Page Menu
Home
In-Portal Phabricator
Search
Configure Global Search
Log In
Files
F1160069
in-portal
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Thu, Sep 18, 11:40 PM
Size
36 KB
Mime Type
text/x-diff
Expires
Sat, Sep 20, 11:40 PM (26 m, 17 s)
Engine
blob
Format
Raw Data
Handle
745952
Attached To
rINP In-Portal
in-portal
View Options
Index: trunk/kernel/include/config.php
===================================================================
--- trunk/kernel/include/config.php (revision 5167)
+++ trunk/kernel/include/config.php (revision 5168)
@@ -1,516 +1,523 @@
<?php
class clsConfig
{
var $config;
var $m_dirty_session;
var $m_IsDirty;
var $m_DirtyFields;
var $m_VarType;
var $adodbConnection;
function clsConfig()
{
$this->m_IsDirty=false;
$this->adodbConnection = &GetADODBConnection();
$this->config = array();
$this->m_IsDefault = array();
$this->VarType = array();
}
function SetDebugLevel($value)
{
}
function Load()
{
if(is_object($this->adodbConnection))
{
LogEntry("Config Load Start\n");
$sql = "select VariableName, VariableValue from ".GetTablePrefix()."ConfigurationValues";
$rs = $this->adodbConnection->Execute($sql);
unset($this->config);
#this->config=array();
$count=0;
while($rs && !$rs->EOF)
{
$this->config[$rs->fields["VariableName"]] = $rs->fields["VariableValue"];
$this->m_VarType[$rs->fields["VariableName"]] = 0;
// $this->Set($rs->fields["VariableName"],$rs->fields["VariableValue"],0);
if( defined('ADODB_EXTENSION') && constant('ADODB_EXTENSION') > 0 )
{
adodb_movenext($rs);
}
else
$rs->MoveNext();
$count++;
}
LogEntry("Config Load End - $count Variables\n");
}
unset($this->m_DirtyFields);
$this->m_IsDirty=false;
if (defined('DBG_SITE_PATH')) {
$this->config['Site_Path'] = DBG_SITE_PATH;
}
}
function Get($property)
{
if( isset($this->config[$property]) )
{
return $this->config[$property];
}
elseif( isset($this->config[ strtolower($property)] ) )
{
return $this->config[ strtolower($property) ];
}
else
{
return '';
}
}
function Set($property, $value,$type=0,$force=FALSE)
{
if(is_array($this->config) && strlen($property)>0)
{
if(array_key_exists($property,$this->config))
{
$current = $this->config[$property];
$changed = ($current != $value);
}
else
$changed = true;
}
else
$changed = false;
$this->config[$property]=$value;
$this->m_IsDirty = ($this->m_IsDirty or $changed or $force);
if($changed || $force)
{
$this->m_DirtyFields[$property] = $value;
}
$this->m_VarType[$property] = $type;
}
function Save()
{
if($this->m_IsDirty==TRUE)
{
foreach($this->m_DirtyFields as $field=>$value)
{
if($this->m_VarType[$field]==0)
{
// $sql = sprintf("UPDATE ".GetTablePrefix()."ConfigurationValues SET VariableValue=%s WHERE VariableName=%s", $this->adodbConnection->qstr($value), $this->adodbConnection->qstr($field));
$sql = 'UPDATE '.GetTablePrefix().'ConfigurationValues SET VariableValue="'.addslashes($value).'" WHERE VariableName="'.addslashes($field).'"';
// echo $sql."<br>\n";
$rs = $this->adodbConnection->execute($sql);
}
}
}
$this->m_IsDirty=FALSE;
unset($this->m_DirtyFields);
}
function TimeFormat()
{
return is12HourMode() ? 'g:i:s A' : 'H:i:s';
}
/* vartype should be either 1 or 2, 1 = perstant data, 2 = session data */
function GetDirtySessionValues($VarType)
{
$result = array();
if(is_array($this->m_DirtyFields))
{
foreach($this->m_DirtyFields as $property=>$values)
{
if($this->m_VarType[$property]==$VarType)
$result[$property] = $values;
}
}
return $result;
}
function GetConfigValues($postfix = '')
{
// return only varibles, that match specified criteria
if(!$postfix) return $this->config;
$result = Array();
$postfix_len = $postfix ? strlen($postfix) : 0;
foreach($this->config as $config_var => $var_value)
{
if( substr($config_var, - $postfix_len) == $postfix )
$result[$config_var] = $var_value;
}
return $result;
}
}/* clsConfig */
/*
To create the configuration forms in the admin section, populate the table ConfigurationAdmin and
ConfigurationValues.
The tables are fairly straight-forward. The fields of concern in the ConfigurationValues table is
ModuleOwner and Section. ModuleOwner should either be the module name or In-Portal for kernel related stuff.
(Items which should appear under 'System Configuration').
The Section field determines the NavMenu section the value is associated with. For example,
in-portal:configure_general refers to items listed under System Configuration->General.
In the ConfigurationAdmin table, ensure the VariableName field is the same as the one in ConfigurationValues
(this is the field that creates the natural join.) The prompt field is the text displayed to the left of the form element
in the table. This should contain LANGUAGE ELEMENT IDENTIFIERS that are plugged into the Language function.
The element_type field describes the type of form element is associated with this item. Possible values are:
- text : textbox
- checkbox : a simple checkbox
- select : creates a dropdown box. In this case, the ValueList field should be populated with a comma-separated list
in name=value,name=value format (each element is translated to:
<option VALUE="[value]">[name]</option>
To add dynamic data to this list, enclose an SQL statement with <SQL></SQL> tags for example:
<SQL>SELECT FieldLabel as OptionName, FieldName as OptionValue FROM <prefix>CustomField WHERE <prefix>.CustomFieldType=3></SQL>
note the specific field labels OptionName and OptionValue. They are required by the parser.
use the <prefix> tag to insert the system's table prefix into the sql statement as appropriate
*/
class clsConfigAdminItem
{
var $name;
var $heading;
var $prompt;
var $ElementType;
var $ValueList; /* comma-separated list in name=value pair format*/
var $ValidationRules;
var $default_value;
var $adodbConnection;
var $NextItem=NULL;
var $Section;
var $DisplayOrder = null;
var $TabIndex = 0;
function clsConfigAdminItem($config_name=NULL)
{
$this->adodbConnection = &GetADODBConnection();
if($config_name)
$this->LoadSetting($config_name);
}
function LoadSetting($config_name)
{
$sql = "SELECT * FROM ".GetTablePrefix()."ConfigurationAdmin INNER JOIN ".GetTablePrefix()."ConfigurationValues Using(VariableName) WHERE ".GetTablePrefix()."ConfigurationAdmin.VariableName='".$config_name."'";
$rs = $this->adodbConnection->Execute($sql);
if($rs && !$rs->EOF)
{
$this->name = $rs->fields["VariableName"];
$this->heading = $rs->fields["heading"];
$this->prompt = $rs->fields["prompt"];
$this->ElementType = $rs->fields["element_type"];
$this->ValidationRules=$rs->fields["validation"];
$this->default_value = $rs->fields["VariableValue"];
$this->ValueList=$rs->fields["ValueList"];
$this->Section = $rs->fields["Section"];
$this->DisplayOrder = $rs->fields['DisplayOrder'];
}
}
function explode_sql($sql)
{
$s = "";
$rs = $this->adodbConnection->Execute($sql);
while ($rs && !$rs->EOF)
{
if(strlen(trim($rs->fields["OptionName"]))>0 && strlen(trim($rs->fields["OptionValue"]))>0)
{
if(strlen($s))
$s .= ",";
$s .= $rs->fields["OptionName"]."="."+".$rs->fields["OptionValue"];
}
$rs->MoveNext();
}
return $s;
}
- function replace_sql($string)
+ function replace_sql($string, $start_mark = '<SQL>')
{
- $string = str_replace("<PREFIX>",GetTablePrefix(),$string);
-
- $start = strpos($string,"<SQL>");
+ $mark_length = strlen($start_mark);
+ $string = str_replace("<PREFIX>",GetTablePrefix(),$string);
- while($start)
- {
- $end = strpos($string,"</SQL>");
- if(!$end)
- {
- $end = strlen($string);
- }
- $len = $end - $start;
- $sql = substr($string,$start+5,$len-5);
-
- $sql_val = $this->explode_sql($sql);
- $s = substr($string,0,$start) . $sql_val . substr($string,$end+6);
-
- $string = $s;
- $start = strpos($string,"<SQL>");
- }
- return preg_replace('/(.*)$,/','\\1', $string);
+ $start = strpos($string, $start_mark);
+
+ while($start)
+ {
+ $end = strpos($string,"</SQL>");
+ if(!$end)
+ {
+ $end = strlen($string);
+ }
+ $len = $end - $start;
+ $sql = substr($string,$start + $mark_length,$len - $mark_length);
+
+ $sql_val = $this->explode_sql($sql);
+ $s = substr($string, 0, $start) . $sql_val . substr($string, $end + $mark_length + 1);
+
+ $string = $s;
+ $start = strpos($string, $start_mark);
+ }
+
+ if ($start_mark == '<SQL>') {
+ // to prevent recursion. check new style of sqls too
+ $string = $this->replace_sql($string, '<SQL+>');
+ }
+
+ return preg_replace('/(.*)$,/','\\1', $string);
}
function ItemFormElement($StartFrom=1)
{
global $objConfig;
if(!$this->TabIndex) $this->TabIndex = $StartFrom;
$o = '';
if( $objConfig->Get($this->name) != '' )
{
$this->default_value = $objConfig->Get($this->name);
}
$this->default_value = inp_htmlize($this->default_value);
switch($this->ElementType)
{
case 'text':
$o .= '<input type="text" tabindex="'.($this->TabIndex++).'" name="'.$this->name.'" ';
$o .= 'value="'.$this->default_value.'">';
break;
case 'checkbox':
$o .= '<input type="checkbox" name="'.$this->name.'" tabindex="'.($this->TabIndex++).'"';
$o .= $this->default_value ? ' checked>' : '>';
break;
case 'password':
/* To exclude config form from populating with Root (md5) password */
if( $this->Section == 'in-portal:configure_users' ) $this->default_value = '';
$o .= '<input type="password" tabindex="'.($this->TabIndex++).'" name="'.$this->name.'" ';
$o .= 'value="'.$this->default_value.'">';
break;
case 'textarea':
$o .= '<textarea tabindex="'.($this->TabIndex++).'" '.$this->ValueList.' name="'.$this->name.'">'.$this->default_value.'</textarea>';
break;
case 'label':
if ($this->default_value) {
$tag_params = clsHtmlTag::ParseAttributes($this->ValueList);
if (isset($tag_params['cut_first'])) {
$cut_first = $tag_params['cut_first'];
if (strlen($this->default_value) > $cut_first) {
$o .= substr($this->default_value, 0, $cut_first).' ...';
}
else {
$o .= $this->default_value;
}
}
else {
$o .= $this->default_value;
}
}
break;
case 'radio':
$radioname = $this->name;
$ValList = $this->replace_sql($this->ValueList);
$this->TabIndex++;
$val = explode(',',$ValList);
for($i=0;$i<=count($val);$i++)
{
if(strlen($val[$i]))
{
$parts = explode('=',$val[$i]);
$s = $parts[1];
if(strlen($s)==0)
$s = '';
$o .= '<input type="radio" tabindex="'.$this->TabIndex.'" name="'.$this->name.'" value="'.$parts[0].'"';
$o .= ($this->default_value == $parts[0]) ? ' checked>' : '>';
$o .= (substr($s,0,1)=="+") ? $s : prompt_language($s);
}
}
$this->TabIndex++;
break;
case 'select':
$o .= '<select name="'.$this->name.'" tabindex="'.($this->TabIndex++).'">';
$ValList = $this->replace_sql($this->ValueList);
$val = explode(',', $ValList);
for($i=0;$i<=count($val);$i++)
{
if(strlen($val[$i]))
{
$parts = explode('=',$val[$i]);
$s = $parts[1];
if(strlen($s)==0) $s = '';
$selected = '';
if($this->default_value==$parts[0]) $selected = ' selected';
$title = (substr($s,0,1) == '+') ? substr($s,1) : admin_language($s);
$o .= '<option value="'.$parts[0].'" '.$selected.'>'.$title.'</option>';
}
}
$o .= '</select>';
break;
}
return $o;
}
function GetPrompt()
{
$ret = prompt_language($this->prompt);
return $ret;
}
}
class clsConfigAdmin
{
var $module;
var $section;
var $Items;
function clsConfigAdmin($module="",$section="",$Inst=FALSE)
{
$this->module = $module;
$this->section = $section;
$this->Items= array();
if(strlen($module) && strlen($section))
$this->LoadItems(TRUE,$Inst);
}
function Clear()
{
unset($this->Items);
$this->Items = array();
}
function NumItems()
{
if(is_array($this->Items))
{
return count($this->Items);
}
else
return 0;
}
function LoadItems($CheckNextItems=TRUE, $inst=FALSE)
{
$this->Clear();
if(!$inst)
{
$sql = "SELECT * FROM ".GetTablePrefix()."ConfigurationAdmin INNER JOIN ".GetTablePrefix()."ConfigurationValues Using(VariableName)
WHERE ModuleOwner='".$this->module."' AND Section='".$this->section."' ORDER BY DisplayOrder ASC";
}
else
{
$sql = "SELECT * FROM ".GetTablePrefix()."ConfigurationAdmin INNER JOIN ".GetTablePrefix()."ConfigurationValues Using(VariableName)
WHERE ModuleOwner='".$this->module."' AND Section='".$this->section."' AND Install=1 ORDER BY DisplayOrder ASC";
}
if( $GLOBALS['debuglevel'] ) echo $sql."<br>\n";
$adodbConnection = &GetADODBConnection();
$rs = $adodbConnection->Execute($sql);
$i = null;
$last = '';
while($rs && !$rs->EOF)
{
$data = $rs->fields;
if(is_object($i) && $CheckNextItems)
{
$last = $i->prompt;
unset($i);
}
$i = new clsConfigAdminItem(NULL);
$i->name = $data["VariableName"];
$i->default_value = $data["VariableValue"];
$i->heading = $data["heading"];
$i->prompt = $data["prompt"];
$i->ElementType = $data["element_type"];
$i->ValueList = $data["ValueList"];
$i->ValidationRules = isset($data['validaton']) ? $data['validaton'] : '';
$i->Section = $data["Section"];
$i->DisplayOrder = $data['DisplayOrder'];
if(strlen($last)>0)
{
if($i->prompt==$last)
{
$this->Items[count($this->Items)-1]->NextItem=$i;
}
else
{
$i->NextItem=NULL;
array_push($this->Items,$i);
}
}
else
{
$i->NextItem=NULL;
array_push($this->Items,$i);
}
//unset($i);
$rs->MoveNext();
}
}
function SaveItems($POSTVARS, $force=FALSE)
{
global $objConfig;
foreach($this->Items as $i)
{
if($i->ElementType != "label")
{
if($i->ElementType != "checkbox")
{
$objConfig->Set($i->name,stripslashes($POSTVARS[$i->name]));
}
else
{
if($POSTVARS[$i->name]=="on")
{
$value=1;
}
else
$value = (int)$POSTVARS[$i->name];
$objConfig->Set($i->name,stripslashes($value),0,$force);
}
}
}
$objConfig->Save();
}
function GetHeadingList()
{
$res = array();
foreach($this->Items as $i)
{
$res[$i->heading]=1;
}
reset($res);
return array_keys($res);
}
function GetHeadingItems($heading)
{
$res = array();
foreach($this->Items as $i)
{
if($i->heading==$heading)
array_push($res,$i);
}
return $res;
}
}
?>
\ No newline at end of file
Property changes on: trunk/kernel/include/config.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.21
\ No newline at end of property
+1.22
\ No newline at end of property
Index: trunk/kernel/units/general/helpers/modules.php
===================================================================
--- trunk/kernel/units/general/helpers/modules.php (revision 5167)
+++ trunk/kernel/units/general/helpers/modules.php (revision 5168)
@@ -1,369 +1,370 @@
<?php
class kModulesHelper extends kHelper {
function checkLogin()
{
return $this->_GetModules();
}
function getWhereClause()
{
$where_clause = Array('Loaded = 1');
if (!$this->Application->IsAdmin()) return implode(' AND ', $where_clause);
$modules = $this->_GetModules();
if ($modules) {
foreach ($modules as $module_index => $module) {
$modules[$module_index] = $this->Conn->qstr($module);
}
$where_clause[] = 'Name IN ('.implode(',', $modules).')';
}
return implode(' AND ', $where_clause);
}
function _EnableCookieSID()
{
$session =& $this->Application->recallObject('Session');
return $session->CookiesEnabled;
}
function _IsSpider($UserAgent)
{
global $robots;
$lines = file(FULL_PATH.'/robots_list.txt');
if (!is_array($robots)) {
$robots = Array();
for($i = 0; $i < count($lines); $i++) {
$l = $lines[$i];
$p = explode("\t", $l, 3);
$robots[] = $p[2];
}
}
return in_array($UserAgent, $robots);
}
function _MatchIp($ip1, $ip2)
{
$matched = TRUE;
$ip = explode('.', $ip1);
$MatchIp = explode('.', $ip2);
for ($i = 0; $i < count($ip); $i++) {
if($i == count($MatchIp)) break;
if (trim($ip[$i]) != trim($MatchIp[$i]) || trim($ip[$i]) == '*') {
$matched = FALSE;
break;
}
}
return $matched;
}
function _IpAccess($IpAddress, $AllowList, $DenyList)
{
$allowed = explode(',', $AllowList);
$denied = explode(',', $DenyList);
$MatchAllowed = FALSE;
for ($x = 0; $x < count($allowed); $x++) {
$ip = explode('.', $allowed[$x]);
$MatchAllowed = $this->_MatchIp($IpAddress, $allowed[$x]);
if ($MatchAllowed)
break;
}
$MatchDenied = FALSE;
for ($x = 0; $x < count($denied); $x++) {
$ip = explode('.', $denied[$x]);
$MatchDenied = $this->_MatchIp($IpAddress, $denied[$x]);
if ($MatchDenied)
break;
}
$Result = (($MatchAllowed && !$MatchDenied) || (!$MatchAllowed && !$MatchDenied) ||
($MatchAllowed && $MatchDenied));
return $Result;
}
/**
* Reads config.php file and parses it
*
*/
function _readConfig()
{
$vars = parse_portal_ini(FULL_PATH.'/config.php');
foreach ($vars as $config_key => $config_value) {
$GLOBALS['g_'.$config_key] = $config_value;
}
}
/**
* Leaves only domain part from hostname (e.g. extract "intechnic.lv" from "test.intechnic.lv")
* Used for admin login license check
*
* @param string $d
* @return string
*/
function _StripDomainHost($d)
{
+ $IsIp = false;
$dotcount = substr_count($d, '.');
if ($dotcount == 3) {
$IsIp = true;
for ($x = 0; $x < strlen($d); $x++) {
if (!is_numeric(substr($d, $x, 1)) && substr($d, $x, 1) != '.')
{
$IsIp = false;
break;
}
}
}
if ($dotcount > 1 && !$IsIp) {
$p = explode('.', $d);
$ret = $p[count($p) - 2].'.'.$p[count($p) - 1];
}
else {
$ret = $d;
}
return $ret;
}
/**
* When logging into admin then check only last 2 parts of host name VS domain in license
*
* @param string $user_domain
* @param string $license_domain
* @return int
*/
function _CheckDomain($user_domain, $license_domain)
{
if ($this->Application->IsAdmin()) {
$user_domain = $this->_StripDomainHost($user_domain);
return preg_match('/(.*)'.preg_quote($user_domain, '/').'$/', $license_domain);
}
else {
return preg_match('/(.*)'.preg_quote($license_domain, '/').'$/', $user_domain);
}
}
/**
* Returns modules list, that are in license
*
* @return Array
*/
function _GetModules()
{
global $i_Keys;
static $modules = null;
if (isset($modules)) return $modules;
$this->_readConfig();
$license = base64_decode($GLOBALS['g_License']);
$this->_ParseLicense($license);
$modules = Array();
$domain = $this->_GetDomain();
if (!$this->_IsLocalSite($domain)) {
for ($x = 0; $x < count($i_Keys); $x++) {
$key = $i_Keys[$x];
if ($this->_CheckDomain($domain, $key['domain'])) {
// used hostname is subdomain or matches domain from license
$modules = explode(',', $key['mod']);
}
}
}
else {
$modules = array_keys($this->Application->ModuleInfo);
}
return $modules;
}
/**
* Allows to determine if module is licensed
*
* @param string $name
* @return bool
*/
function _ModuleLicensed($name)
{
$modules = $this->_GetModules();
return in_array($name, $modules);
}
/**
* Returns domain from licences (and direct in case of install script)
*
* @return string
*/
function _GetDomain()
{
return $this->Application->ConfigValue('DomainDetect') ? $_SERVER['HTTP_HOST'] : $GLOBALS['g_Domain'];
}
function _keyED($txt, $encrypt_key)
{
$encrypt_key = md5($encrypt_key);
$ctr = 0;
$tmp = '';
for ($i = 0; $i < strlen($txt); $i++) {
if ($ctr == strlen($encrypt_key)) $ctr = 0;
$tmp .= substr($txt, $i, 1) ^ substr($encrypt_key, $ctr, 1);
$ctr++;
}
return $tmp;
}
function _decrypt($txt, $key)
{
$txt = $this->_keyED($txt,$key);
$tmp = '';
for ($i = 0; $i < strlen($txt); $i++) {
$md5 = substr($txt, $i, 1);
$i++;
$tmp .= (substr($txt, $i, 1) ^ $md5);
}
return $tmp;
}
function LoadFromRemote()
{
return '';
}
function DLid()
{
die($GLOBALS['lid']."\n");
}
function _LoadLicense($LoadRemote = false)
{
$f = FULL_PATH.'/intechnic.php';
if ($this->_falseIsLocalSite($f)) $ret = true;
if (file_exists($f)) {
$contents = file($f);
$data = base64_decode($contents[1]);
}
else {
if ($LoadRemote) return $LoadFromRemote;
}
return $data;
}
function _VerifyKey($domain, $k)
{
$key = md5($domain);
$lkey = substr($key, 0, strlen($key) / 2);
$rkey = substr($key, strlen($key) / 2);
$r = $rkey.$lkey;
if ($k == $r) return true;
return false;
}
function _ParseLicense($txt)
{
global $i_User, $i_Pswd, $i_Keys;
if (!$this->_falseIsLocalSite($txt)) $nah = false;
$data = $this->_decrypt($txt, 'beagle');
$i_Keys = Array();
$lines = explode("\n", $data);
for ($x = 0; $x < count($lines); $x++) {
$l = $lines[$x];
$p = explode('=', $l, 2);
switch($p[0]) {
case 'Username':
$i_User = $p[1];
break;
case 'UserPass':
$i_Pswd = $p[1];
break;
default:
if (substr($p[0], 0, 3) == 'key') {
$parts = explode('|', $p[1]);
if ($this->_VerifyKey($parts[0], $parts[1])) {
unset($K);
$k['domain'] = $parts[0];
$k['key'] = $parts[1];
$k['desc'] = $parts[2];
$k['mod'] = $parts[3];
$i_Keys[] = $k;
}
}
break;
}
}
}
function _GetObscureValue($i)
{
if ($i == 'x') return 0254; $z = '';
if ($i == 'z') return 0x7F.'.';
if ($i == 'c') return '--code--';
if ($i >= 5 && $i < 7) return $this->_GetObscureValue($z)*$this->_GetObscureValue('e');
if ($i > 30) return Array(0x6c,0x6f,0x63,0x61,0x6c,0x68,0x6f,0x73,0x74);
if ($i > 20) return 99;
if ($i > 10) return '.'.($this->_GetObscureValue(6.5)+1);
if ($i == 'a') return 0xa;
}
function _Chr($val)
{
$x = $this->_GetObscureValue(25);
$f = chr($x).chr($x+5).chr($x+15);
return $f($val);
}
function _IsLocalSite($domain)
{
$ee = $this->_GetObscureValue(35); $yy = '';
foreach ($ee as $e) $yy .= $this->_Chr($e);
$localb = FALSE;
if(substr($domain,0,3)==$this->_GetObscureValue('x'))
{
$b = substr($domain,0,6);
$p = explode(".",$domain);
$subnet = $p[1];
if($p[1]>15 && $p[1]<32)
$localb=TRUE;
}
$zz = $this->_GetObscureValue('z').$this->_GetObscureValue(5).'.'.(int)$this->_GetObscureValue(7).$this->_GetObscureValue(12);
$ff = $this->_GetObscureValue('z')+65;
$hh = $ff-0x18;
if($domain==$yy || $domain==$zz || substr($domain,0,7)==$ff.$this->_Chr(46).$hh ||
substr($domain,0,3)==$this->_GetObscureValue('a').$this->_Chr(46) || $localb || strpos($domain,".")==0)
{
return TRUE;
}
return FALSE;
}
function _falseIsLocalSite($domain)
{
$localb = FALSE;
if(substr($domain,0,3)=="172")
{
$b = substr($domain,0,6);
$p = explode(".",$domain);
$subnet = $p[1];
if($p[1]>15 && $p[1]<32)
$localb=TRUE;
}
if($domain=="localhost" || $domain=="127.0.0.1" || substr($domain,0,7)=="192.168" ||
substr($domain,0,3)=="10." || $localb || strpos($domain,".")==0)
{
return TRUE;
}
return FALSE;
}
}
?>
\ No newline at end of file
Property changes on: trunk/kernel/units/general/helpers/modules.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.5
\ No newline at end of property
+1.6
\ No newline at end of property
Index: trunk/core/units/general/helpers/modules.php
===================================================================
--- trunk/core/units/general/helpers/modules.php (revision 5167)
+++ trunk/core/units/general/helpers/modules.php (revision 5168)
@@ -1,369 +1,370 @@
<?php
class kModulesHelper extends kHelper {
function checkLogin()
{
return $this->_GetModules();
}
function getWhereClause()
{
$where_clause = Array('Loaded = 1');
if (!$this->Application->IsAdmin()) return implode(' AND ', $where_clause);
$modules = $this->_GetModules();
if ($modules) {
foreach ($modules as $module_index => $module) {
$modules[$module_index] = $this->Conn->qstr($module);
}
$where_clause[] = 'Name IN ('.implode(',', $modules).')';
}
return implode(' AND ', $where_clause);
}
function _EnableCookieSID()
{
$session =& $this->Application->recallObject('Session');
return $session->CookiesEnabled;
}
function _IsSpider($UserAgent)
{
global $robots;
$lines = file(FULL_PATH.'/robots_list.txt');
if (!is_array($robots)) {
$robots = Array();
for($i = 0; $i < count($lines); $i++) {
$l = $lines[$i];
$p = explode("\t", $l, 3);
$robots[] = $p[2];
}
}
return in_array($UserAgent, $robots);
}
function _MatchIp($ip1, $ip2)
{
$matched = TRUE;
$ip = explode('.', $ip1);
$MatchIp = explode('.', $ip2);
for ($i = 0; $i < count($ip); $i++) {
if($i == count($MatchIp)) break;
if (trim($ip[$i]) != trim($MatchIp[$i]) || trim($ip[$i]) == '*') {
$matched = FALSE;
break;
}
}
return $matched;
}
function _IpAccess($IpAddress, $AllowList, $DenyList)
{
$allowed = explode(',', $AllowList);
$denied = explode(',', $DenyList);
$MatchAllowed = FALSE;
for ($x = 0; $x < count($allowed); $x++) {
$ip = explode('.', $allowed[$x]);
$MatchAllowed = $this->_MatchIp($IpAddress, $allowed[$x]);
if ($MatchAllowed)
break;
}
$MatchDenied = FALSE;
for ($x = 0; $x < count($denied); $x++) {
$ip = explode('.', $denied[$x]);
$MatchDenied = $this->_MatchIp($IpAddress, $denied[$x]);
if ($MatchDenied)
break;
}
$Result = (($MatchAllowed && !$MatchDenied) || (!$MatchAllowed && !$MatchDenied) ||
($MatchAllowed && $MatchDenied));
return $Result;
}
/**
* Reads config.php file and parses it
*
*/
function _readConfig()
{
$vars = parse_portal_ini(FULL_PATH.'/config.php');
foreach ($vars as $config_key => $config_value) {
$GLOBALS['g_'.$config_key] = $config_value;
}
}
/**
* Leaves only domain part from hostname (e.g. extract "intechnic.lv" from "test.intechnic.lv")
* Used for admin login license check
*
* @param string $d
* @return string
*/
function _StripDomainHost($d)
{
+ $IsIp = false;
$dotcount = substr_count($d, '.');
if ($dotcount == 3) {
$IsIp = true;
for ($x = 0; $x < strlen($d); $x++) {
if (!is_numeric(substr($d, $x, 1)) && substr($d, $x, 1) != '.')
{
$IsIp = false;
break;
}
}
}
if ($dotcount > 1 && !$IsIp) {
$p = explode('.', $d);
$ret = $p[count($p) - 2].'.'.$p[count($p) - 1];
}
else {
$ret = $d;
}
return $ret;
}
/**
* When logging into admin then check only last 2 parts of host name VS domain in license
*
* @param string $user_domain
* @param string $license_domain
* @return int
*/
function _CheckDomain($user_domain, $license_domain)
{
if ($this->Application->IsAdmin()) {
$user_domain = $this->_StripDomainHost($user_domain);
return preg_match('/(.*)'.preg_quote($user_domain, '/').'$/', $license_domain);
}
else {
return preg_match('/(.*)'.preg_quote($license_domain, '/').'$/', $user_domain);
}
}
/**
* Returns modules list, that are in license
*
* @return Array
*/
function _GetModules()
{
global $i_Keys;
static $modules = null;
if (isset($modules)) return $modules;
$this->_readConfig();
$license = base64_decode($GLOBALS['g_License']);
$this->_ParseLicense($license);
$modules = Array();
$domain = $this->_GetDomain();
if (!$this->_IsLocalSite($domain)) {
for ($x = 0; $x < count($i_Keys); $x++) {
$key = $i_Keys[$x];
if ($this->_CheckDomain($domain, $key['domain'])) {
// used hostname is subdomain or matches domain from license
$modules = explode(',', $key['mod']);
}
}
}
else {
$modules = array_keys($this->Application->ModuleInfo);
}
return $modules;
}
/**
* Allows to determine if module is licensed
*
* @param string $name
* @return bool
*/
function _ModuleLicensed($name)
{
$modules = $this->_GetModules();
return in_array($name, $modules);
}
/**
* Returns domain from licences (and direct in case of install script)
*
* @return string
*/
function _GetDomain()
{
return $this->Application->ConfigValue('DomainDetect') ? $_SERVER['HTTP_HOST'] : $GLOBALS['g_Domain'];
}
function _keyED($txt, $encrypt_key)
{
$encrypt_key = md5($encrypt_key);
$ctr = 0;
$tmp = '';
for ($i = 0; $i < strlen($txt); $i++) {
if ($ctr == strlen($encrypt_key)) $ctr = 0;
$tmp .= substr($txt, $i, 1) ^ substr($encrypt_key, $ctr, 1);
$ctr++;
}
return $tmp;
}
function _decrypt($txt, $key)
{
$txt = $this->_keyED($txt,$key);
$tmp = '';
for ($i = 0; $i < strlen($txt); $i++) {
$md5 = substr($txt, $i, 1);
$i++;
$tmp .= (substr($txt, $i, 1) ^ $md5);
}
return $tmp;
}
function LoadFromRemote()
{
return '';
}
function DLid()
{
die($GLOBALS['lid']."\n");
}
function _LoadLicense($LoadRemote = false)
{
$f = FULL_PATH.'/intechnic.php';
if ($this->_falseIsLocalSite($f)) $ret = true;
if (file_exists($f)) {
$contents = file($f);
$data = base64_decode($contents[1]);
}
else {
if ($LoadRemote) return $LoadFromRemote;
}
return $data;
}
function _VerifyKey($domain, $k)
{
$key = md5($domain);
$lkey = substr($key, 0, strlen($key) / 2);
$rkey = substr($key, strlen($key) / 2);
$r = $rkey.$lkey;
if ($k == $r) return true;
return false;
}
function _ParseLicense($txt)
{
global $i_User, $i_Pswd, $i_Keys;
if (!$this->_falseIsLocalSite($txt)) $nah = false;
$data = $this->_decrypt($txt, 'beagle');
$i_Keys = Array();
$lines = explode("\n", $data);
for ($x = 0; $x < count($lines); $x++) {
$l = $lines[$x];
$p = explode('=', $l, 2);
switch($p[0]) {
case 'Username':
$i_User = $p[1];
break;
case 'UserPass':
$i_Pswd = $p[1];
break;
default:
if (substr($p[0], 0, 3) == 'key') {
$parts = explode('|', $p[1]);
if ($this->_VerifyKey($parts[0], $parts[1])) {
unset($K);
$k['domain'] = $parts[0];
$k['key'] = $parts[1];
$k['desc'] = $parts[2];
$k['mod'] = $parts[3];
$i_Keys[] = $k;
}
}
break;
}
}
}
function _GetObscureValue($i)
{
if ($i == 'x') return 0254; $z = '';
if ($i == 'z') return 0x7F.'.';
if ($i == 'c') return '--code--';
if ($i >= 5 && $i < 7) return $this->_GetObscureValue($z)*$this->_GetObscureValue('e');
if ($i > 30) return Array(0x6c,0x6f,0x63,0x61,0x6c,0x68,0x6f,0x73,0x74);
if ($i > 20) return 99;
if ($i > 10) return '.'.($this->_GetObscureValue(6.5)+1);
if ($i == 'a') return 0xa;
}
function _Chr($val)
{
$x = $this->_GetObscureValue(25);
$f = chr($x).chr($x+5).chr($x+15);
return $f($val);
}
function _IsLocalSite($domain)
{
$ee = $this->_GetObscureValue(35); $yy = '';
foreach ($ee as $e) $yy .= $this->_Chr($e);
$localb = FALSE;
if(substr($domain,0,3)==$this->_GetObscureValue('x'))
{
$b = substr($domain,0,6);
$p = explode(".",$domain);
$subnet = $p[1];
if($p[1]>15 && $p[1]<32)
$localb=TRUE;
}
$zz = $this->_GetObscureValue('z').$this->_GetObscureValue(5).'.'.(int)$this->_GetObscureValue(7).$this->_GetObscureValue(12);
$ff = $this->_GetObscureValue('z')+65;
$hh = $ff-0x18;
if($domain==$yy || $domain==$zz || substr($domain,0,7)==$ff.$this->_Chr(46).$hh ||
substr($domain,0,3)==$this->_GetObscureValue('a').$this->_Chr(46) || $localb || strpos($domain,".")==0)
{
return TRUE;
}
return FALSE;
}
function _falseIsLocalSite($domain)
{
$localb = FALSE;
if(substr($domain,0,3)=="172")
{
$b = substr($domain,0,6);
$p = explode(".",$domain);
$subnet = $p[1];
if($p[1]>15 && $p[1]<32)
$localb=TRUE;
}
if($domain=="localhost" || $domain=="127.0.0.1" || substr($domain,0,7)=="192.168" ||
substr($domain,0,3)=="10." || $localb || strpos($domain,".")==0)
{
return TRUE;
}
return FALSE;
}
}
?>
\ No newline at end of file
Property changes on: trunk/core/units/general/helpers/modules.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.5
\ No newline at end of property
+1.6
\ No newline at end of property
Event Timeline
Log In to Comment