false, 'error' => 'Rückgabedaten können nicht kodiert werden.')); } echo $return; exit; } function ajax_error($text) { format_ajax(array('error' => $text)); } function format_xml($errmsg) { header("Cache-Control: no-cache"); header("Pragma: no-cache"); header("Expires: ".gmdate("D, d M Y H:i:s",time()+(-1*60))." GMT"); header("Content-type: text/xml"); echo "\n"; echo "\n"; echo "\n"; echo "\n".htmlspecialchars($errmsg); echo "\n"; echo "\n"; exit; } function check_permissions() { $menu = new MenuItem(); if (!$menu->hasPermission()) { $hallinta = Hallinta::instance(); error_log(sprintf('Unauthorised access to %s/%s', $hallinta->module(), $hallinta->page())); return false; } return true; } function check_empty_session() { if (!empty($_SESSION['sys']['login'])) return; if (substr($_SERVER["SCRIPT_FILENAME"],-10) == '/index.php' && !empty($_POST['login']) && !empty($_POST['passwd'])) return; if (isset($_GET['login']) && $_GET['login'] == 'true') return; /* table data */ if (substr($_SERVER["SCRIPT_FILENAME"],-17) == '/ricoXMLquery.php' && !empty($_GET['id']) && substr($_GET['id'],0,5) == 'grid_') format_xml("No permission to access data.\nNo active session found.\nYou may need to re-login."); /* table connections */ if (substr($_SERVER["SCRIPT_FILENAME"],-25) == '/ricoUpdateConnection.php' && !empty($_GET['id']) && substr($_GET['id'],0,5) == 'grid_') format_ajax(array('error' => 'No permission to access data')); /* ajax calls */ if (substr($_SERVER["SCRIPT_FILENAME"],-9) == '/ajax.php' && !empty($_POST['source'])) format_ajax(array('error' => "No permission to access data.\nNo active session found.\nYou need to re-login.", 'logout' => true)); header(sprintf('Location: %s?login=true', Hallinta::instance()->urlbase())); echo "No permission to access data.\nNo active session found.\nYou need to re-login."; exit(); } function check_session() { /* table data */ if (substr($_SERVER["SCRIPT_FILENAME"],-17) == '/ricoXMLquery.php' && !empty($_GET['id']) && substr($_GET['id'],0,5) == 'grid_') { if (check_permissions()) return true; else { if (empty($_SESSION['sys']['login'])) format_xml("No permission to access data.\nNo active session found.\nYou may need to re-login."); else format_xml('No permission to access data'); } } /* table connections */ if (substr($_SERVER["SCRIPT_FILENAME"],-25) == '/ricoUpdateConnection.php' && !empty($_GET['id']) && substr($_GET['id'],0,5) == 'grid_') { if (check_permissions()) return true; else format_ajax(array('error' => 'No permission to access data')); } /* ajax calls */ if (substr($_SERVER["SCRIPT_FILENAME"],-9) == '/ajax.php' && $_POST['func'] != 'menu' && !empty($_POST['source'])) { if (check_permissions()) return true; else { if (empty($_SESSION['sys']['login'])) format_ajax(array('error' => "No permission to access data.\nNo active session found.\nYou need to re-login.", 'logout' => true)); else format_ajax(array('error' => 'No permission to access data')); } } if (!empty($_SESSION['sys']['login']) && !empty($_GET['logout'])) { if (empty($_GET['auto'])) clear_page_log(); $_SESSION = array(); session_destroy(); header(sprintf('Location: %s?login=true', Hallinta::instance()->urlbase())); exit(); } if (substr($_SERVER["SCRIPT_FILENAME"],-10) == '/index.php' && !empty($_POST['login']) && !empty($_POST['passwd'])) { require_once('lib/login.php'); if (check_passwd()) { if (strlen($_SESSION['sys']['page'])) { $parts = explode('__', $_SESSION['sys']['page']); $url = sprintf("%s%s/%s", Hallinta::instance()->urlbase(), $parts[0], $parts[1]); } else { $url = Hallinta::instance()->urlbase(); } header(sprintf('Location: %s', $url)); exit(); } } if (empty($_SESSION['sys']['login']) && empty($_GET['login'])) { header(sprintf('Location: %s?login=true', Hallinta::instance()->urlbase())); exit(); } /* regular mask */ if (!empty($_GET['mask'])) { if (check_permissions()) return true; else { header('Location: ./'); exit(); } } return true; } function sanitise_filename($file) { return str_replace('./','x',$file); } function load_mask($module, $page) { global $mask; global $javascript; global $styles; $_SESSION['module'] = $module; $_SESSION['mask'] = $page; $file = sprintf('%s%s/%s/%s.php', $_SESSION['sys']['basedir'], HALLINTA_MODULEDIR, $module, sanitise_filename($page)); if (!file_exists($file)) return false; include_once($file); return true; } function grid_definition($id) { global $mask; $hallinta = Hallinta::instance(); $maskName = substr($id,5); $secondName = false; if (substr($maskName, -8) == '__second') { $maskName = substr($maskName,0,-8); $secondName = substr($maskName,strrpos($maskName, '__')+2); $maskName = substr($maskName,0,strrpos($maskName, '__')); } load_mask($hallinta->module(), $hallinta->page()); if ($secondName) return $mask['second'][$secondName]; return $mask; } function load_start() { global $styles; global $javascript; $styles->file('lib/rico3/ricoClient/css/rico.css'); $styles->file('lib/rico3/ui-cupertino/jquery-ui.css'); $styles->file('lib/rico3/ui-cupertino/jquery-ui_hallinta.css'); $javascript->file('lib/rico3/ricoClient/js/rico2jqu.js'); $javascript->file('lib/rico3/minsrc/rico.js'); $javascript->file('lib/rico3/minsrc/ricoLocale_en.js'); $javascript->file('lib/rico3/minsrc/ricoUI.js'); $javascript->file('lib/rico3/ricoClient/js/ricoThemeroller.js'); $javascript->add('Hallinta.pageSource = "start";'); $javascript->add(sprintf('Hallinta.isMobile = %s;', Hallinta::instance()->isMobile()?'true':'false')); $ret = ''; $fname = $_SESSION['sys']['basedir'] . 'data/misc/start.js'; if (file_exists($fname)) $javascript->onLoad(file_get_contents($fname)); $fname = $_SESSION['sys']['basedir'] . 'data/misc/start.html'; if (file_exists($fname)) return file_get_contents($fname); } function process() { $hallinta = Hallinta::instance(); if (!empty($_GET['login'])) { require_once('lib/login.php'); return mask_login(); } Javascript::instance()->file('lib/functions.js'); Actions::instance()->addLink(new Link(array('id' => 'btn_menu', 'icon' => $hallinta->urlbase().'images/icons/menu.png', 'title' => 'Menü', 'function' => 'display_menu'))); $module = $hallinta->module(); if (!is_null($module)) { if ($hallinta->isMobile()) { Actions::instance()->addLink(new Link(array('id' => 'btn_columns', 'icon' => $hallinta->urlbase().'images/icons/liste.gif', 'title' => 'Spalten', 'function' => 'Hallinta.grid.chooseColumns'))); } save_page_log(); require_once('lib/mask.php'); return mask($module, $hallinta->page()); } $ret = load_start(); return $ret; } $debug_file = false; function debug($name, $text=false) { global $debug_file; if (!$debug_file) { $dir = $_SESSION['sys']['basedir'].'/archive/debug'; if (!is_dir($dir)) if (!@mkdir($path, 0770)) return; $debug_file = fopen($dir.'/debug.log', 'a'); } if ($text === false) { $text = $name; $name = false; } if (!is_string($text)) $text = var_export($text,true); if ($debug_file) { fputs($debug_file, sprintf("%s %s: %s%s\n", date('Y-m-d'), $_SESSION['sys']['login'], $name === false ? '' : $name . ' = ', $text)); } } function debug_log($text) { global $debug_info; $debug_info .= '
' . $text; } function debug_info() { global $jsfiles; global $debug_info; if (DEBUG !== true) return ''; $jsfiles[] = 'lib/debug_joey.js'; $html = '
'; $html .= "\n
\n\$_SESSION = " . var_export($_SESSION,true) . "\n";
  $html .= "\n\$_COOKIE = " . var_export($_COOKIE,true) . "\n
\n"; $html .= $debug_info; $html .= '
'; return $html; } function grid_sql_join($mask) { $ret = ''; if (array_key_exists('join', $mask)) { foreach ($mask['join'] as $line) { if (strtolower(substr($line,0,4)) == 'left') $ret .= ' LEFT JOIN ' . substr($line,5); else $ret .= ' JOIN ' . $line; } } return $ret; } function grid_lookup_sql($table,$id,$text,$map=false) { global $db; if (empty($_POST['func'])) return; if ($_POST['func'] != 'grid') return; $sql = "SELECT $id,$text AS text FROM $table ORDER BY text"; $sth = $db->query($sql); $result = array(); if (is_array($map)) foreach ($map as $k => $v) $result[] = sprintf("%d: '%s'", $k, $v); while ($row = $sth->fetch()) $result[] = sprintf("%d: '%s'", $row[$id], $row['text']); return '{' . implode(', ', $result) . '}'; } function grid_sql($name, $mask) { $i = 0; $fields = array(); foreach ($mask['list'] as $field => $data) { if (array_key_exists('sql', $data)) $fields[] = $data['sql'] . ' AS ' . $field; else $fields[] = $field; if (array_key_exists('distinct', $data)) $_SESSION['grid_' . $name.'_distinct_'.$i] = $data['distinct']; $i++; } $_SESSION['grid_' . $name] = sprintf("SELECT %s FROM %s", implode(',', $fields), $mask['table']); if (array_key_exists('join', $mask)) $_SESSION['grid_' . $name] .= grid_sql_join($mask); if (array_key_exists('where', $mask)) $_SESSION['grid_' . $name] .= ' WHERE ' . $mask['where']; } function date_iso2german($date) { if (empty($date) || $date=='0000-00-00') return ""; list($jahr, $monat, $tag) = explode("-", $date); if ($jahr<100) $jahr += 2000; return sprintf("%02d.%02d.%04d", $tag, $monat, $jahr); } function date_german2iso($date) { if ($date=='00.00.0000') return ""; list($tag, $monat, $jahr) = explode(".", $date); if ($jahr<100) $jahr += 2000; return sprintf("%04d-%02d-%02d", $jahr, $monat, $tag); } function save_page_log() { global $db; $hallinta = Hallinta::instance(); $menu = new MenuItem(); if ($menu->isRegular()) { $sql = sprintf("UPDATE sys_user SET page = '%s__%s' WHERE id = %d", $hallinta->module(), $hallinta->page(), $_SESSION['sys']['uid']); $db->query($sql); } } function clear_page_log() { global $db; $sql = sprintf("UPDATE sys_user SET page = NULL WHERE id = %d", $_SESSION['sys']['uid']); $db->query($sql); }