be1906548548af63e72893ee58216d490566298b
bernd webinterface => /webinterface

bernd authored 17 years ago

1) <?php
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

2) /*
3) This file belongs to the Webinterface of schokokeks.org Hosting
4) 
Bernd Wurst Copyright year update

Bernd Wurst authored 6 years ago

5) Written 2008-2018 by schokokeks.org Hosting, namely
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

6)   Bernd Wurst <bernd@schokokeks.org>
7)   Hanno Böck <hanno@schokokeks.org>
8) 
9) To the extent possible under law, the author(s) have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty.
10) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

11) You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

12) http://creativecommons.org/publicdomain/zero/1.0/
13) 
14) Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code.
15) */
bernd webinterface => /webinterface

bernd authored 17 years ago

16) 
bernd XSS/CSRF-Bugs behoben

bernd authored 17 years ago

17) require_once("inc/security.php");
18) 
bernd webinterface => /webinterface

bernd authored 17 years ago

19) function system_failure($reason)
20) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

21)     input_error($reason);
22)     show_page();
23)     die();
bernd webinterface => /webinterface

bernd authored 17 years ago

24) }
25) 
26) 
27) function input_error($reason)
28) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

29)     global $input_error;
30)     if (!isset($input_error)) {
31)         $input_error = array();
32)     }
33)     array_push($input_error, $reason);
bernd webinterface => /webinterface

bernd authored 17 years ago

34) }
35) 
36) function warning($msg)
37) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

38)     if (!isset($_SESSION['warning'])) {
39)         $_SESSION['warning'] = array();
40)     }
41)     array_push($_SESSION['warning'], $msg);
42)     $backtrace = debug_backtrace();
43)     DEBUG('WARNING:<br>'.$backtrace[0]['file'].':'.$backtrace[0]['line'].': '.$msg);
bernd webinterface => /webinterface

bernd authored 17 years ago

44) }
45) 
46) function success_msg($msg)
47) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

48)     if (!isset($_SESSION['success_msg'])) {
49)         $_SESSION['success_msg'] = array();
50)     }
51)     array_push($_SESSION['success_msg'], $msg);
bernd webinterface => /webinterface

bernd authored 17 years ago

52) }
53) 
54) 
bernd Erste Version des vmail-Modul

bernd authored 17 years ago

55) function we_have_an_error()
56) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

57)     global $input_error;
bernd Erste Version des vmail-Modul

bernd authored 17 years ago

58) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

59)     if (isset($input_error)) {
60)         return (count($input_error) > 0);
61)     } else {
62)         return 0;
63)     }
bernd Erste Version des vmail-Modul

bernd authored 17 years ago

64) }
65) 
66) 
bernd Umstellung auf Theme-Suppor...

bernd authored 14 years ago

67) function get_messages()
bernd webinterface => /webinterface

bernd authored 17 years ago

68) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

69)     $messages = '';
70)     global $input_error;
71)     if (isset($input_error)) {
72)         $messages .= '<div class="error">
bernd webinterface => /webinterface

bernd authored 17 years ago

73)     <h3>Fehler</h3>
74)     <p>Folgende Fehler wurden festgestellt: </p>
75)     <ul>
76)     ';
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

77)         foreach ($input_error as $error) {
78)             $messages .= '<li>'.nl2br(filter_input_general($error))."</li>\n";
79)         }
80)         $messages .= '</ul>
bernd webinterface => /webinterface

bernd authored 17 years ago

81)     </div>';
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

82)     }
83)     if (isset($_SESSION['warning'])) {
Bernd Wurst Warnungen nicht wie Fehler...

Bernd Wurst authored 5 years ago

84)         $messages .= '<div class="warning">
bernd webinterface => /webinterface

bernd authored 17 years ago

85)     <ul>
86)     ';
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

87)         foreach ($_SESSION['warning'] as $msg) {
88)             $messages .= '<li>'.nl2br(filter_input_general($msg))."</li>\n";
89)         }
90)         $messages .= '</ul>
bernd webinterface => /webinterface

bernd authored 17 years ago

91)     </div>';
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

92)         unset($_SESSION['warning']);
93)     }
94)     if (isset($_SESSION['success_msg'])) {
95)         $messages .= '<div class="success">
bernd webinterface => /webinterface

bernd authored 17 years ago

96)     <ul>
97)     ';
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

98)         foreach ($_SESSION['success_msg'] as $msg) {
99)             $messages .= '<li>'.nl2br(filter_input_general($msg))."</li>\n";
100)         }
101)         $messages .= '</ul>
bernd webinterface => /webinterface

bernd authored 17 years ago

102)     </div>';
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

103)         unset($_SESSION['success_msg']);
104)     }
105)     return $messages;
bernd webinterface => /webinterface

bernd authored 17 years ago

106) }
107) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

108) function show_messages()
bernd Umstellung auf Theme-Suppor...

bernd authored 14 years ago

109) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

110)     echo get_messages();
bernd Umstellung auf Theme-Suppor...

bernd authored 14 years ago

111) }
bernd webinterface => /webinterface

bernd authored 17 years ago

112) 
113) function require_role($roles)
114) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

115)     if (! is_array($roles)) {
116)         $roles = array($roles);
Bernd Wurst Blende Aktionen aus, wenn d...

Bernd Wurst authored 6 years ago

117)     }
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

118)     $allow = false;
119)     foreach ($roles as $role) {
120)         if ($role & $_SESSION['role']) {
121)             $allow = true;
122)         }
123)     }
124)     if (! $allow) {
125)         if ($_SESSION['role'] == ROLE_ANONYMOUS) {
126)             login_screen();
127)         } else {
128)             $backtrace = debug_backtrace();
129)             DEBUG($backtrace[0]['file'].':'.$backtrace[0]['line'].': Current user does not have any of the required roles: '.implode(",", $roles));
130)             login_screen("Diese Seite können Sie mit Ihren aktuellen Zugriffsrechten nicht benutzen, bitte melden Sie sich mit den benötigten Zugriffsrechten an!");
131)         }
Bernd Wurst Blende Aktionen aus, wenn d...

Bernd Wurst authored 6 years ago

132)     }
bernd webinterface => /webinterface

bernd authored 17 years ago

133) }
134) 
135) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

136) function login_screen($why = null)
bernd webinterface => /webinterface

bernd authored 17 years ago

137) {
Bernd Wurst add brute force protection...

Bernd Wurst authored 5 years ago

138)     $failed = count_failed_logins();
139)     if ($failed > 5) {
140)         global $title;
141)         $title = '';
142)         system_failure("Zu viele fehlgeschlagenen Login-Versuche! Bitte warten Sie einige Minuten bis zum nächsten Versuch!");
143)     }
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

144)     if (! $why) {
145)         if (isset($_COOKIE['CLIENTCERT_AUTOLOGIN']) && $_COOKIE['CLIENTCERT_AUTOLOGIN'] == '1') {
146)             redirect("/certlogin/index.php?destination=".urlencode($_SERVER['REQUEST_URI']));
147)         }
148)     }
149)     require_once('inc/theme.php');
150)     if ($why) {
151)         warning($why);
152)     }
153)     show_page('login');
154)     die();