From 43de9af71f7f4ca5731b94a06d688ae8412ba427 Mon Sep 17 00:00:00 2001 From: M.Gergo Date: Fri, 6 Jul 2018 11:14:41 +0200 Subject: 2018/Feb/28 -i állapot hozzáadva, mint a módosítások kiindulási állapota --- mayor-orig/www/include/base/base.php | 227 +++++++++++++++++++ mayor-orig/www/include/base/cache.php | 33 +++ mayor-orig/www/include/base/config.php | 62 ++++++ mayor-orig/www/include/base/error.php | 44 ++++ mayor-orig/www/include/base/log.php | 33 +++ mayor-orig/www/include/base/login.php | 120 ++++++++++ mayor-orig/www/include/base/mysql.php | 396 +++++++++++++++++++++++++++++++++ mayor-orig/www/include/base/rights.php | 376 +++++++++++++++++++++++++++++++ mayor-orig/www/include/base/str.php | 230 +++++++++++++++++++ mayor-orig/www/include/base/var.php | 134 +++++++++++ 10 files changed, 1655 insertions(+) create mode 100644 mayor-orig/www/include/base/base.php create mode 100644 mayor-orig/www/include/base/cache.php create mode 100644 mayor-orig/www/include/base/config.php create mode 100644 mayor-orig/www/include/base/error.php create mode 100644 mayor-orig/www/include/base/log.php create mode 100644 mayor-orig/www/include/base/login.php create mode 100644 mayor-orig/www/include/base/mysql.php create mode 100644 mayor-orig/www/include/base/rights.php create mode 100644 mayor-orig/www/include/base/str.php create mode 100644 mayor-orig/www/include/base/var.php (limited to 'mayor-orig/www/include/base') diff --git a/mayor-orig/www/include/base/base.php b/mayor-orig/www/include/base/base.php new file mode 100644 index 00000000..dd620a41 --- /dev/null +++ b/mayor-orig/www/include/base/base.php @@ -0,0 +1,227 @@ +0) or (strpos(strtolower($_SERVER['HTTP_ACCEPT']),'application/vnd.wap.xhtml+xml')>0)) or ((((isset($_SERVER['HTTP_X_WAP_PROFILE']) or isset($_SERVER['HTTP_PROFILE']) or isset($_SERVER['X-OperaMini-Features']) or isset($_SERVER['UA-pixels'])))))) + $mobile_ua = strtolower(substr($_SERVER['HTTP_USER_AGENT'],0,4)); + $mobile_agents = array('acs-','alav','alca','amoi','audi','aste','avan','benq' ,'bird','blac','blaz','brew','cell','cldc','cmd-','dang','doco','eric','hipt','inno','ipaq','java' ,'jigs','kddi','keji','leno','lg-c','lg-d','lg-g','lge-','maui','maxo','midp','mits','mmef','mobi','mot-','moto','mwbp','nec-','newt','noki','opwv','palm','pana','pant','pdxg' ,'phil','play','pluc','port','prox','qtek','qwap', 'sage','sams','sany','sch-','sec-','send','seri','sgh-','shar','sie-','siem','smal','smar','sony','sph-','symb','t-mo','teli','tim-','tosh','tsm-','upg1','upsi','vk-v','voda','wap-','wapa','wapi','wapp','wapr','webc','winw','winw' ,'xda','xda-'); + if(in_array($mobile_ua,$mobile_agents)) { + return true; + } +} + +// ------------------------------------------ +// PHP session +// ------------------------------------------ + + session_start(); + +// ------------------------------------------ +// Böngésző azonosítás +// ------------------------------------------ + + if (defined('_ALLOWPDAIDENTIFICATION') && isMobile()) define('_USER_AGENT','ppc'); // inkább ketté kéne bontani [wap,ppc] tartalomra + else + if (strpos($_SERVER['HTTP_USER_AGENT'],'Opera') !== false) define('_USER_AGENT','opera'); + elseif (strpos($_SERVER['HTTP_USER_AGENT'],'Gecko') !== false) define('_USER_AGENT','gecko'); + elseif (strpos($_SERVER['HTTP_USER_AGENT'],'MSIE') !== false) define('_USER_AGENT','msie'); + else define('_USER_AGENT',''); + + if (strstr($_SERVER['HTTP_USER_AGENT'],'iPhone')!=false) define('_USER_AGENT_PLUS','iPhone'); + else define('_USER_AGENT_PLUS',''); + + if (($_SESSION['isMobile']=isMobile())===true) $_SESSION['pageLayout']=1; // patch + +// MaYoR revision konstans definiálása + + if (@file_exists(_LOGDIR.'/revision')) { + $_rf = @fopen(_LOGDIR.'/revision', "r"); + if ($_rf) $rev = @fgets($_rf, 64); + @fclose($_rf); + } else { + //rev missing... + } + define('_MAYORREV',chop($rev)); + unset($rev); + +// ------------------------------------------ +// Default értékek +// ------------------------------------------ + /* + $policy - hozzáférési mód - kötelező + $page - megjelenítendő oldal - kötelező + $sub - aloldal - opcionális + $f - file - kötelező + $lang - az oldal nyelve - kötelező + skin - az oldal témája, "bőre" - kötelező + $action - elvégzendő feladat megjelölésére - opcionális + $_SESSION['alert'] - figyelmeztető üzenet (tömb) - opcionális + */ + + if (($__key = array_search('blue', $SKINS)) !== false) unset($SKINS[$__key]); + if (($__key = array_search('pda', $SKINS)) !== false) unset($SKINS[$__key]); + if ($AUTH['public']['skin'] == 'blue') $AUTH['public']['skin'] = 'classic'; + if ($AUTH['private']['skin'] == 'blue') $AUTH['private']['skin'] = 'classic'; + if ($AUTH['parent']['skin'] == 'blue') $AUTH['parent']['skin'] = 'classic'; + // itt beolvassuk, később még egy szigorítás is van + + if (_RUNLEVEL=='cron') { + $policy = 'private'; + @$page = readVariable($_SERVER['argv'][1],'strictstring'); + @$sub = readVariable($_SERVER['argv'][2],'strictstring'); + @$f = readVariable($_SERVER['argv'][3],'strictstring'); + @$sessionID = "cron"; + } else { + @$policy = readVariable($_REQUEST['policy'],'strictstring',null,$POLICIES); + @$page = readVariable($_REQUEST['page'],'strictstring'); + @$sub = readVariable($_REQUEST['sub'],'strictstring'); + @$f = readVariable($_REQUEST['f'],'strictstring'); + @$sessionID = readVariable($_GET['sessionID'],'hexa'); + } + if ($f == '') { + if ($sub != '') $f = $sub; + elseif ($page != '') $f = $page; + } + @$lang = readVariable($_GET['lang'],'strictstring',null,$LANGUAGES); + if (_RUNLEVEL === 'cron') $skin = 'cron'; + else @$skin = readVariable($_POST['skin'],'strictstring',readVariable($_GET['skin'],'strictstring',null,$SKINS),$SKINS); + @$action = readVariable($_REQUEST['action'],'strictstring',null); + // ++ ha még mindig üres a skin, és pocketpc-ről/pda jövünk (de megengedjük a felülírást) + // if (_USER_AGENT==='ppc' && $skin=='') $skin='pda'; + // ++ + //-- + if (is_array($POLICIES) && !in_array($policy, $POLICIES)) $policy = _DEFAULT_POLICY; + + define('_POLICY', $policy); + + // Miert ne csatolnánk be az összes policy beállítsait? --> config.php + + if ($f=='' && is_array($DEFAULT_PSF[$policy])) extract($DEFAULT_PSF[$policy], EXTR_OVERWRITE); + if (!in_array($lang, $LANGUAGES)) $lang=_DEFAULT_LANG; + // ha a skin még mindig üres, akkor az ellenőrzésnél a default-ot állítjuk be... + if (!@in_array($skin, $SKINS)) $skin = (isset($AUTH[$policy]['skin'])) ? $AUTH[$policy]['skin'] : _DEFAULT_SKIN; + + if (file_exists("lang/$lang/base/base.php")) { + require("lang/$lang/base/base.php"); + } elseif (file_exists('lang/'._DEFAULT_LANG.'/base/base.php')) { + require('lang/'._DEFAULT_LANG.'/base/base.php'); + } + + // A skin-hez tartozó beállátosok.. ha vannak... - ide való? De még a *-pre elé! + if (file_exists(_CONFIGDIR."/skin-$skin/config.php")) { + require(_CONFIGDIR."/skin-$skin/config.php"); + } elseif (file_exists(_CONFIGDIR.'/skin-'._DEFAULT_SKIN.'/config.php')) { + require(_CONFIGDIR.'/skin-'._DEFAULT_SKIN.'/config.php'); + } + +// ----------------------------------------------------------------- +// page() +// ----------------------------------------------------------------- + +function page($page, $sub, $f, $lang, $skin, $policy = _DEFAULT_POLICY) { + + global $_JSON; + if (html_alert($_SESSION['alert'])) { // A figyelmeztető üzenet letilthatja az oldal további megjelenítését. + + if ($sub != '') { + $load = "$sub/$f"; + } else { + $load = $f; + } + + if (file_exists("policy/$policy/$page/$load.php")) { + if (file_exists("lang/$lang/module-$page/base.php")) { + require_once("lang/$lang/module-$page/base.php"); + } elseif (file_exists("lang/"._DEFAULT_LANG."/module-$page/base.php")) { + require_once("lang/"._DEFAULT_LANG."/module-$page/base.php"); + } + if (file_exists("lang/$lang/module-$page/$load.php")) { + require_once("lang/$lang/module-$page/$load.php"); + } elseif (file_exists("lang/"._DEFAULT_LANG."/module-$page/$load.php")) { + require_once("lang/"._DEFAULT_LANG."/module-$page/$load.php"); + } + if (file_exists("skin/$skin/module-$page/html/base.phtml")) { + require_once("skin/$skin/module-$page/html/base.phtml"); + } elseif (file_exists("skin/"._DEFAULT_SKIN."/module-$page/html/base.phtml")) { + require_once("skin/"._DEFAULT_SKIN."/module-$page/html/base.phtml"); + } + if (file_exists("skin/$skin/module-$page/html/$load.phtml")) { + require_once("skin/$skin/module-$page/html/$load.phtml"); + } elseif (file_exists("skin/"._DEFAULT_SKIN."/module-$page/html/$load.phtml")) { + require_once("skin/"._DEFAULT_SKIN."/module-$page/html/$load.phtml"); + } + + include("policy/$policy/$page/$load.php"); + //szamlal($policy,$page); + } elseif (file_exists("static/$lang/$page/$load.html")) { + include("static/$lang/$page/$load.html"); + //szamlal($policy,$page); + } else { + //??? ha már kiírtuk a hibaüzeneteket, újabbat nem írhatunk ki sajnos :( html_alert(array('page:page_missing:'."[$page]:[$sub]:[$f]")); --> rights.php + } + } +} + +function href($href,$get = array('sessionID','lang','skin','policy')) { + + global $sessionID,$lang,$skin,$policy,$page,$sub,$f,$action; + global $SKINS; + if ($href!='') { + if (strpos($href,'?') === false) { + $href .= '?'; + } else { + $href.='&'; + } + for ($i=0;$i diff --git a/mayor-orig/www/include/base/cache.php b/mayor-orig/www/include/base/cache.php new file mode 100644 index 00000000..3c630581 --- /dev/null +++ b/mayor-orig/www/include/base/cache.php @@ -0,0 +1,33 @@ +DATA[$key])); + } + public function get($key) { + return $this->DATA[$key]; + } + public function set($key,$data, $dataType=null) { + $this->DATA[$key] = $data; + if ($dataType!='') $this->REGISTRY[$dataType][] = $key; + } + public function del($key) { + unset($this->DATA[$key]); + unset($this->REGISTRY[array_search($key,$this->REGISTRY)]); + } + public function flushdb() { + $this->DATA = array(); + $this->REGISTRY = array(); + } + public function delType($dataType) { + $c = count($this->REGISTRY[$dataType]); + for ($i=0; $i<$c; $i++ ) { + $this->del($this->REGISTRY[$dataType][$i]); + } + unset($this->REGISTRY[$dataType]); + } +} +$mayorCache = new mayorCache(); +?> \ No newline at end of file diff --git a/mayor-orig/www/include/base/config.php b/mayor-orig/www/include/base/config.php new file mode 100644 index 00000000..4a234fcf --- /dev/null +++ b/mayor-orig/www/include/base/config.php @@ -0,0 +1,62 @@ + $_policy) { + if (file_exists(_CONFIGDIR."/$_policy-conf.php")) { + @require(_CONFIGDIR."/$_policy-conf.php"); + if (file_exists(_BASEDIR.'/policy/'.$_policy.'/'.$DEFAULT_PSF[$_policy]['page'].'/'.$DEFAULT_PSF[$_policy]['sub'].'/'.$DEFAULT_PSF[$_policy]['f'].'.php') + === false) { + //nincs meg ez a file + $_SESSION['alert'][] = 'info:file_not_found:default page:'.$_policy.':'.implode(' ',$DEFAULT_PSF[$_policy]); + } + } else { + $DEFAULT_PSF[$_policy] = array(); + $_SESSION['alert'][] = 'page:file_not_found:'._CONFIGDIR."/$_policy-conf.php"; + } + } +} else { + $_SESSION['alert'][] = 'page:config_error:nincs POLICIES tömb vagy _CONFIGDIR konstans!'; +} + +if (!defined('__FBCONNECT_ENABLED')) define('__FBCONNECT_ENABLED',false); +if (!defined('__SHOW_FACES_TYPE')) define('__SHOW_FACES_TYPE','circle'); // circle, square, classic + +$VALID_MODULES =array('portal','naplo','auth','jatek','password','session','fenntarto'); +if(is_array($EXTRA_MODULES)) $VALID_MODULES = array_unique(array_merge($VALID_MODULES,$EXTRA_MODULES)); + + +?> diff --git a/mayor-orig/www/include/base/error.php b/mayor-orig/www/include/base/error.php new file mode 100644 index 00000000..e790d65a --- /dev/null +++ b/mayor-orig/www/include/base/error.php @@ -0,0 +1,44 @@ + 'Error', //1 + E_WARNING => 'Warning', //2 + E_PARSE => 'Parsing Error', //4 + E_NOTICE => 'Notice', //8 + E_CORE_ERROR => 'Core Error', //16 + E_CORE_WARNING => 'Core Warning', //32 + E_COMPILE_ERROR => 'Compile Error', //64 + E_COMPILE_WARNING => 'Compile Warning', //128 + E_USER_ERROR => 'User Error', + E_USER_WARNING => 'User Warning', + E_USER_NOTICE => 'User Notice', // 1024 + E_STRICT => 'Runtime Notice', // 2048 + E_RECOVERABLE_ERROR => 'Catchable Fatal Error', // 4096 + E_ALL => 'ALL', //binary 1111111111111 + ); + $userError = array(E_USER_ERROR, E_USER_WARNING, E_USER_NOTICE); + $trackOnly = array(E_USER_ERROR, E_ERROR, E_USER_WARNING, E_USER_NOTICE, E_WARNING); + if (defined('__TESTERRORREPORTERWARN')) $trackOnly[] = E_NOTICE; + if (in_array($errno,$userError)) { + $err = "$dt $errno ".$errtype[$errno]." $errmsg"; + } elseif (in_array($errno,$trackOnly)) { + $err = "$dt $errno ".$errtype[$errno]." $errmsg $filename $linenum"; + /* if (in_array($errno, $user_errors)) { $err .= " vartrace(" . wddx_serialize_value($vars, "Variables") . ") ";} */ + // if (defined('_LOGDIR')) error_log($err, 0, _LOGDIR.'/phperror.log'); + } + if ($err!='') $_SESSION['alert'][] = 'alert:raw:'._MAYORREV.':'._USERACCOUNT.':'.':'.$err; + return false; + } + + /* Írjuk felül a gyárit */ + $old_error_handler = set_error_handler("mayorErrorHandler"); + //restore_error_handler(); + +?> diff --git a/mayor-orig/www/include/base/log.php b/mayor-orig/www/include/base/log.php new file mode 100644 index 00000000..45c669e4 --- /dev/null +++ b/mayor-orig/www/include/base/log.php @@ -0,0 +1,33 @@ + 'logLogin', 'modul' => 'login', 'values' => array(_clientIp(), $userAccount, $policy, $flag))); + } + + function szamlal($policy, $page) { + $q = "INSERT INTO stat (dt, policy, page) VALUES (NOW(),'%s','%s')"; + db_query($q, array('fv' => 'szamlal', 'modul' => 'login', 'values' => array($policy, $page))); + } + + function mayorLogger($loglevel, $modul, $message, $userAccount='') { + if ($loglevel>_LOGLEVEL) { + $fp = fopen(_LOGDIR.'/'.$modul.'.log','a+'); + if ($fp!=false) { + $msg = date('Y-m-d H:i:s').' '.$userAccount.': '.$message."\n"; + fputs($fp,$msg); + fclose($fp); + } + } + } +?> diff --git a/mayor-orig/www/include/base/login.php b/mayor-orig/www/include/base/login.php new file mode 100644 index 00000000..f244b90a --- /dev/null +++ b/mayor-orig/www/include/base/login.php @@ -0,0 +1,120 @@ + $userAccount, 'password' => $userPassword, 'policy' => $toPolicy, 'skin'=>$toSkin); + if ($fbAuth===true) { + if ($FBDATA['toPolicy']==$toPolicy) { + $result = _AUTH_SUCCESS; // az authentikációt a mayorFacebookAuth() csinálta + $accountInformation['cn'] = $FBDATA['fbUserCn']; + $accountInformation['mail'] = $FBDATA['fbUserEmail']; + $accountInformation['studyId'] = $FBDATA['studyId']; + } else { + $_SESSION['alert'][] = 'info:A facebook azonosító nincs még összekötve! Először lépj be a MaYoR-ba, és kezdeményezd a facebook connectet!'; + continue;; + } + } elseif ($googleapiAuth===true) { + if ($GOOGLEAPIDATA['toPolicy']==$toPolicy) { + $result = _AUTH_SUCCESS; // az authentikációt a mayorGoogleapiAuth() csinálta + $accountInformation['cn'] = $GOOGLEAPIDATA['googleUserCn']; + $accountInformation['mail'] = $GOOGLEAPIDATA['googleUserEmail']; + $accountInformation['studyId'] = $GOOGLEAPIDATA['studyId']; + } else { + $_SESSION['alert'][] = 'info:A google azonosító nincs még összekötve! Először lépj be a MaYoR-ba, és kezdeményezd!'; + continue;; + } + } else { + $result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy); // ??? toPolicy benne van az AccountInformation-ben!!! Ldap backend only? + logLogin($toPolicy, $userAccount, $result); + } + + define('_MAYORAUTHRESULT',$result); + if ($result === _AUTH_SUCCESS) { + $_SESSION['alert'] = array(); + $sessionID = newSession($accountInformation, $toPolicy); + if ($toSkin == '') $toSkin = $skin; + header('Location: '.location("index.php?page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID&policy=$toPolicy&lang=$lang&skin=$toSkin", array('alertOLD'))); + break; + } elseif ($result === _AUTH_EXPIRED) { + $_SESSION['alert'][] = 'message:force_pw_update'; + header('Location: '.location("index.php?policy=public&page=password&f=changeMyPassword&userAccount=".$userAccount."&toPolicy=$toPolicy&skin=$toSkin", array('alertOLD'))); + break; + } elseif ($result === _AUTH_FAILURE_1) { + // nincs ilyen user, megpróbáljuk beauthentikálni parent-tel is. + } elseif ($result >= _AUTH_FAILURE) { + // sikertelen azonosítás - a hibaüzenetet a függvény generálja + // megpróbáljuk beauthentikálni parent-tel is. + break; + } else { + // Ilyen csak hibás függvényműködés esetén lehet: + $_SESSION['alert'][] = "message:default:hibás visszatérési érték:userAuthentication:(".serialize($result).")"; + break; + } + } + } else { + $_SESSION['alert'][] = 'message:empty_field'; + } + } + +?> diff --git a/mayor-orig/www/include/base/mysql.php b/mayor-orig/www/include/base/mysql.php new file mode 100644 index 00000000..b2e22f82 --- /dev/null +++ b/mayor-orig/www/include/base/mysql.php @@ -0,0 +1,396 @@ + $config) { + if ($config['backend'] == 'mysql') { + $MYSQL_DATA[$_policy . ' auth'] = array( + 'user' => $config['mysql user'], + 'host' => $config['mysql host'], + 'pw' => $config['mysql pw'], + 'db' => $config['mysql db'], + ); + if ($MYSQL_DATA[$_policy . ' auth']['host']=='') + if ($MYSQL_DATA['host']=='') + $MYSQL_DATA[$_policy . ' auth']['host'] = 'localhost'; + else + $MYSQL_DATA[$_policy . ' auth']['host'] = $MYSQL_DATA['host']; + } + } +//-----------------------------------------------------------------------// + + function db_selectDb($db,$lr) { + if (MYSQLI_ENABLED===true) + return mysqli_select_db($lr,$db); + else + return mysql_select_db($db,$lr); + } + + function db_connect($modul, $SET = array('priv' => null, 'force' => true, 'host'=> null, 'username' => null, 'password' => null, 'db' => null, 'fv' => null)) { + + global $MYSQL_DATA; + + $lr = false; + extract($SET); + if (!isset($force)) $force = true; + if (!isset($priv)) $priv = ''; + + //if ($MYSQL_DATA['persistent']===true) $mysql_connect = 'mysql_pconnect'; else $mysql_connect = 'mysql_connect'; + $mysql_connect = 'mysql_connect'; + /* setting host */ + if (!isset($host)) { + if ($MYSQL_DATA[$modul]['host'.$priv]=='') { + if ($MYSQL_DATA[$modul]['host']=='') { + if ($MYSQL_DATA['host']=='') { + $host = 'localhost'; + } else { + $host = $MYSQL_DATA['host']; + } + } else { + $host = $MYSQL_DATA[$modul]['host']; + } + } else { + $host = $MYSQL_DATA[$modul]['host'.$priv]; + } + } + /* --- */ + if ($priv == 'root') { + if (MYSQLI_ENABLED===true) + $lr = @mysqli_connect($host, $username, $password); // force new ??? + else + $lr = @$mysql_connect($host, $username, $password, $force); + } else { + /* --- */ + if (is_array($MYSQL_DATA[$modul])) { + if (isset($priv) && $priv != '' && isset($MYSQL_DATA[$modul]['user'.$priv])) { // Először megpróbálunk $priv szerinti privilégiummal csatlakozni + if (MYSQLI_ENABLED===true) + $lr = @mysqli_connect($host, $MYSQL_DATA[$modul]['user'.$priv], $MYSQL_DATA[$modul]['pw'.$priv], $MYSQL_DATA[$modul]['db']); + else + $lr = @$mysql_connect($host, $MYSQL_DATA[$modul]['user'.$priv], $MYSQL_DATA[$modul]['pw'.$priv], $force); + } + if ($lr === false) {// Ha nem sikerült, vagy nem volt megadva privilégium, akkor próbáljunk anélkül csatlakozni + if (MYSQLI_ENABLED===true) + $lr = @mysqli_connect($host, $MYSQL_DATA[$modul]['user'], $MYSQL_DATA[$modul]['pw'], $MYSQL_DATA[$modul]['db']); + else + $lr = @$mysql_connect($host, $MYSQL_DATA[$modul]['user'], $MYSQL_DATA[$modul]['pw'], $force); + } + } else { + $_SESSION['alert'][] = "message:sql_failure/${SET['fv']}:db_connect:modul $modul has no config"; + } + } + if ($lr) { + // mysql_set_charset('utf8', $lr); + if ($priv != 'root') $db = $MYSQL_DATA[$modul]['db']; + if ($db != '') { + $result = db_selectDb($db , $lr); + if ($result === true) { + if (MYSQLI_ENABLED===true) { + mysqli_set_charset($lr, "utf8"); + mysqli_query($lr, "SET NAMES utf8"); + mysqli_query($lr, "SET collation_connection='utf8_hungarian_ci'"); + } else { + mysql_query("SET NAMES utf8", $lr); + mysql_query("SET collation_connection='utf8_hungarian_ci'", $lr); + } + } else { + $_SESSION['alert'][] = "message:sql_select_db_failure:db_connect/${SET['fv']}:$modul:".$MYSQL_DATA[$modul]['db']; + mysql_close($lr); + return false; + } + } elseif (!isset($MYSQL_DATA[$modul]['db'])) { + $_SESSION['alert'][] = "message:sql_warning:db_connect/${SET['fv']}:modul $modul has empty database config value"; + } + } else { + if (__DEBUG || (defined('__DETAILED') && __DETAILED)) $_SESSION['alert'][] = "message:sql_connect_failure:db_connect/${SET['fv']}:modul - $modul, priv - $priv, username - $username, db - $db"; + else $_SESSION['alert'][] = "message:sql_connect_failure:db_connect/${SET['fv']}:$modul modul"; + } + return $lr; + + } + + function db_close($lr) { + if ($MYSQL_DATA['persistent']!==true) { + if (MYSQLI_ENABLED===true) + return mysqli_close($lr); + else + return mysql_close($lr); + } else + return true; // not closing; + } + +//-----------------------------------------------------------------------// + + function db_query($q, $SET, $olr = null) { + /* + $SET = array( + 'modul' => '...' + 'fv' => '...' + 'result' => 'indexed'|'assoc'|'multiassoc'|'idonly'|'value'|'record'|'keyvaluepair'|'insert'|'affected rows' + 'keyfield' => '...' (if result in (assoc,multiassoc)) + 'detailed' => true | false (default) (echo the query in error messages) + 'debug' => true | false (default) (echo the query before quering it) + 'rollback' => true | false (default) + 'values' => array(...) (if $q is an sprintf format string) + ); + */ + global $_JSON; + + if (!isset($q) || $q == '') { + $_SESSION['alert'][] = 'message:sql_query_failure:db_query/'.$SET['fv'].':query is empty'; + return false; + } + + if (!isset($SET['result'])) $SET['result'] = ''; + + // Adatbázis csatlakozás (ha szükséges) + if (isset($olr) && $olr != '') { + if (MYSQLI_ENABLED===true) + $mysql_get_server_info = mysqli_get_server_info($olr); + else + $mysql_get_server_info = @mysql_get_server_info($olr); + } + if (isset($olr) && $olr != '' && $mysql_get_server_info !== false) { + $lr = $olr; + } else { + unset($olr); + if (in_array(substr(strtolower($q),0,4), array('sele','show','expl','set ','use '))) $lr = @db_connect($SET['modul'], array('priv' => 'Read', 'fv' => $SET['fv'])); + else $lr = @db_connect($SET['modul'], array('priv' => 'Write', 'fv' => $SET['fv'])); + } + if ($lr === false) { + if ($SET['detailed'] === true || __DETAILED) $_SESSION['alert'][] = 'message:sql_connect_failure:db_query/'.$SET['fv'].':'.$SET['modul'].':'.$q; + else $_SESSION['alert'][] = 'message:sql_connect_failure:db_query/'.$SET['fv']; + return false; + } + + // Ha behelyettesítendő paraméterek vannak + if (isset($SET['values']) && is_array($SET['values']) && count($SET['values']) > 0) { + $SET['values'] = array_map('db_escape_string', $SET['values'], array_fill(0 , count($SET['values']), $lr)); + array_unshift($SET['values'], $q); + $q_pattern = $q; + $q = @call_user_func_array('sprintf', $SET['values']); + if ($q === false) { + $_SESSION['alert'][] = 'message:wrong_data:db_query:behelyettesítés:'.$SET['fv']; + return false; + } + } + if ((isset($SET['debug']) && $SET['debug']===true) || (defined('__DEBUG') && __DEBUG === true)) { + $_q = str_replace(" ",'',$q); + echo '
info:debug:'.htmlspecialchars($SET['modul'].':'.$SET['fv'].':'.date('Y-m-d H:i:s').': '." \n".$_q)."
"; + if ($_GET['skin'] == 'ajax') $_JSON['sql log'][] = $SET['modul'].':'.$SET['fv'].':'.date('Y-m-d H:i:s').': '." \n".$_q; + if ($_GET['skin'] == 'rpc') { + openlog("MaYoR", LOG_PID | LOG_PERROR, LOG_LOCAL0); + syslog(LOG_WARNING, '[RPC]MySQL: '.(json_encode($SET)).", query: $_q {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})"); + closelog(); + } + } + if ( + ($SET['detailed'] === true || __DETAILED) + && strpos($q_pattern, '%s') !== false + && (strpos($q_pattern, '`%s`') === false && strpos($q_pattern, "'%s'") === false) + ) $_SESSION['alert'][] = 'message:lehet hiba?:db_query/'.$SET['fv'].':'.$SET['modul'].':'.$q_pattern; + + if ($SET['log']===true) mayorLogger(10,'mysql',$q,_USERACCOUNT); + if (MYSQLI_ENABLED===true) + $r = mysqli_query($lr,$q); + else + $r = @mysql_query($q, $lr); + define(MYSQL_LOGGER,false); + if (MYSQL_LOGGER === true) { + $filename = '/tmp/mysql.log'; + $fp = fopen($filename, "a+"); + fputs ($fp, $q."\n"); + fclose ($fp); + } + /* WARNING HANDLER */ +// if ((isset($SET['debug']) && $SET['debug']===true) || (defined('__DEBUG') &&__DEBUG === true) || (defined('__DETAILED') && __DETAILED===true)) { + if ((isset($SET['debug']) && $SET['debug']===true) || (defined('__DEBUG') &&__DEBUG === true)) { + if (MYSQLI_ENABLED===true) + $warningCountResult = mysqli_query($lr,"SELECT @@warning_count"); + else + $warningCountResult = mysql_query("SELECT @@warning_count",$lr); + if ($warningCountResult) { + if (MYSQLI_ENABLED===true) + $warningCount = mysqli_fetch_row($lr,$warningCountResult); + else + $warningCount = mysql_fetch_row($warningCountResult); + if ($warningCount[0] > 0) { + //Have warnings + if (MYSQLI_ENABLED===true) + $warningDetailResult = mysqli_query($lr, "SHOW WARNINGS"); + else + $warningDetailResult = mysql_query("SHOW WARNINGS",$lr); + if ($warningDetailResult ) { + if (MYSQLI_ENABLED===true) + while ($warning = mysqli_fetch_assoc($lr, $warningDetailResult)) {dump($warning); mayorLogger(2,'mysql',$q.' '.$warning,_USERACCOUNT);} + else + while ($warning = mysql_fetch_assoc($warningDetailResult)) {dump($warning); mayorLogger(2,'mysql',$q.' '.$warning,_USERACCOUNT);} + } + }//Else no warnings + } + } + /* WARNING HANDLER */ + if (!$r) { + // if ($SET['detailed'] === true || __DETAILED) $_SESSION['alert'][] = 'message:sql_query_failure:'.$SET['fv'].':'.':'.$q; + if ($SET['detailed'] === true || __DETAILED) { + if (MYSQLI_ENABLED===true) { + $_SESSION['alert'][] = 'message:sql_query_failure:mysqli:'.$SET['fv'].':'.mysqli_error($lr).':'.$q; + } else { + $_SESSION['alert'][] = 'message:sql_query_failure:mysql:'.$SET['fv'].':'.mysql_error($lr).':'.$q; + } + } else { + $_SESSION['alert'][] = 'message:sql_query_failure:'.$SET['fv']; + } + if ($SET['rollback'] === true) db_rollback($lr, $SET['fv']); + if (!isset($olr)) db_close($lr); + return false; + } + + if (MYSQLI_ENABLED === true) { + + if (in_array(substr(strtolower($q),0,4), array('sele','show','expl','(sel'))) { + $RESULT = array(); + switch($SET['result']) { + case 'indexed': + while ($A = mysqli_fetch_assoc($r)) $RESULT[] = $A; + break; + case 'assoc': + while ($A = mysqli_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]] = $A; + break; + case 'multiassoc': + while ($A = mysqli_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]][] = $A; + break; + case 'idonly': + while ($A = mysqli_fetch_row($r)) $RESULT[] = $A[0]; + break; + case 'value': + if (mysqli_num_rows($r) > 0) { + $A = mysqli_fetch_row($r); $RESULT = $A[0]; + } else { $RESULT = null; } + break; + case 'record': + if (mysqli_num_rows($r) > 0) { + $A = mysqli_fetch_assoc($r); $RESULT = $A; + } else { $RESULT = null; } + break; + case 'keyvaluepair': + while ($A = mysqli_fetch_row($r)) $RESULT[$A[0]] = $A[1]; + break; + case 'keyvalues': + while ($A = mysqli_fetch_row($r)) $RESULT[$A[0]][] = $A[1]; + break; + } + } elseif ($SET['result'] == 'insert' && (substr(strtolower($q),0,6) == 'insert' || substr(strtolower($q),0,7) == 'replace')) { + $RESULT = mysqli_insert_id($lr); + mayorLogger(1,'mysql',$q,_USERACCOUNT); + } elseif ($SET['result'] == 'affected rows') { + $RESULT = mysqli_affected_rows($lr); + mayorLogger(1,'mysql',$q,_USERACCOUNT); + } else { // create, insert, de nem olyan resulttal... + $RESULT = $r; + mayorLogger(1,'mysql',$q,_USERACCOUNT); + } + } else { // OLD DRIVER + + if (in_array(substr(strtolower($q),0,4), array('sele','show','expl','(sel'))) { + $RESULT = array(); + switch($SET['result']) { + case 'indexed': + while ($A = mysql_fetch_assoc($r)) $RESULT[] = $A; + break; + case 'assoc': + while ($A = mysql_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]] = $A; + break; + case 'multiassoc': + while ($A = mysql_fetch_assoc($r)) $RESULT[$A[$SET['keyfield']]][] = $A; + break; + case 'idonly': + while ($A = mysql_fetch_row($r)) $RESULT[] = $A[0]; + break; + case 'value': + if (mysql_num_rows($r) > 0) { + $A = mysql_fetch_row($r); $RESULT = $A[0]; + } else { $RESULT = null; } + break; + case 'record': + if (mysql_num_rows($r) > 0) { + $A = mysql_fetch_assoc($r); $RESULT = $A; + } else { $RESULT = null; } + break; + case 'keyvaluepair': + while ($A = mysql_fetch_row($r)) $RESULT[$A[0]] = $A[1]; + break; + case 'keyvalues': + while ($A = mysql_fetch_row($r)) $RESULT[$A[0]][] = $A[1]; + break; + } + } elseif ($SET['result'] == 'insert' && (substr(strtolower($q),0,6) == 'insert' || substr(strtolower($q),0,7) == 'replace')) { + $RESULT = mysql_insert_id($lr); + mayorLogger(1,'mysql',$q,_USERACCOUNT); + } elseif ($SET['result'] == 'affected rows') { + $RESULT = mysql_affected_rows($lr); + mayorLogger(1,'mysql',$q,_USERACCOUNT); + } else { // create, insert, de nem olyan resulttal... + $RESULT = $r; + mayorLogger(1,'mysql',$q,_USERACCOUNT); + } + } // DRIVER + + if (!isset($olr)) db_close($lr); + return $RESULT; + + } + +//-----------------------------------------------------------------------// + + function db_start_trans($lr) { + if ($lr != '') + if (MYSQLI_ENABLED === true) + mysqli_query($lr, "START TRANSACTION"); + else + mysql_query("START TRANSACTION", $lr); + } + + function db_commit($lr) { + if ($lr != '') + if (MYSQLI_ENABLED === true) + mysqli_query($lr, "COMMIT"); + else + mysql_query("COMMIT", $lr); + } + + function db_rollback($lr, $msg = '') { + if ($lr != '') { + $_SESSION['alert'][] = 'message:rollback:'.$msg; + if (MYSQLI_ENABLED === true) + mysqli_query($lr, "ROLLBACK"); + else + mysql_query("ROLLBACK", $lr); + } + } + +//---------------------------------------------------------------------// + + function db_escape_string($str, $olr = null) { + + if (isset($olr)) $lr = $olr; + else $lr = db_connect('login'); + + if (!$lr) return false; + + if(get_magic_quotes_gpc()) { + $return = mysql_real_escape_string(stripslashes($str), $lr); + } else { + if (MYSQLI_ENABLED===true) + $return = mysqli_real_escape_string($lr, $str); + else + $return = mysql_real_escape_string($str, $lr); + } + if (!isset($olr)) db_close($lr); + + return $return; + } + +?> diff --git a/mayor-orig/www/include/base/rights.php b/mayor-orig/www/include/base/rights.php new file mode 100644 index 00000000..1f3eed0f --- /dev/null +++ b/mayor-orig/www/include/base/rights.php @@ -0,0 +1,376 @@ += 0; $i--) $ret |= ord($res[$i]); + return !$ret; + } + } +} + + +function sessionCookieEncode($sessionID,$now,$extra='') +{ + if ($extra=='') $extra = uniqid(rand(), true); + $extraHash=sessionHash('ripemd160',$extra); +// pwHash added +// $value = base64_encode(strtotime($now).'g'.$extraHash); + $pwHash = sessionHash('ripemd160',uniqid(rand(), true)); + $value = base64_encode(strtotime($now).'g'.$extraHash.'g'.$pwHash); + return array('name'=>md5($sessionID), 'value'=>$value, 'store'=> $extraHash, 'pwHash'=>$pwHash); +} + +function sessionCookieDecode($sessionID) +{ + return explode('g',base64_decode($_COOKIE[md5($sessionID)])); +} + +function pseudoTokenGenerator() { + + if (function_exists('openssl_random_pseudo_bytes')) + $token = bin2hex(openssl_random_pseudo_bytes(32)); + else + $token = bin2hex(sessionHash()); + return $token; +} + +###################################################################### +# Azonosított user ellenőrzése a session tábla alapján +###################################################################### + + + +function validUser($sessionID,$policy,$skin='',$lang='') { + + if (_RUNLEVEL === 'cron') { + define('_USERPASSWORD','MaYoR-cron'); + define('_USERACCOUNT','MaYoR-cron'); + define('_USERCN','MaYoR-cron User'); + define('_STUDYID',''); + define('_LANG',$lang); + define('_SESSIONID','cron'); + return true; + } + + if ($sessionID == '') { + + if ($policy == _POLICY) { + define('_USERPASSWORD',''); + define('_USERACCOUNT',''); + define('_USERCN',''); + define('_STUDYID',''); +// define('_SKIN',$skin); + define('_LANG',$lang); + define('_SESSIONID',''); + } + return false; + + } else { + + $lr = db_connect('login', array('fv' => 'validUser')); + + if ($lr === false) die('A keretrendeszer adatbázisa nem érhető el! (validUser)'); + // ha nem tudta beállítani a sütit, akkor az $_sc üres lesz így a dt feltétel 1970-01-01, ami nem gond. +// pwHash +// list($_sessionDt,$_sessionCookie) = sessionCookieDecode($sessionID); + list($_sessionDt,$_sessionCookie,$_sessionPwHash) = sessionCookieDecode($sessionID); +// pwHash +// $query = "SELECT userAccount, userCn, studyId, decode(userPassword, '"._MYSQL_ENCODE_STR."'), skin, lang, activity, dt +// FROM session WHERE sessionID='%s' AND policy='%s'"; + $query = "SELECT userAccount, userCn, studyId, aes_decrypt(userPassword, '%s'), skin, lang, activity, dt + FROM session WHERE sessionID='%s' AND policy='%s'"; // [SECURITY-002] quickfix from marton.drotos@sztaki.hu + + if (defined('_SESSION_MAX_IDLE_TIME') and _SESSION_MAX_IDLE_TIME != 0) $query .= " AND activity + INTERVAL "._SESSION_MAX_IDLE_TIME." HOUR > NOW()"; + + $query .= " AND dt='".date('Y-m-d H:i:s', (($_sessionDt=="")?null:$_sessionDt) )."'"; + $query .= " AND sessionCookie='%s'"; + + $ret = db_query($query, array('fv' => 'validUser', 'modul' => 'login', 'result' => 'indexed', 'values' => array($_sessionPwHash, $sessionID, $policy, $_sessionCookie)), $lr); + + $num = count($ret); + if ($num == 1) { + + list($userAccount, $userCn, $studyId, $userPassword, $savedSkin, $lang, $activity, $dt) = array_values($ret[0]); + /* PDA */ + global $SKINS; + if (_USER_AGENT!=='ppc' && @in_array($savedSkin,$SKINS) ) $skin=$savedSkin; + if ($policy == _POLICY) { + define('_USERACCOUNT',$userAccount); + define('_USERCN',$userCn); + define('_STUDYID',$studyId); + define('_USERPASSWORD',$userPassword); +// define('_SKIN',$skin); + define('_LANG',$lang); + define('_SESSIONID',$sessionID); + } + // Aktivitás figyelése! + $query = "UPDATE session SET activity = NOW() WHERE sessionID = '%s'"; + db_query($query, array('fv' => 'validUser', 'modul' => 'login', 'values' => array($sessionID)), $lr); + db_close($lr); + return true; + + } else { + + if ($policy == _POLICY) { + define('_USERPASSWORD',''); + define('_USERACCOUNT',''); + define('_USERCN',''); + define('_STUDYID',''); +// define('_SKIN',$skin); + define('_LANG',$lang); + define('_SESSIONID',''); + } + db_close($lr); + if ($num > 1) $_SESSION['alert'][] = 'message:multi_session'; + if ($_sessionDt==="") define('_NOCOOKIE',true); // beállítjuk, hogy üzenni tudjunk + + return false; + + } + + } + +} + +//=================================================================================================================================== +// ------------------------------------------ +// debug üzenetek tárolása - a $_DEBUG változóba kerül midnen +// ------------------------------------------ + if (_RUNLEVEL!=='cron') ob_start(); + +// ------------------------------------------ +// a $page, $sub és $f csak a-z betűvel kezdődhet, utána pedig csak (a-z, /_-). $page és $f nem lehet üres +// ------------------------------------------ + + if ( + (preg_match('#^([a-z]|[A-Z])([0-9]|[a-z]|[A-Z]|/|_|-)*$#', $page) == false) OR + ($sub != '' AND preg_match('#^([a-z]|[A-Z])([0-9]|[a-z]|[A-Z]|/|_|-)*$#', $sub) == false) OR + (preg_match('#^([0-9]|[a-z]|[A-Z]|_|-)*$#', $f) == false) + ) { + $_SESSION['alert'][] = 'page:wrong_page:'; + $RIGHTS_OK = false; + } else { + $RIGHTS_OK = true; + } + +// ------------------------------------------ +// Security Check: $policy szerinti ellenőrzés +// ------------------------------------------ + + // A validUser (session.php) beállítja az alapvető session konstansokat is + if ( !validUser($sessionID,$policy,$skin,$lang) ) { + if ($AUTH[$policy]['authentication'] == 'required') { + if (defined('_NOCOOKIE')) $_SESSION['alert'][] = 'message:cookie';//$extendAlert='alert[]=message:cookie&'; + $_SESSION['alert'][]='message:auth_failure:'._CONTROL_FLAG_REQUIRED; + header('Location: index.php?policy=public&page=auth&f=login&toPolicy='.$policy."&toPSF=$page:$sub:$f&sessionID=$sessionID"); + die(); + } else { + // Hibás, vagy nem létező sessionID esetének kezelése - ha nem kötelező a sessionID --> nem csinálunk semmit (lehet egy másik policy-ben valid + } + + } + if (file_exists('include/share/session/base.php')) { + // A session kezeléshez szükséges backend függő függvények pl. memberOf + require('include/share/session/base.php'); + + } + // Remote Protocol Call (MaYoR) + if ($skin=='rpc') { + define('_RPC',true); + require_once('include/share/ssl/ssl.php'); + try + { + $_RPC['senderNodeId'] = $senderNodeId = readVariable($_POST['senderNodeId'],'strictstring',0); + $RPC = new Interconnect(); + $RPC->setRequestTarget('controller'); // A remoteHost lekérdezéshez kellhet + $RPC->setRemoteHostByNodeId($_RPC['senderNodeId']); + $RPC->processRequest(); // vélhetően van request + $_RPC['request'] = $RPC->getIncomingRequest(); + } + catch (Exception $e) + { + //$func=''; + //$DATA = array('error'=>$e->getMessage()); + } + } else { define('_RPC',false); } + // Interconnect end + + define('_RIGHTS_OK',$RIGHTS_OK); + + /* XSRF2 */ + define('__SALTNAME','MS_'.sha1($page.'_'.$sub.'_'.$f)); + define('__SALTVALUE',sessionHash()); + // mtoken + if (empty($_SESSION['mayorToken'])) { + $_SESSION['mayorToken'] = pseudoTokenGenerator(); + } + if (count($_POST)>0) { + if (!empty($_POST['mayorToken'])) { + if (hash_equals($_SESSION['mayorToken'], $_POST['mayorToken'])) { + // OK, token regenerálás + visszakuldjuk az ETAG-ben + $_SESSION['mayorToken'] = pseudoTokenGenerator(); + } else { + if ($_POST['action']!='') { /* Ha nincs action formváltozó, nincs szükség hibaüzenetre, a form nem módosít, de most... */ + $_SESSION['alert'][] = 'message:not_valid_form:pnu2'; + $_JSON['result'] = false; + } + unset($_POST['action']); + unset($action); + } + } else { // klasszikus ellenőrzés, fallback // TODO BEGIN DEPRECATED BLOCK + // $_JSON['result'] = false; // ITT gátolhatjuk a működést + if ($_COOKIE[__SALTNAME]=='') { // a session átállásig - ez semmitől nem véd, adott nevű sütit generálni bárki tud + $_SESSION['alert'][] = 'message:not_valid_form:no cookie'.$_SESSION[__SALTNAME]; + $_JSON['result'] = false; + unset($_POST['action']); + unset($action); + } elseif (!is_null($_COOKIE[__SALTNAME]) && ($_COOKIE[__SALTNAME] == $_POST[__SALTNAME])) { + // rendben + } else { + if ($_POST['action']!='') { // Ha nincs action formváltozó, nincs szükség hibaüzenetre, a form nem módosít + $_SESSION['alert'][] = 'message:not_valid_form'; + $_JSON['result'] = false; + } + unset($_POST['action']); + unset($action); + } + } // END DEPRECATED BLOCK + } + // eredeti post kezelés + ETAG prevent cache + if (($_SERVER['HTTPS']!=='on') || (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER']!='' && substr($_SERVER['HTTP_REFERER'],4,1)!=='s')) $_ssl = false; else $_ssl=true; + if (@setcookie(__SALTNAME,__SALTVALUE,time()+60*60*_SESSION_MAX_IDLE_TIME,'/','',$_ssl, true) == false) { + $_SESSION['alert'][] = 'message:no_cookie:unabletoset'; + } + /* /XSRF2 previous revision: r4138 */ + + // betöltjük az össes config-ot... (lásd még widgets) + try { + $_dirlist = scandir(_CONFIGDIR); + for ($i=0; $igetMessage(); + } + // ha betöltenénk az ÖSSZES modul include-jait, akkor be kéne mindent tölteni kb. ugyhogy ezt hagyjuk + if ($dh_all = @opendir("include/widgets/")) { + $includes = array(); + while (($_file = readdir($dh_all)) !== false) { + if (substr($_file,-4) == '.php') $includes[] = $_file; + } + closedir($dh_all); + sort($includes); + for ($i = 0; $i < count($includes); $i++) { + require_once("include/widgets/".$includes[$i]); + } + } + unset($file); + /* ---- */ + if (!in_array($page,$_loadModule)) $_loadModule[] = $page; + for ($i=0; $i10) array_shift($_SESSION['breadcrumb']); + $_SESSION['breadcrumb'][] = array('page'=>"$page",'sub'=>"$sub",'f'=>"$f"); + // --------- + if (file_exists($includeFile)) require($includeFile); + if (file_exists($skinFile)) require($skinFile); + if (file_exists($preFile)) include($preFile); + +// --------------------------------------- +// debug üzenetek tárolásának vége +// --------------------------------------- + $_DEBUG = ob_get_contents(); + ob_end_clean(); + + +?> \ No newline at end of file diff --git a/mayor-orig/www/include/base/str.php b/mayor-orig/www/include/base/str.php new file mode 100644 index 00000000..5c5a7c07 --- /dev/null +++ b/mayor-orig/www/include/base/str.php @@ -0,0 +1,230 @@ + Lat2 --> ékezettelen) +// ------------------------------------------------------------------- + +function ekezettelen($str) { + return strtr(mb_convert_encoding($str, 'ISO-8859-2', 'UTF-8'), '', 'aaeiooouuuAAEIOOOUUU'); +} + +/* +// --------------------------------------------------------------------------- +// +// UTF8 <--> ISO88592 váltás +// +// --------------------------------------------------------------------------- + +function UTF8_to_ISO88592($str) { + + return mb_convert_encoding($str,'ISO-8859-2','UTF-8'); + +} + +function ISO88592_to_UTF8($str) { + + return mb_convert_encoding($str,'UTF-8','ISO-8859-2'); + +} +*/ + +// --------------------------------------------------------------------------- +// +// Két string összehasonlítása a magyar ABC szerint ($a < $b => -1) +// +// --------------------------------------------------------------------------- + +function str_cmp($a,$b) { + + $ABC = Array('a'=>1, + ''=>1, + ''=>1, + 'b'=>3, + 'c'=>4, + 'd'=>5, + 'e'=>6, + ''=>7, + 'f'=>8, + 'g'=>9, + 'h'=>10, + 'i'=>11, + ''=>12, + 'j'=>13, + 'k'=>14, + 'l'=>15, + 'm'=>16, + 'n'=>17, + 'o'=>18, + ''=>18, + ''=>20, + ''=>20, + 'p'=>22, + 'q'=>23, + 'q'=>24, + 'r'=>25, + 's'=>26, + 't'=>27, + 'u'=>28, + ''=>28, + ''=>30, + ''=>30, + 'v'=>32, + 'x'=>33, + 'w'=>34, + 'y'=>35, + 'z'=>36 + ); + + $a = kisbetus(mb_convert_encoding($a,'ISO-8859-2','UTF-8')); + $b = kisbetus(mb_convert_encoding($b,'ISO-8859-2','UTF-8')); + + if ($a==$b) return 0; + + $i=0; + while( $i= 1000) { $roman .= "M"; $number = $number -1000; } + while ($number >= 900) { $roman .= "CM"; $number = $number -900; } + while ($number >= 500) { $roman .= "D"; $number = $number -500; } + while ($number >= 400) { $roman .= "CD"; $number = $number -400; } + while ($number >= 100) { $roman .= "C"; $number = $number -100; } + while ($number >= 90) { $roman .= "XC"; $number = $number -90; } + while ($number >= 50) { $roman .= "L"; $number = $number -50; } + while ($number >= 40) { $roman .= "XL"; $number = $number -40; } + while ($number >= 10) { $roman .= "X"; $number = $number -10; } + while ($number >= 9) { $roman .= "IX"; $number = $number -9; } + while ($number >= 5) { $roman .= "V"; $number = $number -5; } + while ($number >= 4) { $roman .= "IV"; $number = $number -4; } + while ($number >= 1) { $roman .= "I"; $number = $number -1; } + return $roman; + } + + function visszafele($e) {$b='';for($i=0; $i= 0; $i--) $ret |= ord($res[$i]); + return !$ret; + } + } + } + + if ( !function_exists( 'hex2bin' ) ) { + function hex2bin( $str ) { + $sbin = ""; + $len = strlen( $str ); + for ( $i = 0; $i < $len; $i += 2 ) { + $sbin .= pack( "H*", substr( $str, $i, 2 ) ); + } + return $sbin; + } + } + + function makeLinksClickable($text){ + $pattern[] = '/(\S+@\S+\.\S+)/'; + $replace[] = '$1'; + $pattern[] = '!(((f|ht)tp(s)?://)[-a-zA-Zа-яА-Я()0-9@:%_+.~#?&;//=]+)!i'; +// $replace[] = '$1 '; + $replace[] = '[LINK]'; + return preg_replace($pattern, $replace, $text); + } + function supertext($txt) { + $r = $txt; + $r = htmlspecialchars($r); + $pattern[]='/@diakId:(\d+)/'; + $pattern[]='/@tanarId:(\d+)/'; + $pattern[]='/@tankorId:(\d+)/'; + //$pattern[]='/@osztalyId:(\d+)/'; + $replacement[]=''; + $replacement[]=''; + $replacement[]='[tankör adatok]'; + //$replacement[]='[osztály adatok]'; + $r = preg_replace($pattern,$replacement,$r); + return $r; + } + + + require_once('include/share/date/names.php'); + function superdate($datetime) { + global $aHetNapjai; + $stamp = strtotime($datetime); + $date = date('Y-m-d',$stamp); + $dow = date('N',$stamp); + $Hi = date('H:i',$stamp); + if ($Hi == '00:00') $Hi = ''; + if ($stamp<=strtotime('-6 day')) { + return date('Y.m.d.', $stamp).' '.$Hi; + } elseif ($date==date('Y-m-d')) { + return 'Ma '.$Hi; + } elseif ($dow>date('N')) { + return 'Múlt hét '.kisbetus($aHetNapjai[$dow-1]).' '.$Hi; + } else { + return $aHetNapjai[$dow-1].' '.$Hi; + } + } + +?> diff --git a/mayor-orig/www/include/base/var.php b/mayor-orig/www/include/base/var.php new file mode 100644 index 00000000..3068fbc6 --- /dev/null +++ b/mayor-orig/www/include/base/var.php @@ -0,0 +1,134 @@ += 0) ? intval($IN) : $default; + break; + case 'float': + $return = (isset($IN) && is_numeric($IN)) ? floatval($IN) : $default; + break; + case 'float unsigned': + $return = (isset($IN) && is_numeric($IN) && $IN >= 0) ? floatval($IN) : $default; + break; + case 'datetime': + $return = (isset($IN) && $IN != '' && strtotime($IN) !== false && strtotime($IN) > 0) ? $IN : $default; + break; + case 'date': + $return = (isset($IN) && $IN != '' && strtotime($IN) !== false && strtotime($IN) > 0) ? date('Y-m-d',strtotime($IN)) : $default; + break; + case 'enum': + case 'emptystringnull': + case 'string': + if(get_magic_quotes_gpc()) $IN = stripslashes($IN); // -- DEPRECATED (mindig false) + $return = (isset($IN) && $IN != '') ? $IN : $default; + break; + case 'notempty': + $return = (isset($IN) && $IN != '') ? true : false; + break; + case 'bool': + // Ha nincs beállítva, akkor mindenképp true lenne így: + // $return = (isset($IN) && ($IN === 'false' || !$IN)) ? false : true; + $return = (isset($IN)) ? (($IN === 'false' || !$IN)? false : true) : $default; + break; + case 'strictstring': + $return = (isset($IN)) ? preg_replace("/[^a-zA-Z0-9_\-]/i",'',$IN) : $default; + break; + case 'html': + $return = (isset($IN)) ? preg_replace("/[^a-zA-Z0-9\ \.\,?_|:;űáéúőóüöíŰÁÉÚŐÓÜÖÍ\-]/i",'',$IN) : $default; + break; + case 'hexa': + $return = preg_replace("/[^0-9a-fA-F]/i",'',$IN); + break; + case 'number': + $return = preg_replace("/[^0-9]/",'',$IN); + break; + case 'sql': + $return = db_escape_string($IN); + if ($return === false) $return = $default; + break; + case 'path': + $return = ( preg_match('#^([a-z]|[A-Z]|[0-9])([0-9]|[a-z]|[A-Z]|/|_|-)*$#', $IN ) != false ) ? $IN : $default; + break; + case 'regexp': + $return = ( preg_match( "#$allowOnly[0]#", $IN ) == 1 ) ? $IN : $default; + break; + case 'regreplace': + $return = preg_replace( '#'.$allowOnly[0].'#i', '', $IN ); + break; + case 'mail': + case 'email': + $return = filter_var($IN, FILTER_VALIDATE_EMAIL); + break; + case 'userAccount': + $return = (preg_match("#([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$#", $IN) != false) ? $IN : $default; + break; + default: + $return = $IN; + $_SESSION['alert'][] = 'message:unknown_type:'.$type.':readVariable'; + break; + } + if ($return !== $default && !in_array($type,array('regexp','regreplace')) && count($allowOnly) > 0) $return = (in_array($return, $allowOnly)) ? $return : $default; + if (isset($condition) && $return != $default) $return = (eval("return $condition;")) ? $return : $default; + } + + return $return; + } + + function in_date_interval($dt,$tolDt,$igDt) { + $accept = false; + if ($dt == date('Y-m-d', strtotime($tolDt))) // ha a kezdőnapra esik + $accept = true; + if ($dt == date('Y-m-d', strtotime($igDt))) // ha a végnapra esik + $accept = true; + return ( + $accept + || ( + (is_null($tolDt) || strtotime($tolDt)<=strtotime($dt)) + && (is_null($igDt) || strtotime($dt)<=strtotime($igDt)) + ) + ); + } + + // FIGYELEM! Csak megbízható belső kódban használjuk + function reindex($THIS, $HOW) { + // ha nincs megadva, hogy hogy, adjuk vissza az eredeti tömböt + if (!is_array($HOW) || count($HOW)==0) return $THIS; + + $RET = array(); + for ($i=0; $i'; + call_user_func_array('var_dump', $ARGS); + echo '
'; + + } + +?> -- cgit v1.2.3