Context Navigation

source: trunk/client/modules.php@ 64

Last change on this file since 64 was 29, checked in by roby, 15 years ago
Eliminati messaggi notice di php
File size: 8.8 KB

Rev	Line
[2]	1	<?php
	2
	3
	4	/************************************************************************/
	5	/* Eleonline - Raccolta e diffusione dei dati elettorali */
	6	/* by Luciano Apolito & Roberto Gigli */
	7	/* http://www.eleonline.it */
	8	/* info@eleonline.it luciano@aniene.net rgigli@libero.it */
	9	/************************************************************************/
	10
	11	define('MODULE_FILE', true);
	12
	13	// Additional security (Union, CLike, XSS)
	14
	15	// We want to use the function stripos,
	16	// but thats only available since PHP5.
	17	// So we cloned the function...
	18	if(!function_exists('stripos')) {
	19	function stripos_clone($haystack, $needle, $offset=0) {
	20	return strpos(strtoupper($haystack), strtoupper($needle), $offset);
	21	}
	22	} else {
	23	// But when this is PHP5, we use the original function
	24	function stripos_clone($haystack, $needle, $offset=0) {
	25	return stripos($haystack, $needle, $offset=0);
	26	}
	27	}
	28
	29	if(isset($_SERVER['QUERY_STRING']) && (!stripos_clone($_SERVER['QUERY_STRING'], "ad_click") \|\| !stripos_clone($_SERVER['QUERY_STRING'], "url"))) {
	30	$queryString = $_SERVER['QUERY_STRING'];
[12]	31	if (stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'..') OR stripos_clone($queryString,'+') OR stripos_clone($queryString,'/') OR stripos_clone($queryString,'/union/*') OR stripos_clone($queryString,'c2nyaxb0') OR stripos_clone($queryString,'+union+') OR stripos_clone($queryString,'http://') OR (stripos_clone($queryString,'cmd=') AND !stripos_clone($queryString,'&cmd')) OR (stripos_clone($queryString,'exec') AND !stripos_clone($queryString,'execu')) OR stripos_clone($queryString,'concat')) {
[2]	32	die('Operazione non consentita');
	33	}
	34	}
	35
	36	foreach ($_GET as $sec_key => $secvalue) {
[23]	37	if ((preg_match("/<[^>]script\"?[^>]*>/i",$secvalue)) \|\|
	38	(preg_match("/<[^>]object\"?[^>]*>/i", $secvalue)) \|\|
	39	(preg_match("/<[^>]iframe\"?[^>]*>/i", $secvalue)) \|\|
	40	(preg_match("/<[^>]applet\"?[^>]*>/i", $secvalue)) \|\|
	41	(preg_match("/<[^>]meta\"?[^>]*>/i", $secvalue)) \|\|
	42	(preg_match("/<[^>]style\"?[^>]*>/i", $secvalue)) \|\|
	43	(preg_match("/<[^>]form\"?[^>]*>/i", $secvalue)) \|\|
	44	(preg_match("/<[^>]img\"?[^>]*>/i", $secvalue)) \|\|
	45	(preg_match("/<[^>]onmouseover\"?[^>]*>/i", $secvalue)) \|\|
	46	(preg_match("/<[^>]body\"?[^>]*>/i", $secvalue)) \|\|
	47	(preg_match("/\([^>]\"?[^)]\)/", $secvalue)) \|\|
	48	(preg_match("/\"/", $secvalue)) \|\|
	49	(preg_match("/inside_mod/i", $sec_key))) {
[2]	50	die ("Operazione non consentita");
	51	}
	52	}
	53
	54	foreach ($_POST as $secvalue) {
[23]	55	if ((preg_match("/<[^>]onmouseover\"?[^>]>/i", $secvalue)) \|\| (preg_match("/<[^>]script\"?[^>]>/i", $secvalue)) \|\| (preg_match("/<[^>]body\"?[^>]>/i", $secvalue)) \|\| (preg_match("/<[^>]style\"?[^>]>/i", $secvalue))) {
[2]	56	die ($htmltags);
	57	}
	58	}
	59
	60	// Posting from other servers in not allowed
	61	// Fix by Quake
	62	// Bug found by PeNdEjO
	63	if ($_SERVER['REQUEST_METHOD'] == "POST") {
	64	if (isset($_SERVER['HTTP_REFERER'])) {
	65	if (!stripos_clone($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) {
	66	die('Posting da un altro server non consentito!');
	67	} else {
	68	# die('<b>Attenzione:</b> il tuo browser non puo inviare gli header HTTP_REFERER al website.<br/>');
	69	}
	70	}
	71	}
	72
	73	function jsexist(){ // controlla javascript by l.apolito 2008
	74	global $op,$name;
	75	if(!isset($_GET['js'])){
[23]	76	$querystring= @preg_replace('/'.$_SERVER['DOCUMENT_ROOT'].'/i','http://'.$_SERVER['HTTP_HOST'].'/',$_SERVER['SCRIPT_FILENAME']);
	77	if (preg_match("/modules.php/i",$_SERVER['SCRIPT_NAME'])) $pagina="name=$name"; // reindirizza
	78	if (preg_match("/admin.php/i",$_SERVER['SCRIPT_NAME'])) $pagina="op=$op"; // reindirizza
[2]	79	echo "<noscript><meta http-equiv=\"refresh\" content=\"0; url=".$querystring."?js=b&$pagina\"/></noscript>";
	80	}
	81	$js=$_GET['js'];
	82	return $js;
	83	}
	84
	85
	86
	87
	88
	89
	90	session_start();//MODIFICHE PER GESTIONE SESSIONI
	91	// apre database
	92	////////////////////////
	93
	94	include("config.php");
	95
	96
	97
	98
	99	if(!$dbi = mysql_connect($dbhost, $dbuname, $dbpass)){
	100	die("<center><img src=\"images/logo.gif\" target=\"Logo Avviso Errore\"><br/><br/><b>Ci sono dei problemi di connessione al Server $dbtype, chiediamo scusa per l'inconveniente.<br/><br/>Provate piu' tardi, Grazie.</b><br/><font color=\"#ff0000\">". mysql_error()."</font></center>");
	101	}
	102
	103	if(!mysql_select_db($dbname)){
	104	die("<center><img src=src=\"images/logo.gif\" target=\"Logo Avviso Errore\"><br/><br/><b>Ci sono dei problemi di connessione al DataBase $dbtype, chiediamo scusa per l'inconveniente.<br/><br/>Provate piu' tardi, Grazie.</b><br/><font color=\"#ff0000\">". mysql_error()."</font></center>");
	105	}
[23]	106	mysql_query("SET NAMES 'utf8'", $dbi);
[2]	107
	108	# carica i parametri di default sulla tabella
	109	$res = mysql_query("SELECT * FROM ".$prefix."_config" , $dbi);
	110	$row = mysql_fetch_array($res);
	111	$sitename = stripslashes($row['sitename']);
	112	$siteurl = $row['siteurl'];
	113	$site_logo = $row['site_logo'];
	114	$startdate = $row['startdate'];
	115	$adminmail = $row['adminmail'];
	116	$tema = $row['tema'];
	117	$language = $row['language'];
	118	$blocco = intval($row['blocco']);
	119	$fileout = intval($row['fileout']);
	120	$copyright = $row['copyright'];
	121	$Versione = $row['Versione'];
	122	$patch = $row['patch'];
	123	$siteistat = intval($row['siteistat']);
	124	$multicomune = intval($row['multicomune']);
	125	$flash = intval($row['flash']);
	126	$displayerrors = $row['displayerrors'];
	127	$gkey = $row['gkey'];
	128	$googlemaps = intval($row['googlemaps']);
	129	$editor = intval($row['editor']);
	130	$tema_on = intval($row['tema_on']);
	131	$ed_user = $row['ed_user'];
	132	# altre config
	133	$res = mysql_query("SELECT * FROM ".$prefix."_ele_comuni where id_comune='$siteistat' ", $dbi);
	134	$row = mysql_fetch_array($res);
	135	$id_cons_pred = intval($row['id_cons']);
	136	if($id_cons_pred=='0')$id_cons_pred='';
	137	if(!isset($id_cons_gen)) $id_cons_gen=$id_cons_pred;
	138	# carica il metodo d'hontd
	139	$res = mysql_query("SELECT * FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_gen' ", $dbi);
	140	$row = mysql_fetch_array($res);
	141
	142
	143
	144
	145	$param=strip_tags(strtolower($_SERVER['REQUEST_METHOD'])) == 'get' ? $_GET : $_POST;
	146	////////////////////
	147	#funzione di backup
	148	if (isset($param['op']) and $param['op']=='backup')
	149	{
	150	$id_cons_bak=intval($param['id_cons_gen']);
[10]	151	if (isset($param['id_comune'])) $id_combak=intval($param['id_comune']); else $id_combak=$_SESSION['id_comune'];
[2]	152	$res = mysql_query("SELECT id_cons,id_conf FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_bak' and id_comune='$id_combak'" , $dbi);
	153	list($id_cons,$hondt) = mysql_fetch_row($res);
	154
	155	// incluso in consiglieri.php, ma io carico le vecchie variabili per compatibilit'a all'indietro
	156	if($hondt>=1){
	157	# proiezione consiglio
	158	$res = mysql_query("SELECT * FROM ".$prefix."_ele_conf where id_conf='$hondt'", $dbi);
	159	$row = mysql_fetch_array($res);
	160	$descrizione_consiglio = $row['descrizione'];
	161	$LIMITE = intval($row['limite']);
	162	$CONSIN = intval($row['consin']);
	163	$INFPREMIO=intval($row['infpremio']);
	164	$SUPSBARRAMENTO=intval($row['supsbarramento']);
	165	$SUPMINPREMIO=intval($row['supminpremio']);
	166	$SUPPREMIO=intval($row['suppremio']);
	167	$LISTINFSBAR=intval($row['listinfsbar']);
	168	$LISTINFCONTA=intval($row['listinfconta']);
	169	$LISTSUPCONTA=intval($row['listsupconta']);
	170	$SUPMINPREMIO=intval($row['supminpremio']);
	171	$INFMINPREMIO=intval($row['infminpremio']);
	172	}
	173
	174
	175	include("modules/Elezioni/backup.php");
	176	die();
	177	}
	178	///////////////////
	179	// lingua x demo
	180	if (isset($param['newl'])){
	181	$newl=$param['newl'];
	182	if (file_exists("modules/Elezioni/language/lang-$newl.php")){ $lang=$newl;$_SESSION['newl']="$lang";
	183	}
	184	}
	185
	186	// seesioni per flash, blocco e linguaggio, tour
	187
	188	if (isset($param['block'])){
	189	$blocco=$param['block'];
	190	$_SESSION['newblock']="$blocco";
	191	}
	192	if (isset($_SESSION['newblock'])) $blocco=$_SESSION['newblock'];
	193
	194
	195
	196	// linguaggio
	197	if (isset($_SESSION['newl'])) $lang=$_SESSION['newl'];
	198	//else $lang=$lang;
	199	if (! isset($lang)) $lang=$language;
	200	if (strlen($lang)!=2) $lang=$language;
	201
	202	// flash x demo
	203	if (isset($param['flash'])){
	204	$flash=$param['flash'];
	205	$_SESSION['newflash']="$flash";
	206	}
	207	if (isset($_SESSION['newflash'])) $flash=$_SESSION['newflash'];
	208
	209	if (isset($param['tema'])){
	210	$tema=$param['tema'];
[12]	211	$tema=htmlentities($tema); // evita xss
[23]	212	if(preg_match("/%/i", $tema)) $tema="default";// evita xss
[2]	213	$_SESSION['newtema']="$tema";
	214	}
[29]	215	if (isset($_SESSION['newtema'])) {
	216	$tema=$_SESSION['newtema'];
	217	if (preg_match("/%/i",$_SESSION['newtema'])) $_SESSION['newtema']="default"; // xss
	218	}
[2]	219	$PHP_SELF=$_SERVER['PHP_SELF'];
	220	$file=(isset($_GET['file'])) ? $_GET['file']:"index";
	221	$name=(isset($_GET['name'])) ? $_GET['name']:"Elezioni";
	222	//$op= (isset($_GET['op'])) ? $_GET['op']:"gruppo";
[10]	223	$name=htmlentities($name);
	224	$file=htmlentities($file);
[29]	225	#$id_comune=intval($id_comune);
[10]	226
[2]	227	$modpath = "modules/$name/$file.php";
	228	//if (!$op) $op="gruppo";
	229	if (file_exists($modpath)) {
	230	include($modpath);
	231	} else {
	232	die ("Sorry, such file doesn't exist...:$modpath");
	233	}
	234
	235
	236
	237
	238
	239
	240
	241	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: