Exemplo n.º 1
parm:string Table_id
parm:string First_Letters
return:array rows

Returns an array of rows that can be put into a drop-down select box.
The first column is always "_value" and the second is always "_display".

The second parameter, if provided, filters to the results so that
only values of _display that start with "First_Letters" are returned.

For a multiple-column primary key, this routine will filter for any pk
column that exists in the session array "ajaxvars".  This feature is
controlled by an (as-yet undocumented) feature in [[ahInputsComprehensive]]
that can make inputs use Ajax when their value changes to store their
value in the session on the server.

This was created 1/15/07 to work with Ajax-dynamic-list from
function RowsForSelect($table_id, $firstletters = '', $matches = array(), $distinct = '', $allcols = false)
    $table = DD_TableRef($table_id);
    // Determine which columns to pull and get them
    // KFD 10/8/07, a DISTINCT means we are pulling a single column of
    //              a multiple column key, pull only that column
    if ($distinct != '') {
        $proj = $distinct;
    } else {
        if (ArraySafe($table['projections'], 'dropdown') == '') {
            if (!vgfGet('x6')) {
                $proj = $table['pks'];
            } else {
                $proj = $table['projections']['_uisearch'];
        } else {
            $proj = $table['projections']['dropdown'];
    $aproj = explode(',', $proj);
    $acollist = array();
    foreach ($aproj as $aproj1) {
        $acollist[] = "COALESCE({$aproj1},'')";
    $collist = str_replace(',', " || ' - ' || ", $proj);
    //$collist = implode(" || ' - ' || ",$acollist);
    // Get the primary key, and resolve which view we have perms for
    // KFD 10/8/07, do only one column if passed
    if ($distinct != '') {
        $pk = $distinct;
    } else {
        $pk = $table['pks'];
    $view_id = ddtable_idResolve($table_id);
    // Initialize the filters
    $aWhere = array();
    // Generate a filter for each pk that exists in session ajaxvars.
    // There is a BIG unchecked for issue here, which is that a multi-column
    //  PK must have *all but one* column supplied, and it then returns
    //  the unsupplied column.
    $pkeys = explode(',', $table['pks']);
    $ajaxvars = afromGP('adl_');
    foreach ($pkeys as $index => $pkey) {
        if (isset($ajaxvars[$pkey])) {
            $aWhere[] = "{$pkey}=" . SQLFC($ajaxvars[$pkey]);
            // This is important!  Unset the pk column, we'll pick the leftover
    // If we did the multi-pk route, provide the missing column
    //  as the key value
    if (count($ajaxvars) > 0) {
        $pk = implode(',', $pkeys);
    // Determine if this is a filtered table
    if (isset($table['flat']['flag_noselect'])) {
        $aWhere[] = "COALESCE(flag_noselect,'N')<>'Y'";
    // Add more matches on
    foreach ($matches as $matchcol => $matchval) {
        $aWhere[] = $matchcol . ' = ' . SQLFC($matchval);
    // See if there is a hardcoded filter in the program class
    $obj = dispatchObject($table_id);
    if (method_exists($obj, 'aSelect_where')) {
        $aWhere[] = $obj->aSelect_where();
        if (ConfigGet('LOG_SQL', 'Y') == 'Y') {
            sysLog(LOG_NOTICE, $obj->aSelect_Where());
    // If "firstletters" have been passed, we will filter each
    // select column on it
    // KFD 8/8/07, a comma in first letters now means look in
    //             1st column only + second column only
    $SLimit = '';
    $xWhere = array();
    if ($firstletters == '*') {
        // do nothing, no where clauses
    } elseif ($firstletters != '') {
        $SLimit = "Limit 40 ";
        if (strpos($firstletters, ',') === false) {
            // original code, search all columns
            $implode = ' OR ';
            foreach ($aproj as $aproj1) {
                $type_id = $table['flat'][$aproj1]['type_id'];
                $subs = '';
                if (!in_array($type_id, array('char', 'vchar', 'text'))) {
                    $subs = '::varchar';
                $sl = strlen($firstletters);
                $xWhere[] = "SUBSTRING(LOWER({$aproj1}{$subs}) FROM 1 FOR {$sl})" . "=" . strtolower(SQLFC($firstletters));
        } else {
            // New code 8/8/07, search first column, 2nd, third only,
            // based on existence of commas
            $implode = ' AND ';
            $afl = explode(',', $firstletters);
            foreach ($afl as $x => $fl) {
                $type_id = $table['flat'][$aproj1]['type_id'];
                $subs = '';
                if (!in_array($type_id, array('char', 'vchar', 'text'))) {
                    $subs = '::varchar';
                $sl = strlen($fl);
                $xWhere[] = "SUBSTRING(LOWER({$aproj[$x + 1]}{$subs}) FROM 1 FOR {$sl})" . "=" . strtolower(SQLFC($fl));
    if (count($xWhere) > 0) {
        $aWhere[] = "(" . implode($implode, $xWhere) . ")";
    // Finish off the where clause
    if (count($aWhere) > 0) {
        $SWhere = "WHERE " . implode(' AND ', $aWhere);
    } else {
        $SWhere = '';
    // Execute and return
    $sDistinct = $distinct != '' ? ' DISTINCT ' : '';
    $SOB = $aproj[0];
    if ($allcols) {
        # KFD 6/9/08, added in automatic ordering on queuopos column
        $OB = isset($table['flat']['queuepos']) ? 'queuepos' : '2';
        $sq = "SELECT skey,{$proj}\n              FROM {$view_id}\n           {$SWhere}\n            ORDER BY {$OB} {$SLimit}";
    } else {
        $sq = "SELECT {$sDistinct} {$pk} as _value,{$collist} as _display\n              FROM {$view_id}\n           {$SWhere}\n             ORDER BY {$SOB} {$SLimit} ";
    if ( ConfigGet( 'flag_syslog', 'Y' ) == 'Y' ) {
    if (ConfigGet('flag_syslog', 'Y') == 'Y') {
        syslog(LOG_INFO, $sq);
    $rows = SQL_Allrows($sq);
    return $rows;
Exemplo n.º 2
 function Login_Process()
     $arg2 = $this->directlogin == true ? 'direct' : '';
     // only process if user hit "post"
     if (gp('gp_posted', '', false) == '') {
     vgfSet('LoginAttemptOK', false);
     // Error title
     vgfSet('ERROR_TITLE', '*');
     // If the user supplied a loginUID, this is a post and we
     // must process the request.
     $ale = vgaGet('login_errors', array());
     $app = $GLOBALS['AG']['application'];
     $em000 = isset($ale['000']) ? $ale['000'] : "That username/password combination did not work.  Please try again.";
     $em001 = isset($ale['001']) ? $ale['001'] : "That username/password combination did not work.  Please try again.";
     $em002 = isset($ale['002']) ? $ale['002'] : "That username/password combination did not work.  Please try again.";
     $em099 = isset($ale['099']) ? $ale['099'] : "That username/password combination did not work.  Please try again.";
     $terror = "";
     $uid = gp('loginUID');
     $uid = MakeUserID($uid);
     //$uid = str_replace('@','_',$uid);
     //$uid = str_replace('.','_',$uid);
     $pwd = gp("loginPWD", "", false);
     // First check, never allow the database server's superuser
     // account
     if ($uid == "postgres") {
         if (vgfGet('loglogins', false)) {
             sysLog(LOG_WARNING, "Andromeda:{$app}:Bad login attempt as postgres");
             fwLogEntry('1011', 'Attempt login as postgres', '', $arg2);
     $app = $GLOBALS['AG']['application'];
     if (substr($uid, 0, strlen($app)) == $app) {
         if (vgfGet('loglogins', false)) {
             sysLog(LOG_WARNING, "Andromeda:{$app}:Bad login attempt as group role");
             fwLogEntry('1012', 'Attempt login as group role', $uid, $arg2);
     // Begin with a connection attempt.
     // on fail, otherwise continue
     $tcs = @SQL_CONN($uid, $pwd);
     if ($tcs === false) {
         if (vgfGet('loglogins', false)) {
             sysLog(LOG_NOTICE, "Andromeda:{$app}:Bad login attempt server rejected");
             fwLogEntry('1013', 'Server rejected username/password', $uid, $arg2);
     } else {
     // The rest of this routine uses an admin connection.  If we
     // have an error, we must close the connection before returning!
     //    ...yes, yes, that's bad form, all complaints to /dev/null
     if (vgfGet('loglogins', false)) {
         fwLogEntry('1010', 'Login OK', $uid, $arg2);
     // See if they are a root user.  If not, do they have an
     //  active account?
     $root = false;
     $admin = false;
     $group_id_eff = '';
     $results = SQL("\n         Select oid\n           FROM pg_roles   \n          WHERE rolname = CAST('{$uid}' as name)\n            AND rolsuper= true");
     $cr = SQL_NUMROWS($results);
     if ($cr != 0) {
         $root = true;
     } else {
         $results = SQL("Select * from users WHERE LOWER(user_id)='{$uid}'" . "AND (user_disabled<>'Y' or user_disabled IS NULL)");
         $cr = SQL_NUMROWS($results);
         if ($cr == 0) {
             sysLog(LOG_WARNING, "Andromeda:{$app}:Bad login attempt code 002");
         } else {
             $userinfo = SQL_Fetch_Array($results);
             $group_id_eff = $userinfo['group_id_eff'];
             SessionSet('user_name', $userinfo['user_name']);
     // Flag if the user is an administrator
     if ($root == true) {
         $admin = true;
     } else {
         $results = SQL("select count(*) as admin from usersxgroups " . "where user_id='{$uid}' and group_id ='{$app}" . "_admin'");
         $row = SQL_FETCH_ARRAY($results);
         $admin = intval($row["admin"]) > 0 ? true : false;
     // Get the users' groups
     $groups = "";
     if ($root) {
         $results = SQL("\n            select group_id \n              from zdd.groups \n             where COALESCE(grouplist,'')=''");
     } else {
         $results = SQL("select group_id from usersxgroups WHERE LOWER(user_id)='{$uid}'");
     while ($row = SQL_FETCH_ARRAY($results)) {
         $agroups[] = "'" . trim($row['group_id']) . "'";
     $groups = array();
     if (!empty($agroups)) {
         $groups = implode(",", $agroups);
     // We have a successful login.  If somebody else was already
     // logged in, we need to wipe out that person's session.  But
     // don't do this if there was an anonymous login.
     if (LoggedIn()) {
         $uid_previous = SessionGet('UID');
         if ($uid != $uid_previous) {
     // We know who they are and that they can connect,
     // see if there is any app-specific confirmation required
     if (function_exists('app_login_process')) {
         //echo "Calling the process now";
         if (!app_login_process($uid, $pwd, $admin, $groups)) {
     // Protect the session from hijacking, generate a new ID
     // We now have a successful connection, set some
     // flags and lets go
     vgfSet('LoginAttemptOK', true);
     SessionSet("UID", $uid);
     SessionSet("PWD", $pwd);
     SessionSet("ADMIN", $admin);
     SessionSet("ROOT", $root);
     SessionSet("GROUP_ID_EFF", $group_id_eff);
     SessionSet("groups", $groups);
     if (gp('gpz_page') == '') {
         # KFD 9/12/08, extra command to not change page
         if (gp('st2keep') != 1) {
             gpSet('gp_page', '');
     $GLOBALS['session_st'] = 'N';
     // for "N"ormal
     // -------------------------------------------------------------------
     // We are about to make the menu.  Before doing so, see if there
     // are any variables set for the menu layout.  Set defaults and then
     // load from database.
     $this->pmenu = array('MENU_TYPE' => vgaGet('MENU_TYPE', 'div'), 'MENU_CLASS_MODL' => vgaGet('MENU_CLASS_MODL', 'modulename'), 'MENU_CLASS_ITEM' => vgaGet('MENU_CLASS_ITEM', 'menuentry'), 'MENU_TICK' => vgaGET('MENU_TICK', ' - '));
     //$sql = "SELECT * from variables WHERE variable like 'MENU%'";
     //$dbres = SQL($sql);
     //while ($row = SQL_FETCH_ARRAY($dbres)) {
     //   $this->pmenu[trim($row['variable'])]=trim($row['variable_value']);
     // -------------------------------------------------------------------
     // KFD 10/28/06, Modified to examine "nomenu" instead of permsel
     //   pulls all tables user has nomenu='N'.  The basic idea is
     //   to remove from $AGMENU the stuff they don't see
     // GET AGMENU
     $AGMENU = array();
     // avoid compiler warning, populated next line
     include "ddmodules.php";
     // Pull distinct modules person has any menu options in.
     $sq = "SELECT DISTINCT module\n             FROM zdd.perm_tabs \n            WHERE nomenu='N'\n              AND group_id iN ({$groups})";
     $modules = SQL_AllRows($sq, 'module');
     $AGkeys = array_keys($AGMENU);
     foreach ($AGkeys as $AGkey) {
         if (!isset($modules[$AGkey])) {
     // Now recurse the remaining modules and do the same trick
     // for each one, removing the tables that don't exist
     foreach ($AGMENU as $module => $moduleinfo) {
         $sq = "SELECT DISTINCT table_id\n                FROM zdd.perm_tabs \n               WHERE nomenu='N'\n                 AND module = '{$module}'\n                 AND group_id iN ({$groups})";
         $tables = SQL_AllRows($sq, 'table_id');
         $tkeys = array_keys($moduleinfo['items']);
         foreach ($tkeys as $tkey) {
             if (!isset($tables[$tkey])) {
     // KFD 12/18/06.  Put all table permissions into session
     $table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n           WHERE group_id IN ({$groups})\n             AND nomenu='N'", 'table_id');
     SessionSet('TABLEPERMSMENU', array_keys($table_perms));
     $table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n           WHERE group_id IN ({$groups})\n             AND permsel='Y'", 'table_id');
     SessionSet('TABLEPERMSSEL', array_keys($table_perms));
     $table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n           WHERE group_id IN ({$groups})\n             AND permins='Y'", 'table_id');
     SessionSet('TABLEPERMSINS', array_keys($table_perms));
     $table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n           WHERE group_id IN ({$groups})\n             AND permupd='Y'", 'table_id');
     SessionSet('TABLEPERMSUPD', array_keys($table_perms));
     $table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n           WHERE group_id IN ({$groups})\n             AND permdel='Y'", 'table_id');
     SessionSet('TABLEPERMSDEL', array_keys($table_perms));
     //echo "<div style='background-color:white'>";
     //echo "$uid $groups $group_id_eff";
     //echo "</div>";
     // KFD 7/9/07, we always use joomla templates now, don't need
     // options to turn them off
     //if(defined('_ANDROMEDA_JOOMLA')) {
     // In a hybrid situation, put the menu into the session
     SessionSet('AGMENU', $AGMENU);
     $HTML_Menu = "";
     $WML_Menu = "";
     foreach ($AGMENU as $key=>$module) {
        //if($key=="datadict") continue;
        //if($key=="sysref")   continue;
        foreach($module["items"] as $itemname=>$item) {
           if (!isset($item["mode"])) { $item["mode"]="normal"; }
           switch ($item["mode"]) {
              case "normal":
                 if($item['menu_parms']<>'') {
                    foreach($aextras as $aextra) {
              case "ins":
                 //if ($admin || isset($tables_ins[$item["name"]]))  {
                    #   "\n<font class=\"tablename\">- <a href=\"index.php?gp_page=".$itemname."\">".
                    #   $item["description"]."</a></font><br />";
        // the module is defined AFTER its contents so it can be
        // left off if it has no entries
        if ($HTML_Module!="") {
        if ($WML_Module!="") {
     DynamicSave("menu_" . $uid . ".php", $HTML_Menu);
     DynamicSave("menu_wml_" . $uid . ".php", $WML_Menu);
     // -------------------------------------------------------------------
     // Fetch and cache user preferences
     if (vgaGet('member_profiles')) {
     // -------------------------------------------------------------------
     // Now find the user's table permissions more precisely table by table
     $sql = "select p.table_id,\n\t\t\t\tmax(case when p.permins='Y' then 1 else 0 end) as permins,\n\t\t\t\tmax(case when p.permupd='Y' then 1 else 0 end) as permupd,\n\t\t\t\tmax(case when p.permdel='Y' then 1 else 0 end) as permdel,\n\t\t\t\tmax(case when p.permsel='Y' then 1 else 0 end) as permsel\n\t\t\t\tfrom zdd.perm_tabs  P\n\t\t\t\tWHERE group_id in ({$groups})\n\t\t\t\tGROUP BY p.table_id";
     //echo $sql;
     $results = SQL($sql);
     $HTML_Perms = "<?php\n\$table_perms = array();\n";
     while ($row = SQL_FETCH_ARRAY($results)) {
         $tn = $row["table_id"];
         $ti = $row["permins"];
         $tu = $row["permupd"];
         $td = $row["permdel"];
         $ts = $row["permsel"];
         $HTML_Perms .= "\$table_perms[\"{$tn}\"]=array(\"ins\"=>{$ti},\"upd\"=>{$tu},\"del\"=>{$td},\"sel\"=>{$ts});\n";
     $HTML_Perms .= "?>\n";
     DynamicSave("perms_" . $uid . ".php", $HTML_Perms);
     /* October 28, 2006, KFD.  Rem'd this all out, column and row security
              made this irrelevant
     		// -------------------------------------------------------------------
     		// Find out if this user has any UID Columns, columns that create
     		// filters on the user's UID
     		$sql = "Select column_id FROM groupuids WHERE group_id IN ($groups)";
     		//echo $sql;
     		$results = SQL($sql);
     		$groupuids = array();
     		while ($row = SQL_FETCH_ARRAY($results)) {
     			//echo "Found this one".$row["column_id"];
     			$groupuids[$row["column_id"]] = $row["column_id"];
Exemplo n.º 3
Arquivo: log.php Projeto: rkania/GS3
function gs_log($level, $msg, $logfile = null, $fifo = false)
    global $gs_is_in_gs_log;
    static $log_to = null;
    static $logfiles = array();
    static $levels = array(GS_LOG_DEBUG => array('v' => 'debug', 'sll' => LOG_DEBUG), GS_LOG_NOTICE => array('v' => 'note', 'sll' => LOG_INFO), GS_LOG_WARNING => array('v' => 'WARN', 'sll' => LOG_WARNING), GS_LOG_FATAL => array('v' => 'ERROR', 'sll' => LOG_ERR));
    static $syslog_opened = false;
    static $syslog_facility = null;
    if (@$gs_is_in_gs_log) {
        return false;
    # prevent recursive calls to gs_log()
    if ($level > GS_LOG_LEVEL) {
        return true;
    $gs_is_in_gs_log = true;
    if ($log_to === null) {
        $log_to = gs_get_conf('GS_LOG_TO');
    $level_info = array_key_exists($level, $levels) ? $levels[$level] : array('v' => '???? ', 'sll' => LOG_WARNING);
    //$msg = str_replace(GS_DIR, '<GS_DIR>', $msg);
    $msg = str_replace(GS_DIR, '', $msg);
    $backtrace = debug_backtrace();
    if (is_array($backtrace) && isset($backtrace[0])) {
        $file = @$backtrace[0]['file'];
        if (subStr($file, 0, strLen(GS_DIR)) === GS_DIR) {
            $file = str_replace(GS_DIR, '', $file);
        $line = @$backtrace[0]['line'];
    } else {
        $file = '';
        $line = 0;
    if ($fifo) {
        $log_to = 'file';
    if ($log_to === 'file') {
        $dateFn = GS_LOG_GMT ? 'gmDate' : 'date';
        if (strLen($line) < 4) {
            $line = str_pad($line, 4, ' ', STR_PAD_LEFT);
        $msg = $dateFn('Y-m-d H:i:s') . ' [' . str_pad($level_info['v'], 5) . '] ' . $file . ':' . $line . ': ' . $msg . "\n";
        if (!$logfile) {
            $logfile = GS_LOG_FILE;
        if (@subStr($logfile, 0, 1) != '/') {
            $logfile = '/var/log/gemeinschaft/' . $logfile;
        if (!@array_key_exists($logfile, $logfiles)) {
            $sudo = posix_getEUid() == 0 ? '' : 'sudo ';
            # if the logfile should be a fifo but isn't then remove it so
            # it will be created as a fifo
            if ($fifo && file_exists($logfile) && !@is_fifo($logfile)) {
                $err = 0;
                $out = array();
                @exec($sudo . 'rm -f ' . qsa($logfile) . ' 1>>/dev/null 2>>/dev/null', $out, $err);
                if ($err != 0) {
                    # probably permission denied
                    $gs_is_in_gs_log = false;
                    return false;
            if (!@file_exists($logfile)) {
                $err = 0;
                $out = array();
                @exec($sudo . 'mkdir -p ' . qsa(dirName($logfile)) . ' 1>>/dev/null 2>>/dev/null', $out, $err);
                if ($err != 0) {
                    # probably permission denied
                    $gs_is_in_gs_log = false;
                    return false;
                if ($fifo) {
                    $err = 0;
                    $out = array();
                    @exec($sudo . 'mkfifo ' . qsa($logfile) . ' 1>>/dev/null 2>>/dev/null', $out, $err);
                    if ($err != 0) {
                        # probably permission denied
                        $gs_is_in_gs_log = false;
                        return false;
            //@chmod($logfile, 0666);  # in octal mode!
            @exec($sudo . 'chmod 0666 ' . qsa($logfile) . ' 1>>/dev/null 2>>/dev/null');
            if (!$fifo) {
                $logfiles[$logfile] = @fOpen($logfile, 'ab');
                # might fail if permission denied
            } else {
                $logfiles[$logfile] = fOpen($logfile, 'ab+');
                # The trick is to open the FIFO for reading *and writing*.
                # "a" : open(..., O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, ...)
                # "a+": open(..., O_RDWR  |O_CREAT|O_APPEND|O_LARGEFILE, ...)
                # O_WRONLY blocks for FIFOs. O_RDWR does not.
            if (!$logfiles[$logfile]) {
                $gs_is_in_gs_log = false;
                return false;
        if ($fifo) {
            @stream_set_blocking($fd, false);
            # not even really needed
            # Just to be sure check that the stream will not block.
            # However by using the above trick it will not block anyways.
            $select = array($logfiles[$logfile]);
            # needs to be passed by reference
            $null = null;
            # needs to be passed by reference
            if (stream_select($null, $select, $null, 0, 0) < 1) {
                $gs_is_in_gs_log = false;
                return false;
        $ok = @fWrite($logfiles[$logfile], $msg, strLen($msg)) !== false;
    } elseif ($log_to === 'syslog') {
        if ($syslog_facility === null) {
            $fac_name = strToUpper(gs_get_conf('GS_LOG_SYSLOG_FACILITY'));
            if (in_array($fac_name, array('LOCAL0', 'LOCAL1', 'LOCAL2', 'LOCAL3', 'LOCAL4', 'LOCAL5', 'LOCAL6', 'LOCAL7', 'USER', 'MAIL', 'DAEMON', 'AUTH', 'AUTHPRIV', 'SYSLOG', 'LPR', 'NEWS', 'UUCP', 'CRON'), true) && defined('LOG_' . $fac_name)) {
                $syslog_facility = constant('LOG_' . $fac_name);
            } else {
                $syslog_facility = LOG_USER;
        if (subStr($file, -4) === '.php') {
            $file = subStr($file, 0, -4);
        if (strLen($file) <= 32) {
            $tag = $file;
        } else {
            $tag = baseName($file);
        $msg = $tag . '#' . $line . ': (' . $level_info['v'] . ') ' . $msg;
        if (!$syslog_opened) {
            if (!$syslog_facility) {
                $syslog_facility = LOG_LOCAL5;
            $syslog_opened = @openLog('gemeinschaft', LOG_ODELAY, $syslog_facility);
        $sll = @$level_info['sll'];
        if ($sll === null) {
            $sll = LOG_WARNING;
        $ok = @sysLog($sll, addCSlashes($msg, "\\\r\n\t....ÿ"));
    } else {
        $ok = false;
    $gs_is_in_gs_log = false;
    return $ok;