUserSettings($userAccount, $toPolicy);
+    $ADAT['activity'] = getMyActivity();
+
+    if ($toPolicy=='private' && _POLICY ==='private') {
+	$ADAT['eduroamAdat'] = getEduroamSettings($userAccount, $toPolicy);
+	// dump($ADAT);
+    }
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/accountInfo.php b/mayor-orig/mayor-base/www/policy/private/session/accountInfo.php
new file mode 100644
index 00000000..66642ef3
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/accountInfo.php
@@ -0,0 +1,19 @@
+<?php
+/*
+    Module:	base/session
+*/
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $accountInfo, $userInfo, $backendAttrDef, $toPolicy;
+    global $ADAT;
+
+    putUserSettingsForm($ADAT);
+
+    putEduroamForm($ADAT);
+
+    putAccountActivityForm($ADAT);
+
+    putAccountInfoForm($userInfo, $accountInfo, $backendAttrDef, $toPolicy);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes-pre.php b/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes-pre.php
new file mode 100644
index 00000000..d166babd
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes-pre.php
@@ -0,0 +1,39 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    if (!__USERADMIN) {
+        $_SESSION['alert'][] = "page:insufficient_access";
+    } else {
+
+    	require('include/share/ssl/ssl.php');
+
+	$ADAT['my']['url'] = $url = substr($_SERVER["HTTP_REFERER"], 0, strpos($_SERVER["HTTP_REFERER"], 'index.php?'));
+	$ADAT['my']['dt'] = date('Y-m-d');
+
+	$RPC = new Interconnect();
+	$ADAT['my']['publicKey'] = $RPC->getPublicKey();
+	$ADAT['my']['nodeId'] = $RPC->getNodeId();
+
+
+	if ($action == 'rpcPing') {
+	    $ADAT['nodeId'] = readVariable($_POST['nodeId'],'id');
+	    $RPC->setRemoteHostByNodeId($ADAT['nodeId']);
+            $RPC->setRequestTarget('base');
+	    $ADAT['pingResult'] = $RPC->sendRequest(array('func'=>'ping'));
+            $ADAT['nodeVersion'] = $ADAT['pingResult']['revision'];
+            //  $RPC->setRequestTarget('controller');
+	} elseif ($action == 'getPublicDataByNodeId') {
+	    $ADAT['nodeId'] = readVariable($_POST['nodeId'],'id');
+            $RPC->setRequestTarget('base');
+	    $RPC->setRemoteHostByNodeId($ADAT['nodeId']);
+	} elseif ($action == 'removeNode') {
+	    $ADAT['nodeId'] = readVariable($_POST['nodeId'],'id');
+	    removeNodeFromLocalKeychain($ADAT['nodeId']);	    
+	}
+
+	$ADAT['nodes'] =  getPublicDataFromLocalKeychain();
+
+    }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes.php b/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes.php
new file mode 100644
index 00000000..e7a95d58
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/admin/knownNodes.php
@@ -0,0 +1,10 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $ADAT;
+
+    putGetNodeData();
+    putKnownNodes($ADAT);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/admin/registration-pre.php b/mayor-orig/mayor-base/www/policy/private/session/admin/registration-pre.php
new file mode 100644
index 00000000..eabc8cfe
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/admin/registration-pre.php
@@ -0,0 +1,123 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    if (!__USERADMIN) {
+        $_SESSION['alert'][] = "page:insufficient_access";
+    } else {
+
+    	require('include/share/ssl/ssl.php');
+
+	$ADAT['NODETIPUSOK'] = array('intézmény','backup','fejlesztői');
+	$ADAT['OSSZEG'] = array(0,1000,2000,3000,5000,10000);;
+	// regisztrációs űrlap elemei (portal-mayor-ból átemelve...
+	$ADAT['MEZOK'] = array(
+	    'nodeTipus' => array('kotelezo'=>true,'options'=>$ADAT['NODETIPUSOK']),
+    	    'nev' => array('kotelezo'=>true),
+    	    'rovidNev' => array(),
+    	    'OMKod' => array(),
+    	    'cimHelyseg' => array('kotelezo'=>true),
+    	    'cimIrsz' => array('kotelezo'=>true),
+    	    'cimKozteruletNev' => array('kotelezo'=>true),
+    	    'cimKozteruletJelleg' => array('kotelezo'=>true),
+    	    'cimHazszam' => array('kotelezo'=>true),
+    	    'telefon' => array(),
+    	    'fax' => array(),
+    	    'email' => array(),
+    	    'honlap' => array(),
+    	    'url' => array(),
+    	    'kapcsolatNev' => array('kotelezo'=>true),
+    	    'kapcsolatEmail' => array('kotelezo'=>true),
+    	    'kapcsolatTelefon' => array(),
+		// külön, más helyen jelennek meg
+    	    'dij'=> array('kotelezo'=>true,'display'=>false,'type'=>'none'), 
+    	    'egyebTamogatas' => array('display'=>false,'type'=>'none'),
+    	    'utemezes'=>array('display'=>false,'type'=>'none'),
+		 // rejtett mezők - nem módosíthatók
+    	    'regId'=>array('display'=>false,'type'=>'none'),
+    	    'dt'=>array('display'=>false),
+    	    'publicKey' => array('kotelezo'=>true,'display'=>false,'readonly'=>true,'type'=>'textarea'),
+	);
+	$ADAT['my']['url'] = $url = substr($_SERVER["HTTP_REFERER"], 0, strpos($_SERVER["HTTP_REFERER"], 'index.php?'));
+	$ADAT['my']['dt'] = date('Y-m-d');
+
+	$RPC = new Interconnect();
+	$ADAT['my']['publicKey'] = $RPC->getPublicKey();
+	$ADAT['my']['nodeId'] = $RPC->getNodeId();
+
+	// regisztráció
+	if ($action == 'sendRegRequest') {
+	    unset($_POST['action']);
+	    $_POST['publicRequest'] = 'registration';
+	    $res = json_decode(sendPublicRequest($_POST), true);
+	    foreach ($res['alert'] as $index => $aAdat) $_SESSION['alert'][] = implode(':',$aAdat);
+	    if ($res['success'] === true)  {
+		setNodeId($res['nodeId'], $ADAT['my']['publicKey']);
+		$ADAT['my']['nodeId'] = $res['nodeId'];
+		$RPC = new Interconnect(); // újracsatlakozás...
+	    }
+	    //dump($res);
+	} elseif ($action == 'checkOldRegByPublicKey') {
+	    $DATA['publicKey'] = $ADAT['my']['publicKey'];
+	    $DATA['publicRequest'] = 'getNodeIdByPublicKey';
+	    // ha kellene ellenőrzés, akkar a választ a publicKey-el kódolva kellene küldeni...
+	    $res = json_decode(sendPublicRequest($DATA), true);
+	    foreach ($res['alert'] as $index => $aAdat) $_SESSION['alert'][] = implode(':',$aAdat);
+	    if ($res['success'] === true)  {
+		setNodeId($res['nodeId'], $ADAT['my']['publicKey']);
+		$ADAT['my']['nodeId'] = $res['nodeId'];
+		$RPC = new Interconnect(); // újracsatlakozás...
+	    }
+	    dump($res);
+	}
+
+	if ($ADAT['my']['nodeId'] != 0)
+	try {
+	    $RPC->setRemoteHostByNodeId(''); // controller
+	    $RPC->setRequestTarget('controller');
+    	    $ADAT['registrationStatus']['result'] = $RPC->sendRequest(array('func'=>'checkRegistration'));
+	    //dump($ADAT['registrationStatus']['result'], $RPC->getStatus());
+	    // Teszt: egy alap metódus lekérdezése...
+	    //$RPC->setRequestTarget('base');
+    	    //  $ADAT['controllerVersion'] = $RPC->sendRequest(array('func'=>'ping'));
+	    //  dump($ADAT['controllerVersion']);
+	    //  $RPC->setRequestTarget('controller');
+	    if ($ADAT['registrationStatus']['result']['valid'] == 1) {
+		$ADAT['regAdat'] = $RPC->getRegistrationDataByNodeId($ADAT['my']['nodeId']);
+		//dump($ADAT['regAdat'], $RPC->getStatus());
+	    }
+	} catch (Exception $e) {
+	    dump("checkRegistration",$e);
+	}
+
+	if ($action == 'modRegAdat') {
+	    $MOD = array();
+	    foreach ($ADAT['regAdat']['nodeData'] as $key => $value) {
+		$newValue = readVariable($_POST[$key], 'string');
+		if (
+		    !in_array($key, array('nodeId','regId','publicKey'))
+		    && str_replace(array("\n","\r","\n\r"),"",$value) != str_replace(array("\n","\r","\n\r"),"",$newValue)
+		    && !is_null($newValue)
+		) $MOD[$key] = $newValue;
+	    }
+	    if (count($MOD) > 0) try {
+		// Interconnect-en keresztül!!
+		$ADAT['modRegData']['result'] = $RPC->sendRequest(
+		    array('func'=>'modRegData', 'data'=>$MOD, 'regId'=>$ADAT['regAdat']['nodeData']['regId'])
+		);
+		// A megjelenítéshez módosítjuk a kirakandó adatokat helyben is.
+		if ($ADAT['modRegData']['result']['result'] === true) {
+		    $_SESSION['alert'][] = 'info:success:A regisztrációs adatokat módosítottuk a regisztrációs szerveren.';
+		    foreach ($MOD as $key => $val) $ADAT['regAdat']['nodeData'][$key] = $val;
+		} else {
+		    $_SESSION['alert'][] = 'message:wrong_data:Az adatmódosítás nem sikerült a regisztrációs szerveren.';
+		}
+	    } catch (Exception $e) {
+		dump("modRegData",$e);
+	    }
+
+	}
+
+    }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/admin/registration.php b/mayor-orig/mayor-base/www/policy/private/session/admin/registration.php
new file mode 100644
index 00000000..6ad2d8e7
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/admin/registration.php
@@ -0,0 +1,16 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $ADAT;
+
+    validRegisztracio($ADAT['registrationStatus']['result']['valid'], $ADAT['my']['nodeId']);
+    if ($ADAT['registrationStatus']['result']['valid'] != 1) {
+	putCheckOldReg($ADAT);
+	putRegisztracio($ADAT);
+    } else {
+	putRegisztracioMod($ADAT);
+    }
+    putPublicKey($ADAT['my']['publicKey']);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/createAccount-pre.php b/mayor-orig/mayor-base/www/policy/private/session/createAccount-pre.php
new file mode 100644
index 00000000..ce789482
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/createAccount-pre.php
@@ -0,0 +1,110 @@
+<?php
+/*
+    Module:	base/session
+    createAccount => byAdmin esetén csak az érintet policy-n belül az adminGroup tagjainak lehet létrehozni új account-ot
+    createAccount => byRegistration esetén bárki regisztrálhat bármely policy-ből
+*/
+
+    if (_RIGHTS_OK !== true) die();
+
+    if (memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) {
+	$DEFAULTS['userAccount'] = readVariable($_GET['userAccount'],'userAccount');
+	$DEFAULTS['userCn'] = readVariable($_GET['userCn'],'emptystringnull');
+	$DEFAULTS['userPassword'] = readVariable($_GET['userPassword'],'emptystringnull');
+	$DEFAULTS['mail'] = readVariable($_GET['email'],'emptystringnull');
+	$DEFAULTS['telephoneNumber'] = readVariable($_GET['tel'],'emptystringnull');
+    }
+
+    $toPolicy = readVariable($_POST['toPolicy'], 'enum', readVariable($_GET['toPolicy'], 'enum',_POLICY, $POLICIES), $POLICIES);
+
+    @$toPSF = $_REQUEST['toPSF'];
+
+    if ($toPolicy != _POLICY) require_once(_CONFIGDIR."/$toPolicy-conf.php");
+    if (
+	(
+    	    $AUTH[$toPolicy]['createAccount'] == 'byAdmin'
+	    and memberOf(_USERACCOUNT, $AUTH['private']['adminGroup'])
+	)
+	or (
+	    $AUTH[$toPolicy]['createAccount'] == 'byRegistration'
+	    && _USERACCOUNT ==''
+	)
+    ) {
+	define('_ENABLE',true);
+    } else {
+	define('_ENABLE',false);
+	$_SESSION['alert'][] = 'page:insufficient_access:#1';
+    }
+
+    if (_ENABLE && $action == 'createAccount' && isset($_POST['new'])) {
+
+        $file = $_FILES['file']['tmp_name'];
+        if ($file != '' && $file != 'none' && file_exists($file)) {
+
+            $uidfp=fopen($file, 'r');
+            while ($sor=fgets($uidfp, 4096)) {
+                list($userCn, $userAccount, $userPassword, $category, $studyId, $container)=explode("	",chop($sor));
+		// A biztonság kedvéért ez a html form validációval egyező legyen 
+		$userCn = readVariable($userCn,'html');
+		$userAccount = readvariable($userAccount,'html');
+		$studyId = readVariable($studyId,'number');
+		$category = readVariable($category, 'enum','',$AUTH[$toPolicy]['categories']);
+		$container = readVariable($container,'enum','',$AUTH[$toPolicy][$AUTH[$toPolicy]['backend'].'Containers']);
+		$policyAccountAttrs = array();
+		if (is_array($AUTH[$toPolicy]['accountAttrs'])) foreach ($AUTH[$toPolicy]['accountAttrs'] as $attr) {
+		    if (isset($$attr) and $$attr != '') $policyAccountAttrs[$attr] = readVariable($$attr, 'string');
+		}
+		if (createAccount($userCn, $userAccount, $userPassword, $toPolicy, array('container'=> $container, 'category' => $category, 'policyAttrs' => $policyAccountAttrs)) ===false) {
+		    $_SESSION['alert'][] = "info:user_create_failure: cn.$userCn|account.$userAccount|policy.$toPolicy|category.$category|container.$container";
+		}
+            }
+            fclose($uidfp);
+
+	} else {
+
+	    // kötelező paraméterek
+	    $userCn = readVariable($_POST['userCn'],'html');
+	    $userAccount = readvariable($_POST['userAccount'],'html');
+	    $studyId = readVariable($_POST['studyId'],'number');
+	    $userPassword = $_POST['userPassword'];
+	    $verification = $_POST['verification'];
+
+	    // opcionális  paraméterek
+	    $category = readVariable($_POST['category'], 'enum','',$AUTH[$toPolicy]['categories']);
+	    $container = readVariable($_POST['container'],'enum','',$AUTH[$toPolicy][$AUTH[$toPolicy]['backend'].'Containers']);
+
+	    $policyAccountAttrs = array();
+	    if (is_array($AUTH[$toPolicy]['accountAttrs'])) foreach ($AUTH[$toPolicy]['accountAttrs'] as $attr) {
+		if (isset($_POST[$attr]) and $_POST[$attr] != '') $policyAccountAttrs[$attr] = readVariable($_POST[$attr], 'string'); // ???
+	    }
+
+            if ($userCn == '' or $userAccount == '' or $userPassword == '' or $verification == '') {
+		// Csak policy váltás történt
+                // $_SESSION['alert'][] = 'message:empty_field';
+            } elseif ($userPassword != $verification) {
+                $_SESSION['alert'][] = 'message:pw_not_match';
+            } else {
+                if (createAccount($userCn, $userAccount, $userPassword, $toPolicy, 
+            		    array('container'=> $container, 'category' => $category, 'policyAttrs' => $policyAccountAttrs))) {
+		    if (
+			_POLICY == 'private'
+			&& memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])
+		    ) header('Location: '.location("index.php?page=session&f=accountInfo&userAccount=$userAccount&toPolicy=$toPolicy"));
+		    elseif (_POLICY == 'public') {
+			$toPSF = ($toPSF=='') ? 'auth::login' : $toPSF;
+			header(
+			    'Location: '.location("index.php?page=auth&f=login&userAccount=$userAccount&policy=public&toPolicy=$toPolicy&toPSF=$toPSF", array('skin','lang','sessionID'))
+			);
+		    } else {
+			$toPSF = ($toPSF=='') ? 'session::accountInfo' : $toPSF;
+			header(
+			    'Location: '.location("index.php?page=auth&f=login&userAccount=$userAccount&policy=public&toPolicy=$toPolicy&toPSF=$toPSF", array('skin','lang','sessionID'))
+			);
+		    }
+		}
+            }
+        }
+
+    }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/createAccount.php b/mayor-orig/mayor-base/www/policy/private/session/createAccount.php
new file mode 100644
index 00000000..94c4b703
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/createAccount.php
@@ -0,0 +1,12 @@
+<?php
+/*
+    Module:	base/session
+*/
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $toPolicy,$DEFAULTS;
+
+    putCreateAccountForm($toPolicy, $DEFAULTS);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/createGroup-pre.php b/mayor-orig/mayor-base/www/policy/private/session/createGroup-pre.php
new file mode 100644
index 00000000..8b65ce02
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/createGroup-pre.php
@@ -0,0 +1,49 @@
+<?php
+/*
+    Module:	base/session
+*/
+
+    if (_RIGHTS_OK !== true) die();
+
+    if (_POLICY == 'private' && memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) {
+    } else {
+	$_SESSION['alert'][] = 'page:insufficient_access';
+    }
+    $toPolicy = readVariable($_POST['toPolicy'], 'enum', _POLICY, $POLICIES);
+
+    if ($action == 'createGroup') {
+
+        $file = $_FILES['file']['tmp_name'];
+        if ($file != '' and $file != 'none' and file_exists($file)) {
+/*            $uidfp=fopen($file, 'r');
+            while ($sor=fgets($uidfp, 4096)) {
+                list($groupCn, $groupDesc, $category)=explode("	",chop($sor));
+    !!!!!!!!            createGroup($groupCn, $groupDesc, $category, $toPolicy);
+            }
+            fclose($uidfp);
+*/
+        } else {
+
+	    $groupCn = readVariable($_POST['groupCn'],'html');
+	    $groupDesc = readVariable($_POST['groupDesc'],'html');
+	    $category = readVariable($_POST['category'],'enum',null,$AUTH[_POLICY]['categories']);
+	    $container = readVariable($_POST['container'],'enum','',$AUTH[$toPolicy][$AUTH[$toPolicy]['backend'].'Containers']);
+            $policyGroupAttrs = array();
+            if (is_array($AUTH[$toPolicy]['groupAttrs'])) foreach ($AUTH[$toPolicy]['groupAttrs'] as $attr) {
+                if (isset($_POST[$attr]) and $_POST[$attr] != '') $policyGroupAttrs[$attr] = readVariable($_POST[$attr], 'string'); // ???
+            }
+
+            if ($groupCn == '' || $groupDesc == '' || $category == '') {
+		// Csak policy váltás
+                //$_SESSION['alert'][] = 'message:empty_field'.":$groupCn:$groupDesc:$category";
+            } else {
+                if (createGroup($groupCn, $groupDesc, $toPolicy, array('container'=> $container, 'policyAttrs' => $policyGroupAttrs))) {
+		    header('Location: '.location("index.php?page=session&f=groupInfo&groupCn=$groupCn&toPolicy=$toPolicy"));
+		}
+            }
+        }
+
+
+    }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/createGroup.php b/mayor-orig/mayor-base/www/policy/private/session/createGroup.php
new file mode 100644
index 00000000..a914ceaf
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/createGroup.php
@@ -0,0 +1,12 @@
+<?php
+/*
+    Module:	base/session
+*/
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $toPolicy;
+
+    putCreateGroupForm($toPolicy);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/download-pre.php b/mayor-orig/mayor-base/www/policy/private/session/download-pre.php
new file mode 100644
index 00000000..6b396143
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/download-pre.php
@@ -0,0 +1,66 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+    if (!((defined('_POLICY') && _POLICY=='public') 
+	    || (defined('__TITKARSAG') && __TITKARSAG===true) 
+	    || (defined('__TANAR') && __TANAR===true) 
+	    || (defined('__NAPLOADMIN') && __NAPLOADMIN===true)
+	    || (defined('__DIAK') && __DIAK===true) 
+    )) {
+	return false;
+    }
+
+    // $file  -  csak a file neve, útvonal nem lehet benne
+    if (isset($_POST['file']) && $_POST['file'] != '') $file = basename($_POST['file']);
+    elseif (isset($_GET['file']) && $_GET['file'] != '') $file = basename($_GET['file']);
+
+    if (!isset($file)) $_SESSION['alert'][] = 'page:empty_fields:file';
+    else {
+	// $dir  -  betű, szám, -, _, és / lehet benne (elején csak betű vagy szám)
+	$dir = readVariable($_POST['dir'], 'path', readVariable($_GET['dir'], 'path'));
+
+	// Az útvonal beállítása
+	$path = _DOWNLOADDIR.'/'._POLICY;
+	if (isset($dir)) $path .= '/'.$dir;
+	$path .= '/'.$file;
+
+	// Jogosultságok ellenőzése dir alapján
+	if (__DIAK===true) {
+	    if (strstr($dir,'naplo/face/')===false) return false;
+	}
+	// Titkarsag, Tanar, Naploadmin letoltheti, amit szeretne
+
+	// Létezik-e a file
+	if (!file_exists($path)) $_SESSION['alert'][] = 'page:file_not_found:'.substr($path, strlen(_DOWNLOADDIR.'/'._POLICY.'/')).':'.$path;
+	else {
+
+	    $ADAT['path'] = $path;
+	    $ADAT['dir'] = $dir;
+	    $ADAT['file'] = $file;
+	    $ADAT['ext'] = strtolower(substr(strrchr($file,"."),1));
+	    $ADAT['size'] = filesize($path);
+	    $ADAT['mime'] = readVariable($_POST['mimetype'], 'enum', readVariable($_GET['mimetype'], 'enum', null, $allowedMimeTypes), $allowedMimeTypes);
+
+	    // MiME típus megállapítása
+	    if (!isset($ADAT['mime'])) {
+		if ($allowedExtensions[$ADAT['ext']] != '') $ADAT['mime'] = $allowedExtensions[$ADAT['ext']];
+		else {
+		    if (function_exists('mime_content_type')) {
+			$ADAT['mime'] = mime_content_type($ADAT['path']);
+		    } elseif (function_exists('finfo_file')) {
+			$finfo = finfo_open(FILEINFO_MIME);
+			$ADAT['mime'] = finfo_file($finfo, $ADAT['path']);
+			finfo_close($finfo);
+		    }
+		    if ($ADAT['mime'] == '') $ADAT['mime'] = "application/force-download";
+		}
+	    }
+	    if (in_array($ADAT['mime'],array('image/gif','image/png','image/jpeg','image/jpeg'))) $ADAT['pure']=true;
+	    // letöltés
+	    if (isset($_GET['download'])) passFile($ADAT);
+
+	}
+    }
+
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/download.php b/mayor-orig/mayor-base/www/policy/private/session/download.php
new file mode 100644
index 00000000..12d907a9
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/download.php
@@ -0,0 +1,9 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $ADAT;
+
+    if (is_array($ADAT)) putDownloadForm($ADAT);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/eduroam-pre.php b/mayor-orig/mayor-base/www/policy/private/session/eduroam-pre.php
new file mode 100644
index 00000000..40a406cd
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/eduroam-pre.php
@@ -0,0 +1,5 @@
+<?php
+
+    getEduroamAdat();
+
+?>
\ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/private/session/eduroam.php b/mayor-orig/mayor-base/www/policy/private/session/eduroam.php
new file mode 100644
index 00000000..e69de29b
diff --git a/mayor-orig/mayor-base/www/policy/private/session/facebookConnect-pre.php b/mayor-orig/mayor-base/www/policy/private/session/facebookConnect-pre.php
new file mode 100644
index 00000000..b0988ae5
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/facebookConnect-pre.php
@@ -0,0 +1,91 @@
+<?php
+
+    if (__FBCONNECT_ENABLED !== true ) return false;
+
+    if (version_compare(PHP_VERSION, '5.4.0', '<')) {
+            return false;
+    } else {
+            /* facebook login start */
+            require_once ('include/share/facebook/autoload.php');
+            $fb = new Facebook\Facebook(array(
+                'app_id' => __FB_APP_ID,
+                'app_secret' => __FB_APP_SECRET,
+		'cookie'     => true,
+		'status'     => true,
+                'default_graph_version' => 'v2.5',
+            ));
+	    $oAuth2Client = $fb->getOAuth2Client();
+
+            $helper = $fb->getJavaScriptHelper();
+            try {
+                $accessToken = $helper->getAccessToken();
+		// convert
+		if ($accessToken !='' && !$accessToken->isLongLived()) {
+		    try {
+			$accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
+		    } catch (Facebook\Exceptions\FacebookSDKException $e) {
+			$_SESSION['alert'][] = "info::Error getting long-lived access token: " . $helper->getMessage() . "";
+		    }
+		}
+            } catch(Facebook\Exceptions\FacebookResponseException $e) {
+                // When Graph returns an error
+                $_SESSION['alert'][] = 'info::Graph returned an error: ' . $e->getMessage();
+            } catch(Facebook\Exceptions\FacebookSDKException $e) {
+                // When validation fails or other local issues
+                $_SESSION['alert'][] = 'info::Facebook SDK returned an error: ' . $e->getMessage();
+            }
+            if (isset($accessToken)) {
+                $_SESSION['facebook_access_token'] = (string) $accessToken;
+                $_SESSION['facebook_access_token_object'] = $accessToken;
+                $response = $fb->get('/me?fields=id,name,email',$accessToken);
+                $userNode = $response->getGraphUser();
+                $ADAT['fbUserId'] = $userNode->getField('id');
+                $ADAT['fbUserCn'] = $userNode->getField('name');
+                $ADAT['fbUserEmail'] = $userNode->getField('email');
+	    }
+    }
+    if ($action=='revokeFbAuth') {
+	fbConnectRevoke($ADAT['fbUserId']);	
+    } elseif ($action=='grantFbAuth') {
+	fbConnectGrant($ADAT);	
+    }
+
+    $ADAT['fbUserIdStatusz'] = checkFbConnectAssoc($ADAT);
+
+    function checkFbConnectAssoc($ADAT) {
+	if ($ADAT['fbUserId']=='') return 0;
+
+	$q = "SELECT count(*) AS db FROM facebookConnect where userAccount='%s' AND policy='%s' AND fbUserId='%s'";
+	$v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId']);
+	$db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v));
+	if ($db==1) return 1; // 'OK';
+
+	$q = "SELECT count(*) AS db FROM facebookConnect where userAccount='%s' AND policy='%s' AND fbUserId!='%s'";
+	$v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId']);
+	$db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v));
+	if ($db==1) return 2; // 'masik fbUserId van megadva';
+
+	$q = "SELECT count(*) AS db FROM facebookConnect where userAccount!='%s' AND policy='%s' AND fbUserId='%s'";
+	$v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId']);
+	$db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v));
+	if ($db==1) return 3; // 'masik userAccount van hozzárendelve ehhez a fb azonosítóhoz';
+
+	return false;
+    }
+
+    function fbConnectRevoke($fbUserId) {
+	if ($fbUserId=='') return 0;
+
+	$q = "DELETE FROM facebookConnect where userAccount='%s' AND policy='%s' AND fbUserId='%s'";
+	$v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$fbUserId);
+	return db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','values'=>$v));
+    }
+    function fbConnectGrant($ADAT) {
+	if ($ADAT['fbUserId']=='') return 0;
+
+	$q = "INSERT IGNORE INTO facebookConnect (userAccount,policy,fbUserId,fbUserCn,fbUserEmail,studyId) VALUES ('%s','%s','%s','%s','%s','%s')";
+	$v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['fbUserId'],'fbUserCn'=>_USERCN.' ('.$ADAT['fbUserCn'].')','fbUserEmail'=>$ADAT['fbUserEmail'],'studyId'=>_STUDYID);
+	return db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'insert','values'=>$v));
+    }
+
+?>
\ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/private/session/facebookConnect.php b/mayor-orig/mayor-base/www/policy/private/session/facebookConnect.php
new file mode 100644
index 00000000..e125c680
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/facebookConnect.php
@@ -0,0 +1,7 @@
+<?php
+
+    global $ADAT;
+
+    putFacebookConnectStatusz($ADAT);
+
+?>
\ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/private/session/googleapi-pre.php b/mayor-orig/mayor-base/www/policy/private/session/googleapi-pre.php
new file mode 100644
index 00000000..49438dcc
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/googleapi-pre.php
@@ -0,0 +1,100 @@
+<?php
+
+    if (__GOOGLEAPI_ENABLED !== true ) return false;
+
+    if (version_compare(PHP_VERSION, '5.4.0', '<')) {
+        return false;
+    } else {
+        require_once ('include/share/googleapi/autoload.php');
+
+	if ($action=='googleapiRevoke') {
+	    googleapiRevoke();	
+	    unset($_SESSION['googleapi_id_token']);
+	    unset($_SESSION['googleapi_object']);
+	} elseif ($action=='googleapiGrant') {
+	    // itt nem áll rendelkezésre adat! googleapiGrant($ADAT);
+	    // a get id_token résznél kötjük össze a usert és irányítjuk tovább
+	}
+	//$ADAT['googleapiStatus'] = googleapiCheckAssoc($ADAT);
+	if ($_SESSION['googleapi_id_token']!='') { 
+	    // van azonosított user
+	    // a sessionben rendelkezésre is áll az objektum (googleapi_object), 
+	    // de itt most lekérdezzük a google szervertől újra!
+            $redirect_uri = _BASE_URL.'/index.php';
+            $client = new Google_Client();
+            $client->setClientId(__GOOGLEAPI_CLIENT_ID);
+            $client->setClientSecret(__GOOGLEAPI_CLIENT_SECRET);
+	    $client->setScopes('email');
+	    // $client->setAccessToken($_SESSION['googleapi_id_token']);
+	    try {
+                $ADAT['payload'] = $payload = $client->verifyIdToken($_SESSION['googleapi_id_token']);
+		$ADAT['googleapiStatusz'] = 1;
+            } catch(Exception $e) {
+                $_SESSION['alert'][] = 'info::googleapi SDK hiba: ' . $e->getMessage();
+		$ADAT['googleapiStatusz'] = 2;
+            }
+	} elseif ($_GET['id_token']!='') {
+            $redirect_uri = _BASE_URL.'/index.php';
+            $client = new Google_Client();
+            //$client->setAuthConfig($oauth_credentials);
+            $client->setClientId(__GOOGLEAPI_CLIENT_ID);
+            $client->setClientSecret(__GOOGLEAPI_CLIENT_SECRET);
+//            $client->setRedirectUri($redirect_uri);
+	    $client->setScopes('email');
+	    try {
+                $payload = $client->verifyIdToken($_GET['id_token']);
+            } catch(Exception $e) {
+                $_SESSION['alert'][] = 'info::googleapi SDK hiba: ' . $e->getMessage();
+            }
+            if (isset($payload['sub'])) { // subject
+                $_SESSION['google_access_token'] = (string) $payload;
+                $_SESSION['google_access_token_object'] = $payload;
+                // mayor auth start
+                $accountInformation=array();
+                $toPolicy = 'public';
+		  $ADAT['googleSub'] = $payload['sub'];
+//                $ADAT['fbUserId'] = $userNode->getField('id');
+                $ADAT['googleUserCn'] = $payload['name'];
+                $ADAT['googleUserEmail'] = $payload['email'];
+		googleapiGrant($ADAT);
+                /* mayor auth stop */
+            } else {
+                $_SESSION['alert'][] = 'info:nem érvényes accessToken';
+            }
+	}
+
+    }
+    function googleapiCheckAssoc($ADAT) {
+	if ($ADAT['googleSub']=='') return 0;
+
+	$q = "SELECT count(*) AS db FROM googleConnect where userAccount='%s' AND policy='%s' AND googleSub='%s'";
+	$v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['googleSub']);
+	$db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v));
+	if ($db==1) return 1; // 'OK';
+
+	$q = "SELECT count(*) AS db FROM googleConnect where userAccount='%s' AND policy='%s' AND googleSub!='%s'";
+	$v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'fbUserId'=>$ADAT['googleSub']);
+	$db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v));
+	if ($db==1) return 2; // 'masik googleSub van megadva';
+
+	$q = "SELECT count(*) AS db FROM googleConnect where userAccount!='%s' AND policy='%s' AND googleSub='%s'";
+	$v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'googleSub'=>$ADAT['googleSub']);
+	$db = db_query($q,array('fv'=>'facebookConnectCheck','modul'=>'login','result'=>'value','values'=>$v));
+	if ($db==1) return 3; // 'masik userAccount van hozzárendelve ehhez a googleSub azonosítóhoz';
+
+	return false;
+    }
+
+    function googleapiRevoke() {
+	$q = "DELETE FROM googleConnect where userAccount='%s' AND policy='%s'";
+	$v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY);
+	return db_query($q,array('fv'=>'googleapiRevoke','modul'=>'login','values'=>$v));
+    }
+    function googleapiGrant($ADAT) {
+	if ($ADAT['googleSub']=='') return 0;
+	$q = "INSERT IGNORE INTO googleConnect (userAccount,policy,googleSub,googleUserCn,googleUserEmail,studyId) VALUES ('%s','%s','%s','%s','%s','%s')";
+	$v = array('userAccount'=>_USERACCOUNT,'policy'=>_POLICY,'googleSub'=>$ADAT['googleSub'],_USERACCOUNT.' ('.$ADAT['googleUserCn'].')',$ADAT['googleUserEmail'],_STUDYID);
+	return db_query($q,array('debug'=>true,'fv'=>'googleapiGrant','modul'=>'login','result'=>'insert','values'=>$v));
+    }
+
+?>
\ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/private/session/googleapi.php b/mayor-orig/mayor-base/www/policy/private/session/googleapi.php
new file mode 100644
index 00000000..fe079bed
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/googleapi.php
@@ -0,0 +1,28 @@
+<?php
+
+    global $ADAT;
+
+//    putFacebookConnectStatusz($ADAT);
+
+//    echo '<div class="g-signin2" data-onsuccess="onSignIn"></div>';
+
+//    echo '<h1>Tesztüzem</h1>';
+
+//    formBegin();
+//    echo '<input type="text" name="action" value="googleapiCheck" >';
+//    echo '<button type="button" id="googleapiCheckBtn" class="api"><span class="icon-googleplus"></span> Ellenőrzés</button>';
+//    formEnd();
+
+//	formBegin();
+//	echo '<input type="hidden" name="action" value="googleGrant" >';
+//	echo '<button type="button" id="googleLoginBtn" class="api"><span class="icon-googleplus"></span> Összeköt</button>';
+//	formEnd();
+
+//    formBegin();
+//    echo '<input type="text" name="action" value="googleRevoke" >';
+//    echo '<button type="submit" class="api"><span class="icon-googleplus"></span> Visszavon</button>';
+//    formEnd();
+
+    putGoogleapiStatusz($ADAT);
+
+?>
\ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/private/session/groupInfo-pre.php b/mayor-orig/mayor-base/www/policy/private/session/groupInfo-pre.php
new file mode 100644
index 00000000..97864ffa
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/groupInfo-pre.php
@@ -0,0 +1,43 @@
+<?php
+/*
+    Module:	base/session
+*/
+
+    if (_RIGHTS_OK !== true) die();
+
+
+    $toPolicy = readVariable($_POST['toPolicy'], 'enum',
+                readVariable($_GET['toPolicy'], 'enum', _POLICY, $POLICIES),
+                $POLICIES
+    );
+	    	    
+    $groupCn = readVariable($_GET['groupCn'],'regreplace',null,array("[^a-zA-Z0-9\ \.\,_:;űáéúőóüöíŰÁÉÚŐÓÜÖÍ\-]"));
+
+// egyelőre csak private-ból lehet valaki admin...
+//    if (memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) define('_ACCESS_AS', _ADMIN_ACCESS);
+
+    if (
+        _POLICY == 'private' &&
+        (
+            memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']) ||
+            (
+                memberOf(_USERACCOUNT,'diakadmin') &&
+                in_array('diak',$userCategories)
+            )
+        )
+    ) define('_ACCESS_AS', _ADMIN_ACCESS);
+    else define('_ACCESS_AS', _OTHER_ACCESS); 
+
+    list($backendAttrs,$backendAttrDef) = getBackendAttrs('Group', $toPolicy);
+
+    if ($action == 'changeSettings') {
+
+	changeGroupInfo($groupCn, $toPolicy);
+
+    }
+    $groupInfo = getGroupInfo($groupCn, $toPolicy);	// keretrendszer attribútumai
+    							// backend attribútumai
+
+    if ($groupInfo===false) $_SESSION['alert'][] = 'page::';
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/groupInfo.php b/mayor-orig/mayor-base/www/policy/private/session/groupInfo.php
new file mode 100644
index 00000000..6dda377c
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/groupInfo.php
@@ -0,0 +1,12 @@
+<?php
+/*
+    Module:	base/session
+*/
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $groupCn, $groupInfo, $backendAttrDef, $toPolicy;
+
+    putGroupInfoForm($groupCn, $groupInfo, $backendAttrDef, $toPolicy);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount-pre.php b/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount-pre.php
new file mode 100644
index 00000000..1ef93e95
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount-pre.php
@@ -0,0 +1,29 @@
+<?php
+/*
+    Module:	base/session
+*/
+
+    if (_RIGHTS_OK !== true) die();
+
+    $toPolicy = readVariable($_POST['toPolicy'], 'enum', _POLICY, $POLICIES);
+
+    define('__ADMIN', memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']));
+    define('__DIAKADMIN', memberOf(_USERACCOUNT, 'diakadmin'));
+
+    // valójában így sem jó, mert a lekérdezett backend-től kellene függővé teni a keresés mezőket...
+    if ($AUTH[_POLICY]['backend'] == 'ad') $searchAttrList = array('userCn', 'userAccount', 'uidNumber', 'studyId');
+    else $searchAttrList = array('userCn', 'userAccount', 'studyId');
+
+    if ($action == 'searchAccount') {
+        $attr = readVariable($_POST['attr'], 'enum', 'userCn', $searchAttrList);
+        $pattern = readVariable($_POST['pattern'], 'string');
+        $searchResult = searchAccount($attr, $pattern, $searchAttrList, $toPolicy);
+    } elseif ($action == 'deleteAccount' and __ADMIN === true) {
+        $userAccount = readVariable($_POST['userAccount'], 'string');
+	deleteAccount($userAccount, $toPolicy);
+    } else {
+	echo $action;
+    }
+
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount.php b/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount.php
new file mode 100644
index 00000000..727706ee
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/search/searchAccount.php
@@ -0,0 +1,16 @@
+<?php
+/*
+    Module:	base/session
+*/
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $attr, $pattern, $searchResult, $searchAttrList, $toPolicy, $ADAT;
+
+    putSearchAccountForm($attr, $pattern, $searchAttrList, $toPolicy);
+
+    if (is_array($searchResult)) {
+        putSearchResultBox($searchResult, $toPolicy);
+    }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup-pre.php b/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup-pre.php
new file mode 100644
index 00000000..94deeba2
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup-pre.php
@@ -0,0 +1,25 @@
+<?php
+/*
+    Module:	base/session
+*/
+
+    if (_RIGHTS_OK !== true) die();
+
+    $toPolicy = readVariable($_POST['toPolicy'], 'enum', _POLICY, $POLICIES);
+
+    define('__ADMIN', memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup']));
+    define('__DIAKADMIN', memberOf(_USERACCOUNT, 'diakadmin'));
+
+    $searchAttrs = array('groupCn', 'groupDesc');
+    if ($action == 'searchGroup') {
+        $attr 	 = readVariable($_POST['attr'], 'enum', 'groupCn', $searchAttrs);
+        $pattern = readVariable($_POST['pattern'],'html');
+        $searchResult = searchGroup($attr, $pattern, $searchAttrs, $toPolicy);
+    } elseif (__ADMIN ===true && $action == 'deleteGroup') {
+	$groupCn = readVariable($_POST['groupCn'], 'html'); // nem biztos hogy id - bizos nem id, hanem a csoport neve
+	deleteGroup($groupCn, $toPolicy);
+    } else {
+	echo $action;
+    }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup.php b/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup.php
new file mode 100644
index 00000000..c36d0ef6
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/search/searchGroup.php
@@ -0,0 +1,16 @@
+<?php
+/*
+    Module:	base/session
+*/
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $attr, $pattern, $searchAttrs, $searchResult, $toPolicy;
+
+    putSearchGroupForm($attr, $pattern, $searchAttrs, $toPolicy);
+
+    if (is_array($searchResult)) {
+        putSearchResultBox($searchResult, $toPolicy);
+    }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/session-pre.php b/mayor-orig/mayor-base/www/policy/private/session/session-pre.php
new file mode 100644
index 00000000..d1c65349
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/session-pre.php
@@ -0,0 +1,5 @@
+<?php
+
+    header('Location: '.location('index.php?page=session&sub=search&f=searchAccount'));
+
+?>
\ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/private/session/session.php b/mayor-orig/mayor-base/www/policy/private/session/session.php
new file mode 100644
index 00000000..e69de29b
diff --git a/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin-pre.php b/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin-pre.php
new file mode 100644
index 00000000..08b55781
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin-pre.php
@@ -0,0 +1,24 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    if (_POLICY != 'private' || !memberOf(_USERACCOUNT, $AUTH[_POLICY]['adminGroup'])) {
+	$_SESSION['alert'][] = 'page:insufficient_access';
+    } else {
+
+	if ($action == 'deleteSession') {
+
+	    $policy = readVariable($_POST['delPolicy'], 'enum', null, $POLICIES);
+	    $userAccount = readVariable($_POST['delSessionID'], 'string', null);
+	    if (isset($policy) && isset($userAccount)) {
+		deleteSession($userAccount, $policy);
+	    } else { $_SESSION['alert'][] = 'message:wrong_data:userAccount,policy:'.$policy.':'.$userAccount; }
+	
+	}
+	$ADAT['session'] = getSessions();
+//echo '<pre>'; var_dump($ADAT); echo '</pre>';
+
+    }
+
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin.php b/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin.php
new file mode 100644
index 00000000..d1398e4f
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/private/session/sessionAdmin.php
@@ -0,0 +1,9 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $ADAT;
+
+    putSessionList($ADAT);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/public/auth/forgotten-pre.php b/mayor-orig/mayor-base/www/policy/public/auth/forgotten-pre.php
new file mode 100644
index 00000000..76ffaebb
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/public/auth/forgotten-pre.php
@@ -0,0 +1,92 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    require_once('include/share/net/phpmailer.php');
+
+    $ADAT['userAccount'] = readVariable($_POST['userAccount'], 'string', readVariable($_GET['userAccount'], 'string', null));
+    $ADAT['toPolicy'] = readVariable($_POST['toPolicy'], 'enum', readVariable($_GET['toPolicy'], 'enum', 'parent', array('parent','private')), array('parent','private'));
+    $ADAT['mail'] = readVariable($_POST['mail'], 'string', null);
+
+    if ($AUTH[$ADAT['toPolicy']]['enablePasswordReset']!==true) {
+	//$_SESSION['alert'][] = 'info:pw_reset_disabled';
+	$ADAT['forgotDisabled'] = true;
+    }
+
+/* Under dev
+    foreach(array('private','parent','public') as $_policy) {
+	if ($ADAT['toPolicy']==$_policy && $AUTH[$_policy]['enablePasswordReset']!==true) $ADAT['forgotDisabled'] = true;
+    }
+*/
+    if ($action == 'sendResetPasswordMail') {
+
+	// TODO - ez a kettő összevonható, kukac tuti nincs a felhasználónévben
+	// TODO - megviszgálhatnánk, hogy milyen authentikációs levelen van a user
+	// TODO - mármint, ahol megváltoztatható egyáltalán a jelszó...
+	require_once('include/modules/session/search/searchAccount.php');
+	if (isset($ADAT['userAccount'])) {
+	    $ADAT['accounts'] = searchAccount('userAccount', $ADAT['userAccount'], $searchAttrs = array('userCn','mail','userAccount'), $ADAT['toPolicy']);
+	    for ($i=0; $i<$ADAT['accounts']['count']; $i++) {
+		if ($ADAT['userAccount'] == $ADAT['accounts'][$i]['userAccount'][0] && $ADAT['accounts'][$i]['mail'][0] != '') {
+		    $ADAT['account'] = array(
+			'policy' => $ADAT['toPolicy'],
+			'userAccount' => $ADAT['accounts'][$i]['userAccount'][0],
+			'userCn' => $ADAT['accounts'][$i]['userCn'][0],
+			'mail' => current(explode(' ',str_replace(';',' ',trim($ADAT['accounts'][$i]['mail'][0])))),
+		    );
+		    break;
+		}
+	    }
+	} elseif (isset($ADAT['mail'])) {
+	    $ADAT['accounts'] = searchAccount('mail', $ADAT['mail'], $searchAttrs = array('userCn','mail','userAccount'), $ADAT['toPolicy']);
+	    for ($i=0; $i<$ADAT['accounts']['count']; $i++) {
+		if ($ADAT['mail'] == $ADAT['accounts'][$i]['mail'][0] && $ADAT['accounts'][$i]['mail'][0] != '') {
+		    $ADAT['account'] = array(
+			'policy' => $ADAT['toPolicy'],
+			'userAccount' => $ADAT['accounts'][$i]['userAccount'][0],
+			'userCn' => $ADAT['accounts'][$i]['userCn'][0],
+			'mail' => current(explode(' ',str_replace(';',' ',trim($ADAT['accounts'][$i]['mail'][0])))),
+		    );
+		    break;
+		}
+	    }
+	}
+
+	// Recovery
+	if (is_array($ADAT['account'])) {	     
+	    $recoveryRequest = generatePasswordRecoveryRequest($ADAT['account']);
+	    if ($recoveryRequest!=false) {
+		$ADAT['account']['url'] = $recoveryRequest;
+		// levél generálása és kiküldése
+		$body = '<html><head><title></title></head><body>
+<p>Az alábbi linkre kattintva magadhatod az új MaYoR-jelszavadat.</p>
+<p>Ha nem te küldted az igénylést, tekintsd a levelet tárgytalannak!</p>
+<p class="link">'.$recoveryRequest.'</p>
+<p>'.__SUPPORT_EMAIL_NAME.' ('.__SUPPORT_EMAIL_ADDRESS.')</p>
+</body></html>';
+		/* MAIL */
+		if (__EMAIL_ENABLED===true) {
+		    $mail             = new PHPMailer();
+		    $mail->CharSet = 'UTF-8';
+		    $mail->SetFrom(__SUPPORT_EMAIL_ADDRESS,__SUPPORT_EMAIL_NAME);
+		    $mail->AddAddress($ADAT['account']['mail'], $ADAT['account']['userCn']);
+        	    $mail->Subject    = "[MaYoR] Jelszóemlékeztető";
+    		    $mail->MsgHTML($body);
+		    $mail->Send();
+		} else {
+		    //dump(__EMAIL_ENABLED);
+		    //dump(__SUPPORT_EMAIL_ADDRESS);
+		    //dump(__SUPPORT_EMAIL_NAME);
+		}
+		/* -- */
+//		$_SESSION['alert'][] = 'info:success';
+	    } else {
+//		$_SESSION['alert'][] = 'info:success'; // nem üzenünk hibát
+	    }
+	} else {
+//	    $_SESSION['alert'][] = 'message:wrong_data:Nincs ilyen azonosító, vagy nincs rögzítve e-mail cím az azonosítóhoz! ('.$ADAT['userAccount'].')';
+	}
+
+    }
+
+?>
\ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/public/auth/forgotten.php b/mayor-orig/mayor-base/www/policy/public/auth/forgotten.php
new file mode 100644
index 00000000..bd751c83
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/public/auth/forgotten.php
@@ -0,0 +1,16 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $ADAT,$action;
+
+    if ($ADAT['forgotDisabled']===true) 
+	putForgotDisabled();
+    elseif (!is_array($ADAT['account']) && $action=='') {
+	putForgotPasswordForm($ADAT);
+	putForgotUserAccountForm($ADAT);
+    } else {
+	putForgotThankyou();
+    }
+    putBackToLogin($ADAT);
+?>
\ No newline at end of file
diff --git a/mayor-orig/mayor-base/www/policy/public/auth/login-pre.php b/mayor-orig/mayor-base/www/policy/public/auth/login-pre.php
new file mode 100644
index 00000000..c524751f
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/public/auth/login-pre.php
@@ -0,0 +1,86 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    if (defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) { // kompatibilitási okokból
+	$toPolicy = readVariable($_REQUEST['toPolicy'], 'enum', 'private', $POLICIES);
+    } else {
+	$toPolicy = 'private'; // force
+    }
+    $toSkin = readVariable($_POST['toSkin'], 'enum', readVariable($_GET['toSkin'], 'enum', null, $SKINSSHOW), $SKINSSHOW);
+    @list($toPage,$toSub,$toF) = readVariable(explode(':',$_REQUEST['toPSF']), 'strictstring');
+    $toPSF = "$toPage:$toSub:$toF";
+
+// Ha már az adott sessionID-vel belépett az adott policy-ra, akkor ne lépjen be újra
+//    if ($sessionID != '' and validUser($sessionID, $toPolicy)) {
+//	header('Location: '.location("index.php?policy=$toPolicy&page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID", array('alert')));
+//	die();
+//    }
+
+    if ($toPolicy=='private' && isset($_SESSION['portalLoggedUsername']) && defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) {
+	$action='autologin';
+	//A SuliX-osok kérésére ezt sajnos kihagyjuk :( session_regenerate_id(true);
+    }
+
+    // Az elküldött név+jelszó ellenőrzése
+    if ($action == 'login' || $action=='autologin') {
+
+	// A toPolicy hibaüzenetei
+	if (file_exists('include/alert/'.$lang.'/'.$AUTH[$toPolicy]['backend'].'.php')) {
+	    require('include/alert/'.$lang.'/'.$AUTH[$toPolicy]['backend'].'.php');
+	} elseif (file_exists('include/alert/'._DEFAULT_LANG.'/'.$AUTH[$toPolicy]['backend'].'.php')) {
+	    require('include/alert/'._DEFAULT_LANG.'/'.$AUTH[$toPolicy]['backend'].'.php');
+	}
+	// Autentikáció - alapok
+	if (file_exists('include/share/auth/base.php')) {
+    	    require('include/share/auth/base.php');
+	}
+	// Autentikáció - toPolicy
+	if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php')) {
+    	    require('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php');
+	}
+
+	// lejart session-ok torlese
+	require('include/share/session/close.php');
+	closeOldAndIdleSessions();
+
+	if ($action=='autologin' && defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) {
+	    $userPassword = readVariable($_SESSION['portalLoggedPassword'], 'string');
+	    //$userAccount  = readVariable($_SESSION['portalLoggedUsername'], 'regexp', null, array("^([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$"));
+	    $userAccount  = readVariable($_SESSION['portalLoggedUsername'], 'userAccount', null);
+	} else {
+	    $userPassword = readVariable($_POST['userPassword'], 'string');
+	    //$userAccount = readVariable($_POST['userAccount'], 'regexp', null, array("^([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$"));
+	    $userAccount  = readVariable($_SESSION['portalLoggedUsername'], 'userAccount', null);
+	}
+
+	if (defined('_BOLONDOS') && _BOLONDOS===true) $userAccount = visszafele($userAccount);
+
+	$accountInformation = array('account' => $userAccount, 'password' => $userPassword, 'policy' => $toPolicy, 'skin'=>$toSkin);
+	if ($sessionID != '') $accountInformation['sessionID'] = $sessionID;
+
+	if ($userAccount != '' and $userPassword != '') {
+
+	    $result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy); // ??? toPolicy benne van az AccountInformation-ben!!! Ldap backend only?
+	    logLogin($toPolicy, $userAccount, $result);
+	    if ($result === _AUTH_SUCCESS) {
+		$sessionID = newSession($accountInformation, $toPolicy);
+		if ($toSkin == '') $toSkin = $skin;
+		header('Location: '.location("index.php?page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID&policy=$toPolicy&lang=$lang&skin=$toSkin", array('alertOLD')));
+	    } elseif ($result === _AUTH_EXPIRED) {
+		$_SESSION['alert'][] = 'message:force_pw_update';
+		header('Location: '.location("index.php?policy=public&page=password&f=changeMyPassword&userAccount=".$userAccount."&toPolicy=$toPolicy&skin=$toSkin", array('alertOLD')));
+	    } elseif ($result >= _AUTH_FAILURE) {
+		// sikertelen azonosítás - a hibaüzenetet a függvény generálja
+		//$NOF = @getFailedLoginCount($toPolicy,$userAccount);
+		//if ($NOF>1) sleep(min($NOF,10,rand(1,10))); // harden brute force attempts
+	    } else {
+		// Ilyen csak hibás függvényműködés esetén lehet:
+		$_SESSION['alert'][] = "message:default:hibás visszatérési érték:userAuthentication:($result)";
+	    }
+	} else {
+	    $_SESSION['alert'][] = 'message:empty_field';
+	}
+    } 
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/public/auth/login.php b/mayor-orig/mayor-base/www/policy/public/auth/login.php
new file mode 100644
index 00000000..c86bf24b
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/public/auth/login.php
@@ -0,0 +1,17 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $userAccount, $userPassword, $toPolicy, $toPSF, $toSkin, $salt;
+    global $ADAT;
+
+    if (defined('_USERACCOUNT') && (!is_string(_USERACCOUNT) || _USERACCOUNT=='') )
+	putLoginForm($userAccount, $toPolicy, $toPSF, $toSkin, $salt);
+    else
+	putAlreadyLoggedIn();
+
+    if ($_SESSION['authStatus'] == _AUTH_FAILURE) {
+	putElfelejtettJelszoForm($ADAT);
+    }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/public/password/changeMyPassword-pre.php b/mayor-orig/mayor-base/www/policy/public/password/changeMyPassword-pre.php
new file mode 100644
index 00000000..e9ef2f3c
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/public/password/changeMyPassword-pre.php
@@ -0,0 +1,72 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    _clearSessionCache($sessionID);
+    unsetTokenCookies(); // ha valaki ide tévedne, visszavonjuk a Tokenjét és a cache-t is vissza kell
+
+    $toPolicy = readVariable($_REQUEST['toPolicy'], 'enum', 'private', $POLICIES);
+    $userAccount = readVariable($_REQUEST['userAccount'], 'emptystringnull', (defined('_USERACCOUNT'))?_USERACCOUNT:null);
+
+    if (file_exists(_CONFIGDIR."/$toPolicy-conf.php")) {
+    	require_once(_CONFIGDIR."/$toPolicy-conf.php");
+    }
+
+    if ($AUTH[$toPolicy]['enableSelfPasswordChange']) {
+
+    // Az elküldött név+jelszó ellenőrzése
+	if ($action == 'changePassword') {
+
+
+    	    require_once('include/modules/auth/base/login.php');
+
+	    if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php')) {
+    		require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php');
+	    }
+	    if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php')) {
+    		require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php');
+	    }
+	    if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php')) {
+    		require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php');
+	    }
+
+	    $userPassword = readVariable($_POST['userPassword'], 'emptystringnull');
+	    $newPassword = readVariable($_POST['newPassword'], 'emptystringnull');
+	    $verification = readVariable($_POST['verification'], 'emptystringnull');
+
+    	    if ($verification == '' or $newPassword == '') {
+        	$_SESSION['alert'][] = 'message:empty_field';
+    	    } elseif ($verification != $newPassword) {
+    		$_SESSION['alert'][] = 'message:pw_not_match';
+    	    } elseif ($userPassword == $newPassword) {
+    		$_SESSION['alert'][] = 'message:pw_not_changed';
+    	    } else {
+
+		$result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy);
+		if ($result >= _AUTH_FAILURE) {
+    		    $_SESSION['alert'][] = 'message:auth_failure'; // megj: a hibaüzenetet a userAuthentication egyébként generálja. kell ez?
+		} else {
+
+		    if (changeMyPassword($userAccount, $userPassword, $newPassword, $toPolicy)) {
+// Újra be kell jelentkezni mindenképp...
+//			updateSessionPassword($userAccount, $toPolicy, $verification);
+//			if (validUser($sessionID,$policy))
+//			    header('Location: '.location("index.php?policy=$toPolicy&sessionID=".$sessionID, array('alert')));
+//			else
+			    header('Location: '.location("index.php?page=auth&f=login&toPolicy=$toPolicy", array('alert')));
+		    } else {
+			$_SESSION['alert'][] = 'message:pw_change_failed';
+		    }
+		}
+
+	    }
+
+	} // action
+
+    } else {
+
+	$_SESSION['alert'][] = 'page:pw_change_disabled';
+
+    }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/public/password/changeMyPassword.php b/mayor-orig/mayor-base/www/policy/public/password/changeMyPassword.php
new file mode 100644
index 00000000..29ebbf10
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/public/password/changeMyPassword.php
@@ -0,0 +1,9 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $userAccount, $toPolicy;
+
+    putChangePasswordForm($userAccount, $toPolicy);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/public/password/resetPassword-pre.php b/mayor-orig/mayor-base/www/policy/public/password/resetPassword-pre.php
new file mode 100644
index 00000000..3590f27a
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/public/password/resetPassword-pre.php
@@ -0,0 +1,68 @@
+<?php
+    if (_RIGHTS_OK !== true) die();
+
+    $selector = readVariable($_POST['selector'], 'string', readVariable($_GET['selector'], 'hexa', null));
+    $validator = readVariable($_POST['validator'], 'string', readVariable($_GET['validator'], 'hexa', null));
+
+    if ($validator!='') {
+        $q = "SELECT * FROM accountRecovery WHERE selector = '%s' AND expires >= NOW()";
+        $r = db_query($q, array('debug'=>false,'fv'=>'getPasswordRecoveryRequest','modul'=>'login','result'=>'record','values'=>array($selector)));
+    }
+    if (!is_array($r)) {
+	$_SESSION['alert']['page'] = 'message:wrong_data:A jelszó-helyreállítási kérelem nem létezik, vagy lejárt!';
+    } else {
+
+	$calc = hash('sha256', hex2bin($validator));
+	if (hash_equals($calc, $r['token'])) {
+    	    // The reset token is valid. Authenticate the user.
+	    //dump($r);
+	    $ADAT = $r;
+	    $ADAT['validator'] = $validator;
+
+	    $toPolicy = $r['policy'];
+	    $userAccount = $r['userAccount'];
+
+	    if (file_exists(_CONFIGDIR."/$toPolicy-conf.php")) {
+    		require_once(_CONFIGDIR."/$toPolicy-conf.php");
+	    }
+
+	    if ($AUTH[$toPolicy]['enablePasswordReset']) {
+
+		if ($action == 'resetPassword') {
+
+		    if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php')) {
+    			require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php');
+		    }
+		    if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php')) {
+    			require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php');
+		    }
+
+		    $newPassword = readVariable($_POST['newPassword'], 'emptystringnull');
+		    $verification = readVariable($_POST['verification'], 'emptystringnull');
+
+    		    if ($verification == '' or $newPassword == '') {
+        		$_SESSION['alert'][] = 'message:empty_field';
+    		    } elseif ($verification != $newPassword) {
+    			$_SESSION['alert'][] = 'message:pw_not_match';
+    		    } else {
+			if (changePassword($userAccount, $newPassword, $toPolicy)) {
+    			    $q = "DELETE FROM accountRecovery WHERE userAccount = '%s'";
+    			    db_query($q, array('debug'=>false,'fv'=>'getPasswordRecoveryRequest','modul'=>'login','result'=>'delete','values'=>array($userAccount)));
+			    header('Location: '.location("index.php?page=auth&f=login&toPolicy=$toPolicy", array('alert')));
+			} else {
+			    $_SESSION['alert'][] = 'message:pw_change_failed';
+			}
+		    }
+		}
+
+	    } else {
+		$_SESSION['alert'][] = 'page:pw_reset_disabled';
+	    }
+
+	} else {
+	    $_SESSION['alert']['page'] = 'message:insufficient_access:A jelszó-helyreállítási kérelem nem érvényes!';
+	}
+
+    }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/public/password/resetPassword.php b/mayor-orig/mayor-base/www/policy/public/password/resetPassword.php
new file mode 100644
index 00000000..eaefcc8c
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/public/password/resetPassword.php
@@ -0,0 +1,9 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $ADAT;
+
+    if ($ADAT['userAccount']!='') putResetPasswordForm($ADAT);
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/public/portal/rpc/rpc-pre.php b/mayor-orig/mayor-base/www/policy/public/portal/rpc/rpc-pre.php
new file mode 100644
index 00000000..edd9a592
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/public/portal/rpc/rpc-pre.php
@@ -0,0 +1,104 @@
+<?php
+/*
+    MOVED!!
+     - mayor-base/public/rpc/rpc
+     - mayor-portal-mayor/rpc/controller/rpc
+    ===========================================
+
+    require_once('include/share/ssl/ssl.php');
+
+    // MOVE
+    function getRegisztraltIskolaAdat($nodeId) {
+	if ($nodeId=='') {
+	    $q = "SELECT * FROM regisztracio";
+	    $r = db_query($q, array('modul'=>'portal','result'=>'indexed'));
+	} else {
+	    $q = "SELECT * FROM regisztracio WHERE nodeId='%s'";
+	    $v = array($nodeId);
+	    $r = db_query($q, array('modul'=>'portal','result'=>'record','values'=>$v));
+	}
+	return $r;
+    }
+
+    function getPublicDataByNodeIdFromReg($nodeId) {
+	$q = "SELECT * FROM regisztracio WHERE nodeId='%s'";
+	$v = array($nodeId);
+	$r = db_query($q, array('debug'=>false,'fv'=>'getPublicDataByNodeIdFromReg','modul'=>'portal','result'=>'record','values'=>$v));
+	return $r;
+    }
+    function modRegData($nodeId, $regId, $DATA) {
+	$q = "UPDATE regisztracio SET ".implode(',',array_fill(0, count($DATA), "%s='%s'"))." WHERE regId=%u AND nodeId=%u";
+	foreach ($DATA as $key=>$val) {
+	    $v[] = $key; $v[] = $val;
+	}
+	$v[] = $regId; $v[] = $nodeId;
+	$r = db_query($q, array('debug'=>true,'fv'=>'modRegData','modul'=>'portal','values'=>$v));
+	if ($r) return true;
+	else return $q;
+    }
+
+    /* Class: Interconnect AES * /
+
+    /* remote procedure call remote controller * /
+    try 
+    {
+	/* rights.php:
+		$RPC = new Interconnect();
+		$RPC->setRemoteHostByNodeId($senderNodeId);
+		$REQUEST = $RPC->processRequest();
+	* /
+	$REQUEST = $RPC->getIncomingRequest();
+	$func = $REQUEST['func'];
+
+    }
+    catch (Exception $e)
+    {
+	$func='';
+	$DATA = array('error'=>$e->getMessage());	
+    }
+    // processing
+    $DATA = array();
+    if (isset($func) && $func!='') {
+	switch ($func) {
+	    case 'getVersion':
+	    case 'ping':
+		$DATA = array('func'=>'getVersion','response_revision'=>_MAYORREV,'pong');
+		$RPC->setResponse($DATA);
+		break;
+	    case 'checkRegistration':
+		$DATA = getPublicDataByNodeIdFromReg($senderNodeId);
+		if (is_array($DATA)) $valid = 1; else $valid = 0;
+		$DATA = array('func'=>$func,'valid'=>$valid,'status'=>$RPC->getStatus(),'get'=>$_GET,'post'=>$_POST);
+		$RPC->setResponse($DATA);
+		break;
+	    case 'getPublicDataByNodeId':
+		$DATA = getPublicDataByNodeIdFromReg($REQUEST['nodeId']);
+		$RPC->setResponse($DATA);
+		break;
+	    case 'modRegData':
+		$DATA['result'] = modRegData($senderNodeId,$REQUEST['regId'],$REQUEST['data']);
+		$DATA['func'] = 'modRegData';
+		$RPC->setResponse($DATA);
+		break;
+	    case 'getIskola':
+		$iskolaAdat = getRegisztraltIskolaAdat($REQUEST['otherNodeId']);
+		$DATA = array('func'=>$func,'iskolaAdat'=>$iskolaAdat);
+		$RPC->setResponse($DATA);
+		break;
+	    case 'getRegistrationData':
+		$DATA = getPublicDataByNodeIdFromReg($REQUEST['nodeId']);
+		break;
+	    case 'refreshRegistration':
+		break;
+	    case 'getPublicData':
+		$iskolaAdat = getRegisztraltIskolaAdat();
+		$DATA = array('func'=>$func,'szomszedok'=>$iskolaAdat);
+		$RPC->setResponse($DATA);
+		break;
+	    default:		
+		break;
+	}
+	
+    }
+*/
+?>
diff --git a/mayor-orig/mayor-base/www/policy/public/portal/start.php b/mayor-orig/mayor-base/www/policy/public/portal/start.php
new file mode 100644
index 00000000..e69de29b
diff --git a/mayor-orig/mayor-base/www/policy/public/rpc/rpc-pre.php b/mayor-orig/mayor-base/www/policy/public/rpc/rpc-pre.php
new file mode 100644
index 00000000..30336e9e
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/public/rpc/rpc-pre.php
@@ -0,0 +1,43 @@
+<?php
+/*
+    module: mayor-base
+
+    A alap metódusok RPC kezelője
+
+*/
+    require_once('include/share/ssl/ssl.php');
+
+    try 
+    {
+	/* 
+	    rights.php:
+		$RPC = new Interconnect();
+		$RPC->setRemoteHostByNodeId($senderNodeId);
+		$REQUEST = $RPC->processRequest();
+	*/
+	$REQUEST = $RPC->getIncomingRequest();
+	$func = $REQUEST['func'];
+
+    }
+    catch (Exception $e)
+    {
+	$func='';
+	$DATA = array('error'=>$e->getMessage());	
+    }
+    // processing
+    $DATA = array();
+    if (isset($func) && $func!='') {
+	switch ($func) {
+	    // itt a currens verziót kellene visszaadni
+	    case 'getVersion':
+	    case 'ping':
+		$DATA = array('func'=>'getVersion','revision'=>_MAYORREV,'pong');
+		$RPC->setResponse($DATA);
+		break;
+	    default:
+		$DATA['result'] = 'ismeretlen függvény: '.$func;
+		break;
+	}
+	
+    }
+?>
diff --git a/mayor-orig/mayor-base/www/policy/public/session/logout-pre.php b/mayor-orig/mayor-base/www/policy/public/session/logout-pre.php
new file mode 100644
index 00000000..013be18c
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/public/session/logout-pre.php
@@ -0,0 +1,29 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    require('include/share/session/close.php');
+
+    closeSession();
+    closeOldAndIdleSessions();
+    if (defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) {
+	session_start();
+	unset($_SESSION['portalLoggedPassword']);
+	unset($_SESSION['szuloDiakIdOk']);
+	session_destroy();
+	header('Location: /');
+    } else {
+//	session_start();
+//	unset($_SESSION['szuloDiakIdOk']);
+//	session_destroy();
+	session_start();
+	session_unset();
+	session_destroy();
+	session_write_close();
+	setcookie(session_name(),'',0,'/');
+	setcookie($sessionID,'',0,'/');
+	session_regenerate_id(true);
+	header('Location: index.php');
+    }
+
+?>
diff --git a/mayor-orig/mayor-base/www/policy/public/session/set-pre.php b/mayor-orig/mayor-base/www/policy/public/session/set-pre.php
new file mode 100644
index 00000000..d3e77776
--- /dev/null
+++ b/mayor-orig/mayor-base/www/policy/public/session/set-pre.php
@@ -0,0 +1,10 @@
+<?php
+
+    if (_RIGHTS_OK !== true) die();
+
+    global $_JSON;
+    $layout = readVariable($_GET['layout'],'id',0);
+    $_SESSION['pageLayout'] = $layout;
+    $_JSON['success'] = true;
+    $_JSON['pageLayout'] = $layout;
+?>
-- 
cgit v1.2.3