= time())) {
if(!db_login ($_SESSION['username'], $_SESSION['passwd'])) {
$tMessage = 'Dati di autenticazione errati';
$tUsername = $_SESSION['username'];
$_SESSION['auth'] = 0;
session_destroy();
include ("userlogin.php");
exit;
} else {
logga ($_SERVER['REQUEST_URI']);
$_SESSION['time'] = time();
return carica_utente ();
}
} else {
if ($_POST['fUsername']) {
$fUsername = $_POST['fUsername'];
$fPassword = $_POST['fPassword'];
if(db_login ($fUsername, $fPassword)) {
$_SESSION = array();
$_SESSION['passwd'] = $fPassword;
$_SESSION['username'] = $fUsername;
$_SESSION['auth'] = 1;
$_SESSION['time'] = time();
session_regenerate_id(TRUE);
logga ("Accesso");
return carica_utente ();
} else {
$tMessage = 'Errore';
$tUsername = $fUsername;
include ("userlogin.php");
exit;
}
} else {
if ($_SESSION['auth'] && ($_SESSION['time']+$CONF['temposessione']*60 < time())) {
$tMessage = 'Sessione scaduta';
$tUsername = $_SESSION['username'];
logga ("Sessione scaduta");
include ("userlogin.php");
exit;
} else {
include ("userlogin.php");
exit;
}
}
}
}
function carica_conf ($modulo="") {
global $CONF, $DB_ID;
if ($modulo != "") {
$query = "SELECT prefisso FROM moduli WHERE nome = '$modulo'";
$res = mysql_query( $query, $DB_ID );
$dato = mysql_fetch_array ( $res );
$tabella = $dato['prefisso']."conf";
} else {
$tabella = "conf";
}
$query = "SELECT variabile, valore FROM $tabella";
$res = mysql_query( $query, $DB_ID );
while ($dato = mysql_fetch_array ( $res )) {
$tmp[$dato[0]] = $dato[1];
}
return $tmp;
}
function isadmin () {
global $UTENTE, $CONF;
if ($UTENTE['admin']) {
return;
} else {
header("location: ".$CONF['base_url']."/index.php");
exit;
}
}
function carica_utente () {
global $_SESSION, $CONF, $DB_ID;
$query = "SELECT * FROM utenti where utente = '".$_SESSION['username']."'";
$res = mysql_query( $query, $DB_ID );
$dati = mysql_fetch_array ( $res );
return $dati;
}
function is_first_access () {
global $_SESSION, $DB_ID, $CONF;
$utente = $_SESSION['username'];
$query = "SELECT * FROM utenti WHERE utente = '$utente'";
$res = mysql_query( $query, $DB_ID );
if (!mysql_fetch_array( $res )) {
$query = "INSERT INTO utenti SET utente='$utente', max_perm='".$CONF['permanenti']."', max_temp='".$CONF['temporanei']."', creato=now(), max_tempo='".$CONF['tempo_temporanei']."', totale=".$CONF['totale'].", idtemplate=".$CONF['template_base'];
mysql_query( $query, $DB_ID );
logga ("Creazione nuova utenza");
mkdir ($CONF['storage'].'/'.$utente);
logga ("Creazione storage utente");
}
}
function logga ($testo, $dest="") {
global $_SESSION, $DB_ID, $CONF;
if ($dest == "") {
$destinatario = $_SESSION['username'];
} else {
$destinatario = $dest;
}
$ip = @$_SERVER["REMOTE_ADDR"];
$sessione = session_id();;
// print "-- $sessione --";
$query = "INSERT INTO accessi_utenti SET utente = '$destinatario', quando = now(), ip = '$ip', cosa = '$testo', sessione = '$sessione'";
$queryuser = "UPDATE utenti SET ultimo = now() WHERE utente = '$destinatario'";
// print "-- $query --";
$res = mysql_query( $query, $DB_ID );
$res = mysql_query( $queryuser, $DB_ID );
}
function logga_allegati ($id, $cosa) {
global $DB_ID, $CONF;
$ip = $_SERVER["REMOTE_ADDR"];
$query = "INSERT INTO accesso_allegati SET idallegato=$id, quando=now(), cosa='$cosa', ip='$ip'";
$res = mysql_query( $query, $DB_ID );
}
function ultimo_coll () {
global $_SESSION, $DB_ID, $CONF;
$query = "SELECT DATE_FORMAT(quando, '%d-%m-%Y %H:%i:%s') as quando FROM accessi_utenti WHERE utente = '".$_SESSION['username']."' AND cosa = 'Uscita' order by quando desc limit 1";
$res = mysql_query( $query, $DB_ID );
$dato = mysql_fetch_array ( $res );
if (is_null($dato['quando'])) {
return "Primo accesso";
} else {
return $dato['quando'];
}
}
function codice(){
global $DB_ID;
$N_Caratteri = 30;
$Stringa = "";
For($I=0;$I<$N_Caratteri;$I++){
do{
$N = Ceil(rand(48,122));
}while(!((($N >= 48) && ($N <= 57)) || (($N >= 65) && ($N <= 90)) || (($N >= 97) && ($N <= 122))));
$Stringa = $Stringa.Chr ($N);
}
$query = "SELECT * FROM allegati WHERE codice='$Stringa' AND vecchio=0";
$res = mysql_query( $query, $DB_ID );
if (mysql_fetch_array ( $res )) { $stringa = codice(); }
return $Stringa;
}
function invia_mail ($oggetto, $testo, $dest="") {
global $UTENTE, $CONF;
$headers = 'From: noreply@esseweb.eu' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
if ($dest == "") {
$destinatario = $UTENTE['utente'];
} else {
$destinatario = $dest;
}
mail($destinatario, $oggetto, $testo, $headers);
}
function fsize ($stat) {
$stat = (float)$stat;
$idx = 0;
$arr = array("B","kB","MB","GB","TB","PB","EB","ZB","YB");
while(floor($stat/1024)>0){
$stat = round($stat/1024,2);
$idx++;
}
return $stat." ".$arr[$idx];
}
function creanome ($idparent) {
global $DB_ID;
$query = "SELECT interfacce.device, defrule.idparent, defrule.priorita FROM defrule JOIN interfacce ON defrule.idinterfacce = interfacce.id WHERE defrule.id = '$idparent'";
$res = mysql_query( $query, $DB_ID );
$dato = mysql_fetch_array ( $res );
if ($dato['idparent'] == 0) {
$ritorno = $dato['device']."-2:".$dato['priorita'];
return $ritorno;
} else {
$ritorno = creanome($dato['idparent']).":".$dato['priorita'];
return $ritorno;
}
}
function defrule_att ($id) {
global $DB_ID;
$query = "UPDATE defrule SET attivo=1, stato=2 WHERE id = $id";
if (mysql_query( $query, $DB_ID )) {
azioni ("defrule", $id, 1);
$query = "SELECT idparent FROM defrule WHERE id = $id";
$res = mysql_query( $query, $DB_ID );
$dato = mysql_fetch_array ( $res );
$parent = $dato['idparent'];
if ($parent) {
$ritorno = defrule_att($parent);
} else {
$ritorno = 1;
}
} else {
return mysql_error();
}
return $ritorno;
}
function defrule_dis ($id, $stato=2) {
global $DB_ID;
$ritorno = 1;
$query = "UPDATE defrule SET attivo=0, stato=$stato WHERE id = $id";
if (mysql_query( $query, $DB_ID )) {
azioni ("defrule", $id, 3);
if ($stato == 3) {
$query_rule = "DELETE FROM rule WHERE iddefrule = $id";
mysql_query( $query_rule, $DB_ID );
}
$query = "SELECT id FROM defrule WHERE idparent = $id AND stato <> 3";
if ($res = mysql_query( $query, $DB_ID )) {
while ($dato = mysql_fetch_array ($res)) {
$ritorno = defrule_dis ($dato['id'], $stato);
}
} else {
return mysql_error();
}
} else {
return mysql_error();
}
return $ritorno;
}
function defrule_reset ($iddevice, $idparent, $fw) {
global $DB_ID;
$query = "SELECT id FROM defrule WHERE idinterfacce = $iddevice AND idparent = $idparent AND attivo = 1 AND stato <> 3";
$res = mysql_query( $query, $DB_ID );
while ($dato = mysql_fetch_array ($res)) {
$id_defrule = $dato['id'];
$query_azioni = "INSERT INTO azioni SET fw=$fw, tabella='defrule', idtabella=$id_defrule, stato=1, datains=NOW()";
mysql_query( $query_azioni, $DB_ID );
defrule_reset ($iddevice, $id_defrule, $fw);
}
}
function maxrate ($idrule, $idparent, $device) {
global $DB_ID;
if ($idparent == 0) {
$querylim = "SELECT rate, ceil FROM interfacce WHERE id = $device";
} else {
$querylim = "SELECT rate, ceil FROM defrule WHERE id = $idparent";
}
$queryatt = "SELECT SUM(rate) AS somma FROM defrule WHERE idinterfacce = $device AND attivo = 1 AND stato <> 3 AND id <> $idrule AND idparent = $idparent";
$querypri = "SELECT MAX(priorita) AS pri FROM defrule WHERE idinterfacce = $device AND stato <> 3 AND id <> $idrule AND idparent = $idparent AND priorita < 1000";
$reslim = mysql_query( $querylim, $DB_ID );
$datolim = mysql_fetch_array ($reslim);
$resatt = mysql_query( $queryatt, $DB_ID );
$datoatt = mysql_fetch_array ($resatt);
$respri = mysql_query( $querypri, $DB_ID );
$datopri = mysql_fetch_array ($respri);
$ritorno['rate'] = $datolim['rate'] - $datoatt['somma'];
$ritorno['ceil'] = $datolim['ceil'];
$ritorno['pri'] = $datopri['pri'] + 10;
return $ritorno;
}
function azioni ($tabella, $idtabella, $stato) {
global $DB_ID;
$query_fw = "SELECT id FROM firewall WHERE attivo = 1";
$res_fw = mysql_query( $query_fw, $DB_ID );
while ($dato_fw = mysql_fetch_array ($res_fw)) {
$id_fw = $dato_fw['id'];
$query_new = "INSERT INTO azioni SET fw = $id_fw, tabella = '$tabella', idtabella = $idtabella, stato = $stato, datains = NOW()";
// print "$query_new
";
mysql_query( $query_new, $DB_ID );
}
}
function array_moduli () {
global $UTENTE, $DB_ID, $CONF;
$query = " SELECT
moduli.id AS id,
moduli.nome AS nome,
moduli.directory AS directory,
moduli.descrizione AS descrizione,
permessi.accesso AS accesso
FROM
utenti
JOIN
permessi ON utenti.id = permessi.id_utenti AND permessi.accesso > 0
JOIN
moduli ON moduli.id = permessi.id_moduli
WHERE
utenti.utente = '".$_SESSION['username']."'
AND
moduli.attivo = 1
ORDER BY
ordine
";
$menu[] = array("Home", $CONF['base_url']."/core/main.php",0,"Home Page",0);
if ($UTENTE['admin']) {
$menu[] = array("Configurazione", $CONF['base_url']."/core/conf.php",0,"Modifica configurazione",0);
$query .= " UNION DISTINCT SELECT
moduli.id AS id,
moduli.nome AS nome,
moduli.directory AS directory,
moduli.descrizione AS descrizione
FROM
moduli
WHERE
moduli.superadmin > 0
AND
moduli.attivo = 1
";
}
$res = mysql_query( $query, $DB_ID );
while ($dato = mysql_fetch_array ($res)) {
$menu[] = array($dato['nome'], $CONF['base_url']."/".$dato['directory']."/index.php",$dato['id'], $dato['descrizione'], $dato['accesso']);
}
$menu[] = array("Cambio password", $CONF['base_url']."/core/chkpasswd.php",0,"Cambio Password");
return $menu;
}
function home_moduli () {
global $UTENTE, $CONF;
$menu = array_moduli();
html_spazi (array (5,30,0));
for ($i=1; $i
 |
|
|
 |
= $minimo) {
return $risposta;
} else {
header("location: ".$CONF['base_url']."/index.php");
exit;
}
}
function get_levels () {
global $DB_ID;
$query = "SELECT nome, livello FROM livelli ORDER BY livello";
$res = mysql_query( $query, $DB_ID );
$livelli = array();
while ($dato = mysql_fetch_array ($res)) {
$livelli[$dato['livello']] = $dato['nome'];
}
return $livelli;
}
function view_top () {
global $CONF, $UTENTE, $MODULO;
include_once ($_SERVER["DOCUMENT_ROOT"].$CONF['base_url']."/core/top.php");
}
function view_footer () {
global $CONF, $UTENTE;
include_once ($_SERVER["DOCUMENT_ROOT"].$CONF['base_url']."/core/footer.php");
}
function byteConvert($bytes) {
if ($bytes == 0) return "0 B";
$s = array('B', 'KB', 'MB', 'GB', 'TB', 'PB');
$e = floor(log($bytes)/log(1024));
return sprintf('%.2f '.$s[$e], ($bytes/pow(1024, $e)));
}
function generateStrongPassword($length = 9, $add_dashes = false, $available_sets = 'luds') {
$sets = array();
if(strpos($available_sets, 'l') !== false)
$sets[] = 'abcdefghjkmnpqrstuvwxyz';
if(strpos($available_sets, 'u') !== false)
$sets[] = 'ABCDEFGHJKMNPQRSTUVWXYZ';
if(strpos($available_sets, 'd') !== false)
$sets[] = '23456789';
if(strpos($available_sets, 's') !== false)
$sets[] = '!@#$%&*?';
$all = '';
$password = '';
foreach($sets as $set)
{
$password .= $set[array_rand(str_split($set))];
$all .= $set;
}
$all = str_split($all);
for($i = 0; $i < $length - count($sets); $i++)
$password .= $all[array_rand($all)];
$password = str_shuffle($password);
if(!$add_dashes)
return $password;
$dash_len = floor(sqrt($length));
$dash_str = '';
while(strlen($password) > $dash_len)
{
$dash_str .= substr($password, 0, $dash_len) . '-';
$password = substr($password, $dash_len);
}
$dash_str .= $password;
return $dash_str;
}
function html_spazi ($dati) {
global $CONF;
print "";
$somma = 0;
foreach ($dati as $riga) {
if (!$riga) {
$riga = 100 - $somma;
} else {
$somma += $riga;
}
?>
|
";
}
function html_intestazione ($dati, $tipo = array ()) {
global $CONF;
print "
";
foreach ($dati as $key => $riga) {
if ($riga == "") {
$riga = " ";
}
if (isset ($tipo[$key]) && $tipo[$key] != "") {
$classe = $tipo[$key];
} else {
$classe = "descrizione";
}
?>
|
";
}
?>