1: <?php
  2: /**
  3:  * This file contains the CONTENIDO system related functions.
  4:  *
  5:  * @package          Core
  6:  * @subpackage       Backend
  7:  * @version          SVN Revision $Rev:$
  8:  *
  9:  * @author           Unknown
 10:  * @copyright        four for business AG <www.4fb.de>
 11:  * @license          http://www.contenido.org/license/LIZENZ.txt
 12:  * @link             http://www.4fb.de
 13:  * @link             http://www.contenido.org
 14:  */
 15: 
 16: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
 17: 
 18: /**
 19:  * Clears CONTENIDO standard errorlog.txt
 20:  * @return  string   Message if clearing was successfull or not
 21:  */
 22: function emptyLogFile() {
 23:     global $cfg, $notification, $auth;
 24: 
 25:     if (strpos($auth->auth["perm"], "sysadmin") === false) {
 26:         return $notification->returnNotification("error", i18n("Can't clear error log : Access is denied!"));
 27:     }
 28: 
 29:     $tmp_notification = false;
 30: 
 31:     // clear errorlog.txt
 32:     $filename = $cfg['path']['contenido_logs'] . 'errorlog.txt';
 33: 
 34:     if (cFileHandler::exists($filename) && is_writeable($filename)) {
 35:         cFileHandler::truncate($filename);
 36:         $tmp_notification = $notification->returnNotification("info", i18n("Error log successfully cleared!"));
 37:     } else if (cFileHandler::exists($filename) && !is_writeable($filename)) {
 38:         $tmp_notification = $notification->returnNotification("error", i18n("Can't clear error log : Access is denied!"));
 39:     }
 40: 
 41:     return $tmp_notification;
 42: }
 43: 
 44: /**
 45:  * Grabs phpinfo() output.
 46:  *
 47:  * @return string  HTML output of phpinfo()
 48:  */
 49: function phpInfoToHtml() {
 50:     // get output
 51:     ob_start();
 52:     phpinfo();
 53:     $phpInfoToHtml = ob_get_contents();
 54:     ob_end_clean();
 55: 
 56:     return $phpInfoToHtml;
 57: }
 58: 
 59: /**
 60:  * Check if the user has a right for a defined client.
 61:  *
 62:  * @param  int  $client client id
 63:  * @return  bool  Wether user has access or not
 64:  */
 65: function systemHavePerm($client) {
 66:     global $auth;
 67: 
 68:     if (!isset($auth->perm['perm'])) {
 69:         $auth->perm['perm'] = '';
 70:     }
 71: 
 72:     $userPerm = explode(',', $auth->auth['perm']);
 73: 
 74:     if (in_array('sysadmin', $userPerm)) { // is user sysadmin ?
 75:         return true;
 76:     } elseif (in_array('admin[' . $client . ']', $userPerm)) { // is user admin for this client ?
 77:         return true;
 78:     } elseif (in_array('client[' . $client . ']', $userPerm)) { // has user access to this client ?
 79:         return true;
 80:     }
 81:     return false;
 82: }
 83: 
 84: /**
 85:  * Check for valid ip adress
 86:  *
 87:  * @param   string  $strHostAdress  IP adress
 88:  * @return  bool If string is a valid ip or not
 89:  */
 90: function isIPv4($strHostAdress) {
 91:     // ip pattern needed for validation
 92:     $ipPattern = "([0-9]|1?\d\d|2[0-4]\d|25[0-5])";
 93:     if (preg_match("/^$ipPattern\.$ipPattern\.$ipPattern\.$ipPattern?$/", $strHostAdress)) { // ip is valid
 94:         return true;
 95:     }
 96:     return false;
 97: }
 98: 
 99: /**
100:  * must be done
101:  *
102:  * @param string  $strConUrl  CONTENIDO fullhtmlPath
103:  * @param string  $strBrowserUrl  current browser string
104:  * @return string  Status of path comparement
105:  */
106: function checkPathInformation($strConUrl, $strBrowserUrl) {
107:     // parse url
108:     $arrConUrl = parse_url($strConUrl);
109:     $arrBrowserUrl = parse_url($strBrowserUrl);
110: 
111:     if (isIPv4($arrConUrl['host'])) { // is
112:         if (isIPv4($arrBrowserUrl['host'])) { // is
113:             if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) {
114:                 return '1';
115:             }
116: 
117:             return '2';
118:         } else { // isn't
119:             $arrBrowserUrl['host'] = gethostbyname($arrBrowserUrl['host']);
120:             if (!isIPv4($arrBrowserUrl['host'])) {
121:                 return '3';
122:             }
123: 
124:             if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) {
125:                 return '1';
126:             }
127: 
128:             return '2';
129:         }
130:     } else { // isn't
131:         if (isIPv4($arrBrowserUrl['host'])) { //is
132:             $tmpAddr = gethostbyaddr($arrBrowserUrl['host']);
133:             $arrBrowserUrl['host'] = str_replace('-', '.', substr($tmpAddr, 0, strpos($tmpAddr, ".")));
134: 
135:             if (isIPv4($arrBrowserUrl['host'])) {
136:                 return '3';
137:             }
138: 
139:             if (compareUrlStrings($arrConUrl, $arrBrowserUrl, true)) {
140:                 return '1';
141:             }
142: 
143:             return '2';
144:         } else { // isn't
145:             if (compareUrlStrings($arrConUrl, $arrBrowserUrl)) {
146:                 return '1';
147:             }
148: 
149:             return '2';
150:         }
151:     }
152: }
153: 
154: /**
155:  * check path informations
156:  *
157:  * checks two path informations against each other to get potential nonconformities
158:  */
159: function compareUrlStrings($arrConUrl, $arrBrowserUrl, $isIP = false) {
160:     // && $isIP == false
161:     // remove 'www.' if needed
162:     if (strpos($arrConUrl['host'], 'www.') == 0 || strpos($arrBrowserUrl['host'], 'www.') == 0) {
163:         $arrConUrl['host'] = str_replace('www.', '', $arrConUrl);
164:         $arrBrowserUrl['host'] = str_replace('www.', '', $arrBrowserUrl);
165:     }
166: 
167:     $strConUrl = $arrConUrl['scheme'] . '://' . $arrConUrl['host'] . $arrConUrl['path'];
168:     $strBrowserUrl = $arrBrowserUrl['scheme'] . '://' . $arrBrowserUrl['host'] . $arrBrowserUrl['path'];
169: 
170:     if (strcmp($strConUrl, $strBrowserUrl) != 0) {
171:         return false;
172:     }
173:     return true;
174: }
175: