Context Navigation

source: trunk/client/modules.php@ 407

Last change on this file since 407 was 403, checked in by roby, 8 months ago
Segue correzioni alla rev 400
File size: 10.7 KB

Rev	Line
[400]	1	<?php
	2
	3	/************************************************************************/
	4	/* Eleonline - Raccolta e diffusione dei dati elettorali */
	5	/* by Luciano Apolito & Roberto Gigli */
	6	/* http://www.eleonline.it */
	7	/* info@eleonline.it luciano@aniene.net rgigli@libero.it */
	8	/************************************************************************/
	9
	10	define('MODULE_FILE', true);
	11
	12	// Additional security (Union, CLike, XSS)
	13	// We want to use the function stripos,
	14	// but thats only available since PHP5.
	15	// So we cloned the function...
	16	if(!function_exists('stripos')) {
	17	function stripos_clone($haystack, $needle, $offset=0) {
	18	return strpos(strtoupper($haystack), strtoupper($needle), $offset);
	19	}
	20	} else {
	21	// But when this is PHP5, we use the original function
	22	function stripos_clone($haystack, $needle, $offset=0) {
	23	return stripos($haystack, $needle, $offset=0);
	24	}
	25	}
	26
	27	if(isset($_SERVER['QUERY_STRING']) && (!stripos_clone($_SERVER['QUERY_STRING'], "ad_click") \|\| !stripos_clone($_SERVER['QUERY_STRING'], "url"))) {
	28	$queryString = $_SERVER['QUERY_STRING'];
	29	if (stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'..') OR stripos_clone($queryString,'+') OR stripos_clone($queryString,'/') OR stripos_clone($queryString,'/union/*') OR stripos_clone($queryString,'c2nyaxb0') OR stripos_clone($queryString,'+union+') OR stripos_clone($queryString,'http://') OR (stripos_clone($queryString,'cmd=') AND !stripos_clone($queryString,'&cmd')) OR (stripos_clone($queryString,'exec') AND !stripos_clone($queryString,'execu')) OR stripos_clone($queryString,'concat')) {
	30	die('Operazione non consentita');
	31	}
	32	}
	33
	34	foreach ($_GET as $sec_key => $secvalue) {
	35	if ((preg_match("/<[^>]script\"?[^>]*>/i",$secvalue)) \|\|
	36	(preg_match("/<[^>]object\"?[^>]*>/i", $secvalue)) \|\|
	37	(preg_match("/<[^>]iframe\"?[^>]*>/i", $secvalue)) \|\|
	38	(preg_match("/<[^>]applet\"?[^>]*>/i", $secvalue)) \|\|
	39	(preg_match("/<[^>]meta\"?[^>]*>/i", $secvalue)) \|\|
	40	(preg_match("/<[^>]style\"?[^>]*>/i", $secvalue)) \|\|
	41	(preg_match("/<[^>]form\"?[^>]*>/i", $secvalue)) \|\|
	42	(preg_match("/<[^>]img\"?[^>]*>/i", $secvalue)) \|\|
	43	(preg_match("/<[^>]onmouseover\"?[^>]*>/i", $secvalue)) \|\|
	44	(preg_match("/<[^>]body\"?[^>]*>/i", $secvalue)) \|\|
	45	(preg_match("/\([^>]\"?[^)]\)/", $secvalue)) \|\|
	46	(preg_match("/\"/", $secvalue)) \|\|
	47	(preg_match("/inside_mod/i", $sec_key))) {
	48	die ("Operazione non consentita");
	49	}
	50	}
	51
	52	foreach ($_POST as $secvalue) {
	53	if ((preg_match("/<[^>]onmouseover\"?[^>]>/i", $secvalue)) \|\| (preg_match("/<[^>]script\"?[^>]>/i", $secvalue)) \|\| (preg_match("/<[^>]body\"?[^>]>/i", $secvalue)) \|\| (preg_match("/<[^>]style\"?[^>]>/i", $secvalue))) {
	54	die ($htmltags);
	55	}
	56	}
	57
	58	// Posting from other servers in not allowed
	59	// Fix by Quake
	60	// Bug found by PeNdEjO
	61	if ($_SERVER['REQUEST_METHOD'] == "POST") {
	62	if (isset($_SERVER['HTTP_REFERER'])) {
	63	if (!stripos_clone($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) {
	64	die('Posting da un altro server non consentito!');
	65	} else {
	66	# die('<b>Attenzione:</b> il tuo browser non puo inviare gli header HTTP_REFERER al website.<br/>');
	67	}
	68	}
	69	}
	70
	71
	72	function jsexist(){ // controlla javascript by l.apolito 2008
	73	global $op,$name;
	74	if(!isset($_GET['js'])){
	75	$querystring= @preg_replace('/'.$_SERVER['DOCUMENT_ROOT'].'/i','http://'.$_SERVER['HTTP_HOST'].'/',$_SERVER['SCRIPT_FILENAME']);
	76	if (preg_match("/modules.php/i",$_SERVER['SCRIPT_NAME'])) $pagina="name=$name"; // reindirizza
	77	if (preg_match("/admin.php/i",$_SERVER['SCRIPT_NAME'])) $pagina="op=$op"; // reindirizza
	78	echo "<noscript><meta http-equiv=\"refresh\" content=\"0; url=".$querystring."?js=b&$pagina\"/></noscript>";
	79	}
	80	$js=$_GET['js'];
	81	return $js;
	82	}
	83
	84
	85
	86
	87
	88
	89	session_start();//MODIFICHE PER GESTIONE SESSIONI
[403]	90	if (!count($_SESSION)) $_SESSION['op']='gruppo';
[400]	91	// apre database
	92	////////////////////////
	93	if (file_exists("config.php")) { @require_once("config.php");$install="";}else{ $install="1";}
	94
	95
	96
	97	# verifica se effettuata la configurazione
	98	if(empty($dbname) \|\| $install=="1") {
	99	die("<html><body><div style=\"text-align:center\"><br /><br /><img src=\"modules/Elezioni/images/logo.jpg\" alt=\"Eleonline\" title=\"Eleonline\"><br /><br /><strong>Sembra che <a href='http://www.eleonline.it' title='Eleonline'>Eleonline</a> non sia stato ancora installato.<br /><br />Puoi procedere <a href='../install/index.php'>cliccando qui</a> per iniziare l'installazione</strong></div></body></html>");
	100	}
	101
	102
	103	$dbi = new PDO("mysql:host=$dbhost;charset=utf8", $dbuname, $dbpass, array(PDO::ATTR_EMULATE_PREPARES => false,
	104	PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION));
	105	$sql = "use $dbname";
	106	$dbi->exec($sql);
	107	$sth = $dbi->prepare("SET SESSION character_set_connection = 'utf8' ");
	108	$sth->execute();
	109	$sth = $dbi->prepare("SET SESSION character_set_client = 'utf8' ");
	110	$sth->execute();
	111	$sth = $dbi->prepare("SET SESSION character_set_database = 'utf8' ");
	112	$sth->execute();
	113	$sth = $dbi->prepare("SET CHARACTER SET utf8");
	114	$sth->execute();
	115
	116	$sth = $dbi->prepare("SET NAMES 'utf8'");
	117	$sth->execute();
	118
	119	# protezione csrf ottobre 2012 - by l.apolito
	120	if (file_exists("inc/csrf-magic/csrf-magic.php")) {
	121	include_once 'inc/csrf-magic/csrf-magic.php';
	122	}
	123
	124
	125	$param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
	126	if (isset($param['id_comune'])) $id_comune=intval($param['id_comune']); #else $id_comune=$siteistat;
	127	if (isset($param['id_cons_gen'])) $id_cons_gen=intval($param['id_cons_gen']);
	128
	129	# carica i parametri di default sulla tabella
	130	$sql = $dbi->prepare("SELECT * FROM ".$prefix."_config");
	131	$sql->execute();
	132	while($riga = $sql->fetchAll(PDO::FETCH_ASSOC)){$row=$riga[0];
	133	$sitename = stripslashes($row['sitename']);
	134	$siteurl = $row['siteurl'];
	135	$site_logo = $row['site_logo'];
	136	$startdate = $row['startdate'];
	137	$adminmail = $row['adminmail'];
	138	$tema = $row['tema'];
	139	$temaimpostata=$tema; #per link desktop moblie
	140	$language = $row['language'];
	141	$blocco = intval($row['blocco']);
	142	$fileout = intval($row['fileout']);
	143	$copyright = $row['copyright'];
	144	$Versione = $row['versione'];
	145	$patch = $row['patch'];
	146	$siteistat = intval($row['siteistat']);
	147	$multicomune = intval($row['multicomune']);
	148	$flash = intval($row['flash']);
	149	$displayerrors = $row['displayerrors'];
	150	$gkey = $row['gkey'];
	151	$googlemaps = intval($row['googlemaps']);
	152	$editor = intval($row['editor']);
	153	$tema_on = intval($row['tema_on']);
	154	$ed_user = $row['ed_user'];
	155	#tema mobile
	156	}
	157
	158
	159
	160	# altre config
	161	$sql = $dbi->prepare("SELECT * FROM ".$prefix."_ele_comuni where id_comune='$siteistat' ");
	162	$sql->execute();
	163	$riga = $sql->fetchAll(PDO::FETCH_ASSOC);
	164	$row=$riga[0];
	165	$id_cons_pred = intval($row['id_cons']);
	166	if($id_cons_pred=='0')$id_cons_pred='';
	167	if(!isset($id_cons_gen)) $id_cons_gen=$id_cons_pred;
	168	# carica il metodo d'hontd
	169	##$sql = $dbi->prepare("SELECT * FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_gen' ");
	170	##$sql->execute();
	171
	172	$param=strip_tags(strtolower($_SERVER['REQUEST_METHOD'])) == 'get' ? $_GET : $_POST;
	173	////////////////////
	174	#funzione di backup
	175	if (isset($param['op']) and $param['op']=='backup')
	176	{
	177	$id_cons_bak=intval($param['id_cons_gen']);
	178	if (isset($param['id_comune'])) $id_combak=intval($param['id_comune']); else $id_combak=$_SESSION['id_comune'];
	179	$sql = $dbi->prepare("SELECT id_cons,id_conf FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_bak' and id_comune='$id_combak'");
	180	$sql->execute();
	181	list($id_cons,$hondt) = $sql->fetch(PDO::FETCH_NUM);
	182
	183	// incluso in consiglieri.php, ma io carico le vecchie variabili per compatibilit'a all'indietro
	184	if($hondt>=1){
	185	# proiezione consiglio
	186	$res2 = $dbi->prepare("SELECT * FROM ".$prefix."_ele_conf where id_conf='$hondt'");
	187	$res2->execute();
	188	$row=$res2->fetch(PDO::FETCH_ASSOC);
	189
	190	$descrizione_consiglio = $row['descrizione'];
	191	$LIMITE = intval($row['limite']);
	192	$CONSIN = intval($row['consin']);
	193	$INFPREMIO=intval($row['infpremio']);
	194	$SUPSBARRAMENTO=intval($row['supsbarramento']);
	195	$SUPMINPREMIO=intval($row['supminpremio']);
	196	$SUPPREMIO=intval($row['suppremio']);
	197	$LISTINFSBAR=intval($row['listinfsbar']);
	198	$LISTINFCONTA=intval($row['listinfconta']);
	199	$LISTSUPCONTA=intval($row['listsupconta']);
	200	$SUPMINPREMIO=intval($row['supminpremio']);
	201	$INFMINPREMIO=intval($row['infminpremio']);
	202	}
	203
	204
	205	include("modules/Elezioni/backup.php");
	206	die();
	207	}
	208	///////////////////
	209	// lingua x demo
	210	if (isset($param['newl'])){
	211	$newl=$param['newl'];
	212	if (file_exists("modules/Elezioni/language/lang-$newl.php")){ $lang=$newl;$_SESSION['newl']="$lang";
	213	}
	214	}
	215
	216	// seesioni per flash, blocco e linguaggio, tour
	217
	218	if (isset($param['block'])){
	219	$blocco=$param['block'];
	220	$_SESSION['newblock']="$blocco";
	221	}
	222	if (isset($_SESSION['newblock'])) $blocco=$_SESSION['newblock'];
	223
	224
	225
	226	// linguaggio
	227	if (isset($_SESSION['newl'])) $lang=$_SESSION['newl'];
	228	//else $lang=$lang;
	229	if (! isset($lang)) $lang=$language;
	230	if (strlen($lang)!=2) $lang=$language;
	231
	232	// flash x demo
	233	if (isset($param['flash'])){
	234	$flash=$param['flash'];
	235	$_SESSION['newflash']="$flash";
	236	}
	237	if (isset($_SESSION['newflash'])) $flash=$_SESSION['newflash'];
	238
	239	if (isset($param['tema'])){
	240	$tema=$param['tema'];
	241	$tema=htmlentities($tema); // evita xss
	242	if(preg_match("/%/i", $tema)) $tema="default";// evita xss
	243	$_SESSION['newtema']="$tema";
	244
	245	}
	246	if (isset($_SESSION['newtema'])) {
	247	$tema=$_SESSION['newtema'];
	248	if (preg_match("/%/i",$_SESSION['newtema'])) $_SESSION['newtema']="default"; // xss
	249	}
	250
	251	//ritorno disabilita tema cellulare dal file backtoapp e dal footer lo riattiva
	252	if (isset($param['nocell'])){
	253	$nocell=$param['nocell'];
	254	$_SESSION['newcell']="$nocell";
	255	}
	256	if (isset($_SESSION['newcell'])) $nocell=$_SESSION['newcell'];
	257
	258
	259
	260
	261	$param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
	262	$PHP_SELF=$_SERVER['PHP_SELF'];
[402]	263	$file=(isset($param['file'])) ? htmlentities($param['file']):"index";
	264	$name=(isset($param['name'])) ? htmlentities($param['name']):"Elezioni";
	265	$op=(isset($param['op'])) ? htmlentities($param['op']):"gruppo";
	266	$id_comune=(isset($param['id_comune'])) ? intval($param['id_comune']): $siteistat;
	267	$op=(isset($param['id_cons_gen'])) ? intval($param['id_cons_gen']):$id_cons_pred;
[400]	268
	269	$modpath = "modules/$name/$file.php";
	270	if (file_exists($modpath)) {
	271	include($modpath);
	272	} else {
	273	die ("Sorry, such file doesn't exist...:$modpath");
	274	}
	275
	276
	277
	278
	279
	280
	281
	282	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: