public static function getIP($just_remote = true)
{
if (Console::isConsole()) {
return '127.0.0.1';
}
// O único realmente seguro de se confiar é o REMOTE_ADDR
$validator = new \Zend\Validator\Ip();
$remote = $_SERVER['REMOTE_ADDR'];
if (!$validator->isValid($remote)) {
throw new \RuntimeException("Endereço de IP '{$remote}' inválido");
}
if ($just_remote) {
return $remote;
}
$ips = [$remote];
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
if ($validator->isValid($ip)) {
$ips[2] = $ip;
}
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
if ($validator->isValid($ip)) {
$ips[1] = $ip;
}
}
return $ips;
}
/**
* sets new ip address
*
* @param string $ip
* @throws Zend_Service_DeveloperGarden_Exception
* @return Zend_Service_DeveloperGarden_IpLocation_IpAddress
*/
public function setIp($ip)
{
$validator = new Zend\Validator\Ip();
if (!$validator->isValid($ip)) {
$message = $validator->getMessages();
throw new Zend_Service_DeveloperGarden_Exception($message['notIpAddress']);
}
$this->_address = $ip;
return $this;
}
/**
* Validate address and mask
*
* @param string $address
* @param string $mask
* @throws \UnexpectedValueException if $address or $mask are invalid
*/
protected function _validate($address, $mask)
{
$validator = new \Zend\Validator\Ip(array('allowipv6' => false));
if (!$validator->isValid($address)) {
$messages = $validator->getMessages();
throw new \UnexpectedValueException(sprintf('Not an IPv4 address: "%s" (%s)', $address, array_shift($messages)));
}
// Check $mask for valid syntax and consecutive leading 1 bits.
// The explicit 0 check is required on 32 bit systems.
$bits = ip2long($mask);
if ($bits === false or !($bits === 0 or ctype_digit((string) log(($bits ^ 4294967295.0) + 1, 2)))) {
throw new \UnexpectedValueException(sprintf('Not an IPv4 mask: "%s"', $address));
}
}
public function check_field_values($ins_fields, $categorized_fields = '', $trackerId = '', $itemId = '')
{
global $prefs;
$mandatory_fields = array();
$erroneous_values = array();
if (isset($ins_fields) && isset($ins_fields['data'])) {
foreach ($ins_fields['data'] as $f) {
if ($f['type'] == 'f' && $f['isMandatory'] != 'y' && empty($f['value'])) {
$ins_id = 'ins_' . $f['fieldId'];
if (!empty($_REQUEST[$ins_id . 'Month']) || !empty($_REQUEST[$ins_id . 'Day']) || !empty($_REQUEST[$ins_id . 'Year']) || !empty($_REQUEST[$ins_id . 'Hour']) || !empty($_REQUEST[$ins_id . 'Minute'])) {
$erroneous_values[] = $f;
}
}
if ($f['type'] != 'q' and isset($f['isMandatory']) && $f['isMandatory'] == 'y') {
if (($f['type'] == 'e' || in_array($f['fieldId'], $categorized_fields)) && empty($f['value'])) {
// category: value is now categ id's
$mandatory_fields[] = $f;
} elseif (in_array($f['type'], array('a', 't')) && $this->is_multilingual($f['fieldId']) == 'y') {
if (!isset($multi_languages)) {
$multi_languages = $prefs['available_languages'];
}
//Check recipient
if (isset($f['lingualvalue'])) {
foreach ($f['lingualvalue'] as $val) {
foreach ($multi_languages as $num => $tmplang) {
//Check if trad is empty
if (!isset($val['lang']) || !isset($val['value']) || $val['lang'] == $tmplang && strlen($val['value']) == 0) {
$mandatory_fields[] = $f;
}
}
}
} else {
$mandatory_fields[] = $f;
}
} elseif (in_array($f['type'], array('u', 'g')) && $f['options_array'][0] == 1) {
} elseif ($f['type'] == 'c' && (empty($f['value']) || $f['value'] == 'n')) {
$mandatory_fields[] = $f;
} elseif ($f['type'] == 'A' && !empty($itemId) && empty($f['value'])) {
$val = $this->get_item_value($trackerId, $itemId, $f['fieldId']);
if (empty($val)) {
$mandatory_fields[] = $f;
}
} elseif (!isset($f['value']) || !is_array($f['value']) && strlen($f['value']) == 0 || is_array($f['value']) && empty($f['value'])) {
$mandatory_fields[] = $f;
}
}
if (!empty($f['value'])) {
switch ($f['type']) {
// IP address (only for IPv4)
case 'I':
$validator = new Zend\Validator\Ip();
if (!$validator->isValid($f['value'])) {
$erroneous_values[] = $f;
}
break;
// numeric
// numeric
case 'n':
if (!is_numeric($f['value'])) {
$f['error'] = tra('Field is not numeric');
$erroneous_values[] = $f;
}
break;
// email
// email
case 'm':
if (!validate_email($f['value'], $prefs['validateEmail'])) {
$erroneous_values[] = $f;
}
break;
// password
// password
case 'p':
if ($f['options_array'][0] == 'password') {
$userlib = TikiLib::lib('user');
if (($e = $userlib->check_password_policy($f['value'])) != '') {
$erroneous_values[] = $f;
}
} elseif ($f['options_array'][0] == 'email') {
if (!validate_email($f['value'])) {
$erroneous_values[] = $f;
}
}
break;
case 'a':
if (isset($f['options_array'][5]) && $f['options_array'][5] > 0) {
if (count(preg_split('/\\s+/', trim($f['value']))) > $f['options_array'][5]) {
$erroneous_values[] = $f;
}
}
if (isset($f['options_array'][6]) && $f['options_array'][6] == 'y') {
if (in_array($f['value'], $this->list_tracker_field_values($trackerId, $f['fieldId'], 'opc', 'y', '', $itemId))) {
$erroneous_values[] = $f;
}
}
break;
}
$handler = $this->get_field_handler($f, $this->get_item_info($itemId));
if (method_exists($handler, 'isValid')) {
$validationResponse = $handler->isValid($ins_fields['data']);
if ($validationResponse !== true) {
if (!empty($f['validationMessage'])) {
$f['errorMsg'] = $f['validationMessage'];
} elseif (!empty($validationResponse)) {
$f['errorMsg'] = $validationResponse;
} else {
$f['errorMsg'] = tr('Unknown error');
}
$erroneous_values[] = $f;
}
}
}
}
}
$res = array();
$res['err_mandatory'] = $mandatory_fields;
$res['err_value'] = $erroneous_values;
return $res;
}
public function bannedAction()
{
$view = new ViewModel();
//Tiêu đề
$title = 'Bạn bị cấm truy cập';
$this->headTitle($title)->setSeparator(" - ")->append("Website bất động sản");
$noticeBan = '';
//Trường hợp thành viên đăng nhập(cấm nick)
if (!empty($this->identity()->id)) {
$userTable = $this->getServiceLocator()->get('Admin\\Model\\UserTable');
$itemBan = $userTable->getItem(array('id' => $this->identity()->id), array('task' => 'get-item-with-id'));
if (!empty($itemBan)) {
$noticeBan = $itemBan['nguyennhan'];
}
} else {
//Trường hợp cấm IP
$ip = $_SERVER['REMOTE_ADDR'];
$validator = new \Zend\Validator\Ip();
if ($validator->isValid($ip)) {
$userTable = $this->getServiceLocator()->get('Admin\\Model\\UserTable');
$itemBan = $userTable->getItem(array('ip' => $ip), array('task' => 'get-item-with-ip'));
if (!empty($itemBan)) {
$noticeBan = $itemBan['nguyennhan'];
}
}
}
$view->setVariables(array('title' => $title, 'arrParam' => $this->_arrParam, 'currentController' => $this->_currentController, 'notice' => $noticeBan));
return $view;
}
public function onInit(MvcEvent $e)
{
//GET MODULE - CONTROLLER - ACTION
$this->_arrParam = $this->params()->fromRoute();
$routeMatch = $e->getRouteMatch();
$controllerArray = explode('\\', $routeMatch->getParam('controller'));
$this->_params['module'] = strtolower($controllerArray[0]);
$this->_params['controller'] = strtolower($controllerArray[2]);
$this->_params['action'] = $routeMatch->getParam('action');
$viewModel = $e->getApplication()->getMvcEvent()->getViewModel();
$viewModel->module = $this->_params['module'];
$viewModel->controller = $this->_params['controller'];
$viewModel->action = $this->_params['action'];
//SET LAYOUT
//$config = $this->getServiceLocator()->get('config');
//$this->layout($config['module_layouts'][$controllerArray[0]]);
//CHECK PERMISSION
$loggedStatus = $this->identity() ? true : false;
if ($this->_params['module'] == 'admin' || $this->_params['module'] == 'user') {
if ($loggedStatus == false && $this->_params['module'] == 'user') {
$this->goLogin();
}
if ($loggedStatus == false && $this->_params['module'] == 'admin') {
$this->goLoginAdmin();
}
$info = new \ZendVN\System\Info();
$groupAcp = $info->getGroupInfo('group_acp');
if ($loggedStatus == true && $groupAcp == 0) {
$this->goNoAccess();
}
$permission = $info->getPermission();
if ($permission['privileges'] != 'full') {
$aclObj = new \ZendVN\System\Acl($permission['role'], $permission['privileges']);
if ($aclObj->isAllowed($this->_params) == false) {
$this->goNoAccess();
}
}
} else {
if ($this->_params['module'] == 'user') {
if ($this->_params['controller'] == 'account' && $loggedStatus == false) {
$this->goLogin();
}
}
}
//KIỂM TRA TIN BẤT ĐỘNG SẢN ĐĂNG
if ($this->_params['controller'] == 'realestate' && $this->_params['action'] == 'detail') {
$RealEstateTable = $this->getServiceLocator()->get('Home\\Model\\RealEstateTable');
$item = $this->getTable()->getItem($this->_arrParam);
$hansudung = explode("/", $item['date_end']);
//tính số ngày còn lại của tin đăng
$month = !empty($hansudung[1]) ? $hansudung[1] : '';
$day = !empty($hansudung[0]) ? $hansudung[0] : '';
$year = !empty($hansudung[2]) ? $hansudung[2] : '';
$remain = ceil((mktime(0, 0, 0, $month, $day, $year) - time()) / 86400);
//Nếu tin chưa kích hoạt, thời hạn đăng đã hết thì không thể xem được tin đó
if (empty($item['type_news']) || $item['status'] != 5 || $remain <= 0) {
//$this->goNoView();
}
}
//Kiểm tra bảo trì website
if ($this->_params['module'] == 'home' || $this->_params['module'] == 'user') {
$config = $this->getServiceLocator()->get('Admin\\Model\\ConfigTable');
$itemConfig = $config->getItem(array('id' => 1), array('task' => 'get-item'));
$arrConfig = \Zend\Json\Json::decode($itemConfig->maintenance);
if ($arrConfig->status == 1) {
$this->goMaintenance();
}
}
//Cấm truy cập website(ban nick\ip)
if ($this->_params['module'] == 'home' || $this->_params['module'] == 'user') {
$flagBan = false;
//Trường hợp thành viên đăng nhập(cấm nick)
if (!empty($this->identity()->id)) {
$userTable = $this->getServiceLocator()->get('Admin\\Model\\UserTable');
$itemBan = $userTable->getItem(array('id' => $this->identity()->id), array('task' => 'get-item-with-id'));
if (!empty($itemBan)) {
$flagBan = true;
}
} else {
//Trường hợp cấm IP
$ip = $_SERVER['REMOTE_ADDR'];
$validator = new \Zend\Validator\Ip();
if ($validator->isValid($ip)) {
$userTable = $this->getServiceLocator()->get('Admin\\Model\\UserTable');
$itemBan = $userTable->getItem(array('ip' => $ip), array('task' => 'get-item-with-ip'));
if (!empty($itemBan)) {
$flagBan = true;
}
}
}
if ($flagBan == true) {
$this->goBanned();
}
}
//Kiểm tra trang doanh nghiệp có tồn tại không
if ($this->_params['module'] == 'home' && $this->_params['controller'] == 'business') {
if ($this->_params['action'] == 'detail' || $this->_params['action'] == 'landsale' || $this->_params['action'] == 'landforrent' || $this->_params['action'] == 'investors' || $this->_params['action'] == 'construction' || $this->_params['action'] == 'management' || $this->_params['action'] == 'design' || $this->_params['action'] == 'distributors' || $this->_params['action'] == 'contact' || $this->_params['action'] == 'department') {
$businessTable = $this->getServiceLocator()->get('Home\\Model\\BusinessTable');
$item = $businessTable->getItem($this->_arrParam);
if (empty($item)) {
$this->goNotFoundPageBusiness();
}
}
}
$this->init();
}