1: <?php
  2: /**
  3:  * This file contains the CONTENIDO system related functions.
  4:  *
  5:  * @package          Core
  6:  * @subpackage       Backend
  7:  * @version          SVN Revision $Rev:$
  8:  *
  9:  * @author           Unknown
 10:  * @copyright        four for business AG <www.4fb.de>
 11:  * @license          http://www.contenido.org/license/LIZENZ.txt
 12:  * @link             http://www.4fb.de
 13:  * @link             http://www.contenido.org
 14:  */
 15: 
 16: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
 17: 
 18: 
 19: /**
 20:  * Clears CONTENIDO standard errorlog.txt
 21:  * @return  string   Message if clearing was successfull or not
 22:  */
 23: function emptyLogFile() {
 24:     global $cfg, $notification, $auth;
 25: 
 26:     if (strpos($auth->auth["perm"], "sysadmin") === false) {
 27:         return $notification->returnNotification("error", i18n("Can't clear error log : Access is denied!"));
 28:     }
 29: 
 30:     $tmp_notification = false;
 31: 
 32:     // clear errorlog.txt
 33:     $filename = $cfg['path']['contenido_logs'] . 'errorlog.txt';
 34: 
 35:     if (cFileHandler::exists($filename) && is_writeable($filename)) {
 36:         cFileHandler::truncate($filename);
 37:         $tmp_notification = $notification->returnNotification("info", i18n("Error log successfully cleared!"));
 38:     } else if (cFileHandler::exists($filename) && !is_writeable($filename)) {
 39:         $tmp_notification = $notification->returnNotification("error", i18n("Can't clear error log : Access is denied!"));
 40:     }
 41: 
 42:     return $tmp_notification;
 43: }
 44: 
 45: /**
 46:  * Grabs phpinfo() output.
 47:  *
 48:  * @return string  HTML output of phpinfo()
 49:  */
 50: function phpInfoToHtml() {
 51:     // get output
 52:     ob_start();
 53:     phpinfo();
 54:     $phpInfoToHtml = ob_get_contents();
 55:     ob_end_clean();
 56: 
 57:     return $phpInfoToHtml;
 58: }
 59: 
 60: /**
 61:  * Check if the user has a right for a defined client.
 62:  *
 63:  * @param  int  $client client id
 64:  * @return  bool  Wether user has access or not
 65:  */
 66: function systemHavePerm($client) {
 67:     global $auth;
 68: 
 69:     if (!isset ($auth->perm['perm'])) {
 70:         $auth->perm['perm'] = '';
 71:     }
 72: 
 73:     $userPerm = explode(',', $auth->auth['perm']);
 74: 
 75:     if (in_array('sysadmin', $userPerm)) { // is user sysadmin ?
 76:         return true;
 77:     } elseif (in_array('admin['.$client.']', $userPerm)) { // is user admin for this client ?
 78:         return true;
 79:     } elseif (in_array('client['.$client.']', $userPerm)) { // has user access to this client ?
 80:         return true;
 81:     }
 82:     return false;
 83: }
 84: 
 85: /**
 86:  * Check for valid ip adress
 87:  *
 88:  * @param   string  $strHostAdress  IP adress
 89:  * @return  bool If string is a valid ip or not
 90:  */
 91: function isIPv4($strHostAdress) {
 92:     // ip pattern needed for validation
 93:     $ipPattern = "([0-9]|1?\d\d|2[0-4]\d|25[0-5])";
 94:     if (preg_match("/^$ipPattern\.$ipPattern\.$ipPattern\.$ipPattern?$/", $strHostAdress)) { // ip is valid
 95:         return true;
 96:     }
 97:     return false;
 98: }
 99: 
100: /**
101:  * must be done
102:  *
103:  * @param string  $strConUrl  CONTENIDO fullhtmlPath
104:  * @param string  $strBrowserUrl  current browser string
105:  * @return string  Status of path comparement
106:  */
107: function checkPathInformation($strConUrl, $strBrowserUrl) {
108:     // parse url
109:     $arrConUrl = parse_url($strConUrl);
110:     $arrBrowserUrl = parse_url($strBrowserUrl);
111: 
112:     if (isIPv4($arrConUrl['host'])) { // is
113:         if (isIPv4($arrBrowserUrl['host'])) { // is
114:             if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) {
115:                 return '1';
116:             }
117: 
118:             return '2';
119:         } else { // isn't
120:             $arrBrowserUrl['host'] = gethostbyname($arrBrowserUrl['host']);
121:             if (!isIPv4($arrBrowserUrl['host'])) {
122:                 return '3';
123:             }
124: 
125:             if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) {
126:                 return '1';
127:             }
128: 
129:             return '2';
130:         }
131:     } else { // isn't
132:         if (isIPv4($arrBrowserUrl['host'])) { //is
133:             $tmpAddr = gethostbyaddr($arrBrowserUrl['host']);
134:             $arrBrowserUrl['host'] = str_replace('-', '.', substr($tmpAddr, 0, strpos($tmpAddr, ".")));
135: 
136:             if (isIPv4($arrBrowserUrl['host'])) {
137:                 return '3';
138:             }
139: 
140:             if (compareUrlStrings($arrConUrl, $arrBrowserUrl, true)) {
141:                 return '1';
142:             }
143: 
144:             return '2';
145: 
146:         } else { // isn't
147:             if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) {
148:                 return '1';
149:             }
150: 
151:             return '2';
152:         }
153:     }
154: }
155: 
156: /**
157:  * check path informations
158:  *
159:  * checks two path informations against each other to get potential nonconformities
160:  */
161: function compareUrlStrings($arrConUrl, $arrBrowserUrl, $isIP = false) {
162:     // && $isIP == false
163: 
164:     // remove 'www.' if needed
165:     if (strpos($arrConUrl['host'], 'www.') == 0 || strpos($arrBrowserUrl['host'], 'www.') == 0) {
166:         $arrConUrl['host'] = str_replace('www.', '', $arrConUrl);
167:         $arrBrowserUrl['host'] = str_replace('www.', '', $arrBrowserUrl);
168:     }
169: 
170:     $strConUrl = $arrConUrl['scheme'].'://'.$arrConUrl['host'].$arrConUrl['path'];
171:     $strBrowserUrl = $arrBrowserUrl['scheme'].'://'.$arrBrowserUrl['host'].$arrBrowserUrl['path'];
172: 
173:     if (strcmp($strConUrl, $strBrowserUrl) != 0) {
174:         return false;
175:     }
176:     return true;
177: }
178: