source: trunk/client/modules.php@ 64

Last change on this file since 64 was 29, checked in by roby, 15 years ago

Eliminati messaggi notice di php

File size: 8.8 KB
Line 
1<?php
2
3
4/************************************************************************/
5/* Eleonline - Raccolta e diffusione dei dati elettorali */
6/* by Luciano Apolito & Roberto Gigli */
7/* http://www.eleonline.it */
8/* info@eleonline.it luciano@aniene.net rgigli@libero.it */
9/************************************************************************/
10
11define('MODULE_FILE', true);
12
13// Additional security (Union, CLike, XSS)
14
15// We want to use the function stripos,
16// but thats only available since PHP5.
17// So we cloned the function...
18if(!function_exists('stripos')) {
19 function stripos_clone($haystack, $needle, $offset=0) {
20 return strpos(strtoupper($haystack), strtoupper($needle), $offset);
21 }
22} else {
23// But when this is PHP5, we use the original function
24 function stripos_clone($haystack, $needle, $offset=0) {
25 return stripos($haystack, $needle, $offset=0);
26 }
27}
28
29 if(isset($_SERVER['QUERY_STRING']) && (!stripos_clone($_SERVER['QUERY_STRING'], "ad_click") || !stripos_clone($_SERVER['QUERY_STRING'], "url"))) {
30 $queryString = $_SERVER['QUERY_STRING'];
31 if (stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'..') OR stripos_clone($queryString,'+') OR stripos_clone($queryString,'/*') OR stripos_clone($queryString,'*/union/*') OR stripos_clone($queryString,'c2nyaxb0') OR stripos_clone($queryString,'+union+') OR stripos_clone($queryString,'http://') OR (stripos_clone($queryString,'cmd=') AND !stripos_clone($queryString,'&cmd')) OR (stripos_clone($queryString,'exec') AND !stripos_clone($queryString,'execu')) OR stripos_clone($queryString,'concat')) {
32 die('Operazione non consentita');
33 }
34 }
35
36foreach ($_GET as $sec_key => $secvalue) {
37 if ((preg_match("/<[^>]*script*\"?[^>]*>/i",$secvalue)) ||
38 (preg_match("/<[^>]*object*\"?[^>]*>/i", $secvalue)) ||
39 (preg_match("/<[^>]*iframe*\"?[^>]*>/i", $secvalue)) ||
40 (preg_match("/<[^>]*applet*\"?[^>]*>/i", $secvalue)) ||
41 (preg_match("/<[^>]*meta*\"?[^>]*>/i", $secvalue)) ||
42 (preg_match("/<[^>]*style*\"?[^>]*>/i", $secvalue)) ||
43 (preg_match("/<[^>]*form*\"?[^>]*>/i", $secvalue)) ||
44 (preg_match("/<[^>]*img*\"?[^>]*>/i", $secvalue)) ||
45 (preg_match("/<[^>]*onmouseover*\"?[^>]*>/i", $secvalue)) ||
46 (preg_match("/<[^>]*body*\"?[^>]*>/i", $secvalue)) ||
47 (preg_match("/\([^>]*\"?[^)]*\)/", $secvalue)) ||
48 (preg_match("/\"/", $secvalue)) ||
49 (preg_match("/inside_mod/i", $sec_key))) {
50 die ("Operazione non consentita");
51 }
52 }
53
54 foreach ($_POST as $secvalue) {
55 if ((preg_match("/<[^>]*onmouseover*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]script*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]*body*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]style*\"?[^>]*>/i", $secvalue))) {
56 die ($htmltags);
57 }
58 }
59
60// Posting from other servers in not allowed
61// Fix by Quake
62// Bug found by PeNdEjO
63if ($_SERVER['REQUEST_METHOD'] == "POST") {
64 if (isset($_SERVER['HTTP_REFERER'])) {
65 if (!stripos_clone($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) {
66 die('Posting da un altro server non consentito!');
67 } else {
68# die('<b>Attenzione:</b> il tuo browser non puo inviare gli header HTTP_REFERER al website.<br/>');
69 }
70 }
71}
72
73function jsexist(){ // controlla javascript by l.apolito 2008
74global $op,$name;
75if(!isset($_GET['js'])){
76$querystring= @preg_replace('/'.$_SERVER['DOCUMENT_ROOT'].'/i','http://'.$_SERVER['HTTP_HOST'].'/',$_SERVER['SCRIPT_FILENAME']);
77if (preg_match("/modules.php/i",$_SERVER['SCRIPT_NAME'])) $pagina="name=$name"; // reindirizza
78if (preg_match("/admin.php/i",$_SERVER['SCRIPT_NAME'])) $pagina="op=$op"; // reindirizza
79 echo "<noscript><meta http-equiv=\"refresh\" content=\"0; url=".$querystring."?js=b&amp;$pagina\"/></noscript>";
80 }
81$js=$_GET['js'];
82return $js;
83}
84
85
86
87
88
89
90session_start();//MODIFICHE PER GESTIONE SESSIONI
91// apre database
92////////////////////////
93
94include("config.php");
95
96
97
98
99if(!$dbi = mysql_connect($dbhost, $dbuname, $dbpass)){
100die("<center><img src=\"images/logo.gif\" target=\"Logo Avviso Errore\"><br/><br/><b>Ci sono dei problemi di connessione al Server $dbtype, chiediamo scusa per l'inconveniente.<br/><br/>Provate piu' tardi, Grazie.</b><br/><font color=\"#ff0000\">". mysql_error()."</font></center>");
101}
102
103if(!mysql_select_db($dbname)){
104die("<center><img src=src=\"images/logo.gif\" target=\"Logo Avviso Errore\"><br/><br/><b>Ci sono dei problemi di connessione al DataBase $dbtype, chiediamo scusa per l'inconveniente.<br/><br/>Provate piu' tardi, Grazie.</b><br/><font color=\"#ff0000\">". mysql_error()."</font></center>");
105}
106mysql_query("SET NAMES 'utf8'", $dbi);
107
108# carica i parametri di default sulla tabella
109$res = mysql_query("SELECT * FROM ".$prefix."_config" , $dbi);
110$row = mysql_fetch_array($res);
111$sitename = stripslashes($row['sitename']);
112$siteurl = $row['siteurl'];
113$site_logo = $row['site_logo'];
114$startdate = $row['startdate'];
115$adminmail = $row['adminmail'];
116$tema = $row['tema'];
117$language = $row['language'];
118$blocco = intval($row['blocco']);
119$fileout = intval($row['fileout']);
120$copyright = $row['copyright'];
121$Versione = $row['Versione'];
122$patch = $row['patch'];
123$siteistat = intval($row['siteistat']);
124$multicomune = intval($row['multicomune']);
125$flash = intval($row['flash']);
126$displayerrors = $row['displayerrors'];
127$gkey = $row['gkey'];
128$googlemaps = intval($row['googlemaps']);
129$editor = intval($row['editor']);
130$tema_on = intval($row['tema_on']);
131$ed_user = $row['ed_user'];
132# altre config
133$res = mysql_query("SELECT * FROM ".$prefix."_ele_comuni where id_comune='$siteistat' ", $dbi);
134$row = mysql_fetch_array($res);
135$id_cons_pred = intval($row['id_cons']);
136if($id_cons_pred=='0')$id_cons_pred='';
137if(!isset($id_cons_gen)) $id_cons_gen=$id_cons_pred;
138# carica il metodo d'hontd
139$res = mysql_query("SELECT * FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_gen' ", $dbi);
140$row = mysql_fetch_array($res);
141
142
143
144
145$param=strip_tags(strtolower($_SERVER['REQUEST_METHOD'])) == 'get' ? $_GET : $_POST;
146////////////////////
147#funzione di backup
148if (isset($param['op']) and $param['op']=='backup')
149{
150$id_cons_bak=intval($param['id_cons_gen']);
151if (isset($param['id_comune'])) $id_combak=intval($param['id_comune']); else $id_combak=$_SESSION['id_comune'];
152$res = mysql_query("SELECT id_cons,id_conf FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_bak' and id_comune='$id_combak'" , $dbi);
153list($id_cons,$hondt) = mysql_fetch_row($res);
154
155// incluso in consiglieri.php, ma io carico le vecchie variabili per compatibilit'a all'indietro
156if($hondt>=1){
157# proiezione consiglio
158 $res = mysql_query("SELECT * FROM ".$prefix."_ele_conf where id_conf='$hondt'", $dbi);
159 $row = mysql_fetch_array($res);
160 $descrizione_consiglio = $row['descrizione'];
161 $LIMITE = intval($row['limite']);
162 $CONSIN = intval($row['consin']);
163 $INFPREMIO=intval($row['infpremio']);
164 $SUPSBARRAMENTO=intval($row['supsbarramento']);
165 $SUPMINPREMIO=intval($row['supminpremio']);
166 $SUPPREMIO=intval($row['suppremio']);
167 $LISTINFSBAR=intval($row['listinfsbar']);
168 $LISTINFCONTA=intval($row['listinfconta']);
169 $LISTSUPCONTA=intval($row['listsupconta']);
170 $SUPMINPREMIO=intval($row['supminpremio']);
171 $INFMINPREMIO=intval($row['infminpremio']);
172}
173
174
175include("modules/Elezioni/backup.php");
176die();
177}
178///////////////////
179// lingua x demo
180if (isset($param['newl'])){
181 $newl=$param['newl'];
182 if (file_exists("modules/Elezioni/language/lang-$newl.php")){ $lang=$newl;$_SESSION['newl']="$lang";
183 }
184}
185
186// seesioni per flash, blocco e linguaggio, tour
187
188if (isset($param['block'])){
189 $blocco=$param['block'];
190 $_SESSION['newblock']="$blocco";
191 }
192if (isset($_SESSION['newblock'])) $blocco=$_SESSION['newblock'];
193
194
195
196// linguaggio
197if (isset($_SESSION['newl'])) $lang=$_SESSION['newl'];
198//else $lang=$lang;
199if (! isset($lang)) $lang=$language;
200if (strlen($lang)!=2) $lang=$language;
201
202// flash x demo
203if (isset($param['flash'])){
204 $flash=$param['flash'];
205 $_SESSION['newflash']="$flash";
206 }
207if (isset($_SESSION['newflash'])) $flash=$_SESSION['newflash'];
208
209if (isset($param['tema'])){
210 $tema=$param['tema'];
211 $tema=htmlentities($tema); // evita xss
212 if(preg_match("/%/i", $tema)) $tema="default";// evita xss
213 $_SESSION['newtema']="$tema";
214 }
215if (isset($_SESSION['newtema'])) {
216 $tema=$_SESSION['newtema'];
217 if (preg_match("/%/i",$_SESSION['newtema'])) $_SESSION['newtema']="default"; // xss
218}
219$PHP_SELF=$_SERVER['PHP_SELF'];
220$file=(isset($_GET['file'])) ? $_GET['file']:"index";
221$name=(isset($_GET['name'])) ? $_GET['name']:"Elezioni";
222//$op= (isset($_GET['op'])) ? $_GET['op']:"gruppo";
223$name=htmlentities($name);
224$file=htmlentities($file);
225#$id_comune=intval($id_comune);
226
227$modpath = "modules/$name/$file.php";
228//if (!$op) $op="gruppo";
229if (file_exists($modpath)) {
230 include($modpath);
231} else {
232 die ("Sorry, such file doesn't exist...:$modpath");
233}
234
235
236
237
238
239
240
241?>
Note: See TracBrowser for help on using the repository browser.