Ejemplo n.º 1
0
 public static function getIP($just_remote = true)
 {
     if (Console::isConsole()) {
         return '127.0.0.1';
     }
     // O único realmente seguro de se confiar é o REMOTE_ADDR
     $validator = new \Zend\Validator\Ip();
     $remote = $_SERVER['REMOTE_ADDR'];
     if (!$validator->isValid($remote)) {
         throw new \RuntimeException("Endereço de IP '{$remote}' inválido");
     }
     if ($just_remote) {
         return $remote;
     }
     $ips = [$remote];
     if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
         $ip = $_SERVER['HTTP_CLIENT_IP'];
         if ($validator->isValid($ip)) {
             $ips[2] = $ip;
         }
     } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
         $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
         if ($validator->isValid($ip)) {
             $ips[1] = $ip;
         }
     }
     return $ips;
 }
Ejemplo n.º 2
0
 /**
  * sets new ip address
  *
  * @param string $ip
  * @throws Zend_Service_DeveloperGarden_Exception
  * @return Zend_Service_DeveloperGarden_IpLocation_IpAddress
  */
 public function setIp($ip)
 {
     $validator = new Zend\Validator\Ip();
     if (!$validator->isValid($ip)) {
         $message = $validator->getMessages();
         throw new Zend_Service_DeveloperGarden_Exception($message['notIpAddress']);
     }
     $this->_address = $ip;
     return $this;
 }
Ejemplo n.º 3
0
 /**
  * Validate address and mask
  *
  * @param string $address
  * @param string $mask
  * @throws \UnexpectedValueException if $address or $mask are invalid
  */
 protected function _validate($address, $mask)
 {
     $validator = new \Zend\Validator\Ip(array('allowipv6' => false));
     if (!$validator->isValid($address)) {
         $messages = $validator->getMessages();
         throw new \UnexpectedValueException(sprintf('Not an IPv4 address: "%s" (%s)', $address, array_shift($messages)));
     }
     // Check $mask for valid syntax and consecutive leading 1 bits.
     // The explicit 0 check is required on 32 bit systems.
     $bits = ip2long($mask);
     if ($bits === false or !($bits === 0 or ctype_digit((string) log(($bits ^ 4294967295.0) + 1, 2)))) {
         throw new \UnexpectedValueException(sprintf('Not an IPv4 mask: "%s"', $address));
     }
 }
Ejemplo n.º 4
0
 public function check_field_values($ins_fields, $categorized_fields = '', $trackerId = '', $itemId = '')
 {
     global $prefs;
     $mandatory_fields = array();
     $erroneous_values = array();
     if (isset($ins_fields) && isset($ins_fields['data'])) {
         foreach ($ins_fields['data'] as $f) {
             if ($f['type'] == 'f' && $f['isMandatory'] != 'y' && empty($f['value'])) {
                 $ins_id = 'ins_' . $f['fieldId'];
                 if (!empty($_REQUEST[$ins_id . 'Month']) || !empty($_REQUEST[$ins_id . 'Day']) || !empty($_REQUEST[$ins_id . 'Year']) || !empty($_REQUEST[$ins_id . 'Hour']) || !empty($_REQUEST[$ins_id . 'Minute'])) {
                     $erroneous_values[] = $f;
                 }
             }
             if ($f['type'] != 'q' and isset($f['isMandatory']) && $f['isMandatory'] == 'y') {
                 if (($f['type'] == 'e' || in_array($f['fieldId'], $categorized_fields)) && empty($f['value'])) {
                     // category: value is now categ id's
                     $mandatory_fields[] = $f;
                 } elseif (in_array($f['type'], array('a', 't')) && $this->is_multilingual($f['fieldId']) == 'y') {
                     if (!isset($multi_languages)) {
                         $multi_languages = $prefs['available_languages'];
                     }
                     //Check recipient
                     if (isset($f['lingualvalue'])) {
                         foreach ($f['lingualvalue'] as $val) {
                             foreach ($multi_languages as $num => $tmplang) {
                                 //Check if trad is empty
                                 if (!isset($val['lang']) || !isset($val['value']) || $val['lang'] == $tmplang && strlen($val['value']) == 0) {
                                     $mandatory_fields[] = $f;
                                 }
                             }
                         }
                     } else {
                         $mandatory_fields[] = $f;
                     }
                 } elseif (in_array($f['type'], array('u', 'g')) && $f['options_array'][0] == 1) {
                 } elseif ($f['type'] == 'c' && (empty($f['value']) || $f['value'] == 'n')) {
                     $mandatory_fields[] = $f;
                 } elseif ($f['type'] == 'A' && !empty($itemId) && empty($f['value'])) {
                     $val = $this->get_item_value($trackerId, $itemId, $f['fieldId']);
                     if (empty($val)) {
                         $mandatory_fields[] = $f;
                     }
                 } elseif (!isset($f['value']) || !is_array($f['value']) && strlen($f['value']) == 0 || is_array($f['value']) && empty($f['value'])) {
                     $mandatory_fields[] = $f;
                 }
             }
             if (!empty($f['value'])) {
                 switch ($f['type']) {
                     // IP address (only for IPv4)
                     case 'I':
                         $validator = new Zend\Validator\Ip();
                         if (!$validator->isValid($f['value'])) {
                             $erroneous_values[] = $f;
                         }
                         break;
                         // numeric
                     // numeric
                     case 'n':
                         if (!is_numeric($f['value'])) {
                             $f['error'] = tra('Field is not numeric');
                             $erroneous_values[] = $f;
                         }
                         break;
                         // email
                     // email
                     case 'm':
                         if (!validate_email($f['value'], $prefs['validateEmail'])) {
                             $erroneous_values[] = $f;
                         }
                         break;
                         // password
                     // password
                     case 'p':
                         if ($f['options_array'][0] == 'password') {
                             $userlib = TikiLib::lib('user');
                             if (($e = $userlib->check_password_policy($f['value'])) != '') {
                                 $erroneous_values[] = $f;
                             }
                         } elseif ($f['options_array'][0] == 'email') {
                             if (!validate_email($f['value'])) {
                                 $erroneous_values[] = $f;
                             }
                         }
                         break;
                     case 'a':
                         if (isset($f['options_array'][5]) && $f['options_array'][5] > 0) {
                             if (count(preg_split('/\\s+/', trim($f['value']))) > $f['options_array'][5]) {
                                 $erroneous_values[] = $f;
                             }
                         }
                         if (isset($f['options_array'][6]) && $f['options_array'][6] == 'y') {
                             if (in_array($f['value'], $this->list_tracker_field_values($trackerId, $f['fieldId'], 'opc', 'y', '', $itemId))) {
                                 $erroneous_values[] = $f;
                             }
                         }
                         break;
                 }
                 $handler = $this->get_field_handler($f, $this->get_item_info($itemId));
                 if (method_exists($handler, 'isValid')) {
                     $validationResponse = $handler->isValid($ins_fields['data']);
                     if ($validationResponse !== true) {
                         if (!empty($f['validationMessage'])) {
                             $f['errorMsg'] = $f['validationMessage'];
                         } elseif (!empty($validationResponse)) {
                             $f['errorMsg'] = $validationResponse;
                         } else {
                             $f['errorMsg'] = tr('Unknown error');
                         }
                         $erroneous_values[] = $f;
                     }
                 }
             }
         }
     }
     $res = array();
     $res['err_mandatory'] = $mandatory_fields;
     $res['err_value'] = $erroneous_values;
     return $res;
 }
Ejemplo n.º 5
0
 public function bannedAction()
 {
     $view = new ViewModel();
     //Tiêu đề
     $title = 'Bạn bị cấm truy cập';
     $this->headTitle($title)->setSeparator(" - ")->append("Website bất động sản");
     $noticeBan = '';
     //Trường hợp thành viên đăng nhập(cấm nick)
     if (!empty($this->identity()->id)) {
         $userTable = $this->getServiceLocator()->get('Admin\\Model\\UserTable');
         $itemBan = $userTable->getItem(array('id' => $this->identity()->id), array('task' => 'get-item-with-id'));
         if (!empty($itemBan)) {
             $noticeBan = $itemBan['nguyennhan'];
         }
     } else {
         //Trường hợp cấm IP
         $ip = $_SERVER['REMOTE_ADDR'];
         $validator = new \Zend\Validator\Ip();
         if ($validator->isValid($ip)) {
             $userTable = $this->getServiceLocator()->get('Admin\\Model\\UserTable');
             $itemBan = $userTable->getItem(array('ip' => $ip), array('task' => 'get-item-with-ip'));
             if (!empty($itemBan)) {
                 $noticeBan = $itemBan['nguyennhan'];
             }
         }
     }
     $view->setVariables(array('title' => $title, 'arrParam' => $this->_arrParam, 'currentController' => $this->_currentController, 'notice' => $noticeBan));
     return $view;
 }
Ejemplo n.º 6
0
 public function onInit(MvcEvent $e)
 {
     //GET MODULE - CONTROLLER - ACTION
     $this->_arrParam = $this->params()->fromRoute();
     $routeMatch = $e->getRouteMatch();
     $controllerArray = explode('\\', $routeMatch->getParam('controller'));
     $this->_params['module'] = strtolower($controllerArray[0]);
     $this->_params['controller'] = strtolower($controllerArray[2]);
     $this->_params['action'] = $routeMatch->getParam('action');
     $viewModel = $e->getApplication()->getMvcEvent()->getViewModel();
     $viewModel->module = $this->_params['module'];
     $viewModel->controller = $this->_params['controller'];
     $viewModel->action = $this->_params['action'];
     //SET LAYOUT
     //$config = $this->getServiceLocator()->get('config');
     //$this->layout($config['module_layouts'][$controllerArray[0]]);
     //CHECK PERMISSION
     $loggedStatus = $this->identity() ? true : false;
     if ($this->_params['module'] == 'admin' || $this->_params['module'] == 'user') {
         if ($loggedStatus == false && $this->_params['module'] == 'user') {
             $this->goLogin();
         }
         if ($loggedStatus == false && $this->_params['module'] == 'admin') {
             $this->goLoginAdmin();
         }
         $info = new \ZendVN\System\Info();
         $groupAcp = $info->getGroupInfo('group_acp');
         if ($loggedStatus == true && $groupAcp == 0) {
             $this->goNoAccess();
         }
         $permission = $info->getPermission();
         if ($permission['privileges'] != 'full') {
             $aclObj = new \ZendVN\System\Acl($permission['role'], $permission['privileges']);
             if ($aclObj->isAllowed($this->_params) == false) {
                 $this->goNoAccess();
             }
         }
     } else {
         if ($this->_params['module'] == 'user') {
             if ($this->_params['controller'] == 'account' && $loggedStatus == false) {
                 $this->goLogin();
             }
         }
     }
     //KIỂM TRA TIN BẤT ĐỘNG SẢN ĐĂNG
     if ($this->_params['controller'] == 'realestate' && $this->_params['action'] == 'detail') {
         $RealEstateTable = $this->getServiceLocator()->get('Home\\Model\\RealEstateTable');
         $item = $this->getTable()->getItem($this->_arrParam);
         $hansudung = explode("/", $item['date_end']);
         //tính số ngày còn lại của tin đăng
         $month = !empty($hansudung[1]) ? $hansudung[1] : '';
         $day = !empty($hansudung[0]) ? $hansudung[0] : '';
         $year = !empty($hansudung[2]) ? $hansudung[2] : '';
         $remain = ceil((mktime(0, 0, 0, $month, $day, $year) - time()) / 86400);
         //Nếu tin chưa kích hoạt, thời hạn đăng đã hết thì không thể xem được tin đó
         if (empty($item['type_news']) || $item['status'] != 5 || $remain <= 0) {
             //$this->goNoView();
         }
     }
     //Kiểm tra bảo trì website
     if ($this->_params['module'] == 'home' || $this->_params['module'] == 'user') {
         $config = $this->getServiceLocator()->get('Admin\\Model\\ConfigTable');
         $itemConfig = $config->getItem(array('id' => 1), array('task' => 'get-item'));
         $arrConfig = \Zend\Json\Json::decode($itemConfig->maintenance);
         if ($arrConfig->status == 1) {
             $this->goMaintenance();
         }
     }
     //Cấm truy cập website(ban nick\ip)
     if ($this->_params['module'] == 'home' || $this->_params['module'] == 'user') {
         $flagBan = false;
         //Trường hợp thành viên đăng nhập(cấm nick)
         if (!empty($this->identity()->id)) {
             $userTable = $this->getServiceLocator()->get('Admin\\Model\\UserTable');
             $itemBan = $userTable->getItem(array('id' => $this->identity()->id), array('task' => 'get-item-with-id'));
             if (!empty($itemBan)) {
                 $flagBan = true;
             }
         } else {
             //Trường hợp cấm IP
             $ip = $_SERVER['REMOTE_ADDR'];
             $validator = new \Zend\Validator\Ip();
             if ($validator->isValid($ip)) {
                 $userTable = $this->getServiceLocator()->get('Admin\\Model\\UserTable');
                 $itemBan = $userTable->getItem(array('ip' => $ip), array('task' => 'get-item-with-ip'));
                 if (!empty($itemBan)) {
                     $flagBan = true;
                 }
             }
         }
         if ($flagBan == true) {
             $this->goBanned();
         }
     }
     //Kiểm tra trang doanh nghiệp có tồn tại không
     if ($this->_params['module'] == 'home' && $this->_params['controller'] == 'business') {
         if ($this->_params['action'] == 'detail' || $this->_params['action'] == 'landsale' || $this->_params['action'] == 'landforrent' || $this->_params['action'] == 'investors' || $this->_params['action'] == 'construction' || $this->_params['action'] == 'management' || $this->_params['action'] == 'design' || $this->_params['action'] == 'distributors' || $this->_params['action'] == 'contact' || $this->_params['action'] == 'department') {
             $businessTable = $this->getServiceLocator()->get('Home\\Model\\BusinessTable');
             $item = $businessTable->getItem($this->_arrParam);
             if (empty($item)) {
                 $this->goNotFoundPageBusiness();
             }
         }
     }
     $this->init();
 }