public static function is_equals($key, $value) { if (session::is_set($key) and $_SESSION[$key] == $value) { return true; } return false; }
function displayLogin() { global $smarty, $message, $config, $ssl, $error_collector, $error_collector_mailto; $lang = session::global_get('lang'); error_reporting(E_ALL | E_STRICT); /* Fill template with required values */ $username = ''; if (isset($_POST['username'])) { $username = trim($_POST['username']); } $smarty->assign('date', gmdate("D, d M Y H:i:s")); $smarty->assign('username', $username); $smarty->assign('personal_img', "geticon.php?context=types&icon=user&size=48"); $smarty->assign('password_img', "geticon.php?context=status&icon=dialog-password&size=48"); $smarty->assign('directory_img', "geticon.php?context=places&icon=network-server&size=48"); $smarty->append('css_files', get_template_path('login.css')); /* Some error to display? */ if (!isset($message)) { $message = ""; } $smarty->assign("message", $message); /* Displasy SSL mode warning? */ if ($ssl != "" && $config->get_cfg_value('warnSSL') == 'TRUE') { $smarty->assign("ssl", _("Warning") . ": <a style=\"color:red;\" href=\"{$ssl}\">" . _("Session is not encrypted!") . "</a>"); } else { $smarty->assign("ssl", ""); } if (!$config->check_session_lifetime()) { $smarty->assign("lifetime", _("Warning") . ": " . _("The session lifetime configured in your fusiondirectory.conf will be overridden by php.ini settings.")); } else { $smarty->assign("lifetime", ""); } /* Generate server list */ $servers = array(); if (isset($_POST['server'])) { $selected = $_POST['server']; } else { $selected = $config->data['MAIN']['DEFAULT']; } foreach ($config->data['LOCATIONS'] as $key => $ignored) { $servers[$key] = $key; } $smarty->assign("server_options", $servers); $smarty->assign("server_id", $selected); /* show login screen */ $smarty->assign("PHPSESSID", session_id()); if (session::is_set('errors')) { $smarty->assign("errors", session::get('errors')); } if ($error_collector != "") { $smarty->assign("php_errors", preg_replace("/%BUGBODY%/", $error_collector_mailto, $error_collector) . "</div>"); } else { $smarty->assign("php_errors", ""); } $smarty->assign("msg_dialogs", msg_dialog::get_dialogs()); $smarty->assign("usePrototype", "false"); $smarty->assign("date", date("l, dS F Y H:i:s O")); $smarty->assign("lang", preg_replace('/_.*$/', '', $lang)); $smarty->assign("rtl", language_is_rtl($lang)); $smarty->display(get_template_path('headers.tpl')); $smarty->assign("version", FD_VERSION); $smarty->display(get_template_path('login.tpl')); exit; }
$config = session::global_get('config'); foreach ($config->department_info as $dn => $info) { if (!isset($pathMapping[$dn])) { continue; } if (mb_stristr($info['name'], $search) !== FALSE) { $res .= "<li>" . mark($search, $pathMapping[$dn]) . ($info['description'] == '' ? "" : "<span class='informal'> [" . mark($search, $info['description']) . "]</span>") . "</li>"; continue; } if (mb_stristr($info['description'], $search) !== FALSE) { $res .= "<li>" . mark($search, $pathMapping[$dn]) . ($info['description'] == '' ? "" : "<span class='informal'> [" . mark($search, $info['description']) . "]</span>") . "</li>"; continue; } if (mb_stristr($pathMapping[$dn], $search) !== FALSE) { $res .= "<li>" . mark($search, $pathMapping[$dn]) . ($info['description'] == '' ? "" : "<span class='informal'> [" . mark($search, $info['description']) . "]</span>") . "</li>"; continue; } } /* Return results */ if (!empty($res)) { echo "<ul>{$res}</ul>"; } } } else { $ui = session::global_get('ui'); /* Is there a filter object arround? */ if (session::is_set("autocomplete")) { $filter = session::get("autocomplete"); $filter->processAutocomplete(); } }
<?php restore_error_handler(); /* Basic setup, remove eventually registered sessions */ require_once "../../../include/php_setup.inc"; require_once "functions.inc"; session::start(); session::global_set('errorsAlreadyPosted', array()); /* Logged in? Simple security check */ if (!session::global_is_set('ui')) { new log("security", "unknown", "", array(), "Error: getbin.php called without session"); header("Location: index.php"); exit; } if (!isset($_GET['id'])) { return; } if (session::is_set('statistics::graphFile' . preg_replace("/[^0-9]/", "", $_GET['id']))) { header('Content-Type: image/png'); $graphFile = session::get('statistics::graphFile' . preg_replace("/[^0-9]/", "", $_GET['id'])); echo file_get_contents($graphFile); }
msg_dialog::display(_("Configuration Error"), sprintf(_("Fatal error: not all POST variables have been transfered by PHP - please inform your administrator!")), FATAL_ERROR_DIALOG); exit; } } /* Assign errors to smarty */ if (session::is_set('errors')) { $smarty->assign("errors", session::get('errors')); } if ($error_collector != "") { $smarty->assign("php_errors", preg_replace("/%BUGBODY%/", $error_collector_mailto, $error_collector) . "</div>"); } else { $smarty->assign("php_errors", ""); } /* Set focus to the error button if we've an error message */ $focus = ""; if (session::is_set('errors') && session::get('errors') != "") { $focus = '<script type="text/javascript">'; $focus .= 'document.forms[0].error_accept.focus();'; $focus .= '</script>'; } $focus = '<script type="text/javascript">'; $focus .= 'next_msg_dialog();'; $focus .= '</script>'; $smarty->assign("focus", $focus); /* Set channel if needed */ //TODO: * move all global session calls to global_ // * create a new channel where needed (mostly management dialogues) // * remove regulary created channels when not needed anymore // * take a look at external php calls (i.e. get fax, ldif, etc.) // * handle aborted sessions (by pressing anachors i.e. Main, Menu, etc.) // * check lock removals, is "dn" global or not in this case?
$params = preg_replace('/^&/', '?', $params); $smarty->assign('params', $params); /* Fill template with required values */ $smarty->assign('date', gmdate("D, d M Y H:i:s")); $smarty->assign('uid', $uid); $smarty->assign('password_img', get_template_path('images/password.png')); /* Displasy SSL mode warning? */ if ($ssl != "" && $config->get_cfg_value("core", "warnSSL") == 'true') { $smarty->assign("ssl", "<b>" . _("Warning") . ":</b> " . _("Session will not be encrypted.") . " <a style=\"color:red;\" href=\"" . htmlentities($ssl) . "\"><b>" . _("Enter SSL session") . "</b></a>!"); } else { $smarty->assign("ssl", ""); } /* show login screen */ $smarty->assign("JS", session::global_get('js')); $smarty->assign("PHPSESSID", session_id()); if (session::is_set('errors')) { $smarty->assign("errors", session::get('errors')); } if ($error_collector != "") { $smarty->assign("php_errors", $error_collector . "</div>"); } else { $smarty->assign("php_errors", ""); } $smarty->assign("msg_dialogs", msg_dialog::get_dialogs()); displayPWchanger(); ?> </body> </html> // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
header('Content-Disposition: attachment; filename=' . $name_section . ".xls"); readfile($fname); unlink($fname); } elseif ($mode == 4) { // IVBB LDIF Export $dn = base64_decode($_GET['dn']); echo $display; } } /* Basic setup, remove eventually registered sessions */ @(require_once "../../../include/php_setup.inc"); @(require_once "functions.inc"); session::start(); session::set('errorsAlreadyPosted', array()); /* Logged in? Simple security check */ if (!session::is_set('ui')) { new log("security", "all/all", "", array(), "Error: getxls.php called without session"); header("Location: index.php"); exit; } $ui = session::get('ui'); $config = session::get('config'); /* Check ACL's */ $dn = ""; if (isset($_GET['n'])) { $dn = base64_decode($_GET['n']); $acl_dn = base64_decode($_GET['d']) . base64_decode($_GET['n']); } elseif (isset($_GET['dn'])) { $dn = base64_decode($_GET['dn']); $acl_dn = base64_decode($_GET['dn']); }
/* Basic setup, remove eventually registered sessions */ @(require_once "../../../include/php_setup.inc"); @(require_once "functions.inc"); error_reporting(0); session::start(); session::set('errorsAlreadyPosted', array()); /* Logged in? Simple security check */ if (!session::is_set('ui')) { new log("security", "users/viewFaxEntries", "", array(), "Error: getfax.php called without session"); header("Location: ../../index.php"); exit; } $ui = session::is_set("ui"); /* Get loaded servers */ foreach (array("FAX_SERVER", "FAX_LOGIN", "FAX_PASSWORD") as $val) { if (session::is_set($val)) { ${$val} = session::get($val); } } /* Load fax entry */ $config = session::get('config'); restore_error_handler(); $cfg = $config->data['SERVERS']['FAX']; $link = mysql_pconnect($cfg['SERVER'], $cfg['LOGIN'], $cfg['PASSWORD']) or die(_("Could not connect to database server!")); mysql_select_db("gofax") or die(_("Could not select database!")); /* Permission to view? */ $query = "SELECT id,uid FROM faxlog WHERE id = '" . validate(stripcslashes($_GET['id'])) . "'"; $result = mysql_query($query) or die(_("Database query failed!")); $line = mysql_fetch_array($result, MYSQL_ASSOC); $query = "SELECT id,fax_data FROM faxdata WHERE id = '" . validate(stripcslashes($_GET['id'])) . "'"; $result = mysql_query($query) or die(_("Database query failed!"));
function smarty_block_render($params, $text, &$smarty) { /* Skip closing tag </render> */ if (empty($text)) { return ""; } /* Get acl parameter */ $acl = ""; if (isset($params['acl'])) { $acl = $params['acl']; } /* Debug output */ if (session::is_set('debugLevel') && session::get('debugLevel') & DEBUG_ACL) { echo "<font color='blue' size='2'> " . $acl . "</font>"; } /* Parameter : checkbox, checked * If the parameter 'checkbox' is given, we create a html checkbox in front * of the current object. * The parameter 'checked' specifies whether the box is checked or not. * The checkbox disables or enables the current object. */ if (isset($params['checkbox']) && $params['checkbox'] && preg_match("/w/i", $acl)) { /* Detect name and id of the current object */ $use_text = preg_replace("/\n/", " ", $text); $name = preg_replace('/^.* name[ ]*=[ ]*("|\')([^\\"\' ]*).*$/i', "\\2", $use_text); /* Detect id */ if (preg_match("/ id=(\"|')[^\"']*(\"|')/i", $text)) { $id = preg_replace('/^.* id[ ]*=[ ]*("|\')([^\\"\' ]*).*$/i', "\\2", $use_text); } else { $id = ""; } /* Is the box checked? */ isset($params['checked']) && $params['checked'] ? $check = " checked " : ($check = ""); /* If name isset, we have a html input field */ if (!empty($name)) { /* Print checkbox */ echo "<input type='checkbox' name='use_" . $name . "' " . $check . " \n\t\t\t\t\tonClick=\"changeState('" . $name . "');\" class='center'>"; /* Disable current object, if checkbox isn't checked */ if ($check == "") { $text = preg_replace("/name=/i", " disabled name=", $text); } /* Add id to current entry, if it is missing */ if ($id == "") { $text = preg_replace("/name=/i", " id=\"" . $name . "\" name=", $text); } } } /* Read / Write*/ if (preg_match("/w/i", $acl)) { return $text; } $text = preg_replace("/\n/", "GOSA_LINE_BREAK", $text); /* Disable objects, but keep those active that have mode=read_active */ if (!(isset($params['mode']) && $params['mode'] == 'read_active' && preg_match("/(r|w)/", $acl))) { /* Disable options && greyout lists */ $from = array("/class=['\"]list1nohighlight['\"]/i", "/class=['\"]list0['\"]/i", "/class=['\"]list1['\"]/i", "/class=['\"]sortableListItem[^'\"]*['\"]/i"); $to = array("class='list1nohighlightdisabled'", "class='list1nohighlightdisabled'", "class='list1nohighlightdisabled'", "class='sortableListItemDisabled'"); if (!preg_match("/ disabled /", $text)) { $from[] = "/name=/i"; $to[] = "disabled name="; } if (preg_match("/<textarea/", $text)) { $from[] = "/disabled/i"; $to[] = "readonly"; } $text = preg_replace($from, $to, $text); /* Replace picture if object is disabled */ if (isset($params['disable_picture'])) { $syn = "/src=['\"][^\"']*['\"]/i"; $new = "src=\"" . $params['disable_picture'] . "\""; $text = preg_replace($syn, $new, $text); } } /* Read only */ if (preg_match("/r/i", $acl)) { return preg_replace("/GOSA_LINE_BREAK/", "\n", $text); } /* No acls */ if (preg_match("/type['\"= ].*submit/", $text)) { $text = preg_replace("/submit/", "button", $text); } else { $text = preg_replace("/value=['\"][^\"']*['\"]/", "", $text); } /* Remove select options */ $from = array("#<option.*<\\/option>#i", "/(<textarea.*>).*(<\\/textarea>)/i", "/^(.*<input.*)checked(.*>.*)\$/i"); $to = array(" ", "\\1\\2", "\\1 \\2"); $text = preg_replace($from, $to, $text); $text = preg_replace("/GOSA_LINE_BREAK/", "\n", $text); return $text; }
*/ /* Basic setup, remove eventually registered sessions */ @(require_once "../include/php_setup.inc"); @(require_once "functions.inc"); @(require_once "variables.inc"); error_reporting(0); session_cache_limiter("private"); session::start(); session::global_set('errorsAlreadyPosted', array()); /* Logged in? Simple security check */ if (!session::global_is_set('ui')) { new log("security", "unknown", "", array(), "Error: getbin.php called without session"); header("Location: index.php"); exit; } header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-cache"); header("Pragma: no-cache"); header("Cache-Control: post-check=0, pre-check=0"); $key = 'binary'; if (isset($_GET['key'])) { $key .= $_GET['key']; } $bintype = session::is_set($key . 'type') ? session::get($key . 'type') : "octet-stream"; header("Content-type: " . $bintype); if (session::is_set($key . 'file')) { header('Content-disposition: attachment; filename="' . session::get($key . 'file')) . '"'; } echo session::get($key); error_reporting(E_ALL | E_STRICT);
/** * Display the login page and exit(). * */ function displayLogin() { global $smarty, $message, $config, $ssl, $error_collector, $BASE_DIR; error_reporting(E_ALL | E_STRICT); /* Check theme compatibility */ $theme = $config->get_cfg_value("core", 'theme'); if (file_exists("{$BASE_DIR}/ihtml/themes/{$theme}/blacklist")) { $blocks = file("{$BASE_DIR}/ihtml/themes/{$theme}/blacklist"); foreach ($blocks as $block) { if (preg_match('/' . preg_quote($block) . '/', $_SERVER['HTTP_USER_AGENT'])) { die(sprintf(_("Your browser (%s) is blacklisted for the current theme!"), $block)); } } } /* Fill template with required values */ $username = ""; if (isset($_POST["username"])) { $username = get_post("username"); } $smarty->assign("title", "GOsa - " . $_SERVER['SERVER_NAME']); $smarty->assign("logo", image(get_template_path("images/logo.png"))); $smarty->assign('date', gmdate("D, d M Y H:i:s")); $smarty->assign('username', $username); $smarty->assign('personal_img', get_template_path('images/login-head.png')); $smarty->assign('password_img', get_template_path('images/password.png')); $smarty->assign('directory_img', get_template_path('images/ldapserver.png')); /* Some error to display? */ if (!isset($message)) { $message = ""; } $smarty->assign("message", $message); /* Displasy SSL mode warning? */ if ($ssl != "" && $config->get_cfg_value("core", 'warnSSL') == 'true') { $smarty->assign("ssl", sprintf(_("This session is not encrypted. Click %s to enter an encrypted session."), "<a href=\"{$ssl}\">" . bold(_("here")) . "</a>")); } else { $smarty->assign("ssl", ""); } if (!$config->check_session_lifetime()) { $smarty->assign("lifetime", _("The configured session lifetime will be overridden by php.ini settings!")); } else { $smarty->assign("lifetime", ""); } /* Generate server list */ $servers = array(); if (isset($_POST['server'])) { $selected = get_post('server'); } else { $selected = $config->data['MAIN']['DEFAULT']; } foreach ($config->data['LOCATIONS'] as $key => $ignored) { $servers[$key] = $key; } $smarty->assign("server_options", $servers); $smarty->assign("server_id", $selected); /* show login screen */ $smarty->assign("PHPSESSID", session_id()); if (session::is_set('errors')) { $smarty->assign("errors", session::get('errors')); } if ($error_collector != "") { $smarty->assign("php_errors", $error_collector . "</div>"); } else { $smarty->assign("php_errors", ""); } $smarty->assign("msg_dialogs", msg_dialog::get_dialogs()); $smarty->display(get_template_path('headers.tpl')); $smarty->assign("version", get_gosa_version()); $smarty->display(get_template_path('login.tpl')); exit; }
* * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /* Basic setup, remove eventually registered sessions */ @(require_once "../include/php_setup.inc"); @(require_once "functions.inc"); error_reporting(0); session_cache_limiter("private"); session::start(); session::global_set('errorsAlreadyPosted', array()); /* Logged in? Simple security check */ if (!session::global_is_set('ui')) { new log("security", "unknown", "", array(), "Error: getbin.php called without session"); header("Location: index.php"); exit; } header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-cache"); header("Pragma: no-cache"); header("Cache-Control: post-check=0, pre-check=0"); $bintype = session::is_set('binarytype') ? session::get('binarytype') : "octet-stream"; header("Content-type: " . $bintype); if (session::is_set('binaryfile')) { header("Content-disposition: attachment; filename=" . session::get('binaryfile')); } echo session::get('binary'); error_reporting(E_ALL | E_STRICT); // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: